diff --git a/Makefile.am b/Makefile.am
index 37ff1b6bc..25c806999 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -128,14 +128,8 @@ src_libbitcoin_network_la_SOURCES = \
     src/sessions/session_peer.cpp \
     src/sessions/session_seed.cpp \
     src/sessions/session_server.cpp \
-    src/ssl/wolfssl/crl.c \
-    src/ssl/wolfssl/dtls.c \
-    src/ssl/wolfssl/dtls13.c \
     src/ssl/wolfssl/internal.c \
     src/ssl/wolfssl/keys.c \
-    src/ssl/wolfssl/ocsp.c \
-    src/ssl/wolfssl/quic.c \
-    src/ssl/wolfssl/sniffer.c \
     src/ssl/wolfssl/ssl.c \
     src/ssl/wolfssl/tls.c \
     src/ssl/wolfssl/tls13.c \
@@ -155,91 +149,28 @@ src_libbitcoin_network_la_SOURCES = \
     src/ssl/wolfssl/src/ssl_sk.c \
     src/ssl/wolfssl/src/x509.c \
     src/ssl/wolfssl/src/x509_str.c \
-    src/ssl/wolfssl/wolfcrypt/aes.c \
-    src/ssl/wolfssl/wolfcrypt/arc4.c \
-    src/ssl/wolfssl/wolfcrypt/ascon.c \
-    src/ssl/wolfssl/wolfcrypt/asm.c \
     src/ssl/wolfssl/wolfcrypt/asn.c \
-    src/ssl/wolfssl/wolfcrypt/blake2b.c \
-    src/ssl/wolfssl/wolfcrypt/blake2s.c \
-    src/ssl/wolfssl/wolfcrypt/camellia.c \
     src/ssl/wolfssl/wolfcrypt/chacha.c \
     src/ssl/wolfssl/wolfcrypt/chacha20_poly1305.c \
-    src/ssl/wolfssl/wolfcrypt/cmac.c \
     src/ssl/wolfssl/wolfcrypt/coding.c \
-    src/ssl/wolfssl/wolfcrypt/compress.c \
-    src/ssl/wolfssl/wolfcrypt/cpuid.c \
     src/ssl/wolfssl/wolfcrypt/cryptocb.c \
     src/ssl/wolfssl/wolfcrypt/curve25519.c \
-    src/ssl/wolfssl/wolfcrypt/curve448.c \
-    src/ssl/wolfssl/wolfcrypt/des3.c \
-    src/ssl/wolfssl/wolfcrypt/dh.c \
-    src/ssl/wolfssl/wolfcrypt/dilithium.c \
-    src/ssl/wolfssl/wolfcrypt/dsa.c \
     src/ssl/wolfssl/wolfcrypt/ecc.c \
-    src/ssl/wolfssl/wolfcrypt/eccsi.c \
-    src/ssl/wolfssl/wolfcrypt/ed25519.c \
-    src/ssl/wolfssl/wolfcrypt/ed448.c \
     src/ssl/wolfssl/wolfcrypt/error.c \
-    src/ssl/wolfssl/wolfcrypt/ext_lms.c \
-    src/ssl/wolfssl/wolfcrypt/ext_mlkem.c \
-    src/ssl/wolfssl/wolfcrypt/ext_xmss.c \
-    src/ssl/wolfssl/wolfcrypt/falcon.c \
-    src/ssl/wolfssl/wolfcrypt/fe_448.c \
-    src/ssl/wolfssl/wolfcrypt/fe_low_mem.c \
     src/ssl/wolfssl/wolfcrypt/fe_operations.c \
-    src/ssl/wolfssl/wolfcrypt/fe_x25519_128.h \
-    src/ssl/wolfssl/wolfcrypt/ge_448.c \
-    src/ssl/wolfssl/wolfcrypt/ge_low_mem.c \
     src/ssl/wolfssl/wolfcrypt/ge_operations.c \
     src/ssl/wolfssl/wolfcrypt/hash.c \
     src/ssl/wolfssl/wolfcrypt/hmac.c \
-    src/ssl/wolfssl/wolfcrypt/hpke.c \
-    src/ssl/wolfssl/wolfcrypt/integer.c \
     src/ssl/wolfssl/wolfcrypt/kdf.c \
     src/ssl/wolfssl/wolfcrypt/logging.c \
-    src/ssl/wolfssl/wolfcrypt/md2.c \
-    src/ssl/wolfssl/wolfcrypt/md4.c \
-    src/ssl/wolfssl/wolfcrypt/md5.c \
     src/ssl/wolfssl/wolfcrypt/memory.c \
-    src/ssl/wolfssl/wolfcrypt/pkcs12.c \
-    src/ssl/wolfssl/wolfcrypt/pkcs7.c \
     src/ssl/wolfssl/wolfcrypt/poly1305.c \
-    src/ssl/wolfssl/wolfcrypt/pwdbased.c \
     src/ssl/wolfssl/wolfcrypt/random.c \
-    src/ssl/wolfssl/wolfcrypt/rc2.c \
-    src/ssl/wolfssl/wolfcrypt/ripemd.c \
-    src/ssl/wolfssl/wolfcrypt/rsa.c \
-    src/ssl/wolfssl/wolfcrypt/sakke.c \
-    src/ssl/wolfssl/wolfcrypt/sha.c \
     src/ssl/wolfssl/wolfcrypt/sha256.c \
-    src/ssl/wolfssl/wolfcrypt/sha3.c \
-    src/ssl/wolfssl/wolfcrypt/sha512.c \
     src/ssl/wolfssl/wolfcrypt/signature.c \
-    src/ssl/wolfssl/wolfcrypt/siphash.c \
-    src/ssl/wolfssl/wolfcrypt/sp_arm32.c \
-    src/ssl/wolfssl/wolfcrypt/sp_arm64.c \
-    src/ssl/wolfssl/wolfcrypt/sp_armthumb.c \
-    src/ssl/wolfssl/wolfcrypt/sp_c32.c \
-    src/ssl/wolfssl/wolfcrypt/sp_c64.c \
-    src/ssl/wolfssl/wolfcrypt/sp_cortexm.c \
-    src/ssl/wolfssl/wolfcrypt/sp_dsp32.c \
     src/ssl/wolfssl/wolfcrypt/sp_int.c \
-    src/ssl/wolfssl/wolfcrypt/sp_x86_64.c \
-    src/ssl/wolfssl/wolfcrypt/sphincs.c \
-    src/ssl/wolfssl/wolfcrypt/srp.c \
-    src/ssl/wolfssl/wolfcrypt/tfm.c \
-    src/ssl/wolfssl/wolfcrypt/wc_dsp.c \
     src/ssl/wolfssl/wolfcrypt/wc_encrypt.c \
-    src/ssl/wolfssl/wolfcrypt/wc_lms.c \
-    src/ssl/wolfssl/wolfcrypt/wc_lms_impl.c \
-    src/ssl/wolfssl/wolfcrypt/wc_mlkem.c \
-    src/ssl/wolfssl/wolfcrypt/wc_mlkem_poly.c \
-    src/ssl/wolfssl/wolfcrypt/wc_pkcs11.c \
     src/ssl/wolfssl/wolfcrypt/wc_port.c \
-    src/ssl/wolfssl/wolfcrypt/wc_xmss.c \
-    src/ssl/wolfssl/wolfcrypt/wc_xmss_impl.c \
-    src/ssl/wolfssl/wolfcrypt/wolfevent.c \
     src/ssl/wolfssl/wolfcrypt/wolfmath.c
 
 # local: test/libbitcoin-network-test
@@ -510,8 +441,8 @@ test_libbitcoin_network_test_SOURCES = \
     test/ssl/wolfssl/tests/api/test_wolfmath.h \
     test/ssl/wolfssl/tests/api/test_x509.c \
     test/ssl/wolfssl/tests/api/test_x509.h \
+    test/ssl/wolfssl/testsuite/utils.c \
     test/ssl/wolfssl/testsuite/utils.h \
-    test/ssl/wolfssl/testsuite/utils1.c \
     test/ssl/wolfssl/wolfcrypt/benchmark/benchmark.c \
     test/ssl/wolfssl/wolfcrypt/benchmark/benchmark.h \
     test/ssl/wolfssl/wolfcrypt/test/test.c \
@@ -776,13 +707,10 @@ include_bitcoin_ssl_wolfssldir = ${includedir}/bitcoin/ssl/wolfssl
 include_bitcoin_ssl_wolfssl_HEADERS = \
     include/bitcoin/ssl/wolfssl/callbacks.h \
     include/bitcoin/ssl/wolfssl/certs_test.h \
-    include/bitcoin/ssl/wolfssl/certs_test_sm.h \
-    include/bitcoin/ssl/wolfssl/crl.h \
     include/bitcoin/ssl/wolfssl/error-ssl.h \
     include/bitcoin/ssl/wolfssl/internal.h \
     include/bitcoin/ssl/wolfssl/ocsp.h \
     include/bitcoin/ssl/wolfssl/options.h \
-    include/bitcoin/ssl/wolfssl/quic.h \
     include/bitcoin/ssl/wolfssl/ssl.h \
     include/bitcoin/ssl/wolfssl/test.h \
     include/bitcoin/ssl/wolfssl/version.h \
@@ -793,13 +721,10 @@ include_bitcoin_ssl_wolfssl_openssldir = ${includedir}/bitcoin/ssl/wolfssl/opens
 include_bitcoin_ssl_wolfssl_openssl_HEADERS = \
     include/bitcoin/ssl/wolfssl/openssl/aes.h \
     include/bitcoin/ssl/wolfssl/openssl/asn1.h \
-    include/bitcoin/ssl/wolfssl/openssl/asn1t.h \
     include/bitcoin/ssl/wolfssl/openssl/bio.h \
     include/bitcoin/ssl/wolfssl/openssl/bn.h \
     include/bitcoin/ssl/wolfssl/openssl/buffer.h \
-    include/bitcoin/ssl/wolfssl/openssl/camellia.h \
     include/bitcoin/ssl/wolfssl/openssl/cmac.h \
-    include/bitcoin/ssl/wolfssl/openssl/cms.h \
     include/bitcoin/ssl/wolfssl/openssl/compat_types.h \
     include/bitcoin/ssl/wolfssl/openssl/conf.h \
     include/bitcoin/ssl/wolfssl/openssl/crypto.h \
@@ -825,10 +750,7 @@ include_bitcoin_ssl_wolfssl_openssl_HEADERS = \
     include/bitcoin/ssl/wolfssl/openssl/modes.h \
     include/bitcoin/ssl/wolfssl/openssl/obj_mac.h \
     include/bitcoin/ssl/wolfssl/openssl/objects.h \
-    include/bitcoin/ssl/wolfssl/openssl/ocsp.h \
-    include/bitcoin/ssl/wolfssl/openssl/opensslconf.h \
     include/bitcoin/ssl/wolfssl/openssl/opensslv.h \
-    include/bitcoin/ssl/wolfssl/openssl/ossl_typ.h \
     include/bitcoin/ssl/wolfssl/openssl/pem.h \
     include/bitcoin/ssl/wolfssl/openssl/pkcs12.h \
     include/bitcoin/ssl/wolfssl/openssl/pkcs7.h \
@@ -836,14 +758,11 @@ include_bitcoin_ssl_wolfssl_openssl_HEADERS = \
     include/bitcoin/ssl/wolfssl/openssl/rc4.h \
     include/bitcoin/ssl/wolfssl/openssl/ripemd.h \
     include/bitcoin/ssl/wolfssl/openssl/rsa.h \
-    include/bitcoin/ssl/wolfssl/openssl/safestack.h \
     include/bitcoin/ssl/wolfssl/openssl/sha.h \
     include/bitcoin/ssl/wolfssl/openssl/sha3.h \
-    include/bitcoin/ssl/wolfssl/openssl/srp.h \
     include/bitcoin/ssl/wolfssl/openssl/ssl.h \
     include/bitcoin/ssl/wolfssl/openssl/stack.h \
     include/bitcoin/ssl/wolfssl/openssl/tls1.h \
-    include/bitcoin/ssl/wolfssl/openssl/txt_db.h \
     include/bitcoin/ssl/wolfssl/openssl/x509.h \
     include/bitcoin/ssl/wolfssl/openssl/x509_vfy.h \
     include/bitcoin/ssl/wolfssl/openssl/x509v3.h
@@ -855,45 +774,30 @@ include_bitcoin_ssl_wolfssl_wolfcrypt_HEADERS = \
     include/bitcoin/ssl/wolfssl/wolfcrypt/ascon.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/asn.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/asn_public.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-impl.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-int.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/blake2.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/camellia.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/chacha.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/chacha20_poly1305.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/cmac.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/coding.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/compress.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/cpuid.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/cryptocb.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/curve25519.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/curve448.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/des3.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/dh.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/dilithium.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/dsa.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/ecc.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/eccsi.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/ed25519.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/ed448.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/error-crypt.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/ext_lms.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/ext_mlkem.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/ext_xmss.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/falcon.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/fe_448.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/fe_operations.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/fips_test.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/ge_448.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/ge_operations.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/hash.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/hmac.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/hpke.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/integer.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/kdf.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/libwolfssl_sources.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/libwolfssl_sources_asm.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/lms.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/logging.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/md2.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/md4.h \
@@ -901,11 +805,7 @@ include_bitcoin_ssl_wolfssl_wolfcrypt_HEADERS = \
     include/bitcoin/ssl/wolfssl/wolfcrypt/mem_track.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/memory.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/misc.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/mlkem.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_class.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_superclass.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/oid_sum.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/pkcs11.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/pkcs12.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/pkcs7.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/poly1305.h \
@@ -914,8 +814,6 @@ include_bitcoin_ssl_wolfssl_wolfcrypt_HEADERS = \
     include/bitcoin/ssl/wolfssl/wolfcrypt/rc2.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/ripemd.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/rsa.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/sakke.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/selftest.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/settings.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/sha.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/sha256.h \
@@ -923,21 +821,12 @@ include_bitcoin_ssl_wolfssl_wolfcrypt_HEADERS = \
     include/bitcoin/ssl/wolfssl/wolfcrypt/sha512.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/signature.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/siphash.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/sp.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/sp_int.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/sphincs.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/srp.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/tfm.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/types.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/user_settings.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/visibility.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/wc_encrypt.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/wc_lms.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/wc_mlkem.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/wc_pkcs11.h \
     include/bitcoin/ssl/wolfssl/wolfcrypt/wc_port.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/wc_xmss.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/wolfevent.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/wolfmath.h \
-    include/bitcoin/ssl/wolfssl/wolfcrypt/xmss.h
+    include/bitcoin/ssl/wolfssl/wolfcrypt/wolfmath.h
 
diff --git a/builds/cmake/CMakeLists.txt b/builds/cmake/CMakeLists.txt
index 98ee77682..91e836500 100644
--- a/builds/cmake/CMakeLists.txt
+++ b/builds/cmake/CMakeLists.txt
@@ -322,14 +322,8 @@ add_library( ${CANONICAL_LIB_NAME}
     "../../src/sessions/session_peer.cpp"
     "../../src/sessions/session_seed.cpp"
     "../../src/sessions/session_server.cpp"
-    "../../src/ssl/wolfssl/crl.c"
-    "../../src/ssl/wolfssl/dtls.c"
-    "../../src/ssl/wolfssl/dtls13.c"
     "../../src/ssl/wolfssl/internal.c"
     "../../src/ssl/wolfssl/keys.c"
-    "../../src/ssl/wolfssl/ocsp.c"
-    "../../src/ssl/wolfssl/quic.c"
-    "../../src/ssl/wolfssl/sniffer.c"
     "../../src/ssl/wolfssl/ssl.c"
     "../../src/ssl/wolfssl/tls.c"
     "../../src/ssl/wolfssl/tls13.c"
@@ -349,91 +343,28 @@ add_library( ${CANONICAL_LIB_NAME}
     "../../src/ssl/wolfssl/src/ssl_sk.c"
     "../../src/ssl/wolfssl/src/x509.c"
     "../../src/ssl/wolfssl/src/x509_str.c"
-    "../../src/ssl/wolfssl/wolfcrypt/aes.c"
-    "../../src/ssl/wolfssl/wolfcrypt/arc4.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ascon.c"
-    "../../src/ssl/wolfssl/wolfcrypt/asm.c"
     "../../src/ssl/wolfssl/wolfcrypt/asn.c"
-    "../../src/ssl/wolfssl/wolfcrypt/blake2b.c"
-    "../../src/ssl/wolfssl/wolfcrypt/blake2s.c"
-    "../../src/ssl/wolfssl/wolfcrypt/camellia.c"
     "../../src/ssl/wolfssl/wolfcrypt/chacha.c"
     "../../src/ssl/wolfssl/wolfcrypt/chacha20_poly1305.c"
-    "../../src/ssl/wolfssl/wolfcrypt/cmac.c"
     "../../src/ssl/wolfssl/wolfcrypt/coding.c"
-    "../../src/ssl/wolfssl/wolfcrypt/compress.c"
-    "../../src/ssl/wolfssl/wolfcrypt/cpuid.c"
     "../../src/ssl/wolfssl/wolfcrypt/cryptocb.c"
     "../../src/ssl/wolfssl/wolfcrypt/curve25519.c"
-    "../../src/ssl/wolfssl/wolfcrypt/curve448.c"
-    "../../src/ssl/wolfssl/wolfcrypt/des3.c"
-    "../../src/ssl/wolfssl/wolfcrypt/dh.c"
-    "../../src/ssl/wolfssl/wolfcrypt/dilithium.c"
-    "../../src/ssl/wolfssl/wolfcrypt/dsa.c"
     "../../src/ssl/wolfssl/wolfcrypt/ecc.c"
-    "../../src/ssl/wolfssl/wolfcrypt/eccsi.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ed25519.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ed448.c"
     "../../src/ssl/wolfssl/wolfcrypt/error.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ext_lms.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ext_mlkem.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ext_xmss.c"
-    "../../src/ssl/wolfssl/wolfcrypt/falcon.c"
-    "../../src/ssl/wolfssl/wolfcrypt/fe_448.c"
-    "../../src/ssl/wolfssl/wolfcrypt/fe_low_mem.c"
     "../../src/ssl/wolfssl/wolfcrypt/fe_operations.c"
-    "../../src/ssl/wolfssl/wolfcrypt/fe_x25519_128.h"
-    "../../src/ssl/wolfssl/wolfcrypt/ge_448.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ge_low_mem.c"
     "../../src/ssl/wolfssl/wolfcrypt/ge_operations.c"
     "../../src/ssl/wolfssl/wolfcrypt/hash.c"
     "../../src/ssl/wolfssl/wolfcrypt/hmac.c"
-    "../../src/ssl/wolfssl/wolfcrypt/hpke.c"
-    "../../src/ssl/wolfssl/wolfcrypt/integer.c"
     "../../src/ssl/wolfssl/wolfcrypt/kdf.c"
     "../../src/ssl/wolfssl/wolfcrypt/logging.c"
-    "../../src/ssl/wolfssl/wolfcrypt/md2.c"
-    "../../src/ssl/wolfssl/wolfcrypt/md4.c"
-    "../../src/ssl/wolfssl/wolfcrypt/md5.c"
     "../../src/ssl/wolfssl/wolfcrypt/memory.c"
-    "../../src/ssl/wolfssl/wolfcrypt/pkcs12.c"
-    "../../src/ssl/wolfssl/wolfcrypt/pkcs7.c"
     "../../src/ssl/wolfssl/wolfcrypt/poly1305.c"
-    "../../src/ssl/wolfssl/wolfcrypt/pwdbased.c"
     "../../src/ssl/wolfssl/wolfcrypt/random.c"
-    "../../src/ssl/wolfssl/wolfcrypt/rc2.c"
-    "../../src/ssl/wolfssl/wolfcrypt/ripemd.c"
-    "../../src/ssl/wolfssl/wolfcrypt/rsa.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sakke.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sha.c"
     "../../src/ssl/wolfssl/wolfcrypt/sha256.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sha3.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sha512.c"
     "../../src/ssl/wolfssl/wolfcrypt/signature.c"
-    "../../src/ssl/wolfssl/wolfcrypt/siphash.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_arm32.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_arm64.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_armthumb.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_c32.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_c64.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_cortexm.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_dsp32.c"
     "../../src/ssl/wolfssl/wolfcrypt/sp_int.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sp_x86_64.c"
-    "../../src/ssl/wolfssl/wolfcrypt/sphincs.c"
-    "../../src/ssl/wolfssl/wolfcrypt/srp.c"
-    "../../src/ssl/wolfssl/wolfcrypt/tfm.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_dsp.c"
     "../../src/ssl/wolfssl/wolfcrypt/wc_encrypt.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_lms.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_lms_impl.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_mlkem.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_mlkem_poly.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_pkcs11.c"
     "../../src/ssl/wolfssl/wolfcrypt/wc_port.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_xmss.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wc_xmss_impl.c"
-    "../../src/ssl/wolfssl/wolfcrypt/wolfevent.c"
     "../../src/ssl/wolfssl/wolfcrypt/wolfmath.c" )
 
 # ${CANONICAL_LIB_NAME} project specific include directory normalization for build.
@@ -761,8 +692,8 @@ if (with-tests)
         "../../test/ssl/wolfssl/tests/api/test_wolfmath.h"
         "../../test/ssl/wolfssl/tests/api/test_x509.c"
         "../../test/ssl/wolfssl/tests/api/test_x509.h"
+        "../../test/ssl/wolfssl/testsuite/utils.c"
         "../../test/ssl/wolfssl/testsuite/utils.h"
-        "../../test/ssl/wolfssl/testsuite/utils1.c"
         "../../test/ssl/wolfssl/wolfcrypt/benchmark/README.md"
         "../../test/ssl/wolfssl/wolfcrypt/benchmark/benchmark.c"
         "../../test/ssl/wolfssl/wolfcrypt/benchmark/benchmark.h"
diff --git a/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj b/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj
index 3c33064ea..8f3eb5ec0 100644
--- a/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj
+++ b/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj
@@ -447,7 +447,9 @@
       <ObjectFileName>$(IntDir)test_ssl_wolfssl_tests_utils.c.obj</ObjectFileName>
     </ClCompile>
     <ClCompile Include="..\..\..\..\test\ssl\wolfssl\tests\w64wrapper.c" />
-    <ClCompile Include="..\..\..\..\test\ssl\wolfssl\testsuite\utils1.c" />
+    <ClCompile Include="..\..\..\..\test\ssl\wolfssl\testsuite\utils.c">
+      <ObjectFileName>$(IntDir)test_ssl_wolfssl_testsuite_utils.c.obj</ObjectFileName>
+    </ClCompile>
     <ClCompile Include="..\..\..\..\test\ssl\wolfssl\wolfcrypt\benchmark\benchmark.c">
       <ObjectFileName>$(IntDir)test_ssl_wolfssl_wolfcrypt_benchmark_benchmark.c.obj</ObjectFileName>
     </ClCompile>
diff --git a/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj.filters b/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj.filters
index b3b63e611..75edd6cbe 100644
--- a/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj.filters
+++ b/builds/msvc/vs2022/libbitcoin-network-test/libbitcoin-network-test.vcxproj.filters
@@ -663,7 +663,7 @@
     <ClCompile Include="..\..\..\..\test\ssl\wolfssl\tests\w64wrapper.c">
       <Filter>src\ssl\wolfssl\tests</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\test\ssl\wolfssl\testsuite\utils1.c">
+    <ClCompile Include="..\..\..\..\test\ssl\wolfssl\testsuite\utils.c">
       <Filter>src\ssl\wolfssl\testsuite</Filter>
     </ClCompile>
     <ClCompile Include="..\..\..\..\test\ssl\wolfssl\wolfcrypt\benchmark\benchmark.c">
diff --git a/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.props b/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.props
index 8b269d475..31159e00a 100644
--- a/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.props
+++ b/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.props
@@ -40,9 +40,10 @@
       <ClCompile Update="@(ClCompile)">
         <AdditionalOptions Condition="$([System.String]::new('%(RelativeDir)').StartsWith('..\..\..\..\src\ssl\'))">/wd4189 /wd4245 /wd4267 /wd4701 /wd4702 /wd4703 %(AdditionalOptions)</AdditionalOptions>
         
-        <!-- This is only used as an inlining header, so never compile it directly. -->
-        <ExcludedFromBuild Condition="$([System.String]::new('%(RelativeDir)').StartsWith('..\..\..\..\include\bitcoin\ssl\'))">true</ExcludedFromBuild>
-        
+        <!-- These are only used as inlined headers, so never compile them directly. -->
+        <ExcludedFromBuild Condition="$([System.String]::new('%(RelativeDir)').StartsWith('..\..\..\..\scr\ssl\wolfssl\src\'))">true</ExcludedFromBuild>
+        <ExcludedFromBuild Condition="$([System.String]::new('%(RelativeDir)').StartsWith('..\..\..\..\include\bitcoin\ssl\wolfcrypt\src\'))">true</ExcludedFromBuild>
+
         <!-- Exclude wolfssl sources when ssl is deselected (requires external linkage). -->
         <ExcludedFromBuild Condition="$([System.String]::new('%(RelativeDir)').StartsWith('..\..\..\..\include\bitcoin\ssl\wolfcrypt\src\')) And '$(Option-ssl)' == 'false'">true</ExcludedFromBuild>
       </ClCompile>
diff --git a/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj b/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj
index 07dba4b11..3cde6396d 100644
--- a/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj
+++ b/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj
@@ -223,14 +223,8 @@
     <ClCompile Include="..\..\..\..\src\sessions\session_seed.cpp" />
     <ClCompile Include="..\..\..\..\src\sessions\session_server.cpp" />
     <ClCompile Include="..\..\..\..\src\settings.cpp" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\crl.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\dtls.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\dtls13.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\internal.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\keys.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\ocsp.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\quic.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\sniffer.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\src\bio.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\src\conf.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\src\evp.c" />
@@ -249,94 +243,32 @@
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\ssl.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\tls.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\tls13.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\aes.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\arc4.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ascon.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\asm.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\asn.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\blake2b.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\blake2s.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\camellia.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\chacha.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\chacha20_poly1305.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\cmac.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\coding.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\compress.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\cpuid.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\cryptocb.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\curve25519.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\curve448.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\des3.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\dh.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\dilithium.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\dsa.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ecc.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\eccsi.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ed25519.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ed448.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\error.c">
       <ObjectFileName>$(IntDir)src_ssl_wolfssl_wolfcrypt_error.c.obj</ObjectFileName>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ext_lms.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ext_mlkem.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ext_xmss.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\falcon.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_448.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_low_mem.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_operations.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ge_448.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ge_low_mem.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ge_operations.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\hash.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\hmac.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\hpke.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\integer.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\kdf.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\logging.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\md2.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\md4.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\md5.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\memory.c">
       <ObjectFileName>$(IntDir)src_ssl_wolfssl_wolfcrypt_memory.c.obj</ObjectFileName>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\pkcs12.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\pkcs7.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\poly1305.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\pwdbased.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\random.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\rc2.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ripemd.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\rsa.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sakke.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha256.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha3.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha512.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\signature.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\siphash.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_arm32.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_arm64.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_armthumb.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_c32.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_c64.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_cortexm.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_dsp32.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_int.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_x86_64.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sphincs.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\srp.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\tfm.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_dsp.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_encrypt.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_lms.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_lms_impl.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_mlkem.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_mlkem_poly.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_pkcs11.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_port.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_xmss.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_xmss_impl.c" />
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wolfevent.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wolfmath.c" />
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfio.c" />
   </ItemGroup>
@@ -502,20 +434,15 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\openssl\x509v3.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\callbacks.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\certs_test.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\certs_test_sm.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\crl.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\error-ssl.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\internal.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\ocsp.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\aes.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\asn1.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\asn1t.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\bio.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\bn.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\buffer.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\camellia.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\cmac.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\cms.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\compat_types.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\conf.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\crypto.h" />
@@ -541,10 +468,7 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\modes.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\obj_mac.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\objects.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ocsp.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\opensslconf.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\opensslv.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ossl_typ.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\pem.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\pkcs12.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\pkcs7.h" />
@@ -552,19 +476,15 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\rc4.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ripemd.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\rsa.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\safestack.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\sha.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\sha3.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\srp.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ssl.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\stack.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\tls1.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\txt_db.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\x509.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\x509_vfy.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\x509v3.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\options.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\quic.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\ssl.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\test.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\version.h" />
@@ -573,45 +493,30 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ascon.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\asn.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\asn_public.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\blake2-impl.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\blake2-int.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\blake2.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\camellia.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\chacha.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\chacha20_poly1305.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\cmac.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\coding.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\compress.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\cpuid.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\cryptocb.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\curve25519.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\curve448.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\des3.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\dh.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\dilithium.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\dsa.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ecc.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\eccsi.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ed25519.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ed448.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\error-crypt.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ext_lms.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ext_mlkem.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ext_xmss.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\falcon.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\fe_448.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\fe_operations.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\fips_test.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ge_448.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ge_operations.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\hash.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\hmac.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\hpke.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\integer.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\kdf.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\libwolfssl_sources.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\libwolfssl_sources_asm.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\lms.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\logging.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\md2.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\md4.h" />
@@ -619,11 +524,7 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mem_track.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\memory.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\misc.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mlkem.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mpi_class.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mpi_superclass.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\oid_sum.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\pkcs11.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\pkcs12.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\pkcs7.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\poly1305.h" />
@@ -632,8 +533,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\rc2.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ripemd.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\rsa.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sakke.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\selftest.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\settings.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sha.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sha256.h" />
@@ -641,26 +540,16 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sha512.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\signature.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\siphash.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sp.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sp_int.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sphincs.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\srp.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\tfm.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\types.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\user_settings.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\visibility.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_encrypt.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_lms.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_mlkem.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_pkcs11.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_port.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_xmss.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wolfevent.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wolfmath.h" />
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\xmss.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfio.h" />
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfssl.h" />
-    <ClInclude Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_x25519_128.h" />
   </ItemGroup>
   <ItemGroup>
     <None Include="..\..\..\..\include\bitcoin\network\impl\async\desubscriber.ipp" />
diff --git a/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj.filters b/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj.filters
index 8a58692b0..c8a27b68d 100644
--- a/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj.filters
+++ b/builds/msvc/vs2022/libbitcoin-network/libbitcoin-network.vcxproj.filters
@@ -450,30 +450,12 @@
     <ClCompile Include="..\..\..\..\src\settings.cpp">
       <Filter>src</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\crl.c">
-      <Filter>src\ssl\wolfssl</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\dtls.c">
-      <Filter>src\ssl\wolfssl</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\dtls13.c">
-      <Filter>src\ssl\wolfssl</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\internal.c">
       <Filter>src\ssl\wolfssl</Filter>
     </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\keys.c">
       <Filter>src\ssl\wolfssl</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\ocsp.c">
-      <Filter>src\ssl\wolfssl</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\quic.c">
-      <Filter>src\ssl\wolfssl</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\sniffer.c">
-      <Filter>src\ssl\wolfssl</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\src\bio.c">
       <Filter>src\ssl\wolfssl\src</Filter>
     </ClCompile>
@@ -528,111 +510,33 @@
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\tls13.c">
       <Filter>src\ssl\wolfssl</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\aes.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\arc4.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ascon.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\asm.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\asn.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\blake2b.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\blake2s.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\camellia.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\chacha.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\chacha20_poly1305.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\cmac.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\coding.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\compress.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\cpuid.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\cryptocb.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\curve25519.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\curve448.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\des3.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\dh.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\dilithium.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\dsa.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ecc.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\eccsi.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ed25519.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ed448.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\error.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ext_lms.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ext_mlkem.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ext_xmss.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\falcon.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_448.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_low_mem.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_operations.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ge_448.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ge_low_mem.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ge_operations.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
@@ -642,144 +546,36 @@
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\hmac.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\hpke.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\integer.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\kdf.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\logging.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\md2.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\md4.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\md5.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\memory.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\pkcs12.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\pkcs7.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\poly1305.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\pwdbased.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\random.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\rc2.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\ripemd.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\rsa.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sakke.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha256.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha3.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sha512.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\signature.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\siphash.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_arm32.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_arm64.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_armthumb.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_c32.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_c64.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_cortexm.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_dsp32.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_int.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sp_x86_64.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\sphincs.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\srp.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\tfm.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_dsp.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_encrypt.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_lms.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_lms_impl.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_mlkem.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_mlkem_poly.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_pkcs11.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_port.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_xmss.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wc_xmss_impl.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
-    <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wolfevent.c">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClCompile>
     <ClCompile Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\wolfmath.c">
       <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
     </ClCompile>
@@ -1271,12 +1067,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\certs_test.h">
       <Filter>include\bitcoin\ssl\wolfssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\certs_test_sm.h">
-      <Filter>include\bitcoin\ssl\wolfssl</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\crl.h">
-      <Filter>include\bitcoin\ssl\wolfssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\error-ssl.h">
       <Filter>include\bitcoin\ssl\wolfssl</Filter>
     </ClInclude>
@@ -1292,9 +1082,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\asn1.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\asn1t.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\bio.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
@@ -1304,15 +1091,9 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\buffer.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\camellia.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\cmac.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\cms.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\compat_types.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
@@ -1388,18 +1169,9 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\objects.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ocsp.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\opensslconf.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\opensslv.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ossl_typ.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\pem.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
@@ -1421,18 +1193,12 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\rsa.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\safestack.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\sha.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\sha3.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\srp.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\ssl.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
@@ -1442,9 +1208,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\tls1.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\txt_db.h">
-      <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\openssl\x509.h">
       <Filter>include\bitcoin\ssl\wolfssl\openssl</Filter>
     </ClInclude>
@@ -1457,9 +1220,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\options.h">
       <Filter>include\bitcoin\ssl\wolfssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\quic.h">
-      <Filter>include\bitcoin\ssl\wolfssl</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\ssl.h">
       <Filter>include\bitcoin\ssl\wolfssl</Filter>
     </ClInclude>
@@ -1484,12 +1244,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\asn_public.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\blake2-impl.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\blake2-int.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\blake2.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1508,9 +1262,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\coding.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\compress.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\cpuid.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1529,18 +1280,12 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\dh.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\dilithium.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\dsa.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ecc.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\eccsi.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ed25519.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1550,33 +1295,12 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\error-crypt.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ext_lms.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ext_mlkem.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ext_xmss.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\falcon.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\fe_448.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\fe_operations.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\fips_test.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ge_448.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\ge_operations.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\hash.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1586,21 +1310,12 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\hpke.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\integer.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\kdf.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\libwolfssl_sources.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\libwolfssl_sources_asm.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\lms.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\logging.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1622,21 +1337,9 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\misc.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mlkem.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mpi_class.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\mpi_superclass.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\oid_sum.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\pkcs11.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\pkcs12.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1661,12 +1364,6 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\rsa.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sakke.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\selftest.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\settings.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1688,21 +1385,12 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\siphash.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sp.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sp_int.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\sphincs.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\srp.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\tfm.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\types.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
@@ -1715,39 +1403,18 @@
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_encrypt.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_lms.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_mlkem.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_pkcs11.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_port.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wc_xmss.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wolfevent.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\wolfmath.h">
       <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfcrypt\xmss.h">
-      <Filter>include\bitcoin\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfio.h">
       <Filter>include\bitcoin\ssl\wolfssl</Filter>
     </ClInclude>
     <ClInclude Include="..\..\..\..\include\bitcoin\ssl\wolfssl\wolfssl.h">
       <Filter>include\bitcoin\ssl\wolfssl</Filter>
     </ClInclude>
-    <ClInclude Include="..\..\..\..\src\ssl\wolfssl\wolfcrypt\fe_x25519_128.h">
-      <Filter>src\ssl\wolfssl\wolfcrypt</Filter>
-    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <None Include="..\..\..\..\include\bitcoin\network\impl\async\desubscriber.ipp">
diff --git a/include/bitcoin/ssl/wolfssl/certs_test_sm.h b/include/bitcoin/ssl/wolfssl/certs_test_sm.h
deleted file mode 100644
index b11c222ab..000000000
--- a/include/bitcoin/ssl/wolfssl/certs_test_sm.h
+++ /dev/null
@@ -1,2913 +0,0 @@
-/* certs_test_sm.h */
-/* This file was generated using: ./gencertbuf.pl */
-
-#ifndef WOLFSSL_CERTS_TEST_SM_H
-#define WOLFSSL_CERTS_TEST_SM_H
-
-#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
-
-    /* DER Certs Begin */
-
-/* ./certs/sm2/ca-sm2.der */
-static const unsigned char ca_sm2_der[] =
-{
-        0x30, 0x82, 0x02, 0x96, 0x30, 0x82, 0x02, 0x3C, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x30, 0x81,
-        0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
-        0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
-        0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
-        0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
-        0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
-        0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x53,
-        0x4D, 0x32, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04,
-        0x0B, 0x0C, 0x08, 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x53, 0x4D,
-        0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
-        0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66,
-        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30,
-        0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
-        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x32, 0x31, 0x35,
-        0x30, 0x36, 0x32, 0x33, 0x30, 0x37, 0x5A, 0x17, 0x0D, 0x32,
-        0x35, 0x31, 0x31, 0x31, 0x31, 0x30, 0x36, 0x32, 0x33, 0x30,
-        0x37, 0x5A, 0x30, 0x81, 0xAC, 0x31, 0x0B, 0x30, 0x09, 0x06,
-        0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
-        0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
-        0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
-        0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A,
-        0x65, 0x6D, 0x61, 0x6E, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
-        0x55, 0x04, 0x0A, 0x0C, 0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53,
-        0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x31, 0x0F, 0x30, 0x0D,
-        0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x06, 0x43, 0x41, 0x2D,
-        0x73, 0x6D, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55,
-        0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F,
-        0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
-        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
-        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
-        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92,
-        0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30, 0x5A, 0x30,
-        0x14, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0x03, 0x42, 0x00, 0x04, 0x21, 0x92, 0xF7, 0xCB, 0x24,
-        0xDF, 0x64, 0x4D, 0xBA, 0xAB, 0x66, 0x7B, 0x83, 0x75, 0xA9,
-        0x29, 0xE7, 0xFF, 0x64, 0x63, 0xB6, 0xD5, 0x42, 0x80, 0x20,
-        0xBD, 0xE2, 0xE2, 0x02, 0x12, 0x3B, 0x8E, 0xB4, 0x00, 0x95,
-        0x09, 0x80, 0xCB, 0x56, 0xED, 0x4B, 0xCA, 0x8D, 0x57, 0xE6,
-        0xAE, 0x05, 0xD3, 0x76, 0x27, 0x63, 0x71, 0x39, 0x89, 0xB7,
-        0x69, 0xE6, 0x48, 0x80, 0xAE, 0xD1, 0xA9, 0x48, 0x12, 0xA3,
-        0x63, 0x30, 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E,
-        0x04, 0x16, 0x04, 0x14, 0x47, 0x0A, 0x48, 0x7E, 0xBB, 0x02,
-        0xA8, 0x5A, 0x26, 0x57, 0x2B, 0x19, 0xA9, 0x7B, 0x61, 0x8B,
-        0x7F, 0x5D, 0x99, 0x6E, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D,
-        0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x34, 0x1D, 0x79,
-        0x44, 0x15, 0x79, 0xA1, 0xB1, 0x63, 0x99, 0xE3, 0xED, 0x65,
-        0x7C, 0x64, 0x89, 0x80, 0xFF, 0xB8, 0xEC, 0x30, 0x0F, 0x06,
-        0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30,
-        0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D,
-        0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86,
-        0x30, 0x0A, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01,
-        0x83, 0x75, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x47,
-        0x4E, 0x00, 0x03, 0xAB, 0x34, 0xA1, 0xAF, 0x59, 0x39, 0x8F,
-        0x60, 0x36, 0xBF, 0x89, 0x88, 0x42, 0x41, 0x27, 0xC1, 0xDD,
-        0x57, 0xC9, 0x79, 0xCB, 0x1F, 0x56, 0x5C, 0x16, 0xB5, 0x28,
-        0xBD, 0x02, 0x21, 0x00, 0x8B, 0x2E, 0x25, 0xEB, 0x21, 0x9B,
-        0xA9, 0x2B, 0xA6, 0x6A, 0x5B, 0xDB, 0xA7, 0xC7, 0x2B, 0x11,
-        0xDF, 0x73, 0x15, 0xAD, 0xE4, 0xC5, 0xC3, 0xC2, 0xF3, 0xB4,
-        0xB4, 0x67, 0xAF, 0xD7, 0x51, 0x1C
-};
-#define sizeof_ca_sm2_der (sizeof(ca_sm2_der))
-
-/* ./certs/sm2/ca-sm2-key.der */
-static const unsigned char ca_sm2_key_der[] =
-{
-        0x30, 0x5A, 0x30, 0x14, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x03, 0x42, 0x00, 0x04, 0x21, 0x92,
-        0xF7, 0xCB, 0x24, 0xDF, 0x64, 0x4D, 0xBA, 0xAB, 0x66, 0x7B,
-        0x83, 0x75, 0xA9, 0x29, 0xE7, 0xFF, 0x64, 0x63, 0xB6, 0xD5,
-        0x42, 0x80, 0x20, 0xBD, 0xE2, 0xE2, 0x02, 0x12, 0x3B, 0x8E,
-        0xB4, 0x00, 0x95, 0x09, 0x80, 0xCB, 0x56, 0xED, 0x4B, 0xCA,
-        0x8D, 0x57, 0xE6, 0xAE, 0x05, 0xD3, 0x76, 0x27, 0x63, 0x71,
-        0x39, 0x89, 0xB7, 0x69, 0xE6, 0x48, 0x80, 0xAE, 0xD1, 0xA9,
-        0x48, 0x12
-};
-#define sizeof_ca_sm2_key_der (sizeof(ca_sm2_key_der))
-
-/* ./certs/sm2/ca-sm2-priv.der */
-static const unsigned char ca_sm2_priv_der[] =
-{
-        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x8F, 0xB9, 0xB8,
-        0x40, 0x19, 0x0E, 0x21, 0x39, 0xEB, 0xE8, 0x08, 0x7C, 0xFD,
-        0xD8, 0xA1, 0x05, 0x93, 0xA4, 0x35, 0x2C, 0xD1, 0x80, 0xE3,
-        0xBF, 0x7E, 0x48, 0x47, 0xE4, 0x05, 0x0D, 0x09, 0x41, 0xA0,
-        0x0A, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x21, 0x92, 0xF7,
-        0xCB, 0x24, 0xDF, 0x64, 0x4D, 0xBA, 0xAB, 0x66, 0x7B, 0x83,
-        0x75, 0xA9, 0x29, 0xE7, 0xFF, 0x64, 0x63, 0xB6, 0xD5, 0x42,
-        0x80, 0x20, 0xBD, 0xE2, 0xE2, 0x02, 0x12, 0x3B, 0x8E, 0xB4,
-        0x00, 0x95, 0x09, 0x80, 0xCB, 0x56, 0xED, 0x4B, 0xCA, 0x8D,
-        0x57, 0xE6, 0xAE, 0x05, 0xD3, 0x76, 0x27, 0x63, 0x71, 0x39,
-        0x89, 0xB7, 0x69, 0xE6, 0x48, 0x80, 0xAE, 0xD1, 0xA9, 0x48,
-        0x12
-};
-#define sizeof_ca_sm2_priv_der (sizeof(ca_sm2_priv_der))
-
-/* ./certs/sm2/client-sm2.der */
-static const unsigned char client_sm2_der[] =
-{
-        0x30, 0x82, 0x03, 0xC9, 0x30, 0x82, 0x03, 0x6E, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x60, 0xA0, 0x4A, 0x0B, 0x36,
-        0xEB, 0x7D, 0xE1, 0x3F, 0x74, 0x29, 0xA9, 0x29, 0xB4, 0x05,
-        0x6C, 0x17, 0xF7, 0xA6, 0xD4, 0x30, 0x0A, 0x06, 0x08, 0x2A,
-        0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x30, 0x81, 0xB0,
-        0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
-        0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
-        0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E,
-        0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07,
-        0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31,
-        0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0B,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D,
-        0x32, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B,
-        0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x73,
-        0x6D, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
-        0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C,
-        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F,
-        0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
-        0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
-        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26,
-        0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77,
-        0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30, 0x1E, 0x17, 0x0D,
-        0x32, 0x33, 0x30, 0x32, 0x31, 0x35, 0x30, 0x36, 0x32, 0x33,
-        0x30, 0x37, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x31, 0x31, 0x31,
-        0x31, 0x30, 0x36, 0x32, 0x33, 0x30, 0x37, 0x5A, 0x30, 0x81,
-        0xB0, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
-        0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
-        0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
-        0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
-        0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
-        0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73,
-        0x6D, 0x32, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
-        0x0B, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D,
-        0x73, 0x6D, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55,
-        0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F,
-        0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
-        0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
-        0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
-        0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92,
-        0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30, 0x5A, 0x30,
-        0x14, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0x03, 0x42, 0x00, 0x04, 0x3A, 0x1D, 0xE8, 0xCB, 0x4B,
-        0xD3, 0x2E, 0x3F, 0x4B, 0x07, 0x3F, 0xB0, 0x21, 0xFE, 0xC5,
-        0x9E, 0xD9, 0xCA, 0x3A, 0x93, 0x93, 0x95, 0x76, 0x1D, 0x30,
-        0xD9, 0x0B, 0xF5, 0x56, 0xED, 0x19, 0x60, 0xED, 0x01, 0x4C,
-        0xF6, 0x67, 0x1D, 0xF1, 0xAC, 0xA8, 0x74, 0x0D, 0xB2, 0x77,
-        0xC8, 0x49, 0x38, 0xE4, 0xFF, 0x4C, 0xEF, 0x8D, 0x6D, 0x87,
-        0xF6, 0x4E, 0xC7, 0xF8, 0x39, 0x74, 0x70, 0x70, 0xB5, 0xA3,
-        0x82, 0x01, 0x61, 0x30, 0x82, 0x01, 0x5D, 0x30, 0x1D, 0x06,
-        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0xE4, 0x21,
-        0xB2, 0xC5, 0xE5, 0xD4, 0x9E, 0x82, 0xCA, 0xF8, 0x67, 0xF2,
-        0x28, 0x99, 0xF6, 0x85, 0xE8, 0xF1, 0x55, 0xEF, 0x30, 0x81,
-        0xF0, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x81, 0xE8, 0x30,
-        0x81, 0xE5, 0x80, 0x14, 0xE4, 0x21, 0xB2, 0xC5, 0xE5, 0xD4,
-        0x9E, 0x82, 0xCA, 0xF8, 0x67, 0xF2, 0x28, 0x99, 0xF6, 0x85,
-        0xE8, 0xF1, 0x55, 0xEF, 0xA1, 0x81, 0xB6, 0xA4, 0x81, 0xB3,
-        0x30, 0x81, 0xB0, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
-        0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
-        0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E,
-        0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
-        0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D,
-        0x61, 0x6E, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04,
-        0x0A, 0x0C, 0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x5F, 0x73, 0x6D, 0x32, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
-        0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6C, 0x69, 0x65, 0x6E,
-        0x74, 0x2D, 0x73, 0x6D, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06,
-        0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
-        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
-        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E,
-        0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
-        0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A,
-        0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01,
-        0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x82,
-        0x14, 0x60, 0xA0, 0x4A, 0x0B, 0x36, 0xEB, 0x7D, 0xE1, 0x3F,
-        0x74, 0x29, 0xA9, 0x29, 0xB4, 0x05, 0x6C, 0x17, 0xF7, 0xA6,
-        0xD4, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05,
-        0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55,
-        0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78,
-        0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87,
-        0x04, 0x7F, 0x00, 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55,
-        0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06,
-        0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06,
-        0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x03, 0x49,
-        0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0x8F, 0xB2, 0xB5, 0x95,
-        0x8F, 0x79, 0xF6, 0x5E, 0x75, 0xE5, 0xC5, 0xE9, 0x9A, 0x12,
-        0xD2, 0x0F, 0x78, 0x9F, 0xC0, 0x1D, 0x8D, 0x1C, 0xBE, 0x6B,
-        0x0C, 0xF1, 0xF5, 0x57, 0x60, 0xDB, 0x91, 0x4F, 0x02, 0x21,
-        0x00, 0x87, 0x5E, 0x7D, 0xE4, 0xD6, 0x3A, 0xBB, 0x7B, 0x98,
-        0x27, 0x85, 0xDE, 0x7A, 0xF0, 0x21, 0xE2, 0x66, 0xA1, 0x9F,
-        0x26, 0xE0, 0xDD, 0x86, 0x23, 0xB4, 0xC8, 0xC0, 0x46, 0x5A,
-        0xF2, 0x49, 0x8D
-};
-#define sizeof_client_sm2_der (sizeof(client_sm2_der))
-
-/* ./certs/sm2/client-sm2-key.der */
-static const unsigned char client_sm2_key_der[] =
-{
-        0x30, 0x5A, 0x30, 0x14, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x03, 0x42, 0x00, 0x04, 0x3A, 0x1D,
-        0xE8, 0xCB, 0x4B, 0xD3, 0x2E, 0x3F, 0x4B, 0x07, 0x3F, 0xB0,
-        0x21, 0xFE, 0xC5, 0x9E, 0xD9, 0xCA, 0x3A, 0x93, 0x93, 0x95,
-        0x76, 0x1D, 0x30, 0xD9, 0x0B, 0xF5, 0x56, 0xED, 0x19, 0x60,
-        0xED, 0x01, 0x4C, 0xF6, 0x67, 0x1D, 0xF1, 0xAC, 0xA8, 0x74,
-        0x0D, 0xB2, 0x77, 0xC8, 0x49, 0x38, 0xE4, 0xFF, 0x4C, 0xEF,
-        0x8D, 0x6D, 0x87, 0xF6, 0x4E, 0xC7, 0xF8, 0x39, 0x74, 0x70,
-        0x70, 0xB5
-};
-#define sizeof_client_sm2_key_der (sizeof(client_sm2_key_der))
-
-/* ./certs/sm2/client-sm2-priv.der */
-static const unsigned char client_sm2_priv_der[] =
-{
-        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xD0, 0xA2, 0xDF,
-        0x49, 0x7A, 0x2D, 0xDF, 0x02, 0xC9, 0xCE, 0xB7, 0xF2, 0x37,
-        0x02, 0x0D, 0xDD, 0xFC, 0x08, 0xB8, 0xDE, 0x14, 0x93, 0x7A,
-        0x53, 0x26, 0x49, 0xD5, 0xFE, 0x02, 0xD9, 0xF3, 0x71, 0xA0,
-        0x0A, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x3A, 0x1D, 0xE8,
-        0xCB, 0x4B, 0xD3, 0x2E, 0x3F, 0x4B, 0x07, 0x3F, 0xB0, 0x21,
-        0xFE, 0xC5, 0x9E, 0xD9, 0xCA, 0x3A, 0x93, 0x93, 0x95, 0x76,
-        0x1D, 0x30, 0xD9, 0x0B, 0xF5, 0x56, 0xED, 0x19, 0x60, 0xED,
-        0x01, 0x4C, 0xF6, 0x67, 0x1D, 0xF1, 0xAC, 0xA8, 0x74, 0x0D,
-        0xB2, 0x77, 0xC8, 0x49, 0x38, 0xE4, 0xFF, 0x4C, 0xEF, 0x8D,
-        0x6D, 0x87, 0xF6, 0x4E, 0xC7, 0xF8, 0x39, 0x74, 0x70, 0x70,
-        0xB5
-};
-#define sizeof_client_sm2_priv_der (sizeof(client_sm2_priv_der))
-
-/* ./certs/sm2/root-sm2.der */
-static const unsigned char root_sm2_der[] =
-{
-        0x30, 0x82, 0x02, 0x91, 0x30, 0x82, 0x02, 0x38, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x74, 0x9C, 0xDD, 0xA4, 0xB2,
-        0x67, 0x26, 0x57, 0x29, 0xFB, 0xE9, 0x13, 0x54, 0xE0, 0x34,
-        0x08, 0x03, 0x2B, 0x70, 0xA9, 0x30, 0x0A, 0x06, 0x08, 0x2A,
-        0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x30, 0x81, 0x95,
-        0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
-        0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
-        0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E,
-        0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07,
-        0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31,
-        0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0B,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x53, 0x4D,
-        0x32, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0B,
-        0x0C, 0x08, 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x53, 0x4D, 0x32,
-        0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C,
-        0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73,
-        0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D,
-        0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
-        0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
-        0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30,
-        0x1E, 0x17, 0x0D, 0x32, 0x33, 0x30, 0x32, 0x31, 0x35, 0x30,
-        0x36, 0x32, 0x33, 0x30, 0x37, 0x5A, 0x17, 0x0D, 0x32, 0x35,
-        0x31, 0x31, 0x31, 0x31, 0x30, 0x36, 0x32, 0x33, 0x30, 0x37,
-        0x5A, 0x30, 0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03,
-        0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30,
-        0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F,
-        0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06,
-        0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65,
-        0x6D, 0x61, 0x6E, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
-        0x04, 0x0A, 0x0C, 0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53,
-        0x4C, 0x5F, 0x53, 0x4D, 0x32, 0x31, 0x11, 0x30, 0x0F, 0x06,
-        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x08, 0x52, 0x6F, 0x6F, 0x74,
-        0x2D, 0x53, 0x4D, 0x32, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
-        0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
-        0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
-        0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x30, 0x5A, 0x30, 0x14, 0x06, 0x08, 0x2A,
-        0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D, 0x06, 0x08, 0x2A,
-        0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D, 0x03, 0x42, 0x00,
-        0x04, 0xBB, 0x9C, 0x75, 0x8C, 0xF7, 0x17, 0xF8, 0x48, 0xAB,
-        0xF7, 0xF6, 0xDB, 0x0D, 0x9A, 0x8D, 0x9F, 0xC2, 0xD1, 0x47,
-        0x97, 0x95, 0x0B, 0x4E, 0xE6, 0x57, 0xEC, 0xC5, 0xF8, 0x57,
-        0x54, 0x71, 0x39, 0x3C, 0x79, 0xE1, 0x40, 0x3F, 0xB6, 0x51,
-        0xE9, 0x7C, 0xC7, 0xDA, 0x2D, 0xEF, 0xD2, 0xE8, 0x79, 0x81,
-        0x7B, 0xAB, 0xA3, 0x5F, 0x6B, 0x2A, 0x6C, 0x97, 0x1A, 0x5E,
-        0x8E, 0xD9, 0xD0, 0xCC, 0x04, 0xA3, 0x63, 0x30, 0x61, 0x30,
-        0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14,
-        0x34, 0x1D, 0x79, 0x44, 0x15, 0x79, 0xA1, 0xB1, 0x63, 0x99,
-        0xE3, 0xED, 0x65, 0x7C, 0x64, 0x89, 0x80, 0xFF, 0xB8, 0xEC,
-        0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30,
-        0x16, 0x80, 0x14, 0x34, 0x1D, 0x79, 0x44, 0x15, 0x79, 0xA1,
-        0xB1, 0x63, 0x99, 0xE3, 0xED, 0x65, 0x7C, 0x64, 0x89, 0x80,
-        0xFF, 0xB8, 0xEC, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13,
-        0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF,
-        0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF,
-        0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x03, 0x47,
-        0x00, 0x30, 0x44, 0x02, 0x20, 0x03, 0x27, 0x29, 0xF0, 0xEF,
-        0x78, 0x26, 0xA1, 0x1A, 0x6A, 0x1E, 0x88, 0x81, 0xE7, 0x83,
-        0x72, 0x5F, 0x3E, 0xE6, 0x08, 0xE8, 0x14, 0x68, 0xBF, 0x4B,
-        0x0F, 0x68, 0x52, 0x92, 0xAA, 0x8F, 0xA1, 0x02, 0x20, 0x0B,
-        0xFE, 0x1B, 0x14, 0xBA, 0x51, 0x82, 0x65, 0x06, 0xBB, 0x22,
-        0xD8, 0x1A, 0xA7, 0x9F, 0x54, 0x62, 0xEB, 0x8D, 0xB2, 0xD5,
-        0x13, 0xB3, 0xB8, 0xA2, 0xF3, 0x14, 0x44, 0xB2, 0xA0, 0x21,
-        0xD0
-};
-#define sizeof_root_sm2_der (sizeof(root_sm2_der))
-
-/* ./certs/sm2/root-sm2-key.der */
-static const unsigned char root_sm2_key_der[] =
-{
-        0x30, 0x5A, 0x30, 0x14, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x9C,
-        0x75, 0x8C, 0xF7, 0x17, 0xF8, 0x48, 0xAB, 0xF7, 0xF6, 0xDB,
-        0x0D, 0x9A, 0x8D, 0x9F, 0xC2, 0xD1, 0x47, 0x97, 0x95, 0x0B,
-        0x4E, 0xE6, 0x57, 0xEC, 0xC5, 0xF8, 0x57, 0x54, 0x71, 0x39,
-        0x3C, 0x79, 0xE1, 0x40, 0x3F, 0xB6, 0x51, 0xE9, 0x7C, 0xC7,
-        0xDA, 0x2D, 0xEF, 0xD2, 0xE8, 0x79, 0x81, 0x7B, 0xAB, 0xA3,
-        0x5F, 0x6B, 0x2A, 0x6C, 0x97, 0x1A, 0x5E, 0x8E, 0xD9, 0xD0,
-        0xCC, 0x04
-};
-#define sizeof_root_sm2_key_der (sizeof(root_sm2_key_der))
-
-/* ./certs/sm2/root-sm2-priv.der */
-static const unsigned char root_sm2_priv_der[] =
-{
-        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xC6, 0x6B, 0x34,
-        0x4C, 0x33, 0x37, 0x5B, 0x64, 0x16, 0x5A, 0x7F, 0x04, 0xF9,
-        0xFC, 0x87, 0x30, 0xD1, 0x15, 0xBA, 0x58, 0x78, 0xEE, 0x07,
-        0x98, 0x20, 0x26, 0xE1, 0x06, 0x8D, 0x51, 0x8A, 0x28, 0xA0,
-        0x0A, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x9C, 0x75,
-        0x8C, 0xF7, 0x17, 0xF8, 0x48, 0xAB, 0xF7, 0xF6, 0xDB, 0x0D,
-        0x9A, 0x8D, 0x9F, 0xC2, 0xD1, 0x47, 0x97, 0x95, 0x0B, 0x4E,
-        0xE6, 0x57, 0xEC, 0xC5, 0xF8, 0x57, 0x54, 0x71, 0x39, 0x3C,
-        0x79, 0xE1, 0x40, 0x3F, 0xB6, 0x51, 0xE9, 0x7C, 0xC7, 0xDA,
-        0x2D, 0xEF, 0xD2, 0xE8, 0x79, 0x81, 0x7B, 0xAB, 0xA3, 0x5F,
-        0x6B, 0x2A, 0x6C, 0x97, 0x1A, 0x5E, 0x8E, 0xD9, 0xD0, 0xCC,
-        0x04
-};
-#define sizeof_root_sm2_priv_der (sizeof(root_sm2_priv_der))
-
-/* ./certs/sm2/server-sm2.der */
-static const unsigned char server_sm2_der[] =
-{
-        0x30, 0x82, 0x02, 0xD8, 0x30, 0x82, 0x02, 0x7E, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x30, 0x81,
-        0xAC, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
-        0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
-        0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
-        0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
-        0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
-        0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73,
-        0x6D, 0x32, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04,
-        0x0B, 0x0C, 0x06, 0x43, 0x41, 0x2D, 0x73, 0x6D, 0x32, 0x31,
-        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
-        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06,
-        0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
-        0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
-        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17,
-        0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2,
-        0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x30,
-        0x32, 0x31, 0x35, 0x30, 0x36, 0x32, 0x33, 0x30, 0x37, 0x5A,
-        0x17, 0x0D, 0x32, 0x35, 0x31, 0x31, 0x31, 0x31, 0x30, 0x36,
-        0x32, 0x33, 0x30, 0x37, 0x5A, 0x30, 0x81, 0xB0, 0x31, 0x0B,
-        0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
-        0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08,
-        0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31,
-        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07,
-        0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x14, 0x30,
-        0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0B, 0x77, 0x6F,
-        0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x31,
-        0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A,
-        0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2D, 0x73, 0x6D, 0x32,
-        0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C,
-        0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73,
-        0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D,
-        0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
-        0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
-        0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
-        0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93,
-        0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77, 0x6F, 0x6C,
-        0x66, 0x53, 0x53, 0x4C, 0x30, 0x5A, 0x30, 0x14, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D, 0x03, 0x42,
-        0x00, 0x04, 0x94, 0x70, 0x2B, 0x46, 0xE4, 0x5E, 0x0F, 0x41,
-        0xFB, 0x8F, 0x2D, 0x34, 0x0A, 0x41, 0x40, 0x19, 0x5E, 0xFB,
-        0xD4, 0x1D, 0x11, 0xAC, 0xFA, 0xF5, 0x93, 0x37, 0xC6, 0xFA,
-        0x87, 0x08, 0xF7, 0x16, 0x1F, 0x2C, 0xCE, 0x30, 0x40, 0x9D,
-        0x4F, 0xA6, 0x2A, 0x0A, 0xA1, 0xD6, 0x95, 0x33, 0xC3, 0xA6,
-        0x03, 0x98, 0xE6, 0x8D, 0x05, 0x34, 0xB0, 0x97, 0x0C, 0xDE,
-        0xA4, 0xC7, 0xCF, 0x53, 0x8F, 0xD1, 0xA3, 0x81, 0x89, 0x30,
-        0x81, 0x86, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04,
-        0x16, 0x04, 0x14, 0x67, 0xAE, 0x60, 0xFF, 0x7E, 0x1B, 0x0F,
-        0x95, 0xAE, 0x1F, 0x82, 0x59, 0xF2, 0x6C, 0x56, 0x2D, 0x93,
-        0xEF, 0x17, 0x32, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23,
-        0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x47, 0x0A, 0x48, 0x7E,
-        0xBB, 0x02, 0xA8, 0x5A, 0x26, 0x57, 0x2B, 0x19, 0xA9, 0x7B,
-        0x61, 0x8B, 0x7F, 0x5D, 0x99, 0x6E, 0x30, 0x0C, 0x06, 0x03,
-        0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x02, 0x30, 0x00,
-        0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF,
-        0x04, 0x04, 0x03, 0x02, 0x03, 0xA8, 0x30, 0x13, 0x06, 0x03,
-        0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B,
-        0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x11, 0x06,
-        0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01,
-        0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x03, 0x48,
-        0x00, 0x30, 0x45, 0x02, 0x20, 0x1B, 0xCA, 0x94, 0x28, 0x7F,
-        0xF6, 0xB2, 0x0D, 0x31, 0x43, 0x50, 0xE1, 0xD5, 0x34, 0x17,
-        0xDD, 0xAF, 0x3A, 0xDE, 0x81, 0x06, 0x67, 0x9A, 0xB3, 0x06,
-        0x22, 0x7E, 0x64, 0xEC, 0xFD, 0x0E, 0xB9, 0x02, 0x21, 0x00,
-        0xA1, 0x48, 0xA8, 0x32, 0xD1, 0x05, 0x09, 0x6B, 0x1C, 0xEB,
-        0x89, 0x12, 0x66, 0xD8, 0x38, 0xA1, 0xC4, 0x5C, 0x89, 0x09,
-        0x0F, 0xFD, 0xE9, 0xC0, 0x3B, 0x1D, 0xFB, 0xCD, 0xB5, 0x4C,
-        0x31, 0x68
-};
-#define sizeof_server_sm2_der (sizeof(server_sm2_der))
-
-/* ./certs/sm2/server-sm2-cert.der */
-static const unsigned char server_sm2_cert_der[] =
-{
-        0x30, 0x82, 0x02, 0xD8, 0x30, 0x82, 0x02, 0x7E, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x30, 0x81,
-        0xAC, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
-        0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
-        0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
-        0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04,
-        0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C,
-        0x0B, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73,
-        0x6D, 0x32, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04,
-        0x0B, 0x0C, 0x06, 0x43, 0x41, 0x2D, 0x73, 0x6D, 0x32, 0x31,
-        0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F,
-        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06,
-        0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
-        0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
-        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17,
-        0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2,
-        0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x30,
-        0x32, 0x31, 0x35, 0x30, 0x36, 0x32, 0x33, 0x30, 0x37, 0x5A,
-        0x17, 0x0D, 0x32, 0x35, 0x31, 0x31, 0x31, 0x31, 0x30, 0x36,
-        0x32, 0x33, 0x30, 0x37, 0x5A, 0x30, 0x81, 0xB0, 0x31, 0x0B,
-        0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
-        0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08,
-        0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31,
-        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07,
-        0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x14, 0x30,
-        0x12, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0B, 0x77, 0x6F,
-        0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x31,
-        0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A,
-        0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2D, 0x73, 0x6D, 0x32,
-        0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C,
-        0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73,
-        0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D,
-        0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09,
-        0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
-        0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31,
-        0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26, 0x89, 0x93,
-        0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77, 0x6F, 0x6C,
-        0x66, 0x53, 0x53, 0x4C, 0x30, 0x5A, 0x30, 0x14, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82, 0x2D, 0x03, 0x42,
-        0x00, 0x04, 0x94, 0x70, 0x2B, 0x46, 0xE4, 0x5E, 0x0F, 0x41,
-        0xFB, 0x8F, 0x2D, 0x34, 0x0A, 0x41, 0x40, 0x19, 0x5E, 0xFB,
-        0xD4, 0x1D, 0x11, 0xAC, 0xFA, 0xF5, 0x93, 0x37, 0xC6, 0xFA,
-        0x87, 0x08, 0xF7, 0x16, 0x1F, 0x2C, 0xCE, 0x30, 0x40, 0x9D,
-        0x4F, 0xA6, 0x2A, 0x0A, 0xA1, 0xD6, 0x95, 0x33, 0xC3, 0xA6,
-        0x03, 0x98, 0xE6, 0x8D, 0x05, 0x34, 0xB0, 0x97, 0x0C, 0xDE,
-        0xA4, 0xC7, 0xCF, 0x53, 0x8F, 0xD1, 0xA3, 0x81, 0x89, 0x30,
-        0x81, 0x86, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04,
-        0x16, 0x04, 0x14, 0x67, 0xAE, 0x60, 0xFF, 0x7E, 0x1B, 0x0F,
-        0x95, 0xAE, 0x1F, 0x82, 0x59, 0xF2, 0x6C, 0x56, 0x2D, 0x93,
-        0xEF, 0x17, 0x32, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23,
-        0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x47, 0x0A, 0x48, 0x7E,
-        0xBB, 0x02, 0xA8, 0x5A, 0x26, 0x57, 0x2B, 0x19, 0xA9, 0x7B,
-        0x61, 0x8B, 0x7F, 0x5D, 0x99, 0x6E, 0x30, 0x0C, 0x06, 0x03,
-        0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x02, 0x30, 0x00,
-        0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF,
-        0x04, 0x04, 0x03, 0x02, 0x03, 0xA8, 0x30, 0x13, 0x06, 0x03,
-        0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B,
-        0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x11, 0x06,
-        0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01,
-        0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30, 0x0A, 0x06, 0x08,
-        0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75, 0x03, 0x48,
-        0x00, 0x30, 0x45, 0x02, 0x20, 0x1B, 0xCA, 0x94, 0x28, 0x7F,
-        0xF6, 0xB2, 0x0D, 0x31, 0x43, 0x50, 0xE1, 0xD5, 0x34, 0x17,
-        0xDD, 0xAF, 0x3A, 0xDE, 0x81, 0x06, 0x67, 0x9A, 0xB3, 0x06,
-        0x22, 0x7E, 0x64, 0xEC, 0xFD, 0x0E, 0xB9, 0x02, 0x21, 0x00,
-        0xA1, 0x48, 0xA8, 0x32, 0xD1, 0x05, 0x09, 0x6B, 0x1C, 0xEB,
-        0x89, 0x12, 0x66, 0xD8, 0x38, 0xA1, 0xC4, 0x5C, 0x89, 0x09,
-        0x0F, 0xFD, 0xE9, 0xC0, 0x3B, 0x1D, 0xFB, 0xCD, 0xB5, 0x4C,
-        0x31, 0x68
-};
-#define sizeof_server_sm2_cert_der (sizeof(server_sm2_cert_der))
-
-/* ./certs/sm2/server-sm2-key.der */
-static const unsigned char server_sm2_key_der[] =
-{
-        0x30, 0x5A, 0x30, 0x14, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF,
-        0x55, 0x01, 0x82, 0x2D, 0x03, 0x42, 0x00, 0x04, 0x94, 0x70,
-        0x2B, 0x46, 0xE4, 0x5E, 0x0F, 0x41, 0xFB, 0x8F, 0x2D, 0x34,
-        0x0A, 0x41, 0x40, 0x19, 0x5E, 0xFB, 0xD4, 0x1D, 0x11, 0xAC,
-        0xFA, 0xF5, 0x93, 0x37, 0xC6, 0xFA, 0x87, 0x08, 0xF7, 0x16,
-        0x1F, 0x2C, 0xCE, 0x30, 0x40, 0x9D, 0x4F, 0xA6, 0x2A, 0x0A,
-        0xA1, 0xD6, 0x95, 0x33, 0xC3, 0xA6, 0x03, 0x98, 0xE6, 0x8D,
-        0x05, 0x34, 0xB0, 0x97, 0x0C, 0xDE, 0xA4, 0xC7, 0xCF, 0x53,
-        0x8F, 0xD1
-};
-#define sizeof_server_sm2_key_der (sizeof(server_sm2_key_der))
-
-/* ./certs/sm2/server-sm2-priv.der */
-static const unsigned char server_sm2_priv_der[] =
-{
-        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xD7, 0x33, 0xC1,
-        0xA1, 0x71, 0x98, 0xDA, 0x43, 0x81, 0x0D, 0x70, 0x42, 0x88,
-        0x63, 0xD0, 0x4C, 0x7E, 0x0F, 0x8A, 0x9B, 0x2D, 0xDA, 0x15,
-        0xAA, 0x0E, 0x5A, 0xFA, 0xED, 0x77, 0x3A, 0x43, 0xA8, 0xA0,
-        0x0A, 0x06, 0x08, 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x82,
-        0x2D, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x94, 0x70, 0x2B,
-        0x46, 0xE4, 0x5E, 0x0F, 0x41, 0xFB, 0x8F, 0x2D, 0x34, 0x0A,
-        0x41, 0x40, 0x19, 0x5E, 0xFB, 0xD4, 0x1D, 0x11, 0xAC, 0xFA,
-        0xF5, 0x93, 0x37, 0xC6, 0xFA, 0x87, 0x08, 0xF7, 0x16, 0x1F,
-        0x2C, 0xCE, 0x30, 0x40, 0x9D, 0x4F, 0xA6, 0x2A, 0x0A, 0xA1,
-        0xD6, 0x95, 0x33, 0xC3, 0xA6, 0x03, 0x98, 0xE6, 0x8D, 0x05,
-        0x34, 0xB0, 0x97, 0x0C, 0xDE, 0xA4, 0xC7, 0xCF, 0x53, 0x8F,
-        0xD1
-};
-#define sizeof_server_sm2_priv_der (sizeof(server_sm2_priv_der))
-
-    /* DER Certs End */
-
-#ifdef WOLFSSL_NO_PEM
-
-    /* SM PEM Certs disabled */
-
-#else
-
-/* ./certs/sm2/ca-sm2.pem */
-static const unsigned char ca_sm2[] =
-{
-        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x44, 0x61, 0x74,
-        0x61, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20,
-        0x33, 0x20, 0x28, 0x30, 0x78, 0x32, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x65, 0x72, 0x69,
-        0x61, 0x6C, 0x20, 0x4E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A,
-        0x20, 0x31, 0x20, 0x28, 0x30, 0x78, 0x31, 0x29, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D,
-        0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x49,
-        0x73, 0x73, 0x75, 0x65, 0x72, 0x3A, 0x20, 0x43, 0x20, 0x3D,
-        0x20, 0x55, 0x53, 0x2C, 0x20, 0x53, 0x54, 0x20, 0x3D, 0x20,
-        0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C,
-        0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x5F, 0x53, 0x4D, 0x32, 0x2C, 0x20, 0x4F,
-        0x55, 0x20, 0x3D, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x53,
-        0x4D, 0x32, 0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77,
-        0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
-        0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69,
-        0x6C, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D,
-        0x20, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
-        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x56, 0x61, 0x6C, 0x69,
-        0x64, 0x69, 0x74, 0x79, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x4E, 0x6F, 0x74,
-        0x20, 0x42, 0x65, 0x66, 0x6F, 0x72, 0x65, 0x3A, 0x20, 0x46,
-        0x65, 0x62, 0x20, 0x31, 0x35, 0x20, 0x30, 0x36, 0x3A, 0x32,
-        0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30, 0x32, 0x33, 0x20,
-        0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x4E, 0x6F, 0x74, 0x20,
-        0x41, 0x66, 0x74, 0x65, 0x72, 0x20, 0x3A, 0x20, 0x4E, 0x6F,
-        0x76, 0x20, 0x31, 0x31, 0x20, 0x30, 0x36, 0x3A, 0x32, 0x33,
-        0x3A, 0x30, 0x37, 0x20, 0x32, 0x30, 0x32, 0x35, 0x20, 0x47,
-        0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x3A, 0x20,
-        0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C, 0x20, 0x53, 0x54,
-        0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61,
-        0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A, 0x65,
-        0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20, 0x77,
-        0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32,
-        0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20, 0x43, 0x41, 0x2D,
-        0x73, 0x6D, 0x32, 0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20,
-        0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61,
-        0x69, 0x6C, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20,
-        0x3D, 0x20, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
-        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20,
-        0x55, 0x49, 0x44, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x20,
-        0x50, 0x75, 0x62, 0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65, 0x79,
-        0x20, 0x49, 0x6E, 0x66, 0x6F, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50,
-        0x75, 0x62, 0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20,
-        0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A,
-        0x20, 0x73, 0x6D, 0x32, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x63, 0x2D, 0x4B, 0x65,
-        0x79, 0x3A, 0x20, 0x28, 0x32, 0x35, 0x36, 0x20, 0x62, 0x69,
-        0x74, 0x29, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x70,
-        0x75, 0x62, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x30, 0x34, 0x3A, 0x32, 0x31, 0x3A,
-        0x39, 0x32, 0x3A, 0x66, 0x37, 0x3A, 0x63, 0x62, 0x3A, 0x32,
-        0x34, 0x3A, 0x64, 0x66, 0x3A, 0x36, 0x34, 0x3A, 0x34, 0x64,
-        0x3A, 0x62, 0x61, 0x3A, 0x61, 0x62, 0x3A, 0x36, 0x36, 0x3A,
-        0x37, 0x62, 0x3A, 0x38, 0x33, 0x3A, 0x37, 0x35, 0x3A, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x61, 0x39, 0x3A, 0x32, 0x39, 0x3A, 0x65, 0x37, 0x3A, 0x66,
-        0x66, 0x3A, 0x36, 0x34, 0x3A, 0x36, 0x33, 0x3A, 0x62, 0x36,
-        0x3A, 0x64, 0x35, 0x3A, 0x34, 0x32, 0x3A, 0x38, 0x30, 0x3A,
-        0x32, 0x30, 0x3A, 0x62, 0x64, 0x3A, 0x65, 0x32, 0x3A, 0x65,
-        0x32, 0x3A, 0x30, 0x32, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x31, 0x32, 0x3A, 0x33,
-        0x62, 0x3A, 0x38, 0x65, 0x3A, 0x62, 0x34, 0x3A, 0x30, 0x30,
-        0x3A, 0x39, 0x35, 0x3A, 0x30, 0x39, 0x3A, 0x38, 0x30, 0x3A,
-        0x63, 0x62, 0x3A, 0x35, 0x36, 0x3A, 0x65, 0x64, 0x3A, 0x34,
-        0x62, 0x3A, 0x63, 0x61, 0x3A, 0x38, 0x64, 0x3A, 0x35, 0x37,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x65, 0x36, 0x3A, 0x61, 0x65, 0x3A, 0x30, 0x35,
-        0x3A, 0x64, 0x33, 0x3A, 0x37, 0x36, 0x3A, 0x32, 0x37, 0x3A,
-        0x36, 0x33, 0x3A, 0x37, 0x31, 0x3A, 0x33, 0x39, 0x3A, 0x38,
-        0x39, 0x3A, 0x62, 0x37, 0x3A, 0x36, 0x39, 0x3A, 0x65, 0x36,
-        0x3A, 0x34, 0x38, 0x3A, 0x38, 0x30, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x61, 0x65,
-        0x3A, 0x64, 0x31, 0x3A, 0x61, 0x39, 0x3A, 0x34, 0x38, 0x3A,
-        0x31, 0x32, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x41,
-        0x53, 0x4E, 0x31, 0x20, 0x4F, 0x49, 0x44, 0x3A, 0x20, 0x53,
-        0x4D, 0x32, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x65, 0x78,
-        0x74, 0x65, 0x6E, 0x73, 0x69, 0x6F, 0x6E, 0x73, 0x3A, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x53,
-        0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x4B, 0x65, 0x79,
-        0x20, 0x49, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65,
-        0x72, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x34, 0x37, 0x3A, 0x30, 0x41, 0x3A, 0x34, 0x38, 0x3A, 0x37,
-        0x45, 0x3A, 0x42, 0x42, 0x3A, 0x30, 0x32, 0x3A, 0x41, 0x38,
-        0x3A, 0x35, 0x41, 0x3A, 0x32, 0x36, 0x3A, 0x35, 0x37, 0x3A,
-        0x32, 0x42, 0x3A, 0x31, 0x39, 0x3A, 0x41, 0x39, 0x3A, 0x37,
-        0x42, 0x3A, 0x36, 0x31, 0x3A, 0x38, 0x42, 0x3A, 0x37, 0x46,
-        0x3A, 0x35, 0x44, 0x3A, 0x39, 0x39, 0x3A, 0x36, 0x45, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x41,
-        0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20, 0x4B,
-        0x65, 0x79, 0x20, 0x49, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66,
-        0x69, 0x65, 0x72, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x33, 0x34, 0x3A, 0x31, 0x44, 0x3A, 0x37, 0x39,
-        0x3A, 0x34, 0x34, 0x3A, 0x31, 0x35, 0x3A, 0x37, 0x39, 0x3A,
-        0x41, 0x31, 0x3A, 0x42, 0x31, 0x3A, 0x36, 0x33, 0x3A, 0x39,
-        0x39, 0x3A, 0x45, 0x33, 0x3A, 0x45, 0x44, 0x3A, 0x36, 0x35,
-        0x3A, 0x37, 0x43, 0x3A, 0x36, 0x34, 0x3A, 0x38, 0x39, 0x3A,
-        0x38, 0x30, 0x3A, 0x46, 0x46, 0x3A, 0x42, 0x38, 0x3A, 0x45,
-        0x43, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33,
-        0x20, 0x42, 0x61, 0x73, 0x69, 0x63, 0x20, 0x43, 0x6F, 0x6E,
-        0x73, 0x74, 0x72, 0x61, 0x69, 0x6E, 0x74, 0x73, 0x3A, 0x20,
-        0x63, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x43, 0x41, 0x3A, 0x54, 0x52,
-        0x55, 0x45, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76,
-        0x33, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x55, 0x73, 0x61, 0x67,
-        0x65, 0x3A, 0x20, 0x63, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61,
-        0x6C, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x44, 0x69,
-        0x67, 0x69, 0x74, 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E,
-        0x61, 0x74, 0x75, 0x72, 0x65, 0x2C, 0x20, 0x43, 0x65, 0x72,
-        0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x53,
-        0x69, 0x67, 0x6E, 0x2C, 0x20, 0x43, 0x52, 0x4C, 0x20, 0x53,
-        0x69, 0x67, 0x6E, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69,
-        0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C,
-        0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53,
-        0x4D, 0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D,
-        0x33, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E,
-        0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x56, 0x61, 0x6C, 0x75,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x33, 0x30, 0x3A, 0x34, 0x35, 0x3A, 0x30, 0x32, 0x3A,
-        0x32, 0x30, 0x3A, 0x34, 0x37, 0x3A, 0x34, 0x65, 0x3A, 0x30,
-        0x30, 0x3A, 0x30, 0x33, 0x3A, 0x61, 0x62, 0x3A, 0x33, 0x34,
-        0x3A, 0x61, 0x31, 0x3A, 0x61, 0x66, 0x3A, 0x35, 0x39, 0x3A,
-        0x33, 0x39, 0x3A, 0x38, 0x66, 0x3A, 0x36, 0x30, 0x3A, 0x33,
-        0x36, 0x3A, 0x62, 0x66, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x38, 0x39, 0x3A, 0x38, 0x38, 0x3A,
-        0x34, 0x32, 0x3A, 0x34, 0x31, 0x3A, 0x32, 0x37, 0x3A, 0x63,
-        0x31, 0x3A, 0x64, 0x64, 0x3A, 0x35, 0x37, 0x3A, 0x63, 0x39,
-        0x3A, 0x37, 0x39, 0x3A, 0x63, 0x62, 0x3A, 0x31, 0x66, 0x3A,
-        0x35, 0x36, 0x3A, 0x35, 0x63, 0x3A, 0x31, 0x36, 0x3A, 0x62,
-        0x35, 0x3A, 0x32, 0x38, 0x3A, 0x62, 0x64, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x32, 0x3A,
-        0x32, 0x31, 0x3A, 0x30, 0x30, 0x3A, 0x38, 0x62, 0x3A, 0x32,
-        0x65, 0x3A, 0x32, 0x35, 0x3A, 0x65, 0x62, 0x3A, 0x32, 0x31,
-        0x3A, 0x39, 0x62, 0x3A, 0x61, 0x39, 0x3A, 0x32, 0x62, 0x3A,
-        0x61, 0x36, 0x3A, 0x36, 0x61, 0x3A, 0x35, 0x62, 0x3A, 0x64,
-        0x62, 0x3A, 0x61, 0x37, 0x3A, 0x63, 0x37, 0x3A, 0x32, 0x62,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x31, 0x31, 0x3A, 0x64, 0x66, 0x3A, 0x37, 0x33, 0x3A, 0x31,
-        0x35, 0x3A, 0x61, 0x64, 0x3A, 0x65, 0x34, 0x3A, 0x63, 0x35,
-        0x3A, 0x63, 0x33, 0x3A, 0x63, 0x32, 0x3A, 0x66, 0x33, 0x3A,
-        0x62, 0x34, 0x3A, 0x62, 0x34, 0x3A, 0x36, 0x37, 0x3A, 0x61,
-        0x66, 0x3A, 0x64, 0x37, 0x3A, 0x35, 0x31, 0x3A, 0x31, 0x63,
-        0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49,
-        0x4E, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43,
-        0x41, 0x54, 0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D,
-        0x49, 0x49, 0x43, 0x6C, 0x6A, 0x43, 0x43, 0x41, 0x6A, 0x79,
-        0x67, 0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x42, 0x41,
-        0x54, 0x41, 0x4B, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A,
-        0x50, 0x56, 0x51, 0x47, 0x44, 0x64, 0x54, 0x43, 0x42, 0x6C,
-        0x54, 0x45, 0x4C, 0x4D, 0x41, 0x6B, 0x47, 0x41, 0x31, 0x55,
-        0x45, 0x42, 0x68, 0x4D, 0x43, 0x56, 0x56, 0x4D, 0x78, 0x45,
-        0x44, 0x41, 0x4F, 0x0A, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41,
-        0x67, 0x4D, 0x42, 0x30, 0x31, 0x76, 0x62, 0x6E, 0x52, 0x68,
-        0x62, 0x6D, 0x45, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67,
-        0x4E, 0x56, 0x42, 0x41, 0x63, 0x4D, 0x42, 0x30, 0x4A, 0x76,
-        0x65, 0x6D, 0x56, 0x74, 0x59, 0x57, 0x34, 0x78, 0x46, 0x44,
-        0x41, 0x53, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x6F, 0x4D,
-        0x43, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54, 0x0A, 0x55,
-        0x30, 0x78, 0x66, 0x55, 0x30, 0x30, 0x79, 0x4D, 0x52, 0x45,
-        0x77, 0x44, 0x77, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4C, 0x44,
-        0x41, 0x68, 0x53, 0x62, 0x32, 0x39, 0x30, 0x4C, 0x56, 0x4E,
-        0x4E, 0x4D, 0x6A, 0x45, 0x59, 0x4D, 0x42, 0x59, 0x47, 0x41,
-        0x31, 0x55, 0x45, 0x41, 0x77, 0x77, 0x50, 0x64, 0x33, 0x64,
-        0x33, 0x4C, 0x6E, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x7A, 0x63,
-        0x32, 0x77, 0x75, 0x0A, 0x59, 0x32, 0x39, 0x74, 0x4D, 0x52,
-        0x38, 0x77, 0x48, 0x51, 0x59, 0x4A, 0x4B, 0x6F, 0x5A, 0x49,
-        0x68, 0x76, 0x63, 0x4E, 0x41, 0x51, 0x6B, 0x42, 0x46, 0x68,
-        0x42, 0x70, 0x62, 0x6D, 0x5A, 0x76, 0x51, 0x48, 0x64, 0x76,
-        0x62, 0x47, 0x5A, 0x7A, 0x63, 0x32, 0x77, 0x75, 0x59, 0x32,
-        0x39, 0x74, 0x4D, 0x42, 0x34, 0x58, 0x44, 0x54, 0x49, 0x7A,
-        0x4D, 0x44, 0x49, 0x78, 0x4E, 0x54, 0x41, 0x32, 0x0A, 0x4D,
-        0x6A, 0x4D, 0x77, 0x4E, 0x31, 0x6F, 0x58, 0x44, 0x54, 0x49,
-        0x31, 0x4D, 0x54, 0x45, 0x78, 0x4D, 0x54, 0x41, 0x32, 0x4D,
-        0x6A, 0x4D, 0x77, 0x4E, 0x31, 0x6F, 0x77, 0x67, 0x61, 0x77,
-        0x78, 0x43, 0x7A, 0x41, 0x4A, 0x42, 0x67, 0x4E, 0x56, 0x42,
-        0x41, 0x59, 0x54, 0x41, 0x6C, 0x56, 0x54, 0x4D, 0x52, 0x41,
-        0x77, 0x44, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x49, 0x44,
-        0x41, 0x64, 0x4E, 0x0A, 0x62, 0x32, 0x35, 0x30, 0x59, 0x57,
-        0x35, 0x68, 0x4D, 0x52, 0x41, 0x77, 0x44, 0x67, 0x59, 0x44,
-        0x56, 0x51, 0x51, 0x48, 0x44, 0x41, 0x64, 0x43, 0x62, 0x33,
-        0x70, 0x6C, 0x62, 0x57, 0x46, 0x75, 0x4D, 0x52, 0x51, 0x77,
-        0x45, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4B, 0x44, 0x41,
-        0x74, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x55, 0x31, 0x4E, 0x4D,
-        0x58, 0x33, 0x4E, 0x74, 0x4D, 0x6A, 0x45, 0x50, 0x0A, 0x4D,
-        0x41, 0x30, 0x47, 0x41, 0x31, 0x55, 0x45, 0x43, 0x77, 0x77,
-        0x47, 0x51, 0x30, 0x45, 0x74, 0x63, 0x32, 0x30, 0x79, 0x4D,
-        0x52, 0x67, 0x77, 0x46, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51,
-        0x44, 0x44, 0x41, 0x39, 0x33, 0x64, 0x33, 0x63, 0x75, 0x64,
-        0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x35,
-        0x6A, 0x62, 0x32, 0x30, 0x78, 0x48, 0x7A, 0x41, 0x64, 0x42,
-        0x67, 0x6B, 0x71, 0x0A, 0x68, 0x6B, 0x69, 0x47, 0x39, 0x77,
-        0x30, 0x42, 0x43, 0x51, 0x45, 0x57, 0x45, 0x47, 0x6C, 0x75,
-        0x5A, 0x6D, 0x39, 0x41, 0x64, 0x32, 0x39, 0x73, 0x5A, 0x6E,
-        0x4E, 0x7A, 0x62, 0x43, 0x35, 0x6A, 0x62, 0x32, 0x30, 0x78,
-        0x46, 0x7A, 0x41, 0x56, 0x42, 0x67, 0x6F, 0x4A, 0x6B, 0x69,
-        0x61, 0x4A, 0x6B, 0x2F, 0x49, 0x73, 0x5A, 0x41, 0x45, 0x42,
-        0x44, 0x41, 0x64, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x0A, 0x55,
-        0x31, 0x4E, 0x4D, 0x4D, 0x46, 0x6F, 0x77, 0x46, 0x41, 0x59,
-        0x49, 0x4B, 0x6F, 0x45, 0x63, 0x7A, 0x31, 0x55, 0x42, 0x67,
-        0x69, 0x30, 0x47, 0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39,
-        0x56, 0x41, 0x59, 0x49, 0x74, 0x41, 0x30, 0x49, 0x41, 0x42,
-        0x43, 0x47, 0x53, 0x39, 0x38, 0x73, 0x6B, 0x33, 0x32, 0x52,
-        0x4E, 0x75, 0x71, 0x74, 0x6D, 0x65, 0x34, 0x4E, 0x31, 0x71,
-        0x53, 0x6E, 0x6E, 0x0A, 0x2F, 0x32, 0x52, 0x6A, 0x74, 0x74,
-        0x56, 0x43, 0x67, 0x43, 0x43, 0x39, 0x34, 0x75, 0x49, 0x43,
-        0x45, 0x6A, 0x75, 0x4F, 0x74, 0x41, 0x43, 0x56, 0x43, 0x59,
-        0x44, 0x4C, 0x56, 0x75, 0x31, 0x4C, 0x79, 0x6F, 0x31, 0x58,
-        0x35, 0x71, 0x34, 0x46, 0x30, 0x33, 0x59, 0x6E, 0x59, 0x33,
-        0x45, 0x35, 0x69, 0x62, 0x64, 0x70, 0x35, 0x6B, 0x69, 0x41,
-        0x72, 0x74, 0x47, 0x70, 0x53, 0x42, 0x4B, 0x6A, 0x0A, 0x59,
-        0x7A, 0x42, 0x68, 0x4D, 0x42, 0x30, 0x47, 0x41, 0x31, 0x55,
-        0x64, 0x44, 0x67, 0x51, 0x57, 0x42, 0x42, 0x52, 0x48, 0x43,
-        0x6B, 0x68, 0x2B, 0x75, 0x77, 0x4B, 0x6F, 0x57, 0x69, 0x5A,
-        0x58, 0x4B, 0x78, 0x6D, 0x70, 0x65, 0x32, 0x47, 0x4C, 0x66,
-        0x31, 0x32, 0x5A, 0x62, 0x6A, 0x41, 0x66, 0x42, 0x67, 0x4E,
-        0x56, 0x48, 0x53, 0x4D, 0x45, 0x47, 0x44, 0x41, 0x57, 0x67,
-        0x42, 0x51, 0x30, 0x0A, 0x48, 0x58, 0x6C, 0x45, 0x46, 0x58,
-        0x6D, 0x68, 0x73, 0x57, 0x4F, 0x5A, 0x34, 0x2B, 0x31, 0x6C,
-        0x66, 0x47, 0x53, 0x4A, 0x67, 0x50, 0x2B, 0x34, 0x37, 0x44,
-        0x41, 0x50, 0x42, 0x67, 0x4E, 0x56, 0x48, 0x52, 0x4D, 0x42,
-        0x41, 0x66, 0x38, 0x45, 0x42, 0x54, 0x41, 0x44, 0x41, 0x51,
-        0x48, 0x2F, 0x4D, 0x41, 0x34, 0x47, 0x41, 0x31, 0x55, 0x64,
-        0x44, 0x77, 0x45, 0x42, 0x2F, 0x77, 0x51, 0x45, 0x0A, 0x41,
-        0x77, 0x49, 0x42, 0x68, 0x6A, 0x41, 0x4B, 0x42, 0x67, 0x67,
-        0x71, 0x67, 0x52, 0x7A, 0x50, 0x56, 0x51, 0x47, 0x44, 0x64,
-        0x51, 0x4E, 0x49, 0x41, 0x44, 0x42, 0x46, 0x41, 0x69, 0x42,
-        0x48, 0x54, 0x67, 0x41, 0x44, 0x71, 0x7A, 0x53, 0x68, 0x72,
-        0x31, 0x6B, 0x35, 0x6A, 0x32, 0x41, 0x32, 0x76, 0x34, 0x6D,
-        0x49, 0x51, 0x6B, 0x45, 0x6E, 0x77, 0x64, 0x31, 0x58, 0x79,
-        0x58, 0x6E, 0x4C, 0x0A, 0x48, 0x31, 0x5A, 0x63, 0x46, 0x72,
-        0x55, 0x6F, 0x76, 0x51, 0x49, 0x68, 0x41, 0x49, 0x73, 0x75,
-        0x4A, 0x65, 0x73, 0x68, 0x6D, 0x36, 0x6B, 0x72, 0x70, 0x6D,
-        0x70, 0x62, 0x32, 0x36, 0x66, 0x48, 0x4B, 0x78, 0x48, 0x66,
-        0x63, 0x78, 0x57, 0x74, 0x35, 0x4D, 0x58, 0x44, 0x77, 0x76,
-        0x4F, 0x30, 0x74, 0x47, 0x65, 0x76, 0x31, 0x31, 0x45, 0x63,
-        0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20,
-        0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54,
-        0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_ca_sm2 (sizeof(ca_sm2))
-
-/* ./certs/sm2/ca-sm2-key.pem */
-static const unsigned char ca_sm2_key[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B, 0x45,
-        0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x46, 0x6F,
-        0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63, 0x7A,
-        0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43, 0x43, 0x71,
-        0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49, 0x74, 0x41,
-        0x30, 0x49, 0x41, 0x42, 0x43, 0x47, 0x53, 0x39, 0x38, 0x73,
-        0x6B, 0x33, 0x32, 0x52, 0x4E, 0x75, 0x71, 0x74, 0x6D, 0x65,
-        0x34, 0x4E, 0x31, 0x71, 0x53, 0x6E, 0x6E, 0x2F, 0x32, 0x52,
-        0x6A, 0x0A, 0x74, 0x74, 0x56, 0x43, 0x67, 0x43, 0x43, 0x39,
-        0x34, 0x75, 0x49, 0x43, 0x45, 0x6A, 0x75, 0x4F, 0x74, 0x41,
-        0x43, 0x56, 0x43, 0x59, 0x44, 0x4C, 0x56, 0x75, 0x31, 0x4C,
-        0x79, 0x6F, 0x31, 0x58, 0x35, 0x71, 0x34, 0x46, 0x30, 0x33,
-        0x59, 0x6E, 0x59, 0x33, 0x45, 0x35, 0x69, 0x62, 0x64, 0x70,
-        0x35, 0x6B, 0x69, 0x41, 0x72, 0x74, 0x47, 0x70, 0x53, 0x42,
-        0x49, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E,
-        0x44, 0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_ca_sm2_key (sizeof(ca_sm2_key))
-
-/* ./certs/sm2/ca-sm2-priv.pem */
-static const unsigned char ca_sm2_priv[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x47, 0x49, 0x41, 0x67, 0x45, 0x41, 0x4D, 0x42, 0x51, 0x47,
-        0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59,
-        0x49, 0x74, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50,
-        0x56, 0x51, 0x47, 0x43, 0x4C, 0x51, 0x52, 0x74, 0x4D, 0x47,
-        0x73, 0x43, 0x41, 0x51, 0x45, 0x45, 0x49, 0x49, 0x2B, 0x35,
-        0x75, 0x45, 0x41, 0x5A, 0x44, 0x69, 0x45, 0x35, 0x36, 0x2B,
-        0x67, 0x49, 0x0A, 0x66, 0x50, 0x33, 0x59, 0x6F, 0x51, 0x57,
-        0x54, 0x70, 0x44, 0x55, 0x73, 0x30, 0x59, 0x44, 0x6A, 0x76,
-        0x33, 0x35, 0x49, 0x52, 0x2B, 0x51, 0x46, 0x44, 0x51, 0x6C,
-        0x42, 0x6F, 0x55, 0x51, 0x44, 0x51, 0x67, 0x41, 0x45, 0x49,
-        0x5A, 0x4C, 0x33, 0x79, 0x79, 0x54, 0x66, 0x5A, 0x45, 0x32,
-        0x36, 0x71, 0x32, 0x5A, 0x37, 0x67, 0x33, 0x57, 0x70, 0x4B,
-        0x65, 0x66, 0x2F, 0x5A, 0x47, 0x4F, 0x32, 0x0A, 0x31, 0x55,
-        0x4B, 0x41, 0x49, 0x4C, 0x33, 0x69, 0x34, 0x67, 0x49, 0x53,
-        0x4F, 0x34, 0x36, 0x30, 0x41, 0x4A, 0x55, 0x4A, 0x67, 0x4D,
-        0x74, 0x57, 0x37, 0x55, 0x76, 0x4B, 0x6A, 0x56, 0x66, 0x6D,
-        0x72, 0x67, 0x58, 0x54, 0x64, 0x69, 0x64, 0x6A, 0x63, 0x54,
-        0x6D, 0x4A, 0x74, 0x32, 0x6E, 0x6D, 0x53, 0x49, 0x43, 0x75,
-        0x30, 0x61, 0x6C, 0x49, 0x45, 0x67, 0x3D, 0x3D, 0x0A, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x50, 0x52,
-        0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B, 0x45, 0x59, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_ca_sm2_priv (sizeof(ca_sm2_priv))
-
-/* ./certs/sm2/client-sm2.pem */
-static const unsigned char client_sm2[] =
-{
-        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x44, 0x61, 0x74,
-        0x61, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20,
-        0x33, 0x20, 0x28, 0x30, 0x78, 0x32, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x65, 0x72, 0x69,
-        0x61, 0x6C, 0x20, 0x4E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x36, 0x30, 0x3A, 0x61, 0x30, 0x3A, 0x34,
-        0x61, 0x3A, 0x30, 0x62, 0x3A, 0x33, 0x36, 0x3A, 0x65, 0x62,
-        0x3A, 0x37, 0x64, 0x3A, 0x65, 0x31, 0x3A, 0x33, 0x66, 0x3A,
-        0x37, 0x34, 0x3A, 0x32, 0x39, 0x3A, 0x61, 0x39, 0x3A, 0x32,
-        0x39, 0x3A, 0x62, 0x34, 0x3A, 0x30, 0x35, 0x3A, 0x36, 0x63,
-        0x3A, 0x31, 0x37, 0x3A, 0x66, 0x37, 0x3A, 0x61, 0x36, 0x3A,
-        0x64, 0x34, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65,
-        0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D,
-        0x3A, 0x20, 0x53, 0x4D, 0x32, 0x2D, 0x77, 0x69, 0x74, 0x68,
-        0x2D, 0x53, 0x4D, 0x33, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x3A,
-        0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C, 0x20, 0x53,
-        0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E,
-        0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A,
-        0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D,
-        0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20, 0x43, 0x6C,
-        0x69, 0x65, 0x6E, 0x74, 0x2D, 0x73, 0x6D, 0x32, 0x2C, 0x20,
-        0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77, 0x2E, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64, 0x64,
-        0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69, 0x6E, 0x66,
-        0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44, 0x20, 0x3D,
-        0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x56, 0x61, 0x6C,
-        0x69, 0x64, 0x69, 0x74, 0x79, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x4E, 0x6F,
-        0x74, 0x20, 0x42, 0x65, 0x66, 0x6F, 0x72, 0x65, 0x3A, 0x20,
-        0x46, 0x65, 0x62, 0x20, 0x31, 0x35, 0x20, 0x30, 0x36, 0x3A,
-        0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30, 0x32, 0x33,
-        0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x4E, 0x6F, 0x74,
-        0x20, 0x41, 0x66, 0x74, 0x65, 0x72, 0x20, 0x3A, 0x20, 0x4E,
-        0x6F, 0x76, 0x20, 0x31, 0x31, 0x20, 0x30, 0x36, 0x3A, 0x32,
-        0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30, 0x32, 0x35, 0x20,
-        0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x3A,
-        0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C, 0x20, 0x53,
-        0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E,
-        0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A,
-        0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D,
-        0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20, 0x43, 0x6C,
-        0x69, 0x65, 0x6E, 0x74, 0x2D, 0x73, 0x6D, 0x32, 0x2C, 0x20,
-        0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77, 0x2E, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64, 0x64,
-        0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69, 0x6E, 0x66,
-        0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44, 0x20, 0x3D,
-        0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x75, 0x62,
-        0x6A, 0x65, 0x63, 0x74, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69,
-        0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x6E, 0x66, 0x6F,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x63,
-        0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72,
-        0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x73, 0x6D, 0x32, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62, 0x6C,
-        0x69, 0x63, 0x2D, 0x4B, 0x65, 0x79, 0x3A, 0x20, 0x28, 0x32,
-        0x35, 0x36, 0x20, 0x62, 0x69, 0x74, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x70, 0x75, 0x62, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x30,
-        0x34, 0x3A, 0x33, 0x61, 0x3A, 0x31, 0x64, 0x3A, 0x65, 0x38,
-        0x3A, 0x63, 0x62, 0x3A, 0x34, 0x62, 0x3A, 0x64, 0x33, 0x3A,
-        0x32, 0x65, 0x3A, 0x33, 0x66, 0x3A, 0x34, 0x62, 0x3A, 0x30,
-        0x37, 0x3A, 0x33, 0x66, 0x3A, 0x62, 0x30, 0x3A, 0x32, 0x31,
-        0x3A, 0x66, 0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x63, 0x35, 0x3A, 0x39, 0x65,
-        0x3A, 0x64, 0x39, 0x3A, 0x63, 0x61, 0x3A, 0x33, 0x61, 0x3A,
-        0x39, 0x33, 0x3A, 0x39, 0x33, 0x3A, 0x39, 0x35, 0x3A, 0x37,
-        0x36, 0x3A, 0x31, 0x64, 0x3A, 0x33, 0x30, 0x3A, 0x64, 0x39,
-        0x3A, 0x30, 0x62, 0x3A, 0x66, 0x35, 0x3A, 0x35, 0x36, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x65, 0x64, 0x3A, 0x31, 0x39, 0x3A, 0x36, 0x30, 0x3A,
-        0x65, 0x64, 0x3A, 0x30, 0x31, 0x3A, 0x34, 0x63, 0x3A, 0x66,
-        0x36, 0x3A, 0x36, 0x37, 0x3A, 0x31, 0x64, 0x3A, 0x66, 0x31,
-        0x3A, 0x61, 0x63, 0x3A, 0x61, 0x38, 0x3A, 0x37, 0x34, 0x3A,
-        0x30, 0x64, 0x3A, 0x62, 0x32, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x37, 0x37, 0x3A,
-        0x63, 0x38, 0x3A, 0x34, 0x39, 0x3A, 0x33, 0x38, 0x3A, 0x65,
-        0x34, 0x3A, 0x66, 0x66, 0x3A, 0x34, 0x63, 0x3A, 0x65, 0x66,
-        0x3A, 0x38, 0x64, 0x3A, 0x36, 0x64, 0x3A, 0x38, 0x37, 0x3A,
-        0x66, 0x36, 0x3A, 0x34, 0x65, 0x3A, 0x63, 0x37, 0x3A, 0x66,
-        0x38, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x33, 0x39, 0x3A, 0x37, 0x34, 0x3A, 0x37,
-        0x30, 0x3A, 0x37, 0x30, 0x3A, 0x62, 0x35, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x41, 0x53, 0x4E, 0x31, 0x20, 0x4F,
-        0x49, 0x44, 0x3A, 0x20, 0x53, 0x4D, 0x32, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39,
-        0x76, 0x33, 0x20, 0x65, 0x78, 0x74, 0x65, 0x6E, 0x73, 0x69,
-        0x6F, 0x6E, 0x73, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30,
-        0x39, 0x76, 0x33, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63,
-        0x74, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x64, 0x65, 0x6E,
-        0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A, 0x20, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x45, 0x34, 0x3A, 0x32, 0x31,
-        0x3A, 0x42, 0x32, 0x3A, 0x43, 0x35, 0x3A, 0x45, 0x35, 0x3A,
-        0x44, 0x34, 0x3A, 0x39, 0x45, 0x3A, 0x38, 0x32, 0x3A, 0x43,
-        0x41, 0x3A, 0x46, 0x38, 0x3A, 0x36, 0x37, 0x3A, 0x46, 0x32,
-        0x3A, 0x32, 0x38, 0x3A, 0x39, 0x39, 0x3A, 0x46, 0x36, 0x3A,
-        0x38, 0x35, 0x3A, 0x45, 0x38, 0x3A, 0x46, 0x31, 0x3A, 0x35,
-        0x35, 0x3A, 0x45, 0x46, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30,
-        0x39, 0x76, 0x33, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72,
-        0x69, 0x74, 0x79, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x64,
-        0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A, 0x20,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x6B, 0x65, 0x79,
-        0x69, 0x64, 0x3A, 0x45, 0x34, 0x3A, 0x32, 0x31, 0x3A, 0x42,
-        0x32, 0x3A, 0x43, 0x35, 0x3A, 0x45, 0x35, 0x3A, 0x44, 0x34,
-        0x3A, 0x39, 0x45, 0x3A, 0x38, 0x32, 0x3A, 0x43, 0x41, 0x3A,
-        0x46, 0x38, 0x3A, 0x36, 0x37, 0x3A, 0x46, 0x32, 0x3A, 0x32,
-        0x38, 0x3A, 0x39, 0x39, 0x3A, 0x46, 0x36, 0x3A, 0x38, 0x35,
-        0x3A, 0x45, 0x38, 0x3A, 0x46, 0x31, 0x3A, 0x35, 0x35, 0x3A,
-        0x45, 0x46, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x44,
-        0x69, 0x72, 0x4E, 0x61, 0x6D, 0x65, 0x3A, 0x2F, 0x43, 0x3D,
-        0x55, 0x53, 0x2F, 0x53, 0x54, 0x3D, 0x4D, 0x6F, 0x6E, 0x74,
-        0x61, 0x6E, 0x61, 0x2F, 0x4C, 0x3D, 0x42, 0x6F, 0x7A, 0x65,
-        0x6D, 0x61, 0x6E, 0x2F, 0x4F, 0x3D, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x2F, 0x4F, 0x55,
-        0x3D, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x2D, 0x73, 0x6D,
-        0x32, 0x2F, 0x43, 0x4E, 0x3D, 0x77, 0x77, 0x77, 0x2E, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x2F, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64, 0x64, 0x72,
-        0x65, 0x73, 0x73, 0x3D, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x2F, 0x55, 0x49, 0x44, 0x3D, 0x77, 0x6F, 0x6C, 0x66, 0x53,
-        0x53, 0x4C, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x73,
-        0x65, 0x72, 0x69, 0x61, 0x6C, 0x3A, 0x36, 0x30, 0x3A, 0x41,
-        0x30, 0x3A, 0x34, 0x41, 0x3A, 0x30, 0x42, 0x3A, 0x33, 0x36,
-        0x3A, 0x45, 0x42, 0x3A, 0x37, 0x44, 0x3A, 0x45, 0x31, 0x3A,
-        0x33, 0x46, 0x3A, 0x37, 0x34, 0x3A, 0x32, 0x39, 0x3A, 0x41,
-        0x39, 0x3A, 0x32, 0x39, 0x3A, 0x42, 0x34, 0x3A, 0x30, 0x35,
-        0x3A, 0x36, 0x43, 0x3A, 0x31, 0x37, 0x3A, 0x46, 0x37, 0x3A,
-        0x41, 0x36, 0x3A, 0x44, 0x34, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35,
-        0x30, 0x39, 0x76, 0x33, 0x20, 0x42, 0x61, 0x73, 0x69, 0x63,
-        0x20, 0x43, 0x6F, 0x6E, 0x73, 0x74, 0x72, 0x61, 0x69, 0x6E,
-        0x74, 0x73, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x43, 0x41, 0x3A, 0x54, 0x52, 0x55, 0x45, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x53, 0x75,
-        0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x41, 0x6C, 0x74, 0x65,
-        0x72, 0x6E, 0x61, 0x74, 0x69, 0x76, 0x65, 0x20, 0x4E, 0x61,
-        0x6D, 0x65, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x44, 0x4E, 0x53, 0x3A, 0x65, 0x78, 0x61, 0x6D, 0x70,
-        0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x49, 0x50,
-        0x20, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x3A, 0x31,
-        0x32, 0x37, 0x2E, 0x30, 0x2E, 0x30, 0x2E, 0x31, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x45, 0x78,
-        0x74, 0x65, 0x6E, 0x64, 0x65, 0x64, 0x20, 0x4B, 0x65, 0x79,
-        0x20, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3A, 0x20, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x54, 0x4C, 0x53, 0x20, 0x57,
-        0x65, 0x62, 0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20,
-        0x41, 0x75, 0x74, 0x68, 0x65, 0x6E, 0x74, 0x69, 0x63, 0x61,
-        0x74, 0x69, 0x6F, 0x6E, 0x2C, 0x20, 0x54, 0x4C, 0x53, 0x20,
-        0x57, 0x65, 0x62, 0x20, 0x43, 0x6C, 0x69, 0x65, 0x6E, 0x74,
-        0x20, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6E, 0x74, 0x69, 0x63,
-        0x61, 0x74, 0x69, 0x6F, 0x6E, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20,
-        0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A,
-        0x20, 0x53, 0x4D, 0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D,
-        0x53, 0x4D, 0x33, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69,
-        0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x56, 0x61,
-        0x6C, 0x75, 0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x33, 0x30, 0x3A, 0x34, 0x36, 0x3A, 0x30,
-        0x32, 0x3A, 0x32, 0x31, 0x3A, 0x30, 0x30, 0x3A, 0x38, 0x66,
-        0x3A, 0x62, 0x32, 0x3A, 0x62, 0x35, 0x3A, 0x39, 0x35, 0x3A,
-        0x38, 0x66, 0x3A, 0x37, 0x39, 0x3A, 0x66, 0x36, 0x3A, 0x35,
-        0x65, 0x3A, 0x37, 0x35, 0x3A, 0x65, 0x35, 0x3A, 0x63, 0x35,
-        0x3A, 0x65, 0x39, 0x3A, 0x39, 0x61, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x31, 0x32, 0x3A, 0x64,
-        0x32, 0x3A, 0x30, 0x66, 0x3A, 0x37, 0x38, 0x3A, 0x39, 0x66,
-        0x3A, 0x63, 0x30, 0x3A, 0x31, 0x64, 0x3A, 0x38, 0x64, 0x3A,
-        0x31, 0x63, 0x3A, 0x62, 0x65, 0x3A, 0x36, 0x62, 0x3A, 0x30,
-        0x63, 0x3A, 0x66, 0x31, 0x3A, 0x66, 0x35, 0x3A, 0x35, 0x37,
-        0x3A, 0x36, 0x30, 0x3A, 0x64, 0x62, 0x3A, 0x39, 0x31, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x34,
-        0x66, 0x3A, 0x30, 0x32, 0x3A, 0x32, 0x31, 0x3A, 0x30, 0x30,
-        0x3A, 0x38, 0x37, 0x3A, 0x35, 0x65, 0x3A, 0x37, 0x64, 0x3A,
-        0x65, 0x34, 0x3A, 0x64, 0x36, 0x3A, 0x33, 0x61, 0x3A, 0x62,
-        0x62, 0x3A, 0x37, 0x62, 0x3A, 0x39, 0x38, 0x3A, 0x32, 0x37,
-        0x3A, 0x38, 0x35, 0x3A, 0x64, 0x65, 0x3A, 0x37, 0x61, 0x3A,
-        0x66, 0x30, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x32, 0x31, 0x3A, 0x65, 0x32, 0x3A, 0x36, 0x36,
-        0x3A, 0x61, 0x31, 0x3A, 0x39, 0x66, 0x3A, 0x32, 0x36, 0x3A,
-        0x65, 0x30, 0x3A, 0x64, 0x64, 0x3A, 0x38, 0x36, 0x3A, 0x32,
-        0x33, 0x3A, 0x62, 0x34, 0x3A, 0x63, 0x38, 0x3A, 0x63, 0x30,
-        0x3A, 0x34, 0x36, 0x3A, 0x35, 0x61, 0x3A, 0x66, 0x32, 0x3A,
-        0x34, 0x39, 0x3A, 0x38, 0x64, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D,
-        0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E, 0x20, 0x43, 0x45, 0x52,
-        0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2D, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49, 0x49, 0x44, 0x79, 0x54,
-        0x43, 0x43, 0x41, 0x32, 0x36, 0x67, 0x41, 0x77, 0x49, 0x42,
-        0x41, 0x67, 0x49, 0x55, 0x59, 0x4B, 0x42, 0x4B, 0x43, 0x7A,
-        0x62, 0x72, 0x66, 0x65, 0x45, 0x2F, 0x64, 0x43, 0x6D, 0x70,
-        0x4B, 0x62, 0x51, 0x46, 0x62, 0x42, 0x66, 0x33, 0x70, 0x74,
-        0x51, 0x77, 0x43, 0x67, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63,
-        0x7A, 0x31, 0x55, 0x42, 0x67, 0x33, 0x55, 0x77, 0x0A, 0x67,
-        0x62, 0x41, 0x78, 0x43, 0x7A, 0x41, 0x4A, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x59, 0x54, 0x41, 0x6C, 0x56, 0x54, 0x4D,
-        0x52, 0x41, 0x77, 0x44, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51,
-        0x49, 0x44, 0x41, 0x64, 0x4E, 0x62, 0x32, 0x35, 0x30, 0x59,
-        0x57, 0x35, 0x68, 0x4D, 0x52, 0x41, 0x77, 0x44, 0x67, 0x59,
-        0x44, 0x56, 0x51, 0x51, 0x48, 0x44, 0x41, 0x64, 0x43, 0x62,
-        0x33, 0x70, 0x6C, 0x0A, 0x62, 0x57, 0x46, 0x75, 0x4D, 0x52,
-        0x51, 0x77, 0x45, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4B,
-        0x44, 0x41, 0x74, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x55, 0x31,
-        0x4E, 0x4D, 0x58, 0x33, 0x4E, 0x74, 0x4D, 0x6A, 0x45, 0x54,
-        0x4D, 0x42, 0x45, 0x47, 0x41, 0x31, 0x55, 0x45, 0x43, 0x77,
-        0x77, 0x4B, 0x51, 0x32, 0x78, 0x70, 0x5A, 0x57, 0x35, 0x30,
-        0x4C, 0x58, 0x4E, 0x74, 0x4D, 0x6A, 0x45, 0x59, 0x0A, 0x4D,
-        0x42, 0x59, 0x47, 0x41, 0x31, 0x55, 0x45, 0x41, 0x77, 0x77,
-        0x50, 0x64, 0x33, 0x64, 0x33, 0x4C, 0x6E, 0x64, 0x76, 0x62,
-        0x47, 0x5A, 0x7A, 0x63, 0x32, 0x77, 0x75, 0x59, 0x32, 0x39,
-        0x74, 0x4D, 0x52, 0x38, 0x77, 0x48, 0x51, 0x59, 0x4A, 0x4B,
-        0x6F, 0x5A, 0x49, 0x68, 0x76, 0x63, 0x4E, 0x41, 0x51, 0x6B,
-        0x42, 0x46, 0x68, 0x42, 0x70, 0x62, 0x6D, 0x5A, 0x76, 0x51,
-        0x48, 0x64, 0x76, 0x0A, 0x62, 0x47, 0x5A, 0x7A, 0x63, 0x32,
-        0x77, 0x75, 0x59, 0x32, 0x39, 0x74, 0x4D, 0x52, 0x63, 0x77,
-        0x46, 0x51, 0x59, 0x4B, 0x43, 0x5A, 0x49, 0x6D, 0x69, 0x5A,
-        0x50, 0x79, 0x4C, 0x47, 0x51, 0x42, 0x41, 0x51, 0x77, 0x48,
-        0x64, 0x32, 0x39, 0x73, 0x5A, 0x6C, 0x4E, 0x54, 0x54, 0x44,
-        0x41, 0x65, 0x46, 0x77, 0x30, 0x79, 0x4D, 0x7A, 0x41, 0x79,
-        0x4D, 0x54, 0x55, 0x77, 0x4E, 0x6A, 0x49, 0x7A, 0x0A, 0x4D,
-        0x44, 0x64, 0x61, 0x46, 0x77, 0x30, 0x79, 0x4E, 0x54, 0x45,
-        0x78, 0x4D, 0x54, 0x45, 0x77, 0x4E, 0x6A, 0x49, 0x7A, 0x4D,
-        0x44, 0x64, 0x61, 0x4D, 0x49, 0x47, 0x77, 0x4D, 0x51, 0x73,
-        0x77, 0x43, 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x47, 0x45,
-        0x77, 0x4A, 0x56, 0x55, 0x7A, 0x45, 0x51, 0x4D, 0x41, 0x34,
-        0x47, 0x41, 0x31, 0x55, 0x45, 0x43, 0x41, 0x77, 0x48, 0x54,
-        0x57, 0x39, 0x75, 0x0A, 0x64, 0x47, 0x46, 0x75, 0x59, 0x54,
-        0x45, 0x51, 0x4D, 0x41, 0x34, 0x47, 0x41, 0x31, 0x55, 0x45,
-        0x42, 0x77, 0x77, 0x48, 0x51, 0x6D, 0x39, 0x36, 0x5A, 0x57,
-        0x31, 0x68, 0x62, 0x6A, 0x45, 0x55, 0x4D, 0x42, 0x49, 0x47,
-        0x41, 0x31, 0x55, 0x45, 0x43, 0x67, 0x77, 0x4C, 0x64, 0x32,
-        0x39, 0x73, 0x5A, 0x6C, 0x4E, 0x54, 0x54, 0x46, 0x39, 0x7A,
-        0x62, 0x54, 0x49, 0x78, 0x45, 0x7A, 0x41, 0x52, 0x0A, 0x42,
-        0x67, 0x4E, 0x56, 0x42, 0x41, 0x73, 0x4D, 0x43, 0x6B, 0x4E,
-        0x73, 0x61, 0x57, 0x56, 0x75, 0x64, 0x43, 0x31, 0x7A, 0x62,
-        0x54, 0x49, 0x78, 0x47, 0x44, 0x41, 0x57, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x4D, 0x4D, 0x44, 0x33, 0x64, 0x33, 0x64,
-        0x79, 0x35, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x63, 0x33, 0x4E,
-        0x73, 0x4C, 0x6D, 0x4E, 0x76, 0x62, 0x54, 0x45, 0x66, 0x4D,
-        0x42, 0x30, 0x47, 0x0A, 0x43, 0x53, 0x71, 0x47, 0x53, 0x49,
-        0x62, 0x33, 0x44, 0x51, 0x45, 0x4A, 0x41, 0x52, 0x59, 0x51,
-        0x61, 0x57, 0x35, 0x6D, 0x62, 0x30, 0x42, 0x33, 0x62, 0x32,
-        0x78, 0x6D, 0x63, 0x33, 0x4E, 0x73, 0x4C, 0x6D, 0x4E, 0x76,
-        0x62, 0x54, 0x45, 0x58, 0x4D, 0x42, 0x55, 0x47, 0x43, 0x67,
-        0x6D, 0x53, 0x4A, 0x6F, 0x6D, 0x54, 0x38, 0x69, 0x78, 0x6B,
-        0x41, 0x51, 0x45, 0x4D, 0x42, 0x33, 0x64, 0x76, 0x0A, 0x62,
-        0x47, 0x5A, 0x54, 0x55, 0x30, 0x77, 0x77, 0x57, 0x6A, 0x41,
-        0x55, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50, 0x56,
-        0x51, 0x47, 0x43, 0x4C, 0x51, 0x59, 0x49, 0x4B, 0x6F, 0x45,
-        0x63, 0x7A, 0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x44, 0x51,
-        0x67, 0x41, 0x45, 0x4F, 0x68, 0x33, 0x6F, 0x79, 0x30, 0x76,
-        0x54, 0x4C, 0x6A, 0x39, 0x4C, 0x42, 0x7A, 0x2B, 0x77, 0x49,
-        0x66, 0x37, 0x46, 0x0A, 0x6E, 0x74, 0x6E, 0x4B, 0x4F, 0x70,
-        0x4F, 0x54, 0x6C, 0x58, 0x59, 0x64, 0x4D, 0x4E, 0x6B, 0x4C,
-        0x39, 0x56, 0x62, 0x74, 0x47, 0x57, 0x44, 0x74, 0x41, 0x55,
-        0x7A, 0x32, 0x5A, 0x78, 0x33, 0x78, 0x72, 0x4B, 0x68, 0x30,
-        0x44, 0x62, 0x4A, 0x33, 0x79, 0x45, 0x6B, 0x34, 0x35, 0x50,
-        0x39, 0x4D, 0x37, 0x34, 0x31, 0x74, 0x68, 0x2F, 0x5A, 0x4F,
-        0x78, 0x2F, 0x67, 0x35, 0x64, 0x48, 0x42, 0x77, 0x0A, 0x74,
-        0x61, 0x4F, 0x43, 0x41, 0x57, 0x45, 0x77, 0x67, 0x67, 0x46,
-        0x64, 0x4D, 0x42, 0x30, 0x47, 0x41, 0x31, 0x55, 0x64, 0x44,
-        0x67, 0x51, 0x57, 0x42, 0x42, 0x54, 0x6B, 0x49, 0x62, 0x4C,
-        0x46, 0x35, 0x64, 0x53, 0x65, 0x67, 0x73, 0x72, 0x34, 0x5A,
-        0x2F, 0x49, 0x6F, 0x6D, 0x66, 0x61, 0x46, 0x36, 0x50, 0x46,
-        0x56, 0x37, 0x7A, 0x43, 0x42, 0x38, 0x41, 0x59, 0x44, 0x56,
-        0x52, 0x30, 0x6A, 0x0A, 0x42, 0x49, 0x48, 0x6F, 0x4D, 0x49,
-        0x48, 0x6C, 0x67, 0x42, 0x54, 0x6B, 0x49, 0x62, 0x4C, 0x46,
-        0x35, 0x64, 0x53, 0x65, 0x67, 0x73, 0x72, 0x34, 0x5A, 0x2F,
-        0x49, 0x6F, 0x6D, 0x66, 0x61, 0x46, 0x36, 0x50, 0x46, 0x56,
-        0x37, 0x36, 0x47, 0x42, 0x74, 0x71, 0x53, 0x42, 0x73, 0x7A,
-        0x43, 0x42, 0x73, 0x44, 0x45, 0x4C, 0x4D, 0x41, 0x6B, 0x47,
-        0x41, 0x31, 0x55, 0x45, 0x42, 0x68, 0x4D, 0x43, 0x0A, 0x56,
-        0x56, 0x4D, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x67, 0x4D, 0x42, 0x30, 0x31, 0x76, 0x62,
-        0x6E, 0x52, 0x68, 0x62, 0x6D, 0x45, 0x78, 0x45, 0x44, 0x41,
-        0x4F, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x63, 0x4D, 0x42,
-        0x30, 0x4A, 0x76, 0x65, 0x6D, 0x56, 0x74, 0x59, 0x57, 0x34,
-        0x78, 0x46, 0x44, 0x41, 0x53, 0x42, 0x67, 0x4E, 0x56, 0x42,
-        0x41, 0x6F, 0x4D, 0x0A, 0x43, 0x33, 0x64, 0x76, 0x62, 0x47,
-        0x5A, 0x54, 0x55, 0x30, 0x78, 0x66, 0x63, 0x32, 0x30, 0x79,
-        0x4D, 0x52, 0x4D, 0x77, 0x45, 0x51, 0x59, 0x44, 0x56, 0x51,
-        0x51, 0x4C, 0x44, 0x41, 0x70, 0x44, 0x62, 0x47, 0x6C, 0x6C,
-        0x62, 0x6E, 0x51, 0x74, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x52,
-        0x67, 0x77, 0x46, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x44,
-        0x44, 0x41, 0x39, 0x33, 0x64, 0x33, 0x63, 0x75, 0x0A, 0x64,
-        0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x35,
-        0x6A, 0x62, 0x32, 0x30, 0x78, 0x48, 0x7A, 0x41, 0x64, 0x42,
-        0x67, 0x6B, 0x71, 0x68, 0x6B, 0x69, 0x47, 0x39, 0x77, 0x30,
-        0x42, 0x43, 0x51, 0x45, 0x57, 0x45, 0x47, 0x6C, 0x75, 0x5A,
-        0x6D, 0x39, 0x41, 0x64, 0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E,
-        0x7A, 0x62, 0x43, 0x35, 0x6A, 0x62, 0x32, 0x30, 0x78, 0x46,
-        0x7A, 0x41, 0x56, 0x0A, 0x42, 0x67, 0x6F, 0x4A, 0x6B, 0x69,
-        0x61, 0x4A, 0x6B, 0x2F, 0x49, 0x73, 0x5A, 0x41, 0x45, 0x42,
-        0x44, 0x41, 0x64, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x55, 0x31,
-        0x4E, 0x4D, 0x67, 0x68, 0x52, 0x67, 0x6F, 0x45, 0x6F, 0x4C,
-        0x4E, 0x75, 0x74, 0x39, 0x34, 0x54, 0x39, 0x30, 0x4B, 0x61,
-        0x6B, 0x70, 0x74, 0x41, 0x56, 0x73, 0x46, 0x2F, 0x65, 0x6D,
-        0x31, 0x44, 0x41, 0x4D, 0x42, 0x67, 0x4E, 0x56, 0x0A, 0x48,
-        0x52, 0x4D, 0x45, 0x42, 0x54, 0x41, 0x44, 0x41, 0x51, 0x48,
-        0x2F, 0x4D, 0x42, 0x77, 0x47, 0x41, 0x31, 0x55, 0x64, 0x45,
-        0x51, 0x51, 0x56, 0x4D, 0x42, 0x4F, 0x43, 0x43, 0x32, 0x56,
-        0x34, 0x59, 0x57, 0x31, 0x77, 0x62, 0x47, 0x55, 0x75, 0x59,
-        0x32, 0x39, 0x74, 0x68, 0x77, 0x52, 0x2F, 0x41, 0x41, 0x41,
-        0x42, 0x4D, 0x42, 0x30, 0x47, 0x41, 0x31, 0x55, 0x64, 0x4A,
-        0x51, 0x51, 0x57, 0x0A, 0x4D, 0x42, 0x51, 0x47, 0x43, 0x43,
-        0x73, 0x47, 0x41, 0x51, 0x55, 0x46, 0x42, 0x77, 0x4D, 0x42,
-        0x42, 0x67, 0x67, 0x72, 0x42, 0x67, 0x45, 0x46, 0x42, 0x51,
-        0x63, 0x44, 0x41, 0x6A, 0x41, 0x4B, 0x42, 0x67, 0x67, 0x71,
-        0x67, 0x52, 0x7A, 0x50, 0x56, 0x51, 0x47, 0x44, 0x64, 0x51,
-        0x4E, 0x4A, 0x41, 0x44, 0x42, 0x47, 0x41, 0x69, 0x45, 0x41,
-        0x6A, 0x37, 0x4B, 0x31, 0x6C, 0x59, 0x39, 0x35, 0x0A, 0x39,
-        0x6C, 0x35, 0x31, 0x35, 0x63, 0x58, 0x70, 0x6D, 0x68, 0x4C,
-        0x53, 0x44, 0x33, 0x69, 0x66, 0x77, 0x42, 0x32, 0x4E, 0x48,
-        0x4C, 0x35, 0x72, 0x44, 0x50, 0x48, 0x31, 0x56, 0x32, 0x44,
-        0x62, 0x6B, 0x55, 0x38, 0x43, 0x49, 0x51, 0x43, 0x48, 0x58,
-        0x6E, 0x33, 0x6B, 0x31, 0x6A, 0x71, 0x37, 0x65, 0x35, 0x67,
-        0x6E, 0x68, 0x64, 0x35, 0x36, 0x38, 0x43, 0x48, 0x69, 0x5A,
-        0x71, 0x47, 0x66, 0x0A, 0x4A, 0x75, 0x44, 0x64, 0x68, 0x69,
-        0x4F, 0x30, 0x79, 0x4D, 0x42, 0x47, 0x57, 0x76, 0x4A, 0x4A,
-        0x6A, 0x51, 0x3D, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D,
-        0x45, 0x4E, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46,
-        0x49, 0x43, 0x41, 0x54, 0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D,
-        0x0A
-};
-#define sizeof_client_sm2 (sizeof(client_sm2))
-
-/* ./certs/sm2/client-sm2-key.pem */
-static const unsigned char client_sm2_key[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B, 0x45,
-        0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x46, 0x6F,
-        0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63, 0x7A,
-        0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43, 0x43, 0x71,
-        0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49, 0x74, 0x41,
-        0x30, 0x49, 0x41, 0x42, 0x44, 0x6F, 0x64, 0x36, 0x4D, 0x74,
-        0x4C, 0x30, 0x79, 0x34, 0x2F, 0x53, 0x77, 0x63, 0x2F, 0x73,
-        0x43, 0x48, 0x2B, 0x78, 0x5A, 0x37, 0x5A, 0x79, 0x6A, 0x71,
-        0x54, 0x0A, 0x6B, 0x35, 0x56, 0x32, 0x48, 0x54, 0x44, 0x5A,
-        0x43, 0x2F, 0x56, 0x57, 0x37, 0x52, 0x6C, 0x67, 0x37, 0x51,
-        0x46, 0x4D, 0x39, 0x6D, 0x63, 0x64, 0x38, 0x61, 0x79, 0x6F,
-        0x64, 0x41, 0x32, 0x79, 0x64, 0x38, 0x68, 0x4A, 0x4F, 0x4F,
-        0x54, 0x2F, 0x54, 0x4F, 0x2B, 0x4E, 0x62, 0x59, 0x66, 0x32,
-        0x54, 0x73, 0x66, 0x34, 0x4F, 0x58, 0x52, 0x77, 0x63, 0x4C,
-        0x55, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E,
-        0x44, 0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_client_sm2_key (sizeof(client_sm2_key))
-
-/* ./certs/sm2/client-sm2-priv.pem */
-static const unsigned char client_sm2_priv[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x47, 0x49, 0x41, 0x67, 0x45, 0x41, 0x4D, 0x42, 0x51, 0x47,
-        0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59,
-        0x49, 0x74, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50,
-        0x56, 0x51, 0x47, 0x43, 0x4C, 0x51, 0x52, 0x74, 0x4D, 0x47,
-        0x73, 0x43, 0x41, 0x51, 0x45, 0x45, 0x49, 0x4E, 0x43, 0x69,
-        0x33, 0x30, 0x6C, 0x36, 0x4C, 0x64, 0x38, 0x43, 0x79, 0x63,
-        0x36, 0x33, 0x0A, 0x38, 0x6A, 0x63, 0x43, 0x44, 0x64, 0x33,
-        0x38, 0x43, 0x4C, 0x6A, 0x65, 0x46, 0x4A, 0x4E, 0x36, 0x55,
-        0x79, 0x5A, 0x4A, 0x31, 0x66, 0x34, 0x43, 0x32, 0x66, 0x4E,
-        0x78, 0x6F, 0x55, 0x51, 0x44, 0x51, 0x67, 0x41, 0x45, 0x4F,
-        0x68, 0x33, 0x6F, 0x79, 0x30, 0x76, 0x54, 0x4C, 0x6A, 0x39,
-        0x4C, 0x42, 0x7A, 0x2B, 0x77, 0x49, 0x66, 0x37, 0x46, 0x6E,
-        0x74, 0x6E, 0x4B, 0x4F, 0x70, 0x4F, 0x54, 0x0A, 0x6C, 0x58,
-        0x59, 0x64, 0x4D, 0x4E, 0x6B, 0x4C, 0x39, 0x56, 0x62, 0x74,
-        0x47, 0x57, 0x44, 0x74, 0x41, 0x55, 0x7A, 0x32, 0x5A, 0x78,
-        0x33, 0x78, 0x72, 0x4B, 0x68, 0x30, 0x44, 0x62, 0x4A, 0x33,
-        0x79, 0x45, 0x6B, 0x34, 0x35, 0x50, 0x39, 0x4D, 0x37, 0x34,
-        0x31, 0x74, 0x68, 0x2F, 0x5A, 0x4F, 0x78, 0x2F, 0x67, 0x35,
-        0x64, 0x48, 0x42, 0x77, 0x74, 0x51, 0x3D, 0x3D, 0x0A, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x50, 0x52,
-        0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B, 0x45, 0x59, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_client_sm2_priv (sizeof(client_sm2_priv))
-
-/* ./certs/sm2/root-sm2.pem */
-static const unsigned char root_sm2[] =
-{
-        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x44, 0x61, 0x74,
-        0x61, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20,
-        0x33, 0x20, 0x28, 0x30, 0x78, 0x32, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x65, 0x72, 0x69,
-        0x61, 0x6C, 0x20, 0x4E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x37, 0x34, 0x3A, 0x39, 0x63, 0x3A, 0x64,
-        0x64, 0x3A, 0x61, 0x34, 0x3A, 0x62, 0x32, 0x3A, 0x36, 0x37,
-        0x3A, 0x32, 0x36, 0x3A, 0x35, 0x37, 0x3A, 0x32, 0x39, 0x3A,
-        0x66, 0x62, 0x3A, 0x65, 0x39, 0x3A, 0x31, 0x33, 0x3A, 0x35,
-        0x34, 0x3A, 0x65, 0x30, 0x3A, 0x33, 0x34, 0x3A, 0x30, 0x38,
-        0x3A, 0x30, 0x33, 0x3A, 0x32, 0x62, 0x3A, 0x37, 0x30, 0x3A,
-        0x61, 0x39, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65,
-        0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D,
-        0x3A, 0x20, 0x53, 0x4D, 0x32, 0x2D, 0x77, 0x69, 0x74, 0x68,
-        0x2D, 0x53, 0x4D, 0x33, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x3A,
-        0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C, 0x20, 0x53,
-        0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E,
-        0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A,
-        0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20,
-        0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x53, 0x4D,
-        0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20, 0x52, 0x6F,
-        0x6F, 0x74, 0x2D, 0x53, 0x4D, 0x32, 0x2C, 0x20, 0x43, 0x4E,
-        0x20, 0x3D, 0x20, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C,
-        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20,
-        0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64, 0x64, 0x72, 0x65,
-        0x73, 0x73, 0x20, 0x3D, 0x20, 0x69, 0x6E, 0x66, 0x6F, 0x40,
-        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x56, 0x61, 0x6C, 0x69, 0x64, 0x69, 0x74, 0x79, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x4E, 0x6F, 0x74, 0x20, 0x42, 0x65, 0x66, 0x6F, 0x72,
-        0x65, 0x3A, 0x20, 0x46, 0x65, 0x62, 0x20, 0x31, 0x35, 0x20,
-        0x30, 0x36, 0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32,
-        0x30, 0x32, 0x33, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x4E, 0x6F, 0x74, 0x20, 0x41, 0x66, 0x74, 0x65, 0x72, 0x20,
-        0x3A, 0x20, 0x4E, 0x6F, 0x76, 0x20, 0x31, 0x31, 0x20, 0x30,
-        0x36, 0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30,
-        0x32, 0x35, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65,
-        0x63, 0x74, 0x3A, 0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53,
-        0x2C, 0x20, 0x53, 0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E,
-        0x74, 0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20,
-        0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x5F, 0x53, 0x4D, 0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D,
-        0x20, 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x53, 0x4D, 0x32, 0x2C,
-        0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77, 0x2E,
-        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64,
-        0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69, 0x6E,
-        0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
-        0x2E, 0x63, 0x6F, 0x6D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63, 0x74,
-        0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65,
-        0x79, 0x20, 0x49, 0x6E, 0x66, 0x6F, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x50, 0x75, 0x62, 0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65, 0x79,
-        0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D,
-        0x3A, 0x20, 0x73, 0x6D, 0x32, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x63, 0x2D, 0x4B,
-        0x65, 0x79, 0x3A, 0x20, 0x28, 0x32, 0x35, 0x36, 0x20, 0x62,
-        0x69, 0x74, 0x29, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x70, 0x75, 0x62, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x34, 0x3A, 0x62, 0x62,
-        0x3A, 0x39, 0x63, 0x3A, 0x37, 0x35, 0x3A, 0x38, 0x63, 0x3A,
-        0x66, 0x37, 0x3A, 0x31, 0x37, 0x3A, 0x66, 0x38, 0x3A, 0x34,
-        0x38, 0x3A, 0x61, 0x62, 0x3A, 0x66, 0x37, 0x3A, 0x66, 0x36,
-        0x3A, 0x64, 0x62, 0x3A, 0x30, 0x64, 0x3A, 0x39, 0x61, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x38, 0x64, 0x3A, 0x39, 0x66, 0x3A, 0x63, 0x32, 0x3A,
-        0x64, 0x31, 0x3A, 0x34, 0x37, 0x3A, 0x39, 0x37, 0x3A, 0x39,
-        0x35, 0x3A, 0x30, 0x62, 0x3A, 0x34, 0x65, 0x3A, 0x65, 0x36,
-        0x3A, 0x35, 0x37, 0x3A, 0x65, 0x63, 0x3A, 0x63, 0x35, 0x3A,
-        0x66, 0x38, 0x3A, 0x35, 0x37, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x35, 0x34, 0x3A,
-        0x37, 0x31, 0x3A, 0x33, 0x39, 0x3A, 0x33, 0x63, 0x3A, 0x37,
-        0x39, 0x3A, 0x65, 0x31, 0x3A, 0x34, 0x30, 0x3A, 0x33, 0x66,
-        0x3A, 0x62, 0x36, 0x3A, 0x35, 0x31, 0x3A, 0x65, 0x39, 0x3A,
-        0x37, 0x63, 0x3A, 0x63, 0x37, 0x3A, 0x64, 0x61, 0x3A, 0x32,
-        0x64, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x65, 0x66, 0x3A, 0x64, 0x32, 0x3A, 0x65,
-        0x38, 0x3A, 0x37, 0x39, 0x3A, 0x38, 0x31, 0x3A, 0x37, 0x62,
-        0x3A, 0x61, 0x62, 0x3A, 0x61, 0x33, 0x3A, 0x35, 0x66, 0x3A,
-        0x36, 0x62, 0x3A, 0x32, 0x61, 0x3A, 0x36, 0x63, 0x3A, 0x39,
-        0x37, 0x3A, 0x31, 0x61, 0x3A, 0x35, 0x65, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x38,
-        0x65, 0x3A, 0x64, 0x39, 0x3A, 0x64, 0x30, 0x3A, 0x63, 0x63,
-        0x3A, 0x30, 0x34, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x41, 0x53, 0x4E, 0x31, 0x20, 0x4F, 0x49, 0x44, 0x3A, 0x20,
-        0x53, 0x4D, 0x32, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x65,
-        0x78, 0x74, 0x65, 0x6E, 0x73, 0x69, 0x6F, 0x6E, 0x73, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20,
-        0x53, 0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x4B, 0x65,
-        0x79, 0x20, 0x49, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69,
-        0x65, 0x72, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x33, 0x34, 0x3A, 0x31, 0x44, 0x3A, 0x37, 0x39, 0x3A,
-        0x34, 0x34, 0x3A, 0x31, 0x35, 0x3A, 0x37, 0x39, 0x3A, 0x41,
-        0x31, 0x3A, 0x42, 0x31, 0x3A, 0x36, 0x33, 0x3A, 0x39, 0x39,
-        0x3A, 0x45, 0x33, 0x3A, 0x45, 0x44, 0x3A, 0x36, 0x35, 0x3A,
-        0x37, 0x43, 0x3A, 0x36, 0x34, 0x3A, 0x38, 0x39, 0x3A, 0x38,
-        0x30, 0x3A, 0x46, 0x46, 0x3A, 0x42, 0x38, 0x3A, 0x45, 0x43,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20,
-        0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20,
-        0x4B, 0x65, 0x79, 0x20, 0x49, 0x64, 0x65, 0x6E, 0x74, 0x69,
-        0x66, 0x69, 0x65, 0x72, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x33, 0x34, 0x3A, 0x31, 0x44, 0x3A, 0x37,
-        0x39, 0x3A, 0x34, 0x34, 0x3A, 0x31, 0x35, 0x3A, 0x37, 0x39,
-        0x3A, 0x41, 0x31, 0x3A, 0x42, 0x31, 0x3A, 0x36, 0x33, 0x3A,
-        0x39, 0x39, 0x3A, 0x45, 0x33, 0x3A, 0x45, 0x44, 0x3A, 0x36,
-        0x35, 0x3A, 0x37, 0x43, 0x3A, 0x36, 0x34, 0x3A, 0x38, 0x39,
-        0x3A, 0x38, 0x30, 0x3A, 0x46, 0x46, 0x3A, 0x42, 0x38, 0x3A,
-        0x45, 0x43, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76,
-        0x33, 0x20, 0x42, 0x61, 0x73, 0x69, 0x63, 0x20, 0x43, 0x6F,
-        0x6E, 0x73, 0x74, 0x72, 0x61, 0x69, 0x6E, 0x74, 0x73, 0x3A,
-        0x20, 0x63, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x43, 0x41, 0x3A, 0x54,
-        0x52, 0x55, 0x45, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39,
-        0x76, 0x33, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x55, 0x73, 0x61,
-        0x67, 0x65, 0x3A, 0x20, 0x63, 0x72, 0x69, 0x74, 0x69, 0x63,
-        0x61, 0x6C, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x44,
-        0x69, 0x67, 0x69, 0x74, 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x2C, 0x20, 0x43, 0x65,
-        0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20,
-        0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x43, 0x52, 0x4C, 0x20,
-        0x53, 0x69, 0x67, 0x6E, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53,
-        0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41,
-        0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20,
-        0x53, 0x4D, 0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53,
-        0x4D, 0x33, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x56, 0x61, 0x6C,
-        0x75, 0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x33, 0x30, 0x3A, 0x34, 0x34, 0x3A, 0x30, 0x32,
-        0x3A, 0x32, 0x30, 0x3A, 0x30, 0x33, 0x3A, 0x32, 0x37, 0x3A,
-        0x32, 0x39, 0x3A, 0x66, 0x30, 0x3A, 0x65, 0x66, 0x3A, 0x37,
-        0x38, 0x3A, 0x32, 0x36, 0x3A, 0x61, 0x31, 0x3A, 0x31, 0x61,
-        0x3A, 0x36, 0x61, 0x3A, 0x31, 0x65, 0x3A, 0x38, 0x38, 0x3A,
-        0x38, 0x31, 0x3A, 0x65, 0x37, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x38, 0x33, 0x3A, 0x37, 0x32,
-        0x3A, 0x35, 0x66, 0x3A, 0x33, 0x65, 0x3A, 0x65, 0x36, 0x3A,
-        0x30, 0x38, 0x3A, 0x65, 0x38, 0x3A, 0x31, 0x34, 0x3A, 0x36,
-        0x38, 0x3A, 0x62, 0x66, 0x3A, 0x34, 0x62, 0x3A, 0x30, 0x66,
-        0x3A, 0x36, 0x38, 0x3A, 0x35, 0x32, 0x3A, 0x39, 0x32, 0x3A,
-        0x61, 0x61, 0x3A, 0x38, 0x66, 0x3A, 0x61, 0x31, 0x3A, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x32,
-        0x3A, 0x32, 0x30, 0x3A, 0x30, 0x62, 0x3A, 0x66, 0x65, 0x3A,
-        0x31, 0x62, 0x3A, 0x31, 0x34, 0x3A, 0x62, 0x61, 0x3A, 0x35,
-        0x31, 0x3A, 0x38, 0x32, 0x3A, 0x36, 0x35, 0x3A, 0x30, 0x36,
-        0x3A, 0x62, 0x62, 0x3A, 0x32, 0x32, 0x3A, 0x64, 0x38, 0x3A,
-        0x31, 0x61, 0x3A, 0x61, 0x37, 0x3A, 0x39, 0x66, 0x3A, 0x35,
-        0x34, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x36, 0x32, 0x3A, 0x65, 0x62, 0x3A, 0x38, 0x64, 0x3A,
-        0x62, 0x32, 0x3A, 0x64, 0x35, 0x3A, 0x31, 0x33, 0x3A, 0x62,
-        0x33, 0x3A, 0x62, 0x38, 0x3A, 0x61, 0x32, 0x3A, 0x66, 0x33,
-        0x3A, 0x31, 0x34, 0x3A, 0x34, 0x34, 0x3A, 0x62, 0x32, 0x3A,
-        0x61, 0x30, 0x3A, 0x32, 0x31, 0x3A, 0x64, 0x30, 0x0A, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E, 0x20,
-        0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54,
-        0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49, 0x49,
-        0x43, 0x6B, 0x54, 0x43, 0x43, 0x41, 0x6A, 0x69, 0x67, 0x41,
-        0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x55, 0x64, 0x4A, 0x7A,
-        0x64, 0x70, 0x4C, 0x4A, 0x6E, 0x4A, 0x6C, 0x63, 0x70, 0x2B,
-        0x2B, 0x6B, 0x54, 0x56, 0x4F, 0x41, 0x30, 0x43, 0x41, 0x4D,
-        0x72, 0x63, 0x4B, 0x6B, 0x77, 0x43, 0x67, 0x59, 0x49, 0x4B,
-        0x6F, 0x45, 0x63, 0x7A, 0x31, 0x55, 0x42, 0x67, 0x33, 0x55,
-        0x77, 0x0A, 0x67, 0x5A, 0x55, 0x78, 0x43, 0x7A, 0x41, 0x4A,
-        0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x59, 0x54, 0x41, 0x6C,
-        0x56, 0x54, 0x4D, 0x52, 0x41, 0x77, 0x44, 0x67, 0x59, 0x44,
-        0x56, 0x51, 0x51, 0x49, 0x44, 0x41, 0x64, 0x4E, 0x62, 0x32,
-        0x35, 0x30, 0x59, 0x57, 0x35, 0x68, 0x4D, 0x52, 0x41, 0x77,
-        0x44, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x48, 0x44, 0x41,
-        0x64, 0x43, 0x62, 0x33, 0x70, 0x6C, 0x0A, 0x62, 0x57, 0x46,
-        0x75, 0x4D, 0x52, 0x51, 0x77, 0x45, 0x67, 0x59, 0x44, 0x56,
-        0x51, 0x51, 0x4B, 0x44, 0x41, 0x74, 0x33, 0x62, 0x32, 0x78,
-        0x6D, 0x55, 0x31, 0x4E, 0x4D, 0x58, 0x31, 0x4E, 0x4E, 0x4D,
-        0x6A, 0x45, 0x52, 0x4D, 0x41, 0x38, 0x47, 0x41, 0x31, 0x55,
-        0x45, 0x43, 0x77, 0x77, 0x49, 0x55, 0x6D, 0x39, 0x76, 0x64,
-        0x43, 0x31, 0x54, 0x54, 0x54, 0x49, 0x78, 0x47, 0x44, 0x41,
-        0x57, 0x0A, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x4D, 0x4D,
-        0x44, 0x33, 0x64, 0x33, 0x64, 0x79, 0x35, 0x33, 0x62, 0x32,
-        0x78, 0x6D, 0x63, 0x33, 0x4E, 0x73, 0x4C, 0x6D, 0x4E, 0x76,
-        0x62, 0x54, 0x45, 0x66, 0x4D, 0x42, 0x30, 0x47, 0x43, 0x53,
-        0x71, 0x47, 0x53, 0x49, 0x62, 0x33, 0x44, 0x51, 0x45, 0x4A,
-        0x41, 0x52, 0x59, 0x51, 0x61, 0x57, 0x35, 0x6D, 0x62, 0x30,
-        0x42, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x0A, 0x63, 0x33, 0x4E,
-        0x73, 0x4C, 0x6D, 0x4E, 0x76, 0x62, 0x54, 0x41, 0x65, 0x46,
-        0x77, 0x30, 0x79, 0x4D, 0x7A, 0x41, 0x79, 0x4D, 0x54, 0x55,
-        0x77, 0x4E, 0x6A, 0x49, 0x7A, 0x4D, 0x44, 0x64, 0x61, 0x46,
-        0x77, 0x30, 0x79, 0x4E, 0x54, 0x45, 0x78, 0x4D, 0x54, 0x45,
-        0x77, 0x4E, 0x6A, 0x49, 0x7A, 0x4D, 0x44, 0x64, 0x61, 0x4D,
-        0x49, 0x47, 0x56, 0x4D, 0x51, 0x73, 0x77, 0x43, 0x51, 0x59,
-        0x44, 0x0A, 0x56, 0x51, 0x51, 0x47, 0x45, 0x77, 0x4A, 0x56,
-        0x55, 0x7A, 0x45, 0x51, 0x4D, 0x41, 0x34, 0x47, 0x41, 0x31,
-        0x55, 0x45, 0x43, 0x41, 0x77, 0x48, 0x54, 0x57, 0x39, 0x75,
-        0x64, 0x47, 0x46, 0x75, 0x59, 0x54, 0x45, 0x51, 0x4D, 0x41,
-        0x34, 0x47, 0x41, 0x31, 0x55, 0x45, 0x42, 0x77, 0x77, 0x48,
-        0x51, 0x6D, 0x39, 0x36, 0x5A, 0x57, 0x31, 0x68, 0x62, 0x6A,
-        0x45, 0x55, 0x4D, 0x42, 0x49, 0x47, 0x0A, 0x41, 0x31, 0x55,
-        0x45, 0x43, 0x67, 0x77, 0x4C, 0x64, 0x32, 0x39, 0x73, 0x5A,
-        0x6C, 0x4E, 0x54, 0x54, 0x46, 0x39, 0x54, 0x54, 0x54, 0x49,
-        0x78, 0x45, 0x54, 0x41, 0x50, 0x42, 0x67, 0x4E, 0x56, 0x42,
-        0x41, 0x73, 0x4D, 0x43, 0x46, 0x4A, 0x76, 0x62, 0x33, 0x51,
-        0x74, 0x55, 0x30, 0x30, 0x79, 0x4D, 0x52, 0x67, 0x77, 0x46,
-        0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x44, 0x44, 0x41, 0x39,
-        0x33, 0x0A, 0x64, 0x33, 0x63, 0x75, 0x64, 0x32, 0x39, 0x73,
-        0x5A, 0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x35, 0x6A, 0x62, 0x32,
-        0x30, 0x78, 0x48, 0x7A, 0x41, 0x64, 0x42, 0x67, 0x6B, 0x71,
-        0x68, 0x6B, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x43, 0x51,
-        0x45, 0x57, 0x45, 0x47, 0x6C, 0x75, 0x5A, 0x6D, 0x39, 0x41,
-        0x64, 0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x62, 0x43,
-        0x35, 0x6A, 0x62, 0x32, 0x30, 0x77, 0x0A, 0x57, 0x6A, 0x41,
-        0x55, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50, 0x56,
-        0x51, 0x47, 0x43, 0x4C, 0x51, 0x59, 0x49, 0x4B, 0x6F, 0x45,
-        0x63, 0x7A, 0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x44, 0x51,
-        0x67, 0x41, 0x45, 0x75, 0x35, 0x78, 0x31, 0x6A, 0x50, 0x63,
-        0x58, 0x2B, 0x45, 0x69, 0x72, 0x39, 0x2F, 0x62, 0x62, 0x44,
-        0x5A, 0x71, 0x4E, 0x6E, 0x38, 0x4C, 0x52, 0x52, 0x35, 0x65,
-        0x56, 0x0A, 0x43, 0x30, 0x37, 0x6D, 0x56, 0x2B, 0x7A, 0x46,
-        0x2B, 0x46, 0x64, 0x55, 0x63, 0x54, 0x6B, 0x38, 0x65, 0x65,
-        0x46, 0x41, 0x50, 0x37, 0x5A, 0x52, 0x36, 0x58, 0x7A, 0x48,
-        0x32, 0x69, 0x33, 0x76, 0x30, 0x75, 0x68, 0x35, 0x67, 0x58,
-        0x75, 0x72, 0x6F, 0x31, 0x39, 0x72, 0x4B, 0x6D, 0x79, 0x58,
-        0x47, 0x6C, 0x36, 0x4F, 0x32, 0x64, 0x44, 0x4D, 0x42, 0x4B,
-        0x4E, 0x6A, 0x4D, 0x47, 0x45, 0x77, 0x0A, 0x48, 0x51, 0x59,
-        0x44, 0x56, 0x52, 0x30, 0x4F, 0x42, 0x42, 0x59, 0x45, 0x46,
-        0x44, 0x51, 0x64, 0x65, 0x55, 0x51, 0x56, 0x65, 0x61, 0x47,
-        0x78, 0x59, 0x35, 0x6E, 0x6A, 0x37, 0x57, 0x56, 0x38, 0x5A,
-        0x49, 0x6D, 0x41, 0x2F, 0x37, 0x6A, 0x73, 0x4D, 0x42, 0x38,
-        0x47, 0x41, 0x31, 0x55, 0x64, 0x49, 0x77, 0x51, 0x59, 0x4D,
-        0x42, 0x61, 0x41, 0x46, 0x44, 0x51, 0x64, 0x65, 0x55, 0x51,
-        0x56, 0x0A, 0x65, 0x61, 0x47, 0x78, 0x59, 0x35, 0x6E, 0x6A,
-        0x37, 0x57, 0x56, 0x38, 0x5A, 0x49, 0x6D, 0x41, 0x2F, 0x37,
-        0x6A, 0x73, 0x4D, 0x41, 0x38, 0x47, 0x41, 0x31, 0x55, 0x64,
-        0x45, 0x77, 0x45, 0x42, 0x2F, 0x77, 0x51, 0x46, 0x4D, 0x41,
-        0x4D, 0x42, 0x41, 0x66, 0x38, 0x77, 0x44, 0x67, 0x59, 0x44,
-        0x56, 0x52, 0x30, 0x50, 0x41, 0x51, 0x48, 0x2F, 0x42, 0x41,
-        0x51, 0x44, 0x41, 0x67, 0x47, 0x47, 0x0A, 0x4D, 0x41, 0x6F,
-        0x47, 0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56, 0x41,
-        0x59, 0x4E, 0x31, 0x41, 0x30, 0x63, 0x41, 0x4D, 0x45, 0x51,
-        0x43, 0x49, 0x41, 0x4D, 0x6E, 0x4B, 0x66, 0x44, 0x76, 0x65,
-        0x43, 0x61, 0x68, 0x47, 0x6D, 0x6F, 0x65, 0x69, 0x49, 0x48,
-        0x6E, 0x67, 0x33, 0x4A, 0x66, 0x50, 0x75, 0x59, 0x49, 0x36,
-        0x42, 0x52, 0x6F, 0x76, 0x30, 0x73, 0x50, 0x61, 0x46, 0x4B,
-        0x53, 0x0A, 0x71, 0x6F, 0x2B, 0x68, 0x41, 0x69, 0x41, 0x4C,
-        0x2F, 0x68, 0x73, 0x55, 0x75, 0x6C, 0x47, 0x43, 0x5A, 0x51,
-        0x61, 0x37, 0x49, 0x74, 0x67, 0x61, 0x70, 0x35, 0x39, 0x55,
-        0x59, 0x75, 0x75, 0x4E, 0x73, 0x74, 0x55, 0x54, 0x73, 0x37,
-        0x69, 0x69, 0x38, 0x78, 0x52, 0x45, 0x73, 0x71, 0x41, 0x68,
-        0x30, 0x41, 0x3D, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D,
-        0x45, 0x4E, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46,
-        0x49, 0x43, 0x41, 0x54, 0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D,
-        0x0A
-};
-#define sizeof_root_sm2 (sizeof(root_sm2))
-
-/* ./certs/sm2/root-sm2-key.pem */
-static const unsigned char root_sm2_key[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B, 0x45,
-        0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x46, 0x6F,
-        0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63, 0x7A,
-        0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43, 0x43, 0x71,
-        0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49, 0x74, 0x41,
-        0x30, 0x49, 0x41, 0x42, 0x4C, 0x75, 0x63, 0x64, 0x59, 0x7A,
-        0x33, 0x46, 0x2F, 0x68, 0x49, 0x71, 0x2F, 0x66, 0x32, 0x32,
-        0x77, 0x32, 0x61, 0x6A, 0x5A, 0x2F, 0x43, 0x30, 0x55, 0x65,
-        0x58, 0x0A, 0x6C, 0x51, 0x74, 0x4F, 0x35, 0x6C, 0x66, 0x73,
-        0x78, 0x66, 0x68, 0x58, 0x56, 0x48, 0x45, 0x35, 0x50, 0x48,
-        0x6E, 0x68, 0x51, 0x44, 0x2B, 0x32, 0x55, 0x65, 0x6C, 0x38,
-        0x78, 0x39, 0x6F, 0x74, 0x37, 0x39, 0x4C, 0x6F, 0x65, 0x59,
-        0x46, 0x37, 0x71, 0x36, 0x4E, 0x66, 0x61, 0x79, 0x70, 0x73,
-        0x6C, 0x78, 0x70, 0x65, 0x6A, 0x74, 0x6E, 0x51, 0x7A, 0x41,
-        0x51, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E,
-        0x44, 0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_root_sm2_key (sizeof(root_sm2_key))
-
-/* ./certs/sm2/root-sm2-priv.pem */
-static const unsigned char root_sm2_priv[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x47, 0x49, 0x41, 0x67, 0x45, 0x41, 0x4D, 0x42, 0x51, 0x47,
-        0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59,
-        0x49, 0x74, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50,
-        0x56, 0x51, 0x47, 0x43, 0x4C, 0x51, 0x52, 0x74, 0x4D, 0x47,
-        0x73, 0x43, 0x41, 0x51, 0x45, 0x45, 0x49, 0x4D, 0x5A, 0x72,
-        0x4E, 0x45, 0x77, 0x7A, 0x4E, 0x31, 0x74, 0x6B, 0x46, 0x6C,
-        0x70, 0x2F, 0x0A, 0x42, 0x50, 0x6E, 0x38, 0x68, 0x7A, 0x44,
-        0x52, 0x46, 0x62, 0x70, 0x59, 0x65, 0x4F, 0x34, 0x48, 0x6D,
-        0x43, 0x41, 0x6D, 0x34, 0x51, 0x61, 0x4E, 0x55, 0x59, 0x6F,
-        0x6F, 0x6F, 0x55, 0x51, 0x44, 0x51, 0x67, 0x41, 0x45, 0x75,
-        0x35, 0x78, 0x31, 0x6A, 0x50, 0x63, 0x58, 0x2B, 0x45, 0x69,
-        0x72, 0x39, 0x2F, 0x62, 0x62, 0x44, 0x5A, 0x71, 0x4E, 0x6E,
-        0x38, 0x4C, 0x52, 0x52, 0x35, 0x65, 0x56, 0x0A, 0x43, 0x30,
-        0x37, 0x6D, 0x56, 0x2B, 0x7A, 0x46, 0x2B, 0x46, 0x64, 0x55,
-        0x63, 0x54, 0x6B, 0x38, 0x65, 0x65, 0x46, 0x41, 0x50, 0x37,
-        0x5A, 0x52, 0x36, 0x58, 0x7A, 0x48, 0x32, 0x69, 0x33, 0x76,
-        0x30, 0x75, 0x68, 0x35, 0x67, 0x58, 0x75, 0x72, 0x6F, 0x31,
-        0x39, 0x72, 0x4B, 0x6D, 0x79, 0x58, 0x47, 0x6C, 0x36, 0x4F,
-        0x32, 0x64, 0x44, 0x4D, 0x42, 0x41, 0x3D, 0x3D, 0x0A, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x50, 0x52,
-        0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B, 0x45, 0x59, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_root_sm2_priv (sizeof(root_sm2_priv))
-
-/* ./certs/sm2/self-sm2-cert.pem */
-static const unsigned char self_sm2_cert[] =
-{
-        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x44, 0x61, 0x74,
-        0x61, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20,
-        0x33, 0x20, 0x28, 0x30, 0x78, 0x32, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x65, 0x72, 0x69,
-        0x61, 0x6C, 0x20, 0x4E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x30, 0x36, 0x3A, 0x37, 0x62, 0x3A, 0x33,
-        0x61, 0x3A, 0x35, 0x64, 0x3A, 0x63, 0x66, 0x3A, 0x32, 0x32,
-        0x3A, 0x61, 0x39, 0x3A, 0x36, 0x64, 0x3A, 0x36, 0x64, 0x3A,
-        0x37, 0x38, 0x3A, 0x32, 0x62, 0x3A, 0x31, 0x30, 0x3A, 0x30,
-        0x31, 0x3A, 0x35, 0x31, 0x3A, 0x62, 0x36, 0x3A, 0x34, 0x63,
-        0x3A, 0x64, 0x34, 0x3A, 0x38, 0x32, 0x3A, 0x61, 0x32, 0x3A,
-        0x61, 0x31, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72, 0x65,
-        0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D,
-        0x3A, 0x20, 0x53, 0x4D, 0x32, 0x2D, 0x77, 0x69, 0x74, 0x68,
-        0x2D, 0x53, 0x4D, 0x33, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, 0x3A,
-        0x20, 0x43, 0x20, 0x3D, 0x20, 0x41, 0x55, 0x2C, 0x20, 0x53,
-        0x54, 0x20, 0x3D, 0x20, 0x51, 0x4C, 0x44, 0x2C, 0x20, 0x4F,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20, 0x54, 0x65, 0x73,
-        0x74, 0x69, 0x6E, 0x67, 0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D,
-        0x20, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2D, 0x64,
-        0x65, 0x76, 0x2D, 0x73, 0x6D, 0x32, 0x2C, 0x20, 0x65, 0x6D,
-        0x61, 0x69, 0x6C, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73,
-        0x20, 0x3D, 0x20, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F,
-        0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C,
-        0x20, 0x55, 0x49, 0x44, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C,
-        0x66, 0x53, 0x53, 0x4C, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x69, 0x74,
-        0x79, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x4E, 0x6F, 0x74, 0x20, 0x42, 0x65,
-        0x66, 0x6F, 0x72, 0x65, 0x3A, 0x20, 0x4E, 0x6F, 0x76, 0x20,
-        0x32, 0x32, 0x20, 0x32, 0x31, 0x3A, 0x32, 0x38, 0x3A, 0x33,
-        0x37, 0x20, 0x32, 0x30, 0x32, 0x33, 0x20, 0x47, 0x4D, 0x54,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x4E, 0x6F, 0x74, 0x20, 0x41, 0x66, 0x74,
-        0x65, 0x72, 0x20, 0x3A, 0x20, 0x41, 0x75, 0x67, 0x20, 0x31,
-        0x38, 0x20, 0x32, 0x31, 0x3A, 0x32, 0x38, 0x3A, 0x33, 0x37,
-        0x20, 0x32, 0x30, 0x32, 0x36, 0x20, 0x47, 0x4D, 0x54, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x75,
-        0x62, 0x6A, 0x65, 0x63, 0x74, 0x3A, 0x20, 0x43, 0x20, 0x3D,
-        0x20, 0x41, 0x55, 0x2C, 0x20, 0x53, 0x54, 0x20, 0x3D, 0x20,
-        0x51, 0x4C, 0x44, 0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20, 0x77,
-        0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x2C, 0x20, 0x4F, 0x55,
-        0x20, 0x3D, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67,
-        0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C,
-        0x66, 0x73, 0x73, 0x6C, 0x2D, 0x64, 0x65, 0x76, 0x2D, 0x73,
-        0x6D, 0x32, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41,
-        0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69,
-        0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53,
-        0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x50, 0x75, 0x62,
-        0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x6E,
-        0x66, 0x6F, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62, 0x6C,
-        0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x69, 0x64,
-        0x2D, 0x65, 0x63, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x63, 0x4B,
-        0x65, 0x79, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50,
-        0x75, 0x62, 0x6C, 0x69, 0x63, 0x2D, 0x4B, 0x65, 0x79, 0x3A,
-        0x20, 0x28, 0x32, 0x35, 0x36, 0x20, 0x62, 0x69, 0x74, 0x29,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x70, 0x75, 0x62,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x30, 0x34, 0x3A, 0x64, 0x38, 0x3A, 0x63, 0x34,
-        0x3A, 0x61, 0x31, 0x3A, 0x66, 0x31, 0x3A, 0x30, 0x62, 0x3A,
-        0x38, 0x62, 0x3A, 0x38, 0x64, 0x3A, 0x63, 0x34, 0x3A, 0x37,
-        0x64, 0x3A, 0x64, 0x63, 0x3A, 0x64, 0x34, 0x3A, 0x36, 0x35,
-        0x3A, 0x62, 0x39, 0x3A, 0x61, 0x35, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x35, 0x35,
-        0x3A, 0x34, 0x65, 0x3A, 0x66, 0x62, 0x3A, 0x61, 0x63, 0x3A,
-        0x33, 0x33, 0x3A, 0x61, 0x62, 0x3A, 0x39, 0x62, 0x3A, 0x34,
-        0x33, 0x3A, 0x39, 0x34, 0x3A, 0x34, 0x63, 0x3A, 0x34, 0x38,
-        0x3A, 0x34, 0x30, 0x3A, 0x31, 0x62, 0x3A, 0x33, 0x33, 0x3A,
-        0x64, 0x39, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x31, 0x62, 0x3A, 0x63, 0x63, 0x3A,
-        0x33, 0x31, 0x3A, 0x63, 0x31, 0x3A, 0x38, 0x32, 0x3A, 0x35,
-        0x36, 0x3A, 0x33, 0x66, 0x3A, 0x62, 0x30, 0x3A, 0x63, 0x30,
-        0x3A, 0x36, 0x62, 0x3A, 0x39, 0x35, 0x3A, 0x34, 0x30, 0x3A,
-        0x35, 0x31, 0x3A, 0x66, 0x64, 0x3A, 0x38, 0x38, 0x3A, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x30, 0x32, 0x3A, 0x30, 0x31, 0x3A, 0x62, 0x31, 0x3A, 0x62,
-        0x30, 0x3A, 0x39, 0x34, 0x3A, 0x36, 0x63, 0x3A, 0x30, 0x36,
-        0x3A, 0x65, 0x62, 0x3A, 0x61, 0x37, 0x3A, 0x64, 0x61, 0x3A,
-        0x38, 0x65, 0x3A, 0x65, 0x65, 0x3A, 0x37, 0x30, 0x3A, 0x62,
-        0x36, 0x3A, 0x65, 0x35, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x62, 0x62, 0x3A, 0x62,
-        0x34, 0x3A, 0x31, 0x65, 0x3A, 0x65, 0x37, 0x3A, 0x62, 0x34,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x41, 0x53, 0x4E,
-        0x31, 0x20, 0x4F, 0x49, 0x44, 0x3A, 0x20, 0x53, 0x4D, 0x32,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x65, 0x78, 0x74, 0x65,
-        0x6E, 0x73, 0x69, 0x6F, 0x6E, 0x73, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x53, 0x75, 0x62,
-        0x6A, 0x65, 0x63, 0x74, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49,
-        0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A,
-        0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x36, 0x45,
-        0x3A, 0x39, 0x37, 0x3A, 0x45, 0x38, 0x3A, 0x39, 0x38, 0x3A,
-        0x42, 0x36, 0x3A, 0x35, 0x42, 0x3A, 0x42, 0x36, 0x3A, 0x41,
-        0x45, 0x3A, 0x38, 0x37, 0x3A, 0x30, 0x34, 0x3A, 0x44, 0x42,
-        0x3A, 0x31, 0x34, 0x3A, 0x35, 0x36, 0x3A, 0x36, 0x36, 0x3A,
-        0x31, 0x36, 0x3A, 0x46, 0x34, 0x3A, 0x42, 0x38, 0x3A, 0x32,
-        0x44, 0x3A, 0x38, 0x43, 0x3A, 0x46, 0x32, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x41, 0x75, 0x74,
-        0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x20, 0x4B, 0x65, 0x79,
-        0x20, 0x49, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65,
-        0x72, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x36, 0x45, 0x3A, 0x39, 0x37, 0x3A, 0x45, 0x38, 0x3A, 0x39,
-        0x38, 0x3A, 0x42, 0x36, 0x3A, 0x35, 0x42, 0x3A, 0x42, 0x36,
-        0x3A, 0x41, 0x45, 0x3A, 0x38, 0x37, 0x3A, 0x30, 0x34, 0x3A,
-        0x44, 0x42, 0x3A, 0x31, 0x34, 0x3A, 0x35, 0x36, 0x3A, 0x36,
-        0x36, 0x3A, 0x31, 0x36, 0x3A, 0x46, 0x34, 0x3A, 0x42, 0x38,
-        0x3A, 0x32, 0x44, 0x3A, 0x38, 0x43, 0x3A, 0x46, 0x32, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x42,
-        0x61, 0x73, 0x69, 0x63, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x74,
-        0x72, 0x61, 0x69, 0x6E, 0x74, 0x73, 0x3A, 0x20, 0x63, 0x72,
-        0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x43, 0x41, 0x3A, 0x54, 0x52, 0x55, 0x45,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20,
-        0x4B, 0x65, 0x79, 0x20, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3A,
-        0x20, 0x63, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x44, 0x69, 0x67, 0x69,
-        0x74, 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74,
-        0x75, 0x72, 0x65, 0x2C, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69,
-        0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x2C, 0x20, 0x43, 0x52, 0x4C, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E,
-        0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67, 0x6F,
-        0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D, 0x32,
-        0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74,
-        0x75, 0x72, 0x65, 0x20, 0x56, 0x61, 0x6C, 0x75, 0x65, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x33,
-        0x30, 0x3A, 0x34, 0x34, 0x3A, 0x30, 0x32, 0x3A, 0x32, 0x30,
-        0x3A, 0x30, 0x66, 0x3A, 0x63, 0x33, 0x3A, 0x32, 0x63, 0x3A,
-        0x33, 0x36, 0x3A, 0x65, 0x33, 0x3A, 0x39, 0x66, 0x3A, 0x31,
-        0x63, 0x3A, 0x65, 0x39, 0x3A, 0x36, 0x38, 0x3A, 0x31, 0x63,
-        0x3A, 0x33, 0x62, 0x3A, 0x34, 0x33, 0x3A, 0x31, 0x38, 0x3A,
-        0x35, 0x62, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x63, 0x39, 0x3A, 0x38, 0x66, 0x3A, 0x65, 0x34,
-        0x3A, 0x66, 0x61, 0x3A, 0x64, 0x64, 0x3A, 0x33, 0x33, 0x3A,
-        0x63, 0x31, 0x3A, 0x62, 0x38, 0x3A, 0x31, 0x63, 0x3A, 0x64,
-        0x33, 0x3A, 0x64, 0x34, 0x3A, 0x36, 0x31, 0x3A, 0x33, 0x33,
-        0x3A, 0x66, 0x38, 0x3A, 0x33, 0x37, 0x3A, 0x39, 0x64, 0x3A,
-        0x35, 0x61, 0x3A, 0x66, 0x34, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x32, 0x3A, 0x32, 0x30,
-        0x3A, 0x33, 0x61, 0x3A, 0x62, 0x39, 0x3A, 0x61, 0x38, 0x3A,
-        0x34, 0x33, 0x3A, 0x38, 0x30, 0x3A, 0x63, 0x66, 0x3A, 0x33,
-        0x38, 0x3A, 0x32, 0x35, 0x3A, 0x65, 0x39, 0x3A, 0x36, 0x34,
-        0x3A, 0x64, 0x38, 0x3A, 0x32, 0x36, 0x3A, 0x34, 0x37, 0x3A,
-        0x39, 0x64, 0x3A, 0x35, 0x30, 0x3A, 0x30, 0x34, 0x3A, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x63,
-        0x3A, 0x38, 0x61, 0x3A, 0x65, 0x38, 0x3A, 0x61, 0x32, 0x3A,
-        0x34, 0x32, 0x3A, 0x65, 0x38, 0x3A, 0x36, 0x33, 0x3A, 0x64,
-        0x64, 0x3A, 0x35, 0x33, 0x3A, 0x39, 0x34, 0x3A, 0x37, 0x64,
-        0x3A, 0x33, 0x38, 0x3A, 0x36, 0x64, 0x3A, 0x35, 0x32, 0x3A,
-        0x37, 0x30, 0x3A, 0x66, 0x64, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D,
-        0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E, 0x20, 0x43, 0x45, 0x52,
-        0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2D, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49, 0x49, 0x43, 0x6A, 0x44,
-        0x43, 0x43, 0x41, 0x6A, 0x4F, 0x67, 0x41, 0x77, 0x49, 0x42,
-        0x41, 0x67, 0x49, 0x55, 0x42, 0x6E, 0x73, 0x36, 0x58, 0x63,
-        0x38, 0x69, 0x71, 0x57, 0x31, 0x74, 0x65, 0x43, 0x73, 0x51,
-        0x41, 0x56, 0x47, 0x32, 0x54, 0x4E, 0x53, 0x43, 0x6F, 0x71,
-        0x45, 0x77, 0x43, 0x67, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63,
-        0x7A, 0x31, 0x55, 0x42, 0x67, 0x33, 0x55, 0x77, 0x0A, 0x67,
-        0x5A, 0x4D, 0x78, 0x43, 0x7A, 0x41, 0x4A, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x59, 0x54, 0x41, 0x6B, 0x46, 0x56, 0x4D,
-        0x51, 0x77, 0x77, 0x43, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51,
-        0x49, 0x44, 0x41, 0x4E, 0x52, 0x54, 0x45, 0x51, 0x78, 0x45,
-        0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x6F,
-        0x4D, 0x42, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54, 0x55,
-        0x30, 0x77, 0x78, 0x0A, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67,
-        0x4E, 0x56, 0x42, 0x41, 0x73, 0x4D, 0x42, 0x31, 0x52, 0x6C,
-        0x63, 0x33, 0x52, 0x70, 0x62, 0x6D, 0x63, 0x78, 0x47, 0x44,
-        0x41, 0x57, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x4D, 0x4D,
-        0x44, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x7A, 0x63, 0x32,
-        0x77, 0x74, 0x5A, 0x47, 0x56, 0x32, 0x4C, 0x58, 0x4E, 0x74,
-        0x4D, 0x6A, 0x45, 0x66, 0x4D, 0x42, 0x30, 0x47, 0x0A, 0x43,
-        0x53, 0x71, 0x47, 0x53, 0x49, 0x62, 0x33, 0x44, 0x51, 0x45,
-        0x4A, 0x41, 0x52, 0x59, 0x51, 0x61, 0x57, 0x35, 0x6D, 0x62,
-        0x30, 0x42, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x63, 0x33, 0x4E,
-        0x73, 0x4C, 0x6D, 0x4E, 0x76, 0x62, 0x54, 0x45, 0x58, 0x4D,
-        0x42, 0x55, 0x47, 0x43, 0x67, 0x6D, 0x53, 0x4A, 0x6F, 0x6D,
-        0x54, 0x38, 0x69, 0x78, 0x6B, 0x41, 0x51, 0x45, 0x4D, 0x42,
-        0x33, 0x64, 0x76, 0x0A, 0x62, 0x47, 0x5A, 0x54, 0x55, 0x30,
-        0x77, 0x77, 0x48, 0x68, 0x63, 0x4E, 0x4D, 0x6A, 0x4D, 0x78,
-        0x4D, 0x54, 0x49, 0x79, 0x4D, 0x6A, 0x45, 0x79, 0x4F, 0x44,
-        0x4D, 0x33, 0x57, 0x68, 0x63, 0x4E, 0x4D, 0x6A, 0x59, 0x77,
-        0x4F, 0x44, 0x45, 0x34, 0x4D, 0x6A, 0x45, 0x79, 0x4F, 0x44,
-        0x4D, 0x33, 0x57, 0x6A, 0x43, 0x42, 0x6B, 0x7A, 0x45, 0x4C,
-        0x4D, 0x41, 0x6B, 0x47, 0x41, 0x31, 0x55, 0x45, 0x0A, 0x42,
-        0x68, 0x4D, 0x43, 0x51, 0x56, 0x55, 0x78, 0x44, 0x44, 0x41,
-        0x4B, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x67, 0x4D, 0x41,
-        0x31, 0x46, 0x4D, 0x52, 0x44, 0x45, 0x51, 0x4D, 0x41, 0x34,
-        0x47, 0x41, 0x31, 0x55, 0x45, 0x43, 0x67, 0x77, 0x48, 0x64,
-        0x32, 0x39, 0x73, 0x5A, 0x6C, 0x4E, 0x54, 0x54, 0x44, 0x45,
-        0x51, 0x4D, 0x41, 0x34, 0x47, 0x41, 0x31, 0x55, 0x45, 0x43,
-        0x77, 0x77, 0x48, 0x0A, 0x56, 0x47, 0x56, 0x7A, 0x64, 0x47,
-        0x6C, 0x75, 0x5A, 0x7A, 0x45, 0x59, 0x4D, 0x42, 0x59, 0x47,
-        0x41, 0x31, 0x55, 0x45, 0x41, 0x77, 0x77, 0x50, 0x64, 0x32,
-        0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x31, 0x6B,
-        0x5A, 0x58, 0x59, 0x74, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x52,
-        0x38, 0x77, 0x48, 0x51, 0x59, 0x4A, 0x4B, 0x6F, 0x5A, 0x49,
-        0x68, 0x76, 0x63, 0x4E, 0x41, 0x51, 0x6B, 0x42, 0x0A, 0x46,
-        0x68, 0x42, 0x70, 0x62, 0x6D, 0x5A, 0x76, 0x51, 0x48, 0x64,
-        0x76, 0x62, 0x47, 0x5A, 0x7A, 0x63, 0x32, 0x77, 0x75, 0x59,
-        0x32, 0x39, 0x74, 0x4D, 0x52, 0x63, 0x77, 0x46, 0x51, 0x59,
-        0x4B, 0x43, 0x5A, 0x49, 0x6D, 0x69, 0x5A, 0x50, 0x79, 0x4C,
-        0x47, 0x51, 0x42, 0x41, 0x51, 0x77, 0x48, 0x64, 0x32, 0x39,
-        0x73, 0x5A, 0x6C, 0x4E, 0x54, 0x54, 0x44, 0x42, 0x5A, 0x4D,
-        0x42, 0x4D, 0x47, 0x0A, 0x42, 0x79, 0x71, 0x47, 0x53, 0x4D,
-        0x34, 0x39, 0x41, 0x67, 0x45, 0x47, 0x43, 0x43, 0x71, 0x42,
-        0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49, 0x74, 0x41, 0x30,
-        0x49, 0x41, 0x42, 0x4E, 0x6A, 0x45, 0x6F, 0x66, 0x45, 0x4C,
-        0x69, 0x34, 0x33, 0x45, 0x66, 0x64, 0x7A, 0x55, 0x5A, 0x62,
-        0x6D, 0x6C, 0x56, 0x55, 0x37, 0x37, 0x72, 0x44, 0x4F, 0x72,
-        0x6D, 0x30, 0x4F, 0x55, 0x54, 0x45, 0x68, 0x41, 0x0A, 0x47,
-        0x7A, 0x50, 0x5A, 0x47, 0x38, 0x77, 0x78, 0x77, 0x59, 0x4A,
-        0x57, 0x50, 0x37, 0x44, 0x41, 0x61, 0x35, 0x56, 0x41, 0x55,
-        0x66, 0x32, 0x49, 0x41, 0x67, 0x47, 0x78, 0x73, 0x4A, 0x52,
-        0x73, 0x42, 0x75, 0x75, 0x6E, 0x32, 0x6F, 0x37, 0x75, 0x63,
-        0x4C, 0x62, 0x6C, 0x75, 0x37, 0x51, 0x65, 0x35, 0x37, 0x53,
-        0x6A, 0x59, 0x7A, 0x42, 0x68, 0x4D, 0x42, 0x30, 0x47, 0x41,
-        0x31, 0x55, 0x64, 0x0A, 0x44, 0x67, 0x51, 0x57, 0x42, 0x42,
-        0x52, 0x75, 0x6C, 0x2B, 0x69, 0x59, 0x74, 0x6C, 0x75, 0x32,
-        0x72, 0x6F, 0x63, 0x45, 0x32, 0x78, 0x52, 0x57, 0x5A, 0x68,
-        0x62, 0x30, 0x75, 0x43, 0x32, 0x4D, 0x38, 0x6A, 0x41, 0x66,
-        0x42, 0x67, 0x4E, 0x56, 0x48, 0x53, 0x4D, 0x45, 0x47, 0x44,
-        0x41, 0x57, 0x67, 0x42, 0x52, 0x75, 0x6C, 0x2B, 0x69, 0x59,
-        0x74, 0x6C, 0x75, 0x32, 0x72, 0x6F, 0x63, 0x45, 0x0A, 0x32,
-        0x78, 0x52, 0x57, 0x5A, 0x68, 0x62, 0x30, 0x75, 0x43, 0x32,
-        0x4D, 0x38, 0x6A, 0x41, 0x50, 0x42, 0x67, 0x4E, 0x56, 0x48,
-        0x52, 0x4D, 0x42, 0x41, 0x66, 0x38, 0x45, 0x42, 0x54, 0x41,
-        0x44, 0x41, 0x51, 0x48, 0x2F, 0x4D, 0x41, 0x34, 0x47, 0x41,
-        0x31, 0x55, 0x64, 0x44, 0x77, 0x45, 0x42, 0x2F, 0x77, 0x51,
-        0x45, 0x41, 0x77, 0x49, 0x42, 0x68, 0x6A, 0x41, 0x4B, 0x42,
-        0x67, 0x67, 0x71, 0x0A, 0x67, 0x52, 0x7A, 0x50, 0x56, 0x51,
-        0x47, 0x44, 0x64, 0x51, 0x4E, 0x48, 0x41, 0x44, 0x42, 0x45,
-        0x41, 0x69, 0x41, 0x50, 0x77, 0x79, 0x77, 0x32, 0x34, 0x35,
-        0x38, 0x63, 0x36, 0x57, 0x67, 0x63, 0x4F, 0x30, 0x4D, 0x59,
-        0x57, 0x38, 0x6D, 0x50, 0x35, 0x50, 0x72, 0x64, 0x4D, 0x38,
-        0x47, 0x34, 0x48, 0x4E, 0x50, 0x55, 0x59, 0x54, 0x50, 0x34,
-        0x4E, 0x35, 0x31, 0x61, 0x39, 0x41, 0x49, 0x67, 0x0A, 0x4F,
-        0x72, 0x6D, 0x6F, 0x51, 0x34, 0x44, 0x50, 0x4F, 0x43, 0x58,
-        0x70, 0x5A, 0x4E, 0x67, 0x6D, 0x52, 0x35, 0x31, 0x51, 0x42,
-        0x41, 0x79, 0x4B, 0x36, 0x4B, 0x4A, 0x43, 0x36, 0x47, 0x50,
-        0x64, 0x55, 0x35, 0x52, 0x39, 0x4F, 0x47, 0x31, 0x53, 0x63,
-        0x50, 0x30, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45,
-        0x4E, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49,
-        0x43, 0x41, 0x54, 0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-
-};
-#define sizeof_self_sm2_cert (sizeof(self_sm2_cert))
-
-/* ./certs/sm2/self-sm2-key.pem */
-static const unsigned char self_sm2_key[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B, 0x45,
-        0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x46, 0x6B,
-        0x77, 0x45, 0x77, 0x59, 0x48, 0x4B, 0x6F, 0x5A, 0x49, 0x7A,
-        0x6A, 0x30, 0x43, 0x41, 0x51, 0x59, 0x49, 0x4B, 0x6F, 0x45,
-        0x63, 0x7A, 0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x44, 0x51,
-        0x67, 0x41, 0x45, 0x32, 0x4D, 0x53, 0x68, 0x38, 0x51, 0x75,
-        0x4C, 0x6A, 0x63, 0x52, 0x39, 0x33, 0x4E, 0x52, 0x6C, 0x75,
-        0x61, 0x56, 0x56, 0x54, 0x76, 0x75, 0x73, 0x4D, 0x36, 0x75,
-        0x62, 0x0A, 0x51, 0x35, 0x52, 0x4D, 0x53, 0x45, 0x41, 0x62,
-        0x4D, 0x39, 0x6B, 0x62, 0x7A, 0x44, 0x48, 0x42, 0x67, 0x6C,
-        0x59, 0x2F, 0x73, 0x4D, 0x42, 0x72, 0x6C, 0x55, 0x42, 0x52,
-        0x2F, 0x59, 0x67, 0x43, 0x41, 0x62, 0x47, 0x77, 0x6C, 0x47,
-        0x77, 0x47, 0x36, 0x36, 0x66, 0x61, 0x6A, 0x75, 0x35, 0x77,
-        0x74, 0x75, 0x57, 0x37, 0x74, 0x42, 0x37, 0x6E, 0x74, 0x41,
-        0x3D, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E,
-        0x44, 0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_self_sm2_key (sizeof(self_sm2_key))
-
-/* ./certs/sm2/self-sm2-priv.pem */
-static const unsigned char self_sm2_priv[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x47, 0x54, 0x41, 0x67, 0x45, 0x41, 0x4D, 0x42, 0x4D, 0x47,
-        0x42, 0x79, 0x71, 0x47, 0x53, 0x4D, 0x34, 0x39, 0x41, 0x67,
-        0x45, 0x47, 0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56,
-        0x41, 0x59, 0x49, 0x74, 0x42, 0x48, 0x6B, 0x77, 0x64, 0x77,
-        0x49, 0x42, 0x41, 0x51, 0x51, 0x67, 0x30, 0x4A, 0x77, 0x6F,
-        0x57, 0x68, 0x58, 0x57, 0x4A, 0x51, 0x32, 0x32, 0x58, 0x39,
-        0x47, 0x68, 0x0A, 0x41, 0x57, 0x36, 0x30, 0x44, 0x74, 0x41,
-        0x32, 0x2B, 0x68, 0x58, 0x38, 0x71, 0x51, 0x54, 0x6C, 0x46,
-        0x36, 0x48, 0x51, 0x4C, 0x79, 0x6E, 0x57, 0x2F, 0x6D, 0x71,
-        0x67, 0x43, 0x67, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63, 0x7A,
-        0x31, 0x55, 0x42, 0x67, 0x69, 0x32, 0x68, 0x52, 0x41, 0x4E,
-        0x43, 0x41, 0x41, 0x54, 0x59, 0x78, 0x4B, 0x48, 0x78, 0x43,
-        0x34, 0x75, 0x4E, 0x78, 0x48, 0x33, 0x63, 0x0A, 0x31, 0x47,
-        0x57, 0x35, 0x70, 0x56, 0x56, 0x4F, 0x2B, 0x36, 0x77, 0x7A,
-        0x71, 0x35, 0x74, 0x44, 0x6C, 0x45, 0x78, 0x49, 0x51, 0x42,
-        0x73, 0x7A, 0x32, 0x52, 0x76, 0x4D, 0x4D, 0x63, 0x47, 0x43,
-        0x56, 0x6A, 0x2B, 0x77, 0x77, 0x47, 0x75, 0x56, 0x51, 0x46,
-        0x48, 0x39, 0x69, 0x41, 0x49, 0x42, 0x73, 0x62, 0x43, 0x55,
-        0x62, 0x41, 0x62, 0x72, 0x70, 0x39, 0x71, 0x4F, 0x37, 0x6E,
-        0x43, 0x32, 0x0A, 0x35, 0x62, 0x75, 0x30, 0x48, 0x75, 0x65,
-        0x30, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44,
-        0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_self_sm2_priv (sizeof(self_sm2_priv))
-
-/* ./certs/sm2/server-sm2.pem */
-static const unsigned char server_sm2[] =
-{
-        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x44, 0x61, 0x74,
-        0x61, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20,
-        0x33, 0x20, 0x28, 0x30, 0x78, 0x32, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x65, 0x72, 0x69,
-        0x61, 0x6C, 0x20, 0x4E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A,
-        0x20, 0x31, 0x20, 0x28, 0x30, 0x78, 0x31, 0x29, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D,
-        0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x49,
-        0x73, 0x73, 0x75, 0x65, 0x72, 0x3A, 0x20, 0x43, 0x20, 0x3D,
-        0x20, 0x55, 0x53, 0x2C, 0x20, 0x53, 0x54, 0x20, 0x3D, 0x20,
-        0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C,
-        0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x2C, 0x20, 0x4F,
-        0x55, 0x20, 0x3D, 0x20, 0x43, 0x41, 0x2D, 0x73, 0x6D, 0x32,
-        0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77,
-        0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41,
-        0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69,
-        0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x56,
-        0x61, 0x6C, 0x69, 0x64, 0x69, 0x74, 0x79, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x4E, 0x6F, 0x74, 0x20, 0x42, 0x65, 0x66, 0x6F, 0x72, 0x65,
-        0x3A, 0x20, 0x46, 0x65, 0x62, 0x20, 0x31, 0x35, 0x20, 0x30,
-        0x36, 0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30,
-        0x32, 0x33, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x4E,
-        0x6F, 0x74, 0x20, 0x41, 0x66, 0x74, 0x65, 0x72, 0x20, 0x3A,
-        0x20, 0x4E, 0x6F, 0x76, 0x20, 0x31, 0x31, 0x20, 0x30, 0x36,
-        0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30, 0x32,
-        0x35, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63,
-        0x74, 0x3A, 0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C,
-        0x20, 0x53, 0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74,
-        0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42,
-        0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20,
-        0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F,
-        0x73, 0x6D, 0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20,
-        0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2D, 0x73, 0x6D, 0x32,
-        0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77,
-        0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41,
-        0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69,
-        0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53,
-        0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x50, 0x75, 0x62,
-        0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x6E,
-        0x66, 0x6F, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62, 0x6C,
-        0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x73, 0x6D,
-        0x32, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75,
-        0x62, 0x6C, 0x69, 0x63, 0x2D, 0x4B, 0x65, 0x79, 0x3A, 0x20,
-        0x28, 0x32, 0x35, 0x36, 0x20, 0x62, 0x69, 0x74, 0x29, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x70, 0x75, 0x62, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x30, 0x34, 0x3A, 0x39, 0x34, 0x3A, 0x37, 0x30, 0x3A,
-        0x32, 0x62, 0x3A, 0x34, 0x36, 0x3A, 0x65, 0x34, 0x3A, 0x35,
-        0x65, 0x3A, 0x30, 0x66, 0x3A, 0x34, 0x31, 0x3A, 0x66, 0x62,
-        0x3A, 0x38, 0x66, 0x3A, 0x32, 0x64, 0x3A, 0x33, 0x34, 0x3A,
-        0x30, 0x61, 0x3A, 0x34, 0x31, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x34, 0x30, 0x3A,
-        0x31, 0x39, 0x3A, 0x35, 0x65, 0x3A, 0x66, 0x62, 0x3A, 0x64,
-        0x34, 0x3A, 0x31, 0x64, 0x3A, 0x31, 0x31, 0x3A, 0x61, 0x63,
-        0x3A, 0x66, 0x61, 0x3A, 0x66, 0x35, 0x3A, 0x39, 0x33, 0x3A,
-        0x33, 0x37, 0x3A, 0x63, 0x36, 0x3A, 0x66, 0x61, 0x3A, 0x38,
-        0x37, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x30, 0x38, 0x3A, 0x66, 0x37, 0x3A, 0x31,
-        0x36, 0x3A, 0x31, 0x66, 0x3A, 0x32, 0x63, 0x3A, 0x63, 0x65,
-        0x3A, 0x33, 0x30, 0x3A, 0x34, 0x30, 0x3A, 0x39, 0x64, 0x3A,
-        0x34, 0x66, 0x3A, 0x61, 0x36, 0x3A, 0x32, 0x61, 0x3A, 0x30,
-        0x61, 0x3A, 0x61, 0x31, 0x3A, 0x64, 0x36, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x39,
-        0x35, 0x3A, 0x33, 0x33, 0x3A, 0x63, 0x33, 0x3A, 0x61, 0x36,
-        0x3A, 0x30, 0x33, 0x3A, 0x39, 0x38, 0x3A, 0x65, 0x36, 0x3A,
-        0x38, 0x64, 0x3A, 0x30, 0x35, 0x3A, 0x33, 0x34, 0x3A, 0x62,
-        0x30, 0x3A, 0x39, 0x37, 0x3A, 0x30, 0x63, 0x3A, 0x64, 0x65,
-        0x3A, 0x61, 0x34, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x63, 0x37, 0x3A, 0x63, 0x66,
-        0x3A, 0x35, 0x33, 0x3A, 0x38, 0x66, 0x3A, 0x64, 0x31, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x41, 0x53, 0x4E, 0x31,
-        0x20, 0x4F, 0x49, 0x44, 0x3A, 0x20, 0x53, 0x4D, 0x32, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35,
-        0x30, 0x39, 0x76, 0x33, 0x20, 0x65, 0x78, 0x74, 0x65, 0x6E,
-        0x73, 0x69, 0x6F, 0x6E, 0x73, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x53, 0x75, 0x62, 0x6A,
-        0x65, 0x63, 0x74, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x64,
-        0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A, 0x20,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x36, 0x37, 0x3A,
-        0x41, 0x45, 0x3A, 0x36, 0x30, 0x3A, 0x46, 0x46, 0x3A, 0x37,
-        0x45, 0x3A, 0x31, 0x42, 0x3A, 0x30, 0x46, 0x3A, 0x39, 0x35,
-        0x3A, 0x41, 0x45, 0x3A, 0x31, 0x46, 0x3A, 0x38, 0x32, 0x3A,
-        0x35, 0x39, 0x3A, 0x46, 0x32, 0x3A, 0x36, 0x43, 0x3A, 0x35,
-        0x36, 0x3A, 0x32, 0x44, 0x3A, 0x39, 0x33, 0x3A, 0x45, 0x46,
-        0x3A, 0x31, 0x37, 0x3A, 0x33, 0x32, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x41, 0x75, 0x74, 0x68,
-        0x6F, 0x72, 0x69, 0x74, 0x79, 0x20, 0x4B, 0x65, 0x79, 0x20,
-        0x49, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72,
-        0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x34,
-        0x37, 0x3A, 0x30, 0x41, 0x3A, 0x34, 0x38, 0x3A, 0x37, 0x45,
-        0x3A, 0x42, 0x42, 0x3A, 0x30, 0x32, 0x3A, 0x41, 0x38, 0x3A,
-        0x35, 0x41, 0x3A, 0x32, 0x36, 0x3A, 0x35, 0x37, 0x3A, 0x32,
-        0x42, 0x3A, 0x31, 0x39, 0x3A, 0x41, 0x39, 0x3A, 0x37, 0x42,
-        0x3A, 0x36, 0x31, 0x3A, 0x38, 0x42, 0x3A, 0x37, 0x46, 0x3A,
-        0x35, 0x44, 0x3A, 0x39, 0x39, 0x3A, 0x36, 0x45, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x42, 0x61,
-        0x73, 0x69, 0x63, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x74, 0x72,
-        0x61, 0x69, 0x6E, 0x74, 0x73, 0x3A, 0x20, 0x63, 0x72, 0x69,
-        0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x43, 0x41, 0x3A, 0x46, 0x41, 0x4C, 0x53, 0x45,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20,
-        0x4B, 0x65, 0x79, 0x20, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3A,
-        0x20, 0x63, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x44, 0x69, 0x67, 0x69,
-        0x74, 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74,
-        0x75, 0x72, 0x65, 0x2C, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x45,
-        0x6E, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x6D, 0x65, 0x6E,
-        0x74, 0x2C, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x67, 0x72,
-        0x65, 0x65, 0x6D, 0x65, 0x6E, 0x74, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x45, 0x78, 0x74, 0x65,
-        0x6E, 0x64, 0x65, 0x64, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x55,
-        0x73, 0x61, 0x67, 0x65, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x54, 0x4C, 0x53, 0x20, 0x57, 0x65, 0x62,
-        0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x41, 0x75,
-        0x74, 0x68, 0x65, 0x6E, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69,
-        0x6F, 0x6E, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x4E, 0x65, 0x74, 0x73, 0x63,
-        0x61, 0x70, 0x65, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x54,
-        0x79, 0x70, 0x65, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x53, 0x53, 0x4C, 0x20, 0x53, 0x65, 0x72, 0x76,
-        0x65, 0x72, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D,
-        0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61,
-        0x74, 0x75, 0x72, 0x65, 0x20, 0x56, 0x61, 0x6C, 0x75, 0x65,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x33, 0x30, 0x3A, 0x34, 0x35, 0x3A, 0x30, 0x32, 0x3A, 0x32,
-        0x30, 0x3A, 0x31, 0x62, 0x3A, 0x63, 0x61, 0x3A, 0x39, 0x34,
-        0x3A, 0x32, 0x38, 0x3A, 0x37, 0x66, 0x3A, 0x66, 0x36, 0x3A,
-        0x62, 0x32, 0x3A, 0x30, 0x64, 0x3A, 0x33, 0x31, 0x3A, 0x34,
-        0x33, 0x3A, 0x35, 0x30, 0x3A, 0x65, 0x31, 0x3A, 0x64, 0x35,
-        0x3A, 0x33, 0x34, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x31, 0x37, 0x3A, 0x64, 0x64, 0x3A, 0x61,
-        0x66, 0x3A, 0x33, 0x61, 0x3A, 0x64, 0x65, 0x3A, 0x38, 0x31,
-        0x3A, 0x30, 0x36, 0x3A, 0x36, 0x37, 0x3A, 0x39, 0x61, 0x3A,
-        0x62, 0x33, 0x3A, 0x30, 0x36, 0x3A, 0x32, 0x32, 0x3A, 0x37,
-        0x65, 0x3A, 0x36, 0x34, 0x3A, 0x65, 0x63, 0x3A, 0x66, 0x64,
-        0x3A, 0x30, 0x65, 0x3A, 0x62, 0x39, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x32, 0x3A, 0x32,
-        0x31, 0x3A, 0x30, 0x30, 0x3A, 0x61, 0x31, 0x3A, 0x34, 0x38,
-        0x3A, 0x61, 0x38, 0x3A, 0x33, 0x32, 0x3A, 0x64, 0x31, 0x3A,
-        0x30, 0x35, 0x3A, 0x30, 0x39, 0x3A, 0x36, 0x62, 0x3A, 0x31,
-        0x63, 0x3A, 0x65, 0x62, 0x3A, 0x38, 0x39, 0x3A, 0x31, 0x32,
-        0x3A, 0x36, 0x36, 0x3A, 0x64, 0x38, 0x3A, 0x33, 0x38, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x61,
-        0x31, 0x3A, 0x63, 0x34, 0x3A, 0x35, 0x63, 0x3A, 0x38, 0x39,
-        0x3A, 0x30, 0x39, 0x3A, 0x30, 0x66, 0x3A, 0x66, 0x64, 0x3A,
-        0x65, 0x39, 0x3A, 0x63, 0x30, 0x3A, 0x33, 0x62, 0x3A, 0x31,
-        0x64, 0x3A, 0x66, 0x62, 0x3A, 0x63, 0x64, 0x3A, 0x62, 0x35,
-        0x3A, 0x34, 0x63, 0x3A, 0x33, 0x31, 0x3A, 0x36, 0x38, 0x0A,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41,
-        0x54, 0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x49, 0x43, 0x32, 0x44, 0x43, 0x43, 0x41, 0x6E, 0x36, 0x67,
-        0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x42, 0x41, 0x54,
-        0x41, 0x4B, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50,
-        0x56, 0x51, 0x47, 0x44, 0x64, 0x54, 0x43, 0x42, 0x72, 0x44,
-        0x45, 0x4C, 0x4D, 0x41, 0x6B, 0x47, 0x41, 0x31, 0x55, 0x45,
-        0x42, 0x68, 0x4D, 0x43, 0x56, 0x56, 0x4D, 0x78, 0x45, 0x44,
-        0x41, 0x4F, 0x0A, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x67,
-        0x4D, 0x42, 0x30, 0x31, 0x76, 0x62, 0x6E, 0x52, 0x68, 0x62,
-        0x6D, 0x45, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x63, 0x4D, 0x42, 0x30, 0x4A, 0x76, 0x65,
-        0x6D, 0x56, 0x74, 0x59, 0x57, 0x34, 0x78, 0x46, 0x44, 0x41,
-        0x53, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x6F, 0x4D, 0x43,
-        0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54, 0x0A, 0x55, 0x30,
-        0x78, 0x66, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x51, 0x38, 0x77,
-        0x44, 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4C, 0x44, 0x41,
-        0x5A, 0x44, 0x51, 0x53, 0x31, 0x7A, 0x62, 0x54, 0x49, 0x78,
-        0x47, 0x44, 0x41, 0x57, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41,
-        0x4D, 0x4D, 0x44, 0x33, 0x64, 0x33, 0x64, 0x79, 0x35, 0x33,
-        0x62, 0x32, 0x78, 0x6D, 0x63, 0x33, 0x4E, 0x73, 0x4C, 0x6D,
-        0x4E, 0x76, 0x0A, 0x62, 0x54, 0x45, 0x66, 0x4D, 0x42, 0x30,
-        0x47, 0x43, 0x53, 0x71, 0x47, 0x53, 0x49, 0x62, 0x33, 0x44,
-        0x51, 0x45, 0x4A, 0x41, 0x52, 0x59, 0x51, 0x61, 0x57, 0x35,
-        0x6D, 0x62, 0x30, 0x42, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x63,
-        0x33, 0x4E, 0x73, 0x4C, 0x6D, 0x4E, 0x76, 0x62, 0x54, 0x45,
-        0x58, 0x4D, 0x42, 0x55, 0x47, 0x43, 0x67, 0x6D, 0x53, 0x4A,
-        0x6F, 0x6D, 0x54, 0x38, 0x69, 0x78, 0x6B, 0x0A, 0x41, 0x51,
-        0x45, 0x4D, 0x42, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54,
-        0x55, 0x30, 0x77, 0x77, 0x48, 0x68, 0x63, 0x4E, 0x4D, 0x6A,
-        0x4D, 0x77, 0x4D, 0x6A, 0x45, 0x31, 0x4D, 0x44, 0x59, 0x79,
-        0x4D, 0x7A, 0x41, 0x33, 0x57, 0x68, 0x63, 0x4E, 0x4D, 0x6A,
-        0x55, 0x78, 0x4D, 0x54, 0x45, 0x78, 0x4D, 0x44, 0x59, 0x79,
-        0x4D, 0x7A, 0x41, 0x33, 0x57, 0x6A, 0x43, 0x42, 0x73, 0x44,
-        0x45, 0x4C, 0x0A, 0x4D, 0x41, 0x6B, 0x47, 0x41, 0x31, 0x55,
-        0x45, 0x42, 0x68, 0x4D, 0x43, 0x56, 0x56, 0x4D, 0x78, 0x45,
-        0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x67,
-        0x4D, 0x42, 0x30, 0x31, 0x76, 0x62, 0x6E, 0x52, 0x68, 0x62,
-        0x6D, 0x45, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x63, 0x4D, 0x42, 0x30, 0x4A, 0x76, 0x65,
-        0x6D, 0x56, 0x74, 0x59, 0x57, 0x34, 0x78, 0x0A, 0x46, 0x44,
-        0x41, 0x53, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x6F, 0x4D,
-        0x43, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54, 0x55, 0x30,
-        0x78, 0x66, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x52, 0x4D, 0x77,
-        0x45, 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4C, 0x44, 0x41,
-        0x70, 0x54, 0x5A, 0x58, 0x4A, 0x32, 0x5A, 0x58, 0x49, 0x74,
-        0x63, 0x32, 0x30, 0x79, 0x4D, 0x52, 0x67, 0x77, 0x46, 0x67,
-        0x59, 0x44, 0x0A, 0x56, 0x51, 0x51, 0x44, 0x44, 0x41, 0x39,
-        0x33, 0x64, 0x33, 0x63, 0x75, 0x64, 0x32, 0x39, 0x73, 0x5A,
-        0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x35, 0x6A, 0x62, 0x32, 0x30,
-        0x78, 0x48, 0x7A, 0x41, 0x64, 0x42, 0x67, 0x6B, 0x71, 0x68,
-        0x6B, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x43, 0x51, 0x45,
-        0x57, 0x45, 0x47, 0x6C, 0x75, 0x5A, 0x6D, 0x39, 0x41, 0x64,
-        0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x0A, 0x62, 0x43,
-        0x35, 0x6A, 0x62, 0x32, 0x30, 0x78, 0x46, 0x7A, 0x41, 0x56,
-        0x42, 0x67, 0x6F, 0x4A, 0x6B, 0x69, 0x61, 0x4A, 0x6B, 0x2F,
-        0x49, 0x73, 0x5A, 0x41, 0x45, 0x42, 0x44, 0x41, 0x64, 0x33,
-        0x62, 0x32, 0x78, 0x6D, 0x55, 0x31, 0x4E, 0x4D, 0x4D, 0x46,
-        0x6F, 0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63,
-        0x7A, 0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43, 0x43,
-        0x71, 0x42, 0x0A, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49,
-        0x74, 0x41, 0x30, 0x49, 0x41, 0x42, 0x4A, 0x52, 0x77, 0x4B,
-        0x30, 0x62, 0x6B, 0x58, 0x67, 0x39, 0x42, 0x2B, 0x34, 0x38,
-        0x74, 0x4E, 0x41, 0x70, 0x42, 0x51, 0x42, 0x6C, 0x65, 0x2B,
-        0x39, 0x51, 0x64, 0x45, 0x61, 0x7A, 0x36, 0x39, 0x5A, 0x4D,
-        0x33, 0x78, 0x76, 0x71, 0x48, 0x43, 0x50, 0x63, 0x57, 0x48,
-        0x79, 0x7A, 0x4F, 0x4D, 0x45, 0x43, 0x64, 0x0A, 0x54, 0x36,
-        0x59, 0x71, 0x43, 0x71, 0x48, 0x57, 0x6C, 0x54, 0x50, 0x44,
-        0x70, 0x67, 0x4F, 0x59, 0x35, 0x6F, 0x30, 0x46, 0x4E, 0x4C,
-        0x43, 0x58, 0x44, 0x4E, 0x36, 0x6B, 0x78, 0x38, 0x39, 0x54,
-        0x6A, 0x39, 0x47, 0x6A, 0x67, 0x59, 0x6B, 0x77, 0x67, 0x59,
-        0x59, 0x77, 0x48, 0x51, 0x59, 0x44, 0x56, 0x52, 0x30, 0x4F,
-        0x42, 0x42, 0x59, 0x45, 0x46, 0x47, 0x65, 0x75, 0x59, 0x50,
-        0x39, 0x2B, 0x0A, 0x47, 0x77, 0x2B, 0x56, 0x72, 0x68, 0x2B,
-        0x43, 0x57, 0x66, 0x4A, 0x73, 0x56, 0x69, 0x32, 0x54, 0x37,
-        0x78, 0x63, 0x79, 0x4D, 0x42, 0x38, 0x47, 0x41, 0x31, 0x55,
-        0x64, 0x49, 0x77, 0x51, 0x59, 0x4D, 0x42, 0x61, 0x41, 0x46,
-        0x45, 0x63, 0x4B, 0x53, 0x48, 0x36, 0x37, 0x41, 0x71, 0x68,
-        0x61, 0x4A, 0x6C, 0x63, 0x72, 0x47, 0x61, 0x6C, 0x37, 0x59,
-        0x59, 0x74, 0x2F, 0x58, 0x5A, 0x6C, 0x75, 0x0A, 0x4D, 0x41,
-        0x77, 0x47, 0x41, 0x31, 0x55, 0x64, 0x45, 0x77, 0x45, 0x42,
-        0x2F, 0x77, 0x51, 0x43, 0x4D, 0x41, 0x41, 0x77, 0x44, 0x67,
-        0x59, 0x44, 0x56, 0x52, 0x30, 0x50, 0x41, 0x51, 0x48, 0x2F,
-        0x42, 0x41, 0x51, 0x44, 0x41, 0x67, 0x4F, 0x6F, 0x4D, 0x42,
-        0x4D, 0x47, 0x41, 0x31, 0x55, 0x64, 0x4A, 0x51, 0x51, 0x4D,
-        0x4D, 0x41, 0x6F, 0x47, 0x43, 0x43, 0x73, 0x47, 0x41, 0x51,
-        0x55, 0x46, 0x0A, 0x42, 0x77, 0x4D, 0x42, 0x4D, 0x42, 0x45,
-        0x47, 0x43, 0x57, 0x43, 0x47, 0x53, 0x41, 0x47, 0x47, 0x2B,
-        0x45, 0x49, 0x42, 0x41, 0x51, 0x51, 0x45, 0x41, 0x77, 0x49,
-        0x47, 0x51, 0x44, 0x41, 0x4B, 0x42, 0x67, 0x67, 0x71, 0x67,
-        0x52, 0x7A, 0x50, 0x56, 0x51, 0x47, 0x44, 0x64, 0x51, 0x4E,
-        0x49, 0x41, 0x44, 0x42, 0x46, 0x41, 0x69, 0x41, 0x62, 0x79,
-        0x70, 0x51, 0x6F, 0x66, 0x2F, 0x61, 0x79, 0x0A, 0x44, 0x54,
-        0x46, 0x44, 0x55, 0x4F, 0x48, 0x56, 0x4E, 0x42, 0x66, 0x64,
-        0x72, 0x7A, 0x72, 0x65, 0x67, 0x51, 0x5A, 0x6E, 0x6D, 0x72,
-        0x4D, 0x47, 0x49, 0x6E, 0x35, 0x6B, 0x37, 0x50, 0x30, 0x4F,
-        0x75, 0x51, 0x49, 0x68, 0x41, 0x4B, 0x46, 0x49, 0x71, 0x44,
-        0x4C, 0x52, 0x42, 0x51, 0x6C, 0x72, 0x48, 0x4F, 0x75, 0x4A,
-        0x45, 0x6D, 0x62, 0x59, 0x4F, 0x4B, 0x48, 0x45, 0x58, 0x49,
-        0x6B, 0x4A, 0x0A, 0x44, 0x2F, 0x33, 0x70, 0x77, 0x44, 0x73,
-        0x64, 0x2B, 0x38, 0x32, 0x31, 0x54, 0x44, 0x46, 0x6F, 0x0A,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x43,
-        0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x43, 0x65, 0x72, 0x74,
-        0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x44, 0x61, 0x74, 0x61, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x56, 0x65, 0x72,
-        0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20, 0x33, 0x20, 0x28, 0x30,
-        0x78, 0x32, 0x29, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6C, 0x20, 0x4E,
-        0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A, 0x20, 0x31, 0x20, 0x28,
-        0x30, 0x78, 0x31, 0x29, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75,
-        0x72, 0x65, 0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69, 0x74,
-        0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D, 0x32, 0x2D, 0x77, 0x69,
-        0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65,
-        0x72, 0x3A, 0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C,
-        0x20, 0x53, 0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74,
-        0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42,
-        0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20,
-        0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F,
-        0x53, 0x4D, 0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20,
-        0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x53, 0x4D, 0x32, 0x2C, 0x20,
-        0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77, 0x2E, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64, 0x64,
-        0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69, 0x6E, 0x66,
-        0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x56, 0x61, 0x6C, 0x69, 0x64, 0x69, 0x74, 0x79,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x4E, 0x6F, 0x74, 0x20, 0x42, 0x65, 0x66,
-        0x6F, 0x72, 0x65, 0x3A, 0x20, 0x46, 0x65, 0x62, 0x20, 0x31,
-        0x35, 0x20, 0x30, 0x36, 0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37,
-        0x20, 0x32, 0x30, 0x32, 0x33, 0x20, 0x47, 0x4D, 0x54, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x4E, 0x6F, 0x74, 0x20, 0x41, 0x66, 0x74, 0x65,
-        0x72, 0x20, 0x3A, 0x20, 0x4E, 0x6F, 0x76, 0x20, 0x31, 0x31,
-        0x20, 0x30, 0x36, 0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20,
-        0x32, 0x30, 0x32, 0x35, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x75, 0x62,
-        0x6A, 0x65, 0x63, 0x74, 0x3A, 0x20, 0x43, 0x20, 0x3D, 0x20,
-        0x55, 0x53, 0x2C, 0x20, 0x53, 0x54, 0x20, 0x3D, 0x20, 0x4D,
-        0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C, 0x20,
-        0x3D, 0x20, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x2C,
-        0x20, 0x4F, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53,
-        0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x2C, 0x20, 0x4F, 0x55,
-        0x20, 0x3D, 0x20, 0x43, 0x41, 0x2D, 0x73, 0x6D, 0x32, 0x2C,
-        0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77, 0x2E,
-        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41, 0x64,
-        0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69, 0x6E,
-        0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
-        0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44, 0x20,
-        0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x75,
-        0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x50, 0x75, 0x62, 0x6C,
-        0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x6E, 0x66,
-        0x6F, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69,
-        0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x6C, 0x67, 0x6F,
-        0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x73, 0x6D, 0x32,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62,
-        0x6C, 0x69, 0x63, 0x2D, 0x4B, 0x65, 0x79, 0x3A, 0x20, 0x28,
-        0x32, 0x35, 0x36, 0x20, 0x62, 0x69, 0x74, 0x29, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x70, 0x75, 0x62, 0x3A, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x30, 0x34, 0x3A, 0x32, 0x31, 0x3A, 0x39, 0x32, 0x3A, 0x66,
-        0x37, 0x3A, 0x63, 0x62, 0x3A, 0x32, 0x34, 0x3A, 0x64, 0x66,
-        0x3A, 0x36, 0x34, 0x3A, 0x34, 0x64, 0x3A, 0x62, 0x61, 0x3A,
-        0x61, 0x62, 0x3A, 0x36, 0x36, 0x3A, 0x37, 0x62, 0x3A, 0x38,
-        0x33, 0x3A, 0x37, 0x35, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x61, 0x39, 0x3A, 0x32,
-        0x39, 0x3A, 0x65, 0x37, 0x3A, 0x66, 0x66, 0x3A, 0x36, 0x34,
-        0x3A, 0x36, 0x33, 0x3A, 0x62, 0x36, 0x3A, 0x64, 0x35, 0x3A,
-        0x34, 0x32, 0x3A, 0x38, 0x30, 0x3A, 0x32, 0x30, 0x3A, 0x62,
-        0x64, 0x3A, 0x65, 0x32, 0x3A, 0x65, 0x32, 0x3A, 0x30, 0x32,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x31, 0x32, 0x3A, 0x33, 0x62, 0x3A, 0x38, 0x65,
-        0x3A, 0x62, 0x34, 0x3A, 0x30, 0x30, 0x3A, 0x39, 0x35, 0x3A,
-        0x30, 0x39, 0x3A, 0x38, 0x30, 0x3A, 0x63, 0x62, 0x3A, 0x35,
-        0x36, 0x3A, 0x65, 0x64, 0x3A, 0x34, 0x62, 0x3A, 0x63, 0x61,
-        0x3A, 0x38, 0x64, 0x3A, 0x35, 0x37, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x65, 0x36,
-        0x3A, 0x61, 0x65, 0x3A, 0x30, 0x35, 0x3A, 0x64, 0x33, 0x3A,
-        0x37, 0x36, 0x3A, 0x32, 0x37, 0x3A, 0x36, 0x33, 0x3A, 0x37,
-        0x31, 0x3A, 0x33, 0x39, 0x3A, 0x38, 0x39, 0x3A, 0x62, 0x37,
-        0x3A, 0x36, 0x39, 0x3A, 0x65, 0x36, 0x3A, 0x34, 0x38, 0x3A,
-        0x38, 0x30, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x61, 0x65, 0x3A, 0x64, 0x31, 0x3A,
-        0x61, 0x39, 0x3A, 0x34, 0x38, 0x3A, 0x31, 0x32, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x41, 0x53, 0x4E, 0x31, 0x20,
-        0x4F, 0x49, 0x44, 0x3A, 0x20, 0x53, 0x4D, 0x32, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35, 0x30,
-        0x39, 0x76, 0x33, 0x20, 0x65, 0x78, 0x74, 0x65, 0x6E, 0x73,
-        0x69, 0x6F, 0x6E, 0x73, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35,
-        0x30, 0x39, 0x76, 0x33, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65,
-        0x63, 0x74, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x64, 0x65,
-        0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A, 0x20, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x34, 0x37, 0x3A, 0x30,
-        0x41, 0x3A, 0x34, 0x38, 0x3A, 0x37, 0x45, 0x3A, 0x42, 0x42,
-        0x3A, 0x30, 0x32, 0x3A, 0x41, 0x38, 0x3A, 0x35, 0x41, 0x3A,
-        0x32, 0x36, 0x3A, 0x35, 0x37, 0x3A, 0x32, 0x42, 0x3A, 0x31,
-        0x39, 0x3A, 0x41, 0x39, 0x3A, 0x37, 0x42, 0x3A, 0x36, 0x31,
-        0x3A, 0x38, 0x42, 0x3A, 0x37, 0x46, 0x3A, 0x35, 0x44, 0x3A,
-        0x39, 0x39, 0x3A, 0x36, 0x45, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35,
-        0x30, 0x39, 0x76, 0x33, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F,
-        0x72, 0x69, 0x74, 0x79, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49,
-        0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A,
-        0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x33, 0x34,
-        0x3A, 0x31, 0x44, 0x3A, 0x37, 0x39, 0x3A, 0x34, 0x34, 0x3A,
-        0x31, 0x35, 0x3A, 0x37, 0x39, 0x3A, 0x41, 0x31, 0x3A, 0x42,
-        0x31, 0x3A, 0x36, 0x33, 0x3A, 0x39, 0x39, 0x3A, 0x45, 0x33,
-        0x3A, 0x45, 0x44, 0x3A, 0x36, 0x35, 0x3A, 0x37, 0x43, 0x3A,
-        0x36, 0x34, 0x3A, 0x38, 0x39, 0x3A, 0x38, 0x30, 0x3A, 0x46,
-        0x46, 0x3A, 0x42, 0x38, 0x3A, 0x45, 0x43, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x42, 0x61, 0x73,
-        0x69, 0x63, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x74, 0x72, 0x61,
-        0x69, 0x6E, 0x74, 0x73, 0x3A, 0x20, 0x63, 0x72, 0x69, 0x74,
-        0x69, 0x63, 0x61, 0x6C, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x43, 0x41, 0x3A, 0x54, 0x52, 0x55, 0x45, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x4B, 0x65,
-        0x79, 0x20, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3A, 0x20, 0x63,
-        0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x44, 0x69, 0x67, 0x69, 0x74, 0x61,
-        0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72,
-        0x65, 0x2C, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
-        0x63, 0x61, 0x74, 0x65, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x2C,
-        0x20, 0x43, 0x52, 0x4C, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74,
-        0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67, 0x6F, 0x72, 0x69,
-        0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D, 0x32, 0x2D, 0x77,
-        0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74, 0x75, 0x72,
-        0x65, 0x20, 0x56, 0x61, 0x6C, 0x75, 0x65, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x33, 0x30, 0x3A,
-        0x34, 0x35, 0x3A, 0x30, 0x32, 0x3A, 0x32, 0x30, 0x3A, 0x34,
-        0x37, 0x3A, 0x34, 0x65, 0x3A, 0x30, 0x30, 0x3A, 0x30, 0x33,
-        0x3A, 0x61, 0x62, 0x3A, 0x33, 0x34, 0x3A, 0x61, 0x31, 0x3A,
-        0x61, 0x66, 0x3A, 0x35, 0x39, 0x3A, 0x33, 0x39, 0x3A, 0x38,
-        0x66, 0x3A, 0x36, 0x30, 0x3A, 0x33, 0x36, 0x3A, 0x62, 0x66,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x38, 0x39, 0x3A, 0x38, 0x38, 0x3A, 0x34, 0x32, 0x3A, 0x34,
-        0x31, 0x3A, 0x32, 0x37, 0x3A, 0x63, 0x31, 0x3A, 0x64, 0x64,
-        0x3A, 0x35, 0x37, 0x3A, 0x63, 0x39, 0x3A, 0x37, 0x39, 0x3A,
-        0x63, 0x62, 0x3A, 0x31, 0x66, 0x3A, 0x35, 0x36, 0x3A, 0x35,
-        0x63, 0x3A, 0x31, 0x36, 0x3A, 0x62, 0x35, 0x3A, 0x32, 0x38,
-        0x3A, 0x62, 0x64, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x30, 0x32, 0x3A, 0x32, 0x31, 0x3A, 0x30,
-        0x30, 0x3A, 0x38, 0x62, 0x3A, 0x32, 0x65, 0x3A, 0x32, 0x35,
-        0x3A, 0x65, 0x62, 0x3A, 0x32, 0x31, 0x3A, 0x39, 0x62, 0x3A,
-        0x61, 0x39, 0x3A, 0x32, 0x62, 0x3A, 0x61, 0x36, 0x3A, 0x36,
-        0x61, 0x3A, 0x35, 0x62, 0x3A, 0x64, 0x62, 0x3A, 0x61, 0x37,
-        0x3A, 0x63, 0x37, 0x3A, 0x32, 0x62, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x31, 0x31, 0x3A, 0x64,
-        0x66, 0x3A, 0x37, 0x33, 0x3A, 0x31, 0x35, 0x3A, 0x61, 0x64,
-        0x3A, 0x65, 0x34, 0x3A, 0x63, 0x35, 0x3A, 0x63, 0x33, 0x3A,
-        0x63, 0x32, 0x3A, 0x66, 0x33, 0x3A, 0x62, 0x34, 0x3A, 0x62,
-        0x34, 0x3A, 0x36, 0x37, 0x3A, 0x61, 0x66, 0x3A, 0x64, 0x37,
-        0x3A, 0x35, 0x31, 0x3A, 0x31, 0x63, 0x0A, 0x2D, 0x2D, 0x2D,
-        0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E, 0x20, 0x43, 0x45,
-        0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49, 0x49, 0x43, 0x6C,
-        0x6A, 0x43, 0x43, 0x41, 0x6A, 0x79, 0x67, 0x41, 0x77, 0x49,
-        0x42, 0x41, 0x67, 0x49, 0x42, 0x41, 0x54, 0x41, 0x4B, 0x42,
-        0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50, 0x56, 0x51, 0x47,
-        0x44, 0x64, 0x54, 0x43, 0x42, 0x6C, 0x54, 0x45, 0x4C, 0x4D,
-        0x41, 0x6B, 0x47, 0x41, 0x31, 0x55, 0x45, 0x42, 0x68, 0x4D,
-        0x43, 0x56, 0x56, 0x4D, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x0A,
-        0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x67, 0x4D, 0x42, 0x30,
-        0x31, 0x76, 0x62, 0x6E, 0x52, 0x68, 0x62, 0x6D, 0x45, 0x78,
-        0x45, 0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41,
-        0x63, 0x4D, 0x42, 0x30, 0x4A, 0x76, 0x65, 0x6D, 0x56, 0x74,
-        0x59, 0x57, 0x34, 0x78, 0x46, 0x44, 0x41, 0x53, 0x42, 0x67,
-        0x4E, 0x56, 0x42, 0x41, 0x6F, 0x4D, 0x43, 0x33, 0x64, 0x76,
-        0x62, 0x47, 0x5A, 0x54, 0x0A, 0x55, 0x30, 0x78, 0x66, 0x55,
-        0x30, 0x30, 0x79, 0x4D, 0x52, 0x45, 0x77, 0x44, 0x77, 0x59,
-        0x44, 0x56, 0x51, 0x51, 0x4C, 0x44, 0x41, 0x68, 0x53, 0x62,
-        0x32, 0x39, 0x30, 0x4C, 0x56, 0x4E, 0x4E, 0x4D, 0x6A, 0x45,
-        0x59, 0x4D, 0x42, 0x59, 0x47, 0x41, 0x31, 0x55, 0x45, 0x41,
-        0x77, 0x77, 0x50, 0x64, 0x33, 0x64, 0x33, 0x4C, 0x6E, 0x64,
-        0x76, 0x62, 0x47, 0x5A, 0x7A, 0x63, 0x32, 0x77, 0x75, 0x0A,
-        0x59, 0x32, 0x39, 0x74, 0x4D, 0x52, 0x38, 0x77, 0x48, 0x51,
-        0x59, 0x4A, 0x4B, 0x6F, 0x5A, 0x49, 0x68, 0x76, 0x63, 0x4E,
-        0x41, 0x51, 0x6B, 0x42, 0x46, 0x68, 0x42, 0x70, 0x62, 0x6D,
-        0x5A, 0x76, 0x51, 0x48, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x7A,
-        0x63, 0x32, 0x77, 0x75, 0x59, 0x32, 0x39, 0x74, 0x4D, 0x42,
-        0x34, 0x58, 0x44, 0x54, 0x49, 0x7A, 0x4D, 0x44, 0x49, 0x78,
-        0x4E, 0x54, 0x41, 0x32, 0x0A, 0x4D, 0x6A, 0x4D, 0x77, 0x4E,
-        0x31, 0x6F, 0x58, 0x44, 0x54, 0x49, 0x31, 0x4D, 0x54, 0x45,
-        0x78, 0x4D, 0x54, 0x41, 0x32, 0x4D, 0x6A, 0x4D, 0x77, 0x4E,
-        0x31, 0x6F, 0x77, 0x67, 0x61, 0x77, 0x78, 0x43, 0x7A, 0x41,
-        0x4A, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x59, 0x54, 0x41,
-        0x6C, 0x56, 0x54, 0x4D, 0x52, 0x41, 0x77, 0x44, 0x67, 0x59,
-        0x44, 0x56, 0x51, 0x51, 0x49, 0x44, 0x41, 0x64, 0x4E, 0x0A,
-        0x62, 0x32, 0x35, 0x30, 0x59, 0x57, 0x35, 0x68, 0x4D, 0x52,
-        0x41, 0x77, 0x44, 0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x48,
-        0x44, 0x41, 0x64, 0x43, 0x62, 0x33, 0x70, 0x6C, 0x62, 0x57,
-        0x46, 0x75, 0x4D, 0x52, 0x51, 0x77, 0x45, 0x67, 0x59, 0x44,
-        0x56, 0x51, 0x51, 0x4B, 0x44, 0x41, 0x74, 0x33, 0x62, 0x32,
-        0x78, 0x6D, 0x55, 0x31, 0x4E, 0x4D, 0x58, 0x33, 0x4E, 0x74,
-        0x4D, 0x6A, 0x45, 0x50, 0x0A, 0x4D, 0x41, 0x30, 0x47, 0x41,
-        0x31, 0x55, 0x45, 0x43, 0x77, 0x77, 0x47, 0x51, 0x30, 0x45,
-        0x74, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x52, 0x67, 0x77, 0x46,
-        0x67, 0x59, 0x44, 0x56, 0x51, 0x51, 0x44, 0x44, 0x41, 0x39,
-        0x33, 0x64, 0x33, 0x63, 0x75, 0x64, 0x32, 0x39, 0x73, 0x5A,
-        0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x35, 0x6A, 0x62, 0x32, 0x30,
-        0x78, 0x48, 0x7A, 0x41, 0x64, 0x42, 0x67, 0x6B, 0x71, 0x0A,
-        0x68, 0x6B, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x43, 0x51,
-        0x45, 0x57, 0x45, 0x47, 0x6C, 0x75, 0x5A, 0x6D, 0x39, 0x41,
-        0x64, 0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x62, 0x43,
-        0x35, 0x6A, 0x62, 0x32, 0x30, 0x78, 0x46, 0x7A, 0x41, 0x56,
-        0x42, 0x67, 0x6F, 0x4A, 0x6B, 0x69, 0x61, 0x4A, 0x6B, 0x2F,
-        0x49, 0x73, 0x5A, 0x41, 0x45, 0x42, 0x44, 0x41, 0x64, 0x33,
-        0x62, 0x32, 0x78, 0x6D, 0x0A, 0x55, 0x31, 0x4E, 0x4D, 0x4D,
-        0x46, 0x6F, 0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45,
-        0x63, 0x7A, 0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43,
-        0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49,
-        0x74, 0x41, 0x30, 0x49, 0x41, 0x42, 0x43, 0x47, 0x53, 0x39,
-        0x38, 0x73, 0x6B, 0x33, 0x32, 0x52, 0x4E, 0x75, 0x71, 0x74,
-        0x6D, 0x65, 0x34, 0x4E, 0x31, 0x71, 0x53, 0x6E, 0x6E, 0x0A,
-        0x2F, 0x32, 0x52, 0x6A, 0x74, 0x74, 0x56, 0x43, 0x67, 0x43,
-        0x43, 0x39, 0x34, 0x75, 0x49, 0x43, 0x45, 0x6A, 0x75, 0x4F,
-        0x74, 0x41, 0x43, 0x56, 0x43, 0x59, 0x44, 0x4C, 0x56, 0x75,
-        0x31, 0x4C, 0x79, 0x6F, 0x31, 0x58, 0x35, 0x71, 0x34, 0x46,
-        0x30, 0x33, 0x59, 0x6E, 0x59, 0x33, 0x45, 0x35, 0x69, 0x62,
-        0x64, 0x70, 0x35, 0x6B, 0x69, 0x41, 0x72, 0x74, 0x47, 0x70,
-        0x53, 0x42, 0x4B, 0x6A, 0x0A, 0x59, 0x7A, 0x42, 0x68, 0x4D,
-        0x42, 0x30, 0x47, 0x41, 0x31, 0x55, 0x64, 0x44, 0x67, 0x51,
-        0x57, 0x42, 0x42, 0x52, 0x48, 0x43, 0x6B, 0x68, 0x2B, 0x75,
-        0x77, 0x4B, 0x6F, 0x57, 0x69, 0x5A, 0x58, 0x4B, 0x78, 0x6D,
-        0x70, 0x65, 0x32, 0x47, 0x4C, 0x66, 0x31, 0x32, 0x5A, 0x62,
-        0x6A, 0x41, 0x66, 0x42, 0x67, 0x4E, 0x56, 0x48, 0x53, 0x4D,
-        0x45, 0x47, 0x44, 0x41, 0x57, 0x67, 0x42, 0x51, 0x30, 0x0A,
-        0x48, 0x58, 0x6C, 0x45, 0x46, 0x58, 0x6D, 0x68, 0x73, 0x57,
-        0x4F, 0x5A, 0x34, 0x2B, 0x31, 0x6C, 0x66, 0x47, 0x53, 0x4A,
-        0x67, 0x50, 0x2B, 0x34, 0x37, 0x44, 0x41, 0x50, 0x42, 0x67,
-        0x4E, 0x56, 0x48, 0x52, 0x4D, 0x42, 0x41, 0x66, 0x38, 0x45,
-        0x42, 0x54, 0x41, 0x44, 0x41, 0x51, 0x48, 0x2F, 0x4D, 0x41,
-        0x34, 0x47, 0x41, 0x31, 0x55, 0x64, 0x44, 0x77, 0x45, 0x42,
-        0x2F, 0x77, 0x51, 0x45, 0x0A, 0x41, 0x77, 0x49, 0x42, 0x68,
-        0x6A, 0x41, 0x4B, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A,
-        0x50, 0x56, 0x51, 0x47, 0x44, 0x64, 0x51, 0x4E, 0x49, 0x41,
-        0x44, 0x42, 0x46, 0x41, 0x69, 0x42, 0x48, 0x54, 0x67, 0x41,
-        0x44, 0x71, 0x7A, 0x53, 0x68, 0x72, 0x31, 0x6B, 0x35, 0x6A,
-        0x32, 0x41, 0x32, 0x76, 0x34, 0x6D, 0x49, 0x51, 0x6B, 0x45,
-        0x6E, 0x77, 0x64, 0x31, 0x58, 0x79, 0x58, 0x6E, 0x4C, 0x0A,
-        0x48, 0x31, 0x5A, 0x63, 0x46, 0x72, 0x55, 0x6F, 0x76, 0x51,
-        0x49, 0x68, 0x41, 0x49, 0x73, 0x75, 0x4A, 0x65, 0x73, 0x68,
-        0x6D, 0x36, 0x6B, 0x72, 0x70, 0x6D, 0x70, 0x62, 0x32, 0x36,
-        0x66, 0x48, 0x4B, 0x78, 0x48, 0x66, 0x63, 0x78, 0x57, 0x74,
-        0x35, 0x4D, 0x58, 0x44, 0x77, 0x76, 0x4F, 0x30, 0x74, 0x47,
-        0x65, 0x76, 0x31, 0x31, 0x45, 0x63, 0x0A, 0x2D, 0x2D, 0x2D,
-        0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54,
-        0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2D, 0x2D, 0x2D,
-        0x2D, 0x2D, 0x0A
-};
-#define sizeof_server_sm2 (sizeof(server_sm2))
-
-/* ./certs/sm2/server-sm2-cert.pem */
-static const unsigned char server_sm2_cert[] =
-{
-        0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74,
-        0x65, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x44, 0x61, 0x74,
-        0x61, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6F, 0x6E, 0x3A, 0x20,
-        0x33, 0x20, 0x28, 0x30, 0x78, 0x32, 0x29, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x65, 0x72, 0x69,
-        0x61, 0x6C, 0x20, 0x4E, 0x75, 0x6D, 0x62, 0x65, 0x72, 0x3A,
-        0x20, 0x31, 0x20, 0x28, 0x30, 0x78, 0x31, 0x29, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D,
-        0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x49,
-        0x73, 0x73, 0x75, 0x65, 0x72, 0x3A, 0x20, 0x43, 0x20, 0x3D,
-        0x20, 0x55, 0x53, 0x2C, 0x20, 0x53, 0x54, 0x20, 0x3D, 0x20,
-        0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C,
-        0x20, 0x3D, 0x20, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E,
-        0x2C, 0x20, 0x4F, 0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66,
-        0x53, 0x53, 0x4C, 0x5F, 0x73, 0x6D, 0x32, 0x2C, 0x20, 0x4F,
-        0x55, 0x20, 0x3D, 0x20, 0x43, 0x41, 0x2D, 0x73, 0x6D, 0x32,
-        0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77,
-        0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41,
-        0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69,
-        0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x56,
-        0x61, 0x6C, 0x69, 0x64, 0x69, 0x74, 0x79, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x4E, 0x6F, 0x74, 0x20, 0x42, 0x65, 0x66, 0x6F, 0x72, 0x65,
-        0x3A, 0x20, 0x46, 0x65, 0x62, 0x20, 0x31, 0x35, 0x20, 0x30,
-        0x36, 0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30,
-        0x32, 0x33, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x4E,
-        0x6F, 0x74, 0x20, 0x41, 0x66, 0x74, 0x65, 0x72, 0x20, 0x3A,
-        0x20, 0x4E, 0x6F, 0x76, 0x20, 0x31, 0x31, 0x20, 0x30, 0x36,
-        0x3A, 0x32, 0x33, 0x3A, 0x30, 0x37, 0x20, 0x32, 0x30, 0x32,
-        0x35, 0x20, 0x47, 0x4D, 0x54, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x53, 0x75, 0x62, 0x6A, 0x65, 0x63,
-        0x74, 0x3A, 0x20, 0x43, 0x20, 0x3D, 0x20, 0x55, 0x53, 0x2C,
-        0x20, 0x53, 0x54, 0x20, 0x3D, 0x20, 0x4D, 0x6F, 0x6E, 0x74,
-        0x61, 0x6E, 0x61, 0x2C, 0x20, 0x4C, 0x20, 0x3D, 0x20, 0x42,
-        0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x2C, 0x20, 0x4F, 0x20,
-        0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F,
-        0x73, 0x6D, 0x32, 0x2C, 0x20, 0x4F, 0x55, 0x20, 0x3D, 0x20,
-        0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x2D, 0x73, 0x6D, 0x32,
-        0x2C, 0x20, 0x43, 0x4E, 0x20, 0x3D, 0x20, 0x77, 0x77, 0x77,
-        0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x2C, 0x20, 0x65, 0x6D, 0x61, 0x69, 0x6C, 0x41,
-        0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x20, 0x3D, 0x20, 0x69,
-        0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x2C, 0x20, 0x55, 0x49, 0x44,
-        0x20, 0x3D, 0x20, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x53,
-        0x75, 0x62, 0x6A, 0x65, 0x63, 0x74, 0x20, 0x50, 0x75, 0x62,
-        0x6C, 0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x6E,
-        0x66, 0x6F, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75, 0x62, 0x6C,
-        0x69, 0x63, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x73, 0x6D,
-        0x32, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x50, 0x75,
-        0x62, 0x6C, 0x69, 0x63, 0x2D, 0x4B, 0x65, 0x79, 0x3A, 0x20,
-        0x28, 0x32, 0x35, 0x36, 0x20, 0x62, 0x69, 0x74, 0x29, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x70, 0x75, 0x62, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x30, 0x34, 0x3A, 0x39, 0x34, 0x3A, 0x37, 0x30, 0x3A,
-        0x32, 0x62, 0x3A, 0x34, 0x36, 0x3A, 0x65, 0x34, 0x3A, 0x35,
-        0x65, 0x3A, 0x30, 0x66, 0x3A, 0x34, 0x31, 0x3A, 0x66, 0x62,
-        0x3A, 0x38, 0x66, 0x3A, 0x32, 0x64, 0x3A, 0x33, 0x34, 0x3A,
-        0x30, 0x61, 0x3A, 0x34, 0x31, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x34, 0x30, 0x3A,
-        0x31, 0x39, 0x3A, 0x35, 0x65, 0x3A, 0x66, 0x62, 0x3A, 0x64,
-        0x34, 0x3A, 0x31, 0x64, 0x3A, 0x31, 0x31, 0x3A, 0x61, 0x63,
-        0x3A, 0x66, 0x61, 0x3A, 0x66, 0x35, 0x3A, 0x39, 0x33, 0x3A,
-        0x33, 0x37, 0x3A, 0x63, 0x36, 0x3A, 0x66, 0x61, 0x3A, 0x38,
-        0x37, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x30, 0x38, 0x3A, 0x66, 0x37, 0x3A, 0x31,
-        0x36, 0x3A, 0x31, 0x66, 0x3A, 0x32, 0x63, 0x3A, 0x63, 0x65,
-        0x3A, 0x33, 0x30, 0x3A, 0x34, 0x30, 0x3A, 0x39, 0x64, 0x3A,
-        0x34, 0x66, 0x3A, 0x61, 0x36, 0x3A, 0x32, 0x61, 0x3A, 0x30,
-        0x61, 0x3A, 0x61, 0x31, 0x3A, 0x64, 0x36, 0x3A, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x39,
-        0x35, 0x3A, 0x33, 0x33, 0x3A, 0x63, 0x33, 0x3A, 0x61, 0x36,
-        0x3A, 0x30, 0x33, 0x3A, 0x39, 0x38, 0x3A, 0x65, 0x36, 0x3A,
-        0x38, 0x64, 0x3A, 0x30, 0x35, 0x3A, 0x33, 0x34, 0x3A, 0x62,
-        0x30, 0x3A, 0x39, 0x37, 0x3A, 0x30, 0x63, 0x3A, 0x64, 0x65,
-        0x3A, 0x61, 0x34, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x63, 0x37, 0x3A, 0x63, 0x66,
-        0x3A, 0x35, 0x33, 0x3A, 0x38, 0x66, 0x3A, 0x64, 0x31, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x41, 0x53, 0x4E, 0x31,
-        0x20, 0x4F, 0x49, 0x44, 0x3A, 0x20, 0x53, 0x4D, 0x32, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58, 0x35,
-        0x30, 0x39, 0x76, 0x33, 0x20, 0x65, 0x78, 0x74, 0x65, 0x6E,
-        0x73, 0x69, 0x6F, 0x6E, 0x73, 0x3A, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x53, 0x75, 0x62, 0x6A,
-        0x65, 0x63, 0x74, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x49, 0x64,
-        0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x3A, 0x20,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x36, 0x37, 0x3A,
-        0x41, 0x45, 0x3A, 0x36, 0x30, 0x3A, 0x46, 0x46, 0x3A, 0x37,
-        0x45, 0x3A, 0x31, 0x42, 0x3A, 0x30, 0x46, 0x3A, 0x39, 0x35,
-        0x3A, 0x41, 0x45, 0x3A, 0x31, 0x46, 0x3A, 0x38, 0x32, 0x3A,
-        0x35, 0x39, 0x3A, 0x46, 0x32, 0x3A, 0x36, 0x43, 0x3A, 0x35,
-        0x36, 0x3A, 0x32, 0x44, 0x3A, 0x39, 0x33, 0x3A, 0x45, 0x46,
-        0x3A, 0x31, 0x37, 0x3A, 0x33, 0x32, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x41, 0x75, 0x74, 0x68,
-        0x6F, 0x72, 0x69, 0x74, 0x79, 0x20, 0x4B, 0x65, 0x79, 0x20,
-        0x49, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72,
-        0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x34,
-        0x37, 0x3A, 0x30, 0x41, 0x3A, 0x34, 0x38, 0x3A, 0x37, 0x45,
-        0x3A, 0x42, 0x42, 0x3A, 0x30, 0x32, 0x3A, 0x41, 0x38, 0x3A,
-        0x35, 0x41, 0x3A, 0x32, 0x36, 0x3A, 0x35, 0x37, 0x3A, 0x32,
-        0x42, 0x3A, 0x31, 0x39, 0x3A, 0x41, 0x39, 0x3A, 0x37, 0x42,
-        0x3A, 0x36, 0x31, 0x3A, 0x38, 0x42, 0x3A, 0x37, 0x46, 0x3A,
-        0x35, 0x44, 0x3A, 0x39, 0x39, 0x3A, 0x36, 0x45, 0x0A, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x42, 0x61,
-        0x73, 0x69, 0x63, 0x20, 0x43, 0x6F, 0x6E, 0x73, 0x74, 0x72,
-        0x61, 0x69, 0x6E, 0x74, 0x73, 0x3A, 0x20, 0x63, 0x72, 0x69,
-        0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x43, 0x41, 0x3A, 0x46, 0x41, 0x4C, 0x53, 0x45,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x58, 0x35, 0x30, 0x39, 0x76, 0x33, 0x20,
-        0x4B, 0x65, 0x79, 0x20, 0x55, 0x73, 0x61, 0x67, 0x65, 0x3A,
-        0x20, 0x63, 0x72, 0x69, 0x74, 0x69, 0x63, 0x61, 0x6C, 0x0A,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x44, 0x69, 0x67, 0x69,
-        0x74, 0x61, 0x6C, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61, 0x74,
-        0x75, 0x72, 0x65, 0x2C, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x45,
-        0x6E, 0x63, 0x69, 0x70, 0x68, 0x65, 0x72, 0x6D, 0x65, 0x6E,
-        0x74, 0x2C, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x41, 0x67, 0x72,
-        0x65, 0x65, 0x6D, 0x65, 0x6E, 0x74, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x58,
-        0x35, 0x30, 0x39, 0x76, 0x33, 0x20, 0x45, 0x78, 0x74, 0x65,
-        0x6E, 0x64, 0x65, 0x64, 0x20, 0x4B, 0x65, 0x79, 0x20, 0x55,
-        0x73, 0x61, 0x67, 0x65, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x54, 0x4C, 0x53, 0x20, 0x57, 0x65, 0x62,
-        0x20, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x41, 0x75,
-        0x74, 0x68, 0x65, 0x6E, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69,
-        0x6F, 0x6E, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x4E, 0x65, 0x74, 0x73, 0x63,
-        0x61, 0x70, 0x65, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x54,
-        0x79, 0x70, 0x65, 0x3A, 0x20, 0x0A, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x53, 0x53, 0x4C, 0x20, 0x53, 0x65, 0x72, 0x76,
-        0x65, 0x72, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67,
-        0x6E, 0x61, 0x74, 0x75, 0x72, 0x65, 0x20, 0x41, 0x6C, 0x67,
-        0x6F, 0x72, 0x69, 0x74, 0x68, 0x6D, 0x3A, 0x20, 0x53, 0x4D,
-        0x32, 0x2D, 0x77, 0x69, 0x74, 0x68, 0x2D, 0x53, 0x4D, 0x33,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x53, 0x69, 0x67, 0x6E, 0x61,
-        0x74, 0x75, 0x72, 0x65, 0x20, 0x56, 0x61, 0x6C, 0x75, 0x65,
-        0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x33, 0x30, 0x3A, 0x34, 0x35, 0x3A, 0x30, 0x32, 0x3A, 0x32,
-        0x30, 0x3A, 0x31, 0x62, 0x3A, 0x63, 0x61, 0x3A, 0x39, 0x34,
-        0x3A, 0x32, 0x38, 0x3A, 0x37, 0x66, 0x3A, 0x66, 0x36, 0x3A,
-        0x62, 0x32, 0x3A, 0x30, 0x64, 0x3A, 0x33, 0x31, 0x3A, 0x34,
-        0x33, 0x3A, 0x35, 0x30, 0x3A, 0x65, 0x31, 0x3A, 0x64, 0x35,
-        0x3A, 0x33, 0x34, 0x3A, 0x0A, 0x20, 0x20, 0x20, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x31, 0x37, 0x3A, 0x64, 0x64, 0x3A, 0x61,
-        0x66, 0x3A, 0x33, 0x61, 0x3A, 0x64, 0x65, 0x3A, 0x38, 0x31,
-        0x3A, 0x30, 0x36, 0x3A, 0x36, 0x37, 0x3A, 0x39, 0x61, 0x3A,
-        0x62, 0x33, 0x3A, 0x30, 0x36, 0x3A, 0x32, 0x32, 0x3A, 0x37,
-        0x65, 0x3A, 0x36, 0x34, 0x3A, 0x65, 0x63, 0x3A, 0x66, 0x64,
-        0x3A, 0x30, 0x65, 0x3A, 0x62, 0x39, 0x3A, 0x0A, 0x20, 0x20,
-        0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x30, 0x32, 0x3A, 0x32,
-        0x31, 0x3A, 0x30, 0x30, 0x3A, 0x61, 0x31, 0x3A, 0x34, 0x38,
-        0x3A, 0x61, 0x38, 0x3A, 0x33, 0x32, 0x3A, 0x64, 0x31, 0x3A,
-        0x30, 0x35, 0x3A, 0x30, 0x39, 0x3A, 0x36, 0x62, 0x3A, 0x31,
-        0x63, 0x3A, 0x65, 0x62, 0x3A, 0x38, 0x39, 0x3A, 0x31, 0x32,
-        0x3A, 0x36, 0x36, 0x3A, 0x64, 0x38, 0x3A, 0x33, 0x38, 0x3A,
-        0x0A, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x61,
-        0x31, 0x3A, 0x63, 0x34, 0x3A, 0x35, 0x63, 0x3A, 0x38, 0x39,
-        0x3A, 0x30, 0x39, 0x3A, 0x30, 0x66, 0x3A, 0x66, 0x64, 0x3A,
-        0x65, 0x39, 0x3A, 0x63, 0x30, 0x3A, 0x33, 0x62, 0x3A, 0x31,
-        0x64, 0x3A, 0x66, 0x62, 0x3A, 0x63, 0x64, 0x3A, 0x62, 0x35,
-        0x3A, 0x34, 0x63, 0x3A, 0x33, 0x31, 0x3A, 0x36, 0x38, 0x0A,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41,
-        0x54, 0x45, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x49, 0x43, 0x32, 0x44, 0x43, 0x43, 0x41, 0x6E, 0x36, 0x67,
-        0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x42, 0x41, 0x54,
-        0x41, 0x4B, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50,
-        0x56, 0x51, 0x47, 0x44, 0x64, 0x54, 0x43, 0x42, 0x72, 0x44,
-        0x45, 0x4C, 0x4D, 0x41, 0x6B, 0x47, 0x41, 0x31, 0x55, 0x45,
-        0x42, 0x68, 0x4D, 0x43, 0x56, 0x56, 0x4D, 0x78, 0x45, 0x44,
-        0x41, 0x4F, 0x0A, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x67,
-        0x4D, 0x42, 0x30, 0x31, 0x76, 0x62, 0x6E, 0x52, 0x68, 0x62,
-        0x6D, 0x45, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x63, 0x4D, 0x42, 0x30, 0x4A, 0x76, 0x65,
-        0x6D, 0x56, 0x74, 0x59, 0x57, 0x34, 0x78, 0x46, 0x44, 0x41,
-        0x53, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x6F, 0x4D, 0x43,
-        0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54, 0x0A, 0x55, 0x30,
-        0x78, 0x66, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x51, 0x38, 0x77,
-        0x44, 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4C, 0x44, 0x41,
-        0x5A, 0x44, 0x51, 0x53, 0x31, 0x7A, 0x62, 0x54, 0x49, 0x78,
-        0x47, 0x44, 0x41, 0x57, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41,
-        0x4D, 0x4D, 0x44, 0x33, 0x64, 0x33, 0x64, 0x79, 0x35, 0x33,
-        0x62, 0x32, 0x78, 0x6D, 0x63, 0x33, 0x4E, 0x73, 0x4C, 0x6D,
-        0x4E, 0x76, 0x0A, 0x62, 0x54, 0x45, 0x66, 0x4D, 0x42, 0x30,
-        0x47, 0x43, 0x53, 0x71, 0x47, 0x53, 0x49, 0x62, 0x33, 0x44,
-        0x51, 0x45, 0x4A, 0x41, 0x52, 0x59, 0x51, 0x61, 0x57, 0x35,
-        0x6D, 0x62, 0x30, 0x42, 0x33, 0x62, 0x32, 0x78, 0x6D, 0x63,
-        0x33, 0x4E, 0x73, 0x4C, 0x6D, 0x4E, 0x76, 0x62, 0x54, 0x45,
-        0x58, 0x4D, 0x42, 0x55, 0x47, 0x43, 0x67, 0x6D, 0x53, 0x4A,
-        0x6F, 0x6D, 0x54, 0x38, 0x69, 0x78, 0x6B, 0x0A, 0x41, 0x51,
-        0x45, 0x4D, 0x42, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54,
-        0x55, 0x30, 0x77, 0x77, 0x48, 0x68, 0x63, 0x4E, 0x4D, 0x6A,
-        0x4D, 0x77, 0x4D, 0x6A, 0x45, 0x31, 0x4D, 0x44, 0x59, 0x79,
-        0x4D, 0x7A, 0x41, 0x33, 0x57, 0x68, 0x63, 0x4E, 0x4D, 0x6A,
-        0x55, 0x78, 0x4D, 0x54, 0x45, 0x78, 0x4D, 0x44, 0x59, 0x79,
-        0x4D, 0x7A, 0x41, 0x33, 0x57, 0x6A, 0x43, 0x42, 0x73, 0x44,
-        0x45, 0x4C, 0x0A, 0x4D, 0x41, 0x6B, 0x47, 0x41, 0x31, 0x55,
-        0x45, 0x42, 0x68, 0x4D, 0x43, 0x56, 0x56, 0x4D, 0x78, 0x45,
-        0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x67,
-        0x4D, 0x42, 0x30, 0x31, 0x76, 0x62, 0x6E, 0x52, 0x68, 0x62,
-        0x6D, 0x45, 0x78, 0x45, 0x44, 0x41, 0x4F, 0x42, 0x67, 0x4E,
-        0x56, 0x42, 0x41, 0x63, 0x4D, 0x42, 0x30, 0x4A, 0x76, 0x65,
-        0x6D, 0x56, 0x74, 0x59, 0x57, 0x34, 0x78, 0x0A, 0x46, 0x44,
-        0x41, 0x53, 0x42, 0x67, 0x4E, 0x56, 0x42, 0x41, 0x6F, 0x4D,
-        0x43, 0x33, 0x64, 0x76, 0x62, 0x47, 0x5A, 0x54, 0x55, 0x30,
-        0x78, 0x66, 0x63, 0x32, 0x30, 0x79, 0x4D, 0x52, 0x4D, 0x77,
-        0x45, 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x4C, 0x44, 0x41,
-        0x70, 0x54, 0x5A, 0x58, 0x4A, 0x32, 0x5A, 0x58, 0x49, 0x74,
-        0x63, 0x32, 0x30, 0x79, 0x4D, 0x52, 0x67, 0x77, 0x46, 0x67,
-        0x59, 0x44, 0x0A, 0x56, 0x51, 0x51, 0x44, 0x44, 0x41, 0x39,
-        0x33, 0x64, 0x33, 0x63, 0x75, 0x64, 0x32, 0x39, 0x73, 0x5A,
-        0x6E, 0x4E, 0x7A, 0x62, 0x43, 0x35, 0x6A, 0x62, 0x32, 0x30,
-        0x78, 0x48, 0x7A, 0x41, 0x64, 0x42, 0x67, 0x6B, 0x71, 0x68,
-        0x6B, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x43, 0x51, 0x45,
-        0x57, 0x45, 0x47, 0x6C, 0x75, 0x5A, 0x6D, 0x39, 0x41, 0x64,
-        0x32, 0x39, 0x73, 0x5A, 0x6E, 0x4E, 0x7A, 0x0A, 0x62, 0x43,
-        0x35, 0x6A, 0x62, 0x32, 0x30, 0x78, 0x46, 0x7A, 0x41, 0x56,
-        0x42, 0x67, 0x6F, 0x4A, 0x6B, 0x69, 0x61, 0x4A, 0x6B, 0x2F,
-        0x49, 0x73, 0x5A, 0x41, 0x45, 0x42, 0x44, 0x41, 0x64, 0x33,
-        0x62, 0x32, 0x78, 0x6D, 0x55, 0x31, 0x4E, 0x4D, 0x4D, 0x46,
-        0x6F, 0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63,
-        0x7A, 0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43, 0x43,
-        0x71, 0x42, 0x0A, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49,
-        0x74, 0x41, 0x30, 0x49, 0x41, 0x42, 0x4A, 0x52, 0x77, 0x4B,
-        0x30, 0x62, 0x6B, 0x58, 0x67, 0x39, 0x42, 0x2B, 0x34, 0x38,
-        0x74, 0x4E, 0x41, 0x70, 0x42, 0x51, 0x42, 0x6C, 0x65, 0x2B,
-        0x39, 0x51, 0x64, 0x45, 0x61, 0x7A, 0x36, 0x39, 0x5A, 0x4D,
-        0x33, 0x78, 0x76, 0x71, 0x48, 0x43, 0x50, 0x63, 0x57, 0x48,
-        0x79, 0x7A, 0x4F, 0x4D, 0x45, 0x43, 0x64, 0x0A, 0x54, 0x36,
-        0x59, 0x71, 0x43, 0x71, 0x48, 0x57, 0x6C, 0x54, 0x50, 0x44,
-        0x70, 0x67, 0x4F, 0x59, 0x35, 0x6F, 0x30, 0x46, 0x4E, 0x4C,
-        0x43, 0x58, 0x44, 0x4E, 0x36, 0x6B, 0x78, 0x38, 0x39, 0x54,
-        0x6A, 0x39, 0x47, 0x6A, 0x67, 0x59, 0x6B, 0x77, 0x67, 0x59,
-        0x59, 0x77, 0x48, 0x51, 0x59, 0x44, 0x56, 0x52, 0x30, 0x4F,
-        0x42, 0x42, 0x59, 0x45, 0x46, 0x47, 0x65, 0x75, 0x59, 0x50,
-        0x39, 0x2B, 0x0A, 0x47, 0x77, 0x2B, 0x56, 0x72, 0x68, 0x2B,
-        0x43, 0x57, 0x66, 0x4A, 0x73, 0x56, 0x69, 0x32, 0x54, 0x37,
-        0x78, 0x63, 0x79, 0x4D, 0x42, 0x38, 0x47, 0x41, 0x31, 0x55,
-        0x64, 0x49, 0x77, 0x51, 0x59, 0x4D, 0x42, 0x61, 0x41, 0x46,
-        0x45, 0x63, 0x4B, 0x53, 0x48, 0x36, 0x37, 0x41, 0x71, 0x68,
-        0x61, 0x4A, 0x6C, 0x63, 0x72, 0x47, 0x61, 0x6C, 0x37, 0x59,
-        0x59, 0x74, 0x2F, 0x58, 0x5A, 0x6C, 0x75, 0x0A, 0x4D, 0x41,
-        0x77, 0x47, 0x41, 0x31, 0x55, 0x64, 0x45, 0x77, 0x45, 0x42,
-        0x2F, 0x77, 0x51, 0x43, 0x4D, 0x41, 0x41, 0x77, 0x44, 0x67,
-        0x59, 0x44, 0x56, 0x52, 0x30, 0x50, 0x41, 0x51, 0x48, 0x2F,
-        0x42, 0x41, 0x51, 0x44, 0x41, 0x67, 0x4F, 0x6F, 0x4D, 0x42,
-        0x4D, 0x47, 0x41, 0x31, 0x55, 0x64, 0x4A, 0x51, 0x51, 0x4D,
-        0x4D, 0x41, 0x6F, 0x47, 0x43, 0x43, 0x73, 0x47, 0x41, 0x51,
-        0x55, 0x46, 0x0A, 0x42, 0x77, 0x4D, 0x42, 0x4D, 0x42, 0x45,
-        0x47, 0x43, 0x57, 0x43, 0x47, 0x53, 0x41, 0x47, 0x47, 0x2B,
-        0x45, 0x49, 0x42, 0x41, 0x51, 0x51, 0x45, 0x41, 0x77, 0x49,
-        0x47, 0x51, 0x44, 0x41, 0x4B, 0x42, 0x67, 0x67, 0x71, 0x67,
-        0x52, 0x7A, 0x50, 0x56, 0x51, 0x47, 0x44, 0x64, 0x51, 0x4E,
-        0x49, 0x41, 0x44, 0x42, 0x46, 0x41, 0x69, 0x41, 0x62, 0x79,
-        0x70, 0x51, 0x6F, 0x66, 0x2F, 0x61, 0x79, 0x0A, 0x44, 0x54,
-        0x46, 0x44, 0x55, 0x4F, 0x48, 0x56, 0x4E, 0x42, 0x66, 0x64,
-        0x72, 0x7A, 0x72, 0x65, 0x67, 0x51, 0x5A, 0x6E, 0x6D, 0x72,
-        0x4D, 0x47, 0x49, 0x6E, 0x35, 0x6B, 0x37, 0x50, 0x30, 0x4F,
-        0x75, 0x51, 0x49, 0x68, 0x41, 0x4B, 0x46, 0x49, 0x71, 0x44,
-        0x4C, 0x52, 0x42, 0x51, 0x6C, 0x72, 0x48, 0x4F, 0x75, 0x4A,
-        0x45, 0x6D, 0x62, 0x59, 0x4F, 0x4B, 0x48, 0x45, 0x58, 0x49,
-        0x6B, 0x4A, 0x0A, 0x44, 0x2F, 0x33, 0x70, 0x77, 0x44, 0x73,
-        0x64, 0x2B, 0x38, 0x32, 0x31, 0x54, 0x44, 0x46, 0x6F, 0x0A,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x43,
-        0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_server_sm2_cert (sizeof(server_sm2_cert))
-
-/* ./certs/sm2/server-sm2-key.pem */
-static const unsigned char server_sm2_key[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B, 0x45,
-        0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x46, 0x6F,
-        0x77, 0x46, 0x41, 0x59, 0x49, 0x4B, 0x6F, 0x45, 0x63, 0x7A,
-        0x31, 0x55, 0x42, 0x67, 0x69, 0x30, 0x47, 0x43, 0x43, 0x71,
-        0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59, 0x49, 0x74, 0x41,
-        0x30, 0x49, 0x41, 0x42, 0x4A, 0x52, 0x77, 0x4B, 0x30, 0x62,
-        0x6B, 0x58, 0x67, 0x39, 0x42, 0x2B, 0x34, 0x38, 0x74, 0x4E,
-        0x41, 0x70, 0x42, 0x51, 0x42, 0x6C, 0x65, 0x2B, 0x39, 0x51,
-        0x64, 0x0A, 0x45, 0x61, 0x7A, 0x36, 0x39, 0x5A, 0x4D, 0x33,
-        0x78, 0x76, 0x71, 0x48, 0x43, 0x50, 0x63, 0x57, 0x48, 0x79,
-        0x7A, 0x4F, 0x4D, 0x45, 0x43, 0x64, 0x54, 0x36, 0x59, 0x71,
-        0x43, 0x71, 0x48, 0x57, 0x6C, 0x54, 0x50, 0x44, 0x70, 0x67,
-        0x4F, 0x59, 0x35, 0x6F, 0x30, 0x46, 0x4E, 0x4C, 0x43, 0x58,
-        0x44, 0x4E, 0x36, 0x6B, 0x78, 0x38, 0x39, 0x54, 0x6A, 0x39,
-        0x45, 0x3D, 0x0A, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E,
-        0x44, 0x20, 0x50, 0x55, 0x42, 0x4C, 0x49, 0x43, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_server_sm2_key (sizeof(server_sm2_key))
-
-/* ./certs/sm2/server-sm2-priv.pem */
-static const unsigned char server_sm2_priv[] =
-{
-        0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E,
-        0x20, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B,
-        0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49,
-        0x47, 0x49, 0x41, 0x67, 0x45, 0x41, 0x4D, 0x42, 0x51, 0x47,
-        0x43, 0x43, 0x71, 0x42, 0x48, 0x4D, 0x39, 0x56, 0x41, 0x59,
-        0x49, 0x74, 0x42, 0x67, 0x67, 0x71, 0x67, 0x52, 0x7A, 0x50,
-        0x56, 0x51, 0x47, 0x43, 0x4C, 0x51, 0x52, 0x74, 0x4D, 0x47,
-        0x73, 0x43, 0x41, 0x51, 0x45, 0x45, 0x49, 0x4E, 0x63, 0x7A,
-        0x77, 0x61, 0x46, 0x78, 0x6D, 0x4E, 0x70, 0x44, 0x67, 0x51,
-        0x31, 0x77, 0x0A, 0x51, 0x6F, 0x68, 0x6A, 0x30, 0x45, 0x78,
-        0x2B, 0x44, 0x34, 0x71, 0x62, 0x4C, 0x64, 0x6F, 0x56, 0x71,
-        0x67, 0x35, 0x61, 0x2B, 0x75, 0x31, 0x33, 0x4F, 0x6B, 0x4F,
-        0x6F, 0x6F, 0x55, 0x51, 0x44, 0x51, 0x67, 0x41, 0x45, 0x6C,
-        0x48, 0x41, 0x72, 0x52, 0x75, 0x52, 0x65, 0x44, 0x30, 0x48,
-        0x37, 0x6A, 0x79, 0x30, 0x30, 0x43, 0x6B, 0x46, 0x41, 0x47,
-        0x56, 0x37, 0x37, 0x31, 0x42, 0x30, 0x52, 0x0A, 0x72, 0x50,
-        0x72, 0x31, 0x6B, 0x7A, 0x66, 0x47, 0x2B, 0x6F, 0x63, 0x49,
-        0x39, 0x78, 0x59, 0x66, 0x4C, 0x4D, 0x34, 0x77, 0x51, 0x4A,
-        0x31, 0x50, 0x70, 0x69, 0x6F, 0x4B, 0x6F, 0x64, 0x61, 0x56,
-        0x4D, 0x38, 0x4F, 0x6D, 0x41, 0x35, 0x6A, 0x6D, 0x6A, 0x51,
-        0x55, 0x30, 0x73, 0x4A, 0x63, 0x4D, 0x33, 0x71, 0x54, 0x48,
-        0x7A, 0x31, 0x4F, 0x50, 0x30, 0x51, 0x3D, 0x3D, 0x0A, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x50, 0x52,
-        0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B, 0x45, 0x59, 0x2D,
-        0x2D, 0x2D, 0x2D, 0x2D, 0x0A
-};
-#define sizeof_server_sm2_priv (sizeof(server_sm2_priv))
-
-#endif /* WOLFSSL_NO_PEM */
-
-#endif /* WOLFSSL_SM2 || WOLFSSL_SM3 || WOLFSSL_SM4 */
-#endif /* WOLFSSL_CERTS_TEST_SM_H */
diff --git a/include/bitcoin/ssl/wolfssl/crl.h b/include/bitcoin/ssl/wolfssl/crl.h
deleted file mode 100644
index 059edeef8..000000000
--- a/include/bitcoin/ssl/wolfssl/crl.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/* crl.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef WOLFSSL_CRL_H
-#define WOLFSSL_CRL_H
-
-
-#ifdef HAVE_CRL
-
-#include <wolfssl/ssl.h>
-#include <wolfssl/wolfcrypt/asn.h>
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_LOCAL int  InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm);
-WOLFSSL_LOCAL void FreeCRL(WOLFSSL_CRL* crl, int dynamic);
-
-WOLFSSL_LOCAL int  LoadCRL(WOLFSSL_CRL* crl, const char* path, int type,
-                           int monitor);
-WOLFSSL_LOCAL int  BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz,
-                                 int type, int verify);
-WOLFSSL_LOCAL int  CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert);
-WOLFSSL_LOCAL int  CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash,
-        byte* serial, int serialSz, byte* serialHash, const byte* extCrlInfo,
-        int extCrlInfoSz, void* issuerName);
-#ifdef HAVE_CRL_UPDATE_CB
-WOLFSSL_LOCAL int  GetCRLInfo(WOLFSSL_CRL* crl, CrlInfo* info, const byte* buff,
-        long sz, int type);
-#endif
-
-#ifdef __cplusplus
-    }  /* extern "C" */
-#endif
-
-#endif /* HAVE_CRL */
-#endif /* WOLFSSL_CRL_H */
diff --git a/include/bitcoin/ssl/wolfssl/openssl/asn1t.h b/include/bitcoin/ssl/wolfssl/openssl/asn1t.h
deleted file mode 100644
index 47aba84b1..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/asn1t.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* asn1t.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* asn1t.h for openssl */
-
-#ifndef WOLFSSL_ASN1T_H_
-#define WOLFSSL_ASN1T_H_
-
-#include <wolfssl/wolfcrypt/asn.h>
-#include <wolfssl/openssl/asn1.h>
-
-#endif /* WOLFSSL_ASN1T_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/openssl/camellia.h b/include/bitcoin/ssl/wolfssl/openssl/camellia.h
deleted file mode 100644
index b3d7c8397..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/camellia.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* camellia.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef WOLFSSL_CAMELLIA_H_
-#define WOLFSSL_CAMELLIA_H_
-
-#include <wolfssl/wolfcrypt/camellia.h>
-
-#endif /* WOLFSSL_CAMELLIA_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/openssl/cms.h b/include/bitcoin/ssl/wolfssl/openssl/cms.h
deleted file mode 100644
index 88c4f826d..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/cms.h
+++ /dev/null
@@ -1,26 +0,0 @@
-/* cms.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef WOLFSSL_CMS_H_
-#define WOLFSSL_CMS_H_
-
-
-#endif /* WOLFSSL_CMS_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/openssl/ocsp.h b/include/bitcoin/ssl/wolfssl/openssl/ocsp.h
deleted file mode 100644
index 588bbd588..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/ocsp.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* ocsp.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* ocsp.h for libcurl */
-
-#ifndef WOLFSSL_OCSP_H_
-#define WOLFSSL_OCSP_H_
-
-#ifdef HAVE_OCSP
-#include <wolfssl/ocsp.h>
-
-#ifndef OPENSSL_COEXIST
-
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) ||\
-    defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
-typedef OcspRequest                      OCSP_REQUEST;
-typedef OcspResponse                     OCSP_RESPONSE;
-typedef WOLFSSL_OCSP_BASICRESP           OCSP_BASICRESP;
-typedef WOLFSSL_OCSP_SINGLERESP          OCSP_SINGLERESP;
-typedef WOLFSSL_OCSP_CERTID              OCSP_CERTID;
-typedef WOLFSSL_OCSP_ONEREQ              OCSP_ONEREQ;
-typedef WOLFSSL_OCSP_REQ_CTX             OCSP_REQ_CTX;
-#endif
-
-#define OCSP_REVOKED_STATUS_NOSTATUS     (-1)
-
-
-#define OCSP_RESPONSE_STATUS_SUCCESSFUL  0
-#define OCSP_RESPONSE_STATUS_TRYLATER    3
-
-#define V_OCSP_CERTSTATUS_GOOD           0
-#define V_OCSP_CERTSTATUS_REVOKED        1
-#define V_OCSP_CERTSTATUS_UNKNOWN        2
-
-#define OCSP_resp_find_status     wolfSSL_OCSP_resp_find_status
-#define OCSP_cert_status_str      wolfSSL_OCSP_cert_status_str
-#define OCSP_check_validity       wolfSSL_OCSP_check_validity
-
-#define OCSP_CERTID_free          wolfSSL_OCSP_CERTID_free
-#define OCSP_cert_to_id           wolfSSL_OCSP_cert_to_id
-
-#define OCSP_BASICRESP_free       wolfSSL_OCSP_BASICRESP_free
-#define OCSP_basic_verify         wolfSSL_OCSP_basic_verify
-
-#define OCSP_RESPONSE_free        wolfSSL_OCSP_RESPONSE_free
-#define d2i_OCSP_RESPONSE_bio     wolfSSL_d2i_OCSP_RESPONSE_bio
-#define d2i_OCSP_RESPONSE         wolfSSL_d2i_OCSP_RESPONSE
-#define i2d_OCSP_RESPONSE         wolfSSL_i2d_OCSP_RESPONSE
-#define OCSP_response_status      wolfSSL_OCSP_response_status
-#define OCSP_response_status_str  wolfSSL_OCSP_response_status_str
-#define OCSP_response_get1_basic  wolfSSL_OCSP_response_get1_basic
-#define OCSP_response_create      wolfSSL_OCSP_response_create
-
-#define OCSP_REQUEST_new          wolfSSL_OCSP_REQUEST_new
-#define OCSP_REQUEST_free         wolfSSL_OCSP_REQUEST_free
-#define i2d_OCSP_REQUEST          wolfSSL_i2d_OCSP_REQUEST
-#define OCSP_request_add0_id      wolfSSL_OCSP_request_add0_id
-#define OCSP_request_add1_nonce   wolfSSL_OCSP_request_add1_nonce
-#define OCSP_check_nonce          wolfSSL_OCSP_check_nonce
-#define OCSP_id_get0_info         wolfSSL_OCSP_id_get0_info
-#define OCSP_crl_reason_str       wolfSSL_OCSP_crl_reason_str
-#define OCSP_REQUEST_add_ext      wolfSSL_OCSP_REQUEST_add_ext
-
-#define OCSP_CERTID_dup           wolfSSL_OCSP_CERTID_dup
-
-#define i2d_OCSP_REQUEST_bio      wolfSSL_i2d_OCSP_REQUEST_bio
-
-#define i2d_OCSP_CERTID           wolfSSL_i2d_OCSP_CERTID
-#define d2i_OCSP_CERTID           wolfSSL_d2i_OCSP_CERTID
-#define OCSP_SINGLERESP_get0_id   wolfSSL_OCSP_SINGLERESP_get0_id
-#define OCSP_id_cmp               wolfSSL_OCSP_id_cmp
-#define OCSP_single_get0_status   wolfSSL_OCSP_single_get0_status
-#define OCSP_resp_count           wolfSSL_OCSP_resp_count
-#define OCSP_resp_get0            wolfSSL_OCSP_resp_get0
-
-#define OCSP_REQ_CTX_new          wolfSSL_OCSP_REQ_CTX_new
-#define OCSP_REQ_CTX_free         wolfSSL_OCSP_REQ_CTX_free
-#define OCSP_sendreq_new          wolfSSL_OCSP_sendreq_new
-#define OCSP_REQ_CTX_set1_req     wolfSSL_OCSP_REQ_CTX_set1_req
-#define OCSP_REQ_CTX_add1_header  wolfSSL_OCSP_REQ_CTX_add1_header
-#define OCSP_REQ_CTX_http         wolfSSL_OCSP_REQ_CTX_http
-#define OCSP_REQ_CTX_nbio         wolfSSL_OCSP_REQ_CTX_nbio
-#define OCSP_sendreq_nbio         wolfSSL_OCSP_sendreq_nbio
-
-#endif /* !OPENSSL_COEXIST */
-
-#endif /* HAVE_OCSP */
-
-#endif /* WOLFSSL_OCSP_H_ */
-
diff --git a/include/bitcoin/ssl/wolfssl/openssl/opensslconf.h b/include/bitcoin/ssl/wolfssl/openssl/opensslconf.h
deleted file mode 100644
index ac6b55bc7..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/opensslconf.h
+++ /dev/null
@@ -1,8 +0,0 @@
-/* opensslconf.h for openSSL */
-
-
-#ifndef OPENSSL_THREADS
-    #define OPENSSL_THREADS
-#endif
-
-
diff --git a/include/bitcoin/ssl/wolfssl/openssl/ossl_typ.h b/include/bitcoin/ssl/wolfssl/openssl/ossl_typ.h
deleted file mode 100644
index 743779f7b..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/ossl_typ.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/* ossl_typ.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/openssl/ossl_typ.h
-*/
-
-
-#ifndef WOLFSSL_OSSL_TYP_H_
-#define WOLFSSL_OSSL_TYP_H_
-
-#include <wolfssl/openssl/ssl.h>
-
-#endif /* !WOLFSSL_OSSL_TYP_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/openssl/safestack.h b/include/bitcoin/ssl/wolfssl/openssl/safestack.h
deleted file mode 100644
index 7126af05f..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/safestack.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/* safestack.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* stack.h for openSSL */
-
-#ifndef WOLFSSL_SAFESTACK_H_
-#define WOLFSSL_SAFESTACK_H_
-
-#include <wolfssl/openssl/compat_types.h>
-#include <wolfssl/openssl/ssl.h>
-
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/include/bitcoin/ssl/wolfssl/openssl/srp.h b/include/bitcoin/ssl/wolfssl/openssl/srp.h
deleted file mode 100644
index bd4e15414..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/srp.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/* srp.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef WOLFSSL_SRP_H_
-#define WOLFSSL_SRP_H_
-
-#include <wolfssl/wolfcrypt/srp.h>
-
-#ifndef OPENSSL_COEXIST
-
-#define SRP_MINIMAL_N SRP_MODULUS_MIN_BITS
-
-#endif /* !OPENSSL_COEXIST */
-
-#endif /* WOLFSSL_SRP_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/openssl/txt_db.h b/include/bitcoin/ssl/wolfssl/openssl/txt_db.h
deleted file mode 100644
index 8ad0b1831..000000000
--- a/include/bitcoin/ssl/wolfssl/openssl/txt_db.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/* txt_db.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef WOLFSSL_TXT_DB_H_
-#define WOLFSSL_TXT_DB_H_
-
-#include <wolfssl/openssl/ssl.h>
-
-#define WOLFSSL_TXT_DB_MAX_FIELDS 10
-
-struct WOLFSSL_TXT_DB {
-    int num_fields;
-    WOLF_STACK_OF(WOLFSSL_STRING) *data;
-    long error;
-    long arg1;
-    long arg2;
-    wolf_sk_hash_cb hash_fn[WOLFSSL_TXT_DB_MAX_FIELDS];
-};
-
-typedef struct WOLFSSL_TXT_DB WOLFSSL_TXT_DB;
-typedef int (*wolf_lh_compare_cb)(const void* a,
-                                  const void* b);
-
-WOLFSSL_API WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num);
-WOLFSSL_API long wolfSSL_TXT_DB_write(WOLFSSL_BIO  *out, WOLFSSL_TXT_DB *db);
-WOLFSSL_API int wolfSSL_TXT_DB_insert(WOLFSSL_TXT_DB *db, WOLFSSL_STRING *row);
-WOLFSSL_API void wolfSSL_TXT_DB_free(WOLFSSL_TXT_DB *db);
-WOLFSSL_API int wolfSSL_TXT_DB_create_index(WOLFSSL_TXT_DB *db, int field,
-        void* qual, wolf_sk_hash_cb hash, wolf_lh_compare_cb cmp);
-WOLFSSL_API WOLFSSL_STRING *wolfSSL_TXT_DB_get_by_index(WOLFSSL_TXT_DB *db,
-        int idx, WOLFSSL_STRING *value);
-
-#define TXT_DB                  WOLFSSL_TXT_DB
-
-#define TXT_DB_read             wolfSSL_TXT_DB_read
-#define TXT_DB_write            wolfSSL_TXT_DB_write
-#define TXT_DB_insert           wolfSSL_TXT_DB_insert
-#define TXT_DB_free             wolfSSL_TXT_DB_free
-#define TXT_DB_create_index     wolfSSL_TXT_DB_create_index
-#define TXT_DB_get_by_index     wolfSSL_TXT_DB_get_by_index
-
-#endif /* WOLFSSL_TXT_DB_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/quic.h b/include/bitcoin/ssl/wolfssl/quic.h
deleted file mode 100644
index 263c5c1ba..000000000
--- a/include/bitcoin/ssl/wolfssl/quic.h
+++ /dev/null
@@ -1,310 +0,0 @@
-/* quic.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/* wolfSSL QUIC API */
-
-#ifndef WOLFSSL_QUIC_H
-#define WOLFSSL_QUIC_H
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-#ifdef WOLFSSL_QUIC
-
-#ifndef NO_STDINT_H
-    #include <stdint.h>
-#endif
-
-/* QUIC operates on three encryption levels which determine
- * which keys/algos are used for de-/encryption. These are
- * kept separately for incoming and outgoing data and.
- * Due to the nature of UDP, more than one might be in use
- * at the same time due to resends or out-of-order arrivals.
- */
-typedef enum wolfssl_encryption_level_t {
-    wolfssl_encryption_initial = 0,
-    wolfssl_encryption_early_data,
-    wolfssl_encryption_handshake,
-    wolfssl_encryption_application
-} WOLFSSL_ENCRYPTION_LEVEL;
-
-
-/* All QUIC related callbacks to the application.
- */
-typedef struct wolfssl_quic_method_t WOLFSSL_QUIC_METHOD;
-
-struct wolfssl_quic_method_t {
-    /**
-     * Provide secrets to the QUIC stack when they become available in the SSL
-     * instance during handshake processing. read/write secrets have the same
-     * length. A call may only provide one, passing NULL as the other.
-     */
-    int (*set_encryption_secrets)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
-                                  const uint8_t* read_secret,
-                                  const uint8_t* write_secret,
-                                  size_t secret_len);
-    /**
-     * Provide handshake packets to the QUIC stack to send to the peer. The
-     * QUIC stack will wrap these and take care of re-transmissions.
-     */
-    int (*add_handshake_data)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t* data, size_t len);
-    /**
-     * Flush any buffered packets during handshake.
-     */
-    int (*flush_flight)(WOLFSSL* ssl);
-    /**
-     * Send a TLS alert that happened during handshake. In QUIC, such alerts
-     * lead to connection shutdown.
-     */
-    int (*send_alert)(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
-                      uint8_t alert);
-};
-
-
-/**
- * Mark the given SSL context for QUIC protocol handling. Meaning all
- * SSL instances derived from it will inherit this. Provides all callbacks
- * to the QUIC application the SSL stack needs.
- */
-WOLFSSL_API
-int wolfSSL_CTX_set_quic_method(WOLFSSL_CTX* ctx,
-                                const WOLFSSL_QUIC_METHOD* quic_method);
-/**
- * Mark exactly this SSL instance for QUIC protocol handling.
- * Provides all callbacks to the QUIC application the SSL stack needs.
- */
-WOLFSSL_API
-int wolfSSL_set_quic_method(WOLFSSL* ssl,
-                            const WOLFSSL_QUIC_METHOD* quic_method);
-
-/**
- * Check if QUIC handling has been installed on the given SSL instance.
- */
-WOLFSSL_API int wolfSSL_is_quic(WOLFSSL* ssl);
-
-/**
- * Return the current encryption level of the SSL instance for READs.
- */
-WOLFSSL_API
-WOLFSSL_ENCRYPTION_LEVEL  wolfSSL_quic_read_level(const WOLFSSL* ssl);
-
-/**
- * Return the current encryption level of the SSL instance for WRITEs.
- */
-WOLFSSL_API
-WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(const WOLFSSL* ssl);
-
-
-/**
- * Configure the QUIC transport version to use. On `use_legacy` != 0,
- * selects TLSX_KEY_QUIC_TP_PARAMS_DRAFT, otherwise TLSX_KEY_QUIC_TP_PARAMS.
- * This method is part of the BoringSSL API and replicated here for app
- * portability (as in quictls/openssl).
- */
-WOLFSSL_API
-void wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL* ssl, int use_legacy);
-
-/**
- * Set the TLS extension for the transport parameter version to announce
- * to the peer. Known values are TLSX_KEY_QUIC_TP_PARAMS (V1) and
- * TLSX_KEY_QUIC_TP_PARAMS_DRAFT.
- * Setting it to 0 will announce both V1 and draft versions to a server.
- * Servers will, on 0, select the latest version seen from the client.
- * Default is 0.
- */
-WOLFSSL_API
-void wolfSSL_set_quic_transport_version(WOLFSSL* ssl, int version);
-
-/**
- * Get the configured transport version.
- */
-WOLFSSL_API int wolfSSL_get_quic_transport_version(const WOLFSSL* ssl);
-
-/**
- * Set the raw QUIC transport parameter that will be sent in the TLS extension
- * to the peer, using the configured transport version(s).
- */
-WOLFSSL_API int wolfSSL_set_quic_transport_params(WOLFSSL* ssl,
-                                                  const uint8_t* params,
-                                                  size_t params_len);
-/**
- * Get the raw QUIC transport parameter as retrieved via TLS Extension
- * from the peer. If the peer announced several versions,
- * return the latest one.
- * If the extension has not arrived yet, initializes out parameter to
- * NULL, resp. 0.
- */
-WOLFSSL_API
-void wolfSSL_get_peer_quic_transport_params(const WOLFSSL* ssl,
-                                            const uint8_t* *out_params,
-                                            size_t* out_params_len);
-
-/**
- * Get the QUIC version negotiated with the peer during the handshake.
- */
-WOLFSSL_API int wolfSSL_get_peer_quic_transport_version(const WOLFSSL* ssl);
-
-#ifdef WOLFSSL_EARLY_DATA
-WOLFSSL_API void wolfSSL_set_quic_early_data_enabled(WOLFSSL* ssl, int enabled);
-#endif
-
-/**
- * Advisory amount of the maximum data a QUIC protocol handler should have
- * in flight. This varies during handshake processing, for example certificate
- * exchange will increase the limit.
- */
-WOLFSSL_API
-size_t wolfSSL_quic_max_handshake_flight_len(const WOLFSSL* ssl,
-                                             WOLFSSL_ENCRYPTION_LEVEL level);
-
-
-/**
- * The QUIC protocol handler provides peer TLS records to the SSL instance
- * during handshake to progress it. The SSL instance will use the registered
- * callbacks to send packets to the peer.
- * Encryption level is provided to indicate how to decrypt the data. Data may
- * be added for levels not yet reached by the SSL instance. However, data
- * may only be added in ever increasing levels and levels may only increase
- * at TLS record boundaries. Any violation will make this function fail.
- */
-WOLFSSL_API
-int wolfSSL_provide_quic_data(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t* data, size_t len);
-
-WOLFSSL_API
-int wolfSSL_quic_do_handshake(WOLFSSL* ssl);
-
-/**
- * Process any CRYPTO data added post-handshake.
- */
-WOLFSSL_API int wolfSSL_process_quic_post_handshake(WOLFSSL* ssl);
-
-/**
- * Process any pending input and flush all output. Can be invoked
- * during and/or after handshake processing.
- */
-WOLFSSL_API int wolfSSL_quic_read_write(WOLFSSL* ssl);
-
-/**
- * Get the AEAD cipher that is currently selected in the SSL instance.
- * Will return NULL if none has been selected so far. This is used by the
- * QUIC stack to encrypt/decrypt packets after the handshake.
- */
-WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl);
-
-/**
- * Use to classify the AEAD cipher for key reuse limits.
- */
-WOLFSSL_API int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER* aead_cipher);
-WOLFSSL_API int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER* aead_cipher);
-WOLFSSL_API
-int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER* aead_cipher);
-
-/**
- * Get the 'tag' length used by the AEAD cipher. Encryption buffer lengths
- * are plaintext length plus this tag length.
- */
-WOLFSSL_API
-size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher);
-
-/**
- * The message digest currently selected in the SSL instance.
- */
-WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_quic_get_md(WOLFSSL* ssl);
-
-/**
- * The QUIC header protection cipher matching the AEAD cipher currently
- * selected in the SSL instance.
- */
-WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl);
-
-/**
- * Create and initialize a cipher context for use in en- or decryption.
- */
-WOLFSSL_API WOLFSSL_EVP_CIPHER_CTX*
-wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER* cipher,
-                       const uint8_t* key, const uint8_t* iv, int encrypt);
-
-/**
- * Use a previously created cipher context to encrypt the given plain text.
- */
-WOLFSSL_API
-int wolfSSL_quic_aead_encrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* aead_ctx,
-                              const uint8_t* plain, size_t plainlen,
-                              const uint8_t* iv, const uint8_t* aad,
-                              size_t aadlen);
-/**
- * Use a previously created cipher context to decrypt the given encoded text.
- */
-WOLFSSL_API
-int wolfSSL_quic_aead_decrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx,
-                              const uint8_t* enc, size_t enclen,
-                              const uint8_t* iv, const uint8_t* aad,
-                              size_t aadlen);
-
-/**
- * Extract a pseudo-random key, using the given message digest, a secret
- * and a salt. The key size is the size of the digest.
- */
-WOLFSSL_API
-int wolfSSL_quic_hkdf_extract(uint8_t* dest, const WOLFSSL_EVP_MD* md,
-                              const uint8_t* secret, size_t secretlen,
-                              const uint8_t* salt, size_t saltlen);
-/**
- * Expand a pseudo-random key (secret) into a new key, using the mesasge
- * digest and the info bytes.
- */
-WOLFSSL_API
-int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen,
-                             const WOLFSSL_EVP_MD* md,
-                             const uint8_t* secret, size_t secretlen,
-                             const uint8_t* info, size_t infolen);
-
-/**
- * Extract and extpand secret, salt and info into a new key.
- */
-WOLFSSL_API
-int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen,
-                      const WOLFSSL_EVP_MD* md,
-                      const uint8_t* secret, size_t secretlen,
-                      const uint8_t* salt, size_t saltlen,
-                      const uint8_t* info, size_t infolen);
-
-/* most common QUIC packet size as of 2022 was 1,200 bytes
- * largest packet size listed in the RFC is 1,392 bytes
- * this gives plenty of breathing room for capacity of records but keeps sizes
- * read from the wire sane */
-#ifndef WOLFSSL_QUIC_MAX_RECORD_CAPACITY
-    /* 1024*1024 -- 1 MB */
-    #define WOLFSSL_QUIC_MAX_RECORD_CAPACITY (1048576)
-#endif
-
-#endif /* WOLFSSL_QUIC */
-
-#ifdef __cplusplus
-    }  /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_QUIC_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-impl.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-impl.h
deleted file mode 100644
index debfc3fdc..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-impl.h
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
-   BLAKE2 reference source code package - reference C implementations
-
-   Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2-impl.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef WOLFCRYPT_BLAKE2_IMPL_H
-#define WOLFCRYPT_BLAKE2_IMPL_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-static WC_INLINE word32 load32( const void *src )
-{
-#if defined(LITTLE_ENDIAN_ORDER)
-  return *( word32 * )( src );
-#else
-  const byte *p = ( byte * )src;
-  word32 w = *p++;
-  w |= ( word32 )( *p++ ) <<  8;
-  w |= ( word32 )( *p++ ) << 16;
-  w |= ( word32 )( *p++ ) << 24;
-  return w;
-#endif
-}
-
-static WC_INLINE word64 load64( const void *src )
-{
-#if defined(LITTLE_ENDIAN_ORDER)
-  return *( word64 * )( src );
-#else
-  const byte *p = ( byte * )src;
-  word64 w = *p++;
-  w |= ( word64 )( *p++ ) <<  8;
-  w |= ( word64 )( *p++ ) << 16;
-  w |= ( word64 )( *p++ ) << 24;
-  w |= ( word64 )( *p++ ) << 32;
-  w |= ( word64 )( *p++ ) << 40;
-  w |= ( word64 )( *p++ ) << 48;
-  w |= ( word64 )( *p++ ) << 56;
-  return w;
-#endif
-}
-
-static WC_INLINE void store32( void *dst, word32 w )
-{
-#if defined(LITTLE_ENDIAN_ORDER)
-  *( word32 * )( dst ) = w;
-#else
-  byte *p = ( byte * )dst;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w;
-#endif
-}
-
-static WC_INLINE void store64( void *dst, word64 w )
-{
-#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_GENERAL_ALIGNMENT)
-  *( word64 * )( dst ) = w;
-#else
-  byte *p = ( byte * )dst;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w;
-#endif
-}
-
-static WC_INLINE word64 load48( const void *src )
-{
-  const byte *p = ( const byte * )src;
-  word64 w = *p++;
-  w |= ( word64 )( *p++ ) <<  8;
-  w |= ( word64 )( *p++ ) << 16;
-  w |= ( word64 )( *p++ ) << 24;
-  w |= ( word64 )( *p++ ) << 32;
-  w |= ( word64 )( *p++ ) << 40;
-  return w;
-}
-
-static WC_INLINE void store48( void *dst, word64 w )
-{
-  byte *p = ( byte * )dst;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w; w >>= 8;
-  *p++ = ( byte )w;
-}
-
-static WC_INLINE word32 rotl32( const word32 w, const unsigned c )
-{
-  return ( w << c ) | ( w >> ( 32 - c ) );
-}
-
-static WC_INLINE word64 rotl64( const word64 w, const unsigned c )
-{
-  return ( w << c ) | ( w >> ( 64 - c ) );
-}
-
-static WC_INLINE word32 rotr32( const word32 w, const unsigned c )
-{
-  return ( w >> c ) | ( w << ( 32 - c ) );
-}
-
-static WC_INLINE word64 rotr64( const word64 w, const unsigned c )
-{
-  return ( w >> c ) | ( w << ( 64 - c ) );
-}
-
-/* prevents compiler optimizing out memset() */
-static WC_INLINE void secure_zero_memory( void *v, word64 n )
-{
-  volatile byte *p = ( volatile byte * )v;
-
-  while( n-- ) *p++ = 0;
-}
-
-#endif  /* WOLFCRYPT_BLAKE2_IMPL_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-int.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-int.h
deleted file mode 100644
index 1dcb1fd79..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/blake2-int.h
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
-   BLAKE2 reference source code package - reference C implementations
-
-   Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2-int.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-#ifndef WOLFCRYPT_BLAKE2_INT_H
-#define WOLFCRYPT_BLAKE2_INT_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#if defined(__cplusplus)
-    extern "C" {
-#endif
-
-  enum blake2s_constant
-  {
-    BLAKE2S_BLOCKBYTES = 64,
-    BLAKE2S_OUTBYTES   = 32,
-    BLAKE2S_KEYBYTES   = 32,
-    BLAKE2S_SALTBYTES  = 8,
-    BLAKE2S_PERSONALBYTES = 8
-  };
-
-  enum blake2b_constant
-  {
-    BLAKE2B_BLOCKBYTES = 128,
-    BLAKE2B_OUTBYTES   = 64,
-    BLAKE2B_KEYBYTES   = 64,
-    BLAKE2B_SALTBYTES  = 16,
-    BLAKE2B_PERSONALBYTES = 16
-  };
-
-#pragma pack(push, 1)
-  typedef struct __blake2s_param
-  {
-    byte  digest_length; /* 1 */
-    byte  key_length;    /* 2 */
-    byte  fanout;        /* 3 */
-    byte  depth;         /* 4 */
-    word32 leaf_length;   /* 8 */
-    byte  node_offset[6];/* 14 */
-    byte  node_depth;    /* 15 */
-    byte  inner_length;  /* 16 */
-    /* byte  reserved[0]; */
-    byte  salt[BLAKE2S_SALTBYTES]; /* 24 */
-    byte  personal[BLAKE2S_PERSONALBYTES];  /* 32 */
-  } blake2s_param;
-
-  typedef struct __blake2s_state
-  {
-    word32 h[8];
-    word32 t[2];
-    word32 f[2];
-    byte  buf[2 * BLAKE2S_BLOCKBYTES];
-    word32 buflen;
-    byte  last_node;
-  } blake2s_state ;
-
-  typedef struct __blake2b_param
-  {
-    byte  digest_length; /* 1 */
-    byte  key_length;    /* 2 */
-    byte  fanout;        /* 3 */
-    byte  depth;         /* 4 */
-    word32 leaf_length;   /* 8 */
-    word64 node_offset;   /* 16 */
-    byte  node_depth;    /* 17 */
-    byte  inner_length;  /* 18 */
-    byte  reserved[14];  /* 32 */
-    byte  salt[BLAKE2B_SALTBYTES]; /* 48 */
-    byte  personal[BLAKE2B_PERSONALBYTES];  /* 64 */
-  } blake2b_param;
-
-  typedef struct __blake2b_state
-  {
-    word64 h[8];
-    word64 t[2];
-    word64 f[2];
-    byte  buf[2 * BLAKE2B_BLOCKBYTES];
-    word64 buflen;
-    byte  last_node;
-  } blake2b_state;
-
-  typedef struct __blake2sp_state
-  {
-    blake2s_state S[8][1];
-    blake2s_state R[1];
-    byte buf[8 * BLAKE2S_BLOCKBYTES];
-    word32 buflen;
-  } blake2sp_state;
-
-  typedef struct __blake2bp_state
-  {
-    blake2b_state S[4][1];
-    blake2b_state R[1];
-    byte buf[4 * BLAKE2B_BLOCKBYTES];
-    word64 buflen;
-  } blake2bp_state;
-#pragma pack(pop)
-
-  /* Streaming API */
-  int blake2s_init( blake2s_state *S, byte outlen );
-  int blake2s_init_key( blake2s_state *S, byte outlen, const void *key, byte keylen );
-  int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
-  int blake2s_update( blake2s_state *S, const byte *in, word32 inlen );
-  int blake2s_final( blake2s_state *S, byte *out, byte outlen );
-
-  int blake2b_init( blake2b_state *S, byte outlen );
-  int blake2b_init_key( blake2b_state *S, byte outlen, const void *key, byte keylen );
-  int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
-  int blake2b_update( blake2b_state *S, const byte *in, word64 inlen );
-  int blake2b_final( blake2b_state *S, byte *out, byte outlen );
-
-  int blake2sp_init( blake2sp_state *S, byte outlen );
-  int blake2sp_init_key( blake2sp_state *S, byte outlen, const void *key, byte keylen );
-  int blake2sp_update( blake2sp_state *S, const byte *in, word32 inlen );
-  int blake2sp_final( blake2sp_state *S, byte *out, byte outlen );
-
-  int blake2bp_init( blake2bp_state *S, byte outlen );
-  int blake2bp_init_key( blake2bp_state *S, byte outlen, const void *key, byte keylen );
-  int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen );
-  int blake2bp_final( blake2bp_state *S, byte *out, byte outlen );
-
-  /* Simple API */
-  int blake2s( byte *out, const void *in, const void *key, byte outlen, word32 inlen, byte keylen );
-  int blake2b( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen );
-
-  int blake2sp( byte *out, const void *in, const void *key, byte outlen, word32 inlen, byte keylen );
-  int blake2bp( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen );
-
-  static WC_INLINE int blake2( byte *out, const void *in, const void *key, byte outlen, word64 inlen, byte keylen )
-  {
-    return blake2b( out, in, key, outlen, inlen, keylen );
-  }
-
-
-
-#if defined(__cplusplus)
-    }
-#endif
-
-#endif  /* WOLFCRYPT_BLAKE2_INT_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/compress.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/compress.h
deleted file mode 100644
index 4f401a616..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/compress.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/* compress.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/compress.h
-*/
-
-
-#ifndef WOLF_CRYPT_COMPRESS_H
-#define WOLF_CRYPT_COMPRESS_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef HAVE_LIBZ
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-
-#define COMPRESS_FIXED 1
-
-#define LIBZ_WINBITS_GZIP 16
-
-
-WOLFSSL_API int wc_Compress(byte*, word32, const byte*, word32, word32);
-WOLFSSL_API int wc_Compress_ex(byte* out, word32 outSz, const byte* in,
-    word32 inSz, word32 flags, word32 windowBits);
-WOLFSSL_API int wc_DeCompress(byte*, word32, const byte*, word32);
-WOLFSSL_API int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in,
-    word32 inSz, int windowBits);
-WOLFSSL_API int wc_DeCompressDynamic(byte** out, int max, int memoryType,
-        const byte* in, word32 inSz, int windowBits, void* heap);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-
-#endif /* HAVE_LIBZ */
-#endif /* WOLF_CRYPT_COMPRESS_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/dilithium.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/dilithium.h
deleted file mode 100644
index abded5ce2..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/dilithium.h
+++ /dev/null
@@ -1,1051 +0,0 @@
-/* dilithium.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/dilithium.h
-*/
-
-/* Interfaces for Dilithium NIST Level 1 (Dilithium512) and Dilithium NIST Level 5
- * (Dilithium1024). */
-
-#ifndef WOLF_CRYPT_DILITHIUM_H
-#define WOLF_CRYPT_DILITHIUM_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#if defined(HAVE_DILITHIUM)
-
-#ifdef HAVE_LIBOQS
-#include <oqs/oqs.h>
-#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
-#endif
-
-#if defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) && \
-        defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-        !defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-        !defined(WOLFSSL_DILITHIUM_VERIFY_ONLY)
-    #define WOLFSSL_DILITHIUM_VERIFY_ONLY
-#endif
-#ifdef WOLFSSL_DILITHIUM_VERIFY_ONLY
-    #ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-        #define WOLFSSL_DILITHIUM_NO_MAKE_KEY
-    #endif
-    #ifndef WOLFSSL_DILITHIUM_NO_SIGN
-        #define WOLFSSL_DILITHIUM_NO_SIGN
-    #endif
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-        !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-    #define WOLFSSL_DILITHIUM_PUBLIC_KEY
-#endif
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-        !defined(WOLFSSL_DILITHIUM_NO_SIGN)
-    #define WOLFSSL_DILITHIUM_PRIVATE_KEY
-#endif
-
-#if defined(WOLFSSL_DILITHIUM_PUBLIC_KEY) && \
-        defined(WOLFSSL_DILITHIUM_PRIVATE_KEY) && \
-        !defined(WOLFSSL_DILITHIUM_NO_CHECK_KEY) && \
-        !defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-    #define WOLFSSL_DILITHIUM_CHECK_KEY
-#endif
-
-#ifdef WOLFSSL_WC_DILITHIUM
-    #include <wolfssl/wolfcrypt/sha3.h>
-#ifndef WOLFSSL_DILITHIUM_VERIFY_ONLY
-    #include <wolfssl/wolfcrypt/random.h>
-#endif
-#endif
-
-#if defined(WC_DILITHIUM_CACHE_PRIV_VECTORS) && \
-        !defined(WC_DILITHIUM_CACHE_MATRIX_A)
-    #define WC_DILITHIUM_CACHE_MATRIX_A
-#endif
-#if defined(WC_DILITHIUM_CACHE_PUB_VECTORS) && \
-        !defined(WC_DILITHIUM_CACHE_MATRIX_A)
-    #define WC_DILITHIUM_CACHE_MATRIX_A
-#endif
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Macros Definitions */
-
-#ifdef WOLFSSL_WC_DILITHIUM
-
-#ifndef WOLFSSL_DILITHIUM_ALIGNMENT
-    #if defined(__arch64__)
-        #define WOLFSSL_DILITHIUM_ALIGNMENT     8
-    #elif defined(__arm__)
-        #define WOLFSSL_DILITHIUM_ALIGNMENT     4
-    #elif !defined(WOLFSSL_AESNI) && defined(WOLFSSL_GENERAL_ALIGNMENT)
-        #define WOLFSSL_DILITHIUM_ALIGNMENT     WOLFSSL_GENERAL_ALIGNMENT
-    #else
-        #define WOLFSSL_DILITHIUM_ALIGNMENT     8
-    #endif
-#endif /* WOLFSSL_DILITHIUM_ALIGNMENT */
-
-#define DILITHIUM_LEVEL2_KEY_SIZE       2560
-#define DILITHIUM_LEVEL2_SIG_SIZE       2420
-#define DILITHIUM_LEVEL2_PUB_KEY_SIZE   1312
-#define DILITHIUM_LEVEL2_PRV_KEY_SIZE   \
-    (DILITHIUM_LEVEL2_PUB_KEY_SIZE + DILITHIUM_LEVEL2_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_LEVEL2_PUB_KEY_DER_SIZE 1334
-#define DILITHIUM_LEVEL2_PRV_KEY_DER_SIZE 2588
-#define DILITHIUM_LEVEL2_BOTH_KEY_DER_SIZE 3904
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define DILITHIUM_LEVEL2_BOTH_KEY_PEM_SIZE 5344
-
-#define DILITHIUM_LEVEL3_KEY_SIZE       4032
-#define DILITHIUM_LEVEL3_SIG_SIZE       3309
-#define DILITHIUM_LEVEL3_PUB_KEY_SIZE   1952
-#define DILITHIUM_LEVEL3_PRV_KEY_SIZE   \
-    (DILITHIUM_LEVEL3_PUB_KEY_SIZE + DILITHIUM_LEVEL3_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_LEVEL3_PUB_KEY_DER_SIZE 1974
-#define DILITHIUM_LEVEL3_PRV_KEY_DER_SIZE 4060
-#define DILITHIUM_LEVEL3_BOTH_KEY_DER_SIZE 6016
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define DILITHIUM_LEVEL3_BOTH_KEY_PEM_SIZE 8204
-
-#define DILITHIUM_LEVEL5_KEY_SIZE       4896
-#define DILITHIUM_LEVEL5_SIG_SIZE       4627
-#define DILITHIUM_LEVEL5_PUB_KEY_SIZE   2592
-#define DILITHIUM_LEVEL5_PRV_KEY_SIZE   \
-    (DILITHIUM_LEVEL5_PUB_KEY_SIZE + DILITHIUM_LEVEL5_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_LEVEL5_PUB_KEY_DER_SIZE 2614
-#define DILITHIUM_LEVEL5_PRV_KEY_DER_SIZE 4924
-#define DILITHIUM_LEVEL5_BOTH_KEY_DER_SIZE 7520
-/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
- * the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
-#define DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE 10267
-
-#define ML_DSA_LEVEL2_KEY_SIZE          2560
-#define ML_DSA_LEVEL2_SIG_SIZE          2420
-#define ML_DSA_LEVEL2_PUB_KEY_SIZE      1312
-#define ML_DSA_LEVEL2_PRV_KEY_SIZE   \
-    (ML_DSA_LEVEL2_PUB_KEY_SIZE + ML_DSA_LEVEL2_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define ML_DSA_LEVEL2_PUB_KEY_DER_SIZE DILITHIUM_LEVEL2_PUB_KEY_DER_SIZE
-#define ML_DSA_LEVEL2_PRV_KEY_DER_SIZE DILITHIUM_LEVEL2_PRV_KEY_DER_SIZE
-#define ML_DSA_LEVEL2_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL2_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define ML_DSA_LEVEL2_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL2_BOTH_KEY_PEM_SIZE
-
-#define ML_DSA_LEVEL3_KEY_SIZE          4032
-#define ML_DSA_LEVEL3_SIG_SIZE          3309
-#define ML_DSA_LEVEL3_PUB_KEY_SIZE      1952
-#define ML_DSA_LEVEL3_PRV_KEY_SIZE   \
-    (ML_DSA_LEVEL3_PUB_KEY_SIZE + ML_DSA_LEVEL3_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define ML_DSA_LEVEL3_PUB_KEY_DER_SIZE DILITHIUM_LEVEL3_PUB_KEY_DER_SIZE
-#define ML_DSA_LEVEL3_PRV_KEY_DER_SIZE DILITHIUM_LEVEL3_PRV_KEY_DER_SIZE
-#define ML_DSA_LEVEL3_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL3_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define ML_DSA_LEVEL3_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL3_BOTH_KEY_PEM_SIZE
-
-#define ML_DSA_LEVEL5_KEY_SIZE          4896
-#define ML_DSA_LEVEL5_SIG_SIZE          4627
-#define ML_DSA_LEVEL5_PUB_KEY_SIZE      2592
-#define ML_DSA_LEVEL5_PRV_KEY_SIZE   \
-    (ML_DSA_LEVEL5_PUB_KEY_SIZE + ML_DSA_LEVEL5_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define ML_DSA_LEVEL5_PUB_KEY_DER_SIZE DILITHIUM_LEVEL5_PUB_KEY_DER_SIZE
-#define ML_DSA_LEVEL5_PRV_KEY_DER_SIZE DILITHIUM_LEVEL5_PRV_KEY_DER_SIZE
-#define ML_DSA_LEVEL5_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL5_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
- * the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
-#define ML_DSA_LEVEL5_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE
-
-
-
-/* Modulus. */
-#define DILITHIUM_Q                     0x7fe001
-/* Number of bits in modulus. */
-#define DILITHIUM_Q_BITS                23
-/* Number of elements in polynomial. */
-#define DILITHIUM_N                     256
-#define MLDSA_N                         256
-
-/* Number of dropped bits. */
-#define DILITHIUM_D                     13
-/* Maximum value of dropped bits. */
-#define DILITHIUM_D_MAX                 (1 << DILITHIUM_D)
-/* Half maximum value. */
-#define DILITHIUM_D_MAX_HALF            (1 << (DILITHIUM_D - 1))
-/* Number of undropped bits. */
-#define DILITHIUM_U                     (DILITHIUM_Q_BITS - DILITHIUM_D)
-
-/* Bits in coefficient range of y, GAMMA1, of 2^17 is 17. */
-#define DILITHIUM_GAMMA1_BITS_17        17
-/* Coefficient range of y, GAMMA1, of 2^17. */
-#define DILITHIUM_GAMMA1_17             (1 << 17)
-/* # encoding bits of y is GAMMA1 + 1. */
-#define DILITHIUM_GAMMA1_17_ENC_BITS    18
-/* Coefficient range of y, GAMMA1, of 2^17. */
-/* Bits in coefficient range of y, GAMMA1, of 2^19 is 19. */
-#define DILITHIUM_GAMMA1_BITS_19        19
-/* Coefficient range of y, GAMMA1, of 2^19. */
-#define DILITHIUM_GAMMA1_19             (1 << 19)
-/* # encoding bits of y is GAMMA1 + 1. */
-#define DILITHIUM_GAMMA1_19_ENC_BITS    20
-
-/* Low-order rounding range, GAMMA2, is Q divided by 88. */
-#define DILITHIUM_Q_LOW_88              ((DILITHIUM_Q - 1) / 88)
-/* Absolute low-order rounding range, GAMMA2, is Q divided by 88. */
-#define DILITHIUM_Q_LOW_88_2            (((DILITHIUM_Q - 1) / 88) * 2)
-/* # encoding bits of w1 when range is 88. */
-#define DILITHIUM_Q_HI_88_ENC_BITS      6
-/* Low-order rounding range, GAMMA2, is Q divided by 32. */
-#define DILITHIUM_Q_LOW_32              ((DILITHIUM_Q - 1) / 32)
-/* Absolute low-order rounding range, GAMMA2, is Q divided by 32. */
-#define DILITHIUM_Q_LOW_32_2            (((DILITHIUM_Q - 1) / 32) * 2)
-/* # encoding bits of w1 when range is 32. */
-#define DILITHIUM_Q_HI_32_ENC_BITS      4
-
-/* Private key range, eta, of 2. */
-#define DILITHIUM_ETA_2                 2
-/* Bits needed to encode values in range -2..2 as a positive number. */
-#define DILITHIUM_ETA_2_BITS            3
-/* Extract count of valid values. */
-#define DILITHIUM_ETA_2_MOD             15
-/* Private key range, eta, of 4. */
-#define DILITHIUM_ETA_4                 4
-/* Bits needed to encode values in range -4..4 as a positive number. */
-#define DILITHIUM_ETA_4_BITS            4
-/* Extract count of valid values. */
-#define DILITHIUM_ETA_4_MOD             9
-
-/* Number of bytes in a polynomial in memory. */
-#define DILITHIUM_POLY_SIZE             (DILITHIUM_N * sizeof(sword32))
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-
-/* Fist dimension of A, k, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_K              4
-/* Second dimension of A, l, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_L              4
-/* Private key range, ETA, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_ETA            DILITHIUM_ETA_2
-/* Number of bits in private key for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_ETA_BITS       DILITHIUM_ETA_2_BITS
-/* Collision strength of c-tilde, LAMBDA, in bits for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_LAMBDA         128
-/* # +/-1's in polynomial c, TAU, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_TAU            39
-/* BETA = TAU * ETA for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_BETA           \
-    (PARAMS_ML_DSA_44_TAU * PARAMS_ML_DSA_44_ETA)
-/* Max # 1's in the hint h, OMEGA, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_OMEGA          80
-/* Bits in coefficient range of y, GAMMA1, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_GAMMA1_BITS    DILITHIUM_GAMMA1_BITS_17
-/* Ccoefficient range of y, GAMMA1, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_GAMMA1         (1 << PARAMS_ML_DSA_44_GAMMA1_BITS)
-/* Low-order rounding range, GAMMA2, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_GAMMA2         DILITHIUM_Q_LOW_88
-/* Bits in high-order rounding range, GAMMA2, for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_GAMMA2_HI_BITS 6
-/* Encoding size of w1 in bytes for ML-DSA-44.
- * K * N / 8 * 6 - 6 bits as max value is 43 in high bits. */
-#define PARAMS_ML_DSA_44_W1_ENC_SZ      \
-    (PARAMS_ML_DSA_44_K * DILITHIUM_N / 8 * PARAMS_ML_DSA_44_GAMMA2_HI_BITS)
-/* Size of memory used for matrix a in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_A_SIZE         \
-    (PARAMS_ML_DSA_44_K * PARAMS_ML_DSA_44_L * DILITHIUM_POLY_SIZE)
-/* Size of memory used for vector s1 in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_S1_SIZE        \
-    (PARAMS_ML_DSA_44_L * DILITHIUM_POLY_SIZE)
-/* Encoding size of s1 in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_S1_ENC_SIZE    \
-    (PARAMS_ML_DSA_44_S1_SIZE / sizeof(sword32) * PARAMS_ML_DSA_44_ETA_BITS / 8)
-/* Size of memory used for vector s2 in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_S2_SIZE        \
-    (PARAMS_ML_DSA_44_K * DILITHIUM_POLY_SIZE)
-/* Encoding size of s2 in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_S2_ENC_SIZE    \
-    (PARAMS_ML_DSA_44_S2_SIZE / sizeof(sword32) * PARAMS_ML_DSA_44_ETA_BITS / 8)
-/* Encoding size of z in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_Z_ENC_SIZE     \
-    (PARAMS_ML_DSA_44_S1_SIZE / sizeof(sword32) / 8 * \
-     (PARAMS_ML_DSA_44_GAMMA1_BITS + 1))
-/* Encoding size of public key in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_PK_SIZE        \
-    (DILITHIUM_PUB_SEED_SZ + PARAMS_ML_DSA_44_K * DILITHIUM_N * DILITHIUM_U / 8)
-/* Encoding size of signature in bytes for ML-DSA-44. */
-#define PARAMS_ML_DSA_44_SIG_SIZE       \
-    ((PARAMS_ML_DSA_44_LAMBDA / 4) +    \
-     PARAMS_ML_DSA_44_L * DILITHIUM_N/8 * (PARAMS_ML_DSA_44_GAMMA1_BITS + 1) + \
-     PARAMS_ML_DSA_44_OMEGA + PARAMS_ML_DSA_44_K)
-
-#endif /* WOLFSSL_NO_ML_DSA_44 */
-
-#ifndef WOLFSSL_NO_ML_DSA_65
-
-/* Fist dimension of A, k, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_K              6
-/* Second dimension of A, l, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_L              5
-/* Private key range, ETA, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_ETA            DILITHIUM_ETA_4
-/* Number of bits in private key for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_ETA_BITS       DILITHIUM_ETA_4_BITS
-/* Collision strength of c-tilde, LAMBDA, in bits for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_LAMBDA         192
-/* # +/-1's in polynomial c, TAU, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_TAU            49
-/* BETA = TAU * ETA for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_BETA           \
-    (PARAMS_ML_DSA_65_TAU * PARAMS_ML_DSA_65_ETA)
-/* Max # 1's in the hint h, OMEGA, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_OMEGA          55
-/* Bits in coefficient range of y, GAMMA1, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_GAMMA1_BITS    DILITHIUM_GAMMA1_BITS_19
-/* Ccoefficient range of y, GAMMA1, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_GAMMA1         (1 << PARAMS_ML_DSA_65_GAMMA1_BITS)
-/* Low-order rounding range, GAMMA2, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_GAMMA2         DILITHIUM_Q_LOW_32
-/* Bits in high-order rounding range, GAMMA2, for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_GAMMA2_HI_BITS 4
-/* Encoding size of w1 in bytes for ML-DSA-65.
- * K * N / 8 * 4 - 4 bits as max value is 15 in high bits. */
-#define PARAMS_ML_DSA_65_W1_ENC_SZ      \
-    (PARAMS_ML_DSA_65_K * DILITHIUM_N / 8 * PARAMS_ML_DSA_65_GAMMA2_HI_BITS)
-/* Size of memory used for matrix a in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_A_SIZE         \
-    (PARAMS_ML_DSA_65_K * PARAMS_ML_DSA_65_L * DILITHIUM_POLY_SIZE)
-/* Size of memory used for vector s1 in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_S1_SIZE        \
-    (PARAMS_ML_DSA_65_L * DILITHIUM_POLY_SIZE)
-/* Encoding size of s1 in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_S1_ENC_SIZE    \
-    (PARAMS_ML_DSA_65_S1_SIZE / sizeof(sword32) * PARAMS_ML_DSA_65_ETA_BITS / 8)
-/* Size of memory used for vector s2 in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_S2_SIZE        \
-    (PARAMS_ML_DSA_65_K * DILITHIUM_POLY_SIZE)
-/* Encoding size of s2 in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_S2_ENC_SIZE    \
-    (PARAMS_ML_DSA_65_S2_SIZE / sizeof(sword32) * PARAMS_ML_DSA_65_ETA_BITS / 8)
-/* Encoding size of z in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_Z_ENC_SIZE     \
-    (PARAMS_ML_DSA_65_S1_SIZE / sizeof(sword32) / 8 * \
-     (PARAMS_ML_DSA_65_GAMMA1_BITS + 1))
-/* Encoding size of public key in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_PK_SIZE        \
-    (DILITHIUM_PUB_SEED_SZ + PARAMS_ML_DSA_65_K * DILITHIUM_N * DILITHIUM_U / 8)
-/* Encoding size of signature in bytes for ML-DSA-65. */
-#define PARAMS_ML_DSA_65_SIG_SIZE       \
-    ((PARAMS_ML_DSA_65_LAMBDA / 4) +    \
-     PARAMS_ML_DSA_65_L * DILITHIUM_N/8 * (PARAMS_ML_DSA_65_GAMMA1_BITS + 1) + \
-     PARAMS_ML_DSA_65_OMEGA + PARAMS_ML_DSA_65_K)
-
-#endif /* WOLFSSL_NO_ML_DSA_65 */
-
-#ifndef WOLFSSL_NO_ML_DSA_87
-
-/* Fist dimension of A, k, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_K              8
-/* Second dimension of A, l, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_L              7
-/* Private key range, ETA, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_ETA            DILITHIUM_ETA_2
-/* Number of bits in private key for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_ETA_BITS       DILITHIUM_ETA_2_BITS
-/* Collision strength of c-tilde, LAMBDA, in bits for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_LAMBDA         256
-/* # +/-1's in polynomial c, TAU, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_TAU            60
-/* BETA = TAU * ETA for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_BETA           \
-    (PARAMS_ML_DSA_87_TAU * PARAMS_ML_DSA_87_ETA)
-/* Max # 1's in the hint h, OMEGA, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_OMEGA          75
-/* Bits in coefficient range of y, GAMMA1, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_GAMMA1_BITS    DILITHIUM_GAMMA1_BITS_19
-/* Ccoefficient range of y, GAMMA1, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_GAMMA1         (1 << PARAMS_ML_DSA_87_GAMMA1_BITS)
-/* Low-order rounding range, GAMMA2, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_GAMMA2         DILITHIUM_Q_LOW_32
-/* Bits in high-order rounding range, GAMMA2, for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_GAMMA2_HI_BITS 4
-/* Encoding size of w1 in bytes for ML-DSA-87.
- * K * N / 8 * 4 - 4 bits as max value is 15 in high bits. */
-#define PARAMS_ML_DSA_87_W1_ENC_SZ      \
-    (PARAMS_ML_DSA_87_K * DILITHIUM_N / 8 * PARAMS_ML_DSA_87_GAMMA2_HI_BITS)
-/* Size of memory used for matrix A in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_A_SIZE         \
-    (PARAMS_ML_DSA_87_K * PARAMS_ML_DSA_87_L * DILITHIUM_POLY_SIZE)
-#define PARAMS_ML_DSA_87_S_SIZE         4
-/* Size of memory used for vector s1 in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_S1_SIZE        \
-    (PARAMS_ML_DSA_87_L * DILITHIUM_POLY_SIZE)
-/* Encoding size of s1 in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_S1_ENC_SIZE    \
-    (PARAMS_ML_DSA_87_S1_SIZE / sizeof(sword32) * PARAMS_ML_DSA_87_ETA_BITS / 8)
-/* Size of memory used for vector s2 in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_S2_SIZE        \
-    (PARAMS_ML_DSA_87_K * DILITHIUM_POLY_SIZE)
-/* Encoding size of s2 in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_S2_ENC_SIZE    \
-    (PARAMS_ML_DSA_87_S2_SIZE / sizeof(sword32) * PARAMS_ML_DSA_87_ETA_BITS / 8)
-/* Encoding size of z in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_Z_ENC_SIZE     \
-    (PARAMS_ML_DSA_87_S1_SIZE / sizeof(sword32) / 8 * \
-     (PARAMS_ML_DSA_87_GAMMA1_BITS + 1))
-/* Encoding size of public key in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_PK_SIZE        \
-    (DILITHIUM_PUB_SEED_SZ + PARAMS_ML_DSA_87_K * DILITHIUM_N * DILITHIUM_U / 8)
-/* Encoding size of signature in bytes for ML-DSA-87. */
-#define PARAMS_ML_DSA_87_SIG_SIZE       \
-    ((PARAMS_ML_DSA_87_LAMBDA / 4) +    \
-     PARAMS_ML_DSA_87_L * DILITHIUM_N/8 * (PARAMS_ML_DSA_87_GAMMA1_BITS + 1) + \
-     PARAMS_ML_DSA_87_OMEGA + PARAMS_ML_DSA_87_K)
-
-#endif /* WOLFSSL_NO_ML_DSA_87 */
-
-
-#ifndef WOLFSSL_NO_ML_DSA_87
-
-#define DILITHIUM_MAX_W1_ENC_SZ         PARAMS_ML_DSA_87_W1_ENC_SZ
-/* Maximum collision strength of c-tilde in bytes. */
-#define DILITHIUM_MAX_LAMBDA            PARAMS_ML_DSA_87_LAMBDA
-
-/* Maximum count of elements of a vector with dimension K. */
-#define DILITHIUM_MAX_K_VECTOR_COUNT     \
-    (PARAMS_ML_DSA_87_K * DILITHIUM_N)
-/* Maximum count of elements of a vector with dimension L. */
-#define DILITHIUM_MAX_L_VECTOR_COUNT     \
-    (PARAMS_ML_DSA_87_L * DILITHIUM_N)
-/* Maximum count of elements of a matrix with dimension KxL. */
-#define DILITHIUM_MAX_MATRIX_COUNT        \
-    (PARAMS_ML_DSA_87_K * PARAMS_ML_DSA_87_L * DILITHIUM_N)
-
-#elif !defined(WOLFSSL_NO_ML_DSA_65)
-
-/* Maximum w1 encoding size in bytes. */
-#define DILITHIUM_MAX_W1_ENC_SZ         PARAMS_ML_DSA_65_W1_ENC_SZ
-/* Maximum collision strength of c-tilde in bytes. */
-#define DILITHIUM_MAX_LAMBDA            PARAMS_ML_DSA_65_LAMBDA
-
-/* Maximum count of elements of a vector with dimension K. */
-#define DILITHIUM_MAX_K_VECTOR_COUNT     \
-    (PARAMS_ML_DSA_65_K * DILITHIUM_N)
-/* Maximum count of elements of a vector with dimension L. */
-#define DILITHIUM_MAX_L_VECTOR_COUNT     \
-    (PARAMS_ML_DSA_65_L * DILITHIUM_N)
-/* Maximum count of elements of a matrix with dimension KxL. */
-#define DILITHIUM_MAX_MATRIX_COUNT        \
-    (PARAMS_ML_DSA_65_K * PARAMS_ML_DSA_65_L * DILITHIUM_N)
-
-#else
-
-/* Maximum w1 encoding size in bytes. */
-#define DILITHIUM_MAX_W1_ENC_SZ         PARAMS_ML_DSA_44_W1_ENC_SZ
-/* Maximum collision strength of c-tilde in bytes. */
-#define DILITHIUM_MAX_LAMBDA            PARAMS_ML_DSA_44_LAMBDA
-
-/* Maximum count of elements of a vector with dimension K. */
-#define DILITHIUM_MAX_K_VECTOR_COUNT     \
-    (PARAMS_ML_DSA_44_K * DILITHIUM_N)
-/* Maximum count of elements of a vector with dimension L. */
-#define DILITHIUM_MAX_L_VECTOR_COUNT     \
-    (PARAMS_ML_DSA_44_L * DILITHIUM_N)
-/* Maximum count of elements of a matrix with dimension KxL. */
-#define DILITHIUM_MAX_MATRIX_COUNT        \
-    (PARAMS_ML_DSA_44_K * PARAMS_ML_DSA_44_L * DILITHIUM_N)
-
-#endif
-
-/* Length of K in bytes. */
-#define DILITHIUM_K_SZ                  32
-/* Length of TR in bytes. */
-#define DILITHIUM_TR_SZ                 64
-/* Length of public key seed in bytes when expanding a. */
-#define DILITHIUM_PUB_SEED_SZ           32
-/* Length of private key seed in bytes when generating a key. */
-#define DILITHIUM_PRIV_SEED_SZ          64
-
-/* Length of seed when creating vector c. */
-#define DILITHIUM_SEED_SZ               32
-/* Length of seeds created when making a key. */
-#define DILITHIUM_SEEDS_SZ              128
-
-/* Length of MU in bytes. */
-#define DILITHIUM_MU_SZ                 64
-/* Length of random in bytes when generating a signature. */
-#define DILITHIUM_RND_SZ                32
-/* Length of private random in bytes when generating a signature. */
-#define DILITHIUM_PRIV_RAND_SEED_SZ     64
-
-/* 5 blocks, each block 21 * 8 bytes = 840 bytes.
- * Minimum required is 256 * 3 = 768. */
-#define DILITHIUM_GEN_A_NBLOCKS         5
-/* Number of bytes to generate with Shake128 when generating A. */
-#define DILITHIUM_GEN_A_BYTES           \
-    (DILITHIUM_GEN_A_NBLOCKS * WC_SHA3_128_COUNT * 8)
-/* Number of bytes to a block of SHAKE-128 when generating A. */
-#define DILITHIUM_GEN_A_BLOCK_BYTES     (WC_SHA3_128_COUNT * 8)
-
-/* Number of bytes to a block of SHAKE-256 when generating c. */
-#define DILITHIUM_GEN_C_BLOCK_BYTES     (WC_SHA3_256_COUNT * 8)
-
-
-#ifndef WOLFSSL_DILITHIUM_SMALL
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-    /* A block SHAKE-128 output plus one for reading 4 bytes at a time. */
-    #define DILITHIUM_REJ_NTT_POLY_H_SIZE    (DILITHIUM_GEN_A_BYTES + 1)
-#else
-    /* A block SHAKE-128 output. */
-    #define DILITHIUM_REJ_NTT_POLY_H_SIZE    DILITHIUM_GEN_A_BYTES
-#endif /* LITTLE_ENDIAN_ORDER && WOLFSSL_DILITHIUM_ALIGNMENT == 0 */
-#else
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-    /* A block SHAKE-128 output plus one for reading 4 bytes at a time. */
-    #define DILITHIUM_REJ_NTT_POLY_H_SIZE    (DILITHIUM_GEN_A_BLOCK_BYTES + 1)
-#else
-    /* A block SHAKE-128 output. */
-    #define DILITHIUM_REJ_NTT_POLY_H_SIZE    DILITHIUM_GEN_A_BLOCK_BYTES
-#endif /* LITTLE_ENDIAN_ORDER && WOLFSSL_DILITHIUM_ALIGNMENT == 0 */
-#endif
-
-#elif defined(HAVE_LIBOQS)
-
-#define DILITHIUM_LEVEL2_KEY_SIZE     OQS_SIG_ml_dsa_44_ipd_length_secret_key
-#define DILITHIUM_LEVEL2_SIG_SIZE     OQS_SIG_ml_dsa_44_ipd_length_signature
-#define DILITHIUM_LEVEL2_PUB_KEY_SIZE OQS_SIG_ml_dsa_44_ipd_length_public_key
-#define DILITHIUM_LEVEL2_PRV_KEY_SIZE \
-    (DILITHIUM_LEVEL2_PUB_KEY_SIZE+DILITHIUM_LEVEL2_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_LEVEL2_PUB_KEY_DER_SIZE 1334
-#define DILITHIUM_LEVEL2_PRV_KEY_DER_SIZE 2588
-#define DILITHIUM_LEVEL2_BOTH_KEY_DER_SIZE 3904
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define DILITHIUM_LEVEL2_BOTH_KEY_PEM_SIZE 5344
-
-#define DILITHIUM_LEVEL3_KEY_SIZE     OQS_SIG_ml_dsa_65_ipd_length_secret_key
-#define DILITHIUM_LEVEL3_SIG_SIZE     OQS_SIG_ml_dsa_65_ipd_length_signature
-#define DILITHIUM_LEVEL3_PUB_KEY_SIZE OQS_SIG_ml_dsa_65_ipd_length_public_key
-#define DILITHIUM_LEVEL3_PRV_KEY_SIZE \
-    (DILITHIUM_LEVEL3_PUB_KEY_SIZE+DILITHIUM_LEVEL3_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_LEVEL3_PUB_KEY_DER_SIZE 1974
-#define DILITHIUM_LEVEL3_PRV_KEY_DER_SIZE 4060
-#define DILITHIUM_LEVEL3_BOTH_KEY_DER_SIZE 6016
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define DILITHIUM_LEVEL3_BOTH_KEY_PEM_SIZE 8204
-
-#define DILITHIUM_LEVEL5_KEY_SIZE     OQS_SIG_ml_dsa_87_ipd_length_secret_key
-#define DILITHIUM_LEVEL5_SIG_SIZE     OQS_SIG_ml_dsa_87_ipd_length_signature
-#define DILITHIUM_LEVEL5_PUB_KEY_SIZE OQS_SIG_ml_dsa_87_ipd_length_public_key
-#define DILITHIUM_LEVEL5_PRV_KEY_SIZE \
-    (DILITHIUM_LEVEL5_PUB_KEY_SIZE+DILITHIUM_LEVEL5_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_LEVEL5_PUB_KEY_DER_SIZE 2614
-#define DILITHIUM_LEVEL5_PRV_KEY_DER_SIZE 4924
-#define DILITHIUM_LEVEL5_BOTH_KEY_DER_SIZE 7520
-/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
- * the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
-#define DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE 10267
-
-#define ML_DSA_LEVEL2_KEY_SIZE        OQS_SIG_ml_dsa_44_ipd_length_secret_key
-#define ML_DSA_LEVEL2_SIG_SIZE        OQS_SIG_ml_dsa_44_ipd_length_signature
-#define ML_DSA_LEVEL2_PUB_KEY_SIZE    OQS_SIG_ml_dsa_44_ipd_length_public_key
-#define ML_DSA_LEVEL2_PRV_KEY_SIZE    \
-    (ML_DSA_LEVEL2_PUB_KEY_SIZE+ML_DSA_LEVEL2_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define ML_DSA_LEVEL2_PUB_KEY_DER_SIZE DILITHIUM_LEVEL2_PUB_KEY_DER_SIZE
-#define ML_DSA_LEVEL2_PRV_KEY_DER_SIZE DILITHIUM_LEVEL2_PRV_KEY_DER_SIZE
-#define ML_DSA_LEVEL2_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL2_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define ML_DSA_LEVEL2_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL2_BOTH_KEY_PEM_SIZE
-
-#define ML_DSA_LEVEL3_KEY_SIZE        OQS_SIG_ml_dsa_65_ipd_length_secret_key
-#define ML_DSA_LEVEL3_SIG_SIZE        OQS_SIG_ml_dsa_65_ipd_length_signature
-#define ML_DSA_LEVEL3_PUB_KEY_SIZE    OQS_SIG_ml_dsa_65_ipd_length_public_key
-#define ML_DSA_LEVEL3_PRV_KEY_SIZE    \
-    (ML_DSA_LEVEL3_PUB_KEY_SIZE+ML_DSA_LEVEL3_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define ML_DSA_LEVEL3_PUB_KEY_DER_SIZE DILITHIUM_LEVEL3_PUB_KEY_DER_SIZE
-#define ML_DSA_LEVEL3_PRV_KEY_DER_SIZE DILITHIUM_LEVEL3_PRV_KEY_DER_SIZE
-#define ML_DSA_LEVEL3_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL3_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN PRIVATE KEY-----" and
- * the footer "-----END PRIVATE KEY-----" */
-#define ML_DSA_LEVEL3_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL3_BOTH_KEY_PEM_SIZE
-
-#define ML_DSA_LEVEL5_KEY_SIZE        OQS_SIG_ml_dsa_87_ipd_length_secret_key
-#define ML_DSA_LEVEL5_SIG_SIZE        OQS_SIG_ml_dsa_87_ipd_length_signature
-#define ML_DSA_LEVEL5_PUB_KEY_SIZE    OQS_SIG_ml_dsa_87_ipd_length_public_key
-#define ML_DSA_LEVEL5_PRV_KEY_SIZE    \
-    (ML_DSA_LEVEL5_PUB_KEY_SIZE+ML_DSA_LEVEL5_KEY_SIZE)
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define ML_DSA_LEVEL5_PUB_KEY_DER_SIZE DILITHIUM_LEVEL5_PUB_KEY_DER_SIZE
-#define ML_DSA_LEVEL5_PRV_KEY_DER_SIZE DILITHIUM_LEVEL5_PRV_KEY_DER_SIZE
-#define ML_DSA_LEVEL5_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL5_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
- * the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
-#define ML_DSA_LEVEL5_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE
-
-#endif
-
-#define DILITHIUM_MAX_KEY_SIZE     DILITHIUM_LEVEL5_KEY_SIZE
-#define DILITHIUM_MAX_SIG_SIZE     DILITHIUM_LEVEL5_SIG_SIZE
-#define DILITHIUM_MAX_PUB_KEY_SIZE DILITHIUM_LEVEL5_PUB_KEY_SIZE
-#define DILITHIUM_MAX_PRV_KEY_SIZE DILITHIUM_LEVEL5_PRV_KEY_SIZE
-/* Buffer sizes large enough to store exported DER encoded keys */
-#define DILITHIUM_MAX_PUB_KEY_DER_SIZE DILITHIUM_LEVEL5_PUB_KEY_DER_SIZE
-#define DILITHIUM_MAX_PRV_KEY_DER_SIZE DILITHIUM_LEVEL5_PRV_KEY_DER_SIZE
-#define DILITHIUM_MAX_BOTH_KEY_DER_SIZE DILITHIUM_LEVEL5_BOTH_KEY_DER_SIZE
-/* PEM size with the header "-----BEGIN ML_DSA_LEVEL5 PRIVATE KEY-----" and
- * the footer "-----END ML_DSA_LEVEL5 PRIVATE KEY-----" */
-#define DILITHIUM_MAX_BOTH_KEY_PEM_SIZE DILITHIUM_LEVEL5_BOTH_KEY_PEM_SIZE
-
-
-#ifdef WOLF_PRIVATE_KEY_ID
-#define DILITHIUM_MAX_ID_LEN    32
-#define DILITHIUM_MAX_LABEL_LEN 32
-#endif
-
-/* Structs */
-
-#ifdef WOLFSSL_WC_DILITHIUM
-typedef struct wc_dilithium_params {
-    byte level;
-    byte k;
-    byte l;
-    byte eta;
-    byte eta_bits;
-    byte tau;
-    byte beta;
-    byte omega;
-    word16 lambda;
-    byte gamma1_bits;
-    sword32 gamma2;
-    word32 w1EncSz;
-    word16 aSz;
-    word16 s1Sz;
-    word16 s1EncSz;
-    word16 s2Sz;
-    word16 s2EncSz;
-    word16 zEncSz;
-    word16 pkSz;
-    word16 sigSz;
-} wc_dilithium_params;
-#endif
-
-struct dilithium_key {
-    byte pubKeySet;
-    byte prvKeySet;
-    byte level; /* 2,3 or 5 */
-
-    void* heap; /* heap hint */
-
-#ifdef WOLF_CRYPTO_CB
-    void* devCtx;
-    int   devId;
-#endif
-#ifdef WOLF_PRIVATE_KEY_ID
-    byte id[DILITHIUM_MAX_ID_LEN];
-    int  idLen;
-    char label[DILITHIUM_MAX_LABEL_LEN];
-    int  labelLen;
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_ASSIGN_KEY
-#ifdef USE_INTEL_SPEEDUP
-    byte p[DILITHIUM_MAX_PUB_KEY_SIZE+8];
-    byte k[DILITHIUM_MAX_KEY_SIZE+8];
-#else
-    byte p[DILITHIUM_MAX_PUB_KEY_SIZE];
-    byte k[DILITHIUM_MAX_KEY_SIZE];
-#endif
-#else
-    const byte* p;
-    const byte* k;
-#endif
-
-#ifdef WOLFSSL_WC_DILITHIUM
-    const wc_dilithium_params* params;
-    wc_Shake shake;
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-    sword32* a;
-    byte aSet;
-#endif
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-    sword32* s1;
-    sword32* s2;
-    sword32* t0;
-    byte privVecsSet;
-#endif
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-    sword32* t1;
-    byte pubVecSet;
-#endif
-#else
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-    sword32 a[DILITHIUM_MAX_MATRIX_COUNT];
-    byte aSet;
-#endif
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-    sword32 s1[DILITHIUM_MAX_L_VECTOR_COUNT];
-    sword32 s2[DILITHIUM_MAX_K_VECTOR_COUNT];
-    sword32 t0[DILITHIUM_MAX_K_VECTOR_COUNT];
-    byte privVecsSet;
-#endif
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-    sword32 t1[DILITHIUM_MAX_K_VECTOR_COUNT];
-    byte pubVecSet;
-#endif
-#endif
-#if defined(WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC) && \
-    defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM)
-    sword32 z[DILITHIUM_MAX_L_VECTOR_COUNT];
-    sword32 c[DILITHIUM_N];
-    sword32 w[DILITHIUM_N];
-    sword32 t1[DILITHIUM_N];
-    byte w1e[DILITHIUM_MAX_W1_ENC_SZ];
-#ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-    sword64 t64[DILITHIUM_N];
-#endif
-    byte h[DILITHIUM_REJ_NTT_POLY_H_SIZE];
-    byte block[DILITHIUM_GEN_C_BLOCK_BYTES];
-#endif /* WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC &&
-        * WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM */
-#endif /* WOLFSSL_WC_DILITHIUM */
-};
-
-#ifndef WC_DILITHIUMKEY_TYPE_DEFINED
-    typedef struct dilithium_key dilithium_key;
-    #define WC_DILITHIUMKEY_TYPE_DEFINED
-#endif
-
-/* Functions */
-
-#ifndef WOLFSSL_DILITHIUM_VERIFY_ONLY
-WOLFSSL_API
-int wc_dilithium_make_key(dilithium_key* key, WC_RNG* rng);
-WOLFSSL_API
-int wc_dilithium_make_key_from_seed(dilithium_key* key, const byte* seed);
-
-WOLFSSL_API
-int wc_dilithium_sign_msg(const byte* msg, word32 msgLen, byte* sig,
-    word32* sigLen, dilithium_key* key, WC_RNG* rng);
-WOLFSSL_API
-int wc_dilithium_sign_ctx_msg(const byte* ctx, byte ctxLen, const byte* msg,
-    word32 msgLen, byte* sig, word32* sigLen, dilithium_key* key, WC_RNG* rng);
-WOLFSSL_API
-int wc_dilithium_sign_ctx_hash(const byte* ctx, byte ctxLen, int hashAlg,
-    const byte* hash, word32 hashLen, byte* sig, word32* sigLen,
-    dilithium_key* key, WC_RNG* rng);
-WOLFSSL_API
-int wc_dilithium_sign_msg_with_seed(const byte* msg, word32 msgLen, byte* sig,
-    word32 *sigLen, dilithium_key* key, const byte* seed);
-WOLFSSL_API
-int wc_dilithium_sign_ctx_msg_with_seed(const byte* ctx, byte ctxLen,
-    const byte* msg, word32 msgLen, byte* sig, word32 *sigLen,
-    dilithium_key* key, const byte* seed);
-WOLFSSL_API
-int wc_dilithium_sign_ctx_hash_with_seed(const byte* ctx, byte ctxLen,
-    int hashAlg, const byte* hash, word32 hashLen, byte* sig, word32 *sigLen,
-    dilithium_key* key, const byte* seed);
-#endif
-WOLFSSL_API
-int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-    word32 msgLen, int* res, dilithium_key* key);
-WOLFSSL_API
-int wc_dilithium_verify_ctx_msg(const byte* sig, word32 sigLen, const byte* ctx,
-    word32 ctxLen, const byte* msg, word32 msgLen, int* res,
-    dilithium_key* key);
-WOLFSSL_API
-int wc_dilithium_verify_ctx_hash(const byte* sig, word32 sigLen,
-    const byte* ctx, word32 ctxLen, int hashAlg, const byte* hash,
-    word32 hashLen, int* res, dilithium_key* key);
-
-WOLFSSL_API
-dilithium_key* wc_dilithium_new(void* heap, int devId);
-WOLFSSL_API
-int wc_dilithium_delete(dilithium_key* key, dilithium_key** key_p);
-
-WOLFSSL_API
-int wc_dilithium_init(dilithium_key* key);
-
-WOLFSSL_API
-int wc_dilithium_init_ex(dilithium_key* key, void* heap, int devId);
-
-#ifdef WOLF_PRIVATE_KEY_ID
-WOLFSSL_API
-int wc_dilithium_init_id(dilithium_key* key, const unsigned char* id, int len,
-    void* heap, int devId);
-WOLFSSL_API
-int wc_dilithium_init_label(dilithium_key* key, const char* label, void* heap,
-    int devId);
-#endif
-
-WOLFSSL_API
-int wc_dilithium_set_level(dilithium_key* key, byte level);
-WOLFSSL_API
-int wc_dilithium_get_level(dilithium_key* key, byte* level);
-WOLFSSL_API
-void wc_dilithium_free(dilithium_key* key);
-
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-WOLFSSL_API
-int wc_dilithium_size(dilithium_key* key);
-#endif
-#if defined(WOLFSSL_DILITHIUM_PRIVATE_KEY) && \
-    defined(WOLFSSL_DILITHIUM_PUBLIC_KEY)
-WOLFSSL_API
-int wc_dilithium_priv_size(dilithium_key* key);
-#endif
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-WOLFSSL_API
-int wc_dilithium_pub_size(dilithium_key* key);
-#endif
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-WOLFSSL_API
-int wc_dilithium_sig_size(dilithium_key* key);
-#endif
-
-#ifdef WOLFSSL_DILITHIUM_CHECK_KEY
-WOLFSSL_API
-int wc_dilithium_check_key(dilithium_key* key);
-#endif
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-WOLFSSL_API
-int wc_dilithium_import_public(const byte* in, word32 inLen,
-    dilithium_key* key);
-#endif
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-WOLFSSL_API
-int wc_dilithium_import_private(const byte* priv, word32 privSz,
-    dilithium_key* key);
-#define wc_dilithium_import_private_only    wc_dilithium_import_private
-WOLFSSL_API
-int wc_dilithium_import_key(const byte* priv, word32 privSz,
-    const byte* pub, word32 pubSz, dilithium_key* key);
-#endif
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-WOLFSSL_API
-int wc_dilithium_export_public(dilithium_key* key, byte* out, word32* outLen);
-#endif
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-WOLFSSL_API
-int wc_dilithium_export_private(dilithium_key* key, byte* out, word32* outLen);
-#define wc_dilithium_export_private_only    wc_dilithium_export_private
-#endif
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-WOLFSSL_API
-int wc_dilithium_export_key(dilithium_key* key, byte* priv, word32 *privSz,
-    byte* pub, word32 *pubSz);
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-WOLFSSL_LOCAL int dilithium_get_oid_sum(dilithium_key* key, int* keyFormat);
-#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-#if defined(WOLFSSL_DILITHIUM_PRIVATE_KEY)
-WOLFSSL_API int wc_Dilithium_PrivateKeyDecode(const byte* input,
-    word32* inOutIdx, dilithium_key* key, word32 inSz);
-#endif
-#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-WOLFSSL_API int wc_Dilithium_PublicKeyDecode(const byte* input,
-    word32* inOutIdx, dilithium_key* key, word32 inSz);
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-#ifdef WC_ENABLE_ASYM_KEY_EXPORT
-WOLFSSL_API int wc_Dilithium_PublicKeyToDer(dilithium_key* key, byte* output,
-    word32 inLen, int withAlg);
-#endif
-#if defined(WOLFSSL_DILITHIUM_PRIVATE_KEY)
-WOLFSSL_API int wc_Dilithium_KeyToDer(dilithium_key* key, byte* output,
-    word32 inLen);
-#endif
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-WOLFSSL_API int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output,
-    word32 inLen);
-#endif
-#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
-
-#ifdef USE_INTEL_SPEEDUP
-WOLFSSL_LOCAL void wc_mldsa_poly_red_avx2(sword32* a);
-
-WOLFSSL_LOCAL void wc_mldsa_ntt_avx2(sword32* r);
-WOLFSSL_LOCAL void wc_mldsa_ntt_full_avx2(sword32* r);
-WOLFSSL_LOCAL void wc_mldsa_invntt_avx2(sword32* r);
-WOLFSSL_LOCAL void wc_mldsa_invntt_full_avx2(sword32* r);
-
-WOLFSSL_LOCAL void wc_mldsa_mul_avx2(sword32* r, const sword32* a,
-    const sword32* b);
-WOLFSSL_LOCAL void wc_mldsa_mul_vec_4_avx2(sword32* r, const sword32* a,
-    const sword32* b);
-WOLFSSL_LOCAL void wc_mldsa_mul_vec_5_avx2(sword32* r, const sword32* a,
-    const sword32* b);
-WOLFSSL_LOCAL void wc_mldsa_mul_vec_7_avx2(sword32* r, const sword32* a,
-    const sword32* b);
-WOLFSSL_LOCAL void wc_mldsa_matrix_mul_4x4_avx2(sword32* r, const sword32* m,
-    const sword32* v);
-WOLFSSL_LOCAL void wc_mldsa_matrix_mul_6x5_avx2(sword32* r, const sword32* m,
-    const sword32* v);
-WOLFSSL_LOCAL void wc_mldsa_matrix_mul_8x7_avx2(sword32* r, const sword32* m,
-    const sword32* v);
-
-WOLFSSL_LOCAL void wc_mldsa_redistribute_21_rand_avx2(word64* s, byte* r0,
-    byte* r1, byte* r2, byte* r3);
-WOLFSSL_LOCAL int wc_mldsa_rej_uniform_n_avx2(sword32* a, word32 len,
-    const byte* r, word32 rLen);
-WOLFSSL_LOCAL int wc_mldsa_rej_uniform_avx2(sword32* a, word32 len,
-    const byte* r, word32 rLen);
-
-WOLFSSL_LOCAL void wc_mldsa_redistribute_17_rand_avx2(word64* s, byte* r0,
-    byte* r1, byte* r2, byte* r3);
-WOLFSSL_LOCAL void wc_mldsa_extract_coeffs_eta2_avx2(const byte* z,
-    unsigned int zLen, sword32* s, unsigned int* cnt);
-WOLFSSL_LOCAL void wc_mldsa_extract_coeffs_eta4_avx2(const byte* z,
-    unsigned int zLen, sword32* s, unsigned int* cnt);
-
-WOLFSSL_LOCAL void wc_mldsa_vec_encode_eta_2_avx2(const sword32* s, byte d,
-    byte* p);
-WOLFSSL_LOCAL void wc_mldsa_vec_encode_eta_4_avx2(const sword32* t, byte* p);
-WOLFSSL_LOCAL void wc_mldsa_decode_eta_2_avx2(const byte* p, sword32* s);
-WOLFSSL_LOCAL void wc_mldsa_decode_eta_4_avx2(const byte* p, sword32* s);
-
-WOLFSSL_LOCAL void wc_mldsa_encode_w1_88_avx2(const sword32* w1, byte* w1e);
-WOLFSSL_LOCAL void wc_mldsa_encode_w1_32_avx2(const sword32* w1, byte* w1e);
-
-WOLFSSL_LOCAL void wc_mldsa_vec_encode_t0_t1_avx2(const sword32* t, byte d,
-    byte* t0, byte* t1);
-WOLFSSL_LOCAL void wc_mldsa_decode_t0_avx2(const byte* t0, sword32* t);
-WOLFSSL_LOCAL void wc_mldsa_decode_t1_avx2(const byte* t1, sword32* t);
-
-WOLFSSL_LOCAL void wc_mldsa_decode_gamma1_17_avx2(const byte* s, sword32* z);
-WOLFSSL_LOCAL void wc_mldsa_decode_gamma1_19_avx2(const byte* s, sword32* z);
-WOLFSSL_LOCAL void wc_mldsa_encode_gamma1_17_avx2(const sword32* z, byte* s);
-WOLFSSL_LOCAL void wc_mldsa_encode_gamma1_19_avx2(const sword32* z, byte* s);
-
-WOLFSSL_LOCAL void wc_mldsa_decompose_q88_avx2(const sword32* r, sword32* r0,
-    sword32* r1);
-WOLFSSL_LOCAL void wc_mldsa_decompose_q32_avx2(const sword32* r, byte k,
-    sword32* r0, sword32* r1);
-
-WOLFSSL_LOCAL void wc_mldsa_use_hint_88_avx2(sword32* w1, const byte* h);
-WOLFSSL_LOCAL void wc_mldsa_use_hint_32_avx2(sword32* w1, byte k,
-    const byte* h);
-
-WOLFSSL_LOCAL int wc_mldsa_vec_check_low_avx2(const sword32* a, byte l,
-    sword32 hi);
-
-WOLFSSL_LOCAL void wc_mldsa_poly_add_avx2(sword32* r, const sword32* a);
-WOLFSSL_LOCAL void wc_mldsa_poly_sub_avx2(sword32* r, const sword32* a);
-WOLFSSL_LOCAL void wc_mldsa_poly_make_pos_avx2(sword32* a);
-#endif
-
-
-#define WC_ML_DSA_DRAFT         10
-
-#define WC_ML_DSA_44            2
-#define WC_ML_DSA_65            3
-#define WC_ML_DSA_87            5
-#define WC_ML_DSA_44_DRAFT      (2 + WC_ML_DSA_DRAFT)
-#define WC_ML_DSA_65_DRAFT      (3 + WC_ML_DSA_DRAFT)
-#define WC_ML_DSA_87_DRAFT      (5 + WC_ML_DSA_DRAFT)
-
-#define DILITHIUM_ML_DSA_44_KEY_SIZE        2560
-#define DILITHIUM_ML_DSA_44_SIG_SIZE        2420
-#define DILITHIUM_ML_DSA_44_PUB_KEY_SIZE    1312
-#define DILITHIUM_ML_DSA_44_PRV_KEY_SIZE    \
-    (DILITHIUM_ML_DSA_44_PUB_KEY_SIZE + DILITHIUM_ML_DSA_44_KEY_SIZE)
-
-#define DILITHIUM_ML_DSA_65_KEY_SIZE        4032
-#define DILITHIUM_ML_DSA_65_SIG_SIZE        3309
-#define DILITHIUM_ML_DSA_65_PUB_KEY_SIZE    1952
-#define DILITHIUM_ML_DSA_65_PRV_KEY_SIZE    \
-    (DILITHIUM_ML_DSA_65_PUB_KEY_SIZE + DILITHIUM_ML_DSA_65_KEY_SIZE)
-
-#define DILITHIUM_ML_DSA_87_KEY_SIZE        4896
-#define DILITHIUM_ML_DSA_87_SIG_SIZE        4627
-#define DILITHIUM_ML_DSA_87_PUB_KEY_SIZE    2592
-#define DILITHIUM_ML_DSA_87_PRV_KEY_SIZE    \
-    (DILITHIUM_ML_DSA_87_PUB_KEY_SIZE + DILITHIUM_ML_DSA_87_KEY_SIZE)
-
-
-#define MlDsaKey  dilithium_key
-
-
-#define wc_MlDsaKey_Init(key, heap, devId)                      \
-    wc_dilithium_init_ex(key, heap, devId)
-#define wc_MlDsaKey_SetParams(key, id)                          \
-    wc_dilithium_set_level(key, id)
-#define wc_MlDsaKey_GetParams(key, id)                          \
-    wc_dilithium_get_level(key, id)
-#define wc_MlDsaKey_MakeKey(key, rng)                           \
-    wc_dilithium_make_key(key, rng)
-#define wc_MlDsaKey_ExportPrivRaw(key, out, outLen)             \
-    wc_dilithium_export_private_only(key, out, outLen)
-#define wc_MlDsaKey_ImportPrivRaw(key, in, inLen)               \
-    wc_dilithium_import_private_only(in, inLen, key)
-#define wc_MlDsaKey_Sign(key, sig, sigSz, msg, msgSz, rng)      \
-    wc_dilithium_sign_msg(msg, msgSz, sig, sigSz, key, rng)
-#define wc_MlDsaKey_Free(key)                                   \
-    wc_dilithium_free(key)
-#define wc_MlDsaKey_ExportPubRaw(key, out, outLen)              \
-    wc_dilithium_export_public(key, out, outLen)
-#define wc_MlDsaKey_ImportPubRaw(key, in, inLen)                \
-    wc_dilithium_import_public(in, inLen, key)
-#define wc_MlDsaKey_Verify(key, sig, sigSz, msg, msgSz, res)    \
-    wc_dilithium_verify_msg(sig, sigSz, msg, msgSz, res, key)
-
-#define wc_MlDsaKey_PublicKeyToDer(key, output, len, withAlg)   \
-    wc_Dilithium_PublicKeyToDer(key, output, len, withAlg)
-
-#define wc_MlDsaKey_PrivateKeyToDer(key, output, len)           \
-    wc_Dilithium_PrivateKeyToDer(key, output, len)
-
-
-WOLFSSL_API int wc_MlDsaKey_GetPrivLen(MlDsaKey* key, int* len);
-WOLFSSL_API int wc_MlDsaKey_GetPubLen(MlDsaKey* key, int* len);
-WOLFSSL_API int wc_MlDsaKey_GetSigLen(MlDsaKey* key, int* len);
-
-#ifdef __cplusplus
-    }    /* extern "C" */
-#endif
-
-#endif /* HAVE_DILITHIUM */
-#endif /* WOLF_CRYPT_DILITHIUM_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/eccsi.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/eccsi.h
deleted file mode 100644
index 1e5a77c9f..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/eccsi.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/* eccsi.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/eccsi.h
-*/
-
-
-#ifndef WOLF_CRYPT_ECCSI_H
-#define WOLF_CRYPT_ECCSI_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef WOLFCRYPT_HAVE_ECCSI
-
-#include <wolfssl/wolfcrypt/wolfmath.h>
-#include <wolfssl/wolfcrypt/ecc.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#include <wolfssl/wolfcrypt/hmac.h>
-
-#define WOLFCRYPT_ECCSI_KMS
-#define WOLFCRYPT_ECCSI_CLIENT
-
-#define MAX_ECCSI_BYTES  (256 / 8)
-
-/* Maximum number of loops of attempting to generate key pairs and signatures.
- */
-#ifndef ECCSI_MAX_GEN_COUNT
-    #define ECCSI_MAX_GEN_COUNT     10
-#endif
-
-typedef struct EccsiKeyParams {
-    /** Order (q) of elliptic curve as an MP integer. */
-    mp_int order;
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-    /** A parameter of elliptic curve as an MP integer. */
-    mp_int a;
-    /** P parameter of elliptic curve as an MP integer. */
-    mp_int b;
-    /** Prime of elliptic curve as an MP integer. */
-    mp_int prime;
-#endif
-    /** Base point for elliptic curve operations as an ECC point. */
-    ecc_point* base;
-
-    /** Bit indicates order (q) is set as an MP integer in ECCSI key. */
-    WC_BITFIELD haveOrder:1;
-    /** Bit indicates A is set as an MP integer in ECCSI key. */
-    WC_BITFIELD haveA:1;
-    /** Bit indicates B is set as an MP integer in ECCSI key. */
-    WC_BITFIELD haveB:1;
-    /** Bit indicates prime is set as an MP integer in ECCSI key. */
-    WC_BITFIELD havePrime:1;
-    /** Bit indicates base point is set as an MP integer in ECCSI key. */
-    WC_BITFIELD haveBase:1;
-} EccsiKeyParams;
-
-/**
- * ECCSI key.
- */
-typedef struct EccsiKey {
-    /** ECC key to perform elliptic curve operations with. */
-    ecc_key ecc;
-    /** ECC key to perform public key elliptic curve operations with. */
-    ecc_key pubkey;
-    /** ECC parameter in forms that can be used in computation. */
-    EccsiKeyParams params;
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-    /** Temporary MP integer used during operations.. */
-    mp_int tmp;
-    /** Secret Signing Key */
-    mp_int ssk;
-    /** Public Validation Token (PVT) */
-    ecc_point* pvt;
-#endif
-    /** Generic hash algorithm object. */
-    wc_HashAlg hash;
-    /** Temporary buffer for use in operations. */
-    byte data[(MAX_ECCSI_BYTES * 2) + 1];
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-    /** Hash of identity - used in signing/verification. */
-    byte idHash[WC_MAX_DIGEST_SIZE];
-    /** Size of hash of identity in bytes. */
-    byte idHashSz;
-#endif
-    /** Heap hint for dynamic memory allocation. */
-    void* heap;
-    /** Bit indicates KPAK (public key) is in montgomery form. */
-    WC_BITFIELD kpakMont:1;
-} EccsiKey;
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_API int wc_InitEccsiKey(EccsiKey* key, void* heap, int devId);
-WOLFSSL_API int wc_InitEccsiKey_ex(EccsiKey* key, int keySz, int curveId,
-        void* heap, int devId);
-WOLFSSL_API void wc_FreeEccsiKey(EccsiKey* key);
-
-WOLFSSL_API int wc_MakeEccsiKey(EccsiKey* key, WC_RNG* rng);
-
-WOLFSSL_API int wc_MakeEccsiPair(EccsiKey* key, WC_RNG* rng,
-        enum wc_HashType hashType, const byte* id, word32 idSz, mp_int* ssk,
-        ecc_point* pvt);
-WOLFSSL_API int wc_ValidateEccsiPair(EccsiKey* key, enum wc_HashType hashType,
-        const byte* id, word32 idSz, const mp_int* ssk, ecc_point* pvt,
-        int* valid);
-WOLFSSL_API int wc_ValidateEccsiPvt(EccsiKey* key, const ecc_point* pvt,
-        int* valid);
-WOLFSSL_API int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk,
-        ecc_point* pvt, byte* data, word32* sz);
-WOLFSSL_API int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data,
-        word32* sz);
-WOLFSSL_API int wc_EncodeEccsiPvt(const EccsiKey* key, ecc_point* pvt,
-        byte* data, word32* sz, int raw);
-WOLFSSL_API int wc_DecodeEccsiPair(const EccsiKey* key, const byte* data,
-        word32 sz, mp_int* ssk, ecc_point* pvt);
-WOLFSSL_API int wc_DecodeEccsiSsk(const EccsiKey* key, const byte* data,
-        word32 sz, mp_int* ssk);
-WOLFSSL_API int wc_DecodeEccsiPvt(const EccsiKey* key, const byte* data,
-        word32 sz, ecc_point* pvt);
-WOLFSSL_API int wc_DecodeEccsiPvtFromSig(const EccsiKey* key, const byte* sig,
-        word32 sz, ecc_point* pvt);
-
-WOLFSSL_API int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz);
-WOLFSSL_API int wc_ImportEccsiKey(EccsiKey* key, const byte* data, word32 sz);
-
-WOLFSSL_API int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz);
-WOLFSSL_API int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data,
-        word32 sz);
-
-WOLFSSL_API int wc_ExportEccsiPublicKey(EccsiKey* key, byte* data, word32* sz,
-        int raw);
-WOLFSSL_API int wc_ImportEccsiPublicKey(EccsiKey* key, const byte* data,
-        word32 sz, int trusted);
-
-WOLFSSL_API int wc_HashEccsiId(EccsiKey* key, enum wc_HashType hashType,
-        const byte* id, word32 idSz, ecc_point* pvt, byte* hash, byte* hashSz);
-WOLFSSL_API int wc_SetEccsiHash(EccsiKey* key, const byte* hash, byte hashSz);
-WOLFSSL_API int wc_SetEccsiPair(EccsiKey* key, const mp_int* ssk,
-        const ecc_point* pvt);
-
-WOLFSSL_API int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng,
-        enum wc_HashType hashType, const byte* msg, word32 msgSz, byte* sig,
-        word32* sigSz);
-WOLFSSL_API int wc_VerifyEccsiHash(EccsiKey* key, enum wc_HashType hashType,
-        const byte* msg, word32 msgSz, const byte* sig, word32 sigSz,
-        int* verified);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFCRYPT_HAVE_ECCSI */
-
-#endif /* WOLF_CRYPT_ECCSI_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_lms.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_lms.h
deleted file mode 100644
index 18e1221ba..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_lms.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/* ext_lms.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef EXT_LMS_H
-#define EXT_LMS_H
-
-#if defined(WOLFSSL_HAVE_LMS) && defined(HAVE_LIBLMS)
-
-#include <wolfssl/wolfcrypt/lms.h>
-
-/* hash-sigs LMS HSS includes */
-#include <hss.h>
-
-#if defined(WOLFSSL_WC_LMS)
-#error "This code is incompatible with wolfCrypt's implementation of LMS."
-#endif
-
-/*
- * The hash-sigs LMS lib supports from MIN_HSS_LEVELS to MAX_HSS_LEVELS
- * number of levels of Merkle trees. It allows for the tree height and
- * winternitz parameter to be unique per level.
- */
-
-/* hss structs */
-typedef struct hss_working_key hss_working_key;
-typedef struct hss_extra_info  hss_extra_info;
-
-struct LmsKey {
-    unsigned             levels;                      /* Number of tree levels. */
-    param_set_t          lm_type[MAX_HSS_LEVELS];     /* Height param per level. */
-    param_set_t          lm_ots_type[MAX_HSS_LEVELS]; /* Winternitz param per level. */
-    unsigned char        pub[HSS_MAX_PUBLIC_KEY_LEN];
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-    hss_working_key *    working_key;
-    wc_lms_write_private_key_cb write_private_key; /* Callback to write/update key. */
-    wc_lms_read_private_key_cb  read_private_key;  /* Callback to read key. */
-    void *               context;           /* Context arg passed to callbacks. */
-    hss_extra_info       info;
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
-    enum wc_LmsState     state;
-};
-
-#endif /* WOLFSSL_HAVE_LMS */
-#endif /* EXT_LMS_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_mlkem.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_mlkem.h
deleted file mode 100644
index bd6cd5cc0..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_mlkem.h
+++ /dev/null
@@ -1,74 +0,0 @@
-/* ext_mlkem.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef EXT_KYBER_H
-#define EXT_KYBER_H
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#ifdef WOLFSSL_HAVE_MLKEM
-#include <wolfssl/wolfcrypt/mlkem.h>
-
-#if !defined(HAVE_LIBOQS)
-#error "This code requires liboqs"
-#endif
-
-#if defined(WOLFSSL_WC_MLKEM)
-#error "This code is incompatible with wolfCrypt's implementation of Kyber."
-#endif
-
-#if defined (HAVE_LIBOQS)
-    #include <oqs/kem.h>
-
-    #ifndef WOLFSSL_NO_ML_KEM
-        #define EXT_KYBER_MAX_PRIV_SZ OQS_KEM_ml_kem_1024_length_secret_key
-        #define EXT_KYBER_MAX_PUB_SZ  OQS_KEM_ml_kem_1024_length_public_key
-    #elif defined(WOLFSSL_MLKEM_KYBER)
-        #define EXT_KYBER_MAX_PRIV_SZ OQS_KEM_kyber_1024_length_secret_key
-        #define EXT_KYBER_MAX_PUB_SZ  OQS_KEM_kyber_1024_length_public_key
-    #endif
-#endif
-
-struct KyberKey {
-    /* Type of key: KYBER_LEVEL1
-     *              KYBER_LEVEL3
-     *              KYBER_LEVEL5
-     *
-     * Note we don't save the variant (SHAKE vs AES) as that is decided at
-     * configuration time. */
-    int type;
-
-#ifdef WOLF_CRYPTO_CB
-    void* devCtx;
-    int   devId;
-#endif
-
-    byte priv[EXT_KYBER_MAX_PRIV_SZ];
-    byte pub[EXT_KYBER_MAX_PUB_SZ];
-};
-
-#if defined (HAVE_LIBOQS)
-WOLFSSL_LOCAL int ext_mlkem_enabled(int id);
-#endif
-#endif /* WOLFSSL_HAVE_MLKEM */
-#endif /* EXT_KYBER_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_xmss.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_xmss.h
deleted file mode 100644
index 788437c83..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/ext_xmss.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* ext_xmss.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef EXT_XMSS_H
-#define EXT_XMSS_H
-
-#if defined(WOLFSSL_HAVE_XMSS) && defined(HAVE_LIBXMSS)
-
-#include <wolfssl/wolfcrypt/xmss.h>
-
-#include <xmss.h>
-#include <params.h>
-
-#if defined(WOLFSSL_WC_XMSS)
-    #error "This code is incompatible with wolfCrypt's implementation of XMSS."
-#endif
-
-struct XmssKey {
-    unsigned char        pk[XMSS_SHA256_PUBLEN];
-    word32               oid;
-    int                  is_xmssmt;
-    xmss_params          params;
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-    /* The secret key length is a function of xmss_params. */
-    unsigned char *      sk;
-    word32               sk_len;
-    wc_xmss_write_private_key_cb write_private_key; /* Callback to write/update key. */
-    wc_xmss_read_private_key_cb  read_private_key;  /* Callback to read key. */
-    void *               context;           /* Context arg passed to callbacks. */
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
-    enum wc_XmssState    state;
-};
-
-#endif /* WOLFSSL_HAVE_XMSS */
-#endif /* EXT_XMSS_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/falcon.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/falcon.h
deleted file mode 100644
index 904a68c23..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/falcon.h
+++ /dev/null
@@ -1,180 +0,0 @@
-/* falcon.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/falcon.h
-*/
-
-/* Interfaces for Falcon NIST Level 1 (Falcon512) and Falcon NIST Level 5
- * (Falcon1024). */
-
-#ifndef WOLF_CRYPT_FALCON_H
-#define WOLF_CRYPT_FALCON_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#if defined(HAVE_PQC) && defined(HAVE_FALCON)
-
-#ifdef HAVE_LIBOQS
-#include <oqs/oqs.h>
-#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
-#endif
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Macros Definitions */
-
-#ifdef HAVE_LIBOQS
-#define FALCON_LEVEL1_KEY_SIZE     OQS_SIG_falcon_512_length_secret_key
-#define FALCON_LEVEL1_SIG_SIZE     OQS_SIG_falcon_512_length_signature
-#define FALCON_LEVEL1_PUB_KEY_SIZE OQS_SIG_falcon_512_length_public_key
-#define FALCON_LEVEL1_PRV_KEY_SIZE (FALCON_LEVEL1_PUB_KEY_SIZE+FALCON_LEVEL1_KEY_SIZE)
-
-#define FALCON_LEVEL5_KEY_SIZE     OQS_SIG_falcon_1024_length_secret_key
-#define FALCON_LEVEL5_SIG_SIZE     OQS_SIG_falcon_1024_length_signature
-#define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key
-#define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE)
-#endif
-
-#define FALCON_MAX_KEY_SIZE     FALCON_LEVEL5_KEY_SIZE
-#define FALCON_MAX_SIG_SIZE     FALCON_LEVEL5_SIG_SIZE
-#define FALCON_MAX_PUB_KEY_SIZE FALCON_LEVEL5_PUB_KEY_SIZE
-#define FALCON_MAX_PRV_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE
-
-#ifdef WOLF_PRIVATE_KEY_ID
-#define FALCON_MAX_ID_LEN    32
-#define FALCON_MAX_LABEL_LEN 32
-#endif
-
-
-/* Structs */
-
-struct falcon_key {
-    bool pubKeySet;
-    bool prvKeySet;
-    byte level;
-
-#ifdef WOLF_CRYPTO_CB
-    void* devCtx;
-    int   devId;
-#endif
-#ifdef WOLF_PRIVATE_KEY_ID
-    byte id[FALCON_MAX_ID_LEN];
-    int  idLen;
-    char label[FALCON_MAX_LABEL_LEN];
-    int  labelLen;
-#endif
-
-    byte p[FALCON_MAX_PUB_KEY_SIZE];
-    byte k[FALCON_MAX_PRV_KEY_SIZE];
-};
-
-#ifndef WC_FALCONKEY_TYPE_DEFINED
-    typedef struct falcon_key falcon_key;
-    #define WC_FALCONKEY_TYPE_DEFINED
-#endif
-
-/* Functions */
-
-WOLFSSL_API
-int wc_falcon_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
-                       falcon_key* key, WC_RNG* rng);
-WOLFSSL_API
-int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                         word32 msgLen, int* res, falcon_key* key);
-
-WOLFSSL_API
-int wc_falcon_init(falcon_key* key);
-
-WOLFSSL_API
-int wc_falcon_init_ex(falcon_key* key, void* heap, int devId);
-
-#ifdef WOLF_PRIVATE_KEY_ID
-WOLFSSL_API
-int wc_falcon_init_id(falcon_key* key, const unsigned char* id, int len,
-                      void* heap, int devId);
-WOLFSSL_API
-int wc_falcon_init_label(falcon_key* key, const char* label, void* heap,
-                         int devId);
-#endif
-
-WOLFSSL_API
-int wc_falcon_set_level(falcon_key* key, byte level);
-WOLFSSL_API
-int wc_falcon_get_level(falcon_key* key, byte* level);
-WOLFSSL_API
-void wc_falcon_free(falcon_key* key);
-
-WOLFSSL_API
-int wc_falcon_import_public(const byte* in, word32 inLen, falcon_key* key);
-WOLFSSL_API
-int wc_falcon_import_private_only(const byte* priv, word32 privSz,
-                                  falcon_key* key);
-WOLFSSL_API
-int wc_falcon_import_private_key(const byte* priv, word32 privSz,
-                                 const byte* pub, word32 pubSz,
-                                 falcon_key* key);
-
-WOLFSSL_API
-int wc_falcon_export_public(falcon_key* key, byte* out, word32* outLen);
-WOLFSSL_API
-int wc_falcon_export_private_only(falcon_key* key, byte* out, word32* outLen);
-WOLFSSL_API
-int wc_falcon_export_private(falcon_key* key, byte* out, word32* outLen);
-WOLFSSL_API
-int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz,
-                         byte* pub, word32 *pubSz);
-
-WOLFSSL_API
-int wc_falcon_check_key(falcon_key* key);
-
-WOLFSSL_API
-int wc_falcon_size(falcon_key* key);
-WOLFSSL_API
-int wc_falcon_priv_size(falcon_key* key);
-WOLFSSL_API
-int wc_falcon_pub_size(falcon_key* key);
-WOLFSSL_API
-int wc_falcon_sig_size(falcon_key* key);
-
-WOLFSSL_API int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx,
-                                           falcon_key* key, word32 inSz);
-WOLFSSL_API int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx,
-                                          falcon_key* key, word32 inSz);
-WOLFSSL_API int wc_Falcon_KeyToDer(falcon_key* key, byte* output,
-                                   word32 inLen);
-WOLFSSL_API int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output,
-                                          word32 inLen);
-WOLFSSL_API int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output,
-                                         word32 inLen, int withAlg);
-
-#ifdef __cplusplus
-    }    /* extern "C" */
-#endif
-
-#endif /* HAVE_PQC && HAVE_FALCON */
-#endif /* WOLF_CRYPT_FALCON_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/fe_448.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/fe_448.h
deleted file mode 100644
index 46a971750..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/fe_448.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/* fe448_448.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef WOLF_CRYPT_FE_448_H
-#define WOLF_CRYPT_FE_448_H
-
-#include <wolfssl/wolfcrypt/settings.h>
-
-#if defined(HAVE_CURVE448) || defined(HAVE_ED448)
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#if defined(HAVE___UINT128_T) && !defined(NO_CURVED448_128BIT) && \
-        !defined(NO_INT128)
-    #define CURVED448_128BIT
-#endif
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* default to be faster but take more memory */
-#if !defined(CURVE448_SMALL) && !defined(ED448_SMALL)
-
-#if defined(CURVED448_128BIT)
-    typedef sword64 fe448;
-    #ifndef WOLFSSL_UINT128_T_DEFINED
-        #ifdef __SIZEOF_INT128__
-            typedef __uint128_t uint128_t;
-            typedef __int128_t int128_t;
-            typedef __uint128_t word128;
-            typedef __int128_t sword128;
-        #else
-            typedef unsigned long uint128_t __attribute__ ((mode(TI)));
-            typedef long int128_t __attribute__ ((mode(TI)));
-            typedef uint128_t word128;
-            typedef int128_t sword128;
-        #endif
-        #define WOLFSSL_UINT128_T_DEFINED
-    #endif
-#else
-    typedef sword32 fe448;
-#endif
-
-WOLFSSL_LOCAL void fe448_init(void);
-WOLFSSL_LOCAL int  curve448(byte* r, const byte* n, const byte* a);
-
-#if !defined(CURVED448_128BIT)
-WOLFSSL_LOCAL void fe448_reduce(fe448*);
-#else
-#define fe448_reduce(a) WC_DO_NOTHING
-#endif
-WOLFSSL_LOCAL void fe448_neg(fe448* r, const fe448* a);
-WOLFSSL_LOCAL void fe448_add(fe448* r, const fe448* a, const fe448* b);
-WOLFSSL_LOCAL void fe448_sub(fe448* r, const fe448* a, const fe448* b);
-WOLFSSL_LOCAL void fe448_mul(fe448* r, const fe448* a, const fe448* b);
-WOLFSSL_LOCAL void fe448_sqr(fe448* r, const fe448* a);
-WOLFSSL_LOCAL void fe448_mul39081(fe448* r, const fe448* a);
-WOLFSSL_LOCAL void fe448_invert(fe448* r, const fe448* a);
-
-WOLFSSL_LOCAL void fe448_0(fe448* a);
-WOLFSSL_LOCAL void fe448_1(fe448* a);
-WOLFSSL_LOCAL void fe448_copy(fe448* d, const fe448* a);
-WOLFSSL_LOCAL int  fe448_isnonzero(const fe448* a);
-WOLFSSL_LOCAL int  fe448_isnegative(const fe448* a);
-
-WOLFSSL_LOCAL void fe448_from_bytes(fe448* r, const unsigned char* b);
-WOLFSSL_LOCAL void fe448_to_bytes(unsigned char* b, const fe448* a);
-
-WOLFSSL_LOCAL void fe448_cmov(fe448* a, const fe448* b, int c);
-WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448* r, const fe448* a);
-
-#else
-
-WOLFSSL_LOCAL void fe448_init(void);
-WOLFSSL_LOCAL int  curve448(byte* r, const byte* n, const byte* a);
-
-#define fe448_reduce(a) WC_DO_NOTHING
-
-WOLFSSL_LOCAL void fe448_neg(word8* r, const word8* a);
-WOLFSSL_LOCAL void fe448_add(word8* r, const word8* a, const word8* b);
-WOLFSSL_LOCAL void fe448_sub(word8* r, const word8* a, const word8* b);
-WOLFSSL_LOCAL void fe448_mul(word8* r, const word8* a, const word8* b);
-WOLFSSL_LOCAL void fe448_sqr(word8* r, const word8* a);
-WOLFSSL_LOCAL void fe448_mul39081(word8* r, const word8* a);
-WOLFSSL_LOCAL void fe448_invert(word8* r, const word8* a);
-
-WOLFSSL_LOCAL void fe448_norm(byte *a);
-WOLFSSL_LOCAL void fe448_copy(word8* d, const word8* a);
-WOLFSSL_LOCAL int  fe448_isnonzero(const word8* a);
-
-WOLFSSL_LOCAL void fe448_cmov(word8* a, const word8* b, int c);
-WOLFSSL_LOCAL void fe448_pow_2_446_222_1(word8* r, const word8* a);
-
-#endif /* !CURVE448_SMALL || !ED448_SMALL */
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* HAVE_CURVE448 || HAVE_ED448 */
-
-#endif /* WOLF_CRYPT_FE_448_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/ge_448.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/ge_448.h
deleted file mode 100644
index df9a45040..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/ge_448.h
+++ /dev/null
@@ -1,84 +0,0 @@
-/* ge_448.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef WOLF_CRYPT_GE_448_H
-#define WOLF_CRYPT_GE_448_H
-
-#include <wolfssl/wolfcrypt/settings.h>
-
-#ifdef HAVE_ED448
-
-#include <wolfssl/wolfcrypt/fe_448.h>
-
-/*
-ge448 means group element.
-
-Here the group is the set of pairs (x,y) of field elements (see fe.h)
-satisfying -x^2 + y^2 = 1 + d x^2y^2
-where d = -39081.
-
-Representations:
-  ge448_p2 (projective) : (X:Y:Z) satisfying x=X/Z, y=Y/Z
-  ge448_precomp (affine): (x,y)
-*/
-
-#ifdef ED448_SMALL
-    typedef byte     ge448;
-    #define GE448_WORDS    56
-#elif defined(CURVED448_128BIT)
-    typedef sword64  ge448;
-    #define GE448_WORDS    8
-#else
-    typedef sword32  ge448;
-    #define GE448_WORDS    16
-#endif
-
-typedef struct {
-  ge448 X[GE448_WORDS];
-  ge448 Y[GE448_WORDS];
-  ge448 Z[GE448_WORDS];
-} ge448_p2;
-
-
-WOLFSSL_LOCAL int  ge448_compress_key(byte* out, const byte* xIn, const byte* yIn);
-WOLFSSL_LOCAL int  ge448_from_bytes_negate_vartime(ge448_p2 *r, const byte *b);
-
-WOLFSSL_LOCAL int  ge448_double_scalarmult_vartime(ge448_p2 *r, const byte *a,
-                                    const ge448_p2 *A, const byte *b);
-WOLFSSL_LOCAL int  ge448_scalarmult_base(ge448_p2* h, const byte* a);
-/* Only performs a weak reduce. */
-WOLFSSL_LOCAL void sc448_reduce(byte* b);
-WOLFSSL_LOCAL void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d);
-WOLFSSL_LOCAL void ge448_to_bytes(byte *s, const ge448_p2 *h);
-
-
-#ifndef ED448_SMALL
-typedef struct {
-  ge448 x[GE448_WORDS];
-  ge448 y[GE448_WORDS];
-} ge448_precomp;
-
-#endif /* !ED448_SMALL */
-
-#endif /* HAVE_ED448 */
-
-#endif /* WOLF_CRYPT_GE_448_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/ge_operations.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/ge_operations.h
deleted file mode 100644
index a9cc47584..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/ge_operations.h
+++ /dev/null
@@ -1,134 +0,0 @@
-/* ge_operations.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
- /* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work. */
-
-#ifndef WOLF_CRYPT_GE_OPERATIONS_H
-#define WOLF_CRYPT_GE_OPERATIONS_H
-
-#include <wolfssl/wolfcrypt/settings.h>
-
-#ifdef HAVE_ED25519
-
-#include <wolfssl/wolfcrypt/fe_operations.h>
-
-/*
-ge means group element.
-
-Here the group is the set of pairs (x,y) of field elements (see fe.h)
-satisfying -x^2 + y^2 = 1 + d x^2y^2
-where d = -121665/121666.
-
-Representations:
-  ge_p2 (projective): (X:Y:Z) satisfying x=X/Z, y=Y/Z
-  ge_p3 (extended): (X:Y:Z:T) satisfying x=X/Z, y=Y/Z, XY=ZT
-  ge_p1p1 (completed): ((X:Z),(Y:T)) satisfying x=X/Z, y=Y/T
-  ge_precomp (Duif): (y+x,y-x,2dxy)
-*/
-
-#ifdef ED25519_SMALL
-  ALIGN16 typedef byte     ge[F25519_SIZE];
-#elif defined(CURVED25519_ASM_64BIT)
-  ALIGN16 typedef sword64  ge[4];
-#elif defined(CURVED25519_ASM_32BIT)
-  ALIGN16 typedef sword32  ge[8];
-#elif defined(CURVED25519_128BIT)
-  ALIGN16 typedef sword64  ge[5];
-#else
-  ALIGN16 typedef sword32  ge[10];
-#endif
-
-typedef struct {
-  ge X;
-  ge Y;
-  ge Z;
-} ge_p2;
-
-typedef struct {
-  ge X;
-  ge Y;
-  ge Z;
-  ge T;
-} ge_p3;
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_LOCAL int  ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
-                                                                word32 keySz);
-WOLFSSL_LOCAL int  ge_frombytes_negate_vartime(ge_p3 *h,const unsigned char *s);
-
-WOLFSSL_LOCAL int  ge_double_scalarmult_vartime(ge_p2 *r, const unsigned char *a,
-                                 const ge_p3 *A, const unsigned char *b);
-WOLFSSL_LOCAL void ge_scalarmult_base(ge_p3 *h,const unsigned char *a);
-WOLFSSL_LOCAL void sc_reduce(byte* s);
-WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
-                             const byte* c);
-WOLFSSL_LOCAL void ge_tobytes(unsigned char *s,const ge_p2 *h);
-#ifndef GE_P3_TOBYTES_IMPL
-#define ge_p3_tobytes(s, h) ge_tobytes((s), (const ge_p2 *)(h))
-#else
-WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *s,const ge_p3 *h);
-#endif
-
-
-#ifndef ED25519_SMALL
-typedef struct {
-  ge X;
-  ge Y;
-  ge Z;
-  ge T;
-} ge_p1p1;
-
-typedef struct {
-  ge yplusx;
-  ge yminusx;
-  ge xy2d;
-} ge_precomp;
-
-typedef struct {
-  ge YplusX;
-  ge YminusX;
-  ge Z;
-  ge T2d;
-} ge_cached;
-
-#ifdef CURVED25519_ASM
-WOLFSSL_LOCAL void ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p);
-WOLFSSL_LOCAL void ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p);
-WOLFSSL_LOCAL void ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p);
-#define ge_p3_dbl(r, p)     ge_p2_dbl((ge_p1p1 *)(r), (ge_p2 *)(p))
-WOLFSSL_LOCAL void ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q);
-WOLFSSL_LOCAL void ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q);
-WOLFSSL_LOCAL void ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
-WOLFSSL_LOCAL void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
-#endif
-#endif /* !ED25519_SMALL */
-
-#ifdef __cplusplus
-    }    /* extern "C" */
-#endif
-
-#endif /* HAVE_ED25519 */
-
-#endif /* WOLF_CRYPT_GE_OPERATIONS_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/integer.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/integer.h
deleted file mode 100644
index 1b63c25eb..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/integer.h
+++ /dev/null
@@ -1,449 +0,0 @@
-/* integer.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/*
- * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-#ifndef WOLF_CRYPT_INTEGER_H
-#define WOLF_CRYPT_INTEGER_H
-
-/* may optionally use SP math all or fast math instead. The heap math requires
- * realloc and is not timing resistant. The SP math all is recommended for new
- * designs.
- */
-
-#ifndef USE_INTEGER_HEAP_MATH
-
-    /* Some platforms (like FIPS) may only include integer.h for math. */
-    /* Handle variations of fast math, integer and sp math */
-    #include <wolfssl/wolfcrypt/wolfmath.h>
-
-#else
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/random.h>
-
-#if !defined(CHAR_BIT) && !defined(NO_LIMITS_H)
-    #include <limits.h>
-#endif
-
-#include <wolfssl/wolfcrypt/mpi_class.h>
-
-
-#ifdef __cplusplus
-extern "C" {
-
-/* C++ compilers don't like assigning void * to mp_digit * */
-#define  OPT_CAST(x)  (x *)
-
-#elif defined(_SH3)
-
-/* SuperH SH3 compiler doesn't like assigning voi* to mp_digit* */
-#define  OPT_CAST(x)  (x *)
-
-#else
-
-/* C on the other hand doesn't care */
-#define  OPT_CAST(x) /* null expansion */
-
-#endif /* __cplusplus */
-
-
-/* detect 64-bit mode if possible */
-#if (defined(__x86_64__) || defined(__aarch64__)) && !(defined (_MSC_VER) && defined(__clang__))
-   #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT))
-      #define MP_64BIT
-   #endif
-#endif
-/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
-#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
-    #undef MP_64BIT
-#endif
-
-
-/* allow user to define on mp_digit, mp_word, DIGIT_BIT types */
-#ifndef WOLFSSL_BIGINT_TYPES
-
-/* some default configurations.
- *
- * A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
- * A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
- *
- * At the very least a mp_digit must be able to hold 7 bits
- * [any size beyond that is ok provided it doesn't overflow the data type]
- */
-#ifdef MP_8BIT
-   /* 8-bit */
-   typedef unsigned char      mp_digit;
-   typedef unsigned short     mp_word;
-   /* don't define DIGIT_BIT, so its calculated below */
-#elif defined(MP_16BIT)
-   /* 16-bit */
-   typedef unsigned int       mp_digit;
-   typedef unsigned long      mp_word;
-   /* don't define DIGIT_BIT, so its calculated below */
-#elif defined(NO_64BIT)
-   /* 32-bit forced to 16-bit */
-   typedef unsigned short     mp_digit;
-   typedef unsigned int       mp_word;
-   #define DIGIT_BIT          12
-#elif defined(MP_64BIT)
-   /* 64-bit */
-   /* for GCC only on supported platforms */
-   typedef unsigned long long mp_digit;  /* 64 bit type, 128 uses mode(TI) */
-   typedef unsigned long      mp_word __attribute__ ((mode(TI)));
-   #define DIGIT_BIT          60
-#else
-   /* 32-bit default case */
-
-   #if defined(_MSC_VER) || defined(__BORLANDC__)
-      typedef unsigned __int64   ulong64;
-   #else
-      typedef unsigned long long ulong64;
-   #endif
-
-   typedef unsigned int       mp_digit;  /* long could be 64 now, changed TAO */
-   typedef ulong64            mp_word;
-
-   #ifdef MP_31BIT
-      /* this is an extension that uses 31-bit digits */
-      #define DIGIT_BIT          31
-   #else
-      /* default case is 28-bit digits, defines MP_28BIT as a handy test macro */
-      #define DIGIT_BIT          28
-      #define MP_28BIT
-   #endif
-#endif
-
-#endif /* WOLFSSL_BIGINT_TYPES */
-
-/* otherwise the bits per digit is calculated automatically from the size of
-   a mp_digit */
-#ifndef DIGIT_BIT
-   #define DIGIT_BIT ((int)((CHAR_BIT * sizeof(mp_digit) - 1)))
-      /* bits per digit */
-#endif
-
-#define MP_DIGIT_BIT     DIGIT_BIT
-#define MP_MASK          ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
-#define MP_DIGIT_MAX     MP_MASK
-
-/* equalities */
-#define MP_LT       (-1)  /* less than */
-#define MP_EQ         0   /* equal to */
-#define MP_GT         1   /* greater than */
-
-#define MP_ZPOS       0   /* positive integer */
-#define MP_NEG        1   /* negative */
-
-#define MP_OKAY       0   /* ok result */
-#define MP_RANGE      MP_NOT_INF
-
-#define MP_YES        1   /* yes response */
-#define MP_NO         0   /* no response */
-
-/* Primality generation flags */
-#define LTM_PRIME_BBS      0x0001 /* BBS style prime */
-#define LTM_PRIME_SAFE     0x0002 /* Safe prime (p-1)/2 == prime */
-#define LTM_PRIME_2MSB_ON  0x0008 /* force 2nd MSB to 1 */
-
-typedef int           mp_err;
-
-/* define this to use lower memory usage routines (exptmods mostly) */
-#define MP_LOW_MEM
-
-/* default precision */
-#ifndef MP_PREC
-   #ifndef MP_LOW_MEM
-      #define MP_PREC                 32     /* default digits of precision */
-   #else
-      #define MP_PREC                 1      /* default digits of precision */
-   #endif
-#endif
-
-/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD -
-   BITS_PER_DIGIT*2) */
-#define MP_WARRAY  ((mp_word)1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
-
-/* No point in dynamically allocating mp_int when it is very small.
- * The dp field will grow and shrink dynamically.
- */
-/* Declare a statically allocated mp_int. */
-#define DECL_MP_INT_SIZE(name, bits)    \
-    mp_int name[1]
-/* Declare statically allocated mp_int. */
-#define DECL_MP_INT_SIZE_DYN(name, bits, max) \
-    mp_int name[1]
-/* Zero out mp_int of minimal size. */
-#define NEW_MP_INT_SIZE(name, bits, heap, type) \
-    XMEMSET(name, 0, sizeof(mp_int))
-/* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type) \
-    do {                                   \
-        if ((name) != NULL) {              \
-            mp_free(name);                 \
-        }                                  \
-    } while (0)
-/* Initialize an mp_int. */
-#define INIT_MP_INT_SIZE(name, bits) \
-    mp_init(name)
-/* Type to cast to when using size marcos. */
-#define MP_INT_SIZE     mp_int
-
-#ifdef HAVE_WOLF_BIGINT
-    /* raw big integer */
-    typedef struct WC_BIGINT {
-        byte*   buf;
-        word32  len;
-        void*   heap;
-    } WC_BIGINT;
-    #define WOLF_BIGINT_DEFINED
-#endif
-
-#define wc_mp_size_t int
-#define wc_mp_sign_t int
-
-/* the mp_int structure */
-typedef struct mp_int {
-    int used, alloc, sign;
-    mp_digit *dp;
-
-#ifdef HAVE_WOLF_BIGINT
-    struct WC_BIGINT raw; /* unsigned binary (big endian) */
-#endif
-} mp_int;
-
-/* wolf big int and common functions */
-#include <wolfssl/wolfcrypt/wolfmath.h>
-
-
-/* callback for mp_prime_random, should fill dst with random bytes and return
-   how many read [up to len] */
-typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
-
-
-#define USED(m)    ((m)->used)
-#define DIGIT(m,k) ((m)->dp[(k)])
-#define SIGN(m)    ((m)->sign)
-
-
-/* ---> Basic Manipulations <--- */
-#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
-#define mp_isone(a) \
-    (((((a)->used == 1)) && ((a)->dp[0] == 1u) && ((a)->sign == MP_ZPOS)) \
-                                                               ? MP_YES : MP_NO)
-#define mp_iseven(a) \
-    (((a)->used > 0 && (((a)->dp[0] & 1u) == 0u)) ? MP_YES : MP_NO)
-#define mp_isodd(a) \
-    (((a)->used > 0 && (((a)->dp[0] & 1u) == 1u)) ? MP_YES : MP_NO)
-#define mp_isneg(a)  (((a)->sign != MP_ZPOS) ? MP_YES : MP_NO)
-#define mp_setneg(a) ((a)->sign = MP_NEG)
-#define mp_isword(a, w) \
-    ((((a)->used == 1) && ((a)->dp[0] == (w))) || (((w) == 0) && ((a)->used == 0)) \
-                                                               ? MP_YES : MP_NO)
-/* Number of bits used based on used field only. */
-#define mp_bitsused(a)   ((a)->used * DIGIT_BIT)
-
-/* number of primes */
-#ifdef MP_8BIT
-   #define PRIME_SIZE      31
-#else
-   #define PRIME_SIZE      256
-#endif
-
-#ifndef MAX_INVMOD_SZ
-    #if defined(WOLFSSL_MYSQL_COMPATIBLE)
-        #define MAX_INVMOD_SZ 8192
-    #else
-        #define MAX_INVMOD_SZ 4096
-    #endif
-#endif
-
-#define mp_prime_random(a, t, size, bbs, cb, dat) \
-   mp_prime_random_ex(a, t, ((size) * 8) + 1, ((bbs)==1)?LTM_PRIME_BBS:0, cb, dat)
-
-#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
-#define mp_mag_size(mp)           mp_unsigned_bin_size(mp)
-#define mp_tomag(mp, str)         mp_to_unsigned_bin((mp), (str))
-
-#define MP_RADIX_BIN  2
-#define MP_RADIX_OCT  8
-#define MP_RADIX_DEC  10
-#define MP_RADIX_HEX  16
-#define MP_RADIX_MAX  64
-
-#define mp_tobinary(M, S)  mp_toradix((M), (S), MP_RADIX_BIN)
-#define mp_tooctal(M, S)   mp_toradix((M), (S), MP_RADIX_OCT)
-#define mp_todecimal(M, S) mp_toradix((M), (S), MP_RADIX_DEC)
-#define mp_tohex(M, S)     mp_toradix((M), (S), MP_RADIX_HEX)
-
-#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1)
-
-#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \
-    defined(WOLFSSL_DEBUG_MATH) || defined(DEBUG_WOLFSSL)
-extern const char *mp_s_rmap;
-#endif
-
-/* functions needed by Rsa */
-MP_API int  mp_init (mp_int * a);
-MP_API void mp_clear (mp_int * a);
-MP_API void mp_free (mp_int * a);
-MP_API void mp_forcezero(mp_int * a);
-MP_API int  mp_unsigned_bin_size(const mp_int * a);
-MP_API int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
-MP_API int  mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
-MP_API int  mp_to_unsigned_bin(const mp_int * a, unsigned char *b);
-#define mp_to_unsigned_bin_len_ct mp_to_unsigned_bin_len
-MP_API int  mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
-MP_API int  mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
-MP_API int  mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P,
-                           mp_int * Y);
-/* end functions needed by Rsa */
-
-/* functions added to support above needed, removed TOOM and KARATSUBA */
-MP_API int  mp_count_bits (const mp_int * a);
-MP_API int  mp_leading_bit (mp_int * a);
-MP_API int  mp_init_copy (mp_int * a, const mp_int * b);
-MP_API int  mp_copy (const mp_int * a, mp_int * b);
-MP_API int  mp_grow (mp_int * a, int size);
-MP_API int  mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
-MP_API void mp_zero (mp_int * a);
-MP_API void mp_clamp (mp_int * a);
-MP_API int  mp_exch (mp_int * a, mp_int * b);
-MP_API int  mp_cond_swap_ct_ex (mp_int * a, mp_int * b, int c, int m,
-                                mp_int * t);
-MP_API int  mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
-MP_API void mp_rshd (mp_int * a, int b);
-MP_API void mp_rshb (mp_int * a, int b);
-MP_API int  mp_mod_2d (mp_int * a, int b, mp_int * c);
-MP_API int  mp_mul_2d (mp_int * a, int b, mp_int * c);
-MP_API int  mp_lshd (mp_int * a, int b);
-MP_API int  mp_abs (mp_int * a, mp_int * b);
-MP_API int  mp_invmod (mp_int * a, mp_int * b, mp_int * c);
-int  fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_cmp_mag (mp_int * a, mp_int * b);
-MP_API int  mp_cmp (mp_int * a, mp_int * b);
-#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
-MP_API int  mp_cmp_d(mp_int * a, mp_digit b);
-MP_API int  mp_set (mp_int * a, mp_digit b);
-MP_API int  mp_is_bit_set (mp_int * a, mp_digit b);
-MP_API int  mp_mod (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
-MP_API int  mp_div_2(mp_int * a, mp_int * b);
-MP_API int  mp_div_2_mod_ct (mp_int* a, mp_int* b, mp_int* c);
-MP_API int  mp_add (mp_int * a, mp_int * b, mp_int * c);
-int  s_mp_add (mp_int * a, mp_int * b, mp_int * c);
-int  s_mp_sub (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_sub (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_reduce_is_2k_l(mp_int *a);
-MP_API int  mp_reduce_is_2k(mp_int *a);
-MP_API int  mp_dr_is_modulus(mp_int *a);
-MP_API int  mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
-                             int redmode);
-MP_API int  mp_exptmod_base_2 (mp_int * X, mp_int * P, mp_int * Y);
-#define mp_exptmod_nct(G,X,P,Y)    mp_exptmod_fast(G,X,P,Y,0)
-MP_API int  mp_montgomery_setup (mp_int * n, mp_digit * rho);
-int  fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
-MP_API int  mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
-#define mp_montgomery_reduce_ex(x, n, rho, ct) mp_montgomery_reduce (x, n, rho)
-#define mp_montgomery_reduce_ct(x, n, rho)     mp_montgomery_reduce (x, n, rho)
-MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
-MP_API int  mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
-MP_API int  mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
-int  fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
-int  s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
-MP_API int  mp_reduce_2k_setup_l(mp_int *a, mp_int *d);
-MP_API int  mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d);
-MP_API int  mp_reduce (mp_int * x, mp_int * m, mp_int * mu);
-MP_API int  mp_reduce_setup (mp_int * a, mp_int * b);
-int  s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode);
-MP_API int  mp_montgomery_calc_normalization (mp_int * a, mp_int * b);
-int  s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
-int  s_mp_sqr (mp_int * a, mp_int * b);
-int  fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs);
-int  fast_s_mp_sqr (mp_int * a, mp_int * b);
-MP_API int  mp_init_size (mp_int * a, int size);
-MP_API int  mp_div_3 (mp_int * a, mp_int *c, mp_digit * d);
-MP_API int  mp_mul_2(mp_int * a, mp_int * b);
-MP_API int  mp_mul (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_sqr (mp_int * a, mp_int * b);
-MP_API int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
-MP_API int  mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
-MP_API int  mp_2expt (mp_int * a, int b);
-MP_API int  mp_set_bit (mp_int * a, int b);
-MP_API int  mp_reduce_2k_setup(mp_int *a, mp_digit *d);
-MP_API int  mp_add_d (mp_int* a, mp_digit b, mp_int* c);
-MP_API int  mp_set_int (mp_int * a, unsigned long b);
-MP_API int  mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
-/* end support added functions */
-
-/* added */
-MP_API int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
-                         mp_int* f);
-MP_API int mp_toradix (mp_int *a, char *str, int radix);
-MP_API int mp_radix_size (mp_int * a, int radix, int *size);
-
-#ifdef WOLFSSL_DEBUG_MATH
-    MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
-#else
-    #define mp_dump(desc, a, verbose) WC_DO_NOTHING
-#endif
-
-#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
-    !defined(NO_DSA) || !defined(NO_DH)
-    MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
-#endif
-#if !defined(NO_DSA) || defined(HAVE_ECC) || defined(OPENSSL_EXTRA)
-    MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
-#endif
-
-#if defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH)
-    MP_API int mp_prime_is_prime (mp_int * a, int t, int *result);
-    MP_API int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG* rng);
-#endif /* WOLFSSL_KEY_GEN NO_RSA NO_DSA NO_DH */
-#ifdef WOLFSSL_KEY_GEN
-    MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
-    MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
-    MP_API int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap);
-#endif
-
-MP_API int mp_cnt_lsb(mp_int *a);
-MP_API int mp_mod_d(mp_int* a, mp_digit b, mp_digit* c);
-
-
-#ifdef __cplusplus
-   }
-#endif
-
-
-#endif /* USE_INTEGER_HEAP_MATH */
-
-#endif  /* WOLF_CRYPT_INTEGER_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/libwolfssl_sources_asm.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/libwolfssl_sources_asm.h
deleted file mode 100644
index 5ecd092b1..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/libwolfssl_sources_asm.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* libwolfssl_sources_asm.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* In wolfSSL library sources, #include this file before any other #includes, to
- * assure BUILDING_WOLFSSL is defined.
- *
- * This file also includes the common headers needed by all sources.
- */
-
-#ifndef LIBWOLFSSL_SOURCES_ASM_H
-#define LIBWOLFSSL_SOURCES_ASM_H
-
-#if defined(TEST_LIBWOLFSSL_SOURCES_INCLUSION_SEQUENCE) && \
-    defined(WOLF_CRYPT_SETTINGS_H) &&                      \
-    !defined(LIBWOLFSSL_SOURCES_H)
-    #error settings.h included before libwolfssl_sources_asm.h.
-#endif
-
-#ifndef BUILDING_WOLFSSL
-    #define BUILDING_WOLFSSL
-#endif
-
-#if defined(HAVE_CONFIG_H) && !defined(WC_CONFIG_H_INCLUDED)
-    #include <config.h>
-    #define WC_CONFIG_H_INCLUDED
-#endif
-
-#include <wolfssl/wolfcrypt/settings.h>
-
-#endif /* LIBWOLFSSL_SOURCES_ASM_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/lms.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/lms.h
deleted file mode 100644
index c9324cc69..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/lms.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/* lms.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/lms.h
- */
-
-#ifndef WOLF_CRYPT_LMS_H
-#define WOLF_CRYPT_LMS_H
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/random.h>
-
-#ifdef WOLFSSL_HAVE_LMS
-
-/* Length of the Key ID. */
-#define WC_LMS_I_LEN    16
-
-typedef struct LmsKey LmsKey;
-
-/* Private key write and read callbacks. */
-typedef int (*wc_lms_write_private_key_cb)(const byte * priv, word32 privSz, void *context);
-typedef int (*wc_lms_read_private_key_cb)(byte * priv, word32 privSz, void *context);
-
-/* Return codes returned by private key callbacks. */
-enum wc_LmsRc {
-  WC_LMS_RC_NONE,
-  WC_LMS_RC_BAD_ARG,            /* Bad arg in read or write callback. */
-  WC_LMS_RC_WRITE_FAIL,         /* Write or update private key failed. */
-  WC_LMS_RC_READ_FAIL,          /* Read private key failed. */
-  WC_LMS_RC_SAVED_TO_NV_MEMORY, /* Wrote private key to nonvolatile storage. */
-  WC_LMS_RC_READ_TO_MEMORY      /* Read private key from storage. */
-};
-
-/* LMS/HSS signatures are defined by 3 parameters:
- *   levels: number of levels of Merkle trees.
- *   height: height of an individual Merkle tree.
- *   winternitz: number of bits from hash used in a Winternitz chain.
- *
- * The acceptable parameter values are those in RFC8554:
- *   levels = {1..8}
- *   height = {5, 10, 15, 20, 25}
- *   winternitz = {1, 2, 4, 8}
- *
- * The number of available signatures is:
- *   N = 2 ** (levels * height)
- *
- * Signature sizes are determined by levels and winternitz
- * parameters primarily, and height to a lesser extent:
- *   - Larger levels values increase signature size significantly.
- *   - Larger height values increase signature size moderately.
- *   - Larger winternitz values will reduce the signature size, at
- *     the expense of longer key generation and sign/verify times.
- *
- * Key generation time is strongly determined by the height of
- * the first level tree. A 3 level, 5 height tree is much faster
- * than 1 level, 15 height at initial key gen, even if the number
- * of available signatures is the same.
- * */
-
-/* Predefined LMS/HSS parameter sets for convenience.
- *
- * Not predefining many sets with Winternitz=1, because the signatures
- * will be large. */
-enum wc_LmsParm {
-#ifndef WOLFSSL_NO_LMS_SHA256_256
-    WC_LMS_PARM_NONE = 0,
-    WC_LMS_PARM_L1_H5_W1 = 1,
-    WC_LMS_PARM_L1_H5_W2 = 2,
-    WC_LMS_PARM_L1_H5_W4 = 3,
-    WC_LMS_PARM_L1_H5_W8 = 4,
-    WC_LMS_PARM_L1_H10_W2 = 5,
-    WC_LMS_PARM_L1_H10_W4 = 6,
-    WC_LMS_PARM_L1_H10_W8 = 7,
-    WC_LMS_PARM_L1_H15_W2 = 8,
-    WC_LMS_PARM_L1_H15_W4 = 9,
-    WC_LMS_PARM_L1_H15_W8 = 10,
-    WC_LMS_PARM_L1_H20_W2 = 11,
-    WC_LMS_PARM_L1_H20_W4 = 12,
-    WC_LMS_PARM_L1_H20_W8 = 13,
-    WC_LMS_PARM_L2_H5_W2 = 14,
-    WC_LMS_PARM_L2_H5_W4 = 15,
-    WC_LMS_PARM_L2_H5_W8 = 16,
-    WC_LMS_PARM_L2_H10_W2 = 17,
-    WC_LMS_PARM_L2_H10_W4 = 18,
-    WC_LMS_PARM_L2_H10_W8 = 19,
-    WC_LMS_PARM_L2_H15_W2 = 20,
-    WC_LMS_PARM_L2_H15_W4 = 21,
-    WC_LMS_PARM_L2_H15_W8 = 22,
-    WC_LMS_PARM_L2_H20_W2 = 23,
-    WC_LMS_PARM_L2_H20_W4 = 24,
-    WC_LMS_PARM_L2_H20_W8 = 25,
-    WC_LMS_PARM_L3_H5_W2 = 26,
-    WC_LMS_PARM_L3_H5_W4 = 27,
-    WC_LMS_PARM_L3_H5_W8 = 28,
-    WC_LMS_PARM_L3_H10_W4 = 29,
-    WC_LMS_PARM_L3_H10_W8 = 30,
-    WC_LMS_PARM_L4_H5_W2 = 31,
-    WC_LMS_PARM_L4_H5_W4 = 32,
-    WC_LMS_PARM_L4_H5_W8 = 33,
-    WC_LMS_PARM_L4_H10_W4 = 34,
-    WC_LMS_PARM_L4_H10_W8 = 35,
-#endif
-
-#ifdef WOLFSSL_LMS_SHA256_192
-    WC_LMS_PARM_SHA256_192_L1_H5_W1  = 36,
-    WC_LMS_PARM_SHA256_192_L1_H5_W2  = 37,
-    WC_LMS_PARM_SHA256_192_L1_H5_W4  = 38,
-    WC_LMS_PARM_SHA256_192_L1_H5_W8  = 39,
-    WC_LMS_PARM_SHA256_192_L1_H10_W2 = 40,
-    WC_LMS_PARM_SHA256_192_L1_H10_W4 = 41,
-    WC_LMS_PARM_SHA256_192_L1_H10_W8 = 42,
-    WC_LMS_PARM_SHA256_192_L1_H15_W2 = 43,
-    WC_LMS_PARM_SHA256_192_L1_H15_W4 = 44,
-    WC_LMS_PARM_SHA256_192_L1_H20_W2 = 53,
-    WC_LMS_PARM_SHA256_192_L1_H20_W4 = 54,
-    WC_LMS_PARM_SHA256_192_L1_H20_W8 = 55,
-    WC_LMS_PARM_SHA256_192_L2_H10_W2 = 45,
-    WC_LMS_PARM_SHA256_192_L2_H10_W4 = 46,
-    WC_LMS_PARM_SHA256_192_L2_H10_W8 = 47,
-    WC_LMS_PARM_SHA256_192_L3_H5_W2  = 48,
-    WC_LMS_PARM_SHA256_192_L3_H5_W4  = 49,
-    WC_LMS_PARM_SHA256_192_L3_H5_W8  = 50,
-    WC_LMS_PARM_SHA256_192_L3_H10_W4 = 51,
-    WC_LMS_PARM_SHA256_192_L4_H5_W8  = 52,
-#endif
-};
-
-/* enum wc_LmsState is to help track the state of an LMS/HSS Key. */
-enum wc_LmsState {
-    WC_LMS_STATE_FREED,      /* Key has been freed from memory. */
-    WC_LMS_STATE_INITED,     /* Key has been inited, ready to set params.*/
-    WC_LMS_STATE_PARMSET,    /* Params are set, ready to MakeKey or Reload. */
-    WC_LMS_STATE_OK,         /* Able to sign signatures and verify. */
-    WC_LMS_STATE_VERIFYONLY, /* A public only LmsKey. */
-    WC_LMS_STATE_BAD,        /* Can't guarantee key's state. */
-    WC_LMS_STATE_NOSIGS      /* Signatures exhausted. */
-};
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-WOLFSSL_API int  wc_LmsKey_Init(LmsKey * key, void * heap, int devId);
-WOLFSSL_API int  wc_LmsKey_SetLmsParm(LmsKey * key, enum wc_LmsParm lmsParm);
-WOLFSSL_API int  wc_LmsKey_SetParameters(LmsKey * key, int levels,
-    int height, int winternitz);
-WOLFSSL_API int  wc_LmsKey_GetParameters(const LmsKey * key, int * levels,
-    int * height, int * winternitz);
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-WOLFSSL_API int  wc_LmsKey_SetWriteCb(LmsKey * key,
-    wc_lms_write_private_key_cb write_cb);
-WOLFSSL_API int  wc_LmsKey_SetReadCb(LmsKey * key,
-    wc_lms_read_private_key_cb read_cb);
-WOLFSSL_API int  wc_LmsKey_SetContext(LmsKey * key, void * context);
-WOLFSSL_API int  wc_LmsKey_MakeKey(LmsKey * key, WC_RNG * rng);
-WOLFSSL_API int  wc_LmsKey_Reload(LmsKey * key);
-WOLFSSL_API int  wc_LmsKey_GetPrivLen(const LmsKey * key, word32 * len);
-WOLFSSL_API int  wc_LmsKey_Sign(LmsKey * key, byte * sig, word32 * sigSz,
-    const byte * msg, int msgSz);
-WOLFSSL_API int  wc_LmsKey_SigsLeft(LmsKey * key);
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
-WOLFSSL_API void wc_LmsKey_Free(LmsKey * key);
-WOLFSSL_API int  wc_LmsKey_GetSigLen(const LmsKey * key, word32 * len);
-WOLFSSL_API int  wc_LmsKey_GetPubLen(const LmsKey * key, word32 * len);
-WOLFSSL_API int  wc_LmsKey_ExportPub(LmsKey * keyDst, const LmsKey * keySrc);
-WOLFSSL_API int  wc_LmsKey_ExportPubRaw(const LmsKey * key, byte * out,
-    word32 * outLen);
-WOLFSSL_API int  wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in,
-    word32 inLen);
-WOLFSSL_API int  wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz,
-    const byte * msg, int msgSz);
-WOLFSSL_API const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm);
-WOLFSSL_API const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsRc);
-
-WOLFSSL_API int wc_LmsKey_GetKid(LmsKey * key, const byte ** kid,
-    word32* kidSz);
-WOLFSSL_API const byte * wc_LmsKey_GetKidFromPrivRaw(const byte * priv,
-    word32 privSz);
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_HAVE_LMS */
-#endif /* WOLF_CRYPT_LMS_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/mlkem.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/mlkem.h
deleted file mode 100644
index 074cd8cd3..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/mlkem.h
+++ /dev/null
@@ -1,377 +0,0 @@
-/* mlkem.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/mlkem.h
- */
-
-#ifndef WOLF_CRYPT_MLKEM_H
-#define WOLF_CRYPT_MLKEM_H
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/random.h>
-
-#ifdef WOLFSSL_HAVE_MLKEM
-
-/* Number of co-efficients in polynomial. */
-#define MLKEM_N             256
-
-/* Define algorithm type when not excluded. */
-#ifndef WOLFSSL_NO_ML_KEM
-    #if !defined(WOLFSSL_NO_ML_KEM_512)
-        #define WOLFSSL_WC_ML_KEM_512
-    #endif
-    #if !defined(WOLFSSL_NO_ML_KEM_768)
-        #define WOLFSSL_WC_ML_KEM_768
-    #endif
-    #if !defined(WOLFSSL_NO_ML_KEM_1024)
-        #define WOLFSSL_WC_ML_KEM_1024
-    #endif
-
-    #if !defined(WOLFSSL_WC_ML_KEM_512) && !defined(WOLFSSL_WC_ML_KEM_768) && \
-        !defined(WOLFSSL_WC_ML_KEM_1024)
-        #error "No ML-KEM key size chosen."
-    #endif
-#endif
-
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifndef WOLFSSL_NO_KYBER512
-        #define WOLFSSL_KYBER512
-        #define WOLFSSL_WC_ML_KEM_512
-    #endif
-    #ifndef WOLFSSL_NO_KYBER768
-        #define WOLFSSL_KYBER768
-        #define WOLFSSL_WC_ML_KEM_768
-    #endif
-    #ifndef WOLFSSL_NO_KYBER1024
-        #define WOLFSSL_KYBER1024
-        #define WOLFSSL_WC_ML_KEM_1024
-    #endif
-
-    #if !defined(WOLFSSL_KYBER512) && !defined(WOLFSSL_KYBER768) && \
-        !defined(WOLFSSL_KYBER1024)
-        #error "No Kyber key size chosen."
-    #endif
-#endif
-
-/* Size of a polynomial vector based on dimensions. */
-#define MLKEM_POLY_VEC_SZ(k) ((k) * WC_ML_KEM_POLY_SIZE)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define MLKEM_POLY_COMPRESSED_SZ(b) ((b) * (MLKEM_N / 8))
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define MLKEM_POLY_VEC_COMPRESSED_SZ(k, b) ((k) * ((b) * (MLKEM_N / 8)))
-
-#ifdef WOLFSSL_WC_ML_KEM_512
-#define WC_ML_KEM_512_K                     2
-/* Size of a polynomial vector. */
-#define WC_ML_KEM_512_POLY_VEC_SZ           MLKEM_POLY_VEC_SZ(WC_ML_KEM_512_K)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define WC_ML_KEM_512_POLY_COMPRESSED_SZ    MLKEM_POLY_COMPRESSED_SZ(4)
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define WC_ML_KEM_512_POLY_VEC_COMPRESSED_SZ  \
-    MLKEM_POLY_VEC_COMPRESSED_SZ(WC_ML_KEM_512_K, 10)
-
-/* Public key size. */
-#define WC_ML_KEM_512_PUBLIC_KEY_SIZE  \
-    (WC_ML_KEM_512_POLY_VEC_SZ + WC_ML_KEM_SYM_SZ)
-/* Private key size. */
-#define WC_ML_KEM_512_PRIVATE_KEY_SIZE \
-    (WC_ML_KEM_512_POLY_VEC_SZ + WC_ML_KEM_512_PUBLIC_KEY_SIZE + \
-     2 * WC_ML_KEM_SYM_SZ)
-/* Cipher text size. */
-#define WC_ML_KEM_512_CIPHER_TEXT_SIZE \
-    (WC_ML_KEM_512_POLY_VEC_COMPRESSED_SZ + WC_ML_KEM_512_POLY_COMPRESSED_SZ)
-#endif
-
-#ifdef WOLFSSL_WC_ML_KEM_768
-#define WC_ML_KEM_768_K                     3
-
-/* Size of a polynomial vector. */
-#define WC_ML_KEM_768_POLY_VEC_SZ           MLKEM_POLY_VEC_SZ(WC_ML_KEM_768_K)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define WC_ML_KEM_768_POLY_COMPRESSED_SZ    MLKEM_POLY_COMPRESSED_SZ(4)
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define WC_ML_KEM_768_POLY_VEC_COMPRESSED_SZ  \
-    MLKEM_POLY_VEC_COMPRESSED_SZ(WC_ML_KEM_768_K, 10)
-
-/* Public key size. */
-#define WC_ML_KEM_768_PUBLIC_KEY_SIZE  \
-    (WC_ML_KEM_768_POLY_VEC_SZ + WC_ML_KEM_SYM_SZ)
-/* Private key size. */
-#define WC_ML_KEM_768_PRIVATE_KEY_SIZE \
-    (WC_ML_KEM_768_POLY_VEC_SZ + WC_ML_KEM_768_PUBLIC_KEY_SIZE + \
-     2 * WC_ML_KEM_SYM_SZ)
-/* Cipher text size. */
-#define WC_ML_KEM_768_CIPHER_TEXT_SIZE \
-    (WC_ML_KEM_768_POLY_VEC_COMPRESSED_SZ + WC_ML_KEM_768_POLY_COMPRESSED_SZ)
-#endif
-
-#ifdef WOLFSSL_WC_ML_KEM_1024
-#define WC_ML_KEM_1024_K                    4
-
-/* Size of a polynomial vector. */
-#define WC_ML_KEM_1024_POLY_VEC_SZ          MLKEM_POLY_VEC_SZ(WC_ML_KEM_1024_K)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define WC_ML_KEM_1024_POLY_COMPRESSED_SZ   MLKEM_POLY_COMPRESSED_SZ(5)
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define WC_ML_KEM_1024_POLY_VEC_COMPRESSED_SZ \
-    MLKEM_POLY_VEC_COMPRESSED_SZ(WC_ML_KEM_1024_K, 11)
-
-/* Public key size. */
-#define WC_ML_KEM_1024_PUBLIC_KEY_SIZE  \
-    (WC_ML_KEM_1024_POLY_VEC_SZ + WC_ML_KEM_SYM_SZ)
-/* Private key size. */
-#define WC_ML_KEM_1024_PRIVATE_KEY_SIZE \
-    (WC_ML_KEM_1024_POLY_VEC_SZ + WC_ML_KEM_1024_PUBLIC_KEY_SIZE + \
-     2 * WC_ML_KEM_SYM_SZ)
-/* Cipher text size. */
-#define WC_ML_KEM_1024_CIPHER_TEXT_SIZE \
-    (WC_ML_KEM_1024_POLY_VEC_COMPRESSED_SZ + WC_ML_KEM_1024_POLY_COMPRESSED_SZ)
-#endif
-
-#ifndef WC_ML_KEM_MAX_K
-#ifdef WOLFSSL_WC_ML_KEM_1024
-#define WC_ML_KEM_MAX_K                 WC_ML_KEM_1024_K
-#define WC_ML_KEM_MAX_PRIVATE_KEY_SIZE  WC_ML_KEM_1024_PRIVATE_KEY_SIZE
-#define WC_ML_KEM_MAX_PUBLIC_KEY_SIZE   WC_ML_KEM_1024_PUBLIC_KEY_SIZE
-#define WC_ML_KEM_MAX_CIPHER_TEXT_SIZE  WC_ML_KEM_1024_CIPHER_TEXT_SIZE
-#elif defined(WOLFSSL_WC_ML_KEM_768)
-#define WC_ML_KEM_MAX_K                 WC_ML_KEM_768_K
-#define WC_ML_KEM_MAX_PRIVATE_KEY_SIZE  WC_ML_KEM_768_PRIVATE_KEY_SIZE
-#define WC_ML_KEM_MAX_PUBLIC_KEY_SIZE   WC_ML_KEM_768_PUBLIC_KEY_SIZE
-#define WC_ML_KEM_MAX_CIPHER_TEXT_SIZE  WC_ML_KEM_768_CIPHER_TEXT_SIZE
-#elif defined(WOLFSSL_WC_ML_KEM_512)
-#define WC_ML_KEM_MAX_K                 WC_ML_KEM_512_K
-#define WC_ML_KEM_MAX_PRIVATE_KEY_SIZE  WC_ML_KEM_512_PRIVATE_KEY_SIZE
-#define WC_ML_KEM_MAX_PUBLIC_KEY_SIZE   WC_ML_KEM_512_PUBLIC_KEY_SIZE
-#define WC_ML_KEM_MAX_CIPHER_TEXT_SIZE  WC_ML_KEM_512_CIPHER_TEXT_SIZE
-#endif
-#endif /* WC_ML_KEM_MAX_K */
-
-#define KYBER_N             MLKEM_N
-
-/* Size of a polynomial vector based on dimensions. */
-#define KYBER_POLY_VEC_SZ(k) ((k) * KYBER_POLY_SIZE)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define KYBER_POLY_COMPRESSED_SZ(b) ((b) * (KYBER_N / 8))
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define KYBER_POLY_VEC_COMPRESSED_SZ(k, b) ((k) * ((b) * (KYBER_N / 8)))
-
-
-/* Kyber-512 parameters */
-/* Number of polynomials in a vector and vectors in a matrix. */
-#define KYBER512_K          2
-
-/* Size of a polynomial vector. */
-#define KYBER512_POLY_VEC_SZ             KYBER_POLY_VEC_SZ(KYBER512_K)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define KYBER512_POLY_COMPRESSED_SZ      KYBER_POLY_COMPRESSED_SZ(4)
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define KYBER512_POLY_VEC_COMPRESSED_SZ  \
-    KYBER_POLY_VEC_COMPRESSED_SZ(KYBER512_K, 10)
-
-/* Public key size. */
-#define KYBER512_PUBLIC_KEY_SIZE  \
-    (KYBER512_POLY_VEC_SZ + KYBER_SYM_SZ)
-/* Private key size. */
-#define KYBER512_PRIVATE_KEY_SIZE \
-    (KYBER512_POLY_VEC_SZ + KYBER512_PUBLIC_KEY_SIZE + 2 * KYBER_SYM_SZ)
-/* Cipher text size. */
-#define KYBER512_CIPHER_TEXT_SIZE \
-    (KYBER512_POLY_VEC_COMPRESSED_SZ + KYBER512_POLY_COMPRESSED_SZ)
-
-/* Kyber-768 parameters */
-/* Number of polynomials in a vector and vectors in a matrix. */
-#define KYBER768_K          3
-
-/* Size of a polynomial vector. */
-#define KYBER768_POLY_VEC_SZ             KYBER_POLY_VEC_SZ(KYBER768_K)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define KYBER768_POLY_COMPRESSED_SZ      KYBER_POLY_COMPRESSED_SZ(4)
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define KYBER768_POLY_VEC_COMPRESSED_SZ  \
-    KYBER_POLY_VEC_COMPRESSED_SZ(KYBER768_K, 10)
-
-/* Public key size. */
-#define KYBER768_PUBLIC_KEY_SIZE  \
-    (KYBER768_POLY_VEC_SZ + KYBER_SYM_SZ)
-/* Private key size. */
-#define KYBER768_PRIVATE_KEY_SIZE \
-    (KYBER768_POLY_VEC_SZ + KYBER768_PUBLIC_KEY_SIZE + 2 * KYBER_SYM_SZ)
-/* Cipher text size. */
-#define KYBER768_CIPHER_TEXT_SIZE \
-    (KYBER768_POLY_VEC_COMPRESSED_SZ + KYBER768_POLY_COMPRESSED_SZ)
-
-/* Kyber-1024 parameters */
-/* Number of polynomials in a vector and vectors in a matrix. */
-#define KYBER1024_K         4
-
-/* Size of a polynomial vector. */
-#define KYBER1024_POLY_VEC_SZ             KYBER_POLY_VEC_SZ(KYBER1024_K)
-/* Size of a compressed polynomial based on bits per coefficient. */
-#define KYBER1024_POLY_COMPRESSED_SZ      KYBER_POLY_COMPRESSED_SZ(5)
-/* Size of a compressed vector polynomial based on dimensions and bits per
- * coefficient. */
-#define KYBER1024_POLY_VEC_COMPRESSED_SZ \
-    KYBER_POLY_VEC_COMPRESSED_SZ(KYBER1024_K, 11)
-
-/* Public key size. */
-#define KYBER1024_PUBLIC_KEY_SIZE  \
-    (KYBER1024_POLY_VEC_SZ + KYBER_SYM_SZ)
-/* Private key size. */
-#define KYBER1024_PRIVATE_KEY_SIZE \
-    (KYBER1024_POLY_VEC_SZ + KYBER1024_PUBLIC_KEY_SIZE + 2 * KYBER_SYM_SZ)
-/* Cipher text size. */
-#define KYBER1024_CIPHER_TEXT_SIZE \
-    (KYBER1024_POLY_VEC_COMPRESSED_SZ + KYBER1024_POLY_COMPRESSED_SZ)
-
-
-/* Maximum dimensions and sizes of supported key types. */
-#ifdef WOLFSSL_KYBER1024
-#define KYBER_MAX_K                 KYBER1024_K
-#define KYBER_MAX_PRIVATE_KEY_SIZE  KYBER1024_PRIVATE_KEY_SIZE
-#define KYBER_MAX_PUBLIC_KEY_SIZE   KYBER1024_PUBLIC_KEY_SIZE
-#define KYBER_MAX_CIPHER_TEXT_SIZE  KYBER1024_CIPHER_TEXT_SIZE
-#elif defined(WOLFSSL_KYBER768)
-#define KYBER_MAX_K                 KYBER768_K
-#define KYBER_MAX_PRIVATE_KEY_SIZE  KYBER768_PRIVATE_KEY_SIZE
-#define KYBER_MAX_PUBLIC_KEY_SIZE   KYBER768_PUBLIC_KEY_SIZE
-#define KYBER_MAX_CIPHER_TEXT_SIZE  KYBER768_CIPHER_TEXT_SIZE
-#elif defined(WOLFSSL_KYBER512)
-#define KYBER_MAX_K                 KYBER512_K
-#define KYBER_MAX_PRIVATE_KEY_SIZE  KYBER512_PRIVATE_KEY_SIZE
-#define KYBER_MAX_PUBLIC_KEY_SIZE   KYBER512_PUBLIC_KEY_SIZE
-#define KYBER_MAX_CIPHER_TEXT_SIZE  KYBER512_CIPHER_TEXT_SIZE
-#endif
-
-#define KYBER_SYM_SZ            WC_ML_KEM_SYM_SZ
-#define KYBER_SS_SZ             WC_ML_KEM_SS_SZ
-#define KYBER_MAKEKEY_RAND_SZ   WC_ML_KEM_MAKEKEY_RAND_SZ
-#define KYBER_ENC_RAND_SZ       WC_ML_KEM_ENC_RAND_SZ
-#define KYBER_POLY_SIZE         WC_ML_KEM_POLY_SIZE
-
-
-enum {
-    /* Types of Kyber keys. */
-    WC_ML_KEM_512  = 0,
-    WC_ML_KEM_768  = 1,
-    WC_ML_KEM_1024 = 2,
-
-    MLKEM_KYBER = 0x10,
-    KYBER512  = 0 | MLKEM_KYBER,
-    KYBER768  = 1 | MLKEM_KYBER,
-    KYBER1024 = 2 | MLKEM_KYBER,
-
-    KYBER_LEVEL1 = KYBER512,
-    KYBER_LEVEL3 = KYBER768,
-    KYBER_LEVEL5 = KYBER1024,
-
-    /* Symmetric data size. */
-    WC_ML_KEM_SYM_SZ            = 32,
-    /* Shared secret size. */
-    WC_ML_KEM_SS_SZ             = 32,
-    /* Size of random required for making a key. */
-    WC_ML_KEM_MAKEKEY_RAND_SZ   = 2 * WC_ML_KEM_SYM_SZ,
-    /* Size of random required for encapsulation. */
-    WC_ML_KEM_ENC_RAND_SZ       = WC_ML_KEM_SYM_SZ,
-
-    /* Encoded polynomial size. */
-    WC_ML_KEM_POLY_SIZE         = 384,
-};
-
-
-/* Different structures for different implementations. */
-typedef struct MlKemKey MlKemKey;
-
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_API MlKemKey* wc_MlKemKey_New(int type, void* heap, int devId);
-WOLFSSL_API int  wc_MlKemKey_Delete(MlKemKey* key, MlKemKey** key_p);
-
-WOLFSSL_API int wc_MlKemKey_Init(MlKemKey* key, int type, void* heap,
-    int devId);
-WOLFSSL_API int wc_MlKemKey_Free(MlKemKey* key);
-
-WOLFSSL_API int wc_MlKemKey_MakeKey(MlKemKey* key, WC_RNG* rng);
-WOLFSSL_API int wc_MlKemKey_MakeKeyWithRandom(MlKemKey* key,
-    const unsigned char* rand, int len);
-
-WOLFSSL_API int wc_MlKemKey_CipherTextSize(MlKemKey* key, word32* len);
-WOLFSSL_API int wc_MlKemKey_SharedSecretSize(MlKemKey* key, word32* len);
-
-WOLFSSL_API int wc_MlKemKey_Encapsulate(MlKemKey* key, unsigned char* ct,
-    unsigned char* ss, WC_RNG* rng);
-WOLFSSL_API int wc_MlKemKey_EncapsulateWithRandom(MlKemKey* key,
-    unsigned char* ct, unsigned char* ss, const unsigned char* rand, int len);
-WOLFSSL_API int wc_MlKemKey_Decapsulate(MlKemKey* key, unsigned char* ss,
-    const unsigned char* ct, word32 len);
-
-WOLFSSL_API int wc_MlKemKey_DecodePrivateKey(MlKemKey* key,
-    const unsigned char* in, word32 len);
-WOLFSSL_API int wc_MlKemKey_DecodePublicKey(MlKemKey* key,
-    const unsigned char* in, word32 len);
-
-WOLFSSL_API int wc_MlKemKey_PrivateKeySize(MlKemKey* key, word32* len);
-WOLFSSL_API int wc_MlKemKey_PublicKeySize(MlKemKey* key, word32* len);
-WOLFSSL_API int wc_MlKemKey_EncodePrivateKey(MlKemKey* key, unsigned char* out,
-    word32 len);
-WOLFSSL_API int wc_MlKemKey_EncodePublicKey(MlKemKey* key, unsigned char* out,
-    word32 len);
-
-
-#define KyberKey            MlKemKey
-
-#define wc_KyberKey_Init(type, key, heap, devId) \
-        wc_MlKemKey_Init(key, type, heap, devId)
-#define wc_KyberKey_Free                    wc_MlKemKey_Free
-#define wc_KyberKey_MakeKey                 wc_MlKemKey_MakeKey
-#define wc_KyberKey_MakeKeyWithRandom       wc_MlKemKey_MakeKeyWithRandom
-#define wc_KyberKey_CipherTextSize          wc_MlKemKey_CipherTextSize
-#define wc_KyberKey_SharedSecretSize        wc_MlKemKey_SharedSecretSize
-#define wc_KyberKey_Encapsulate             wc_MlKemKey_Encapsulate
-#define wc_KyberKey_EncapsulateWithRandom   wc_MlKemKey_EncapsulateWithRandom
-#define wc_KyberKey_Decapsulate             wc_MlKemKey_Decapsulate
-#define wc_KyberKey_DecodePrivateKey        wc_MlKemKey_DecodePrivateKey
-#define wc_KyberKey_DecodePublicKey         wc_MlKemKey_DecodePublicKey
-#define wc_KyberKey_PrivateKeySize          wc_MlKemKey_PrivateKeySize
-#define wc_KyberKey_PublicKeySize           wc_MlKemKey_PublicKeySize
-#define wc_KyberKey_EncodePrivateKey        wc_MlKemKey_EncodePrivateKey
-#define wc_KyberKey_EncodePublicKey         wc_MlKemKey_EncodePublicKey
-
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_HAVE_MLKEM */
-
-#endif /* WOLF_CRYPT_MLKEM_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_class.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_class.h
deleted file mode 100644
index c540aaacf..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_class.h
+++ /dev/null
@@ -1,1021 +0,0 @@
-/* mpi_class.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#if !(defined(LTM1) && defined(LTM2) && defined(LTM3))
-#if defined(LTM2)
-#define LTM3
-#endif
-#if defined(LTM1)
-#define LTM2
-#endif
-#define LTM1
-
-#if defined(LTM_ALL)
-#define BN_ERROR_C
-#define BN_FAST_MP_INVMOD_C
-#define BN_FAST_MP_MONTGOMERY_REDUCE_C
-#define BN_FAST_S_MP_MUL_DIGS_C
-#define BN_FAST_S_MP_MUL_HIGH_DIGS_C
-#define BN_FAST_S_MP_SQR_C
-#define BN_MP_2EXPT_C
-#define BN_MP_ABS_C
-#define BN_MP_ADD_C
-#define BN_MP_ADD_D_C
-#define BN_MP_ADDMOD_C
-#define BN_MP_AND_C
-#define BN_MP_CLAMP_C
-#define BN_MP_CLEAR_C
-#define BN_MP_CLEAR_MULTI_C
-#define BN_MP_CMP_C
-#define BN_MP_CMP_D_C
-#define BN_MP_CMP_MAG_C
-#define BN_MP_CNT_LSB_C
-#define BN_MP_COPY_C
-#define BN_MP_COUNT_BITS_C
-#define BN_MP_DIV_C
-#define BN_MP_DIV_2_C
-#define BN_MP_DIV_2D_C
-#define BN_MP_DIV_3_C
-#define BN_MP_DIV_D_C
-#define BN_MP_DR_IS_MODULUS_C
-#define BN_MP_DR_REDUCE_C
-#define BN_MP_DR_SETUP_C
-#define BN_MP_EXCH_C
-#define BN_MP_EXPT_D_C
-#define BN_MP_EXPTMOD_BASE_2
-#define BN_MP_EXPTMOD_C
-#define BN_MP_EXPTMOD_FAST_C
-#define BN_MP_EXTEUCLID_C
-#define BN_MP_FREAD_C
-#define BN_MP_FWRITE_C
-#define BN_MP_GCD_C
-#define BN_MP_GET_INT_C
-#define BN_MP_GROW_C
-#define BN_MP_INIT_C
-#define BN_MP_INIT_COPY_C
-#define BN_MP_INIT_MULTI_C
-#define BN_MP_INIT_SET_C
-#define BN_MP_INIT_SET_INT_C
-#define BN_MP_INIT_SIZE_C
-#define BN_MP_INVMOD_C
-#define BN_MP_INVMOD_SLOW_C
-#define BN_MP_IS_SQUARE_C
-#define BN_MP_JACOBI_C
-#define BN_MP_KARATSUBA_MUL_C
-#define BN_MP_KARATSUBA_SQR_C
-#define BN_MP_LCM_C
-#define BN_MP_LSHD_C
-#define BN_MP_MOD_C
-#define BN_MP_MOD_2D_C
-#define BN_MP_MOD_D_C
-#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
-#define BN_MP_MONTGOMERY_REDUCE_C
-#define BN_MP_MONTGOMERY_SETUP_C
-#define BN_MP_MUL_C
-#define BN_MP_MUL_2_C
-#define BN_MP_MUL_2D_C
-#define BN_MP_MUL_D_C
-#define BN_MP_MULMOD_C
-#define BN_MP_N_ROOT_C
-#define BN_MP_NEG_C
-#define BN_MP_OR_C
-#define BN_MP_PRIME_FERMAT_C
-#define BN_MP_PRIME_IS_DIVISIBLE_C
-#define BN_MP_PRIME_IS_PRIME_C
-#define BN_MP_PRIME_MILLER_RABIN_C
-#define BN_MP_PRIME_NEXT_PRIME_C
-#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
-#define BN_MP_PRIME_RANDOM_EX_C
-#define BN_MP_RADIX_SIZE_C
-#define BN_MP_RADIX_SMAP_C
-#define BN_MP_RAND_C
-#define BN_MP_READ_RADIX_C
-#define BN_MP_READ_SIGNED_BIN_C
-#define BN_MP_READ_UNSIGNED_BIN_C
-#define BN_MP_REDUCE_C
-#define BN_MP_REDUCE_2K_C
-#define BN_MP_REDUCE_2K_L_C
-#define BN_MP_REDUCE_2K_SETUP_C
-#define BN_MP_REDUCE_2K_SETUP_L_C
-#define BN_MP_REDUCE_IS_2K_C
-#define BN_MP_REDUCE_IS_2K_L_C
-#define BN_MP_REDUCE_SETUP_C
-#define BN_MP_RSHD_C
-#define BN_MP_SET_C
-#define BN_MP_SET_INT_C
-#define BN_MP_SHRINK_C
-#define BN_MP_SIGNED_BIN_SIZE_C
-#define BN_MP_SQR_C
-#define BN_MP_SQRMOD_C
-#define BN_MP_SQRT_C
-#define BN_MP_SUB_C
-#define BN_MP_SUB_D_C
-#define BN_MP_SUBMOD_C
-#define BN_MP_TO_SIGNED_BIN_C
-#define BN_MP_TO_SIGNED_BIN_N_C
-#define BN_MP_TO_UNSIGNED_BIN_C
-#define BN_MP_TO_UNSIGNED_BIN_N_C
-#define BN_MP_TOOM_MUL_C
-#define BN_MP_TOOM_SQR_C
-#define BN_MP_TORADIX_C
-#define BN_MP_TORADIX_N_C
-#define BN_MP_UNSIGNED_BIN_SIZE_C
-#define BN_MP_XOR_C
-#define BN_MP_ZERO_C
-#define BN_PRIME_TAB_C
-#define BN_REVERSE_C
-#define BN_S_MP_ADD_C
-#define BN_S_MP_EXPTMOD_C
-#define BN_S_MP_MUL_DIGS_C
-#define BN_S_MP_MUL_HIGH_DIGS_C
-#define BN_S_MP_SQR_C
-#define BN_S_MP_SUB_C
-#define BNCORE_C
-#endif
-
-#if defined(BN_ERROR_C)
-   #define BN_MP_ERROR_TO_STRING_C
-#endif
-
-#if defined(BN_FAST_MP_INVMOD_C)
-   #define BN_MP_ISEVEN_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_COPY_C
-   #define BN_MP_MOD_C
-   #define BN_MP_SET_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_ISODD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CMP_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_CMP_D_C
-   #define BN_MP_ADD_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_FAST_S_MP_MUL_DIGS_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_FAST_S_MP_SQR_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_2EXPT_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_GROW_C
-#endif
-
-#if defined(BN_MP_ABS_C)
-   #define BN_MP_COPY_C
-#endif
-
-#if defined(BN_MP_ADD_C)
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_ADD_D_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_ADDMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_ADD_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_AND_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_CLAMP_C)
-#endif
-
-#if defined(BN_MP_CLEAR_C)
-#endif
-
-#if defined(BN_MP_CLEAR_MULTI_C)
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_CMP_C)
-   #define BN_MP_CMP_MAG_C
-#endif
-
-#if defined(BN_MP_CMP_D_C)
-#endif
-
-#if defined(BN_MP_CMP_MAG_C)
-#endif
-
-#if defined(BN_MP_CNT_LSB_C)
-   #define BN_MP_ISZERO_C
-#endif
-
-#if defined(BN_MP_COPY_C)
-   #define BN_MP_GROW_C
-#endif
-
-#if defined(BN_MP_COUNT_BITS_C)
-#endif
-
-#if defined(BN_MP_DIV_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_COPY_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_SET_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_ABS_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CMP_C
-   #define BN_MP_SUB_C
-   #define BN_MP_ADD_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_INIT_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_DIV_2_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_DIV_2D_C)
-   #define BN_MP_COPY_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_C
-   #define BN_MP_MOD_2D_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_MP_DIV_3_C)
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_DIV_D_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_COPY_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_DIV_3_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_DR_IS_MODULUS_C)
-#endif
-
-#if defined(BN_MP_DR_REDUCE_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_DR_SETUP_C)
-#endif
-
-#if defined(BN_MP_EXCH_C)
-#endif
-
-#if defined(BN_MP_EXPT_D_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_SET_C
-   #define BN_MP_SQR_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MUL_C
-#endif
-
-#if defined(BN_MP_EXPTMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_INVMOD_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_ABS_C
-   #define BN_MP_CLEAR_MULTI_C
-   #define BN_MP_REDUCE_IS_2K_L_C
-   #define BN_S_MP_EXPTMOD_C
-   #define BN_MP_DR_IS_MODULUS_C
-   #define BN_MP_REDUCE_IS_2K_C
-   #define BN_MP_ISODD_C
-   #define BN_MP_EXPTMOD_FAST_C
-   #define BN_MP_EXPTMOD_BASE_2
-#endif
-
-#if defined(BN_MP_EXPTMOD_FAST_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_INIT_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MONTGOMERY_SETUP_C
-   #define BN_FAST_MP_MONTGOMERY_REDUCE_C
-   #define BN_MP_MONTGOMERY_REDUCE_C
-   #define BN_MP_DR_SETUP_C
-   #define BN_MP_DR_REDUCE_C
-   #define BN_MP_REDUCE_2K_SETUP_C
-   #define BN_MP_REDUCE_2K_C
-   #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
-   #define BN_MP_MULMOD_C
-   #define BN_MP_SET_C
-   #define BN_MP_MOD_C
-   #define BN_MP_COPY_C
-   #define BN_MP_SQR_C
-   #define BN_MP_MUL_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_MP_EXTEUCLID_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_SET_C
-   #define BN_MP_COPY_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_DIV_C
-   #define BN_MP_MUL_C
-   #define BN_MP_SUB_C
-   #define BN_MP_NEG_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_FREAD_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_S_RMAP_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_CMP_D_C
-#endif
-
-#if defined(BN_MP_FWRITE_C)
-   #define BN_MP_RADIX_SIZE_C
-   #define BN_MP_TORADIX_C
-#endif
-
-#if defined(BN_MP_GCD_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_ABS_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CNT_LSB_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_EXCH_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_GET_INT_C)
-#endif
-
-#if defined(BN_MP_GROW_C)
-#endif
-
-#if defined(BN_MP_INIT_C)
-#endif
-
-#if defined(BN_MP_INIT_COPY_C)
-   #define BN_MP_COPY_C
-#endif
-
-#if defined(BN_MP_INIT_MULTI_C)
-   #define BN_MP_ERR_C
-   #define BN_MP_INIT_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_INIT_SET_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_C
-#endif
-
-#if defined(BN_MP_INIT_SET_INT_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_INT_C
-#endif
-
-#if defined(BN_MP_INIT_SIZE_C)
-   #define BN_MP_INIT_C
-#endif
-
-#if defined(BN_MP_INVMOD_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_ISODD_C
-   #define BN_FAST_MP_INVMOD_C
-   #define BN_MP_INVMOD_SLOW_C
-#endif
-
-#if defined(BN_MP_INVMOD_SLOW_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_MOD_C
-   #define BN_MP_COPY_C
-   #define BN_MP_ISEVEN_C
-   #define BN_MP_SET_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_ISODD_C
-   #define BN_MP_ADD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CMP_C
-   #define BN_MP_CMP_D_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_IS_SQUARE_C)
-   #define BN_MP_MOD_D_C
-   #define BN_MP_INIT_SET_INT_C
-   #define BN_MP_MOD_C
-   #define BN_MP_GET_INT_C
-   #define BN_MP_SQRT_C
-   #define BN_MP_SQR_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_JACOBI_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CNT_LSB_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_MOD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_KARATSUBA_MUL_C)
-   #define BN_MP_MUL_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_SUB_C
-   #define BN_MP_ADD_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_KARATSUBA_SQR_C)
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_SQR_C
-   #define BN_MP_SUB_C
-   #define BN_S_MP_ADD_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_ADD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_LCM_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_GCD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_DIV_C
-   #define BN_MP_MUL_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_LSHD_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_RSHD_C
-#endif
-
-#if defined(BN_MP_MOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_DIV_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_ADD_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_MP_MOD_2D_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_COPY_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_MOD_D_C)
-   #define BN_MP_DIV_D_C
-#endif
-
-#if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_2EXPT_C
-   #define BN_MP_SET_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_MONTGOMERY_REDUCE_C)
-   #define BN_FAST_MP_MONTGOMERY_REDUCE_C
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_MONTGOMERY_SETUP_C)
-#endif
-
-#if defined(BN_MP_MUL_C)
-   #define BN_MP_TOOM_MUL_C
-   #define BN_MP_KARATSUBA_MUL_C
-   #define BN_FAST_S_MP_MUL_DIGS_C
-   #define BN_S_MP_MUL_C
-   #define BN_S_MP_MUL_DIGS_C
-#endif
-
-#if defined(BN_MP_MUL_2_C)
-   #define BN_MP_GROW_C
-#endif
-
-#if defined(BN_MP_MUL_2D_C)
-   #define BN_MP_COPY_C
-   #define BN_MP_GROW_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_MUL_D_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_MULMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_MUL_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_N_ROOT_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_C
-   #define BN_MP_COPY_C
-   #define BN_MP_EXPT_D_C
-   #define BN_MP_MUL_C
-   #define BN_MP_SUB_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_DIV_C
-   #define BN_MP_CMP_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_NEG_C)
-   #define BN_MP_COPY_C
-   #define BN_MP_ISZERO_C
-#endif
-
-#if defined(BN_MP_OR_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_FERMAT_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_INIT_C
-   #define BN_MP_EXPTMOD_C
-   #define BN_MP_CMP_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_IS_DIVISIBLE_C)
-   #define BN_MP_MOD_D_C
-#endif
-
-#if defined(BN_MP_PRIME_IS_PRIME_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_PRIME_IS_DIVISIBLE_C
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_C
-   #define BN_MP_PRIME_MILLER_RABIN_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_MILLER_RABIN_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_CNT_LSB_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_EXPTMOD_C
-   #define BN_MP_CMP_C
-   #define BN_MP_SQRMOD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_NEXT_PRIME_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_SET_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_ISEVEN_C
-   #define BN_MP_MOD_D_C
-   #define BN_MP_INIT_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_PRIME_MILLER_RABIN_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C)
-#endif
-
-#if defined(BN_MP_PRIME_RANDOM_EX_C)
-   #define BN_MP_READ_UNSIGNED_BIN_C
-   #define BN_MP_PRIME_IS_PRIME_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_ADD_D_C
-#endif
-
-#if defined(BN_MP_RADIX_SIZE_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_DIV_D_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_RADIX_SMAP_C)
-   #define BN_MP_S_RMAP_C
-#endif
-
-#if defined(BN_MP_RAND_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_LSHD_C
-#endif
-
-#if defined(BN_MP_READ_RADIX_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_S_RMAP_C
-   #define BN_MP_RADIX_SMAP_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_ISZERO_C
-#endif
-
-#if defined(BN_MP_READ_SIGNED_BIN_C)
-   #define BN_MP_READ_UNSIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_READ_UNSIGNED_BIN_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_REDUCE_C)
-   #define BN_MP_REDUCE_SETUP_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_MUL_C
-   #define BN_S_MP_MUL_HIGH_DIGS_C
-   #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
-   #define BN_MP_MOD_2D_C
-   #define BN_S_MP_MUL_DIGS_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CMP_D_C
-   #define BN_MP_SET_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_ADD_C
-   #define BN_MP_CMP_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_MUL_D_C
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_L_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_MUL_C
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_SETUP_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_2EXPT_C
-   #define BN_MP_CLEAR_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_SETUP_L_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_2EXPT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_IS_2K_C)
-   #define BN_MP_REDUCE_2K_C
-   #define BN_MP_COUNT_BITS_C
-#endif
-
-#if defined(BN_MP_REDUCE_IS_2K_L_C)
-#endif
-
-#if defined(BN_MP_REDUCE_SETUP_C)
-   #define BN_MP_2EXPT_C
-   #define BN_MP_DIV_C
-#endif
-
-#if defined(BN_MP_RSHD_C)
-   #define BN_MP_ZERO_C
-#endif
-
-#if defined(BN_MP_SET_C)
-   #define BN_MP_ZERO_C
-#endif
-
-#if defined(BN_MP_SET_INT_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_SHRINK_C)
-#endif
-
-#if defined(BN_MP_SIGNED_BIN_SIZE_C)
-   #define BN_MP_UNSIGNED_BIN_SIZE_C
-#endif
-
-#if defined(BN_MP_SQR_C)
-   #define BN_MP_TOOM_SQR_C
-   #define BN_MP_KARATSUBA_SQR_C
-   #define BN_FAST_S_MP_SQR_C
-   #define BN_S_MP_SQR_C
-#endif
-
-#if defined(BN_MP_SQRMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SQR_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_SQRT_C)
-   #define BN_MP_N_ROOT_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_DIV_C
-   #define BN_MP_ADD_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_SUB_C)
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_SUB_D_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_SUBMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_TO_SIGNED_BIN_C)
-   #define BN_MP_TO_UNSIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_TO_SIGNED_BIN_N_C)
-   #define BN_MP_SIGNED_BIN_SIZE_C
-   #define BN_MP_TO_SIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_TO_UNSIGNED_BIN_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_TO_UNSIGNED_BIN_N_C)
-   #define BN_MP_UNSIGNED_BIN_SIZE_C
-   #define BN_MP_TO_UNSIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_TOOM_MUL_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_MOD_2D_C
-   #define BN_MP_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_MUL_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_ADD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_DIV_3_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_TOOM_SQR_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_MOD_2D_C
-   #define BN_MP_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_SQR_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_ADD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_DIV_3_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_TORADIX_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_DIV_D_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_S_RMAP_C
-#endif
-
-#if defined(BN_MP_TORADIX_N_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_DIV_D_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_S_RMAP_C
-#endif
-
-#if defined(BN_MP_UNSIGNED_BIN_SIZE_C)
-   #define BN_MP_COUNT_BITS_C
-#endif
-
-#if defined(BN_MP_XOR_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_ZERO_C)
-#endif
-
-#if defined(BN_PRIME_TAB_C)
-#endif
-
-#if defined(BN_REVERSE_C)
-#endif
-
-#if defined(BN_S_MP_ADD_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_S_MP_EXPTMOD_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_INIT_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_REDUCE_SETUP_C
-   #define BN_MP_REDUCE_C
-   #define BN_MP_REDUCE_2K_SETUP_L_C
-   #define BN_MP_REDUCE_2K_L_C
-   #define BN_MP_MOD_C
-   #define BN_MP_COPY_C
-   #define BN_MP_SQR_C
-   #define BN_MP_MUL_C
-   #define BN_MP_SET_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_S_MP_MUL_DIGS_C)
-   #define BN_FAST_S_MP_MUL_DIGS_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_S_MP_MUL_HIGH_DIGS_C)
-   #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_S_MP_SQR_C)
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_S_MP_SUB_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BNCORE_C)
-#endif
-
-#ifdef LTM3
-#define LTM_LAST
-#endif
-#include "mpi_superclass.h"
-#include "mpi_class.h"
-#else
-#define LTM_LAST
-#endif
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_superclass.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_superclass.h
deleted file mode 100644
index a9f2f9a73..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/mpi_superclass.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/* mpi_superclass.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/* super class file for PK algos */
-
-/* default ... include all MPI */
-#define LTM_ALL
-
-/* RSA only (does not support DH/DSA/ECC) */
-/* #define SC_RSA_1 */
-
-/* For reference.... On an Athlon64 optimizing for speed...
-
-   LTM's mpi.o with all functions [striped] is 142KiB in size.
-
-*/
-
-/* Works for RSA only, mpi.o is 68KiB */
-#ifdef SC_RSA_1
-   #define BN_MP_SHRINK_C
-   #define BN_MP_LCM_C
-   #define BN_MP_PRIME_RANDOM_EX_C
-   #define BN_MP_INVMOD_C
-   #define BN_MP_GCD_C
-   #define BN_MP_MOD_C
-   #define BN_MP_MULMOD_C
-   #define BN_MP_ADDMOD_C
-   #define BN_MP_EXPTMOD_C
-   #define BN_MP_SET_INT_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_CLEAR_MULTI_C
-   #define BN_MP_UNSIGNED_BIN_SIZE_C
-   #define BN_MP_TO_UNSIGNED_BIN_C
-   #define BN_MP_MOD_D_C
-   #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
-   #define BN_REVERSE_C
-   #define BN_PRIME_TAB_C
-
-   /* other modifiers */
-   #define BN_MP_DIV_SMALL                    /* Slower division, not critical */
-
-   /* here we are on the last pass so we turn things off.  The functions classes are still there
-    * but we remove them specifically from the build.  This also invokes tweaks in functions
-    * like removing support for even moduli, etc...
-    */
-#ifdef LTM_LAST
-   #undef  BN_MP_TOOM_MUL_C
-   #undef  BN_MP_TOOM_SQR_C
-   #undef  BN_MP_KARATSUBA_MUL_C
-   #undef  BN_MP_KARATSUBA_SQR_C
-   #undef  BN_MP_REDUCE_C
-   #undef  BN_MP_REDUCE_SETUP_C
-   #undef  BN_MP_DR_IS_MODULUS_C
-   #undef  BN_MP_DR_SETUP_C
-   #undef  BN_MP_DR_REDUCE_C
-   #undef  BN_MP_REDUCE_IS_2K_C
-   #undef  BN_MP_REDUCE_2K_SETUP_C
-   #undef  BN_MP_REDUCE_2K_C
-   #undef  BN_S_MP_EXPTMOD_C
-   #undef  BN_MP_DIV_3_C
-   #undef  BN_S_MP_MUL_HIGH_DIGS_C
-   #undef  BN_FAST_S_MP_MUL_HIGH_DIGS_C
-   #undef  BN_FAST_MP_INVMOD_C
-
-   /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold
-    * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines]
-    * which means roughly speaking you can handle up to 2536-bit RSA keys with these defined without
-    * trouble.
-    */
-   #undef  BN_S_MP_MUL_DIGS_C
-   #undef  BN_S_MP_SQR_C
-   #undef  BN_MP_MONTGOMERY_REDUCE_C
-#endif
-
-#endif
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/pkcs11.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/pkcs11.h
deleted file mode 100644
index 2413e724e..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/pkcs11.h
+++ /dev/null
@@ -1,585 +0,0 @@
-/* pkcs11.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef _PKCS11_H_
-#define _PKCS11_H_
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef NULL_PTR
-#define NULL_PTR        0
-#endif
-#define CK_TRUE         1
-#define CK_FALSE        0
-
-
-#define CK_INVALID_HANDLE                     0UL
-
-#define CKN_SURRENDER                         0UL
-
-#define CKF_TOKEN_PRESENT                     0x00000001UL
-#define CKF_REMOVABLE_DEVICE                  0x00000002UL
-#define CKF_HW_SLOT                           0x00000004UL
-
-#define CKF_HW                                0x00000001UL
-#define CKF_ENCRYPT                           0x00000100UL
-#define CKF_DECRYPT                           0x00000200UL
-#define CKF_DIGEST                            0x00000400UL
-#define CKF_SIGN                              0x00000800UL
-#define CKF_SIGN_RECOVER                      0x00001000UL
-#define CKF_VERIFY                            0x00002000UL
-#define CKF_VERIFY_RECOVER                    0x00004000UL
-#define CKF_GENERATE                          0x00008000UL
-#define CKF_GENERATE_KEY_PAIR                 0x00010000UL
-#define CKF_WRAP                              0x00020000UL
-#define CKF_UNWRAP                            0x00040000UL
-#define CKF_DERIVE                            0x00080000UL
-#define CKF_EC_F_P                            0x00100000UL
-#define CKF_EC_F_2M                           0x00200000UL
-#define CKF_EC_ECPARAMETERS                   0x00400000UL
-#define CKF_EC_NAMEDCURVE                     0x00800000UL
-#define CKF_EC_UNCOMPRESS                     0x01000000UL
-#define CKF_EC_COMPRESS                       0x02000000UL
-
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS    0x00000001UL
-#define CKF_OS_LOCKING_OK                     0x00000002UL
-
-#define CKU_SO                                0UL
-#define CKU_USER                              1UL
-#define CKU_CONTEXT_SPECIFIC                  2UL
-
-#define CKF_RW_SESSION                        0x00000002UL
-#define CKF_SERIAL_SESSION                    0x00000004UL
-
-#define CKO_CERTIFICATE                       0x00000001UL
-#define CKO_PUBLIC_KEY                        0x00000002UL
-#define CKO_PRIVATE_KEY                       0x00000003UL
-#define CKO_SECRET_KEY                        0x00000004UL
-
-
-#define CKK_RSA                               0x00000000UL
-#define CKK_DH                                0x00000002UL
-#define CKK_EC                                0x00000003UL
-#define CKK_GENERIC_SECRET                    0x00000010UL
-#define CKK_AES                               0x0000001FUL
-#define CKK_MD5_HMAC                          0x00000027UL
-#define CKK_SHA_1_HMAC                        0x00000028UL
-#define CKK_SHA256_HMAC                       0x0000002bUL
-#define CKK_SHA384_HMAC                       0x0000002cUL
-#define CKK_SHA512_HMAC                       0x0000002dUL
-#define CKK_SHA224_HMAC                       0x0000002eUL
-
-#define CKA_CLASS                             0x00000000UL
-#define CKA_TOKEN                             0x00000001UL
-#define CKA_PRIVATE                           0x00000002UL
-#define CKA_LABEL                             0x00000003UL
-#define CKA_VALUE                             0x00000011UL
-#define CKA_OBJECT_ID                         0x00000012UL
-#define CKA_OWNER                             0x00000084UL
-#define CKA_TRUSTED                           0x00000086UL
-#define CKA_KEY_TYPE                          0x00000100UL
-#define CKA_ID                                0x00000102UL
-#define CKA_SENSITIVE                         0x00000103UL
-#define CKA_ENCRYPT                           0x00000104UL
-#define CKA_DECRYPT                           0x00000105UL
-#define CKA_WRAP                              0x00000106UL
-#define CKA_UNWRAP                            0x00000107UL
-#define CKA_SIGN                              0x00000108UL
-#define CKA_SIGN_RECOVER                      0x00000109UL
-#define CKA_VERIFY                            0x0000010AUL
-#define CKA_VERIFY_RECOVER                    0x0000010BUL
-#define CKA_DERIVE                            0x0000010CUL
-#define CKA_MODULUS                           0x00000120UL
-#define CKA_MODULUS_BITS                      0x00000121UL
-#define CKA_PUBLIC_EXPONENT                   0x00000122UL
-#define CKA_PRIVATE_EXPONENT                  0x00000123UL
-#define CKA_PRIME_1                           0x00000124UL
-#define CKA_PRIME_2                           0x00000125UL
-#define CKA_EXPONENT_1                        0x00000126UL
-#define CKA_EXPONENT_2                        0x00000127UL
-#define CKA_COEFFICIENT                       0x00000128UL
-#define CKA_PUBLIC_KEY_INFO                   0x00000129UL
-#define CKA_PRIME                             0x00000130UL
-#define CKA_BASE                              0x00000132UL
-#define CKA_PRIME_BITS                        0x00000133UL
-#define CKA_VALUE_BITS                        0x00000160UL
-#define CKA_VALUE_LEN                         0x00000161UL
-#define CKA_EXTRACTABLE                       0x00000162UL
-#define CKA_LOCAL                             0x00000163UL
-#define CKA_NEVER_EXTRACTABLE                 0x00000164UL
-#define CKA_ALWAYS_SENSITIVE                  0x00000165UL
-#define CKA_KEY_GEN_MECHANISM                 0x00000166UL
-#define CKA_MODIFIABLE                        0x00000170UL
-#define CKA_COPYABLE                          0x00000171UL
-#define CKA_DESTROYABLE                       0x00000172UL
-#define CKA_EC_PARAMS                         0x00000180UL
-#define CKA_EC_POINT                          0x00000181UL
-#define CKA_ALWAYS_AUTHENTICATE               0x00000202UL
-#define CKA_HW_FEATURE_TYPE                   0x00000300UL
-#define CKA_RESET_ON_INIT                     0x00000301UL
-#define CKA_HAS_RESET                         0x00000302UL
-
-#define CKM_RSA_PKCS_KEY_PAIR_GEN             0x00000000UL
-#define CKM_RSA_PKCS                          0x00000001UL
-#define CKM_RSA_X_509                         0x00000003UL
-#define CKM_RSA_PKCS_OAEP                     0x00000009UL
-#define CKM_RSA_PKCS_PSS                      0x0000000DUL
-#define CKM_DH_PKCS_KEY_PAIR_GEN              0x00000020UL
-#define CKM_DH_PKCS_DERIVE                    0x00000021UL
-#define CKM_MD5_HMAC                          0x00000211UL
-#define CKM_SHA_1                             0x00000220UL
-#define CKM_SHA_1_HMAC                        0x00000221UL
-#define CKM_SHA256                            0x00000250UL
-#define CKM_SHA256_HMAC                       0x00000251UL
-#define CKM_SHA224                            0x00000255UL
-#define CKM_SHA224_HMAC                       0x00000256UL
-#define CKM_SHA384                            0x00000260UL
-#define CKM_SHA384_HMAC                       0x00000261UL
-#define CKM_SHA512                            0x00000270UL
-#define CKM_SHA512_HMAC                       0x00000271UL
-#define CKM_GENERIC_SECRET_KEY_GEN            0x00000350UL
-#define CKM_EC_KEY_PAIR_GEN                   0x00001040UL
-#define CKM_ECDSA                             0x00001041UL
-#define CKM_ECDH1_DERIVE                      0x00001050UL
-#define CKM_ECDH1_COFACTOR_DERIVE             0x00001051UL
-#define CKM_AES_KEY_GEN                       0x00001080UL
-#define CKM_AES_CBC                           0x00001082UL
-#define CKM_AES_CTR                           0x00001086UL
-#define CKM_AES_GCM                           0x00001087UL
-
-/* full data RSA PK callbacks */
-#define CKM_SHA1_RSA_PKCS_PSS                 0x0000000EUL
-#define CKM_SHA256_RSA_PKCS_PSS               0x00000043UL
-#define CKM_SHA384_RSA_PKCS_PSS               0x00000044UL
-#define CKM_SHA512_RSA_PKCS_PSS               0x00000045UL
-#define CKM_SHA224_RSA_PKCS_PSS               0x00000047UL
-
-#define CKG_MGF1_SHA1 0x00000001UL
-#define CKG_MGF1_SHA224 0x00000005UL
-#define CKG_MGF1_SHA256 0x00000002UL
-#define CKG_MGF1_SHA384 0x00000003UL
-#define CKG_MGF1_SHA512 0x00000004UL
-
-
-#define CKR_OK                                0x00000000UL
-#define CKR_MECHANISM_INVALID                 0x00000070UL
-#define CKR_SIGNATURE_INVALID                 0x000000C0UL
-
-#define CKD_NULL                              0x00000001UL
-#define CKZ_DATA_SPECIFIED                    0x00000001UL
-
-typedef unsigned char     CK_BYTE;
-typedef CK_BYTE           CK_CHAR;
-typedef CK_BYTE           CK_UTF8CHAR;
-typedef CK_BYTE           CK_BBOOL;
-typedef unsigned long int CK_ULONG;
-typedef long int          CK_LONG;
-typedef CK_ULONG          CK_FLAGS;
-typedef CK_BYTE*          CK_BYTE_PTR;
-typedef CK_CHAR*          CK_CHAR_PTR;
-typedef CK_UTF8CHAR*      CK_UTF8CHAR_PTR;
-typedef CK_ULONG*         CK_ULONG_PTR;
-typedef void*             CK_VOID_PTR;
-typedef CK_VOID_PTR*      CK_VOID_PTR_PTR;
-
-
-typedef CK_ULONG          CK_RV;
-
-
-typedef struct CK_VERSION {
-    CK_BYTE major;
-    CK_BYTE minor;
-} CK_VERSION;
-typedef CK_VERSION* CK_VERSION_PTR;
-
-
-/* Info Types */
-typedef struct CK_INFO {
-    CK_VERSION  cryptokiVersion;
-    CK_UTF8CHAR manufacturerID[32];
-    CK_FLAGS    flags;
-    CK_UTF8CHAR libraryDescription[32];
-    CK_VERSION  libraryVersion;
-} CK_INFO;
-typedef CK_INFO* CK_INFO_PTR;
-
-
-/* Slot Types */
-typedef CK_ULONG    CK_SLOT_ID;
-typedef CK_SLOT_ID* CK_SLOT_ID_PTR;
-
-typedef struct CK_SLOT_INFO {
-    CK_UTF8CHAR   slotDescription[64];
-    CK_UTF8CHAR   manufacturerID[32];
-    CK_FLAGS      flags;
-
-    CK_VERSION    hardwareVersion;
-    CK_VERSION    firmwareVersion;
-} CK_SLOT_INFO;
-typedef CK_SLOT_INFO* CK_SLOT_INFO_PTR;
-
-
-/* Token Types */
-typedef struct CK_TOKEN_INFO {
-    CK_UTF8CHAR   label[32];
-    CK_UTF8CHAR   manufacturerID[32];
-    CK_UTF8CHAR   model[16];
-    CK_CHAR       serialNumber[16];
-    CK_FLAGS      flags;
-    CK_ULONG      ulMaxSessionCount;
-    CK_ULONG      ulSessionCount;
-    CK_ULONG      ulMaxRwSessionCount;
-    CK_ULONG      ulRwSessionCount;
-    CK_ULONG      ulMaxPinLen;
-    CK_ULONG      ulMinPinLen;
-    CK_ULONG      ulTotalPublicMemory;
-    CK_ULONG      ulFreePublicMemory;
-    CK_ULONG      ulTotalPrivateMemory;
-    CK_ULONG      ulFreePrivateMemory;
-    CK_VERSION    hardwareVersion;
-    CK_VERSION    firmwareVersion;
-    CK_CHAR       utcTime[16];
-} CK_TOKEN_INFO;
-typedef CK_TOKEN_INFO* CK_TOKEN_INFO_PTR;
-
-
-/* Session Types */
-typedef CK_ULONG           CK_SESSION_HANDLE;
-typedef CK_SESSION_HANDLE* CK_SESSION_HANDLE_PTR;
-
-typedef CK_ULONG          CK_USER_TYPE;
-
-typedef CK_ULONG          CK_STATE;
-
-typedef struct CK_SESSION_INFO {
-    CK_SLOT_ID    slotID;
-    CK_STATE      state;
-    CK_FLAGS      flags;
-    CK_ULONG      ulDeviceError;
-} CK_SESSION_INFO;
-typedef CK_SESSION_INFO* CK_SESSION_INFO_PTR;
-
-
-/* Object Types */
-typedef CK_ULONG          CK_OBJECT_HANDLE;
-typedef CK_OBJECT_HANDLE* CK_OBJECT_HANDLE_PTR;
-
-typedef CK_ULONG         CK_OBJECT_CLASS;
-typedef CK_OBJECT_CLASS* CK_OBJECT_CLASS_PTR;
-
-typedef CK_ULONG          CK_KEY_TYPE;
-
-typedef CK_ULONG          CK_ATTRIBUTE_TYPE;
-
-typedef struct CK_ATTRIBUTE {
-    CK_ATTRIBUTE_TYPE type;
-    CK_VOID_PTR       pValue;
-    CK_ULONG          ulValueLen;
-} CK_ATTRIBUTE;
-typedef CK_ATTRIBUTE* CK_ATTRIBUTE_PTR;
-
-
-/* Mechanism Types */
-typedef CK_ULONG           CK_MECHANISM_TYPE;
-typedef CK_MECHANISM_TYPE* CK_MECHANISM_TYPE_PTR;
-
-typedef struct CK_MECHANISM {
-    CK_MECHANISM_TYPE mechanism;
-    CK_VOID_PTR       pParameter;
-    CK_ULONG          ulParameterLen;
-} CK_MECHANISM;
-typedef CK_MECHANISM* CK_MECHANISM_PTR;
-
-typedef struct CK_MECHANISM_INFO {
-    CK_ULONG ulMinKeySize;
-    CK_ULONG ulMaxKeySize;
-    CK_FLAGS flags;
-} CK_MECHANISM_INFO;
-typedef CK_MECHANISM_INFO * CK_MECHANISM_INFO_PTR;
-
-
-typedef CK_ULONG CK_NOTIFICATION;
-
-typedef CK_RV (*CK_NOTIFY)(CK_SESSION_HANDLE hSession, CK_NOTIFICATION event,
-                           CK_VOID_PTR pApplication);
-
-
-/* Threading types. */
-typedef CK_RV (*CK_CREATEMUTEX)(CK_VOID_PTR_PTR ppMutex);
-typedef CK_RV (*CK_DESTROYMUTEX)(CK_VOID_PTR pMutex);
-typedef CK_RV (*CK_LOCKMUTEX)(CK_VOID_PTR pMutex);
-typedef CK_RV (*CK_UNLOCKMUTEX)(CK_VOID_PTR pMutex);
-
-typedef struct CK_C_INITIALIZE_ARGS {
-    CK_CREATEMUTEX CreateMutex;
-    CK_DESTROYMUTEX DestroyMutex;
-    CK_LOCKMUTEX LockMutex;
-    CK_UNLOCKMUTEX UnlockMutex;
-    CK_FLAGS flags;
-    CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-typedef CK_C_INITIALIZE_ARGS* CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* Cryptographic algorithm types. */
-typedef CK_ULONG CK_EC_KDF_TYPE;
-
-typedef struct CK_ECDH1_DERIVE_PARAMS {
-    CK_EC_KDF_TYPE kdf;
-    CK_ULONG ulSharedDataLen;
-    CK_BYTE_PTR pSharedData;
-    CK_ULONG ulPublicDataLen;
-    CK_BYTE_PTR pPublicData;
-} CK_ECDH1_DERIVE_PARAMS;
-typedef CK_ECDH1_DERIVE_PARAMS* CK_ECDH1_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_GCM_PARAMS {
-    CK_BYTE_PTR       pIv;
-    CK_ULONG          ulIvLen;
-    CK_ULONG          ulIvBits;
-    CK_BYTE_PTR       pAAD;
-    CK_ULONG          ulAADLen;
-    CK_ULONG          ulTagBits;
-} CK_GCM_PARAMS;
-typedef CK_GCM_PARAMS* CK_GCM_PARAMS_PTR;
-
-typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;
-
-typedef struct CK_RSA_PKCS_PSS_PARAMS {
-    CK_MECHANISM_TYPE hashAlg;
-    CK_RSA_PKCS_MGF_TYPE mgf;
-    CK_ULONG sLen;
-} CK_RSA_PKCS_PSS_PARAMS;
-typedef CK_RSA_PKCS_PSS_PARAMS *CK_RSA_PKCS_PSS_PARAMS_PTR;
-
-typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
-
-typedef struct CK_RSA_PKCS_OAEP_PARAMS {
-    CK_MECHANISM_TYPE hashAlg;
-    CK_RSA_PKCS_MGF_TYPE mgf;
-    CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
-    CK_VOID_PTR pSourceData;
-    CK_ULONG ulSourceDataLen;
-} CK_RSA_PKCS_OAEP_PARAMS;
-typedef CK_RSA_PKCS_OAEP_PARAMS *CK_RSA_PKCS_OAEP_PARAMS_PTR;
-
-/* Function list types. */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-typedef CK_FUNCTION_LIST* CK_FUNCTION_LIST_PTR;
-typedef CK_FUNCTION_LIST_PTR* CK_FUNCTION_LIST_PTR_PTR;
-
-typedef CK_RV (*CK_C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
-
-#ifdef HAVE_PKCS11_STATIC
-CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
-#endif
-
-struct CK_FUNCTION_LIST {
-    CK_VERSION version;
-
-    CK_RV (*C_Initialize)(CK_VOID_PTR pInitArgs);
-    CK_RV (*C_Finalize)(CK_VOID_PTR pReserved);
-    CK_RV (*C_GetInfo)(CK_INFO_PTR pInfo);
-    CK_RV (*C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList);
-    CK_RV (*C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
-                           CK_ULONG_PTR pulCount);
-    CK_RV (*C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
-    CK_RV (*C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
-    CK_RV (*C_GetMechanismList)(CK_SLOT_ID slotID,
-                                CK_MECHANISM_TYPE_PTR pMechanismList,
-                                CK_ULONG_PTR pulCount);
-    CK_RV (*C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
-                                CK_MECHANISM_INFO_PTR pInfo);
-    CK_RV (*C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin,
-                         CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel);
-    CK_RV (*C_InitPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin,
-                       CK_ULONG ulPinLen);
-    CK_RV (*C_SetPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
-                      CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin,
-                      CK_ULONG ulNewLen);
-    CK_RV (*C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags,
-                           CK_VOID_PTR pApplication, CK_NOTIFY Notify,
-                           CK_SESSION_HANDLE_PTR phSession);
-    CK_RV (*C_CloseSession)(CK_SESSION_HANDLE hSession);
-    CK_RV (*C_CloseAllSessions)(CK_SLOT_ID slotID);
-    CK_RV (*C_GetSessionInfo)(CK_SESSION_HANDLE hSession,
-                              CK_SESSION_INFO_PTR pInfo);
-    CK_RV (*C_GetOperationState)(CK_SESSION_HANDLE hSession,
-                                 CK_BYTE_PTR pOperationState,
-                                 CK_ULONG_PTR pulOperationStateLen);
-    CK_RV (*C_SetOperationState)(CK_SESSION_HANDLE hSession,
-                                 CK_BYTE_PTR pOperationState,
-                                 CK_ULONG ulOperationStateLen,
-                                 CK_OBJECT_HANDLE hEncryptionKey,
-                                 CK_OBJECT_HANDLE hAuthenticationKey);
-    CK_RV (*C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
-                     CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen);
-    CK_RV (*C_Logout)(CK_SESSION_HANDLE hSession);
-    CK_RV (*C_CreateObject)(CK_SESSION_HANDLE hSession,
-                            CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-                            CK_OBJECT_HANDLE_PTR phObject);
-    CK_RV (*C_CopyObject)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
-                          CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-                          CK_OBJECT_HANDLE_PTR phNewObject);
-    CK_RV (*C_DestroyObject)(CK_SESSION_HANDLE hSession,
-                             CK_OBJECT_HANDLE hObject);
-    CK_RV (*C_GetObjectSize)(CK_SESSION_HANDLE hSession,
-                             CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize);
-    CK_RV (*C_GetAttributeValue)(CK_SESSION_HANDLE hSession,
-                                 CK_OBJECT_HANDLE hObject,
-                                 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
-    CK_RV (*C_SetAttributeValue)(CK_SESSION_HANDLE hSession,
-                                 CK_OBJECT_HANDLE hObject,
-                                 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
-    CK_RV (*C_FindObjectsInit)(CK_SESSION_HANDLE hSession,
-                               CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
-    CK_RV (*C_FindObjects)(CK_SESSION_HANDLE hSession,
-                           CK_OBJECT_HANDLE_PTR phObject,
-                           CK_ULONG ulMaxObjectCount,
-                           CK_ULONG_PTR pulObjectCount);
-    CK_RV (*C_FindObjectsFinal)(CK_SESSION_HANDLE hSession);
-    CK_RV (*C_EncryptInit)(CK_SESSION_HANDLE hSession,
-                           CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_Encrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-                       CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData,
-                       CK_ULONG_PTR pulEncryptedDataLen);
-    CK_RV (*C_EncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
-                             CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
-                             CK_ULONG_PTR pulEncryptedPartLen);
-    CK_RV (*C_EncryptFinal)(CK_SESSION_HANDLE hSession,
-                            CK_BYTE_PTR pLastEncryptedPart,
-                            CK_ULONG_PTR pulLastEncryptedPartLen);
-    CK_RV (*C_DecryptInit)(CK_SESSION_HANDLE hSession,
-                           CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_Decrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
-                       CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData,
-                       CK_ULONG_PTR pulDataLen);
-    CK_RV (*C_DecryptUpdate)(CK_SESSION_HANDLE hSession,
-                             CK_BYTE_PTR pEncryptedPart,
-                             CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
-                             CK_ULONG_PTR pulPartLen);
-    CK_RV (*C_DecryptFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart,
-                            CK_ULONG_PTR pulLastPartLen);
-    CK_RV (*C_DigestInit)(CK_SESSION_HANDLE hSession,
-                          CK_MECHANISM_PTR pMechanism);
-    CK_RV (*C_Digest)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-                      CK_ULONG ulDataLen, CK_BYTE_PTR pDigest,
-                      CK_ULONG_PTR pulDigestLen);
-    CK_RV (*C_DigestUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
-                            CK_ULONG ulPartLen);
-    CK_RV (*C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_DigestFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
-                           CK_ULONG_PTR pulDigestLen);
-    CK_RV (*C_SignInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
-                        CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_Sign)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-                    CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
-                    CK_ULONG_PTR pulSignatureLen);
-    CK_RV (*C_SignUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
-                          CK_ULONG ulPartLen);
-    CK_RV (*C_SignFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
-                         CK_ULONG_PTR pulSignatureLen);
-    CK_RV (*C_SignRecoverInit)(CK_SESSION_HANDLE hSession,
-                               CK_MECHANISM_PTR pMechanism,
-                               CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_SignRecover)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-                           CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
-                           CK_ULONG_PTR pulSignatureLen);
-    CK_RV (*C_VerifyInit)(CK_SESSION_HANDLE hSession,
-                          CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_Verify)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
-                      CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
-                      CK_ULONG ulSignatureLen);
-    CK_RV (*C_VerifyUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
-                            CK_ULONG ulPartLen);
-    CK_RV (*C_VerifyFinal)(CK_SESSION_HANDLE hSession,
-                           CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen);
-    CK_RV (*C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession,
-                                 CK_MECHANISM_PTR pMechanism,
-                                 CK_OBJECT_HANDLE hKey);
-    CK_RV (*C_VerifyRecover)(CK_SESSION_HANDLE hSession,
-                             CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen,
-                             CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen);
-    CK_RV (*C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession,
-                                   CK_BYTE_PTR pPart, CK_ULONG ulPartLen,
-                                   CK_BYTE_PTR pEncryptedPart,
-                                   CK_ULONG_PTR pulEncryptedPartLen);
-    CK_RV (*C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession,
-                                   CK_BYTE_PTR pEncryptedPart,
-                                   CK_ULONG ulEncryptedPartLen,
-                                   CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen);
-    CK_RV (*C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession,
-                                 CK_BYTE_PTR pPart, CK_ULONG ulPartLen,
-                                 CK_BYTE_PTR pEncryptedPart,
-                                 CK_ULONG_PTR pulEncryptedPartLen);
-    CK_RV (*C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession,
-                                   CK_BYTE_PTR pEncryptedPart,
-                                   CK_ULONG ulEncryptedPartLen,
-                                   CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen);
-    CK_RV (*C_GenerateKey)(CK_SESSION_HANDLE hSession,
-                           CK_MECHANISM_PTR pMechanism,
-                           CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
-                           CK_OBJECT_HANDLE_PTR phKey);
-    CK_RV (*C_GenerateKeyPair)(CK_SESSION_HANDLE hSession,
-                               CK_MECHANISM_PTR pMechanism,
-                               CK_ATTRIBUTE_PTR pPublicKeyTemplate,
-                               CK_ULONG ulPublicKeyAttributeCount,
-                               CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
-                               CK_ULONG ulPrivateKeyAttributeCount,
-                               CK_OBJECT_HANDLE_PTR phPublicKey,
-                               CK_OBJECT_HANDLE_PTR phPrivateKey);
-    CK_RV (*C_WrapKey)(CK_SESSION_HANDLE hSession,
-                       CK_MECHANISM_PTR pMechanism,
-                       CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
-                       CK_BYTE_PTR pWrappedKey,
-                       CK_ULONG_PTR pulWrappedKeyLen);
-    CK_RV (*C_UnwrapKey)(CK_SESSION_HANDLE hSession,
-                         CK_MECHANISM_PTR pMechanism,
-                         CK_OBJECT_HANDLE hUnwrappingKey,
-                         CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
-                         CK_ATTRIBUTE_PTR pTemplate,
-                         CK_ULONG ulAttributeCount,
-                         CK_OBJECT_HANDLE_PTR phKey);
-    CK_RV (*C_DeriveKey)(CK_SESSION_HANDLE hSession,
-                         CK_MECHANISM_PTR pMechanism,
-                         CK_OBJECT_HANDLE hBaseKey,
-                         CK_ATTRIBUTE_PTR pTemplate,
-                         CK_ULONG ulAttributeCount,
-                         CK_OBJECT_HANDLE_PTR phKey);
-    CK_RV (*C_SeedRandom)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
-                          CK_ULONG ulSeedLen);
-    CK_RV (*C_GenerateRandom)(CK_SESSION_HANDLE hSession,
-                              CK_BYTE_PTR RandomData, CK_ULONG ulRandomLen);
-    CK_RV (*C_GetFunctionStatus)(CK_SESSION_HANDLE hSession);
-    CK_RV (*C_CancelFunction)(CK_SESSION_HANDLE hSession);
-    CK_RV (*C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
-                                CK_VOID_PTR pRserved);
-
-};
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _PKCS11_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/sakke.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/sakke.h
deleted file mode 100644
index 37db5a15f..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/sakke.h
+++ /dev/null
@@ -1,228 +0,0 @@
-/* sakke.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/sakke.h
-*/
-
-
-#ifndef WOLF_CRYPT_SAKKE_H
-#define WOLF_CRYPT_SAKKE_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-
-#include <wolfssl/wolfcrypt/wolfmath.h>
-#include <wolfssl/wolfcrypt/ecc.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#include <wolfssl/wolfcrypt/hmac.h>
-
-#define WOLFCRYPT_SAKKE_KMS
-#define WOLFCRYPT_SAKKE_CLIENT
-
-#define SAKKE_ID_MAX_SIZE       128
-
-/* Maximum number of loops of attempting to generate a key. */
-#ifndef SAKKE_MAX_GEN_COUNT
-    #define SAKKE_MAX_GEN_COUNT     10
-#endif
-
-
-/** MP integer in projective form. */
-typedef ecc_point mp_proj;
-
-/** SAKKE ECC parameters in usable format. */
-typedef struct SakkeKeyParams {
-    /** Prime as an MP integer. */
-    mp_int prime;
-    /** Q (order) as an MP integer. */
-    mp_int q;
-    /** G (pairing base) as an MP integer. */
-    mp_int g;
-    /** Temporary MP integer used during operations. */
-    mp_int a;
-    /** Base point for elliptic curve operations as an ECC point. */
-    ecc_point* base;
-
-    /** Bit indicate prime is set as an MP integer in SAKKE key. */
-    WC_BITFIELD havePrime:1;
-    /** Bit indicates q (order) is set as an MP integer in SAKKE key. */
-    WC_BITFIELD haveQ:1;
-    /** Bit indicates g (pairing base) is set as an MP integer in SAKKE key. */
-    WC_BITFIELD haveG:1;
-    /** Bit indicates a is set as an MP integer in SAKKE key. */
-    WC_BITFIELD haveA:1;
-    /** Bit indicates base point is set as an ECC point in SAKKE key. */
-    WC_BITFIELD haveBase:1;
-} SakkeKeyParams;
-
-/** Temporary values to use in SAKKE calculations. */
-typedef struct SakkeKeyTmp {
-    /** Temporary MP integer used during operations. */
-    mp_int m1;
-    /** Temporary MP integer used during operations. */
-    mp_int m2;
-
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-    /** Temporary elliptic curve point for use in operations. */
-    ecc_point* p1;
-    /** Temporary elliptic curve point for use in operations. */
-    ecc_point* p2;
-    /** Temporary MP projective integer for use in operations. */
-    mp_proj* p3;
-#endif
-} SakkeKeyTmp;
-
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-/** SAKKE data for the intermediate point I. */
-typedef struct SakkeKeyPointI {
-    /** Temporary elliptic curve point for use in operations. */
-    ecc_point* i;
-    /** Table associated with point I. */
-    byte* table;
-    /** Length of table */
-    word32 tableLen;
-    /** Identity associated with point I. */
-    byte id[SAKKE_ID_MAX_SIZE];
-    /** Size of identity associated with point I. */
-    word16 idSz;
-} SakkeKeyPointI;
-
-/** SAKKE data for the Receiver Secret Key (RSK). */
-typedef struct SakkeKeyRsk {
-    /** RSK (Receiver Secret Key). */
-    ecc_point* rsk;
-    /** Table associated with point I. */
-    byte* table;
-    /** Length of table */
-    word32 tableLen;
-    /** Indicates whether an RSK value has been set. */
-    WC_BITFIELD set:1;
-} SakkeKeyRsk;
-#endif
-
-/**
- * SAKKE key.
- */
-typedef struct SakkeKey {
-    /** ECC key to perform elliptic curve operations with. */
-    ecc_key ecc;
-
-    /** ECC parameter in forms that can be used in computation. */
-    SakkeKeyParams params;
-    /** Temporaries used during calculations. */
-    SakkeKeyTmp tmp;
-
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-    /** Data relating to the RSK (Receiver Secret Key). */
-    SakkeKeyRsk rsk;
-    /** Identity to perform operations with. */
-    byte id[SAKKE_ID_MAX_SIZE];
-    /** Size of identity in bytes. */
-    word16 idSz;
-
-    /** Data relating to the intermediate point I. */
-    SakkeKeyPointI i;
-
-    /** Generic hash algorithm object. */
-    wc_HashAlg hash;
-    /** Temporary buffer for use in operations. */
-    byte data[(MAX_ECC_BYTES * 2) + 1];
-#endif
-
-    /** Heap hint for dynamic memory allocation. */
-    void* heap;
-
-    /** Bit indicates Z, public key, is in montgomery form. */
-    WC_BITFIELD zMont:1;
-    /** Bit indicate MP integers have been initialized. */
-    WC_BITFIELD mpInit:1;
-} SakkeKey;
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_API int wc_InitSakkeKey(SakkeKey* key, void* heap, int devId);
-WOLFSSL_API int wc_InitSakkeKey_ex(SakkeKey* key, int keySize, int curveId,
-        void* heap, int devId);
-WOLFSSL_API void wc_FreeSakkeKey(SakkeKey* key);
-
-WOLFSSL_API int wc_MakeSakkeKey(SakkeKey* key, WC_RNG* rng);
-WOLFSSL_API int wc_MakeSakkePublicKey(SakkeKey* key, ecc_point* pub);
-
-WOLFSSL_API int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
-        ecc_point* rsk);
-WOLFSSL_API int wc_ValidateSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
-        ecc_point* rsk, int* valid);
-
-WOLFSSL_API int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz);
-WOLFSSL_API int wc_ImportSakkeKey(SakkeKey* key, const byte* data, word32 sz);
-WOLFSSL_API int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz);
-WOLFSSL_API int wc_ImportSakkePrivateKey(SakkeKey* key, const byte* data,
-        word32 sz);
-WOLFSSL_API int wc_ExportSakkePublicKey(SakkeKey* key, byte* data,
-        word32* sz, int raw);
-WOLFSSL_API int wc_ImportSakkePublicKey(SakkeKey* key, const byte* data,
-        word32 sz, int trusted);
-
-WOLFSSL_API int wc_EncodeSakkeRsk(const SakkeKey* key, ecc_point* rsk,
-        byte* out, word32* sz, int raw);
-WOLFSSL_API int wc_DecodeSakkeRsk(const SakkeKey* key, const byte* data,
-        word32 sz, ecc_point* rsk);
-WOLFSSL_API int wc_ImportSakkeRsk(SakkeKey* key, const byte* data, word32 sz);
-
-WOLFSSL_API int wc_GetSakkeAuthSize(SakkeKey* key, word16* authSz);
-
-WOLFSSL_API int wc_SetSakkeIdentity(SakkeKey* key, const byte* id, word16 idSz);
-WOLFSSL_API int wc_MakeSakkePointI(SakkeKey* key, const byte* id, word16 idSz);
-WOLFSSL_API int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz);
-WOLFSSL_API int wc_SetSakkePointI(SakkeKey* key, const byte* id, word16 idSz,
-        const byte* data, word32 sz);
-WOLFSSL_API int wc_GenerateSakkePointITable(SakkeKey* key, byte* table,
-        word32* len);
-WOLFSSL_API int wc_SetSakkePointITable(SakkeKey* key, byte* table, word32 len);
-WOLFSSL_API int wc_ClearSakkePointITable(SakkeKey* key);
-
-WOLFSSL_API int wc_MakeSakkeEncapsulatedSSV(SakkeKey* key,
-        enum wc_HashType hashType, byte* ssv, word16 ssvSz, byte* auth,
-        word16* authSz);
-
-WOLFSSL_API int wc_GenerateSakkeRskTable(const SakkeKey* key,
-        const ecc_point* rsk, byte* table, word32* len);
-WOLFSSL_API int wc_SetSakkeRsk(SakkeKey* key, const ecc_point* rsk, byte* table,
-        word32 len);
-
-WOLFSSL_API int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv,
-        word16* ssvSz);
-WOLFSSL_API int wc_DeriveSakkeSSV(SakkeKey* key, enum wc_HashType hashType,
-        byte* ssv, word16 ssvSz, const byte* auth,
-        word16 authSz);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-#endif /* WOLF_CRYPT_SAKKE_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/selftest.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/selftest.h
deleted file mode 100644
index 11758e325..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/selftest.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* selftest.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef WOLFCRYPT_SELF_TEST_H
-#define WOLFCRYPT_SELF_TEST_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-#ifdef HAVE_SELFTEST
-    /* Get wolfCrypt CAVP version */
-    WOLFSSL_API const char* wolfCrypt_GetVersion_CAVP_selftest(void);
-
-    /* wolfCrypt self test, runs CAVP KATs */
-    WOLFSSL_API int wolfCrypt_SelfTest(void);
-#endif
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFCRYPT_SELF_TEST_H */
-
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/sp.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/sp.h
deleted file mode 100644
index 666bbb9f1..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/sp.h
+++ /dev/null
@@ -1,447 +0,0 @@
-/* sp.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef WOLF_CRYPT_SP_H
-#define WOLF_CRYPT_SP_H
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/settings.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-                                    defined(WOLFSSL_HAVE_SP_ECC)
-#ifdef _WIN32_WCE
-    typedef __int8           int8_t;
-    typedef __int32          int32_t;
-    typedef __int64          int64_t;
-    typedef unsigned __int8  uint8_t;
-    typedef unsigned __int32 uint32_t;
-    typedef unsigned __int64 uint64_t;
-#elif !defined(NO_STDINT_H)
-    #include <stdint.h>
-#endif
-
-#include <wolfssl/wolfcrypt/wolfmath.h>
-#include <wolfssl/wolfcrypt/sp_int.h>
-
-#if defined(HAVE_ECC) && defined(WOLFSSL_HAVE_SP_ECC)
-    #include <wolfssl/wolfcrypt/ecc.h>
-#else
-    #undef WOLFSSL_HAVE_SP_ECC
-#endif
-
-#ifdef noinline
-    #define SP_NOINLINE noinline
-#elif defined(_MSC_VER)
-    #define SP_NOINLINE __declspec(noinline)
-#elif defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-    #define SP_NOINLINE _Pragma("inline = never")
-#elif defined(__GNUC__) || defined(__KEIL__) || defined(__DCC__)
-    #define SP_NOINLINE __attribute__((noinline))
-#else
-    #define SP_NOINLINE
-#endif
-
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_RSA
-
-/* non-const versions only needed for inlined ARM assembly */
-#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \
-    && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) )
-
-WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen,
-    mp_int* em, mp_int* mm, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen,
-    mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim,
-    mp_int* mm, byte* out, word32* outLen);
-
-WOLFSSL_LOCAL int sp_RsaPublic_3072(const byte* in, word32 inLen,
-    mp_int* em, mp_int* mm, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_RsaPrivate_3072(const byte* in, word32 inLen,
-    mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim,
-    mp_int* mm, byte* out, word32* outLen);
-
-WOLFSSL_LOCAL int sp_RsaPublic_4096(const byte* in, word32 inLen,
-    mp_int* em, mp_int* mm, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_RsaPrivate_4096(const byte* in, word32 inLen,
-    mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim,
-    mp_int* mm, byte* out, word32* outLen);
-
-#else
-
-WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen,
-    const mp_int* em, const mp_int* mm, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen,
-    const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm,
-    const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out,
-    word32* outLen);
-
-WOLFSSL_LOCAL int sp_RsaPublic_3072(const byte* in, word32 inLen,
-    const mp_int* em, const mp_int* mm, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_RsaPrivate_3072(const byte* in, word32 inLen,
-    const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm,
-    const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out,
-    word32* outLen);
-
-WOLFSSL_LOCAL int sp_RsaPublic_4096(const byte* in, word32 inLen,
-    const mp_int* em, const mp_int* mm, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_RsaPrivate_4096(const byte* in, word32 inLen,
-    const mp_int* dm, const mp_int* pm, const mp_int* qm, const mp_int* dpm,
-    const mp_int* dqm, const mp_int* qim, const mp_int* mm, byte* out,
-    word32* outLen);
-
-#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */
-
-#endif /* WOLFSSL_HAVE_SP_RSA */
-
-#if defined(WOLFSSL_HAVE_SP_DH) || defined(WOLFSSL_HAVE_SP_RSA)
-
-/* non-const versions only needed for inlined ARM assembly */
-#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \
-    && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) )
-
-WOLFSSL_LOCAL int sp_ModExp_1024(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_1536(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_2048(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_3072(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_4096(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-
-#else
-
-WOLFSSL_LOCAL int sp_ModExp_1024(const mp_int* base, const mp_int* exp,
-    const mp_int* mod, mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_1536(const mp_int* base, const mp_int* exp,
-    const mp_int* mod, mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_2048(const mp_int* base, const mp_int* exp,
-    const mp_int* mod, mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_3072(const mp_int* base, const mp_int* exp,
-    const mp_int* mod, mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_4096(const mp_int* base, const mp_int* exp,
-    const mp_int* mod, mp_int* res);
-
-#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */
-
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-/* non-const versions only needed for inlined ARM assembly */
-#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \
-    && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) )
-
-WOLFSSL_LOCAL int sp_DhExp_2048(mp_int* base, const byte* exp, word32 expLen,
-    mp_int* mod, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_DhExp_3072(mp_int* base, const byte* exp, word32 expLen,
-    mp_int* mod, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_DhExp_4096(mp_int* base, const byte* exp, word32 expLen,
-    mp_int* mod, byte* out, word32* outLen);
-
-#else
-
-WOLFSSL_LOCAL int sp_DhExp_2048(const mp_int* base, const byte* exp,
-    word32 expLen, const mp_int* mod, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_DhExp_3072(const mp_int* base, const byte* exp,
-    word32 expLen, const mp_int* mod, byte* out, word32* outLen);
-WOLFSSL_LOCAL int sp_DhExp_4096(const mp_int* base, const byte* exp,
-    word32 expLen, const mp_int* mod, byte* out, word32* outLen);
-
-#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */
-
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-
-/* non-const versions only needed for inlined ARM assembly */
-#if defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION == 2 \
-    && ( defined(WOLFSSL_SP_ARM32_ASM) || defined(WOLFSSL_SP_ARM64_ASM) )
-
-int sp_ecc_mulmod_256(mp_int* km, ecc_point* gm, ecc_point* rm, int map,
-                      void* heap);
-int sp_ecc_mulmod_base_256(mp_int* km, ecc_point* rm, int map, void* heap);
-
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap);
-int sp_ecc_secret_gen_256(mp_int* priv, ecc_point* pub, byte* out,
-                          word32* outlen, void* heap);
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
-                    mp_int* rm, mp_int* sm, mp_int* km, void* heap);
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
-                      mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
-int sp_ecc_is_point_256(mp_int* pX, mp_int* pY);
-int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap);
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ);
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ);
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ);
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym);
-
-
-int sp_ecc_mulmod_384(mp_int* km, ecc_point* gm, ecc_point* rm, int map,
-                      void* heap);
-int sp_ecc_mulmod_base_384(mp_int* km, ecc_point* rm, int map, void* heap);
-
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap);
-int sp_ecc_secret_gen_384(mp_int* priv, ecc_point* pub, byte* out,
-                          word32* outlen, void* heap);
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
-                    mp_int* rm, mp_int* sm, mp_int* km, void* heap);
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
-                      mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
-int sp_ecc_is_point_384(mp_int* pX, mp_int* pY);
-int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap);
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ);
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ);
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ);
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym);
-
-#else
-
-WOLFSSL_LOCAL int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm,
-    ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* rm,
-    int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_256(const mp_int* km,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub,
-    void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_256(const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outlen, void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_256(const byte* hash, word32 hashLen,
-    const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r,
-    const mp_int* sm, int* res, void* heap);
-WOLFSSL_LOCAL int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY);
-WOLFSSL_LOCAL int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap);
-WOLFSSL_LOCAL int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-    mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-    mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ);
-WOLFSSL_LOCAL int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym);
-
-WOLFSSL_LOCAL int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm,
-    ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* rm,
-    int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_384(const mp_int* km,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_384(const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outlen, void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_384(const byte* hash, word32 hashLen,
-    const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r,
-    const mp_int* sm, int* res, void* heap);
-WOLFSSL_LOCAL int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY);
-WOLFSSL_LOCAL int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap);
-WOLFSSL_LOCAL int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-    mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-    mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ);
-WOLFSSL_LOCAL int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym);
-
-WOLFSSL_LOCAL int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm,
-    ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* rm,
-    int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_521(const mp_int* km,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_521(const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outlen, void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_521(const byte* hash, word32 hashLen,
-    const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r,
-    const mp_int* sm, int* res, void* heap);
-WOLFSSL_LOCAL int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY);
-WOLFSSL_LOCAL int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap);
-WOLFSSL_LOCAL int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-    mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-    mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ);
-WOLFSSL_LOCAL int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym);
-
-WOLFSSL_LOCAL int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm,
-    ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* rm,
-    int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_1024(const mp_int* km,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table,
-    word32* len, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_table_1024(const mp_int* km,
-    const ecc_point* gm, byte* table, ecc_point* r, int map, void* heap);
-WOLFSSL_LOCAL int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_Pairing_1024(const ecc_point* p, const ecc_point* q,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_Pairing_gen_precomp_1024(const ecc_point* p, byte* table,
-    word32* len);
-WOLFSSL_LOCAL int sp_Pairing_precomp_1024(const ecc_point* p,
-    const ecc_point* q, mp_int* res, const byte* table, word32 len);
-WOLFSSL_LOCAL int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY);
-WOLFSSL_LOCAL int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_mulmod_sm2_256(const mp_int* km, const ecc_point* gm,
-    ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_add_sm2_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_sm2_256(const mp_int* km, ecc_point* rm,
-    int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_sm2_256(const mp_int* km,
-    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_sm2_256(WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_sm2_256(const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outlen, void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_sm2_256(const byte* hash, word32 hashLen,
-    WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km,
-    void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_sm2_256(const byte* hash, word32 hashLen,
-    const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r,
-    const mp_int* sm, int* res, void* heap);
-WOLFSSL_LOCAL int sp_ecc_is_point_sm2_256(const mp_int* pX, const mp_int* pY);
-WOLFSSL_LOCAL int sp_ecc_check_key_sm2_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap);
-WOLFSSL_LOCAL int sp_ecc_proj_add_point_sm2_256(mp_int* pX, mp_int* pY,
-    mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY,
-    mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_sm2_256(mp_int* pX, mp_int* pY,
-    mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_map_sm2_256(mp_int* pX, mp_int* pY, mp_int* pZ);
-WOLFSSL_LOCAL int sp_ecc_uncompress_sm2_256(mp_int* xm, int odd, mp_int* ym);
-
-#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2  && !WOLFSSL_SP_ARM[32|64]_ASM */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-WOLFSSL_LOCAL int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng,
-    mp_int* priv, ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx,
-    const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen,
-    void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_256_nb(sp_ecc_ctx_t* ctx, const byte* hash,
-    word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm,
-    mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_256_nb(sp_ecc_ctx_t* ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* r, const mp_int* sm, int* res, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng,
-    mp_int* priv, ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx,
-    const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen,
-    void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_384_nb(sp_ecc_ctx_t* ctx, const byte* hash,
-    word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm,
-    mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_384_nb(sp_ecc_ctx_t* ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* r, const mp_int* sm, int* res, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng,
-    mp_int* priv, ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx,
-    const mp_int* priv, const ecc_point* pub, byte* out, word32* outLen,
-    void* heap);
-WOLFSSL_LOCAL int sp_ecc_sign_521_nb(sp_ecc_ctx_t* ctx, const byte* hash,
-    word32 hashLen, WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm,
-    mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_521_nb(sp_ecc_ctx_t* ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* r, const mp_int* sm, int* res, void* heap);
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_SM2
-
-WOLFSSL_LOCAL int sp_ecc_mulmod_sm2_256(mp_int* km, ecc_point* gm,
-    ecc_point* rm, int map, void* heap);
-WOLFSSL_LOCAL int sp_ecc_mulmod_base_sm2_256(mp_int* km, ecc_point* rm, int map,
-    void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_make_key_sm2_256(WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap);
-WOLFSSL_LOCAL int sp_ecc_secret_gen_sm2_256(mp_int* priv, ecc_point* pub,
-    byte* out, word32* outlen, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_sign_sm2_256(const byte* hash, word32 hashLen,
-    WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap);
-WOLFSSL_LOCAL int sp_ecc_verify_sm2_256(const byte* hash, word32 hashLen,
-    mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res,
-    void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_is_point_sm2_256(mp_int* pX, mp_int* pY);
-WOLFSSL_LOCAL int sp_ecc_check_key_sm2_256(mp_int* pX, mp_int* pY,
-    mp_int* privm, void* heap);
-
-WOLFSSL_LOCAL int sp_ecc_proj_add_point_sm2_256(mp_int* pX, mp_int* pY,
-    mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY,
-    mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_sm2_256(mp_int* pX, mp_int* pY,
-    mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ);
-WOLFSSL_LOCAL int sp_ecc_map_sm2_256(mp_int* pX, mp_int* pY, mp_int* pZ);
-WOLFSSL_LOCAL int sp_ecc_uncompress_sm2_256(mp_int* xm, int odd, mp_int* ym);
-
-#endif
-
-
-#endif /* WOLFSSL_HAVE_SP_ECC */
-
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_HAVE_SP_RSA || WOLFSSL_HAVE_SP_DH || WOLFSSL_HAVE_SP_ECC */
-
-#endif /* WOLF_CRYPT_SP_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/sphincs.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/sphincs.h
deleted file mode 100644
index 06928aa22..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/sphincs.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/* sphincs.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/sphincs.h
-*/
-
-/* Interfaces for Sphincs:
- *     - SPHINCS_FAST_LEVEL1 (AKA SPHINCS+-SHAKE-128f-simple)
- *     - SPHINCS_FAST_LEVEL3 (AKA SPHINCS+-SHAKE-192f-simple)
- *     - SPHINCS_FAST_LEVEL5 (AKA SPHINCS+-SHAKE-256f-simple)
- *     - SPHINCS_SMALL_LEVEL1 (AKA SPHINCS+-SHAKE-128s-simple)
- *     - SPHINCS_SMALL_LEVEL3 (AKA SPHINCS+-SHAKE-192s-simple)
- *     - SPHINCS_SMALL_LEVEL5 (AKA SPHINCS+-SHAKE-256s-simple)
- */
-
-#ifndef WOLF_CRYPT_SPHINCS_H
-#define WOLF_CRYPT_SPHINCS_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#if defined(HAVE_PQC) && defined(HAVE_SPHINCS)
-
-#ifdef HAVE_LIBOQS
-#include <oqs/oqs.h>
-#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
-#endif
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Macros Definitions */
-
-#ifdef HAVE_LIBOQS
-
-#define SPHINCS_FAST_LEVEL1_SIG_SIZE     OQS_SIG_sphincs_shake_128f_simple_length_signature
-#define SPHINCS_FAST_LEVEL3_SIG_SIZE     OQS_SIG_sphincs_shake_192f_simple_length_signature
-#define SPHINCS_FAST_LEVEL5_SIG_SIZE     OQS_SIG_sphincs_shake_256f_simple_length_signature
-#define SPHINCS_SMALL_LEVEL1_SIG_SIZE    OQS_SIG_sphincs_shake_128s_simple_length_signature
-#define SPHINCS_SMALL_LEVEL3_SIG_SIZE    OQS_SIG_sphincs_shake_192s_simple_length_signature
-#define SPHINCS_SMALL_LEVEL5_SIG_SIZE    OQS_SIG_sphincs_shake_256s_simple_length_signature
-
-#define SPHINCS_LEVEL1_KEY_SIZE     OQS_SIG_sphincs_shake_128f_simple_length_secret_key
-#define SPHINCS_LEVEL1_PUB_KEY_SIZE OQS_SIG_sphincs_shake_128f_simple_length_public_key
-#define SPHINCS_LEVEL1_PRV_KEY_SIZE (SPHINCS_LEVEL1_PUB_KEY_SIZE+SPHINCS_LEVEL1_KEY_SIZE)
-
-#define SPHINCS_LEVEL3_KEY_SIZE     OQS_SIG_sphincs_shake_192f_simple_length_secret_key
-#define SPHINCS_LEVEL3_PUB_KEY_SIZE OQS_SIG_sphincs_shake_192f_simple_length_public_key
-#define SPHINCS_LEVEL3_PRV_KEY_SIZE (SPHINCS_LEVEL3_PUB_KEY_SIZE+SPHINCS_LEVEL3_KEY_SIZE)
-
-#define SPHINCS_LEVEL5_KEY_SIZE     OQS_SIG_sphincs_shake_256f_simple_length_secret_key
-#define SPHINCS_LEVEL5_PUB_KEY_SIZE OQS_SIG_sphincs_shake_256f_simple_length_public_key
-#define SPHINCS_LEVEL5_PRV_KEY_SIZE (SPHINCS_LEVEL5_PUB_KEY_SIZE+SPHINCS_LEVEL5_KEY_SIZE)
-#endif
-
-#define SPHINCS_MAX_SIG_SIZE     SPHINCS_FAST_LEVEL5_SIG_SIZE
-#define SPHINCS_MAX_KEY_SIZE     SPHINCS_LEVEL5_PRV_KEY_SIZE
-#define SPHINCS_MAX_PUB_KEY_SIZE SPHINCS_LEVEL5_PUB_KEY_SIZE
-#define SPHINCS_MAX_PRV_KEY_SIZE SPHINCS_LEVEL5_PRV_KEY_SIZE
-
-#define FAST_VARIANT    1
-#define SMALL_VARIANT   2
-
-/* Structs */
-
-struct sphincs_key {
-    bool pubKeySet;
-    bool prvKeySet;
-    byte level; /* 1,3 or 5 */
-    byte optim; /* FAST_VARIANT or SMALL_VARIANT */
-    byte p[SPHINCS_MAX_PUB_KEY_SIZE];
-    byte k[SPHINCS_MAX_PRV_KEY_SIZE];
-};
-
-#ifndef WC_SPHINCSKEY_TYPE_DEFINED
-    typedef struct sphincs_key sphincs_key;
-    #define WC_SPHINCSKEY_TYPE_DEFINED
-#endif
-
-/* Functions */
-
-WOLFSSL_API
-int wc_sphincs_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
-                        sphincs_key* key, WC_RNG* rng);
-WOLFSSL_API
-int wc_sphincs_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                          word32 msgLen, int* res, sphincs_key* key);
-
-WOLFSSL_API
-int wc_sphincs_init(sphincs_key* key);
-WOLFSSL_API
-int wc_sphincs_set_level_and_optim(sphincs_key* key, byte level, byte optim);
-WOLFSSL_API
-int wc_sphincs_get_level_and_optim(sphincs_key* key, byte* level, byte *optim);
-WOLFSSL_API
-void wc_sphincs_free(sphincs_key* key);
-
-WOLFSSL_API
-int wc_sphincs_import_public(const byte* in, word32 inLen, sphincs_key* key);
-WOLFSSL_API
-int wc_sphincs_import_private_only(const byte* priv, word32 privSz,
-                                   sphincs_key* key);
-WOLFSSL_API
-int wc_sphincs_import_private_key(const byte* priv, word32 privSz,
-                                  const byte* pub, word32 pubSz,
-                                  sphincs_key* key);
-
-WOLFSSL_API
-int wc_sphincs_export_public(sphincs_key* key, byte* out, word32* outLen);
-WOLFSSL_API
-int wc_sphincs_export_private_only(sphincs_key* key, byte* out, word32* outLen);
-WOLFSSL_API
-int wc_sphincs_export_private(sphincs_key* key, byte* out, word32* outLen);
-WOLFSSL_API
-int wc_sphincs_export_key(sphincs_key* key, byte* priv, word32 *privSz,
-                          byte* pub, word32 *pubSz);
-
-WOLFSSL_API
-int wc_sphincs_check_key(sphincs_key* key);
-
-WOLFSSL_API
-int wc_sphincs_size(sphincs_key* key);
-WOLFSSL_API
-int wc_sphincs_priv_size(sphincs_key* key);
-WOLFSSL_API
-int wc_sphincs_pub_size(sphincs_key* key);
-WOLFSSL_API
-int wc_sphincs_sig_size(sphincs_key* key);
-
-WOLFSSL_API int wc_Sphincs_PrivateKeyDecode(const byte* input,
-                                            word32* inOutIdx,
-                                            sphincs_key* key, word32 inSz);
-WOLFSSL_API int wc_Sphincs_PublicKeyDecode(const byte* input,
-                                           word32* inOutIdx,
-                                           sphincs_key* key, word32 inSz);
-WOLFSSL_API int wc_Sphincs_KeyToDer(sphincs_key* key, byte* output,
-                                    word32 inLen);
-WOLFSSL_API int wc_Sphincs_PrivateKeyToDer(sphincs_key* key, byte* output,
-                                           word32 inLen);
-WOLFSSL_API int wc_Sphincs_PublicKeyToDer(sphincs_key* key, byte* output,
-                                          word32 inLen, int withAlg);
-
-#ifdef __cplusplus
-    }    /* extern "C" */
-#endif
-
-#endif /* HAVE_PQC && HAVE_SPHINCS */
-#endif /* WOLF_CRYPT_SPHINCS_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/tfm.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/tfm.h
deleted file mode 100644
index 48d85a78e..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/tfm.h
+++ /dev/null
@@ -1,941 +0,0 @@
-/* tfm.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/*
- * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-/**
- *  Edited by Moises Guimaraes (moises.guimaraes@phoebus.com.br)
- *  to fit CyaSSL's needs.
- */
-
-/*!
-    \file wolfssl/wolfcrypt/tfm.h
-*/
-
-#ifndef WOLF_CRYPT_TFM_H
-#define WOLF_CRYPT_TFM_H
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#ifndef CHAR_BIT
-    #include <limits.h>
-#endif
-
-#include <wolfssl/wolfcrypt/random.h>
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-#ifdef WOLFSSL_NO_ASM
-   #undef  TFM_NO_ASM
-   #define TFM_NO_ASM
-#endif
-
-#ifdef NO_64BIT
-   #undef  NO_TFM_64BIT
-   #define NO_TFM_64BIT
-#endif
-
-#ifndef NO_TFM_64BIT
-/* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */
-#if defined(__x86_64__)
-   #if defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM)
-       #error x86-64 detected, x86-32/SSE2/ARM optimizations are not valid!
-   #endif
-   #if !defined(TFM_X86_64) && !defined(TFM_NO_ASM)
-      #define TFM_X86_64
-   #endif
-#endif
-#if defined(__aarch64__) && defined(__APPLE__)
-    #if !defined(TFM_AARCH_64) && !defined(TFM_NO_ASM)
-        #define TFM_AARCH_64
-    #endif
-#endif
-#if defined(TFM_X86_64) || defined(TFM_AARCH_64)
-    #if !defined(FP_64BIT)
-       #define FP_64BIT
-    #endif
-#endif
-/* use 64-bit digit even if not using asm on x86_64 */
-#if defined(__x86_64__) && !defined(FP_64BIT)
-    #define FP_64BIT
-#endif
-/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */
-#if defined(FP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T)
-    #undef FP_64BIT
-    #undef TFM_X86_64
-#endif
-#endif /* NO_TFM_64BIT */
-
-/* try to detect x86-32 */
-#if defined(__i386__) && !defined(TFM_SSE2)
-   #if defined(TFM_X86_64) || defined(TFM_ARM)
-       #error x86-32 detected, x86-64/ARM optimizations are not valid!
-   #endif
-   #if !defined(TFM_X86) && !defined(TFM_NO_ASM)
-      #define TFM_X86
-   #endif
-#endif
-
-/* make sure we're 32-bit for x86-32/sse/arm/ppc32 */
-#if (defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM) || defined(TFM_PPC32)) && defined(FP_64BIT)
-   #warning x86-32, SSE2 and ARM, PPC32 optimizations require 32-bit digits (undefining)
-   #undef FP_64BIT
-#endif
-
-/* multi asms? */
-#ifdef TFM_X86
-   #define TFM_ASM
-#endif
-#ifdef TFM_X86_64
-   #ifdef TFM_ASM
-      #error TFM_ASM already defined!
-   #endif
-   #define TFM_ASM
-#endif
-#ifdef TFM_SSE2
-   #ifdef TFM_ASM
-      #error TFM_ASM already defined!
-   #endif
-   #define TFM_ASM
-#endif
-#ifdef TFM_ARM
-   #ifdef TFM_ASM
-      #error TFM_ASM already defined!
-   #endif
-   #define TFM_ASM
-#endif
-#ifdef TFM_PPC32
-   #ifdef TFM_ASM
-      #error TFM_ASM already defined!
-   #endif
-   #define TFM_ASM
-#endif
-#ifdef TFM_PPC64
-   #ifdef TFM_ASM
-      #error TFM_ASM already defined!
-   #endif
-   #define TFM_ASM
-#endif
-#ifdef TFM_AVR32
-   #ifdef TFM_ASM
-      #error TFM_ASM already defined!
-   #endif
-   #define TFM_ASM
-#endif
-
-/* we want no asm? */
-#ifdef TFM_NO_ASM
-   #undef TFM_X86
-   #undef TFM_X86_64
-   #undef TFM_SSE2
-   #undef TFM_ARM
-   #undef TFM_PPC32
-   #undef TFM_PPC64
-   #undef TFM_AVR32
-   #undef TFM_ASM
-#endif
-
-/* ECC helpers */
-#ifdef TFM_ECC192
-   #ifdef FP_64BIT
-       #define TFM_MUL3
-       #define TFM_SQR3
-   #else
-       #define TFM_MUL6
-       #define TFM_SQR6
-   #endif
-#endif
-
-#ifdef TFM_ECC224
-   #ifdef FP_64BIT
-       #define TFM_MUL4
-       #define TFM_SQR4
-   #else
-       #define TFM_MUL7
-       #define TFM_SQR7
-   #endif
-#endif
-
-#ifdef TFM_ECC256
-   #ifdef FP_64BIT
-       #define TFM_MUL4
-       #define TFM_SQR4
-   #else
-       #define TFM_MUL8
-       #define TFM_SQR8
-   #endif
-#endif
-
-#ifdef TFM_ECC384
-   #ifdef FP_64BIT
-       #define TFM_MUL6
-       #define TFM_SQR6
-   #else
-       #define TFM_MUL12
-       #define TFM_SQR12
-   #endif
-#endif
-
-#ifdef TFM_ECC521
-   #ifdef FP_64BIT
-       #define TFM_MUL9
-       #define TFM_SQR9
-   #else
-       #define TFM_MUL17
-       #define TFM_SQR17
-   #endif
-#endif
-
-
-/* allow user to define on fp_digit, fp_word types */
-#ifndef WOLFSSL_BIGINT_TYPES
-
-/* some default configurations.
- */
-#if defined(WC_16BIT_CPU)
-   typedef unsigned int    fp_digit;
-   #define SIZEOF_FP_DIGIT 2
-   typedef unsigned long   fp_word;
-   typedef   signed long   fp_sword;
-#elif defined(FP_64BIT)
-   /* for GCC only on supported platforms */
-   typedef unsigned long long fp_digit;   /* 64bit, 128 uses mode(TI) below */
-   #define SIZEOF_FP_DIGIT 8
-   typedef unsigned long      fp_word  __attribute__ ((mode(TI)));
-   typedef   signed long      fp_sword __attribute__ ((mode(TI)));
-#else
-
-   #ifndef NO_TFM_64BIT
-      #if defined(_MSC_VER) || defined(__BORLANDC__)
-         typedef unsigned __int64   ulong64;
-         #if defined(INTIME_RTOS)
-            #undef long64
-         #endif
-         typedef   signed __int64    long64;
-      #else
-         typedef unsigned long long ulong64;
-         typedef   signed long long  long64;
-      #endif
-      typedef unsigned int       fp_digit;
-      #define SIZEOF_FP_DIGIT 4
-      typedef ulong64            fp_word;
-      typedef long64             fp_sword;
-      #define FP_32BIT
-   #else
-      /* some procs like coldfire prefer not to place multiply into 64bit type
-         even though it exists */
-      typedef unsigned short     fp_digit;
-      #define SIZEOF_FP_DIGIT 2
-      typedef unsigned int       fp_word;
-      typedef   signed int       fp_sword;
-   #endif
-#endif
-
-#endif /* WOLFSSL_BIGINT_TYPES */
-
-
-/* # of digits this is */
-#define DIGIT_BIT   ((CHAR_BIT) * SIZEOF_FP_DIGIT)
-
-/* Max size of any number in bits.  Basically the largest size you will be
- * multiplying should be half [or smaller] of FP_MAX_SIZE-four_digit
- *
- * It defaults to 4096-bits [allowing multiplications up to 2048x2048 bits ]
- */
-
-
-#ifndef FP_MAX_BITS
-    #define FP_MAX_BITS           4096
-#endif
-#ifdef WOLFSSL_OPENSSH
-    /* OpenSSH uses some BIG primes so we need to accommodate for that */
-    #undef FP_MAX_BITS
-    #define FP_MAX_BITS 16384
-#endif
-#define FP_MAX_SIZE           (FP_MAX_BITS+(8*DIGIT_BIT))
-
-/* will this lib work? */
-#if CHAR_BIT == 0
-   #error CHAR_BIT must be nonzero
-#endif
-#if (CHAR_BIT & 7)
-   #error CHAR_BIT must be a multiple of eight.
-#endif
-#if FP_MAX_BITS % CHAR_BIT
-   #error FP_MAX_BITS must be a multiple of CHAR_BIT
-#endif
-
-#define FP_MASK    (fp_digit)(-1)
-#define FP_DIGIT_MAX FP_MASK
-#define FP_SIZE    (FP_MAX_SIZE/DIGIT_BIT)
-#define MP_SIZE    (FP_MAX_SIZE/DIGIT_BIT) /* for compatibility with SP_INT */
-
-
-#define FP_MAX_PRIME_SIZE (FP_MAX_BITS/(2*CHAR_BIT))
-/* In terms of FP_MAX_BITS, it is double the size possible for a number
- * to allow for multiplication, divide that 2 out. Also divide by CHAR_BIT
- * to convert from bits to bytes. (Note, FP_PRIME_SIZE is the number of
- * values in the canned prime number list.) */
-
-/* signs */
-#define FP_ZPOS     0
-#define FP_NEG      1
-
-/* return codes */
-#define FP_OKAY      0
-#define FP_VAL      MP_VAL
-#define FP_MEM      MP_MEM
-#define FP_NOT_INF  MP_NOT_INF
-#define FP_WOULDBLOCK MP_WOULDBLOCK
-
-/* equalities */
-#define FP_LT        (-1)   /* less than */
-#define FP_EQ         0   /* equal to */
-#define FP_GT         1   /* greater than */
-
-/* replies */
-#define FP_YES        1   /* yes response */
-#define FP_NO         0   /* no response */
-
-
-#ifdef WOLFSSL_SMALL_STACK
-/*
- * Dynamic memory allocation of mp_int.
- */
-/* Declare a dynamically allocated mp_int. */
-#define DECL_MP_INT_SIZE(name, bits)                        \
-    mp_int* name = NULL
-/* Declare a dynamically allocated mp_int. */
-#define DECL_MP_INT_SIZE_DYN(name, bits, max)               \
-    mp_int* name = NULL
-/* Allocate an mp_int of minimal size and zero out. */
-#define NEW_MP_INT_SIZE(name, bits, heap, type)             \
-do {                                                        \
-    name = (mp_int*)XMALLOC(sizeof(mp_int), heap, type);    \
-    if (name != NULL) {                                     \
-        XMEMSET(name, 0, sizeof(mp_int));                   \
-    }                                                       \
-}                                                           \
-while (0)
-/* Dispose of dynamically allocated mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)      \
-    XFREE(name, heap, type)
-/* Must check for mp_int pointer for NULL. */
-#define MP_INT_SIZE_CHECK_NULL
-#else
-/*
- * Static allocation of mp_int.
- */
-/* Declare a statically allocated mp_int. */
-#define DECL_MP_INT_SIZE(name, bits)            \
-    mp_int name[1]
-/* Declare a statically allocated mp_int. */
-#define DECL_MP_INT_SIZE_DYN(name, bits, max)   \
-    mp_int name[1]
-/* Zero out mp_int of minimal size. */
-#define NEW_MP_INT_SIZE(name, bits, heap, type) \
-    XMEMSET(name, 0, sizeof(mp_int))
-/* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
-#endif
-
-/* Initialize an mp_int. */
-#define INIT_MP_INT_SIZE(name, bits) \
-    mp_init(name)
-/* Type to cast to when using size macros. */
-#define MP_INT_SIZE     mp_int
-
-
-#ifdef HAVE_WOLF_BIGINT
-    /* raw big integer */
-    typedef struct WC_BIGINT {
-        byte*   buf;
-        word32  len;
-        void*   heap;
-    } WC_BIGINT;
-    #define WOLF_BIGINT_DEFINED
-#endif
-
-#define wc_mp_size_t int
-#define wc_mp_sign_t int
-
-/* a FP type */
-typedef struct fp_int {
-    int      used;
-    int      sign;
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    int      size;
-#endif
-    fp_digit dp[FP_SIZE];
-
-#ifdef HAVE_WOLF_BIGINT
-    struct WC_BIGINT raw; /* unsigned binary (big endian) */
-#endif
-} fp_int;
-
-/* Types */
-typedef fp_digit mp_digit;
-typedef fp_word  mp_word;
-typedef fp_int   mp_int;
-
-
-/* wolf big int and common functions */
-#include <wolfssl/wolfcrypt/wolfmath.h>
-
-
-/* externally define this symbol to ignore the default settings, useful for changing the build from the make process */
-#ifndef TFM_ALREADY_SET
-
-/* do we want the large set of small multiplications ?
-   Enable these if you are going to be doing a lot of small (<= 16 digit) multiplications say in ECC
-   Or if you're on a 64-bit machine doing RSA as a 1024-bit integer == 16 digits ;-)
- */
-/* need to refactor the function */
-/*#define TFM_SMALL_SET */
-
-/* do we want huge code
-   Enable these if you are doing 20, 24, 28, 32, 48, 64 digit multiplications (useful for RSA)
-   Less important on 64-bit machines as 32 digits == 2048 bits
- */
-#if 0
-#define TFM_MUL3
-#define TFM_MUL4
-#define TFM_MUL6
-#define TFM_MUL7
-#define TFM_MUL8
-#define TFM_MUL9
-#define TFM_MUL12
-#define TFM_MUL17
-#endif
-#ifdef TFM_HUGE_SET
-#define TFM_MUL20
-#define TFM_MUL24
-#define TFM_MUL28
-#define TFM_MUL32
-#if (FP_MAX_BITS >= 6144) && defined(FP_64BIT)
-    #define TFM_MUL48
-#endif
-#if (FP_MAX_BITS >= 8192) && defined(FP_64BIT)
-    #define TFM_MUL64
-#endif
-#endif
-
-#if 0
-#define TFM_SQR3
-#define TFM_SQR4
-#define TFM_SQR6
-#define TFM_SQR7
-#define TFM_SQR8
-#define TFM_SQR9
-#define TFM_SQR12
-#define TFM_SQR17
-#endif
-#ifdef TFM_HUGE_SET
-#define TFM_SQR20
-#define TFM_SQR24
-#define TFM_SQR28
-#define TFM_SQR32
-#define TFM_SQR48
-#define TFM_SQR64
-#endif
-
-/* Optional math checks (enable WOLFSSL_DEBUG_MATH to print info) */
-/* #define TFM_CHECK */
-
-/* Is the target a P4 Prescott
- */
-/* #define TFM_PRESCOTT */
-
-/* Do we want timing resistant fp_exptmod() ?
- * This makes it slower but also timing invariant with respect to the exponent
- */
-/* #define TFM_TIMING_RESISTANT */
-
-#endif /* TFM_ALREADY_SET */
-
-/* functions */
-
-/* returns a TFM ident string useful for debugging... */
-/*const char *fp_ident(void);*/
-
-/* initialize [or zero] an fp int */
-void fp_init(fp_int *a);
-MP_API void fp_zero(fp_int *a);
-MP_API void fp_clear(fp_int *a);
-/* uses ForceZero to clear sensitive memory */
-MP_API void fp_forcezero (fp_int * a);
-MP_API void fp_free(fp_int* a);
-
-/* zero/one/even/odd/neg/word ? */
-#define fp_iszero(a) (((a)->used == 0) ? FP_YES : FP_NO)
-#define fp_isone(a) \
-    ((((a)->used == 1) && ((a)->dp[0] == 1) && ((a)->sign == FP_ZPOS)) \
-                                                               ? FP_YES : FP_NO)
-#define fp_iseven(a) \
-    (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? FP_YES : FP_NO)
-#define fp_isodd(a)  \
-    (((a)->used > 0  && (((a)->dp[0] & 1) == 1)) ? FP_YES : FP_NO)
-#define fp_isneg(a)  (((a)->sign != FP_ZPOS) ? FP_YES : FP_NO)
-#define fp_setneg(a) ((a)->sign = FP_NEG)
-#define fp_isword(a, w) \
-    (((((a)->used == 1) && ((a)->dp[0] == (w))) || \
-                               (((w) == 0) && ((a)->used == 0))) ? FP_YES : FP_NO)
-/* Number of bits used based on used field only. */
-#define fp_bitsused(a)   ((a)->used * DIGIT_BIT)
-
-/* set to a small digit */
-void fp_set(fp_int *a, fp_digit b);
-int  fp_set_int(fp_int *a, unsigned long b);
-
-/* check if a bit is set */
-int fp_is_bit_set(fp_int *a, fp_digit b);
-/* set the b bit to 1 */
-int fp_set_bit (fp_int * a, fp_digit b);
-
-/* copy from a to b */
-void fp_copy(const fp_int *a, fp_int *b);
-void fp_init_copy(fp_int *a, const fp_int *b);
-
-/* clamp digits */
-#define fp_clamp(a)   { while ((a)->used && (a)->dp[(a)->used-1] == 0) --((a)->used); (a)->sign = (a)->used ? (a)->sign : FP_ZPOS; }
-#define mp_clamp(a)   fp_clamp(a)
-#define mp_grow(a,s)  MP_OKAY
-
-/* negate and absolute */
-#define fp_neg(a, b)  { fp_copy(a, b); (b)->sign ^= 1; fp_clamp(b); }
-#define fp_abs(a, b)  { fp_copy(a, b); (b)->sign  = 0; }
-
-/* right shift x digits */
-void fp_rshd(fp_int *a, int x);
-
-/* right shift x bits */
-void fp_rshb(fp_int *c, int x);
-
-/* left shift x digits */
-int fp_lshd(fp_int *a, int x);
-
-/* signed comparison */
-int fp_cmp(fp_int *a, fp_int *b);
-
-/* unsigned comparison */
-int fp_cmp_mag(fp_int *a, fp_int *b);
-
-/* power of 2 operations */
-void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
-void fp_mod_2d(fp_int *a, int b, fp_int *c);
-int  fp_mul_2d(fp_int *a, int b, fp_int *c);
-void fp_2expt (fp_int *a, int b);
-int  fp_mul_2(fp_int *a, fp_int *b);
-void fp_div_2(fp_int *a, fp_int *b);
-/* c = a / 2 (mod b) - constant time (a < b and positive) */
-int fp_div_2_mod_ct(fp_int *a, fp_int *b, fp_int *c);
-
-
-/* Counts the number of lsbs which are zero before the first zero bit */
-int fp_cnt_lsb(fp_int *a);
-
-/* c = a + b */
-int fp_add(fp_int *a, fp_int *b, fp_int *c);
-
-/* c = a - b */
-int fp_sub(fp_int *a, fp_int *b, fp_int *c);
-
-/* c = a * b */
-int fp_mul(fp_int *a, fp_int *b, fp_int *c);
-
-/* b = a*a  */
-int fp_sqr(fp_int *a, fp_int *b);
-
-/* a/b => cb + d == a */
-int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
-
-/* c = a mod b, 0 <= c < b  */
-int fp_mod(fp_int *a, fp_int *b, fp_int *c);
-
-/* compare against a single digit */
-int fp_cmp_d(fp_int *a, fp_digit b);
-
-/* c = a + b */
-int fp_add_d(fp_int *a, fp_digit b, fp_int *c);
-
-/* c = a - b */
-int fp_sub_d(fp_int *a, fp_digit b, fp_int *c);
-
-/* c = a * b */
-int fp_mul_d(fp_int *a, fp_digit b, fp_int *c);
-
-/* a/b => cb + d == a */
-/*int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d);*/
-
-/* c = a mod b, 0 <= c < b  */
-/*int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c);*/
-
-/* ---> number theory <--- */
-/* d = a + b (mod c) */
-/*int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/
-
-/* d = a - b (mod c) */
-/*int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);*/
-
-/* d = a * b (mod c) */
-int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
-
-/* d = a - b (mod c) */
-int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
-
-/* d = a + b (mod c) */
-int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
-
-/* d = a - b (mod c) - constant time (a < c and b < c) */
-int fp_submod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
-
-/* d = a + b (mod c) - constant time (a < c and b < c) */
-int fp_addmod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d);
-
-/* c = a * a (mod b) */
-int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c);
-
-/* c = 1/a (mod b) */
-int fp_invmod(fp_int *a, fp_int *b, fp_int *c);
-int fp_invmod_mont_ct(fp_int *a, fp_int *b, fp_int *c, fp_digit mp);
-
-/* c = (a, b) */
-/*int fp_gcd(fp_int *a, fp_int *b, fp_int *c);*/
-
-/* c = [a, b] */
-/*int fp_lcm(fp_int *a, fp_int *b, fp_int *c);*/
-
-/* setups the montgomery reduction */
-int fp_montgomery_setup(fp_int *a, fp_digit *rho);
-
-/* computes a = B**n mod b without division or multiplication useful for
- * normalizing numbers in a Montgomery system.
- */
-int fp_montgomery_calc_normalization(fp_int *a, fp_int *b);
-
-/* computes x/R == x (mod N) via Montgomery Reduction */
-int fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
-int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
-
-/* d = a**b (mod c) */
-int fp_exptmod(fp_int *G, fp_int *X, fp_int *P, fp_int *Y);
-int fp_exptmod_ex(fp_int *G, fp_int *X, int minDigits, fp_int *P, fp_int *Y);
-int fp_exptmod_nct(fp_int *G, fp_int *X, fp_int *P, fp_int *Y);
-
-#ifdef WC_RSA_NONBLOCK
-
-enum tfmExptModNbState {
-  TFM_EXPTMOD_NB_INIT = 0,
-  TFM_EXPTMOD_NB_MONT,
-  TFM_EXPTMOD_NB_MONT_RED,
-  TFM_EXPTMOD_NB_MONT_MUL,
-  TFM_EXPTMOD_NB_MONT_MOD,
-  TFM_EXPTMOD_NB_MONT_MODCHK,
-  TFM_EXPTMOD_NB_NEXT,
-  TFM_EXPTMOD_NB_MUL,
-  TFM_EXPTMOD_NB_MUL_RED,
-  TFM_EXPTMOD_NB_SQR,
-  TFM_EXPTMOD_NB_SQR_RED,
-  TFM_EXPTMOD_NB_RED,
-  TFM_EXPTMOD_NB_COUNT /* last item for total state count only */
-};
-
-typedef struct {
-#ifndef WC_NO_CACHE_RESISTANT
-  fp_int   R[3];
-#else
-  fp_int   R[2];
-#endif
-  fp_digit buf;
-  fp_digit mp;
-  int bitcnt;
-  int digidx;
-  int y;
-  int state; /* tfmExptModNbState */
-#ifdef WC_RSA_NONBLOCK_TIME
-  word32 maxBlockInst; /* maximum instructions to block */
-  word32 totalInst;    /* tracks total instructions */
-#endif
-} exptModNb_t;
-
-#ifdef WC_RSA_NONBLOCK_TIME
-enum {
-  TFM_EXPTMOD_NB_STOP = 0,     /* stop and return FP_WOULDBLOCK */
-  TFM_EXPTMOD_NB_CONTINUE = 1, /* keep blocking */
-};
-#endif
-
-/* non-blocking version of timing resistant fp_exptmod function */
-/* supports cache resistance */
-int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y);
-
-#endif /* WC_RSA_NONBLOCK */
-
-/* primality stuff */
-
-/* perform a Miller-Rabin test of a to the base b and store result in "result" */
-/*void fp_prime_miller_rabin (fp_int * a, fp_int * b, int *result);*/
-
-#define FP_PRIME_SIZE      256
-/* 256 trial divisions + 8 Miller-Rabins, returns FP_YES if probable prime  */
-/*int fp_isprime(fp_int *a);*/
-/* extended version of fp_isprime, do 't' Miller-Rabins instead of only 8 */
-/*int fp_isprime_ex(fp_int *a, int t, int* result);*/
-
-/* Primality generation flags */
-/*#define TFM_PRIME_BBS      0x0001 */ /* BBS style prime */
-/*#define TFM_PRIME_SAFE     0x0002 */ /* Safe prime (p-1)/2 == prime */
-/*#define TFM_PRIME_2MSB_OFF 0x0004 */ /* force 2nd MSB to 0 */
-/*#define TFM_PRIME_2MSB_ON  0x0008 */ /* force 2nd MSB to 1 */
-
-/* callback for fp_prime_random, should fill dst with random bytes and return how many read [up to len] */
-/*typedef int tfm_prime_callback(unsigned char *dst, int len, void *dat);*/
-
-/*#define fp_prime_random(a, t, size, bbs, cb, dat) fp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?TFM_PRIME_BBS:0, cb, dat)*/
-
-/*int fp_prime_random_ex(fp_int *a, int t, int size, int flags, tfm_prime_callback cb, void *dat);*/
-
-/* radix conversions */
-int fp_count_bits(const fp_int *a);
-int fp_leading_bit(fp_int *a);
-
-int fp_unsigned_bin_size(const fp_int *a);
-int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c);
-int fp_to_unsigned_bin(const fp_int *a, unsigned char *b);
-int fp_to_unsigned_bin_len_ct(fp_int *a, unsigned char *out, int outSz);
-int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c);
-int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b);
-
-/*int fp_read_radix(fp_int *a, char *str, int radix);*/
-/*int fp_toradix(fp_int *a, char *str, int radix);*/
-/*int fp_toradix_n(fp_int * a, char *str, int radix, int maxlen);*/
-
-
-/* VARIOUS LOW LEVEL STUFFS */
-int  s_fp_add(fp_int *a, fp_int *b, fp_int *c);
-void s_fp_sub(fp_int *a, fp_int *b, fp_int *c);
-
-int  fp_mul_comba(fp_int *a, fp_int *b, fp_int *c);
-
-int  fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c);
-int  fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c);
-int  fp_sqr_comba(fp_int *a, fp_int *b);
-int  fp_sqr_comba_small(fp_int *a, fp_int *b);
-int  fp_sqr_comba3(fp_int *a, fp_int *b);
-int  fp_sqr_comba4(fp_int *a, fp_int *b);
-int  fp_sqr_comba6(fp_int *a, fp_int *b);
-int  fp_sqr_comba7(fp_int *a, fp_int *b);
-int  fp_sqr_comba8(fp_int *a, fp_int *b);
-int  fp_sqr_comba9(fp_int *a, fp_int *b);
-int  fp_sqr_comba12(fp_int *a, fp_int *b);
-int  fp_sqr_comba17(fp_int *a, fp_int *b);
-int  fp_sqr_comba20(fp_int *a, fp_int *b);
-int  fp_sqr_comba24(fp_int *a, fp_int *b);
-int  fp_sqr_comba28(fp_int *a, fp_int *b);
-int  fp_sqr_comba32(fp_int *a, fp_int *b);
-int  fp_sqr_comba48(fp_int *a, fp_int *b);
-int  fp_sqr_comba64(fp_int *a, fp_int *b);
-
-
-/**
- * Used by wolfSSL
- */
-
-/* Constants */
-#define MP_LT   FP_LT   /* less than    */
-#define MP_EQ   FP_EQ   /* equal to     */
-#define MP_GT   FP_GT   /* greater than */
-#define MP_RANGE MP_NOT_INF
-#define MP_OKAY FP_OKAY /* ok result    */
-#define MP_NO   FP_NO   /* yes/no result */
-#define MP_YES  FP_YES  /* yes/no result */
-#define MP_ZPOS FP_ZPOS
-#define MP_NEG  FP_NEG
-#define MP_MASK FP_MASK
-
-/* Prototypes */
-#define mp_zero(a)      fp_zero(a)
-#define mp_isone(a)     fp_isone(a)
-#define mp_iseven(a)    fp_iseven(a)
-#define mp_isneg(a)     fp_isneg(a)
-#define mp_setneg(a)    fp_setneg(a)
-#define mp_isword(a, w) fp_isword(a, w)
-#define mp_bitsused(a)  fp_bitsused(a)
-
-#define MP_RADIX_BIN  2
-#define MP_RADIX_OCT  8
-#define MP_RADIX_DEC  10
-#define MP_RADIX_HEX  16
-#define MP_RADIX_MAX  64
-
-#define mp_tobinary(M, S)  mp_toradix((M), (S), MP_RADIX_BIN)
-#define mp_tooctal(M, S)   mp_toradix((M), (S), MP_RADIX_OCT)
-#define mp_todecimal(M, S) mp_toradix((M), (S), MP_RADIX_DEC)
-#define mp_tohex(M, S)     mp_toradix((M), (S), MP_RADIX_HEX)
-
-MP_API int  mp_init (mp_int * a);
-MP_API int  mp_init_copy(fp_int * a, const fp_int * b);
-MP_API void mp_clear (mp_int * a);
-MP_API void mp_free (mp_int * a);
-MP_API void mp_forcezero (mp_int * a);
-MP_API int  mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
-                         mp_int* f);
-
-MP_API int  mp_add (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_sub (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_add_d (mp_int * a, mp_digit b, mp_int * c);
-
-MP_API int  mp_mul (mp_int * a, mp_int * b, mp_int * c);
-MP_API int  mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
-MP_API int  mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
-MP_API int  mp_submod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_addmod (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_submod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_addmod_ct (mp_int* a, mp_int* b, mp_int* c, mp_int* d);
-MP_API int  mp_mod(mp_int *a, mp_int *b, mp_int *c);
-MP_API int  mp_invmod(mp_int *a, mp_int *b, mp_int *c);
-MP_API int  mp_invmod_mont_ct(mp_int *a, mp_int *b, mp_int *c, fp_digit mp);
-MP_API int  mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
-MP_API int  mp_exptmod_ex (mp_int * g, mp_int * x, int minDigits, mp_int * p,
-                           mp_int * y);
-MP_API int  mp_exptmod_nct (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
-MP_API int  mp_mul_2d(mp_int *a, int b, mp_int *c);
-MP_API int  mp_2expt(mp_int* a, int b);
-
-MP_API int  mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
-
-MP_API int  mp_cmp(mp_int *a, mp_int *b);
-#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
-MP_API int  mp_cmp_d(mp_int *a, mp_digit b);
-
-MP_API int  mp_unsigned_bin_size(const mp_int * a);
-MP_API int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
-MP_API int  mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
-MP_API int  mp_to_unsigned_bin(const mp_int * a, unsigned char *b);
-MP_API int  mp_to_unsigned_bin_len_ct(mp_int * a, unsigned char *b, int c);
-MP_API int  mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
-
-MP_API int  mp_sub_d(fp_int *a, fp_digit b, fp_int *c);
-MP_API int  mp_copy(const fp_int* a, fp_int* b);
-MP_API int  mp_isodd(const mp_int* a);
-MP_API int  mp_iszero(const mp_int* a);
-MP_API int  mp_count_bits(const mp_int *a);
-MP_API int  mp_leading_bit(mp_int *a);
-MP_API int  mp_set_int(mp_int *a, unsigned long b);
-MP_API int  mp_is_bit_set (mp_int * a, mp_digit b);
-MP_API int  mp_set_bit (mp_int * a, mp_digit b);
-MP_API void mp_rshb(mp_int *a, int x);
-MP_API void mp_rshd(mp_int *a, int x);
-MP_API int mp_toradix (mp_int *a, char *str, int radix);
-MP_API int mp_radix_size (mp_int * a, int radix, int *size);
-
-#ifdef WOLFSSL_DEBUG_MATH
-    MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
-#else
-    #define mp_dump(desc, a, verbose) WC_DO_NOTHING
-#endif
-
-#if defined(OPENSSL_EXTRA) || !defined(NO_DSA) || defined(HAVE_ECC)
-    MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
-#endif
-
-#define mp_montgomery_reduce_ct(a, m, mp) \
-    mp_montgomery_reduce_ex(a, m, mp, 1)
-MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
-MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
-MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
-MP_API int mp_sqr(fp_int *a, fp_int *b);
-
-#ifdef HAVE_ECC
-    MP_API int mp_div_2(fp_int * a, fp_int * b);
-    MP_API int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c);
-#endif
-
-#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DSA) || \
-    defined(WOLFSSL_KEY_GEN)
-    MP_API int mp_set(fp_int *a, fp_digit b);
-#endif
-
-#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
-    !defined(NO_DSA) || !defined(NO_DH)
-    MP_API int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
-    MP_API int mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
-#endif
-
-#if !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) || defined(WOLFSSL_KEY_GEN)
-MP_API int  mp_prime_is_prime(mp_int* a, int t, int* result);
-MP_API int  mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng);
-#endif /* !NO_DH || !NO_DSA || !NO_RSA || WOLFSSL_KEY_GEN */
-#ifdef WOLFSSL_KEY_GEN
-MP_API int  mp_gcd(fp_int *a, fp_int *b, fp_int *c);
-MP_API int  mp_lcm(fp_int *a, fp_int *b, fp_int *c);
-MP_API int  mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap);
-MP_API int  mp_exch(mp_int *a, mp_int *b);
-#endif /* WOLFSSL_KEY_GEN */
-MP_API int  mp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t);
-MP_API int  mp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m);
-
-MP_API int  mp_cnt_lsb(fp_int *a);
-MP_API int  mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
-MP_API int  mp_mod_2d(fp_int *a, int b, fp_int *c);
-MP_API int  mp_mod_d(fp_int* a, fp_digit b, fp_digit* c);
-MP_API int  mp_lshd (mp_int * a, int b);
-MP_API int  mp_abs(mp_int* a, mp_int* b);
-
-WOLFSSL_API word32 CheckRunTimeFastMath(void);
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-void mp_memzero_add(const char* name, mp_int* a);
-void mp_memzero_check(mp_int* a);
-#endif
-
-/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math FP_SIZE
-   must match, return 1 if a match otherwise 0 */
-#define CheckFastMathSettings() (FP_SIZE == CheckRunTimeFastMath())
-
-
-#ifdef __cplusplus
-   }
-#endif
-
-#endif  /* WOLF_CRYPT_TFM_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/user_settings.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/user_settings.h
index 5fb4c1ba2..1019a94f3 100644
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/user_settings.h
+++ b/include/bitcoin/ssl/wolfssl/wolfcrypt/user_settings.h
@@ -102,6 +102,7 @@
 /* Remove unused or undesired components. */
 #define WOLFSSL_NO_CLIENT_AUTH
 #define NO_SESSION_CACHE
+#define NO_PWDBASED
 #define NO_OLD_TLS
 #define NO_OCSP
 #define NO_DES3
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_lms.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_lms.h
deleted file mode 100644
index 5c3e4a2be..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_lms.h
+++ /dev/null
@@ -1,506 +0,0 @@
-/* wc_lms.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation based on:
- *   RFC 8554: Leighton-Micali Hash-Based Signatures
- *   https://datatracker.ietf.org/doc/html/rfc8554
- * Implementation by Sean Parkinson.
- */
-
-/* Possible LMS options:
- *
- * WOLFSSL_LMS_LARGE_CACHES                             Default: OFF
- *   Authentication path caches are large and signing faster.
- * WOLFSSL_LMS_ROOT_LEVELS                              Default: 5 (Large: 7)
- *   Number of levels of interior nodes from the to to cached.
- *   Valid value are: 1..height of subtree.
- *   The bigger the number, the larger the LmsKey but faster signing.
- *   Only applies when !WOLFSSL_WC_LMS_SMALL.
- * WOLFSSL_LMS_CACHE_BITS                               Default: 5 (Large: 7)
- *   2 to the power of the value is the number of leaf nodes to cache.
- *   Maximum valid value is height of subtree.
- *   Valid value are: 0..height of subtree.
- *   The bigger the number, the larger the LmsKey but faster signing.
- *   Only applies when !WOLFSSL_WC_LMS_SMALL.
- *
- * Memory/Level | R/C | Approx. Time (% of 5/5)
- *      (Bytes) |     |  H=10  |  H=15  |  H=20
- * -------------+--------------+--------+--------
- *         2016 | 5/5 | 100.0% | 100.0% | 100.0%
- *         3040 | 5/6 |  75.5% |  89.2% |
- *         4064 | 6/6 |  75.3% |  78.8% |
- *         4576 | 4/7 |  72.4% |  87.6% |
- *         6112 | 6/7 |  72.1% |  67.5% |
- *         8160 | 7/7 |  72.2% |  56.8% |
- *         8416 | 3/8 |  66.4% |  84.9% |
- *        12256 | 7/8 |  66.5% |  45.9% |
- *        16352 | 8/8 |  66.0% |  35.0% |
- *        16416 | 1/9 |  54.1% |  79.5% |
- * R = Root levels
- * C = Cache bits
- * To mimic the dynamic memory usage of XMSS, use 3/3.
- *
- * WOLFSSL_LMS_NO_SIGN SMOOTHING                        Default: OFF
- *   Disable precalculation of next subtree.
- *   Use less dynamic memory.
- *   At certain indexes, signing will take a long time compared to the mean.
- *   When OFF, the private key holds a second copy of caches.
- *
- * WOLFSSL_LMS_NO_SIG_CACHE                             Default: OFF
- *   Signature cache is disabled.
- *   This will use less dynamic memory and make signing slower when multiple
- *   levels.
- *
- * Sig cache holds the C and y hashes for a tree that is not the lowest.
- * Sig cache size = (levels - 1) * (1 + p) * 32 bytes
- * p is the number of y terms based on Winternitz width.
- *
- *  w |  p | l | Bytes
- * ---+----+---+------
- *  4 | 67 | 2 |  2176
- *  4 | 67 | 3 |  4353
- *  4 | 67 | 4 |  6528
- *  8 | 34 | 2 |  1120
- *  8 | 34 | 3 |  2240
- *  8 | 34 | 4 |  3360
- * w = Winternitz width
- * l = #levels
- */
-
-#ifndef WC_LMS_H
-#define WC_LMS_H
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_WC_LMS)
-
-#include <wolfssl/wolfcrypt/lms.h>
-#include <wolfssl/wolfcrypt/sha256.h>
-
-#ifdef WOLFSSL_LMS_MAX_LEVELS
-    /* Maximum number of levels of trees supported by implementation. */
-    #define LMS_MAX_LEVELS          WOLFSSL_LMS_MAX_LEVELS
-#else
-    /* Maximum number of levels of trees supported by implementation. */
-    #define LMS_MAX_LEVELS          4
-#endif
-#if (LMS_MAX_LEVELS < 1) || (LMS_MAX_LEVELS > 4)
-    #error "LMS parameters only support heights 1-4."
-#endif
-
-/* Smoothing is only used when there are 2 or more levels. */
-#if LMS_MAX_LEVELS == 1 && !defined(WOLFSSL_LMS_NO_SIGN_SMOOTHING)
-    #define WOLFSSL_LMS_NO_SIGN_SMOOTHING
-#endif
-
-#ifdef WOLFSSL_LMS_MAX_HEIGHT
-    /* Maximum height of a tree supported by implementation. */
-    #define LMS_MAX_HEIGHT          WOLFSSL_LMS_MAX_HEIGHT
-#else
-    /* Maximum height of a tree supported by implementation. */
-    #define LMS_MAX_HEIGHT          20
-#endif
-#if (LMS_MAX_HEIGHT < 5) || (LMS_MAX_HEIGHT > 20)
-    #error "LMS parameters only support heights 5-20."
-#endif
-
-/* Length of I in bytes. */
-#define LMS_I_LEN                   16
-/* Length of L in bytes. */
-#define LMS_L_LEN                   4
-/* Length of Q for a level. */
-#define LMS_Q_LEN                   4
-/* Length of P in bytes. */
-#define LMS_P_LEN                   2
-/* Length of W in bytes. */
-#define LMS_W_LEN                   1
-
-/* Length of numeric types when encoding. */
-#define LMS_TYPE_LEN                4
-
-/* Size of digest output when truncatint SHA-256 to 192 bits. */
-#define WC_SHA256_192_DIGEST_SIZE   24
-
-/* Maximum size of a node hash. */
-#define LMS_MAX_NODE_LEN            WC_SHA256_DIGEST_SIZE
-/* Maximum size of SEED (produced by hash). */
-#define LMS_SEED_LEN                WC_SHA256_DIGEST_SIZE
-/* Maximum number of P, number of n-byte string elements in LM-OTS signature.
- * Value of P when N=32 and W=1.
- */
-#define LMS_MAX_P                   265
-
-
-#ifndef WOLFSSL_LMS_ROOT_LEVELS
-    #ifdef WOLFSSL_LMS_LARGE_CACHES
-        /* Number of root levels of interior nodes to store.  */
-        #define LMS_ROOT_LEVELS         7
-    #else
-        /* Number of root levels of interior nodes to store.  */
-        #define LMS_ROOT_LEVELS         5
-    #endif
-#else
-    #define LMS_ROOT_LEVELS             WOLFSSL_LMS_ROOT_LEVELS
-#endif
-#if LMS_ROOT_LEVELS <= 0
-    #error "LMS_ROOT_LEVELS must be greater than 0."
-#endif
-/* Count of root nodes to store per level. */
-#define LMS_ROOT_COUNT              ((1 << (LMS_ROOT_LEVELS)) - 1)
-
-#ifndef WOLFSSL_LMS_CACHE_BITS
-    #ifdef WOLFSSL_LMS_LARGE_CACHES
-        /* 2 to the power of the value is the number of leaf nodes to cache. */
-        #define LMS_CACHE_BITS          7
-    #else
-        /* 2 to the power of the value is the number of leaf nodes to cache. */
-        #define LMS_CACHE_BITS          5
-    #endif
-#else
-    #define LMS_CACHE_BITS              WOLFSSL_LMS_CACHE_BITS
-#endif
-#if LMS_CACHE_BITS < 0
-    #error "LMS_CACHE_BITS must be greater than or equal to 0."
-#endif
-/* Number of leaf nodes to cache. */
-#define LMS_LEAF_CACHE              (1 << LMS_CACHE_BITS)
-
-/* Maximum number of levels of trees described in private key. */
-#define HSS_MAX_LEVELS              8
-/* Length of full Q in bytes. Q from all levels combined. */
-#define HSS_Q_LEN                   8
-
-/* Compressed parameter set length in bytes. */
-#define HSS_COMPRESS_PARAM_SET_LEN  1
-/* Total compressed parameter set length for private key in bytes. */
-#define HSS_PRIV_KEY_PARAM_SET_LEN  \
-    (HSS_COMPRESS_PARAM_SET_LEN * HSS_MAX_LEVELS)
-
-/* Private key length for one level. */
-#define LMS_PRIV_LEN(hLen)          \
-    (LMS_Q_LEN + (hLen) + LMS_I_LEN)
-/* Public key length in signature. */
-#define LMS_PUBKEY_LEN(hLen)        \
-    (LMS_TYPE_LEN + LMS_TYPE_LEN + LMS_I_LEN + (hLen))
-
-/* LMS signature data length. */
-#define LMS_SIG_LEN(h, p, hLen)                                                \
-    (LMS_Q_LEN + LMS_TYPE_LEN + (hLen) + (p) * (hLen) + LMS_TYPE_LEN +         \
-     (h) * (hLen))
-
-/* Length of public key. */
-#define HSS_PUBLIC_KEY_LEN(hLen)        (LMS_L_LEN + LMS_PUBKEY_LEN(hLen))
-/* Length of private key. */
-#define HSS_PRIVATE_KEY_LEN(hLen)   \
-    (HSS_Q_LEN + HSS_PRIV_KEY_PARAM_SET_LEN + (hLen) + LMS_I_LEN)
-/* Maximum public key length - length is constant for all parameters. */
-#define HSS_MAX_PRIVATE_KEY_LEN     HSS_PRIVATE_KEY_LEN(LMS_MAX_NODE_LEN)
-/* Maximum private key length - length is constant for all parameters. */
-#define HSS_MAX_PUBLIC_KEY_LEN      HSS_PUBLIC_KEY_LEN(LMS_MAX_NODE_LEN)
-/* Maximum signature length. */
-#define HSS_MAX_SIG_LEN                                                        \
-    (LMS_TYPE_LEN +                                                            \
-     LMS_MAX_LEVELS * (LMS_Q_LEN + LMS_TYPE_LEN + LMS_TYPE_LEN +               \
-                       LMS_MAX_NODE_LEN * (1 + LMS_MAX_P + LMS_MAX_HEIGHT)) +  \
-     (LMS_MAX_LEVELS - 1) * LMS_PUBKEY_LEN(LMS_MAX_NODE_LEN))
-
-/* Maximum buffer length required for use when hashing. */
-#define LMS_MAX_BUFFER_LEN          \
-    (LMS_I_LEN + LMS_Q_LEN + LMS_P_LEN + LMS_W_LEN + 2 * LMS_MAX_NODE_LEN)
-
-
-/* Private key data length.
- *
- * HSSPrivKey.priv
- */
-#define LMS_PRIV_KEY_LEN(l, hLen)           \
-    ((l) * LMS_PRIV_LEN(hLen))
-
-/* Stack of nodes. */
-#define LMS_STACK_CACHE_LEN(h, hLen)        \
-     (((h) + 1) * (hLen))
-
-/* Root cache length. */
-#define LMS_ROOT_CACHE_LEN(rl, hLen)        \
-    (((1 << (rl)) - 1) * (hLen))
-
-/* Leaf cache length. */
-#define LMS_LEAF_CACHE_LEN(cb, hLen)        \
-    ((1 << (cb)) * (hLen))
-
-/* Length of LMS private key state.
- *
- * LmsPrivState
- *   auth_path +
- *   root +
- *   stack.stack + stack.offset +
- *   cache.leaf + cache.index + cache.offset
- */
-#define LMS_PRIV_STATE_LEN(h, rl, cb, hLen)     \
-    (((h) * (hLen)) +                           \
-     LMS_STACK_CACHE_LEN(h, hLen) + 4 +         \
-     LMS_ROOT_CACHE_LEN(rl, hLen) +             \
-     LMS_LEAF_CACHE_LEN(cb, hLen) + 4 + 4)
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-    /* Private key data state for all levels. */
-    #define LMS_PRIV_STATE_ALL_LEN(l, h, rl, cb, hLen)  \
-         ((l) * LMS_PRIV_STATE_LEN(h, rl, cb, hLen))
-#else
-    /* Private key data state for all levels. */
-    #define LMS_PRIV_STATE_ALL_LEN(l, h, rl, cb, hLen)  0
-#endif
-
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-    /* Extra private key data for smoothing. */
-    #define LMS_PRIV_SMOOTH_LEN(l, h, rl, cb, hLen)         \
-        (LMS_PRIV_KEY_LEN(l, hLen) +                        \
-         ((l) - 1) * LMS_PRIV_STATE_LEN(h, rl, cb, hLen))
-#else
-    /* Extra private key data for smoothing. */
-    #define LMS_PRIV_SMOOTH_LEN(l, h, rl, cb, hLen)     0
-#endif
-
-#ifndef WOLFSSL_LMS_NO_SIG_CACHE
-    #define LMS_PRIV_Y_TREE_LEN(p, hLen)                            \
-        ((hLen) + (p) * (hLen))
-    /* Length of the y data cached in private key data. */
-    #define LMS_PRIV_Y_LEN(l, p, hLen)                              \
-        (((l) - 1) * ((hLen) + (p) * (hLen)))
-#else
-    /* Length of the y data cached in private key data. */
-    #define LMS_PRIV_Y_LEN(l, p, hLen)      0
-#endif
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-/* Length of private key data. */
-#define LMS_PRIV_DATA_LEN(l, h, p, rl, cb, hLen)    \
-    (LMS_PRIV_KEY_LEN(l, hLen) +                    \
-     LMS_PRIV_STATE_ALL_LEN(l, h, rl, cb, hLen) +   \
-     LMS_PRIV_SMOOTH_LEN(l, h, rl, cb, hLen) +      \
-     LMS_PRIV_Y_LEN(l, p, hLen))
-#else
-#define LMS_PRIV_DATA_LEN(l, h, p, rl, cb, hLen)    \
-    LMS_PRIV_KEY_LEN(l, hLen)
-#endif
-
-/* Indicates using SHA-256 for hashing. */
-#define LMS_SHA256                  0x0000
-/* Indicates using SHA-256/192 for hashing. */
-#define LMS_SHA256_192              0x1000
-/* Mask to get hashing algorithm from type. */
-#define LMS_HASH_MASK               0xf000
-/* Mask to get height or Winternitz width from type. */
-#define LMS_H_W_MASK                0x0fff
-
-/* LMS Parameters. */
-/* SHA-256 hash, 32-bytes of hash used, tree height of 5. */
-#define LMS_SHA256_M32_H5           0x05
-/* SHA-256 hash, 32-bytes of hash used, tree height of 10. */
-#define LMS_SHA256_M32_H10          0x06
-/* SHA-256 hash, 32-bytes of hash used, tree height of 15. */
-#define LMS_SHA256_M32_H15          0x07
-/* SHA-256 hash, 32-bytes of hash used, tree height of 20. */
-#define LMS_SHA256_M32_H20          0x08
-/* SHA-256 hash, 32-bytes of hash used, tree height of 25. */
-#define LMS_SHA256_M32_H25          0x09
-
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 1 bit. */
-#define LMOTS_SHA256_N32_W1         0x01
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 2 bits. */
-#define LMOTS_SHA256_N32_W2         0x02
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 4 bits. */
-#define LMOTS_SHA256_N32_W4         0x03
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 8 bits. */
-#define LMOTS_SHA256_N32_W8         0x04
-
-/* SHA-256 hash, 32-bytes of hash used, tree height of 5. */
-#define LMS_SHA256_M24_H5           (0x0a | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, tree height of 10. */
-#define LMS_SHA256_M24_H10          (0x0b | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, tree height of 15. */
-#define LMS_SHA256_M24_H15          (0x0c | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, tree height of 20. */
-#define LMS_SHA256_M24_H20          (0x0d | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, tree height of 25. */
-#define LMS_SHA256_M24_H25          (0x0e | LMS_SHA256_192)
-
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 1 bit. */
-#define LMOTS_SHA256_N24_W1         (0x05 | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 2 bits. */
-#define LMOTS_SHA256_N24_W2         (0x06 | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 4 bits. */
-#define LMOTS_SHA256_N24_W4         (0x07 | LMS_SHA256_192)
-/* SHA-256 hash, 32-bytes of hash used, Winternitz width of 8 bits. */
-#define LMOTS_SHA256_N24_W8         (0x08 | LMS_SHA256_192)
-
-typedef struct LmsParams {
-    /* Number of tree levels. */
-    word8 levels;
-    /* Height of each tree. */
-    word8 height;
-    /* Width or Winternitz coefficient. */
-    word8 width;
-    /* Number of left-shift bits used in checksum calculation. */
-    word8 ls;
-    /* Number of n-byte string elements in LM-OTS signature. */
-    word16 p;
-    /* LMS type. */
-    word16 lmsType;
-    /* LMOTS type. */
-    word16 lmOtsType;
-    /* Length of LM-OTS signature. */
-    word16 sig_len;
-    /* Length of seed. */
-    word16 hash_len;
-#ifndef WOLFSSL_WC_LMS_SMALL
-    /* Number of root levels of interior nodes to store. */
-    word8 rootLevels;
-    /* 2 to the power of the value is the number of leaf nodes to cache. */
-    word8 cacheBits;
-#endif
-} LmsParams;
-
-/* Mapping of id and string to parameters. */
-typedef struct wc_LmsParamsMap {
-    /* Identifier of parameters. */
-    enum wc_LmsParm id;
-    /* String representation of identifier of parameters. */
-#ifdef WOLFSSL_NAMES_STATIC
-    const char str[32]; /* large enough for largest string in wc_lms_map[] */
-#else
-    const char* str;
-#endif
-    /* LMS parameter set. */
-    LmsParams params;
-} wc_LmsParamsMap;
-
-typedef struct LmsState {
-    /* Buffer to hold data to hash. */
-    ALIGN16 byte buffer[LMS_MAX_BUFFER_LEN];
-#ifdef WOLFSSL_SMALL_STACK
-    /* Buffer to hold expanded Q coefficients. */
-    ALIGN16 byte a[LMS_MAX_P];
-#endif
-    /* LMS parameters. */
-    const LmsParams* params;
-    /* Hash algorithm. */
-    wc_Sha256 hash;
-    /* Hash algorithm for calculating K. */
-    wc_Sha256 hash_k;
-} LmsState;
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-/* Stack of interior node hashes. */
-typedef struct LmsStack {
-    /* Stack nodes. */
-    byte* stack;
-    /* Top of stack offset. */
-    word32 offset;
-} LmsStack;
-
-/* Cache of leaf hashes. */
-typedef struct HssLeafCache {
-    /* Cache of leaf nodes. Circular queue. */
-    byte* cache;
-    /* Start index of cached leaf nodes. */
-    word32 idx;
-    /* Index into cache of first leaf node. */
-    word32 offset;
-} HssLeafCache;
-
-typedef struct LmsPrivState {
-    /* Authentication path for current index. */
-    byte* auth_path;
-    /* Stack nodes. */
-    LmsStack stack;
-    /* Root nodes. */
-    byte* root;
-    /* Cache of leaf nodes. */
-    HssLeafCache leaf;
-} LmsPrivState;
-#endif /* WOLFSSL_WC_LMS_SMALL */
-
-typedef struct HssPrivKey {
-    /* Private key. */
-    byte* priv;
-#ifndef WOLFSSL_WC_LMS_SMALL
-    /* Per level state of the private key. */
-    LmsPrivState state[LMS_MAX_LEVELS];
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-    /* Next private key. */
-    byte* next_priv;
-    /* Next private state. */
-    LmsPrivState next_state[LMS_MAX_LEVELS - 1];
-#endif
-#ifndef WOLFSSL_LMS_NO_SIG_CACHE
-    /* Per level state of the private key. */
-    byte* y;
-#endif
-    /* Indicates the key has all levels initialized. */
-    word8 inited:1;
-#endif
-} HssPrivKey;
-
-struct LmsKey {
-    /* Public key. */
-    ALIGN16 byte pub[HSS_PUBLIC_KEY_LEN(LMS_MAX_NODE_LEN)];
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-    /* Encoded private key. */
-    ALIGN16 byte priv_raw[HSS_MAX_PRIVATE_KEY_LEN];
-
-    /* Packed private key data. */
-    byte* priv_data;
-    /* HSS Private key. */
-    HssPrivKey priv;
-
-    /* Callback to write/update key. */
-    wc_lms_write_private_key_cb write_private_key;
-    /* Callback to read key. */
-    wc_lms_read_private_key_cb  read_private_key;
-    /* Context arg passed to callbacks. */
-    void*                context;
-    /* Dynamic memory hint. */
-    void* heap;
-#endif /* !WOLFSSL_LMS_VERIFY_ONLY */
-    /* Parameters of key. */
-    const LmsParams* params;
-    /* Current state of key. */
-    enum wc_LmsState state;
-#ifdef WOLF_CRYPTO_CB
-    /* Device Identifier. */
-    int devId;
-#endif
-};
-
-int wc_hss_make_key(LmsState* state, WC_RNG* rng, byte* priv_raw,
-    HssPrivKey* priv_key, byte* priv_data, byte* pub);
-int wc_hss_reload_key(LmsState* state, const byte* priv_raw,
-    HssPrivKey* priv_key, byte* priv_data, byte* pub_root);
-int wc_hss_sign(LmsState* state, byte* priv_raw, HssPrivKey* priv_key,
-    byte* priv_data, const byte* msg, word32 msgSz, byte* sig);
-int wc_hss_sigsleft(const LmsParams* params, const byte* priv_raw);
-int wc_hss_verify(LmsState* state, const byte* pub, const byte* msg,
-    word32 msgSz, const byte* sig);
-
-#endif /* WOLFSSL_HAVE_LMS && WOLFSSL_WC_LMS */
-
-#endif /* WC_LMS_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_mlkem.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_mlkem.h
deleted file mode 100644
index 91e015f36..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_mlkem.h
+++ /dev/null
@@ -1,370 +0,0 @@
-/* wc_mlkem.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/wc_mlkem.h
-*/
-
-
-#ifndef WOLF_CRYPT_WC_MLKEM_H
-#define WOLF_CRYPT_WC_MLKEM_H
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/sha3.h>
-#include <wolfssl/wolfcrypt/mlkem.h>
-
-#ifdef WOLFSSL_HAVE_MLKEM
-
-#ifdef WOLFSSL_KYBER_NO_MAKE_KEY
-    #define WOLFSSL_MLKEM_NO_MAKE_KEY
-#endif
-#ifdef WOLFSSL_KYBER_NO_ENCAPSULATE
-    #define WOLFSSL_MLKEM_NO_ENCAPSULATE
-#endif
-#ifdef WOLFSSL_KYBER_NO_DECAPSULATE
-    #define WOLFSSL_MLKEM_NO_DECAPSULATE
-#endif
-
-#ifdef noinline
-    #define MLKEM_NOINLINE noinline
-#elif defined(_MSC_VER)
-    #define MLKEM_NOINLINE __declspec(noinline)
-#elif defined(__GNUC__)
-    #define MLKEM_NOINLINE __attribute__((noinline))
-#else
-    #define MLKEM_NOINLINE
-#endif
-
-enum {
-    /* Flags of Kyber keys. */
-    MLKEM_FLAG_PRIV_SET = 0x0001,
-    MLKEM_FLAG_PUB_SET  = 0x0002,
-    MLKEM_FLAG_BOTH_SET = 0x0003,
-    MLKEM_FLAG_H_SET    = 0x0004,
-    MLKEM_FLAG_A_SET    = 0x0008,
-
-    /* 2 bits of random used to create noise value. */
-    MLKEM_CBD_ETA2      = 2,
-    /* 3 bits of random used to create noise value. */
-    MLKEM_CBD_ETA3      = 3,
-
-    /* Number of bits to compress to. */
-    MLKEM_COMP_4BITS    =  4,
-    MLKEM_COMP_5BITS    =  5,
-    MLKEM_COMP_10BITS   = 10,
-    MLKEM_COMP_11BITS   = 11,
-};
-
-
-/* SHAKE128 rate. */
-#define XOF_BLOCK_SIZE      168
-
-/* Modulus of co-efficients of polynomial. */
-#define MLKEM_Q             3329
-
-
-/* Kyber-512 parameters */
-#ifdef WOLFSSL_WC_ML_KEM_512
-/* Number of bits of random to create noise from. */
-#define WC_ML_KEM_512_ETA1       MLKEM_CBD_ETA3
-#endif /* WOLFSSL_WC_ML_KEM_512 */
-
-/* Kyber-768 parameters */
-#ifdef WOLFSSL_WC_ML_KEM_768
-/* Number of bits of random to create noise from. */
-#define WC_ML_KEM_768_ETA1       MLKEM_CBD_ETA2
-#endif /* WOLFSSL_WC_ML_KEM_768 */
-
-/* Kyber-1024 parameters */
-#ifdef WOLFSSL_WC_ML_KEM_1024
-/* Number of bits of random to create noise from. */
-#define WC_ML_KEM_1024_ETA1      MLKEM_CBD_ETA2
-#endif /* WOLFSSL_KYBER1024 */
-
-
-
-/* The data type of the hash function. */
-#define MLKEM_HASH_T    wc_Sha3
-
-/* The data type of the pseudo-random function. */
-#define MLKEM_PRF_T     wc_Shake
-
-/* ML-KEM key. */
-struct MlKemKey {
-    /* Type of key: WC_ML_KEM_512, WC_ML_KEM_768, WC_ML_KEM_1024 */
-    int type;
-    /* Dynamic memory allocation hint. */
-    void* heap;
-#if defined(WOLF_CRYPTO_CB)
-    /* Device Id. */
-    int devId;
-#endif
-    /* Flags indicating what is stored in the key. */
-    int flags;
-
-    /* A pseudo-random function object. */
-    MLKEM_HASH_T hash;
-    /* A pseudo-random function object. */
-    MLKEM_PRF_T prf;
-
-    /* Private key as a vector. */
-    sword16 priv[WC_ML_KEM_MAX_K * MLKEM_N];
-    /* Public key as a vector. */
-    sword16 pub[WC_ML_KEM_MAX_K * MLKEM_N];
-    /* Public seed. */
-    byte pubSeed[WC_ML_KEM_SYM_SZ];
-    /* Public hash - hash of encoded public key. */
-    byte h[WC_ML_KEM_SYM_SZ];
-    /* Randomizer for decapsulation. */
-    byte z[WC_ML_KEM_SYM_SZ];
-#ifdef WOLFSSL_MLKEM_CACHE_A
-    /* A matrix from key generation. */
-    sword16 a[WC_ML_KEM_MAX_K * WC_ML_KEM_MAX_K * MLKEM_N];
-#endif
-};
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_LOCAL
-void mlkem_init(void);
-
-#ifndef WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-WOLFSSL_LOCAL
-void mlkem_keygen(sword16* priv, sword16* pub, sword16* e, const sword16* a,
-    int kp);
-#else
-WOLFSSL_LOCAL
-int mlkem_keygen_seeds(sword16* priv, sword16* pub, MLKEM_PRF_T* prf,
-    sword16* e, int kp, byte* seed, byte* noiseSeed);
-#endif
-#ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
-WOLFSSL_LOCAL
-void mlkem_encapsulate(const sword16* pub, sword16* bp, sword16* v,
-    const sword16* at, sword16* sp, const sword16* ep, const sword16* epp,
-    const sword16* m, int kp);
-#else
-WOLFSSL_LOCAL
-int mlkem_encapsulate_seeds(const sword16* pub, MLKEM_PRF_T* prf, sword16* bp,
-    sword16* tp, sword16* sp, int kp, const byte* msg, byte* seed,
-    byte* coins);
-#endif
-WOLFSSL_LOCAL
-void mlkem_decapsulate(const sword16* priv, sword16* mp, sword16* bp,
-    const sword16* v, int kp);
-
-WOLFSSL_LOCAL
-int mlkem_gen_matrix(MLKEM_PRF_T* prf, sword16* a, int kp, byte* seed,
-    int transposed);
-WOLFSSL_LOCAL
-int mlkem_get_noise(MLKEM_PRF_T* prf, int kp, sword16* vec1, sword16* vec2,
-    sword16* poly, byte* seed);
-
-#if defined(USE_INTEL_SPEEDUP) || \
-        (defined(WOLFSSL_ARMASM) && defined(__aarch64__))
-WOLFSSL_LOCAL
-int mlkem_kdf(byte* seed, int seedLen, byte* out, int outLen);
-#endif
-WOLFSSL_LOCAL
-void mlkem_hash_init(MLKEM_HASH_T* hash);
-WOLFSSL_LOCAL
-int mlkem_hash_new(MLKEM_HASH_T* hash, void* heap, int devId);
-WOLFSSL_LOCAL
-void mlkem_hash_free(MLKEM_HASH_T* hash);
-WOLFSSL_LOCAL
-int mlkem_hash256(wc_Sha3* hash, const byte* data, word32 dataLen, byte* out);
-WOLFSSL_LOCAL
-int mlkem_hash512(wc_Sha3* hash, const byte* data1, word32 data1Len,
-    const byte* data2, word32 data2Len, byte* out);
-
-WOLFSSL_LOCAL
-int mlkem_derive_secret(MLKEM_PRF_T* prf, const byte* z, const byte* ct,
-    word32 ctSz, byte* ss);
-
-WOLFSSL_LOCAL
-void mlkem_prf_init(MLKEM_PRF_T* prf);
-WOLFSSL_LOCAL
-int mlkem_prf_new(MLKEM_PRF_T* prf, void* heap, int devId);
-WOLFSSL_LOCAL
-void mlkem_prf_free(MLKEM_PRF_T* prf);
-
-WOLFSSL_LOCAL
-int mlkem_cmp(const byte* a, const byte* b, int sz);
-
-WOLFSSL_LOCAL
-void mlkem_vec_compress_10(byte* r, sword16* v, unsigned int kp);
-WOLFSSL_LOCAL
-void mlkem_vec_compress_11(byte* r, sword16* v);
-WOLFSSL_LOCAL
-void mlkem_vec_decompress_10(sword16* v, const unsigned char* b,
-    unsigned int kp);
-WOLFSSL_LOCAL
-void mlkem_vec_decompress_11(sword16* v, const unsigned char* b);
-
-WOLFSSL_LOCAL
-void mlkem_compress_4(byte* b, sword16* p);
-WOLFSSL_LOCAL
-void mlkem_compress_5(byte* b, sword16* p);
-WOLFSSL_LOCAL
-void mlkem_decompress_4(sword16* p, const unsigned char* b);
-WOLFSSL_LOCAL
-void mlkem_decompress_5(sword16* p, const unsigned char* b);
-
-WOLFSSL_LOCAL
-void mlkem_from_msg(sword16* p, const byte* msg);
-WOLFSSL_LOCAL
-void mlkem_to_msg(byte* msg, sword16* p);
-WOLFSSL_LOCAL
-void mlkem_from_bytes(sword16* p, const byte* b, int k);
-WOLFSSL_LOCAL
-void mlkem_to_bytes(byte* b, sword16* p, int k);
-
-#ifdef USE_INTEL_SPEEDUP
-WOLFSSL_LOCAL
-void mlkem_keygen_avx2(sword16* priv, sword16* pub, sword16* e,
-    const sword16* a, int kp);
-WOLFSSL_LOCAL
-void mlkem_encapsulate_avx2(const sword16* pub, sword16* bp, sword16* v,
-    const sword16* at, sword16* sp, const sword16* ep, const sword16* epp,
-    const sword16* m, int kp);
-WOLFSSL_LOCAL
-void mlkem_decapsulate_avx2(const sword16* priv, sword16* mp, sword16* bp,
-    const sword16* v, int kp);
-
-WOLFSSL_LOCAL
-unsigned int mlkem_rej_uniform_n_avx2(sword16* p, unsigned int len,
-    const byte* r, unsigned int rLen);
-WOLFSSL_LOCAL
-unsigned int mlkem_rej_uniform_avx2(sword16* p, unsigned int len, const byte* r,
-    unsigned int rLen);
-WOLFSSL_LOCAL
-void mlkem_redistribute_21_rand_avx2(const word64* s, byte* r0, byte* r1,
-    byte* r2, byte* r3);
-void mlkem_redistribute_17_rand_avx2(const word64* s, byte* r0, byte* r1,
-    byte* r2, byte* r3);
-void mlkem_redistribute_16_rand_avx2(const word64* s, byte* r0, byte* r1,
-    byte* r2, byte* r3);
-void mlkem_redistribute_8_rand_avx2(const word64* s, byte* r0, byte* r1,
-    byte* r2, byte* r3);
-
-WOLFSSL_LOCAL
-void mlkem_cbd_eta2_avx2(sword16* p, const byte* r);
-WOLFSSL_LOCAL
-void mlkem_cbd_eta3_avx2(sword16* p, const byte* r);
-
-WOLFSSL_LOCAL
-void mlkem_from_msg_avx2(sword16* p, const byte* msg);
-WOLFSSL_LOCAL
-void mlkem_to_msg_avx2(byte* msg, sword16* p);
-
-WOLFSSL_LOCAL
-void mlkem_from_bytes_avx2(sword16* p, const byte* b);
-WOLFSSL_LOCAL
-void mlkem_to_bytes_avx2(byte* b, sword16* p);
-
-WOLFSSL_LOCAL
-void mlkem_compress_10_avx2(byte* r, const sword16* p, int n);
-WOLFSSL_LOCAL
-void mlkem_decompress_10_avx2(sword16* p, const byte* r, int n);
-WOLFSSL_LOCAL
-void mlkem_compress_11_avx2(byte* r, const sword16* p, int n);
-WOLFSSL_LOCAL
-void mlkem_decompress_11_avx2(sword16* p, const byte* r, int n);
-
-WOLFSSL_LOCAL
-void mlkem_compress_4_avx2(byte* r, const sword16* p);
-WOLFSSL_LOCAL
-void mlkem_decompress_4_avx2(sword16* p, const byte* r);
-WOLFSSL_LOCAL
-void mlkem_compress_5_avx2(byte* r, const sword16* p);
-WOLFSSL_LOCAL
-void mlkem_decompress_5_avx2(sword16* p, const byte* r);
-
-
-WOLFSSL_LOCAL
-int mlkem_cmp_avx2(const byte* a, const byte* b, int sz);
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-WOLFSSL_LOCAL void mlkem_ntt(sword16* r);
-WOLFSSL_LOCAL void mlkem_invntt(sword16* r);
-WOLFSSL_LOCAL void mlkem_ntt_sqrdmlsh(sword16* r);
-WOLFSSL_LOCAL void mlkem_invntt_sqrdmlsh(sword16* r);
-WOLFSSL_LOCAL void mlkem_basemul_mont(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_basemul_mont_add(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_add_reduce(sword16* r, const sword16* a);
-WOLFSSL_LOCAL void mlkem_add3_reduce(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_rsub_reduce(sword16* r, const sword16* a);
-WOLFSSL_LOCAL void mlkem_to_mont(sword16* p);
-WOLFSSL_LOCAL void mlkem_to_mont_sqrdmlsh(sword16* p);
-WOLFSSL_LOCAL void mlkem_sha3_blocksx3_neon(word64* state);
-WOLFSSL_LOCAL void mlkem_shake128_blocksx3_seed_neon(word64* state, byte* seed);
-WOLFSSL_LOCAL void mlkem_shake256_blocksx3_seed_neon(word64* state, byte* seed);
-WOLFSSL_LOCAL unsigned int mlkem_rej_uniform_neon(sword16* p, unsigned int len,
-    const byte* r, unsigned int rLen);
-WOLFSSL_LOCAL int mlkem_cmp_neon(const byte* a, const byte* b, int sz);
-WOLFSSL_LOCAL void mlkem_csubq_neon(sword16* p);
-WOLFSSL_LOCAL void mlkem_from_msg_neon(sword16* p, const byte* msg);
-WOLFSSL_LOCAL void mlkem_to_msg_neon(byte* msg, sword16* p);
-#elif defined(WOLFSSL_ARMASM_THUMB2) && defined(WOLFSSL_ARMASM)
-#define mlkem_ntt                   mlkem_thumb2_ntt
-#define mlkem_invntt                mlkem_thumb2_invntt
-#define mlkem_basemul_mont          mlkem_thumb2_basemul_mont
-#define mlkem_basemul_mont_add      mlkem_thumb2_basemul_mont_add
-#define mlkem_rej_uniform_c         mlkem_thumb2_rej_uniform
-
-WOLFSSL_LOCAL void mlkem_thumb2_ntt(sword16* r);
-WOLFSSL_LOCAL void mlkem_thumb2_invntt(sword16* r);
-WOLFSSL_LOCAL void mlkem_thumb2_basemul_mont(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_thumb2_basemul_mont_add(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_thumb2_csubq(sword16* p);
-WOLFSSL_LOCAL unsigned int mlkem_thumb2_rej_uniform(sword16* p,
-    unsigned int len, const byte* r, unsigned int rLen);
-#elif defined(WOLFSSL_ARMASM)
-#define mlkem_ntt                   mlkem_arm32_ntt
-#define mlkem_invntt                mlkem_arm32_invntt
-#define mlkem_basemul_mont          mlkem_arm32_basemul_mont
-#define mlkem_basemul_mont_add      mlkem_arm32_basemul_mont_add
-#define mlkem_rej_uniform_c         mlkem_arm32_rej_uniform
-
-WOLFSSL_LOCAL void mlkem_arm32_ntt(sword16* r);
-WOLFSSL_LOCAL void mlkem_arm32_invntt(sword16* r);
-WOLFSSL_LOCAL void mlkem_arm32_basemul_mont(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_arm32_basemul_mont_add(sword16* r, const sword16* a,
-    const sword16* b);
-WOLFSSL_LOCAL void mlkem_arm32_csubq(sword16* p);
-WOLFSSL_LOCAL unsigned int mlkem_arm32_rej_uniform(sword16* p, unsigned int len,
-    const byte* r, unsigned int rLen);
-#endif
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_HAVE_MLKEM */
-
-#endif /* WOLF_CRYPT_WC_MLKEM_H */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_pkcs11.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_pkcs11.h
deleted file mode 100644
index 803a1a6c0..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_pkcs11.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/* wc_pkcs11.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef _WOLFPKCS11_H_
-#define _WOLFPKCS11_H_
-
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef HAVE_PKCS11
-
-#ifndef WOLF_CRYPTO_CB
-    #error PKCS11 support requires ./configure --enable-cryptocb or WOLF_CRYPTO_CB to be defined
-#endif
-
-#include <wolfssl/wolfcrypt/cryptocb.h>
-#include <wolfssl/wolfcrypt/pkcs11.h>
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-
-typedef struct Pkcs11Dev {
-#ifndef HAVE_PKCS11_STATIC
-    void*             dlHandle;         /* Handle to library  */
-#endif
-    CK_FUNCTION_LIST* func;             /* Array of functions */
-    void*             heap;
-} Pkcs11Dev;
-
-typedef struct Pkcs11Token {
-    CK_FUNCTION_LIST* func;             /* Table of PKCS#11 function from lib */
-    CK_SLOT_ID        slotId;           /* Id of slot to use                  */
-    CK_SESSION_HANDLE handle;           /* Handle to active session           */
-    CK_UTF8CHAR_PTR   userPin;          /* User's PIN to login with           */
-    CK_ULONG          userPinSz;        /* Size of user's PIN in bytes        */
-    byte              userPinLogin:1;   /* Login with User's PIN              */
-} Pkcs11Token;
-
-typedef struct Pkcs11Session {
-    CK_FUNCTION_LIST* func;             /* Table of PKCS#11 function from lib */
-    CK_SLOT_ID        slotId;           /* Id of slot to use                  */
-    CK_SESSION_HANDLE handle;           /* Handle to active session           */
-} Pkcs11Session;
-
-/* Types of keys that can be stored. */
-enum Pkcs11KeyType {
-    PKCS11_KEY_TYPE_AES_GCM,
-    PKCS11_KEY_TYPE_AES_CBC,
-    PKCS11_KEY_TYPE_HMAC,
-    PKCS11_KEY_TYPE_RSA,
-    PKCS11_KEY_TYPE_EC,
-};
-
-WOLFSSL_API int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library,
-                                     void* heap);
-WOLFSSL_API int wc_Pkcs11_Initialize_ex(Pkcs11Dev* dev, const char* library,
-                                        void* heap, CK_RV* rvp);
-WOLFSSL_API void wc_Pkcs11_Finalize(Pkcs11Dev* dev);
-
-WOLFSSL_API int wc_Pkcs11Token_Init(Pkcs11Token* token, Pkcs11Dev* dev,
-    int slotId, const char* tokenName, const unsigned char *userPin,
-    int userPinSz);
-WOLFSSL_API int wc_Pkcs11Token_Init_NoLogin(Pkcs11Token* token, Pkcs11Dev* dev,
-    int slotId, const char* tokenName);
-WOLFSSL_API int wc_Pkcs11Token_InitName(Pkcs11Token* token, Pkcs11Dev* dev,
-    const char* tokenName, int tokenSz,
-    const unsigned char* userPin, int userPinSz);
-WOLFSSL_API int wc_Pkcs11Token_InitName_NoLogin(Pkcs11Token* token,
-    Pkcs11Dev* dev, const char* tokenName, int tokenSz);
-
-WOLFSSL_API void wc_Pkcs11Token_Final(Pkcs11Token* token);
-WOLFSSL_API int wc_Pkcs11Token_Open(Pkcs11Token* token, int readWrite);
-WOLFSSL_API void wc_Pkcs11Token_Close(Pkcs11Token* token);
-
-WOLFSSL_API int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear,
-    void* key);
-
-WOLFSSL_API int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info,
-    void* ctx);
-
-WOLFSSL_LOCAL int wc_hash2sz(int);
-WOLFSSL_LOCAL CK_MECHANISM_TYPE wc_hash2ckm(int);
-WOLFSSL_LOCAL CK_MECHANISM_TYPE wc_mgf2ckm(int);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* HAVE_PKCS11 */
-
-#endif /* _WOLFPKCS11_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_xmss.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_xmss.h
deleted file mode 100644
index 68cedaff3..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/wc_xmss.h
+++ /dev/null
@@ -1,285 +0,0 @@
-/* wc_xmss.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Based on:
- *  o RFC 8391 - XMSS: eXtended Merkle Signature Scheme
- *  o [HDSS] "Hash-based Digital Signature Schemes", Buchmann, Dahmen and Szydlo
- *    from "Post Quantum Cryptography", Springer 2009.
- */
-
-#ifndef WC_XMSS_H
-#define WC_XMSS_H
-
-#ifdef WOLFSSL_HAVE_XMSS
-#include <wolfssl/wolfcrypt/xmss.h>
-#include <wolfssl/wolfcrypt/sha256.h>
-#include <wolfssl/wolfcrypt/sha512.h>
-#include <wolfssl/wolfcrypt/sha3.h>
-
-#if !defined(WOLFSSL_WC_XMSS)
-    #error "This code is incompatible with external implementation of XMSS."
-#endif
-
-#if (defined(WC_XMSS_SHA512) || defined(WC_XMSS_SHAKE256)) && \
-        (WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 512)
-    #define WC_XMSS_MAX_N               64
-    #define WC_XMSS_MAX_PADDING_LEN     64
-#else
-    #define WC_XMSS_MAX_N               32
-    #define WC_XMSS_MAX_PADDING_LEN     32
-#endif
-#define WC_XMSS_MAX_MSG_PRE_LEN     \
-    (WC_XMSS_MAX_PADDING_LEN + 3 * WC_XMSS_MAX_N)
-#define WC_XMSS_MAX_TREE_HEIGHT     20
-#define WC_XMSS_MAX_CSUM_BYTES       4
-#define WC_XMSS_MAX_WOTS_LEN        (8 * WC_XMSS_MAX_N / 4 + 3)
-#define WC_XMSS_MAX_WOTS_SIG_LEN    (WC_XMSS_MAX_WOTS_LEN * WC_XMSS_MAX_N)
-#define WC_XMSS_MAX_STACK_LEN       \
-    ((WC_XMSS_MAX_TREE_HEIGHT + 1) * WC_XMSS_MAX_N)
-#define WC_XMSS_MAX_D               12
-#define WC_XMSS_MAX_BDS_STATES      (2 * WC_XMSS_MAX_D - 1)
-#define WC_XMSS_MAX_TREE_HASH       \
-    ((2 * WC_XMSS_MAX_D - 1) * WC_XMSS_MAX_TREE_HEIGHT)
-#define WC_XMSS_MAX_BDS_K           0
-
-#define WC_XMSS_ADDR_LEN            32
-
-#define WC_XMSS_HASH_PRF_MAX_DATA_LEN               \
-    (WC_XMSS_MAX_PADDING_LEN + 2 * WC_XMSS_MAX_N + WC_XMSS_ADDR_LEN)
-#define WC_XMSS_HASH_MAX_DATA_LEN                   \
-    (WC_XMSS_MAX_PADDING_LEN + 3 * WC_XMSS_MAX_N)
-
-
-#define WC_XMSS_SHA256_N            32
-#define WC_XMSS_SHA256_PADDING_LEN  32
-#define WC_XMSS_SHA256_WOTS_LEN     67
-
-#define XMSS_OID_LEN                   4
-
-#define XMSS_MAX_HASH_LEN              WC_SHA256_DIGEST_SIZE
-
-#define XMSS_RETAIN_LEN(k, n)   ((!!(k)) * ((1 << (k)) - (k) - 1) * (n))
-
-/* XMMS Algorithm OIDs
- * Note: values are used in mathematical calculations in OID to parames. */
-#define WC_XMSS_OID_SHA2_10_256        0x01
-#define WC_XMSS_OID_SHA2_16_256        0x02
-#define WC_XMSS_OID_SHA2_20_256        0x03
-#define WC_XMSS_OID_SHA2_10_512        0x04
-#define WC_XMSS_OID_SHA2_16_512        0x05
-#define WC_XMSS_OID_SHA2_20_512        0x06
-#define WC_XMSS_OID_SHAKE_10_256       0x07
-#define WC_XMSS_OID_SHAKE_16_256       0x08
-#define WC_XMSS_OID_SHAKE_20_256       0x09
-#define WC_XMSS_OID_SHAKE_10_512       0x0a
-#define WC_XMSS_OID_SHAKE_16_512       0x0b
-#define WC_XMSS_OID_SHAKE_20_512       0x0c
-#define WC_XMSS_OID_SHA2_10_192        0x0d
-#define WC_XMSS_OID_SHA2_16_192        0x0e
-#define WC_XMSS_OID_SHA2_20_192        0x0f
-#define WC_XMSS_OID_SHAKE256_10_256    0x10
-#define WC_XMSS_OID_SHAKE256_16_256    0x11
-#define WC_XMSS_OID_SHAKE256_20_256    0x12
-#define WC_XMSS_OID_SHAKE256_10_192    0x13
-#define WC_XMSS_OID_SHAKE256_16_192    0x14
-#define WC_XMSS_OID_SHAKE256_20_192    0x15
-#define WC_XMSS_OID_FIRST              WC_XMSS_OID_SHA2_10_256
-#define WC_XMSS_OID_LAST               WC_XMSS_OID_SHAKE256_20_192
-
-/* XMMS^MT Algorithm OIDs
- * Note: values are used in mathematical calculations in OID to parames. */
-#define WC_XMSSMT_OID_SHA2_20_2_256        0x01
-#define WC_XMSSMT_OID_SHA2_20_4_256        0x02
-#define WC_XMSSMT_OID_SHA2_40_2_256        0x03
-#define WC_XMSSMT_OID_SHA2_40_4_256        0x04
-#define WC_XMSSMT_OID_SHA2_40_8_256        0x05
-#define WC_XMSSMT_OID_SHA2_60_3_256        0x06
-#define WC_XMSSMT_OID_SHA2_60_6_256        0x07
-#define WC_XMSSMT_OID_SHA2_60_12_256       0x08
-#define WC_XMSSMT_OID_SHA2_20_2_512        0x09
-#define WC_XMSSMT_OID_SHA2_20_4_512        0x0a
-#define WC_XMSSMT_OID_SHA2_40_2_512        0x0b
-#define WC_XMSSMT_OID_SHA2_40_4_512        0x0c
-#define WC_XMSSMT_OID_SHA2_40_8_512        0x0d
-#define WC_XMSSMT_OID_SHA2_60_3_512        0x0e
-#define WC_XMSSMT_OID_SHA2_60_6_512        0x0f
-#define WC_XMSSMT_OID_SHA2_60_12_512       0x10
-#define WC_XMSSMT_OID_SHAKE_20_2_256       0x11
-#define WC_XMSSMT_OID_SHAKE_20_4_256       0x12
-#define WC_XMSSMT_OID_SHAKE_40_2_256       0x13
-#define WC_XMSSMT_OID_SHAKE_40_4_256       0x14
-#define WC_XMSSMT_OID_SHAKE_40_8_256       0x15
-#define WC_XMSSMT_OID_SHAKE_60_3_256       0x16
-#define WC_XMSSMT_OID_SHAKE_60_6_256       0x17
-#define WC_XMSSMT_OID_SHAKE_60_12_256      0x18
-#define WC_XMSSMT_OID_SHAKE_20_2_512       0x19
-#define WC_XMSSMT_OID_SHAKE_20_4_512       0x1a
-#define WC_XMSSMT_OID_SHAKE_40_2_512       0x1b
-#define WC_XMSSMT_OID_SHAKE_40_4_512       0x1c
-#define WC_XMSSMT_OID_SHAKE_40_8_512       0x1d
-#define WC_XMSSMT_OID_SHAKE_60_3_512       0x1e
-#define WC_XMSSMT_OID_SHAKE_60_6_512       0x1f
-#define WC_XMSSMT_OID_SHAKE_60_12_512      0x20
-#define WC_XMSSMT_OID_SHA2_20_2_192        0x21
-#define WC_XMSSMT_OID_SHA2_20_4_192        0x22
-#define WC_XMSSMT_OID_SHA2_40_2_192        0x23
-#define WC_XMSSMT_OID_SHA2_40_4_192        0x24
-#define WC_XMSSMT_OID_SHA2_40_8_192        0x25
-#define WC_XMSSMT_OID_SHA2_60_3_192        0x26
-#define WC_XMSSMT_OID_SHA2_60_6_192        0x27
-#define WC_XMSSMT_OID_SHA2_60_12_192       0x28
-#define WC_XMSSMT_OID_SHAKE256_20_2_256    0x29
-#define WC_XMSSMT_OID_SHAKE256_20_4_256    0x2a
-#define WC_XMSSMT_OID_SHAKE256_40_2_256    0x2b
-#define WC_XMSSMT_OID_SHAKE256_40_4_256    0x2c
-#define WC_XMSSMT_OID_SHAKE256_40_8_256    0x2d
-#define WC_XMSSMT_OID_SHAKE256_60_3_256    0x2e
-#define WC_XMSSMT_OID_SHAKE256_60_6_256    0x2f
-#define WC_XMSSMT_OID_SHAKE256_60_12_256   0x30
-#define WC_XMSSMT_OID_SHAKE256_20_2_192    0x31
-#define WC_XMSSMT_OID_SHAKE256_20_4_192    0x32
-#define WC_XMSSMT_OID_SHAKE256_40_2_192    0x33
-#define WC_XMSSMT_OID_SHAKE256_40_4_192    0x34
-#define WC_XMSSMT_OID_SHAKE256_40_8_192    0x35
-#define WC_XMSSMT_OID_SHAKE256_60_3_192    0x36
-#define WC_XMSSMT_OID_SHAKE256_60_6_192    0x37
-#define WC_XMSSMT_OID_SHAKE256_60_12_192   0x38
-#define WC_XMSSMT_OID_FIRST            WC_XMSSMT_OID_SHA2_20_2_256
-#define WC_XMSSMT_OID_LAST             WC_XMSSMT_OID_SHAKE256_60_12_192
-
-
-/* Type for hash address. */
-typedef word32 HashAddress[8];
-
-/* XMSS/XMSS^MT fixed parameters. */
-typedef struct XmssParams {
-    /* Hash algorithm to use. */
-    word8  hash;
-    /* Size of hash output. */
-    word8  n;
-    /* Number of bytes of padding before rest of hash data. */
-    word8  pad_len;
-    /* Number of values to chain = 2 * n + 3. */
-    word8  wots_len;
-    /* Number of bytes in each WOTS+ signature. */
-    word16 wots_sig_len;
-    /* Full height of tree. */
-    word8  h;
-    /* Height of tree each subtree. */
-    word8  sub_h;
-    /* Number of subtrees = h / sub_h. */
-    word8  d;
-    /* Number of bytes to encode index into in private/secret key. */
-    word8  idx_len;
-    /* Number of bytes in a signature. */
-    word32 sig_len;
-    /* Number of bytes in a secret/private key. */
-    word32 sk_len;
-    /* Number of bytes in a public key. */
-    word8  pk_len;
-    /* BDS parameter for fast C implementation. */
-    word8  bds_k;
-} XmssParams;
-
-struct XmssKey {
-    /* Public key. */
-    unsigned char        pk[2 * WC_XMSS_MAX_N];
-    /* OID that identifies parameters. */
-    word32               oid;
-    /* Indicates whether the parameters are for XMSS^MT. */
-    int                  is_xmssmt;
-    /* XMSS/XMSS^MT parameters. */
-    const XmssParams*    params;
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-    /* Secret/private key. */
-    unsigned char*       sk;
-    /* Length of secret key. */
-    word32               sk_len;
-    /* Callback to write/update key. */
-    wc_xmss_write_private_key_cb write_private_key;
-    /* Callback to read key. */
-    wc_xmss_read_private_key_cb  read_private_key;
-    /* Context arg passed to callbacks. */
-    void*                context;
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
-    /* State of key. */
-    enum wc_XmssState    state;
-};
-
-typedef struct XmssState {
-    const XmssParams* params;
-
-    /* Digest is assumed to be at the end. */
-    union {
-    #ifdef WC_XMSS_SHA256
-       wc_Sha256 sha256;
-    #endif
-    #ifdef WC_XMSS_SHA512
-       wc_Sha512 sha512;
-    #endif
-    #if defined(WC_XMSS_SHAKE128) || defined(WC_XMSS_SHAKE256)
-       wc_Shake shake;
-    #endif
-    } digest;
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256) && \
-    !defined(WC_XMSS_FULL_HASH)
-    ALIGN16 word32 dgst_state[WC_SHA256_DIGEST_SIZE / sizeof(word32)];
-#endif
-    ALIGN16 byte prf_buf[WC_XMSS_HASH_PRF_MAX_DATA_LEN];
-    ALIGN16 byte buf[WC_XMSS_HASH_MAX_DATA_LEN];
-    ALIGN16 byte pk[WC_XMSS_MAX_WOTS_SIG_LEN];
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-    ALIGN16 byte stack[WC_XMSS_MAX_STACK_LEN];
-#else
-    ALIGN16 byte stack[WC_XMSS_ADDR_LEN];
-#endif
-    byte encMsg[WC_XMSS_MAX_WOTS_LEN];
-    HashAddress addr;
-
-    int ret;
-} XmssState;
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_LOCAL int wc_xmssmt_keygen(XmssState *state, const unsigned char* seed,
-    unsigned char *sk, unsigned char *pk);
-WOLFSSL_LOCAL int wc_xmss_keygen(XmssState *state, const unsigned char* seed,
-    unsigned char *sk, unsigned char *pk);
-
-WOLFSSL_LOCAL int wc_xmssmt_sign(XmssState *state, const unsigned char *m,
-    word32 mlen, unsigned char *sk, unsigned char *sm);
-WOLFSSL_LOCAL int wc_xmss_sign(XmssState *state, const unsigned char *m,
-    word32 mlen, unsigned char *sk, unsigned char *sm);
-
-WOLFSSL_LOCAL int wc_xmss_sigsleft(const XmssParams* params, unsigned char* sk);
-
-WOLFSSL_LOCAL int wc_xmssmt_verify(XmssState *state, const unsigned char *m,
-    word32 mlen, const unsigned char *sm, const unsigned char *pk);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_HAVE_XMSS */
-#endif /* WC_XMSS_H */
-
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/wolfevent.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/wolfevent.h
deleted file mode 100644
index 04dbceb4e..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/wolfevent.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/* wolfevent.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifndef _WOLF_EVENT_H_
-#define _WOLF_EVENT_H_
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-#ifndef SINGLE_THREADED
-    #include <wolfssl/wolfcrypt/wc_port.h>
-#endif
-
-typedef struct WOLF_EVENT WOLF_EVENT;
-typedef unsigned short WOLF_EVENT_FLAG;
-
-typedef enum WOLF_EVENT_TYPE {
-    WOLF_EVENT_TYPE_NONE,
-#ifdef WOLFSSL_ASYNC_CRYPT
-    WOLF_EVENT_TYPE_ASYNC_WOLFSSL,    /* context is WOLFSSL* */
-    WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT,  /* context is WC_ASYNC_DEV */
-    WOLF_EVENT_TYPE_ASYNC_FIRST = WOLF_EVENT_TYPE_ASYNC_WOLFSSL,
-    WOLF_EVENT_TYPE_ASYNC_LAST = WOLF_EVENT_TYPE_ASYNC_WOLFCRYPT,
-#endif /* WOLFSSL_ASYNC_CRYPT */
-} WOLF_EVENT_TYPE;
-
-typedef enum WOLF_EVENT_STATE {
-    WOLF_EVENT_STATE_READY,
-    WOLF_EVENT_STATE_PENDING,
-    WOLF_EVENT_STATE_DONE,
-} WOLF_EVENT_STATE;
-
-struct WOLF_EVENT {
-    /* double linked list */
-    WOLF_EVENT*         next;
-    WOLF_EVENT*         prev;
-
-    void*               context;
-    union {
-        void* ptr;
-#ifdef WOLFSSL_ASYNC_CRYPT
-        struct WC_ASYNC_DEV* async;
-#endif
-    } dev;
-#ifdef HAVE_CAVIUM
-    word64              reqId;
-    #ifdef WOLFSSL_NITROX_DEBUG
-    word32              pendCount;
-    #endif
-#endif
-#ifndef WC_NO_ASYNC_THREADING
-    pthread_t           threadId;
-#endif
-    int                 ret;    /* Async return code */
-    unsigned int        flags;
-    WOLF_EVENT_TYPE     type;
-    WOLF_EVENT_STATE    state;
-};
-
-enum WOLF_POLL_FLAGS {
-    WOLF_POLL_FLAG_CHECK_HW = 0x01,
-};
-
-typedef struct {
-    WOLF_EVENT*         head;     /* head of queue */
-    WOLF_EVENT*         tail;     /* tail of queue */
-#ifndef SINGLE_THREADED
-    wolfSSL_Mutex       lock;     /* queue lock */
-#endif
-    int                 count;
-} WOLF_EVENT_QUEUE;
-
-
-#ifdef HAVE_WOLF_EVENT
-
-/* Event */
-WOLFSSL_API int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context);
-WOLFSSL_API int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags);
-
-/* Event Queue */
-WOLFSSL_API int wolfEventQueue_Init(WOLF_EVENT_QUEUE* queue);
-WOLFSSL_API int wolfEventQueue_Push(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
-WOLFSSL_API int wolfEventQueue_Pop(WOLF_EVENT_QUEUE* queue, WOLF_EVENT** event);
-WOLFSSL_API int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
-    WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount);
-WOLFSSL_API int wolfEventQueue_Count(WOLF_EVENT_QUEUE* queue);
-WOLFSSL_API void wolfEventQueue_Free(WOLF_EVENT_QUEUE* queue);
-
-/* the queue mutex must be locked prior to calling these */
-WOLFSSL_API int wolfEventQueue_Add(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
-WOLFSSL_API int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event);
-
-
-#endif /* HAVE_WOLF_EVENT */
-
-
-#ifdef __cplusplus
-    }   /* extern "C" */
-#endif
-
-#endif /* _WOLF_EVENT_H_ */
diff --git a/include/bitcoin/ssl/wolfssl/wolfcrypt/xmss.h b/include/bitcoin/ssl/wolfssl/wolfcrypt/xmss.h
deleted file mode 100644
index 2f7d7a819..000000000
--- a/include/bitcoin/ssl/wolfssl/wolfcrypt/xmss.h
+++ /dev/null
@@ -1,203 +0,0 @@
-/* xmss.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*!
-    \file wolfssl/wolfcrypt/xmss.h
- */
-
-#ifndef WOLF_CRYPT_XMSS_H
-#define WOLF_CRYPT_XMSS_H
-
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/random.h>
-
-#ifdef WOLFSSL_HAVE_XMSS
-
-/* Note on XMSS/XMSS^MT pub/priv key sizes:
- *   - The XMSS/XMSS^MT pub key has a defined format and size.
- *   - The XMSS/XMSS^MT private key is implementation and parameter
- *     specific. It does not have a standardized format or size.
- *
- * The XMSS/XMSS^MT public and secret key format and length is:
- *   PK = OID || root || SEED;
- *   PK_len = 4 + 2 * n
- *
- *   SK = OID || (implementation defined)
- *   SK_len = 4 + (implementation defined)
- *
- * where n is the number of bytes in the hash function, which is 32
- * in this SHA256 implementation.
- *
- * However the private key is implementation specific. For example,
- * in xmss-reference the private key size varies from 137 bytes to
- * 1377 bytes between slow and fast implementations with param name
- * "XMSSMT-SHA2_20/2_256".
- *
- * References:
- *   - RFC 8391
- *   - Table 2 of Kampanakis, Fluhrer, IACR, 2017.
- * */
-
-#define XMSS_SHA256_PUBLEN (68)
-
-/* Supported XMSS/XMSS^MT parameter set names:
- * We are supporting all SHA256 parameter sets with n=32 and
- * Winternitz=16, from RFC 8391 and NIST SP 800-208.
- *
- *         ----------------------------------------------------------
- *         | Name                     OID         n   w  len  h   d  |
- * XMSS:   | "XMSS-SHA2_10_256"       0x00000001  32  16  67  10  1  |
- *         | "XMSS-SHA2_16_256"       0x00000002  32  16  67  16  1  |
- *         | "XMSS-SHA2_20_256"       0x00000003  32  16  67  20  1  |
- *         |                                                         |
- * XMSSMT: | "XMSSMT-SHA2_20/2_256"   0x00000001  32  16  67  20  2  |
- *         | "XMSSMT-SHA2_20/4_256"   0x00000002  32  16  67  20  4  |
- *         | "XMSSMT-SHA2_40/2_256"   0x00000003  32  16  67  40  2  |
- *         | "XMSSMT-SHA2_40/4_256"   0x00000004  32  16  67  40  4  |
- *         | "XMSSMT-SHA2_40/8_256"   0x00000005  32  16  67  40  8  |
- *         | "XMSSMT-SHA2_60/3_256"   0x00000006  32  16  67  60  3  |
- *         | "XMSSMT-SHA2_60/6_256"   0x00000007  32  16  67  60  6  |
- *         | "XMSSMT-SHA2_60/12_256"  0x00000008  32  16  67  60  12 |
- *         ----------------------------------------------------------
- *
- * Note that some XMSS and XMSSMT names do have overlapping OIDs.
- *
- * References:
- *   1. NIST SP 800-208
- *   2. RFC 8391
- * */
-
-#define XMSS_NAME_LEN       (16) /* strlen("XMSS-SHA2_10_256") */
-#define XMSSMT_NAME_MIN_LEN (20) /* strlen("XMSSMT-SHA2_20/2_256") */
-#define XMSSMT_NAME_MAX_LEN (21) /* strlen("XMSSMT-SHA2_60/12_256") */
-
-#if defined(HAVE_FIPS) || defined(HAVE_LIBXMSS)
-    #undef WOLFSSL_WC_XMSS_NO_SHA512
-    #define WOLFSSL_WC_XMSS_NO_SHA512
-    #undef WOLFSSL_WC_XMSS_NO_SHAKE128
-    #define WOLFSSL_WC_XMSS_NO_SHAKE128
-    #undef WOLFSSL_WC_XMSS_MAX_HASH_SIZE
-    #ifdef HAVE_LIBXMSS
-        #define WOLFSSL_WC_XMSS_MIN_HASH_SIZE       256
-    #else
-        #define WOLFSSL_WC_XMSS_MIN_HASH_SIZE       192
-    #endif
-    #define WOLFSSL_WC_XMSS_MAX_HASH_SIZE       256
-#endif
-
-#if !defined(NO_SHA256) && !defined(WOLFSSL_WC_XMSS_NO_SHA256)
-    #define WC_XMSS_SHA256
-#endif
-#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_WC_XMSS_NO_SHA512)
-    #define WC_XMSS_SHA512
-#endif
-#if defined(WOLFSSL_SHAKE128) && !defined(WOLFSSL_WC_XMSS_NO_SHAKE128)
-    #define WC_XMSS_SHAKE128
-#endif
-#if defined(WOLFSSL_SHAKE256) && !defined(WOLFSSL_WC_XMSS_NO_SHAKE256)
-    #define WC_XMSS_SHAKE256
-#endif
-
-#ifndef WOLFSSL_WC_XMSS_MIN_HASH_SIZE
-    #define WOLFSSL_WC_XMSS_MIN_HASH_SIZE       192
-#endif
-#ifndef WOLFSSL_WC_XMSS_MAX_HASH_SIZE
-    #define WOLFSSL_WC_XMSS_MAX_HASH_SIZE       512
-#endif
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE > WOLFSSL_WC_XMSS_MAX_HASH_SIZE
-    #error "XMSS minimum hash size is greater than maximum hash size"
-#endif
-
-#ifndef WOLFSSL_XMSS_MIN_HEIGHT
-    #define WOLFSSL_XMSS_MIN_HEIGHT             10
-#endif
-#ifndef WOLFSSL_XMSS_MAX_HEIGHT
-    #define WOLFSSL_XMSS_MAX_HEIGHT             60
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT > WOLFSSL_XMSS_MAX_HEIGHT
-    #error "XMSS minimum height is greater than maximum height"
-#endif
-
-typedef struct XmssKey XmssKey;
-
-/* Return codes returned by private key callbacks. */
-enum wc_XmssRc {
-  WC_XMSS_RC_NONE,
-  WC_XMSS_RC_BAD_ARG,            /* Bad arg in read or write callback. */
-  WC_XMSS_RC_WRITE_FAIL,         /* Write or update private key failed. */
-  WC_XMSS_RC_READ_FAIL,          /* Read private key failed. */
-  WC_XMSS_RC_SAVED_TO_NV_MEMORY, /* Wrote private key to nonvolatile storage. */
-  WC_XMSS_RC_READ_TO_MEMORY      /* Read private key from storage. */
-};
-
-/* enum wc_XmssState is to help track the state of an XMSS Key. */
-enum wc_XmssState {
-    WC_XMSS_STATE_FREED,      /* Key has been freed from memory. */
-    WC_XMSS_STATE_INITED,     /* Key has been inited, ready to set params.*/
-    WC_XMSS_STATE_PARMSET,    /* Params are set, ready to MakeKey or Reload. */
-    WC_XMSS_STATE_OK,         /* Able to sign signatures and verify. */
-    WC_XMSS_STATE_VERIFYONLY, /* A public only XmssKey. */
-    WC_XMSS_STATE_BAD,        /* Can't guarantee key's state. */
-    WC_XMSS_STATE_NOSIGS      /* Signatures exhausted. */
-};
-
-/* Private key write and read callbacks. */
-typedef enum wc_XmssRc (*wc_xmss_write_private_key_cb)(const byte* priv, word32 privSz,
-    void* context);
-typedef enum wc_XmssRc (*wc_xmss_read_private_key_cb)(byte* priv, word32 privSz,
-    void* context);
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-WOLFSSL_API int  wc_XmssKey_Init(XmssKey* key, void* heap, int devId);
-WOLFSSL_API int  wc_XmssKey_SetParamStr(XmssKey* key, const char* str);
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-WOLFSSL_API int  wc_XmssKey_SetWriteCb(XmssKey* key,
-    wc_xmss_write_private_key_cb write_cb);
-WOLFSSL_API int  wc_XmssKey_SetReadCb(XmssKey* key,
-    wc_xmss_read_private_key_cb read_cb);
-WOLFSSL_API int  wc_XmssKey_SetContext(XmssKey* key, void* context);
-WOLFSSL_API int  wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng);
-WOLFSSL_API int  wc_XmssKey_Reload(XmssKey* key);
-WOLFSSL_API int  wc_XmssKey_GetPrivLen(const XmssKey* key, word32* len);
-WOLFSSL_API int  wc_XmssKey_Sign(XmssKey* key, byte* sig, word32* sigSz,
-    const byte* msg, int msgSz);
-WOLFSSL_API int  wc_XmssKey_SigsLeft(XmssKey* key);
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
-WOLFSSL_API void wc_XmssKey_Free(XmssKey* key);
-WOLFSSL_API int  wc_XmssKey_GetSigLen(const XmssKey* key, word32* len);
-WOLFSSL_API int  wc_XmssKey_GetPubLen(const XmssKey* key, word32* len);
-WOLFSSL_API int  wc_XmssKey_ExportPub(XmssKey* keyDst, const XmssKey* keySrc);
-WOLFSSL_API int  wc_XmssKey_ExportPubRaw(const XmssKey* key, byte* out,
-    word32* outLen);
-WOLFSSL_API int  wc_XmssKey_ImportPubRaw(XmssKey* key, const byte* in,
-    word32 inLen);
-WOLFSSL_API int  wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigSz,
-    const byte* msg, int msgSz);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* WOLFSSL_HAVE_XMSS */
-#endif /* WOLF_CRYPT_XMSS_H */
diff --git a/src/ssl/wolfssl/crl.c b/src/ssl/wolfssl/crl.c
deleted file mode 100644
index 9056bd1c6..000000000
--- a/src/ssl/wolfssl/crl.c
+++ /dev/null
@@ -1,1906 +0,0 @@
-/* crl.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/*
-CRL Options:
- * CRL_STATIC_REVOKED_LIST:                                        default: off
- *                         Enables fixed static list of RevokedCerts to allow
- *                         for a binary search.
- * CRL_MAX_REVOKED_CERTS:                                          default: 4
- *                         Specifies the number of buffers to hold RevokedCerts.
- *                         The default value is set to 4.
- * CRL_REPORT_LOAD_ERRORS:                                         default: off
- *                         Return any errors encountered during loading CRL
- *                         from a directory.
-*/
-
-#ifndef WOLFCRYPT_ONLY
-#ifdef HAVE_CRL
-
-#include <wolfssl/internal.h>
-#include <wolfssl/error-ssl.h>
-#include <wolfssl/wolfcrypt/logging.h>
-
-#ifndef NO_STRING_H
-    #include <string.h>
-#endif
-
-#ifdef HAVE_CRL_MONITOR
-    #if defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__) || \
-         defined(_MSC_VER)
-        static int StopMonitor(wolfSSL_CRL_mfd_t mfd);
-    #else
-        #error "CRL monitor only currently supported on linux or mach or windows"
-    #endif
-#endif /* HAVE_CRL_MONITOR */
-
-
-/* Initialize CRL members */
-int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("InitCRL");
-    if(cm != NULL)
-        crl->heap = cm->heap;
-    else
-        crl->heap = NULL;
-    crl->cm = cm;
-    crl->crlList  = NULL;
-    crl->currentEntry = NULL;
-#ifdef HAVE_CRL_MONITOR
-    crl->monitors[0].path = NULL;
-    crl->monitors[1].path = NULL;
-    crl->tid = INVALID_THREAD_VAL;
-    crl->mfd = WOLFSSL_CRL_MFD_INIT_VAL;
-    crl->setup = 0; /* thread setup done predicate */
-    if (wolfSSL_CondInit(&crl->cond) != 0) {
-        WOLFSSL_MSG("thread condition init failed");
-        return BAD_COND_E;
-    }
-#endif
-#ifdef HAVE_CRL_IO
-    crl->crlIOCb = NULL;
-#endif
-    if (wc_InitRwLock(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("Init Mutex failed");
-        return BAD_MUTEX_E;
-    }
-#ifdef OPENSSL_ALL
-    {
-        int ret;
-        wolfSSL_RefInit(&crl->ref, &ret);
-        (void)ret;
-    }
-#endif
-
-    return 0;
-}
-
-
-/* Initialize CRL Entry */
-static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
-                         int verified, void* heap)
-{
-    WOLFSSL_ENTER("InitCRL_Entry");
-
-    XMEMCPY(crle->issuerHash, dcrl->issuerHash, CRL_DIGEST_SIZE);
-    /* XMEMCPY(crle->crlHash, dcrl->crlHash, CRL_DIGEST_SIZE);
-     * copy the hash here if needed for optimized comparisons */
-    XMEMCPY(crle->lastDate, dcrl->lastDate, MAX_DATE_SIZE);
-    XMEMCPY(crle->nextDate, dcrl->nextDate, MAX_DATE_SIZE);
-    crle->lastDateFormat = dcrl->lastDateFormat;
-    crle->nextDateFormat = dcrl->nextDateFormat;
-    crle->version = dcrl->version;
-
-#if defined(OPENSSL_EXTRA)
-    crle->lastDateAsn1.length = MAX_DATE_SIZE;
-    XMEMCPY (crle->lastDateAsn1.data, crle->lastDate,
-             (size_t)crle->lastDateAsn1.length);
-    crle->lastDateAsn1.type = crle->lastDateFormat;
-    crle->nextDateAsn1.length = MAX_DATE_SIZE;
-    XMEMCPY (crle->nextDateAsn1.data, crle->nextDate,
-             (size_t)crle->nextDateAsn1.length);
-    crle->nextDateAsn1.type = crle->nextDateFormat;
-
-    crle->issuer = NULL;
-    wolfSSL_d2i_X509_NAME(&crle->issuer, (unsigned char**)&dcrl->issuer,
-                          dcrl->issuerSz);
-    if (crle->issuer == NULL) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-#endif
-#ifdef CRL_STATIC_REVOKED_LIST
-    /* ParseCRL_CertList() has already cached the Revoked certs into
-       the crle->certs array */
-#else
-    crle->certs = dcrl->certs;   /* take ownership */
-#endif
-    dcrl->certs = NULL;
-    crle->totalCerts = dcrl->totalCerts;
-    crle->crlNumberSet = dcrl->crlNumberSet;
-    if (crle->crlNumberSet) {
-        XMEMCPY(crle->crlNumber, dcrl->crlNumber, CRL_MAX_NUM_SZ);
-    }
-    crle->verified = verified;
-    if (!verified) {
-        crle->tbsSz = dcrl->sigIndex - dcrl->certBegin;
-        crle->signatureSz = dcrl->sigLength;
-        crle->signatureOID = dcrl->signatureOID;
-        crle->toBeSigned = (byte*)XMALLOC(crle->tbsSz, heap,
-                                          DYNAMIC_TYPE_CRL_ENTRY);
-        if (crle->toBeSigned == NULL)
-            return WOLFSSL_FATAL_ERROR;
-        crle->signature = (byte*)XMALLOC(crle->signatureSz, heap,
-                                         DYNAMIC_TYPE_CRL_ENTRY);
-        if (crle->signature == NULL) {
-            XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
-            crle->toBeSigned = NULL;
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-    #ifdef WC_RSA_PSS
-        crle->sigParamsSz = dcrl->sigParamsLength;
-        if (dcrl->sigParamsLength > 0) {
-            crle->sigParams = (byte*)XMALLOC(crle->sigParamsSz, heap,
-                                             DYNAMIC_TYPE_CRL_ENTRY);
-            if (crle->sigParams== NULL) {
-                XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
-                crle->toBeSigned = NULL;
-                XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY);
-                crle->signature = NULL;
-                return WOLFSSL_FATAL_ERROR;
-            }
-            XMEMCPY(crle->sigParams, buff + dcrl->sigParamsIndex,
-                crle->sigParamsSz);
-        }
-    #endif
-        XMEMCPY(crle->toBeSigned, buff + dcrl->certBegin, crle->tbsSz);
-        XMEMCPY(crle->signature, dcrl->signature, crle->signatureSz);
-    #ifndef NO_SKID
-        crle->extAuthKeyIdSet = dcrl->extAuthKeyIdSet;
-        if (crle->extAuthKeyIdSet)
-            XMEMCPY(crle->extAuthKeyId, dcrl->extAuthKeyId, KEYID_SIZE);
-    #endif
-    }
-    else {
-        crle->toBeSigned = NULL;
-        crle->signature = NULL;
-    }
-
-    (void)verified;
-    (void)heap;
-
-    return 0;
-}
-
-static CRL_Entry* CRL_Entry_new(void* heap)
-{
-    CRL_Entry* crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), heap,
-                                          DYNAMIC_TYPE_CRL_ENTRY);
-    if (crle != NULL) {
-        XMEMSET(crle, 0, sizeof(CRL_Entry));
-        if (wc_InitMutex(&crle->verifyMutex) != 0) {
-            XFREE(crle, heap, DYNAMIC_TYPE_CRL_ENTRY);
-            crle = NULL;
-        }
-    }
-    (void)heap;
-    return crle;
-}
-
-/* Free all CRL Entry resources */
-static void CRL_Entry_free(CRL_Entry* crle, void* heap)
-{
-    WOLFSSL_ENTER("CRL_Entry_free");
-    if (crle == NULL) {
-        WOLFSSL_MSG("CRL Entry is null");
-        return;
-    }
-#ifdef CRL_STATIC_REVOKED_LIST
-    XMEMSET(crle->certs, 0, CRL_MAX_REVOKED_CERTS*sizeof(RevokedCert));
-#else
-    {
-        RevokedCert* tmp;
-        RevokedCert* next;
-
-        for (tmp = crle->certs; tmp != NULL; tmp = next) {
-            next = tmp->next;
-            XFREE(tmp, heap, DYNAMIC_TYPE_REVOKED);
-        }
-
-    }
-#endif
-    XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY);
-    XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
-#ifdef WC_RSA_PSS
-    XFREE(crle->sigParams, heap, DYNAMIC_TYPE_CRL_ENTRY);
-#endif
-#if defined(OPENSSL_EXTRA)
-    if (crle->issuer != NULL) {
-        FreeX509Name(crle->issuer);
-        XFREE(crle->issuer, heap, DYNAMIC_TYPE_X509);
-    }
-#endif
-    wc_FreeMutex(&crle->verifyMutex);
-    XFREE(crle, heap, DYNAMIC_TYPE_CRL_ENTRY);
-    (void)heap;
-}
-
-
-/* Free all CRL resources */
-void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
-{
-    CRL_Entry* tmp;
-
-    WOLFSSL_ENTER("FreeCRL");
-
-    if (crl == NULL)
-        return;
-
-#ifdef OPENSSL_ALL
-    {
-        int ret;
-        int doFree = 0;
-        wolfSSL_RefDec(&crl->ref, &doFree, &ret);
-        if (ret != 0)
-            WOLFSSL_MSG("Couldn't lock x509 mutex");
-        if (!doFree)
-            return;
-        wolfSSL_RefFree(&crl->ref);
-    }
-#endif
-
-    tmp = crl->crlList;
-#ifdef HAVE_CRL_MONITOR
-    if (crl->monitors[0].path)
-        XFREE(crl->monitors[0].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
-
-    if (crl->monitors[1].path)
-        XFREE(crl->monitors[1].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
-#endif
-
-    XFREE(crl->currentEntry, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-    crl->currentEntry = NULL;
-    while(tmp) {
-        CRL_Entry* next = tmp->next;
-        CRL_Entry_free(tmp, crl->heap);
-        tmp = next;
-    }
-
-#ifdef HAVE_CRL_MONITOR
-    if (crl->tid != INVALID_THREAD_VAL) {
-        WOLFSSL_MSG("stopping monitor thread");
-        if (StopMonitor(crl->mfd) == 0) {
-            if (wolfSSL_JoinThread(crl->tid) != 0)
-                WOLFSSL_MSG("stop monitor failed in wolfSSL_JoinThread");
-        }
-        else {
-            WOLFSSL_MSG("stop monitor failed");
-        }
-    }
-    if (wolfSSL_CondFree(&crl->cond) != 0)
-        WOLFSSL_MSG("wolfSSL_CondFree failed in FreeCRL");
-#endif
-    wc_FreeRwLock(&crl->crlLock);
-    if (dynamic)   /* free self */
-        XFREE(crl, crl->heap, DYNAMIC_TYPE_CRL);
-}
-
-static int FindRevokedSerial(RevokedCert* rc, byte* serial, int serialSz,
-        byte* serialHash, int totalCerts)
-{
-    int ret = 0;
-    byte hash[SIGNER_DIGEST_SIZE];
-#ifdef CRL_STATIC_REVOKED_LIST
-    /* do binary search */
-    int low, high, mid;
-
-    low = 0;
-    high = totalCerts - 1;
-
-    while (low <= high) {
-        mid = (low + high) / 2;
-
-        if (XMEMCMP(rc[mid].serialNumber, serial, rc->serialSz) < 0) {
-            low = mid + 1;
-        }
-        else if (XMEMCMP(rc[mid].serialNumber, serial, rc->serialSz) > 0) {
-            high = mid - 1;
-        }
-        else {
-            WOLFSSL_MSG("Cert revoked");
-            ret = CRL_CERT_REVOKED;
-            break;
-        }
-    }
-#else
-    (void)totalCerts;
-    /* search in the linked list*/
-    while (rc) {
-        if (serialHash == NULL) {
-            if (rc->serialSz == serialSz &&
-                   XMEMCMP(rc->serialNumber, serial, (size_t)rc->serialSz) == 0) {
-                WOLFSSL_MSG("Cert revoked");
-                ret = CRL_CERT_REVOKED;
-                break;
-            }
-        }
-        else {
-            ret = CalcHashId(rc->serialNumber, (word32)rc->serialSz, hash);
-            if (ret != 0)
-                break;
-            if (XMEMCMP(hash, serialHash, SIGNER_DIGEST_SIZE) == 0) {
-                WOLFSSL_MSG("Cert revoked");
-                ret = CRL_CERT_REVOKED;
-                break;
-            }
-        }
-        rc = rc->next;
-    }
-#endif
-    return ret;
-}
-
-static int VerifyCRLE(const WOLFSSL_CRL* crl, CRL_Entry* crle)
-{
-    Signer* ca = NULL;
-    SignatureCtx sigCtx;
-    int ret = 0;
-
-#ifndef NO_SKID
-    if (crle->extAuthKeyIdSet)
-        ca = GetCA(crl->cm, crle->extAuthKeyId);
-    if (ca == NULL)
-        ca = GetCAByName(crl->cm, crle->issuerHash);
-#else /* NO_SKID */
-    ca = GetCA(crl->cm, crle->issuerHash);
-#endif /* NO_SKID */
-    if (ca == NULL) {
-        WOLFSSL_MSG("Did NOT find CRL issuer CA");
-        return ASN_CRL_NO_SIGNER_E;
-    }
-
-    ret = VerifyCRL_Signature(&sigCtx, crle->toBeSigned, crle->tbsSz,
-            crle->signature, crle->signatureSz, crle->signatureOID,
-        #ifdef WC_RSA_PSS
-            crle->sigParams, (int)crle->sigParamsSz,
-        #else
-            NULL, 0,
-        #endif
-            ca, crl->heap);
-
-    if (ret == 0) {
-        crle->verified = 1;
-    }
-    else {
-        crle->verified = ret;
-    }
-
-    return ret;
-}
-
-static int CheckCertCRLList(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
-        int serialSz, byte* serialHash, int *pFoundEntry)
-{
-    CRL_Entry* crle;
-    int        foundEntry = 0;
-    int        ret = 0;
-
-    if (wc_LockRwLock_Rd(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockRwLock_Rd failed");
-        return BAD_MUTEX_E;
-    }
-
-    for (crle = crl->crlList; crle != NULL; crle = crle->next) {
-        if (XMEMCMP(crle->issuerHash, issuerHash, CRL_DIGEST_SIZE) == 0) {
-            int nextDateValid = 1;
-
-            WOLFSSL_MSG("Found CRL Entry on list");
-
-            if (crle->verified == 0) {
-                if (wc_LockMutex(&crle->verifyMutex) != 0) {
-                    WOLFSSL_MSG("wc_LockMutex failed");
-                    break;
-                }
-
-                /* A different thread may have verified the entry while we were
-                 * waiting for the mutex. */
-                if (crle->verified == 0)
-                    ret = VerifyCRLE(crl, crle);
-
-                wc_UnLockMutex(&crle->verifyMutex);
-
-                if (ret != 0)
-                    break;
-            }
-
-            if (crle->verified < 0) {
-                WOLFSSL_MSG("Cannot use CRL as it didn't verify");
-                ret = crle->verified;
-                break;
-            }
-
-            WOLFSSL_MSG("Checking next date validity");
-
-        #ifdef WOLFSSL_NO_CRL_NEXT_DATE
-            if (crle->nextDateFormat != ASN_OTHER_TYPE)
-        #endif
-            {
-            #if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
-                if (!XVALIDATE_DATE(crle->nextDate,crle->nextDateFormat, ASN_AFTER)) {
-                    WOLFSSL_MSG("CRL next date is no longer valid");
-                    nextDateValid = 0;
-                }
-            #endif
-            }
-            if (nextDateValid) {
-                foundEntry = 1;
-                ret = FindRevokedSerial(crle->certs, serial, serialSz,
-                        serialHash, crle->totalCerts);
-                if (ret != 0)
-                    break;
-            }
-            else if (foundEntry == 0) {
-                ret = CRL_CERT_DATE_ERR;
-            }
-        }
-    }
-
-    wc_UnLockRwLock(&crl->crlLock);
-
-    *pFoundEntry = foundEntry;
-
-    return ret;
-}
-
-int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
-        int serialSz, byte* serialHash, const byte* extCrlInfo,
-        int extCrlInfoSz, void* issuerName)
-{
-    int        foundEntry = 0;
-    int        ret = 0;
-
-    WOLFSSL_ENTER("CheckCertCRL");
-    (void)issuerName;
-
-    if ((serial == NULL || serialSz == 0) && serialHash == NULL) {
-        WOLFSSL_MSG("Either serial or hash has to be provided");
-        return BUFFER_ERROR;
-    }
-
-#ifdef WOLFSSL_CRL_ALLOW_MISSING_CDP
-    /* Skip CRL verification in case no CDP in peer cert */
-    if (!extCrlInfo) {
-        return ret;
-    }
-#endif
-
-    ret = CheckCertCRLList(crl, issuerHash, serial, serialSz, serialHash,
-            &foundEntry);
-
-#ifdef HAVE_CRL_IO
-    if (foundEntry == 0) {
-        /* perform embedded lookup */
-        if (crl->crlIOCb) {
-            int cbRet = crl->crlIOCb(crl, (const char*)extCrlInfo,
-                                     extCrlInfoSz);
-            if (cbRet == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ)) {
-                ret = OCSP_WANT_READ;
-            }
-            else if (ret >= 0) {
-                /* try again */
-                ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
-                        serialHash, &foundEntry);
-            }
-        }
-    }
-#endif
-
-#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
-    (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
-    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \
-    !defined(NO_STDIO_FILESYSTEM)
-    /* if not find entry in the CRL list, it looks at the folder that sets  */
-    /* by LOOKUP_ctrl because user would want to use hash_dir.              */
-    /* Loading <issuer-hash>.rN form CRL file if find at the folder,        */
-    /* and try again checking Cert in the CRL list.                         */
-    /* When not set the folder or not use hash_dir, do nothing.             */
-    if ((foundEntry == 0) && (ret != WC_NO_ERR_TRACE(OCSP_WANT_READ))) {
-        if (crl->cm != NULL && crl->cm->x509_store_p != NULL) {
-            int loadRet = LoadCertByIssuer(crl->cm->x509_store_p,
-                          (WOLFSSL_X509_NAME*)issuerName, X509_LU_CRL);
-            if (loadRet == WOLFSSL_SUCCESS) {
-                /* try again */
-                ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
-                        serialHash, &foundEntry);
-            }
-        }
-    }
-#endif
-    if (foundEntry == 0) {
-        WOLFSSL_MSG("Couldn't find CRL for status check");
-        if (ret != WC_NO_ERR_TRACE(CRL_CERT_DATE_ERR)) {
-            ret = CRL_MISSING;
-        }
-
-        if (crl->cm != NULL && crl->cm->cbMissingCRL) {
-            char url[256];
-
-            WOLFSSL_MSG("Issuing missing CRL callback");
-            url[0] = '\0';
-            if (extCrlInfo) {
-                if (extCrlInfoSz < (int)sizeof(url) -1 ) {
-                    XMEMCPY(url, extCrlInfo, (size_t)extCrlInfoSz);
-                    url[extCrlInfoSz] = '\0';
-                }
-                else  {
-                    WOLFSSL_MSG("CRL url too long");
-                }
-            }
-
-            crl->cm->cbMissingCRL(url);
-        }
-
-        if (crl->cm != NULL && crl->cm->crlCb &&
-                crl->cm->crlCb(ret, crl, crl->cm, crl->cm->crlCbCtx)) {
-            if (ret != 0)
-                WOLFSSL_MSG("Overriding CRL error");
-            ret = 0;
-        }
-    }
-
-    return ret;
-}
-
-/* Is the cert ok with CRL, return 0 on success */
-int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
-{
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
-    void* issuerName = cert->issuerName;
-#else
-    void* issuerName = NULL;
-#endif
-    return CheckCertCRL_ex(crl, cert->issuerHash, cert->serial, cert->serialSz,
-            NULL, cert->extCrlInfo, cert->extCrlInfoSz, issuerName);
-}
-
-#ifdef HAVE_CRL_UPDATE_CB
-static void SetCrlInfo(CRL_Entry* entry, CrlInfo *info)
-{
-    info->issuerHash = (byte *)entry->issuerHash;
-    info->issuerHashLen = CRL_DIGEST_SIZE;
-    info->lastDate = (byte *)entry->lastDate;
-    info->lastDateMaxLen = MAX_DATE_SIZE;
-    info->lastDateFormat = entry->lastDateFormat;
-    info->nextDate = (byte *)entry->nextDate;
-    info->nextDateMaxLen = MAX_DATE_SIZE;
-    info->nextDateFormat = entry->nextDateFormat;
-    info->crlNumberSet = entry->crlNumberSet;
-    if (info->crlNumberSet)
-        XMEMCPY(info->crlNumber, entry->crlNumber, CRL_MAX_NUM_SZ);
-}
-
-static void SetCrlInfoFromDecoded(DecodedCRL* entry, CrlInfo *info)
-{
-    info->issuerHash = (byte *)entry->issuerHash;
-    info->issuerHashLen = SIGNER_DIGEST_SIZE;
-    info->lastDate = (byte *)entry->lastDate;
-    info->lastDateMaxLen = MAX_DATE_SIZE;
-    info->lastDateFormat = entry->lastDateFormat;
-    info->nextDate = (byte *)entry->nextDate;
-    info->nextDateMaxLen = MAX_DATE_SIZE;
-    info->nextDateFormat = entry->nextDateFormat;
-    info->crlNumberSet = entry->crlNumberSet;
-    if (info->crlNumberSet)
-        XMEMCPY(info->crlNumber, entry->crlNumber, CRL_MAX_NUM_SZ);
-}
-#endif
-
-/* Returns MP_GT if prev crlNumber is smaller
- *         MP_EQ if equal
- *         MP_LT if prev crlNumber is larger */
-static int CompareCRLnumber(CRL_Entry* prev, CRL_Entry* curr)
-{
-    int ret = 0;
-    DECL_MP_INT_SIZE_DYN(prev_num, CRL_MAX_NUM_SZ * CHAR_BIT,
-                                   CRL_MAX_NUM_SZ * CHAR_BIT);
-    DECL_MP_INT_SIZE_DYN(curr_num, CRL_MAX_NUM_SZ * CHAR_BIT,
-                                   CRL_MAX_NUM_SZ * CHAR_BIT);
-
-    NEW_MP_INT_SIZE(prev_num, CRL_MAX_NUM_SZ * CHAR_BIT, NULL,
-                                   DYNAMIC_TYPE_TMP_BUFFER);
-    NEW_MP_INT_SIZE(curr_num, CRL_MAX_NUM_SZ * CHAR_BIT, NULL,
-                                   DYNAMIC_TYPE_TMP_BUFFER);
-#ifdef MP_INT_SIZE_CHECK_NULL
-    if ((prev_num == NULL) || (curr_num == NULL)) {
-        ret = MEMORY_E;
-    }
-#endif
-
-    if (ret == 0 && ((INIT_MP_INT_SIZE(prev_num, CRL_MAX_NUM_SZ * CHAR_BIT)
-                != MP_OKAY) || (INIT_MP_INT_SIZE(curr_num,
-                CRL_MAX_NUM_SZ * CHAR_BIT)) != MP_OKAY)) {
-        ret = MP_INIT_E;
-    }
-
-    if (ret == 0 && (mp_read_radix(prev_num, (char*)prev->crlNumber,
-                MP_RADIX_HEX) != MP_OKAY ||
-                mp_read_radix(curr_num, (char*)curr->crlNumber,
-                MP_RADIX_HEX) != MP_OKAY)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0)
-        ret = mp_cmp(prev_num, curr_num);
-
-    FREE_MP_INT_SIZE(prev_num, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    FREE_MP_INT_SIZE(curr_num, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* Add Decoded CRL, 0 on success */
-static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
-                  int verified)
-{
-    CRL_Entry* crle = NULL;
-    CRL_Entry* curr = NULL;
-    CRL_Entry* prev = NULL;
-#ifdef HAVE_CRL_UPDATE_CB
-    CrlInfo old;
-    CrlInfo cnew;
-#endif
-    int ret = 0;
-
-    WOLFSSL_ENTER("AddCRL");
-
-    if (crl == NULL)
-        return WOLFSSL_FATAL_ERROR;
-
-    crle = crl->currentEntry;
-
-    if (crle == NULL) {
-        crle = CRL_Entry_new(crl->heap);
-        if (crle == NULL) {
-            WOLFSSL_MSG("alloc CRL Entry failed");
-            return MEMORY_E;
-        }
-    }
-
-    if (InitCRL_Entry(crle, dcrl, buff, verified, crl->heap) < 0) {
-        WOLFSSL_MSG("Init CRL Entry failed");
-        CRL_Entry_free(crle, crl->heap);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockRwLock_Wr failed");
-        CRL_Entry_free(crle, crl->heap);
-        return BAD_MUTEX_E;
-    }
-
-    for (curr = crl->crlList; curr != NULL; curr = curr->next) {
-        if (XMEMCMP(curr->issuerHash, crle->issuerHash, CRL_DIGEST_SIZE) == 0) {
-            ret = CompareCRLnumber(crle, curr);
-            /* Error out if the CRL we're attempting to add isn't more
-             * authoritative than the existing entry */
-            if (ret == MP_LT || ret == MP_EQ) {
-                WOLFSSL_MSG("Same or newer CRL entry already exists");
-                CRL_Entry_free(crle, crl->heap);
-                wc_UnLockRwLock(&crl->crlLock);
-                return BAD_FUNC_ARG;
-            }
-            else if (ret < 0) {
-                WOLFSSL_MSG("Error comparing CRL Numbers");
-                return ret;
-            }
-
-            crle->next = curr->next;
-            if (prev != NULL) {
-                prev->next = crle;
-            }
-            else {
-                crl->crlList = crle;
-            }
-
-#ifdef HAVE_CRL_UPDATE_CB
-            if (crl->cm && crl->cm->cbUpdateCRL != NULL) {
-                SetCrlInfo(curr, &old);
-                SetCrlInfo(crle, &cnew);
-                crl->cm->cbUpdateCRL(&old, &cnew);
-            }
-#endif
-
-            break;
-        }
-        prev = curr;
-    }
-
-    if (curr != NULL) {
-        CRL_Entry_free(curr, crl->heap);
-    }
-    else {
-        crle->next = crl->crlList;
-        crl->crlList = crle;
-    }
-    wc_UnLockRwLock(&crl->crlLock);
-    /* Avoid heap-use-after-free after crl->crlList is released */
-    crl->currentEntry = NULL;
-
-    return 0;
-}
-
-
-/* Load CRL File of type, WOLFSSL_SUCCESS on ok */
-int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
-                  int verify)
-{
-    int          ret = WOLFSSL_SUCCESS;
-    const byte*  myBuffer = buff;    /* if DER ok, otherwise switch */
-    DerBuffer*   der = NULL;
-    WC_DECLARE_VAR(dcrl, DecodedCRL, 1, 0);
-
-    WOLFSSL_ENTER("BufferLoadCRL");
-
-    if (crl == NULL || buff == NULL || sz == 0)
-        return BAD_FUNC_ARG;
-
-    if (type == WOLFSSL_FILETYPE_PEM) {
-    #ifdef WOLFSSL_PEM_TO_DER
-        ret = PemToDer(buff, sz, CRL_TYPE, &der, NULL, NULL, NULL);
-        if (ret == 0) {
-            myBuffer = der->buffer;
-            sz = der->length;
-        }
-        else {
-            WOLFSSL_MSG("Pem to Der failed");
-            FreeDer(&der);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    dcrl = (DecodedCRL*)XMALLOC(sizeof(DecodedCRL), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (dcrl == NULL) {
-        FreeDer(&der);
-        return MEMORY_E;
-    }
-#endif
-
-    crl->currentEntry = CRL_Entry_new(crl->heap);
-    if (crl->currentEntry == NULL) {
-        WOLFSSL_MSG_CERT_LOG("alloc CRL Entry failed");
-        WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        FreeDer(&der);
-        return MEMORY_E;
-    }
-
-    InitDecodedCRL(dcrl, crl->heap);
-    ret = ParseCRL(crl->currentEntry->certs, dcrl, myBuffer, (word32)sz,
-                   verify, crl->cm);
-
-    if (ret != 0 && !(ret == WC_NO_ERR_TRACE(ASN_CRL_NO_SIGNER_E)
-                      && verify == NO_VERIFY)) {
-        WOLFSSL_MSG_CERT_LOG("ParseCRL error");
-        WOLFSSL_MSG_CERT_EX("ParseCRL verify = %d, ret = %d", verify, ret);
-        CRL_Entry_free(crl->currentEntry, crl->heap);
-        crl->currentEntry = NULL;
-    }
-    else {
-        ret = AddCRL(crl, dcrl, myBuffer,
-                     ret != WC_NO_ERR_TRACE(ASN_CRL_NO_SIGNER_E));
-        if (ret != 0) {
-            WOLFSSL_MSG_CERT_LOG("AddCRL error");
-            crl->currentEntry = NULL;
-        }
-    }
-
-    FreeDecodedCRL(dcrl);
-
-    WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    FreeDer(&der);
-
-    return ret ? ret : WOLFSSL_SUCCESS; /* convert 0 to WOLFSSL_SUCCESS */
-}
-
-#ifdef HAVE_CRL_UPDATE_CB
-/* Fill out CRL info structure, WOLFSSL_SUCCESS on ok */
-int GetCRLInfo(WOLFSSL_CRL* crl, CrlInfo* info, const byte* buff,
-    long sz, int type)
-{
-    int          ret = WOLFSSL_SUCCESS;
-    const byte*  myBuffer = buff;    /* if DER ok, otherwise switch */
-    DerBuffer*   der = NULL;
-    CRL_Entry*   crle = NULL;
-    WC_DECLARE_VAR(dcrl, DecodedCRL, 1, 0);
-
-    WOLFSSL_ENTER("GetCRLInfo");
-
-    if (crl == NULL || info == NULL || buff == NULL || sz == 0)
-        return BAD_FUNC_ARG;
-
-    if (type == WOLFSSL_FILETYPE_PEM) {
-    #ifdef WOLFSSL_PEM_TO_DER
-        ret = PemToDer(buff, sz, CRL_TYPE, &der, NULL, NULL, NULL);
-        if (ret == 0) {
-            myBuffer = der->buffer;
-            sz = der->length;
-        }
-        else {
-            WOLFSSL_MSG("Pem to Der failed");
-            FreeDer(&der);
-            return -1;
-        }
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    dcrl = (DecodedCRL*)XMALLOC(sizeof(DecodedCRL), NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (dcrl == NULL) {
-        FreeDer(&der);
-        return MEMORY_E;
-    }
-#endif
-
-    crle = CRL_Entry_new(crl->heap);
-    if (crle == NULL) {
-        WOLFSSL_MSG("alloc CRL Entry failed");
-        WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        FreeDer(&der);
-        return MEMORY_E;
-    }
-
-    InitDecodedCRL(dcrl, crl->heap);
-    ret = ParseCRL(crle->certs, dcrl, myBuffer, (word32)sz,
-                   0, crl->cm);
-    if (ret != 0 && !(ret == WC_NO_ERR_TRACE(ASN_CRL_NO_SIGNER_E))) {
-        WOLFSSL_MSG("ParseCRL error");
-        CRL_Entry_free(crle, crl->heap);
-        crle = NULL;
-    }
-    else {
-        SetCrlInfoFromDecoded((DecodedCRL*)dcrl, info);
-    }
-
-    FreeDecodedCRL(dcrl);
-
-    WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    FreeDer(&der);
-    CRL_Entry_free(crle, crl->heap);
-
-    return ret ? ret : WOLFSSL_SUCCESS; /* convert 0 to WOLFSSL_SUCCESS */
-}
-#endif
-
-#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL)
-/* helper function to create a new dynamic WOLFSSL_X509_CRL structure */
-static WOLFSSL_X509_CRL* wolfSSL_X509_crl_new(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_X509_CRL* ret;
-    void* heap = NULL;
-
-    if (cm != NULL) {
-        heap = cm->heap;
-    }
-
-    ret = (WOLFSSL_X509_CRL*)XMALLOC(sizeof(WOLFSSL_X509_CRL), heap,
-        DYNAMIC_TYPE_CRL);
-    if (ret != NULL) {
-        if (InitCRL(ret, cm) < 0) {
-            WOLFSSL_MSG("Unable to initialize new CRL structure");
-            XFREE(ret, heap, DYNAMIC_TYPE_CRL);
-            ret = NULL;
-        }
-    }
-    return ret;
-}
-
-#ifndef CRL_STATIC_REVOKED_LIST
-/* returns head of copied list that was alloc'd */
-static RevokedCert *DupRevokedCertList(RevokedCert* in, void* heap)
-{
-    RevokedCert* head = NULL;
-    RevokedCert* current = in;
-    RevokedCert* prev = NULL;
-    while (current) {
-        RevokedCert* tmp = (RevokedCert*)XMALLOC(sizeof(RevokedCert), heap,
-                DYNAMIC_TYPE_REVOKED);
-        if (tmp != NULL) {
-            XMEMCPY(tmp->serialNumber, current->serialNumber,
-                    EXTERNAL_SERIAL_SIZE);
-            tmp->serialSz = current->serialSz;
-            XMEMCPY(tmp->revDate, current->revDate,
-                    MAX_DATE_SIZE);
-            tmp->revDateFormat = current->revDateFormat;
-            tmp->next = NULL;
-            if (prev != NULL)
-                prev->next = tmp;
-            if (head == NULL)
-                head = tmp;
-            prev = tmp;
-        }
-        else {
-            WOLFSSL_MSG("Failed to allocate new RevokedCert structure");
-            /* free up any existing list */
-            while (head != NULL) {
-                current = head;
-                head = head->next;
-                XFREE(current, heap, DYNAMIC_TYPE_REVOKED);
-            }
-            return NULL;
-        }
-        current = current->next;
-    }
-
-    (void)heap;
-    return head;
-}
-
-#endif /* CRL_STATIC_REVOKED_LIST */
-/* returns a deep copy of ent on success and null on fail */
-static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap)
-{
-    CRL_Entry *dupl;
-    const size_t copyOffset = WC_OFFSETOF(CRL_Entry, verifyMutex) +
-            sizeof(ent->verifyMutex);
-#ifdef CRL_STATIC_REVOKED_LIST
-    if (ent->totalCerts > CRL_MAX_REVOKED_CERTS) {
-        return NULL;
-    }
-#endif
-    dupl = CRL_Entry_new(heap);
-    if (dupl == NULL) {
-        WOLFSSL_MSG("alloc CRL Entry failed");
-        return NULL;
-    }
-
-    XMEMCPY((byte*)dupl + copyOffset, (byte*)ent + copyOffset,
-            sizeof(CRL_Entry) - copyOffset);
-
-#ifndef CRL_STATIC_REVOKED_LIST
-    dupl->certs = DupRevokedCertList(ent->certs, heap);
-    if (ent->certs != NULL && dupl->certs == NULL) {
-        CRL_Entry_free(dupl, heap);
-        return NULL;
-    }
-#endif
-#ifdef OPENSSL_EXTRA
-    dupl->issuer = wolfSSL_X509_NAME_dup(ent->issuer);
-    if (ent->issuer != NULL && dupl->issuer == NULL) {
-        CRL_Entry_free(dupl, heap);
-        return NULL;
-    }
-#endif
-
-    if (!ent->verified) {
-        dupl->toBeSigned = (byte*)XMALLOC(dupl->tbsSz, heap,
-                                          DYNAMIC_TYPE_CRL_ENTRY);
-        dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap,
-                                         DYNAMIC_TYPE_CRL_ENTRY);
-    #ifdef WC_RSA_PSS
-        dupl->sigParams = (byte*)XMALLOC(dupl->sigParamsSz, heap,
-                                         DYNAMIC_TYPE_CRL_ENTRY);
-    #endif
-        if (dupl->toBeSigned == NULL || dupl->signature == NULL
-        #ifdef WC_RSA_PSS
-            /* allow sigParamsSz is zero and XMALLOC(0) to return NULL */
-            || (dupl->sigParams == NULL && dupl->sigParamsSz != 0)
-        #endif
-        ) {
-            CRL_Entry_free(dupl, heap);
-            return NULL;
-        }
-        XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz);
-        XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz);
-    #ifdef WC_RSA_PSS
-        if (dupl->sigParamsSz > 0) {
-            XMEMCPY(dupl->sigParams, ent->sigParams, dupl->sigParamsSz);
-        }
-    #endif
-    }
-    else {
-        dupl->toBeSigned = NULL;
-        dupl->tbsSz = 0;
-        dupl->signature = NULL;
-        dupl->signatureSz = 0;
-#ifdef WC_RSA_PSS
-        dupl->sigParams = NULL;
-        dupl->sigParamsSz = 0;
-#endif
-#if !defined(NO_SKID) && !defined(NO_ASN)
-        dupl->extAuthKeyIdSet = 0;
-#endif
-    }
-
-    return dupl;
-}
-
-
-/* returns the head of a deep copy of the list on success and null on fail */
-static CRL_Entry* DupCRL_list(CRL_Entry* crl, void* heap)
-{
-    CRL_Entry* current;
-    CRL_Entry* head = NULL;
-    CRL_Entry** prev = &head;
-
-    for (current = crl; current != NULL; current = current->next) {
-        CRL_Entry* tmp = DupCRL_Entry(current, heap);
-        if (tmp != NULL) {
-            *prev = tmp;
-            prev = &tmp->next;
-        }
-        else {
-            WOLFSSL_MSG("Failed to allocate new CRL_Entry structure");
-            /* free up any existing list */
-            while (head != NULL) {
-                CRL_Entry* next = head->next;
-                CRL_Entry_free(head, heap);
-                head = next;
-            }
-            return NULL;
-        }
-    }
-
-    return head;
-}
-
-
-/* Duplicates everything except the parent cm pointed to.
- * Expects that Init has already been done to 'dupl'
- * return 0 on success */
-static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl)
-{
-    if (dupl == NULL || crl == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef HAVE_CRL_MONITOR
-    if (crl->monitors[0].path) {
-        size_t pathSz = XSTRLEN(crl->monitors[0].path) + 1;
-        dupl->monitors[0].path = (char*)XMALLOC(pathSz, dupl->heap,
-                DYNAMIC_TYPE_CRL_MONITOR);
-        if (dupl->monitors[0].path != NULL) {
-            XSTRNCPY(dupl->monitors[0].path, crl->monitors[0].path, pathSz);
-        }
-        else {
-            return MEMORY_E;
-        }
-    }
-
-    if (crl->monitors[1].path) {
-        size_t pathSz = XSTRLEN(crl->monitors[1].path) + 1;
-        dupl->monitors[1].path = (char*)XMALLOC(pathSz, dupl->heap,
-                DYNAMIC_TYPE_CRL_MONITOR);
-        if (dupl->monitors[1].path != NULL) {
-            XSTRNCPY(dupl->monitors[1].path, crl->monitors[1].path, pathSz);
-        }
-        else {
-            if (dupl->monitors[0].path != NULL) {
-                XFREE(dupl->monitors[0].path, dupl->heap,
-                        DYNAMIC_TYPE_CRL_MONITOR);
-                dupl->monitors[0].path = NULL;
-            }
-            return MEMORY_E;
-        }
-    }
-#endif
-
-    dupl->crlList = DupCRL_list(crl->crlList, dupl->heap);
-    if (dupl->crlList == NULL)
-        return MEMORY_E;
-#ifdef HAVE_CRL_IO
-    dupl->crlIOCb = crl->crlIOCb;
-#endif
-
-    return 0;
-}
-
-WOLFSSL_X509_CRL* wolfSSL_X509_CRL_dup(const WOLFSSL_X509_CRL* crl)
-{
-    WOLFSSL_X509_CRL* ret;
-
-    WOLFSSL_ENTER("wolfSSL_X509_CRL_dup");
-
-    ret = wolfSSL_X509_crl_new(crl->cm);
-    if (ret != NULL && DupX509_CRL(ret, crl) != 0) {
-        FreeCRL(ret, 1);
-        ret = NULL;
-    }
-    return ret;
-}
-
-/* returns WOLFSSL_SUCCESS on success. Does not take ownership of newcrl */
-int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl)
-{
-    WOLFSSL_X509_CRL *crl;
-    int ret = 0;
-
-    WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl");
-    if (store == NULL || newcrl == NULL || store->cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (store->cm->crl == NULL) {
-        crl = wolfSSL_X509_crl_new(store->cm);
-        if (crl == NULL) {
-            WOLFSSL_MSG("wolfSSL_X509_crl_new failed");
-            return WOLFSSL_FAILURE;
-        }
-        if (wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
-            WOLFSSL_MSG("wc_LockRwLock_Rd failed");
-            return BAD_MUTEX_E;
-        }
-        ret = DupX509_CRL(crl, newcrl);
-        wc_UnLockRwLock(&newcrl->crlLock);
-        if (ret != 0) {
-            FreeCRL(crl, 1);
-            return WOLFSSL_FAILURE;
-        }
-        store->crl = store->cm->crl = crl;
-        if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL)
-                != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("wolfSSL_CertManagerEnableCRL error");
-            return WOLFSSL_FAILURE;
-        }
-        return WOLFSSL_SUCCESS;
-    }
-
-    /* find tail of current list and add new list */
-    crl  = store->cm->crl;
-    if (newcrl->crlList != NULL) {
-        CRL_Entry **tail;
-        CRL_Entry *toAdd;
-
-        if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
-            WOLFSSL_MSG("wc_LockRwLock_Wr failed");
-            return BAD_MUTEX_E;
-        }
-
-        if (crl != newcrl && wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
-            WOLFSSL_MSG("wc_LockRwLock_Rd failed");
-            wc_UnLockRwLock(&crl->crlLock);
-            return BAD_MUTEX_E;
-        }
-        toAdd = DupCRL_list(newcrl->crlList, crl->heap);
-        if (crl != newcrl)
-            wc_UnLockRwLock(&newcrl->crlLock);
-
-        tail = &crl->crlList;
-        while (*tail != NULL)
-            tail = &(*tail)->next;
-        *tail = toAdd;
-        wc_UnLockRwLock(&crl->crlLock);
-    }
-
-    if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL)
-            != WOLFSSL_SUCCESS) {
-        WOLFSSL_MSG("wolfSSL_CertManagerEnableCRL error");
-        return WOLFSSL_FAILURE;
-    }
-
-    WOLFSSL_LEAVE("wolfSSL_X509_STORE_add_crl", WOLFSSL_SUCCESS);
-
-    return WOLFSSL_SUCCESS;
-}
-#endif
-
-#ifdef HAVE_CRL_MONITOR
-
-
-/* Signal Monitor thread is setup, save status to setup flag, 0 on success */
-static int SignalSetup(WOLFSSL_CRL* crl, int status)
-{
-    int ret, condRet;
-
-    ret = wolfSSL_CondStart(&crl->cond);
-    if (ret != 0)
-        return ret;
-
-    crl->setup = status;
-
-    condRet = wolfSSL_CondSignal(&crl->cond);
-    ret = wolfSSL_CondEnd(&crl->cond);
-    if (ret != 0)
-        return ret;
-
-    return condRet;
-}
-
-
-/* read in new CRL entries and save new list */
-static int SwapLists(WOLFSSL_CRL* crl)
-{
-    int        ret;
-    CRL_Entry* newList;
-    WC_DECLARE_VAR(tmp, WOLFSSL_CRL, 1, 0);
-
-    WC_ALLOC_VAR_EX(tmp, WOLFSSL_CRL, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    if (InitCRL(tmp, crl->cm) < 0) {
-        WOLFSSL_MSG("Init tmp CRL failed");
-        WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (crl->monitors[0].path) {
-        ret = LoadCRL(tmp, crl->monitors[0].path, WOLFSSL_FILETYPE_PEM, 0);
-        if (ret != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("PEM LoadCRL on dir change failed");
-            FreeCRL(tmp, 0);
-            WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (crl->monitors[1].path) {
-        ret = LoadCRL(tmp, crl->monitors[1].path, WOLFSSL_FILETYPE_ASN1, 0);
-        if (ret != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("DER LoadCRL on dir change failed");
-            FreeCRL(tmp, 0);
-            WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockRwLock_Wr failed");
-        FreeCRL(tmp, 0);
-        WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    newList = tmp->crlList;
-
-    /* swap lists */
-    tmp->crlList  = crl->crlList;
-    crl->crlList = newList;
-
-    wc_UnLockRwLock(&crl->crlLock);
-
-    FreeCRL(tmp, 0);
-
-    WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-
-
-#if (defined(__MACH__) || defined(__FreeBSD__))
-
-#include <sys/types.h>
-#include <sys/event.h>
-#include <sys/time.h>
-#include <fcntl.h>
-#include <unistd.h>
-
-#ifdef __MACH__
-    #define XEVENT_MODE O_EVTONLY
-#elif defined(__FreeBSD__)
-    #define XEVENT_MODE O_RDONLY
-#endif
-
-
-/* we need a unique kqueue user filter fd for crl in case user is doing custom
- * events too */
-#ifndef CRL_CUSTOM_FD
-    #define CRL_CUSTOM_FD 123456
-#endif
-
-
-/* shutdown monitor thread, 0 on success */
-static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
-{
-    struct kevent change;
-
-    /* trigger custom shutdown */
-#if defined(NOTE_TRIGGER)
-    EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, 0, NOTE_TRIGGER, 0, NULL);
-#elif defined(EV_TRIGGER)
-    EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, EV_TRIGGER, 0, 0, NULL);
-#endif
-    if (kevent(mfd, &change, 1, NULL, 0, NULL) < 0) {
-        WOLFSSL_MSG("kevent trigger customer event failed");
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    return 0;
-}
-
-
-/* OS X  monitoring */
-static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
-{
-    int fPEM, fDER;
-    struct kevent change;
-
-    WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
-
-    WOLFSSL_ENTER("DoMonitor");
-
-    crl->mfd = kqueue();
-    if (crl->mfd == -1) {
-        WOLFSSL_MSG("kqueue failed");
-        SignalSetup(crl, MONITOR_SETUP_E);
-        return NULL;
-    }
-
-    /* listen for custom shutdown event */
-    EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, EV_ADD, 0, 0, NULL);
-    if (kevent(crl->mfd, &change, 1, NULL, 0, NULL) < 0) {
-        WOLFSSL_MSG("kevent monitor customer event failed");
-        SignalSetup(crl, MONITOR_SETUP_E);
-        (void)close(crl->mfd);
-        return NULL;
-    }
-
-    fPEM = -1;
-    fDER = -1;
-
-    if (crl->monitors[0].path) {
-        fPEM = open(crl->monitors[0].path, XEVENT_MODE);
-        if (fPEM == -1) {
-            WOLFSSL_MSG("PEM event dir open failed");
-            SignalSetup(crl, MONITOR_SETUP_E);
-            (void)close(crl->mfd);
-            return NULL;
-        }
-    }
-
-    if (crl->monitors[1].path) {
-        fDER = open(crl->monitors[1].path, XEVENT_MODE);
-        if (fDER == -1) {
-            WOLFSSL_MSG("DER event dir open failed");
-            if (fPEM != -1)
-                (void)close(fPEM);
-            (void)close(crl->mfd);
-            SignalSetup(crl, MONITOR_SETUP_E);
-            return NULL;
-        }
-    }
-
-    if (fPEM != -1)
-        EV_SET(&change, fPEM, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
-                NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
-
-    if (fDER != -1)
-        EV_SET(&change, fDER, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
-                NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
-
-    /* signal to calling thread we're setup */
-    if (SignalSetup(crl, 1) != 0) {
-        if (fPEM != -1)
-            (void)close(fPEM);
-        if (fDER != -1)
-            (void)close(fDER);
-        (void)close(crl->mfd);
-        return NULL;
-    }
-
-    for (;;) {
-        struct kevent event;
-        int           numEvents = kevent(crl->mfd, &change, 1, &event, 1, NULL);
-
-        WOLFSSL_MSG("Got kevent");
-
-        if (numEvents == -1) {
-            WOLFSSL_MSG("kevent problem, continue");
-            continue;
-        }
-
-        if (event.filter == EVFILT_USER) {
-            WOLFSSL_MSG("Got user shutdown event, breaking out");
-            break;
-        }
-
-        if (SwapLists(crl) < 0) {
-            WOLFSSL_MSG("SwapLists problem, continue");
-        }
-    }
-
-    if (fPEM != -1)
-        (void)close(fPEM);
-    if (fDER != -1)
-        (void)close(fDER);
-
-    (void)close(crl->mfd);
-
-    return NULL;
-}
-
-
-#elif defined(__linux__)
-
-#include <sys/types.h>
-#include <sys/inotify.h>
-#include <sys/eventfd.h>
-#include <unistd.h>
-
-
-#ifndef max
-    static WC_INLINE int max(int a, int b)
-    {
-        return a > b ? a : b;
-    }
-#endif /* max */
-
-
-/* shutdown monitor thread, 0 on success */
-static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
-{
-    word64 w64 = 1;
-
-    /* write to our custom event */
-    if (write(mfd, &w64, sizeof(w64)) < 0) {
-        WOLFSSL_MSG("StopMonitor write failed");
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    return 0;
-}
-
-
-/* linux monitoring */
-static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
-{
-    int         notifyFd;
-    int         wd  = -1;
-    WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
-    WC_DECLARE_VAR(buff, char, 8192, 0);
-
-    WOLFSSL_ENTER("DoMonitor");
-
-    crl->mfd = eventfd(0, 0);  /* our custom shutdown event */
-    if (crl->mfd < 0) {
-        WOLFSSL_MSG("eventfd failed");
-        SignalSetup(crl, MONITOR_SETUP_E);
-        return NULL;
-    }
-
-    notifyFd = inotify_init();
-    if (notifyFd < 0) {
-        WOLFSSL_MSG("inotify failed");
-        (void)close(crl->mfd);
-        SignalSetup(crl, MONITOR_SETUP_E);
-        return NULL;
-    }
-
-    if (crl->monitors[0].path) {
-        wd = inotify_add_watch(notifyFd, crl->monitors[0].path, IN_CLOSE_WRITE |
-                                                                IN_DELETE);
-        if (wd < 0) {
-            WOLFSSL_MSG("PEM notify add watch failed");
-            (void)close(crl->mfd);
-            (void)close(notifyFd);
-            SignalSetup(crl, MONITOR_SETUP_E);
-            return NULL;
-        }
-    }
-
-    if (crl->monitors[1].path) {
-        wd = inotify_add_watch(notifyFd, crl->monitors[1].path, IN_CLOSE_WRITE |
-                                                                IN_DELETE);
-        if (wd < 0) {
-            WOLFSSL_MSG("DER notify add watch failed");
-            (void)close(crl->mfd);
-            (void)close(notifyFd);
-            SignalSetup(crl, MONITOR_SETUP_E);
-            return NULL;
-        }
-    }
-
-
-    /* signal to calling thread we're setup */
-    if (SignalSetup(crl, 1) != 0) {
-        if (wd > 0) {
-            if (inotify_rm_watch(notifyFd, wd) < 0)
-                WOLFSSL_MSG("inotify_rm_watch #1 failed in DoMonitor");
-        }
-        (void)close(crl->mfd);
-        (void)close(notifyFd);
-        return NULL;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (buff == NULL)
-        return NULL;
-#endif
-
-    for (;;) {
-        fd_set readfds;
-        int    result;
-        int    length;
-
-        FD_ZERO(&readfds);
-        FD_SET(notifyFd, &readfds);
-        FD_SET(crl->mfd, &readfds);
-
-        result = select(max(notifyFd, crl->mfd) + 1, &readfds, NULL, NULL,NULL);
-
-        WOLFSSL_MSG("Got notify event");
-
-        if (result < 0) {
-            WOLFSSL_MSG("select problem, continue");
-            continue;
-        }
-
-        if (FD_ISSET(crl->mfd, &readfds)) {
-            word64 r64;
-            int    rlen;
-
-            WOLFSSL_MSG("got custom shutdown event, breaking out");
-
-            /* read out the bytes written to the event to clean up */
-            rlen = (int) read(crl->mfd, &r64, sizeof(r64));
-            if (rlen < 0) {
-                WOLFSSL_MSG("read custom event failure");
-            }
-
-            break;
-        }
-
-        length = (int) read(notifyFd, buff, 8192);
-        if (length < 0) {
-            WOLFSSL_MSG("notify read problem, continue");
-            continue;
-        }
-
-        if (SwapLists(crl) < 0) {
-            WOLFSSL_MSG("SwapLists problem, continue");
-        }
-    }
-
-    WC_FREE_VAR_EX(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (wd > 0) {
-        if (inotify_rm_watch(notifyFd, wd) < 0)
-            WOLFSSL_MSG("inotify_rm_watch #2 failed in DoMonitor");
-    }
-    (void)close(crl->mfd);
-    (void)close(notifyFd);
-
-    return NULL;
-}
-
-#elif defined(_MSC_VER)
-
-/* shutdown monitor thread, 0 on success */
-static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
-{
-    if (SetEvent(mfd) == 0) {
-        WOLFSSL_MSG("SetEvent custom event trigger failed");
-        return WOLFSSL_FATAL_ERROR;
-    }
-    return 0;
-}
-
-#ifdef DEBUG_WOLFSSL
-#define SHOW_WINDOWS_ERROR() do {                               \
-    LPVOID lpMsgBuf = NULL;                                     \
-    DWORD dw = GetLastError();                                  \
-    FormatMessageA(                                             \
-        FORMAT_MESSAGE_ALLOCATE_BUFFER |                        \
-        FORMAT_MESSAGE_FROM_SYSTEM |                            \
-        FORMAT_MESSAGE_IGNORE_INSERTS,                          \
-        NULL,                                                   \
-        dw,                                                     \
-        MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),              \
-        (LPSTR) &lpMsgBuf,                                      \
-        0, NULL );                                              \
-    WOLFSSL_MSG_EX("DoMonitor failed with error %d: %s\n",      \
-        dw, lpMsgBuf);                                          \
-    LocalFree(lpMsgBuf);                                        \
-} while(0)
-#else
-#define SHOW_WINDOWS_ERROR() WC_DO_NOTHING
-#endif
-
-#define DM_ERROR() do {                                         \
-    SHOW_WINDOWS_ERROR();                                       \
-    status = MONITOR_SETUP_E;                                   \
-    goto cleanup;                                               \
-} while(0)
-
-/* windows monitoring
- * Tested initially by hand by running
- * .\server.exe -A certs/ca-cert.pem -i -x
- * and connecting to with
- * .\client.exe -C -c certs/server-cert.pem -k certs/server-key.pem
- * This connection succeeds by default. By deleting all files from certs/crl
- * except for crl.revoked we disallow the client to connect. Deleting files
- * is done while the server is running to show that the monitor reacts to
- * changes in the crl directory. */
-static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
-{
-    WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
-    int status = 0;
-    HANDLE handles[WOLFSSL_CRL_MONITORS_LEN + 1];
-    DWORD handlesLen = 0;
-    int i;
-
-    WOLFSSL_ENTER("DoMonitor");
-
-    handles[0] = crl->mfd = CreateEventA(NULL, FALSE, FALSE, NULL);
-    if (crl->mfd == NULL) {
-        WOLFSSL_MSG("CreateEventA failed");
-        DM_ERROR();
-    }
-    handlesLen++;
-
-    for (i = 0; i < WOLFSSL_CRL_MONITORS_LEN; i++) {
-        if (crl->monitors[i].path) {
-            handles[handlesLen] = FindFirstChangeNotificationA(
-                crl->monitors[i].path, TRUE,
-                /* Watch for any changes that may affect what CRL's we load.
-                 * This may trigger on the same file multiple times but this
-                 * way we are certain that we have the most up to date and
-                 * accurate set of CRL's. We don't expect this to trigger
-                 * often enough for it to be a bottleneck. */
-                FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_ATTRIBUTES |
-                FILE_NOTIFY_CHANGE_SIZE | FILE_NOTIFY_CHANGE_LAST_WRITE |
-                FILE_NOTIFY_CHANGE_SECURITY);
-            if (handles[handlesLen] == INVALID_HANDLE_VALUE) {
-                WOLFSSL_MSG("FindFirstChangeNotificationA failed");
-                DM_ERROR();
-            }
-            handlesLen++;
-        }
-    }
-
-    if (handlesLen == 1) {
-        WOLFSSL_MSG("Nothing to watch. Only custom event handle set.");
-        DM_ERROR();
-    }
-
-    if (SignalSetup(crl, 1) != 0) {
-        WOLFSSL_MSG("Call to SignalSetup failed");
-        DM_ERROR();
-    }
-
-    for (;;) {
-        DWORD waitRet = WaitForMultipleObjects(handlesLen, handles, FALSE,
-                                               INFINITE);
-        WOLFSSL_MSG("Got notify event");
-
-        if (waitRet >= WAIT_OBJECT_0 && waitRet < WAIT_OBJECT_0 + handlesLen) {
-            if (waitRet == WAIT_OBJECT_0) {
-                WOLFSSL_MSG("got custom shutdown event, breaking out");
-                break;
-            }
-            else if (SwapLists(crl) < 0) {
-                WOLFSSL_MSG("SwapLists problem, continue");
-            }
-        }
-        else {
-            WOLFSSL_MSG("Unexpected WaitForMultipleObjects return. Continue.");
-        }
-
-        for (i = 1; i < (int)handlesLen; i++) {
-            if (FindNextChangeNotification(handles[i]) == 0) {
-                WOLFSSL_MSG("FindNextChangeNotification failed");
-                DM_ERROR();
-            }
-        }
-    }
-
-cleanup:
-    if (status != 0)
-        SignalSetup(crl, status);
-    for (i = 0; i < (int)handlesLen; i++) {
-        BOOL closeRet;
-        if (i == 0) /* First handle is our custom event */
-            closeRet = CloseHandle(handles[i]);
-        else
-            closeRet = FindCloseChangeNotification(handles[i]);
-        if (closeRet == 0) {
-            WOLFSSL_MSG("Failed to close handle");
-        }
-    }
-    crl->mfd = INVALID_HANDLE_VALUE;
-    return 0;
-}
-
-#endif /* MACH or linux or windows */
-
-
-/* Start Monitoring the CRL path(s) in a thread */
-static int StartMonitorCRL(WOLFSSL_CRL* crl)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("StartMonitorCRL");
-
-    if (crl == NULL)
-        return BAD_FUNC_ARG;
-
-    if (crl->tid != INVALID_THREAD_VAL) {
-        WOLFSSL_MSG("Monitor thread already running");
-        return ret;  /* that's ok, someone already started */
-    }
-
-    if (wolfSSL_NewThread(&crl->tid, DoMonitor, crl) != 0) {
-        WOLFSSL_MSG("Thread creation error");
-        return THREAD_CREATE_E;
-    }
-
-    /* wait for setup to complete */
-    if (wolfSSL_CondStart(&crl->cond) != 0) {
-        WOLFSSL_MSG("wolfSSL_CondStart failed");
-        return BAD_MUTEX_E;
-    }
-    while (crl->setup == 0) {
-        int condRet;
-        condRet = wolfSSL_CondWait(&crl->cond);
-        if (condRet != 0) {
-            ret = BAD_COND_E;
-            break;
-        }
-    }
-    if (ret >= 0 && crl->setup < 0)
-        ret = crl->setup;  /* store setup error */
-
-    if (ret < 0) {
-        WOLFSSL_MSG("DoMonitor setup failure");
-        crl->tid = INVALID_THREAD_VAL;  /* thread already done */
-    }
-    if (wolfSSL_CondEnd(&crl->cond) != 0) {
-        WOLFSSL_MSG("wolfSSL_CondEnd failed");
-        return BAD_MUTEX_E;
-    }
-
-    return ret;
-}
-
-#endif  /* HAVE_CRL_MONITOR */
-
-#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
-
-/* Load CRL path files of type, WOLFSSL_SUCCESS on ok */
-int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
-{
-    int         ret = WOLFSSL_SUCCESS;
-    char*       name = NULL;
-    WC_DECLARE_VAR(readCtx, ReadDirCtx, 1, 0);
-
-    WOLFSSL_ENTER("LoadCRL");
-    if (crl == NULL)
-        return BAD_FUNC_ARG;
-
-    WC_ALLOC_VAR_EX(readCtx, ReadDirCtx, 1, crl->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    /* try to load each regular file in path */
-    ret = wc_ReadDirFirst(readCtx, path, &name);
-    while (ret == 0 && name) {
-        int skip = 0;
-        if (type == WOLFSSL_FILETYPE_PEM) {
-            if (XSTRSTR(name, ".pem") == NULL) {
-                WOLFSSL_MSG("not .pem file, skipping");
-                skip = 1;
-            }
-        }
-        else {
-            if (XSTRSTR(name, ".der") == NULL &&
-                XSTRSTR(name, ".crl") == NULL)
-            {
-                WOLFSSL_MSG("not .der or .crl file, skipping");
-                skip = 1;
-            }
-        }
-
-#ifndef CRL_REPORT_LOAD_ERRORS
-        if (!skip && ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl,
-                                 VERIFY) != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("CRL file load failed, continuing");
-        }
-#else
-        if (!skip) {
-            ret = ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl, VERIFY);
-            if (ret != WOLFSSL_SUCCESS) {
-                WOLFSSL_MSG("CRL file load failed");
-                wc_ReadDirClose(readCtx);
-                WC_FREE_VAR_EX(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                return ret;
-            }
-        }
-#endif
-
-        ret = wc_ReadDirNext(readCtx, path, &name);
-    }
-    wc_ReadDirClose(readCtx);
-
-    /* load failures not reported, for backwards compat */
-    ret = WOLFSSL_SUCCESS;
-
-    WC_FREE_VAR_EX(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (monitor & WOLFSSL_CRL_MONITOR) {
-#ifdef HAVE_CRL_MONITOR
-        word32 pathLen;
-        char* pathBuf;
-
-        WOLFSSL_MSG("monitor path requested");
-
-        pathLen = (word32)XSTRLEN(path);
-        pathBuf = (char*)XMALLOC(pathLen+1, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
-        if (pathBuf) {
-            XMEMCPY(pathBuf, path, pathLen+1);
-
-            if (type == WOLFSSL_FILETYPE_PEM) {
-                /* free old path before setting a new one */
-                if (crl->monitors[0].path) {
-                    XFREE(crl->monitors[0].path, crl->heap,
-                            DYNAMIC_TYPE_CRL_MONITOR);
-                }
-                crl->monitors[0].path = pathBuf;
-                crl->monitors[0].type = WOLFSSL_FILETYPE_PEM;
-            } else {
-                /* free old path before setting a new one */
-                if (crl->monitors[1].path) {
-                    XFREE(crl->monitors[1].path, crl->heap,
-                            DYNAMIC_TYPE_CRL_MONITOR);
-                }
-                crl->monitors[1].path = pathBuf;
-                crl->monitors[1].type = WOLFSSL_FILETYPE_ASN1;
-            }
-
-            if (monitor & WOLFSSL_CRL_START_MON) {
-                WOLFSSL_MSG("start monitoring requested");
-
-                ret = StartMonitorCRL(crl);
-            }
-        }
-        else {
-            ret = MEMORY_E;
-        }
-#else
-        WOLFSSL_MSG("CRL monitoring requested but not compiled in");
-        ret = NOT_COMPILED_IN;
-#endif
-    }
-
-    return ret;
-}
-
-#else
-int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
-{
-    (void)crl;
-    (void)path;
-    (void)type;
-    (void)monitor;
-
-    /* stub for scenario where file system is not supported */
-    return NOT_COMPILED_IN;
-}
-#endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */
-
-#endif /* HAVE_CRL */
-#endif /* !WOLFCRYPT_ONLY */
diff --git a/src/ssl/wolfssl/dtls.c b/src/ssl/wolfssl/dtls.c
deleted file mode 100644
index dff1ffab3..000000000
--- a/src/ssl/wolfssl/dtls.c
+++ /dev/null
@@ -1,1491 +0,0 @@
-/* dtls.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/*
- * WOLFSSL_DTLS_NO_HVR_ON_RESUME
- * WOLFSSL_DTLS13_NO_HRR_ON_RESUME
- *     If defined, a DTLS server will not do a cookie exchange on successful
- *     client resumption: the resumption will be faster (one RTT less) and
- *     will consume less bandwidth (one ClientHello and one
- *     HelloVerifyRequest/HelloRetryRequest less). On the other hand, if a valid
- *     SessionID/ticket/psk is collected, forged clientHello messages will
- *     consume resources on the server. For DTLS 1.3, using this option also
- *     allows for the server to process Early Data/0-RTT Data. Without this, the
- *     Early Data would be dropped since the server doesn't enter stateful
- *     processing until receiving a verified ClientHello with the cookie.
- *
- *     To allow DTLS 1.3 resumption without the cookie exchange:
- *     - Compile wolfSSL with WOLFSSL_DTLS13_NO_HRR_ON_RESUME defined
- *     - Call wolfSSL_dtls13_no_hrr_on_resume(ssl, 1) on the WOLFSSL object to
- *       disable the cookie exchange on resumption
- *     - Continue like with a normal connection
- * WOLFSSL_DTLS_CH_FRAG
- *     Allow a server to process a fragmented second/verified (one containing a
- *     valid cookie response) ClientHello message. The first/unverified (one
- *     without a cookie extension) ClientHello MUST be unfragmented so that the
- *     DTLS server can process it statelessly. This is only implemented for
- *     DTLS 1.3. The user MUST call wolfSSL_dtls13_allow_ch_frag() on the server
- *     to explicitly enable this during runtime.
- */
-
-#ifndef WOLFCRYPT_ONLY
-
-#include <wolfssl/error-ssl.h>
-#include <wolfssl/internal.h>
-#include <wolfssl/ssl.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
-
-#ifdef WOLFSSL_DTLS
-
-void DtlsResetState(WOLFSSL* ssl)
-{
-    /* Reset the state so that we can statelessly await the
-     * ClientHello that contains the cookie. Don't gate on IsAtLeastTLSv1_3
-     * to handle the edge case when the peer wants a lower version. */
-
-    /* Reset DTLS window */
-#ifdef WOLFSSL_DTLS13
-    w64Zero(&ssl->dtls13Epochs[0].nextSeqNumber);
-    w64Zero(&ssl->dtls13Epochs[0].nextPeerSeqNumber);
-    XMEMSET(ssl->dtls13Epochs[0].window, 0,
-        sizeof(ssl->dtls13Epochs[0].window));
-    Dtls13FreeFsmResources(ssl);
-#endif
-    ssl->keys.dtls_expected_peer_handshake_number = 0;
-    ssl->keys.dtls_handshake_number = 0;
-    ssl->keys.dtls_sequence_number_hi = 0;
-    ssl->keys.dtls_sequence_number_lo = 0;
-
-    /* Reset states */
-    ssl->options.serverState = NULL_STATE;
-    ssl->options.clientState = NULL_STATE;
-    ssl->options.connectState = CONNECT_BEGIN;
-    ssl->options.acceptState = ACCEPT_BEGIN;
-    ssl->options.handShakeState = NULL_STATE;
-    ssl->options.seenUnifiedHdr = 0;
-    ssl->msgsReceived.got_client_hello = 0;
-    ssl->keys.dtls_handshake_number = 0;
-    ssl->keys.dtls_expected_peer_handshake_number = 0;
-    XMEMSET(ssl->keys.peerSeq, 0, sizeof(ssl->keys.peerSeq));
-    ssl->options.tls = 0;
-    ssl->options.tls1_1 = 0;
-    ssl->options.tls1_3 = 0;
-#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_DTLS_CID)
-    ssl->buffers.dtlsCtx.processingPendingRecord = 0;
-    /* Clear the pending peer in case user set */
-    XFREE(ssl->buffers.dtlsCtx.pendingPeer.sa, ssl->heap,
-          DYNAMIC_TYPE_SOCKADDR);
-    ssl->buffers.dtlsCtx.pendingPeer.sa = NULL;
-    ssl->buffers.dtlsCtx.pendingPeer.sz = 0;
-    ssl->buffers.dtlsCtx.pendingPeer.bufSz = 0;
-#endif
-}
-
-int DtlsIgnoreError(int err)
-{
-    /* Whitelist of errors not to ignore */
-    switch (err) {
-    case WC_NO_ERR_TRACE(MEMORY_E):
-    case WC_NO_ERR_TRACE(MEMORY_ERROR):
-    case WC_NO_ERR_TRACE(ASYNC_INIT_E):
-    case WC_NO_ERR_TRACE(ASYNC_OP_E):
-    case WC_NO_ERR_TRACE(SOCKET_ERROR_E):
-    case WC_NO_ERR_TRACE(WANT_READ):
-    case WC_NO_ERR_TRACE(WANT_WRITE):
-    case WC_NO_ERR_TRACE(COOKIE_ERROR):
-        return 0;
-    default:
-        return 1;
-    }
-}
-
-void DtlsSetSeqNumForReply(WOLFSSL* ssl)
-{
-    /* We cover both DTLS 1.2 and 1.3 cases because we may be negotiating
-     * protocols. */
-    /* We should continue with the same sequence number as the
-     * Client Hello. */
-    ssl->keys.dtls_sequence_number_hi = ssl->keys.curSeq_hi;
-    ssl->keys.dtls_sequence_number_lo = ssl->keys.curSeq_lo;
-#ifdef WOLFSSL_DTLS13
-    if (ssl->dtls13EncryptEpoch != NULL) {
-        ssl->dtls13EncryptEpoch->nextSeqNumber =
-                w64From32(ssl->keys.curSeq_hi, ssl->keys.curSeq_lo);
-    }
-#endif
-    /* We should continue with the same handshake number as the
-     * Client Hello. */
-    ssl->keys.dtls_handshake_number =
-            ssl->keys.dtls_peer_handshake_number;
-}
-
-#if !defined(NO_WOLFSSL_SERVER)
-
-#if defined(NO_SHA) && defined(NO_SHA256)
-#error "DTLS needs either SHA or SHA-256"
-#endif /* NO_SHA && NO_SHA256 */
-
-#if !defined(NO_SHA) && defined(NO_SHA256)
-#define DTLS_COOKIE_TYPE WC_SHA
-#define DTLS_COOKIE_SZ WC_SHA_DIGEST_SIZE
-#endif /* !NO_SHA && NO_SHA256 */
-
-#ifndef NO_SHA256
-#define DTLS_COOKIE_TYPE WC_SHA256
-#define DTLS_COOKIE_SZ WC_SHA256_DIGEST_SIZE
-#endif /* !NO_SHA256 */
-
-#if defined(WOLFSSL_DTLS13) && (defined(HAVE_SESSION_TICKET) || \
-                                !defined(NO_PSK))
-typedef struct PskInfo {
-    byte cipherSuite0;
-    byte cipherSuite;
-    byte isValid:1;
-} PskInfo;
-#endif
-
-typedef struct WolfSSL_ConstVector {
-    word32 size;
-    const byte* elements;
-} WolfSSL_ConstVector;
-
-typedef struct WolfSSL_CH {
-    ProtocolVersion* pv;
-    const byte* random;
-    WolfSSL_ConstVector sessionId;
-    WolfSSL_ConstVector cookie;
-    WolfSSL_ConstVector cipherSuite;
-    WolfSSL_ConstVector compression;
-    WolfSSL_ConstVector extension;
-    WolfSSL_ConstVector cookieExt;
-    const byte* raw;
-    word32 length;
-    /* Store the DTLS 1.2 cookie since we can just compute it once in dtls.c */
-    byte dtls12cookie[DTLS_COOKIE_SZ];
-    byte dtls12cookieSet:1;
-} WolfSSL_CH;
-
-static word32 ReadVector8(const byte* input, WolfSSL_ConstVector* v)
-{
-    v->size = *input;
-    v->elements = input + OPAQUE8_LEN;
-    return v->size + OPAQUE8_LEN;
-}
-
-static word32 ReadVector16(const byte* input, WolfSSL_ConstVector* v)
-{
-    word16 size16;
-    ato16(input, &size16);
-    v->size = (word32)size16;
-    v->elements = input + OPAQUE16_LEN;
-    return v->size + OPAQUE16_LEN;
-}
-
-static int CreateDtls12Cookie(const WOLFSSL* ssl, const WolfSSL_CH* ch,
-                              byte* cookie)
-{
-    int ret;
-    Hmac cookieHmac;
-
-    if (ssl->buffers.dtlsCookieSecret.buffer == NULL ||
-            ssl->buffers.dtlsCookieSecret.length == 0) {
-        WOLFSSL_MSG("Missing DTLS 1.2 cookie secret");
-        return COOKIE_ERROR;
-    }
-
-    ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId);
-    if (ret == 0) {
-        ret = wc_HmacSetKey(&cookieHmac, DTLS_COOKIE_TYPE,
-            ssl->buffers.dtlsCookieSecret.buffer,
-            ssl->buffers.dtlsCookieSecret.length);
-        if (ret == 0) {
-            /* peerLock not necessary. Still in handshake phase. */
-            ret = wc_HmacUpdate(&cookieHmac,
-                   (const byte*)ssl->buffers.dtlsCtx.peer.sa,
-                                ssl->buffers.dtlsCtx.peer.sz);
-        }
-        if (ret == 0)
-            ret = wc_HmacUpdate(&cookieHmac, (byte*)ch->pv, OPAQUE16_LEN);
-        if (ret == 0)
-            ret = wc_HmacUpdate(&cookieHmac, (byte*)ch->random, RAN_LEN);
-        if (ret == 0) {
-            ret = wc_HmacUpdate(&cookieHmac, (byte*)ch->sessionId.elements,
-                    ch->sessionId.size);
-        }
-        if (ret == 0) {
-            ret = wc_HmacUpdate(&cookieHmac, (byte*)ch->cipherSuite.elements,
-                ch->cipherSuite.size);
-        }
-        if (ret == 0) {
-            ret = wc_HmacUpdate(&cookieHmac, (byte*)ch->compression.elements,
-                ch->compression.size);
-        }
-        if (ret == 0)
-            ret = wc_HmacFinal(&cookieHmac, cookie);
-        wc_HmacFree(&cookieHmac);
-    }
-
-    return ret;
-}
-
-static int CheckDtlsCookie(const WOLFSSL* ssl, WolfSSL_CH* ch,
-                           byte isTls13, byte* cookieGood)
-{
-    int ret = 0;
-
-    (void)isTls13;
-
-    *cookieGood = 0;
-#ifdef WOLFSSL_DTLS13
-    if (isTls13) {
-        word16  len;
-        if (ch->cookieExt.size < OPAQUE16_LEN + 1)
-            return BUFFER_E;
-        ato16(ch->cookieExt.elements, &len);
-        if (ch->cookieExt.size - OPAQUE16_LEN != len)
-            return BUFFER_E;
-        ret = TlsCheckCookie(ssl, ch->cookieExt.elements + OPAQUE16_LEN,
-                (word16)(ch->cookieExt.size - OPAQUE16_LEN));
-        if (ret < 0 && ret != WC_NO_ERR_TRACE(HRR_COOKIE_ERROR))
-            return ret;
-        *cookieGood = ret > 0;
-        ret = 0;
-    }
-    else
-#endif
-    {
-        if (ch->cookie.size != DTLS_COOKIE_SZ)
-            return 0;
-        if (!ch->dtls12cookieSet) {
-            ret = CreateDtls12Cookie(ssl, ch, ch->dtls12cookie);
-            if (ret != 0)
-                return ret;
-            ch->dtls12cookieSet = 1;
-        }
-        *cookieGood = ConstantCompare(ch->cookie.elements, ch->dtls12cookie,
-                                      DTLS_COOKIE_SZ) == 0;
-    }
-    return ret;
-}
-
-static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch,
-        byte isFirstCHFrag)
-{
-    word32 idx = 0;
-
-    (void)isFirstCHFrag;
-
-    /* protocol version, random and session id length check */
-    if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
-        return BUFFER_ERROR;
-
-    ch->raw = input;
-    ch->pv = (ProtocolVersion*)(input + idx);
-    idx += OPAQUE16_LEN;
-    ch->random = (byte*)(input + idx);
-    idx += RAN_LEN;
-    idx += ReadVector8(input + idx, &ch->sessionId);
-    if (idx > helloSz - OPAQUE8_LEN)
-        return BUFFER_ERROR;
-    idx += ReadVector8(input + idx, &ch->cookie);
-    if (idx > helloSz - OPAQUE16_LEN)
-        return BUFFER_ERROR;
-    idx += ReadVector16(input + idx, &ch->cipherSuite);
-    if (idx > helloSz - OPAQUE8_LEN)
-        return BUFFER_ERROR;
-    idx += ReadVector8(input + idx, &ch->compression);
-    if (idx < helloSz - OPAQUE16_LEN) {
-        /* Extensions are optional */
-#ifdef WOLFSSL_DTLS_CH_FRAG
-        word32 extStart = idx + OPAQUE16_LEN;
-#endif
-        idx += ReadVector16(input + idx, &ch->extension);
-        if (idx > helloSz) {
-#ifdef WOLFSSL_DTLS_CH_FRAG
-            idx = helloSz;
-            /* Allow incomplete extensions if we are parsing a fragment */
-            if (isFirstCHFrag && extStart < helloSz)
-                ch->extension.size = helloSz - extStart;
-            else
-#endif
-                return BUFFER_ERROR;
-        }
-    }
-    if (idx != helloSz)
-        return BUFFER_ERROR;
-    ch->length = idx;
-    return 0;
-}
-
-#if (defined(WOLFSSL_DTLS_NO_HVR_ON_RESUME) && defined(HAVE_SESSION_TICKET)) \
-    || defined(WOLFSSL_DTLS13)
-static int FindExtByType(WolfSSL_ConstVector* ret, word16 extType,
-    WolfSSL_ConstVector exts, int* tlsxFound)
-{
-    word32 len, idx = 0;
-    word16 type;
-    WolfSSL_ConstVector ext;
-
-    XMEMSET(ret, 0, sizeof(*ret));
-    len = exts.size;
-    *tlsxFound = FALSE;
-    /* type + len */
-    while (len >= OPAQUE16_LEN + OPAQUE16_LEN) {
-        ato16(exts.elements + idx, &type);
-        idx += OPAQUE16_LEN;
-        idx += ReadVector16(exts.elements + idx, &ext);
-        if (idx > exts.size ||
-                ext.elements + ext.size > exts.elements + exts.size)
-            return BUFFER_ERROR;
-        if (type == extType) {
-            XMEMCPY(ret, &ext, sizeof(ext));
-            *tlsxFound = TRUE;
-            return 0;
-        }
-        len = exts.size - idx;
-    }
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_DTLS_NO_HVR_ON_RESUME)
-#ifdef HAVE_SESSION_TICKET
-static int TlsTicketIsValid(const WOLFSSL* ssl, WolfSSL_ConstVector exts,
-                            int* resume)
-{
-    WolfSSL_ConstVector tlsxSessionTicket;
-    byte tempTicket[SESSION_TICKET_LEN];
-    InternalTicket* it = NULL;
-    int ret = 0;
-    int tlsxFound;
-
-    *resume = FALSE;
-
-    ret = FindExtByType(&tlsxSessionTicket, TLSX_SESSION_TICKET, exts,
-                         &tlsxFound);
-    if (ret != 0)
-        return ret;
-    if (tlsxSessionTicket.size == 0)
-        return 0;
-    if (tlsxSessionTicket.size > SESSION_TICKET_LEN)
-        return 0;
-    XMEMCPY(tempTicket, tlsxSessionTicket.elements, tlsxSessionTicket.size);
-    ret = DoDecryptTicket(ssl, tempTicket, (word32)tlsxSessionTicket.size, &it);
-    if (ret == WOLFSSL_TICKET_RET_OK || ret == WOLFSSL_TICKET_RET_CREATE) {
-        /* This logic is only for TLS <= 1.2 tickets. Don't accept TLS 1.3. */
-        if (!IsAtLeastTLSv1_3(it->pv))
-            *resume = TRUE;
-    }
-    if (it != NULL)
-        ForceZero(it, sizeof(InternalTicket));
-    return 0;
-}
-#endif /* HAVE_SESSION_TICKET */
-
-static int TlsSessionIdIsValid(const WOLFSSL* ssl, WolfSSL_ConstVector sessionID,
-                               int* resume)
-{
-    const WOLFSSL_SESSION* sess;
-    word32 sessRow;
-    int ret;
-#ifdef HAVE_EXT_CACHE
-    int copy;
-#endif
-    *resume = FALSE;
-
-    if (ssl->options.sessionCacheOff)
-        return 0;
-    if (sessionID.size != ID_LEN)
-        return 0;
-
-#ifdef HAVE_EXT_CACHE
-    if (ssl->ctx->get_sess_cb != NULL) {
-        WOLFSSL_SESSION* extSess =
-            ssl->ctx->get_sess_cb((WOLFSSL*)ssl, sessionID.elements, ID_LEN,
-                                  &copy);
-        if (extSess != NULL) {
-#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
-                           defined(HAVE_SESSION_TICKET))
-            /* This logic is only for TLS <= 1.2 tickets. Don't accept
-             * TLS 1.3. */
-            if (!IsAtLeastTLSv1_3(extSess->version))
-#endif
-                *resume = TRUE;
-            if (!copy)
-                wolfSSL_FreeSession(ssl->ctx, extSess);
-            if (*resume)
-                return 0;
-        }
-    }
-    if (ssl->ctx->internalCacheLookupOff)
-        return 0;
-#endif
-
-
-    ret = TlsSessionCacheGetAndRdLock(sessionID.elements, &sess, &sessRow,
-            ssl->options.side);
-    if (ret == 0 && sess != NULL) {
-#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
-                               defined(HAVE_SESSION_TICKET))
-        /* This logic is only for TLS <= 1.2 tickets. Don't accept
-         * TLS 1.3. */
-        if (!IsAtLeastTLSv1_3(sess->version))
-#endif
-            *resume = TRUE;
-        TlsSessionCacheUnlockRow(sessRow);
-    }
-
-    return 0;
-}
-
-static int TlsResumptionIsValid(const WOLFSSL* ssl, WolfSSL_CH* ch,
-                                int* resume)
-{
-    int ret;
-
-#ifdef HAVE_SESSION_TICKET
-    ret = TlsTicketIsValid(ssl, ch->extension, resume);
-    if (ret != 0)
-        return ret;
-    if (*resume)
-        return 0;
-#endif /* HAVE_SESSION_TICKET */
-    ret = TlsSessionIdIsValid(ssl, ch->sessionId, resume);
-    return ret;
-}
-#endif /* WOLFSSL_DTLS13 || WOLFSSL_DTLS_NO_HVR_ON_RESUME */
-
-#ifdef WOLFSSL_DTLS13
-static int TlsCheckSupportedVersion(const WOLFSSL* ssl,
-        WolfSSL_CH* ch, byte *isTls13)
-{
-    WolfSSL_ConstVector tlsxSupportedVersions;
-    int ret;
-    ProtocolVersion pv = ssl->version;
-    int tlsxFound;
-
-    ret = FindExtByType(&tlsxSupportedVersions, TLSX_SUPPORTED_VERSIONS,
-                         ch->extension, &tlsxFound);
-    if (ret != 0)
-        return ret;
-    if (!tlsxFound || tlsxSupportedVersions.elements == NULL) {
-        *isTls13 = 0;
-        return 0;
-    }
-    ret = TLSX_SupportedVersions_Parse(ssl, tlsxSupportedVersions.elements,
-            (word16)tlsxSupportedVersions.size, client_hello, &pv, NULL, NULL);
-    if (ret != 0)
-        return ret;
-    if (IsAtLeastTLSv1_3(pv))
-        *isTls13 = 1;
-    else
-        *isTls13 = 0;
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_DTLS13) && \
-        (!defined(NO_PSK) || defined(HAVE_SESSION_TICKET))
-/* Very simplified version of CheckPreSharedKeys to find the current suite */
-static void FindPskSuiteFromExt(const WOLFSSL* ssl, TLSX* extensions,
-                                PskInfo* pskInfo, Suites* suites)
-{
-    TLSX* pskExt = TLSX_Find(extensions, TLSX_PRE_SHARED_KEY);
-    PreSharedKey* current;
-    int i;
-    int ret;
-
-    if (pskExt == NULL)
-        return;
-
-    for (i = 0; i < suites->suiteSz; i += 2) {
-        for (current = (PreSharedKey*)pskExt->data; current != NULL;
-                current = current->next) {
-#ifdef HAVE_SESSION_TICKET
-            {
-                /* Decode the identity. */
-                switch (current->decryptRet) {
-                    case PSK_DECRYPT_NONE:
-                        ret = DoClientTicket_ex(ssl, current, 0);
-                        break;
-                    case PSK_DECRYPT_OK:
-                        ret = WOLFSSL_TICKET_RET_OK;
-                        break;
-                    case PSK_DECRYPT_CREATE:
-                        ret = WOLFSSL_TICKET_RET_CREATE;
-                        break;
-                    case PSK_DECRYPT_FAIL:
-                    default:
-                        ret = WOLFSSL_TICKET_RET_REJECT;
-                        break;
-                }
-                if (ret == WOLFSSL_TICKET_RET_OK) {
-                    if (DoClientTicketCheck(ssl, current, ssl->timeout,
-                            suites->suites + i) != 0) {
-                        continue;
-                    }
-
-                    pskInfo->cipherSuite0 = current->it->suite[0];
-                    pskInfo->cipherSuite  = current->it->suite[1];
-                    pskInfo->isValid      = 1;
-                    goto cleanup;
-                }
-            }
-#endif
-#ifndef NO_PSK
-            {
-                int found = 0;
-                byte psk_key[MAX_PSK_KEY_LEN];
-                word32 psk_keySz;
-                byte foundSuite[SUITE_LEN];
-                ret = FindPskSuite(ssl, current, psk_key, &psk_keySz,
-                        suites->suites + i, &found, foundSuite);
-                /* Clear the key just in case */
-                ForceZero(psk_key, sizeof(psk_key));
-                if (ret == 0 && found) {
-                    pskInfo->cipherSuite0 = foundSuite[0];
-                    pskInfo->cipherSuite  = foundSuite[1];
-                    pskInfo->isValid      = 1;
-                    goto cleanup;
-                }
-            }
-#endif
-        }
-    }
-
-    /* Empty return necessary so we can have both the label and macro guard */
-cleanup:
-#ifdef HAVE_SESSION_TICKET
-    CleanupClientTickets((PreSharedKey*)pskExt->data);
-#endif
-    return;
-}
-#endif
-
-#ifdef WOLFSSL_DTLS13
-
-#ifndef WOLFSSL_SEND_HRR_COOKIE
-#error "WOLFSSL_SEND_HRR_COOKIE has to be defined to use DTLS 1.3 server"
-#endif
-
-#ifdef WOLFSSL_PSK_ONE_ID
-#error WOLFSSL_PSK_ONE_ID is not compatible with stateless DTLS 1.3 server. \
-        wolfSSL needs to be able to make multiple calls for the same PSK.
-#endif
-
-static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
-{
-    int ret = -1;
-    TLSX* parsedExts = NULL;
-    WolfSSL_ConstVector tlsx;
-    int tlsxFound;
-    Suites suites;
-    byte haveSA = 0;
-    byte haveKS = 0;
-    byte haveSG = 0;
-#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
-    byte usePSK = 0;
-    byte doKE = 0;
-#endif
-    CipherSuite cs;
-    CipherSpecs specs;
-    byte cookieHash[WC_MAX_DIGEST_SIZE];
-    int cookieHashSz;
-#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
-    PskInfo pskInfo;
-    XMEMSET(&pskInfo, 0, sizeof(pskInfo));
-#endif
-
-#ifndef HAVE_SUPPORTED_CURVES
-    (void)doKE;
-#endif /* !HAVE_SUPPORTED_CURVES */
-
-    XMEMSET(&cs, 0, sizeof(cs));
-
-    /* We need to echo the session ID sent by the client */
-    if (ch->sessionId.size > ID_LEN) {
-        /* Too large. We can't echo this. */
-        ERROR_OUT(INVALID_PARAMETER, dtls13_cleanup);
-    }
-
-    /* Populate the suites struct to find a common ciphersuite */
-    XMEMSET(&suites, 0, sizeof(suites));
-    suites.suiteSz = (word16)ch->cipherSuite.size;
-    if ((suites.suiteSz % 2) != 0)
-        ERROR_OUT(INVALID_PARAMETER, dtls13_cleanup);
-    if (suites.suiteSz > WOLFSSL_MAX_SUITE_SZ)
-        ERROR_OUT(BUFFER_ERROR, dtls13_cleanup);
-    XMEMCPY(suites.suites, ch->cipherSuite.elements, suites.suiteSz);
-
-    /* Populate extensions */
-
-    /* Supported versions always need to be present. Has to appear after
-     * key share as that is the order we reconstruct it in
-     * RestartHandshakeHashWithCookie. */
-    ret = TLSX_Push(&parsedExts,
-              TLSX_SUPPORTED_VERSIONS, ssl, ssl->heap);
-    if (ret != 0)
-        goto dtls13_cleanup;
-    /* Set that this is a response extension */
-    parsedExts->resp = 1;
-
-#if defined(HAVE_SUPPORTED_CURVES)
-    ret = TLSX_SupportedCurve_Copy(ssl->extensions, &parsedExts, ssl->heap);
-    if (ret != 0)
-        goto dtls13_cleanup;
-#endif
-
-#if !defined(NO_CERTS)
-    /* Signature algs */
-    ret = FindExtByType(&tlsx, TLSX_SIGNATURE_ALGORITHMS,
-                         ch->extension, &tlsxFound);
-    if (ret != 0)
-        goto dtls13_cleanup;
-    if (tlsxFound) {
-        WolfSSL_ConstVector sigAlgs;
-        if (tlsx.size < OPAQUE16_LEN)
-            ERROR_OUT(BUFFER_ERROR, dtls13_cleanup);
-        ReadVector16(tlsx.elements, &sigAlgs);
-        if (sigAlgs.size != tlsx.size - OPAQUE16_LEN)
-            ERROR_OUT(BUFFER_ERROR, dtls13_cleanup);
-        if ((sigAlgs.size % 2) != 0)
-            ERROR_OUT(BUFFER_ERROR, dtls13_cleanup);
-        if (sigAlgs.size > WOLFSSL_MAX_SIGALGO)
-            ERROR_OUT(BUFFER_ERROR, dtls13_cleanup);
-        suites.hashSigAlgoSz = (word16)sigAlgs.size;
-        XMEMCPY(suites.hashSigAlgo, sigAlgs.elements, sigAlgs.size);
-        haveSA = 1;
-    }
-#endif /* !defined(NO_CERTS) */
-
-#ifdef HAVE_SUPPORTED_CURVES
-    /* Supported groups */
-    ret = FindExtByType(&tlsx, TLSX_SUPPORTED_GROUPS,
-                         ch->extension, &tlsxFound);
-    if (ret != 0)
-        goto dtls13_cleanup;
-    if (tlsxFound) {
-        ret = TLSX_SupportedCurve_Parse(ssl, tlsx.elements,
-                                     (word16)tlsx.size, 1, &parsedExts);
-        if (ret != 0)
-            goto dtls13_cleanup;
-        haveSG = 1;
-    }
-
-    /* Key share */
-    ret = FindExtByType(&tlsx, TLSX_KEY_SHARE,
-                         ch->extension, &tlsxFound);
-    if (ret != 0)
-        goto dtls13_cleanup;
-    if (tlsxFound) {
-        ret = TLSX_KeyShare_Parse_ClientHello(ssl, tlsx.elements,
-                                        (word16)tlsx.size, &parsedExts);
-        if (ret != 0)
-            goto dtls13_cleanup;
-        haveKS = 1;
-    }
-#endif /* HAVE_SUPPORTED_CURVES */
-
-#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
-    /* Pre-shared key */
-    ret = FindExtByType(&tlsx, TLSX_PRE_SHARED_KEY, ch->extension, &tlsxFound);
-    if (ret != 0)
-        goto dtls13_cleanup;
-    if (tlsxFound) {
-        /* Let's just assume that the binders are correct here. We will
-         * actually verify this in the stateful part of the processing
-         * and if they don't match we will error out there anyway. */
-        byte modes;
-
-        /* TLSX_PreSharedKey_Parse_ClientHello uses word16 length */
-        if (tlsx.size > WOLFSSL_MAX_16BIT) {
-            ERROR_OUT(BUFFER_ERROR, dtls13_cleanup);
-        }
-
-        /* Ask the user for the ciphersuite matching this identity */
-        if (TLSX_PreSharedKey_Parse_ClientHello(&parsedExts,
-                tlsx.elements, (word16)tlsx.size, ssl->heap) == 0) {
-            /* suites only needs to be refined when searching for a PSK.
-             * MatchSuite_ex handles refining internally. */
-            refineSuites(WOLFSSL_SUITES(ssl), &suites, &suites,
-                    ssl->options.useClientOrder);
-            FindPskSuiteFromExt(ssl, parsedExts, &pskInfo, &suites);
-        }
-        /* Revert to full handshake if PSK parsing failed */
-
-        if (pskInfo.isValid) {
-            ret = FindExtByType(&tlsx, TLSX_PSK_KEY_EXCHANGE_MODES,
-                                 ch->extension, &tlsxFound);
-            if (ret != 0)
-                goto dtls13_cleanup;
-            if (!tlsxFound)
-                ERROR_OUT(PSK_KEY_ERROR, dtls13_cleanup);
-            ret = TLSX_PskKeyModes_Parse_Modes(tlsx.elements, (word16)tlsx.size,
-                                               client_hello, &modes);
-            if (ret != 0)
-                goto dtls13_cleanup;
-            if ((modes & (1 << PSK_DHE_KE)) &&
-                    !ssl->options.noPskDheKe) {
-                if (!haveKS)
-                    ERROR_OUT(PSK_KEY_ERROR, dtls13_cleanup);
-                doKE = 1;
-            }
-            else if ((modes & (1 << PSK_KE)) == 0 ||
-                    ssl->options.onlyPskDheKe) {
-                ERROR_OUT(PSK_KEY_ERROR, dtls13_cleanup);
-            }
-            usePSK = 1;
-        }
-    }
-#endif
-
-#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
-    if (usePSK && pskInfo.isValid) {
-        cs.cipherSuite0 = pskInfo.cipherSuite0;
-        cs.cipherSuite = pskInfo.cipherSuite;
-
-        /* https://datatracker.ietf.org/doc/html/rfc8446#section-9.2 */
-        if (haveSG ^ haveKS) {
-            WOLFSSL_MSG("Client needs to send both or none of KeyShare and "
-                        "SupportedGroups");
-            ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup);
-        }
-
-#ifdef HAVE_SUPPORTED_CURVES
-        if (doKE) {
-            byte searched = 0;
-            ret = TLSX_KeyShare_Choose(ssl, parsedExts, cs.cipherSuite0,
-                    cs.cipherSuite, &cs.clientKSE, &searched);
-            if (ret != 0)
-                goto dtls13_cleanup;
-            if (cs.clientKSE == NULL && searched)
-                cs.doHelloRetry = 1;
-        }
-#endif /* HAVE_SUPPORTED_CURVES */
-    }
-    else
-#endif /* defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) */
-    {
-        /* https://datatracker.ietf.org/doc/html/rfc8446#section-9.2 */
-        if (!haveKS || !haveSA || !haveSG) {
-            WOLFSSL_MSG("Client didn't send KeyShare or SigAlgs or "
-                        "SupportedGroups.");
-            ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup);
-        }
-        /* TLSX_KeyShare_Choose is done deep inside MatchSuite_ex */
-        ret = MatchSuite_ex(ssl, &suites, &cs, parsedExts);
-        if (ret < 0) {
-            WOLFSSL_MSG("Unsupported cipher suite, ClientHello DTLS 1.3");
-            ERROR_OUT(INCOMPLETE_DATA, dtls13_cleanup);
-        }
-    }
-
-#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
-    if (ssl->options.dtls13NoHrrOnResume && usePSK && pskInfo.isValid &&
-            !cs.doHelloRetry) {
-        /* Skip HRR on resumption */
-        ((WOLFSSL*)ssl)->options.dtlsStateful = 1;
-        goto dtls13_cleanup;
-    }
-#endif
-
-#ifdef HAVE_SUPPORTED_CURVES
-    if (cs.doHelloRetry) {
-        ret = TLSX_KeyShare_SetSupported(ssl, &parsedExts);
-        if (ret != 0)
-            goto dtls13_cleanup;
-    }
-    else {
-        /* Need to remove the keyshare ext if we found a common group
-         * and are not doing curve negotiation. */
-        TLSX_Remove(&parsedExts, TLSX_KEY_SHARE, ssl->heap);
-    }
-#endif /* HAVE_SUPPORTED_CURVES */
-
-    /* This is required to correctly generate the hash */
-    ret = GetCipherSpec(WOLFSSL_SERVER_END, cs.cipherSuite0,
-                         cs.cipherSuite, &specs, NULL);
-    if (ret != 0)
-        goto dtls13_cleanup;
-
-    /* Calculate the cookie hash */
-    ret = Dtls13HashClientHello(ssl, cookieHash, &cookieHashSz, ch->raw,
-                                ch->length, &specs);
-    if (ret != 0)
-        goto dtls13_cleanup;
-
-    /* Push the cookie to extensions */
-    ret = CreateCookieExt(ssl, cookieHash, (word16)cookieHashSz,
-                          &parsedExts, cs.cipherSuite0, cs.cipherSuite);
-    if (ret != 0)
-        goto dtls13_cleanup;
-
-    {
-        WOLFSSL* nonConstSSL = (WOLFSSL*)ssl;
-        TLSX* sslExts = nonConstSSL->extensions;
-
-        nonConstSSL->options.tls = 1;
-        nonConstSSL->options.tls1_1 = 1;
-        nonConstSSL->options.tls1_3 = 1;
-
-        XMEMCPY(nonConstSSL->session->sessionID, ch->sessionId.elements,
-                ch->sessionId.size);
-        nonConstSSL->session->sessionIDSz = (byte)ch->sessionId.size;
-        nonConstSSL->options.cipherSuite0 = cs.cipherSuite0;
-        nonConstSSL->options.cipherSuite = cs.cipherSuite;
-        nonConstSSL->extensions = parsedExts;
-
-        ret = SendTls13ServerHello(nonConstSSL, hello_retry_request);
-
-        /* Can be modified inside SendTls13ServerHello */
-        parsedExts = nonConstSSL->extensions;
-
-        nonConstSSL->session->sessionIDSz = 0;
-        nonConstSSL->options.cipherSuite0 = 0;
-        nonConstSSL->options.cipherSuite = 0;
-        nonConstSSL->extensions = sslExts;
-
-        nonConstSSL->options.tls = 0;
-        nonConstSSL->options.tls1_1 = 0;
-        nonConstSSL->options.tls1_3 = 0;
-    }
-dtls13_cleanup:
-    TLSX_FreeAll(parsedExts, ssl->heap);
-    return ret;
-}
-#endif
-
-static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13)
-{
-    int ret;
-    (void)isTls13;
-#ifdef WOLFSSL_DTLS13
-    if (isTls13) {
-        ret = SendStatelessReplyDtls13(ssl, ch);
-    }
-    else
-#endif
-    {
-#if !defined(WOLFSSL_NO_TLS12)
-        if (!ch->dtls12cookieSet) {
-            ret = CreateDtls12Cookie(ssl, ch, ch->dtls12cookie);
-            if (ret != 0)
-                return ret;
-            ch->dtls12cookieSet = 1;
-        }
-        ret = SendHelloVerifyRequest((WOLFSSL*)ssl, ch->dtls12cookie,
-                DTLS_COOKIE_SZ);
-#else
-        WOLFSSL_MSG("DTLS1.2 disabled with WOLFSSL_NO_TLS12");
-        WOLFSSL_ERROR_VERBOSE(NOT_COMPILED_IN);
-        ret = NOT_COMPILED_IN;
-#endif
-    }
-    return ret;
-}
-
-static int ClientHelloSanityCheck(WolfSSL_CH* ch, byte isTls13)
-{
-    /* Do basic checks on the basic fields */
-
-    /* Check the protocol version */
-    if (ch->pv->major != DTLS_MAJOR)
-        return VERSION_ERROR;
-    if (ch->pv->minor != DTLSv1_2_MINOR && ch->pv->minor != DTLS_MINOR)
-        return VERSION_ERROR;
-    if (isTls13) {
-        if (ch->cookie.size != 0)
-            return INVALID_PARAMETER;
-        if (ch->compression.size != COMP_LEN)
-            return INVALID_PARAMETER;
-        if (ch->compression.elements[0] != NO_COMPRESSION)
-            return INVALID_PARAMETER;
-    }
-
-    return 0;
-}
-
-int DoClientHelloStateless(WOLFSSL* ssl, const byte* input, word32 helloSz,
-        byte isFirstCHFrag, byte* tls13)
-{
-    int ret;
-    WolfSSL_CH ch;
-    byte isTls13 = 0;
-
-    WOLFSSL_ENTER("DoClientHelloStateless");
-    if (isFirstCHFrag) {
-#ifdef WOLFSSL_DTLS_CH_FRAG
-        WOLFSSL_MSG("\tProcessing fragmented ClientHello");
-#else
-        WOLFSSL_MSG("\tProcessing fragmented ClientHello but "
-                "WOLFSSL_DTLS_CH_FRAG is not defined. This should not happen.");
-        return BAD_STATE_E;
-#endif
-    }
-    if (tls13 != NULL)
-        *tls13 = 0;
-
-    XMEMSET(&ch, 0, sizeof(ch));
-
-    ssl->options.dtlsStateful = 0;
-    ret = ParseClientHello(input, helloSz, &ch, isFirstCHFrag);
-    if (ret != 0)
-        return ret;
-
-#ifdef WOLFSSL_DTLS13
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        ret = TlsCheckSupportedVersion(ssl, &ch, &isTls13);
-        if (ret != 0)
-            return ret;
-        if (tls13 != NULL)
-            *tls13 = isTls13;
-        if (isTls13) {
-            int tlsxFound;
-            ret = FindExtByType(&ch.cookieExt, TLSX_COOKIE, ch.extension,
-                                 &tlsxFound);
-            if (ret != 0) {
-                if (isFirstCHFrag) {
-                    WOLFSSL_MSG("\t\tCookie probably missing from first "
-                                "fragment. Dropping.");
-                }
-                return ret;
-            }
-        }
-    }
-#endif
-
-    ret = ClientHelloSanityCheck(&ch, isTls13);
-    if (ret != 0)
-        return ret;
-
-#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
-    if (!isTls13 && !isFirstCHFrag) {
-        int resume = FALSE;
-        ret = TlsResumptionIsValid(ssl, &ch, &resume);
-        if (ret != 0)
-            return ret;
-        if (resume) {
-            ssl->options.dtlsStateful = 1;
-            return 0;
-        }
-    }
-#endif
-
-    if (ch.cookie.size == 0 && ch.cookieExt.size == 0) {
-#ifdef WOLFSSL_DTLS_CH_FRAG
-        /* Don't send anything here when processing fragment */
-        if (isFirstCHFrag)
-            ret = COOKIE_ERROR;
-        else
-#endif
-            ret = SendStatelessReply(ssl, &ch, isTls13);
-    }
-    else {
-        byte cookieGood;
-        ret = CheckDtlsCookie(ssl, &ch, isTls13, &cookieGood);
-        if (ret != 0)
-            return ret;
-        if (!cookieGood) {
-#ifdef WOLFSSL_DTLS13
-            /* Invalid cookie for DTLS 1.3 results in an alert. Alert to be sent
-             * in DoTls13ClientHello. */
-            if (isTls13)
-                ret = INVALID_PARAMETER;
-            else
-#endif
-#ifdef WOLFSSL_DTLS_CH_FRAG
-            /* Don't send anything here when processing fragment */
-            if (isFirstCHFrag)
-                ret = COOKIE_ERROR;
-            else
-#endif
-                ret = SendStatelessReply(ssl, &ch, isTls13);
-        }
-        else {
-            ssl->options.dtlsStateful = 1;
-            /* Update the window now that we enter the stateful parsing */
-#ifdef WOLFSSL_DTLS13
-            if (isTls13) {
-                /* Set record numbers before current record number as read */
-                Dtls13Epoch* e;
-                ret = Dtls13UpdateWindowRecordRecvd(ssl);
-                e = Dtls13GetEpoch(ssl, ssl->keys.curEpoch64);
-                if (e != NULL)
-                    XMEMSET(e->window, 0xFF, sizeof(e->window));
-            }
-            else
-#endif
-                DtlsUpdateWindow(ssl);
-            /* Set record numbers before current record number as read */
-            XMEMSET(ssl->keys.peerSeq->window, 0xFF,
-                    sizeof(ssl->keys.peerSeq->window));
-        }
-    }
-
-    return ret;
-}
-#endif /* !defined(NO_WOLFSSL_SERVER) */
-
-#if defined(WOLFSSL_DTLS_CID)
-
-static ConnectionID* DtlsCidNew(const byte* cid, byte size, void* heap)
-{
-    ConnectionID* ret;
-
-    ret = (ConnectionID*)XMALLOC(sizeof(ConnectionID) + size, heap,
-        DYNAMIC_TYPE_TLSX);
-    if (ret == NULL)
-        return NULL;
-
-    ret->length = size;
-    XMEMCPY(ret->id, cid, size);
-
-    return ret;
-}
-
-static WC_INLINE CIDInfo* DtlsCidGetInfo(WOLFSSL* ssl)
-{
-    return ssl->dtlsCidInfo;
-}
-
-static int DtlsCidGetSize(WOLFSSL* ssl, unsigned int* size, int rx)
-{
-    ConnectionID* id;
-    CIDInfo* info;
-
-    if (ssl == NULL || size == NULL)
-        return BAD_FUNC_ARG;
-
-    info = DtlsCidGetInfo(ssl);
-    if (info == NULL)
-        return WOLFSSL_FAILURE;
-
-    id = rx ? info->rx : info->tx;
-    if (id == NULL) {
-        *size = 0;
-        return WOLFSSL_SUCCESS;
-    }
-
-    *size = id->length;
-    return WOLFSSL_SUCCESS;
-}
-
-static int DtlsCidGet(WOLFSSL* ssl, unsigned char* buf, int bufferSz, int rx)
-{
-    ConnectionID* id;
-    CIDInfo* info;
-
-    if (ssl == NULL || buf == NULL)
-        return BAD_FUNC_ARG;
-
-    info = DtlsCidGetInfo(ssl);
-    if (info == NULL)
-        return WOLFSSL_FAILURE;
-
-    id = rx ? info->rx : info->tx;
-    if (id == NULL || id->length == 0)
-        return WOLFSSL_SUCCESS;
-
-    if (id->length > bufferSz)
-        return LENGTH_ERROR;
-
-    XMEMCPY(buf, id->id, id->length);
-    return WOLFSSL_SUCCESS;
-}
-
-static int DtlsCidGet0(WOLFSSL* ssl, unsigned char** cid, int rx)
-{
-    ConnectionID* id;
-    CIDInfo* info;
-
-    if (ssl == NULL || cid == NULL)
-        return BAD_FUNC_ARG;
-
-    info = DtlsCidGetInfo(ssl);
-    if (info == NULL)
-        return WOLFSSL_FAILURE;
-
-    id = rx ? info->rx : info->tx;
-    if (id == NULL || id->length == 0)
-        return WOLFSSL_SUCCESS;
-
-    *cid = id->id;
-    return WOLFSSL_SUCCESS;
-}
-
-static CIDInfo* DtlsCidGetInfoFromExt(byte* ext)
-{
-    WOLFSSL** sslPtr;
-    WOLFSSL* ssl;
-
-    if (ext == NULL)
-        return NULL;
-    sslPtr = (WOLFSSL**)ext;
-    ssl = *sslPtr;
-    if (ssl == NULL)
-        return NULL;
-    return ssl->dtlsCidInfo;
-}
-
-static void DtlsCidUnsetInfoFromExt(byte* ext)
-{
-    WOLFSSL** sslPtr;
-    WOLFSSL* ssl;
-
-    if (ext == NULL)
-        return;
-    sslPtr = (WOLFSSL**)ext;
-    ssl = *sslPtr;
-    if (ssl == NULL)
-        return;
-    ssl->dtlsCidInfo = NULL;
-}
-
-void TLSX_ConnectionID_Free(byte* ext, void* heap)
-{
-    CIDInfo* info;
-    (void)heap;
-
-    info = DtlsCidGetInfoFromExt(ext);
-    if (info == NULL)
-        return;
-    XFREE(info->rx, heap, DYNAMIC_TYPE_TLSX);
-    XFREE(info->tx, heap, DYNAMIC_TYPE_TLSX);
-    XFREE(info, heap, DYNAMIC_TYPE_TLSX);
-    DtlsCidUnsetInfoFromExt(ext);
-    XFREE(ext, heap, DYNAMIC_TYPE_TLSX);
-}
-
-word16 TLSX_ConnectionID_Write(byte* ext, byte* output)
-{
-    CIDInfo* info;
-
-    info = DtlsCidGetInfoFromExt(ext);
-    if (info == NULL)
-        return 0;
-
-    /* empty CID */
-    if (info->rx == NULL) {
-        *output = 0;
-        return OPAQUE8_LEN;
-    }
-
-    *output = info->rx->length;
-    XMEMCPY(output + OPAQUE8_LEN, info->rx->id, info->rx->length);
-    return OPAQUE8_LEN + info->rx->length;
-}
-
-word16 TLSX_ConnectionID_GetSize(byte* ext)
-{
-    CIDInfo* info = DtlsCidGetInfoFromExt(ext);
-    if (info == NULL)
-        return 0;
-    return info->rx == NULL ? OPAQUE8_LEN : OPAQUE8_LEN + info->rx->length;
-}
-
-int TLSX_ConnectionID_Use(WOLFSSL* ssl)
-{
-    CIDInfo* info;
-    WOLFSSL** ext;
-    int ret;
-
-    ext = (WOLFSSL**)TLSX_Find(ssl->extensions, TLSX_CONNECTION_ID);
-    if (ext != NULL)
-        return 0;
-
-    info = (CIDInfo*)XMALLOC(sizeof(CIDInfo), ssl->heap, DYNAMIC_TYPE_TLSX);
-    if (info == NULL)
-        return MEMORY_ERROR;
-    ext = (WOLFSSL**)XMALLOC(sizeof(WOLFSSL*), ssl->heap, DYNAMIC_TYPE_TLSX);
-    if (ext == NULL) {
-        XFREE(info, ssl->heap, DYNAMIC_TYPE_TLSX);
-        return MEMORY_ERROR;
-    }
-    XMEMSET(info, 0, sizeof(CIDInfo));
-    /* CIDInfo needs to be accessed every time we send or receive a record. To
-     * avoid the cost of the extension lookup save a pointer to the structure
-     * inside the SSL object itself, and save a pointer to the SSL object in the
-     * extension. The extension freeing routine uses the pointer to the SSL
-     * object to find the structure and to set ssl->dtlsCidInfo pointer to NULL
-     * after freeing the structure. */
-    ssl->dtlsCidInfo = info;
-    *ext = ssl;
-    ret =
-        TLSX_Push(&ssl->extensions, TLSX_CONNECTION_ID, (void*)ext, ssl->heap);
-    if (ret != 0) {
-        XFREE(info, ssl->heap, DYNAMIC_TYPE_TLSX);
-        XFREE(ext, ssl->heap, DYNAMIC_TYPE_TLSX);
-        ssl->dtlsCidInfo = NULL;
-        return ret;
-    }
-
-    return 0;
-}
-
-int TLSX_ConnectionID_Parse(WOLFSSL* ssl, const byte* input, word16 length,
-    byte isRequest)
-{
-    CIDInfo* info;
-    byte cidSz;
-    TLSX* ext;
-
-    ext = TLSX_Find(ssl->extensions, TLSX_CONNECTION_ID);
-    if (ext == NULL) {
-        /* CID not enabled */
-        if (isRequest) {
-            WOLFSSL_MSG("Received CID ext but it's not enabled, ignoring");
-            return 0;
-        }
-        else {
-            WOLFSSL_MSG("CID ext not requested by the Client, aborting");
-            return UNSUPPORTED_EXTENSION;
-        }
-    }
-
-    if (length < OPAQUE8_LEN)
-        return BUFFER_ERROR;
-
-    cidSz = *input;
-    if (cidSz + OPAQUE8_LEN > length)
-        return BUFFER_ERROR;
-
-    info = DtlsCidGetInfo(ssl);
-    if (info == NULL)
-        return BAD_STATE_E;
-
-    /* it may happen if we process two ClientHello because the server sent an
-     * HRR/HVR request */
-    if (info->tx != NULL || info->negotiated) {
-        if (ssl->options.side != WOLFSSL_SERVER_END &&
-            ssl->options.serverState != SERVER_HELLO_RETRY_REQUEST_COMPLETE &&
-            !IsSCR(ssl))
-            return BAD_STATE_E;
-
-        /* Should not be null if negotiated */
-        if (info->tx == NULL)
-            return BAD_STATE_E;
-
-        /* For now we don't support changing the CID on a rehandshake */
-        if (cidSz != info->tx->length ||
-                XMEMCMP(info->tx->id, input + OPAQUE8_LEN, cidSz) != 0)
-            return DTLS_CID_ERROR;
-    }
-    else if (cidSz > 0) {
-        ConnectionID* id = (ConnectionID*)XMALLOC(sizeof(*id) + cidSz,
-                ssl->heap, DYNAMIC_TYPE_TLSX);
-        if (id == NULL)
-            return MEMORY_ERROR;
-        XMEMCPY(id->id, input + OPAQUE8_LEN, cidSz);
-        id->length = cidSz;
-        info->tx = id;
-    }
-
-    info->negotiated = 1;
-    if (isRequest)
-        ext->resp = 1;
-
-    return 0;
-}
-
-void DtlsCIDOnExtensionsParsed(WOLFSSL* ssl)
-{
-    CIDInfo* info;
-
-    info = DtlsCidGetInfo(ssl);
-    if (info == NULL)
-        return;
-
-    if (!info->negotiated) {
-        TLSX_Remove(&ssl->extensions, TLSX_CONNECTION_ID, ssl->heap);
-        return;
-    }
-}
-
-byte DtlsCIDCheck(WOLFSSL* ssl, const byte* input, word16 inputSize)
-{
-    CIDInfo* info;
-    info = DtlsCidGetInfo(ssl);
-    if (info == NULL || info->rx == NULL || info->rx->length == 0)
-        return 0;
-    if (inputSize < info->rx->length)
-        return 0;
-    return XMEMCMP(input, info->rx->id, info->rx->length) == 0;
-}
-
-int wolfSSL_dtls_cid_use(WOLFSSL* ssl)
-{
-    int ret;
-
-    ssl->options.useDtlsCID = 1;
-    ret = TLSX_ConnectionID_Use(ssl);
-    if (ret != 0)
-        return ret;
-    return WOLFSSL_SUCCESS;
-}
-
-int wolfSSL_dtls_cid_is_enabled(WOLFSSL* ssl)
-{
-    return DtlsCidGetInfo(ssl) != NULL;
-}
-
-int wolfSSL_dtls_cid_set(WOLFSSL* ssl, unsigned char* cid, unsigned int size)
-{
-    ConnectionID* newCid;
-    CIDInfo* cidInfo;
-
-    if (!ssl->options.useDtlsCID)
-        return WOLFSSL_FAILURE;
-
-    cidInfo = DtlsCidGetInfo(ssl);
-    if (cidInfo == NULL)
-        return WOLFSSL_FAILURE;
-
-    if (cidInfo->rx != NULL) {
-        WOLFSSL_MSG("wolfSSL doesn't support changing the CID during a "
-                    "connection");
-        return WOLFSSL_FAILURE;
-    }
-
-    /* empty CID */
-    if (size == 0)
-        return WOLFSSL_SUCCESS;
-
-    if (size > DTLS_CID_MAX_SIZE)
-        return LENGTH_ERROR;
-
-    newCid = DtlsCidNew(cid, (byte)size, ssl->heap);
-    if (newCid == NULL)
-        return MEMORY_ERROR;
-    cidInfo->rx = newCid;
-    return WOLFSSL_SUCCESS;
-}
-
-int wolfSSL_dtls_cid_get_rx_size(WOLFSSL* ssl, unsigned int* size)
-{
-    return DtlsCidGetSize(ssl, size, 1);
-}
-
-int wolfSSL_dtls_cid_get_rx(WOLFSSL* ssl, unsigned char* buf,
-    unsigned int bufferSz)
-{
-    return DtlsCidGet(ssl, buf, bufferSz, 1);
-}
-
-int wolfSSL_dtls_cid_get0_rx(WOLFSSL* ssl, unsigned char** cid)
-{
-    return DtlsCidGet0(ssl, cid, 1);
-}
-
-int wolfSSL_dtls_cid_get_tx_size(WOLFSSL* ssl, unsigned int* size)
-{
-    return DtlsCidGetSize(ssl, size, 0);
-}
-
-int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buf,
-    unsigned int bufferSz)
-{
-    return DtlsCidGet(ssl, buf, bufferSz, 0);
-}
-
-int wolfSSL_dtls_cid_get0_tx(WOLFSSL* ssl, unsigned char** cid)
-{
-    return DtlsCidGet0(ssl, cid, 0);
-}
-
-int wolfSSL_dtls_cid_max_size(void)
-{
-    return DTLS_CID_MAX_SIZE;
-}
-
-const unsigned char* wolfSSL_dtls_cid_parse(const unsigned char* msg,
-        unsigned int msgSz, unsigned int cidSz)
-{
-    /* we need at least the first byte to check version */
-    if (msg == NULL || cidSz == 0 || msgSz < OPAQUE8_LEN + cidSz)
-        return NULL;
-    if (msg[0] == dtls12_cid) {
-        /* DTLS 1.2 CID packet */
-        if (msgSz < DTLS_RECORD_HEADER_SZ + cidSz)
-            return NULL;
-        /* content type(1) + version(2) + epoch(2) + sequence(6) */
-        return msg + ENUM_LEN + VERSION_SZ + OPAQUE16_LEN + OPAQUE16_LEN +
-                OPAQUE32_LEN;
-    }
-#ifdef WOLFSSL_DTLS13
-    else if (Dtls13UnifiedHeaderCIDPresent(msg[0])) {
-        /* DTLS 1.3 CID packet */
-        if (msgSz < OPAQUE8_LEN + cidSz)
-            return NULL;
-        return msg + OPAQUE8_LEN;
-    }
-#endif
-    return NULL;
-}
-#endif /* WOLFSSL_DTLS_CID */
-
-byte DtlsGetCidTxSize(WOLFSSL* ssl)
-{
-#ifdef WOLFSSL_DTLS_CID
-    unsigned int cidSz;
-    int ret;
-    ret = wolfSSL_dtls_cid_get_tx_size(ssl, &cidSz);
-    if (ret != WOLFSSL_SUCCESS)
-        return 0;
-    return (byte)cidSz;
-#else
-    (void)ssl;
-    return 0;
-#endif
-}
-
-byte DtlsGetCidRxSize(WOLFSSL* ssl)
-{
-#ifdef WOLFSSL_DTLS_CID
-    unsigned int cidSz;
-    int ret;
-    ret = wolfSSL_dtls_cid_get_rx_size(ssl, &cidSz);
-    if (ret != WOLFSSL_SUCCESS)
-        return 0;
-    return (byte)cidSz;
-#else
-    (void)ssl;
-    return 0;
-#endif
-}
-
-byte wolfSSL_is_stateful(WOLFSSL* ssl)
-{
-    return (byte)(ssl != NULL ? ssl->options.dtlsStateful : 0);
-}
-
-#endif /* WOLFSSL_DTLS */
-
-#endif /* WOLFCRYPT_ONLY */
diff --git a/src/ssl/wolfssl/dtls13.c b/src/ssl/wolfssl/dtls13.c
deleted file mode 100644
index 9c729fa1e..000000000
--- a/src/ssl/wolfssl/dtls13.c
+++ /dev/null
@@ -1,3065 +0,0 @@
-/* dtls13.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFSSL_DTLS13
-
-#include <wolfssl/error-ssl.h>
-#include <wolfssl/internal.h>
-#include <wolfssl/ssl.h>
-#include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/kdf.h>
-
-#ifdef NO_INLINE
-#include <wolfssl/wolfcrypt/misc.h>
-#else
-#define WOLFSSL_MISC_INCLUDED
-#include <wolfcrypt/src/misc.c>
-#endif
-
-/**
- * enum rnDirection - distinguish between RecordNumber Enc/Dec
- * PROTECT: encrypt the Record Number
- * DEPROTECT: decrypt the Record Number
- */
-enum rnDirection {
-    PROTECT = 0,
-    DEPROTECT,
-};
-
-/**
- * struct Dtls13HandshakeHeader: represent DTLS Handshake header
- * @msg_type: type of message (client_hello,server_hello,etc)
- * @length: length of the message
- * @messageSeq: message sequence number (used for reordering and retransmission)
- * @fragmentOffset: this is the offset of the data in the complete message. For
- * an unfragmented message this is always zero
- * @fragmentLength: length of this fragment (if not fragmented @fragmentLength
- * is always equal to @length)
- */
-typedef struct Dtls13HandshakeHeader {
-    byte msg_type;
-    byte length[3];
-    byte messageSeq[2];
-    byte fragmentOffset[3];
-    byte fragmentLength[3];
-} Dtls13HandshakeHeader;
-
-wc_static_assert(sizeof(Dtls13HandshakeHeader) == DTLS13_HANDSHAKE_HEADER_SZ);
-
-/**
- * struct Dtls13Recordplaintextheader: represent header of unprotected DTLSv1.3
- * record
- * @contentType: content type of the record (handshake, applicationData, etc)
- * @legacyversionrecord: legacy version field
- * @epoch: epoch number (lower 16 bits)
- * @sequenceNumber: sequence number (lower 16 bits)
- * @length: length of the record
- */
-typedef struct Dtls13RecordPlaintextHeader {
-    byte contentType;
-    ProtocolVersion legacyVersionRecord;
-    byte epoch[2];
-    byte sequenceNumber[6];
-    byte length[2];
-} Dtls13RecordPlaintextHeader;
-
-/* size of the len field in the unified header */
-#define DTLS13_LEN_SIZE 2
-/* size of the flags in the unified header */
-#define DTLS13_HDR_FLAGS_SIZE 1
-/* size of the sequence number where SEQ_LEN_BIT is present */
-#define DTLS13_SEQ_16_LEN 2
-/* size of the sequence number where SEQ_LEN_BIT is not present */
-#define DTLS13_SEQ_8_LEN 1
-
-/* fixed bits mask to detect unified header  */
-#define DTLS13_FIXED_BITS_MASK (0x111 << 5)
-/* fixed bits value to detect unified header  */
-#define DTLS13_FIXED_BITS (0x1 << 5)
-/* ConnectionID present bit in the unified header flags */
-#define DTLS13_CID_BIT (0x1 << 4)
-/* Sequence number is 16 bits if this bit is into unified header flags */
-#define DTLS13_SEQ_LEN_BIT (0x1 << 3)
-/* Length field is present if this bit is into unified header flags */
-#define DTLS13_LEN_BIT (0x1 << 2)
-
-/* For now, the size of the outgoing DTLSv1.3 record header is fixed to 5 bytes
-   (8 bit header flags + 16bit record number + 16 bit length). In the future, we
-   can dynamically choose to remove the length from the header to save
-   space. Also it will need to account for client connection ID when
-   supported. */
-#define DTLS13_UNIFIED_HEADER_SIZE 5
-#define DTLS13_MIN_CIPHERTEXT 16
-#define DTLS13_MIN_RTX_INTERVAL 1
-
-#ifndef NO_WOLFSSL_CLIENT
-WOLFSSL_METHOD* wolfDTLSv1_3_client_method_ex(void* heap)
-{
-    WOLFSSL_METHOD* method;
-
-    WOLFSSL_ENTER("DTLSv1_3_client_method_ex");
-    (void)heap;
-
-    method = (WOLFSSL_METHOD*)XMALLOC(sizeof(WOLFSSL_METHOD), heap,
-        DYNAMIC_TYPE_METHOD);
-    if (method)
-        InitSSL_Method(method, MakeDTLSv1_3());
-
-    return method;
-}
-
-WOLFSSL_METHOD* wolfDTLSv1_3_client_method(void)
-{
-    return wolfDTLSv1_3_client_method_ex(NULL);
-}
-#endif /* !NO_WOLFSSL_CLIENT */
-
-
-#ifndef NO_WOLFSSL_SERVER
-WOLFSSL_METHOD* wolfDTLSv1_3_server_method_ex(void* heap)
-{
-    WOLFSSL_METHOD* method;
-
-    WOLFSSL_ENTER("DTLSv1_3_server_method_ex");
-    (void)heap;
-
-    method = (WOLFSSL_METHOD*)XMALLOC(sizeof(WOLFSSL_METHOD), heap,
-        DYNAMIC_TYPE_METHOD);
-    if (method) {
-        InitSSL_Method(method, MakeDTLSv1_3());
-        method->side = WOLFSSL_SERVER_END;
-    }
-
-    return method;
-}
-
-WOLFSSL_METHOD* wolfDTLSv1_3_server_method(void)
-{
-    return wolfDTLSv1_3_server_method_ex(NULL);
-}
-#endif /* !NO_WOLFSSL_SERVER */
-
-int Dtls13RlAddPlaintextHeader(WOLFSSL* ssl, byte* out,
-    enum ContentType content_type, word16 length)
-{
-    Dtls13RecordPlaintextHeader* hdr;
-    word32 seq[2];
-    int ret;
-
-    hdr = (Dtls13RecordPlaintextHeader*)out;
-    hdr->contentType = content_type;
-    hdr->legacyVersionRecord.major = DTLS_MAJOR;
-    hdr->legacyVersionRecord.minor = DTLSv1_2_MINOR;
-
-    ret = Dtls13GetSeq(ssl, CUR_ORDER, seq, 1);
-    if (ret != 0)
-        return ret;
-
-    /* seq[0] combines the epoch and 16 MSB of sequence number. We write on the
-       epoch field and will overflow to the first two bytes of the sequence
-       number */
-    c16toa((word16)(seq[0] >> 16), hdr->epoch);
-    c16toa((word16)seq[0], hdr->sequenceNumber);
-    c32toa(seq[1], &hdr->sequenceNumber[2]);
-
-    c16toa(length, hdr->length);
-
-    return 0;
-}
-
-static int Dtls13HandshakeAddHeaderFrag(WOLFSSL* ssl, byte* output,
-    enum HandShakeType msg_type, word32 frag_offset, word32 frag_length,
-    word32 msg_length)
-{
-    Dtls13HandshakeHeader* hdr;
-
-    hdr = (Dtls13HandshakeHeader*)output;
-
-    hdr->msg_type = msg_type;
-    c32to24((word32)msg_length, hdr->length);
-    c16toa(ssl->keys.dtls_handshake_number, hdr->messageSeq);
-
-    c32to24(frag_offset, hdr->fragmentOffset);
-    c32to24(frag_length, hdr->fragmentLength);
-
-    return 0;
-}
-
-static byte Dtls13TypeIsEncrypted(enum HandShakeType hs_type)
-{
-    byte ret = 0;
-
-    switch (hs_type) {
-    case hello_request:
-    case hello_verify_request:
-    case client_hello:
-    case hello_retry_request:
-    case server_hello:
-        break;
-    case encrypted_extensions:
-    case session_ticket:
-    case end_of_early_data:
-    case certificate:
-    case server_key_exchange:
-    case certificate_request:
-    case server_hello_done:
-    case certificate_verify:
-    case client_key_exchange:
-    case finished:
-    case certificate_status:
-    case key_update:
-    case change_cipher_hs:
-    case message_hash:
-    case no_shake:
-        ret = 1;
-    }
-
-    return ret;
-}
-
-static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
-    enum rnDirection dir)
-{
-    RecordNumberCiphers* c;
-
-    if (dir == PROTECT)
-        c = &ssl->dtlsRecordNumberEncrypt;
-    else
-        c = &ssl->dtlsRecordNumberDecrypt;
-
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
-        ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm) {
-
-        if (c->aes == NULL)
-            return BAD_STATE_E;
-#if !defined(HAVE_SELFTEST) && \
-    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)) \
-    || defined(WOLFSSL_KERNEL_MODE))
-        return wc_AesEncryptDirect(c->aes, mask, ciphertext);
-#else
-        wc_AesEncryptDirect(c->aes, mask, ciphertext);
-        return 0;
-#endif
-    }
-#endif /* HAVE_AESGCM || HAVE_AESCCM */
-
-#ifdef HAVE_CHACHA
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_chacha) {
-        word32 counter;
-        int ret;
-
-        if (c->chacha == NULL)
-            return BAD_STATE_E;
-
-        /* assuming CIPHER[0..3] should be interpreted as little endian 32-bits
-           integer. The draft rfc isn't really clear on that. See sec 4.2.3 of
-           the draft. See also Section 2.3 of the Chacha RFC. */
-        ato32le(ciphertext, &counter);
-
-        ret = wc_Chacha_SetIV(c->chacha, &ciphertext[4], counter);
-        if (ret != 0)
-            return ret;
-
-        XMEMSET(mask, 0, DTLS13_RN_MASK_SIZE);
-
-        return wc_Chacha_Process(c->chacha, mask, mask, DTLS13_RN_MASK_SIZE);
-    }
-#endif /* HAVE_CHACHA */
-
-    return NOT_COMPILED_IN;
-}
-
-static int Dtls13EncryptDecryptRecordNumber(WOLFSSL* ssl, byte* seq,
-    int SeqLength, const byte* ciphertext, enum rnDirection dir)
-{
-    byte mask[DTLS13_RN_MASK_SIZE];
-    int ret;
-
-#ifdef HAVE_NULL_CIPHER
-    /* Do not encrypt record numbers with null cipher. See RFC 9150 Sec 9 */
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_cipher_null)
-        return 0;
-#endif /*HAVE_NULL_CIPHER */
-
-    ret = Dtls13GetRnMask(ssl, ciphertext, mask, dir);
-    if (ret != 0)
-        return ret;
-
-    xorbuf(seq, mask, SeqLength);
-
-    return 0;
-}
-
-static byte Dtls13RtxMsgNeedsAck(WOLFSSL* ssl, enum HandShakeType hs)
-{
-
-#ifndef NO_WOLFSSL_SERVER
-    /* we send an ACK when processing the finished message. In this case either
-       we already sent an ACK for client's Certificate/CertificateVerify or they
-       are in our list of seen records and will be included in the ACK
-       message */
-    if (ssl->options.side == WOLFSSL_SERVER_END && (hs == finished))
-        return 1;
-#else
-    (void)ssl;
-#endif /* NO_WOLFSSL_SERVER */
-
-    if (hs == session_ticket || hs == key_update)
-        return 1;
-
-    return 0;
-}
-
-static void Dtls13MsgWasProcessed(WOLFSSL* ssl, enum HandShakeType hs)
-{
-    if (ssl->options.dtlsStateful)
-        ssl->keys.dtls_expected_peer_handshake_number++;
-
-#ifdef WOLFSSL_RW_THREADED
-    if (wc_LockMutex(&ssl->dtls13Rtx.mutex) == 0)
-#endif
-    {
-        /* we need to send ACKs on the last message of a flight that needs
-         * explicit acknowledgment */
-        ssl->dtls13Rtx.sendAcks = Dtls13RtxMsgNeedsAck(ssl, hs);
-    #ifdef WOLFSSL_RW_THREADED
-        wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
-    #endif
-    }
-}
-
-int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
-{
-    DtlsMsg* msg = ssl->dtls_rx_msg_list;
-    word32 idx = 0;
-    int ret = 0;
-
-    WOLFSSL_ENTER("Dtls13ProcessBufferedMessages");
-
-    while (msg != NULL) {
-        int downgraded = 0;
-        idx = 0;
-
-        /* message not in order */
-        if (ssl->keys.dtls_expected_peer_handshake_number != msg->seq)
-            break;
-
-        /* message not complete */
-        if (!msg->ready)
-            break;
-
-#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
-        ret = MsgCheckEncryption(ssl, msg->type, msg->encrypted);
-        if (ret != 0) {
-            SendAlert(ssl, alert_fatal, unexpected_message);
-            break;
-        }
-#endif
-
-        /* We may have DTLS <=1.2 msgs stored from before we knew which version
-         * we were going to use. Interpret correctly. */
-        if (IsAtLeastTLSv1_3(ssl->version)) {
-            ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
-                    msg->sz, msg->sz);
-            if (!IsAtLeastTLSv1_3(ssl->version))
-                downgraded = 1;
-        }
-        else {
-#if !defined(WOLFSSL_NO_TLS12)
-            ret = DoHandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
-                    msg->sz, msg->sz);
-#else
-            WOLFSSL_MSG("DTLS1.2 disabled with WOLFSSL_NO_TLS12");
-            WOLFSSL_ERROR_VERBOSE(NOT_COMPILED_IN);
-            ret = NOT_COMPILED_IN;
-#endif
-        }
-
-        /* processing certificate_request triggers a connect. The error came
-         * from there, the message can be considered processed successfully.
-         * WANT_WRITE means that we are done with processing the msg and we are
-         * waiting to flush the output buffer. */
-        if ((ret == 0 || ret == WC_NO_ERR_TRACE(WANT_WRITE)) ||
-                        (msg->type == certificate_request &&
-                         ssl->options.handShakeDone &&
-                         ret == WC_NO_ERR_TRACE(WC_PENDING_E))) {
-            if (IsAtLeastTLSv1_3(ssl->version))
-                Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
-            else if (downgraded)
-                /* DoHandShakeMsgType normally handles the hs number but if
-                 * DoTls13HandShakeMsgType processed 1.2 msgs then this wasn't
-                 * incremented. */
-                ssl->keys.dtls_expected_peer_handshake_number++;
-
-            ssl->dtls_rx_msg_list = msg->next;
-            DtlsMsgDelete(msg, ssl->heap);
-            msg = ssl->dtls_rx_msg_list;
-            ssl->dtls_rx_msg_list_sz--;
-        }
-
-        if (ret != 0)
-            break;
-    }
-
-    WOLFSSL_LEAVE("dtls13_process_buffered_messages()", ret);
-
-    return ret;
-}
-
-static int Dtls13NextMessageComplete(WOLFSSL* ssl)
-{
-    return ssl->dtls_rx_msg_list != NULL &&
-           ssl->dtls_rx_msg_list->ready &&
-           ssl->dtls_rx_msg_list->seq ==
-               ssl->keys.dtls_expected_peer_handshake_number;
-}
-
-static WC_INLINE int FragIsInOutputBuffer(WOLFSSL* ssl, const byte* frag)
-{
-    const byte* OutputBuffer = ssl->buffers.outputBuffer.buffer;
-    word32 OutputBufferSize = ssl->buffers.outputBuffer.bufferSize;
-
-    return frag >= OutputBuffer && frag < OutputBuffer + OutputBufferSize;
-}
-
-static int Dtls13SendFragFromBuffer(WOLFSSL* ssl, byte* output, word16 length)
-{
-    byte* buf;
-    int ret;
-
-    if (FragIsInOutputBuffer(ssl, output))
-        return BAD_FUNC_ARG;
-
-    ret = CheckAvailableSize(ssl, length);
-    if (ret != 0)
-        return ret;
-
-    buf = GetOutputBuffer(ssl);
-
-    XMEMCPY(buf, output, length);
-
-    ssl->buffers.outputBuffer.length += length;
-
-    return SendBuffered(ssl);
-}
-
-static int Dtls13SendNow(WOLFSSL* ssl, enum HandShakeType handshakeType)
-{
-    if (!ssl->options.groupMessages || ssl->dtls13SendingFragments)
-        return 1;
-
-    if (handshakeType == client_hello || handshakeType == hello_retry_request ||
-        handshakeType == finished || handshakeType == session_ticket ||
-        handshakeType == session_ticket || handshakeType == key_update ||
-        (handshakeType == certificate_request &&
-            ssl->options.handShakeState == HANDSHAKE_DONE))
-        return 1;
-
-    return 0;
-}
-
-/* Handshake header DTLS only fields are not included in the transcript hash.
- * body points to the body of the DTLSHandshake message. */
-int Dtls13HashClientHello(const WOLFSSL* ssl, byte* hash, int* hashSz,
-        const byte* body, word32 length, CipherSpecs* specs)
-{
-    /* msg_type(1) + length (3) */
-    byte header[OPAQUE32_LEN];
-    int ret;
-    wc_HashAlg hashCtx;
-    int type = wolfSSL_GetHmacType_ex(specs);
-
-    if (type < 0)
-        return type;
-
-    header[0] = (byte)client_hello;
-    c32to24(length, header + 1);
-
-    ret = wc_HashInit_ex(&hashCtx, (enum wc_HashType)type, ssl->heap, ssl->devId);
-    if (ret == 0) {
-        ret = wc_HashUpdate(&hashCtx, (enum wc_HashType)type, header, OPAQUE32_LEN);
-        if (ret == 0)
-            ret = wc_HashUpdate(&hashCtx, (enum wc_HashType)type, body, length);
-        if (ret == 0)
-            ret = wc_HashFinal(&hashCtx, (enum wc_HashType)type, hash);
-        if (ret == 0) {
-            *hashSz = wc_HashGetDigestSize((enum wc_HashType)type);
-            if (*hashSz < 0)
-                ret = *hashSz;
-        }
-        wc_HashFree(&hashCtx, (enum wc_HashType)type);
-    }
-    return ret;
-}
-
-/* Handshake header DTLS only fields are not included in the transcript hash */
-int Dtls13HashHandshake(WOLFSSL* ssl, const byte* input, word16 length)
-{
-    int ret;
-
-    if (length < DTLS_HANDSHAKE_HEADER_SZ)
-        return BAD_FUNC_ARG;
-
-    /* msg_type(1) + length (3) */
-    ret = HashRaw(ssl, input, OPAQUE32_LEN);
-    if (ret != 0)
-        return ret;
-
-    input += OPAQUE32_LEN;
-    length -= OPAQUE32_LEN;
-
-    /* message_seq(2) + fragment_offset(3) + fragment_length(3) */
-    input += OPAQUE64_LEN;
-    length -= OPAQUE64_LEN;
-
-    return HashRaw(ssl, input, length);
-}
-
-static int Dtls13SendFragment(WOLFSSL* ssl, byte* output, word16 output_size,
-    word16 length, enum HandShakeType handshakeType, int hashOutput,
-    int sendImmediately)
-{
-    word16 recordHeaderLength;
-    word16 recordLength;
-    byte isProtected;
-    int sendLength;
-    byte* msg;
-    int ret;
-
-    if (output_size < length)
-        return BUFFER_ERROR;
-
-    isProtected = Dtls13TypeIsEncrypted(handshakeType);
-    recordHeaderLength = Dtls13GetRlHeaderLength(ssl, isProtected);
-
-    if (length <= recordHeaderLength)
-        return BUFFER_ERROR;
-
-    recordLength = length - recordHeaderLength;
-
-    if (!isProtected) {
-        ret = Dtls13RlAddPlaintextHeader(ssl, output, handshake, recordLength);
-        if (ret != 0)
-            return ret;
-    }
-    else {
-        msg = output + recordHeaderLength;
-
-        if (hashOutput) {
-            ret = Dtls13HashHandshake(ssl, msg, recordLength);
-            if (ret != 0)
-                return ret;
-        }
-
-        sendLength = BuildTls13Message(ssl, output, output_size, msg,
-            recordLength, handshake, 0, 0, 0);
-        if (sendLength < 0)
-            return sendLength;
-
-        length = (word16)sendLength;
-    }
-
-    if (!FragIsInOutputBuffer(ssl, output))
-        return Dtls13SendFragFromBuffer(ssl, output, length);
-
-    ssl->buffers.outputBuffer.length += length;
-
-    ret = 0;
-    if (sendImmediately)
-        ret = SendBuffered(ssl);
-
-    return ret;
-}
-
-static void Dtls13FreeFragmentsBuffer(WOLFSSL* ssl)
-{
-    XFREE(ssl->dtls13FragmentsBuffer.buffer, ssl->heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    ssl->dtls13FragmentsBuffer.buffer = NULL;
-    ssl->dtls13SendingFragments = 0;
-    ssl->dtls13MessageLength = ssl->dtls13FragOffset = 0;
-}
-
-static WC_INLINE void Dtls13FreeRtxBufferRecord(WOLFSSL* ssl,
-    Dtls13RtxRecord* r)
-{
-    (void)ssl;
-
-    XFREE(r->data, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-    XFREE(r, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-}
-
-static Dtls13RtxRecord* Dtls13RtxNewRecord(WOLFSSL* ssl, byte* data,
-    word16 length, enum HandShakeType handshakeType, w64wrapper seq)
-{
-    w64wrapper epochNumber;
-    Dtls13RtxRecord* r;
-
-    WOLFSSL_ENTER("Dtls13RtxNewRecord");
-
-    if (ssl->dtls13EncryptEpoch == NULL)
-        return NULL;
-
-    epochNumber = ssl->dtls13EncryptEpoch->epochNumber;
-
-    r = (Dtls13RtxRecord*)XMALLOC(sizeof(*r), ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-    if (r == NULL)
-        return NULL;
-
-    r->data = (byte*)XMALLOC(length, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-    if (r->data == NULL) {
-        XFREE(r, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-        return NULL;
-    }
-
-    XMEMCPY(r->data, data, length);
-    r->epoch = epochNumber;
-    r->length = length;
-    r->next = NULL;
-    r->handshakeType = handshakeType;
-    r->seq[0] = seq;
-    r->rnIdx = 1;
-
-    return r;
-}
-
-static void Dtls13RtxAddRecord(Dtls13Rtx* fsm, Dtls13RtxRecord* r)
-{
-    WOLFSSL_ENTER("Dtls13RtxAddRecord");
-
-    *fsm->rtxRecordTailPtr = r;
-    fsm->rtxRecordTailPtr = &r->next;
-    r->next = NULL;
-}
-
-static void Dtls13RtxRecordUnlink(WOLFSSL* ssl, Dtls13RtxRecord** prevNext,
-    Dtls13RtxRecord* r)
-{
-    /* if r was at the tail of the list, update the tail pointer */
-    if (r->next == NULL) {
-    #ifdef WOLFSSL_RW_THREADED
-        if (wc_LockMutex(&ssl->dtls13Rtx.mutex) == 0)
-    #endif
-        {
-            ssl->dtls13Rtx.rtxRecordTailPtr = prevNext;
-        #ifdef WOLFSSL_RW_THREADED
-            wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
-        #endif
-        }
-    }
-
-    /* unlink */
-    *prevNext = r->next;
-}
-
-void Dtls13RtxFlushBuffered(WOLFSSL* ssl, byte keepNewSessionTicket)
-{
-    Dtls13RtxRecord *r, **prevNext;
-
-    WOLFSSL_ENTER("Dtls13RtxFlushBuffered");
-
-    prevNext = &ssl->dtls13Rtx.rtxRecords;
-    r = ssl->dtls13Rtx.rtxRecords;
-
-    /* we process the head at the end */
-    while (r != NULL) {
-
-        if (keepNewSessionTicket && r->handshakeType == session_ticket) {
-            prevNext = &r->next;
-            r = r->next;
-            continue;
-        }
-
-        *prevNext = r->next;
-        Dtls13FreeRtxBufferRecord(ssl, r);
-        r = *prevNext;
-    }
-
-    ssl->dtls13Rtx.rtxRecordTailPtr = prevNext;
-}
-
-static Dtls13RecordNumber* Dtls13NewRecordNumber(w64wrapper epoch,
-    w64wrapper seq, void* heap)
-{
-    Dtls13RecordNumber* rn;
-
-    (void)heap;
-
-    rn = (Dtls13RecordNumber*)XMALLOC(sizeof(*rn), heap,
-        DYNAMIC_TYPE_DTLS_MSG);
-    if (rn == NULL)
-        return NULL;
-
-    rn->next = NULL;
-    rn->epoch = epoch;
-    rn->seq = seq;
-
-    return rn;
-}
-
-int Dtls13RtxAddAck(WOLFSSL* ssl, w64wrapper epoch, w64wrapper seq)
-{
-    Dtls13RecordNumber* rn;
-
-    WOLFSSL_ENTER("Dtls13RtxAddAck");
-
-#ifdef WOLFSSL_RW_THREADED
-    if (wc_LockMutex(&ssl->dtls13Rtx.mutex) == 0)
-#endif
-    {
-        /* Find location to insert new record */
-        Dtls13RecordNumber** prevNext = &ssl->dtls13Rtx.seenRecords;
-        Dtls13RecordNumber* cur = ssl->dtls13Rtx.seenRecords;
-
-        for (; cur != NULL; prevNext = &cur->next, cur = cur->next) {
-            if (w64Equal(cur->epoch, epoch) && w64Equal(cur->seq, seq)) {
-                /* already in list. no duplicates. */
-                return 0;
-            }
-            else if (w64LT(epoch, cur->epoch)
-                    || (w64Equal(epoch, cur->epoch)
-                            && w64LT(seq, cur->seq))) {
-                break;
-            }
-        }
-
-        rn = Dtls13NewRecordNumber(epoch, seq, ssl->heap);
-        if (rn == NULL)
-            return MEMORY_E;
-
-        *prevNext = rn;
-        rn->next = cur;
-    #ifdef WOLFSSL_RW_THREADED
-        wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
-    #endif
-    }
-
-    return 0;
-}
-
-static void Dtls13RtxFlushAcks(WOLFSSL* ssl)
-{
-    Dtls13RecordNumber *list, *rn;
-
-    (void)ssl;
-
-    WOLFSSL_ENTER("Dtls13RtxFlushAcks");
-
-#ifdef WOLFSSL_RW_THREADED
-    if (wc_LockMutex(&ssl->dtls13Rtx.mutex) == 0)
-#endif
-    {
-        list = ssl->dtls13Rtx.seenRecords;
-
-        while (list != NULL) {
-            rn = list;
-            list = rn->next;
-            XFREE(rn, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-        }
-
-        ssl->dtls13Rtx.seenRecords = NULL;
-    #ifdef WOLFSSL_RW_THREADED
-        wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
-    #endif
-    }
-}
-
-static int Dtls13DetectDisruption(WOLFSSL* ssl, word32 fragOffset)
-{
-    /* retransmission. The other peer may have lost our flight or our ACKs. We
-       don't account this as a disruption */
-    if (ssl->keys.dtls_peer_handshake_number <
-        ssl->keys.dtls_expected_peer_handshake_number)
-        return 0;
-
-    /* out of order message */
-    if (ssl->keys.dtls_peer_handshake_number >
-        ssl->keys.dtls_expected_peer_handshake_number) {
-        return 1;
-    }
-
-    /* first fragment of in-order message */
-    if (fragOffset == 0)
-        return 0;
-
-    /* is not the next fragment in the message (the check is not 100% perfect,
-       in the worst case, we don't detect the disruption and wait for the other
-       peer retransmission) */
-    if (ssl->dtls_rx_msg_list != NULL) {
-        DtlsFragBucket* last = ssl->dtls_rx_msg_list->fragBucketList;
-        while (last != NULL && last->m.m.next != NULL)
-            last = last->m.m.next;
-        /* Does this fragment start right after the last fragment we
-         * have stored? */
-        if (last != NULL && (last->m.m.offset + last->m.m.sz) != fragOffset)
-            return 1;
-    }
-    else {
-        /* ssl->dtls_rx_msg_list is NULL and fragOffset != 0 so this is not in
-         * order */
-        return 1;
-    }
-
-    return 0;
-}
-
-static void Dtls13RtxRemoveCurAck(WOLFSSL* ssl)
-{
-    Dtls13RecordNumber *rn, **prevNext;
-
-    prevNext = &ssl->dtls13Rtx.seenRecords;
-    rn = ssl->dtls13Rtx.seenRecords;
-
-    while (rn != NULL) {
-        if (w64Equal(rn->epoch, ssl->keys.curEpoch64) &&
-            w64Equal(rn->seq, ssl->keys.curSeq)) {
-            *prevNext = rn->next;
-            XFREE(rn, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-            return;
-        }
-
-        prevNext = &rn->next;
-        rn = rn->next;
-    }
-}
-
-static void Dtls13MaybeSaveClientHello(WOLFSSL* ssl)
-{
-    Dtls13RtxRecord *r, **prev_next;
-
-    r = ssl->dtls13Rtx.rtxRecords;
-    prev_next = &ssl->dtls13Rtx.rtxRecords;
-
-    if (ssl->options.side == WOLFSSL_CLIENT_END &&
-        ssl->options.connectState >= CLIENT_HELLO_SENT &&
-        ssl->options.connectState <= HELLO_AGAIN_REPLY &&
-        ssl->options.downgrade && ssl->options.minDowngrade >= DTLSv1_2_MINOR) {
-        while (r != NULL) {
-            if (r->handshakeType == client_hello) {
-                Dtls13RtxRecordUnlink(ssl, prev_next, r);
-                XFREE(ssl->dtls13ClientHello, ssl->heap, DYNAMIC_TYPE_DTLS_MSG);
-                ssl->dtls13ClientHello = r->data;
-                ssl->dtls13ClientHelloSz = r->length;
-                r->data = NULL;
-                Dtls13FreeRtxBufferRecord(ssl, r);
-                return;
-            }
-            prev_next = &r->next;
-            r = r->next;
-        }
-    }
-}
-
-static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs,
-    word32 fragOffset)
-{
-    WOLFSSL_ENTER("Dtls13RtxMsgRecvd");
-
-    if (!ssl->options.handShakeDone &&
-        ssl->keys.dtls_peer_handshake_number >=
-            ssl->keys.dtls_expected_peer_handshake_number) {
-
-        if (hs == server_hello)
-            Dtls13MaybeSaveClientHello(ssl);
-
-        /* In the handshake, receiving part of the next flight, acknowledge the
-         * sent flight. */
-        /* On the server side, receiving the last client flight does not ACK any
-         * sent new_session_ticket messages. */
-        /* We don't want to clear the buffer until we have done version
-         * negotiation in the SH or have received a unified header in the
-         * DTLS record. */
-        if (ssl->options.serverState >= SERVER_HELLO_COMPLETE ||
-                    ssl->options.seenUnifiedHdr)
-            /* Use 1.2 API to clear 1.2 buffers too */
-            DtlsMsgPoolReset(ssl);
-    }
-
-    if (ssl->keys.dtls_peer_handshake_number <
-        ssl->keys.dtls_expected_peer_handshake_number) {
-
-        /* retransmission detected. */
-        ssl->dtls13Rtx.retransmit = 1;
-
-        /* the other peer may have retransmitted because an ACK for a flight
-           that needs explicit ACK was lost.*/
-        if (ssl->dtls13Rtx.seenRecords != NULL)
-            ssl->dtls13Rtx.sendAcks = 1;
-    }
-
-    if (ssl->keys.dtls_peer_handshake_number ==
-            ssl->keys.dtls_expected_peer_handshake_number &&
-        ssl->options.handShakeDone && hs == certificate_request) {
-
-        /* the current record, containing a post-handshake certificate request,
-           is implicitly acknowledged by the
-           certificate/certificate_verify/finished flight we are about to
-           send. Please note that if the certificate request came out-of-order
-           and we didn't send an ACK (sendMoreAcks == 0 and the missing
-           packet(s) arrive before that fast timeout expired), then we will send
-           both the ACK and the flight. While unnecessary this it's harmless, it
-           should be rare and simplifies the code. Otherwise, it would be
-           necessary to track which record number contained a CertificateRequest
-           with a particular context id */
-        Dtls13RtxRemoveCurAck(ssl);
-    }
-
-    if (ssl->options.dtls13SendMoreAcks &&
-        Dtls13DetectDisruption(ssl, fragOffset)) {
-        WOLFSSL_MSG("Disruption detected");
-        ssl->dtls13Rtx.sendAcks = 1;
-    }
-
-    return 0;
-}
-
-void Dtls13FreeFsmResources(WOLFSSL* ssl)
-{
-    Dtls13RtxFlushAcks(ssl);
-    /* Use 1.2 API to clear 1.2 buffers too */
-    DtlsMsgPoolReset(ssl);
-    Dtls13RtxFlushBuffered(ssl, 0);
-}
-
-static int Dtls13SendOneFragmentRtx(WOLFSSL* ssl,
-    enum HandShakeType handshakeType, word16 outputSize, byte* message,
-    word32 length, int hashOutput)
-{
-    Dtls13RtxRecord* rtxRecord = NULL;
-    word16 recordHeaderLength;
-    byte isProtected;
-    int ret;
-
-    isProtected = Dtls13TypeIsEncrypted(handshakeType);
-    recordHeaderLength = Dtls13GetRlHeaderLength(ssl, isProtected);
-
-    if (handshakeType != hello_retry_request) {
-        rtxRecord = Dtls13RtxNewRecord(ssl, message + recordHeaderLength,
-            (word16)(length - recordHeaderLength), handshakeType,
-            ssl->dtls13EncryptEpoch->nextSeqNumber);
-        if (rtxRecord == NULL)
-            return MEMORY_E;
-    }
-
-    ret = Dtls13SendFragment(ssl, message, outputSize, (word16)length,
-        handshakeType, hashOutput, Dtls13SendNow(ssl, handshakeType));
-
-    if (rtxRecord != NULL) {
-        if (ret == 0 || ret == WC_NO_ERR_TRACE(WANT_WRITE))
-            Dtls13RtxAddRecord(&ssl->dtls13Rtx, rtxRecord);
-        else
-            Dtls13FreeRtxBufferRecord(ssl, rtxRecord);
-    }
-
-    return ret;
-}
-
-static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
-{
-    int fragLength, rlHeaderLength;
-    int remainingSize, maxFragment;
-    int recordLength;
-    byte isEncrypted;
-    byte* output;
-    int ret;
-
-    isEncrypted = Dtls13TypeIsEncrypted(
-        (enum HandShakeType)ssl->dtls13FragHandshakeType);
-    rlHeaderLength = Dtls13GetRlHeaderLength(ssl, isEncrypted);
-    maxFragment = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
-
-    remainingSize = ssl->dtls13MessageLength - ssl->dtls13FragOffset;
-
-    while (remainingSize > 0) {
-
-        fragLength = maxFragment - rlHeaderLength - DTLS_HANDSHAKE_HEADER_SZ;
-
-        recordLength = maxFragment;
-
-        if (fragLength > remainingSize) {
-            fragLength = remainingSize;
-            recordLength =
-                fragLength + rlHeaderLength + DTLS_HANDSHAKE_HEADER_SZ;
-        }
-
-        ret = CheckAvailableSize(ssl, recordLength + MAX_MSG_EXTRA);
-        if (ret != 0) {
-            Dtls13FreeFragmentsBuffer(ssl);
-            return ret;
-        }
-
-        output = GetOutputBuffer(ssl);
-
-        ret = Dtls13HandshakeAddHeaderFrag(ssl, output + rlHeaderLength,
-            (enum HandShakeType)ssl->dtls13FragHandshakeType,
-            ssl->dtls13FragOffset, fragLength, ssl->dtls13MessageLength);
-        if (ret != 0) {
-            Dtls13FreeFragmentsBuffer(ssl);
-            return ret;
-        }
-
-        XMEMCPY(output + rlHeaderLength + DTLS_HANDSHAKE_HEADER_SZ,
-            ssl->dtls13FragmentsBuffer.buffer + ssl->dtls13FragOffset,
-            fragLength);
-
-        ret = Dtls13SendOneFragmentRtx(ssl,
-            (enum HandShakeType)ssl->dtls13FragHandshakeType,
-            (word16)recordLength + MAX_MSG_EXTRA, output, (word32)recordLength, 0);
-        if (ret == WC_NO_ERR_TRACE(WANT_WRITE)) {
-            ssl->dtls13FragOffset += fragLength;
-            return ret;
-        }
-
-        if (ret != 0) {
-            Dtls13FreeFragmentsBuffer(ssl);
-            return ret;
-        }
-
-        ssl->dtls13FragOffset += fragLength;
-        remainingSize -= fragLength;
-    }
-
-    /* we sent all fragments */
-    Dtls13FreeFragmentsBuffer(ssl);
-    return 0;
-}
-
-static int Dtls13SendFragmented(WOLFSSL* ssl, byte* message, word16 length,
-    enum HandShakeType handshake_type, int hash_output)
-{
-    int rlHeaderLength;
-    byte isEncrypted;
-    int messageSize;
-    int ret;
-
-    if (ssl->dtls13SendingFragments != 0) {
-        WOLFSSL_MSG(
-            "dtls13_send_fragmented() invoked while already sending fragments");
-        return BAD_STATE_E;
-    }
-
-    isEncrypted = Dtls13TypeIsEncrypted(handshake_type);
-    rlHeaderLength = Dtls13GetRlHeaderLength(ssl, isEncrypted);
-
-    if (length < rlHeaderLength)
-        return INCOMPLETE_DATA;
-
-    /* DTLSv1.3 do not consider fragmentation for hash transcript. Build the
-       hash now pretending fragmentation will not happen */
-    if (hash_output) {
-        ret = Dtls13HashHandshake(ssl, message + rlHeaderLength,
-            length - (word16)rlHeaderLength);
-        if (ret != 0)
-            return ret;
-    }
-
-    messageSize = length - rlHeaderLength - DTLS_HANDSHAKE_HEADER_SZ;
-
-    ssl->dtls13FragmentsBuffer.buffer =
-        (byte*)XMALLOC(messageSize, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (ssl->dtls13FragmentsBuffer.buffer == NULL)
-        return MEMORY_E;
-
-    XMEMCPY(ssl->dtls13FragmentsBuffer.buffer,
-        message + rlHeaderLength + DTLS_HANDSHAKE_HEADER_SZ, messageSize);
-
-    ssl->dtls13MessageLength = messageSize;
-    ssl->dtls13FragHandshakeType = handshake_type;
-    ssl->dtls13SendingFragments = 1;
-
-    return Dtls13SendFragmentedInternal(ssl);
-}
-
-static WC_INLINE word8 Dtls13GetEpochBits(w64wrapper epoch)
-{
-    return w64GetLow32(epoch) & EE_MASK;
-}
-
-#ifdef WOLFSSL_DTLS_CID
-
-static int Dtls13AddCID(WOLFSSL* ssl, byte* flags, byte* out, word16* idx)
-{
-    byte cidSz;
-    int ret;
-
-    if (!wolfSSL_dtls_cid_is_enabled(ssl))
-        return 0;
-
-    cidSz = DtlsGetCidTxSize(ssl);
-
-    /* no cid */
-    if (cidSz == 0)
-        return 0;
-    *flags |= DTLS13_CID_BIT;
-    /* we know that we have at least cidSz of space */
-    ret = wolfSSL_dtls_cid_get_tx(ssl, out + *idx, cidSz);
-    if (ret != WOLFSSL_SUCCESS)
-        return ret;
-    *idx += cidSz;
-    return 0;
-}
-
-static int Dtls13UnifiedHeaderParseCID(WOLFSSL* ssl, byte flags,
-    const byte* input, word16 inputSize, word16* idx)
-{
-    unsigned int _cidSz;
-    int ret;
-
-    if (flags & DTLS13_CID_BIT) {
-        if (!wolfSSL_dtls_cid_is_enabled(ssl)) {
-            WOLFSSL_MSG("CID while no negotiated CID, ignoring");
-            return DTLS_CID_ERROR;
-        }
-
-        if (!DtlsCIDCheck(ssl, input + *idx, inputSize - *idx)) {
-            WOLFSSL_MSG("Not matching or wrong CID, ignoring");
-            return DTLS_CID_ERROR;
-        }
-
-        ret = wolfSSL_dtls_cid_get_rx_size(ssl, &_cidSz);
-        if (ret != WOLFSSL_SUCCESS)
-            return ret;
-
-        *idx += (word16)_cidSz;
-        return 0;
-    }
-
-    /* CID not present */
-    if (wolfSSL_dtls_cid_is_enabled(ssl)) {
-        ret = wolfSSL_dtls_cid_get_rx_size(ssl, &_cidSz);
-        if (ret != WOLFSSL_SUCCESS)
-            return ret;
-
-        if (_cidSz != 0) {
-            WOLFSSL_MSG("expecting CID, ignoring");
-            return DTLS_CID_ERROR;
-        }
-    }
-
-    return 0;
-}
-
-int Dtls13UnifiedHeaderCIDPresent(byte flags)
-{
-    return Dtls13IsUnifiedHeader(flags) && (flags & DTLS13_CID_BIT);
-}
-
-#else
-#define Dtls13AddCID(a, b, c, d) 0
-#define Dtls13UnifiedHeaderParseCID(a, b, c, d, e) 0
-#endif /* WOLFSSL_DTLS_CID */
-
-/**
- * dtls13RlAddCiphertextHeader() - add record layer header in the buffer
- * @ssl: ssl object
- * @out: output buffer where to put the header
- * @length: length of the record
- */
-int Dtls13RlAddCiphertextHeader(WOLFSSL* ssl, byte* out, word16 length)
-{
-    word16 seqNumber, idx;
-    byte* flags;
-    int ret;
-
-    if (out == NULL)
-        return BAD_FUNC_ARG;
-
-    if (ssl->dtls13EncryptEpoch == NULL)
-        return BAD_STATE_E;
-
-    flags = out;
-
-    /* header fixed bits */
-    *flags = DTLS13_FIXED_BITS;
-    /* epoch bits */
-    *flags |= Dtls13GetEpochBits(ssl->dtls13EncryptEpoch->epochNumber);
-
-    idx = DTLS13_HDR_FLAGS_SIZE;
-    ret = Dtls13AddCID(ssl, flags, out, &idx);
-    if (ret != 0)
-        return ret;
-
-    /* include 16-bit seq */
-    *flags |= DTLS13_SEQ_LEN_BIT;
-    /* include 16-bit length */
-    *flags |= DTLS13_LEN_BIT;
-
-    seqNumber = (word16)w64GetLow32(ssl->dtls13EncryptEpoch->nextSeqNumber);
-    c16toa(seqNumber, out + idx);
-    idx += OPAQUE16_LEN;
-    c16toa(length, out + idx);
-
-    return 0;
-}
-
-/**
- * Dtls13HandshakeAddHeader() - add handshake layer header
- * @ssl: ssl object
- * @output: output buffer
- * @msg_type: handshake type
- * @length: length of the message
- */
-int Dtls13HandshakeAddHeader(WOLFSSL* ssl, byte* output,
-    enum HandShakeType msg_type, word32 length)
-{
-    Dtls13HandshakeHeader* hdr;
-
-    hdr = (Dtls13HandshakeHeader*)output;
-
-    hdr->msg_type = msg_type;
-    c32to24((word32)length, hdr->length);
-    c16toa(ssl->keys.dtls_handshake_number, hdr->messageSeq);
-
-    /* send unfragmented first */
-    c32to24(0, hdr->fragmentOffset);
-    c32to24((word32)length, hdr->fragmentLength);
-
-    return 0;
-}
-
-int Dtls13MinimumRecordLength(WOLFSSL* ssl)
-{
-    return Dtls13GetRlHeaderLength(ssl, 1) + DTLS13_MIN_CIPHERTEXT;
-}
-
-/**
- * Dtls13EncryptRecordNumber() - encrypt record number in the header
- * @ssl: ssl object
- * @hdr: header
- *
- * Further info rfc draft 43 sec 4.2.3
- */
-int Dtls13EncryptRecordNumber(WOLFSSL* ssl, byte* hdr, word16 recordLength)
-{
-    int seqLength;
-    int hdrLength;
-    int cidSz;
-
-    if (ssl == NULL || hdr == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef HAVE_NULL_CIPHER
-    /* Do not encrypt record numbers with null cipher. See RFC 9150 Sec 9 */
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_cipher_null)
-        return 0;
-#endif /*HAVE_NULL_CIPHER */
-
-    /* we need at least a 16 bytes of ciphertext to encrypt record number see
-       4.2.3*/
-    if (recordLength < Dtls13MinimumRecordLength(ssl))
-        return BUFFER_ERROR;
-
-    seqLength = (*hdr & DTLS13_LEN_BIT) ? DTLS13_SEQ_16_LEN : DTLS13_SEQ_8_LEN;
-
-    cidSz = DtlsGetCidTxSize(ssl);
-    /* header flags + seq number + CID size*/
-    hdrLength = OPAQUE8_LEN + seqLength + cidSz;
-
-    /* length present */
-    if (*hdr & DTLS13_LEN_BIT)
-        hdrLength += DTLS13_LEN_SIZE;
-
-    return Dtls13EncryptDecryptRecordNumber(ssl,
-        /* seq number offset */
-        hdr + OPAQUE8_LEN + cidSz,
-        /* seq size */
-        seqLength,
-        /* cipher text */
-        hdr + hdrLength, PROTECT);
-}
-
-/**
- * Dtls13GetRlHeaderLength() - get record layer header length
- * @ssl: ssl object
- * @isEncrypted: whether the record will be protected or not
- *
- * returns the length of the record layer header in bytes.
- */
-word16 Dtls13GetRlHeaderLength(WOLFSSL* ssl, byte isEncrypted)
-{
-    (void)ssl;
-
-    if (!isEncrypted)
-        return DTLS_RECORD_HEADER_SZ;
-
-    return DTLS13_UNIFIED_HEADER_SIZE + DtlsGetCidTxSize(ssl);
-}
-
-/**
- * Dtls13GetHeadersLength() - return length of record + handshake header
- * @ssl: ssl object
- * @type: type of handshake in the message
- */
-word16 Dtls13GetHeadersLength(WOLFSSL* ssl, enum HandShakeType type)
-{
-    byte isEncrypted;
-
-    isEncrypted = Dtls13TypeIsEncrypted(type);
-
-    return Dtls13GetRlHeaderLength(ssl, isEncrypted) + DTLS_HANDSHAKE_HEADER_SZ;
-}
-
-/**
- * Dtls13IsUnifiedHeader() - check if header is a DTLS unified header
- * @header_flags: first byte of the header
- *
- * Further info: dtls v1.3 draft43 section 4
- */
-int Dtls13IsUnifiedHeader(byte hdrFirstByte)
-{
-    if (hdrFirstByte == alert || hdrFirstByte == handshake ||
-        hdrFirstByte == ack)
-        return 0;
-
-    return ((hdrFirstByte & DTLS13_FIXED_BITS_MASK) == DTLS13_FIXED_BITS);
-}
-
-int Dtls13ReconstructSeqNumber(WOLFSSL* ssl, Dtls13UnifiedHdrInfo* hdrInfo,
-    w64wrapper* out)
-{
-    word16 expectedLowBits;
-    word16 seqLowBits;
-    w64wrapper temp;
-    word32 out32;
-    word32 shift;
-    word16 mask;
-    byte wrap = 0;
-
-    if (hdrInfo->seqHiPresent) {
-        seqLowBits = (hdrInfo->seqHi << 8) | hdrInfo->seqLo;
-        mask = 0xffff;
-        shift = (1 << 16);
-    }
-    else {
-        seqLowBits = hdrInfo->seqLo;
-        mask = 0xff;
-        shift = (1 << 8);
-    }
-
-    /* *out = (nextPeerSeqNumber & ~mask) | seqLowbits */
-    out32 = w64GetLow32(ssl->dtls13DecryptEpoch->nextPeerSeqNumber);
-    expectedLowBits = out32 & mask;
-    out32 = (out32 & ~mask) | seqLowBits;
-    *out = ssl->dtls13DecryptEpoch->nextPeerSeqNumber;
-    w64SetLow32(out, out32);
-    if (seqLowBits >= expectedLowBits) {
-        if ((word32)(seqLowBits - expectedLowBits) > shift / 2) {
-            temp = w64Sub32(*out, shift, &wrap);
-            if (!wrap)
-                *out = temp;
-            return 0;
-        }
-    }
-    else {
-        /*  seqLowbits < expectedLowBits */
-        if ((word32)(expectedLowBits - seqLowBits) > shift / 2) {
-            temp = w64Add32(*out, shift, &wrap);
-            if (!wrap)
-                *out = temp;
-            return 0;
-        }
-    }
-
-    return 0;
-}
-
-int Dtls13ReconstructEpochNumber(WOLFSSL* ssl, byte epochBits,
-    w64wrapper* epoch)
-{
-    w64wrapper _epoch;
-    Dtls13Epoch* e;
-    byte found = 0;
-    int i;
-
-    if (Dtls13GetEpochBits(ssl->dtls13PeerEpoch) == epochBits) {
-        *epoch = ssl->dtls13PeerEpoch;
-        return 0;
-    }
-
-    w64Zero(&_epoch);
-
-    for (i = 0; i < DTLS13_EPOCH_SIZE; ++i) {
-        e = &ssl->dtls13Epochs[i];
-
-        if (!e->isValid)
-            continue;
-
-        if (Dtls13GetEpochBits(e->epochNumber) != epochBits)
-            continue;
-
-        if (w64GT(e->epochNumber, _epoch)) {
-            found = 1;
-            _epoch = e->epochNumber;
-        }
-    }
-
-    if (found) {
-        *epoch = _epoch;
-        return 0;
-    }
-
-    return SEQUENCE_ERROR;
-}
-
-int Dtls13GetUnifiedHeaderSize(WOLFSSL* ssl, const byte input, word16* size)
-{
-    (void)ssl;
-
-    if (size == NULL)
-        return BAD_FUNC_ARG;
-
-    /* flags (1) + CID + seq 8bit (1) */
-    *size = OPAQUE8_LEN + DtlsGetCidRxSize(ssl) + OPAQUE8_LEN;
-    if (input & DTLS13_SEQ_LEN_BIT)
-        *size += OPAQUE8_LEN;
-    if (input & DTLS13_LEN_BIT)
-        *size += OPAQUE16_LEN;
-
-    return 0;
-}
-
-/**
- * Dtls13ParseUnifiedRecordLayer() - parse DTLS unified header
- * @ssl: [in] ssl object
- * @input: [in] buffer where the header is
- * @inputSize: [in] size of the input buffer
- * @hdrInfo: [out] header info struct
- *
- * It parse the header and put the relevant information inside @hdrInfo. Further
- * info: draft43 section 4
- *
- * return 0 on success
- */
-int Dtls13ParseUnifiedRecordLayer(WOLFSSL* ssl, const byte* input,
-    word16 inputSize, Dtls13UnifiedHdrInfo* hdrInfo)
-{
-    byte seqLen, hasLength;
-    byte* seqNum;
-    byte flags;
-    word16 idx;
-    int ret;
-
-    if (input == NULL || inputSize < DTLS13_HDR_FLAGS_SIZE)
-        return BAD_FUNC_ARG;
-
-    flags = *input;
-    idx = DTLS13_HDR_FLAGS_SIZE;
-    ret = Dtls13UnifiedHeaderParseCID(ssl, flags, input, inputSize, &idx);
-    if (ret != 0)
-        return ret;
-
-    seqNum = (byte*)input + idx;
-    seqLen = (flags & DTLS13_SEQ_LEN_BIT) != 0 ? DTLS13_SEQ_16_LEN
-                                               : DTLS13_SEQ_8_LEN;
-    hasLength = flags & DTLS13_LEN_BIT;
-    hdrInfo->epochBits = flags & EE_MASK;
-
-    idx += seqLen;
-
-    if (inputSize < idx)
-        return BUFFER_ERROR;
-
-    if (hasLength) {
-        if (inputSize < idx + DTLS13_LEN_SIZE)
-            return BUFFER_ERROR;
-
-        ato16(input + idx, &hdrInfo->recordLength);
-        idx += DTLS13_LEN_SIZE;
-    }
-    else {
-        /* length not present. The size of the record is the all the remaining
-           data received with this datagram */
-        hdrInfo->recordLength = inputSize - idx;
-    }
-
-    /* Do not encrypt record numbers with null cipher. See RFC 9150 Sec 9 */
-    if (ssl->specs.bulk_cipher_algorithm != wolfssl_cipher_null)
-    {
-        /* minimum size for a dtls1.3 packet is 16 bytes (to have enough
-         * ciphertext to create record number xor mask).
-         * (draft 43 - Sec 4.2.3) */
-        if (hdrInfo->recordLength < DTLS13_RN_MASK_SIZE)
-            return LENGTH_ERROR;
-        if (inputSize < idx + DTLS13_RN_MASK_SIZE)
-            return BUFFER_ERROR;
-
-        ret = Dtls13EncryptDecryptRecordNumber(ssl, seqNum, seqLen, input + idx,
-            DEPROTECT);
-        if (ret != 0)
-            return ret;
-    }
-
-    if (seqLen == DTLS13_SEQ_16_LEN) {
-        hdrInfo->seqHiPresent = 1;
-        hdrInfo->seqHi = seqNum[0];
-        hdrInfo->seqLo = seqNum[1];
-    }
-    else {
-        hdrInfo->seqHiPresent = 0;
-        hdrInfo->seqLo = seqNum[0];
-    }
-
-    return 0;
-}
-
-int Dtls13RecordRecvd(WOLFSSL* ssl)
-{
-    int ret;
-
-    if (ssl->curRL.type != handshake)
-        return 0;
-
-    if (!ssl->options.dtls13SendMoreAcks)
-        ssl->dtls13FastTimeout = 1;
-
-    ret = Dtls13RtxAddAck(ssl, ssl->keys.curEpoch64, ssl->keys.curSeq);
-    if (ret != 0)
-        WOLFSSL_MSG("can't save ack fragment");
-
-    return ret;
-}
-
-static void Dtls13RtxMoveToEndOfList(WOLFSSL* ssl, Dtls13RtxRecord** prevNext,
-    Dtls13RtxRecord* r)
-{
-    /* already at the end */
-    if (r->next == NULL)
-        return;
-
-    Dtls13RtxRecordUnlink(ssl, prevNext, r);
-    /* add to the end */
-    Dtls13RtxAddRecord(&ssl->dtls13Rtx, r);
-}
-
-static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
-{
-    word16 headerLength;
-    Dtls13RtxRecord *r, **prevNext;
-    w64wrapper seq;
-    byte* output;
-    int isLast;
-    int sendSz;
-#ifndef NO_ASN_TIME
-    word32 now;
-#endif
-    int ret;
-
-    WOLFSSL_ENTER("Dtls13RtxSendBuffered");
-
-#ifndef NO_ASN_TIME
-    now = LowResTimer();
-    if (now - ssl->dtls13Rtx.lastRtx < DTLS13_MIN_RTX_INTERVAL) {
-#ifdef WOLFSSL_DEBUG_TLS
-        WOLFSSL_MSG("Avoid too fast retransmission");
-#endif /* WOLFSSL_DEBUG_TLS */
-        return 0;
-    }
-
-    ssl->dtls13Rtx.lastRtx = now;
-#endif
-
-    r = ssl->dtls13Rtx.rtxRecords;
-    prevNext = &ssl->dtls13Rtx.rtxRecords;
-    while (r != NULL) {
-        isLast = r->next == NULL;
-        WOLFSSL_MSG("Dtls13Rtx One Record");
-
-        headerLength = Dtls13GetRlHeaderLength(ssl, !w64IsZero(r->epoch));
-
-        sendSz = r->length + headerLength;
-
-        if (!w64IsZero(r->epoch))
-            sendSz += MAX_MSG_EXTRA;
-
-        ret = CheckAvailableSize(ssl, sendSz);
-        if (ret != 0)
-            return ret;
-
-        output = GetOutputBuffer(ssl);
-
-        XMEMCPY(output + headerLength, r->data, r->length);
-
-        if (!w64Equal(ssl->dtls13EncryptEpoch->epochNumber, r->epoch)) {
-            ret = Dtls13SetEpochKeys(ssl, r->epoch, ENCRYPT_SIDE_ONLY);
-            if (ret != 0)
-                return ret;
-        }
-
-        seq = ssl->dtls13EncryptEpoch->nextSeqNumber;
-
-        ret = Dtls13SendFragment(ssl, output, (word16)sendSz, r->length + headerLength,
-            (enum HandShakeType)r->handshakeType, 0,
-            isLast || !ssl->options.groupMessages);
-        if (ret != 0 && ret != WC_NO_ERR_TRACE(WANT_WRITE))
-            return ret;
-
-        if (r->rnIdx >= DTLS13_RETRANS_RN_SIZE)
-            r->rnIdx = 0;
-
-#ifdef WOLFSSL_DEBUG_TLS
-        WOLFSSL_MSG_EX("tracking r hs: %d with seq: %ld", r->handshakeType,
-            seq);
-#endif /* WOLFSSL_DEBUG_TLS */
-
-        r->seq[r->rnIdx] = seq;
-        r->rnIdx++;
-
-        if (ret == WC_NO_ERR_TRACE(WANT_WRITE)) {
-            /* this fragment will be sent eventually. Move it to the end of the
-               list so next time we start with a new one. */
-            Dtls13RtxMoveToEndOfList(ssl, prevNext, r);
-            return ret;
-        }
-
-        prevNext = &r->next;
-        r = r->next;
-    }
-
-    return 0;
-}
-
-static int Dtls13AcceptFragmented(WOLFSSL *ssl, enum HandShakeType type)
-{
-    if (IsEncryptionOn(ssl, 0))
-        return 1;
-    if (ssl->options.side == WOLFSSL_CLIENT_END && type == server_hello)
-        return 1;
-#ifdef WOLFSSL_DTLS_CH_FRAG
-    if (ssl->options.side == WOLFSSL_SERVER_END && type == client_hello &&
-            ssl->options.dtls13ChFrag && ssl->options.dtlsStateful)
-        return 1;
-#endif
-    return 0;
-}
-
-int Dtls13CheckEpoch(WOLFSSL* ssl, enum HandShakeType type)
-{
-    w64wrapper plainEpoch = w64From32(0x0, 0x0);
-    w64wrapper hsEpoch = w64From32(0x0, DTLS13_EPOCH_HANDSHAKE);
-    w64wrapper t0Epoch = w64From32(0x0, DTLS13_EPOCH_TRAFFIC0);
-
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        switch (type) {
-            case client_hello:
-            case server_hello:
-            case hello_verify_request:
-            case hello_retry_request:
-            case hello_request:
-                if (!w64Equal(ssl->keys.curEpoch64, plainEpoch)) {
-                    WOLFSSL_MSG("Msg should be epoch 0");
-                    WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                    return SANITY_MSG_E;
-                }
-                break;
-            case encrypted_extensions:
-            case server_key_exchange:
-            case server_hello_done:
-            case client_key_exchange:
-                if (!w64Equal(ssl->keys.curEpoch64, hsEpoch)) {
-                    if (ssl->options.side == WOLFSSL_CLIENT_END &&
-                            ssl->options.serverState < SERVER_HELLO_COMPLETE) {
-                        /* before processing SH we don't know which version
-                         * will be negotiated.  */
-                        if (!w64Equal(ssl->keys.curEpoch64, plainEpoch)) {
-                            WOLFSSL_MSG("Msg should be epoch 2 or 0");
-                            WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                            return SANITY_MSG_E;
-                        }
-                    }
-                    else {
-                        WOLFSSL_MSG("Msg should be epoch 2");
-                        WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                        return SANITY_MSG_E;
-                    }
-                }
-                break;
-            case certificate_request:
-            case certificate:
-            case certificate_verify:
-            case finished:
-                if (!ssl->options.handShakeDone) {
-                    if (!w64Equal(ssl->keys.curEpoch64, hsEpoch)) {
-                        if (ssl->options.side == WOLFSSL_CLIENT_END &&
-                            ssl->options.serverState < SERVER_HELLO_COMPLETE) {
-                            /* before processing SH we don't know which version
-                             * will be negotiated.  */
-                            if (!w64Equal(ssl->keys.curEpoch64, plainEpoch)) {
-                                WOLFSSL_MSG("Msg should be epoch 2 or 0");
-                                WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                                return SANITY_MSG_E;
-                            }
-                        }
-                        else {
-                            WOLFSSL_MSG("Msg should be epoch 2");
-                            WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                            return SANITY_MSG_E;
-                        }
-                    }
-                }
-                else {
-                    /* Allow epoch 2 in case of rtx */
-                    if (!w64GTE(ssl->keys.curEpoch64, hsEpoch)) {
-                        WOLFSSL_MSG("Msg should be epoch 2+");
-                        WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                        return SANITY_MSG_E;
-                    }
-                }
-                break;
-            case certificate_status:
-            case change_cipher_hs:
-            case key_update:
-            case session_ticket:
-                if (!w64GTE(ssl->keys.curEpoch64, t0Epoch)) {
-                    WOLFSSL_MSG("Msg should be epoch 3+");
-                    WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                    return SANITY_MSG_E;
-                }
-                break;
-            case end_of_early_data:
-            case message_hash:
-            case no_shake:
-            default:
-                WOLFSSL_MSG("Unknown message type");
-                WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
-                return SANITY_MSG_E;
-        }
-    }
-    return 0;
-}
-
-/**
- * Dtls13HandshakeRecv() - process an handshake message. Deal with
- fragmentation if needed
- * @ssl: [in] ssl object
- * @input: [in] input buffer
- * @size: [in] input buffer size
- * @type: [out] content type
- * @processedSize: [out] amount of byte processed
- *
- * returns 0 on success
- */
-static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
-    word32* processedSize)
-{
-    word32 fragOff, fragLength;
-    byte isComplete, isFirst;
-    byte usingAsyncCrypto;
-    word32 messageLength;
-    byte handshakeType;
-    word32 idx;
-    int ret;
-
-    idx = 0;
-    ret = GetDtlsHandShakeHeader(ssl, input, &idx, &handshakeType,
-        &messageLength, &fragOff, &fragLength, size);
-    if (ret != 0)
-        return PARSE_ERROR;
-
-    /* Need idx + fragLength as we don't advance the inputBuffer idx value */
-    ret = EarlySanityCheckMsgReceived(ssl, handshakeType, idx + fragLength);
-    if (ret != 0) {
-        WOLFSSL_ERROR(ret);
-        return ret;
-    }
-
-    ret = Dtls13CheckEpoch(ssl, (enum HandShakeType)handshakeType);
-    if (ret != 0) {
-        WOLFSSL_ERROR(ret);
-        return ret;
-    }
-
-    if (ssl->options.side == WOLFSSL_SERVER_END &&
-            ssl->options.acceptState < TLS13_ACCEPT_FIRST_REPLY_DONE) {
-        if (handshakeType != client_hello) {
-            WOLFSSL_MSG("Ignoring other messages before we verify a ClientHello");
-            *processedSize = size;
-            return 0;
-        }
-        /* To be able to operate in stateless mode, we assume the ClientHello
-         * is in order and we use its Handshake Message number and Sequence
-         * Number for our Tx. */
-        ssl->keys.dtls_expected_peer_handshake_number =
-            ssl->keys.dtls_handshake_number =
-                ssl->keys.dtls_peer_handshake_number;
-        ssl->dtls13Epochs[0].nextSeqNumber = ssl->keys.curSeq;
-    }
-
-    if (idx + fragLength > size) {
-        WOLFSSL_ERROR(INCOMPLETE_DATA);
-        return INCOMPLETE_DATA;
-    }
-
-    if (fragOff + fragLength > messageLength)
-        return BUFFER_ERROR;
-
-    ret = Dtls13RtxMsgRecvd(ssl, (enum HandShakeType)handshakeType, fragOff);
-    if (ret != 0)
-        return ret;
-
-    if (ssl->keys.dtls_peer_handshake_number <
-        ssl->keys.dtls_expected_peer_handshake_number) {
-
-#ifdef WOLFSSL_DEBUG_TLS
-        WOLFSSL_MSG(
-            "DTLS1.3 retransmission detected - discard and schedule a rtx");
-#endif /* WOLFSSL_DEBUG_TLS */
-
-        /* ignore the message */
-        *processedSize = idx + fragLength + ssl->keys.padSz;
-
-        return 0;
-    }
-
-    isFirst = fragOff == 0;
-    isComplete = isFirst && fragLength == messageLength;
-
-    if (!isComplete && !Dtls13AcceptFragmented(ssl, (enum HandShakeType)handshakeType)) {
-#ifdef WOLFSSL_DTLS_CH_FRAG
-        byte tls13 = 0;
-        /* check if the first CH fragment contains a valid cookie */
-        if (ssl->options.dtls13ChFrag && !ssl->options.dtlsStateful &&
-                isFirst && handshakeType == client_hello &&
-                DoClientHelloStateless(ssl, input + idx, fragLength, 1, &tls13)
-                    == 0 && tls13) {
-            /* We can save this message and continue as stateful. */
-            if (ssl->chGoodCb != NULL) {
-                int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
-                if (cbret < 0) {
-                    ssl->error = cbret;
-                    WOLFSSL_MSG("ClientHello Good Cb don't continue error");
-                    return WOLFSSL_FATAL_ERROR;
-                }
-            }
-            WOLFSSL_MSG("ClientHello fragment verified");
-        }
-        else
-#endif
-        {
-#ifdef WOLFSSL_DEBUG_TLS
-            WOLFSSL_MSG("DTLS1.3 not accepting fragmented plaintext message");
-#endif /* WOLFSSL_DEBUG_TLS */
-            /* ignore the message */
-            *processedSize = idx + fragLength + ssl->keys.padSz;
-            return 0;
-        }
-    }
-
-    usingAsyncCrypto = ssl->devId != INVALID_DEVID;
-
-    /* store the message if any of the following: (a) incomplete message, (b)
-     * out of order message or (c) if using async crypto. In (c) the processing
-     * of the message can return WC_PENDING_E, it's easier to handle this error
-     * if the message is stored in the buffer.
-     */
-    if (!isComplete ||
-        ssl->keys.dtls_peer_handshake_number >
-            ssl->keys.dtls_expected_peer_handshake_number ||
-        usingAsyncCrypto) {
-        if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) {
-            DtlsMsgStore(ssl, (word16)w64GetLow32(ssl->keys.curEpoch64),
-                ssl->keys.dtls_peer_handshake_number,
-                input + DTLS_HANDSHAKE_HEADER_SZ, messageLength, handshakeType,
-                fragOff, fragLength, ssl->heap);
-        }
-        else {
-            /* DTLS_POOL_SZ outstanding messages is way more than enough for any
-             * valid peer */
-            return DTLS_TOO_MANY_FRAGMENTS_E;
-        }
-
-        *processedSize = idx + fragLength + ssl->keys.padSz;
-        if (Dtls13NextMessageComplete(ssl))
-            return Dtls13ProcessBufferedMessages(ssl);
-
-        return 0;
-    }
-
-    ret = DoTls13HandShakeMsgType(ssl, input, &idx, handshakeType,
-        messageLength, size);
-    *processedSize = idx;
-    if (ret != 0)
-        return ret;
-
-    Dtls13MsgWasProcessed(ssl, (enum HandShakeType)handshakeType);
-
-    /* check if we have buffered some message */
-    if (Dtls13NextMessageComplete(ssl))
-        return Dtls13ProcessBufferedMessages(ssl);
-
-    return 0;
-}
-
-int Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32* inOutIdx,
-    word32 totalSz)
-{
-    word32 maxSize, processedSize = 0;
-    byte* message;
-    int ret;
-
-    message = input + *inOutIdx;
-    maxSize = totalSz - *inOutIdx;
-
-    ret = _Dtls13HandshakeRecv(ssl, message, maxSize, &processedSize);
-
-    *inOutIdx += processedSize;
-
-    return ret;
-}
-
-/**
- * Dtls13FragmentsContinue() - keep sending pending fragments
- * @ssl: ssl object
- */
-int Dtls13FragmentsContinue(WOLFSSL* ssl)
-{
-    int ret;
-
-    ret = Dtls13SendFragmentedInternal(ssl);
-    if (ret == 0)
-        ssl->keys.dtls_handshake_number++;
-
-    return ret;
-}
-
-/**
- * Dtls13AddHeaders() - setup handshake header
- * @output: output buffer at the start of the record
- * @length: length of the full message, included headers
- * @hsType: handshake type
- * @ssl: ssl object
- *
- * This function add the handshake headers and leaves space for the record
- * layer. The real record layer will be added in dtls_send() for unprotected
- * messages and in BuildTls13message() for protected messages.
- *
- * returns 0 on success, -1 otherwise
- */
-int Dtls13AddHeaders(byte* output, word32 length, enum HandShakeType hsType,
-    WOLFSSL* ssl)
-{
-    word16 handshakeOffset;
-    byte isEncrypted;
-
-    isEncrypted = Dtls13TypeIsEncrypted(hsType);
-    handshakeOffset = Dtls13GetRlHeaderLength(ssl, isEncrypted);
-
-    /* The record header is placed by either Dtls13HandshakeSend() or
-       BuildTls13Message() */
-
-    return Dtls13HandshakeAddHeader(ssl, output + handshakeOffset, hsType,
-        length);
-}
-
-/**
- * Dtls13HandshakeSend() - send an handshake message. Fragment if necessary.
- *
- * @ssl: ssl object
- * @message: message where the buffer is in. Handshake header already in place.
- * @output_size: size of the @message buffer
- * @length: length of the message including headers
- * @handshakeType: handshake type of the message
- * @hashOutput: if true add the message to the transcript hash
- *
- */
-int Dtls13HandshakeSend(WOLFSSL* ssl, byte* message, word16 outputSize,
-    word16 length, enum HandShakeType handshakeType, int hashOutput)
-{
-    int maxFrag;
-    int maxLen;
-    int ret;
-
-    if (ssl->dtls13EncryptEpoch == NULL)
-        return BAD_STATE_E;
-
-    /* if we are here, the message is built */
-    ssl->options.buildingMsg = 0;
-
-    if (!ssl->options.handShakeDone) {
-
-        /* during the handshake, if we are sending a new flight, we can flush
-           our ACK list. When sending client
-           [certificate/certificate_verify]/finished flight, we may flush an ACK
-           for a newSessionticket message, sent by the server just after sending
-           its finished message. This should not be a problem. That message
-           arrived out-of-order (before the server finished) so likely an ACK
-           was already sent. In the worst case we will ACK the server
-           retranmission*/
-        if (handshakeType == certificate || handshakeType == finished ||
-            handshakeType == server_hello || handshakeType == client_hello)
-            Dtls13RtxFlushAcks(ssl);
-    }
-
-    /* we want to send always with the highest epoch  */
-    if (!w64Equal(ssl->dtls13EncryptEpoch->epochNumber, ssl->dtls13Epoch)) {
-        ret = Dtls13SetEpochKeys(ssl, ssl->dtls13Epoch, ENCRYPT_SIDE_ONLY);
-        if (ret != 0)
-            return ret;
-    }
-
-    maxFrag = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
-    maxLen = length;
-
-    if (handshakeType == key_update)
-        ssl->dtls13WaitKeyUpdateAck = 1;
-
-    if (maxLen < maxFrag) {
-        ret = Dtls13SendOneFragmentRtx(ssl, handshakeType, outputSize, message,
-            length, hashOutput);
-        if (ret == 0 || ret == WC_NO_ERR_TRACE(WANT_WRITE))
-            ssl->keys.dtls_handshake_number++;
-    }
-    else {
-        ret = Dtls13SendFragmented(ssl, message, length, handshakeType,
-            hashOutput);
-        if (ret == 0)
-            ssl->keys.dtls_handshake_number++;
-    }
-
-    return ret;
-}
-
-#define SN_LABEL_SZ 2
-static const byte snLabel[SN_LABEL_SZ + 1] = "sn";
-
-/**
- * Dtls13DeriveSnKeys() - derive the key used to encrypt the record number
- * @ssl: ssl object
- * @provision: which side (CLIENT or SERVER) to provision
- */
-int Dtls13DeriveSnKeys(WOLFSSL* ssl, int provision)
-{
-    byte key_dig[MAX_PRF_DIG];
-    int ret = 0;
-
-    if (provision & PROVISION_CLIENT) {
-        WOLFSSL_MSG("Derive SN Client key");
-        ret = Tls13DeriveKey(ssl, key_dig, ssl->specs.key_size,
-            ssl->clientSecret, snLabel, SN_LABEL_SZ, ssl->specs.mac_algorithm,
-            0, WOLFSSL_CLIENT_END);
-        if (ret != 0)
-            goto end;
-
-        XMEMCPY(ssl->keys.client_sn_key, key_dig, ssl->specs.key_size);
-    }
-
-    if (provision & PROVISION_SERVER) {
-        WOLFSSL_MSG("Derive SN Server key");
-        ret = Tls13DeriveKey(ssl, key_dig, ssl->specs.key_size,
-            ssl->serverSecret, snLabel, SN_LABEL_SZ, ssl->specs.mac_algorithm,
-            0, WOLFSSL_SERVER_END);
-        if (ret != 0)
-            goto end;
-
-        XMEMCPY(ssl->keys.server_sn_key, key_dig, ssl->specs.key_size);
-    }
-
-end:
-    ForceZero(key_dig, MAX_PRF_DIG);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(key_dig, sizeof(key_dig));
-#endif
-    return ret;
-}
-
-static int Dtls13InitAesCipher(WOLFSSL* ssl, RecordNumberCiphers* cipher,
-    const byte* key, word16 keySize)
-{
-    int ret;
-    if (cipher->aes == NULL) {
-        cipher->aes =
-            (Aes*)XMALLOC(sizeof(Aes), ssl->heap, DYNAMIC_TYPE_CIPHER);
-        if (cipher->aes == NULL)
-            return MEMORY_E;
-    }
-    else {
-        wc_AesFree(cipher->aes);
-    }
-
-    XMEMSET(cipher->aes, 0, sizeof(*cipher->aes));
-
-    ret = wc_AesInit(cipher->aes, ssl->heap, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    return wc_AesSetKey(cipher->aes, key, keySize, NULL, AES_ENCRYPTION);
-}
-
-#ifdef HAVE_CHACHA
-static int Dtls13InitChaChaCipher(RecordNumberCiphers* c, byte* key,
-    word16 keySize, void* heap)
-{
-    (void)heap;
-
-    if (c->chacha == NULL) {
-        c->chacha = (ChaCha*)XMALLOC(sizeof(ChaCha), heap, DYNAMIC_TYPE_CIPHER);
-
-        if (c->chacha == NULL)
-            return MEMORY_E;
-    }
-
-    return wc_Chacha_SetKey(c->chacha, key, keySize);
-}
-#endif /* HAVE_CHACHA */
-
-struct Dtls13Epoch* Dtls13GetEpoch(WOLFSSL* ssl, w64wrapper epochNumber)
-{
-    Dtls13Epoch* e;
-    int i;
-
-    for (i = 0; i < DTLS13_EPOCH_SIZE; ++i) {
-        e = &ssl->dtls13Epochs[i];
-        if (w64Equal(e->epochNumber, epochNumber) && e->isValid)
-            return e;
-    }
-
-    return NULL;
-}
-
-void Dtls13SetOlderEpochSide(WOLFSSL* ssl, w64wrapper epochNumber,
-                                    int side)
-{
-    Dtls13Epoch* e;
-    int i;
-
-    for (i = 0; i < DTLS13_EPOCH_SIZE; ++i) {
-        e = &ssl->dtls13Epochs[i];
-        if (e->isValid && w64LT(e->epochNumber, epochNumber)) {
-            e->side = (byte)side;
-        }
-    }
-}
-
-static void Dtls13EpochCopyKeys(WOLFSSL* ssl, Dtls13Epoch* e, Keys* k, int side)
-{
-    byte clientWrite, serverWrite;
-    byte enc, dec;
-
-    WOLFSSL_ENTER("Dtls13SetEpochKeys");
-
-    clientWrite = serverWrite = 0;
-    enc = dec = 0;
-    switch (side) {
-
-    case ENCRYPT_SIDE_ONLY:
-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-            clientWrite = 1;
-        if (ssl->options.side == WOLFSSL_SERVER_END)
-            serverWrite = 1;
-        enc = 1;
-        break;
-
-    case DECRYPT_SIDE_ONLY:
-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-            serverWrite = 1;
-        if (ssl->options.side == WOLFSSL_SERVER_END)
-            clientWrite = 1;
-        dec = 1;
-        break;
-
-    case ENCRYPT_AND_DECRYPT_SIDE:
-        clientWrite = serverWrite = 1;
-        enc = dec = 1;
-        break;
-    }
-
-    if (clientWrite) {
-        XMEMCPY(e->client_write_key, k->client_write_key,
-            sizeof(e->client_write_key));
-
-        XMEMCPY(e->client_write_IV, k->client_write_IV,
-            sizeof(e->client_write_IV));
-
-        XMEMCPY(e->client_sn_key, k->client_sn_key, sizeof(e->client_sn_key));
-    }
-
-    if (serverWrite) {
-        XMEMCPY(e->server_write_key, k->server_write_key,
-            sizeof(e->server_write_key));
-        XMEMCPY(e->server_write_IV, k->server_write_IV,
-            sizeof(e->server_write_IV));
-        XMEMCPY(e->server_sn_key, k->server_sn_key, sizeof(e->server_sn_key));
-    }
-
-    if (enc)
-        XMEMCPY(e->aead_enc_imp_IV, k->aead_enc_imp_IV,
-            sizeof(e->aead_enc_imp_IV));
-
-    if (dec)
-        XMEMCPY(e->aead_dec_imp_IV, k->aead_dec_imp_IV,
-            sizeof(e->aead_dec_imp_IV));
-}
-
-/* For storing the sequence number we use a word32[2] array here, instead of
-   word64. This is to reuse existing code */
-int Dtls13GetSeq(WOLFSSL* ssl, int order, word32* seq, byte increment)
-{
-    w64wrapper* nativeSeq;
-
-    if (order == PEER_ORDER) {
-        nativeSeq = &ssl->keys.curSeq;
-        /* never increment seq number for current record. In DTLS seq number are
-           explicit */
-        increment = 0;
-    }
-    else if (order == CUR_ORDER) {
-
-        if (ssl->dtls13EncryptEpoch == NULL) {
-            return BAD_STATE_E;
-        }
-
-        nativeSeq = &ssl->dtls13EncryptEpoch->nextSeqNumber;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    seq[0] = w64GetHigh32(*nativeSeq);
-    seq[1] = w64GetLow32(*nativeSeq);
-
-#ifdef WOLFSSL_DEBUG_TLS
-    WOLFSSL_MSG_EX("Dtls13GetSeq(): using seq: %ld", *nativeSeq);
-#endif /* WOLFSSL_DEBUG_TLS */
-
-    if (increment) {
-        w64Increment(nativeSeq);
-
-        /* seq number wrapped up */
-        if (w64IsZero(*nativeSeq))
-            return BAD_STATE_E;
-    }
-
-    return 0;
-}
-
-static Dtls13Epoch* Dtls13NewEpochSlot(WOLFSSL* ssl)
-{
-    Dtls13Epoch *e, *oldest = NULL;
-    w64wrapper oldestNumber;
-    int i;
-
-    /* FIXME: add max function */
-    oldestNumber = w64From32((word32)-1, (word32)-1);
-    oldest = NULL;
-
-    for (i = 0; i < DTLS13_EPOCH_SIZE; ++i) {
-        e = &ssl->dtls13Epochs[i];
-        if (!e->isValid)
-            return e;
-
-        if (!w64Equal(e->epochNumber, ssl->dtls13Epoch) &&
-            !w64Equal(e->epochNumber, ssl->dtls13PeerEpoch) &&
-            w64LT(e->epochNumber, oldestNumber))
-            oldest = e;
-    }
-
-    if (oldest == NULL)
-        return NULL;
-
-    e = oldest;
-
-#ifdef WOLFSSL_DEBUG_TLS
-    WOLFSSL_MSG_EX("Delete epoch: %d", e->epochNumber);
-#endif /* WOLFSSL_DEBUG_TLS */
-
-    XMEMSET(e, 0, sizeof(*e));
-
-    return e;
-}
-
-int Dtls13NewEpoch(WOLFSSL* ssl, w64wrapper epochNumber, int side)
-{
-    Dtls13Epoch* e;
-
-#ifdef WOLFSSL_DEBUG_TLS
-    WOLFSSL_MSG_EX("New epoch: %d", w64GetLow32(epochNumber));
-#endif /* WOLFSSL_DEBUG_TLS */
-
-    e = Dtls13GetEpoch(ssl, epochNumber);
-    if (e == NULL) {
-        e = Dtls13NewEpochSlot(ssl);
-        if (e == NULL)
-            return BAD_STATE_E;
-    }
-
-    Dtls13EpochCopyKeys(ssl, e, &ssl->keys, side);
-
-    if (!e->isValid) {
-        /* fresh epoch, initialize fields */
-        e->epochNumber = epochNumber;
-        e->isValid = 1;
-        e->side = (byte)side;
-    }
-    else if (e->side != side) {
-        /* epoch used for the other side already. update side */
-        e->side = ENCRYPT_AND_DECRYPT_SIDE;
-    }
-
-    /* Once handshake is done. Mark epochs older than the last one as encrypt
-     * only so that they can't be used for decryption. */
-    if (ssl->options.handShakeDone && (e->side == ENCRYPT_AND_DECRYPT_SIDE ||
-            e->side == DECRYPT_SIDE_ONLY)) {
-        w64Decrement(&epochNumber);
-        Dtls13SetOlderEpochSide(ssl, epochNumber, ENCRYPT_SIDE_ONLY);
-    }
-
-    return 0;
-}
-
-int Dtls13SetEpochKeys(WOLFSSL* ssl, w64wrapper epochNumber,
-    enum encrypt_side side)
-{
-    byte clientWrite, serverWrite;
-    Dtls13Epoch* e;
-    byte enc, dec;
-
-    WOLFSSL_ENTER("Dtls13SetEpochKeys");
-
-    clientWrite = serverWrite = 0;
-    enc = dec = 0;
-    switch (side) {
-
-    case ENCRYPT_SIDE_ONLY:
-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-            clientWrite = 1;
-        if (ssl->options.side == WOLFSSL_SERVER_END)
-            serverWrite = 1;
-        enc = 1;
-        break;
-
-    case DECRYPT_SIDE_ONLY:
-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-            serverWrite = 1;
-        if (ssl->options.side == WOLFSSL_SERVER_END)
-            clientWrite = 1;
-        dec = 1;
-        break;
-
-    case ENCRYPT_AND_DECRYPT_SIDE:
-        clientWrite = serverWrite = 1;
-        enc = dec = 1;
-        break;
-    }
-
-    e = Dtls13GetEpoch(ssl, epochNumber);
-    /* we don't have the requested key */
-    if (e == NULL)
-        return BAD_STATE_E;
-
-    if (e->side != ENCRYPT_AND_DECRYPT_SIDE && e->side != side)
-        return BAD_STATE_E;
-
-    if (enc)
-        ssl->dtls13EncryptEpoch = e;
-    if (dec)
-        ssl->dtls13DecryptEpoch = e;
-
-    /* epoch 0 has no key to copy */
-    if (w64IsZero(epochNumber))
-        return 0;
-
-    if (clientWrite) {
-        XMEMCPY(ssl->keys.client_write_key, e->client_write_key,
-            sizeof(ssl->keys.client_write_key));
-
-        XMEMCPY(ssl->keys.client_write_IV, e->client_write_IV,
-            sizeof(ssl->keys.client_write_IV));
-
-        XMEMCPY(ssl->keys.client_sn_key, e->client_sn_key,
-            sizeof(ssl->keys.client_sn_key));
-    }
-
-    if (serverWrite) {
-        XMEMCPY(ssl->keys.server_write_key, e->server_write_key,
-            sizeof(ssl->keys.server_write_key));
-
-        XMEMCPY(ssl->keys.server_write_IV, e->server_write_IV,
-            sizeof(ssl->keys.server_write_IV));
-
-        XMEMCPY(ssl->keys.server_sn_key, e->server_sn_key,
-            sizeof(ssl->keys.server_sn_key));
-    }
-
-    if (enc)
-        XMEMCPY(ssl->keys.aead_enc_imp_IV, e->aead_enc_imp_IV,
-            sizeof(ssl->keys.aead_enc_imp_IV));
-    if (dec)
-        XMEMCPY(ssl->keys.aead_dec_imp_IV, e->aead_dec_imp_IV,
-            sizeof(ssl->keys.aead_dec_imp_IV));
-
-    return SetKeysSide(ssl, side);
-}
-
-int Dtls13SetRecordNumberKeys(WOLFSSL* ssl, enum encrypt_side side)
-{
-    RecordNumberCiphers* enc = NULL;
-    RecordNumberCiphers* dec = NULL;
-    byte *encKey = NULL, *decKey = NULL;
-    int ret;
-
-    if (ssl == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    switch (side) {
-    case ENCRYPT_SIDE_ONLY:
-        enc = &ssl->dtlsRecordNumberEncrypt;
-        break;
-    case DECRYPT_SIDE_ONLY:
-        dec = &ssl->dtlsRecordNumberDecrypt;
-        break;
-    case ENCRYPT_AND_DECRYPT_SIDE:
-        enc = &ssl->dtlsRecordNumberEncrypt;
-        dec = &ssl->dtlsRecordNumberDecrypt;
-        break;
-    }
-
-    if (enc) {
-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-            encKey = ssl->keys.client_sn_key;
-        else
-            encKey = ssl->keys.server_sn_key;
-    }
-
-    if (dec) {
-        if (ssl->options.side == WOLFSSL_CLIENT_END)
-            decKey = ssl->keys.server_sn_key;
-        else
-            decKey = ssl->keys.client_sn_key;
-    }
-
-    /* DTLSv1.3 supports only AEAD algorithm.  */
-#if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
-        ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm) {
-
-        if (enc) {
-            ret = Dtls13InitAesCipher(ssl, enc, encKey, ssl->specs.key_size);
-            if (ret != 0)
-                return ret;
-#ifdef WOLFSSL_DEBUG_TLS
-            WOLFSSL_MSG("Provisioning AES Record Number enc key:");
-            WOLFSSL_BUFFER(encKey, ssl->specs.key_size);
-#endif /* WOLFSSL_DEBUG_TLS */
-        }
-
-        if (dec) {
-            ret = Dtls13InitAesCipher(ssl, dec, decKey, ssl->specs.key_size);
-            if (ret != 0)
-                return ret;
-#ifdef WOLFSSL_DEBUG_TLS
-            WOLFSSL_MSG("Provisioning AES Record Number dec key:");
-            WOLFSSL_BUFFER(decKey, ssl->specs.key_size);
-#endif /* WOLFSSL_DEBUG_TLS */
-        }
-
-        return 0;
-    }
-#endif /* BUILD_AESGCM || HAVE_AESCCM */
-
-#ifdef HAVE_CHACHA
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_chacha) {
-        if (enc) {
-            ret = Dtls13InitChaChaCipher(enc, encKey, ssl->specs.key_size,
-                ssl->heap);
-            if (ret != 0)
-                return ret;
-#ifdef WOLFSSL_DEBUG_TLS
-            WOLFSSL_MSG("Provisioning CHACHA Record Number enc key:");
-            WOLFSSL_BUFFER(encKey, ssl->specs.key_size);
-#endif /* WOLFSSL_DEBUG_TLS */
-        }
-
-        if (dec) {
-            ret = Dtls13InitChaChaCipher(dec, decKey, ssl->specs.key_size,
-                ssl->heap);
-            if (ret != 0)
-                return ret;
-#ifdef WOLFSSL_DEBUG_TLS
-            WOLFSSL_MSG("Provisioning CHACHA Record Number dec key:");
-            WOLFSSL_BUFFER(decKey, ssl->specs.key_size);
-#endif /* WOLFSSL_DEBUG_TLS */
-        }
-
-        return 0;
-    }
-#endif /* HAVE_CHACHA */
-
-#ifdef HAVE_NULL_CIPHER
-    if (ssl->specs.bulk_cipher_algorithm == wolfssl_cipher_null) {
-#ifdef WOLFSSL_DEBUG_TLS
-        WOLFSSL_MSG("Skipping Record Number key provisioning with null cipher");
-#endif /* WOLFSSL_DEBUG_TLS */
-        return 0;
-    }
-#endif /* HAVE_NULL_CIPHER */
-
-    return NOT_COMPILED_IN;
-}
-
-/* 64 bits epoch + 64 bits sequence */
-#define DTLS13_RN_SIZE 16
-
-static int Dtls13GetAckListLength(Dtls13RecordNumber* list, word16* length)
-{
-    int numberElements;
-
-    numberElements = 0;
-
-    /* TODO: check that we don't exceed the maximum length */
-
-    while (list != NULL) {
-        list = list->next;
-        numberElements++;
-    }
-
-    *length = (word16)(DTLS13_RN_SIZE * numberElements);
-    return 0;
-}
-
-int Dtls13WriteAckMessage(WOLFSSL* ssl,
-    Dtls13RecordNumber* recordNumberList, word32* length)
-{
-    word16 msgSz, headerLength;
-    byte *output, *ackMessage;
-    word32 sendSz;
-    int ret;
-
-    sendSz = 0;
-
-    if (ssl->dtls13EncryptEpoch == NULL)
-        return BAD_STATE_E;
-
-    if (w64IsZero(ssl->dtls13EncryptEpoch->epochNumber)) {
-        /* unprotected ACK */
-        headerLength = DTLS_RECORD_HEADER_SZ;
-    }
-    else {
-        headerLength = Dtls13GetRlHeaderLength(ssl, 1);
-        sendSz += MAX_MSG_EXTRA;
-    }
-
-    ret = Dtls13GetAckListLength(recordNumberList, &msgSz);
-    if (ret != 0)
-        return ret;
-
-    sendSz += headerLength;
-
-    /* ACK list 2 bytes length field */
-    sendSz += OPAQUE16_LEN;
-
-    /* ACK list */
-    sendSz += msgSz;
-
-    ret = CheckAvailableSize(ssl, sendSz);
-    if (ret != 0)
-        return ret;
-
-    output = GetOutputBuffer(ssl);
-
-    ackMessage = output + headerLength;
-
-    c16toa(msgSz, ackMessage);
-    ackMessage += OPAQUE16_LEN;
-
-    WOLFSSL_MSG("write ack records");
-
-    while (recordNumberList != NULL) {
-        WOLFSSL_MSG_EX("epoch %d seq %d", recordNumberList->epoch,
-                recordNumberList->seq);
-        c64toa(&recordNumberList->epoch, ackMessage);
-        ackMessage += OPAQUE64_LEN;
-        c64toa(&recordNumberList->seq, ackMessage);
-        ackMessage += OPAQUE64_LEN;
-        recordNumberList = recordNumberList->next;
-    }
-
-    *length = msgSz + OPAQUE16_LEN;
-
-    return 0;
-}
-
-static int Dtls13RtxIsTrackedByRn(const Dtls13RtxRecord* r, w64wrapper epoch,
-    w64wrapper seq)
-{
-    int i;
-    if (!w64Equal(r->epoch, epoch))
-        return 0;
-
-    for (i = 0; i < r->rnIdx; ++i) {
-        if (w64Equal(r->seq[i], seq))
-            return 1;
-    }
-
-    return 0;
-}
-
-static int Dtls13KeyUpdateAckReceived(WOLFSSL* ssl)
-{
-    int ret;
-
-    ret = DeriveTls13Keys(ssl, update_traffic_key, ENCRYPT_SIDE_ONLY, 1);
-    if (ret != 0)
-        return ret;
-
-    w64Increment(&ssl->dtls13Epoch);
-
-    /* Epoch wrapped up */
-    if (w64IsZero(ssl->dtls13Epoch))
-        return BAD_STATE_E;
-
-    return Dtls13SetEpochKeys(ssl, ssl->dtls13Epoch, ENCRYPT_SIDE_ONLY);
-}
-
-#ifdef WOLFSSL_DEBUG_TLS
-static void Dtls13PrintRtxRecord(Dtls13RtxRecord* r)
-{
-    int i;
-
-    WOLFSSL_MSG_EX("r: hs: %d epoch: %ld", r->handshakeType, r->epoch);
-    for (i = 0; i < r->rnIdx; i++)
-        WOLFSSL_MSG_EX("seq: %ld", r->seq[i]);
-}
-#endif /* WOLFSSL_DEBUG_TLS */
-
-static void Dtls13RtxRemoveRecord(WOLFSSL* ssl, w64wrapper epoch,
-    w64wrapper seq)
-{
-    Dtls13RtxRecord *r, **prevNext;
-
-    prevNext = &ssl->dtls13Rtx.rtxRecords;
-    r = ssl->dtls13Rtx.rtxRecords;
-
-    while (r != NULL) {
-#ifdef WOLFSSL_DEBUG_TLS
-        Dtls13PrintRtxRecord(r);
-#endif /* WOLFSSL_DEBUG_TLS */
-
-        if (Dtls13RtxIsTrackedByRn(r, epoch, seq)) {
-#ifdef WOLFSSL_DEBUG_TLS
-            WOLFSSL_MSG("removing record");
-#endif /* WOLFSSL_DEBUG_TLS */
-            Dtls13RtxRecordUnlink(ssl, prevNext, r);
-            Dtls13FreeRtxBufferRecord(ssl, r);
-            return;
-        }
-        prevNext = &r->next;
-        r = r->next;
-    }
-
-    return;
-}
-
-int Dtls13DoScheduledWork(WOLFSSL* ssl)
-{
-    int ret;
-    int sendAcks;
-
-    WOLFSSL_ENTER("Dtls13DoScheduledWork");
-
-    ssl->dtls13SendingAckOrRtx = 1;
-
-#ifdef WOLFSSL_RW_THREADED
-    ret = wc_LockMutex(&ssl->dtls13Rtx.mutex);
-    if (ret < 0)
-        return ret;
-#endif
-    sendAcks = ssl->dtls13Rtx.sendAcks;
-    if (sendAcks) {
-        ssl->dtls13Rtx.sendAcks = 0;
-    }
-#ifdef WOLFSSL_RW_THREADED
-    ret = wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
-#endif
-    if (sendAcks) {
-        ret = SendDtls13Ack(ssl);
-        if (ret != 0)
-            return ret;
-    }
-
-    if (ssl->dtls13Rtx.retransmit) {
-        ssl->dtls13Rtx.retransmit = 0;
-        ret = Dtls13RtxSendBuffered(ssl);
-        if (ret != 0)
-            return ret;
-    }
-
-    ssl->dtls13SendingAckOrRtx = 0;
-
-    if (ssl->dtls13DoKeyUpdate) {
-        ssl->dtls13DoKeyUpdate = 0;
-        ret = Tls13UpdateKeys(ssl);
-        if (ret != 0)
-            return ret;
-    }
-
-    return 0;
-}
-
-/* Send ACKs when available after a timeout but only retransmit the last
- * flight after a long timeout */
-int Dtls13RtxTimeout(WOLFSSL* ssl)
-{
-    int ret = 0;
-
-    /* We don't want to send acks until we have done version
-     * negotiation in the SH or have received a unified header in the
-     * DTLS record. */
-    if (ssl->dtls13Rtx.seenRecords != NULL &&
-            (ssl->options.serverState >= SERVER_HELLO_COMPLETE ||
-                    ssl->options.seenUnifiedHdr)) {
-        ssl->dtls13Rtx.sendAcks = 0;
-        /* reset fast timeout as we are sending ACKs */
-        ssl->dtls13FastTimeout = 0;
-        ret = SendDtls13Ack(ssl);
-        if (ret != 0)
-            return ret;
-    }
-
-    /* we have two timeouts, a shorter (dtls13FastTimeout = 1) and a longer
-       one. When the shorter expires we only send ACKs, as it normally means
-       that some messages we are waiting for don't arrive yet. But we
-       retransmit our buffered messages only if the longer timeout
-       expires. fastTimeout is 1/4 of the longer timeout */
-    if (ssl->dtls13FastTimeout) {
-        ssl->dtls13FastTimeout = 0;
-        return 0;
-    }
-
-    /* Increase timeout on long timeout */
-    if (DtlsMsgPoolTimeout(ssl) != 0)
-        return WOLFSSL_FATAL_ERROR;
-
-    return Dtls13RtxSendBuffered(ssl);
-}
-
-static int Dtls13RtxHasKeyUpdateBuffered(WOLFSSL* ssl)
-{
-    Dtls13RtxRecord* r = ssl->dtls13Rtx.rtxRecords;
-
-    while (r != NULL) {
-        if (r->handshakeType == key_update)
-            return 1;
-
-        r = r->next;
-    }
-
-    return 0;
-}
-
-int DoDtls13KeyUpdateAck(WOLFSSL* ssl)
-{
-    int ret = 0;
-
-    if (!Dtls13RtxHasKeyUpdateBuffered(ssl)) {
-        /* we removed the KeyUpdate message because it was ACKed */
-        ssl->dtls13WaitKeyUpdateAck = 0;
-        ret = Dtls13KeyUpdateAckReceived(ssl);
-    }
-
-    return ret;
-}
-
-int DoDtls13Ack(WOLFSSL* ssl, const byte* input, word32 inputSize,
-    word32* processedSize)
-{
-    const byte* ackMessage;
-    w64wrapper epoch, seq;
-    word16 length;
-#ifndef WOLFSSL_RW_THREADED
-    int ret;
-#endif
-    int i;
-
-    if (inputSize < OPAQUE16_LEN)
-        return BUFFER_ERROR;
-
-    ato16(input, &length);
-
-    if (inputSize < (word32)(OPAQUE16_LEN + length))
-        return BUFFER_ERROR;
-
-    if (length % (DTLS13_RN_SIZE) != 0)
-        return PARSE_ERROR;
-
-    WOLFSSL_MSG("read ack records");
-
-    ackMessage = input + OPAQUE16_LEN;
-    for (i = 0; i < length; i += DTLS13_RN_SIZE) {
-        ato64(ackMessage + i, &epoch);
-        ato64(ackMessage + i + OPAQUE64_LEN, &seq);
-        WOLFSSL_MSG_EX("epoch %d seq %d", epoch, seq);
-        Dtls13RtxRemoveRecord(ssl, epoch, seq);
-    }
-
-    /* last client flight was completely acknowledged by the server. Handshake
-       is complete. */
-    if (ssl->options.side == WOLFSSL_CLIENT_END &&
-        ssl->options.connectState == WAIT_FINISHED_ACK &&
-        ssl->dtls13Rtx.rtxRecords == NULL) {
-        ssl->options.serverState = SERVER_FINISHED_ACKED;
-    }
-
-#ifndef WOLFSSL_RW_THREADED
-    if (ssl->dtls13WaitKeyUpdateAck) {
-        ret = DoDtls13KeyUpdateAck(ssl);
-        if (ret != 0)
-            return ret;
-    }
-#endif
-
-    *processedSize = length + OPAQUE16_LEN;
-
-    /* After the handshake, not retransmitting here may incur in some extra time
-       in case a post-handshake authentication message is lost, because the ACK
-       mechanism does not shortcut the retransmission timer. If, on the other
-       hand, we retransmit we may do extra retransmissions of unrelated messages
-       in the queue. ex: we send KeyUpdate, CertificateRequest that are
-       unrelated between each other, receiving the ACK for the KeyUpdate will
-       trigger re-sending the CertificateRequest before the timeout.*/
-    /* TODO: be more smart about when doing retransmission looking in the
-       retransmission queue or based on the type of message removed from the
-       seen record list */
-    if (ssl->dtls13Rtx.rtxRecords != NULL)
-        ssl->dtls13Rtx.retransmit = 1;
-
-    return 0;
-}
-
-int SendDtls13Ack(WOLFSSL* ssl)
-{
-    word32 outputSize;
-    int headerSize;
-    word32 length;
-    byte* output;
-    int ret;
-
-    if (ssl->dtls13EncryptEpoch == NULL)
-        return BAD_STATE_E;
-
-    WOLFSSL_ENTER("SendDtls13Ack");
-
-    ret = 0;
-
-    /* The handshake is not complete and the client didn't setup the TRAFFIC0
-       epoch yet */
-    if (ssl->options.side == WOLFSSL_SERVER_END &&
-        !ssl->options.handShakeDone &&
-        w64GTE(ssl->dtls13Epoch, w64From32(0, DTLS13_EPOCH_TRAFFIC0))) {
-        ret = Dtls13SetEpochKeys(ssl, w64From32(0, DTLS13_EPOCH_HANDSHAKE),
-            ENCRYPT_SIDE_ONLY);
-    }
-    else if (!w64Equal(ssl->dtls13Epoch,
-                 ssl->dtls13EncryptEpoch->epochNumber)) {
-        ret = Dtls13SetEpochKeys(ssl, ssl->dtls13Epoch, ENCRYPT_SIDE_ONLY);
-    }
-
-    if (ret != 0)
-        return ret;
-
-#ifdef WOLFSSL_RW_THREADED
-    ret = wc_LockMutex(&ssl->dtls13Rtx.mutex);
-    if (ret < 0)
-        return ret;
-#endif
-    ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
-#ifdef WOLFSSL_RW_THREADED
-    wc_UnLockMutex(&ssl->dtls13Rtx.mutex);
-#endif
-        if (ret != 0)
-            return ret;
-
-    output = GetOutputBuffer(ssl);
-
-    if (w64IsZero(ssl->dtls13EncryptEpoch->epochNumber)) {
-        ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, (word16)length);
-        if (ret != 0)
-            return ret;
-
-        ssl->buffers.outputBuffer.length += length + DTLS_RECORD_HEADER_SZ;
-    }
-    else {
-        outputSize = ssl->buffers.outputBuffer.bufferSize -
-                     ssl->buffers.outputBuffer.idx -
-                     ssl->buffers.outputBuffer.length;
-
-        headerSize = Dtls13GetRlHeaderLength(ssl, 1);
-
-        ret = BuildTls13Message(ssl, output, outputSize, output + headerSize,
-            length, ack, 0, 0, 0);
-        if (ret < 0)
-            return ret;
-
-        ssl->buffers.outputBuffer.length += ret;
-    }
-
-    Dtls13RtxFlushAcks(ssl);
-
-    return SendBuffered(ssl);
-}
-
-static int Dtls13RtxRecordMatchesReqCtx(Dtls13RtxRecord* r, byte* ctx,
-    byte ctxLen)
-{
-    if (r->handshakeType != certificate_request)
-        return 0;
-    if (r->length <= ctxLen + 1)
-        return 0;
-    return XMEMCMP(ctx, r->data + 1, ctxLen) == 0;
-}
-
-int Dtls13RtxProcessingCertificate(WOLFSSL* ssl, byte* input, word32 inputSize)
-{
-    Dtls13RtxRecord* rtxRecord = ssl->dtls13Rtx.rtxRecords;
-    Dtls13RtxRecord** prevNext = &ssl->dtls13Rtx.rtxRecords;
-    byte ctxLength;
-
-    WOLFSSL_ENTER("Dtls13RtxProcessingCertificate");
-
-    if (inputSize <= 1) {
-        WOLFSSL_MSG("Malformed Certificate");
-        return BAD_FUNC_ARG;
-    }
-
-    ctxLength = *input;
-
-    if (inputSize < (word32)ctxLength + OPAQUE8_LEN) {
-        WOLFSSL_MSG("Malformed Certificate");
-        return BAD_FUNC_ARG;
-    }
-
-    while (rtxRecord != NULL) {
-        if (Dtls13RtxRecordMatchesReqCtx(rtxRecord, input + 1, ctxLength)) {
-            Dtls13RtxRecordUnlink(ssl, prevNext, rtxRecord);
-            Dtls13FreeRtxBufferRecord(ssl, rtxRecord);
-            return 0;
-        }
-        prevNext = &rtxRecord->next;
-        rtxRecord = rtxRecord->next;
-    }
-
-    /* This isn't an error since we just can't find a Dtls13RtxRecord that
-     * matches the Request Context. Request Context validity is checked
-     * later. */
-    WOLFSSL_MSG("Can't find any previous Certificate Request");
-    return 0;
-}
-
-int wolfSSL_dtls13_has_pending_msg(WOLFSSL* ssl)
-{
-    return ssl->dtls13Rtx.rtxRecords != NULL;
-}
-
-#ifndef WOLFSSL_TLS13_IGNORE_AEAD_LIMITS
-/* Limits specified by
- * https://www.rfc-editor.org/rfc/rfc9147.html#name-aead-limits
- * We specify the limit by which we need to do a key update as the halfway point
- * to the hard decryption fail limit. */
-int Dtls13CheckAEADFailLimit(WOLFSSL* ssl)
-{
-    w64wrapper keyUpdateLimit;
-    w64wrapper hardLimit;
-    switch (ssl->specs.bulk_cipher_algorithm) {
-#if defined(BUILD_AESGCM) || (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
-        case wolfssl_aes_gcm:
-        case wolfssl_chacha:
-            hardLimit = DTLS_AEAD_AES_GCM_CHACHA_FAIL_LIMIT;
-            keyUpdateLimit = DTLS_AEAD_AES_GCM_CHACHA_FAIL_KU_LIMIT;
-            break;
-#endif
-#ifdef HAVE_AESCCM
-        case wolfssl_aes_ccm:
-            if (ssl->specs.aead_mac_size == AES_CCM_8_AUTH_SZ) {
-                /* Limit is 2^7. The RFC recommends that
-                 * "TLS_AES_128_CCM_8_SHA256 is not suitable for general use".
-                 * We still should enforce the limit. */
-                hardLimit = DTLS_AEAD_AES_CCM_8_FAIL_LIMIT;
-                keyUpdateLimit = DTLS_AEAD_AES_CCM_8_FAIL_KU_LIMIT;
-            }
-            else {
-                /* Limit is 2^23.5.
-                 * Without the fraction is 11863283 (0x00B504F3)
-                 * Half of this value is    5931641 (0x005A8279) */
-                hardLimit = DTLS_AEAD_AES_CCM_FAIL_LIMIT;
-                keyUpdateLimit = DTLS_AEAD_AES_CCM_FAIL_KU_LIMIT;
-            }
-            break;
-#endif
-        case wolfssl_cipher_null:
-            /* No encryption being done. The MAC check must have failed. */
-            return 0;
-        default:
-            WOLFSSL_MSG("Unrecognized ciphersuite for AEAD limit check");
-            WOLFSSL_ERROR_VERBOSE(DECRYPT_ERROR);
-            return DECRYPT_ERROR;
-    }
-    if (ssl->dtls13DecryptEpoch == NULL) {
-        WOLFSSL_MSG("Dtls13CheckAEADFailLimit: ssl->dtls13DecryptEpoch should "
-                    "not be NULL");
-        WOLFSSL_ERROR_VERBOSE(BAD_STATE_E);
-        return BAD_STATE_E;
-    }
-    w64Increment(&ssl->dtls13DecryptEpoch->dropCount);
-    if (w64GT(ssl->dtls13DecryptEpoch->dropCount, hardLimit)) {
-        /* We have reached the hard limit for failed decryptions. */
-        WOLFSSL_MSG("Connection exceeded hard AEAD limit");
-        WOLFSSL_ERROR_VERBOSE(DECRYPT_ERROR);
-        return DECRYPT_ERROR;
-    }
-    else if (w64GT(ssl->dtls13DecryptEpoch->dropCount, keyUpdateLimit)) {
-        WOLFSSL_MSG("Connection exceeded key update limit. Issuing key update");
-        /* If not waiting for a response then request a key update. */
-        if (!ssl->keys.updateResponseReq) {
-            ssl->dtls13DoKeyUpdate = 1;
-            ssl->dtls13InvalidateBefore = ssl->dtls13PeerEpoch;
-            w64Increment(&ssl->dtls13InvalidateBefore);
-        }
-    }
-    return 0;
-}
-#endif
-
-#ifdef WOLFSSL_DTLS_CH_FRAG
-int wolfSSL_dtls13_allow_ch_frag(WOLFSSL *ssl, int enabled)
-{
-    if (ssl->options.side == WOLFSSL_CLIENT_END) {
-        return WOLFSSL_FAILURE;
-    }
-    ssl->options.dtls13ChFrag = !!enabled;
-    return WOLFSSL_SUCCESS;
-}
-#endif
-
-#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
-int wolfSSL_dtls13_no_hrr_on_resume(WOLFSSL *ssl, int enabled)
-{
-    if (ssl->options.side == WOLFSSL_CLIENT_END) {
-        return WOLFSSL_FAILURE;
-    }
-    ssl->options.dtls13NoHrrOnResume = !!enabled;
-    return WOLFSSL_SUCCESS;
-}
-#endif
-
-#endif /* WOLFSSL_DTLS13 */
diff --git a/src/ssl/wolfssl/ocsp.c b/src/ssl/wolfssl/ocsp.c
deleted file mode 100644
index 2348af7df..000000000
--- a/src/ssl/wolfssl/ocsp.c
+++ /dev/null
@@ -1,2132 +0,0 @@
-/* ocsp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-  /* Name change compatibility layer no longer needs to be included here */
-
-/*
- * WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK:
- *     Disable looking for an authorized responder in the verification path of
- *     the issuer. This will make the authorized responder only look at the
- *     OCSP response signer and direct issuer.
- */
-
-#ifndef WOLFCRYPT_ONLY
-#ifdef HAVE_OCSP
-
-#include <wolfssl/error-ssl.h>
-#include <wolfssl/ocsp.h>
-#include <wolfssl/internal.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/* Allocates and initializes a WOLFSSL_OCSP object. Returns pointer on success, NULL on failure. */
-WOLFSSL_OCSP* wc_NewOCSP(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_OCSP* ocsp = NULL;
-    ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm ? cm->heap : NULL, DYNAMIC_TYPE_OCSP);
-    if (ocsp == NULL)
-        return NULL;
-    if (InitOCSP(ocsp, cm) != 0) {
-        XFREE(ocsp, cm ? cm->heap : NULL, DYNAMIC_TYPE_OCSP);
-        return NULL;
-    }
-    return ocsp;
-}
-
-/* Frees a WOLFSSL_OCSP object allocated by wc_NewOCSP. */
-void wc_FreeOCSP(WOLFSSL_OCSP* ocsp)
-{
-    if (ocsp) {
-        FreeOCSP(ocsp, 1);
-    }
-}
-
-int wc_CheckCertOcspResponse(WOLFSSL_OCSP *ocsp, DecodedCert *cert,
-        byte *response, int responseSz, void* heap)
-{
-    int ret = WC_NO_ERR_TRACE(ASN_OCSP_CONFIRM_E);
-
-#ifdef WOLFSSL_SMALL_STACK
-    OcspRequest* ocspRequest;
-#else
-    OcspRequest ocspRequest[1];
-#endif
-
-
-#ifdef WOLFSSL_SMALL_STACK
-    ocspRequest = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-    if (ocspRequest == NULL) {
-        WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
-        return MEMORY_E;
-    }
-#endif
-
-    if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce,
-                                                         ocsp->cm->heap) == 0) {
-        ret = CheckOcspResponse(ocsp, response, responseSz, NULL, NULL, NULL,
-                ocspRequest, heap);
-        FreeOcspRequest(ocspRequest);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(ocspRequest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    WOLFSSL_LEAVE("CheckCertOCSP", ret);
-    return ret;
-}
-
-int InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("InitOCSP");
-
-    ForceZero(ocsp, sizeof(WOLFSSL_OCSP));
-
-    if (wc_InitMutex(&ocsp->ocspLock) != 0)
-        return BAD_MUTEX_E;
-
-    ocsp->cm = cm;
-
-    return 0;
-}
-
-
-static int InitOcspEntry(OcspEntry* entry, OcspRequest* request)
-{
-    WOLFSSL_ENTER("InitOcspEntry");
-
-    ForceZero(entry, sizeof(OcspEntry));
-
-    XMEMCPY(entry->issuerHash,    request->issuerHash,    OCSP_DIGEST_SIZE);
-    XMEMCPY(entry->issuerKeyHash, request->issuerKeyHash, OCSP_DIGEST_SIZE);
-
-    return 0;
-}
-
-
-static void FreeOcspEntry(OcspEntry* entry, void* heap)
-{
-    CertStatus *status, *next;
-
-    if (entry == NULL || !entry->ownStatus)
-        return;
-
-    WOLFSSL_ENTER("FreeOcspEntry");
-
-    for (status = entry->status; status; status = next) {
-        next = status->next;
-
-        XFREE(status->rawOcspResponse, heap, DYNAMIC_TYPE_OCSP_STATUS);
-
-#ifdef OPENSSL_EXTRA
-        if (status->serialInt) {
-            if (status->serialInt->isDynamic) {
-                XFREE(status->serialInt->data, NULL, DYNAMIC_TYPE_OPENSSL);
-            }
-            XFREE(status->serialInt, NULL, DYNAMIC_TYPE_OPENSSL);
-        }
-        status->serialInt = NULL;
-#endif
-
-        XFREE(status, heap, DYNAMIC_TYPE_OCSP_STATUS);
-    }
-
-    (void)heap;
-}
-
-
-void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic)
-{
-    OcspEntry *entry, *next;
-
-    WOLFSSL_ENTER("FreeOCSP");
-
-    for (entry = ocsp->ocspList; entry; entry = next) {
-        next = entry->next;
-        FreeOcspEntry(entry, ocsp->cm->heap);
-        XFREE(entry, ocsp->cm->heap, DYNAMIC_TYPE_OCSP_ENTRY);
-    }
-
-    wc_FreeMutex(&ocsp->ocspLock);
-
-    if (dynamic)
-        XFREE(ocsp, ocsp->cm->heap, DYNAMIC_TYPE_OCSP);
-
-}
-
-
-static int xstat2err(int st)
-{
-    switch (st) {
-        case CERT_GOOD:
-            return 0;
-        case CERT_REVOKED:
-            return OCSP_CERT_REVOKED;
-        default:
-            return OCSP_CERT_UNKNOWN;
-    }
-}
-
-int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, WOLFSSL* ssl)
-{
-    int ret = WC_NO_ERR_TRACE(OCSP_LOOKUP_FAIL);
-
-    WC_DECLARE_VAR(ocspRequest, OcspRequest, 1, 0);
-
-    WOLFSSL_ENTER("CheckCertOCSP");
-
-
-#ifdef WOLFSSL_SMALL_STACK
-    ocspRequest = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-    if (ocspRequest == NULL) {
-        WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
-        return MEMORY_E;
-    }
-#endif
-
-    if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce,
-                                                         ocsp->cm->heap) == 0) {
-        ocspRequest->ssl = ssl;
-        ret = CheckOcspRequest(ocsp, ocspRequest, NULL, NULL);
-
-        FreeOcspRequest(ocspRequest);
-    }
-
-    WC_FREE_VAR_EX(ocspRequest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    WOLFSSL_LEAVE("CheckCertOCSP", ret);
-    return ret;
-}
-int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
-{
-    return CheckCertOCSP_ex(ocsp, cert, NULL);
-}
-
-static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
-                                                              OcspEntry** entry)
-{
-    WOLFSSL_ENTER("GetOcspEntry");
-
-    *entry = NULL;
-
-    if (wc_LockMutex(&ocsp->ocspLock) != 0) {
-        WOLFSSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E);
-        return BAD_MUTEX_E;
-    }
-
-    for (*entry = ocsp->ocspList; *entry; *entry = (*entry)->next)
-        if (XMEMCMP((*entry)->issuerHash,    request->issuerHash,
-                                                         OCSP_DIGEST_SIZE) == 0
-        &&  XMEMCMP((*entry)->issuerKeyHash, request->issuerKeyHash,
-                                                         OCSP_DIGEST_SIZE) == 0)
-            break;
-
-    if (*entry == NULL) {
-        *entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry),
-                                       ocsp->cm->heap, DYNAMIC_TYPE_OCSP_ENTRY);
-        if (*entry) {
-            InitOcspEntry(*entry, request);
-            (*entry)->next = ocsp->ocspList;
-            ocsp->ocspList = *entry;
-        }
-    }
-
-    wc_UnLockMutex(&ocsp->ocspLock);
-
-    return *entry ? 0 : MEMORY_ERROR;
-}
-
-
-/* Mallocs responseBuffer->buffer and is up to caller to free on success
- *
- * Returns OCSP status
- */
-static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
-                  OcspEntry* entry, CertStatus** status, buffer* responseBuffer,
-                  void* heap)
-{
-    int ret = WC_NO_ERR_TRACE(OCSP_INVALID_STATUS);
-
-    WOLFSSL_ENTER("GetOcspStatus");
-
-    (void)heap;
-    *status = NULL;
-
-    if (wc_LockMutex(&ocsp->ocspLock) != 0) {
-        WOLFSSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E);
-        return BAD_MUTEX_E;
-    }
-
-    for (*status = entry->status; *status; *status = (*status)->next)
-        if ((*status)->serialSz == request->serialSz
-        &&  !XMEMCMP((*status)->serial, request->serial, (size_t)(*status)->serialSz))
-            break;
-
-    if (responseBuffer && *status && !(*status)->rawOcspResponse) {
-        /* force fetching again */
-        ret = OCSP_INVALID_STATUS;
-    }
-    else if (*status) {
-#ifndef NO_ASN_TIME
-        if (XVALIDATE_DATE((*status)->thisDate,
-                                         (*status)->thisDateFormat, ASN_BEFORE)
-        &&  ((*status)->nextDate[0] != 0)
-        &&  XVALIDATE_DATE((*status)->nextDate,
-                                         (*status)->nextDateFormat, ASN_AFTER))
-#endif
-        {
-            ret = xstat2err((*status)->status);
-
-            if (responseBuffer) {
-                responseBuffer->buffer = (byte*)XMALLOC(
-                   (*status)->rawOcspResponseSz, heap,
-                   DYNAMIC_TYPE_TMP_BUFFER);
-
-                if (responseBuffer->buffer) {
-                    responseBuffer->length = (*status)->rawOcspResponseSz;
-                    XMEMCPY(responseBuffer->buffer,
-                            (*status)->rawOcspResponse,
-                            (*status)->rawOcspResponseSz);
-                }
-            }
-        }
-    }
-
-    wc_UnLockMutex(&ocsp->ocspLock);
-
-    return ret;
-}
-
-/* Check that the response for validity. Store result in status.
- *
- * ocsp           Context object for OCSP status.
- * response       OCSP response message data.
- * responseSz     Length of OCSP response message data.
- * responseBuffer Buffer object to return the response with.
- * status         The certificate status object.
- * entry          The OCSP entry for this certificate.
- * ocspRequest    Request corresponding to response.
- * heap           Heap hint used for responseBuffer
- * returns OCSP_LOOKUP_FAIL when the response is bad and 0 otherwise.
- */
-int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
-                      WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
-                      OcspEntry *entry, OcspRequest *ocspRequest, void* heap)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    CertStatus*   newStatus;
-    OcspEntry*    newSingle;
-    OcspResponse* ocspResponse;
-#else
-    CertStatus    newStatus[1];
-    OcspEntry     newSingle[1];
-    OcspResponse  ocspResponse[1];
-#endif
-    int           ret;
-    int           validated      = 0;    /* ocsp validation flag */
-
-    (void)heap;
-
-#ifdef WOLFSSL_SMALL_STACK
-    newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
-                                                       DYNAMIC_TYPE_OCSP_STATUS);
-    newSingle = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
-                                                       DYNAMIC_TYPE_OCSP_ENTRY);
-    ocspResponse = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
-                                                       DYNAMIC_TYPE_OCSP_REQUEST);
-
-    if (newStatus == NULL || newSingle == NULL || ocspResponse == NULL) {
-        XFREE(newStatus, NULL, DYNAMIC_TYPE_OCSP_STATUS);
-        XFREE(newSingle, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
-        XFREE(ocspResponse, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
-
-        WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
-        return MEMORY_E;
-    }
-#endif
-    InitOcspResponse(ocspResponse, newSingle, newStatus, response,
-                     (word32)responseSz, ocsp->cm->heap);
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-    if (ocspRequest != NULL && ocspRequest->ssl != NULL &&
-           TLSX_CSR2_IsMulti(((WOLFSSL*)ocspRequest->ssl)->extensions)) {
-        ocspResponse->pendingCAs = TLSX_CSR2_GetPendingSigners(((WOLFSSL*)ocspRequest->ssl)->extensions);
-    }
-#endif
-    ret = OcspResponseDecode(ocspResponse, ocsp->cm, ocsp->cm->heap, 0, 0);
-    if (ret != 0) {
-        ocsp->error = ret;
-        WOLFSSL_LEAVE("OcspResponseDecode failed", ocsp->error);
-        goto end;
-    }
-
-    if (ocspResponse->responseStatus != OCSP_SUCCESSFUL) {
-        WOLFSSL_MSG("OcspResponse status bad");
-        goto end;
-    }
-    if (ocspRequest != NULL) {
-        /* Has the chance to bubble up response changing ocspResponse->single to
-           no longer be pointing at newSingle */
-        ret = CompareOcspReqResp(ocspRequest, ocspResponse);
-        if (ret != 0) {
-            goto end;
-        }
-    }
-
-    if (responseBuffer) {
-        responseBuffer->buffer = (byte*)XMALLOC((size_t)responseSz, heap,
-                                                DYNAMIC_TYPE_TMP_BUFFER);
-
-        if (responseBuffer->buffer) {
-            responseBuffer->length = (unsigned int)responseSz;
-            XMEMCPY(responseBuffer->buffer, response, (size_t)responseSz);
-        }
-    }
-
-    ret = xstat2err(ocspResponse->single->status->status);
-    if (ret == 0) {
-        validated = 1;
-    }
-
-    if (wc_LockMutex(&ocsp->ocspLock) != 0) {
-        ret = BAD_MUTEX_E;
-        goto end;
-    }
-
-    if (status != NULL) {
-        XFREE(status->rawOcspResponse, ocsp->cm->heap, DYNAMIC_TYPE_OCSP_STATUS);
-
-        /* Replace existing certificate entry with updated */
-        ocspResponse->single->status->next = status->next;
-        XMEMCPY(status, ocspResponse->single->status, sizeof(CertStatus));
-    }
-    else if (entry != NULL) {
-        /* Save new certificate entry */
-        status = (CertStatus*)XMALLOC(sizeof(CertStatus),
-                                      ocsp->cm->heap, DYNAMIC_TYPE_OCSP_STATUS);
-        if (status != NULL) {
-            XMEMCPY(status, ocspResponse->single->status, sizeof(CertStatus));
-            status->next  = entry->status;
-            entry->status = status;
-            entry->ownStatus = 1;
-            entry->totalStatus++;
-        }
-    }
-
-    if (status && responseBuffer && responseBuffer->buffer) {
-        status->rawOcspResponse = (byte*)XMALLOC(responseBuffer->length,
-                                                 ocsp->cm->heap,
-                                                 DYNAMIC_TYPE_OCSP_STATUS);
-
-        if (status->rawOcspResponse) {
-            status->rawOcspResponseSz = responseBuffer->length;
-            XMEMCPY(status->rawOcspResponse, responseBuffer->buffer,
-                    responseBuffer->length);
-        }
-    }
-
-    wc_UnLockMutex(&ocsp->ocspLock);
-
-end:
-    if (ret == 0 && validated == 1) {
-        WOLFSSL_MSG("New OcspResponse validated");
-    }
-    else if (ret == WC_NO_ERR_TRACE(OCSP_CERT_REVOKED)) {
-        WOLFSSL_MSG("OCSP revoked");
-    }
-    else if (ret == WC_NO_ERR_TRACE(OCSP_CERT_UNKNOWN)) {
-        WOLFSSL_MSG("OCSP unknown");
-    }
-    else {
-        WOLFSSL_MSG("OCSP lookup failure");
-        ret = OCSP_LOOKUP_FAIL;
-    }
-
-    FreeOcspResponse(ocspResponse);
-    WC_FREE_VAR_EX(newStatus, NULL, DYNAMIC_TYPE_OCSP_STATUS);
-    WC_FREE_VAR_EX(newSingle, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
-    WC_FREE_VAR_EX(ocspResponse, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
-    return ret;
-}
-
-/* 0 on success */
-/* allow user to override the maximum request size at build-time */
-#ifndef OCSP_MAX_REQUEST_SZ
-#define OCSP_MAX_REQUEST_SZ 2048
-#endif
-int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
-                     buffer* responseBuffer, void* heap)
-{
-    OcspEntry*  entry          = NULL;
-    CertStatus* status         = NULL;
-    byte*       request        = NULL;
-    int         requestSz      = OCSP_MAX_REQUEST_SZ;
-    int         responseSz     = 0;
-    byte*       response       = NULL;
-    const char* url            = NULL;
-    int         urlSz          = 0;
-    int         ret            = -1;
-    WOLFSSL*    ssl;
-    void*       ioCtx;
-
-    WOLFSSL_ENTER("CheckOcspRequest");
-
-    if (ocsp == NULL || ocspRequest == NULL)
-        return BAD_FUNC_ARG;
-
-    if (responseBuffer) {
-        responseBuffer->buffer = NULL;
-        responseBuffer->length = 0;
-    }
-
-    ret = GetOcspEntry(ocsp, ocspRequest, &entry);
-    if (ret != 0)
-        return ret;
-
-    ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer,
-                        heap);
-    if (ret != WC_NO_ERR_TRACE(OCSP_INVALID_STATUS))
-        return ret;
-
-    if (responseBuffer) {
-        XFREE(responseBuffer->buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        responseBuffer->buffer = NULL;
-    }
-
-    /* get SSL and IOCtx */
-    ssl = (WOLFSSL*)ocspRequest->ssl;
-    ioCtx = (ssl && ssl->ocspIOCtx != NULL) ?
-                                        ssl->ocspIOCtx : ocsp->cm->ocspIOCtx;
-
-    if (ocsp->cm->ocspUseOverrideURL) {
-        url = ocsp->cm->ocspOverrideURL;
-        if (url != NULL && url[0] != '\0')
-            urlSz = (int)XSTRLEN(url);
-        else
-            return OCSP_NEED_URL;
-    }
-    else if (ocspRequest->urlSz != 0 && ocspRequest->url != NULL) {
-        url = (const char *)ocspRequest->url;
-        urlSz = ocspRequest->urlSz;
-    }
-    else {
-        /* cert doesn't have extAuthInfo, assuming CERT_GOOD */
-        WOLFSSL_MSG("Cert has no OCSP URL, assuming CERT_GOOD");
-        return 0;
-    }
-
-    request = (byte*)XMALLOC((size_t)requestSz, ocsp->cm->heap, DYNAMIC_TYPE_OCSP);
-    if (request == NULL) {
-        WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
-        return MEMORY_ERROR;
-    }
-
-    requestSz = EncodeOcspRequest(ocspRequest, request, (word32)requestSz);
-    if (requestSz > 0 && ocsp->cm->ocspIOCb) {
-        responseSz = ocsp->cm->ocspIOCb(ioCtx, url, urlSz,
-                                        request, requestSz, &response);
-    }
-    if (responseSz == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ)) {
-        ret = OCSP_WANT_READ;
-    }
-    else if (responseSz == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_TIMEOUT)){
-        ret = HTTP_TIMEOUT;
-    }
-
-    XFREE(request, ocsp->cm->heap, DYNAMIC_TYPE_OCSP);
-
-    if (responseSz >= 0 && response) {
-        ret = CheckOcspResponse(ocsp, response, responseSz, responseBuffer, status,
-                            entry, ocspRequest, heap);
-    }
-
-    if (response != NULL && ocsp->cm->ocspRespFreeCb)
-        ocsp->cm->ocspRespFreeCb(ioCtx, response);
-
-    /* Keep responseBuffer in the case of getting to response check. Caller
-     * should free responseBuffer after checking OCSP return value in "ret" */
-    WOLFSSL_LEAVE("CheckOcspRequest", ret);
-    return ret;
-}
-
-#ifndef WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
-static int CheckOcspResponderChain(OcspEntry* single, DecodedCert *cert,
-        void* vp, Signer* pendingCAs) {
-    /* Attempt to build a chain up to cert's issuer */
-    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
-    Signer* ca = NULL;
-    Signer* prev = NULL;
-    int passed = 0;
-
-    /*
-     *       Relation between certs:
-     *                 CA
-     *        /                 \
-     *  intermediate(s)   cert in OCSP response
-     *        |           with OCSP key usage ext
-     *  issuer of cert
-     *  in OCSP request
-     */
-
-    /* End loop if no more issuers found or if we have found a self
-     * signed cert (ca == prev) */
-    ca = GetCAByName(cm, single->issuerHash);
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-    if (ca == NULL && pendingCAs != NULL) {
-        ca = findSignerByName(pendingCAs, single->issuerHash);
-    }
-#else
-    (void)pendingCAs;
-#endif
-    for (; ca != NULL && ca != prev;
-            prev = ca) {
-        if (XMEMCMP(cert->issuerHash, ca->issuerNameHash,
-                OCSP_DIGEST_SIZE) == 0) {
-            WOLFSSL_MSG("\tOCSP Response signed by authorized "
-                    "responder delegated by issuer "
-                    "(found in chain)");
-            passed = 1;
-            break;
-        }
-        ca = GetCAByName(cm, ca->issuerNameHash);
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-        if (ca == NULL && pendingCAs != NULL) {
-            ca = findSignerByName(pendingCAs, single->issuerHash);
-        }
-#endif
-    }
-    return passed;
-}
-#endif
-
-/**
- * Enforce https://www.rfc-editor.org/rfc/rfc6960#section-4.2.2.2
- * @param bs   The basic response to verify
- * @param cert The decoded bs->cert
- * @return
- */
-int CheckOcspResponder(OcspResponse *bs, DecodedCert *cert, void* vp)
-{
-    int ret = 0;
-    OcspEntry* single;
-
-    /* Both evaluate to enum values so can't use a pre-processor check */
-    WOLFSSL_ASSERT_EQ(OCSP_DIGEST_SIZE, SIGNER_DIGEST_SIZE);
-
-    (void)vp;
-
-    WOLFSSL_ENTER("CheckOcspResponder");
-
-    /* In the future if this API is used more then it could be beneficial to
-     * implement calling InitDecodedCert and ParseCertRelative here
-     * automatically when cert == NULL. */
-    if (bs == NULL || cert == NULL)
-        return BAD_FUNC_ARG;
-
-    /* Traverse the list and check that the cert has the authority to provide
-     * an OCSP response for each entry. */
-    for (single = bs->single; single != NULL; single = single->next) {
-        int passed = 0;
-
-        if (XMEMCMP(cert->subjectHash, single->issuerHash, OCSP_DIGEST_SIZE)
-                == 0) {
-            WOLFSSL_MSG("\tOCSP Response signed by issuer");
-            passed = 1;
-        }
-        else if ((cert->extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) != 0) {
-            if (XMEMCMP(cert->issuerHash, single->issuerHash,
-                        OCSP_DIGEST_SIZE) == 0) {
-                WOLFSSL_MSG("\tOCSP Response signed by authorized responder "
-                            "delegated by issuer");
-                passed = 1;
-            }
-#ifndef WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
-            else if (vp != NULL) {
-                passed = CheckOcspResponderChain(single, cert, vp, bs->pendingCAs);
-            }
-#endif
-        }
-
-        if (!passed) {
-            WOLFSSL_MSG("\tOCSP Responder not authorized");
-            ret = BAD_OCSP_RESPONDER;
-            break;
-        }
-    }
-    return ret;
-}
-
-
-/* compatibility layer OCSP functions */
-#ifdef OPENSSL_EXTRA
-int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
-    WOLFSSL_OCSP_CERTID* id, int* status, int* reason,
-    WOLFSSL_ASN1_TIME** revtime, WOLFSSL_ASN1_TIME** thisupd,
-    WOLFSSL_ASN1_TIME** nextupd)
-{
-    WOLFSSL_OCSP_SINGLERESP* single;
-
-    if (bs == NULL || id == NULL)
-        return WOLFSSL_FAILURE;
-
-    single = bs->single;
-    while (single != NULL) {
-        if ((XMEMCMP(single->status->serial, id->status->serial, (size_t)single->status->serialSz) == 0)
-         && (XMEMCMP(single->issuerHash, id->issuerHash, OCSP_DIGEST_SIZE) == 0)
-         && (XMEMCMP(single->issuerKeyHash, id->issuerKeyHash, OCSP_DIGEST_SIZE) == 0)) {
-            break;
-        }
-        single = single->next;
-    }
-
-    if (single == NULL)
-        return WOLFSSL_FAILURE;
-
-    if (status != NULL)
-        *status = single->status->status;
-#ifdef WOLFSSL_OCSP_PARSE_STATUS
-    if (thisupd != NULL)
-        *thisupd = &single->status->thisDateParsed;
-    if (nextupd != NULL)
-        *nextupd = &single->status->nextDateParsed;
-#else
-    if (thisupd != NULL)
-        *thisupd = NULL;
-    if (nextupd != NULL)
-        *nextupd = NULL;
-#endif
-
-    /* TODO: Not needed for Nginx or httpd */
-    if (reason != NULL)
-        *reason = 0;
-    if (revtime != NULL)
-        *revtime = NULL;
-
-    return WOLFSSL_SUCCESS;
-}
-
-const char *wolfSSL_OCSP_cert_status_str(long s)
-{
-    switch (s) {
-        case CERT_GOOD:
-            return "good";
-        case CERT_REVOKED:
-            return "revoked";
-        case CERT_UNKNOWN:
-            return "unknown";
-        default:
-            return "(UNKNOWN)";
-    }
-}
-
-int wolfSSL_OCSP_check_validity(WOLFSSL_ASN1_TIME* thisupd,
-    WOLFSSL_ASN1_TIME* nextupd, long sec, long maxsec)
-{
-    (void)thisupd;
-    (void)nextupd;
-    (void)sec;
-    (void)maxsec;
-    /* Dates validated in DecodeSingleResponse. */
-    return WOLFSSL_SUCCESS;
-}
-
-void wolfSSL_OCSP_CERTID_free(WOLFSSL_OCSP_CERTID* certId)
-{
-    FreeOcspEntry(certId, NULL);
-    XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
-}
-
-WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
-    const WOLFSSL_EVP_MD *dgst, const WOLFSSL_X509 *subject,
-    const WOLFSSL_X509 *issuer)
-{
-    WOLFSSL_OCSP_CERTID* certId = NULL;
-    CertStatus* certStatus = NULL;
-    WOLFSSL_CERT_MANAGER* cm = NULL;
-    int ret = -1;
-    DerBuffer* derCert = NULL;
-    int dgstType;
-    WC_DECLARE_VAR(cert, DecodedCert, 1, 0);
-
-    if (dgst == NULL) {
-        dgstType = WC_HASH_TYPE_SHA;
-    }
-    else if (wolfSSL_EVP_get_hashinfo(dgst, &dgstType, NULL) !=
-             WOLFSSL_SUCCESS) {
-        return NULL;
-    }
-
-    if (dgstType != OCSP_DIGEST)
-        return NULL;
-
-    cm = wolfSSL_CertManagerNew();
-    if (cm == NULL
-            || subject == NULL || subject->derCert == NULL
-            || issuer  == NULL || issuer->derCert  == NULL)
-        goto out;
-
-    WC_ALLOC_VAR_EX(cert, DecodedCert, 1, cm->heap, DYNAMIC_TYPE_DCERT,
-        goto out);
-
-    ret = AllocDer(&derCert, issuer->derCert->length,
-        issuer->derCert->type, NULL);
-    if (ret == 0) {
-        /* AddCA() frees the buffer. */
-        XMEMCPY(derCert->buffer, issuer->derCert->buffer,
-                issuer->derCert->length);
-        ret = AddCA(cm, &derCert, WOLFSSL_USER_CA, 1);
-        if (ret != WOLFSSL_SUCCESS) {
-            goto out;
-        }
-        derCert = NULL;
-    }
-
-    ret = -1;
-
-    certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID),
-                                           cm->heap, DYNAMIC_TYPE_OPENSSL);
-    if (certId == NULL)
-        goto out;
-
-    certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), cm->heap,
-                                           DYNAMIC_TYPE_OPENSSL);
-    if (certStatus == NULL)
-        goto out;
-
-    XMEMSET(certId, 0, sizeof(WOLFSSL_OCSP_CERTID));
-    XMEMSET(certStatus, 0, sizeof(CertStatus));
-
-    certId->status = certStatus;
-    certId->ownStatus = 1;
-
-    InitDecodedCert(cert, subject->derCert->buffer,
-                    subject->derCert->length, NULL);
-    if (ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm, NULL) != 0) {
-        FreeDecodedCert(cert);
-        goto out;
-    }
-    else {
-        certId->hashAlgoOID = wc_HashGetOID(OCSP_DIGEST);
-        XMEMCPY(certId->issuerHash, cert->issuerHash, OCSP_DIGEST_SIZE);
-        XMEMCPY(certId->issuerKeyHash, cert->issuerKeyHash, OCSP_DIGEST_SIZE);
-        XMEMCPY(certId->status->serial, cert->serial, (size_t)cert->serialSz);
-        certId->status->serialSz = cert->serialSz;
-        FreeDecodedCert(cert);
-    }
-
-    ret = 0;
-
-out:
-
-    if (ret != 0) {
-        if (derCert != NULL)
-            FreeDer(&derCert);
-        if (cm != NULL) {
-            XFREE(certId, cm->heap, DYNAMIC_TYPE_OPENSSL);
-            certId = NULL;
-            XFREE(certStatus, cm->heap, DYNAMIC_TYPE_OPENSSL);
-        }
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (cm != NULL)
-        XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-#endif
-
-    if (cm != NULL)
-        wolfSSL_CertManagerFree(cm);
-
-    return certId;
-}
-
-void wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP* basicResponse)
-{
-    wolfSSL_OCSP_RESPONSE_free(basicResponse);
-}
-
-/* Calculate ancode CertID DER encoding following RFC 6960:
-   CertID ::= SEQUENCE {
-       hashAlgorithm       AlgorithmIdentifier,
-       issuerNameHash      OCTET STRING,
-       issuerKeyHash       OCTET STRING,
-       serialNumber        CertificateSerialNumber }
-*/
-static int OcspEncodeCertID(WOLFSSL_OCSP_CERTID* id, byte* output,
-    word32* totalSz, word32* intSize)
-{
-    word32 idx = 0;
-    int ret;
-
-    if (id == NULL || totalSz == NULL || intSize == NULL ||
-        (output != NULL && (*totalSz == 0 || *totalSz <= *intSize)))
-        return BAD_FUNC_ARG;
-
-    if (output != NULL) {
-        ret = SetSequence(*intSize, output);
-        if (ret < 0)
-            return ret;
-        idx += ret;
-    }
-
-    ret = SetAlgoID(id->hashAlgoOID, ((output != NULL) ? output + idx : output),
-        oidHashType, 0);
-    if (ret <= 0)
-        return -1;
-    idx += ret;
-
-    /* issuerNameHash */
-    ret = SetOctetString(OCSP_DIGEST_SIZE, ((output != NULL) ? output + idx : output));
-    if (ret < 0)
-        return ret;
-    idx += ret;
-    if (output != NULL)
-        XMEMCPY(output + idx, id->issuerHash, OCSP_DIGEST_SIZE);
-    idx += OCSP_DIGEST_SIZE;
-
-    /* issuerKeyHash */
-    ret = SetOctetString(OCSP_DIGEST_SIZE, ((output != NULL) ? output + idx : output));
-    if (ret < 0)
-        return ret;
-    idx += ret;
-    if (output != NULL)
-        XMEMCPY(output + idx, id->issuerKeyHash, OCSP_DIGEST_SIZE);
-    idx += OCSP_DIGEST_SIZE;
-
-    /* serialNumber */
-    ret = SetASNInt(id->status->serialSz, id->status->serial[0], ((output != NULL) ? output + idx : output));
-    if (ret < 0)
-        return ret;
-    idx += ret;
-    if (output != NULL)
-        XMEMCPY(output + idx, id->status->serial, id->status->serialSz);
-    idx += id->status->serialSz;
-
-    if (output == NULL) {
-        *intSize = idx;
-        ret = SetSequence(idx, NULL);
-        if (ret < 0)
-            return ret;
-        idx += ret;
-        *totalSz = idx;
-    }
-    else if (idx != *totalSz) {
-        return BUFFER_E;
-    }
-
-    return 0;
-}
-
-static int OcspRespIdMatches(OcspResponse* resp, const byte* NameHash,
-    const byte* keyHash)
-{
-    if (resp->responderIdType == OCSP_RESPONDER_ID_NAME) {
-        return XMEMCMP(NameHash, resp->responderId.nameHash,
-                   SIGNER_DIGEST_SIZE) == 0;
-    }
-    else if (resp->responderIdType == OCSP_RESPONDER_ID_KEY) {
-        return XMEMCMP(keyHash, resp->responderId.keyHash, KEYID_SIZE) == 0;
-    }
-
-    return 0;
-}
-
-static int OcspFindSigner(WOLFSSL_OCSP_BASICRESP *resp,
-    WOLF_STACK_OF(WOLFSSL_X509) *certs, DecodedCert **signer, int *embedded,
-    unsigned long flags)
-{
-    WOLFSSL_X509 *signer_x509 = NULL;
-    DecodedCert *certDecoded;
-    int i;
-
-    certDecoded = (DecodedCert *)XMALLOC(sizeof(*certDecoded), resp->heap,
-                                            DYNAMIC_TYPE_DCERT);
-    if (certDecoded == NULL)
-        return MEMORY_E;
-
-    for (i = 0; i < wolfSSL_sk_X509_num(certs); i++) {
-        signer_x509 = wolfSSL_sk_X509_value(certs, i);
-        if (signer_x509 == NULL)
-            continue;
-
-        InitDecodedCert(certDecoded, signer_x509->derCert->buffer,
-                       signer_x509->derCert->length, resp->heap);
-        if (ParseCertRelative(certDecoded, CERT_TYPE, NO_VERIFY,
-                NULL, NULL) == 0) {
-                if (OcspRespIdMatches(resp, certDecoded->subjectHash,
-                        certDecoded->subjectKeyHash)) {
-                    *signer = certDecoded;
-                    *embedded = 0;
-                    return 0;
-                }
-        }
-        FreeDecodedCert(certDecoded);
-    }
-
-    if (flags & WOLFSSL_OCSP_NOINTERN) {
-        XFREE(certDecoded, resp->heap, DYNAMIC_TYPE_DCERT);
-        return ASN_NO_SIGNER_E;
-    }
-
-    /* not found in certs, search the cert embedded in the response */
-    InitDecodedCert(certDecoded, resp->cert, resp->certSz, resp->heap);
-    if (ParseCertRelative(certDecoded, CERT_TYPE, NO_VERIFY, NULL, NULL) == 0) {
-        if (OcspRespIdMatches(resp, certDecoded->subjectHash,
-                certDecoded->subjectKeyHash)) {
-            *signer = certDecoded;
-            *embedded = 1;
-            return 0;
-        }
-    }
-    FreeDecodedCert(certDecoded);
-
-    XFREE(certDecoded, resp->heap, DYNAMIC_TYPE_DCERT);
-    return ASN_NO_SIGNER_E;
-}
-
-static int OcspVerifySigner(WOLFSSL_OCSP_BASICRESP *resp, DecodedCert *cert,
-     WOLFSSL_X509_STORE *st, unsigned long flags)
-{
-    WC_DECLARE_VAR(c, DecodedCert, 1, 0);
-
-    int ret = -1;
-    if (st == NULL)
-        return ASN_OCSP_CONFIRM_E;
-
-    WC_ALLOC_VAR_EX(c, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT,
-        return MEMORY_E);
-
-    InitDecodedCert(c, cert->source, cert->maxIdx, NULL);
-    if (ParseCertRelative(c, CERT_TYPE, VERIFY, st->cm, NULL) != 0) {
-        ret = ASN_OCSP_CONFIRM_E;
-        goto err;
-    }
-#ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK
-    if ((flags & WOLFSSL_OCSP_NOCHECKS) == 0) {
-        ret = CheckOcspResponder(resp, c, st->cm);
-    }
-    else {
-        ret = 0;
-    }
-#else
-    (void)resp;
-    (void)flags;
-    ret = 0;
-#endif
-
-err:
-    FreeDecodedCert(c);
-    WC_FREE_VAR_EX(c, NULL, DYNAMIC_TYPE_DCERT);
-    return ret;
-}
-/* Signature verified in DecodeBasicOcspResponse.
- * But no store available to verify certificate. */
-int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP* bs,
-    WOLF_STACK_OF(WOLFSSL_X509) * certs, WOLFSSL_X509_STORE* st,
-    unsigned long flags)
-{
-    int         ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE);
-    int embedded;
-    DecodedCert *cert = NULL;
-
-    ret = OcspFindSigner(bs, certs, &cert, &embedded, flags);
-    if (ret != 0) {
-        WOLFSSL_MSG("OCSP no signer found");
-        return WOLFSSL_FAILURE;
-    }
-
-    /* skip certificate verification if cert in certs and TRUST_OTHER is true */
-    if (!embedded && (flags & WOLFSSL_OCSP_TRUSTOTHER) != 0)
-        flags |= WOLFSSL_OCSP_NOVERIFY;
-
-    /* verify response signature */
-    ret = ConfirmSignature(
-        &cert->sigCtx,
-        bs->response, bs->responseSz,
-        cert->publicKey, cert->pubKeySize, cert->keyOID,
-        bs->sig, bs->sigSz, bs->sigOID, bs->sigParams, bs->sigParamsSz,
-        NULL);
-
-    if (ret != 0) {
-        WOLFSSL_MSG("OCSP signature verification failed");
-        ret = -1;
-        goto err;
-    }
-
-    if ((flags & WOLFSSL_OCSP_NOVERIFY) == 0) {
-        ret = OcspVerifySigner(bs, cert, st, flags);
-    }
-
-err:
-    FreeDecodedCert(cert);
-    XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
-    return ret == 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
-}
-
-void wolfSSL_OCSP_RESPONSE_free(OcspResponse* response)
-{
-    OcspEntry *s, *sNext;
-    if (response == NULL)
-        return;
-
-
-    s = response->single;
-    while (s != NULL) {
-        sNext = s->next;
-        FreeOcspEntry(s, NULL);
-        XFREE(s, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
-        s = sNext;
-    }
-
-    XFREE(response->source, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
-}
-
-#ifndef NO_BIO
-OcspResponse* wolfSSL_d2i_OCSP_RESPONSE_bio(WOLFSSL_BIO* bio,
-    OcspResponse** response)
-{
-    byte*         data;
-    byte*         p;
-    int           len;
-    int           dataAlloced = 0;
-    OcspResponse* ret = NULL;
-
-    if (bio == NULL)
-        return NULL;
-
-    if (bio->type == WOLFSSL_BIO_MEMORY) {
-        len = wolfSSL_BIO_get_mem_data(bio, &data);
-        if (len <= 0 || data == NULL) {
-            return NULL;
-        }
-    }
-#ifndef NO_FILESYSTEM
-    else if (bio->type == WOLFSSL_BIO_FILE) {
-        long fcur;
-        long flen;
-
-        if (bio->ptr.fh == NULL)
-            return NULL;
-
-        fcur = XFTELL(bio->ptr.fh);
-        if (fcur < 0)
-            return NULL;
-        if(XFSEEK(bio->ptr.fh, 0, SEEK_END) != 0)
-            return NULL;
-        flen = XFTELL(bio->ptr.fh);
-        if (flen < 0)
-            return NULL;
-        if (XFSEEK(bio->ptr.fh, fcur, SEEK_SET) != 0)
-            return NULL;
-
-        /* check calculated length */
-        fcur = flen - fcur;
-        if (fcur > MAX_WOLFSSL_FILE_SIZE || fcur <= 0)
-            return NULL;
-
-        data = (byte*)XMALLOC((size_t)fcur, 0, DYNAMIC_TYPE_TMP_BUFFER);
-        if (data == NULL)
-            return NULL;
-        dataAlloced = 1;
-
-        len = wolfSSL_BIO_read(bio, (char *)data, (int)flen);
-    }
-#endif
-    else
-        return NULL;
-
-    if (len > 0) {
-        p = data;
-        ret = wolfSSL_d2i_OCSP_RESPONSE(response, (const unsigned char **)&p,
-            len);
-    }
-
-    if (dataAlloced)
-        XFREE(data, 0, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-#endif /* !NO_BIO */
-
-OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response,
-    const unsigned char** data, int len)
-{
-    OcspResponse *resp = NULL;
-    word32 idx = 0;
-    int length = 0;
-    int ret;
-
-    if (data == NULL)
-        return NULL;
-
-    if (response != NULL)
-        resp = *response;
-    if (resp == NULL) {
-        resp = (OcspResponse*)XMALLOC(sizeof(OcspResponse), NULL,
-                                      DYNAMIC_TYPE_OCSP_REQUEST);
-        if (resp == NULL)
-            return NULL;
-        XMEMSET(resp, 0, sizeof(OcspResponse));
-    }
-
-    resp->source = (byte*)XMALLOC((size_t)len, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (resp->source == NULL) {
-        XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
-        return NULL;
-    }
-    resp->single = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
-                                      DYNAMIC_TYPE_OCSP_ENTRY);
-    if (resp->single == NULL) {
-        XFREE(resp->source, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
-        return NULL;
-    }
-    XMEMSET(resp->single, 0, sizeof(OcspEntry));
-    resp->single->status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
-                                      DYNAMIC_TYPE_OCSP_STATUS);
-    resp->single->ownStatus = 1;
-    if (resp->single->status == NULL) {
-        XFREE(resp->source, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(resp->single, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
-        XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
-        return NULL;
-    }
-    XMEMSET(resp->single->status, 0, sizeof(CertStatus));
-
-    XMEMCPY(resp->source, *data, (size_t)len);
-    resp->maxIdx = (word32)len;
-
-    ret = OcspResponseDecode(resp, NULL, NULL, 1, 1);
-    if (ret != 0 && ret != WC_NO_ERR_TRACE(ASN_OCSP_CONFIRM_E)) {
-        /* for just converting from a DER to an internal structure the CA may
-         * not yet be known to this function for signature verification */
-        wolfSSL_OCSP_RESPONSE_free(resp);
-        return NULL;
-    }
-
-    if (GetSequence(*data, &idx, &length, (word32)len) >= 0)
-        (*data) += (unsigned char) ((int)idx + length);
-
-    if (response != NULL && *response == NULL)
-        *response = resp;
-
-    return resp;
-}
-
-int wolfSSL_i2d_OCSP_RESPONSE(OcspResponse* response,
-    unsigned char** data)
-{
-    if (data == NULL)
-        return (int)response->maxIdx;
-
-    XMEMCPY(*data, response->source, response->maxIdx);
-    return (int)response->maxIdx;
-}
-
-int wolfSSL_OCSP_response_status(OcspResponse *response)
-{
-    return response->responseStatus;
-}
-
-const char *wolfSSL_OCSP_response_status_str(long s)
-{
-    switch (s) {
-        case OCSP_SUCCESSFUL:
-            return "successful";
-        case OCSP_MALFORMED_REQUEST:
-            return "malformedrequest";
-        case OCSP_INTERNAL_ERROR:
-            return "internalerror";
-        case OCSP_TRY_LATER:
-            return "trylater";
-        case OCSP_SIG_REQUIRED:
-            return "sigrequired";
-        case OCSP_UNAUTHORIZED:
-            return "unauthorized";
-        default:
-            return "(UNKNOWN)";
-    }
-}
-
-WOLFSSL_OCSP_BASICRESP* wolfSSL_OCSP_response_get1_basic(OcspResponse* response)
-{
-    WOLFSSL_OCSP_BASICRESP* bs;
-    const unsigned char *ptr = response->source;
-
-    bs = wolfSSL_d2i_OCSP_RESPONSE(NULL, &ptr, response->maxIdx);
-    return bs;
-}
-
-OcspRequest* wolfSSL_OCSP_REQUEST_new(void)
-{
-    OcspRequest* request;
-
-    request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
-                                    DYNAMIC_TYPE_OPENSSL);
-    if (request != NULL)
-        XMEMSET(request, 0, sizeof(OcspRequest));
-
-    return request;
-}
-
-void wolfSSL_OCSP_REQUEST_free(OcspRequest* request)
-{
-    FreeOcspRequest(request);
-    XFREE(request, NULL, DYNAMIC_TYPE_OPENSSL);
-}
-
-int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request, unsigned char** data)
-{
-    int size;
-
-    if (request == NULL)
-        return BAD_FUNC_ARG;
-
-    size = EncodeOcspRequest(request, NULL, 0);
-    if (size <= 0 || data == NULL)
-        return size;
-
-    return EncodeOcspRequest(request, *data, (word32) size);
-}
-
-WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
-    WOLFSSL_OCSP_CERTID *cid)
-{
-    if (req == NULL || cid == NULL || cid->status == NULL)
-        return NULL;
-
-    if (req->cid != NULL)
-        wolfSSL_OCSP_CERTID_free((WOLFSSL_OCSP_CERTID*)req->cid);
-    /* Keep to free */
-    req->cid = (void*)cid;
-
-    XMEMCPY(req->issuerHash, cid->issuerHash, KEYID_SIZE);
-    XMEMCPY(req->issuerKeyHash, cid->issuerKeyHash, KEYID_SIZE);
-    if (cid->status->serialSz > req->serialSz) {
-        XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP);
-        req->serial = (byte*)XMALLOC((size_t)cid->status->serialSz,
-                req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
-        if (req->serial == NULL)
-            return NULL;
-    }
-    XMEMCPY(req->serial, cid->status->serial, (size_t)cid->status->serialSz);
-    req->serialSz = cid->status->serialSz;
-
-    return req;
-}
-
-WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_CERTID_dup(WOLFSSL_OCSP_CERTID* id)
-{
-    WOLFSSL_OCSP_CERTID* certId;
-
-    if (id == NULL)
-        return NULL;
-
-    certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID),
-        NULL, DYNAMIC_TYPE_OPENSSL);
-    if (certId) {
-        XMEMCPY(certId, id, sizeof(WOLFSSL_OCSP_CERTID));
-    }
-    return certId;
-}
-
-#ifndef NO_BIO
-int wolfSSL_i2d_OCSP_REQUEST_bio(WOLFSSL_BIO* out,
-        WOLFSSL_OCSP_REQUEST *req)
-{
-    int size = -1;
-    unsigned char* data = NULL;
-
-    WOLFSSL_ENTER("wolfSSL_i2d_OCSP_REQUEST_bio");
-    if (out == NULL || req == NULL)
-        return WOLFSSL_FAILURE;
-
-    size = wolfSSL_i2d_OCSP_REQUEST(req, NULL);
-    if (size > 0) {
-        data = (unsigned char*) XMALLOC((size_t)size, out->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-    }
-
-    if (data != NULL) {
-        size = wolfSSL_i2d_OCSP_REQUEST(req, &data);
-    }
-
-    if (size <= 0) {
-        XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return WOLFSSL_FAILURE;
-    }
-
-    if (wolfSSL_BIO_write(out, data, size) == (int)size) {
-        XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return WOLFSSL_SUCCESS;
-    }
-
-    XFREE(data, out->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    return WOLFSSL_FAILURE;
-}
-#endif /* !NO_BIO */
-
-int wolfSSL_i2d_OCSP_CERTID(WOLFSSL_OCSP_CERTID* id, unsigned char** data)
-{
-    int allocated = 0;
-    word32 derSz = 0;
-    word32 intSz = 0;
-    int ret;
-    WOLFSSL_ENTER("wolfSSL_i2d_OCSP_CERTID");
-
-    if (id == NULL)
-        return -1;
-
-    if (id->rawCertId != NULL) {
-        derSz = id->rawCertIdSize;
-    }
-    else {
-        ret = OcspEncodeCertID(id, NULL, &derSz, &intSz);
-        if (ret != 0) {
-            WOLFSSL_MSG("Failed to calculate CertID size");
-            return -1;
-        }
-    }
-
-    if (data == NULL) {
-        return derSz;
-    }
-
-    if (*data == NULL) {
-        /* Allocate buffer for DER encoding */
-        *data = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_OPENSSL);
-        if (*data == NULL) {
-            WOLFSSL_MSG("Failed to allocate memory for CertID DER encoding");
-            return -1;
-        }
-        allocated = 1;
-    }
-
-    if (id->rawCertId != NULL) {
-        XMEMCPY(*data, id->rawCertId, id->rawCertIdSize);
-    }
-    else {
-        ret = OcspEncodeCertID(id, *data, &derSz, &intSz);
-        if (ret < 0) {
-            WOLFSSL_MSG("Failed to encode CertID");
-            if (allocated) {
-                XFREE(*data, NULL, DYNAMIC_TYPE_OPENSSL);
-                *data = NULL;
-            }
-            return -1;
-        }
-    }
-
-    if (!allocated)
-        *data += derSz;
-
-    return derSz;
-}
-
-WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
-                                             const unsigned char** derIn,
-                                             int length)
-{
-    WOLFSSL_OCSP_CERTID *cid = NULL;
-    int isAllocated = 0;
-    word32 idx = 0;
-    int ret;
-
-    if (derIn == NULL || *derIn == NULL || length <= 0)
-        return NULL;
-
-    if (cidOut != NULL && *cidOut != NULL) {
-        cid = *cidOut;
-        FreeOcspEntry(cid, NULL);
-    }
-    else {
-        cid = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(WOLFSSL_OCSP_CERTID), NULL,
-            DYNAMIC_TYPE_OPENSSL);
-        if (cid == NULL)
-            return NULL;
-        isAllocated = 1;
-    }
-
-    XMEMSET(cid, 0, sizeof(WOLFSSL_OCSP_CERTID));
-    cid->status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
-        DYNAMIC_TYPE_OCSP_STATUS);
-    if (cid->status == NULL) {
-        XFREE(cid, NULL, DYNAMIC_TYPE_OPENSSL);
-        return NULL;
-    }
-    XMEMSET(cid->status, 0, sizeof(CertStatus));
-    cid->ownStatus = 1;
-
-    ret = OcspDecodeCertID(*derIn, &idx, length, cid);
-    if (ret != 0) {
-        FreeOcspEntry(cid, NULL);
-        if (isAllocated) {
-            XFREE(cid, NULL, DYNAMIC_TYPE_OPENSSL);
-        }
-        return NULL;
-    }
-
-    *derIn += idx;
-
-    if (isAllocated && cidOut != NULL)
-        *cidOut = cid;
-
-    return cid;
-}
-
-const WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_SINGLERESP_get0_id(
-    const WOLFSSL_OCSP_SINGLERESP *single)
-{
-    return single;
-}
-
-/**
- * Compare two WOLFSSL_OCSP_CERTID objects
- * @param a
- * @param b
- * @return 0 on success and when objects have the same id otherwise either
- *         the id's don't match or an error occurred
- */
-int wolfSSL_OCSP_id_cmp(WOLFSSL_OCSP_CERTID *a, WOLFSSL_OCSP_CERTID *b)
-{
-    int ret = 0;
-    if (a == NULL || b == NULL)
-        return WOLFSSL_FATAL_ERROR;
-
-    ret = a->hashAlgoOID != b->hashAlgoOID;
-    if (ret == 0)
-        ret = XMEMCMP(a->issuerHash, b->issuerHash, OCSP_DIGEST_SIZE);
-    if (ret == 0)
-        ret = XMEMCMP(a->issuerKeyHash, b->issuerKeyHash, OCSP_DIGEST_SIZE);
-    if (ret == 0) {
-        if (a->status != NULL && b->status != NULL) {
-            if (a->status->serialSz == b->status->serialSz)
-                ret = XMEMCMP(a->status->serial, b->status->serial,
-                        (size_t)a->status->serialSz);
-            else
-                ret = -1;
-        }
-        else if (a->status != b->status) {
-            /* If either is not null then return non-zero */
-            ret = -1;
-        }
-    }
-    return ret;
-}
-
-int wolfSSL_OCSP_single_get0_status(WOLFSSL_OCSP_SINGLERESP *single,
-                                    int *reason,
-                                    WOLFSSL_ASN1_TIME **revtime,
-                                    WOLFSSL_ASN1_TIME **thisupd,
-                                    WOLFSSL_ASN1_TIME **nextupd)
-{
-    if (single == NULL)
-        return WOLFSSL_FAILURE;
-
-#ifdef WOLFSSL_OCSP_PARSE_STATUS
-    if (thisupd != NULL)
-        *thisupd = &single->status->thisDateParsed;
-    if (nextupd != NULL)
-        *nextupd = &single->status->nextDateParsed;
-#else
-    if (thisupd != NULL)
-        *thisupd = NULL;
-    if (nextupd != NULL)
-        *nextupd = NULL;
-#endif
-    if (reason != NULL)
-        *reason = 0;
-    if (revtime != NULL)
-        *revtime = NULL;
-
-    return single->status->status;
-}
-
-int wolfSSL_OCSP_resp_count(WOLFSSL_OCSP_BASICRESP *bs)
-{
-    WOLFSSL_OCSP_SINGLERESP* single;
-    int count = 0;
-
-    if (bs == NULL)
-        return WOLFSSL_FAILURE;
-
-    single = bs->single;
-    while(single != NULL)
-    {
-        ++count;
-        single = single->next;
-    }
-
-    return count;
-}
-
-WOLFSSL_OCSP_SINGLERESP* wolfSSL_OCSP_resp_get0(WOLFSSL_OCSP_BASICRESP *bs, int idx)
-{
-    WOLFSSL_OCSP_SINGLERESP* single;
-    int currIdx = 0;
-
-    if (bs == NULL)
-        return NULL;
-
-    single = bs->single;
-    while(single != NULL && currIdx != idx)
-    {
-        single = single->next;
-        ++currIdx;
-    }
-
-    return single;
-}
-
-#endif /* OPENSSL_EXTRA */
-
-#ifdef OPENSSL_ALL
-
-/*******************************************************************************
- * START OF WOLFSSL_OCSP_REQ_CTX API
- ******************************************************************************/
-
-enum ocspReqStates {
-    ORS_INVALID = 0,
-    ORS_HEADER_ADDED,
-    ORS_REQ_DONE
-};
-
-enum ocspReqIOStates {
-    ORIOS_INVALID = 0,
-    ORIOS_WRITE,
-    ORIOS_READ
-};
-
-WOLFSSL_OCSP_REQ_CTX* wolfSSL_OCSP_REQ_CTX_new(WOLFSSL_BIO *bio, int maxline)
-{
-    WOLFSSL_OCSP_REQ_CTX* ret = NULL;
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_new");
-
-    if (maxline <= 0)
-        maxline = OCSP_MAX_REQUEST_SZ;
-
-    ret = (WOLFSSL_OCSP_REQ_CTX*)XMALLOC(sizeof(*ret), NULL,
-            DYNAMIC_TYPE_OPENSSL);
-    if (ret != NULL) {
-        XMEMSET(ret, 0, sizeof(*ret));
-        ret->buf = (byte*)XMALLOC((word32)maxline, NULL, DYNAMIC_TYPE_OPENSSL);
-        if (ret->buf == NULL)
-            goto error;
-        ret->reqResp = wolfSSL_BIO_new(wolfSSL_BIO_s_mem());
-        ret->bufLen = maxline;
-        ret->bio = bio;
-        ret->ioState = ORIOS_WRITE;
-    }
-
-    return ret;
-error:
-    wolfSSL_OCSP_REQ_CTX_free(ret);
-    return NULL;
-}
-
-void wolfSSL_OCSP_REQ_CTX_free(WOLFSSL_OCSP_REQ_CTX *ctx)
-{
-    WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_free");
-    if (ctx != NULL) {
-        if (ctx->buf != NULL)
-            XFREE(ctx->buf, NULL, DYNAMIC_TYPE_OPENSSL);
-        if (ctx->reqResp != NULL)
-            wolfSSL_BIO_free(ctx->reqResp);
-        XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
-    }
-}
-
-WOLFSSL_OCSP_REQ_CTX* wolfSSL_OCSP_sendreq_new(WOLFSSL_BIO *bio,
-        const char *path, OcspRequest *req, int maxline)
-{
-    WOLFSSL_OCSP_REQ_CTX* ret = NULL;
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_sendreq_new");
-
-    ret = wolfSSL_OCSP_REQ_CTX_new(bio, maxline);
-    if (ret == NULL)
-        return NULL;
-
-    if (wolfSSL_OCSP_REQ_CTX_http(ret, "POST", path) != WOLFSSL_SUCCESS)
-        goto error;
-
-    if (req != NULL &&
-            wolfSSL_OCSP_REQ_CTX_set1_req(ret, req) != WOLFSSL_SUCCESS)
-        goto error;
-
-    return ret;
-error:
-    wolfSSL_OCSP_REQ_CTX_free(ret);
-    return NULL;
-}
-
-int wolfSSL_OCSP_REQ_CTX_add1_header(WOLFSSL_OCSP_REQ_CTX *ctx,
-                             const char *name, const char *value)
-{
-    WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_add1_header");
-
-    if (name == NULL) {
-        WOLFSSL_MSG("Bad parameter");
-        return WOLFSSL_FAILURE;
-    }
-    if (wolfSSL_BIO_puts(ctx->reqResp, name) <= 0) {
-        WOLFSSL_MSG("wolfSSL_BIO_puts error");
-        return WOLFSSL_FAILURE;
-    }
-    if (value != NULL) {
-        if (wolfSSL_BIO_write(ctx->reqResp, ": ", 2) != 2) {
-            WOLFSSL_MSG("wolfSSL_BIO_write error");
-            return WOLFSSL_FAILURE;
-        }
-        if (wolfSSL_BIO_puts(ctx->reqResp, value) <= 0) {
-            WOLFSSL_MSG("wolfSSL_BIO_puts error");
-            return WOLFSSL_FAILURE;
-        }
-    }
-    if (wolfSSL_BIO_write(ctx->reqResp, "\r\n", 2) != 2) {
-        WOLFSSL_MSG("wolfSSL_BIO_write error");
-        return WOLFSSL_FAILURE;
-    }
-
-    ctx->state = ORS_HEADER_ADDED;
-
-    return WOLFSSL_SUCCESS;
-}
-
-int wolfSSL_OCSP_REQ_CTX_http(WOLFSSL_OCSP_REQ_CTX *ctx, const char *op,
-        const char *path)
-{
-    static const char http_hdr[] = "%s %s HTTP/1.0\r\n";
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_http");
-
-    if (ctx == NULL || op == NULL) {
-        WOLFSSL_MSG("Bad parameter");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (path == NULL)
-        path = "/";
-
-    if (wolfSSL_BIO_printf(ctx->reqResp, http_hdr, op, path) <= 0) {
-        WOLFSSL_MSG("WOLFSSL_OCSP_REQ_CTX: wolfSSL_BIO_printf error");
-        return WOLFSSL_FAILURE;
-    }
-
-    ctx->state = ORS_HEADER_ADDED;
-
-    return WOLFSSL_SUCCESS;
-}
-
-int wolfSSL_OCSP_REQ_CTX_set1_req(WOLFSSL_OCSP_REQ_CTX *ctx, OcspRequest *req)
-{
-    static const char req_hdr[] =
-        "Content-Type: application/ocsp-request\r\n"
-        "Content-Length: %d\r\n\r\n";
-    /* Should be enough to hold Content-Length */
-    char req_hdr_buf[sizeof(req_hdr) + 10];
-    int req_hdr_buf_len;
-    int req_len = wolfSSL_i2d_OCSP_REQUEST(req, NULL);
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_set1_req");
-
-    if (ctx == NULL || req == NULL) {
-        WOLFSSL_MSG("Bad parameters");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (req_len <= 0) {
-        WOLFSSL_MSG("wolfSSL_OCSP_REQ_CTX_set1_req: request len error");
-        return WOLFSSL_FAILURE;
-    }
-
-    req_hdr_buf_len =
-            XSNPRINTF(req_hdr_buf, sizeof(req_hdr_buf), req_hdr, req_len);
-    if (req_hdr_buf_len >= (int)sizeof(req_hdr_buf)) {
-        WOLFSSL_MSG("wolfSSL_OCSP_REQ_CTX_set1_req: request too long");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (wolfSSL_BIO_write(ctx->reqResp, req_hdr_buf, req_hdr_buf_len) <= 0) {
-        WOLFSSL_MSG("wolfSSL_OCSP_REQ_CTX_set1_req: wolfSSL_BIO_write error");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (wolfSSL_i2d_OCSP_REQUEST_bio(ctx->reqResp, req) <= 0) {
-        WOLFSSL_MSG("wolfSSL_OCSP_REQ_CTX_set1_req: request i2d error");
-        return WOLFSSL_FAILURE;
-    }
-
-    ctx->state = ORS_REQ_DONE;
-
-    return WOLFSSL_SUCCESS;
-}
-
-static int OCSP_REQ_CTX_bio_cb(char *buf, int sz, void *ctx)
-{
-    return BioReceiveInternal((WOLFSSL_BIO*)ctx, NULL, buf, sz);
-}
-
-int wolfSSL_OCSP_REQ_CTX_nbio(WOLFSSL_OCSP_REQ_CTX *ctx)
-{
-    WOLFSSL_ENTER("wolfSSL_OCSP_REQ_CTX_nbio");
-
-    if (ctx == NULL) {
-        WOLFSSL_MSG("Bad parameters");
-        return WOLFSSL_FAILURE;
-    }
-
-    switch ((enum ocspReqIOStates)ctx->ioState) {
-        case ORIOS_WRITE:
-        case ORIOS_READ:
-            break;
-        case ORIOS_INVALID:
-        default:
-            WOLFSSL_MSG("Invalid ctx->ioState state");
-            return WOLFSSL_FAILURE;
-    }
-
-    if (ctx->ioState == ORIOS_WRITE) {
-        switch ((enum ocspReqStates)ctx->state) {
-            case ORS_HEADER_ADDED:
-                /* Write final new line to complete http header */
-                if (wolfSSL_BIO_write(ctx->reqResp, "\r\n", 2) != 2) {
-                    WOLFSSL_MSG("wolfSSL_BIO_write error");
-                    return WOLFSSL_FAILURE;
-                }
-                break;
-            case ORS_REQ_DONE:
-                break;
-            case ORS_INVALID:
-            default:
-                WOLFSSL_MSG("Invalid WOLFSSL_OCSP_REQ_CTX state");
-                return WOLFSSL_FAILURE;
-        }
-    }
-
-    switch ((enum ocspReqIOStates)ctx->ioState) {
-        case ORIOS_WRITE:
-        {
-            const unsigned char *req;
-            int reqLen = wolfSSL_BIO_get_mem_data(ctx->reqResp, (void*)&req);
-            if (reqLen <= 0) {
-                WOLFSSL_MSG("wolfSSL_BIO_get_mem_data error");
-                return WOLFSSL_FAILURE;
-            }
-            while (ctx->sent < reqLen) {
-                int sent = wolfSSL_BIO_write(ctx->bio, req + ctx->sent,
-                        reqLen - ctx->sent);
-                if (sent <= 0) {
-                    if (wolfSSL_BIO_should_retry(ctx->bio))
-                        return WOLFSSL_FATAL_ERROR;
-                    WOLFSSL_MSG("wolfSSL_BIO_write error");
-                    ctx->ioState = ORIOS_INVALID;
-                    return 0;
-                }
-                ctx->sent += sent;
-            }
-            ctx->sent = 0;
-            ctx->ioState = ORIOS_READ;
-            (void)wolfSSL_BIO_reset(ctx->reqResp);
-            FALL_THROUGH;
-        }
-        case ORIOS_READ:
-        {
-            byte* resp = NULL;
-            int respLen;
-            int ret;
-
-            if (ctx->buf == NULL) /* Should be allocated in new call */
-                return WOLFSSL_FAILURE;
-
-            ret = wolfIO_HttpProcessResponseOcspGenericIO(OCSP_REQ_CTX_bio_cb,
-                    ctx->bio, &resp, ctx->buf, ctx->bufLen, NULL);
-            if (ret <= 0) {
-                if (resp != NULL)
-                    XFREE(resp, NULL, DYNAMIC_TYPE_OCSP);
-                if (ret == WC_NO_ERR_TRACE(WOLFSSL_CBIO_ERR_WANT_READ) ||
-                    ret == WC_NO_ERR_TRACE(OCSP_WANT_READ))
-                {
-                    return WOLFSSL_FATAL_ERROR;
-                }
-                return WOLFSSL_FAILURE;
-            }
-            respLen = ret;
-            ret = wolfSSL_BIO_write(ctx->reqResp, resp, respLen);
-            XFREE(resp, NULL, DYNAMIC_TYPE_OCSP);
-            if (ret != respLen) {
-                WOLFSSL_MSG("wolfSSL_BIO_write error");
-                return WOLFSSL_FAILURE;
-            }
-            break;
-        }
-        case ORIOS_INVALID:
-        default:
-            WOLFSSL_MSG("Invalid ctx->ioState state");
-            return WOLFSSL_FAILURE;
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-int wolfSSL_OCSP_sendreq_nbio(OcspResponse **presp, WOLFSSL_OCSP_REQ_CTX *ctx)
-{
-    int ret;
-    int len;
-    const unsigned char *resp = NULL;
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_sendreq_nbio");
-
-    if (presp == NULL)
-        return WOLFSSL_FAILURE;
-
-    ret = wolfSSL_OCSP_REQ_CTX_nbio(ctx);
-    if (ret != WOLFSSL_SUCCESS)
-        return ret;
-
-    len = wolfSSL_BIO_get_mem_data(ctx->reqResp, (void*)&resp);
-    if (len <= 0)
-        return WOLFSSL_FAILURE;
-    return wolfSSL_d2i_OCSP_RESPONSE(presp, &resp, len) != NULL
-            ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
-}
-
-/*******************************************************************************
- * END OF WOLFSSL_OCSP_REQ_CTX API
- ******************************************************************************/
-
-#ifndef NO_WOLFSSL_STUB
-int wolfSSL_OCSP_REQUEST_add_ext(OcspRequest* req, WOLFSSL_X509_EXTENSION* ext,
-        int idx)
-{
-    WOLFSSL_STUB("wolfSSL_OCSP_REQUEST_add_ext");
-    (void)req;
-    (void)ext;
-    (void)idx;
-    return WOLFSSL_FATAL_ERROR;
-}
-#endif
-
-#ifndef NO_WOLFSSL_STUB
-OcspResponse* wolfSSL_OCSP_response_create(int status,
-    WOLFSSL_OCSP_BASICRESP* bs)
-{
-    WOLFSSL_STUB("wolfSSL_OCSP_response_create");
-    (void)status;
-    (void)bs;
-    return NULL;
-}
-#endif
-
-#ifndef NO_WOLFSSL_STUB
-const char* wolfSSL_OCSP_crl_reason_str(long s)
-{
-    WOLFSSL_STUB("wolfSSL_OCSP_crl_reason_str");
-    (void)s;
-    return NULL;
-}
-#endif
-
-/* Returns elements of an OCSP_CERTID struct. Currently only supports
- * returning the serial number, and returns an error if user requests
- * any of name, pmd, and/or keyHash.
- * Return 1 on success, 0 on failure */
-int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING **name,
-  WOLFSSL_ASN1_OBJECT **pmd, WOLFSSL_ASN1_STRING **keyHash,
-  WOLFSSL_ASN1_INTEGER **serial, WOLFSSL_OCSP_CERTID *cid)
-{
-    WOLFSSL_ENTER("wolfSSL_OCSP_id_get0_info");
-
-    if (cid == NULL)
-        return 0;
-
-    /* build up ASN1_INTEGER for serial */
-    if (serial != NULL) {
-        int i = 0;
-        WOLFSSL_ASN1_INTEGER* ser;
-
-        ser = wolfSSL_ASN1_INTEGER_new();
-        if (ser == NULL)
-            return 0;
-
-        if (cid->status->serialSz > (WOLFSSL_ASN1_INTEGER_MAX - 2)) {
-            /* allocate data buffer, +2 for type and length */
-            ser->data = (unsigned char*)XMALLOC((size_t)cid->status->serialSz + 2, NULL,
-                DYNAMIC_TYPE_OPENSSL);
-            if (ser->data == NULL) {
-                wolfSSL_ASN1_INTEGER_free(ser);
-                return 0;
-            }
-            ser->dataMax = (unsigned int)cid->status->serialSz + 2;
-            ser->isDynamic = 1;
-        } else {
-            /* Use array instead of dynamic memory */
-            ser->data    = ser->intData;
-            ser->dataMax = WOLFSSL_ASN1_INTEGER_MAX;
-        }
-
-        #if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
-            /* Serial number starts at 0 index of ser->data */
-            XMEMCPY(&ser->data[i], cid->status->serial,
-                (size_t)cid->status->serialSz);
-            ser->length = cid->status->serialSz;
-        #else
-            ser->data[i++] = ASN_INTEGER;
-            i += SetLength(cid->status->serialSz, ser->data + i);
-            XMEMCPY(&ser->data[i], cid->status->serial,
-                (size_t)cid->status->serialSz);
-            ser->length = i + cid->status->serialSz;
-        #endif
-
-        cid->status->serialInt = ser;
-        *serial = ser;
-    }
-
-    /* Not needed for Apache, return error if user is requesting */
-    if (name != NULL || pmd != NULL || keyHash != NULL) {
-        if (name != NULL)
-            *name = NULL;
-
-        if (pmd != NULL)
-            *pmd = NULL;
-
-        if (keyHash != NULL)
-            *keyHash = NULL;
-        return 0;
-    }
-
-    return 1;
-}
-
-int wolfSSL_OCSP_request_add1_nonce(OcspRequest* req, unsigned char* val,
-        int sz)
-{
-    WC_RNG rng;
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_request_add1_nonce");
-
-    if (req == NULL || sz > MAX_OCSP_NONCE_SZ) {
-        WOLFSSL_MSG("Bad parameter");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (sz <= 0)
-        sz = MAX_OCSP_NONCE_SZ;
-
-    if (val != NULL) {
-        XMEMCPY(req->nonce, val, (size_t)sz);
-    }
-    else {
-        if (
-#ifndef HAVE_FIPS
-            wc_InitRng_ex(&rng, req->heap, INVALID_DEVID)
-#else
-            wc_InitRng(&rng)
-#endif
-            != 0) {
-            WOLFSSL_MSG("RNG init failed");
-            return WOLFSSL_FAILURE;
-        }
-        if (wc_RNG_GenerateBlock(&rng, req->nonce, (word32)sz) != 0) {
-            WOLFSSL_MSG("wc_RNG_GenerateBlock failed");
-            wc_FreeRng(&rng);
-            return WOLFSSL_FAILURE;
-        }
-        wc_FreeRng(&rng);
-    }
-    req->nonceSz = sz;
-
-    return WOLFSSL_SUCCESS;
-}
-
-/* Returns result of OCSP nonce comparison. Return values:
- *  1 - nonces are both present and equal
- *  2 - both nonces are absent
- *  3 - nonce only present in response
- * -1 - nonce only present in request
- *  0 - both nonces present and equal
- */
-int wolfSSL_OCSP_check_nonce(OcspRequest* req, WOLFSSL_OCSP_BASICRESP* bs)
-{
-    byte* reqNonce = NULL;
-    byte* rspNonce = NULL;
-    int reqNonceSz = 0;
-    int rspNonceSz = 0;
-
-    WOLFSSL_ENTER("wolfSSL_OCSP_check_nonce");
-
-    if (req != NULL) {
-        reqNonce = req->nonce;
-        reqNonceSz = req->nonceSz;
-    }
-
-    if (bs != NULL) {
-        rspNonce = bs->nonce;
-        rspNonceSz = bs->nonceSz;
-    }
-
-    /* nonce absent in both req and rsp */
-    if (reqNonce == NULL && rspNonce == NULL)
-        return 2;
-
-    /* nonce present in rsp only */
-    if (reqNonce == NULL && rspNonce != NULL)
-        return 3;
-
-    /* nonce present in req only */
-    if (reqNonce != NULL && rspNonce == NULL)
-        return WOLFSSL_FATAL_ERROR;
-
-    /* nonces are present and equal, return 1. Extra NULL check for fixing
-        scan-build warning. */
-    if (reqNonceSz == rspNonceSz && reqNonce && rspNonce) {
-        if (XMEMCMP(reqNonce, rspNonce, (size_t)reqNonceSz) == 0)
-            return 1;
-    }
-
-    /* nonces are present but not equal */
-    return 0;
-}
-
-#endif /* OPENSSL_ALL */
-
-#else /* HAVE_OCSP */
-
-
-#ifdef _MSC_VER
-    /* 4206 warning for blank file */
-    #pragma warning(disable: 4206)
-#endif
-
-
-#endif /* HAVE_OCSP */
-#endif /* WOLFCRYPT_ONLY */
diff --git a/src/ssl/wolfssl/quic.c b/src/ssl/wolfssl/quic.c
deleted file mode 100644
index 21f64903b..000000000
--- a/src/ssl/wolfssl/quic.c
+++ /dev/null
@@ -1,1387 +0,0 @@
-/* quic.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-  /* Name change compatibility layer no longer needs to be included here */
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifndef WOLFCRYPT_ONLY
-#ifdef WOLFSSL_QUIC
-
-#include <wolfssl/error-ssl.h>
-#include <wolfssl/ssl.h>
-#include <wolfssl/internal.h>
-
-#include <wolfssl/openssl/buffer.h>
-#include <wolfssl/openssl/ecdsa.h>
-#include <wolfssl/openssl/evp.h>
-#include <wolfssl/openssl/kdf.h>
-
-
-static int qr_length(const uint8_t *data, size_t len)
-{
-    word32 rlen;
-    if (len < 4) {
-        return 0;
-    }
-    c24to32(&data[1], &rlen);
-    return (int)rlen + 4;
-}
-
-static void quic_record_free(WOLFSSL *ssl, QuicRecord *r)
-{
-    (void)ssl;
-    if (r->data) {
-        ForceZero(r->data, r->capacity);
-        XFREE(r->data, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    XFREE(r, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-}
-
-
-static QuicRecord *quic_record_make(WOLFSSL *ssl,
-                                    WOLFSSL_ENCRYPTION_LEVEL level,
-                                    const uint8_t *data, size_t len)
-{
-    QuicRecord *qr;
-
-    qr = (QuicRecord*)XMALLOC(sizeof(*qr), ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (qr) {
-        memset(qr, 0, sizeof(*qr));
-        qr->level = level;
-        if (level == wolfssl_encryption_early_data) {
-            qr->capacity = qr->len = (word32)len;
-        }
-        else {
-            qr->capacity = qr->len = (word32) qr_length(data, len);
-            if (qr->capacity > WOLFSSL_QUIC_MAX_RECORD_CAPACITY) {
-                WOLFSSL_MSG("QUIC length read larger than expected");
-                quic_record_free(ssl, qr);
-                return NULL;
-            }
-        }
-        if (qr->capacity == 0) {
-            qr->capacity = 2*1024;
-        }
-        qr->data = (uint8_t*)XMALLOC(qr->capacity, ssl->heap,
-                                     DYNAMIC_TYPE_TMP_BUFFER);
-        if (!qr->data) {
-            quic_record_free(ssl, qr);
-            return NULL;
-        }
-    }
-    return qr;
-}
-
-static int quic_record_complete(QuicRecord *r)
-{
-    return r->len && r->end >= r->len;
-}
-
-static int quic_record_done(QuicRecord *r)
-{
-    return r->len && r->end >= r->len && r->start >= r->end;
-}
-
-static int quic_record_append(WOLFSSL *ssl, QuicRecord *qr, const uint8_t *data,
-                              size_t len, size_t *pconsumed)
-{
-    size_t missing, consumed = 0;
-    int ret = WOLFSSL_SUCCESS;
-
-    (void)ssl;
-    if (!qr->len && len) {
-        missing = 4 - qr->end;
-        if (len < missing) {
-            XMEMCPY(qr->data + qr->end, data, len);
-            qr->end += (word32)len;
-            consumed = len;
-            goto cleanup; /* len consumed, but qr->len still unknown */
-        }
-        XMEMCPY(qr->data + qr->end, data, missing);
-        qr->end += (word32)missing;
-        len -= missing;
-        data += missing;
-        consumed = missing;
-
-        qr->len = (word32)qr_length(qr->data, qr->end);
-
-        /* sanity check on length read from wire before use */
-        if (qr->len > WOLFSSL_QUIC_MAX_RECORD_CAPACITY) {
-            WOLFSSL_MSG("Length read for quic is larger than expected");
-            ret = BUFFER_E;
-            goto cleanup;
-        }
-
-        if (qr->len > qr->capacity) {
-            uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->heap,
-                                                DYNAMIC_TYPE_TMP_BUFFER);
-            if (!ndata) {
-                ret = WOLFSSL_FAILURE;
-                goto cleanup;
-            }
-            qr->data = ndata;
-            qr->capacity = qr->len;
-        }
-    }
-
-    if (!quic_record_complete(qr) && len != 0) {
-        missing = qr->len - qr->end;
-        if (len > missing) {
-            len = missing;
-        }
-        XMEMCPY(qr->data + qr->end, data, len);
-        qr->end += (word32)len;
-        consumed += len;
-    }
-
-cleanup:
-    *pconsumed = (ret == WOLFSSL_SUCCESS) ? consumed : 0;
-    return ret;
-}
-
-
-static word32 add_rec_header(byte* output, word32 length, byte type)
-{
-    RecordLayerHeader* rl;
-
-    /* record layer header */
-    rl = (RecordLayerHeader*)output;
-    if (rl == NULL) {
-        return 0;
-    }
-    rl->type    = type;
-    rl->pvMajor = SSLv3_MAJOR;
-    rl->pvMinor = TLSv1_2_MINOR;
-    c16toa((word16)length, rl->length);
-    return RECORD_HEADER_SZ;
-}
-
-static sword32 quic_record_transfer(QuicRecord* qr, byte* buf, word32 sz)
-{
-    word32 len = qr->end - qr->start;
-    word32 offset = 0;
-    word32 rlen;
-
-    if (len <= 0) {
-        return 0;
-    }
-
-    /* We check if the buf is at least RECORD_HEADER_SZ */
-    if (sz < RECORD_HEADER_SZ) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (qr->rec_hdr_remain == 0) {
-        /* start a new TLS record */
-        rlen = (qr->len <= (word32)MAX_RECORD_SIZE) ?
-                qr->len : (word32)MAX_RECORD_SIZE;
-        offset += add_rec_header(buf, rlen,
-                                 (qr->level == wolfssl_encryption_early_data) ?
-                                  application_data : handshake);
-        qr->rec_hdr_remain = rlen;
-        sz -= offset;
-    }
-    if (len > qr->rec_hdr_remain) {
-        len = qr->rec_hdr_remain;
-    }
-    if (len > sz) {
-        len = sz;
-    }
-    if (len > 0) {
-        XMEMCPY(buf + offset, qr->data + qr->start, len);
-        qr->start += len;
-        qr->rec_hdr_remain -= len;
-    }
-    return (sword32)(len + offset);
-}
-
-
-const QuicTransportParam* QuicTransportParam_new(const uint8_t* data,
-                                                 size_t len, void* heap)
-{
-    QuicTransportParam* tp;
-
-    if (len > 65353) return NULL;
-    tp = (QuicTransportParam*)XMALLOC(sizeof(*tp), heap, DYNAMIC_TYPE_TLSX);
-    if (!tp) return NULL;
-    tp->data = (uint8_t*)XMALLOC(len, heap, DYNAMIC_TYPE_TLSX);
-    if (!tp->data) {
-        XFREE(tp, heap, DYNAMIC_TYPE_TLSX);
-        return NULL;
-    }
-    XMEMCPY((uint8_t*)tp->data, data, len);
-    tp->len = (word16)len;
-    return tp;
-}
-
-const QuicTransportParam* QuicTransportParam_dup(const QuicTransportParam* tp,
-                                                 void* heap)
-{
-    QuicTransportParam* tp2;
-    tp2 = (QuicTransportParam*)XMALLOC(sizeof(*tp2), heap, DYNAMIC_TYPE_TLSX);
-    if (!tp2) return NULL;
-    tp2->data = (uint8_t*)XMALLOC(tp->len, heap, DYNAMIC_TYPE_TLSX);
-    if (!tp2->data) {
-        XFREE(tp2, heap, DYNAMIC_TYPE_TLSX);
-        return NULL;
-    }
-    XMEMCPY((uint8_t*)tp2->data, tp->data, tp->len);
-    tp2->len = tp->len;
-    return tp2;
-}
-
-void QuicTransportParam_free(const QuicTransportParam* tp, void* heap)
-{
-    (void)heap;
-    if (tp) {
-        if (tp->data) XFREE((uint8_t*)tp->data, heap, DYNAMIC_TYPE_TLSX);
-        XFREE((void*)tp, heap, DYNAMIC_TYPE_TLSX);
-    }
-}
-
-
-void wolfSSL_quic_clear(WOLFSSL* ssl)
-{
-    QuicEncData* qd;
-
-    /* keep
-     * - ssl->quic.transport_local
-     * - ssl->quic.method
-     * - ssl->quic.transport_version
-     * reset/free everything else
-     */
-    if (ssl->quic.transport_peer) {
-        QTP_FREE(ssl->quic.transport_peer, ssl->heap);
-        ssl->quic.transport_peer = NULL;
-    }
-    if (ssl->quic.transport_peer_draft) {
-        QTP_FREE(ssl->quic.transport_peer_draft, ssl->heap);
-        ssl->quic.transport_peer_draft = NULL;
-    }
-    ssl->quic.enc_level_write = wolfssl_encryption_initial;
-    ssl->quic.enc_level_latest_recvd = wolfssl_encryption_initial;
-
-    while ((qd = ssl->quic.input_head)) {
-        ssl->quic.input_head = qd->next;
-        quic_record_free(ssl, qd);
-    }
-    ssl->quic.input_tail = NULL;
-    ssl->quic.output_rec_remain = 0;
-
-    if (ssl->quic.scratch) {
-        quic_record_free(ssl, ssl->quic.scratch);
-        ssl->quic.scratch = NULL;
-    }
-}
-
-
-void wolfSSL_quic_free(WOLFSSL* ssl)
-{
-    wolfSSL_quic_clear(ssl);
-    if (ssl->quic.transport_local) {
-        QTP_FREE(ssl->quic.transport_local, ssl->heap);
-        ssl->quic.transport_local = NULL;
-    }
-
-    ssl->quic.method = NULL;
-}
-
-
-static int ctx_check_quic_compat(const WOLFSSL_CTX* ctx)
-{
-    WOLFSSL_ENTER("ctx_check_quic_compat");
-    if (ctx->method->version.major != SSLv3_MAJOR
-        || ctx->method->version.minor != TLSv1_3_MINOR
-        || (ctx->method->downgrade && ctx->minDowngrade < TLSv1_3_MINOR)) {
-        WOLFSSL_MSG_EX("ctx not quic compatible: vmajor=%d, vminor=%d, downgrade=%d",
-                       ctx->method->version.major,
-                       ctx->method->version.minor,
-                       ctx->method->downgrade
-                      );
-        return WOLFSSL_FAILURE;
-    }
-    return WOLFSSL_SUCCESS;
-}
-
-static int check_method_sanity(const WOLFSSL_QUIC_METHOD* m)
-{
-    WOLFSSL_ENTER("check_method_sanity");
-    if (m && m->set_encryption_secrets
-        && m->add_handshake_data
-        && m->flush_flight
-        && m->send_alert) {
-        return WOLFSSL_SUCCESS;
-    }
-    return WOLFSSL_FAILURE;
-}
-
-int wolfSSL_CTX_set_quic_method(WOLFSSL_CTX* ctx,
-                                const WOLFSSL_QUIC_METHOD* quic_method)
-{
-    WOLFSSL_ENTER("wolfSSL_CTX_set_quic_method");
-    if (ctx_check_quic_compat(ctx) != WOLFSSL_SUCCESS
-        || check_method_sanity(quic_method) != WOLFSSL_SUCCESS) {
-        return WOLFSSL_FAILURE;
-    }
-    ctx->quic.method = quic_method;
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_set_quic_method(WOLFSSL* ssl,
-                            const WOLFSSL_QUIC_METHOD* quic_method)
-{
-    WOLFSSL_ENTER("wolfSSL_set_quic_method");
-    if (ctx_check_quic_compat(ssl->ctx) != WOLFSSL_SUCCESS
-        || check_method_sanity(quic_method) != WOLFSSL_SUCCESS) {
-        return WOLFSSL_FAILURE;
-    }
-    ssl->quic.method = quic_method;
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_is_quic(WOLFSSL* ssl)
-{
-    return WOLFSSL_IS_QUIC(ssl);
-}
-
-
-WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_read_level(const WOLFSSL* ssl)
-{
-    return ssl->quic.enc_level_read;
-}
-
-
-WOLFSSL_ENCRYPTION_LEVEL wolfSSL_quic_write_level(const WOLFSSL* ssl)
-{
-    return ssl->quic.enc_level_write;
-}
-
-
-int wolfSSL_set_quic_transport_params(WOLFSSL* ssl,
-                                      const uint8_t* params,
-                                      size_t params_len)
-{
-    const QuicTransportParam* tp;
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_set_quic_transport_params");
-
-    if (!params || params_len == 0) {
-        tp = NULL;
-    }
-    else {
-        tp = QuicTransportParam_new(params, params_len, ssl->heap);
-        if (!tp) {
-            ret = WOLFSSL_FAILURE;
-            goto cleanup;
-        }
-    }
-    if (ssl->quic.transport_local)
-        QTP_FREE(ssl->quic.transport_local, ssl->heap);
-    ssl->quic.transport_local = tp;
-
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_set_quic_transport_params", ret);
-    return ret;
-}
-
-
-void wolfSSL_get_peer_quic_transport_params(const WOLFSSL* ssl,
-                                            const uint8_t** out_params,
-                                            size_t* out_params_len)
-{
-    const QuicTransportParam* tp = ssl->quic.transport_peer ?
-        ssl->quic.transport_peer : ssl->quic.transport_peer_draft;
-
-    *out_params = tp ? tp->data : NULL;
-    *out_params_len = tp ? tp->len : 0;
-}
-
-
-int wolfSSL_get_peer_quic_transport_version(const WOLFSSL* ssl)
-{
-    return ssl->quic.transport_peer ?
-        TLSX_KEY_QUIC_TP_PARAMS : (ssl->quic.transport_peer_draft ?
-        TLSX_KEY_QUIC_TP_PARAMS : -1);
-}
-
-
-void wolfSSL_set_quic_use_legacy_codepoint(WOLFSSL* ssl, int use_legacy)
-{
-    ssl->quic.transport_version = use_legacy ? TLSX_KEY_QUIC_TP_PARAMS_DRAFT
-        : TLSX_KEY_QUIC_TP_PARAMS;
-}
-
-void wolfSSL_set_quic_transport_version(WOLFSSL* ssl, int version)
-{
-    if (version == TLSX_KEY_QUIC_TP_PARAMS
-        || version == TLSX_KEY_QUIC_TP_PARAMS_DRAFT
-        || !version) {
-        ssl->quic.transport_version = version;
-    }
-    else {
-        WOLFSSL_MSG("wolfSSL_set_quic_transport_version: invalid version");
-    }
-}
-
-
-int wolfSSL_get_quic_transport_version(const WOLFSSL* ssl)
-{
-    return ssl->quic.transport_version;
-}
-
-
-int wolfSSL_quic_add_transport_extensions(WOLFSSL* ssl, int msg_type)
-{
-    /* RFC 9001, ch. 8.2: "The quic_transport_parameters extension is carried
-     * in the ClientHello and the EncryptedExtensions messages during the
-     * handshake. Endpoints MUST send the quic_transport_parameters extension;"
-     * Which means, at least one. There can be more to signal compatibility to
-     * older/newer versions.
-     */
-    int ret = 0, is_resp = (msg_type == encrypted_extensions);
-
-    if (ssl->quic.transport_local == NULL) {
-        return QUIC_TP_MISSING_E;
-    }
-
-    if (is_resp) {
-        /* server response: time to decide which version to use */
-        if (ssl->quic.transport_peer && ssl->quic.transport_peer_draft) {
-            if (ssl->quic.transport_version == TLSX_KEY_QUIC_TP_PARAMS_DRAFT) {
-                ret = TLSX_QuicTP_Use(ssl,
-                                      TLSX_KEY_QUIC_TP_PARAMS_DRAFT, is_resp);
-                QTP_FREE(ssl->quic.transport_peer, ssl->heap);
-                ssl->quic.transport_peer = NULL;
-            }
-            else {
-                ret = TLSX_QuicTP_Use(ssl, TLSX_KEY_QUIC_TP_PARAMS, is_resp);
-                QTP_FREE(ssl->quic.transport_peer_draft,
-                                        ssl->heap);
-                ssl->quic.transport_peer_draft = NULL;
-            }
-        }
-        else {
-            if (ssl->quic.transport_version == TLSX_KEY_QUIC_TP_PARAMS_DRAFT
-                && ssl->quic.transport_peer_draft) {
-                ret = TLSX_QuicTP_Use(ssl, TLSX_KEY_QUIC_TP_PARAMS_DRAFT,
-                                      is_resp);
-            }
-            else if (ssl->quic.transport_peer) {
-                ret = TLSX_QuicTP_Use(ssl, TLSX_KEY_QUIC_TP_PARAMS, is_resp);
-            }
-            else {
-                /* no match, send none, will let the client fail */
-            }
-        }
-    }
-    else {
-        /* client hello */
-        if (ssl->quic.transport_version == 0) {
-            /* not being set to a particular id, we send both draft+v1 */
-            ret = TLSX_QuicTP_Use(ssl, TLSX_KEY_QUIC_TP_PARAMS, is_resp)
-                || TLSX_QuicTP_Use(ssl, TLSX_KEY_QUIC_TP_PARAMS_DRAFT, is_resp);
-        }
-        else {
-            /* otherwise, send the version configured */
-            ret = TLSX_QuicTP_Use(ssl, (TLSX_Type)ssl->quic.transport_version,
-                                  is_resp);
-        }
-    }
-    return ret;
-}
-
-
-#define QUIC_HS_FLIGHT_LIMIT_DEFAULT      (16*  1024)
-
-size_t wolfSSL_quic_max_handshake_flight_len(const WOLFSSL* ssl,
-                                             WOLFSSL_ENCRYPTION_LEVEL level)
-{
-    switch (level) {
-        case wolfssl_encryption_initial:
-        case wolfssl_encryption_application:
-                return QUIC_HS_FLIGHT_LIMIT_DEFAULT;
-        case wolfssl_encryption_early_data:
-            return 0; /* QUIC does not send at this level */
-        case wolfssl_encryption_handshake:
-            /* during handshake itself, certificates may be exchanged which
-             * exceed our default limit, advise a higher limit one.
-             */
-            if (ssl->options.side == WOLFSSL_SERVER_END) {
-                if (ssl->options.verifyPeer
-                    && MAX_CERTIFICATE_SZ > QUIC_HS_FLIGHT_LIMIT_DEFAULT)
-                    return MAX_CERTIFICATE_SZ;
-            }
-            else {
-                /* clients may receive the server cert chain
-                 */
-                if (2*MAX_CERTIFICATE_SZ > QUIC_HS_FLIGHT_LIMIT_DEFAULT)
-                    return 2*MAX_CERTIFICATE_SZ;
-            }
-            return QUIC_HS_FLIGHT_LIMIT_DEFAULT;
-    }
-    return 0;
-}
-
-
-#ifdef WOLFSSL_EARLY_DATA
-void wolfSSL_set_quic_early_data_enabled(WOLFSSL* ssl, int enabled)
-{
-    /* This only has effect on server and when the handshake has
-     * not started yet.
-     * This function is part of the quictls/openssl API and does
-     * not return any error, sadly. So we just ignore any
-     * unsuccessful use. But we can produce some warnings.
-     */
-    if (!WOLFSSL_IS_QUIC(ssl)) {
-        WOLFSSL_MSG("wolfSSL_set_quic_early_data_enabled: not a QUIC SSL");
-    }
-    else if (ssl->options.handShakeState != NULL_STATE) {
-        WOLFSSL_MSG("wolfSSL_set_quic_early_data_enabled: handshake started");
-    }
-    else {
-        wolfSSL_set_max_early_data(ssl, enabled ? UINT32_MAX : 0);
-    }
-}
-#endif /* WOLFSSL_EARLY_DATA */
-
-int wolfSSL_quic_do_handshake(WOLFSSL* ssl)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_quic_do_handshake");
-
-    if (!wolfSSL_is_quic(ssl)) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_DO_HANDSHAKE not a QUIC SSL");
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    while (ssl->options.handShakeState != HANDSHAKE_DONE) {
-        /* Peculiar: do_handshake() is successful, but the state
-         * indicates that we are not DONE. This seems to happen
-         * when resuming sessions and an EARLY_DATA indicator
-         * is presented by the client.
-         * Theory: wolfSSL expects the APP to read the early data
-         * and silently continues the handshake when the EndOfEarlyData
-         * and the client Finished arrives.
-         * This confuses the QUIC state handling.
-         */
-#ifdef WOLFSSL_EARLY_DATA
-        if (ssl->options.maxEarlyDataSz) {
-            byte tmpbuffer[256];
-            int len;
-
-            if (ssl->options.side == WOLFSSL_CLIENT_END) {
-                if (ssl->options.resuming) {
-                    ret = wolfSSL_write_early_data(ssl, tmpbuffer, 0, &len);
-                }
-            }
-            else {
-                ret = wolfSSL_read_early_data(ssl, tmpbuffer,
-                                              sizeof(tmpbuffer), &len);
-            }
-            if (ret < 0) {
-                goto cleanup;
-            }
-        }
-#endif /* WOLFSSL_EARLY_DATA */
-
-        ret = wolfSSL_SSL_do_handshake_internal(ssl);
-        if (ret <= 0)
-            goto cleanup;
-    }
-
-cleanup:
-    if (ret <= 0
-        && ssl->options.handShakeState == HANDSHAKE_DONE
-        && (ssl->error == WC_NO_ERR_TRACE(ZERO_RETURN) ||
-            ssl->error == WC_NO_ERR_TRACE(WANT_READ)))
-    {
-        ret = WOLFSSL_SUCCESS;
-    }
-    if (ret == WOLFSSL_SUCCESS) {
-        ssl->error = WOLFSSL_ERROR_NONE;
-    }
-    WOLFSSL_LEAVE("wolfSSL_quic_do_handshake", ret);
-    return ret;
-}
-
-int wolfSSL_quic_read_write(WOLFSSL* ssl)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_quic_read_write");
-
-    if (!wolfSSL_is_quic(ssl)) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_READ_WRITE not a QUIC SSL");
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    if (ssl->options.handShakeState != HANDSHAKE_DONE) {
-        ret = wolfSSL_quic_do_handshake(ssl);
-        if (ret != WOLFSSL_SUCCESS)
-            goto cleanup;
-    }
-
-    ret = wolfSSL_process_quic_post_handshake(ssl);
-
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_quic_read_write", ret);
-    return ret;
-}
-
-int wolfSSL_process_quic_post_handshake(WOLFSSL* ssl)
-{
-    int ret = WOLFSSL_SUCCESS, nret;
-
-    WOLFSSL_ENTER("wolfSSL_process_quic_post_handshake");
-
-    if (!wolfSSL_is_quic(ssl)) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_POST_HS not a QUIC SSL");
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    if (ssl->options.handShakeState != HANDSHAKE_DONE) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_POST_HS handshake is not done yet");
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    while (ssl->quic.input_head != NULL
-           || ssl->buffers.inputBuffer.length > 0) {
-        if ((nret = ProcessReply(ssl)) < 0) {
-            ret = nret;
-            break;
-        }
-    }
-    while (ssl->buffers.outputBuffer.length > 0) {
-        SendBuffered(ssl);
-    }
-
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_process_quic_post_handshake", ret);
-    return ret;
-}
-
-
-int wolfSSL_provide_quic_data(WOLFSSL* ssl, WOLFSSL_ENCRYPTION_LEVEL level,
-                              const uint8_t* data, size_t len)
-{
-    int ret = WOLFSSL_SUCCESS;
-    size_t l;
-
-    WOLFSSL_ENTER("wolfSSL_provide_quic_data");
-    if (!wolfSSL_is_quic(ssl)) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_PROVIDE_DATA not a QUIC SSL");
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    if (level < wolfSSL_quic_read_level(ssl)
-        || (ssl->quic.input_tail && level < ssl->quic.input_tail->level)
-        || level < ssl->quic.enc_level_latest_recvd) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_PROVIDE_DATA wrong encryption level");
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    while (len > 0) {
-        if (ssl->quic.scratch) {
-            if (ssl->quic.scratch->level != level) {
-                WOLFSSL_MSG("WOLFSSL_QUIC_PROVIDE_DATA wrong encryption level");
-                ret = WOLFSSL_FAILURE;
-                goto cleanup;
-            }
-
-            ret = quic_record_append(ssl, ssl->quic.scratch, data, len, &l);
-            if (ret != WOLFSSL_SUCCESS) {
-                goto cleanup;
-            }
-            data += l;
-            len -= l;
-            if (quic_record_complete(ssl->quic.scratch)) {
-                if (ssl->quic.input_tail) {
-                    ssl->quic.input_tail->next = ssl->quic.scratch;
-                    ssl->quic.input_tail = ssl->quic.scratch;
-                }
-                else {
-                    ssl->quic.input_head = ssl->quic.input_tail =
-                        ssl->quic.scratch;
-                }
-                ssl->quic.scratch = NULL;
-            }
-        }
-        else {
-            /* start of next record with all bytes for the header */
-            ssl->quic.scratch = quic_record_make(ssl, level, data, len);
-            if (!ssl->quic.scratch) {
-                ret = WOLFSSL_FAILURE;
-                goto cleanup;
-            }
-        }
-    }
-
-    ssl->quic.enc_level_latest_recvd = level;
-
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_provide_quic_data", ret);
-    return ret;
-}
-
-
-/* Called internally when SSL wants a certain amount of input. */
-int wolfSSL_quic_receive(WOLFSSL* ssl, byte* buf, word32 sz)
-{
-    sword32 n = 0;
-    int transferred = 0;
-
-    WOLFSSL_ENTER("wolfSSL_quic_receive");
-    while (sz > 0) {
-        n = 0;
-        if (ssl->quic.input_head) {
-            n = quic_record_transfer(ssl->quic.input_head, buf, sz);
-
-            /* record too small to be fit into a RecordLayerHeader struct. */
-            if (n == -1) {
-                return WOLFSSL_FATAL_ERROR;
-            }
-            if (quic_record_done(ssl->quic.input_head)) {
-                QuicRecord* qr = ssl->quic.input_head;
-                ssl->quic.input_head = qr->next;
-                if (!qr->next) {
-                    ssl->quic.input_tail = NULL;
-                }
-                quic_record_free(ssl, qr);
-            }
-        }
-
-        if (n == 0) {
-            if (transferred > 0) {
-                goto cleanup;
-            }
-            ssl->error = transferred = WANT_READ;
-            goto cleanup;
-        }
-        sz -= (word32)n;
-        buf += n;
-        transferred += (int)n;
-    }
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_quic_receive", transferred);
-    return transferred;
-}
-
-/**
- * We need to forward the HANDSHAKE messages to the QUIC protocol stack
- * via ssl->quic.method->add_handshake_data().
- * The messages in the output buffer are unencrypted TLS records. We need
- * to forward the content of those records.
- */
-static int wolfSSL_quic_send_internal(WOLFSSL* ssl)
-{
-    int ret = 0, aret;
-    size_t len;
-    RecordLayerHeader* rl;
-    word16 rlen;
-    word32 idx, length;
-    byte* output;
-
-    WOLFSSL_ENTER("wolfSSL_quic_send");
-
-    idx = ssl->buffers.outputBuffer.idx;
-    length = ssl->buffers.outputBuffer.length;
-    output = ssl->buffers.outputBuffer.buffer + idx;
-    while (length > 0) {
-        if (ssl->quic.output_rec_remain > 0) {
-            len = ssl->quic.output_rec_remain;
-            if (len > length) {
-                len = length;
-            }
-
-            aret = ssl->quic.method->add_handshake_data(ssl,
-                ssl->quic.output_rec_level, (const uint8_t*)output, len);
-            if (aret != 1) {
-                /* The application has an error. General disaster. */
-                WOLFSSL_MSG("WOLFSSL_QUIC_SEND application failed");
-                ret = FWRITE_ERROR;
-                goto cleanup;
-            }
-            output += len;
-            length -= (word32)len;
-            ssl->quic.output_rec_remain -= (word32)len;
-        }
-        else {
-            /* at start of a TLS Record */
-            rl = (RecordLayerHeader*)output;
-            ato16(rl->length, &rlen);
-            output += RECORD_HEADER_SZ;
-            length -= RECORD_HEADER_SZ;
-            ssl->quic.output_rec_remain = rlen;
-            ssl->quic.output_rec_level = ssl->quic.enc_level_write;
-            if (rl->type == application_data) {
-                if (ssl->options.handShakeState != HANDSHAKE_DONE) {
-                    ssl->quic.output_rec_level = wolfssl_encryption_early_data;
-                }
-                else {
-                    WOLFSSL_MSG("WOLFSSL_QUIC_SEND app data after handshake");
-                    ret = FWRITE_ERROR;
-                    goto cleanup;
-                }
-            }
-        }
-    }
-
-    ssl->buffers.outputBuffer.idx = 0;
-    ssl->buffers.outputBuffer.length = 0;
-
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_quic_send", ret);
-    return ret;
-}
-
-int wolfSSL_quic_send(WOLFSSL* ssl)
-{
-    return wolfSSL_quic_send_internal(ssl);
-}
-
-int wolfSSL_quic_forward_secrets(WOLFSSL* ssl, int ktype, int side)
-{
-    const uint8_t* rx_secret = NULL, *tx_secret = NULL;
-    WOLFSSL_ENCRYPTION_LEVEL level;
-    int ret = 0;
-
-    WOLFSSL_ENTER("wolfSSL_quic_forward_secrets");
-    switch (ktype) {
-        case early_data_key:
-            level = wolfssl_encryption_early_data;
-            break;
-        case handshake_key:
-            level = wolfssl_encryption_handshake;
-            break;
-        case traffic_key:
-            FALL_THROUGH;
-        case update_traffic_key:
-            level = wolfssl_encryption_application;
-            break;
-        case no_key:
-            FALL_THROUGH;
-        default:
-            /* ignore */
-            goto cleanup;
-    }
-
-    if (side == ENCRYPT_AND_DECRYPT_SIDE || side == ENCRYPT_SIDE_ONLY) {
-        tx_secret = (ssl->options.side == WOLFSSL_CLIENT_END) ?
-            ssl->clientSecret : ssl->serverSecret;
-    }
-    if (side == ENCRYPT_AND_DECRYPT_SIDE || side == DECRYPT_SIDE_ONLY) {
-        rx_secret = (ssl->options.side == WOLFSSL_CLIENT_END) ?
-            ssl->serverSecret : ssl->clientSecret;
-    }
-
-    if (!tx_secret && !rx_secret) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_FORWARD_SECRETS neither "
-                    "enc- nor decrypt specified");
-        goto cleanup;
-    }
-
-    if(!ssl->quic.method->set_encryption_secrets(
-        ssl, level, rx_secret, tx_secret, ssl->specs.hash_size)) {
-        WOLFSSL_MSG("WOLFSSL_QUIC_FORWARD_SECRETS failed");
-        ret = WOLFSSL_FATAL_ERROR;
-        goto cleanup;
-    }
-
-    /* Having installed the secrets, any future read/write will happen
-     * at the level. Except early data, which is detected on the record
-     * type and the handshake state. */
-     if (ktype == early_data_key) {
-        goto cleanup;
-     }
-
-     if (tx_secret && ssl->quic.enc_level_write != level) {
-        ssl->quic.enc_level_write_next = level;
-     }
-     if (rx_secret && ssl->quic.enc_level_read != level) {
-        ssl->quic.enc_level_read_next = level;
-     }
-
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_quic_forward_secrets", ret);
-    return ret;
-}
-
-int wolfSSL_quic_keys_active(WOLFSSL* ssl, enum encrypt_side side)
-{
-    int ret = 0;
-
-    WOLFSSL_ENTER("wolfSSL_quic_keys_active");
-    /* Keys derived from recent secrets have been activated */
-    if (side == ENCRYPT_AND_DECRYPT_SIDE || side == ENCRYPT_SIDE_ONLY) {
-        /* If there is data in the output buffers, it was supposed to be
-         * encrypted at the previous level. We need to remember that when
-         * forwarding this data to the QUIC protocol application. */
-        if (ssl->buffers.outputBuffer.length > 0) {
-            ret = wolfSSL_quic_send_internal(ssl);
-            if (ret)
-                goto cleanup;
-        }
-        ssl->quic.enc_level_write = ssl->quic.enc_level_write_next;
-    }
-    if (side == ENCRYPT_AND_DECRYPT_SIDE || side == DECRYPT_SIDE_ONLY) {
-        ssl->quic.enc_level_read = ssl->quic.enc_level_read_next;
-    }
-cleanup:
-    WOLFSSL_LEAVE("wolfSSL_quic_keys_active", ret);
-    return ret;
-}
-
-const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
-{
-    WOLFSSL_CIPHER* cipher = NULL;
-    const WOLFSSL_EVP_CIPHER* evp_cipher = NULL;
-
-    if (ssl == NULL) {
-        return NULL;
-    }
-
-    cipher = wolfSSL_get_current_cipher(ssl);
-
-    if (cipher == NULL) {
-        return NULL;
-    }
-
-    switch (cipher->cipherSuite) {
-#if !defined(NO_AES) && defined(HAVE_AESGCM)
-    #ifdef WOLFSSL_AES_128
-        case TLS_AES_128_GCM_SHA256:
-            evp_cipher = wolfSSL_EVP_aes_128_gcm();
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case TLS_AES_256_GCM_SHA384:
-            evp_cipher = wolfSSL_EVP_aes_256_gcm();
-            break;
-    #endif
-#endif
-#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-        case TLS_CHACHA20_POLY1305_SHA256:
-            evp_cipher = wolfSSL_EVP_chacha20_poly1305();
-            break;
-#endif
-#if !defined(NO_AES) && defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
-        case TLS_AES_128_CCM_SHA256:
-            evp_cipher = wolfSSL_EVP_aes_128_ccm();
-            break;
-        case TLS_AES_128_CCM_8_SHA256:
-            WOLFSSL_MSG("wolfSSL_quic_get_aead: no CCM-8 support in EVP layer");
-            evp_cipher = NULL;
-            break;
-#endif
-
-        default:
-            evp_cipher = NULL;
-            break;
-    }
-
-    if (!evp_cipher) {
-        /* should not happen, as SSL* should not have negotiated it? */
-        WOLFSSL_MSG("wolfSSL_quic_get_aead: current cipher not supported");
-        return NULL;
-    }
-    return evp_cipher;
-}
-
-/* currently only used if HAVE_CHACHA && HAVE_POLY1305. */
-WC_MAYBE_UNUSED static int evp_cipher_eq(const WOLFSSL_EVP_CIPHER* c1,
-                         const WOLFSSL_EVP_CIPHER* c2)
-{
-    /* We could check on nid equality, but we seem to have singulars */
-    return c1 == c2;
-}
-
-const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl)
-{
-    WOLFSSL_CIPHER* cipher = NULL;
-    const WOLFSSL_EVP_CIPHER* evp_cipher = NULL;
-
-    if (ssl == NULL) {
-        return NULL;
-    }
-
-    cipher = wolfSSL_get_current_cipher(ssl);
-
-    if (cipher == NULL) {
-        return NULL;
-    }
-
-    switch (cipher->cipherSuite) {
-#if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_COUNTER)
-        /* This has to be CTR even though the spec says that ECB is used for
-         * mask generation. ngtcp2_crypto_hp_mask uses a hack where they pass
-         * in the "ECB" input as the IV for the CTR cipher and then the input
-         * is just a cleared buffer. They do this so that the EVP
-         * init-update-final cycle can be used without the padding that is added
-         * for EVP_aes_(128|256)_ecb. */
-#if defined(WOLFSSL_AES_128)
-        case TLS_AES_128_GCM_SHA256:
-            evp_cipher = wolfSSL_EVP_aes_128_ctr();
-            break;
-#endif
-#if defined(WOLFSSL_AES_256)
-        case TLS_AES_256_GCM_SHA384:
-            evp_cipher = wolfSSL_EVP_aes_256_ctr();
-            break;
-#endif
-#endif
-#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-        case TLS_CHACHA20_POLY1305_SHA256:
-            evp_cipher = wolfSSL_EVP_chacha20();
-            break;
-#endif
-#if !defined(NO_AES) && defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128) && \
-        defined(WOLFSSL_AES_COUNTER)
-        /* This has to be CTR. See comment above. */
-        case TLS_AES_128_CCM_SHA256:
-            evp_cipher = wolfSSL_EVP_aes_128_ctr();
-            break;
-        case TLS_AES_128_CCM_8_SHA256:
-            WOLFSSL_MSG("wolfSSL_quic_get_hp: no CCM-8 support in EVP layer");
-            evp_cipher = NULL;
-            break;
-#endif
-        default:
-            evp_cipher = NULL;
-            break;
-    }
-
-    if (!evp_cipher) {
-        /* should not happen, as SSL* should not have negotiated it? */
-        WOLFSSL_MSG("wolfSSL_quic_get_hp: current cipher not supported");
-        return NULL;
-    }
-    return evp_cipher;
-}
-
-size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)
-{
-    size_t ret;
-#ifdef WOLFSSL_SMALL_STACK
-    WOLFSSL_EVP_CIPHER_CTX *ctx = wolfSSL_EVP_CIPHER_CTX_new();
-    if (ctx == NULL)
-        return 0;
-#else
-    WOLFSSL_EVP_CIPHER_CTX ctx[1];
-#endif
-
-    XMEMSET(ctx, 0, sizeof(*ctx));
-    if (wolfSSL_EVP_CipherInit(ctx, aead_cipher, NULL, NULL, 0)
-        == WOLFSSL_SUCCESS) {
-        ret = (size_t)ctx->authTagSz;
-    } else {
-        ret = 0;
-    }
-
-    (void)wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
-    WC_FREE_VAR_EX(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-int wolfSSL_quic_aead_is_gcm(const WOLFSSL_EVP_CIPHER* aead_cipher)
-{
-    return WOLFSSL_EVP_CIPHER_mode(aead_cipher) == WOLFSSL_EVP_CIPH_GCM_MODE;
-}
-
-int wolfSSL_quic_aead_is_ccm(const WOLFSSL_EVP_CIPHER* aead_cipher)
-{
-    return WOLFSSL_EVP_CIPHER_mode(aead_cipher) == WOLFSSL_EVP_CIPH_CCM_MODE;
-}
-
-int wolfSSL_quic_aead_is_chacha20(const WOLFSSL_EVP_CIPHER* aead_cipher)
-{
-#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-    return evp_cipher_eq(aead_cipher, wolfSSL_EVP_chacha20_poly1305());
-#else
-    (void)aead_cipher;
-    return 0;
-#endif
-}
-
-const WOLFSSL_EVP_MD* wolfSSL_quic_get_md(WOLFSSL* ssl)
-{
-    /* a copy from the handshake md setup */
-    switch(ssl->specs.mac_algorithm) {
-        case no_mac:
-    #ifndef NO_MD5
-        case md5_mac:
-            return wolfSSL_EVP_md5();
-    #endif
-    #ifndef NO_SHA
-        case sha_mac:
-            return wolfSSL_EVP_sha1();
-    #endif
-    #ifdef WOLFSSL_SHA224
-        case sha224_mac:
-            return wolfSSL_EVP_sha224();
-    #endif
-        case sha256_mac:
-            return wolfSSL_EVP_sha256();
-    #ifdef WOLFSSL_SHA384
-        case sha384_mac:
-            return wolfSSL_EVP_sha384();
-    #endif
-    #ifdef WOLFSSL_SHA512
-        case sha512_mac:
-            return wolfSSL_EVP_sha512();
-    #endif
-        case rmd_mac:
-        case blake2b_mac:
-            WOLFSSL_MSG("no suitable EVP_MD");
-            return NULL;
-        default:
-            WOLFSSL_MSG("Unknown mac algorithm");
-            return NULL;
-    }
-}
-
-#ifdef OPENSSL_EXTRA
-
-int wolfSSL_quic_hkdf_extract(uint8_t* dest, const WOLFSSL_EVP_MD* md,
-                              const uint8_t* secret, size_t secretlen,
-                              const uint8_t* salt, size_t saltlen)
-{
-    WOLFSSL_EVP_PKEY_CTX* pctx = NULL;
-    size_t destlen = (size_t)wolfSSL_EVP_MD_size(md);
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_quic_hkdf_extract");
-
-    pctx = wolfSSL_EVP_PKEY_CTX_new_id(WC_NID_hkdf, NULL);
-    if (pctx == NULL) {
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    if (wolfSSL_EVP_PKEY_derive_init(pctx) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_hkdf_mode(
-                pctx, WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set_hkdf_md(pctx, md) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(
-                pctx, (byte*)salt, (int)saltlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(
-                pctx, (byte*)secret, (int)secretlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_derive(pctx, dest, &destlen) != WOLFSSL_SUCCESS) {
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-cleanup:
-    if (pctx)
-        wolfSSL_EVP_PKEY_CTX_free(pctx);
-    WOLFSSL_LEAVE("wolfSSL_quic_hkdf_extract", ret);
-    return ret;
-}
-
-
-int wolfSSL_quic_hkdf_expand(uint8_t* dest, size_t destlen,
-                             const WOLFSSL_EVP_MD* md,
-                             const uint8_t* secret, size_t secretlen,
-                             const uint8_t* info, size_t infolen)
-{
-    WOLFSSL_EVP_PKEY_CTX* pctx = NULL;
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_quic_hkdf_expand");
-
-    pctx = wolfSSL_EVP_PKEY_CTX_new_id(WC_NID_hkdf, NULL);
-    if (pctx == NULL) {
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    if (wolfSSL_EVP_PKEY_derive_init(pctx) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_hkdf_mode(
-                pctx, WOLFSSL_EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set_hkdf_md(pctx, md) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(
-                pctx, (byte*)"", 0) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(
-                pctx, (byte*)secret, (int)secretlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(
-                pctx, (byte*)info, (int)infolen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_derive(pctx, dest, &destlen) != WOLFSSL_SUCCESS) {
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-cleanup:
-    if (pctx)
-        wolfSSL_EVP_PKEY_CTX_free(pctx);
-    WOLFSSL_LEAVE("wolfSSL_quic_hkdf_expand", ret);
-    return ret;
-}
-
-
-int wolfSSL_quic_hkdf(uint8_t* dest, size_t destlen,
-                      const WOLFSSL_EVP_MD* md,
-                      const uint8_t* secret, size_t secretlen,
-                      const uint8_t* salt, size_t saltlen,
-                      const uint8_t* info, size_t infolen)
-{
-    WOLFSSL_EVP_PKEY_CTX* pctx = NULL;
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_quic_hkdf");
-
-    pctx = wolfSSL_EVP_PKEY_CTX_new_id(WC_NID_hkdf, NULL);
-    if (pctx == NULL) {
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-    if (wolfSSL_EVP_PKEY_derive_init(pctx) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_hkdf_mode(
-                pctx, WOLFSSL_EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set_hkdf_md(pctx, md) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(
-                pctx, (byte*)salt, (int)saltlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(
-                pctx, (byte*)secret, (int)secretlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(
-                pctx, (byte*)info, (int)infolen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_PKEY_derive(pctx, dest, &destlen) != WOLFSSL_SUCCESS) {
-        ret = WOLFSSL_FAILURE;
-        goto cleanup;
-    }
-
-cleanup:
-    if (pctx)
-        wolfSSL_EVP_PKEY_CTX_free(pctx);
-    WOLFSSL_LEAVE("wolfSSL_quic_hkdf", ret);
-    return ret;
-}
-
-#endif /* OPENSSL_EXTRA */
-
-
-WOLFSSL_EVP_CIPHER_CTX* wolfSSL_quic_crypt_new(const WOLFSSL_EVP_CIPHER* cipher,
-                                               const uint8_t* key,
-                                               const uint8_t* iv,
-                                               int encrypt)
-{
-    WOLFSSL_EVP_CIPHER_CTX* ctx;
-
-    ctx = wolfSSL_EVP_CIPHER_CTX_new();
-    if (ctx == NULL) {
-        return NULL;
-    }
-
-    if (wolfSSL_EVP_CipherInit(ctx, cipher, key, iv, encrypt)
-            != WOLFSSL_SUCCESS) {
-        wolfSSL_EVP_CIPHER_CTX_free(ctx);
-        return NULL;
-    }
-
-    return ctx;
-}
-
-
-int wolfSSL_quic_aead_encrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx,
-                              const uint8_t* plain, size_t plainlen,
-                              const uint8_t* iv, const uint8_t* aad,
-                              size_t aadlen)
-{
-    int len;
-
-    /* A case can be made if this really should be a function in wolfSSL, since
-     * the same should be doable from the API by a QUIC protocol stack.
-     * What speaks for this:
-     * - it gives us a decent testing point
-     * - API users do not have to re-invent (it fits into ngtcp2 use).
-     *   picotls offers a similar abstraction level for AEAD.
-     * TODO: there is some fiddling in OpenSSL+quic in regard to CCM ciphers
-     *       which we need to check.
-     */
-    if (wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CipherUpdate(
-                ctx, NULL, &len, aad, (int)aadlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CipherUpdate(
-                ctx, dest, &len, plain, (int)plainlen) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CipherFinal(ctx, dest + len, &len) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CIPHER_CTX_ctrl(
-                ctx, WOLFSSL_EVP_CTRL_AEAD_GET_TAG, ctx->authTagSz, dest + plainlen)
-           != WOLFSSL_SUCCESS) {
-        return WOLFSSL_FAILURE;
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_quic_aead_decrypt(uint8_t* dest, WOLFSSL_EVP_CIPHER_CTX* ctx,
-                              const uint8_t* enc, size_t enclen,
-                              const uint8_t* iv, const uint8_t* aad,
-                              size_t aadlen)
-{
-    int len;
-    const uint8_t* tag;
-
-    /* See rationale for wolfSSL_quic_aead_encrypt() on why this is here */
-    if (enclen > INT_MAX || ctx->authTagSz > (int)enclen) {
-        return WOLFSSL_FAILURE;
-    }
-
-    enclen -= (size_t)ctx->authTagSz;
-    tag = enc + enclen;
-
-    if (wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 0) != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CIPHER_CTX_ctrl(
-                ctx, WOLFSSL_EVP_CTRL_AEAD_SET_TAG, ctx->authTagSz, (uint8_t*)tag)
-            != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CipherUpdate(ctx, NULL, &len, aad, (int)aadlen)
-            != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CipherUpdate(ctx, dest, &len, enc, (int)enclen)
-            != WOLFSSL_SUCCESS
-        || wolfSSL_EVP_CipherFinal(ctx, dest, &len) != WOLFSSL_SUCCESS) {
-        return WOLFSSL_FAILURE;
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-#endif /* WOLFSSL_QUIC */
-#endif /* WOLFCRYPT_ONLY */
-
diff --git a/src/ssl/wolfssl/sniffer.c b/src/ssl/wolfssl/sniffer.c
deleted file mode 100644
index 6854d5800..000000000
--- a/src/ssl/wolfssl/sniffer.c
+++ /dev/null
@@ -1,7750 +0,0 @@
-/* sniffer.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    #include <wolfssl/wolfcrypt/async.h>
-#endif
-
-/* Build Options:
- * WOLFSSL_SNIFFER_NO_RECOVERY: Do not track missed data count.
- * SNIFFER_SINGLE_SESSION_CACHE: Do not cache more than one session.
- */
-
-
-/* xctime */
-#ifndef XCTIME
-   #define XCTIME ctime
-#endif
-
-/* only in this file, to avoid confusing future ports leave
- * these defines here. Do not move to wc_port.h */
-#ifdef USER_CUSTOM_SNIFFX
-    /* To be implemented in user_settings.h */
-#elif defined(FUSION_RTOS)
-    #include <fcl_network.h>
-    #define XINET_NTOA FNS_INET_NTOA
-    #define XINET_ATON FNS_INET_ATON
-    #define XINET_PTON(a,b,c,d) FNS_INET_PTON((a),(b),(c),(d),NULL)
-    #define XINET_NTOP(a,b,c,d) FNS_INET_NTOP((a),(b),(c),(d),NULL)
-    #define XINET_ADDR FNS_INET_ADDR
-    #define XHTONS FNS_HTONS
-    #define XNTOHS FNS_NTOHS
-    #define XHTONL FNS_HTONL
-    #define XNTOHL FNS_NTOHL
-    #define XINADDR_NONE FNS_INADDR_NONE
-#else
-    /* default */
-    #define XINET_NTOA inet_ntoa
-    #define XINET_ATON inet_aton
-    #define XINET_PTON(a,b,c) inet_pton((a),(b),(c))
-    #define XINET_NTOP inet_ntop
-    #define XINET_ADDR inet_addr
-    #define XHTONS htons
-    #define XNTOHS ntohs
-    #define XHTONL htonl
-    #define XNTOHL ntohl
-    #define XINADDR_NONE INADDR_NONE
-#endif
-
-#if !defined(WOLFCRYPT_ONLY) && !defined(NO_FILESYSTEM)
-#ifdef WOLFSSL_SNIFFER
-
-#include <time.h>
-
-#ifdef FUSION_RTOS
-    #include <fns_inet.h>
-    #ifdef TCP_PROTOCOL
-        #undef TCP_PROTOCOL
-    #endif
-#else
-    #ifndef _WIN32
-        #include <arpa/inet.h>
-    #else
-        #include <ws2tcpip.h>
-    #endif
-#endif
-
-#ifdef _WIN32
-    #define SNPRINTF _snprintf
-#else
-    #define SNPRINTF snprintf
-#endif
-
-#include <wolfssl/internal.h>
-#include <wolfssl/error-ssl.h>
-#include <wolfssl/sniffer.h>
-#include <wolfssl/sniffer_error.h>
-
-#ifndef NO_RSA
-    #include <wolfssl/wolfcrypt/rsa.h>
-#endif
-#ifndef NO_DH
-    #include <wolfssl/wolfcrypt/dh.h>
-#endif
-#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
-    #include <wolfssl/wolfcrypt/ecc.h>
-#endif
-#ifdef HAVE_CURVE25519
-    #include <wolfssl/wolfcrypt/curve25519.h>
-#endif
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-    #ifdef HAVE_INTEL_QA_SYNC
-        #include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
-    #endif
-    #ifdef HAVE_CAVIUM_OCTEON_SYNC
-        #include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
-    #endif
-#endif
-
-#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
-
-#ifndef WOLFSSL_SNIFFER_TIMEOUT
-    #define WOLFSSL_SNIFFER_TIMEOUT 900
-    /* Cache unclosed Sessions for 15 minutes since last used */
-#endif
-
-/* Misc constants */
-enum {
-    MAX_SERVER_ADDRESS = 128, /* maximum server address length */
-    MAX_SERVER_NAME    = 128, /* maximum server name length */
-    MAX_ERROR_LEN      = 80,  /* maximum error length */
-    ETHER_IF_ADDR_LEN  = 6,   /* ethernet interface address length */
-    LOCAL_IF_ADDR_LEN  = 4,   /* localhost interface address length, !windows */
-    TCP_PROTO          = 6,   /* TCP_PROTOCOL */
-    IP_HDR_SZ          = 20,  /* IPv4 header length, min */
-    IP6_HDR_SZ         = 40,  /* IPv6 header length, min */
-    TCP_HDR_SZ         = 20,  /* TCP header length, min */
-    IPV4               = 4,   /* IP version 4 */
-    IPV6               = 6,   /* IP version 6 */
-    TCP_PROTOCOL       = 6,   /* TCP Protocol id */
-    NO_NEXT_HEADER     = 59,  /* IPv6 no headers follow */
-    TRACE_MSG_SZ       = 80,  /* Trace Message buffer size */
-    HASH_SIZE          = 499, /* Session Hash Table Rows */
-    PSEUDO_HDR_SZ      = 12,  /* TCP Pseudo Header size in bytes */
-    STREAM_INFO_SZ     = 44,  /* SnifferStreamInfo size in bytes */
-    FATAL_ERROR_STATE  = 1,   /* SnifferSession fatal error state */
-    TICKET_HINT_LEN    = 4,   /* Session Ticket Hint length */
-    TICKET_HINT_AGE_LEN= 4,   /* Session Ticket Age add length */
-    EXT_TYPE_SZ        = 2,   /* Extension type length */
-    MAX_INPUT_SZ       = MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA +
-                         MTU_EXTRA,  /* Max input sz of reassembly */
-
-    /* TLS Extensions */
-    EXT_SERVER_NAME                = 0x0000, /* a.k.a. SNI  */
-    EXT_MAX_FRAGMENT_LENGTH        = 0x0001,
-    EXT_TRUSTED_CA_KEYS            = 0x0003,
-    EXT_TRUNCATED_HMAC             = 0x0004,
-    EXT_STATUS_REQUEST             = 0x0005, /* a.k.a. OCSP stapling   */
-    EXT_SUPPORTED_GROUPS           = 0x000a, /* a.k.a. Supported Curves */
-    EXT_EC_POINT_FORMATS           = 0x000b,
-    EXT_SIGNATURE_ALGORITHMS       = 0x000d,
-    EXT_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
-    EXT_STATUS_REQUEST_V2          = 0x0011, /* a.k.a. OCSP stapling v2 */
-    EXT_ENCRYPT_THEN_MAC           = 0x0016, /* RFC 7366 */
-    EXT_MASTER_SECRET              = 0x0017, /* Extended Master Secret Extension ID */
-    EXT_TICKET_ID                  = 0x0023, /* Session Ticket Extension ID */
-    EXT_PRE_SHARED_KEY             = 0x0029,
-    EXT_EARLY_DATA                 = 0x002a,
-    EXT_SUPPORTED_VERSIONS         = 0x002b,
-    EXT_COOKIE                     = 0x002c,
-    EXT_PSK_KEY_EXCHANGE_MODES     = 0x002d,
-    EXT_POST_HANDSHAKE_AUTH        = 0x0031,
-    EXT_SIGNATURE_ALGORITHMS_CERT  = 0x0032,
-    EXT_KEY_SHARE                  = 0x0033,
-    EXT_RENEGOTIATION_INFO         = 0xff01
-};
-
-
-#ifdef _WIN32
-
-static HMODULE dllModule;  /* for error string resources */
-
-BOOL APIENTRY DllMain( HMODULE hModule,
-                       DWORD  ul_reason_for_call,
-                       LPVOID lpReserved
-                     )
-{
-    static int didInit = 0;
-
-    switch (ul_reason_for_call)
-    {
-    case DLL_PROCESS_ATTACH:
-        if (didInit == 0) {
-            dllModule = hModule;
-            ssl_InitSniffer();
-            didInit = 1;
-        }
-        break;
-    case DLL_THREAD_ATTACH:
-        break;
-    case DLL_THREAD_DETACH:
-        break;
-    case DLL_PROCESS_DETACH:
-        if (didInit) {
-            ssl_FreeSniffer();
-            didInit = 0;
-        }
-        break;
-    }
-    return TRUE;
-}
-
-#endif /* _WIN32 */
-
-
-static WC_THREADSHARED int TraceOn = 0;         /* Trace is off by default */
-static WC_THREADSHARED XFILE TraceFile = 0;
-
-
-/* windows uses .rc table for this */
-#ifndef _WIN32
-
-static const char* const msgTable[] =
-{
-    /* 1 */
-    "Out of Memory",
-    "New SSL Sniffer Server Registered",
-    "Checking IP Header",
-    "SSL Sniffer Server Not Registered",
-    "Checking TCP Header",
-
-    /* 6 */
-    "SSL Sniffer Server Port Not Registered",
-    "RSA Private Decrypt Error",
-    "RSA Private Decode Error",
-    "Set Cipher Spec Error",
-    "Server Hello Input Malformed",
-
-    /* 11 */
-    "Couldn't Resume Session Error",
-    "Server Did Resumption",
-    "Client Hello Input Malformed",
-    "Client Trying to Resume",
-    "Handshake Input Malformed",
-
-    /* 16 */
-    "Got Hello Verify msg",
-    "Got Server Hello msg",
-    "Got Cert Request msg",
-    "Got Server Key Exchange msg",
-    "Got Cert msg",
-
-    /* 21 */
-    "Got Server Hello Done msg",
-    "Got Finished msg",
-    "Got Client Hello msg",
-    "Got Client Key Exchange msg",
-    "Got Cert Verify msg",
-
-    /* 26 */
-    "Got Unknown Handshake msg",
-    "New SSL Sniffer Session created",
-    "Couldn't create new SSL",
-    "Got a Packet to decode",
-    "No data present",
-
-    /* 31 */
-    "Session Not Found",
-    "Got an Old Client Hello msg",
-    "Old Client Hello Input Malformed",
-    "Old Client Hello OK",
-    "Bad Old Client Hello",
-
-    /* 36 */
-    "Bad Record Header",
-    "Record Header Input Malformed",
-    "Got a HandShake msg",
-    "Bad HandShake msg",
-    "Got a Change Cipher Spec msg",
-
-    /* 41 */
-    "Got Application Data msg",
-    "Bad Application Data",
-    "Got an Alert msg",
-    "Another msg to Process",
-    "Removing Session From Table",
-
-    /* 46 */
-    "Bad Key File",
-    "Wrong IP Version",
-    "Wrong Protocol type",
-    "Packet Short for header processing",
-    "Got Unknown Record Type",
-
-    /* 51 */
-    "Can't Open Trace File",
-    "Session in Fatal Error State",
-    "Partial SSL record received",
-    "Buffer Error, malformed input",
-    "Added to Partial Input",
-
-    /* 56 */
-    "Received a Duplicate Packet",
-    "Received an Out of Order Packet",
-    "Received an Overlap Duplicate Packet",
-    "Received an Overlap Reassembly Begin Duplicate Packet",
-    "Received an Overlap Reassembly End Duplicate Packet",
-
-    /* 61 */
-    "Missed the Client Hello Entirely",
-    "Got Hello Request msg",
-    "Got Session Ticket msg",
-    "Bad Input",
-    "Bad Decrypt Type",
-
-    /* 66 */
-    "Bad Finished Message Processing",
-    "Bad Compression Type",
-    "Bad DeriveKeys Error",
-    "Saw ACK for Missing Packet Error",
-    "Bad Decrypt Operation",
-
-    /* 71 */
-    "Decrypt Keys Not Set Up",
-    "Late Key Load Error",
-    "Got Certificate Status msg",
-    "RSA Key Missing Error",
-    "Secure Renegotiation Not Supported",
-
-    /* 76 */
-    "Get Session Stats Failure",
-    "Reassembly Buffer Size Exceeded",
-    "Dropping Lost Fragment",
-    "Dropping Partial Record",
-    "Clear ACK Fault",
-
-    /* 81 */
-    "Bad Decrypt Size",
-    "Extended Master Secret Hash Error",
-    "Handshake Message Split Across TLS Records",
-    "ECC Private Decode Error",
-    "ECC Public Decode Error",
-
-    /* 86 */
-    "Watch callback not set",
-    "Watch hash failed",
-    "Watch callback failed",
-    "Bad Certificate Message",
-    "Store data callback not set",
-
-    /* 91 */
-    "No data destination Error",
-    "Store data callback failed",
-    "Loading chain input",
-    "Got encrypted extension",
-    "Got Hello Retry Request",
-
-    /* 96 */
-    "Setting up keys",
-    "Unsupported TLS Version",
-    "Server Client Key Mismatch",
-
-    /* 99 */
-    "Invalid or missing keylog file",
-};
-
-
-/* *nix version uses table above */
-static void GetError(int idx, char* str)
-{
-    if (str == NULL ||
-            idx <= 0 || idx > (int)(sizeof(msgTable)/sizeof(const char* const)))
-        return;
-    XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN-1);
-    str[MAX_ERROR_LEN-1] = '\0';
-}
-
-
-#else /* _WIN32 */
-
-
-/* Windows version uses .rc table */
-static void GetError(int idx, char* buffer)
-{
-    if (buffer == NULL)
-        return;
-    if (!LoadStringA(dllModule, idx, buffer, MAX_ERROR_LEN))
-        buffer[0] = 0;
-}
-
-
-#endif /* _WIN32 */
-
-
-/* Packet Buffer for reassembly list and ready list */
-typedef struct PacketBuffer {
-    word32  begin;      /* relative sequence begin */
-    word32  end;        /* relative sequence end   */
-    byte*   data;       /* actual data             */
-    struct PacketBuffer* next; /* next on reassembly list or ready list */
-} PacketBuffer;
-
-
-#ifdef HAVE_SNI
-
-/* NamedKey maps a SNI name to a specific private key */
-typedef struct NamedKey {
-    char             name[MAX_SERVER_NAME];      /* server DNS name */
-    word32           nameSz;                     /* size of server DNS name */
-    byte*            key;                        /* DER private key */
-    word32           keySz;                      /* size of DER private key */
-    int              isEphemeralKey;
-    struct NamedKey* next;                       /* for list */
-} NamedKey;
-
-#endif
-
-/* Sniffer Server holds info for each server/port monitored */
-typedef struct SnifferServer {
-    WOLFSSL_CTX*   ctx;                          /* SSL context */
-    char           address[MAX_SERVER_ADDRESS];  /* passed in server address */
-    IpAddrInfo     server;                       /* network order address */
-    int            port;                         /* server port */
-#ifdef HAVE_SNI
-    NamedKey*      namedKeys;                    /* mapping of names and keys */
-    wolfSSL_Mutex  namedKeysMutex;               /* mutex for namedKey list */
-#endif
-#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-    byte           useKeyLogFile; /* True if session secrets are coming from a
-                                     keylog file */
-#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
-
-    struct SnifferServer* next;                  /* for list */
-} SnifferServer;
-
-/* Session Flags */
-typedef struct Flags {
-    byte           side;            /* which end is current packet headed */
-    byte           serverCipherOn;  /* indicates whether cipher is active */
-    byte           clientCipherOn;  /* indicates whether cipher is active */
-    byte           resuming;        /* did this session come from resumption */
-    byte           clientHello;     /* processed client hello yet, for SSLv2 */
-    byte           finCount;        /* get both FINs before removing */
-    byte           fatalError;      /* fatal error state */
-    byte           cliAckFault;     /* client acked unseen data from server */
-    byte           srvAckFault;     /* server acked unseen data from client */
-    byte           cliSkipPartial;  /* client skips partial data to catch up */
-    byte           srvSkipPartial;  /* server skips partial data to catch up */
-#ifdef HAVE_EXTENDED_MASTER
-    byte           expectEms;       /* expect extended master secret */
-#endif
-    byte           gotFinished;     /* processed finished */
-    byte           secRenegEn;      /* secure renegotiation enabled */
-#ifdef WOLFSSL_ASYNC_CRYPT
-    byte           wasPolled;
-#endif
-#ifdef SNIFFER_SINGLE_SESSION_CACHE
-    byte           cached;          /* have we cached this session yet */
-#endif
-} Flags;
-
-
-/* Out of Order FIN capture */
-typedef struct FinCapture {
-    word32 cliFinSeq;               /* client relative sequence FIN  0 is no */
-    word32 srvFinSeq;               /* server relative sequence FIN, 0 is no */
-    byte   cliCounted;              /* did we count yet, detects duplicates */
-    byte   srvCounted;              /* did we count yet, detects duplicates */
-} FinCapture;
-
-
-typedef struct HsHashes {
-#ifndef NO_OLD_TLS
-#ifndef NO_SHA
-    wc_Sha hashSha;
-#endif
-#ifndef NO_MD5
-    wc_Md5 hashMd5;
-#endif
-#endif /* !NO_OLD_TLS */
-#ifndef NO_SHA256
-    wc_Sha256 hashSha256;
-#endif
-#ifdef WOLFSSL_SHA384
-    wc_Sha384 hashSha384;
-#endif
-} HsHashes;
-
-typedef struct KeyShareInfo {
-    word16      named_group;
-    int         key_len;
-    const byte* key;
-
-    /* additional info */
-    int         dh_key_bits;
-    int         curve_id;
-} KeyShareInfo;
-
-/* Sniffer Session holds info for each client/server SSL/TLS session */
-typedef struct SnifferSession {
-    SnifferServer* context;         /* server context */
-    WOLFSSL*       sslServer;       /* SSL server side decode */
-    WOLFSSL*       sslClient;       /* SSL client side decode */
-    IpAddrInfo     server;          /* server address in network byte order */
-    IpAddrInfo     client;          /* client address in network byte order */
-    word16         srvPort;         /* server port */
-    word16         cliPort;         /* client port */
-    word32         cliSeqStart;     /* client start sequence */
-    word32         srvSeqStart;     /* server start sequence */
-    word32         cliSeqLast;      /* client last sequence */
-    word32         srvSeqLast;      /* server last sequence */
-    word32         cliExpected;     /* client expected sequence (relative) */
-    word32         srvExpected;     /* server expected sequence (relative) */
-    FinCapture     finCapture;      /* retain out of order FIN s */
-    Flags          flags;           /* session flags */
-    time_t         lastUsed;        /* last used ticks */
-    word32         keySz;           /* size of the private key */
-    PacketBuffer*  cliReassemblyList; /* client out of order packets */
-    PacketBuffer*  srvReassemblyList; /* server out of order packets */
-    word32         cliReassemblyMemory; /* client packet memory used */
-    word32         srvReassemblyMemory; /* server packet memory used */
-    struct SnifferSession* next;    /* for hash table list */
-    byte*          ticketID;        /* mac ID of session ticket */
-#ifdef HAVE_MAX_FRAGMENT
-    byte*          tlsFragBuf;
-    word32         tlsFragOffset;
-    word32         tlsFragSize;
-#endif
-#ifdef HAVE_SNI
-    const char*    sni;             /* server name indication */
-#endif
-#ifdef HAVE_EXTENDED_MASTER
-    HsHashes*      hash;
-#endif
-#ifdef WOLFSSL_TLS13
-    byte*          cliKeyShare;
-    word32         cliKeyShareSz;
-    KeyShareInfo   srvKs;
-    KeyShareInfo   cliKs;
-#endif
-#ifdef WOLFSSL_ASYNC_CRYPT
-    void*          userCtx;
-    word32         pendSeq; /* when WC_PENDING_E is returned capture sequence */
-#endif
-    int            error;   /* store the last set error number */
-    byte           verboseErr; /* Last set error is helpful and should
-                                *  not be overwritten by FATAL_ERROR_STATE */
-} SnifferSession;
-
-
-/* Sniffer Server List and mutex */
-static THREAD_LS_T SnifferServer* ServerList = NULL;
-#ifndef HAVE_C___ATOMIC
-static WC_THREADSHARED wolfSSL_Mutex ServerListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(ServerListMutex);
-#endif
-
-/* Session Hash Table, mutex, and count */
-static THREAD_LS_T SnifferSession* SessionTable[HASH_SIZE];
-#ifndef HAVE_C___ATOMIC
-static WC_THREADSHARED wolfSSL_Mutex SessionMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(SessionMutex);
-#endif
-static THREAD_LS_T int SessionCount = 0;
-
-static WC_THREADSHARED int RecoveryEnabled    = 0;  /* global switch */
-static WC_THREADSHARED int MaxRecoveryMemory  = -1;
-                                           /* per session max recovery memory */
-#ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-/* Recovery of missed data switches and stats */
-static WC_THREADSHARED wolfSSL_Mutex RecoveryMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(RecoveryMutex); /* for stats */
-/* # of sessions with missed data */
-static WC_THREADSHARED word32 MissedDataSessions = 0;
-#endif
-
-/* Connection Info Callback */
-static WC_THREADSHARED SSLConnCb ConnectionCb;
-static WC_THREADSHARED void*     ConnectionCbCtx = NULL;
-
-#ifdef WOLFSSL_SNIFFER_STATS
-/* Sessions Statistics */
-static WC_THREADSHARED SSLStats SnifferStats;
-static WC_THREADSHARED wolfSSL_Mutex StatsMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(StatsMutex);
-#endif
-
-#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
-static WC_THREADSHARED SSLKeyCb KeyCb;
-static WC_THREADSHARED void*    KeyCbCtx = NULL;
-#endif
-
-#ifdef WOLFSSL_SNIFFER_WATCH
-/* Watch Key Callback */
-static WC_THREADSHARED SSLWatchCb WatchCb;
-static WC_THREADSHARED void*      WatchCbCtx = NULL;
-#endif
-
-#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB
-/* Store Data Callback */
-static WC_THREADSHARED SSLStoreDataCb StoreDataCb;
-#endif
-
-
-#ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-static void UpdateMissedDataSessions(void)
-{
-    wc_LockMutex(&RecoveryMutex);
-    MissedDataSessions += 1;
-    wc_UnLockMutex(&RecoveryMutex);
-}
-#endif
-
-#ifdef WOLFSSL_SNIFFER_STATS
-    #ifdef HAVE_C___ATOMIC
-        #define LOCK_STAT() WC_DO_NOTHING
-        #define UNLOCK_STAT() WC_DO_NOTHING
-        #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); \
-            __atomic_fetch_add(&x, y, __ATOMIC_RELAXED); })
-    #else
-        #define LOCK_STAT() wc_LockMutex(&StatsMutex)
-        #define UNLOCK_STAT() wc_UnLockMutex(&StatsMutex)
-        #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); x += y; })
-    #endif
-    #define NOLOCK_INC_STAT(x) NOLOCK_ADD_TO_STAT(x,1)
-    #define ADD_TO_STAT(x,y) do { LOCK_STAT(); \
-        NOLOCK_ADD_TO_STAT(x,y); UNLOCK_STAT(); } while (0)
-    #define INC_STAT(x) do { LOCK_STAT(); \
-        NOLOCK_INC_STAT(x); UNLOCK_STAT(); } while (0)
-#endif /* WOLFSSL_SNIFFER_STATS */
-
-#ifdef HAVE_C___ATOMIC
-    #define LOCK_SESSION() WC_DO_NOTHING
-    #define UNLOCK_SESSION() WC_DO_NOTHING
-    #define LOCK_SERVER_LIST() WC_DO_NOTHING
-    #define UNLOCK_SERVER_LIST() WC_DO_NOTHING
-#else
-    #define LOCK_SESSION() wc_LockMutex(&SessionMutex)
-    #define UNLOCK_SESSION() wc_UnLockMutex(&SessionMutex)
-    #define LOCK_SERVER_LIST() wc_LockMutex(&ServerListMutex)
-    #define UNLOCK_SERVER_LIST() wc_UnLockMutex(&ServerListMutex)
-#endif
-
-
-#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
-    static WC_THREADSHARED int CryptoDeviceId = INVALID_DEVID;
-#endif
-
-#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-static int addSecretNode(unsigned char* clientRandom,
-                         int type,
-                         unsigned char* masterSecret,
-                         char* error);
-static void hexToBin(const char* hex, unsigned char* bin, int binLength);
-static int parseKeyLogFile(const char* fileName, char* error);
-static unsigned char* findSecret(unsigned char* clientRandom, int type);
-static void freeSecretList(void);
-static int snifferSecretCb(unsigned char* client_random,
-                           int type,
-                           unsigned char* output_secret);
-static void setSnifferSecretCb(SnifferSession* session);
-static int addKeyLogSnifferServerHelper(const char* address,
-                                        int port,
-                                        char* error);
-#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
-
-
-/* Initialize overall Sniffer */
-void ssl_InitSniffer_ex(int devId)
-{
-    wolfSSL_Init();
-#ifndef WOLFSSL_MUTEX_INITIALIZER
-#ifndef HAVE_C___ATOMIC
-    wc_InitMutex(&ServerListMutex);
-    wc_InitMutex(&SessionMutex);
-#endif
-#ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-    wc_InitMutex(&RecoveryMutex);
-#endif
-#ifdef WOLFSSL_SNIFFER_STATS
-    XMEMSET(&SnifferStats, 0, sizeof(SSLStats));
-    wc_InitMutex(&StatsMutex);
-#endif
-#endif /* !WOLFSSL_MUTEX_INITIALIZER */
-
-#ifdef WOLFSSL_SNIFFER_STATS
-    XMEMSET(&SnifferStats, 0, sizeof(SSLStats));
-#endif
-#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
-    CryptoDeviceId = devId;
-#endif
-    (void)devId;
-}
-
-static int GetDevId(void)
-{
-    int devId = INVALID_DEVID;
-
-#ifdef WOLF_CRYPTO_CB
-    #ifdef HAVE_INTEL_QA_SYNC
-    devId = wc_CryptoCb_InitIntelQa();
-    if (devId == INVALID_DEVID) {
-        fprintf(stderr, "Couldn't init the Intel QA\n");
-    }
-    #endif
-    #ifdef HAVE_CAVIUM_OCTEON_SYNC
-    devId = wc_CryptoCb_InitOcteon();
-    if (devId == INVALID_DEVID) {
-        fprintf(stderr, "Couldn't init the Octeon\n");
-    }
-    #endif
-#endif
-
-    return devId;
-}
-
-void ssl_InitSniffer(void)
-{
-    int devId = GetDevId();
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (wolfAsync_DevOpen(&devId) < 0) {
-        fprintf(stderr, "Async device open failed\nRunning without async\n");
-        devId = INVALID_DEVID;
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    (void)devId;
-
-    ssl_InitSniffer_ex(devId);
-}
-
-void ssl_InitSniffer_ex2(int threadNum)
-{
-    int devId = GetDevId();
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-#ifndef WC_NO_ASYNC_THREADING
-    if (wolfAsync_DevOpenThread(&devId, &threadNum) < 0)
-#else
-    if (wolfAsync_DevOpen(&devId) < 0)
-#endif
-    {
-        fprintf(stderr, "Async device open failed\nRunning without async\n");
-        devId = INVALID_DEVID;
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    (void)devId;
-    (void)threadNum;
-
-    ssl_InitSniffer_ex(devId);
-}
-
-#ifdef HAVE_SNI
-
-/* Free Named Key and the zero out the private key it holds */
-static void FreeNamedKey(NamedKey* in)
-{
-    if (in) {
-        if (in->key) {
-            ForceZero(in->key, in->keySz);
-            XFREE(in->key, NULL, DYNAMIC_TYPE_X509);
-        }
-        XFREE(in, NULL, DYNAMIC_TYPE_SNIFFER_NAMED_KEY);
-    }
-}
-
-
-static void FreeNamedKeyList(NamedKey* in)
-{
-    NamedKey* next;
-
-    while (in) {
-        next = in->next;
-        FreeNamedKey(in);
-        in = next;
-    }
-}
-
-#endif
-
-
-/* Free Sniffer Server's resources/self */
-static void FreeSnifferServer(SnifferServer* srv)
-{
-    if (srv) {
-#ifdef HAVE_SNI
-        wc_LockMutex(&srv->namedKeysMutex);
-        FreeNamedKeyList(srv->namedKeys);
-        wc_UnLockMutex(&srv->namedKeysMutex);
-        wc_FreeMutex(&srv->namedKeysMutex);
-#endif
-        wolfSSL_CTX_free(srv->ctx);
-    }
-    XFREE(srv, NULL, DYNAMIC_TYPE_SNIFFER_SERVER);
-}
-
-
-/* free PacketBuffer's resources/self */
-static void FreePacketBuffer(PacketBuffer* del)
-{
-    if (del) {
-        XFREE(del->data, NULL, DYNAMIC_TYPE_SNIFFER_PB_BUFFER);
-        XFREE(del, NULL, DYNAMIC_TYPE_SNIFFER_PB);
-    }
-}
-
-
-/* remove PacketBuffer List */
-static void FreePacketList(PacketBuffer* in)
-{
-    if (in) {
-        PacketBuffer* del;
-        PacketBuffer* packet = in;
-
-        while (packet) {
-            del = packet;
-            packet = packet->next;
-            FreePacketBuffer(del);
-        }
-    }
-}
-
-
-/* Free Sniffer Session's resources/self */
-static void FreeSnifferSession(SnifferSession* session)
-{
-    if (session) {
-        wolfSSL_free(session->sslClient);
-        wolfSSL_free(session->sslServer);
-
-        FreePacketList(session->cliReassemblyList);
-        FreePacketList(session->srvReassemblyList);
-
-        XFREE(session->ticketID, NULL, DYNAMIC_TYPE_SNIFFER_TICKET_ID);
-#ifdef HAVE_EXTENDED_MASTER
-        XFREE(session->hash, NULL, DYNAMIC_TYPE_HASHES);
-#endif
-#ifdef WOLFSSL_TLS13
-        XFREE(session->cliKeyShare, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-#ifdef HAVE_MAX_FRAGMENT
-        XFREE(session->tlsFragBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        session->tlsFragBuf = NULL;
-#endif
-    }
-    XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-}
-
-
-/* Free overall Sniffer */
-void ssl_FreeSniffer(void)
-{
-    SnifferServer*  srv;
-    SnifferServer*  removeServer;
-    SnifferSession* session;
-    SnifferSession* removeSession;
-    int i;
-
-    LOCK_SERVER_LIST();
-    LOCK_SESSION();
-
-    /* Free sessions (wolfSSL objects) first */
-    for (i = 0; i < HASH_SIZE; i++) {
-        session = SessionTable[i];
-        while (session) {
-            removeSession = session;
-            session = session->next;
-            FreeSnifferSession(removeSession);
-        }
-    }
-    XMEMSET(SessionTable, 0, sizeof(SessionTable));
-    SessionCount = 0;
-
-    /* Then server (wolfSSL_CTX) */
-    srv = ServerList;
-    while (srv) {
-        removeServer = srv;
-        srv = srv->next;
-        FreeSnifferServer(removeServer);
-    }
-    ServerList = NULL;
-
-
-
-    UNLOCK_SESSION();
-    UNLOCK_SERVER_LIST();
-
-#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-    freeSecretList();
-#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
-
-
-#ifndef WOLFSSL_MUTEX_INITIALIZER
-#ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-    wc_FreeMutex(&RecoveryMutex);
-#endif
-#ifndef HAVE_C___ATOMIC
-    wc_FreeMutex(&SessionMutex);
-    wc_FreeMutex(&ServerListMutex);
-#endif
-#endif /* !WOLFSSL_MUTEX_INITIALIZER */
-
-#ifdef WOLF_CRYPTO_CB
-    #ifdef HAVE_INTEL_QA_SYNC
-    wc_CryptoCb_CleanupIntelQa(&CryptoDeviceId);
-    #endif
-    #ifdef HAVE_CAVIUM_OCTEON_SYNC
-    wc_CryptoCb_CleanupOcteon(&CryptoDeviceId);
-    #endif
-#endif
-#ifdef WOLFSSL_ASYNC_CRYPT
-    wolfAsync_DevClose(&CryptoDeviceId);
-#endif
-
-    if (TraceFile) {
-        TraceOn = 0;
-        XFCLOSE(TraceFile);
-        TraceFile = NULL;
-    }
-
-    wolfSSL_Cleanup();
-}
-
-
-#ifdef HAVE_EXTENDED_MASTER
-
-static int HashInit(HsHashes* hash)
-{
-    int ret = 0;
-
-    XMEMSET(hash, 0, sizeof(HsHashes));
-
-#ifndef NO_OLD_TLS
-#ifndef NO_SHA
-    if (ret == 0)
-        ret = wc_InitSha(&hash->hashSha);
-#endif
-#ifndef NO_MD5
-    if (ret == 0)
-        ret = wc_InitMd5(&hash->hashMd5);
-#endif
-#endif /* !NO_OLD_TLS */
-#ifndef NO_SHA256
-    if (ret == 0)
-        ret = wc_InitSha256(&hash->hashSha256);
-#endif
-#ifdef WOLFSSL_SHA384
-    if (ret == 0)
-        ret = wc_InitSha384(&hash->hashSha384);
-#endif
-
-    return ret;
-}
-
-static int HashUpdate(HsHashes* hash, const byte* input, int sz)
-{
-    int ret = 0;
-
-    input -= HANDSHAKE_HEADER_SZ;
-    sz += HANDSHAKE_HEADER_SZ;
-
-#ifndef NO_OLD_TLS
-#ifndef NO_SHA
-    if (ret == 0)
-        ret = wc_ShaUpdate(&hash->hashSha, input, sz);
-#endif
-#ifndef NO_MD5
-    if (ret == 0)
-        ret = wc_Md5Update(&hash->hashMd5, input, sz);
-#endif
-#endif /* !NO_OLD_TLS */
-#ifndef NO_SHA256
-    if (ret == 0)
-        ret = wc_Sha256Update(&hash->hashSha256, input, sz);
-#endif
-#ifdef WOLFSSL_SHA384
-    if (ret == 0)
-        ret = wc_Sha384Update(&hash->hashSha384, input, sz);
-#endif
-
-    return ret;
-}
-
-static int HashCopy(HS_Hashes* d, HsHashes* s)
-{
-#ifndef NO_OLD_TLS
-#ifndef NO_SHA
-    XMEMCPY(&d->hashSha, &s->hashSha, sizeof(wc_Sha));
-#endif
-#ifndef NO_MD5
-    XMEMCPY(&d->hashMd5, &s->hashMd5, sizeof(wc_Md5));
-#endif
-#endif /* !NO_OLD_TLS */
-#ifndef NO_SHA256
-    XMEMCPY(&d->hashSha256, &s->hashSha256, sizeof(wc_Sha256));
-#endif
-#ifdef WOLFSSL_SHA384
-    XMEMCPY(&d->hashSha384, &s->hashSha384, sizeof(wc_Sha384));
-#endif
-
-    return 0;
-}
-
-#endif
-
-
-/* Initialize a SnifferServer */
-static void InitSnifferServer(SnifferServer* sniffer)
-{
-    XMEMSET(sniffer, 0, sizeof(SnifferServer));
-}
-
-
-/* Initialize session flags */
-static void InitFlags(Flags* flags)
-{
-    XMEMSET(flags, 0, sizeof(Flags));
-}
-
-
-/* Initialize FIN Capture */
-static void InitFinCapture(FinCapture* cap)
-{
-    XMEMSET(cap, 0, sizeof(FinCapture));
-}
-
-
-/* Initialize a Sniffer Session */
-static void InitSession(SnifferSession* session)
-{
-    XMEMSET(session, 0, sizeof(SnifferSession));
-    InitFlags(&session->flags);
-    InitFinCapture(&session->finCapture);
-}
-
-
-/* IP Info from IP Header */
-typedef struct IpInfo {
-    int    length;        /* length of this header */
-    int    total;         /* total length of fragment */
-    IpAddrInfo src;       /* network order source address */
-    IpAddrInfo dst;       /* network order destination address */
-} IpInfo;
-
-
-/* TCP Info from TCP Header */
-typedef struct TcpInfo {
-    int    srcPort;       /* source port */
-    int    dstPort;       /* destination port */
-    int    length;        /* length of this header */
-    word32 sequence;      /* sequence number */
-    word32 ackNumber;     /* ack number */
-    byte   fin;           /* FIN set */
-    byte   rst;           /* RST set */
-    byte   syn;           /* SYN set */
-    byte   ack;           /* ACK set */
-} TcpInfo;
-
-
-/* Tcp Pseudo Header for Checksum calculation */
-typedef struct TcpPseudoHdr {
-    word32  src;        /* source address */
-    word32  dst;        /* destination address */
-    byte    rsv;        /* reserved, always 0 */
-    byte    protocol;   /* IP protocol */
-    word16  length;     /* tcp header length + data length (doesn't include */
-                        /* pseudo header length) network order */
-} TcpPseudoHdr;
-
-
-#ifdef WOLFSSL_ENCRYPTED_KEYS
-/* Password Setting Callback */
-static int SetPassword(char* passwd, int sz, int rw, void* userdata)
-{
-    (void)rw;
-    XSTRNCPY(passwd, (const char*)userdata, sz);
-    return (int)XSTRLEN((const char*)userdata);
-}
-#endif
-
-/* Ethernet Header */
-typedef struct EthernetHdr {
-    byte   dst[ETHER_IF_ADDR_LEN];    /* destination host address */
-    byte   src[ETHER_IF_ADDR_LEN];    /* source  host address */
-    word16 type;                      /* IP, ARP, etc */
-} EthernetHdr;
-
-
-/* IPv4 Header */
-typedef struct IpHdr {
-    byte    ver_hl;              /* version/header length */
-    byte    tos;                 /* type of service */
-    word16  length;              /* total length */
-    word16  id;                  /* identification */
-    word16  offset;              /* fragment offset field */
-    byte    ttl;                 /* time to live */
-    byte    protocol;            /* protocol */
-    word16  sum;                 /* checksum */
-    word32  src;                 /* source address */
-    word32  dst;                 /* destination address */
-} IpHdr;
-
-
-/* IPv6 Header */
-typedef struct Ip6Hdr {
-    byte    ver_hl;              /* version/traffic class high */
-    byte    tc_fl;               /* traffic class low/flow label high */
-    word16  fl;                  /* flow label low */
-    word16  length;              /* payload length */
-    byte    next_header;         /* next header (6 for TCP, any other skip) */
-    byte    hl;                  /* hop limit */
-    byte    src[16];             /* source address */
-    byte    dst[16];             /* destination address */
-} Ip6Hdr;
-
-
-/* IPv6 extension header */
-typedef struct Ip6ExtHdr {
-    byte next_header;            /* next header (6 for TCP, any other skip) */
-    byte length;                 /* length in 8-octet units - 1 */
-    byte reserved[6];
-} Ip6ExtHdr;
-
-
-#define IP_HL(ip)      ( (((ip)->ver_hl) & 0x0f) * 4)
-#define IP_V(ip)       ( ((ip)->ver_hl) >> 4)
-
-/* TCP Header */
-typedef struct TcpHdr {
-    word16  srcPort;            /* source port */
-    word16  dstPort;            /* destination port */
-    word32  sequence;           /* sequence number */
-    word32  ack;                /* acknowledgment number */
-    byte    offset;             /* data offset, reserved */
-    byte    flags;              /* option flags */
-    word16  window;             /* window */
-    word16  sum;                /* checksum */
-    word16  urgent;             /* urgent pointer */
-} TcpHdr;
-
-#define TCP_LEN(tcp)  ( (((tcp)->offset & 0xf0) >> 4) * 4)
-#define TCP_FIN 0x01
-#define TCP_SYN 0x02
-#define TCP_RST 0x04
-#define TCP_ACK 0x10
-
-
-
-
-
-/* Use platform specific GetError to write to trace file if tracing */
-static void TraceError(int idx, char* error)
-{
-    if (TraceOn) {
-        char myBuffer[MAX_ERROR_LEN];
-        if (error == NULL) {
-            error = myBuffer;
-            GetError(idx, myBuffer);
-        }
-        XFPRINTF(TraceFile, "\t%s\n", error);
-#ifdef DEBUG_SNIFFER
-        XFPRINTF(stderr,    "\t%s\n", error);
-#endif
-    }
-}
-
-static void Trace(int idx)
-{
-    TraceError(idx, NULL);
-}
-
-
-/* Show TimeStamp for beginning of packet Trace */
-static void TraceHeader(void)
-{
-    if (TraceOn) {
-        time_t ticks = wc_Time(NULL);
-        XFPRINTF(TraceFile, "\n%s", XCTIME(&ticks));
-    }
-}
-
-
-/* Show Set Server info for Trace */
-static void TraceSetServer(const char* srv, int port, const char* keyFile)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n");
-        if (keyFile != NULL) {
-            XFPRINTF(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n",
-                     srv, port, keyFile);
-        }
-        else {
-            XFPRINTF(TraceFile, "\tserver: %s, port: %d\n",
-                     srv, port);
-        }
-    }
-}
-
-
-#ifdef HAVE_SNI
-
-/* Show Set Named Server info for Trace */
-static void TraceSetNamedServer(const char* name,
-                                 const char* srv, int port, const char* keyFile)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n");
-        XFPRINTF(TraceFile, "\tname: %s, server: %s, port: %d, keyFile: %s\n",
-        name ? name : "",
-        srv ? srv : "",
-        port,
-        keyFile ? keyFile : "");
-    }
-}
-
-#endif
-
-
-/* Trace got packet number */
-static void TracePacket(void)
-{
-    if (TraceOn) {
-        static word32 packetNumber = 0;
-        XFPRINTF(TraceFile, "\tGot a Packet to decode, packet %u\n",
-                ++packetNumber);
-    }
-}
-
-
-/* Convert network byte order address into human readable */
-static const char* IpToS(int version, void* src, char* dst)
-{
-    return XINET_NTOP(version, src, dst, TRACE_MSG_SZ);
-}
-
-
-/* Show destination and source address from Ip Hdr for packet Trace */
-static void TraceIP(IpHdr* iphdr)
-{
-    if (TraceOn) {
-        char src[TRACE_MSG_SZ];
-        char dst[TRACE_MSG_SZ];
-        XFPRINTF(TraceFile, "\tdst:%s src:%s\n",
-                IpToS(AF_INET, &iphdr->dst, dst),
-                IpToS(AF_INET, &iphdr->src, src));
-    }
-}
-
-
-/* Show destination and source address from Ip6Hdr for packet Trace */
-static void TraceIP6(Ip6Hdr* iphdr)
-{
-    if (TraceOn) {
-        char src[TRACE_MSG_SZ];
-        char dst[TRACE_MSG_SZ];
-        XFPRINTF(TraceFile, "\tdst: %s src: %s\n",
-                IpToS(AF_INET6, iphdr->dst, dst),
-                IpToS(AF_INET6, iphdr->src, src));
-    }
-}
-
-
-/* Show destination and source port from Tcp Hdr for packet Trace */
-static void TraceTcp(TcpHdr* tcphdr)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tdstPort:%u srcPort:%u\n", XNTOHS(tcphdr->dstPort),
-                XNTOHS(tcphdr->srcPort));
-    }
-}
-
-
-/* Show sequence and payload length for Trace */
-static void TraceSequence(word32 seq, int len)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tSequence:%u, payload length:%d\n", seq, len);
-    }
-}
-
-
-/* Show sequence and payload length for Trace */
-static void TraceAck(word32 acknowledgement, word32 expected)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tAck:%u Expected:%u\n", acknowledgement,
-                 expected);
-    }
-}
-
-
-/* Show relative expected and relative received sequences */
-static void TraceRelativeSequence(word32 expected, word32 got)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tExpected sequence:%u, received sequence:%u\n",
-                expected, got);
-    }
-}
-
-
-/* Show server sequence startup from SYN */
-static void TraceServerSyn(word32 seq)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tServer SYN, Sequence Start:%u\n", seq);
-    }
-}
-
-
-/* Show client sequence startup from SYN */
-static void TraceClientSyn(word32 seq)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tClient SYN, Sequence Start:%u\n", seq);
-    }
-}
-
-
-/* Show client FIN capture */
-static void TraceClientFin(word32 finSeq, word32 relSeq)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tClient FIN capture:%u, current SEQ:%u\n",
-                finSeq, relSeq);
-    }
-}
-
-
-/* Show server FIN capture */
-static void TraceServerFin(word32 finSeq, word32 relSeq)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tServer FIN capture:%u, current SEQ:%u\n",
-                finSeq, relSeq);
-    }
-}
-
-
-/* Show number of SSL data bytes decoded, could be 0 (ok) */
-static void TraceGotData(int bytes)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\t%d bytes of SSL App data processed\n", bytes);
-    }
-}
-
-
-/* Show bytes added to old SSL App data */
-static void TraceAddedData(int newBytes, int existingBytes)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile,
-                "\t%d bytes added to %d existing bytes in User Buffer\n",
-                newBytes, existingBytes);
-    }
-}
-
-
-/* Show Stale Session */
-static void TraceStaleSession(void)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tFound a stale session\n");
-    }
-}
-
-
-/* Show Finding Stale Sessions */
-static void TraceFindingStale(void)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tTrying to find Stale Sessions\n");
-    }
-}
-
-
-/* Show Removed Session */
-static void TraceRemovedSession(void)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tRemoved it\n");
-    }
-}
-
-
-/* Show SSLInfo if provided and is valid. */
-static void TraceSessionInfo(SSLInfo* sslInfo)
-{
-    if (TraceOn) {
-        if (sslInfo != NULL && sslInfo->isValid) {
-            XFPRINTF(TraceFile,
-                    "\tver:(%u %u) suiteId:(%02x %02x) suiteName:(%s) "
-                    #ifdef HAVE_SNI
-                    "sni:(%s) "
-                    #endif
-                    "keySize:(%u)\n",
-                    sslInfo->protocolVersionMajor,
-                    sslInfo->protocolVersionMinor,
-                    sslInfo->serverCipherSuite0,
-                    sslInfo->serverCipherSuite,
-                    sslInfo->serverCipherSuiteName,
-                    #ifdef HAVE_SNI
-                    sslInfo->serverNameIndication,
-                    #endif
-                    sslInfo->keySize);
-        }
-    }
-}
-
-
-#ifdef WOLFSSL_SNIFFER_STATS
-
-/* Show value added to a named statistic. */
-static void TraceStat(const char* name, int add)
-{
-    if (TraceOn) {
-        XFPRINTF(TraceFile, "\tAdding %d to %s\n", add, name);
-    }
-}
-
-#endif
-
-
-/* Set user error string */
-static void SetError(int idx, char* error, SnifferSession* session, int fatal)
-{
-    GetError(idx, error);
-    TraceError(idx, error);
-    if (session)
-        session->error = idx;
-    if (session && fatal == FATAL_ERROR_STATE)
-        session->flags.fatalError = 1;
-}
-
-
-/* Compare IpAddrInfo structs */
-static WC_INLINE int MatchAddr(IpAddrInfo l, IpAddrInfo r)
-{
-    if (l.version == r.version) {
-        if (l.version == IPV4)
-            return (l.ip4 == r.ip4);
-        else if (l.version == IPV6)
-            return (0 == XMEMCMP(l.ip6, r.ip6, sizeof(l.ip6)));
-    }
-    return 0;
-}
-
-
-#ifndef WOLFSSL_SNIFFER_WATCH
-
-/* See if this IPV4 network order address has been registered */
-/* return 1 is true, 0 is false */
-static int IsServerRegistered(word32 addr)
-{
-    int ret = 0;     /* false */
-    SnifferServer* sniffer;
-
-    LOCK_SERVER_LIST();
-
-    sniffer = ServerList;
-    while (sniffer) {
-        if (sniffer->server.ip4 == addr) {
-            ret = 1;
-            break;
-        }
-        sniffer = sniffer->next;
-    }
-
-    UNLOCK_SERVER_LIST();
-
-    return ret;
-}
-
-
-/* See if this port has been registered to watch */
-/* See if this IPV4 network order address has been registered */
-/* return 1 is true, 0 is false */
-static int IsServerRegistered6(byte* addr)
-{
-    int ret = 0;     /* false */
-    SnifferServer* sniffer;
-
-    LOCK_SERVER_LIST();
-
-    sniffer = ServerList;
-    while (sniffer) {
-        if (sniffer->server.version == IPV6 &&
-                0 == XMEMCMP(sniffer->server.ip6, addr, sizeof(sniffer->server.ip6))) {
-            ret = 1;
-            break;
-        }
-        sniffer = sniffer->next;
-    }
-
-    UNLOCK_SERVER_LIST();
-
-    return ret;
-}
-
-
-/* See if this port has been registered to watch */
-/* return 1 is true, 0 is false */
-static int IsPortRegistered(word32 port)
-{
-    int ret = 0;    /* false */
-    SnifferServer* sniffer;
-
-    LOCK_SERVER_LIST();
-
-    sniffer = ServerList;
-    while (sniffer) {
-        if (sniffer->port == (int)port) {
-            ret = 1;
-            break;
-        }
-        sniffer = sniffer->next;
-    }
-
-    UNLOCK_SERVER_LIST();
-
-    return ret;
-}
-
-#endif
-
-
-/* Get SnifferServer from IP and Port */
-static SnifferServer* GetSnifferServer(IpInfo* ipInfo, TcpInfo* tcpInfo)
-{
-    SnifferServer* sniffer;
-
-    LOCK_SERVER_LIST();
-
-    sniffer = ServerList;
-
-#ifndef WOLFSSL_SNIFFER_WATCH
-    while (sniffer) {
-        if (sniffer->port == tcpInfo->srcPort &&
-                MatchAddr(sniffer->server, ipInfo->src))
-            break;
-        if (sniffer->port == tcpInfo->dstPort &&
-                MatchAddr(sniffer->server, ipInfo->dst))
-            break;
-
-        if (sniffer->next)
-            sniffer = sniffer->next;
-        else
-           break;
-    }
-#else
-    (void)ipInfo;
-    (void)tcpInfo;
-#endif
-
-    UNLOCK_SERVER_LIST();
-
-    return sniffer;
-}
-
-
-/* Hash the Session Info, return hash row */
-static word32 SessionHash(IpInfo* ipInfo, TcpInfo* tcpInfo)
-{
-    word32 hash = 1;
-
-    if (ipInfo->src.version == IPV4) {
-        hash *= ipInfo->src.ip4 * ipInfo->dst.ip4;
-    }
-    else if (ipInfo->src.version == IPV6) {
-        word32* x;
-        word32  y;
-        x = (word32*)ipInfo->src.ip6;
-        y = x[0] ^ x[1] ^ x[2] ^ x[3];
-        hash *= y;
-        x = (word32*)ipInfo->dst.ip6;
-        y = x[0] ^ x[1] ^ x[2] ^ x[3];
-        hash *= y;
-    }
-    hash *= tcpInfo->srcPort * tcpInfo->dstPort;
-
-    return hash % HASH_SIZE;
-}
-
-
-/* Get Existing SnifferSession from IP and Port */
-static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo)
-{
-    SnifferSession* session;
-    time_t          currTime = wc_Time(NULL);
-    word32          row = SessionHash(ipInfo, tcpInfo);
-
-    LOCK_SESSION();
-    session = SessionTable[row];
-    while (session) {
-        if (MatchAddr(session->server, ipInfo->src) &&
-            MatchAddr(session->client, ipInfo->dst) &&
-                    session->srvPort == tcpInfo->srcPort &&
-                    session->cliPort == tcpInfo->dstPort)
-            break;
-
-        if (MatchAddr(session->client, ipInfo->src) &&
-            MatchAddr(session->server, ipInfo->dst) &&
-                    session->cliPort == tcpInfo->srcPort &&
-                    session->srvPort == tcpInfo->dstPort)
-            break;
-
-        session = session->next;
-    }
-
-    if (session)
-        session->lastUsed= currTime; /* keep session alive, remove stale will */
-                                     /* leave alone */
-    UNLOCK_SESSION();
-
-    /* determine side */
-    if (session) {
-        if (MatchAddr(ipInfo->dst, session->server) &&
-            tcpInfo->dstPort == session->srvPort) {
-
-            session->flags.side = WOLFSSL_SERVER_END;
-        }
-        else {
-            session->flags.side = WOLFSSL_CLIENT_END;
-        }
-    }
-
-    return session;
-}
-
-
-#if defined(HAVE_SNI) || defined(WOLFSSL_SNIFFER_WATCH)
-
-static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
-                const char* keyFile, int keySz, int typeKey,
-                const char* password)
-{
-    byte* loadBuf;
-    long fileSz = 0;
-    XFILE file;
-    int ret = -1;
-
-    if (keyBuf == NULL || keyBufSz == NULL || keyFile == NULL) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (keySz == 0) {
-        /* load from file */
-        file = XFOPEN(keyFile, "rb");
-        if (file == XBADFILE) return WOLFSSL_FATAL_ERROR;
-        if(XFSEEK(file, 0, XSEEK_END) != 0) {
-            XFCLOSE(file);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        fileSz = XFTELL(file);
-        if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) {
-            XFCLOSE(file);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        if(XFSEEK(file, 0, XSEEK_SET) != 0) {
-            XFCLOSE(file);
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-        loadBuf = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_FILE);
-        if (loadBuf == NULL) {
-            XFCLOSE(file);
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-        ret = (int)XFREAD(loadBuf, 1, fileSz, file);
-        XFCLOSE(file);
-
-        if (ret != fileSz) {
-            XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-    else {
-        /* use buffer directly */
-        loadBuf = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_FILE);
-        if (loadBuf == NULL) {
-            return WOLFSSL_FATAL_ERROR;
-        }
-        fileSz = keySz;
-        XMEMCPY(loadBuf, keyFile, fileSz);
-    }
-
-    if (typeKey == WOLFSSL_FILETYPE_PEM) {
-        byte* saveBuf   = (byte*)XMALLOC(fileSz, NULL, DYNAMIC_TYPE_X509);
-        int   saveBufSz = 0;
-
-        ret = -1;
-        if (saveBuf != NULL) {
-            saveBufSz = wc_KeyPemToDer(loadBuf, (int)fileSz,
-                                                saveBuf, (int)fileSz, password);
-            if (saveBufSz < 0) {
-                saveBufSz = 0;
-                XFREE(saveBuf, NULL, DYNAMIC_TYPE_X509);
-                saveBuf = NULL;
-            }
-            else
-                ret = 0;
-        }
-
-        ForceZero(loadBuf, (word32)fileSz);
-        XFREE(loadBuf, NULL, DYNAMIC_TYPE_FILE);
-
-        if (saveBuf) {
-            *keyBuf = saveBuf;
-            *keyBufSz = (word32)saveBufSz;
-        }
-    }
-    else {
-        *keyBuf = loadBuf;
-        *keyBufSz = (word32)fileSz;
-    }
-
-    if (ret < 0) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    return ret;
-}
-
-#endif
-
-
-#ifdef WOLFSSL_SNIFFER_WATCH
-
-static int CreateWatchSnifferServer(char* error)
-{
-    SnifferServer* sniffer;
-
-    sniffer = (SnifferServer*)XMALLOC(sizeof(SnifferServer), NULL,
-            DYNAMIC_TYPE_SNIFFER_SERVER);
-    if (sniffer == NULL) {
-        SetError(MEMORY_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    InitSnifferServer(sniffer);
-    sniffer->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
-    if (!sniffer->ctx) {
-        SetError(MEMORY_STR, error, NULL, 0);
-        FreeSnifferServer(sniffer);
-        return WOLFSSL_FATAL_ERROR;
-    }
-#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
-    if (CryptoDeviceId != INVALID_DEVID)
-        wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
-#endif
-
-    /* add to server list */
-    LOCK_SERVER_LIST();
-    sniffer->next = ServerList;
-    ServerList = sniffer;
-    UNLOCK_SERVER_LIST();
-
-    return 0;
-}
-
-#endif
-
-
-/* Caller locks ServerListMutex */
-static int SetNamedPrivateKey(const char* name, const char* address, int port,
-    const char* keyFile, int keySz, int typeKey, const char* password,
-    char* error, int isEphemeralKey)
-{
-    SnifferServer* sniffer;
-    int            ret;
-    int            type = (typeKey == FILETYPE_PEM) ? WOLFSSL_FILETYPE_PEM :
-                                                      WOLFSSL_FILETYPE_ASN1;
-    int            isNew = 0;
-    IpAddrInfo     serverIp;
-
-#ifdef HAVE_SNI
-    NamedKey* namedKey = NULL;
-#endif
-
-    (void)name;
-#ifdef HAVE_SNI
-    if (name != NULL) {
-        namedKey = (NamedKey*)XMALLOC(sizeof(NamedKey),
-                NULL, DYNAMIC_TYPE_SNIFFER_NAMED_KEY);
-        if (namedKey == NULL) {
-            SetError(MEMORY_STR, error, NULL, 0);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        XMEMSET(namedKey, 0, sizeof(NamedKey));
-
-        namedKey->nameSz = (word32)XSTRLEN(name);
-        if (namedKey->nameSz > sizeof(namedKey->name)-1)
-            namedKey->nameSz = sizeof(namedKey->name)-1;
-        XSTRNCPY(namedKey->name, name, namedKey->nameSz);
-        namedKey->name[MAX_SERVER_NAME-1] = '\0';
-        namedKey->isEphemeralKey = isEphemeralKey;
-        ret = LoadKeyFile(&namedKey->key, &namedKey->keySz,
-                          keyFile, keySz, type, password);
-        if (ret < 0) {
-            SetError(KEY_FILE_STR, error, NULL, 0);
-            FreeNamedKey(namedKey);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-#endif
-
-    serverIp.version = IPV4;
-    serverIp.ip4 = XINET_ADDR(address);
-    if (serverIp.ip4 == XINADDR_NONE) {
-    #ifdef FUSION_RTOS
-        if (XINET_PTON(AF_INET6, address, serverIp.ip6,
-                       sizeof(serverIp.ip4)) == 1)
-    #else
-        if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1)
-    #endif
-        {
-            serverIp.version = IPV6;
-        }
-    }
-
-    sniffer = ServerList;
-    while (sniffer != NULL &&
-            (!MatchAddr(sniffer->server, serverIp) || sniffer->port != port)) {
-        sniffer = sniffer->next;
-    }
-
-    if (sniffer == NULL) {
-        isNew = 1;
-        sniffer = (SnifferServer*)XMALLOC(sizeof(SnifferServer),
-                NULL, DYNAMIC_TYPE_SNIFFER_SERVER);
-        if (sniffer == NULL) {
-            SetError(MEMORY_STR, error, NULL, 0);
-#ifdef HAVE_SNI
-            FreeNamedKey(namedKey);
-#endif
-            return WOLFSSL_FATAL_ERROR;
-        }
-        InitSnifferServer(sniffer);
-
-        XSTRNCPY(sniffer->address, address, MAX_SERVER_ADDRESS-1);
-        sniffer->address[MAX_SERVER_ADDRESS-1] = '\0';
-        sniffer->server = serverIp;
-        sniffer->port = port;
-
-        sniffer->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
-        if (!sniffer->ctx) {
-            SetError(MEMORY_STR, error, NULL, 0);
-#ifdef HAVE_SNI
-            FreeNamedKey(namedKey);
-#endif
-            FreeSnifferServer(sniffer);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    #if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
-        if (CryptoDeviceId != INVALID_DEVID)
-            wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
-    #endif
-    }
-
-    if (name == NULL) {
-        if (password) {
-    #ifdef WOLFSSL_ENCRYPTED_KEYS
-            wolfSSL_CTX_set_default_passwd_cb(sniffer->ctx, SetPassword);
-            wolfSSL_CTX_set_default_passwd_cb_userdata(
-                                                 sniffer->ctx, (void*)password);
-    #endif
-        }
-
-    #ifdef WOLFSSL_STATIC_EPHEMERAL
-        if (isEphemeralKey) {
-            /* auto detect key type with WC_PK_TYPE_NONE */
-            /* keySz == 0 mean load file */
-            ret = wolfSSL_CTX_set_ephemeral_key(sniffer->ctx, WC_PK_TYPE_NONE,
-                keyFile, keySz, type);
-            if (ret == 0)
-                ret = WOLFSSL_SUCCESS;
-        }
-        else
-    #endif
-        {
-            if (keySz == 0) {
-                ret = wolfSSL_CTX_use_PrivateKey_file(sniffer->ctx, keyFile, type);
-            }
-            else {
-                ret = wolfSSL_CTX_use_PrivateKey_buffer(sniffer->ctx,
-                                            (const byte*)keyFile, keySz, type);
-            }
-        }
-        if (ret != WOLFSSL_SUCCESS) {
-            SetError(KEY_FILE_STR, error, NULL, 0);
-            if (isNew)
-                FreeSnifferServer(sniffer);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    #ifdef WOLF_CRYPTO_CB
-        wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
-    #endif
-    }
-#ifdef HAVE_SNI
-    else {
-        wc_LockMutex(&sniffer->namedKeysMutex);
-        namedKey->next = sniffer->namedKeys;
-        sniffer->namedKeys = namedKey;
-        wc_UnLockMutex(&sniffer->namedKeysMutex);
-    }
-#endif
-
-    if (isNew) {
-        sniffer->next = ServerList;
-        ServerList = sniffer;
-    }
-
-#ifndef WOLFSSL_STATIC_EPHEMERAL
-    (void)isEphemeralKey;
-#endif
-
-    return 0;
-}
-
-
-#ifdef HAVE_SNI
-/* Sets the private key for a specific name, server and port  */
-/* returns 0 on success, -1 on error */
-int ssl_SetNamedPrivateKey(const char* name,
-                           const char* address, int port,
-                           const char* keyFile, int typeKey,
-                           const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetNamedServer(name, address, port, keyFile);
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(name, address, port, keyFile, 0,
-                             typeKey, password, error, 0);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-
-int ssl_SetNamedPrivateKeyBuffer(const char* name,
-                                 const char* address, int port,
-                                 const char* keyBuf, int keySz, int typeKey,
-                                 const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetNamedServer(name, address, port, NULL);
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(name, address, port, keyBuf, keySz,
-                             typeKey, password, error, 0);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-#endif /* HAVE_SNI */
-
-/* Sets the private key for a specific server and port  */
-/* returns 0 on success, -1 on error */
-int ssl_SetPrivateKey(const char* address, int port,
-                      const char* keyFile, int typeKey,
-                      const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetServer(address, port, keyFile);
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(NULL, address, port, keyFile, 0,
-                             typeKey, password, error, 0);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-
-int ssl_SetPrivateKeyBuffer(const char* address, int port,
-                            const char* keyBuf, int keySz, int typeKey,
-                            const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetServer(address, port, "from buffer");
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz,
-                             typeKey, password, error, 0);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-
-#ifdef WOLFSSL_STATIC_EPHEMERAL
-#ifdef HAVE_SNI
-/* Sets the ephemeral key for a specific name, server and port  */
-/* returns 0 on success, -1 on error */
-int ssl_SetNamedEphemeralKey(const char* name,
-                             const char* address, int port,
-                             const char* keyFile, int typeKey,
-                             const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetNamedServer(name, address, port, keyFile);
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(name, address, port, keyFile, 0,
-                             typeKey, password, error, 1);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-
-int ssl_SetNamedEphemeralKeyBuffer(const char* name,
-                                   const char* address, int port,
-                                   const char* keyBuf, int keySz, int typeKey,
-                                   const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetNamedServer(name, address, port, NULL);
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(name, address, port, keyBuf, keySz,
-                             typeKey, password, error, 1);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-#endif /* HAVE_SNI */
-
-/* Sets the ephemeral key for a specific server and port  */
-/* returns 0 on success, -1 on error */
-int ssl_SetEphemeralKey(const char* address, int port,
-                        const char* keyFile, int typeKey,
-                        const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetServer(address, port, keyFile);
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(NULL, address, port, keyFile, 0,
-                             typeKey, password, error, 1);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-
-int ssl_SetEphemeralKeyBuffer(const char* address, int port,
-                              const char* keyBuf, int keySz, int typeKey,
-                              const char* password, char* error)
-{
-    int ret;
-
-    TraceHeader();
-    TraceSetServer(address, port, "from buffer");
-
-    LOCK_SERVER_LIST();
-    ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz,
-                             typeKey, password, error, 1);
-    UNLOCK_SERVER_LIST();
-
-    if (ret == 0)
-        Trace(NEW_SERVER_STR);
-
-    return ret;
-}
-#endif /* WOLFSSL_STATIC_EPHEMERAL */
-
-/* Check IP Header for IPV6, TCP, and a registered server address */
-/* returns 0 on success, -1 on error */
-static int CheckIp6Hdr(Ip6Hdr* iphdr, IpInfo* info, int length, char* error)
-{
-    int        version = IP_V(iphdr);
-    int        exthdrsz = IP6_HDR_SZ;
-
-    TraceIP6(iphdr);
-    Trace(IP_CHECK_STR);
-
-    if (version != IPV6) {
-        SetError(BAD_IPVER_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    /* Here, we need to move onto next header if not TCP. */
-    if (iphdr->next_header != TCP_PROTOCOL) {
-        Ip6ExtHdr* exthdr = (Ip6ExtHdr*)((byte*)iphdr + IP6_HDR_SZ);
-        do {
-            int hdrsz = (exthdr->length + 1) * 8;
-            if (hdrsz > length - exthdrsz) {
-                SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            exthdrsz += hdrsz;
-            exthdr = (Ip6ExtHdr*)((byte*)exthdr + hdrsz);
-        }
-        while (exthdr->next_header != TCP_PROTOCOL &&
-                exthdr->next_header != NO_NEXT_HEADER);
-    }
-
-#ifndef WOLFSSL_SNIFFER_WATCH
-    if (!IsServerRegistered6(iphdr->src) && !IsServerRegistered6(iphdr->dst)) {
-        SetError(SERVER_NOT_REG_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-#endif
-
-    info->length = exthdrsz;
-    info->total = XNTOHS(iphdr->length) + info->length;
-    /* IPv6 doesn't include its own header size in the length like v4. */
-    info->src.version = IPV6;
-    XMEMCPY(info->src.ip6, iphdr->src, sizeof(info->src.ip6));
-    info->dst.version = IPV6;
-    XMEMCPY(info->dst.ip6, iphdr->dst, sizeof(info->dst.ip6));
-
-    return 0;
-}
-
-
-/* Check IP Header for IPV4, TCP, and a registered server address */
-/* If header IPv6, pass to CheckIp6Hdr(). */
-/* returns 0 on success, -1 on error */
-static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, int length, char* error,
-                      int trace)
-{
-    int version = IP_V(iphdr);
-
-    if (version == IPV6)
-        return CheckIp6Hdr((Ip6Hdr*)iphdr, info, length, error);
-
-    if (trace) {
-        TraceIP(iphdr);
-        Trace(IP_CHECK_STR);
-    }
-
-    if (version != IPV4) {
-        SetError(BAD_IPVER_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (iphdr->protocol != TCP_PROTOCOL) {
-        SetError(BAD_PROTO_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    info->length  = IP_HL(iphdr);
-    info->total   = XNTOHS(iphdr->length);
-    info->src.version = IPV4;
-    info->src.ip4 = iphdr->src;
-    info->dst.version = IPV4;
-    info->dst.ip4 = iphdr->dst;
-
-    if (info->total == 0)
-        info->total = length;  /* reassembled may be off */
-
-    return 0;
-}
-
-
-/* Check TCP Header for a registered port */
-/* returns 0 on success, -1 on error */
-static int CheckTcpHdr(TcpHdr* tcphdr, TcpInfo* info, char* error, int trace)
-{
-    if (trace) {
-        TraceTcp(tcphdr);
-        Trace(TCP_CHECK_STR);
-    }
-
-    info->srcPort   = XNTOHS(tcphdr->srcPort);
-    info->dstPort   = XNTOHS(tcphdr->dstPort);
-    info->length    = TCP_LEN(tcphdr);
-    info->sequence  = XNTOHL(tcphdr->sequence);
-    info->fin       = tcphdr->flags & TCP_FIN;
-    info->rst       = tcphdr->flags & TCP_RST;
-    info->syn       = tcphdr->flags & TCP_SYN;
-    info->ack       = tcphdr->flags & TCP_ACK;
-    if (info->ack)
-        info->ackNumber = XNTOHL(tcphdr->ack);
-
-    (void)error;
-
-    return 0;
-}
-
-
-/* Decode Record Layer Header */
-static int GetRecordHeader(const byte* input, RecordLayerHeader* rh, int* size)
-{
-    XMEMCPY(rh, input, RECORD_HEADER_SZ);
-    *size = (rh->length[0] << 8) | rh->length[1];
-
-    /* make sure length is valid */
-    if (*size > (MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA))
-        return LENGTH_ERROR;
-    /* make sure the record type is valid */
-    if (rh->type < change_cipher_spec ||
-    #ifdef WOLFSSL_DTLS13
-        rh->type > ack
-    #else
-        rh->type > dtls12_cid
-    #endif
-        ) {
-        return UNKNOWN_RECORD_TYPE;
-    }
-    /* make sure version is valid */
-    if (rh->pvMajor > SSLv3_MAJOR || rh->pvMinor > TLSv1_3_MINOR) {
-        return VERSION_ERROR;
-    }
-
-    return 0;
-}
-
-
-/* Copies the session's information to the provided sslInfo. Skip copy if
- * SSLInfo is not provided. */
-static void CopySessionInfo(SnifferSession* session, SSLInfo* sslInfo)
-{
-    if (NULL != sslInfo) {
-        XMEMSET(sslInfo, 0, sizeof(SSLInfo));
-
-        /* Pass back Session Info after we have processed the Server Hello. */
-        if (0 != session->sslServer->options.cipherSuite) {
-            const char* pCipher;
-
-            sslInfo->isValid = 1;
-            sslInfo->protocolVersionMajor = session->sslServer->version.major;
-            sslInfo->protocolVersionMinor = session->sslServer->version.minor;
-            sslInfo->serverCipherSuite0 =
-                        session->sslServer->options.cipherSuite0;
-            sslInfo->serverCipherSuite =
-                        session->sslServer->options.cipherSuite;
-
-            pCipher = wolfSSL_get_cipher(session->sslServer);
-            if (NULL != pCipher) {
-                XSTRNCPY((char*)sslInfo->serverCipherSuiteName, pCipher,
-                         sizeof(sslInfo->serverCipherSuiteName) - 1);
-                sslInfo->serverCipherSuiteName
-                         [sizeof(sslInfo->serverCipherSuiteName) - 1] = '\0';
-            }
-            sslInfo->keySize = session->keySz;
-        #ifdef HAVE_SNI
-            if (NULL != session->sni) {
-                XSTRNCPY((char*)sslInfo->serverNameIndication,
-                    session->sni, sizeof(sslInfo->serverNameIndication) - 1);
-                sslInfo->serverNameIndication
-                         [sizeof(sslInfo->serverNameIndication) - 1] = '\0';
-            }
-        #endif
-            TraceSessionInfo(sslInfo);
-        }
-    }
-}
-
-
-/* Call the session connection start callback. */
-static void CallConnectionCb(SnifferSession* session)
-{
-    if (ConnectionCb != NULL) {
-        SSLInfo info;
-        CopySessionInfo(session, &info);
-        ConnectionCb((const void*)session, &info, ConnectionCbCtx);
-    }
-}
-
-#ifdef SHOW_SECRETS
-static void PrintSecret(const char* desc, const byte* buf, int sz)
-{
-    int i;
-    printf("%s: ", desc);
-    for (i = 0; i < sz; i++) {
-        printf("%02x", buf[i]);
-    }
-    printf("\n");
-}
-
-static void ShowTlsSecrets(SnifferSession* session)
-{
-    PrintSecret("server master secret", session->sslServer->arrays->masterSecret, SECRET_LEN);
-    PrintSecret("client master secret", session->sslClient->arrays->masterSecret, SECRET_LEN);
-    printf("server suite = %d\n", session->sslServer->options.cipherSuite);
-    printf("client suite = %d\n", session->sslClient->options.cipherSuite);
-}
-#endif /* SHOW_SECRETS */
-
-typedef struct {
-    int type;
-    union {
-    #ifndef NO_RSA
-        RsaKey rsa;
-    #endif
-    #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
-        struct {
-            word32 pLen; /* modulus length */
-            word32 privKeySz;
-            byte   privKey[WC_DH_PRIV_MAX_SZ]; /* max for TLS */
-            DhKey  key;
-        } dh;
-    #endif
-    #ifdef HAVE_ECC
-        ecc_key ecc;
-    #endif
-    #ifdef HAVE_CURVE25519
-        curve25519_key x25519;
-    #endif
-    #ifdef HAVE_CURVE448
-        curve448_key x448;
-    #endif
-    } priv;
-
-#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
-    union {
-        /* RSA is for static RSA only */
-        /* DH does not use public DhKey for Agree */
-    #ifdef HAVE_ECC
-        ecc_key ecc;
-    #endif
-    #ifdef HAVE_CURVE25519
-        curve25519_key x25519;
-    #endif
-    #ifdef HAVE_CURVE448
-        curve448_key x448;
-    #endif
-    } pub;
-#endif
-    byte initPriv:1;
-    byte initPub:1;
-} SnifferKey;
-
-typedef struct SetupKeysArgs {
-#ifdef WOLFSSL_ASYNC_CRYPT
-    SnifferKey* key;
-#else
-    SnifferKey  key[1];
-#endif
-    DerBuffer*  keyBuf;
-    int         length;
-    byte        keyBufFree:1;
-    byte        keyLocked:1;
-} SetupKeysArgs;
-
-static void FreeSetupKeysArgs(WOLFSSL* ssl, void* pArgs)
-{
-    SetupKeysArgs* args = (SetupKeysArgs*)pArgs;
-
-    if (args == NULL) {
-        return;
-    }
-    (void)ssl;
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (args->key != NULL)
-#endif
-    {
-    #ifndef NO_RSA
-        if (args->key->type == WC_PK_TYPE_RSA) {
-            if (args->key->initPriv) {
-                wc_FreeRsaKey(&args->key->priv.rsa);
-            }
-        }
-    #endif
-    #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
-        if (args->key->type == WC_PK_TYPE_DH) {
-            if (args->key->initPriv) {
-                wc_FreeDhKey(&args->key->priv.dh.key);
-            }
-        }
-    #endif
-    #ifdef HAVE_ECC
-        if (args->key->type == WC_PK_TYPE_ECDH) {
-            if (args->key->initPriv) {
-                wc_ecc_free(&args->key->priv.ecc);
-            }
-            if (args->key->initPub) {
-                wc_ecc_free(&args->key->pub.ecc);
-            }
-        }
-    #endif
-    #ifdef HAVE_CURVE25519
-        if (args->key->type == WC_PK_TYPE_CURVE25519) {
-            if (args->key->initPriv) {
-                wc_curve25519_free(&args->key->priv.x25519);
-            }
-            if (args->key->initPub) {
-                wc_curve25519_free(&args->key->pub.x25519);
-            }
-        }
-    #endif
-    #ifdef HAVE_CURVE448
-        if (args->key->type == WC_PK_TYPE_CURVE448) {
-            if (args->key->initPriv) {
-                wc_curve448_free(&args->key->priv.x448);
-            }
-            if (args->key->initPub) {
-                wc_curve448_free(&args->key->pub.x448);
-            }
-        }
-    #endif
-        args->key->type = WC_PK_TYPE_NONE;
-        args->key->initPriv = 0; args->key->initPub = 0;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-        XFREE(args->key, NULL, DYNAMIC_TYPE_SNIFFER_KEY);
-        args->key = NULL;
-#else
-        XMEMSET(args->key, 0, sizeof(args->key));
-#endif
-    }
-
-    if (args->keyBuf != NULL && args->keyBufFree) {
-        FreeDer(&args->keyBuf);
-        args->keyBufFree = 0;
-    }
-}
-
-/* Process Keys */
-static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
-    char* error, KeyShareInfo* ksInfo)
-{
-    word32 idx;
-    int ret;
-    int devId = INVALID_DEVID;
-    WOLFSSL_CTX* ctx = session->context->ctx;
-    WOLFSSL* ssl = session->sslServer;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    SetupKeysArgs* args = NULL;
-    WOLFSSL_ASSERT_SIZEOF_GE(ssl->async->args, *args);
-#else
-    SetupKeysArgs  args[1];
-#endif
-
-    Trace(SNIFFER_KEY_SETUP_STR);
-
-    if (session->sslServer->arrays == NULL ||
-        session->sslClient->arrays == NULL) {
-        /* Secret's have already been established and released.
-         * This can happen with secure renegotiation. */
-        return 0;
-    }
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (ssl->async == NULL) {
-        ssl->async = (struct WOLFSSL_ASYNC*)
-                XMALLOC(sizeof(struct WOLFSSL_ASYNC), ssl->heap,
-                        DYNAMIC_TYPE_ASYNC);
-        if (ssl->async == NULL)
-            ERROR_OUT(MEMORY_E, exit_sk);
-    }
-    args = (SetupKeysArgs*)ssl->async->args;
-
-    ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
-        /* Check for error */
-        if (ret < 0)
-            goto exit_sk;
-    }
-    else
-#endif
-    {
-        /* Reset state */
-        ret = 0;
-        ssl->options.asyncState = TLS_ASYNC_BEGIN;
-        XMEMSET(args, 0, sizeof(SetupKeysArgs));
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        ssl->async->freeArgs = FreeSetupKeysArgs;
-    #endif
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        args->key = (SnifferKey*)XMALLOC(sizeof(SnifferKey), NULL,
-            DYNAMIC_TYPE_SNIFFER_KEY);
-    #endif
-    }
-
-#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
-    devId = CryptoDeviceId;
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (args->key == NULL) {
-        ERROR_OUT(MEMORY_E, exit_sk);
-    }
-#endif
-
-    #if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-    if (session->context->useKeyLogFile) {
-        ret = 0;
-        XMEMSET(args, 0, sizeof(SetupKeysArgs));
-
-        /* We want to skip all the key setup and go right to master secret generation, which is
-         * where we inject the master secret obtained from the keylog file */
-        ssl->options.asyncState = TLS_ASYNC_FINALIZE;
-    }
-    #endif
-
-    switch (ssl->options.asyncState) {
-    case TLS_ASYNC_BEGIN:
-    {
-    #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
-        int useCurveId = 0;
-        if (ksInfo && ksInfo->curve_id != 0) {
-            useCurveId = ksInfo->curve_id;
-        }
-    #endif
-
-    #if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
-        if (ctx->staticKELockInit &&
-            wc_LockMutex(&ctx->staticKELock) == 0) {
-            args->keyLocked = 1;
-        }
-    #endif
-
-    #ifndef NO_RSA
-        /* Static RSA */
-        if (ksInfo == NULL && ssl->buffers.key) {
-            ret = wc_InitRsaKey_ex(&args->key->priv.rsa, NULL, devId);
-            if (ret == 0) {
-                args->key->type = WC_PK_TYPE_RSA;
-                args->key->initPriv = 1;
-                args->keyBuf = ssl->buffers.key;
-            #ifdef WOLFSSL_ASYNC_CRYPT
-                ret = wolfSSL_AsyncInit(ssl, &args->key->priv.rsa.asyncDev,
-                    WC_ASYNC_FLAG_CALL_AGAIN);
-            #endif
-            }
-            if (ret == 0) {
-                idx = 0;
-                ret = wc_RsaPrivateKeyDecode(args->keyBuf->buffer, &idx,
-                    &args->key->priv.rsa, args->keyBuf->length);
-                if (ret != 0) {
-                #ifndef HAVE_ECC
-                    SetError(RSA_DECODE_STR, error, session,
-                        FATAL_ERROR_STATE);
-                    break;
-                #else
-                    /* If we can do ECC, this isn't fatal. Not loading a key
-                     * later will be fatal, though. */
-                    SetError(RSA_DECODE_STR, error, session, 0);
-                    args->keyBuf = NULL;
-                #endif
-                }
-            }
-
-            if (ret == 0) {
-                args->length = wc_RsaEncryptSize(&args->key->priv.rsa);
-                if (IsTLS(session->sslServer)) {
-                    input += 2;     /* tls pre length */
-                }
-
-                if (args->length > *sslBytes) {
-                    SetError(PARTIAL_INPUT_STR, error, session,
-                        FATAL_ERROR_STATE);
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-
-        #ifdef WC_RSA_BLINDING
-            if (ret == 0) {
-                ret = wc_RsaSetRNG(&args->key->priv.rsa,
-                    session->sslServer->rng);
-                if (ret != 0) {
-                    SetError(RSA_DECRYPT_STR, error, session,
-                        FATAL_ERROR_STATE);
-                }
-            }
-        #endif
-
-            if (ret == 0) {
-                session->keySz = args->length * WOLFSSL_BIT_SIZE;
-                /* length is the key size in bytes */
-                session->sslServer->arrays->preMasterSz = SECRET_LEN;
-            }
-        }
-    #endif /* !NO_RSA */
-
-    #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
-        /* Static DH Key */
-        if (ksInfo && ksInfo->dh_key_bits != 0 && args->keyBuf == NULL) {
-        #ifdef HAVE_PUBLIC_FFDHE
-            const DhParams* params;
-        #endif
-
-            /* try and load static ephemeral */
-        #ifdef WOLFSSL_STATIC_EPHEMERAL
-            args->keyBuf = ssl->staticKE.dhKey;
-            if (args->keyBuf == NULL)
-                args->keyBuf = ctx->staticKE.dhKey;
-        #endif
-
-            ret = 0;
-        #ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
-            if (KeyCb != NULL) {
-                if (args->keyBuf == NULL) {
-                    ret = AllocDer(&args->keyBuf, FILE_BUFFER_SIZE,
-                        PRIVATEKEY_TYPE, NULL);
-                    if (ret == 0)
-                        args->keyBufFree = 1;
-                }
-                ret = KeyCb(session, ksInfo->named_group,
-                    session->srvKs.key, session->srvKs.key_len,
-                    session->cliKs.key, session->cliKs.key_len,
-                    args->keyBuf, KeyCbCtx, error);
-                if (ret != 0) {
-                    SetError(-1, error, session, FATAL_ERROR_STATE);
-                }
-            }
-        #endif
-            if (ret == 0 && args->keyBuf == NULL) {
-                ret = BUFFER_E;
-            }
-
-        #ifdef HAVE_PUBLIC_FFDHE
-            if (ret == 0) {
-                /* get DH params */
-                switch (ksInfo->named_group) {
-                #ifdef HAVE_FFDHE_2048
-                    case WOLFSSL_FFDHE_2048:
-                        params = wc_Dh_ffdhe2048_Get();
-                        args->key->priv.dh.privKeySz = 29;
-                        break;
-                #endif
-                #ifdef HAVE_FFDHE_3072
-                    case WOLFSSL_FFDHE_3072:
-                        params = wc_Dh_ffdhe3072_Get();
-                        args->key->priv.dh.privKeySz = 34;
-                        break;
-                #endif
-                #ifdef HAVE_FFDHE_4096
-                    case WOLFSSL_FFDHE_4096:
-                        params = wc_Dh_ffdhe4096_Get();
-                        args->key->priv.dh.privKeySz = 39;
-                        break;
-                #endif
-                #ifdef HAVE_FFDHE_6144
-                    case WOLFSSL_FFDHE_6144:
-                        params = wc_Dh_ffdhe6144_Get();
-                        args->key->priv.dh.privKeySz = 46;
-                        break;
-                #endif
-                #ifdef HAVE_FFDHE_8192
-                    case WOLFSSL_FFDHE_8192:
-                        params = wc_Dh_ffdhe8192_Get();
-                        args->key->priv.dh.privKeySz = 52;
-                        break;
-                #endif
-                    default:
-                        ret = BAD_FUNC_ARG;
-                }
-            }
-        #endif
-
-            if (ret == 0) {
-                ret = wc_InitDhKey_ex(&args->key->priv.dh.key, NULL, devId);
-                if (ret == 0) {
-                    args->key->type = WC_PK_TYPE_DH;
-                    args->key->initPriv = 1;
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    ret = wolfSSL_AsyncInit(ssl,
-                        &args->key->priv.dh.key.asyncDev, WC_ASYNC_FLAG_NONE);
-                #endif
-                }
-            }
-            if (ret == 0) {
-        #ifdef HAVE_PUBLIC_FFDHE
-                ret = wc_DhSetKey(&args->key->priv.dh.key,
-                    (byte*)params->p, params->p_len,
-                    (byte*)params->g, params->g_len);
-                args->key->priv.dh.pLen = params->p_len;
-        #else
-                ret = wc_DhSetNamedKey(&args->key->priv.dh.key,
-                    ksInfo->named_group);
-                if (ret == 0) {
-                    args->key->priv.dh.privKeySz =
-                        wc_DhGetNamedKeyMinSize(ksInfo->named_group);
-                    ret = wc_DhGetNamedKeyParamSize(ksInfo->named_group,
-                            &args->key->priv.dh.pLen, NULL, NULL);
-                }
-        #endif
-            }
-            if (ret == 0) {
-                idx = 0;
-                ret = wc_DhKeyDecode(args->keyBuf->buffer, &idx,
-                    &args->key->priv.dh.key, args->keyBuf->length);
-            }
-            if (ret == 0) {
-                ret = wc_DhExportKeyPair(&args->key->priv.dh.key,
-                    args->key->priv.dh.privKey, &args->key->priv.dh.privKeySz,
-                    NULL, NULL);
-            }
-        }
-    #endif /* !NO_DH && WOLFSSL_DH_EXTRA */
-
-    #ifdef HAVE_ECC
-        /* Static ECC Key */
-        if (useCurveId >= 0 && args->keyBuf == NULL
-        #ifdef HAVE_CURVE25519
-            && useCurveId != ECC_X25519
-        #endif
-        #ifdef HAVE_CURVE448
-            && useCurveId != ECC_X448
-        #endif
-        ) {
-            /* try and load static ephemeral */
-        #ifdef WOLFSSL_STATIC_EPHEMERAL
-            args->keyBuf = ssl->staticKE.ecKey;
-            if (args->keyBuf == NULL)
-                args->keyBuf = ctx->staticKE.ecKey;
-        #endif
-
-            /* try static ECC */
-            if (args->keyBuf == NULL) {
-                args->keyBuf = session->sslServer->buffers.key;
-            }
-
-            ret = 0;
-        #ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
-            if (KeyCb != NULL && ksInfo) {
-                if (args->keyBuf == NULL) {
-                    ret = AllocDer(&args->keyBuf, FILE_BUFFER_SIZE,
-                        PRIVATEKEY_TYPE, NULL);
-                    if (ret == 0)
-                        args->keyBufFree = 1;
-                }
-                ret = KeyCb(session, ksInfo->named_group,
-                    session->srvKs.key, session->srvKs.key_len,
-                    session->cliKs.key, session->cliKs.key_len,
-                    args->keyBuf, KeyCbCtx, error);
-                if (ret != 0) {
-                    SetError(-1, error, session, FATAL_ERROR_STATE);
-                }
-            }
-        #endif
-
-            if (ret == 0 && args->keyBuf == NULL) {
-                ret = BUFFER_E;
-            }
-            if (ret == 0) {
-                ret = wc_ecc_init_ex(&args->key->priv.ecc, NULL, devId);
-                if (ret == 0) {
-                    args->key->type = WC_PK_TYPE_ECDH;
-                    args->key->initPriv = 1;
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    ret = wolfSSL_AsyncInit(ssl, &args->key->priv.ecc.asyncDev,
-                        WC_ASYNC_FLAG_CALL_AGAIN);
-                #endif
-                }
-        }
-        #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
-            (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
-            !defined(HAVE_SELFTEST)
-            if (ret == 0) {
-                ret = wc_ecc_set_rng(&args->key->priv.ecc,
-                    session->sslServer->rng);
-            }
-        #endif
-            if (ret == 0) {
-                idx = 0;
-                ret = wc_EccPrivateKeyDecode(args->keyBuf->buffer, &idx,
-                    &args->key->priv.ecc, args->keyBuf->length);
-                if (ret != 0) {
-                    SetError(ECC_DECODE_STR, error, session, FATAL_ERROR_STATE);
-                }
-            }
-
-            if (ret == 0) {
-                args->length = wc_ecc_size(&args->key->priv.ecc) * 2 + 1;
-                /* The length should be 2 times the key size (x and y), plus 1
-                * for the type byte. */
-                if (!IsAtLeastTLSv1_3(session->sslServer->version)) {
-                    input += 1; /* Don't include the TLS length for the key. */
-                }
-
-                if (args->length > *sslBytes) {
-                    SetError(PARTIAL_INPUT_STR, error, session,
-                        FATAL_ERROR_STATE);
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-
-                /* if curve not provided in key share data, then use private
-                 * key curve */
-                if (useCurveId == 0 && args->key->priv.ecc.dp) {
-                    /* this is for the static ECC case */
-                    useCurveId = args->key->priv.ecc.dp->id;
-                }
-            }
-            if (ret == 0) {
-                ret = wc_ecc_init(&args->key->pub.ecc);
-                if (ret == 0)
-                    args->key->initPub = 1;
-            }
-            if (ret == 0) {
-                ret = wc_ecc_import_x963_ex(input, args->length,
-                    &args->key->pub.ecc, useCurveId);
-                if (ret != 0) {
-                    SetError(ECC_PUB_DECODE_STR, error, session,
-                        FATAL_ERROR_STATE);
-                }
-            }
-            if (ret == 0) {
-                session->keySz = ((args->length - 1) / 2) * WOLFSSL_BIT_SIZE;
-                /* Length is in bytes. Subtract 1 for the ECC key type. Divide
-                * by two as the key is in (x,y) coordinates, where x and y are
-                * the same size, the key size. Convert from bytes to bits. */
-                session->sslServer->arrays->preMasterSz = ENCRYPT_LEN;
-            }
-        }
-    #endif /* HAVE_ECC */
-
-    #ifdef HAVE_CURVE25519
-        /* Static Curve25519 Key */
-        if (useCurveId == ECC_X25519) {
-            /* try and load static ephemeral */
-        #ifdef WOLFSSL_STATIC_EPHEMERAL
-            args->keyBuf = ssl->staticKE.x25519Key;
-            if (args->keyBuf == NULL)
-                args->keyBuf = ctx->staticKE.x25519Key;
-        #endif
-
-            ret = 0;
-        #ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
-            if (KeyCb != NULL && ksInfo) {
-                if (args->keyBuf == NULL) {
-                    ret = AllocDer(&args->keyBuf, FILE_BUFFER_SIZE,
-                        PRIVATEKEY_TYPE, NULL);
-                    if (ret == 0)
-                        args->keyBufFree = 1;
-                }
-                ret = KeyCb(session, ksInfo->named_group,
-                    session->srvKs.key, session->srvKs.key_len,
-                    session->cliKs.key, session->cliKs.key_len,
-                    args->keyBuf, KeyCbCtx, error);
-                if (ret != 0) {
-                    SetError(-1, error, session, FATAL_ERROR_STATE);
-                    break;
-                }
-            }
-        #endif
-
-            if (ret == 0 && args->keyBuf == NULL) {
-                ret = BUFFER_E;
-            }
-            if (ret == 0) {
-                ret = wc_curve25519_init_ex(&args->key->priv.x25519, NULL,
-                    devId);
-                if (ret == 0) {
-                    args->key->type = WC_PK_TYPE_CURVE25519;
-                    args->key->initPriv = 1;
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    ret = wolfSSL_AsyncInit(ssl,
-                        &args->key->priv.x25519.asyncDev,
-                        WC_ASYNC_FLAG_CALL_AGAIN);
-                #endif
-                }
-            }
-            if (ret == 0) {
-                idx = 0;
-                ret = wc_Curve25519PrivateKeyDecode(args->keyBuf->buffer, &idx,
-                    &args->key->priv.x25519, args->keyBuf->length);
-                if (ret != 0) {
-                    SetError(ECC_DECODE_STR, error, session, FATAL_ERROR_STATE);
-                }
-            }
-
-            if (ret == 0) {
-                args->length = CURVE25519_KEYSIZE;
-                if (args->length > *sslBytes) {
-                    SetError(PARTIAL_INPUT_STR, error, session,
-                        FATAL_ERROR_STATE);
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            if (ret == 0) {
-                ret = wc_curve25519_init(&args->key->pub.x25519);
-                if (ret == 0)
-                    args->key->initPub = 1;
-            }
-            if (ret == 0) {
-                ret = wc_curve25519_import_public_ex(input, args->length,
-                    &args->key->pub.x25519, EC25519_LITTLE_ENDIAN);
-                if (ret != 0) {
-                    SetError(ECC_PUB_DECODE_STR, error, session,
-                        FATAL_ERROR_STATE);
-                }
-            }
-
-            if (ret == 0) {
-                /* For Curve25519 length is always 32 */
-                session->keySz = CURVE25519_KEYSIZE;
-                session->sslServer->arrays->preMasterSz = ENCRYPT_LEN;
-            }
-        }
-    #endif /* HAVE_CURVE25519 */
-
-    #ifdef HAVE_CURVE448
-        /* Static Curve448 Key */
-        if (useCurveId == ECC_X448) {
-            /* try and load static ephemeral */
-        #ifdef WOLFSSL_STATIC_EPHEMERAL
-            args->keyBuf = ssl->staticKE.x448Key;
-            if (args->keyBuf == NULL)
-                args->keyBuf = ctx->staticKE.x448Key;
-        #endif
-
-            ret = 0;
-        #ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
-            if (KeyCb != NULL && ksInfo) {
-                if (args->keyBuf == NULL) {
-                    ret = AllocDer(&args->keyBuf, FILE_BUFFER_SIZE,
-                        PRIVATEKEY_TYPE, NULL);
-                    if (ret == 0)
-                        args->keyBufFree = 1;
-                }
-                ret = KeyCb(session, ksInfo->named_group,
-                    session->srvKs.key, session->srvKs.key_len,
-                    session->cliKs.key, session->cliKs.key_len,
-                    args->keyBuf, KeyCbCtx, error);
-                if (ret != 0) {
-                    SetError(-1, error, session, FATAL_ERROR_STATE);
-                    break;
-                }
-            }
-        #endif
-
-            if (ret == 0 && args->keyBuf == NULL) {
-                ret = BUFFER_E;
-            }
-            if (ret == 0) {
-                ret = wc_curve448_init(&args->key->priv.x448);
-                if (ret == 0) {
-                    args->key->type = WC_PK_TYPE_CURVE448;
-                    args->key->initPriv = 1;
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    ret = wolfSSL_AsyncInit(ssl, &args->key->priv.x448.asyncDev,
-                        WC_ASYNC_FLAG_CALL_AGAIN);
-                #endif
-                }
-            }
-            if (ret == 0) {
-                idx = 0;
-                ret = wc_Curve448PrivateKeyDecode(args->keyBuf->buffer, &idx,
-                    &args->key->priv.x448, args->keyBuf->length);
-                if (ret != 0) {
-                    SetError(ECC_DECODE_STR, error, session, FATAL_ERROR_STATE);
-                }
-            }
-
-            if (ret == 0) {
-                args->length = CURVE448_KEY_SIZE;
-                if (args->length > *sslBytes) {
-                    SetError(PARTIAL_INPUT_STR, error, session,
-                        FATAL_ERROR_STATE);
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            if (ret == 0) {
-                ret = wc_curve448_init(&args->key->pub.x448);
-                if (ret == 0)
-                    args->key->initPub = 1;
-            }
-            if (ret == 0) {
-                ret = wc_curve448_import_public_ex(input, args->length,
-                    &args->key->pub.x448, EC448_LITTLE_ENDIAN);
-                if (ret != 0) {
-                    SetError(ECC_PUB_DECODE_STR, error, session,
-                        FATAL_ERROR_STATE);
-                }
-            }
-
-            if (ret == 0) {
-                session->keySz = CURVE448_KEY_SIZE;
-                session->sslServer->arrays->preMasterSz = ENCRYPT_LEN;
-            }
-        }
-    #endif /* HAVE_CURVE448 */
-
-    #if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
-        if (args->keyLocked) {
-            wc_UnLockMutex(&ctx->staticKELock);
-        }
-    #endif
-
-        /* make sure a key type was found */
-        if (args->key->type == WC_PK_TYPE_NONE) {
-            ret = NOT_COMPILED_IN;
-        }
-
-        /* check for errors before moving to next state */
-        if (ret < 0) {
-            break;
-        }
-
-        /* Advance state and proceed */
-        ssl->options.asyncState = TLS_ASYNC_DO;
-    } /* case TLS_ASYNC_BEGIN */
-    FALL_THROUGH;
-
-    case TLS_ASYNC_DO:
-    {
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        WC_ASYNC_DEV* asyncDev = NULL;
-    #endif
-    #ifndef NO_RSA
-        if (args->key->type == WC_PK_TYPE_RSA) {
-            ret = wc_RsaPrivateDecrypt(input, args->length,
-                    session->sslServer->arrays->preMasterSecret,
-                    session->sslServer->arrays->preMasterSz,
-                    &args->key->priv.rsa);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            asyncDev = &args->key->priv.rsa.asyncDev;
-        #endif
-        }
-    #endif /* !NO_RSA */
-    #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
-        if (args->key->type == WC_PK_TYPE_DH) {
-            /* Derive secret from private key and peer's public key */
-            ret = wc_DhAgree(&args->key->priv.dh.key,
-                session->sslServer->arrays->preMasterSecret,
-                &session->sslServer->arrays->preMasterSz,
-                args->key->priv.dh.privKey, args->key->priv.dh.privKeySz,
-                input, *sslBytes);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            asyncDev = &args->key->priv.dh.key.asyncDev;
-        #endif
-        }
-    #endif /* !NO_DH && WOLFSSL_DH_EXTRA */
-    #ifdef HAVE_ECC
-        if (args->key->type == WC_PK_TYPE_ECDH) {
-            ret = wc_ecc_shared_secret(&args->key->priv.ecc,
-                &args->key->pub.ecc,
-                session->sslServer->arrays->preMasterSecret,
-                &session->sslServer->arrays->preMasterSz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            asyncDev = &args->key->priv.ecc.asyncDev;
-        #endif
-        }
-    #endif /* HAVE_ECC */
-    #ifdef HAVE_CURVE25519
-        if (args->key->type == WC_PK_TYPE_CURVE25519) {
-            ret = wc_curve25519_shared_secret_ex(&args->key->priv.x25519,
-                &args->key->pub.x25519,
-                session->sslServer->arrays->preMasterSecret,
-                &session->sslServer->arrays->preMasterSz,
-                EC25519_LITTLE_ENDIAN);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            asyncDev = &args->key->priv.x25519.asyncDev;
-        #endif
-        }
-    #endif /* HAVE_CURVE25519 */
-    #ifdef HAVE_CURVE448
-        if (args->key->type == WC_PK_TYPE_CURVE448) {
-            ret = wc_curve448_shared_secret_ex(&args->key->priv.x448,
-                &args->key->pub.x448,
-                session->sslServer->arrays->preMasterSecret,
-                &session->sslServer->arrays->preMasterSz, EC448_LITTLE_ENDIAN);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            asyncDev = &args->key->priv.x448.asyncDev;
-        #endif
-        }
-    #endif /* HAVE_CURVE448 */
-
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-            /* Handle async pending response */
-            ret = wolfSSL_AsyncPush(ssl, asyncDev);
-            break;
-        }
-    #endif /* WOLFSSL_ASYNC_CRYPT */
-
-        /* check for errors before moving to next state */
-        if (ret < 0) {
-            break;
-        }
-
-        /* Advance state and proceed */
-        ssl->options.asyncState = TLS_ASYNC_VERIFY;
-    } /* case TLS_ASYNC_DO */
-    FALL_THROUGH;
-
-    case TLS_ASYNC_VERIFY:
-    {
-    #ifndef NO_RSA
-        if (args->key->type == WC_PK_TYPE_RSA) {
-            if (ret != SECRET_LEN) {
-                SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
-                ret = RSA_BUFFER_E;
-            }
-        }
-    #endif /* !NO_RSA */
-    #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
-        if (args->key->type == WC_PK_TYPE_DH) {
-            /* left-padded with zeros up to the size of the prime */
-            if (args->key->priv.dh.pLen >
-                                      session->sslServer->arrays->preMasterSz) {
-                word32 diff = args->key->priv.dh.pLen -
-                              session->sslServer->arrays->preMasterSz;
-                XMEMMOVE(session->sslServer->arrays->preMasterSecret + diff,
-                        session->sslServer->arrays->preMasterSecret,
-                        session->sslServer->arrays->preMasterSz);
-                XMEMSET(session->sslServer->arrays->preMasterSecret, 0, diff);
-                session->sslServer->arrays->preMasterSz=args->key->priv.dh.pLen;
-            }
-        }
-    #endif /* !NO_DH && WOLFSSL_DH_EXTRA */
-
-        /* check for errors before moving to next state */
-        if (ret < 0) {
-            break;
-        }
-
-        /* Advance state and proceed */
-        ssl->options.asyncState = TLS_ASYNC_FINALIZE;
-    } /* case TLS_ASYNC_VERIFY */
-    FALL_THROUGH;
-
-    case TLS_ASYNC_FINALIZE:
-    {
-    #if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-        if (!session->context->useKeyLogFile)
-    #endif /* !WOLFSSL_SNIFFER_KEYLOGFILE */
-        {
-            /* store for client side as well */
-            XMEMCPY(session->sslClient->arrays->preMasterSecret,
-                    session->sslServer->arrays->preMasterSecret,
-                    session->sslServer->arrays->preMasterSz);
-            session->sslClient->arrays->preMasterSz =
-                session->sslServer->arrays->preMasterSz;
-        }
-
-    #ifdef SHOW_SECRETS
-        PrintSecret("pre master secret",
-                    session->sslServer->arrays->preMasterSecret,
-                    session->sslServer->arrays->preMasterSz);
-    #endif
-
-        if (SetCipherSpecs(session->sslServer) != 0) {
-            SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
-            session->verboseErr = 1;
-            ret = WOLFSSL_FATAL_ERROR; break;
-        }
-
-        if (SetCipherSpecs(session->sslClient) != 0) {
-            SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
-            session->verboseErr = 1;
-            ret = WOLFSSL_FATAL_ERROR; break;
-        }
-
-    #ifdef WOLFSSL_TLS13
-        /* TLS v1.3 derive handshake key */
-        if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-            ret  = DeriveEarlySecret(session->sslServer);
-            ret += DeriveEarlySecret(session->sslClient);
-            ret += DeriveHandshakeSecret(session->sslServer);
-            ret += DeriveHandshakeSecret(session->sslClient);
-            ret += DeriveTls13Keys(session->sslServer, handshake_key,
-                ENCRYPT_AND_DECRYPT_SIDE, 1);
-            ret += DeriveTls13Keys(session->sslClient, handshake_key,
-                ENCRYPT_AND_DECRYPT_SIDE, 1);
-        #ifdef WOLFSSL_EARLY_DATA
-            ret += SetKeysSide(session->sslServer, DECRYPT_SIDE_ONLY);
-            ret += SetKeysSide(session->sslClient, DECRYPT_SIDE_ONLY);
-        #else
-            ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
-            ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
-        #endif
-        }
-        else
-    #endif /* WOLFSSL_TLS13 */
-        {
-            ret  = MakeMasterSecret(session->sslServer);
-            ret += MakeMasterSecret(session->sslClient);
-            ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
-            ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
-        }
-        if (ret != 0) {
-            SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
-            ret = WOLFSSL_FATAL_ERROR; break;
-        }
-
-    #ifdef SHOW_SECRETS
-        #ifdef WOLFSSL_TLS13
-        if (!IsAtLeastTLSv1_3(session->sslServer->version))
-        #endif
-        {
-            ShowTlsSecrets(session);
-        }
-    #endif
-
-        CallConnectionCb(session);
-
-        break;
-    } /* case TLS_ASYNC_FINALIZE */
-
-    default:
-        ret = INPUT_CASE_ERROR;
-    } /* switch(ssl->options.asyncState) */
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-exit_sk:
-
-    /* Handle async pending response */
-    if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-        return ret;
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifdef WOLFSSL_SNIFFER_STATS
-    if (ret < 0)
-        INC_STAT(SnifferStats.sslKeyFails);
-#endif
-
-    /* Final cleanup */
-#ifdef WOLFSSL_ASYNC_CRYPT
-    FreeAsyncCtx(ssl, 1);
-#else
-    FreeSetupKeysArgs(ssl, args);
-#endif
-#ifndef WOLFSSL_STATIC_EPHEMERAL
-    (void)ctx;
-#endif
-
-    return ret;
-}
-
-/* Process Client Key Exchange */
-static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
-                            SnifferSession* session, char* error)
-{
-    int ret;
-
-#ifndef WOLFSSL_STATIC_EPHEMERAL
-    if (session->sslServer->buffers.key == NULL ||
-        session->sslServer->buffers.key->buffer == NULL ||
-        session->sslServer->buffers.key->length == 0) {
-
-        SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-#endif
-
-    ret = SetupKeys(input, sslBytes, session, error, NULL);
-
-    return ret;
-}
-
-#ifdef WOLFSSL_TLS13
-static int ProcessKeyShare(KeyShareInfo* info, const byte* input, int len,
-    word16 filter_group)
-{
-    int idx = 0;
-    while (idx < len) {
-        /* clear info (reset dh_key_bits and curve_id) */
-        XMEMSET(info, 0, sizeof(KeyShareInfo));
-
-        /* Named group and public key */
-        if (idx + OPAQUE16_LEN > len) {
-            return WOLFSSL_FATAL_ERROR;
-        }
-        info->named_group = (word16)((input[idx] << 8) | input[idx+1]);
-        idx += OPAQUE16_LEN;
-        info->key_len = 0;
-        info->key = NULL;
-        /* If key was provided... (a hello_retry_request will not send a key) */
-        if (idx + 2 <= len) {
-            info->key_len = (word16)((input[idx] << 8) | input[idx+1]);
-            idx += OPAQUE16_LEN;
-            if (info->key_len == 0 || info->key_len > len - idx) {
-                return WOLFSSL_FATAL_ERROR;
-            }
-            info->key = &input[idx];
-            idx += info->key_len;
-        }
-
-        switch (info->named_group) {
-    #ifndef NO_DH
-        #ifdef HAVE_FFDHE_2048
-            case WOLFSSL_FFDHE_2048:
-                info->dh_key_bits = 2048;
-                break;
-        #endif
-        #ifdef HAVE_FFDHE_3072
-            case WOLFSSL_FFDHE_3072:
-                info->dh_key_bits = 3072;
-                break;
-        #endif
-        #ifdef HAVE_FFDHE_4096
-            case WOLFSSL_FFDHE_4096:
-                info->dh_key_bits = 4096;
-                break;
-        #endif
-        #ifdef HAVE_FFDHE_6144
-            case WOLFSSL_FFDHE_6144:
-                info->dh_key_bits = 6144;
-                break;
-        #endif
-        #ifdef HAVE_FFDHE_8192
-            case WOLFSSL_FFDHE_8192:
-                info->dh_key_bits = 8192;
-                break;
-        #endif
-    #endif /* !NO_DH */
-    #ifdef HAVE_ECC
-        #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
-            #ifndef NO_ECC_SECP
-            case WOLFSSL_ECC_SECP256R1:
-                info->curve_id = ECC_SECP256R1;
-                break;
-            #endif /* !NO_ECC_SECP */
-            #ifdef WOLFSSL_SM2
-            case WOLFSSL_ECC_SM2P256V1:
-                info->curve_id = ECC_SM2P256V1;
-                break;
-            #endif /* WOLFSSL_SM2 */
-        #endif
-        #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
-            #ifndef NO_ECC_SECP
-            case WOLFSSL_ECC_SECP384R1:
-                info->curve_id = ECC_SECP384R1;
-                break;
-            #endif /* !NO_ECC_SECP */
-        #endif
-        #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
-            #ifndef NO_ECC_SECP
-            case WOLFSSL_ECC_SECP521R1:
-                info->curve_id = ECC_SECP521R1;
-                break;
-            #endif /* !NO_ECC_SECP */
-        #endif
-    #endif /* HAVE_ECC */
-        #ifdef HAVE_CURVE25519
-            case WOLFSSL_ECC_X25519:
-                info->curve_id = ECC_X25519;
-                break;
-        #endif
-        #ifdef HAVE_CURVE448
-            case WOLFSSL_ECC_X448:
-                info->curve_id = ECC_X448;
-                break;
-        #endif
-            default:
-                /* do not throw error here, keep iterating the client key share */
-                break;
-        }
-
-        if (filter_group == 0 || filter_group == info->named_group) {
-            return 0;
-        }
-    }
-    return NO_PEER_KEY; /* unsupported key type */
-}
-
-static int ProcessServerKeyShare(SnifferSession* session, const byte* input, int len,
-    char* error)
-{
-    int ret;
-
-    if (session->cliKeyShare == NULL || session->cliKeyShareSz == 0) {
-        /* session->cliKeyShareSz could not be provided yet if the client_hello
-            did not send a key share to force a hello_retry_request */
-        return 0;
-    }
-
-    /* Get server_hello key share (and key) */
-    ret = ProcessKeyShare(&session->srvKs, input, len, 0);
-    if (ret == 0 && session->srvKs.key_len > 0) {
-        /* Get client_hello key share */
-        ret = ProcessKeyShare(&session->cliKs, session->cliKeyShare,
-            session->cliKeyShareSz, session->srvKs.named_group);
-    }
-    if (ret != 0) {
-        SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_TLS13 */
-
-/* Process Session Ticket */
-static int ProcessSessionTicket(const byte* input, int* sslBytes,
-                                SnifferSession* session, char* error)
-{
-    word16 len;
-
-#ifdef WOLFSSL_TLS13
-    WOLFSSL* ssl;
-
-    if (session->flags.side == WOLFSSL_SERVER_END)
-        ssl = session->sslServer;
-    else
-        ssl = session->sslClient;
-#endif
-
-    /* make sure can read through hint len */
-    if (TICKET_HINT_LEN > *sslBytes) {
-        SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    input     += TICKET_HINT_LEN; /* skip over hint len */
-    *sslBytes -= TICKET_HINT_LEN;
-
-#ifdef WOLFSSL_TLS13
-    /* TLS v1.3 has hint age and nonce */
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        /* make sure can read through hint age and nonce len */
-        if (TICKET_HINT_AGE_LEN + 1 > *sslBytes) {
-            SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        input     += TICKET_HINT_AGE_LEN; /* skip over hint age */
-        *sslBytes -= TICKET_HINT_AGE_LEN;
-
-        /* ticket nonce */
-        len = input[0];
-        if (len > MAX_TICKET_NONCE_STATIC_SZ) {
-            SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        input += OPAQUE8_LEN;
-        *sslBytes -= OPAQUE8_LEN;
-    #ifdef HAVE_SESSION_TICKET
-        /* store nonce in server for DeriveResumptionPSK */
-        session->sslServer->session->ticketNonce.len = len;
-        if (len > 0)
-            XMEMCPY(session->sslServer->session->ticketNonce.data, input, len);
-    #endif
-        input += len;
-        *sslBytes -= len;
-    }
-#endif
-
-    /* make sure can read through len */
-    if (OPAQUE16_LEN > *sslBytes) {
-        SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    len = (word16)((input[0] << 8) | input[1]);
-    input     += OPAQUE16_LEN;
-    *sslBytes -= OPAQUE16_LEN;
-
-    /* make sure can read through ticket */
-    if (len > *sslBytes) {
-        SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-#ifdef WOLFSSL_TLS13
-    /* TLS v1.3 has hint age and nonce */
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        /* Note: Must use server session for sessions */
-    #ifdef HAVE_SESSION_TICKET
-        WOLFSSL_SESSION* sess;
-        if (SetTicket(session->sslServer, input, len) != 0) {
-            SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-        /* set haveSessionId to use the wolfSession cache */
-        session->sslServer->options.haveSessionId = 1;
-
-    #ifdef SNIFFER_SINGLE_SESSION_CACHE
-        /* Use the wolf Session cache to retain resumption secret */
-        if (session->flags.cached == 0) {
-    #endif /* SNIFFER_SINGLE_SESSION_CACHE */
-            sess = wolfSSL_GetSession(session->sslServer, NULL, 0);
-            if (sess == NULL) {
-                SetupSession(session->sslServer);
-                AddSession(session->sslServer); /* don't re add */
-            #ifdef WOLFSSL_SNIFFER_STATS
-                INC_STAT(SnifferStats.sslResumptionInserts);
-            #endif
-            }
-    #ifdef SNIFFER_SINGLE_SESSION_CACHE
-            session->flags.cached = 1;
-        }
-    #endif /* SNIFFER_SINGLE_SESSION_CACHE */
-    #endif /* HAVE_SESSION_TICKET */
-    }
-    else
-#endif /* WOLFSSL_TLS13 */
-    {
-        /* capture last part of sessionID as macID (32 bytes) */
-        if (len < ID_LEN) {
-            SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        /* store session with macID as sessionID */
-        session->sslServer->options.haveSessionId = 1;
-        if (session->sslServer->arrays) {
-            XMEMCPY(session->sslServer->arrays->sessionID,
-                input + len - ID_LEN, ID_LEN);
-            session->sslServer->arrays->sessionIDSz = ID_LEN;
-        }
-    }
-
-    return 0;
-}
-
-static int DoResume(SnifferSession* session, char* error)
-{
-    int ret = 0;
-    WOLFSSL_SESSION* resume;
-
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-        resume = wolfSSL_GetSession(session->sslServer,
-                                    session->sslServer->session->masterSecret, 0);
-        if (resume == NULL) {
-            /* TLS v1.3 with hello_retry uses session_id even for new session,
-                so ignore error here */
-            return 0;
-        }
-    }
-    else
-#endif
-    {
-    #ifdef HAVE_SESSION_TICKET
-        /* make sure "useTicket" is not set, otherwise the session will not be
-         * properly retrieved */
-        session->sslServer->options.useTicket = 0;
-    #endif
-        resume = wolfSSL_GetSession(session->sslServer,
-                                    session->sslServer->arrays->masterSecret, 0);
-        if (resume == NULL) {
-        #ifdef WOLFSSL_SNIFFER_STATS
-            INC_STAT(SnifferStats.sslResumeMisses);
-        #endif
-            SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    /* make sure client has master secret too */
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-        XMEMCPY(session->sslClient->session->masterSecret,
-                session->sslServer->session->masterSecret, SECRET_LEN);
-    }
-    else
-#endif
-    {
-        XMEMCPY(session->sslClient->arrays->masterSecret,
-                session->sslServer->arrays->masterSecret, SECRET_LEN);
-    }
-    session->flags.resuming = 1;
-
-    Trace(SERVER_DID_RESUMPTION_STR);
-#ifdef WOLFSSL_SNIFFER_STATS
-    INC_STAT(SnifferStats.sslResumedConns);
-#endif
-    if (SetCipherSpecs(session->sslServer) != 0) {
-        SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
-        session->verboseErr = 1;
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (SetCipherSpecs(session->sslClient) != 0) {
-        SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
-        session->verboseErr = 1;
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-    #ifdef HAVE_SESSION_TICKET
-        /* Resumption PSK is resumption master secret. */
-        session->sslServer->arrays->psk_keySz = session->sslServer->specs.hash_size;
-        session->sslClient->arrays->psk_keySz = session->sslClient->specs.hash_size;
-        ret  = DeriveResumptionPSK(session->sslServer,
-            session->sslServer->session->ticketNonce.data,
-            session->sslServer->session->ticketNonce.len,
-            session->sslServer->arrays->psk_key);
-        /* Copy resumption PSK to client */
-        XMEMCPY(session->sslClient->arrays->psk_key,
-            session->sslServer->arrays->psk_key,
-            session->sslServer->arrays->psk_keySz);
-    #endif
-        /* handshake key setup below and traffic keys done in SetupKeys */
-    }
-    else
-#endif
-    {
-        if (IsTLS(session->sslServer)) {
-            ret =  DeriveTlsKeys(session->sslServer);
-            ret += DeriveTlsKeys(session->sslClient);
-        }
-        else {
-#ifndef NO_OLD_TLS
-            ret =  DeriveKeys(session->sslServer);
-            ret += DeriveKeys(session->sslClient);
-#endif
-        }
-        ret += SetKeysSide(session->sslServer, ENCRYPT_AND_DECRYPT_SIDE);
-        ret += SetKeysSide(session->sslClient, ENCRYPT_AND_DECRYPT_SIDE);
-    }
-
-    if (ret != 0) {
-        SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    return ret;
-}
-
-/* Process Server Hello */
-static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
-                              SnifferSession* session, char* error)
-{
-    int             ret = 0;
-    ProtocolVersion pv;
-    byte            b, b0;
-    int             toRead = VERSION_SZ + RAN_LEN + ENUM_LEN;
-    int             doResume = 0;
-    const byte*     inputHello = input;
-    int             initialBytes = *sslBytes;
-
-    (void)msgSz;
-
-    /* make sure we didn't miss ClientHello */
-    if (session->flags.clientHello == 0 || session->sslClient->arrays == NULL) {
-        SetError(MISSED_CLIENT_HELLO_STR, error, session, 0);
-        return 0; /* do not throw error, just ignore packet */
-    }
-
-    /* make sure can read through session len */
-    if (toRead > *sslBytes) {
-        SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    XMEMCPY(&pv, input, VERSION_SZ);
-    input     += VERSION_SZ;
-    *sslBytes -= VERSION_SZ;
-
-    session->sslServer->version = pv;
-    session->sslClient->version = pv;
-    if (pv.minor >= TLSv1_MINOR) {
-        session->sslServer->options.tls = 1;
-        session->sslClient->options.tls = 1;
-    }
-
-    XMEMCPY(session->sslServer->arrays->serverRandom, input, RAN_LEN);
-    XMEMCPY(session->sslClient->arrays->serverRandom, input, RAN_LEN);
-    input     += RAN_LEN;
-    *sslBytes -= RAN_LEN;
-
-    b = *input++;
-    *sslBytes -= 1;
-
-    /* make sure can read through compression */
-    if ( (b + SUITE_LEN + ENUM_LEN) > *sslBytes) {
-        SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    if (b) {
-    #ifdef WOLFSSL_TLS13
-        XMEMCPY(session->sslServer->session->sessionID, input, ID_LEN);
-        session->sslServer->session->sessionIDSz = ID_LEN;
-    #endif
-        XMEMCPY(session->sslServer->arrays->sessionID, input, ID_LEN);
-        session->sslServer->arrays->sessionIDSz = ID_LEN;
-        session->sslServer->options.haveSessionId = 1;
-    }
-    input     += b;
-    *sslBytes -= b;
-
-    /* cipher suite */
-    b0 = *input++;  /* first byte, ECC or not */
-    session->sslServer->options.cipherSuite0 = b0;
-    session->sslClient->options.cipherSuite0 = b0;
-    b = *input++;
-    session->sslServer->options.cipherSuite = b;
-    session->sslClient->options.cipherSuite = b;
-    *sslBytes -= SUITE_LEN;
-
-#ifdef WOLFSSL_SNIFFER_STATS
-    {
-        const CipherSuiteInfo* suites = GetCipherNames();
-        int suitesSz = GetCipherNamesSize();
-        int match = 0;
-
-        while (suitesSz) {
-            if (b0 == suites->cipherSuite0 && b == suites->cipherSuite) {
-                match = 1;
-                break;
-            }
-            suites++;
-            suitesSz--;
-        }
-        if (!match)
-            INC_STAT(SnifferStats.sslCiphersUnsupported);
-    }
-#endif /* WOLFSSL_SNIFFER_STATS */
-
-    /* compression */
-    b = *input++;
-    *sslBytes -= ENUM_LEN;
-
-    if (b) {
-        SetError(BAD_COMPRESSION_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    /* extensions */
-    if ((initialBytes - *sslBytes) < msgSz) {
-        word16 len;
-
-        /* skip extensions until extended master secret */
-        /* make sure can read len */
-        if (SUITE_LEN > *sslBytes) {
-            SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        len = (word16)((input[0] << 8) | input[1]);
-        input     += SUITE_LEN;
-        *sslBytes -= SUITE_LEN;
-        /* make sure can read through all extensions */
-        if (len > *sslBytes) {
-            SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-        while (len >= EXT_TYPE_SZ + LENGTH_SZ) {
-            word16 extType;
-            word16 extLen;
-
-            extType    = (word16)((input[0] << 8) | input[1]);
-            input     += EXT_TYPE_SZ;
-            *sslBytes -= EXT_TYPE_SZ;
-
-            extLen     = (word16)((input[0] << 8) | input[1]);
-            input     += LENGTH_SZ;
-            *sslBytes -= LENGTH_SZ;
-
-            /* make sure can read through individual extension */
-            if (extLen > *sslBytes) {
-                SetError(SERVER_HELLO_INPUT_STR, error, session,
-                         FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-        #ifdef DEBUG_SNIFFER
-            printf("\tserver_hello ext: 0x%02x (len %d)\n", extType, extLen);
-        #endif
-
-            switch (extType) {
-        #ifdef WOLFSSL_TLS13
-            case EXT_KEY_SHARE:
-                ret = ProcessServerKeyShare(session, input, extLen, error);
-                if (ret != 0) {
-                    SetError(SERVER_HELLO_INPUT_STR, error, session,
-                        FATAL_ERROR_STATE);
-                    return WOLFSSL_FATAL_ERROR;
-                }
-                break;
-        #endif
-        #ifdef HAVE_SESSION_TICKET
-            case EXT_PRE_SHARED_KEY:
-                /* indicates we want to use resumption */
-                session->sslServer->options.resuming = 1;
-                session->sslClient->options.resuming = 1;
-            #ifdef WOLFSSL_TLS13
-                /* default nonce to len = 1, data = 0 */
-                session->sslServer->session->ticketNonce.len = 1;
-                session->sslServer->session->ticketNonce.data[0] = 0;
-                session->sslClient->session->ticketNonce.len = 1;
-                session->sslClient->session->ticketNonce.data[0] = 0;
-            #endif
-                break;
-        #endif
-        #ifdef HAVE_MAX_FRAGMENT
-            case EXT_MAX_FRAGMENT_LENGTH:
-            {
-                word16 max_fragment = MAX_RECORD_SIZE;
-                switch (input[0]) {
-                    case WOLFSSL_MFL_2_8 : max_fragment =  256; break;
-                    case WOLFSSL_MFL_2_9 : max_fragment =  512; break;
-                    case WOLFSSL_MFL_2_10: max_fragment = 1024; break;
-                    case WOLFSSL_MFL_2_11: max_fragment = 2048; break;
-                    case WOLFSSL_MFL_2_12: max_fragment = 4096; break;
-                    case WOLFSSL_MFL_2_13: max_fragment = 8192; break;
-                    default: break;
-                }
-                session->sslServer->max_fragment = max_fragment;
-                session->sslClient->max_fragment = max_fragment;
-                break;
-            }
-        #endif
-            case EXT_SUPPORTED_VERSIONS:
-                session->sslServer->version.major = input[0];
-                session->sslServer->version.minor = input[1];
-                session->sslClient->version.major = input[0];
-                session->sslClient->version.minor = input[1];
-                if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-                    /* The server side handshake encryption is on for future packets */
-                    session->flags.serverCipherOn = 1;
-                }
-                break;
-            case EXT_MASTER_SECRET:
-            #ifdef HAVE_EXTENDED_MASTER
-                session->flags.expectEms = 1;
-            #endif
-                break;
-            case EXT_RENEGOTIATION_INFO:
-                session->flags.secRenegEn = 1;
-                break;
-            } /* switch (extType) */
-
-            input     += extLen;
-            *sslBytes -= extLen;
-            len       -= extLen + EXT_TYPE_SZ + LENGTH_SZ;
-        }
-    }
-
-    if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-#ifndef WOLFSSL_TLS13
-        SetError(UNSUPPORTED_TLS_VER_STR, error, session, FATAL_ERROR_STATE);
-        session->verboseErr = 1;
-        return WOLFSSL_FATAL_ERROR;
-#endif
-    }
-    else {
-#ifdef WOLFSSL_NO_TLS12
-        SetError(UNSUPPORTED_TLS_VER_STR, error, session, FATAL_ERROR_STATE);
-        session->verboseErr = 1;
-        return WOLFSSL_FATAL_ERROR;
-#endif
-    }
-
-#ifdef HAVE_EXTENDED_MASTER
-    if (!session->flags.expectEms) {
-        XFREE(session->hash, NULL, DYNAMIC_TYPE_HASHES);
-        session->hash = NULL;
-    }
-#endif
-
-    if (session->sslServer->options.haveSessionId) {
-        if (session->sslServer->arrays->sessionIDSz == ID_LEN &&
-                session->sslClient->arrays->sessionIDSz == ID_LEN &&
-                XMEMCMP(session->sslServer->arrays->sessionID,
-                        session->sslClient->arrays->sessionID, ID_LEN) == 0) {
-            doResume = 1;
-        }
-    }
-    else if (session->sslClient->options.haveSessionId == 0 &&
-             session->sslServer->options.haveSessionId == 0 &&
-             session->ticketID) {
-        doResume = 1;
-    }
-
-    if (session->ticketID && doResume) {
-        /* use ticketID to retrieve from session, prefer over sessionID */
-        XMEMCPY(session->sslServer->arrays->sessionID,session->ticketID,ID_LEN);
-        session->sslServer->arrays->sessionIDSz = ID_LEN;
-        session->sslServer->options.haveSessionId = 1;  /* may not have
-                                                           actual sessionID */
-    }
-
-#ifdef WOLFSSL_TLS13
-    /* Is TLS v1.3 hello_retry_request? */
-    if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len == 0) {
-        Trace(GOT_HELLO_RETRY_REQ_STR);
-
-        /* do not compute keys yet */
-        session->flags.serverCipherOn = 0;
-
-        /* make sure the mac and digest size are set */
-        SetCipherSpecs(session->sslServer);
-        SetCipherSpecs(session->sslClient);
-
-        /* reset hashes */
-        RestartHandshakeHash(session->sslServer);
-        RestartHandshakeHash(session->sslClient);
-
-        doResume = 0;
-    }
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E) &&
-        session->pendSeq == 0)
-#endif
-    {
-        /* hash server_hello */
-        HashRaw(session->sslServer, inputHello - HANDSHAKE_HEADER_SZ,
-            initialBytes + HANDSHAKE_HEADER_SZ);
-        HashRaw(session->sslClient, inputHello - HANDSHAKE_HEADER_SZ,
-            initialBytes + HANDSHAKE_HEADER_SZ);
-    }
-
-    if (doResume) {
-        ret = DoResume(session, error);
-        if (ret != 0) {
-            return ret;
-        }
-    }
-    else {
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslStandardConns);
-#endif
-    }
-
-#ifdef SHOW_SECRETS
-    printf("cipher suite = 0x%02x\n", session->sslServer->options.cipherSuite);
-    PrintSecret("server random", session->sslServer->arrays->serverRandom, RAN_LEN);
-#endif
-
-#ifdef WOLFSSL_TLS13
-    /* Setup handshake keys */
-    if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len > 0) {
-        ret = SetupKeys(session->cliKs.key, &session->cliKs.key_len,
-            session, error, &session->cliKs);
-        if (ret != 0) {
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                return ret;
-            }
-        #endif
-            SetError(KEY_MISMATCH_STR, error, session, FATAL_ERROR_STATE);
-            session->verboseErr = 1;
-            return ret;
-        }
-
-        if (session->flags.side == WOLFSSL_SERVER_END)
-            session->flags.serverCipherOn = 1;
-        else
-            session->flags.clientCipherOn = 1;
-    }
-#endif
-
-    return 0;
-}
-
-#ifdef HAVE_SNI
-/* Function return value must be 0 for success */
-static int LoadNamedKey(SnifferSession* session, const byte* name, word16 nameSz)
-{
-    int ret = 0;
-    WOLFSSL* ssl = session->sslServer;
-    NamedKey* namedKey;
-
-    wc_LockMutex(&session->context->namedKeysMutex);
-    namedKey = session->context->namedKeys;
-    while (namedKey != NULL) {
-        if (nameSz == namedKey->nameSz &&
-                    XSTRNCMP((char*)name, namedKey->name, nameSz) == 0) {
-        #ifdef WOLFSSL_STATIC_EPHEMERAL
-            if (namedKey->isEphemeralKey) {
-                /* auto detect key type with WC_PK_TYPE_NONE */
-                ret = wolfSSL_set_ephemeral_key(ssl,
-                    WC_PK_TYPE_NONE, (const char*)namedKey->key,
-                    namedKey->keySz, WOLFSSL_FILETYPE_ASN1);
-            }
-            else
-        #endif
-            {
-                ret = wolfSSL_use_PrivateKey_buffer(ssl,
-                    namedKey->key, namedKey->keySz,
-                    WOLFSSL_FILETYPE_ASN1);
-                /* translate return code */
-                ret = (ret == WOLFSSL_SUCCESS) ? 0 : -1;
-            }
-            if (ret == 0) {
-                session->sni = namedKey->name;
-            }
-            break;
-        }
-        namedKey = namedKey->next;
-    }
-    wc_UnLockMutex(&session->context->namedKeysMutex);
-    return ret;
-}
-#endif
-
-/* Process normal Client Hello */
-static int ProcessClientHello(const byte* input, int* sslBytes,
-                              SnifferSession* session, char* error)
-{
-    int ret = 0;
-    byte   bLen;
-    word16 len;
-    int    toRead = VERSION_SZ + RAN_LEN + ENUM_LEN;
-    const byte* inputHello = input;
-    int inputHelloSz = *sslBytes;
-    WOLFSSL* ssl = session->sslServer;
-    int didHash = 0;
-
-    session->flags.clientHello = 1;  /* don't process again */
-
-    /* make sure can read up to session len */
-    if (toRead > *sslBytes) {
-        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    /* skip, get negotiated one from server hello */
-    input     += VERSION_SZ;
-    *sslBytes -= VERSION_SZ;
-
-    /* for secure renegotiation server arrays can be NULL */
-    if (session->sslServer->arrays)
-        XMEMCPY(session->sslServer->arrays->clientRandom, input, RAN_LEN);
-    if (session->sslClient->arrays)
-        XMEMCPY(session->sslClient->arrays->clientRandom, input, RAN_LEN);
-
-    input     += RAN_LEN;
-    *sslBytes -= RAN_LEN;
-
-    /* store session in case trying to resume */
-    bLen = *input++;
-    *sslBytes -= ENUM_LEN;
-    if (bLen) {
-        if (ID_LEN > *sslBytes) {
-            SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        Trace(CLIENT_RESUME_TRY_STR);
-#ifdef WOLFSSL_TLS13
-        XMEMCPY(session->sslClient->session->sessionID, input, ID_LEN);
-        session->sslClient->session->sessionIDSz = ID_LEN;
-#endif
-        if (session->sslClient->arrays) {
-            XMEMCPY(session->sslClient->arrays->sessionID, input, ID_LEN);
-            session->sslClient->arrays->sessionIDSz = ID_LEN;
-        }
-        session->sslClient->options.haveSessionId = 1;
-    }
-
-#ifdef SHOW_SECRETS
-    if (ssl->arrays)
-        PrintSecret("client random", ssl->arrays->clientRandom, RAN_LEN);
-#endif
-
-    input     += bLen;
-    *sslBytes -= bLen;
-
-    /* skip cipher suites */
-    /* make sure can read len */
-    if (SUITE_LEN > *sslBytes) {
-        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    len = (word16)((input[0] << 8) | input[1]);
-    input     += SUITE_LEN;
-    *sslBytes -= SUITE_LEN;
-    /* make sure can read suites + comp len */
-    if (len + ENUM_LEN > *sslBytes) {
-        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    input     += len;
-    *sslBytes -= len;
-
-    /* skip compression */
-    bLen       = *input++;
-    *sslBytes -= ENUM_LEN;
-    /* make sure can read len */
-    if (bLen > *sslBytes) {
-        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    input     += bLen;
-    *sslBytes -= bLen;
-
-    if (*sslBytes == 0) {
-        /* no extensions */
-        return 0;
-    }
-
-    /* skip extensions until session ticket */
-    /* make sure can read len */
-    if (SUITE_LEN > *sslBytes) {
-        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    len = (word16)((input[0] << 8) | input[1]);
-    input     += SUITE_LEN;
-    *sslBytes -= SUITE_LEN;
-    /* make sure can read through all extensions */
-    if (len > *sslBytes) {
-        SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    while (len >= EXT_TYPE_SZ + LENGTH_SZ) {
-        word16 extType;
-        word16 extLen;
-
-        extType    = (word16)((input[0] << 8) | input[1]);
-        input     += EXT_TYPE_SZ;
-        *sslBytes -= EXT_TYPE_SZ;
-
-        extLen     = (word16)((input[0] << 8) | input[1]);
-        input     += LENGTH_SZ;
-        *sslBytes -= LENGTH_SZ;
-
-        /* make sure can read through individual extension */
-        if (extLen > *sslBytes) {
-            SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-    #ifdef DEBUG_SNIFFER
-        printf("\tclient_hello ext: 0x%02x (len %d)\n", extType, extLen);
-    #endif
-
-        switch (extType) {
-    #ifdef HAVE_SNI
-        case EXT_SERVER_NAME:
-        {
-            word16 listLen = 0, offset = 0;
-
-            ato16(input + offset, &listLen);
-            offset += OPAQUE16_LEN;
-
-            if (extLen < offset + listLen)
-                return BUFFER_ERROR;
-
-            while (listLen > ENUM_LEN + OPAQUE16_LEN) {
-                byte   sniType = input[offset++];
-                word16 sniLen;
-
-                ato16(input + offset, &sniLen);
-                offset += OPAQUE16_LEN;
-
-                if (extLen < offset + sniLen)
-                    return BUFFER_ERROR;
-
-                if (sniType == WOLFSSL_SNI_HOST_NAME) {
-                    ret = LoadNamedKey(session, input + offset, sniLen);
-                    if (ret < 0) {
-                        /* don't treat this as fatal error */
-                        SetError(CLIENT_HELLO_LATE_KEY_STR, error, session, 0);
-                        break;
-                    }
-                }
-                offset  += sniLen;
-                listLen -= min(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen);
-            }
-            break;
-        }
-    #endif
-    #ifdef WOLFSSL_TLS13
-        case EXT_KEY_SHARE:
-        {
-            word16 ksLen = (word16)((input[0] << 8) | input[1]);
-            if (ksLen + OPAQUE16_LEN > extLen) {
-                SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            /* cache key share data till server_hello */
-            session->cliKeyShareSz = ksLen;
-            if (ksLen > 0) {
-                session->cliKeyShare = (byte*)XMALLOC(ksLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-                if (session->cliKeyShare == NULL) {
-                    SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-                    break;
-                }
-                XMEMCPY(session->cliKeyShare, &input[2], ksLen);
-            }
-            break;
-        }
-        #ifdef HAVE_SESSION_TICKET
-        case EXT_PRE_SHARED_KEY:
-        {
-            word16 idsLen, idLen, bindersLen, idx = 0;
-            word32 ticketAge;
-            const byte *identity, *binders;
-
-            idsLen = (word16)((input[idx] << 8) | input[idx+1]);
-            if (idsLen + OPAQUE16_LEN + idx > extLen) {
-                SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            idx += OPAQUE16_LEN;
-
-            /* PSK identity */
-            idLen = (word16)((input[idx] << 8) | input[idx+1]);
-            if (idLen + OPAQUE16_LEN + idx > extLen) {
-                SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            idx += OPAQUE16_LEN;
-            identity = &input[idx];
-            idx += idLen;
-
-            /* Obfuscated Ticket Age 32-bits */
-            ticketAge = (word32)((input[idx] << 24) | (input[idx+1] << 16) |
-                                 (input[idx+2] << 8) | input[idx+3]);
-            (void)ticketAge; /* not used */
-            idx += OPAQUE32_LEN;
-
-            /* binders - all binders */
-            bindersLen = (word16)((input[idx] << 8) | input[idx+1]);
-            if (bindersLen + OPAQUE16_LEN + idx > extLen) {
-                SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            idx += OPAQUE16_LEN;
-            binders = &input[idx];
-            bindersLen += OPAQUE16_LEN; /* includes 2 bytes for total len */
-            (void)binders; /* not used */
-
-            /* Hash data up to binders for deriving binders in PSK extension. */
-            HashRaw(session->sslServer, inputHello - HANDSHAKE_HEADER_SZ,
-                inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ);
-            HashRaw(session->sslClient, inputHello - HANDSHAKE_HEADER_SZ,
-                inputHelloSz - bindersLen + HANDSHAKE_HEADER_SZ);
-
-            /* call to decrypt session ticket */
-            if (DoClientTicket(ssl, identity, idLen) != WOLFSSL_TICKET_RET_OK) {
-                /* we aren't decrypting the resumption, since we know the master secret */
-                /* ignore errors */
-            }
-            ssl->options.resuming  = 1;
-
-            /* Hash the rest of the ClientHello. */
-            HashRaw(session->sslServer, inputHello + inputHelloSz - bindersLen, bindersLen);
-            HashRaw(session->sslClient, inputHello + inputHelloSz - bindersLen, bindersLen);
-            didHash = 1;
-            break;
-        }
-        #endif /* HAVE_SESSION_TICKET */
-    #endif /* WOLFSSL_TLS13 */
-        case EXT_SUPPORTED_VERSIONS:
-            break;
-        case EXT_TICKET_ID:
-            /* make sure can read through ticket if there is a non blank one */
-            if (extLen && extLen < ID_LEN) {
-                SetError(CLIENT_HELLO_INPUT_STR, error, session,
-                         FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            if (extLen) {
-                if (session->ticketID == NULL) {
-                    session->ticketID = (byte*)XMALLOC(ID_LEN,
-                            NULL, DYNAMIC_TYPE_SNIFFER_TICKET_ID);
-                    if (session->ticketID == 0) {
-                        SetError(MEMORY_STR, error, session,
-                                 FATAL_ERROR_STATE);
-                        return WOLFSSL_FATAL_ERROR;
-                    }
-                }
-
-            #ifdef HAVE_SESSION_TICKET
-                /* do not set "ssl->options.useTicket", since the sniffer uses
-                 * the cache differently for retaining the master secret only */
-            #endif
-                XMEMCPY(session->ticketID, input + extLen - ID_LEN, ID_LEN);
-            }
-            break;
-        }
-
-        input     += extLen;
-        *sslBytes -= extLen;
-        len       -= extLen + EXT_TYPE_SZ + LENGTH_SZ;
-    }
-
-    if (!didHash) {
-        HashRaw(session->sslServer, inputHello - HANDSHAKE_HEADER_SZ,
-            inputHelloSz + HANDSHAKE_HEADER_SZ);
-        HashRaw(session->sslClient, inputHello - HANDSHAKE_HEADER_SZ,
-            inputHelloSz + HANDSHAKE_HEADER_SZ);
-    }
-
-    (void)ssl;
-
-    return ret;
-}
-
-
-#ifdef WOLFSSL_SNIFFER_WATCH
-
-static int KeyWatchCall(SnifferSession* session, const byte* data, int dataSz,
-    char* error)
-{
-    int ret;
-    wc_Sha256 sha;
-    byte digest[WC_SHA256_DIGEST_SIZE];
-
-    if (WatchCb == NULL) {
-        SetError(WATCH_CB_MISSING_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    ret = wc_InitSha256(&sha);
-    if (ret == 0)
-        ret = wc_Sha256Update(&sha, data, dataSz);
-    if (ret == 0)
-        ret = wc_Sha256Final(&sha, digest);
-    if (ret != 0) {
-        SetError(WATCH_HASH_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    ret = WatchCb((void*)session, digest, sizeof(digest),
-            data, dataSz, WatchCbCtx, error);
-    if (ret != 0) {
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslKeysUnmatched);
-#endif
-        SetError(WATCH_FAIL_STR, error, session, FATAL_ERROR_STATE);
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    else {
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslKeyMatches);
-#endif
-    }
-    return ret;
-}
-
-/* Process Certificate */
-static int ProcessCertificate(const byte* input, int* sslBytes,
-        SnifferSession* session, char* error)
-{
-    word32 certChainSz;
-    word32 certSz;
-
-    /* If the receiver is the server, this is the client certificate message,
-     * and it should be ignored at this point. */
-    if (session->flags.side == WOLFSSL_SERVER_END)
-        return 0;
-
-    if (*sslBytes < CERT_HEADER_SZ) {
-        SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(session->sslServer->version)) {
-        /* skip 1 byte (Request context len) */
-        input += OPAQUE8_LEN;
-        *sslBytes -= OPAQUE8_LEN;
-    }
-#endif
-
-    ato24(input, &certChainSz);
-    *sslBytes -= CERT_HEADER_SZ;
-    input += CERT_HEADER_SZ;
-
-    if (*sslBytes < (int)certChainSz) {
-        SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    ato24(input, &certSz);
-    input += OPAQUE24_LEN;
-    if (*sslBytes < (int)certSz) {
-        SetError(BAD_CERT_MSG_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    *sslBytes -= certChainSz;
-
-    return KeyWatchCall(session, input, certSz, error);
-}
-
-#endif /* WOLFSSL_SNIFFER_WATCH */
-
-
-/* Process Finished */
-static int ProcessFinished(const byte* input, int size, int* sslBytes,
-                           SnifferSession* session, char* error)
-{
-    WOLFSSL* ssl;
-    word32 inOutIdx = 0;
-    int    ret;
-
-    if (session->flags.side == WOLFSSL_SERVER_END)
-        ssl = session->sslServer;
-    else
-        ssl = session->sslClient;
-
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        ret = DoTls13Finished(ssl, input, &inOutIdx, (word32)size,
-            (word32)*sslBytes, SNIFF);
-
-        ssl->options.handShakeState = HANDSHAKE_DONE;
-        ssl->options.handShakeDone  = 1;
-    }
-    else
-#endif
-    {
-        ret = DoFinished(ssl, input, &inOutIdx, (word32)size,
-            (word32)*sslBytes, SNIFF);
-    }
-    *sslBytes -= (int)inOutIdx;
-
-    if (ret < 0) {
-        SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
-        return ret;
-    }
-
-    if (ret == 0
-    #ifdef SNIFFER_SINGLE_SESSION_CACHE
-            && session->flags.cached == 0
-    #endif
-            ) {
-        if (session->sslServer->options.haveSessionId) {
-        #ifndef NO_SESSION_CACHE
-            WOLFSSL_SESSION* sess = wolfSSL_GetSession(session->sslServer, NULL, 0);
-            if (sess == NULL) {
-                SetupSession(session->sslServer);
-                AddSession(session->sslServer); /* don't re add */
-            #ifdef WOLFSSL_SNIFFER_STATS
-                INC_STAT(SnifferStats.sslResumptionInserts);
-            #endif
-            }
-            #ifdef SNIFFER_SINGLE_SESSION_CACHE
-                session->flags.cached = 1;
-            #endif
-        #endif
-         }
-    }
-
-#ifdef WOLFSSL_TLS13
-    /* Derive TLS v1.3 traffic keys */
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        if (!session->flags.gotFinished) {
-            /* When either side gets "finished" derive master secret and keys */
-            ret  = DeriveMasterSecret(session->sslServer);
-            ret += DeriveMasterSecret(session->sslClient);
-        #ifdef WOLFSSL_EARLY_DATA
-            ret += DeriveTls13Keys(session->sslServer, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, ssl->earlyData == no_early_data);
-            ret += DeriveTls13Keys(session->sslClient, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, ssl->earlyData == no_early_data);
-        #else
-            ret += DeriveTls13Keys(session->sslServer, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, 1);
-            ret += DeriveTls13Keys(session->sslClient, traffic_key, ENCRYPT_AND_DECRYPT_SIDE, 1);
-        #endif
-
-            if (ret != 0) {
-                SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-
-            session->flags.gotFinished = 1;
-        #ifdef SHOW_SECRETS
-            ShowTlsSecrets(session);
-        #endif
-        }
-
-        if (session->flags.side == WOLFSSL_SERVER_END) {
-            /* finished from client to server */
-            ret  = SetKeysSide(session->sslServer, DECRYPT_SIDE_ONLY);
-            ret += SetKeysSide(session->sslClient, ENCRYPT_SIDE_ONLY);
-
-        #ifdef HAVE_SESSION_TICKET
-            /* derive resumption secret for next session - on finished (from client) */
-            ret += DeriveResumptionSecret(session->sslClient,
-                session->sslClient->session->masterSecret);
-
-            /* copy resumption secret to server */
-            XMEMCPY(session->sslServer->session->masterSecret,
-                    session->sslClient->session->masterSecret, SECRET_LEN);
-            #ifdef SHOW_SECRETS
-            PrintSecret("resumption secret",
-                session->sslClient->session->masterSecret, SECRET_LEN);
-            #endif
-        #endif
-        }
-        else {
-            /* finished from server to client */
-            ret  = SetKeysSide(session->sslServer, ENCRYPT_SIDE_ONLY);
-            ret += SetKeysSide(session->sslClient, DECRYPT_SIDE_ONLY);
-        }
-
-        if (ret != 0) {
-            SetError(BAD_FINISHED_MSG, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-#endif
-
-    /* Do not free handshake resources yet if secure renegotiation */
-    if (session->flags.secRenegEn == 0) {
-        /* If receiving a finished message from one side, free the resources
-         * from the other side's tracker. */
-        if (session->flags.side == WOLFSSL_SERVER_END)
-            FreeHandshakeResources(session->sslClient);
-        else
-            FreeHandshakeResources(session->sslServer);
-    }
-
-    return ret;
-}
-
-
-/* Process HandShake input */
-static int DoHandShake(const byte* input, int* sslBytes,
-                       SnifferSession* session, char* error, word16 rhSize)
-{
-    byte type;
-    int  size;
-    int  ret = 0;
-    WOLFSSL* ssl;
-    int startBytes;
-
-    (void)rhSize;
-
-#ifdef HAVE_MAX_FRAGMENT
-    if (session->tlsFragBuf) {
-        XMEMCPY(session->tlsFragBuf + session->tlsFragOffset, input, rhSize);
-        session->tlsFragOffset += rhSize;
-        *sslBytes -= rhSize;
-
-        if (session->tlsFragOffset < session->tlsFragSize) {
-            return 0;
-        }
-
-        /* reassembled complete fragment */
-        input = session->tlsFragBuf;
-        *sslBytes = session->tlsFragSize;
-        rhSize = session->tlsFragSize;
-    }
-#endif
-
-    if (*sslBytes < HANDSHAKE_HEADER_SZ) {
-        SetError(HANDSHAKE_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    type = input[0];
-    size = (input[1] << 16) | (input[2] << 8) | input[3];
-
-    input     += HANDSHAKE_HEADER_SZ;
-    *sslBytes -= HANDSHAKE_HEADER_SZ;
-    startBytes = *sslBytes;
-
-    if (*sslBytes < size) {
-        Trace(SPLIT_HANDSHAKE_MSG_STR);
-        *sslBytes = 0;
-        return ret;
-    }
-
-    if (session->flags.side == WOLFSSL_SERVER_END)
-        ssl = session->sslServer;
-    else
-        ssl = session->sslClient;
-
-#ifdef HAVE_MAX_FRAGMENT
-    if (rhSize < size) {
-        /* partial fragment, let's reassemble */
-        if (session->tlsFragBuf == NULL) {
-            session->tlsFragOffset = 0;
-            session->tlsFragSize = size + HANDSHAKE_HEADER_SZ;
-            session->tlsFragBuf = (byte*)XMALLOC(session->tlsFragSize, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            if (session->tlsFragBuf == NULL) {
-                SetError(MEMORY_STR, error, NULL, 0);
-                return 0;
-            }
-
-            /* include the handshake header */
-            input -= HANDSHAKE_HEADER_SZ;
-            *sslBytes += HANDSHAKE_HEADER_SZ;
-        }
-
-        XMEMCPY(session->tlsFragBuf + session->tlsFragOffset, input, rhSize);
-        session->tlsFragOffset += rhSize;
-        *sslBytes -= rhSize;
-        return 0;
-    }
-#endif
-
-#ifdef WOLFSSL_TLS13
-    if (type != client_hello && type != server_hello
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        && session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E)
-        && session->pendSeq == 0
-    #endif
-    ) {
-        /* For resumption the hash is before / after client_hello PSK binder */
-        /* hash the packet including header */
-        /* TLS v1.3 requires the hash for the handshake and transfer key derivation */
-        /* we hash even for non TLS v1.3, since we don't know if its actually
-            TLS v1.3 till later at EXT_SUPPORTED_VERSIONS in server_hello */
-        /* hello retry request restarts hash prior to server_hello hash calc */
-        HashRaw(session->sslServer, input - HANDSHAKE_HEADER_SZ, size + HANDSHAKE_HEADER_SZ);
-        HashRaw(session->sslClient, input - HANDSHAKE_HEADER_SZ, size + HANDSHAKE_HEADER_SZ);
-    }
-#endif
-#ifdef HAVE_EXTENDED_MASTER
-    if (session->hash) {
-        if (HashUpdate(session->hash, input, size) != 0) {
-            SetError(EXTENDED_MASTER_HASH_STR, error,
-                     session, FATAL_ERROR_STATE);
-            ret = WOLFSSL_FATAL_ERROR;
-            goto exit;
-        }
-    }
-#endif
-
-    switch (type) {
-        case hello_verify_request:
-            Trace(GOT_HELLO_VERIFY_STR);
-            break;
-        case hello_request:
-            Trace(GOT_HELLO_REQUEST_STR);
-            break;
-        case session_ticket:
-            Trace(GOT_SESSION_TICKET_STR);
-            ret = ProcessSessionTicket(input, sslBytes, session, error);
-            break;
-        case server_hello:
-            Trace(GOT_SERVER_HELLO_STR);
-            ret = ProcessServerHello(size, input, sslBytes, session, error);
-            break;
-        case certificate_request:
-            Trace(GOT_CERT_REQ_STR);
-            break;
-        case server_key_exchange:
-            Trace(GOT_SERVER_KEY_EX_STR);
-
-#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-            if (!session->context->useKeyLogFile)
-#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
-            {
-                /* can't know temp key passively */
-                SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
-                session->verboseErr = 1;
-                ret = WOLFSSL_FATAL_ERROR;
-
-#if defined(WOLFSSL_SNIFFER_STATS)
-                INC_STAT(SnifferStats.sslEphemeralMisses);
-#endif /* WOLFSSL_SNIFFER_STATS */
-            }
-            break;
-        case encrypted_extensions:
-            Trace(GOT_ENC_EXT_STR);
-            ssl->msgsReceived.got_encrypted_extensions = 1;
-            break;
-        case certificate:
-            Trace(GOT_CERT_STR);
-            if (session->flags.side == WOLFSSL_SERVER_END) {
-#ifdef WOLFSSL_SNIFFER_STATS
-                INC_STAT(SnifferStats.sslClientAuthConns);
-#endif
-            }
-#ifdef WOLFSSL_SNIFFER_WATCH
-            ret = ProcessCertificate(input, sslBytes, session, error);
-#endif
-            break;
-        case server_hello_done:
-            Trace(GOT_SERVER_HELLO_DONE_STR);
-            break;
-        case finished:
-            Trace(GOT_FINISHED_STR);
-            ret = ProcessFinished(input, size, sslBytes, session, error);
-            break;
-        case client_hello:
-            Trace(GOT_CLIENT_HELLO_STR);
-            ret = ProcessClientHello(input, sslBytes, session, error);
-            break;
-        case client_key_exchange:
-            Trace(GOT_CLIENT_KEY_EX_STR);
-#ifdef HAVE_EXTENDED_MASTER
-            if (session->flags.expectEms) {
-                /* on async reentry the session->hash is already copied
-                 * and free'd */
-                if (session->hash != NULL) {
-                    if (HashCopy(session->sslServer->hsHashes,
-                                session->hash) == 0 &&
-                        HashCopy(session->sslClient->hsHashes,
-                                session->hash) == 0) {
-
-                        session->sslServer->options.haveEMS = 1;
-                        session->sslClient->options.haveEMS = 1;
-                    }
-                    else {
-                        SetError(EXTENDED_MASTER_HASH_STR, error,
-                                session, FATAL_ERROR_STATE);
-                        ret = WOLFSSL_FATAL_ERROR;
-                    }
-                    XMEMSET(session->hash, 0, sizeof(HsHashes));
-                    XFREE(session->hash, NULL, DYNAMIC_TYPE_HASHES);
-                    session->hash = NULL;
-                }
-            }
-            else {
-                session->sslServer->options.haveEMS = 0;
-                session->sslClient->options.haveEMS = 0;
-            }
-#endif
-            if (ret == 0) {
-                ret = ProcessClientKeyExchange(input, sslBytes, session, error);
-            #ifdef WOLFSSL_ASYNC_CRYPT
-                if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
-                    return ret;
-            #endif
-                if (ret != 0) {
-                    SetError(KEY_MISMATCH_STR, error, session, FATAL_ERROR_STATE);
-                    session->verboseErr = 1;
-                }
-            }
-            break;
-        case certificate_verify:
-            Trace(GOT_CERT_VER_STR);
-            break;
-        case certificate_status:
-            Trace(GOT_CERT_STATUS_STR);
-            break;
-        default:
-            SetError(GOT_UNKNOWN_HANDSHAKE_STR, error, session, 0);
-            ret = WOLFSSL_FATAL_ERROR;
-            break;
-    }
-
-#ifdef HAVE_EXTENDED_MASTER
-exit:
-#endif
-#ifdef HAVE_MAX_FRAGMENT
-    XFREE(session->tlsFragBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    session->tlsFragBuf = NULL;
-#endif
-
-    *sslBytes = startBytes - size;  /* actual bytes of full process */
-
-    return ret;
-}
-
-/* For ciphers that use AEAD use the encrypt routine to
- * bypass the auth tag checking */
-static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
-                           word16 sz)
-{
-    int ret = 0;
-
-    (void)plain;
-    (void)input;
-    (void)sz;
-
-    switch (ssl->specs.bulk_cipher_algorithm)
-    {
-    #ifndef NO_RC4
-        case wolfssl_rc4:
-            wc_Arc4Process(ssl->decrypt.arc4, plain, input, sz);
-            break;
-    #endif
-
-    #ifndef NO_DES3
-        case wolfssl_triple_des:
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* initialize event */
-            ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.des3->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-            if (ret != 0)
-                break;
-        #endif
-
-            ret = wc_Des3_CbcDecrypt(ssl->decrypt.des3, plain, input, sz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.des3->asyncDev);
-            }
-        #endif
-            break;
-    #endif
-
-    #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-        case wolfssl_aes:
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* initialize event */
-            ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-            if (ret != 0)
-                break;
-        #endif
-            ret = wc_AesCbcDecrypt(ssl->decrypt.aes, plain, input, sz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
-            }
-        #endif
-            break;
-    #endif
-
-    #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-        case wolfssl_aes_gcm:
-        case wolfssl_aes_ccm: /* GCM AEAD macros use same size as CCM */
-        {
-            /* For ciphers that use AEAD use the encrypt routine to
-             * bypass the auth tag checking */
-            wc_AesAuthEncryptFunc aes_auth_fn;
-
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* initialize event */
-            ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-            if (ret != 0)
-                break;
-        #endif
-
-        #if defined(HAVE_AESGCM) && defined(HAVE_AESCCM)
-            aes_auth_fn = (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm)
-                            ? wc_AesGcmEncrypt : wc_AesCcmEncrypt;
-        #elif defined(HAVE_AESGCM)
-            aes_auth_fn = wc_AesGcmEncrypt;
-        #else
-            aes_auth_fn = wc_AesCcmEncrypt;
-        #endif
-
-            XMEMSET(ssl->decrypt.additional, 0, AEAD_AUTH_DATA_SZ);
-
-            XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ);
-            XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input, AESGCM_EXP_IV_SZ);
-
-            if ((ret = aes_auth_fn(ssl->decrypt.aes,
-                        plain,
-                        input + AESGCM_EXP_IV_SZ,
-                          sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
-                        ssl->decrypt.nonce, AESGCM_NONCE_SZ,
-                        ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
-                        NULL, 0)) < 0) {
-            #ifdef WOLFSSL_ASYNC_CRYPT
-                if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                    ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
-                }
-            #endif
-            }
-        }
-        break;
-    #endif /* HAVE_AESGCM || HAVE_AESCCM */
-
-    #ifdef HAVE_ARIA
-        case wolfssl_aria_gcm:
-            ret = wc_AriaDecrypt(ssl->decrypt.aria,
-                        plain,
-                        (byte *)input + AESGCM_EXP_IV_SZ,
-                          sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
-                        ssl->decrypt.nonce, AESGCM_NONCE_SZ,
-                        ssl->decrypt.additional, ssl->specs.aead_mac_size,
-                        NULL, 0);
-            break;
-    #endif
-
-    #ifdef HAVE_CAMELLIA
-        case wolfssl_camellia:
-            ret = wc_CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
-            break;
-    #endif
-
-    #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
-        !defined(NO_CHAPOL_AEAD)
-        case wolfssl_chacha:
-            ret = ChachaAEADDecrypt(ssl, plain, input, sz);
-            break;
-    #endif
-
-    #ifdef HAVE_NULL_CIPHER
-        case wolfssl_cipher_null:
-            if (input != plain) {
-                XMEMMOVE(plain, input, sz);
-            }
-            break;
-    #endif
-
-        default:
-            WOLFSSL_MSG("wolfSSL Decrypt programming error");
-            ret = DECRYPT_ERROR;
-    }
-
-    return ret;
-}
-
-static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input,
-                           word16 sz)
-{
-    int ret = 0;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (ssl->decrypt.state != CIPHER_STATE_BEGIN) {
-        ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
-        if (ret != WC_NO_ERR_TRACE(WC_NO_PENDING_E)) {
-            /* check for still pending */
-            if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
-                return ret;
-
-            ssl->error = 0; /* clear async */
-
-            /* let failures through so CIPHER_STATE_END logic is run */
-        }
-    }
-    else
-#endif
-    {
-        /* Reset state */
-        ret = 0;
-        ssl->decrypt.state = CIPHER_STATE_BEGIN;
-    }
-
-    switch (ssl->decrypt.state) {
-        case CIPHER_STATE_BEGIN:
-        {
-            if (ssl->decrypt.setup == 0) {
-                WOLFSSL_MSG("Decrypt ciphers not setup");
-                return DECRYPT_ERROR;
-            }
-
-        #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-            /* make sure AES GCM/CCM memory is allocated */
-            /* free for these happens in FreeCiphers */
-            if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
-                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
-                /* make sure auth iv and auth are allocated */
-                if (ssl->decrypt.additional == NULL)
-                    ssl->decrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
-                if (ssl->decrypt.nonce == NULL)
-                    ssl->decrypt.nonce = (byte*)XMALLOC(AESGCM_NONCE_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
-                if (ssl->decrypt.additional == NULL ||
-                         ssl->decrypt.nonce == NULL) {
-                    return MEMORY_E;
-                }
-            }
-        #endif /* HAVE_AESGCM || HAVE_AESCCM */
-
-            /* Advance state and proceed */
-            ssl->decrypt.state = CIPHER_STATE_DO;
-        }
-        FALL_THROUGH;
-        case CIPHER_STATE_DO:
-        {
-            ret = DecryptDo(ssl, plain, input, sz);
-
-            /* Advance state */
-            ssl->decrypt.state = CIPHER_STATE_END;
-
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* If pending, return now */
-            if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                return ret;
-            }
-        #endif
-        }
-        FALL_THROUGH;
-        case CIPHER_STATE_END:
-        {
-        #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-            /* make sure AES GCM/CCM nonce is cleared */
-            if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
-                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
-                if (ssl->decrypt.nonce)
-                    ForceZero(ssl->decrypt.nonce, AESGCM_NONCE_SZ);
-
-                if (ret < 0)
-                    ret = VERIFY_MAC_ERROR;
-            }
-        #endif /* HAVE_AESGCM || HAVE_AESCCM */
-            break;
-        }
-
-        default:
-            break;
-    }
-
-    /* Reset state */
-    ssl->decrypt.state = CIPHER_STATE_BEGIN;
-
-    return ret;
-}
-
-
-/* Decrypt input message into output, adjust output steam if needed */
-static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz,
-                byte* output, int* error, int* advance, RecordLayerHeader* rh)
-{
-    int ivExtra = 0;
-    int ret;
-
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        ret = DecryptTls13(ssl, output, input, sz, (byte*)rh, RECORD_HEADER_SZ);
-    }
-    else
-#endif
-    {
-        XMEMCPY(&ssl->curRL, rh, RECORD_HEADER_SZ);
-        ret = DecryptTls(ssl, output, input, sz);
-    }
-#ifdef WOLFSSL_ASYNC_CRYPT
-    /* for async the symmetric operations are blocking */
-    if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-        do {
-            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
-        } while (ret == 0);
-        if (ret >= 0) {
-            /* remove from event queue list */
-            ret = wolfSSL_AsyncPop(ssl, NULL);
-        }
-    }
-#endif
-    if (ret != 0) {
-        *error = ret;
-        return NULL;
-    }
-
-    ssl->curSize = sz;
-    ssl->keys.encryptSz = sz;
-    if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) {
-        output += ssl->specs.block_size; /* go past TLSv1.1 IV */
-        ivExtra = ssl->specs.block_size;
-        *advance = ssl->specs.block_size;
-    }
-
-    if (ssl->specs.cipher_type == aead) {
-        *advance = ssl->specs.aead_mac_size;
-        ssl->keys.padSz = ssl->specs.aead_mac_size;
-    }
-    else
-        ssl->keys.padSz = ssl->specs.hash_size;
-
-    if (ssl->specs.cipher_type == block) {
-        /* last pad bytes indicates length */
-        word32 pad = 0;
-        if ((int)sz > ivExtra) {
-            /* get value of last pad byte */
-            pad = *(output + sz - ivExtra - 1) + 1;
-        }
-        ssl->keys.padSz += pad;
-    }
-
-#ifdef WOLFSSL_TLS13
-    if (IsAtLeastTLSv1_3(ssl->version)) {
-        word16 i = (word16)(sz - ssl->keys.padSz);
-        /* Remove padding from end of plain text. */
-        for (--i; i > 0; i--) {
-            if (output[i] != 0)
-                break;
-        }
-        /* Get the real content type from the end of the data. */
-        rh->type = output[i];
-        ssl->keys.padSz = sz - i;
-    }
-#endif
-    (void)rh;
-
-    return output;
-}
-
-
-/* remove session from table, use rowHint if no info (means we have a lock) */
-static void RemoveSession(SnifferSession* session, IpInfo* ipInfo,
-                        TcpInfo* tcpInfo, word32 rowHint)
-{
-    SnifferSession* previous = 0;
-    SnifferSession* current;
-    word32          row = rowHint;
-#ifndef HAVE_C___ATOMIC
-    int             haveLock = 0;
-#endif
-    Trace(REMOVE_SESSION_STR);
-
-    if (ipInfo && tcpInfo)
-        row = SessionHash(ipInfo, tcpInfo);
-#ifndef HAVE_C___ATOMIC
-    else
-        haveLock = 1;
-#endif
-
-    if (row >= HASH_SIZE)
-        return;
-
-#ifndef HAVE_C___ATOMIC
-    if (!haveLock) {
-        LOCK_SESSION();
-    }
-#endif
-
-    current = SessionTable[row];
-
-    while (current) {
-        if (current == session) {
-            if (previous)
-                previous->next = current->next;
-            else
-                SessionTable[row] = current->next;
-            FreeSnifferSession(session);
-            TraceRemovedSession();
-            break;
-        }
-        previous = current;
-        current  = current->next;
-    }
-
-#ifndef HAVE_C___ATOMIC
-    if (!haveLock) {
-        UNLOCK_SESSION();
-    }
-#endif
-}
-
-
-/* Remove stale sessions from the Session Table, have a lock */
-static void RemoveStaleSessions(void)
-{
-    word32 i;
-    SnifferSession* session;
-
-    for (i = 0; i < HASH_SIZE; i++) {
-        session = SessionTable[i];
-        while (session) {
-            SnifferSession* next = session->next;
-            if (wc_Time(NULL) >= session->lastUsed + WOLFSSL_SNIFFER_TIMEOUT) {
-                TraceStaleSession();
-                RemoveSession(session, NULL, NULL, i);
-            }
-            session = next;
-        }
-    }
-}
-
-void ssl_RemoveStaleSessions(void)
-{
-    LOCK_SESSION();
-    RemoveStaleSessions();
-    UNLOCK_SESSION();
-}
-
-/* Create a new Sniffer Session */
-static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
-                                     char* error)
-{
-    SnifferSession* session = 0;
-    int row;
-
-    Trace(NEW_SESSION_STR);
-    /* create a new one */
-    session = (SnifferSession*)XMALLOC(sizeof(SnifferSession),
-            NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-    if (session == NULL) {
-        SetError(MEMORY_STR, error, NULL, 0);
-        return NULL;
-    }
-    InitSession(session);
-#ifdef HAVE_EXTENDED_MASTER
-    {
-        HsHashes* newHash = (HsHashes*)XMALLOC(sizeof(HsHashes),
-                NULL, DYNAMIC_TYPE_HASHES);
-        if (newHash == NULL) {
-            SetError(MEMORY_STR, error, NULL, 0);
-            XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-            return NULL;
-        }
-        if (HashInit(newHash) != 0) {
-            SetError(EXTENDED_MASTER_HASH_STR, error, NULL, 0);
-            XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-            return NULL;
-        }
-        session->hash = newHash;
-    }
-#endif
-    session->server  = ipInfo->dst;
-    session->client  = ipInfo->src;
-    session->srvPort = (word16)tcpInfo->dstPort;
-    session->cliPort = (word16)tcpInfo->srcPort;
-    session->cliSeqStart = tcpInfo->sequence;
-    session->cliExpected = 1;  /* relative */
-    session->lastUsed= wc_Time(NULL);
-    session->keySz = 0;
-    session->error = 0;
-    session->verboseErr = 0;
-#ifdef HAVE_SNI
-    session->sni = NULL;
-#endif
-
-    session->context = GetSnifferServer(ipInfo, tcpInfo);
-    if (session->context == NULL) {
-        SetError(SERVER_NOT_REG_STR, error, NULL, 0);
-        XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-        return NULL;
-    }
-
-    session->sslServer = wolfSSL_new(session->context->ctx);
-    if (session->sslServer == NULL) {
-        SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE);
-        XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-        return NULL;
-    }
-    session->sslClient = wolfSSL_new(session->context->ctx);
-    if (session->sslClient == NULL) {
-        wolfSSL_free(session->sslServer);
-        session->sslServer = 0;
-
-        SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE);
-        XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
-        return NULL;
-    }
-    /* put server back into server mode */
-    session->sslServer->options.side = WOLFSSL_SERVER_END;
-
-#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-    if (session->context->useKeyLogFile) {
-        setSnifferSecretCb(session);
-    }
-#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
-
-
-    row = SessionHash(ipInfo, tcpInfo);
-
-    /* add it to the session table */
-    LOCK_SESSION();
-
-    session->next = SessionTable[row];
-    SessionTable[row] = session;
-
-    SessionCount++;
-
-    if ( (SessionCount % HASH_SIZE) == 0) {
-        TraceFindingStale();
-        RemoveStaleSessions();
-    }
-
-    UNLOCK_SESSION();
-
-    /* CreateSession is called in response to a SYN packet, we know this
-     * is headed to the server. Also we know the server is one we care
-     * about as we've passed the GetSnifferServer() successfully. */
-    session->flags.side = WOLFSSL_SERVER_END;
-
-    return session;
-}
-
-
-#ifdef OLD_HELLO_ALLOWED
-
-/* Process Old Client Hello Input */
-static int DoOldHello(SnifferSession* session, const byte* sslFrame,
-                      int* rhSize, int* sslBytes, char* error)
-{
-    const byte* input = sslFrame;
-    byte        b0, b1;
-    word32      idx = 0;
-    int         ret;
-
-    Trace(GOT_OLD_CLIENT_HELLO_STR);
-    session->flags.clientHello = 1;    /* don't process again */
-    b0 = *input++;
-    b1 = *input++;
-    *sslBytes -= 2;
-    *rhSize = ((b0 & 0x7f) << 8) | b1;
-
-    if (*rhSize > *sslBytes) {
-        SetError(OLD_CLIENT_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    ret = ProcessOldClientHello(session->sslServer, input, &idx, *sslBytes,
-                                (word16)*rhSize);
-    if (ret < 0 && ret != WC_NO_ERR_TRACE(MATCH_SUITE_ERROR)) {
-        SetError(BAD_OLD_CLIENT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    Trace(OLD_CLIENT_OK_STR);
-    XMEMCPY(session->sslClient->arrays->clientRandom,
-           session->sslServer->arrays->clientRandom, RAN_LEN);
-
-    *sslBytes -= *rhSize;
-    return 0;
-}
-
-#endif /* OLD_HELLO_ALLOWED */
-
-
-#if 0
-/* Calculate the TCP checksum, see RFC 1071 */
-/* return 0 for success, -1 on error */
-/* can be called from decode() with
-   TcpChecksum(&ipInfo, &tcpInfo, sslBytes, packet + ipInfo.length);
-   could also add a 64bit version if type available and using this
-*/
-static int TcpChecksum(IpInfo* ipInfo, TcpInfo* tcpInfo, int dataLen,
-                const byte* packet)
-{
-    TcpPseudoHdr  pseudo;
-    int           count = PSEUDO_HDR_SZ;
-    const word16* data = (word16*)&pseudo;
-    word32        sum = 0;
-    word16        checksum;
-
-    pseudo.src = ipInfo->src.ip4;
-    pseudo.dst = ipInfo->dst.ip4;
-    pseudo.rsv = 0;
-    pseudo.protocol = TCP_PROTO;
-    pseudo.length = htons(tcpInfo->length + dataLen);
-
-    /* pseudo header sum */
-    while (count >= 2) {
-        sum   += *data++;
-        count -= 2;
-    }
-
-    count = tcpInfo->length + dataLen;
-    data = (word16*)packet;
-
-    /* main sum */
-    while (count > 1) {
-        sum   += *data++;
-        count -=2;
-    }
-
-    /* get left-over, if any */
-    packet = (byte*)data;
-    if (count > 0) {
-        sum += *packet;
-    }
-
-    /* fold 32bit sum into 16 bits */
-    while (sum >> 16)
-        sum = (sum & 0xffff) + (sum >> 16);
-
-    checksum = (word16)~sum;
-    /* checksum should now equal 0, since included already calcd checksum */
-    /* field, but tcp checksum offloading could negate calculation */
-    if (checksum == 0)
-        return 0;
-    return WOLFSSL_FATAL_ERROR;
-}
-#endif
-
-
-/* Check IP and TCP headers, set payload */
-/* returns 0 on success, -1 on error */
-static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet,
-    int length, const byte** sslFrame, int* sslBytes, char* error,
-    int checkReg, int trace)
-{
-    IpHdr* iphdr = (IpHdr*)packet;
-    TcpHdr* tcphdr;
-    int version;
-
-    if (trace) {
-        TraceHeader();
-        TracePacket();
-    }
-
-    /* ip header */
-    if (length < IP_HDR_SZ) {
-        SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    version = IP_V(iphdr);
-    if (version != IPV6 && version != IPV4) {
-        /* Is this VLAN IEEE 802.1Q Frame? TPID = 0x8100 */
-        if (packet[2] == 0x81 && packet[3] == 0x00) {
-            /* trim VLAN header and try again */
-            packet += 8;
-            length -= 8;
-        }
-    }
-
-    if (CheckIpHdr(iphdr, ipInfo, length, error, trace) != 0)
-        return WOLFSSL_FATAL_ERROR;
-
-#ifndef WOLFSSL_SNIFFER_WATCH
-    if (checkReg &&
-           !IsServerRegistered(iphdr->src) && !IsServerRegistered(iphdr->dst)) {
-        SetError(SERVER_NOT_REG_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-#endif
-
-    /* tcp header */
-    if (length < (ipInfo->length + TCP_HDR_SZ)) {
-        SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    tcphdr = (TcpHdr*)(packet + ipInfo->length);
-    if (CheckTcpHdr(tcphdr, tcpInfo, error, trace) != 0)
-        return WOLFSSL_FATAL_ERROR;
-
-#ifndef WOLFSSL_SNIFFER_WATCH
-    if (checkReg &&
-         !IsPortRegistered(tcpInfo->srcPort) &&
-            !IsPortRegistered(tcpInfo->dstPort)) {
-        SetError(SERVER_PORT_NOT_REG_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-#endif
-
-    /* setup */
-    *sslFrame = packet + ipInfo->length + tcpInfo->length;
-    if (*sslFrame > packet + length) {
-        SetError(PACKET_HDR_SHORT_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    /* We only care about the data in the TCP/IP record. There may be extra
-     * data after the IP record for the FCS for Ethernet. */
-    *sslBytes = (int)(packet + ipInfo->total - *sslFrame);
-
-    (void)checkReg;
-
-    return 0;
-}
-
-
-/* Create or Find existing session */
-/* returns 0 on success (continue), -1 on error, 1 on success (end) */
-static int CheckSession(IpInfo* ipInfo, TcpInfo* tcpInfo, int sslBytes,
-                        SnifferSession** session, char* error)
-{
-    /* create a new SnifferSession on client SYN */
-    if (tcpInfo->syn && !tcpInfo->ack) {
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        /* if session already exists and is pending do not create another */
-        *session = GetSnifferSession(ipInfo, tcpInfo);
-        if (*session != NULL) {
-            if ((*session)->pendSeq != 0) {
-                return WC_PENDING_E;
-            }
-        }
-    #endif
-
-        TraceClientSyn(tcpInfo->sequence);
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslEncryptedConns);
-#endif
-        *session = CreateSession(ipInfo, tcpInfo, error);
-        if (*session == NULL) {
-            *session = GetSnifferSession(ipInfo, tcpInfo);
-            /* already had existing, so OK */
-            if (*session)
-                return 1;
-
-            SetError(MEMORY_STR, error, NULL, 0);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        return 1;
-    }
-    /* get existing sniffer session */
-    else {
-        *session = GetSnifferSession(ipInfo, tcpInfo);
-        if (*session == NULL) {
-            /* don't worry about extraneous RST or duplicate FINs */
-            if (tcpInfo->fin || tcpInfo->rst)
-                return 1;
-            /* don't worry about duplicate ACKs either */
-            if (sslBytes == 0 && tcpInfo->ack)
-                return 1;
-
-#ifdef WOLFSSL_SNIFFER_STATS
-            LOCK_STAT();
-            NOLOCK_INC_STAT(SnifferStats.sslDecryptedPackets);
-            NOLOCK_ADD_TO_STAT(SnifferStats.sslDecryptedBytes, sslBytes);
-            UNLOCK_STAT();
-#endif
-
-            SetError(BAD_SESSION_STR, error, NULL, 0);
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-    return 0;
-}
-
-
-/* Create a Packet Buffer from *begin - end, adjust new *begin and bytesLeft */
-static PacketBuffer* CreateBuffer(word32* begin, word32 end, const byte* data,
-                                  int* bytesLeft)
-{
-    PacketBuffer* pb;
-    int added = (int)(end - *begin + 1);
-
-    if (added <= 0) {
-        return NULL;
-    }
-
-    pb = (PacketBuffer*)XMALLOC(sizeof(PacketBuffer),
-            NULL, DYNAMIC_TYPE_SNIFFER_PB);
-    if (pb == NULL) return NULL;
-
-    pb->next  = 0;
-    pb->begin = *begin;
-    pb->end   = end;
-    pb->data  = (byte*)XMALLOC(added, NULL, DYNAMIC_TYPE_SNIFFER_PB_BUFFER);
-
-    if (pb->data == NULL) {
-        XFREE(pb, NULL, DYNAMIC_TYPE_SNIFFER_PB);
-        return NULL;
-    }
-    XMEMCPY(pb->data, data, added);
-
-    *bytesLeft -= added;
-    *begin      = pb->end + 1;
-
-    return pb;
-}
-
-/* Add sslFrame to Reassembly List */
-/* returns 1 (end) on success, -1, on error */
-static int AddToReassembly(byte from, word32 seq, const byte* sslFrame,
-                           int sslBytes, SnifferSession* session, char* error)
-{
-    PacketBuffer*  add;
-    PacketBuffer** front = (from == WOLFSSL_SERVER_END) ?
-                       &session->cliReassemblyList: &session->srvReassemblyList;
-    PacketBuffer*  curr = *front;
-    PacketBuffer*  prev = curr;
-
-    word32* reassemblyMemory = (from == WOLFSSL_SERVER_END) ?
-                  &session->cliReassemblyMemory : &session->srvReassemblyMemory;
-    word32  startSeq = seq;
-    int     added;
-    int     bytesLeft = sslBytes;  /* could be overlapping fragment */
-
-    /* if list is empty add full frame to front */
-    if (!curr) {
-        if (MaxRecoveryMemory != -1 &&
-                      (int)(*reassemblyMemory + sslBytes) > MaxRecoveryMemory) {
-            SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        add = CreateBuffer(&seq, seq + sslBytes - 1, sslFrame, &bytesLeft);
-        if (add == NULL) {
-            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        *front = add;
-        *reassemblyMemory += sslBytes;
-        return 1;
-    }
-
-    /* add to front if before current front, up to next->begin */
-    if (seq < curr->begin) {
-        word32 end = seq + sslBytes - 1;
-
-        if (end >= curr->begin)
-            end = curr->begin - 1;
-
-        if (MaxRecoveryMemory -1 &&
-                      (int)(*reassemblyMemory + sslBytes) > MaxRecoveryMemory) {
-            SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        add = CreateBuffer(&seq, end, sslFrame, &bytesLeft);
-        if (add == NULL) {
-            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        add->next = curr;
-        *front = add;
-        *reassemblyMemory += sslBytes;
-    }
-
-    /* while we have bytes left, try to find a gap to fill */
-    while (bytesLeft > 0) {
-        /* get previous packet in list */
-        while (curr && (seq >= curr->begin)) {
-            prev = curr;
-            curr = curr->next;
-        }
-
-        /* don't add  duplicate data */
-        if (prev->end >= seq) {
-            if ( (seq + bytesLeft - 1) <= prev->end)
-                return 1;
-            seq = prev->end + 1;
-            bytesLeft = startSeq + sslBytes - seq;
-        }
-
-        if (!curr)
-            /* we're at the end */
-            added = bytesLeft;
-        else
-            /* we're in between two frames */
-            added = min(bytesLeft, (int)(curr->begin - seq));
-
-        /* data already there */
-        if (added <= 0)
-            continue;
-
-        if (MaxRecoveryMemory != -1 &&
-                         (int)(*reassemblyMemory + added) > MaxRecoveryMemory) {
-            SetError(REASSEMBLY_MAX_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        add = CreateBuffer(&seq, seq + added - 1, &sslFrame[seq - startSeq],
-                           &bytesLeft);
-        if (add == NULL) {
-            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        add->next  = prev->next;
-        prev->next = add;
-        *reassemblyMemory += added;
-    }
-    return 1;
-}
-
-/* Add out of order FIN capture */
-/* returns 1 for success (end) */
-static int AddFinCapture(SnifferSession* session, word32 sequence)
-{
-    if (session->flags.side == WOLFSSL_SERVER_END) {
-        if (session->finCapture.cliCounted == 0)
-            session->finCapture.cliFinSeq = sequence;
-    }
-    else {
-        if (session->finCapture.srvCounted == 0)
-            session->finCapture.srvFinSeq = sequence;
-    }
-    return 1;
-}
-
-/* Adjust incoming sequence based on side */
-/* returns 0 on success (continue), -1 on error, 1 on success (end) */
-static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session,
-                          int* sslBytes, const byte** sslFrame, char* error)
-{
-    int ret = 0;
-    word32  seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    session->cliSeqStart : session->srvSeqStart;
-    word32* seqLast = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    &session->cliSeqLast : &session->srvSeqLast;
-    word32  real     = tcpInfo->sequence - seqStart;
-    word32* expected = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                  &session->cliExpected : &session->srvExpected;
-    PacketBuffer* reassemblyList = (session->flags.side == WOLFSSL_SERVER_END) ?
-                        session->cliReassemblyList : session->srvReassemblyList;
-    byte  skipPartial = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                session->flags.srvSkipPartial :
-                                session->flags.cliSkipPartial;
-
-    /* handle rollover of sequence */
-    if (tcpInfo->sequence < seqStart)
-        real = 0xffffffffU - seqStart + tcpInfo->sequence + 1;
-
-    TraceRelativeSequence(*expected, real);
-
-    if (real < *expected) {
-        int overlap = *expected - real;
-
-        if (real + *sslBytes > *expected) {
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            if (session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E) &&
-                session->pendSeq != tcpInfo->sequence)
-        #endif
-            {
-                Trace(OVERLAP_DUPLICATE_STR);
-            }
-
-            /* The following conditional block is duplicated below. It is the
-             * same action but for a different setup case. If changing this
-             * block be sure to also update the block below. */
-            if (reassemblyList) {
-                word32 newEnd;
-
-                /* adjust to expected, remove duplicate */
-                *sslFrame += overlap;
-                *sslBytes = (*sslBytes > overlap) ? *sslBytes - overlap : 0;
-
-                newEnd = *expected + *sslBytes;
-                if (newEnd > reassemblyList->begin) {
-                    int covered_data_len;
-
-                    Trace(OVERLAP_REASSEMBLY_BEGIN_STR);
-
-                    /* remove bytes already on reassembly list */
-                    covered_data_len = newEnd - reassemblyList->begin;
-                    *sslFrame += covered_data_len;
-                    *sslBytes = (*sslBytes > covered_data_len) ?
-                                 *sslBytes - covered_data_len : 0;
-                }
-                if ((*sslBytes  > 0) && (newEnd > reassemblyList->end)) {
-                    Trace(OVERLAP_REASSEMBLY_END_STR);
-
-                    /* may be past reassembly list end (could have more on list)
-                       so try to add what's past the front->end */
-                    AddToReassembly(session->flags.side, reassemblyList->end + 1,
-                             *sslFrame + (reassemblyList->end - *expected + 1),
-                                 newEnd - reassemblyList->end, session, error);
-                }
-            }
-            else if (*sslBytes > 0) {
-                if (real + *sslBytes - 1 > *seqLast) {
-                    /* fix segment overlap */
-                #ifdef DEBUG_SNIFFER
-                    WOLFSSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    session->sslServer : session->sslClient;
-                    printf("\tSegment %d overlap (%d -> %d)\n",
-                        *sslBytes,
-                        ssl->buffers.inputBuffer.length - overlap,
-                        ssl->buffers.inputBuffer.length + *sslBytes - overlap - 1);
-                #endif
-                    *sslBytes -= overlap;
-                    *sslFrame += overlap;
-                }
-
-                /* DUP overlap, allow */
-                skipPartial = 0; /* do not reset sslBytes */
-            }
-            ret = 0;
-        }
-        else {
-            /* This can happen with unseen acks, out of order packets, or
-             * possible spurious retransmission. */
-            if (*sslBytes > 0) {
-                /* If packet has data attempt to process packet, if hasn't
-                 * already been received */
-                if (
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E) &&
-                    session->pendSeq != tcpInfo->sequence &&
-                #endif
-                    real + *sslBytes -1 <= *seqLast) {
-                    Trace(DUPLICATE_STR);
-                    ret = 1;
-                }
-                else {
-                    /* DUP: allow */
-                    skipPartial = 0; /* do not reset sslBytes */
-                    ret = 0;
-                }
-            }
-            else {
-                /* DUP empty, ignore */
-                ret = 1;
-            }
-        }
-    }
-    else if (real > *expected) {
-        Trace(OUT_OF_ORDER_STR);
-        if (*sslBytes > 0) {
-            int addResult = AddToReassembly(session->flags.side, real,
-                                          *sslFrame, *sslBytes, session, error);
-            ret = (skipPartial) ? 0 : addResult;
-        }
-        else if (tcpInfo->fin) {
-            ret = AddFinCapture(session, real);
-        }
-    }
-    else if (*sslBytes > 0) {
-        if (skipPartial) {
-            AddToReassembly(session->flags.side, real,
-                                          *sslFrame, *sslBytes, session, error);
-            ret = 0;
-        }
-        /* The following conditional block is duplicated above. It is the
-         * same action but for a different setup case. If changing this
-         * block be sure to also update the block above. */
-        else if (reassemblyList) {
-            word32 newEnd = *expected + *sslBytes;
-
-            if (newEnd > reassemblyList->begin) {
-                int covered_data_len;
-
-                Trace(OVERLAP_REASSEMBLY_BEGIN_STR);
-
-                /* remove bytes already on reassembly list */
-                covered_data_len = newEnd - reassemblyList->begin;
-                *sslFrame += covered_data_len;
-                *sslBytes = (*sslBytes > covered_data_len) ?
-                             *sslBytes - covered_data_len : 0;
-            }
-            if ((*sslBytes > 0) && (newEnd > reassemblyList->end)) {
-                Trace(OVERLAP_REASSEMBLY_END_STR);
-
-                /* may be past reassembly list end (could have more on list)
-                   so try to add what's past the front->end */
-                AddToReassembly(session->flags.side, reassemblyList->end + 1,
-                         *sslFrame + (reassemblyList->end - *expected + 1),
-                             newEnd - reassemblyList->end, session, error);
-            }
-        }
-    }
-    else {
-        /* no data present */
-    }
-
-    if (ret == 0) {
-        /* got expected sequence */
-        *expected += *sslBytes;
-        if (tcpInfo->fin)
-            *expected += 1;
-    }
-    if (*sslBytes > 0) {
-        *seqLast = real + *sslBytes - 1;
-    }
-    if (*sslBytes > 0 && skipPartial) {
-        *sslBytes = 0;
-    }
-
-    return ret;
-}
-
-
-static int FindNextRecordInAssembly(SnifferSession* session,
-                                    const byte** sslFrame, int* sslBytes,
-                                    const byte** end, char* error)
-{
-    PacketBuffer**     front = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    &session->cliReassemblyList :
-                                    &session->srvReassemblyList;
-    PacketBuffer*       curr = *front;
-    PacketBuffer*       prev = NULL;
-    byte*        skipPartial = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    &session->flags.srvSkipPartial :
-                                    &session->flags.cliSkipPartial;
-    int* reassemblyMemory = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    (int*)&session->cliReassemblyMemory :
-                                    (int*)&session->srvReassemblyMemory;
-    WOLFSSL*             ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    session->sslServer :
-                                    session->sslClient;
-    ProtocolVersion       pv = ssl->version;
-    word32*         expected = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                    &session->cliExpected :
-                                    &session->srvExpected;
-
-    while (curr != NULL) {
-        *expected = curr->end + 1;
-
-        if (curr->data[0] == application_data &&
-            curr->data[1] == pv.major &&
-            curr->data[2] == pv.minor) {
-
-            if (ssl->buffers.inputBuffer.length > 0)
-                Trace(DROPPING_PARTIAL_RECORD);
-
-            *sslBytes = (int)(curr->end - curr->begin + 1);
-            if ( *sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) {
-                if (GrowInputBuffer(ssl, *sslBytes, 0) < 0) {
-                    SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-                    return WOLFSSL_FATAL_ERROR;
-                }
-            }
-
-            XMEMCPY(ssl->buffers.inputBuffer.buffer, curr->data, *sslBytes);
-
-            *front = curr->next;
-            *reassemblyMemory -= *sslBytes;
-            FreePacketBuffer(curr);
-
-            ssl->buffers.inputBuffer.length = *sslBytes;
-            *sslFrame = ssl->buffers.inputBuffer.buffer;
-            *end = *sslFrame + *sslBytes;
-            *skipPartial = 0;
-
-            return 0;
-        }
-        else if (ssl->specs.cipher_type == block) {
-            int ivPos = (int)(curr->end - curr->begin -
-                                                     ssl->specs.block_size + 1);
-            if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes) {
-#ifndef NO_AES
-                if (ivPos >= 0)
-                    wc_AesSetIV(ssl->decrypt.aes, curr->data + ivPos);
-#endif
-            }
-            else if (ssl->specs.bulk_cipher_algorithm == wolfssl_triple_des) {
-#ifndef NO_DES3
-                if (ivPos >= 0)
-                    wc_Des3_SetIV(ssl->decrypt.des3, curr->data + ivPos);
-#endif
-            }
-        }
-
-        Trace(DROPPING_LOST_FRAG_STR);
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslDecodeFails);
-#endif
-        prev = curr;
-        curr = curr->next;
-        *reassemblyMemory -= (int)(prev->end - prev->begin + 1);
-        FreePacketBuffer(prev);
-    }
-
-    *front = curr;
-
-    return 0;
-}
-
-
-static int FixSequence(TcpInfo* tcpInfo, SnifferSession* session)
-{
-    word32*   expected = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                &session->srvExpected : &session->cliExpected;
-    word32    seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                session->srvSeqStart : session->cliSeqStart;
-    PacketBuffer* list = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                session->srvReassemblyList :
-                                session->cliReassemblyList;
-    byte*  skipPartial = (session->flags.side != WOLFSSL_SERVER_END) ?
-                                &session->flags.srvSkipPartial :
-                                &session->flags.cliSkipPartial;
-
-    *skipPartial = 1;
-
-    if (list != NULL)
-        *expected = list->begin;
-    else
-        *expected = tcpInfo->ackNumber - seqStart;
-
-    return 1;
-}
-
-
-/* Check latest ack number for missing packets
-   return 0 ok, <0 on error */
-static int CheckAck(TcpInfo* tcpInfo, SnifferSession* session)
-{
-    if (tcpInfo->ack) {
-        word32  seqStart = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                     session->srvSeqStart :session->cliSeqStart;
-        word32  real     = tcpInfo->ackNumber - seqStart;
-        word32  expected = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                  session->srvExpected : session->cliExpected;
-
-        /* handle rollover of sequence */
-        if (tcpInfo->ackNumber < seqStart)
-            real = 0xffffffffU - seqStart + tcpInfo->ackNumber + 1;
-
-        TraceAck(real, expected);
-
-        if (real > expected)
-            return WOLFSSL_FATAL_ERROR;  /* we missed a packet, ACKing data we never saw */
-    }
-    return 0;
-}
-
-
-/* Check TCP Sequence status */
-/* returns 0 on success (continue), -1 on error, 1 on success (end) */
-static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo,
-                         SnifferSession* session, int* sslBytes,
-                         const byte** sslFrame, char* error)
-{
-    int actualLen;
-    byte* ackFault = (session->flags.side == WOLFSSL_SERVER_END) ?
-                        &session->flags.cliAckFault :
-                        &session->flags.srvAckFault;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (session->sslServer->error == 0 && session->pendSeq != 0 &&
-        session->pendSeq == tcpInfo->sequence) {
-        return 0; /* ready to process, but skip sequence checking below (already done) */
-    }
-    /* check if this session is pending */
-    else if (session->pendSeq != 0 && session->pendSeq != tcpInfo->sequence) {
-        return WC_PENDING_E;
-    }
-#endif
-
-    /* init SEQ from server to client - if not ack fault */
-    if (tcpInfo->syn && tcpInfo->ack && !*ackFault) {
-        session->srvSeqStart = tcpInfo->sequence;
-        session->srvExpected = 1;
-        TraceServerSyn(tcpInfo->sequence);
-        return 1;
-    }
-
-    /* adjust potential ethernet trailer */
-    actualLen = ipInfo->total - ipInfo->length - tcpInfo->length;
-    if (*sslBytes > actualLen) {
-        *sslBytes = actualLen;
-    }
-
-    TraceSequence(tcpInfo->sequence, *sslBytes);
-    if (CheckAck(tcpInfo, session) < 0) {
-        if (!RecoveryEnabled) {
-        #ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-            UpdateMissedDataSessions();
-        #endif
-            SetError(ACK_MISSED_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            SetError(ACK_MISSED_STR, error, session, 0);
-            if (*ackFault == 0) {
-                *ackFault = 1;
-            #ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-                UpdateMissedDataSessions();
-            #endif
-            }
-            return FixSequence(tcpInfo, session);
-        }
-    }
-
-    if (*ackFault) {
-        Trace(CLEAR_ACK_FAULT);
-        *ackFault = 0;
-    }
-
-    return AdjustSequence(tcpInfo, session, sslBytes, sslFrame, error);
-}
-
-
-/* Check Status before record processing */
-/* returns 0 on success (continue), -1 on error, 1 on success (end) */
-static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
-                          const byte** sslFrame, SnifferSession** pSession,
-                          int* sslBytes, const byte** end, char* error)
-{
-    word32 length;
-    SnifferSession* session = *pSession;
-    WOLFSSL* ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                  session->sslServer : session->sslClient;
-    byte skipPartial = (session->flags.side == WOLFSSL_SERVER_END) ?
-                        session->flags.srvSkipPartial :
-                        session->flags.cliSkipPartial;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    /* if this is a pending async packet do not "grow" on partial (we already did) */
-    if (session->pendSeq == tcpInfo->sequence) {
-        if (session->sslServer->error == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-            return 0; /* don't check pre-record again */
-        }
-        /* if record check already done then restore, otherwise process normal */
-        if (ssl->buffers.inputBuffer.length > 0) {
-            *sslBytes = ssl->buffers.inputBuffer.length;
-            *sslFrame = ssl->buffers.inputBuffer.buffer;
-            *end = *sslFrame + *sslBytes;
-            return 0;
-        }
-    }
-#endif
-
-    /* remove SnifferSession on 2nd FIN or RST */
-    if (tcpInfo->fin || tcpInfo->rst) {
-        /* flag FIN and RST */
-        if (tcpInfo->fin)
-            session->flags.finCount += 1;
-        else if (tcpInfo->rst)
-            session->flags.finCount += 2;
-
-        if (session->flags.finCount >= 2) {
-            RemoveSession(session, ipInfo, tcpInfo, 0);
-            *pSession = NULL;
-            return 1;
-        }
-    }
-
-    if (session->flags.fatalError == FATAL_ERROR_STATE) {
-        SetError(FATAL_ERROR_STR, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (skipPartial) {
-        if (FindNextRecordInAssembly(session,
-                                     sslFrame, sslBytes, end, error) < 0) {
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (*sslBytes <= 0) {
-        Trace(NO_DATA_STR);
-        return 1;
-    }
-
-    /* if current partial data, add to end of partial */
-    /* if skipping, the data is already at the end of partial */
-    length = ssl->buffers.inputBuffer.length;
-    if ( !skipPartial && length ) {
-        Trace(PARTIAL_ADD_STR);
-
-        if ( (*sslBytes + length) > ssl->buffers.inputBuffer.bufferSize) {
-            if (GrowInputBuffer(ssl, *sslBytes, length) < 0) {
-                SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-        }
-        XMEMCPY(&ssl->buffers.inputBuffer.buffer[length],
-                *sslFrame, *sslBytes);
-        *sslBytes += length;
-        ssl->buffers.inputBuffer.length = *sslBytes;
-        *sslFrame = ssl->buffers.inputBuffer.buffer;
-        *end = *sslFrame + *sslBytes;
-    }
-
-    if (session->flags.clientHello == 0 && **sslFrame != handshake) {
-        /* Sanity check the packet for an old style client hello. */
-        int rhSize = (((*sslFrame)[0] & 0x7f) << 8) | ((*sslFrame)[1]);
-
-        if ((rhSize <= (*sslBytes - 2)) &&
-            (*sslFrame)[2] == OLD_HELLO_ID && (*sslFrame)[3] == SSLv3_MAJOR) {
-#ifdef OLD_HELLO_ALLOWED
-        int ret = DoOldHello(session, *sslFrame, &rhSize, sslBytes, error);
-        if (ret < 0)
-            return WOLFSSL_FATAL_ERROR;  /* error already set */
-        if (*sslBytes <= 0)
-            return 1;
-#endif
-        }
-        else {
-#ifdef STARTTLS_ALLOWED
-            if (ssl->buffers.inputBuffer.dynamicFlag) {
-                ssl->buffers.inputBuffer.length = 0;
-                ShrinkInputBuffer(ssl, NO_FORCED_FREE);
-            }
-            return 1;
-#endif
-        }
-    }
-
-    return 0;
-}
-
-
-/* See if input on the reassembly list is ready for consuming */
-/* returns 1 for TRUE, 0 for FALSE */
-static int HaveMoreInput(SnifferSession* session, const byte** sslFrame,
-                         int* sslBytes, const byte** end, char* error)
-{
-    /* sequence and reassembly based on from, not to */
-    int            moreInput = 0;
-    PacketBuffer** front = (session->flags.side == WOLFSSL_SERVER_END) ?
-                      &session->cliReassemblyList : &session->srvReassemblyList;
-    word32*        expected = (session->flags.side == WOLFSSL_SERVER_END) ?
-                                  &session->cliExpected : &session->srvExpected;
-    /* buffer is on receiving end */
-    word32*          length = (session->flags.side == WOLFSSL_SERVER_END) ?
-                               &session->sslServer->buffers.inputBuffer.length :
-                               &session->sslClient->buffers.inputBuffer.length;
-    byte**         myBuffer = (session->flags.side == WOLFSSL_SERVER_END) ?
-                               &session->sslServer->buffers.inputBuffer.buffer :
-                               &session->sslClient->buffers.inputBuffer.buffer;
-    word32*      bufferSize = (session->flags.side == WOLFSSL_SERVER_END) ?
-                           &session->sslServer->buffers.inputBuffer.bufferSize :
-                           &session->sslClient->buffers.inputBuffer.bufferSize;
-    WOLFSSL*           ssl  = (session->flags.side == WOLFSSL_SERVER_END) ?
-                            session->sslServer : session->sslClient;
-    word32*     reassemblyMemory = (session->flags.side == WOLFSSL_SERVER_END) ?
-                  &session->cliReassemblyMemory : &session->srvReassemblyMemory;
-
-    while (*front && ((*front)->begin == *expected) ) {
-        int room = (int)(*bufferSize - *length);
-        int packetLen = (int)((*front)->end - (*front)->begin + 1);
-
-        if (packetLen > room && *bufferSize < MAX_INPUT_SZ) {
-            if (GrowInputBuffer(ssl, packetLen, *length) < 0) {
-                SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-                return 0;
-            }
-            room = *bufferSize - *length;   /* bufferSize is now bigger */
-        }
-
-        if (packetLen <= room) {
-            PacketBuffer* del = *front;
-            byte*         buf = *myBuffer;
-
-            XMEMCPY(&buf[*length], (*front)->data, packetLen);
-            *length   += packetLen;
-            *expected += packetLen;
-
-            /* remove used packet */
-            *front = (*front)->next;
-
-            *reassemblyMemory -= packetLen;
-            FreePacketBuffer(del);
-
-            moreInput = 1;
-        }
-        else
-            break;
-    }
-    if (moreInput) {
-        *sslFrame = *myBuffer;
-        *sslBytes = *length;
-        *end      = *myBuffer + *length;
-    }
-    return moreInput;
-}
-
-
-
-/* Process Message(s) from sslFrame */
-/* return Number of bytes on success, 0 for no data yet, and -1 on error */
-static int ProcessMessage(const byte* sslFrame, SnifferSession* session,
-                          int sslBytes, byte** data, const byte* end,
-                          void* ctx, char* error)
-{
-    const byte*       sslBegin = sslFrame;
-    const byte*       recordEnd;   /* end of record indicator */
-    const byte*       inRecordEnd; /* indicator from input stream not decrypt */
-    RecordLayerHeader rh;
-    int               rhSize;
-    int               ret;
-    int               errCode = 0;
-    int               decoded = 0;      /* bytes stored for user in data */
-    int               notEnough;        /* notEnough bytes yet flag */
-    int               decrypted = 0;    /* was current msg decrypted */
-    WOLFSSL*          ssl = (session->flags.side == WOLFSSL_SERVER_END) ?
-                            session->sslServer : session->sslClient;
-doMessage:
-
-    notEnough = 0;
-    rhSize = 0;
-    if (sslBytes < 0) {
-        SetError(PACKET_HDR_SHORT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-    if (sslBytes >= RECORD_HEADER_SZ) {
-        if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) {
-            /* ignore packet if record header errors */
-            SetError(BAD_RECORD_HDR_STR, error, session, 0);
-            return 0;
-        }
-    }
-    else {
-        notEnough = 1;
-    }
-
-    if (notEnough || rhSize > (sslBytes - RECORD_HEADER_SZ)) {
-        /* don't have enough input yet to process full SSL record */
-        Trace(PARTIAL_INPUT_STR);
-
-        /* store partial if not there already or we advanced */
-        if (ssl->buffers.inputBuffer.length == 0 || sslBegin != sslFrame) {
-            if (sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) {
-                if (GrowInputBuffer(ssl, sslBytes, 0) < 0) {
-                    SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-                    return WOLFSSL_FATAL_ERROR;
-                }
-            }
-            XMEMMOVE(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes);
-            ssl->buffers.inputBuffer.length = sslBytes;
-        }
-        if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
-            goto doMessage;
-        return decoded;
-    }
-    sslFrame += RECORD_HEADER_SZ;
-    sslBytes -= RECORD_HEADER_SZ;
-    recordEnd = sslFrame + rhSize;   /* may have more than one record */
-    inRecordEnd = recordEnd;
-
-    /* Make sure cipher is on for client, if we get an application data packet
-     * and handshake is done for server. This workaround is required if client
-     * handshake packets were missed, retransmitted or sent out of order. */
-    if ((enum ContentType)rh.type == application_data &&
-                  ssl->options.handShakeDone && session->flags.serverCipherOn) {
-        session->flags.clientCipherOn = 1;
-        session->sslClient->options.handShakeState = HANDSHAKE_DONE;
-        session->sslClient->options.handShakeDone  = 1;
-    }
-
-    /* decrypt if needed */
-    if ((session->flags.side == WOLFSSL_SERVER_END &&
-                                               session->flags.serverCipherOn)
-     || (session->flags.side == WOLFSSL_CLIENT_END &&
-                                               session->flags.clientCipherOn)) {
-        int ivAdvance = 0;  /* TLSv1.1 advance amount */
-
-        /* change_cipher_spec is not encrypted */
-        if (rh.type == change_cipher_spec) {
-            goto doPart;
-        }
-        if (ssl->decrypt.setup != 1) {
-            SetError(DECRYPT_KEYS_NOT_SETUP, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-        if (CheckAvailableSize(ssl, rhSize) < 0) {
-            SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-        }
-
-        sslFrame = DecryptMessage(ssl, sslFrame, rhSize,
-                                  ssl->buffers.outputBuffer.buffer, &errCode,
-                                  &ivAdvance, &rh);
-        recordEnd = sslFrame - ivAdvance + rhSize;  /* sslFrame moved so
-                                                       should recordEnd */
-        decrypted = 1;
-
-#ifdef WOLFSSL_SNIFFER_STATS
-        if (errCode != 0) {
-            INC_STAT(SnifferStats.sslKeyFails);
-        }
-        else {
-            LOCK_STAT();
-            NOLOCK_INC_STAT(SnifferStats.sslDecryptedPackets);
-            NOLOCK_ADD_TO_STAT(SnifferStats.sslDecryptedBytes, sslBytes);
-            UNLOCK_STAT();
-        }
-#endif
-        if (errCode != 0) {
-            if ((enum ContentType)rh.type == application_data) {
-                SetError(BAD_DECRYPT, error, session, FATAL_ERROR_STATE);
-                return WOLFSSL_FATAL_ERROR;
-            }
-            /* do not end session for failures on handshake packets */
-            return 0;
-        }
-    }
-
-doPart:
-
-    switch ((enum ContentType)rh.type) {
-        case handshake:
-            {
-                int startIdx = sslBytes;
-                int used;
-
-                Trace(GOT_HANDSHAKE_STR);
-                ret = DoHandShake(sslFrame, &sslBytes, session, error, rhSize);
-            #ifdef WOLFSSL_ASYNC_CRYPT
-                if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
-                    return ret;
-            #endif
-                if (ret != 0 || sslBytes > startIdx) {
-                    if (session->flags.fatalError == 0)
-                        SetError(BAD_HANDSHAKE_STR, error, session,
-                                 FATAL_ERROR_STATE);
-                    return WOLFSSL_FATAL_ERROR;
-                }
-
-                /* DoHandShake now fully decrements sslBytes to remaining */
-                used = startIdx - sslBytes;
-                sslFrame += used;
-                if (decrypted)
-                    sslFrame += ssl->keys.padSz;
-            }
-            break;
-        case change_cipher_spec:
-            if (session->flags.side == WOLFSSL_SERVER_END) {
-            #ifdef WOLFSSL_TLS13
-                if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len == 0) {
-                    session->flags.serverCipherOn = 0;
-                }
-                else
-            #endif
-                {
-                    session->flags.serverCipherOn = 1;
-                }
-            }
-            else
-                session->flags.clientCipherOn = 1;
-            Trace(GOT_CHANGE_CIPHER_STR);
-            ssl->options.handShakeState = HANDSHAKE_DONE;
-            ssl->options.handShakeDone  = 1;
-
-            sslFrame += 1;
-            sslBytes -= 1;
-
-            break;
-        case application_data:
-            Trace(GOT_APP_DATA_STR);
-            {
-                word32 inOutIdx = 0;
-                int    ivExtra  = 0;
-
-                ret = DoApplicationData(ssl, (byte*)sslFrame, &inOutIdx, SNIFF);
-                if (ret == 0) {
-                    ret = ssl->buffers.clearOutputBuffer.length;
-                #ifndef WOLFSSL_AEAD_ONLY
-                    if (ssl->specs.cipher_type == block) {
-                        if (ssl->options.tls1_1)
-                            ivExtra = ssl->specs.block_size;
-                    }
-                    else
-                #endif
-                    if (ssl->specs.cipher_type == aead) {
-                        if (!ssl->options.tls1_3 &&
-                            ssl->specs.bulk_cipher_algorithm != wolfssl_chacha)
-                            ivExtra = AESGCM_EXP_IV_SZ;
-                    }
-
-                    ret -= ivExtra;
-
-                #if defined(HAVE_ENCRYPT_THEN_MAC) && \
-                    !defined(WOLFSSL_AEAD_ONLY)
-                    if (ssl->options.startedETMRead)
-                        ret -= MacSize(ssl);
-                #endif
-                    TraceGotData(ret);
-                    if (ret > 0) {  /* may be blank message */
-                        if (data != NULL) {
-                            byte* tmpData;  /* don't leak on realloc free */
-                            /* add an extra byte at end of allocation in case
-                             * user wants to null terminate plaintext */
-                            tmpData = (byte*)XREALLOC(*data, decoded + ret + 1,
-                                    NULL, DYNAMIC_TYPE_TMP_BUFFER);
-                            if (tmpData == NULL) {
-                                ForceZero(*data, decoded);
-                                XFREE(*data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-                                *data = NULL;
-                                SetError(MEMORY_STR, error, session,
-                                         FATAL_ERROR_STATE);
-                                return WOLFSSL_FATAL_ERROR;
-                            }
-                            *data = tmpData;
-                            XMEMCPY(*data + decoded,
-                                    ssl->buffers.clearOutputBuffer.buffer, ret);
-                        }
-                        else {
-#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB
-                            if (StoreDataCb) {
-                                const byte* buf;
-                                word32 offset = 0;
-                                word32 bufSz;
-                                int stored;
-
-                                buf = ssl->buffers.clearOutputBuffer.buffer;
-                                bufSz = ssl->buffers.clearOutputBuffer.length;
-                                do {
-                                    stored = StoreDataCb(buf, bufSz, offset,
-                                            ctx);
-                                    if (stored <= 0) {
-                                        return WOLFSSL_FATAL_ERROR;
-                                    }
-                                    offset += stored;
-                                } while (offset < bufSz);
-                            }
-                            else {
-                                SetError(STORE_DATA_CB_MISSING_STR, error,
-                                        session, FATAL_ERROR_STATE);
-                                return WOLFSSL_FATAL_ERROR;
-                            }
-#else
-                            (void)ctx;
-                            SetError(NO_DATA_DEST_STR, error, session,
-                                    FATAL_ERROR_STATE);
-                            return WOLFSSL_FATAL_ERROR;
-#endif
-                        }
-                        TraceAddedData(ret, decoded);
-                        decoded += ret;
-                        ssl->buffers.clearOutputBuffer.length = 0;
-                    }
-                    else if (ret < 0){
-                    #ifdef DEBUG_SNIFFER
-                        printf("Invalid data offset calculation! "
-                            "ret %d, inOutIdx %d, ivExtra %d\n",
-                            ret, inOutIdx, ivExtra);
-                    #endif
-                        /* set error, but do not treat fatal */
-                        SetError(BAD_APP_DATA_STR, error, session, 0);
-                        return WOLFSSL_FATAL_ERROR;
-                    }
-                }
-                else {
-                    /* set error, but do not treat fatal */
-                    SetError(BAD_APP_DATA_STR, error, session, 0);
-                    return WOLFSSL_FATAL_ERROR;
-                }
-                if (ssl->buffers.outputBuffer.dynamicFlag)
-                    ShrinkOutputBuffer(ssl);
-
-                sslFrame += inOutIdx;
-                sslBytes -= inOutIdx;
-            }
-            break;
-        case alert:
-            Trace(GOT_ALERT_STR);
-#ifdef WOLFSSL_SNIFFER_STATS
-            INC_STAT(SnifferStats.sslAlerts);
-#endif
-            sslFrame += rhSize;
-            sslBytes -= rhSize;
-            break;
-#ifdef WOLFSSL_DTLS13
-        case ack:
-            /* TODO */
-#endif /* WOLFSSL_DTLS13 */
-        case dtls12_cid:
-        case no_type:
-        default:
-            SetError(GOT_UNKNOWN_RECORD_STR, error, session, FATAL_ERROR_STATE);
-            return WOLFSSL_FATAL_ERROR;
-    }
-
-    /* do we have another msg in record (if app data did we decode bytes?) */
-    if (sslFrame < recordEnd && ((enum ContentType)rh.type != application_data ||
-        ((enum ContentType)rh.type == application_data && decoded))) {
-        Trace(ANOTHER_MSG_STR);
-        goto doPart;
-    }
-
-    /* back to input stream instead of potential decrypt buffer */
-    recordEnd = inRecordEnd;
-
-    /* do we have more records ? */
-    if (recordEnd < end) {
-        Trace(ANOTHER_MSG_STR);
-        sslFrame = recordEnd;
-        sslBytes = (int)(end - recordEnd);
-        goto doMessage;
-    }
-
-    /* clear used input */
-    ssl->buffers.inputBuffer.length = 0;
-
-    /* could have more input ready now */
-    if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error))
-        goto doMessage;
-
-    if (ssl->buffers.inputBuffer.dynamicFlag)
-        ShrinkInputBuffer(ssl, NO_FORCED_FREE);
-
-    return decoded;
-}
-
-
-/* See if we need to process any pending FIN captures */
-/* Return 0=normal, else = session removed */
-static int CheckFinCapture(IpInfo* ipInfo, TcpInfo* tcpInfo,
-                            SnifferSession* session)
-{
-    int ret = 0;
-    if (session->finCapture.cliFinSeq && session->finCapture.cliFinSeq <=
-                                         session->cliExpected) {
-        if (session->finCapture.cliCounted == 0) {
-            session->flags.finCount += 1;
-            session->finCapture.cliCounted = 1;
-            TraceClientFin(session->finCapture.cliFinSeq, session->cliExpected);
-        }
-    }
-
-    if (session->finCapture.srvFinSeq && session->finCapture.srvFinSeq <=
-                                         session->srvExpected) {
-        if (session->finCapture.srvCounted == 0) {
-            session->flags.finCount += 1;
-            session->finCapture.srvCounted = 1;
-            TraceServerFin(session->finCapture.srvFinSeq, session->srvExpected);
-        }
-    }
-
-    if (session->flags.finCount >= 2) {
-        RemoveSession(session, ipInfo, tcpInfo, 0);
-        ret = 1;
-    }
-    return ret;
-}
-
-
-/* If session is in fatal error state free resources now
-   return true if removed, 0 otherwise */
-static int RemoveFatalSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
-                              SnifferSession* session, char* error)
-{
-    if (session && session->flags.fatalError == FATAL_ERROR_STATE) {
-        if (!session->verboseErr) {
-            SetError(FATAL_ERROR_STR, error, NULL, 0);
-        }
-        RemoveSession(session, ipInfo, tcpInfo, 0);
-        return 1;
-    }
-    return 0;
-}
-
-int ssl_DecodePacket_GetStream(SnifferStreamInfo* info, const byte* packet,
-        int length, char* error )
-{
-    TcpInfo           tcpInfo;
-    IpInfo            ipInfo;
-    const byte*       sslFrame = NULL;
-    int               sslBytes = 0;
-
-    XMEMSET(&tcpInfo, 0, sizeof(tcpInfo));
-    XMEMSET(&ipInfo, 0, sizeof(ipInfo));
-
-    if (CheckHeaders(&ipInfo, &tcpInfo, packet, length, &sslFrame, &sslBytes,
-            error, 0, 0) != 0) {
-        return WOLFSSL_SNIFFER_ERROR;
-    }
-
-    info->src     = ipInfo.src;
-    info->dst     = ipInfo.dst;
-    info->srcPort = tcpInfo.srcPort;
-    info->dstPort = tcpInfo.dstPort;
-
-    return 0;
-}
-
-/* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */
-/* returns Number of bytes on success, 0 for no data yet, and
- * WOLFSSL_SNIFFER_ERROR on error and WOLFSSL_SNIFFER_FATAL_ERROR on fatal state
- * error
- */
-static int ssl_DecodePacketInternal(const byte* packet, int length, int isChain,
-                                    byte** data, SSLInfo* sslInfo,
-                                    void* ctx, char* error, int asyncOkay)
-{
-    TcpInfo           tcpInfo;
-    IpInfo            ipInfo;
-    byte*             tmpPacket = NULL;        /* Assemble the chain */
-    const byte*       sslFrame;
-    const byte*       end;
-    int               sslBytes;                /* ssl bytes unconsumed */
-    int               ret;
-    SnifferSession*   session = NULL;
-
-    if (isChain) {
-#ifdef WOLFSSL_SNIFFER_CHAIN_INPUT
-        struct iovec* chain;
-        word32 i;
-
-        word32 chainSz = (word32)length;
-
-        chain = (struct iovec*)packet;
-        length = 0;
-        for (i = 0; i < chainSz; i++) length += chain[i].iov_len;
-
-        tmpPacket = (byte*)XMALLOC(length, NULL, DYNAMIC_TYPE_SNIFFER_CHAIN_BUFFER);
-        if (tmpPacket == NULL) return MEMORY_E;
-
-        length = 0;
-        for (i = 0; i < chainSz; i++) {
-            XMEMCPY(tmpPacket+length,chain[i].iov_base,chain[i].iov_len);
-            length += chain[i].iov_len;
-        }
-        packet = (const byte*)tmpPacket;
-#else
-        SetError(BAD_INPUT_STR, error, session, FATAL_ERROR_STATE);
-        return WOLFSSL_SNIFFER_ERROR;
-#endif
-    }
-
-    if (CheckHeaders(&ipInfo, &tcpInfo, packet, length, &sslFrame, &sslBytes,
-                     error, 1, 1) != 0) {
-        ret = WOLFSSL_SNIFFER_ERROR;
-        goto exit_decode;
-    }
-
-    end = sslFrame + sslBytes;
-
-    ret = CheckSession(&ipInfo, &tcpInfo, sslBytes, &session, error);
-    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) {
-        ret = WOLFSSL_SNIFFER_FATAL_ERROR;
-        goto exit_decode;
-    }
-#ifdef WOLFSSL_ASYNC_CRYPT
-    else if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-        ret = WC_PENDING_E;
-        goto exit_decode;
-    }
-#endif
-    else if (ret == -1) {
-        ret = WOLFSSL_SNIFFER_ERROR;
-        goto exit_decode;
-    }
-    else if (ret ==  1) {
-#ifdef WOLFSSL_SNIFFER_STATS
-        if (sslBytes > 0) {
-            LOCK_STAT();
-            NOLOCK_INC_STAT(SnifferStats.sslEncryptedPackets);
-            NOLOCK_ADD_TO_STAT(SnifferStats.sslEncryptedBytes, sslBytes);
-            UNLOCK_STAT();
-        }
-        else {
-            INC_STAT(SnifferStats.sslDecryptedPackets);
-        }
-#endif
-        ret = 0;
-        goto exit_decode; /* done for now */
-    }
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    session->userCtx = ctx;
-#endif
-
-    ret = CheckSequence(&ipInfo, &tcpInfo, session, &sslBytes, &sslFrame,error);
-    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) {
-        ret = WOLFSSL_SNIFFER_FATAL_ERROR;
-        goto exit_decode;
-    }
-    else if (ret == -1) {
-        ret = WOLFSSL_SNIFFER_ERROR;
-        goto exit_decode;
-    }
-    else if (ret ==  1) {
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslDecryptedPackets);
-#endif
-        ret = 0;
-        goto exit_decode; /* done for now */
-    }
-    else if (ret != 0) {
-        goto exit_decode; /* return specific error case */
-    }
-
-    ret = CheckPreRecord(&ipInfo, &tcpInfo, &sslFrame, &session, &sslBytes,
-                         &end, error);
-    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) {
-        ret = WOLFSSL_SNIFFER_FATAL_ERROR;
-        goto exit_decode;
-    }
-    else if (ret == -1) {
-        ret = WOLFSSL_SNIFFER_ERROR;
-        goto exit_decode;
-    }
-    else if (ret ==  1) {
-#ifdef WOLFSSL_SNIFFER_STATS
-        INC_STAT(SnifferStats.sslDecryptedPackets);
-#endif
-        ret = 0;
-        goto exit_decode; /* done for now */
-    }
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    /* make sure this server was polled */
-    if (asyncOkay &&
-        session->sslServer->error == WC_NO_ERR_TRACE(WC_PENDING_E) &&
-        !session->flags.wasPolled) {
-        ret = WC_PENDING_E;
-        goto exit_decode;
-    }
-#endif
-
-#ifdef WOLFSSL_SNIFFER_STATS
-    #ifdef WOLFSSL_ASYNC_CRYPT
-    if (session->sslServer->error != WC_NO_ERR_TRACE(WC_PENDING_E))
-    #endif
-    {
-        if (sslBytes > 0) {
-            LOCK_STAT();
-            NOLOCK_INC_STAT(SnifferStats.sslEncryptedPackets);
-            NOLOCK_ADD_TO_STAT(SnifferStats.sslEncryptedBytes, sslBytes);
-            UNLOCK_STAT();
-        }
-        else {
-            INC_STAT(SnifferStats.sslDecryptedPackets);
-        }
-    }
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    do {
-#endif
-        ret = ProcessMessage(sslFrame, session, sslBytes, data, end, ctx, error);
-        session->sslServer->error = ret;
-#ifdef WOLFSSL_ASYNC_CRYPT
-        /* capture the seq pending for this session */
-        if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-            session->flags.wasPolled = 0;
-            session->pendSeq = tcpInfo.sequence;
-            if (!asyncOkay || CryptoDeviceId == INVALID_DEVID) {
-                /* If devId has not been set then we need to block here by
-                 * polling and looping */
-                wolfSSL_AsyncPoll(session->sslServer, WOLF_POLL_FLAG_CHECK_HW);
-            }
-            else {
-                goto exit_decode; /* return to caller */
-            }
-        }
-        else {
-            session->pendSeq = 0;
-        }
-    } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-#else
-    (void)asyncOkay;
-#endif
-
-    if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) {
-        ret = WOLFSSL_SNIFFER_FATAL_ERROR;
-        goto exit_decode;
-    }
-    if (CheckFinCapture(&ipInfo, &tcpInfo, session) == 0) {
-        CopySessionInfo(session, sslInfo);
-    }
-
-exit_decode:
-    if (isChain) {
-        XFREE(tmpPacket, NULL, DYNAMIC_TYPE_SNIFFER_CHAIN_BUFFER);
-    }
-    return ret;
-}
-
-
-/* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */
-/* returns Number of bytes on success, 0 for no data yet, WOLFSSL_SNIFFER_ERROR.
- * on error and WOLFSSL_SNIFFER_FATAL_ERROR on fatal state error */
-/* Also returns Session Info if available */
-int ssl_DecodePacketWithSessionInfo(const unsigned char* packet, int length,
-    unsigned char** data, SSLInfo* sslInfo, char* error)
-{
-    return ssl_DecodePacketInternal(packet, length, 0, data, sslInfo,
-            NULL, error, 0);
-}
-
-
-/* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */
-/* returns Number of bytes on success, 0 for no data yet, WOLFSSL_SNIFFER_ERROR.
- * on error and WOLFSSL_SNIFFER_FATAL_ERROR on fatal state error */
-int ssl_DecodePacket(const byte* packet, int length, byte** data, char* error)
-{
-    return ssl_DecodePacketInternal(packet, length, 0, data, NULL, NULL,
-            error, 0);
-}
-
-
-#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB
-
-/* returns Number of bytes on success, 0 for no data yet, WOLFSSL_SNIFFER_ERROR.
- * on error and WOLFSSL_SNIFFER_FATAL_ERROR on fatal state error */
-int ssl_DecodePacketWithSessionInfoStoreData(const unsigned char* packet,
-        int length, void* ctx, SSLInfo* sslInfo, char* error)
-{
-    return ssl_DecodePacketInternal(packet, length, 0, NULL, sslInfo,
-            ctx, error, 0);
-}
-
-#endif
-
-
-#ifdef WOLFSSL_SNIFFER_CHAIN_INPUT
-
-/* returns Number of bytes on success, 0 for no data yet, WOLFSSL_SNIFFER_ERROR.
- * on error and WOLFSSL_SNIFFER_FATAL_ERROR on fatal state error */
-int ssl_DecodePacketWithChain(void* vChain, word32 chainSz, byte** data,
-        char* error)
-{
-    return ssl_DecodePacketInternal((const byte*)vChain, chainSz, 1, data,
-        NULL, NULL, error, 0);
-}
-
-#endif
-
-
-#if defined(WOLFSSL_SNIFFER_CHAIN_INPUT) && \
-     defined(WOLFSSL_SNIFFER_STORE_DATA_CB)
-
-/*
- * returns WOLFSSL_SNIFFER_ERROR on error and WOLFSSL_SNIFFER_FATAL_ERROR on
- * fatal state error
- */
-int ssl_DecodePacketWithChainSessionInfoStoreData(void* vChain, word32 chainSz,
-        void* ctx, SSLInfo* sslInfo, char* error)
-{
-    return ssl_DecodePacketInternal(vChain, chainSz, 1, NULL, sslInfo,
-            ctx, error, 0);
-}
-
-#endif
-
-
-/* Deallocator for the decoded data buffer. */
-/* returns 0 on success, -1 on error */
-int ssl_FreeDecodeBuffer(byte** data, char* error)
-{
-    return ssl_FreeZeroDecodeBuffer(data, 0, error);
-}
-
-
-/* Deallocator for the decoded data buffer, zeros out buffer. */
-/* returns 0 on success, -1 on error */
-int ssl_FreeZeroDecodeBuffer(byte** data, int sz, char* error)
-{
-    (void)error;
-
-    if (sz < 0) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    if (data != NULL) {
-        ForceZero(*data, (word32)sz);
-        XFREE(*data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        *data = NULL;
-    }
-
-    return 0;
-}
-
-
-/* Enables (if traceFile)/ Disables debug tracing */
-/* returns 0 on success, -1 on error */
-int ssl_Trace(const char* traceFile, char* error)
-{
-    if (traceFile) {
-        /* Don't try to reopen the file */
-        if (TraceFile == NULL) {
-            if (XSTRCMP(traceFile, "-") == 0) {
-                TraceFile = stdout;
-            } else {
-                TraceFile = XFOPEN(traceFile, "a");
-                if (!TraceFile) {
-                    SetError(BAD_TRACE_FILE_STR, error, NULL, 0);
-                    return WOLFSSL_FATAL_ERROR;
-                }
-            }
-            TraceOn = 1;
-        }
-    }
-    else
-        TraceOn = 0;
-
-    return 0;
-}
-
-
-/* Enables/Disables Recovery of missed data if later packets allow
- * maxMemory is number of bytes to use for reassembly buffering per session,
- * -1 means unlimited
- * returns 0 on success, -1 on error */
-int ssl_EnableRecovery(int onOff, int maxMemory, char* error)
-{
-    (void)error;
-
-    RecoveryEnabled = onOff;
-    if (onOff)
-        MaxRecoveryMemory = maxMemory;
-
-    return 0;
-}
-
-
-
-#if defined(WOLFSSL_SESSION_STATS) && !defined(NO_SESSION_CACHE)
-
-int ssl_GetSessionStats(unsigned int* active,     unsigned int* total,
-                        unsigned int* peak,       unsigned int* maxSessions,
-                        unsigned int* missedData, unsigned int* reassemblyMem,
-                        char* error)
-{
-    int ret;
-
-    if (missedData) {
-    #ifndef WOLFSSL_SNIFFER_NO_RECOVERY
-        wc_LockMutex(&RecoveryMutex);
-        *missedData = MissedDataSessions;
-        wc_UnLockMutex(&RecoveryMutex);
-    #endif
-    }
-
-    if (reassemblyMem) {
-        SnifferSession* session;
-        int i;
-
-        *reassemblyMem = 0;
-        LOCK_SESSION();
-
-        for (i = 0; i < HASH_SIZE; i++) {
-            session = SessionTable[i];
-            while (session) {
-                *reassemblyMem += session->cliReassemblyMemory;
-                *reassemblyMem += session->srvReassemblyMemory;
-                session = session->next;
-            }
-        }
-        UNLOCK_SESSION();
-    }
-
-    ret = wolfSSL_get_session_stats(active, total, peak, maxSessions);
-
-    if (ret == WOLFSSL_SUCCESS)
-        return 0;
-    else {
-        SetError(BAD_SESSION_STATS, error, NULL, 0);
-        return WOLFSSL_FATAL_ERROR;
-    }
-}
-
-#endif
-
-
-
-int ssl_SetConnectionCb(SSLConnCb cb)
-{
-    ConnectionCb = cb;
-    return 0;
-}
-
-
-
-int ssl_SetConnectionCtx(void* ctx)
-{
-    ConnectionCbCtx = ctx;
-    return 0;
-}
-
-
-#ifdef WOLFSSL_SNIFFER_STATS
-
-/* Resets the statistics tracking global structure.
- * returns 0 on success, -1 on error */
-int ssl_ResetStatistics(void)
-{
-    wc_LockMutex(&StatsMutex);
-    XMEMSET(&SnifferStats, 0, sizeof(SSLStats));
-    wc_UnLockMutex(&StatsMutex);
-    return 0;
-}
-
-
-/* Copies the SSL statistics into the provided stats record.
- * returns 0 on success, -1 on error */
-int ssl_ReadStatistics(SSLStats* stats)
-{
-    if (stats == NULL)
-        return WOLFSSL_FATAL_ERROR;
-
-    LOCK_STAT();
-    XMEMCPY(stats, &SnifferStats, sizeof(SSLStats));
-    UNLOCK_STAT();
-    return 0;
-}
-
-/* Copies the SSL statistics into the provided stats record then
- * resets the statistics tracking global structure.
- * returns 0 on success, -1 on error */
-int ssl_ReadResetStatistics(SSLStats* stats)
-{
-    if (stats == NULL)
-        return WOLFSSL_FATAL_ERROR;
-
-    LOCK_STAT();
-    XMEMCPY(stats, &SnifferStats, sizeof(SSLStats));
-    XMEMSET(&SnifferStats, 0, sizeof(SSLStats));
-    UNLOCK_STAT();
-    return 0;
-}
-
-#endif /* WOLFSSL_SNIFFER_STATS */
-
-
-#ifdef WOLFSSL_SNIFFER_WATCH
-
-int ssl_SetWatchKeyCallback_ex(SSLWatchCb cb, int devId, char* error)
-{
-#ifdef WOLF_CRYPTO_CB
-    if (CryptoDeviceId == INVALID_DEVID)
-        CryptoDeviceId = devId;
-#else
-    (void)devId;
-#endif
-    WatchCb = cb;
-    return CreateWatchSnifferServer(error);
-}
-
-int ssl_SetWatchKeyCallback(SSLWatchCb cb, char* error)
-{
-    WatchCb = cb;
-    return CreateWatchSnifferServer(error);
-}
-
-int ssl_SetWatchKeyCtx(void* ctx, char* error)
-{
-    (void)error;
-    WatchCbCtx = ctx;
-    return 0;
-}
-
-int ssl_SetWatchKey_buffer(void* vSniffer, const byte* key, word32 keySz,
-        int keyType, char* error)
-{
-    SnifferSession* sniffer;
-    int ret;
-
-    if (vSniffer == NULL) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-    if (key == NULL || keySz == 0) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    sniffer = (SnifferSession*)vSniffer;
-    /* Remap the keyType from what the user can use to
-     * what wolfSSL_use_PrivateKey_buffer expects. */
-    keyType = (keyType == FILETYPE_PEM) ? WOLFSSL_FILETYPE_PEM :
-                                          WOLFSSL_FILETYPE_ASN1;
-
-#ifdef WOLFSSL_STATIC_EPHEMERAL
-    /* try setting static ephemeral first */
-    /* auto detect key type with WC_PK_TYPE_NONE */
-    ret = wolfSSL_set_ephemeral_key(sniffer->sslServer,
-        WC_PK_TYPE_NONE, (const char*)key, keySz,
-            WOLFSSL_FILETYPE_ASN1);
-    if (ret != 0) {
-    #ifdef DEBUG_SNIFFER
-        /* print warnings */
-        fprintf(stderr, "key watch set ephemeral failed %d\n", ret);
-    #endif
-    }
-#endif
-
-    /* always try and load private key */
-    ret = wolfSSL_use_PrivateKey_buffer(sniffer->sslServer,
-        key, keySz, keyType);
-
-    if (ret != WOLFSSL_SUCCESS) {
-        SetError(KEY_FILE_STR, error, sniffer, FATAL_ERROR_STATE);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    return 0;
-}
-
-int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType,
-        const char* password, char* error)
-{
-    byte* keyBuf = NULL;
-    word32 keyBufSz = 0;
-    int ret;
-
-    if (vSniffer == NULL) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-    if (keyFile == NULL) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    /* Remap the keyType from what the user can use to
-     * what LoadKeyFile expects. */
-    keyType = (keyType == FILETYPE_PEM) ? WOLFSSL_FILETYPE_PEM :
-                                          WOLFSSL_FILETYPE_ASN1;
-
-    ret = LoadKeyFile(&keyBuf, &keyBufSz, keyFile, 0, keyType, password);
-    if (ret < 0) {
-        SetError(KEY_FILE_STR, error, NULL, 0);
-        XFREE(keyBuf, NULL, DYNAMIC_TYPE_X509);
-        return WOLFSSL_FATAL_ERROR;
-    }
-
-    ret = ssl_SetWatchKey_buffer(vSniffer, keyBuf, keyBufSz, FILETYPE_DER,
-            error);
-    XFREE(keyBuf, NULL, DYNAMIC_TYPE_X509);
-
-    return ret;
-}
-
-#endif /* WOLFSSL_SNIFFER_WATCH */
-
-
-#ifdef WOLFSSL_SNIFFER_STORE_DATA_CB
-
-int ssl_SetStoreDataCallback(SSLStoreDataCb cb)
-{
-    StoreDataCb = cb;
-    return 0;
-}
-
-#endif /* WOLFSSL_SNIFFER_STORE_DATA_CB */
-
-#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
-int ssl_SetKeyCallback(SSLKeyCb cb, void* cbCtx)
-{
-    KeyCb = cb;
-    KeyCbCtx = cbCtx;
-    return 0;
-}
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-
-int ssl_DecodePacketAsync(void* packet, unsigned int packetSz,
-    int isChain, unsigned char** data, char* error, SSLInfo* sslInfo,
-    void* userCtx)
-{
-    return ssl_DecodePacketInternal(packet, packetSz, isChain, data, sslInfo,
-        userCtx, error, 1);
-}
-
-static SnifferSession* FindSession(WOLFSSL* ssl)
-{
-    int i;
-    SnifferSession* session;
-    for (i = 0; i < HASH_SIZE; i++) {
-        session = SessionTable[i];
-        while (session) {
-            if (session->sslServer == ssl) {
-                return session;
-            }
-            session = session->next;
-        }
-    }
-    return NULL;
-}
-
-int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags,
-    int* pEventCount)
-{
-    int ret = 0;
-    int eventCount = 0;
-    int i;
-    SnifferServer* srv;
-
-    LOCK_SERVER_LIST();
-
-    /* Iterate the open sniffer sessions calling wolfSSL_CTX_AsyncPoll */
-    srv = ServerList;
-    while (srv) {
-        int nMax = maxEvents - eventCount, nReady = 0;
-        if (nMax <= 0) {
-            break; /* out of room in events list */
-        }
-        ret = wolfSSL_CTX_AsyncPoll(srv->ctx, events + nReady, nMax, flags,
-                                    &nReady);
-        if (ret == 0) {
-            eventCount += nReady;
-        }
-        else {
-        #ifdef DEBUG_SNIFFER
-            fprintf(stderr, "Sniffer Server %p: Poll error: %d\n", srv, ret);
-        #endif
-            break;
-        }
-        srv = srv->next;
-    }
-
-    UNLOCK_SERVER_LIST();
-
-
-    /* iterate list and mark polled */
-    LOCK_SESSION();
-    for (i=0; i<eventCount; i++) {
-        WOLFSSL* ssl = (WOLFSSL*)events[i]->context;
-        SnifferSession* session = FindSession(ssl);
-        if (session) {
-            session->flags.wasPolled = 1;
-            session->sslServer->error = events[i]->ret;
-        }
-    }
-    UNLOCK_SESSION();
-
-    *pEventCount = eventCount;
-
-    return ret;
-}
-#endif
-
-
-#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
-
-/* Maximum length of the NSS Keylog prefix string */
-#define MAX_PREFIX_LENGTH (31)
-/* Maximum length (in bytes) required to store the binary representation of
- * the "client random" value parsed from keylog file */
-#define CLIENT_RANDOM_LENGTH (32)
-/* Maximum length (in bytes) required to store the binary representation of the
- * "secret" value parsed from keylog file */
-#define SECRET_LENGTH (48)
-
-typedef struct SecretNode {
-    unsigned char clientRandom[CLIENT_RANDOM_LENGTH];
-    unsigned char secrets[SNIFFER_SECRET_NUM_SECRET_TYPES][SECRET_LENGTH];
-    struct SecretNode* next;
-} SecretNode;
-
-
-/* Default to the same size hash table as the session table,
- * but allow user to override */
-#ifndef WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE
-#define WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE HASH_SIZE
-#endif
-
-static THREAD_LS_T
-SecretNode*
-secretHashTable[WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE] = {NULL};
-#ifndef HAVE_C___ATOMIC
-static WC_THREADSHARED wolfSSL_Mutex secretListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(secretListMutex);
-#endif
-
-static unsigned int secretHashFunction(unsigned char* clientRandom);
-
-#ifdef HAVE_C___ATOMIC
-    #define LOCK_SECRET_LIST() WC_DO_NOTHING
-    #define UNLOCK_SECRET_LIST() WC_DO_NOTHING
-#else
-    #define LOCK_SECRET_LIST() wc_LockMutex(&secretListMutex)
-    #define UNLOCK_SECRET_LIST() wc_UnLockMutex(&secretListMutex)
-#endif
-
-
-/*
- * Basic polynomial hash function that maps a 32-byte client random value to an
- * array index
- */
-static unsigned int secretHashFunction(unsigned char* clientRandom)
-{
-    int i = 0;
-    unsigned int hash = 0;
-    const int CLIENT_RANDOM_NUM_BITS = CLIENT_RANDOM_LENGTH * 8;
-
-    for (i = 0; i < CLIENT_RANDOM_LENGTH; i++) {
-        hash = (hash * CLIENT_RANDOM_NUM_BITS + clientRandom[i])
-            % WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE;
-    }
-
-    return hash;
-}
-
-
-/*
- * Adds a new secret to the secret table, creating a new node based on the
- * client random if necessary. If the client random is already present in the
- * list, the requested secret will be updated.
- */
-static int addSecretNode(unsigned char* clientRandom,
-                         int type,
-                         unsigned char* secret,
-                         char* error)
-{
-    int idx = 0;
-    int ret = 0;
-    SecretNode* node = NULL;
-
-    if (type >= SNIFFER_SECRET_NUM_SECRET_TYPES) {
-        return WOLFSSL_SNIFFER_ERROR;
-    }
-
-    LOCK_SECRET_LIST();
-
-    idx = secretHashFunction(clientRandom);
-    node = secretHashTable[idx];
-
-    while(node) {
-        /* Node already exists, so just add the requested secret */
-        if (XMEMCMP(node->clientRandom, clientRandom, CLIENT_RANDOM_LENGTH)
-            == 0)
-        {
-            XMEMCPY(node->secrets[type], secret, SECRET_LENGTH);
-            ret = 0;
-            goto unlockReturn;
-        }
-        node = node ->next;
-    }
-
-    node = (SecretNode*)XMALLOC(sizeof(SecretNode),
-                                NULL,
-                                DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE);
-    if (node == NULL) {
-        SetError(MEMORY_STR, error, NULL, 0);
-        ret = WOLFSSL_SNIFFER_ERROR;
-        goto unlockReturn;
-    }
-
-    XMEMCPY(node->clientRandom, clientRandom, CLIENT_RANDOM_LENGTH);
-    XMEMCPY(node->secrets[type], secret, SECRET_LENGTH);
-    node->next = secretHashTable[idx];
-    secretHashTable[idx] = node;
-
-unlockReturn:
-
-    UNLOCK_SECRET_LIST();
-
-    return ret;
-}
-
-
-/*
- * Looks up a master secret for a given client random from the keylog file
- */
-static unsigned char* findSecret(unsigned char* clientRandom, int type)
-{
-    unsigned char* secret = NULL;
-    SecretNode* node = NULL;
-    unsigned int idx = 0;
-
-    LOCK_SECRET_LIST();
-
-    idx = secretHashFunction(clientRandom);
-    node  = secretHashTable[idx];
-
-    while (node != NULL) {
-        if (XMEMCMP(node->clientRandom,
-                    clientRandom, CLIENT_RANDOM_LENGTH) == 0) {
-            secret = node->secrets[type];
-            break;
-        }
-        node = node->next;
-    }
-
-    UNLOCK_SECRET_LIST();
-
-    return secret;
-}
-
-
-static void hexToBin(const char* hex, unsigned char* bin, int binLength)
-{
-    int i = 0;
-    for (i = 0; i < binLength; i++) {
-        sscanf(hex + 2*i, "%02hhx", &bin[i]);
-    }
-}
-
-/*
- * Helper function to parse secrets from the keylog file into the secret table
- */
-static int parseKeyLogFile(const char* fileName, char* error)
-{
-    unsigned char clientRandom[CLIENT_RANDOM_LENGTH];
-    unsigned char secret[SECRET_LENGTH];
-    FILE* file = NULL;
-    int ret = 0;
-    int  type = 0;
-    /* +1 for null terminator */
-    char prefix[MAX_PREFIX_LENGTH + 1] = {0};
-    /* 2 chars for Hexadecimal representation, plus null terminator */
-    char clientRandomHex[2 * CLIENT_RANDOM_LENGTH + 1] = {0};
-    char secretHex[2 * SECRET_LENGTH + 1] = {0};
-
-
-    file = fopen(fileName, "r");
-    if (file == NULL) {
-        fprintf(stderr, "Could not open keylog file: %s\n", fileName);
-        SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
-        return WOLFSSL_SNIFFER_ERROR;
-    }
-
-    /* Format specifiers for each column should be:
-     * MAX_PREFIX_LENGTH, 2*CLIENT_RANDOM_LENGTH, and 2*SECRET_LENGTH */
-    while (fscanf(file, "%31s %64s %96s", prefix, clientRandomHex, secretHex)
-            == 3) {
-
-        if (XSTRCMP(prefix, "CLIENT_RANDOM") == 0) {
-            type = SNIFFER_SECRET_TLS12_MASTER_SECRET;
-        }
-#if defined(WOLFSSL_TLS13)
-        else if (XSTRCMP(prefix, "CLIENT_EARLY_TRAFFIC_SECRET") == 0) {
-            type = SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET;
-        }
-        else if (XSTRCMP(prefix, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) {
-            type = SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET;
-        }
-        else if (XSTRCMP(prefix, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) {
-            type = SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET;
-        }
-        else if (XSTRCMP(prefix, "CLIENT_TRAFFIC_SECRET_0") == 0) {
-            type = SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET;
-        }
-        else if (XSTRCMP(prefix, "SERVER_TRAFFIC_SECRET_0") == 0) {
-            type = SNIFFER_SECRET_SERVER_TRAFFIC_SECRET;
-        }
-#endif /* WOLFSSL_TLS13 */
-        else {
-            fprintf(stderr, "unrecognized prefix: %s\n", prefix);
-            continue;
-        }
-
-        hexToBin(clientRandomHex, clientRandom, CLIENT_RANDOM_LENGTH);
-        hexToBin(secretHex, secret, SECRET_LENGTH);
-        ret = addSecretNode(clientRandom, type, secret, error);
-
-        if (ret != 0) {
-            fclose(file);
-            return ret;
-        }
-    }
-    fclose(file);
-
-    return 0;
-}
-
-
-static void freeSecretList(void)
-{
-    int i = 0;
-
-    LOCK_SECRET_LIST();
-
-    for (i=0; i<WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE; i++)
-    {
-        SecretNode* current = secretHashTable[i];
-        SecretNode * next = NULL;
-
-        while (current != NULL) {
-            next = current->next;
-            XFREE(current, NULL, DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE);
-            current = next;
-        }
-    }
-
-    UNLOCK_SECRET_LIST();
-}
-
-
-/*
- * Looks up secret based on client random and copies it to output_secret
- */
-static int snifferSecretCb(unsigned char* client_random,
-                           int type,
-                           unsigned char* output_secret)
-{
-    unsigned char* secret = NULL;
-
-    if (client_random == NULL || output_secret == NULL) {
-        return WOLFSSL_SNIFFER_FATAL_ERROR;
-    }
-
-    if (type >= SNIFFER_SECRET_NUM_SECRET_TYPES) {
-        return WOLFSSL_SNIFFER_FATAL_ERROR;
-    }
-
-    /* get secret from secret table based on client random */
-    secret = findSecret(client_random, type);
-    if (secret != NULL) {
-        XMEMCPY(output_secret, secret, SECRET_LENGTH);
-        return 0;
-    }
-
-    /* didn't find the secret */
-    return WOLFSSL_SNIFFER_ERROR;
-}
-
-
-static void setSnifferSecretCb(SnifferSession* session)
-{
-    session->context->useKeyLogFile = 1;
-    session->sslServer->snifferSecretCb = snifferSecretCb;
-    session->sslClient->snifferSecretCb = snifferSecretCb;
-}
-
-
-/*
- * Helper function that creates a sniffer server object that can decrypt using
- * a keylog file, and adds it to the server list
- *
- * NOTE: the caller is responsible for locking and unlocking the server list
- */
-static int addKeyLogSnifferServerHelper(const char* address,
-                                        int port,
-                                        char* error)
-{
-    IpAddrInfo     serverIp = {0};
-    SnifferServer *sniffer = NULL;
-
-    TraceHeader();
-    TraceSetServer(address, port, NULL);
-
-    serverIp.version = IPV4;
-    serverIp.ip4 = XINET_ADDR(address);
-    if (serverIp.ip4 == XINADDR_NONE) {
-    #ifdef FUSION_RTOS
-        if (XINET_PTON(AF_INET6, address, serverIp.ip6,
-                       sizeof(serverIp.ip4)) == 1)
-    #else
-        if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1)
-    #endif
-        {
-            serverIp.version = IPV6;
-        }
-    }
-
-    sniffer = ServerList;
-    while (sniffer != NULL &&
-            (!MatchAddr(sniffer->server, serverIp) || sniffer->port != port)) {
-        sniffer = sniffer->next;
-    }
-
-    if (sniffer == NULL) {
-        sniffer = (SnifferServer*)XMALLOC(sizeof(SnifferServer),
-                NULL, DYNAMIC_TYPE_SNIFFER_SERVER);
-        if (sniffer == NULL) {
-            SetError(MEMORY_STR, error, NULL, 0);
-            return WOLFSSL_SNIFFER_ERROR;
-        }
-        InitSnifferServer(sniffer);
-
-        XSTRNCPY(sniffer->address, address, MAX_SERVER_ADDRESS-1);
-        sniffer->address[MAX_SERVER_ADDRESS-1] = '\0';
-        sniffer->server = serverIp;
-        sniffer->port = port;
-
-        sniffer->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
-        if (!sniffer->ctx) {
-            SetError(MEMORY_STR, error, NULL, 0);
-            FreeSnifferServer(sniffer);
-            return WOLFSSL_SNIFFER_ERROR;
-        }
-    #if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
-        if (CryptoDeviceId != INVALID_DEVID)
-            wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
-    #endif
-
-        sniffer->next = ServerList;
-        ServerList = sniffer;
-    }
-    else {
-        printf("SESSION ALREADY EXISTS\n");
-    }
-
-    /* Tag the new or existing server as requiring keylog support to
-     * decrypt, otherwise it won't be usable */
-    sniffer->useKeyLogFile = 1;
-
-    return 0;
-}
-
-/*
- * Creates a sniffer server that is able to decrypt using secrets from a
- * keylog file, and adds it to the server list
- *
- * If a server at the address and port already exists, it will be marked
- * for keylog file decryption
- */
-int ssl_CreateKeyLogSnifferServer(const char* address, int port, char* error)
-{
-    int ret = 0;
-
-    if (address == NULL) {
-        SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
-        return WOLFSSL_SNIFFER_ERROR;
-    }
-
-    LOCK_SERVER_LIST();
-
-    ret = addKeyLogSnifferServerHelper(address, port, error);
-
-    UNLOCK_SERVER_LIST();
-
-    return ret;
-}
-
-
-/*
- * Loads secrets to decrypt TLS traffic from a keylog file. Only sniffer
- * servers registered with ssl_createKeyLogSnifferServer() will be able to
- * decrypt using these secrets
- */
-int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile, char* error)
-{
-    if (keylogfile == NULL) {
-        SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
-        return WOLFSSL_SNIFFER_ERROR;
-    }
-
-    return parseKeyLogFile(keylogfile, error);
-}
-
-#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
-
-
-/*
- * Removes a session from the SessionTable based on client/server IP & ports
- * Returns 0 if a session was found and freed, -1 otherwise
- */
-int ssl_RemoveSession(const char* clientIp, int clientPort,
-                      const char* serverIp, int serverPort,
-                      char* error)
-{
-    IpAddrInfo clientAddr;
-    IpAddrInfo serverAddr;
-    IpInfo ipInfo;
-    TcpInfo tcpInfo;
-    SnifferSession* session;
-    int ret = -1;  /* Default to not found */
-    word32 row;
-
-    if (clientIp == NULL || serverIp == NULL) {
-        SetError(BAD_IPVER_STR, error, NULL, 0);
-        return ret;
-    }
-
-    /* Set up client IP address */
-    clientAddr.version = IPV4;
-    clientAddr.ip4 = XINET_ADDR(clientIp);
-    if (clientAddr.ip4 == XINADDR_NONE) {
-    #ifdef FUSION_RTOS
-        if (XINET_PTON(AF_INET6, clientIp, clientAddr.ip6,
-                       sizeof(clientAddr.ip4)) == 1)
-    #else
-        if (XINET_PTON(AF_INET6, clientIp, clientAddr.ip6) == 1)
-    #endif
-        {
-            clientAddr.version = IPV6;
-        }
-        else {
-            SetError(BAD_IPVER_STR, error, NULL, 0);
-            return ret;
-        }
-    }
-
-    /* Set up server IP address */
-    serverAddr.version = IPV4;
-    serverAddr.ip4 = XINET_ADDR(serverIp);
-    if (serverAddr.ip4 == XINADDR_NONE) {
-    #ifdef FUSION_RTOS
-        if (XINET_PTON(AF_INET6, serverIp, serverAddr.ip6,
-                       sizeof(serverAddr.ip4)) == 1)
-    #else
-        if (XINET_PTON(AF_INET6, serverIp, serverAddr.ip6) == 1)
-    #endif
-        {
-            serverAddr.version = IPV6;
-        }
-        else {
-            SetError(BAD_IPVER_STR, error, NULL, 0);
-            return ret;
-        }
-    }
-
-    XMEMSET(&ipInfo, 0, sizeof(ipInfo));
-    XMEMSET(&tcpInfo, 0, sizeof(tcpInfo));
-
-    /* Set up client->server direction */
-    ipInfo.src = clientAddr;
-    ipInfo.dst = serverAddr;
-    tcpInfo.srcPort = clientPort;
-    tcpInfo.dstPort = serverPort;
-
-    /* Calculate the hash row for this session */
-    row = SessionHash(&ipInfo, &tcpInfo);
-
-    LOCK_SESSION();
-
-    /* Search only the specific row in the session table */
-    session = SessionTable[row];
-
-    while (session) {
-        SnifferSession* next = session->next;
-
-        /* Check if this session matches the specified client/server IP/port */
-        if (MatchAddr(session->client, clientAddr) &&
-            MatchAddr(session->server, serverAddr) &&
-            session->cliPort == clientPort &&
-            session->srvPort == serverPort) {
-
-            /* Use RemoveSession to remove and free the session */
-            RemoveSession(session, NULL, NULL, row);
-            ret = 0;  /* Session found and freed */
-            break;
-        }
-
-        session = next;
-    }
-
-    UNLOCK_SESSION();
-
-    return ret;
-}
-
-
-#undef ERROR_OUT
-
-#endif /* WOLFSSL_SNIFFER */
-#endif /* !WOLFCRYPT_ONLY && !NO_FILESYSTEM */
diff --git a/src/ssl/wolfssl/wolfcrypt/aes.c b/src/ssl/wolfssl/wolfcrypt/aes.c
deleted file mode 100644
index 4c43d4ebd..000000000
--- a/src/ssl/wolfssl/wolfcrypt/aes.c
+++ /dev/null
@@ -1,16449 +0,0 @@
-/* aes.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*
-
-DESCRIPTION
-This library provides the interfaces to the Advanced Encryption Standard (AES)
-for encrypting and decrypting data. AES is the standard known for a symmetric
-block cipher mechanism that uses n-bit binary string parameter key with 128-bits,
-192-bits, and 256-bits of key sizes.
-
-*/
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if !defined(NO_AES)
-
-/* Tip: Locate the software cipher modes by searching for "Software AES" */
-
-#if FIPS_VERSION3_GE(2,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$b")
-        #pragma const_seg(".fipsB$b")
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/aes.h>
-
-#ifdef WOLFSSL_AESNI
-#include <wmmintrin.h>
-#include <emmintrin.h>
-#include <smmintrin.h>
-#endif /* WOLFSSL_AESNI */
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#ifdef WOLFSSL_SECO_CAAM
-#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
-#endif
-
-#ifdef WOLFSSL_IMXRT_DCP
-    #include <wolfssl/wolfcrypt/port/nxp/dcp_port.h>
-#endif
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
-#endif
-
-#if defined(WOLFSSL_AES_SIV)
-    #include <wolfssl/wolfcrypt/cmac.h>
-#endif /* WOLFSSL_AES_SIV */
-
-#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-    #include <wolfssl/wolfcrypt/port/psa/psa.h>
-#endif
-
-#if defined(WOLFSSL_MAX3266X) || defined(WOLFSSL_MAX3266X_OLD)
-    #include <wolfssl/wolfcrypt/port/maxim/max3266x.h>
-#ifdef MAX3266X_CB
-    /* Revert back to SW so HW CB works */
-    /* HW only works for AES: ECB, CBC, and partial via ECB for other modes */
-    #include <wolfssl/wolfcrypt/port/maxim/max3266x-cryptocb.h>
-    /* Turn off MAX3266X_AES in the context of this file when using CB */
-    #undef MAX3266X_AES
-#endif
-#endif
-
-#if defined(WOLFSSL_TI_CRYPT)
-    #include <wolfcrypt/src/port/ti/ti-aes.c>
-#else
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if !defined(WOLFSSL_RISCV_ASM)
-
-#ifdef WOLFSSL_IMX6_CAAM_BLOB
-    /* case of possibly not using hardware acceleration for AES but using key
-       blobs */
-    #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
-#endif
-
-#ifdef DEBUG_AESNI
-    #include <stdio.h>
-#endif
-
-#ifdef _MSC_VER
-    /* 4127 warning constant while(1)  */
-    #pragma warning(disable: 4127)
-#endif
-
-#if (!defined(WOLFSSL_ARMASM) && FIPS_VERSION3_GE(6,0,0)) || \
-    FIPS_VERSION3_GE(7,0,0)
-    const unsigned int wolfCrypt_FIPS_aes_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000002 };
-    int wolfCrypt_FIPS_AES_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-/* Define AES implementation includes and functions */
-#if defined(STM32_CRYPTO)
-     /* STM32F2/F4/F7/L4/L5/H7/WB55 hardware AES support for ECB, CBC, CTR and GCM modes */
-
-#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-        int ret = 0;
-    #ifdef WOLFSSL_STM32_CUBEMX
-        CRYP_HandleTypeDef hcryp;
-    #else
-        CRYP_InitTypeDef cryptInit;
-        CRYP_KeyInitTypeDef keyInit;
-    #endif
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-#endif
-
-    #ifdef WOLFSSL_STM32U5_DHUK
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0)
-            return ret;
-
-        /* Handle making use of wrapped key */
-        if (aes->devId == WOLFSSL_STM32U5_DHUK_WRAPPED_DEVID) {
-            CRYP_ConfigTypeDef Config = {0};
-
-            ret = wc_Stm32_Aes_UnWrap(aes, &hcryp, (const byte*)aes->key,
-                aes->keylen, aes->dhukIV, aes->dhukIVLen);
-            if (ret != HAL_OK) {
-                WOLFSSL_MSG("Error with DHUK key unwrap");
-                ret = BAD_FUNC_ARG;
-            }
-            /* reconfigure for using unwrapped key now */
-            HAL_CRYP_GetConfig(&hcryp, &Config);
-            Config.KeyMode   = CRYP_KEYMODE_NORMAL;
-            Config.KeySelect = CRYP_KEYSEL_NORMAL;
-            Config.Algorithm = CRYP_AES_ECB;
-            Config.DataType  = CRYP_DATATYPE_8B;
-            Config.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
-            HAL_CRYP_SetConfig(&hcryp, &Config);
-        }
-        else {
-            ret = wc_Stm32_Aes_Init(aes, &hcryp, 1);
-            if (ret == 0) {
-                hcryp.Init.Algorithm  = CRYP_AES_ECB;
-                ret = HAL_CRYP_Init(&hcryp);
-                if (ret != HAL_OK) {
-                    ret = BAD_FUNC_ARG;
-                }
-            }
-        }
-
-        if (ret == HAL_OK) {
-            ret = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)inBlock, WC_AES_BLOCK_SIZE,
-                    (uint32_t*)outBlock, STM32_HAL_TIMEOUT);
-            if (ret != HAL_OK) {
-                ret = WC_TIMEOUT_E;
-            }
-        }
-        HAL_CRYP_DeInit(&hcryp);
-    #elif defined(WOLFSSL_STM32_CUBEMX)
-        ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0)
-            return ret;
-
-    #if defined(STM32_HAL_V2)
-        hcryp.Init.Algorithm  = CRYP_AES_ECB;
-    #elif defined(STM32_CRYPTO_AES_ONLY)
-        hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
-        hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_ECB;
-        hcryp.Init.KeyWriteFlag  = CRYP_KEY_WRITE_ENABLE;
-    #endif
-        if (HAL_CRYP_Init(&hcryp) != HAL_OK) {
-            ret = BAD_FUNC_ARG;
-        }
-
-        if (ret == 0) {
-        #if defined(STM32_HAL_V2)
-            ret = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)inBlock, WC_AES_BLOCK_SIZE,
-                (uint32_t*)outBlock, STM32_HAL_TIMEOUT);
-        #elif defined(STM32_CRYPTO_AES_ONLY)
-            ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)inBlock, WC_AES_BLOCK_SIZE,
-                outBlock, STM32_HAL_TIMEOUT);
-        #else
-            ret = HAL_CRYP_AESECB_Encrypt(&hcryp, (uint8_t*)inBlock, WC_AES_BLOCK_SIZE,
-                outBlock, STM32_HAL_TIMEOUT);
-        #endif
-            if (ret != HAL_OK) {
-                ret = WC_TIMEOUT_E;
-            }
-            HAL_CRYP_DeInit(&hcryp);
-        }
-
-    #else /* Standard Peripheral Library */
-        ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0)
-            return ret;
-
-        /* reset registers to their default values */
-        CRYP_DeInit();
-
-        /* setup key */
-        CRYP_KeyInit(&keyInit);
-
-        /* set direction and mode */
-        cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
-        cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_ECB;
-        CRYP_Init(&cryptInit);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        /* flush IN/OUT FIFOs */
-        CRYP_FIFOFlush();
-
-        CRYP_DataIn(*(uint32_t*)&inBlock[0]);
-        CRYP_DataIn(*(uint32_t*)&inBlock[4]);
-        CRYP_DataIn(*(uint32_t*)&inBlock[8]);
-        CRYP_DataIn(*(uint32_t*)&inBlock[12]);
-
-        /* wait until the complete message has been processed */
-        while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-        *(uint32_t*)&outBlock[0]  = CRYP_DataOut();
-        *(uint32_t*)&outBlock[4]  = CRYP_DataOut();
-        *(uint32_t*)&outBlock[8]  = CRYP_DataOut();
-        *(uint32_t*)&outBlock[12] = CRYP_DataOut();
-
-        /* disable crypto processor */
-        CRYP_Cmd(DISABLE);
-    #endif /* WOLFSSL_STM32_CUBEMX */
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-#endif /* WOLFSSL_AES_DIRECT || HAVE_AESGCM || HAVE_AESCCM */
-
-#ifdef HAVE_AES_DECRYPT
-    #if defined(WOLFSSL_AES_DIRECT)
-    static WARN_UNUSED_RESULT int wc_AesDecrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-        int ret = 0;
-    #ifdef WOLFSSL_STM32_CUBEMX
-        CRYP_HandleTypeDef hcryp;
-    #else
-        CRYP_InitTypeDef cryptInit;
-        CRYP_KeyInitTypeDef keyInit;
-    #endif
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-#endif
-
-    #ifdef WOLFSSL_STM32U5_DHUK
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0)
-            return ret;
-
-        /* Handle making use of wrapped key */
-        if (aes->devId == WOLFSSL_STM32U5_DHUK_WRAPPED_DEVID) {
-            CRYP_ConfigTypeDef Config;
-
-            XMEMSET(&Config, 0, sizeof(Config));
-            ret = wc_Stm32_Aes_UnWrap(aes, &hcryp, (const byte*)aes->key,
-                aes->keylen, aes->dhukIV, aes->dhukIVLen);
-            if (ret != HAL_OK) {
-                WOLFSSL_MSG("Error with DHUK unwrap");
-                ret = BAD_FUNC_ARG;
-            }
-            /* reconfigure for using unwrapped key now */
-            HAL_CRYP_GetConfig(&hcryp, &Config);
-            Config.KeyMode   = CRYP_KEYMODE_NORMAL;
-            Config.KeySelect = CRYP_KEYSEL_NORMAL;
-            Config.Algorithm = CRYP_AES_ECB;
-            Config.DataType  = CRYP_DATATYPE_8B;
-            Config.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
-            HAL_CRYP_SetConfig(&hcryp, &Config);
-        }
-        else {
-            ret = wc_Stm32_Aes_Init(aes, &hcryp, 1);
-            if (ret == 0) {
-                hcryp.Init.Algorithm  = CRYP_AES_ECB;
-                ret = HAL_CRYP_Init(&hcryp);
-                if (ret != HAL_OK) {
-                    ret = BAD_FUNC_ARG;
-                }
-            }
-        }
-
-        if (ret == HAL_OK) {
-            ret = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)inBlock, WC_AES_BLOCK_SIZE,
-                    (uint32_t*)outBlock, STM32_HAL_TIMEOUT);
-            if (ret != HAL_OK) {
-                ret = WC_TIMEOUT_E;
-            }
-        }
-        HAL_CRYP_DeInit(&hcryp);
-    #elif defined(WOLFSSL_STM32_CUBEMX)
-        ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0)
-            return ret;
-
-    #if defined(STM32_HAL_V2)
-        hcryp.Init.Algorithm  = CRYP_AES_ECB;
-    #elif defined(STM32_CRYPTO_AES_ONLY)
-        hcryp.Init.OperatingMode = CRYP_ALGOMODE_KEYDERIVATION_DECRYPT;
-        hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_ECB;
-        hcryp.Init.KeyWriteFlag  = CRYP_KEY_WRITE_ENABLE;
-    #endif
-        HAL_CRYP_Init(&hcryp);
-
-    #if defined(STM32_HAL_V2)
-        ret = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)inBlock, WC_AES_BLOCK_SIZE,
-            (uint32_t*)outBlock, STM32_HAL_TIMEOUT);
-    #elif defined(STM32_CRYPTO_AES_ONLY)
-        ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)inBlock, WC_AES_BLOCK_SIZE,
-            outBlock, STM32_HAL_TIMEOUT);
-    #else
-        ret = HAL_CRYP_AESECB_Decrypt(&hcryp, (uint8_t*)inBlock, WC_AES_BLOCK_SIZE,
-            outBlock, STM32_HAL_TIMEOUT);
-    #endif
-        if (ret != HAL_OK) {
-            ret = WC_TIMEOUT_E;
-        }
-        HAL_CRYP_DeInit(&hcryp);
-
-    #else /* Standard Peripheral Library */
-        ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0)
-            return ret;
-
-        /* reset registers to their default values */
-        CRYP_DeInit();
-
-        /* set direction and key */
-        CRYP_KeyInit(&keyInit);
-        cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
-        cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
-        CRYP_Init(&cryptInit);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        /* wait until decrypt key has been initialized */
-        while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-        /* set direction and mode */
-        cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
-        cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_ECB;
-        CRYP_Init(&cryptInit);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        /* flush IN/OUT FIFOs */
-        CRYP_FIFOFlush();
-
-        CRYP_DataIn(*(uint32_t*)&inBlock[0]);
-        CRYP_DataIn(*(uint32_t*)&inBlock[4]);
-        CRYP_DataIn(*(uint32_t*)&inBlock[8]);
-        CRYP_DataIn(*(uint32_t*)&inBlock[12]);
-
-        /* wait until the complete message has been processed */
-        while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-        *(uint32_t*)&outBlock[0]  = CRYP_DataOut();
-        *(uint32_t*)&outBlock[4]  = CRYP_DataOut();
-        *(uint32_t*)&outBlock[8]  = CRYP_DataOut();
-        *(uint32_t*)&outBlock[12] = CRYP_DataOut();
-
-        /* disable crypto processor */
-        CRYP_Cmd(DISABLE);
-    #endif /* WOLFSSL_STM32_CUBEMX */
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-    #endif /* WOLFSSL_AES_DIRECT */
-#endif /* HAVE_AES_DECRYPT */
-
-#elif defined(HAVE_COLDFIRE_SEC)
-    /* Freescale Coldfire SEC support for CBC mode.
-     * NOTE: no support for AES-CTR/GCM/CCM/Direct */
-    #include "sec.h"
-    #include "mcf5475_sec.h"
-    #include "mcf5475_siu.h"
-#elif defined(FREESCALE_LTC)
-    #include "fsl_ltc.h"
-    #if defined(FREESCALE_LTC_AES_GCM)
-        #undef NEED_AES_TABLES
-        #undef GCM_TABLE
-    #endif
-
-        /* if LTC doesn't have GCM, use software with LTC AES ECB mode */
-        static WARN_UNUSED_RESULT int wc_AesEncrypt(
-            Aes* aes, const byte* inBlock, byte* outBlock)
-        {
-            word32 keySize = 0;
-            byte* key = (byte*)aes->key;
-            int ret = wc_AesGetKeySize(aes, &keySize);
-            if (ret != 0)
-                return ret;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-            ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-#endif
-
-            if (wolfSSL_CryptHwMutexLock() == 0) {
-                LTC_AES_EncryptEcb(LTC_BASE, inBlock, outBlock, WC_AES_BLOCK_SIZE,
-                    key, keySize);
-                wolfSSL_CryptHwMutexUnLock();
-            }
-            return 0;
-        }
-        #ifdef HAVE_AES_DECRYPT
-        static WARN_UNUSED_RESULT int wc_AesDecrypt(
-            Aes* aes, const byte* inBlock, byte* outBlock)
-        {
-            word32 keySize = 0;
-            byte* key = (byte*)aes->key;
-            int ret = wc_AesGetKeySize(aes, &keySize);
-            if (ret != 0)
-                return ret;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-            ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-#endif
-
-            if (wolfSSL_CryptHwMutexLock() == 0) {
-                LTC_AES_DecryptEcb(LTC_BASE, inBlock, outBlock, WC_AES_BLOCK_SIZE,
-                    key, keySize, kLTC_EncryptKey);
-                wolfSSL_CryptHwMutexUnLock();
-            }
-            return 0;
-        }
-        #endif
-
-#elif defined(FREESCALE_MMCAU)
-    /* Freescale mmCAU hardware AES support for Direct, CBC, CCM, GCM modes
-     * through the CAU/mmCAU library. Documentation located in
-     * ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library User
-     * Guide (See note in README). */
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        /* MMCAU 1.4 library used with non-KSDK / classic MQX builds */
-        #include "cau_api.h"
-    #else
-        #include "fsl_mmcau.h"
-    #endif
-
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-
-        if (wolfSSL_CryptHwMutexLock() == 0) {
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            if ((wc_ptr_t)outBlock % WOLFSSL_MMCAU_ALIGNMENT) {
-                WOLFSSL_MSG("Bad cau_aes_encrypt alignment");
-                return BAD_ALIGN_E;
-            }
-            cau_aes_encrypt(inBlock, (byte*)aes->key, aes->rounds, outBlock);
-        #else
-            MMCAU_AES_EncryptEcb(inBlock, (byte*)aes->key, aes->rounds,
-                                 outBlock);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return 0;
-    }
-    #ifdef HAVE_AES_DECRYPT
-    static WARN_UNUSED_RESULT int wc_AesDecrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-        if (wolfSSL_CryptHwMutexLock() == 0) {
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            if ((wc_ptr_t)outBlock % WOLFSSL_MMCAU_ALIGNMENT) {
-                WOLFSSL_MSG("Bad cau_aes_decrypt alignment");
-                return BAD_ALIGN_E;
-            }
-            cau_aes_decrypt(inBlock, (byte*)aes->key, aes->rounds, outBlock);
-        #else
-            MMCAU_AES_DecryptEcb(inBlock, (byte*)aes->key, aes->rounds,
-                                 outBlock);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return 0;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(WOLFSSL_PIC32MZ_CRYPT)
-
-    #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
-
-    #if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT)
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-        /* Thread mutex protection handled in Pic32Crypto */
-        return wc_Pic32AesCrypt(aes->key, aes->keylen, NULL, 0,
-            outBlock, inBlock, WC_AES_BLOCK_SIZE,
-            PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RECB);
-    }
-    #endif
-
-    #if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT)
-    static WARN_UNUSED_RESULT int wc_AesDecrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-        /* Thread mutex protection handled in Pic32Crypto */
-        return wc_Pic32AesCrypt(aes->key, aes->keylen, NULL, 0,
-            outBlock, inBlock, WC_AES_BLOCK_SIZE,
-            PIC32_DECRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RECB);
-    }
-    #endif
-
-#elif defined(WOLFSSL_NRF51_AES)
-    /* Use built-in AES hardware - AES 128 ECB Encrypt Only */
-    #include "wolfssl/wolfcrypt/port/nrf51.h"
-
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-        int ret;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-#endif
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = nrf51_aes_encrypt(inBlock, (byte*)aes->key, aes->rounds,
-                                    outBlock);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-        #error nRF51 AES Hardware does not support decrypt
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(WOLFSSL_ESP32_CRYPT) && \
-     !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
-    #include <esp_log.h>
-    #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
-    #define TAG "aes"
-
-    /* We'll use SW for fallback:
-     *   unsupported key lengths. (e.g. ESP32-S3)
-     *   chipsets not implemented.
-     *   hardware busy. */
-    #define NEED_AES_TABLES
-    #define NEED_AES_HW_FALLBACK
-    #define NEED_SOFTWARE_AES_SETKEY
-    #undef  WOLFSSL_AES_DIRECT
-    #define WOLFSSL_AES_DIRECT
-
-    /* Encrypt: If we choose to never have a fallback to SW: */
-    #if !defined(NEED_AES_HW_FALLBACK) && \
-        (defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT))
-    /* calling this one when NO_AES_192 is defined */
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-        int ret;
-
-    #ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-    #endif
-
-        /* Thread mutex protection handled in esp_aes_hw_InUse */
-    #ifdef NEED_AES_HW_FALLBACK
-        if (wc_esp32AesSupportedKeyLen(aes)) {
-            ret = wc_esp32AesEncrypt(aes, inBlock, outBlock);
-        }
-    #else
-        ret = wc_esp32AesEncrypt(aes, inBlock, outBlock);
-    #endif
-        return ret;
-    }
-    #endif
-
-    /* Decrypt: If we choose to never have a fallback to SW: */
-    #if !defined(NEED_AES_HW_FALLBACK) && \
-        (defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT))
-    static WARN_UNUSED_RESULT int wc_AesDecrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-        int ret = 0;
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-#endif
-        /* Thread mutex protection handled in esp_aes_hw_InUse */
-    #ifdef NEED_AES_HW_FALLBACK
-        if (wc_esp32AesSupportedKeyLen(aes)) {
-            ret = wc_esp32AesDecrypt(aes, inBlock, outBlock);
-        }
-        else {
-            ret = wc_AesDecrypt_SW(aes, inBlock, outBlock);
-        }
-    #else
-        /* if we don't need fallback, always use HW */
-        ret = wc_esp32AesDecrypt(aes, inBlock, outBlock);
-    #endif
-        return ret;
-    }
-    #endif
-
-#elif defined(WOLFSSL_AESNI)
-
-    #define NEED_AES_TABLES
-
-    /* Each platform needs to query info type 1 from cpuid to see if aesni is
-     * supported. Also, let's setup a macro for proper linkage w/o ABI conflicts
-     */
-
-    #ifndef AESNI_ALIGN
-        #define AESNI_ALIGN 16
-    #endif
-
-    /* note that all write access to these static variables must be idempotent,
-     * as arranged by Check_CPU_support_AES(), else they will be susceptible to
-     * data races.
-     */
-    static int checkedAESNI = 0;
-    static int haveAESNI  = 0;
-    static cpuid_flags_t intel_flags = WC_CPUID_INITIALIZER;
-
-    static WARN_UNUSED_RESULT int Check_CPU_support_AES(void)
-    {
-        cpuid_get_flags_ex(&intel_flags);
-
-        return IS_INTEL_AESNI(intel_flags) != 0;
-    }
-
-
-    /* tell C compiler these are asm functions in case any mix up of ABI underscore
-       prefix between clang/gcc/llvm etc */
-    #ifdef HAVE_AES_CBC
-        void AES_CBC_encrypt_AESNI(const unsigned char* in, unsigned char* out,
-                             unsigned char* ivec, unsigned long length,
-                             const unsigned char* KS, int nr)
-                             XASM_LINK("AES_CBC_encrypt_AESNI");
-
-        #ifdef HAVE_AES_DECRYPT
-            #if defined(WOLFSSL_AESNI_BY4) || defined(WOLFSSL_X86_BUILD)
-                void AES_CBC_decrypt_AESNI_by4(const unsigned char* in, unsigned char* out,
-                                         unsigned char* ivec, unsigned long length,
-                                         const unsigned char* KS, int nr)
-                                         XASM_LINK("AES_CBC_decrypt_AESNI_by4");
-            #elif defined(WOLFSSL_AESNI_BY6)
-                void AES_CBC_decrypt_AESNI_by6(const unsigned char* in, unsigned char* out,
-                                         unsigned char* ivec, unsigned long length,
-                                         const unsigned char* KS, int nr)
-                                         XASM_LINK("AES_CBC_decrypt_AESNI_by6");
-            #else /* WOLFSSL_AESNI_BYx */
-                void AES_CBC_decrypt_AESNI_by8(const unsigned char* in, unsigned char* out,
-                                         unsigned char* ivec, unsigned long length,
-                                         const unsigned char* KS, int nr)
-                                         XASM_LINK("AES_CBC_decrypt_AESNI_by8");
-            #endif /* WOLFSSL_AESNI_BYx */
-        #endif /* HAVE_AES_DECRYPT */
-    #endif /* HAVE_AES_CBC */
-
-    void AES_ECB_encrypt_AESNI(const unsigned char* in, unsigned char* out,
-                         unsigned long length, const unsigned char* KS, int nr)
-                         XASM_LINK("AES_ECB_encrypt_AESNI");
-
-    #ifdef HAVE_AES_DECRYPT
-        void AES_ECB_decrypt_AESNI(const unsigned char* in, unsigned char* out,
-                             unsigned long length, const unsigned char* KS, int nr)
-                             XASM_LINK("AES_ECB_decrypt_AESNI");
-    #endif
-
-    void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
-                               unsigned char* key_schedule)
-                               XASM_LINK("AES_128_Key_Expansion_AESNI");
-
-    void AES_192_Key_Expansion_AESNI(const unsigned char* userkey,
-                               unsigned char* key_schedule)
-                               XASM_LINK("AES_192_Key_Expansion_AESNI");
-
-    void AES_256_Key_Expansion_AESNI(const unsigned char* userkey,
-                               unsigned char* key_schedule)
-                               XASM_LINK("AES_256_Key_Expansion_AESNI");
-
-
-    static WARN_UNUSED_RESULT int AES_set_encrypt_key_AESNI(
-        const unsigned char *userKey, const int bits, Aes* aes)
-    {
-        int ret;
-
-        ASSERT_SAVED_VECTOR_REGISTERS();
-
-        if (!userKey || !aes)
-            return BAD_FUNC_ARG;
-
-        switch (bits) {
-            case 128:
-               AES_128_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 10;
-               return 0;
-            case 192:
-               AES_192_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 12;
-               return 0;
-            case 256:
-               AES_256_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 14;
-               return 0;
-            default:
-                ret = BAD_FUNC_ARG;
-        }
-
-        return ret;
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-        static WARN_UNUSED_RESULT int AES_set_decrypt_key_AESNI(
-            const unsigned char* userKey, const int bits, Aes* aes)
-        {
-            word32 nr;
-            WC_DECLARE_VAR(temp_key, Aes, 1, 0);
-            __m128i *Key_Schedule;
-            __m128i *Temp_Key_Schedule;
-
-            ASSERT_SAVED_VECTOR_REGISTERS();
-
-            if (!userKey || !aes)
-                return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-            if ((temp_key = (Aes *)XMALLOC(sizeof *aes, aes->heap,
-                                           DYNAMIC_TYPE_AES)) == NULL)
-                return MEMORY_E;
-#endif
-
-            if (AES_set_encrypt_key_AESNI(userKey,bits,temp_key)
-                == WC_NO_ERR_TRACE(BAD_FUNC_ARG)) {
-                WC_FREE_VAR_EX(temp_key, aes->heap, DYNAMIC_TYPE_AES);
-                return BAD_FUNC_ARG;
-            }
-
-            Key_Schedule = (__m128i*)aes->key;
-            Temp_Key_Schedule = (__m128i*)temp_key->key;
-
-            nr = temp_key->rounds;
-            aes->rounds = nr;
-
-            Key_Schedule[nr] = Temp_Key_Schedule[0];
-            Key_Schedule[nr-1] = _mm_aesimc_si128(Temp_Key_Schedule[1]);
-            Key_Schedule[nr-2] = _mm_aesimc_si128(Temp_Key_Schedule[2]);
-            Key_Schedule[nr-3] = _mm_aesimc_si128(Temp_Key_Schedule[3]);
-            Key_Schedule[nr-4] = _mm_aesimc_si128(Temp_Key_Schedule[4]);
-            Key_Schedule[nr-5] = _mm_aesimc_si128(Temp_Key_Schedule[5]);
-            Key_Schedule[nr-6] = _mm_aesimc_si128(Temp_Key_Schedule[6]);
-            Key_Schedule[nr-7] = _mm_aesimc_si128(Temp_Key_Schedule[7]);
-            Key_Schedule[nr-8] = _mm_aesimc_si128(Temp_Key_Schedule[8]);
-            Key_Schedule[nr-9] = _mm_aesimc_si128(Temp_Key_Schedule[9]);
-
-            if (nr>10) {
-                Key_Schedule[nr-10] = _mm_aesimc_si128(Temp_Key_Schedule[10]);
-                Key_Schedule[nr-11] = _mm_aesimc_si128(Temp_Key_Schedule[11]);
-            }
-
-            if (nr>12) {
-                Key_Schedule[nr-12] = _mm_aesimc_si128(Temp_Key_Schedule[12]);
-                Key_Schedule[nr-13] = _mm_aesimc_si128(Temp_Key_Schedule[13]);
-            }
-
-            Key_Schedule[0] = Temp_Key_Schedule[nr];
-
-            WC_FREE_VAR_EX(temp_key, aes->heap, DYNAMIC_TYPE_AES);
-
-            return 0;
-        }
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-
-    #define NEED_AES_TABLES
-
-    static cpuid_flags_t cpuid_flags = WC_CPUID_INITIALIZER;
-
-    static void Check_CPU_support_HwCrypto(Aes* aes)
-    {
-        cpuid_get_flags_ex(&cpuid_flags);
-        aes->use_aes_hw_crypto = IS_AARCH64_AES(cpuid_flags);
-    #ifdef HAVE_AESGCM
-        aes->use_pmull_hw_crypto = IS_AARCH64_PMULL(cpuid_flags);
-        aes->use_sha3_hw_crypto = IS_AARCH64_SHA3(cpuid_flags);
-    #endif
-    }
-
-#elif !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-
-#if defined(WOLFSSL_AES_DIRECT) || defined(HAVE_AESCCM)
-static WARN_UNUSED_RESULT int wc_AesEncrypt(Aes* aes, const byte* inBlock,
-    byte* outBlock)
-{
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_encrypt_AARCH32(inBlock, outBlock, (byte*)aes->key, (int)aes->rounds);
-#else
-    AES_ECB_encrypt(inBlock, outBlock, WC_AES_BLOCK_SIZE, (byte*)aes->key,
-        (int)aes->rounds);
-#endif
-    return 0;
-}
-#endif
-
-#ifdef HAVE_AES_DECRYPT
-#ifdef WOLFSSL_AES_DIRECT
-static WARN_UNUSED_RESULT int wc_AesDecrypt(Aes* aes, const byte* inBlock,
-    byte* outBlock)
-{
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_decrypt_AARCH32(inBlock, outBlock, (byte*)aes->key, (int)aes->rounds);
-#else
-    AES_ECB_decrypt(inBlock, outBlock, WC_AES_BLOCK_SIZE, (byte*)aes->key,
-        (int)aes->rounds);
-#endif
-    return 0;
-}
-#endif
-#endif
-
-#elif (defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) \
-        && !defined(WOLFSSL_QNX_CAAM)) || \
-      ((defined(WOLFSSL_AFALG) || defined(WOLFSSL_DEVCRYPTO_AES)) && \
-        defined(HAVE_AESCCM))
-        static WARN_UNUSED_RESULT int wc_AesEncrypt(
-            Aes* aes, const byte* inBlock, byte* outBlock)
-        {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-            {
-                int ret =
-                    wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-                if (ret < 0)
-                    return ret;
-            }
-#endif
-            return wc_AesEncryptDirect(aes, outBlock, inBlock);
-        }
-
-#elif defined(WOLFSSL_AFALG)
-    /* implemented in wolfcrypt/src/port/af_alg/afalg_aes.c */
-
-#elif defined(WOLFSSL_DEVCRYPTO_AES)
-    /* implemented in wolfcrypt/src/port/devcrypto/devcrypto_aes.c */
-
-#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-    #include "hal_data.h"
-
-    #ifndef WOLFSSL_SCE_AES256_HANDLE
-        #define WOLFSSL_SCE_AES256_HANDLE g_sce_aes_256
-    #endif
-
-    #ifndef WOLFSSL_SCE_AES192_HANDLE
-        #define WOLFSSL_SCE_AES192_HANDLE g_sce_aes_192
-    #endif
-
-    #ifndef WOLFSSL_SCE_AES128_HANDLE
-        #define WOLFSSL_SCE_AES128_HANDLE g_sce_aes_128
-    #endif
-
-    static WARN_UNUSED_RESULT int AES_ECB_encrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock, int sz)
-    {
-        word32 ret;
-
-        if (WOLFSSL_SCE_GSCE_HANDLE.p_cfg->endian_flag ==
-                CRYPTO_WORD_ENDIAN_BIG) {
-            ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz);
-        }
-
-        switch (aes->keylen) {
-        #ifdef WOLFSSL_AES_128
-            case AES_128_KEY_SIZE:
-                ret = WOLFSSL_SCE_AES128_HANDLE.p_api->encrypt(
-                        WOLFSSL_SCE_AES128_HANDLE.p_ctrl, aes->key,
-                        NULL, (sz / sizeof(word32)), (word32*)inBlock,
-                        (word32*)outBlock);
-                break;
-        #endif
-        #ifdef WOLFSSL_AES_192
-            case AES_192_KEY_SIZE:
-                ret = WOLFSSL_SCE_AES192_HANDLE.p_api->encrypt(
-                        WOLFSSL_SCE_AES192_HANDLE.p_ctrl, aes->key,
-                        NULL, (sz / sizeof(word32)), (word32*)inBlock,
-                        (word32*)outBlock);
-                break;
-        #endif
-        #ifdef WOLFSSL_AES_256
-            case AES_256_KEY_SIZE:
-                ret = WOLFSSL_SCE_AES256_HANDLE.p_api->encrypt(
-                        WOLFSSL_SCE_AES256_HANDLE.p_ctrl, aes->key,
-                        NULL, (sz / sizeof(word32)), (word32*)inBlock,
-                        (word32*)outBlock);
-                break;
-        #endif
-            default:
-                WOLFSSL_MSG("Unknown key size");
-                return BAD_FUNC_ARG;
-        }
-
-        if (ret != SSP_SUCCESS) {
-            /* revert input */
-            ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz);
-            return WC_HW_E;
-        }
-
-        if (WOLFSSL_SCE_GSCE_HANDLE.p_cfg->endian_flag ==
-                CRYPTO_WORD_ENDIAN_BIG) {
-            ByteReverseWords((word32*)outBlock, (word32*)outBlock, sz);
-            if (inBlock != outBlock) {
-                /* revert input */
-                ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz);
-            }
-        }
-        return 0;
-    }
-
-    #if defined(HAVE_AES_DECRYPT)
-    static WARN_UNUSED_RESULT int AES_ECB_decrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock, int sz)
-    {
-        word32 ret;
-
-        if (WOLFSSL_SCE_GSCE_HANDLE.p_cfg->endian_flag ==
-                CRYPTO_WORD_ENDIAN_BIG) {
-            ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz);
-        }
-
-        switch (aes->keylen) {
-        #ifdef WOLFSSL_AES_128
-            case AES_128_KEY_SIZE:
-                ret = WOLFSSL_SCE_AES128_HANDLE.p_api->decrypt(
-                        WOLFSSL_SCE_AES128_HANDLE.p_ctrl, aes->key, aes->reg,
-                        (sz / sizeof(word32)), (word32*)inBlock,
-                        (word32*)outBlock);
-                break;
-        #endif
-        #ifdef WOLFSSL_AES_192
-            case AES_192_KEY_SIZE:
-                ret = WOLFSSL_SCE_AES192_HANDLE.p_api->decrypt(
-                        WOLFSSL_SCE_AES192_HANDLE.p_ctrl, aes->key, aes->reg,
-                        (sz / sizeof(word32)), (word32*)inBlock,
-                        (word32*)outBlock);
-                break;
-        #endif
-        #ifdef WOLFSSL_AES_256
-            case AES_256_KEY_SIZE:
-                ret = WOLFSSL_SCE_AES256_HANDLE.p_api->decrypt(
-                        WOLFSSL_SCE_AES256_HANDLE.p_ctrl, aes->key, aes->reg,
-                        (sz / sizeof(word32)), (word32*)inBlock,
-                        (word32*)outBlock);
-                break;
-        #endif
-            default:
-                WOLFSSL_MSG("Unknown key size");
-                return BAD_FUNC_ARG;
-        }
-        if (ret != SSP_SUCCESS) {
-            return WC_HW_E;
-        }
-
-        if (WOLFSSL_SCE_GSCE_HANDLE.p_cfg->endian_flag ==
-                CRYPTO_WORD_ENDIAN_BIG) {
-            ByteReverseWords((word32*)outBlock, (word32*)outBlock, sz);
-            if (inBlock != outBlock) {
-                /* revert input */
-                ByteReverseWords((word32*)inBlock, (word32*)inBlock, sz);
-            }
-        }
-
-        return 0;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-    #if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT)
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-        return AES_ECB_encrypt(aes, inBlock, outBlock, WC_AES_BLOCK_SIZE);
-    }
-    #endif
-
-    #if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT)
-    static WARN_UNUSED_RESULT int wc_AesDecrypt(
-        Aes* aes, const byte* inBlock, byte* outBlock)
-    {
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-        return AES_ECB_decrypt(aes, inBlock, outBlock, WC_AES_BLOCK_SIZE);
-    }
-    #endif
-
-#elif defined(WOLFSSL_KCAPI_AES)
-    /* Only CBC and GCM are in wolfcrypt/src/port/kcapi/kcapi_aes.c */
-    #if defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AESCCM) || \
-        defined(WOLFSSL_CMAC) || defined(WOLFSSL_AES_OFB) || \
-        defined(WOLFSSL_AES_CFB) || defined(HAVE_AES_ECB) || \
-        defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_XTS) || \
-        (defined(HAVE_AES_CBC) && defined(WOLFSSL_NO_KCAPI_AES_CBC))
-
-        #define NEED_AES_TABLES
-    #endif
-#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-/* implemented in wolfcrypt/src/port/psa/psa_aes.c */
-
-#elif defined(WOLFSSL_RISCV_ASM)
-/* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */
-
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-/* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
-
-#else
-
-    /* using wolfCrypt software implementation */
-    #define NEED_AES_TABLES
-#endif
-
-
-
-#if defined(WC_AES_BITSLICED) && !defined(HAVE_AES_ECB)
-    #error "When WC_AES_BITSLICED is defined, HAVE_AES_ECB is needed."
-#endif
-
-#ifdef NEED_AES_TABLES
-
-#ifndef WC_AES_BITSLICED
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-#if !defined(WOLFSSL_ESP32_CRYPT) || \
-    (defined(NO_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES) || \
-     defined(NEED_AES_HW_FALLBACK))
-static const FLASH_QUALIFIER word32 rcon[] = {
-    0x01000000, 0x02000000, 0x04000000, 0x08000000,
-    0x10000000, 0x20000000, 0x40000000, 0x80000000,
-    0x1B000000, 0x36000000,
-    /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-#endif /* ESP32 */
-#endif /* __aarch64__ || !WOLFSSL_ARMASM */
-
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM) || \
-      defined(WOLFSSL_ARMASM_NO_HW_CRYPTO) || defined(WOLFSSL_AES_DIRECT) || \
-      defined(HAVE_AESCCM)
-#ifndef WOLFSSL_AES_SMALL_TABLES
-static const FLASH_QUALIFIER word32 Te[4][256] = {
-{
-    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
-    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
-    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
-    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
-    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
-    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
-    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
-    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
-    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
-    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
-    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
-    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
-    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
-    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
-    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
-    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
-    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
-    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
-    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
-    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
-    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
-    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
-    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
-    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
-    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
-    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
-    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
-    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
-    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
-    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
-    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
-    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
-    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
-    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
-    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
-    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
-    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
-    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
-    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
-    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
-    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
-    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
-    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
-    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
-    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
-    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
-    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
-    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
-    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
-    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
-    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
-    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
-    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
-    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
-    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
-    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
-    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
-    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
-    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
-    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
-    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
-    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
-    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
-    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
-},
-{
-    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
-    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
-    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
-    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
-    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
-    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
-    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
-    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
-    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
-    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
-    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
-    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
-    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
-    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
-    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
-    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
-    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
-    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
-    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
-    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
-    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
-    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
-    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
-    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
-    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
-    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
-    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
-    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
-    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
-    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
-    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
-    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
-    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
-    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
-    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
-    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
-    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
-    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
-    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
-    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
-    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
-    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
-    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
-    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
-    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
-    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
-    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
-    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
-    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
-    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
-    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
-    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
-    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
-    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
-    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
-    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
-    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
-    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
-    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
-    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
-    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
-    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
-    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
-    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
-},
-{
-    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
-    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
-    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
-    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
-    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
-    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
-    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
-    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
-    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
-    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
-    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
-    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
-    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
-    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
-    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
-    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
-    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
-    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
-    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
-    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
-    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
-    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
-    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
-    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
-    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
-    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
-    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
-    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
-    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
-    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
-    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
-    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
-    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
-    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
-    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
-    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
-    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
-    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
-    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
-    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
-    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
-    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
-    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
-    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
-    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
-    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
-    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
-    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
-    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
-    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
-    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
-    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
-    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
-    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
-    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
-    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
-    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
-    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
-    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
-    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
-    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
-    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
-    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
-    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
-},
-{
-    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
-    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
-    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
-    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
-    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
-    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
-    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
-    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
-    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
-    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
-    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
-    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
-    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
-    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
-    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
-    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
-    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
-    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
-    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
-    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
-    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
-    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
-    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
-    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
-    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
-    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
-    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
-    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
-    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
-    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
-    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
-    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
-    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
-    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
-    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
-    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
-    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
-    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
-    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
-    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
-    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
-    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
-    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
-    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
-    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
-    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
-    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
-    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
-    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
-    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
-    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
-    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
-    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
-    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
-    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
-    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
-    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
-    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
-    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
-    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
-    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
-    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
-    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
-    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
-}
-};
-
-#ifdef HAVE_AES_DECRYPT
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-static const FLASH_QUALIFIER word32 Td[4][256] = {
-{
-    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
-    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
-    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
-    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
-    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
-    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
-    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
-    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
-    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
-    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
-    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
-    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
-    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
-    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
-    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
-    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
-    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
-    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
-    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
-    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
-    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
-    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
-    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
-    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
-    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
-    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
-    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
-    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
-    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
-    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
-    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
-    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
-    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
-    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
-    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
-    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
-    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
-    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
-    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
-    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
-    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
-    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
-    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
-    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
-    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
-    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
-    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
-    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
-    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
-    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
-    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
-    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
-    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
-    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
-    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
-    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
-    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
-    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
-    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
-    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
-    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
-    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
-    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
-    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
-},
-{
-    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
-    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
-    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
-    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
-    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
-    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
-    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
-    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
-    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
-    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
-    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
-    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
-    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
-    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
-    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
-    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
-    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
-    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
-    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
-    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
-    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
-    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
-    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
-    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
-    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
-    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
-    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
-    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
-    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
-    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
-    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
-    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
-    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
-    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
-    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
-    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
-    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
-    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
-    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
-    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
-    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
-    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
-    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
-    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
-    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
-    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
-    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
-    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
-    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
-    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
-    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
-    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
-    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
-    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
-    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
-    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
-    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
-    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
-    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
-    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
-    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
-    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
-    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
-    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
-},
-{
-    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
-    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
-    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
-    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
-    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
-    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
-    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
-    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
-    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
-    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
-    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
-    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
-    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
-    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
-    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
-    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
-    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
-    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
-    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
-    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
-
-    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
-    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
-    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
-    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
-    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
-    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
-    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
-    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
-    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
-    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
-    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
-    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
-    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
-    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
-    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
-    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
-    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
-    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
-    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
-    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
-    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
-    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
-    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
-    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
-    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
-    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
-    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
-    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
-    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
-    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
-    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
-    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
-    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
-    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
-    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
-    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
-    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
-    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
-    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
-    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
-    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
-    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
-    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
-    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
-},
-{
-    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
-    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
-    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
-    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
-    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
-    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
-    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
-    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
-    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
-    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
-    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
-    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
-    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
-    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
-    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
-    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
-    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
-    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
-    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
-    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
-    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
-    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
-    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
-    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
-    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
-    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
-    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
-    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
-    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
-    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
-    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
-    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
-    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
-    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
-    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
-    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
-    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
-    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
-    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
-    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
-    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
-    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
-    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
-    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
-    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
-    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
-    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
-    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
-    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
-    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
-    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
-    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
-    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
-    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
-    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
-    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
-    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
-    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
-    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
-    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
-    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
-    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
-    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
-    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
-}
-};
-#endif /* __aarch64__ || !WOLFSSL_ARMASM */
-#endif /* HAVE_AES_DECRYPT */
-#endif /* WOLFSSL_AES_SMALL_TABLES */
-
-#ifdef HAVE_AES_DECRYPT
-#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) || \
-     defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_DIRECT)
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-static const FLASH_QUALIFIER byte Td4[256] =
-{
-    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
-};
-#endif
-#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
-#endif /* HAVE_AES_DECRYPT */
-
-#define GETBYTE(x, y) (word32)((byte)((x) >> (8 * (y))))
-
-#ifdef WOLFSSL_AES_SMALL_TABLES
-static const byte Tsbox[256] = {
-    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
-    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
-    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
-    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
-    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
-    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
-    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
-    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
-    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
-    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
-    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
-    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
-    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
-    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
-    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
-    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
-    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
-    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
-    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
-    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
-    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
-    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
-    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
-    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
-    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
-    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
-    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
-    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
-    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
-    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
-    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
-    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-
-#define AES_XTIME(x)    ((byte)((byte)((x) << 1) ^ ((0 - ((x) >> 7)) & 0x1b)))
-
-static WARN_UNUSED_RESULT word32 col_mul(
-    word32 t, int i2, int i3, int ia, int ib)
-{
-    byte t3 = GETBYTE(t, i3);
-    byte tm = AES_XTIME(GETBYTE(t, i2) ^ t3);
-
-    return GETBYTE(t, ia) ^ GETBYTE(t, ib) ^ t3 ^ tm;
-}
-
-#if defined(HAVE_AES_CBC) || defined(HAVE_AES_ECB) || \
-    defined(WOLFSSL_AES_DIRECT)
-static WARN_UNUSED_RESULT word32 inv_col_mul(
-    word32 t, int i9, int ib, int id, int ie)
-{
-    byte t9 = GETBYTE(t, i9);
-    byte tb = GETBYTE(t, ib);
-    byte td = GETBYTE(t, id);
-    byte te = GETBYTE(t, ie);
-    byte t0 = t9 ^ tb ^ td;
-    return t0 ^ AES_XTIME(AES_XTIME(AES_XTIME(t0 ^ te) ^ td ^ te) ^ tb ^ te);
-}
-#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
-#endif /* WOLFSSL_AES_SMALL_TABLES */
-#endif
-#endif
-
-#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) || \
-                                    defined(HAVE_AESCCM) || defined(HAVE_AESGCM)
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM) || \
-      defined(WOLFSSL_ARMASM_NO_HW_CRYPTO) || defined(WOLFSSL_AES_DIRECT) || \
-      defined(HAVE_AESCCM)
-
-
-#ifndef WC_AES_BITSLICED
-
-#ifndef WC_CACHE_LINE_SZ
-    #if defined(__x86_64__) || defined(_M_X64) || \
-       (defined(__ILP32__) && (__ILP32__ >= 1))
-        #define WC_CACHE_LINE_SZ 64
-    #else
-        /* default cache line size */
-        #define WC_CACHE_LINE_SZ 32
-    #endif
-#endif
-
-#ifndef WC_NO_CACHE_RESISTANT
-
-#if defined(__riscv) && !defined(WOLFSSL_AES_TOUCH_LINES)
-    #define WOLFSSL_AES_TOUCH_LINES
-#endif
-
-#ifndef WOLFSSL_AES_SMALL_TABLES
-/* load 4 Te Tables into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTe(void)
-{
-#ifndef WOLFSSL_AES_TOUCH_LINES
-    word32 x = 0;
-    int i,j;
-
-    for (i = 0; i < 4; i++) {
-        /* 256 elements, each one is 4 bytes */
-        for (j = 0; j < 256; j += WC_CACHE_LINE_SZ/4) {
-            x &= Te[i][j];
-        }
-    }
-    return x;
-#else
-    return 0;
-#endif
-}
-#else
-/* load sbox into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchSBox(void)
-{
-#ifndef WOLFSSL_AES_TOUCH_LINES
-    word32 x = 0;
-    int i;
-
-    for (i = 0; i < 256; i += WC_CACHE_LINE_SZ/4) {
-        x &= Tsbox[i];
-    }
-    return x;
-#else
-    return 0;
-#endif
-}
-#endif
-#endif
-
-#ifdef WOLFSSL_AES_TOUCH_LINES
-#if WC_CACHE_LINE_SZ == 128
-    #define WC_CACHE_LINE_BITS      5
-    #define WC_CACHE_LINE_MASK_HI   0xe0
-    #define WC_CACHE_LINE_MASK_LO   0x1f
-    #define WC_CACHE_LINE_ADD       0x20
-#elif WC_CACHE_LINE_SZ == 64
-    #define WC_CACHE_LINE_BITS      4
-    #define WC_CACHE_LINE_MASK_HI   0xf0
-    #define WC_CACHE_LINE_MASK_LO   0x0f
-    #define WC_CACHE_LINE_ADD       0x10
-#elif WC_CACHE_LINE_SZ == 32
-    #define WC_CACHE_LINE_BITS      3
-    #define WC_CACHE_LINE_MASK_HI   0xf8
-    #define WC_CACHE_LINE_MASK_LO   0x07
-    #define WC_CACHE_LINE_ADD       0x08
-#elif WC_CACHE_LINE_SZ == 16
-    #define WC_CACHE_LINE_BITS      2
-    #define WC_CACHE_LINE_MASK_HI   0xfc
-    #define WC_CACHE_LINE_MASK_LO   0x03
-    #define WC_CACHE_LINE_ADD       0x04
-#else
-    #error Cache line size not supported
-#endif
-
-#ifndef WOLFSSL_AES_SMALL_TABLES
-static word32 GetTable(const word32* t, byte o)
-{
-#if WC_CACHE_LINE_SZ == 64
-    word32 e;
-    byte hi = o & 0xf0;
-    byte lo = o & 0x0f;
-
-    e  = t[lo + 0x00] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x10] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x20] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x30] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x40] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x50] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x60] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x70] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x80] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x90] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xa0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xb0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xc0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xd0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xe0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xf0] & ((word32)0 - (((word32)hi - 0x01) >> 31));
-
-    return e;
-#else
-    word32 e = 0;
-    int i;
-    byte hi = o & WC_CACHE_LINE_MASK_HI;
-    byte lo = o & WC_CACHE_LINE_MASK_LO;
-
-    for (i = 0; i < 256; i += (1 << WC_CACHE_LINE_BITS)) {
-        e |= t[lo + i] & ((word32)0 - (((word32)hi - 0x01) >> 31));
-        hi -= WC_CACHE_LINE_ADD;
-    }
-
-    return e;
-#endif
-}
-#endif
-
-#ifdef WOLFSSL_AES_SMALL_TABLES
-static byte GetTable8(const byte* t, byte o)
-{
-#if WC_CACHE_LINE_SZ == 64
-    byte e;
-    byte hi = o & 0xf0;
-    byte lo = o & 0x0f;
-
-    e  = t[lo + 0x00] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x10] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x20] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x30] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x40] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x50] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x60] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x70] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x80] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0x90] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xa0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xb0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xc0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xd0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xe0] & ((word32)0 - (((word32)hi - 0x01) >> 31)); hi -= 0x10;
-    e |= t[lo + 0xf0] & ((word32)0 - (((word32)hi - 0x01) >> 31));
-
-    return e;
-#else
-    byte e = 0;
-    int i;
-    byte hi = o & WC_CACHE_LINE_MASK_HI;
-    byte lo = o & WC_CACHE_LINE_MASK_LO;
-
-    for (i = 0; i < 256; i += (1 << WC_CACHE_LINE_BITS)) {
-        e |= t[lo + i] & ((word32)0 - (((word32)hi - 0x01) >> 31));
-        hi -= WC_CACHE_LINE_ADD;
-    }
-
-    return e;
-#endif
-}
-#endif
-
-#ifndef WOLFSSL_AES_SMALL_TABLES
-static void GetTable_Multi(const word32* t, word32* t0, byte o0,
-    word32* t1, byte o1, word32* t2, byte o2, word32* t3, byte o3)
-{
-    word32 e0 = 0;
-    word32 e1 = 0;
-    word32 e2 = 0;
-    word32 e3 = 0;
-    byte hi0 = o0 & WC_CACHE_LINE_MASK_HI;
-    byte lo0 = o0 & WC_CACHE_LINE_MASK_LO;
-    byte hi1 = o1 & WC_CACHE_LINE_MASK_HI;
-    byte lo1 = o1 & WC_CACHE_LINE_MASK_LO;
-    byte hi2 = o2 & WC_CACHE_LINE_MASK_HI;
-    byte lo2 = o2 & WC_CACHE_LINE_MASK_LO;
-    byte hi3 = o3 & WC_CACHE_LINE_MASK_HI;
-    byte lo3 = o3 & WC_CACHE_LINE_MASK_LO;
-    int i;
-
-    for (i = 0; i < 256; i += (1 << WC_CACHE_LINE_BITS)) {
-        e0 |= t[lo0 + i] & ((word32)0 - (((word32)hi0 - 0x01) >> 31));
-        hi0 -= WC_CACHE_LINE_ADD;
-        e1 |= t[lo1 + i] & ((word32)0 - (((word32)hi1 - 0x01) >> 31));
-        hi1 -= WC_CACHE_LINE_ADD;
-        e2 |= t[lo2 + i] & ((word32)0 - (((word32)hi2 - 0x01) >> 31));
-        hi2 -= WC_CACHE_LINE_ADD;
-        e3 |= t[lo3 + i] & ((word32)0 - (((word32)hi3 - 0x01) >> 31));
-        hi3 -= WC_CACHE_LINE_ADD;
-    }
-    *t0 = e0;
-    *t1 = e1;
-    *t2 = e2;
-    *t3 = e3;
-}
-static void XorTable_Multi(const word32* t, word32* t0, byte o0,
-    word32* t1, byte o1, word32* t2, byte o2, word32* t3, byte o3)
-{
-    word32 e0 = 0;
-    word32 e1 = 0;
-    word32 e2 = 0;
-    word32 e3 = 0;
-    byte hi0 = o0 & 0xf0;
-    byte lo0 = o0 & 0x0f;
-    byte hi1 = o1 & 0xf0;
-    byte lo1 = o1 & 0x0f;
-    byte hi2 = o2 & 0xf0;
-    byte lo2 = o2 & 0x0f;
-    byte hi3 = o3 & 0xf0;
-    byte lo3 = o3 & 0x0f;
-    int i;
-
-    for (i = 0; i < 256; i += (1 << WC_CACHE_LINE_BITS)) {
-        e0 |= t[lo0 + i] & ((word32)0 - (((word32)hi0 - 0x01) >> 31));
-        hi0 -= WC_CACHE_LINE_ADD;
-        e1 |= t[lo1 + i] & ((word32)0 - (((word32)hi1 - 0x01) >> 31));
-        hi1 -= WC_CACHE_LINE_ADD;
-        e2 |= t[lo2 + i] & ((word32)0 - (((word32)hi2 - 0x01) >> 31));
-        hi2 -= WC_CACHE_LINE_ADD;
-        e3 |= t[lo3 + i] & ((word32)0 - (((word32)hi3 - 0x01) >> 31));
-        hi3 -= WC_CACHE_LINE_ADD;
-    }
-    *t0 ^= e0;
-    *t1 ^= e1;
-    *t2 ^= e2;
-    *t3 ^= e3;
-}
-static word32 GetTable8_4(const byte* t, byte o0, byte o1, byte o2, byte o3)
-{
-    word32 e = 0;
-    int i;
-    byte hi0 = o0 & WC_CACHE_LINE_MASK_HI;
-    byte lo0 = o0 & WC_CACHE_LINE_MASK_LO;
-    byte hi1 = o1 & WC_CACHE_LINE_MASK_HI;
-    byte lo1 = o1 & WC_CACHE_LINE_MASK_LO;
-    byte hi2 = o2 & WC_CACHE_LINE_MASK_HI;
-    byte lo2 = o2 & WC_CACHE_LINE_MASK_LO;
-    byte hi3 = o3 & WC_CACHE_LINE_MASK_HI;
-    byte lo3 = o3 & WC_CACHE_LINE_MASK_LO;
-
-    for (i = 0; i < 256; i += (1 << WC_CACHE_LINE_BITS)) {
-        e |= (word32)(t[lo0 + i] & ((word32)0 - (((word32)hi0 - 0x01) >> 31)))
-             << 24;
-        hi0 -= WC_CACHE_LINE_ADD;
-        e |= (word32)(t[lo1 + i] & ((word32)0 - (((word32)hi1 - 0x01) >> 31)))
-             << 16;
-        hi1 -= WC_CACHE_LINE_ADD;
-        e |= (word32)(t[lo2 + i] & ((word32)0 - (((word32)hi2 - 0x01) >> 31)))
-             <<  8;
-        hi2 -= WC_CACHE_LINE_ADD;
-        e |= (word32)(t[lo3 + i] & ((word32)0 - (((word32)hi3 - 0x01) >> 31)))
-             <<  0;
-        hi3 -= WC_CACHE_LINE_ADD;
-    }
-
-    return e;
-}
-#endif
-#else
-
-#define GetTable(t, o)  t[o]
-#define GetTable8(t, o) t[o]
-#define GetTable_Multi(t, t0, o0, t1, o1, t2, o2, t3, o3)  \
-    *(t0) = (t)[o0]; *(t1) = (t)[o1]; *(t2) = (t)[o2]; *(t3) = (t)[o3]
-#define XorTable_Multi(t, t0, o0, t1, o1, t2, o2, t3, o3)  \
-    *(t0) ^= (t)[o0]; *(t1) ^= (t)[o1]; *(t2) ^= (t)[o2]; *(t3) ^= (t)[o3]
-#define GetTable8_4(t, o0, o1, o2, o3) \
-    (((word32)(t)[o0] << 24) | ((word32)(t)[o1] << 16) |   \
-     ((word32)(t)[o2] <<  8) | ((word32)(t)[o3] <<  0))
-#endif
-
-#ifndef HAVE_CUDA
-/* Encrypt a block using AES.
- *
- * @param [in]  aes       AES object.
- * @param [in]  inBlock   Block to encrypt.
- * @param [out] outBlock  Encrypted block.
- * @param [in]  r         Rounds divided by 2.
- */
-static void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
-        word32 r)
-{
-    word32 s0 = 0, s1 = 0, s2 = 0, s3 = 0;
-    word32 t0 = 0, t1 = 0, t2 = 0, t3 = 0;
-    const word32* rk;
-
-#ifdef WC_C_DYNAMIC_FALLBACK
-    rk = aes->key_C_fallback;
-#else
-    rk = aes->key;
-#endif
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    XMEMCPY(&s0, inBlock,                  sizeof(s0));
-    XMEMCPY(&s1, inBlock +     sizeof(s0), sizeof(s1));
-    XMEMCPY(&s2, inBlock + 2 * sizeof(s0), sizeof(s2));
-    XMEMCPY(&s3, inBlock + 3 * sizeof(s0), sizeof(s3));
-
-#ifdef LITTLE_ENDIAN_ORDER
-    s0 = ByteReverseWord32(s0);
-    s1 = ByteReverseWord32(s1);
-    s2 = ByteReverseWord32(s2);
-    s3 = ByteReverseWord32(s3);
-#endif
-
-    /* AddRoundKey */
-    s0 ^= rk[0];
-    s1 ^= rk[1];
-    s2 ^= rk[2];
-    s3 ^= rk[3];
-
-#ifndef WOLFSSL_AES_SMALL_TABLES
-#ifndef WC_NO_CACHE_RESISTANT
-    s0 |= PreFetchTe();
-#endif
-
-#ifndef WOLFSSL_AES_TOUCH_LINES
-#define ENC_ROUND_T_S(o)                                                       \
-    t0 = GetTable(Te[0], GETBYTE(s0, 3)) ^ GetTable(Te[1], GETBYTE(s1, 2)) ^   \
-         GetTable(Te[2], GETBYTE(s2, 1)) ^ GetTable(Te[3], GETBYTE(s3, 0)) ^   \
-         rk[(o)+4];                                                            \
-    t1 = GetTable(Te[0], GETBYTE(s1, 3)) ^ GetTable(Te[1], GETBYTE(s2, 2)) ^   \
-         GetTable(Te[2], GETBYTE(s3, 1)) ^ GetTable(Te[3], GETBYTE(s0, 0)) ^   \
-         rk[(o)+5];                                                            \
-    t2 = GetTable(Te[0], GETBYTE(s2, 3)) ^ GetTable(Te[1], GETBYTE(s3, 2)) ^   \
-         GetTable(Te[2], GETBYTE(s0, 1)) ^ GetTable(Te[3], GETBYTE(s1, 0)) ^   \
-         rk[(o)+6];                                                            \
-    t3 = GetTable(Te[0], GETBYTE(s3, 3)) ^ GetTable(Te[1], GETBYTE(s0, 2)) ^   \
-         GetTable(Te[2], GETBYTE(s1, 1)) ^ GetTable(Te[3], GETBYTE(s2, 0)) ^   \
-         rk[(o)+7]
-#define ENC_ROUND_S_T(o)                                                       \
-    s0 = GetTable(Te[0], GETBYTE(t0, 3)) ^ GetTable(Te[1], GETBYTE(t1, 2)) ^   \
-         GetTable(Te[2], GETBYTE(t2, 1)) ^ GetTable(Te[3], GETBYTE(t3, 0)) ^   \
-         rk[(o)+0];                                                            \
-    s1 = GetTable(Te[0], GETBYTE(t1, 3)) ^ GetTable(Te[1], GETBYTE(t2, 2)) ^   \
-         GetTable(Te[2], GETBYTE(t3, 1)) ^ GetTable(Te[3], GETBYTE(t0, 0)) ^   \
-         rk[(o)+1];                                                            \
-    s2 = GetTable(Te[0], GETBYTE(t2, 3)) ^ GetTable(Te[1], GETBYTE(t3, 2)) ^   \
-         GetTable(Te[2], GETBYTE(t0, 1)) ^ GetTable(Te[3], GETBYTE(t1, 0)) ^   \
-         rk[(o)+2];                                                            \
-    s3 = GetTable(Te[0], GETBYTE(t3, 3)) ^ GetTable(Te[1], GETBYTE(t0, 2)) ^   \
-         GetTable(Te[2], GETBYTE(t1, 1)) ^ GetTable(Te[3], GETBYTE(t2, 0)) ^   \
-         rk[(o)+3]
-#else
-#define ENC_ROUND_T_S(o)                                                       \
-    GetTable_Multi(Te[0], &t0, GETBYTE(s0, 3), &t1, GETBYTE(s1, 3),            \
-                          &t2, GETBYTE(s2, 3), &t3, GETBYTE(s3, 3));           \
-    XorTable_Multi(Te[1], &t0, GETBYTE(s1, 2), &t1, GETBYTE(s2, 2),            \
-                          &t2, GETBYTE(s3, 2), &t3, GETBYTE(s0, 2));           \
-    XorTable_Multi(Te[2], &t0, GETBYTE(s2, 1), &t1, GETBYTE(s3, 1),            \
-                          &t2, GETBYTE(s0, 1), &t3, GETBYTE(s1, 1));           \
-    XorTable_Multi(Te[3], &t0, GETBYTE(s3, 0), &t1, GETBYTE(s0, 0),            \
-                          &t2, GETBYTE(s1, 0), &t3, GETBYTE(s2, 0));           \
-    t0 ^= rk[(o)+4]; t1 ^= rk[(o)+5]; t2 ^= rk[(o)+6]; t3 ^= rk[(o)+7];
-
-#define ENC_ROUND_S_T(o)                                                       \
-    GetTable_Multi(Te[0], &s0, GETBYTE(t0, 3), &s1, GETBYTE(t1, 3),            \
-                          &s2, GETBYTE(t2, 3), &s3, GETBYTE(t3, 3));           \
-    XorTable_Multi(Te[1], &s0, GETBYTE(t1, 2), &s1, GETBYTE(t2, 2),            \
-                          &s2, GETBYTE(t3, 2), &s3, GETBYTE(t0, 2));           \
-    XorTable_Multi(Te[2], &s0, GETBYTE(t2, 1), &s1, GETBYTE(t3, 1),            \
-                          &s2, GETBYTE(t0, 1), &s3, GETBYTE(t1, 1));           \
-    XorTable_Multi(Te[3], &s0, GETBYTE(t3, 0), &s1, GETBYTE(t0, 0),            \
-                          &s2, GETBYTE(t1, 0), &s3, GETBYTE(t2, 0));           \
-    s0 ^= rk[(o)+0]; s1 ^= rk[(o)+1]; s2 ^= rk[(o)+2]; s3 ^= rk[(o)+3];
-#endif
-
-#ifndef WOLFSSL_AES_NO_UNROLL
-/* Unroll the loop. */
-                       ENC_ROUND_T_S( 0);
-    ENC_ROUND_S_T( 8); ENC_ROUND_T_S( 8);
-    ENC_ROUND_S_T(16); ENC_ROUND_T_S(16);
-    ENC_ROUND_S_T(24); ENC_ROUND_T_S(24);
-    ENC_ROUND_S_T(32); ENC_ROUND_T_S(32);
-    if (r > 5) {
-        ENC_ROUND_S_T(40); ENC_ROUND_T_S(40);
-        if (r > 6) {
-            ENC_ROUND_S_T(48); ENC_ROUND_T_S(48);
-        }
-    }
-    rk += r * 8;
-#else
-    /*
-     * Nr - 1 full rounds:
-     */
-
-    for (;;) {
-        ENC_ROUND_T_S(0);
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        ENC_ROUND_S_T(0);
-    }
-#endif
-
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-
-#ifndef WOLFSSL_AES_TOUCH_LINES
-    s0 =
-        (GetTable(Te[2], GETBYTE(t0, 3)) & 0xff000000) ^
-        (GetTable(Te[3], GETBYTE(t1, 2)) & 0x00ff0000) ^
-        (GetTable(Te[0], GETBYTE(t2, 1)) & 0x0000ff00) ^
-        (GetTable(Te[1], GETBYTE(t3, 0)) & 0x000000ff) ^
-        rk[0];
-    s1 =
-        (GetTable(Te[2], GETBYTE(t1, 3)) & 0xff000000) ^
-        (GetTable(Te[3], GETBYTE(t2, 2)) & 0x00ff0000) ^
-        (GetTable(Te[0], GETBYTE(t3, 1)) & 0x0000ff00) ^
-        (GetTable(Te[1], GETBYTE(t0, 0)) & 0x000000ff) ^
-        rk[1];
-    s2 =
-        (GetTable(Te[2], GETBYTE(t2, 3)) & 0xff000000) ^
-        (GetTable(Te[3], GETBYTE(t3, 2)) & 0x00ff0000) ^
-        (GetTable(Te[0], GETBYTE(t0, 1)) & 0x0000ff00) ^
-        (GetTable(Te[1], GETBYTE(t1, 0)) & 0x000000ff) ^
-        rk[2];
-    s3 =
-        (GetTable(Te[2], GETBYTE(t3, 3)) & 0xff000000) ^
-        (GetTable(Te[3], GETBYTE(t0, 2)) & 0x00ff0000) ^
-        (GetTable(Te[0], GETBYTE(t1, 1)) & 0x0000ff00) ^
-        (GetTable(Te[1], GETBYTE(t2, 0)) & 0x000000ff) ^
-        rk[3];
-#else
-{
-    word32 u0;
-    word32 u1;
-    word32 u2;
-    word32 u3;
-
-    s0 = rk[0]; s1 = rk[1]; s2 = rk[2]; s3 = rk[3];
-    GetTable_Multi(Te[2], &u0, GETBYTE(t0, 3), &u1, GETBYTE(t1, 3),
-                          &u2, GETBYTE(t2, 3), &u3, GETBYTE(t3, 3));
-    s0 ^= u0 & 0xff000000; s1 ^= u1 & 0xff000000;
-    s2 ^= u2 & 0xff000000; s3 ^= u3 & 0xff000000;
-    GetTable_Multi(Te[3], &u0, GETBYTE(t1, 2), &u1, GETBYTE(t2, 2),
-                          &u2, GETBYTE(t3, 2), &u3, GETBYTE(t0, 2));
-    s0 ^= u0 & 0x00ff0000; s1 ^= u1 & 0x00ff0000;
-    s2 ^= u2 & 0x00ff0000; s3 ^= u3 & 0x00ff0000;
-    GetTable_Multi(Te[0], &u0, GETBYTE(t2, 1), &u1, GETBYTE(t3, 1),
-                          &u2, GETBYTE(t0, 1), &u3, GETBYTE(t1, 1));
-    s0 ^= u0 & 0x0000ff00; s1 ^= u1 & 0x0000ff00;
-    s2 ^= u2 & 0x0000ff00; s3 ^= u3 & 0x0000ff00;
-    GetTable_Multi(Te[1], &u0, GETBYTE(t3, 0), &u1, GETBYTE(t0, 0),
-                          &u2, GETBYTE(t1, 0), &u3, GETBYTE(t2, 0));
-    s0 ^= u0 & 0x000000ff; s1 ^= u1 & 0x000000ff;
-    s2 ^= u2 & 0x000000ff; s3 ^= u3 & 0x000000ff;
-}
-#endif
-#else
-#ifndef WC_NO_CACHE_RESISTANT
-    s0 |= PreFetchSBox();
-#endif
-
-    r *= 2;
-    /* Two rounds at a time */
-    for (rk += 4; r > 1; r--, rk += 4) {
-        t0 =
-            ((word32)GetTable8(Tsbox, GETBYTE(s0, 3)) << 24) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s1, 2)) << 16) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s2, 1)) <<  8) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s3, 0)));
-        t1 =
-            ((word32)GetTable8(Tsbox, GETBYTE(s1, 3)) << 24) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s2, 2)) << 16) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s3, 1)) <<  8) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s0, 0)));
-        t2 =
-            ((word32)GetTable8(Tsbox, GETBYTE(s2, 3)) << 24) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s3, 2)) << 16) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s0, 1)) <<  8) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s1, 0)));
-        t3 =
-            ((word32)GetTable8(Tsbox, GETBYTE(s3, 3)) << 24) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s0, 2)) << 16) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s1, 1)) <<  8) ^
-            ((word32)GetTable8(Tsbox, GETBYTE(s2, 0)));
-
-        s0 =
-            (col_mul(t0, 3, 2, 0, 1) << 24) ^
-            (col_mul(t0, 2, 1, 0, 3) << 16) ^
-            (col_mul(t0, 1, 0, 2, 3) <<  8) ^
-            (col_mul(t0, 0, 3, 2, 1)      ) ^
-            rk[0];
-        s1 =
-            (col_mul(t1, 3, 2, 0, 1) << 24) ^
-            (col_mul(t1, 2, 1, 0, 3) << 16) ^
-            (col_mul(t1, 1, 0, 2, 3) <<  8) ^
-            (col_mul(t1, 0, 3, 2, 1)      ) ^
-            rk[1];
-        s2 =
-            (col_mul(t2, 3, 2, 0, 1) << 24) ^
-            (col_mul(t2, 2, 1, 0, 3) << 16) ^
-            (col_mul(t2, 1, 0, 2, 3) <<  8) ^
-            (col_mul(t2, 0, 3, 2, 1)      ) ^
-            rk[2];
-        s3 =
-            (col_mul(t3, 3, 2, 0, 1) << 24) ^
-            (col_mul(t3, 2, 1, 0, 3) << 16) ^
-            (col_mul(t3, 1, 0, 2, 3) <<  8) ^
-            (col_mul(t3, 0, 3, 2, 1)      ) ^
-            rk[3];
-    }
-
-    t0 =
-        ((word32)GetTable8(Tsbox, GETBYTE(s0, 3)) << 24) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s1, 2)) << 16) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s2, 1)) <<  8) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s3, 0)));
-    t1 =
-        ((word32)GetTable8(Tsbox, GETBYTE(s1, 3)) << 24) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s2, 2)) << 16) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s3, 1)) <<  8) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s0, 0)));
-    t2 =
-        ((word32)GetTable8(Tsbox, GETBYTE(s2, 3)) << 24) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s3, 2)) << 16) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s0, 1)) <<  8) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s1, 0)));
-    t3 =
-        ((word32)GetTable8(Tsbox, GETBYTE(s3, 3)) << 24) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s0, 2)) << 16) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s1, 1)) <<  8) ^
-        ((word32)GetTable8(Tsbox, GETBYTE(s2, 0)));
-    s0 = t0 ^ rk[0];
-    s1 = t1 ^ rk[1];
-    s2 = t2 ^ rk[2];
-    s3 = t3 ^ rk[3];
-#endif
-
-    /* write out */
-#ifdef LITTLE_ENDIAN_ORDER
-    s0 = ByteReverseWord32(s0);
-    s1 = ByteReverseWord32(s1);
-    s2 = ByteReverseWord32(s2);
-    s3 = ByteReverseWord32(s3);
-#endif
-
-    XMEMCPY(outBlock,                  &s0, sizeof(s0));
-    XMEMCPY(outBlock +     sizeof(s0), &s1, sizeof(s1));
-    XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
-    XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
-}
-
-#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
-    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM)) && \
-    !defined(MAX3266X_AES)
-#if !defined(WOLFSSL_ARMASM) || defined(__aarch64__)
-/* Encrypt a number of blocks using AES.
- *
- * @param [in]  aes  AES object.
- * @param [in]  in   Block to encrypt.
- * @param [out] out  Encrypted block.
- * @param [in]  sz   Number of blocks to encrypt.
- */
-static void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
-{
-    word32 i;
-
-    for (i = 0; i < sz; i += WC_AES_BLOCK_SIZE) {
-        AesEncrypt_C(aes, in, out, aes->rounds >> 1);
-        in += WC_AES_BLOCK_SIZE;
-        out += WC_AES_BLOCK_SIZE;
-    }
-}
-#endif
-#endif
-#else
-extern void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
-        word32 r);
-extern void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz);
-#endif /* HAVE_CUDA */
-
-#else
-
-/* Bit-sliced implementation based on work by "circuit minimization team" (CMT):
- *   http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html
- */
-/* http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/SLP_AES_113.txt */
-static void bs_sub_bytes(bs_word u[8])
-{
-    bs_word y1, y2, y3, y4, y5, y6, y7, y8, y9;
-    bs_word y10, y11, y12, y13, y14, y15, y16, y17, y18, y19;
-    bs_word y20, y21;
-    bs_word t0, t1, t2, t3, t4, t5, t6, t7, t8, t9;
-    bs_word t10, t11, t12, t13, t14, t15, t16, t17, t18, t19;
-    bs_word t20, t21, t22, t23, t24, t25, t26, t27, t28, t29;
-    bs_word t30, t31, t32, t33, t34, t35, t36, t37, t38, t39;
-    bs_word t40, t41, t42, t43, t44, t45;
-    bs_word z0, z1, z2, z3, z4, z5, z6, z7, z8, z9;
-    bs_word z10, z11, z12, z13, z14, z15, z16, z17;
-    bs_word tc1, tc2, tc3, tc4, tc5, tc6, tc7, tc8, tc9;
-    bs_word tc10, tc11, tc12, tc13, tc14, tc16, tc17, tc18;
-    bs_word tc20, tc21, tc26;
-    bs_word U0, U1, U2, U3, U4, U5, U6, U7;
-    bs_word S0, S1, S2, S3, S4, S5, S6, S7;
-
-    U0 = u[7];
-    U1 = u[6];
-    U2 = u[5];
-    U3 = u[4];
-    U4 = u[3];
-    U5 = u[2];
-    U6 = u[1];
-    U7 = u[0];
-
-    y14 = U3 ^ U5;
-    y13 = U0 ^ U6;
-    y9 = U0 ^ U3;
-    y8 = U0 ^ U5;
-    t0 = U1 ^ U2;
-    y1 = t0 ^ U7;
-    y4 = y1 ^ U3;
-    y12 = y13 ^ y14;
-    y2 = y1 ^ U0;
-    y5 = y1 ^ U6;
-    y3 = y5 ^ y8;
-    t1 = U4 ^ y12;
-    y15 = t1 ^ U5;
-    y20 = t1 ^ U1;
-    y6 = y15 ^ U7;
-    y10 = y15 ^ t0;
-    y11 = y20 ^ y9;
-    y7 = U7 ^ y11;
-    y17 = y10 ^ y11;
-    y19 = y10 ^ y8;
-    y16 = t0 ^ y11;
-    y21 = y13 ^ y16;
-    y18 = U0 ^ y16;
-    t2 = y12 & y15;
-    t3 = y3 & y6;
-    t4 = t3 ^ t2;
-    t5 = y4 & U7;
-    t6 = t5 ^ t2;
-    t7 = y13 & y16;
-    t8 = y5 & y1;
-    t9 = t8 ^ t7;
-    t10 = y2 & y7;
-    t11 = t10 ^ t7;
-    t12 = y9 & y11;
-    t13 = y14 & y17;
-    t14 = t13 ^ t12;
-    t15 = y8 & y10;
-    t16 = t15 ^ t12;
-    t17 = t4 ^ y20;
-    t18 = t6 ^ t16;
-    t19 = t9 ^ t14;
-    t20 = t11 ^ t16;
-    t21 = t17 ^ t14;
-    t22 = t18 ^ y19;
-    t23 = t19 ^ y21;
-    t24 = t20 ^ y18;
-    t25 = t21 ^ t22;
-    t26 = t21 & t23;
-    t27 = t24 ^ t26;
-    t28 = t25 & t27;
-    t29 = t28 ^ t22;
-    t30 = t23 ^ t24;
-    t31 = t22 ^ t26;
-    t32 = t31 & t30;
-    t33 = t32 ^ t24;
-    t34 = t23 ^ t33;
-    t35 = t27 ^ t33;
-    t36 = t24 & t35;
-    t37 = t36 ^ t34;
-    t38 = t27 ^ t36;
-    t39 = t29 & t38;
-    t40 = t25 ^ t39;
-    t41 = t40 ^ t37;
-    t42 = t29 ^ t33;
-    t43 = t29 ^ t40;
-    t44 = t33 ^ t37;
-    t45 = t42 ^ t41;
-    z0 = t44 & y15;
-    z1 = t37 & y6;
-    z2 = t33 & U7;
-    z3 = t43 & y16;
-    z4 = t40 & y1;
-    z5 = t29 & y7;
-    z6 = t42 & y11;
-    z7 = t45 & y17;
-    z8 = t41 & y10;
-    z9 = t44 & y12;
-    z10 = t37 & y3;
-    z11 = t33 & y4;
-    z12 = t43 & y13;
-    z13 = t40 & y5;
-    z14 = t29 & y2;
-    z15 = t42 & y9;
-    z16 = t45 & y14;
-    z17 = t41 & y8;
-    tc1 = z15 ^ z16;
-    tc2 = z10 ^ tc1;
-    tc3 = z9 ^ tc2;
-    tc4 = z0 ^ z2;
-    tc5 = z1 ^ z0;
-    tc6 = z3 ^ z4;
-    tc7 = z12 ^ tc4;
-    tc8 = z7 ^ tc6;
-    tc9 = z8 ^ tc7;
-    tc10 = tc8 ^ tc9;
-    tc11 = tc6 ^ tc5;
-    tc12 = z3 ^ z5;
-    tc13 = z13 ^ tc1;
-    tc14 = tc4 ^ tc12;
-    S3 = tc3 ^ tc11;
-    tc16 = z6 ^ tc8;
-    tc17 = z14 ^ tc10;
-    tc18 = tc13 ^ tc14;
-    S7 = ~(z12 ^ tc18);
-    tc20 = z15 ^ tc16;
-    tc21 = tc2 ^ z11;
-    S0 = tc3 ^ tc16;
-    S6 = ~(tc10 ^ tc18);
-    S4 = tc14 ^ S3;
-    S1 = ~(S3 ^ tc16);
-    tc26 = tc17 ^ tc20;
-    S2 = ~(tc26 ^ z17);
-    S5 = tc21 ^ tc17;
-
-    u[0] = S7;
-    u[1] = S6;
-    u[2] = S5;
-    u[3] = S4;
-    u[4] = S3;
-    u[5] = S2;
-    u[6] = S1;
-    u[7] = S0;
-}
-
-#define BS_MASK_BIT_SET(w, j, bmask) \
-    (((bs_word)0 - (((w) >> (j)) & (bs_word)1)) & (bmask))
-
-#define BS_TRANS_8(t, o, w, bmask, s)                   \
-    t[o + s + 0] |= BS_MASK_BIT_SET(w, s + 0, bmask);   \
-    t[o + s + 1] |= BS_MASK_BIT_SET(w, s + 1, bmask);   \
-    t[o + s + 2] |= BS_MASK_BIT_SET(w, s + 2, bmask);   \
-    t[o + s + 3] |= BS_MASK_BIT_SET(w, s + 3, bmask);   \
-    t[o + s + 4] |= BS_MASK_BIT_SET(w, s + 4, bmask);   \
-    t[o + s + 5] |= BS_MASK_BIT_SET(w, s + 5, bmask);   \
-    t[o + s + 6] |= BS_MASK_BIT_SET(w, s + 6, bmask);   \
-    t[o + s + 7] |= BS_MASK_BIT_SET(w, s + 7, bmask)
-
-static void bs_transpose(bs_word* t, bs_word* blocks)
-{
-    bs_word bmask = 1;
-    int i;
-
-    XMEMSET(t, 0, sizeof(bs_word) * AES_BLOCK_BITS);
-
-    for (i = 0; i < BS_WORD_SIZE; i++) {
-        int j;
-        int o = 0;
-        for (j = 0; j < BS_BLOCK_WORDS; j++) {
-        #ifdef LITTLE_ENDIAN_ORDER
-            bs_word w = blocks[i * BS_BLOCK_WORDS + j];
-        #else
-            bs_word w = bs_bswap(blocks[i * BS_BLOCK_WORDS + j]);
-        #endif
-    #ifdef WOLFSSL_AES_NO_UNROLL
-            int k;
-            for (k = 0; k < BS_WORD_SIZE; k++) {
-                t[o + k] |= BS_MASK_BIT_SET(w, k, bmask);
-            }
-    #else
-            BS_TRANS_8(t, o, w, bmask,  0);
-        #if BS_WORD_SIZE >= 16
-            BS_TRANS_8(t, o, w, bmask,  8);
-        #endif
-        #if BS_WORD_SIZE >= 32
-            BS_TRANS_8(t, o, w, bmask, 16);
-            BS_TRANS_8(t, o, w, bmask, 24);
-        #endif
-        #if BS_WORD_SIZE >= 64
-            BS_TRANS_8(t, o, w, bmask, 32);
-            BS_TRANS_8(t, o, w, bmask, 40);
-            BS_TRANS_8(t, o, w, bmask, 48);
-            BS_TRANS_8(t, o, w, bmask, 56);
-        #endif
-    #endif
-            o += BS_WORD_SIZE;
-        }
-        bmask <<= 1;
-    }
-}
-
-#define BS_INV_TRANS_8(t, o, w, bmask, s)                                   \
-    t[o + (s + 0) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 0, bmask);    \
-    t[o + (s + 1) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 1, bmask);    \
-    t[o + (s + 2) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 2, bmask);    \
-    t[o + (s + 3) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 3, bmask);    \
-    t[o + (s + 4) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 4, bmask);    \
-    t[o + (s + 5) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 5, bmask);    \
-    t[o + (s + 6) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 6, bmask);    \
-    t[o + (s + 7) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 7, bmask)
-
-static void bs_inv_transpose(bs_word* t, bs_word* blocks)
-{
-    int o;
-
-    XMEMSET(t, 0, sizeof(bs_word) * AES_BLOCK_BITS);
-
-    for (o = 0; o < BS_BLOCK_WORDS; o++) {
-        int i;
-        for (i = 0; i < BS_WORD_SIZE; i++) {
-        #ifdef LITTLE_ENDIAN_ORDER
-            bs_word bmask = (bs_word)1 << i;
-        #else
-            bs_word bmask = bs_bswap((bs_word)1 << i);
-        #endif
-            bs_word w = blocks[(o << BS_WORD_SHIFT) + i];
-    #ifdef WOLFSSL_AES_NO_UNROLL
-            int j;
-            for (j = 0; j < BS_WORD_SIZE; j++) {
-                t[j * BS_BLOCK_WORDS + o] |= BS_MASK_BIT_SET(w, j, bmask);
-            }
-    #else
-            BS_INV_TRANS_8(t, o, w, bmask, 0);
-        #if BS_WORD_SIZE >= 16
-            BS_INV_TRANS_8(t, o, w, bmask, 8);
-        #endif
-        #if BS_WORD_SIZE >= 32
-            BS_INV_TRANS_8(t, o, w, bmask, 16);
-            BS_INV_TRANS_8(t, o, w, bmask, 24);
-        #endif
-        #if BS_WORD_SIZE >= 64
-            BS_INV_TRANS_8(t, o, w, bmask, 32);
-            BS_INV_TRANS_8(t, o, w, bmask, 40);
-            BS_INV_TRANS_8(t, o, w, bmask, 48);
-            BS_INV_TRANS_8(t, o, w, bmask, 56);
-        #endif
-    #endif
-        }
-    }
-}
-
-#define BS_ROW_OFF_0    0
-#define BS_ROW_OFF_1    32
-#define BS_ROW_OFF_2    64
-#define BS_ROW_OFF_3    96
-
-#define BS_ROW_ADD      (AES_BLOCK_BITS / 16 + AES_BLOCK_BITS / 4)
-#define BS_IDX_MASK     0x7f
-
-#define BS_ASSIGN_8(d, od, s, os)   \
-    d[(od) + 0] = s[(os) + 0];      \
-    d[(od) + 1] = s[(os) + 1];      \
-    d[(od) + 2] = s[(os) + 2];      \
-    d[(od) + 3] = s[(os) + 3];      \
-    d[(od) + 4] = s[(os) + 4];      \
-    d[(od) + 5] = s[(os) + 5];      \
-    d[(od) + 6] = s[(os) + 6];      \
-    d[(od) + 7] = s[(os) + 7]
-
-static void bs_shift_rows(bs_word* t, bs_word* b)
-{
-    int i;
-
-    for (i = 0; i < 128; i += 32) {
-        BS_ASSIGN_8(t, i +  0, b, (  0 + i) & BS_IDX_MASK);
-        BS_ASSIGN_8(t, i +  8, b, ( 40 + i) & BS_IDX_MASK);
-        BS_ASSIGN_8(t, i + 16, b, ( 80 + i) & BS_IDX_MASK);
-        BS_ASSIGN_8(t, i + 24, b, (120 + i) & BS_IDX_MASK);
-    }
-}
-
-#define BS_SHIFT_OFF_0  0
-#define BS_SHIFT_OFF_1  8
-#define BS_SHIFT_OFF_2  16
-#define BS_SHIFT_OFF_3  24
-
-/* Shift rows and mix columns.
- * See: See https://eprint.iacr.org/2009/129.pdf - Appendix A
- */
-
-#define BS_SHIFT_MIX_8(t, o, br0, br1, br2, br3, of)                \
-        of      = br0[7] ^ br1[7];                                  \
-        t[o+0] =                   br1[0] ^ br2[0] ^ br3[0] ^ of;   \
-        t[o+1] = br0[0] ^ br1[0] ^ br1[1] ^ br2[1] ^ br3[1] ^ of;   \
-        t[o+2] = br0[1] ^ br1[1] ^ br1[2] ^ br2[2] ^ br3[2];        \
-        t[o+3] = br0[2] ^ br1[2] ^ br1[3] ^ br2[3] ^ br3[3] ^ of;   \
-        t[o+4] = br0[3] ^ br1[3] ^ br1[4] ^ br2[4] ^ br3[4] ^ of;   \
-        t[o+5] = br0[4] ^ br1[4] ^ br1[5] ^ br2[5] ^ br3[5];        \
-        t[o+6] = br0[5] ^ br1[5] ^ br1[6] ^ br2[6] ^ br3[6];        \
-        t[o+7] = br0[6] ^ br1[6] ^ br1[7] ^ br2[7] ^ br3[7]
-
-static void bs_shift_mix(bs_word* t, bs_word* b)
-{
-    int i;
-    word8 or0 = BS_ROW_OFF_0 + BS_SHIFT_OFF_0;
-    word8 or1 = BS_ROW_OFF_1 + BS_SHIFT_OFF_1;
-    word8 or2 = BS_ROW_OFF_2 + BS_SHIFT_OFF_2;
-    word8 or3 = BS_ROW_OFF_3 + BS_SHIFT_OFF_3;
-
-    for (i = 0; i < AES_BLOCK_BITS; i += AES_BLOCK_BITS / 4) {
-        bs_word* br0 = b + or0;
-        bs_word* br1 = b + or1;
-        bs_word* br2 = b + or2;
-        bs_word* br3 = b + or3;
-        bs_word of;
-
-        BS_SHIFT_MIX_8(t, i +  0, br0, br1, br2, br3, of);
-        BS_SHIFT_MIX_8(t, i +  8, br1, br2, br3, br0, of);
-        BS_SHIFT_MIX_8(t, i + 16, br2, br3, br0, br1, of);
-        BS_SHIFT_MIX_8(t, i + 24, br3, br0, br1, br2, of);
-
-        or0 = (or0 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-        or1 = (or1 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-        or2 = (or2 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-        or3 = (or3 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-    }
-}
-
-static void bs_add_round_key(bs_word* out, bs_word* b, bs_word* rk)
-{
-    xorbufout((byte*)out, (byte*)b, (byte*)rk, BS_BLOCK_SIZE);
-}
-
-static void bs_sub_bytes_blocks(bs_word* b)
-{
-    int i;
-
-    for (i = 0; i < AES_BLOCK_BITS; i += 8) {
-        bs_sub_bytes(b + i);
-    }
-}
-
-static const FLASH_QUALIFIER byte bs_rcon[] = {
-    0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36,
-    /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-static void bs_ke_sub_bytes(unsigned char* out, unsigned char *in) {
-    bs_word block[AES_BLOCK_BITS];
-    bs_word trans[AES_BLOCK_BITS];
-
-    XMEMSET(block, 0, sizeof(block));
-    XMEMCPY(block, in, 4);
-
-    bs_transpose(trans, block);
-    bs_sub_bytes_blocks(trans);
-    bs_inv_transpose(block, trans);
-
-    XMEMCPY(out, block, 4);
-}
-
-static void bs_ke_transform(unsigned char* out, unsigned char *in, word8 i) {
-    /* Rotate the input 8 bits to the left */
-#ifdef LITTLE_ENDIAN_ORDER
-    *(word32*)out = rotrFixed(*(word32*)in, 8);
-#else
-    *(word32*)out = rotlFixed(*(word32*)in, 8);
-#endif
-    bs_ke_sub_bytes(out, out);
-    /* On just the first byte, add 2^i to the byte */
-    out[0] ^= bs_rcon[i];
-}
-
-static void bs_expand_key(unsigned char *in, word32 sz) {
-    unsigned char t[4];
-    word32 o;
-    word8 i = 0;
-
-    if (sz == 176) {
-        /* Total of 11 rounds - AES-128. */
-        for (o = 16; o < sz; o += 16) {
-            bs_ke_transform(t, in + o - 4, i);
-            i++;
-            *(word32*)(in + o +  0) = *(word32*)(in + o - 16) ^
-                                      *(word32*) t;
-            *(word32*)(in + o +  4) = *(word32*)(in + o - 12) ^
-                                      *(word32*)(in + o +  0);
-            *(word32*)(in + o +  8) = *(word32*)(in + o -  8) ^
-                                      *(word32*)(in + o +  4);
-            *(word32*)(in + o + 12) = *(word32*)(in + o -  4) ^
-                                      *(word32*)(in + o +  8);
-        }
-    }
-    else if (sz == 208) {
-        /* Total of 13 rounds - AES-192. */
-        for (o = 24; o < sz; o += 24) {
-            bs_ke_transform(t, in + o - 4, i);
-            i++;
-            *(word32*)(in + o +  0) = *(word32*)(in + o - 24) ^
-                                      *(word32*) t;
-            *(word32*)(in + o +  4) = *(word32*)(in + o - 20) ^
-                                      *(word32*)(in + o +  0);
-            *(word32*)(in + o +  8) = *(word32*)(in + o - 16) ^
-                                      *(word32*)(in + o +  4);
-            *(word32*)(in + o + 12) = *(word32*)(in + o - 12) ^
-                                      *(word32*)(in + o +  8);
-            *(word32*)(in + o + 16) = *(word32*)(in + o -  8) ^
-                                      *(word32*)(in + o + 12);
-            *(word32*)(in + o + 20) = *(word32*)(in + o -  4) ^
-                                      *(word32*)(in + o + 16);
-        }
-    }
-    else if (sz == 240) {
-        /* Total of 15 rounds - AES-256. */
-        for (o = 32; o < sz; o += 16) {
-            if ((o & 0x1f) == 0) {
-                bs_ke_transform(t, in + o - 4, i);
-                i++;
-            }
-            else {
-                bs_ke_sub_bytes(t, in + o - 4);
-            }
-            *(word32*)(in + o +  0) = *(word32*)(in + o - 32) ^
-                                      *(word32*) t;
-            *(word32*)(in + o +  4) = *(word32*)(in + o - 28) ^
-                                      *(word32*)(in + o +  0);
-            *(word32*)(in + o +  8) = *(word32*)(in + o - 24) ^
-                                      *(word32*)(in + o +  4);
-            *(word32*)(in + o + 12) = *(word32*)(in + o - 20) ^
-                                      *(word32*)(in + o +  8);
-        }
-    }
-}
-
-static void bs_set_key(bs_word* rk, const byte* key, word32 keyLen,
-    word32 rounds)
-{
-    int i;
-    byte bs_key[15 * WC_AES_BLOCK_SIZE];
-    int ksSz = (rounds + 1) * WC_AES_BLOCK_SIZE;
-    bs_word block[AES_BLOCK_BITS];
-
-    /* Fist round. */
-    XMEMCPY(bs_key, key, keyLen);
-    bs_expand_key(bs_key, ksSz);
-
-    for (i = 0; i < ksSz; i += WC_AES_BLOCK_SIZE) {
-        int k;
-
-        XMEMCPY(block, bs_key + i, WC_AES_BLOCK_SIZE);
-        for (k = BS_BLOCK_WORDS; k < AES_BLOCK_BITS; k += BS_BLOCK_WORDS) {
-            int l;
-            for (l = 0; l < BS_BLOCK_WORDS; l++) {
-                block[k + l] = block[l];
-            }
-        }
-        bs_transpose(rk, block);
-        rk += AES_BLOCK_BITS;
-    }
-}
-
-static void bs_encrypt(bs_word* state, bs_word* rk, word32 r)
-{
-    word32 i;
-    bs_word trans[AES_BLOCK_BITS];
-
-    bs_transpose(trans, state);
-
-    bs_add_round_key(trans, trans, rk);
-    for (i = 1; i < r; i++) {
-        bs_sub_bytes_blocks(trans);
-        bs_shift_mix(state, trans);
-        rk += AES_BLOCK_BITS;
-        bs_add_round_key(trans, state, rk);
-    }
-    bs_sub_bytes_blocks(trans);
-    bs_shift_rows(state, trans);
-    rk += AES_BLOCK_BITS;
-    bs_add_round_key(trans, state, rk);
-    bs_inv_transpose(state, trans);
-}
-
-#ifndef HAVE_CUDA
-/* Encrypt a block using AES.
- *
- * @param [in]  aes       AES object.
- * @param [in]  inBlock   Block to encrypt.
- * @param [out] outBlock  Encrypted block.
- * @param [in]  r         Rounds divided by 2.
- */
-static void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
-        word32 r)
-{
-    bs_word state[AES_BLOCK_BITS];
-
-    (void)r;
-
-    XMEMCPY(state, inBlock, WC_AES_BLOCK_SIZE);
-    XMEMSET(((byte*)state) + WC_AES_BLOCK_SIZE, 0, sizeof(state) - WC_AES_BLOCK_SIZE);
-
-    bs_encrypt(state, aes->bs_key, aes->rounds);
-
-    XMEMCPY(outBlock, state, WC_AES_BLOCK_SIZE);
-}
-
-#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
-    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
-/* Encrypt a number of blocks using AES.
- *
- * @param [in]  aes  AES object.
- * @param [in]  in   Block to encrypt.
- * @param [out] out  Encrypted block.
- * @param [in]  sz   Number of blocks to encrypt.
- */
-static void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
-{
-    bs_word state[AES_BLOCK_BITS];
-
-    while (sz >= BS_BLOCK_SIZE) {
-        XMEMCPY(state, in, BS_BLOCK_SIZE);
-        bs_encrypt(state, aes->bs_key, aes->rounds);
-        XMEMCPY(out, state, BS_BLOCK_SIZE);
-        sz  -= BS_BLOCK_SIZE;
-        in  += BS_BLOCK_SIZE;
-        out += BS_BLOCK_SIZE;
-    }
-    if (sz > 0) {
-        XMEMCPY(state, in, sz);
-        XMEMSET(((byte*)state) + sz, 0, sizeof(state) - sz);
-        bs_encrypt(state, aes->bs_key, aes->rounds);
-        XMEMCPY(out, state, sz);
-    }
-}
-#endif
-#else
-extern void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
-        word32 r);
-extern void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz);
-#endif /* HAVE_CUDA */
-
-#endif /* !WC_AES_BITSLICED */
-
-/* this section disabled with NO_AES_192 */
-/* calling this one when missing NO_AES_192  */
-static WARN_UNUSED_RESULT int wc_AesEncrypt(
-    Aes* aes, const byte* inBlock, byte* outBlock)
-{
-#if defined(MAX3266X_AES)
-    word32 keySize;
-#endif
-#if defined(MAX3266X_CB)
-    int ret_cb;
-#endif
-    word32 r;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-    {
-        int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-    }
-#endif
-
-    r = aes->rounds >> 1;
-
-    if (r > 7 || r == 0) {
-        WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
-        return KEYUSAGE_E;
-    }
-
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        ASSERT_SAVED_VECTOR_REGISTERS();
-
-        #ifdef DEBUG_AESNI
-            printf("about to aes encrypt\n");
-            printf("in  = %p\n", inBlock);
-            printf("out = %p\n", outBlock);
-            printf("aes->key = %p\n", aes->key);
-            printf("aes->rounds = %d\n", aes->rounds);
-            printf("sz = %d\n", WC_AES_BLOCK_SIZE);
-        #endif
-
-        /* check alignment, decrypt doesn't need alignment */
-        if ((wc_ptr_t)inBlock % AESNI_ALIGN) {
-        #ifndef NO_WOLFSSL_ALLOC_ALIGN
-            byte* tmp = (byte*)XMALLOC(WC_AES_BLOCK_SIZE + AESNI_ALIGN, aes->heap,
-                                                      DYNAMIC_TYPE_TMP_BUFFER);
-            byte* tmp_align;
-            if (tmp == NULL)
-                return MEMORY_E;
-
-            tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
-
-            XMEMCPY(tmp_align, inBlock, WC_AES_BLOCK_SIZE);
-            AES_ECB_encrypt_AESNI(tmp_align, tmp_align, WC_AES_BLOCK_SIZE,
-                    (byte*)aes->key, (int)aes->rounds);
-            XMEMCPY(outBlock, tmp_align, WC_AES_BLOCK_SIZE);
-            XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return 0;
-        #else
-            WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
-            WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
-            return BAD_ALIGN_E;
-        #endif
-        }
-
-        AES_ECB_encrypt_AESNI(inBlock, outBlock, WC_AES_BLOCK_SIZE, (byte*)aes->key,
-                        (int)aes->rounds);
-
-        return 0;
-    }
-    else {
-        #ifdef DEBUG_AESNI
-            printf("Skipping AES-NI\n");
-        #endif
-    }
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto) {
-        AES_encrypt_AARCH64(inBlock, outBlock, (byte*)aes->key,
-            (int)aes->rounds);
-        return 0;
-    }
-#elif !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_encrypt_AARCH32(inBlock, outBlock, (byte*)aes->key, (int)aes->rounds);
-#else
-    AES_ECB_encrypt(inBlock, outBlock, WC_AES_BLOCK_SIZE,
-        (const unsigned char*)aes->key, aes->rounds);
-#endif
-    return 0;
-#endif /* WOLFSSL_AESNI */
-#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-    AES_ECB_encrypt(aes, inBlock, outBlock, WC_AES_BLOCK_SIZE);
-    return 0;
-#endif
-
-#if defined(WOLFSSL_IMXRT_DCP)
-    if (aes->keylen == 16) {
-        DCPAesEcbEncrypt(aes, outBlock, inBlock, WC_AES_BLOCK_SIZE);
-        return 0;
-    }
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    if (aes->useSWCrypt == 0) {
-        return se050_aes_crypt(aes, inBlock, outBlock, WC_AES_BLOCK_SIZE,
-                               AES_ENCRYPTION, kAlgorithm_SSS_AES_ECB);
-    }
-#endif
-
-#if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
-    ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
-    if (wc_esp32AesSupportedKeyLen(aes)) {
-        return wc_esp32AesEncrypt(aes, inBlock, outBlock);
-    }
-    else {
-        /* For example, the ESP32-S3 does not support HW for len = 24,
-         * so fall back to SW */
-    #ifdef DEBUG_WOLFSSL
-        ESP_LOGW(TAG, "wc_AesEncrypt HW Falling back, unsupported keylen = %d",
-                      aes->keylen);
-    #endif
-    }
-#endif
-
-#if defined(MAX3266X_AES)
-    if (wc_AesGetKeySize(aes, &keySize) == 0) {
-        return wc_MXC_TPU_AesEncrypt(inBlock, (byte*)aes->reg, (byte*)aes->key,
-                                    MXC_TPU_MODE_ECB, WC_AES_BLOCK_SIZE,
-                                    outBlock, (unsigned int)keySize);
-    }
-#endif
-#if defined(MAX3266X_CB) && defined(HAVE_AES_ECB) /* Can do a basic ECB block */
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        ret_cb = wc_CryptoCb_AesEcbEncrypt(aes, outBlock, inBlock,
-                                            WC_AES_BLOCK_SIZE);
-        if (ret_cb != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret_cb;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    AesEncrypt_C(aes, inBlock, outBlock, r);
-
-    return 0;
-} /* wc_AesEncrypt */
-#endif
-#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT || HAVE_AESGCM */
-
-#if defined(HAVE_AES_DECRYPT)
-#if ((defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) || \
-     defined(HAVE_AES_ECB) || defined(WOLFSSL_AES_DIRECT)) && \
-    (defined(__aarch64__) || !defined(WOLFSSL_ARMASM))
-
-#ifndef WC_AES_BITSLICED
-#ifndef WC_NO_CACHE_RESISTANT
-#ifndef WOLFSSL_AES_SMALL_TABLES
-/* load 4 Td Tables into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd(void)
-{
-    word32 x = 0;
-    int i,j;
-
-    for (i = 0; i < 4; i++) {
-        /* 256 elements, each one is 4 bytes */
-        for (j = 0; j < 256; j += WC_CACHE_LINE_SZ/4) {
-            x &= Td[i][j];
-        }
-    }
-    return x;
-}
-#endif /* !WOLFSSL_AES_SMALL_TABLES */
-
-/* load Td Table4 into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd4(void)
-{
-#ifndef WOLFSSL_AES_TOUCH_LINES
-    word32 x = 0;
-    int i;
-
-    for (i = 0; i < 256; i += WC_CACHE_LINE_SZ) {
-        x &= (word32)Td4[i];
-    }
-    return x;
-#else
-    return 0;
-#endif
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-
-/* Decrypt a block using AES.
- *
- * @param [in]  aes       AES object.
- * @param [in]  inBlock   Block to encrypt.
- * @param [out] outBlock  Encrypted block.
- * @param [in]  r         Rounds divided by 2.
- */
-static void AesDecrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
-    word32 r)
-{
-    word32 s0 = 0, s1 = 0, s2 = 0, s3 = 0;
-    word32 t0 = 0, t1 = 0, t2 = 0, t3 = 0;
-    const word32* rk;
-
-#ifdef WC_C_DYNAMIC_FALLBACK
-    rk = aes->key_C_fallback;
-#else
-    rk = aes->key;
-#endif
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    XMEMCPY(&s0, inBlock,                  sizeof(s0));
-    XMEMCPY(&s1, inBlock + sizeof(s0),     sizeof(s1));
-    XMEMCPY(&s2, inBlock + 2 * sizeof(s0), sizeof(s2));
-    XMEMCPY(&s3, inBlock + 3 * sizeof(s0), sizeof(s3));
-
-#ifdef LITTLE_ENDIAN_ORDER
-    s0 = ByteReverseWord32(s0);
-    s1 = ByteReverseWord32(s1);
-    s2 = ByteReverseWord32(s2);
-    s3 = ByteReverseWord32(s3);
-#endif
-
-    s0 ^= rk[0];
-    s1 ^= rk[1];
-    s2 ^= rk[2];
-    s3 ^= rk[3];
-
-#ifndef WOLFSSL_AES_SMALL_TABLES
-#ifndef WC_NO_CACHE_RESISTANT
-    s0 |= PreFetchTd();
-#endif
-
-#ifndef WOLFSSL_AES_TOUCH_LINES
-/* Unroll the loop. */
-#define DEC_ROUND_T_S(o)                                            \
-    t0 = GetTable(Td[0], GETBYTE(s0, 3)) ^ GetTable(Td[1], GETBYTE(s3, 2)) ^            \
-         GetTable(Td[2], GETBYTE(s2, 1)) ^ GetTable(Td[3], GETBYTE(s1, 0)) ^ rk[(o)+4]; \
-    t1 = GetTable(Td[0], GETBYTE(s1, 3)) ^ GetTable(Td[1], GETBYTE(s0, 2)) ^            \
-         GetTable(Td[2], GETBYTE(s3, 1)) ^ GetTable(Td[3], GETBYTE(s2, 0)) ^ rk[(o)+5]; \
-    t2 = GetTable(Td[0], GETBYTE(s2, 3)) ^ GetTable(Td[1], GETBYTE(s1, 2)) ^            \
-         GetTable(Td[2], GETBYTE(s0, 1)) ^ GetTable(Td[3], GETBYTE(s3, 0)) ^ rk[(o)+6]; \
-    t3 = GetTable(Td[0], GETBYTE(s3, 3)) ^ GetTable(Td[1], GETBYTE(s2, 2)) ^            \
-         GetTable(Td[2], GETBYTE(s1, 1)) ^ GetTable(Td[3], GETBYTE(s0, 0)) ^ rk[(o)+7]
-#define DEC_ROUND_S_T(o)                                            \
-    s0 = GetTable(Td[0], GETBYTE(t0, 3)) ^ GetTable(Td[1], GETBYTE(t3, 2)) ^            \
-         GetTable(Td[2], GETBYTE(t2, 1)) ^ GetTable(Td[3], GETBYTE(t1, 0)) ^ rk[(o)+0]; \
-    s1 = GetTable(Td[0], GETBYTE(t1, 3)) ^ GetTable(Td[1], GETBYTE(t0, 2)) ^            \
-         GetTable(Td[2], GETBYTE(t3, 1)) ^ GetTable(Td[3], GETBYTE(t2, 0)) ^ rk[(o)+1]; \
-    s2 = GetTable(Td[0], GETBYTE(t2, 3)) ^ GetTable(Td[1], GETBYTE(t1, 2)) ^            \
-         GetTable(Td[2], GETBYTE(t0, 1)) ^ GetTable(Td[3], GETBYTE(t3, 0)) ^ rk[(o)+2]; \
-    s3 = GetTable(Td[0], GETBYTE(t3, 3)) ^ GetTable(Td[1], GETBYTE(t2, 2)) ^            \
-         GetTable(Td[2], GETBYTE(t1, 1)) ^ GetTable(Td[3], GETBYTE(t0, 0)) ^ rk[(o)+3]
-#else
-#define DEC_ROUND_T_S(o)                                                       \
-    GetTable_Multi(Td[0], &t0, GETBYTE(s0, 3), &t1, GETBYTE(s1, 3),            \
-                          &t2, GETBYTE(s2, 3), &t3, GETBYTE(s3, 3));           \
-    XorTable_Multi(Td[1], &t0, GETBYTE(s3, 2), &t1, GETBYTE(s0, 2),            \
-                          &t2, GETBYTE(s1, 2), &t3, GETBYTE(s2, 2));           \
-    XorTable_Multi(Td[2], &t0, GETBYTE(s2, 1), &t1, GETBYTE(s3, 1),            \
-                          &t2, GETBYTE(s0, 1), &t3, GETBYTE(s1, 1));           \
-    XorTable_Multi(Td[3], &t0, GETBYTE(s1, 0), &t1, GETBYTE(s2, 0),            \
-                          &t2, GETBYTE(s3, 0), &t3, GETBYTE(s0, 0));           \
-    t0 ^= rk[(o)+4]; t1 ^= rk[(o)+5]; t2 ^= rk[(o)+6]; t3 ^= rk[(o)+7];
-
-#define DEC_ROUND_S_T(o)                                                       \
-    GetTable_Multi(Td[0], &s0, GETBYTE(t0, 3), &s1, GETBYTE(t1, 3),            \
-                          &s2, GETBYTE(t2, 3), &s3, GETBYTE(t3, 3));           \
-    XorTable_Multi(Td[1], &s0, GETBYTE(t3, 2), &s1, GETBYTE(t0, 2),            \
-                          &s2, GETBYTE(t1, 2), &s3, GETBYTE(t2, 2));           \
-    XorTable_Multi(Td[2], &s0, GETBYTE(t2, 1), &s1, GETBYTE(t3, 1),            \
-                          &s2, GETBYTE(t0, 1), &s3, GETBYTE(t1, 1));           \
-    XorTable_Multi(Td[3], &s0, GETBYTE(t1, 0), &s1, GETBYTE(t2, 0),            \
-                          &s2, GETBYTE(t3, 0), &s3, GETBYTE(t0, 0));           \
-    s0 ^= rk[(o)+0]; s1 ^= rk[(o)+1]; s2 ^= rk[(o)+2]; s3 ^= rk[(o)+3];
-#endif
-
-#ifndef WOLFSSL_AES_NO_UNROLL
-                       DEC_ROUND_T_S( 0);
-    DEC_ROUND_S_T( 8); DEC_ROUND_T_S( 8);
-    DEC_ROUND_S_T(16); DEC_ROUND_T_S(16);
-    DEC_ROUND_S_T(24); DEC_ROUND_T_S(24);
-    DEC_ROUND_S_T(32); DEC_ROUND_T_S(32);
-    if (r > 5) {
-        DEC_ROUND_S_T(40); DEC_ROUND_T_S(40);
-        if (r > 6) {
-            DEC_ROUND_S_T(48); DEC_ROUND_T_S(48);
-        }
-    }
-    rk += r * 8;
-#else
-
-    /*
-     * Nr - 1 full rounds:
-     */
-
-    for (;;) {
-        DEC_ROUND_T_S(0);
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        DEC_ROUND_S_T(0);
-    }
-#endif
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-
-#ifndef WC_NO_CACHE_RESISTANT
-    t0 |= PreFetchTd4();
-#endif
-
-    s0 = GetTable8_4(Td4, GETBYTE(t0, 3), GETBYTE(t3, 2),
-                          GETBYTE(t2, 1), GETBYTE(t1, 0)) ^ rk[0];
-    s1 = GetTable8_4(Td4, GETBYTE(t1, 3), GETBYTE(t0, 2),
-                          GETBYTE(t3, 1), GETBYTE(t2, 0)) ^ rk[1];
-    s2 = GetTable8_4(Td4, GETBYTE(t2, 3), GETBYTE(t1, 2),
-                          GETBYTE(t0, 1), GETBYTE(t3, 0)) ^ rk[2];
-    s3 = GetTable8_4(Td4, GETBYTE(t3, 3), GETBYTE(t2, 2),
-                          GETBYTE(t1, 1), GETBYTE(t0, 0)) ^ rk[3];
-#else
-#ifndef WC_NO_CACHE_RESISTANT
-    s0 |= PreFetchTd4();
-#endif
-
-    r *= 2;
-    for (rk += 4; r > 1; r--, rk += 4) {
-        t0 =
-            ((word32)GetTable8(Td4, GETBYTE(s0, 3)) << 24) ^
-            ((word32)GetTable8(Td4, GETBYTE(s3, 2)) << 16) ^
-            ((word32)GetTable8(Td4, GETBYTE(s2, 1)) <<  8) ^
-            ((word32)GetTable8(Td4, GETBYTE(s1, 0))) ^
-            rk[0];
-        t1 =
-            ((word32)GetTable8(Td4, GETBYTE(s1, 3)) << 24) ^
-            ((word32)GetTable8(Td4, GETBYTE(s0, 2)) << 16) ^
-            ((word32)GetTable8(Td4, GETBYTE(s3, 1)) <<  8) ^
-            ((word32)GetTable8(Td4, GETBYTE(s2, 0))) ^
-            rk[1];
-        t2 =
-            ((word32)GetTable8(Td4, GETBYTE(s2, 3)) << 24) ^
-            ((word32)GetTable8(Td4, GETBYTE(s1, 2)) << 16) ^
-            ((word32)GetTable8(Td4, GETBYTE(s0, 1)) <<  8) ^
-            ((word32)GetTable8(Td4, GETBYTE(s3, 0))) ^
-            rk[2];
-        t3 =
-            ((word32)GetTable8(Td4, GETBYTE(s3, 3)) << 24) ^
-            ((word32)GetTable8(Td4, GETBYTE(s2, 2)) << 16) ^
-            ((word32)GetTable8(Td4, GETBYTE(s1, 1)) <<  8) ^
-            ((word32)GetTable8(Td4, GETBYTE(s0, 0))) ^
-            rk[3];
-
-        s0 =
-            (inv_col_mul(t0, 0, 2, 1, 3) << 24) ^
-            (inv_col_mul(t0, 3, 1, 0, 2) << 16) ^
-            (inv_col_mul(t0, 2, 0, 3, 1) <<  8) ^
-            (inv_col_mul(t0, 1, 3, 2, 0)      );
-        s1 =
-            (inv_col_mul(t1, 0, 2, 1, 3) << 24) ^
-            (inv_col_mul(t1, 3, 1, 0, 2) << 16) ^
-            (inv_col_mul(t1, 2, 0, 3, 1) <<  8) ^
-            (inv_col_mul(t1, 1, 3, 2, 0)      );
-        s2 =
-            (inv_col_mul(t2, 0, 2, 1, 3) << 24) ^
-            (inv_col_mul(t2, 3, 1, 0, 2) << 16) ^
-            (inv_col_mul(t2, 2, 0, 3, 1) <<  8) ^
-            (inv_col_mul(t2, 1, 3, 2, 0)      );
-        s3 =
-            (inv_col_mul(t3, 0, 2, 1, 3) << 24) ^
-            (inv_col_mul(t3, 3, 1, 0, 2) << 16) ^
-            (inv_col_mul(t3, 2, 0, 3, 1) <<  8) ^
-            (inv_col_mul(t3, 1, 3, 2, 0)      );
-    }
-
-    t0 =
-        ((word32)GetTable8(Td4, GETBYTE(s0, 3)) << 24) ^
-        ((word32)GetTable8(Td4, GETBYTE(s3, 2)) << 16) ^
-        ((word32)GetTable8(Td4, GETBYTE(s2, 1)) <<  8) ^
-        ((word32)GetTable8(Td4, GETBYTE(s1, 0)));
-    t1 =
-        ((word32)GetTable8(Td4, GETBYTE(s1, 3)) << 24) ^
-        ((word32)GetTable8(Td4, GETBYTE(s0, 2)) << 16) ^
-        ((word32)GetTable8(Td4, GETBYTE(s3, 1)) <<  8) ^
-        ((word32)GetTable8(Td4, GETBYTE(s2, 0)));
-    t2 =
-        ((word32)GetTable8(Td4, GETBYTE(s2, 3)) << 24) ^
-        ((word32)GetTable8(Td4, GETBYTE(s1, 2)) << 16) ^
-        ((word32)GetTable8(Td4, GETBYTE(s0, 1)) <<  8) ^
-        ((word32)GetTable8(Td4, GETBYTE(s3, 0)));
-    t3 =
-        ((word32)GetTable8(Td4, GETBYTE(s3, 3)) << 24) ^
-        ((word32)GetTable8(Td4, GETBYTE(s2, 2)) << 16) ^
-        ((word32)GetTable8(Td4, GETBYTE(s1, 1)) <<  8) ^
-        ((word32)GetTable8(Td4, GETBYTE(s0, 0)));
-    s0 = t0 ^ rk[0];
-    s1 = t1 ^ rk[1];
-    s2 = t2 ^ rk[2];
-    s3 = t3 ^ rk[3];
-#endif
-
-    /* write out */
-#ifdef LITTLE_ENDIAN_ORDER
-    s0 = ByteReverseWord32(s0);
-    s1 = ByteReverseWord32(s1);
-    s2 = ByteReverseWord32(s2);
-    s3 = ByteReverseWord32(s3);
-#endif
-
-    XMEMCPY(outBlock,                  &s0, sizeof(s0));
-    XMEMCPY(outBlock + sizeof(s0),     &s1, sizeof(s1));
-    XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
-    XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
-
-}
-
-#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
-    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM)) && \
-    !defined(MAX3266X_AES)
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-/* Decrypt a number of blocks using AES.
- *
- * @param [in]  aes  AES object.
- * @param [in]  in   Block to encrypt.
- * @param [out] out  Encrypted block.
- * @param [in]  sz   Number of blocks to encrypt.
- */
-static void AesDecryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
-{
-    word32 i;
-
-    for (i = 0; i < sz; i += WC_AES_BLOCK_SIZE) {
-        AesDecrypt_C(aes, in, out, aes->rounds >> 1);
-        in += WC_AES_BLOCK_SIZE;
-        out += WC_AES_BLOCK_SIZE;
-    }
-}
-#endif
-#endif
-
-#else /* WC_AES_BITSLICED */
-
-/* http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/Sinv.txt */
-static void bs_inv_sub_bytes(bs_word u[8])
-{
-    bs_word U0, U1, U2, U3, U4, U5, U6, U7;
-    bs_word Y0, Y1, Y2, Y3, Y4, Y5, Y6, Y7;
-    bs_word RTL0, RTL1, RTL2;
-    bs_word sa0, sa1;
-    bs_word sb0, sb1;
-    bs_word ab0, ab1, ab2, ab3;
-    bs_word ab20, ab21, ab22, ab23;
-    bs_word al, ah, aa, bl, bh, bb;
-    bs_word abcd1, abcd2, abcd3, abcd4, abcd5, abcd6;
-    bs_word ph11, ph12, ph13, ph01, ph02, ph03;
-    bs_word pl01, pl02, pl03, pl11, pl12, pl13;
-    bs_word r1, r2, r3, r4, r5, r6, r7, r8, r9;
-    bs_word rr1, rr2;
-    bs_word r10, r11;
-    bs_word cp1, cp2, cp3, cp4;
-    bs_word vr1, vr2, vr3;
-    bs_word pr1, pr2, pr3;
-    bs_word wr1, wr2, wr3;
-    bs_word qr1, qr2, qr3;
-    bs_word tinv1, tinv2, tinv3, tinv4, tinv5, tinv6, tinv7, tinv8, tinv9;
-    bs_word tinv10, tinv11, tinv12, tinv13;
-    bs_word t01, t02;
-    bs_word d0, d1, d2, d3;
-    bs_word dl, dd, dh;
-    bs_word sd0, sd1;
-    bs_word p0, p1, p2, p3, p4, p6, p7;
-    bs_word X11, X13, X14, X16, X18, X19;
-    bs_word S0, S1, S2, S3, S4, S5, S6, S7;
-
-    U0 = u[7];
-    U1 = u[6];
-    U2 = u[5];
-    U3 = u[4];
-    U4 = u[3];
-    U5 = u[2];
-    U6 = u[1];
-    U7 = u[0];
-
-    Y0 = U0 ^ U3;
-    Y2 = ~(U1 ^ U3);
-    Y4 = U0 ^ Y2;
-    RTL0 = U6 ^ U7;
-    Y1 = Y2 ^ RTL0;
-    Y7 = ~(U2 ^ Y1);
-    RTL1 = U3 ^ U4;
-    Y6 = ~(U7 ^ RTL1);
-    Y3 = Y1 ^ RTL1;
-    RTL2 = ~(U0 ^ U2);
-    Y5 = U5 ^ RTL2;
-    sa1 = Y0 ^ Y2;
-    sa0 = Y1 ^ Y3;
-    sb1 = Y4 ^ Y6;
-    sb0 = Y5 ^ Y7;
-    ah = Y0 ^ Y1;
-    al = Y2 ^ Y3;
-    aa = sa0 ^ sa1;
-    bh = Y4 ^ Y5;
-    bl = Y6 ^ Y7;
-    bb = sb0 ^ sb1;
-    ab20 = sa0 ^ sb0;
-    ab22 = al ^ bl;
-    ab23 = Y3 ^ Y7;
-    ab21 = sa1 ^ sb1;
-    abcd1 = ah & bh;
-    rr1 = Y0 & Y4;
-    ph11 = ab20 ^ abcd1;
-    t01 = Y1 & Y5;
-    ph01 = t01 ^ abcd1;
-    abcd2 = al & bl;
-    r1 = Y2 & Y6;
-    pl11 = ab22 ^ abcd2;
-    r2 = Y3 & Y7;
-    pl01 = r2 ^ abcd2;
-    r3 = sa0 & sb0;
-    vr1 = aa & bb;
-    pr1 = vr1 ^ r3;
-    wr1 = sa1 & sb1;
-    qr1 = wr1 ^ r3;
-    ab0 = ph11 ^ rr1;
-    ab1 = ph01 ^ ab21;
-    ab2 = pl11 ^ r1;
-    ab3 = pl01 ^ qr1;
-    cp1 = ab0 ^ pr1;
-    cp2 = ab1 ^ qr1;
-    cp3 = ab2 ^ pr1;
-    cp4 = ab3 ^ ab23;
-    tinv1 = cp3 ^ cp4;
-    tinv2 = cp3 & cp1;
-    tinv3 = cp2 ^ tinv2;
-    tinv4 = cp1 ^ cp2;
-    tinv5 = cp4 ^ tinv2;
-    tinv6 = tinv5 & tinv4;
-    tinv7 = tinv3 & tinv1;
-    d2 = cp4 ^ tinv7;
-    d0 = cp2 ^ tinv6;
-    tinv8 = cp1 & cp4;
-    tinv9 = tinv4 & tinv8;
-    tinv10 = tinv4 ^ tinv2;
-    d1 = tinv9 ^ tinv10;
-    tinv11 = cp2 & cp3;
-    tinv12 = tinv1 & tinv11;
-    tinv13 = tinv1 ^ tinv2;
-    d3 = tinv12 ^ tinv13;
-    sd1 = d1 ^ d3;
-    sd0 = d0 ^ d2;
-    dl = d0 ^ d1;
-    dh = d2 ^ d3;
-    dd = sd0 ^ sd1;
-    abcd3 = dh & bh;
-    rr2 = d3 & Y4;
-    t02 = d2 & Y5;
-    abcd4 = dl & bl;
-    r4 = d1 & Y6;
-    r5 = d0 & Y7;
-    r6 = sd0 & sb0;
-    vr2 = dd & bb;
-    wr2 = sd1 & sb1;
-    abcd5 = dh & ah;
-    r7 = d3 & Y0;
-    r8 = d2 & Y1;
-    abcd6 = dl & al;
-    r9 = d1 & Y2;
-    r10 = d0 & Y3;
-    r11 = sd0 & sa0;
-    vr3 = dd & aa;
-    wr3 = sd1 & sa1;
-    ph12 = rr2 ^ abcd3;
-    ph02 = t02 ^ abcd3;
-    pl12 = r4 ^ abcd4;
-    pl02 = r5 ^ abcd4;
-    pr2 = vr2 ^ r6;
-    qr2 = wr2 ^ r6;
-    p0 = ph12 ^ pr2;
-    p1 = ph02 ^ qr2;
-    p2 = pl12 ^ pr2;
-    p3 = pl02 ^ qr2;
-    ph13 = r7 ^ abcd5;
-    ph03 = r8 ^ abcd5;
-    pl13 = r9 ^ abcd6;
-    pl03 = r10 ^ abcd6;
-    pr3 = vr3 ^ r11;
-    qr3 = wr3 ^ r11;
-    p4 = ph13 ^ pr3;
-    S7 = ph03 ^ qr3;
-    p6 = pl13 ^ pr3;
-    p7 = pl03 ^ qr3;
-    S3 = p1 ^ p6;
-    S6 = p2 ^ p6;
-    S0 = p3 ^ p6;
-    X11 = p0 ^ p2;
-    S5 = S0 ^ X11;
-    X13 = p4 ^ p7;
-    X14 = X11 ^ X13;
-    S1 = S3 ^ X14;
-    X16 = p1 ^ S7;
-    S2 = X14 ^ X16;
-    X18 = p0 ^ p4;
-    X19 = S5 ^ X16;
-    S4 = X18 ^ X19;
-
-    u[0] = S7;
-    u[1] = S6;
-    u[2] = S5;
-    u[3] = S4;
-    u[4] = S3;
-    u[5] = S2;
-    u[6] = S1;
-    u[7] = S0;
-}
-
-static void bs_inv_shift_rows(bs_word* b)
-{
-    bs_word t[AES_BLOCK_BITS];
-    int i;
-
-    for (i = 0; i < 128; i += 32) {
-        BS_ASSIGN_8(t, i +  0, b, (  0 + i) & BS_IDX_MASK);
-        BS_ASSIGN_8(t, i +  8, b, (104 + i) & BS_IDX_MASK);
-        BS_ASSIGN_8(t, i + 16, b, ( 80 + i) & BS_IDX_MASK);
-        BS_ASSIGN_8(t, i + 24, b, ( 56 + i) & BS_IDX_MASK);
-    }
-
-    XMEMCPY(b, t, sizeof(t));
-}
-
-#define O0  0
-#define O1  8
-#define O2  16
-#define O3  24
-
-#define BS_INV_MIX_SHIFT_8(br, b, O0, O1, O2, O3, of0, of1, of2)            \
-    of0 = b[O0+7] ^ b[O0+6] ^ b[O0+5] ^ b[O1 + 7] ^ b[O1+5] ^               \
-          b[O2+6] ^ b[O2+5] ^ b[O3+5];                                      \
-    of1 =           b[O0+7] ^ b[O0+6] ^             b[O1+6] ^               \
-          b[O2+7] ^ b[O2+6] ^ b[O3+6];                                      \
-    of2 =                     b[O0+7] ^             b[O1+7] ^               \
-                    b[O2+7] ^ b[O3+7];                                      \
-                                                                            \
-    br[0] =                                                   b[O1+0] ^     \
-            b[O2+0]                     ^ b[O3+0]           ^ of0;          \
-    br[1] = b[O0+0]                               ^ b[O1+0] ^ b[O1+1] ^     \
-            b[O2+1]                     ^ b[O3+1]           ^ of0 ^ of1;    \
-    br[2] = b[O0+1] ^ b[O0+0]                     ^ b[O1+1] ^ b[O1+2] ^     \
-            b[O2+2] ^ b[O2+0]           ^ b[O3+2]           ^ of1 ^ of2;    \
-    br[3] = b[O0+2] ^ b[O0+1] ^ b[O0+0] ^ b[O1+0] ^ b[O1+2] ^ b[O1+3] ^     \
-            b[O2+3] ^ b[O2+1] ^ b[O2+0] ^ b[O3+3] ^ b[O3+0] ^ of0 ^ of2;    \
-    br[4] = b[O0+3] ^ b[O0+2] ^ b[O0+1] ^ b[O1+1] ^ b[O1+3] ^ b[O1+4] ^     \
-            b[O2+4] ^ b[O2+2] ^ b[O2+1] ^ b[O3+4] ^ b[O3+1] ^ of0 ^ of1;    \
-    br[5] = b[O0+4] ^ b[O0+3] ^ b[O0+2] ^ b[O1+2] ^ b[O1+4] ^ b[O1+5] ^     \
-            b[O2+5] ^ b[O2+3] ^ b[O2+2] ^ b[O3+5] ^ b[O3+2] ^ of1 ^ of2;    \
-    br[6] = b[O0+5] ^ b[O0+4] ^ b[O0+3] ^ b[O1+3] ^ b[O1+5] ^ b[O1+6] ^     \
-            b[O2+6] ^ b[O2+4] ^ b[O2+3] ^ b[O3+6] ^ b[O3+3] ^ of2;          \
-    br[7] = b[O0+6] ^ b[O0+5] ^ b[O0+4] ^ b[O1+4] ^ b[O1+6] ^ b[O1+7] ^     \
-            b[O2+7] ^ b[O2+5] ^ b[O2+4] ^ b[O3+7] ^ b[O3+4]
-
-/* Inverse mix columns and shift rows. */
-static void bs_inv_mix_shift(bs_word* t, bs_word* b)
-{
-    bs_word* bp = b;
-    word8 or0 = BS_ROW_OFF_0 + BS_SHIFT_OFF_0;
-    word8 or1 = BS_ROW_OFF_1 + BS_SHIFT_OFF_1;
-    word8 or2 = BS_ROW_OFF_2 + BS_SHIFT_OFF_2;
-    word8 or3 = BS_ROW_OFF_3 + BS_SHIFT_OFF_3;
-    int i;
-
-    for (i = 0; i < AES_BLOCK_BITS / 4; i += AES_BLOCK_BITS / 16) {
-        bs_word* br;
-        bs_word of0;
-        bs_word of1;
-        bs_word of2;
-
-        br = t + or0;
-        BS_INV_MIX_SHIFT_8(br, bp, O0, O1, O2, O3, of0, of1, of2);
-        br = t + or1;
-        BS_INV_MIX_SHIFT_8(br, bp, O1, O2, O3, O0, of0, of1, of2);
-        br = t + or2;
-        BS_INV_MIX_SHIFT_8(br, bp, O2, O3, O0, O1, of0, of1, of2);
-        br = t + or3;
-        BS_INV_MIX_SHIFT_8(br, bp, O3, O0, O1, O2, of0, of1, of2);
-
-        or0 = (or0 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-        or1 = (or1 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-        or2 = (or2 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-        or3 = (or3 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
-
-        bp += AES_BLOCK_BITS / 4;
-    }
-}
-
-static void bs_inv_sub_bytes_blocks(bs_word* b)
-{
-    int i;
-
-    for (i = 0; i < AES_BLOCK_BITS; i += 8) {
-        bs_inv_sub_bytes(b + i);
-    }
-}
-
-static void bs_decrypt(bs_word* state, bs_word* rk, word32 r)
-{
-    int i;
-    bs_word trans[AES_BLOCK_BITS];
-
-    bs_transpose(trans, state);
-
-    rk += r * AES_BLOCK_BITS;
-    bs_add_round_key(trans, trans, rk);
-    bs_inv_shift_rows(trans);
-    bs_inv_sub_bytes_blocks(trans);
-    rk -= AES_BLOCK_BITS;
-    bs_add_round_key(trans, trans, rk);
-    for (i = (int)r - 2; i >= 0; i--) {
-        bs_inv_mix_shift(state, trans);
-        bs_inv_sub_bytes_blocks(state);
-        rk -= AES_BLOCK_BITS;
-        bs_add_round_key(trans, state, rk);
-    }
-
-    bs_inv_transpose(state, trans);
-}
-
-#ifdef WOLFSSL_AES_DIRECT
-/* Decrypt a block using AES.
- *
- * @param [in]  aes       AES object.
- * @param [in]  inBlock   Block to encrypt.
- * @param [out] outBlock  Encrypted block.
- * @param [in]  r         Rounds divided by 2.
- */
-static void AesDecrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
-    word32 r)
-{
-    bs_word state[AES_BLOCK_BITS];
-
-    (void)r;
-
-    XMEMCPY(state, inBlock, WC_AES_BLOCK_SIZE);
-    XMEMSET(((byte*)state) + WC_AES_BLOCK_SIZE, 0, sizeof(state) - WC_AES_BLOCK_SIZE);
-
-    bs_decrypt(state, aes->bs_key, aes->rounds);
-
-    XMEMCPY(outBlock, state, WC_AES_BLOCK_SIZE);
-}
-#endif
-
-#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
-    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
-/* Decrypt a number of blocks using AES.
- *
- * @param [in]  aes  AES object.
- * @param [in]  in   Block to encrypt.
- * @param [out] out  Encrypted block.
- * @param [in]  sz   Number of blocks to encrypt.
- */
-static void AesDecryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
-{
-    bs_word state[AES_BLOCK_BITS];
-
-    while (sz >= BS_BLOCK_SIZE) {
-        XMEMCPY(state, in, BS_BLOCK_SIZE);
-        bs_decrypt(state, aes->bs_key, aes->rounds);
-        XMEMCPY(out, state, BS_BLOCK_SIZE);
-        sz  -= BS_BLOCK_SIZE;
-        in  += BS_BLOCK_SIZE;
-        out += BS_BLOCK_SIZE;
-    }
-    if (sz > 0) {
-        XMEMCPY(state, in, sz);
-        XMEMSET(((byte*)state) + sz, 0, sizeof(state) - sz);
-        bs_decrypt(state, aes->bs_key, aes->rounds);
-        XMEMCPY(out, state, sz);
-    }
-}
-#endif
-
-#endif /* !WC_AES_BITSLICED */
-#endif
-
-#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) || \
-    defined(WOLFSSL_AES_DIRECT)
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-#if !defined(WC_AES_BITSLICED) || defined(WOLFSSL_AES_DIRECT)
-/* Software AES - ECB Decrypt */
-static WARN_UNUSED_RESULT int wc_AesDecrypt(
-    Aes* aes, const byte* inBlock, byte* outBlock)
-{
-#if defined(MAX3266X_AES)
-    word32 keySize;
-#endif
-#if defined(MAX3266X_CB)
-    int ret_cb;
-#endif
-    word32 r;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-    {
-        int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-    }
-#endif
-
-    r = aes->rounds >> 1;
-
-    if (r > 7 || r == 0) {
-        WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
-        return KEYUSAGE_E;
-    }
-
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        ASSERT_SAVED_VECTOR_REGISTERS();
-
-        #ifdef DEBUG_AESNI
-            printf("about to aes decrypt\n");
-            printf("in  = %p\n", inBlock);
-            printf("out = %p\n", outBlock);
-            printf("aes->key = %p\n", aes->key);
-            printf("aes->rounds = %d\n", aes->rounds);
-            printf("sz = %d\n", WC_AES_BLOCK_SIZE);
-        #endif
-
-        /* if input and output same will overwrite input iv */
-        if ((const byte*)aes->tmp != inBlock)
-            XMEMCPY(aes->tmp, inBlock, WC_AES_BLOCK_SIZE);
-        AES_ECB_decrypt_AESNI(inBlock, outBlock, WC_AES_BLOCK_SIZE, (byte*)aes->key,
-                        (int)aes->rounds);
-        return 0;
-    }
-    else {
-        #ifdef DEBUG_AESNI
-            printf("Skipping AES-NI\n");
-        #endif
-    }
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto) {
-        AES_decrypt_AARCH64(inBlock, outBlock, (byte*)aes->key,
-            (int)aes->rounds);
-        return 0;
-    }
-#elif !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_decrypt_AARCH32(inBlock, outBlock, (byte*)aes->key, (int)aes->rounds);
-#else
-    AES_ECB_decrypt(inBlock, outBlock, WC_AES_BLOCK_SIZE,
-        (const unsigned char*)aes->key, aes->rounds);
-#endif
-    return 0;
-#endif /* WOLFSSL_AESNI */
-#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-    return AES_ECB_decrypt(aes, inBlock, outBlock, WC_AES_BLOCK_SIZE);
-#endif
-#if defined(WOLFSSL_IMXRT_DCP)
-    if (aes->keylen == 16) {
-        DCPAesEcbDecrypt(aes, outBlock, inBlock, WC_AES_BLOCK_SIZE);
-        return 0;
-    }
-#endif
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    if (aes->useSWCrypt == 0) {
-        return se050_aes_crypt(aes, inBlock, outBlock, WC_AES_BLOCK_SIZE,
-                               AES_DECRYPTION, kAlgorithm_SSS_AES_ECB);
-    }
-#endif
-#if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
-    if (wc_esp32AesSupportedKeyLen(aes)) {
-        return wc_esp32AesDecrypt(aes, inBlock, outBlock);
-    }
-    else {
-        /* For example, the ESP32-S3 does not support HW for len = 24,
-         * so fall back to SW */
-    #ifdef DEBUG_WOLFSSL
-        ESP_LOGW(TAG, "wc_AesDecrypt HW Falling back, "
-                        "unsupported keylen = %d", aes->keylen);
-    #endif
-    } /* else !wc_esp32AesSupportedKeyLen for ESP32 */
-#endif
-
-#if defined(MAX3266X_AES)
-    if (wc_AesGetKeySize(aes, &keySize) == 0) {
-        return wc_MXC_TPU_AesDecrypt(inBlock, (byte*)aes->reg, (byte*)aes->key,
-                                    MXC_TPU_MODE_ECB, WC_AES_BLOCK_SIZE,
-                                    outBlock, (unsigned int)keySize);
-    }
-#endif
-
-#if defined(MAX3266X_CB) && defined(HAVE_AES_ECB) /* Can do a basic ECB block */
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        ret_cb = wc_CryptoCb_AesEcbDecrypt(aes, outBlock, inBlock,
-                                            WC_AES_BLOCK_SIZE);
-        if (ret_cb != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret_cb;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    AesDecrypt_C(aes, inBlock, outBlock, r);
-
-    return 0;
-} /* wc_AesDecrypt[_SW]() */
-#endif /* !WC_AES_BITSLICED || WOLFSSL_AES_DIRECT */
-#endif
-#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
-#endif /* HAVE_AES_DECRYPT */
-
-#endif /* NEED_AES_TABLES */
-
-
-
-/* wc_AesSetKey */
-#if defined(STM32_CRYPTO)
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-            const byte* iv, int dir)
-    {
-        word32 *rk;
-
-        (void)dir;
-
-        if (aes == NULL || (keylen != 16 &&
-        #ifdef WOLFSSL_AES_192
-            keylen != 24 &&
-        #endif
-            keylen != 32)) {
-            return BAD_FUNC_ARG;
-        }
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-
-        rk = aes->key;
-        aes->keylen = keylen;
-        aes->rounds = keylen/4 + 6;
-        XMEMCPY(rk, userKey, keylen);
-    #if !defined(WOLFSSL_STM32_CUBEMX) || defined(STM32_HAL_V2)
-        ByteReverseWords(rk, rk, keylen);
-    #endif
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-        return wc_AesSetIV(aes, iv);
-    }
-    #if defined(WOLFSSL_AES_DIRECT)
-        int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                            const byte* iv, int dir)
-        {
-            return wc_AesSetKey(aes, userKey, keylen, iv, dir);
-        }
-    #endif
-
-#elif defined(HAVE_COLDFIRE_SEC)
-    #if defined (HAVE_THREADX)
-        #include "memory_pools.h"
-        extern TX_BYTE_POOL mp_ncached;  /* Non Cached memory pool */
-    #endif
-
-    #define AES_BUFFER_SIZE (WC_AES_BLOCK_SIZE * 64)
-    static unsigned char *AESBuffIn = NULL;
-    static unsigned char *AESBuffOut = NULL;
-    static byte *secReg;
-    static byte *secKey;
-    static volatile SECdescriptorType *secDesc;
-
-    static wolfSSL_Mutex Mutex_AesSEC;
-
-    #define SEC_DESC_AES_CBC_ENCRYPT 0x60300010
-    #define SEC_DESC_AES_CBC_DECRYPT 0x60200010
-
-    extern volatile unsigned char __MBAR[];
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
-    {
-        if (AESBuffIn == NULL) {
-        #if defined (HAVE_THREADX)
-            int s1, s2, s3, s4, s5;
-            s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
-                                  sizeof(SECdescriptorType), TX_NO_WAIT);
-            s1 = tx_byte_allocate(&mp_ncached, (void *)&AESBuffIn,
-                                  AES_BUFFER_SIZE, TX_NO_WAIT);
-            s2 = tx_byte_allocate(&mp_ncached, (void *)&AESBuffOut,
-                                  AES_BUFFER_SIZE, TX_NO_WAIT);
-            s3 = tx_byte_allocate(&mp_ncached, (void *)&secKey,
-                                  WC_AES_BLOCK_SIZE*2, TX_NO_WAIT);
-            s4 = tx_byte_allocate(&mp_ncached, (void *)&secReg,
-                                  WC_AES_BLOCK_SIZE, TX_NO_WAIT);
-
-            if (s1 || s2 || s3 || s4 || s5)
-                return BAD_FUNC_ARG;
-        #else
-            #warning "Allocate non-Cache buffers"
-        #endif
-
-            wc_InitMutex(&Mutex_AesSEC);
-        }
-
-        if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
-            return BAD_FUNC_ARG;
-
-        if (aes == NULL)
-            return BAD_FUNC_ARG;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-
-        aes->keylen = keylen;
-        aes->rounds = keylen/4 + 6;
-        XMEMCPY(aes->key, userKey, keylen);
-
-        if (iv)
-            XMEMCPY(aes->reg, iv, WC_AES_BLOCK_SIZE);
-
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-
-        return 0;
-    }
-#elif defined(FREESCALE_LTC)
-    int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir, int checkKeyLen)
-    {
-        if (aes == NULL)
-            return BAD_FUNC_ARG;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-
-        if (checkKeyLen) {
-            if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
-                return BAD_FUNC_ARG;
-        }
-        (void)dir;
-
-        aes->rounds = keylen/4 + 6;
-        XMEMCPY(aes->key, userKey, keylen);
-
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-
-        return wc_AesSetIV(aes, iv);
-    }
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
-    {
-        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
-    }
-
-
-    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                        const byte* iv, int dir)
-    {
-        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
-    }
-#elif defined(FREESCALE_MMCAU)
-    int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir, int checkKeyLen)
-    {
-        int ret;
-        byte* rk;
-        byte* tmpKey = (byte*)userKey;
-        int tmpKeyDynamic = 0;
-        word32 alignOffset = 0;
-
-        (void)dir;
-
-        if (aes == NULL)
-            return BAD_FUNC_ARG;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-
-        if (checkKeyLen) {
-            if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
-                return BAD_FUNC_ARG;
-        }
-
-        rk = (byte*)aes->key;
-        if (rk == NULL)
-            return BAD_FUNC_ARG;
-
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-
-        aes->rounds = keylen/4 + 6;
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)userKey % WOLFSSL_MMCAU_ALIGNMENT) {
-        #ifndef NO_WOLFSSL_ALLOC_ALIGN
-            byte* tmp = (byte*)XMALLOC(keylen + WOLFSSL_MMCAU_ALIGNMENT,
-                                       aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            if (tmp == NULL) {
-                return MEMORY_E;
-            }
-            alignOffset = WOLFSSL_MMCAU_ALIGNMENT -
-                          ((wc_ptr_t)tmp % WOLFSSL_MMCAU_ALIGNMENT);
-            tmpKey = tmp + alignOffset;
-            XMEMCPY(tmpKey, userKey, keylen);
-            tmpKeyDynamic = 1;
-        #else
-            WOLFSSL_MSG("Bad cau_aes_set_key alignment");
-            return BAD_ALIGN_E;
-        #endif
-        }
-    #endif
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if(ret == 0) {
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_aes_set_key(tmpKey, keylen*8, rk);
-        #else
-            MMCAU_AES_SetKey(tmpKey, keylen, rk);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            ret = wc_AesSetIV(aes, iv);
-        }
-
-        if (tmpKeyDynamic == 1) {
-            XFREE(tmpKey - alignOffset, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-
-        return ret;
-    }
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
-    {
-        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
-    }
-
-    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                        const byte* iv, int dir)
-    {
-        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
-    }
-
-#elif defined(WOLFSSL_NRF51_AES)
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
-    {
-        int ret;
-
-        (void)dir;
-        (void)iv;
-
-        if (aes == NULL || keylen != 16)
-            return BAD_FUNC_ARG;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-#endif
-
-        aes->keylen = keylen;
-        aes->rounds = keylen/4 + 6;
-        XMEMCPY(aes->key, userKey, keylen);
-        ret = nrf51_aes_set_key(userKey);
-
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-
-        return ret;
-    }
-
-    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                        const byte* iv, int dir)
-    {
-        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
-    }
-#elif defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
-    /* This is the only definition for HW only.
-     * but needs to be renamed when fallback needed.
-     * See call in wc_AesSetKey() */
-    int wc_AesSetKey_for_ESP32(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
-    {
-        (void)dir;
-        (void)iv;
-        ESP_LOGV(TAG, "wc_AesSetKey_for_ESP32");
-        if (aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) {
-            return BAD_FUNC_ARG;
-        }
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret < 0)
-                return ret;
-        }
-#endif
-
-    #if !defined(WOLFSSL_AES_128)
-        if (keylen == 16) {
-            return BAD_FUNC_ARG;
-        }
-    #endif
-
-    #if !defined(WOLFSSL_AES_192)
-        if (keylen == 24) {
-            return BAD_FUNC_ARG;
-        }
-    #endif
-
-    #if !defined(WOLFSSL_AES_256)
-        if (keylen == 32) {
-            return BAD_FUNC_ARG;
-        }
-    #endif
-
-        aes->keylen = keylen;
-        aes->rounds = keylen/4 + 6;
-
-        XMEMCPY(aes->key, userKey, keylen);
-        #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-            defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-            defined(WOLFSSL_AES_CTS)
-            aes->left = 0;
-        #endif
-        return wc_AesSetIV(aes, iv);
-    } /* wc_AesSetKey */
-
-    /* end #elif ESP32 */
-#elif defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
-                    int dir)
-    {
-        SaSiError_t ret = SASI_OK;
-        SaSiAesIv_t iv_aes;
-
-        if (aes == NULL ||
-           (keylen != AES_128_KEY_SIZE &&
-            keylen != AES_192_KEY_SIZE &&
-            keylen != AES_256_KEY_SIZE)) {
-            return BAD_FUNC_ARG;
-        }
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        {
-            int ret2 =
-                wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-            if (ret2 < 0)
-                return ret2;
-        }
-#endif
-
-    #if defined(AES_MAX_KEY_SIZE)
-        if (keylen > (AES_MAX_KEY_SIZE/8)) {
-            return BAD_FUNC_ARG;
-        }
-    #endif
-        if (dir != AES_ENCRYPTION &&
-            dir != AES_DECRYPTION) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (dir == AES_ENCRYPTION) {
-            aes->ctx.mode = SASI_AES_ENCRYPT;
-            SaSi_AesInit(&aes->ctx.user_ctx,
-                         SASI_AES_ENCRYPT,
-                         SASI_AES_MODE_CBC,
-                         SASI_AES_PADDING_NONE);
-        }
-        else {
-            aes->ctx.mode = SASI_AES_DECRYPT;
-            SaSi_AesInit(&aes->ctx.user_ctx,
-                         SASI_AES_DECRYPT,
-                         SASI_AES_MODE_CBC,
-                         SASI_AES_PADDING_NONE);
-        }
-
-        aes->keylen = keylen;
-        aes->rounds = keylen/4 + 6;
-        XMEMCPY(aes->key, userKey, keylen);
-
-        aes->ctx.key.pKey = (byte*)aes->key;
-        aes->ctx.key.keySize= keylen;
-
-        ret = SaSi_AesSetKey(&aes->ctx.user_ctx,
-                             SASI_AES_USER_KEY,
-                             &aes->ctx.key,
-                             sizeof(aes->ctx.key));
-        if (ret != SASI_OK) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wc_AesSetIV(aes, iv);
-
-        if (iv)
-            XMEMCPY(iv_aes, iv, WC_AES_BLOCK_SIZE);
-        else
-            XMEMSET(iv_aes,  0, WC_AES_BLOCK_SIZE);
-
-
-        ret = SaSi_AesSetIv(&aes->ctx.user_ctx, iv_aes);
-        if (ret != SASI_OK) {
-            return ret;
-        }
-       return ret;
-    }
-    #if defined(WOLFSSL_AES_DIRECT)
-        int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                            const byte* iv, int dir)
-        {
-            return wc_AesSetKey(aes, userKey, keylen, iv, dir);
-        }
-    #endif
-
-#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) \
-    && !defined(WOLFSSL_QNX_CAAM)
-      /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
-
-#elif defined(WOLFSSL_AFALG)
-    /* implemented in wolfcrypt/src/port/af_alg/afalg_aes.c */
-
-#elif defined(WOLFSSL_DEVCRYPTO_AES)
-    /* implemented in wolfcrypt/src/port/devcrypto/devcrypto_aes.c */
-
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
-
-#elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
-    /* implemented in wolfcrypt/src/port/renesas/renesas_fspsm_aes.c */
-
-#elif !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-    static int AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-            const byte* iv, int dir)
-    {
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-
-        aes->keylen = (int)keylen;
-        aes->rounds = (keylen/4) + 6;
-
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-        AES_set_key_AARCH32(userKey, keylen, (byte*)aes->key, dir);
-#else
-        AES_set_encrypt_key(userKey, keylen * 8, (byte*)aes->key);
-
-    #ifdef HAVE_AES_DECRYPT
-        if (dir == AES_DECRYPTION) {
-            AES_invert_key((byte*)aes->key, aes->rounds);
-        }
-    #else
-        (void)dir;
-    #endif
-#endif
-        return wc_AesSetIV(aes, iv);
-    }
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-            const byte* iv, int dir)
-    {
-        if ((aes == NULL) || (userKey == NULL)) {
-            return BAD_FUNC_ARG;
-        }
-
-        switch (keylen) {
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 &&     \
-        defined(WOLFSSL_AES_128)
-        case 16:
-    #endif
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 &&     \
-        defined(WOLFSSL_AES_192)
-        case 24:
-    #endif
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 &&     \
-        defined(WOLFSSL_AES_256)
-        case 32:
-    #endif
-            break;
-        default:
-            return BAD_FUNC_ARG;
-        }
-
-    #ifdef WOLF_CRYPTO_CB
-        if (aes->devId != INVALID_DEVID) {
-            if (keylen > sizeof(aes->devKey)) {
-                return BAD_FUNC_ARG;
-            }
-            XMEMCPY(aes->devKey, userKey, keylen);
-        }
-    #endif
-
-        return AesSetKey(aes, userKey, keylen, iv, dir);
-    }
-
-    #if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
-        /* AES-CTR and AES-DIRECT need to use this for key setup */
-        /* This function allows key sizes that are not 128/192/256 bits */
-    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                           const byte* iv, int dir)
-    {
-        if (aes == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (keylen > sizeof(aes->key)) {
-            return BAD_FUNC_ARG;
-        }
-
-        return AesSetKey(aes, userKey, keylen, iv, dir);
-    }
-    #endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
-#else
-    #define NEED_SOFTWARE_AES_SETKEY
-#endif
-
-/* Either we fell though with no HW support at all,
- * or perhaps there's HW support for *some* keylengths
- * and we need both HW and SW. */
-#ifdef NEED_SOFTWARE_AES_SETKEY
-
-#ifdef NEED_AES_TABLES
-
-#ifndef WC_AES_BITSLICED
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM) || \
-    defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-/* Set the AES key and expand.
- *
- * @param [in]  aes    AES object.
- * @param [in]  key    Block to encrypt.
- * @param [in]  keySz  Number of bytes in key.
- * @param [in]  dir    Direction of crypt: AES_ENCRYPTION or AES_DECRYPTION.
- */
-static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
-{
-#ifdef WC_C_DYNAMIC_FALLBACK
-    word32* rk = aes->key_C_fallback;
-#else
-    word32* rk = aes->key;
-#endif
-    word32 temp;
-    unsigned int i = 0;
-
-    XMEMCPY(rk, key, keySz);
-#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
-    (!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES)) && \
-    !defined(MAX3266X_AES)
-    /* Always reverse words when using only SW */
-    {
-        ByteReverseWords(rk, rk, keySz);
-    }
-#else
-    /* Sometimes reverse words when using supported HW */
-    #if defined(WOLFSSL_ESPIDF)
-        /* Some platforms may need SW fallback (e.g. AES192) */
-        #if defined(NEED_AES_HW_FALLBACK)
-        {
-            ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
-            if (wc_esp32AesSupportedKeyLen(aes)) {
-                /* don't reverse for HW supported key lengths */
-            }
-            else {
-                ByteReverseWords(rk, rk, keySz);
-            }
-        }
-        #else
-            /* If we don't need SW fallback, don't need to reverse words. */
-        #endif /* NEED_AES_HW_FALLBACK */
-    #endif /* WOLFSSL_ESPIDF */
-#endif /* LITTLE_ENDIAN_ORDER, etc */
-
-    switch (keySz) {
-#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
-        defined(WOLFSSL_AES_128)
-    case 16:
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        temp = (word32)-1;
-        wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
-    #endif
-        while (1)
-        {
-            temp  = rk[3];
-            rk[4] = rk[0] ^
-        #ifndef WOLFSSL_AES_SMALL_TABLES
-                (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
-                (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
-                (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
-                (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
-        #else
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
-        #endif
-                rcon[i];
-            rk[5] = rk[1] ^ rk[4];
-            rk[6] = rk[2] ^ rk[5];
-            rk[7] = rk[3] ^ rk[6];
-            if (++i == 10)
-                break;
-            rk += 4;
-        }
-        break;
-#endif /* 128 */
-
-#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
-        defined(WOLFSSL_AES_192)
-    case 24:
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        temp = (word32)-1;
-        wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
-    #endif
-        /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
-        while (1)
-        {
-            temp = rk[ 5];
-            rk[ 6] = rk[ 0] ^
-        #ifndef WOLFSSL_AES_SMALL_TABLES
-                (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
-                (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
-                (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
-                (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
-        #else
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
-        #endif
-                rcon[i];
-            rk[ 7] = rk[ 1] ^ rk[ 6];
-            rk[ 8] = rk[ 2] ^ rk[ 7];
-            rk[ 9] = rk[ 3] ^ rk[ 8];
-            if (++i == 8)
-                break;
-            rk[10] = rk[ 4] ^ rk[ 9];
-            rk[11] = rk[ 5] ^ rk[10];
-            rk += 6;
-        }
-        break;
-#endif /* 192 */
-
-#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
-        defined(WOLFSSL_AES_256)
-    case 32:
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        temp = (word32)-1;
-        wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
-    #endif
-        while (1)
-        {
-            temp = rk[ 7];
-            rk[ 8] = rk[ 0] ^
-        #ifndef WOLFSSL_AES_SMALL_TABLES
-                (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
-                (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
-                (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
-                (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
-        #else
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
-        #endif
-                rcon[i];
-            rk[ 9] = rk[ 1] ^ rk[ 8];
-            rk[10] = rk[ 2] ^ rk[ 9];
-            rk[11] = rk[ 3] ^ rk[10];
-            if (++i == 7)
-                break;
-            temp = rk[11];
-            rk[12] = rk[ 4] ^
-        #ifndef WOLFSSL_AES_SMALL_TABLES
-                (GetTable(Te[2], GETBYTE(temp, 3)) & 0xff000000) ^
-                (GetTable(Te[3], GETBYTE(temp, 2)) & 0x00ff0000) ^
-                (GetTable(Te[0], GETBYTE(temp, 1)) & 0x0000ff00) ^
-                (GetTable(Te[1], GETBYTE(temp, 0)) & 0x000000ff);
-        #else
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3)) << 24) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 16) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) <<  8) ^
-                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)));
-        #endif
-            rk[13] = rk[ 5] ^ rk[12];
-            rk[14] = rk[ 6] ^ rk[13];
-            rk[15] = rk[ 7] ^ rk[14];
-
-            rk += 8;
-        }
-        break;
-#endif /* 256 */
-    } /* switch */
-    ForceZero(&temp, sizeof(temp));
-
-#if defined(HAVE_AES_DECRYPT) && !defined(MAX3266X_AES)
-    if (dir == AES_DECRYPTION) {
-        unsigned int j;
-
-#ifdef WC_C_DYNAMIC_FALLBACK
-        rk = aes->key_C_fallback;
-#else
-        rk = aes->key;
-#endif
-
-        /* invert the order of the round keys: */
-        for (i = 0, j = 4* aes->rounds; i < j; i += 4, j -= 4) {
-            temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-            temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-            temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-            temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-        }
-        ForceZero(&temp, sizeof(temp));
-    #if !defined(WOLFSSL_AES_SMALL_TABLES)
-        /* apply the inverse MixColumn transform to all round keys but the
-           first and the last: */
-        for (i = 1; i < aes->rounds; i++) {
-            rk += 4;
-            rk[0] =
-                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[0], 3)) & 0xff) ^
-                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[0], 2)) & 0xff) ^
-                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[0], 1)) & 0xff) ^
-                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[0], 0)) & 0xff);
-            rk[1] =
-                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[1], 3)) & 0xff) ^
-                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[1], 2)) & 0xff) ^
-                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[1], 1)) & 0xff) ^
-                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[1], 0)) & 0xff);
-            rk[2] =
-                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[2], 3)) & 0xff) ^
-                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[2], 2)) & 0xff) ^
-                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[2], 1)) & 0xff) ^
-                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[2], 0)) & 0xff);
-            rk[3] =
-                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[3], 3)) & 0xff) ^
-                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[3], 2)) & 0xff) ^
-                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[3], 1)) & 0xff) ^
-                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[3], 0)) & 0xff);
-        }
-    #endif
-    }
-#else
-    (void)dir;
-#endif /* HAVE_AES_DECRYPT */
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(&temp, sizeof(temp));
-#else
-    (void)temp;
-#endif
-}
-#endif
-#else /* WC_AES_BITSLICED */
-/* Set the AES key and expand.
- *
- * @param [in]  aes    AES object.
- * @param [in]  key    Block to encrypt.
- * @param [in]  keySz  Number of bytes in key.
- * @param [in]  dir    Direction of crypt: AES_ENCRYPTION or AES_DECRYPTION.
- */
-static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
-{
-    /* No need to invert when decrypting. */
-    (void)dir;
-
-    bs_set_key(aes->bs_key, key, keySz, aes->rounds);
-}
-#endif /* WC_AES_BITSLICED */
-
-#endif /* NEED_AES_TABLES */
-
-#ifndef WOLFSSL_RISCV_ASM
-    /* Software AES - SetKey */
-    static WARN_UNUSED_RESULT int wc_AesSetKeyLocal(
-        Aes* aes, const byte* userKey, word32 keylen, const byte* iv, int dir,
-        int checkKeyLen)
-    {
-        int ret;
-    #ifdef WOLFSSL_IMX6_CAAM_BLOB
-        byte   local[32];
-        word32 localSz = 32;
-    #endif
-
-        if (aes == NULL)
-            return BAD_FUNC_ARG;
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-#endif
-
-        switch (keylen) {
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 &&     \
-        defined(WOLFSSL_AES_128)
-        case 16:
-    #endif
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 &&     \
-        defined(WOLFSSL_AES_192)
-        case 24:
-    #endif
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 &&     \
-        defined(WOLFSSL_AES_256)
-        case 32:
-    #endif
-            break;
-        default:
-            return BAD_FUNC_ARG;
-        }
-
-    #ifdef WOLFSSL_MAXQ10XX_CRYPTO
-        if (wc_MAXQ10XX_AesSetKey(aes, userKey, keylen) != 0) {
-            return WC_HW_E;
-        }
-    #endif
-
-    #ifdef WOLFSSL_IMX6_CAAM_BLOB
-        if (keylen == (16 + WC_CAAM_BLOB_SZ) ||
-            keylen == (24 + WC_CAAM_BLOB_SZ) ||
-            keylen == (32 + WC_CAAM_BLOB_SZ)) {
-            if (wc_caamOpenBlob((byte*)userKey, keylen, local, &localSz) != 0) {
-                return BAD_FUNC_ARG;
-            }
-
-            /* set local values */
-            userKey = local;
-            keylen = localSz;
-        }
-    #endif
-
-    #ifdef WOLFSSL_SECO_CAAM
-        /* if set to use hardware than import the key */
-        if (aes->devId == WOLFSSL_SECO_DEVID) {
-            int keyGroup = 1; /* group one was chosen arbitrarily */
-            unsigned int keyIdOut;
-            byte importiv[GCM_NONCE_MID_SZ];
-            int importivSz = GCM_NONCE_MID_SZ;
-            int keyType = 0;
-            WC_RNG rng;
-
-            if (wc_InitRng(&rng) != 0) {
-                WOLFSSL_MSG("RNG init for IV failed");
-                return WC_HW_E;
-            }
-
-            if (wc_RNG_GenerateBlock(&rng, importiv, importivSz) != 0) {
-                WOLFSSL_MSG("Generate IV failed");
-                wc_FreeRng(&rng);
-                return WC_HW_E;
-            }
-            wc_FreeRng(&rng);
-
-            if (iv)
-                XMEMCPY(aes->reg, iv, WC_AES_BLOCK_SIZE);
-            else
-                XMEMSET(aes->reg, 0, WC_AES_BLOCK_SIZE);
-
-            switch (keylen) {
-                case AES_128_KEY_SIZE: keyType = CAAM_KEYTYPE_AES128; break;
-                case AES_192_KEY_SIZE: keyType = CAAM_KEYTYPE_AES192; break;
-                case AES_256_KEY_SIZE: keyType = CAAM_KEYTYPE_AES256; break;
-            }
-
-            keyIdOut = wc_SECO_WrapKey(0, (byte*)userKey, keylen, importiv,
-                importivSz, keyType, CAAM_KEY_TRANSIENT, keyGroup);
-            if (keyIdOut == 0) {
-                return WC_HW_E;
-            }
-            aes->blackKey = keyIdOut;
-            return 0;
-        }
-    #endif
-
-    #if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
-        (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
-        (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
-        #ifdef WOLF_CRYPTO_CB
-        if (aes->devId != INVALID_DEVID)
-        #endif
-        {
-            if (keylen > sizeof(aes->devKey)) {
-                return BAD_FUNC_ARG;
-            }
-            XMEMCPY(aes->devKey, userKey, keylen);
-        }
-    #endif
-
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE < 256
-        if (checkKeyLen) {
-            /* Check key length only when AES_MAX_KEY_SIZE doesn't allow
-             * all key sizes. Otherwise this condition is never true. */
-            if (keylen > (AES_MAX_KEY_SIZE / 8)) {
-                return BAD_FUNC_ARG;
-            }
-        }
-    #else
-        (void) checkKeyLen;
-    #endif
-
-    #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-        defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-        defined(WOLFSSL_AES_CTS)
-        aes->left = 0;
-    #endif
-
-        aes->keylen = (int)keylen;
-        aes->rounds = (keylen/4) + 6;
-        ret = wc_AesSetIV(aes, iv);
-        if (ret != 0)
-            return ret;
-
-#ifdef WC_C_DYNAMIC_FALLBACK
-#ifdef NEED_AES_TABLES
-        AesSetKey_C(aes, userKey, keylen, dir);
-#endif /* NEED_AES_TABLES */
-#endif /* WC_C_DYNAMIC_FALLBACK */
-
-    #ifdef WOLFSSL_AESNI
-
-       /* The dynamics for determining whether AES-NI will be used are tricky.
-        *
-        * First, we check for CPU support and cache the result -- if AES-NI is
-        * missing, we always shortcut to the AesSetKey_C() path.
-        *
-        * Second, if the CPU supports AES-NI, we confirm on a per-call basis
-        * that it's safe to use in the caller context, using
-        * SAVE_VECTOR_REGISTERS2().  This is an always-true no-op in user-space
-        * builds, but has substantive logic behind it in kernel module builds.
-        *
-        * The outcome when SAVE_VECTOR_REGISTERS2() fails depends on
-        * WC_C_DYNAMIC_FALLBACK -- if that's defined, we return immediately with
-        * success but with AES-NI disabled (the earlier AesSetKey_C() allows
-        * future encrypt/decrypt calls to succeed), otherwise we fail.
-        *
-        * Upon successful return, aes->use_aesni will have a zero value if
-        * AES-NI is disabled, and a nonzero value if it's enabled.
-        *
-        * An additional, optional semantic is available via
-        * WC_FLAG_DONT_USE_VECTOR_OPS, and is used in some kernel module builds
-        * to let the caller inhibit AES-NI.  When this macro is defined,
-        * wc_AesInit() before wc_AesSetKey() is imperative, to avoid a read of
-        * uninitialized data in aes->use_aesni.  That's why support for
-        * WC_FLAG_DONT_USE_VECTOR_OPS must remain optional -- wc_AesInit() was
-        * only added in release 3.11.0, so legacy applications inevitably call
-        * wc_AesSetKey() on uninitialized Aes contexts.  This must continue to
-        * function correctly with default build settings.
-        */
-
-        if (checkedAESNI == 0) {
-            haveAESNI  = Check_CPU_support_AES();
-            checkedAESNI = 1;
-        }
-        if (haveAESNI
-#if defined(WC_FLAG_DONT_USE_VECTOR_OPS) && !defined(WC_C_DYNAMIC_FALLBACK)
-            && (aes->use_aesni != WC_FLAG_DONT_USE_VECTOR_OPS)
-#endif
-            )
-        {
-#if defined(WC_FLAG_DONT_USE_VECTOR_OPS)
-            if (aes->use_aesni == WC_FLAG_DONT_USE_VECTOR_OPS) {
-                aes->use_aesni = 0;
-                return 0;
-            }
-#endif
-            aes->use_aesni = 0;
-            #ifdef WOLFSSL_KERNEL_MODE
-            /* runtime alignment check */
-            if ((wc_ptr_t)&aes->key & (wc_ptr_t)0xf) {
-                ret = BAD_ALIGN_E;
-            }
-            else
-            #endif /* WOLFSSL_KERNEL_MODE */
-            {
-                ret = SAVE_VECTOR_REGISTERS2();
-            }
-            if (ret == 0) {
-                if (dir == AES_ENCRYPTION)
-                    ret = AES_set_encrypt_key_AESNI(userKey, (int)keylen * 8, aes);
-#ifdef HAVE_AES_DECRYPT
-                else
-                    ret = AES_set_decrypt_key_AESNI(userKey, (int)keylen * 8, aes);
-#endif
-
-                RESTORE_VECTOR_REGISTERS();
-
-                if (ret == 0)
-                    aes->use_aesni = 1;
-                else {
-#ifdef WC_C_DYNAMIC_FALLBACK
-                    ret = 0;
-#endif
-                }
-                return ret;
-            } else {
-#ifdef WC_C_DYNAMIC_FALLBACK
-                return 0;
-#else
-                return ret;
-#endif
-            }
-        }
-        else {
-            aes->use_aesni = 0;
-#ifdef WC_C_DYNAMIC_FALLBACK
-            /* If WC_C_DYNAMIC_FALLBACK, we already called AesSetKey_C()
-             * above.
-             */
-            return 0;
-#endif
-        }
-    #endif /* WOLFSSL_AESNI */
-
-    #if defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-        !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        Check_CPU_support_HwCrypto(aes);
-        if (aes->use_aes_hw_crypto) {
-            AES_set_key_AARCH64(userKey, keylen, (byte*)aes->key, dir);
-            return 0;
-        }
-    #endif
-
-    #ifdef WOLFSSL_KCAPI_AES
-        XMEMCPY(aes->devKey, userKey, keylen);
-        if (aes->init != 0) {
-            kcapi_cipher_destroy(aes->handle);
-            aes->handle = NULL;
-            aes->init = 0;
-        }
-        (void)dir;
-    #endif
-
-        if (keylen > sizeof(aes->key)) {
-            return BAD_FUNC_ARG;
-        }
-#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-        return wc_psa_aes_set_key(aes, userKey, keylen, (uint8_t*)iv,
-                                  ((psa_algorithm_t)0), dir);
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-        /* wolfSSL HostCrypto in SE05x SDK can request to use SW crypto
-         * instead of SE05x crypto by setting useSWCrypt */
-        if (aes->useSWCrypt == 0) {
-            ret = se050_aes_set_key(aes, userKey, keylen, iv, dir);
-            if (ret == 0) {
-                ret = wc_AesSetIV(aes, iv);
-            }
-            return ret;
-        }
-#endif
-
-        XMEMCPY(aes->key, userKey, keylen);
-
-#ifndef WC_AES_BITSLICED
-    #if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
-        (!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES)) \
-        && !defined(MAX3266X_AES)
-
-        /* software */
-        ByteReverseWords(aes->key, aes->key, keylen);
-
-    #elif defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
-        if (wc_esp32AesSupportedKeyLen(aes)) {
-            /* supported lengths don't get reversed */
-            ESP_LOGV(TAG, "wc_AesSetKeyLocal (no ByteReverseWords)");
-        }
-        else {
-            word32* rk = aes->key;
-
-            /* For example, the ESP32-S3 does not support HW for len = 24,
-             * so fall back to SW */
-        #ifdef DEBUG_WOLFSSL
-            ESP_LOGW(TAG, "wc_AesSetKeyLocal ByteReverseWords");
-        #endif
-            XMEMCPY(rk, userKey, keylen);
-            /* When not ESP32 HW, we need to reverse endianness */
-            ByteReverseWords(rk, rk, keylen);
-        }
-    #endif
-
-    #ifdef WOLFSSL_IMXRT_DCP
-        {
-            /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
-            word32 temp = 0;
-            if (keylen == 16)
-                temp = DCPAesSetKey(aes, userKey, keylen, iv, dir);
-            if (temp != 0)
-                return WC_HW_E;
-        }
-    #endif
-#endif /* !WC_AES_BITSLICED */
-
-#ifdef NEED_AES_TABLES
-        AesSetKey_C(aes, userKey, keylen, dir);
-#endif /* NEED_AES_TABLES */
-
-#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-        XMEMCPY((byte*)aes->key, userKey, keylen);
-        if (WOLFSSL_SCE_GSCE_HANDLE.p_cfg->endian_flag == CRYPTO_WORD_ENDIAN_BIG) {
-            ByteReverseWords(aes->key, aes->key, 32);
-        }
-#endif
-
-    #if defined(WOLFSSL_DEVCRYPTO) && \
-        (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
-        aes->ctx.cfd = -1;
-    #endif
-    #ifdef WOLFSSL_IMX6_CAAM_BLOB
-        ForceZero(local, sizeof(local));
-    #endif
-        return ret;
-    } /* wc_AesSetKeyLocal */
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-            const byte* iv, int dir)
-    {
-        if (aes == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (keylen > sizeof(aes->key)) {
-            return BAD_FUNC_ARG;
-        }
-
-    /* sometimes hardware may not support all keylengths (e.g. ESP32-S3) */
-    #if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
-        ESP_LOGV(TAG, "wc_AesSetKey fallback check %d", keylen);
-        if (wc_esp32AesSupportedKeyLenValue(keylen)) {
-            ESP_LOGV(TAG, "wc_AesSetKey calling wc_AesSetKey_for_ESP32");
-            return wc_AesSetKey_for_ESP32(aes, userKey, keylen, iv, dir);
-        }
-        else {
-        #if  defined(WOLFSSL_HW_METRICS)
-            /* It is interesting to know how many times we could not complete
-             * AES in hardware due to unsupported lengths. */
-            wc_esp32AesUnupportedLengthCountAdd();
-        #endif
-        #ifdef DEBUG_WOLFSSL
-            ESP_LOGW(TAG, "wc_AesSetKey HW Fallback, unsupported keylen = %d",
-                           keylen);
-        #endif
-        }
-    #endif /* WOLFSSL_ESPIDF && NEED_AES_HW_FALLBACK */
-
-        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
-
-    } /* wc_AesSetKey() */
-#endif
-
-    #if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
-        /* AES-CTR and AES-DIRECT need to use this for key setup */
-        /* This function allows key sizes that are not 128/192/256 bits */
-    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                           const byte* iv, int dir)
-    {
-        if (aes == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (keylen > sizeof(aes->key)) {
-            return BAD_FUNC_ARG;
-        }
-
-        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 0);
-    }
-    #endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
-#endif /* wc_AesSetKey block */
-
-
-/* wc_AesSetIV is shared between software and hardware */
-int wc_AesSetIV(Aes* aes, const byte* iv)
-{
-    if (aes == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-    {
-        int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
-        if (ret < 0)
-            return ret;
-    }
-#endif
-
-    if (iv)
-        XMEMCPY(aes->reg, iv, WC_AES_BLOCK_SIZE);
-    else
-        XMEMSET(aes->reg,  0, WC_AES_BLOCK_SIZE);
-
-#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
-    defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS) || \
-    defined(WOLFSSL_AES_CTS)
-    /* Clear any unused bytes from last cipher op. */
-    aes->left = 0;
-#endif
-
-    return 0;
-}
-
-#ifdef WOLFSSL_AESNI
-
-#ifdef WC_C_DYNAMIC_FALLBACK
-
-#define VECTOR_REGISTERS_PUSH {                                      \
-        int orig_use_aesni = aes->use_aesni;                         \
-        if (aes->use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) {     \
-            aes->use_aesni = 0;                                      \
-        }                                                            \
-        WC_DO_NOTHING
-
-#define VECTOR_REGISTERS_POP                                         \
-        if (aes->use_aesni)                                          \
-            RESTORE_VECTOR_REGISTERS();                              \
-        else                                                         \
-            aes->use_aesni = orig_use_aesni;                         \
-    }                                                                \
-    WC_DO_NOTHING
-
-#elif defined(SAVE_VECTOR_REGISTERS2_DOES_NOTHING)
-
-#define VECTOR_REGISTERS_PUSH { \
-        WC_DO_NOTHING
-
-#define VECTOR_REGISTERS_POP                                         \
-    }                                                                \
-    WC_DO_NOTHING
-
-#else
-
-#define VECTOR_REGISTERS_PUSH { \
-        if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
-            return ret;                                                  \
-        }                                                                \
-        WC_DO_NOTHING
-
-#define VECTOR_REGISTERS_POP \
-        if (aes->use_aesni) {                                            \
-            RESTORE_VECTOR_REGISTERS();                                  \
-        }                                                                \
-    }                                                                    \
-    WC_DO_NOTHING
-
-#endif
-
-#else /* !WOLFSSL_AESNI */
-
-#define VECTOR_REGISTERS_PUSH { WC_DO_NOTHING
-#define VECTOR_REGISTERS_POP } WC_DO_NOTHING
-
-#endif /* !WOLFSSL_AESNI */
-
-
-/* AES-DIRECT */
-#if defined(WOLFSSL_AES_DIRECT)
-    #if defined(HAVE_COLDFIRE_SEC)
-        #error "Coldfire SEC doesn't yet support AES direct"
-
-    #elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
-        !defined(WOLFSSL_QNX_CAAM)
-        /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
-
-    #elif defined(WOLFSSL_AFALG)
-        /* implemented in wolfcrypt/src/port/af_alg/afalg_aes.c */
-
-    #elif defined(WOLFSSL_DEVCRYPTO_AES)
-        /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
-
-    #else
-
-        /* Allow direct access to one block encrypt */
-        int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
-        {
-            int ret;
-
-            if (aes == NULL)
-                return BAD_FUNC_ARG;
-            VECTOR_REGISTERS_PUSH;
-            ret = wc_AesEncrypt(aes, in, out);
-            VECTOR_REGISTERS_POP;
-            return ret;
-        }
-
-        /* vector reg save/restore is explicit in all below calls to
-         * wc_Aes{En,De}cryptDirect(), so bypass the public version with a
-         * macro.
-         */
-        #define wc_AesEncryptDirect(aes, out, in) wc_AesEncrypt(aes, in, out)
-
-        #ifdef HAVE_AES_DECRYPT
-        /* Allow direct access to one block decrypt */
-        int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
-        {
-            int ret;
-
-            if (aes == NULL)
-                return BAD_FUNC_ARG;
-            VECTOR_REGISTERS_PUSH;
-            ret = wc_AesDecrypt(aes, in, out);
-            VECTOR_REGISTERS_POP;
-            return ret;
-        }
-
-        #define wc_AesDecryptDirect(aes, out, in) wc_AesDecrypt(aes, in, out)
-
-        #endif /* HAVE_AES_DECRYPT */
-    #endif /* AES direct block */
-#endif /* WOLFSSL_AES_DIRECT */
-
-
-/* AES-CBC */
-#ifdef HAVE_AES_CBC
-#if defined(STM32_CRYPTO)
-
-#ifdef WOLFSSL_STM32U5_DHUK
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret = 0;
-        CRYP_HandleTypeDef hcryp;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-
-        if (aes->devId == WOLFSSL_STM32U5_DHUK_WRAPPED_DEVID) {
-            CRYP_ConfigTypeDef Config;
-
-            XMEMSET(&Config, 0, sizeof(Config));
-            ret = wc_Stm32_Aes_UnWrap(aes, &hcryp, (const byte*)aes->key, aes->keylen,
-                (const byte*)aes->dhukIV, aes->dhukIVLen);
-
-            /* reconfigure for using unwrapped key now */
-            HAL_CRYP_GetConfig(&hcryp, &Config);
-            Config.KeyMode   = CRYP_KEYMODE_NORMAL;
-            Config.KeySelect = CRYP_KEYSEL_NORMAL;
-            Config.Algorithm = CRYP_AES_CBC;
-            ByteReverseWords(aes->reg, aes->reg, WC_AES_BLOCK_SIZE);
-            Config.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-            HAL_CRYP_SetConfig(&hcryp, &Config);
-        }
-        else {
-            ret = wc_Stm32_Aes_Init(aes, &hcryp, 1);
-            if (ret != 0) {
-                wolfSSL_CryptHwMutexUnLock();
-                return ret;
-            }
-            hcryp.Init.Algorithm  = CRYP_AES_CBC;
-            ByteReverseWords(aes->reg, aes->reg, WC_AES_BLOCK_SIZE);
-            hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-            ret = HAL_CRYP_Init(&hcryp);
-        }
-
-        if (ret == HAL_OK) {
-            ret = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in, blocks * WC_AES_BLOCK_SIZE,
-                (uint32_t*)out, STM32_HAL_TIMEOUT);
-            if (ret != HAL_OK) {
-                ret = WC_TIMEOUT_E;
-            }
-
-            /* store iv for next call */
-            XMEMCPY(aes->reg, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        }
-
-        HAL_CRYP_DeInit(&hcryp);
-
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret = 0;
-        CRYP_HandleTypeDef hcryp;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-
-        if (aes->devId == WOLFSSL_STM32U5_DHUK_WRAPPED_DEVID) {
-            CRYP_ConfigTypeDef Config;
-
-            XMEMSET(&Config, 0, sizeof(Config));
-            ret = wc_Stm32_Aes_UnWrap(aes, &hcryp, (const byte*)aes->key, aes->keylen,
-                aes->dhukIV, aes->dhukIVLen);
-
-            /* reconfigure for using unwrapped key now */
-            HAL_CRYP_GetConfig(&hcryp, &Config);
-            Config.KeyMode   = CRYP_KEYMODE_NORMAL;
-            Config.KeySelect = CRYP_KEYSEL_NORMAL;
-            Config.Algorithm = CRYP_AES_CBC;
-            ByteReverseWords(aes->reg, aes->reg, WC_AES_BLOCK_SIZE);
-            Config.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-            HAL_CRYP_SetConfig(&hcryp, &Config);
-        }
-        else {
-            ret = wc_Stm32_Aes_Init(aes, &hcryp, 1);
-            if (ret != 0) {
-                wolfSSL_CryptHwMutexUnLock();
-                return ret;
-            }
-            hcryp.Init.Algorithm  = CRYP_AES_CBC;
-            ByteReverseWords(aes->reg, aes->reg, WC_AES_BLOCK_SIZE);
-            hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-            ret = HAL_CRYP_Init(&hcryp);
-        }
-
-        if (ret == HAL_OK) {
-            /* if input and output same will overwrite input iv */
-            XMEMCPY(aes->tmp, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-            ret = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)in, blocks * WC_AES_BLOCK_SIZE,
-                (uint32_t*)out, STM32_HAL_TIMEOUT);
-            if (ret != HAL_OK) {
-                ret = WC_TIMEOUT_E;
-            }
-
-            /* store iv for next call */
-            XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-        }
-
-        HAL_CRYP_DeInit(&hcryp);
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(WOLFSSL_STM32_CUBEMX)
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret = 0;
-        CRYP_HandleTypeDef hcryp;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-
-    #if defined(STM32_HAL_V2)
-        hcryp.Init.Algorithm  = CRYP_AES_CBC;
-        ByteReverseWords(aes->reg, aes->reg, WC_AES_BLOCK_SIZE);
-    #elif defined(STM32_CRYPTO_AES_ONLY)
-        hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
-        hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_CBC;
-        hcryp.Init.KeyWriteFlag  = CRYP_KEY_WRITE_ENABLE;
-    #endif
-        hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-        ret = HAL_CRYP_Init(&hcryp);
-
-        if (ret == HAL_OK) {
-        #if defined(STM32_HAL_V2)
-            ret = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in, blocks * WC_AES_BLOCK_SIZE,
-                (uint32_t*)out, STM32_HAL_TIMEOUT);
-        #elif defined(STM32_CRYPTO_AES_ONLY)
-            ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)in, blocks * WC_AES_BLOCK_SIZE,
-                out, STM32_HAL_TIMEOUT);
-        #else
-            ret = HAL_CRYP_AESCBC_Encrypt(&hcryp, (uint8_t*)in,
-                                        blocks * WC_AES_BLOCK_SIZE,
-                                        out, STM32_HAL_TIMEOUT);
-        #endif
-        }
-        if (ret != HAL_OK) {
-            ret = WC_TIMEOUT_E;
-        }
-
-        /* store iv for next call */
-        XMEMCPY(aes->reg, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-        HAL_CRYP_DeInit(&hcryp);
-
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret = 0;
-        CRYP_HandleTypeDef hcryp;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-
-        /* if input and output same will overwrite input iv */
-        XMEMCPY(aes->tmp, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-    #if defined(STM32_HAL_V2)
-        hcryp.Init.Algorithm  = CRYP_AES_CBC;
-        ByteReverseWords(aes->reg, aes->reg, WC_AES_BLOCK_SIZE);
-    #elif defined(STM32_CRYPTO_AES_ONLY)
-        hcryp.Init.OperatingMode = CRYP_ALGOMODE_KEYDERIVATION_DECRYPT;
-        hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_CBC;
-        hcryp.Init.KeyWriteFlag  = CRYP_KEY_WRITE_ENABLE;
-    #endif
-
-        hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-        ret = HAL_CRYP_Init(&hcryp);
-
-        if (ret == HAL_OK) {
-        #if defined(STM32_HAL_V2)
-            ret = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)in, blocks * WC_AES_BLOCK_SIZE,
-                (uint32_t*)out, STM32_HAL_TIMEOUT);
-        #elif defined(STM32_CRYPTO_AES_ONLY)
-            ret = HAL_CRYPEx_AES(&hcryp, (uint8_t*)in, blocks * WC_AES_BLOCK_SIZE,
-                out, STM32_HAL_TIMEOUT);
-        #else
-            ret = HAL_CRYP_AESCBC_Decrypt(&hcryp, (uint8_t*)in,
-                                        blocks * WC_AES_BLOCK_SIZE,
-                out, STM32_HAL_TIMEOUT);
-        #endif
-        }
-        if (ret != HAL_OK) {
-            ret = WC_TIMEOUT_E;
-        }
-
-        /* store iv for next call */
-        XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-
-        HAL_CRYP_DeInit(&hcryp);
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-#else /* Standard Peripheral Library */
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret;
-        word32 *iv;
-        CRYP_InitTypeDef cryptInit;
-        CRYP_KeyInitTypeDef keyInit;
-        CRYP_IVInitTypeDef ivInit;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-
-        /* reset registers to their default values */
-        CRYP_DeInit();
-
-        /* set key */
-        CRYP_KeyInit(&keyInit);
-
-        /* set iv */
-        iv = aes->reg;
-        CRYP_IVStructInit(&ivInit);
-        ByteReverseWords(iv, iv, WC_AES_BLOCK_SIZE);
-        ivInit.CRYP_IV0Left  = iv[0];
-        ivInit.CRYP_IV0Right = iv[1];
-        ivInit.CRYP_IV1Left  = iv[2];
-        ivInit.CRYP_IV1Right = iv[3];
-        CRYP_IVInit(&ivInit);
-
-        /* set direction and mode */
-        cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
-        cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC;
-        CRYP_Init(&cryptInit);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        while (blocks--) {
-            /* flush IN/OUT FIFOs */
-            CRYP_FIFOFlush();
-
-            CRYP_DataIn(*(uint32_t*)&in[0]);
-            CRYP_DataIn(*(uint32_t*)&in[4]);
-            CRYP_DataIn(*(uint32_t*)&in[8]);
-            CRYP_DataIn(*(uint32_t*)&in[12]);
-
-            /* wait until the complete message has been processed */
-            while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-            *(uint32_t*)&out[0]  = CRYP_DataOut();
-            *(uint32_t*)&out[4]  = CRYP_DataOut();
-            *(uint32_t*)&out[8]  = CRYP_DataOut();
-            *(uint32_t*)&out[12] = CRYP_DataOut();
-
-            /* store iv for next call */
-            XMEMCPY(aes->reg, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-            sz  -= WC_AES_BLOCK_SIZE;
-            in  += WC_AES_BLOCK_SIZE;
-            out += WC_AES_BLOCK_SIZE;
-        }
-
-        /* disable crypto processor */
-        CRYP_Cmd(DISABLE);
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret;
-        word32 *iv;
-        CRYP_InitTypeDef cryptInit;
-        CRYP_KeyInitTypeDef keyInit;
-        CRYP_IVInitTypeDef ivInit;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
-        if (ret != 0)
-            return ret;
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-
-        /* if input and output same will overwrite input iv */
-        XMEMCPY(aes->tmp, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-        /* reset registers to their default values */
-        CRYP_DeInit();
-
-        /* set direction and key */
-        CRYP_KeyInit(&keyInit);
-        cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
-        cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key;
-        CRYP_Init(&cryptInit);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        /* wait until key has been prepared */
-        while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-        /* set direction and mode */
-        cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
-        cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC;
-        CRYP_Init(&cryptInit);
-
-        /* set iv */
-        iv = aes->reg;
-        CRYP_IVStructInit(&ivInit);
-        ByteReverseWords(iv, iv, WC_AES_BLOCK_SIZE);
-        ivInit.CRYP_IV0Left  = iv[0];
-        ivInit.CRYP_IV0Right = iv[1];
-        ivInit.CRYP_IV1Left  = iv[2];
-        ivInit.CRYP_IV1Right = iv[3];
-        CRYP_IVInit(&ivInit);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        while (blocks--) {
-            /* flush IN/OUT FIFOs */
-            CRYP_FIFOFlush();
-
-            CRYP_DataIn(*(uint32_t*)&in[0]);
-            CRYP_DataIn(*(uint32_t*)&in[4]);
-            CRYP_DataIn(*(uint32_t*)&in[8]);
-            CRYP_DataIn(*(uint32_t*)&in[12]);
-
-            /* wait until the complete message has been processed */
-            while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-            *(uint32_t*)&out[0]  = CRYP_DataOut();
-            *(uint32_t*)&out[4]  = CRYP_DataOut();
-            *(uint32_t*)&out[8]  = CRYP_DataOut();
-            *(uint32_t*)&out[12] = CRYP_DataOut();
-
-            /* store iv for next call */
-            XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-
-            in  += WC_AES_BLOCK_SIZE;
-            out += WC_AES_BLOCK_SIZE;
-        }
-
-        /* disable crypto processor */
-        CRYP_Cmd(DISABLE);
-        wolfSSL_CryptHwMutexUnLock();
-        wc_Stm32_Aes_Cleanup();
-
-        return ret;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-#endif /* WOLFSSL_STM32_CUBEMX */
-
-#elif defined(HAVE_COLDFIRE_SEC)
-    static WARN_UNUSED_RESULT int wc_AesCbcCrypt(
-        Aes* aes, byte* po, const byte* pi, word32 sz, word32 descHeader)
-    {
-        #ifdef DEBUG_WOLFSSL
-            int i; int stat1, stat2; int ret;
-        #endif
-
-        int size;
-        volatile int v;
-
-        if ((pi == NULL) || (po == NULL))
-            return BAD_FUNC_ARG;    /*wrong pointer*/
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-
-        wc_LockMutex(&Mutex_AesSEC);
-
-        /* Set descriptor for SEC */
-        secDesc->length1 = 0x0;
-        secDesc->pointer1 = NULL;
-
-        secDesc->length2 = WC_AES_BLOCK_SIZE;
-        secDesc->pointer2 = (byte *)secReg; /* Initial Vector */
-
-        switch(aes->rounds) {
-            case 10: secDesc->length3 = 16; break;
-            case 12: secDesc->length3 = 24; break;
-            case 14: secDesc->length3 = 32; break;
-        }
-        XMEMCPY(secKey, aes->key, secDesc->length3);
-
-        secDesc->pointer3 = (byte *)secKey;
-        secDesc->pointer4 = AESBuffIn;
-        secDesc->pointer5 = AESBuffOut;
-        secDesc->length6 = 0x0;
-        secDesc->pointer6 = NULL;
-        secDesc->length7 = 0x0;
-        secDesc->pointer7 = NULL;
-        secDesc->nextDescriptorPtr = NULL;
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        size = AES_BUFFER_SIZE;
-#endif
-        while (sz) {
-            secDesc->header = descHeader;
-            XMEMCPY(secReg, aes->reg, WC_AES_BLOCK_SIZE);
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-            sz -= AES_BUFFER_SIZE;
-#else
-            if (sz < AES_BUFFER_SIZE) {
-                size = sz;
-                sz = 0;
-            } else {
-                size = AES_BUFFER_SIZE;
-                sz -= AES_BUFFER_SIZE;
-            }
-#endif
-
-            secDesc->length4 = size;
-            secDesc->length5 = size;
-
-            XMEMCPY(AESBuffIn, pi, size);
-            if(descHeader == SEC_DESC_AES_CBC_DECRYPT) {
-                XMEMCPY((void*)aes->tmp, (void*)&(pi[size-WC_AES_BLOCK_SIZE]),
-                        WC_AES_BLOCK_SIZE);
-            }
-
-            /* Point SEC to the location of the descriptor */
-            MCF_SEC_FR0 = (uint32)secDesc;
-            /* Initialize SEC and wait for encryption to complete */
-            MCF_SEC_CCCR0 = 0x0000001a;
-            /* poll SISR to determine when channel is complete */
-            v=0;
-
-            while ((secDesc->header>> 24) != 0xff) v++;
-
-            #ifdef DEBUG_WOLFSSL
-                ret = MCF_SEC_SISRH;
-                stat1 = MCF_SEC_AESSR;
-                stat2 = MCF_SEC_AESISR;
-                if (ret & 0xe0000000) {
-                    db_printf("Aes_Cbc(i=%d):ISRH=%08x, AESSR=%08x, "
-                              "AESISR=%08x\n", i, ret, stat1, stat2);
-                }
-            #endif
-
-            XMEMCPY(po, AESBuffOut, size);
-
-            if (descHeader == SEC_DESC_AES_CBC_ENCRYPT) {
-                XMEMCPY((void*)aes->reg, (void*)&(po[size-WC_AES_BLOCK_SIZE]),
-                        WC_AES_BLOCK_SIZE);
-            } else {
-                XMEMCPY((void*)aes->reg, (void*)aes->tmp, WC_AES_BLOCK_SIZE);
-            }
-
-            pi += size;
-            po += size;
-        }
-
-        wc_UnLockMutex(&Mutex_AesSEC);
-        return 0;
-    }
-
-    int wc_AesCbcEncrypt(Aes* aes, byte* po, const byte* pi, word32 sz)
-    {
-        return (wc_AesCbcCrypt(aes, po, pi, sz, SEC_DESC_AES_CBC_ENCRYPT));
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* po, const byte* pi, word32 sz)
-    {
-        return (wc_AesCbcCrypt(aes, po, pi, sz, SEC_DESC_AES_CBC_DECRYPT));
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(FREESCALE_LTC)
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        word32 keySize;
-        status_t status;
-        byte *iv, *enc_key;
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        iv      = (byte*)aes->reg;
-        enc_key = (byte*)aes->key;
-
-        status = wc_AesGetKeySize(aes, &keySize);
-        if (status != 0) {
-            return status;
-        }
-
-        status = wolfSSL_CryptHwMutexLock();
-        if (status != 0)
-            return status;
-        status = LTC_AES_EncryptCbc(LTC_BASE, in, out, blocks * WC_AES_BLOCK_SIZE,
-            iv, enc_key, keySize);
-        wolfSSL_CryptHwMutexUnLock();
-
-        /* store iv for next call */
-        if (status == kStatus_Success) {
-            XMEMCPY(iv, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        }
-
-        return (status == kStatus_Success) ? 0 : -1;
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        word32 keySize;
-        status_t status;
-        byte* iv, *dec_key;
-        byte temp_block[WC_AES_BLOCK_SIZE];
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        iv      = (byte*)aes->reg;
-        dec_key = (byte*)aes->key;
-
-        status = wc_AesGetKeySize(aes, &keySize);
-        if (status != 0) {
-            return status;
-        }
-
-        /* get IV for next call */
-        XMEMCPY(temp_block, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-        status = wolfSSL_CryptHwMutexLock();
-        if (status != 0)
-            return status;
-        status = LTC_AES_DecryptCbc(LTC_BASE, in, out, blocks * WC_AES_BLOCK_SIZE,
-            iv, dec_key, keySize, kLTC_EncryptKey);
-        wolfSSL_CryptHwMutexUnLock();
-
-        /* store IV for next call */
-        if (status == kStatus_Success) {
-            XMEMCPY(iv, temp_block, WC_AES_BLOCK_SIZE);
-        }
-
-        return (status == kStatus_Success) ? 0 : -1;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(FREESCALE_MMCAU)
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        byte *iv;
-        byte temp_block[WC_AES_BLOCK_SIZE];
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-        int ret;
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        iv = (byte*)aes->reg;
-
-        while (blocks--) {
-            XMEMCPY(temp_block, in + offset, WC_AES_BLOCK_SIZE);
-
-            /* XOR block with IV for CBC */
-            xorbuf(temp_block, iv, WC_AES_BLOCK_SIZE);
-
-            ret = wc_AesEncrypt(aes, temp_block, out + offset);
-            if (ret != 0)
-                return ret;
-
-            offset += WC_AES_BLOCK_SIZE;
-
-            /* store IV for next block */
-            XMEMCPY(iv, out + offset - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        }
-
-        return 0;
-    }
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret;
-        int offset = 0;
-        byte* iv;
-        byte temp_block[WC_AES_BLOCK_SIZE];
-        word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            return BAD_LENGTH_E;
-        }
-#endif
-        if (blocks == 0)
-            return 0;
-
-        iv = (byte*)aes->reg;
-
-        while (blocks--) {
-            XMEMCPY(temp_block, in + offset, WC_AES_BLOCK_SIZE);
-
-            ret = wc_AesDecrypt(aes, in + offset, out + offset);
-            if (ret != 0)
-                return ret;
-
-            /* XOR block with IV for CBC */
-            xorbuf(out + offset, iv, WC_AES_BLOCK_SIZE);
-
-            /* store IV for next block */
-            XMEMCPY(iv, temp_block, WC_AES_BLOCK_SIZE);
-
-            offset += WC_AES_BLOCK_SIZE;
-        }
-
-        return 0;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-#elif defined(MAX3266X_AES)
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        word32 keySize;
-        int status;
-        byte *iv;
-
-        if ((in == NULL) || (out == NULL) || (aes == NULL)) {
-            return BAD_FUNC_ARG;
-        }
-
-        /* Always enforce a length check */
-        if (sz % WC_AES_BLOCK_SIZE) {
-        #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-            return BAD_LENGTH_E;
-        #else
-            return BAD_FUNC_ARG;
-        #endif
-        }
-        if (sz == 0) {
-            return 0;
-        }
-
-        iv = (byte*)aes->reg;
-        status = wc_AesGetKeySize(aes, &keySize);
-        if (status != 0) {
-            return status;
-        }
-
-        status = wc_MXC_TPU_AesEncrypt(in, iv, (byte*)aes->key,
-                                        MXC_TPU_MODE_CBC, sz, out,
-                                        (unsigned int)keySize);
-        /* store iv for next call */
-        if (status == 0) {
-            XMEMCPY(iv, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        }
-        return (status == 0) ? 0 : -1;
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        word32 keySize;
-        int status;
-        byte *iv;
-        byte temp_block[WC_AES_BLOCK_SIZE];
-
-        if ((in == NULL) || (out == NULL) || (aes == NULL)) {
-            return BAD_FUNC_ARG;
-        }
-
-        /* Always enforce a length check */
-        if (sz % WC_AES_BLOCK_SIZE) {
-        #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-            return BAD_LENGTH_E;
-        #else
-            return BAD_FUNC_ARG;
-        #endif
-        }
-        if (sz == 0) {
-            return 0;
-        }
-
-        iv = (byte*)aes->reg;
-        status = wc_AesGetKeySize(aes, &keySize);
-        if (status != 0) {
-            return status;
-        }
-
-        /* get IV for next call */
-        XMEMCPY(temp_block, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        status = wc_MXC_TPU_AesDecrypt(in, iv, (byte*)aes->key,
-                                        MXC_TPU_MODE_CBC, sz, out,
-                                        keySize);
-
-        /* store iv for next call */
-        if (status == 0) {
-            XMEMCPY(iv, temp_block, WC_AES_BLOCK_SIZE);
-        }
-        return (status == 0) ? 0 : -1;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-
-
-
-#elif defined(WOLFSSL_PIC32MZ_CRYPT)
-
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret;
-
-        if (sz == 0)
-            return 0;
-
-        /* hardware fails on input that is not a multiple of AES block size */
-        if (sz % WC_AES_BLOCK_SIZE != 0) {
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-            return BAD_LENGTH_E;
-#else
-            return BAD_FUNC_ARG;
-#endif
-        }
-
-        ret = wc_Pic32AesCrypt(
-            aes->key, aes->keylen, aes->reg, WC_AES_BLOCK_SIZE,
-            out, in, sz, PIC32_ENCRYPTION,
-            PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCBC);
-
-        /* store iv for next call */
-        if (ret == 0) {
-            XMEMCPY(aes->reg, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        }
-
-        return ret;
-    }
-    #ifdef HAVE_AES_DECRYPT
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        int ret;
-        byte scratch[WC_AES_BLOCK_SIZE];
-
-        if (sz == 0)
-            return 0;
-
-        /* hardware fails on input that is not a multiple of AES block size */
-        if (sz % WC_AES_BLOCK_SIZE != 0) {
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-            return BAD_LENGTH_E;
-#else
-            return BAD_FUNC_ARG;
-#endif
-        }
-        XMEMCPY(scratch, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-        ret = wc_Pic32AesCrypt(
-            aes->key, aes->keylen, aes->reg, WC_AES_BLOCK_SIZE,
-            out, in, sz, PIC32_DECRYPTION,
-            PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCBC);
-
-        /* store iv for next call */
-        if (ret == 0) {
-            XMEMCPY((byte*)aes->reg, scratch, WC_AES_BLOCK_SIZE);
-        }
-
-        return ret;
-    }
-    #endif /* HAVE_AES_DECRYPT */
-#elif defined(WOLFSSL_ESP32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
-
-    /* We'll use SW for fall back:
-     *   unsupported key lengths
-     *   hardware busy */
-    #define NEED_SW_AESCBC
-    #define NEED_AESCBC_HW_FALLBACK
-
-#elif defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        return SaSi_AesBlock(&aes->ctx.user_ctx, (uint8_t*)in, sz, out);
-    }
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        return SaSi_AesBlock(&aes->ctx.user_ctx, (uint8_t*)in, sz, out);
-    }
-#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
-        !defined(WOLFSSL_QNX_CAAM)
-      /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
-
-#elif defined(WOLFSSL_AFALG)
-    /* implemented in wolfcrypt/src/port/af_alg/afalg_aes.c */
-
-#elif defined(WOLFSSL_KCAPI_AES) && !defined(WOLFSSL_NO_KCAPI_AES_CBC)
-    /* implemented in wolfcrypt/src/port/kcapi/kcapi_aes.c */
-
-#elif defined(WOLFSSL_DEVCRYPTO_CBC)
-    /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
-
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
-
-#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-    /* implemented in wolfcrypt/src/port/psa/psa_aes.c */
-
-#else
-    /* Reminder: Some HW implementations may also define this as needed.
-     * (e.g. for unsupported key length fallback)  */
-    #define NEED_SW_AESCBC
-#endif
-
-#ifdef NEED_SW_AESCBC
-    /* Software AES - CBC Encrypt */
-
-int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-        word32 blocks;
-        int ret;
-#endif
-
-        if (aes == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (sz == 0) {
-            return 0;
-        }
-
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-        blocks = sz / WC_AES_BLOCK_SIZE;
-#endif
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (sz % WC_AES_BLOCK_SIZE) {
-            WOLFSSL_ERROR_VERBOSE(BAD_LENGTH_E);
-            return BAD_LENGTH_E;
-        }
-#endif
-
-    #ifdef WOLFSSL_IMXRT_DCP
-        /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
-        if (aes->keylen == 16)
-            return DCPAesCbcEncrypt(aes, out, in, sz);
-    #endif
-
-    #ifdef WOLF_CRYPTO_CB
-        #ifndef WOLF_CRYPTO_CB_FIND
-        if (aes->devId != INVALID_DEVID)
-        #endif
-        {
-            int crypto_cb_ret = wc_CryptoCb_AesCbcEncrypt(aes, out, in, sz);
-            if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return crypto_cb_ret;
-            /* fall-through when unavailable */
-        }
-    #endif
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
-        /* if async and byte count above threshold */
-        if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
-                                                sz >= WC_ASYNC_THRESH_AES_CBC) {
-        #if defined(HAVE_CAVIUM)
-            return NitroxAesCbcEncrypt(aes, out, in, sz);
-        #elif defined(HAVE_INTEL_QA)
-            return IntelQaSymAesCbcEncrypt(&aes->asyncDev, out, in, sz,
-                (const byte*)aes->devKey, aes->keylen,
-                (byte*)aes->reg, WC_AES_BLOCK_SIZE);
-        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-            if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_ENCRYPT)) {
-                WC_ASYNC_SW* sw = &aes->asyncDev.sw;
-                sw->aes.aes = aes;
-                sw->aes.out = out;
-                sw->aes.in = in;
-                sw->aes.sz = sz;
-                return WC_PENDING_E;
-            }
-        #endif
-        }
-    #endif /* WOLFSSL_ASYNC_CRYPT */
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-        AES_CBC_encrypt_AARCH32(in, out, sz, (byte*)aes->reg, (byte*)aes->key,
-            (int)aes->rounds);
-#else
-        AES_CBC_encrypt(in, out, sz, (const unsigned char*)aes->key,
-            aes->rounds, (unsigned char*)aes->reg);
-#endif
-        return 0;
-#else
-    #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-        /* Implemented in wolfcrypt/src/port/nxp/se050_port.c */
-        if (aes->useSWCrypt == 0) {
-            return se050_aes_crypt(aes, in, out, sz, AES_ENCRYPTION,
-                                   kAlgorithm_SSS_AES_CBC);
-        }
-        else
-    #elif defined(WOLFSSL_ESPIDF) && defined(NEED_AESCBC_HW_FALLBACK)
-        if (wc_esp32AesSupportedKeyLen(aes)) {
-            ESP_LOGV(TAG, "wc_AesCbcEncrypt calling wc_esp32AesCbcEncrypt");
-            return wc_esp32AesCbcEncrypt(aes, out, in, sz);
-        }
-        else {
-            /* For example, the ESP32-S3 does not support HW for len = 24,
-             * so fall back to SW */
-        #ifdef DEBUG_WOLFSSL
-            ESP_LOGW(TAG, "wc_AesCbcEncrypt HW Falling back, "
-                          "unsupported keylen = %d", aes->keylen);
-        #endif
-        }
-    #elif defined(WOLFSSL_AESNI)
-        VECTOR_REGISTERS_PUSH;
-        if (aes->use_aesni) {
-            #ifdef DEBUG_AESNI
-                printf("about to aes cbc encrypt\n");
-                printf("in  = %p\n", in);
-                printf("out = %p\n", out);
-                printf("aes->key = %p\n", aes->key);
-                printf("aes->reg = %p\n", aes->reg);
-                printf("aes->rounds = %d\n", aes->rounds);
-                printf("sz = %d\n", sz);
-            #endif
-
-            /* check alignment, decrypt doesn't need alignment */
-            if ((wc_ptr_t)in % AESNI_ALIGN) {
-            #ifndef NO_WOLFSSL_ALLOC_ALIGN
-                byte* tmp = (byte*)XMALLOC(sz + WC_AES_BLOCK_SIZE + AESNI_ALIGN,
-                                            aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                byte* tmp_align;
-                if (tmp == NULL)
-                    ret = MEMORY_E;
-                else {
-                    tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
-                    XMEMCPY(tmp_align, in, sz);
-                    AES_CBC_encrypt_AESNI(tmp_align, tmp_align, (byte*)aes->reg, sz,
-                                          (byte*)aes->key, (int)aes->rounds);
-                    /* store iv for next call */
-                    XMEMCPY(aes->reg, tmp_align + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-                    XMEMCPY(out, tmp_align, sz);
-                    XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                    ret = 0;
-                }
-            #else
-                WOLFSSL_MSG("AES-CBC encrypt with bad alignment");
-                WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
-                ret = BAD_ALIGN_E;
-            #endif
-            } else {
-                AES_CBC_encrypt_AESNI(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
-                                      (int)aes->rounds);
-                /* store iv for next call */
-                XMEMCPY(aes->reg, out + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-                ret = 0;
-            }
-        }
-        else
-    #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        if (aes->use_aes_hw_crypto) {
-            AES_CBC_encrypt_AARCH64(in, out, sz, (byte*)aes->reg,
-                (byte*)aes->key, (int)aes->rounds);
-            ret = 0;
-        }
-        else
-    #endif
-        {
-            ret = 0;
-            while (blocks--) {
-                xorbuf((byte*)aes->reg, in, WC_AES_BLOCK_SIZE);
-                ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->reg);
-                if (ret != 0)
-                    break;
-                XMEMCPY(out, aes->reg, WC_AES_BLOCK_SIZE);
-
-                out += WC_AES_BLOCK_SIZE;
-                in  += WC_AES_BLOCK_SIZE;
-            }
-        }
-
-    #ifdef WOLFSSL_AESNI
-        VECTOR_REGISTERS_POP;
-    #endif
-
-        return ret;
-#endif
-    } /* wc_AesCbcEncrypt */
-
-#ifdef HAVE_AES_DECRYPT
-    /* Software AES - CBC Decrypt */
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-        word32 blocks;
-        int ret;
-#endif
-
-        if (aes == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (sz == 0) {
-            return 0;
-        }
-
-    #if defined(WOLFSSL_ESPIDF) && defined(NEED_AESCBC_HW_FALLBACK)
-        if (wc_esp32AesSupportedKeyLen(aes)) {
-            ESP_LOGV(TAG, "wc_AesCbcDecrypt calling wc_esp32AesCbcDecrypt");
-            return wc_esp32AesCbcDecrypt(aes, out, in, sz);
-        }
-        else {
-            /* For example, the ESP32-S3 does not support HW for len = 24,
-             * so fall back to SW */
-        #ifdef DEBUG_WOLFSSL
-            ESP_LOGW(TAG, "wc_AesCbcDecrypt HW Falling back, "
-                          "unsupported keylen = %d", aes->keylen);
-        #endif
-        }
-    #endif
-
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-        blocks = sz / WC_AES_BLOCK_SIZE;
-#endif
-        if (sz % WC_AES_BLOCK_SIZE) {
-#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-            return BAD_LENGTH_E;
-#else
-            return BAD_FUNC_ARG;
-#endif
-        }
-
-    #ifdef WOLFSSL_IMXRT_DCP
-        /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
-        if (aes->keylen == 16)
-            return DCPAesCbcDecrypt(aes, out, in, sz);
-    #endif
-
-    #ifdef WOLF_CRYPTO_CB
-        #ifndef WOLF_CRYPTO_CB_FIND
-        if (aes->devId != INVALID_DEVID)
-        #endif
-        {
-            int crypto_cb_ret = wc_CryptoCb_AesCbcDecrypt(aes, out, in, sz);
-            if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return crypto_cb_ret;
-            /* fall-through when unavailable */
-        }
-    #endif
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
-        /* if async and byte count above threshold */
-        if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
-                                                sz >= WC_ASYNC_THRESH_AES_CBC) {
-        #if defined(HAVE_CAVIUM)
-            return NitroxAesCbcDecrypt(aes, out, in, sz);
-        #elif defined(HAVE_INTEL_QA)
-            return IntelQaSymAesCbcDecrypt(&aes->asyncDev, out, in, sz,
-                (const byte*)aes->devKey, aes->keylen,
-                (byte*)aes->reg, WC_AES_BLOCK_SIZE);
-        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-            if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_DECRYPT)) {
-                WC_ASYNC_SW* sw = &aes->asyncDev.sw;
-                sw->aes.aes = aes;
-                sw->aes.out = out;
-                sw->aes.in = in;
-                sw->aes.sz = sz;
-                return WC_PENDING_E;
-            }
-        #endif
-        }
-    #endif
-
-    #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-        /* Implemented in wolfcrypt/src/port/nxp/se050_port.c */
-        if (aes->useSWCrypt == 0) {
-            return se050_aes_crypt(aes, in, out, sz, AES_DECRYPTION,
-                                   kAlgorithm_SSS_AES_CBC);
-        }
-    #endif
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-        AES_CBC_decrypt_AARCH32(in, out, sz, (byte*)aes->reg, (byte*)aes->key,
-            (int)aes->rounds);
-#else
-        AES_CBC_decrypt(in, out, sz, (const unsigned char*)aes->key,
-            aes->rounds, (unsigned char*)aes->reg);
-#endif
-        return 0;
-#else
-        VECTOR_REGISTERS_PUSH;
-
-    #ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            #ifdef DEBUG_AESNI
-                printf("about to aes cbc decrypt\n");
-                printf("in  = %p\n", in);
-                printf("out = %p\n", out);
-                printf("aes->key = %p\n", aes->key);
-                printf("aes->reg = %p\n", aes->reg);
-                printf("aes->rounds = %d\n", aes->rounds);
-                printf("sz = %d\n", sz);
-            #endif
-
-            /* if input and output same will overwrite input iv */
-            XMEMCPY(aes->tmp, in + sz - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-            #if defined(WOLFSSL_AESNI_BY4) || defined(WOLFSSL_X86_BUILD)
-            AES_CBC_decrypt_AESNI_by4(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
-                            aes->rounds);
-            #elif defined(WOLFSSL_AESNI_BY6)
-            AES_CBC_decrypt_AESNI_by6(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
-                            aes->rounds);
-            #else /* WOLFSSL_AESNI_BYx */
-            AES_CBC_decrypt_AESNI_by8(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
-                            (int)aes->rounds);
-            #endif /* WOLFSSL_AESNI_BYx */
-            /* store iv for next call */
-            XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-            ret = 0;
-        }
-        else
-    #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        if (aes->use_aes_hw_crypto) {
-            AES_CBC_decrypt_AARCH64(in, out, sz, (byte*)aes->reg,
-                (byte*)aes->key, (int)aes->rounds);
-            ret = 0;
-        }
-        else
-    #endif
-        {
-            ret = 0;
-#ifdef WC_AES_BITSLICED
-            if (in != out) {
-                unsigned char dec[WC_AES_BLOCK_SIZE * BS_WORD_SIZE];
-
-                while (blocks > BS_WORD_SIZE) {
-                    AesDecryptBlocks_C(aes, in, dec, WC_AES_BLOCK_SIZE * BS_WORD_SIZE);
-                    xorbufout(out, dec, aes->reg, WC_AES_BLOCK_SIZE);
-                    xorbufout(out + WC_AES_BLOCK_SIZE, dec + WC_AES_BLOCK_SIZE, in,
-                              WC_AES_BLOCK_SIZE * (BS_WORD_SIZE - 1));
-                    XMEMCPY(aes->reg, in + (WC_AES_BLOCK_SIZE * (BS_WORD_SIZE - 1)),
-                            WC_AES_BLOCK_SIZE);
-                    in += WC_AES_BLOCK_SIZE * BS_WORD_SIZE;
-                    out += WC_AES_BLOCK_SIZE * BS_WORD_SIZE;
-                    blocks -= BS_WORD_SIZE;
-                }
-                if (blocks > 0) {
-                    AesDecryptBlocks_C(aes, in, dec, blocks * WC_AES_BLOCK_SIZE);
-                    xorbufout(out, dec, aes->reg, WC_AES_BLOCK_SIZE);
-                    xorbufout(out + WC_AES_BLOCK_SIZE, dec + WC_AES_BLOCK_SIZE, in,
-                              WC_AES_BLOCK_SIZE * (blocks - 1));
-                    XMEMCPY(aes->reg, in + (WC_AES_BLOCK_SIZE * (blocks - 1)),
-                            WC_AES_BLOCK_SIZE);
-                    blocks = 0;
-                }
-            }
-            else {
-                unsigned char dec[WC_AES_BLOCK_SIZE * BS_WORD_SIZE];
-                int i;
-
-                while (blocks > BS_WORD_SIZE) {
-                    AesDecryptBlocks_C(aes, in, dec, WC_AES_BLOCK_SIZE * BS_WORD_SIZE);
-                    XMEMCPY(aes->tmp, in + (BS_WORD_SIZE - 1) * WC_AES_BLOCK_SIZE,
-                            WC_AES_BLOCK_SIZE);
-                    for (i = BS_WORD_SIZE-1; i >= 1; i--) {
-                        xorbufout(out + i * WC_AES_BLOCK_SIZE,
-                                  dec + i * WC_AES_BLOCK_SIZE, in + (i - 1) * WC_AES_BLOCK_SIZE,
-                                  WC_AES_BLOCK_SIZE);
-                    }
-                    xorbufout(out, dec, aes->reg, WC_AES_BLOCK_SIZE);
-                    XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-
-                    in += WC_AES_BLOCK_SIZE * BS_WORD_SIZE;
-                    out += WC_AES_BLOCK_SIZE * BS_WORD_SIZE;
-                    blocks -= BS_WORD_SIZE;
-                }
-                if (blocks > 0) {
-                    AesDecryptBlocks_C(aes, in, dec, blocks * WC_AES_BLOCK_SIZE);
-                    XMEMCPY(aes->tmp, in + (blocks - 1) * WC_AES_BLOCK_SIZE,
-                            WC_AES_BLOCK_SIZE);
-                    for (i = blocks-1; i >= 1; i--) {
-                        xorbufout(out + i * WC_AES_BLOCK_SIZE,
-                                  dec + i * WC_AES_BLOCK_SIZE, in + (i - 1) * WC_AES_BLOCK_SIZE,
-                                  WC_AES_BLOCK_SIZE);
-                    }
-                    xorbufout(out, dec, aes->reg, WC_AES_BLOCK_SIZE);
-                    XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-
-                    blocks = 0;
-                }
-            }
-#else
-            while (blocks--) {
-                XMEMCPY(aes->tmp, in, WC_AES_BLOCK_SIZE);
-                ret = wc_AesDecrypt(aes, in, out);
-                if (ret != 0)
-                    return ret;
-                xorbuf(out, (byte*)aes->reg, WC_AES_BLOCK_SIZE);
-                /* store iv for next call */
-                XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-
-                out += WC_AES_BLOCK_SIZE;
-                in  += WC_AES_BLOCK_SIZE;
-            }
-#endif
-        }
-
-        VECTOR_REGISTERS_POP;
-
-        return ret;
-#endif
-    }
-#endif /* HAVE_AES_DECRYPT */
-
-#endif /* AES-CBC block */
-#endif /* HAVE_AES_CBC */
-
-/* AES-CTR */
-#if defined(WOLFSSL_AES_COUNTER)
-
-    #ifdef STM32_CRYPTO
-        #define NEED_AES_CTR_SOFT
-        #define XTRANSFORM_AESCTRBLOCK wc_AesCtrEncryptBlock
-
-        int wc_AesCtrEncryptBlock(Aes* aes, byte* out, const byte* in)
-        {
-            int ret = 0;
-        #ifdef WOLFSSL_STM32_CUBEMX
-            CRYP_HandleTypeDef hcryp;
-            #ifdef STM32_HAL_V2
-            word32 iv[WC_AES_BLOCK_SIZE/sizeof(word32)];
-            #endif
-        #else
-            word32 *iv;
-            CRYP_InitTypeDef cryptInit;
-            CRYP_KeyInitTypeDef keyInit;
-            CRYP_IVInitTypeDef ivInit;
-        #endif
-
-        #ifdef WOLFSSL_STM32_CUBEMX
-            ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-            if (ret != 0) {
-                return ret;
-            }
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if (ret != 0) {
-                return ret;
-            }
-
-        #if defined(STM32_HAL_V2)
-            hcryp.Init.Algorithm  = CRYP_AES_CTR;
-            ByteReverseWords(iv, aes->reg, WC_AES_BLOCK_SIZE);
-            hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)iv;
-        #elif defined(STM32_CRYPTO_AES_ONLY)
-            hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
-            hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_CTR;
-            hcryp.Init.KeyWriteFlag  = CRYP_KEY_WRITE_ENABLE;
-            hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-        #else
-            hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)aes->reg;
-        #endif
-            HAL_CRYP_Init(&hcryp);
-
-        #if defined(STM32_HAL_V2)
-            ret = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in, WC_AES_BLOCK_SIZE,
-                (uint32_t*)out, STM32_HAL_TIMEOUT);
-        #elif defined(STM32_CRYPTO_AES_ONLY)
-            ret = HAL_CRYPEx_AES(&hcryp, (byte*)in, WC_AES_BLOCK_SIZE,
-                out, STM32_HAL_TIMEOUT);
-        #else
-            ret = HAL_CRYP_AESCTR_Encrypt(&hcryp, (byte*)in, WC_AES_BLOCK_SIZE,
-                out, STM32_HAL_TIMEOUT);
-        #endif
-            if (ret != HAL_OK) {
-                ret = WC_TIMEOUT_E;
-            }
-            HAL_CRYP_DeInit(&hcryp);
-
-        #else /* Standard Peripheral Library */
-            ret = wc_Stm32_Aes_Init(aes, &cryptInit, &keyInit);
-            if (ret != 0) {
-                return ret;
-            }
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if (ret != 0) {
-                return ret;
-            }
-
-            /* reset registers to their default values */
-            CRYP_DeInit();
-
-            /* set key */
-            CRYP_KeyInit(&keyInit);
-
-            /* set iv */
-            iv = aes->reg;
-            CRYP_IVStructInit(&ivInit);
-            ivInit.CRYP_IV0Left  = ByteReverseWord32(iv[0]);
-            ivInit.CRYP_IV0Right = ByteReverseWord32(iv[1]);
-            ivInit.CRYP_IV1Left  = ByteReverseWord32(iv[2]);
-            ivInit.CRYP_IV1Right = ByteReverseWord32(iv[3]);
-            CRYP_IVInit(&ivInit);
-
-            /* set direction and mode */
-            cryptInit.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
-            cryptInit.CRYP_AlgoMode = CRYP_AlgoMode_AES_CTR;
-            CRYP_Init(&cryptInit);
-
-            /* enable crypto processor */
-            CRYP_Cmd(ENABLE);
-
-            /* flush IN/OUT FIFOs */
-            CRYP_FIFOFlush();
-
-            CRYP_DataIn(*(uint32_t*)&in[0]);
-            CRYP_DataIn(*(uint32_t*)&in[4]);
-            CRYP_DataIn(*(uint32_t*)&in[8]);
-            CRYP_DataIn(*(uint32_t*)&in[12]);
-
-            /* wait until the complete message has been processed */
-            while (CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-            *(uint32_t*)&out[0]  = CRYP_DataOut();
-            *(uint32_t*)&out[4]  = CRYP_DataOut();
-            *(uint32_t*)&out[8]  = CRYP_DataOut();
-            *(uint32_t*)&out[12] = CRYP_DataOut();
-
-            /* disable crypto processor */
-            CRYP_Cmd(DISABLE);
-        #endif /* WOLFSSL_STM32_CUBEMX */
-
-            wolfSSL_CryptHwMutexUnLock();
-            wc_Stm32_Aes_Cleanup();
-            return ret;
-        }
-
-
-    #elif defined(WOLFSSL_PIC32MZ_CRYPT)
-
-        #define NEED_AES_CTR_SOFT
-        #define XTRANSFORM_AESCTRBLOCK wc_AesCtrEncryptBlock
-
-        int wc_AesCtrEncryptBlock(Aes* aes, byte* out, const byte* in)
-        {
-            word32 tmpIv[WC_AES_BLOCK_SIZE / sizeof(word32)];
-            XMEMCPY(tmpIv, aes->reg, WC_AES_BLOCK_SIZE);
-            return wc_Pic32AesCrypt(
-                aes->key, aes->keylen, tmpIv, WC_AES_BLOCK_SIZE,
-                out, in, WC_AES_BLOCK_SIZE,
-                PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCTR);
-        }
-
-    #elif defined(HAVE_COLDFIRE_SEC)
-        #error "Coldfire SEC doesn't currently support AES-CTR mode"
-
-    #elif defined(FREESCALE_LTC)
-        int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-        {
-            int ret = 0;
-            word32 keySize;
-            byte *iv, *enc_key;
-            byte* tmp;
-
-            if (aes == NULL || out == NULL || in == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            /* consume any unused bytes left in aes->tmp */
-            tmp = (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left;
-            while (aes->left && sz) {
-                *(out++) = *(in++) ^ *(tmp++);
-                aes->left--;
-                sz--;
-            }
-
-            if (sz) {
-                iv      = (byte*)aes->reg;
-                enc_key = (byte*)aes->key;
-
-                ret = wc_AesGetKeySize(aes, &keySize);
-                if (ret != 0)
-                    return ret;
-
-                ret = wolfSSL_CryptHwMutexLock();
-                if (ret != 0)
-                    return ret;
-                LTC_AES_CryptCtr(LTC_BASE, in, out, sz,
-                    iv, enc_key, keySize, (byte*)aes->tmp,
-                    (uint32_t*)&aes->left);
-                wolfSSL_CryptHwMutexUnLock();
-            }
-
-            return ret;
-        }
-
-    #elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
-        !defined(WOLFSSL_QNX_CAAM)
-        /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
-
-    #elif defined(WOLFSSL_AFALG)
-        /* implemented in wolfcrypt/src/port/af_alg/afalg_aes.c */
-
-    #elif defined(WOLFSSL_DEVCRYPTO_AES)
-        /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
-
-    #elif defined(WOLFSSL_ESP32_CRYPT) && \
-        !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
-        /* esp32 doesn't support CRT mode by hw.     */
-        /* use aes ecnryption plus sw implementation */
-        #define NEED_AES_CTR_SOFT
-
-    #elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-    /* implemented in wolfcrypt/src/port/psa/psa_aes.c */
-    #else
-
-        /* Use software based AES counter */
-        #define NEED_AES_CTR_SOFT
-    #endif
-
-    #ifdef NEED_AES_CTR_SOFT
-    #if !(!defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
-        /* Increment AES counter */
-        static WC_INLINE void IncrementAesCounter(byte* inOutCtr)
-        {
-            /* in network byte order so start at end and work back */
-            int i;
-            for (i = WC_AES_BLOCK_SIZE - 1; i >= 0; i--) {
-                if (++inOutCtr[i])  /* we're done unless we overflow */
-                    return;
-            }
-        }
-    #endif
-
-        /* Software AES - CTR Encrypt */
-        int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-        {
-    #if !(!defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
-            byte scratch[WC_AES_BLOCK_SIZE];
-    #endif
-    #if defined(__aarch64__) || !defined(WOLFSSL_ARMASM)
-            int ret = 0;
-    #endif
-            word32 processed;
-
-    #if !(!defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO))
-            XMEMSET(scratch, 0, sizeof(scratch));
-    #endif
-
-            if (aes == NULL || out == NULL || in == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-        #ifdef WOLF_CRYPTO_CB
-            #ifndef WOLF_CRYPTO_CB_FIND
-            if (aes->devId != INVALID_DEVID)
-            #endif
-            {
-                int crypto_cb_ret = wc_CryptoCb_AesCtrEncrypt(aes, out, in, sz);
-                if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                    return crypto_cb_ret;
-                /* fall-through when unavailable */
-            }
-        #endif
-
-            /* consume any unused bytes left in aes->tmp */
-            processed = min(aes->left, sz);
-            xorbufout(out, in, (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left,
-                      processed);
-            out += processed;
-            in += processed;
-            aes->left -= processed;
-            sz -= processed;
-
-    #if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-    #ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-            AES_CTR_encrypt_AARCH32(in, out, sz, (byte*)aes->reg,
-                (byte*)aes->key, (byte*)aes->tmp, &aes->left, aes->rounds);
-    #else
-            {
-                word32 numBlocks;
-                byte* tmp = (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left;
-                /* consume any unused bytes left in aes->tmp */
-                while ((aes->left != 0) && (sz != 0)) {
-                   *(out++) = *(in++) ^ *(tmp++);
-                   aes->left--;
-                   sz--;
-                }
-
-                /* do as many block size ops as possible */
-                numBlocks = sz / WC_AES_BLOCK_SIZE;
-                if (numBlocks > 0) {
-                    AES_CTR_encrypt(in, out, numBlocks * WC_AES_BLOCK_SIZE,
-                        (byte*)aes->key, aes->rounds, (byte*)aes->reg);
-
-                    sz  -= numBlocks * WC_AES_BLOCK_SIZE;
-                    out += numBlocks * WC_AES_BLOCK_SIZE;
-                    in  += numBlocks * WC_AES_BLOCK_SIZE;
-                }
-
-                /* handle non block size remaining */
-                if (sz) {
-                    byte zeros[WC_AES_BLOCK_SIZE] = { 0, 0, 0, 0, 0, 0, 0, 0,
-                                                      0, 0, 0, 0, 0, 0, 0, 0 };
-
-                    AES_CTR_encrypt(zeros, (byte*)aes->tmp, WC_AES_BLOCK_SIZE,
-                        (byte*)aes->key, aes->rounds, (byte*)aes->reg);
-
-                    aes->left = WC_AES_BLOCK_SIZE;
-                    tmp = (byte*)aes->tmp;
-
-                    while (sz--) {
-                        *(out++) = *(in++) ^ *(tmp++);
-                        aes->left--;
-                    }
-                }
-            }
-        #endif
-            return 0;
-    #else
-        #if defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-            !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-            if (aes->use_aes_hw_crypto) {
-                AES_CTR_encrypt_AARCH64(in, out, sz, (byte*)aes->reg,
-                    (byte*)aes->key, (byte*)aes->tmp, &aes->left, aes->rounds);
-                return 0;
-            }
-        #endif
-
-            VECTOR_REGISTERS_PUSH;
-
-        #if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
-            !defined(XTRANSFORM_AESCTRBLOCK)
-            if (in != out && sz >= WC_AES_BLOCK_SIZE) {
-                word32 blocks = sz / WC_AES_BLOCK_SIZE;
-                byte* counter = (byte*)aes->reg;
-                byte* c = out;
-                while (blocks--) {
-                    XMEMCPY(c, counter, WC_AES_BLOCK_SIZE);
-                    c += WC_AES_BLOCK_SIZE;
-                    IncrementAesCounter(counter);
-                }
-
-                /* reset number of blocks and then do encryption */
-                blocks = sz / WC_AES_BLOCK_SIZE;
-                wc_AesEcbEncrypt(aes, out, out, WC_AES_BLOCK_SIZE * blocks);
-                xorbuf(out, in, WC_AES_BLOCK_SIZE * blocks);
-                in += WC_AES_BLOCK_SIZE * blocks;
-                out += WC_AES_BLOCK_SIZE * blocks;
-                sz -= blocks * WC_AES_BLOCK_SIZE;
-            }
-            else
-        #endif
-            {
-            #ifdef WOLFSSL_CHECK_MEM_ZERO
-                wc_MemZero_Add("wc_AesCtrEncrypt scratch", scratch,
-                    WC_AES_BLOCK_SIZE);
-            #endif
-                /* do as many block size ops as possible */
-                while (sz >= WC_AES_BLOCK_SIZE) {
-                #ifdef XTRANSFORM_AESCTRBLOCK
-                    XTRANSFORM_AESCTRBLOCK(aes, out, in);
-                #else
-                    ret = wc_AesEncrypt(aes, (byte*)aes->reg, scratch);
-                    if (ret != 0)
-                        break;
-                    xorbuf(scratch, in, WC_AES_BLOCK_SIZE);
-                    XMEMCPY(out, scratch, WC_AES_BLOCK_SIZE);
-                #endif
-                    IncrementAesCounter((byte*)aes->reg);
-
-                    out += WC_AES_BLOCK_SIZE;
-                    in  += WC_AES_BLOCK_SIZE;
-                    sz  -= WC_AES_BLOCK_SIZE;
-                    aes->left = 0;
-                }
-                ForceZero(scratch, WC_AES_BLOCK_SIZE);
-            }
-
-            /* handle non block size remaining and store unused byte count in left */
-            if ((ret == 0) && sz) {
-                ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp);
-                if (ret == 0) {
-                    IncrementAesCounter((byte*)aes->reg);
-                    aes->left = WC_AES_BLOCK_SIZE - sz;
-                    xorbufout(out, in, aes->tmp, sz);
-                }
-            }
-
-            if (ret < 0)
-                ForceZero(scratch, WC_AES_BLOCK_SIZE);
-
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(scratch, WC_AES_BLOCK_SIZE);
-        #endif
-
-            VECTOR_REGISTERS_POP;
-
-            return ret;
-    #endif
-        }
-
-        int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
-                                        const byte* iv, int dir)
-        {
-            if (aes == NULL) {
-                return BAD_FUNC_ARG;
-            }
-            if (len > sizeof(aes->key)) {
-                return BAD_FUNC_ARG;
-            }
-
-            return wc_AesSetKey(aes, key, len, iv, dir);
-        }
-
-    #endif /* NEED_AES_CTR_SOFT */
-
-#endif /* WOLFSSL_AES_COUNTER */
-#endif /* !WOLFSSL_RISCV_ASM */
-
-
-/*
- * The IV for AES GCM and CCM, stored in struct Aes's member reg, is comprised
- * of two parts in order:
- *   1. The fixed field which may be 0 or 4 bytes long. In TLS, this is set
- *      to the implicit IV.
- *   2. The explicit IV is generated by wolfCrypt. It needs to be managed
- *      by wolfCrypt to ensure the IV is unique for each call to encrypt.
- * The IV may be a 96-bit random value, or the 32-bit fixed value and a
- * 64-bit set of 0 or random data. The final 32-bits of reg is used as a
- * block counter during the encryption.
- */
-
-#if (defined(HAVE_AESGCM) && !defined(WC_NO_RNG)) || defined(HAVE_AESCCM)
-static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
-{
-    int i;
-    for (i = (int)ctrSz - 1; i >= 0; i--) {
-        if (++ctr[i])
-            break;
-    }
-}
-#endif /* HAVE_AESGCM || HAVE_AESCCM */
-
-
-#ifdef HAVE_AESGCM
-
-#ifdef WOLFSSL_AESGCM_STREAM
-    /* Access initialization counter data. */
-    #define AES_INITCTR(aes)        ((aes)->streamData + 0 * WC_AES_BLOCK_SIZE)
-    /* Access counter data. */
-    #define AES_COUNTER(aes)        ((aes)->streamData + 1 * WC_AES_BLOCK_SIZE)
-    /* Access tag data. */
-    #define AES_TAG(aes)            ((aes)->streamData + 2 * WC_AES_BLOCK_SIZE)
-    /* Access last GHASH block. */
-    #define AES_LASTGBLOCK(aes)     ((aes)->streamData + 3 * WC_AES_BLOCK_SIZE)
-    /* Access last encrypted block. */
-    #define AES_LASTBLOCK(aes)      ((aes)->streamData + 4 * WC_AES_BLOCK_SIZE)
-
-    #define GHASH_ONE_BLOCK     GHASH_ONE_BLOCK_SW
-#endif
-
-#if defined(HAVE_COLDFIRE_SEC)
-    #error "Coldfire SEC doesn't currently support AES-GCM mode"
-
-#endif
-
-#if defined(WOLFSSL_RISCV_ASM)
-    /* implemented in wolfcrypt/src/port/risc-v/riscv-64-aes.c */
-
-#elif defined(WOLFSSL_AFALG)
-    /* implemented in wolfcrypt/src/port/afalg/afalg_aes.c */
-
-#elif defined(WOLFSSL_KCAPI_AES)
-    /* implemented in wolfcrypt/src/port/kcapi/kcapi_aes.c */
-
-#elif defined(WOLFSSL_DEVCRYPTO_AES)
-    /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
-
-#else /* software + AESNI implementation */
-
-#if !defined(FREESCALE_LTC_AES_GCM)
-static WC_INLINE void IncrementGcmCounter(byte* inOutCtr)
-{
-    int i;
-
-    /* in network byte order so start at end and work back */
-    for (i = WC_AES_BLOCK_SIZE - 1; i >= WC_AES_BLOCK_SIZE - CTR_SZ; i--) {
-        if (++inOutCtr[i])  /* we're done unless we overflow */
-            return;
-    }
-}
-#endif /* !FREESCALE_LTC_AES_GCM */
-
-#if !defined(WOLFSSL_ARMASM) || defined(__aarch64__) || \
-    defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-#if defined(GCM_SMALL) || defined(GCM_TABLE) || defined(GCM_TABLE_4BIT)
-
-static WC_INLINE void FlattenSzInBits(byte* buf, word32 sz)
-{
-    /* Multiply the sz by 8 */
-    word32 szHi = (sz >> (8*sizeof(sz) - 3));
-    sz <<= 3;
-
-    /* copy over the words of the sz into the destination buffer */
-    buf[0] = (byte)(szHi >> 24);
-    buf[1] = (byte)(szHi >> 16);
-    buf[2] = (byte)(szHi >>  8);
-    buf[3] = (byte)szHi;
-    buf[4] = (byte)(sz >> 24);
-    buf[5] = (byte)(sz >> 16);
-    buf[6] = (byte)(sz >>  8);
-    buf[7] = (byte)sz;
-}
-
-
-static WC_INLINE void RIGHTSHIFTX(byte* x)
-{
-    int i;
-    int carryIn = 0;
-    volatile byte borrow = (byte)((0x00U - (x[15] & 0x01U)) & 0xE1U);
-
-    for (i = 0; i < WC_AES_BLOCK_SIZE; i++) {
-        int carryOut = (x[i] & 0x01) << 7;
-        x[i] = (byte) ((x[i] >> 1) | carryIn);
-        carryIn = carryOut;
-    }
-    x[0] ^= borrow;
-}
-
-#endif /* defined(GCM_SMALL) || defined(GCM_TABLE) || defined(GCM_TABLE_4BIT) */
-
-
-#ifdef GCM_TABLE
-
-void GenerateM0(Gcm* gcm)
-{
-    int i, j;
-    byte (*m)[WC_AES_BLOCK_SIZE] = gcm->M0;
-
-    XMEMCPY(m[128], gcm->H, WC_AES_BLOCK_SIZE);
-
-    for (i = 64; i > 0; i /= 2) {
-        XMEMCPY(m[i], m[i*2], WC_AES_BLOCK_SIZE);
-        RIGHTSHIFTX(m[i]);
-    }
-
-    for (i = 2; i < 256; i *= 2) {
-        for (j = 1; j < i; j++) {
-            XMEMCPY(m[i+j], m[i], WC_AES_BLOCK_SIZE);
-            xorbuf(m[i+j], m[j], WC_AES_BLOCK_SIZE);
-        }
-    }
-
-    XMEMSET(m[0], 0, WC_AES_BLOCK_SIZE);
-}
-
-#elif defined(GCM_TABLE_4BIT)
-
-#if !defined(BIG_ENDIAN_ORDER) && !defined(WC_16BIT_CPU)
-static WC_INLINE void Shift4_M0(byte *r8, byte *z8)
-{
-    int i;
-    for (i = 15; i > 0; i--)
-        r8[i] = (byte)(z8[i-1] << 4) | (byte)(z8[i] >> 4);
-    r8[0] = (byte)(z8[0] >> 4);
-}
-#endif
-
-void GenerateM0(Gcm* gcm)
-{
-#if !defined(BIG_ENDIAN_ORDER) && !defined(WC_16BIT_CPU)
-    int i;
-#endif
-    byte (*m)[WC_AES_BLOCK_SIZE] = gcm->M0;
-
-    /* 0 times -> 0x0 */
-    XMEMSET(m[0x0], 0, WC_AES_BLOCK_SIZE);
-    /* 1 times -> 0x8 */
-    XMEMCPY(m[0x8], gcm->H, WC_AES_BLOCK_SIZE);
-    /* 2 times -> 0x4 */
-    XMEMCPY(m[0x4], m[0x8], WC_AES_BLOCK_SIZE);
-    RIGHTSHIFTX(m[0x4]);
-    /* 4 times -> 0x2 */
-    XMEMCPY(m[0x2], m[0x4], WC_AES_BLOCK_SIZE);
-    RIGHTSHIFTX(m[0x2]);
-    /* 8 times -> 0x1 */
-    XMEMCPY(m[0x1], m[0x2], WC_AES_BLOCK_SIZE);
-    RIGHTSHIFTX(m[0x1]);
-
-    /* 0x3 */
-    XMEMCPY(m[0x3], m[0x2], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0x3], m[0x1], WC_AES_BLOCK_SIZE);
-
-    /* 0x5 -> 0x7 */
-    XMEMCPY(m[0x5], m[0x4], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0x5], m[0x1], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0x6], m[0x4], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0x6], m[0x2], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0x7], m[0x4], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0x7], m[0x3], WC_AES_BLOCK_SIZE);
-
-    /* 0x9 -> 0xf */
-    XMEMCPY(m[0x9], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0x9], m[0x1], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0xa], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0xa], m[0x2], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0xb], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0xb], m[0x3], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0xc], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0xc], m[0x4], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0xd], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0xd], m[0x5], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0xe], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0xe], m[0x6], WC_AES_BLOCK_SIZE);
-    XMEMCPY(m[0xf], m[0x8], WC_AES_BLOCK_SIZE);
-    xorbuf (m[0xf], m[0x7], WC_AES_BLOCK_SIZE);
-
-#if defined(WOLFSSL_ARMASM) && !defined(__aarch64__) && \
-    defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    for (i = 0; i < 16; i++) {
-        word32* m32 = (word32*)gcm->M0[i];
-        m32[0] = ByteReverseWord32(m32[0]);
-        m32[1] = ByteReverseWord32(m32[1]);
-        m32[2] = ByteReverseWord32(m32[2]);
-        m32[3] = ByteReverseWord32(m32[3]);
-    }
-#endif
-
-#if !defined(BIG_ENDIAN_ORDER) && !defined(WC_16BIT_CPU)
-    for (i = 0; i < 16; i++) {
-        Shift4_M0(m[16+i], m[i]);
-    }
-#endif
-}
-
-#endif /* GCM_TABLE */
-#endif
-
-#if defined(WOLFSSL_AESNI) && defined(USE_INTEL_SPEEDUP)
-    #define HAVE_INTEL_AVX1
-    #define HAVE_INTEL_AVX2
-#endif
-
-#if defined(WOLFSSL_AESNI) && defined(GCM_TABLE_4BIT) && \
-    defined(WC_C_DYNAMIC_FALLBACK)
-void GCM_generate_m0_aesni(const unsigned char *h, unsigned char *m)
-                           XASM_LINK("GCM_generate_m0_aesni");
-#ifdef HAVE_INTEL_AVX1
-void GCM_generate_m0_avx1(const unsigned char *h, unsigned char *m)
-                          XASM_LINK("GCM_generate_m0_avx1");
-#endif
-#ifdef HAVE_INTEL_AVX2
-void GCM_generate_m0_avx2(const unsigned char *h, unsigned char *m)
-                          XASM_LINK("GCM_generate_m0_avx2");
-#endif
-#endif /* WOLFSSL_AESNI && GCM_TABLE_4BIT && WC_C_DYNAMIC_FALLBACK */
-
-/* Software AES - GCM SetKey */
-int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
-{
-    int  ret;
-    byte iv[WC_AES_BLOCK_SIZE];
-
-    #ifdef WOLFSSL_IMX6_CAAM_BLOB
-        byte   local[32];
-        word32 localSz = 32;
-
-        if (len == (16 + WC_CAAM_BLOB_SZ) ||
-          len == (24 + WC_CAAM_BLOB_SZ) ||
-          len == (32 + WC_CAAM_BLOB_SZ)) {
-            if (wc_caamOpenBlob((byte*)key, len, local, &localSz) != 0) {
-                 return BAD_FUNC_ARG;
-            }
-
-            /* set local values */
-            key = local;
-            len = localSz;
-        }
-    #endif
-
-    if (!((len == 16) || (len == 24) || (len == 32)))
-        return BAD_FUNC_ARG;
-
-    if (aes == NULL || key == NULL) {
-#ifdef WOLFSSL_IMX6_CAAM_BLOB
-        ForceZero(local, sizeof(local));
-#endif
-        return BAD_FUNC_ARG;
-    }
-#ifdef OPENSSL_EXTRA
-    XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH));
-    aes->gcm.aadLen = 0;
-#endif
-    XMEMSET(iv, 0, WC_AES_BLOCK_SIZE);
-    ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
-#ifdef WOLFSSL_AESGCM_STREAM
-    aes->gcmKeySet = 1;
-#endif
-    #if defined(WOLFSSL_SECO_CAAM)
-        if (aes->devId == WOLFSSL_SECO_DEVID) {
-            return ret;
-        }
-    #endif /* WOLFSSL_SECO_CAAM */
-
-    #if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
-        !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
-        return ret;
-    #endif /* WOLFSSL_RENESAS_RSIP && WOLFSSL_RENESAS_FSPSM_CRYPTONLY*/
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-    if (ret == 0) {
-    #ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-        AES_GCM_set_key_AARCH32(iv, (byte*)aes->key, aes->gcm.H, aes->rounds);
-    #else
-        AES_ECB_encrypt(iv, aes->gcm.H, WC_AES_BLOCK_SIZE,
-            (const unsigned char*)aes->key, aes->rounds);
-        #if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT)
-            GenerateM0(&aes->gcm);
-        #endif /* GCM_TABLE */
-    #endif
-    }
-#else
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (ret == 0 && aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-        AES_GCM_set_key_AARCH64(iv, (byte*)aes->key, aes->gcm.H, aes->rounds);
-    }
-    else
-#endif
-#if !defined(FREESCALE_LTC_AES_GCM)
-    if (ret == 0) {
-        VECTOR_REGISTERS_PUSH;
-        /* AES-NI code generates its own H value, but generate it here too, to
-         * assure pure-C fallback is always usable.
-         */
-        ret = wc_AesEncrypt(aes, iv, aes->gcm.H);
-        VECTOR_REGISTERS_POP;
-    }
-    if (ret == 0) {
-#if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT)
-#if defined(WOLFSSL_AESNI) && defined(GCM_TABLE_4BIT)
-        if (aes->use_aesni) {
-    #if defined(WC_C_DYNAMIC_FALLBACK)
-        #ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_AVX2(intel_flags)) {
-                GCM_generate_m0_avx2(aes->gcm.H, (byte*)aes->gcm.M0);
-            }
-            else
-        #endif
-        #if defined(HAVE_INTEL_AVX1)
-            if (IS_INTEL_AVX1(intel_flags)) {
-                GCM_generate_m0_avx1(aes->gcm.H, (byte*)aes->gcm.M0);
-            }
-            else
-        #endif
-            {
-                GCM_generate_m0_aesni(aes->gcm.H, (byte*)aes->gcm.M0);
-            }
-    #endif
-        }
-        else
-#endif
-        {
-            GenerateM0(&aes->gcm);
-        }
-#endif /* GCM_TABLE || GCM_TABLE_4BIT */
-    }
-#endif /* FREESCALE_LTC_AES_GCM */
-#endif
-
-#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_AFALG_XILINX_AES)
-    wc_AesGcmSetKey_ex(aes, key, len, WOLFSSL_XILINX_AES_KEY_SRC);
-#endif
-
-#ifdef WOLF_CRYPTO_CB
-    if (aes->devId != INVALID_DEVID) {
-        XMEMCPY(aes->devKey, key, len);
-    }
-#endif
-
-#ifdef WOLFSSL_IMX6_CAAM_BLOB
-    ForceZero(local, sizeof(local));
-#endif
-    return ret;
-}
-
-
-#ifdef WOLFSSL_AESNI
-
-void AES_GCM_encrypt_aesni(const unsigned char *in, unsigned char *out,
-                     const unsigned char* addt, const unsigned char* ivec,
-                     unsigned char *tag, word32 nbytes,
-                     word32 abytes, word32 ibytes,
-                     word32 tbytes, const unsigned char* key, int nr)
-                     XASM_LINK("AES_GCM_encrypt_aesni");
-#ifdef HAVE_INTEL_AVX1
-void AES_GCM_encrypt_avx1(const unsigned char *in, unsigned char *out,
-                          const unsigned char* addt, const unsigned char* ivec,
-                          unsigned char *tag, word32 nbytes,
-                          word32 abytes, word32 ibytes,
-                          word32 tbytes, const unsigned char* key,
-                          int nr)
-                          XASM_LINK("AES_GCM_encrypt_avx1");
-#ifdef HAVE_INTEL_AVX2
-void AES_GCM_encrypt_avx2(const unsigned char *in, unsigned char *out,
-                          const unsigned char* addt, const unsigned char* ivec,
-                          unsigned char *tag, word32 nbytes,
-                          word32 abytes, word32 ibytes,
-                          word32 tbytes, const unsigned char* key,
-                          int nr)
-                          XASM_LINK("AES_GCM_encrypt_avx2");
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* HAVE_INTEL_AVX1 */
-
-#ifdef HAVE_AES_DECRYPT
-void AES_GCM_decrypt_aesni(const unsigned char *in, unsigned char *out,
-                     const unsigned char* addt, const unsigned char* ivec,
-                     const unsigned char *tag, word32 nbytes, word32 abytes,
-                     word32 ibytes, word32 tbytes, const unsigned char* key,
-                     int nr, int* res)
-                     XASM_LINK("AES_GCM_decrypt_aesni");
-#ifdef HAVE_INTEL_AVX1
-void AES_GCM_decrypt_avx1(const unsigned char *in, unsigned char *out,
-                          const unsigned char* addt, const unsigned char* ivec,
-                          const unsigned char *tag, word32 nbytes,
-                          word32 abytes, word32 ibytes, word32 tbytes,
-                          const unsigned char* key, int nr, int* res)
-                          XASM_LINK("AES_GCM_decrypt_avx1");
-#ifdef HAVE_INTEL_AVX2
-void AES_GCM_decrypt_avx2(const unsigned char *in, unsigned char *out,
-                          const unsigned char* addt, const unsigned char* ivec,
-                          const unsigned char *tag, word32 nbytes,
-                          word32 abytes, word32 ibytes, word32 tbytes,
-                          const unsigned char* key, int nr, int* res)
-                          XASM_LINK("AES_GCM_decrypt_avx2");
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* HAVE_INTEL_AVX1 */
-#endif /* HAVE_AES_DECRYPT */
-
-#endif /* WOLFSSL_AESNI */
-
-#if !defined(WOLFSSL_ARMASM) || defined(__aarch64__) || \
-    defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-#if defined(GCM_SMALL)
-static void GMULT(byte* X, byte* Y)
-{
-    byte Z[WC_AES_BLOCK_SIZE];
-    byte V[WC_AES_BLOCK_SIZE];
-    int i, j;
-
-    XMEMSET(Z, 0, WC_AES_BLOCK_SIZE);
-    XMEMCPY(V, X, WC_AES_BLOCK_SIZE);
-    for (i = 0; i < WC_AES_BLOCK_SIZE; i++)
-    {
-        byte y = Y[i];
-        for (j = 0; j < 8; j++)
-        {
-            if (y & 0x80) {
-                xorbuf(Z, V, WC_AES_BLOCK_SIZE);
-            }
-
-            RIGHTSHIFTX(V);
-            y = y << 1;
-        }
-    }
-    XMEMCPY(X, Z, WC_AES_BLOCK_SIZE);
-}
-
-
-void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
-    word32 cSz, byte* s, word32 sSz)
-{
-    byte x[WC_AES_BLOCK_SIZE];
-    byte scratch[WC_AES_BLOCK_SIZE];
-    word32 blocks, partial;
-    byte* h;
-
-    if (gcm == NULL) {
-        return;
-    }
-
-    h = gcm->H;
-    XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-        while (blocks--) {
-            xorbuf(x, a, WC_AES_BLOCK_SIZE);
-            GMULT(x, h);
-            a += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, a, partial);
-            xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-            GMULT(x, h);
-        }
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        while (blocks--) {
-            xorbuf(x, c, WC_AES_BLOCK_SIZE);
-            GMULT(x, h);
-            c += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, c, partial);
-            xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-            GMULT(x, h);
-        }
-    }
-
-    /* Hash in the lengths of A and C in bits */
-    FlattenSzInBits(&scratch[0], aSz);
-    FlattenSzInBits(&scratch[8], cSz);
-    xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-    GMULT(x, h);
-
-    /* Copy the result into s. */
-    XMEMCPY(s, x, sSz);
-}
-
-#ifdef WOLFSSL_AESGCM_STREAM
-/* No extra initialization for small implementation.
- *
- * @param [in] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
-
-/* GHASH one block of data..
- *
- * XOR block into tag and GMULT with H.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                  \
-    do {                                                \
-        xorbuf(AES_TAG(aes), block, WC_AES_BLOCK_SIZE); \
-        GMULT(AES_TAG(aes), (aes)->gcm.H);              \
-    }                                                   \
-    while (0)
-#endif /* WOLFSSL_AESGCM_STREAM */
-
-#ifdef WOLFSSL_ARMASM
-#define GCM_GMULT_LEN(gcm, x, a, len) \
-    GCM_gmult_len(x, (const byte**)((gcm)->M0), a, len)
-#endif
-
-#elif defined(GCM_TABLE)
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-#define GCM_GMULT_LEN(gcm, x, a, len) \
-    GCM_gmult_len(x, (const byte**)((gcm)->M0), a, len)
-#else
-ALIGN16 static const byte R[256][2] = {
-    {0x00, 0x00}, {0x01, 0xc2}, {0x03, 0x84}, {0x02, 0x46},
-    {0x07, 0x08}, {0x06, 0xca}, {0x04, 0x8c}, {0x05, 0x4e},
-    {0x0e, 0x10}, {0x0f, 0xd2}, {0x0d, 0x94}, {0x0c, 0x56},
-    {0x09, 0x18}, {0x08, 0xda}, {0x0a, 0x9c}, {0x0b, 0x5e},
-    {0x1c, 0x20}, {0x1d, 0xe2}, {0x1f, 0xa4}, {0x1e, 0x66},
-    {0x1b, 0x28}, {0x1a, 0xea}, {0x18, 0xac}, {0x19, 0x6e},
-    {0x12, 0x30}, {0x13, 0xf2}, {0x11, 0xb4}, {0x10, 0x76},
-    {0x15, 0x38}, {0x14, 0xfa}, {0x16, 0xbc}, {0x17, 0x7e},
-    {0x38, 0x40}, {0x39, 0x82}, {0x3b, 0xc4}, {0x3a, 0x06},
-    {0x3f, 0x48}, {0x3e, 0x8a}, {0x3c, 0xcc}, {0x3d, 0x0e},
-    {0x36, 0x50}, {0x37, 0x92}, {0x35, 0xd4}, {0x34, 0x16},
-    {0x31, 0x58}, {0x30, 0x9a}, {0x32, 0xdc}, {0x33, 0x1e},
-    {0x24, 0x60}, {0x25, 0xa2}, {0x27, 0xe4}, {0x26, 0x26},
-    {0x23, 0x68}, {0x22, 0xaa}, {0x20, 0xec}, {0x21, 0x2e},
-    {0x2a, 0x70}, {0x2b, 0xb2}, {0x29, 0xf4}, {0x28, 0x36},
-    {0x2d, 0x78}, {0x2c, 0xba}, {0x2e, 0xfc}, {0x2f, 0x3e},
-    {0x70, 0x80}, {0x71, 0x42}, {0x73, 0x04}, {0x72, 0xc6},
-    {0x77, 0x88}, {0x76, 0x4a}, {0x74, 0x0c}, {0x75, 0xce},
-    {0x7e, 0x90}, {0x7f, 0x52}, {0x7d, 0x14}, {0x7c, 0xd6},
-    {0x79, 0x98}, {0x78, 0x5a}, {0x7a, 0x1c}, {0x7b, 0xde},
-    {0x6c, 0xa0}, {0x6d, 0x62}, {0x6f, 0x24}, {0x6e, 0xe6},
-    {0x6b, 0xa8}, {0x6a, 0x6a}, {0x68, 0x2c}, {0x69, 0xee},
-    {0x62, 0xb0}, {0x63, 0x72}, {0x61, 0x34}, {0x60, 0xf6},
-    {0x65, 0xb8}, {0x64, 0x7a}, {0x66, 0x3c}, {0x67, 0xfe},
-    {0x48, 0xc0}, {0x49, 0x02}, {0x4b, 0x44}, {0x4a, 0x86},
-    {0x4f, 0xc8}, {0x4e, 0x0a}, {0x4c, 0x4c}, {0x4d, 0x8e},
-    {0x46, 0xd0}, {0x47, 0x12}, {0x45, 0x54}, {0x44, 0x96},
-    {0x41, 0xd8}, {0x40, 0x1a}, {0x42, 0x5c}, {0x43, 0x9e},
-    {0x54, 0xe0}, {0x55, 0x22}, {0x57, 0x64}, {0x56, 0xa6},
-    {0x53, 0xe8}, {0x52, 0x2a}, {0x50, 0x6c}, {0x51, 0xae},
-    {0x5a, 0xf0}, {0x5b, 0x32}, {0x59, 0x74}, {0x58, 0xb6},
-    {0x5d, 0xf8}, {0x5c, 0x3a}, {0x5e, 0x7c}, {0x5f, 0xbe},
-    {0xe1, 0x00}, {0xe0, 0xc2}, {0xe2, 0x84}, {0xe3, 0x46},
-    {0xe6, 0x08}, {0xe7, 0xca}, {0xe5, 0x8c}, {0xe4, 0x4e},
-    {0xef, 0x10}, {0xee, 0xd2}, {0xec, 0x94}, {0xed, 0x56},
-    {0xe8, 0x18}, {0xe9, 0xda}, {0xeb, 0x9c}, {0xea, 0x5e},
-    {0xfd, 0x20}, {0xfc, 0xe2}, {0xfe, 0xa4}, {0xff, 0x66},
-    {0xfa, 0x28}, {0xfb, 0xea}, {0xf9, 0xac}, {0xf8, 0x6e},
-    {0xf3, 0x30}, {0xf2, 0xf2}, {0xf0, 0xb4}, {0xf1, 0x76},
-    {0xf4, 0x38}, {0xf5, 0xfa}, {0xf7, 0xbc}, {0xf6, 0x7e},
-    {0xd9, 0x40}, {0xd8, 0x82}, {0xda, 0xc4}, {0xdb, 0x06},
-    {0xde, 0x48}, {0xdf, 0x8a}, {0xdd, 0xcc}, {0xdc, 0x0e},
-    {0xd7, 0x50}, {0xd6, 0x92}, {0xd4, 0xd4}, {0xd5, 0x16},
-    {0xd0, 0x58}, {0xd1, 0x9a}, {0xd3, 0xdc}, {0xd2, 0x1e},
-    {0xc5, 0x60}, {0xc4, 0xa2}, {0xc6, 0xe4}, {0xc7, 0x26},
-    {0xc2, 0x68}, {0xc3, 0xaa}, {0xc1, 0xec}, {0xc0, 0x2e},
-    {0xcb, 0x70}, {0xca, 0xb2}, {0xc8, 0xf4}, {0xc9, 0x36},
-    {0xcc, 0x78}, {0xcd, 0xba}, {0xcf, 0xfc}, {0xce, 0x3e},
-    {0x91, 0x80}, {0x90, 0x42}, {0x92, 0x04}, {0x93, 0xc6},
-    {0x96, 0x88}, {0x97, 0x4a}, {0x95, 0x0c}, {0x94, 0xce},
-    {0x9f, 0x90}, {0x9e, 0x52}, {0x9c, 0x14}, {0x9d, 0xd6},
-    {0x98, 0x98}, {0x99, 0x5a}, {0x9b, 0x1c}, {0x9a, 0xde},
-    {0x8d, 0xa0}, {0x8c, 0x62}, {0x8e, 0x24}, {0x8f, 0xe6},
-    {0x8a, 0xa8}, {0x8b, 0x6a}, {0x89, 0x2c}, {0x88, 0xee},
-    {0x83, 0xb0}, {0x82, 0x72}, {0x80, 0x34}, {0x81, 0xf6},
-    {0x84, 0xb8}, {0x85, 0x7a}, {0x87, 0x3c}, {0x86, 0xfe},
-    {0xa9, 0xc0}, {0xa8, 0x02}, {0xaa, 0x44}, {0xab, 0x86},
-    {0xae, 0xc8}, {0xaf, 0x0a}, {0xad, 0x4c}, {0xac, 0x8e},
-    {0xa7, 0xd0}, {0xa6, 0x12}, {0xa4, 0x54}, {0xa5, 0x96},
-    {0xa0, 0xd8}, {0xa1, 0x1a}, {0xa3, 0x5c}, {0xa2, 0x9e},
-    {0xb5, 0xe0}, {0xb4, 0x22}, {0xb6, 0x64}, {0xb7, 0xa6},
-    {0xb2, 0xe8}, {0xb3, 0x2a}, {0xb1, 0x6c}, {0xb0, 0xae},
-    {0xbb, 0xf0}, {0xba, 0x32}, {0xb8, 0x74}, {0xb9, 0xb6},
-    {0xbc, 0xf8}, {0xbd, 0x3a}, {0xbf, 0x7c}, {0xbe, 0xbe} };
-
-
-static void GMULT(byte *x, byte m[256][WC_AES_BLOCK_SIZE])
-{
-#if !defined(WORD64_AVAILABLE) || defined(BIG_ENDIAN_ORDER)
-    int i, j;
-    byte Z[WC_AES_BLOCK_SIZE];
-    byte a;
-
-    XMEMSET(Z, 0, sizeof(Z));
-
-    for (i = 15; i > 0; i--) {
-        xorbuf(Z, m[x[i]], WC_AES_BLOCK_SIZE);
-        a = Z[15];
-
-        for (j = 15; j > 0; j--) {
-            Z[j] = Z[j-1];
-        }
-
-        Z[0]  = R[a][0];
-        Z[1] ^= R[a][1];
-    }
-    xorbuf(Z, m[x[0]], WC_AES_BLOCK_SIZE);
-
-    XMEMCPY(x, Z, WC_AES_BLOCK_SIZE);
-#elif defined(WC_32BIT_CPU)
-    byte Z[WC_AES_BLOCK_SIZE + WC_AES_BLOCK_SIZE];
-    byte a;
-    word32* pZ;
-    word32* pm;
-    word32* px = (word32*)(x);
-    int i;
-
-    pZ = (word32*)(Z + 15 + 1);
-    pm = (word32*)(m[x[15]]);
-    pZ[0] = pm[0];
-    pZ[1] = pm[1];
-    pZ[2] = pm[2];
-    pZ[3] = pm[3];
-    a = Z[16 + 15];
-    Z[15]  = R[a][0];
-    Z[16] ^= R[a][1];
-    for (i = 14; i > 0; i--) {
-        pZ = (word32*)(Z + i + 1);
-        pm = (word32*)(m[x[i]]);
-        pZ[0] ^= pm[0];
-        pZ[1] ^= pm[1];
-        pZ[2] ^= pm[2];
-        pZ[3] ^= pm[3];
-        a = Z[16 + i];
-        Z[i]    = R[a][0];
-        Z[i+1] ^= R[a][1];
-    }
-    pZ = (word32*)(Z + 1);
-    pm = (word32*)(m[x[0]]);
-    px[0] = pZ[0] ^ pm[0]; px[1] = pZ[1] ^ pm[1];
-    px[2] = pZ[2] ^ pm[2]; px[3] = pZ[3] ^ pm[3];
-#else
-    byte Z[WC_AES_BLOCK_SIZE + WC_AES_BLOCK_SIZE];
-    byte a;
-    word64* pZ;
-    word64* pm;
-    word64* px = (word64*)(x);
-    int i;
-
-    pZ = (word64*)(Z + 15 + 1);
-    pm = (word64*)(m[x[15]]);
-    pZ[0] = pm[0];
-    pZ[1] = pm[1];
-    a = Z[16 + 15];
-    Z[15]  = R[a][0];
-    Z[16] ^= R[a][1];
-    for (i = 14; i > 0; i--) {
-        pZ = (word64*)(Z + i + 1);
-        pm = (word64*)(m[x[i]]);
-        pZ[0] ^= pm[0];
-        pZ[1] ^= pm[1];
-        a = Z[16 + i];
-        Z[i]    = R[a][0];
-        Z[i+1] ^= R[a][1];
-    }
-    pZ = (word64*)(Z + 1);
-    pm = (word64*)(m[x[0]]);
-    px[0] = pZ[0] ^ pm[0]; px[1] = pZ[1] ^ pm[1];
-#endif
-}
-#endif
-
-void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
-    word32 cSz, byte* s, word32 sSz)
-{
-    byte x[WC_AES_BLOCK_SIZE];
-    byte scratch[WC_AES_BLOCK_SIZE];
-    word32 blocks, partial;
-
-    if (gcm == NULL) {
-        return;
-    }
-
-    XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-    #ifdef GCM_GMULT_LEN
-        if (blocks > 0) {
-            GCM_GMULT_LEN(gcm, x, a, blocks * WC_AES_BLOCK_SIZE);
-            a += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, a, partial);
-            GCM_GMULT_LEN(gcm, x, scratch, WC_AES_BLOCK_SIZE);
-        }
-    #else
-        while (blocks--) {
-            xorbuf(x, a, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-            a += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, a, partial);
-            xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-        }
-    #endif
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-    #ifdef GCM_GMULT_LEN
-        if (blocks > 0) {
-            GCM_GMULT_LEN(gcm, x, c, blocks * WC_AES_BLOCK_SIZE);
-            c += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, c, partial);
-            GCM_GMULT_LEN(gcm, x, scratch, WC_AES_BLOCK_SIZE);
-        }
-    #else
-        while (blocks--) {
-            xorbuf(x, c, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-            c += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, c, partial);
-            xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-        }
-    #endif
-    }
-
-    /* Hash in the lengths of A and C in bits */
-    FlattenSzInBits(&scratch[0], aSz);
-    FlattenSzInBits(&scratch[8], cSz);
-#ifdef GCM_GMULT_LEN
-    GCM_GMULT_LEN(gcm, x, scratch, WC_AES_BLOCK_SIZE);
-#else
-    xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-    GMULT(x, gcm->M0);
-#endif
-
-    /* Copy the result into s. */
-    XMEMCPY(s, x, sSz);
-}
-
-#ifdef WOLFSSL_AESGCM_STREAM
-/* No extra initialization for table implementation.
- *
- * @param [in] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
-
-/* GHASH one block of data..
- *
- * XOR block into tag and GMULT with H using pre-computed table.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                  \
-    do {                                                \
-        xorbuf(AES_TAG(aes), block, WC_AES_BLOCK_SIZE); \
-        GMULT(AES_TAG(aes), aes->gcm.M0);               \
-    }                                                   \
-    while (0)
-#endif /* WOLFSSL_AESGCM_STREAM */
-/* end GCM_TABLE */
-#elif defined(GCM_TABLE_4BIT)
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-#define GCM_GMULT_LEN(gcm, x, a, len) \
-    GCM_gmult_len(x, (const byte**)((gcm)->M0), a, len)
-#else
-/* remainder = x^7 + x^2 + x^1 + 1 => 0xe1
- *  R shifts right a reverse bit pair of bytes such that:
- *     R(b0, b1) => b1 = (b1 >> 1) | (b0 << 7); b0 >>= 1
- *  0 => 0, 0, 0, 0 => R(R(R(00,00) ^ 00,00) ^ 00,00) ^ 00,00 = 00,00
- *  8 => 0, 0, 0, 1 => R(R(R(00,00) ^ 00,00) ^ 00,00) ^ e1,00 = e1,00
- *  4 => 0, 0, 1, 0 => R(R(R(00,00) ^ 00,00) ^ e1,00) ^ 00,00 = 70,80
- *  2 => 0, 1, 0, 0 => R(R(R(00,00) ^ e1,00) ^ 00,00) ^ 00,00 = 38,40
- *  1 => 1, 0, 0, 0 => R(R(R(e1,00) ^ 00,00) ^ 00,00) ^ 00,00 = 1c,20
- *  To calculate te rest, XOR result for each bit.
- *   e.g. 6 = 4 ^ 2 => 48,c0
- *
- * Second half is same values rotated by 4-bits.
- */
-#if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
-static const byte R[16][2] = {
-    {0x00, 0x00}, {0x1c, 0x20}, {0x38, 0x40}, {0x24, 0x60},
-    {0x70, 0x80}, {0x6c, 0xa0}, {0x48, 0xc0}, {0x54, 0xe0},
-    {0xe1, 0x00}, {0xfd, 0x20}, {0xd9, 0x40}, {0xc5, 0x60},
-    {0x91, 0x80}, {0x8d, 0xa0}, {0xa9, 0xc0}, {0xb5, 0xe0},
-};
-#else
-static const word16 R[32] = {
-          0x0000,       0x201c,       0x4038,       0x6024,
-          0x8070,       0xa06c,       0xc048,       0xe054,
-          0x00e1,       0x20fd,       0x40d9,       0x60c5,
-          0x8091,       0xa08d,       0xc0a9,       0xe0b5,
-
-          0x0000,       0xc201,       0x8403,       0x4602,
-          0x0807,       0xca06,       0x8c04,       0x4e05,
-          0x100e,       0xd20f,       0x940d,       0x560c,
-          0x1809,       0xda08,       0x9c0a,       0x5e0b,
-};
-#endif
-
-/* Multiply in GF(2^128) defined by polynomial:
- *   x^128 + x^7 + x^2 + x^1 + 1.
- *
- * H: hash key = encrypt(key, 0)
- * x = x * H in field
- *
- * x: cumulative result
- * m: 4-bit table
- *    [0..15] * H
- */
-#if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
-static void GMULT(byte *x, byte m[16][WC_AES_BLOCK_SIZE])
-{
-    int i, j, n;
-    byte Z[WC_AES_BLOCK_SIZE];
-    byte a;
-
-    XMEMSET(Z, 0, sizeof(Z));
-
-    for (i = 15; i >= 0; i--) {
-        for (n = 0; n < 2; n++) {
-            if (n == 0)
-                xorbuf(Z, m[x[i] & 0xf], WC_AES_BLOCK_SIZE);
-            else {
-                xorbuf(Z, m[x[i] >> 4], WC_AES_BLOCK_SIZE);
-                if (i == 0)
-                    break;
-            }
-            a = Z[15] & 0xf;
-
-            for (j = 15; j > 0; j--)
-                Z[j] = (Z[j-1] << 4) | (Z[j] >> 4);
-            Z[0] >>= 4;
-
-            Z[0] ^= R[a][0];
-            Z[1] ^= R[a][1];
-        }
-    }
-
-    XMEMCPY(x, Z, WC_AES_BLOCK_SIZE);
-}
-#elif defined(WC_32BIT_CPU)
-static WC_INLINE void GMULT(byte *x, byte m[32][WC_AES_BLOCK_SIZE])
-{
-    int i;
-    word32 z8[4] = {0, 0, 0, 0};
-    byte a;
-    word32* x8 = (word32*)x;
-    word32* m8;
-    byte xi;
-    word32 n7, n6, n5, n4, n3, n2, n1, n0;
-
-    for (i = 15; i > 0; i--) {
-        xi = x[i];
-
-        /* XOR in (msn * H) */
-        m8 = (word32*)m[xi & 0xf];
-        z8[0] ^= m8[0]; z8[1] ^= m8[1]; z8[2] ^= m8[2]; z8[3] ^= m8[3];
-
-        /* Cache top byte for remainder calculations - lost in rotate. */
-        a = (byte)(z8[3] >> 24);
-
-        /* Rotate Z by 8-bits */
-        z8[3] = (z8[2] >> 24) | (z8[3] << 8);
-        z8[2] = (z8[1] >> 24) | (z8[2] << 8);
-        z8[1] = (z8[0] >> 24) | (z8[1] << 8);
-        z8[0] <<= 8;
-
-        /* XOR in (msn * remainder) [pre-rotated by 4 bits] */
-        z8[0] ^= (word32)R[16 + (a & 0xf)];
-
-        xi >>= 4;
-        /* XOR in next significant nibble (XORed with H) * remainder */
-        m8 = (word32*)m[xi];
-        a ^= (byte)(m8[3] >> 20);
-        z8[0] ^= (word32)R[a >> 4];
-
-        /* XOR in (next significant nibble * H) [pre-rotated by 4 bits] */
-        m8 = (word32*)m[16 + xi];
-        z8[0] ^= m8[0]; z8[1] ^= m8[1];
-        z8[2] ^= m8[2]; z8[3] ^= m8[3];
-    }
-
-    xi = x[0];
-
-    /* XOR in most significant nibble * H */
-    m8 = (word32*)m[xi & 0xf];
-    z8[0] ^= m8[0]; z8[1] ^= m8[1]; z8[2] ^= m8[2]; z8[3] ^= m8[3];
-
-    /* Cache top byte for remainder calculations - lost in rotate. */
-    a = (z8[3] >> 24) & 0xf;
-
-    /* Rotate z by 4-bits */
-    n7 = z8[3] & 0xf0f0f0f0ULL;
-    n6 = z8[3] & 0x0f0f0f0fULL;
-    n5 = z8[2] & 0xf0f0f0f0ULL;
-    n4 = z8[2] & 0x0f0f0f0fULL;
-    n3 = z8[1] & 0xf0f0f0f0ULL;
-    n2 = z8[1] & 0x0f0f0f0fULL;
-    n1 = z8[0] & 0xf0f0f0f0ULL;
-    n0 = z8[0] & 0x0f0f0f0fULL;
-    z8[3] = (n7 >> 4) | (n6 << 12) | (n4 >> 20);
-    z8[2] = (n5 >> 4) | (n4 << 12) | (n2 >> 20);
-    z8[1] = (n3 >> 4) | (n2 << 12) | (n0 >> 20);
-    z8[0] = (n1 >> 4) | (n0 << 12);
-
-    /* XOR in most significant nibble * remainder */
-    z8[0] ^= (word32)R[a];
-    /* XOR in next significant nibble * H */
-    m8 = (word32*)m[xi >> 4];
-    z8[0] ^= m8[0]; z8[1] ^= m8[1]; z8[2] ^= m8[2]; z8[3] ^= m8[3];
-
-    /* Write back result. */
-    x8[0] = z8[0]; x8[1] = z8[1]; x8[2] = z8[2]; x8[3] = z8[3];
-}
-#else
-static WC_INLINE void GMULT(byte *x, byte m[32][WC_AES_BLOCK_SIZE])
-{
-    int i;
-    word64 z8[2] = {0, 0};
-    byte a;
-    word64* x8 = (word64*)x;
-    word64* m8;
-    word64 n0, n1, n2, n3;
-    byte xi;
-
-    for (i = 15; i > 0; i--) {
-        xi = x[i];
-
-        /* XOR in (msn * H) */
-        m8 = (word64*)m[xi & 0xf];
-        z8[0] ^= m8[0];
-        z8[1] ^= m8[1];
-
-        /* Cache top byte for remainder calculations - lost in rotate. */
-        a = (byte)(z8[1] >> 56);
-
-        /* Rotate Z by 8-bits */
-        z8[1] = (z8[0] >> 56) | (z8[1] << 8);
-        z8[0] <<= 8;
-
-        /* XOR in (next significant nibble * H) [pre-rotated by 4 bits] */
-        m8 = (word64*)m[16 + (xi >> 4)];
-        z8[0] ^= m8[0];
-        z8[1] ^= m8[1];
-
-        /* XOR in (msn * remainder) [pre-rotated by 4 bits] */
-        z8[0] ^= (word64)R[16 + (a & 0xf)];
-        /* XOR in next significant nibble (XORed with H) * remainder */
-        m8 = (word64*)m[xi >> 4];
-        a ^= (byte)(m8[1] >> 52);
-        z8[0] ^= (word64)R[a >> 4];
-    }
-
-    xi = x[0];
-
-    /* XOR in most significant nibble * H */
-    m8 = (word64*)m[xi & 0xf];
-    z8[0] ^= m8[0];
-    z8[1] ^= m8[1];
-
-    /* Cache top byte for remainder calculations - lost in rotate. */
-    a = (z8[1] >> 56) & 0xf;
-
-    /* Rotate z by 4-bits */
-    n3 = z8[1] & W64LIT(0xf0f0f0f0f0f0f0f0);
-    n2 = z8[1] & W64LIT(0x0f0f0f0f0f0f0f0f);
-    n1 = z8[0] & W64LIT(0xf0f0f0f0f0f0f0f0);
-    n0 = z8[0] & W64LIT(0x0f0f0f0f0f0f0f0f);
-    z8[1] = (n3 >> 4) | (n2 << 12) | (n0 >> 52);
-    z8[0] = (n1 >> 4) | (n0 << 12);
-
-    /* XOR in next significant nibble * H */
-    m8 = (word64*)m[xi >> 4];
-    z8[0] ^= m8[0];
-    z8[1] ^= m8[1];
-    /* XOR in most significant nibble * remainder */
-    z8[0] ^= (word64)R[a];
-
-    /* Write back result. */
-    x8[0] = z8[0];
-    x8[1] = z8[1];
-}
-#endif
-#endif
-
-void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
-    word32 cSz, byte* s, word32 sSz)
-{
-    byte x[WC_AES_BLOCK_SIZE];
-    byte scratch[WC_AES_BLOCK_SIZE];
-    word32 blocks, partial;
-
-    if (gcm == NULL) {
-        return;
-    }
-
-    XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-    #ifdef GCM_GMULT_LEN
-        if (blocks > 0) {
-            GCM_GMULT_LEN(gcm, x, a, blocks * WC_AES_BLOCK_SIZE);
-            a += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, a, partial);
-            GCM_GMULT_LEN(gcm, x, scratch, WC_AES_BLOCK_SIZE);
-        }
-    #else
-        while (blocks--) {
-            xorbuf(x, a, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-            a += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, a, partial);
-            xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-        }
-    #endif
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-    #ifdef GCM_GMULT_LEN
-        if (blocks > 0) {
-            GCM_GMULT_LEN(gcm, x, c, blocks * WC_AES_BLOCK_SIZE);
-            c += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, c, partial);
-            GCM_GMULT_LEN(gcm, x, scratch, WC_AES_BLOCK_SIZE);
-        }
-    #else
-        while (blocks--) {
-            xorbuf(x, c, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-            c += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, c, partial);
-            xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-            GMULT(x, gcm->M0);
-        }
-    #endif
-    }
-
-    /* Hash in the lengths of A and C in bits */
-    FlattenSzInBits(&scratch[0], aSz);
-    FlattenSzInBits(&scratch[8], cSz);
-#ifdef GCM_GMULT_LEN
-    GCM_GMULT_LEN(gcm, x, scratch, WC_AES_BLOCK_SIZE);
-#else
-    xorbuf(x, scratch, WC_AES_BLOCK_SIZE);
-    GMULT(x, gcm->M0);
-#endif
-
-    /* Copy the result into s. */
-    XMEMCPY(s, x, sSz);
-}
-
-#ifdef WOLFSSL_AESGCM_STREAM
-/* No extra initialization for 4-bit table implementation.
- *
- * @param [in] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
-
-/* GHASH one block of data..
- *
- * XOR block into tag and GMULT with H using pre-computed table.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                  \
-    do {                                                \
-        xorbuf(AES_TAG(aes), block, WC_AES_BLOCK_SIZE); \
-        GMULT(AES_TAG(aes), (aes)->gcm.M0);             \
-    }                                                   \
-    while (0)
-#endif /* WOLFSSL_AESGCM_STREAM */
-#elif defined(WORD64_AVAILABLE) && !defined(GCM_WORD32)
-
-#if !defined(FREESCALE_LTC_AES_GCM)
-static void GMULT(word64* X, word64* Y)
-{
-    word64 Z[2] = {0,0};
-    word64 V[2];
-    int i, j;
-    word64 v1;
-    V[0] = X[0];  V[1] = X[1];
-
-    for (i = 0; i < 2; i++)
-    {
-        word64 y = Y[i];
-        for (j = 0; j < 64; j++)
-        {
-#ifndef AES_GCM_GMULT_NCT
-            word64 mask = 0 - (y >> 63);
-            Z[0] ^= V[0] & mask;
-            Z[1] ^= V[1] & mask;
-#else
-            if (y & 0x8000000000000000ULL) {
-                Z[0] ^= V[0];
-                Z[1] ^= V[1];
-            }
-#endif
-
-            v1 = (0 - (V[1] & 1)) & 0xE100000000000000ULL;
-            V[1] >>= 1;
-            V[1] |= V[0] << 63;
-            V[0] >>= 1;
-            V[0] ^= v1;
-            y <<= 1;
-        }
-    }
-    X[0] = Z[0];
-    X[1] = Z[1];
-}
-
-
-void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
-    word32 cSz, byte* s, word32 sSz)
-{
-    word64 x[2] = {0,0};
-    word32 blocks, partial;
-    word64 bigH[2];
-
-    if (gcm == NULL) {
-        return;
-    }
-
-    XMEMCPY(bigH, gcm->H, WC_AES_BLOCK_SIZE);
-    #ifdef LITTLE_ENDIAN_ORDER
-        ByteReverseWords64(bigH, bigH, WC_AES_BLOCK_SIZE);
-    #endif
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        word64 bigA[2];
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-        while (blocks--) {
-            XMEMCPY(bigA, a, WC_AES_BLOCK_SIZE);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords64(bigA, bigA, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigA[0];
-            x[1] ^= bigA[1];
-            GMULT(x, bigH);
-            a += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(bigA, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(bigA, a, partial);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords64(bigA, bigA, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigA[0];
-            x[1] ^= bigA[1];
-            GMULT(x, bigH);
-        }
-#ifdef OPENSSL_EXTRA
-        /* store AAD partial tag for next call */
-        gcm->aadH[0] = (word32)((x[0] & 0xFFFFFFFF00000000ULL) >> 32);
-        gcm->aadH[1] = (word32)(x[0] & 0xFFFFFFFF);
-        gcm->aadH[2] = (word32)((x[1] & 0xFFFFFFFF00000000ULL) >> 32);
-        gcm->aadH[3] = (word32)(x[1] & 0xFFFFFFFF);
-#endif
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        word64 bigC[2];
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-#ifdef OPENSSL_EXTRA
-        /* Start from last AAD partial tag */
-        if(gcm->aadLen) {
-            x[0] = ((word64)gcm->aadH[0]) << 32 | gcm->aadH[1];
-            x[1] = ((word64)gcm->aadH[2]) << 32 | gcm->aadH[3];
-         }
-#endif
-        while (blocks--) {
-            XMEMCPY(bigC, c, WC_AES_BLOCK_SIZE);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords64(bigC, bigC, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigC[0];
-            x[1] ^= bigC[1];
-            GMULT(x, bigH);
-            c += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(bigC, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(bigC, c, partial);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords64(bigC, bigC, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigC[0];
-            x[1] ^= bigC[1];
-            GMULT(x, bigH);
-        }
-    }
-
-    /* Hash in the lengths in bits of A and C */
-    {
-        word64 len[2];
-        len[0] = aSz; len[1] = cSz;
-#ifdef OPENSSL_EXTRA
-        if (gcm->aadLen)
-            len[0] = (word64)gcm->aadLen;
-#endif
-        /* Lengths are in bytes. Convert to bits. */
-        len[0] *= 8;
-        len[1] *= 8;
-
-        x[0] ^= len[0];
-        x[1] ^= len[1];
-        GMULT(x, bigH);
-    }
-    #ifdef LITTLE_ENDIAN_ORDER
-        ByteReverseWords64(x, x, WC_AES_BLOCK_SIZE);
-    #endif
-    XMEMCPY(s, x, sSz);
-}
-#endif /* !FREESCALE_LTC_AES_GCM */
-
-#ifdef WOLFSSL_AESGCM_STREAM
-
-#ifdef LITTLE_ENDIAN_ORDER
-
-/* No extra initialization for small implementation.
- *
- * @param [in] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes)                                               \
-    ByteReverseWords64((word64*)aes->gcm.H, (word64*)aes->gcm.H, WC_AES_BLOCK_SIZE)
-
-/* GHASH one block of data..
- *
- * XOR block into tag and GMULT with H.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                              \
-    do {                                                            \
-        word64* x = (word64*)AES_TAG(aes);                          \
-        word64* h = (word64*)aes->gcm.H;                            \
-        word64 block64[2];                                          \
-        XMEMCPY(block64, block, WC_AES_BLOCK_SIZE);                 \
-        ByteReverseWords64(block64, block64, WC_AES_BLOCK_SIZE);    \
-        x[0] ^= block64[0];                                         \
-        x[1] ^= block64[1];                                         \
-        GMULT(x, h);                                                \
-    }                                                               \
-    while (0)
-
-#ifdef OPENSSL_EXTRA
-/* GHASH in AAD and cipher text lengths in bits.
- *
- * Convert tag back to little-endian.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                            \
-    do {                                                \
-        word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->gcm.H;                \
-        word64 len[2];                                  \
-        len[0] = aes->aSz; len[1] = aes->cSz;           \
-        if (aes->gcm.aadLen)                            \
-            len[0] = (word64)aes->gcm.aadLen;           \
-        /* Lengths are in bytes. Convert to bits. */    \
-        len[0] *= 8;                                    \
-        len[1] *= 8;                                    \
-                                                        \
-        x[0] ^= len[0];                                 \
-        x[1] ^= len[1];                                 \
-        GMULT(x, h);                                    \
-        ByteReverseWords64(x, x, WC_AES_BLOCK_SIZE);    \
-    }                                                   \
-    while (0)
-#else
-/* GHASH in AAD and cipher text lengths in bits.
- *
- * Convert tag back to little-endian.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                            \
-    do {                                                \
-        word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->gcm.H;                \
-        word64 len[2];                                  \
-        len[0] = aes->aSz; len[1] = aes->cSz;           \
-        /* Lengths are in bytes. Convert to bits. */    \
-        len[0] *= 8;                                    \
-        len[1] *= 8;                                    \
-                                                        \
-        x[0] ^= len[0];                                 \
-        x[1] ^= len[1];                                 \
-        GMULT(x, h);                                    \
-        ByteReverseWords64(x, x, WC_AES_BLOCK_SIZE);    \
-    }                                                   \
-    while (0)
-#endif
-
-#else
-
-/* No extra initialization for small implementation.
- *
- * @param [in] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
-
-/* GHASH one block of data..
- *
- * XOR block into tag and GMULT with H.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                  \
-    do {                                                \
-        word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->gcm.H;                \
-        word64 block64[2];                              \
-        XMEMCPY(block64, block, WC_AES_BLOCK_SIZE);        \
-        x[0] ^= block64[0];                             \
-        x[1] ^= block64[1];                             \
-        GMULT(x, h);                                    \
-    }                                                   \
-    while (0)
-
-#ifdef OPENSSL_EXTRA
-/* GHASH in AAD and cipher text lengths in bits.
- *
- * Convert tag back to little-endian.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                            \
-    do {                                                \
-        word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->gcm.H;                \
-        word64 len[2];                                  \
-        len[0] = aes->aSz; len[1] = aes->cSz;           \
-        if (aes->gcm.aadLen)                            \
-            len[0] = (word64)aes->gcm.aadLen;           \
-        /* Lengths are in bytes. Convert to bits. */    \
-        len[0] *= 8;                                    \
-        len[1] *= 8;                                    \
-                                                        \
-        x[0] ^= len[0];                                 \
-        x[1] ^= len[1];                                 \
-        GMULT(x, h);                                    \
-    }                                                   \
-    while (0)
-#else
-/* GHASH in AAD and cipher text lengths in bits.
- *
- * Convert tag back to little-endian.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                            \
-    do {                                                \
-        word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->gcm.H;                \
-        word64 len[2];                                  \
-        len[0] = aes->aSz; len[1] = aes->cSz;           \
-        /* Lengths are in bytes. Convert to bits. */    \
-        len[0] *= 8;                                    \
-        len[1] *= 8;                                    \
-                                                        \
-        x[0] ^= len[0];                                 \
-        x[1] ^= len[1];                                 \
-        GMULT(x, h);                                    \
-    }                                                   \
-    while (0)
-#endif
-
-#endif /* !LITTLE_ENDIAN_ORDER */
-
-#endif /* WOLFSSL_AESGCM_STREAM */
-/* end defined(WORD64_AVAILABLE) && !defined(GCM_WORD32) */
-#else /* GCM_WORD32 */
-
-static void GMULT(word32* X, word32* Y)
-{
-    word32 Z[4] = {0,0,0,0};
-    word32 V[4];
-    int i, j;
-
-    V[0] = X[0];  V[1] = X[1]; V[2] =  X[2]; V[3] =  X[3];
-
-    for (i = 0; i < 4; i++)
-    {
-        word32 y = Y[i];
-        for (j = 0; j < 32; j++)
-        {
-            if (y & 0x80000000) {
-                Z[0] ^= V[0];
-                Z[1] ^= V[1];
-                Z[2] ^= V[2];
-                Z[3] ^= V[3];
-            }
-
-            if (V[3] & 0x00000001) {
-                V[3] >>= 1;
-                V[3] |= ((V[2] & 0x00000001) ? 0x80000000 : 0);
-                V[2] >>= 1;
-                V[2] |= ((V[1] & 0x00000001) ? 0x80000000 : 0);
-                V[1] >>= 1;
-                V[1] |= ((V[0] & 0x00000001) ? 0x80000000 : 0);
-                V[0] >>= 1;
-                V[0] ^= 0xE1000000;
-            } else {
-                V[3] >>= 1;
-                V[3] |= ((V[2] & 0x00000001) ? 0x80000000 : 0);
-                V[2] >>= 1;
-                V[2] |= ((V[1] & 0x00000001) ? 0x80000000 : 0);
-                V[1] >>= 1;
-                V[1] |= ((V[0] & 0x00000001) ? 0x80000000 : 0);
-                V[0] >>= 1;
-            }
-            y <<= 1;
-        }
-    }
-    X[0] = Z[0];
-    X[1] = Z[1];
-    X[2] = Z[2];
-    X[3] = Z[3];
-}
-
-
-void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
-    word32 cSz, byte* s, word32 sSz)
-{
-    word32 x[4] = {0,0,0,0};
-    word32 blocks, partial;
-    word32 bigH[4];
-
-    if (gcm == NULL) {
-        return;
-    }
-
-    XMEMCPY(bigH, gcm->H, WC_AES_BLOCK_SIZE);
-    #ifdef LITTLE_ENDIAN_ORDER
-        ByteReverseWords(bigH, bigH, WC_AES_BLOCK_SIZE);
-    #endif
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        word32 bigA[4];
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-        while (blocks--) {
-            XMEMCPY(bigA, a, WC_AES_BLOCK_SIZE);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords(bigA, bigA, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigA[0];
-            x[1] ^= bigA[1];
-            x[2] ^= bigA[2];
-            x[3] ^= bigA[3];
-            GMULT(x, bigH);
-            a += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(bigA, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(bigA, a, partial);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords(bigA, bigA, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigA[0];
-            x[1] ^= bigA[1];
-            x[2] ^= bigA[2];
-            x[3] ^= bigA[3];
-            GMULT(x, bigH);
-        }
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        word32 bigC[4];
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        while (blocks--) {
-            XMEMCPY(bigC, c, WC_AES_BLOCK_SIZE);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords(bigC, bigC, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigC[0];
-            x[1] ^= bigC[1];
-            x[2] ^= bigC[2];
-            x[3] ^= bigC[3];
-            GMULT(x, bigH);
-            c += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(bigC, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(bigC, c, partial);
-            #ifdef LITTLE_ENDIAN_ORDER
-                ByteReverseWords(bigC, bigC, WC_AES_BLOCK_SIZE);
-            #endif
-            x[0] ^= bigC[0];
-            x[1] ^= bigC[1];
-            x[2] ^= bigC[2];
-            x[3] ^= bigC[3];
-            GMULT(x, bigH);
-        }
-    }
-
-    /* Hash in the lengths in bits of A and C */
-    {
-        word32 len[4];
-
-        /* Lengths are in bytes. Convert to bits. */
-        len[0] = (aSz >> (8*sizeof(aSz) - 3));
-        len[1] = aSz << 3;
-        len[2] = (cSz >> (8*sizeof(cSz) - 3));
-        len[3] = cSz << 3;
-
-        x[0] ^= len[0];
-        x[1] ^= len[1];
-        x[2] ^= len[2];
-        x[3] ^= len[3];
-        GMULT(x, bigH);
-    }
-    #ifdef LITTLE_ENDIAN_ORDER
-        ByteReverseWords(x, x, WC_AES_BLOCK_SIZE);
-    #endif
-    XMEMCPY(s, x, sSz);
-}
-
-#ifdef WOLFSSL_AESGCM_STREAM
-#ifdef LITTLE_ENDIAN_ORDER
-/* Little-endian 32-bit word implementation requires byte reversal of H.
- *
- * H is all-zeros block encrypted with key.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes) \
-    ByteReverseWords((word32*)aes->gcm.H, (word32*)aes->gcm.H, WC_AES_BLOCK_SIZE)
-
-/* GHASH one block of data..
- *
- * XOR block, in big-endian form, into tag and GMULT with H.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                          \
-    do {                                                        \
-        word32* x = (word32*)AES_TAG(aes);                      \
-        word32* h = (word32*)aes->gcm.H;                        \
-        word32 bigEnd[4];                                       \
-        XMEMCPY(bigEnd, block, WC_AES_BLOCK_SIZE);              \
-        ByteReverseWords(bigEnd, bigEnd, WC_AES_BLOCK_SIZE);    \
-        x[0] ^= bigEnd[0];                                      \
-        x[1] ^= bigEnd[1];                                      \
-        x[2] ^= bigEnd[2];                                      \
-        x[3] ^= bigEnd[3];                                      \
-        GMULT(x, h);                                            \
-    }                                                           \
-    while (0)
-
-/* GHASH in AAD and cipher text lengths in bits.
- *
- * Convert tag back to little-endian.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                                \
-    do {                                                    \
-        word32 len[4];                                      \
-        word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->gcm.H;                    \
-        len[0] = (aes->aSz >> (8*sizeof(aes->aSz) - 3));    \
-        len[1] = aes->aSz << 3;                             \
-        len[2] = (aes->cSz >> (8*sizeof(aes->cSz) - 3));    \
-        len[3] = aes->cSz << 3;                             \
-        x[0] ^= len[0];                                     \
-        x[1] ^= len[1];                                     \
-        x[2] ^= len[2];                                     \
-        x[3] ^= len[3];                                     \
-        GMULT(x, h);                                        \
-        ByteReverseWords(x, x, WC_AES_BLOCK_SIZE);          \
-    }                                                       \
-    while (0)
-#else
-/* No extra initialization for 32-bit word implementation.
- *
- * @param [in] aes  AES GCM object.
- */
-#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
-
-/* GHASH one block of data..
- *
- * XOR block into tag and GMULT with H.
- *
- * @param [in, out] aes    AES GCM object.
- * @param [in]      block  Block of AAD or cipher text.
- */
-#define GHASH_ONE_BLOCK_SW(aes, block)                      \
-    do {                                                    \
-        word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->gcm.H;                    \
-        word32 block32[4];                                  \
-        XMEMCPY(block32, block, WC_AES_BLOCK_SIZE);         \
-        x[0] ^= block32[0];                                 \
-        x[1] ^= block32[1];                                 \
-        x[2] ^= block32[2];                                 \
-        x[3] ^= block32[3];                                 \
-        GMULT(x, h);                                        \
-    }                                                       \
-    while (0)
-
-/* GHASH in AAD and cipher text lengths in bits.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                                \
-    do {                                                    \
-        word32 len[4];                                      \
-        word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->gcm.H;                    \
-        len[0] = (aes->aSz >> (8*sizeof(aes->aSz) - 3));    \
-        len[1] = aes->aSz << 3;                             \
-        len[2] = (aes->cSz >> (8*sizeof(aes->cSz) - 3));    \
-        len[3] = aes->cSz << 3;                             \
-        x[0] ^= len[0];                                     \
-        x[1] ^= len[1];                                     \
-        x[2] ^= len[2];                                     \
-        x[3] ^= len[3];                                     \
-        GMULT(x, h);                                        \
-    }                                                       \
-    while (0)
-#endif /* LITTLE_ENDIAN_ORDER */
-#endif /* WOLFSSL_AESGCM_STREAM */
-#endif /* end GCM_WORD32 */
-#endif
-
-#if !defined(WOLFSSL_XILINX_CRYPT) && !defined(WOLFSSL_AFALG_XILINX_AES)
-#ifdef WOLFSSL_AESGCM_STREAM
-#ifndef GHASH_LEN_BLOCK
-/* Hash in the lengths of the AAD and cipher text in bits.
- *
- * Default implementation.
- *
- * @param [in, out] aes  AES GCM object.
- */
-#define GHASH_LEN_BLOCK(aes)                      \
-    do {                                          \
-        byte scratch[WC_AES_BLOCK_SIZE];          \
-        FlattenSzInBits(&scratch[0], (aes)->aSz); \
-        FlattenSzInBits(&scratch[8], (aes)->cSz); \
-        GHASH_ONE_BLOCK(aes, scratch);            \
-    }                                             \
-    while (0)
-#endif
-
-/* Initialize a GHASH for streaming operations.
- *
- * @param [in, out] aes  AES GCM object.
- */
-static void GHASH_INIT(Aes* aes) {
-    /* Set tag to all zeros as initial value. */
-    XMEMSET(AES_TAG(aes), 0, WC_AES_BLOCK_SIZE);
-    /* Reset counts of AAD and cipher text. */
-    aes->aOver = 0;
-    aes->cOver = 0;
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-        ; /* Don't do extra initialization. */
-    }
-    else
-#endif
-    {
-        /* Extra initialization based on implementation. */
-        GHASH_INIT_EXTRA(aes);
-    }
-}
-
-/* Update the GHASH with AAD and/or cipher text.
- *
- * @param [in,out] aes   AES GCM object.
- * @param [in]     a     Additional authentication data buffer.
- * @param [in]     aSz   Size of data in AAD buffer.
- * @param [in]     c     Cipher text buffer.
- * @param [in]     cSz   Size of data in cipher text buffer.
- */
-static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
-    word32 cSz)
-{
-    word32 blocks;
-    word32 partial;
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        /* Update count of AAD we have hashed. */
-        aes->aSz += aSz;
-        /* Check if we have unprocessed data. */
-        if (aes->aOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
-            if (sz > aSz) {
-                sz = (byte)aSz;
-            }
-            /* Copy extra into last GHASH block array and update count. */
-            XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz);
-            aes->aOver = (byte)(aes->aOver + sz);
-            if (aes->aOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-                GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
-                /* Reset count. */
-                aes->aOver = 0;
-            }
-            /* Used up some data. */
-            aSz -= sz;
-            a += sz;
-        }
-
-        /* Calculate number of blocks of AAD and the leftover. */
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-        /* GHASH full blocks now. */
-        while (blocks--) {
-            GHASH_ONE_BLOCK(aes, a);
-            a += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Cache the partial block. */
-            XMEMCPY(AES_LASTGBLOCK(aes), a, partial);
-            aes->aOver = (byte)partial;
-        }
-    }
-    if (aes->aOver > 0 && cSz > 0 && c != NULL) {
-        /* No more AAD coming and we have a partial block. */
-        /* Fill the rest of the block with zeros. */
-        byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
-        XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0, sz);
-        /* GHASH last AAD block. */
-        GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
-        /* Clear partial count for next time through. */
-        aes->aOver = 0;
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        /* Update count of cipher text we have hashed. */
-        aes->cSz += cSz;
-        if (aes->cOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
-            if (sz > cSz) {
-                sz = (byte)cSz;
-            }
-            XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
-            /* Update count of unused encrypted counter. */
-            aes->cOver = (byte)(aes->cOver + sz);
-            if (aes->cOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-                GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
-                /* Reset count. */
-                aes->cOver = 0;
-            }
-            /* Used up some data. */
-            cSz -= sz;
-            c += sz;
-        }
-
-        /* Calculate number of blocks of cipher text and the leftover. */
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        /* GHASH full blocks now. */
-        while (blocks--) {
-            GHASH_ONE_BLOCK(aes, c);
-            c += WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Cache the partial block. */
-            XMEMCPY(AES_LASTGBLOCK(aes), c, partial);
-            aes->cOver = (byte)partial;
-        }
-    }
-}
-
-/* Finalize the GHASH calculation.
- *
- * Complete hashing cipher text and hash the AAD and cipher text lengths.
- *
- * @param [in, out] aes  AES GCM object.
- * @param [out]     s    Authentication tag.
- * @param [in]      sSz  Size of authentication tag required.
- */
-static void GHASH_FINAL(Aes* aes, byte* s, word32 sSz)
-{
-    /* AAD block incomplete when > 0 */
-    byte over = aes->aOver;
-
-    if (aes->cOver > 0) {
-        /* Cipher text block incomplete. */
-        over = aes->cOver;
-    }
-    if (over > 0) {
-        /* Zeroize the unused part of the block. */
-        XMEMSET(AES_LASTGBLOCK(aes) + over, 0,
-            (size_t)WC_AES_BLOCK_SIZE - over);
-        /* Hash the last block of cipher text. */
-        GHASH_ONE_BLOCK(aes, AES_LASTGBLOCK(aes));
-    }
-    /* Hash in the lengths of AAD and cipher text in bits */
-    GHASH_LEN_BLOCK(aes);
-    /* Copy the result into s. */
-    XMEMCPY(s, AES_TAG(aes), sSz);
-    /* reset aes->gcm.H in case of reuse */
-    GHASH_INIT_EXTRA(aes);
-}
-#endif /* WOLFSSL_AESGCM_STREAM */
-
-
-#ifdef FREESCALE_LTC_AES_GCM
-int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    status_t status;
-    word32 keySize;
-
-    /* argument checks */
-    if (aes == NULL || authTagSz > WC_AES_BLOCK_SIZE || ivSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
-        WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
-        return BAD_FUNC_ARG;
-    }
-
-    status = wc_AesGetKeySize(aes, &keySize);
-    if (status)
-        return status;
-
-    status = wolfSSL_CryptHwMutexLock();
-    if (status != 0)
-        return status;
-
-    status = LTC_AES_EncryptTagGcm(LTC_BASE, in, out, sz, iv, ivSz,
-        authIn, authInSz, (byte*)aes->key, keySize, authTag, authTagSz);
-    wolfSSL_CryptHwMutexUnLock();
-
-    return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E;
-}
-
-#else
-
-#ifdef STM32_CRYPTO_AES_GCM
-
-/* this function supports inline encrypt */
-static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
-                                  Aes* aes, byte* out, const byte* in, word32 sz,
-                                  const byte* iv, word32 ivSz,
-                                  byte* authTag, word32 authTagSz,
-                                  const byte* authIn, word32 authInSz)
-{
-    int ret;
-#ifdef WOLFSSL_STM32_CUBEMX
-    CRYP_HandleTypeDef hcryp;
-#else
-    word32 keyCopy[AES_256_KEY_SIZE/sizeof(word32)];
-#endif
-    word32 keySize;
-#ifdef WOLFSSL_STM32_CUBEMX
-    int status = HAL_OK;
-    word32 blocks = sz / WC_AES_BLOCK_SIZE;
-    word32 partialBlock[WC_AES_BLOCK_SIZE/sizeof(word32)];
-#else
-    int status = SUCCESS;
-#endif
-    word32 partial = sz % WC_AES_BLOCK_SIZE;
-    word32 tag[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 ctrInit[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 ctr[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 authhdr[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    byte* authInPadded = NULL;
-    int authPadSz, wasAlloc = 0, useSwGhash = 0;
-
-    ret = wc_AesGetKeySize(aes, &keySize);
-    if (ret != 0)
-        return ret;
-
-#ifdef WOLFSSL_STM32_CUBEMX
-    ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-    if (ret != 0)
-        return ret;
-#endif
-
-    XMEMSET(ctr, 0, WC_AES_BLOCK_SIZE);
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        byte* pCtr = (byte*)ctr;
-        XMEMCPY(ctr, iv, ivSz);
-        pCtr[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, (byte*)ctr, WC_AES_BLOCK_SIZE);
-    }
-    XMEMCPY(ctrInit, ctr, sizeof(ctr)); /* save off initial counter for GMAC */
-
-    /* Authentication buffer */
-#if STM_CRYPT_HEADER_WIDTH == 1
-    authPadSz = 0; /* CubeHAL supports byte mode */
-#else
-    authPadSz = authInSz % STM_CRYPT_HEADER_WIDTH;
-#endif
-#ifdef WOLFSSL_STM32MP13
-    /* STM32MP13 HAL at least v1.2 and lower has a bug with which it needs a
-     * minimum of 16 bytes for the auth */
-    if ((authInSz > 0) && (authInSz < 16)) {
-        authPadSz = 16 - authInSz;
-    }
-#endif
-    if (authPadSz != 0) {
-        if (authPadSz < authInSz + STM_CRYPT_HEADER_WIDTH) {
-            authPadSz = authInSz + STM_CRYPT_HEADER_WIDTH - authPadSz;
-        }
-        if (authPadSz <= sizeof(authhdr)) {
-            authInPadded = (byte*)authhdr;
-        }
-        else {
-            authInPadded = (byte*)XMALLOC(authPadSz, aes->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            if (authInPadded == NULL) {
-                wolfSSL_CryptHwMutexUnLock();
-                return MEMORY_E;
-            }
-            wasAlloc = 1;
-        }
-        XMEMSET(authInPadded, 0, authPadSz);
-        XMEMCPY(authInPadded, authIn, authInSz);
-    } else {
-        authPadSz = authInSz;
-        authInPadded = (byte*)authIn;
-    }
-
-    /* for cases where hardware cannot be used for authTag calculate it */
-    /* if IV is not 12 calculate GHASH using software */
-    if (ivSz != GCM_NONCE_MID_SZ
-    #if !defined(CRYP_HEADERWIDTHUNIT_BYTE)
-        /* or hardware that does not support partial block */
-        || sz == 0 || partial != 0
-    #endif
-    #if STM_CRYPT_HEADER_WIDTH == 4
-        /* or authIn is not a multiple of 4  */
-        || authPadSz != authInSz
-    #endif
-    ) {
-        useSwGhash = 1;
-    }
-
-    /* Hardware requires counter + 1 */
-    IncrementGcmCounter((byte*)ctr);
-
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret != 0) {
-        return ret;
-    }
-
-#ifdef WOLFSSL_STM32_CUBEMX
-    hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)ctr;
-    hcryp.Init.Header = (STM_CRYPT_TYPE*)authInPadded;
-
-#if defined(STM32_HAL_V2)
-    hcryp.Init.Algorithm = CRYP_AES_GCM;
-    hcryp.Init.HeaderSize = authPadSz / STM_CRYPT_HEADER_WIDTH;
-    #ifdef CRYP_KEYIVCONFIG_ONCE
-    /* allows repeated calls to HAL_CRYP_Encrypt */
-    hcryp.Init.KeyIVConfigSkip = CRYP_KEYIVCONFIG_ONCE;
-    #endif
-    ByteReverseWords(ctr, ctr, WC_AES_BLOCK_SIZE);
-    hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)ctr;
-    HAL_CRYP_Init(&hcryp);
-
-    #ifndef CRYP_KEYIVCONFIG_ONCE
-    /* GCM payload phase - can handle partial blocks */
-    status = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in,
-        (blocks * WC_AES_BLOCK_SIZE) + partial, (uint32_t*)out, STM32_HAL_TIMEOUT);
-    #else
-    /* GCM payload phase - blocks */
-    if (blocks) {
-        status = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in,
-            (blocks * WC_AES_BLOCK_SIZE), (uint32_t*)out, STM32_HAL_TIMEOUT);
-    }
-    /* GCM payload phase - partial remainder */
-    if (status == HAL_OK && (partial != 0 || blocks == 0)) {
-        XMEMSET(partialBlock, 0, sizeof(partialBlock));
-        XMEMCPY(partialBlock, in + (blocks * WC_AES_BLOCK_SIZE), partial);
-        status = HAL_CRYP_Encrypt(&hcryp, (uint32_t*)partialBlock, partial,
-            (uint32_t*)partialBlock, STM32_HAL_TIMEOUT);
-        XMEMCPY(out + (blocks * WC_AES_BLOCK_SIZE), partialBlock, partial);
-    }
-    #endif
-    if (status == HAL_OK && !useSwGhash) {
-        /* Compute the authTag */
-        status = HAL_CRYPEx_AESGCM_GenerateAuthTAG(&hcryp, (uint32_t*)tag,
-            STM32_HAL_TIMEOUT);
-    }
-#elif defined(STM32_CRYPTO_AES_ONLY)
-    /* Set the CRYP parameters */
-    hcryp.Init.HeaderSize = authPadSz;
-    if (authPadSz == 0)
-        hcryp.Init.Header = NULL; /* cannot pass pointer when authIn == 0 */
-    hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_GCM_GMAC;
-    hcryp.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
-    hcryp.Init.GCMCMACPhase  = CRYP_INIT_PHASE;
-    HAL_CRYP_Init(&hcryp);
-
-    /* GCM init phase */
-    status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
-    if (status == HAL_OK) {
-        /* GCM header phase */
-        hcryp.Init.GCMCMACPhase = CRYP_HEADER_PHASE;
-        status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
-    }
-    if (status == HAL_OK) {
-        /* GCM payload phase - blocks */
-        hcryp.Init.GCMCMACPhase = CRYP_PAYLOAD_PHASE;
-        if (blocks) {
-            status = HAL_CRYPEx_AES_Auth(&hcryp, (byte*)in,
-                (blocks * WC_AES_BLOCK_SIZE), out, STM32_HAL_TIMEOUT);
-        }
-    }
-    if (status == HAL_OK && (partial != 0 || (sz > 0 && blocks == 0))) {
-        /* GCM payload phase - partial remainder */
-        XMEMSET(partialBlock, 0, sizeof(partialBlock));
-        XMEMCPY(partialBlock, in + (blocks * WC_AES_BLOCK_SIZE), partial);
-        status = HAL_CRYPEx_AES_Auth(&hcryp, (uint8_t*)partialBlock, partial,
-                (uint8_t*)partialBlock, STM32_HAL_TIMEOUT);
-        XMEMCPY(out + (blocks * WC_AES_BLOCK_SIZE), partialBlock, partial);
-    }
-    if (status == HAL_OK && !useSwGhash) {
-        /* GCM final phase */
-        hcryp.Init.GCMCMACPhase  = CRYP_FINAL_PHASE;
-        status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, (uint8_t*)tag, STM32_HAL_TIMEOUT);
-    }
-#else
-    hcryp.Init.HeaderSize = authPadSz;
-    HAL_CRYP_Init(&hcryp);
-    if (blocks) {
-        /* GCM payload phase - blocks */
-        status = HAL_CRYPEx_AESGCM_Encrypt(&hcryp, (byte*)in,
-            (blocks * WC_AES_BLOCK_SIZE), out, STM32_HAL_TIMEOUT);
-    }
-    if (status == HAL_OK && (partial != 0 || blocks == 0)) {
-        /* GCM payload phase - partial remainder */
-        XMEMSET(partialBlock, 0, sizeof(partialBlock));
-        XMEMCPY(partialBlock, in + (blocks * WC_AES_BLOCK_SIZE), partial);
-        status = HAL_CRYPEx_AESGCM_Encrypt(&hcryp, (uint8_t*)partialBlock, partial,
-            (uint8_t*)partialBlock, STM32_HAL_TIMEOUT);
-        XMEMCPY(out + (blocks * WC_AES_BLOCK_SIZE), partialBlock, partial);
-    }
-    if (status == HAL_OK && !useSwGhash) {
-        /* Compute the authTag */
-        status = HAL_CRYPEx_AESGCM_Finish(&hcryp, sz, (uint8_t*)tag, STM32_HAL_TIMEOUT);
-    }
-#endif
-
-    if (status != HAL_OK)
-        ret = AES_GCM_AUTH_E;
-    HAL_CRYP_DeInit(&hcryp);
-
-#else /* Standard Peripheral Library */
-    ByteReverseWords(keyCopy, (word32*)aes->key, keySize);
-    status = CRYP_AES_GCM(MODE_ENCRYPT, (uint8_t*)ctr,
-                         (uint8_t*)keyCopy,      keySize * 8,
-                         (uint8_t*)in,           sz,
-                         (uint8_t*)authInPadded, authInSz,
-                         (uint8_t*)out,          (uint8_t*)tag);
-    if (status != SUCCESS)
-        ret = AES_GCM_AUTH_E;
-#endif /* WOLFSSL_STM32_CUBEMX */
-    wolfSSL_CryptHwMutexUnLock();
-    wc_Stm32_Aes_Cleanup();
-
-    if (ret == 0) {
-        /* return authTag */
-        if (authTag) {
-            if (useSwGhash) {
-                GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
-                ret = wc_AesEncrypt(aes, (byte*)ctrInit, (byte*)tag);
-                if (ret == 0) {
-                    xorbuf(authTag, tag, authTagSz);
-                }
-            }
-            else {
-                /* use hardware calculated tag */
-                XMEMCPY(authTag, tag, authTagSz);
-            }
-        }
-    }
-
-    /* Free memory */
-    if (wasAlloc) {
-        XFREE(authInPadded, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-
-    return ret;
-}
-
-#endif /* STM32_CRYPTO_AES_GCM */
-
-#if !defined(WOLFSSL_ARMASM) || defined(__aarch64__)
-#ifdef WOLFSSL_AESNI
-/* For performance reasons, this code needs to be not inlined. */
-WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
-                      Aes* aes, byte* out, const byte* in, word32 sz,
-                      const byte* iv, word32 ivSz,
-                      byte* authTag, word32 authTagSz,
-                      const byte* authIn, word32 authInSz);
-#else
-static
-#endif
-WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
-                      Aes* aes, byte* out, const byte* in, word32 sz,
-                      const byte* iv, word32 ivSz,
-                      byte* authTag, word32 authTagSz,
-                      const byte* authIn, word32 authInSz)
-{
-    int ret = 0;
-    word32 blocks = sz / WC_AES_BLOCK_SIZE;
-    word32 partial = sz % WC_AES_BLOCK_SIZE;
-    const byte* p = in;
-    byte* c = out;
-    ALIGN16 byte counter[WC_AES_BLOCK_SIZE];
-    ALIGN16 byte initialCounter[WC_AES_BLOCK_SIZE];
-    ALIGN16 byte scratch[WC_AES_BLOCK_SIZE];
-
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        /* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
-        XMEMCPY(counter, iv, ivSz);
-        XMEMSET(counter + GCM_NONCE_MID_SZ, 0,
-                                         WC_AES_BLOCK_SIZE - GCM_NONCE_MID_SZ - 1);
-        counter[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        /* Counter is GHASH of IV. */
-#ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->gcm.aadLen;
-        aes->gcm.aadLen = 0;
-#endif
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, WC_AES_BLOCK_SIZE);
-#ifdef OPENSSL_EXTRA
-        aes->gcm.aadLen = aadTemp;
-#endif
-    }
-    XMEMCPY(initialCounter, counter, WC_AES_BLOCK_SIZE);
-
-#ifdef WOLFSSL_PIC32MZ_CRYPT
-    if (blocks) {
-        /* use initial IV for HW, but don't use it below */
-        XMEMCPY(aes->reg, counter, WC_AES_BLOCK_SIZE);
-
-        ret = wc_Pic32AesCrypt(
-            aes->key, aes->keylen, aes->reg, WC_AES_BLOCK_SIZE,
-            out, in, (blocks * WC_AES_BLOCK_SIZE),
-            PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_AES_GCM);
-        if (ret != 0)
-            return ret;
-    }
-    /* process remainder using partial handling */
-#endif
-
-#if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT)
-    /* some hardware acceleration can gain performance from doing AES encryption
-     * of the whole buffer at once */
-    if (c != p && blocks > 0) { /* can not handle inline encryption */
-        while (blocks--) {
-            IncrementGcmCounter(counter);
-            XMEMCPY(c, counter, WC_AES_BLOCK_SIZE);
-            c += WC_AES_BLOCK_SIZE;
-        }
-
-        /* reset number of blocks and then do encryption */
-        blocks = sz / WC_AES_BLOCK_SIZE;
-        wc_AesEcbEncrypt(aes, out, out, WC_AES_BLOCK_SIZE * blocks);
-        xorbuf(out, p, WC_AES_BLOCK_SIZE * blocks);
-        p += WC_AES_BLOCK_SIZE * blocks;
-    }
-    else
-#endif /* HAVE_AES_ECB && !WOLFSSL_PIC32MZ_CRYPT */
-    {
-        while (blocks--) {
-            IncrementGcmCounter(counter);
-        #if !defined(WOLFSSL_PIC32MZ_CRYPT)
-            ret = wc_AesEncrypt(aes, counter, scratch);
-            if (ret != 0)
-                return ret;
-            xorbufout(c, scratch, p, WC_AES_BLOCK_SIZE);
-        #endif
-            p += WC_AES_BLOCK_SIZE;
-            c += WC_AES_BLOCK_SIZE;
-        }
-    }
-
-    if (partial != 0) {
-        IncrementGcmCounter(counter);
-        ret = wc_AesEncrypt(aes, counter, scratch);
-        if (ret != 0)
-            return ret;
-        xorbufout(c, scratch, p, partial);
-    }
-    if (authTag) {
-        GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
-        ret = wc_AesEncrypt(aes, initialCounter, scratch);
-        if (ret != 0)
-            return ret;
-        xorbuf(authTag, scratch, authTagSz);
-#ifdef OPENSSL_EXTRA
-        if (!in && !sz)
-            /* store AAD size for next call */
-            aes->gcm.aadLen = authInSz;
-#endif
-    }
-
-    return ret;
-}
-#elif defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-static int AES_GCM_encrypt_AARCH32(Aes* aes, byte* out, const byte* in,
-    word32 sz, const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
-    const byte* authIn, word32 authInSz)
-{
-    word32 blocks;
-    word32 partial;
-    byte counter[WC_AES_BLOCK_SIZE];
-    byte initialCounter[WC_AES_BLOCK_SIZE];
-    byte x[WC_AES_BLOCK_SIZE];
-    byte scratch[WC_AES_BLOCK_SIZE];
-
-    XMEMSET(initialCounter, 0, WC_AES_BLOCK_SIZE);
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        XMEMCPY(initialCounter, iv, ivSz);
-        initialCounter[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, initialCounter, WC_AES_BLOCK_SIZE);
-    }
-    XMEMCPY(counter, initialCounter, WC_AES_BLOCK_SIZE);
-
-    /* Hash in the Additional Authentication Data */
-    XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
-    if (authInSz != 0 && authIn != NULL) {
-        blocks = authInSz / WC_AES_BLOCK_SIZE;
-        partial = authInSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            GCM_GMULT_LEN(&aes->gcm, x, authIn, blocks * WC_AES_BLOCK_SIZE);
-            authIn += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, authIn, partial);
-            GCM_GMULT_LEN(&aes->gcm, x, scratch, WC_AES_BLOCK_SIZE);
-        }
-    }
-
-    /* do as many blocks as possible */
-    blocks = sz / WC_AES_BLOCK_SIZE;
-    partial = sz % WC_AES_BLOCK_SIZE;
-    if (blocks > 0) {
-        AES_GCM_encrypt(in, out, blocks * WC_AES_BLOCK_SIZE,
-            (const unsigned char*)aes->key, aes->rounds, counter);
-        GCM_GMULT_LEN(&aes->gcm, x, out, blocks * WC_AES_BLOCK_SIZE);
-        in += blocks * WC_AES_BLOCK_SIZE;
-        out += blocks * WC_AES_BLOCK_SIZE;
-    }
-    /* take care of partial block sizes leftover */
-    if (partial != 0) {
-        AES_GCM_encrypt(in, scratch, WC_AES_BLOCK_SIZE,
-            (const unsigned char*)aes->key, aes->rounds, counter);
-        XMEMCPY(out, scratch, partial);
-
-        XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-        XMEMCPY(scratch, out, partial);
-        GCM_GMULT_LEN(&aes->gcm, x, scratch, WC_AES_BLOCK_SIZE);
-    }
-
-    /* Hash in the lengths of A and C in bits */
-    XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-    FlattenSzInBits(&scratch[0], authInSz);
-    FlattenSzInBits(&scratch[8], sz);
-    GCM_GMULT_LEN(&aes->gcm, x, scratch, WC_AES_BLOCK_SIZE);
-    if (authTagSz > WC_AES_BLOCK_SIZE) {
-        XMEMCPY(authTag, x, WC_AES_BLOCK_SIZE);
-    }
-    else {
-        /* authTagSz can be smaller than WC_AES_BLOCK_SIZE */
-        XMEMCPY(authTag, x, authTagSz);
-    }
-
-    /* Auth tag calculation. */
-    AES_ECB_encrypt(initialCounter, scratch, WC_AES_BLOCK_SIZE,
-        (const unsigned char*)aes->key, aes->rounds);
-    xorbuf(authTag, scratch, authTagSz);
-
-    return 0;
-}
-#endif
-
-/* Software AES - GCM Encrypt */
-int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    int ret;
-
-    /* argument checks */
-    if (aes == NULL || authTagSz > WC_AES_BLOCK_SIZE || ivSz == 0 ||
-        ((authTagSz > 0) && (authTag == NULL)) ||
-        ((authInSz > 0) && (authIn == NULL)))
-    {
-        return BAD_FUNC_ARG;
-    }
-
-    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
-        WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        int crypto_cb_ret =
-            wc_CryptoCb_AesGcmEncrypt(aes, out, in, sz, iv, ivSz, authTag,
-                                      authTagSz, authIn, authInSz);
-        if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return crypto_cb_ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
-    /* if async and byte count above threshold */
-    /* only 12-byte IV is supported in HW */
-    if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
-                    sz >= WC_ASYNC_THRESH_AES_GCM && ivSz == GCM_NONCE_MID_SZ) {
-    #if defined(HAVE_CAVIUM)
-        #ifdef HAVE_CAVIUM_V
-        if (authInSz == 20) { /* Nitrox V GCM is only working with 20 byte AAD */
-            return NitroxAesGcmEncrypt(aes, out, in, sz,
-                (const byte*)aes->devKey, aes->keylen, iv, ivSz,
-                authTag, authTagSz, authIn, authInSz);
-        }
-        #endif
-    #elif defined(HAVE_INTEL_QA)
-        return IntelQaSymAesGcmEncrypt(&aes->asyncDev, out, in, sz,
-            (const byte*)aes->devKey, aes->keylen, iv, ivSz,
-            authTag, authTagSz, authIn, authInSz);
-    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-        if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_ENCRYPT)) {
-            WC_ASYNC_SW* sw = &aes->asyncDev.sw;
-            sw->aes.aes = aes;
-            sw->aes.out = out;
-            sw->aes.in = in;
-            sw->aes.sz = sz;
-            sw->aes.iv = iv;
-            sw->aes.ivSz = ivSz;
-            sw->aes.authTag = authTag;
-            sw->aes.authTagSz = authTagSz;
-            sw->aes.authIn = authIn;
-            sw->aes.authInSz = authInSz;
-            return WC_PENDING_E;
-        }
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifdef WOLFSSL_SILABS_SE_ACCEL
-    return wc_AesGcmEncrypt_silabs(
-        aes, out, in, sz,
-        iv, ivSz,
-        authTag, authTagSz,
-        authIn, authInSz);
-#endif
-
-#ifdef STM32_CRYPTO_AES_GCM
-    return wc_AesGcmEncrypt_STM32(
-        aes, out, in, sz, iv, ivSz,
-        authTag, authTagSz, authIn, authInSz);
-#endif /* STM32_CRYPTO_AES_GCM */
-
-    VECTOR_REGISTERS_PUSH;
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_GCM_encrypt_AARCH32(in, out, sz, iv, ivSz, authTag, authTagSz, authIn,
-        authInSz, (byte*)aes->key, aes->gcm.H, (byte*)aes->tmp, (byte*)aes->reg,
-        aes->rounds);
-    ret = 0;
-#else
-    ret = AES_GCM_encrypt_AARCH32(aes, out, in, sz, iv, ivSz, authTag,
-        authTagSz, authIn, authInSz);
-#endif
-#else
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_encrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                                 authTagSz, (const byte*)aes->key, (int)aes->rounds);
-            ret = 0;
-        }
-        else
-#endif
-#if defined(HAVE_INTEL_AVX1)
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_encrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                                 authTagSz, (const byte*)aes->key, (int)aes->rounds);
-            ret = 0;
-        } else
-#endif
-        {
-            AES_GCM_encrypt_aesni(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                            authTagSz, (const byte*)aes->key, (int)aes->rounds);
-            ret = 0;
-        }
-    }
-    else
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-    #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-        if (aes->use_sha3_hw_crypto) {
-            AES_GCM_encrypt_AARCH64_EOR3(in, out, sz, iv, ivSz, authTag,
-                authTagSz, authIn, authInSz, (byte*)aes->key, aes->gcm.H,
-                (byte*)aes->tmp, (byte*)aes->reg, aes->rounds);
-        }
-        else
-    #endif
-        {
-            AES_GCM_encrypt_AARCH64(in, out, sz, iv, ivSz, authTag, authTagSz,
-                authIn, authInSz, (byte*)aes->key, aes->gcm.H, (byte*)aes->tmp,
-                (byte*)aes->reg, aes->rounds);
-        }
-        ret = 0;
-    }
-    else
-#endif /* WOLFSSL_AESNI */
-    {
-        ret = AES_GCM_encrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
-                                authIn, authInSz);
-    }
-#endif
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-#endif
-
-
-/* AES GCM Decrypt */
-#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AESGCM_DECRYPT)
-#ifdef FREESCALE_LTC_AES_GCM
-int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   const byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    int ret;
-    word32 keySize;
-    status_t status;
-
-    /* argument checks */
-    /* If the sz is non-zero, both in and out must be set. If sz is 0,
-     * in and out are don't cares, as this is is the GMAC case. */
-    if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
-        authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE || authTagSz == 0 ||
-        ivSz == 0 || ((authInSz > 0) && (authIn == NULL)))
-    {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_AesGetKeySize(aes, &keySize);
-    if (ret != 0) {
-        return ret;
-    }
-
-    status = wolfSSL_CryptHwMutexLock();
-    if (status != 0)
-        return status;
-
-    status = LTC_AES_DecryptTagGcm(LTC_BASE, in, out, sz, iv, ivSz,
-        authIn, authInSz, (byte*)aes->key, keySize, authTag, authTagSz);
-    wolfSSL_CryptHwMutexUnLock();
-
-    return (status == kStatus_Success) ? 0 : AES_GCM_AUTH_E;
-}
-
-#else
-
-#ifdef STM32_CRYPTO_AES_GCM
-/* this function supports inline decrypt */
-static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
-                                  Aes* aes, byte* out,
-                                  const byte* in, word32 sz,
-                                  const byte* iv, word32 ivSz,
-                                  const byte* authTag, word32 authTagSz,
-                                  const byte* authIn, word32 authInSz)
-{
-    int ret;
-#ifdef WOLFSSL_STM32_CUBEMX
-    int status = HAL_OK;
-    CRYP_HandleTypeDef hcryp;
-    word32 blocks = sz / WC_AES_BLOCK_SIZE;
-#else
-    int status = SUCCESS;
-    word32 keyCopy[AES_256_KEY_SIZE/sizeof(word32)];
-#endif
-    word32 keySize;
-    word32 partial = sz % WC_AES_BLOCK_SIZE;
-    word32 tag[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 tagExpected[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 partialBlock[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 ctr[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    word32 authhdr[WC_AES_BLOCK_SIZE/sizeof(word32)];
-    byte* authInPadded = NULL;
-    int authPadSz, wasAlloc = 0, tagComputed = 0;
-
-    ret = wc_AesGetKeySize(aes, &keySize);
-    if (ret != 0)
-        return ret;
-
-#ifdef WOLFSSL_STM32_CUBEMX
-    ret = wc_Stm32_Aes_Init(aes, &hcryp, 0);
-    if (ret != 0)
-        return ret;
-#endif
-
-    XMEMSET(ctr, 0, WC_AES_BLOCK_SIZE);
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        byte* pCtr = (byte*)ctr;
-        XMEMCPY(ctr, iv, ivSz);
-        pCtr[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, (byte*)ctr, WC_AES_BLOCK_SIZE);
-    }
-
-    /* Make copy of expected authTag, which could get corrupted in some
-     * Cube HAL versions without proper partial block support.
-     * For TLS blocks the authTag is after the output buffer, so save it */
-    XMEMCPY(tagExpected, authTag, authTagSz);
-
-    /* Authentication buffer */
-#if STM_CRYPT_HEADER_WIDTH == 1
-    authPadSz = 0; /* CubeHAL supports byte mode */
-#else
-    authPadSz = authInSz % STM_CRYPT_HEADER_WIDTH;
-#endif
-#ifdef WOLFSSL_STM32MP13
-    /* STM32MP13 HAL at least v1.2 and lower has a bug with which it needs a
-     * minimum of 16 bytes for the auth */
-    if ((authInSz > 0) && (authInSz < 16)) {
-        authPadSz = 16 - authInSz;
-    }
-#else
-    if (authPadSz != 0) {
-        authPadSz = authInSz + STM_CRYPT_HEADER_WIDTH - authPadSz;
-    }
-    else {
-        authPadSz = authInSz;
-    }
-#endif
-
-    /* for cases where hardware cannot be used for authTag calculate it */
-    /* if IV is not 12 calculate GHASH using software */
-    if (ivSz != GCM_NONCE_MID_SZ
-    #if !defined(CRYP_HEADERWIDTHUNIT_BYTE)
-        /* or hardware that does not support partial block */
-        || sz == 0 || partial != 0
-    #endif
-    #if STM_CRYPT_HEADER_WIDTH == 4
-        /* or authIn is not a multiple of 4  */
-        || authPadSz != authInSz
-    #endif
-    ) {
-        GHASH(&aes->gcm, authIn, authInSz, in, sz, (byte*)tag, sizeof(tag));
-        ret = wc_AesEncrypt(aes, (byte*)ctr, (byte*)partialBlock);
-        if (ret != 0)
-            return ret;
-        xorbuf(tag, partialBlock, sizeof(tag));
-        tagComputed = 1;
-    }
-
-    /* if using hardware for authentication tag make sure its aligned and zero padded */
-    if (authPadSz != authInSz && !tagComputed) {
-        if (authPadSz <= sizeof(authhdr)) {
-            authInPadded = (byte*)authhdr;
-        }
-        else {
-            authInPadded = (byte*)XMALLOC(authPadSz, aes->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            if (authInPadded == NULL) {
-                wolfSSL_CryptHwMutexUnLock();
-                return MEMORY_E;
-            }
-            wasAlloc = 1;
-        }
-        XMEMSET(authInPadded, 0, authPadSz);
-        XMEMCPY(authInPadded, authIn, authInSz);
-    } else {
-        authInPadded = (byte*)authIn;
-    }
-
-    /* Hardware requires counter + 1 */
-    IncrementGcmCounter((byte*)ctr);
-
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret != 0) {
-        return ret;
-    }
-
-#ifdef WOLFSSL_STM32_CUBEMX
-    hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)ctr;
-    hcryp.Init.Header = (STM_CRYPT_TYPE*)authInPadded;
-
-#if defined(STM32_HAL_V2)
-    hcryp.Init.Algorithm = CRYP_AES_GCM;
-    hcryp.Init.HeaderSize = authPadSz / STM_CRYPT_HEADER_WIDTH;
-    #ifdef CRYP_KEYIVCONFIG_ONCE
-    /* allows repeated calls to HAL_CRYP_Decrypt */
-    hcryp.Init.KeyIVConfigSkip = CRYP_KEYIVCONFIG_ONCE;
-    #endif
-    ByteReverseWords(ctr, ctr, WC_AES_BLOCK_SIZE);
-    hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)ctr;
-    HAL_CRYP_Init(&hcryp);
-
-    #ifndef CRYP_KEYIVCONFIG_ONCE
-    /* GCM payload phase - can handle partial blocks */
-    status = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)in,
-        (blocks * WC_AES_BLOCK_SIZE) + partial, (uint32_t*)out, STM32_HAL_TIMEOUT);
-    #else
-    /* GCM payload phase - blocks */
-    if (blocks) {
-        status = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)in,
-            (blocks * WC_AES_BLOCK_SIZE), (uint32_t*)out, STM32_HAL_TIMEOUT);
-    }
-    /* GCM payload phase - partial remainder */
-    if (status == HAL_OK && (partial != 0 || blocks == 0)) {
-        XMEMSET(partialBlock, 0, sizeof(partialBlock));
-        XMEMCPY(partialBlock, in + (blocks * WC_AES_BLOCK_SIZE), partial);
-        status = HAL_CRYP_Decrypt(&hcryp, (uint32_t*)partialBlock, partial,
-            (uint32_t*)partialBlock, STM32_HAL_TIMEOUT);
-        XMEMCPY(out + (blocks * WC_AES_BLOCK_SIZE), partialBlock, partial);
-    }
-    #endif
-    if (status == HAL_OK && !tagComputed) {
-        /* Compute the authTag */
-        status = HAL_CRYPEx_AESGCM_GenerateAuthTAG(&hcryp, (uint32_t*)tag,
-            STM32_HAL_TIMEOUT);
-    }
-#elif defined(STM32_CRYPTO_AES_ONLY)
-    /* Set the CRYP parameters */
-    hcryp.Init.HeaderSize = authPadSz;
-    if (authPadSz == 0)
-        hcryp.Init.Header = NULL; /* cannot pass pointer when authIn == 0 */
-    hcryp.Init.ChainingMode  = CRYP_CHAINMODE_AES_GCM_GMAC;
-    hcryp.Init.OperatingMode = CRYP_ALGOMODE_DECRYPT;
-    hcryp.Init.GCMCMACPhase  = CRYP_INIT_PHASE;
-    HAL_CRYP_Init(&hcryp);
-
-    /* GCM init phase */
-    status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
-    if (status == HAL_OK) {
-        /* GCM header phase */
-        hcryp.Init.GCMCMACPhase = CRYP_HEADER_PHASE;
-        status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, 0, NULL, STM32_HAL_TIMEOUT);
-    }
-    if (status == HAL_OK) {
-        /* GCM payload phase - blocks */
-        hcryp.Init.GCMCMACPhase = CRYP_PAYLOAD_PHASE;
-        if (blocks) {
-            status = HAL_CRYPEx_AES_Auth(&hcryp, (byte*)in,
-                (blocks * WC_AES_BLOCK_SIZE), out, STM32_HAL_TIMEOUT);
-        }
-    }
-    if (status == HAL_OK && (partial != 0 || (sz > 0 && blocks == 0))) {
-        /* GCM payload phase - partial remainder */
-        XMEMSET(partialBlock, 0, sizeof(partialBlock));
-        XMEMCPY(partialBlock, in + (blocks * WC_AES_BLOCK_SIZE), partial);
-        status = HAL_CRYPEx_AES_Auth(&hcryp, (byte*)partialBlock, partial,
-            (byte*)partialBlock, STM32_HAL_TIMEOUT);
-        XMEMCPY(out + (blocks * WC_AES_BLOCK_SIZE), partialBlock, partial);
-    }
-    if (status == HAL_OK && tagComputed == 0) {
-        /* GCM final phase */
-        hcryp.Init.GCMCMACPhase = CRYP_FINAL_PHASE;
-        status = HAL_CRYPEx_AES_Auth(&hcryp, NULL, sz, (byte*)tag, STM32_HAL_TIMEOUT);
-    }
-#else
-    hcryp.Init.HeaderSize = authPadSz;
-    HAL_CRYP_Init(&hcryp);
-    if (blocks) {
-        /* GCM payload phase - blocks */
-        status = HAL_CRYPEx_AESGCM_Decrypt(&hcryp, (byte*)in,
-            (blocks * WC_AES_BLOCK_SIZE), out, STM32_HAL_TIMEOUT);
-    }
-    if (status == HAL_OK && (partial != 0 || blocks == 0)) {
-        /* GCM payload phase - partial remainder */
-        XMEMSET(partialBlock, 0, sizeof(partialBlock));
-        XMEMCPY(partialBlock, in + (blocks * WC_AES_BLOCK_SIZE), partial);
-        status = HAL_CRYPEx_AESGCM_Decrypt(&hcryp, (byte*)partialBlock, partial,
-            (byte*)partialBlock, STM32_HAL_TIMEOUT);
-        XMEMCPY(out + (blocks * WC_AES_BLOCK_SIZE), partialBlock, partial);
-    }
-    if (status == HAL_OK && tagComputed == 0) {
-        /* Compute the authTag */
-        status = HAL_CRYPEx_AESGCM_Finish(&hcryp, sz, (byte*)tag, STM32_HAL_TIMEOUT);
-    }
-#endif
-
-    if (status != HAL_OK)
-        ret = AES_GCM_AUTH_E;
-
-    HAL_CRYP_DeInit(&hcryp);
-
-#else /* Standard Peripheral Library */
-    ByteReverseWords(keyCopy, (word32*)aes->key, aes->keylen);
-
-    /* Input size and auth size need to be the actual sizes, even though
-     * they are not block aligned, because this length (in bits) is used
-     * in the final GHASH. */
-    XMEMSET(partialBlock, 0, sizeof(partialBlock)); /* use this to get tag */
-    status = CRYP_AES_GCM(MODE_DECRYPT, (uint8_t*)ctr,
-                         (uint8_t*)keyCopy,      keySize * 8,
-                         (uint8_t*)in,           sz,
-                         (uint8_t*)authInPadded, authInSz,
-                         (uint8_t*)out,          (uint8_t*)partialBlock);
-    if (status != SUCCESS)
-        ret = AES_GCM_AUTH_E;
-    if (tagComputed == 0)
-        XMEMCPY(tag, partialBlock, authTagSz);
-#endif /* WOLFSSL_STM32_CUBEMX */
-    wolfSSL_CryptHwMutexUnLock();
-    wc_Stm32_Aes_Cleanup();
-
-    /* Check authentication tag */
-    if (ConstantCompare((const byte*)tagExpected, (byte*)tag, authTagSz) != 0) {
-        ret = AES_GCM_AUTH_E;
-    }
-
-    /* Free memory */
-    if (wasAlloc) {
-        XFREE(authInPadded, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-
-    return ret;
-}
-
-#endif /* STM32_CRYPTO_AES_GCM */
-
-#if !defined(WOLFSSL_ARMASM) || defined(__aarch64__)
-#ifdef WOLFSSL_AESNI
-/* For performance reasons, this code needs to be not inlined. */
-int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
-                      Aes* aes, byte* out, const byte* in, word32 sz,
-                      const byte* iv, word32 ivSz,
-                      const byte* authTag, word32 authTagSz,
-                      const byte* authIn, word32 authInSz);
-#else
-static
-#endif
-int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
-                      Aes* aes, byte* out, const byte* in, word32 sz,
-                      const byte* iv, word32 ivSz,
-                      const byte* authTag, word32 authTagSz,
-                      const byte* authIn, word32 authInSz)
-{
-    int ret;
-    word32 blocks = sz / WC_AES_BLOCK_SIZE;
-    word32 partial = sz % WC_AES_BLOCK_SIZE;
-    const byte* c = in;
-    byte* p = out;
-    ALIGN16 byte counter[WC_AES_BLOCK_SIZE];
-    ALIGN16 byte scratch[WC_AES_BLOCK_SIZE];
-    ALIGN16 byte Tprime[WC_AES_BLOCK_SIZE];
-    ALIGN16 byte EKY0[WC_AES_BLOCK_SIZE];
-    volatile sword32 res;
-
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        /* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
-        XMEMCPY(counter, iv, ivSz);
-        XMEMSET(counter + GCM_NONCE_MID_SZ, 0,
-                                         WC_AES_BLOCK_SIZE - GCM_NONCE_MID_SZ - 1);
-        counter[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        /* Counter is GHASH of IV. */
-#ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->gcm.aadLen;
-        aes->gcm.aadLen = 0;
-#endif
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, WC_AES_BLOCK_SIZE);
-#ifdef OPENSSL_EXTRA
-        aes->gcm.aadLen = aadTemp;
-#endif
-    }
-
-    /* Calc the authTag again using received auth data and the cipher text */
-    GHASH(&aes->gcm, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
-    ret = wc_AesEncrypt(aes, counter, EKY0);
-    if (ret != 0)
-        return ret;
-    xorbuf(Tprime, EKY0, sizeof(Tprime));
-#ifdef WC_AES_GCM_DEC_AUTH_EARLY
-    /* ConstantCompare returns the cumulative bitwise or of the bitwise xor of
-     * the pairwise bytes in the strings.
-     */
-    res = ConstantCompare(authTag, Tprime, authTagSz);
-    /* convert positive retval from ConstantCompare() to all-1s word, in
-     * constant time.
-     */
-    res = 0 - (sword32)(((word32)(0 - res)) >> 31U);
-    ret = res & AES_GCM_AUTH_E;
-    if (ret != 0)
-        return ret;
-#endif
-
-#ifdef OPENSSL_EXTRA
-    if (!out) {
-        /* authenticated, non-confidential data */
-        /* store AAD size for next call */
-        aes->gcm.aadLen = authInSz;
-    }
-#endif
-
-#if defined(WOLFSSL_PIC32MZ_CRYPT)
-    if (blocks) {
-        /* use initial IV for HW, but don't use it below */
-        XMEMCPY(aes->reg, counter, WC_AES_BLOCK_SIZE);
-
-        ret = wc_Pic32AesCrypt(
-            aes->key, aes->keylen, aes->reg, WC_AES_BLOCK_SIZE,
-            out, in, (blocks * WC_AES_BLOCK_SIZE),
-            PIC32_DECRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_AES_GCM);
-        if (ret != 0)
-            return ret;
-    }
-    /* process remainder using partial handling */
-#endif
-
-#if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT)
-    /* some hardware acceleration can gain performance from doing AES encryption
-     * of the whole buffer at once */
-    if (c != p && blocks > 0) { /* can not handle inline decryption */
-        while (blocks--) {
-            IncrementGcmCounter(counter);
-            XMEMCPY(p, counter, WC_AES_BLOCK_SIZE);
-            p += WC_AES_BLOCK_SIZE;
-        }
-
-        /* reset number of blocks and then do encryption */
-        blocks = sz / WC_AES_BLOCK_SIZE;
-
-        wc_AesEcbEncrypt(aes, out, out, WC_AES_BLOCK_SIZE * blocks);
-        xorbuf(out, c, WC_AES_BLOCK_SIZE * blocks);
-        c += WC_AES_BLOCK_SIZE * blocks;
-    }
-    else
-#endif /* HAVE_AES_ECB && !PIC32MZ */
-    {
-        while (blocks--) {
-            IncrementGcmCounter(counter);
-        #if !defined(WOLFSSL_PIC32MZ_CRYPT)
-            ret = wc_AesEncrypt(aes, counter, scratch);
-            if (ret != 0)
-                return ret;
-            xorbufout(p, scratch, c, WC_AES_BLOCK_SIZE);
-        #endif
-            p += WC_AES_BLOCK_SIZE;
-            c += WC_AES_BLOCK_SIZE;
-        }
-    }
-
-    if (partial != 0) {
-        IncrementGcmCounter(counter);
-        ret = wc_AesEncrypt(aes, counter, scratch);
-        if (ret != 0)
-            return ret;
-        xorbuf(scratch, c, partial);
-        XMEMCPY(p, scratch, partial);
-    }
-
-#ifndef WC_AES_GCM_DEC_AUTH_EARLY
-    /* ConstantCompare returns the cumulative bitwise or of the bitwise xor of
-     * the pairwise bytes in the strings.
-     */
-    res = ConstantCompare(authTag, Tprime, (int)authTagSz);
-    /* convert positive retval from ConstantCompare() to all-1s word, in
-     * constant time.
-     */
-    res = 0 - (sword32)(((word32)(0 - res)) >> 31U);
-    /* now use res as a mask for constant time return of ret, unless tag
-     * mismatch, whereupon AES_GCM_AUTH_E is returned.
-     */
-    ret = (ret & ~res) | (res & WC_NO_ERR_TRACE(AES_GCM_AUTH_E));
-#endif
-    return ret;
-}
-#elif defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-static int AES_GCM_decrypt_AARCH32(Aes* aes, byte* out, const byte* in,
-    word32 sz, const byte* iv, word32 ivSz, const byte* authTag,
-    word32 authTagSz, const byte* authIn, word32 authInSz)
-{
-    word32 blocks;
-    word32 partial;
-    byte counter[WC_AES_BLOCK_SIZE];
-    byte initialCounter[WC_AES_BLOCK_SIZE];
-    byte scratch[WC_AES_BLOCK_SIZE];
-    byte x[WC_AES_BLOCK_SIZE];
-
-    XMEMSET(initialCounter, 0, WC_AES_BLOCK_SIZE);
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        XMEMCPY(initialCounter, iv, ivSz);
-        initialCounter[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, initialCounter, WC_AES_BLOCK_SIZE);
-    }
-    XMEMCPY(counter, initialCounter, WC_AES_BLOCK_SIZE);
-
-    XMEMSET(x, 0, WC_AES_BLOCK_SIZE);
-    /* Hash in the Additional Authentication Data */
-    if (authInSz != 0 && authIn != NULL) {
-        blocks = authInSz / WC_AES_BLOCK_SIZE;
-        partial = authInSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            GCM_GMULT_LEN(&aes->gcm, x, authIn, blocks * WC_AES_BLOCK_SIZE);
-            authIn += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-            XMEMCPY(scratch, authIn, partial);
-            GCM_GMULT_LEN(&aes->gcm, x, scratch, WC_AES_BLOCK_SIZE);
-        }
-    }
-
-    blocks = sz / WC_AES_BLOCK_SIZE;
-    partial = sz % WC_AES_BLOCK_SIZE;
-    /* do as many blocks as possible */
-    if (blocks > 0) {
-        GCM_GMULT_LEN(&aes->gcm, x, in, blocks * WC_AES_BLOCK_SIZE);
-
-        AES_GCM_encrypt(in, out, blocks * WC_AES_BLOCK_SIZE,
-            (const unsigned char*)aes->key, aes->rounds, counter);
-        in += blocks * WC_AES_BLOCK_SIZE;
-        out += blocks * WC_AES_BLOCK_SIZE;
-    }
-    if (partial != 0) {
-        XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-        XMEMCPY(scratch, in, partial);
-        GCM_GMULT_LEN(&aes->gcm, x, scratch, WC_AES_BLOCK_SIZE);
-
-        AES_GCM_encrypt(in, scratch, WC_AES_BLOCK_SIZE,
-            (const unsigned char*)aes->key, aes->rounds, counter);
-        XMEMCPY(out, scratch, partial);
-    }
-
-    XMEMSET(scratch, 0, WC_AES_BLOCK_SIZE);
-    FlattenSzInBits(&scratch[0], authInSz);
-    FlattenSzInBits(&scratch[8], sz);
-    GCM_GMULT_LEN(&aes->gcm, x, scratch, WC_AES_BLOCK_SIZE);
-    AES_ECB_encrypt(initialCounter, scratch, WC_AES_BLOCK_SIZE,
-        (const unsigned char*)aes->key, aes->rounds);
-    xorbuf(x, scratch, authTagSz);
-    if (authTag != NULL) {
-        if (ConstantCompare(authTag, x, authTagSz) != 0) {
-            return AES_GCM_AUTH_E;
-        }
-    }
-
-    return 0;
-}
-#endif
-
-/* Software AES - GCM Decrypt */
-int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                     const byte* iv, word32 ivSz,
-                     const byte* authTag, word32 authTagSz,
-                     const byte* authIn, word32 authInSz)
-{
-    int ret;
-#ifdef WOLFSSL_AESNI
-    int res = WC_NO_ERR_TRACE(AES_GCM_AUTH_E);
-#endif
-
-    /* argument checks */
-    /* If the sz is non-zero, both in and out must be set. If sz is 0,
-     * in and out are don't cares, as this is is the GMAC case. */
-    if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
-        authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE || authTagSz == 0 ||
-        ivSz == 0) {
-
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        int crypto_cb_ret =
-            wc_CryptoCb_AesGcmDecrypt(aes, out, in, sz, iv, ivSz,
-                                      authTag, authTagSz, authIn, authInSz);
-        if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return crypto_cb_ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
-    /* if async and byte count above threshold */
-    /* only 12-byte IV is supported in HW */
-    if (aes->asyncDev.marker == WOLFSSL_ASYNC_MARKER_AES &&
-                    sz >= WC_ASYNC_THRESH_AES_GCM && ivSz == GCM_NONCE_MID_SZ) {
-    #if defined(HAVE_CAVIUM)
-        #ifdef HAVE_CAVIUM_V
-        if (authInSz == 20) { /* Nitrox V GCM is only working with 20 byte AAD */
-            return NitroxAesGcmDecrypt(aes, out, in, sz,
-                (const byte*)aes->devKey, aes->keylen, iv, ivSz,
-                authTag, authTagSz, authIn, authInSz);
-        }
-        #endif
-    #elif defined(HAVE_INTEL_QA)
-        return IntelQaSymAesGcmDecrypt(&aes->asyncDev, out, in, sz,
-            (const byte*)aes->devKey, aes->keylen, iv, ivSz,
-            authTag, authTagSz, authIn, authInSz);
-    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-        if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_DECRYPT)) {
-            WC_ASYNC_SW* sw = &aes->asyncDev.sw;
-            sw->aes.aes = aes;
-            sw->aes.out = out;
-            sw->aes.in = in;
-            sw->aes.sz = sz;
-            sw->aes.iv = iv;
-            sw->aes.ivSz = ivSz;
-            sw->aes.authTag = (byte*)authTag;
-            sw->aes.authTagSz = authTagSz;
-            sw->aes.authIn = authIn;
-            sw->aes.authInSz = authInSz;
-            return WC_PENDING_E;
-        }
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifdef WOLFSSL_SILABS_SE_ACCEL
-    return wc_AesGcmDecrypt_silabs(
-        aes, out, in, sz, iv, ivSz,
-        authTag, authTagSz, authIn, authInSz);
-
-#endif
-
-#ifdef STM32_CRYPTO_AES_GCM
-    /* The STM standard peripheral library API's doesn't support partial blocks */
-    return wc_AesGcmDecrypt_STM32(
-        aes, out, in, sz, iv, ivSz,
-        authTag, authTagSz, authIn, authInSz);
-#endif /* STM32_CRYPTO_AES_GCM */
-
-    VECTOR_REGISTERS_PUSH;
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    ret = AES_GCM_decrypt_AARCH32(in, out, sz, iv, ivSz, authTag, authTagSz,
-        authIn, authInSz, (byte*)aes->key, aes->gcm.H, (byte*)aes->tmp,
-        (byte*)aes->reg, aes->rounds);
-#else
-    ret = AES_GCM_decrypt_AARCH32(aes, out, in, sz, iv, ivSz, authTag,
-        authTagSz, authIn, authInSz);
-#endif
-#else
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_decrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                                 authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
-            if (res == 0)
-                ret = AES_GCM_AUTH_E;
-            else
-                ret = 0;
-        }
-        else
-#endif
-#if defined(HAVE_INTEL_AVX1)
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_decrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                                 authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
-            if (res == 0)
-                ret = AES_GCM_AUTH_E;
-            else
-                ret = 0;
-        }
-        else
-#endif
-        {
-            AES_GCM_decrypt_aesni(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                            authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
-            if (res == 0)
-                ret = AES_GCM_AUTH_E;
-            else
-                ret = 0;
-        }
-    }
-    else
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-    #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-        if (aes->use_sha3_hw_crypto) {
-            ret = AES_GCM_decrypt_AARCH64_EOR3(in, out, sz, iv, ivSz, authTag,
-                authTagSz, authIn, authInSz, (byte*)aes->key, aes->gcm.H,
-                (byte*)aes->tmp, (byte*)aes->reg, aes->rounds);
-        }
-        else
-    #endif
-        {
-            ret = AES_GCM_decrypt_AARCH64(in, out, sz, iv, ivSz, authTag,
-                authTagSz, authIn, authInSz, (byte*)aes->key, aes->gcm.H,
-                (byte*)aes->tmp, (byte*)aes->reg, aes->rounds);
-        }
-    }
-    else
-#endif /* WOLFSSL_AESNI */
-    {
-        ret = AES_GCM_decrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
-                                                             authIn, authInSz);
-    }
-#endif
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-#endif
-#endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
-
-#ifdef WOLFSSL_AESGCM_STREAM
-
-/* Initialize the AES GCM cipher with an IV. C implementation.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      iv    IV/nonce buffer.
- * @param [in]      ivSz  Length of IV/nonce data.
- */
-static WARN_UNUSED_RESULT int AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz)
-{
-    ALIGN32 byte counter[WC_AES_BLOCK_SIZE];
-    int ret;
-
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        /* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
-        XMEMCPY(counter, iv, ivSz);
-        XMEMSET(counter + GCM_NONCE_MID_SZ, 0,
-                                         WC_AES_BLOCK_SIZE - GCM_NONCE_MID_SZ - 1);
-        counter[WC_AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        /* Counter is GHASH of IV. */
-    #ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->gcm.aadLen;
-        aes->gcm.aadLen = 0;
-    #endif
-        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, WC_AES_BLOCK_SIZE);
-    #ifdef OPENSSL_EXTRA
-        aes->gcm.aadLen = aadTemp;
-    #endif
-    }
-
-    /* Copy in the counter for use with cipher. */
-    XMEMCPY(AES_COUNTER(aes), counter, WC_AES_BLOCK_SIZE);
-    /* Encrypt initial counter into a buffer for GCM. */
-    ret = wc_AesEncrypt(aes, counter, AES_INITCTR(aes));
-    if (ret != 0)
-        return ret;
-    /* Reset state fields. */
-    aes->over = 0;
-    aes->aSz = 0;
-    aes->cSz = 0;
-    /* Initialization for GHASH. */
-    GHASH_INIT(aes);
-
-    return 0;
-}
-
-/* Update the AES GCM cipher with data. C implementation.
- *
- * Only enciphers data.
- *
- * @param [in, out] aes  AES object.
- * @param [in]      out  Cipher text or plaintext buffer.
- * @param [in]      in   Plaintext or cipher text buffer.
- * @param [in]      sz   Length of data.
- */
-static WARN_UNUSED_RESULT int AesGcmCryptUpdate_C(
-    Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    word32 blocks;
-    word32 partial;
-    int ret;
-
-    /* Check if previous encrypted block was not used up. */
-    if (aes->over > 0) {
-        byte pSz = (byte)(WC_AES_BLOCK_SIZE - aes->over);
-        if (pSz > sz) pSz = (byte)sz;
-
-        /* Use some/all of last encrypted block. */
-        xorbufout(out, AES_LASTBLOCK(aes) + aes->over, in, pSz);
-        aes->over = (aes->over + pSz) & (WC_AES_BLOCK_SIZE - 1);
-
-        /* Some data used. */
-        sz  -= pSz;
-        in  += pSz;
-        out += pSz;
-    }
-
-    /* Calculate the number of blocks needing to be encrypted and any leftover.
-     */
-    blocks  = sz / WC_AES_BLOCK_SIZE;
-    partial = sz & (WC_AES_BLOCK_SIZE - 1);
-
-#if defined(HAVE_AES_ECB)
-    /* Some hardware acceleration can gain performance from doing AES encryption
-     * of the whole buffer at once.
-     * Overwrites the cipher text before using plaintext - no inline encryption.
-     */
-    if ((out != in) && blocks > 0) {
-        word32 b;
-        /* Place incrementing counter blocks into cipher text. */
-        for (b = 0; b < blocks; b++) {
-            IncrementGcmCounter(AES_COUNTER(aes));
-            XMEMCPY(out + b * WC_AES_BLOCK_SIZE, AES_COUNTER(aes), WC_AES_BLOCK_SIZE);
-        }
-
-        /* Encrypt counter blocks. */
-        wc_AesEcbEncrypt(aes, out, out, WC_AES_BLOCK_SIZE * blocks);
-        /* XOR in plaintext. */
-        xorbuf(out, in, WC_AES_BLOCK_SIZE * blocks);
-        /* Skip over processed data. */
-        in += WC_AES_BLOCK_SIZE * blocks;
-        out += WC_AES_BLOCK_SIZE * blocks;
-    }
-    else
-#endif /* HAVE_AES_ECB */
-    {
-        /* Encrypt block by block. */
-        while (blocks--) {
-            ALIGN32 byte scratch[WC_AES_BLOCK_SIZE];
-            IncrementGcmCounter(AES_COUNTER(aes));
-            /* Encrypt counter into a buffer. */
-            ret = wc_AesEncrypt(aes, AES_COUNTER(aes), scratch);
-            if (ret != 0)
-                return ret;
-            /* XOR plain text into encrypted counter into cipher text buffer. */
-            xorbufout(out, scratch, in, WC_AES_BLOCK_SIZE);
-            /* Data complete. */
-            in  += WC_AES_BLOCK_SIZE;
-            out += WC_AES_BLOCK_SIZE;
-        }
-    }
-
-    if (partial != 0) {
-        /* Generate an extra block and use up as much as needed. */
-        IncrementGcmCounter(AES_COUNTER(aes));
-        /* Encrypt counter into cache. */
-        ret = wc_AesEncrypt(aes, AES_COUNTER(aes), AES_LASTBLOCK(aes));
-        if (ret != 0)
-            return ret;
-        /* XOR plain text into encrypted counter into cipher text buffer. */
-        xorbufout(out, AES_LASTBLOCK(aes), in, partial);
-        /* Keep amount of encrypted block used. */
-        aes->over = (byte)partial;
-    }
-
-    return 0;
-}
-
-/* Calculates authentication tag for AES GCM. C implementation.
- *
- * @param [in, out] aes        AES object.
- * @param [out]     authTag    Buffer to store authentication tag in.
- * @param [in]      authTagSz  Length of tag to create.
- */
-static WARN_UNUSED_RESULT int AesGcmFinal_C(
-    Aes* aes, byte* authTag, word32 authTagSz)
-{
-    /* Calculate authentication tag. */
-    GHASH_FINAL(aes, authTag, authTagSz);
-    /* XOR in as much of encrypted counter as is required. */
-    xorbuf(authTag, AES_INITCTR(aes), authTagSz);
-#ifdef OPENSSL_EXTRA
-    /* store AAD size for next call */
-    aes->gcm.aadLen = aes->aSz;
-#endif
-    /* Zeroize last block to protect sensitive data. */
-    ForceZero(AES_LASTBLOCK(aes), WC_AES_BLOCK_SIZE);
-
-    return 0;
-}
-
-#ifdef WOLFSSL_AESNI
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Assembly code implementations in: aes_gcm_asm.S */
-#ifdef HAVE_INTEL_AVX2
-extern void AES_GCM_init_avx2(const unsigned char* key, int nr,
-    const unsigned char* ivec, unsigned int ibytes, unsigned char* h,
-    unsigned char* counter, unsigned char* initCtr);
-extern void AES_GCM_aad_update_avx2(const unsigned char* addt,
-    unsigned int abytes, unsigned char* tag, unsigned char* h);
-extern void AES_GCM_encrypt_block_avx2(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned char* counter);
-extern void AES_GCM_ghash_block_avx2(const unsigned char* data,
-    unsigned char* tag, unsigned char* h);
-
-extern void AES_GCM_encrypt_update_avx2(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned int nbytes,
-    unsigned char* tag, unsigned char* h, unsigned char* counter);
-extern void AES_GCM_encrypt_final_avx2(unsigned char* tag,
-    unsigned char* authTag, unsigned int tbytes, unsigned int nbytes,
-    unsigned int abytes, unsigned char* h, unsigned char* initCtr);
-#endif
-#ifdef HAVE_INTEL_AVX1
-extern void AES_GCM_init_avx1(const unsigned char* key, int nr,
-    const unsigned char* ivec, unsigned int ibytes, unsigned char* h,
-    unsigned char* counter, unsigned char* initCtr);
-extern void AES_GCM_aad_update_avx1(const unsigned char* addt,
-    unsigned int abytes, unsigned char* tag, unsigned char* h);
-extern void AES_GCM_encrypt_block_avx1(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned char* counter);
-extern void AES_GCM_ghash_block_avx1(const unsigned char* data,
-    unsigned char* tag, unsigned char* h);
-
-extern void AES_GCM_encrypt_update_avx1(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned int nbytes,
-    unsigned char* tag, unsigned char* h, unsigned char* counter);
-extern void AES_GCM_encrypt_final_avx1(unsigned char* tag,
-    unsigned char* authTag, unsigned int tbytes, unsigned int nbytes,
-    unsigned int abytes, unsigned char* h, unsigned char* initCtr);
-#endif
-extern void AES_GCM_init_aesni(const unsigned char* key, int nr,
-    const unsigned char* ivec, unsigned int ibytes, unsigned char* h,
-    unsigned char* counter, unsigned char* initCtr);
-extern void AES_GCM_aad_update_aesni(const unsigned char* addt,
-    unsigned int abytes, unsigned char* tag, unsigned char* h);
-extern void AES_GCM_encrypt_block_aesni(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned char* counter);
-extern void AES_GCM_ghash_block_aesni(const unsigned char* data,
-    unsigned char* tag, unsigned char* h);
-
-extern void AES_GCM_encrypt_update_aesni(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned int nbytes,
-    unsigned char* tag, unsigned char* h, unsigned char* counter);
-extern void AES_GCM_encrypt_final_aesni(unsigned char* tag,
-    unsigned char* authTag, unsigned int tbytes, unsigned int nbytes,
-    unsigned int abytes, unsigned char* h, unsigned char* initCtr);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-/* Initialize the AES GCM cipher with an IV. AES-NI implementations.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      iv    IV/nonce buffer.
- * @param [in]      ivSz  Length of IV/nonce data.
- */
-static WARN_UNUSED_RESULT int AesGcmInit_aesni(
-    Aes* aes, const byte* iv, word32 ivSz)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* Reset state fields. */
-    aes->over = 0;
-    aes->aSz = 0;
-    aes->cSz = 0;
-    /* Set tag to all zeros as initial value. */
-    XMEMSET(AES_TAG(aes), 0, WC_AES_BLOCK_SIZE);
-    /* Reset counts of AAD and cipher text. */
-    aes->aOver = 0;
-    aes->cOver = 0;
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_AVX2(intel_flags)) {
-        AES_GCM_init_avx2((byte*)aes->key, (int)aes->rounds, iv, ivSz,
-            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
-    }
-    else
-#endif
-#ifdef HAVE_INTEL_AVX1
-    if (IS_INTEL_AVX1(intel_flags)) {
-        AES_GCM_init_avx1((byte*)aes->key, (int)aes->rounds, iv, ivSz,
-            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
-    }
-    else
-#endif
-    {
-        AES_GCM_init_aesni((byte*)aes->key, (int)aes->rounds, iv, ivSz,
-            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
-    }
-
-    return 0;
-}
-
-/* Update the AES GCM for encryption with authentication data.
- *
- * Implementation uses AVX2, AVX1 or straight AES-NI optimized assembly code.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      a     Buffer holding authentication data.
- * @param [in]      aSz   Length of authentication data in bytes.
- * @param [in]      endA  Whether no more authentication data is expected.
- */
-static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
-    Aes* aes, const byte* a, word32 aSz, int endA)
-{
-    word32 blocks;
-    int partial;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (aSz != 0 && a != NULL) {
-        /* Total count of AAD updated. */
-        aes->aSz += aSz;
-        /* Check if we have unprocessed data. */
-        if (aes->aOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
-            if (sz > aSz) {
-                sz = (byte)aSz;
-            }
-            /* Copy extra into last GHASH block array and update count. */
-            XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz);
-            aes->aOver = (byte)(aes->aOver + sz);
-            if (aes->aOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-            #ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_AVX2(intel_flags)) {
-                    AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->gcm.H);
-                }
-                else
-            #endif
-            #ifdef HAVE_INTEL_AVX1
-                if (IS_INTEL_AVX1(intel_flags)) {
-                    AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->gcm.H);
-                }
-                else
-            #endif
-                {
-                    AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                              aes->gcm.H);
-                }
-                /* Reset count. */
-                aes->aOver = 0;
-            }
-            /* Used up some data. */
-            aSz -= sz;
-            a += sz;
-        }
-
-        /* Calculate number of blocks of AAD and the leftover. */
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            /* GHASH full blocks now. */
-        #ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_AVX2(intel_flags)) {
-                AES_GCM_aad_update_avx2(a, blocks * WC_AES_BLOCK_SIZE,
-                                        AES_TAG(aes), aes->gcm.H);
-            }
-            else
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_GCM_aad_update_avx1(a, blocks * WC_AES_BLOCK_SIZE,
-                                        AES_TAG(aes), aes->gcm.H);
-            }
-            else
-        #endif
-            {
-                AES_GCM_aad_update_aesni(a, blocks * WC_AES_BLOCK_SIZE,
-                                         AES_TAG(aes), aes->gcm.H);
-            }
-            /* Skip over to end of AAD blocks. */
-            a += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Cache the partial block. */
-            XMEMCPY(AES_LASTGBLOCK(aes), a, (size_t)partial);
-            aes->aOver = (byte)partial;
-        }
-    }
-    if (endA && (aes->aOver > 0)) {
-        /* No more AAD coming and we have a partial block. */
-        /* Fill the rest of the block with zeros. */
-        XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0,
-                (size_t)WC_AES_BLOCK_SIZE - aes->aOver);
-        /* GHASH last AAD block. */
-    #ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                     aes->gcm.H);
-        }
-        else
-    #endif
-    #ifdef HAVE_INTEL_AVX1
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                     aes->gcm.H);
-        }
-        else
-    #endif
-        {
-            AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                      aes->gcm.H);
-        }
-        /* Clear partial count for next time through. */
-        aes->aOver = 0;
-    }
-
-    return 0;
-}
-
-/* Update the AES GCM for encryption with data and/or authentication data.
- *
- * Implementation uses AVX2, AVX1 or straight AES-NI optimized assembly code.
- *
- * @param [in, out] aes  AES object.
- * @param [out]     c    Buffer to hold cipher text.
- * @param [in]      p    Buffer holding plaintext.
- * @param [in]      cSz  Length of cipher text/plaintext in bytes.
- * @param [in]      a    Buffer holding authentication data.
- * @param [in]      aSz  Length of authentication data in bytes.
- */
-static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
-    Aes* aes, byte* c, const byte* p, word32 cSz, const byte* a, word32 aSz)
-{
-    word32 blocks;
-    int partial;
-    int ret;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* Hash in A, the Authentication Data */
-    ret = AesGcmAadUpdate_aesni(aes, a, aSz, (cSz > 0) && (c != NULL));
-    if (ret != 0)
-        return ret;
-
-    /* Encrypt plaintext and Hash in C, the Cipher text */
-    if (cSz != 0 && c != NULL) {
-        /* Update count of cipher text we have hashed. */
-        aes->cSz += cSz;
-        if (aes->cOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
-            if (sz > cSz) {
-                sz = (byte)cSz;
-            }
-            /* Encrypt some of the plaintext. */
-            xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, p, sz);
-            XMEMCPY(c, AES_LASTGBLOCK(aes) + aes->cOver, sz);
-            /* Update count of unused encrypted counter. */
-            aes->cOver = (byte)(aes->cOver + sz);
-            if (aes->cOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-            #ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_AVX2(intel_flags)) {
-                    AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->gcm.H);
-                }
-                else
-            #endif
-            #ifdef HAVE_INTEL_AVX1
-                if (IS_INTEL_AVX1(intel_flags)) {
-                    AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->gcm.H);
-                }
-                else
-            #endif
-                {
-                    AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                              aes->gcm.H);
-                }
-                /* Reset count. */
-                aes->cOver = 0;
-            }
-            /* Used up some data. */
-            cSz -= sz;
-            p += sz;
-            c += sz;
-        }
-
-        /* Calculate number of blocks of plaintext and the leftover. */
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            /* Encrypt and GHASH full blocks now. */
-        #ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_AVX2(intel_flags)) {
-                AES_GCM_encrypt_update_avx2((byte*)aes->key, (int)aes->rounds,
-                    c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
-                    AES_COUNTER(aes));
-            }
-            else
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_GCM_encrypt_update_avx1((byte*)aes->key, (int)aes->rounds,
-                    c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
-                    AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_encrypt_update_aesni((byte*)aes->key, (int)aes->rounds,
-                    c, p, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
-                    AES_COUNTER(aes));
-            }
-            /* Skip over to end of blocks. */
-            p += blocks * WC_AES_BLOCK_SIZE;
-            c += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Encrypt the counter - XOR in zeros as proxy for plaintext. */
-            XMEMSET(AES_LASTGBLOCK(aes), 0, WC_AES_BLOCK_SIZE);
-        #ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_AVX2(intel_flags)) {
-                AES_GCM_encrypt_block_avx2((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            else
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_GCM_encrypt_block_avx1((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_encrypt_block_aesni((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            /* XOR the remaining plaintext to calculate cipher text.
-             * Keep cipher text for GHASH of last partial block.
-             */
-            xorbuf(AES_LASTGBLOCK(aes), p, (word32)partial);
-            XMEMCPY(c, AES_LASTGBLOCK(aes), (size_t)partial);
-            /* Update count of the block used. */
-            aes->cOver = (byte)partial;
-        }
-    }
-    return 0;
-}
-
-/* Finalize the AES GCM for encryption and calculate the authentication tag.
- *
- * Calls AVX2, AVX1 or straight AES-NI optimized assembly code.
- *
- * @param [in, out] aes        AES object.
- * @param [in]      authTag    Buffer to hold authentication tag.
- * @param [in]      authTagSz  Length of authentication tag in bytes.
- * @return  0 on success.
- */
-static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni(
-    Aes* aes, byte* authTag, word32 authTagSz)
-{
-    /* AAD block incomplete when > 0 */
-    byte over = aes->aOver;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (aes->cOver > 0) {
-        /* Cipher text block incomplete. */
-        over = aes->cOver;
-    }
-    if (over > 0) {
-        /* Fill the rest of the block with zeros. */
-        XMEMSET(AES_LASTGBLOCK(aes) + over, 0, (size_t)WC_AES_BLOCK_SIZE - over);
-        /* GHASH last cipher block. */
-    #ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                     aes->gcm.H);
-        }
-        else
-    #endif
-    #ifdef HAVE_INTEL_AVX1
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                     aes->gcm.H);
-        }
-        else
-    #endif
-        {
-            AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                      aes->gcm.H);
-        }
-    }
-    /* Calculate the authentication tag. */
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_AVX2(intel_flags)) {
-        AES_GCM_encrypt_final_avx2(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->gcm.H, AES_INITCTR(aes));
-    }
-    else
-#endif
-#ifdef HAVE_INTEL_AVX1
-    if (IS_INTEL_AVX1(intel_flags)) {
-        AES_GCM_encrypt_final_avx1(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->gcm.H, AES_INITCTR(aes));
-    }
-    else
-#endif
-    {
-        AES_GCM_encrypt_final_aesni(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->gcm.H, AES_INITCTR(aes));
-    }
-
-    return 0;
-}
-
-#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AESGCM_DECRYPT)
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Assembly code implementations in: aes_gcm_asm.S and aes_gcm_x86_asm.S */
-#ifdef HAVE_INTEL_AVX2
-extern void AES_GCM_decrypt_update_avx2(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned int nbytes,
-    unsigned char* tag, unsigned char* h, unsigned char* counter);
-extern void AES_GCM_decrypt_final_avx2(unsigned char* tag,
-    const unsigned char* authTag, unsigned int tbytes, unsigned int nbytes,
-    unsigned int abytes, unsigned char* h, unsigned char* initCtr, int* res);
-#endif
-#ifdef HAVE_INTEL_AVX1
-extern void AES_GCM_decrypt_update_avx1(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned int nbytes,
-    unsigned char* tag, unsigned char* h, unsigned char* counter);
-extern void AES_GCM_decrypt_final_avx1(unsigned char* tag,
-    const unsigned char* authTag, unsigned int tbytes, unsigned int nbytes,
-    unsigned int abytes, unsigned char* h, unsigned char* initCtr, int* res);
-#endif
-extern void AES_GCM_decrypt_update_aesni(const unsigned char* key, int nr,
-    unsigned char* out, const unsigned char* in, unsigned int nbytes,
-    unsigned char* tag, unsigned char* h, unsigned char* counter);
-extern void AES_GCM_decrypt_final_aesni(unsigned char* tag,
-    const unsigned char* authTag, unsigned int tbytes, unsigned int nbytes,
-    unsigned int abytes, unsigned char* h, unsigned char* initCtr, int* res);
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-/* Update the AES GCM for decryption with data and/or authentication data.
- *
- * @param [in, out] aes  AES object.
- * @param [out]     p    Buffer to hold plaintext.
- * @param [in]      c    Buffer holding cipher text.
- * @param [in]      cSz  Length of cipher text/plaintext in bytes.
- * @param [in]      a    Buffer holding authentication data.
- * @param [in]      aSz  Length of authentication data in bytes.
- */
-static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
-    Aes* aes, byte* p, const byte* c, word32 cSz, const byte* a, word32 aSz)
-{
-    word32 blocks;
-    int partial;
-    int ret;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* Hash in A, the Authentication Data */
-    ret = AesGcmAadUpdate_aesni(aes, a, aSz, cSz > 0);
-    if (ret != 0)
-        return ret;
-
-    /* Hash in C, the Cipher text, and decrypt. */
-    if (cSz != 0 && p != NULL) {
-        /* Update count of cipher text we have hashed. */
-        aes->cSz += cSz;
-        if (aes->cOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
-            if (sz > cSz) {
-                sz = (byte)cSz;
-            }
-            /* Keep a copy of the cipher text for GHASH. */
-            XMEMCPY(AES_LASTBLOCK(aes) + aes->cOver, c, sz);
-            /* Decrypt some of the cipher text. */
-            xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
-            XMEMCPY(p, AES_LASTGBLOCK(aes) + aes->cOver, sz);
-            /* Update count of unused encrypted counter. */
-            aes->cOver = (byte)(aes->cOver + sz);
-            if (aes->cOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-            #ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_AVX2(intel_flags)) {
-                    AES_GCM_ghash_block_avx2(AES_LASTBLOCK(aes), AES_TAG(aes),
-                                             aes->gcm.H);
-                }
-                else
-            #endif
-            #ifdef HAVE_INTEL_AVX1
-                if (IS_INTEL_AVX1(intel_flags)) {
-                    AES_GCM_ghash_block_avx1(AES_LASTBLOCK(aes), AES_TAG(aes),
-                                             aes->gcm.H);
-                }
-                else
-            #endif
-                {
-                    AES_GCM_ghash_block_aesni(AES_LASTBLOCK(aes), AES_TAG(aes),
-                                              aes->gcm.H);
-                }
-                /* Reset count. */
-                aes->cOver = 0;
-            }
-            /* Used up some data. */
-            cSz -= sz;
-            c += sz;
-            p += sz;
-        }
-
-        /* Calculate number of blocks of plaintext and the leftover. */
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            /* Decrypt and GHASH full blocks now. */
-        #ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_AVX2(intel_flags)) {
-                AES_GCM_decrypt_update_avx2((byte*)aes->key, (int)aes->rounds,
-                    p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
-                    AES_COUNTER(aes));
-            }
-            else
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_GCM_decrypt_update_avx1((byte*)aes->key, (int)aes->rounds,
-                    p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
-                    AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_decrypt_update_aesni((byte*)aes->key, (int)aes->rounds,
-                    p, c, blocks * WC_AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
-                    AES_COUNTER(aes));
-            }
-            /* Skip over to end of blocks. */
-            c += blocks * WC_AES_BLOCK_SIZE;
-            p += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Encrypt the counter - XOR in zeros as proxy for cipher text. */
-            XMEMSET(AES_LASTGBLOCK(aes), 0, WC_AES_BLOCK_SIZE);
-        #ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_AVX2(intel_flags)) {
-                AES_GCM_encrypt_block_avx2((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            else
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_GCM_encrypt_block_avx1((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_encrypt_block_aesni((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            /* Keep cipher text for GHASH of last partial block. */
-            XMEMCPY(AES_LASTBLOCK(aes), c, (size_t)partial);
-            /* XOR the remaining cipher text to calculate plaintext. */
-            xorbuf(AES_LASTGBLOCK(aes), c, (word32)partial);
-            XMEMCPY(p, AES_LASTGBLOCK(aes), (size_t)partial);
-            /* Update count of the block used. */
-            aes->cOver = (byte)partial;
-        }
-    }
-
-    return 0;
-}
-
-/* Finalize the AES GCM for decryption and check the authentication tag.
- *
- * Calls AVX2, AVX1 or straight AES-NI optimized assembly code.
- *
- * @param [in, out] aes        AES object.
- * @param [in]      authTag    Buffer holding authentication tag.
- * @param [in]      authTagSz  Length of authentication tag in bytes.
- * @return  0 on success.
- * @return  AES_GCM_AUTH_E when authentication tag doesn't match calculated
- *          value.
- */
-static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni(
-    Aes* aes, const byte* authTag, word32 authTagSz)
-{
-    int ret = 0;
-    int res;
-    /* AAD block incomplete when > 0 */
-    byte over = aes->aOver;
-    byte *lastBlock = AES_LASTGBLOCK(aes);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (aes->cOver > 0) {
-        /* Cipher text block incomplete. */
-        over = aes->cOver;
-        lastBlock = AES_LASTBLOCK(aes);
-    }
-    if (over > 0) {
-        /* Zeroize the unused part of the block. */
-        XMEMSET(lastBlock + over, 0, (size_t)WC_AES_BLOCK_SIZE - over);
-        /* Hash the last block of cipher text. */
-    #ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_ghash_block_avx2(lastBlock, AES_TAG(aes), aes->gcm.H);
-        }
-        else
-    #endif
-    #ifdef HAVE_INTEL_AVX1
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_ghash_block_avx1(lastBlock, AES_TAG(aes), aes->gcm.H);
-        }
-        else
-    #endif
-        {
-            AES_GCM_ghash_block_aesni(lastBlock, AES_TAG(aes), aes->gcm.H);
-        }
-    }
-    /* Calculate and compare the authentication tag. */
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_AVX2(intel_flags)) {
-        AES_GCM_decrypt_final_avx2(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
-    }
-    else
-#endif
-#ifdef HAVE_INTEL_AVX1
-    if (IS_INTEL_AVX1(intel_flags)) {
-        AES_GCM_decrypt_final_avx1(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
-    }
-    else
-#endif
-    {
-        AES_GCM_decrypt_final_aesni(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
-    }
-
-    /* Return error code when calculated doesn't match input. */
-    if (res == 0) {
-        ret = AES_GCM_AUTH_E;
-    }
-    return ret;
-}
-#endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
-#endif /* WOLFSSL_AESNI */
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-    !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-/* Initialize the AES GCM cipher with an IV. Aarch64 HW Crypto implementations.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      iv    IV/nonce buffer.
- * @param [in]      ivSz  Length of IV/nonce data.
- */
-static WARN_UNUSED_RESULT int AesGcmInit_AARCH64(Aes* aes, const byte* iv,
-    word32 ivSz)
-{
-    /* Reset state fields. */
-    aes->over = 0;
-    aes->aSz = 0;
-    aes->cSz = 0;
-    /* Set tag to all zeros as initial value. */
-    XMEMSET(AES_TAG(aes), 0, WC_AES_BLOCK_SIZE);
-    /* Reset counts of AAD and cipher text. */
-    aes->aOver = 0;
-    aes->cOver = 0;
-
-#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-    if (aes->use_sha3_hw_crypto) {
-        AES_GCM_init_AARCH64_EOR3((byte*)aes->key, (int)aes->rounds, iv, ivSz,
-            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
-    }
-    else
-#endif
-    {
-        AES_GCM_init_AARCH64((byte*)aes->key, (int)aes->rounds, iv, ivSz,
-            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
-    }
-
-    return 0;
-}
-
-/* Update the AES GCM for encryption with authentication data.
- *
- * Implementation uses AARCH64 optimized assembly code.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      a     Buffer holding authentication data.
- * @param [in]      aSz   Length of authentication data in bytes.
- * @param [in]      endA  Whether no more authentication data is expected.
- */
-static WARN_UNUSED_RESULT int AesGcmAadUpdate_AARCH64(
-    Aes* aes, const byte* a, word32 aSz, int endA)
-{
-    word32 blocks;
-    int partial;
-
-    if (aSz != 0 && a != NULL) {
-        /* Total count of AAD updated. */
-        aes->aSz += aSz;
-        /* Check if we have unprocessed data. */
-        if (aes->aOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->aOver);
-            if (sz > aSz) {
-                sz = (byte)aSz;
-            }
-            /* Copy extra into last GHASH block array and update count. */
-            XMEMCPY(AES_LASTGBLOCK(aes) + aes->aOver, a, sz);
-            aes->aOver = (byte)(aes->aOver + sz);
-            if (aes->aOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-            #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-                if (aes->use_sha3_hw_crypto) {
-                    AES_GCM_ghash_block_AARCH64_EOR3(AES_LASTGBLOCK(aes),
-                        AES_TAG(aes), aes->gcm.H);
-                }
-                else
-            #endif
-                {
-                    AES_GCM_ghash_block_AARCH64(AES_LASTGBLOCK(aes),
-                        AES_TAG(aes), aes->gcm.H);
-                }
-                /* Reset count. */
-                aes->aOver = 0;
-            }
-            /* Used up some data. */
-            aSz -= sz;
-            a += sz;
-        }
-
-        /* Calculate number of blocks of AAD and the leftover. */
-        blocks = aSz / WC_AES_BLOCK_SIZE;
-        partial = aSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            /* GHASH full blocks now. */
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            if (aes->use_sha3_hw_crypto) {
-                AES_GCM_aad_update_AARCH64_EOR3(a, blocks * WC_AES_BLOCK_SIZE,
-                    AES_TAG(aes), aes->gcm.H);
-            }
-            else
-        #endif
-            {
-                AES_GCM_aad_update_AARCH64(a, blocks * WC_AES_BLOCK_SIZE,
-                    AES_TAG(aes), aes->gcm.H);
-            }
-            /* Skip over to end of AAD blocks. */
-            a += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Cache the partial block. */
-            XMEMCPY(AES_LASTGBLOCK(aes), a, (size_t)partial);
-            aes->aOver = (byte)partial;
-        }
-    }
-    if (endA && (aes->aOver > 0)) {
-        /* No more AAD coming and we have a partial block. */
-        /* Fill the rest of the block with zeros. */
-        XMEMSET(AES_LASTGBLOCK(aes) + aes->aOver, 0,
-                (size_t)WC_AES_BLOCK_SIZE - aes->aOver);
-        /* GHASH last AAD block. */
-    #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-        if (aes->use_sha3_hw_crypto) {
-            AES_GCM_ghash_block_AARCH64_EOR3(AES_LASTGBLOCK(aes),
-                AES_TAG(aes), aes->gcm.H);
-        }
-        else
-    #endif
-        {
-            AES_GCM_ghash_block_AARCH64(AES_LASTGBLOCK(aes),
-                AES_TAG(aes), aes->gcm.H);
-        }
-        /* Clear partial count for next time through. */
-        aes->aOver = 0;
-    }
-
-    return 0;
-}
-
-/* Update the AES GCM for encryption with data and/or authentication data.
- *
- * Implementation uses AARCH64 optimized assembly code.
- *
- * @param [in, out] aes  AES object.
- * @param [out]     c    Buffer to hold cipher text.
- * @param [in]      p    Buffer holding plaintext.
- * @param [in]      cSz  Length of cipher text/plaintext in bytes.
- * @param [in]      a    Buffer holding authentication data.
- * @param [in]      aSz  Length of authentication data in bytes.
- */
-static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_AARCH64(
-    Aes* aes, byte* c, const byte* p, word32 cSz, const byte* a, word32 aSz)
-{
-    word32 blocks;
-    int partial;
-    int ret;
-
-    /* Hash in A, the Authentication Data */
-    ret = AesGcmAadUpdate_AARCH64(aes, a, aSz, (cSz > 0) && (c != NULL));
-    if (ret != 0)
-        return ret;
-
-    /* Encrypt plaintext and Hash in C, the Cipher text */
-    if (cSz != 0 && c != NULL) {
-        /* Update count of cipher text we have hashed. */
-        aes->cSz += cSz;
-        if (aes->cOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
-            if (sz > cSz) {
-                sz = (byte)cSz;
-            }
-            /* Encrypt some of the plaintext. */
-            xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, p, sz);
-            XMEMCPY(c, AES_LASTGBLOCK(aes) + aes->cOver, sz);
-            /* Update count of unused encrypted counter. */
-            aes->cOver = (byte)(aes->cOver + sz);
-            if (aes->cOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-            #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-                if (aes->use_sha3_hw_crypto) {
-                    AES_GCM_ghash_block_AARCH64_EOR3(AES_LASTGBLOCK(aes),
-                        AES_TAG(aes), aes->gcm.H);
-                }
-                else
-            #endif
-                {
-                    AES_GCM_ghash_block_AARCH64(AES_LASTGBLOCK(aes),
-                        AES_TAG(aes), aes->gcm.H);
-                }
-                /* Reset count. */
-                aes->cOver = 0;
-            }
-            /* Used up some data. */
-            cSz -= sz;
-            p += sz;
-            c += sz;
-        }
-
-        /* Calculate number of blocks of plaintext and the leftover. */
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            /* Encrypt and GHASH full blocks now. */
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            if (aes->use_sha3_hw_crypto) {
-                AES_GCM_encrypt_update_AARCH64_EOR3((byte*)aes->key,
-                    (int)aes->rounds, c, p, blocks * WC_AES_BLOCK_SIZE,
-                    AES_TAG(aes), aes->gcm.H, AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_encrypt_update_AARCH64((byte*)aes->key,
-                    (int)aes->rounds, c, p, blocks * WC_AES_BLOCK_SIZE,
-                    AES_TAG(aes), aes->gcm.H, AES_COUNTER(aes));
-            }
-            /* Skip over to end of blocks. */
-            p += blocks * WC_AES_BLOCK_SIZE;
-            c += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Encrypt the counter - XOR in zeros as proxy for plaintext. */
-            XMEMSET(AES_LASTGBLOCK(aes), 0, WC_AES_BLOCK_SIZE);
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            if (aes->use_sha3_hw_crypto) {
-                AES_GCM_encrypt_block_AARCH64_EOR3((byte*)aes->key,
-                    (int)aes->rounds, AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes),
-                    AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_encrypt_block_AARCH64((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            /* XOR the remaining plaintext to calculate cipher text.
-             * Keep cipher text for GHASH of last partial block.
-             */
-            xorbuf(AES_LASTGBLOCK(aes), p, (word32)partial);
-            XMEMCPY(c, AES_LASTGBLOCK(aes), (size_t)partial);
-            /* Update count of the block used. */
-            aes->cOver = (byte)partial;
-        }
-    }
-    return 0;
-}
-
-/* Finalize the AES GCM for encryption and calculate the authentication tag.
- *
- * Calls ARCH64 optimized assembly code.
- *
- * @param [in, out] aes        AES object.
- * @param [in]      authTag    Buffer to hold authentication tag.
- * @param [in]      authTagSz  Length of authentication tag in bytes.
- * @return  0 on success.
- */
-static WARN_UNUSED_RESULT int AesGcmEncryptFinal_AARCH64(Aes* aes,
-    byte* authTag, word32 authTagSz)
-{
-    /* AAD block incomplete when > 0 */
-    byte over = aes->aOver;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (aes->cOver > 0) {
-        /* Cipher text block incomplete. */
-        over = aes->cOver;
-    }
-    if (over > 0) {
-        /* Fill the rest of the block with zeros. */
-        XMEMSET(AES_LASTGBLOCK(aes) + over, 0,
-            (size_t)WC_AES_BLOCK_SIZE - over);
-        /* GHASH last cipher block. */
-    #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-        if (aes->use_sha3_hw_crypto) {
-            AES_GCM_ghash_block_AARCH64_EOR3(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                aes->gcm.H);
-        }
-        else
-    #endif
-        {
-            AES_GCM_ghash_block_AARCH64(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                aes->gcm.H);
-        }
-    }
-    /* Calculate the authentication tag. */
-#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-    if (aes->use_sha3_hw_crypto) {
-        AES_GCM_encrypt_final_AARCH64_EOR3(AES_TAG(aes), authTag, authTagSz,
-            aes->cSz, aes->aSz, aes->gcm.H, AES_INITCTR(aes));
-    }
-    else
-#endif
-    {
-        AES_GCM_encrypt_final_AARCH64(AES_TAG(aes), authTag, authTagSz,
-            aes->cSz, aes->aSz, aes->gcm.H, AES_INITCTR(aes));
-    }
-
-    return 0;
-}
-
-#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AESGCM_DECRYPT)
-/* Update the AES GCM for decryption with data and/or authentication data.
- *
- * @param [in, out] aes  AES object.
- * @param [out]     p    Buffer to hold plaintext.
- * @param [in]      c    Buffer holding cipher text.
- * @param [in]      cSz  Length of cipher text/plaintext in bytes.
- * @param [in]      a    Buffer holding authentication data.
- * @param [in]      aSz  Length of authentication data in bytes.
- */
-static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_AARCH64(Aes* aes, byte* p,
-    const byte* c, word32 cSz, const byte* a, word32 aSz)
-{
-    word32 blocks;
-    int partial;
-    int ret;
-
-    /* Hash in A, the Authentication Data */
-    ret = AesGcmAadUpdate_AARCH64(aes, a, aSz, cSz > 0);
-    if (ret != 0)
-        return ret;
-
-    /* Hash in C, the Cipher text, and decrypt. */
-    if (cSz != 0 && p != NULL) {
-        /* Update count of cipher text we have hashed. */
-        aes->cSz += cSz;
-        if (aes->cOver > 0) {
-            /* Calculate amount we can use - fill up the block. */
-            byte sz = (byte)(WC_AES_BLOCK_SIZE - aes->cOver);
-            if (sz > cSz) {
-                sz = (byte)cSz;
-            }
-            /* Keep a copy of the cipher text for GHASH. */
-            XMEMCPY(AES_LASTBLOCK(aes) + aes->cOver, c, sz);
-            /* Decrypt some of the cipher text. */
-            xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
-            XMEMCPY(p, AES_LASTGBLOCK(aes) + aes->cOver, sz);
-            /* Update count of unused encrypted counter. */
-            aes->cOver = (byte)(aes->cOver + sz);
-            if (aes->cOver == WC_AES_BLOCK_SIZE) {
-                /* We have filled up the block and can process. */
-            #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-                if (aes->use_sha3_hw_crypto) {
-                    AES_GCM_ghash_block_AARCH64_EOR3(AES_LASTBLOCK(aes),
-                        AES_TAG(aes), aes->gcm.H);
-                }
-                else
-            #endif
-                {
-                    AES_GCM_ghash_block_AARCH64(AES_LASTBLOCK(aes),
-                        AES_TAG(aes), aes->gcm.H);
-                }
-                /* Reset count. */
-                aes->cOver = 0;
-            }
-            /* Used up some data. */
-            cSz -= sz;
-            c += sz;
-            p += sz;
-        }
-
-        /* Calculate number of blocks of plaintext and the leftover. */
-        blocks = cSz / WC_AES_BLOCK_SIZE;
-        partial = cSz % WC_AES_BLOCK_SIZE;
-        if (blocks > 0) {
-            /* Decrypt and GHASH full blocks now. */
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            if (aes->use_sha3_hw_crypto) {
-                AES_GCM_decrypt_update_AARCH64_EOR3((byte*)aes->key,
-                    (int)aes->rounds, p, c, blocks * WC_AES_BLOCK_SIZE,
-                    AES_TAG(aes), aes->gcm.H, AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_decrypt_update_AARCH64((byte*)aes->key,
-                    (int)aes->rounds, p, c, blocks * WC_AES_BLOCK_SIZE,
-                    AES_TAG(aes), aes->gcm.H, AES_COUNTER(aes));
-            }
-            /* Skip over to end of blocks. */
-            c += blocks * WC_AES_BLOCK_SIZE;
-            p += blocks * WC_AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            /* Encrypt the counter - XOR in zeros as proxy for cipher text. */
-            XMEMSET(AES_LASTGBLOCK(aes), 0, WC_AES_BLOCK_SIZE);
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            if (aes->use_sha3_hw_crypto) {
-                AES_GCM_encrypt_block_AARCH64_EOR3((byte*)aes->key,
-                    (int)aes->rounds, AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes),
-                    AES_COUNTER(aes));
-            }
-            else
-        #endif
-            {
-                AES_GCM_encrypt_block_AARCH64((byte*)aes->key, (int)aes->rounds,
-                    AES_LASTGBLOCK(aes), AES_LASTGBLOCK(aes), AES_COUNTER(aes));
-            }
-            /* Keep cipher text for GHASH of last partial block. */
-            XMEMCPY(AES_LASTBLOCK(aes), c, (size_t)partial);
-            /* XOR the remaining cipher text to calculate plaintext. */
-            xorbuf(AES_LASTGBLOCK(aes), c, (word32)partial);
-            XMEMCPY(p, AES_LASTGBLOCK(aes), (size_t)partial);
-            /* Update count of the block used. */
-            aes->cOver = (byte)partial;
-        }
-    }
-
-    return 0;
-}
-
-/* Finalize the AES GCM for decryption and check the authentication tag.
- *
- * Calls AVX2, AVX1 or straight AES-NI optimized assembly code.
- *
- * @param [in, out] aes        AES object.
- * @param [in]      authTag    Buffer holding authentication tag.
- * @param [in]      authTagSz  Length of authentication tag in bytes.
- * @return  0 on success.
- * @return  AES_GCM_AUTH_E when authentication tag doesn't match calculated
- *          value.
- */
-static WARN_UNUSED_RESULT int AesGcmDecryptFinal_AARCH64(
-    Aes* aes, const byte* authTag, word32 authTagSz)
-{
-    int ret = 0;
-    int res;
-    /* AAD block incomplete when > 0 */
-    byte over = aes->aOver;
-    byte *lastBlock = AES_LASTGBLOCK(aes);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (aes->cOver > 0) {
-        /* Cipher text block incomplete. */
-        over = aes->cOver;
-        lastBlock = AES_LASTBLOCK(aes);
-    }
-    if (over > 0) {
-        /* Zeroize the unused part of the block. */
-        XMEMSET(lastBlock + over, 0, (size_t)WC_AES_BLOCK_SIZE - over);
-        /* Hash the last block of cipher text. */
-    #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-        if (aes->use_sha3_hw_crypto) {
-            AES_GCM_ghash_block_AARCH64_EOR3(lastBlock, AES_TAG(aes),
-                aes->gcm.H);
-        }
-        else
-    #endif
-        {
-            AES_GCM_ghash_block_AARCH64(lastBlock, AES_TAG(aes), aes->gcm.H);
-        }
-    }
-    /* Calculate and compare the authentication tag. */
-#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-    if (aes->use_sha3_hw_crypto) {
-        AES_GCM_decrypt_final_AARCH64_EOR3(AES_TAG(aes), authTag, authTagSz,
-            aes->cSz, aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
-    }
-    else
-#endif
-    {
-        AES_GCM_decrypt_final_AARCH64(AES_TAG(aes), authTag, authTagSz,
-            aes->cSz, aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
-    }
-
-    /* Return error code when calculated doesn't match input. */
-    if (res == 0) {
-        ret = AES_GCM_AUTH_E;
-    }
-    return ret;
-}
-#endif
-#endif
-
-/* Initialize an AES GCM cipher for encryption or decryption.
- *
- * Must call wc_AesInit() before calling this function.
- * Call wc_AesGcmSetIV() before calling this function to generate part of IV.
- * Call wc_AesGcmSetExtIV() before calling this function to cache IV.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      key   Buffer holding key.
- * @param [in]      len   Length of key in bytes.
- * @param [in]      iv    Buffer holding IV/nonce.
- * @param [in]      ivSz  Length of IV/nonce in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when aes is NULL, or a length is non-zero but buffer
- *          is NULL, or the IV is NULL and no previous IV has been set.
- * @return  MEMORY_E when dynamic memory allocation fails. (WOLFSSL_SMALL_STACK)
- */
-int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
-    word32 ivSz)
-{
-    int ret = 0;
-
-    /* Check validity of parameters. */
-    if ((aes == NULL) || ((len > 0) && (key == NULL)) ||
-            ((ivSz == 0) && (iv != NULL)) ||
-            ((ivSz > 0) && (iv == NULL))) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI)
-    if ((ret == 0) && (aes->streamData == NULL)) {
-        /* Allocate buffers for streaming. */
-        aes->streamData_sz = 5 * WC_AES_BLOCK_SIZE;
-        aes->streamData = (byte*)XMALLOC(aes->streamData_sz, aes->heap,
-                                                              DYNAMIC_TYPE_AES);
-        if (aes->streamData == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-
-    /* Set the key if passed in. */
-    if ((ret == 0) && (key != NULL)) {
-        ret = wc_AesGcmSetKey(aes, key, len);
-    }
-
-    if (ret == 0) {
-        /* Set the IV passed in if it is smaller than a block. */
-        if ((iv != NULL) && (ivSz <= WC_AES_BLOCK_SIZE)) {
-            XMEMMOVE((byte*)aes->reg, iv, ivSz);
-            aes->nonceSz = ivSz;
-        }
-        /* No IV passed in, check for cached IV. */
-        if ((iv == NULL) && (aes->nonceSz != 0)) {
-            /* Use the cached copy. */
-            iv = (byte*)aes->reg;
-            ivSz = aes->nonceSz;
-        }
-
-        if (iv != NULL) {
-            /* Initialize with the IV. */
-
-        #ifdef WOLFSSL_AESNI
-            if (aes->use_aesni) {
-                SAVE_VECTOR_REGISTERS(return _svr_ret;);
-                ret = AesGcmInit_aesni(aes, iv, ivSz);
-                RESTORE_VECTOR_REGISTERS();
-            }
-            else
-        #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-              !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-            if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-                ret = AesGcmInit_AARCH64(aes, iv, ivSz);
-            }
-            else
-        #endif /* WOLFSSL_AESNI */
-            {
-                ret = AesGcmInit_C(aes, iv, ivSz);
-            }
-
-            if (ret == 0)
-                aes->nonceSet = 1;
-        }
-    }
-
-    return ret;
-}
-
-/* Initialize an AES GCM cipher for encryption.
- *
- * Must call wc_AesInit() before calling this function.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      key   Buffer holding key.
- * @param [in]      len   Length of key in bytes.
- * @param [in]      iv    Buffer holding IV/nonce.
- * @param [in]      ivSz  Length of IV/nonce in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when aes is NULL, or a length is non-zero but buffer
- *          is NULL, or the IV is NULL and no previous IV has been set.
- */
-int wc_AesGcmEncryptInit(Aes* aes, const byte* key, word32 len, const byte* iv,
-    word32 ivSz)
-{
-    return wc_AesGcmInit(aes, key, len, iv, ivSz);
-}
-
-/* Initialize an AES GCM cipher for encryption. Get IV.
- *
- * Must call wc_AesGcmSetIV() to generate part of IV before calling this
- * function.
- * Must call wc_AesInit() before calling this function.
- *
- * See wc_AesGcmEncrypt_ex() for non-streaming version of getting IV out.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      key   Buffer holding key.
- * @param [in]      len   Length of key in bytes.
- * @param [in]      iv    Buffer holding IV/nonce.
- * @param [in]      ivSz  Length of IV/nonce in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when aes is NULL, key length is non-zero but key
- *          is NULL, or the IV is NULL or ivOutSz is not the same as cached
- *          nonce size.
- */
-int wc_AesGcmEncryptInit_ex(Aes* aes, const byte* key, word32 len, byte* ivOut,
-    word32 ivOutSz)
-{
-    int ret;
-
-    /* Check validity of parameters. */
-    if ((aes == NULL) || (ivOut == NULL) || (ivOutSz != aes->nonceSz)) {
-        ret = BAD_FUNC_ARG;
-    }
-    else {
-        /* Copy out the IV including generated part for decryption. */
-        XMEMCPY(ivOut, aes->reg, ivOutSz);
-        /* Initialize AES GCM cipher with key and cached Iv. */
-        ret = wc_AesGcmInit(aes, key, len, NULL, 0);
-    }
-
-    return ret;
-}
-
-/* Update the AES GCM for encryption with data and/or authentication data.
- *
- * All the AAD must be passed to update before the plaintext.
- * Last part of AAD can be passed with first part of plaintext.
- *
- * Must set key and IV before calling this function.
- * Must call wc_AesGcmInit() before calling this function.
- *
- * @param [in, out] aes       AES object.
- * @param [out]     out       Buffer to hold cipher text.
- * @param [in]      in        Buffer holding plaintext.
- * @param [in]      sz        Length of plaintext in bytes.
- * @param [in]      authIn    Buffer holding authentication data.
- * @param [in]      authInSz  Length of authentication data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when aes is NULL, or a length is non-zero but buffer
- *          is NULL.
- */
-int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
-    const byte* authIn, word32 authInSz)
-{
-    int ret = 0;
-
-    /* Check validity of parameters. */
-    if ((aes == NULL) || ((authInSz > 0) && (authIn == NULL)) || ((sz > 0) &&
-            ((out == NULL) || (in == NULL)))) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check key has been set. */
-    if ((ret == 0) && (!aes->gcmKeySet)) {
-        ret = MISSING_KEY;
-    }
-    /* Check IV has been set. */
-    if ((ret == 0) && (!aes->nonceSet)) {
-        ret = MISSING_IV;
-    }
-
-    if ((ret == 0) && aes->ctrSet && (aes->aSz == 0) && (aes->cSz == 0)) {
-        aes->invokeCtr[0]++;
-        if (aes->invokeCtr[0] == 0) {
-            aes->invokeCtr[1]++;
-            if (aes->invokeCtr[1] == 0)
-                ret = AES_GCM_OVERFLOW_E;
-        }
-    }
-
-    if (ret == 0) {
-        /* Encrypt with AAD and/or plaintext. */
-
-    #ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-            ret = AesGcmEncryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-            ret = AesGcmEncryptUpdate_AARCH64(aes, out, in, sz, authIn,
-                authInSz);
-        }
-        else
-    #endif
-        {
-            /* Encrypt the plaintext. */
-            ret = AesGcmCryptUpdate_C(aes, out, in, sz);
-            if (ret == 0) {
-                /* Update the authentication tag with any authentication data and the
-                 * new cipher text. */
-                GHASH_UPDATE(aes, authIn, authInSz, out, sz);
-            }
-        }
-    }
-
-    return ret;
-}
-
-/* Finalize the AES GCM for encryption and return the authentication tag.
- *
- * Must set key and IV before calling this function.
- * Must call wc_AesGcmInit() before calling this function.
- *
- * @param [in, out] aes        AES object.
- * @param [out]     authTag    Buffer to hold authentication tag.
- * @param [in]      authTagSz  Length of authentication tag in bytes.
- * @return  0 on success.
- */
-int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
-{
-    int ret = 0;
-
-    /* Check validity of parameters. */
-    if ((aes == NULL) || (authTag == NULL) || (authTagSz > WC_AES_BLOCK_SIZE) ||
-            (authTagSz == 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check key has been set. */
-    if ((ret == 0) && (!aes->gcmKeySet)) {
-        ret = MISSING_KEY;
-    }
-    /* Check IV has been set. */
-    if ((ret == 0) && (!aes->nonceSet)) {
-        ret = MISSING_IV;
-    }
-
-    if (ret == 0) {
-        /* Calculate authentication tag. */
-    #ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-            ret = AesGcmEncryptFinal_aesni(aes, authTag, authTagSz);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-            ret = AesGcmEncryptFinal_AARCH64(aes, authTag, authTagSz);
-        }
-        else
-    #endif
-        {
-            ret = AesGcmFinal_C(aes, authTag, authTagSz);
-        }
-    }
-
-    if ((ret == 0) && aes->ctrSet) {
-        IncCtr((byte*)aes->reg, aes->nonceSz);
-    }
-
-    return ret;
-}
-
-#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AESGCM_DECRYPT)
-/* Initialize an AES GCM cipher for decryption.
- *
- * Must call wc_AesInit() before calling this function.
- *
- * Call wc_AesGcmSetExtIV() before calling this function to use FIPS external IV
- * instead.
- *
- * @param [in, out] aes   AES object.
- * @param [in]      key   Buffer holding key.
- * @param [in]      len   Length of key in bytes.
- * @param [in]      iv    Buffer holding IV/nonce.
- * @param [in]      ivSz  Length of IV/nonce in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when aes is NULL, or a length is non-zero but buffer
- *          is NULL, or the IV is NULL and no previous IV has been set.
- */
-int wc_AesGcmDecryptInit(Aes* aes, const byte* key, word32 len, const byte* iv,
-    word32 ivSz)
-{
-    return wc_AesGcmInit(aes, key, len, iv, ivSz);
-}
-
-/* Update the AES GCM for decryption with data and/or authentication data.
- *
- * All the AAD must be passed to update before the cipher text.
- * Last part of AAD can be passed with first part of cipher text.
- *
- * Must set key and IV before calling this function.
- * Must call wc_AesGcmInit() before calling this function.
- *
- * @param [in, out] aes       AES object.
- * @param [out]     out       Buffer to hold plaintext.
- * @param [in]      in        Buffer holding cipher text.
- * @param [in]      sz        Length of cipher text in bytes.
- * @param [in]      authIn    Buffer holding authentication data.
- * @param [in]      authInSz  Length of authentication data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when aes is NULL, or a length is non-zero but buffer
- *          is NULL.
- */
-int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
-    const byte* authIn, word32 authInSz)
-{
-    int ret = 0;
-
-    /* Check validity of parameters. */
-    if ((aes == NULL) || ((authInSz > 0) && (authIn == NULL)) || ((sz > 0) &&
-            ((out == NULL) || (in == NULL)))) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check key has been set. */
-    if ((ret == 0) && (!aes->gcmKeySet)) {
-        ret = MISSING_KEY;
-    }
-    /* Check IV has been set. */
-    if ((ret == 0) && (!aes->nonceSet)) {
-        ret = MISSING_IV;
-    }
-
-    if (ret == 0) {
-        /* Decrypt with AAD and/or cipher text. */
-    #ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-            ret = AesGcmDecryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-            ret = AesGcmDecryptUpdate_AARCH64(aes, out, in, sz, authIn,
-                authInSz);
-        }
-        else
-    #endif
-        {
-            /* Update the authentication tag with any authentication data and
-             * cipher text. */
-            GHASH_UPDATE(aes, authIn, authInSz, in, sz);
-            /* Decrypt the cipher text. */
-            ret = AesGcmCryptUpdate_C(aes, out, in, sz);
-        }
-    }
-
-    return ret;
-}
-
-/* Finalize the AES GCM for decryption and check the authentication tag.
- *
- * Must set key and IV before calling this function.
- * Must call wc_AesGcmInit() before calling this function.
- *
- * @param [in, out] aes        AES object.
- * @param [in]      authTag    Buffer holding authentication tag.
- * @param [in]      authTagSz  Length of authentication tag in bytes.
- * @return  0 on success.
- */
-int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
-{
-    int ret = 0;
-
-    /* Check validity of parameters. */
-    if ((aes == NULL) || (authTag == NULL) || (authTagSz > WC_AES_BLOCK_SIZE) ||
-            (authTagSz == 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check key has been set. */
-    if ((ret == 0) && (!aes->gcmKeySet)) {
-        ret = MISSING_KEY;
-    }
-    /* Check IV has been set. */
-    if ((ret == 0) && (!aes->nonceSet)) {
-        ret = MISSING_IV;
-    }
-
-    if (ret == 0) {
-        /* Calculate authentication tag and compare with one passed in.. */
-    #ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-            ret = AesGcmDecryptFinal_aesni(aes, authTag, authTagSz);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-          !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-        if (aes->use_aes_hw_crypto && aes->use_pmull_hw_crypto) {
-            ret = AesGcmDecryptFinal_AARCH64(aes, authTag, authTagSz);
-        }
-        else
-    #endif
-        {
-            ALIGN32 byte calcTag[WC_AES_BLOCK_SIZE];
-            /* Calculate authentication tag. */
-            ret = AesGcmFinal_C(aes, calcTag, authTagSz);
-            if (ret == 0) {
-                /* Check calculated tag matches the one passed in. */
-                if (ConstantCompare(authTag, calcTag, (int)authTagSz) != 0) {
-                    ret = AES_GCM_AUTH_E;
-                }
-            }
-        }
-    }
-
-    return ret;
-}
-#endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
-#endif /* WOLFSSL_AESGCM_STREAM */
-#endif /* WOLFSSL_XILINX_CRYPT */
-#endif /* end of block for AESGCM implementation selection */
-
-
-/* Common to all, abstract functions that build off of lower level AESGCM
- * functions */
-#ifndef WC_NO_RNG
-
-static WARN_UNUSED_RESULT WC_INLINE int CheckAesGcmIvSize(int ivSz) {
-    return (ivSz == GCM_NONCE_MIN_SZ ||
-            ivSz == GCM_NONCE_MID_SZ ||
-            ivSz == GCM_NONCE_MAX_SZ);
-}
-
-
-int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz)
-{
-    int ret = 0;
-
-    if (aes == NULL || iv == NULL || !CheckAesGcmIvSize((int)ivSz)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        XMEMCPY((byte*)aes->reg, iv, ivSz);
-
-        /* If the IV is 96, allow for a 2^64 invocation counter.
-         * For any other size for the nonce, limit the invocation
-         * counter to 32-bits. (SP 800-38D 8.3) */
-        aes->invokeCtr[0] = 0;
-        aes->invokeCtr[1] = (ivSz == GCM_NONCE_MID_SZ) ? 0 : 0xFFFFFFFF;
-    #ifdef WOLFSSL_AESGCM_STREAM
-        aes->ctrSet = 1;
-    #endif
-        aes->nonceSz = ivSz;
-    }
-
-    return ret;
-}
-
-
-int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
-                   const byte* ivFixed, word32 ivFixedSz,
-                   WC_RNG* rng)
-{
-    int ret = 0;
-
-    if (aes == NULL || rng == NULL || !CheckAesGcmIvSize((int)ivSz) ||
-        (ivFixed == NULL && ivFixedSz != 0) ||
-        (ivFixed != NULL && ivFixedSz != AES_IV_FIXED_SZ)) {
-
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        byte* iv = (byte*)aes->reg;
-
-        if (ivFixedSz)
-            XMEMCPY(iv, ivFixed, ivFixedSz);
-
-        ret = wc_RNG_GenerateBlock(rng, iv + ivFixedSz, ivSz - ivFixedSz);
-    }
-
-    if (ret == 0) {
-        /* If the IV is 96, allow for a 2^64 invocation counter.
-         * For any other size for the nonce, limit the invocation
-         * counter to 32-bits. (SP 800-38D 8.3) */
-        aes->invokeCtr[0] = 0;
-        aes->invokeCtr[1] = (ivSz == GCM_NONCE_MID_SZ) ? 0 : 0xFFFFFFFF;
-    #ifdef WOLFSSL_AESGCM_STREAM
-        aes->ctrSet = 1;
-    #endif
-        aes->nonceSz = ivSz;
-    }
-
-    return ret;
-}
-
-
-int wc_AesGcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz,
-                        byte* ivOut, word32 ivOutSz,
-                        byte* authTag, word32 authTagSz,
-                        const byte* authIn, word32 authInSz)
-{
-    int ret = 0;
-
-    if (aes == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
-        ivOut == NULL || ivOutSz != aes->nonceSz ||
-        (authIn == NULL && authInSz != 0)) {
-
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        aes->invokeCtr[0]++;
-        if (aes->invokeCtr[0] == 0) {
-            aes->invokeCtr[1]++;
-            if (aes->invokeCtr[1] == 0)
-                ret = AES_GCM_OVERFLOW_E;
-        }
-    }
-
-    if (ret == 0) {
-        XMEMCPY(ivOut, aes->reg, ivOutSz);
-        ret = wc_AesGcmEncrypt(aes, out, in, sz,
-                               (byte*)aes->reg, ivOutSz,
-                               authTag, authTagSz,
-                               authIn, authInSz);
-        if (ret == 0)
-            IncCtr((byte*)aes->reg, ivOutSz);
-    }
-
-    return ret;
-}
-
-int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
-            const byte* authIn, word32 authInSz,
-            byte* authTag, word32 authTagSz, WC_RNG* rng)
-{
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    int ret;
-
-    if (key == NULL || iv == NULL || (authIn == NULL && authInSz != 0) ||
-        authTag == NULL || authTagSz == 0 || rng == NULL) {
-
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    aes = wc_AesNew(NULL, INVALID_DEVID, &ret);
-#else
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-#endif
-    if (ret != 0)
-        return ret;
-
-    ret = wc_AesGcmSetKey(aes, key, keySz);
-    if (ret == 0)
-        ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng);
-    if (ret == 0)
-        ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz,
-                                  authTag, authTagSz, authIn, authInSz);
-
-#ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(aes, NULL);
-#else
-    wc_AesFree(aes);
-#endif
-
-    return ret;
-}
-
-int wc_GmacVerify(const byte* key, word32 keySz,
-                  const byte* iv, word32 ivSz,
-                  const byte* authIn, word32 authInSz,
-                  const byte* authTag, word32 authTagSz)
-{
-    int ret;
-#ifdef HAVE_AES_DECRYPT
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-
-    if (key == NULL || iv == NULL || (authIn == NULL && authInSz != 0) ||
-        authTag == NULL || authTagSz == 0 || authTagSz > WC_AES_BLOCK_SIZE) {
-
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    aes = wc_AesNew(NULL, INVALID_DEVID, &ret);
-#else
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-#endif
-    if (ret == 0) {
-        ret = wc_AesGcmSetKey(aes, key, keySz);
-        if (ret == 0)
-            ret = wc_AesGcmDecrypt(aes, NULL, NULL, 0, iv, ivSz,
-                                  authTag, authTagSz, authIn, authInSz);
-
-    }
-#ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(aes, NULL);
-#else
-    wc_AesFree(aes);
-#endif
-#else
-    (void)key;
-    (void)keySz;
-    (void)iv;
-    (void)ivSz;
-    (void)authIn;
-    (void)authInSz;
-    (void)authTag;
-    (void)authTagSz;
-    ret = NOT_COMPILED_IN;
-#endif
-    return ret;
-}
-
-#endif /* WC_NO_RNG */
-
-
-int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
-{
-    if (gmac == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return wc_AesGcmSetKey(&gmac->aes, key, len);
-}
-
-
-int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
-                              const byte* authIn, word32 authInSz,
-                              byte* authTag, word32 authTagSz)
-{
-    if (gmac == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    return wc_AesGcmEncrypt(&gmac->aes, NULL, NULL, 0, iv, ivSz,
-                                         authTag, authTagSz, authIn, authInSz);
-}
-
-#endif /* HAVE_AESGCM */
-
-#ifdef HAVE_AESCCM
-
-int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
-{
-    if (!((keySz == 16) || (keySz == 24) || (keySz == 32)))
-        return BAD_FUNC_ARG;
-
-    return wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
-}
-
-
-/* Checks if the tag size is an accepted value based on RFC 3610 section 2
- * returns 0 if tag size is ok
- */
-int wc_AesCcmCheckTagSize(int sz)
-{
-    /* values here are from RFC 3610 section 2 */
-    if (sz != 4 && sz != 6 && sz != 8 && sz != 10 && sz != 12 && sz != 14
-            && sz != 16) {
-        WOLFSSL_MSG("Bad auth tag size AES-CCM");
-        return BAD_FUNC_ARG;
-    }
-    return 0;
-}
-
-#if defined(WOLFSSL_RISCV_ASM)
-    /* implementation located in wolfcrypt/src/port/risc-v/riscv-64-aes.c */
-
-#elif defined(HAVE_COLDFIRE_SEC)
-    #error "Coldfire SEC doesn't currently support AES-CCM mode"
-
-#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
-        !defined(WOLFSSL_QNX_CAAM)
-    /* implemented in wolfcrypt/src/port/caam_aes.c */
-
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
-int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                   const byte* nonce, word32 nonceSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    return wc_AesCcmEncrypt_silabs(
-        aes, out, in, inSz,
-        nonce, nonceSz,
-        authTag, authTagSz,
-        authIn, authInSz);
-}
-
-#ifdef HAVE_AES_DECRYPT
-int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                   const byte* nonce, word32 nonceSz,
-                   const byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    return wc_AesCcmDecrypt_silabs(
-        aes, out, in, inSz,
-        nonce, nonceSz,
-        authTag, authTagSz,
-        authIn, authInSz);
-}
-#endif
-#elif defined(FREESCALE_LTC)
-
-/* return 0 on success */
-int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                   const byte* nonce, word32 nonceSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    byte *key;
-    word32 keySize;
-    status_t status;
-
-    /* sanity check on arguments */
-    /* note, LTC_AES_EncryptTagCcm() doesn't allow null src or dst
-     * ptrs even if inSz is zero (ltc_aes_ccm_check_input_args()), so
-     * don't allow it here either.
-     */
-    if (aes == NULL || out == NULL || in == NULL || nonce == NULL
-            || authTag == NULL || nonceSz < 7 || nonceSz > 13) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (wc_AesCcmCheckTagSize(authTagSz) != 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    key = (byte*)aes->key;
-
-    status = wc_AesGetKeySize(aes, &keySize);
-    if (status != 0) {
-        return status;
-    }
-
-    status = wolfSSL_CryptHwMutexLock();
-    if (status != 0)
-        return status;
-
-    status = LTC_AES_EncryptTagCcm(LTC_BASE, in, out, inSz,
-        nonce, nonceSz, authIn, authInSz, key, keySize, authTag, authTagSz);
-    wolfSSL_CryptHwMutexUnLock();
-
-    return (kStatus_Success == status) ? 0 : BAD_FUNC_ARG;
-}
-
-#ifdef HAVE_AES_DECRYPT
-int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                   const byte* nonce, word32 nonceSz,
-                   const byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-    byte *key;
-    word32 keySize;
-    status_t status;
-
-    /* sanity check on arguments */
-    if (aes == NULL || out == NULL || in == NULL || nonce == NULL
-            || authTag == NULL || nonceSz < 7 || nonceSz > 13) {
-        return BAD_FUNC_ARG;
-    }
-
-    key = (byte*)aes->key;
-
-    status = wc_AesGetKeySize(aes, &keySize);
-    if (status != 0) {
-        return status;
-    }
-
-    status = wolfSSL_CryptHwMutexLock();
-    if (status != 0)
-        return status;
-    status = LTC_AES_DecryptTagCcm(LTC_BASE, in, out, inSz,
-        nonce, nonceSz, authIn, authInSz, key, keySize, authTag, authTagSz);
-    wolfSSL_CryptHwMutexUnLock();
-
-    if (status != kStatus_Success) {
-        XMEMSET(out, 0, inSz);
-        return AES_CCM_AUTH_E;
-    }
-    return 0;
-}
-#endif /* HAVE_AES_DECRYPT */
-
-#else
-
-/* Software CCM */
-static WARN_UNUSED_RESULT int roll_x(
-    Aes* aes, const byte* in, word32 inSz, byte* out)
-{
-    int ret;
-
-    /* process the bulk of the data */
-    while (inSz >= WC_AES_BLOCK_SIZE) {
-        xorbuf(out, in, WC_AES_BLOCK_SIZE);
-        in += WC_AES_BLOCK_SIZE;
-        inSz -= WC_AES_BLOCK_SIZE;
-
-        ret = wc_AesEncrypt(aes, out, out);
-        if (ret != 0)
-            return ret;
-    }
-
-    /* process remainder of the data */
-    if (inSz > 0) {
-        xorbuf(out, in, inSz);
-        ret = wc_AesEncrypt(aes, out, out);
-        if (ret != 0)
-            return ret;
-    }
-
-    return 0;
-}
-
-static WARN_UNUSED_RESULT int roll_auth(
-    Aes* aes, const byte* in, word32 inSz, byte* out)
-{
-    word32 authLenSz;
-    word32 remainder;
-    int ret;
-
-    /* encode the length in */
-    if (inSz <= 0xFEFF) {
-        authLenSz = 2;
-        out[0] ^= (byte)(inSz >> 8);
-        out[1] ^= (byte)inSz;
-    }
-    else {
-        authLenSz = 6;
-        out[0] ^= 0xFF;
-        out[1] ^= 0xFE;
-        out[2] ^= (byte)(inSz >> 24);
-        out[3] ^= (byte)(inSz >> 16);
-        out[4] ^= (byte)(inSz >>  8);
-        out[5] ^= (byte)inSz;
-    }
-    /* Note, the protocol handles auth data up to 2^64, but we are
-     * using 32-bit sizes right now, so the bigger data isn't handled
-     * else {}
-     */
-
-    /* start fill out the rest of the first block */
-    remainder = WC_AES_BLOCK_SIZE - authLenSz;
-    if (inSz >= remainder) {
-        /* plenty of bulk data to fill the remainder of this block */
-        xorbuf(out + authLenSz, in, remainder);
-        inSz -= remainder;
-        in += remainder;
-    }
-    else {
-        /* not enough bulk data, copy what is available, and pad zero */
-        xorbuf(out + authLenSz, in, inSz);
-        inSz = 0;
-    }
-    ret = wc_AesEncrypt(aes, out, out);
-
-    if ((ret == 0) && (inSz > 0)) {
-        ret = roll_x(aes, in, inSz, out);
-    }
-
-    return ret;
-}
-
-
-static WC_INLINE void AesCcmCtrInc(byte* B, word32 lenSz)
-{
-    word32 i;
-
-    for (i = 0; i < lenSz; i++) {
-        if (++B[WC_AES_BLOCK_SIZE - 1 - i] != 0) return;
-    }
-}
-
-#ifdef WOLFSSL_AESNI
-static WC_INLINE void AesCcmCtrIncSet4(byte* B, word32 lenSz)
-{
-    word32 i;
-
-    /* B+1 = B */
-    XMEMCPY(B + WC_AES_BLOCK_SIZE * 1, B, WC_AES_BLOCK_SIZE);
-    /* B+2,B+3 = B,B+1 */
-    XMEMCPY(B + WC_AES_BLOCK_SIZE * 2, B, WC_AES_BLOCK_SIZE * 2);
-
-    for (i = 0; i < lenSz; i++) {
-        if (++B[WC_AES_BLOCK_SIZE * 2 - 1 - i] != 0) break;
-    }
-    B[WC_AES_BLOCK_SIZE * 3 - 1] = (byte)(B[WC_AES_BLOCK_SIZE * 3 - 1] + 2U);
-    if (B[WC_AES_BLOCK_SIZE * 3 - 1] < 2U) {
-        for (i = 1; i < lenSz; i++) {
-            if (++B[WC_AES_BLOCK_SIZE * 3 - 1 - i] != 0) break;
-        }
-    }
-    B[WC_AES_BLOCK_SIZE * 4 - 1] = (byte)(B[WC_AES_BLOCK_SIZE * 4 - 1] + 3U);
-    if (B[WC_AES_BLOCK_SIZE * 4 - 1] < 3U) {
-        for (i = 1; i < lenSz; i++) {
-            if (++B[WC_AES_BLOCK_SIZE * 4 - 1 - i] != 0) break;
-        }
-    }
-}
-
-static WC_INLINE void AesCcmCtrInc4(byte* B, word32 lenSz)
-{
-    word32 i;
-
-    B[WC_AES_BLOCK_SIZE - 1] = (byte)(B[WC_AES_BLOCK_SIZE - 1] + 4U);
-    if (B[WC_AES_BLOCK_SIZE - 1] < 4U) {
-        for (i = 1; i < lenSz; i++) {
-            if (++B[WC_AES_BLOCK_SIZE - 1 - i] != 0) break;
-        }
-    }
-}
-#endif
-
-/* Software AES - CCM Encrypt */
-/* return 0 on success */
-int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                   const byte* nonce, word32 nonceSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-#ifdef WOLFSSL_AESNI
-    ALIGN128 byte A[WC_AES_BLOCK_SIZE * 4];
-    ALIGN128 byte B[WC_AES_BLOCK_SIZE * 4];
-#else
-    byte A[WC_AES_BLOCK_SIZE];
-    byte B[WC_AES_BLOCK_SIZE];
-#endif
-    byte lenSz;
-    word32 i;
-    byte mask = 0xFF;
-    const word32 wordSz = (word32)sizeof(word32);
-    int ret;
-
-    /* sanity check on arguments */
-    if (aes == NULL || (inSz != 0 && (in == NULL || out == NULL)) ||
-        nonce == NULL || authTag == NULL || nonceSz < 7 || nonceSz > 13 ||
-            authTagSz > WC_AES_BLOCK_SIZE)
-        return BAD_FUNC_ARG;
-
-    /* Sanity check on authIn to prevent segfault in xorbuf() where
-     * variable 'in' is dereferenced as the mask 'm' in misc.c */
-    if (authIn == NULL && authInSz > 0)
-        return BAD_FUNC_ARG;
-
-    /* sanity check on tag size */
-    if (wc_AesCcmCheckTagSize((int)authTagSz) != 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        int crypto_cb_ret =
-            wc_CryptoCb_AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz,
-                                      authTag, authTagSz, authIn, authInSz);
-        if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return crypto_cb_ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    XMEMSET(A, 0, sizeof(A));
-    XMEMCPY(B+1, nonce, nonceSz);
-    lenSz = (byte)(WC_AES_BLOCK_SIZE - 1U - nonceSz);
-    B[0] = (byte)((authInSz > 0 ? 64 : 0)
-                  + (8 * (((byte)authTagSz - 2) / 2))
-                  + (lenSz - 1));
-    for (i = 0; i < lenSz; i++) {
-        if (mask && i >= wordSz)
-            mask = 0x00;
-        B[WC_AES_BLOCK_SIZE - 1 - i] = (byte)((inSz >> ((8 * i) & mask)) & mask);
-    }
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("wc_AesCcmEncrypt B", B, sizeof(B));
-#endif
-
-    VECTOR_REGISTERS_PUSH;
-    ret = wc_AesEncrypt(aes, B, A);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    if (ret == 0)
-        wc_MemZero_Add("wc_AesCcmEncrypt A", A, sizeof(A));
-#endif
-
-    if ((ret == 0) && (authInSz > 0))
-        ret = roll_auth(aes, authIn, authInSz, A);
-
-    if ((ret == 0) && (inSz > 0))
-        ret = roll_x(aes, in, inSz, A);
-
-    if (ret == 0) {
-        XMEMCPY(authTag, A, authTagSz);
-
-        B[0] = (byte)(lenSz - 1U);
-        for (i = 0; i < lenSz; i++)
-            B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
-        ret = wc_AesEncrypt(aes, B, A);
-    }
-
-    if (ret == 0) {
-        xorbuf(authTag, A, authTagSz);
-        B[15] = 1;
-    }
-#ifdef WOLFSSL_AESNI
-    if ((ret == 0) && aes->use_aesni) {
-        while (inSz >= WC_AES_BLOCK_SIZE * 4) {
-            AesCcmCtrIncSet4(B, lenSz);
-
-            AES_ECB_encrypt_AESNI(B, A, WC_AES_BLOCK_SIZE * 4, (byte*)aes->key,
-                            (int)aes->rounds);
-
-            xorbuf(A, in, WC_AES_BLOCK_SIZE * 4);
-            XMEMCPY(out, A, WC_AES_BLOCK_SIZE * 4);
-
-            inSz -= WC_AES_BLOCK_SIZE * 4;
-            in += WC_AES_BLOCK_SIZE * 4;
-            out += WC_AES_BLOCK_SIZE * 4;
-
-            AesCcmCtrInc4(B, lenSz);
-        }
-    }
-#endif
-    if (ret == 0) {
-        while (inSz >= WC_AES_BLOCK_SIZE) {
-            ret = wc_AesEncrypt(aes, B, A);
-            if (ret != 0)
-                break;
-            xorbuf(A, in, WC_AES_BLOCK_SIZE);
-            XMEMCPY(out, A, WC_AES_BLOCK_SIZE);
-
-            AesCcmCtrInc(B, lenSz);
-            inSz -= WC_AES_BLOCK_SIZE;
-            in += WC_AES_BLOCK_SIZE;
-            out += WC_AES_BLOCK_SIZE;
-        }
-    }
-    if ((ret == 0) && (inSz > 0)) {
-        ret = wc_AesEncrypt(aes, B, A);
-    }
-    if ((ret == 0) && (inSz > 0)) {
-        xorbuf(A, in, inSz);
-        XMEMCPY(out, A, inSz);
-    }
-
-    ForceZero(A, sizeof(A));
-    ForceZero(B, sizeof(B));
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(A, sizeof(A));
-    wc_MemZero_Check(B, sizeof(B));
-#endif
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-#ifdef HAVE_AES_DECRYPT
-/* Software AES - CCM Decrypt */
-int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                   const byte* nonce, word32 nonceSz,
-                   const byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
-{
-#ifdef WOLFSSL_AESNI
-    ALIGN128 byte B[WC_AES_BLOCK_SIZE * 4];
-    ALIGN128 byte A[WC_AES_BLOCK_SIZE * 4];
-#else
-    byte A[WC_AES_BLOCK_SIZE];
-    byte B[WC_AES_BLOCK_SIZE];
-#endif
-    byte* o;
-    byte lenSz;
-    word32 i, oSz;
-    byte mask = 0xFF;
-    const word32 wordSz = (word32)sizeof(word32);
-    int ret = 0;
-
-    /* sanity check on arguments */
-    if (aes == NULL || (inSz != 0 && (in == NULL || out == NULL)) ||
-        nonce == NULL || authTag == NULL || nonceSz < 7 || nonceSz > 13 ||
-        authTagSz > WC_AES_BLOCK_SIZE)
-        return BAD_FUNC_ARG;
-
-    /* Sanity check on authIn to prevent segfault in xorbuf() where
-     * variable 'in' is dereferenced as the mask 'm' in misc.c */
-    if (authIn == NULL && authInSz > 0)
-        return BAD_FUNC_ARG;
-
-    /* sanity check on tag size */
-    if (wc_AesCcmCheckTagSize((int)authTagSz) != 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        int crypto_cb_ret =
-            wc_CryptoCb_AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz,
-            authTag, authTagSz, authIn, authInSz);
-        if (crypto_cb_ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return crypto_cb_ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    o = out;
-    oSz = inSz;
-    XMEMSET(A, 0, sizeof A);
-    XMEMCPY(B+1, nonce, nonceSz);
-    lenSz = (byte)(WC_AES_BLOCK_SIZE - 1U - nonceSz);
-
-    B[0] = (byte)(lenSz - 1U);
-    for (i = 0; i < lenSz; i++)
-        B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
-    B[15] = 1;
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("wc_AesCcmEncrypt A", A, sizeof(A));
-    wc_MemZero_Add("wc_AesCcmEncrypt B", B, sizeof(B));
-#endif
-
-    VECTOR_REGISTERS_PUSH;
-
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        while (oSz >= WC_AES_BLOCK_SIZE * 4) {
-            AesCcmCtrIncSet4(B, lenSz);
-
-            AES_ECB_encrypt_AESNI(B, A, WC_AES_BLOCK_SIZE * 4, (byte*)aes->key,
-                            (int)aes->rounds);
-
-            xorbuf(A, in, WC_AES_BLOCK_SIZE * 4);
-            XMEMCPY(o, A, WC_AES_BLOCK_SIZE * 4);
-
-            oSz -= WC_AES_BLOCK_SIZE * 4;
-            in += WC_AES_BLOCK_SIZE * 4;
-            o += WC_AES_BLOCK_SIZE * 4;
-
-            AesCcmCtrInc4(B, lenSz);
-        }
-    }
-#endif
-
-    while (oSz >= WC_AES_BLOCK_SIZE) {
-        ret = wc_AesEncrypt(aes, B, A);
-        if (ret != 0)
-            break;
-        xorbuf(A, in, WC_AES_BLOCK_SIZE);
-        XMEMCPY(o, A, WC_AES_BLOCK_SIZE);
-        AesCcmCtrInc(B, lenSz);
-        oSz -= WC_AES_BLOCK_SIZE;
-        in += WC_AES_BLOCK_SIZE;
-        o += WC_AES_BLOCK_SIZE;
-    }
-
-    if ((ret == 0) && (inSz > 0))
-        ret = wc_AesEncrypt(aes, B, A);
-
-    if ((ret == 0) && (inSz > 0)) {
-        xorbuf(A, in, oSz);
-        XMEMCPY(o, A, oSz);
-        for (i = 0; i < lenSz; i++)
-            B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
-        ret = wc_AesEncrypt(aes, B, A);
-    }
-
-    if (ret == 0) {
-        o = out;
-        oSz = inSz;
-
-        B[0] = (byte)((authInSz > 0 ? 64 : 0)
-                      + (8 * (((byte)authTagSz - 2) / 2))
-                      + (lenSz - 1));
-        for (i = 0; i < lenSz; i++) {
-            if (mask && i >= wordSz)
-                mask = 0x00;
-            B[WC_AES_BLOCK_SIZE - 1 - i] = (byte)((inSz >> ((8 * i) & mask)) & mask);
-        }
-
-        ret = wc_AesEncrypt(aes, B, A);
-    }
-
-    if (ret == 0) {
-        if (authInSz > 0)
-            ret = roll_auth(aes, authIn, authInSz, A);
-    }
-    if ((ret == 0) && (inSz > 0))
-        ret = roll_x(aes, o, oSz, A);
-
-    if (ret == 0) {
-        B[0] = (byte)(lenSz - 1U);
-        for (i = 0; i < lenSz; i++)
-            B[WC_AES_BLOCK_SIZE - 1 - i] = 0;
-        ret = wc_AesEncrypt(aes, B, B);
-    }
-
-    if (ret == 0)
-        xorbuf(A, B, authTagSz);
-
-    if (ret == 0) {
-        if (ConstantCompare(A, authTag, (int)authTagSz) != 0) {
-            /* If the authTag check fails, don't keep the decrypted data.
-             * Unfortunately, you need the decrypted data to calculate the
-             * check value. */
-            #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) &&   \
-                        defined(ACVP_VECTOR_TESTING)
-            WOLFSSL_MSG("Preserve output for vector responses");
-            #else
-            if (inSz > 0)
-                XMEMSET(out, 0, inSz);
-            #endif
-            ret = AES_CCM_AUTH_E;
-        }
-    }
-
-    ForceZero(A, sizeof(A));
-    ForceZero(B, sizeof(B));
-    o = NULL;
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(A, sizeof(A));
-    wc_MemZero_Check(B, sizeof(B));
-#endif
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-#endif /* HAVE_AES_DECRYPT */
-#endif /* software CCM */
-
-/* abstract functions that call lower level AESCCM functions */
-#ifndef WC_NO_RNG
-
-int wc_AesCcmSetNonce(Aes* aes, const byte* nonce, word32 nonceSz)
-{
-    int ret = 0;
-
-    if (aes == NULL || nonce == NULL ||
-        nonceSz < CCM_NONCE_MIN_SZ || nonceSz > CCM_NONCE_MAX_SZ) {
-
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(aes->reg, nonce, nonceSz);
-        aes->nonceSz = nonceSz;
-
-        /* Invocation counter should be 2^61 */
-        aes->invokeCtr[0] = 0;
-        aes->invokeCtr[1] = 0xE0000000;
-    }
-
-    return ret;
-}
-
-
-int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz,
-                        byte* ivOut, word32 ivOutSz,
-                        byte* authTag, word32 authTagSz,
-                        const byte* authIn, word32 authInSz)
-{
-    int ret = 0;
-
-    if (aes == NULL || out == NULL ||
-        (in == NULL && sz != 0) ||
-        ivOut == NULL ||
-        (authIn == NULL && authInSz != 0) ||
-        (ivOutSz != aes->nonceSz)) {
-
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        aes->invokeCtr[0]++;
-        if (aes->invokeCtr[0] == 0) {
-            aes->invokeCtr[1]++;
-            if (aes->invokeCtr[1] == 0)
-                ret = AES_CCM_OVERFLOW_E;
-        }
-    }
-
-    if (ret == 0) {
-        ret = wc_AesCcmEncrypt(aes, out, in, sz,
-                               (byte*)aes->reg, aes->nonceSz,
-                               authTag, authTagSz,
-                               authIn, authInSz);
-        if (ret == 0) {
-            XMEMCPY(ivOut, aes->reg, aes->nonceSz);
-            IncCtr((byte*)aes->reg, aes->nonceSz);
-        }
-    }
-
-    return ret;
-}
-
-#endif /* WC_NO_RNG */
-
-#endif /* HAVE_AESCCM */
-
-#ifndef WC_NO_CONSTRUCTORS
-Aes* wc_AesNew(void* heap, int devId, int *result_code)
-{
-    int ret;
-    Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES);
-    if (aes == NULL) {
-        ret = MEMORY_E;
-    }
-    else {
-        ret = wc_AesInit(aes, heap, devId);
-        if (ret != 0) {
-            XFREE(aes, heap, DYNAMIC_TYPE_AES);
-            aes = NULL;
-        }
-    }
-
-    if (result_code != NULL)
-        *result_code = ret;
-
-    return aes;
-}
-
-int wc_AesDelete(Aes *aes, Aes** aes_p)
-{
-    if (aes == NULL)
-        return BAD_FUNC_ARG;
-    wc_AesFree(aes);
-    XFREE(aes, aes->heap, DYNAMIC_TYPE_AES);
-    if (aes_p != NULL)
-        *aes_p = NULL;
-    return 0;
-}
-#endif /* !WC_NO_CONSTRUCTORS */
-
-/* Initialize Aes */
-int wc_AesInit(Aes* aes, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (aes == NULL)
-        return BAD_FUNC_ARG;
-
-    XMEMSET(aes, 0, sizeof(*aes));
-
-    aes->heap = heap;
-
-#if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_STM32U5_DHUK)
-    aes->devId = devId;
-#else
-    (void)devId;
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
-    ret = wolfAsync_DevCtxInit(&aes->asyncDev, WOLFSSL_ASYNC_MARKER_AES,
-                                                        aes->heap, devId);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
-    aes->alFd = WC_SOCK_NOTSET;
-    aes->rdFd = WC_SOCK_NOTSET;
-#endif
-#if defined(WOLFSSL_DEVCRYPTO) && \
-   (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
-    aes->ctx.cfd = -1;
-#endif
-#if defined(WOLFSSL_IMXRT_DCP)
-    DCPAesInit(aes);
-#endif
-
-#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-    ret = wc_psa_aes_init(aes);
-#endif
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-    if (ret == 0)
-        ret = wc_debug_CipherLifecycleInit(&aes->CipherLifecycleTag, aes->heap);
-#endif
-
-    return ret;
-}
-
-#ifdef WOLF_PRIVATE_KEY_ID
-int  wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (aes == NULL)
-        ret = BAD_FUNC_ARG;
-    if (ret == 0 && (len < 0 || len > AES_MAX_ID_LEN))
-        ret = BUFFER_E;
-
-    if (ret == 0)
-        ret = wc_AesInit(aes, heap, devId);
-    if (ret == 0) {
-        XMEMCPY(aes->id, id, (size_t)len);
-        aes->idLen = len;
-        aes->labelLen = 0;
-    }
-
-    return ret;
-}
-
-int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId)
-{
-    int ret = 0;
-    size_t labelLen = 0;
-
-    if (aes == NULL || label == NULL)
-        ret = BAD_FUNC_ARG;
-    if (ret == 0) {
-        labelLen = XSTRLEN(label);
-        if (labelLen == 0 || labelLen > AES_MAX_LABEL_LEN)
-            ret = BUFFER_E;
-    }
-
-    if (ret == 0)
-        ret = wc_AesInit(aes, heap, devId);
-    if (ret == 0) {
-        XMEMCPY(aes->label, label, labelLen);
-        aes->labelLen = (int)labelLen;
-        aes->idLen = 0;
-    }
-
-    return ret;
-}
-#endif
-
-/* Free Aes resources */
-void wc_AesFree(Aes* aes)
-{
-    if (aes == NULL) {
-        return;
-    }
-
-#ifdef WC_DEBUG_CIPHER_LIFECYCLE
-    (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1);
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
-    wolfAsync_DevCtxFree(&aes->asyncDev, WOLFSSL_ASYNC_MARKER_AES);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
-    if (aes->rdFd > 0) { /* negative is error case */
-        close(aes->rdFd);
-        aes->rdFd = WC_SOCK_NOTSET;
-    }
-    if (aes->alFd > 0) {
-        close(aes->alFd);
-        aes->alFd = WC_SOCK_NOTSET;
-    }
-#endif /* WOLFSSL_AFALG */
-#ifdef WOLFSSL_KCAPI_AES
-    ForceZero((byte*)aes->devKey, AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE);
-    if (aes->init == 1) {
-        kcapi_cipher_destroy(aes->handle);
-    }
-    aes->init = 0;
-    aes->handle = NULL;
-#endif
-#if defined(WOLFSSL_DEVCRYPTO) && \
-    (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
-    wc_DevCryptoFree(&aes->ctx);
-#endif
-#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
-    (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
-    (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
-    ForceZero((byte*)aes->devKey, AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE);
-#endif
-#if defined(WOLFSSL_IMXRT_DCP)
-    DCPAesFree(aes);
-#endif
-#if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \
-    !defined(WOLFSSL_AESNI)
-    if (aes->streamData != NULL) {
-        ForceZero(aes->streamData, aes->streamData_sz);
-        XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES);
-        aes->streamData = NULL;
-    }
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    if (aes->useSWCrypt == 0) {
-        se050_aes_free(aes);
-    }
-#endif
-
-#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-    wc_psa_aes_free(aes);
-#endif
-
-#ifdef WOLFSSL_MAXQ10XX_CRYPTO
-    wc_MAXQ10XX_AesFree(aes);
-#endif
-
-#if ((defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
-    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_FSPSM_AES))
-    wc_fspsm_Aesfree(aes);
-#endif
-
-    ForceZero(aes, sizeof(Aes));
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(aes, sizeof(Aes));
-#endif
-}
-
-int wc_AesGetKeySize(Aes* aes, word32* keySize)
-{
-    int ret = 0;
-
-    if (aes == NULL || keySize == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
-    return wc_psa_aes_get_key_size(aes, keySize);
-#endif
-#if defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
-    *keySize = aes->ctx.key.keySize;
-    return ret;
-#endif
-    switch (aes->rounds) {
-#ifdef WOLFSSL_AES_128
-    case 10:
-        *keySize = 16;
-        break;
-#endif
-#ifdef WOLFSSL_AES_192
-    case 12:
-        *keySize = 24;
-        break;
-#endif
-#ifdef WOLFSSL_AES_256
-    case 14:
-        *keySize = 32;
-        break;
-#endif
-    default:
-        *keySize = 0;
-        ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-#endif /* !WOLFSSL_TI_CRYPT */
-
-/* the earlier do-nothing default definitions for VECTOR_REGISTERS_{PUSH,POP}
- * are missed when WOLFSSL_TI_CRYPT or WOLFSSL_ARMASM.
- */
-#ifndef VECTOR_REGISTERS_PUSH
-    #define VECTOR_REGISTERS_PUSH { WC_DO_NOTHING
-#endif
-#ifndef VECTOR_REGISTERS_POP
-    #define VECTOR_REGISTERS_POP } WC_DO_NOTHING
-#endif
-
-#ifdef HAVE_AES_ECB
-#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
-        !defined(WOLFSSL_QNX_CAAM)
-    /* implemented in wolfcrypt/src/port/caam/caam_aes.c */
-
-#elif defined(WOLFSSL_AFALG)
-    /* implemented in wolfcrypt/src/port/af_alg/afalg_aes.c */
-
-#elif defined(WOLFSSL_DEVCRYPTO_AES)
-    /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
-
-#elif defined(WOLFSSL_RISCV_ASM)
-    /* implemented in wolfcrypt/src/port/riscv/riscv-64-aes.c */
-
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
-
-#elif defined(MAX3266X_AES)
-
-int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    int status;
-    word32 keySize;
-
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-        return BAD_FUNC_ARG;
-
-    status = wc_AesGetKeySize(aes, &keySize);
-    if (status != 0) {
-        return status;
-    }
-
-    status = wc_MXC_TPU_AesEncrypt(in, (byte*)aes->reg, (byte*)aes->key,
-                                        MXC_TPU_MODE_ECB, sz, out, keySize);
-
-    return status;
-}
-
-#ifdef HAVE_AES_DECRYPT
-int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    int status;
-    word32 keySize;
-
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-        return BAD_FUNC_ARG;
-
-    status = wc_AesGetKeySize(aes, &keySize);
-    if (status != 0) {
-        return status;
-    }
-
-    status = wc_MXC_TPU_AesDecrypt(in, (byte*)aes->reg, (byte*)aes->key,
-                                        MXC_TPU_MODE_ECB, sz, out, keySize);
-
-    return status;
-}
-#endif /* HAVE_AES_DECRYPT */
-
-#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-
-/* Software AES - ECB */
-int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-        return BAD_FUNC_ARG;
-
-    return AES_ECB_encrypt(aes, in, out, sz);
-}
-
-
-int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-        return BAD_FUNC_ARG;
-
-    return AES_ECB_decrypt(aes, in, out, sz);
-}
-
-#else
-
-/* Software AES - ECB */
-static WARN_UNUSED_RESULT int _AesEcbEncrypt(
-    Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    int ret = 0;
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        ret = 0;
-        /* fall-through when unavailable */
-    }
-#endif
-#ifdef WOLFSSL_IMXRT_DCP
-    if (aes->keylen == 16)
-        return DCPAesEcbEncrypt(aes, out, in, sz);
-#endif
-
-    VECTOR_REGISTERS_PUSH;
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_encrypt_blocks_AARCH32(in, out, sz, (byte*)aes->key, (int)aes->rounds);
-#else
-    AES_ECB_encrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds);
-#endif
-#else
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        AES_ECB_encrypt_AESNI(in, out, sz, (byte*)aes->key, (int)aes->rounds);
-    }
-    else
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto) {
-        AES_encrypt_blocks_AARCH64(in, out, sz, (byte*)aes->key,
-            (int)aes->rounds);
-    }
-    else
-#endif
-    {
-#if defined(NEED_AES_TABLES)
-        AesEncryptBlocks_C(aes, in, out, sz);
-#else
-        word32 i;
-
-        for (i = 0; i < sz; i += WC_AES_BLOCK_SIZE) {
-            ret = wc_AesEncryptDirect(aes, out, in);
-            if (ret != 0)
-                break;
-            in += WC_AES_BLOCK_SIZE;
-            out += WC_AES_BLOCK_SIZE;
-        }
-#endif
-    }
-#endif
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-#ifdef HAVE_AES_DECRYPT
-static WARN_UNUSED_RESULT int _AesEcbDecrypt(
-    Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    int ret = 0;
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (aes->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        ret = 0;
-        /* fall-through when unavailable */
-    }
-#endif
-#ifdef WOLFSSL_IMXRT_DCP
-    if (aes->keylen == 16)
-        return DCPAesEcbDecrypt(aes, out, in, sz);
-#endif
-
-    VECTOR_REGISTERS_PUSH;
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-    AES_decrypt_blocks_AARCH32(in, out, sz, (byte*)aes->key, (int)aes->rounds);
-#else
-    AES_ECB_decrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds);
-#endif
-#else
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        AES_ECB_decrypt_AESNI(in, out, sz, (byte*)aes->key, (int)aes->rounds);
-    }
-    else
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto) {
-        AES_decrypt_blocks_AARCH64(in, out, sz, (byte*)aes->key,
-            (int)aes->rounds);
-    }
-    else
-#endif
-    {
-#if defined(NEED_AES_TABLES)
-        AesDecryptBlocks_C(aes, in, out, sz);
-#else
-        word32 i;
-
-        for (i = 0; i < sz; i += WC_AES_BLOCK_SIZE) {
-            ret = wc_AesDecryptDirect(aes, out, in);
-            if (ret != 0)
-                break;
-            in += WC_AES_BLOCK_SIZE;
-            out += WC_AES_BLOCK_SIZE;
-        }
-#endif
-    }
-#endif
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-#endif
-
-int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-      return BAD_FUNC_ARG;
-    if ((sz % WC_AES_BLOCK_SIZE) != 0) {
-        return BAD_LENGTH_E;
-    }
-
-    return _AesEcbEncrypt(aes, out, in, sz);
-}
-
-#ifdef HAVE_AES_DECRYPT
-int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-      return BAD_FUNC_ARG;
-    if ((sz % WC_AES_BLOCK_SIZE) != 0) {
-        return BAD_LENGTH_E;
-    }
-
-    return _AesEcbDecrypt(aes, out, in, sz);
-}
-#endif /* HAVE_AES_DECRYPT */
-#endif
-#endif /* HAVE_AES_ECB */
-
-#if defined(WOLFSSL_AES_CFB)
-/* Feedback AES mode
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer
- * mode flag to specify AES mode
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - CFB Encrypt */
-static WARN_UNUSED_RESULT int AesCfbEncrypt_C(Aes* aes, byte* out,
-    const byte* in, word32 sz)
-{
-    int ret = 0;
-    word32 processed;
-
-    if ((aes == NULL) || (out == NULL) || (in == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-    if (sz == 0) {
-        return 0;
-    }
-
-    if (aes->left > 0) {
-        /* consume any unused bytes left in aes->tmp */
-        processed = min(aes->left, sz);
-        xorbufout(out, in, (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left,
-            processed);
-        XMEMCPY((byte*)aes->reg + WC_AES_BLOCK_SIZE - aes->left, out,
-            processed);
-        aes->left -= processed;
-        out += processed;
-        in += processed;
-        sz -= processed;
-    }
-
-    VECTOR_REGISTERS_PUSH;
-
-    while (sz >= WC_AES_BLOCK_SIZE) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->reg, (byte*)aes->reg);
-        if (ret != 0) {
-            break;
-        }
-        xorbuf((byte*)aes->reg, in, WC_AES_BLOCK_SIZE);
-        XMEMCPY(out, aes->reg, WC_AES_BLOCK_SIZE);
-        out += WC_AES_BLOCK_SIZE;
-        in  += WC_AES_BLOCK_SIZE;
-        sz  -= WC_AES_BLOCK_SIZE;
-    }
-
-    /* encrypt left over data */
-    if ((ret == 0) && sz) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
-        if (ret == 0) {
-            xorbufout(out, in, aes->tmp, sz);
-            XMEMCPY(aes->reg, out, sz);
-            aes->left = WC_AES_BLOCK_SIZE - sz;
-        }
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-
-#if defined(HAVE_AES_DECRYPT)
-/* CFB 128
- *
- * aes structure holding key to use for decryption
- * out buffer to hold result of decryption (must be at least as large as input
- *     buffer)
- * in  buffer to decrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - CFB Decrypt */
-static WARN_UNUSED_RESULT int AesCfbDecrypt_C(Aes* aes, byte* out,
-    const byte* in, word32 sz, byte mode)
-{
-    int ret = 0;
-    word32 processed;
-
-    (void)mode;
-
-    if ((aes == NULL) || (out == NULL) || (in == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-    if (sz == 0) {
-        return 0;
-    }
-
-    if (aes->left > 0) {
-        /* consume any unused bytes left in aes->tmp */
-        processed = min(aes->left, sz);
-        /* copy input over to aes->reg */
-        XMEMCPY((byte*)aes->reg + WC_AES_BLOCK_SIZE - aes->left, in, processed);
-        xorbufout(out, in, (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left,
-            processed);
-        aes->left -= processed;
-        out += processed;
-        in += processed;
-        sz -= processed;
-    }
-
-    VECTOR_REGISTERS_PUSH;
-
-    #if !defined(WOLFSSL_SMALL_STACK) && defined(HAVE_AES_ECB) && \
-        !defined(WOLFSSL_PIC32MZ_CRYPT) && \
-        (defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_ARMASM))
-    {
-        ALIGN16 byte tmp[4 * WC_AES_BLOCK_SIZE];
-        while (sz >= 4 * WC_AES_BLOCK_SIZE) {
-            XMEMCPY(tmp, aes->reg, WC_AES_BLOCK_SIZE);
-            XMEMCPY(tmp + WC_AES_BLOCK_SIZE, in, 3 * WC_AES_BLOCK_SIZE);
-            XMEMCPY(aes->reg, in + 3 * WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-            ret = wc_AesEcbEncrypt(aes, tmp, tmp, 4 * WC_AES_BLOCK_SIZE);
-            if (ret != 0) {
-                break;
-            }
-            xorbufout(out, in, tmp, 4 * WC_AES_BLOCK_SIZE);
-            out += 4 * WC_AES_BLOCK_SIZE;
-            in  += 4 * WC_AES_BLOCK_SIZE;
-            sz  -= 4 * WC_AES_BLOCK_SIZE;
-        }
-    }
-    #endif
-    while (sz >= WC_AES_BLOCK_SIZE) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
-        if (ret != 0) {
-            break;
-        }
-        XMEMCPY((byte*)aes->reg, in, WC_AES_BLOCK_SIZE);
-        xorbufout(out, in, (byte*)aes->tmp, WC_AES_BLOCK_SIZE);
-        out += WC_AES_BLOCK_SIZE;
-        in  += WC_AES_BLOCK_SIZE;
-        sz  -= WC_AES_BLOCK_SIZE;
-    }
-
-    /* decrypt left over data */
-    if ((ret == 0) && sz) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
-        if (ret == 0) {
-            XMEMCPY(aes->reg, in, sz);
-            xorbufout(out, in, aes->tmp, sz);
-            aes->left = WC_AES_BLOCK_SIZE - sz;
-        }
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-#endif /* HAVE_AES_DECRYPT */
-
-/* CFB 128
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - CFB Encrypt */
-int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return AesCfbEncrypt_C(aes, out, in, sz);
-}
-
-
-#ifdef HAVE_AES_DECRYPT
-/* CFB 128
- *
- * aes structure holding key to use for decryption
- * out buffer to hold result of decryption (must be at least as large as input
- *     buffer)
- * in  buffer to decrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - CFB Decrypt */
-int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return AesCfbDecrypt_C(aes, out, in, sz, AES_CFB_MODE);
-}
-#endif /* HAVE_AES_DECRYPT */
-
-#ifndef WOLFSSL_NO_AES_CFB_1_8
-/* shift the whole WC_AES_BLOCK_SIZE array left by 8 or 1 bits */
-static void shiftLeftArray(byte* ary, byte shift)
-{
-    int i;
-
-    if (shift == WOLFSSL_BIT_SIZE) {
-        /* shifting over by 8 bits */
-        for (i = 0; i < WC_AES_BLOCK_SIZE - 1; i++) {
-            ary[i] = ary[i+1];
-        }
-        ary[i] = 0;
-    }
-    else {
-        /* shifting over by 7 or less bits */
-        for (i = 0; i < WC_AES_BLOCK_SIZE - 1; i++) {
-            byte carry = (byte)(ary[i+1] & (0XFF << (WOLFSSL_BIT_SIZE - shift)));
-            carry = (byte)(carry >> (WOLFSSL_BIT_SIZE - shift));
-            ary[i] = (byte)((ary[i] << shift) + carry);
-        }
-        ary[i] = (byte)(ary[i] << shift);
-    }
-}
-
-
-/* returns 0 on success and negative values on failure */
-static WARN_UNUSED_RESULT int wc_AesFeedbackCFB8(
-    Aes* aes, byte* out, const byte* in, word32 sz, byte dir)
-{
-    byte *pt;
-    int ret = 0;
-
-    if (aes == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz == 0) {
-        return 0;
-    }
-
-    VECTOR_REGISTERS_PUSH;
-
-    while (sz > 0) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
-        if (ret != 0)
-            break;
-        if (dir == AES_DECRYPTION) {
-            pt = (byte*)aes->reg;
-
-            /* LSB + CAT */
-            shiftLeftArray(pt, WOLFSSL_BIT_SIZE);
-            pt[WC_AES_BLOCK_SIZE - 1] = in[0];
-        }
-
-        /* MSB + XOR */
-    #ifdef BIG_ENDIAN_ORDER
-        ByteReverseWords(aes->tmp, aes->tmp, WC_AES_BLOCK_SIZE);
-    #endif
-        out[0] = (byte)(aes->tmp[0] ^ in[0]);
-        if (dir == AES_ENCRYPTION) {
-            pt = (byte*)aes->reg;
-
-            /* LSB + CAT */
-            shiftLeftArray(pt, WOLFSSL_BIT_SIZE);
-            pt[WC_AES_BLOCK_SIZE - 1] = out[0];
-        }
-
-        out += 1;
-        in  += 1;
-        sz  -= 1;
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-
-/* returns 0 on success and negative values on failure */
-static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
-    Aes* aes, byte* out, const byte* in, word32 sz, byte dir)
-{
-    byte tmp;
-    byte cur = 0; /* hold current work in order to handle inline in=out */
-    byte* pt;
-    int bit = 7;
-    int ret = 0;
-
-    if (aes == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz == 0) {
-        return 0;
-    }
-
-    VECTOR_REGISTERS_PUSH;
-
-    while (sz > 0) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
-        if (ret != 0)
-            break;
-        if (dir == AES_DECRYPTION) {
-            pt = (byte*)aes->reg;
-
-            /* LSB + CAT */
-            tmp = (byte)((0X01U << bit) & in[0]);
-            tmp = (byte)(tmp >> bit);
-            tmp &= 0x01;
-            shiftLeftArray((byte*)aes->reg, 1);
-            pt[WC_AES_BLOCK_SIZE - 1] |= tmp;
-        }
-
-        /* MSB  + XOR */
-        tmp = (byte)((0X01U << bit) & in[0]);
-        pt = (byte*)aes->tmp;
-        tmp = (byte)((pt[0] >> 7) ^ (tmp >> bit));
-        tmp &= 0x01;
-        cur = (byte)(cur | (tmp << bit));
-
-
-        if (dir == AES_ENCRYPTION) {
-            pt = (byte*)aes->reg;
-
-            /* LSB + CAT */
-            shiftLeftArray((byte*)aes->reg, 1);
-            pt[WC_AES_BLOCK_SIZE - 1] |= tmp;
-        }
-
-        bit--;
-        if (bit < 0) {
-            out[0] = cur;
-            out += 1;
-            in  += 1;
-            sz  -= 1;
-            bit = 7U;
-            cur = 0;
-        }
-        else {
-            sz -= 1;
-        }
-    }
-
-    if (ret == 0) {
-        if (bit >= 0 && bit < 7) {
-            out[0] = cur;
-        }
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-
-/* CFB 1
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt (packed to left, i.e. 101 is 0x90)
- * sz  size of input buffer in bits (0x1 would be size of 1 and 0xFF size of 8)
- *
- * returns 0 on success and negative values on failure
- */
-int wc_AesCfb1Encrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return wc_AesFeedbackCFB1(aes, out, in, sz, AES_ENCRYPTION);
-}
-
-
-/* CFB 8
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative values on failure
- */
-int wc_AesCfb8Encrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return wc_AesFeedbackCFB8(aes, out, in, sz, AES_ENCRYPTION);
-}
-#ifdef HAVE_AES_DECRYPT
-
-/* CFB 1
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer in bits (0x1 would be size of 1 and 0xFF size of 8)
- *
- * returns 0 on success and negative values on failure
- */
-int wc_AesCfb1Decrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return wc_AesFeedbackCFB1(aes, out, in, sz, AES_DECRYPTION);
-}
-
-
-/* CFB 8
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative values on failure
- */
-int wc_AesCfb8Decrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return wc_AesFeedbackCFB8(aes, out, in, sz, AES_DECRYPTION);
-}
-#endif /* HAVE_AES_DECRYPT */
-#endif /* !WOLFSSL_NO_AES_CFB_1_8 */
-#endif /* WOLFSSL_AES_CFB */
-
-#ifdef WOLFSSL_AES_OFB
-/* OFB AES mode
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - OFB Encrypt/Decrypt */
-static WARN_UNUSED_RESULT int AesOfbCrypt_C(Aes* aes, byte* out, const byte* in,
-    word32 sz)
-{
-    int ret = 0;
-    word32 processed;
-
-    if ((aes == NULL) || (out == NULL) || (in == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-    if (sz == 0) {
-        return 0;
-    }
-
-    if (aes->left > 0) {
-        /* consume any unused bytes left in aes->tmp */
-        processed = min(aes->left, sz);
-        xorbufout(out, in, (byte*)aes->tmp + WC_AES_BLOCK_SIZE - aes->left,
-            processed);
-        aes->left -= processed;
-        out += processed;
-        in += processed;
-        sz -= processed;
-    }
-
-    VECTOR_REGISTERS_PUSH;
-
-    while (sz >= WC_AES_BLOCK_SIZE) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->reg, (byte*)aes->reg);
-        if (ret != 0) {
-            break;
-        }
-        xorbufout(out, in, (byte*)aes->reg, WC_AES_BLOCK_SIZE);
-        out += WC_AES_BLOCK_SIZE;
-        in  += WC_AES_BLOCK_SIZE;
-        sz  -= WC_AES_BLOCK_SIZE;
-    }
-
-    /* encrypt left over data */
-    if ((ret == 0) && sz) {
-        ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
-        if (ret == 0) {
-            XMEMCPY(aes->reg, aes->tmp, WC_AES_BLOCK_SIZE);
-            xorbufout(out, in, aes->tmp, sz);
-            aes->left = WC_AES_BLOCK_SIZE - sz;
-        }
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    return ret;
-}
-
-/* OFB
- *
- * aes structure holding key to use for encryption
- * out buffer to hold result of encryption (must be at least as large as input
- *     buffer)
- * in  buffer to encrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - OFB Encrypt */
-int wc_AesOfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return AesOfbCrypt_C(aes, out, in, sz);
-}
-
-
-#ifdef HAVE_AES_DECRYPT
-/* OFB
- *
- * aes structure holding key to use for decryption
- * out buffer to hold result of decryption (must be at least as large as input
- *     buffer)
- * in  buffer to decrypt
- * sz  size of input buffer
- *
- * returns 0 on success and negative error values on failure
- */
-/* Software AES - OFB Decrypt */
-int wc_AesOfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    return AesOfbCrypt_C(aes, out, in, sz);
-}
-#endif /* HAVE_AES_DECRYPT */
-#endif /* WOLFSSL_AES_OFB */
-
-
-#ifdef HAVE_AES_KEYWRAP
-
-/* Initialize key wrap counter with value */
-static WC_INLINE void InitKeyWrapCounter(byte* inOutCtr, word32 value)
-{
-    word32 i;
-    word32 bytes;
-
-    bytes = sizeof(word32);
-    for (i = 0; i < sizeof(word32); i++) {
-        inOutCtr[i+sizeof(word32)] = (byte)(value >> ((bytes - 1) * 8));
-        bytes--;
-    }
-}
-
-/* Increment key wrap counter */
-static WC_INLINE void IncrementKeyWrapCounter(byte* inOutCtr)
-{
-    int i;
-
-    /* in network byte order so start at end and work back */
-    for (i = KEYWRAP_BLOCK_SIZE - 1; i >= 0; i--) {
-        if (++inOutCtr[i])  /* we're done unless we overflow */
-            return;
-    }
-}
-
-/* Decrement key wrap counter */
-static WC_INLINE void DecrementKeyWrapCounter(byte* inOutCtr)
-{
-    int i;
-
-    for (i = KEYWRAP_BLOCK_SIZE - 1; i >= 0; i--) {
-        if (--inOutCtr[i] != 0xFF)  /* we're done unless we underflow */
-            return;
-    }
-}
-
-int wc_AesKeyWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
-        word32 outSz, const byte* iv)
-{
-    word32 i;
-    byte* r;
-    int j;
-    int ret = 0;
-
-    byte t[KEYWRAP_BLOCK_SIZE];
-    byte tmp[WC_AES_BLOCK_SIZE];
-
-    /* n must be at least 2 64-bit blocks, output size is (n + 1) 8 bytes (64-bit) */
-    if (aes == NULL || in  == NULL || inSz < 2*KEYWRAP_BLOCK_SIZE ||
-        out == NULL || outSz < (inSz + KEYWRAP_BLOCK_SIZE))
-        return BAD_FUNC_ARG;
-
-    /* input must be multiple of 64-bits */
-    if (inSz % KEYWRAP_BLOCK_SIZE != 0)
-        return BAD_FUNC_ARG;
-
-    r = out + 8;
-    XMEMCPY(r, in, inSz);
-    XMEMSET(t, 0, sizeof(t));
-
-    /* user IV is optional */
-    if (iv == NULL) {
-        XMEMSET(tmp, 0xA6, KEYWRAP_BLOCK_SIZE);
-    } else {
-        XMEMCPY(tmp, iv, KEYWRAP_BLOCK_SIZE);
-    }
-
-    VECTOR_REGISTERS_PUSH;
-
-    for (j = 0; j <= 5; j++) {
-        for (i = 1; i <= inSz / KEYWRAP_BLOCK_SIZE; i++) {
-            /* load R[i] */
-            XMEMCPY(tmp + KEYWRAP_BLOCK_SIZE, r, KEYWRAP_BLOCK_SIZE);
-
-            ret = wc_AesEncryptDirect(aes, tmp, tmp);
-            if (ret != 0)
-                break;
-
-            /* calculate new A */
-            IncrementKeyWrapCounter(t);
-            xorbuf(tmp, t, KEYWRAP_BLOCK_SIZE);
-
-            /* save R[i] */
-            XMEMCPY(r, tmp + KEYWRAP_BLOCK_SIZE, KEYWRAP_BLOCK_SIZE);
-            r += KEYWRAP_BLOCK_SIZE;
-        }
-        if (ret != 0)
-            break;
-        r = out + KEYWRAP_BLOCK_SIZE;
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    if (ret != 0)
-        return ret;
-
-    /* C[0] = A */
-    XMEMCPY(out, tmp, KEYWRAP_BLOCK_SIZE);
-
-    return (int)(inSz + KEYWRAP_BLOCK_SIZE);
-}
-
-/* perform AES key wrap (RFC3394), return out sz on success, negative on err */
-int wc_AesKeyWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
-                  byte* out, word32 outSz, const byte* iv)
-{
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    int ret;
-
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                              DYNAMIC_TYPE_AES)) == NULL)
-        return MEMORY_E;
-#endif
-
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        goto out;
-
-    ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
-    if (ret != 0) {
-        wc_AesFree(aes);
-        goto out;
-    }
-
-    ret = wc_AesKeyWrap_ex(aes, in, inSz, out, outSz, iv);
-
-    wc_AesFree(aes);
-
-  out:
-    WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES);
-
-    return ret;
-}
-
-int wc_AesKeyUnWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
-        word32 outSz, const byte* iv)
-{
-    byte* r;
-    word32 i, n;
-    int j;
-    int ret = 0;
-
-    byte t[KEYWRAP_BLOCK_SIZE];
-    byte tmp[WC_AES_BLOCK_SIZE];
-
-    const byte* expIv;
-    const byte defaultIV[] = {
-        0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6
-    };
-
-    if (aes == NULL || in == NULL || inSz < 3 * KEYWRAP_BLOCK_SIZE ||
-        out == NULL || outSz < (inSz - KEYWRAP_BLOCK_SIZE))
-        return BAD_FUNC_ARG;
-
-    /* input must be multiple of 64-bits */
-    if (inSz % KEYWRAP_BLOCK_SIZE != 0)
-        return BAD_FUNC_ARG;
-
-    /* user IV optional */
-    if (iv != NULL)
-        expIv = iv;
-    else
-        expIv = defaultIV;
-
-    /* A = C[0], R[i] = C[i] */
-    XMEMCPY(tmp, in, KEYWRAP_BLOCK_SIZE);
-    XMEMCPY(out, in + KEYWRAP_BLOCK_SIZE, inSz - KEYWRAP_BLOCK_SIZE);
-    XMEMSET(t, 0, sizeof(t));
-
-    VECTOR_REGISTERS_PUSH;
-
-    /* initialize counter to 6n */
-    n = (inSz - 1) / KEYWRAP_BLOCK_SIZE;
-    InitKeyWrapCounter(t, 6 * n);
-
-    for (j = 5; j >= 0; j--) {
-        for (i = n; i >= 1; i--) {
-
-            /* calculate A */
-            xorbuf(tmp, t, KEYWRAP_BLOCK_SIZE);
-            DecrementKeyWrapCounter(t);
-
-            /* load R[i], starting at end of R */
-            r = out + ((i - 1) * KEYWRAP_BLOCK_SIZE);
-            XMEMCPY(tmp + KEYWRAP_BLOCK_SIZE, r, KEYWRAP_BLOCK_SIZE);
-            ret = wc_AesDecryptDirect(aes, tmp, tmp);
-            if (ret != 0)
-                break;
-
-            /* save R[i] */
-            XMEMCPY(r, tmp + KEYWRAP_BLOCK_SIZE, KEYWRAP_BLOCK_SIZE);
-        }
-        if (ret != 0)
-            break;
-    }
-
-    VECTOR_REGISTERS_POP;
-
-    if (ret != 0)
-        return ret;
-
-    /* verify IV */
-    if (XMEMCMP(tmp, expIv, KEYWRAP_BLOCK_SIZE) != 0)
-        return BAD_KEYWRAP_IV_E;
-
-    return (int)(inSz - KEYWRAP_BLOCK_SIZE);
-}
-
-int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
-                    byte* out, word32 outSz, const byte* iv)
-{
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    int ret;
-
-    (void)iv;
-
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                              DYNAMIC_TYPE_AES)) == NULL)
-        return MEMORY_E;
-#endif
-
-
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        goto out;
-
-    ret = wc_AesSetKey(aes, key, keySz, NULL, AES_DECRYPTION);
-    if (ret != 0) {
-        wc_AesFree(aes);
-        goto out;
-    }
-
-    ret = wc_AesKeyUnWrap_ex(aes, in, inSz, out, outSz, iv);
-
-    wc_AesFree(aes);
-
-  out:
-    WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES);
-
-    return ret;
-}
-
-#endif /* HAVE_AES_KEYWRAP */
-
-#ifdef WOLFSSL_AES_XTS
-
-/* Galois Field to use */
-#define GF_XTS 0x87
-
-/* Set up keys for encryption and/or decryption.
- *
- * aes   buffer holding aes subkeys
- * heap  heap hint to use for memory. Can be NULL
- * devId id to use with async crypto. Can be 0
- *
- * return 0 on success
- */
-int wc_AesXtsInit(XtsAes* aes, void* heap, int devId)
-{
-    int    ret = 0;
-
-    if (aes == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) {
-        return ret;
-    }
-    if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) {
-        (void)wc_AesFree(&aes->tweak);
-        return ret;
-    }
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-    if ((ret = wc_AesInit(&aes->aes_decrypt, heap, devId)) != 0) {
-        (void)wc_AesFree(&aes->tweak);
-        (void)wc_AesFree(&aes->aes);
-        return ret;
-    }
-#endif
-
-    return 0;
-}
-
-/* Set up keys for encryption and/or decryption.
- *
- * aes   buffer holding aes subkeys
- * key   AES key for encrypt/decrypt and tweak process (concatenated)
- * len   length of key buffer in bytes. Should be twice that of key size. i.e.
- *       32 for a 16 byte key.
- * dir   direction: AES_ENCRYPTION, AES_DECRYPTION, or
- *       AES_ENCRYPTION_AND_DECRYPTION
- *
- * return 0 on success
- */
-int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key, word32 len, int dir)
-{
-    word32 keySz;
-    int    ret = 0;
-
-    if (aes == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((dir != AES_ENCRYPTION) && (dir != AES_DECRYPTION)
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-        && (dir != AES_ENCRYPTION_AND_DECRYPTION)
-#endif
-        )
-    {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((len != (AES_128_KEY_SIZE*2)) &&
-#ifndef HAVE_FIPS
-        /* XTS-384 not allowed by FIPS and can not be treated like
-         * RSA-4096 bit keys back in the day, can not vendor affirm
-         * the use of 2 concatenated 192-bit keys (XTS-384) */
-        (len != (AES_192_KEY_SIZE*2)) &&
-#endif
-        (len != (AES_256_KEY_SIZE*2)))
-    {
-        WOLFSSL_MSG("Unsupported key size");
-        return WC_KEY_SIZE_E;
-    }
-
-    keySz = len/2;
-
-#ifdef HAVE_FIPS
-    if (XMEMCMP(key, key + keySz, keySz) == 0) {
-        WOLFSSL_MSG("FIPS AES-XTS main and tweak keys must differ");
-        return BAD_FUNC_ARG;
-    }
-#endif
-
-    if (dir == AES_ENCRYPTION
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-        || dir == AES_ENCRYPTION_AND_DECRYPTION
-#endif
-        )
-    {
-        ret = wc_AesSetKey(&aes->aes, key, keySz, NULL, AES_ENCRYPTION);
-    }
-
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-    if ((ret == 0) && ((dir == AES_DECRYPTION)
-                       || (dir == AES_ENCRYPTION_AND_DECRYPTION)))
-        ret = wc_AesSetKey(&aes->aes_decrypt, key, keySz, NULL, AES_DECRYPTION);
-#else
-    if (dir == AES_DECRYPTION)
-        ret = wc_AesSetKey(&aes->aes, key, keySz, NULL, AES_DECRYPTION);
-#endif
-
-    if (ret == 0)
-        ret = wc_AesSetKey(&aes->tweak, key + keySz, keySz, NULL,
-                AES_ENCRYPTION);
-
-#ifdef WOLFSSL_AESNI
-    if (ret == 0) {
-        /* With WC_C_DYNAMIC_FALLBACK, the main and tweak keys could have
-         * conflicting _aesni status, but the AES-XTS asm implementations need
-         * them to all be AESNI.  If any aren't, disable AESNI on all.
-         */
-    #ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-        if ((((dir == AES_ENCRYPTION) ||
-              (dir == AES_ENCRYPTION_AND_DECRYPTION))
-             && (aes->aes.use_aesni != aes->tweak.use_aesni))
-            ||
-            (((dir == AES_DECRYPTION) ||
-              (dir == AES_ENCRYPTION_AND_DECRYPTION))
-             && (aes->aes_decrypt.use_aesni != aes->tweak.use_aesni)))
-        {
-        #ifdef WC_C_DYNAMIC_FALLBACK
-            aes->aes.use_aesni = 0;
-            aes->aes_decrypt.use_aesni = 0;
-            aes->tweak.use_aesni = 0;
-        #else
-            ret = SYSLIB_FAILED_E;
-        #endif
-        }
-    #else /* !WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS */
-        if (aes->aes.use_aesni != aes->tweak.use_aesni) {
-        #ifdef WC_C_DYNAMIC_FALLBACK
-            aes->aes.use_aesni = 0;
-            aes->tweak.use_aesni = 0;
-        #else
-            ret = SYSLIB_FAILED_E;
-        #endif
-        }
-    #endif /* !WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS */
-    }
-#endif /* WOLFSSL_AESNI */
-
-    return ret;
-}
-
-/* Combined call to wc_AesXtsInit() and wc_AesXtsSetKeyNoInit().
- *
- * Note: is up to user to call wc_AesXtsFree when done.
- *
- * return 0 on success
- */
-int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
-        void* heap, int devId)
-{
-    int    ret = 0;
-
-    if (aes == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_AesXtsInit(aes, heap, devId);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_AesXtsSetKeyNoInit(aes, key, len, dir);
-
-    if (ret != 0)
-        wc_AesXtsFree(aes);
-
-    return ret;
-}
-
-
-/* This is used to free up resources used by Aes structs
- *
- * aes AES keys to free
- *
- * return 0 on success
- */
-int wc_AesXtsFree(XtsAes* aes)
-{
-    if (aes != NULL) {
-        wc_AesFree(&aes->aes);
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-        wc_AesFree(&aes->aes_decrypt);
-#endif
-        wc_AesFree(&aes->tweak);
-    }
-
-    return 0;
-}
-
-
-/* Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak value
- * instead of a byte array. This just converts the word64 to a byte array and
- * calls wc_AesXtsEncrypt.
- *
- * aes    AES keys to use for block encrypt/decrypt
- * out    output buffer to hold cipher text
- * in     input plain text buffer to encrypt
- * sz     size of both out and in buffers
- * sector value to use for tweak
- *
- * returns 0 on success
- */
-int wc_AesXtsEncryptSector(XtsAes* aes, byte* out, const byte* in,
-        word32 sz, word64 sector)
-{
-    byte* pt;
-    byte  i[WC_AES_BLOCK_SIZE];
-
-    XMEMSET(i, 0, WC_AES_BLOCK_SIZE);
-#ifdef BIG_ENDIAN_ORDER
-    sector = ByteReverseWord64(sector);
-#endif
-    pt = (byte*)&sector;
-    XMEMCPY(i, pt, sizeof(word64));
-
-    return wc_AesXtsEncrypt(aes, out, in, sz, (const byte*)i, WC_AES_BLOCK_SIZE);
-}
-
-#ifdef HAVE_AES_DECRYPT
-/* Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak value
- * instead of a byte array. This just converts the word64 to a byte array.
- *
- * aes    AES keys to use for block encrypt/decrypt
- * out    output buffer to hold plain text
- * in     input cipher text buffer to encrypt
- * sz     size of both out and in buffers
- * sector value to use for tweak
- *
- * returns 0 on success
- */
-int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz,
-        word64 sector)
-{
-    byte* pt;
-    byte  i[WC_AES_BLOCK_SIZE];
-
-    XMEMSET(i, 0, WC_AES_BLOCK_SIZE);
-#ifdef BIG_ENDIAN_ORDER
-    sector = ByteReverseWord64(sector);
-#endif
-    pt = (byte*)&sector;
-    XMEMCPY(i, pt, sizeof(word64));
-
-    return wc_AesXtsDecrypt(aes, out, in, sz, (const byte*)i, WC_AES_BLOCK_SIZE);
-}
-#endif
-
-#ifdef WOLFSSL_AESNI
-
-#if defined(USE_INTEL_SPEEDUP_FOR_AES) && !defined(USE_INTEL_SPEEDUP)
-    #define USE_INTEL_SPEEDUP
-#endif
-
-#if defined(USE_INTEL_SPEEDUP)
-    #define HAVE_INTEL_AVX1
-    #define HAVE_INTEL_AVX2
-#endif /* USE_INTEL_SPEEDUP */
-
-void AES_XTS_encrypt_aesni(const unsigned char *in, unsigned char *out, word32 sz,
-                     const unsigned char* i, const unsigned char* key,
-                     const unsigned char* key2, int nr)
-                     XASM_LINK("AES_XTS_encrypt_aesni");
-#ifdef WOLFSSL_AESXTS_STREAM
-void AES_XTS_init_aesni(unsigned char* i, const unsigned char* tweak_key,
-                     int tweak_nr)
-                     XASM_LINK("AES_XTS_init_aesni");
-void AES_XTS_encrypt_update_aesni(const unsigned char *in, unsigned char *out, word32 sz,
-                     const unsigned char* key, unsigned char *i, int nr)
-                     XASM_LINK("AES_XTS_encrypt_update_aesni");
-#endif
-#ifdef HAVE_INTEL_AVX1
-void AES_XTS_encrypt_avx1(const unsigned char *in, unsigned char *out,
-                     word32 sz, const unsigned char* i,
-                     const unsigned char* key, const unsigned char* key2,
-                     int nr)
-                     XASM_LINK("AES_XTS_encrypt_avx1");
-#ifdef WOLFSSL_AESXTS_STREAM
-void AES_XTS_init_avx1(unsigned char* i, const unsigned char* tweak_key,
-                     int tweak_nr)
-                     XASM_LINK("AES_XTS_init_avx1");
-void AES_XTS_encrypt_update_avx1(const unsigned char *in, unsigned char *out, word32 sz,
-                     const unsigned char* key, unsigned char *i, int nr)
-                     XASM_LINK("AES_XTS_encrypt_update_avx1");
-#endif
-#endif /* HAVE_INTEL_AVX1 */
-
-#ifdef HAVE_AES_DECRYPT
-void AES_XTS_decrypt_aesni(const unsigned char *in, unsigned char *out, word32 sz,
-                     const unsigned char* i, const unsigned char* key,
-                     const unsigned char* key2, int nr)
-                     XASM_LINK("AES_XTS_decrypt_aesni");
-#ifdef WOLFSSL_AESXTS_STREAM
-void AES_XTS_decrypt_update_aesni(const unsigned char *in, unsigned char *out, word32 sz,
-                     const unsigned char* key, unsigned char *i, int nr)
-                     XASM_LINK("AES_XTS_decrypt_update_aesni");
-#endif
-#ifdef HAVE_INTEL_AVX1
-void AES_XTS_decrypt_avx1(const unsigned char *in, unsigned char *out,
-                     word32 sz, const unsigned char* i,
-                     const unsigned char* key, const unsigned char* key2,
-                     int nr)
-                     XASM_LINK("AES_XTS_decrypt_avx1");
-#ifdef WOLFSSL_AESXTS_STREAM
-void AES_XTS_decrypt_update_avx1(const unsigned char *in, unsigned char *out, word32 sz,
-                     const unsigned char* key, unsigned char *i, int nr)
-                     XASM_LINK("AES_XTS_decrypt_update_avx1");
-#endif
-#endif /* HAVE_INTEL_AVX1 */
-#endif /* HAVE_AES_DECRYPT */
-
-#endif /* WOLFSSL_AESNI */
-
-#ifdef HAVE_AES_ECB
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM) || \
-      defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-/* helper function for encrypting / decrypting full buffer at once */
-static WARN_UNUSED_RESULT int _AesXtsHelper(
-    Aes* aes, byte* out, const byte* in, word32 sz, int dir)
-{
-    word32 outSz   = sz;
-    word32 totalSz = (sz / WC_AES_BLOCK_SIZE) * WC_AES_BLOCK_SIZE; /* total bytes */
-    byte*  pt      = out;
-
-    outSz -= WC_AES_BLOCK_SIZE;
-
-    while (outSz > 0) {
-        word32 j;
-        byte carry = 0;
-
-        /* multiply by shift left and propagate carry */
-        for (j = 0; j < WC_AES_BLOCK_SIZE && outSz > 0; j++, outSz--) {
-            byte tmpC;
-
-            tmpC   = (pt[j] >> 7) & 0x01;
-            pt[j+WC_AES_BLOCK_SIZE] = (byte)((pt[j] << 1) + carry);
-            carry  = tmpC;
-        }
-        if (carry) {
-            pt[WC_AES_BLOCK_SIZE] ^= GF_XTS;
-        }
-
-        pt += WC_AES_BLOCK_SIZE;
-    }
-
-    xorbuf(out, in, totalSz);
-#ifndef WOLFSSL_RISCV_ASM
-    if (dir == AES_ENCRYPTION) {
-        return _AesEcbEncrypt(aes, out, out, totalSz);
-    }
-    else {
-        return _AesEcbDecrypt(aes, out, out, totalSz);
-    }
-#else
-    if (dir == AES_ENCRYPTION) {
-        return wc_AesEcbEncrypt(aes, out, out, totalSz);
-    }
-    else {
-        return wc_AesEcbDecrypt(aes, out, out, totalSz);
-    }
-#endif
-}
-#endif
-#endif /* HAVE_AES_ECB */
-
-/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold cipher text
- * in    input plain text buffer to encrypt
- * sz    size of both out and in buffers
- * i     value to use for tweak
- *
- * returns 0 on success
- */
-/* Software AES - XTS Encrypt  */
-
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM) || \
-      defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in,
-                                  word32 sz,
-                                  byte *i);
-static int AesXtsEncrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-        const byte* i)
-{
-    int ret;
-    byte tweak_block[WC_AES_BLOCK_SIZE];
-
-    ret = wc_AesEncryptDirect(&xaes->tweak, tweak_block, i);
-    if (ret != 0)
-        return ret;
-
-    return AesXtsEncryptUpdate_sw(xaes, out, in, sz, tweak_block);
-}
-
-#ifdef WOLFSSL_AESXTS_STREAM
-
-/* Block-streaming AES-XTS tweak setup.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * i     readwrite value to use for tweak
- *
- * returns 0 on success
- */
-static int AesXtsInitTweak_sw(XtsAes* xaes, byte* i) {
-    return wc_AesEncryptDirect(&xaes->tweak, i, i);
-}
-
-#endif /* WOLFSSL_AESXTS_STREAM */
-
-/* Block-streaming AES-XTS.
- *
- * Supply block-aligned input data with successive calls.  Final call need not
- * be block aligned.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold cipher text
- * in    input plain text buffer to encrypt
- * sz    size of both out and in buffers
- *
- * returns 0 on success
- */
-/* Software AES - XTS Encrypt  */
-static int AesXtsEncryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in,
-                                  word32 sz,
-                                  byte *i)
-{
-    int ret = 0;
-    word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-    Aes *aes = &xaes->aes;
-
-#ifdef HAVE_AES_ECB
-    /* encrypt all of buffer at once when possible */
-    if (in != out) { /* can not handle inline */
-        XMEMCPY(out, i, WC_AES_BLOCK_SIZE);
-        if ((ret = _AesXtsHelper(aes, out, in, sz, AES_ENCRYPTION)) != 0)
-            return ret;
-    }
-#endif
-
-    while (blocks > 0) {
-        word32 j;
-        byte carry = 0;
-
-#ifdef HAVE_AES_ECB
-        if (in == out)
-#endif
-        { /* check for if inline */
-            byte buf[WC_AES_BLOCK_SIZE];
-
-            XMEMCPY(buf, in, WC_AES_BLOCK_SIZE);
-            xorbuf(buf, i, WC_AES_BLOCK_SIZE);
-            ret = wc_AesEncryptDirect(aes, out, buf);
-            if (ret != 0)
-                return ret;
-        }
-        xorbuf(out, i, WC_AES_BLOCK_SIZE);
-
-        /* multiply by shift left and propagate carry */
-        for (j = 0; j < WC_AES_BLOCK_SIZE; j++) {
-            byte tmpC;
-
-            tmpC   = (i[j] >> 7) & 0x01;
-            i[j] = (byte)((i[j] << 1) + carry);
-            carry  = tmpC;
-        }
-        if (carry) {
-            i[0] ^= GF_XTS;
-        }
-
-        in  += WC_AES_BLOCK_SIZE;
-        out += WC_AES_BLOCK_SIZE;
-        sz  -= WC_AES_BLOCK_SIZE;
-        blocks--;
-    }
-
-    /* stealing operation of XTS to handle left overs */
-    if (sz > 0) {
-        byte buf[WC_AES_BLOCK_SIZE];
-
-        XMEMCPY(buf, out - WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-        if (sz >= WC_AES_BLOCK_SIZE) { /* extra sanity check before copy */
-            return BUFFER_E;
-        }
-        if (in != out) {
-            XMEMCPY(out, buf, sz);
-            XMEMCPY(buf, in, sz);
-        }
-        else {
-            byte buf2[WC_AES_BLOCK_SIZE];
-
-            XMEMCPY(buf2, buf, sz);
-            XMEMCPY(buf, in, sz);
-            XMEMCPY(out, buf2, sz);
-        }
-
-        xorbuf(buf, i, WC_AES_BLOCK_SIZE);
-        ret = wc_AesEncryptDirect(aes, out - WC_AES_BLOCK_SIZE, buf);
-        if (ret == 0)
-            xorbuf(out - WC_AES_BLOCK_SIZE, i, WC_AES_BLOCK_SIZE);
-    }
-
-    return ret;
-}
-#endif
-
-/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold cipher text
- * in    input plain text buffer to encrypt
- * sz    size of both out and in buffers
- * i     value to use for tweak
- * iSz   size of i buffer, should always be WC_AES_BLOCK_SIZE but having this input
- *       adds a sanity check on how the user calls the function.
- *
- * returns 0 on success
- */
-int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-        const byte* i, word32 iSz)
-{
-    int ret;
-
-    Aes *aes;
-
-    if (xaes == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if FIPS_VERSION3_GE(6,0,0)
-    /* SP800-38E - Restrict data unit to 2^20 blocks per key. A block is
-     * WC_AES_BLOCK_SIZE or 16-bytes (128-bits). So each key may only be used to
-     * protect up to 1,048,576 blocks of WC_AES_BLOCK_SIZE (16,777,216 bytes)
-     */
-    if (sz > FIPS_AES_XTS_MAX_BYTES_PER_TWEAK) {
-        WOLFSSL_MSG("Request exceeds allowed bytes per SP800-38E");
-        return BAD_FUNC_ARG;
-    }
-#endif
-
-    aes = &xaes->aes;
-
-    if (aes->keylen == 0) {
-        WOLFSSL_MSG("wc_AesXtsEncrypt called with unset encryption key.");
-        return BAD_FUNC_ARG;
-    }
-
-    if (iSz < WC_AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz < WC_AES_BLOCK_SIZE) {
-        WOLFSSL_MSG("Plain text input too small for encryption");
-        return BAD_FUNC_ARG;
-    }
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    AES_XTS_encrypt_AARCH32(in, out, sz, i, (byte*)xaes->aes.key,
-        (byte*)xaes->tweak.key, (byte*)xaes->aes.tmp, xaes->aes.rounds);
-    ret = 0;
-#else
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#if defined(HAVE_INTEL_AVX1)
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_XTS_encrypt_avx1(in, out, sz, i,
-                                 (const byte*)aes->key,
-                                 (const byte*)xaes->tweak.key,
-                                 (int)aes->rounds);
-            ret = 0;
-        }
-        else
-#endif
-        {
-            AES_XTS_encrypt_aesni(in, out, sz, i,
-                                  (const byte*)aes->key,
-                                  (const byte*)xaes->tweak.key,
-                                  (int)aes->rounds);
-            ret = 0;
-        }
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto) {
-        AES_XTS_encrypt_AARCH64(in, out, sz, i, (byte*)xaes->aes.key,
-            (byte*)xaes->tweak.key, (byte*)xaes->aes.tmp, xaes->aes.rounds);
-        ret = 0;
-    }
-    else
-#endif
-    {
-        ret = AesXtsEncrypt_sw(xaes, out, in, sz, i);
-    }
-#endif
-
-    return ret;
-}
-
-#ifdef WOLFSSL_AESXTS_STREAM
-
-/* Block-streaming AES-XTS.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * i     readwrite value to use for tweak
- * iSz   size of i buffer, should always be WC_AES_BLOCK_SIZE but having this input
- *       adds a sanity check on how the user calls the function.
- *
- * returns 0 on success
- */
-int wc_AesXtsEncryptInit(XtsAes* xaes, const byte* i, word32 iSz,
-                         struct XtsAesStreamData *stream)
-{
-    int ret;
-
-    Aes *aes;
-
-    if ((xaes == NULL) || (i == NULL) || (stream == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (iSz < WC_AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    aes = &xaes->aes;
-
-    if (aes->keylen == 0) {
-        WOLFSSL_MSG("wc_AesXtsEncrypt called with unset encryption key.");
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(stream->tweak_block, i, WC_AES_BLOCK_SIZE);
-    stream->bytes_crypted_with_this_tweak = 0;
-
-    {
-#ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#if defined(HAVE_INTEL_AVX1)
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_XTS_init_avx1(stream->tweak_block,
-                                  (const byte*)xaes->tweak.key,
-                                  (int)xaes->tweak.rounds);
-                ret = 0;
-            }
-            else
-#endif
-            {
-                AES_XTS_init_aesni(stream->tweak_block,
-                                   (const byte*)xaes->tweak.key,
-                                   (int)xaes->tweak.rounds);
-                ret = 0;
-            }
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* WOLFSSL_AESNI */
-        {
-            ret = AesXtsInitTweak_sw(xaes, stream->tweak_block);
-        }
-    }
-
-    return ret;
-}
-
-/* Block-streaming AES-XTS
- *
- * Note that sz must be >= WC_AES_BLOCK_SIZE in each call, and must be a multiple
- * of WC_AES_BLOCK_SIZE in each call to wc_AesXtsEncryptUpdate().
- * wc_AesXtsEncryptFinal() can handle any length >= WC_AES_BLOCK_SIZE.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold cipher text
- * in    input plain text buffer to encrypt
- * sz    size of both out and in buffers -- must be >= WC_AES_BLOCK_SIZE.
- * i     value to use for tweak
- * iSz   size of i buffer, should always be WC_AES_BLOCK_SIZE but having this input
- *       adds a sanity check on how the user calls the function.
- *
- * returns 0 on success
- */
-static int AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-                           struct XtsAesStreamData *stream)
-{
-    int ret;
-
-#ifdef WOLFSSL_AESNI
-    Aes *aes;
-#endif
-
-    if (xaes == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_AESNI
-    aes = &xaes->aes;
-#endif
-
-    if (sz < WC_AES_BLOCK_SIZE) {
-        WOLFSSL_MSG("Plain text input too small for encryption");
-        return BAD_FUNC_ARG;
-    }
-
-    if (stream->bytes_crypted_with_this_tweak & ((word32)WC_AES_BLOCK_SIZE - 1U))
-    {
-        WOLFSSL_MSG("Call to AesXtsEncryptUpdate after previous finalizing call");
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
-    if (! WC_SAFE_SUM_WORD32(stream->bytes_crypted_with_this_tweak, sz,
-                             stream->bytes_crypted_with_this_tweak))
-    {
-        WOLFSSL_MSG("Overflow of stream->bytes_crypted_with_this_tweak "
-                    "in AesXtsEncryptUpdate().");
-    }
-#endif
-#if FIPS_VERSION3_GE(6,0,0)
-    /* SP800-38E - Restrict data unit to 2^20 blocks per key. A block is
-     * WC_AES_BLOCK_SIZE or 16-bytes (128-bits). So each key may only be used to
-     * protect up to 1,048,576 blocks of WC_AES_BLOCK_SIZE (16,777,216 bytes)
-     */
-    if (stream->bytes_crypted_with_this_tweak >
-        FIPS_AES_XTS_MAX_BYTES_PER_TWEAK)
-    {
-        WOLFSSL_MSG("Request exceeds allowed bytes per SP800-38E");
-        return BAD_FUNC_ARG;
-    }
-#endif
-    {
-#ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#if defined(HAVE_INTEL_AVX1)
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_XTS_encrypt_update_avx1(in, out, sz,
-                                            (const byte*)aes->key,
-                                            stream->tweak_block,
-                                            (int)aes->rounds);
-                ret = 0;
-            }
-            else
-#endif
-            {
-                AES_XTS_encrypt_update_aesni(in, out, sz,
-                                            (const byte*)aes->key,
-                                            stream->tweak_block,
-                                            (int)aes->rounds);
-                ret = 0;
-            }
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* WOLFSSL_AESNI */
-        {
-            ret = AesXtsEncryptUpdate_sw(xaes, out, in, sz, stream->tweak_block);
-        }
-    }
-
-    return ret;
-}
-
-int wc_AesXtsEncryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-                           struct XtsAesStreamData *stream)
-{
-    if (stream == NULL)
-        return BAD_FUNC_ARG;
-    if (sz & ((word32)WC_AES_BLOCK_SIZE - 1U))
-        return BAD_FUNC_ARG;
-    return AesXtsEncryptUpdate(xaes, out, in, sz, stream);
-}
-
-int wc_AesXtsEncryptFinal(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-                           struct XtsAesStreamData *stream)
-{
-    int ret;
-    if (stream == NULL)
-        return BAD_FUNC_ARG;
-    if (sz > 0)
-        ret = AesXtsEncryptUpdate(xaes, out, in, sz, stream);
-    else
-        ret = 0;
-    /* force the count odd, to assure error on attempt to AesXtsEncryptUpdate()
-     * after finalization.
-     */
-    stream->bytes_crypted_with_this_tweak |= 1U;
-    ForceZero(stream->tweak_block, WC_AES_BLOCK_SIZE);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(stream->tweak_block, WC_AES_BLOCK_SIZE);
-#endif
-    return ret;
-}
-
-#endif /* WOLFSSL_AESXTS_STREAM */
-
-#ifdef HAVE_AES_DECRYPT
-
-/* Same process as encryption but use aes_decrypt key.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold plain text
- * in    input cipher text buffer to decrypt
- * sz    size of both out and in buffers
- * i     value to use for tweak
- *
- * returns 0 on success
- */
-/* Software AES - XTS Decrypt */
-
-#if defined(__aarch64__) || !defined(WOLFSSL_ARMASM) || \
-      defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in,
-                                  word32 sz, byte *i);
-
-static int AesXtsDecrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-        const byte* i)
-{
-    int ret;
-    byte tweak_block[WC_AES_BLOCK_SIZE];
-
-    ret = wc_AesEncryptDirect(&xaes->tweak, tweak_block, i);
-    if (ret != 0)
-        return ret;
-
-    return AesXtsDecryptUpdate_sw(xaes, out, in, sz, tweak_block);
-}
-
-/* Block-streaming AES-XTS.
- *
- * Same process as encryption but use decrypt key.
- *
- * Supply block-aligned input data with successive calls.  Final call need not
- * be block aligned.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold plain text
- * in    input cipher text buffer to decrypt
- * sz    size of both out and in buffers
- * i     value to use for tweak
- *
- * returns 0 on success
- */
-/* Software AES - XTS Decrypt */
-static int AesXtsDecryptUpdate_sw(XtsAes* xaes, byte* out, const byte* in,
-                                  word32 sz, byte *i)
-{
-    int ret = 0;
-    word32 blocks = (sz / WC_AES_BLOCK_SIZE);
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-    Aes *aes = &xaes->aes_decrypt;
-#else
-    Aes *aes = &xaes->aes;
-#endif
-    word32 j;
-    byte carry = 0;
-    byte stl = (sz % WC_AES_BLOCK_SIZE);
-
-    /* if Stealing then break out of loop one block early to handle special
-     * case */
-    if (stl > 0) {
-        blocks--;
-    }
-
-#ifdef HAVE_AES_ECB
-    /* decrypt all of buffer at once when possible */
-    if (in != out) { /* can not handle inline */
-        XMEMCPY(out, i, WC_AES_BLOCK_SIZE);
-        if ((ret = _AesXtsHelper(aes, out, in, sz, AES_DECRYPTION)) != 0)
-            return ret;
-    }
-#endif
-
-    while (blocks > 0) {
-#ifdef HAVE_AES_ECB
-        if (in == out)
-#endif
-        { /* check for if inline */
-            byte buf[WC_AES_BLOCK_SIZE];
-
-            XMEMCPY(buf, in, WC_AES_BLOCK_SIZE);
-            xorbuf(buf, i, WC_AES_BLOCK_SIZE);
-            ret = wc_AesDecryptDirect(aes, out, buf);
-            if (ret != 0)
-                return ret;
-        }
-        xorbuf(out, i, WC_AES_BLOCK_SIZE);
-
-        /* multiply by shift left and propagate carry */
-        for (j = 0; j < WC_AES_BLOCK_SIZE; j++) {
-            byte tmpC;
-
-            tmpC   = (i[j] >> 7) & 0x01;
-            i[j] = (byte)((i[j] << 1) + carry);
-            carry  = tmpC;
-        }
-        if (carry) {
-            i[0] ^= GF_XTS;
-        }
-        carry = 0;
-
-        in  += WC_AES_BLOCK_SIZE;
-        out += WC_AES_BLOCK_SIZE;
-        sz  -= WC_AES_BLOCK_SIZE;
-        blocks--;
-    }
-
-    /* stealing operation of XTS to handle left overs */
-    if (sz >= WC_AES_BLOCK_SIZE) {
-        byte buf[WC_AES_BLOCK_SIZE];
-        byte tmp2[WC_AES_BLOCK_SIZE];
-
-        /* multiply by shift left and propagate carry */
-        for (j = 0; j < WC_AES_BLOCK_SIZE; j++) {
-            byte tmpC;
-
-            tmpC   = (i[j] >> 7) & 0x01;
-            tmp2[j] = (byte)((i[j] << 1) + carry);
-            carry  = tmpC;
-        }
-        if (carry) {
-            tmp2[0] ^= GF_XTS;
-        }
-
-        XMEMCPY(buf, in, WC_AES_BLOCK_SIZE);
-        xorbuf(buf, tmp2, WC_AES_BLOCK_SIZE);
-        ret = wc_AesDecryptDirect(aes, out, buf);
-        if (ret != 0)
-            return ret;
-        xorbuf(out, tmp2, WC_AES_BLOCK_SIZE);
-
-        /* tmp2 holds partial | last */
-        XMEMCPY(tmp2, out, WC_AES_BLOCK_SIZE);
-        in  += WC_AES_BLOCK_SIZE;
-        out += WC_AES_BLOCK_SIZE;
-        sz  -= WC_AES_BLOCK_SIZE;
-
-        /* Make buffer with end of cipher text | last */
-        XMEMCPY(buf, tmp2, WC_AES_BLOCK_SIZE);
-        if (sz >= WC_AES_BLOCK_SIZE) { /* extra sanity check before copy */
-            return BUFFER_E;
-        }
-        XMEMCPY(buf, in,   sz);
-        XMEMCPY(out, tmp2, sz);
-
-        xorbuf(buf, i, WC_AES_BLOCK_SIZE);
-        ret = wc_AesDecryptDirect(aes, tmp2, buf);
-        if (ret != 0)
-            return ret;
-        xorbuf(tmp2, i, WC_AES_BLOCK_SIZE);
-        XMEMCPY(out - WC_AES_BLOCK_SIZE, tmp2, WC_AES_BLOCK_SIZE);
-    }
-
-    return ret;
-}
-#endif
-
-/* Same process as encryption but Aes key is AES_DECRYPTION type.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold plain text
- * in    input cipher text buffer to decrypt
- * sz    size of both out and in buffers
- * i     value to use for tweak
- * iSz   size of i buffer, should always be WC_AES_BLOCK_SIZE but having this input
- *       adds a sanity check on how the user calls the function.
- *
- * returns 0 on success
- */
-int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-        const byte* i, word32 iSz)
-{
-    int ret;
-    Aes *aes;
-
-    if (xaes == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-    aes = &xaes->aes_decrypt;
-#else
-    aes = &xaes->aes;
-#endif
-
-/* FIPS TODO: SP800-38E - Restrict data unit to 2^20 blocks per key. A block is
- * WC_AES_BLOCK_SIZE or 16-bytes (128-bits). So each key may only be used to
- * protect up to 1,048,576 blocks of WC_AES_BLOCK_SIZE (16,777,216 bytes or
- * 134,217,728-bits) Add helpful printout and message along with BAD_FUNC_ARG
- * return whenever sz / WC_AES_BLOCK_SIZE > 1,048,576 or equal to that and sz is
- * not a sequence of complete blocks.
- */
-
-    if (aes->keylen == 0) {
-        WOLFSSL_MSG("wc_AesXtsDecrypt called with unset decryption key.");
-        return BAD_FUNC_ARG;
-    }
-
-    if (iSz < WC_AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz < WC_AES_BLOCK_SIZE) {
-        WOLFSSL_MSG("Cipher text input too small for decryption");
-        return BAD_FUNC_ARG;
-    }
-
-#if !defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    AES_XTS_decrypt_AARCH32(in, out, sz, i, (byte*)xaes->aes.key,
-        (byte*)xaes->tweak.key, (byte*)xaes->aes.tmp, xaes->aes.rounds);
-    ret = 0;
-#else
-#ifdef WOLFSSL_AESNI
-    if (aes->use_aesni) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#if defined(HAVE_INTEL_AVX1)
-        if (IS_INTEL_AVX1(intel_flags)) {
-            AES_XTS_decrypt_avx1(in, out, sz, i,
-                                 (const byte*)aes->key,
-                                 (const byte*)xaes->tweak.key,
-                                 (int)aes->rounds);
-            ret = 0;
-        }
-        else
-#endif
-        {
-            AES_XTS_decrypt_aesni(in, out, sz, i,
-                                  (const byte*)aes->key,
-                                  (const byte*)xaes->tweak.key,
-                                  (int)aes->rounds);
-            ret = 0;
-        }
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#elif defined(__aarch64__) && defined(WOLFSSL_ARMASM) && \
-      !defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
-    if (aes->use_aes_hw_crypto) {
-        AES_XTS_decrypt_AARCH64(in, out, sz, i, (byte*)xaes->aes.key,
-            (byte*)xaes->tweak.key, (byte*)xaes->aes.tmp, xaes->aes.rounds);
-        ret = 0;
-    }
-    else
-#endif
-    {
-        ret = AesXtsDecrypt_sw(xaes, out, in, sz, i);
-    }
-#endif
-
-    return ret;
-}
-
-#ifdef WOLFSSL_AESXTS_STREAM
-
-/* Same process as encryption but Aes key is AES_DECRYPTION type.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * i     readwrite value to use for tweak
- * iSz   size of i buffer, should always be WC_AES_BLOCK_SIZE but having this input
- *       adds a sanity check on how the user calls the function.
- *
- * returns 0 on success
- */
-int wc_AesXtsDecryptInit(XtsAes* xaes, const byte* i, word32 iSz,
-                         struct XtsAesStreamData *stream)
-{
-    int ret;
-    Aes *aes;
-
-    if (xaes == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-    aes = &xaes->aes_decrypt;
-#else
-    aes = &xaes->aes;
-#endif
-
-    if (aes->keylen == 0) {
-        WOLFSSL_MSG("wc_AesXtsDecrypt called with unset decryption key.");
-        return BAD_FUNC_ARG;
-    }
-
-    if (iSz < WC_AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(stream->tweak_block, i, WC_AES_BLOCK_SIZE);
-    stream->bytes_crypted_with_this_tweak = 0;
-
-    {
-#ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#if defined(HAVE_INTEL_AVX1)
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_XTS_init_avx1(stream->tweak_block,
-                                  (const byte*)xaes->tweak.key,
-                                  (int)xaes->tweak.rounds);
-                ret = 0;
-            }
-            else
-#endif
-            {
-                AES_XTS_init_aesni(stream->tweak_block,
-                                   (const byte*)xaes->tweak.key,
-                                   (int)xaes->tweak.rounds);
-                ret = 0;
-            }
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* WOLFSSL_AESNI */
-        {
-            ret = AesXtsInitTweak_sw(xaes, stream->tweak_block);
-        }
-
-    }
-
-    return ret;
-}
-
-/* Block-streaming AES-XTS
- *
- * Note that sz must be >= WC_AES_BLOCK_SIZE in each call, and must be a multiple
- * of WC_AES_BLOCK_SIZE in each call to wc_AesXtsDecryptUpdate().
- * wc_AesXtsDecryptFinal() can handle any length >= WC_AES_BLOCK_SIZE.
- *
- * xaes  AES keys to use for block encrypt/decrypt
- * out   output buffer to hold plain text
- * in    input cipher text buffer to decrypt
- * sz    size of both out and in buffers
- * i     tweak buffer of size WC_AES_BLOCK_SIZE.
- *
- * returns 0 on success
- */
-static int AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-                           struct XtsAesStreamData *stream)
-{
-    int ret;
-#ifdef WOLFSSL_AESNI
-    Aes *aes;
-#endif
-
-    if (xaes == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_AESNI
-#ifdef WC_AES_XTS_SUPPORT_SIMULTANEOUS_ENC_AND_DEC_KEYS
-    aes = &xaes->aes_decrypt;
-#else
-    aes = &xaes->aes;
-#endif
-#endif
-
-    if (sz < WC_AES_BLOCK_SIZE) {
-        WOLFSSL_MSG("Cipher text input too small for decryption");
-        return BAD_FUNC_ARG;
-    }
-
-    if (stream->bytes_crypted_with_this_tweak &
-        ((word32)WC_AES_BLOCK_SIZE - 1U))
-    {
-        WOLFSSL_MSG("AesXtsDecryptUpdate after previous finalizing call");
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef WC_AESXTS_STREAM_NO_REQUEST_ACCOUNTING
-    if (! WC_SAFE_SUM_WORD32(stream->bytes_crypted_with_this_tweak, sz,
-                             stream->bytes_crypted_with_this_tweak))
-    {
-        WOLFSSL_MSG("Overflow of stream->bytes_crypted_with_this_tweak "
-                    "in AesXtsDecryptUpdate().");
-    }
-#endif
-
-    {
-#ifdef WOLFSSL_AESNI
-        if (aes->use_aesni) {
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#if defined(HAVE_INTEL_AVX1)
-            if (IS_INTEL_AVX1(intel_flags)) {
-                AES_XTS_decrypt_update_avx1(in, out, sz,
-                                            (const byte*)aes->key,
-                                            stream->tweak_block,
-                                            (int)aes->rounds);
-                ret = 0;
-            }
-            else
-#endif
-            {
-                AES_XTS_decrypt_update_aesni(in, out, sz,
-                                             (const byte*)aes->key,
-                                             stream->tweak_block,
-                                             (int)aes->rounds);
-                ret = 0;
-            }
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* WOLFSSL_AESNI */
-        {
-            ret = AesXtsDecryptUpdate_sw(xaes, out, in, sz,
-                                         stream->tweak_block);
-        }
-    }
-
-    return ret;
-}
-
-int wc_AesXtsDecryptUpdate(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-                           struct XtsAesStreamData *stream)
-{
-    if (stream == NULL)
-        return BAD_FUNC_ARG;
-    if (sz & ((word32)WC_AES_BLOCK_SIZE - 1U))
-        return BAD_FUNC_ARG;
-    return AesXtsDecryptUpdate(xaes, out, in, sz, stream);
-}
-
-int wc_AesXtsDecryptFinal(XtsAes* xaes, byte* out, const byte* in, word32 sz,
-                           struct XtsAesStreamData *stream)
-{
-    int ret;
-    if (stream == NULL)
-        return BAD_FUNC_ARG;
-    if (sz > 0)
-        ret = AesXtsDecryptUpdate(xaes, out, in, sz, stream);
-    else
-        ret = 0;
-    ForceZero(stream->tweak_block, WC_AES_BLOCK_SIZE);
-    /* force the count odd, to assure error on attempt to AesXtsEncryptUpdate()
-     * after finalization.
-     */
-    stream->bytes_crypted_with_this_tweak |= 1U;
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(stream->tweak_block, WC_AES_BLOCK_SIZE);
-#endif
-    return ret;
-}
-
-#endif /* WOLFSSL_AESXTS_STREAM */
-#endif /* HAVE_AES_DECRYPT */
-
-/* Same as wc_AesXtsEncryptSector but the sector gets incremented by one every
- * sectorSz bytes
- *
- * xaes     AES keys to use for block encrypt
- * out      output buffer to hold cipher text
- * in       input plain text buffer to encrypt
- * sz       size of both out and in buffers
- * sector   value to use for tweak
- * sectorSz size of the sector
- *
- * returns 0 on success
- */
-int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
-        word32 sz, word64 sector, word32 sectorSz)
-{
-    int ret  = 0;
-    word32 iter = 0;
-    word32 sectorCount;
-    word32 remainder;
-
-    if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz < WC_AES_BLOCK_SIZE) {
-        WOLFSSL_MSG("Cipher text input too small for encryption");
-        return BAD_FUNC_ARG;
-    }
-
-    sectorCount  = sz / sectorSz;
-    remainder = sz % sectorSz;
-
-    while (sectorCount) {
-        ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
-                in + (iter * sectorSz), sectorSz, sector);
-        if (ret != 0)
-            break;
-
-        sectorCount--;
-        iter++;
-        sector++;
-    }
-
-    if (remainder && ret == 0)
-        ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
-                in + (iter * sectorSz), remainder, sector);
-
-    return ret;
-}
-
-#ifdef HAVE_AES_DECRYPT
-
-/* Same as wc_AesXtsEncryptConsecutiveSectors but Aes key is AES_DECRYPTION type
- *
- * xaes     AES keys to use for block decrypt
- * out      output buffer to hold cipher text
- * in       input plain text buffer to encrypt
- * sz       size of both out and in buffers
- * sector   value to use for tweak
- * sectorSz size of the sector
- *
- * returns 0 on success
- */
-int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
-        word32 sz, word64 sector, word32 sectorSz)
-{
-    int ret  = 0;
-    word32 iter = 0;
-    word32 sectorCount;
-    word32 remainder;
-
-    if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz < WC_AES_BLOCK_SIZE) {
-        WOLFSSL_MSG("Cipher text input too small for decryption");
-        return BAD_FUNC_ARG;
-    }
-
-    sectorCount  = sz / sectorSz;
-    remainder = sz % sectorSz;
-
-    while (sectorCount) {
-        ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
-                in + (iter * sectorSz), sectorSz, sector);
-        if (ret != 0)
-            break;
-
-        sectorCount--;
-        iter++;
-        sector++;
-    }
-
-    if (remainder && ret == 0)
-        ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
-                in + (iter * sectorSz), remainder, sector);
-
-    return ret;
-}
-#endif /* HAVE_AES_DECRYPT */
-#endif /* WOLFSSL_AES_XTS */
-
-#ifdef WOLFSSL_AES_SIV
-
-/*
- * See RFC 5297 Section 2.4.
- */
-static WARN_UNUSED_RESULT int S2V(
-    const byte* key, word32 keySz, const AesSivAssoc* assoc, word32 numAssoc,
-    const byte* nonce, word32 nonceSz, const byte* data,
-    word32 dataSz, byte* out)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    byte* tmp[3] = {NULL, NULL, NULL};
-    int i;
-    Cmac* cmac;
-#else
-    byte tmp[3][WC_AES_BLOCK_SIZE];
-    Cmac cmac[1];
-#endif
-    word32 macSz = WC_AES_BLOCK_SIZE;
-    int ret = 0;
-    byte tmpi = 0;
-    word32 ai;
-    word32 zeroBytes;
-
-#ifdef WOLFSSL_SMALL_STACK
-    for (i = 0; i < 3; ++i) {
-        tmp[i] = (byte*)XMALLOC(WC_AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (tmp[i] == NULL) {
-            ret = MEMORY_E;
-            break;
-        }
-    }
-    if (ret == 0)
-#endif
-
-    if ((numAssoc > 126) || ((nonceSz > 0) && (numAssoc > 125))) {
-        /* See RFC 5297 Section 7. */
-        WOLFSSL_MSG("Maximum number of ADs (including the nonce) for AES SIV is"
-                    " 126.");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        XMEMSET(tmp[1], 0, WC_AES_BLOCK_SIZE);
-        XMEMSET(tmp[2], 0, WC_AES_BLOCK_SIZE);
-
-        ret = wc_AesCmacGenerate(tmp[0], &macSz, tmp[1], WC_AES_BLOCK_SIZE,
-                                 key, keySz);
-    }
-
-    if (ret == 0) {
-        /* Loop over authenticated associated data AD1..ADn */
-        for (ai = 0; ai < numAssoc; ++ai) {
-            ShiftAndXorRb(tmp[1-tmpi], tmp[tmpi]);
-            ret = wc_AesCmacGenerate(tmp[tmpi], &macSz, assoc[ai].assoc,
-                                     assoc[ai].assocSz, key, keySz);
-            if (ret != 0)
-                break;
-            xorbuf(tmp[1-tmpi], tmp[tmpi], WC_AES_BLOCK_SIZE);
-            tmpi = (byte)(1 - tmpi);
-        }
-
-        /* Add nonce as final AD. See RFC 5297 Section 3. */
-        if ((ret == 0) && (nonceSz > 0)) {
-            ShiftAndXorRb(tmp[1-tmpi], tmp[tmpi]);
-            ret = wc_AesCmacGenerate(tmp[tmpi], &macSz, nonce,
-                                     nonceSz, key, keySz);
-            if (ret == 0) {
-                xorbuf(tmp[1-tmpi], tmp[tmpi], WC_AES_BLOCK_SIZE);
-            }
-            tmpi = (byte)(1U - tmpi);
-        }
-
-        /* For simplicity of the remaining code, make sure the "final" result
-           is always in tmp[0]. */
-        if (tmpi == 1) {
-            XMEMCPY(tmp[0], tmp[1], WC_AES_BLOCK_SIZE);
-        }
-    }
-
-    if (ret == 0) {
-        if (dataSz >= WC_AES_BLOCK_SIZE) {
-
-            WC_ALLOC_VAR_EX(cmac, Cmac, 1, NULL, DYNAMIC_TYPE_CMAC,
-                ret=MEMORY_E);
-            if (WC_VAR_OK(cmac))
-            {
-            #ifdef WOLFSSL_CHECK_MEM_ZERO
-                /* Aes part is checked by wc_AesFree. */
-                wc_MemZero_Add("wc_AesCmacGenerate cmac",
-                    ((unsigned char *)cmac) + sizeof(Aes),
-                    sizeof(Cmac) - sizeof(Aes));
-            #endif
-                xorbuf(tmp[0], data + (dataSz - WC_AES_BLOCK_SIZE),
-                       WC_AES_BLOCK_SIZE);
-                ret = wc_InitCmac(cmac, key, keySz, WC_CMAC_AES, NULL);
-                if (ret == 0) {
-                    ret = wc_CmacUpdate(cmac, data, dataSz - WC_AES_BLOCK_SIZE);
-                }
-                if (ret == 0) {
-                    ret = wc_CmacUpdate(cmac, tmp[0], WC_AES_BLOCK_SIZE);
-                }
-                if (ret == 0) {
-                    ret = wc_CmacFinal(cmac, out, &macSz);
-                }
-            }
-        #ifdef WOLFSSL_SMALL_STACK
-            XFREE(cmac, NULL, DYNAMIC_TYPE_CMAC);
-        #elif defined(WOLFSSL_CHECK_MEM_ZERO)
-            wc_MemZero_Check(cmac, sizeof(Cmac));
-        #endif
-        }
-        else {
-            XMEMCPY(tmp[2], data, dataSz);
-            tmp[2][dataSz] |= 0x80;
-            zeroBytes = WC_AES_BLOCK_SIZE - (dataSz + 1);
-            if (zeroBytes != 0) {
-                XMEMSET(tmp[2] + dataSz + 1, 0, zeroBytes);
-            }
-            ShiftAndXorRb(tmp[1], tmp[0]);
-            xorbuf(tmp[1], tmp[2], WC_AES_BLOCK_SIZE);
-            ret = wc_AesCmacGenerate(out, &macSz, tmp[1], WC_AES_BLOCK_SIZE, key,
-                                     keySz);
-        }
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    for (i = 0; i < 3; ++i) {
-        if (tmp[i] != NULL) {
-            XFREE(tmp[i], NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-#endif
-
-    return ret;
-}
-
-static WARN_UNUSED_RESULT int AesSivCipher(
-    const byte* key, word32 keySz, const AesSivAssoc* assoc,
-    word32 numAssoc, const byte* nonce, word32 nonceSz,
-    const byte* data, word32 dataSz, byte* siv, byte* out,
-    int enc)
-{
-    int ret = 0;
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    byte sivTmp[WC_AES_BLOCK_SIZE];
-
-    if (key == NULL || siv == NULL || out == NULL) {
-        WOLFSSL_MSG("Bad parameter");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0 && keySz != 32 && keySz != 48 && keySz != 64) {
-        WOLFSSL_MSG("Bad key size. Must be 256, 384, or 512 bits.");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (enc == 1) {
-            ret = S2V(key, keySz / 2, assoc, numAssoc, nonce, nonceSz, data,
-                      dataSz, sivTmp);
-            if (ret != 0) {
-                WOLFSSL_MSG("S2V failed.");
-            }
-            else {
-                XMEMCPY(siv, sivTmp, WC_AES_BLOCK_SIZE);
-            }
-        }
-        else {
-            XMEMCPY(sivTmp, siv, WC_AES_BLOCK_SIZE);
-        }
-    }
-
-    if (ret == 0) {
-#ifdef WOLFSSL_SMALL_STACK
-        aes = wc_AesNew(NULL, INVALID_DEVID, &ret);
-#else
-        ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-#endif
-        if (ret != 0) {
-            WOLFSSL_MSG("Failed to initialized AES object.");
-        }
-    }
-
-    if (ret == 0 && dataSz > 0) {
-        sivTmp[12] &= 0x7f;
-        sivTmp[8] &= 0x7f;
-        ret = wc_AesSetKey(aes, key + keySz / 2, keySz / 2, sivTmp,
-                           AES_ENCRYPTION);
-        if (ret != 0) {
-            WOLFSSL_MSG("Failed to set key for AES-CTR.");
-        }
-        else {
-            ret = wc_AesCtrEncrypt(aes, out, data, dataSz);
-            if (ret != 0) {
-                WOLFSSL_MSG("AES-CTR encryption failed.");
-            }
-        }
-    }
-
-    if (ret == 0 && enc == 0) {
-        ret = S2V(key, keySz / 2, assoc, numAssoc, nonce, nonceSz, out, dataSz,
-                  sivTmp);
-        if (ret != 0) {
-            WOLFSSL_MSG("S2V failed.");
-        }
-
-        if (XMEMCMP(siv, sivTmp, WC_AES_BLOCK_SIZE) != 0) {
-            WOLFSSL_MSG("Computed SIV doesn't match received SIV.");
-            ret = AES_SIV_AUTH_E;
-        }
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(aes, NULL);
-#else
-    wc_AesFree(aes);
-#endif
-
-    return ret;
-}
-
-/*
- * See RFC 5297 Section 2.6.
- */
-int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
-                     word32 assocSz, const byte* nonce, word32 nonceSz,
-                     const byte* in, word32 inSz, byte* siv, byte* out)
-{
-    AesSivAssoc ad;
-    ad.assoc = assoc;
-    ad.assocSz = assocSz;
-    return AesSivCipher(key, keySz, &ad, 1U, nonce, nonceSz, in, inSz,
-                        siv, out, 1);
-}
-
-/*
- * See RFC 5297 Section 2.7.
- */
-int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
-                     word32 assocSz, const byte* nonce, word32 nonceSz,
-                     const byte* in, word32 inSz, byte* siv, byte* out)
-{
-    AesSivAssoc ad;
-    ad.assoc = assoc;
-    ad.assocSz = assocSz;
-    return AesSivCipher(key, keySz, &ad, 1U, nonce, nonceSz, in, inSz,
-                        siv, out, 0);
-}
-
-/*
- * See RFC 5297 Section 2.6.
- */
-int wc_AesSivEncrypt_ex(const byte* key, word32 keySz, const AesSivAssoc* assoc,
-                        word32 numAssoc, const byte* nonce, word32 nonceSz,
-                        const byte* in, word32 inSz, byte* siv, byte* out)
-{
-    return AesSivCipher(key, keySz, assoc, numAssoc, nonce, nonceSz, in, inSz,
-                        siv, out, 1);
-}
-
-/*
- * See RFC 5297 Section 2.7.
- */
-int wc_AesSivDecrypt_ex(const byte* key, word32 keySz, const AesSivAssoc* assoc,
-                        word32 numAssoc, const byte* nonce, word32 nonceSz,
-                        const byte* in, word32 inSz, byte* siv, byte* out)
-{
-    return AesSivCipher(key, keySz, assoc, numAssoc, nonce, nonceSz, in, inSz,
-                        siv, out, 0);
-}
-
-#endif /* WOLFSSL_AES_SIV */
-
-#if defined(WOLFSSL_AES_EAX)
-
-/*
- * AES EAX one-shot API
- * Encrypts input data and computes an auth tag over the input
- * auth data and ciphertext
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int  wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
-                          const byte* in, word32 inSz,
-                          const byte* nonce, word32 nonceSz,
-                          /* output computed auth tag */
-                          byte* authTag, word32 authTagSz,
-                          /* input data to authenticate */
-                          const byte* authIn, word32 authInSz)
-{
-#if defined(WOLFSSL_SMALL_STACK)
-    AesEax *eax;
-#else
-    AesEax eax_mem;
-    AesEax *eax = &eax_mem;
-#endif
-    int ret;
-    int eaxInited = 0;
-
-    if (key == NULL || out == NULL || in == NULL || nonce == NULL
-                              || authTag == NULL || authIn == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK)
-    if ((eax = (AesEax *)XMALLOC(sizeof(AesEax),
-                                 NULL,
-                                 DYNAMIC_TYPE_AES_EAX)) == NULL) {
-        return MEMORY_E;
-    }
-#endif
-
-    if ((ret = wc_AesEaxInit(eax,
-                             key, keySz,
-                             nonce, nonceSz,
-                             authIn, authInSz)) != 0) {
-        goto cleanup;
-    }
-    eaxInited = 1;
-
-    if ((ret = wc_AesEaxEncryptUpdate(eax, out, in, inSz, NULL, 0)) != 0) {
-        goto cleanup;
-    }
-
-    if ((ret = wc_AesEaxEncryptFinal(eax, authTag, authTagSz)) != 0) {
-        goto cleanup;
-    }
-
-cleanup:
-    if (eaxInited)
-        wc_AesEaxFree(eax);
-#if defined(WOLFSSL_SMALL_STACK)
-    XFREE(eax, NULL, DYNAMIC_TYPE_AES_EAX);
-#endif
-    return ret;
-}
-
-
-/*
- * AES EAX one-shot API
- * Decrypts and authenticates data against a supplied auth tag
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int  wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
-                          const byte* in, word32 inSz,
-                          const byte* nonce, word32 nonceSz,
-                          /* auth tag to verify against */
-                          const byte* authTag, word32 authTagSz,
-                          /* input data to authenticate */
-                          const byte* authIn, word32 authInSz)
-{
-#if defined(WOLFSSL_SMALL_STACK)
-    AesEax *eax;
-#else
-    AesEax eax_mem;
-    AesEax *eax = &eax_mem;
-#endif
-    int ret;
-    int eaxInited = 0;
-
-    if (key == NULL || out == NULL || in == NULL || nonce == NULL
-                              || authTag == NULL || authIn == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK)
-    if ((eax = (AesEax *)XMALLOC(sizeof(AesEax),
-                                 NULL,
-                                 DYNAMIC_TYPE_AES_EAX)) == NULL) {
-        return MEMORY_E;
-    }
-#endif
-
-    if ((ret = wc_AesEaxInit(eax,
-                             key, keySz,
-                             nonce, nonceSz,
-                             authIn, authInSz)) != 0) {
-
-        goto cleanup;
-    }
-    eaxInited = 1;
-
-    if ((ret = wc_AesEaxDecryptUpdate(eax, out, in, inSz, NULL, 0)) != 0) {
-        goto cleanup;
-    }
-
-    if ((ret = wc_AesEaxDecryptFinal(eax, authTag, authTagSz)) != 0) {
-        goto cleanup;
-    }
-
-cleanup:
-    if (eaxInited)
-        wc_AesEaxFree(eax);
-#if defined(WOLFSSL_SMALL_STACK)
-    XFREE(eax, NULL, DYNAMIC_TYPE_AES_EAX);
-#endif
-    return ret;
-}
-
-
-/*
- * AES EAX Incremental API:
- * Initializes an AES EAX encryption or decryption operation. This must be
- * called before any other EAX APIs are used on the AesEax struct
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int  wc_AesEaxInit(AesEax* eax,
-                   const byte* key, word32 keySz,
-                   const byte* nonce, word32 nonceSz,
-                   const byte* authIn, word32 authInSz)
-{
-    int ret = 0;
-    word32 cmacSize;
-    int aesInited = 0;
-    int nonceCmacInited = 0;
-    int aadCmacInited = 0;
-
-    if (eax == NULL || key == NULL ||  nonce == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMSET(eax->prefixBuf, 0, sizeof(eax->prefixBuf));
-
-    if ((ret = wc_AesInit(&eax->aes, NULL, INVALID_DEVID)) != 0) {
-        goto out;
-    }
-    aesInited = 1;
-
-    if ((ret = wc_AesSetKey(&eax->aes,
-                            key,
-                            keySz,
-                            NULL,
-                            AES_ENCRYPTION)) != 0) {
-        goto out;
-    }
-
-    /*
-    * OMAC the nonce to use as the IV for CTR encryption and auth tag chunk
-    *   N' = OMAC^0_K(N)
-    */
-    if ((ret = wc_InitCmac(&eax->nonceCmac,
-                           key,
-                           keySz,
-                           WC_CMAC_AES,
-                           NULL)) != 0) {
-        return ret;
-    }
-    nonceCmacInited = 1;
-
-    if ((ret = wc_CmacUpdate(&eax->nonceCmac,
-                             eax->prefixBuf,
-                             sizeof(eax->prefixBuf))) != 0) {
-        goto out;
-    }
-
-    if ((ret = wc_CmacUpdate(&eax->nonceCmac, nonce, nonceSz)) != 0) {
-        goto out;
-    }
-
-    cmacSize = WC_AES_BLOCK_SIZE;
-    if ((ret = wc_CmacFinal(&eax->nonceCmac,
-                            eax->nonceCmacFinal,
-                            &cmacSize)) != 0) {
-        goto out;
-    }
-
-    if ((ret = wc_AesSetIV(&eax->aes, eax->nonceCmacFinal)) != 0) {
-        goto out;
-    }
-
-    /*
-     * start the OMAC used to build the auth tag chunk for the AD .
-     * This CMAC is continued in subsequent update calls when more auth data is
-     * provided
-     *   H' = OMAC^1_K(H)
-     */
-    eax->prefixBuf[WC_AES_BLOCK_SIZE-1] = 1;
-    if ((ret = wc_InitCmac(&eax->aadCmac,
-                           key,
-                           keySz,
-                           WC_CMAC_AES,
-                           NULL)) != 0) {
-        goto out;
-    }
-    aadCmacInited = 1;
-
-    if ((ret = wc_CmacUpdate(&eax->aadCmac,
-                             eax->prefixBuf,
-                             sizeof(eax->prefixBuf))) != 0) {
-        goto out;
-    }
-
-    if (authIn != NULL) {
-        if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
-            goto out;
-        }
-    }
-
-    /*
-     * start the OMAC to create auth tag chunk for ciphertext. This MAC will be
-     * updated in subsequent calls to encrypt/decrypt
-     *  C' = OMAC^2_K(C)
-     */
-    eax->prefixBuf[WC_AES_BLOCK_SIZE-1] = 2;
-    if ((ret = wc_InitCmac(&eax->ciphertextCmac,
-                           key,
-                           keySz,
-                           WC_CMAC_AES,
-                           NULL)) != 0) {
-        goto out;
-    }
-
-    if ((ret = wc_CmacUpdate(&eax->ciphertextCmac,
-                             eax->prefixBuf,
-                             sizeof(eax->prefixBuf))) != 0) {
-        goto out;
-    }
-
-out:
-
-    if (ret != 0) {
-        if (aesInited)
-            wc_AesFree(&eax->aes);
-        if (nonceCmacInited)
-            wc_CmacFree(&eax->nonceCmac);
-        if (aadCmacInited)
-            wc_CmacFree(&eax->aadCmac);
-    }
-
-    return ret;
-}
-
-
-/*
- * AES EAX Incremental API:
- * Encrypts input plaintext using AES EAX mode, adding optional auth data to
- * the authentication stream
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int  wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
-                            const byte* in, word32 inSz,
-                            const byte* authIn, word32 authInSz)
-{
-    int ret;
-
-    if (eax == NULL || out == NULL ||  in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /*
-     * Encrypt the plaintext using AES CTR
-     *  C = CTR(M)
-     */
-    if ((ret = wc_AesCtrEncrypt(&eax->aes, out, in, inSz)) != 0) {
-        return ret;
-    }
-
-    /*
-     * update OMAC with new ciphertext
-     *  C' = OMAC^2_K(C)
-     */
-    if ((ret = wc_CmacUpdate(&eax->ciphertextCmac, out, inSz)) != 0) {
-        return ret;
-    }
-
-    /* If there exists new auth data, update the OMAC for that as well */
-    if (authIn != NULL) {
-        if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
-            return ret;
-        }
-    }
-
-    return 0;
-}
-
-
-/*
- * AES EAX Incremental API:
- * Decrypts input ciphertext using AES EAX mode, adding optional auth data to
- * the authentication stream
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int  wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
-                            const byte* in, word32 inSz,
-                            const byte* authIn, word32 authInSz)
-{
-    int ret;
-
-    if (eax == NULL || out == NULL ||  in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /*
-     * Decrypt the plaintext using AES CTR
-     *  C = CTR(M)
-     */
-    if ((ret = wc_AesCtrEncrypt(&eax->aes, out, in, inSz)) != 0) {
-        return ret;
-    }
-
-    /*
-     * update OMAC with new ciphertext
-     *  C' = OMAC^2_K(C)
-     */
-    if ((ret = wc_CmacUpdate(&eax->ciphertextCmac, in, inSz)) != 0) {
-        return ret;
-    }
-
-    /* If there exists new auth data, update the OMAC for that as well */
-    if (authIn != NULL) {
-        if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
-            return ret;
-        }
-    }
-
-    return 0;
-}
-
-
-/*
- * AES EAX Incremental API:
- * Provides additional auth data information to the authentication
- * stream for an authenticated encryption or decryption operation
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int  wc_AesEaxAuthDataUpdate(AesEax* eax, const byte* authIn, word32 authInSz)
-{
-    return wc_CmacUpdate(&eax->aadCmac, authIn, authInSz);
-}
-
-
-/*
- * AES EAX Incremental API:
- * Finalizes the authenticated encryption operation, computing the auth tag
- * over previously supplied auth data and computed ciphertext
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int wc_AesEaxEncryptFinal(AesEax* eax, byte* authTag, word32 authTagSz)
-{
-    word32 cmacSize;
-    int ret;
-    word32 i;
-
-    if (eax == NULL || authTag == NULL || authTagSz > WC_AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Complete the OMAC for the ciphertext */
-    cmacSize = WC_AES_BLOCK_SIZE;
-    if ((ret = wc_CmacFinalNoFree(&eax->ciphertextCmac,
-                                  eax->ciphertextCmacFinal,
-                                  &cmacSize)) != 0) {
-        return ret;
-    }
-
-    /* Complete the OMAC for auth data */
-    cmacSize = WC_AES_BLOCK_SIZE;
-    if ((ret = wc_CmacFinalNoFree(&eax->aadCmac,
-                                  eax->aadCmacFinal,
-                                  &cmacSize)) != 0) {
-        return ret;
-    }
-
-    /*
-     * Concatenate all three auth tag chunks into the final tag, truncating
-     * at the specified tag length
-     *   T = Tag [first authTagSz bytes]
-     */
-    for (i = 0; i < authTagSz; i++) {
-        authTag[i] = eax->nonceCmacFinal[i]
-                    ^ eax->aadCmacFinal[i]
-                    ^ eax->ciphertextCmacFinal[i];
-    }
-
-    return 0;
-}
-
-
-/*
- * AES EAX Incremental API:
- * Finalizes the authenticated decryption operation, computing the auth tag
- * for the previously supplied auth data and cipher text and validating it
- * against a provided auth tag
- *
- * Returns 0 on success
- * Return error code for failure
- */
-int wc_AesEaxDecryptFinal(AesEax* eax,
-                          const byte* authIn, word32 authInSz)
-{
-    int ret;
-    word32 i;
-    word32 cmacSize;
-
-#if defined(WOLFSSL_SMALL_STACK)
-    byte *authTag;
-#else
-    byte authTag[WC_AES_BLOCK_SIZE];
-#endif
-
-    if (eax == NULL || authIn == NULL || authInSz > WC_AES_BLOCK_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Complete the OMAC for the ciphertext */
-    cmacSize = WC_AES_BLOCK_SIZE;
-    if ((ret = wc_CmacFinalNoFree(&eax->ciphertextCmac,
-                                  eax->ciphertextCmacFinal,
-                                  &cmacSize)) != 0) {
-        return ret;
-    }
-
-    /* Complete the OMAC for auth data */
-    cmacSize = WC_AES_BLOCK_SIZE;
-    if ((ret = wc_CmacFinalNoFree(&eax->aadCmac,
-                                  eax->aadCmacFinal,
-                                  &cmacSize)) != 0) {
-        return ret;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK)
-    authTag = (byte*)XMALLOC(WC_AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (authTag == NULL) {
-        return MEMORY_E;
-    }
-#endif
-
-    /*
-     * Concatenate all three auth tag chunks into the final tag, truncating
-     * at the specified tag length
-     *   T = Tag [first authInSz bytes]
-     */
-    for (i = 0; i < authInSz; i++) {
-        authTag[i] = eax->nonceCmacFinal[i]
-                    ^ eax->aadCmacFinal[i]
-                    ^ eax->ciphertextCmacFinal[i];
-    }
-
-    if (ConstantCompare((const byte*)authTag, authIn, (int)authInSz) != 0) {
-        ret = AES_EAX_AUTH_E;
-    }
-    else {
-        ret = 0;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK)
-    XFREE(authTag, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return ret;
-}
-
-/*
- * Frees the underlying CMAC and AES contexts. Must be called when done using
- * the AES EAX context structure.
- *
- * Returns 0 on success
- * Returns error code on failure
- */
-int wc_AesEaxFree(AesEax* eax)
-{
-    if (eax == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    (void)wc_CmacFree(&eax->ciphertextCmac);
-    (void)wc_CmacFree(&eax->aadCmac);
-    wc_AesFree(&eax->aes);
-
-    return 0;
-}
-
-#endif /* WOLFSSL_AES_EAX */
-
-#ifdef WOLFSSL_AES_CTS
-
-
-/* One-shot API */
-int wc_AesCtsEncrypt(const byte* key, word32 keySz, byte* out,
-                     const byte* in, word32 inSz,
-                     const byte* iv)
-{
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    int ret = 0;
-    word32 outSz = inSz;
-
-    if (key == NULL || out == NULL || in == NULL || iv == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-    aes = wc_AesNew(NULL, INVALID_DEVID, &ret);
-#else
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-#endif
-    if (ret == 0)
-        ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
-    if (ret == 0)
-        ret = wc_AesCtsEncryptUpdate(aes, out, &outSz, in, inSz);
-    if (ret == 0) {
-        out += outSz;
-        outSz = inSz - outSz;
-        ret = wc_AesCtsEncryptFinal(aes, out, &outSz);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(aes, NULL);
-#else
-    wc_AesFree(aes);
-#endif
-    return ret;
-}
-
-int wc_AesCtsDecrypt(const byte* key, word32 keySz, byte* out,
-                     const byte* in, word32 inSz,
-                     const byte* iv)
-{
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    int ret = 0;
-    word32 outSz = inSz;
-
-    if (key == NULL || out == NULL || in == NULL || iv == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    aes = wc_AesNew(NULL, INVALID_DEVID, &ret);
-#else
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
-#endif
-    if (ret == 0)
-        ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION);
-    if (ret == 0)
-        ret = wc_AesCtsDecryptUpdate(aes, out, &outSz, in, inSz);
-    if (ret == 0) {
-        out += outSz;
-        outSz = inSz - outSz;
-        ret = wc_AesCtsDecryptFinal(aes, out, &outSz);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    wc_AesDelete(aes, NULL);
-#else
-    wc_AesFree(aes);
-#endif
-    return ret;
-}
-
-static int AesCtsUpdate(Aes* aes, byte* out, word32* outSz,
-                        const byte* in, word32 inSz, int enc)
-{
-    word32 blocks = 0;
-    int ret = 0;
-    word32 writtenSz = 0;
-    word32 tmpOutSz;
-
-    if (aes == NULL || out == NULL || in == NULL || outSz == NULL)
-        return BAD_FUNC_ARG;
-
-    /* Error out early for easy sanity check */
-    if (*outSz < inSz)
-        return BUFFER_E;
-    tmpOutSz = *outSz;
-
-    /* We need to store last two blocks of plaintext */
-    if (aes->left > 0) {
-        word32 copySz = min(inSz, (WC_AES_BLOCK_SIZE * 2) - aes->left);
-        XMEMCPY(aes->ctsBlock + aes->left, in, copySz);
-        aes->left += copySz;
-        in += copySz;
-        inSz -= copySz;
-
-        if (aes->left == WC_AES_BLOCK_SIZE * 2) {
-            if (inSz > WC_AES_BLOCK_SIZE) {
-                if (tmpOutSz < WC_AES_BLOCK_SIZE * 2)
-                    return BUFFER_E;
-                if (enc) {
-                    ret = wc_AesCbcEncrypt(aes, out, aes->ctsBlock,
-                                           WC_AES_BLOCK_SIZE * 2);
-                }
-                else {
-                    ret = wc_AesCbcDecrypt(aes, out, aes->ctsBlock,
-                                           WC_AES_BLOCK_SIZE * 2);
-                }
-                if (ret != 0)
-                    return ret;
-                out += WC_AES_BLOCK_SIZE * 2;
-                writtenSz += WC_AES_BLOCK_SIZE * 2;
-                tmpOutSz -= WC_AES_BLOCK_SIZE * 2;
-                aes->left = 0;
-            }
-            else if (inSz > 0) {
-                if (tmpOutSz < WC_AES_BLOCK_SIZE)
-                    return BUFFER_E;
-                if (enc) {
-                    ret = wc_AesCbcEncrypt(aes, out, aes->ctsBlock,
-                                           WC_AES_BLOCK_SIZE);
-                }
-                else {
-                    ret = wc_AesCbcDecrypt(aes, out, aes->ctsBlock,
-                                           WC_AES_BLOCK_SIZE);
-                }
-                if (ret != 0)
-                    return ret;
-                out += WC_AES_BLOCK_SIZE;
-                writtenSz += WC_AES_BLOCK_SIZE;
-                tmpOutSz -= WC_AES_BLOCK_SIZE;
-                /* Move the last block in ctsBlock to the beginning for
-                 * next operation */
-                XMEMCPY(aes->ctsBlock, aes->ctsBlock + WC_AES_BLOCK_SIZE,
-                        WC_AES_BLOCK_SIZE);
-                XMEMCPY(aes->ctsBlock + WC_AES_BLOCK_SIZE, in, inSz);
-                aes->left = WC_AES_BLOCK_SIZE + inSz;
-                *outSz = writtenSz;
-                return ret; /* Return the result of encryption */
-            }
-            else {
-                /* Can't output data as we need > 1 block for Final call */
-                *outSz = writtenSz;
-                return 0;
-            }
-        }
-        else {
-            /* All input has been absorbed into aes->ctsBlock */
-            *outSz = 0;
-            return 0;
-        }
-    }
-    if (inSz > WC_AES_BLOCK_SIZE) {
-        /* We need to store the last two full or partial blocks */
-        blocks = (inSz + (WC_AES_BLOCK_SIZE - 1)) / WC_AES_BLOCK_SIZE;
-        blocks -= 2;
-    }
-    if (tmpOutSz < blocks * WC_AES_BLOCK_SIZE)
-        return BUFFER_E;
-    if (enc)
-        ret = wc_AesCbcEncrypt(aes, out, in, blocks * WC_AES_BLOCK_SIZE);
-    else
-        ret = wc_AesCbcDecrypt(aes, out, in, blocks * WC_AES_BLOCK_SIZE);
-    in += blocks * WC_AES_BLOCK_SIZE;
-    inSz -= blocks * WC_AES_BLOCK_SIZE;
-    XMEMCPY(aes->ctsBlock, in, inSz);
-    aes->left = inSz;
-    writtenSz += blocks * WC_AES_BLOCK_SIZE;
-    *outSz = writtenSz;
-    return ret;
-}
-
-/* Incremental API */
-int wc_AesCtsEncryptUpdate(Aes* aes, byte* out, word32* outSz,
-                           const byte* in, word32 inSz)
-{
-    return AesCtsUpdate(aes, out, outSz, in, inSz, 1);
-}
-
-int wc_AesCtsEncryptFinal(Aes* aes, byte* out, word32* outSz)
-{
-    int ret = 0;
-
-    if (aes == NULL || out == NULL || outSz == NULL)
-        return BAD_FUNC_ARG;
-    if (*outSz < aes->left)
-        return BUFFER_E;
-
-    /* Input must be at least two complete or partial blocks */
-    if (aes->left <= WC_AES_BLOCK_SIZE)
-        return BAD_FUNC_ARG;
-
-    /* Zero padding */
-    XMEMSET(aes->ctsBlock + aes->left, 0, (WC_AES_BLOCK_SIZE * 2) - aes->left);
-
-    ret = wc_AesCbcEncrypt(aes, aes->ctsBlock, aes->ctsBlock,
-                           WC_AES_BLOCK_SIZE * 2);
-    if (ret != 0)
-        return ret;
-
-    XMEMCPY(out, aes->ctsBlock + WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-    XMEMCPY(out + WC_AES_BLOCK_SIZE, aes->ctsBlock,
-            aes->left - WC_AES_BLOCK_SIZE);
-    *outSz = aes->left;
-    return ret;
-}
-
-int wc_AesCtsDecryptUpdate(Aes* aes, byte* out, word32* outSz,
-                           const byte* in, word32 inSz)
-{
-    return AesCtsUpdate(aes, out, outSz, in, inSz, 0);
-}
-
-int wc_AesCtsDecryptFinal(Aes* aes, byte* out, word32* outSz)
-{
-    int ret = 0;
-    byte iv[WC_AES_BLOCK_SIZE];
-    byte tmp[WC_AES_BLOCK_SIZE];
-    word32 partialSz;
-    word32 padSz;
-
-    if (aes == NULL || out == NULL || outSz == NULL)
-        return BAD_FUNC_ARG;
-    if (*outSz < aes->left)
-        return BUFFER_E;
-
-    /* Input must be at least two complete or partial blocks */
-    if (aes->left <= WC_AES_BLOCK_SIZE)
-        return BAD_FUNC_ARG;
-
-    partialSz = aes->left - WC_AES_BLOCK_SIZE;
-    padSz = 2 * WC_AES_BLOCK_SIZE - aes->left;
-    /* Zero pad */
-    XMEMSET(aes->ctsBlock + aes->left, 0, padSz);
-
-    /* Store IV */
-    XMEMCPY(iv, aes->reg, WC_AES_BLOCK_SIZE);
-    /* Load IV */
-    XMEMCPY(aes->reg, aes->ctsBlock + WC_AES_BLOCK_SIZE, WC_AES_BLOCK_SIZE);
-
-    ret = wc_AesCbcDecrypt(aes, tmp, aes->ctsBlock, WC_AES_BLOCK_SIZE);
-    if (ret != 0)
-        return ret;
-
-    /* Write out partial block */
-    XMEMCPY(out + WC_AES_BLOCK_SIZE, tmp, partialSz);
-    /* Retrieve the padding */
-    XMEMCPY(aes->ctsBlock + aes->left, tmp + partialSz, padSz);
-    /* Restore IV */
-    XMEMCPY(aes->reg, iv, WC_AES_BLOCK_SIZE);
-
-    ret = wc_AesCbcDecrypt(aes, out, aes->ctsBlock + WC_AES_BLOCK_SIZE,
-                           WC_AES_BLOCK_SIZE);
-    if (ret != 0)
-        return ret;
-
-    *outSz = aes->left;
-    return ret;
-}
-
-#endif /* WOLFSSL_AES_CTS */
-
-
-#endif /* !NO_AES */
diff --git a/src/ssl/wolfssl/wolfcrypt/arc4.c b/src/ssl/wolfssl/wolfcrypt/arc4.c
deleted file mode 100644
index da997f692..000000000
--- a/src/ssl/wolfssl/wolfcrypt/arc4.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* arc4.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_RC4
-
-#include <wolfssl/wolfcrypt/arc4.h>
-
-
-int wc_Arc4SetKey(Arc4* arc4, const byte* key, word32 length)
-{
-    int ret = 0;
-    word32 i;
-    word32 keyIndex = 0, stateIndex = 0;
-
-    if (arc4 == NULL || key == NULL || length == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ARC4) && \
-        defined(HAVE_CAVIUM) && !defined(HAVE_CAVIUM_V)
-    if (arc4->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ARC4) {
-        return NitroxArc4SetKey(arc4, key, length);
-    }
-#endif
-
-    arc4->x = 1;
-    arc4->y = 0;
-
-    for (i = 0; i < ARC4_STATE_SIZE; i++)
-        arc4->state[i] = (byte)i;
-
-    for (i = 0; i < ARC4_STATE_SIZE; i++) {
-        word32 a = arc4->state[i];
-        stateIndex += key[keyIndex] + a;
-        stateIndex &= 0xFF;
-        arc4->state[i] = arc4->state[stateIndex];
-        arc4->state[stateIndex] = (byte)a;
-
-        if (++keyIndex >= length)
-            keyIndex = 0;
-    }
-
-    return ret;
-}
-
-
-static WC_INLINE byte MakeByte(word32* x, word32* y, byte* s)
-{
-    word32 a = s[*x], b;
-    *y = (*y+a) & 0xff;
-
-    b = s[*y];
-    s[*x] = (byte)b;
-    s[*y] = (byte)a;
-    *x = (*x+1) & 0xff;
-
-    return s[(a+b) & 0xff];
-}
-
-
-int wc_Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length)
-{
-    int ret = 0;
-    word32 x;
-    word32 y;
-
-    if (arc4 == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ARC4) && \
-        defined(HAVE_CAVIUM) && !defined(HAVE_CAVIUM_V)
-    if (arc4->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ARC4) {
-        return NitroxArc4Process(arc4, out, in, length);
-    }
-#endif
-
-    x = arc4->x;
-    y = arc4->y;
-
-    while(length--)
-        *out++ = *in++ ^ MakeByte(&x, &y, arc4->state);
-
-    arc4->x = (byte)x;
-    arc4->y = (byte)y;
-
-    return ret;
-}
-
-/* Initialize Arc4 for use with async device */
-int wc_Arc4Init(Arc4* arc4, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (arc4 == NULL)
-        return BAD_FUNC_ARG;
-
-    arc4->heap = heap;
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ARC4)
-    ret = wolfAsync_DevCtxInit(&arc4->asyncDev, WOLFSSL_ASYNC_MARKER_ARC4,
-        arc4->heap, devId);
-#else
-    (void)devId;
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    return ret;
-}
-
-
-/* Free Arc4 from use with async device */
-void wc_Arc4Free(Arc4* arc4)
-{
-    if (arc4 == NULL)
-        return;
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ARC4)
-    wolfAsync_DevCtxFree(&arc4->asyncDev, WOLFSSL_ASYNC_MARKER_ARC4);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-}
-
-#endif /* NO_RC4 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/ascon.c b/src/ssl/wolfssl/wolfcrypt/ascon.c
deleted file mode 100644
index 4ddbcfc9a..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ascon.c
+++ /dev/null
@@ -1,521 +0,0 @@
-/* ascon.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_ASCON
-
-#include <wolfssl/wolfcrypt/ascon.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/*
- * Implementation of the ASCON AEAD and HASH algorithms. Based on the NIST
- * Initial Public Draft "NIST SP 800-232 ipd" and reference implementation found
- * at https://github.com/ascon/ascon-c.
- */
-
-/*
- * TODO
- * - Add support for big-endian systems
- * - Add support for 32-bit and smaller systems */
-
-#ifndef WORD64_AVAILABLE
-    #error "Ascon implementation requires a 64-bit word"
-#endif
-
-/* Data block size in bytes */
-#define ASCON_HASH256_RATE                              8
-#define ASCON_HASH256_ROUNDS                           12
-#define ASCON_HASH256_IV            0x0000080100CC0002ULL
-
-#define ASCON_AEAD128_ROUNDS_PA                        12
-#define ASCON_AEAD128_ROUNDS_PB                         8
-#define ASCON_AEAD128_IV            0x00001000808C0001ULL
-#define ASCON_AEAD128_RATE                             16
-
-#define MAX_ROUNDS 12
-
-#ifndef WOLFSSL_ASCON_UNROLL
-
-/* Table 5 */
-static const byte round_constants[MAX_ROUNDS] = {
-    0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87, 0x78, 0x69, 0x5a, 0x4b
-};
-
-static byte start_index(byte rounds)
-{
-    switch (rounds) {
-        case 8:
-            return 4;
-        case 12:
-            return 0;
-        default:
-            WOLFSSL_MSG("Something went wrong in wolfCrypt logic. Wrong ASCON "
-                        "rounds value.");
-            return MAX_ROUNDS;
-    }
-}
-
-static WC_INLINE void ascon_round(AsconState* a, byte round)
-{
-    word64 tmp0, tmp1, tmp2, tmp3, tmp4;
-    /* 3.2 Constant-Addition Layer */
-    a->s64[2] ^= round_constants[round];
-    /* 3.3 Substitution Layer */
-    a->s64[0] ^= a->s64[4];
-    a->s64[4] ^= a->s64[3];
-    a->s64[2] ^= a->s64[1];
-    tmp0 = a->s64[0] ^ (~a->s64[1] & a->s64[2]);
-    tmp2 = a->s64[2] ^ (~a->s64[3] & a->s64[4]);
-    tmp4 = a->s64[4] ^ (~a->s64[0] & a->s64[1]);
-    tmp1 = a->s64[1] ^ (~a->s64[2] & a->s64[3]);
-    tmp3 = a->s64[3] ^ (~a->s64[4] & a->s64[0]);
-    tmp1 ^= tmp0;
-    tmp3 ^= tmp2;
-    tmp0 ^= tmp4;
-    tmp2 = ~tmp2;
-    /* 3.4 Linear Diffusion Layer */
-    a->s64[4] = tmp4 ^ rotrFixed64(tmp4,  7) ^ rotrFixed64(tmp4, 41);
-    a->s64[1] = tmp1 ^ rotrFixed64(tmp1, 61) ^ rotrFixed64(tmp1, 39);
-    a->s64[3] = tmp3 ^ rotrFixed64(tmp3, 10) ^ rotrFixed64(tmp3, 17);
-    a->s64[0] = tmp0 ^ rotrFixed64(tmp0, 19) ^ rotrFixed64(tmp0, 28);
-    a->s64[2] = tmp2 ^ rotrFixed64(tmp2,  1) ^ rotrFixed64(tmp2,  6);
-}
-
-static void permutation(AsconState* a, byte rounds)
-{
-    byte i = start_index(rounds);
-    for (; i < MAX_ROUNDS; i++) {
-        ascon_round(a, i);
-    }
-}
-
-#else
-
-#define p(a, c) do {                                                           \
-    word64 tmp0, tmp1, tmp2, tmp3, tmp4;                                       \
-    /* 3.2 Constant-Addition Layer */                                          \
-    (a)->s64[2] ^= c;                                                          \
-    /* 3.3 Substitution Layer */                                               \
-    (a)->s64[0] ^= (a)->s64[4];                                                \
-    (a)->s64[4] ^= (a)->s64[3];                                                \
-    (a)->s64[2] ^= (a)->s64[1];                                                \
-    tmp0 = (a)->s64[0] ^ (~(a)->s64[1] & (a)->s64[2]);                         \
-    tmp2 = (a)->s64[2] ^ (~(a)->s64[3] & (a)->s64[4]);                         \
-    tmp4 = (a)->s64[4] ^ (~(a)->s64[0] & (a)->s64[1]);                         \
-    tmp1 = (a)->s64[1] ^ (~(a)->s64[2] & (a)->s64[3]);                         \
-    tmp3 = (a)->s64[3] ^ (~(a)->s64[4] & (a)->s64[0]);                         \
-    tmp1 ^= tmp0;                                                              \
-    tmp3 ^= tmp2;                                                              \
-    tmp0 ^= tmp4;                                                              \
-    tmp2 = ~tmp2;                                                              \
-    /* 3.4 Linear Diffusion Layer */                                           \
-    (a)->s64[4] = tmp4 ^ rotrFixed64(tmp4,  7) ^ rotrFixed64(tmp4, 41);        \
-    (a)->s64[1] = tmp1 ^ rotrFixed64(tmp1, 61) ^ rotrFixed64(tmp1, 39);        \
-    (a)->s64[3] = tmp3 ^ rotrFixed64(tmp3, 10) ^ rotrFixed64(tmp3, 17);        \
-    (a)->s64[0] = tmp0 ^ rotrFixed64(tmp0, 19) ^ rotrFixed64(tmp0, 28);        \
-    (a)->s64[2] = tmp2 ^ rotrFixed64(tmp2,  1) ^ rotrFixed64(tmp2,  6);        \
-} while (0)
-
-#define p8(a) \
-    p(a, 0xb4); \
-    p(a, 0xa5); \
-    p(a, 0x96); \
-    p(a, 0x87); \
-    p(a, 0x78); \
-    p(a, 0x69); \
-    p(a, 0x5a); \
-    p(a, 0x4b)
-
-#define p12(a) \
-    p(a, 0xf0); \
-    p(a, 0xe1); \
-    p(a, 0xd2); \
-    p(a, 0xc3); \
-    p8(a)
-
-/* Needed layer to evaluate the macro values */
-#define _permutation(a, rounds) \
-    p ## rounds(a)
-
-#define permutation(a, rounds) \
-    _permutation(a, rounds)
-
-#endif
-
-/* AsconHash API */
-
-wc_AsconHash256* wc_AsconHash256_New(void)
-{
-    wc_AsconHash256* ret = (wc_AsconHash256*)XMALLOC(sizeof(wc_AsconHash256),
-            NULL, DYNAMIC_TYPE_ASCON);
-    if (ret != NULL) {
-        if (wc_AsconHash256_Init(ret) != 0) {
-            wc_AsconHash256_Free(ret);
-            ret = NULL;
-        }
-    }
-    return ret;
-}
-
-void wc_AsconHash256_Free(wc_AsconHash256* a)
-{
-    if (a != NULL) {
-        wc_AsconHash256_Clear(a);
-        XFREE(a, NULL, DYNAMIC_TYPE_ASCON);
-    }
-}
-
-int wc_AsconHash256_Init(wc_AsconHash256* a)
-{
-    if (a == NULL)
-        return BAD_FUNC_ARG;
-
-    XMEMSET(a, 0, sizeof(*a));
-
-    a->state.s64[0] = ASCON_HASH256_IV;
-    permutation(&a->state, ASCON_HASH256_ROUNDS);
-
-    return 0;
-}
-
-void wc_AsconHash256_Clear(wc_AsconHash256* a)
-{
-    if (a != NULL) {
-        ForceZero(a, sizeof(*a));
-    }
-}
-
-int wc_AsconHash256_Update(wc_AsconHash256* a, const byte* data, word32 dataSz)
-{
-    if (a == NULL || (data == NULL && dataSz != 0))
-        return BAD_FUNC_ARG;
-
-    if (dataSz == 0)
-        return 0;
-
-    /* Process leftover block */
-    if (a->lastBlkSz != 0) {
-        word32 toProcess = min(ASCON_HASH256_RATE - a->lastBlkSz, dataSz);
-        xorbuf(a->state.s8 + a->lastBlkSz, data, toProcess);
-        data += toProcess;
-        dataSz -= toProcess;
-        a->lastBlkSz += toProcess;
-
-        if (a->lastBlkSz < ASCON_HASH256_RATE)
-            return 0;
-
-        permutation(&a->state, ASCON_HASH256_ROUNDS);
-        /* Reset the counter */
-        a->lastBlkSz = 0;
-    }
-
-    while (dataSz >= ASCON_HASH256_RATE) {
-        /* Read in input as little endian numbers */
-        xorbuf(a->state.s64, data, ASCON_HASH256_RATE);
-        permutation(&a->state, ASCON_HASH256_ROUNDS);
-        data += ASCON_HASH256_RATE;
-        dataSz -= ASCON_HASH256_RATE;
-    }
-
-    xorbuf(a->state.s64, data, dataSz);
-    a->lastBlkSz = dataSz;
-
-    return 0;
-}
-
-int wc_AsconHash256_Final(wc_AsconHash256* a, byte* hash)
-{
-    byte i;
-
-    if (a == NULL || hash == NULL)
-        return BAD_FUNC_ARG;
-
-    /* Process last block */
-    a->state.s8[a->lastBlkSz] ^= 1;
-
-    for (i = 0; i < ASCON_HASH256_SZ; i += ASCON_HASH256_RATE) {
-        permutation(&a->state, ASCON_HASH256_ROUNDS);
-        XMEMCPY(hash, a->state.s64, ASCON_HASH256_RATE);
-        hash += ASCON_HASH256_RATE;
-    }
-
-    /* Clear state as soon as possible */
-    wc_AsconHash256_Clear(a);
-    return 0;
-}
-
-/* AsconAEAD API */
-
-wc_AsconAEAD128* wc_AsconAEAD128_New(void)
-{
-    wc_AsconAEAD128 *ret = (wc_AsconAEAD128*) XMALLOC(sizeof(wc_AsconAEAD128),
-            NULL, DYNAMIC_TYPE_ASCON);
-    if (ret != NULL) {
-        if (wc_AsconAEAD128_Init(ret) != 0) {
-            wc_AsconAEAD128_Free(ret);
-            ret = NULL;
-        }
-    }
-    return ret;
-}
-
-void wc_AsconAEAD128_Free(wc_AsconAEAD128 *a)
-{
-    if (a != NULL) {
-        wc_AsconAEAD128_Clear(a);
-        XFREE(a, NULL, DYNAMIC_TYPE_ASCON);
-    }
-}
-
-int wc_AsconAEAD128_Init(wc_AsconAEAD128 *a)
-{
-    if (a == NULL)
-        return BAD_FUNC_ARG;
-
-    XMEMSET(a, 0, sizeof(*a));
-    a->state.s64[0] = ASCON_AEAD128_IV;
-
-    return 0;
-}
-
-void wc_AsconAEAD128_Clear(wc_AsconAEAD128 *a)
-{
-    if (a != NULL) {
-        ForceZero(a, sizeof(*a));
-    }
-}
-
-int wc_AsconAEAD128_SetKey(wc_AsconAEAD128* a, const byte* key)
-{
-    if (a == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-    if (a->keySet)
-        return BAD_STATE_E;
-
-    XMEMCPY(a->key, key, ASCON_AEAD128_KEY_SZ);
-    a->state.s64[1] = a->key[0];
-    a->state.s64[2] = a->key[1];
-    a->keySet = 1;
-
-    return 0;
-}
-
-int wc_AsconAEAD128_SetNonce(wc_AsconAEAD128* a, const byte* nonce)
-{
-    if (a == NULL || nonce == NULL)
-        return BAD_FUNC_ARG;
-    if (a->nonceSet)
-        return BAD_STATE_E;
-
-    XMEMCPY(&a->state.s64[3], nonce, ASCON_AEAD128_NONCE_SZ);
-    a->nonceSet = 1;
-
-    return 0;
-}
-
-int wc_AsconAEAD128_SetAD(wc_AsconAEAD128* a, const byte* ad,
-                                      word32 adSz)
-{
-    if (a == NULL || (ad == NULL && adSz > 0))
-        return BAD_FUNC_ARG;
-    if (!a->keySet || !a->nonceSet) /* key and nonce must be set before */
-        return BAD_STATE_E;
-
-    permutation(&a->state, ASCON_AEAD128_ROUNDS_PA);
-    a->state.s64[3] ^= a->key[0];
-    a->state.s64[4] ^= a->key[1];
-
-    if (adSz > 0) {
-        while (adSz >= ASCON_AEAD128_RATE) {
-            xorbuf(a->state.s64, ad, ASCON_AEAD128_RATE);
-            permutation(&a->state, ASCON_AEAD128_ROUNDS_PB);
-            ad += ASCON_AEAD128_RATE;
-            adSz -= ASCON_AEAD128_RATE;
-        }
-        xorbuf(a->state.s64, ad, adSz);
-        /* Pad the last block */
-        a->state.s8[adSz] ^= 1;
-        permutation(&a->state, ASCON_AEAD128_ROUNDS_PB);
-    }
-    a->state.s64[4] ^= 1ULL << 63;
-
-    a->adSet = 1;
-    return 0;
-}
-
-int wc_AsconAEAD128_EncryptUpdate(wc_AsconAEAD128* a, byte* out,
-                                  const byte* in, word32 inSz)
-{
-    if (a == NULL || (in == NULL && inSz > 0))
-        return BAD_FUNC_ARG;
-    if (!a->keySet || !a->nonceSet || !a->adSet)
-        return BAD_STATE_E;
-
-    if (a->op == ASCON_AEAD128_NOTSET)
-        a->op = ASCON_AEAD128_ENCRYPT;
-    else if (a->op != ASCON_AEAD128_ENCRYPT)
-        return BAD_STATE_E;
-
-    /* Process leftover from last block */
-    if (a->lastBlkSz != 0) {
-        word32 toProcess = min(ASCON_AEAD128_RATE - a->lastBlkSz, inSz);
-        xorbuf(&a->state.s8[a->lastBlkSz], in, toProcess);
-        XMEMCPY(out, &a->state.s8[a->lastBlkSz], toProcess);
-        a->lastBlkSz += toProcess;
-        in += toProcess;
-        out += toProcess;
-        inSz -= toProcess;
-
-        if (a->lastBlkSz < ASCON_AEAD128_RATE)
-            return 0;
-
-        permutation(&a->state, ASCON_AEAD128_ROUNDS_PB);
-        a->lastBlkSz = 0;
-    }
-
-    while (inSz >= ASCON_AEAD128_RATE) {
-        xorbuf(a->state.s64, in, ASCON_AEAD128_RATE);
-        XMEMCPY(out, a->state.s64, ASCON_AEAD128_RATE);
-        permutation(&a->state, ASCON_AEAD128_ROUNDS_PB);
-        in += ASCON_AEAD128_RATE;
-        out += ASCON_AEAD128_RATE;
-        inSz -= ASCON_AEAD128_RATE;
-    }
-    /* Store leftover */
-    xorbuf(a->state.s64, in, inSz);
-    XMEMCPY(out, a->state.s64, inSz);
-    a->lastBlkSz = inSz;
-
-    return 0;
-}
-
-
-int wc_AsconAEAD128_EncryptFinal(wc_AsconAEAD128* a, byte* tag)
-{
-    if (a == NULL || tag == NULL)
-        return BAD_FUNC_ARG;
-    if (!a->keySet || !a->nonceSet || !a->adSet)
-        return BAD_STATE_E;
-
-    if (a->op != ASCON_AEAD128_ENCRYPT)
-        return BAD_STATE_E;
-
-    /* Process leftover from last block */
-    a->state.s8[a->lastBlkSz] ^= 1;
-
-    a->state.s64[2] ^= a->key[0];
-    a->state.s64[3] ^= a->key[1];
-    permutation(&a->state, ASCON_AEAD128_ROUNDS_PA);
-    a->state.s64[3] ^= a->key[0];
-    a->state.s64[4] ^= a->key[1];
-
-    XMEMCPY(tag, &a->state.s64[3], ASCON_AEAD128_TAG_SZ);
-
-    /* Clear state as soon as possible */
-    wc_AsconAEAD128_Clear(a);
-
-    return 0;
-
-}
-
-
-int wc_AsconAEAD128_DecryptUpdate(wc_AsconAEAD128* a, byte* out,
-                                  const byte* in, word32 inSz)
-{
-    if (a == NULL || (in == NULL && inSz > 0))
-        return BAD_FUNC_ARG;
-    if (!a->keySet || !a->nonceSet || !a->adSet)
-        return BAD_STATE_E;
-
-    if (a->op == ASCON_AEAD128_NOTSET)
-        a->op = ASCON_AEAD128_DECRYPT;
-    else if (a->op != ASCON_AEAD128_DECRYPT)
-        return BAD_STATE_E;
-
-    /* Process leftover block */
-    if (a->lastBlkSz != 0) {
-        word32 toProcess = min(ASCON_AEAD128_RATE - a->lastBlkSz, inSz);
-        xorbufout(out, a->state.s8 + a->lastBlkSz, in, toProcess);
-        XMEMCPY(a->state.s8 + a->lastBlkSz, in, toProcess);
-        in += toProcess;
-        out += toProcess;
-        inSz -= toProcess;
-        a->lastBlkSz += toProcess;
-
-        if (a->lastBlkSz < ASCON_AEAD128_RATE)
-            return 0;
-
-        permutation(&a->state, ASCON_AEAD128_ROUNDS_PB);
-        a->lastBlkSz = 0;
-    }
-
-    while (inSz >= ASCON_AEAD128_RATE) {
-        xorbufout(out, a->state.s64, in, ASCON_AEAD128_RATE);
-        XMEMCPY(a->state.s64, in, ASCON_AEAD128_RATE);
-        permutation(&a->state, ASCON_AEAD128_ROUNDS_PB);
-        in += ASCON_AEAD128_RATE;
-        out += ASCON_AEAD128_RATE;
-        inSz -= ASCON_AEAD128_RATE;
-    }
-    /* Store leftover */
-    xorbufout(out, a->state.s64, in, inSz);
-    XMEMCPY(a->state.s64, in, inSz);
-    a->lastBlkSz = inSz;
-
-    return 0;
-}
-
-int wc_AsconAEAD128_DecryptFinal(wc_AsconAEAD128* a, const byte* tag)
-{
-    if (a == NULL || tag == NULL)
-        return BAD_FUNC_ARG;
-    if (!a->keySet || !a->nonceSet || !a->adSet)
-        return BAD_STATE_E;
-
-    if (a->op != ASCON_AEAD128_DECRYPT)
-        return BAD_STATE_E;
-
-    /* Pad last block */
-    a->state.s8[a->lastBlkSz] ^= 1;
-
-    a->state.s64[2] ^= a->key[0];
-    a->state.s64[3] ^= a->key[1];
-    permutation(&a->state, ASCON_AEAD128_ROUNDS_PA);
-    a->state.s64[3] ^= a->key[0];
-    a->state.s64[4] ^= a->key[1];
-
-    if (ConstantCompare(tag, (const byte*)&a->state.s64[3],
-                        ASCON_AEAD128_TAG_SZ) != 0)
-        return ASCON_AUTH_E;
-
-    /* Clear state as soon as possible */
-    wc_AsconAEAD128_Clear(a);
-
-    return 0;
-}
-
-#endif /* HAVE_ASCON */
diff --git a/src/ssl/wolfssl/wolfcrypt/asm.c b/src/ssl/wolfssl/wolfcrypt/asm.c
deleted file mode 100644
index b061bb3ad..000000000
--- a/src/ssl/wolfssl/wolfcrypt/asm.c
+++ /dev/null
@@ -1,1832 +0,0 @@
-/* asm.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/*
- * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-/******************************************************************/
-/* fp_montgomery_reduce.c asm or generic */
-
-
-/* Each platform needs to query info type 1 from cpuid to see if aesni is
- * supported. Also, let's setup a macro for proper linkage w/o ABI conflicts
- */
-
-#if defined(HAVE_INTEL_MULX)
-#ifndef _MSC_VER
-    #define cpuid(reg, leaf, sub)\
-            __asm__ __volatile__ ("cpuid":\
-             "=a" (reg[0]), "=b" (reg[1]), "=c" (reg[2]), "=d" (reg[3]) :\
-             "a" (leaf), "c"(sub));
-#else
-    #include <intrin.h>
-    #define cpuid(a,b,c) __cpuidex((int*)a,b,c)
-#endif /* _MSC_VER */
-
-#define EAX 0
-#define EBX 1
-#define ECX 2
-#define EDX 3
-
-#define CPUID_AVX1   0x1
-#define CPUID_AVX2   0x2
-#define CPUID_RDRAND 0x4
-#define CPUID_RDSEED 0x8
-#define CPUID_BMI2   0x10   /* MULX, RORX */
-#define CPUID_ADX    0x20   /* ADCX, ADOX */
-
-#define IS_INTEL_AVX1       (cpuid_flags&CPUID_AVX1)
-#define IS_INTEL_AVX2       (cpuid_flags&CPUID_AVX2)
-#define IS_INTEL_BMI2       (cpuid_flags&CPUID_BMI2)
-#define IS_INTEL_ADX        (cpuid_flags&CPUID_ADX)
-#define IS_INTEL_RDRAND     (cpuid_flags&CPUID_RDRAND)
-#define IS_INTEL_RDSEED     (cpuid_flags&CPUID_RDSEED)
-#define SET_FLAGS
-
-static word32 cpuid_check = 0 ;
-static word32 cpuid_flags = 0 ;
-
-static word32 cpuid_flag(word32 leaf, word32 sub, word32 num, word32 bit) {
-    int got_intel_cpu = 0;
-    int got_amd_cpu = 0;
-    unsigned int reg[5];
-
-    reg[4] = '\0' ;
-    cpuid(reg, 0, 0);
-
-    /* check for intel cpu */
-    if( memcmp((char *)&(reg[EBX]), "Genu", 4) == 0 &&
-        memcmp((char *)&(reg[EDX]), "ineI", 4) == 0 &&
-        memcmp((char *)&(reg[ECX]), "ntel", 4) == 0) {
-        got_intel_cpu = 1;
-    }
-
-    /* check for AMD cpu */
-    if( memcmp((char *)&(reg[EBX]), "Auth", 4) == 0 &&
-        memcmp((char *)&(reg[EDX]), "enti", 4) == 0 &&
-        memcmp((char *)&(reg[ECX]), "cAMD", 4) == 0) {
-        got_amd_cpu = 1;
-    }
-    if (got_intel_cpu || got_amd_cpu) {
-        cpuid(reg, leaf, sub);
-        return((reg[num]>>bit)&0x1) ;
-    }
-    return 0 ;
-}
-
-WC_INLINE static int set_cpuid_flags(void) {
-    if(cpuid_check == 0) {
-        if(cpuid_flag(7, 0, EBX, 8)){  cpuid_flags |= CPUID_BMI2 ; }
-        if(cpuid_flag(7, 0, EBX,19)){  cpuid_flags |= CPUID_ADX  ; }
-		cpuid_check = 1 ;
-		return 0 ;
-    }
-    return 1 ;
-}
-
-#define RETURN return
-#define IF_HAVE_INTEL_MULX(func, ret)    \
-   if(cpuid_check==0)set_cpuid_flags() ; \
-   if(IS_INTEL_BMI2 && IS_INTEL_ADX){  func;  ret ;  }
-
-#else
-    #define IF_HAVE_INTEL_MULX(func, ret) WC_DO_NOTHING
-#endif
-
-#if defined(TFM_X86) && !defined(TFM_SSE2)
-/* x86-32 code */
-
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#define INNERMUL                                          \
-__asm__(                                                  \
-   "movl %5,%%eax \n\t"                                   \
-   "mull %4       \n\t"                                   \
-   "addl %1,%%eax \n\t"                                   \
-   "adcl $0,%%edx \n\t"                                   \
-   "addl %%eax,%0 \n\t"                                   \
-   "adcl $0,%%edx \n\t"                                   \
-   "movl %%edx,%1 \n\t"                                   \
-:"=g"(_c[LO]), "=r"(cy)                                   \
-:"0"(_c[LO]), "1"(cy), "r"(mu), "r"(*tmpm++)              \
-: "%eax", "%edx", "cc")
-
-#define PROPCARRY                           \
-__asm__(                                    \
-   "addl   %1,%0    \n\t"                   \
-   "setb   %%al     \n\t"                   \
-   "movzbl %%al,%1 \n\t"                    \
-:"=g"(_c[LO]), "=r"(cy)                     \
-:"0"(_c[LO]), "1"(cy)                       \
-: "%eax", "cc")
-
-/******************************************************************/
-#elif defined(TFM_X86_64)
-/* x86-64 code */
-
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#define INNERMUL                                          \
-__asm__(                                                  \
-   "movq %5,%%rax \n\t"                                   \
-   "mulq %4       \n\t"                                   \
-   "addq %1,%%rax \n\t"                                   \
-   "adcq $0,%%rdx \n\t"                                   \
-   "addq %%rax,%0 \n\t"                                   \
-   "adcq $0,%%rdx \n\t"                                   \
-   "movq %%rdx,%1 \n\t"                                   \
-:"=g"(_c[LO]), "=r"(cy)                                   \
-:"0"(_c[LO]), "1"(cy), "r"(mu), "r"(*tmpm++)              \
-: "%rax", "%rdx", "cc")
-
-#if defined(HAVE_INTEL_MULX)
-#define MULX_INNERMUL8(x,y,z,cy)                                       \
-    __asm__  volatile (                                                \
-        "movq	%[yn], %%rdx\n\t"                                      \
-        "xorq	%%rcx, %%rcx\n\t"                                      \
-        "movq   0(%[c]), %%r8\n\t"                                     \
-        "movq   8(%[c]), %%r9\n\t"                                     \
-        "movq   16(%[c]), %%r10\n\t"                                   \
-        "movq   24(%[c]), %%r11\n\t"                                   \
-        "movq   32(%[c]), %%r12\n\t"                                   \
-        "movq   40(%[c]), %%r13\n\t"                                   \
-        "movq   48(%[c]), %%r14\n\t"                                   \
-        "movq   56(%[c]), %%r15\n\t"                                   \
-                                                                       \
-        "mulx	0(%[xp]), %%rax, %%rcx\n\t"                            \
-        "adcxq	%[cy], %%r8\n\t"                                       \
-        "adoxq	%%rax, %%r8\n\t"                                       \
-        "mulx	8(%[xp]), %%rax, %[cy]\n\t"                            \
-        "adcxq	%%rcx, %%r9\n\t"                                       \
-        "adoxq	%%rax, %%r9\n\t"                                       \
-        "mulx	16(%[xp]), %%rax, %%rcx\n\t"                           \
-        "adcxq	%[cy], %%r10\n\t"                                      \
-        "adoxq	%%rax, %%r10\n\t"                                      \
-        "mulx	24(%[xp]), %%rax, %[cy]\n\t"                           \
-        "adcxq	%%rcx, %%r11\n\t"                                      \
-        "adoxq	%%rax, %%r11\n\t"                                      \
-        "mulx	32(%[xp]), %%rax, %%rcx\n\t"                           \
-        "adcxq	%[cy], %%r12\n\t"                                      \
-        "adoxq	%%rax, %%r12\n\t"                                      \
-        "mulx	40(%[xp]), %%rax, %[cy]\n\t"                           \
-        "adcxq	%%rcx, %%r13\n\t"                                      \
-        "adoxq	%%rax, %%r13\n\t"                                      \
-        "mulx	48(%[xp]), %%rax, %%rcx\n\t"                           \
-        "adcxq	%[cy], %%r14\n\t"                                      \
-        "adoxq	%%rax, %%r14\n\t"                                      \
-        "adcxq	%%rcx, %%r15\n\t"                                      \
-        "mulx	56(%[xp]), %%rax, %[cy]\n\t"                           \
-        "movq	$0, %%rdx\n\t"                                         \
-        "adoxq	%%rdx, %%rax\n\t"                                      \
-        "adcxq	%%rdx, %[cy]\n\t"                                      \
-        "adoxq	%%rdx, %[cy]\n\t"                                      \
-        "addq   %%rax, %%r15\n\t"                                      \
-        "adcq   $0, %[cy]\n\t"                                         \
-                                                                       \
-        "movq   %%r8,   0(%[c])\n\t"                                   \
-        "movq   %%r9,   8(%[c])\n\t"                                   \
-        "movq   %%r10, 16(%[c])\n\t"                                   \
-        "movq   %%r11, 24(%[c])\n\t"                                   \
-        "movq   %%r12, 32(%[c])\n\t"                                   \
-        "movq   %%r13, 40(%[c])\n\t"                                   \
-        "movq   %%r14, 48(%[c])\n\t"                                   \
-        "movq   %%r15, 56(%[c])\n\t"                                   \
-        : [cy] "+r" (cy)                                               \
-        : [xp] "r" (x), [c] "r" (c_mulx), [yn] "rm" (y)                \
-        :"%r8", "%r9", "%r10", "%r11", "%r12", "%r13", "%r14", "%r15", \
-         "%rdx", "%rax", "%rcx" \
-    )
-
-#define INNERMUL8_MULX \
-{\
-    MULX_INNERMUL8(tmpm, mu, _c, cy);\
-}
-#endif
-
-#define INNERMUL8 \
- __asm__(                    \
- "movq 0(%5),%%rax    \n\t"  \
- "movq 0(%2),%%r10    \n\t"  \
- "movq 0x8(%5),%%r11  \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x8(%2),%%r10  \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0(%0)    \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "movq 0x10(%5),%%r11 \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x10(%2),%%r10 \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x8(%0)  \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "movq 0x18(%5),%%r11 \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x18(%2),%%r10 \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x10(%0) \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "movq 0x20(%5),%%r11 \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x20(%2),%%r10 \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x18(%0) \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "movq 0x28(%5),%%r11 \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x28(%2),%%r10 \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x20(%0) \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "movq 0x30(%5),%%r11 \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x30(%2),%%r10 \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x28(%0) \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "movq 0x38(%5),%%r11 \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq 0x38(%2),%%r10 \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x30(%0) \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
- "movq %%r11,%%rax    \n\t"  \
- "mulq %4             \n\t"  \
- "addq %%r10,%%rax    \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "addq %3,%%rax       \n\t"  \
- "adcq $0,%%rdx       \n\t"  \
- "movq %%rax,0x38(%0) \n\t"  \
- "movq %%rdx,%1       \n\t"  \
- \
-:"=r"(_c), "=r"(cy)                    \
-: "0"(_c),  "1"(cy), "g"(mu), "r"(tmpm)\
-: "%rax", "%rdx", "%r10", "%r11", "cc")
-
-#define PROPCARRY                           \
-__asm__(                                    \
-   "addq   %1,%0    \n\t"                   \
-   "setb   %%al     \n\t"                   \
-   "movzbq %%al,%1 \n\t"                    \
-:"=g"(_c[LO]), "=r"(cy)                     \
-:"0"(_c[LO]), "1"(cy)                       \
-: "%rax", "cc")
-
-/******************************************************************/
-#elif defined(TFM_SSE2)
-/* SSE2 code (assumes 32-bit fp_digits) */
-/* XMM register assignments:
- * xmm0  *tmpm++, then Mu * (*tmpm++)
- * xmm1  c[x], then Mu
- * xmm2  mp
- * xmm3  cy
- * xmm4  _c[LO]
- */
-
-#define MONT_START \
-   __asm__("movd %0,%%mm2"::"g"(mp))
-
-#define MONT_FINI \
-   __asm__("emms")
-
-#define LOOP_START          \
-__asm__(                    \
-"movd %0,%%mm1        \n\t" \
-"pxor %%mm3,%%mm3     \n\t" \
-"pmuludq %%mm2,%%mm1  \n\t" \
-:: "g"(c[x]))
-
-/* pmuludq on mmx registers does a 32x32->64 multiply. */
-#define INNERMUL               \
-__asm__(                       \
-   "movd %1,%%mm4        \n\t" \
-   "movd %2,%%mm0        \n\t" \
-   "paddq %%mm4,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm0  \n\t" \
-   "paddq %%mm0,%%mm3    \n\t" \
-   "movd %%mm3,%0        \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-:"=g"(_c[LO]) : "0"(_c[LO]), "g"(*tmpm++) );
-
-#define INNERMUL8 \
-__asm__(                       \
-   "movd 0(%1),%%mm4     \n\t" \
-   "movd 0(%2),%%mm0     \n\t" \
-   "paddq %%mm4,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm0  \n\t" \
-   "movd 4(%2),%%mm5     \n\t" \
-   "paddq %%mm0,%%mm3    \n\t" \
-   "movd 4(%1),%%mm6     \n\t" \
-   "movd %%mm3,0(%0)     \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm6,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm5  \n\t" \
-   "movd 8(%2),%%mm6     \n\t" \
-   "paddq %%mm5,%%mm3    \n\t" \
-   "movd 8(%1),%%mm7     \n\t" \
-   "movd %%mm3,4(%0)     \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm7,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm6  \n\t" \
-   "movd 12(%2),%%mm7    \n\t" \
-   "paddq %%mm6,%%mm3    \n\t" \
-   "movd 12(%1),%%mm5     \n\t" \
-   "movd %%mm3,8(%0)     \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm5,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm7  \n\t" \
-   "movd 16(%2),%%mm5    \n\t" \
-   "paddq %%mm7,%%mm3    \n\t" \
-   "movd 16(%1),%%mm6    \n\t" \
-   "movd %%mm3,12(%0)    \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm6,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm5  \n\t" \
-   "movd 20(%2),%%mm6    \n\t" \
-   "paddq %%mm5,%%mm3    \n\t" \
-   "movd 20(%1),%%mm7    \n\t" \
-   "movd %%mm3,16(%0)    \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm7,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm6  \n\t" \
-   "movd 24(%2),%%mm7    \n\t" \
-   "paddq %%mm6,%%mm3    \n\t" \
-   "movd 24(%1),%%mm5     \n\t" \
-   "movd %%mm3,20(%0)    \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm5,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm7  \n\t" \
-   "movd 28(%2),%%mm5    \n\t" \
-   "paddq %%mm7,%%mm3    \n\t" \
-   "movd 28(%1),%%mm6    \n\t" \
-   "movd %%mm3,24(%0)    \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-\
-   "paddq %%mm6,%%mm3    \n\t" \
-   "pmuludq %%mm1,%%mm5  \n\t" \
-   "paddq %%mm5,%%mm3    \n\t" \
-   "movd %%mm3,28(%0)    \n\t" \
-   "psrlq $32, %%mm3     \n\t" \
-:"=r"(_c) : "0"(_c), "r"(tmpm) );
-
-/* TAO switched tmpm from "g" to "r" after gcc tried to index the indexed stack
-   pointer */
-
-#define LOOP_END \
-__asm__( "movd %%mm3,%0  \n" :"=r"(cy))
-
-#define PROPCARRY                           \
-__asm__(                                    \
-   "addl   %1,%0    \n\t"                   \
-   "setb   %%al     \n\t"                   \
-   "movzbl %%al,%1 \n\t"                    \
-:"=g"(_c[LO]), "=r"(cy)                     \
-:"0"(_c[LO]), "1"(cy)                       \
-: "%eax", "cc")
-
-/******************************************************************/
-#elif defined(TFM_ARM)
-   /* ARMv4 code */
-
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-
-#ifdef __thumb__
-
-#define INNERMUL                    \
-__asm__(                            \
-    " LDR    r0,%1            \n\t" \
-    " ADDS   r0,r0,%0         \n\t" \
-    " ITE    CS               \n\t" \
-    " MOVCS  %0,#1            \n\t" \
-    " MOVCC  %0,#0            \n\t" \
-    " UMLAL  r0,%0,%3,%4      \n\t" \
-    " STR    r0,%1            \n\t" \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"m"(_c[0]):"r0","cc");
-
-#define PROPCARRY                  \
-__asm__(                           \
-    " LDR   r0,%1            \n\t" \
-    " ADDS  r0,r0,%0         \n\t" \
-    " STR   r0,%1            \n\t" \
-    " ITE   CS               \n\t" \
-    " MOVCS %0,#1            \n\t" \
-    " MOVCC %0,#0            \n\t" \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"m"(_c[0]):"r0","cc");
-
-
-/* TAO thumb mode uses ite (if then else) to detect carry directly
- * fixed unmatched constraint warning by changing 1 to m  */
-
-#else  /* __thumb__ */
-
-#define INNERMUL                    \
-__asm__(                            \
-    " LDR    r0,%1            \n\t" \
-    " ADDS   r0,r0,%0         \n\t" \
-    " MOVCS  %0,#1            \n\t" \
-    " MOVCC  %0,#0            \n\t" \
-    " UMLAL  r0,%0,%3,%4      \n\t" \
-    " STR    r0,%1            \n\t" \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c[0]):"r0","cc");
-
-#define PROPCARRY                  \
-__asm__(                           \
-    " LDR   r0,%1            \n\t" \
-    " ADDS  r0,r0,%0         \n\t" \
-    " STR   r0,%1            \n\t" \
-    " MOVCS %0,#1            \n\t" \
-    " MOVCC %0,#0            \n\t" \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r0","cc");
-
-#endif /* __thumb__ */
-
-#elif defined(TFM_PPC32)
-
-/* PPC32 */
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#ifdef __APPLE__
-
-#define INNERMUL                     \
-__asm__(                             \
-   " mullw    r16,%3,%4       \n\t"  \
-   " mulhwu   r17,%3,%4       \n\t"  \
-   " addc     r16,r16,%2      \n\t"  \
-   " addze    r17,r17         \n\t"  \
-   " addc     %1,r16,%5       \n\t"  \
-   " addze    %0,r17          \n\t"  \
-:"=r"(cy),"=r"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"r16", "r17", "cc"); ++tmpm;
-
-#define PROPCARRY                    \
-__asm__(                             \
-   " addc     %1,%3,%2      \n\t"    \
-   " xor      %0,%2,%2      \n\t"    \
-   " addze    %0,%2         \n\t"    \
-:"=r"(cy),"=r"(_c[0]):"0"(cy),"1"(_c[0]):"cc");
-
-#else
-
-#define INNERMUL                     \
-__asm__(                             \
-   " mullw    16,%3,%4       \n\t"   \
-   " mulhwu   17,%3,%4       \n\t"   \
-   " addc     16,16,%2       \n\t"   \
-   " addze    17,17          \n\t"   \
-   " addc     %1,16,%5       \n\t"   \
-   " addze    %0,17          \n\t"   \
-:"=r"(cy),"=r"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "cc"); ++tmpm;
-
-#define PROPCARRY                    \
-__asm__(                             \
-   " addc     %1,%3,%2      \n\t"    \
-   " xor      %0,%2,%2      \n\t"    \
-   " addze    %0,%2         \n\t"    \
-:"=r"(cy),"=r"(_c[0]):"0"(cy),"1"(_c[0]):"cc");
-
-#endif
-
-#elif defined(TFM_PPC64)
-
-/* PPC64 */
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#ifdef __APPLE__
-
-#define INNERMUL                      \
-__asm__(                              \
-   " mulld    r16,%3,%4       \n\t"   \
-   " mulhdu   r17,%3,%4       \n\t"   \
-   " addc     r16,16,%0       \n\t"   \
-   " addze    r17,r17         \n\t"   \
-   " ldx      r18,0,%1        \n\t"   \
-   " addc     r16,r16,r18     \n\t"   \
-   " addze    %0,r17          \n\t"   \
-   " sdx      r16,0,%1        \n\t"   \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"r16", "r17", "r18","cc"); ++tmpm;
-
-#define PROPCARRY                     \
-__asm__(                              \
-   " ldx      r16,0,%1       \n\t"    \
-   " addc     r16,r16,%0     \n\t"    \
-   " sdx      r16,0,%1       \n\t"    \
-   " xor      %0,%0,%0       \n\t"    \
-   " addze    %0,%0          \n\t"    \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r16","cc");
-
-#else
-
-#define INNERMUL                     \
-__asm__(                             \
-   " mulld    16,%3,%4       \n\t"   \
-   " mulhdu   17,%3,%4       \n\t"   \
-   " addc     16,16,%0       \n\t"   \
-   " addze    17,17          \n\t"   \
-   " ldx      18,0,%1        \n\t"   \
-   " addc     16,16,18       \n\t"   \
-   " addze    %0,17          \n\t"   \
-   " sdx      16,0,%1        \n\t"   \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm;
-
-#define PROPCARRY                    \
-__asm__(                             \
-   " ldx      16,0,%1       \n\t"    \
-   " addc     16,16,%0      \n\t"    \
-   " sdx      16,0,%1       \n\t"    \
-   " xor      %0,%0,%0      \n\t"    \
-   " addze    %0,%0         \n\t"    \
-:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc");
-
-#endif
-
-/******************************************************************/
-
-#elif defined(TFM_AVR32)
-
-/* AVR32 */
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#define INNERMUL                    \
-__asm__(                            \
-    " ld.w   r2,%1            \n\t" \
-    " add    r2,%0            \n\t" \
-    " eor    r3,r3            \n\t" \
-    " acr    r3               \n\t" \
-    " macu.d r2,%3,%4         \n\t" \
-    " st.w   %1,r2            \n\t" \
-    " mov    %0,r3            \n\t" \
-:"=r"(cy),"=r"(_c):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c):"r2","r3");
-
-#define PROPCARRY                    \
-__asm__(                             \
-   " ld.w     r2,%1         \n\t"    \
-   " add      r2,%0         \n\t"    \
-   " st.w     %1,r2         \n\t"    \
-   " eor      %0,%0         \n\t"    \
-   " acr      %0            \n\t"    \
-:"=r"(cy),"=r"(&_c[0]):"0"(cy),"1"(&_c[0]):"r2","cc");
-
-/******************************************************************/
-#elif defined(TFM_MIPS)
-
-/* MIPS */
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#define INNERMUL                     \
-__asm__(                             \
-   " multu    %3,%4          \n\t"   \
-   " mflo     $12            \n\t"   \
-   " mfhi     $13            \n\t"   \
-   " addu     $12,$12,%0     \n\t"   \
-   " sltu     $10,$12,%0     \n\t"   \
-   " addu     $13,$13,$10    \n\t"   \
-   " lw       $10,%1         \n\t"   \
-   " addu     $12,$12,$10    \n\t"   \
-   " sltu     $10,$12,$10    \n\t"   \
-   " addu     %0,$13,$10     \n\t"   \
-   " sw       $12,%1         \n\t"   \
-:"+r"(cy),"+m"(_c[0]):""(cy),"r"(mu),"r"(tmpm[0]),""(_c[0]):"$10","$12","$13"); ++tmpm;
-
-#define PROPCARRY                    \
-__asm__(                             \
-   " lw       $10,%1        \n\t"    \
-   " addu     $10,$10,%0    \n\t"    \
-   " sw       $10,%1        \n\t"    \
-   " sltu     %0,$10,%0     \n\t"    \
-:"+r"(cy),"+m"(_c[0]):""(cy),""(_c[0]):"$10");
-
-/******************************************************************/
-#else
-
-/* ISO C code */
-#define MONT_START
-#define MONT_FINI
-#define LOOP_END
-#define LOOP_START \
-   mu = c[x] * mp
-
-#define INNERMUL                                      \
-   do { fp_word t;                                    \
-   t  = ((fp_word)_c[0] + (fp_word)cy) +              \
-                (((fp_word)mu) * ((fp_word)*tmpm++)); \
-   _c[0] = (fp_digit)t;                               \
-   cy = (fp_digit)(t >> DIGIT_BIT);                   \
-   } while (0)
-
-#define PROPCARRY \
-   do { fp_digit t = _c[0] += cy; cy = (t < cy); } while (0)
-
-#endif
-/******************************************************************/
-
-
-#define LO  0
-/* end fp_montogomery_reduce.c asm */
-
-
-/* start fp_sqr_comba.c asm */
-#if defined(TFM_X86)
-
-/* x86-32 optimized */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-#define SQRADD(i, j)                                      \
-__asm__(                                                  \
-     "movl  %3,%%eax     \n\t"                            \
-     "mull  %%eax        \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"+m"(c0), "+m"(c1), "+m"(c2)                        \
-     : "m"(i)                                             \
-     :"%eax","%edx","cc");
-
-#define SQRADD2(i, j)                                     \
-__asm__(                                                  \
-     "movl  %3,%%eax     \n\t"                            \
-     "mull  %4           \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"+m"(c0), "+m"(c1), "+m"(c2)                        \
-     : "m"(i), "m"(j)                                     \
-     :"%eax","%edx", "cc");
-
-#define SQRADDSC(i, j)                                    \
-__asm__(                                                  \
-     "movl  %3,%%eax     \n\t"                            \
-     "mull  %4           \n\t"                            \
-     "movl  %%eax,%0     \n\t"                            \
-     "movl  %%edx,%1     \n\t"                            \
-     "xorl  %2,%2        \n\t"                            \
-     :"=r"(sc0), "=r"(sc1), "=r"(sc2)                     \
-     : "g"(i), "g"(j)                                     \
-     :"%eax","%edx","cc");
-
-#define SQRADDAC(i, j)                                    \
-__asm__(                                                  \
-     "movl  %6,%%eax     \n\t"                            \
-     "mull  %7           \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"=r"(sc0), "=r"(sc1), "=r"(sc2)                     \
-     : "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j)       \
-     :"%eax","%edx","cc");
-
-#define SQRADDDB                                          \
-__asm__(                                                  \
-     "addl %6,%0         \n\t"                            \
-     "adcl %7,%1         \n\t"                            \
-     "adcl %8,%2         \n\t"                            \
-     "addl %6,%0         \n\t"                            \
-     "adcl %7,%1         \n\t"                            \
-     "adcl %8,%2         \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2)                        \
-     : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1),     \
-       "r"(sc2)                                           \
-     : "cc");
-
-#elif defined(TFM_X86_64)
-/* x86-64 optimized */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-#define SQRADD(i, j)                                      \
-__asm__(                                                  \
-     "movq  %6,%%rax     \n\t"                            \
-     "mulq  %%rax        \n\t"                            \
-     "addq  %%rax,%0     \n\t"                            \
-     "adcq  %%rdx,%1     \n\t"                            \
-     "adcq  $0,%2        \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "x"(i) :"%rax","%rdx","cc");
-
-#define SQRADD2(i, j)                                     \
-__asm__(                                                  \
-     "movq  %6,%%rax     \n\t"                            \
-     "mulq  %7           \n\t"                            \
-     "addq  %%rax,%0     \n\t"                            \
-     "adcq  %%rdx,%1     \n\t"                            \
-     "adcq  $0,%2        \n\t"                            \
-     "addq  %%rax,%0     \n\t"                            \
-     "adcq  %%rdx,%1     \n\t"                            \
-     "adcq  $0,%2        \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j)  :"%rax","%rdx","cc");
-
-#define SQRADDSC(i, j)                                    \
-__asm__(                                                  \
-     "movq  %3,%%rax     \n\t"                            \
-     "mulq  %4           \n\t"                            \
-     "movq  %%rax,%0     \n\t"                            \
-     "movq  %%rdx,%1     \n\t"                            \
-     "xorq  %2,%2        \n\t"                            \
-     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%rax","%rdx","cc");
-
-#define SQRADDAC(i, j)                                                         \
-__asm__(                                                  \
-     "movq  %6,%%rax     \n\t"                            \
-     "mulq  %7           \n\t"                            \
-     "addq  %%rax,%0     \n\t"                            \
-     "adcq  %%rdx,%1     \n\t"                            \
-     "adcq  $0,%2        \n\t"                            \
-     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%rax","%rdx","cc");
-
-#define SQRADDDB                                          \
-__asm__(                                                  \
-     "addq %6,%0         \n\t"                            \
-     "adcq %7,%1         \n\t"                            \
-     "adcq %8,%2         \n\t"                            \
-     "addq %6,%0         \n\t"                            \
-     "adcq %7,%1         \n\t"                            \
-     "adcq %8,%2         \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
-
-#elif defined(TFM_SSE2)
-
-/* SSE2 Optimized */
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI \
-   __asm__("emms");
-
-#define SQRADD(i, j)                                      \
-__asm__(                                                  \
-     "movd  %6,%%mm0     \n\t"                            \
-     "pmuludq %%mm0,%%mm0\n\t"                            \
-     "movd  %%mm0,%%eax  \n\t"                            \
-     "psrlq $32,%%mm0    \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "movd  %%mm0,%%eax  \n\t"                            \
-     "adcl  %%eax,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","cc");
-
-#define SQRADD2(i, j)                                     \
-__asm__(                                                  \
-     "movd  %6,%%mm0     \n\t"                            \
-     "movd  %7,%%mm1     \n\t"                            \
-     "pmuludq %%mm1,%%mm0\n\t"                            \
-     "movd  %%mm0,%%eax  \n\t"                            \
-     "psrlq $32,%%mm0    \n\t"                            \
-     "movd  %%mm0,%%edx  \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","%edx","cc");
-
-#define SQRADDSC(i, j)                                                         \
-__asm__(                                                  \
-     "movd  %3,%%mm0     \n\t"                            \
-     "movd  %4,%%mm1     \n\t"                            \
-     "pmuludq %%mm1,%%mm0\n\t"                            \
-     "movd  %%mm0,%0     \n\t"                            \
-     "psrlq $32,%%mm0    \n\t"                            \
-     "movd  %%mm0,%1     \n\t"                            \
-     "xorl  %2,%2        \n\t"                            \
-     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "m"(i), "m"(j));
-
-/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
-
-#define SQRADDAC(i, j)                                                         \
-__asm__(                                                  \
-     "movd  %6,%%mm0     \n\t"                            \
-     "movd  %7,%%mm1     \n\t"                            \
-     "pmuludq %%mm1,%%mm0\n\t"                            \
-     "movd  %%mm0,%%eax  \n\t"                            \
-     "psrlq $32,%%mm0    \n\t"                            \
-     "movd  %%mm0,%%edx  \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "m"(i), "m"(j)  :"%eax","%edx","cc");
-
-#define SQRADDDB                                          \
-__asm__(                                                  \
-     "addl %6,%0         \n\t"                            \
-     "adcl %7,%1         \n\t"                            \
-     "adcl %8,%2         \n\t"                            \
-     "addl %6,%0         \n\t"                            \
-     "adcl %7,%1         \n\t"                            \
-     "adcl %8,%2         \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc");
-
-#elif defined(TFM_ARM)
-
-/* ARM code */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-/* multiplies point i and j, updates carry "c1" and digit c2 */
-#define SQRADD(i, j)                                             \
-__asm__(                                                         \
-"  UMULL  r0,r1,%6,%6              \n\t"                         \
-"  ADDS   %0,%0,r0                 \n\t"                         \
-"  ADCS   %1,%1,r1                 \n\t"                         \
-"  ADC    %2,%2,#0                 \n\t"                         \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i) : "r0", "r1", "cc");
-
-/* for squaring some of the terms are doubled... */
-#define SQRADD2(i, j)                                            \
-__asm__(                                                         \
-"  UMULL  r0,r1,%6,%7              \n\t"                         \
-"  ADDS   %0,%0,r0                 \n\t"                         \
-"  ADCS   %1,%1,r1                 \n\t"                         \
-"  ADC    %2,%2,#0                 \n\t"                         \
-"  ADDS   %0,%0,r0                 \n\t"                         \
-"  ADCS   %1,%1,r1                 \n\t"                         \
-"  ADC    %2,%2,#0                 \n\t"                         \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc");
-
-#define SQRADDSC(i, j)                                           \
-__asm__(                                                         \
-"  UMULL  %0,%1,%3,%4              \n\t"                         \
-"  SUB    %2,%2,%2                 \n\t"                         \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "r"(i), "r"(j) : "cc");
-
-/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */
-
-#define SQRADDAC(i, j)                                           \
-__asm__(                                                         \
-"  UMULL  r0,r1,%6,%7              \n\t"                         \
-"  ADDS   %0,%0,r0                 \n\t"                         \
-"  ADCS   %1,%1,r1                 \n\t"                         \
-"  ADC    %2,%2,#0                 \n\t"                         \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "r0", "r1", "cc");
-
-#define SQRADDDB                                                 \
-__asm__(                                                         \
-"  ADDS  %0,%0,%3                     \n\t"                      \
-"  ADCS  %1,%1,%4                     \n\t"                      \
-"  ADC   %2,%2,%5                     \n\t"                      \
-"  ADDS  %0,%0,%3                     \n\t"                      \
-"  ADCS  %1,%1,%4                     \n\t"                      \
-"  ADC   %2,%2,%5                     \n\t"                      \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
-
-#elif defined(TFM_PPC32)
-
-/* PPC32 */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-/* multiplies point i and j, updates carry "c1" and digit c2 */
-#define SQRADD(i, j)             \
-__asm__(                         \
-   " mullw  16,%6,%6       \n\t" \
-   " addc   %0,%0,16       \n\t" \
-   " mulhwu 16,%6,%6       \n\t" \
-   " adde   %1,%1,16       \n\t" \
-   " addze  %2,%2          \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc");
-
-/* for squaring some of the terms are doubled... */
-#define SQRADD2(i, j)            \
-__asm__(                         \
-   " mullw  16,%6,%7       \n\t" \
-   " mulhwu 17,%6,%7       \n\t" \
-   " addc   %0,%0,16       \n\t" \
-   " adde   %1,%1,17       \n\t" \
-   " addze  %2,%2          \n\t" \
-   " addc   %0,%0,16       \n\t" \
-   " adde   %1,%1,17       \n\t" \
-   " addze  %2,%2          \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc");
-
-#define SQRADDSC(i, j)            \
-__asm__(                          \
-   " mullw  %0,%6,%7        \n\t" \
-   " mulhwu %1,%6,%7        \n\t" \
-   " xor    %2,%2,%2        \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
-
-#define SQRADDAC(i, j)           \
-__asm__(                         \
-   " mullw  16,%6,%7       \n\t" \
-   " addc   %0,%0,16       \n\t" \
-   " mulhwu 16,%6,%7       \n\t" \
-   " adde   %1,%1,16       \n\t" \
-   " addze  %2,%2          \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc");
-
-#define SQRADDDB                  \
-__asm__(                          \
-   " addc   %0,%0,%3        \n\t" \
-   " adde   %1,%1,%4        \n\t" \
-   " adde   %2,%2,%5        \n\t" \
-   " addc   %0,%0,%3        \n\t" \
-   " adde   %1,%1,%4        \n\t" \
-   " adde   %2,%2,%5        \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
-
-#elif defined(TFM_PPC64)
-/* PPC64 */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-/* multiplies point i and j, updates carry "c1" and digit c2 */
-#define SQRADD(i, j)              \
-__asm__(                          \
-   " mulld  r16,%6,%6       \n\t" \
-   " addc   %0,%0,r16       \n\t" \
-   " mulhdu r16,%6,%6       \n\t" \
-   " adde   %1,%1,r16       \n\t" \
-   " addze  %2,%2           \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"r16","cc");
-
-/* for squaring some of the terms are doubled... */
-#define SQRADD2(i, j)             \
-__asm__(                          \
-   " mulld  r16,%6,%7       \n\t" \
-   " mulhdu r17,%6,%7       \n\t" \
-   " addc   %0,%0,r16       \n\t" \
-   " adde   %1,%1,r17       \n\t" \
-   " addze  %2,%2           \n\t" \
-   " addc   %0,%0,r16       \n\t" \
-   " adde   %1,%1,r17       \n\t" \
-   " addze  %2,%2           \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r16", "r17","cc");
-
-#define SQRADDSC(i, j)            \
-__asm__(                          \
-   " mulld  %0,%6,%7        \n\t" \
-   " mulhdu %1,%6,%7        \n\t" \
-   " xor    %2,%2,%2        \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
-
-#define SQRADDAC(i, j)            \
-__asm__(                          \
-   " mulld  r16,%6,%7       \n\t" \
-   " addc   %0,%0,r16       \n\t" \
-   " mulhdu r16,%6,%7       \n\t" \
-   " adde   %1,%1,r16       \n\t" \
-   " addze  %2,%2           \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"r16", "cc");
-
-#define SQRADDDB                  \
-__asm__(                          \
-   " addc   %0,%0,%3        \n\t" \
-   " adde   %1,%1,%4        \n\t" \
-   " adde   %2,%2,%5        \n\t" \
-   " addc   %0,%0,%3        \n\t" \
-   " adde   %1,%1,%4        \n\t" \
-   " adde   %2,%2,%5        \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
-
-
-#elif defined(TFM_AVR32)
-
-/* AVR32 */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-/* multiplies point i and j, updates carry "c1" and digit c2 */
-#define SQRADD(i, j)             \
-__asm__(                         \
-   " mulu.d r2,%6,%6       \n\t" \
-   " add    %0,%0,r2       \n\t" \
-   " adc    %1,%1,r3       \n\t" \
-   " acr    %2             \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"r2","r3");
-
-/* for squaring some of the terms are doubled... */
-#define SQRADD2(i, j)            \
-__asm__(                         \
-   " mulu.d r2,%6,%7       \n\t" \
-   " add    %0,%0,r2       \n\t" \
-   " adc    %1,%1,r3       \n\t" \
-   " acr    %2,            \n\t" \
-   " add    %0,%0,r2       \n\t" \
-   " adc    %1,%1,r3       \n\t" \
-   " acr    %2,            \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r2", "r3");
-
-#define SQRADDSC(i, j)            \
-__asm__(                          \
-   " mulu.d r2,%6,%7        \n\t" \
-   " mov    %0,r2           \n\t" \
-   " mov    %1,r3           \n\t" \
-   " eor    %2,%2           \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "r2", "r3");
-
-#define SQRADDAC(i, j)           \
-__asm__(                         \
-   " mulu.d r2,%6,%7       \n\t" \
-   " add    %0,%0,r2       \n\t" \
-   " adc    %1,%1,r3       \n\t" \
-   " acr    %2             \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"r2", "r3");
-
-#define SQRADDDB                  \
-__asm__(                          \
-   " add    %0,%0,%3        \n\t" \
-   " adc    %1,%1,%4        \n\t" \
-   " adc    %2,%2,%5        \n\t" \
-   " add    %0,%0,%3        \n\t" \
-   " adc    %1,%1,%4        \n\t" \
-   " adc    %2,%2,%5        \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc");
-
-#elif defined(TFM_MIPS)
-
-/* MIPS */
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-/* multiplies point i and j, updates carry "c1" and digit c2 */
-#define SQRADD(i, j)              \
-__asm__(                          \
-   " multu  %6,%6          \n\t"  \
-   " mflo   $12            \n\t"  \
-   " mfhi   $13            \n\t"  \
-   " addu    %0,%0,$12     \n\t"  \
-   " sltu   $12,%0,$12     \n\t"  \
-   " addu    %1,%1,$13     \n\t"  \
-   " sltu   $13,%1,$13     \n\t"  \
-   " addu    %1,%1,$12     \n\t"  \
-   " sltu   $12,%1,$12     \n\t"  \
-   " addu    %2,%2,$13     \n\t"  \
-   " addu    %2,%2,$12     \n\t"  \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"$12","$13");
-
-/* for squaring some of the terms are doubled... */
-#define SQRADD2(i, j)            \
-__asm__(                         \
-   " multu  %6,%7          \n\t" \
-   " mflo   $12            \n\t" \
-   " mfhi   $13            \n\t" \
-                                 \
-   " addu    %0,%0,$12     \n\t" \
-   " sltu   $14,%0,$12     \n\t" \
-   " addu    %1,%1,$13     \n\t" \
-   " sltu   $15,%1,$13     \n\t" \
-   " addu    %1,%1,$14     \n\t" \
-   " sltu   $14,%1,$14     \n\t" \
-   " addu    %2,%2,$15     \n\t" \
-   " addu    %2,%2,$14     \n\t" \
-                                 \
-   " addu    %0,%0,$12     \n\t" \
-   " sltu   $14,%0,$12     \n\t" \
-   " addu    %1,%1,$13     \n\t" \
-   " sltu   $15,%1,$13     \n\t" \
-   " addu    %1,%1,$14     \n\t" \
-   " sltu   $14,%1,$14     \n\t" \
-   " addu    %2,%2,$15     \n\t" \
-   " addu    %2,%2,$14     \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"$12", "$13", "$14", "$15");
-
-#define SQRADDSC(i, j)            \
-__asm__(                          \
-   " multu  %6,%7          \n\t"  \
-   " mflo   %0             \n\t"  \
-   " mfhi   %1             \n\t"  \
-   " xor    %2,%2,%2       \n\t"  \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc");
-
-#define SQRADDAC(i, j)           \
-__asm__(                         \
-   " multu  %6,%7          \n\t" \
-   " mflo   $12            \n\t" \
-   " mfhi   $13            \n\t" \
-   " addu    %0,%0,$12     \n\t" \
-   " sltu   $12,%0,$12     \n\t" \
-   " addu    %1,%1,$13     \n\t" \
-   " sltu   $13,%1,$13     \n\t" \
-   " addu    %1,%1,$12     \n\t" \
-   " sltu   $12,%1,$12     \n\t" \
-   " addu    %2,%2,$13     \n\t" \
-   " addu    %2,%2,$12     \n\t" \
-:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"$12", "$13", "$14");
-
-#define SQRADDDB                  \
-__asm__(                          \
-   " addu    %0,%0,%3       \n\t" \
-   " sltu   $10,%0,%3       \n\t" \
-   " addu    %1,%1,$10      \n\t" \
-   " sltu   $10,%1,$10      \n\t" \
-   " addu    %1,%1,%4       \n\t" \
-   " sltu   $11,%1,%4       \n\t" \
-   " addu    %2,%2,$10      \n\t" \
-   " addu    %2,%2,$11      \n\t" \
-   " addu    %2,%2,%5       \n\t" \
-                                  \
-   " addu    %0,%0,%3       \n\t" \
-   " sltu   $10,%0,%3       \n\t" \
-   " addu    %1,%1,$10      \n\t" \
-   " sltu   $10,%1,$10      \n\t" \
-   " addu    %1,%1,%4       \n\t" \
-   " sltu   $11,%1,%4       \n\t" \
-   " addu    %2,%2,$10      \n\t" \
-   " addu    %2,%2,$11      \n\t" \
-   " addu    %2,%2,%5       \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "$10", "$11");
-
-#else
-
-#define TFM_ISO
-
-/* ISO C portable code */
-
-#define COMBA_START
-
-#define CLEAR_CARRY \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define CARRY_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_FINI
-
-/* multiplies point i and j, updates carry "c1" and digit c2 */
-#define SQRADD(i, j)                                 \
-   do { fp_word t;                                   \
-   t = c0 + ((fp_word)i) * ((fp_word)j);  c0 = (fp_digit)t;    \
-   t = c1 + (t >> DIGIT_BIT);             c1 = (fp_digit)t;    \
-                                          c2 +=(fp_digit) (t >> DIGIT_BIT); \
-   } while (0);
-
-
-/* for squaring some of the terms are doubled... */
-#define SQRADD2(i, j)                                                 \
-   do { fp_word t;                                                    \
-   t  = ((fp_word)i) * ((fp_word)j);                                  \
-   tt = (fp_word)c0 + t;                 c0 = (fp_digit)tt;           \
-   tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt;           \
-                                         c2 +=(fp_digit)(tt >> DIGIT_BIT);     \
-   tt = (fp_word)c0 + t;                 c0 = (fp_digit)tt;                    \
-   tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt;            \
-                                         c2 +=(fp_digit)(tt >> DIGIT_BIT);     \
-   } while (0);
-
-#define SQRADDSC(i, j)                                                         \
-   do { fp_word t;                                                             \
-      t =  ((fp_word)i) * ((fp_word)j);                                        \
-      sc0 = (fp_digit)t; sc1 = (t >> DIGIT_BIT); sc2 = 0;                      \
-   } while (0);
-
-#define SQRADDAC(i, j)                                                         \
-   do { fp_word t;                                                             \
-   t = sc0 + ((fp_word)i) * ((fp_word)j);  sc0 =  (fp_digit)t;                 \
-   t = sc1 + (t >> DIGIT_BIT);             sc1 =  (fp_digit)t;                 \
-                                           sc2 += (fp_digit)(t >> DIGIT_BIT);  \
-   } while (0);
-
-#define SQRADDDB                                                               \
-   do { fp_word t;                                                             \
-   t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t;                 \
-   t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT);                \
-                                             c1 = (fp_digit)t;                 \
-   c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT));   \
-   } while (0);
-
-#endif
-
-#ifdef TFM_SMALL_SET
-    #include "fp_sqr_comba_small_set.i"
-#endif
-
-#if defined(TFM_SQR3) && FP_SIZE >= 6
-    #include "fp_sqr_comba_3.i"
-#endif
-#if defined(TFM_SQR4) && FP_SIZE >= 8
-    #include "fp_sqr_comba_4.i"
-#endif
-#if defined(TFM_SQR6) && FP_SIZE >= 12
-    #include "fp_sqr_comba_6.i"
-#endif
-#if defined(TFM_SQR7) && FP_SIZE >= 14
-    #include "fp_sqr_comba_7.i"
-#endif
-#if defined(TFM_SQR8) && FP_SIZE >= 16
-    #include "fp_sqr_comba_8.i"
-#endif
-#if defined(TFM_SQR9) && FP_SIZE >= 18
-    #include "fp_sqr_comba_9.i"
-#endif
-#if defined(TFM_SQR12) && FP_SIZE >= 24
-    #include "fp_sqr_comba_12.i"
-#endif
-#if defined(TFM_SQR17) && FP_SIZE >= 34
-    #include "fp_sqr_comba_17.i"
-#endif
-#if defined(TFM_SQR20) && FP_SIZE >= 40
-    #include "fp_sqr_comba_20.i"
-#endif
-#if defined(TFM_SQR24) && FP_SIZE >= 48
-    #include "fp_sqr_comba_24.i"
-#endif
-#if defined(TFM_SQR28) && FP_SIZE >= 56
-    #include "fp_sqr_comba_28.i"
-#endif
-#if defined(TFM_SQR32) && FP_SIZE >= 64
-    #include "fp_sqr_comba_32.i"
-#endif
-#if defined(TFM_SQR48) && FP_SIZE >= 96
-    #include "fp_sqr_comba_48.i"
-#endif
-#if defined(TFM_SQR64) && FP_SIZE >= 128
-    #include "fp_sqr_comba_64.i"
-#endif
-/* end fp_sqr_comba.c asm */
-
-/* start fp_mul_comba.c asm */
-/* these are the combas.  Worship them. */
-#if defined(TFM_X86)
-/* Generic x86 optimized code */
-
-/* anything you need at the start */
-#define COMBA_START
-
-/* clear the chaining variables */
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-/* forward the carry to the next digit */
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-/* store the first sum */
-#define COMBA_STORE(x) \
-   x = c0;
-
-/* store the second sum [carry] */
-#define COMBA_STORE2(x) \
-   x = c1;
-
-/* anything you need at the end */
-#define COMBA_FINI
-
-/* this should multiply i and j  */
-#define MULADD(i, j)                                      \
-__asm__(                                                  \
-     "movl  %6,%%eax     \n\t"                            \
-     "mull  %7           \n\t"                            \
-     "addl  %%eax,%0     \n\t"                            \
-     "adcl  %%edx,%1     \n\t"                            \
-     "adcl  $0,%2        \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","%edx","cc");
-
-#elif defined(TFM_X86_64)
-/* x86-64 optimized */
-
-/* anything you need at the start */
-#define COMBA_START
-
-/* clear the chaining variables */
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-/* forward the carry to the next digit */
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-/* store the first sum */
-#define COMBA_STORE(x) \
-   x = c0;
-
-/* store the second sum [carry] */
-#define COMBA_STORE2(x) \
-   x = c1;
-
-/* anything you need at the end */
-#define COMBA_FINI
-
-/* this should multiply i and j  */
-#define MULADD(i, j)                                      \
-__asm__  (                                                \
-     "movq  %6,%%rax     \n\t"                            \
-     "mulq  %7           \n\t"                            \
-     "addq  %%rax,%0     \n\t"                            \
-     "adcq  %%rdx,%1     \n\t"                            \
-     "adcq  $0,%2        \n\t"                            \
-     :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j)  :"%rax","%rdx","cc");
-
-
-#if defined(HAVE_INTEL_MULX)
-#define MULADD_BODY(a,b,carry,c)                        \
-    __asm__ volatile(                                   \
-         "movq  %[a0],%%rdx\n\t"                        \
-         "xorq  %%rcx, %%rcx\n\t"                       \
-         "movq  0(%[cp]),%%r8\n\t"                      \
-         "movq  8(%[cp]),%%r9\n\t"                      \
-         "movq  16(%[cp]),%%r10\n\t"                    \
-         "movq  24(%[cp]),%%r11\n\t"                    \
-                                                        \
-         "mulx  (%[bp]),%%rax, %%rbx\n\t"               \
-         "adcxq  %[ca], %%r8\n\t"                       \
-         "adoxq  %%rax, %%r8\n\t"                       \
-         "mulx  8(%[bp]),%%rax, %%rcx\n\t"              \
-         "adcxq  %%rbx, %%r9\n\t"                       \
-         "adoxq  %%rax, %%r9\n\t"                       \
-         "mulx  16(%[bp]),%%rax, %%rbx\n\t"             \
-         "adcxq  %%rcx, %%r10\n\t"                      \
-         "adoxq  %%rax, %%r10\n\t"                      \
-         "mulx  24(%[bp]),%%rax, %%rcx\n\t"             \
-         "adcxq  %%rbx, %%r11\n\t"                      \
-         "mov $0, %[ca]\n\t"                            \
-         "adoxq  %%rax, %%r11\n\t"                      \
-         "adcxq  %%rcx, %[ca]\n\t"                      \
-         "mov $0, %%rdx\n\t"                            \
-         "adoxq  %%rdx, %[ca]\n\t"                      \
-                                                        \
-         "movq  %%r8, 0(%[cp])\n\t"                     \
-         "movq  %%r9, 8(%[cp])\n\t"                     \
-         "movq  %%r10, 16(%[cp])\n\t"                   \
-         "movq  %%r11, 24(%[cp])\n\t"                   \
-      : [ca] "+r" (carry)                               \
-      : [a0] "r" (a->dp[ix]), [bp] "r" (&(b->dp[iy])),  \
-        [cp] "r" (&(c->dp[iz]))                         \
-      : "%r8", "%r9", "%r10", "%r11",                   \
-        "%rdx", "%rax", "%rcx", "%rbx"                  \
-    )
-
-#define TFM_INTEL_MUL_COMBA(a, b, ca, c)   \
-    for (iz=0; iz<pa; iz++) c->dp[iz] = 0; \
-    for (ix=0; ix<a->used; ix++) {         \
-        ca = 0;                            \
-        for (iy=0; iy<b->used; iy+=4) {    \
-            iz = ix + iy;                  \
-            MULADD_BODY(a, b, ca, c);      \
-        }                                  \
-        c->dp[ix + iy] = ca;               \
-    }
-#endif
-
-#elif defined(TFM_SSE2)
-/* use SSE2 optimizations */
-
-/* anything you need at the start */
-#define COMBA_START
-
-/* clear the chaining variables */
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-/* forward the carry to the next digit */
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-/* store the first sum */
-#define COMBA_STORE(x) \
-   x = c0;
-
-/* store the second sum [carry] */
-#define COMBA_STORE2(x) \
-   x = c1;
-
-/* anything you need at the end */
-#define COMBA_FINI \
-   __asm__("emms");
-
-/* this should multiply i and j  */
-#define MULADD(i, j)                                     \
-__asm__(                                                 \
-    "movd  %6,%%mm0     \n\t"                            \
-    "movd  %7,%%mm1     \n\t"                            \
-    "pmuludq %%mm1,%%mm0\n\t"                            \
-    "movd  %%mm0,%%eax  \n\t"                            \
-    "psrlq $32,%%mm0    \n\t"                            \
-    "addl  %%eax,%0     \n\t"                            \
-    "movd  %%mm0,%%eax  \n\t"                            \
-    "adcl  %%eax,%1     \n\t"                            \
-    "adcl  $0,%2        \n\t"                            \
-    :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j)  :"%eax","cc");
-
-#elif defined(TFM_ARM)
-/* ARM code */
-
-#define COMBA_START
-
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define COMBA_FINI
-
-#define MULADD(i, j)                                          \
-__asm__(                                                      \
-"  UMULL  r0,r1,%6,%7           \n\t"                         \
-"  ADDS   %0,%0,r0              \n\t"                         \
-"  ADCS   %1,%1,r1              \n\t"                         \
-"  ADC    %2,%2,#0              \n\t"                         \
-:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc");
-
-#elif defined(TFM_PPC32)
-/* For 32-bit PPC */
-
-#define COMBA_START
-
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define COMBA_FINI
-
-/* untested: will mulhwu change the flags?  Docs say no */
-#define MULADD(i, j)             \
-__asm__(                         \
-   " mullw  16,%6,%7       \n\t" \
-   " addc   %0,%0,16       \n\t" \
-   " mulhwu 16,%6,%7       \n\t" \
-   " adde   %1,%1,16       \n\t" \
-   " addze  %2,%2          \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16");
-
-#elif defined(TFM_PPC64)
-/* For 64-bit PPC */
-
-#define COMBA_START
-
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define COMBA_FINI
-
-/* untested: will mulhdu change the flags?  Docs say no */
-#define MULADD(i, j)              \
-____asm__(                        \
-   " mulld  r16,%6,%7       \n\t" \
-   " addc   %0,%0,16        \n\t" \
-   " mulhdu r16,%6,%7       \n\t" \
-   " adde   %1,%1,16        \n\t" \
-   " addze  %2,%2           \n\t" \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r16");
-
-#elif defined(TFM_AVR32)
-
-/* ISO C code */
-
-#define COMBA_START
-
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define COMBA_FINI
-
-#define MULADD(i, j)             \
-____asm__(                       \
-   " mulu.d r2,%6,%7        \n\t"\
-   " add    %0,r2           \n\t"\
-   " adc    %1,%1,r3        \n\t"\
-   " acr    %2              \n\t"\
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r2","r3");
-
-#elif defined(TFM_MIPS)
-
-/* MIPS */
-#define COMBA_START
-
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define COMBA_FINI
-
-#define MULADD(i, j)              \
-__asm__(                          \
-   " multu  %6,%7          \n\t"  \
-   " mflo   $12            \n\t"  \
-   " mfhi   $13            \n\t"  \
-   " addu    %0,%0,$12     \n\t"  \
-   " sltu   $12,%0,$12     \n\t"  \
-   " addu    %1,%1,$13     \n\t"  \
-   " sltu   $13,%1,$13     \n\t"  \
-   " addu    %1,%1,$12     \n\t"  \
-   " sltu   $12,%1,$12     \n\t"  \
-   " addu    %2,%2,$13     \n\t"  \
-   " addu    %2,%2,$12     \n\t"  \
-:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"$12","$13");
-
-#else
-/* ISO C code */
-
-#define COMBA_START
-
-#define COMBA_CLEAR \
-   c0 = c1 = c2 = 0;
-
-#define COMBA_FORWARD \
-   do { c0 = c1; c1 = c2; c2 = 0; } while (0);
-
-#define COMBA_STORE(x) \
-   x = c0;
-
-#define COMBA_STORE2(x) \
-   x = c1;
-
-#define COMBA_FINI
-
-#define MULADD(i, j)                                                                                                                                  \
-   do { fp_word t;                                      \
-   t = (fp_word)c0 + ((fp_word)i) * ((fp_word)j);       \
-   c0 = (fp_digit)t;                                    \
-   t = (fp_word)c1 + (t >> DIGIT_BIT);                  \
-   c1 = (fp_digit)t;                                    \
-   c2 += (fp_digit)(t >> DIGIT_BIT);                    \
-   } while (0);
-
-#endif
-
-
-#ifdef TFM_SMALL_SET
-    #include "fp_mul_comba_small_set.i"
-#endif
-
-#if defined(TFM_MUL3) && FP_SIZE >= 6
-    #include "fp_mul_comba_3.i"
-#endif
-#if defined(TFM_MUL4) && FP_SIZE >= 8
-    #include "fp_mul_comba_4.i"
-#endif
-#if defined(TFM_MUL6) && FP_SIZE >= 12
-    #include "fp_mul_comba_6.i"
-#endif
-#if defined(TFM_MUL7) && FP_SIZE >= 14
-    #include "fp_mul_comba_7.i"
-#endif
-#if defined(TFM_MUL8) && FP_SIZE >= 16
-    #include "fp_mul_comba_8.i"
-#endif
-#if defined(TFM_MUL9) && FP_SIZE >= 18
-    #include "fp_mul_comba_9.i"
-#endif
-#if defined(TFM_MUL12) && FP_SIZE >= 24
-    #include "fp_mul_comba_12.i"
-#endif
-#if defined(TFM_MUL17) && FP_SIZE >= 34
-    #include "fp_mul_comba_17.i"
-#endif
-#if defined(TFM_MUL20) && FP_SIZE >= 40
-    #include "fp_mul_comba_20.i"
-#endif
-#if defined(TFM_MUL24) && FP_SIZE >= 48
-    #include "fp_mul_comba_24.i"
-#endif
-#if defined(TFM_MUL28) && FP_SIZE >= 56
-    #include "fp_mul_comba_28.i"
-#endif
-#if defined(TFM_MUL32) && FP_SIZE >= 64
-    #include "fp_mul_comba_32.i"
-#endif
-#if defined(TFM_MUL48) && FP_SIZE >= 96
-    #include "fp_mul_comba_48.i"
-#endif
-#if defined(TFM_MUL64) && FP_SIZE >= 128
-    #include "fp_mul_comba_64.i"
-#endif
-
-/* end fp_mul_comba.c asm */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/blake2b.c b/src/ssl/wolfssl/wolfcrypt/blake2b.c
deleted file mode 100644
index 1f473cdd1..000000000
--- a/src/ssl/wolfssl/wolfcrypt/blake2b.c
+++ /dev/null
@@ -1,517 +0,0 @@
-/*
-   BLAKE2 reference source code package - reference C implementations
-
-   Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2b.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_BLAKE2
-
-#include <wolfssl/wolfcrypt/blake2.h>
-#include <wolfssl/wolfcrypt/blake2-impl.h>
-
-static const word64 blake2b_IV[8] =
-{
-  W64LIT(0x6a09e667f3bcc908), W64LIT(0xbb67ae8584caa73b),
-  W64LIT(0x3c6ef372fe94f82b), W64LIT(0xa54ff53a5f1d36f1),
-  W64LIT(0x510e527fade682d1), W64LIT(0x9b05688c2b3e6c1f),
-  W64LIT(0x1f83d9abfb41bd6b), W64LIT(0x5be0cd19137e2179)
-};
-
-static const byte blake2b_sigma[12][16] =
-{
-  {  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15 } ,
-  { 14, 10,  4,  8,  9, 15, 13,  6,  1, 12,  0,  2, 11,  7,  5,  3 } ,
-  { 11,  8, 12,  0,  5,  2, 15, 13, 10, 14,  3,  6,  7,  1,  9,  4 } ,
-  {  7,  9,  3,  1, 13, 12, 11, 14,  2,  6,  5, 10,  4,  0, 15,  8 } ,
-  {  9,  0,  5,  7,  2,  4, 10, 15, 14,  1, 11, 12,  6,  8,  3, 13 } ,
-  {  2, 12,  6, 10,  0, 11,  8,  3,  4, 13,  7,  5, 15, 14,  1,  9 } ,
-  { 12,  5,  1, 15, 14, 13,  4, 10,  0,  7,  6,  3,  9,  2,  8, 11 } ,
-  { 13, 11,  7, 14, 12,  1,  3,  9,  5,  0, 15,  4,  8,  6,  2, 10 } ,
-  {  6, 15, 14,  9, 11,  3,  0,  8, 12,  2, 13,  7,  1,  4, 10,  5 } ,
-  { 10,  2,  8,  4,  7,  6,  1,  5, 15, 11,  9, 14,  3, 12, 13 , 0 } ,
-  {  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15 } ,
-  { 14, 10,  4,  8,  9, 15, 13,  6,  1, 12,  0,  2, 11,  7,  5,  3 }
-};
-
-
-static WC_INLINE int blake2b_set_lastnode( blake2b_state *S )
-{
-  S->f[1] = ~W64LIT(0);
-  return 0;
-}
-
-/* Some helper functions, not necessarily useful */
-static WC_INLINE int blake2b_set_lastblock( blake2b_state *S )
-{
-  if( S->last_node ) blake2b_set_lastnode( S );
-
-  S->f[0] = ~W64LIT(0);
-  return 0;
-}
-
-static WC_INLINE int blake2b_increment_counter( blake2b_state *S, const word64
-                                             inc )
-{
-  S->t[0] += inc;
-  S->t[1] += ( S->t[0] < inc );
-  return 0;
-}
-
-static WC_INLINE int blake2b_init0( blake2b_state *S )
-{
-  int i;
-  XMEMSET( S, 0, sizeof( blake2b_state ) );
-
-  for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i];
-
-  return 0;
-}
-
-/* init xors IV with input parameter block */
-int blake2b_init_param( blake2b_state *S, const blake2b_param *P )
-{
-  word32 i;
-  byte *p ;
-  blake2b_init0( S );
-  p =  ( byte * )( P );
-
-  /* IV XOR ParamBlock */
-  for( i = 0; i < 8; ++i )
-    S->h[i] ^= load64( p + sizeof( S->h[i] ) * i );
-
-  return 0;
-}
-
-
-int blake2b_init( blake2b_state *S, const byte outlen )
-{
-#ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD
-  blake2b_param P[1];
-#else
-  volatile blake2b_param P[1];
-#endif
-
-  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD
-  P->digest_length = outlen;
-  P->key_length    = 0;
-  P->fanout        = 1;
-  P->depth         = 1;
-  store32( &P->leaf_length, 0 );
-  store64( &P->node_offset, 0 );
-  P->node_depth    = 0;
-  P->inner_length  = 0;
-  XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
-  XMEMSET( P->salt,     0, sizeof( P->salt ) );
-  XMEMSET( P->personal, 0, sizeof( P->personal ) );
-#else
-  XMEMSET( (blake2b_param *)P, 0, sizeof( *P ) );
-  P->digest_length = outlen;
-  P->fanout        = 1;
-  P->depth         = 1;
-#endif
-  return blake2b_init_param( S, (blake2b_param *)P );
-}
-
-
-int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key,
-                      const byte keylen )
-{
-  int ret = 0;
-#ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD
-  blake2b_param P[1];
-#else
-  volatile blake2b_param P[1];
-#endif
-
-  if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return BAD_FUNC_ARG;
-
-  if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_BLAKE2B_INIT_EACH_FIELD
-  P->digest_length = outlen;
-  P->key_length    = keylen;
-  P->fanout        = 1;
-  P->depth         = 1;
-  store32( &P->leaf_length, 0 );
-  store64( &P->node_offset, 0 );
-  P->node_depth    = 0;
-  P->inner_length  = 0;
-  XMEMSET( P->reserved, 0, sizeof( P->reserved ) );
-  XMEMSET( P->salt,     0, sizeof( P->salt ) );
-  XMEMSET( P->personal, 0, sizeof( P->personal ) );
-#else
-  XMEMSET( (blake2b_param *)P, 0, sizeof( *P ) );
-  P->digest_length = outlen;
-  P->key_length    = keylen;
-  P->fanout        = 1;
-  P->depth         = 1;
-#endif
-
-  ret = blake2b_init_param( S, (blake2b_param *)P );
-  if ( ret < 0 ) return ret;
-
-  {
-#ifdef WOLFSSL_SMALL_STACK
-    byte* block;
-
-    block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if ( block == NULL ) return MEMORY_E;
-#else
-    byte block[BLAKE2B_BLOCKBYTES];
-#endif
-
-    XMEMSET( block, 0, BLAKE2B_BLOCKBYTES );
-    XMEMCPY( block, key, keylen );
-    ret = blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
-    secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */
-                                                     /* memory */
-
-    WC_FREE_VAR_EX(block, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  }
-  return ret;
-}
-
-static WC_INLINE int blake2b_compress(
-    blake2b_state *S,
-    const byte block[BLAKE2B_BLOCKBYTES],
-    word64* m,
-    word64* v)
-{
-  word64 i;
-
-  for( i = 0; i < 16; ++i )
-    m[i] = load64( block + i * sizeof( m[i] ) );
-
-  for( i = 0; i < 8; ++i )
-    v[i] = S->h[i];
-
-  v[ 8] = blake2b_IV[0];
-  v[ 9] = blake2b_IV[1];
-  v[10] = blake2b_IV[2];
-  v[11] = blake2b_IV[3];
-  v[12] = S->t[0] ^ blake2b_IV[4];
-  v[13] = S->t[1] ^ blake2b_IV[5];
-  v[14] = S->f[0] ^ blake2b_IV[6];
-  v[15] = S->f[1] ^ blake2b_IV[7];
-#define G(r,i,a,b,c,d) \
-  do { \
-      (a) = (a) + (b) + m[blake2b_sigma[r][2*(i)+0]];   \
-      (d) = rotr64((d) ^ (a), 32);                      \
-      (c) = (c) + (d);                                  \
-      (b) = rotr64((b) ^ (c), 24);                      \
-      (a) = (a) + (b) + m[blake2b_sigma[r][2*(i)+1]];   \
-      (d) = rotr64((d) ^ (a), 16);                      \
-      (c) = (c) + (d);                                  \
-      (b) = rotr64((b) ^ (c), 63);                      \
-  } while(0)
-#define ROUND(r)  \
-  do { \
-    G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
-    G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
-    G(r,2,v[ 2],v[ 6],v[10],v[14]); \
-    G(r,3,v[ 3],v[ 7],v[11],v[15]); \
-    G(r,4,v[ 0],v[ 5],v[10],v[15]); \
-    G(r,5,v[ 1],v[ 6],v[11],v[12]); \
-    G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
-    G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
-  } while(0)
-  ROUND( 0 );
-  ROUND( 1 );
-  ROUND( 2 );
-  ROUND( 3 );
-  ROUND( 4 );
-  ROUND( 5 );
-  ROUND( 6 );
-  ROUND( 7 );
-  ROUND( 8 );
-  ROUND( 9 );
-  ROUND( 10 );
-  ROUND( 11 );
-
-  for( i = 0; i < 8; ++i )
-    S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
-
-#undef G
-#undef ROUND
-
-  return 0;
-}
-
-/* inlen now in bytes */
-int blake2b_update( blake2b_state *S, const byte *in, word64 inlen )
-{
-  int ret = 0;
-#ifdef WOLFSSL_SMALL_STACK
-  word64* m;
-  word64* v;
-
-  m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  if ( m == NULL ) return MEMORY_E;
-
-  v = &m[16];
-#else
-  word64 m[16];
-  word64 v[16];
-#endif
-
-  while( inlen > 0 )
-  {
-    word64 left = S->buflen;
-    word64 fill = 2 * BLAKE2B_BLOCKBYTES - left;
-
-    if( inlen > fill )
-    {
-      XMEMCPY( S->buf + left, in, (wolfssl_word)fill ); /* Fill buffer */
-      S->buflen += fill;
-      blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
-
-      {
-          ret = blake2b_compress( S, S->buf, m, v );
-          if (ret < 0) break;
-      }
-
-      XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES );
-              /* Shift buffer left */
-      S->buflen -= BLAKE2B_BLOCKBYTES;
-      in += fill;
-      inlen -= fill;
-    }
-    else /* inlen <= fill */
-    {
-      XMEMCPY( S->buf + left, in, (wolfssl_word)inlen );
-      S->buflen += inlen; /* Be lazy, do not compress */
-      inlen = 0;
-    }
-  }
-
-  WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  return ret;
-}
-
-/* Is this correct? */
-int blake2b_final( blake2b_state *S, byte *out, byte outlen )
-{
-  int ret = 0;
-  byte buffer[BLAKE2B_OUTBYTES];
-  word64    i;
-#ifdef WOLFSSL_SMALL_STACK
-  word64* m;
-  word64* v;
-
-  m = (word64*)XMALLOC(sizeof(word64) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  if ( m == NULL ) return MEMORY_E;
-
-  v = &m[16];
-#else
-  word64 m[16];
-  word64 v[16];
-#endif
-
-  if( S->buflen > BLAKE2B_BLOCKBYTES )
-  {
-    blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
-
-    {
-      ret = blake2b_compress( S, S->buf, m, v );
-      if (ret < 0) goto out;
-    }
-
-    S->buflen -= BLAKE2B_BLOCKBYTES;
-    if ( S->buflen > BLAKE2B_BLOCKBYTES )
-      return BAD_LENGTH_E;
-    XMEMMOVE( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (wolfssl_word)S->buflen );
-  }
-
-  blake2b_increment_counter( S, S->buflen );
-  blake2b_set_lastblock( S );
-  XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) );
-         /* Padding */
-  {
-    ret = blake2b_compress( S, S->buf, m, v );
-    if (ret < 0) goto out;
-  }
-
-  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
-    store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
-
-  XMEMCPY( out, buffer, outlen );
-
- out:
-
-  WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  return ret;
-}
-
-/* inlen, at least, should be word64. Others can be size_t. */
-int blake2b( byte *out, const void *in, const void *key, const byte outlen,
-             const word64 inlen, byte keylen )
-{
-  blake2b_state S[1];
-
-  /* Verify parameters */
-  if ( NULL == in ) return BAD_FUNC_ARG;
-
-  if ( NULL == out ) return BAD_FUNC_ARG;
-
-  if( NULL == key ) keylen = 0;
-
-  if( keylen > 0 )
-  {
-    int ret = blake2b_init_key( S, outlen, key, keylen );
-    if (ret < 0) return ret;
-  }
-  else
-  {
-    int ret = blake2b_init( S, outlen );
-    if (ret < 0) return ret;
-  }
-
-  {
-    int ret = blake2b_update( S, ( byte * )in, inlen );
-    if (ret < 0) return ret;
-  }
-
-  return blake2b_final( S, out, outlen );
-}
-
-#if defined(BLAKE2B_SELFTEST)
-#include <string.h>
-#include "blake2-kat.h"
-int main( int argc, char **argv )
-{
-  byte key[BLAKE2B_KEYBYTES];
-  byte buf[KAT_LENGTH];
-
-  for( word32 i = 0; i < BLAKE2B_KEYBYTES; ++i )
-    key[i] = ( byte )i;
-
-  for( word32 i = 0; i < KAT_LENGTH; ++i )
-    buf[i] = ( byte )i;
-
-  for( word32 i = 0; i < KAT_LENGTH; ++i )
-  {
-    byte hash[BLAKE2B_OUTBYTES];
-    if ( blake2b( hash, buf, key, BLAKE2B_OUTBYTES, i, BLAKE2B_KEYBYTES ) < 0 )
-    {
-      puts( "error" );
-      return -1;
-    }
-
-    if( 0 != XMEMCMP( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) )
-    {
-      puts( "error" );
-      return -1;
-    }
-  }
-
-  puts( "ok" );
-  return 0;
-}
-#endif
-
-
-/* wolfCrypt API */
-
-/* Init Blake2b digest, track size in case final doesn't want to "remember" */
-int wc_InitBlake2b(Blake2b* b2b, word32 digestSz)
-{
-    if (b2b == NULL){
-        return BAD_FUNC_ARG;
-    }
-    b2b->digestSz = digestSz;
-
-    return blake2b_init(b2b->S, (byte)digestSz);
-}
-
-/* Init Blake2b digest with key, track size in case final doesn't want to "remember" */
-int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz, const byte *key, word32 keylen)
-{
-    if (b2b == NULL){
-        return BAD_FUNC_ARG;
-    }
-    b2b->digestSz = digestSz;
-
-    if (keylen >= 256)
-        return BAD_FUNC_ARG;
-
-    if (key)
-        return blake2b_init_key(b2b->S, (byte)digestSz, key, (byte)keylen);
-    else
-        return blake2b_init(b2b->S, (byte)digestSz);
-}
-
-/* Blake2b Update */
-int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz)
-{
-    if (b2b == NULL){
-        return BAD_FUNC_ARG;
-    }
-    if (data == NULL && sz != 0){
-        return BAD_FUNC_ARG;
-    }
-    if (sz == 0){
-        return 0;
-    }
-
-    return blake2b_update(b2b->S, data, sz);
-}
-
-
-/* Blake2b Final, if pass in zero size we use init digestSz */
-int wc_Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz)
-{
-    word32 sz;
-
-    if (b2b == NULL){
-        return BAD_FUNC_ARG;
-    }
-    if (final == NULL){
-        return BAD_FUNC_ARG;
-    }
-
-    sz = requestSz ? requestSz : b2b->digestSz;
-
-    return blake2b_final(b2b->S, final, (byte)sz);
-}
-
-
-/* end CTaoCrypt API */
-
-#endif  /* HAVE_BLAKE2 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/blake2s.c b/src/ssl/wolfssl/wolfcrypt/blake2s.c
deleted file mode 100644
index cf5c9f2ff..000000000
--- a/src/ssl/wolfssl/wolfcrypt/blake2s.c
+++ /dev/null
@@ -1,511 +0,0 @@
-/*
-   BLAKE2 reference source code package - reference C implementations
-
-   Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2s.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_BLAKE2S
-
-#include <wolfssl/wolfcrypt/blake2.h>
-#include <wolfssl/wolfcrypt/blake2-impl.h>
-
-static const word32 blake2s_IV[8] =
-{
-  0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
-  0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
-};
-
-static const byte blake2s_sigma[10][16] =
-{
-  {  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15 } ,
-  { 14, 10,  4,  8,  9, 15, 13,  6,  1, 12,  0,  2, 11,  7,  5,  3 } ,
-  { 11,  8, 12,  0,  5,  2, 15, 13, 10, 14,  3,  6,  7,  1,  9,  4 } ,
-  {  7,  9,  3,  1, 13, 12, 11, 14,  2,  6,  5, 10,  4,  0, 15,  8 } ,
-  {  9,  0,  5,  7,  2,  4, 10, 15, 14,  1, 11, 12,  6,  8,  3, 13 } ,
-  {  2, 12,  6, 10,  0, 11,  8,  3,  4, 13,  7,  5, 15, 14,  1,  9 } ,
-  { 12,  5,  1, 15, 14, 13,  4, 10,  0,  7,  6,  3,  9,  2,  8, 11 } ,
-  { 13, 11,  7, 14, 12,  1,  3,  9,  5,  0, 15,  4,  8,  6,  2, 10 } ,
-  {  6, 15, 14,  9, 11,  3,  0,  8, 12,  2, 13,  7,  1,  4, 10,  5 } ,
-  { 10,  2,  8,  4,  7,  6,  1,  5, 15, 11,  9, 14,  3, 12, 13 , 0 }
-};
-
-
-static WC_INLINE int blake2s_set_lastnode( blake2s_state *S )
-{
-  S->f[1] = ~0U;
-  return 0;
-}
-
-/* Some helper functions, not necessarily useful */
-static WC_INLINE int blake2s_set_lastblock( blake2s_state *S )
-{
-  if( S->last_node ) blake2s_set_lastnode( S );
-
-  S->f[0] = ~0U;
-  return 0;
-}
-
-static WC_INLINE int blake2s_increment_counter( blake2s_state *S, const word32
-                                             inc )
-{
-  S->t[0] += inc;
-  S->t[1] += ( S->t[0] < inc );
-  return 0;
-}
-
-static WC_INLINE int blake2s_init0( blake2s_state *S )
-{
-  int i;
-  XMEMSET( S, 0, sizeof( blake2s_state ) );
-
-  for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i];
-
-  return 0;
-}
-
-/* init xors IV with input parameter block */
-int blake2s_init_param( blake2s_state *S, const blake2s_param *P )
-{
-  word32 i;
-  byte *p ;
-  blake2s_init0( S );
-  p =  ( byte * )( P );
-
-  /* IV XOR ParamBlock */
-  for( i = 0; i < 8; ++i )
-    S->h[i] ^= load32( p + sizeof( S->h[i] ) * i );
-
-  return 0;
-}
-
-
-
-int blake2s_init( blake2s_state *S, const byte outlen )
-{
-#ifdef WOLFSSL_BLAKE2S_INIT_EACH_FIELD
-  blake2s_param P[1];
-#else
-  volatile blake2s_param P[1];
-#endif
-
-  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_BLAKE2S_INIT_EACH_FIELD
-  P->digest_length = outlen;
-  P->key_length    = 0;
-  P->fanout        = 1;
-  P->depth         = 1;
-  store32( &P->leaf_length, 0 );
-  store32( &P->node_offset, 0 );
-  P->node_depth    = 0;
-  P->inner_length  = 0;
-  XMEMSET( P->salt,     0, sizeof( P->salt ) );
-  XMEMSET( P->personal, 0, sizeof( P->personal ) );
-#else
-  XMEMSET( (blake2s_param *)P, 0, sizeof( *P ) );
-  P->digest_length = outlen;
-  P->fanout        = 1;
-  P->depth         = 1;
-#endif
-  return blake2s_init_param( S, (blake2s_param *)P );
-}
-
-
-int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key,
-                      const byte keylen )
-{
-  int ret = 0;
-#ifdef WOLFSSL_BLAKE2S_INIT_EACH_FIELD
-  blake2s_param P[1];
-#else
-  volatile blake2s_param P[1];
-#endif
-
-  if ( ( !outlen ) || ( outlen > BLAKE2S_OUTBYTES ) ) return BAD_FUNC_ARG;
-
-  if ( !key || !keylen || keylen > BLAKE2S_KEYBYTES ) return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_BLAKE2S_INIT_EACH_FIELD
-  P->digest_length = outlen;
-  P->key_length    = keylen;
-  P->fanout        = 1;
-  P->depth         = 1;
-  store32( &P->leaf_length, 0 );
-  store64( &P->node_offset, 0 );
-  P->node_depth    = 0;
-  P->inner_length  = 0;
-  XMEMSET( P->salt,     0, sizeof( P->salt ) );
-  XMEMSET( P->personal, 0, sizeof( P->personal ) );
-#else
-  XMEMSET( (blake2s_param *)P, 0, sizeof( *P ) );
-  P->digest_length = outlen;
-  P->key_length    = keylen;
-  P->fanout        = 1;
-  P->depth         = 1;
-#endif
-
-  ret = blake2s_init_param( S, (blake2s_param *)P );
-  if (ret < 0)
-      return ret;
-
-  {
-#ifdef WOLFSSL_SMALL_STACK
-    byte* block;
-
-    block = (byte*)XMALLOC(BLAKE2S_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if ( block == NULL ) return MEMORY_E;
-#else
-    byte block[BLAKE2S_BLOCKBYTES];
-#endif
-
-    XMEMSET( block, 0, BLAKE2S_BLOCKBYTES );
-    XMEMCPY( block, key, keylen );
-    ret = blake2s_update( S, block, BLAKE2S_BLOCKBYTES );
-    secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from */
-                                                     /* memory */
-
-    WC_FREE_VAR_EX(block, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  }
-  return ret;
-}
-
-static WC_INLINE int blake2s_compress(
-    blake2s_state *S,
-    const byte block[BLAKE2S_BLOCKBYTES],
-    word32* m,
-    word32* v)
-{
-  word32 i;
-
-  for( i = 0; i < 16; ++i )
-    m[i] = load32( block + i * sizeof( m[i] ) );
-
-  for( i = 0; i < 8; ++i )
-    v[i] = S->h[i];
-
-  v[ 8] = blake2s_IV[0];
-  v[ 9] = blake2s_IV[1];
-  v[10] = blake2s_IV[2];
-  v[11] = blake2s_IV[3];
-  v[12] = S->t[0] ^ blake2s_IV[4];
-  v[13] = S->t[1] ^ blake2s_IV[5];
-  v[14] = S->f[0] ^ blake2s_IV[6];
-  v[15] = S->f[1] ^ blake2s_IV[7];
-#define G(r,i,a,b,c,d) \
-  do { \
-      (a) = (a) + (b) + m[blake2s_sigma[r][2*(i)+0]];   \
-      (d) = rotr32((d) ^ (a), 16);                      \
-      (c) = (c) + (d);                                  \
-      (b) = rotr32((b) ^ (c), 12);                      \
-      (a) = (a) + (b) + m[blake2s_sigma[r][2*(i)+1]];   \
-      (d) = rotr32((d) ^ (a), 8);                       \
-      (c) = (c) + (d);                                  \
-      (b) = rotr32((b) ^ (c), 7);                       \
-  } while(0)
-#define ROUND(r)  \
-  do { \
-    G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \
-    G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \
-    G(r,2,v[ 2],v[ 6],v[10],v[14]); \
-    G(r,3,v[ 3],v[ 7],v[11],v[15]); \
-    G(r,4,v[ 0],v[ 5],v[10],v[15]); \
-    G(r,5,v[ 1],v[ 6],v[11],v[12]); \
-    G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \
-    G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \
-  } while(0)
-  ROUND( 0 );
-  ROUND( 1 );
-  ROUND( 2 );
-  ROUND( 3 );
-  ROUND( 4 );
-  ROUND( 5 );
-  ROUND( 6 );
-  ROUND( 7 );
-  ROUND( 8 );
-  ROUND( 9 );
-
-  for( i = 0; i < 8; ++i )
-    S->h[i] = S->h[i] ^ v[i] ^ v[i + 8];
-
-#undef G
-#undef ROUND
-
-  return 0;
-}
-
-/* inlen now in bytes */
-int blake2s_update( blake2s_state *S, const byte *in, word32 inlen )
-{
-  int ret = 0;
-#ifdef WOLFSSL_SMALL_STACK
-  word32* m;
-  word32* v;
-
-  m = (word32*)XMALLOC(sizeof(word32) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  if ( m == NULL ) return MEMORY_E;
-
-  v = &m[16];
-#else
-  word32 m[16];
-  word32 v[16];
-#endif
-
-  while( inlen > 0 )
-  {
-    word32 left = S->buflen;
-    word32 fill = 2 * BLAKE2S_BLOCKBYTES - left;
-
-    if( inlen > fill )
-    {
-      XMEMCPY( S->buf + left, in, (wolfssl_word)fill ); /* Fill buffer */
-      S->buflen += fill;
-      blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
-
-      {
-          ret= blake2s_compress( S, S->buf, m, v );
-          if (ret < 0) break;
-      }
-
-      XMEMCPY( S->buf, S->buf + BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES );
-              /* Shift buffer left */
-      S->buflen -= BLAKE2S_BLOCKBYTES;
-      in += fill;
-      inlen -= fill;
-    }
-    else /* inlen <= fill */
-    {
-      XMEMCPY( S->buf + left, in, (wolfssl_word)inlen );
-      S->buflen += inlen; /* Be lazy, do not compress */
-      inlen = 0;
-    }
-  }
-
-  WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  return ret;
-}
-
-/* Is this correct? */
-int blake2s_final( blake2s_state *S, byte *out, byte outlen )
-{
-  int ret = 0;
-  word32    i;
-  byte buffer[BLAKE2S_BLOCKBYTES];
-#ifdef WOLFSSL_SMALL_STACK
-  word32* m;
-  word32* v;
-
-  m = (word32*)XMALLOC(sizeof(word32) * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  if ( m == NULL ) return MEMORY_E;
-
-  v = &m[16];
-#else
-  word32 m[16];
-  word32 v[16];
-#endif
-
-  if( S->buflen > BLAKE2S_BLOCKBYTES )
-  {
-    blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );
-
-    {
-        ret = blake2s_compress( S, S->buf, m, v );
-        if (ret < 0) goto out;
-    }
-
-    S->buflen -= BLAKE2S_BLOCKBYTES;
-    XMEMCPY( S->buf, S->buf + BLAKE2S_BLOCKBYTES, (wolfssl_word)S->buflen );
-  }
-
-  blake2s_increment_counter( S, S->buflen );
-  blake2s_set_lastblock( S );
-  XMEMSET( S->buf + S->buflen, 0, (wolfssl_word)(2 * BLAKE2S_BLOCKBYTES - S->buflen) );
-         /* Padding */
-  {
-      ret = blake2s_compress( S, S->buf, m, v );
-      if (ret < 0) goto out;
-  }
-
-  for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
-    store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
-
-  XMEMCPY( out, buffer, outlen );
-
- out:
-
-  WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-  return ret;
-}
-
-/* inlen, at least, should be word32. Others can be size_t. */
-int blake2s( byte *out, const void *in, const void *key, const byte outlen,
-             const word32 inlen, byte keylen )
-{
-  blake2s_state S[1];
-
-  /* Verify parameters */
-  if ( NULL == in ) return BAD_FUNC_ARG;
-
-  if ( NULL == out ) return BAD_FUNC_ARG;
-
-  if( NULL == key ) keylen = 0;
-
-  if( keylen > 0 )
-  {
-      int ret = blake2s_init_key( S, outlen, key, keylen );
-      if (ret < 0) return ret;
-  }
-  else
-  {
-      int ret = blake2s_init( S, outlen );
-      if (ret < 0) return ret;
-  }
-
-  {
-      int ret = blake2s_update( S, ( byte * )in, inlen );
-      if (ret < 0) return ret;
-  }
-
-  return blake2s_final( S, out, outlen );
-}
-
-#if defined(BLAKE2S_SELFTEST)
-#include <string.h>
-#include "blake2-kat.h"
-int main( int argc, char **argv )
-{
-  byte key[BLAKE2S_KEYBYTES];
-  byte buf[KAT_LENGTH];
-
-  for( word32 i = 0; i < BLAKE2S_KEYBYTES; ++i )
-    key[i] = ( byte )i;
-
-  for( word32 i = 0; i < KAT_LENGTH; ++i )
-    buf[i] = ( byte )i;
-
-  for( word32 i = 0; i < KAT_LENGTH; ++i )
-  {
-    byte hash[BLAKE2S_OUTBYTES];
-    if ( blake2s( hash, buf, key, BLAKE2S_OUTBYTES, i, BLAKE2S_KEYBYTES ) < 0 )
-    {
-      puts( "error" );
-      return -1;
-    }
-
-    if( 0 != XMEMCMP( hash, blake2s_keyed_kat[i], BLAKE2S_OUTBYTES ) )
-    {
-      puts( "error" );
-      return -1;
-    }
-  }
-
-  puts( "ok" );
-  return 0;
-}
-#endif
-
-
-/* wolfCrypt API */
-
-/* Init Blake2s digest, track size in case final doesn't want to "remember" */
-int wc_InitBlake2s(Blake2s* b2s, word32 digestSz)
-{
-    if (b2s == NULL){
-        return BAD_FUNC_ARG;
-    }
-    b2s->digestSz = digestSz;
-
-    return blake2s_init(b2s->S, (byte)digestSz);
-}
-
-
-/* Init Blake2s digest with key, track size in case final doesn't want to "remember" */
-int wc_InitBlake2s_WithKey(Blake2s* b2s, word32 digestSz, const byte *key, word32 keylen)
-{
-    if (b2s == NULL){
-        return BAD_FUNC_ARG;
-    }
-    b2s->digestSz = digestSz;
-
-    if (keylen >= 256)
-        return BAD_FUNC_ARG;
-
-    if (key)
-        return blake2s_init_key(b2s->S, (byte)digestSz, key, (byte)keylen);
-    else
-        return blake2s_init(b2s->S, (byte)digestSz);
-}
-
-
-/* Blake2s Update */
-int wc_Blake2sUpdate(Blake2s* b2s, const byte* data, word32 sz)
-{
-    if (b2s == NULL){
-        return BAD_FUNC_ARG;
-    }
-    if (data == NULL && sz != 0){
-        return BAD_FUNC_ARG;
-    }
-    if (sz == 0){
-        return 0;
-    }
-
-    return blake2s_update(b2s->S, data, sz);
-}
-
-
-/* Blake2s Final, if pass in zero size we use init digestSz */
-int wc_Blake2sFinal(Blake2s* b2s, byte* final, word32 requestSz)
-{
-    word32 sz;
-
-    if (b2s == NULL){
-        return BAD_FUNC_ARG;
-    }
-    if (final == NULL){
-        return BAD_FUNC_ARG;
-    }
-
-    sz = requestSz ? requestSz : b2s->digestSz;
-
-    return blake2s_final(b2s->S, final, (byte)sz);
-}
-
-
-/* end CTaoCrypt API */
-
-#endif  /* HAVE_BLAKE2S */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/camellia.c b/src/ssl/wolfssl/wolfcrypt/camellia.c
deleted file mode 100644
index 607b30183..000000000
--- a/src/ssl/wolfssl/wolfcrypt/camellia.c
+++ /dev/null
@@ -1,1633 +0,0 @@
-/* camellia.c ver 1.2.0
- *
- * Copyright (c) 2006,2007
- * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *   notice, this list of conditions and the following disclaimer as
- *   the first lines of this file unmodified.
- * 2. Redistributions in binary form must reproduce the above copyright
- *   notice, this list of conditions and the following disclaimer in the
- *   documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* camellia.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/*
- * Algorithm Specification
- *  http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_CAMELLIA
-
-#include <wolfssl/wolfcrypt/camellia.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/* u32 must be 32bit word */
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-/* key constants */
-
-#define CAMELLIA_SIGMA1L ((u32)0xA09E667FL)
-#define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL)
-#define CAMELLIA_SIGMA2L ((u32)0xB67AE858L)
-#define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L)
-#define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL)
-#define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL)
-#define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L)
-#define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL)
-#define CAMELLIA_SIGMA5L ((u32)0x10E527FAL)
-#define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL)
-#define CAMELLIA_SIGMA6L ((u32)0xB05688C2L)
-#define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL)
-
-/*
- *  macros
- */
-
-
-#if defined(_MSC_VER)
-
-# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
-# define GETU32(p) SWAP(*((u32 *)(p)))
-# define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));}
-
-#else /* not MS-VC */
-
-# define GETU32(pt)                             \
-    (((u32)(pt)[0] << 24)                       \
-     ^ ((u32)(pt)[1] << 16)                     \
-     ^ ((u32)(pt)[2] <<  8)                     \
-     ^ ((u32)(pt)[3]))
-
-# define PUTU32(ct, st)  {                      \
-        (ct)[0] = (u8)((st) >> 24);             \
-        (ct)[1] = (u8)((st) >> 16);             \
-        (ct)[2] = (u8)((st) >>  8);             \
-        (ct)[3] = (u8)(st); }
-
-#endif
-
-#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2])
-#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1])
-
-/* rotation right shift 1byte */
-#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24))
-/* rotation left shift 1bit */
-#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31))
-/* rotation left shift 1byte */
-#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24))
-
-#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits)              \
-    do {                                                          \
-        (w0) = (ll);                                              \
-        (ll) = ((ll) << (bits)) + ((lr) >> (32 - (bits)));        \
-        (lr) = ((lr) << (bits)) + ((rl) >> (32 - (bits)));        \
-        (rl) = ((rl) << (bits)) + ((rr) >> (32 - (bits)));        \
-        (rr) = ((rr) << (bits)) + ((w0) >> (32 - (bits)));        \
-    } while(0)
-
-#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits)           \
-    do {                                                          \
-        (w0) = (ll);                                              \
-        (w1) = (lr);                                              \
-        (ll) = ((lr) << ((bits) - 32)) + ((rl) >> (64 - (bits))); \
-        (lr) = ((rl) << ((bits) - 32)) + ((rr) >> (64 - (bits))); \
-        (rl) = ((rr) << ((bits) - 32)) + ((w0) >> (64 - (bits))); \
-        (rr) = ((w0) << ((bits) - 32)) + ((w1) >> (64 - (bits))); \
-    } while(0)
-
-#define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)])
-#define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)])
-#define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)])
-#define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)])
-
-#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1)        \
-    do {                                                          \
-        (il) = (xl) ^ (kl);                                       \
-        (ir) = (xr) ^ (kr);                                       \
-        (t0) = (il) >> 16;                                        \
-        (t1) = (ir) >> 16;                                        \
-        (yl) = CAMELLIA_SP1110((ir) & 0xff)                       \
-            ^ CAMELLIA_SP0222(((t1) >> 8) & 0xff)                 \
-            ^ CAMELLIA_SP3033((t1) & 0xff)                        \
-            ^ CAMELLIA_SP4404(((ir) >> 8) & 0xff);                \
-        (yr) = CAMELLIA_SP1110(((t0) >> 8) & 0xff)                \
-            ^ CAMELLIA_SP0222((t0) & 0xff)                        \
-            ^ CAMELLIA_SP3033(((il) >> 8) & 0xff)                 \
-            ^ CAMELLIA_SP4404((il) & 0xff);                       \
-        (yl) ^= (yr);                                             \
-        (yr) = CAMELLIA_RR8(yr);                                  \
-        (yr) ^= (yl);                                             \
-    } while(0)
-
-
-/*
- * for speed up
- *
- */
-#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \
-    do {                                                                 \
-        (t0) = (kll);                                                    \
-        (t0) &= (ll);                                                    \
-        (lr) ^= CAMELLIA_RL1(t0);                                        \
-        (t1) = (klr);                                                    \
-        (t1) |= (lr);                                                    \
-        (ll) ^= (t1);                                                    \
-                                                                         \
-        (t2) = (krr);                                                    \
-        (t2) |= (rr);                                                    \
-        (rl) ^= (t2);                                                    \
-        (t3) = (krl);                                                    \
-        (t3) &= (rl);                                                    \
-        (rr) ^= CAMELLIA_RL1(t3);                                        \
-    } while(0)
-
-#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1)         \
-    do {                                                                 \
-        (ir) = CAMELLIA_SP1110((xr) & 0xff)                              \
-            ^ CAMELLIA_SP0222(((xr) >> 24) & 0xff)                       \
-            ^ CAMELLIA_SP3033(((xr) >> 16) & 0xff)                       \
-            ^ CAMELLIA_SP4404(((xr) >> 8) & 0xff);                       \
-        (il) = CAMELLIA_SP1110(((xl) >> 24) & 0xff)                      \
-            ^ CAMELLIA_SP0222(((xl) >> 16) & 0xff)                       \
-            ^ CAMELLIA_SP3033(((xl) >> 8) & 0xff)                        \
-            ^ CAMELLIA_SP4404((xl) & 0xff);                              \
-        (il) ^= (kl);                                                    \
-        (ir) ^= (kr);                                                    \
-        (ir) ^= (il);                                                    \
-        (il) = CAMELLIA_RR8(il);                                         \
-        (il) ^= (ir);                                                    \
-        (yl) ^= (ir);                                                    \
-        (yr) ^= (il);                                                    \
-    } while(0)
-
-
-static const u32 camellia_sp1110[256] = {
-    0x70707000,0x82828200,0x2c2c2c00,0xececec00,
-    0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500,
-    0xe4e4e400,0x85858500,0x57575700,0x35353500,
-    0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100,
-    0x23232300,0xefefef00,0x6b6b6b00,0x93939300,
-    0x45454500,0x19191900,0xa5a5a500,0x21212100,
-    0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00,
-    0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00,
-    0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00,
-    0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00,
-    0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00,
-    0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00,
-    0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00,
-    0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00,
-    0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600,
-    0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00,
-    0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600,
-    0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00,
-    0x74747400,0x12121200,0x2b2b2b00,0x20202000,
-    0xf0f0f000,0xb1b1b100,0x84848400,0x99999900,
-    0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200,
-    0x34343400,0x7e7e7e00,0x76767600,0x05050500,
-    0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100,
-    0xd1d1d100,0x17171700,0x04040400,0xd7d7d700,
-    0x14141400,0x58585800,0x3a3a3a00,0x61616100,
-    0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00,
-    0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600,
-    0x53535300,0x18181800,0xf2f2f200,0x22222200,
-    0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200,
-    0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100,
-    0x24242400,0x08080800,0xe8e8e800,0xa8a8a800,
-    0x60606000,0xfcfcfc00,0x69696900,0x50505000,
-    0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00,
-    0xa1a1a100,0x89898900,0x62626200,0x97979700,
-    0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500,
-    0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200,
-    0x10101000,0xc4c4c400,0x00000000,0x48484800,
-    0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00,
-    0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00,
-    0x09090900,0x3f3f3f00,0xdddddd00,0x94949400,
-    0x87878700,0x5c5c5c00,0x83838300,0x02020200,
-    0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300,
-    0x73737300,0x67676700,0xf6f6f600,0xf3f3f300,
-    0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200,
-    0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600,
-    0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00,
-    0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00,
-    0x13131300,0xbebebe00,0x63636300,0x2e2e2e00,
-    0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00,
-    0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00,
-    0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600,
-    0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900,
-    0x78787800,0x98989800,0x06060600,0x6a6a6a00,
-    0xe7e7e700,0x46464600,0x71717100,0xbababa00,
-    0xd4d4d400,0x25252500,0xababab00,0x42424200,
-    0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00,
-    0x72727200,0x07070700,0xb9b9b900,0x55555500,
-    0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00,
-    0x36363600,0x49494900,0x2a2a2a00,0x68686800,
-    0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400,
-    0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00,
-    0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100,
-    0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400,
-    0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00,
-};
-
-static const u32 camellia_sp0222[256] = {
-    0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9,
-    0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb,
-    0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a,
-    0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282,
-    0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727,
-    0x008a8a8a,0x00323232,0x004b4b4b,0x00424242,
-    0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c,
-    0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b,
-    0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f,
-    0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d,
-    0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe,
-    0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434,
-    0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595,
-    0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a,
-    0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad,
-    0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a,
-    0x00171717,0x001a1a1a,0x00353535,0x00cccccc,
-    0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a,
-    0x00e8e8e8,0x00242424,0x00565656,0x00404040,
-    0x00e1e1e1,0x00636363,0x00090909,0x00333333,
-    0x00bfbfbf,0x00989898,0x00979797,0x00858585,
-    0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a,
-    0x00dadada,0x006f6f6f,0x00535353,0x00626262,
-    0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf,
-    0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2,
-    0x00bdbdbd,0x00363636,0x00222222,0x00383838,
-    0x00646464,0x001e1e1e,0x00393939,0x002c2c2c,
-    0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444,
-    0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565,
-    0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323,
-    0x00484848,0x00101010,0x00d1d1d1,0x00515151,
-    0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0,
-    0x00555555,0x00a1a1a1,0x00414141,0x00fafafa,
-    0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f,
-    0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b,
-    0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5,
-    0x00202020,0x00898989,0x00000000,0x00909090,
-    0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7,
-    0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5,
-    0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929,
-    0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404,
-    0x009b9b9b,0x00949494,0x00212121,0x00666666,
-    0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7,
-    0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5,
-    0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c,
-    0x00919191,0x006e6e6e,0x008d8d8d,0x00767676,
-    0x00030303,0x002d2d2d,0x00dedede,0x00969696,
-    0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c,
-    0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919,
-    0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d,
-    0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d,
-    0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2,
-    0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4,
-    0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575,
-    0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484,
-    0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5,
-    0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa,
-    0x00f1f1f1,0x00dddddd,0x00595959,0x00141414,
-    0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0,
-    0x00787878,0x00707070,0x00e3e3e3,0x00494949,
-    0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6,
-    0x00777777,0x00939393,0x00868686,0x00838383,
-    0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9,
-    0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d,
-};
-
-static const u32 camellia_sp3033[256] = {
-    0x38003838,0x41004141,0x16001616,0x76007676,
-    0xd900d9d9,0x93009393,0x60006060,0xf200f2f2,
-    0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a,
-    0x75007575,0x06000606,0x57005757,0xa000a0a0,
-    0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9,
-    0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090,
-    0xf600f6f6,0x07000707,0xa700a7a7,0x27002727,
-    0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede,
-    0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7,
-    0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767,
-    0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf,
-    0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d,
-    0x53005353,0xf000f0f0,0x9c009c9c,0x65006565,
-    0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e,
-    0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b,
-    0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6,
-    0xc500c5c5,0x86008686,0x4d004d4d,0x33003333,
-    0xfd00fdfd,0x66006666,0x58005858,0x96009696,
-    0x3a003a3a,0x09000909,0x95009595,0x10001010,
-    0x78007878,0xd800d8d8,0x42004242,0xcc00cccc,
-    0xef00efef,0x26002626,0xe500e5e5,0x61006161,
-    0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282,
-    0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898,
-    0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb,
-    0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0,
-    0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e,
-    0x19001919,0x87008787,0x4e004e4e,0x0b000b0b,
-    0xa900a9a9,0x0c000c0c,0x79007979,0x11001111,
-    0x7f007f7f,0x22002222,0xe700e7e7,0x59005959,
-    0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8,
-    0x12001212,0x04000404,0x74007474,0x54005454,
-    0x30003030,0x7e007e7e,0xb400b4b4,0x28002828,
-    0x55005555,0x68006868,0x50005050,0xbe00bebe,
-    0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb,
-    0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca,
-    0x70007070,0xff00ffff,0x32003232,0x69006969,
-    0x08000808,0x62006262,0x00000000,0x24002424,
-    0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded,
-    0x45004545,0x81008181,0x73007373,0x6d006d6d,
-    0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a,
-    0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101,
-    0xe600e6e6,0x25002525,0x48004848,0x99009999,
-    0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9,
-    0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171,
-    0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313,
-    0x64006464,0x9b009b9b,0x63006363,0x9d009d9d,
-    0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5,
-    0x89008989,0x5f005f5f,0xb100b1b1,0x17001717,
-    0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646,
-    0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747,
-    0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b,
-    0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac,
-    0x3c003c3c,0x4c004c4c,0x03000303,0x35003535,
-    0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d,
-    0x6a006a6a,0x92009292,0xd500d5d5,0x21002121,
-    0x44004444,0x51005151,0xc600c6c6,0x7d007d7d,
-    0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa,
-    0x7c007c7c,0x77007777,0x56005656,0x05000505,
-    0x1b001b1b,0xa400a4a4,0x15001515,0x34003434,
-    0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252,
-    0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd,
-    0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0,
-    0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a,
-    0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f,
-};
-
-static const u32 camellia_sp4404[256] = {
-    0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0,
-    0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae,
-    0x23230023,0x6b6b006b,0x45450045,0xa5a500a5,
-    0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092,
-    0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f,
-    0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b,
-    0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d,
-    0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c,
-    0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0,
-    0x74740074,0x2b2b002b,0xf0f000f0,0x84840084,
-    0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076,
-    0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004,
-    0x14140014,0x3a3a003a,0xdede00de,0x11110011,
-    0x32320032,0x9c9c009c,0x53530053,0xf2f200f2,
-    0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a,
-    0x24240024,0xe8e800e8,0x60600060,0x69690069,
-    0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062,
-    0x54540054,0x1e1e001e,0xe0e000e0,0x64640064,
-    0x10100010,0x00000000,0xa3a300a3,0x75750075,
-    0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd,
-    0x87870087,0x83830083,0xcdcd00cd,0x90900090,
-    0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf,
-    0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6,
-    0x81810081,0x6f6f006f,0x13130013,0x63630063,
-    0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc,
-    0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4,
-    0x78780078,0x06060006,0xe7e700e7,0x71710071,
-    0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d,
-    0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac,
-    0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1,
-    0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043,
-    0x15150015,0xadad00ad,0x77770077,0x80800080,
-    0x82820082,0xecec00ec,0x27270027,0xe5e500e5,
-    0x85850085,0x35350035,0x0c0c000c,0x41410041,
-    0xefef00ef,0x93930093,0x19190019,0x21210021,
-    0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd,
-    0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce,
-    0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a,
-    0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d,
-    0x01010001,0xd6d600d6,0x56560056,0x4d4d004d,
-    0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d,
-    0x12120012,0x20200020,0xb1b100b1,0x99990099,
-    0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005,
-    0xb7b700b7,0x31310031,0x17170017,0xd7d700d7,
-    0x58580058,0x61610061,0x1b1b001b,0x1c1c001c,
-    0x0f0f000f,0x16160016,0x18180018,0x22220022,
-    0x44440044,0xb2b200b2,0xb5b500b5,0x91910091,
-    0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050,
-    0xd0d000d0,0x7d7d007d,0x89890089,0x97970097,
-    0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2,
-    0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db,
-    0x03030003,0xdada00da,0x3f3f003f,0x94940094,
-    0x5c5c005c,0x02020002,0x4a4a004a,0x33330033,
-    0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2,
-    0x9b9b009b,0x26260026,0x37370037,0x3b3b003b,
-    0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e,
-    0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e,
-    0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059,
-    0x98980098,0x6a6a006a,0x46460046,0xbaba00ba,
-    0x25250025,0x42420042,0xa2a200a2,0xfafa00fa,
-    0x07070007,0x55550055,0xeeee00ee,0x0a0a000a,
-    0x49490049,0x68680068,0x38380038,0xa4a400a4,
-    0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1,
-    0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e,
-};
-
-
-/**
- * Stuff related to the Camellia key schedule
- */
-#define subl(x) subL[(x)]
-#define subr(x) subR[(x)]
-
-static int camellia_setup128(const unsigned char *key, u32 *subkey)
-{
-    u32 kll, klr, krl, krr;
-    u32 il, ir, t0, t1, w0, w1;
-    u32 kw4l, kw4r, dw, tl, tr;
-
-#ifdef WOLFSSL_SMALL_STACK
-    u32* subL;
-    u32* subR;
-
-    subL = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (subL == NULL)
-        return MEMORY_E;
-
-    subR = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (subR == NULL) {
-        XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#else
-    u32 subL[26];
-    u32 subR[26];
-#endif
-
-    /**
-     *  k == kll || klr || krl || krr (|| is concatenation)
-     */
-    kll = GETU32(key     );
-    klr = GETU32(key +  4);
-    krl = GETU32(key +  8);
-    krr = GETU32(key + 12);
-    /**
-     * generate KL dependent subkeys
-     */
-    subl(0) = kll; subr(0) = klr;
-    subl(1) = krl; subr(1) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(4) = kll; subr(4) = klr;
-    subl(5) = krl; subr(5) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
-    subl(10) = kll; subr(10) = klr;
-    subl(11) = krl; subr(11) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(13) = krl; subr(13) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
-    subl(16) = kll; subr(16) = klr;
-    subl(17) = krl; subr(17) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
-    subl(18) = kll; subr(18) = klr;
-    subl(19) = krl; subr(19) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
-    subl(22) = kll; subr(22) = klr;
-    subl(23) = krl; subr(23) = krr;
-
-    /* generate KA */
-    kll = subl(0); klr = subr(0);
-    krl = subl(1); krr = subr(1);
-    CAMELLIA_F(kll, klr,
-               CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
-               w0, w1, il, ir, t0, t1);
-    krl ^= w0; krr ^= w1;
-    CAMELLIA_F(krl, krr,
-               CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
-               kll, klr, il, ir, t0, t1);
-    CAMELLIA_F(kll, klr,
-               CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
-               krl, krr, il, ir, t0, t1);
-    krl ^= w0; krr ^= w1;
-    CAMELLIA_F(krl, krr,
-               CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
-               w0, w1, il, ir, t0, t1);
-    kll ^= w0; klr ^= w1;
-
-    /* generate KA dependent subkeys */
-    subl(2) = kll; subr(2) = klr;
-    subl(3) = krl; subr(3) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(6) = kll; subr(6) = klr;
-    subl(7) = krl; subr(7) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(8) = kll; subr(8) = klr;
-    subl(9) = krl; subr(9) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(12) = kll; subr(12) = klr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(14) = kll; subr(14) = klr;
-    subl(15) = krl; subr(15) = krr;
-    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
-    subl(20) = kll; subr(20) = klr;
-    subl(21) = krl; subr(21) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
-    subl(24) = kll; subr(24) = klr;
-    subl(25) = krl; subr(25) = krr;
-
-
-    /* absorb kw2 to other subkeys */
-    subl(3) ^= subl(1); subr(3) ^= subr(1);
-    subl(5) ^= subl(1); subr(5) ^= subr(1);
-    subl(7) ^= subl(1); subr(7) ^= subr(1);
-    subl(1) ^= subr(1) & ~subr(9);
-    dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw);
-    subl(11) ^= subl(1); subr(11) ^= subr(1);
-    subl(13) ^= subl(1); subr(13) ^= subr(1);
-    subl(15) ^= subl(1); subr(15) ^= subr(1);
-    subl(1) ^= subr(1) & ~subr(17);
-    dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw);
-    subl(19) ^= subl(1); subr(19) ^= subr(1);
-    subl(21) ^= subl(1); subr(21) ^= subr(1);
-    subl(23) ^= subl(1); subr(23) ^= subr(1);
-    subl(24) ^= subl(1); subr(24) ^= subr(1);
-
-    /* absorb kw4 to other subkeys */
-    kw4l = subl(25); kw4r = subr(25);
-    subl(22) ^= kw4l; subr(22) ^= kw4r;
-    subl(20) ^= kw4l; subr(20) ^= kw4r;
-    subl(18) ^= kw4l; subr(18) ^= kw4r;
-    kw4l ^= kw4r & ~subr(16);
-    dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw);
-    subl(14) ^= kw4l; subr(14) ^= kw4r;
-    subl(12) ^= kw4l; subr(12) ^= kw4r;
-    subl(10) ^= kw4l; subr(10) ^= kw4r;
-    kw4l ^= kw4r & ~subr(8);
-    dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw);
-    subl(6) ^= kw4l; subr(6) ^= kw4r;
-    subl(4) ^= kw4l; subr(4) ^= kw4r;
-    subl(2) ^= kw4l; subr(2) ^= kw4r;
-    subl(0) ^= kw4l; subr(0) ^= kw4r;
-
-    /* key XOR is end of F-function */
-    CamelliaSubkeyL(0) = subl(0) ^ subl(2);
-    CamelliaSubkeyR(0) = subr(0) ^ subr(2);
-    CamelliaSubkeyL(2) = subl(3);
-    CamelliaSubkeyR(2) = subr(3);
-    CamelliaSubkeyL(3) = subl(2) ^ subl(4);
-    CamelliaSubkeyR(3) = subr(2) ^ subr(4);
-    CamelliaSubkeyL(4) = subl(3) ^ subl(5);
-    CamelliaSubkeyR(4) = subr(3) ^ subr(5);
-    CamelliaSubkeyL(5) = subl(4) ^ subl(6);
-    CamelliaSubkeyR(5) = subr(4) ^ subr(6);
-    CamelliaSubkeyL(6) = subl(5) ^ subl(7);
-    CamelliaSubkeyR(6) = subr(5) ^ subr(7);
-    tl = subl(10) ^ (subr(10) & ~subr(8));
-    dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(7) = subl(6) ^ tl;
-    CamelliaSubkeyR(7) = subr(6) ^ tr;
-    CamelliaSubkeyL(8) = subl(8);
-    CamelliaSubkeyR(8) = subr(8);
-    CamelliaSubkeyL(9) = subl(9);
-    CamelliaSubkeyR(9) = subr(9);
-    tl = subl(7) ^ (subr(7) & ~subr(9));
-    dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(10) = tl ^ subl(11);
-    CamelliaSubkeyR(10) = tr ^ subr(11);
-    CamelliaSubkeyL(11) = subl(10) ^ subl(12);
-    CamelliaSubkeyR(11) = subr(10) ^ subr(12);
-    CamelliaSubkeyL(12) = subl(11) ^ subl(13);
-    CamelliaSubkeyR(12) = subr(11) ^ subr(13);
-    CamelliaSubkeyL(13) = subl(12) ^ subl(14);
-    CamelliaSubkeyR(13) = subr(12) ^ subr(14);
-    CamelliaSubkeyL(14) = subl(13) ^ subl(15);
-    CamelliaSubkeyR(14) = subr(13) ^ subr(15);
-    tl = subl(18) ^ (subr(18) & ~subr(16));
-    dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(15) = subl(14) ^ tl;
-    CamelliaSubkeyR(15) = subr(14) ^ tr;
-    CamelliaSubkeyL(16) = subl(16);
-    CamelliaSubkeyR(16) = subr(16);
-    CamelliaSubkeyL(17) = subl(17);
-    CamelliaSubkeyR(17) = subr(17);
-    tl = subl(15) ^ (subr(15) & ~subr(17));
-    dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(18) = tl ^ subl(19);
-    CamelliaSubkeyR(18) = tr ^ subr(19);
-    CamelliaSubkeyL(19) = subl(18) ^ subl(20);
-    CamelliaSubkeyR(19) = subr(18) ^ subr(20);
-    CamelliaSubkeyL(20) = subl(19) ^ subl(21);
-    CamelliaSubkeyR(20) = subr(19) ^ subr(21);
-    CamelliaSubkeyL(21) = subl(20) ^ subl(22);
-    CamelliaSubkeyR(21) = subr(20) ^ subr(22);
-    CamelliaSubkeyL(22) = subl(21) ^ subl(23);
-    CamelliaSubkeyR(22) = subr(21) ^ subr(23);
-    CamelliaSubkeyL(23) = subl(22);
-    CamelliaSubkeyR(23) = subr(22);
-    CamelliaSubkeyL(24) = subl(24) ^ subl(23);
-    CamelliaSubkeyR(24) = subr(24) ^ subr(23);
-
-    /* apply the inverse of the last half of P-function */
-    dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
-    dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
-    dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
-    dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
-    dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
-    dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
-    dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
-    dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
-    dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
-    dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
-    dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
-    dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
-    dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
-    dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
-    dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
-    dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
-    dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
-    dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
-
-    WC_FREE_VAR_EX(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-
-static int camellia_setup256(const unsigned char *key, u32 *subkey)
-{
-    u32 kll,klr,krl,krr;           /* left half of key */
-    u32 krll,krlr,krrl,krrr;       /* right half of key */
-    u32 il, ir, t0, t1, w0, w1;    /* temporary variables */
-    u32 kw4l, kw4r, dw, tl, tr;
-
-#ifdef WOLFSSL_SMALL_STACK
-    u32* subL;
-    u32* subR;
-
-    subL = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (subL == NULL)
-        return MEMORY_E;
-
-    subR = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (subR == NULL) {
-        XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#else
-    u32 subL[34];
-    u32 subR[34];
-#endif
-
-    /**
-     *  key = (kll || klr || krl || krr || krll || krlr || krrl || krrr)
-     *  (|| is concatenation)
-     */
-
-    kll  = GETU32(key     );
-    klr  = GETU32(key +  4);
-    krl  = GETU32(key +  8);
-    krr  = GETU32(key + 12);
-    krll = GETU32(key + 16);
-    krlr = GETU32(key + 20);
-    krrl = GETU32(key + 24);
-    krrr = GETU32(key + 28);
-
-    /* generate KL dependent subkeys */
-    subl(0) = kll; subr(0) = klr;
-    subl(1) = krl; subr(1) = krr;
-    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45);
-    subl(12) = kll; subr(12) = klr;
-    subl(13) = krl; subr(13) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(16) = kll; subr(16) = klr;
-    subl(17) = krl; subr(17) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17);
-    subl(22) = kll; subr(22) = klr;
-    subl(23) = krl; subr(23) = krr;
-    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34);
-    subl(30) = kll; subr(30) = klr;
-    subl(31) = krl; subr(31) = krr;
-
-    /* generate KR dependent subkeys */
-    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
-    subl(4) = krll; subr(4) = krlr;
-    subl(5) = krrl; subr(5) = krrr;
-    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15);
-    subl(8) = krll; subr(8) = krlr;
-    subl(9) = krrl; subr(9) = krrr;
-    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
-    subl(18) = krll; subr(18) = krlr;
-    subl(19) = krrl; subr(19) = krrr;
-    CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
-    subl(26) = krll; subr(26) = krlr;
-    subl(27) = krrl; subr(27) = krrr;
-    CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34);
-
-    /* generate KA */
-    kll = subl(0) ^ krll; klr = subr(0) ^ krlr;
-    krl = subl(1) ^ krrl; krr = subr(1) ^ krrr;
-    CAMELLIA_F(kll, klr,
-               CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R,
-               w0, w1, il, ir, t0, t1);
-    krl ^= w0; krr ^= w1;
-    CAMELLIA_F(krl, krr,
-               CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R,
-               kll, klr, il, ir, t0, t1);
-    kll ^= krll; klr ^= krlr;
-    CAMELLIA_F(kll, klr,
-               CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R,
-               krl, krr, il, ir, t0, t1);
-    krl ^= w0 ^ krrl; krr ^= w1 ^ krrr;
-    CAMELLIA_F(krl, krr,
-               CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R,
-               w0, w1, il, ir, t0, t1);
-    kll ^= w0; klr ^= w1;
-
-    /* generate KB */
-    krll ^= kll; krlr ^= klr;
-    krrl ^= krl; krrr ^= krr;
-    CAMELLIA_F(krll, krlr,
-               CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R,
-               w0, w1, il, ir, t0, t1);
-    krrl ^= w0; krrr ^= w1;
-    CAMELLIA_F(krrl, krrr,
-               CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R,
-               w0, w1, il, ir, t0, t1);
-    krll ^= w0; krlr ^= w1;
-
-    /* generate KA dependent subkeys */
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15);
-    subl(6) = kll; subr(6) = klr;
-    subl(7) = krl; subr(7) = krr;
-    CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30);
-    subl(14) = kll; subr(14) = klr;
-    subl(15) = krl; subr(15) = krr;
-    subl(24) = klr; subr(24) = krl;
-    subl(25) = krr; subr(25) = kll;
-    CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49);
-    subl(28) = kll; subr(28) = klr;
-    subl(29) = krl; subr(29) = krr;
-
-    /* generate KB dependent subkeys */
-    subl(2) = krll; subr(2) = krlr;
-    subl(3) = krrl; subr(3) = krrr;
-    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
-    subl(10) = krll; subr(10) = krlr;
-    subl(11) = krrl; subr(11) = krrr;
-    CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30);
-    subl(20) = krll; subr(20) = krlr;
-    subl(21) = krrl; subr(21) = krrr;
-    CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51);
-    subl(32) = krll; subr(32) = krlr;
-    subl(33) = krrl; subr(33) = krrr;
-
-    /* absorb kw2 to other subkeys */
-    subl(3) ^= subl(1); subr(3) ^= subr(1);
-    subl(5) ^= subl(1); subr(5) ^= subr(1);
-    subl(7) ^= subl(1); subr(7) ^= subr(1);
-    subl(1) ^= subr(1) & ~subr(9);
-    dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw);
-    subl(11) ^= subl(1); subr(11) ^= subr(1);
-    subl(13) ^= subl(1); subr(13) ^= subr(1);
-    subl(15) ^= subl(1); subr(15) ^= subr(1);
-    subl(1) ^= subr(1) & ~subr(17);
-    dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw);
-    subl(19) ^= subl(1); subr(19) ^= subr(1);
-    subl(21) ^= subl(1); subr(21) ^= subr(1);
-    subl(23) ^= subl(1); subr(23) ^= subr(1);
-    subl(1) ^= subr(1) & ~subr(25);
-    dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw);
-    subl(27) ^= subl(1); subr(27) ^= subr(1);
-    subl(29) ^= subl(1); subr(29) ^= subr(1);
-    subl(31) ^= subl(1); subr(31) ^= subr(1);
-    subl(32) ^= subl(1); subr(32) ^= subr(1);
-
-    /* absorb kw4 to other subkeys */
-    kw4l = subl(33); kw4r = subr(33);
-    subl(30) ^= kw4l; subr(30) ^= kw4r;
-    subl(28) ^= kw4l; subr(28) ^= kw4r;
-    subl(26) ^= kw4l; subr(26) ^= kw4r;
-    kw4l ^= kw4r & ~subr(24);
-    dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw);
-    subl(22) ^= kw4l; subr(22) ^= kw4r;
-    subl(20) ^= kw4l; subr(20) ^= kw4r;
-    subl(18) ^= kw4l; subr(18) ^= kw4r;
-    kw4l ^= kw4r & ~subr(16);
-    dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw);
-    subl(14) ^= kw4l; subr(14) ^= kw4r;
-    subl(12) ^= kw4l; subr(12) ^= kw4r;
-    subl(10) ^= kw4l; subr(10) ^= kw4r;
-    kw4l ^= kw4r & ~subr(8);
-    dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw);
-    subl(6) ^= kw4l; subr(6) ^= kw4r;
-    subl(4) ^= kw4l; subr(4) ^= kw4r;
-    subl(2) ^= kw4l; subr(2) ^= kw4r;
-    subl(0) ^= kw4l; subr(0) ^= kw4r;
-
-    /* key XOR is end of F-function */
-    CamelliaSubkeyL(0) = subl(0) ^ subl(2);
-    CamelliaSubkeyR(0) = subr(0) ^ subr(2);
-    CamelliaSubkeyL(2) = subl(3);
-    CamelliaSubkeyR(2) = subr(3);
-    CamelliaSubkeyL(3) = subl(2) ^ subl(4);
-    CamelliaSubkeyR(3) = subr(2) ^ subr(4);
-    CamelliaSubkeyL(4) = subl(3) ^ subl(5);
-    CamelliaSubkeyR(4) = subr(3) ^ subr(5);
-    CamelliaSubkeyL(5) = subl(4) ^ subl(6);
-    CamelliaSubkeyR(5) = subr(4) ^ subr(6);
-    CamelliaSubkeyL(6) = subl(5) ^ subl(7);
-    CamelliaSubkeyR(6) = subr(5) ^ subr(7);
-    tl = subl(10) ^ (subr(10) & ~subr(8));
-    dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(7) = subl(6) ^ tl;
-    CamelliaSubkeyR(7) = subr(6) ^ tr;
-    CamelliaSubkeyL(8) = subl(8);
-    CamelliaSubkeyR(8) = subr(8);
-    CamelliaSubkeyL(9) = subl(9);
-    CamelliaSubkeyR(9) = subr(9);
-    tl = subl(7) ^ (subr(7) & ~subr(9));
-    dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(10) = tl ^ subl(11);
-    CamelliaSubkeyR(10) = tr ^ subr(11);
-    CamelliaSubkeyL(11) = subl(10) ^ subl(12);
-    CamelliaSubkeyR(11) = subr(10) ^ subr(12);
-    CamelliaSubkeyL(12) = subl(11) ^ subl(13);
-    CamelliaSubkeyR(12) = subr(11) ^ subr(13);
-    CamelliaSubkeyL(13) = subl(12) ^ subl(14);
-    CamelliaSubkeyR(13) = subr(12) ^ subr(14);
-    CamelliaSubkeyL(14) = subl(13) ^ subl(15);
-    CamelliaSubkeyR(14) = subr(13) ^ subr(15);
-    tl = subl(18) ^ (subr(18) & ~subr(16));
-    dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(15) = subl(14) ^ tl;
-    CamelliaSubkeyR(15) = subr(14) ^ tr;
-    CamelliaSubkeyL(16) = subl(16);
-    CamelliaSubkeyR(16) = subr(16);
-    CamelliaSubkeyL(17) = subl(17);
-    CamelliaSubkeyR(17) = subr(17);
-    tl = subl(15) ^ (subr(15) & ~subr(17));
-    dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(18) = tl ^ subl(19);
-    CamelliaSubkeyR(18) = tr ^ subr(19);
-    CamelliaSubkeyL(19) = subl(18) ^ subl(20);
-    CamelliaSubkeyR(19) = subr(18) ^ subr(20);
-    CamelliaSubkeyL(20) = subl(19) ^ subl(21);
-    CamelliaSubkeyR(20) = subr(19) ^ subr(21);
-    CamelliaSubkeyL(21) = subl(20) ^ subl(22);
-    CamelliaSubkeyR(21) = subr(20) ^ subr(22);
-    CamelliaSubkeyL(22) = subl(21) ^ subl(23);
-    CamelliaSubkeyR(22) = subr(21) ^ subr(23);
-    tl = subl(26) ^ (subr(26) & ~subr(24));
-    dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(23) = subl(22) ^ tl;
-    CamelliaSubkeyR(23) = subr(22) ^ tr;
-    CamelliaSubkeyL(24) = subl(24);
-    CamelliaSubkeyR(24) = subr(24);
-    CamelliaSubkeyL(25) = subl(25);
-    CamelliaSubkeyR(25) = subr(25);
-    tl = subl(23) ^ (subr(23) &  ~subr(25));
-    dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw);
-    CamelliaSubkeyL(26) = tl ^ subl(27);
-    CamelliaSubkeyR(26) = tr ^ subr(27);
-    CamelliaSubkeyL(27) = subl(26) ^ subl(28);
-    CamelliaSubkeyR(27) = subr(26) ^ subr(28);
-    CamelliaSubkeyL(28) = subl(27) ^ subl(29);
-    CamelliaSubkeyR(28) = subr(27) ^ subr(29);
-    CamelliaSubkeyL(29) = subl(28) ^ subl(30);
-    CamelliaSubkeyR(29) = subr(28) ^ subr(30);
-    CamelliaSubkeyL(30) = subl(29) ^ subl(31);
-    CamelliaSubkeyR(30) = subr(29) ^ subr(31);
-    CamelliaSubkeyL(31) = subl(30);
-    CamelliaSubkeyR(31) = subr(30);
-    CamelliaSubkeyL(32) = subl(32) ^ subl(31);
-    CamelliaSubkeyR(32) = subr(32) ^ subr(31);
-
-    /* apply the inverse of the last half of P-function */
-    dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw;
-    dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw;
-    dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw;
-    dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw;
-    dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw;
-    dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw;
-    dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw;
-    dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw;
-    dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw;
-    dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw;
-    dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw;
-    dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw;
-    dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw;
-    dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw;
-    dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw;
-    dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw;
-    dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw;
-    dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw;
-    dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw;
-    dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw;
-    dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw;
-    dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw;
-    dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw;
-    dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw);
-    CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw;
-
-    WC_FREE_VAR_EX(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-
-static int camellia_setup192(const unsigned char *key, u32 *subkey)
-{
-    unsigned char kk[32];
-    u32 krll = 0, krlr = 0, krrl = 0, krrr = 0;
-
-    XMEMCPY(kk, key, 24);
-    XMEMCPY((unsigned char *)&krll, key+16,4);
-    XMEMCPY((unsigned char *)&krlr, key+20,4);
-    krrl = ~krll;
-    krrr = ~krlr;
-    XMEMCPY(kk+24, (unsigned char *)&krrl, 4);
-    XMEMCPY(kk+28, (unsigned char *)&krrr, 4);
-
-    return camellia_setup256(kk, subkey);
-}
-
-
-/**
- * Stuff related to camellia encryption/decryption
- *
- * "io" must be 4byte aligned and big-endian data.
- */
-static void camellia_encrypt128(const u32 *subkey, u32 *io)
-{
-    u32 il, ir, t0, t1;
-
-    /* pre whitening but absorb kw2*/
-    io[0] ^= CamelliaSubkeyL(0);
-    io[1] ^= CamelliaSubkeyR(0);
-    /* main iteration */
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
-                 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
-                 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
-                     io[0],io[1],il,ir,t0,t1);
-
-    /* post whitening but kw4 */
-    io[2] ^= CamelliaSubkeyL(24);
-    io[3] ^= CamelliaSubkeyR(24);
-
-    t0 = io[0];
-    t1 = io[1];
-    io[0] = io[2];
-    io[1] = io[3];
-    io[2] = t0;
-    io[3] = t1;
-
-    return;
-}
-
-static void camellia_decrypt128(const u32 *subkey, u32 *io)
-{
-    u32 il,ir,t0,t1;               /* temporary variables */
-
-    /* pre whitening but absorb kw2*/
-    io[0] ^= CamelliaSubkeyL(24);
-    io[1] ^= CamelliaSubkeyR(24);
-
-    /* main iteration */
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
-                 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
-                 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
-                     io[0],io[1],il,ir,t0,t1);
-
-    /* post whitening but kw4 */
-    io[2] ^= CamelliaSubkeyL(0);
-    io[3] ^= CamelliaSubkeyR(0);
-
-    t0 = io[0];
-    t1 = io[1];
-    io[0] = io[2];
-    io[1] = io[3];
-    io[2] = t0;
-    io[3] = t1;
-
-    return;
-}
-
-/**
- * stuff for 192 and 256bit encryption/decryption
- */
-static void camellia_encrypt256(const u32 *subkey, u32 *io)
-{
-    u32 il,ir,t0,t1;           /* temporary variables */
-
-    /* pre whitening but absorb kw2*/
-    io[0] ^= CamelliaSubkeyL(0);
-    io[1] ^= CamelliaSubkeyR(0);
-
-    /* main iteration */
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
-                 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
-                 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(24),CamelliaSubkeyR(24),
-                 CamelliaSubkeyL(25),CamelliaSubkeyR(25),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(26),CamelliaSubkeyR(26),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(27),CamelliaSubkeyR(27),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(28),CamelliaSubkeyR(28),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(29),CamelliaSubkeyR(29),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(30),CamelliaSubkeyR(30),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(31),CamelliaSubkeyR(31),
-                     io[0],io[1],il,ir,t0,t1);
-
-    /* post whitening but kw4 */
-    io[2] ^= CamelliaSubkeyL(32);
-    io[3] ^= CamelliaSubkeyR(32);
-
-    t0 = io[0];
-    t1 = io[1];
-    io[0] = io[2];
-    io[1] = io[3];
-    io[2] = t0;
-    io[3] = t1;
-
-    return;
-}
-
-static void camellia_decrypt256(const u32 *subkey, u32 *io)
-{
-    u32 il,ir,t0,t1;           /* temporary variables */
-
-    /* pre whitening but absorb kw2*/
-    io[0] ^= CamelliaSubkeyL(32);
-    io[1] ^= CamelliaSubkeyR(32);
-
-    /* main iteration */
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(31),CamelliaSubkeyR(31),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(30),CamelliaSubkeyR(30),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(29),CamelliaSubkeyR(29),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(28),CamelliaSubkeyR(28),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(27),CamelliaSubkeyR(27),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(26),CamelliaSubkeyR(26),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(25),CamelliaSubkeyR(25),
-                 CamelliaSubkeyL(24),CamelliaSubkeyR(24),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(23),CamelliaSubkeyR(23),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(22),CamelliaSubkeyR(22),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(21),CamelliaSubkeyR(21),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(20),CamelliaSubkeyR(20),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(19),CamelliaSubkeyR(19),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(18),CamelliaSubkeyR(18),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(17),CamelliaSubkeyR(17),
-                 CamelliaSubkeyL(16),CamelliaSubkeyR(16),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(15),CamelliaSubkeyR(15),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(14),CamelliaSubkeyR(14),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(13),CamelliaSubkeyR(13),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(12),CamelliaSubkeyR(12),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(11),CamelliaSubkeyR(11),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(10),CamelliaSubkeyR(10),
-                     io[0],io[1],il,ir,t0,t1);
-
-    CAMELLIA_FLS(io[0],io[1],io[2],io[3],
-                 CamelliaSubkeyL(9),CamelliaSubkeyR(9),
-                 CamelliaSubkeyL(8),CamelliaSubkeyR(8),
-                 t0,t1,il,ir);
-
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(7),CamelliaSubkeyR(7),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(6),CamelliaSubkeyR(6),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(5),CamelliaSubkeyR(5),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(4),CamelliaSubkeyR(4),
-                     io[0],io[1],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[0],io[1],
-                     CamelliaSubkeyL(3),CamelliaSubkeyR(3),
-                     io[2],io[3],il,ir,t0,t1);
-    CAMELLIA_ROUNDSM(io[2],io[3],
-                     CamelliaSubkeyL(2),CamelliaSubkeyR(2),
-                     io[0],io[1],il,ir,t0,t1);
-
-    /* post whitening but kw4 */
-    io[2] ^= CamelliaSubkeyL(0);
-    io[3] ^= CamelliaSubkeyR(0);
-
-    t0 = io[0];
-    t1 = io[1];
-    io[0] = io[2];
-    io[1] = io[3];
-    io[2] = t0;
-    io[3] = t1;
-
-    return;
-}
-
-/***
- *
- * API for compatibility
- */
-
-static void Camellia_EncryptBlock(const word32 keyBitLength,
-                           const unsigned char *plaintext,
-                           const WC_CAMELLIA_KEY_TABLE_TYPE keyTable,
-                           unsigned char *ciphertext)
-{
-    u32 tmp[4];
-
-    tmp[0] = GETU32(plaintext);
-    tmp[1] = GETU32(plaintext + 4);
-    tmp[2] = GETU32(plaintext + 8);
-    tmp[3] = GETU32(plaintext + 12);
-
-    switch (keyBitLength) {
-    case 128:
-        camellia_encrypt128(keyTable, tmp);
-        break;
-    case 192:
-        /* fall through */
-    case 256:
-        camellia_encrypt256(keyTable, tmp);
-        break;
-    default:
-        break;
-    }
-
-    PUTU32(ciphertext, tmp[0]);
-    PUTU32(ciphertext + 4, tmp[1]);
-    PUTU32(ciphertext + 8, tmp[2]);
-    PUTU32(ciphertext + 12, tmp[3]);
-}
-
-static void Camellia_DecryptBlock(const word32 keyBitLength,
-                           const unsigned char *ciphertext,
-                           const WC_CAMELLIA_KEY_TABLE_TYPE keyTable,
-                           unsigned char *plaintext)
-{
-    u32 tmp[4];
-
-    tmp[0] = GETU32(ciphertext);
-    tmp[1] = GETU32(ciphertext + 4);
-    tmp[2] = GETU32(ciphertext + 8);
-    tmp[3] = GETU32(ciphertext + 12);
-
-    switch (keyBitLength) {
-    case 128:
-        camellia_decrypt128(keyTable, tmp);
-        break;
-    case 192:
-        /* fall through */
-    case 256:
-        camellia_decrypt256(keyTable, tmp);
-        break;
-    default:
-        break;
-    }
-    PUTU32(plaintext, tmp[0]);
-    PUTU32(plaintext + 4, tmp[1]);
-    PUTU32(plaintext + 8, tmp[2]);
-    PUTU32(plaintext + 12, tmp[3]);
-}
-
-
-
-/* wolfCrypt wrappers to the Camellia code */
-
-int wc_CamelliaSetKey(wc_Camellia* cam, const byte* key, word32 len, const byte* iv)
-{
-    int ret = 0;
-
-    if (cam == NULL) return BAD_FUNC_ARG;
-
-    XMEMSET(cam->key, 0, WC_CAMELLIA_TABLE_BYTE_LEN);
-
-    switch (len) {
-        case 16:
-                ret = camellia_setup128(key, cam->key);
-            break;
-        case 24:
-                ret = camellia_setup192(key, cam->key);
-            break;
-        case 32:
-            ret = camellia_setup256(key, cam->key);
-            break;
-        default:
-            ret = BAD_FUNC_ARG;
-    }
-
-    if (ret != 0)
-        return ret;
-
-    cam->keySz = len * 8;
-
-    return wc_CamelliaSetIV(cam, iv);
-}
-
-
-int wc_CamelliaSetIV(wc_Camellia* cam, const byte* iv)
-{
-    if (cam == NULL)
-        return BAD_FUNC_ARG;
-
-    if (iv)
-        XMEMCPY(cam->reg, iv, WC_CAMELLIA_BLOCK_SIZE);
-    else
-        XMEMSET(cam->reg,  0, WC_CAMELLIA_BLOCK_SIZE);
-
-    return 0;
-}
-
-
-int wc_CamelliaEncryptDirect(wc_Camellia* cam, byte* out, const byte* in)
-{
-    if (cam == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    Camellia_EncryptBlock(cam->keySz, in, cam->key, out);
-
-    return 0;
-}
-
-
-int wc_CamelliaDecryptDirect(wc_Camellia* cam, byte* out, const byte* in)
-{
-    if (cam == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    Camellia_DecryptBlock(cam->keySz, in, cam->key, out);
-
-    return 0;
-}
-
-
-int wc_CamelliaCbcEncrypt(wc_Camellia* cam, byte* out, const byte* in, word32 sz)
-{
-    word32 blocks;
-    if (cam == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    blocks = sz / WC_CAMELLIA_BLOCK_SIZE;
-
-    while (blocks--) {
-        xorbuf((byte*)cam->reg, in, WC_CAMELLIA_BLOCK_SIZE);
-        Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg,
-                                                     cam->key, (byte*)cam->reg);
-        XMEMCPY(out, cam->reg, WC_CAMELLIA_BLOCK_SIZE);
-
-        out += WC_CAMELLIA_BLOCK_SIZE;
-        in  += WC_CAMELLIA_BLOCK_SIZE;
-    }
-
-    return 0;
-}
-
-
-int wc_CamelliaCbcDecrypt(wc_Camellia* cam, byte* out, const byte* in, word32 sz)
-{
-    word32 blocks;
-    if (cam == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    blocks = sz / WC_CAMELLIA_BLOCK_SIZE;
-
-    while (blocks--) {
-        XMEMCPY(cam->tmp, in, WC_CAMELLIA_BLOCK_SIZE);
-        Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out);
-        xorbuf(out, (byte*)cam->reg, WC_CAMELLIA_BLOCK_SIZE);
-        XMEMCPY(cam->reg, cam->tmp, WC_CAMELLIA_BLOCK_SIZE);
-
-        out += WC_CAMELLIA_BLOCK_SIZE;
-        in  += WC_CAMELLIA_BLOCK_SIZE;
-    }
-
-    return 0;
-}
-
-
-#endif /* HAVE_CAMELLIA */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/cmac.c b/src/ssl/wolfssl/wolfcrypt/cmac.c
deleted file mode 100644
index 0d46054e2..000000000
--- a/src/ssl/wolfssl/wolfcrypt/cmac.c
+++ /dev/null
@@ -1,536 +0,0 @@
-/* cmac.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFSSL_QNX_CAAM
-#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
-#endif
-#if defined(WOLFSSL_HASH_KEEP)
-#include <wolfssl/wolfcrypt/hash.h>
-#endif
-
-#if defined(WOLFSSL_CMAC)
-
-#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$c")
-        #pragma const_seg(".fipsB$c")
-    #endif
-#endif
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/cmac.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_cmac_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000003 };
-    int wolfCrypt_FIPS_CMAC_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-#ifdef WOLFSSL_HASH_KEEP
-/* Some hardware have issues with update, this function stores the data to be
- * hashed into an array. Once ready, the Final operation is called on all of the
- * data to be hashed at once.
- * returns 0 on success
- */
-int wc_CMAC_Grow(Cmac* cmac, const byte* in, int inSz)
-{
-    return _wc_Hash_Grow(&cmac->msg, &cmac->used, &cmac->len, in, inSz, NULL);
-}
-#endif /* WOLFSSL_HASH_KEEP */
-
-#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
-/* Used by AES-SIV. See aes.c. */
-void ShiftAndXorRb(byte* out, byte* in)
-{
-    int i, j, xorRb;
-    int mask = 0, last = 0;
-    byte Rb = 0x87;
-
-    xorRb = (in[0] & 0x80) != 0;
-
-    for (i = 1, j = WC_AES_BLOCK_SIZE - 1; i <= WC_AES_BLOCK_SIZE; i++, j--) {
-        last = (in[j] & 0x80) ? 1 : 0;
-        out[j] = (byte)((in[j] << 1) | mask);
-        mask = last;
-        if (xorRb) {
-            out[j] ^= Rb;
-            Rb = 0;
-        }
-    }
-}
-#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
-
-/* returns 0 on success */
-int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
-                int type, void* unused, void* heap, int devId)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    byte useSW = 0;
-#endif
-
-    (void)unused;
-    (void)heap;
-
-    if (cmac == NULL || type != WC_CMAC_AES) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    /* save if we should use SW crypt, restore after memset */
-    useSW = cmac->useSWCrypt;
-#endif
-    XMEMSET(cmac, 0, sizeof(Cmac));
-
-#ifdef WOLF_CRYPTO_CB
-    /* Set devId regardless of value (invalid or not) */
-    cmac->devId = devId;
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (devId != INVALID_DEVID)
-    #endif
-    {
-        cmac->devCtx = NULL;
-
-        ret = wc_CryptoCb_Cmac(cmac, key, keySz, NULL, 0, NULL, NULL,
-                type, unused);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#else
-    (void)devId;
-#endif
-
-    if (key == NULL || keySz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    switch (type) {
-#if !defined (NO_AES) && defined(WOLFSSL_AES_DIRECT)
-    case WC_CMAC_AES:
-        cmac->type = WC_CMAC_AES;
-        ret = wc_AesInit(&cmac->aes, heap, devId);
-
-    #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-        cmac->useSWCrypt = useSW;
-        if (cmac->useSWCrypt == 1) {
-            cmac->aes.useSWCrypt = 1;
-        }
-    #endif
-
-        if (ret == 0) {
-            ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
-        }
-
-        if (ret == 0) {
-            byte l[WC_AES_BLOCK_SIZE];
-
-            XMEMSET(l, 0, WC_AES_BLOCK_SIZE);
-            ret = wc_AesEncryptDirect(&cmac->aes, l, l);
-            if (ret == 0) {
-                ShiftAndXorRb(cmac->k1, l);
-                ShiftAndXorRb(cmac->k2, cmac->k1);
-                ForceZero(l, WC_AES_BLOCK_SIZE);
-            }
-        }
-        break;
-#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
-    default:
-        return BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-
-int wc_InitCmac(Cmac* cmac, const byte* key, word32 keySz,
-                int type, void* unused)
-{
-#ifdef WOLFSSL_QNX_CAAM
-    int devId = WOLFSSL_CAAM_DEVID;
-#else
-    int devId = INVALID_DEVID;
-#endif
-    return wc_InitCmac_ex(cmac, key, keySz, type, unused, NULL, devId);
-}
-
-
-
-int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
-{
-    int ret = 0;
-
-    if ((cmac == NULL) || (in == NULL && inSz != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (cmac->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
-            NULL, NULL, (int)cmac->type, NULL);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    /* Clear CRYPTOCB_UNAVAILABLE return code */
-    ret = 0;
-
-    switch (cmac->type) {
-#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
-    case WC_CMAC_AES:
-    {
-        while ((ret == 0) && (inSz != 0)) {
-            word32 add = min(inSz, WC_AES_BLOCK_SIZE - cmac->bufferSz);
-            XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);
-
-            cmac->bufferSz += add;
-            in += add;
-            inSz -= add;
-
-            if (cmac->bufferSz == WC_AES_BLOCK_SIZE && inSz != 0) {
-                if (cmac->totalSz != 0) {
-                    xorbuf(cmac->buffer, cmac->digest, WC_AES_BLOCK_SIZE);
-                }
-                ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest,
-                        cmac->buffer);
-                if (ret == 0) {
-                    cmac->totalSz += WC_AES_BLOCK_SIZE;
-                    cmac->bufferSz = 0;
-                }
-            }
-        }
-    }; break;
-#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
-    default:
-        ret = BAD_FUNC_ARG;
-    }
-    return ret;
-}
-
-int wc_CmacFree(Cmac* cmac)
-{
-    if (cmac == NULL)
-        return BAD_FUNC_ARG;
-#if defined(WOLFSSL_HASH_KEEP)
-    /* TODO: msg is leaked if wc_CmacFinal() is not called
-     * e.g. when multiple calls to wc_CmacUpdate() and one fails but
-     * wc_CmacFinal() not called. */
-    XFREE(cmac->msg, cmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    switch (cmac->type) {
-#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
-    case WC_CMAC_AES:
-        wc_AesFree(&cmac->aes);
-        break;
-#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
-    default:
-        /* Nothing to do */
-        (void)cmac;
-    }
-    ForceZero(cmac, sizeof(Cmac));
-    return 0;
-}
-
-int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
-{
-    int ret = 0;
-
-    if (cmac == NULL || out == NULL || outSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    if (*outSz < WC_CMAC_TAG_MIN_SZ || *outSz > WC_CMAC_TAG_MAX_SZ) {
-        return BUFFER_E;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (cmac->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz,
-            (int)cmac->type, NULL);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-
-        /* Clear CRYPTOCB_UNAVAILABLE return code */
-       ret = 0;
-
-        /* fall-through when unavailable */
-    }
-#endif
-    if (ret == 0) {
-        switch (cmac->type) {
-    #if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
-        case WC_CMAC_AES:
-        {
-            const byte* subKey;
-            word32 remainder;
-
-            if (cmac->bufferSz == WC_AES_BLOCK_SIZE) {
-                subKey = cmac->k1;
-            }
-            else {
-                /* ensure we will have a valid remainder value */
-                if (cmac->bufferSz > WC_AES_BLOCK_SIZE) {
-                    ret = BAD_STATE_E;
-                    break;
-                }
-                remainder = WC_AES_BLOCK_SIZE - cmac->bufferSz;
-
-                if (remainder == 0) {
-                    remainder = WC_AES_BLOCK_SIZE;
-                }
-                if (remainder > 1) {
-                    XMEMSET(cmac->buffer + WC_AES_BLOCK_SIZE - remainder, 0,
-                            remainder);
-                }
-
-                cmac->buffer[WC_AES_BLOCK_SIZE - remainder] = 0x80;
-                subKey = cmac->k2;
-            }
-            xorbuf(cmac->buffer, cmac->digest, WC_AES_BLOCK_SIZE);
-            xorbuf(cmac->buffer, subKey, WC_AES_BLOCK_SIZE);
-            ret = wc_AesEncryptDirect(&cmac->aes, cmac->digest, cmac->buffer);
-            if (ret == 0) {
-                XMEMCPY(out, cmac->digest, *outSz);
-            }
-        }; break;
-    #endif /* !NO_AES && WOLFSSL_AES_DIRECT */
-        default:
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    return ret;
-}
-
-int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
-{
-    int ret = 0;
-
-    if (cmac == NULL)
-        return BAD_FUNC_ARG;
-    ret = wc_CmacFinalNoFree(cmac, out, outSz);
-    (void)wc_CmacFree(cmac);
-    return ret;
-}
-
-#if !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
-int wc_AesCmacGenerate_ex(Cmac* cmac,
-                          byte* out, word32* outSz,
-                          const byte* in, word32 inSz,
-                          const byte* key, word32 keySz,
-                          void* heap, int devId)
-{
-    int ret = 0;
-
-    if (cmac == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    /* Set devId regardless of value (invalid or not) */
-    cmac->devId = devId;
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Cmac(cmac, key, keySz, in, inSz, out, outSz,
-                WC_CMAC_AES, NULL);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-
-         /* Clear CRYPTOCB_UNAVAILABLE return code */
-        ret = 0;
-
-        /* fall-through when unavailable */
-    }
-#endif
-
-    if ( ((out == NULL) && (outSz != NULL) && (*outSz > 0))
-         || (in == NULL && inSz > 0)
-         || (key == NULL && keySz > 0))  {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Init step is optional */
-    if (key != NULL) {
-        ret = wc_InitCmac_ex(cmac, key, keySz, WC_CMAC_AES, NULL, heap, devId);
-    }
-    if (ret == 0) {
-        ret = wc_CmacUpdate(cmac, in, inSz);
-        /* Ensure we are freed and zeroed if not calling wc_CmacFinal */
-        if (ret != 0) {
-            (void)wc_CmacFree(cmac);
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CmacFinal(cmac, out, outSz);
-    }
-
-    return ret;
-}
-
-
-int wc_AesCmacGenerate(byte* out, word32* outSz,
-                       const byte* in, word32 inSz,
-                       const byte* key, word32 keySz)
-{
-    int ret = 0;
-    WC_DECLARE_VAR(cmac, Cmac, 1, 0);
-
-    if (out == NULL || (in == NULL && inSz > 0) || key == NULL || keySz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((cmac = (Cmac *)XMALLOC(sizeof *cmac, NULL,
-                                DYNAMIC_TYPE_CMAC)) == NULL) {
-        return MEMORY_E;
-    }
-#endif
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    XMEMSET(((unsigned char *)cmac) + sizeof(Aes), 0xff,
-        sizeof(Cmac) - sizeof(Aes));
-    /* Aes part is checked by wc_AesFree. */
-    wc_MemZero_Add("wc_AesCmacGenerate_ex cmac",
-        ((unsigned char *)cmac) + sizeof(Aes), sizeof(Cmac) - sizeof(Aes));
-#endif
-
-    ret = wc_AesCmacGenerate_ex(cmac,
-                                out, outSz,
-                                in, inSz,
-                                key, keySz,
-                                NULL,
-                                INVALID_DEVID);
-
-
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(cmac, NULL, DYNAMIC_TYPE_CMAC);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    wc_MemZero_Check(cmac, sizeof(Cmac));
-#endif
-
-    return ret;
-}
-
-
-int wc_AesCmacVerify_ex(Cmac* cmac,
-                        const byte* check, word32 checkSz,
-                        const byte* in, word32 inSz,
-                        const byte* key, word32 keySz,
-                        void* heap, int devId)
-{
-    int ret = 0;
-    byte a[WC_AES_BLOCK_SIZE];
-    word32 aSz = sizeof(a);
-    int compareRet;
-
-    if (cmac == NULL || check == NULL || checkSz == 0 ||
-            (in == NULL && inSz != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMSET(a, 0, aSz);
-    ret = wc_AesCmacGenerate_ex(cmac,
-                                a, &aSz,
-                                in, inSz,
-                                key, keySz,
-                                heap,
-                                devId);
-    if (ret == 0) {
-        compareRet = ConstantCompare(check, a, (int)min(checkSz, aSz));
-        ret = compareRet ? 1 : 0;
-    }
-
-    return ret;
-}
-
-
-int wc_AesCmacVerify(const byte* check, word32 checkSz,
-                     const byte* in, word32 inSz,
-                     const byte* key, word32 keySz)
-{
-    int ret = 0;
-    WC_DECLARE_VAR(cmac, Cmac, 1, 0);
-
-    if (check == NULL || checkSz == 0 || (in == NULL && inSz > 0) ||
-            key == NULL || keySz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((cmac = (Cmac *)XMALLOC(sizeof *cmac, NULL,
-                                DYNAMIC_TYPE_CMAC)) == NULL) {
-        return MEMORY_E;
-    }
-#endif
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    XMEMSET(((unsigned char *)cmac) + sizeof(Aes), 0xff,
-        sizeof(Cmac) - sizeof(Aes));
-    /* Aes part is checked by wc_AesFree. */
-    wc_MemZero_Add("wc_AesCmacGenerate_ex cmac",
-        ((unsigned char *)cmac) + sizeof(Aes), sizeof(Cmac) - sizeof(Aes));
-#endif
-
-    ret = wc_AesCmacVerify_ex(cmac,
-                              check, checkSz,
-                              in, inSz,
-                              key, keySz,
-                              NULL,
-                              INVALID_DEVID);
-
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(cmac, NULL, DYNAMIC_TYPE_CMAC);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    wc_MemZero_Check(cmac, sizeof(Cmac));
-#endif
-
-    return ret;
-}
-#endif /* !NO_AES && WOLFSSL_AES_DIRECT */
-
-#endif /* WOLFSSL_CMAC */
diff --git a/src/ssl/wolfssl/wolfcrypt/compress.c b/src/ssl/wolfssl/wolfcrypt/compress.c
deleted file mode 100644
index f2e8b3e6d..000000000
--- a/src/ssl/wolfssl/wolfcrypt/compress.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* compress.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_LIBZ
-
-
-#include <wolfssl/wolfcrypt/compress.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#include <zlib.h>
-
-
-/* alloc user allocs to work with zlib */
-static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
-{
-    (void)opaque;
-    return (void *)XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
-}
-
-
-static void myFree(void* opaque, void* memory)
-{
-    (void)opaque;
-    XFREE(memory, opaque, DYNAMIC_TYPE_LIBZ);
-}
-
-
-#ifdef HAVE_MCAPI
-    #define DEFLATE_DEFAULT_WINDOWBITS  11
-    #define DEFLATE_DEFAULT_MEMLEVEL     1
-#else
-    #define DEFLATE_DEFAULT_WINDOWBITS 15
-    #define DEFLATE_DEFAULT_MEMLEVEL    8
-#endif
-
-
-/*
- * out - pointer to destination buffer
- * outSz - size of destination buffer
- * in - pointer to source buffer to compress
- * inSz - size of source to compress
- * flags - flags to control how compress operates
- *
- * return:
- *    negative - error code
- *    positive - bytes stored in out buffer
- *
- * Note, the output buffer still needs to be larger than the input buffer.
- * The right chunk of data won't compress at all, and the lookup table will
- * add to the size of the output. The libz code says the compressed
- * buffer should be srcSz + 0.1% + 12.
- */
-int wc_Compress_ex(byte* out, word32 outSz, const byte* in, word32 inSz,
-    word32 flags, word32 windowBits)
-{
-    z_stream stream;
-    int result = 0;
-
-    stream.next_in = (Bytef*)in;
-    stream.avail_in = (uInt)inSz;
-#ifdef MAXSEG_64K
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong)stream.avail_in != inSz) return COMPRESS_INIT_E;
-#endif
-    stream.next_out = out;
-    stream.avail_out = (uInt)outSz;
-    if ((uLong)stream.avail_out != outSz) return COMPRESS_INIT_E;
-
-    stream.zalloc = (alloc_func)myAlloc;
-    stream.zfree = (free_func)myFree;
-    stream.opaque = (voidpf)0;
-
-    if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
-                     DEFLATE_DEFAULT_WINDOWBITS | windowBits,
-                     DEFLATE_DEFAULT_MEMLEVEL,
-                     flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK)
-        return COMPRESS_INIT_E;
-
-    if (deflate(&stream, Z_FINISH) != Z_STREAM_END) {
-        deflateEnd(&stream);
-        return COMPRESS_E;
-    }
-
-    result = (int)stream.total_out;
-
-    if (deflateEnd(&stream) != Z_OK)
-        result = COMPRESS_E;
-
-    return result;
-}
-
-int wc_Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags)
-{
-    return wc_Compress_ex(out, outSz, in, inSz, flags, 0);
-}
-
-
-/* windowBits:
-* deflateInit() and inflateInit(), as well as deflateInit2() and inflateInit2()
-    with windowBits in 0..15 all process zlib-wrapped deflate data.
-    (See RFC 1950 and RFC 1951.)
-* deflateInit2() and inflateInit2() with negative windowBits in -1..-15 process
-    raw deflate data with no header or trailer.
-* deflateInit2() and inflateInit2() with windowBits in 16..31, i.e. 16
-    added to 0..15, process gzip-wrapped deflate data (RFC 1952).
-* inflateInit2() with windowBits in 32..47 (32 added to 0..15) will
-    automatically detect either a gzip or zlib header (but not raw deflate
-    data), and decompress accordingly.
-*/
-int wc_DeCompress_ex(byte* out, word32 outSz, const byte* in, word32 inSz,
-    int windowBits)
-/*
- * out - pointer to destination buffer
- * outSz - size of destination buffer
- * in - pointer to source buffer to compress
- * inSz - size of source to compress
- * windowBits - flags to control how decompress operates
- *
- * return:
- *    negative - error code
- *    positive - bytes stored in out buffer
- */
-{
-    z_stream stream;
-    int result = 0;
-
-    stream.next_in = (Bytef*)in;
-    stream.avail_in = (uInt)inSz;
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E;
-
-    stream.next_out = out;
-    stream.avail_out = (uInt)outSz;
-    if ((uLong)stream.avail_out != outSz) return DECOMPRESS_INIT_E;
-
-    stream.zalloc = (alloc_func)myAlloc;
-    stream.zfree = (free_func)myFree;
-    stream.opaque = (voidpf)0;
-
-    if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS | windowBits) != Z_OK)
-        return DECOMPRESS_INIT_E;
-
-    result = inflate(&stream, Z_FINISH);
-    if (result != Z_STREAM_END) {
-        inflateEnd(&stream);
-        return DECOMPRESS_E;
-    }
-
-    result = (int)stream.total_out;
-
-    if (inflateEnd(&stream) != Z_OK)
-        result = DECOMPRESS_E;
-
-    return result;
-}
-
-
-int wc_DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz)
-{
-    return wc_DeCompress_ex(out, outSz, in, inSz, 0);
-}
-
-
-/* Decompress the input buffer and create output buffer. Free'ing 'out' buffer
- * is the callers responsibility on successful return.
- *
- * out gets set to the output buffer created, *out gets overwritten
- * maxSz is the max decompression multiplier, i.e if 2 then max out size created
- *     would be 2*inSz, if set to -1 then there is no limit on out buffer size
- * memoryType the memory hint to use for 'out' i.e. DYNAMIC_TYPE_TMP_BUFFER
- * in  compressed input buffer
- * inSz size of 'in' buffer
- * windowBits decompression behavior flag (can be 0)
- * heap hint to use when mallocing 'out' buffer
- *
- * return the decompressed size, creates and grows out buffer as needed
- */
-int wc_DeCompressDynamic(byte** out, int maxSz, int memoryType,
-        const byte* in, word32 inSz, int windowBits, void* heap)
-{
-    z_stream   stream;
-    int result   = 0;
-    int i;
-    word32 tmpSz = 0;
-    byte*  tmp;
-
-    (void)memoryType;
-    (void)heap;
-
-    if (out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    i = (maxSz == 1)? 1 : 2; /* start with output buffer twice the size of input
-                              * unless max was set to 1 */
-
-    stream.next_in = (Bytef*)in;
-    stream.avail_in = (uInt)inSz;
-    /* Check for source > 64K on 16-bit machine: */
-    if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E;
-
-    tmpSz = inSz * i;
-    tmp = (byte*)XMALLOC(tmpSz, heap, memoryType);
-    if (tmp == NULL)
-        return MEMORY_E;
-
-    stream.next_out  = tmp;
-    stream.avail_out = (uInt)tmpSz;
-    if ((uLong)stream.avail_out != tmpSz) return DECOMPRESS_INIT_E;
-
-    stream.zalloc = (alloc_func)myAlloc;
-    stream.zfree  = (free_func)myFree;
-    stream.opaque = (voidpf)0;
-
-    if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS | windowBits) != Z_OK) {
-        XFREE(tmp, heap, memoryType);
-        return DECOMPRESS_INIT_E;
-    }
-
-    /*
-       Wanted to use inflateGetHeader here for uncompressed size but
-       structure gz_headerp does not contain the ISIZE from RFC1952
-
-        gz_headerp header;
-        inflateGetHeader(&stream, &header);
-    */
-
-    /* loop through doing the decompression block by block to get full size */
-    do {
-        result = inflate(&stream, Z_BLOCK);
-        if (result == Z_STREAM_END) {
-            /* hit end of decompression */
-            break;
-        }
-
-        /* good chance output buffer ran out of space with Z_BUF_ERROR
-           try increasing output buffer size */
-        if (result == Z_BUF_ERROR) {
-            word32 newSz;
-            byte*  newTmp;
-
-            if (maxSz > 0 && i >= maxSz) {
-                WOLFSSL_MSG("Hit max decompress size!");
-                break;
-            }
-            i++;
-
-            newSz = tmpSz + inSz;
-            newTmp = (byte*)XMALLOC(newSz, heap, memoryType);
-            if (newTmp == NULL) {
-                WOLFSSL_MSG("Memory error with increasing buffer size");
-                break;
-            }
-            XMEMCPY(newTmp, tmp, tmpSz);
-            XFREE(tmp, heap, memoryType);
-            tmp   = newTmp;
-            stream.next_out  = tmp + stream.total_out;
-            stream.avail_out = stream.avail_out + (uInt)inSz;
-            tmpSz  = newSz;
-            result = inflate(&stream, Z_BLOCK);
-        }
-    } while (result == Z_OK);
-
-    if (result == Z_STREAM_END) {
-        result = (int)stream.total_out;
-        *out   = (byte*)XMALLOC(result, heap, memoryType);
-        if (*out != NULL) {
-            XMEMCPY(*out, tmp, result);
-        }
-        else {
-            result = MEMORY_E;
-        }
-    }
-    else {
-        result = DECOMPRESS_E;
-    }
-
-    if (inflateEnd(&stream) != Z_OK)
-        result = DECOMPRESS_E;
-
-    XFREE(tmp, heap, memoryType);
-    tmp = NULL;
-
-    return result;
-}
-
-#endif /* HAVE_LIBZ */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/cpuid.c b/src/ssl/wolfssl/wolfcrypt/cpuid.c
deleted file mode 100644
index 5c3e333ff..000000000
--- a/src/ssl/wolfssl/wolfcrypt/cpuid.c
+++ /dev/null
@@ -1,411 +0,0 @@
-/* cpuid.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-
-#if defined(HAVE_CPUID) || defined(HAVE_CPUID_INTEL) || \
-    defined(HAVE_CPUID_AARCH64)
-    static cpuid_flags_atomic_t cpuid_flags = WC_CPUID_ATOMIC_INITIALIZER;
-#endif
-
-#if defined(HAVE_CPUID_INTEL) && defined(WOLFSSL_SGX)
-    /* @TODO calling cpuid from a trusted enclave needs additional hardening.
-     * For initial benchmarking, the cpu support is getting hard set.
-     * Another thing of note is cpuid calls cause a SIGILL signal, see
-     * github issue #5 on intel/intel-sgx-ssl */
-
-    /* For tying in an actual external call to cpuid this header and function
-     * call would be used :
-     * #include <sgx_cpuid.h>
-     * #define cpuid(reg, leaf, sub) sgx_cpuidex((reg),(leaf),(sub))
-     */
-    void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-
-            new_cpuid_flags |= CPUID_AVX1;
-            new_cpuid_flags |= CPUID_AVX2;
-            new_cpuid_flags |= CPUID_BMI2;
-            new_cpuid_flags |= CPUID_RDSEED;
-            new_cpuid_flags |= CPUID_AESNI;
-            new_cpuid_flags |= CPUID_ADX;
-            new_cpuid_flags |= CPUID_MOVBE;
-            new_cpuid_flags |= CPUID_BMI1;
-
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-
-#elif defined(HAVE_CPUID_INTEL)
-    /* Each platform needs to query info type 1 from cpuid to see if aesni is
-     * supported. Also, let's setup a macro for proper linkage w/o ABI conflicts
-     */
-
-    #ifndef _MSC_VER
-        #define cpuid(reg, leaf, sub)\
-            __asm__ __volatile__ ("cpuid":\
-                "=a" ((reg)[0]), "=b" ((reg)[1]), "=c" ((reg)[2]), "=d" ((reg)[3]) :\
-                "a" (leaf), "c"(sub));
-    #else
-        #include <intrin.h>
-
-        #define cpuid(a,b,c) __cpuidex((int*)a,b,c)
-    #endif /* _MSC_VER */
-
-    #define EAX 0
-    #define EBX 1
-    #define ECX 2
-    #define EDX 3
-
-    static cpuid_flags_t cpuid_flag(word32 leaf, word32 sub, word32 num, word32 bit)
-    {
-        int got_intel_cpu = 0;
-        int got_amd_cpu = 0;
-        unsigned int reg[5];
-
-        XMEMSET(reg, '\0', sizeof(reg));
-        cpuid(reg, 0, 0);
-
-        /* check for Intel cpu */
-        if (XMEMCMP((char *)&(reg[EBX]), "Genu", 4) == 0 &&
-            XMEMCMP((char *)&(reg[EDX]), "ineI", 4) == 0 &&
-            XMEMCMP((char *)&(reg[ECX]), "ntel", 4) == 0) {
-            got_intel_cpu = 1;
-        }
-
-        /* check for AMD cpu */
-        if (XMEMCMP((char *)&(reg[EBX]), "Auth", 4) == 0 &&
-            XMEMCMP((char *)&(reg[EDX]), "enti", 4) == 0 &&
-            XMEMCMP((char *)&(reg[ECX]), "cAMD", 4) == 0) {
-            got_amd_cpu = 1;
-        }
-
-        if (got_intel_cpu || got_amd_cpu) {
-            cpuid(reg, leaf, sub);
-            return ((reg[num] >> bit) & 0x1);
-        }
-        return 0;
-    }
-
-
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            if (cpuid_flag(1, 0, ECX, 28)) { new_cpuid_flags |= CPUID_AVX1  ; }
-            if (cpuid_flag(7, 0, EBX,  5)) { new_cpuid_flags |= CPUID_AVX2  ; }
-            if (cpuid_flag(7, 0, EBX,  8)) { new_cpuid_flags |= CPUID_BMI2  ; }
-            if (cpuid_flag(1, 0, ECX, 30)) { new_cpuid_flags |= CPUID_RDRAND; }
-            if (cpuid_flag(7, 0, EBX, 18)) { new_cpuid_flags |= CPUID_RDSEED; }
-            if (cpuid_flag(1, 0, ECX, 25)) { new_cpuid_flags |= CPUID_AESNI ; }
-            if (cpuid_flag(7, 0, EBX, 19)) { new_cpuid_flags |= CPUID_ADX   ; }
-            if (cpuid_flag(1, 0, ECX, 22)) { new_cpuid_flags |= CPUID_MOVBE ; }
-            if (cpuid_flag(7, 0, EBX,  3)) { new_cpuid_flags |= CPUID_BMI1  ; }
-            if (cpuid_flag(7, 0, EBX, 29)) { new_cpuid_flags |= CPUID_SHA   ; }
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#elif defined(HAVE_CPUID_AARCH64)
-
-#define CPUID_AARCH64_FEAT_AES         ((word64)1 << 4)
-#define CPUID_AARCH64_FEAT_AES_PMULL   ((word64)1 << 5)
-#define CPUID_AARCH64_FEAT_SHA256      ((word64)1 << 12)
-#define CPUID_AARCH64_FEAT_SHA256_512  ((word64)1 << 13)
-#define CPUID_AARCH64_FEAT_RDM         ((word64)1 << 28)
-#define CPUID_AARCH64_FEAT_SHA3        ((word64)1 << 32)
-#define CPUID_AARCH64_FEAT_SM3         ((word64)1 << 36)
-#define CPUID_AARCH64_FEAT_SM4         ((word64)1 << 40)
-
-#ifdef WOLFSSL_AARCH64_PRIVILEGE_MODE
-    /* https://developer.arm.com/documentation/ddi0601/2024-09/AArch64-Registers
-     * /ID-AA64ISAR0-EL1--AArch64-Instruction-Set-Attribute-Register-0 */
-
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            word64 features;
-
-            __asm__ __volatile (
-                "mrs    %[feat], ID_AA64ISAR0_EL1\n"
-                : [feat] "=r" (features)
-                :
-                :
-            );
-
-            if (features & CPUID_AARCH64_FEAT_AES)
-                new_cpuid_flags |= CPUID_AES;
-            if (features & CPUID_AARCH64_FEAT_AES_PMULL) {
-                new_cpuid_flags |= CPUID_AES;
-                new_cpuid_flags |= CPUID_PMULL;
-            }
-            if (features & CPUID_AARCH64_FEAT_SHA256)
-                new_cpuid_flags |= CPUID_SHA256;
-            if (features & CPUID_AARCH64_FEAT_SHA256_512)
-                new_cpuid_flags |= CPUID_SHA256 | CPUID_SHA512;
-            if (features & CPUID_AARCH64_FEAT_RDM)
-                new_cpuid_flags |= CPUID_RDM;
-            if (features & CPUID_AARCH64_FEAT_SHA3)
-                new_cpuid_flags |= CPUID_SHA3;
-            if (features & CPUID_AARCH64_FEAT_SM3)
-                new_cpuid_flags |= CPUID_SM3;
-            if (features & CPUID_AARCH64_FEAT_SM4)
-                new_cpuid_flags |= CPUID_SM4;
-
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#elif defined(__linux__)
-    /* https://community.arm.com/arm-community-blogs/b/operating-systems-blog/
-     * posts/runtime-detection-of-cpu-features-on-an-armv8-a-cpu */
-
-    #include <sys/auxv.h>
-    #include <asm/hwcap.h>
-
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            word64 hwcaps = getauxval(AT_HWCAP);
-
-        #ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-            if (hwcaps & HWCAP_AES)
-                new_cpuid_flags |= CPUID_AES;
-            if (hwcaps & HWCAP_PMULL)
-                new_cpuid_flags |= CPUID_PMULL;
-            if (hwcaps & HWCAP_SHA2)
-                new_cpuid_flags |= CPUID_SHA256;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA512
-            if (hwcaps & HWCAP_SHA512)
-                new_cpuid_flags |= CPUID_SHA512;
-        #endif
-        #if defined(HWCAP_ASIMDRDM) && !defined(WOLFSSL_AARCH64_NO_SQRDMLSH)
-            if (hwcaps & HWCAP_ASIMDRDM)
-                new_cpuid_flags |= CPUID_RDM;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            if (hwcaps & HWCAP_SHA3)
-                new_cpuid_flags |= CPUID_SHA3;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SM3
-            if (hwcaps & HWCAP_SM3)
-                new_cpuid_flags |= CPUID_SM3;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SM4
-            if (hwcaps & HWCAP_SM4)
-                new_cpuid_flags |= CPUID_SM4;
-        #endif
-
-            (void)hwcaps;
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#elif defined(__ANDROID__) || defined(ANDROID)
-    /* https://community.arm.com/arm-community-blogs/b/operating-systems-blog/
-     * posts/runtime-detection-of-cpu-features-on-an-armv8-a-cpu */
-
-    #include "cpu-features.h"
-
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            word64 features = android_getCpuFeatures();
-
-            if (features & ANDROID_CPU_ARM_FEATURE_AES)
-                new_cpuid_flags |= CPUID_AES;
-            if (features & ANDROID_CPU_ARM_FEATURE_PMULL)
-                new_cpuid_flags |= CPUID_PMULL;
-            if (features & ANDROID_CPU_ARM_FEATURE_SHA2)
-                new_cpuid_flags |= CPUID_SHA256;
-
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#elif defined(__APPLE__)
-    /* https://developer.apple.com/documentation/kernel/1387446-sysctlbyname/
-     * determining_instruction_set_characteristics */
-
-    #include <sys/sysctl.h>
-
-    static word64 cpuid_get_sysctlbyname(const char* name)
-    {
-        word64 ret = 0;
-        size_t size = sizeof(ret);
-
-        sysctlbyname(name, &ret, &size, NULL, 0);
-
-        return ret;
-    }
-
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            if (cpuid_get_sysctlbyname("hw.optional.arm.FEAT_AES") != 0)
-                new_cpuid_flags |= CPUID_AES;
-            if (cpuid_get_sysctlbyname("hw.optional.arm.FEAT_PMULL") != 0)
-                new_cpuid_flags |= CPUID_PMULL;
-            if (cpuid_get_sysctlbyname("hw.optional.arm.FEAT_SHA256") != 0)
-                new_cpuid_flags |= CPUID_SHA256;
-            if (cpuid_get_sysctlbyname("hw.optional.arm.FEAT_SHA512") != 0)
-                new_cpuid_flags |= CPUID_SHA512;
-            if (cpuid_get_sysctlbyname("hw.optional.arm.FEAT_RDM") != 0)
-                new_cpuid_flags |= CPUID_RDM;
-            if (cpuid_get_sysctlbyname("hw.optional.arm.FEAT_SHA3") != 0)
-                new_cpuid_flags |= CPUID_SHA3;
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SM3
-            new_cpuid_flags |= CPUID_SM3;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SM4
-            new_cpuid_flags |= CPUID_SM4;
-        #endif
-
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#elif defined(__FreeBSD__) || defined(__OpenBSD__)
-    /* https://man.freebsd.org/cgi/man.cgi?elf_aux_info(3) */
-
-    #include <sys/auxv.h>
-
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            word64 features = 0;
-
-            elf_aux_info(AT_HWCAP, &features, sizeof(features));
-
-            if (features & CPUID_AARCH64_FEAT_AES)
-                new_cpuid_flags |= CPUID_AES;
-            if (features & CPUID_AARCH64_FEAT_AES_PMULL) {
-                new_cpuid_flags |= CPUID_AES;
-                new_cpuid_flags |= CPUID_PMULL;
-            }
-            if (features & CPUID_AARCH64_FEAT_SHA256)
-                new_cpuid_flags |= CPUID_SHA256;
-            if (features & CPUID_AARCH64_FEAT_SHA256_512)
-                new_cpuid_flags |= CPUID_SHA256 | CPUID_SHA512;
-            if (features & CPUID_AARCH64_FEAT_RDM)
-                new_cpuid_flags |= CPUID_RDM;
-            if (features & CPUID_AARCH64_FEAT_SHA3)
-                new_cpuid_flags |= CPUID_SHA3;
-            if (features & CPUID_AARCH64_FEAT_SM3)
-                new_cpuid_flags |= CPUID_SM3;
-            if (features & CPUID_AARCH64_FEAT_SM4)
-                new_cpuid_flags |= CPUID_SM4;
-
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#else
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-        #ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
-            new_cpuid_flags |= CPUID_AES;
-            new_cpuid_flags |= CPUID_PMULL;
-            new_cpuid_flags |= CPUID_SHA256;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA512
-            new_cpuid_flags |= CPUID_SHA512;
-        #endif
-        #ifndef WOLFSSL_AARCH64_NO_SQRDMLSH
-            new_cpuid_flags |= CPUID_RDM;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-            new_cpuid_flags |= CPUID_SHA3;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SM3
-            new_cpuid_flags |= CPUID_SM3;
-        #endif
-        #ifdef WOLFSSL_ARMASM_CRYPTO_SM4
-            new_cpuid_flags |= CPUID_SM4;
-        #endif
-
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#endif
-#elif defined(HAVE_CPUID)
-    static WC_INLINE void cpuid_set_flags(void)
-    {
-        if (WOLFSSL_ATOMIC_LOAD(cpuid_flags) == WC_CPUID_INITIALIZER) {
-            cpuid_flags_t new_cpuid_flags = 0,
-                old_cpuid_flags = WC_CPUID_INITIALIZER;
-            (void)wolfSSL_Atomic_Uint_CompareExchange
-                (&cpuid_flags, &old_cpuid_flags, new_cpuid_flags);
-        }
-    }
-#endif
-
-#ifdef HAVE_CPUID
-
-    cpuid_flags_t cpuid_get_flags(void)
-    {
-        cpuid_set_flags();
-        return WOLFSSL_ATOMIC_LOAD(cpuid_flags);
-    }
-
-    void cpuid_select_flags(cpuid_flags_t flags)
-    {
-        WOLFSSL_ATOMIC_STORE(cpuid_flags, flags);
-    }
-
-    void cpuid_set_flag(cpuid_flags_t flag)
-    {
-        cpuid_flags_t current_flags = WOLFSSL_ATOMIC_LOAD(cpuid_flags);
-        while (! wolfSSL_Atomic_Uint_CompareExchange
-               (&cpuid_flags, &current_flags, current_flags | flag))
-            WC_RELAX_LONG_LOOP();
-    }
-
-    void cpuid_clear_flag(cpuid_flags_t flag)
-    {
-        cpuid_flags_t current_flags = WOLFSSL_ATOMIC_LOAD(cpuid_flags);
-        while (! wolfSSL_Atomic_Uint_CompareExchange
-               (&cpuid_flags, &current_flags, current_flags & ~flag))
-            WC_RELAX_LONG_LOOP();
-    }
-
-#endif /* HAVE_CPUID */
diff --git a/src/ssl/wolfssl/wolfcrypt/curve448.c b/src/ssl/wolfssl/wolfcrypt/curve448.c
deleted file mode 100644
index 74e2cee07..000000000
--- a/src/ssl/wolfssl/wolfcrypt/curve448.c
+++ /dev/null
@@ -1,729 +0,0 @@
-/* curve448.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implemented to: RFC 7748 */
-
-/* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work.
- * Reworked for curve448 by Sean Parkinson.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_CURVE448
-
-#include <wolfssl/wolfcrypt/curve448.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-int wc_curve448_make_pub(int public_size, byte* pub, int private_size,
-    const byte* priv)
-{
-    int ret;
-    unsigned char basepoint[CURVE448_KEY_SIZE] = {5};
-
-    if ((pub == NULL) || (priv == NULL)) {
-        return ECC_BAD_ARG_E;
-    }
-    if ((public_size  != CURVE448_PUB_KEY_SIZE) ||
-        (private_size != CURVE448_KEY_SIZE)) {
-        return ECC_BAD_ARG_E;
-    }
-
-    fe448_init();
-
-    /* compute public key */
-    ret = curve448(pub, priv, basepoint);
-
-    return ret;
-}
-
-
-/* Make a new curve448 private/public key.
- *
- * rng      [in]  Random number generator.
- * keysize  [in]  Size of the key to generate.
- * key      [in]  Curve448 key object.
- * returns BAD_FUNC_ARG when rng or key are NULL,
- *         ECC_BAD_ARG_E when keysize is not CURVE448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_make_key(WC_RNG* rng, int keysize, curve448_key* key)
-{
-    int  ret = 0;
-
-    if ((key == NULL) || (rng == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* currently only a key size of 56 bytes is used */
-    if ((ret == 0) && (keysize != CURVE448_KEY_SIZE)) {
-        ret = ECC_BAD_ARG_E;
-    }
-
-    if (ret == 0) {
-        /* random number for private key */
-        ret = wc_RNG_GenerateBlock(rng, key->k, (word32)keysize);
-    }
-    if (ret == 0) {
-        key->privSet = 1;
-
-        /* clamp private */
-        key->k[0] &= 0xfc;
-        key->k[CURVE448_KEY_SIZE-1] |= 0x80;
-
-        /* compute public */
-        ret = wc_curve448_make_pub((int)sizeof(key->p), key->p,
-                                   (int)sizeof(key->k), key->k);
-        if (ret == 0) {
-            key->pubSet = 1;
-        }
-        else {
-            ForceZero(key->k, sizeof(key->k));
-            XMEMSET(key->p, 0, sizeof(key->p));
-        }
-    }
-
-    return ret;
-}
-
-#ifdef HAVE_CURVE448_SHARED_SECRET
-
-/* Calculate the shared secret from the private key and peer's public key.
- * Calculation over curve448.
- * Secret encoded big-endian.
- *
- * private_key  [in]      Curve448 private key.
- * public_key   [in]      Curve448 public key.
- * out          [in]      Array to hold shared secret.
- * outLen       [in/out]  On in, the number of bytes in array.
- *                        On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL or outLen is less than
- *         CURVE448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_shared_secret(curve448_key* private_key,
-                              curve448_key* public_key,
-                              byte* out, word32* outLen)
-{
-    return wc_curve448_shared_secret_ex(private_key, public_key, out, outLen,
-                                        EC448_BIG_ENDIAN);
-}
-
-/* Calculate the shared secret from the private key and peer's public key.
- * Calculation over curve448.
- *
- * private_key  [in]      Curve448 private key.
- * public_key   [in]      Curve448 public key.
- * out          [in]      Array to hold shared secret.
- * outLen       [in/out]  On in, the number of bytes in array.
- *                        On out, the number bytes put into array.
- * endian       [in]      Endianness to use when encoding number in array.
- * returns BAD_FUNC_ARG when a parameter is NULL or outLen is less than
- *         CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_shared_secret_ex(curve448_key* private_key,
-                                 curve448_key* public_key,
-                                 byte* out, word32* outLen, int endian)
-{
-    unsigned char o[CURVE448_PUB_KEY_SIZE];
-    int ret = 0;
-    int i;
-
-    /* sanity check */
-    if ((private_key == NULL) || (public_key == NULL) || (out == NULL) ||
-                        (outLen == NULL) || (*outLen < CURVE448_PUB_KEY_SIZE)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* make sure we have a populated private and public key */
-    if (ret == 0 && (!private_key->privSet || !public_key->pubSet)) {
-        ret = ECC_BAD_ARG_E;
-    }
-
-    if (ret == 0) {
-        ret = curve448(o, private_key->k, public_key->p);
-    }
-#ifdef WOLFSSL_ECDHX_SHARED_NOT_ZERO
-    if (ret == 0) {
-        byte t = 0;
-        for (i = 0; i < CURVE448_PUB_KEY_SIZE; i++) {
-            t |= o[i];
-        }
-        if (t == 0) {
-            ret = ECC_OUT_OF_RANGE_E;
-        }
-    }
-#endif
-    if (ret == 0) {
-        if (endian == EC448_BIG_ENDIAN) {
-            /* put shared secret key in Big Endian format */
-            for (i = 0; i < CURVE448_PUB_KEY_SIZE; i++) {
-                 out[i] = o[CURVE448_PUB_KEY_SIZE - i -1];
-            }
-        }
-        else {
-            /* put shared secret key in Little Endian format */
-            XMEMCPY(out, o, CURVE448_PUB_KEY_SIZE);
-        }
-
-        *outLen = CURVE448_PUB_KEY_SIZE;
-    }
-
-    ForceZero(o, CURVE448_PUB_KEY_SIZE);
-
-    return ret;
-}
-
-#endif /* HAVE_CURVE448_SHARED_SECRET */
-
-#ifdef HAVE_CURVE448_KEY_EXPORT
-
-/* Export the curve448 public key.
- * Public key encoded big-endian.
- *
- * key     [in]      Curve448 public key.
- * out     [in]      Array to hold public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when outLen is less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_export_public(curve448_key* key, byte* out, word32* outLen)
-{
-    return wc_curve448_export_public_ex(key, out, outLen, EC448_BIG_ENDIAN);
-}
-
-/* Export the curve448 public key.
- *
- * key     [in]      Curve448 public key.
- * out     [in]      Array to hold public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * endian  [in]      Endianness to use when encoding number in array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when outLen is less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_export_public_ex(curve448_key* key, byte* out, word32* outLen,
-                                 int endian)
-{
-    int ret = 0;
-
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* check and set outgoing key size */
-    if ((ret == 0) && (*outLen < CURVE448_PUB_KEY_SIZE)) {
-        *outLen = CURVE448_PUB_KEY_SIZE;
-        ret = ECC_BAD_ARG_E;
-    }
-    if (ret == 0) {
-        /* calculate public if missing */
-        if (!key->pubSet) {
-            ret = wc_curve448_make_pub((int)sizeof(key->p), key->p,
-                                       (int)sizeof(key->k), key->k);
-            key->pubSet = (ret == 0);
-        }
-    }
-    if (ret == 0) {
-        *outLen = CURVE448_PUB_KEY_SIZE;
-        if (endian == EC448_BIG_ENDIAN) {
-            int i;
-            /* read keys in Big Endian format */
-            for (i = 0; i < CURVE448_PUB_KEY_SIZE; i++) {
-                out[i] = key->p[CURVE448_PUB_KEY_SIZE - i - 1];
-            }
-        }
-        else {
-            XMEMCPY(out, key->p, CURVE448_PUB_KEY_SIZE);
-        }
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_CURVE448_KEY_EXPORT */
-
-#ifdef HAVE_CURVE448_KEY_IMPORT
-
-/* Import a curve448 public key from a byte array.
- * Public key encoded in big-endian.
- *
- * in      [in]  Array holding public key.
- * inLen   [in]  Number of bytes of data in array.
- * key     [in]  Curve448 public key.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when inLen is less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_import_public(const byte* in, word32 inLen, curve448_key* key)
-{
-    return wc_curve448_import_public_ex(in, inLen, key, EC448_BIG_ENDIAN);
-}
-
-/* Import a curve448 public key from a byte array.
- *
- * in      [in]  Array holding public key.
- * inLen   [in]  Number of bytes of data in array.
- * key     [in]  Curve448 public key.
- * endian  [in]  Endianness of encoded number in byte array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when inLen is less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_import_public_ex(const byte* in, word32 inLen,
-                                 curve448_key* key, int endian)
-{
-    int ret = 0;
-
-    /* sanity check */
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* check size of incoming keys */
-    if ((ret == 0) && (inLen != CURVE448_PUB_KEY_SIZE)) {
-       ret = ECC_BAD_ARG_E;
-    }
-
-    if (ret == 0) {
-        if (endian == EC448_BIG_ENDIAN) {
-            int i;
-            /* read keys in Big Endian format */
-            for (i = 0; i < CURVE448_PUB_KEY_SIZE; i++) {
-                key->p[i] = in[CURVE448_PUB_KEY_SIZE - i - 1];
-            }
-        }
-        else
-            XMEMCPY(key->p, in, inLen);
-        key->pubSet = 1;
-    }
-
-    return ret;
-}
-
-/* Check the public key value (big or little endian)
- *
- * pub     [in]  Public key bytes.
- * pubSz   [in]  Size of public key in bytes.
- * endian  [in]  Public key bytes passed in as big-endian or little-endian.
- * returns BAD_FUNC_ARGS when pub is NULL,
- *         ECC_BAD_ARG_E when key length is not 56 bytes, public key value is
- *         zero or one;
- *         BUFFER_E when size of public key is zero;
- *         0 otherwise.
- */
-int wc_curve448_check_public(const byte* pub, word32 pubSz, int endian)
-{
-    int ret = 0;
-
-    if (pub == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check for empty key data */
-    if ((ret == 0) && (pubSz == 0)) {
-        ret = BUFFER_E;
-    }
-
-    /* Check key length */
-    if ((ret == 0) && (pubSz != CURVE448_PUB_KEY_SIZE)) {
-        ret = ECC_BAD_ARG_E;
-    }
-
-    if (ret == 0) {
-        word32 i;
-
-        if (endian == EC448_LITTLE_ENDIAN) {
-            /* Check for value of zero or one */
-            for (i = CURVE448_PUB_KEY_SIZE - 1; i > 0; i--) {
-                if (pub[i] != 0) {
-                    break;
-                }
-            }
-            if ((i == 0) && (pub[0] == 0 || pub[0] == 1)) {
-                return ECC_BAD_ARG_E;
-            }
-            /* Check for order-1 or higher */
-            for (i = CURVE448_PUB_KEY_SIZE - 1; i > 28; i--) {
-                if (pub[i] != 0xff) {
-                    break;
-                }
-            }
-            if ((i == 28) && (pub[i] == 0xff)) {
-                return ECC_BAD_ARG_E;
-            }
-            if ((i == 28) && (pub[i] == 0xfe)) {
-                for (--i; i > 0; i--) {
-                    if (pub[i] != 0xff) {
-                        break;
-                    }
-                }
-                if ((i == 0) && (pub[i] >= 0xfe)) {
-                    return ECC_BAD_ARG_E;
-                }
-            }
-        }
-        else {
-            /* Check for value of zero or one */
-            for (i = 0; i < CURVE448_PUB_KEY_SIZE-1; i++) {
-                if (pub[i] != 0) {
-                    break;
-                }
-            }
-            if ((i == CURVE448_PUB_KEY_SIZE - 1) &&
-                (pub[i] == 0 || pub[i] == 1)) {
-                ret = ECC_BAD_ARG_E;
-            }
-            /* Check for order-1 or higher */
-            for (i = 0; i < 27; i++) {
-                if (pub[i] != 0xff) {
-                    break;
-                }
-            }
-            if ((i == 27) && (pub[i] == 0xff)) {
-                return ECC_BAD_ARG_E;
-            }
-            if ((i == 27) && (pub[i] == 0xfe)) {
-                for (++i; i < CURVE448_PUB_KEY_SIZE - 1; i--) {
-                    if (pub[i] != 0xff) {
-                        break;
-                    }
-                }
-                if ((i == CURVE448_PUB_KEY_SIZE) && (pub[i] >= 0xfe)) {
-                    return ECC_BAD_ARG_E;
-                }
-            }
-        }
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_CURVE448_KEY_IMPORT */
-
-
-#ifdef HAVE_CURVE448_KEY_EXPORT
-
-/* Export the curve448 private key raw form.
- * Private key encoded big-endian.
- *
- * key     [in]      Curve448 private key.
- * out     [in]      Array to hold private key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when outLen is less than CURVE448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_export_private_raw(curve448_key* key, byte* out, word32* outLen)
-{
-    return wc_curve448_export_private_raw_ex(key, out, outLen,
-                                             EC448_BIG_ENDIAN);
-}
-
-/* Export the curve448 private key raw form.
- *
- * key     [in]      Curve448 private key.
- * out     [in]      Array to hold private key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * endian  [in]      Endianness to use when encoding number in array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when outLen is less than CURVE448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_export_private_raw_ex(curve448_key* key, byte* out,
-                                      word32* outLen, int endian)
-{
-    int ret = 0;
-
-    /* sanity check */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* check size of outgoing buffer */
-    if ((ret == 0) && (*outLen < CURVE448_KEY_SIZE)) {
-        *outLen = CURVE448_KEY_SIZE;
-        ret = ECC_BAD_ARG_E;
-    }
-    if (ret == 0) {
-        *outLen = CURVE448_KEY_SIZE;
-
-        if (endian == EC448_BIG_ENDIAN) {
-            int i;
-            /* put the key in Big Endian format */
-            for (i = 0; i < CURVE448_KEY_SIZE; i++) {
-                out[i] = key->k[CURVE448_KEY_SIZE - i - 1];
-            }
-        }
-        else {
-            XMEMCPY(out, key->k, CURVE448_KEY_SIZE);
-        }
-    }
-
-    return ret;
-}
-
-/* Export the curve448 private and public keys in raw form.
- * Private and public key encoded big-endian.
- *
- * key     [in]      Curve448 private key.
- * priv    [in]      Array to hold private key.
- * privSz  [in/out]  On in, the number of bytes in private key array.
- *                   On out, the number bytes put into private key array.
- * pub     [in]      Array to hold public key.
- * pubSz   [in/out]  On in, the number of bytes in public key array.
- *                   On out, the number bytes put into public key array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when privSz is less than CURVE448_KEY_SIZE or pubSz is
- *         less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_export_key_raw(curve448_key* key, byte* priv, word32 *privSz,
-                               byte* pub, word32 *pubSz)
-{
-    return wc_curve448_export_key_raw_ex(key, priv, privSz, pub, pubSz,
-                                         EC448_BIG_ENDIAN);
-}
-
-/* Export the curve448 private and public keys in raw form.
- *
- * key     [in]      Curve448 private key.
- * priv    [in]      Array to hold private key.
- * privSz  [in/out]  On in, the number of bytes in private key array.
- *                   On out, the number bytes put into private key array.
- * pub     [in]      Array to hold public key.
- * pubSz   [in/out]  On in, the number of bytes in public key array.
- *                   On out, the number bytes put into public key array.
- * endian  [in]      Endianness to use when encoding number in array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when privSz is less than CURVE448_KEY_SIZE or pubSz is
- *         less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_export_key_raw_ex(curve448_key* key, byte* priv, word32 *privSz,
-                                  byte* pub, word32 *pubSz, int endian)
-{
-    int ret;
-
-    /* export private part */
-    ret = wc_curve448_export_private_raw_ex(key, priv, privSz, endian);
-    if (ret == 0) {
-        /* export public part */
-        ret = wc_curve448_export_public_ex(key, pub, pubSz, endian);
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_CURVE448_KEY_EXPORT */
-
-#ifdef HAVE_CURVE448_KEY_IMPORT
-
-/* Import curve448 private and public keys from a byte arrays.
- * Private and public keys encoded in big-endian.
- *
- * piv     [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in private key array.
- * pub     [in]  Array holding public key.
- * pubSz   [in]  Number of bytes of data in public key array.
- * key     [in]  Curve448 private/public key.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when privSz is less than CURVE448_KEY_SIZE or pubSz is
- *         less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_import_private_raw(const byte* priv, word32 privSz,
-                                   const byte* pub, word32 pubSz,
-                                   curve448_key* key)
-{
-    return wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz, key,
-                                             EC448_BIG_ENDIAN);
-}
-
-/* Import curve448 private and public keys from a byte arrays.
- *
- * piv     [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in private key array.
- * pub     [in]  Array holding public key.
- * pubSz   [in]  Number of bytes of data in public key array.
- * key     [in]  Curve448 private/public key.
- * endian  [in]  Endianness of encoded numbers in byte arrays.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when privSz is less than CURVE448_KEY_SIZE or pubSz is
- *         less than CURVE448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_import_private_raw_ex(const byte* priv, word32 privSz,
-                                      const byte* pub, word32 pubSz,
-                                      curve448_key* key, int endian)
-{
-    int ret;
-
-    /* import private part */
-    ret = wc_curve448_import_private_ex(priv, privSz, key, endian);
-    if (ret == 0) {
-        /* import public part */
-        return wc_curve448_import_public_ex(pub, pubSz, key, endian);
-    }
-
-    return ret;
-}
-
-/* Import curve448 private key from a byte array.
- * Private key encoded in big-endian.
- *
- * piv     [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in private key array.
- * key     [in]  Curve448 private/public key.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when privSz is less than CURVE448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_import_private(const byte* priv, word32 privSz,
-                               curve448_key* key)
-{
-    return wc_curve448_import_private_ex(priv, privSz, key, EC448_BIG_ENDIAN);
-}
-
-/* Import curve448 private key from a byte array.
- *
- * piv     [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in private key array.
- * key     [in]  Curve448 private/public key.
- * endian  [in]  Endianness of encoded number in byte array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when privSz is less than CURVE448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_curve448_import_private_ex(const byte* priv, word32 privSz,
-                                  curve448_key* key, int endian)
-{
-    int ret = 0;
-
-    /* sanity check */
-    if ((key == NULL) || (priv == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* check size of incoming keys */
-    if ((ret == 0) && ((int)privSz != CURVE448_KEY_SIZE)) {
-        ret = ECC_BAD_ARG_E;
-    }
-
-    if (ret == 0) {
-        if (endian == EC448_BIG_ENDIAN) {
-            int i;
-            /* read the key in Big Endian format */
-            for (i = 0; i < CURVE448_KEY_SIZE; i++) {
-                key->k[i] = priv[CURVE448_KEY_SIZE - i - 1];
-            }
-        }
-        else {
-            XMEMCPY(key->k, priv, CURVE448_KEY_SIZE);
-        }
-
-        /* Clamp the key */
-        key->k[0] &= 0xfc;
-        key->k[CURVE448_KEY_SIZE-1] |= 0x80;
-
-        key->privSet = 1;
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_CURVE448_KEY_IMPORT */
-
-
-/* Initialize the curve448 key.
- *
- * key  [in]  Curve448 key object.
- * returns BAD_FUNC_ARG when key is NULL,
- *         0 otherwise.
- */
-int wc_curve448_init(curve448_key* key)
-{
-    int ret = 0;
-
-    if (key == NULL) {
-       ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        XMEMSET(key, 0, sizeof(*key));
-
-        fe448_init();
-
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Add("wc_curve448_init key->k", &key->k, CURVE448_KEY_SIZE);
-    #endif
-    }
-
-    return ret;
-}
-
-
-/* Clears the curve448 key data.
- *
- * key  [in]  Curve448 key object.
- */
-void wc_curve448_free(curve448_key* key)
-{
-    if (key != NULL) {
-        ForceZero(key->k, sizeof(key->k));
-        XMEMSET(key->p, 0, sizeof(key->p));
-        key->pubSet = 0;
-        key->privSet = 0;
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(key, sizeof(curve448_key));
-    #endif
-    }
-}
-
-
-/* Get the curve448 key's size.
- *
- * key  [in]  Curve448 key object.
- * returns 0 if key is NULL,
- *         CURVE448_KEY_SIZE otherwise.
- */
-int wc_curve448_size(curve448_key* key)
-{
-    int ret = 0;
-
-    if (key != NULL) {
-        ret = CURVE448_KEY_SIZE;
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_CURVE448 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/des3.c b/src/ssl/wolfssl/wolfcrypt/des3.c
deleted file mode 100644
index 9c39196de..000000000
--- a/src/ssl/wolfssl/wolfcrypt/des3.c
+++ /dev/null
@@ -1,1982 +0,0 @@
-/* des3.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_DES3
-
-#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
-    (HAVE_FIPS_VERSION == 2 || HAVE_FIPS_VERSION == 3)
-
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$d")
-        #pragma const_seg(".fipsB$d")
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/des3.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#if defined(WOLFSSL_TI_CRYPT)
-    #include <wolfcrypt/src/port/ti/ti-des3.c>
-#else
-
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-
-/* Hardware Acceleration */
-#if defined(STM32_CRYPTO) && !defined(STM32_CRYPTO_AES_ONLY)
-
-    /*
-     * STM32F2/F4 hardware DES/3DES support through the standard
-     * peripheral library. (See note in README).
-     */
-
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        word32 *dkey = des->key;
-
-        (void)dir;
-
-        XMEMCPY(dkey, key, 8);
-    #if !defined(WOLFSSL_STM32_CUBEMX) || defined(STM32_HAL_V2)
-        ByteReverseWords(dkey, dkey, 8);
-    #endif
-
-        wc_Des_SetIV(des, iv);
-
-        return 0;
-    }
-
-    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
-    {
-        if (des == NULL || key == NULL)
-            return BAD_FUNC_ARG;
-
-        (void)dir;
-
-    #ifndef WOLFSSL_STM32_CUBEMX
-        {
-            word32 *dkey1 = des->key[0];
-            word32 *dkey2 = des->key[1];
-            word32 *dkey3 = des->key[2];
-
-            XMEMCPY(dkey1, key, 8);         /* set key 1 */
-            XMEMCPY(dkey2, key + 8, 8);     /* set key 2 */
-            XMEMCPY(dkey3, key + 16, 8);    /* set key 3 */
-
-            ByteReverseWords(dkey1, dkey1, 8);
-            ByteReverseWords(dkey2, dkey2, 8);
-            ByteReverseWords(dkey3, dkey3, 8);
-        }
-    #else
-        /* CUBEMX wants keys in sequential memory */
-        XMEMCPY(des->key[0], key, DES3_KEYLEN);
-        #ifdef STM32_HAL_V2
-        ByteReverseWords((word32*)des->key, (word32*)des->key, DES3_KEYLEN);
-        #endif
-    #endif
-
-        return wc_Des3_SetIV(des, iv);
-    }
-
-    static void DesCrypt(Des* des, byte* out, const byte* in, word32 sz,
-                  int dir, int mode)
-    {
-        int ret;
-    #ifdef WOLFSSL_STM32_CUBEMX
-        CRYP_HandleTypeDef hcryp;
-    #else
-        word32 *dkey, *iv;
-        CRYP_InitTypeDef DES_CRYP_InitStructure;
-        CRYP_KeyInitTypeDef DES_CRYP_KeyInitStructure;
-        CRYP_IVInitTypeDef DES_CRYP_IVInitStructure;
-    #endif
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return;
-        }
-
-    #ifdef WOLFSSL_STM32_CUBEMX
-        XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef));
-        hcryp.Instance = CRYP;
-        hcryp.Init.KeySize  = CRYP_KEYSIZE_128B;
-        hcryp.Init.DataType = CRYP_DATATYPE_8B;
-        hcryp.Init.pKey = (STM_CRYPT_TYPE*)des->key;
-        hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)des->reg;
-    #ifdef STM32_HAL_V2
-        hcryp.Init.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
-        if (mode == DES_CBC)
-            hcryp.Init.Algorithm = CRYP_DES_CBC;
-        else
-            hcryp.Init.Algorithm = CRYP_DES_ECB;
-    #endif
-
-        HAL_CRYP_Init(&hcryp);
-
-    #ifdef STM32_HAL_V2
-        if (dir == DES_ENCRYPTION) {
-            HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in, sz, (uint32_t*)out,
-                STM32_HAL_TIMEOUT);
-        }
-        else {
-            HAL_CRYP_Decrypt(&hcryp, (uint32_t*)in, sz, (uint32_t*)out,
-                STM32_HAL_TIMEOUT);
-        }
-        /* save off IV */
-        #ifdef WOLFSSL_STM32MP13
-            des->reg[0] = ((CRYP_TypeDef *)(hcryp.Instance))->IV0LR;
-            des->reg[1] = ((CRYP_TypeDef *)(hcryp.Instance))->IV0RR;
-        #else
-            des->reg[0] = hcryp.Instance->IV0LR;
-            des->reg[1] = hcryp.Instance->IV0RR;
-        #endif
-    #else
-        while (sz > 0) {
-            /* if input and output same will overwrite input iv */
-            XMEMCPY(des->tmp, in + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-
-            if (mode == DES_CBC) {
-                if (dir == DES_ENCRYPTION) {
-                    HAL_CRYP_DESCBC_Encrypt(&hcryp, (uint8_t*)in,
-                                    DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
-                }
-                else {
-                    HAL_CRYP_DESCBC_Decrypt(&hcryp, (uint8_t*)in,
-                                    DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
-                }
-            }
-            else {
-                if (dir == DES_ENCRYPTION) {
-                    HAL_CRYP_DESECB_Encrypt(&hcryp, (uint8_t*)in,
-                                    DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
-                }
-                else {
-                    HAL_CRYP_DESECB_Decrypt(&hcryp, (uint8_t*)in,
-                                    DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
-                }
-            }
-
-            /* store iv for next call */
-            XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
-
-            sz  -= DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-            out += DES_BLOCK_SIZE;
-        }
-    #endif /* STM32_HAL_V2 */
-
-        HAL_CRYP_DeInit(&hcryp);
-    #else
-        dkey = des->key;
-        iv = des->reg;
-
-        /* crypto structure initialization */
-        CRYP_KeyStructInit(&DES_CRYP_KeyInitStructure);
-        CRYP_StructInit(&DES_CRYP_InitStructure);
-        CRYP_IVStructInit(&DES_CRYP_IVInitStructure);
-
-        /* reset registers to their default values */
-        CRYP_DeInit();
-
-        /* set direction, mode, and datatype */
-        if (dir == DES_ENCRYPTION) {
-            DES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
-        } else { /* DES_DECRYPTION */
-            DES_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
-        }
-
-        if (mode == DES_CBC) {
-            DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_CBC;
-        } else { /* DES_ECB */
-            DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_ECB;
-        }
-
-        DES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
-        CRYP_Init(&DES_CRYP_InitStructure);
-
-        /* load key into correct registers */
-        DES_CRYP_KeyInitStructure.CRYP_Key1Left  = dkey[0];
-        DES_CRYP_KeyInitStructure.CRYP_Key1Right = dkey[1];
-        CRYP_KeyInit(&DES_CRYP_KeyInitStructure);
-
-        /* set iv */
-        ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
-        DES_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
-        DES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
-        CRYP_IVInit(&DES_CRYP_IVInitStructure);
-
-        /* enable crypto processor */
-        CRYP_Cmd(ENABLE);
-
-        while (sz > 0) {
-            /* flush IN/OUT FIFOs */
-            CRYP_FIFOFlush();
-
-            /* if input and output same will overwrite input iv */
-            XMEMCPY(des->tmp, in + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-
-            CRYP_DataIn(*(uint32_t*)&in[0]);
-            CRYP_DataIn(*(uint32_t*)&in[4]);
-
-            /* wait until the complete message has been processed */
-            while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-            *(uint32_t*)&out[0]  = CRYP_DataOut();
-            *(uint32_t*)&out[4]  = CRYP_DataOut();
-
-            /* store iv for next call */
-            XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
-
-            sz  -= DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-            out += DES_BLOCK_SIZE;
-        }
-
-        /* disable crypto processor */
-        CRYP_Cmd(DISABLE);
-    #endif /* WOLFSSL_STM32_CUBEMX */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_CBC);
-        return 0;
-    }
-
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        DesCrypt(des, out, in, sz, DES_DECRYPTION, DES_CBC);
-        return 0;
-    }
-
-    int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_ECB);
-        return 0;
-    }
-
-    static int Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz,
-                   int dir)
-    {
-        if (des == NULL || out == NULL || in == NULL)
-            return BAD_FUNC_ARG;
-
-    #ifdef WOLFSSL_STM32_CUBEMX
-        {
-            CRYP_HandleTypeDef hcryp;
-
-            XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef));
-            hcryp.Instance = CRYP;
-            hcryp.Init.KeySize  = CRYP_KEYSIZE_128B;
-            hcryp.Init.DataType = CRYP_DATATYPE_8B;
-            hcryp.Init.pKey = (STM_CRYPT_TYPE*)des->key;
-            hcryp.Init.pInitVect = (STM_CRYPT_TYPE*)des->reg;
-        #ifdef STM32_HAL_V2
-            hcryp.Init.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
-            hcryp.Init.Algorithm = CRYP_TDES_CBC;
-        #endif
-
-            HAL_CRYP_Init(&hcryp);
-
-        #ifdef STM32_HAL_V2
-            if (dir == DES_ENCRYPTION) {
-                HAL_CRYP_Encrypt(&hcryp, (uint32_t*)in, sz, (uint32_t*)out,
-                    STM32_HAL_TIMEOUT);
-            }
-            else {
-                HAL_CRYP_Decrypt(&hcryp, (uint32_t*)in, sz, (uint32_t*)out,
-                    STM32_HAL_TIMEOUT);
-            }
-            /* save off IV */
-            #ifdef WOLFSSL_STM32MP13
-                des->reg[0] = ((CRYP_TypeDef *)(hcryp.Instance))->IV0LR;
-                des->reg[1] = ((CRYP_TypeDef *)(hcryp.Instance))->IV0RR;
-            #else
-                des->reg[0] = hcryp.Instance->IV0LR;
-                des->reg[1] = hcryp.Instance->IV0RR;
-            #endif
-        #else
-            while (sz > 0) {
-                if (dir == DES_ENCRYPTION) {
-                    HAL_CRYP_TDESCBC_Encrypt(&hcryp, (byte*)in,
-                                       DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
-                }
-                else {
-                    HAL_CRYP_TDESCBC_Decrypt(&hcryp, (byte*)in,
-                                       DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
-                }
-
-                /* store iv for next call */
-                XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-
-                sz  -= DES_BLOCK_SIZE;
-                in  += DES_BLOCK_SIZE;
-                out += DES_BLOCK_SIZE;
-            }
-        #endif /* STM32_HAL_V2 */
-
-            HAL_CRYP_DeInit(&hcryp);
-        }
-    #else
-        {
-            word32 *dkey1, *dkey2, *dkey3, *iv;
-            CRYP_InitTypeDef DES3_CRYP_InitStructure;
-            CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure;
-            CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure;
-
-            dkey1 = des->key[0];
-            dkey2 = des->key[1];
-            dkey3 = des->key[2];
-            iv = des->reg;
-
-            /* crypto structure initialization */
-            CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure);
-            CRYP_StructInit(&DES3_CRYP_InitStructure);
-            CRYP_IVStructInit(&DES3_CRYP_IVInitStructure);
-
-            /* reset registers to their default values */
-            CRYP_DeInit();
-
-            /* set direction, mode, and datatype */
-            if (dir == DES_ENCRYPTION) {
-                DES3_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Encrypt;
-            } else {
-                DES3_CRYP_InitStructure.CRYP_AlgoDir  = CRYP_AlgoDir_Decrypt;
-            }
-
-            DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC;
-            DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
-            CRYP_Init(&DES3_CRYP_InitStructure);
-
-            /* load key into correct registers */
-            DES3_CRYP_KeyInitStructure.CRYP_Key1Left  = dkey1[0];
-            DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1];
-            DES3_CRYP_KeyInitStructure.CRYP_Key2Left  = dkey2[0];
-            DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1];
-            DES3_CRYP_KeyInitStructure.CRYP_Key3Left  = dkey3[0];
-            DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1];
-            CRYP_KeyInit(&DES3_CRYP_KeyInitStructure);
-
-            /* set iv */
-            ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
-            DES3_CRYP_IVInitStructure.CRYP_IV0Left  = iv[0];
-            DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
-            CRYP_IVInit(&DES3_CRYP_IVInitStructure);
-
-            /* enable crypto processor */
-            CRYP_Cmd(ENABLE);
-
-            while (sz > 0)
-            {
-                /* flush IN/OUT FIFOs */
-                CRYP_FIFOFlush();
-
-                CRYP_DataIn(*(uint32_t*)&in[0]);
-                CRYP_DataIn(*(uint32_t*)&in[4]);
-
-                /* wait until the complete message has been processed */
-                while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
-
-                *(uint32_t*)&out[0]  = CRYP_DataOut();
-                *(uint32_t*)&out[4]  = CRYP_DataOut();
-
-                /* store iv for next call */
-                XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-
-                sz  -= DES_BLOCK_SIZE;
-                in  += DES_BLOCK_SIZE;
-                out += DES_BLOCK_SIZE;
-            }
-
-            /* disable crypto processor */
-            CRYP_Cmd(DISABLE);
-        }
-    #endif /* WOLFSSL_STM32_CUBEMX */
-        return 0;
-    }
-
-    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        return Des3Crypt(des, out, in, sz, DES_ENCRYPTION);
-    }
-
-    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        return Des3Crypt(des, out, in, sz, DES_DECRYPTION);
-    }
-
-#elif defined(HAVE_COLDFIRE_SEC)
-
-    #include "sec.h"
-    #include "mcf5475_sec.h"
-    #include "mcf5475_siu.h"
-
-    #if defined (HAVE_THREADX)
-    #include "memory_pools.h"
-    extern TX_BYTE_POOL mp_ncached;  /* Non Cached memory pool */
-    #endif
-
-    #define DES_BUFFER_SIZE (DES_BLOCK_SIZE * 64)
-    static unsigned char *desBuffIn = NULL;
-    static unsigned char *desBuffOut = NULL;
-    static byte *secIV;
-    static byte *secKey;
-    static volatile SECdescriptorType *secDesc;
-
-    static wolfSSL_Mutex Mutex_DesSEC;
-
-    #define SEC_DESC_DES_CBC_ENCRYPT  0x20500010
-    #define SEC_DESC_DES_CBC_DECRYPT  0x20400010
-    #define SEC_DESC_DES3_CBC_ENCRYPT 0x20700010
-    #define SEC_DESC_DES3_CBC_DECRYPT 0x20600010
-
-    #define DES_IVLEN 8
-    #define DES_KEYLEN 8
-    #define DES3_IVLEN 8
-    #define DES3_KEYLEN 24
-
-    extern volatile unsigned char __MBAR[];
-
-    static void wc_Des_Cbc(byte* out, const byte* in, word32 sz,
-                        byte *key, byte *iv, word32 desc)
-    {
-        #ifdef DEBUG_WOLFSSL
-        int ret;  int stat1,stat2;
-        #endif
-        int size;
-        volatile int v;
-
-        wc_LockMutex(&Mutex_DesSEC) ;
-
-        secDesc->length1 = 0x0;
-        secDesc->pointer1 = NULL;
-        if((desc==SEC_DESC_DES_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_DECRYPT)){
-            secDesc->length2 = DES_IVLEN;
-            secDesc->length3 = DES_KEYLEN;
-        } else {
-            secDesc->length2 = DES3_IVLEN;
-            secDesc->length3 = DES3_KEYLEN;
-        }
-        secDesc->pointer2 = secIV;
-        secDesc->pointer3 = secKey;
-        secDesc->pointer4 = desBuffIn;
-        secDesc->pointer5 = desBuffOut;
-        secDesc->length6 = 0;
-        secDesc->pointer6 = NULL;
-        secDesc->length7 = 0x0;
-        secDesc->pointer7 = NULL;
-        secDesc->nextDescriptorPtr = NULL;
-
-        while(sz) {
-            XMEMCPY(secIV, iv, secDesc->length2);
-            if((sz%DES_BUFFER_SIZE) == sz) {
-                size = sz;
-                sz = 0;
-            } else {
-                size = DES_BUFFER_SIZE;
-                sz -= DES_BUFFER_SIZE;
-            }
-
-            XMEMCPY(desBuffIn, in, size);
-            XMEMCPY(secKey, key, secDesc->length3);
-
-            secDesc->header = desc;
-            secDesc->length4 = size;
-            secDesc->length5 = size;
-            /* Point SEC to the location of the descriptor */
-            MCF_SEC_FR0 = (uint32)secDesc;
-            /* Initialize SEC and wait for encryption to complete */
-            MCF_SEC_CCCR0 = 0x0000001a;
-            /* poll SISR to determine when channel is complete */
-            v=0;
-            while((secDesc->header>> 24) != 0xff) {
-                if(v++ > 1000)break;
-            }
-
-        #ifdef DEBUG_WOLFSSL
-            ret = MCF_SEC_SISRH;
-            stat1 = MCF_SEC_DSR;
-            stat2 = MCF_SEC_DISR;
-            if(ret & 0xe0000000) {
-                /* db_printf("Des_Cbc(%x):ISRH=%08x, DSR=%08x, DISR=%08x\n", desc, ret, stat1, stat2); */
-            }
-        #endif
-
-            XMEMCPY(out, desBuffOut, size);
-
-            if ((desc==SEC_DESC_DES3_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_ENCRYPT)) {
-                XMEMCPY((void*)iv, (void*)&(out[size-secDesc->length2]), secDesc->length2);
-            } else {
-                XMEMCPY((void*)iv, (void*)&(in[size-secDesc->length2]), secDesc->length2);
-            }
-
-            in  += size;
-            out += size;
-
-        }
-        wc_UnLockMutex(&Mutex_DesSEC) ;
-
-    }
-
-
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        wc_Des_Cbc(out, in, sz,  (byte *)des->key,  (byte *)des->reg, SEC_DESC_DES_CBC_ENCRYPT);
-        return 0;
-    }
-
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        wc_Des_Cbc(out, in, sz,   (byte *)des->key,  (byte *)des->reg, SEC_DESC_DES_CBC_DECRYPT);
-        return 0;
-    }
-
-    int wc_Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz)
-    {
-        wc_Des_Cbc(out, in, sz,  (byte *)des3->key,  (byte *)des3->reg, SEC_DESC_DES3_CBC_ENCRYPT);
-        return 0;
-    }
-
-
-    int wc_Des3_CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 sz)
-    {
-        wc_Des_Cbc(out, in, sz,   (byte *)des3->key,  (byte *)des3->reg, SEC_DESC_DES3_CBC_DECRYPT);
-        return 0;
-    }
-
-    static void setParity(byte *buf, int len)
-    {
-        int i, j;
-        byte v;
-        int bits;
-
-        for (i=0; i<len; i++) {
-            v = buf[i] >> 1;
-            buf[i] = v << 1;
-            bits = 0;
-            for (j=0; j<7; j++) {
-                bits += (v&0x1);
-                v = v >> 1;
-            }
-            buf[i] |= (1 - (bits&0x1));
-        }
-
-    }
-
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        if(desBuffIn == NULL) {
-        #if defined (HAVE_THREADX)
-            int s1, s2, s3, s4, s5;
-            s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
-                                                         sizeof(SECdescriptorType), TX_NO_WAIT);
-            s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn,  DES_BUFFER_SIZE, TX_NO_WAIT);
-            s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT);
-            /* Don't know des or des3 to be used. Allocate larger buffers */
-            s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey,     DES3_KEYLEN,TX_NO_WAIT);
-            s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV,      DES3_IVLEN,  TX_NO_WAIT);
-        #else
-            #warning "Allocate non-Cache buffers"
-        #endif
-
-            InitMutex(&Mutex_DesSEC);
-        }
-
-        XMEMCPY(des->key, key, DES_KEYLEN);
-        setParity((byte *)des->key, DES_KEYLEN);
-
-        if (iv) {
-            XMEMCPY(des->reg, iv, DES_IVLEN);
-        }   else {
-            XMEMSET(des->reg, 0x0, DES_IVLEN);
-        }
-        return 0;
-    }
-
-    int wc_Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
-    {
-        if (des3 == NULL || key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (desBuffIn == NULL) {
-        #if defined (HAVE_THREADX)
-            int s1, s2, s3, s4, s5;
-            s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
-                                                         sizeof(SECdescriptorType), TX_NO_WAIT);
-            s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn,  DES_BUFFER_SIZE, TX_NO_WAIT);
-            s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT);
-            s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey,     DES3_KEYLEN,TX_NO_WAIT);
-            s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV,      DES3_IVLEN,  TX_NO_WAIT);
-        #else
-            #warning "Allocate non-Cache buffers"
-        #endif
-
-            InitMutex(&Mutex_DesSEC);
-        }
-
-        XMEMCPY(des3->key[0], key, DES3_KEYLEN);
-        setParity((byte *)des3->key[0], DES3_KEYLEN);
-
-        if (iv) {
-            XMEMCPY(des3->reg, iv, DES3_IVLEN);
-        }   else {
-            XMEMSET(des3->reg, 0x0, DES3_IVLEN);
-        }
-        return 0;
-
-    }
-#elif defined(FREESCALE_LTC_DES)
-
-    #include "fsl_ltc.h"
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        byte* dkey;
-
-        if (des == NULL || key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        dkey = (byte*)des->key;
-
-        XMEMCPY(dkey, key, 8);
-
-        wc_Des_SetIV(des, iv);
-
-        return 0;
-    }
-
-    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
-    {
-        int ret = 0;
-        byte* dkey1;
-        byte* dkey2;
-        byte* dkey3;
-
-        if (des == NULL || key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        dkey1 = (byte*)des->key[0];
-        dkey2 = (byte*)des->key[1];
-        dkey3 = (byte*)des->key[2];
-
-        XMEMCPY(dkey1, key, 8);         /* set key 1 */
-        XMEMCPY(dkey2, key + 8, 8);     /* set key 2 */
-        XMEMCPY(dkey3, key + 16, 8);    /* set key 3 */
-
-        ret = wc_Des3_SetIV(des, iv);
-        if (ret != 0)
-            return ret;
-
-        return ret;
-    }
-
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        status_t status;
-        status = LTC_DES_EncryptCbc(LTC_BASE, in, out, sz, (byte*)des->reg, (byte*)des->key);
-        if (status == kStatus_Success)
-            return 0;
-        else
-            return -1;
-    }
-
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        status_t status;
-        status = LTC_DES_DecryptCbc(LTC_BASE, in, out, sz, (byte*)des->reg, (byte*)des->key);
-        if (status == kStatus_Success)
-            return 0;
-        else
-            return -1;
-    }
-
-    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        status_t status;
-        status = LTC_DES3_EncryptCbc(LTC_BASE,
-                                 in,
-                                 out,
-                                 sz,
-                                 (byte*)des->reg,
-                                 (byte*)des->key[0],
-                                 (byte*)des->key[1],
-                                 (byte*)des->key[2]);
-        if (status == kStatus_Success)
-            return 0;
-        else
-            return -1;
-    }
-
-    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        status_t status;
-        status = LTC_DES3_DecryptCbc(LTC_BASE,
-                                 in,
-                                 out,
-                                 sz,
-                                 (byte*)des->reg,
-                                 (byte*)des->key[0],
-                                 (byte*)des->key[1],
-                                 (byte*)des->key[2]);
-        if (status == kStatus_Success)
-            return 0;
-        else
-            return -1;
-
-    }
-
-#elif defined(FREESCALE_MMCAU)
-    /*
-     * Freescale mmCAU hardware DES/3DES support through the CAU/mmCAU library.
-     * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU
-     * Software Library User Guide (See note in README).
-     */
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        #include "cau_api.h"
-    #else
-        #include "fsl_mmcau.h"
-    #endif
-
-    const unsigned char parityLookup[128] = {
-        1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,
-        0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
-        0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,
-        1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0
-     };
-
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        int i = 0;
-        byte* dkey;
-
-
-        if (des == NULL || key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        dkey = (byte*)des->key;
-
-        XMEMCPY(dkey, key, 8);
-
-        wc_Des_SetIV(des, iv);
-
-        /* fix key parity, if needed */
-        for (i = 0; i < 8; i++) {
-            dkey[i] = ((dkey[i] & 0xFE) | parityLookup[dkey[i] >> 1]);
-        }
-
-        return 0;
-    }
-
-    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
-    {
-        int i = 0, ret = 0;
-        byte* dkey1;
-        byte* dkey2;
-        byte* dkey3;
-
-        if (des == NULL || key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        dkey1 = (byte*)des->key[0];
-        dkey2 = (byte*)des->key[1];
-        dkey3 = (byte*)des->key[2];
-
-        XMEMCPY(dkey1, key, 8);         /* set key 1 */
-        XMEMCPY(dkey2, key + 8, 8);     /* set key 2 */
-        XMEMCPY(dkey3, key + 16, 8);    /* set key 3 */
-
-        ret = wc_Des3_SetIV(des, iv);
-        if (ret != 0)
-            return ret;
-
-        /* fix key parity if needed */
-        for (i = 0; i < 8; i++)
-           dkey1[i] = ((dkey1[i] & 0xFE) | parityLookup[dkey1[i] >> 1]);
-
-        for (i = 0; i < 8; i++)
-           dkey2[i] = ((dkey2[i] & 0xFE) | parityLookup[dkey2[i] >> 1]);
-
-        for (i = 0; i < 8; i++)
-           dkey3[i] = ((dkey3[i] & 0xFE) | parityLookup[dkey3[i] >> 1]);
-
-        return ret;
-    }
-
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-        byte *iv;
-        byte temp_block[DES_BLOCK_SIZE];
-
-        iv = (byte*)des->reg;
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad cau_des_encrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            /* XOR block with IV for CBC */
-            xorbuf(temp_block, iv, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if(ret != 0) {
-                return ret;
-            }
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_encrypt(temp_block, (byte*)des->key, out + offset);
-        #else
-            MMCAU_DES_EncryptEcb(temp_block, (byte*)des->key, out + offset);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-
-            /* store IV for next block */
-            XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-        }
-
-        return ret;
-    }
-
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-        byte* iv;
-        byte temp_block[DES_BLOCK_SIZE];
-
-        iv = (byte*)des->reg;
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad cau_des_decrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if(ret != 0) {
-                return ret;
-            }
-
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_decrypt(in + offset, (byte*)des->key, out + offset);
-        #else
-            MMCAU_DES_DecryptEcb(in + offset, (byte*)des->key, out + offset);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            /* XOR block with IV for CBC */
-            xorbuf(out + offset, iv, DES_BLOCK_SIZE);
-
-            /* store IV for next block */
-            XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
-
-            len     -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-        }
-
-        return ret;
-    }
-
-    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-
-        byte *iv;
-        byte temp_block[DES_BLOCK_SIZE];
-
-        iv = (byte*)des->reg;
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad 3ede cau_des_encrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            /* XOR block with IV for CBC */
-            xorbuf(temp_block, iv, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if(ret != 0) {
-                return ret;
-            }
-    #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_encrypt(temp_block,   (byte*)des->key[0], out + offset);
-            cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset);
-            cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset);
-    #else
-            MMCAU_DES_EncryptEcb(temp_block  , (byte*)des->key[0], out + offset);
-            MMCAU_DES_DecryptEcb(out + offset, (byte*)des->key[1], out + offset);
-            MMCAU_DES_EncryptEcb(out + offset, (byte*)des->key[2], out + offset);
-    #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-
-            /* store IV for next block */
-            XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-        }
-
-        return ret;
-    }
-
-    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-
-        byte* iv;
-        byte temp_block[DES_BLOCK_SIZE];
-
-        iv = (byte*)des->reg;
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad 3ede cau_des_decrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if(ret != 0) {
-                return ret;
-            }
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_decrypt(in + offset,  (byte*)des->key[2], out + offset);
-            cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset);
-            cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset);
-        #else
-            MMCAU_DES_DecryptEcb(in + offset , (byte*)des->key[2], out + offset);
-            MMCAU_DES_EncryptEcb(out + offset, (byte*)des->key[1], out + offset);
-            MMCAU_DES_DecryptEcb(out + offset, (byte*)des->key[0], out + offset);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            /* XOR block with IV for CBC */
-            xorbuf(out + offset, iv, DES_BLOCK_SIZE);
-
-            /* store IV for next block */
-            XMEMCPY(iv, temp_block, DES_BLOCK_SIZE);
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-        }
-
-        return ret;
-    }
-
-
-#ifdef WOLFSSL_DES_ECB
-    /* One block, compatibility only */
-    int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-        byte temp_block[DES_BLOCK_SIZE];
-
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad cau_des_encrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if (ret != 0) {
-                return ret;
-            }
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_encrypt(temp_block, (byte*)des->key, out + offset);
-        #else
-            MMCAU_DES_EncryptEcb(temp_block, (byte*)des->key, out + offset);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-
-        }
-       return ret;
-
-    }
-
-    int wc_Des_EcbDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-        byte temp_block[DES_BLOCK_SIZE];
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad cau_des_decrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if (ret != 0) {
-                return ret;
-            }
-
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_decrypt(in + offset, (byte*)des->key, out + offset);
-        #else
-            MMCAU_DES_DecryptEcb(in + offset, (byte*)des->key, out + offset);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-        }
-
-        return ret;
-    }
-
-    int wc_Des3_EcbEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-
-        byte temp_block[DES_BLOCK_SIZE];
-
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad 3ede cau_des_encrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if (ret != 0) {
-                return ret;
-            }
-    #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_encrypt(temp_block,   (byte*)des->key[0], out + offset);
-            cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset);
-            cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset);
-    #else
-            MMCAU_DES_EncryptEcb(temp_block  , (byte*)des->key[0], out + offset);
-            MMCAU_DES_DecryptEcb(out + offset, (byte*)des->key[1], out + offset);
-            MMCAU_DES_EncryptEcb(out + offset, (byte*)des->key[2], out + offset);
-    #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-
-        }
-
-        return ret;
-    }
-
-    int wc_Des3_EcbDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        int offset = 0;
-        int len = sz;
-        int ret = 0;
-
-        byte temp_block[DES_BLOCK_SIZE];
-
-    #ifdef FREESCALE_MMCAU_CLASSIC
-        if ((wc_ptr_t)out % WOLFSSL_MMCAU_ALIGNMENT) {
-            WOLFSSL_MSG("Bad 3ede cau_des_decrypt alignment");
-            return BAD_ALIGN_E;
-        }
-    #endif
-
-        while (len > 0)
-        {
-            XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE);
-
-            ret = wolfSSL_CryptHwMutexLock();
-            if (ret != 0) {
-                return ret;
-            }
-        #ifdef FREESCALE_MMCAU_CLASSIC
-            cau_des_decrypt(in + offset,  (byte*)des->key[2], out + offset);
-            cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset);
-            cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset);
-        #else
-            MMCAU_DES_DecryptEcb(in + offset , (byte*)des->key[2], out + offset);
-            MMCAU_DES_EncryptEcb(out + offset, (byte*)des->key[1], out + offset);
-            MMCAU_DES_DecryptEcb(out + offset, (byte*)des->key[0], out + offset);
-        #endif
-            wolfSSL_CryptHwMutexUnLock();
-
-            len    -= DES_BLOCK_SIZE;
-            offset += DES_BLOCK_SIZE;
-        }
-
-        return ret;
-    }
-#endif /* WOLFSSL_DES_ECB */
-
-
-#elif defined(WOLFSSL_PIC32MZ_CRYPT)
-
-    /* PIC32MZ DES hardware requires size multiple of block size */
-    #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
-
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        if (des == NULL || key == NULL || iv == NULL)
-            return BAD_FUNC_ARG;
-
-        XMEMCPY(des->key, key, DES_KEYLEN);
-        XMEMCPY(des->reg, iv, DES_IVLEN);
-
-        return 0;
-    }
-
-    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
-    {
-        if (des == NULL || key == NULL || iv == NULL)
-            return BAD_FUNC_ARG;
-
-        XMEMCPY(des->key[0], key, DES3_KEYLEN);
-        XMEMCPY(des->reg, iv, DES3_IVLEN);
-
-        return 0;
-    }
-
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks = sz / DES_BLOCK_SIZE;
-
-        if (des == NULL || out == NULL || in == NULL)
-            return BAD_FUNC_ARG;
-
-        return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
-            out, in, (blocks * DES_BLOCK_SIZE),
-            PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
-    }
-
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks = sz / DES_BLOCK_SIZE;
-
-        if (des == NULL || out == NULL || in == NULL)
-            return BAD_FUNC_ARG;
-
-        return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
-            out, in, (blocks * DES_BLOCK_SIZE),
-            PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC);
-    }
-
-    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks = sz / DES_BLOCK_SIZE;
-
-        if (des == NULL || out == NULL || in == NULL)
-            return BAD_FUNC_ARG;
-
-        return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
-            out, in, (blocks * DES_BLOCK_SIZE),
-            PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
-    }
-
-    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks = sz / DES_BLOCK_SIZE;
-
-        if (des == NULL || out == NULL || in == NULL)
-            return BAD_FUNC_ARG;
-
-        return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
-            out, in, (blocks * DES_BLOCK_SIZE),
-            PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC);
-    }
-
-    #ifdef WOLFSSL_DES_ECB
-        int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-        {
-            word32 blocks = sz / DES_BLOCK_SIZE;
-
-            if (des == NULL || out == NULL || in == NULL)
-                return BAD_FUNC_ARG;
-
-            return wc_Pic32DesCrypt(des->key, DES_KEYLEN, des->reg, DES_IVLEN,
-                out, in, (blocks * DES_BLOCK_SIZE),
-                    PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_ECB);
-        }
-
-        int wc_Des3_EcbEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-        {
-            word32 blocks = sz / DES_BLOCK_SIZE;
-
-            if (des == NULL || out == NULL || in == NULL)
-                return BAD_FUNC_ARG;
-
-            return wc_Pic32DesCrypt(des->key[0], DES3_KEYLEN, des->reg, DES3_IVLEN,
-                out, in, (blocks * DES_BLOCK_SIZE),
-                PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TECB);
-        }
-    #endif /* WOLFSSL_DES_ECB */
-
-#else
-    #define NEED_SOFT_DES
-
-#endif
-
-
-#ifdef NEED_SOFT_DES
-
-    /* permuted choice table (key) */
-    static const FLASH_QUALIFIER byte pc1[] = {
-           57, 49, 41, 33, 25, 17,  9,
-            1, 58, 50, 42, 34, 26, 18,
-           10,  2, 59, 51, 43, 35, 27,
-           19, 11,  3, 60, 52, 44, 36,
-
-           63, 55, 47, 39, 31, 23, 15,
-            7, 62, 54, 46, 38, 30, 22,
-           14,  6, 61, 53, 45, 37, 29,
-           21, 13,  5, 28, 20, 12,  4
-    };
-
-    /* number left rotations of pc1 */
-    static const FLASH_QUALIFIER byte totrot[] = {
-           1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28
-    };
-
-    /* permuted choice key (table) */
-    static const FLASH_QUALIFIER byte pc2[] = {
-           14, 17, 11, 24,  1,  5,
-            3, 28, 15,  6, 21, 10,
-           23, 19, 12,  4, 26,  8,
-           16,  7, 27, 20, 13,  2,
-           41, 52, 31, 37, 47, 55,
-           30, 40, 51, 45, 33, 48,
-           44, 49, 39, 56, 34, 53,
-           46, 42, 50, 36, 29, 32
-    };
-
-    /* End of DES-defined tables */
-
-    /* bit 0 is left-most in byte */
-    static const FLASH_QUALIFIER int bytebit[] = {
-        0200,0100,040,020,010,04,02,01
-    };
-
-    static const FLASH_QUALIFIER word32 Spbox[8][64] = {
-    {   0x01010400,0x00000000,0x00010000,0x01010404,
-        0x01010004,0x00010404,0x00000004,0x00010000,
-        0x00000400,0x01010400,0x01010404,0x00000400,
-        0x01000404,0x01010004,0x01000000,0x00000004,
-        0x00000404,0x01000400,0x01000400,0x00010400,
-        0x00010400,0x01010000,0x01010000,0x01000404,
-        0x00010004,0x01000004,0x01000004,0x00010004,
-        0x00000000,0x00000404,0x00010404,0x01000000,
-        0x00010000,0x01010404,0x00000004,0x01010000,
-        0x01010400,0x01000000,0x01000000,0x00000400,
-        0x01010004,0x00010000,0x00010400,0x01000004,
-        0x00000400,0x00000004,0x01000404,0x00010404,
-        0x01010404,0x00010004,0x01010000,0x01000404,
-        0x01000004,0x00000404,0x00010404,0x01010400,
-        0x00000404,0x01000400,0x01000400,0x00000000,
-        0x00010004,0x00010400,0x00000000,0x01010004},
-    {   0x80108020,0x80008000,0x00008000,0x00108020,
-        0x00100000,0x00000020,0x80100020,0x80008020,
-        0x80000020,0x80108020,0x80108000,0x80000000,
-        0x80008000,0x00100000,0x00000020,0x80100020,
-        0x00108000,0x00100020,0x80008020,0x00000000,
-        0x80000000,0x00008000,0x00108020,0x80100000,
-        0x00100020,0x80000020,0x00000000,0x00108000,
-        0x00008020,0x80108000,0x80100000,0x00008020,
-        0x00000000,0x00108020,0x80100020,0x00100000,
-        0x80008020,0x80100000,0x80108000,0x00008000,
-        0x80100000,0x80008000,0x00000020,0x80108020,
-        0x00108020,0x00000020,0x00008000,0x80000000,
-        0x00008020,0x80108000,0x00100000,0x80000020,
-        0x00100020,0x80008020,0x80000020,0x00100020,
-        0x00108000,0x00000000,0x80008000,0x00008020,
-        0x80000000,0x80100020,0x80108020,0x00108000},
-    {   0x00000208,0x08020200,0x00000000,0x08020008,
-        0x08000200,0x00000000,0x00020208,0x08000200,
-        0x00020008,0x08000008,0x08000008,0x00020000,
-        0x08020208,0x00020008,0x08020000,0x00000208,
-        0x08000000,0x00000008,0x08020200,0x00000200,
-        0x00020200,0x08020000,0x08020008,0x00020208,
-        0x08000208,0x00020200,0x00020000,0x08000208,
-        0x00000008,0x08020208,0x00000200,0x08000000,
-        0x08020200,0x08000000,0x00020008,0x00000208,
-        0x00020000,0x08020200,0x08000200,0x00000000,
-        0x00000200,0x00020008,0x08020208,0x08000200,
-        0x08000008,0x00000200,0x00000000,0x08020008,
-        0x08000208,0x00020000,0x08000000,0x08020208,
-        0x00000008,0x00020208,0x00020200,0x08000008,
-        0x08020000,0x08000208,0x00000208,0x08020000,
-        0x00020208,0x00000008,0x08020008,0x00020200},
-    {   0x00802001,0x00002081,0x00002081,0x00000080,
-        0x00802080,0x00800081,0x00800001,0x00002001,
-        0x00000000,0x00802000,0x00802000,0x00802081,
-        0x00000081,0x00000000,0x00800080,0x00800001,
-        0x00000001,0x00002000,0x00800000,0x00802001,
-        0x00000080,0x00800000,0x00002001,0x00002080,
-        0x00800081,0x00000001,0x00002080,0x00800080,
-        0x00002000,0x00802080,0x00802081,0x00000081,
-        0x00800080,0x00800001,0x00802000,0x00802081,
-        0x00000081,0x00000000,0x00000000,0x00802000,
-        0x00002080,0x00800080,0x00800081,0x00000001,
-        0x00802001,0x00002081,0x00002081,0x00000080,
-        0x00802081,0x00000081,0x00000001,0x00002000,
-        0x00800001,0x00002001,0x00802080,0x00800081,
-        0x00002001,0x00002080,0x00800000,0x00802001,
-        0x00000080,0x00800000,0x00002000,0x00802080},
-    {   0x00000100,0x02080100,0x02080000,0x42000100,
-        0x00080000,0x00000100,0x40000000,0x02080000,
-        0x40080100,0x00080000,0x02000100,0x40080100,
-        0x42000100,0x42080000,0x00080100,0x40000000,
-        0x02000000,0x40080000,0x40080000,0x00000000,
-        0x40000100,0x42080100,0x42080100,0x02000100,
-        0x42080000,0x40000100,0x00000000,0x42000000,
-        0x02080100,0x02000000,0x42000000,0x00080100,
-        0x00080000,0x42000100,0x00000100,0x02000000,
-        0x40000000,0x02080000,0x42000100,0x40080100,
-        0x02000100,0x40000000,0x42080000,0x02080100,
-        0x40080100,0x00000100,0x02000000,0x42080000,
-        0x42080100,0x00080100,0x42000000,0x42080100,
-        0x02080000,0x00000000,0x40080000,0x42000000,
-        0x00080100,0x02000100,0x40000100,0x00080000,
-        0x00000000,0x40080000,0x02080100,0x40000100},
-    {   0x20000010,0x20400000,0x00004000,0x20404010,
-        0x20400000,0x00000010,0x20404010,0x00400000,
-        0x20004000,0x00404010,0x00400000,0x20000010,
-        0x00400010,0x20004000,0x20000000,0x00004010,
-        0x00000000,0x00400010,0x20004010,0x00004000,
-        0x00404000,0x20004010,0x00000010,0x20400010,
-        0x20400010,0x00000000,0x00404010,0x20404000,
-        0x00004010,0x00404000,0x20404000,0x20000000,
-        0x20004000,0x00000010,0x20400010,0x00404000,
-        0x20404010,0x00400000,0x00004010,0x20000010,
-        0x00400000,0x20004000,0x20000000,0x00004010,
-        0x20000010,0x20404010,0x00404000,0x20400000,
-        0x00404010,0x20404000,0x00000000,0x20400010,
-        0x00000010,0x00004000,0x20400000,0x00404010,
-        0x00004000,0x00400010,0x20004010,0x00000000,
-        0x20404000,0x20000000,0x00400010,0x20004010},
-    {   0x00200000,0x04200002,0x04000802,0x00000000,
-        0x00000800,0x04000802,0x00200802,0x04200800,
-        0x04200802,0x00200000,0x00000000,0x04000002,
-        0x00000002,0x04000000,0x04200002,0x00000802,
-        0x04000800,0x00200802,0x00200002,0x04000800,
-        0x04000002,0x04200000,0x04200800,0x00200002,
-        0x04200000,0x00000800,0x00000802,0x04200802,
-        0x00200800,0x00000002,0x04000000,0x00200800,
-        0x04000000,0x00200800,0x00200000,0x04000802,
-        0x04000802,0x04200002,0x04200002,0x00000002,
-        0x00200002,0x04000000,0x04000800,0x00200000,
-        0x04200800,0x00000802,0x00200802,0x04200800,
-        0x00000802,0x04000002,0x04200802,0x04200000,
-        0x00200800,0x00000000,0x00000002,0x04200802,
-        0x00000000,0x00200802,0x04200000,0x00000800,
-        0x04000002,0x04000800,0x00000800,0x00200002},
-    {   0x10001040,0x00001000,0x00040000,0x10041040,
-        0x10000000,0x10001040,0x00000040,0x10000000,
-        0x00040040,0x10040000,0x10041040,0x00041000,
-        0x10041000,0x00041040,0x00001000,0x00000040,
-        0x10040000,0x10000040,0x10001000,0x00001040,
-        0x00041000,0x00040040,0x10040040,0x10041000,
-        0x00001040,0x00000000,0x00000000,0x10040040,
-        0x10000040,0x10001000,0x00041040,0x00040000,
-        0x00041040,0x00040000,0x10041000,0x00001000,
-        0x00000040,0x10040040,0x00001000,0x00041040,
-        0x10001000,0x00000040,0x10000040,0x10040000,
-        0x10040040,0x10000000,0x00040000,0x10001040,
-        0x00000000,0x10041040,0x00040040,0x10000040,
-        0x10040000,0x10001000,0x10001040,0x00000000,
-        0x10041040,0x00041000,0x00041000,0x00001040,
-        0x00001040,0x00040040,0x10000000,0x10041000}
-    };
-
-    static WC_INLINE void IPERM(word32* left, word32* right)
-    {
-        word32 work;
-
-        *right = rotlFixed(*right, 4U);
-        work = (*left ^ *right) & 0xf0f0f0f0;
-        *left ^= work;
-
-        *right = rotrFixed(*right^work, 20U);
-        work = (*left ^ *right) & 0xffff0000;
-        *left ^= work;
-
-        *right = rotrFixed(*right^work, 18U);
-        work = (*left ^ *right) & 0x33333333;
-        *left ^= work;
-
-        *right = rotrFixed(*right^work, 6U);
-        work = (*left ^ *right) & 0x00ff00ff;
-        *left ^= work;
-
-        *right = rotlFixed(*right^work, 9U);
-        work = (*left ^ *right) & 0xaaaaaaaa;
-        *left = rotlFixed(*left^work, 1U);
-        *right ^= work;
-    }
-
-    static WC_INLINE void FPERM(word32* left, word32* right)
-    {
-        word32 work;
-
-        *right = rotrFixed(*right, 1U);
-        work = (*left ^ *right) & 0xaaaaaaaa;
-        *right ^= work;
-
-        *left = rotrFixed(*left^work, 9U);
-        work = (*left ^ *right) & 0x00ff00ff;
-        *right ^= work;
-
-        *left = rotlFixed(*left^work, 6U);
-        work = (*left ^ *right) & 0x33333333;
-        *right ^= work;
-
-        *left = rotlFixed(*left^work, 18U);
-        work = (*left ^ *right) & 0xffff0000;
-        *right ^= work;
-
-        *left = rotlFixed(*left^work, 20U);
-        work = (*left ^ *right) & 0xf0f0f0f0;
-        *right ^= work;
-
-        *left = rotrFixed(*left^work, 4U);
-    }
-
-    static int DesSetKey(const byte* key, int dir, word32* out)
-    {
-        #define DES_KEY_BUFFER_SIZE (56+56+8)
-    #ifdef WOLFSSL_SMALL_STACK
-        byte* buffer = (byte*)XMALLOC(DES_KEY_BUFFER_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-        if (buffer == NULL)
-            return MEMORY_E;
-    #else
-        byte buffer[DES_KEY_BUFFER_SIZE];
-    #endif
-
-        {
-            byte* const  pc1m = buffer;            /* place to modify pc1 into */
-            byte* const  pcr  = pc1m + 56;         /* place to rotate pc1 into */
-            byte* const  ks   = pcr  + 56;
-            int i, j, l;
-            int          m;
-
-            for (j = 0; j < 56; j++) {             /* convert pc1 to bits of key  */
-                l = pc1[j] - 1;                    /* integer bit location        */
-                m = l & 07;                        /* find bit                    */
-                pc1m[j] = (key[l >> 3] &           /* find which key byte l is in */
-                    bytebit[m])                    /* and which bit of that byte  */
-                    ? 1 : 0;                       /* and store 1-bit result      */
-            }
-
-            for (i = 0; i < 16; i++) {            /* key chunk for each iteration */
-                XMEMSET(ks, 0, 8);                /* Clear key schedule */
-
-                for (j = 0; j < 56; j++)          /* rotate pc1 the right amount  */
-                    pcr[j] =
-                          pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l : l-28];
-
-                /* rotate left and right halves independently */
-                for (j = 0; j < 48; j++) {        /* select bits individually     */
-                    if (pcr[pc2[j] - 1]) {        /* check bit that goes to ks[j] */
-                        l= j % 6;                 /* mask it in if it's there     */
-                        ks[j/6] |= (byte)(bytebit[l] >> 2);
-                    }
-                }
-
-                /* Now convert to odd/even interleaved form for use in F */
-                out[2*i] = ((word32) ks[0] << 24)
-                         | ((word32) ks[2] << 16)
-                         | ((word32) ks[4] << 8)
-                         | ((word32) ks[6]);
-
-                out[2*i + 1] = ((word32) ks[1] << 24)
-                             | ((word32) ks[3] << 16)
-                             | ((word32) ks[5] << 8)
-                             | ((word32) ks[7]);
-            }
-
-            /* reverse key schedule order */
-            if (dir == DES_DECRYPTION) {
-                for (i = 0; i < 16; i += 2) {
-                    word32 swap = out[i];
-                    out[i] = out[DES_KS_SIZE - 2 - i];
-                    out[DES_KS_SIZE - 2 - i] = swap;
-
-                    swap = out[i + 1];
-                    out[i + 1] = out[DES_KS_SIZE - 1 - i];
-                    out[DES_KS_SIZE - 1 - i] = swap;
-                }
-            }
-
-            WC_FREE_VAR_EX(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-
-        return 0;
-    }
-
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        wc_Des_SetIV(des, iv);
-
-        return DesSetKey(key, dir, des->key);
-    }
-
-    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
-    {
-        int ret;
-
-        if (des == NULL || key == NULL || dir < 0) {
-            return BAD_FUNC_ARG;
-        }
-
-        XMEMSET(des->key, 0, sizeof(*(des->key)));
-        XMEMSET(des->reg, 0, sizeof(*(des->reg)));
-        XMEMSET(des->tmp, 0, sizeof(*(des->tmp)));
-
-    #if defined(WOLF_CRYPTO_CB) || \
-        (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
-        #ifdef WOLF_CRYPTO_CB
-        if (des->devId != INVALID_DEVID)
-        #endif
-        {
-            XMEMCPY(des->devKey, key, DES3_KEYLEN);
-        }
-    #endif
-
-        ret = DesSetKey(key + (dir == DES_ENCRYPTION ? 0:16), dir, des->key[0]);
-        if (ret != 0)
-            return ret;
-
-        ret = DesSetKey(key + 8, !dir, des->key[1]);
-        if (ret != 0)
-            return ret;
-
-        ret = DesSetKey(key + (dir == DES_DECRYPTION ? 0:16), dir, des->key[2]);
-        if (ret != 0)
-            return ret;
-
-        return wc_Des3_SetIV(des, iv);
-    }
-
-    static void DesRawProcessBlock(word32* lIn, word32* rIn, const word32* kptr)
-    {
-        word32 l = *lIn, r = *rIn, i;
-
-        for (i=0; i<8; i++)
-        {
-            word32 work = rotrFixed(r, 4U) ^ kptr[4*i+0];
-            l ^= Spbox[6][(work) & 0x3f]
-              ^  Spbox[4][(work >> 8) & 0x3f]
-              ^  Spbox[2][(work >> 16) & 0x3f]
-              ^  Spbox[0][(work >> 24) & 0x3f];
-            work = r ^ kptr[4*i+1];
-            l ^= Spbox[7][(work) & 0x3f]
-              ^  Spbox[5][(work >> 8) & 0x3f]
-              ^  Spbox[3][(work >> 16) & 0x3f]
-              ^  Spbox[1][(work >> 24) & 0x3f];
-
-            work = rotrFixed(l, 4U) ^ kptr[4*i+2];
-            r ^= Spbox[6][(work) & 0x3f]
-              ^  Spbox[4][(work >> 8) & 0x3f]
-              ^  Spbox[2][(work >> 16) & 0x3f]
-              ^  Spbox[0][(work >> 24) & 0x3f];
-            work = l ^ kptr[4*i+3];
-            r ^= Spbox[7][(work) & 0x3f]
-              ^  Spbox[5][(work >> 8) & 0x3f]
-              ^  Spbox[3][(work >> 16) & 0x3f]
-              ^  Spbox[1][(work >> 24) & 0x3f];
-        }
-
-        *lIn = l; *rIn = r;
-    }
-
-    static void DesProcessBlock(Des* des, const byte* in, byte* out)
-    {
-        word32 l = 0, r = 0;
-
-        XMEMCPY(&l, in, sizeof(l));
-        XMEMCPY(&r, in + sizeof(l), sizeof(r));
-        #ifdef LITTLE_ENDIAN_ORDER
-            l = ByteReverseWord32(l);
-            r = ByteReverseWord32(r);
-        #endif
-        IPERM(&l,&r);
-
-        DesRawProcessBlock(&l, &r, des->key);
-
-        FPERM(&l,&r);
-        #ifdef LITTLE_ENDIAN_ORDER
-            l = ByteReverseWord32(l);
-            r = ByteReverseWord32(r);
-        #endif
-        XMEMCPY(out, &r, sizeof(r));
-        XMEMCPY(out + sizeof(r), &l, sizeof(l));
-    }
-
-    static void Des3ProcessBlock(Des3* des, const byte* in, byte* out)
-    {
-        word32 l = 0, r = 0;
-
-        XMEMCPY(&l, in, sizeof(l));
-        XMEMCPY(&r, in + sizeof(l), sizeof(r));
-        #ifdef LITTLE_ENDIAN_ORDER
-            l = ByteReverseWord32(l);
-            r = ByteReverseWord32(r);
-        #endif
-        IPERM(&l,&r);
-
-        DesRawProcessBlock(&l, &r, des->key[0]);
-        DesRawProcessBlock(&r, &l, des->key[1]);
-        DesRawProcessBlock(&l, &r, des->key[2]);
-
-        FPERM(&l,&r);
-        #ifdef LITTLE_ENDIAN_ORDER
-            l = ByteReverseWord32(l);
-            r = ByteReverseWord32(r);
-        #endif
-        XMEMCPY(out, &r, sizeof(r));
-        XMEMCPY(out + sizeof(r), &l, sizeof(l));
-    }
-
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks = sz / DES_BLOCK_SIZE;
-
-        if (des == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        while (blocks--) {
-            xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
-            DesProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
-            XMEMCPY(out, des->reg, DES_BLOCK_SIZE);
-
-            out += DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-        }
-        return 0;
-    }
-
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks = sz / DES_BLOCK_SIZE;
-
-        if (des == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        while (blocks--) {
-            XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
-            DesProcessBlock(des, (byte*)des->tmp, out);
-            xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);
-            XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
-
-            out += DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-        }
-        return 0;
-    }
-
-    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks;
-
-        if (des == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-    #ifdef WOLF_CRYPTO_CB
-        if (des->devId != INVALID_DEVID) {
-            int ret = wc_CryptoCb_Des3Encrypt(des, out, in, sz);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-        }
-    #endif
-
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
-        if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES &&
-                                            sz >= WC_ASYNC_THRESH_DES3_CBC) {
-        #if defined(HAVE_CAVIUM)
-            return NitroxDes3CbcEncrypt(des, out, in, sz);
-        #elif defined(HAVE_INTEL_QA)
-            return IntelQaSymDes3CbcEncrypt(&des->asyncDev, out, in, sz,
-                (const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
-        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-            if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_ENCRYPT)) {
-                WC_ASYNC_SW* sw = &des->asyncDev.sw;
-                sw->des.des = des;
-                sw->des.out = out;
-                sw->des.in = in;
-                sw->des.sz = sz;
-                return WC_PENDING_E;
-            }
-        #endif
-        }
-    #endif /* WOLFSSL_ASYNC_CRYPT */
-
-        blocks = sz / DES_BLOCK_SIZE;
-        while (blocks--) {
-            xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE);
-            Des3ProcessBlock(des, (byte*)des->reg, (byte*)des->reg);
-            XMEMCPY(out, des->reg, DES_BLOCK_SIZE);
-
-            out += DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-        }
-        return 0;
-    }
-
-
-    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        word32 blocks;
-
-        if (des == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-    #ifdef WOLF_CRYPTO_CB
-        if (des->devId != INVALID_DEVID) {
-            int ret = wc_CryptoCb_Des3Decrypt(des, out, in, sz);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-        }
-    #endif
-
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
-        if (des->asyncDev.marker == WOLFSSL_ASYNC_MARKER_3DES &&
-                                            sz >= WC_ASYNC_THRESH_DES3_CBC) {
-        #if defined(HAVE_CAVIUM)
-            return NitroxDes3CbcDecrypt(des, out, in, sz);
-        #elif defined(HAVE_INTEL_QA)
-            return IntelQaSymDes3CbcDecrypt(&des->asyncDev, out, in, sz,
-                (const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
-        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-            if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_DECRYPT)) {
-                WC_ASYNC_SW* sw = &des->asyncDev.sw;
-                sw->des.des = des;
-                sw->des.out = out;
-                sw->des.in = in;
-                sw->des.sz = sz;
-                return WC_PENDING_E;
-            }
-        #endif
-        }
-    #endif /* WOLFSSL_ASYNC_CRYPT */
-
-        blocks = sz / DES_BLOCK_SIZE;
-        while (blocks--) {
-            XMEMCPY(des->tmp, in, DES_BLOCK_SIZE);
-            Des3ProcessBlock(des, (byte*)des->tmp, out);
-            xorbuf(out, (byte*)des->reg, DES_BLOCK_SIZE);
-            XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE);
-
-            out += DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-        }
-        return 0;
-    }
-
-    #ifdef WOLFSSL_DES_ECB
-        /* One block, compatibility only */
-        int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-        {
-            word32 blocks = sz / DES_BLOCK_SIZE;
-
-            if (des == NULL || out == NULL || in == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            while (blocks--) {
-                DesProcessBlock(des, in, out);
-
-                out += DES_BLOCK_SIZE;
-                in  += DES_BLOCK_SIZE;
-            }
-            return 0;
-        }
-
-        int wc_Des3_EcbEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-        {
-            word32 blocks = sz / DES_BLOCK_SIZE;
-
-            if (des == NULL || out == NULL || in == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            while (blocks--) {
-                Des3ProcessBlock(des, in, out);
-
-                out += DES_BLOCK_SIZE;
-                in  += DES_BLOCK_SIZE;
-            }
-            return 0;
-        }
-    #endif /* WOLFSSL_DES_ECB */
-
-#endif /* NEED_SOFT_DES */
-
-
-void wc_Des_SetIV(Des* des, const byte* iv)
-{
-    if (des && iv) {
-        XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
-    #if defined(STM32_CRYPTO) && !defined(STM32_CRYPTO_AES_ONLY) && defined(STM32_HAL_V2)
-        ByteReverseWords(des->reg, des->reg, DES_BLOCK_SIZE);
-    #endif
-    }
-    else if (des)
-        XMEMSET(des->reg,  0, DES_BLOCK_SIZE);
-}
-
-int wc_Des3_SetIV(Des3* des, const byte* iv)
-{
-    if (des == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    if (iv) {
-        XMEMCPY(des->reg, iv, DES_BLOCK_SIZE);
-    #if defined(STM32_CRYPTO) && !defined(STM32_CRYPTO_AES_ONLY) && defined(STM32_HAL_V2)
-        ByteReverseWords(des->reg, des->reg, DES_BLOCK_SIZE);
-    #endif
-    }
-    else
-        XMEMSET(des->reg,  0, DES_BLOCK_SIZE);
-
-    return 0;
-}
-
-
-/* Initialize Des3 for use with async device */
-int wc_Des3Init(Des3* des3, void* heap, int devId)
-{
-    int ret = 0;
-    if (des3 == NULL)
-        return BAD_FUNC_ARG;
-
-    des3->heap = heap;
-
-#ifdef WOLF_CRYPTO_CB
-    des3->devId = devId;
-    des3->devCtx = NULL;
-#else
-    (void)devId;
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
-    ret = wolfAsync_DevCtxInit(&des3->asyncDev, WOLFSSL_ASYNC_MARKER_3DES,
-                                                        des3->heap, devId);
-#endif
-#if defined(WOLFSSL_CHECK_MEM_ZERO) && (defined(WOLF_CRYPTO_CB) || \
-        (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)))
-    wc_MemZero_Add("DES3 devKey", &des3->devKey, sizeof(des3->devKey));
-#endif
-
-    return ret;
-}
-
-/* Free Des3 from use with async device */
-void wc_Des3Free(Des3* des3)
-{
-    if (des3 == NULL)
-        return;
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES)
-    wolfAsync_DevCtxFree(&des3->asyncDev, WOLFSSL_ASYNC_MARKER_3DES);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#if defined(WOLF_CRYPTO_CB) || \
-        (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_3DES))
-    ForceZero(des3->devKey, sizeof(des3->devKey));
-#endif
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(des3, sizeof(Des3));
-#endif
-}
-
-#endif /* WOLFSSL_TI_CRYPT */
-#endif /* NO_DES3 */
diff --git a/src/ssl/wolfssl/wolfcrypt/dh.c b/src/ssl/wolfssl/wolfcrypt/dh.c
deleted file mode 100644
index 1035cbc65..000000000
--- a/src/ssl/wolfssl/wolfcrypt/dh.c
+++ /dev/null
@@ -1,3329 +0,0 @@
-/* dh.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_DH
-
-#if defined(HAVE_FIPS) && \
-    defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
-
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$e")
-        #pragma const_seg(".fipsB$e")
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/dh.h>
-
-#ifdef WOLFSSL_HAVE_SP_DH
-#include <wolfssl/wolfcrypt/sp.h>
-#endif
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_dh_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000004 };
-    int wolfCrypt_FIPS_DH_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && !defined(WOLFSSL_SP_ASM)
-    /* force off unneeded vector register save/restore. */
-    #undef SAVE_VECTOR_REGISTERS
-    #define SAVE_VECTOR_REGISTERS(fail_clause) SAVE_NO_VECTOR_REGISTERS(fail_clause)
-    #undef RESTORE_VECTOR_REGISTERS
-    #define RESTORE_VECTOR_REGISTERS() RESTORE_NO_VECTOR_REGISTERS()
-#endif
-
-/*
-Possible DH enable options:
- * NO_RSA:              Overall control of DH                 default: on (not defined)
- * WOLFSSL_OLD_PRIME_CHECK: Disables the new prime number check. It does not
-                        directly effect this file, but it does speed up DH
-                        removing the testing. It is not recommended to
-                        disable the prime checking.           default: off
- * WOLFSSL_VALIDATE_DH_KEYGEN: Enable DH key gen consistency checking
- *                             (on for FIPS 140-3 or later)   default: off
-*/
-
-
-#if !defined(USER_MATH_LIB) && !defined(WOLFSSL_DH_CONST)
-    #include <math.h>
-    #define XPOW(x,y) pow((x),(y))
-    #define XLOG(x)   log((x))
-#else
-    /* user's own math lib */
-#endif
-
-#ifdef HAVE_FFDHE_2048
-static const byte dh_ffdhe2048_p[] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
-    0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
-    0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
-    0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
-    0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
-    0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
-    0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
-    0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
-    0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
-    0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
-    0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
-    0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
-    0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
-    0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
-    0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
-    0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
-    0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
-    0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
-    0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
-    0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
-    0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
-    0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
-    0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
-    0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
-    0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
-    0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
-    0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
-    0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
-    0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
-    0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const byte dh_ffdhe2048_g[] = { 0x02 };
-#ifdef HAVE_FFDHE_Q
-static const byte dh_ffdhe2048_q[] = {
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
-    0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
-    0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
-    0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
-    0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
-    0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
-    0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
-    0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
-    0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
-    0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
-    0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
-    0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
-    0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
-    0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
-    0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
-    0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
-    0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
-    0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
-    0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
-    0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
-    0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
-    0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
-    0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
-    0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
-    0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
-    0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
-    0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
-    0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
-    0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
-    0x44, 0x35, 0xA1, 0x1C, 0x30, 0x94, 0x2E, 0x4B,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-#endif /* HAVE_FFDHE_Q */
-
-#ifdef HAVE_PUBLIC_FFDHE
-const DhParams* wc_Dh_ffdhe2048_Get(void)
-{
-    static const DhParams ffdhe2048 = {
-        #ifdef HAVE_FFDHE_Q
-            dh_ffdhe2048_q, sizeof(dh_ffdhe2048_q),
-        #endif /* HAVE_FFDHE_Q */
-        dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p),
-        dh_ffdhe2048_g, sizeof(dh_ffdhe2048_g)
-    };
-    return &ffdhe2048;
-}
-#endif
-#endif
-
-#ifdef HAVE_FFDHE_3072
-static const byte dh_ffdhe3072_p[] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
-    0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
-    0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
-    0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
-    0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
-    0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
-    0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
-    0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
-    0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
-    0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
-    0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
-    0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
-    0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
-    0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
-    0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
-    0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
-    0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
-    0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
-    0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
-    0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
-    0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
-    0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
-    0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
-    0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
-    0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
-    0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
-    0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
-    0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
-    0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
-    0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
-    0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
-    0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
-    0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
-    0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
-    0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
-    0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
-    0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
-    0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
-    0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
-    0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
-    0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
-    0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
-    0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
-    0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
-    0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
-    0x25, 0xE4, 0x1D, 0x2B, 0x66, 0xC6, 0x2E, 0x37,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const byte dh_ffdhe3072_g[] = { 0x02 };
-#ifdef HAVE_FFDHE_Q
-static const byte dh_ffdhe3072_q[] = {
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
-    0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
-    0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
-    0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
-    0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
-    0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
-    0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
-    0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
-    0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
-    0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
-    0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
-    0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
-    0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
-    0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
-    0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
-    0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
-    0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
-    0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
-    0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
-    0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
-    0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
-    0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
-    0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
-    0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
-    0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
-    0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
-    0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
-    0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
-    0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
-    0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
-    0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
-    0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
-    0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
-    0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
-    0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
-    0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
-    0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
-    0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
-    0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
-    0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
-    0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
-    0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
-    0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
-    0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
-    0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
-    0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x63, 0x17, 0x1B,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-#endif /* HAVE_FFDHE_Q */
-
-#ifdef HAVE_PUBLIC_FFDHE
-const DhParams* wc_Dh_ffdhe3072_Get(void)
-{
-    static const DhParams ffdhe3072 = {
-        #ifdef HAVE_FFDHE_Q
-            dh_ffdhe3072_q, sizeof(dh_ffdhe3072_q),
-        #endif /* HAVE_FFDHE_Q */
-        dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p),
-        dh_ffdhe3072_g, sizeof(dh_ffdhe3072_g)
-    };
-    return &ffdhe3072;
-}
-#endif
-#endif
-
-#ifdef HAVE_FFDHE_4096
-static const byte dh_ffdhe4096_p[] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
-    0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
-    0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
-    0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
-    0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
-    0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
-    0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
-    0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
-    0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
-    0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
-    0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
-    0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
-    0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
-    0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
-    0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
-    0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
-    0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
-    0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
-    0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
-    0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
-    0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
-    0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
-    0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
-    0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
-    0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
-    0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
-    0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
-    0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
-    0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
-    0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
-    0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
-    0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
-    0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
-    0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
-    0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
-    0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
-    0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
-    0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
-    0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
-    0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
-    0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
-    0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
-    0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
-    0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
-    0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
-    0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
-    0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
-    0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
-    0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
-    0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
-    0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
-    0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
-    0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
-    0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
-    0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
-    0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
-    0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
-    0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
-    0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
-    0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
-    0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
-    0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x65, 0x5F, 0x6A,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const byte dh_ffdhe4096_g[] = { 0x02 };
-#ifdef HAVE_FFDHE_Q
-static const byte dh_ffdhe4096_q[] = {
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
-    0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
-    0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
-    0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
-    0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
-    0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
-    0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
-    0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
-    0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
-    0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
-    0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
-    0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
-    0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
-    0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
-    0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
-    0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
-    0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
-    0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
-    0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
-    0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
-    0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
-    0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
-    0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
-    0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
-    0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
-    0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
-    0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
-    0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
-    0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
-    0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
-    0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
-    0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
-    0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
-    0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
-    0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
-    0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
-    0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
-    0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
-    0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
-    0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
-    0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
-    0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
-    0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
-    0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
-    0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
-    0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
-    0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
-    0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
-    0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
-    0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
-    0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
-    0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
-    0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
-    0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
-    0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
-    0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
-    0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
-    0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
-    0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
-    0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
-    0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
-    0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x32, 0xAF, 0xB5,
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-#endif /* HAVE_FFDHE_Q */
-
-#ifdef HAVE_PUBLIC_FFDHE
-const DhParams* wc_Dh_ffdhe4096_Get(void)
-{
-    static const DhParams ffdhe4096 = {
-        #ifdef HAVE_FFDHE_Q
-            dh_ffdhe4096_q, sizeof(dh_ffdhe4096_q),
-        #endif /* HAVE_FFDHE_Q */
-        dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p),
-        dh_ffdhe4096_g, sizeof(dh_ffdhe4096_g)
-    };
-    return &ffdhe4096;
-}
-#endif
-#endif
-
-#ifdef HAVE_FFDHE_6144
-static const byte dh_ffdhe6144_p[] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
-    0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
-    0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
-    0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
-    0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
-    0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
-    0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
-    0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
-    0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
-    0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
-    0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
-    0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
-    0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
-    0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
-    0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
-    0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
-    0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
-    0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
-    0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
-    0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
-    0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
-    0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
-    0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
-    0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
-    0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
-    0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
-    0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
-    0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
-    0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
-    0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
-    0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
-    0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
-    0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
-    0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
-    0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
-    0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
-    0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
-    0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
-    0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
-    0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
-    0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
-    0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
-    0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
-    0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
-    0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
-    0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
-    0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
-    0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
-    0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
-    0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
-    0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
-    0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
-    0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
-    0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
-    0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
-    0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
-    0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
-    0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
-    0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
-    0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
-    0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
-    0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
-    0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
-    0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
-    0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
-    0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
-    0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
-    0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
-    0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
-    0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
-    0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
-    0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
-    0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
-    0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
-    0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
-    0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
-    0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
-    0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
-    0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
-    0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
-    0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
-    0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
-    0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
-    0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
-    0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
-    0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
-    0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
-    0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
-    0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
-    0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
-    0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
-    0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
-    0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
-    0xA4, 0x0E, 0x32, 0x9C, 0xD0, 0xE4, 0x0E, 0x65,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const byte dh_ffdhe6144_g[] = { 0x02 };
-#ifdef HAVE_FFDHE_Q
-static const byte dh_ffdhe6144_q[] = {
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
-    0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
-    0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
-    0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
-    0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
-    0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
-    0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
-    0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
-    0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
-    0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
-    0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
-    0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
-    0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
-    0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
-    0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
-    0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
-    0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
-    0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
-    0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
-    0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
-    0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
-    0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
-    0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
-    0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
-    0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
-    0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
-    0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
-    0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
-    0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
-    0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
-    0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
-    0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
-    0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
-    0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
-    0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
-    0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
-    0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
-    0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
-    0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
-    0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
-    0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
-    0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
-    0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
-    0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
-    0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
-    0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
-    0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
-    0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
-    0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
-    0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
-    0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
-    0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
-    0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
-    0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
-    0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
-    0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
-    0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
-    0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
-    0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
-    0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
-    0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
-    0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
-    0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D,
-    0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D,
-    0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53,
-    0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64,
-    0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6,
-    0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D,
-    0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
-    0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F,
-    0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B,
-    0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88,
-    0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C,
-    0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1,
-    0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37,
-    0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
-    0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA,
-    0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0,
-    0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9,
-    0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB,
-    0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41,
-    0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F,
-    0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
-    0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF,
-    0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23,
-    0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5,
-    0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B,
-    0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01,
-    0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82,
-    0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
-    0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34,
-    0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0,
-    0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A,
-    0x52, 0x07, 0x19, 0x4E, 0x68, 0x72, 0x07, 0x32,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-#endif /* HAVE_FFDHE_Q */
-
-#ifdef HAVE_PUBLIC_FFDHE
-const DhParams* wc_Dh_ffdhe6144_Get(void)
-{
-    static const DhParams ffdhe6144 = {
-        #ifdef HAVE_FFDHE_Q
-            dh_ffdhe6144_q, sizeof(dh_ffdhe6144_q),
-        #endif /* HAVE_FFDHE_Q */
-        dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p),
-        dh_ffdhe6144_g, sizeof(dh_ffdhe6144_g)
-    };
-    return &ffdhe6144;
-}
-#endif
-#endif
-
-#ifdef HAVE_FFDHE_8192
-static const byte dh_ffdhe8192_p[] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xAD, 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A,
-    0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D, 0x3C, 0xF1,
-    0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
-    0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB,
-    0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9,
-    0x7D, 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8,
-    0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4, 0x61, 0x7A,
-    0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
-    0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0,
-    0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3,
-    0xB5, 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35,
-    0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6, 0x8B, 0x77,
-    0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
-    0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35,
-    0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A,
-    0xBC, 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61,
-    0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8, 0xE3, 0xFB,
-    0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
-    0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4,
-    0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19,
-    0x0B, 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70,
-    0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7, 0xE2, 0xEC,
-    0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
-    0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF,
-    0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83,
-    0xC3, 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73,
-    0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2, 0x20, 0x05,
-    0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
-    0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA,
-    0x88, 0x6B, 0x42, 0x38, 0x61, 0x1F, 0xCF, 0xDC,
-    0xDE, 0x35, 0x5B, 0x3B, 0x65, 0x19, 0x03, 0x5B,
-    0xBC, 0x34, 0xF4, 0xDE, 0xF9, 0x9C, 0x02, 0x38,
-    0x61, 0xB4, 0x6F, 0xC9, 0xD6, 0xE6, 0xC9, 0x07,
-    0x7A, 0xD9, 0x1D, 0x26, 0x91, 0xF7, 0xF7, 0xEE,
-    0x59, 0x8C, 0xB0, 0xFA, 0xC1, 0x86, 0xD9, 0x1C,
-    0xAE, 0xFE, 0x13, 0x09, 0x85, 0x13, 0x92, 0x70,
-    0xB4, 0x13, 0x0C, 0x93, 0xBC, 0x43, 0x79, 0x44,
-    0xF4, 0xFD, 0x44, 0x52, 0xE2, 0xD7, 0x4D, 0xD3,
-    0x64, 0xF2, 0xE2, 0x1E, 0x71, 0xF5, 0x4B, 0xFF,
-    0x5C, 0xAE, 0x82, 0xAB, 0x9C, 0x9D, 0xF6, 0x9E,
-    0xE8, 0x6D, 0x2B, 0xC5, 0x22, 0x36, 0x3A, 0x0D,
-    0xAB, 0xC5, 0x21, 0x97, 0x9B, 0x0D, 0xEA, 0xDA,
-    0x1D, 0xBF, 0x9A, 0x42, 0xD5, 0xC4, 0x48, 0x4E,
-    0x0A, 0xBC, 0xD0, 0x6B, 0xFA, 0x53, 0xDD, 0xEF,
-    0x3C, 0x1B, 0x20, 0xEE, 0x3F, 0xD5, 0x9D, 0x7C,
-    0x25, 0xE4, 0x1D, 0x2B, 0x66, 0x9E, 0x1E, 0xF1,
-    0x6E, 0x6F, 0x52, 0xC3, 0x16, 0x4D, 0xF4, 0xFB,
-    0x79, 0x30, 0xE9, 0xE4, 0xE5, 0x88, 0x57, 0xB6,
-    0xAC, 0x7D, 0x5F, 0x42, 0xD6, 0x9F, 0x6D, 0x18,
-    0x77, 0x63, 0xCF, 0x1D, 0x55, 0x03, 0x40, 0x04,
-    0x87, 0xF5, 0x5B, 0xA5, 0x7E, 0x31, 0xCC, 0x7A,
-    0x71, 0x35, 0xC8, 0x86, 0xEF, 0xB4, 0x31, 0x8A,
-    0xED, 0x6A, 0x1E, 0x01, 0x2D, 0x9E, 0x68, 0x32,
-    0xA9, 0x07, 0x60, 0x0A, 0x91, 0x81, 0x30, 0xC4,
-    0x6D, 0xC7, 0x78, 0xF9, 0x71, 0xAD, 0x00, 0x38,
-    0x09, 0x29, 0x99, 0xA3, 0x33, 0xCB, 0x8B, 0x7A,
-    0x1A, 0x1D, 0xB9, 0x3D, 0x71, 0x40, 0x00, 0x3C,
-    0x2A, 0x4E, 0xCE, 0xA9, 0xF9, 0x8D, 0x0A, 0xCC,
-    0x0A, 0x82, 0x91, 0xCD, 0xCE, 0xC9, 0x7D, 0xCF,
-    0x8E, 0xC9, 0xB5, 0x5A, 0x7F, 0x88, 0xA4, 0x6B,
-    0x4D, 0xB5, 0xA8, 0x51, 0xF4, 0x41, 0x82, 0xE1,
-    0xC6, 0x8A, 0x00, 0x7E, 0x5E, 0x0D, 0xD9, 0x02,
-    0x0B, 0xFD, 0x64, 0xB6, 0x45, 0x03, 0x6C, 0x7A,
-    0x4E, 0x67, 0x7D, 0x2C, 0x38, 0x53, 0x2A, 0x3A,
-    0x23, 0xBA, 0x44, 0x42, 0xCA, 0xF5, 0x3E, 0xA6,
-    0x3B, 0xB4, 0x54, 0x32, 0x9B, 0x76, 0x24, 0xC8,
-    0x91, 0x7B, 0xDD, 0x64, 0xB1, 0xC0, 0xFD, 0x4C,
-    0xB3, 0x8E, 0x8C, 0x33, 0x4C, 0x70, 0x1C, 0x3A,
-    0xCD, 0xAD, 0x06, 0x57, 0xFC, 0xCF, 0xEC, 0x71,
-    0x9B, 0x1F, 0x5C, 0x3E, 0x4E, 0x46, 0x04, 0x1F,
-    0x38, 0x81, 0x47, 0xFB, 0x4C, 0xFD, 0xB4, 0x77,
-    0xA5, 0x24, 0x71, 0xF7, 0xA9, 0xA9, 0x69, 0x10,
-    0xB8, 0x55, 0x32, 0x2E, 0xDB, 0x63, 0x40, 0xD8,
-    0xA0, 0x0E, 0xF0, 0x92, 0x35, 0x05, 0x11, 0xE3,
-    0x0A, 0xBE, 0xC1, 0xFF, 0xF9, 0xE3, 0xA2, 0x6E,
-    0x7F, 0xB2, 0x9F, 0x8C, 0x18, 0x30, 0x23, 0xC3,
-    0x58, 0x7E, 0x38, 0xDA, 0x00, 0x77, 0xD9, 0xB4,
-    0x76, 0x3E, 0x4E, 0x4B, 0x94, 0xB2, 0xBB, 0xC1,
-    0x94, 0xC6, 0x65, 0x1E, 0x77, 0xCA, 0xF9, 0x92,
-    0xEE, 0xAA, 0xC0, 0x23, 0x2A, 0x28, 0x1B, 0xF6,
-    0xB3, 0xA7, 0x39, 0xC1, 0x22, 0x61, 0x16, 0x82,
-    0x0A, 0xE8, 0xDB, 0x58, 0x47, 0xA6, 0x7C, 0xBE,
-    0xF9, 0xC9, 0x09, 0x1B, 0x46, 0x2D, 0x53, 0x8C,
-    0xD7, 0x2B, 0x03, 0x74, 0x6A, 0xE7, 0x7F, 0x5E,
-    0x62, 0x29, 0x2C, 0x31, 0x15, 0x62, 0xA8, 0x46,
-    0x50, 0x5D, 0xC8, 0x2D, 0xB8, 0x54, 0x33, 0x8A,
-    0xE4, 0x9F, 0x52, 0x35, 0xC9, 0x5B, 0x91, 0x17,
-    0x8C, 0xCF, 0x2D, 0xD5, 0xCA, 0xCE, 0xF4, 0x03,
-    0xEC, 0x9D, 0x18, 0x10, 0xC6, 0x27, 0x2B, 0x04,
-    0x5B, 0x3B, 0x71, 0xF9, 0xDC, 0x6B, 0x80, 0xD6,
-    0x3F, 0xDD, 0x4A, 0x8E, 0x9A, 0xDB, 0x1E, 0x69,
-    0x62, 0xA6, 0x95, 0x26, 0xD4, 0x31, 0x61, 0xC1,
-    0xA4, 0x1D, 0x57, 0x0D, 0x79, 0x38, 0xDA, 0xD4,
-    0xA4, 0x0E, 0x32, 0x9C, 0xCF, 0xF4, 0x6A, 0xAA,
-    0x36, 0xAD, 0x00, 0x4C, 0xF6, 0x00, 0xC8, 0x38,
-    0x1E, 0x42, 0x5A, 0x31, 0xD9, 0x51, 0xAE, 0x64,
-    0xFD, 0xB2, 0x3F, 0xCE, 0xC9, 0x50, 0x9D, 0x43,
-    0x68, 0x7F, 0xEB, 0x69, 0xED, 0xD1, 0xCC, 0x5E,
-    0x0B, 0x8C, 0xC3, 0xBD, 0xF6, 0x4B, 0x10, 0xEF,
-    0x86, 0xB6, 0x31, 0x42, 0xA3, 0xAB, 0x88, 0x29,
-    0x55, 0x5B, 0x2F, 0x74, 0x7C, 0x93, 0x26, 0x65,
-    0xCB, 0x2C, 0x0F, 0x1C, 0xC0, 0x1B, 0xD7, 0x02,
-    0x29, 0x38, 0x88, 0x39, 0xD2, 0xAF, 0x05, 0xE4,
-    0x54, 0x50, 0x4A, 0xC7, 0x8B, 0x75, 0x82, 0x82,
-    0x28, 0x46, 0xC0, 0xBA, 0x35, 0xC3, 0x5F, 0x5C,
-    0x59, 0x16, 0x0C, 0xC0, 0x46, 0xFD, 0x82, 0x51,
-    0x54, 0x1F, 0xC6, 0x8C, 0x9C, 0x86, 0xB0, 0x22,
-    0xBB, 0x70, 0x99, 0x87, 0x6A, 0x46, 0x0E, 0x74,
-    0x51, 0xA8, 0xA9, 0x31, 0x09, 0x70, 0x3F, 0xEE,
-    0x1C, 0x21, 0x7E, 0x6C, 0x38, 0x26, 0xE5, 0x2C,
-    0x51, 0xAA, 0x69, 0x1E, 0x0E, 0x42, 0x3C, 0xFC,
-    0x99, 0xE9, 0xE3, 0x16, 0x50, 0xC1, 0x21, 0x7B,
-    0x62, 0x48, 0x16, 0xCD, 0xAD, 0x9A, 0x95, 0xF9,
-    0xD5, 0xB8, 0x01, 0x94, 0x88, 0xD9, 0xC0, 0xA0,
-    0xA1, 0xFE, 0x30, 0x75, 0xA5, 0x77, 0xE2, 0x31,
-    0x83, 0xF8, 0x1D, 0x4A, 0x3F, 0x2F, 0xA4, 0x57,
-    0x1E, 0xFC, 0x8C, 0xE0, 0xBA, 0x8A, 0x4F, 0xE8,
-    0xB6, 0x85, 0x5D, 0xFE, 0x72, 0xB0, 0xA6, 0x6E,
-    0xDE, 0xD2, 0xFB, 0xAB, 0xFB, 0xE5, 0x8A, 0x30,
-    0xFA, 0xFA, 0xBE, 0x1C, 0x5D, 0x71, 0xA8, 0x7E,
-    0x2F, 0x74, 0x1E, 0xF8, 0xC1, 0xFE, 0x86, 0xFE,
-    0xA6, 0xBB, 0xFD, 0xE5, 0x30, 0x67, 0x7F, 0x0D,
-    0x97, 0xD1, 0x1D, 0x49, 0xF7, 0xA8, 0x44, 0x3D,
-    0x08, 0x22, 0xE5, 0x06, 0xA9, 0xF4, 0x61, 0x4E,
-    0x01, 0x1E, 0x2A, 0x94, 0x83, 0x8F, 0xF8, 0x8C,
-    0xD6, 0x8C, 0x8B, 0xB7, 0xC5, 0xC6, 0x42, 0x4C,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const byte dh_ffdhe8192_g[] = { 0x02 };
-#ifdef HAVE_FFDHE_Q
-static const byte dh_ffdhe8192_q[] = {
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
-    0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,
-    0xEC, 0x5C, 0xE2, 0xC1, 0xE7, 0x16, 0x9B, 0x4A,
-    0xD4, 0xF0, 0x9B, 0x20, 0x8A, 0x32, 0x19, 0xFD,
-    0xE6, 0x49, 0xCE, 0xE7, 0x12, 0x4D, 0x9F, 0x7C,
-    0xBE, 0x97, 0xF1, 0xB1, 0xB1, 0x86, 0x3A, 0xEC,
-    0x7B, 0x40, 0xD9, 0x01, 0x57, 0x62, 0x30, 0xBD,
-    0x69, 0xEF, 0x8F, 0x6A, 0xEA, 0xFE, 0xB2, 0xB0,
-    0x92, 0x19, 0xFA, 0x8F, 0xAF, 0x83, 0x37, 0x68,
-    0x42, 0xB1, 0xB2, 0xAA, 0x9E, 0xF6, 0x8D, 0x79,
-    0xDA, 0xAB, 0x89, 0xAF, 0x3F, 0xAB, 0xE4, 0x9A,
-    0xCC, 0x27, 0x86, 0x38, 0x70, 0x73, 0x45, 0xBB,
-    0xF1, 0x53, 0x44, 0xED, 0x79, 0xF7, 0xF4, 0x39,
-    0x0E, 0xF8, 0xAC, 0x50, 0x9B, 0x56, 0xF3, 0x9A,
-    0x98, 0x56, 0x65, 0x27, 0xA4, 0x1D, 0x3C, 0xBD,
-    0x5E, 0x05, 0x58, 0xC1, 0x59, 0x92, 0x7D, 0xB0,
-    0xE8, 0x84, 0x54, 0xA5, 0xD9, 0x64, 0x71, 0xFD,
-    0xDC, 0xB5, 0x6D, 0x5B, 0xB0, 0x6B, 0xFA, 0x34,
-    0x0E, 0xA7, 0xA1, 0x51, 0xEF, 0x1C, 0xA6, 0xFA,
-    0x57, 0x2B, 0x76, 0xF3, 0xB1, 0xB9, 0x5D, 0x8C,
-    0x85, 0x83, 0xD3, 0xE4, 0x77, 0x05, 0x36, 0xB8,
-    0x4F, 0x01, 0x7E, 0x70, 0xE6, 0xFB, 0xF1, 0x76,
-    0x60, 0x1A, 0x02, 0x66, 0x94, 0x1A, 0x17, 0xB0,
-    0xC8, 0xB9, 0x7F, 0x4E, 0x74, 0xC2, 0xC1, 0xFF,
-    0xC7, 0x27, 0x89, 0x19, 0x77, 0x79, 0x40, 0xC1,
-    0xE1, 0xFF, 0x1D, 0x8D, 0xA6, 0x37, 0xD6, 0xB9,
-    0x9D, 0xDA, 0xFE, 0x5E, 0x17, 0x61, 0x10, 0x02,
-    0xE2, 0xC7, 0x78, 0xC1, 0xBE, 0x8B, 0x41, 0xD9,
-    0x63, 0x79, 0xA5, 0x13, 0x60, 0xD9, 0x77, 0xFD,
-    0x44, 0x35, 0xA1, 0x1C, 0x30, 0x8F, 0xE7, 0xEE,
-    0x6F, 0x1A, 0xAD, 0x9D, 0xB2, 0x8C, 0x81, 0xAD,
-    0xDE, 0x1A, 0x7A, 0x6F, 0x7C, 0xCE, 0x01, 0x1C,
-    0x30, 0xDA, 0x37, 0xE4, 0xEB, 0x73, 0x64, 0x83,
-    0xBD, 0x6C, 0x8E, 0x93, 0x48, 0xFB, 0xFB, 0xF7,
-    0x2C, 0xC6, 0x58, 0x7D, 0x60, 0xC3, 0x6C, 0x8E,
-    0x57, 0x7F, 0x09, 0x84, 0xC2, 0x89, 0xC9, 0x38,
-    0x5A, 0x09, 0x86, 0x49, 0xDE, 0x21, 0xBC, 0xA2,
-    0x7A, 0x7E, 0xA2, 0x29, 0x71, 0x6B, 0xA6, 0xE9,
-    0xB2, 0x79, 0x71, 0x0F, 0x38, 0xFA, 0xA5, 0xFF,
-    0xAE, 0x57, 0x41, 0x55, 0xCE, 0x4E, 0xFB, 0x4F,
-    0x74, 0x36, 0x95, 0xE2, 0x91, 0x1B, 0x1D, 0x06,
-    0xD5, 0xE2, 0x90, 0xCB, 0xCD, 0x86, 0xF5, 0x6D,
-    0x0E, 0xDF, 0xCD, 0x21, 0x6A, 0xE2, 0x24, 0x27,
-    0x05, 0x5E, 0x68, 0x35, 0xFD, 0x29, 0xEE, 0xF7,
-    0x9E, 0x0D, 0x90, 0x77, 0x1F, 0xEA, 0xCE, 0xBE,
-    0x12, 0xF2, 0x0E, 0x95, 0xB3, 0x4F, 0x0F, 0x78,
-    0xB7, 0x37, 0xA9, 0x61, 0x8B, 0x26, 0xFA, 0x7D,
-    0xBC, 0x98, 0x74, 0xF2, 0x72, 0xC4, 0x2B, 0xDB,
-    0x56, 0x3E, 0xAF, 0xA1, 0x6B, 0x4F, 0xB6, 0x8C,
-    0x3B, 0xB1, 0xE7, 0x8E, 0xAA, 0x81, 0xA0, 0x02,
-    0x43, 0xFA, 0xAD, 0xD2, 0xBF, 0x18, 0xE6, 0x3D,
-    0x38, 0x9A, 0xE4, 0x43, 0x77, 0xDA, 0x18, 0xC5,
-    0x76, 0xB5, 0x0F, 0x00, 0x96, 0xCF, 0x34, 0x19,
-    0x54, 0x83, 0xB0, 0x05, 0x48, 0xC0, 0x98, 0x62,
-    0x36, 0xE3, 0xBC, 0x7C, 0xB8, 0xD6, 0x80, 0x1C,
-    0x04, 0x94, 0xCC, 0xD1, 0x99, 0xE5, 0xC5, 0xBD,
-    0x0D, 0x0E, 0xDC, 0x9E, 0xB8, 0xA0, 0x00, 0x1E,
-    0x15, 0x27, 0x67, 0x54, 0xFC, 0xC6, 0x85, 0x66,
-    0x05, 0x41, 0x48, 0xE6, 0xE7, 0x64, 0xBE, 0xE7,
-    0xC7, 0x64, 0xDA, 0xAD, 0x3F, 0xC4, 0x52, 0x35,
-    0xA6, 0xDA, 0xD4, 0x28, 0xFA, 0x20, 0xC1, 0x70,
-    0xE3, 0x45, 0x00, 0x3F, 0x2F, 0x06, 0xEC, 0x81,
-    0x05, 0xFE, 0xB2, 0x5B, 0x22, 0x81, 0xB6, 0x3D,
-    0x27, 0x33, 0xBE, 0x96, 0x1C, 0x29, 0x95, 0x1D,
-    0x11, 0xDD, 0x22, 0x21, 0x65, 0x7A, 0x9F, 0x53,
-    0x1D, 0xDA, 0x2A, 0x19, 0x4D, 0xBB, 0x12, 0x64,
-    0x48, 0xBD, 0xEE, 0xB2, 0x58, 0xE0, 0x7E, 0xA6,
-    0x59, 0xC7, 0x46, 0x19, 0xA6, 0x38, 0x0E, 0x1D,
-    0x66, 0xD6, 0x83, 0x2B, 0xFE, 0x67, 0xF6, 0x38,
-    0xCD, 0x8F, 0xAE, 0x1F, 0x27, 0x23, 0x02, 0x0F,
-    0x9C, 0x40, 0xA3, 0xFD, 0xA6, 0x7E, 0xDA, 0x3B,
-    0xD2, 0x92, 0x38, 0xFB, 0xD4, 0xD4, 0xB4, 0x88,
-    0x5C, 0x2A, 0x99, 0x17, 0x6D, 0xB1, 0xA0, 0x6C,
-    0x50, 0x07, 0x78, 0x49, 0x1A, 0x82, 0x88, 0xF1,
-    0x85, 0x5F, 0x60, 0xFF, 0xFC, 0xF1, 0xD1, 0x37,
-    0x3F, 0xD9, 0x4F, 0xC6, 0x0C, 0x18, 0x11, 0xE1,
-    0xAC, 0x3F, 0x1C, 0x6D, 0x00, 0x3B, 0xEC, 0xDA,
-    0x3B, 0x1F, 0x27, 0x25, 0xCA, 0x59, 0x5D, 0xE0,
-    0xCA, 0x63, 0x32, 0x8F, 0x3B, 0xE5, 0x7C, 0xC9,
-    0x77, 0x55, 0x60, 0x11, 0x95, 0x14, 0x0D, 0xFB,
-    0x59, 0xD3, 0x9C, 0xE0, 0x91, 0x30, 0x8B, 0x41,
-    0x05, 0x74, 0x6D, 0xAC, 0x23, 0xD3, 0x3E, 0x5F,
-    0x7C, 0xE4, 0x84, 0x8D, 0xA3, 0x16, 0xA9, 0xC6,
-    0x6B, 0x95, 0x81, 0xBA, 0x35, 0x73, 0xBF, 0xAF,
-    0x31, 0x14, 0x96, 0x18, 0x8A, 0xB1, 0x54, 0x23,
-    0x28, 0x2E, 0xE4, 0x16, 0xDC, 0x2A, 0x19, 0xC5,
-    0x72, 0x4F, 0xA9, 0x1A, 0xE4, 0xAD, 0xC8, 0x8B,
-    0xC6, 0x67, 0x96, 0xEA, 0xE5, 0x67, 0x7A, 0x01,
-    0xF6, 0x4E, 0x8C, 0x08, 0x63, 0x13, 0x95, 0x82,
-    0x2D, 0x9D, 0xB8, 0xFC, 0xEE, 0x35, 0xC0, 0x6B,
-    0x1F, 0xEE, 0xA5, 0x47, 0x4D, 0x6D, 0x8F, 0x34,
-    0xB1, 0x53, 0x4A, 0x93, 0x6A, 0x18, 0xB0, 0xE0,
-    0xD2, 0x0E, 0xAB, 0x86, 0xBC, 0x9C, 0x6D, 0x6A,
-    0x52, 0x07, 0x19, 0x4E, 0x67, 0xFA, 0x35, 0x55,
-    0x1B, 0x56, 0x80, 0x26, 0x7B, 0x00, 0x64, 0x1C,
-    0x0F, 0x21, 0x2D, 0x18, 0xEC, 0xA8, 0xD7, 0x32,
-    0x7E, 0xD9, 0x1F, 0xE7, 0x64, 0xA8, 0x4E, 0xA1,
-    0xB4, 0x3F, 0xF5, 0xB4, 0xF6, 0xE8, 0xE6, 0x2F,
-    0x05, 0xC6, 0x61, 0xDE, 0xFB, 0x25, 0x88, 0x77,
-    0xC3, 0x5B, 0x18, 0xA1, 0x51, 0xD5, 0xC4, 0x14,
-    0xAA, 0xAD, 0x97, 0xBA, 0x3E, 0x49, 0x93, 0x32,
-    0xE5, 0x96, 0x07, 0x8E, 0x60, 0x0D, 0xEB, 0x81,
-    0x14, 0x9C, 0x44, 0x1C, 0xE9, 0x57, 0x82, 0xF2,
-    0x2A, 0x28, 0x25, 0x63, 0xC5, 0xBA, 0xC1, 0x41,
-    0x14, 0x23, 0x60, 0x5D, 0x1A, 0xE1, 0xAF, 0xAE,
-    0x2C, 0x8B, 0x06, 0x60, 0x23, 0x7E, 0xC1, 0x28,
-    0xAA, 0x0F, 0xE3, 0x46, 0x4E, 0x43, 0x58, 0x11,
-    0x5D, 0xB8, 0x4C, 0xC3, 0xB5, 0x23, 0x07, 0x3A,
-    0x28, 0xD4, 0x54, 0x98, 0x84, 0xB8, 0x1F, 0xF7,
-    0x0E, 0x10, 0xBF, 0x36, 0x1C, 0x13, 0x72, 0x96,
-    0x28, 0xD5, 0x34, 0x8F, 0x07, 0x21, 0x1E, 0x7E,
-    0x4C, 0xF4, 0xF1, 0x8B, 0x28, 0x60, 0x90, 0xBD,
-    0xB1, 0x24, 0x0B, 0x66, 0xD6, 0xCD, 0x4A, 0xFC,
-    0xEA, 0xDC, 0x00, 0xCA, 0x44, 0x6C, 0xE0, 0x50,
-    0x50, 0xFF, 0x18, 0x3A, 0xD2, 0xBB, 0xF1, 0x18,
-    0xC1, 0xFC, 0x0E, 0xA5, 0x1F, 0x97, 0xD2, 0x2B,
-    0x8F, 0x7E, 0x46, 0x70, 0x5D, 0x45, 0x27, 0xF4,
-    0x5B, 0x42, 0xAE, 0xFF, 0x39, 0x58, 0x53, 0x37,
-    0x6F, 0x69, 0x7D, 0xD5, 0xFD, 0xF2, 0xC5, 0x18,
-    0x7D, 0x7D, 0x5F, 0x0E, 0x2E, 0xB8, 0xD4, 0x3F,
-    0x17, 0xBA, 0x0F, 0x7C, 0x60, 0xFF, 0x43, 0x7F,
-    0x53, 0x5D, 0xFE, 0xF2, 0x98, 0x33, 0xBF, 0x86,
-    0xCB, 0xE8, 0x8E, 0xA4, 0xFB, 0xD4, 0x22, 0x1E,
-    0x84, 0x11, 0x72, 0x83, 0x54, 0xFA, 0x30, 0xA7,
-    0x00, 0x8F, 0x15, 0x4A, 0x41, 0xC7, 0xFC, 0x46,
-    0x6B, 0x46, 0x45, 0xDB, 0xE2, 0xE3, 0x21, 0x26,
-    0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-};
-#endif /* HAVE_FFDHE_Q */
-
-#ifdef HAVE_PUBLIC_FFDHE
-const DhParams* wc_Dh_ffdhe8192_Get(void)
-{
-    static const DhParams ffdhe8192 = {
-        #ifdef HAVE_FFDHE_Q
-            dh_ffdhe8192_q, sizeof(dh_ffdhe8192_q),
-        #endif /* HAVE_FFDHE_Q */
-        dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p),
-        dh_ffdhe8192_g, sizeof(dh_ffdhe8192_g)
-    };
-    return &ffdhe8192;
-}
-#endif
-#endif
-
-int wc_InitDhKey_ex(DhKey* key, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    key->heap = heap; /* for XMALLOC/XFREE in future */
-    key->trustedGroup = 0;
-
-#ifdef WOLFSSL_DH_EXTRA
-    if (mp_init_multi(&key->p, &key->g, &key->q, &key->pub, &key->priv, NULL) != MP_OKAY)
-#else
-    if (mp_init_multi(&key->p, &key->g, &key->q, NULL, NULL, NULL) != MP_OKAY)
-#endif
-        return MEMORY_E;
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
-    /* handle as async */
-    ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH,
-        key->heap, devId);
-#else
-    (void)devId;
-#endif
-
-    key->trustedGroup = 0;
-
-#ifdef WOLFSSL_KCAPI_DH
-    key->handle = NULL;
-#endif
-
-    return ret;
-}
-
-int wc_InitDhKey(DhKey* key)
-{
-    return wc_InitDhKey_ex(key, NULL, INVALID_DEVID);
-}
-
-
-int wc_FreeDhKey(DhKey* key)
-{
-    if (key) {
-        mp_clear(&key->p);
-        mp_clear(&key->g);
-        mp_clear(&key->q);
-    #ifdef WOLFSSL_DH_EXTRA
-        mp_clear(&key->pub);
-        mp_forcezero(&key->priv);
-    #endif
-
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
-        wolfAsync_DevCtxFree(&key->asyncDev, WOLFSSL_ASYNC_MARKER_DH);
-    #endif
-    #ifdef WOLFSSL_KCAPI_DH
-        KcapiDh_Free(key);
-    #endif
-    }
-    return 0;
-}
-
-
-static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
-       const byte* prime, word32 primeSz, int partial);
-#if FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_DH_KEYGEN)
-static int _ffc_pairwise_consistency_test(DhKey* key,
-        const byte* pub, word32 pubSz, const byte* priv, word32 privSz);
-#endif
-
-#ifndef WOLFSSL_KCAPI_DH
-
-#ifndef WC_NO_RNG
-/* if defined to not use floating point values do not compile in */
-#ifndef WOLFSSL_DH_CONST
-    static word32 DiscreteLogWorkFactor(word32 n)
-    {
-        /* assuming discrete log takes about the same time as factoring */
-        if (n < 5)
-            return 0;
-        else
-            return (word32)((double)2.4 * XPOW((double)n, 1.0/3.0) *
-                    XPOW(XLOG((double)n), 2.0/3.0) - 5);
-    }
-#endif /* WOLFSSL_DH_CONST*/
-
-
-/* if not using fixed points use DiscreteLogWorkFactor function for unusual size
-   otherwise round up on size needed */
-#ifndef WOLFSSL_DH_CONST
-    #define WOLFSSL_DH_ROUND(x) WC_DO_NOTHING
-#else
-    #define WOLFSSL_DH_ROUND(x) \
-        do {                    \
-            if (x % 128) {      \
-                x &= 0xffffff80;\
-                x += 128;       \
-            }                   \
-        }                       \
-        while (0)
-#endif
-
-
-#ifndef WOLFSSL_NO_DH186
-/* validate that (L,N) match allowed sizes from SP 800-56A, Section 5.5.1.1.
- * modLen - represents L, the size of p in bits
- * divLen - represents N, the size of q in bits
- * return 0 on success, -1 on error */
-static int CheckDhLN(word32 modLen, word32 divLen)
-{
-    int ret = -1;
-
-    switch (modLen) {
-        /* FA */
-        case 1024:
-            if (divLen == 160)
-                ret = 0;
-            break;
-        /* FB, FC */
-        case 2048:
-            if (divLen == 224 || divLen == 256)
-                ret = 0;
-            break;
-        default:
-            break;
-    }
-
-    return ret;
-}
-
-
-/* Create DH private key
- *
- * Based on NIST SP 800-56Ar3
- * "5.6.1.1.3 Key Pair Generation Using Extra Random Bits"
- *
- * dh     - pointer to initialized DhKey structure, needs to have dh->q
- * rng    - pointer to initialized WC_RNG structure
- * priv   - output location for generated private key
- * privSz - IN/OUT, size of priv buffer, size of generated private key
- *
- * return 0 on success, negative on error */
-static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
-                                word32* privSz)
-{
-    word32 qSz, pSz, cSz;
-    int err;
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int* tmpQ = NULL;
-    mp_int* tmpX = NULL;
-    byte* cBuf = NULL;
-#else
-    mp_int tmpQ[1], tmpX[1];
-    byte cBuf[DH_MAX_SIZE + 64 / WOLFSSL_BIT_SIZE];
-#endif
-
-    /* Parameters validated in calling functions. */
-
-    if (mp_iszero(&key->q) == MP_YES) {
-        WOLFSSL_MSG("DH q parameter needed for FIPS 186-4 key generation");
-        return BAD_FUNC_ARG;
-    }
-
-    qSz = (word32)mp_unsigned_bin_size(&key->q);
-    pSz = (word32)mp_unsigned_bin_size(&key->p);
-
-    /* verify (L,N) pair bit lengths */
-    /* Trusted primes don't need to be checked. */
-    if (!key->trustedGroup &&
-            CheckDhLN(pSz * WOLFSSL_BIT_SIZE, qSz * WOLFSSL_BIT_SIZE) != 0) {
-        WOLFSSL_MSG("DH param sizes do not match SP 800-56A requirements");
-        return BAD_FUNC_ARG;
-    }
-
-    /* generate extra 64 bits so that bias from mod function is negligible */
-    cSz = *privSz + (64 / WOLFSSL_BIT_SIZE);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    cBuf = (byte*)XMALLOC(cSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (cBuf == NULL) {
-        return MEMORY_E;
-    }
-    tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (tmpQ == NULL) {
-        XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-    tmpX = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (tmpX == NULL) {
-        XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-#endif
-
-
-    if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL))
-                   != MP_OKAY) {
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
-#endif
-        return err;
-    }
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("GeneratePrivateDh186 cBuf", cBuf, cSz); /* cppcheck-suppress uninitvar */
-    mp_memzero_add("GeneratePrivateDh186 tmpX", tmpX);
-#endif
-    do {
-        /* generate N+64 bits (c) from RBG into tmpX, making sure positive.
-         * Hash_DRBG uses SHA-256 which matches maximum
-         * requested_security_strength of (L,N) */
-        err = wc_RNG_GenerateBlock(rng, cBuf, cSz);
-        if (err == MP_OKAY)
-            err = mp_read_unsigned_bin(tmpX, cBuf, cSz);
-        if (err != MP_OKAY) {
-            mp_clear(tmpX);
-            mp_clear(tmpQ);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-            XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
-            XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
-#endif
-            return err;
-        }
-    } while (mp_cmp_d(tmpX, 1) != MP_GT);
-
-    ForceZero(cBuf, cSz);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    wc_MemZero_Check(cBuf, cSz);
-#endif
-
-    /* tmpQ: M = min(2^N,q) - 1 */
-    if (err == MP_OKAY)
-        err = mp_2expt(tmpQ, (int)*privSz * 8);
-
-    if (err == MP_OKAY) {
-        if (mp_cmp(tmpQ, &key->q) == MP_GT) {
-            err = mp_copy(&key->q, tmpQ);
-        }
-    }
-
-    if (err == MP_OKAY)
-        err = mp_sub_d(tmpQ, 1, tmpQ);
-
-    /* x = c mod (M), tmpX holds c */
-    if (err == MP_OKAY)
-        err = mp_mod(tmpX, tmpQ, tmpX);
-
-    /* x = c mod (M) + 1 */
-    if (err == MP_OKAY)
-        err = mp_add_d(tmpX, 1, tmpX);
-
-    /* copy tmpX into priv */
-    if (err == MP_OKAY) {
-        pSz = (word32)mp_unsigned_bin_size(tmpX);
-        if (pSz > *privSz) {
-            WOLFSSL_MSG("DH private key output buffer too small");
-            err = BAD_FUNC_ARG;
-        } else {
-            *privSz = pSz;
-            err = mp_to_unsigned_bin(tmpX, priv);
-        }
-    }
-
-    mp_forcezero(tmpX);
-    mp_clear(tmpQ);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(tmpX);
-#endif
-
-    return err;
-}
-#endif /* WOLFSSL_NO_DH186 */
-#endif /* !WC_NO_RNG */
-
-static int GeneratePrivateDh(DhKey* key, WC_RNG* rng, byte* priv,
-                             word32* privSz)
-{
-#ifndef WC_NO_RNG
-    int ret = 0;
-    word32 sz = 0;
-
-    if (mp_iseven(&key->p) == MP_YES) {
-        ret = MP_VAL;
-    }
-    else
-#ifndef WOLFSSL_NO_DH186
-    if (mp_iszero(&key->q) == MP_NO) {
-
-        /* q param available, use NIST SP 800-56Ar3, "5.6.1.1.3 Key Pair
-         * Generation Using Extra Random Bits" */
-        ret = GeneratePrivateDh186(key, rng, priv, privSz);
-
-    }
-    else
-#endif
-    {
-
-        sz = (word32)mp_unsigned_bin_size(&key->p);
-
-        /* Table of predetermined values from the operation
-           2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
-           WOLFSSL_BIT_SIZE + 1
-           Sizes in table checked against RFC 3526
-         */
-        WOLFSSL_DH_ROUND(sz); /* if using fixed points only, then round up */
-        switch (sz) {
-            case 128:  sz = 21; break;
-            case 256:  sz = 29; break;
-            case 384:  sz = 34; break;
-            case 512:  sz = 39; break;
-            case 640:  sz = 42; break;
-            case 768:  sz = 46; break;
-            case 896:  sz = 49; break;
-            case 1024: sz = 52; break;
-            default:
-            #ifndef WOLFSSL_DH_CONST
-                /* if using floating points and size of p is not in table */
-                sz = min(sz, 2 * DiscreteLogWorkFactor(sz * WOLFSSL_BIT_SIZE) /
-                                           WOLFSSL_BIT_SIZE + 1);
-                break;
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-        }
-
-        if (sz > *privSz)
-            ret = WC_KEY_SIZE_E;
-
-        if (ret == 0)
-            ret = wc_RNG_GenerateBlock(rng, priv, sz);
-
-        if (ret == 0) {
-            priv[0] |= 0x0C;
-            *privSz = sz;
-        }
-    }
-
-    return ret;
-#else
-    (void)key;
-    (void)rng;
-    (void)priv;
-    (void)privSz;
-    return NOT_COMPILED_IN;
-#endif /* WC_NO_RNG */
-}
-
-
-static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
-    byte* pub, word32* pubSz)
-{
-    int ret = 0;
-#ifndef WOLFSSL_SP_MATH
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int* x;
-    mp_int* y;
-#else
-    mp_int x[1];
-    mp_int y[1];
-#endif
-#endif
-
-    if (*pubSz < (word32)mp_unsigned_bin_size(&key->p)) {
-        return WC_KEY_SIZE_E;
-    }
-
-#ifdef WOLFSSL_HAVE_SP_DH
-#ifndef WOLFSSL_SP_NO_2048
-    if (mp_count_bits(&key->p) == 2048)
-        return sp_DhExp_2048(&key->g, priv, privSz, &key->p, pub, pubSz);
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-    if (mp_count_bits(&key->p) == 3072)
-        return sp_DhExp_3072(&key->g, priv, privSz, &key->p, pub, pubSz);
-#endif
-#ifdef WOLFSSL_SP_4096
-    if (mp_count_bits(&key->p) == 4096)
-        return sp_DhExp_4096(&key->g, priv, privSz, &key->p, pub, pubSz);
-#endif
-#endif
-
-#if !defined(WOLFSSL_SP_MATH)
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (x == NULL)
-        return MEMORY_E;
-    y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (y == NULL) {
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-#endif
-    if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY) {
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        return MP_INIT_E;
-    }
-
-    if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
-        ret = MP_READ_E;
-
-    if (ret == 0 && mp_exptmod(&key->g, x, &key->p, y) != MP_OKAY)
-        ret = MP_EXPTMOD_E;
-
-    if (ret == 0 && mp_to_unsigned_bin(y, pub) != MP_OKAY)
-        ret = MP_TO_E;
-
-    if (ret == 0)
-        *pubSz = (word32)mp_unsigned_bin_size(y);
-
-    mp_clear(y);
-    mp_forcezero(x);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-#endif
-#else
-    ret = WC_KEY_SIZE_E;
-#endif
-
-    return ret;
-}
-
-/**
- * Given a DhKey with set params and a priv key, generate the corresponding
- * public key. If fips, does pub key validation.
- * */
-int wc_DhGeneratePublic(DhKey* key, byte* priv, word32 privSz,
-    byte* pub, word32* pubSz)
-{
-    int ret = 0;
-
-    if (key == NULL || priv == NULL || privSz == 0 ||
-        pub == NULL || pubSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    ret = GeneratePublicDh(key, priv, privSz, pub, pubSz);
-
-    #if FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_DH_KEYGEN)
-    if (ret == 0)
-        ret = _ffc_validate_public_key(key, pub, *pubSz, NULL, 0, 0);
-    if (ret == 0)
-        ret = _ffc_pairwise_consistency_test(key, pub, *pubSz, priv, privSz);
-    #endif /* FIPS V5 or later || WOLFSSL_VALIDATE_DH_KEYGEN */
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return ret;
-}
-
-static int wc_DhGenerateKeyPair_Sync(DhKey* key, WC_RNG* rng,
-    byte* priv, word32* privSz, byte* pub, word32* pubSz)
-{
-    int ret;
-
-    if (key == NULL || rng == NULL || priv == NULL || privSz == NULL ||
-        pub == NULL || pubSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    ret = GeneratePrivateDh(key, rng, priv, privSz);
-
-    if (ret == 0)
-        ret = GeneratePublicDh(key, priv, *privSz, pub, pubSz);
-#if FIPS_VERSION_GE(5,0) || defined(WOLFSSL_VALIDATE_DH_KEYGEN)
-    if (ret == 0)
-        ret = _ffc_validate_public_key(key, pub, *pubSz, NULL, 0, 0);
-    if (ret == 0)
-        ret = _ffc_pairwise_consistency_test(key, pub, *pubSz, priv, *privSz);
-#endif /* FIPS V5 or later || WOLFSSL_VALIDATE_DH_KEYGEN */
-
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return ret;
-}
-#endif /* !WOLFSSL_KCAPI_DH */
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
-static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
-    byte* priv, word32* privSz, byte* pub, word32* pubSz)
-{
-    int ret;
-
-#if defined(HAVE_INTEL_QA)
-    word32 pBits;
-
-    /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */
-    pBits = mp_unsigned_bin_size(&key->p) * 8;
-    if (pBits == 768 ||  pBits == 1024 || pBits == 1536 ||
-        pBits == 2048 || pBits == 3072 || pBits == 4096) {
-        mp_int x;
-
-        ret = mp_init(&x);
-        if (ret != MP_OKAY)
-            return ret;
-
-        ret = GeneratePrivateDh(key, rng, priv, privSz);
-        if (ret == 0)
-            ret = mp_read_unsigned_bin(&x, priv, *privSz);
-        if (ret == MP_OKAY)
-            ret = wc_mp_to_bigint(&x, &x.raw);
-        if (ret == MP_OKAY)
-            ret = wc_mp_to_bigint(&key->p, &key->p.raw);
-        if (ret == MP_OKAY)
-            ret = wc_mp_to_bigint(&key->g, &key->g.raw);
-        if (ret == MP_OKAY)
-            ret = IntelQaDhKeyGen(&key->asyncDev, &key->p.raw, &key->g.raw,
-                &x.raw, pub, pubSz);
-        mp_clear(&x);
-
-        return ret;
-    }
-
-#elif defined(HAVE_CAVIUM)
-    /* TODO: Not implemented - use software for now */
-
-#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-    if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_GEN)) {
-        WC_ASYNC_SW* sw = &key->asyncDev.sw;
-        sw->dhGen.key = key;
-        sw->dhGen.rng = rng;
-        sw->dhGen.priv = priv;
-        sw->dhGen.privSz = privSz;
-        sw->dhGen.pub = pub;
-        sw->dhGen.pubSz = pubSz;
-        return WC_PENDING_E;
-    }
-#endif
-
-    /* otherwise use software DH */
-    ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz);
-
-    return ret;
-}
-#endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_DH */
-
-
-/* Check DH Public Key for invalid numbers, optionally allowing
- * the public key to be checked against the large prime (q).
- * If q is NULL, the q value of key is used.
- * Check per process in SP 800-56Ar3, section 5.6.2.3.1 or 2.
- *
- * key     DH key group parameters.
- * pub     Public Key.
- * pubSz   Public Key size.
- * prime   Large prime (q), optionally NULL to skip check
- * primeSz Size of large prime
- * partial Do the partial test process. (section 5.6.2.3.2)
- *
- *  returns 0 on success or error code
- */
-static int _ffc_validate_public_key(DhKey* key, const byte* pub, word32 pubSz,
-       const byte* prime, word32 primeSz, int partial)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int* y = NULL;
-    mp_int* p = NULL;
-    mp_int* q = NULL;
-#else
-    mp_int y[1];
-    mp_int p[1];
-    mp_int q[1];
-#endif
-
-    if (key == NULL || pub == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (y == NULL)
-        return MEMORY_E;
-    p = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (p == NULL) {
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-    q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (q == NULL) {
-        XFREE(p, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-#endif
-
-    if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) {
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(q, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(p, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        return MP_INIT_E;
-    }
-
-    SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-    if (mp_read_unsigned_bin(y, pub, pubSz) != MP_OKAY) {
-        ret = MP_READ_E;
-    }
-
-    if (ret == 0 && prime != NULL) {
-        if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
-            ret = MP_READ_E;
-
-    } else if (mp_iszero(&key->q) == MP_NO) {
-        /* use q available in DhKey */
-        if (mp_copy(&key->q, q) != MP_OKAY)
-            ret = MP_INIT_E;
-    }
-
-    /* SP 800-56Ar3, section 5.6.2.3.2 */
-    /* pub (y) should not be 0 or 1 */
-    if (ret == 0 && mp_cmp_d(y, 2) == MP_LT) {
-        ret = MP_CMP_E;
-    }
-
-    /* pub (y) shouldn't be greater than or equal to p - 1 */
-    if (ret == 0 && mp_copy(&key->p, p) != MP_OKAY) {
-        ret = MP_INIT_E;
-    }
-    if (ret == 0 && mp_sub_d(p, 2, p) != MP_OKAY) {
-        ret = MP_SUB_E;
-    }
-    if (ret == 0 && mp_cmp(y, p) == MP_GT) {
-        ret = MP_CMP_E;
-    }
-
-    if (!partial) {
-        if (ret == 0 && (prime != NULL || (mp_iszero(&key->q) == MP_NO) )) {
-
-            /* restore key->p into p */
-            if (mp_copy(&key->p, p) != MP_OKAY)
-                ret = MP_INIT_E;
-        }
-
-        /* SP 800-56Ar3, section 5.6.2.3.1, process step 2 */
-        if (ret == 0 && prime != NULL) {
-#ifdef WOLFSSL_HAVE_SP_DH
-#ifndef WOLFSSL_SP_NO_2048
-            if (mp_count_bits(&key->p) == 2048) {
-                ret = sp_ModExp_2048(y, q, p, y);
-                if (ret != 0)
-                    ret = MP_EXPTMOD_E;
-            }
-            else
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-            if (mp_count_bits(&key->p) == 3072) {
-                ret = sp_ModExp_3072(y, q, p, y);
-                if (ret != 0)
-                    ret = MP_EXPTMOD_E;
-            }
-            else
-#endif
-#ifdef WOLFSSL_SP_4096
-            if (mp_count_bits(&key->p) == 4096) {
-                ret = sp_ModExp_4096(y, q, p, y);
-                if (ret != 0)
-                    ret = MP_EXPTMOD_E;
-            }
-            else
-#endif
-#endif
-
-            {
-#if !defined(WOLFSSL_SP_MATH)
-                /* calculate (y^q) mod(p), store back into y */
-                if (mp_exptmod(y, q, p, y) != MP_OKAY)
-                    ret = MP_EXPTMOD_E;
-#else
-                ret = WC_KEY_SIZE_E;
-#endif
-            }
-
-            /* verify above == 1 */
-            if (ret == 0 && mp_cmp_d(y, 1) != MP_EQ)
-                ret = MP_CMP_E;
-        }
-    }
-
-    mp_clear(y);
-    mp_clear(p);
-    mp_clear(q);
-
-    RESTORE_VECTOR_REGISTERS();
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(q, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(p, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-#endif
-
-    return ret;
-}
-
-
-/* Performs a full public-key validation routine. */
-int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
-                        const byte* prime, word32 primeSz)
-{
-    return _ffc_validate_public_key(key, pub, pubSz, prime, primeSz, 0);
-}
-
-
-/* Check DH Public Key for invalid numbers. Performs a partial public-key
- * validation routine.
- *
- * key   DH key group parameters.
- * pub   Public Key.
- * pubSz Public Key size.
- *
- *  returns 0 on success or error code
- */
-int wc_DhCheckPubKey(DhKey* key, const byte* pub, word32 pubSz)
-{
-    return _ffc_validate_public_key(key, pub, pubSz, NULL, 0, 1);
-}
-
-
-/**
- * Quick validity check of public key value against prime.
- * Checks are:
- *   - Public key not 0 or 1
- *   - Public key not equal to prime or prime - 1
- *   - Public key not bigger than prime.
- *
- * prime    Big-endian encoding of prime in bytes.
- * primeSz  Size of prime in bytes.
- * pub      Big-endian encoding of public key in bytes.
- * pubSz    Size of public key in bytes.
- */
-int wc_DhCheckPubValue(const byte* prime, word32 primeSz, const byte* pub,
-                       word32 pubSz)
-{
-    int ret = 0;
-    word32 i;
-
-    for (i = 0; i < pubSz && pub[i] == 0; i++) {
-    }
-    pubSz -= i;
-    pub += i;
-
-    if (pubSz == 0 || (pubSz == 1 && pub[0] == 1))
-        ret = MP_VAL;
-    else if (pubSz == primeSz) {
-        for (i = 0; i < pubSz-1 && pub[i] == prime[i]; i++) {
-        }
-        if (i == pubSz-1 && (pub[i] == prime[i] || pub[i] == prime[i] - 1))
-            ret = MP_VAL;
-        else if (pub[i] > prime[i])
-            ret = MP_VAL;
-    }
-    else if (pubSz > primeSz)
-        ret = MP_VAL;
-
-    return ret;
-}
-
-
-/* Check DH Private Key for invalid numbers, optionally allowing
- * the private key to be checked against the large prime (q).
- * Check per process in SP 800-56Ar3, section 5.6.2.1.2.
- *
- * key     DH key group parameters.
- * priv    Private Key.
- * privSz  Private Key size.
- * prime   Large prime (q), optionally NULL to skip check
- * primeSz Size of large prime
- *
- *  returns 0 on success or error code
- */
-int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
-                         const byte* prime, word32 primeSz)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int* x = NULL;
-    mp_int* q = NULL;
-#else
-    mp_int x[1];
-    mp_int q[1];
-#endif
-
-    if (key == NULL || priv == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (x == NULL)
-        return MEMORY_E;
-    q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (q == NULL) {
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-#endif
-
-    if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) {
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(q, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        return MP_INIT_E;
-    }
-
-    if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) {
-        ret = MP_READ_E;
-    }
-
-    if (ret == 0) {
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        mp_memzero_add("wc_DhCheckPrivKey_ex x", x);
-    #endif
-        if (prime != NULL) {
-            if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
-                ret = MP_READ_E;
-        }
-        else if (mp_iszero(&key->q) == MP_NO) {
-            /* use q available in DhKey */
-            if (mp_copy(&key->q, q) != MP_OKAY)
-                ret = MP_INIT_E;
-        }
-    }
-
-    /* priv (x) should not be 0 */
-    if (ret == 0) {
-        if (mp_cmp_d(x, 0) == MP_EQ)
-            ret = MP_CMP_E;
-    }
-
-    if (ret == 0) {
-        if (mp_iszero(q) == MP_NO) {
-            /* priv (x) shouldn't be greater than q - 1 */
-            if (mp_copy(&key->q, q) != MP_OKAY)
-                ret = MP_INIT_E;
-            if (ret == 0) {
-                if (mp_sub_d(q, 1, q) != MP_OKAY)
-                    ret = MP_SUB_E;
-            }
-            if (ret == 0) {
-                if (mp_cmp(x, q) == MP_GT)
-                    ret = DH_CHECK_PRIV_E;
-            }
-        }
-    }
-
-    mp_forcezero(x);
-    mp_clear(q);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(q, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(x);
-#endif
-
-    return ret;
-}
-
-
-/* Check DH Private Key for invalid numbers
- *
- * key    DH key group parameters.
- * priv   Private Key.
- * privSz Private Key size.
- *
- *  returns 0 on success or error code
- */
-int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 privSz)
-{
-    return wc_DhCheckPrivKey_ex(key, priv, privSz, NULL, 0);
-}
-
-
-/* Performs a Pairwise Consistency Test on an FFC key pair. */
-/* Check DH Keys for pair-wise consistency per process in
- * SP 800-56Ar3, section 5.6.2.1.4, method (b) for FFC. */
-static int _ffc_pairwise_consistency_test(DhKey* key,
-        const byte* pub, word32 pubSz, const byte* priv, word32 privSz)
-{
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int* publicKey = NULL;
-    mp_int* privateKey = NULL;
-    mp_int* checkKey = NULL;
-#else
-    mp_int publicKey[1];
-    mp_int privateKey[1];
-    mp_int checkKey[1];
-#endif
-    int ret = 0;
-
-    if (key == NULL || pub == NULL || priv == NULL)
-        return BAD_FUNC_ARG;
-    if (mp_iseven(&key->p) == MP_YES)
-        return MP_VAL;
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (publicKey == NULL)
-        return MEMORY_E;
-    privateKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (privateKey == NULL) {
-        XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-    checkKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (checkKey == NULL) {
-        XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-#endif
-
-    if (mp_init_multi(publicKey, privateKey, checkKey,
-                      NULL, NULL, NULL) != MP_OKAY) {
-
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        return MP_INIT_E;
-    }
-
-    SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-    /* Load the private and public keys into big integers. */
-    if (mp_read_unsigned_bin(publicKey, pub, pubSz) != MP_OKAY ||
-        mp_read_unsigned_bin(privateKey, priv, privSz) != MP_OKAY) {
-
-        ret = MP_READ_E;
-    }
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    mp_memzero_add("_ffc_pairwise_consistency_test privateKey", privateKey);
-#endif
-
-    /* Calculate checkKey = g^privateKey mod p */
-    if (ret == 0) {
-#ifdef WOLFSSL_HAVE_SP_DH
-#ifndef WOLFSSL_SP_NO_2048
-        if (mp_count_bits(&key->p) == 2048) {
-            ret = sp_ModExp_2048(&key->g, privateKey, &key->p, checkKey);
-            if (ret != 0)
-                ret = MP_EXPTMOD_E;
-        }
-        else
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-        if (mp_count_bits(&key->p) == 3072) {
-            ret = sp_ModExp_3072(&key->g, privateKey, &key->p, checkKey);
-            if (ret != 0)
-                ret = MP_EXPTMOD_E;
-        }
-        else
-#endif
-#ifdef WOLFSSL_SP_4096
-        if (mp_count_bits(&key->p) == 4096) {
-            ret = sp_ModExp_4096(&key->g, privateKey, &key->p, checkKey);
-            if (ret != 0)
-                ret = MP_EXPTMOD_E;
-        }
-        else
-#endif
-#endif
-        {
-#if !defined(WOLFSSL_SP_MATH)
-            if (mp_exptmod(&key->g, privateKey, &key->p, checkKey) != MP_OKAY)
-                ret = MP_EXPTMOD_E;
-#else
-            ret = WC_KEY_SIZE_E;
-#endif
-        }
-    }
-
-    /* Compare the calculated public key to the supplied check value. */
-    if (ret == 0) {
-        if (mp_cmp(checkKey, publicKey) != MP_EQ)
-            ret = MP_CMP_E;
-    }
-
-    mp_forcezero(privateKey);
-    mp_clear(publicKey);
-    mp_clear(checkKey);
-
-    RESTORE_VECTOR_REGISTERS();
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(privateKey);
-#endif
-
-    return ret;
-}
-
-
-/* Check DH Keys for pair-wise consistency per process in
- * SP 800-56Ar3, section 5.6.2.1.4, method (b) for FFC.
- *
- * key    DH key group parameters.
- * pub    Public Key.
- * pubSz  Public Key size.
- * priv   Private Key.
- * privSz Private Key size.
- *
- *  returns 0 on success or error code
- */
-int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
-                      const byte* priv, word32 privSz)
-{
-    return _ffc_pairwise_consistency_test(key, pub, pubSz, priv, privSz);
-}
-
-
-int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng,
-    byte* priv, word32* privSz, byte* pub, word32* pubSz)
-{
-    int ret;
-
-    if (key == NULL || rng == NULL || priv == NULL || privSz == NULL ||
-                                                pub == NULL || pubSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_KCAPI_DH
-    (void)priv;
-    (void)privSz;
-    ret = KcapiDh_MakeKey(key, pub, pubSz);
-#else
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
-    if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) {
-        ret = wc_DhGenerateKeyPair_Async(key, rng, priv, privSz, pub, pubSz);
-    }
-    else
-#endif
-    {
-        ret = wc_DhGenerateKeyPair_Sync(key, rng, priv, privSz, pub, pubSz);
-    }
-#endif /* WOLFSSL_KCAPI_DH */
-
-    return ret;
-}
-
-#ifndef WOLFSSL_KCAPI_DH
-static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
-    const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz, int ct)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int* y = NULL;
-#if !defined(WOLFSSL_SP_MATH)
-    mp_int* x = NULL;
-    mp_int* z = NULL;
-#endif
-#else
-    mp_int y[1];
-#if !defined(WOLFSSL_SP_MATH)
-    mp_int x[1];
-    mp_int z[1];
-#endif
-#endif
-
-    if (mp_iseven(&key->p) == MP_YES) {
-        return MP_VAL;
-    }
-#ifdef WOLFSSL_VALIDATE_FFC_IMPORT
-    if (wc_DhCheckPrivKey(key, priv, privSz) != 0) {
-        WOLFSSL_MSG("wc_DhAgree wc_DhCheckPrivKey failed");
-        return DH_CHECK_PRIV_E;
-    }
-
-    if (wc_DhCheckPubKey(key, otherPub, pubSz) != 0) {
-        WOLFSSL_MSG("wc_DhAgree wc_DhCheckPubKey failed");
-        return DH_CHECK_PUB_E;
-    }
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (y == NULL)
-        return MEMORY_E;
-#if !defined(WOLFSSL_SP_MATH)
-    x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (x == NULL) {
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-    z = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
-    if (z == NULL) {
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-        return MEMORY_E;
-    }
-#endif
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_DH
-    if (0
-#ifndef WOLFSSL_SP_NO_2048
-        || mp_count_bits(&key->p) == 2048
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-        || mp_count_bits(&key->p) == 3072
-#endif
-#ifdef WOLFSSL_SP_4096
-        || mp_count_bits(&key->p) == 4096
-#endif
-       ) {
-        int i = (int)*agreeSz - 1;
-
-        if (mp_init(y) != MP_OKAY)
-            ret = MP_INIT_E;
-
-        if (ret == 0) {
-            SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-            if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
-                ret = MP_READ_E;
-
-            if (ret == 0) {
-            #ifndef WOLFSSL_SP_NO_2048
-                if (mp_count_bits(&key->p) == 2048) {
-                    ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree,
-                                        agreeSz);
-                }
-            #endif
-            #ifndef WOLFSSL_SP_NO_3072
-                if (mp_count_bits(&key->p) == 3072) {
-                    ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree,
-                                        agreeSz);
-                }
-            #endif
-            #ifdef WOLFSSL_SP_4096
-                if (mp_count_bits(&key->p) == 4096) {
-                    ret = sp_DhExp_4096(y, priv, privSz, &key->p, agree,
-                                        agreeSz);
-                }
-            #endif
-            }
-
-            mp_clear(y);
-
-            RESTORE_VECTOR_REGISTERS();
-        }
-
-        /* make sure agree is > 1 (SP800-56A, 5.7.1.1) */
-        if ((ret == 0) &&
-            ((*agreeSz == 0) || ((*agreeSz == 1) && (agree[0] == 1))))
-        {
-            ret = MP_VAL;
-        }
-
-        if ((ret == 0) && ct) {
-            volatile word16 mask = 0xff;
-            sword16 o = (sword16)(*agreeSz - 1);
-
-            *agreeSz = (word32)(i + 1);
-            for (; i >= 0 ; i--) {
-                agree[i] = agree[o] & (byte)mask;
-                mask = ctMask16LT(0, (int)o);
-                o = (sword16)(o + (sword16)mask);
-            }
-        }
-
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    #if !defined(WOLFSSL_SP_MATH)
-        XFREE(z, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        return ret;
-    }
-#endif
-
-#if !defined(WOLFSSL_SP_MATH)
-    if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY) {
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(z, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-        XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-    #endif
-        return MP_INIT_E;
-    }
-#if defined(WOLFSSL_SP_MATH_ALL)
-    if (ct) {
-        /* TFM and Integer implementations keep high words zero.
-         * SP math implementation needs all words set to zero as it doesn't
-         * ensure unused words are zero. */
-        mp_forcezero(x);
-    }
-#endif
-
-    SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-    if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
-        ret = MP_READ_E;
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    if (ret == 0)
-        mp_memzero_add("wc_DhAgree_Sync x", x);
-#endif
-
-    if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
-        ret = MP_READ_E;
-
-    if (ret == 0) {
-        if (ct) {
-            int bits;
-
-            /* x is mod q but if q not available, use p (> q). */
-            if (mp_iszero(&key->q) == MP_NO) {
-                bits = mp_count_bits(&key->q);
-            }
-            else {
-                bits = mp_count_bits(&key->p);
-            }
-            /* Exponentiate to the maximum words of a valid x to ensure a
-             * constant time operation. */
-            ret = mp_exptmod_ex(y, x, (bits + DIGIT_BIT - 1) / DIGIT_BIT,
-                                &key->p, z);
-        }
-        else {
-            ret = mp_exptmod(y, x, &key->p, z);
-        }
-        if (ret != MP_OKAY)
-            ret = MP_EXPTMOD_E;
-    }
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    if (ret == 0)
-        mp_memzero_add("wc_DhAgree_Sync z", z);
-#endif
-
-    /* make sure z is not one (SP800-56A, 5.7.1.1) */
-    if (ret == 0 && (mp_cmp_d(z, 1) == MP_EQ))
-        ret = MP_VAL;
-
-    if (ret == 0) {
-        if (ct) {
-            /* Put the secret into a buffer in constant time. */
-            ret = mp_to_unsigned_bin_len_ct(z, agree, (int)*agreeSz);
-        }
-        else {
-            ret = mp_to_unsigned_bin(z, agree);
-            if (ret == MP_OKAY)
-                *agreeSz = (word32)mp_unsigned_bin_size(z);
-        }
-    }
-
-    mp_forcezero(z);
-    mp_clear(y);
-    mp_forcezero(x);
-
-    RESTORE_VECTOR_REGISTERS();
-
-#else
-    (void)ct;
-    ret = WC_KEY_SIZE_E;
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-#if !defined(WOLFSSL_SP_MATH)
-    XFREE(z, key->heap, DYNAMIC_TYPE_DH);
-    XFREE(x, key->heap, DYNAMIC_TYPE_DH);
-#endif
-    XFREE(y, key->heap, DYNAMIC_TYPE_DH);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(x);
-    mp_memzero_check(z);
-#endif
-
-    return ret;
-}
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
-static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
-    const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz)
-{
-    int ret;
-
-#if defined(HAVE_INTEL_QA)
-    word32 pBits;
-
-    /* QAT DH sizes: 768, 1024, 1536, 2048, 3072 and 4096 bits */
-    pBits = mp_unsigned_bin_size(&key->p) * 8;
-    if (pBits == 768 ||  pBits == 1024 || pBits == 1536 ||
-        pBits == 2048 || pBits == 3072 || pBits == 4096) {
-        ret = wc_mp_to_bigint(&key->p, &key->p.raw);
-        if (ret == MP_OKAY)
-            ret = IntelQaDhAgree(&key->asyncDev, &key->p.raw,
-                agree, agreeSz, priv, privSz, otherPub, pubSz);
-        return ret;
-    }
-
-#elif defined(HAVE_CAVIUM)
-    /* TODO: Not implemented - use software for now */
-
-#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-    if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_AGREE)) {
-        WC_ASYNC_SW* sw = &key->asyncDev.sw;
-        sw->dhAgree.key = key;
-        sw->dhAgree.agree = agree;
-        sw->dhAgree.agreeSz = agreeSz;
-        sw->dhAgree.priv = priv;
-        sw->dhAgree.privSz = privSz;
-        sw->dhAgree.otherPub = otherPub;
-        sw->dhAgree.pubSz = pubSz;
-        return WC_PENDING_E;
-    }
-#endif
-
-    /* otherwise use software DH */
-    ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz,
-                          0);
-
-    return ret;
-}
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#endif /* !WOLFSSL_KCAPI_DH */
-
-int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv,
-            word32 privSz, const byte* otherPub, word32 pubSz)
-{
-    int ret = 0;
-
-    if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL ||
-                                                            otherPub == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_KCAPI_DH
-    (void)priv;
-    (void)privSz;
-    ret = KcapiDh_SharedSecret(key, otherPub, pubSz, agree, agreeSz);
-#else
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_DH)
-    if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_DH) {
-        ret = wc_DhAgree_Async(key, agree, agreeSz, priv, privSz, otherPub,
-                               pubSz);
-    }
-    else
-#endif
-    {
-        ret = wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub,
-                              pubSz, 0);
-    }
-#endif /* WOLFSSL_KCAPI_DH */
-
-    return ret;
-}
-
-int wc_DhAgree_ct(DhKey* key, byte* agree, word32 *agreeSz, const byte* priv,
-            word32 privSz, const byte* otherPub, word32 pubSz)
-{
-    word32 requested_agreeSz;
-
-    if (key == NULL || agree == NULL || agreeSz == NULL || priv == NULL ||
-                                                            otherPub == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    requested_agreeSz = (word32)mp_unsigned_bin_size(&key->p);
-    if (requested_agreeSz > *agreeSz) {
-        return BUFFER_E;
-    }
-    *agreeSz = requested_agreeSz;
-
-    return wc_DhAgree_Sync(key, agree, agreeSz, priv, privSz, otherPub, pubSz,
-                           1);
-}
-
-#ifdef WOLFSSL_DH_EXTRA
-WOLFSSL_LOCAL int wc_DhKeyCopy(DhKey* src, DhKey* dst)
-{
-    int ret;
-
-    if (!src || !dst || src == dst) {
-        WOLFSSL_MSG("Parameters not provided or are the same");
-        return BAD_FUNC_ARG;
-    }
-
-    if ((ret = mp_copy(&src->p, &dst->p)) != MP_OKAY) {
-        WOLFSSL_MSG("mp_copy error");
-        return ret;
-    }
-
-    if ((ret = mp_copy(&src->g, &dst->g)) != MP_OKAY) {
-        WOLFSSL_MSG("mp_copy error");
-        return ret;
-    }
-
-    if ((ret = mp_copy(&src->q, &dst->q)) != MP_OKAY) {
-        WOLFSSL_MSG("mp_copy error");
-        return ret;
-    }
-
-    if ((ret = mp_copy(&src->pub, &dst->pub)) != MP_OKAY) {
-        WOLFSSL_MSG("mp_copy error");
-        return ret;
-    }
-
-    if ((ret = mp_copy(&src->priv, &dst->priv)) != MP_OKAY) {
-        WOLFSSL_MSG("mp_copy error");
-        return ret;
-    }
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    mp_memzero_add("wc_DhKeyCopy dst->priv", &dst->priv);
-#endif
-
-    dst->heap = src->heap;
-
-    return MP_OKAY;
-}
-
-/* Sets private and public key in DhKey if both are available, otherwise sets
-    either private or public key, depending on which is available. */
-int wc_DhImportKeyPair(DhKey* key, const byte* priv, word32 privSz,
-                       const byte* pub, word32 pubSz)
-{
-    byte havePriv, havePub;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    havePriv = ( (priv != NULL) && (privSz > 0) );
-    havePub  = ( (pub  != NULL) && (pubSz  > 0) );
-
-    if (!havePub && !havePriv) {
-        WOLFSSL_MSG("No Public or Private Key to Set");
-        return BAD_FUNC_ARG;
-    }
-
-    /* Set Private Key */
-    if (havePriv) {
-        /* may have leading 0 */
-        if (priv[0] == 0) {
-            privSz--; priv++;
-        }
-        if (mp_init(&key->priv) != MP_OKAY)
-            havePriv = 0;
-    }
-    if (havePriv) {
-        if (mp_read_unsigned_bin(&key->priv, priv, privSz) != MP_OKAY) {
-            mp_clear(&key->priv);
-            havePriv = 0;
-        } else {
-            WOLFSSL_MSG("DH Private Key Set");
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            mp_memzero_add("wc_DhImportKeyPair key->priv", &key->priv);
-        #endif
-        }
-    }
-
-    /* Set Public Key */
-    if (havePub) {
-        /* may have leading 0 */
-        if (pub[0] == 0) {
-            pubSz--; pub++;
-        }
-        if (mp_init(&key->pub) != MP_OKAY)
-            havePub = 0;
-    }
-    if (havePub) {
-        if (mp_read_unsigned_bin(&key->pub, pub, pubSz) != MP_OKAY) {
-            mp_clear(&key->pub);
-            havePub = 0;
-            if (havePriv) {
-                mp_forcezero(&key->priv);
-                havePriv = 0; /* set to 0 to error out with failed read pub */
-            }
-        } else {
-            WOLFSSL_MSG("DH Public Key Set");
-        }
-    }
-
-    if (havePriv == 0 && havePub == 0) {
-        return MEMORY_E;
-    }
-
-    return 0;
-}
-
-/* Can be used with WOLFSSL_DH_EXTRA when key is loaded with
-    wc_DhKeyDecode or wc_DhImportKeyPair */
-int wc_DhExportKeyPair(DhKey* key, byte* priv, word32* pPrivSz,
-    byte* pub, word32* pPubSz)
-{
-    int ret = 0;
-
-    if (key == NULL || (priv && pPrivSz == NULL) || (pub && pPubSz == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (priv) {
-        word32 privSz = (word32)mp_unsigned_bin_size(&key->priv);
-        if (privSz > *pPrivSz) {
-            return BUFFER_E;
-        }
-        *pPrivSz = privSz;
-        ret |= mp_to_unsigned_bin(&key->priv, priv);
-    }
-
-    if (pub) {
-        word32 pubSz = (word32)mp_unsigned_bin_size(&key->pub);
-        if (pubSz > *pPubSz) {
-            return BUFFER_E;
-        }
-        *pPubSz = pubSz;
-        ret |= mp_to_unsigned_bin(&key->pub,  pub);
-    }
-
-    if (ret != 0)
-        ret = ASN_DH_KEY_E;
-    return ret;
-}
-
-#endif /* WOLFSSL_DH_EXTRA */
-
-static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
-                     word32 gSz, const byte* q, word32 qSz, int trusted,
-                     WC_RNG* rng)
-{
-    int ret = 0;
-    mp_int* keyP = NULL;
-    mp_int* keyG = NULL;
-
-    if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    if (ret == 0) {
-        /* may have leading 0 */
-        if (p[0] == 0) {
-            pSz--; p++;
-        }
-
-        if (g[0] == 0) {
-            gSz--; g++;
-        }
-
-        if (q != NULL) {
-            if (q[0] == 0) {
-                qSz--; q++;
-            }
-        }
-
-        if (mp_init(&key->p) != MP_OKAY)
-            ret = MP_INIT_E;
-    }
-
-    if (ret == 0) {
-        if (mp_read_unsigned_bin(&key->p, p, pSz) != MP_OKAY)
-            ret = ASN_DH_KEY_E;
-        else
-            keyP = &key->p;
-    }
-
-    if (ret == 0 && !trusted) {
-        int isPrime = 0;
-
-        /* Short-circuit the primality check for p if it is one of the named
-         * public moduli (known primes) from RFC 7919.
-         */
-        #ifdef HAVE_FFDHE_2048
-        if ((pSz == sizeof(dh_ffdhe2048_p)) &&
-            (XMEMCMP(p, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p)) == 0))
-        {
-            isPrime = 1;
-        }
-        else
-        #endif
-        #ifdef HAVE_FFDHE_3072
-        if ((pSz == sizeof(dh_ffdhe3072_p)) &&
-            (XMEMCMP(p, dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p)) == 0))
-        {
-            isPrime = 1;
-        }
-        else
-        #endif
-        #ifdef HAVE_FFDHE_4096
-        if ((pSz == sizeof(dh_ffdhe4096_p)) &&
-            (XMEMCMP(p, dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p)) == 0))
-        {
-            isPrime = 1;
-        }
-        else
-        #endif
-        #ifdef HAVE_FFDHE_6144
-        if ((pSz == sizeof(dh_ffdhe6144_p)) &&
-            (XMEMCMP(p, dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p)) == 0))
-        {
-            isPrime = 1;
-        }
-        else
-        #endif
-        #ifdef HAVE_FFDHE_8192
-        if ((pSz == sizeof(dh_ffdhe8192_p)) &&
-            (XMEMCMP(p, dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p)) == 0))
-        {
-            isPrime = 1;
-        }
-        else
-        #endif
-        {
-            if (rng != NULL)
-                ret = mp_prime_is_prime_ex(keyP, 8, &isPrime, rng);
-            else
-                ret = mp_prime_is_prime(keyP, 8, &isPrime);
-        }
-
-        if (ret == 0 && isPrime == 0)
-            ret = DH_CHECK_PUB_E;
-    }
-
-    if (ret == 0 && mp_init(&key->g) != MP_OKAY)
-        ret = MP_INIT_E;
-    if (ret == 0) {
-        if (mp_read_unsigned_bin(&key->g, g, gSz) != MP_OKAY)
-            ret = ASN_DH_KEY_E;
-        else
-            keyG = &key->g;
-    }
-
-    if (ret == 0 && q != NULL) {
-        if (mp_init(&key->q) != MP_OKAY)
-            ret = MP_INIT_E;
-    }
-    if (ret == 0 && q != NULL) {
-        if (mp_read_unsigned_bin(&key->q, q, qSz) != MP_OKAY)
-            ret = MP_INIT_E;
-        else
-            key->trustedGroup = trusted;
-    }
-
-    if (ret != 0 && key != NULL) {
-        if (keyG)
-            mp_clear(keyG);
-        if (keyP)
-            mp_clear(keyP);
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return ret;
-}
-
-
-int wc_DhSetCheckKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
-                   word32 gSz, const byte* q, word32 qSz, int trusted,
-                   WC_RNG* rng)
-{
-    return _DhSetKey(key, p, pSz, g, gSz, q, qSz, trusted, rng);
-}
-
-
-int wc_DhSetKey_ex(DhKey* key, const byte* p, word32 pSz, const byte* g,
-                   word32 gSz, const byte* q, word32 qSz)
-{
-    return _DhSetKey(key, p, pSz, g, gSz, q, qSz, 0, NULL);
-}
-
-
-/* not in asn anymore since no actual asn types used */
-int wc_DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
-                word32 gSz)
-{
-    /* This should not have trusted set. */
-    return _DhSetKey(key, p, pSz, g, gSz, NULL, 0, 1, NULL);
-}
-
-
-int wc_DhSetNamedKey(DhKey* key, int name)
-{
-    const byte* p = NULL;
-    const byte* g = NULL;
-    const byte* q = NULL;
-    word32 pSz = 0, gSz = 0, qSz = 0;
-
-    switch (name) {
-        #ifdef HAVE_FFDHE_2048
-        case WC_FFDHE_2048:
-            p = dh_ffdhe2048_p;
-            pSz = sizeof(dh_ffdhe2048_p);
-            g = dh_ffdhe2048_g;
-            gSz = sizeof(dh_ffdhe2048_g);
-            #ifdef HAVE_FFDHE_Q
-            q = dh_ffdhe2048_q;
-            qSz = sizeof(dh_ffdhe2048_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_2048 */
-        #ifdef HAVE_FFDHE_3072
-        case WC_FFDHE_3072:
-            p = dh_ffdhe3072_p;
-            pSz = sizeof(dh_ffdhe3072_p);
-            g = dh_ffdhe3072_g;
-            gSz = sizeof(dh_ffdhe3072_g);
-            #ifdef HAVE_FFDHE_Q
-            q = dh_ffdhe3072_q;
-            qSz = sizeof(dh_ffdhe3072_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_3072 */
-        #ifdef HAVE_FFDHE_4096
-        case WC_FFDHE_4096:
-            p = dh_ffdhe4096_p;
-            pSz = sizeof(dh_ffdhe4096_p);
-            g = dh_ffdhe4096_g;
-            gSz = sizeof(dh_ffdhe4096_g);
-            #ifdef HAVE_FFDHE_Q
-            q = dh_ffdhe4096_q;
-            qSz = sizeof(dh_ffdhe4096_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_4096 */
-        #ifdef HAVE_FFDHE_6144
-        case WC_FFDHE_6144:
-            p = dh_ffdhe6144_p;
-            pSz = sizeof(dh_ffdhe6144_p);
-            g = dh_ffdhe6144_g;
-            gSz = sizeof(dh_ffdhe6144_g);
-            #ifdef HAVE_FFDHE_Q
-            q = dh_ffdhe6144_q;
-            qSz = sizeof(dh_ffdhe6144_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_6144 */
-        #ifdef HAVE_FFDHE_8192
-        case WC_FFDHE_8192:
-            p = dh_ffdhe8192_p;
-            pSz = sizeof(dh_ffdhe8192_p);
-            g = dh_ffdhe8192_g;
-            gSz = sizeof(dh_ffdhe8192_g);
-            #ifdef HAVE_FFDHE_Q
-            q = dh_ffdhe8192_q;
-            qSz = sizeof(dh_ffdhe8192_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_8192 */
-        default:
-            break;
-    }
-    return _DhSetKey(key, p, pSz, g, gSz, q, qSz, 1, NULL);
-}
-
-
-word32 wc_DhGetNamedKeyMinSize(int name)
-{
-    word32 size;
-
-    switch (name) {
-        #ifdef HAVE_FFDHE_2048
-        case WC_FFDHE_2048:
-            size = 29;
-            break;
-        #endif /* HAVE_FFDHE_2048 */
-        #ifdef HAVE_FFDHE_3072
-        case WC_FFDHE_3072:
-            size = 34;
-            break;
-        #endif /* HAVE_FFDHE_3072 */
-        #ifdef HAVE_FFDHE_4096
-        case WC_FFDHE_4096:
-            size = 39;
-            break;
-        #endif /* HAVE_FFDHE_4096 */
-        #ifdef HAVE_FFDHE_6144
-        case WC_FFDHE_6144:
-            size = 46;
-            break;
-        #endif /* HAVE_FFDHE_6144 */
-        #ifdef HAVE_FFDHE_8192
-        case WC_FFDHE_8192:
-            size = 52;
-            break;
-        #endif /* HAVE_FFDHE_8192 */
-        default:
-            size = 0;
-    }
-
-    return size;
-}
-
-
-/* Returns 1: params match
- *         0: params differ */
-int wc_DhCmpNamedKey(int name, int noQ,
-        const byte* p, word32 pSz,
-        const byte* g, word32 gSz,
-        const byte* q, word32 qSz)
-{
-    const byte* pCmp = NULL;
-    const byte* qCmp = NULL;
-    const byte* gCmp = NULL;
-    word32 pCmpSz = 0, qCmpSz = 0, gCmpSz = 0;
-    int cmp = 0, goodName = 1;
-
-    switch (name) {
-        #ifdef HAVE_FFDHE_2048
-        case WC_FFDHE_2048:
-            pCmp = dh_ffdhe2048_p;
-            pCmpSz = sizeof(dh_ffdhe2048_p);
-            gCmp = dh_ffdhe2048_g;
-            gCmpSz = sizeof(dh_ffdhe2048_g);
-            #ifdef HAVE_FFDHE_Q
-            qCmp = dh_ffdhe2048_q;
-            qCmpSz = sizeof(dh_ffdhe2048_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_2048 */
-        #ifdef HAVE_FFDHE_3072
-        case WC_FFDHE_3072:
-            pCmp = dh_ffdhe3072_p;
-            pCmpSz = sizeof(dh_ffdhe3072_p);
-            gCmp = dh_ffdhe3072_g;
-            gCmpSz = sizeof(dh_ffdhe3072_g);
-            #ifdef HAVE_FFDHE_Q
-            qCmp = dh_ffdhe3072_q;
-            qCmpSz = sizeof(dh_ffdhe3072_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_3072 */
-        #ifdef HAVE_FFDHE_4096
-        case WC_FFDHE_4096:
-            pCmp = dh_ffdhe4096_p;
-            pCmpSz = sizeof(dh_ffdhe4096_p);
-            gCmp = dh_ffdhe4096_g;
-            gCmpSz = sizeof(dh_ffdhe4096_g);
-            #ifdef HAVE_FFDHE_Q
-            qCmp = dh_ffdhe4096_q;
-            qCmpSz = sizeof(dh_ffdhe4096_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_4096 */
-        #ifdef HAVE_FFDHE_6144
-        case WC_FFDHE_6144:
-            pCmp = dh_ffdhe6144_p;
-            pCmpSz = sizeof(dh_ffdhe6144_p);
-            gCmp = dh_ffdhe6144_g;
-            gCmpSz = sizeof(dh_ffdhe6144_g);
-            #ifdef HAVE_FFDHE_Q
-            qCmp = dh_ffdhe6144_q;
-            qCmpSz = sizeof(dh_ffdhe6144_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_6144 */
-        #ifdef HAVE_FFDHE_8192
-        case WC_FFDHE_8192:
-            pCmp = dh_ffdhe8192_p;
-            pCmpSz = sizeof(dh_ffdhe8192_p);
-            gCmp = dh_ffdhe8192_g;
-            gCmpSz = sizeof(dh_ffdhe8192_g);
-            #ifdef HAVE_FFDHE_Q
-            qCmp = dh_ffdhe8192_q;
-            qCmpSz = sizeof(dh_ffdhe8192_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_8192 */
-        default:
-            goodName = 0;
-    }
-
-    if (goodName) {
-        cmp = (pSz == pCmpSz) && (gSz == gCmpSz) &&
-            (noQ || ((qCmp != NULL) && (qSz == qCmpSz) &&
-                     XMEMCMP(q, qCmp, qCmpSz) == 0)) &&
-            (XMEMCMP(p, pCmp, pCmpSz) == 0) &&
-            (XMEMCMP(g, gCmp, gCmpSz) == 0);
-    }
-
-    return cmp;
-}
-
-
-int wc_DhGetNamedKeyParamSize(int name, word32* p, word32* g, word32* q)
-{
-    word32 pSz = 0, gSz = 0, qSz = 0;
-
-    switch (name) {
-        #ifdef HAVE_FFDHE_2048
-        case WC_FFDHE_2048:
-            pSz = sizeof(dh_ffdhe2048_p);
-            gSz = sizeof(dh_ffdhe2048_g);
-            #ifdef HAVE_FFDHE_Q
-            qSz = sizeof(dh_ffdhe2048_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_2048 */
-        #ifdef HAVE_FFDHE_3072
-        case WC_FFDHE_3072:
-            pSz = sizeof(dh_ffdhe3072_p);
-            gSz = sizeof(dh_ffdhe3072_g);
-            #ifdef HAVE_FFDHE_Q
-            qSz = sizeof(dh_ffdhe3072_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_3072 */
-        #ifdef HAVE_FFDHE_4096
-        case WC_FFDHE_4096:
-            pSz = sizeof(dh_ffdhe4096_p);
-            gSz = sizeof(dh_ffdhe4096_g);
-            #ifdef HAVE_FFDHE_Q
-            qSz = sizeof(dh_ffdhe4096_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_4096 */
-        #ifdef HAVE_FFDHE_6144
-        case WC_FFDHE_6144:
-            pSz = sizeof(dh_ffdhe6144_p);
-            gSz = sizeof(dh_ffdhe6144_g);
-            #ifdef HAVE_FFDHE_Q
-            qSz = sizeof(dh_ffdhe6144_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_6144 */
-        #ifdef HAVE_FFDHE_8192
-        case WC_FFDHE_8192:
-            pSz = sizeof(dh_ffdhe8192_p);
-            gSz = sizeof(dh_ffdhe8192_g);
-            #ifdef HAVE_FFDHE_Q
-            qSz = sizeof(dh_ffdhe8192_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_8192 */
-        default:
-            break;
-    }
-
-    if (p != NULL) *p = pSz;
-    if (g != NULL) *g = gSz;
-    if (q != NULL) *q = qSz;
-
-    return 0;
-}
-
-
-int wc_DhCopyNamedKey(int name,
-        byte* p, word32* pSz, byte* g, word32* gSz, byte* q, word32* qSz)
-{
-    const byte* pC = NULL;
-    const byte* gC = NULL;
-    const byte* qC = NULL;
-    word32 pCSz = 0, gCSz = 0, qCSz = 0;
-
-    switch (name) {
-        #ifdef HAVE_FFDHE_2048
-        case WC_FFDHE_2048:
-            pC = dh_ffdhe2048_p;
-            pCSz = sizeof(dh_ffdhe2048_p);
-            gC = dh_ffdhe2048_g;
-            gCSz = sizeof(dh_ffdhe2048_g);
-            #ifdef HAVE_FFDHE_Q
-            qC = dh_ffdhe2048_q;
-            qCSz = sizeof(dh_ffdhe2048_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_2048 */
-        #ifdef HAVE_FFDHE_3072
-        case WC_FFDHE_3072:
-            pC = dh_ffdhe3072_p;
-            pCSz = sizeof(dh_ffdhe3072_p);
-            gC = dh_ffdhe3072_g;
-            gCSz = sizeof(dh_ffdhe3072_g);
-            #ifdef HAVE_FFDHE_Q
-            qC = dh_ffdhe3072_q;
-            qCSz = sizeof(dh_ffdhe3072_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_3072 */
-        #ifdef HAVE_FFDHE_4096
-        case WC_FFDHE_4096:
-            pC = dh_ffdhe4096_p;
-            pCSz = sizeof(dh_ffdhe4096_p);
-            gC = dh_ffdhe4096_g;
-            gCSz = sizeof(dh_ffdhe4096_g);
-            #ifdef HAVE_FFDHE_Q
-            qC = dh_ffdhe4096_q;
-            qCSz = sizeof(dh_ffdhe4096_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_4096 */
-        #ifdef HAVE_FFDHE_6144
-        case WC_FFDHE_6144:
-            pC = dh_ffdhe6144_p;
-            pCSz = sizeof(dh_ffdhe6144_p);
-            gC = dh_ffdhe6144_g;
-            gCSz = sizeof(dh_ffdhe6144_g);
-            #ifdef HAVE_FFDHE_Q
-            qC = dh_ffdhe6144_q;
-            qCSz = sizeof(dh_ffdhe6144_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_6144 */
-        #ifdef HAVE_FFDHE_8192
-        case WC_FFDHE_8192:
-            pC = dh_ffdhe8192_p;
-            pCSz = sizeof(dh_ffdhe8192_p);
-            gC = dh_ffdhe8192_g;
-            gCSz = sizeof(dh_ffdhe8192_g);
-            #ifdef HAVE_FFDHE_Q
-            qC = dh_ffdhe8192_q;
-            qCSz = sizeof(dh_ffdhe8192_q);
-            #endif /* HAVE_FFDHE_Q */
-            break;
-        #endif /* HAVE_FFDHE_8192 */
-        default:
-            break;
-    }
-
-    if (p != NULL && pC != NULL)
-        XMEMCPY(p, pC, pCSz);
-    if (pSz != NULL)
-        *pSz = pCSz;
-    if (g != NULL && gC != NULL)
-        XMEMCPY(g, gC, gCSz);
-    if (gSz != NULL)
-        *gSz = gCSz;
-    if (q != NULL && qC != NULL)
-        XMEMCPY(q, qC, qCSz);
-    if (qSz != NULL)
-        *qSz = qCSz;
-
-    return 0;
-}
-
-
-#ifdef WOLFSSL_KEY_GEN
-
-/* modulus_size in bits */
-int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
-{
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int *tmp = NULL, *tmp2 = NULL;
-#else
-    mp_int tmp[1], tmp2[2];
-#endif
-    word32  groupSz = 0, bufSz = 0,
-            primeCheckCount = 0;
-    int     primeCheck = MP_NO,
-            ret = 0;
-#ifdef WOLFSSL_NO_MALLOC
-    unsigned char buf[DH_MAX_SIZE / WOLFSSL_BIT_SIZE];
-#else
-    unsigned char *buf = NULL;
-#endif
-
-#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_NO_MALLOC)
-    XMEMSET(tmp, 0, sizeof(tmp));
-    XMEMSET(tmp2, 0, sizeof(tmp2));
-#endif
-
-    if (rng == NULL || dh == NULL)
-        ret = BAD_FUNC_ARG;
-
-    /* set group size in bytes from modulus size
-     * FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
-     */
-    if (ret == 0) {
-        switch (modSz) {
-            case 1024:
-                groupSz = 20;
-                break;
-            case 2048:
-            case 3072:
-                groupSz = 32;
-                break;
-            default:
-        #if !defined(HAVE_FIPS) && defined(WOLFSSL_NO_DH186)
-                /* in non fips mode attempt to match strength of group size with
-                 * mod size */
-                if (modSz < 2048)
-                    groupSz = 20;
-                else
-                    groupSz = 32;
-        #else
-                ret = BAD_FUNC_ARG;
-        #endif
-                break;
-        }
-    }
-
-    if (ret == 0) {
-        /* modulus size in bytes */
-        modSz /= WOLFSSL_BIT_SIZE;
-
-        if ((word32)modSz < groupSz) {
-            WOLFSSL_MSG("DH modSz was too small");
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        bufSz = (word32)modSz - groupSz;
-
-#ifdef WOLFSSL_NO_MALLOC
-        if (bufSz > sizeof(buf))
-            ret = MEMORY_E;
-#else
-        /* allocate ram */
-        buf = (unsigned char *)XMALLOC(bufSz,
-                                       dh->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (buf == NULL)
-            ret = MEMORY_E;
-#endif
-    }
-
-    /* make a random string that will be multiplied against q */
-    if (ret == 0)
-        ret = wc_RNG_GenerateBlock(rng, buf, bufSz);
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    if (ret == 0) {
-        if ((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL,
-                DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(tmp, 0, sizeof(*tmp));
-        }
-    }
-    if (ret == 0) {
-        if ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL,
-                DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(tmp2, 0, sizeof(*tmp2));
-        }
-    }
-#endif
-
-    SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-    if (ret == 0) {
-        /* force magnitude */
-        buf[0] |= 0xC0;
-        /* force even */
-        buf[bufSz - 1] &= 0xfe;
-
-        if (mp_init_multi(tmp, tmp2, &dh->p, &dh->q, &dh->g, 0)
-                != MP_OKAY) {
-            ret = MP_INIT_E;
-        }
-    }
-
-    if (ret == 0) {
-        if (mp_read_unsigned_bin(tmp2, buf, bufSz) != MP_OKAY)
-            ret = MP_READ_E;
-    }
-
-    /* make our prime q */
-    if (ret == 0) {
-        if (mp_rand_prime(&dh->q, (int)groupSz, rng, NULL) != MP_OKAY)
-            ret = PRIME_GEN_E;
-    }
-
-    /* p = random * q */
-    if (ret == 0) {
-        if (mp_mul(&dh->q, tmp2, &dh->p) != MP_OKAY)
-            ret = MP_MUL_E;
-    }
-
-    /* p = random * q + 1, so q is a prime divisor of p-1 */
-    if (ret == 0) {
-        if (mp_add_d(&dh->p, 1, &dh->p) != MP_OKAY)
-            ret = MP_ADD_E;
-    }
-
-    /* tmp = 2q  */
-    if (ret == 0) {
-        if (mp_add(&dh->q, &dh->q, tmp) != MP_OKAY)
-            ret = MP_ADD_E;
-    }
-
-    /* loop until p is prime */
-    if (ret == 0) {
-        for (;;) {
-            if (mp_prime_is_prime_ex(&dh->p, 8, &primeCheck, rng) != MP_OKAY)
-                ret = PRIME_GEN_E;
-
-            if (primeCheck != MP_YES) {
-                /* p += 2q */
-                if (mp_add(tmp, &dh->p, &dh->p) != MP_OKAY)
-                    ret = MP_ADD_E;
-                else
-                    primeCheckCount++;
-            }
-
-            if (ret != 0 || primeCheck == MP_YES)
-                break;
-
-            /* linuxkm: release the kernel for a moment before iterating. */
-            RESTORE_VECTOR_REGISTERS();
-            SAVE_VECTOR_REGISTERS(ret = _svr_ret; break;);
-        };
-    }
-
-    /* tmp2 += (2*loop_check_prime)
-     * to have p = (q * tmp2) + 1 prime
-     */
-    if ((ret == 0) && (primeCheckCount)) {
-        if (mp_add_d(tmp2, 2 * primeCheckCount, tmp2) != MP_OKAY)
-            ret = MP_ADD_E;
-    }
-
-    /* find a value g for which g^tmp2 != 1 */
-    if ((ret == 0) && (mp_set(&dh->g, 1) != MP_OKAY))
-        ret = MP_ZERO_E;
-
-    if (ret == 0) {
-        do {
-            if (mp_add_d(&dh->g, 1, &dh->g) != MP_OKAY)
-                ret = MP_ADD_E;
-            else if (mp_exptmod(&dh->g, tmp2, &dh->p, tmp) != MP_OKAY)
-                ret = MP_EXPTMOD_E;
-        } while (ret == 0 && mp_cmp_d(tmp, 1) == MP_EQ);
-    }
-
-    if (ret == 0) {
-        /* at this point tmp generates a group of order q mod p */
-#ifndef USE_FAST_MATH
-        /* Exchanging is quick when the data pointer can be copied. */
-        mp_exch(tmp, &dh->g);
-#else
-        mp_copy(tmp, &dh->g);
-#endif
-    }
-
-    /* clear the parameters if there was an error */
-    if ((ret != 0) && (dh != NULL)) {
-        mp_clear(&dh->q);
-        mp_clear(&dh->p);
-        mp_clear(&dh->g);
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-#ifndef WOLFSSL_NO_MALLOC
-    if (buf != NULL)
-#endif
-    {
-        ForceZero(buf, bufSz);
-#ifndef WOLFSSL_NO_MALLOC
-        if (dh != NULL) {
-            XFREE(buf, dh->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-#endif
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    if (tmp != NULL) {
-        mp_clear(tmp);
-        XFREE(tmp, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-    if (tmp2 != NULL) {
-        mp_clear(tmp2);
-        XFREE(tmp2, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-#else
-    mp_clear(tmp);
-    mp_clear(tmp2);
-#endif
-
-    return ret;
-}
-
-#endif /* WOLFSSL_KEY_GEN */
-
-/* Export raw DH parameters from DhKey structure
- *
- * dh   - pointer to initialized DhKey structure
- * p    - output location for DH (p) parameter
- * pSz  - [IN/OUT] size of output buffer for p, size of p
- * q    - output location for DH (q) parameter
- * qSz  - [IN/OUT] size of output buffer for q, size of q
- * g    - output location for DH (g) parameter
- * gSz  - [IN/OUT] size of output buffer for g, size of g
- *
- * If p, q, and g pointers are all passed in as NULL, the function
- * will set pSz, qSz, and gSz to the required output buffer sizes for p,
- * q, and g. In this case, the function will return LENGTH_ONLY_E.
- *
- * returns 0 on success, negative upon failure
- */
-int wc_DhExportParamsRaw(DhKey* dh, byte* p, word32* pSz,
-                         byte* q, word32* qSz, byte* g, word32* gSz)
-{
-    int ret = 0;
-    word32 pLen = 0, qLen = 0, gLen = 0;
-
-    if (dh == NULL || pSz == NULL || qSz == NULL || gSz == NULL)
-        ret = BAD_FUNC_ARG;
-
-    /* get required output buffer sizes */
-    if (ret == 0) {
-        pLen = (word32)mp_unsigned_bin_size(&dh->p);
-        qLen = (word32)mp_unsigned_bin_size(&dh->q);
-        gLen = (word32)mp_unsigned_bin_size(&dh->g);
-
-        /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */
-        if (p == NULL && q == NULL && g == NULL) {
-            *pSz = pLen;
-            *qSz = qLen;
-            *gSz = gLen;
-            ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-    }
-
-    if (ret == 0) {
-        if (p == NULL || q == NULL || g == NULL)
-            ret = BAD_FUNC_ARG;
-    }
-
-    /* export p */
-    if (ret == 0) {
-        if (*pSz < pLen) {
-            WOLFSSL_MSG("Output buffer for DH p parameter too small, "
-                        "required size placed into pSz");
-            *pSz = pLen;
-            ret = BUFFER_E;
-        }
-    }
-
-    if (ret == 0) {
-        *pSz = pLen;
-        if (mp_to_unsigned_bin(&dh->p, p) != MP_OKAY)
-            ret = MP_TO_E;
-    }
-
-    /* export q */
-    if (ret == 0) {
-        if (*qSz < qLen) {
-            WOLFSSL_MSG("Output buffer for DH q parameter too small, "
-                        "required size placed into qSz");
-            *qSz = qLen;
-            ret = BUFFER_E;
-        }
-    }
-
-    if (ret == 0) {
-        *qSz = qLen;
-        if (mp_to_unsigned_bin(&dh->q, q) != MP_OKAY)
-            ret = MP_TO_E;
-    }
-
-    /* export g */
-    if (ret == 0) {
-        if (*gSz < gLen) {
-            WOLFSSL_MSG("Output buffer for DH g parameter too small, "
-                        "required size placed into gSz");
-            *gSz = gLen;
-            ret = BUFFER_E;
-        }
-    }
-
-    if (ret == 0) {
-        *gSz = gLen;
-        if (mp_to_unsigned_bin(&dh->g, g) != MP_OKAY)
-            ret = MP_TO_E;
-    }
-
-    return ret;
-}
-
-#endif /* NO_DH */
diff --git a/src/ssl/wolfssl/wolfcrypt/dilithium.c b/src/ssl/wolfssl/wolfcrypt/dilithium.c
deleted file mode 100644
index 994c70c21..000000000
--- a/src/ssl/wolfssl/wolfcrypt/dilithium.c
+++ /dev/null
@@ -1,12505 +0,0 @@
-/* dilithium.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Based on ed448.c and Reworked for Dilithium by Anthony Hu.
- * WolfSSL implementation by Sean Parkinson.
- */
-
-/* Possible Dilithium/ML-DSA options:
- *
- * HAVE_DILITHIUM                                             Default: OFF
- *   Enables the code in this file to be compiled.
- * WOLFSSL_WC_DILITHIUM                                       Default: OFF
- *   Compiles the wolfSSL implementation of dilithium.
- *
- * WOLFSSL_NO_ML_DSA_44                                       Default: OFF
- *   Does not compile in parameter set ML-DSA-44 and any code specific to that
- *   parameter set.
- * WOLFSSL_NO_ML_DSA_65                                       Default: OFF
- *   Does not compile in parameter set ML-DSA-65 and any code specific to that
- *   parameter set.
- * WOLFSSL_NO_ML_DSA_87                                       Default: OFF
- *   Does not compile in parameter set ML-DSA-87 and any code specific to that
- *   parameter set.
- *
- * WOLFSSL_DILITHIUM_NO_LARGE_CODE                            Default: OFF
- *   Compiles smaller, fast code with speed trade-off.
- * WOLFSSL_DILITHIUM_SMALL                                    Default: OFF
- *   Compiles to small code size with a speed trade-off.
- * WOLFSSL_DILITHIUM_VERIFY_ONLY                              Default: OFF
- *   Compiles in only the verification and public key operations.
- * WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM                         Default: OFF
- *   Compiles verification implementation that uses smaller amounts of memory.
- * WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC                         Default: OFF
- *   Only works with WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM.
- *   Don't allocate memory with XMALLOC. Memory is pinned against key.
- * WOLFSSL_DILITHIUM_ASSIGN_KEY                               Default: OFF
- *   Key data is assigned into Dilithium key rather than copied.
- *   Life of key data passed in is tightly coupled to life of Dilithium key.
- *   Cannot be used when make key is enabled.
- * WOLFSSL_DILITHIUM_SIGN_SMALL_MEM                           Default: OFF
- *   Compiles signature implementation that uses smaller amounts of memory but
- *   is considerably slower.
- * WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC                   Default: OFF
- *   Compiles signature implementation that uses smaller amounts of memory but
- *   is considerably slower. Allocates vectors and decodes private key data
- *   into them upfront.
- * WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A                 Default: OFF
- *   Compiles signature implementation that uses smaller amounts of memory but
- *   is slower. Allocates matrix A and calculates it upfront.
- * WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM                       Default: OFF
- *   Compiles key generation implementation that uses smaller amounts of memory
- *   but is slower.
- * WOLFSSL_DILITHIUM_SMALL_MEM_POLY64                         Default: OFF
- *   Compiles the small memory implementations to use a 64-bit polynomial.
- *   Uses 2KB of memory but is slightly quicker (2.75-7%).
- *
- * WOLFSSL_DILITHIUM_ALIGNMENT                                Default: 8
- *   Use to indicate whether loading and storing of words needs to be aligned.
- *   Default is to use WOLFSSL_GENERAL_ALIGNMENT - should be 4 on some ARM CPUs.
- *   Set this value explicitly if specific Dilithium implementation alignment is
- *   needed.
- *
- * WOLFSSL_DILITHIUM_NO_ASN1                                  Default: OFF
- *   Disables any ASN.1 encoding or decoding code.
- * WOLFSSL_DILITHIUM_REVERSE_HASH_OID                         Default: OFF
- *   Reverse the DER encoded hash oid when signing and verifying a pre-hashed
- *   message.
- *
- * WC_DILITHIUM_CACHE_MATRIX_A                                Default: OFF
- *   Enable caching of the A matrix on import.
- *   Less work is required in sign and verify operations.
- * WC_DILITHIUM_CACHE_PRIV_VECTORS                            Default: OFF
- *   Enable caching of private key vectors on import.
- *   Enables WC_DILITHIUM_CACHE_MATRIX_A.
- *   Less work is required in sign operations.
- * WC_DILITHIUM_CACHE_PUB_VECTORS                             Default: OFF
- *   Enable caching of public key vectors on import.
- *   Enables WC_DILITHIUM_CACHE_MATRIX_A.
- *   Less work is required in sign operations.
- * WC_DILITHIUM_FIXED_ARRAY                                   Default: OFF
- *   Make the matrix and vectors of cached data fixed arrays that have
- *   maximumal sizes for the configured parameters.
- *   Useful in low dynamic memory situations.
- *
- * WOLFSSL_DILITHIUM_SIGN_CHECK_Y                             Default: OFF
- *   Check vector y is in required range as an early check on valid vector z.
- *   Falsely reports invalid in approximately 1-2% of checks.
- *   All valid reports are true.
- *   Fast fail gives faster signing times on average.
- *   DO NOT enable this if implementation must be conformant to FIPS 204.
- * WOLFSSL_DILITHIUM_SIGN_CHECK_W0                            Default: OFF
- *   Check vector w0 is in required range as an early check on valid vector r0.
- *   Falsely reports invalid in approximately 3-5% of checks.
- *   All valid reports are true.
- *   Fast fail gives faster signing times on average.
- *   DO NOT enable this if implementation must be conformant to FIPS 204.
- *
- * DILITHIUM_MUL_SLOW                                         Default: OFF
- *   Define when multiplying by Q / 44 is slower than masking.
- *   Only applies to ML-DSA-44.
- * DILITHIUM_MUL_44_SLOW                                      Default: OFF
- *   Define when multiplying by 44 is slower than by 11.
- *   Only applies to ML-DSA-44.
- * DILITHIUM_MUL_11_SLOW                                      Default: OFF
- *   Define when multiplying by 11 is slower than adding and shifting.
- *   Only applies to ML-DSA-44.
- * DILITHIUM_MUL_QINV_SLOW                                    Default: OFF
- *   Define when multiplying by QINV 0x3802001 is slower than add, subtract and
- *   shift equivalent.
- * DILITHIUM_MUL_Q_SLOW                                       Default: OFF
- *   Define when multiplying by Q 0x7fe001 is slower than add, subtract and
- *   shift equivalent.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-#include <wolfssl/wolfcrypt/asn.h>
-#endif
-
-#if defined(HAVE_DILITHIUM)
-
-#ifdef HAVE_LIBOQS
-#include <oqs/oqs.h>
-#endif
-
-#include <wolfssl/wolfcrypt/dilithium.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#include <wolfssl/wolfcrypt/sha3.h>
-#include <wolfssl/wolfcrypt/cpuid.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC) && \
-        !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM)
-    #define WOLFSSL_DILITHIUM_SIGN_SMALL_MEM
-#endif
-#if defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A) && \
-        !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM)
-    #define WOLFSSL_DILITHIUM_SIGN_SMALL_MEM
-    #ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-        #error "PRECALC and PRECALC_A are equivalent to non small mem"
-    #endif
-#endif
-
-#ifdef WOLFSSL_WC_DILITHIUM
-
-#if defined(USE_INTEL_SPEEDUP)
-static cpuid_flags_t cpuid_flags = WC_CPUID_INITIALIZER;
-#endif
-
-#ifdef DEBUG_DILITHIUM
-void print_polys(const char* name, const sword32* a, int d1, int d2);
-void print_polys(const char* name, const sword32* a, int d1, int d2)
-{
-    int i;
-    int j;
-    int k;
-
-    fprintf(stderr, "%s: %d %d\n", name, d1, d2);
-    for (i = 0; i < d1; i++) {
-        for (j = 0; j < d2; j++) {
-            for (k = 0; k < 256; k++) {
-                fprintf(stderr, "%9d,", a[(i*d2*256) + (j*256) + k]);
-                if ((k % 8) == 7) fprintf(stderr, "\n");
-            }
-            fprintf(stderr, "\n");
-        }
-    }
-}
-#endif
-
-#ifdef DEBUG_DILITHIUM
-void print_data(const char* name, const byte* d, int len);
-void print_data(const char* name, const byte* d, int len)
-{
-    int i;
-
-    fprintf(stderr, "%s\n", name);
-    for (i = 0; i < len; i++) {
-        fprintf(stderr, "0x%02x,", d[i]);
-        if ((i % 16) == 15) fprintf(stderr, "\n");
-    }
-    fprintf(stderr, "\n");
-}
-#endif
-
-#if defined(WOLFSSL_NO_ML_DSA_44) && defined(WOLFSSL_NO_ML_DSA_65) && \
-    defined(WOLFSSL_NO_ML_DSA_87)
-    #error "No Dilithium parameters chosen"
-#endif
-
-#if defined(WOLFSSL_DILITHIUM_ASSIGN_KEY) && \
-    !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY)
-    #error "Cannot use assign key when making keys"
-#endif
-
-
-/* Number of bytes from first block to use for sign. */
-#define DILITHIUM_SIGN_BYTES            8
-
-
-/* Length of seed in bytes when generating y. */
-#define DILITHIUM_Y_SEED_SZ             (DILITHIUM_PRIV_RAND_SEED_SZ + 2)
-
-
-/* Length of seed in bytes used in generating matrix a. */
-#define DILITHIUM_GEN_A_SEED_SZ         (DILITHIUM_PUB_SEED_SZ + 2)
-/* Length of seed in bytes used in generating vectors s1 and s2. */
-#define DILITHIUM_GEN_S_SEED_SZ         (DILITHIUM_PRIV_SEED_SZ + 2)
-
-
-/* MAX: (256 * 8 / (17 + 1)) = 576, or ((256 * 8 / (19 + 1)) = 640
- * but need blocks of 17 * 8 bytes: 5 * 17 * 8 = 680 */
-#define DILITHIUM_MAX_V_BLOCKS          5
-/* Maximum number of bytes to generate into v to make y. */
-#define DILITHIUM_MAX_V                 (DILITHIUM_MAX_V_BLOCKS * 8 * 17)
-
-
-/* 2 blocks, each block 136 bytes = 272 bytes.
- * ETA 2: Min req is 128 but reject rate is 2 in 16 so we need 146.3 on average.
- * ETA 4: Min req is 128 but reject rate is 7 in 16 so we need 227.6 on average.
- */
-#define DILITHIUM_GEN_S_NBLOCKS         2
-/* Number of bytes to a block of SHAKE-256 when generating s1 and s2. */
-#define DILITHIUM_GEN_S_BLOCK_BYTES    (WC_SHA3_256_COUNT * 8)
-/* Number of bytes to generate with SHAKE-256 when generating s1 and s2. */
-#define DILITHIUM_GEN_S_BYTES           \
-    (DILITHIUM_GEN_S_NBLOCKS * DILITHIUM_GEN_S_BLOCK_BYTES)
-
-/* Length of the hash OID to include in pre-hash message. */
-#define DILITHIUM_HASH_OID_LEN         11
-
-
-/* The ML-DSA parameters sets. */
-static const wc_dilithium_params dilithium_params[] = {
-#ifndef WOLFSSL_NO_ML_DSA_44
-    { WC_ML_DSA_44, PARAMS_ML_DSA_44_K, PARAMS_ML_DSA_44_L,
-      PARAMS_ML_DSA_44_ETA, PARAMS_ML_DSA_44_ETA_BITS,
-      PARAMS_ML_DSA_44_TAU, PARAMS_ML_DSA_44_BETA, PARAMS_ML_DSA_44_OMEGA,
-      PARAMS_ML_DSA_44_LAMBDA,
-      PARAMS_ML_DSA_44_GAMMA1_BITS, PARAMS_ML_DSA_44_GAMMA2,
-      PARAMS_ML_DSA_44_W1_ENC_SZ, PARAMS_ML_DSA_44_A_SIZE,
-      PARAMS_ML_DSA_44_S1_SIZE, PARAMS_ML_DSA_44_S1_ENC_SIZE,
-      PARAMS_ML_DSA_44_S2_SIZE, PARAMS_ML_DSA_44_S2_ENC_SIZE,
-      PARAMS_ML_DSA_44_Z_ENC_SIZE,
-      PARAMS_ML_DSA_44_PK_SIZE, PARAMS_ML_DSA_44_SIG_SIZE },
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-    { WC_ML_DSA_65, PARAMS_ML_DSA_65_K, PARAMS_ML_DSA_65_L,
-      PARAMS_ML_DSA_65_ETA, PARAMS_ML_DSA_65_ETA_BITS,
-      PARAMS_ML_DSA_65_TAU, PARAMS_ML_DSA_65_BETA, PARAMS_ML_DSA_65_OMEGA,
-      PARAMS_ML_DSA_65_LAMBDA,
-      PARAMS_ML_DSA_65_GAMMA1_BITS, PARAMS_ML_DSA_65_GAMMA2,
-      PARAMS_ML_DSA_65_W1_ENC_SZ, PARAMS_ML_DSA_65_A_SIZE,
-      PARAMS_ML_DSA_65_S1_SIZE, PARAMS_ML_DSA_65_S1_ENC_SIZE,
-      PARAMS_ML_DSA_65_S2_SIZE, PARAMS_ML_DSA_65_S2_ENC_SIZE,
-      PARAMS_ML_DSA_65_Z_ENC_SIZE,
-      PARAMS_ML_DSA_65_PK_SIZE, PARAMS_ML_DSA_65_SIG_SIZE },
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_87
-    { WC_ML_DSA_87, PARAMS_ML_DSA_87_K, PARAMS_ML_DSA_87_L,
-      PARAMS_ML_DSA_87_ETA, PARAMS_ML_DSA_87_ETA_BITS,
-      PARAMS_ML_DSA_87_TAU, PARAMS_ML_DSA_87_BETA, PARAMS_ML_DSA_87_OMEGA,
-      PARAMS_ML_DSA_87_LAMBDA,
-      PARAMS_ML_DSA_87_GAMMA1_BITS, PARAMS_ML_DSA_87_GAMMA2,
-      PARAMS_ML_DSA_87_W1_ENC_SZ, PARAMS_ML_DSA_87_A_SIZE,
-      PARAMS_ML_DSA_87_S1_SIZE, PARAMS_ML_DSA_87_S1_ENC_SIZE,
-      PARAMS_ML_DSA_87_S2_SIZE, PARAMS_ML_DSA_87_S2_ENC_SIZE,
-      PARAMS_ML_DSA_87_Z_ENC_SIZE,
-      PARAMS_ML_DSA_87_PK_SIZE, PARAMS_ML_DSA_87_SIG_SIZE },
-#endif
-#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-#ifndef WOLFSSL_NO_ML_DSA_44
-    { WC_ML_DSA_44_DRAFT, PARAMS_ML_DSA_44_K, PARAMS_ML_DSA_44_L,
-      PARAMS_ML_DSA_44_ETA, PARAMS_ML_DSA_44_ETA_BITS,
-      PARAMS_ML_DSA_44_TAU, PARAMS_ML_DSA_44_BETA, PARAMS_ML_DSA_44_OMEGA,
-      PARAMS_ML_DSA_44_LAMBDA,
-      PARAMS_ML_DSA_44_GAMMA1_BITS, PARAMS_ML_DSA_44_GAMMA2,
-      PARAMS_ML_DSA_44_W1_ENC_SZ, PARAMS_ML_DSA_44_A_SIZE,
-      PARAMS_ML_DSA_44_S1_SIZE, PARAMS_ML_DSA_44_S1_ENC_SIZE,
-      PARAMS_ML_DSA_44_S2_SIZE, PARAMS_ML_DSA_44_S2_ENC_SIZE,
-      PARAMS_ML_DSA_44_Z_ENC_SIZE,
-      PARAMS_ML_DSA_44_PK_SIZE, PARAMS_ML_DSA_44_SIG_SIZE },
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-    { WC_ML_DSA_65_DRAFT, PARAMS_ML_DSA_65_K, PARAMS_ML_DSA_65_L,
-      PARAMS_ML_DSA_65_ETA, PARAMS_ML_DSA_65_ETA_BITS,
-      PARAMS_ML_DSA_65_TAU, PARAMS_ML_DSA_65_BETA, PARAMS_ML_DSA_65_OMEGA,
-      PARAMS_ML_DSA_65_LAMBDA,
-      PARAMS_ML_DSA_65_GAMMA1_BITS, PARAMS_ML_DSA_65_GAMMA2,
-      PARAMS_ML_DSA_65_W1_ENC_SZ, PARAMS_ML_DSA_65_A_SIZE,
-      PARAMS_ML_DSA_65_S1_SIZE, PARAMS_ML_DSA_65_S1_ENC_SIZE,
-      PARAMS_ML_DSA_65_S2_SIZE, PARAMS_ML_DSA_65_S2_ENC_SIZE,
-      PARAMS_ML_DSA_65_Z_ENC_SIZE,
-      PARAMS_ML_DSA_65_PK_SIZE, PARAMS_ML_DSA_65_SIG_SIZE },
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_87
-    { WC_ML_DSA_87_DRAFT, PARAMS_ML_DSA_87_K, PARAMS_ML_DSA_87_L,
-      PARAMS_ML_DSA_87_ETA, PARAMS_ML_DSA_87_ETA_BITS,
-      PARAMS_ML_DSA_87_TAU, PARAMS_ML_DSA_87_BETA, PARAMS_ML_DSA_87_OMEGA,
-      PARAMS_ML_DSA_87_LAMBDA,
-      PARAMS_ML_DSA_87_GAMMA1_BITS, PARAMS_ML_DSA_87_GAMMA2,
-      PARAMS_ML_DSA_87_W1_ENC_SZ, PARAMS_ML_DSA_87_A_SIZE,
-      PARAMS_ML_DSA_87_S1_SIZE, PARAMS_ML_DSA_87_S1_ENC_SIZE,
-      PARAMS_ML_DSA_87_S2_SIZE, PARAMS_ML_DSA_87_S2_ENC_SIZE,
-      PARAMS_ML_DSA_87_Z_ENC_SIZE,
-      PARAMS_ML_DSA_87_PK_SIZE, PARAMS_ML_DSA_87_SIG_SIZE },
-#endif
-#endif
-};
-/* Number of ML-DSA parameter sets compiled in. */
-#define DILITHIUM_PARAMS_CNT \
-    ((unsigned int)(sizeof(dilithium_params) / sizeof(wc_dilithium_params)))
-
-/* Get the ML-DSA parameters that match the level.
- *
- * @param [in]  level   Level required.
- * @param [out] params  Parameter set.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN when parameters at level are not compiled in.
- */
-static int dilithium_get_params(int level, const wc_dilithium_params** params)
-{
-    unsigned int i;
-    int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-    for (i = 0; i < DILITHIUM_PARAMS_CNT; i++) {
-        if (dilithium_params[i].level == level) {
-            *params = &dilithium_params[i];
-            ret = 0;
-        }
-    }
-
-    return ret;
-}
-
-/******************************************************************************
- * Hash operations
- ******************************************************************************/
-
-/* 256-bit hash using SHAKE-256.
- *
- * FIPS 204. 8.3: H(v,d) <- SHAKE256(v,d)
- *
- * @param [in, out] shake256  SHAKE-256 object.
- * @param [in]      data      Buffer holding data to hash.
- * @param [in]      dataLen   Length of data to hash in bytes.
- * @param [out]     hash      Buffer to hold hash result.
- * @param [in]      hashLen   Number of bytes of hash to return.
- * @return  0 on success.
- * @return  Negative on error.
- */
-static int dilithium_shake256(wc_Shake* shake256, const byte* data,
-    word32 dataLen, byte* hash, word32 hashLen)
-{
-    int ret;
-#ifdef USE_INTEL_SPEEDUP
-    word64* state = shake256->s;
-    word8 *state8 = (word8*)state;
-
-    if (dataLen >= WC_SHA3_256_COUNT * 8) {
-        XMEMCPY(state, data,  WC_SHA3_256_COUNT * 8);
-        XMEMSET(state + WC_SHA3_256_COUNT, 0,
-            sizeof(shake256->s) - WC_SHA3_256_COUNT * 8);
-        dataLen -= WC_SHA3_256_COUNT * 8;
-        data    += WC_SHA3_256_COUNT * 8;
-#ifndef WC_SHA3_NO_ASM
-        if (IS_INTEL_AVX2(cpuid_flags) &&
-                 (SAVE_VECTOR_REGISTERS2() == 0)) {
-            sha3_block_avx2(state);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else if (IS_INTEL_BMI2(cpuid_flags)) {
-            sha3_block_bmi2(state);
-        }
-        else
-#endif
-        {
-            BlockSha3(state);
-        }
-        if (dataLen >= WC_SHA3_256_COUNT * 8) {
-#ifndef WC_SHA3_NO_ASM
-            word32 n = dataLen / (WC_SHA3_256_COUNT * 8);
-            if (IS_INTEL_AVX2(cpuid_flags) &&
-                     (SAVE_VECTOR_REGISTERS2() == 0)) {
-                sha3_block_n_avx2(state, data, n, WC_SHA3_256_COUNT * 8);
-                RESTORE_VECTOR_REGISTERS();
-                n *= WC_SHA3_256_COUNT * 8;
-                dataLen -= n;
-                data    += n;
-            }
-            else if (IS_INTEL_BMI2(cpuid_flags)) {
-                sha3_block_n_bmi2(state, data, n, WC_SHA3_256_COUNT * 8);
-                n *= WC_SHA3_256_COUNT * 8;
-                dataLen -= n;
-                data    += n;
-            }
-            else
-#endif
-            {
-                while (dataLen >= WC_SHA3_256_COUNT * 8) {
-                    xorbuf(state, data, WC_SHA3_256_COUNT * 8);
-                    dataLen -= WC_SHA3_256_COUNT * 8;
-                    data    += WC_SHA3_256_COUNT * 8;
-                    BlockSha3(state);
-                }
-            }
-        }
-        if (dataLen > 0) {
-            xorbuf(state, data, dataLen);
-        }
-        state8[dataLen] ^= 0x1f;
-        state8[WC_SHA3_256_COUNT * 8 - 1] ^= 0x80;
-    }
-    else {
-        XMEMCPY(state, data, dataLen);
-        state8[dataLen] = 0x1f;
-        XMEMSET(state8 + dataLen + 1, 0, sizeof(shake256->s) - (dataLen + 1));
-        state8[WC_SHA3_256_COUNT * 8 - 1] ^= 0x80;
-    }
-
-#ifndef WC_SHA3_NO_ASM
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        sha3_block_avx2(state);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else if (IS_INTEL_BMI2(cpuid_flags)) {
-        sha3_block_bmi2(state);
-    }
-    else
-#endif
-    {
-        BlockSha3(state);
-    }
-    if (hash != (byte*)shake256->s) {
-        XMEMCPY(hash, shake256->s, hashLen);
-    }
-    ret = 0;
-#else
-    /* Initialize SHAKE-256 operation. */
-    ret = wc_InitShake256(shake256, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Update with data. */
-        ret = wc_Shake256_Update(shake256, data, dataLen);
-    }
-    if (ret == 0) {
-        /* Compute hash of data. */
-        ret = wc_Shake256_Final(shake256, hash, hashLen);
-    }
-#endif
-
-    return ret;
-}
-
-/* 256-bit hash using SHAKE-256.
- *
- * This is the domain-separated version of the hash.
- * See FIPS 204. D.3.
- *
- * FIPS 204. 8.3: H(v,d) <- SHAKE256(v,d)
- *
- * @param [in, out] shake256  SHAKE-256 object.
- * @param [in]      data1     First block of data to hash.
- * @param [in]      data1Len  Length of first block in bytes.
- * @param [in]      data2     Second block of data to hash.
- * @param [in]      data2Len  Length of second block in bytes.
- * @param [out]     hash      Buffer to hold hash result.
- * @param [in]      hashLen   Number of bytes of hash to return.
- * @return  0 on success.
- * @return  Negative on error.
- */
-static int dilithium_hash256(wc_Shake* shake256, const byte* data1,
-    word32 data1Len, const byte* data2, word32 data2Len, byte* hash,
-    word32 hashLen)
-{
-    int ret;
-
-#ifdef USE_INTEL_SPEEDUP
-    word64* state = shake256->s;
-    word8 *state8 = (word8*)state;
-
-    if (data1Len + data2Len >= WC_SHA3_256_COUNT * 8) {
-        XMEMCPY(state8, data1, data1Len);
-        XMEMCPY(state8 + data1Len, data2,  WC_SHA3_256_COUNT * 8 - data1Len);
-        XMEMSET(state + WC_SHA3_256_COUNT, 0,
-            sizeof(shake256->s) - WC_SHA3_256_COUNT * 8);
-        data2Len -= WC_SHA3_256_COUNT * 8 - data1Len;
-        data2    += WC_SHA3_256_COUNT * 8 - data1Len;
-#ifndef WC_SHA3_NO_ASM
-        if (IS_INTEL_AVX2(cpuid_flags) &&
-                 (SAVE_VECTOR_REGISTERS2() == 0)) {
-            sha3_block_avx2(state);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else if (IS_INTEL_BMI2(cpuid_flags)) {
-            sha3_block_bmi2(state);
-        }
-        else
-#endif
-        {
-            BlockSha3(state);
-        }
-
-        if (data2Len >= WC_SHA3_256_COUNT * 8) {
-#ifndef WC_SHA3_NO_ASM
-            word32 n = data2Len / (WC_SHA3_256_COUNT * 8);
-            if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-                sha3_block_n_avx2(state, data2, n, WC_SHA3_256_COUNT * 8);
-                RESTORE_VECTOR_REGISTERS();
-                n *= WC_SHA3_256_COUNT * 8;
-                data2Len -= n;
-                data2    += n;
-            }
-            else if (IS_INTEL_BMI2(cpuid_flags)) {
-                sha3_block_n_bmi2(state, data2, n, WC_SHA3_256_COUNT * 8);
-                n *= WC_SHA3_256_COUNT * 8;
-                data2Len -= n;
-                data2    += n;
-            }
-            else
-#endif
-            {
-                while (data2Len >= WC_SHA3_256_COUNT * 8) {
-                    xorbuf(state, data2, WC_SHA3_256_COUNT * 8);
-                    data2Len -= WC_SHA3_256_COUNT * 8;
-                    data2    += WC_SHA3_256_COUNT * 8;
-                    BlockSha3(state);
-                }
-            }
-        }
-
-        if (data2Len > 0) {
-            xorbuf(state, data2, data2Len);
-        }
-        state8[data2Len] ^= 0x1f;
-        state8[WC_SHA3_256_COUNT * 8 - 1] ^= 0x80;
-    }
-    else {
-        word32 dataLen = data1Len + data2Len;
-
-        XMEMCPY(state8, data1, data1Len);
-        XMEMCPY(state8 + data1Len, data2, data2Len);
-        state8[dataLen] = 0x1f;
-        XMEMSET(state8 + dataLen + 1, 0, sizeof(shake256->s) - (dataLen + 1));
-        state8[WC_SHA3_256_COUNT * 8 - 1] = 0x80;
-    }
-
-#ifndef WC_SHA3_NO_ASM
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        sha3_block_avx2(state);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else if (IS_INTEL_BMI2(cpuid_flags)) {
-        sha3_block_bmi2(state);
-    }
-    else
-#endif
-    {
-        BlockSha3(state);
-    }
-    XMEMCPY(hash, shake256->s, hashLen);
-    ret = 0;
-#else
-    /* Initialize SHAKE-256 operation. */
-    ret = wc_InitShake256(shake256, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Update with first data. */
-        ret = wc_Shake256_Update(shake256, data1, data1Len);
-    }
-    if (ret == 0) {
-        /* Update with second data. */
-        ret = wc_Shake256_Update(shake256, data2, data2Len);
-    }
-    if (ret == 0) {
-        /* Compute hash of data. */
-        ret = wc_Shake256_Final(shake256, hash, hashLen);
-    }
-#endif
-
-    return ret;
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-/* 256-bit hash of context and message using SHAKE-256.
- *
- * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx)
- *   ...
- *   10: M' <- BytesToBits(IntegerToBytes(0, 1) || IntegerToBytes(|ctx|, 1) ||
- *                         ctx) || M
- *   ...
- *
- * FIPS 204. 6.2: Algorithm 7 ML-DSA.Sign_internal(sk, M', rnd)
- *   ...
- *   6: mu <- H(BytesToBits(tr)||M', 64))
- *   ...
- *
- * @param [in, out] shake256  SHAKE-256 object.
- * @param [in]      tr        Public key hash.
- * @param [in]      trLen     Length of public key hash in bytes.
- * @param [in]      preHash   0 when message was not hashed,
- *                            1 when message was hashed.
- * @param [in]      ctx       Context of signature.
- * @param [in]      ctxLen    Length of context of signature in bytes.
- * @param [in]      msg       Message to sign.
- * @param [in]      msgLen    Length of message to sign in bytes.
- * @param [out]     hash      Buffer to hold hash result.
- * @param [in]      hashLen   Number of bytes of hash to return.
- * @return  0 on success.
- * @return  Negative on error.
- */
-static int dilithium_hash256_ctx_msg(wc_Shake* shake256, const byte* tr,
-    byte trLen, byte preHash, const byte* ctx, byte ctxLen, const byte* msg,
-    word32 msgLen, byte* hash, word32 hashLen)
-{
-    int ret;
-    byte prefix[2];
-
-    prefix[0] = preHash;
-    prefix[1] = ctxLen;
-
-    /* Initialize SHAKE-256 operation. */
-    ret = wc_InitShake256(shake256, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Update with public key hash. */
-        ret = wc_Shake256_Update(shake256, tr, trLen);
-    }
-    if (ret == 0) {
-        /* Update with context prefix - 0 | ctxLen. */
-        ret = wc_Shake256_Update(shake256, prefix, (word32)sizeof(prefix));
-    }
-    if (ret == 0) {
-        /* Update with context. */
-        ret = wc_Shake256_Update(shake256, ctx, ctxLen);
-    }
-    if (ret == 0) {
-        /* Update with message. */
-        ret = wc_Shake256_Update(shake256, msg, msgLen);
-    }
-    if (ret == 0) {
-        /* Compute hash of data. */
-        ret = wc_Shake256_Final(shake256, hash, hashLen);
-    }
-
-    return ret;
-}
-
-/* Get the OID for the digest hash.
- *
- * @param [in]  hash         Hash algorithm.
- * @param [out] oidBuffer   Buffer to hold OID.
- * @param [out] oidLen      Length of OID in buffer.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG if hash algorithm not known.
- */
-static int dilithium_get_hash_oid(int hash, byte* oidBuffer, word32* oidLen)
-{
-    int ret = 0;
-    const byte* oid;
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-
-    oid = OidFromId((word32)wc_HashGetOID((enum wc_HashType)hash), oidHashType,
-        oidLen);
-    if ((oid != NULL) && (*oidLen <= DILITHIUM_HASH_OID_LEN - 2)) {
-#ifndef WOLFSSL_DILITHIUM_REVERSE_HASH_OID
-        oidBuffer[0] = 0x06;             /* ObjectID */
-        oidBuffer[1] = (byte)*oidLen;   /* ObjectID */
-        oidBuffer += 2;
-        XMEMCPY(oidBuffer, oid, *oidLen);
-#else
-        int i;
-        for (i = (int)*oidLen - 1; i >= 0; i--) {
-            *(oidBuffer++) = oid[i];
-        }
-        *(oidBuffer++) = *oidLen;   /* ObjectID */
-        * oidBuffer    = 0x06;   /* ObjectID */
-#endif
-        *oidLen += 2;
-     }
-     else {
-        ret = BAD_FUNC_ARG;
-    }
-
-#else
-
-    *oidLen = DILITHIUM_HASH_OID_LEN;
-#ifndef NO_SHA256
-    if (hash == WC_HASH_TYPE_SHA256) {
-        static byte sha256Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
-        };
-        oid = sha256Oid;
-    }
-    else
-#endif
-#ifdef WOLFSSL_SHA384
-    if (hash == WC_HASH_TYPE_SHA384) {
-        static byte sha384Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
-        };
-        oid = sha384Oid;
-    }
-    else
-#endif
-#ifdef WOLFSSL_SHA512
-    if (hash == WC_HASH_TYPE_SHA512) {
-        static byte sha512Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
-        };
-        oid = sha512Oid;
-    }
-    else
-#ifndef WOLFSSL_NOSHA512_256
-    if (hash == WC_HASH_TYPE_SHA512_256) {
-        static byte sha512_256Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x06
-        };
-        oid = sha512_256Oid;
-    }
-    else
-#endif
-#endif
-    if (hash == WC_HASH_TYPE_SHAKE128) {
-        static byte shake128Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x0B
-        };
-        oid = shake128Oid;
-    }
-    else if (hash == WC_HASH_TYPE_SHAKE256) {
-        static byte shake256Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x0C
-        };
-        oid = shake256Oid;
-    }
-    else if (hash == WC_HASH_TYPE_SHA3_256) {
-        static byte sha3_256Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x08
-        };
-        oid = sha3_256Oid;
-    }
-    else if (hash == WC_HASH_TYPE_SHA3_384) {
-        static byte sha3_384Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x09
-        };
-        oid = sha3_384Oid;
-    }
-    else if (hash == WC_HASH_TYPE_SHA3_512) {
-        static byte sha3_512Oid[DILITHIUM_HASH_OID_LEN] = {
-            0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x0A
-        };
-        oid = sha3_512Oid;
-    }
-    else {
-        oid = NULL;
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((oid != NULL) && (*oidLen <= DILITHIUM_HASH_OID_LEN)) {
-#ifndef WOLFSSL_DILITHIUM_REVERSE_HASH_OID
-        XMEMCPY(oidBuffer, oid, *oidLen);
-#else
-        int i;
-        for (i = (int)*oidLen - 1; i >= 0; i--) {
-            *(oidBuffer++) = oid[i];
-        }
-#endif
-    }
-#endif
-
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_SMALL
-/* 128-bit hash using SHAKE-128.
- *
- * FIPS 204. 8.3: H128(v,d) <- SHAKE128(v,d)
- *
- * @param [in, out] shake128  SHAKE-128 object.
- * @param [in]      in        Block of data to hash.
- * @param [in]      inLen     Length of data in bytes.
- * @param [out]     out       Buffer to hold hash result.
- * @param [in]      outLen    Number of hash blocks to return.
- * @return  0 on success.
- * @return  Negative on error.
- */
-static int dilithium_squeeze128(wc_Shake* shake128, const byte* in,
-    word32 inLen, byte* out, word32 outBlocks)
-{
-    int ret;
-
-    /* Initialize SHAKE-128 operation. */
-    ret = wc_InitShake128(shake128, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Absorb data - update plus final. */
-        ret = wc_Shake128_Absorb(shake128, in, inLen);
-    }
-    if (ret == 0) {
-        /* Squeeze out hash data. */
-        ret = wc_Shake128_SqueezeBlocks(shake128, out, outBlocks);
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_SMALL */
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-    (!defined(WOLFSSL_DILITHIUM_SMALL) && \
-     !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY))
-/* 256-bit hash using SHAKE-256.
- *
- * FIPS 204. 8.3: H(v,d) <- SHAKE256(v,d)
- * Using SqueezeBlocks interface to get larger amounts of output.
- *
- * @param [in, out] shake256  SHAKE-256 object.
- * @param [in]      in        Block of data to hash.
- * @param [in]      inLen     Length of data in bytes.
- * @param [out]     out       Buffer to hold hash result.
- * @param [in]      outLen    Number of hash blocks to return.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_squeeze256(wc_Shake* shake256, const byte* in,
-    word32 inLen, byte* out, word32 outBlocks)
-{
-    int ret;
-#ifdef USE_INTEL_SPEEDUP
-    word64* state = shake256->s;
-    word8* state8 = (word8*)state;
-
-    XMEMCPY(state, in, inLen);
-    state8[inLen] = 0x1f;
-    XMEMSET(state8 + inLen + 1, 0, sizeof(shake256->s) - (inLen + 1));
-    state8[WC_SHA3_256_COUNT * 8 - 1] ^= 0x80;
-
-    for (; outBlocks > 0; outBlocks--) {
-#ifndef WC_SHA3_NO_ASM
-        if (IS_INTEL_AVX2(cpuid_flags) &&
-                 (SAVE_VECTOR_REGISTERS2() == 0)) {
-            sha3_block_avx2(state);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else if (IS_INTEL_BMI2(cpuid_flags)) {
-            sha3_block_bmi2(state);
-        }
-        else
-#endif
-        {
-            BlockSha3(state);
-        }
-        XMEMCPY(out, shake256->s, WC_SHA3_256_COUNT * 8);
-        out += WC_SHA3_256_COUNT * 8;
-    }
-    ret = 0;
-#else
-    /* Initialize SHAKE-256 operation. */
-    ret = wc_InitShake256(shake256, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Absorb data - update plus final. */
-        ret = wc_Shake256_Absorb(shake256, in, inLen);
-    }
-    if (ret == 0) {
-        /* Squeeze out hash data. */
-        ret = wc_Shake256_SqueezeBlocks(shake256, out, outBlocks);
-    }
-#endif
-
-    return ret;
-}
-#endif
-
-/******************************************************************************
- * Encode/Decode operations
- ******************************************************************************/
-
-#ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-/* Encode vector of polynomials with range -ETA..ETA.
- *
- * FIPS 204. 8.2: Algorithm 18 skEncode(rho, K, tr, s1, s2, t0)
- *   ...
- *   2: for i from 0 to l - 1 do
- *   3:     sk <- sk || BitPack(s1[i], eta, eta)
- *   4: end for
- *   ...
- *   OR
- *   ...
- *   5: for i from 0 to k - 1 do
- *   6:     sk <- sk || BitPack(s2[i], eta, eta)
- *   7: end for
- *   ...
- *
- * FIPS 204. 8.2: Algorithm 11 BitPack(w, a, b)
- *   1: z <- ()
- *   2: for i from 0 to 255 do
- *   3:     z <- z||IntegerToBits(b - wi, bitlen(a + b))
- *   4: end for
- *   5: return BitsToBytes(z)
- *
- *   IntegerToBits makes bit array with width specified from integer.
- *   BitToBytes make a byte array from a bit array.
- *
- * @param [in]  s    Vector of polynomials to encode.
- * @param [in]  d    Dimension of vector.
- * @param [in]  eta  Range specifier of each value.
- * @param [out] p    Buffer to encode into.
- */
-static void dilthium_vec_encode_eta_bits_c(const sword32* s, byte d, byte eta,
-    byte* p)
-{
-    unsigned int i;
-    unsigned int j;
-
-#if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_87)
-    /* -2..2 */
-    if (eta == DILITHIUM_ETA_2) {
-        /* Setp 2 or 5: For each polynomial of vector. */
-        for (i = 0; i < d; i++) {
-            /* Step 3 or 6.
-             * 3 bits to encode each number.
-             * 8 numbers become 3 bytes. (8 * 3 bits = 3 * 8 bits) */
-            for (j = 0; j < DILITHIUM_N; j += 8) {
-                /* Make value a positive integer. */
-                byte s0 = (byte)(2 - s[j + 0]);
-                byte s1 = (byte)(2 - s[j + 1]);
-                byte s2 = (byte)(2 - s[j + 2]);
-                byte s3 = (byte)(2 - s[j + 3]);
-                byte s4 = (byte)(2 - s[j + 4]);
-                byte s5 = (byte)(2 - s[j + 5]);
-                byte s6 = (byte)(2 - s[j + 6]);
-                byte s7 = (byte)(2 - s[j + 7]);
-
-                /* Pack 8 3-bit values into 3 bytes. */
-                p[0] = (byte)((s0 >> 0) | (s1 << 3) | (s2 << 6));
-                p[1] = (byte)((s2 >> 2) | (s3 << 1) | (s4 << 4) | (s5 << 7));
-                p[2] = (byte)((s5 >> 1) | (s6 << 2) | (s7 << 5));
-                /* Move to next place to encode into. */
-                p += DILITHIUM_ETA_2_BITS;
-            }
-            /* Next polynomial. */
-            s += DILITHIUM_N;
-        }
-    }
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-    /* -4..4 */
-    if (eta == DILITHIUM_ETA_4) {
-        for (i = 0; i < d; i++) {
-        #ifdef WOLFSSL_DILITHIUM_SMALL
-            /* Step 3 or 6.
-             * 4 bits to encode each number.
-             * 2 numbers become 1 bytes. (2 * 4 bits = 1 * 8 bits) */
-            for (j = 0; j < DILITHIUM_N / 2; j++) {
-                /* Make values positive and pack 2 4-bit values into 1 byte. */
-                p[j] = (((byte)(4 - s[j * 2 + 0])) << 0) |
-                       (((byte)(4 - s[j * 2 + 1])) << 4);
-            }
-        #else
-            /* Step 3 or 6.
-             * 4 bits to encode each number.
-             * 8 numbers become 4 bytes. (8 * 4 bits = 4 * 8 bits) */
-            for (j = 0; j < DILITHIUM_N / 2; j += 4) {
-                /* Make values positive and pack 2 4-bit values into 1 byte. */
-                p[j + 0] = (byte)((((byte)(4 - s[j * 2 + 0])) << 0) |
-                                  (((byte)(4 - s[j * 2 + 1])) << 4));
-                p[j + 1] = (byte)((((byte)(4 - s[j * 2 + 2])) << 0) |
-                                  (((byte)(4 - s[j * 2 + 3])) << 4));
-                p[j + 2] = (byte)((((byte)(4 - s[j * 2 + 4])) << 0) |
-                                  (((byte)(4 - s[j * 2 + 5])) << 4));
-                p[j + 3] = (byte)((((byte)(4 - s[j * 2 + 6])) << 0) |
-                                  (((byte)(4 - s[j * 2 + 7])) << 4));
-            }
-        #endif
-            /* Move to next place to encode into. */
-            p += DILITHIUM_N / 2;
-            /* Next polynomial. */
-            s += DILITHIUM_N;
-        }
-    }
-#endif
-}
-
-/* Encode vector of polynomials with range -ETA..ETA.
- *
- * @param [in]  s    Vector of polynomials to encode.
- * @param [in]  d    Dimension of vector.
- * @param [in]  eta  Range specifier of each value.
- * @param [out] p    Buffer to encode into.
- */
-static void dilthium_vec_encode_eta_bits(const sword32* s, byte d, byte eta,
-    byte* p)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-    #if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_87)
-        /* -2..2 */
-        if (eta == DILITHIUM_ETA_2) {
-            wc_mldsa_vec_encode_eta_2_avx2(s, d, p);
-        }
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_65
-        if (eta == DILITHIUM_ETA_4) {
-            wc_mldsa_vec_encode_eta_4_avx2(s, p);
-        }
-    #endif
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilthium_vec_encode_eta_bits_c(s, d, eta, p);
-    }
-}
-#endif /* !WOLFSSL_DILITHIUM_NO_MAKE_KEY */
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-
-#if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Decode polynomial with range -2..2.
- *
- * FIPS 204. 7.2: Algorithm 25 skDecode(sk)
- *   ...
- *   5: for i from 0 to l - 1 do
- *   6:     s1[i] <- BitUnpack(yi, eta, eta)
- *   7: end for
- *   ...
- *   OR
- *   ...
- *   8: for i from 0 to k - 1 do
- *   9:     s2[i] <- BitUnpack(zi, eta, eta)
- *  10: end for
- *   ...
- *  Where y and z are arrays of bit arrays.
- *
- * @param [in]  p    Buffer of data to decode.
- * @param [in]  s    Vector of decoded polynomials.
- */
-static void dilithium_decode_eta_2_bits_c(const byte* p, sword32* s)
-{
-    unsigned int j;
-
-    /* Step 6 or 9.
-     * 3 bits to encode each number.
-     * 8 numbers from 3 bytes. (8 * 3 bits = 3 * 8 bits) */
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        /* Get 3 bits and put in range of -2..2. */
-        s[j + 0] = 2 - ((p[0] >> 0) & 0x7                      );
-        s[j + 1] = 2 - ((p[0] >> 3) & 0x7                      );
-        s[j + 2] = 2 - ((p[0] >> 6)       | ((p[1] << 2) & 0x7));
-        s[j + 3] = 2 - ((p[1] >> 1) & 0x7                      );
-        s[j + 4] = 2 - ((p[1] >> 4) & 0x7                      );
-        s[j + 5] = 2 - ((p[1] >> 7)       | ((p[2] << 1) & 0x7));
-        s[j + 6] = 2 - ((p[2] >> 2) & 0x7                      );
-        s[j + 7] = 2 - ((p[2] >> 5) & 0x7                      );
-        /* Move to next place to decode from. */
-        p += DILITHIUM_ETA_2_BITS;
-    }
-}
-
-/* Decode polynomial with range -2..2.
- *
- * @param [in]  p    Buffer of data to decode.
- * @param [in]  s    Vector of decoded polynomials.
- */
-static void dilithium_decode_eta_2_bits(const byte* p, sword32* s)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_decode_eta_2_avx2(p, s);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_decode_eta_2_bits_c(p, s);
-    }
-}
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-/* Decode polynomial with range -4..4.
- *
- * FIPS 204. 7.2: Algorithm 25 skDecode(sk)
- *   ...
- *   5: for i from 0 to l - 1 do
- *   6:     s1[i] <- BitUnpack(yi, eta, eta)
- *   7: end for
- *   ...
- *   OR
- *   ...
- *   8: for i from 0 to k - 1 do
- *   9:     s2[i] <- BitUnpack(zi, eta, eta)
- *  10: end for
- *   ...
- *  Where y and z are arrays of bit arrays.
- *
- * @param [in]  p    Buffer of data to decode.
- * @param [in]  s    Vector of decoded polynomials.
- */
-static void dilithium_decode_eta_4_bits_c(const byte* p, sword32* s)
-{
-    unsigned int j;
-
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    /* Step 6 or 9.
-     * 4 bits to encode each number.
-     * 2 numbers from 1 bytes. (2 * 4 bits = 1 * 8 bits) */
-    for (j = 0; j < DILITHIUM_N / 2; j++) {
-        /* Get 4 bits and put in range of -4..4. */
-        s[j * 2 + 0] = 4 - (p[j] & 0xf);
-        s[j * 2 + 1] = 4 - (p[j] >> 4);
-    }
-#else
-    /* Step 6 or 9.
-     * 4 bits to encode each number.
-     * 8 numbers from 4 bytes. (8 * 4 bits = 4 * 8 bits) */
-    for (j = 0; j < DILITHIUM_N / 2; j += 4) {
-        /* Get 4 bits and put in range of -4..4. */
-        s[j * 2 + 0] = 4 - (p[j + 0] & 0xf);
-        s[j * 2 + 1] = 4 - (p[j + 0] >> 4);
-        s[j * 2 + 2] = 4 - (p[j + 1] & 0xf);
-        s[j * 2 + 3] = 4 - (p[j + 1] >> 4);
-        s[j * 2 + 4] = 4 - (p[j + 2] & 0xf);
-        s[j * 2 + 5] = 4 - (p[j + 2] >> 4);
-        s[j * 2 + 6] = 4 - (p[j + 3] & 0xf);
-        s[j * 2 + 7] = 4 - (p[j + 3] >> 4);
-    }
-#endif /* WOLFSSL_DILITHIUM_SMALL */
-}
-
-/* Decode polynomial with range -4..4.
- *
- * @param [in]  p    Buffer of data to decode.
- * @param [in]  s    Vector of decoded polynomials.
- */
-static void dilithium_decode_eta_4_bits(const byte* p, sword32* s)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_decode_eta_4_avx2(p, s);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_decode_eta_4_bits_c(p, s);
-    }
-}
-#endif
-
-#if defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     (defined(WC_DILITHIUM_CACHE_PRIV_VECTORS) || \
-      !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM)))
-/* Decode vector of polynomials with range -ETA..ETA.
- *
- * FIPS 204. 7.2: Algorithm 25 skDecode(sk)
- *   ...
- *   5: for i from 0 to l - 1 do
- *   6:     s1[i] <- BitUnpack(yi, eta, eta)
- *   7: end for
- *   ...
- *   OR
- *   ...
- *   8: for i from 0 to k - 1 do
- *   9:     s2[i] <- BitUnpack(zi, eta, eta)
- *  10: end for
- *   ...
- *  Where y and z are arrays of bit arrays.
- *
- * @param [in]  p    Buffer of data to decode.
- * @param [in]  eta  Range specifier of each value.
- * @param [in]  s    Vector of decoded polynomials.
- * @param [in]  d    Dimension of vector.
- */
-static void dilithium_vec_decode_eta_bits(const byte* p, byte eta, sword32* s,
-    byte d)
-{
-    unsigned int i;
-
-#if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_87)
-    /* -2..2 */
-    if (eta == DILITHIUM_ETA_2) {
-        /* Step 5 or 8: For each polynomial of vector */
-        for (i = 0; i < d; i++) {
-            dilithium_decode_eta_2_bits(p, s);
-            /* Move to next place to decode from. */
-            p += DILITHIUM_ETA_2_BITS * DILITHIUM_N / 8;
-            /* Next polynomial. */
-            s += DILITHIUM_N;
-        }
-    }
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-    /* -4..4 */
-    if (eta == DILITHIUM_ETA_4) {
-        /* Step 5 or 8: For each polynomial of vector */
-        for (i = 0; i < d; i++) {
-            dilithium_decode_eta_4_bits(p, s);
-            /* Move to next place to decode from. */
-            p += DILITHIUM_N / 2;
-            /* Next polynomial. */
-            s += DILITHIUM_N;
-        }
-    }
-#endif
-}
-#endif
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN || WOLFSSL_DILITHIUM_CHECK_KEY */
-
-#ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-/* Encode t into t0 and t1.
- *
- * FIPS 204. 8.4: Algorithm 29 Power2Round(r)
- *   1: r+ <- r mod q
- *   2: r0 <- r+ mod +/- 2^d
- *   3: return ((r+ - r0) / 2^d, r0)
- *
- * FIPS 204. 7.2: Algorithm 24 skEncode(rho, K, tr, s1, s2, t0)
- *   ...
- *   8: for i form 0 to k - 1 do
- *   9:     sk <- sk || BitPack(t0[i], s^(d-1) - 1, 2^(d-1))
- *  10: end for
- *
- * FIPS 204. 7.2: Algorithm 22 pkEncode(rho, t1)
- *   ...
- *   2: for i from 0 to k - 1 do
- *   3:     pk <- pk || SimpleBitPack(t1[i], 2^bitlen(q-1) - d - 1)
- *   4: end for
- *
- * @param [in]  t    Vector of polynomials.
- * @param [in]  d    Dimension of vector.
- * @param [out] t0   Buffer to encode bottom part of value of t into.
- * @param [out] t1   Buffer to encode top part of value of t into.
- */
-static void dilithium_vec_encode_t0_t1_c(const sword32* t, byte d, byte* t0,
-    byte* t1)
-{
-    unsigned int i;
-    unsigned int j;
-
-    /* Alg 24, Step 8 and Alg 22, Step 2. For each polynomial of vector. */
-    for (i = 0; i < d; i++) {
-        /* Alg 24, Step 9 and Alg 22, Step 3.
-         * Do all polynomial values - 8 at a time. */
-        for (j = 0; j < DILITHIUM_N; j += 8) {
-            /* Take 8 values of t and take top bits and make positive. */
-            word16 n1_0 = (word16)((t[j + 0] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_1 = (word16)((t[j + 1] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_2 = (word16)((t[j + 2] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_3 = (word16)((t[j + 3] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_4 = (word16)((t[j + 4] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_5 = (word16)((t[j + 5] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_6 = (word16)((t[j + 6] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            word16 n1_7 = (word16)((t[j + 7] + DILITHIUM_D_MAX_HALF - 1) >>
-                DILITHIUM_D);
-            /* Take 8 values of t and take bottom bits and make positive. */
-            word16 n0_0 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 0] - (n1_0 << DILITHIUM_D)));
-            word16 n0_1 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 1] - (n1_1 << DILITHIUM_D)));
-            word16 n0_2 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 2] - (n1_2 << DILITHIUM_D)));
-            word16 n0_3 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 3] - (n1_3 << DILITHIUM_D)));
-            word16 n0_4 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 4] - (n1_4 << DILITHIUM_D)));
-            word16 n0_5 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 5] - (n1_5 << DILITHIUM_D)));
-            word16 n0_6 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 6] - (n1_6 << DILITHIUM_D)));
-            word16 n0_7 = (word16)(DILITHIUM_D_MAX_HALF -
-                                   (t[j + 7] - (n1_7 << DILITHIUM_D)));
-
-            /* 13 bits per number.
-             * 8 numbers become 13 bytes. (8 * 13 bits = 13 * 8 bits) */
-        #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 2)
-            word32* tp;
-        #endif
-        #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-            tp = (word32*)t0;
-            tp[0] =  (n0_0      ) | ((word32)n0_1 << 13) | ((word32)n0_2 << 26);
-            tp[1] =  (n0_2 >>  6) | ((word32)n0_3 <<  7) | ((word32)n0_4 << 20);
-            tp[2] =  (n0_4 >> 12) | ((word32)n0_5 <<  1) |
-                                    ((word32)n0_6 << 14) | ((word32)n0_7 << 27);
-        #else
-            t0[ 0] = (byte)(               (n0_0 <<  0));
-            t0[ 1] = (byte)((n0_0 >>  8) | (n0_1 <<  5));
-            t0[ 2] = (byte)((n0_1 >>  3)               );
-            t0[ 3] = (byte)((n0_1 >> 11) | (n0_2 <<  2));
-            t0[ 4] = (byte)((n0_2 >>  6) | (n0_3 <<  7));
-            t0[ 5] = (byte)((n0_3 >>  1)               );
-            t0[ 6] = (byte)((n0_3 >>  9) | (n0_4 <<  4));
-            t0[ 7] = (byte)((n0_4 >>  4)               );
-            t0[ 8] = (byte)((n0_4 >> 12) | (n0_5 <<  1));
-            t0[ 9] = (byte)((n0_5 >>  7) | (n0_6 <<  6));
-            t0[10] = (byte)((n0_6 >>  2)               );
-            t0[11] = (byte)((n0_6 >> 10) | (n0_7 <<  3));
-        #endif
-            t0[12] = (byte)((n0_7 >>  5)               );
-
-            /* 10 bits per number.
-             * 8 bytes become 10 bytes. (8 * 10 bits = 10 * 8 bits) */
-        #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 2)
-            tp = (word32*)t1;
-            tp[0] =  (n1_0      ) | ((word32)n1_1 << 10) |
-                     ((word32)n1_2 << 20) | ((word32)n1_3 << 30);
-            tp[1] =  (n1_3 >>  2) | ((word32)n1_4 <<  8) |
-                     ((word32)n1_5 << 18) | ((word32)n1_6 << 28);
-        #else
-            t1[0] = (byte)(               (n1_0 << 0));
-            t1[1] = (byte)((n1_0 >> 8) |  (n1_1 << 2));
-            t1[2] = (byte)((n1_1 >> 6) |  (n1_2 << 4));
-            t1[3] = (byte)((n1_2 >> 4) |  (n1_3 << 6));
-            t1[4] = (byte)((n1_3 >> 2)               );
-            t1[5] = (byte)(               (n1_4 << 0));
-            t1[6] = (byte)((n1_4 >> 8) |  (n1_5 << 2));
-            t1[7] = (byte)((n1_5 >> 6) |  (n1_6 << 4));
-        #endif
-            t1[8] = (byte)((n1_6 >> 4) |  (n1_7 << 6));
-            t1[9] = (byte)((n1_7 >> 2)               );
-
-            /* Move to next place to encode bottom bits to. */
-            t0 += DILITHIUM_D;
-            /* Move to next place to encode top bits to. */
-            t1 += DILITHIUM_U;
-        }
-        /* Next polynomial. */
-        t += DILITHIUM_N;
-    }
-}
-
-/* Encode t into t0 and t1.
- *
- * @param [in]  t    Vector of polynomials.
- * @param [in]  d    Dimension of vector.
- * @param [out] t0   Buffer to encode bottom part of value of t into.
- * @param [out] t1   Buffer to encode top part of value of t into.
- */
-static void dilithium_vec_encode_t0_t1(const sword32* t, byte d, byte* t0,
-    byte* t1)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_vec_encode_t0_t1_avx2(t, d, t0, t1);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_vec_encode_t0_t1_c(t, d, t0, t1);
-    }
-}
-#endif /* !WOLFSSL_DILITHIUM_NO_MAKE_KEY */
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-/* Decode bottom D bits of t as t0.
- *
- * FIPS 204. 7.2: Algorithm 25 skDecode(sk)
- *   ...
- *   12:     t0[i] <- BitUnpack(wi, 2^(d-1) - 1, 2^(d-1)
- *   ...
- *
- * @param [in]  t0  Encoded values of t0.
- * @param [in]  d   Dimensions of vector t0.
- * @param [out] t   Vector of polynomials.
- */
-static void dilithium_decode_t0_c(const byte* t0, sword32* t)
-{
-    unsigned int j;
-
-    /* Step 12. Get 13 bits and convert to range (2^(d-1)-1)..2^(d-1). */
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        /* 13 bits used per number.
-         * 8 numbers from 13 bytes. (8 * 13 bits = 13 * 8 bits) */
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-        word32 t32_2 = ((const word32*)t0)[2];
-    #ifdef WC_64BIT_CPU
-        word64 t64 = *(const word64*)t0;
-        t[j + 0] = DILITHIUM_D_MAX_HALF - ( t64        & 0x1fff);
-        t[j + 1] = DILITHIUM_D_MAX_HALF - ((t64 >> 13) & 0x1fff);
-        t[j + 2] = DILITHIUM_D_MAX_HALF - ((t64 >> 26) & 0x1fff);
-        t[j + 3] = DILITHIUM_D_MAX_HALF - ((t64 >> 39) & 0x1fff);
-        t[j + 4] = DILITHIUM_D_MAX_HALF - (sword32)
-                   ((t64 >> 52) | ((t32_2 & 0x0001) << 12));
-    #else
-        word32 t32_0 = ((const word32*)t0)[0];
-        word32 t32_1 = ((const word32*)t0)[1];
-        t[j + 0] = DILITHIUM_D_MAX_HALF -
-                    ( t32_0        & 0x1fff);
-        t[j + 1] = DILITHIUM_D_MAX_HALF -
-                    ((t32_0 >> 13) & 0x1fff);
-        t[j + 2] = DILITHIUM_D_MAX_HALF - (sword32)
-                   (( t32_0 >> 26          ) | ((t32_1 & 0x007f) <<  6));
-        t[j + 3] = DILITHIUM_D_MAX_HALF -
-                    ((t32_1 >>  7) & 0x1fff);
-        t[j + 4] = DILITHIUM_D_MAX_HALF - (sword32)
-                   (( t32_1 >> 20          ) | ((t32_2 & 0x0001) << 12));
-    #endif
-        t[j + 5] = DILITHIUM_D_MAX_HALF -
-                    ((t32_2 >>  1) & 0x1fff);
-        t[j + 6] = DILITHIUM_D_MAX_HALF -
-                    ((t32_2 >> 14) & 0x1fff);
-        t[j + 7] = DILITHIUM_D_MAX_HALF - (sword32)
-                   (( t32_2 >> 27          ) | ((word32)t0[12] ) <<  5 );
-#else
-        t[j + 0] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 0]     ) | (((word16)(t0[ 1] & 0x1f)) <<  8));
-        t[j + 1] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 1] >> 5) | (((word16)(t0[ 2]       )) <<  3) |
-                                    (((word16)(t0[ 3] & 0x03)) << 11));
-        t[j + 2] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 3] >> 2) | (((word16)(t0[ 4] & 0x7f)) <<  6));
-        t[j + 3] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 4] >> 7) | (((word16)(t0[ 5]       )) <<  1) |
-                                    (((word16)(t0[ 6] & 0x0f)) <<  9));
-        t[j + 4] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 6] >> 4) | (((word16)(t0[ 7]       )) <<  4) |
-                                    (((word16)(t0[ 8] & 0x01)) << 12));
-        t[j + 5] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 8] >> 1) | (((word16)(t0[ 9] & 0x3f)) <<  7));
-        t[j + 6] = DILITHIUM_D_MAX_HALF -
-                   ((t0[ 9] >> 6) | (((word16)(t0[10]       )) <<  2) |
-                                    (((word16)(t0[11] & 0x07)) << 10));
-        t[j + 7] = DILITHIUM_D_MAX_HALF -
-                   ((t0[11] >> 3) | (((word16)(t0[12]       )) <<  5));
-#endif
-        /* Move to next place to decode from. */
-        t0 += DILITHIUM_D;
-    }
-}
-
-/* Decode bottom D bits of t as t0.
- *
- * @param [in]  t0  Encoded values of t0.
- * @param [in]  d   Dimensions of vector t0.
- * @param [out] t   Vector of polynomials.
- */
-static void dilithium_decode_t0(const byte* t0, sword32* t)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_decode_t0_avx2(t0, t);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_decode_t0_c(t0, t);
-    }
-}
-
-#if defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     (defined(WC_DILITHIUM_CACHE_PRIV_VECTORS) || \
-      !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM)))
-/* Decode bottom D bits of t as t0.
- *
- * FIPS 204. 7.2: Algorithm 25 skDecode(sk)
- *   ...
- *   11: for i from 0 to k - 1 do
- *   12:     t0[i] <- BitUnpack(wi, 2^(d-1) - 1, 2^(d-1)
- *   13: end for
- *   ...
- *
- * @param [in]  t0  Encoded values of t0.
- * @param [in]  d   Dimensions of vector t0.
- * @param [out] t   Vector of polynomials.
- */
-static void dilithium_vec_decode_t0(const byte* t0, byte d, sword32* t)
-{
-    unsigned int i;
-
-    /* Step 11. For each polynomial of vector. */
-    for (i = 0; i < d; i++) {
-        dilithium_decode_t0(t0, t);
-        t0 += DILITHIUM_D * DILITHIUM_N / 8;
-        /* Next polynomial. */
-        t += DILITHIUM_N;
-    }
-}
-#endif
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN || WOLFSSL_DILITHIUM_CHECK_KEY */
-
-#if !defined(WOLFSSL_DILITHIUM_NO_VERIFY) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-/* Decode top bits of t as t1.
- *
- * FIPS 204. 7.2: Algorithm 23 pkDecode(pk)
- *   ...
- *   4:     t1[i] <- SimpleBitUnpack(zi, 2^(bitlen(q-1)-d) - 1)
- *   ...
- *
- * @param [in]  t1  Encoded values of t1.
- * @param [out] t   Polynomials.
- */
-static void dilithium_decode_t1_c(const byte* t1, sword32* t)
-{
-    unsigned int j;
-    /* Step 4. Get 10 bits as a number. */
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        /* 10 bits used per number.
-         * 8 numbers from 10 bytes. (8 * 10 bits = 10 * 8 bits) */
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-    #ifdef WC_64BIT_CPU
-        word64 t64 = *(const word64*) t1;
-        word16 t16 = *(const word16*)(t1 + 8);
-        t[j+0] = (sword32)( ( t64                     & 0x03ff) << DILITHIUM_D);
-        t[j+1] = (sword32)( ((t64 >> 10)              & 0x03ff) << DILITHIUM_D);
-        t[j+2] = (sword32)( ((t64 >> 20)              & 0x03ff) << DILITHIUM_D);
-        t[j+3] = (sword32)( ((t64 >> 30)              & 0x03ff) << DILITHIUM_D);
-        t[j+4] = (sword32)( ((t64 >> 40)              & 0x03ff) << DILITHIUM_D);
-        t[j+5] = (sword32)( ((t64 >> 50)              & 0x03ff) << DILITHIUM_D);
-        t[j+6] = (sword32)((((t64 >> 60) |
-                             (word64)(t16 << 4))      & 0x03ff) << DILITHIUM_D);
-        t[j+7] = (sword32)( ((t16 >>  6)              & 0x03ff) << DILITHIUM_D);
-    #else
-        word32 t32 = *((const word32*)t1);
-        t[j + 0] = ( t32        & 0x03ff                         ) <<
-                   DILITHIUM_D;
-        t[j + 1] = ((t32 >> 10) & 0x03ff                         ) <<
-                   DILITHIUM_D;
-        t[j + 2] = ((t32 >> 20) & 0x03ff                         ) <<
-                   DILITHIUM_D;
-        t[j + 3] = ((t32 >> 30)          | (((word16)t1[4]) << 2)) <<
-                   DILITHIUM_D;
-        t32 = *((const word32*)(t1 + 5));
-        t[j + 4] = ( t32        & 0x03ff                         ) <<
-                   DILITHIUM_D;
-        t[j + 5] = ((t32 >> 10) & 0x03ff                         ) <<
-                   DILITHIUM_D;
-        t[j + 6] = ((t32 >> 20) & 0x03ff                         ) <<
-                   DILITHIUM_D;
-        t[j + 7] = ((t32 >> 30)          | (((word16)t1[9]) << 2)) <<
-                   DILITHIUM_D;
-    #endif
-#else
-        t[j + 0] = (sword32)((t1[0] >> 0) | (((word16)(t1[1] & 0x03)) << 8))
-                   << DILITHIUM_D;
-        t[j + 1] = (sword32)((t1[1] >> 2) | (((word16)(t1[2] & 0x0f)) << 6))
-                   << DILITHIUM_D;
-        t[j + 2] = (sword32)((t1[2] >> 4) | (((word16)(t1[3] & 0x3f)) << 4))
-                   << DILITHIUM_D;
-        t[j + 3] = (sword32)((t1[3] >> 6) | (((word16)(t1[4]       )) << 2))
-                   << DILITHIUM_D;
-        t[j + 4] = (sword32)((t1[5] >> 0) | (((word16)(t1[6] & 0x03)) << 8))
-                   << DILITHIUM_D;
-        t[j + 5] = (sword32)((t1[6] >> 2) | (((word16)(t1[7] & 0x0f)) << 6))
-                   << DILITHIUM_D;
-        t[j + 6] = (sword32)((t1[7] >> 4) | (((word16)(t1[8] & 0x3f)) << 4))
-                   << DILITHIUM_D;
-        t[j + 7] = (sword32)((t1[8] >> 6) | (((word16)(t1[9]       )) << 2))
-                   << DILITHIUM_D;
-#endif
-        /* Move to next place to decode from. */
-        t1 += DILITHIUM_U;
-    }
-}
-
-/* Decode top bits of t as t1.
- *
- * FIPS 204. 7.2: Algorithm 23 pkDecode(pk)
- *   ...
- *   4:     t1[i] <- SimpleBitUnpack(zi, 2^(bitlen(q-1)-d) - 1)
- *   ...
- *
- * @param [in]  t1  Encoded values of t1.
- * @param [out] t   Polynomials.
- */
-static void dilithium_decode_t1(const byte* t1, sword32* t)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_decode_t1_avx2(t1, t);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_decode_t1_c(t1, t);
-    }
-}
-#endif
-
-#if (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM)) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-/* Decode top bits of t as t1.
- *
- * FIPS 204. 7.2: Algorithm 23 pkDecode(pk)
- *   ...
- *   3: for i from 0 to k - 1 do
- *   4:     t1[i] <- SimpleBitUnpack(zi, 2^(bitlen(q-1)-d) - 1)
- *   5: end for
- *   ...
- *
- * @param [in]  t1  Encoded values of t1.
- * @param [in]  d   Dimensions of vector t1.
- * @param [out] t   Vector of polynomials.
- */
-static void dilithium_vec_decode_t1(const byte* t1, byte d, sword32* t)
-{
-    unsigned int i;
-
-    /* Step 3. For each polynomial of vector. */
-    for (i = 0; i < d; i++) {
-        dilithium_decode_t1(t1, t);
-        /* Next polynomial. */
-        t1 += DILITHIUM_U * DILITHIUM_N / 8;
-        t += DILITHIUM_N;
-    }
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Encode z with range of -(GAMMA1-1)...GAMMA1
- *
- * FIPS 204. 8.2: Algorithm 20 sigEncode(c_tilde, z, h)
- *   ...
- *   3:     sigma <- sigma || BitPack(z[i], GAMMA1 - 1, GAMMA1)
- *   ...
- *
- * @param [in]  z     Polynomial to encode.
- * @param [out] s     Buffer to encode into.
- */
-static void dilithium_encode_gamma1_17_bits_c(const sword32* z, byte* s)
-{
-    unsigned int j;
-
-    /* Step 3. Get 18 bits as a number. */
-    for (j = 0; j < DILITHIUM_N; j += 4) {
-        word32 z0 = (word32)(DILITHIUM_GAMMA1_17 - z[j + 0]);
-        word32 z1 = (word32)(DILITHIUM_GAMMA1_17 - z[j + 1]);
-        word32 z2 = (word32)(DILITHIUM_GAMMA1_17 - z[j + 2]);
-        word32 z3 = (word32)(DILITHIUM_GAMMA1_17 - z[j + 3]);
-
-        /* 18 bits per number.
-         * 8 numbers become 9 bytes. (8 * 9 bits = 9 * 8 bits) */
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-    #ifdef WC_64BIT_CPU
-        word64* s64p = (word64*)s;
-        s64p[0] =           z0        | ((word64)z1 << 18) |
-                   ((word64)z2 << 36) | ((word64)z3 << 54);
-    #else
-        word32* s32p = (word32*)s;
-        s32p[0] =  z0        | (z1 << 18)             ;
-        s32p[1] = (z1 >> 14) | (z2 <<  4) | (z3 << 22);
-    #endif
-#else
-        s[0] = (byte)( z0                   );
-        s[1] = (byte)( z0 >>  8             );
-        s[2] = (byte)((z0 >> 16) | (z1 << 2));
-        s[3] = (byte)( z1 >>  6             );
-        s[4] = (byte)((z1 >> 14) | (z2 << 4));
-        s[5] = (byte)( z2 >>  4             );
-        s[6] = (byte)((z2 >> 12) | (z3 << 6));
-        s[7] = (byte)( z3 >>  2             );
-#endif
-        s[8] = (byte)( z3 >> 10             );
-        /* Move to next place to encode to. */
-        s += DILITHIUM_GAMMA1_17_ENC_BITS / 2;
-    }
-}
-
-/* Encode z with range of -(GAMMA1-1)...GAMMA1
- *
- * @param [in]  z     Polynomial to encode.
- * @param [out] s     Buffer to encode into.
- */
-static void dilithium_encode_gamma1_17_bits(const sword32* z, byte* s)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_encode_gamma1_17_avx2(z, s);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_encode_gamma1_17_bits_c(z, s);
-    }
-}
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Encode z with range of -(GAMMA1-1)...GAMMA1
- *
- * FIPS 204. 8.2: Algorithm 20 sigEncode(c_tilde, z, h)
- *   ...
- *   3:     sigma <- sigma || BitPack(z[i], GAMMA1 - 1, GAMMA1)
- *   ...
- *
- * @param [in]  z     Polynomial to encode.
- * @param [out] s     Buffer to encode into.
- */
-static void dilithium_encode_gamma1_19_bits_c(const sword32* z, byte* s)
-{
-    unsigned int j;
-
-    /* Step 3. Get 20 bits as a number. */
-    for (j = 0; j < DILITHIUM_N; j += 4) {
-        sword32 z0 = DILITHIUM_GAMMA1_19 - z[j + 0];
-        sword32 z1 = DILITHIUM_GAMMA1_19 - z[j + 1];
-        sword32 z2 = DILITHIUM_GAMMA1_19 - z[j + 2];
-        sword32 z3 = DILITHIUM_GAMMA1_19 - z[j + 3];
-
-        /* 20 bits per number.
-         * 4 numbers become 10 bytes. (4 * 20 bits = 10 * 8 bits) */
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 2)
-        word16* s16p = (word16*)s;
-    #ifdef WC_64BIT_CPU
-        word64* s64p = (word64*)s;
-        s64p[0] =   (word64)z0        | ((word64)z1 << 20) |
-                   ((word64)z2 << 40) | ((word64)z3 << 60);
-    #else
-        word32* s32p = (word32*)s;
-        s32p[0] = (word32)( z0        | (z1 << 20)             );
-        s32p[1] = (word32)((z1 >> 12) | (z2 <<  8) | (z3 << 28));
-    #endif
-        s16p[4] = (word16)((z3 >>  4)                          );
-#else
-        s[0] =  z0                   ;
-        s[1] = (z0 >>  8)            ;
-        s[2] = (z0 >> 16) | (z1 << 4);
-        s[3] = (z1 >>  4)            ;
-        s[4] = (z1 >> 12)            ;
-        s[5] =  z2                   ;
-        s[6] = (z2 >>  8)            ;
-        s[7] = (z2 >> 16) | (z3 << 4);
-        s[8] = (z3 >>  4)            ;
-        s[9] = (z3 >> 12)            ;
-#endif
-        /* Move to next place to encode to. */
-        s += DILITHIUM_GAMMA1_19_ENC_BITS / 2;
-    }
-}
-
-/* Encode z with range of -(GAMMA1-1)...GAMMA1
- *
- * @param [in]  z     Polynomial to encode.
- * @param [out] s     Buffer to encode into.
- */
-static void dilithium_encode_gamma1_19_bits(const sword32* z, byte* s)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_encode_gamma1_19_avx2(z, s);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_encode_gamma1_19_bits_c(z, s);
-    }
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM
-/* Encode z with range of -(GAMMA1-1)...GAMMA1
- *
- * FIPS 204. 8.2: Algorithm 20 sigEncode(c_tilde, z, h)
- *   ...
- *   2: for i form 0 to l - 1 do
- *   3:     sigma <- sigma || BitPack(z[i], GAMMA1 - 1, GAMMA1)
- *   4: end for
- *   ...
- *
- * @param [in]  z     Vector of polynomials to encode.
- * @param [in]  l     Dimension of vector.
- * @param [in]  bits  Number of bits used in encoding - GAMMA1 bits.
- * @param [out] s     Buffer to encode into.
- */
-static void dilithium_vec_encode_gamma1(const sword32* z, byte l, int bits,
-    byte* s)
-{
-    unsigned int i;
-
-    (void)l;
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if (bits == DILITHIUM_GAMMA1_BITS_17) {
-        /* Step 2. For each polynomial of vector. */
-        for (i = 0; i < PARAMS_ML_DSA_44_L; i++) {
-            dilithium_encode_gamma1_17_bits(z, s);
-            /* Move to next place to encode to. */
-            s += DILITHIUM_GAMMA1_17_ENC_BITS / 2 * DILITHIUM_N / 4;
-            /* Next polynomial. */
-            z += DILITHIUM_N;
-        }
-    }
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-    if (bits == DILITHIUM_GAMMA1_BITS_19) {
-        /* Step 2. For each polynomial of vector. */
-        for (i = 0; i < l; i++) {
-            dilithium_encode_gamma1_19_bits(z, s);
-            /* Move to next place to encode to. */
-            s += DILITHIUM_GAMMA1_19_ENC_BITS / 2 * DILITHIUM_N / 4;
-            /* Next polynomial. */
-            z += DILITHIUM_N;
-        }
-    }
-#endif
-}
-#endif /* WOLFSSL_DILITHIUM_SIGN_SMALL_MEM */
-
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-/* Decode polynomial with range -(GAMMA1-1)..GAMMA1.
- *
- * FIPS 204. 8.2: Algorithm 21 sigDecode(sigma)
- *   ...
- *   4:     z[i] <- BitUnpack(xi, GAMMA1 - 1, GAMMA1)
- *   ...
- *
- * @param [in]  s     Encoded values of z.
- * @param [in]  bits  Number of bits used in encoding - GAMMA1 bits.
- * @param [out] z     Polynomial to fill.
- */
-static void dilithium_decode_gamma1_c(const byte* s, int bits, sword32* z)
-{
-    unsigned int i;
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if (bits == DILITHIUM_GAMMA1_BITS_17) {
-#if defined(WOLFSSL_DILITHIUM_NO_LARGE_CODE) || defined(WOLFSSL_DILITHIUM_SMALL)
-        /* Step 4: Get 18 bits as a number. */
-        for (i = 0; i < DILITHIUM_N; i += 4) {
-            /* 18 bits per number.
-             * 4 numbers from 9 bytes. (4 * 18 bits = 9 * 8 bits) */
-    #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-        #ifdef WC_64BIT_CPU
-            word64 s64_0 = *(const word64*)(s+0);
-            z[i+0] = (word32)DILITHIUM_GAMMA1_17 -
-                             ( s64_0        & 0x3ffff                   );
-            z[i+1] = (word32)DILITHIUM_GAMMA1_17 -
-                             ((s64_0 >> 18) & 0x3ffff                   );
-            z[i+2] = (word32)DILITHIUM_GAMMA1_17 -
-                             ((s64_0 >> 36) & 0x3ffff                   );
-            z[i+3] = (word32)DILITHIUM_GAMMA1_17 -
-                             ((s64_0 >> 54) | (((word32)s[8])     << 10));
-        #else
-            word32 s32_0 = ((const word32*)(s+0))[0];
-            word32 s32_1 = ((const word32*)(s+0))[1];
-            z[i+0] = (word32)DILITHIUM_GAMMA1_17 -
-                             ( s32_0        & 0x3ffff                    );
-            z[i+1] = (word32)DILITHIUM_GAMMA1_17 -
-                             ((s32_0 >> 18) | (((s32_1 & 0x0000f) << 14)));
-            z[i+2] = (word32)DILITHIUM_GAMMA1_17 -
-                             ((s32_1 >>  4) & 0x3ffff);
-            z[i+3] = (word32)DILITHIUM_GAMMA1_17 -
-                             ((s32_1 >> 22) | (((word32)s[8])     << 10 ));
-        #endif
-    #else
-            z[i+0] = DILITHIUM_GAMMA1_17 -
-                     ( s[ 0]       | ((sword32)(s[ 1] << 8) |
-                      (sword32)(s[ 2] & 0x03) << 16));
-            z[i+1] = DILITHIUM_GAMMA1_17 -
-                     ((s[ 2] >> 2) | ((sword32)(s[ 3] << 6) |
-                      (sword32)(s[ 4] & 0x0f) << 14));
-            z[i+2] = DILITHIUM_GAMMA1_17 -
-                     ((s[ 4] >> 4) | ((sword32)(s[ 5] << 4) |
-                      (sword32)(s[ 6] & 0x3f) << 12));
-            z[i+3] = DILITHIUM_GAMMA1_17 -
-                     ((s[ 6] >> 6) | ((sword32)(s[ 7] << 2) |
-                      (sword32)(s[ 8]       ) << 10));
-    #endif
-            /* Move to next place to decode from. */
-            s += DILITHIUM_GAMMA1_17_ENC_BITS / 2;
-        }
-#else
-        /* Step 4: Get 18 bits as a number. */
-        for (i = 0; i < DILITHIUM_N; i += 8) {
-            /* 18 bits per number.
-             * 8 numbers from 9 bytes. (8 * 18 bits = 18 * 8 bits) */
-    #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-        #ifdef WC_64BIT_CPU
-            word64 s64_0 = *(const word64*)(s+0);
-            word64 s64_1 = *(const word64*)(s+9);
-            z[i+0] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ( s64_0        & 0x3ffff                   ));
-            z[i+1] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s64_0 >> 18) & 0x3ffff                   ));
-            z[i+2] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s64_0 >> 36) & 0x3ffff                   ));
-            z[i+3] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s64_0 >> 54) | (((word32)s[8])     << 10)));
-            z[i+4] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ( s64_1        & 0x3ffff                   ));
-            z[i+5] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s64_1 >> 18) & 0x3ffff                   ));
-            z[i+6] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s64_1 >> 36) & 0x3ffff                   ));
-            z[i+7] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s64_1 >> 54) | (((word32)s[17])    << 10)));
-        #else
-            word32 s32_0 = ((const word32*)(s+0))[0];
-            word32 s32_1 = ((const word32*)(s+0))[1];
-            word32 s32_2 = ((const word32*)(s+9))[0];
-            word32 s32_3 = ((const word32*)(s+9))[1];
-            z[i+0] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ( s32_0        & 0x3ffff                    ));
-            z[i+1] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s32_0 >> 18) | (((s32_1 & 0x0000f) << 14))));
-            z[i+2] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s32_1 >>  4) & 0x3ffff                    ));
-            z[i+3] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s32_1 >> 22) | (((word32)s[8])     << 10 )));
-            z[i+4] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ( s32_2        & 0x3ffff                    ));
-            z[i+5] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s32_2 >> 18) | (((s32_3 & 0x0000f) << 14))));
-            z[i+6] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s32_3 >>  4) & 0x3ffff                    ));
-            z[i+7] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s32_3 >> 22) | (((word32)s[17])    << 10 )));
-        #endif
-    #else
-            z[i+0] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ( s[ 0]       | ((sword32)(s[ 1] << 8) |
-                                (sword32)(s[ 2] & 0x03) << 16)));
-            z[i+1] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s[ 2] >> 2) | ((sword32)(s[ 3] << 6) |
-                                (sword32)(s[ 4] & 0x0f) << 14)));
-            z[i+2] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s[ 4] >> 4) | ((sword32)(s[ 5] << 4) |
-                                (sword32)(s[ 6] & 0x3f) << 12)));
-            z[i+3] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s[ 6] >> 6) | ((sword32)(s[ 7] << 2) |
-                                (sword32)(s[ 8]       ) << 10)));
-            z[i+4] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ( s[ 9]       | ((sword32)(s[10] << 8) |
-                                (sword32)(s[11] & 0x03) << 16)));
-            z[i+5] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s[11] >> 2) | ((sword32)(s[12] << 6) |
-                                (sword32)(s[13] & 0x0f) << 14)));
-            z[i+6] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s[13] >> 4) | ((sword32)(s[14] << 4) |
-                                (sword32)(s[15] & 0x3f) << 12)));
-            z[i+7] = (sword32)((word32)DILITHIUM_GAMMA1_17 -
-                               ((s[15] >> 6) | ((sword32)(s[16] << 2) |
-                                (sword32)(s[17]       ) << 10)));
-    #endif
-            /* Move to next place to decode from. */
-            s += DILITHIUM_GAMMA1_17_ENC_BITS;
-        }
-#endif
-    }
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-    if (bits == DILITHIUM_GAMMA1_BITS_19) {
-#if defined(WOLFSSL_DILITHIUM_NO_LARGE_CODE) || defined(WOLFSSL_DILITHIUM_SMALL)
-        /* Step 4: Get 20 bits as a number. */
-        for (i = 0; i < DILITHIUM_N; i += 4) {
-            /* 20 bits per number.
-             * 4 numbers from 10 bytes. (4 * 20 bits = 10 * 8 bits) */
-    #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 2)
-            word16 s16_0 = ((const word16*)s)[4];
-        #ifdef WC_64BIT_CPU
-            word64 s64_0 = *(const word64*)s;
-            z[i+0] = DILITHIUM_GAMMA1_19 - (  s64_0        & 0xfffff)   ;
-            z[i+1] = DILITHIUM_GAMMA1_19 - ( (s64_0 >> 20) & 0xfffff)   ;
-            z[i+2] = DILITHIUM_GAMMA1_19 - ( (s64_0 >> 40) & 0xfffff)   ;
-            z[i+3] = DILITHIUM_GAMMA1_19 - (((s64_0 >> 60) & 0xfffff)   |
-                                            ((sword32)s16_0      <<  4));
-        #else
-            word32 s32_0 = ((const word32*)s)[0];
-            word32 s32_1 = ((const word32*)s)[1];
-            z[i+0] = DILITHIUM_GAMMA1_19 - (  s32_0       & 0xfffff);
-            z[i+1] = DILITHIUM_GAMMA1_19 - (( s32_0            >> 20) |
-                                            ((s32_1 & 0x000ff) << 12));
-            z[i+2] = DILITHIUM_GAMMA1_19 - ( (s32_1 >>  8) & 0xfffff);
-            z[i+3] = DILITHIUM_GAMMA1_19 - (( s32_1            >> 28) |
-                                            ((sword32)s16_0    <<  4));
-        #endif
-    #else
-            z[i+0] = DILITHIUM_GAMMA1_19 - ( s[0]       | ((sword32)s[1] << 8) |
-                                            ((sword32)(s[2] & 0x0f) << 16));
-            z[i+1] = DILITHIUM_GAMMA1_19 - ((s[2] >> 4) | ((sword32)s[3] << 4) |
-                                            ((sword32)(s[4]       ) << 12));
-            z[i+2] = DILITHIUM_GAMMA1_19 - ( s[5]       | ((sword32)s[6] << 8) |
-                                            ((sword32)(s[7] & 0x0f) << 16));
-            z[i+3] = DILITHIUM_GAMMA1_19 - ((s[7] >> 4) | ((sword32)s[8] << 4) |
-                                            ((sword32)(s[9]       ) << 12));
-    #endif
-            /* Move to next place to decode from. */
-            s += DILITHIUM_GAMMA1_19_ENC_BITS / 2;
-        }
-#else
-        /* Step 4: Get 20 bits as a number. */
-        for (i = 0; i < DILITHIUM_N; i += 8) {
-            /* 20 bits per number.
-             * 8 numbers from 20 bytes. (8 * 20 bits = 20 * 8 bits) */
-    #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 2)
-            word16 s16_0 = ((const word16*)s)[4];
-            word16 s16_1 = ((const word16*)s)[9];
-        #ifdef WC_64BIT_CPU
-            word64 s64_0 = *(const word64*)(s+0);
-            word64 s64_1 = *(const word64*)(s+10);
-            z[i+0] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)(  s64_0        & 0xfffff))   ;
-            z[i+1] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)( (s64_0 >> 20) & 0xfffff))   ;
-            z[i+2] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)( (s64_0 >> 40) & 0xfffff))   ;
-            z[i+3] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)(((s64_0 >> 60) & 0xfffff))   |
-                      ((sword32)s16_0      <<  4));
-            z[i+4] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)(  s64_1        & 0xfffff))   ;
-            z[i+5] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)( (s64_1 >> 20) & 0xfffff))   ;
-            z[i+6] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)( (s64_1 >> 40) & 0xfffff))   ;
-            z[i+7] = DILITHIUM_GAMMA1_19 -
-                     ((sword32)(((s64_1 >> 60) & 0xfffff))   |
-                      ((sword32)s16_1      <<  4));
-        #else
-            word32 s32_0 = ((const word32*)(s+ 0))[0];
-            word32 s32_1 = ((const word32*)(s+ 0))[1];
-            word32 s32_2 = ((const word32*)(s+10))[0];
-            word32 s32_3 = ((const word32*)(s+10))[1];
-            z[i+0] = DILITHIUM_GAMMA1_19 - (  s32_0       & 0xfffff);
-            z[i+1] = DILITHIUM_GAMMA1_19 - (( s32_0            >> 20) |
-                                            ((s32_1 & 0x000ff) << 12));
-            z[i+2] = DILITHIUM_GAMMA1_19 - ( (s32_1 >>  8) & 0xfffff);
-            z[i+3] = DILITHIUM_GAMMA1_19 - (( s32_1            >> 28) |
-                                            ((sword32)s16_0    <<  4));
-            z[i+4] = DILITHIUM_GAMMA1_19 - (  s32_2       & 0xfffff);
-            z[i+5] = DILITHIUM_GAMMA1_19 - (( s32_2            >> 20) |
-                                            ((s32_3 & 0x000ff) << 12));
-            z[i+6] = DILITHIUM_GAMMA1_19 - ( (s32_3 >>  8) & 0xfffff);
-            z[i+7] = DILITHIUM_GAMMA1_19 - (( s32_3            >> 28) |
-                                            ((sword32)s16_1    <<  4));
-        #endif
-    #else
-            z[i+0] = DILITHIUM_GAMMA1_19 - ( s[ 0]       |
-                                            ((sword32)s[ 1] << 8) |
-                                            ((sword32)(s[ 2] & 0x0f) << 16));
-            z[i+1] = DILITHIUM_GAMMA1_19 - ((s[ 2] >> 4) |
-                                            ((sword32) s[ 3] << 4) |
-                                            ((sword32)(s[ 4]       ) << 12));
-            z[i+2] = DILITHIUM_GAMMA1_19 - ( s[ 5]       |
-                                            ((sword32) s[ 6] << 8) |
-                                            ((sword32)(s[ 7] & 0x0f) << 16));
-            z[i+3] = DILITHIUM_GAMMA1_19 - ((s[ 7] >> 4) |
-                                            ((sword32) s[ 8] << 4) |
-                                            ((sword32)(s[ 9]       ) << 12));
-            z[i+4] = DILITHIUM_GAMMA1_19 - ( s[10]       |
-                                            ((sword32) s[11] << 8) |
-                                            ((sword32)(s[12] & 0x0f) << 16));
-            z[i+5] = DILITHIUM_GAMMA1_19 - ((s[12] >> 4) |
-                                            ((sword32) s[13] << 4) |
-                                            ((sword32)(s[14]       ) << 12));
-            z[i+6] = DILITHIUM_GAMMA1_19 - ( s[15]       |
-                                            ((sword32) s[16] << 8) |
-                                            ((sword32)(s[17] & 0x0f) << 16));
-            z[i+7] = DILITHIUM_GAMMA1_19 - ((s[17] >> 4) |
-                                            ((sword32) s[18] << 4) |
-                                            ((sword32)(s[19]       ) << 12));
-    #endif
-            /* Move to next place to decode from. */
-            s += DILITHIUM_GAMMA1_19_ENC_BITS;
-        }
-#endif
-    }
-#endif
-}
-
-/* Decode polynomial with range -(GAMMA1-1)..GAMMA1.
- *
- * @param [in]  s     Encoded values of z.
- * @param [in]  bits  Number of bits used in encoding - GAMMA1 bits.
- * @param [out] z     Polynomial to fill.
- */
-static void dilithium_decode_gamma1(const byte* s, int bits, sword32* z)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        if (bits == DILITHIUM_GAMMA1_BITS_17) {
-            wc_mldsa_decode_gamma1_17_avx2(s, z);
-        }
-        else {
-            wc_mldsa_decode_gamma1_19_avx2(s, z);
-        }
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_decode_gamma1_c(s, bits, z);
-    }
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
-/* Decode polynomial with range -(GAMMA1-1)..GAMMA1.
- *
- * FIPS 204. 8.2: Algorithm 21 sigDecode(sigma)
- *   ...
- *   3: for i from 0 to l - 1 do
- *   4:     z[i] <- BitUnpack(xi, GAMMA1 - 1, GAMMA1)
- *   5: end for
- *   ...
- *
- * @param [in]  x  Encoded values of t0.
- * @param [in]  l  Dimensions of vector z.
- * @param [in]  bits  Number of bits used in encoding - GAMMA1 bits.
- * @param [out] z  Vector of polynomials.
- */
-static void dilithium_vec_decode_gamma1(const byte* x, byte l, int bits,
-    sword32* z)
-{
-    unsigned int i;
-
-    /* Step 3: For each polynomial of vector. */
-    for (i = 0; i < l; i++) {
-        /* Step 4: Unpack a polynomial. */
-        dilithium_decode_gamma1(x, bits, z);
-        /* Move pointers on to next polynomial. */
-        x += DILITHIUM_N / 8 * (bits + 1);
-        z += DILITHIUM_N;
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Encode w1 with range of 0..((q-1)/(2*GAMMA2)-1).
- *
- * FIPS 204. 8.2: Algorithm 22 w1Encode(w1)
- *   ...
- *   3:     w1_tilde <- w1_tilde ||
- *                      ByteToBits(SimpleBitPack(w1[i], (q-1)/(2*GAMMA2)-1))
- *   ...
- *
- * @param [in]  w1      Vector of polynomials to encode.
- * @param [in]  gamma2  Maximum value in range.
- * @param [out] w1e     Buffer to encode into.
- */
-static void dilithium_encode_w1_88_c(const sword32* w1, byte* w1e)
-{
-    unsigned int j;
-
-    /* Step 3: Encode a polynomial values 6 bits at a time. */
-    for (j = 0; j < DILITHIUM_N; j += 16) {
-        /* 6 bits per number.
-         * 16 numbers in 12 bytes. (16 * 6 bits = 12 * 8 bits) */
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 4)
-        word32* w1e32 = (word32*)w1e;
-        w1e32[0] = (word32)( w1[j+ 0]        | (w1[j+ 1] <<  6) |
-                            (w1[j+ 2] << 12) | (w1[j+ 3] << 18) |
-                            (w1[j+ 4] << 24) | (w1[j+ 5] << 30));
-        w1e32[1] = (word32)((w1[j+ 5] >>  2) | (w1[j+ 6] <<  4) |
-                            (w1[j+ 7] << 10) | (w1[j+ 8] << 16) |
-                            (w1[j+ 9] << 22) | (w1[j+10] << 28));
-        w1e32[2] = (word32)((w1[j+10] >>  4) | (w1[j+11] <<  2) |
-                            (w1[j+12] <<  8) | (w1[j+13] << 14) |
-                            (w1[j+14] << 20) | (w1[j+15] << 26));
-#else
-        w1e[ 0] = (byte)( w1[j+ 0]       | (w1[j+ 1] << 6));
-        w1e[ 1] = (byte)((w1[j+ 1] >> 2) | (w1[j+ 2] << 4));
-        w1e[ 2] = (byte)((w1[j+ 2] >> 4) | (w1[j+ 3] << 2));
-        w1e[ 3] = (byte)( w1[j+ 4]       | (w1[j+ 5] << 6));
-        w1e[ 4] = (byte)((w1[j+ 5] >> 2) | (w1[j+ 6] << 4));
-        w1e[ 5] = (byte)((w1[j+ 6] >> 4) | (w1[j+ 7] << 2));
-        w1e[ 6] = (byte)( w1[j+ 8]       | (w1[j+ 9] << 6));
-        w1e[ 7] = (byte)((w1[j+ 9] >> 2) | (w1[j+10] << 4));
-        w1e[ 8] = (byte)((w1[j+10] >> 4) | (w1[j+11] << 2));
-        w1e[ 9] = (byte)( w1[j+12]       | (w1[j+13] << 6));
-        w1e[10] = (byte)((w1[j+13] >> 2) | (w1[j+14] << 4));
-        w1e[11] = (byte)((w1[j+14] >> 4) | (w1[j+15] << 2));
-#endif
-        /* Move to next place to encode to. */
-        w1e += DILITHIUM_Q_HI_88_ENC_BITS * 2;
-    }
-}
-
-/* Encode w1 with range of 0..((q-1)/(2*GAMMA2)-1).
- *
- * @param [in]  w1      Vector of polynomials to encode.
- * @param [in]  gamma2  Maximum value in range.
- * @param [out] w1e     Buffer to encode into.
- */
-static void dilithium_encode_w1_88(const sword32* w1, byte* w1e)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_encode_w1_88_avx2(w1, w1e);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_encode_w1_88_c(w1, w1e);
-    }
-}
-#endif /* !WOLFSSL_NO_ML_DSA_44 */
-
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Encode w1 with range of 0..((q-1)/(2*GAMMA2)-1).
- *
- * FIPS 204. 8.2: Algorithm 22 w1Encode(w1)
- *   ...
- *   3:     w1_tilde <- w1_tilde ||
- *                      ByteToBits(SimpleBitPack(w1[i], (q-1)/(2*GAMMA2)-1))
- *   ...
- *
- * @param [in]  w1      Vector of polynomials to encode.
- * @param [in]  gamma2  Maximum value in range.
- * @param [out] w1e     Buffer to encode into.
- */
-static void dilithium_encode_w1_32_c(const sword32* w1, byte* w1e)
-{
-    unsigned int j;
-
-    /* Step 3: Encode a polynomial values 4 bits at a time. */
-    for (j = 0; j < DILITHIUM_N; j += 16) {
-        /* 4 bits per number.
-         * 16 numbers in 8 bytes. (16 * 4 bits = 8 * 8 bits) */
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT <= 8)
-        word32* w1e32 = (word32*)w1e;
-        w1e32[0] = (word32)((w1[j +  0] <<  0) | (w1[j +  1] <<  4) |
-                            (w1[j +  2] <<  8) | (w1[j +  3] << 12) |
-                            (w1[j +  4] << 16) | (w1[j +  5] << 20) |
-                            (w1[j +  6] << 24) | (w1[j +  7] << 28));
-        w1e32[1] = (word32)((w1[j +  8] <<  0) | (w1[j +  9] <<  4) |
-                            (w1[j + 10] <<  8) | (w1[j + 11] << 12) |
-                            (w1[j + 12] << 16) | (w1[j + 13] << 20) |
-                            (w1[j + 14] << 24) | (w1[j + 15] << 28));
-#else
-        w1e[0] = (byte)(w1[j +  0] | (w1[j +  1] << 4));
-        w1e[1] = (byte)(w1[j +  2] | (w1[j +  3] << 4));
-        w1e[2] = (byte)(w1[j +  4] | (w1[j +  5] << 4));
-        w1e[3] = (byte)(w1[j +  6] | (w1[j +  7] << 4));
-        w1e[4] = (byte)(w1[j +  8] | (w1[j +  9] << 4));
-        w1e[5] = (byte)(w1[j + 10] | (w1[j + 11] << 4));
-        w1e[6] = (byte)(w1[j + 12] | (w1[j + 13] << 4));
-        w1e[7] = (byte)(w1[j + 14] | (w1[j + 15] << 4));
-#endif
-        /* Move to next place to encode to. */
-        w1e += DILITHIUM_Q_HI_32_ENC_BITS * 2;
-    }
-}
-
-/* Encode w1 with range of 0..((q-1)/(2*GAMMA2)-1).
- *
- * @param [in]  w1      Vector of polynomials to encode.
- * @param [in]  gamma2  Maximum value in range.
- * @param [out] w1e     Buffer to encode into.
- */
-static void dilithium_encode_w1_32(const sword32* w1, byte* w1e)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_encode_w1_32_avx2(w1, w1e);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_encode_w1_32_c(w1, w1e);
-    }
-}
-#endif
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-     (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-      !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM))
-/* Encode w1 with range of 0..((q-1)/(2*GAMMA2)-1).
- *
- * FIPS 204. 8.2: Algorithm 22 w1Encode(w1)
- *   1: w1_tilde = ()
- *   2: for i form 0 to k - 1 do
- *   3:     w1_tilde <- w1_tilde ||
- *                      ByteToBits(SimpleBitPack(w1[i], (q-1)/(2*GAMMA2)-1))
- *   4: end for
- *   5: return w1_tilde
- *
- * @param [in]  w1      Vector of polynomials to encode.
- * @param [in]  k       Dimension of vector.
- * @param [in]  gamma2  Maximum value in range.
- * @param [out] w1e     Buffer to encode into.
- */
-static void dilithium_vec_encode_w1(const sword32* w1, byte k, sword32 gamma2,
-    byte* w1e)
-{
-    unsigned int i;
-
-    (void)k;
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if (gamma2 == DILITHIUM_Q_LOW_88) {
-        /* Step 2. For each polynomial of vector. */
-        for (i = 0; i < PARAMS_ML_DSA_44_K; i++) {
-            dilithium_encode_w1_88(w1, w1e);
-            /* Next polynomial. */
-            w1 += DILITHIUM_N;
-            w1e += DILITHIUM_Q_HI_88_ENC_BITS * 2 * DILITHIUM_N / 16;
-        }
-    }
-    else
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-    if (gamma2 == DILITHIUM_Q_LOW_32) {
-        /* Step 2. For each polynomial of vector. */
-        for (i = 0; i < k; i++) {
-            dilithium_encode_w1_32(w1, w1e);
-            /* Next polynomial. */
-            w1 += DILITHIUM_N;
-            w1e += DILITHIUM_Q_HI_32_ENC_BITS * 2 * DILITHIUM_N / 16;
-        }
-    }
-    else
-#endif
-    {
-    }
-}
-#endif
-
-/******************************************************************************
- * Expand operations
- ******************************************************************************/
-
-/* Generate a random polynomial by rejection.
- *
- * FIPS 204. 8.3: Algorithm 24 RejNTTPoly(rho)
- *   1: j <- 0
- *   2: c <- 0
- *   3: while j < 256 do
- *   4:    a_hat[j] <- CoeffFromThreeBytes(H128(rho)[[c]], H128(rho)[[c+1]],
- *                                         H128(rho)[[c+2]])
- *   5:    c <- c + 3
- *   6:    if a_hat[j] != falsam then
- *   7:       j <- j + 1
- *   8:    end if
- *   9: end while
- *  10: return a_hat
- *
- * FIPS 204. 8.1: Algorithm 8 CoeffFromThreeBytes(b0,b1,b2)
- *   1: if b2 > 127 then
- *   2:    b2 <- b2 - 128
- *   3. end if
- *   4. z <- 2^16.b2 + s^8.b1 + b0
- *   5. if z < q then return z
- *   6. else return falsam
- *   7. end if
- *
- * @param [in, out] shake128  SHAKE-128 object.
- * @param [in]      seed      Seed to hash to generate values.
- * @param [out]     a         Polynomial.
- * @param [in]      h         Buffer to hold hashes.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_rej_ntt_poly_ex(wc_Shake* shake128, byte* seed, sword32* a,
-    byte* h)
-{
-    int ret = 0;
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    int j = 0;
-
-#if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-    /* Reading 4 bytes for 3 so need to set 1 past for last read. */
-    h[DILITHIUM_GEN_A_BLOCK_BYTES] = 0;
-#endif
-
-    /* Initialize SHAKE-128 object for new hash. */
-    ret = wc_InitShake128(shake128, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Absorb the seed. */
-        ret = wc_Shake128_Absorb(shake128, seed, DILITHIUM_GEN_A_SEED_SZ);
-    }
-    /* Keep generating more blocks and using triplets until we have enough.
-     */
-    while ((ret == 0) && (j < DILITHIUM_N)) {
-         /* Squeeze out a block - 168 bytes = 56 values. */
-        ret = wc_Shake128_SqueezeBlocks(shake128, h, 1);
-        if (ret == 0) {
-            int c;
-            /* Use triplets until run out or have enough for polynomial. */
-            for (c = 0; c < DILITHIUM_GEN_A_BLOCK_BYTES; c += 3) {
-            #if defined(LITTLE_ENDIAN_ORDER) && \
-                (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-                /* Load 32-bit value and mask out 23 bits. */
-                sword32 t = *((sword32*)(h + c)) & 0x7fffff;
-            #else
-                /* Load 24-bit value and mask out 23 bits. */
-                sword32 t = (h[c] + ((sword32)h[c+1] << 8) +
-                             ((sword32)h[c+2] << 16)) & 0x7fffff;
-            #endif
-                /* Check if value is in valid range. */
-                if (t < DILITHIUM_Q) {
-                    /* Store value in polynomial and increment count of values.
-                     */
-                    a[j++] = t;
-                    /* Check we whether we have enough yet. */
-                    if (j == DILITHIUM_N) {
-                        break;
-                    }
-                }
-            }
-        }
-    }
-#else
-    unsigned int j = 0;
-    unsigned int c;
-
-    /* Generate enough SHAKE-128 output blocks to give high probability of
-     * being able to get 256 valid 3-byte, 23-bit values from it. */
-    ret = dilithium_squeeze128(shake128, seed, DILITHIUM_GEN_A_SEED_SZ, h,
-        DILITHIUM_GEN_A_NBLOCKS);
-    if (ret == 0) {
-    #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-        /* Reading 4 bytes for 3 so need to set 1 past for last read. */
-        h[DILITHIUM_GEN_A_BYTES] = 0;
-    #endif
-
-        /* Use the first 256 triplets and know we won't exceed required. */
-    #ifdef WOLFSSL_DILITHIUM_NO_LARGE_CODE
-        for (c = 0; c < (DILITHIUM_N - 1) * 3; c += 3) {
-        #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-            /* Load 32-bit value and mask out 23 bits. */
-            sword32 t = *((sword32*)(h + c)) & 0x7fffff;
-        #else
-            /* Load 24-bit value and mask out 23 bits. */
-            sword32 t = (h[c] + ((sword32)h[c+1] << 8) +
-                         ((sword32)h[c+2] << 16)) & 0x7fffff;
-        #endif
-            /* Check if value is in valid range. */
-            if (t < DILITHIUM_Q) {
-                /* Store value in polynomial and increment count of values. */
-                a[j++] = t;
-            }
-        }
-        /* Use the remaining triplets, checking we have enough. */
-        for (; c < DILITHIUM_GEN_A_BYTES; c += 3) {
-        #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-            /* Load 32-bit value and mask out 23 bits. */
-            sword32 t = *((sword32*)(h + c)) & 0x7fffff;
-        #else
-            /* Load 24-bit value and mask out 23 bits. */
-            sword32 t = (h[c] + ((sword32)h[c+1] << 8) +
-                         ((sword32)h[c+2] << 16)) & 0x7fffff;
-        #endif
-            /* Check if value is in valid range. */
-            if (t < DILITHIUM_Q) {
-                /* Store value in polynomial and increment count of values. */
-                a[j++] = t;
-                /* Check we whether we have enough yet. */
-                if (j == DILITHIUM_N) {
-                    break;
-                }
-            }
-        }
-    #else
-        /* Do 24 bytes at a time: 256 * 3 / 24 = 32 */
-        for (c = 0; c < DILITHIUM_N * 3; c += 24) {
-        #if defined(LITTLE_ENDIAN_ORDER) && (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-            /* Load 32-bit value and mask out 23 bits. */
-            sword32 t0 = *((sword32*)(h + c +  0)) & 0x7fffff;
-            sword32 t1 = *((sword32*)(h + c +  3)) & 0x7fffff;
-            sword32 t2 = *((sword32*)(h + c +  6)) & 0x7fffff;
-            sword32 t3 = *((sword32*)(h + c +  9)) & 0x7fffff;
-            sword32 t4 = *((sword32*)(h + c + 12)) & 0x7fffff;
-            sword32 t5 = *((sword32*)(h + c + 15)) & 0x7fffff;
-            sword32 t6 = *((sword32*)(h + c + 18)) & 0x7fffff;
-            sword32 t7 = *((sword32*)(h + c + 21)) & 0x7fffff;
-        #else
-            /* Load 24-bit value and mask out 23 bits. */
-            sword32 t0 = (h[c +  0] + ((sword32)h[c +  1] << 8) +
-                          ((sword32)h[c +  2] << 16)) & 0x7fffff;
-            sword32 t1 = (h[c +  3] + ((sword32)h[c +  4] << 8) +
-                          ((sword32)h[c +  5] << 16)) & 0x7fffff;
-            sword32 t2 = (h[c +  6] + ((sword32)h[c +  7] << 8) +
-                          ((sword32)h[c +  8] << 16)) & 0x7fffff;
-            sword32 t3 = (h[c +  9] + ((sword32)h[c + 10] << 8) +
-                          ((sword32)h[c + 11] << 16)) & 0x7fffff;
-            sword32 t4 = (h[c + 12] + ((sword32)h[c + 13] << 8) +
-                          ((sword32)h[c + 14] << 16)) & 0x7fffff;
-            sword32 t5 = (h[c + 15] + ((sword32)h[c + 16] << 8) +
-                          ((sword32)h[c + 17] << 16)) & 0x7fffff;
-            sword32 t6 = (h[c + 18] + ((sword32)h[c + 19] << 8) +
-                          ((sword32)h[c + 20] << 16)) & 0x7fffff;
-            sword32 t7 = (h[c + 21] + ((sword32)h[c + 22] << 8) +
-                          ((sword32)h[c + 23] << 16)) & 0x7fffff;
-        #endif
-            a[j] = t0;
-            j += (t0 < DILITHIUM_Q);
-            a[j] = t1;
-            j += (t1 < DILITHIUM_Q);
-            a[j] = t2;
-            j += (t2 < DILITHIUM_Q);
-            a[j] = t3;
-            j += (t3 < DILITHIUM_Q);
-            a[j] = t4;
-            j += (t4 < DILITHIUM_Q);
-            a[j] = t5;
-            j += (t5 < DILITHIUM_Q);
-            a[j] = t6;
-            j += (t6 < DILITHIUM_Q);
-            a[j] = t7;
-            j += (t7 < DILITHIUM_Q);
-        }
-        if (j < DILITHIUM_N) {
-            /* Use the remaining triplets, checking we have enough. */
-            for (; c < DILITHIUM_GEN_A_BYTES; c += 3) {
-            #if defined(LITTLE_ENDIAN_ORDER) && \
-                (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-                /* Load 32-bit value and mask out 23 bits. */
-                sword32 t = *((sword32*)(h + c)) & 0x7fffff;
-            #else
-                /* Load 24-bit value and mask out 23 bits. */
-                sword32 t = (h[c] + ((sword32)h[c+1] << 8) +
-                             ((sword32)h[c+2] << 16)) & 0x7fffff;
-            #endif
-                /* Check if value is in valid range. */
-                if (t < DILITHIUM_Q) {
-                    /* Store value in polynomial and increment count of values.
-                     */
-                    a[j++] = t;
-                    /* Check we whether we have enough yet. */
-                    if (j == DILITHIUM_N) {
-                        break;
-                    }
-                }
-            }
-        }
-    #endif
-        /* Keep generating more blocks and using triplets until we have enough.
-         */
-        while (j < DILITHIUM_N) {
-            /* Squeeze out a block - 168 bytes = 56 values. */
-            ret = wc_Shake128_SqueezeBlocks(shake128, h, 1);
-            if (ret != 0) {
-                break;
-            }
-            /* Use triplets until run out or have enough for polynomial. */
-            for (c = 0; c < DILITHIUM_GEN_A_BLOCK_BYTES; c += 3) {
-            #if defined(LITTLE_ENDIAN_ORDER) && \
-                (WOLFSSL_DILITHIUM_ALIGNMENT == 0)
-                /* Load 32-bit value and mask out 23 bits. */
-                sword32 t = *((sword32*)(h + c)) & 0x7fffff;
-            #else
-                /* Load 24-bit value and mask out 23 bits. */
-                sword32 t = (h[c] + ((sword32)h[c+1] << 8) +
-                             ((sword32)h[c+2] << 16)) & 0x7fffff;
-            #endif
-                /* Check if value is in valid range. */
-                if (t < DILITHIUM_Q) {
-                    /* Store value in polynomial and increment count of values.
-                     */
-                    a[j++] = t;
-                    /* Check we whether we have enough yet. */
-                    if (j == DILITHIUM_N) {
-                        break;
-                    }
-                }
-            }
-        }
-    }
-#endif
-
-    return ret;
-}
-
-#if (!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) && \
-     !defined(WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM)) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM)) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM))
-/* Generate a random polynomial by rejection.
- *
- * @param [in, out] shake128  SHAKE-128 object.
- * @param [in]      seed      Seed to hash to generate values.
- * @param [out]     a         Polynomial.
- * @param [in]      heap      Dynamic memory hint.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Negative on hash error.
- */
-static int dilithium_rej_ntt_poly(wc_Shake* shake128, byte* seed, sword32* a,
-    void* heap)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SMALL_STACK)
-    byte* h = NULL;
-#else
-    byte h[DILITHIUM_REJ_NTT_POLY_H_SIZE];
-#endif
-
-    (void)heap;
-
-#if defined(WOLFSSL_SMALL_STACK)
-    h = (byte*)XMALLOC(DILITHIUM_REJ_NTT_POLY_H_SIZE, heap,
-        DYNAMIC_TYPE_DILITHIUM);
-    if (h == NULL) {
-        ret = MEMORY_E;
-    }
-#endif
-
-    if (ret == 0)
-        ret = dilithium_rej_ntt_poly_ex(shake128, seed, a, h);
-
-#if defined(WOLFSSL_SMALL_STACK)
-    XFREE(h, heap, DYNAMIC_TYPE_DILITHIUM);
-#endif
-
-    return ret;
-}
-#endif
-
-#if (!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) && \
-     !defined(WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM)) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM)) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     (!defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-      defined(WC_DILITHIUM_CACHE_MATRIX_A)))
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-
-#define SHA3_128_BYTES   (WC_SHA3_128_COUNT * 8)
-/* Number of blocks to generate for matrix. */
-#define GEN_MATRIX_NBLOCKS  5
-/* Number of bytes to generate for matrix. */
-#define GEN_MATRIX_SIZE     GEN_MATRIX_NBLOCKS * SHA3_128_BYTES
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_matrix_4x4_avx2(sword32* a, byte* seed)
-{
-    int i;
-    int k;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * GEN_MATRIX_SIZE + 2];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * GEN_MATRIX_SIZE + 2, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    rand[4 * GEN_MATRIX_SIZE + 0] = 0xff;
-    rand[4 * GEN_MATRIX_SIZE + 1] = 0xff;
-
-    for (k = 0; k < 4; k++) {
-        for (l = 0; l < 4; l++) {
-            state[4*4 + l] = 0x1f0000 + (k << 8) + l;
-        }
-
-        sha3_128_blocksx4_seed_avx2(state, seed);
-        wc_mldsa_redistribute_21_rand_avx2(state,
-            rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-            rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-        for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_21_rand_avx2(state,
-                rand + i + 0 * GEN_MATRIX_SIZE, rand + i + 1 * GEN_MATRIX_SIZE,
-                rand + i + 2 * GEN_MATRIX_SIZE, rand + i + 3 * GEN_MATRIX_SIZE);
-        }
-
-        /* Sample random bytes to create a polynomial. */
-        p = rand;
-        ctr0 = wc_mldsa_rej_uniform_n_avx2(a + 0 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr1 = wc_mldsa_rej_uniform_n_avx2(a + 1 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr2 = wc_mldsa_rej_uniform_n_avx2(a + 2 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr3 = wc_mldsa_rej_uniform_n_avx2(a + 3 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-               (ctr3 < MLDSA_N)) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_21_rand_avx2(state,
-                rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-                rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-
-            p = rand;
-            ctr0 += wc_mldsa_rej_uniform_avx2(a + 0 * MLDSA_N + ctr0,
-                MLDSA_N - ctr0, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr1 += wc_mldsa_rej_uniform_avx2(a + 1 * MLDSA_N + ctr1,
-                MLDSA_N - ctr1, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr2 += wc_mldsa_rej_uniform_avx2(a + 2 * MLDSA_N + ctr2,
-                MLDSA_N - ctr2, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr3 += wc_mldsa_rej_uniform_avx2(a + 3 * MLDSA_N + ctr3,
-                MLDSA_N - ctr3, p, SHA3_128_BYTES);
-        }
-
-        a += 4 * MLDSA_N;
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_65
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_matrix_6x5_avx2(sword32* a, byte* seed)
-{
-    int i;
-    int k;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * GEN_MATRIX_SIZE + 2];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * GEN_MATRIX_SIZE + 2, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    rand[4 * GEN_MATRIX_SIZE + 0] = 0xff;
-    rand[4 * GEN_MATRIX_SIZE + 1] = 0xff;
-
-    for (k = 0; k < 6 * 5 - 2; k += 4) {
-        for (l = 0; l < 4; l++) {
-            state[4*4 + l] = 0x1f0000 + (((k + l) / 5) << 8) + ((k + l) % 5);
-        }
-
-        sha3_128_blocksx4_seed_avx2(state, seed);
-        wc_mldsa_redistribute_21_rand_avx2(state,
-            rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-            rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-        for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_21_rand_avx2(state,
-                rand + i + 0 * GEN_MATRIX_SIZE, rand + i + 1 * GEN_MATRIX_SIZE,
-                rand + i + 2 * GEN_MATRIX_SIZE, rand + i + 3 * GEN_MATRIX_SIZE);
-        }
-
-        /* Sample random bytes to create a polynomial. */
-        p = rand;
-        ctr0 = wc_mldsa_rej_uniform_n_avx2(a + 0 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr1 = wc_mldsa_rej_uniform_n_avx2(a + 1 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr2 = wc_mldsa_rej_uniform_n_avx2(a + 2 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr3 = wc_mldsa_rej_uniform_n_avx2(a + 3 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-               (ctr3 < MLDSA_N)) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_21_rand_avx2(state,
-                rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-                rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-
-            p = rand;
-            ctr0 += wc_mldsa_rej_uniform_avx2(a + 0 * MLDSA_N + ctr0,
-                MLDSA_N - ctr0, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr1 += wc_mldsa_rej_uniform_avx2(a + 1 * MLDSA_N + ctr1,
-                MLDSA_N - ctr1, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr2 += wc_mldsa_rej_uniform_avx2(a + 2 * MLDSA_N + ctr2,
-                MLDSA_N - ctr2, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr3 += wc_mldsa_rej_uniform_avx2(a + 3 * MLDSA_N + ctr3,
-                MLDSA_N - ctr3, p, SHA3_128_BYTES);
-        }
-
-        a += 4 * MLDSA_N;
-    }
-
-    for (l = 0; l < 2; l++) {
-        state[4*4 + l] = 0x1f0000 + (5 << 8) + (l + 3);
-    }
-
-    sha3_128_blocksx4_seed_avx2(state, seed);
-    wc_mldsa_redistribute_21_rand_avx2(state,
-        rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-        rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-    for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-        sha3_blocksx4_avx2(state);
-        wc_mldsa_redistribute_21_rand_avx2(state,
-            rand + i + 0 * GEN_MATRIX_SIZE, rand + i + 1 * GEN_MATRIX_SIZE,
-            rand + i + 2 * GEN_MATRIX_SIZE, rand + i + 3 * GEN_MATRIX_SIZE);
-    }
-
-    /* Sample random bytes to create a polynomial. */
-    p = rand;
-    ctr0 = wc_mldsa_rej_uniform_n_avx2(a + 0 * MLDSA_N, MLDSA_N, p,
-        GEN_MATRIX_SIZE);
-    p += GEN_MATRIX_SIZE;
-    ctr1 = wc_mldsa_rej_uniform_n_avx2(a + 1 * MLDSA_N, MLDSA_N, p,
-        GEN_MATRIX_SIZE);
-
-    /* Create more blocks if too many rejected. */
-    while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N)) {
-        sha3_blocksx4_avx2(state);
-        wc_mldsa_redistribute_21_rand_avx2(state, rand + 0 * GEN_MATRIX_SIZE,
-            rand + 1 * GEN_MATRIX_SIZE, rand + 2 * GEN_MATRIX_SIZE,
-            rand + 3 * GEN_MATRIX_SIZE);
-
-        p = rand;
-        ctr0 += wc_mldsa_rej_uniform_avx2(a + 0 * MLDSA_N + ctr0,
-            MLDSA_N - ctr0, p, SHA3_128_BYTES);
-        p += GEN_MATRIX_SIZE;
-        ctr1 += wc_mldsa_rej_uniform_avx2(a + 1 * MLDSA_N + ctr1,
-            MLDSA_N - ctr1, p, SHA3_128_BYTES);
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_87
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_matrix_8x7_avx2(sword32* a, byte* seed)
-{
-    int i;
-    int k;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * GEN_MATRIX_SIZE + 2];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * GEN_MATRIX_SIZE + 2, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    rand[4 * GEN_MATRIX_SIZE + 0] = 0xff;
-    rand[4 * GEN_MATRIX_SIZE + 1] = 0xff;
-
-    for (k = 0; k < 8 * 7; k += 4) {
-        for (l = 0; l < 4; l++) {
-            state[4*4 + l] = 0x1f0000 + (((k + l) / 7) << 8) + ((k + l) % 7);
-        }
-
-        sha3_128_blocksx4_seed_avx2(state, seed);
-        wc_mldsa_redistribute_21_rand_avx2(state,
-            rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-            rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-        for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_21_rand_avx2(state,
-                rand + i + 0 * GEN_MATRIX_SIZE, rand + i + 1 * GEN_MATRIX_SIZE,
-                rand + i + 2 * GEN_MATRIX_SIZE, rand + i + 3 * GEN_MATRIX_SIZE);
-        }
-
-        /* Sample random bytes to create a polynomial. */
-        p = rand;
-        ctr0 = wc_mldsa_rej_uniform_n_avx2(a + 0 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr1 = wc_mldsa_rej_uniform_n_avx2(a + 1 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr2 = wc_mldsa_rej_uniform_n_avx2(a + 2 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr3 = wc_mldsa_rej_uniform_n_avx2(a + 3 * MLDSA_N, MLDSA_N, p,
-            GEN_MATRIX_SIZE);
-
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-               (ctr3 < MLDSA_N)) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_21_rand_avx2(state,
-                rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-                rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-
-            p = rand;
-            ctr0 += wc_mldsa_rej_uniform_avx2(a + 0 * MLDSA_N + ctr0,
-                MLDSA_N - ctr0, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr1 += wc_mldsa_rej_uniform_avx2(a + 1 * MLDSA_N + ctr1,
-                MLDSA_N - ctr1, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr2 += wc_mldsa_rej_uniform_avx2(a + 2 * MLDSA_N + ctr2,
-                MLDSA_N - ctr2, p, SHA3_128_BYTES);
-            p += GEN_MATRIX_SIZE;
-            ctr3 += wc_mldsa_rej_uniform_avx2(a + 3 * MLDSA_N + ctr3,
-                MLDSA_N - ctr3, p, SHA3_128_BYTES);
-        }
-
-        a += 4 * MLDSA_N;
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#endif
-
-/* Expand the seed to create matrix a.
- *
- * FIPS 204. 8.3: Algorithm 26 ExpandA(rho)
- *   1: for r from 0 to k - 1 do
- *   2:     for s from 0 to l - 1 do
- *   3:         A_hat[r,s] <- RejNTTPoly(rho||IntegerToBits(s,8)||
- *                                       IntegerToBits(r,8))
- *   4:     end for
- *   5: end for
- *   6: return A_hat
- *
- * @param [in, out] shake128  SHAKE-128 object.
- * @param [in]      pub_seed  Seed to generate stream of data.
- * @param [in]      k         First dimension of matrix a.
- * @param [in]      l         Second dimension of matrix a.
- * @param [out]     a         Matrix of polynomials.
- * @param [in]      heap      Dynamic memory hint.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_expand_a_c(wc_Shake* shake128, const byte* pub_seed,
-    byte k, byte l, sword32* a, void* heap)
-{
-    int ret = 0;
-    byte r;
-    byte s;
-    byte seed[DILITHIUM_GEN_A_SEED_SZ];
-
-    /* Copy the seed into a buffer that has space for s and r. */
-    XMEMCPY(seed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-    /* Step 1: Loop over first dimension of matrix. */
-    for (r = 0; (ret == 0) && (r < k); r++) {
-        /* Put r into buffer to be hashed. */
-        seed[DILITHIUM_PUB_SEED_SZ + 1] = r;
-        /* Step 2: Loop over second dimension of matrix. */
-        for (s = 0; (ret == 0) && (s < l); s++) {
-            /* Put s into buffer to be hashed. */
-            seed[DILITHIUM_PUB_SEED_SZ + 0] = s;
-            /* Step 3: Create polynomial from hashing seed. */
-            ret = dilithium_rej_ntt_poly(shake128, seed, a, heap);
-            /* Next polynomial. */
-            a += DILITHIUM_N;
-        }
-    }
-
-    return ret;
-}
-
-/* Expand the seed to create matrix a.
- *
- * FIPS 204. 8.3: Algorithm 26 ExpandA(rho)
- *   1: for r from 0 to k - 1 do
- *   2:     for s from 0 to l - 1 do
- *   3:         A_hat[r,s] <- RejNTTPoly(rho||IntegerToBits(s,8)||
- *                                       IntegerToBits(r,8))
- *   4:     end for
- *   5: end for
- *   6: return A_hat
- *
- * @param [in, out] shake128  SHAKE-128 object.
- * @param [in]      pub_seed  Seed to generate stream of data.
- * @param [in]      k         First dimension of matrix a.
- * @param [in]      l         Second dimension of matrix a.
- * @param [out]     a         Matrix of polynomials.
- * @param [in]      heap      Dynamic memory hint.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_expand_a(wc_Shake* shake128, const byte* pub_seed,
-    byte k, byte l, sword32* a, void* heap)
-{
-    int ret;
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-    byte seed[DILITHIUM_GEN_A_SEED_SZ];
-#endif
-
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if ((k == 4) && (l == 4) && IS_INTEL_AVX2(cpuid_flags) &&
-            IS_INTEL_BMI2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        XMEMCPY(seed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-        ret = wc_mldsa_gen_matrix_4x4_avx2(a, seed);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-    if ((k == 6) && (l == 5) && IS_INTEL_AVX2(cpuid_flags) &&
-            IS_INTEL_BMI2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        XMEMCPY(seed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-        ret = wc_mldsa_gen_matrix_6x5_avx2(a, seed);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_87
-    if ((k == 8) && (l == 7) && IS_INTEL_AVX2(cpuid_flags) &&
-            IS_INTEL_BMI2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        XMEMCPY(seed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-        ret = wc_mldsa_gen_matrix_8x7_avx2(a, seed);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-#endif
-    {
-        ret = dilithium_expand_a_c(shake128, pub_seed, k, l, a, heap);
-    }
-
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-
-#if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Check random value is in valid range.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   1: if             b < 15
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 2 - unused.
- * @return  1 when value less than 9.
- * @return  0 when value greater than or equal to 9.
- */
-#define DILITHIUM_COEFF_S_VALID_ETA2(b) \
-    ((b) < DILITHIUM_ETA_2_MOD)
-
-static const signed char dilithium_coeff_eta2[] = {
-    2, 1, 0, -1, -2,
-    2, 1, 0, -1, -2,
-    2, 1, 0, -1, -2
-};
-/* Convert random value 0..15 to a value in range of -2..2.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   1:                            return 2 - (b mod 5)
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @return  Value in range of -2..2 on success.
- */
-#define DILITHIUM_COEFF_S_ETA2(b)       \
-    (dilithium_coeff_eta2[b])
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_65
-/* Check random value is in valid range.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   3:     if             b < 9
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 4 - unused.
- * @return  1 when value less than 9.
- * @return  0 when value greater than or equal to 9.
- */
-#define DILITHIUM_COEFF_S_VALID_ETA4(b) \
-    ((b) < DILITHIUM_ETA_4_MOD)
-
-/* Convert random value 0..15 to a value in range of -4..4.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   3:                               return 4 - b
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 4 - unused.
- * @return  Value in range of -4..4 on success.
- */
-#define DILITHIUM_COEFF_S_ETA4(b)       \
-    (4 - (b))
-#endif
-
-#if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_87)
-#ifndef WOLFSSL_NO_ML_DSA_65
-
-/* Check random value is in valid range.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   1: if eta = 2 and b < 15
- *   2: else
- *   3:     if eta = 4 and b < 9
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result.
- * @return  Value in range of -ETA..ETA on success.
- */
-#define DILITHIUM_COEFF_S_VALID(b, eta)                             \
-    (((eta) == DILITHIUM_ETA_2) ? DILITHIUM_COEFF_S_VALID_ETA2(b)   \
-                                : DILITHIUM_COEFF_S_VALID_ETA4(b))
-
-/* Convert random value 0..15 to a value in range of -ETA..ETA.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   1: if eta = 2            then return 2 - (b mod 5)
- *   2: else
- *   3:     if eta = 4           then return 4 - b
- *   ...
- *   6: end if
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result.
- * @return  Value in range of -ETA..ETA on success.
- */
-#define DILITHIUM_COEFF_S(b, eta)                               \
-    (((eta) == DILITHIUM_ETA_2) ? DILITHIUM_COEFF_S_ETA2(b)     \
-                                : DILITHIUM_COEFF_S_ETA4(b))
-
-#else
-
-/* Check random value is in valid range.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   1: if             b < 15
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 2 - unused.
- * @return  1 when value less than 9.
- * @return  0 when value greater than or equal to 9.
- */
-#define DILITHIUM_COEFF_S_VALID(b, eta) \
-    DILITHIUM_COEFF_S_VALID_ETA2(b)
-
-/* Convert random value 0..15 to a value in range of -2..2.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   1:                            return 2 - (b mod 5)
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 2 - unused.
- * @return  Value in range of -2..2 on success.
- */
-#define DILITHIUM_COEFF_S(b, eta)   \
-    DILITHIUM_COEFF_S_ETA2(b)
-
-#endif /*  WOLFSSL_NO_ML_DSA_65 */
-
-#else
-
-/* Check random value is in valid range.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   3:     if             b < 9
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 4 - unused.
- * @return  1 when value less than 9.
- * @return  0 when value greater than or equal to 9.
- */
-#define DILITHIUM_COEFF_S_VALID(b, eta) \
-    DILITHIUM_COEFF_S_VALID_ETA4(b)
-
-/* Convert random value 0..15 to a value in range of -4..4.
- *
- * FIPS 204. 8.1: Algorithm 9 CoeffFromHalfByte(b)
- *   3:                               return 4 - b
- *
- * @param [in] b    Random half-byte (nibble) value.
- * @param [in] eta  Range specifier of result. Will always be 4 - unused.
- * @return  Value in range of -4..4 on success.
- */
-#define DILITHIUM_COEFF_S(b, eta)   \
-    DILITHIUM_COEFF_S_ETA4(b)
-
-#endif /* !WOLFSSL_NO_ML_DSA_44 || !WOLFSSL_NO_ML_DSA_87 */
-
-/* Extract a coefficient from a nibble of z.
- *
- * Breaks out of loop when we have enough coefficients.
- *
- * @param [in] z    A random value.
- * @param [in] rs   Amount to shift right.
- * @param [in] t    Temporary result.
- * @param [in] eta  ETA value from parameters.
- * @return  Value in range -eta..eta on success.
- * @return  Falsam (0x10) when random value out of range.
- */
-#define EXTRACT_COEFF_NIBBLE_CHECK_J(z, rs, t, eta)                     \
-        (t) = (sword8)(((z) >> (rs)) & 0xf);                            \
-        /* Step 7: Check we have a valid coefficient. */                \
-        if (DILITHIUM_COEFF_S_VALID(t, eta)) {                          \
-            (t) = DILITHIUM_COEFF_S(t, eta);                            \
-            /* Step 8: Store coefficient as next polynomial value.      \
-             * Step 9: Increment count of polynomial values set. */     \
-            s[j++] = (sword32)(t);                                      \
-            if (j == DILITHIUM_N) {                                     \
-                break;                                                  \
-            }                                                           \
-        }
-
-/* Extract a coefficient from a nibble of z.
- *
- * @param [in] z    A random value.
- * @param [in] rs   Amount to shift right.
- * @param [in] t    Temporary result.
- * @param [in] eta  ETA value from parameters.
- * @return  Value in range -eta..eta on success.
- * @return  Falsam (0x10) when random value out of range.
- */
-#define EXTRACT_COEFF_NIBBLE(z, rs, t, eta)                             \
-        (t) = (sword8)(((z) >> (rs)) & 0xf);                            \
-        /* Step 7: Check we have a valid coefficient. */                \
-        if (DILITHIUM_COEFF_S_VALID(t, eta)) {                          \
-            (t) = DILITHIUM_COEFF_S(t, eta);                            \
-            /* Step 8: Store coefficient as next polynomial value.      \
-             * Step 9: Increment count of polynomial values set. */     \
-            s[j++] = (sword32)(t);                                      \
-        }
-
-
-/* Extract coefficients from hash - z.
- *
- * FIPS 204. 8.3: Algorithm 25 RejBoundedPoly(rho)
- *   2: c <- 0
- *   5:    z0 <- CoeffFromHalfByte(z mod 16, eta)
- *   6:    z1 <- CoeffFromHalfByte(lower(z / 16), eta)
- *   7:    if z0 != falsam then
- *   8:         aj <- z0
- *   9:         j <- j + 1
- *  10:    end if
- *  11:    if z1 != falsam then
- *  12:         aj <- z1
- *  13:         j <- j + 1
- *  14:    end if
- *  15:    c <- c + 1
- *
- * @param [in]      z     Hash data to extract coefficients from.
- * @param [in]      zLen  Length of z in bytes.
- * @param [in]      eta   Range specifier of each value.
- * @param [out]     s     Polynomial to fill with coefficients.
- * @param [in, out] cnt   Current count of coefficients in polynomial.
- */
-static void dilithium_extract_coeffs(const byte* z, unsigned int zLen,
-    byte eta, sword32* s, unsigned int* cnt)
-{
-#ifdef WOLFSSL_DILITHIUM_NO_LARGE_CODE
-    unsigned int j = *cnt;
-    unsigned int c;
-
-    (void)eta;
-
-    /* Extract values from the squeezed data. */
-    for (c = 0; c < zLen; c++) {
-        sword8 t;
-
-        /* Step 5: Get coefficient from bottom nibble. */
-        EXTRACT_COEFF_NIBBLE_CHECK_J(z[c], 0, t, eta);
-        /* Step 6: Get coefficient from top nibble. */
-        EXTRACT_COEFF_NIBBLE_CHECK_J(z[c], 4, t, eta);
-    }
-
-    *cnt = j;
-#else
-    unsigned int j = *cnt;
-    unsigned int c;
-    unsigned int min = (DILITHIUM_N - j) / 2;
-
-    (void)eta;
-
-#if defined(LITTLE_ENDIAN_ORDER)
-#ifdef WC_64BIT_CPU
-    min &= ~(unsigned int)7;
-    /* Extract values from the squeezed data. */
-    for (c = 0; c < min; c += 8) {
-        word64 z64 = *(word64*)(z + c);
-        sword8 t;
-
-        /* Do each nibble from lowest to highest 16 at a time. */
-        EXTRACT_COEFF_NIBBLE(z64,  0, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64,  4, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64,  8, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 12, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 16, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 20, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 24, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 28, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 32, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 36, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 40, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 44, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 48, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 52, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 56, t, eta);
-        EXTRACT_COEFF_NIBBLE(z64, 60, t, eta);
-    }
-#else
-    min &= ~(unsigned int)3;
-    /* Extract values from the squeezed data. */
-    for (c = 0; c < min; c += 4) {
-        word32 z32 = *(word32*)(z + c);
-        sword8 t;
-
-        /* Do each nibble from lowest to highest 8 at a time. */
-        EXTRACT_COEFF_NIBBLE(z32,  0, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32,  4, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32,  8, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32, 12, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32, 16, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32, 20, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32, 24, t, eta);
-        EXTRACT_COEFF_NIBBLE(z32, 28, t, eta);
-    }
-#endif
-#else
-    /* Extract values from the squeezed data. */
-    for (c = 0; c < min; c++) {
-        sword8 t;
-
-        /* Step 5: Get coefficient from bottom nibble. */
-        EXTRACT_COEFF_NIBBLE(z[c], 0, t, eta);
-        EXTRACT_COEFF_NIBBLE(z[c], 4, t, eta);
-    }
-#endif
-    if (j != DILITHIUM_N) {
-        /* Extract values from the squeezed data. */
-        for (; c < zLen; c++) {
-            sword8 t;
-
-            EXTRACT_COEFF_NIBBLE_CHECK_J(z[c], 0, t, eta);
-            EXTRACT_COEFF_NIBBLE_CHECK_J(z[c], 4, t, eta);
-        }
-    }
-
-    *cnt = j;
-#endif
-}
-
-/* Create polynomial from hashing the seed with bounded values.
- *
- * FIPS 204. 8.3: Algorithm 25 RejBoundedPoly(rho)
- *   1: j <- 0
- *      ...
- *   3: while j < 256 do
- *   4:    z <- H(rho)[[c]]
- *         ... [Extract coefficients into polynomial from z]
- *  16: end while
- *  17: return a
- *
- * @param [in, out] shake256  SHAKE-256 object.
- * @param [in]      seed      Seed, rho, to hash to generate values.
- * @param [in]      eta       Range specifier of each value.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_rej_bound_poly(wc_Shake* shake256, byte* seed, sword32* s,
-    byte eta)
-{
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    int ret;
-    unsigned int j = 0;
-    byte z[DILITHIUM_GEN_S_BLOCK_BYTES];
-
-    /* Initialize SHAKE-256 object for new hash. */
-    ret = wc_InitShake256(shake256, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        /* Absorb the seed. */
-        ret = wc_Shake256_Absorb(shake256, seed, DILITHIUM_GEN_S_SEED_SZ);
-    }
-    if (ret == 0) {
-        do {
-            /* Squeeze out another block. */
-            ret = wc_Shake256_SqueezeBlocks(shake256, z, 1);
-            if (ret != 0) {
-                break;
-            }
-            /* Extract up to the 256 valid coefficients for polynomial. */
-            dilithium_extract_coeffs(z, DILITHIUM_GEN_S_BLOCK_BYTES, eta, s,
-                &j);
-        }
-        /* Check we got enough values to fill polynomial. */
-        while (j < DILITHIUM_N);
-    }
-
-    return ret;
-#else
-    int ret;
-    unsigned int j = 0;
-    byte z[DILITHIUM_GEN_S_BYTES];
-
-    /* Absorb seed and squeeze out some blocks. */
-    ret = dilithium_squeeze256(shake256, seed, DILITHIUM_GEN_S_SEED_SZ, z,
-        DILITHIUM_GEN_S_NBLOCKS);
-    if (ret == 0) {
-        /* Extract up to 256 valid coefficients for polynomial. */
-        dilithium_extract_coeffs(z, DILITHIUM_GEN_S_BYTES, eta, s, &j);
-        /* Check we got enough values to fill polynomial. */
-        while (j < DILITHIUM_N) {
-            /* Squeeze out another block. */
-            ret = wc_Shake256_SqueezeBlocks(shake256, z, 1);
-            if (ret != 0) {
-                break;
-            }
-            /* Extract up to the 256 valid coefficients for polynomial. */
-            dilithium_extract_coeffs(z, DILITHIUM_GEN_S_BLOCK_BYTES, eta, s,
-                &j);
-        }
-    }
-
-    return ret;
-#endif
-}
-
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Vectos of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_s_4_4_avx2(sword32* s[2], byte* seed)
-{
-    int k;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * DILITHIUM_GEN_S_BLOCK_BYTES];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * DILITHIUM_GEN_S_BLOCK_BYTES, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    for (k = 0; k < 2; k++) {
-        for (l = 0; l < 4; l++) {
-            state[8*4 + l] = 0x1f0000 + (k * 4 + l);
-        }
-
-        ctr0 = 0;
-        ctr1 = 0;
-        ctr2 = 0;
-        ctr3 = 0;
-
-        sha3_256_blocksx4_seed_64_avx2(state, seed);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-
-        do {
-            p = rand;
-            if (ctr0 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, s[k] + 0 * MLDSA_N + ctr0,
-                    &ctr0);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr1 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, s[k] + 1 * MLDSA_N + ctr1,
-                    &ctr1);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr2 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, s[k] + 2 * MLDSA_N + ctr2,
-                    &ctr2);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr3 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, s[k] + 3 * MLDSA_N + ctr3,
-                    &ctr3);
-            }
-
-            if ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-                   (ctr3 < MLDSA_N)) {
-                sha3_blocksx4_avx2(state);
-                wc_mldsa_redistribute_17_rand_avx2(state,
-                    rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-            }
-        }
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-               (ctr3 < MLDSA_N));
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_65
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Vectos of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_s_5_6_avx2(sword32* s[2], byte* seed)
-{
-    int k;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * DILITHIUM_GEN_S_BLOCK_BYTES];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-    sword32* sa[3][4] = {
-        { &s[0][0 * MLDSA_N], &s[0][1 * MLDSA_N],
-          &s[0][2 * MLDSA_N], &s[0][3 * MLDSA_N] },
-        { &s[0][4 * MLDSA_N], &s[1][0 * MLDSA_N],
-          &s[1][1 * MLDSA_N], &s[1][2 * MLDSA_N] },
-        { &s[1][3 * MLDSA_N], &s[1][4 * MLDSA_N],
-          &s[1][5 * MLDSA_N], NULL               }
-    };
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * DILITHIUM_GEN_S_BLOCK_BYTES, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    for (k = 0; k < 2; k++) {
-        for (l = 0; l < 4; l++) {
-            state[8*4 + l] = 0x1f0000 + (k * 4 + l);
-        }
-
-        ctr0 = 0;
-        ctr1 = 0;
-        ctr2 = 0;
-        ctr3 = 0;
-
-        sha3_256_blocksx4_seed_64_avx2(state, seed);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-
-        do {
-            p = rand;
-            if (ctr0 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta4_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][0] + ctr0, &ctr0);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr1 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta4_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][1] + ctr1, &ctr1);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr2 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta4_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][2] + ctr2, &ctr2);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr3 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta4_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][3] + ctr3, &ctr3);
-            }
-
-            if ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-                   (ctr3 < MLDSA_N)) {
-                sha3_blocksx4_avx2(state);
-                wc_mldsa_redistribute_17_rand_avx2(state,
-                    rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-            }
-        }
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-               (ctr3 < MLDSA_N));
-    }
-
-    for (l = 0; l < 4; l++) {
-        state[8*4 + l] = 0x1f0000 + (8 + l);
-    }
-
-    ctr0 = 0;
-    ctr1 = 0;
-    ctr2 = 0;
-
-    sha3_256_blocksx4_seed_64_avx2(state, seed);
-    wc_mldsa_redistribute_17_rand_avx2(state,
-        rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-        rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-        rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-        rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-
-    do {
-        p = rand;
-        if (ctr0 < MLDSA_N) {
-            wc_mldsa_extract_coeffs_eta4_avx2(p, DILITHIUM_GEN_S_BLOCK_BYTES,
-                sa[k][0] + ctr0, &ctr0);
-        }
-        p += DILITHIUM_GEN_S_BLOCK_BYTES;
-        if (ctr1 < MLDSA_N) {
-            wc_mldsa_extract_coeffs_eta4_avx2(p, DILITHIUM_GEN_S_BLOCK_BYTES,
-                sa[k][1] + ctr1, &ctr1);
-        }
-        p += DILITHIUM_GEN_S_BLOCK_BYTES;
-        if (ctr2 < MLDSA_N) {
-            wc_mldsa_extract_coeffs_eta4_avx2(p, DILITHIUM_GEN_S_BLOCK_BYTES,
-                sa[k][2] + ctr2, &ctr2);
-        }
-
-        if ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N)) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_17_rand_avx2(state,
-                rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-        }
-    }
-    /* Create more blocks if too many rejected. */
-    while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N));
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_87
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Vectos of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_s_7_8_avx2(sword32* s[2], byte* seed)
-{
-    int k;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * DILITHIUM_GEN_S_BLOCK_BYTES];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-    sword32* sa[4][4] = {
-        { &s[0][0 * MLDSA_N], &s[0][1 * MLDSA_N],
-          &s[0][2 * MLDSA_N], &s[0][3 * MLDSA_N] },
-        { &s[0][4 * MLDSA_N], &s[0][5 * MLDSA_N],
-          &s[0][6 * MLDSA_N], &s[1][0 * MLDSA_N] },
-        { &s[1][1 * MLDSA_N], &s[1][2 * MLDSA_N],
-          &s[1][3 * MLDSA_N], &s[1][4 * MLDSA_N] },
-        { &s[1][5 * MLDSA_N], &s[1][6 * MLDSA_N],
-          &s[1][7 * MLDSA_N], NULL               }
-    };
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * DILITHIUM_GEN_S_BLOCK_BYTES, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    for (k = 0; k < 3; k++) {
-        for (l = 0; l < 4; l++) {
-            state[8*4 + l] = 0x1f0000 + (k * 4 + l);
-        }
-
-        ctr0 = 0;
-        ctr1 = 0;
-        ctr2 = 0;
-        ctr3 = 0;
-
-        sha3_256_blocksx4_seed_64_avx2(state, seed);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-            rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-
-        do {
-            p = rand;
-            if (ctr0 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][0] + ctr0, &ctr0);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr1 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][1] + ctr1, &ctr1);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr2 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][2] + ctr2, &ctr2);
-            }
-            p += DILITHIUM_GEN_S_BLOCK_BYTES;
-            if (ctr3 < MLDSA_N) {
-                wc_mldsa_extract_coeffs_eta2_avx2(p,
-                    DILITHIUM_GEN_S_BLOCK_BYTES, sa[k][3] + ctr3, &ctr3);
-            }
-
-            if ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-                   (ctr3 < MLDSA_N)) {
-                sha3_blocksx4_avx2(state);
-                wc_mldsa_redistribute_17_rand_avx2(state,
-                    rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                    rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-            }
-        }
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N) ||
-               (ctr3 < MLDSA_N));
-    }
-
-    for (l = 0; l < 4; l++) {
-        state[8*4 + l] = 0x1f0000 + (12 + l);
-    }
-
-    ctr0 = 0;
-    ctr1 = 0;
-    ctr2 = 0;
-
-    sha3_256_blocksx4_seed_64_avx2(state, seed);
-    wc_mldsa_redistribute_17_rand_avx2(state,
-        rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-        rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-        rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-        rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-
-    do {
-        p = rand;
-        if (ctr0 < MLDSA_N) {
-            wc_mldsa_extract_coeffs_eta2_avx2(p, DILITHIUM_GEN_S_BLOCK_BYTES,
-                sa[k][0] + ctr0, &ctr0);
-        }
-        p += DILITHIUM_GEN_S_BLOCK_BYTES;
-        if (ctr1 < MLDSA_N) {
-            wc_mldsa_extract_coeffs_eta2_avx2(p, DILITHIUM_GEN_S_BLOCK_BYTES,
-                sa[k][1] + ctr1, &ctr1);
-        }
-        p += DILITHIUM_GEN_S_BLOCK_BYTES;
-        if (ctr2 < MLDSA_N) {
-            wc_mldsa_extract_coeffs_eta2_avx2(p, DILITHIUM_GEN_S_BLOCK_BYTES,
-                sa[k][2] + ctr2, &ctr2);
-        }
-
-        if ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N)) {
-            sha3_blocksx4_avx2(state);
-            wc_mldsa_redistribute_17_rand_avx2(state,
-                rand + 0 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                rand + 1 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                rand + 2 * DILITHIUM_GEN_S_BLOCK_BYTES,
-                rand + 3 * DILITHIUM_GEN_S_BLOCK_BYTES);
-        }
-    }
-    /* Create more blocks if too many rejected. */
-    while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N));
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-#endif
-
-/* Expand private seed into vectors s1 and s2.
- *
- * FIPS 204. 8.3: Algorithm 27 ExpandS(rho)
- *   1: for r from 0 to l - 1 do
- *   2:     s1[r] <- RejBoundedPoly(rho||IntegerToBits(r,16))
- *   3: end for
- *   4: for r from 0 to k - 1 do
- *   5:     s2[r] <- RejBoundedPoly(rho||IntegerToBits(r + l,16))
- *   6: end for
- *   7: return (s1,s2)
- *
- * @param [in, out] shake256   SHAKE-256 object.
- * @param [in]      priv_seed  Private seed, rho, to expand.
- * @param [in]      eta        Range specifier of each value.
- * @param [out]     s1         First vector of polynomials.
- * @param [in]      s1Len      Dimension of first vector.
- * @param [out]     s2         Second vector of polynomials.
- * @param [in]      s2Len      Dimension of second vector.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_expand_s_c(wc_Shake* shake256, byte* priv_seed, byte eta,
-    sword32* s1, byte s1Len, sword32* s2, byte s2Len)
-{
-    int ret = 0;
-    byte r;
-    byte seed[DILITHIUM_GEN_S_SEED_SZ];
-
-    /* Copy the seed into a buffer that has space for r. */
-    XMEMCPY(seed, priv_seed, DILITHIUM_PRIV_SEED_SZ);
-    /* Set top 8-bits of r in buffer to 0. */
-    seed[DILITHIUM_PRIV_SEED_SZ + 1] = 0;
-    /* Step 1: Each polynomial in s1. */
-    for (r = 0; (ret == 0) && (r < s1Len); r++) {
-        /* Set bottom 8-bits of r into buffer - little endian. */
-        seed[DILITHIUM_PRIV_SEED_SZ] = r;
-
-        /* Step 2: Generate polynomial for s1. */
-        ret = dilithium_rej_bound_poly(shake256, seed, s1, eta);
-        /* Next polynomial in s1. */
-        s1 += DILITHIUM_N;
-    }
-    /* Step 4: Each polynomial in s2. */
-    for (r = 0; (ret == 0) && (r < s2Len); r++) {
-        /* Set bottom 8-bits of r + l into buffer - little endian. */
-        seed[DILITHIUM_PRIV_SEED_SZ] = r + s1Len;
-        /* Step 5: Generate polynomial for s1. */
-        ret = dilithium_rej_bound_poly(shake256, seed, s2, eta);
-        /* Next polynomial in s2. */
-        s2 += DILITHIUM_N;
-    }
-
-    return ret;
-}
-
-/* Expand private seed into vectors s1 and s2.
- *
- * @param [in, out] shake256   SHAKE-256 object.
- * @param [in]      priv_seed  Private seed, rho, to expand.
- * @param [in]      eta        Range specifier of each value.
- * @param [out]     s1         First vector of polynomials.
- * @param [in]      s1Len      Dimension of first vector.
- * @param [out]     s2         Second vector of polynomials.
- * @param [in]      s2Len      Dimension of second vector.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_expand_s(wc_Shake* shake256, byte* priv_seed, byte eta,
-    sword32* s1, byte s1Len, sword32* s2, byte s2Len)
-{
-    int ret = 0;
-
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-    #ifndef WOLFSSL_NO_ML_DSA_44
-    if ((s1Len == 4) && IS_INTEL_AVX2(cpuid_flags) &&
-        (SAVE_VECTOR_REGISTERS2() == 0))
-    {
-        sword32* s[2] = { s1, s2 };
-        ret = wc_mldsa_gen_s_4_4_avx2(s, priv_seed);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_65
-    if ((s1Len == 5) && IS_INTEL_AVX2(cpuid_flags) &&
-        (SAVE_VECTOR_REGISTERS2() == 0))
-    {
-        sword32* s[2] = { s1, s2 };
-        ret = wc_mldsa_gen_s_5_6_avx2(s, priv_seed);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_87
-    if ((s1Len == 7) && IS_INTEL_AVX2(cpuid_flags) &&
-        (SAVE_VECTOR_REGISTERS2() == 0))
-    {
-        sword32* s[2] = { s1, s2 };
-        ret = wc_mldsa_gen_s_7_8_avx2(s, priv_seed);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-    #endif
-#endif /* USE_INTEL_SPEEDUP && !WC_SHA3_NO_ASM */
-    {
-        ret = dilithium_expand_s_c(shake256, priv_seed, eta, s1, s1Len, s2,
-            s2Len);
-    }
-
-    return ret;
-}
-#endif /* !WOLFSSL_DILITHIUM_NO_MAKE_KEY */
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-#define SHA3_256_BYTES   (WC_SHA3_256_COUNT * 8)
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Vectos of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_y_4_avx2(sword32* y, byte* seed, word16 kappa)
-{
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * DILITHIUM_MAX_V];
-    word64 state[25 * 4];
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * DILITHIUM_MAX_V, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    for (l = 0; l < 4; l++) {
-        state[8*4 + l] = 0x1f0000 + (kappa + l);
-    }
-    sha3_256_blocksx4_seed_64_avx2(state, seed);
-    wc_mldsa_redistribute_17_rand_avx2(state,
-        rand + 0 * DILITHIUM_MAX_V,
-        rand + 1 * DILITHIUM_MAX_V,
-        rand + 2 * DILITHIUM_MAX_V,
-        rand + 3 * DILITHIUM_MAX_V);
-    for (l = 1; l < DILITHIUM_MAX_V_BLOCKS; l++) {
-        sha3_blocksx4_avx2(state);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 1 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 2 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 3 * DILITHIUM_MAX_V + l * SHA3_256_BYTES);
-    }
-    wc_mldsa_decode_gamma1_17_avx2(rand + 0 * DILITHIUM_MAX_V,
-        y + 0 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_17_avx2(rand + 1 * DILITHIUM_MAX_V,
-        y + 1 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_17_avx2(rand + 2 * DILITHIUM_MAX_V,
-        y + 2 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_17_avx2(rand + 3 * DILITHIUM_MAX_V,
-        y + 3 * DILITHIUM_N);
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_65
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Vectos of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_y_5_avx2(sword32* y, byte* seed, word16 kappa,
-    wc_Shake* shake256)
-{
-    int ret;
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * DILITHIUM_MAX_V];
-    word64 state[25 * 4];
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * DILITHIUM_MAX_V, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Polynomials: 0-3 */
-    for (l = 0; l < 4; l++) {
-        state[8*4 + l] = 0x1f0000 + (kappa + l);
-    }
-    sha3_256_blocksx4_seed_64_avx2(state, seed);
-    wc_mldsa_redistribute_17_rand_avx2(state,
-        rand + 0 * DILITHIUM_MAX_V,
-        rand + 1 * DILITHIUM_MAX_V,
-        rand + 2 * DILITHIUM_MAX_V,
-        rand + 3 * DILITHIUM_MAX_V);
-    for (l = 1; l < DILITHIUM_MAX_V_BLOCKS; l++) {
-        sha3_blocksx4_avx2(state);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 1 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 2 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 3 * DILITHIUM_MAX_V + l * SHA3_256_BYTES);
-    }
-    wc_mldsa_decode_gamma1_19_avx2(rand + 0 * DILITHIUM_MAX_V,
-        y + 0 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 1 * DILITHIUM_MAX_V,
-        y + 1 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 2 * DILITHIUM_MAX_V,
-        y + 2 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 3 * DILITHIUM_MAX_V,
-        y + 3 * DILITHIUM_N);
-
-    kappa += 4;
-
-    seed[DILITHIUM_PRIV_RAND_SEED_SZ + 0] = (byte)kappa;
-    seed[DILITHIUM_PRIV_RAND_SEED_SZ + 1] = (byte)(kappa >> 8);
-    ret = dilithium_squeeze256(shake256, seed, DILITHIUM_Y_SEED_SZ, rand,
-        DILITHIUM_MAX_V_BLOCKS);
-    if (ret == 0) {
-        wc_mldsa_decode_gamma1_19_avx2(rand, y + 4 * DILITHIUM_N);
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_NO_ML_DSA_87
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Vectos of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int wc_mldsa_gen_y_7_avx2(sword32* y, byte* seed, word16 kappa)
-{
-    int l;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * DILITHIUM_MAX_V];
-    word64 state[25 * 4];
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * DILITHIUM_MAX_V, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Polynomials: 0-3 */
-    for (l = 0; l < 4; l++) {
-        state[8*4 + l] = 0x1f0000 + (kappa + l);
-    }
-    sha3_256_blocksx4_seed_64_avx2(state, seed);
-    wc_mldsa_redistribute_17_rand_avx2(state,
-        rand + 0 * DILITHIUM_MAX_V,
-        rand + 1 * DILITHIUM_MAX_V,
-        rand + 2 * DILITHIUM_MAX_V,
-        rand + 3 * DILITHIUM_MAX_V);
-    for (l = 1; l < DILITHIUM_MAX_V_BLOCKS; l++) {
-        sha3_blocksx4_avx2(state);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 1 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 2 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 3 * DILITHIUM_MAX_V + l * SHA3_256_BYTES);
-    }
-    wc_mldsa_decode_gamma1_19_avx2(rand + 0 * DILITHIUM_MAX_V,
-        y + 0 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 1 * DILITHIUM_MAX_V,
-        y + 1 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 2 * DILITHIUM_MAX_V,
-        y + 2 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 3 * DILITHIUM_MAX_V,
-        y + 3 * DILITHIUM_N);
-
-    kappa += 4;
-
-    /* Polynomials: 4-7 */
-    for (l = 0; l < 3; l++) {
-        state[8*4 + l] = 0x1f0000 + (kappa + l);
-    }
-    sha3_256_blocksx4_seed_64_avx2(state, seed);
-    wc_mldsa_redistribute_17_rand_avx2(state,
-        rand + 0 * DILITHIUM_MAX_V,
-        rand + 1 * DILITHIUM_MAX_V,
-        rand + 2 * DILITHIUM_MAX_V,
-        rand + 3 * DILITHIUM_MAX_V);
-    for (l = 1; l < DILITHIUM_MAX_V_BLOCKS; l++) {
-        sha3_blocksx4_avx2(state);
-        wc_mldsa_redistribute_17_rand_avx2(state,
-            rand + 0 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 1 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 2 * DILITHIUM_MAX_V + l * SHA3_256_BYTES,
-            rand + 3 * DILITHIUM_MAX_V + l * SHA3_256_BYTES);
-    }
-    wc_mldsa_decode_gamma1_19_avx2(rand + 0 * DILITHIUM_MAX_V,
-        y + 4 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 1 * DILITHIUM_MAX_V,
-        y + 5 * DILITHIUM_N);
-    wc_mldsa_decode_gamma1_19_avx2(rand + 2 * DILITHIUM_MAX_V,
-        y + 6 * DILITHIUM_N);
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-#endif
-
-/* Expand the private random seed into vector y.
- *
- * FIPS 204. 8.3: Algorithm 28 ExpandMask(rho, mu)
- *   1: c <- 1 + bitlen(GAMMA1 - 1)
- *   2: for r from 0 to l - 1 do
- *   3:     n <- IntegerToBits(mu + r, 16)
- *   4:     v <- (H(rho||n)[[32rc]], H(rho||n)[[32rc + 1]], ...,
- *                H(rho||n)[[32rc + 32c - 1]])
- *   5:     s[r] <- BitUnpack(v, GAMMA-1, GAMMA1)
- *   6: end for
- *   7: return s
- *
- * @param [in, out] shake256     SHAKE-256 object.
- * @param [in, out] seed         Buffer containing seed to expand.
- *                               Has space for two bytes to be appended.
- * @param [in]      kappa        Base value to append to seed.
- * @param [in]      gamma1_bits  Number of bits per value.
- * @param [out]     y            Vector of polynomials.
- * @param [in]      l            Dimension of vector.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_vec_expand_mask_c(wc_Shake* shake256, byte* seed,
-    word16 kappa, byte gamma1_bits, sword32* y, byte l)
-{
-    int ret = 0;
-    byte r;
-    byte v[DILITHIUM_MAX_V];
-
-    /* Step 2: For each polynomial of vector. */
-    for (r = 0; (ret == 0) && (r < l); r++) {
-        /* Step 3: Calculate value to append to seed. */
-        word16 n = kappa + r;
-
-        /* Step 4: Append to seed and squeeze out data. */
-        seed[DILITHIUM_PRIV_RAND_SEED_SZ + 0] = (byte)n;
-        seed[DILITHIUM_PRIV_RAND_SEED_SZ + 1] = (byte)(n >> 8);
-        ret = dilithium_squeeze256(shake256, seed, DILITHIUM_Y_SEED_SZ, v,
-            DILITHIUM_MAX_V_BLOCKS);
-        if (ret == 0) {
-            /* Decode v into polynomial. */
-            dilithium_decode_gamma1(v, gamma1_bits, y);
-            /* Next polynomial. */
-            y += DILITHIUM_N;
-        }
-    }
-
-    return ret;
-}
-
-/* Expand the private random seed into vector y.
- *
- * @param [in, out] shake256     SHAKE-256 object.
- * @param [in, out] seed         Buffer containing seed to expand.
- *                               Has space for two bytes to be appended.
- * @param [in]      kappa        Base value to append to seed.
- * @param [in]      gamma1_bits  Number of bits per value.
- * @param [out]     y            Vector of polynomials.
- * @param [in]      l            Dimension of vector.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_vec_expand_mask(wc_Shake* shake256, byte* seed,
-    word16 kappa, byte gamma1_bits, sword32* y, byte l)
-{
-    int ret = 0;
-
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-    if (IS_INTEL_AVX2(cpuid_flags) && IS_INTEL_BMI2(cpuid_flags) &&
-            (SAVE_VECTOR_REGISTERS2() == 0)) {
-    #ifndef WOLFSSL_NO_ML_DSA_44
-        if (l == 4) {
-            ret = wc_mldsa_gen_y_4_avx2(y, seed, kappa);
-        }
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_65
-        if (l == 5) {
-            ret = wc_mldsa_gen_y_5_avx2(y, seed, kappa, shake256);
-        }
-    #endif
-    #ifndef WOLFSSL_NO_ML_DSA_87
-        if (l == 7) {
-            ret = wc_mldsa_gen_y_7_avx2(y, seed, kappa);
-        }
-    #endif
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        ret = dilithium_vec_expand_mask_c(shake256, seed, kappa, gamma1_bits, y,
-            l);
-    }
-
-    return ret;
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-/* Expand commit to a polynomial.
- *
- * FIPS 204. 8.3: Algorithm 23 SampleInBall(rho)
- *   1: c <- 0
- *   2: k <- 8
- *   3: for i from 256 - TAU to 255 do
- *   4:     while H(rho)[[k]] > i do
- *   5:        k <- k + 1
- *   6:     end while
- *   7:     j <- H(rho)[[k]]
- *   8:     c[i] <- c[j]
- *   9:     c[j] <- (-1)^H(rho)[i+TAU-256]
- *  10:     k <- k + 1
- *  11: end for
- *  12: return c
- *
- * @param [in]  shake256  SHAKE-256 object.
- * @param [in]  seed      Buffer containing seed to expand.
- * @param [in]  seedLen   Length of seed in bytes.
- * @param [in]  tau       Number of +/- 1s in polynomial.
- * @param [out] c         Commit polynomial.
- * @param [in]  block     Memory to use for block from key.
- * @return  0 on success.
- * @return  Negative on hash error.
- */
-static int dilithium_sample_in_ball_ex(int level, wc_Shake* shake256,
-   const byte* seed, word32 seedLen, byte tau, sword32* c, byte* block)
-{
-#ifndef USE_INTEL_SPEEDUP
-    int ret = 0;
-    byte signs[DILITHIUM_SIGN_BYTES];
-    unsigned int i;
-    /* Step 1: Initialize sign bit index. */
-    unsigned int s = 0;
-    /* Step 2: First 8 bytes are used for sign. */
-    unsigned int k = DILITHIUM_SIGN_BYTES;
-
-    /* Set polynomial to all zeros. */
-    XMEMSET(c, 0, DILITHIUM_POLY_SIZE);
-
-    /* Generate a block of data from seed. */
-#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
-    if (level >= WC_ML_DSA_DRAFT) {
-        ret = dilithium_shake256(shake256, seed, DILITHIUM_SEED_SZ, block,
-            DILITHIUM_GEN_C_BLOCK_BYTES);
-    }
-    else
-#endif
-    {
-        (void)level;
-        ret = dilithium_shake256(shake256, seed, seedLen, block,
-            DILITHIUM_GEN_C_BLOCK_BYTES);
-    }
-    if (ret == 0) {
-        /* Copy first 8 bytes of first hash block as random sign bits. */
-        XMEMCPY(signs, block, DILITHIUM_SIGN_BYTES);
-    }
-
-    /* Step 3: Put in TAU +/- 1s. */
-    for (i = DILITHIUM_N - tau; (ret == 0) && (i < DILITHIUM_N); i++) {
-        unsigned int j;
-        do {
-            /* Check whether block is exhausted. */
-            if (k == DILITHIUM_GEN_C_BLOCK_BYTES) {
-                /* Generate a new block. */
-                ret = wc_Shake256_SqueezeBlocks(shake256, block, 1);
-
-                /* Restart hash block index. */
-                k = 0;
-            }
-            /* Step 7: Get random byte from block as index.
-             * Step 5 and 10: Increment hash block index.
-             */
-            j = block[k++];
-        }
-        /* Step 4: Get another random if random index is a future swap index. */
-        while ((ret == 0) && (j > i));
-
-        /* Step 8: Move value from random index to current index. */
-        c[i] = c[j];
-        /* Step 9: Set value at random index to +/- 1. */
-        c[j] = 1 - ((((signs[s >> 3]) >> (s & 0x7)) & 0x1) << 1);
-        /* Next sign bit index. */
-        s++;
-    }
-
-    return ret;
-#else
-    int ret = 0;
-    /* SHA-3 state. */
-    word64* state = shake256->s;
-    word64 signs;
-    unsigned int i;
-    /* Step 2: First 8 bytes are used for sign. */
-    unsigned int k = DILITHIUM_SIGN_BYTES;
-
-    block = (byte*)state;
-
-    /* Set polynomial to all zeros. */
-    XMEMSET(c, 0, DILITHIUM_POLY_SIZE);
-
-    /* Generate a block of data from seed. */
-#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
-    if (level >= WC_ML_DSA_DRAFT) {
-        ret = dilithium_shake256(shake256, seed, DILITHIUM_SEED_SZ, block,
-            DILITHIUM_GEN_C_BLOCK_BYTES);
-    }
-    else
-#endif
-    {
-        (void)level;
-        ret = dilithium_shake256(shake256, seed, seedLen, block,
-            DILITHIUM_GEN_C_BLOCK_BYTES);
-    }
-    if (ret == 0) {
-        /* Step 1: Initialize sign bit index. */
-        /* Copy first 8 bytes of first hash block as random sign bits. */
-        signs = *(word64*)block;
-
-        /* Step 3: Put in TAU +/- 1s. */
-        for (i = DILITHIUM_N - tau; i < DILITHIUM_N; i++) {
-            unsigned int j;
-            do {
-                /* Check whether block is exhausted. */
-                if (k == DILITHIUM_GEN_C_BLOCK_BYTES) {
-                    /* Generate a new block. */
-#ifndef WC_SHA3_NO_ASM
-                    if (IS_INTEL_AVX2(cpuid_flags) &&
-                             (SAVE_VECTOR_REGISTERS2() == 0)) {
-                        sha3_block_avx2(state);
-                        RESTORE_VECTOR_REGISTERS();
-                    }
-                    else if (IS_INTEL_BMI2(cpuid_flags)) {
-                        sha3_block_bmi2(state);
-                    }
-                    else
-#endif
-                    {
-                        BlockSha3(state);
-                    }
-
-                    /* Restart hash block index. */
-                    k = 0;
-                }
-                /* Step 7: Get random byte from block as index.
-                 * Step 5 and 10: Increment hash block index.
-                 */
-                j = block[k++];
-            }
-            /* Step 4: Get another random if random index is a future swap
-             * index. */
-            while (j > i);
-
-            /* Step 8: Move value from random index to current index. */
-            c[i] = c[j];
-            /* Step 9: Set value at random index to +/- 1. */
-            c[j] = (sword32)1 - (sword32)((sword32)(signs & 0x1) << 1);
-            /* Next sign bit index. */
-            signs >>= 1;
-        }
-    }
-
-    return ret;
-#endif
-}
-
-#if (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM)) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM))
-/* Expand commit to a polynomial.
- *
- * @param [in]  shake256  SHAKE-256 object.
- * @param [in]  seed      Buffer containing seed to expand.
- * @param [in]  seedLen   Length of seed in bytes.
- * @param [in]  tau       Number of +/- 1s in polynomial.
- * @param [out] c         Commit polynomial.
- * @param [in]  heap      Dynamic memory hint.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Negative on hash error.
- */
-static int dilithium_sample_in_ball(int level, wc_Shake* shake256,
-   const byte* seed, word32 seedLen, byte tau, sword32* c, void* heap)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SMALL_STACK)
-    byte* block = NULL;
-#else
-    byte block[DILITHIUM_GEN_C_BLOCK_BYTES];
-#endif
-
-    (void)heap;
-
-#if defined(WOLFSSL_SMALL_STACK)
-    block = (byte*)XMALLOC(DILITHIUM_GEN_C_BLOCK_BYTES, heap,
-        DYNAMIC_TYPE_DILITHIUM);
-    if (block == NULL) {
-        ret = MEMORY_E;
-    }
-#endif
-
-    if (ret == 0) {
-        ret = dilithium_sample_in_ball_ex(level, shake256, seed, seedLen, tau,
-            c, block);
-    }
-
-#if defined(WOLFSSL_SMALL_STACK)
-    XFREE(block, heap, DYNAMIC_TYPE_DILITHIUM);
-#endif
-    return ret;
-}
-#endif
-
-#endif
-
-/******************************************************************************
- * Decompose operations
- ******************************************************************************/
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Decompose value into high and low based on GAMMA2 being ((q-1) / 88).
- *
- * FIPS 204. 8.4: Algorithm 30 Decompose(r)
- *   1: r+ <- r mod q
- *   2: r0 <- r+ mod+/- (2 * GAMMA2)
- *   3: if r+ - r0 = q - 1 then
- *   4:     r1 <- 0
- *   5:     r0 <- r0 - 1
- *   6: else r1 <- (r+ - r0) / (2 * GAMMA2)
- *   7: end if
- *   8: return (r1, r0)
- *
- * DILITHIUM_Q_LOW_88_2 = 0x2e800 = 0b101110100000000000
- * t1 * DILITHIUM_Q_LOW_88_2 = (t1 << 18) - (t1 << 16) - (t1 << 12) - (t1 << 11)
- *                           = ((93 * t1) << 11)
- * Nothing faster than straight multiply.
- *
- * Implementation using Barrett Reduction.
- *
- * @param [in]  r   Value to decompose.
- * @param [out] r0  Low bits.
- * @param [out] r1  High bits.
- */
-static void dilithium_decompose_q88(sword32 r, sword32* r0, sword32* r1)
-{
-    sword32 t0;
-    sword32 t1;
-#ifdef DILITHIUM_MUL_SLOW
-    sword32 t2;
-#endif
-
-    /* Roundup r and calculate approx high value. */
-#if !defined(DILITHIUM_MUL_44_SLOW)
-    t1 = ((r * 44) + ((DILITHIUM_Q_LOW_88 - 1) * 44)) >> 23;
-#elif !defined(DILITHIUM_MUL_11_SLOW)
-    t1 = ((r * 11) + ((DILITHIUM_Q_LOW_88 - 1) * 11)) >> 21;
-#else
-    t0 = r + DILITHIUM_Q_LOW_88 - 1;
-    t1 = ((t0 << 3) + (t0 << 1) + t0) >> 21;
-#endif
-    /* Calculate approx low value. */
-    t0 = r - (t1 * DILITHIUM_Q_LOW_88_2);
-#ifndef DILITHIUM_MUL_SLOW
-    /* Calculate real high value, When t0 > modulus, +1 to approx high value. */
-    t1 += ((word32)(DILITHIUM_Q_LOW_88 - t0)) >> 31;
-    /* Calculate real low value. */
-    t0 = r - (t1 * DILITHIUM_Q_LOW_88_2);
-#else
-    /* Calculate real high value, When t0 > modulus, +1 to approx high value. */
-    t2 = ((word32)(DILITHIUM_Q_LOW_88 - t0)) >> 31;
-    t1 += t2;
-    /* Calculate real low value. */
-    t0 -= (0 - t2) & DILITHIUM_Q_LOW_88_2;
-#endif
-    /* -1 from low value if high value is 44. Was 43 but low is negative. */
-    t0 -= ((word32)(43 - t1)) >> 31;
-    /* When high value is 44, too large, set to 0. */
-    t1 &= 0 - (((word32)(t1 - 44)) >> 31);
-
-    *r0 = t0;
-    *r1 = t1;
-}
-#endif
-
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Decompose value into high and low based on GAMMA2 being ((q-1) / 32).
- *
- * FIPS 204. 8.4: Algorithm 30 Decompose(r)
- *   1: r+ <- r mod q
- *   2: r0 <- r+ mod+/- (2 * GAMMA2)
- *   3: if r+ - r0 = q - 1 then
- *   4:     r1 <- 0
- *   5:     r0 <- r0 - 1
- *   6: else r1 <- (r+ - r0) / (2 * GAMMA2)
- *   7: end if
- *   8: return (r1, r0)
- *
- * DILITHIUM_Q_LOW_32_2 = 0x7fe00 = 0b1111111111000000000
- * t1 * DILITHIUM_Q_LOW_32_2 = (t1 << 19) - (t1 << 9)
- *
- * Implementation using Barrett Reduction.
- *
- * @param [in]  r   Value to decompose.
- * @param [out] r0  Low bits.
- * @param [out] r1  High bits.
- */
-static void dilithium_decompose_q32(sword32 r, sword32* r0, sword32* r1)
-{
-    sword32 t0;
-    sword32 t1;
-
-    /* Roundup r and calculate approx high value. */
-    t1 = (r + DILITHIUM_Q_LOW_32 - 1) >> 19;
-    /* Calculate approx low value. */
-    t0 = r - (t1 << 19) + (t1 << 9);
-    /* Calculate real high value, When t0 > modulus, +1 to approx high value. */
-    t1 += ((word32)(DILITHIUM_Q_LOW_32 - t0)) >> 31;
-    /* Calculate real low value. */
-    t0 = r - (t1 << 19) + (t1 << 9);
-    /* -1 from low value if high value is 16. Was 15 but low is negative. */
-    t0 -= t1 >> 4;
-    /* When high value is 16, too large, set to 0. */
-    t1 &= 0xf;
-
-    *r0 = t0;
-    *r1 = t1;
-}
-#endif
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-
-#if !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-    defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A)
-/* Decompose vector of polynomials into high and low based on GAMMA2.
- *
- * @param [in]  r       Vector of polynomials to decompose.
- * @param [in]  k       Dimension of vector.
- * @param [in]  gamma2  Low-order rounding range, GAMMA2.
- * @param [out] r0      Low parts in vector of polynomials.
- * @param [out] r1      High parts in vector of polynomials.
- */
-static void dilithium_vec_decompose_c(const sword32* r, byte k, sword32 gamma2,
-    sword32* r0, sword32* r1)
-{
-    unsigned int i;
-    unsigned int j;
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if (gamma2 == DILITHIUM_Q_LOW_88) {
-        /* For each polynomial of vector. */
-        for (i = 0; i < k; i++) {
-            /* For each value of polynomial. */
-            for (j = 0; j < DILITHIUM_N; j++) {
-                /* Decompose value into two vectors. */
-                dilithium_decompose_q88(r[j], &r0[j], &r1[j]);
-            }
-            /* Next polynomial of vectors. */
-            r += DILITHIUM_N;
-            r0 += DILITHIUM_N;
-            r1 += DILITHIUM_N;
-        }
-    }
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-    if (gamma2 == DILITHIUM_Q_LOW_32) {
-        /* For each polynomial of vector. */
-        for (i = 0; i < k; i++) {
-            /* For each value of polynomial. */
-            for (j = 0; j < DILITHIUM_N; j++) {
-                /* Decompose value into two vectors. */
-                dilithium_decompose_q32(r[j], &r0[j], &r1[j]);
-            }
-            /* Next polynomial of vectors. */
-            r += DILITHIUM_N;
-            r0 += DILITHIUM_N;
-            r1 += DILITHIUM_N;
-        }
-    }
-#endif
-}
-
-/* Decompose vector of polynomials into high and low based on GAMMA2.
- *
- * @param [in]  r       Vector of polynomials to decompose.
- * @param [in]  k       Dimension of vector.
- * @param [in]  gamma2  Low-order rounding range, GAMMA2.
- * @param [out] r0      Low parts in vector of polynomials.
- * @param [out] r1      High parts in vector of polynomials.
- */
-static void dilithium_vec_decompose(const sword32* r, byte k, sword32 gamma2,
-    sword32* r0, sword32* r1)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-    #ifndef WOLFSSL_NO_ML_DSA_44
-        if (gamma2 == DILITHIUM_Q_LOW_88) {
-            wc_mldsa_decompose_q88_avx2(r, r0, r1);
-        }
-    #endif
-    #if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-        if (gamma2 == DILITHIUM_Q_LOW_32) {
-            wc_mldsa_decompose_q32_avx2(r, k, r0, r1);
-        }
-    #endif
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_vec_decompose_c(r, k, gamma2, r0, r1);
-    }
-}
-#endif
-
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */
-
-/******************************************************************************
- * Range check operation
- ******************************************************************************/
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-/* Check that the values of the polynomial are in range.
- *
- * Many places in FIPS 204. One example from Algorithm 2:
- *   23:    if ||z||inf >= GAMMA1 - BETA or ..., then (z, h) = falsam
- *
- * @param [in] a   Polynomial.
- * @param [in] hi  Largest value in range.
- */
-static int dilithium_check_low(const sword32* a, sword32 hi)
-{
-    int ret = 1;
-    unsigned int j;
-    /* Calculate lowest range value. */
-    sword32 nhi = -hi;
-
-    /* For each value of polynomial. */
-    for (j = 0; j < DILITHIUM_N; j++) {
-        /* Check range is -(hi-1)..(hi-1). */
-        if ((a[j] <= nhi) || (a[j] >= hi)) {
-            /* Check failed. */
-            ret = 0;
-            break;
-        }
-    }
-
-    return ret;
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_VERIFY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM))
-/* Check that the values of the vector are in range.
- *
- * Many places in FIPS 204. One example from Algorithm 2:
- *   23:    if ||z||inf >= GAMMA1 - BETA or ..., then (z, h) = falsam
- *
- * @param [in] a   Vector of polynomials.
- * @param [in] l   Dimension of vector.
- * @param [in] hi  Largest value in range.
- */
-static int dilithium_vec_check_low_c(const sword32* a, byte l, sword32 hi)
-{
-    int ret = 1;
-    unsigned int i;
-
-    /* For each polynomial of vector. */
-    for (i = 0; (ret == 1) && (i < l); i++) {
-        ret = dilithium_check_low(a, hi);
-        if (ret == 0) {
-            break;
-        }
-        /* Next polynomial. */
-        a += DILITHIUM_N;
-    }
-
-    return ret;
-}
-#endif
-
-/* Check that the values of the vector are in range.
- *
- * @param [in] a   Vector of polynomials.
- * @param [in] l   Dimension of vector.
- * @param [in] hi  Largest value in range.
- */
-static int dilithium_vec_check_low(const sword32* a, byte l, sword32 hi)
-{
-    int ret;
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        ret = wc_mldsa_vec_check_low_avx2(a, l, hi);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        ret = dilithium_vec_check_low_c(a, l, hi);
-    }
-
-    return ret;
-}
-#endif
-
-/******************************************************************************
- * Hint operations
- ******************************************************************************/
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Compute hints indicating whether adding ct0 to w alters high bits of w.
- *
- * FIPS 204. 6: Algorithm 2 ML-DSA.Sign(sk, M)
- *   ...
- *  26: h <- MakeHint(-<<ct0>>, w - <<sc2>> + <<ct0>>)
- *  27: if ... or the number of 1's in h is greater than OMEGA, then
- *      (z, h) <- falsam
- *   ...
- *  32: sigma <- sigEncode(c_tilda, z mod+/- q, h)
- *   ...
- *
- * FIPS 204. 8.4: Algorithm 33 MakeHint(z, r)
- *   1: r1 <- HighBits(r)
- *   2: v1 <- HightBits(r+z)
- *   3: return [[r1 != v1]]
- *
- * FIPS 204. 8.2: Algorithm 20 sigEncode(c_tilde, z, h)
- *   ...
- *   5: sigma <- sigma || HintBitPack(h)
- *   ...
- *
- * FIPS 204. 8.1: Algorithm 14 HintBitPack(h)
- *   ...
- *   4:     for j from 0 to 255 do
- *   5:         if h[i]j != 0 then
- *   6:             y[Index] <- j
- *   7:             Index <- Index + 1
- *   8:         end if
- *   9:     end for
- *   ...
- *
- * @param [in]      s       Vector of polynomials that is sum of ct0 and w0.
- * @param [in]      w1      Vector of polynomials that is high part of w.
- * @param [out]     h       Encoded hints.
- * @param [in, out] idxp    Index to write next hint into.
- * return  Number of hints on success.
- * return  Falsam of -1 when too many hints.
- */
-static int dilithium_make_hint_88(const sword32* s, const sword32* w1, byte* h,
-    byte *idxp)
-{
-    unsigned int j;
-    byte idx = *idxp;
-
-    /* Alg 14, Step 3: For each value of polynomial. */
-    for (j = 0; j < DILITHIUM_N; j++) {
-        /* Alg 14, Step 4: Check whether hint is required.
-         * Did sum end up greater than low modulus or
-         * sum end up less than the negative of low modulus or
-         * sum is the negative of the low modulus and w1 is not zero,
-         * then w1 will be modified.
-         */
-        if ((s[j] > (sword32)DILITHIUM_Q_LOW_88) ||
-                (s[j] < -(sword32)DILITHIUM_Q_LOW_88) ||
-                ((s[j] == -(sword32)DILITHIUM_Q_LOW_88) &&
-                 (w1[j] != 0))) {
-            /* Alg 14, Step 6, 7: Put index as hint modifier. */
-            h[idx++] = (byte)j;
-            /* Alg 2, Step 27: If there are too many hints, return
-             *                 falsam of -1. */
-            if (idx > PARAMS_ML_DSA_44_OMEGA) {
-                return -1;
-            }
-        }
-    }
-
-    *idxp = idx;
-    return 0;
-}
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Compute hints indicating whether adding ct0 to w alters high bits of w.
- *
- * FIPS 204. 6: Algorithm 2 ML-DSA.Sign(sk, M)
- *   ...
- *  26: h <- MakeHint(-<<ct0>>, w - <<sc2>> + <<ct0>>)
- *  27: if ... or the number of 1's in h is greater than OMEGA, then
- *      (z, h) <- falsam
- *   ...
- *  32: sigma <- sigEncode(c_tilda, z mod+/- q, h)
- *   ...
- *
- * FIPS 204. 8.4: Algorithm 33 MakeHint(z, r)
- *   1: r1 <- HighBits(r)
- *   2: v1 <- HightBits(r+z)
- *   3: return [[r1 != v1]]
- *
- * FIPS 204. 8.2: Algorithm 20 sigEncode(c_tilde, z, h)
- *   ...
- *   5: sigma <- sigma || HintBitPack(h)
- *   ...
- *
- * FIPS 204. 8.1: Algorithm 14 HintBitPack(h)
- *   ...
- *   4:     for j from 0 to 255 do
- *   5:         if h[i]j != 0 then
- *   6:             y[Index] <- j
- *   7:             Index <- Index + 1
- *   8:         end if
- *   9:     end for
- *   ...
- *
- * @param [in]      s       Vector of polynomials that is sum of ct0 and w0.
- * @param [in]      w1      Vector of polynomials that is high part of w.
- * @param [in]      omega   Maximum number of hints allowed.
- * @param [out]     h       Encoded hints.
- * @param [in, out] idxp    Index to write next hint into.
- * return  Number of hints on success.
- * return  Falsam of -1 when too many hints.
- */
-static int dilithium_make_hint_32(const sword32* s, const sword32* w1,
-    byte omega, byte* h, byte *idxp)
-{
-    unsigned int j;
-    byte idx = *idxp;
-
-    (void)omega;
-
-    /* Alg 14, Step 3: For each value of polynomial. */
-    for (j = 0; j < DILITHIUM_N; j++) {
-        /* Alg 14, Step 4: Check whether hint is required.
-         * Did sum end up greater than low modulus or
-         * sum end up less than the negative of low modulus or
-         * sum is the negative of the low modulus and w1 is not zero,
-         * then w1 will be modified.
-         */
-        if ((s[j] > (sword32)DILITHIUM_Q_LOW_32) ||
-                (s[j] < -(sword32)DILITHIUM_Q_LOW_32) ||
-                ((s[j] == -(sword32)DILITHIUM_Q_LOW_32) &&
-                 (w1[j] != 0))) {
-            /* Alg 14, Step 6, 7: Put index as hint modifier. */
-            h[idx++] = (byte)j;
-            /* Alg 2, Step 27: If there are too many hints, return
-             *                 falsam of -1. */
-            if (idx > omega) {
-                return -1;
-            }
-        }
-    }
-
-    *idxp = idx;
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM
-/* Compute hints indicating whether adding ct0 to w alters high bits of w.
- *
- * FIPS 204. 6: Algorithm 2 ML-DSA.Sign(sk, M)
- *   ...
- *  26: h <- MakeHint(-<<ct0>>, w - <<sc2>> + <<ct0>>)
- *  27: if ... or the number of 1's in h is greater than OMEGA, then
- *      (z, h) <- falsam
- *   ...
- *  32: sigma <- sigEncode(c_tilda, z mod+/- q, h)
- *   ...
- *
- * FIPS 204. 8.4: Algorithm 33 MakeHint(z, r)
- *   1: r1 <- HighBits(r)
- *   2: v1 <- HightBits(r+z)
- *   3: return [[r1 != v1]]
- *
- * FIPS 204. 8.2: Algorithm 20 sigEncode(c_tilde, z, h)
- *   ...
- *   5: sigma <- sigma || HintBitPack(h)
- *   ...
- *
- * FIPS 204. 8.1: Algorithm 14 HintBitPack(h)
- *   ...
- *   2: Index <- 0
- *   3. for i from 0 to k - 1 do
- *   4:     for j from 0 to 255 do
- *   5:         if h[i]j != 0 then
- *   6:             y[Index] <- j
- *   7:             Index <- Index + 1
- *   8:         end if
- *   9:     end for
- *  10:     y[OMEGA + i] <- Index
- *  11: end for
- *  12: return y
- *
- * @param [in]  s       Vector of polynomials that is sum of ct0 and w0.
- * @param [in]  w1      Vector of polynomials that is high part of w.
- * @param [in]  k       Dimension of vectors.
- * @param [in]  gamma2  Low-order rounding range, GAMMA2.
- * @param [in]  omega   Maximum number of hints allowed.
- * @param [out] h       Encoded hints.
- * return  Number of hints on success.
- * return  Falsam of -1 when too many hints.
- */
-static int dilithium_make_hint(const sword32* s, const sword32* w1, byte k,
-    sword32 gamma2, byte omega, byte* h)
-{
-    unsigned int i;
-    byte idx = 0;
-
-    (void)k;
-    (void)omega;
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if (gamma2 == DILITHIUM_Q_LOW_88) {
-        /* Alg 14, Step 2: For each polynomial of vector. */
-        for (i = 0; i < PARAMS_ML_DSA_44_K; i++) {
-            if (dilithium_make_hint_88(s, w1, h, &idx) == -1) {
-                return -1;
-            }
-            /* Alg 14, Step 10: Store count of hints for polynomial at end of
-             *                  list. */
-            h[PARAMS_ML_DSA_44_OMEGA + i] = idx;
-            /* Next polynomial. */
-            s  += DILITHIUM_N;
-            w1 += DILITHIUM_N;
-        }
-    }
-    else
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-    if (gamma2 == DILITHIUM_Q_LOW_32) {
-        /* Alg 14, Step 2: For each polynomial of vector. */
-        for (i = 0; i < k; i++) {
-            if (dilithium_make_hint_32(s, w1, omega, h, &idx) == -1) {
-                return -1;
-            }
-            /* Alg 14, Step 10: Store count of hints for polynomial at end of
-             *                  list. */
-            h[omega + i] = idx;
-            /* Next polynomial. */
-            s  += DILITHIUM_N;
-            w1 += DILITHIUM_N;
-        }
-    }
-    else
-#endif
-    {
-    }
-
-    /* Set remaining hints to zero. */
-    XMEMSET(h + idx, 0, omega - idx);
-    return idx;
-}
-#endif /* !WOLFSSL_DILITHIUM_SIGN_SMALL_MEM */
-
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */
-
-#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
-/* Check that the hints are valid.
- *
- * @param [in] h      Hints to check
- * @param [in] k      Dimension of vector.
- * @param [in] omega  Maximum number of hints. Hint counts after this index.
- * @return  0 when hints valid.
- * @return  SIG_VERIFY_E when hints invalid.
- */
-static int dilithium_check_hint(const byte* h, byte k, byte omega)
-{
-    int ret = 0;
-    unsigned int o = 0;
-    unsigned int i;
-
-    /* Skip polynomial index while count is 0. */
-    while ((o < k) && (h[omega + o] == 0)) {
-        o++;
-    }
-    /* Check all possible hints. */
-    for (i = 1; (o < k) && (i < omega); i++) {
-        /* Done with polynomial if index equals count of hints. */
-        if (i == h[omega + o]) {
-            /* Next polynomial index while count is index. */
-            do {
-                o++;
-            }
-            while ((o < k) && (i == h[omega + o]));
-            /* Stop if hints for all polynomials checked. */
-            if (o == k) {
-                break;
-            }
-        }
-        /* Ensure the last hint is less than the current hint. */
-        else if (h[i - 1] >= h[i]) {
-            ret = SIG_VERIFY_E;
-            break;
-        }
-    }
-    if (ret == 0) {
-        /* Use up any sizes that are the last element. */
-        while ((o < k) && (i == h[omega + o])) {
-            o++;
-        }
-        /* Ensure all sizes were used. */
-        if (o != k) {
-            ret = SIG_VERIFY_E;
-        }
-    }
-    /* Check remaining hints are 0. */
-    for (; (ret == 0) && (i < omega); i++) {
-        if (h[i] != 0) {
-           ret = SIG_VERIFY_E;
-        }
-    }
-
-    return ret;
-}
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-/* Use hints to modify w1.
- *
- * FIPS 204. 8.4: Algorithm 34 UseHint(h, r)
- *   1: m <- (q - 1) / (2 * GAMMA2)
- *   2: (r1, r0) <- Decompose(r)
- *   3: if h == 1 and r0 > 0 return (r1 + 1) mod m
- *   4: if h == 1 and r0 <= 0 return (r1 - 1) mod m
- *   5: return r1
- *
- * @param [in, out] w1  Vector of polynomials needing hints applied to.
- * @param [in]      h   Hints to apply. In signature encoding.
- * @param [in]      i   Dimension index.
- * @param [in, out] op  Pointer to current offset into hints.
- */
-static void dilithium_use_hint_88(sword32* w1, const byte* h, unsigned int i,
-    byte* op)
-{
-    byte o = *op;
-    unsigned int j;
-
-    /* For each value of polynomial. */
-    for (j = 0; j < DILITHIUM_N; j++) {
-        sword32 r;
-        sword32 r0;
-        sword32 r1;
-#ifdef DILITHIUM_USE_HINT_CT
-        /* Hint is 1 when index is next in hint list. */
-        sword32 hint = ((o < h[PARAMS_ML_DSA_44_OMEGA + i]) &
-                        (h[o] == (byte)j));
-
-        /* Increment hint offset if this index has hint. */
-        o += hint;
-        /* Convert value to positive only range. */
-        r = w1[j] + ((0 - (((word32)w1[j]) >> 31)) & DILITHIUM_Q);
-        /* Decompose value into low and high parts. */
-        dilithium_decompose_q88(r, &r0, &r1);
-        /* Make hint positive or negative based on sign of r0. */
-        hint = (1 - (2 * (((word32)r0) >> 31))) & (0 - hint);
-        /* Make w1 only the top part plus the hint. */
-        w1[j] = r1 + hint;
-
-        /* Fix up w1 to not be 44 but 0. */
-        w1[j] &= (sword32)(0 - (((word32)(w1[j] - 44)) >> 31));
-        /* Hint may have reduced 0 to -1 which is actually 43. */
-        w1[j] += (sword32)((0 - (((word32)w1[j]) >> 31)) & 44);
-#else
-        /* Convert value to positive only range. */
-        r = w1[j] + (sword32)((0 - (((word32)w1[j]) >> 31)) & DILITHIUM_Q);
-        /* Decompose value into low and high parts. */
-        dilithium_decompose_q88(r, &r0, &r1);
-        /* Check for hint. */
-        if ((o < h[PARAMS_ML_DSA_44_OMEGA + i]) && (h[o] == (byte)j)) {
-            /* Add or subtract hint based on sign of r0. */
-            r1 += 1 - (2 * (((word32)r0) >> 31));
-            /* Go to next hint offset. */
-            o++;
-        }
-        /* Fix up w1 to not be 44 but 0. */
-        r1 &= 0 - (((word32)(r1 - 44)) >> 31);
-        /* Hint may have reduced 0 to -1 which is actually 43. */
-        r1 += (0 - (((word32)r1) >> 31)) & 44;
-        /* Make w1 only the top part plus any hint. */
-        w1[j] = r1;
-#endif
-    }
-    *op = o;
-}
-#endif /* !WOLFSSL_NO_ML_DSA_44 */
-
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-/* Use hints to modify w1.
- *
- * FIPS 204. 8.4: Algorithm 34 UseHint(h, r)
- *   1: m <- (q - 1) / (2 * GAMMA2)
- *   2: (r1, r0) <- Decompose(r)
- *   3: if h == 1 and r0 > 0 return (r1 + 1) mod m
- *   4: if h == 1 and r0 <= 0 return (r1 - 1) mod m
- *   5: return r1
- *
- * @param [in, out] w1     Vector of polynomials needing hints applied to.
- * @param [in]      h      Hints to apply. In signature encoding.
- * @param [in]      omega  Max number of hints. Hint counts after this index.
- * @param [in]      i      Dimension index.
- * @param [in, out] op     Pointer to current offset into hints.
- */
-static void dilithium_use_hint_32(sword32* w1, const byte* h, byte omega,
-    unsigned int i, byte* op)
-{
-    byte o = *op;
-    unsigned int j;
-
-    /* For each value of polynomial. */
-    for (j = 0; j < DILITHIUM_N; j++) {
-        sword32 r;
-        sword32 r0;
-        sword32 r1;
-#ifdef DILITHIUM_USE_HINT_CT
-        /* Hint is 1 when index is next in hint list. */
-        sword32 hint = ((o < h[omega + i]) & (h[o] == (byte)j));
-
-        /* Increment hint offset if this index has hint. */
-        o += hint;
-        /* Convert value to positive only range. */
-        r = w1[j] + (sword32)((0 - (((word32)w1[j]) >> 31)) & DILITHIUM_Q);
-        /* Decompose value into low and high parts. */
-        dilithium_decompose_q32(r, &r0, &r1);
-        /* Make hint positive or negative based on sign of r0. */
-        hint = (sword32)((1 - (2 * (((word32)r0) >> 31))) & (0 - hint));
-        /* Make w1 only the top part plus the hint. */
-        w1[j] = r1 + hint;
-
-        /* Fix up w1 not be 16 (-> 0) or -1 (-> 15). */
-        w1[j] &= 0xf;
-#else
-        /* Convert value to positive only range. */
-        r = w1[j] + (sword32)((0 - (((word32)w1[j]) >> 31)) & DILITHIUM_Q);
-        /* Decompose value into low and high parts. */
-        dilithium_decompose_q32(r, &r0, &r1);
-        /* Check for hint. */
-        if ((o < h[omega + i]) && (h[o] == (byte)j)) {
-            /* Add or subtract hint based on sign of r0. */
-            r1 += (sword32)(1 - (2 * (((word32)r0) >> 31)));
-            /* Go to next hint offset. */
-            o++;
-        }
-        /* Fix up w1 not be 16 (-> 0) or -1 (-> 15). */
-        w1[j] = r1 & 0xf;
-#endif
-    }
-    *op = o;
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
-/* Use hints to modify w1.
- *
- * FIPS 204. 8.4: Algorithm 34 UseHint(h, r)
- *   1: m <- (q - 1) / (2 * GAMMA2)
- *   2: (r1, r0) <- Decompose(r)
- *   3: if h == 1 and r0 > 0 return (r1 + 1) mod m
- *   4: if h == 1 and r0 <= 0 return (r1 - 1) mod m
- *   5: return r1
- *
- * @param [in, out] w1      Vector of polynomials needing hints applied to.
- * @param [in]      k       Dimension of vector.
- * @param [in]      gamma2  Low-order rounding range, GAMMA2.
- * @param [in]      omega   Max number of hints. Hint counts after this index.
- * @param [in]      h       Hints to apply. In signature encoding.
- */
-static void dilithium_vec_use_hint(sword32* w1, byte k, sword32 gamma2,
-    byte omega, const byte* h)
-{
-    unsigned int i;
-    byte o = 0;
-
-    (void)k;
-    (void)omega;
-
-#ifndef WOLFSSL_NO_ML_DSA_44
-    if (gamma2 == DILITHIUM_Q_LOW_88) {
-    #ifdef USE_INTEL_SPEEDUP
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            wc_mldsa_use_hint_88_avx2(w1, h);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            /* For each polynomial of vector. */
-            for (i = 0; i < PARAMS_ML_DSA_44_K; i++) {
-                dilithium_use_hint_88(w1, h, i, &o);
-                w1 += DILITHIUM_N;
-            }
-        }
-    }
-#endif
-#if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-    if (gamma2 == DILITHIUM_Q_LOW_32) {
-    #ifdef USE_INTEL_SPEEDUP
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            wc_mldsa_use_hint_32_avx2(w1, k, h);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            /* For each polynomial of vector. */
-            for (i = 0; i < k; i++) {
-                dilithium_use_hint_32(w1, h, omega, i, &o);
-                w1 += DILITHIUM_N;
-            }
-        }
-    }
-#endif
-}
-#endif
-#endif /* !WOLFSSL_DILITHIUM_NO_VERIFY */
-
-/******************************************************************************
- * Maths operations
- ******************************************************************************/
-
-/* q^-1 mod 2^32 (inverse of 8380417 mod 2^32 = 58728449 = 0x3802001) */
-#define DILITHIUM_QINV          58728449
-
-/* Montgomery reduce a.
- *
- * @param  [in]  a  64-bit value to be reduced.
- * @return  Montgomery reduction result.
- */
-static sword32 dilithium_mont_red(sword64 a)
-{
-#ifndef DILITHIUM_MUL_QINV_SLOW
-    sword64 t = (sword32)((sword32)a * (sword32)DILITHIUM_QINV);
-#else
-    sword64 t = (sword32)((sword32)a + (sword32)((sword32)a << 13) -
-        (sword32)((sword32)a << 23) + (sword32)((sword32)a << 26));
-#endif
-#ifndef DILITHIUM_MUL_Q_SLOW
-    return (sword32)((a - ((sword32)t * (sword64)DILITHIUM_Q)) >> 32);
-#else
-    return (sword32)((a - (t << 23) + (t << 13) - t) >> 32);
-#endif
-}
-
-#if !defined(WOLFSSL_DILITHIUM_SMALL) || !defined(WOLFSSL_DILITHIUM_NO_SIGN)
-
-/* Reduce 32-bit a modulo q. r = a mod q.
- *
- * Barrett reduction.
- *
- * @param  [in]  a  32-bit value to be reduced to range of q.
- * @return  Modulo result.
- */
-static sword32 dilithium_red(sword32 a)
-{
-    sword32 t = (sword32)((a + (1 << 22)) >> 23);
-#ifndef DILITHIUM_MUL_Q_SLOW
-    return (sword32)(a - (t * DILITHIUM_Q));
-#else
-    return (sword32)(a - (t << 23) + (t << 13) - t);
-#endif
-}
-
-#endif /* !WOLFSSL_DILITHIUM_SMALL || !WOLFSSL_DILITHIUM_NO_SIGN */
-
-/* Zetas for NTT. */
-static const sword32 zetas[DILITHIUM_N] = {
-   -41978,    25847, -2608894,  -518909,   237124,  -777960,  -876248,   466468,
-  1826347,  2353451,  -359251, -2091905,  3119733, -2884855,  3111497,  2680103,
-  2725464,  1024112, -1079900,  3585928,  -549488, -1119584,  2619752, -2108549,
- -2118186, -3859737, -1399561, -3277672,  1757237,   -19422,  4010497,   280005,
-  2706023,    95776,  3077325,  3530437, -1661693, -3592148, -2537516,  3915439,
- -3861115, -3043716,  3574422, -2867647,  3539968,  -300467,  2348700,  -539299,
- -1699267, -1643818,  3505694, -3821735,  3507263, -2140649, -1600420,  3699596,
-   811944,   531354,   954230,  3881043,  3900724, -2556880,  2071892, -2797779,
- -3930395, -1528703, -3677745, -3041255, -1452451,  3475950,  2176455, -1585221,
- -1257611,  1939314, -4083598, -1000202, -3190144, -3157330, -3632928,   126922,
-  3412210,  -983419,  2147896,  2715295, -2967645, -3693493,  -411027, -2477047,
-  -671102, -1228525,   -22981, -1308169,  -381987,  1349076,  1852771, -1430430,
- -3343383,   264944,   508951,  3097992,    44288, -1100098,   904516,  3958618,
- -3724342,    -8578,  1653064, -3249728,  2389356,  -210977,   759969, -1316856,
-   189548, -3553272,  3159746, -1851402, -2409325,  -177440,  1315589,  1341330,
-  1285669, -1584928,  -812732, -1439742, -3019102, -3881060, -3628969,  3839961,
-  2091667,  3407706,  2316500,  3817976, -3342478,  2244091, -2446433, -3562462,
-   266997,  2434439, -1235728,  3513181, -3520352, -3759364, -1197226, -3193378,
-   900702,  1859098,   909542,   819034,   495491, -1613174,   -43260,  -522500,
-  -655327, -3122442,  2031748,  3207046, -3556995,  -525098,  -768622, -3595838,
-   342297,   286988, -2437823,  4108315,  3437287, -3342277,  1735879,   203044,
-  2842341,  2691481, -2590150,  1265009,  4055324,  1247620,  2486353,  1595974,
- -3767016,  1250494,  2635921, -3548272, -2994039,  1869119,  1903435, -1050970,
- -1333058,  1237275, -3318210, -1430225,  -451100,  1312455,  3306115, -1962642,
- -1279661,  1917081, -2546312, -1374803,  1500165,   777191,  2235880,  3406031,
-  -542412, -2831860, -1671176, -1846953, -2584293, -3724270,   594136, -3776993,
- -2013608,  2432395,  2454455,  -164721,  1957272,  3369112,   185531, -1207385,
- -3183426,   162844,  1616392,  3014001,   810149,  1652634, -3694233, -1799107,
- -3038916,  3523897,  3866901,   269760,  2213111,  -975884,  1717735,   472078,
-  -426683,  1723600, -1803090,  1910376, -1667432, -1104333,  -260646, -3833893,
- -2939036, -2235985,  -420899, -2286327,   183443,  -976891,  1612842, -3545687,
-  -554416,  3919660,   -48306, -1362209,  3937738,  1400424,  -846154,  1976782
-};
-
-#ifndef WOLFSSL_DILITHIUM_SMALL
-/* Zetas for inverse NTT. */
-static const sword32 zetas_inv[DILITHIUM_N] = {
- -1976782,   846154, -1400424, -3937738,  1362209,    48306, -3919660,   554416,
-  3545687, -1612842,   976891,  -183443,  2286327,   420899,  2235985,  2939036,
-  3833893,   260646,  1104333,  1667432, -1910376,  1803090, -1723600,   426683,
-  -472078, -1717735,   975884, -2213111,  -269760, -3866901, -3523897,  3038916,
-  1799107,  3694233, -1652634,  -810149, -3014001, -1616392,  -162844,  3183426,
-  1207385,  -185531, -3369112, -1957272,   164721, -2454455, -2432395,  2013608,
-  3776993,  -594136,  3724270,  2584293,  1846953,  1671176,  2831860,   542412,
- -3406031, -2235880,  -777191, -1500165,  1374803,  2546312, -1917081,  1279661,
-  1962642, -3306115, -1312455,   451100,  1430225,  3318210, -1237275,  1333058,
-  1050970, -1903435, -1869119,  2994039,  3548272, -2635921, -1250494,  3767016,
- -1595974, -2486353, -1247620, -4055324, -1265009,  2590150, -2691481, -2842341,
-  -203044, -1735879,  3342277, -3437287, -4108315,  2437823,  -286988,  -342297,
-  3595838,   768622,   525098,  3556995, -3207046, -2031748,  3122442,   655327,
-   522500,    43260,  1613174,  -495491,  -819034,  -909542, -1859098,  -900702,
-  3193378,  1197226,  3759364,  3520352, -3513181,  1235728, -2434439,  -266997,
-  3562462,  2446433, -2244091,  3342478, -3817976, -2316500, -3407706, -2091667,
- -3839961,  3628969,  3881060,  3019102,  1439742,   812732,  1584928, -1285669,
- -1341330, -1315589,   177440,  2409325,  1851402, -3159746,  3553272,  -189548,
-  1316856,  -759969,   210977, -2389356,  3249728, -1653064,     8578,  3724342,
- -3958618,  -904516,  1100098,   -44288, -3097992,  -508951,  -264944,  3343383,
-  1430430, -1852771, -1349076,   381987,  1308169,    22981,  1228525,   671102,
-  2477047,   411027,  3693493,  2967645, -2715295, -2147896,   983419, -3412210,
-  -126922,  3632928,  3157330,  3190144,  1000202,  4083598, -1939314,  1257611,
-  1585221, -2176455, -3475950,  1452451,  3041255,  3677745,  1528703,  3930395,
-  2797779, -2071892,  2556880, -3900724, -3881043,  -954230,  -531354,  -811944,
- -3699596,  1600420,  2140649, -3507263,  3821735, -3505694,  1643818,  1699267,
-   539299, -2348700,   300467, -3539968,  2867647, -3574422,  3043716,  3861115,
- -3915439,  2537516,  3592148,  1661693, -3530437, -3077325,   -95776, -2706023,
-  -280005, -4010497,    19422, -1757237,  3277672,  1399561,  3859737,  2118186,
-  2108549, -2619752,  1119584,   549488, -3585928,  1079900, -1024112, -2725464,
- -2680103, -3111497,  2884855, -3119733,  2091905,   359251, -2353451, -1826347,
-  -466468,   876248,   777960,  -237124,   518909,  2608894,   -25847,    41978
-};
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-    !defined(WOLFSSL_DILITHIUM_NO_VERIFY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_MAKE) && defined(WOLFSSL_DILITHIUM_SMALL))
-
-/* One iteration of Number-Theoretic Transform.
- *
- * @param [in] len  Length of sequence.
- */
-#define NTT(len)                                                            \
-do {                                                                        \
-    for (start = 0; start < DILITHIUM_N; start += 2 * (len)) {              \
-        zeta = zetas[++k];                                                  \
-        for (j = 0; j < (len); ++j) {                                       \
-            sword32 t =                                                     \
-                dilithium_mont_red((sword64)zeta * r[start + j + (len)]);   \
-            sword32 rj = r[start + j];                                      \
-            r[start + j + (len)] = rj - t;                                  \
-            r[start + j] = rj + t;                                          \
-        }                                                                   \
-    }                                                                       \
-}                                                                           \
-while (0)
-
-/* Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_ntt_c(sword32* r)
-{
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    unsigned int len;
-    unsigned int k;
-    unsigned int j;
-
-    k = 0;
-    for (len = DILITHIUM_N / 2; len >= 1; len >>= 1) {
-        unsigned int start;
-        for (start = 0; start < DILITHIUM_N; start = j + len) {
-            sword32 zeta = zetas[++k];
-            for (j = start; j < start + len; ++j) {
-                sword32 t = dilithium_mont_red((sword64)zeta * r[j + len]);
-                sword32 rj = r[j];
-                r[j + len] = rj - t;
-                r[j] = rj + t;
-            }
-        }
-    }
-#elif defined(WOLFSSL_DILITHIUM_NO_LARGE_CODE)
-    unsigned int j;
-    unsigned int k;
-    unsigned int start;
-    sword32 zeta;
-
-    zeta = zetas[1];
-    for (j = 0; j < DILITHIUM_N / 2; j++) {
-        sword32 t =
-            dilithium_mont_red((sword64)zeta * r[j + DILITHIUM_N / 2]);
-        sword32 rj = r[j];
-        r[j + DILITHIUM_N / 2] = rj - t;
-        r[j] = rj + t;
-    }
-
-    k = 1;
-    NTT(64);
-    NTT(32);
-    NTT(16);
-    NTT(8);
-    NTT(4);
-    NTT(2);
-
-    for (j = 0; j < DILITHIUM_N; j += 2) {
-        sword32 t = dilithium_mont_red((sword64)zetas[++k] * r[j + 1]);
-        sword32 rj = r[j];
-        r[j + 1] = rj - t;
-        r[j] = rj + t;
-    }
-#elif defined(WC_32BIT_CPU)
-    unsigned int j;
-    unsigned int k;
-    sword32 t0;
-    sword32 t2;
-
-    sword32 zeta128 = zetas[1];
-    sword32 zeta640 = zetas[2];
-    sword32 zeta641 = zetas[3];
-    for (j = 0; j < DILITHIUM_N / 4; j++) {
-        sword32 r0 = r[j +   0];
-        sword32 r2 = r[j +  64];
-        sword32 r4 = r[j + 128];
-        sword32 r6 = r[j + 192];
-
-        t0 = dilithium_mont_red((sword64)zeta128 * r4);
-        t2 = dilithium_mont_red((sword64)zeta128 * r6);
-        r4 = r0 - t0;
-        r6 = r2 - t2;
-        r0 += t0;
-        r2 += t2;
-
-        t0 = dilithium_mont_red((sword64)zeta640 * r2);
-        t2 = dilithium_mont_red((sword64)zeta641 * r6);
-        r2 = r0 - t0;
-        r6 = r4 - t2;
-        r0 += t0;
-        r4 += t2;
-
-        r[j +   0] = r0;
-        r[j +  64] = r2;
-        r[j + 128] = r4;
-        r[j + 192] = r6;
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 64) {
-        unsigned int i;
-        sword32 zeta32  = zetas[ 4 + j / 64 + 0];
-        sword32 zeta160 = zetas[ 8 + j / 32 + 0];
-        sword32 zeta161 = zetas[ 8 + j / 32 + 1];
-        for (i = 0; i < 16; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r2 = r[j + i + 16];
-            sword32 r4 = r[j + i + 32];
-            sword32 r6 = r[j + i + 48];
-
-            t0 = dilithium_mont_red((sword64)zeta32 * r4);
-            t2 = dilithium_mont_red((sword64)zeta32 * r6);
-            r4 = r0 - t0;
-            r6 = r2 - t2;
-            r0 += t0;
-            r2 += t2;
-
-            t0 = dilithium_mont_red((sword64)zeta160 * r2);
-            t2 = dilithium_mont_red((sword64)zeta161 * r6);
-            r2 = r0 - t0;
-            r6 = r4 - t2;
-            r0 += t0;
-            r4 += t2;
-
-            r[j + i +  0] = r0;
-            r[j + i + 16] = r2;
-            r[j + i + 32] = r4;
-            r[j + i + 48] = r6;
-        }
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 16) {
-        unsigned int i;
-        sword32 zeta8   = zetas[16 + j / 16];
-        sword32 zeta40  = zetas[32 + j / 8 + 0];
-        sword32 zeta41  = zetas[32 + j / 8 + 1];
-        for (i = 0; i < 4; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r2 = r[j + i +  4];
-            sword32 r4 = r[j + i +  8];
-            sword32 r6 = r[j + i + 12];
-
-            t0 = dilithium_mont_red((sword64)zeta8 * r4);
-            t2 = dilithium_mont_red((sword64)zeta8 * r6);
-            r4 = r0 - t0;
-            r6 = r2 - t2;
-            r0 += t0;
-            r2 += t2;
-
-            t0 = dilithium_mont_red((sword64)zeta40 * r2);
-            t2 = dilithium_mont_red((sword64)zeta41 * r6);
-            r2 = r0 - t0;
-            r6 = r4 - t2;
-            r0 += t0;
-            r4 += t2;
-
-            r[j + i +  0] = r0;
-            r[j + i +  4] = r2;
-            r[j + i +  8] = r4;
-            r[j + i + 12] = r6;
-        }
-    }
-
-    k = 128;
-    for (j = 0; j < DILITHIUM_N; j += 4) {
-        sword32 zeta2 = zetas[64 + j / 4];
-        sword32 r0 = r[j + 0];
-        sword32 r2 = r[j + 1];
-        sword32 r4 = r[j + 2];
-        sword32 r6 = r[j + 3];
-
-        t0 = dilithium_mont_red((sword64)zeta2 * r4);
-        t2 = dilithium_mont_red((sword64)zeta2 * r6);
-        r4 = r0 - t0;
-        r6 = r2 - t2;
-        r0 += t0;
-        r2 += t2;
-
-        t0 = dilithium_mont_red((sword64)zetas[k++] * r2);
-        t2 = dilithium_mont_red((sword64)zetas[k++] * r6);
-        r2 = r0 - t0;
-        r6 = r4 - t2;
-        r0 += t0;
-        r4 += t2;
-
-        r[j + 0] = r0;
-        r[j + 1] = r2;
-        r[j + 2] = r4;
-        r[j + 3] = r6;
-    }
-#else
-    unsigned int j;
-    unsigned int k;
-    sword32 t0;
-    sword32 t1;
-    sword32 t2;
-    sword32 t3;
-
-    sword32 zeta128 = zetas[1];
-    sword32 zeta640 = zetas[2];
-    sword32 zeta641 = zetas[3];
-    for (j = 0; j < DILITHIUM_N / 8; j++) {
-        sword32 r0 = r[j +   0];
-        sword32 r1 = r[j +  32];
-        sword32 r2 = r[j +  64];
-        sword32 r3 = r[j +  96];
-        sword32 r4 = r[j + 128];
-        sword32 r5 = r[j + 160];
-        sword32 r6 = r[j + 192];
-        sword32 r7 = r[j + 224];
-
-        t0 = dilithium_mont_red((sword64)zeta128 * r4);
-        t1 = dilithium_mont_red((sword64)zeta128 * r5);
-        t2 = dilithium_mont_red((sword64)zeta128 * r6);
-        t3 = dilithium_mont_red((sword64)zeta128 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = dilithium_mont_red((sword64)zeta640 * r2);
-        t1 = dilithium_mont_red((sword64)zeta640 * r3);
-        t2 = dilithium_mont_red((sword64)zeta641 * r6);
-        t3 = dilithium_mont_red((sword64)zeta641 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        r[j +   0] = r0;
-        r[j +  32] = r1;
-        r[j +  64] = r2;
-        r[j +  96] = r3;
-        r[j + 128] = r4;
-        r[j + 160] = r5;
-        r[j + 192] = r6;
-        r[j + 224] = r7;
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 64) {
-        unsigned int i;
-        sword32 zeta32  = zetas[ 4 + j / 64 + 0];
-        sword32 zeta160 = zetas[ 8 + j / 32 + 0];
-        sword32 zeta161 = zetas[ 8 + j / 32 + 1];
-        sword32 zeta80  = zetas[16 + j / 16 + 0];
-        sword32 zeta81  = zetas[16 + j / 16 + 1];
-        sword32 zeta82  = zetas[16 + j / 16 + 2];
-        sword32 zeta83  = zetas[16 + j / 16 + 3];
-        for (i = 0; i < 8; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r1 = r[j + i +  8];
-            sword32 r2 = r[j + i + 16];
-            sword32 r3 = r[j + i + 24];
-            sword32 r4 = r[j + i + 32];
-            sword32 r5 = r[j + i + 40];
-            sword32 r6 = r[j + i + 48];
-            sword32 r7 = r[j + i + 56];
-
-            t0 = dilithium_mont_red((sword64)zeta32 * r4);
-            t1 = dilithium_mont_red((sword64)zeta32 * r5);
-            t2 = dilithium_mont_red((sword64)zeta32 * r6);
-            t3 = dilithium_mont_red((sword64)zeta32 * r7);
-            r4 = r0 - t0;
-            r5 = r1 - t1;
-            r6 = r2 - t2;
-            r7 = r3 - t3;
-            r0 += t0;
-            r1 += t1;
-            r2 += t2;
-            r3 += t3;
-
-            t0 = dilithium_mont_red((sword64)zeta160 * r2);
-            t1 = dilithium_mont_red((sword64)zeta160 * r3);
-            t2 = dilithium_mont_red((sword64)zeta161 * r6);
-            t3 = dilithium_mont_red((sword64)zeta161 * r7);
-            r2 = r0 - t0;
-            r3 = r1 - t1;
-            r6 = r4 - t2;
-            r7 = r5 - t3;
-            r0 += t0;
-            r1 += t1;
-            r4 += t2;
-            r5 += t3;
-
-            t0 = dilithium_mont_red((sword64)zeta80 * r1);
-            t1 = dilithium_mont_red((sword64)zeta81 * r3);
-            t2 = dilithium_mont_red((sword64)zeta82 * r5);
-            t3 = dilithium_mont_red((sword64)zeta83 * r7);
-            r1 = r0 - t0;
-            r3 = r2 - t1;
-            r5 = r4 - t2;
-            r7 = r6 - t3;
-            r0 += t0;
-            r2 += t1;
-            r4 += t2;
-            r6 += t3;
-
-            r[j + i +  0] = r0;
-            r[j + i +  8] = r1;
-            r[j + i + 16] = r2;
-            r[j + i + 24] = r3;
-            r[j + i + 32] = r4;
-            r[j + i + 40] = r5;
-            r[j + i + 48] = r6;
-            r[j + i + 56] = r7;
-        }
-    }
-
-    k = 128;
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        sword32 zeta4  = zetas[32 + j / 8 + 0];
-        sword32 zeta20 = zetas[64 + j / 4 + 0];
-        sword32 zeta21 = zetas[64 + j / 4 + 1];
-        sword32 r0 = r[j + 0];
-        sword32 r1 = r[j + 1];
-        sword32 r2 = r[j + 2];
-        sword32 r3 = r[j + 3];
-        sword32 r4 = r[j + 4];
-        sword32 r5 = r[j + 5];
-        sword32 r6 = r[j + 6];
-        sword32 r7 = r[j + 7];
-
-        t0 = dilithium_mont_red((sword64)zeta4 * r4);
-        t1 = dilithium_mont_red((sword64)zeta4 * r5);
-        t2 = dilithium_mont_red((sword64)zeta4 * r6);
-        t3 = dilithium_mont_red((sword64)zeta4 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = dilithium_mont_red((sword64)zeta20 * r2);
-        t1 = dilithium_mont_red((sword64)zeta20 * r3);
-        t2 = dilithium_mont_red((sword64)zeta21 * r6);
-        t3 = dilithium_mont_red((sword64)zeta21 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        t0 = dilithium_mont_red((sword64)zetas[k++] * r1);
-        t1 = dilithium_mont_red((sword64)zetas[k++] * r3);
-        t2 = dilithium_mont_red((sword64)zetas[k++] * r5);
-        t3 = dilithium_mont_red((sword64)zetas[k++] * r7);
-        r1 = r0 - t0;
-        r3 = r2 - t1;
-        r5 = r4 - t2;
-        r7 = r6 - t3;
-        r0 += t0;
-        r2 += t1;
-        r4 += t2;
-        r6 += t3;
-
-        r[j + 0] = r0;
-        r[j + 1] = r1;
-        r[j + 2] = r2;
-        r[j + 3] = r3;
-        r[j + 4] = r4;
-        r[j + 5] = r5;
-        r[j + 6] = r6;
-        r[j + 7] = r7;
-    }
-#endif
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-     defined(WC_DILITHIUM_CACHE_PRIV_VECTORS)
-/* Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_ntt(sword32* r)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_ntt_avx2(r);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_ntt_c(r);
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_VERIFY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     (!defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-      defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC))) || \
-    (defined(WOLFSSL_DILITHIUM_SMALL) && \
-     (!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-      defined(WOLFSSL_DILITHIUM_CHECK_KEY)))
-/* Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_ntt_full(sword32* r)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_ntt_full_avx2(r);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_ntt_c(r);
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-    (!defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-     defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC) || \
-     defined(WC_DILITHIUM_CACHE_PRIV_VECTORS))
-/* Number-Theoretic Transform.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-static void dilithium_vec_ntt(sword32* r, byte l)
-{
-    unsigned int i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_ntt(r);
-        r += DILITHIUM_N;
-    }
-}
-#endif
-#endif
-
-#if (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) || \
-     (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-      (!defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-       defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC)))) || \
-    (defined(WOLFSSL_DILITHIUM_SMALL) && \
-     (!defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-      defined(WOLFSSL_DILITHIUM_CHECK_KEY)))
-/* Number-Theoretic Transform.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-static void dilithium_vec_ntt_full(sword32* r, byte l)
-{
-    unsigned int i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_ntt_full(r);
-        r += DILITHIUM_N;
-    }
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_SMALL
-
-/* Zeta index value 1 not in montgomery form. */
-#define DILITHIUM_NTT_ZETA_1    ((sword32)-3572223)
-
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_ntt_small_c(sword32* r)
-{
-    unsigned int k;
-    unsigned int j;
-#ifdef WOLFSSL_DILITHIUM_NO_LARGE_CODE
-    unsigned int start;
-    sword32 zeta;
-
-    for (j = 0; j < DILITHIUM_N / 2; ++j) {
-        sword32 t = dilithium_red(DILITHIUM_NTT_ZETA_1 *
-                                  r[j + DILITHIUM_N / 2]);
-        sword32 rj = r[j];
-        r[j + DILITHIUM_N / 2] = rj - t;
-        r[j] = rj + t;
-    }
-
-    k = 1;
-    NTT(64);
-    NTT(32);
-    NTT(16);
-    NTT(8);
-    NTT(4);
-    NTT(2);
-
-    for (j = 0; j < DILITHIUM_N; j += 2) {
-        sword32 t = dilithium_mont_red((sword64)zetas[++k] * r[j + 1]);
-        sword32 rj = r[j];
-        r[j + 1] = rj - t;
-        r[j] = rj + t;
-    }
-#elif defined(WC_32BIT_CPU)
-    sword32 t0;
-    sword32 t2;
-
-    sword32 zeta640 = zetas[2];
-    sword32 zeta641 = zetas[3];
-    for (j = 0; j < DILITHIUM_N / 4; j++) {
-        sword32 r0 = r[j +   0];
-        sword32 r2 = r[j +  64];
-        sword32 r4 = r[j + 128];
-        sword32 r6 = r[j + 192];
-
-        t0 = dilithium_red(DILITHIUM_NTT_ZETA_1 * r4);
-        t2 = dilithium_red(DILITHIUM_NTT_ZETA_1 * r6);
-        r4 = r0 - t0;
-        r6 = r2 - t2;
-        r0 += t0;
-        r2 += t2;
-
-        t0 = dilithium_mont_red((sword64)zeta640 * r2);
-        t2 = dilithium_mont_red((sword64)zeta641 * r6);
-        r2 = r0 - t0;
-        r6 = r4 - t2;
-        r0 += t0;
-        r4 += t2;
-
-        r[j +   0] = r0;
-        r[j +  64] = r2;
-        r[j + 128] = r4;
-        r[j + 192] = r6;
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 64) {
-        unsigned int i;
-        sword32 zeta32  = zetas[ 4 + j / 64 + 0];
-        sword32 zeta160 = zetas[ 8 + j / 32 + 0];
-        sword32 zeta161 = zetas[ 8 + j / 32 + 1];
-        for (i = 0; i < 16; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r2 = r[j + i + 16];
-            sword32 r4 = r[j + i + 32];
-            sword32 r6 = r[j + i + 48];
-
-            t0 = dilithium_mont_red((sword64)zeta32 * r4);
-            t2 = dilithium_mont_red((sword64)zeta32 * r6);
-            r4 = r0 - t0;
-            r6 = r2 - t2;
-            r0 += t0;
-            r2 += t2;
-
-            t0 = dilithium_mont_red((sword64)zeta160 * r2);
-            t2 = dilithium_mont_red((sword64)zeta161 * r6);
-            r2 = r0 - t0;
-            r6 = r4 - t2;
-            r0 += t0;
-            r4 += t2;
-
-            r[j + i +  0] = r0;
-            r[j + i + 16] = r2;
-            r[j + i + 32] = r4;
-            r[j + i + 48] = r6;
-        }
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 16) {
-        unsigned int i;
-        sword32 zeta8   = zetas[16 + j / 16];
-        sword32 zeta40  = zetas[32 + j / 8 + 0];
-        sword32 zeta41  = zetas[32 + j / 8 + 1];
-        for (i = 0; i < 4; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r2 = r[j + i +  4];
-            sword32 r4 = r[j + i +  8];
-            sword32 r6 = r[j + i + 12];
-
-            t0 = dilithium_mont_red((sword64)zeta8 * r4);
-            t2 = dilithium_mont_red((sword64)zeta8 * r6);
-            r4 = r0 - t0;
-            r6 = r2 - t2;
-            r0 += t0;
-            r2 += t2;
-
-            t0 = dilithium_mont_red((sword64)zeta40 * r2);
-            t2 = dilithium_mont_red((sword64)zeta41 * r6);
-            r2 = r0 - t0;
-            r6 = r4 - t2;
-            r0 += t0;
-            r4 += t2;
-
-            r[j + i +  0] = r0;
-            r[j + i +  4] = r2;
-            r[j + i +  8] = r4;
-            r[j + i + 12] = r6;
-        }
-    }
-
-    k = 128;
-    for (j = 0; j < DILITHIUM_N; j += 4) {
-        sword32 zeta2 = zetas[64 + j / 4];
-        sword32 r0 = r[j + 0];
-        sword32 r2 = r[j + 1];
-        sword32 r4 = r[j + 2];
-        sword32 r6 = r[j + 3];
-
-        t0 = dilithium_mont_red((sword64)zeta2 * r4);
-        t2 = dilithium_mont_red((sword64)zeta2 * r6);
-        r4 = r0 - t0;
-        r6 = r2 - t2;
-        r0 += t0;
-        r2 += t2;
-
-        t0 = dilithium_mont_red((sword64)zetas[k++] * r2);
-        t2 = dilithium_mont_red((sword64)zetas[k++] * r6);
-        r2 = r0 - t0;
-        r6 = r4 - t2;
-        r0 += t0;
-        r4 += t2;
-
-        r[j + 0] = r0;
-        r[j + 1] = r2;
-        r[j + 2] = r4;
-        r[j + 3] = r6;
-    }
-#else
-    sword32 t0;
-    sword32 t1;
-    sword32 t2;
-    sword32 t3;
-    sword32 zeta640 = zetas[2];
-    sword32 zeta641 = zetas[3];
-    for (j = 0; j < DILITHIUM_N / 8; j++) {
-        sword32 r0 = r[j +   0];
-        sword32 r1 = r[j +  32];
-        sword32 r2 = r[j +  64];
-        sword32 r3 = r[j +  96];
-        sword32 r4 = r[j + 128];
-        sword32 r5 = r[j + 160];
-        sword32 r6 = r[j + 192];
-        sword32 r7 = r[j + 224];
-
-        t0 = dilithium_red(DILITHIUM_NTT_ZETA_1 * r4);
-        t1 = dilithium_red(DILITHIUM_NTT_ZETA_1 * r5);
-        t2 = dilithium_red(DILITHIUM_NTT_ZETA_1 * r6);
-        t3 = dilithium_red(DILITHIUM_NTT_ZETA_1 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = dilithium_mont_red((sword64)zeta640 * r2);
-        t1 = dilithium_mont_red((sword64)zeta640 * r3);
-        t2 = dilithium_mont_red((sword64)zeta641 * r6);
-        t3 = dilithium_mont_red((sword64)zeta641 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        r[j +   0] = r0;
-        r[j +  32] = r1;
-        r[j +  64] = r2;
-        r[j +  96] = r3;
-        r[j + 128] = r4;
-        r[j + 160] = r5;
-        r[j + 192] = r6;
-        r[j + 224] = r7;
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 64) {
-        unsigned int i;
-        sword32 zeta32  = zetas[ 4 + j / 64 + 0];
-        sword32 zeta160 = zetas[ 8 + j / 32 + 0];
-        sword32 zeta161 = zetas[ 8 + j / 32 + 1];
-        sword32 zeta80  = zetas[16 + j / 16 + 0];
-        sword32 zeta81  = zetas[16 + j / 16 + 1];
-        sword32 zeta82  = zetas[16 + j / 16 + 2];
-        sword32 zeta83  = zetas[16 + j / 16 + 3];
-        for (i = 0; i < 8; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r1 = r[j + i +  8];
-            sword32 r2 = r[j + i + 16];
-            sword32 r3 = r[j + i + 24];
-            sword32 r4 = r[j + i + 32];
-            sword32 r5 = r[j + i + 40];
-            sword32 r6 = r[j + i + 48];
-            sword32 r7 = r[j + i + 56];
-
-            t0 = dilithium_mont_red((sword64)zeta32 * r4);
-            t1 = dilithium_mont_red((sword64)zeta32 * r5);
-            t2 = dilithium_mont_red((sword64)zeta32 * r6);
-            t3 = dilithium_mont_red((sword64)zeta32 * r7);
-            r4 = r0 - t0;
-            r5 = r1 - t1;
-            r6 = r2 - t2;
-            r7 = r3 - t3;
-            r0 += t0;
-            r1 += t1;
-            r2 += t2;
-            r3 += t3;
-
-            t0 = dilithium_mont_red((sword64)zeta160 * r2);
-            t1 = dilithium_mont_red((sword64)zeta160 * r3);
-            t2 = dilithium_mont_red((sword64)zeta161 * r6);
-            t3 = dilithium_mont_red((sword64)zeta161 * r7);
-            r2 = r0 - t0;
-            r3 = r1 - t1;
-            r6 = r4 - t2;
-            r7 = r5 - t3;
-            r0 += t0;
-            r1 += t1;
-            r4 += t2;
-            r5 += t3;
-
-            t0 = dilithium_mont_red((sword64)zeta80 * r1);
-            t1 = dilithium_mont_red((sword64)zeta81 * r3);
-            t2 = dilithium_mont_red((sword64)zeta82 * r5);
-            t3 = dilithium_mont_red((sword64)zeta83 * r7);
-            r1 = r0 - t0;
-            r3 = r2 - t1;
-            r5 = r4 - t2;
-            r7 = r6 - t3;
-            r0 += t0;
-            r2 += t1;
-            r4 += t2;
-            r6 += t3;
-
-            r[j + i +  0] = r0;
-            r[j + i +  8] = r1;
-            r[j + i + 16] = r2;
-            r[j + i + 24] = r3;
-            r[j + i + 32] = r4;
-            r[j + i + 40] = r5;
-            r[j + i + 48] = r6;
-            r[j + i + 56] = r7;
-        }
-    }
-
-    k = 128;
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        sword32 zeta4  = zetas[32 + j / 8 + 0];
-        sword32 zeta20 = zetas[64 + j / 4 + 0];
-        sword32 zeta21 = zetas[64 + j / 4 + 1];
-        sword32 r0 = r[j + 0];
-        sword32 r1 = r[j + 1];
-        sword32 r2 = r[j + 2];
-        sword32 r3 = r[j + 3];
-        sword32 r4 = r[j + 4];
-        sword32 r5 = r[j + 5];
-        sword32 r6 = r[j + 6];
-        sword32 r7 = r[j + 7];
-
-        t0 = dilithium_mont_red((sword64)zeta4 * r4);
-        t1 = dilithium_mont_red((sword64)zeta4 * r5);
-        t2 = dilithium_mont_red((sword64)zeta4 * r6);
-        t3 = dilithium_mont_red((sword64)zeta4 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = dilithium_mont_red((sword64)zeta20 * r2);
-        t1 = dilithium_mont_red((sword64)zeta20 * r3);
-        t2 = dilithium_mont_red((sword64)zeta21 * r6);
-        t3 = dilithium_mont_red((sword64)zeta21 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        t0 = dilithium_mont_red((sword64)zetas[k++] * r1);
-        t1 = dilithium_mont_red((sword64)zetas[k++] * r3);
-        t2 = dilithium_mont_red((sword64)zetas[k++] * r5);
-        t3 = dilithium_mont_red((sword64)zetas[k++] * r7);
-        r1 = r0 - t0;
-        r3 = r2 - t1;
-        r5 = r4 - t2;
-        r7 = r6 - t3;
-        r0 += t0;
-        r2 += t1;
-        r4 += t2;
-        r6 += t3;
-
-        r[j + 0] = r0;
-        r[j + 1] = r1;
-        r[j + 2] = r2;
-        r[j + 3] = r3;
-        r[j + 4] = r4;
-        r[j + 5] = r5;
-        r[j + 6] = r6;
-        r[j + 7] = r7;
-    }
-#endif
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-     defined(WC_DILITHIUM_CACHE_PRIV_VECTORS)
-/* Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_ntt_small(sword32* r)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_ntt_avx2(r);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_ntt_small_c(r);
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-    !defined(WOLFSSL_DILITHIUM_NO_VERIFY) || \
-     defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-/* Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_ntt_small_full(sword32* r)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_ntt_full_avx2(r);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_ntt_small_c(r);
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-    (!defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-     defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC) || \
-     defined(WC_DILITHIUM_CACHE_PRIV_VECTORS))
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-static void dilithium_vec_ntt_small(sword32* r, byte l)
-{
-    unsigned int i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_ntt_small(r);
-        r += DILITHIUM_N;
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-     defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-static void dilithium_vec_ntt_small_full(sword32* r, byte l)
-{
-    unsigned int i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_ntt_small_full(r);
-        r += DILITHIUM_N;
-    }
-}
-#endif
-
-#else
-
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-#define dilithium_ntt_small          dilithium_ntt
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-#define dilithium_ntt_small_full     dilithium_ntt_full
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-#define dilithium_vec_ntt_small      dilithium_vec_ntt
-/* Number-Theoretic Transform with small initial values.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-#define dilithium_vec_ntt_small_full dilithium_vec_ntt_full
-
-
-#endif /* WOLFSSL_DILITHIUM_SMALL */
-
-
-/* One iteration of Inverse Number-Theoretic Transform.
- *
- * @param [in] len  Length of sequence.
- */
-#define INVNTT(len)                                                         \
-do {                                                                        \
-    for (start = 0; start < DILITHIUM_N; start += 2 * (len)) {              \
-        zeta = zetas_inv[k++];                                              \
-        for (j = 0; j < (len); ++j) {                                       \
-            sword32 rj = r[start + j];                                      \
-            sword32 rjl = r[start + j + (len)];                             \
-            sword32 t = rj + rjl;                                           \
-            r[start + j] = t;                                               \
-            rjl = rj - rjl;                                                 \
-            r[start + j + (len)] = dilithium_mont_red((sword64)zeta * rjl); \
-        }                                                                   \
-    }                                                                       \
-}                                                                           \
-while (0)
-
-/* Inverse Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_invntt_c(sword32* r)
-{
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    unsigned int len;
-    unsigned int k;
-    unsigned int j;
-    sword32 zeta;
-
-    k = 256;
-    for (len = 1; len <= DILITHIUM_N / 2; len <<= 1) {
-        unsigned int start;
-        for (start = 0; start < DILITHIUM_N; start = j + len) {
-            zeta = -zetas[--k];
-            for (j = start; j < start + len; ++j) {
-                sword32 rj = r[j];
-                sword32 rjl = r[j + len];
-                sword32 t = rj + rjl;
-                r[j] = t;
-                rjl = rj - rjl;
-                r[j + len] = dilithium_mont_red((sword64)zeta * rjl);
-            }
-        }
-    }
-
-    zeta = -zetas[0];
-    for (j = 0; j < DILITHIUM_N; ++j) {
-        r[j] = dilithium_mont_red((sword64)zeta * r[j]);
-    }
-#elif defined(WOLFSSL_DILITHIUM_NO_LARGE_CODE)
-    unsigned int j;
-    unsigned int k = 0;
-    unsigned int start;
-    sword32 zeta;
-
-    for (j = 0; j < DILITHIUM_N; j += 2) {
-        sword32 rj = r[j];
-        sword32 rjl = r[j + 1];
-        sword32 t = rj + rjl;
-        r[j] = t;
-        rjl = rj - rjl;
-        r[j + 1] = dilithium_mont_red((sword64)zetas_inv[k++] * rjl);
-    }
-
-    INVNTT(2);
-    INVNTT(4);
-    INVNTT(8);
-    INVNTT(16);
-    INVNTT(32);
-    INVNTT(64);
-    INVNTT(128);
-
-    zeta = zetas_inv[255];
-    for (j = 0; j < DILITHIUM_N; ++j) {
-        r[j] = dilithium_mont_red((sword64)zeta * r[j]);
-    }
-#elif defined(WC_32BIT_CPU)
-    unsigned int j;
-    unsigned int k = 0;
-    sword32 t0;
-    sword32 t2;
-
-    sword32 zeta640;
-    sword32 zeta641;
-    sword32 zeta128;
-    sword32 zeta256;
-    for (j = 0; j < DILITHIUM_N; j += 4) {
-        sword32 zeta2 = zetas_inv[128 + j / 4];
-        sword32 r0 = r[j + 0];
-        sword32 r2 = r[j + 1];
-        sword32 r4 = r[j + 2];
-        sword32 r6 = r[j + 3];
-
-        t0 = dilithium_mont_red((sword64)zetas_inv[k++] * (r0 - r2));
-        t2 = dilithium_mont_red((sword64)zetas_inv[k++] * (r4 - r6));
-        r0 += r2;
-        r4 += r6;
-        r2 = t0;
-        r6 = t2;
-
-        t0 = dilithium_mont_red((sword64)zeta2 * (r0 - r4));
-        t2 = dilithium_mont_red((sword64)zeta2 * (r2 - r6));
-        r0 += r4;
-        r2 += r6;
-        r4 = t0;
-        r6 = t2;
-
-        r[j + 0] = r0;
-        r[j + 1] = r2;
-        r[j + 2] = r4;
-        r[j + 3] = r6;
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 16) {
-        unsigned int i;
-        sword32 zeta40 = zetas_inv[192 + j / 8 + 0];
-        sword32 zeta41 = zetas_inv[192 + j / 8 + 1];
-        sword32 zeta8  = zetas_inv[224 + j / 16 + 0];
-        for (i = 0; i < 4; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r2 = r[j + i +  4];
-            sword32 r4 = r[j + i +  8];
-            sword32 r6 = r[j + i + 12];
-
-            t0 = dilithium_mont_red((sword64)zeta40 * (r0 - r2));
-            t2 = dilithium_mont_red((sword64)zeta41 * (r4 - r6));
-            r0 += r2;
-            r4 += r6;
-            r2 = t0;
-            r6 = t2;
-
-            t0 = dilithium_mont_red((sword64)zeta8 * (r0 - r4));
-            t2 = dilithium_mont_red((sword64)zeta8 * (r2 - r6));
-            r0 += r4;
-            r2 += r6;
-            r4 = t0;
-            r6 = t2;
-
-            r[j + i +  0] = r0;
-            r[j + i +  4] = r2;
-            r[j + i +  8] = r4;
-            r[j + i + 12] = r6;
-        }
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 64) {
-        unsigned int i;
-        sword32 zeta160 = zetas_inv[240 + j / 32 + 0];
-        sword32 zeta161 = zetas_inv[240 + j / 32 + 1];
-        sword32 zeta32  = zetas_inv[248 + j / 64 + 0];
-        for (i = 0; i < 16; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r2 = r[j + i + 16];
-            sword32 r4 = r[j + i + 32];
-            sword32 r6 = r[j + i + 48];
-
-            t0 = dilithium_mont_red((sword64)zeta160 * (r0 - r2));
-            t2 = dilithium_mont_red((sword64)zeta161 * (r4 - r6));
-            r0 += r2;
-            r4 += r6;
-            r2 = t0;
-            r6 = t2;
-
-            t0 = dilithium_mont_red((sword64)zeta32 * (r0 - r4));
-            t2 = dilithium_mont_red((sword64)zeta32 * (r2 - r6));
-            r0 += r4;
-            r2 += r6;
-            r4 = t0;
-            r6 = t2;
-
-            r[j + i +  0] = r0;
-            r[j + i + 16] = r2;
-            r[j + i + 32] = r4;
-            r[j + i + 48] = r6;
-        }
-    }
-
-    zeta640 = zetas_inv[252];
-    zeta641 = zetas_inv[253];
-    zeta128 = zetas_inv[254];
-    zeta256 = zetas_inv[255];
-    for (j = 0; j < DILITHIUM_N / 4; j++) {
-        sword32 r0 = r[j +   0];
-        sword32 r2 = r[j +  64];
-        sword32 r4 = r[j + 128];
-        sword32 r6 = r[j + 192];
-
-        t0 = dilithium_mont_red((sword64)zeta640 * (r0 - r2));
-        t2 = dilithium_mont_red((sword64)zeta641 * (r4 - r6));
-        r0 += r2;
-        r4 += r6;
-        r2 = t0;
-        r6 = t2;
-
-        t0 = dilithium_mont_red((sword64)zeta128 * (r0 - r4));
-        t2 = dilithium_mont_red((sword64)zeta128 * (r2 - r6));
-        r0 += r4;
-        r2 += r6;
-        r4 = t0;
-        r6 = t2;
-
-        r0 = dilithium_mont_red((sword64)zeta256 * r0);
-        r2 = dilithium_mont_red((sword64)zeta256 * r2);
-        r4 = dilithium_mont_red((sword64)zeta256 * r4);
-        r6 = dilithium_mont_red((sword64)zeta256 * r6);
-
-        r[j +   0] = r0;
-        r[j +  64] = r2;
-        r[j + 128] = r4;
-        r[j + 192] = r6;
-    }
-#else
-    unsigned int j;
-    unsigned int k = 0;
-    sword32 t0;
-    sword32 t1;
-    sword32 t2;
-    sword32 t3;
-
-    sword32 zeta640;
-    sword32 zeta641;
-    sword32 zeta128;
-    sword32 zeta256;
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        sword32 zeta20 = zetas_inv[128 + j / 4 + 0];
-        sword32 zeta21 = zetas_inv[128 + j / 4 + 1];
-        sword32 zeta4  = zetas_inv[192 + j / 8 + 0];
-        sword32 r0 = r[j + 0];
-        sword32 r1 = r[j + 1];
-        sword32 r2 = r[j + 2];
-        sword32 r3 = r[j + 3];
-        sword32 r4 = r[j + 4];
-        sword32 r5 = r[j + 5];
-        sword32 r6 = r[j + 6];
-        sword32 r7 = r[j + 7];
-
-        t0 = dilithium_mont_red((sword64)zetas_inv[k++] * (r0 - r1));
-        t1 = dilithium_mont_red((sword64)zetas_inv[k++] * (r2 - r3));
-        t2 = dilithium_mont_red((sword64)zetas_inv[k++] * (r4 - r5));
-        t3 = dilithium_mont_red((sword64)zetas_inv[k++] * (r6 - r7));
-        r0 += r1;
-        r2 += r3;
-        r4 += r5;
-        r6 += r7;
-        r1 = t0;
-        r3 = t1;
-        r5 = t2;
-        r7 = t3;
-
-        t0 = dilithium_mont_red((sword64)zeta20 * (r0 - r2));
-        t1 = dilithium_mont_red((sword64)zeta20 * (r1 - r3));
-        t2 = dilithium_mont_red((sword64)zeta21 * (r4 - r6));
-        t3 = dilithium_mont_red((sword64)zeta21 * (r5 - r7));
-        r0 += r2;
-        r1 += r3;
-        r4 += r6;
-        r5 += r7;
-        r2 = t0;
-        r3 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        t0 = dilithium_mont_red((sword64)zeta4 * (r0 - r4));
-        t1 = dilithium_mont_red((sword64)zeta4 * (r1 - r5));
-        t2 = dilithium_mont_red((sword64)zeta4 * (r2 - r6));
-        t3 = dilithium_mont_red((sword64)zeta4 * (r3 - r7));
-        r0 += r4;
-        r1 += r5;
-        r2 += r6;
-        r3 += r7;
-        r4 = t0;
-        r5 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        r[j + 0] = r0;
-        r[j + 1] = r1;
-        r[j + 2] = r2;
-        r[j + 3] = r3;
-        r[j + 4] = r4;
-        r[j + 5] = r5;
-        r[j + 6] = r6;
-        r[j + 7] = r7;
-    }
-
-    for (j = 0; j < DILITHIUM_N; j += 64) {
-        unsigned int i;
-        sword32 zeta80  = zetas_inv[224 + j / 16 + 0];
-        sword32 zeta81  = zetas_inv[224 + j / 16 + 1];
-        sword32 zeta82  = zetas_inv[224 + j / 16 + 2];
-        sword32 zeta83  = zetas_inv[224 + j / 16 + 3];
-        sword32 zeta160 = zetas_inv[240 + j / 32 + 0];
-        sword32 zeta161 = zetas_inv[240 + j / 32 + 1];
-        sword32 zeta32  = zetas_inv[248 + j / 64 + 0];
-        for (i = 0; i < 8; i++) {
-            sword32 r0 = r[j + i +  0];
-            sword32 r1 = r[j + i +  8];
-            sword32 r2 = r[j + i + 16];
-            sword32 r3 = r[j + i + 24];
-            sword32 r4 = r[j + i + 32];
-            sword32 r5 = r[j + i + 40];
-            sword32 r6 = r[j + i + 48];
-            sword32 r7 = r[j + i + 56];
-
-            t0 = dilithium_mont_red((sword64)zeta80 * (r0 - r1));
-            t1 = dilithium_mont_red((sword64)zeta81 * (r2 - r3));
-            t2 = dilithium_mont_red((sword64)zeta82 * (r4 - r5));
-            t3 = dilithium_mont_red((sword64)zeta83 * (r6 - r7));
-            r0 += r1;
-            r2 += r3;
-            r4 += r5;
-            r6 += r7;
-            r1 = t0;
-            r3 = t1;
-            r5 = t2;
-            r7 = t3;
-
-            t0 = dilithium_mont_red((sword64)zeta160 * (r0 - r2));
-            t1 = dilithium_mont_red((sword64)zeta160 * (r1 - r3));
-            t2 = dilithium_mont_red((sword64)zeta161 * (r4 - r6));
-            t3 = dilithium_mont_red((sword64)zeta161 * (r5 - r7));
-            r0 += r2;
-            r1 += r3;
-            r4 += r6;
-            r5 += r7;
-            r2 = t0;
-            r3 = t1;
-            r6 = t2;
-            r7 = t3;
-
-            t0 = dilithium_mont_red((sword64)zeta32 * (r0 - r4));
-            t1 = dilithium_mont_red((sword64)zeta32 * (r1 - r5));
-            t2 = dilithium_mont_red((sword64)zeta32 * (r2 - r6));
-            t3 = dilithium_mont_red((sword64)zeta32 * (r3 - r7));
-            r0 += r4;
-            r1 += r5;
-            r2 += r6;
-            r3 += r7;
-            r4 = t0;
-            r5 = t1;
-            r6 = t2;
-            r7 = t3;
-
-            r[j + i +  0] = r0;
-            r[j + i +  8] = r1;
-            r[j + i + 16] = r2;
-            r[j + i + 24] = r3;
-            r[j + i + 32] = r4;
-            r[j + i + 40] = r5;
-            r[j + i + 48] = r6;
-            r[j + i + 56] = r7;
-        }
-    }
-
-    zeta640 = zetas_inv[252];
-    zeta641 = zetas_inv[253];
-    zeta128 = zetas_inv[254];
-    zeta256 = zetas_inv[255];
-    for (j = 0; j < DILITHIUM_N / 8; j++) {
-        sword32 r0 = r[j +   0];
-        sword32 r1 = r[j +  32];
-        sword32 r2 = r[j +  64];
-        sword32 r3 = r[j +  96];
-        sword32 r4 = r[j + 128];
-        sword32 r5 = r[j + 160];
-        sword32 r6 = r[j + 192];
-        sword32 r7 = r[j + 224];
-
-        t0 = dilithium_mont_red((sword64)zeta640 * (r0 - r2));
-        t1 = dilithium_mont_red((sword64)zeta640 * (r1 - r3));
-        t2 = dilithium_mont_red((sword64)zeta641 * (r4 - r6));
-        t3 = dilithium_mont_red((sword64)zeta641 * (r5 - r7));
-        r0 += r2;
-        r1 += r3;
-        r4 += r6;
-        r5 += r7;
-        r2 = t0;
-        r3 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        t0 = dilithium_mont_red((sword64)zeta128 * (r0 - r4));
-        t1 = dilithium_mont_red((sword64)zeta128 * (r1 - r5));
-        t2 = dilithium_mont_red((sword64)zeta128 * (r2 - r6));
-        t3 = dilithium_mont_red((sword64)zeta128 * (r3 - r7));
-        r0 += r4;
-        r1 += r5;
-        r2 += r6;
-        r3 += r7;
-        r4 = t0;
-        r5 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        r0 = dilithium_mont_red((sword64)zeta256 * r0);
-        r1 = dilithium_mont_red((sword64)zeta256 * r1);
-        r2 = dilithium_mont_red((sword64)zeta256 * r2);
-        r3 = dilithium_mont_red((sword64)zeta256 * r3);
-        r4 = dilithium_mont_red((sword64)zeta256 * r4);
-        r5 = dilithium_mont_red((sword64)zeta256 * r5);
-        r6 = dilithium_mont_red((sword64)zeta256 * r6);
-        r7 = dilithium_mont_red((sword64)zeta256 * r7);
-
-        r[j +   0] = r0;
-        r[j +  32] = r1;
-        r[j +  64] = r2;
-        r[j +  96] = r3;
-        r[j + 128] = r4;
-        r[j + 160] = r5;
-        r[j + 192] = r6;
-        r[j + 224] = r7;
-    }
-#endif
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN)
-/* Inverse Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_invntt(sword32* r)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_invntt_avx2(r);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_invntt_c(r);
-    }
-}
-#endif
-
-/* Inverse Number-Theoretic Transform.
- *
- * @param [in, out] r  Polynomial to transform.
- */
-static void dilithium_invntt_full(sword32* r)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_invntt_full_avx2(r);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_invntt_c(r);
-    }
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-     defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM)) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM))
-/* Inverse Number-Theoretic Transform.
- *
- * @param [in, out]  r  Vector of polynomials to transform.
- * @param [in]       l  Dimension of polynomial.
- */
-static void dilithium_vec_invntt_full(sword32* r, byte l)
-{
-    unsigned int i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_invntt_full(r);
-        r += DILITHIUM_N;
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-     defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM)) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM))
-/* Matrix multiplication.
- *
- * @param [out] r  Vector of polynomials that is result.
- * @param [in]  m  Matrix of polynomials.
- * @param [in]  v  Vector of polynomials.
- * @param [in]  k  First dimension of matrix and dimension of result.
- * @param [in]  l  Second dimension of matrix and dimension of v.
- */
-static void dilithium_matrix_mul_c(sword32* r, const sword32* m,
-    const sword32* v, byte k, byte l)
-{
-    byte i;
-
-    for (i = 0; i < k; i++) {
-        byte j;
-        unsigned int e;
-        const sword32* vt = v;
-
-#ifdef WOLFSSL_DILITHIUM_SMALL
-        for (e = 0; e < DILITHIUM_N; e++) {
-            r[e] = dilithium_mont_red((sword64)m[e] * vt[e]);
-        }
-        m += DILITHIUM_N;
-        vt += DILITHIUM_N;
-        for (j = 1; j < l; j++) {
-            for (e = 0; e < DILITHIUM_N; e++) {
-                r[e] += dilithium_mont_red((sword64)m[e] * vt[e]);
-            }
-            m += DILITHIUM_N;
-            vt += DILITHIUM_N;
-        }
-#elif defined(WOLFSSL_DILITHIUM_NO_LARGE_CODE)
-        (void)j;
-        if (l == 4) {
-            for (e = 0; e < DILITHIUM_N; e++) {
-                sword64 t = ((sword64)m[e + 0 * 256] * vt[e + 0 * 256]) +
-                            ((sword64)m[e + 1 * 256] * vt[e + 1 * 256]) +
-                            ((sword64)m[e + 2 * 256] * vt[e + 2 * 256]) +
-                            ((sword64)m[e + 3 * 256] * vt[e + 3 * 256]);
-                r[e] = dilithium_mont_red(t);
-            }
-            m += DILITHIUM_N * 4;
-        }
-        if (l == 5) {
-            for (e = 0; e < DILITHIUM_N; e++) {
-                sword64 t = ((sword64)m[e + 0 * 256] * vt[e + 0 * 256]) +
-                            ((sword64)m[e + 1 * 256] * vt[e + 1 * 256]) +
-                            ((sword64)m[e + 2 * 256] * vt[e + 2 * 256]) +
-                            ((sword64)m[e + 3 * 256] * vt[e + 3 * 256]) +
-                            ((sword64)m[e + 4 * 256] * vt[e + 4 * 256]);
-                r[e] = dilithium_mont_red(t);
-            }
-            m += DILITHIUM_N * 5;
-        }
-        if (l == 7) {
-            for (e = 0; e < DILITHIUM_N; e++) {
-                sword64 t = ((sword64)m[e + 0 * 256] * vt[e + 0 * 256]) +
-                            ((sword64)m[e + 1 * 256] * vt[e + 1 * 256]) +
-                            ((sword64)m[e + 2 * 256] * vt[e + 2 * 256]) +
-                            ((sword64)m[e + 3 * 256] * vt[e + 3 * 256]) +
-                            ((sword64)m[e + 4 * 256] * vt[e + 4 * 256]) +
-                            ((sword64)m[e + 5 * 256] * vt[e + 5 * 256]) +
-                            ((sword64)m[e + 6 * 256] * vt[e + 6 * 256]);
-                r[e] = dilithium_mont_red(t);
-            }
-            m += DILITHIUM_N * 7;
-        }
-#else
-        sword64 t0;
-        sword64 t1;
-#if !defined(WOLFSSL_NO_ML_DSA_44) || !defined(WOLFSSL_NO_ML_DSA_65)
-        sword64 t2;
-        sword64 t3;
-#endif
-
-        (void)j;
-#ifndef WOLFSSL_NO_ML_DSA_44
-        if (l == 4) {
-            for (e = 0; e < DILITHIUM_N; e += 4) {
-                t0 = ((sword64)m[e + 0 + 0 * 256] * vt[e + 0 + 0 * 256]) +
-                     ((sword64)m[e + 0 + 1 * 256] * vt[e + 0 + 1 * 256]) +
-                     ((sword64)m[e + 0 + 2 * 256] * vt[e + 0 + 2 * 256]) +
-                     ((sword64)m[e + 0 + 3 * 256] * vt[e + 0 + 3 * 256]);
-                t1 = ((sword64)m[e + 1 + 0 * 256] * vt[e + 1 + 0 * 256]) +
-                     ((sword64)m[e + 1 + 1 * 256] * vt[e + 1 + 1 * 256]) +
-                     ((sword64)m[e + 1 + 2 * 256] * vt[e + 1 + 2 * 256]) +
-                     ((sword64)m[e + 1 + 3 * 256] * vt[e + 1 + 3 * 256]);
-                t2 = ((sword64)m[e + 2 + 0 * 256] * vt[e + 2 + 0 * 256]) +
-                     ((sword64)m[e + 2 + 1 * 256] * vt[e + 2 + 1 * 256]) +
-                     ((sword64)m[e + 2 + 2 * 256] * vt[e + 2 + 2 * 256]) +
-                     ((sword64)m[e + 2 + 3 * 256] * vt[e + 2 + 3 * 256]);
-                t3 = ((sword64)m[e + 3 + 0 * 256] * vt[e + 3 + 0 * 256]) +
-                     ((sword64)m[e + 3 + 1 * 256] * vt[e + 3 + 1 * 256]) +
-                     ((sword64)m[e + 3 + 2 * 256] * vt[e + 3 + 2 * 256]) +
-                     ((sword64)m[e + 3 + 3 * 256] * vt[e + 3 + 3 * 256]);
-                r[e + 0] = dilithium_mont_red(t0);
-                r[e + 1] = dilithium_mont_red(t1);
-                r[e + 2] = dilithium_mont_red(t2);
-                r[e + 3] = dilithium_mont_red(t3);
-            }
-            m += DILITHIUM_N * 4;
-        }
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-        if (l == 5) {
-            for (e = 0; e < DILITHIUM_N; e += 4) {
-                t0 = ((sword64)m[e + 0 + 0 * 256] * vt[e + 0 + 0 * 256]) +
-                     ((sword64)m[e + 0 + 1 * 256] * vt[e + 0 + 1 * 256]) +
-                     ((sword64)m[e + 0 + 2 * 256] * vt[e + 0 + 2 * 256]) +
-                     ((sword64)m[e + 0 + 3 * 256] * vt[e + 0 + 3 * 256]) +
-                     ((sword64)m[e + 0 + 4 * 256] * vt[e + 0 + 4 * 256]);
-                t1 = ((sword64)m[e + 1 + 0 * 256] * vt[e + 1 + 0 * 256]) +
-                     ((sword64)m[e + 1 + 1 * 256] * vt[e + 1 + 1 * 256]) +
-                     ((sword64)m[e + 1 + 2 * 256] * vt[e + 1 + 2 * 256]) +
-                     ((sword64)m[e + 1 + 3 * 256] * vt[e + 1 + 3 * 256]) +
-                     ((sword64)m[e + 1 + 4 * 256] * vt[e + 1 + 4 * 256]);
-                t2 = ((sword64)m[e + 2 + 0 * 256] * vt[e + 2 + 0 * 256]) +
-                     ((sword64)m[e + 2 + 1 * 256] * vt[e + 2 + 1 * 256]) +
-                     ((sword64)m[e + 2 + 2 * 256] * vt[e + 2 + 2 * 256]) +
-                     ((sword64)m[e + 2 + 3 * 256] * vt[e + 2 + 3 * 256]) +
-                     ((sword64)m[e + 2 + 4 * 256] * vt[e + 2 + 4 * 256]);
-                t3 = ((sword64)m[e + 3 + 0 * 256] * vt[e + 3 + 0 * 256]) +
-                     ((sword64)m[e + 3 + 1 * 256] * vt[e + 3 + 1 * 256]) +
-                     ((sword64)m[e + 3 + 2 * 256] * vt[e + 3 + 2 * 256]) +
-                     ((sword64)m[e + 3 + 3 * 256] * vt[e + 3 + 3 * 256]) +
-                     ((sword64)m[e + 3 + 4 * 256] * vt[e + 3 + 4 * 256]);
-                r[e + 0] = dilithium_mont_red(t0);
-                r[e + 1] = dilithium_mont_red(t1);
-                r[e + 2] = dilithium_mont_red(t2);
-                r[e + 3] = dilithium_mont_red(t3);
-            }
-            m += DILITHIUM_N * 5;
-        }
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_87
-        if (l == 7) {
-            for (e = 0; e < DILITHIUM_N; e += 2) {
-                t0 = ((sword64)m[e + 0 + 0 * 256] * vt[e + 0 + 0 * 256]) +
-                     ((sword64)m[e + 0 + 1 * 256] * vt[e + 0 + 1 * 256]) +
-                     ((sword64)m[e + 0 + 2 * 256] * vt[e + 0 + 2 * 256]) +
-                     ((sword64)m[e + 0 + 3 * 256] * vt[e + 0 + 3 * 256]) +
-                     ((sword64)m[e + 0 + 4 * 256] * vt[e + 0 + 4 * 256]) +
-                     ((sword64)m[e + 0 + 5 * 256] * vt[e + 0 + 5 * 256]) +
-                     ((sword64)m[e + 0 + 6 * 256] * vt[e + 0 + 6 * 256]);
-                t1 = ((sword64)m[e + 1 + 0 * 256] * vt[e + 1 + 0 * 256]) +
-                     ((sword64)m[e + 1 + 1 * 256] * vt[e + 1 + 1 * 256]) +
-                     ((sword64)m[e + 1 + 2 * 256] * vt[e + 1 + 2 * 256]) +
-                     ((sword64)m[e + 1 + 3 * 256] * vt[e + 1 + 3 * 256]) +
-                     ((sword64)m[e + 1 + 4 * 256] * vt[e + 1 + 4 * 256]) +
-                     ((sword64)m[e + 1 + 5 * 256] * vt[e + 1 + 5 * 256]) +
-                     ((sword64)m[e + 1 + 6 * 256] * vt[e + 1 + 6 * 256]);
-                r[e + 0] = dilithium_mont_red(t0);
-                r[e + 1] = dilithium_mont_red(t1);
-            }
-            m += DILITHIUM_N * 7;
-        }
-#endif
-#endif
-        r += DILITHIUM_N;
-    }
-}
-
-/* Matrix multiplication.
- *
- * @param [out] r  Vector of polynomials that is result.
- * @param [in]  m  Matrix of polynomials.
- * @param [in]  v  Vector of polynomials.
- * @param [in]  k  First dimension of matrix and dimension of result.
- * @param [in]  l  Second dimension of matrix and dimension of v.
- */
-static void dilithium_matrix_mul(sword32* r, const sword32* m, const sword32* v,
-     byte k, byte l)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        int i;
-        if (l == 4) {
-            for (i = 0; i < k; i++) {
-                wc_mldsa_mul_vec_4_avx2(r, m, v);
-                m += l * DILITHIUM_N;
-                r += DILITHIUM_N;
-            }
-        }
-        else if (l == 5) {
-            for (i = 0; i < k; i++) {
-                wc_mldsa_mul_vec_5_avx2(r, m, v);
-                m += l * DILITHIUM_N;
-                r += DILITHIUM_N;
-            }
-        }
-        else {
-            for (i = 0; i < k; i++) {
-                wc_mldsa_mul_vec_7_avx2(r, m, v);
-                m += l * DILITHIUM_N;
-                r += DILITHIUM_N;
-            }
-        }
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_matrix_mul_c(r, m, v, k, l);
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-     !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM))
-/* Polynomial multiplication.
- *
- * @param [out] r  Polynomial result.
- * @param [in]  a  Polynomial
- * @param [in]  b  Polynomial.
- */
-static void dilithium_mul_c(sword32* r, sword32* a, sword32* b)
-{
-    unsigned int e;
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    for (e = 0; e < DILITHIUM_N; e++) {
-        r[e] = dilithium_mont_red((sword64)a[e] * b[e]);
-    }
-#elif defined(WOLFSSL_DILITHIUM_NO_LARGE_CODE)
-    for (e = 0; e < DILITHIUM_N; e += 8) {
-        r[e+0] = dilithium_mont_red((sword64)a[e+0] * b[e+0]);
-        r[e+1] = dilithium_mont_red((sword64)a[e+1] * b[e+1]);
-        r[e+2] = dilithium_mont_red((sword64)a[e+2] * b[e+2]);
-        r[e+3] = dilithium_mont_red((sword64)a[e+3] * b[e+3]);
-        r[e+4] = dilithium_mont_red((sword64)a[e+4] * b[e+4]);
-        r[e+5] = dilithium_mont_red((sword64)a[e+5] * b[e+5]);
-        r[e+6] = dilithium_mont_red((sword64)a[e+6] * b[e+6]);
-        r[e+7] = dilithium_mont_red((sword64)a[e+7] * b[e+7]);
-    }
-#else
-    for (e = 0; e < DILITHIUM_N; e += 16) {
-        r[e+ 0] = dilithium_mont_red((sword64)a[e+ 0] * b[e+ 0]);
-        r[e+ 1] = dilithium_mont_red((sword64)a[e+ 1] * b[e+ 1]);
-        r[e+ 2] = dilithium_mont_red((sword64)a[e+ 2] * b[e+ 2]);
-        r[e+ 3] = dilithium_mont_red((sword64)a[e+ 3] * b[e+ 3]);
-        r[e+ 4] = dilithium_mont_red((sword64)a[e+ 4] * b[e+ 4]);
-        r[e+ 5] = dilithium_mont_red((sword64)a[e+ 5] * b[e+ 5]);
-        r[e+ 6] = dilithium_mont_red((sword64)a[e+ 6] * b[e+ 6]);
-        r[e+ 7] = dilithium_mont_red((sword64)a[e+ 7] * b[e+ 7]);
-        r[e+ 8] = dilithium_mont_red((sword64)a[e+ 8] * b[e+ 8]);
-        r[e+ 9] = dilithium_mont_red((sword64)a[e+ 9] * b[e+ 9]);
-        r[e+10] = dilithium_mont_red((sword64)a[e+10] * b[e+10]);
-        r[e+11] = dilithium_mont_red((sword64)a[e+11] * b[e+11]);
-        r[e+12] = dilithium_mont_red((sword64)a[e+12] * b[e+12]);
-        r[e+13] = dilithium_mont_red((sword64)a[e+13] * b[e+13]);
-        r[e+14] = dilithium_mont_red((sword64)a[e+14] * b[e+14]);
-        r[e+15] = dilithium_mont_red((sword64)a[e+15] * b[e+15]);
-    }
-#endif
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN)
-/* Polynomial multiplication.
- *
- * @param [out] r  Polynomial result.
- * @param [in]  a  Polynomial
- * @param [in]  b  Polynomial.
- */
-static void dilithium_mul(sword32* r, sword32* a, sword32* b)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_mul_avx2(r, a, b);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_mul_c(r, a, b);
-    }
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-    !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM)
-/* Vector multiplication.
- *
- * @param [out] r  Vector of polynomials that is result.
- * @param [in]  a  Polynomials
- * @param [in]  b  Vector of polynomials.
- * @param [in]  l  Dimension of vectors.
- */
-static void dilithium_vec_mul(sword32* r, sword32* a, sword32* b, byte l)
-{
-    byte i;
-
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        for (i = 0; i < l; i++) {
-            wc_mldsa_mul_avx2(r, a, b);
-            r += DILITHIUM_N;
-            b += DILITHIUM_N;
-        }
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        for (i = 0; i < l; i++) {
-            dilithium_mul_c(r, a, b);
-            r += DILITHIUM_N;
-            b += DILITHIUM_N;
-        }
-    }
-}
-#endif
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-/* Modulo reduce values in polynomial. Range (-2^31)..(2^31-1).
- *
- * @param [in, out] a  Polynomial.
- */
-static void dilithium_poly_red_c(sword32* a)
-{
-    word16 j;
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    for (j = 0; j < DILITHIUM_N; j++) {
-        a[j] = dilithium_red(a[j]);
-    }
-#else
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        a[j+0] = dilithium_red(a[j+0]);
-        a[j+1] = dilithium_red(a[j+1]);
-        a[j+2] = dilithium_red(a[j+2]);
-        a[j+3] = dilithium_red(a[j+3]);
-        a[j+4] = dilithium_red(a[j+4]);
-        a[j+5] = dilithium_red(a[j+5]);
-        a[j+6] = dilithium_red(a[j+6]);
-        a[j+7] = dilithium_red(a[j+7]);
-    }
-#endif
-}
-
-/* Modulo reduce values in polynomial. Range (-2^31)..(2^31-1).
- *
- * @param [in, out] a  Polynomial.
- */
-static void dilithium_poly_red(sword32* a)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_poly_red_avx2(a);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_poly_red_c(a);
-    }
-}
-
-#ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM
-/* Modulo reduce values in polynomials of vector. Range (-2^31)..(2^31-1).
- *
- * @param [in, out] a  Vector of polynomials.
- * @param [in]      l  Dimension of vector.
- */
-static void dilithium_vec_red(sword32* a, byte l)
-{
-    byte i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_poly_red(a);
-        a += DILITHIUM_N;
-    }
-}
-#endif /*  WOLFSSL_DILITHIUM_SIGN_SMALL_MEM*/
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */
-
-#if (!defined(WOLFSSL_DILITHIUM_NO_SIGN) || \
-     (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-      !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM))) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY)
-/* Subtract polynomials a from r. r -= a.
- *
- * @param [out] r  Polynomial to subtract from.
- * @param [in]  a  Polynomial to subtract.
- */
-static void dilithium_sub_c(sword32* r, const sword32* a)
-{
-    word16 j;
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    for (j = 0; j < DILITHIUM_N; j++) {
-        r[j] -= a[j];
-    }
-#else
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        r[j+0] -= a[j+0];
-        r[j+1] -= a[j+1];
-        r[j+2] -= a[j+2];
-        r[j+3] -= a[j+3];
-        r[j+4] -= a[j+4];
-        r[j+5] -= a[j+5];
-        r[j+6] -= a[j+6];
-        r[j+7] -= a[j+7];
-    }
-#endif
-}
-
-/* Subtract polynomials a from r. r -= a.
- *
- * @param [out] r  Polynomial to subtract from.
- * @param [in]  a  Polynomial to subtract.
- */
-static void dilithium_sub(sword32* r, const sword32* a)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_poly_sub_avx2(r, a);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_sub_c(r, a);
-    }
-}
-
-#if defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-   (!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
-    !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM))
-/* Subtract vector a from r. r -= a.
- *
- * @param [out] r  Vector of polynomials that is result.
- * @param [in]  a  Vector of polynomials to subtract.
- * @param [in]  l  Dimension of vectors.
- */
-static void dilithium_vec_sub(sword32* r, const sword32* a, byte l)
-{
-    byte i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_sub(r, a);
-        r += DILITHIUM_N;
-        a += DILITHIUM_N;
-    }
-}
-#endif
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_VERIFY_ONLY
-/* Add polynomials a to r. r += a.
- *
- * @param [out] r  Polynomial to add to.
- * @param [in]  a  Polynomial to add.
- */
-static void dilithium_add_c(sword32* r, const sword32* a)
-{
-    word16 j;
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    for (j = 0; j < DILITHIUM_N; j++) {
-        r[j] += a[j];
-    }
-#else
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        r[j+0] += a[j+0];
-        r[j+1] += a[j+1];
-        r[j+2] += a[j+2];
-        r[j+3] += a[j+3];
-        r[j+4] += a[j+4];
-        r[j+5] += a[j+5];
-        r[j+6] += a[j+6];
-        r[j+7] += a[j+7];
-    }
-#endif
-}
-
-/* Add polynomials a to r. r += a.
- *
- * @param [out] r  Polynomial to add to.
- * @param [in]  a  Polynomial to add.
- */
-static void dilithium_add(sword32* r, const sword32* a)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_poly_add_avx2(r, a);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_add_c(r, a);
-    }
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM))
-/* Add vector a to r. r += a.
- *
- * @param [out] r  Vector of polynomials that is result.
- * @param [in]  a  Vector of polynomials to add.
- * @param [in]  l  Dimension of vectors.
- */
-static void dilithium_vec_add(sword32* r, const sword32* a, byte l)
-{
-    byte i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_add(r, a);
-        r += DILITHIUM_N;
-        a += DILITHIUM_N;
-    }
-}
-#endif
-
-/* Make values in polynomial be in positive range.
- *
- * @param [in, out] a  Polynomial.
- */
-static void dilithium_make_pos_c(sword32* a)
-{
-    word16 j;
-#ifdef WOLFSSL_DILITHIUM_SMALL
-    for (j = 0; j < DILITHIUM_N; j++) {
-        a[j] += (0 - (((word32)a[j]) >> 31)) & DILITHIUM_Q;
-    }
-#else
-    for (j = 0; j < DILITHIUM_N; j += 8) {
-        a[j+0] += (0 - (((word32)a[j+0]) >> 31)) & DILITHIUM_Q;
-        a[j+1] += (0 - (((word32)a[j+1]) >> 31)) & DILITHIUM_Q;
-        a[j+2] += (0 - (((word32)a[j+2]) >> 31)) & DILITHIUM_Q;
-        a[j+3] += (0 - (((word32)a[j+3]) >> 31)) & DILITHIUM_Q;
-        a[j+4] += (0 - (((word32)a[j+4]) >> 31)) & DILITHIUM_Q;
-        a[j+5] += (0 - (((word32)a[j+5]) >> 31)) & DILITHIUM_Q;
-        a[j+6] += (0 - (((word32)a[j+6]) >> 31)) & DILITHIUM_Q;
-        a[j+7] += (0 - (((word32)a[j+7]) >> 31)) & DILITHIUM_Q;
-    }
-#endif
-}
-
-/* Make values in polynomial be in positive range.
- *
- * @param [in, out] a  Polynomial.
- */
-static void dilithium_make_pos(sword32* a)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        wc_mldsa_poly_make_pos_avx2(a);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        dilithium_make_pos_c(a);
-    }
-}
-
-#if !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY) || \
-    defined(WOLFSSL_DILITHIUM_CHECK_KEY) || \
-    (!defined(WOLFSSL_DILITHIUM_NO_SIGN) && \
-     !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM))
-/* Make values in polynomials of vector be in positive range.
- *
- * @param [in, out] a  Vector of polynomials.
- * @param [in]      l  Dimension of vector.
- */
-static void dilithium_vec_make_pos(sword32* a, byte l)
-{
-    byte i;
-
-    for (i = 0; i < l; i++) {
-        dilithium_make_pos(a);
-        a += DILITHIUM_N;
-    }
-}
-#endif
-
-#endif /* !WOLFSSL_DILITHIUM_VERIFY_ONLY */
-
-/******************************************************************************/
-
-#ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-
-/* Make a key from a random seed.
- *
- * xi is seed passed in.
- * FIPS 204. 6.1: Algorithm 6 ML-DSA.KeyGen_internal(xi)
- *   1: (rho, rho', K) E B32 x B64 x B32 <- H(xi||k||l, 1024)
- *   2:
- *   3: A_circum <- ExpandA(rho)
- *   4: (s1,s2) <- ExpandS(rho')
- *   5: t <- NTT-1(A_circum o NTT(s1)) + s2
- *   6: (t1, t0) <- Power2Round(t, d)
- *   7: pk <- pkEncode(rho, t1)
- *   8: tr <- H(pk, 64)
- *   9: sk <- skEncode(rho, K, tr, s1, s2, t0)
- *  10: return (pk, sk)
- *
- * FIPS 204. 7.2: Algorithm 22 pkEncode(rho, t1)
- *   1: pk <- rho
- *   2: for i from 0 to k - 1 do
- *   3:     pk <- pk || SimpleBitPack(t1[i], 2^(bitlen(q-1)-d) - 1)
- *   4: end for
- *   5: return pk
- *
- * FIPS 204. 7.2: Algorithm 24 skEncode(rho, K, tr, s, s2, t0)
- *   1: sk <- rho || K || tr
- *   2: for i from 0 to l - 1 do
- *   3:     sk <- sk || BitPack(s1[i], eta, eta)
- *   4: end for
- *   5: for i from 0 to k - 1 do
- *   6:     sk <- sk || BitPack(s2[i], eta, eta)
- *   7: end for
- *   8: for i from 0 to k - 1 do
- *   9:     sk <- sk || BitPack(t0[i], 2^(d-1)-1, 2^(d-1))
- *  10: end for
- *  11: return sk
- *
- * Public and private key store in key.
- *
- * @param [in, out] key   Dilithium key.
- * @param [in]      seed  Seed to hash to generate values.
- * @return  0 on success.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_make_key_from_seed(dilithium_key* key, const byte* seed)
-{
-#ifndef WOLFSSL_DILITHIUM_MAKE_KEY_SMALL_MEM
-    int ret = 0;
-    const wc_dilithium_params* params = key->params;
-    sword32* a = NULL;
-    sword32* s1 = NULL;
-    sword32* s2 = NULL;
-    sword32* t = NULL;
-    byte* pub_seed = key->k;
-    byte kl[2];
-
-    /* Allocate memory for large intermediates. */
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if (key->a == NULL) {
-        key->a = (sword32*)XMALLOC(params->aSz, key->heap,
-            DYNAMIC_TYPE_DILITHIUM);
-        if (key->a == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-    if (ret == 0) {
-        a = key->a;
-    }
-#endif
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if ((ret == 0) && (key->s1 == NULL)) {
-        key->s1 = (sword32*)XMALLOC(params->aSz, key->heap,
-            DYNAMIC_TYPE_DILITHIUM);
-        if (key->s1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            key->s2 = key->s1  + params->s1Sz / sizeof(*s1);
-            key->t0 = key->s2  + params->s2Sz / sizeof(*s2);
-        }
-    }
-#endif
-    if (ret == 0) {
-        s1 = key->s1;
-        s2 = key->s2;
-        t  = key->t0;
-    }
-#else
-    if (ret == 0) {
-        unsigned int allocSz;
-
-        allocSz = params->s1Sz + params->s2Sz + params->s2Sz;
-#ifndef WC_DILITHIUM_CACHE_MATRIX_A
-        allocSz += params->aSz;
-#endif
-
-        /* s1, s2, t, a */
-        s1 = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (s1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            s2 = s1 + params->s1Sz / sizeof(*s1);
-            t  = s2 + params->s2Sz / sizeof(*s2);
-#ifndef WC_DILITHIUM_CACHE_MATRIX_A
-            a  = t  + params->s2Sz / sizeof(*t);
-#endif
-        }
-    }
-#endif
-
-    if (ret == 0) {
-#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
-        if (key->params->level >= WC_ML_DSA_DRAFT) {
-            /* Step 2: Create public seed, private seed and K from seed.
-             * Step 9; Alg 18, Step 1: Public seed is placed into private key.
-             */
-            ret = dilithium_shake256(&key->shake, seed, DILITHIUM_SEED_SZ,
-                pub_seed, DILITHIUM_SEEDS_SZ);
-        }
-        else
-#endif
-        {
-            kl[0] = params->k;
-            kl[1] = params->l;
-            /* Step 1: Create public seed, private seed and K from seed.
-             * Step 9; Alg 24, Step 1: Public seed is placed into private key.
-             */
-            ret = dilithium_hash256(&key->shake, seed, DILITHIUM_SEED_SZ, kl, 2,
-                pub_seed, DILITHIUM_SEEDS_SZ);
-        }
-    }
-    if (ret == 0) {
-        /* Step 7; Alg 22 Step 1: Copy public seed into public key. */
-        XMEMCPY(key->p, pub_seed, DILITHIUM_PUB_SEED_SZ);
-
-        /* Step 3: Expand public seed into a matrix of polynomials. */
-        ret = dilithium_expand_a(&key->shake, pub_seed, params->k, params->l,
-            a, key->heap);
-    }
-    if (ret == 0) {
-        byte* priv_seed = key->k + DILITHIUM_PUB_SEED_SZ;
-
-        /* Step 4: Expand private seed into to vectors of polynomials. */
-        ret = dilithium_expand_s(&key->shake, priv_seed, params->eta, s1,
-            params->l, s2, params->k);
-    }
-    if (ret == 0) {
-        byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-        byte* tr = k + DILITHIUM_K_SZ;
-        byte* s1p = tr + DILITHIUM_TR_SZ;
-        byte* s2p = s1p + params->s1EncSz;
-        byte* t0 = s2p + params->s2EncSz;
-        byte* t1 = key->p + DILITHIUM_PUB_SEED_SZ;
-
-        /* Step 9: Move k down to after public seed. */
-        XMEMCPY(k, k + DILITHIUM_PRIV_SEED_SZ, DILITHIUM_K_SZ);
-        /* Step 9. Alg 24 Steps 2-4: Encode s1 into private key. */
-        dilthium_vec_encode_eta_bits(s1, params->l, params->eta, s1p);
-        /* Step 9. Alg 24 Steps 5-7: Encode s2 into private key. */
-        dilthium_vec_encode_eta_bits(s2, params->k, params->eta, s2p);
-
-        /* Step 5: t <- NTT-1(A_circum o NTT(s1)) + s2 */
-        dilithium_vec_ntt_small_full(s1, params->l);
-        dilithium_matrix_mul(t, a, s1, params->k, params->l);
-        dilithium_vec_invntt_full(t, params->k);
-        dilithium_vec_add(t, s2, params->k);
-
-        /* Make positive for decomposing. */
-        dilithium_vec_make_pos(t, params->k);
-        /* Step 6, Step 7, Step 9. Alg 22 Steps 2-4, Alg 24 Steps 8-10.
-         * Decompose t in t0 and t1 and encode into public and private key.
-         */
-        dilithium_vec_encode_t0_t1(t, params->k, t0, t1);
-        /* Step 8. Alg 24, Step 1: Hash public key into private key. */
-        ret = dilithium_shake256(&key->shake, key->p, params->pkSz, tr,
-            DILITHIUM_TR_SZ);
-    }
-    if (ret == 0) {
-        /* Public key and private key are available. */
-        key->prvKeySet = 1;
-        key->pubKeySet = 1;
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-        /* Matrix A is available. */
-        key->aSet = 1;
-#endif
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-        /* Private vectors are not available as they were overwritten. */
-        key->privVecsSet = 0;
-#endif
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-        /* Public vector, t1, is not available as it was not created. */
-        key->pubVecSet = 0;
-#endif
-    }
-
-#ifndef WC_DILITHIUM_CACHE_PRIV_VECTORS
-    XFREE(s1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-#endif
-    return ret;
-#else
-    int ret = 0;
-    const wc_dilithium_params* params = key->params;
-    sword32* a = NULL;
-    sword32* s1 = NULL;
-    sword32* s2 = NULL;
-    sword32* t = NULL;
-#ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-    sword64* t64 = NULL;
-#endif
-    byte* h = NULL;
-    byte* pub_seed = key->k;
-    unsigned int r;
-    unsigned int s;
-    byte kl[2];
-
-    /* Allocate memory for large intermediates. */
-    if (ret == 0) {
-        unsigned int allocSz;
-
-        /* s1-l, s2-k, t-k, a-1 */
-        allocSz  = params->s1Sz + params->s2Sz + params->s2Sz +
-            DILITHIUM_REJ_NTT_POLY_H_SIZE + DILITHIUM_POLY_SIZE;
-    #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-        /* t64 */
-        allocSz += DILITHIUM_POLY_SIZE * 2;
-    #endif
-        s1 = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (s1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            s2 = s1 + params->s1Sz / sizeof(*s1);
-            t  = s2 + params->s2Sz / sizeof(*s2);
-            h  = (byte*)(t  + params->s2Sz / sizeof(*t));
-            a  = (sword32*)(h + DILITHIUM_REJ_NTT_POLY_H_SIZE);
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            t64 = (sword64*)(a + DILITHIUM_N);
-        #endif
-        }
-    }
-
-    if (ret == 0) {
-#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
-        if (key->params->level >= WC_ML_DSA_DRAFT) {
-            /* Step 2: Create public seed, private seed and K from seed.
-             * Step 9; Alg 18, Step 1: Public seed is placed into private key.
-             */
-            ret = dilithium_shake256(&key->shake, seed, DILITHIUM_SEED_SZ,
-                pub_seed, DILITHIUM_SEEDS_SZ);
-        }
-        else
-#endif
-        {
-            kl[0] = params->k;
-            kl[1] = params->l;
-            /* Step 1: Create public seed, private seed and K from seed.
-             * Step 9; Alg 24, Step 1: Public seed is placed into private key.
-             */
-            ret = dilithium_hash256(&key->shake, seed, DILITHIUM_SEED_SZ, kl, 2,
-                pub_seed, DILITHIUM_SEEDS_SZ);
-        }
-    }
-    if (ret == 0) {
-        byte* priv_seed = key->k + DILITHIUM_PUB_SEED_SZ;
-
-        /* Step 7; Alg 22 Step 1: Copy public seed into public key. */
-        XMEMCPY(key->p, pub_seed, DILITHIUM_PUB_SEED_SZ);
-
-        /* Step 4: Expand private seed into to vectors of polynomials. */
-        ret = dilithium_expand_s(&key->shake, priv_seed, params->eta, s1,
-            params->l, s2, params->k);
-    }
-    if (ret == 0) {
-        byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-        byte* tr = k + DILITHIUM_K_SZ;
-        byte* s1p = tr + DILITHIUM_TR_SZ;
-        byte* s2p = s1p + params->s1EncSz;
-        byte* t0 = s2p + params->s2EncSz;
-        byte* t1 = key->p + DILITHIUM_PUB_SEED_SZ;
-        byte aseed[DILITHIUM_GEN_A_SEED_SZ];
-        sword32* s2t = s2;
-        sword32* tt = t;
-
-        /* Step 9: Move k down to after public seed. */
-        XMEMCPY(k, k + DILITHIUM_PRIV_SEED_SZ, DILITHIUM_K_SZ);
-        /* Step 9. Alg 24 Steps 2-4: Encode s1 into private key. */
-        dilthium_vec_encode_eta_bits(s1, params->l, params->eta, s1p);
-        /* Step 9. Alg 24 Steps 5-7: Encode s2 into private key. */
-        dilthium_vec_encode_eta_bits(s2, params->k, params->eta, s2p);
-
-        /* Step 5: NTT(s1) */
-        dilithium_vec_ntt_small_full(s1, params->l);
-        /* Step 5: t <- NTT-1(A_circum o NTT(s1)) + s2 */
-        XMEMCPY(aseed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-        for (r = 0; (ret == 0) && (r < params->k); r++) {
-            sword32* s1t = s1;
-            unsigned int e;
-
-            /* Put r/i into buffer to be hashed. */
-            aseed[DILITHIUM_PUB_SEED_SZ + 1] = r;
-            for (s = 0; (ret == 0) && (s < params->l); s++) {
-                /* Put s into buffer to be hashed. */
-                aseed[DILITHIUM_PUB_SEED_SZ + 0] = s;
-                /* Step 3: Expand public seed into a matrix of polynomials. */
-                ret = dilithium_rej_ntt_poly_ex(&key->shake, aseed, a, h);
-                if (ret != 0) {
-                    break;
-                }
-                /* Matrix multiply. */
-            #ifndef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-                if (s == 0) {
-                #ifdef WOLFSSL_DILITHIUM_SMALL
-                    for (e = 0; e < DILITHIUM_N; e++) {
-                        tt[e] = dilithium_mont_red((sword64)a[e] * s1t[e]);
-                    }
-                #else
-                    for (e = 0; e < DILITHIUM_N; e += 8) {
-                        tt[e+0] = dilithium_mont_red((sword64)a[e+0]*s1t[e+0]);
-                        tt[e+1] = dilithium_mont_red((sword64)a[e+1]*s1t[e+1]);
-                        tt[e+2] = dilithium_mont_red((sword64)a[e+2]*s1t[e+2]);
-                        tt[e+3] = dilithium_mont_red((sword64)a[e+3]*s1t[e+3]);
-                        tt[e+4] = dilithium_mont_red((sword64)a[e+4]*s1t[e+4]);
-                        tt[e+5] = dilithium_mont_red((sword64)a[e+5]*s1t[e+5]);
-                        tt[e+6] = dilithium_mont_red((sword64)a[e+6]*s1t[e+6]);
-                        tt[e+7] = dilithium_mont_red((sword64)a[e+7]*s1t[e+7]);
-                    }
-                #endif
-                }
-                else {
-                #ifdef WOLFSSL_DILITHIUM_SMALL
-                    for (e = 0; e < DILITHIUM_N; e++) {
-                        tt[e] += dilithium_mont_red((sword64)a[e] * s1t[e]);
-                    }
-                #else
-                    for (e = 0; e < DILITHIUM_N; e += 8) {
-                        tt[e+0] += dilithium_mont_red((sword64)a[e+0]*s1t[e+0]);
-                        tt[e+1] += dilithium_mont_red((sword64)a[e+1]*s1t[e+1]);
-                        tt[e+2] += dilithium_mont_red((sword64)a[e+2]*s1t[e+2]);
-                        tt[e+3] += dilithium_mont_red((sword64)a[e+3]*s1t[e+3]);
-                        tt[e+4] += dilithium_mont_red((sword64)a[e+4]*s1t[e+4]);
-                        tt[e+5] += dilithium_mont_red((sword64)a[e+5]*s1t[e+5]);
-                        tt[e+6] += dilithium_mont_red((sword64)a[e+6]*s1t[e+6]);
-                        tt[e+7] += dilithium_mont_red((sword64)a[e+7]*s1t[e+7]);
-                    }
-                #endif
-                }
-            #else
-                if (s == 0) {
-                #ifdef WOLFSSL_DILITHIUM_SMALL
-                    for (e = 0; e < DILITHIUM_N; e++) {
-                        t64[e] = (sword64)a[e] * s1t[e];
-                    }
-                #else
-                    for (e = 0; e < DILITHIUM_N; e += 8) {
-                        t64[e+0] = (sword64)a[e+0] * s1t[e+0];
-                        t64[e+1] = (sword64)a[e+1] * s1t[e+1];
-                        t64[e+2] = (sword64)a[e+2] * s1t[e+2];
-                        t64[e+3] = (sword64)a[e+3] * s1t[e+3];
-                        t64[e+4] = (sword64)a[e+4] * s1t[e+4];
-                        t64[e+5] = (sword64)a[e+5] * s1t[e+5];
-                        t64[e+6] = (sword64)a[e+6] * s1t[e+6];
-                        t64[e+7] = (sword64)a[e+7] * s1t[e+7];
-                    }
-                #endif
-                }
-                else {
-                #ifdef WOLFSSL_DILITHIUM_SMALL
-                    for (e = 0; e < DILITHIUM_N; e++) {
-                        t64[e] += (sword64)a[e] * s1t[e];
-                    }
-                #else
-                    for (e = 0; e < DILITHIUM_N; e += 8) {
-                        t64[e+0] += (sword64)a[e+0] * s1t[e+0];
-                        t64[e+1] += (sword64)a[e+1] * s1t[e+1];
-                        t64[e+2] += (sword64)a[e+2] * s1t[e+2];
-                        t64[e+3] += (sword64)a[e+3] * s1t[e+3];
-                        t64[e+4] += (sword64)a[e+4] * s1t[e+4];
-                        t64[e+5] += (sword64)a[e+5] * s1t[e+5];
-                        t64[e+6] += (sword64)a[e+6] * s1t[e+6];
-                        t64[e+7] += (sword64)a[e+7] * s1t[e+7];
-                    }
-                #endif
-                }
-            #endif
-                /* Next polynomial. */
-                s1t += DILITHIUM_N;
-            }
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            for (e = 0; e < DILITHIUM_N; e++) {
-                tt[e] = dilithium_mont_red(t64[e]);
-            }
-        #endif
-            dilithium_invntt_full(tt);
-            dilithium_add(tt, s2t);
-            /* Make positive for decomposing. */
-            dilithium_make_pos(tt);
-
-            tt += DILITHIUM_N;
-            s2t += DILITHIUM_N;
-        }
-
-        /* Step 6, Step 7, Step 9. Alg 22 Steps 2-4, Alg 24 Steps 8-10.
-         * Decompose t in t0 and t1 and encode into public and private key.
-         */
-        dilithium_vec_encode_t0_t1(t, params->k, t0, t1);
-        /* Step 8. Alg 24, Step 1: Hash public key into private key. */
-        ret = dilithium_shake256(&key->shake, key->p, params->pkSz, tr,
-            DILITHIUM_TR_SZ);
-    }
-    if (ret == 0) {
-        /* Public key and private key are available. */
-        key->prvKeySet = 1;
-        key->pubKeySet = 1;
-    }
-
-    XFREE(s1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    return ret;
-#endif
-}
-
-/* Make a key from a random seed.
- *
- * FIPS 204. 5.1: Algorithm 1 ML-DSA.KeyGen()
- *   1: xi <- B32  [Choose random seed]
- *   2: if xi = NULL then
- *   3:   return falsam
- *   4: end if
- *   5: return ML-DSA.KeyGen_internal(xi)
- *
- * @param [in, out] key  Dilithium key.
- * @param [in]      rng  Random number generator.
- * @return  0 on success.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_make_key(dilithium_key* key, WC_RNG* rng)
-{
-    int ret;
-    byte seed[DILITHIUM_SEED_SZ];
-
-    /* Step 1: Generate a 32 byte random seed. */
-    ret = wc_RNG_GenerateBlock(rng, seed, DILITHIUM_SEED_SZ);
-    /* Step 2: Check for error. */
-    if (ret == 0) {
-        /* Step 5: Make key with random seed. */
-        ret = wc_dilithium_make_key_from_seed(key, seed);
-    }
-
-    return ret;
-}
-#endif /* !WOLFSSL_DILITHIUM_NO_MAKE_KEY */
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-
-#if !defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM) || \
-    defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC) || \
-    defined(WC_DILITHIUM_CACHE_PRIV_VECTORS)
-/* Decode, from private key, and NTT private key vectors s1, s2, and t0.
- *
- * FIPS 204. 6: Algorithm 2 ML-DSA.Sign(sk, M)
- *   1: (rho, K, tr, s1, s2, t0) <- skDecode(sk)
- *   2: s1_circum <- NTT(s1)
- *   3: s2_circum <- NTT(s2)
- *   4: t0_circum <- NTT(t0)
- *
- * @param [in, out] key  Dilithium key.
- * @param [out]     s1   Vector of polynomials s1.
- * @param [out]     s2   Vector of polynomials s2.
- * @param [out]     t0   Vector of polynomials t0.
- */
-static void dilithium_make_priv_vecs(dilithium_key* key, sword32* s1,
-    sword32* s2, sword32* t0)
-{
-    const wc_dilithium_params* params = key->params;
-    const byte* pubSeed = key->k;
-    const byte* k = pubSeed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    const byte* s1p = tr + DILITHIUM_TR_SZ;
-    const byte* s2p = s1p + params->s1EncSz;
-    const byte* t0p = s2p + params->s2EncSz;
-
-    /* Step 1: Decode s1, s2, t0. */
-    dilithium_vec_decode_eta_bits(s1p, params->eta, s1, params->l);
-    dilithium_vec_decode_eta_bits(s2p, params->eta, s2, params->k);
-    dilithium_vec_decode_t0(t0p, params->k, t0);
-
-    /* Step 2: NTT s1. */
-    dilithium_vec_ntt_small(s1, params->l);
-    /* Step 3: NTT s2. */
-    dilithium_vec_ntt_small(s2, params->k);
-    /* Step 4: NTT t0. */
-    dilithium_vec_ntt(t0, params->k);
-
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-    /* Private key vectors have been created. */
-    key->privVecsSet = 1;
-#endif
-}
-#endif
-
-/* Sign a message with the key and a seed.
- *
- * FIPS 204. 5.2: Algorithm 2 ML-DSA.sign(sk, M, ctx)
- *   ...
- *  10: M' <- ByyesToBits(IntegerToBytes(0, 1) || IntegerToBytes(|ctx|, 1) ||
- *                        ctx) || M
- *   ...
- *
- * FIPS 204. 6: Algorithm 2 ML-DSA.Sign(sk, M)
- *   1: (rho, K, tr, s1, s2, t0) <- skDecode(sk)
- *   2: s1_circum <- NTT(s1)
- *   3: s2_circum <- NTT(s2)
- *   4: t0_circum <- NTT(t0)
- *   5: A_circum <- ExpandA(rho)
- *   6: mu <- H(tr||M, 512)
- *   7: rnd <- {0,1}256
- *   8: rho' <- H(K||rnd||mu, 512)
- *   9: kappa <- 0
- *  10: (z, h) <- falsam
- *  11: while (z, h) = falsam do
- *  12:    y <- ExpandMask(rho', kappa)
- *  13:    w <- NTT-1(A_circum o NTT(y))
- *  14:    w1 <- HighBits(w)
- *  15:    c_tilde E {0,1}2*lambda <- H(mu|w1Encode(w1), 2 * lambda)
- *  16:    (c1_tilde, c2_tilde) E {0,1}256 x {0,1}2*lambda-256 <- c_tilde
- *  17:     c < SampleInBall(c1_tilde)
- *  18:     c_circum <- NTT(c)
- *  19:     <<cs1>> <- NTT-1(c_circum o s1_circum)
- *  20:     <<cs2>> <- NTT-1(c_circum o s2_circum)
- *  21:     z <- y + <<cs1>>
- *  22:     r0 <- LowBits(w - <<cs2>>
- *  23:     if ||z||inf >= GAMMA1 - BETA or ||r0||inf GAMMA2 - BETA then
- *                                                             (z, h) <- falsam
- *  24:     else
- *  25:         <<ct0>> <- NTT-1(c_circum o t0_circum)
- *  26:         h < MakeHint(-<<ct0>>, w - <<sc2>> + <<ct0>>)
- *  27:         if (||<<ct>>||inf >= GAMMMA1 or
- *                 the number of 1's in h is greater than OMEGA, then
- *                                                             (z, h) <- falsam
- *  28:         end if
- *  29:     end if
- *  30:     kappa <- kappa + l
- *  31: end while
- *  32: sigma <- sigEncode(c_tilde, z mod +/- q, h)
- *  33: return sigma
- *
- * @param [in, out] key     Dilithium key.
- * @param [in]      seedMu  Random seed || mu.
- * @param [out]     sig     Buffer to hold signature.
- * @param [in, out] sigLen  On in, length of buffer in bytes.
- *                          On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when context length is greater than 255.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_with_seed_mu(dilithium_key* key,
-    const byte* seedMu, byte* sig, word32 *sigLen)
-{
-#ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM
-    int ret = 0;
-    const wc_dilithium_params* params = key->params;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* mu = seedMu + DILITHIUM_RND_SZ;
-    sword32* a = NULL;
-    sword32* s1 = NULL;
-    sword32* s2 = NULL;
-    sword32* t0 = NULL;
-    sword32* y = NULL;
-    sword32* w0 = NULL;
-    sword32* w1 = NULL;
-    sword32* c = NULL;
-    sword32* z = NULL;
-    sword32* ct0 = NULL;
-    byte priv_rand_seed[DILITHIUM_Y_SEED_SZ];
-    byte* h = sig + params->lambda / 4 + params->zEncSz;
-
-    /* Check the signature buffer isn't too small. */
-    if (*sigLen < params->sigSz) {
-        ret = BUFFER_E;
-    }
-    if (ret == 0) {
-        /* Return the size of the signature. */
-        *sigLen = params->sigSz;
-    }
-
-    /* Allocate memory for large intermediates. */
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if ((ret == 0) && (key->a == NULL)) {
-        a = (sword32*)XMALLOC(params->aSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (a == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-    if (ret == 0) {
-        a = key->a;
-    }
-#endif
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if ((ret == 0) && (key->s1 == NULL)) {
-        key->s1 = (sword32*)XMALLOC(params->aSz, key->heap,
-            DYNAMIC_TYPE_DILITHIUM);
-        if (key->s1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(key->s1, 0, params->aSz);
-            key->s2 = key->s1  + params->s1Sz / sizeof(*s1);
-            key->t0 = key->s2  + params->s2Sz / sizeof(*s2);
-        }
-    }
-#endif
-    if (ret == 0) {
-        s1 = key->s1;
-        s2 = key->s2;
-        t0 = key->t0;
-    }
-#endif
-    if (ret == 0) {
-        unsigned int allocSz;
-
-        /* y-l, w0-k, w1-k, c-1, z-l, ct0-k */
-        allocSz = params->s1Sz + params->s2Sz + params->s2Sz +
-            DILITHIUM_POLY_SIZE + params->s1Sz + params->s2Sz;
-#ifndef WC_DILITHIUM_CACHE_PRIV_VECTORS
-        /* s1-l, s2-k, t0-k */
-        allocSz += params->s1Sz + params->s2Sz + params->s2Sz;
-#endif
-#ifndef WC_DILITHIUM_CACHE_MATRIX_A
-        /* A */
-        allocSz += params->aSz;
-#endif
-        y = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (y == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            w0  = y   + params->s1Sz / sizeof(*y);
-            w1  = w0  + params->s2Sz / sizeof(*w0);
-            c   = w1  + params->s2Sz / sizeof(*w1);
-            z   = c   + DILITHIUM_N;
-            ct0 = z   + params->s1Sz / sizeof(*z);
-#ifndef WC_DILITHIUM_CACHE_PRIV_VECTORS
-            s1  = ct0 + params->s2Sz / sizeof(*ct0);
-            s2  = s1  + params->s1Sz / sizeof(*s1);
-            t0  = s2  + params->s2Sz / sizeof(*s2);
-#endif
-#ifndef WC_DILITHIUM_CACHE_MATRIX_A
-            a   = t0  + params->s2Sz / sizeof(*s2);
-#endif
-        }
-    }
-
-    if (ret == 0) {
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-        /* Check that we haven't already cached the private vectors. */
-        if (!key->privVecsSet)
-#endif
-        {
-            /* Steps 1-4: Decode and NTT vectors s1, s2, and t0. */
-            dilithium_make_priv_vecs(key, s1, s2, t0);
-        }
-
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-        /* Check that we haven't already cached the matrix A. */
-        if (!key->aSet)
-#endif
-        {
-            /* Step 5: Create the matrix A from the public seed. */
-            ret = dilithium_expand_a(&key->shake, pub_seed, params->k,
-                params->l, a, key->heap);
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-            key->aSet = (ret == 0);
-#endif
-        }
-    }
-    if (ret == 0) {
-        /* Step 9: Compute private random using hash. */
-        ret = dilithium_hash256(&key->shake, k, DILITHIUM_K_SZ, seedMu,
-            DILITHIUM_RND_SZ + DILITHIUM_MU_SZ, priv_rand_seed,
-            DILITHIUM_PRIV_RAND_SEED_SZ);
-    }
-    if (ret == 0) {
-        word16 kappa = 0;
-        int valid = 0;
-
-        /* Step 11: Start rejection sampling loop */
-        do {
-            WC_DECLARE_VAR(w1e, byte, DILITHIUM_MAX_W1_ENC_SZ, 0);
-            sword32* w = w1;
-            sword32* y_ntt = z;
-            sword32* cs2 = ct0;
-            byte* commit = sig;
-
-            /* Step 12: Compute vector y from private random seed and kappa. */
-            dilithium_vec_expand_mask(&key->shake, priv_rand_seed, kappa,
-                params->gamma1_bits, y, params->l);
-        #ifdef WOLFSSL_DILITHIUM_SIGN_CHECK_Y
-            valid = dilithium_vec_check_low(y, params->l,
-                (1 << params->gamma1_bits) - params->beta);
-            if (valid)
-        #endif
-            {
-                /* Step 13: NTT-1(A o NTT(y)) */
-                XMEMCPY(y_ntt, y, params->s1Sz);
-                dilithium_vec_ntt_full(y_ntt, params->l);
-                dilithium_matrix_mul(w, a, y_ntt, params->k, params->l);
-                dilithium_vec_invntt_full(w, params->k);
-                /* Step 14, Step 22: Make values positive and decompose. */
-                dilithium_vec_make_pos(w, params->k);
-                dilithium_vec_decompose(w, params->k, params->gamma2, w0, w1);
-        #ifdef WOLFSSL_DILITHIUM_SIGN_CHECK_W0
-                valid = dilithium_vec_check_low(w0, params->k,
-                    params->gamma2 - params->beta);
-            }
-            if (valid) {
-        #endif
-                /* Step 15: Encode w1. */
-                WC_ALLOC_VAR_EX(w1e, byte, DILITHIUM_MAX_W1_ENC_SZ, key->heap,
-                    DYNAMIC_TYPE_DILITHIUM, ret=MEMORY_E);
-                if (WC_VAR_OK(w1e))
-                {
-                    dilithium_vec_encode_w1(w1, params->k, params->gamma2, w1e);
-                    /* Step 15: Hash mu and encoded w1.
-                     * Step 32: Hash is stored in signature. */
-                    ret = dilithium_hash256(&key->shake, mu, DILITHIUM_MU_SZ,
-                        w1e, params->w1EncSz, commit, params->lambda / 4);
-                }
-                if (ret == 0) {
-                    /* Step 17: Compute c from first 256 bits of commit. */
-                    ret = dilithium_sample_in_ball(params->level, &key->shake,
-                        commit, params->lambda / 4, params->tau, c, key->heap);
-                }
-                if (ret == 0) {
-                    sword32 hi;
-                    byte i;
-
-                    valid = 1;
-                    /* Step 18: NTT(c). */
-                    dilithium_ntt_small(c);
-                    hi = params->gamma2 - params->beta;
-                    for (i = 0; valid && i < params->k; i++) {
-                        /* Step 20: cs2 = NTT-1(c o s2) */
-                        dilithium_mul(cs2 + i * DILITHIUM_N, c,
-                            s2 + i * DILITHIUM_N);
-                        dilithium_invntt(cs2 + i * DILITHIUM_N);
-                        /* Step 22: w0 - cs2 */
-                        dilithium_sub(w0 + i * DILITHIUM_N,
-                            cs2 + i * DILITHIUM_N);
-                        /* Step 23: Check w0 - cs2 has low enough values. */
-                        valid = dilithium_vec_check_low(w0 + i * DILITHIUM_N, 1,
-                            hi);
-                    }
-                    hi = (1 << params->gamma1_bits) - params->beta;
-                    for (i = 0; valid && i < params->l; i++) {
-                        /* Step 19: cs1 = NTT-1(c o s1) */
-                        dilithium_mul(z + i * DILITHIUM_N, c,
-                            s1 + i * DILITHIUM_N);
-                        dilithium_invntt(z + i * DILITHIUM_N);
-                        /* Step 21: z = y + cs1 */
-                        dilithium_add(z + i * DILITHIUM_N, y + i * DILITHIUM_N);
-                        dilithium_poly_red(z + i * DILITHIUM_N);
-                        /* Step 23: Check z has low enough values. */
-                        valid = dilithium_vec_check_low(z + i * DILITHIUM_N, 1,
-                            hi);
-                    }
-                    for (i = 0; valid && i < params->k; i++) {
-                        /* Step 25: ct0 = NTT-1(c o t0) */
-                        dilithium_mul(ct0 + i * DILITHIUM_N, c,
-                            t0 + i * DILITHIUM_N);
-                        dilithium_invntt(ct0 + i * DILITHIUM_N);
-                        /* Step 27: Check ct0 has low enough values. */
-                        hi = params->gamma2;
-                        valid = dilithium_vec_check_low(ct0 + i * DILITHIUM_N,
-                            1, hi);
-                    }
-                    if (valid) {
-                        /* Step 26: ct0 = ct0 + w0 */
-                        dilithium_vec_add(ct0, w0, params->k);
-                        dilithium_vec_red(ct0, params->k);
-                        /* Step 26, 27: Make hint from ct0 and w1 and check
-                         * number of hints is valid.
-                         * Step 32: h is encoded into signature.
-                         */
-                        valid = (dilithium_make_hint(ct0, w1, params->k,
-                            params->gamma2, params->omega, h) >= 0);
-                    }
-                }
-
-                WC_FREE_VAR_EX(w1e, key->heap, DYNAMIC_TYPE_DILITHIUM);
-            }
-
-            if (!valid) {
-                /* Too many attempts - something wrong with implementation. */
-                if ((kappa > (word16)(kappa + params->l))) {
-                    ret = BAD_COND_E;
-                }
-
-                /* Step 30: increment value to append to seed to unique value.
-                 */
-                kappa += params->l;
-            }
-        }
-        /* Step 11: Check we have a valid signature. */
-        while ((ret == 0) && (!valid));
-    }
-    if (ret == 0) {
-        byte* ze = sig + params->lambda / 4;
-        /* Step 32: Encode z into signature.
-         * Commit (c) and h already encoded into signature. */
-        dilithium_vec_encode_gamma1(z, params->l, params->gamma1_bits, ze);
-    }
-
-    XFREE(y, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    return ret;
-#else
-    int ret = 0;
-    const wc_dilithium_params* params = key->params;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    const byte* s1p = tr + DILITHIUM_TR_SZ;
-    const byte* s2p = s1p + params->s1EncSz;
-    const byte* t0p = s2p + params->s2EncSz;
-    const byte* mu = seedMu + DILITHIUM_RND_SZ;
-    sword32* a = NULL;
-    sword32* s1 = NULL;
-    sword32* s2 = NULL;
-    sword32* t0 = NULL;
-    sword32* y = NULL;
-    sword32* y_ntt = NULL;
-    sword32* w0 = NULL;
-    sword32* w1 = NULL;
-    sword32* c = NULL;
-    sword32* z = NULL;
-    sword32* ct0 = NULL;
-#ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-    sword64* t64 = NULL;
-#endif
-    byte* blocks = NULL;
-    byte priv_rand_seed[DILITHIUM_Y_SEED_SZ];
-    byte* h = sig + params->lambda / 4 + params->zEncSz;
-#ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
-    byte maxK = (byte)min(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A,
-        params->k);
-#endif
-
-    /* Check the signature buffer isn't too small. */
-    if ((ret == 0) && (*sigLen < params->sigSz)) {
-        ret = BUFFER_E;
-    }
-    if (ret == 0) {
-        /* Return the size of the signature. */
-        *sigLen = params->sigSz;
-    }
-
-    /* Allocate memory for large intermediates. */
-    if (ret == 0) {
-        unsigned int allocSz;
-
-        /* y-l, w0-k, w1-k, blocks, c-1, z-1, A-1 */
-        allocSz  = params->s1Sz + params->s2Sz + params->s2Sz +
-            DILITHIUM_REJ_NTT_POLY_H_SIZE +
-            DILITHIUM_POLY_SIZE +  DILITHIUM_POLY_SIZE + DILITHIUM_POLY_SIZE;
-    #ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-        allocSz += params->s1Sz + params->s2Sz + params->s2Sz;
-    #elif defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A)
-        allocSz += maxK * params->l * DILITHIUM_POLY_SIZE;
-    #endif
-    #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-        allocSz += DILITHIUM_POLY_SIZE * 2;
-    #endif
-        y = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (y == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            w0     = y  + params->s1Sz / sizeof(*y_ntt);
-            w1     = w0 + params->s2Sz / sizeof(*w0);
-            blocks = (byte*)(w1 + params->s2Sz / sizeof(*w1));
-            c      = (sword32*)(blocks + DILITHIUM_REJ_NTT_POLY_H_SIZE);
-            z      = c  + DILITHIUM_N;
-            a      = z  + DILITHIUM_N;
-            ct0    = z;
-    #if defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A)
-            y_ntt  = w0;
-            s1     = z;
-            s2     = z;
-            t0     = z;
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            t64    = (sword64*)(a + (1 + maxK * params->l) * DILITHIUM_N);
-        #endif
-    #elif defined(WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC)
-            y_ntt  = z;
-            s1     = a  + DILITHIUM_N;
-            s2     = s1 + params->s1Sz / sizeof(*s1);
-            t0     = s2 + params->s2Sz / sizeof(*s2);
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            t64    = (sword64*)(t0 + params->s2Sz / sizeof(*t0));
-        #endif
-    #else
-            y_ntt  = z;
-            s1     = z;
-            s2     = z;
-            t0     = z;
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            t64    = (sword64*)(a + DILITHIUM_N);
-        #endif
-    #endif
-        }
-    }
-
-    if (ret == 0) {
-        /* Step 9: Compute private random using hash. */
-        ret = dilithium_hash256(&key->shake, k, DILITHIUM_K_SZ, seedMu,
-            DILITHIUM_RND_SZ + DILITHIUM_MU_SZ, priv_rand_seed,
-            DILITHIUM_PRIV_RAND_SEED_SZ);
-    }
-#ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-    if (ret == 0) {
-        dilithium_make_priv_vecs(key, s1, s2, t0);
-    }
-#endif
-#ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
-    if (ret == 0) {
-        /* Step 5: Create the matrix A from the public seed. */
-        ret = dilithium_expand_a(&key->shake, pub_seed, maxK, params->l, a,
-            key->heap);
-    }
-#endif
-    if (ret == 0) {
-        word16 kappa = 0;
-        int valid;
-
-        /* Step 11: Start rejection sampling loop */
-        do {
-            byte aseed[DILITHIUM_GEN_A_SEED_SZ];
-            byte w1e[DILITHIUM_MAX_W1_ENC_SZ];
-            sword32* w = w1;
-            byte* commit = sig;
-            byte r;
-            byte s;
-            sword32 hi;
-            sword32* wt = w;
-            sword32* w0t = w0;
-            sword32* w1t = w1;
-            sword32* at = a;
-
-        #ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
-            w0t += WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A * DILITHIUM_N;
-            w1t += WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A * DILITHIUM_N;
-            wt += WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A * DILITHIUM_N;
-            at += WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A * params->l *
-                DILITHIUM_N;
-        #endif
-
-            valid = 1;
-            /* Step 12: Compute vector y from private random seed and kappa. */
-            dilithium_vec_expand_mask(&key->shake, priv_rand_seed, kappa,
-                params->gamma1_bits, y, params->l);
-        #ifdef WOLFSSL_DILITHIUM_SIGN_CHECK_Y
-            valid = dilithium_vec_check_low(y, params->l,
-                (1 << params->gamma1_bits) - params->beta);
-        #endif
-
-        #ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
-            /* Step 13: NTT-1(A o NTT(y)) */
-            XMEMCPY(y_ntt, y, params->s1Sz);
-            dilithium_vec_ntt_full(y_ntt, params->l);
-            dilithium_matrix_mul(w, a, y_ntt, maxK, params->l);
-            dilithium_vec_invntt_full(w, maxK);
-            /* Step 14, Step 22: Make values positive and decompose. */
-            dilithium_vec_make_pos(w, maxK);
-            dilithium_vec_decompose(w, maxK, params->gamma2, w0, w1);
-        #endif
-            /* Step 5: Create the matrix A from the public seed. */
-            /* Copy the seed into a buffer that has space for s and r. */
-            XMEMCPY(aseed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-        #ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
-            r = WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A;
-        #else
-            r = 0;
-        #endif
-            /* Alg 26. Step 1: Loop over first dimension of matrix. */
-            for (; (ret == 0) && valid && (r < params->k); r++) {
-                unsigned int e;
-                sword32* yt = y;
-            #ifdef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
-                sword32* y_ntt_t = z;
-            #else
-                sword32* y_ntt_t = y_ntt;
-            #endif
-
-                /* Put r/i into buffer to be hashed. */
-                aseed[DILITHIUM_PUB_SEED_SZ + 1] = r;
-                /* Alg 26. Step 2: Loop over second dimension of matrix. */
-                for (s = 0; (ret == 0) && (s < params->l); s++) {
-                    /* Put s into buffer to be hashed. */
-                    aseed[DILITHIUM_PUB_SEED_SZ + 0] = s;
-                    /* Alg 26. Step 3: Create polynomial from hashing seed. */
-                    ret = dilithium_rej_ntt_poly_ex(&key->shake, aseed, at,
-                        blocks);
-                    if (ret != 0) {
-                        break;
-                    }
-                    XMEMCPY(y_ntt_t, yt, DILITHIUM_POLY_SIZE);
-                    dilithium_ntt_full(y_ntt_t);
-                    /* Matrix multiply. */
-                #ifndef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-                    if (s == 0) {
-                    #ifdef WOLFSSL_DILITHIUM_SMALL
-                        for (e = 0; e < DILITHIUM_N; e++) {
-                            wt[e] = dilithium_mont_red((sword64)at[e] *
-                                y_ntt_t[e]);
-                        }
-                    #else
-                        for (e = 0; e < DILITHIUM_N; e += 8) {
-                            wt[e + 0] = dilithium_mont_red((sword64)at[e + 0] *
-                                y_ntt_t[e + 0]);
-                            wt[e + 1] = dilithium_mont_red((sword64)at[e + 1] *
-                                y_ntt_t[e + 1]);
-                            wt[e + 2] = dilithium_mont_red((sword64)at[e + 2] *
-                                y_ntt_t[e + 2]);
-                            wt[e + 3] = dilithium_mont_red((sword64)at[e + 3] *
-                                y_ntt_t[e + 3]);
-                            wt[e + 4] = dilithium_mont_red((sword64)at[e + 4] *
-                                y_ntt_t[e + 4]);
-                            wt[e + 5] = dilithium_mont_red((sword64)at[e + 5] *
-                                y_ntt_t[e + 5]);
-                            wt[e + 6] = dilithium_mont_red((sword64)at[e + 6] *
-                                y_ntt_t[e + 6]);
-                            wt[e + 7] = dilithium_mont_red((sword64)at[e + 7] *
-                                y_ntt_t[e + 7]);
-                        }
-                    #endif
-                    }
-                    else {
-                    #ifdef WOLFSSL_DILITHIUM_SMALL
-                        for (e = 0; e < DILITHIUM_N; e++) {
-                            wt[e] += dilithium_mont_red((sword64)at[e] *
-                                y_ntt_t[e]);
-                        }
-                    #else
-                        for (e = 0; e < DILITHIUM_N; e += 8) {
-                            wt[e + 0] += dilithium_mont_red((sword64)at[e + 0] *
-                                y_ntt_t[e + 0]);
-                            wt[e + 1] += dilithium_mont_red((sword64)at[e + 1] *
-                                y_ntt_t[e + 1]);
-                            wt[e + 2] += dilithium_mont_red((sword64)at[e + 2] *
-                                y_ntt_t[e + 2]);
-                            wt[e + 3] += dilithium_mont_red((sword64)at[e + 3] *
-                                y_ntt_t[e + 3]);
-                            wt[e + 4] += dilithium_mont_red((sword64)at[e + 4] *
-                                y_ntt_t[e + 4]);
-                            wt[e + 5] += dilithium_mont_red((sword64)at[e + 5] *
-                                y_ntt_t[e + 5]);
-                            wt[e + 6] += dilithium_mont_red((sword64)at[e + 6] *
-                                y_ntt_t[e + 6]);
-                            wt[e + 7] += dilithium_mont_red((sword64)at[e + 7] *
-                                y_ntt_t[e + 7]);
-                        }
-                    #endif
-                    }
-                #else
-                    if (s == 0) {
-                    #ifdef WOLFSSL_DILITHIUM_SMALL
-                        for (e = 0; e < DILITHIUM_N; e++) {
-                            t64[e] = (sword64)at[e] * y_ntt_t[e];
-                        }
-                    #else
-                        for (e = 0; e < DILITHIUM_N; e += 8) {
-                            t64[e+0] = (sword64)at[e+0] * y_ntt_t[e+0];
-                            t64[e+1] = (sword64)at[e+1] * y_ntt_t[e+1];
-                            t64[e+2] = (sword64)at[e+2] * y_ntt_t[e+2];
-                            t64[e+3] = (sword64)at[e+3] * y_ntt_t[e+3];
-                            t64[e+4] = (sword64)at[e+4] * y_ntt_t[e+4];
-                            t64[e+5] = (sword64)at[e+5] * y_ntt_t[e+5];
-                            t64[e+6] = (sword64)at[e+6] * y_ntt_t[e+6];
-                            t64[e+7] = (sword64)at[e+7] * y_ntt_t[e+7];
-                        }
-                    #endif
-                    }
-                    else {
-                    #ifdef WOLFSSL_DILITHIUM_SMALL
-                        for (e = 0; e < DILITHIUM_N; e++) {
-                            t64[e] += (sword64)at[e] * y_ntt_t[e];
-                        }
-                    #else
-                        for (e = 0; e < DILITHIUM_N; e += 8) {
-                            t64[e+0] += (sword64)at[e+0] * y_ntt_t[e+0];
-                            t64[e+1] += (sword64)at[e+1] * y_ntt_t[e+1];
-                            t64[e+2] += (sword64)at[e+2] * y_ntt_t[e+2];
-                            t64[e+3] += (sword64)at[e+3] * y_ntt_t[e+3];
-                            t64[e+4] += (sword64)at[e+4] * y_ntt_t[e+4];
-                            t64[e+5] += (sword64)at[e+5] * y_ntt_t[e+5];
-                            t64[e+6] += (sword64)at[e+6] * y_ntt_t[e+6];
-                            t64[e+7] += (sword64)at[e+7] * y_ntt_t[e+7];
-                        }
-                    #endif
-                    }
-                #endif
-                    /* Next polynomial. */
-                    yt += DILITHIUM_N;
-                }
-            #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-                for (e = 0; e < DILITHIUM_N; e++) {
-                    wt[e] = dilithium_mont_red(t64[e]);
-                }
-            #endif
-                dilithium_invntt_full(wt);
-                /* Step 14, Step 22: Make values positive and decompose. */
-                dilithium_make_pos(wt);
-            #ifndef WOLFSSL_NO_ML_DSA_44
-                if (params->gamma2 == DILITHIUM_Q_LOW_88) {
-                    /* For each value of polynomial. */
-                    for (e = 0; e < DILITHIUM_N; e++) {
-                        /* Decompose value into two vectors. */
-                        dilithium_decompose_q88(wt[e], &w0t[e], &w1t[e]);
-                    }
-                }
-            #endif
-            #if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-                if (params->gamma2 == DILITHIUM_Q_LOW_32) {
-                    /* For each value of polynomial. */
-                    for (e = 0; e < DILITHIUM_N; e++) {
-                        /* Decompose value into two vectors. */
-                        dilithium_decompose_q32(wt[e], &w0t[e], &w1t[e]);
-                    }
-                }
-            #endif
-            #ifdef WOLFSSL_DILITHIUM_SIGN_CHECK_W0
-                valid = dilithium_vec_check_low(w0t,
-                    params->gamma2 - params->beta);
-            #endif
-                wt  += DILITHIUM_N;
-                w0t += DILITHIUM_N;
-                w1t += DILITHIUM_N;
-            }
-            if ((ret == 0) && valid) {
-                sword32* yt = y;
-            #ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-                const byte* s1pt = s1p;
-            #endif
-                byte* ze = sig + params->lambda / 4;
-
-                /* Step 15: Encode w1. */
-                dilithium_vec_encode_w1(w1, params->k, params->gamma2, w1e);
-                /* Step 15: Hash mu and encoded w1.
-                 * Step 32: Hash is stored in signature. */
-                ret = dilithium_hash256(&key->shake, mu, DILITHIUM_MU_SZ,
-                    w1e, params->w1EncSz, commit, params->lambda / 4);
-                if (ret == 0) {
-                    /* Step 17: Compute c from first 256 bits of commit. */
-                    ret = dilithium_sample_in_ball_ex(params->level,
-                        &key->shake, commit, params->lambda / 4, params->tau, c,
-                        blocks);
-                }
-                if (ret == 0) {
-                    /* Step 18: NTT(c). */
-                    dilithium_ntt_small(c);
-                }
-
-                for (s = 0; (ret == 0) && valid && (s < params->l); s++) {
-            #ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-                #if !defined(WOLFSSL_NO_ML_DSA_44) || \
-                    !defined(WOLFSSL_NO_ML_DSA_87)
-                    /* -2..2 */
-                    if (params->eta == DILITHIUM_ETA_2) {
-                        dilithium_decode_eta_2_bits(s1pt, s1);
-                        s1pt += DILITHIUM_ETA_2_BITS * DILITHIUM_N / 8;
-                    }
-                #endif
-                #ifndef WOLFSSL_NO_ML_DSA_65
-                    /* -4..4 */
-                    if (params->eta == DILITHIUM_ETA_4) {
-                        dilithium_decode_eta_4_bits(s1pt, s1);
-                        s1pt += DILITHIUM_N / 2;
-                    }
-                #endif
-                    dilithium_ntt_small(s1);
-                    dilithium_mul(z, c, s1);
-            #else
-                    dilithium_mul(z, c, s1 + s * DILITHIUM_N);
-            #endif
-                    /* Step 19: cs1 = NTT-1(c o s1) */
-                    dilithium_invntt(z);
-                    /* Step 21: z = y + cs1 */
-                    dilithium_add(z, yt);
-                    dilithium_poly_red(z);
-                    /* Step 23: Check z has low enough values. */
-                    hi = (1 << params->gamma1_bits) - params->beta;
-                    valid = dilithium_check_low(z, hi);
-                    if (valid) {
-                        /* Step 32: Encode z into signature.
-                         * Commit (c) and h already encoded into signature. */
-                    #if !defined(WOLFSSL_NO_ML_DSA_44)
-                        if (params->gamma1_bits == DILITHIUM_GAMMA1_BITS_17) {
-                            dilithium_encode_gamma1_17_bits(z, ze);
-                            /* Move to next place to encode to. */
-                            ze += DILITHIUM_GAMMA1_17_ENC_BITS / 2 *
-                                  DILITHIUM_N / 4;
-                        }
-                    #endif
-                    #if !defined(WOLFSSL_NO_ML_DSA_65) || \
-                        !defined(WOLFSSL_NO_ML_DSA_87)
-                        if (params->gamma1_bits == DILITHIUM_GAMMA1_BITS_19) {
-                            dilithium_encode_gamma1_19_bits(z, ze);
-                            /* Move to next place to encode to. */
-                            ze += DILITHIUM_GAMMA1_19_ENC_BITS / 2 *
-                                  DILITHIUM_N / 4;
-                        }
-                    #endif
-                    }
-
-                    yt += DILITHIUM_N;
-                }
-            }
-            if ((ret == 0) && valid) {
-                const byte* t0pt = t0p;
-            #ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-                const byte* s2pt = s2p;
-            #endif
-                sword32* cs2 = ct0;
-                w0t = w0;
-                w1t = w1;
-                byte idx = 0;
-
-                for (r = 0; valid && (r < params->k); r++) {
-            #ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-                #if !defined(WOLFSSL_NO_ML_DSA_44) || \
-                    !defined(WOLFSSL_NO_ML_DSA_87)
-                    /* -2..2 */
-                    if (params->eta == DILITHIUM_ETA_2) {
-                        dilithium_decode_eta_2_bits(s2pt, s2);
-                        s2pt += DILITHIUM_ETA_2_BITS * DILITHIUM_N / 8;
-                    }
-                #endif
-                #ifndef WOLFSSL_NO_ML_DSA_65
-                    /* -4..4 */
-                    if (params->eta == DILITHIUM_ETA_4) {
-                        dilithium_decode_eta_4_bits(s2pt, s2);
-                        s2pt += DILITHIUM_N / 2;
-                    }
-                #endif
-                    dilithium_ntt_small(s2);
-                    /* Step 20: cs2 = NTT-1(c o s2) */
-                    dilithium_mul(cs2, c, s2);
-            #else
-                    /* Step 20: cs2 = NTT-1(c o s2) */
-                    dilithium_mul(cs2, c, s2 + r * DILITHIUM_N);
-            #endif
-                    dilithium_invntt(cs2);
-                    /* Step 22: w0 - cs2 */
-                    dilithium_sub(w0t, cs2);
-                    dilithium_poly_red(w0t);
-                    /* Step 23: Check w0 - cs2 has low enough values. */
-                    hi = params->gamma2 - params->beta;
-                    valid = dilithium_check_low(w0t, hi);
-                    if (valid) {
-                    #ifndef WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
-                        dilithium_decode_t0(t0pt, t0);
-                        dilithium_ntt(t0);
-
-                        /* Step 25: ct0 = NTT-1(c o t0) */
-                        dilithium_mul(ct0, c, t0);
-                    #else
-                        /* Step 25: ct0 = NTT-1(c o t0) */
-                        dilithium_mul(ct0, c, t0 + r * DILITHIUM_N);
-                    #endif
-                        dilithium_invntt(ct0);
-                        /* Step 27: Check ct0 has low enough values. */
-                        valid = dilithium_check_low(ct0, params->gamma2);
-                    }
-                    if (valid) {
-                        /* Step 26: ct0 = ct0 + w0 */
-                        dilithium_add(ct0, w0t);
-                        dilithium_poly_red(ct0);
-
-                        /* Step 26, 27: Make hint from ct0 and w1 and check
-                         * number of hints is valid.
-                         * Step 32: h is encoded into signature.
-                         */
-                    #ifndef WOLFSSL_NO_ML_DSA_44
-                        if (params->gamma2 == DILITHIUM_Q_LOW_88) {
-                            valid = (dilithium_make_hint_88(ct0, w1t, h,
-                                &idx) == 0);
-                            /* Alg 14, Step 10: Store count of hints for
-                             *                  polynomial at end of list. */
-                            h[PARAMS_ML_DSA_44_OMEGA + r] = idx;
-                        }
-                    #endif
-                    #if !defined(WOLFSSL_NO_ML_DSA_65) || \
-                        !defined(WOLFSSL_NO_ML_DSA_87)
-                        if (params->gamma2 == DILITHIUM_Q_LOW_32) {
-                            valid = (dilithium_make_hint_32(ct0, w1t,
-                                params->omega, h, &idx) == 0);
-                            /* Alg 14, Step 10: Store count of hints for
-                             *                  polynomial at end of list. */
-                            h[params->omega + r] = idx;
-                        }
-                    #endif
-                    }
-
-                    t0pt += DILITHIUM_D * DILITHIUM_N / 8;
-                    w0t += DILITHIUM_N;
-                    w1t += DILITHIUM_N;
-                }
-                /* Set remaining hints to zero. */
-                XMEMSET(h + idx, 0, params->omega - idx);
-            }
-
-            if (!valid) {
-                /* Too many attempts - something wrong with implementation. */
-                if ((kappa > (word16)(kappa + params->l))) {
-                    ret = BAD_COND_E;
-                }
-
-                /* Step 30: increment value to append to seed to unique value.
-                 */
-                kappa += params->l;
-            }
-        }
-        /* Step 11: Check we have a valid signature. */
-        while ((ret == 0) && (!valid));
-    }
-
-    XFREE(y, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    return ret;
-#endif
-}
-
-/* Sign a message with the key and a seed.
- *
- * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx)
- *   ...
- *  10: M' <- BytesToBits(IntegerToBytes(0, 1) || IntegerToBytes(|ctx|, 1) ||
- *                        ctx || M)
- *  11: sigma <- ML-DSA.Sign_internal(sk, M', rnd)
- *  12: return sigma
- *
- * FIPS 204. 6.2: Algorithm 7 ML-DSA.SignInternal(sk, M', rnd)
- *   ...
- *   6: mu <- H(BytesToBits(tr)||M', 64)
- *   ...
- *
- * @param [in, out] key     Dilithium key.
- * @param [in]      seed    Random seed.
- * @param [in]      ctx     Context of signature.
- * @param [in]      ctxLen  Length of context in bytes.
- * @param [in]      msg     Message data to sign.
- * @param [in]      msgLen  Length of message data in bytes.
- * @param [out]     sig     Buffer to hold signature.
- * @param [in, out] sigLen  On in, length of buffer in bytes.
- *                          On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when context length is greater than 255.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_ctx_msg_with_seed(dilithium_key* key,
-    const byte* seed, const byte* ctx, byte ctxLen, const byte* msg,
-    word32 msgLen, byte* sig, word32 *sigLen)
-{
-    int ret;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    byte seedMu[DILITHIUM_RND_SZ + DILITHIUM_MU_SZ];
-    byte* mu = seedMu + DILITHIUM_RND_SZ;
-
-    XMEMCPY(seedMu, seed, DILITHIUM_RND_SZ);
-    /* Step 6. Calculate mu. */
-    ret = dilithium_hash256_ctx_msg(&key->shake, tr, DILITHIUM_TR_SZ, 0,
-        ctx, ctxLen, msg, msgLen, mu, DILITHIUM_MU_SZ);
-    if (ret == 0) {
-        ret = dilithium_sign_with_seed_mu(key, seedMu, sig, sigLen);
-    }
-
-    return ret;
-}
-
-/* Sign a message with the key and a seed.
- *
- * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx)
- *   ...
- *  10: M' <- BytesToBits(IntegerToBytes(0, 1) || IntegerToBytes(|ctx|, 1) ||
- *                        ctx || M)
- *  11: sigma <- ML-DSA.Sign_internal(sk, M', rnd)
- *  12: return sigma
- *
- * FIPS 204. 6.2: Algorithm 7 ML-DSA.SignInternal(sk, M', rnd)
- *   ...
- *   6: mu <- H(BytesToBits(tr)||M', 64)
- *   ...
- *
- * @param [in, out] key     Dilithium key.
- * @param [in]      seed    Random seed.
- * @param [in]      msg     Message data to sign.
- * @param [in]      msgLen  Length of message data in bytes.
- * @param [out]     sig     Buffer to hold signature.
- * @param [in, out] sigLen  On in, length of buffer in bytes.
- *                          On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when context length is greater than 255.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_msg_with_seed(dilithium_key* key, const byte* seed,
-    const byte* msg, word32 msgLen, byte* sig, word32 *sigLen)
-{
-    int ret;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    byte seedMu[DILITHIUM_RND_SZ + DILITHIUM_MU_SZ];
-    byte* mu = seedMu + DILITHIUM_RND_SZ;
-
-    XMEMCPY(seedMu, seed, DILITHIUM_RND_SZ);
-    /* Step 6. Calculate mu. */
-    ret = dilithium_hash256(&key->shake, tr, DILITHIUM_TR_SZ, msg, msgLen, mu,
-        DILITHIUM_MU_SZ);
-    if (ret == 0) {
-        ret = dilithium_sign_with_seed_mu(key, seedMu, sig, sigLen);
-    }
-
-    return ret;
-}
-
-/* Sign a message with the key and a random number generator.
- *
- * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx)
- *   ...
- *   5: rnd <- B32  [Randomly generated.]
- *   6: if rnd = NULL then
- *   7:     return falsam
- *   8: end if
- *   9:
- *  10: M' <- BytesToBits(IntegerToBytes(0, 1) || IntegerToBytes(|ctx|, 1) ||
- *                        ctx || M)
- *   ...
- *
- * FIPS 204. 6.2: Algorithm 7 ML-DSA.SignInternal(sk, M', rnd)
- *   ...
- *   6: mu <- H(BytesToBits(tr)||M', 64)
- *   ...
- *
- * @param [in, out] key     Dilithium key.
- * @param [in, out] rng     Random number generator.
- * @param [in]      ctx     Context of signature.
- * @param [in]      ctxLen  Length of context.
- * @param [in]      msg     Message data to sign.
- * @param [in]      msgLen  Length of message data in bytes.
- * @param [out]     sig     Buffer to hold signature.
- * @param [in, out] sigLen  On in, length of buffer in bytes.
- *                          On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_ctx_msg(dilithium_key* key, WC_RNG* rng,
-    const byte* ctx, byte ctxLen, const byte* msg, word32 msgLen, byte* sig,
-    word32 *sigLen)
-{
-    int ret = 0;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    byte seedMu[DILITHIUM_RND_SZ + DILITHIUM_MU_SZ];
-    byte* mu = seedMu + DILITHIUM_RND_SZ;
-
-    /* Must have a random number generator. */
-    if (rng == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Step 7: Generate random seed. */
-        ret = wc_RNG_GenerateBlock(rng, seedMu, DILITHIUM_RND_SZ);
-    }
-    if (ret == 0) {
-        /* Step 6. Calculate mu. */
-        ret = dilithium_hash256_ctx_msg(&key->shake, tr, DILITHIUM_TR_SZ, 0,
-            ctx, ctxLen, msg, msgLen, mu, DILITHIUM_MU_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_sign_with_seed_mu(key, seedMu, sig, sigLen);
-    }
-
-    return ret;
-}
-
-/* Sign a message with the key and a random number generator.
- *
- * FIPS 204. 5.2: Algorithm 2 ML-DSA.Sign(sk, M, ctx)
- *   ...
- *   5: rnd <- B32  [Randomly generated.]
- *   6: if rnd = NULL then
- *   7:     return falsam
- *   8: end if
- *   9:
- *  10: M' <- BytesToBits(IntegerToBytes(0, 1) || IntegerToBytes(|ctx|, 1) ||
- *                        ctx || M)
- *   ...
- *
- * FIPS 204. 6.2: Algorithm 7 ML-DSA.SignInternal(sk, M', rnd)
- *   ...
- *   6: mu <- H(BytesToBits(tr)||M', 64)
- *   ...
- *
- * @param [in, out] key     Dilithium key.
- * @param [in, out] rng     Random number generator.
- * @param [in]      msg     Message data to sign.
- * @param [in]      msgLen  Length of message data in bytes.
- * @param [out]     sig     Buffer to hold signature.
- * @param [in, out] sigLen  On in, length of buffer in bytes.
- *                          On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_msg(dilithium_key* key, WC_RNG* rng,
-    const byte* msg, word32 msgLen, byte* sig, word32 *sigLen)
-{
-    int ret = 0;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    byte seedMu[DILITHIUM_RND_SZ + DILITHIUM_MU_SZ];
-    byte* mu = seedMu + DILITHIUM_RND_SZ;
-
-    /* Must have a random number generator. */
-    if (rng == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Step 7: Generate random seed. */
-        ret = wc_RNG_GenerateBlock(rng, seedMu, DILITHIUM_RND_SZ);
-    }
-    if (ret == 0) {
-        /* Step 6. Calculate mu. */
-        ret = dilithium_hash256(&key->shake, tr, DILITHIUM_TR_SZ, msg, msgLen,
-            mu, DILITHIUM_MU_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_sign_with_seed_mu(key, seedMu, sig, sigLen);
-    }
-
-    return ret;
-}
-
-/* Sign a pre-hashed message with the key and a seed.
- *
- * FIPS 204. 5.4.1: Algorithm 4 HashML-DSA.Sign(sk, M, ctx, PH)
- *   ...
- *  10: switch PH do
- *  11:    case SHA-256:
- *  12:       OID <-  IntegerToBytes(0x0609608648016503040201, 11)
- *  13:       PHm <- SHA256(M)    (not done here as hash is passed in)
- *   ...
- *  22: end switch
- *  23: M' <- BytesToBits(IntegerToBytes(1, 1) || IntegerToBytes(|ctx|, 1) ||
- *                        ctx || OID || PHm)
- *  24: sigma <- ML-DSA.Sign_internal(sk, M', rnd)
- *  25: return sigma
- *
- * FIPS 204. 6.2: Algorithm 7 ML-DSA.SignInternal(sk, M', rnd)
- *   ...
- *   6: mu <- H(BytesToBits(tr)||M', 64)
- *   ...
- *
- * @param [in, out] key      Dilithium key.
- * @param [in]      seed     Random seed.
- * @param [in]      ctx      Context of signature.
- * @param [in]      ctxLen   Length of context.
- * @param [in]      hashAlg  Hash algorithm used on message.
- * @param [in]      hash     Message hash to sign.
- * @param [in]      hashLen  Length of message hash in bytes.
- * @param [out]     sig      Buffer to hold signature.
- * @param [in, out] sigLen   On in, length of buffer in bytes.
- *                           On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_ctx_hash_with_seed(dilithium_key* key,
-    const byte* seed, const byte* ctx, byte ctxLen, int hashAlg,
-    const byte* hash, word32 hashLen, byte* sig, word32 *sigLen)
-{
-    int ret = 0;
-    const byte* pub_seed = key->k;
-    const byte* k = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* tr = k + DILITHIUM_K_SZ;
-    byte seedMu[DILITHIUM_RND_SZ + DILITHIUM_MU_SZ];
-    byte* mu = seedMu + DILITHIUM_RND_SZ;
-    byte oidMsgHash[DILITHIUM_HASH_OID_LEN + WC_MAX_DIGEST_SIZE];
-    word32 oidMsgHashLen = 0;
-
-    if ((ret == 0) && (hashLen > WC_MAX_DIGEST_SIZE)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(seedMu, seed, DILITHIUM_RND_SZ);
-
-        ret = dilithium_get_hash_oid(hashAlg, oidMsgHash, &oidMsgHashLen);
-    }
-    if (ret == 0) {
-        XMEMCPY(oidMsgHash + oidMsgHashLen, hash, hashLen);
-        oidMsgHashLen += hashLen;
-
-        /* Step 6. Calculate mu. */
-        ret = dilithium_hash256_ctx_msg(&key->shake, tr, DILITHIUM_TR_SZ, 1,
-            ctx, ctxLen, oidMsgHash, oidMsgHashLen, mu, DILITHIUM_MU_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_sign_with_seed_mu(key, seedMu, sig, sigLen);
-    }
-
-    return ret;
-}
-
-/* Sign a pre-hashed message with the key and a random number generator.
- *
- * FIPS 204. 5.4.1: Algorithm 4 HashML-DSA.Sign(sk, M, ctx, PH)
- *   ...
- *   5: rnd <- B32  [Randomly generated.]
- *   6: if rnd = NULL then
- *   7:     return falsam
- *   8: end if
- *   ...
- *
- * @param [in, out] key      Dilithium key.
- * @param [in, out] rng      Random number generator.
- * @param [in]      ctx      Context of signature.
- * @param [in]      ctxLen   Length of context.
- * @param [in]      hashAlg  Hash algorithm used on message.
- * @param [in]      hash     Message hash to sign.
- * @param [in]      hashLen  Length of message hash in bytes.
- * @param [out]     sig      Buffer to hold signature.
- * @param [in, out] sigLen   On in, length of buffer in bytes.
- *                           On out, the length of the signature in bytes.
- * @return  0 on success.
- * @return  BUFFER_E when the signature buffer is too small.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_sign_ctx_hash(dilithium_key* key, WC_RNG* rng,
-    const byte* ctx, byte ctxLen, int hashAlg, const byte* hash, word32 hashLen,
-    byte* sig, word32 *sigLen)
-{
-    int ret = 0;
-    byte seed[DILITHIUM_RND_SZ];
-
-    /* Must have a random number generator. */
-    if (rng == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        /* Step 7: Generate random seed. */
-        ret = wc_RNG_GenerateBlock(rng, seed, DILITHIUM_RND_SZ);
-    }
-
-    if (ret == 0) {
-        ret = dilithium_sign_ctx_hash_with_seed(key, seed, ctx, ctxLen, hashAlg,
-            hash, hashLen, sig, sigLen);
-    }
-
-    return ret;
-}
-
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */
-
-#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
-
-#if !defined(WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM) || \
-     defined(WC_DILITHIUM_CACHE_PUB_VECTORS)
-/* Make public vector from public key data.
- *
- * @param [in, out] key  Key with public key data.
- * @param [out]     t1   Vector in NTT form.
- */
-static void dilithium_make_pub_vec(dilithium_key* key, sword32* t1)
-{
-    const wc_dilithium_params* params = key->params;
-    const byte* t1p = key->p + DILITHIUM_PUB_SEED_SZ;
-
-    dilithium_vec_decode_t1(t1p, params->k, t1);
-    dilithium_vec_ntt_full(t1, params->k);
-
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-    key->pubVecSet = 1;
-#endif
-}
-#endif
-
-/* Verify signature of message using public key.
- *
- * FIPS 204. 6: Algorithm 3 ML-DSA.Verify(pk, M, sigma)
- *  1: (rho, t1) <- pkDecode(pk)
- *  2: (c_tilde, z, h) <- sigDecode(sigma)
- *  3: if h = falsam then return false
- *  4: end if
- *  5: A_circum <- ExpandS(rho)
- *  6: tr <- H(BytesToBits(pk), 512)
- *  7: mu <- H(tr||M, 512)
- *  8: (c1_tilde, c2_tilde) E {0,1}256 x {0,1)2*lambda-256 <- c_tilde
- *  9: c <- SampleInBall(c1_tilde)
- * 10: w'approx <- NTT-1(A_circum o NTT(z) - NTT(c) o NTT(t1.2^d))
- * 11: w1' <- UseHint(h, w'approx)
- * 12: c'_tilde < H(mu||w1Encode(w1'), 2*lambda)
- * 13: return [[ ||z||inf < GAMMA1 - BETA]] and [[c_tilde = c'_tilde]] and
- *             [[number of 1's in h is <= OMEGA
- *
- * @param [in, out] key     Dilithium key.
- * @param [in]      mu      Data to verify.
- * @param [in]      sig     Signature to verify message.
- * @param [in]      sigLen  Length of message in bytes.
- * @param [out]     res     Result of verification.
- * @return  0 on success.
- * @return  SIG_VERIFY_E when hint is malformed.
- * @return  BUFFER_E when the length of the signature does not match
- *          parameters.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_verify_mu(dilithium_key* key, const byte* mu,
-    const byte* sig, word32 sigLen, int* res)
-{
-#ifndef WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
-    int ret = 0;
-    const wc_dilithium_params* params = key->params;
-    const byte* pub_seed = key->p;
-    const byte* commit = sig;
-    const byte* ze = sig + params->lambda / 4;
-    const byte* h = ze + params->zEncSz;
-    sword32* a = NULL;
-    sword32* t1 = NULL;
-    sword32* c = NULL;
-    sword32* z = NULL;
-    sword32* w = NULL;
-    sword32* t1c = NULL;
-    byte commit_calc[DILITHIUM_TR_SZ];
-    byte* w1e = NULL;
-    int valid = 0;
-    sword32 hi;
-
-    /* Ensure the signature is the right size for the parameters. */
-    if (sigLen != params->sigSz) {
-        ret = BUFFER_E;
-    }
-    if (ret == 0) {
-        /* Step 13: Verify the hint is well-formed. */
-        ret = dilithium_check_hint(h, params->k, params->omega);
-    }
-
-    /* Allocate memory for large intermediates. */
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if ((ret == 0) && (key->a == NULL)) {
-        key->a = (sword32*)XMALLOC(params->aSz, key->heap,
-            DYNAMIC_TYPE_DILITHIUM);
-        if (key->a == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(key->a, 0, params->aSz);
-        }
-    }
-#endif
-    if (ret == 0) {
-        a = key->a;
-    }
-#endif
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if ((ret == 0) && (key->t1 == NULL)) {
-        key->t1 = (sword32*)XMALLOC(params->s2Sz, key->heap,
-            DYNAMIC_TYPE_DILITHIUM);
-        if (key->t1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(key->t1, 0, params->s2Sz);
-        }
-    }
-#endif
-    if (ret == 0) {
-        t1 = key->t1;
-    }
-#endif
-    if (ret == 0) {
-        unsigned int allocSz;
-
-        /* z, c, w, t1/t1c */
-        allocSz = DILITHIUM_POLY_SIZE + params->s1Sz + params->s2Sz +
-            params->s2Sz;
-#ifndef WC_DILITHIUM_CACHE_MATRIX_A
-        /* a */
-        allocSz += params->aSz;
-#endif
-
-        z = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (z == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(z, 0, allocSz);
-            c   = z  + params->s1Sz / sizeof(*z);
-            w   = c  + DILITHIUM_N;
-#ifndef WC_DILITHIUM_CACHE_PUB_VECTORS
-            t1  = w  + params->s2Sz / sizeof(*w);
-            t1c = t1;
-#else
-            t1c = w  + params->s2Sz / sizeof(*w);
-#endif
-#ifndef WC_DILITHIUM_CACHE_MATRIX_A
-            a   = t1 + params->s2Sz / sizeof(*t1);
-#endif
-            w1e = (byte*)c;
-        }
-    }
-
-    if (ret == 0) {
-        /* Step 2: Decode z from signature. */
-        dilithium_vec_decode_gamma1(ze, params->l, params->gamma1_bits, z);
-        /* Step 13: Check z is valid - values are low enough. */
-        hi = (1 << params->gamma1_bits) - params->beta;
-        valid = dilithium_vec_check_low(z, params->l, hi);
-    }
-    if ((ret == 0) && valid) {
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-        /* Check that we haven't already cached the public vector. */
-        if (!key->pubVecSet)
-#endif
-        {
-            /* Step 1: Decode and NTT vector t1. */
-            dilithium_make_pub_vec(key, t1);
-        }
-
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-        /* Check that we haven't already cached the matrix A. */
-        if (!key->aSet)
-#endif
-        {
-            /* Step 5: Expand pub seed to compute matrix A. */
-            ret = dilithium_expand_a(&key->shake, pub_seed, params->k,
-                params->l, a, key->heap);
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-            /* Whether we have cached A is dependent on success of operation. */
-            key->aSet = (ret == 0);
-#endif
-        }
-    }
-    if ((ret == 0) && valid) {
-        /* Step 9: Compute c from commit. */
-        ret = dilithium_sample_in_ball(params->level, &key->shake, commit,
-            params->lambda / 4, params->tau, c, key->heap);
-    }
-    if ((ret == 0) && valid) {
-        /* Step 10: w = NTT-1(A o NTT(z) - NTT(c) o NTT(t1)) */
-        dilithium_vec_ntt_full(z, params->l);
-        dilithium_matrix_mul(w, a, z, params->k, params->l);
-        dilithium_ntt_small_full(c);
-        dilithium_vec_mul(t1c, c, t1, params->k);
-        dilithium_vec_sub(w, t1c, params->k);
-        dilithium_vec_invntt_full(w, params->k);
-        /* Step 11: Use hint to give full w1. */
-        dilithium_vec_use_hint(w, params->k, params->gamma2, params->omega, h);
-        /* Step 12: Encode w1. */
-        dilithium_vec_encode_w1(w, params->k, params->gamma2, w1e);
-        /* Step 12: Hash mu and encoded w1. */
-        ret = dilithium_hash256(&key->shake, mu, DILITHIUM_MU_SZ, w1e,
-            params->w1EncSz, commit_calc, params->lambda / 4);
-    }
-    if ((ret == 0) && valid) {
-        /* Step 13: Compare commit. */
-        valid = (XMEMCMP(commit, commit_calc, params->lambda / 4) == 0);
-    }
-
-    *res = valid;
-    XFREE(z, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    return ret;
-#else
-    int ret = 0;
-    const wc_dilithium_params* params = key->params;
-    const byte* pub_seed = key->p;
-    const byte* t1p = pub_seed + DILITHIUM_PUB_SEED_SZ;
-    const byte* commit = sig;
-    const byte* ze = sig + params->lambda / 4;
-    const byte* h = ze + params->zEncSz;
-    sword32* t1 = NULL;
-    sword32* a = NULL;
-    sword32* c = NULL;
-    sword32* z = NULL;
-    sword32* w = NULL;
-#ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-    sword64* t64 = NULL;
-#endif
-#ifndef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
-    byte*    block = NULL;
-#endif
-    byte* w1e = NULL;
-    byte commit_calc[DILITHIUM_TR_SZ];
-    int valid = 0;
-    sword32 hi;
-    unsigned int r;
-    byte o;
-    byte* encW1;
-    byte* seed = commit_calc;
-
-    /* Ensure the signature is the right size for the parameters. */
-    if (sigLen != params->sigSz) {
-        ret = BUFFER_E;
-    }
-    if (ret == 0) {
-        /* Step 13: Verify the hint is well-formed. */
-        ret = dilithium_check_hint(h, params->k, params->omega);
-    }
-
-#ifndef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
-    /* Allocate memory for large intermediates. */
-    if (ret == 0) {
-        /* z, c, w, t1, w1e. */
-        unsigned int allocSz;
-
-        allocSz  = params->s1Sz + 3 * DILITHIUM_POLY_SIZE +
-            DILITHIUM_REJ_NTT_POLY_H_SIZE + params->w1EncSz;
-    #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-        allocSz += DILITHIUM_POLY_SIZE * 2;
-    #endif
-        z = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (z == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(z, 0, allocSz);
-            c     = z + params->s1Sz / sizeof(*t1);
-            w     = c + DILITHIUM_N;
-            t1    = w + DILITHIUM_N;
-            block = (byte*)(t1 + DILITHIUM_N);
-            w1e   = block + DILITHIUM_REJ_NTT_POLY_H_SIZE;
-            a     = t1;
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            t64   = (sword64*)(w1e + params->w1EncSz);
-        #endif
-        }
-    }
-#else
-    if (ret == 0) {
-        z = key->z;
-        c = key->c;
-        w = key->w;
-        t1 = key->t1;
-        w1e = key->w1e;
-        a = t1;
-    #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-        t64 = key->t64;
-    #endif
-    }
-#endif
-
-    if (ret == 0) {
-        /* Step 2: Decode z from signature. */
-        dilithium_vec_decode_gamma1(ze, params->l, params->gamma1_bits, z);
-        /* Step 13: Check z is valid - values are low enough. */
-        hi = (1 << params->gamma1_bits) - params->beta;
-        valid = dilithium_vec_check_low(z, params->l, hi);
-    }
-    if ((ret == 0) && valid) {
-        /* Step 10: NTT(z) */
-        dilithium_vec_ntt_full(z, params->l);
-
-         /* Step 9: Compute c from first 256 bits of commit. */
-#ifdef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
-         ret = dilithium_sample_in_ball_ex(params->level, &key->shake, commit,
-             params->lambda / 4, params->tau, c, key->block);
-#else
-         ret = dilithium_sample_in_ball_ex(params->level, &key->shake, commit,
-             params->lambda / 4, params->tau, c, block);
-#endif
-    }
-    if ((ret == 0) && valid) {
-        dilithium_ntt_small_full(c);
-
-        o = 0;
-        encW1 = w1e;
-
-        /* Copy the seed into a buffer that has space for s and r. */
-        XMEMCPY(seed, pub_seed, DILITHIUM_PUB_SEED_SZ);
-        /* Step 1: Loop over first dimension of matrix. */
-        for (r = 0; (ret == 0) && (r < params->k); r++) {
-            unsigned int s;
-            unsigned int e;
-            const sword32* zt = z;
-
-            /* Step 1: Decode and NTT vector t1. */
-            dilithium_decode_t1(t1p, w);
-            /* Next polynomial. */
-            t1p += DILITHIUM_U * DILITHIUM_N / 8;
-
-            /* Step 10: - NTT(c) o NTT(t1)) */
-            dilithium_ntt_full(w);
-    #ifndef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-        #ifdef WOLFSSL_DILITHIUM_SMALL
-            for (e = 0; e < DILITHIUM_N; e++) {
-                w[e] = -dilithium_mont_red((sword64)c[e] * w[e]);
-            }
-        #else
-            for (e = 0; e < DILITHIUM_N; e += 8) {
-                w[e+0] = -dilithium_mont_red((sword64)c[e+0] * w[e+0]);
-                w[e+1] = -dilithium_mont_red((sword64)c[e+1] * w[e+1]);
-                w[e+2] = -dilithium_mont_red((sword64)c[e+2] * w[e+2]);
-                w[e+3] = -dilithium_mont_red((sword64)c[e+3] * w[e+3]);
-                w[e+4] = -dilithium_mont_red((sword64)c[e+4] * w[e+4]);
-                w[e+5] = -dilithium_mont_red((sword64)c[e+5] * w[e+5]);
-                w[e+6] = -dilithium_mont_red((sword64)c[e+6] * w[e+6]);
-                w[e+7] = -dilithium_mont_red((sword64)c[e+7] * w[e+7]);
-            }
-        #endif
-    #else
-        #ifdef WOLFSSL_DILITHIUM_SMALL
-            for (e = 0; e < DILITHIUM_N; e++) {
-                t64[e] = -(sword64)c[e] * w[e];
-            }
-        #else
-            for (e = 0; e < DILITHIUM_N; e += 8) {
-                t64[e+0] = -(sword64)c[e+0] * w[e+0];
-                t64[e+1] = -(sword64)c[e+1] * w[e+1];
-                t64[e+2] = -(sword64)c[e+2] * w[e+2];
-                t64[e+3] = -(sword64)c[e+3] * w[e+3];
-                t64[e+4] = -(sword64)c[e+4] * w[e+4];
-                t64[e+5] = -(sword64)c[e+5] * w[e+5];
-                t64[e+6] = -(sword64)c[e+6] * w[e+6];
-                t64[e+7] = -(sword64)c[e+7] * w[e+7];
-            }
-        #endif
-    #endif
-
-            /* Step 5: Expand pub seed to compute matrix A. */
-            /* Put r into buffer to be hashed. */
-            seed[DILITHIUM_PUB_SEED_SZ + 1] = r;
-            for (s = 0; (ret == 0) && (s < params->l); s++) {
-                /* Put s into buffer to be hashed. */
-                seed[DILITHIUM_PUB_SEED_SZ + 0] = s;
-                /* Step 3: Create polynomial from hashing seed. */
-            #ifdef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
-                ret = dilithium_rej_ntt_poly_ex(&key->shake, seed, a, key->h);
-            #else
-                ret = dilithium_rej_ntt_poly_ex(&key->shake, seed, a, block);
-            #endif
-
-                /* Step 10: w = A o NTT(z) - NTT(c) o NTT(t1) */
-        #ifndef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            #ifdef WOLFSSL_DILITHIUM_SMALL
-                for (e = 0; e < DILITHIUM_N; e++) {
-                    w[e] += dilithium_mont_red((sword64)a[e] * zt[e]);
-                }
-            #else
-                for (e = 0; e < DILITHIUM_N; e += 8) {
-                    w[e+0] += dilithium_mont_red((sword64)a[e+0] * zt[e+0]);
-                    w[e+1] += dilithium_mont_red((sword64)a[e+1] * zt[e+1]);
-                    w[e+2] += dilithium_mont_red((sword64)a[e+2] * zt[e+2]);
-                    w[e+3] += dilithium_mont_red((sword64)a[e+3] * zt[e+3]);
-                    w[e+4] += dilithium_mont_red((sword64)a[e+4] * zt[e+4]);
-                    w[e+5] += dilithium_mont_red((sword64)a[e+5] * zt[e+5]);
-                    w[e+6] += dilithium_mont_red((sword64)a[e+6] * zt[e+6]);
-                    w[e+7] += dilithium_mont_red((sword64)a[e+7] * zt[e+7]);
-                }
-            #endif
-        #else
-            #ifdef WOLFSSL_DILITHIUM_SMALL
-                for (e = 0; e < DILITHIUM_N; e++) {
-                    t64[e] += (sword64)a[e] * zt[e];
-                }
-            #else
-                for (e = 0; e < DILITHIUM_N; e += 8) {
-                    t64[e+0] += (sword64)a[e+0] * zt[e+0];
-                    t64[e+1] += (sword64)a[e+1] * zt[e+1];
-                    t64[e+2] += (sword64)a[e+2] * zt[e+2];
-                    t64[e+3] += (sword64)a[e+3] * zt[e+3];
-                    t64[e+4] += (sword64)a[e+4] * zt[e+4];
-                    t64[e+5] += (sword64)a[e+5] * zt[e+5];
-                    t64[e+6] += (sword64)a[e+6] * zt[e+6];
-                    t64[e+7] += (sword64)a[e+7] * zt[e+7];
-                }
-            #endif
-        #endif
-                /* Next polynomial. */
-                zt += DILITHIUM_N;
-            }
-        #ifdef WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
-            for (e = 0; e < DILITHIUM_N; e++) {
-                w[e] = dilithium_mont_red(t64[e]);
-            }
-        #endif
-
-            /* Step 10: w = NTT-1(A o NTT(z) - NTT(c) o NTT(t1)) */
-            dilithium_invntt_full(w);
-
-        #ifndef WOLFSSL_NO_ML_DSA_44
-            if (params->gamma2 == DILITHIUM_Q_LOW_88) {
-                /* Step 11: Use hint to give full w1. */
-                dilithium_use_hint_88(w, h, r, &o);
-                /* Step 12: Encode w1. */
-                dilithium_encode_w1_88(w, encW1);
-                encW1 += DILITHIUM_Q_HI_88_ENC_BITS * 2 * DILITHIUM_N / 16;
-            }
-            else
-        #endif
-        #if !defined(WOLFSSL_NO_ML_DSA_65) || !defined(WOLFSSL_NO_ML_DSA_87)
-            if (params->gamma2 == DILITHIUM_Q_LOW_32) {
-                /* Step 11: Use hint to give full w1. */
-                dilithium_use_hint_32(w, h, params->omega, r, &o);
-                /* Step 12: Encode w1. */
-                dilithium_encode_w1_32(w, encW1);
-                encW1 += DILITHIUM_Q_HI_32_ENC_BITS * 2 * DILITHIUM_N / 16;
-            }
-            else
-        #endif
-            {
-            }
-        }
-    }
-    if ((ret == 0) && valid) {
-        /* Step 12: Hash mu and encoded w1. */
-        ret = dilithium_hash256(&key->shake, mu, DILITHIUM_MU_SZ, w1e,
-            params->w1EncSz, commit_calc, params->lambda / 4);
-    }
-    if ((ret == 0) && valid) {
-        /* Step 13: Compare commit. */
-        valid = (XMEMCMP(commit, commit_calc, params->lambda / 4) == 0);
-    }
-
-    *res = valid;
-#ifndef WOLFSSL_DILITHIUM_VERIFY_NO_MALLOC
-    XFREE(z, key->heap, DYNAMIC_TYPE_DILITHIUM);
-#endif
-    return ret;
-#endif /* !WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM */
-}
-
-/* Verify signature of message using public key.
- *
- * @param [in, out] key     Dilithium key.
- * @param [in]      ctx     Context of verification.
- * @param [in]      ctxLen  Length of context in bytes.
- * @param [in]      msg     Message to verify.
- * @param [in]      msgLen  Length of message in bytes.
- * @param [in]      sig     Signature to verify message.
- * @param [in]      sigLen  Length of message in bytes.
- * @param [out]     res     Result of verification.
- * @return  0 on success.
- * @return  SIG_VERIFY_E when hint is malformed.
- * @return  BUFFER_E when the length of the signature does not match
- *          parameters.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_verify_ctx_msg(dilithium_key* key, const byte* ctx,
-    word32 ctxLen, const byte* msg, word32 msgLen, const byte* sig,
-    word32 sigLen, int* res)
-{
-    int ret = 0;
-    byte tr[DILITHIUM_TR_SZ];
-    byte* mu = tr;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Step 6: Hash public key. */
-        ret = dilithium_shake256(&key->shake, key->p, key->params->pkSz, tr,
-            DILITHIUM_TR_SZ);
-    }
-    if (ret == 0) {
-        /* Step 6. Calculate mu. */
-        ret = dilithium_hash256_ctx_msg(&key->shake, tr, DILITHIUM_TR_SZ, 0,
-            ctx, (byte)ctxLen, msg, msgLen, mu, DILITHIUM_MU_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_verify_mu(key, mu, sig, sigLen, res);
-    }
-
-    return ret;
-}
-
-/* Verify signature of message using public key.
- *
- * @param [in, out] key     Dilithium key.
- * @param [in]      msg     Message to verify.
- * @param [in]      msgLen  Length of message in bytes.
- * @param [in]      sig     Signature to verify message.
- * @param [in]      sigLen  Length of message in bytes.
- * @param [out]     res     Result of verification.
- * @return  0 on success.
- * @return  SIG_VERIFY_E when hint is malformed.
- * @return  BUFFER_E when the length of the signature does not match
- *          parameters.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_verify_msg(dilithium_key* key, const byte* msg,
-    word32 msgLen, const byte* sig, word32 sigLen, int* res)
-{
-    int ret = 0;
-    byte tr[DILITHIUM_TR_SZ];
-    byte* mu = tr;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Step 6: Hash public key. */
-        ret = dilithium_shake256(&key->shake, key->p, key->params->pkSz, tr,
-            DILITHIUM_TR_SZ);
-    }
-    if (ret == 0) {
-        /* Step 6. Calculate mu. */
-        ret = dilithium_hash256(&key->shake, tr, DILITHIUM_TR_SZ, msg, msgLen,
-            mu, DILITHIUM_MU_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_verify_mu(key, mu, sig, sigLen, res);
-    }
-
-    return ret;
-}
-
-/* Verify signature of message using public key.
- *
- * @param [in, out] key       Dilithium key.
- * @param [in]      ctx       Context of verification.
- * @param [in]      ctxLen    Length of context in bytes.
- * @param [iu]      hashAlg   Hash algorithm used on message.
- * @param [in]      hash      Hash of message to verify.
- * @param [in]      hashLen   Length of message hash in bytes.
- * @param [in]      sig       Signature to verify message.
- * @param [in]      sigLen    Length of message in bytes.
- * @param [out]     res       Result of verification.
- * @return  0 on success.
- * @return  SIG_VERIFY_E when hint is malformed.
- * @return  BUFFER_E when the length of the signature does not match
- *          parameters.
- * @return  MEMORY_E when memory allocation fails.
- * @return  Other negative when an error occurs.
- */
-static int dilithium_verify_ctx_hash(dilithium_key* key, const byte* ctx,
-    word32 ctxLen, int hashAlg, const byte* hash, word32 hashLen,
-    const byte* sig, word32 sigLen, int* res)
-{
-    int ret = 0;
-    byte tr[DILITHIUM_TR_SZ];
-    byte* mu = tr;
-    byte oidMsgHash[DILITHIUM_HASH_OID_LEN + WC_MAX_DIGEST_SIZE];
-    word32 oidMsgHashLen = 0;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Step 6: Hash public key. */
-        ret = dilithium_shake256(&key->shake, key->p, key->params->pkSz, tr,
-            DILITHIUM_TR_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_get_hash_oid(hashAlg, oidMsgHash, &oidMsgHashLen);
-    }
-    if (ret == 0) {
-        XMEMCPY(oidMsgHash + oidMsgHashLen, hash, hashLen);
-        oidMsgHashLen += hashLen;
-
-        /* Step 6. Calculate mu. */
-        ret = dilithium_hash256_ctx_msg(&key->shake, tr, DILITHIUM_TR_SZ, 1,
-            ctx, (byte)ctxLen, oidMsgHash, oidMsgHashLen, mu, DILITHIUM_MU_SZ);
-    }
-    if (ret == 0) {
-        ret = dilithium_verify_mu(key, mu, sig, sigLen, res);
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_NO_VERIFY */
-
-#elif defined(HAVE_LIBOQS)
-
-#ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-static int oqs_dilithium_make_key(dilithium_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-    OQS_SIG *oqssig = NULL;
-
-    if (key->level == WC_ML_DSA_44) {
-        oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_44_ipd);
-    }
-    else if (key->level == WC_ML_DSA_65) {
-        oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_65_ipd);
-    }
-    else if (key->level == WC_ML_DSA_87) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_87_ipd);
-    }
-    else {
-        ret = SIG_TYPE_E;
-    }
-
-    if (ret == 0) {
-        ret = wolfSSL_liboqsRngMutexLock(rng);
-        if (ret == 0) {
-            if (OQS_SIG_keypair(oqssig, key->p, key->k) != OQS_SUCCESS) {
-                ret = BUFFER_E;
-            }
-        }
-        wolfSSL_liboqsRngMutexUnlock();
-    }
-    if (ret == 0) {
-        key->prvKeySet = 1;
-        key->pubKeySet = 1;
-    }
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_NO_MAKE_KEY */
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-static int oqs_dilithium_sign_msg(const byte* msg, word32 msgLen, byte* sig,
-    word32 *sigLen, dilithium_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-    OQS_SIG *oqssig = NULL;
-    size_t localOutLen = 0;
-
-    if (!key->prvKeySet) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (key->level == WC_ML_DSA_44) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_44_ipd);
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_65_ipd);
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_87_ipd);
-        }
-        else {
-            ret = SIG_TYPE_E;
-        }
-    }
-
-    if ((ret == 0) && (oqssig == NULL)) {
-        ret = BUFFER_E;
-    }
-
-    /* check and set up out length */
-    if (ret == 0) {
-        if ((key->level == WC_ML_DSA_44) &&
-                (*sigLen < ML_DSA_LEVEL2_SIG_SIZE)) {
-            *sigLen = ML_DSA_LEVEL2_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == WC_ML_DSA_65) &&
-                 (*sigLen < ML_DSA_LEVEL3_SIG_SIZE)) {
-            *sigLen = ML_DSA_LEVEL3_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == WC_ML_DSA_87) &&
-                 (*sigLen < ML_DSA_LEVEL5_SIG_SIZE)) {
-            *sigLen = ML_DSA_LEVEL5_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        localOutLen = *sigLen;
-    }
-
-    if (ret == 0) {
-        ret = wolfSSL_liboqsRngMutexLock(rng);
-    }
-
-    if ((ret == 0) &&
-        (OQS_SIG_sign(oqssig, sig, &localOutLen, msg, msgLen, key->k)
-         == OQS_ERROR)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        *sigLen = (word32)localOutLen;
-    }
-
-    wolfSSL_liboqsRngMutexUnlock();
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
-static int oqs_dilithium_verify_msg(const byte* sig, word32 sigLen,
-    const byte* msg, word32 msgLen, int* res, dilithium_key* key)
-{
-    int ret = 0;
-    OQS_SIG *oqssig = NULL;
-
-    if (!key->pubKeySet) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (key->level == WC_ML_DSA_44) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_44_ipd);
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_65_ipd);
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_ml_dsa_87_ipd);
-        }
-        else {
-            ret = SIG_TYPE_E;
-        }
-    }
-
-    if ((ret == 0) && (oqssig == NULL)) {
-        ret = BUFFER_E;
-    }
-
-    if ((ret == 0) &&
-        (OQS_SIG_verify(oqssig, msg, msgLen, sig, sigLen, key->p)
-         == OQS_ERROR)) {
-         ret = SIG_VERIFY_E;
-    }
-
-    if (ret == 0) {
-        *res = 1;
-    }
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_NO_VERIFY */
-
-#else
-    #error "No dilithium implementation chosen."
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_MAKE_KEY
-int wc_dilithium_make_key(dilithium_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (rng == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_MakePqcSignatureKey(rng,
-                WC_PQC_SIG_TYPE_DILITHIUM, key->level, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-#ifdef WOLFSSL_WC_DILITHIUM
-        /* Check the level or parameters have been set. */
-        if (key->params == NULL) {
-            ret = BAD_STATE_E;
-        }
-        else {
-            /* Make the key. */
-            ret = dilithium_make_key(key, rng);
-        }
-#elif defined(HAVE_LIBOQS)
-        /* Make the key. */
-        ret = oqs_dilithium_make_key(key, rng);
-#endif
-    }
-
-    return ret;
-}
-
-int wc_dilithium_make_key_from_seed(dilithium_key* key, const byte* seed)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (seed == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-#ifdef WOLFSSL_WC_DILITHIUM
-        /* Check the level or parameters have been set. */
-        if (key->params == NULL) {
-            ret = BAD_STATE_E;
-        }
-        else {
-            /* Make the key. */
-            ret = dilithium_make_key_from_seed(key, seed);
-        }
-#elif defined(HAVE_LIBOQS)
-        /* Make the key. */
-        ret = NOT_COMPILED_IN;
-#endif
-    }
-
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_DILITHIUM_NO_SIGN
-/* Sign the message using the dilithium private key.
- *
- *  ctx         [in]      Context of signature.
- *  ctxLen      [in]      Length of context in bytes.
- *  msg         [in]      Message to sign.
- *  msgLen      [in]      Length of the message in bytes.
- *  sig         [out]     Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Dilithium key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL, public key not set
- *          or ctx is NULL and ctxLen is not 0,
- *          BUFFER_E when outLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_sign_ctx_msg(const byte* ctx, byte ctxLen, const byte* msg,
-    word32 msgLen, byte* sig, word32 *sigLen, dilithium_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((msg == NULL) || (sig == NULL) || (sigLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (ctx == NULL) && (ctxLen > 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, ctx, ctxLen,
-                    WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Sign message. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_sign_ctx_msg(key, rng, ctx, ctxLen, msg, msgLen, sig,
-            sigLen);
-    #elif defined(HAVE_LIBOQS)
-        ret = oqs_dilithium_sign_msg(msg, msgLen, sig, sigLen, key, rng);
-    #endif
-    }
-
-    return ret;
-}
-
-/* Sign the message using the dilithium private key.
- *
- *  msg         [in]      Message to sign.
- *  msgLen      [in]      Length of the message in bytes.
- *  sig         [out]     Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Dilithium key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL or public key not set,
- *          BUFFER_E when outLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_sign_msg(const byte* msg, word32 msgLen, byte* sig,
-    word32 *sigLen, dilithium_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((msg == NULL) || (sig == NULL) || (sigLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_PqcSign(msg, msgLen, sig, sigLen, NULL, 0,
-                    WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Sign message. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_sign_msg(key, rng, msg, msgLen, sig, sigLen);
-    #elif defined(HAVE_LIBOQS)
-        ret = oqs_dilithium_sign_msg(msg, msgLen, sig, sigLen, key, rng);
-    #endif
-    }
-
-    return ret;
-}
-
-/* Sign the message hash using the dilithium private key.
- *
- *  ctx         [in]      Context of signature.
- *  ctxLen      [in]      Length of context in bytes.
- *  hashAlg     [in]      Hash algorithm used on message.
- *  hash        [in]      Hash of message to sign.
- *  hashLen     [in]      Length of the message hash in bytes.
- *  sig         [out]     Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Dilithium key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL, public key not set
- *          or ctx is NULL and ctxLen is not 0,
- *          BUFFER_E when outLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_sign_ctx_hash(const byte* ctx, byte ctxLen, int hashAlg,
-   const byte* hash, word32 hashLen, byte* sig, word32 *sigLen,
-   dilithium_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((hash == NULL) || (sig == NULL) || (sigLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (ctx == NULL) && (ctxLen > 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_PqcSign(hash, hashLen, sig, sigLen, ctx, ctxLen,
-                    hashAlg, rng, WC_PQC_SIG_TYPE_DILITHIUM, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Sign message. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_sign_ctx_hash(key, rng, ctx, ctxLen, hashAlg, hash,
-            hashLen, sig, sigLen);
-    #elif defined(HAVE_LIBOQS)
-        ret = NOT_COMPILED_IN;
-        (void)hashAlg;
-        (void)hash;
-        (void)hashLen;
-        (void)rng;
-    #endif
-    }
-
-    return ret;
-}
-
-/* Sign the message using the dilithium private key.
- *
- *  ctx         [in]      Context of signature.
- *  ctxLen      [in]      Length of context in bytes.
- *  msg         [in]      Message to sign.
- *  msgLen      [in]      Length of the message in bytes.
- *  sig         [out]     Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Dilithium key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL, public key not set
- *          or ctx is NULL and ctxLen is not 0,
- *          BUFFER_E when outLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_sign_ctx_msg_with_seed(const byte* ctx, byte ctxLen,
-    const byte* msg, word32 msgLen, byte* sig, word32 *sigLen,
-    dilithium_key* key, const byte* seed)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((msg == NULL) || (sig == NULL) || (sigLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (ctx == NULL) && (ctxLen > 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Sign message. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_sign_ctx_msg_with_seed(key, seed, ctx, ctxLen, msg,
-            msgLen, sig, sigLen);
-    #elif defined(HAVE_LIBOQS)
-        ret = NOT_COMPILED_IN;
-        (void)msgLen;
-        (void)seed;
-    #endif
-    }
-
-    return ret;
-}
-
-/* Sign the message using the dilithium private key.
- *
- *  msg         [in]      Message to sign.
- *  msgLen      [in]      Length of the message in bytes.
- *  sig         [out]     Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Dilithium key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL or public key not set,
- *          BUFFER_E when outLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_sign_msg_with_seed(const byte* msg, word32 msgLen, byte* sig,
-    word32 *sigLen, dilithium_key* key, const byte* seed)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((msg == NULL) || (sig == NULL) || (sigLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Sign message. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_sign_msg_with_seed(key, seed, msg, msgLen, sig, sigLen);
-    #elif defined(HAVE_LIBOQS)
-        ret = NOT_COMPILED_IN;
-        (void)msgLen;
-        (void)seed;
-    #endif
-    }
-
-    return ret;
-}
-
-/* Sign the message using the dilithium private key.
- *
- *  ctx         [in]      Context of signature.
- *  ctxLen      [in]      Length of context in bytes.
- *  hashAlg     [in]      Hash algorithm used on message.
- *  hash        [in]      Hash of message to sign.
- *  hashLen     [in]      Length of the message hash in bytes.
- *  sig         [out]     Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Dilithium key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL, public key not set
- *          or ctx is NULL and ctxLen is not 0,
- *          BUFFER_E when outLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_sign_ctx_hash_with_seed(const byte* ctx, byte ctxLen,
-    int hashAlg, const byte* hash, word32 hashLen, byte* sig, word32 *sigLen,
-    dilithium_key* key, const byte* seed)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((hash == NULL) || (sig == NULL) || (sigLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (ctx == NULL) && (ctxLen > 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Sign message. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_sign_ctx_hash_with_seed(key, seed, ctx, ctxLen,
-            hashAlg, hash, hashLen, sig, sigLen);
-    #elif defined(HAVE_LIBOQS)
-        ret = NOT_COMPILED_IN;
-        (void)hashAlg;
-        (void)hash;
-        (void)hashLen;
-        (void)seed;
-    #endif
-    }
-
-    return ret;
-}
-#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */
-
-#ifndef WOLFSSL_DILITHIUM_NO_VERIFY
-/* Verify the message using the dilithium public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  ctx         [in]  Context of signature.
- *  ctxLen      [in]  Length of context in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Dilithium key to use to verify.
- *  returns BAD_FUNC_ARG when a parameter is NULL, public key not set
- *          or ctx is NULL and ctxLen is not 0,
- *          BUFFER_E when sigLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_verify_ctx_msg(const byte* sig, word32 sigLen, const byte* ctx,
-    word32 ctxLen, const byte* msg, word32 msgLen, int* res, dilithium_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (msg == NULL) || (res == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (ctx == NULL) && (ctxLen > 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, ctx, ctxLen,
-                    WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Verify message with signature. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_verify_ctx_msg(key, ctx, ctxLen, msg, msgLen, sig,
-            sigLen, res);
-    #elif defined(HAVE_LIBOQS)
-        ret = NOT_COMPILED_IN;
-        (void)sigLen;
-        (void)msgLen;
-        (void)res;
-    #endif
-    }
-
-    return ret;
-}
-
-/* Verify the message using the dilithium public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Dilithium key to use to verify.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          BUFFER_E when sigLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-    word32 msgLen, int* res, dilithium_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (msg == NULL) || (res == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, NULL, 0,
-                    WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Verify message with signature. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_verify_msg(key, msg, msgLen, sig, sigLen, res);
-    #elif defined(HAVE_LIBOQS)
-        ret = oqs_dilithium_verify_msg(sig, sigLen, msg, msgLen, res, key);
-    #endif
-    }
-
-    return ret;
-}
-
-/* Verify the message using the dilithium public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  ctx         [in]  Context of signature.
- *  ctxLen      [in]  Length of context in bytes.
- *  hashAlg     [in]  Hash algorithm used on message.
- *  hash        [in]  Hash of message to verify.
- *  hashLen     [in]  Length of the message hash in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Dilithium key to use to verify.
- *  returns BAD_FUNC_ARG when a parameter is NULL, public key not set
- *          or ctx is NULL and ctxLen is not 0,
- *          BUFFER_E when sigLen is less than DILITHIUM_LEVEL2_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_dilithium_verify_ctx_hash(const byte* sig, word32 sigLen,
-    const byte* ctx, word32 ctxLen, int hashAlg, const byte* hash,
-    word32 hashLen, int* res, dilithium_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (hash == NULL) || (res == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (ctx == NULL) && (ctxLen > 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-    #ifndef WOLF_CRYPTO_CB_FIND
-        if (key->devId != INVALID_DEVID)
-    #endif
-        {
-            ret = wc_CryptoCb_PqcVerify(sig, sigLen, hash, hashLen, ctx, ctxLen,
-                    hashAlg, res, WC_PQC_SIG_TYPE_DILITHIUM, key);
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-                return ret;
-            /* fall-through when unavailable */
-            ret = 0;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Verify message with signature. */
-    #ifdef WOLFSSL_WC_DILITHIUM
-        ret = dilithium_verify_ctx_hash(key, ctx, ctxLen, hashAlg, hash,
-            hashLen, sig, sigLen, res);
-    #elif defined(HAVE_LIBOQS)
-        ret = NOT_COMPILED_IN;
-        (void)sigLen;
-        (void)hashAlg;
-        (void)hash;
-        (void)hashLen;
-    #endif
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_NO_VERIFY */
-
-#ifndef WC_NO_CONSTRUCTORS
-/**
- * Create a new dilithium key object.
- *
- * heap  [in]  Dynamic memory hint.
- * devId [in]  Device Id.
- * returns MEMORY_E when dynamic memory allocation fails
- */
-
-dilithium_key* wc_dilithium_new(void* heap, int devId)
-{
-    int ret;
-    dilithium_key* key = (dilithium_key*)XMALLOC(sizeof(dilithium_key), heap,
-        DYNAMIC_TYPE_DILITHIUM);
-    if (key != NULL) {
-        ret = wc_dilithium_init_ex(key, heap, devId);
-        if (ret != 0) {
-            XFREE(key, heap, DYNAMIC_TYPE_DILITHIUM);
-            key = NULL;
-        }
-    }
-
-    return key;
-}
-
-/**
- * Delete and free a dilithium key object.
- *
- * key   [in]       dilithium key object to delete.
- * key_p [in, out]  Pointer to key pointer to set to NULL.
- * returns BAD_FUNC_ARG when key is NULL
- */
-
-int wc_dilithium_delete(dilithium_key* key, dilithium_key** key_p)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-    wc_dilithium_free(key);
-    XFREE(key, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    if (key_p != NULL)
-        *key_p = NULL;
-
-    return 0;
-}
-#endif /* !WC_NO_CONSTRUCTORS */
-
-/* Initialize the dilithium private/public key.
- *
- * key  [in]  Dilithium key.
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_dilithium_init(dilithium_key* key)
-{
-    return wc_dilithium_init_ex(key, NULL, INVALID_DEVID);
-}
-
-/* Initialize the dilithium private/public key.
- *
- * key  [in]  Dilithium key.
- * heap [in]  Heap hint.
- * devId[in]  Device ID.
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_dilithium_init_ex(dilithium_key* key, void* heap, int devId)
-{
-    int ret = 0;
-
-    (void)devId;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Ensure all fields reset. */
-        XMEMSET(key, 0, sizeof(*key));
-
-    #ifdef WOLF_CRYPTO_CB
-        key->devCtx = NULL;
-        key->devId = devId;
-    #endif
-    #ifdef WOLF_PRIVATE_KEY_ID
-        key->idLen = 0;
-        key->labelLen = 0;
-    #endif
-        key->heap = heap;
-    }
-
-#if defined(WOLFSSL_WC_DILITHIUM) && defined(USE_INTEL_SPEEDUP)
-    cpuid_get_flags_ex(&cpuid_flags);
-#endif
-
-    return ret;
-}
-
-#ifdef WOLF_PRIVATE_KEY_ID
-int wc_dilithium_init_id(dilithium_key* key, const unsigned char* id, int len,
-    void* heap, int devId)
-{
-    int ret = 0;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && ((len < 0) || (len > DILITHIUM_MAX_ID_LEN))) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        ret = wc_dilithium_init_ex(key, heap, devId);
-    }
-    if ((ret == 0) && (id != NULL) && (len != 0)) {
-        XMEMCPY(key->id, id, (size_t)len);
-        key->idLen = len;
-    }
-
-    /* Set the maximum level here */
-    wc_dilithium_set_level(key, WC_ML_DSA_87);
-
-    return ret;
-}
-
-int wc_dilithium_init_label(dilithium_key* key, const char* label, void* heap,
-    int devId)
-{
-    int ret = 0;
-    int labelLen = 0;
-
-    if ((key == NULL) || (label == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        labelLen = (int)XSTRLEN(label);
-        if ((labelLen == 0) || (labelLen > DILITHIUM_MAX_LABEL_LEN)) {
-            ret = BUFFER_E;
-        }
-    }
-
-    if (ret == 0) {
-        ret = wc_dilithium_init_ex(key, heap, devId);
-    }
-    if (ret == 0) {
-        XMEMCPY(key->label, label, (size_t)labelLen);
-        key->labelLen = labelLen;
-    }
-
-    /* Set the maximum level here */
-    wc_dilithium_set_level(key, WC_ML_DSA_87);
-
-    return ret;
-}
-#endif
-
-/* Set the level of the dilithium private/public key.
- *
- * key   [out]  Dilithium key.
- * level [in]   Either 2,3 or 5.
- * returns BAD_FUNC_ARG when key is NULL or level is a bad values.
- */
-int wc_dilithium_set_level(dilithium_key* key, byte level)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && ((level == WC_ML_DSA_44) || (level == WC_ML_DSA_65) ||
-            (level == WC_ML_DSA_87))) {
-        /* Nothing to do. */
-    }
-#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-    else if ((ret == 0) && ((level == WC_ML_DSA_44_DRAFT) ||
-             (level == WC_ML_DSA_65_DRAFT) || (level == WC_ML_DSA_87_DRAFT))) {
-        /* Nothing to do. */
-    }
-#endif
-    else {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-#ifdef WOLFSSL_WC_DILITHIUM
-        /* Get the parameters for level into key. */
-        ret = dilithium_get_params(level, &key->params);
-    }
-    if (ret == 0) {
-        /* Clear any cached items. */
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    #ifdef WC_DILITHIUM_CACHE_MATRIX_A
-        XFREE(key->a, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        key->a = NULL;
-        key->aSet = 0;
-    #endif
-    #ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-        XFREE(key->s1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        key->s1 = NULL;
-        key->s2 = NULL;
-        key->t0 = NULL;
-        key->privVecsSet = 0;
-    #endif
-    #ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-        XFREE(key->t1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        key->t1 = NULL;
-        key->pubVecSet = 0;
-    #endif
-#endif
-#endif /* WOLFSSL_WC_DILITHIUM */
-
-        /* Store level and indicate public and private key are not set. */
-        key->level = level % WC_ML_DSA_DRAFT;
-        key->pubKeySet = 0;
-        key->prvKeySet = 0;
-    }
-
-    return ret;
-}
-
-/* Get the level of the dilithium private/public key.
- *
- * key   [in]  Dilithium key.
- * level [out] The level.
- * returns BAD_FUNC_ARG when key is NULL or level has not been set.
- */
-int wc_dilithium_get_level(dilithium_key* key, byte* level)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (level == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (key->level != WC_ML_DSA_44) &&
-            (key->level != WC_ML_DSA_65) && (key->level != WC_ML_DSA_87)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Return level. */
-        *level = key->level;
-    }
-
-    return ret;
-}
-
-/* Clears the dilithium key data
- *
- * key  [in]  Dilithium key.
- */
-void wc_dilithium_free(dilithium_key* key)
-{
-    if (key != NULL) {
-#ifdef WOLFSSL_WC_DILITHIUM
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-        /* Dispose of cached items. */
-    #ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-        XFREE(key->t1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    #endif
-    #ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-        XFREE(key->s1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    #endif
-    #ifdef WC_DILITHIUM_CACHE_MATRIX_A
-        XFREE(key->a, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    #endif
-#endif
-        /* Intel speedup code manually manipulates the state. */
-#ifndef USE_INTEL_SPEEDUP
-        /* Free the SHAKE-128/256 object. */
-        wc_Shake256_Free(&key->shake);
-#endif
-#endif
-        /* Ensure all private data is zeroized. */
-        ForceZero(key, sizeof(*key));
-    }
-}
-
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-/* Returns the size of a dilithium private key.
- *
- * @param [in] key  Dilithium private/public key.
- * @return  Private key size on success for set level.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_dilithium_size(dilithium_key* key)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    if (key != NULL) {
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            ret = DILITHIUM_LEVEL2_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            ret = DILITHIUM_LEVEL3_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            ret = DILITHIUM_LEVEL5_KEY_SIZE;
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            ret = ML_DSA_LEVEL2_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            ret = ML_DSA_LEVEL3_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            ret = ML_DSA_LEVEL5_KEY_SIZE;
-        }
-    }
-
-    return ret;
-}
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-/* Returns the size of a dilithium private plus public key.
- *
- * @param [in] key  Dilithium private/public key.
- * @return  Private key size on success for set level.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_dilithium_priv_size(dilithium_key* key)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    if (key != NULL) {
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            ret = DILITHIUM_LEVEL2_PRV_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            ret = DILITHIUM_LEVEL3_PRV_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            ret = DILITHIUM_LEVEL5_PRV_KEY_SIZE;
-        }
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            ret = ML_DSA_LEVEL2_PRV_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            ret = ML_DSA_LEVEL3_PRV_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            ret = ML_DSA_LEVEL5_PRV_KEY_SIZE;
-        }
-    }
-
-    return ret;
-}
-
-/* Returns the size of a dilithium private plus public key.
- *
- * @param [in]  key  Dilithium private/public key.
- * @param [out] len  Private key size for set level.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_MlDsaKey_GetPrivLen(MlDsaKey* key, int* len)
-{
-    int ret = 0;
-
-    *len = wc_dilithium_priv_size(key);
-    if (*len < 0) {
-        ret = *len;
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_PUBLIC_KEY */
-#endif /* WOLFSSL_DILITHIUM_PRIVATE_KEY */
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-/* Returns the size of a dilithium public key.
- *
- * @param [in] key  Dilithium private/public key.
- * @return  Public key size on success for set level.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_dilithium_pub_size(dilithium_key* key)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    if (key != NULL) {
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            ret = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            ret = DILITHIUM_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            ret = DILITHIUM_LEVEL5_PUB_KEY_SIZE;
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            ret = ML_DSA_LEVEL2_PUB_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            ret = ML_DSA_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            ret = ML_DSA_LEVEL5_PUB_KEY_SIZE;
-        }
-    }
-
-    return ret;
-}
-
-/* Returns the size of a dilithium public key.
- *
- * @param [in]  key  Dilithium private/public key.
- * @param [out] len  Public key size for set level.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_MlDsaKey_GetPubLen(MlDsaKey* key, int* len)
-{
-    int ret = 0;
-
-    *len = wc_dilithium_pub_size(key);
-    if (*len < 0) {
-        ret = *len;
-    }
-
-    return ret;
-}
-#endif
-
-#if !defined(WOLFSSL_DILITHIUM_NO_SIGN) || !defined(WOLFSSL_DILITHIUM_NO_VERIFY)
-/* Returns the size of a dilithium signature.
- *
- * @param [in] key  Dilithium private/public key.
- * @return  Signature size on success for set level.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_dilithium_sig_size(dilithium_key* key)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    if (key != NULL) {
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            ret = DILITHIUM_LEVEL2_SIG_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            ret = DILITHIUM_LEVEL3_SIG_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            ret = DILITHIUM_LEVEL5_SIG_SIZE;
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            ret = ML_DSA_LEVEL2_SIG_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            ret = ML_DSA_LEVEL3_SIG_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            ret = ML_DSA_LEVEL5_SIG_SIZE;
-        }
-    }
-
-    return ret;
-}
-
-/* Returns the size of a dilithium signature.
- *
- * @param [in]  key  Dilithium private/public key.
- * @param [out] len  Signature size for set level.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL or level not set,
- */
-int wc_MlDsaKey_GetSigLen(MlDsaKey* key, int* len)
-{
-    int ret = 0;
-
-    *len = wc_dilithium_sig_size(key);
-    if (*len < 0) {
-        ret = *len;
-    }
-
-    return ret;
-}
-#endif
-
-#ifdef WOLFSSL_DILITHIUM_CHECK_KEY
-/* Check the public key of the dilithium key matches the private key.
- *
- * @param [in] key  Dilithium private/public key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL or no private key available,
- * @return  PUBLIC_KEY_E when the public key is not set or doesn't match,
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_dilithium_check_key(dilithium_key* key)
-{
-    int ret = 0;
-#ifdef WOLFSSL_WC_DILITHIUM
-    const wc_dilithium_params* params = NULL;
-    sword32* a  = NULL;
-    sword32* s1 = NULL;
-    sword32* s2 = NULL;
-    sword32* t  = NULL;
-    sword32* t0 = NULL;
-    sword32* t1 = NULL;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (!key->prvKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = PUBLIC_KEY_E;
-    }
-
-    /* Any value in public key are valid.
-     * Public seed is hashed to generate matrix A.
-     * t1 is the top 10 bits of a number in range of 0..(Q-1).
-     * Q >> 13 = 0x3ff so all encoded values are valid.
-     */
-
-    if (ret == 0) {
-        unsigned int allocSz;
-
-        params = key->params;
-
-        /* s1-L, s2-K, t0-K, t-K, t1-K */
-        allocSz = params->s1Sz + 4 * params->s2Sz;
-#if !defined(WC_DILITHIUM_CACHE_MATRIX_A)
-        /* A-KxL */
-        allocSz += params->aSz;
-#endif
-
-        /* Allocate memory for large intermediates. */
-        s1 = (sword32*)XMALLOC(allocSz, key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (s1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(s1, 0, allocSz);
-            s2 = s1 + params->s1Sz / sizeof(*s1);
-            t0 = s2 + params->s2Sz / sizeof(*s2);
-            t  = t0 + params->s2Sz / sizeof(*t0);
-            t1 = t  + params->s2Sz / sizeof(*t);
-#if !defined(WC_DILITHIUM_CACHE_MATRIX_A)
-            a  = t1 + params->s2Sz / sizeof(*t1);
-#else
-            a = key->a;
-#endif
-        }
-    }
-
-    if (ret == 0) {
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-        /* Check that we haven't already cached the matrix A. */
-        if (!key->aSet)
-#endif
-        {
-            const byte* pub_seed = key->p;
-
-            ret = dilithium_expand_a(&key->shake, pub_seed, params->k,
-                params->l, a, key->heap);
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-            key->aSet = (ret == 0);
-#endif
-        }
-    }
-    if (ret == 0) {
-        const byte* s1p = key->k + DILITHIUM_PUB_SEED_SZ + DILITHIUM_K_SZ +
-                                   DILITHIUM_TR_SZ;
-        const byte* s2p = s1p + params->s1EncSz;
-        const byte* t0p = s2p + params->s2EncSz;
-        const byte* t1p = key->p + DILITHIUM_PUB_SEED_SZ;
-        sword32* tt = t;
-        unsigned int i;
-        unsigned int j;
-        sword32 x = 0;
-
-        /* Get s1, s2 and t0 from private key. */
-        dilithium_vec_decode_eta_bits(s1p, params->eta, s1, params->l);
-        dilithium_vec_decode_eta_bits(s2p, params->eta, s2, params->k);
-        dilithium_vec_decode_t0(t0p, params->k, t0);
-
-        /* Get t1 from public key. */
-        dilithium_vec_decode_t1(t1p, params->k, t1);
-
-        /* Calcaluate t = NTT-1(A o NTT(s1)) + s2 */
-        dilithium_vec_ntt_small_full(s1, params->l);
-        dilithium_matrix_mul(t, a, s1, params->k, params->l);
-        dilithium_vec_invntt_full(t, params->k);
-        dilithium_vec_add(t, s2, params->k);
-        /* Subtract t0 from t. */
-        dilithium_vec_sub(t, t0, params->k);
-        /* Make t positive to match t1. */
-        dilithium_vec_make_pos(t, params->k);
-
-        /* Check t - t0 and t1 are the same. */
-        for (i = 0; i < params->k; i++) {
-            for (j = 0; j < DILITHIUM_N; j++) {
-                x |= tt[j] ^ t1[j];
-            }
-            tt += DILITHIUM_N;
-            t1 += DILITHIUM_N;
-        }
-        /* Check the public seed is the same in private and public key. */
-        for (i = 0; i < DILITHIUM_PUB_SEED_SZ; i++) {
-            x |= key->p[i] ^ key->k[i];
-        }
-
-        if ((ret == 0) && (x != 0)) {
-            ret = PUBLIC_KEY_E;
-        }
-    }
-
-    if (key != NULL) {
-        /* Dispose of allocated memory. */
-        XFREE(s1, key->heap, DYNAMIC_TYPE_DILITHIUM);
-    }
-#else
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (!key->prvKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = PUBLIC_KEY_E;
-    }
-
-    if (ret == 0) {
-        int i;
-        sword32 x = 0;
-
-        /* Check the public seed is the same in private and public key. */
-        for (i = 0; i < 32; i++) {
-            x |= key->p[i] ^ key->k[i];
-        }
-
-        if (x != 0) {
-            ret = PUBLIC_KEY_E;
-        }
-    }
-#endif /* WOLFSSL_WC_DILITHIUM */
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_CHECK_KEY */
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-
-/* Export the dilithium public key.
- *
- * @param [in]      key     Dilithium public key.
- * @param [out]     out     Array to hold public key.
- * @param [in, out] outLen  On in, the number of bytes in array.
- *                          On out, the number bytes put into array.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BUFFER_E when outLen is less than DILITHIUM_LEVEL2_PUB_KEY_SIZE.
- */
-int wc_dilithium_export_public(dilithium_key* key, byte* out, word32* outLen)
-{
-    int ret = 0;
-    word32 inLen;
-
-    /* Validate parameters */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        /* Get length passed in for checking. */
-        inLen = *outLen;
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            /* Set out length. */
-            *outLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
-            /* Validate length passed in. */
-            if (inLen < DILITHIUM_LEVEL2_PUB_KEY_SIZE) {
-                ret = BUFFER_E;
-            }
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            /* Set out length. */
-            *outLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE;
-            /* Validate length passed in. */
-            if (inLen < DILITHIUM_LEVEL3_PUB_KEY_SIZE) {
-                ret = BUFFER_E;
-            }
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            /* Set out length. */
-            *outLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE;
-            /* Validate length passed in. */
-            if (inLen < DILITHIUM_LEVEL5_PUB_KEY_SIZE) {
-                ret = BUFFER_E;
-            }
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            /* Set out length. */
-            *outLen = ML_DSA_LEVEL2_PUB_KEY_SIZE;
-            /* Validate length passed in. */
-            if (inLen < ML_DSA_LEVEL2_PUB_KEY_SIZE) {
-                ret = BUFFER_E;
-            }
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            /* Set out length. */
-            *outLen = ML_DSA_LEVEL3_PUB_KEY_SIZE;
-            /* Validate length passed in. */
-            if (inLen < ML_DSA_LEVEL3_PUB_KEY_SIZE) {
-                ret = BUFFER_E;
-            }
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            /* Set out length. */
-            *outLen = ML_DSA_LEVEL5_PUB_KEY_SIZE;
-            /* Validate length passed in. */
-            if (inLen < ML_DSA_LEVEL5_PUB_KEY_SIZE) {
-                ret = BUFFER_E;
-            }
-        }
-        else {
-            /* Level not set. */
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    /* Check public key available. */
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Copy public key out. */
-        XMEMCPY(out, key->p, *outLen);
-    }
-
-    return ret;
-}
-
-/* Import a dilithium public key from a byte array.
- *
- * Public key encoded in big-endian.
- *
- * @param [in]      in     Array holding public key.
- * @param [in]      inLen  Number of bytes of data in array.
- * @param [in, out] key    Dilithium public key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when in or key is NULL or key format is not supported.
- */
-int wc_dilithium_import_public(const byte* in, word32 inLen, dilithium_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((in == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            /* Check length. */
-            if (inLen != DILITHIUM_LEVEL2_PUB_KEY_SIZE) {
-                ret = BAD_FUNC_ARG;
-            }
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            /* Check length. */
-            if (inLen != DILITHIUM_LEVEL3_PUB_KEY_SIZE) {
-                ret = BAD_FUNC_ARG;
-            }
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            /* Check length. */
-            if (inLen != DILITHIUM_LEVEL5_PUB_KEY_SIZE) {
-                ret = BAD_FUNC_ARG;
-            }
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            /* Check length. */
-            if (inLen != ML_DSA_LEVEL2_PUB_KEY_SIZE) {
-                ret = BAD_FUNC_ARG;
-            }
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            /* Check length. */
-            if (inLen != ML_DSA_LEVEL3_PUB_KEY_SIZE) {
-                ret = BAD_FUNC_ARG;
-            }
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            /* Check length. */
-            if (inLen != ML_DSA_LEVEL5_PUB_KEY_SIZE) {
-                ret = BAD_FUNC_ARG;
-            }
-        }
-        else {
-            /* Level not set. */
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        /* Copy the private key data in or copy pointer. */
-    #ifndef WOLFSSL_DILITHIUM_ASSIGN_KEY
-        XMEMCPY(key->p, in, inLen);
-    #else
-        key->p = in;
-    #endif
-
-#ifdef WC_DILITHIUM_CACHE_PUB_VECTORS
-    #ifndef WC_DILITHIUM_FIXED_ARRAY
-        /* Allocate t1 if required. */
-        if (key->t1 == NULL) {
-            key->t1 = (sword32*)XMALLOC(key->params->s2Sz, key->heap,
-                DYNAMIC_TYPE_DILITHIUM);
-            if (key->t1 == NULL) {
-                ret = MEMORY_E;
-            }
-            else {
-                XMEMSET(key->t1, 0, key->params->s2Sz);
-            }
-        }
-    #endif
-    }
-    if (ret == 0) {
-        /* Compute t1 from public key data. */
-        dilithium_make_pub_vec(key, key->t1);
-#endif
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-    #ifndef WC_DILITHIUM_FIXED_ARRAY
-        /* Allocate matrix a if required. */
-        if (key->a == NULL) {
-            key->a = (sword32*)XMALLOC(key->params->aSz, key->heap,
-                DYNAMIC_TYPE_DILITHIUM);
-            if (key->a == NULL) {
-                ret = MEMORY_E;
-            }
-            else {
-                XMEMSET(key->a, 0, key->params->aSz);
-            }
-        }
-    #endif
-    }
-    if (ret == 0) {
-        /* Compute matrix a from public key data. */
-        ret = dilithium_expand_a(&key->shake, key->p, key->params->k,
-            key->params->l, key->a, key->heap);
-        if (ret == 0) {
-            key->aSet = 1;
-        }
-    }
-    if (ret == 0) {
-#endif
-        /* Public key is set. */
-        key->pubKeySet = 1;
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_DILITHIUM_PUBLIC_KEY */
-
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-
-/* Set the private key data into key.
- *
- * @param [in]     priv    Private key data.
- * @param [in]     privSz  Size of private key data in bytes.
- * @param in, out] key     Dilithium key to set into.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when private key size is invalid.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other negative on hash error.
- */
-static int dilithium_set_priv_key(const byte* priv, word32 privSz,
-    dilithium_key* key)
-{
-    int ret = 0;
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-    const wc_dilithium_params* params = key->params;
-#endif
-
-    /* Validate parameters. */
-    if ((privSz != ML_DSA_LEVEL2_KEY_SIZE) &&
-            (privSz != ML_DSA_LEVEL3_KEY_SIZE) &&
-            (privSz != ML_DSA_LEVEL5_KEY_SIZE)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Copy the private key data in or copy pointer. */
-    #ifndef WOLFSSL_DILITHIUM_ASSIGN_KEY
-        XMEMCPY(key->k, priv, privSz);
-    #else
-        key->k = priv;
-    #endif
-    }
-
-        /* Allocate and create cached values. */
-#ifdef WC_DILITHIUM_CACHE_MATRIX_A
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if (ret == 0) {
-        /* Allocate matrix a if required. */
-        if (key->a == NULL) {
-            key->a = (sword32*)XMALLOC(params->aSz, key->heap,
-                DYNAMIC_TYPE_DILITHIUM);
-            if (key->a == NULL) {
-                ret = MEMORY_E;
-            }
-            else {
-                XMEMSET(key->a, 0, params->aSz);
-            }
-        }
-    }
-#endif
-    if (ret == 0) {
-        /* Compute matrix a from private key data. */
-        ret = dilithium_expand_a(&key->shake, key->k, params->k, params->l,
-            key->a, key->heap);
-        if (ret == 0) {
-            key->aSet = 1;
-        }
-    }
-#endif
-#ifdef WC_DILITHIUM_CACHE_PRIV_VECTORS
-#ifndef WC_DILITHIUM_FIXED_ARRAY
-    if ((ret == 0) && (key->s1 == NULL)) {
-        /* Allocate L vector s1, K vector s2 and K vector t0 if required. */
-        key->s1 = (sword32*)XMALLOC(params->s1Sz + params->s2Sz + params->s2Sz,
-            key->heap, DYNAMIC_TYPE_DILITHIUM);
-        if (key->s1 == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(key->s1, 0, params->s1Sz + params->s2Sz + params->s2Sz);
-        }
-        if (ret == 0) {
-            /* Set pointers into allocated memory. */
-            key->s2 = key->s1 + params->s1Sz / sizeof(*key->s1);
-            key->t0 = key->s2 + params->s2Sz / sizeof(*key->s2);
-        }
-    }
-#endif
-    if (ret == 0) {
-        /* Compute vectors from private key. */
-        dilithium_make_priv_vecs(key, key->s1, key->s2, key->t0);
-    }
-#endif
-    if (ret == 0) {
-        /* Private key is set. */
-        key->prvKeySet = 1;
-    }
-
-    return ret;
-}
-
-/* Import a dilithium private key from a byte array.
- *
- * @param [in]      priv    Array holding private key.
- * @param [in]      privSz  Number of bytes of data in array.
- * @param [in, out] key     Dilithium private key.
- * @return  0 otherwise.
- * @return  BAD_FUNC_ARG when a parameter is NULL or privSz is less than size
- *          required for level,
- */
-int wc_dilithium_import_private(const byte* priv, word32 privSz,
-    dilithium_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((priv == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (key->level != WC_ML_DSA_44) &&
-            (key->level != WC_ML_DSA_65) && (key->level != WC_ML_DSA_87)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Set the private key data. */
-        ret = dilithium_set_priv_key(priv, privSz, key);
-    }
-
-    return ret;
-}
-
-#if defined(WOLFSSL_DILITHIUM_PUBLIC_KEY)
-/* Import a dilithium private and public keys from byte array(s).
- *
- * @param [in] priv    Array holding private key or private+public keys
- * @param [in] privSz  Number of bytes of data in private key array.
- * @param [in] pub     Array holding public key (or NULL).
- * @param [in] pubSz   Number of bytes of data in public key array (or 0).
- * @param [in] key     Dilithium private/public key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a required parameter is NULL an invalid
- *          combination of keys/lengths is supplied.
- */
-int wc_dilithium_import_key(const byte* priv, word32 privSz,
-    const byte* pub, word32 pubSz, dilithium_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((priv == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((pub == NULL) && (pubSz != 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (key->level != WC_ML_DSA_44) &&
-            (key->level != WC_ML_DSA_65) && (key->level != WC_ML_DSA_87)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (pub != NULL)) {
-        /* Import public key. */
-        ret = wc_dilithium_import_public(pub, pubSz, key);
-    }
-    if (ret == 0) {
-        ret = dilithium_set_priv_key(priv, privSz, key);
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_PUBLIC_KEY */
-
-/* Export the dilithium private key.
- *
- * @param [in]      key     Dilithium private key.
- * @param [out]     out     Array to hold private key.
- * @param [in, out] outLen  On in, the number of bytes in array.
- *                          On out, the number bytes put into array.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BUFFER_E when outLen is less than DILITHIUM_LEVEL2_KEY_SIZE.
- */
-int wc_dilithium_export_private(dilithium_key* key, byte* out,
-    word32* outLen)
-{
-    int ret = 0;
-    word32 inLen = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check private key available. */
-    if ((ret == 0) && (!key->prvKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        inLen = *outLen;
-        /* check and set up out length */
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            *outLen = DILITHIUM_LEVEL2_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            *outLen = DILITHIUM_LEVEL3_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            *outLen = DILITHIUM_LEVEL5_KEY_SIZE;
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            *outLen = ML_DSA_LEVEL2_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            *outLen = ML_DSA_LEVEL3_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            *outLen = ML_DSA_LEVEL5_KEY_SIZE;
-        }
-        else {
-            /* Level not set. */
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    /* Check array length. */
-    if ((ret == 0) && (inLen < *outLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        /* Copy private key out key. */
-        XMEMCPY(out, key->k, *outLen);
-    }
-
-    return ret;
-}
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-/* Export the dilithium private and public key.
- *
- * @param [in]      key     Dilithium private/public key.
- * @param [out]     priv    Array to hold private key.
- * @param [in, out] privSz  On in, the number of bytes in private key array.
- *                          On out, the number bytes put into private key.
- * @param [out]     pub     Array to hold  public key.
- * @param [in, out] pubSz   On in, the number of bytes in public key array.
- *                          On out, the number bytes put into public key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a key, priv, privSz, pub or pubSz is NULL.
- * @return  BUFFER_E when privSz or pubSz is less than required size.
- */
-int wc_dilithium_export_key(dilithium_key* key, byte* priv, word32 *privSz,
-    byte* pub, word32 *pubSz)
-{
-    int ret;
-
-    /* Export private key only. */
-    ret = wc_dilithium_export_private(key, priv, privSz);
-    if (ret == 0) {
-        /* Export public key. */
-        ret = wc_dilithium_export_public(key, pub, pubSz);
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_PUBLIC_KEY */
-
-#endif /* WOLFSSL_DILITHIUM_PRIVATE_KEY */
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-
-/* Maps ASN.1 OID to wolfCrypt security level macros */
-static int mapOidToSecLevel(int oid)
-{
-    switch (oid) {
-        case ML_DSA_LEVEL2k:
-            return WC_ML_DSA_44;
-        case ML_DSA_LEVEL3k:
-            return WC_ML_DSA_65;
-        case ML_DSA_LEVEL5k:
-            return WC_ML_DSA_87;
-#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
-        case DILITHIUM_LEVEL2k:
-            return WC_ML_DSA_44_DRAFT;
-        case DILITHIUM_LEVEL3k:
-            return WC_ML_DSA_65_DRAFT;
-        case DILITHIUM_LEVEL5k:
-            return WC_ML_DSA_87_DRAFT;
-#endif
-        default:
-            return ASN_UNKNOWN_OID_E;
-    }
-}
-
-/* Get OID sum from dilithium key */
-int dilithium_get_oid_sum(dilithium_key* key, int* keyFormat) {
-    int ret = 0;
-
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-    if (key->params == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-        *keyFormat = DILITHIUM_LEVEL2k;
-    }
-    else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-        *keyFormat = DILITHIUM_LEVEL3k;
-    }
-    else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-        *keyFormat = DILITHIUM_LEVEL5k;
-    }
-    else
-    #endif /* WOLFSSL_DILITHIUM_FIPS204_DRAFT */
-    if (key->level == WC_ML_DSA_44) {
-        *keyFormat = ML_DSA_LEVEL2k;
-    }
-    else if (key->level == WC_ML_DSA_65) {
-        *keyFormat = ML_DSA_LEVEL3k;
-    }
-    else if (key->level == WC_ML_DSA_87) {
-        *keyFormat = ML_DSA_LEVEL5k;
-    }
-    else {
-        /* Level is not set */
-        ret = ALGO_ID_E;
-    }
-
-    return ret;
-}
-
-#if defined(WOLFSSL_DILITHIUM_PRIVATE_KEY)
-
-/* Decode the DER encoded Dilithium key.
- *
- * @param [in]      input     Array holding DER encoded data.
- * @param [in, out] inOutIdx  On in, index into array of start of DER encoding.
- *                            On out, index into array after DER encoding.
- * @param [in, out] key       Dilithium key structure to hold the decoded key.
- *                            If the security level is set in the key structure
- *                            on input, the DER key will be decoded as such and
- *                            will fail if there is a mismatch. If the level
- *                            and parameters are not set in the key structure on
- *                            input, the level will be detected from the DER
- *                            file based on the algorithm OID, appropriately
- *                            decoded, then updated in the key structure on
- *                            output. Auto-detection of the security level is
- *                            not supported if compiled for FIPS 204 draft mode.
- * @param [in]      inSz      Total size of the input DER buffer array.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when input, inOutIdx or key is NULL or inSz is 0.
- * @return  Other negative on parse error.
- */
-int wc_Dilithium_PrivateKeyDecode(const byte* input, word32* inOutIdx,
-    dilithium_key* key, word32 inSz)
-{
-    int ret = 0;
-    const byte* seed = NULL;
-    const byte* privKey = NULL;
-    const byte* pubKey = NULL;
-    word32 seedLen = 0;
-    word32 privKeyLen = 0;
-    word32 pubKeyLen = 0;
-    int keyType = 0;
-    int autoKeyType = ANONk;
-
-    /* Validate parameters. */
-    if ((input == NULL) || (inOutIdx == NULL) || (key == NULL) || (inSz == 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Get OID sum for level. */
-        if (key->level == 0) { /* Check first, because key->params will be NULL
-                               * when key->level = 0 */
-            /* Level not set by caller, decode from DER */
-            keyType = ANONk;
-        }
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        else if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            keyType = DILITHIUM_LEVEL2k;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            keyType = DILITHIUM_LEVEL3k;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            keyType = DILITHIUM_LEVEL5k;
-        }
-    #endif
-        else if (key->level == WC_ML_DSA_44) {
-            keyType = ML_DSA_LEVEL2k;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            keyType = ML_DSA_LEVEL3k;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            keyType = ML_DSA_LEVEL5k;
-        }
-        else {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        /* Decode the asymmetric key and get out private and public key data. */
-#ifndef WOLFSSL_ASN_TEMPLATE
-        ret = DecodeAsymKey_Assign(input, inOutIdx, inSz,
-                                   NULL, NULL,
-                                   &privKey, &privKeyLen,
-                                   &pubKey, &pubKeyLen, &autoKeyType);
-#else
-        ret = DecodeAsymKey_Assign(input, inOutIdx, inSz,
-                                   &seed, &seedLen,
-                                   &privKey, &privKeyLen,
-                                   &pubKey, &pubKeyLen, &autoKeyType);
-#endif /* WOLFSSL_ASN_TEMPLATE */
-    }
-
-    if (ret == 0) {
-        if (keyType == ANONk && autoKeyType != ANONk) {
-            /* Set the security level based on the decoded key. */
-            ret = mapOidToSecLevel(autoKeyType);
-            if (ret > 0) {
-                ret = wc_dilithium_set_level(key, (byte)ret);
-            }
-        }
-        else if (keyType != ANONk && autoKeyType != ANONk) {
-            if (keyType == autoKeyType)
-                ret = 0;
-            else
-                ret = ASN_PARSE_E;
-        }
-        else if (keyType != ANONk && autoKeyType == ANONk) {
-            ret = 0;
-        }
-        else { /* keyType == ANONk && autoKeyType == ANONk */
-            /*
-             * When decoding traditional format with not specifying a level will
-             * cause this error.
-             */
-            ret = ASN_PARSE_E;
-        }
-    }
-
-    if ((ret == 0) && (pubKey == NULL) && (pubKeyLen == 0)) {
-        /* Check if the public key is included in the private key. */
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if ((key->params->level == WC_ML_DSA_44_DRAFT) &&
-            (privKeyLen == DILITHIUM_LEVEL2_PRV_KEY_SIZE)) {
-            pubKey = privKey + DILITHIUM_LEVEL2_KEY_SIZE;
-            pubKeyLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
-            privKeyLen -= DILITHIUM_LEVEL2_PUB_KEY_SIZE;
-        }
-        else if ((key->params->level == WC_ML_DSA_65_DRAFT) &&
-                 (privKeyLen == DILITHIUM_LEVEL3_PRV_KEY_SIZE)) {
-            pubKey = privKey + DILITHIUM_LEVEL3_KEY_SIZE;
-            pubKeyLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE;
-            privKeyLen -= DILITHIUM_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if ((key->params->level == WC_ML_DSA_87_DRAFT) &&
-                 (privKeyLen == DILITHIUM_LEVEL5_PRV_KEY_SIZE)) {
-            pubKey = privKey + DILITHIUM_LEVEL5_KEY_SIZE;
-            pubKeyLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE;
-            privKeyLen -= DILITHIUM_LEVEL5_PUB_KEY_SIZE;
-        }
-        else
-    #endif
-        if ((key->level == WC_ML_DSA_44) &&
-            (privKeyLen == ML_DSA_LEVEL2_PRV_KEY_SIZE)) {
-            pubKey = privKey + ML_DSA_LEVEL2_KEY_SIZE;
-            pubKeyLen = ML_DSA_LEVEL2_PUB_KEY_SIZE;
-            privKeyLen -= ML_DSA_LEVEL2_PUB_KEY_SIZE;
-        }
-        else if ((key->level == WC_ML_DSA_65) &&
-                 (privKeyLen == ML_DSA_LEVEL3_PRV_KEY_SIZE)) {
-            pubKey = privKey + ML_DSA_LEVEL3_KEY_SIZE;
-            pubKeyLen = ML_DSA_LEVEL3_PUB_KEY_SIZE;
-            privKeyLen -= ML_DSA_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if ((key->level == WC_ML_DSA_87) &&
-                 (privKeyLen == ML_DSA_LEVEL5_PRV_KEY_SIZE)) {
-            pubKey = privKey + ML_DSA_LEVEL5_KEY_SIZE;
-            pubKeyLen = ML_DSA_LEVEL5_PUB_KEY_SIZE;
-            privKeyLen -= ML_DSA_LEVEL5_PUB_KEY_SIZE;
-        }
-    }
-
-    if (ret == 0) {
-        /* Generate a key pair if seed exists and decoded key pair is ignored */
-        if (seedLen != 0) {
-#if defined(WOLFSSL_WC_DILITHIUM) && !defined(WOLFSSL_DILITHIUM_NO_MAKE_KEY)
-            if (seedLen == DILITHIUM_SEED_SZ) {
-                ret = wc_dilithium_make_key_from_seed(key, seed);
-            }
-            else {
-                ret = ASN_PARSE_E;
-            }
-#else
-            ret = NOT_COMPILED_IN;
-#endif
-        }
-#if defined(WOLFSSL_DILITHIUM_PUBLIC_KEY)
-        /* Check whether public key data was found. */
-        else if (pubKeyLen != 0 && privKeyLen != 0) {
-            /* Import private and public key data. */
-            ret = wc_dilithium_import_key(privKey, privKeyLen, pubKey,
-                pubKeyLen, key);
-        }
-#endif
-        else if (pubKeyLen == 0 && privKeyLen != 0)
-        {
-            /* No public key data, only import private key data. */
-            ret = wc_dilithium_import_private(privKey, privKeyLen, key);
-        }
-        else {
-            /* Not a problem of ASN.1 structure, but the contents is invalid */
-            ret = ASN_PARSE_E;
-        }
-    }
-
-    (void)pubKey;
-    (void)pubKeyLen;
-
-    return ret;
-}
-
-#endif /* WOLFSSL_DILITHIUM_PRIVATE_KEY */
-
-#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-
-#if defined(WOLFSSL_DILITHIUM_NO_ASN1)
-#ifndef WOLFSSL_NO_ML_DSA_44
-static unsigned char ml_dsa_oid_44[] = {
-    0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11
-};
-#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-static unsigned char dilithium_oid_44[] = {
-    0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b,
-    0x0c, 0x04, 0x04
-};
-#endif
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_65
-static unsigned char ml_dsa_oid_65[] = {
-    0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12
-};
-#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-static unsigned char dilithium_oid_65[] = {
-    0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b,
-    0x0c, 0x06, 0x05
-};
-#endif
-#endif
-#ifndef WOLFSSL_NO_ML_DSA_87
-static unsigned char ml_dsa_oid_87[] = {
-    0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13
-};
-#if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-static unsigned char dilithium_oid_87[] = {
-    0x2b, 0x06, 0x01, 0x04, 0x01, 0x02, 0x82, 0x0b,
-    0x0c, 0x08, 0x07
-};
-#endif
-#endif
-
-static int dilitihium_get_der_length(const byte* input, word32* inOutIdx,
-    int *length, word32 inSz)
-{
-    int ret = 0;
-    word32 idx = *inOutIdx;
-    word32 len = 0;
-
-    if (idx >= inSz) {
-        ret = ASN_PARSE_E;
-    }
-    else if (input[idx] < 0x80) {
-        len = input[idx];
-        idx++;
-    }
-    else if ((input[idx] == 0x80) || (input[idx] >= 0x83)) {
-        ret = ASN_PARSE_E;
-    }
-    else if (input[idx] == 0x81) {
-        if (idx + 1 >= inSz) {
-            ret = ASN_PARSE_E;
-        }
-        else if (input[idx + 1] < 0x80) {
-            ret = ASN_PARSE_E;
-        }
-        else {
-            len = input[idx + 1];
-            idx += 2;
-        }
-    }
-    else if (input[idx] == 0x82) {
-        if (idx + 2 >= inSz) {
-            ret = ASN_PARSE_E;
-        }
-        else {
-            len = ((word16)input[idx + 1] << 8) + input[idx + 2];
-            idx += 3;
-            if (len < 0x100) {
-                ret = ASN_PARSE_E;
-            }
-        }
-    }
-
-    if ((ret == 0) && ((idx + len) > inSz)) {
-        ret = ASN_PARSE_E;
-    }
-
-    *length = (int)len;
-    *inOutIdx = idx;
-    return ret;
-}
-
-static int dilithium_check_type(const byte* input, word32* inOutIdx, byte type,
-    word32 inSz)
-{
-    int ret = 0;
-    word32 idx = *inOutIdx;
-
-    if (idx >= inSz) {
-        ret = ASN_PARSE_E;
-    }
-    else if (input[idx] != type){
-        ret = ASN_PARSE_E;
-    }
-    else {
-        idx++;
-    }
-
-    *inOutIdx = idx;
-    return ret;
-}
-
-#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
-
-/* Decode the DER encoded Dilithium public key.
- *
- * @param [in]      input     Array holding DER encoded data.
- * @param [in, out] inOutIdx  On in, index into array of start of DER encoding.
- *                            On out, index into array after DER encoding.
- * @param [in, out] key       Dilithium key structure to hold the decoded key.
- *                            If the security level is set in the key structure
- *                            on input, the DER key will be decoded as such
- *                            and will fail if there is a mismatch. If the level
- *                            and parameters are not set in the key structure on
- *                            input, the level will be detected from the DER
- *                            file based on the algorithm OID, appropriately
- *                            decoded, then updated in the key structure on
- *                            output. Auto-detection of the security level is
- *                            not supported if compiled for FIPS 204
- *                            draft mode.
- * @param [in]      inSz      Total size of data in array.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when input, inOutIdx or key is NULL or inSz is 0.
- * @return  BAD_FUNC_ARG when level not set.
- * @return  Other negative on parse error.
- */
-int wc_Dilithium_PublicKeyDecode(const byte* input, word32* inOutIdx,
-    dilithium_key* key, word32 inSz)
-{
-    int ret = 0;
-    const byte* pubKey = NULL;
-    word32 pubKeyLen = 0;
-
-    /* Validate parameters. */
-    if ((input == NULL) || (inOutIdx == NULL) || (key == NULL) || (inSz == 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Try to import the key directly. */
-        ret = wc_dilithium_import_public(input, inSz, key);
-        if (ret != 0) {
-        #if !defined(WOLFSSL_DILITHIUM_NO_ASN1)
-            int keyType = 0;
-        #else
-            int length;
-            unsigned char* oid;
-            int oidLen;
-            word32 idx = 0;
-        #endif
-
-            /* Start again. */
-            ret = 0;
-
-    #if !defined(WOLFSSL_DILITHIUM_NO_ASN1)
-            /* Get OID sum for level. */
-        #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-            if (key->params == NULL) {
-                ret = BAD_FUNC_ARG;
-            }
-            else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-                keyType = DILITHIUM_LEVEL2k;
-            }
-            else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-                keyType = DILITHIUM_LEVEL3k;
-            }
-            else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-                keyType = DILITHIUM_LEVEL5k;
-            }
-            else
-        #endif
-            if (key->level == WC_ML_DSA_44) {
-                keyType = ML_DSA_LEVEL2k;
-            }
-            else if (key->level == WC_ML_DSA_65) {
-                keyType = ML_DSA_LEVEL3k;
-            }
-            else if (key->level == WC_ML_DSA_87) {
-                keyType = ML_DSA_LEVEL5k;
-            }
-            else {
-                /* Level not set by caller, decode from DER */
-                keyType = ANONk; /* 0, not a valid key type in this situation*/
-            }
-            if (ret == 0) {
-                /* Decode the asymmetric key and get out public key data. */
-                ret = DecodeAsymKeyPublic_Assign(input, inOutIdx, inSz,
-                                                 &pubKey, &pubKeyLen,
-                                                 &keyType);
-                if (ret == 0
-#ifdef WOLFSSL_WC_DILITHIUM
-                    && key->params == NULL
-#endif
-                ) {
-                    /* Set the security level based on the decoded key. */
-                    ret = mapOidToSecLevel(keyType);
-                    if (ret > 0) {
-                        ret = wc_dilithium_set_level(key, (byte)ret);
-                    }
-                }
-            }
-    #else
-            /* Get OID sum for level. */
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-            if (key->params == NULL) {
-                ret = BAD_FUNC_ARG;
-            }
-            else
-        #ifndef WOLFSSL_NO_ML_DSA_44
-            if (key->params->level == WC_ML_DSA_44_DRAFT) {
-                oid = dilithium_oid_44;
-                oidLen = (int)sizeof(dilithium_oid_44);
-            }
-            else
-        #endif
-        #ifndef WOLFSSL_NO_ML_DSA_65
-            if (key->params->level == WC_ML_DSA_65_DRAFT) {
-                oid = dilithium_oid_65;
-                oidLen = (int)sizeof(dilithium_oid_65);
-            }
-            else
-        #endif
-        #ifndef WOLFSSL_NO_ML_DSA_87
-            if (key->params->level == WC_ML_DSA_87_DRAFT) {
-                oid = dilithium_oid_87;
-                oidLen = (int)sizeof(dilithium_oid_87);
-            }
-            else
-        #endif
-    #endif
-        #ifndef WOLFSSL_NO_ML_DSA_44
-            if (key->level == WC_ML_DSA_44) {
-                oid = ml_dsa_oid_44;
-                oidLen = (int)sizeof(ml_dsa_oid_44);
-            }
-            else
-        #endif
-        #ifndef WOLFSSL_NO_ML_DSA_65
-            if (key->level == WC_ML_DSA_65) {
-                oid = ml_dsa_oid_65;
-                oidLen = (int)sizeof(ml_dsa_oid_65);
-            }
-            else
-        #endif
-        #ifndef WOLFSSL_NO_ML_DSA_87
-            if (key->level == WC_ML_DSA_87) {
-                oid = ml_dsa_oid_87;
-                oidLen = (int)sizeof(ml_dsa_oid_87);
-            }
-            else
-        #endif
-            {
-                /* Level not set. */
-                ret = BAD_FUNC_ARG;
-            }
-            if (ret == 0) {
-                ret = dilithium_check_type(input, &idx, 0x30, inSz);
-            }
-            if (ret == 0) {
-                ret = dilitihium_get_der_length(input, &idx, &length, inSz);
-            }
-            if (ret == 0) {
-                ret = dilithium_check_type(input, &idx, 0x30, inSz);
-            }
-            if (ret == 0) {
-                ret = dilitihium_get_der_length(input, &idx, &length, inSz);
-            }
-            if (ret == 0) {
-                ret = dilithium_check_type(input, &idx, 0x06, inSz);
-            }
-            if (ret == 0) {
-                ret = dilitihium_get_der_length(input, &idx, &length, inSz);
-            }
-            if (ret == 0) {
-                if ((length != oidLen) ||
-                        (XMEMCMP(input + idx, oid, oidLen) != 0)) {
-                    ret = ASN_PARSE_E;
-                }
-                idx += oidLen;
-            }
-            if (ret == 0) {
-                ret = dilithium_check_type(input, &idx, 0x03, inSz);
-            }
-            if (ret == 0) {
-                ret = dilitihium_get_der_length(input, &idx, &length, inSz);
-            }
-            if (ret == 0) {
-                if ((input[idx] != 0) || (length == 0)) {
-                    ret = ASN_PARSE_E;
-                }
-                idx++;
-                length--;
-            }
-            if (ret == 0) {
-                /* This is the raw point data compressed or uncompressed. */
-                pubKeyLen = (word32)length;
-                pubKey = input + idx;
-
-                *inOutIdx += idx;
-            }
-    #endif
-            if (ret == 0) {
-                /* Import public key data. */
-                ret = wc_dilithium_import_public(pubKey, pubKeyLen, key);
-            }
-        }
-    }
-    return ret;
-}
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-
-#ifdef WC_ENABLE_ASYM_KEY_EXPORT
-/* Encode the public part of a Dilithium key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key      Dilithium key object.
- * @param [out] output   Buffer to put encoded data in.
- * @param [in]  len      Size of buffer in bytes.
- * @param [in]  withAlg  Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Dilithium_PublicKeyToDer(dilithium_key* key, byte* output, word32 len,
-    int withAlg)
-{
-    int ret = 0;
-    int keyType = 0;
-    word32 pubKeyLen = 0;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check we have a public key to encode. */
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Get OID and length for level. */
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            keyType = DILITHIUM_LEVEL2k;
-            pubKeyLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            keyType = DILITHIUM_LEVEL3k;
-            pubKeyLen = DILITHIUM_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            keyType = DILITHIUM_LEVEL5k;
-            pubKeyLen = DILITHIUM_LEVEL5_PUB_KEY_SIZE;
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            keyType = ML_DSA_LEVEL2k;
-            pubKeyLen = ML_DSA_LEVEL2_PUB_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            keyType = ML_DSA_LEVEL3k;
-            pubKeyLen = ML_DSA_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            keyType = ML_DSA_LEVEL5k;
-            pubKeyLen = ML_DSA_LEVEL5_PUB_KEY_SIZE;
-        }
-        else {
-            /* Level not set. */
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        ret = SetAsymKeyDerPublic(key->p, pubKeyLen, output, len, keyType,
-            withAlg);
-    }
-
-    return ret;
-}
-#endif /* WC_ENABLE_ASYM_KEY_EXPORT */
-
-#endif /* !WOLFSSL_DILITHIUM_NO_ASN1 */
-
-#endif /* WOLFSSL_DILITHIUM_PUBLIC_KEY */
-
-#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
-
-#ifndef WOLFSSL_DILITHIUM_NO_ASN1
-
-#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
-/* Encode the private and public data of a Dilithium key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key     Dilithium key object.
- * @param [out] output  Buffer to put encoded data in.
- * @param [in]  len     Size of buffer in bytes.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Dilithium_KeyToDer(dilithium_key* key, byte* output, word32 len)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    /* Validate parameters and check public and private key set. */
-    if ((key != NULL) && key->prvKeySet && key->pubKeySet) {
-        /* Create DER for level. */
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL2_KEY_SIZE, key->p,
-                DILITHIUM_LEVEL2_PUB_KEY_SIZE, output, len, DILITHIUM_LEVEL2k);
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL3_KEY_SIZE, key->p,
-                DILITHIUM_LEVEL3_PUB_KEY_SIZE, output, len, DILITHIUM_LEVEL3k);
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL5_KEY_SIZE, key->p,
-                DILITHIUM_LEVEL5_PUB_KEY_SIZE, output, len, DILITHIUM_LEVEL5k);
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL2_KEY_SIZE, key->p,
-                ML_DSA_LEVEL2_PUB_KEY_SIZE, output, len, ML_DSA_LEVEL2k);
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL3_KEY_SIZE, key->p,
-                ML_DSA_LEVEL3_PUB_KEY_SIZE, output, len, ML_DSA_LEVEL3k);
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL5_KEY_SIZE, key->p,
-                ML_DSA_LEVEL5_PUB_KEY_SIZE, output, len, ML_DSA_LEVEL5k);
-        }
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_DILITHIUM_PUBLIC_KEY */
-
-/* Encode the private data of a Dilithium key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key     Dilithium key object.
- * @param [out] output  Buffer to put encoded data in.
- * @param [in]  len     Size of buffer in bytes.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Dilithium_PrivateKeyToDer(dilithium_key* key, byte* output, word32 len)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    /* Validate parameters and check private key set. */
-    if ((key != NULL) && key->prvKeySet) {
-        /* Create DER for level. */
-    #if defined(WOLFSSL_DILITHIUM_FIPS204_DRAFT)
-        if (key->params == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-        else if (key->params->level == WC_ML_DSA_44_DRAFT) {
-            ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL2_KEY_SIZE, NULL, 0,
-                output, len, DILITHIUM_LEVEL2k);
-        }
-        else if (key->params->level == WC_ML_DSA_65_DRAFT) {
-            ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL3_KEY_SIZE, NULL, 0,
-                output, len, DILITHIUM_LEVEL3k);
-        }
-        else if (key->params->level == WC_ML_DSA_87_DRAFT) {
-            ret = SetAsymKeyDer(key->k, DILITHIUM_LEVEL5_KEY_SIZE, NULL, 0,
-                output, len, DILITHIUM_LEVEL5k);
-        }
-        else
-    #endif
-        if (key->level == WC_ML_DSA_44) {
-            ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL2_KEY_SIZE, NULL, 0, output,
-                len, ML_DSA_LEVEL2k);
-        }
-        else if (key->level == WC_ML_DSA_65) {
-            ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL3_KEY_SIZE, NULL, 0, output,
-                len, ML_DSA_LEVEL3k);
-        }
-        else if (key->level == WC_ML_DSA_87) {
-            ret = SetAsymKeyDer(key->k, ML_DSA_LEVEL5_KEY_SIZE, NULL, 0, output,
-                len, ML_DSA_LEVEL5k);
-        }
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_DILITHIUM_NO_ASN1 */
-
-#endif /* WOLFSSL_DILITHIUM_PRIVATE_KEY */
-
-#endif /* HAVE_DILITHIUM */
diff --git a/src/ssl/wolfssl/wolfcrypt/dsa.c b/src/ssl/wolfssl/wolfcrypt/dsa.c
deleted file mode 100644
index 13cc29f6a..000000000
--- a/src/ssl/wolfssl/wolfcrypt/dsa.c
+++ /dev/null
@@ -1,1168 +0,0 @@
-/* dsa.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_DSA
-
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/wolfmath.h>
-#include <wolfssl/wolfcrypt/sha.h>
-#include <wolfssl/wolfcrypt/dsa.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && !defined(WOLFSSL_SP_ASM)
-    /* force off unneeded vector register save/restore. */
-    #undef SAVE_VECTOR_REGISTERS
-    #define SAVE_VECTOR_REGISTERS(fail_clause) SAVE_NO_VECTOR_REGISTERS(fail_clause)
-    #undef RESTORE_VECTOR_REGISTERS
-    #define RESTORE_VECTOR_REGISTERS() RESTORE_NO_VECTOR_REGISTERS()
-#endif
-
-#ifdef _MSC_VER
-    /* disable for while(0) cases (MSVC bug) */
-    #pragma warning(disable:4127)
-#endif
-
-int wc_InitDsaKey(DsaKey* key)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    key->type = -1;  /* haven't decided yet */
-    key->heap = NULL;
-
-    return mp_init_multi(
-        /* public  alloc parts */
-        &key->p,
-        &key->q,
-        &key->g,
-        &key->y,
-
-        /* private alloc parts */
-        &key->x,
-        NULL
-    );
-}
-
-
-int wc_InitDsaKey_h(DsaKey* key, void* h)
-{
-    int ret = wc_InitDsaKey(key);
-    if (ret == 0)
-        key->heap = h;
-
-    return ret;
-}
-
-
-void wc_FreeDsaKey(DsaKey* key)
-{
-    if (key == NULL)
-        return;
-
-    if (key->type == DSA_PRIVATE)
-        mp_forcezero(&key->x);
-
-    mp_clear(&key->x);
-    mp_clear(&key->y);
-    mp_clear(&key->g);
-    mp_clear(&key->q);
-    mp_clear(&key->p);
-}
-
-
-/* validate that (L,N) match allowed sizes from FIPS 186-4, Section 4.2.
- * modLen - represents L, the size of p (prime modulus) in bits
- * divLen - represents N, the size of q (prime divisor) in bits
- * return 0 on success, -1 on error */
-static int CheckDsaLN(int modLen, int divLen)
-{
-    int ret = -1;
-
-    switch (modLen) {
-#ifdef WOLFSSL_DSA_768_MODULUS
-        case 768:
-#endif
-        case 1024:
-            if (divLen == 160)
-                ret = 0;
-            break;
-        case 2048:
-            if (divLen == 224 || divLen == 256)
-                ret = 0;
-            break;
-        case 3072:
-            if (divLen == 256)
-                ret = 0;
-            break;
-        default:
-            break;
-    }
-
-    return ret;
-}
-
-
-#ifdef WOLFSSL_KEY_GEN
-
-/* Create DSA key pair (&dsa->x, &dsa->y)
- *
- * Based on NIST FIPS 186-4,
- * "B.1.1 Key Pair Generation Using Extra Random Bits"
- *
- * rng - pointer to initialized WC_RNG structure
- * dsa - pointer to initialized DsaKey structure, will hold generated key
- *
- * return 0 on success, negative on error */
-int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa)
-{
-    int qSz, pSz, cSz, err;
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int *tmpQ = NULL;
-    byte* cBuf = NULL;
-#else
-    mp_int tmpQ[1];
-    byte cBuf[(3072+64)/WOLFSSL_BIT_SIZE ];
-#endif
-
-    if (rng == NULL || dsa == NULL)
-        return BAD_FUNC_ARG;
-
-    qSz = mp_unsigned_bin_size(&dsa->q);
-    pSz = mp_unsigned_bin_size(&dsa->p);
-
-    /* verify (L,N) pair bit lengths */
-    if (CheckDsaLN(pSz * WOLFSSL_BIT_SIZE, qSz * WOLFSSL_BIT_SIZE) != 0)
-        return BAD_FUNC_ARG;
-
-    /* generate extra 64 bits so that bias from mod function is negligible */
-    cSz = qSz + (64 / WOLFSSL_BIT_SIZE);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    cBuf = (byte*)XMALLOC((size_t)cSz, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (cBuf == NULL) {
-        return MEMORY_E;
-    }
-#else
-    if (sizeof(cBuf) < (size_t)cSz) {
-        return BUFFER_E;
-    }
-#endif
-
-    SAVE_VECTOR_REGISTERS(;);
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    if ((tmpQ = (mp_int *)XMALLOC(sizeof(*tmpQ), NULL,
-            DYNAMIC_TYPE_WOLF_BIGINT)) == NULL)
-        err = MEMORY_E;
-    else
-        err = MP_OKAY;
-
-    if (err == MP_OKAY)
-#endif
-        err = mp_init_multi(&dsa->x, &dsa->y, tmpQ, NULL, NULL, NULL);
-
-    if (err == MP_OKAY) {
-        do {
-            /* Generate N+64 bits (c) from RNG into &dsa->x, making sure
-             * result is positive.
-             * Hash_DRBG uses SHA-256 which matches maximum
-             * requested_security_strength of (L,N).
-             */
-            err = wc_RNG_GenerateBlock(rng, cBuf, (word32)cSz);
-            if (err != MP_OKAY)
-                break;
-            err = mp_read_unsigned_bin(&dsa->x, cBuf, (word32)cSz);
-            if (err != MP_OKAY)
-                break;
-        } while (mp_cmp_d(&dsa->x, 1) != MP_GT);
-    }
-
-    /* tmpQ = q - 1 */
-    if (err == MP_OKAY)
-        err = mp_copy(&dsa->q, tmpQ);
-
-    if (err == MP_OKAY)
-        err = mp_sub_d(tmpQ, 1, tmpQ);
-
-    /* x = c mod (q-1), &dsa->x holds c */
-    if (err == MP_OKAY)
-        err = mp_mod(&dsa->x, tmpQ, &dsa->x);
-
-    /* x = c mod (q-1) + 1 */
-    if (err == MP_OKAY)
-        err = mp_add_d(&dsa->x, 1, &dsa->x);
-
-    /* public key : y = g^x mod p */
-    if (err == MP_OKAY) {
-        err = mp_exptmod_ex(&dsa->g, &dsa->x, (int)dsa->q.used, &dsa->p,
-            &dsa->y);
-    }
-
-    if (err == MP_OKAY)
-        dsa->type = DSA_PRIVATE;
-
-    if (err != MP_OKAY) {
-        mp_clear(&dsa->x);
-        mp_clear(&dsa->y);
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(cBuf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (tmpQ != NULL) {
-        mp_clear(tmpQ);
-        XFREE(tmpQ, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#else
-    mp_clear(tmpQ);
-#endif
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-
-/* modulus_size in bits */
-int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
-{
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    mp_int *tmp = NULL, *tmp2 = NULL;
-    unsigned char *buf = NULL;
-#else
-    mp_int tmp[1], tmp2[1];
-    unsigned char buf[(3072/WOLFSSL_BIT_SIZE)-32];
-#endif
-    int     err, msize, qsize,
-            loop_check_prime = 0,
-            check_prime = MP_NO;
-
-
-    if (rng == NULL || dsa == NULL)
-        return BAD_FUNC_ARG;
-
-    /* set group size in bytes from modulus size
-     * FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
-     */
-    switch (modulus_size) {
-#ifdef WOLFSSL_DSA_768_MODULUS
-    /* This key length is insecure and only included for bind 9 testing */
-        case 768:
-#endif
-        case 1024:
-            qsize = 20;
-            break;
-        case 2048:
-        case 3072:
-            qsize = 32;
-            break;
-        default:
-            return BAD_FUNC_ARG;
-    }
-
-    /* modulus size in bytes */
-    msize = modulus_size / WOLFSSL_BIT_SIZE;
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* allocate ram */
-    buf = (unsigned char *)XMALLOC((size_t)(msize - qsize),
-                                   dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (buf == NULL) {
-        return MEMORY_E;
-    }
-#else
-    if (sizeof(buf) < (size_t)(msize - qsize)) {
-        return BUFFER_E;
-    }
-#endif
-
-    /* make a random string that will be multiplied against q */
-    err = wc_RNG_GenerateBlock(rng, buf, (word32)(msize - qsize));
-    if (err != MP_OKAY) {
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    #endif
-        return err;
-    }
-
-    /* force magnitude */
-    buf[0] |= 0xC0;
-
-    /* force even */
-    buf[msize - qsize - 1] &= (unsigned char)~1;
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
-        ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL))
-        err = MEMORY_E;
-    else
-        err = MP_OKAY;
-
-    if (err == MP_OKAY)
-#endif
-        err = mp_init_multi(tmp, tmp2, &dsa->p, &dsa->q, 0, 0);
-
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(tmp2, buf, (word32)(msize - qsize));
-
-    /* make our prime q */
-    if (err == MP_OKAY)
-        err = mp_rand_prime(&dsa->q, qsize, rng, NULL);
-
-    /* p = random * q */
-    if (err == MP_OKAY)
-        err = mp_mul(&dsa->q, tmp2, &dsa->p);
-
-    /* p = random * q + 1, so q is a prime divisor of p-1 */
-    if (err == MP_OKAY)
-        err = mp_add_d(&dsa->p, 1, &dsa->p);
-
-    /* tmp = 2q  */
-    if (err == MP_OKAY)
-        err = mp_add(&dsa->q, &dsa->q, tmp);
-
-    if (err == MP_OKAY) {
-        /* loop until p is prime */
-        while (check_prime == MP_NO) {
-            err = mp_prime_is_prime_ex(&dsa->p, 8, &check_prime, rng);
-            if (err != MP_OKAY)
-                break;
-            if (check_prime != MP_YES) {
-                /* p += 2q */
-                err = mp_add(tmp, &dsa->p, &dsa->p);
-                if (err != MP_OKAY)
-                    break;
-                loop_check_prime++;
-            }
-        }
-    }
-
-    /* tmp2 += (2*loop_check_prime)
-     * to have p = (q * tmp2) + 1 prime
-     */
-    if (err == MP_OKAY) {
-        if (loop_check_prime)
-            err = mp_add_d(tmp2, 2 * (mp_digit)loop_check_prime, tmp2);
-    }
-
-    if (err == MP_OKAY)
-        err = mp_init(&dsa->g);
-
-    /* find a value g for which g^tmp2 != 1 */
-    if (err == MP_OKAY)
-        err = mp_set(&dsa->g, 1);
-
-    if (err == MP_OKAY) {
-        do {
-            err = mp_add_d(&dsa->g, 1, &dsa->g);
-            if (err != MP_OKAY)
-                break;
-            err = mp_exptmod(&dsa->g, tmp2, &dsa->p, tmp);
-            if (err != MP_OKAY)
-                break;
-        } while (mp_cmp_d(tmp, 1) == MP_EQ);
-    }
-
-    /* at this point tmp generates a group of order q mod p */
-    if (err == MP_OKAY) {
-#ifndef USE_FAST_MATH
-        /* Exchanging is quick when the data pointer can be copied. */
-        err = mp_exch(tmp, &dsa->g);
-#else
-        err = mp_copy(tmp, &dsa->g);
-#endif
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (tmp != NULL) {
-        mp_clear(tmp);
-        XFREE(tmp, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-    if (tmp2 != NULL) {
-        mp_clear(tmp2);
-        XFREE(tmp2, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-#else
-    mp_clear(tmp);
-    mp_clear(tmp2);
-#endif
-    if (err != MP_OKAY) {
-        mp_clear(&dsa->q);
-        mp_clear(&dsa->p);
-        mp_clear(&dsa->g);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_KEY_GEN */
-
-
-static int _DsaImportParamsRaw(DsaKey* dsa, const char* p, const char* q,
-                          const char* g, int trusted, WC_RNG* rng)
-{
-    int err;
-    int pSz, qSz;
-
-    if (dsa == NULL || p == NULL || q == NULL || g == NULL)
-        return BAD_FUNC_ARG;
-
-    /* read p */
-    err = mp_read_radix(&dsa->p, p, MP_RADIX_HEX);
-    if (err == MP_OKAY && !trusted) {
-        int isPrime = 1;
-        if (rng == NULL)
-            err = mp_prime_is_prime(&dsa->p, 8, &isPrime);
-        else
-            err = mp_prime_is_prime_ex(&dsa->p, 8, &isPrime, rng);
-
-        if (err == MP_OKAY) {
-            if (!isPrime)
-                err = DH_CHECK_PUB_E;
-        }
-    }
-
-    /* read q */
-    if (err == MP_OKAY)
-        err = mp_read_radix(&dsa->q, q, MP_RADIX_HEX);
-
-    /* read g */
-    if (err == MP_OKAY)
-        err = mp_read_radix(&dsa->g, g, MP_RADIX_HEX);
-
-    /* verify (L,N) pair bit lengths */
-    pSz = mp_unsigned_bin_size(&dsa->p);
-    qSz = mp_unsigned_bin_size(&dsa->q);
-
-    if (CheckDsaLN(pSz * WOLFSSL_BIT_SIZE, qSz * WOLFSSL_BIT_SIZE) != 0) {
-        WOLFSSL_MSG("Invalid DSA p or q parameter size");
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err != MP_OKAY) {
-        mp_clear(&dsa->p);
-        mp_clear(&dsa->q);
-        mp_clear(&dsa->g);
-    }
-
-    return err;
-}
-
-
-/* Import raw DSA parameters into DsaKey structure for use with wc_MakeDsaKey(),
- * input parameters (p,q,g) should be represented as ASCII hex values.
- *
- * dsa  - pointer to initialized DsaKey structure
- * p    - DSA (p) parameter, ASCII hex string
- * pSz  - length of p
- * q    - DSA (q) parameter, ASCII hex string
- * qSz  - length of q
- * g    - DSA (g) parameter, ASCII hex string
- * gSz  - length of g
- *
- * returns 0 on success, negative upon failure
- */
-int wc_DsaImportParamsRaw(DsaKey* dsa, const char* p, const char* q,
-                          const char* g)
-{
-    return _DsaImportParamsRaw(dsa, p, q, g, 1, NULL);
-}
-
-
-/* Import raw DSA parameters into DsaKey structure for use with wc_MakeDsaKey(),
- * input parameters (p,q,g) should be represented as ASCII hex values. Check
- * that the p value is probably prime.
- *
- * dsa  - pointer to initialized DsaKey structure
- * p    - DSA (p) parameter, ASCII hex string
- * pSz  - length of p
- * q    - DSA (q) parameter, ASCII hex string
- * qSz  - length of q
- * g    - DSA (g) parameter, ASCII hex string
- * gSz  - length of g
- * trusted - trust that p is OK
- * rng  - random number generator for the prime test
- *
- * returns 0 on success, negative upon failure
- */
-int wc_DsaImportParamsRawCheck(DsaKey* dsa, const char* p, const char* q,
-                          const char* g, int trusted, WC_RNG* rng)
-{
-    return _DsaImportParamsRaw(dsa, p, q, g, trusted, rng);
-}
-
-
-/* Export raw DSA parameters from DsaKey structure
- *
- * dsa  - pointer to initialized DsaKey structure
- * p    - output location for DSA (p) parameter
- * pSz  - [IN/OUT] size of output buffer for p, size of p
- * q    - output location for DSA (q) parameter
- * qSz  - [IN/OUT] size of output buffer for q, size of q
- * g    - output location for DSA (g) parameter
- * gSz  - [IN/OUT] size of output buffer for g, size of g
- *
- * If p, q, and g pointers are all passed in as NULL, the function
- * will set pSz, qSz, and gSz to the required output buffer sizes for p,
- * q, and g. In this case, the function will return LENGTH_ONLY_E.
- *
- * returns 0 on success, negative upon failure
- */
-int wc_DsaExportParamsRaw(DsaKey* dsa, byte* p, word32* pSz,
-                          byte* q, word32* qSz, byte* g, word32* gSz)
-{
-    int err;
-    word32 pLen, qLen, gLen;
-
-    if (dsa == NULL || pSz == NULL || qSz == NULL || gSz == NULL)
-        return BAD_FUNC_ARG;
-
-    /* get required output buffer sizes */
-    pLen = (word32)mp_unsigned_bin_size(&dsa->p);
-    qLen = (word32)mp_unsigned_bin_size(&dsa->q);
-    gLen = (word32)mp_unsigned_bin_size(&dsa->g);
-
-    /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */
-    if (p == NULL && q == NULL && g == NULL) {
-        *pSz = pLen;
-        *qSz = qLen;
-        *gSz = gLen;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if (p == NULL || q == NULL || g == NULL)
-        return BAD_FUNC_ARG;
-
-    /* export p */
-    if (*pSz < pLen) {
-        WOLFSSL_MSG("Output buffer for DSA p parameter too small, "
-                    "required size placed into pSz");
-        *pSz = pLen;
-        return BUFFER_E;
-    }
-    *pSz = pLen;
-    err = mp_to_unsigned_bin(&dsa->p, p);
-
-    /* export q */
-    if (err == MP_OKAY) {
-        if (*qSz < qLen) {
-            WOLFSSL_MSG("Output buffer for DSA q parameter too small, "
-                        "required size placed into qSz");
-            *qSz = qLen;
-            return BUFFER_E;
-        }
-        *qSz = qLen;
-        err = mp_to_unsigned_bin(&dsa->q, q);
-    }
-
-    /* export g */
-    if (err == MP_OKAY) {
-        if (*gSz < gLen) {
-            WOLFSSL_MSG("Output buffer for DSA g parameter too small, "
-                        "required size placed into gSz");
-            *gSz = gLen;
-            return BUFFER_E;
-        }
-        *gSz = gLen;
-        err = mp_to_unsigned_bin(&dsa->g, g);
-    }
-
-    return err;
-}
-
-
-/* Export raw DSA key (x, y) from DsaKey structure
- *
- * dsa  - pointer to initialized DsaKey structure
- * x    - output location for private key
- * xSz  - [IN/OUT] size of output buffer for x, size of x
- * y    - output location for public key
- * ySz  - [IN/OUT] size of output buffer for y, size of y
- *
- * If x and y pointers are all passed in as NULL, the function
- * will set xSz and ySz to the required output buffer sizes for x
- * and y. In this case, the function will return LENGTH_ONLY_E.
- *
- * returns 0 on success, negative upon failure
- */
-int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
-{
-    int err;
-    word32 xLen, yLen;
-
-    if (dsa == NULL || xSz == NULL || ySz == NULL)
-        return BAD_FUNC_ARG;
-
-    /* get required output buffer sizes */
-    xLen = (word32)mp_unsigned_bin_size(&dsa->x);
-    yLen = (word32)mp_unsigned_bin_size(&dsa->y);
-
-    /* return buffer sizes and LENGTH_ONLY_E if buffers are NULL */
-    if (x == NULL && y == NULL) {
-        *xSz = xLen;
-        *ySz = yLen;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if (x == NULL || y == NULL)
-        return BAD_FUNC_ARG;
-
-    /* export x */
-    if (*xSz < xLen) {
-        WOLFSSL_MSG("Output buffer for DSA private key (x) too small, "
-                    "required size placed into xSz");
-        *xSz = xLen;
-        return BUFFER_E;
-    }
-    *xSz = xLen;
-    err = mp_to_unsigned_bin(&dsa->x, x);
-
-    /* export y */
-    if (err == MP_OKAY) {
-        if (*ySz < yLen) {
-            WOLFSSL_MSG("Output buffer to DSA public key (y) too small, "
-                        "required size placed into ySz");
-            *ySz = yLen;
-            return BUFFER_E;
-        }
-        *ySz = yLen;
-        err = mp_to_unsigned_bin(&dsa->y, y);
-    }
-
-    return err;
-}
-
-int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
-{
-    /* use sha1 by default for backwards compatibility */
-    return wc_DsaSign_ex(digest, WC_SHA_DIGEST_SIZE, out, key, rng);
-}
-
-int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
-    WC_RNG* rng)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int  *k = NULL;
-    mp_int  *kInv = NULL;
-    mp_int  *r = NULL;
-    mp_int  *s = NULL;
-    mp_int  *H = NULL;
-#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-    mp_int  *b = NULL;
-#endif
-    byte    *buffer = NULL;
-#else
-    mp_int  k[1], kInv[1], r[1], s[1], H[1];
-#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-    mp_int  b[1];
-#endif
-    byte    buffer[DSA_MAX_HALF_SIZE];
-#endif
-    mp_int* qMinus1;
-    int     ret = 0;
-    word32  halfSz = 0;
-
-    if (digest == NULL || out == NULL || key == NULL || rng == NULL)
-        return BAD_FUNC_ARG;
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    do {
-#ifdef WOLFSSL_SMALL_STACK
-        k = (mp_int *)XMALLOC(sizeof *k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        kInv = (mp_int *)XMALLOC(sizeof *kInv, key->heap,
-                                 DYNAMIC_TYPE_TMP_BUFFER);
-        r = (mp_int *)XMALLOC(sizeof *r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        s = (mp_int *)XMALLOC(sizeof *s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        H = (mp_int *)XMALLOC(sizeof *H, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-        b = (mp_int *)XMALLOC(sizeof *b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-        buffer = (byte *)XMALLOC(DSA_MAX_HALF_SIZE, key->heap,
-                                 DYNAMIC_TYPE_TMP_BUFFER);
-
-        if ((k == NULL) ||
-            (kInv == NULL) ||
-            (r == NULL) ||
-            (s == NULL) ||
-            (H == NULL)
-#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-            || (b == NULL)
-#endif
-            || (buffer == NULL)) {
-            ret = MEMORY_E;
-            break;
-        }
-#endif
-
-#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-        if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
-#else
-            if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
-#endif
-                {
-                    ret = MP_INIT_E;
-                    break;
-                }
-
-        halfSz = min(DSA_MAX_HALF_SIZE, (word32)mp_unsigned_bin_size(&key->q));
-        /* NIST FIPS 186-4: Sections 4.1
-         * q is a prime divisor where 2^(N-1) < q < 2^N and N is the bit length
-         * of q.
-         * To satisfy this constraint if N is 0 then q would still need to be
-         * larger than 0.5, but since there is 0 bits in q it can not be any
-         * value.
-         */
-        if (halfSz == 0) {
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-
-        qMinus1 = kInv;
-
-        /* NIST FIPS 186-4: B.2.2
-         * Per-Message Secret Number Generation by Testing Candidates
-         * Generate k in range [1, q-1].
-         *   Check that k is less than q-1: range [0, q-2].
-         *   Add 1 to k: range [1, q-1].
-         */
-        if (mp_sub_d(&key->q, 1, qMinus1)) {
-            ret = MP_SUB_E;
-            break;
-        }
-
-        /* if q-1 is 0 or smaller, k will never end up being less than it */
-        if (mp_iszero(qMinus1) || mp_isneg(qMinus1)) {
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-
-        do {
-            /* Step 4: generate k */
-            if ((ret = wc_RNG_GenerateBlock(rng, buffer, halfSz))) {
-                break;
-            }
-
-            /* Step 5 */
-            if (mp_read_unsigned_bin(k, buffer, halfSz) != MP_OKAY) {
-                ret = MP_READ_E;
-                break;
-            }
-
-            /* k is a random number and it should be less than q-1
-             * if k greater than repeat
-             */
-            /* Step 6 */
-        } while (mp_cmp(k, qMinus1) != MP_LT);
-
-        if (ret != 0)
-            break;
-
-        /* Step 7 */
-        if (mp_add_d(k, 1, k) != MP_OKAY) {
-            ret = MP_MOD_E;
-            break;
-        }
-
-#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-        /* inverse k mod q */
-        if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
-            ret = MP_INVMOD_E;
-            break;
-        }
-
-        /* generate r, r = (g exp k mod p) mod q */
-        if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-            break;
-        }
-
-        if (mp_mod(r, &key->q, r) != MP_OKAY) {
-            ret = MP_MOD_E;
-            break;
-        }
-
-        /* generate H from sha digest */
-        if (mp_read_unsigned_bin(H, digest, digestSz) != MP_OKAY) {
-            ret = MP_READ_E;
-            break;
-        }
-
-        /* generate s, s = (kInv * (H + x*r)) % q */
-        if (mp_mul(&key->x, r, s) != MP_OKAY) {
-            ret = MP_MUL_E;
-            break;
-        }
-
-        if (mp_add(s, H, s) != MP_OKAY) {
-            ret = MP_ADD_E;
-            break;
-        }
-
-        if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-#else
-        /* Blinding value
-         * Generate b in range [1, q-1].
-         */
-        do {
-            if ((ret = wc_RNG_GenerateBlock(rng, buffer, halfSz))) {
-                break;
-            }
-            if (mp_read_unsigned_bin(b, buffer, halfSz) != MP_OKAY) {
-                ret = MP_READ_E;
-                break;
-            }
-        } while (mp_cmp(b, qMinus1) != MP_LT);
-
-        if (ret != 0)
-            break;
-
-        if (mp_add_d(b, 1, b) != MP_OKAY) {
-            ret = MP_MOD_E;
-            break;
-        }
-
-        /* set H from sha digest */
-        if (mp_read_unsigned_bin(H, digest, digestSz) != MP_OKAY) {
-            ret = MP_READ_E;
-            break;
-        }
-
-        /* generate r, r = (g exp k mod p) mod q */
-        if (mp_exptmod_ex(&key->g, k, (int)key->q.used, &key->p, r) !=
-                MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-            break;
-        }
-
-        /* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */
-
-        /* k = k.b */
-        if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* kInv = 1/k.b mod q */
-        if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
-            ret = MP_INVMOD_E;
-            break;
-        }
-
-        if (mp_mod(r, &key->q, r) != MP_OKAY) {
-            ret = MP_MOD_E;
-            break;
-        }
-
-        /* s = x.r */
-        if (mp_mul(&key->x, r, s) != MP_OKAY) {
-            ret = MP_MUL_E;
-            break;
-        }
-
-        /* s = x.r/k.b */
-        if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* H = H/k.b */
-        if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* s = H/k.b + x.r/k.b = (H + x.r)/k.b */
-        if (mp_add(s, H, s) != MP_OKAY) {
-            ret = MP_ADD_E;
-            break;
-        }
-
-        /* s = b.(e + x.r)/k.b = (e + x.r)/k */
-        if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* s = (e + x.r)/k */
-        if (mp_mod(s, &key->q, s) != MP_OKAY) {
-            ret = MP_MOD_E;
-            break;
-        }
-#endif
-
-        /* detect zero r or s */
-        if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) {
-            ret = MP_ZERO_E;
-            break;
-        }
-
-        /* write out */
-        {
-            if (mp_to_unsigned_bin_len(r, out, (int)halfSz) != MP_OKAY)
-                ret = MP_TO_E;
-            else {
-                out += halfSz;  /* advance to s in output */
-                ret = mp_to_unsigned_bin_len(s, out, (int)halfSz);
-            }
-        }
-    } while (0);
-
-    RESTORE_VECTOR_REGISTERS();
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (k) {
-        if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
-            (ret != WC_NO_ERR_TRACE(MEMORY_E)))
-            mp_forcezero(k);
-        XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (kInv) {
-        if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
-            (ret != WC_NO_ERR_TRACE(MEMORY_E)))
-            mp_forcezero(kInv);
-        XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (r) {
-        if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
-            (ret != WC_NO_ERR_TRACE(MEMORY_E)))
-            mp_clear(r);
-        XFREE(r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (s) {
-        if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
-            (ret != WC_NO_ERR_TRACE(MEMORY_E)))
-            mp_clear(s);
-        XFREE(s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (H) {
-        if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
-            (ret != WC_NO_ERR_TRACE(MEMORY_E)))
-            mp_clear(H);
-        XFREE(H, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-    if (b) {
-        if ((ret != WC_NO_ERR_TRACE(MP_INIT_E)) &&
-            (ret != WC_NO_ERR_TRACE(MEMORY_E)))
-            mp_forcezero(b);
-        XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#endif
-    if (buffer) {
-        ForceZero(buffer, halfSz);
-        XFREE(buffer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#else /* !WOLFSSL_SMALL_STACK */
-    if (ret != WC_NO_ERR_TRACE(MP_INIT_E)) {
-        ForceZero(buffer, halfSz);
-        mp_forcezero(kInv);
-        mp_forcezero(k);
-#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-        mp_forcezero(b);
-#endif
-        mp_clear(H);
-        mp_clear(s);
-        mp_clear(r);
-    }
-#endif
-
-    return ret;
-}
-
-int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
-{
-    /* use sha1 by default for backwards compatibility */
-    return wc_DsaVerify_ex(digest, WC_SHA_DIGEST_SIZE, sig, key, answer);
-}
-
-int wc_DsaVerify_ex(const byte* digest, word32 digestSz, const byte* sig,
-    DsaKey* key, int* answer)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int *w = NULL;
-    mp_int *u1 = NULL;
-    mp_int *u2 = NULL;
-    mp_int *v = NULL;
-    mp_int *r = NULL;
-    mp_int *s = NULL;
-#else
-    mp_int w[1], u1[1], u2[1], v[1], r[1], s[1];
-#endif
-    int    ret = 0;
-    int    qSz;
-
-    if (digest == NULL || sig == NULL || key == NULL || answer == NULL)
-        return BAD_FUNC_ARG;
-
-    do {
-#ifdef WOLFSSL_SMALL_STACK
-        w = (mp_int *)XMALLOC(sizeof *w, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        u1 = (mp_int *)XMALLOC(sizeof *u1, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        u2 = (mp_int *)XMALLOC(sizeof *u2, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        v = (mp_int *)XMALLOC(sizeof *v, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        r = (mp_int *)XMALLOC(sizeof *r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        s = (mp_int *)XMALLOC(sizeof *s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-        if ((w == NULL) ||
-            (u1 == NULL) ||
-            (u2 == NULL) ||
-            (v == NULL) ||
-            (r == NULL) ||
-            (s == NULL)) {
-            ret = MEMORY_E;
-            break;
-        }
-#endif
-
-        if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
-            ret = MP_INIT_E;
-            break;
-        }
-
-        qSz = mp_unsigned_bin_size(&key->q);
-        if (qSz <= 0) {
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-
-        /* set r and s from signature */
-        if (mp_read_unsigned_bin(r, sig, (word32)qSz) != MP_OKAY ||
-            mp_read_unsigned_bin(s, sig + qSz, (word32)qSz) != MP_OKAY) {
-            ret = MP_READ_E;
-            break;
-        }
-
-        /* sanity checks */
-        if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES ||
-            mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
-            ret = MP_ZERO_E;
-            break;
-        }
-
-        /* put H into u1 from sha digest */
-        if (mp_read_unsigned_bin(u1,digest, digestSz) != MP_OKAY) {
-            ret = MP_READ_E;
-            break;
-        }
-
-        /* w = s invmod q */
-        if (mp_invmod(s, &key->q, w) != MP_OKAY) {
-            ret = MP_INVMOD_E;
-            break;
-        }
-
-        /* u1 = (H * w) % q */
-        if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* u2 = (r * w) % q */
-        if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* verify v = ((g^u1 * y^u2) mod p) mod q */
-        if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-            break;
-        }
-
-        if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-            break;
-        }
-
-        if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        if (mp_mod(v, &key->q, v) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-            break;
-        }
-
-        /* do they match */
-        if (mp_cmp(r, v) == MP_EQ)
-            *answer = 1;
-        else
-            *answer = 0;
-    } while (0);
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (s) {
-        if (ret != WC_NO_ERR_TRACE(MP_INIT_E) && ret != WC_NO_ERR_TRACE(MEMORY_E))
-            mp_clear(s);
-        XFREE(s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (r) {
-        if (ret != WC_NO_ERR_TRACE(MP_INIT_E) && ret != WC_NO_ERR_TRACE(MEMORY_E))
-            mp_clear(r);
-        XFREE(r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (u1) {
-        if (ret != WC_NO_ERR_TRACE(MP_INIT_E) && ret != WC_NO_ERR_TRACE(MEMORY_E))
-            mp_clear(u1);
-        XFREE(u1, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (u2) {
-        if (ret != WC_NO_ERR_TRACE(MP_INIT_E) && ret != WC_NO_ERR_TRACE(MEMORY_E))
-            mp_clear(u2);
-        XFREE(u2, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (w) {
-        if (ret != WC_NO_ERR_TRACE(MP_INIT_E) && ret != WC_NO_ERR_TRACE(MEMORY_E))
-            mp_clear(w);
-        XFREE(w, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (v) {
-        if (ret != WC_NO_ERR_TRACE(MP_INIT_E) && ret != WC_NO_ERR_TRACE(MEMORY_E))
-            mp_clear(v);
-        XFREE(v, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#else
-    if (ret != WC_NO_ERR_TRACE(MP_INIT_E)) {
-        mp_clear(s);
-        mp_clear(r);
-        mp_clear(u1);
-        mp_clear(u2);
-        mp_clear(w);
-        mp_clear(v);
-    }
-#endif
-
-    return ret;
-}
-
-
-#endif /* NO_DSA */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/eccsi.c b/src/ssl/wolfssl/wolfcrypt/eccsi.c
deleted file mode 100644
index d45f26a38..000000000
--- a/src/ssl/wolfssl/wolfcrypt/eccsi.c
+++ /dev/null
@@ -1,2298 +0,0 @@
-/* eccsi.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef WOLFCRYPT_HAVE_ECCSI
-
-#include <wolfssl/wolfcrypt/eccsi.h>
-#include <wolfssl/wolfcrypt/asn_public.h>
-#ifdef WOLFSSL_HAVE_SP_ECC
-    #include <wolfssl/wolfcrypt/sp.h>
-#endif
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && !defined(WOLFSSL_SP_ASM)
-    /* force off unneeded vector register save/restore. */
-    #undef SAVE_VECTOR_REGISTERS
-    #define SAVE_VECTOR_REGISTERS(fail_clause) SAVE_NO_VECTOR_REGISTERS(fail_clause)
-    #undef RESTORE_VECTOR_REGISTERS
-    #define RESTORE_VECTOR_REGISTERS() RESTORE_NO_VECTOR_REGISTERS()
-#endif
-
-#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
-    /* FIPS build has replaced ecc.h. */
-    #define wc_ecc_key_get_priv(key) (&((key)->k))
-    #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
-#endif
-
-/**
- * Initialize the components of the ECCSI key and use the specified curve.
- *
- * Must be called before performing any operations.
- * Free the ECCSI key with wc_FreeEccsiKey() when no longer needed.
- *
- * @param  [in]  key    ECCSI key to initialize.
- * @param  [in]  heap   Heap hint.
- * @param  [in]  devId  Device identifier.
- *                      Use INVALID_DEVID when no device used.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_InitEccsiKey_ex(EccsiKey* key, int keySz, int curveId, void* heap,
-        int devId)
-{
-    int err = 0;
-    ecc_key* ecc = NULL;
-    ecc_key* pubkey = NULL;
-    EccsiKeyParams* params = NULL;
-
-    if (key == NULL) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        XMEMSET(key, 0, sizeof(*key));
-        key->heap = heap;
-        params = &key->params;
-
-        err = wc_ecc_init_ex(&key->ecc, heap, devId);
-    }
-    if (err == 0) {
-        ecc = &key->ecc;
-        err = wc_ecc_init_ex(&key->pubkey, heap, devId);
-    }
-    if (err == 0) {
-        key->pvt = wc_ecc_new_point_h(heap);
-        if (key->pvt == NULL) {
-            err = MEMORY_E;
-        }
-    }
-    if (err == 0) {
-        pubkey = &key->pubkey;
-        err = mp_init_multi(&params->order,
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-                &params->a, &params->b, &params->prime, &key->tmp, &key->ssk
-#else
-                NULL, NULL, NULL, NULL, NULL
-#endif
-                );
-    }
-    if (err == 0) {
-        err = wc_ecc_set_curve(&key->ecc, keySz, curveId);
-    }
-    if (err == 0) {
-        err = wc_ecc_set_curve(&key->pubkey, keySz, curveId);
-    }
-
-    if (err != 0) {
-        wc_ecc_free(pubkey);
-        wc_ecc_free(ecc);
-    }
-
-    return err;
-}
-
-/**
- * Initialize the components of the ECCSI key.
- * Default curve used: NIST_P256 (ECC_SECP256R1)
- *
- * Must be called before performing any operations.
- * Free the ECCSI key with wc_FreeEccsiKey() when no longer needed.
- *
- * @param  [in]  key    ECCSI key to initialize.
- * @param  [in]  heap   Heap hint.
- * @param  [in]  devId  Device identifier.
- *                      Use INVALID_DEVID when no device used.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_InitEccsiKey(EccsiKey* key, void* heap, int devId)
-{
-    return wc_InitEccsiKey_ex(key, 32, ECC_SECP256R1, heap, devId);
-}
-
-/**
- * Frees memory associated with components of the ECCIS key.
- *
- * Must be called when finished with the ECCIS key.
- *
- * @param  [in]  key  ECCIS key.
- */
-void wc_FreeEccsiKey(EccsiKey* key)
-{
-    if (key != NULL) {
-        EccsiKeyParams* params = &key->params;
-
-        wc_ecc_del_point_h(params->base, key->heap);
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-        mp_free(&key->ssk);
-        mp_free(&key->tmp);
-        mp_free(&params->prime);
-        mp_free(&params->b);
-        mp_free(&params->a);
-#endif
-        mp_free(&params->order);
-        wc_ecc_del_point_h(key->pvt, key->heap);
-        wc_ecc_free(&key->pubkey);
-        wc_ecc_free(&key->ecc);
-        XMEMSET(key, 0, sizeof(*key));
-    }
-}
-
-/*
- * Order, as a hex string in the ECC object, loaded into mp_int in key.
- * Flags that the order is available so it isn't loaded multiple times.
- *
- * @param  [in]  key  ECCSI key.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_load_order(EccsiKey* key)
-{
-    int err = 0;
-
-    if (!key->params.haveOrder) {
-        err = mp_read_radix(&key->params.order, key->ecc.dp->order,
-                MP_RADIX_HEX);
-        if (err == 0) {
-            key->params.haveOrder = 1;
-        }
-    }
-
-    return err;
-}
-
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-/*
- * Parameters, as a hex strings in the ECC object, loaded into mp_ints in key.
- *
- * Parameters loaded: order, A, B, prime.
- * Flags that each parameter is available so they aren't loaded multiple times.
- *
- * @param  [in]  key  ECCSI key.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_load_ecc_params(EccsiKey* key)
-{
-    int err = 0;
-    EccsiKeyParams* params = &key->params;
-
-    err = eccsi_load_order(key);
-    if ((err == 0) && (!params->haveA)) {
-        err = mp_read_radix(&params->a, key->ecc.dp->Af, MP_RADIX_HEX);
-        if (err == 0) {
-            params->haveA = 1;
-        }
-    }
-    if ((err == 0) && (!params->haveB)) {
-        err = mp_read_radix(&params->b, key->ecc.dp->Bf, MP_RADIX_HEX);
-        if (err == 0) {
-            params->haveB = 1;
-        }
-    }
-    if ((err == 0) && (!params->havePrime)) {
-        err = mp_read_radix(&params->prime, key->ecc.dp->prime, MP_RADIX_HEX);
-        if (err == 0) {
-            params->havePrime = 1;
-        }
-    }
-
-    return err;
-}
-#endif /* WOLFCRYPT_ECCSI_CLIENT */
-
-/*
- * Get the base point, hex encoded in the ECC object, as an ecc_point.
- *
- * Flags that base is available so it isn't loaded multiple times.
-
- * @param  [in]   key   ECCSI key.
- * @param  [out]  base  Base point of curve.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_load_base(EccsiKey* key)
-{
-    int err = 0;
-    EccsiKeyParams* params = &key->params;
-
-    if (!params->haveBase) {
-        if (params->base == NULL) {
-            params->base = wc_ecc_new_point_h(key->heap);
-            if (params->base == NULL) {
-                err = MEMORY_E;
-            }
-        }
-        if (err == 0) {
-            err = mp_read_radix(params->base->x, key->ecc.dp->Gx, MP_RADIX_HEX);
-        }
-        if (err == 0) {
-            err = mp_read_radix(params->base->y, key->ecc.dp->Gy, MP_RADIX_HEX);
-        }
-        if (err == 0) {
-            err = mp_set(params->base->z, 1);
-        }
-        if (err == 0) {
-            params->haveBase = 1;
-        }
-    }
-
-    return err;
-}
-
-/*
- * Encode the base point of the curve.
- *
- * Base point is hex encoded in the ECC object or cached as an ECC point from
- * previous load calls.
- *
- * @param  [in]   key     ECCSI key.
- * @param  [out]  data    Buffer to encode base point into.
- * @param  [out]  dataSz  Length of base point in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_encode_base(EccsiKey* key, byte* data, word32* dataSz)
-{
-    int err;
-    int idx = wc_ecc_get_curve_idx(key->ecc.dp->id);
-
-    err = eccsi_load_base(key);
-    if (err == 0) {
-        err = wc_ecc_export_point_der(idx, key->params.base, data, dataSz);
-    }
-
-    return err;
-}
-
-#ifndef WOLFSSL_HAVE_SP_ECC
-/*
- * Convert the KPAK to montgomery form.
- *
- * The KPAK is needed in Montgomery form for verification.
- *
- * @param  [in]  key      ECCSI key.
- * @return  0 on success.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_kpak_to_mont(EccsiKey* key)
-{
-    int err = 0;
-    ecc_point* kpak = &key->ecc.pubkey;
-    mp_int* mu = &key->tmp;
-    mp_int* prime = &key->params.prime;
-
-    if (!key->kpakMont) {
-        err = mp_montgomery_calc_normalization(mu, prime);
-        if (err == 0) {
-            err = mp_mulmod(kpak->x, mu, prime, kpak->x);
-        }
-        if (err == 0) {
-            err = mp_mulmod(kpak->y, mu, prime, kpak->y);
-        }
-        if (err == 0) {
-            err = mp_mulmod(kpak->z, mu, prime, kpak->z);
-        }
-        if (err == 0) {
-            key->kpakMont = 1;
-        }
-    }
-
-    return err;
-}
-#endif
-
-/*
- * Convert the KPAK from montgomery form.
- *
- * The KPAK is needed in Montgomery form for verification.
- *
- * @param  [in]  key      ECCSI key.
- * @return  0 on success.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_kpak_from_mont(EccsiKey* key)
-{
-    int err = 0;
-    ecc_point* kpak = &key->ecc.pubkey;
-    mp_digit mp;
-    mp_int* prime = &key->params.prime;
-
-    if (key->kpakMont) {
-        err = mp_montgomery_setup(prime, &mp);
-        if (err == 0) {
-            err = mp_montgomery_reduce(kpak->x, prime, mp);
-        }
-        if (err == 0) {
-            err = mp_montgomery_reduce(kpak->y, prime, mp);
-        }
-        if (err == 0) {
-            err = mp_montgomery_reduce(kpak->z, prime, mp);
-        }
-        if (err == 0) {
-            key->kpakMont = 0;
-        }
-    }
-
-    return err;
-}
-
-/*
- * Compute HS = hash( G | KPAK | ID | PVT )
- *
- * Use when making a (SSK,PVT) pair, signing and verifying.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   id        Identity to create hash from.
- * @param  [in]   idSz      Length of identity in bytes.
- * @param  [in]   pvt       Public Validation Token (PVT) as an ECC point.
- * @param  [out]  hash      Buffer to hold hash data.
- * @param  [out]  hashSz    Length of hash data in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_compute_hs(EccsiKey* key, enum wc_HashType hashType,
-        const byte* id, word32 idSz, ecc_point* pvt, byte* hash, byte* hashSz)
-{
-    int err;
-    word32 dataSz = 0;
-    int idx = wc_ecc_get_curve_idx(key->ecc.dp->id);
-    ecc_point* kpak = &key->ecc.pubkey;
-    int hash_inited = 0;
-
-    /* HS = hash( G | KPAK | ID | PVT ) */
-    err = wc_HashInit_ex(&key->hash, hashType, key->heap, INVALID_DEVID);
-    if (err == 0) {
-        hash_inited = 1;
-        /* Base Point - G */
-        dataSz = sizeof(key->data);
-        err = eccsi_encode_base(key, key->data, &dataSz);
-    }
-    if (err == 0) {
-        err = wc_HashUpdate(&key->hash, hashType, key->data, dataSz);
-    }
-    if (err == 0) {
-        err = eccsi_kpak_from_mont(key);
-    }
-    if (err == 0) {
-        dataSz = sizeof(key->data);
-        /* KPAK - public key */
-        err = wc_ecc_export_point_der(idx, kpak, key->data, &dataSz);
-    }
-    if (err == 0) {
-        err = wc_HashUpdate(&key->hash, hashType, key->data, dataSz);
-    }
-    if (err == 0) {
-        /* Id - Signer's ID */
-        err = wc_HashUpdate(&key->hash, hashType, id, idSz);
-    }
-    if (err == 0) {
-        dataSz = sizeof(key->data);
-        /* PVT - Public Validation Token */
-        err = wc_ecc_export_point_der(idx, pvt, key->data, &dataSz);
-    }
-    if (err == 0) {
-        /* PVT - Public Validation Token */
-        err = wc_HashUpdate(&key->hash, hashType, key->data, dataSz);
-    }
-    if (err == 0) {
-        err = wc_HashFinal(&key->hash, hashType, hash);
-    }
-
-    if (err == 0) {
-        *hashSz = (byte)wc_HashGetDigestSize(hashType);
-    }
-
-    if (hash_inited) {
-        (void)wc_HashFree(&key->hash, hashType);
-    }
-
-    return err;
-}
-
-#ifdef WOLFCRYPT_ECCSI_KMS
-/**
- * Generate KMS Secret Auth Key (KSAK) and KMS Public Auth Key (KPAK).
- *
- * RFC 6507, Section 4.2
- *
- * Called when establishing a new KMS.\n
- * KSAK must be kept secret while KPAK is required by clients for signing
- * and verifying.\n
- * Export key using wc_ExportEccsiKey(), once generated, to reuse the key.\n
- * Export KPAK using wc_ExportEccsiPublicKey(), once generate to send to
- * clients.
- *
- * Creates a random private key and multiplies it by the base point to calculate
- * the public key.
- *
- * @param  [in]  key      ECCSI key.
- * @param  [in]  rng      Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rng is NULL.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-int wc_MakeEccsiKey(EccsiKey* key, WC_RNG* rng)
-{
-    int err = 0;
-
-    if ((key == NULL) || (rng == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = wc_ecc_make_key_ex(rng, key->ecc.dp->size, &key->ecc,
-                key->ecc.dp->id);
-    }
-
-    return err;
-}
-
-/*
- * Encode a point into a buffer.
- *
- * X and y ordinate of point concatenated. Each number is zero padded tosize.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]      point    ECC point to encode.
- * @param  [in]      size     Size of prime in bytes - maximum ordinate length.
- * @param  [out]     data     Buffer to hold encoded data.
- *                            NULL when needing length of encoded data.
- * @param  [in,out]  sz       In, the size of the buffer in bytes.
- *                            Out, the size of the encoded data in bytes.
- * @param  [in]      raw      On 0, prepend descriptor byte.
- *                            On 1, only include ordinates.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz will hold the size in bytes of
- *          the encoded data.
- * @return  BUFFER_E when size of buffer is too small.
- */
-static int eccsi_encode_point(ecc_point* point, word32 size, byte* data,
-        word32* sz, int raw)
-{
-    int err = 0;
-
-    if (data == NULL) {
-        *sz = size * 2 + !raw;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*sz < size * 2 + !raw)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        if (!raw) {
-            data[0] = 0x04;
-            data++;
-        }
-
-        /* Write out the point's x ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(point->x, data, (int)size);
-    }
-    if (err == 0) {
-        data += size;
-        /* Write out the point's y ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(point->y, data, (int)size);
-    }
-    if (err == 0) {
-        *sz = size * 2 + !raw;
-    }
-
-    return err;
-}
-
-/*
- * Decode the data into an ECC point.
- *
- * X and y ordinate of point concatenated. Each number is zero padded to
- * key size. Supports prepended descriptor byte (0x04).
- *
- * @param  [out]  point  ECC point to encode.
- * @param  [in]   size   Size of prime in bytes - maximum ordinate length.
- * @param  [in]   data   Encoded public key.
- * @param  [in]   sz     Size of the encoded public key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or z is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_decode_point(ecc_point* point, word32 size, const byte* data,
-        word32 sz)
-{
-    int err = 0;
-
-    if ((sz != size * 2) && (sz != size * 2 + 1)) {
-        err = BUFFER_E;
-    }
-
-    if ((err == 0) && (sz & 1)) {
-        if (data[0] != 0x04) {
-            err = ASN_PARSE_E;
-        }
-        data++;
-    }
-
-    if (err == 0) {
-        /* Read the public key point's x value from key size bytes. */
-        err = mp_read_unsigned_bin(point->x, data, size);
-    }
-    if (err == 0) {
-        data += size;
-        /* Read the public key point's y value from key size bytes. */
-        err = mp_read_unsigned_bin(point->y, data, size);
-    }
-    if (err == 0) {
-        err = mp_set(point->z, 1);
-    }
-
-    return err;
-}
-
-/*
- * Encode the ECCSI key.
- *
- * Encodes the private key as big-endian bytes of fixed length.
- * Encodes the public key x and y ordinates as big-endian bytes of fixed length.
- *
- * @param  [in]      key   ECCSI key.
- * @param  [out]     data  Buffer to hold encoded ECCSI key.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails (WOLFSSL_SMALL_STACK).
- */
-static int eccsi_encode_key(EccsiKey* key, byte* data)
-{
-    int err;
-    word32 sz = (word32)key->ecc.dp->size * 2;
-
-    /* Write out the secret value into key size bytes. */
-    err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
-        key->ecc.dp->size);
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Write the public key. */
-        err = eccsi_encode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size,
-                data, &sz, 1);
-    }
-
-    return err;
-}
-
-/**
- * Export the ECCSI key as encoded public/private ECC key.
- *
- * Use when saving the KMS key pair.
- *
- * Private key, x ordinate of public key and y ordinate of public key
- * concatenated. Each number is zero padded to key size.
- *
- * @param  [in]      key   ECCSI key.
- * @param  [out]     data  Buffer to hold encoded ECCSI key.
- *                         NULL when requesting required length.
- * @param  [in,out]  sz    On in, size of buffer in bytes.
- *                         On out, size of encoded ECCSI key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL
- * @return  BAD_STATE_E when no key to export.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when the buffer passed in is too small.
- * @return  MEMORY_E when dynamic memory allocation fails (WOLFSSL_SMALL_STACK).
- */
-int wc_ExportEccsiKey(EccsiKey* key, byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err == 0) {
-        if (data == NULL) {
-            *sz = (word32)(key->ecc.dp->size * 3);
-            err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-        else if (*sz < (word32)key->ecc.dp->size * 3) {
-            err = BUFFER_E;
-        }
-        else {
-            *sz = (word32)(key->ecc.dp->size * 3);
-        }
-    }
-    if (err == 0) {
-        err = eccsi_kpak_from_mont(key);
-    }
-    if (err == 0) {
-        /* Encode key */
-        err = eccsi_encode_key(key, data);
-    }
-
-    return err;
-}
-
-/*
- * Import the ECCSI key as encoded public/private ECC key.
- *
- * Decodes the private key as big-endian bytes of fixed length.
- * Decodes the public key x and y ordinates as big-endian bytes of fixed length.
- *
- * @param  [in]  key   ECCSI key.
- * @param  [in]  data  Buffer holding encoded ECCSI key.
- * @return  0 on success.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_decode_key(EccsiKey* key, const byte* data)
-{
-    int err;
-
-    /* Read the secret value from key size bytes. */
-    err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
-        (word32)key->ecc.dp->size);
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Read public key. */
-        err = eccsi_decode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size,
-                data, (word32)(key->ecc.dp->size * 2));
-    }
-
-    return err;
-}
-
-/**
- * Import the ECCSI key as encoded public/private ECC key.
- *
- * Use when restoring the KMS key pair.
- *
- * Private key, x ordinate of public key and y ordinate of public key
- * concatenated. Each number is zero padded to key size.
- *
- * @param  [in]  key   ECCSI key.
- * @param  [in]  data  Buffer holding encoded ECCSI key.
- * @param  [in]  sz    Size of encoded ECCSI key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or data is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_ImportEccsiKey(EccsiKey* key, const byte* data, word32 sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (sz != (word32)key->ecc.dp->size * 3)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        key->kpakMont = 0;
-
-        /* Decode key */
-        err = eccsi_decode_key(key, data);
-    }
-    if (err == 0) {
-        key->ecc.type = ECC_PRIVATEKEY;
-    }
-
-    return err;
-}
-
-/**
- * Export the ECCSI private key.
- *
- * Use when saving the KMS key.
- *
- * Private key is zero padded to key size.
- *
- * @param  [in]      key   ECCSI key.
- * @param  [out]     data  Buffer to hold encoded ECCSI private key.
- *                         NULL when requesting required length.
- * @param  [in,out]  sz    On in, size of buffer in bytes.
- *                         On out, size of encoded ECCSI private key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL
- * @return  BAD_STATE_E when no key to export.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when the buffer passed in is too small.
- * @return  MEMORY_E when dynamic memory allocation fails (WOLFSSL_SMALL_STACK).
- */
-int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err == 0) {
-        if (data == NULL) {
-            *sz = (word32)key->ecc.dp->size;
-            err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-        else if (*sz < (word32)key->ecc.dp->size) {
-            err = BUFFER_E;
-        }
-        else {
-            *sz = (word32)key->ecc.dp->size;
-        }
-    }
-    if (err == 0) {
-        err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
-            key->ecc.dp->size);
-    }
-
-    return err;
-}
-
-/**
- * Import the ECCSI private key.
- *
- * Use when restoring the KMS key pair.
- *
- * Private key is zero padded to key size.
- *
- * @param  [in]  key   ECCSI key.
- * @param  [in]  data  Buffer holding encoded ECCSI private key.
- * @param  [in]  sz    Size of encoded ECCSI private key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or data is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data, word32 sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (sz != (word32)key->ecc.dp->size)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
-            (word32)key->ecc.dp->size);
-    }
-
-    return err;
-}
-
-/**
- * Export the KMS Public Auth Key (KPAK) from the ECCSI object.
- *
- * KPAK is required by all clients in order to perform cryptographic operations.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]      key      ECCSI key.
- * @param  [out]     data     Buffer to hold the encoded public key.
- * @param  [in,out]  sz       On in, size of buffer in bytes.
- *                            On out, length of encoded public key in bytes.
- * @param  [in]      raw   On 0, prepend descriptor byte.
- *                         On 1, only include ordinates.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when the buffer passed in is too small.
- */
-int wc_ExportEccsiPublicKey(EccsiKey* key, byte* data, word32* sz, int raw)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY) &&
-            (key->ecc.type != ECC_PUBLICKEY)) {
-        err = BAD_STATE_E;
-    }
-
-    if ((err == 0) && (data != NULL)) {
-        err = eccsi_kpak_from_mont(key);
-    }
-    if (err == 0) {
-        /* Write out public key. */
-        err = eccsi_encode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size,
-            data, sz, raw);
-    }
-
-    return err;
-}
-
-/*
- * Generates an (SSK, PVT) Pair - signing key pair.
- *
- * RFC 6507, Section 5.1.1
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   rng       Random number generator.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   id        Identity to create hash from.
- * @param  [in]   idSz      Length of identity in bytes.
- * @param  [out]  ssk       Secret Signing Key as an MP integer.
- * @param  [out]  pvt       Public Validation Token (PVT) as an ECC point.
- * @return  0 on success.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_make_pair(EccsiKey* key, WC_RNG* rng,
-        enum wc_HashType hashType, const byte* id, word32 idSz, mp_int* ssk,
-        ecc_point* pvt)
-{
-    int err = 0;
-    byte hashSz = 0;
-    int genTryCnt = 0;
-
-    do {
-        /* Don't infinitely make pairs when random number generator fails. */
-        if ((++genTryCnt) > ECCSI_MAX_GEN_COUNT) {
-            err = RNG_FAILURE_E;
-        }
-
-        if (err == 0) {
-            wc_ecc_free(&key->pubkey);
-
-            /* Step 1 and 2: Generate ephemeral key - v, PVT = [v]G */
-            err = wc_ecc_make_key_ex(rng, key->ecc.dp->size, &key->pubkey,
-                    key->ecc.dp->id);
-        }
-        if (err == 0) {
-            err = wc_ecc_copy_point(&key->pubkey.pubkey, pvt);
-        }
-
-        /* Step 3: Compute HS */
-        if (err == 0) {
-            hashSz = (byte)sizeof(key->data);
-            err = eccsi_compute_hs(key, hashType, id, idSz, pvt, key->data,
-                    &hashSz);
-        }
-
-        /* Step 4: Compute SSK = ( KSAK + HS * v ) modulo q */
-        if (err == 0) {
-            err = mp_read_unsigned_bin(ssk, key->data, hashSz);
-        }
-        if (err == 0) {
-            err = mp_mulmod(ssk, wc_ecc_key_get_priv(&key->pubkey),
-                &key->params.order, ssk);
-        }
-        if (err == 0) {
-            err = mp_addmod(ssk, wc_ecc_key_get_priv(&key->ecc),
-                &key->params.order, ssk);
-        }
-    }
-    while ((err == 0) && (mp_iszero(ssk) ||
-            (mp_cmp(ssk, wc_ecc_key_get_priv(&key->ecc)) == MP_EQ)));
-    /* Step 5: ensure SSK and HS are non-zero (code lines above) */
-
-    /* Step 6: Copy out SSK (done during calc) and PVT. Erase v */
-    mp_forcezero(wc_ecc_key_get_priv(&key->pubkey));
-
-    return err;
-}
-
-/**
- * Generates an (SSK, PVT) Pair - signing key pair.
- *
- * RFC 6507, Section 5.1.1
- *
- * ID should include information to indicate a revocation date.\n
- * SSK must be zeroized after sending to client.\n
- * SSK is sent to signing client only.\n
- * PVT is sent to all client types.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   rng       Random number generator.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   id        Identity to create hash from.
- * @param  [in]   idSz      Length of identity in bytes.
- * @param  [out]  ssk       Secret Signing Key as an MP integer.
- * @param  [out]  pvt       Public Validation Token (PVT) as an ECC point.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, rng, id, ssk or pvt is NULL.
- * @return  BAD_STATE_E when curve not set (key not set).
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-int wc_MakeEccsiPair(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType,
-        const byte* id, word32 idSz, mp_int* ssk, ecc_point* pvt)
-{
-    int err = 0;
-
-    if ((key == NULL) || (rng == NULL) || (id == NULL) || (ssk == NULL) ||
-            (pvt == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err == 0) {
-        err = eccsi_load_order(key);
-    }
-    if (err == 0) {
-        err = eccsi_make_pair(key, rng, hashType, id, idSz, ssk, pvt);
-    }
-
-    return err;
-}
-
-/**
- * Encode the SSK and PVT into a buffer.
- *
- * SSK and PVT required by client signing messages.
- *
- * @param  [in]      key   ECCSI key.
- * @param  [in]      ssk   Secret Signing Key as an MP integer.
- * @param  [in]      pvt   Public Validation Token (PVT) as an ECC point.
- * @param  [out]     data  Buffer to encode key pair into.
- * @param  [in,out]  sz    In, size of buffer in bytes.
- *                         Out, size of encoded pair data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ssk, pvt or sz is NULL.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- */
-int wc_EncodeEccsiPair(const EccsiKey* key, mp_int* ssk, ecc_point* pvt,
-        byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (ssk == NULL) || (pvt == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (data == NULL)) {
-        *sz = (word32)(key->ecc.dp->size * 3);
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*sz < (word32)(key->ecc.dp->size * 3))) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        err = mp_to_unsigned_bin_len(ssk, data, key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Write out the PVT's x ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(pvt->x, data, key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Write out the PVT's y ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(pvt->y, data, key->ecc.dp->size);
-    }
-    if (err == 0) {
-        *sz = (word32)(key->ecc.dp->size * 3);
-    }
-
-    return err;
-}
-
-/**
- * Encode the Secret Signing Key (SSK).
- *
- * Use when saving the key pair.
- *
- * SSK is zero padded to key size.
- *
- * @param  [in]      key   ECCSI key.
- * @param  [in]      ssk   Secret Signing Key as an MP integer.
- * @param  [out]     data  Buffer to hold encoded SSK.
- *                         NULL when requesting required length.
- * @param  [in,out]  sz    On in, size of buffer in bytes.
- *                         On out, size of encoded ECCSI key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ssk or sz is NULL
- * @return  BAD_STATE_E when no key to export.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when the buffer passed in is too small.
- * @return  MEMORY_E when dynamic memory allocation fails (WOLFSSL_SMALL_STACK).
- */
-int wc_EncodeEccsiSsk(const EccsiKey* key, mp_int* ssk, byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (ssk == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err == 0) {
-        if (data == NULL) {
-            *sz = (word32)key->ecc.dp->size;
-            err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-        else if (*sz < (word32)key->ecc.dp->size) {
-            err = BUFFER_E;
-        }
-        else {
-            *sz = (word32)key->ecc.dp->size;
-        }
-    }
-    if (err == 0) {
-        err = mp_to_unsigned_bin_len(ssk, data, key->ecc.dp->size);
-    }
-
-    return err;
-}
-
-/**
- * Decode the Secret Signing Key (SSK).
- *
- * Use when restoring the key pair.
- *
- * SSK is zero padded to key size.
- *
- * @param  [in]   key   ECCSI key.
- * @param  [in]   data  Buffer holding encoded ECCSI key.
- * @param  [in]   sz    Size of encoded ECCSI key in bytes.
- * @param  [out]  ssk   Secret Signing Key as an MP integer.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, data or ssk is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_DecodeEccsiSsk(const EccsiKey* key, const byte* data, word32 sz,
-        mp_int* ssk)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL) || (ssk == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (sz != (word32)key->ecc.dp->size)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        err = mp_read_unsigned_bin(ssk, data, (word32)key->ecc.dp->size);
-    }
-
-    return err;
-}
-
-/**
- * Encode the PVT into a buffer.
- *
- * PVT required by client verifying messages.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]      key   ECCSI key.
- * @param  [in]      pvt   Public Validation Token (PVT) as an ECC point.
- * @param  [out]     data  Buffer to encode key pair into.
- * @param  [in,out]  sz    In, size of buffer in bytes.
- *                         Out, size of encoded pair data in bytes.
- * @param  [in]      raw   On 0, prepend descriptor byte.
- *                         On 1, only include ordinates.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, pvt or sz is NULL.
- * @return  BAD_STATE_E when PVT has not been set.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- */
-int wc_EncodeEccsiPvt(const EccsiKey* key, ecc_point* pvt, byte* data,
-        word32* sz, int raw)
-{
-    int err = 0;
-
-    if ((key == NULL) || (pvt == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = eccsi_encode_point(pvt, (word32)key->ecc.dp->size, data, sz, raw);
-    }
-
-    return err;
-}
-
-#endif /* WOLFCRYPT_ECCSI_KMS */
-
-#ifdef WOLFCRYPT_ECCSI_CLIENT
-/**
- * Decode the SSK and PVT data into separate variables.
- *
- * A signing client decodes the data so that it can validate the pair and sign.
- *
- * @param  [in]   key   ECCSI key.
- * @param  [in]   data  Buffer holding key pair data.
- * @param  [in]   sz    Size of data in bytes.
- * @param  [out]  ssk   Secret Signing Key as an MP integer.
- * @param  [out]  pvt   Public Validation Token (PVT) as an ECC point.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, data, ssk or pvt is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_DecodeEccsiPair(const EccsiKey* key, const byte* data, word32 sz,
-        mp_int* ssk, ecc_point* pvt)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL) || (ssk == NULL) || (pvt == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (sz != (word32)(key->ecc.dp->size * 3))) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        /* Read the SSK value from key size bytes. */
-        err = mp_read_unsigned_bin(ssk, data, (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Read the PVT's x value from key size bytes. */
-        err = mp_read_unsigned_bin(pvt->x, data, (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Read the PVT's y value from key size bytes. */
-        err = mp_read_unsigned_bin(pvt->y, data, (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        err = mp_set(pvt->z, 1);
-    }
-
-    return err;
-}
-
-/**
- * Decode the PVT data into an ECC point.
- *
- * A verifying client decodes the data so that it can verify a message.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]   key   ECCSI key.
- * @param  [in]   data  Buffer holding PVT data.
- * @param  [in]   sz    Size of data in bytes.
- * @param  [out]  pvt   Public Validation Token (PVT) as an ECC point.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, data, ssk or pvt is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_DecodeEccsiPvt(const EccsiKey* key, const byte* data, word32 sz,
-        ecc_point* pvt)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL) || (pvt == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = eccsi_decode_point(pvt, (word32)key->ecc.dp->size, data, sz);
-    }
-
-    return err;
-}
-
-/**
- * Decode the PVT data, from a signature, into an ECC point.
- *
- * A verifying client decodes the data so that it can calculate the identity
- * hash.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]   key   ECCSI key.
- * @param  [in]   sig   Buffer holding signature data.
- * @param  [in]   sz    Size of data in bytes.
- * @param  [out]  pvt   Public Validation Token (PVT) as an ECC point.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, data, ssk or pvt is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_DecodeEccsiPvtFromSig(const EccsiKey* key, const byte* sig, word32 sz,
-        ecc_point* pvt)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sig == NULL) || (pvt == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        word32 rSz = (word32)(key->ecc.dp->size * 2);
-        err = eccsi_decode_point(pvt, (word32)key->ecc.dp->size, sig + rSz,
-                sz - rSz);
-    }
-
-    return err;
-}
-
-/**
- * Import the KMS Public Auth Key (KPAK) into the ECCSI object.
- *
- * Clients import the KPAK to perform cryptographic operations.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]  key      ECCSI key.
- * @param  [in]  data     Encoded public key as an array of bytes.
- * @param  [in]  sz       Length of encoded KPAK in bytes.
- * @param  [in]  trusted  1 when public key is trusted.
- *                        0 when validation is required to be performed.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or data is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  ECC_OUT_OF_RANGE_E when point is invalid.
- * @return  ECC_INF_E when point is at infinity and invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_ImportEccsiPublicKey(EccsiKey* key, const byte* data, word32 sz,
-        int trusted)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        key->kpakMont = 0;
-
-        /* Read the public key. */
-        err = eccsi_decode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size,
-                data, sz);
-    }
-    if (err == 0) {
-        key->ecc.type = ECC_PUBLICKEY;
-    }
-    if ((err == 0) && (!trusted)) {
-       err = wc_ecc_check_key(&key->ecc);
-    }
-
-    return err;
-}
-
-/*
- * Scalar multiply the base point of the curve and add a point.
- *
- * @param  [in]   key   ECCSI key.
- * @param  [in]   n     MP integer representing scalar to multiply by.
- * @param  [in]   a     ECC point to add.
- * @param  [out]  res   ECC point representation of the resulting point.
- * @param  [in]   mp    Montgomery reduction multiplier.
- * @param  [in]   map   0 indicates to leave in projective representation.
- *                      1 indicates map projective point to affine.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_mulmod_base_add(EccsiKey* key, const mp_int* n,
-        ecc_point* a, ecc_point* res, mp_digit mp, int map)
-{
-    int err = 0;
-
-#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
-        err = sp_ecc_mulmod_base_add_256(n, a, 1, res, map, key->heap);
-    }
-    else
-#endif
-#ifndef WOLFSSL_SP_MATH
-    {
-        EccsiKeyParams* params = &key->params;
-        err = wc_ecc_mulmod(n, params->base, params->base, &params->a,
-                &params->prime, 0);
-        key->params.haveBase = 0;
-        if (err == 0) {
-            err = ecc_projective_add_point(params->base, a, res, &params->a,
-                    &params->prime, mp);
-        }
-        if ((err == 0) && map) {
-            err = ecc_map(res, &params->prime, mp);
-        }
-    }
-#else
-    {
-        err = NOT_COMPILED_IN;
-    }
-    (void)key;
-    (void)n;
-    (void)a;
-    (void)res;
-    (void)mp;
-    (void)map;
-#endif
-
-    return err;
-}
-
-/*
- * Scalar multiply a point on the curve.
- *
- * @param  [in]   key    ECCSI key.
- * @param  [in]   n      MP integer representing scalar to multiply by.
- * @param  [in]   point  ECC point representation of a point on the curve.
- * @param  [out]  res    ECC point representation of the resulting point.
- * @param  [in]   map    0 indicates to leave in projective representation.
- *                       1 indicates map projective point to affine.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_mulmod_point(EccsiKey* key, const mp_int* n, ecc_point* point,
-        ecc_point* res, int map)
-{
-    int err;
-
-#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
-        err = sp_ecc_mulmod_256(n, point, res, map, key->heap);
-    }
-    else
-#endif
-    {
-        EccsiKeyParams* params = &key->params;
-
-        err = wc_ecc_mulmod(n, point, res, &params->a, &params->prime, map);
-    }
-
-    return err;
-}
-
-/*
- * Scalar multiply a point on the curve and add a.
- *
- * @param  [in]   key    ECCSI key.
- * @param  [in]   n      MP integer representing scalar to multiply by.
- * @param  [in]   point  ECC point representation of a point on the curve.
- * @param  [in]   a      ECC point to add.
- * @param  [out]  res    ECC point representation of the resulting point.
- * @param  [in]   mp     Montgomery reduction multiplier.
- * @param  [in]   map    0 indicates to leave in projective representation.
- *                       1 indicates map projective point to affine.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_mulmod_point_add(EccsiKey* key, const mp_int* n,
-        ecc_point* point, ecc_point* a, ecc_point* res, mp_digit mp, int map)
-{
-#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
-    int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
-        err = sp_ecc_mulmod_add_256(n, point, a, 0, res, map, key->heap);
-    }
-
-    (void)mp;
-
-    return err;
-#else
-    int err;
-    EccsiKeyParams* params = &key->params;
-
-    err = wc_ecc_mulmod(n, point, res, &params->a, &params->prime, 0);
-    if (err == 0) {
-        err = ecc_projective_add_point(res, a, res, &key->params.a,
-                &params->prime, mp);
-    }
-    if ((err == 0) && map) {
-        err = ecc_map(res, &params->prime, mp);
-    }
-
-    return err;
-#endif
-}
-
-/**
- * Validate an (SSV, PVT) Pair.
- *
- * RFC 6507, Section 5.1.2
- *
- * A signing client should validate the key pair before first use.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   id        Identity to create hash from.
- * @param  [in]   idSz      Length of identity in bytes.
- * @param  [in]   ssk       Secret Signing Key as an MP integer.
- * @param  [in]   pvt       Public Validation Token (PVT) as an ECC point.
- * @param  [out]  valid     1 when pair is valid and 0 otherwise.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, id, ssk, pvt or valid is NULL.
- * @return  BAD_STATE_E when curve not set (key not set).
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  IS_POINT_E when point is not on the curve.
- * @return  Other -ve value when an internal operation fails.
- */
-int wc_ValidateEccsiPair(EccsiKey* key, enum wc_HashType hashType,
-        const byte* id, word32 idSz, const mp_int* ssk, ecc_point* pvt,
-        int* valid)
-{
-    int err = 0;
-    ecc_point* res = NULL;
-    mp_int* hs = NULL;
-    mp_digit mp = 0;
-    byte hashSz = 0;
-    EccsiKeyParams* params = NULL;
-
-    if ((key == NULL) || (id == NULL) || (ssk == NULL) || (pvt == NULL) ||
-            (valid == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY) &&
-            (key->ecc.type != ECC_PUBLICKEY)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err != 0)
-        return err;
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    params = &key->params;
-    hs = &key->tmp;
-    res = &key->pubkey.pubkey;
-
-    err = eccsi_load_base(key);
-
-    if (err == 0) {
-       err = eccsi_load_ecc_params(key);
-    }
-    if (err == 0) {
-        err = mp_montgomery_setup(&params->prime, &mp);
-    }
-
-    /* Step 1: Validate PVT is on curve */
-    if (err == 0) {
-        err = wc_ecc_is_point(pvt, &params->a, &params->b, &params->prime);
-        if (err == -1) {
-            err = IS_POINT_E;
-        }
-    }
-
-    /* Step 2: Compute HS = hash( G | KPAK | ID | PVT ) */
-    if (err == 0) {
-        hashSz = (byte)sizeof(key->data);
-        /* Converts KPAK from mont. */
-        err = eccsi_compute_hs(key, hashType, id, idSz, pvt, key->data,
-                &hashSz);
-    }
-
-    /* Step 3: Validate that KPAK = [SSK]G - [HS]PVT */
-    if (err == 0) {
-        err = mp_read_unsigned_bin(hs, key->data, hashSz);
-    }
-    /* [HS]PVT */
-    if (err == 0) {
-        err = eccsi_mulmod_point(key, hs, pvt, res, 0);
-    }
-    /* -[HS]PVT */
-    if (err == 0) {
-        err = mp_sub(&params->prime, res->y, res->y);
-    }
-    /* [SSK]G + -[HS]PVT */
-    if (err == 0) {
-        err = eccsi_mulmod_base_add(key, ssk, res, res, mp, 1);
-    }
-    if (valid != NULL) {
-        *valid = (err == 0);
-        if (err == 0) {
-            ecc_point* kpak = &key->ecc.pubkey;
-            /* Compare KPAK and [SSK]G + -[HS]PVT */
-            *valid = (wc_ecc_cmp_point(res, kpak) == MP_EQ);
-        }
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-
-/**
- * Validate Public Validation Token (PVT) is on the curve.
- *
- * RFC 6507, Section 5.1.2, Step 1
- *
- * A verifying client should validate the PVT before first use.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   pvt       Public Validation Token (PVT) as an ECC point.
- * @param  [out]  valid     1 when PVT is valid and 0 otherwise.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, pvt or valid is NULL.
- * @return  BAD_STATE_E when curve not set (key not set).
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-int wc_ValidateEccsiPvt(EccsiKey* key, const ecc_point* pvt, int* valid)
-{
-    int err = 0;
-
-    if ((key == NULL)| (pvt == NULL) || (valid == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = wc_ecc_set_curve(&key->pubkey, key->ecc.dp->size,
-                key->ecc.dp->id);
-    }
-    if (err == 0) {
-        err = wc_ecc_copy_point(pvt, &key->pubkey.pubkey);
-    }
-    if (err == 0) {
-        *valid = (wc_ecc_check_key(&key->pubkey) == 0);
-    }
-
-    return err;
-}
-
-/**
- * Creates the Hash of the ID and PVT with the ECCSI key.
- *
- * The hash ID is required as input to the sign and verify operations.\n
- * Signing clients may cache this value.
- *
- * RFC 6507, Section 5.2.1, Step 3
- *
- * Set the calculated hash internally for use.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   id        Identity to create hash from.
- * @param  [in]   idSz      Length of identity in bytes.
- * @param  [in]   pvt       Public Validation Token (PVT) as an ECC point.
- * @param  [out]  hash      Buffer to hold hash result.
- * @param  [out]  hashSz    Length of hash data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, id, pvt, hash or hashSz is NULL.
- * @return  BAD_FUNC_ARG when hash size doesn't match curve size.
- * @return  BAD_STATE_E when public key not set.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-int wc_HashEccsiId(EccsiKey* key, enum wc_HashType hashType, const byte* id,
-        word32 idSz, ecc_point* pvt, byte* hash, byte* hashSz)
-{
-    int err = 0;
-    int dgstSz = -1;
-    int curveSz = -1;
-
-    if ((key == NULL) || (id == NULL) || (pvt == NULL) || (hash == NULL) ||
-            (hashSz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY) &&
-            (key->ecc.type != ECC_PUBLICKEY)) {
-        err = BAD_STATE_E;
-    }
-    /* Ensure digest output size matches curve size (RFC 6507 4.1). */
-    if (err == 0) {
-        dgstSz = wc_HashGetDigestSize(hashType);
-        if (dgstSz < 0) {
-            err = dgstSz;
-        }
-    }
-    if (err == 0) {
-        curveSz = wc_ecc_get_curve_size_from_id(key->ecc.dp->id);
-        if (curveSz < 0) {
-            err = curveSz;
-        }
-    }
-    if ((err == 0) && (dgstSz != curveSz)) {
-        err = BAD_FUNC_ARG;
-    }
-    /* Load the curve parameters for operations */
-    if (err == 0) {
-       err = eccsi_load_ecc_params(key);
-    }
-    if (err == 0) {
-        err = eccsi_compute_hs(key, hashType, id, idSz, pvt, hash, hashSz);
-    }
-    if (err == 0) {
-        XMEMCPY(key->idHash, hash, *hashSz);
-        key->idHashSz = *hashSz;
-    }
-
-    return err;
-}
-
-/**
- * Set the identity hash for use with signing/verification.
- *
- * @param  [in]  key     ECCSI key.
- * @param  [in]  hash    Buffer with hash of identity.
- * @param  [in]  hashSz  Length of hash data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or hash is NULL, or hashSz is greater than
- *          WC_MAX_DIGEST_SIZE.
- */
-int wc_SetEccsiHash(EccsiKey* key, const byte* hash, byte hashSz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (hash == NULL) || (hashSz > WC_MAX_DIGEST_SIZE)) {
-        err = BAD_FUNC_ARG;
-    }
-    if (err == 0) {
-        XMEMCPY(key->idHash, hash, hashSz);
-        key->idHashSz = hashSz;
-    }
-
-    return err;
-}
-
-/**
- * Set an (SSV, PVT) Pair for signing.
- *
- * @param  [in]   key  ECCSI key.
- * @param  [in]   ssk  Secret Signing Key as an MP integer.
- * @param  [in]   pvt  Public Validation Token (PVT) as an ECC point.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ssk or pvt is NULL.
- * @return  MP math errors when copy fails
- */
-int wc_SetEccsiPair(EccsiKey* key, const mp_int* ssk, const ecc_point* pvt)
-{
-    int err = 0;
-
-    if ((key == NULL) || (ssk == NULL) || (pvt == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = mp_copy(ssk, &key->ssk);
-    }
-
-    if (err == 0) {
-        err = wc_ecc_copy_point(pvt, key->pvt);
-    }
-
-    return err;
-}
-
-#ifdef ECCSI_ORDER_MORE_BITS_THAN_PRIME
-/*
- * Fit the number to the maximum number of bytes.
- *
- * If the number is too big then subtract from order.
- * RFC 6507, Section 5.2.1, Note at end.
- * This should only happen when order is larger than prime in bits.
- *
- * @param  [in]   a      MP integer to fix.
- * @param  [in]   order  MP integer representing order of curve.
- * @param  [in]   m      Maximum number of bytes to encode into.
- * @param  [out]  r      MP integer that is the result after fixing.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_fit_to_octets(const mp_int* a, mp_int* order, int m,
-        mp_int* r)
-{
-    int err;
-
-    if (mp_count_bits(a) > m * 8) {
-        err = mp_sub(order, (mp_int*)a, r);
-    }
-    else
-    {
-        err = mp_copy(a, r);
-    }
-
-    return err;
-}
-#else
-/*
- * Fit the number to the maximum number of bytes.
- *
- * If the number is too big then subtract from order.
- * RFC 6507, Section 5.2.1, Note at end.
- * This should only happen when order is larger than prime in bits.
- *
- * @param  [in]   a      MP integer to fix.
- * @param  [in]   order  MP integer representing order of curve.
- * @param  [in]   m      Maximum number of bytes to encode into.
- * @param  [out]  r      MP integer that is the result after fixing.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int eccsi_fit_to_octets(const mp_int* a, const mp_int* order, int m,
-        mp_int* r)
-{
-    (void)order;
-    (void)m;
-
-    /* Duplicate line to stop static analyzer complaining. */
-    return mp_copy(a, r);
-}
-#endif
-
-/*
- * Compute the HE = hash( HS | r | M ), hash value of signature.
- *
- * Partial result required for signing and verification.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   r         MP integer that is the first signature element.
- * @param  [in]   msg       Message of signature.
- * @param  [in]   msgSz     Length of message in bytes.
- * @param  [out]  he        Signature hash.
- * @param  [out]  heSz      Length of signature hash in bytes
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_compute_he(EccsiKey* key, enum wc_HashType hashType,
-        mp_int* r, const byte* msg, word32 msgSz, byte* he, word32* heSz)
-{
-    int err = 0;
-    word32 dataSz = (word32)key->ecc.dp->size;
-    int hash_inited = 0;
-
-    /* HE = hash( HS | r | M ) */
-    err = wc_HashInit_ex(&key->hash, hashType, key->heap, INVALID_DEVID);
-    if (err == 0) {
-        hash_inited = 1;
-        /* HS */
-        err = wc_HashUpdate(&key->hash, hashType, key->idHash, key->idHashSz);
-    }
-    if (err == 0) {
-        err = mp_to_unsigned_bin_len(r, key->data, (int)dataSz);
-    }
-    if (err == 0) {
-        /* r */
-        err = wc_HashUpdate(&key->hash, hashType, key->data, dataSz);
-    }
-    if (err == 0) {
-        /* M */
-        err = wc_HashUpdate(&key->hash, hashType, msg, msgSz);
-    }
-    if (err == 0) {
-        err = wc_HashFinal(&key->hash, hashType, he);
-    }
-    if (err == 0) {
-        *heSz = (word32)wc_HashGetDigestSize(hashType);
-    }
-
-    if (hash_inited) {
-        (void)wc_HashFree(&key->hash, hashType);
-    }
-
-    return err;
-}
-
-/*
- * Encode the signature = ( r | s | PVT )
- *
- * @param  [in]   key    ECCSI key.
- * @param  [in]   r      MP integer that is the first signature element.
- * @param  [in]   s      MP integer that is the second signature element.
- * @param  [in]   pvt    ECC point representing Public Validation Token.
- * @param  [out]  sig    Signature of message.
- * @param  [out]  sigSz  Length of signature in bytes.
- */
-static int eccsi_encode_sig(const EccsiKey* key, mp_int* r, mp_int* s,
-        byte* sig, word32* sigSz)
-{
-    int err;
-    word32 sz = (word32)key->ecc.dp->size;
-
-    err = mp_to_unsigned_bin_len(r, sig, (int)sz);
-    if (err == 0) {
-        err = mp_to_unsigned_bin_len(s, sig + sz, (int)sz);
-    }
-    if (err == 0) {
-        *sigSz = (word32)(key->ecc.dp->size * 2 + 1);
-        err = wc_ecc_export_point_der(wc_ecc_get_curve_idx(key->ecc.dp->id),
-                 key->pvt, sig + sz * 2, sigSz);
-    }
-    if (err == 0) {
-        *sigSz = sz * 4 + 1;
-    }
-
-    return err;
-}
-
-/*
- * Sign the ECCSI hash (of ID with the key) to two mp_int objects: r and s.
- *
- * RFC 6507, Section 5.2.1, Steps 1 to 4
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   rng       Random number generator.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   msg       Message to sign.
- * @param  [in]   msgSz     Length of message in bytes.
- * @param  [out]  r         First big number integer part of signature.
- * @param  [out]  s         Second big number integer part of signature.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_gen_sig(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType,
-        const byte* msg, word32 msgSz, mp_int* r, mp_int* s)
-{
-    int err = 0;
-    int sz = key->ecc.dp->size;
-    word32 heSz = 0;
-    const mp_int* jx = NULL;
-    mp_int* he = &key->tmp;
-    int genTryCnt = 0;
-
-    do {
-        /* Don't infinitely gen sigs when random number generator fails. */
-        if ((++genTryCnt) > ECCSI_MAX_GEN_COUNT) {
-            err = RNG_FAILURE_E;
-        }
-
-        if (err == 0) {
-            wc_ecc_free(&key->pubkey);
-
-            /* Step 1 and 2: Generate ephemeral key - j, J = [j]G, r = Jx */
-            err = wc_ecc_make_key_ex(rng, sz, &key->pubkey, key->ecc.dp->id);
-        }
-        if (err == 0) {
-            jx = key->pubkey.pubkey.x;
-            err = eccsi_fit_to_octets(jx, &key->params.order, sz, r);
-        }
-
-        /* Step 3: Compute HE = hash( HS | r | M ) */
-        if (err == 0) {
-            err = eccsi_compute_he(key, hashType, r, msg, msgSz, key->data,
-                    &heSz);
-        }
-
-        /* Step 4: Verify that HE + r * SSK is non-zero modulo q */
-        if (err == 0) {
-            err = mp_read_unsigned_bin(he, key->data, heSz);
-        }
-        /* s' = r * SSK */
-        if (err == 0) {
-            err = mp_mulmod(r, &key->ssk, &key->params.order, s);
-        }
-        /* s' = HE + r * SSK */
-        if (err == 0) {
-            err = mp_addmod(he, s, &key->params.order, s);
-        }
-    }
-    while ((err == 0) && (mp_iszero(s) || (mp_cmp(s, he) == MP_EQ)));
-
-    return err;
-}
-
-
-/**
- * Sign the ECCSI hash (of ID with the key).
- *
- * RFC 6507, Section 5.2.1
- *
- * Must have imported KPAK using wc_ImportEccsiPublicKey() before calling.\n
- * Use wc_HashEccsiId() to calculate the hash and wc_SetEccsiHash() to set
- * the identity hash to use.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   rng       Random number generator.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   msg       Message to sign.
- * @param  [in]   msgSz     Length of message in bytes.
- * @param  [out]  sig       Signature of message.
- * @param  [out]  sigSz     Length of signature in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, rng, msg or sigSz is NULL.
- * @return  BAD_STATE_E when the curve or id hash has not been set (no key set).
- * @return  LENGTH_ONLY_E when sig is NULL - sigSz is set.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType,
-        const byte* msg, word32 msgSz, byte* sig, word32* sigSz)
-{
-    int err = 0;
-    mp_int* r = NULL;
-    mp_int* s = NULL;
-    mp_int* j = NULL;
-    word32 sz = 0;
-
-    if ((key == NULL) || (rng == NULL) || (msg == NULL) || (sigSz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (key->ecc.type != ECC_PUBLICKEY) &&
-            (key->ecc.type != ECC_PRIVATEKEY)) {
-        err = BAD_STATE_E;
-    }
-    if ((err == 0) && (sig != NULL) && (key->idHashSz == 0)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err == 0)  {
-        sz = (word32)key->ecc.dp->size;
-        if (sig == NULL) {
-            *sigSz = sz * 4 + 1;
-            err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-    }
-    if ((err == 0) && (*sigSz < sz * 4 + 1)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        r = key->pubkey.pubkey.y;
-        s = key->pubkey.pubkey.z;
-
-        err = eccsi_load_order(key);
-    }
-
-    if (err == 0) {
-        /* Steps 1 to 4. */
-        err = eccsi_gen_sig(key, rng, hashType, msg, msgSz, r, s);
-    }
-
-    /* Step 5: s' = ( (( HE + r * SSK )^-1) * j ) modulo q, erase j */
-    if (err == 0) {
-        err = mp_invmod(s, &key->params.order, s);
-    }
-    if (err == 0) {
-        j = wc_ecc_key_get_priv(&key->pubkey);
-        err = mp_mulmod(s, j, &key->params.order, s);
-    }
-    if (err == 0) {
-        mp_forcezero(j);
-
-        /* Step 6: s = s' fitted */
-        err = eccsi_fit_to_octets(s, &key->params.order, (int)sz, s);
-    }
-
-    /* Step 7: Output Signature = ( r | s | PVT ) */
-    if (err == 0) {
-        err = eccsi_encode_sig(key, r, s, sig, sigSz);
-    }
-
-    return err;
-}
-
-/*
- * Decode the s part of the signature = ( r | s | PVT )
- *
- * @param  [in]   key    ECCSI key.
- * @param  [in]   sig    Signature of message.
- * @param  [in]   sigSz  Length of signature in bytes.
- * @param  [out]  s      MP integer that is the second signature element.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_decode_sig_s(const EccsiKey* key, const byte* sig,
-        word32 sigSz, mp_int* s)
-{
-    int err = 0;
-    word32 sz = (word32)key->ecc.dp->size;
-
-    if (sigSz != sz * 4 + 1) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = mp_read_unsigned_bin(s, sig + sz, sz);
-    }
-
-    return err;
-}
-
-/*
- * Decode the r and pvt part of the signature = ( r | s | PVT )
- *
- * @param  [in]   key    ECCSI key.
- * @param  [in]   sig    Signature of message.
- * @param  [in]   sigSz  Length of signature in bytes.
- * @param  [out]  r      MP integer that is the first signature element.
- * @param  [out]  pvt    ECC point representing Public Validation Token.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value when an internal operation fails.
- */
-static int eccsi_decode_sig_r_pvt(const EccsiKey* key, const byte* sig,
-        word32 sigSz, mp_int* r, ecc_point* pvt)
-{
-    int err = 0;
-    word32 sz = (word32)key->ecc.dp->size;
-
-    if (sigSz != sz * 4 + 1) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = mp_read_unsigned_bin(r, sig, sz);
-    }
-    if (err == 0) {
-        /* must free previous public point otherwise wc_ecc_import_point_der
-         * could leak memory */
-        mp_clear(pvt->x);
-        mp_clear(pvt->y);
-        mp_clear(pvt->z);
-
-        err = wc_ecc_import_point_der(sig + sz * 2, sz * 2 + 1,
-                wc_ecc_get_curve_idx(key->ecc.dp->id), pvt);
-    }
-
-    return err;
-}
-
-/*
- * Calculate Y point as part of verification process.
- *
- * Y = [HS]PVT + KPAK
- *
- * @param  [in]   key      ECCSI key.
- * @param  [in]   pvt      ECC point representing Public Validation Token.
- * @param  [in]   mp       Montgomery reduction multiplier.
- * @param  [out]  y        ECC point representing calculated value Y.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-static int eccsi_calc_y(EccsiKey* key, ecc_point* pvt, mp_digit mp,
-        ecc_point* y)
-{
-    int err;
-    mp_int* hs = &key->ssk;
-
-    err = mp_read_unsigned_bin(hs, key->idHash, key->idHashSz);
-#ifndef WOLFSSL_HAVE_SP_ECC
-    /* Need KPAK in montgomery form. */
-    if (err == 0) {
-        err = eccsi_kpak_to_mont(key);
-    }
-#endif
-    /* [HS]PVT + KPAK */
-    if (err == 0) {
-        ecc_point* kpak = &key->ecc.pubkey;
-        err = eccsi_mulmod_point_add(key, hs, pvt, kpak, y, mp, 1);
-    }
-
-    return err;
-}
-
-/*
- * Calculate J point as part of verification process.
- *
- * J = [s]( [HE]G + [r]Y )
- *
- * @param  [in]   key    ECCSI key.
- * @param  [in]   hem    MP int representation of HE = Hash (hs, r and message).
- * @param  [in]   sig    Signature of message.
- * @param  [in]   sigSz  Length of signature in bytes.
- * @param  [in]   y      ECC point representing [r]Y.
- * @param  [in]   mp     Montgomery reduction multiplier.
- * @param  [out]  j      ECC point representing calculated value J.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-static int eccsi_calc_j(EccsiKey* key, const mp_int* hem, const byte* sig,
-        word32 sigSz, ecc_point* y, mp_digit mp, ecc_point* j)
-{
-    int err;
-    mp_int* s = &key->tmp;
-
-    /* [HE]G + [r]Y */
-    err = eccsi_mulmod_base_add(key, hem, y, j, mp, 1);
-    if (err == 0) {
-        err = eccsi_decode_sig_s(key, sig, sigSz, s);
-    }
-    /* [s]( [HE]G + [r]Y ) */
-    if (err == 0) {
-        err = eccsi_mulmod_point(key, s, j, j, 1);
-    }
-
-    return err;
-}
-
-/**
- * Verify the ECCSI hash (of ID with the key).
- *
- * RFC 6507, Section 5.2.2
- *
- * Must have imported KPAK using wc_ImportEccsiPublicKey() before calling.\n
- * Use wc_HashEccsiId() to calculate the hash and wc_SetEccsiHash() to set
- * the identity hash to use.
- *
- * @param  [in]   key       ECCSI key.
- * @param  [in]   hashType  Type of hash algorithm. e.g. WC_SHA256
- * @param  [in]   msg       Message to verify.
- * @param  [in]   msgSz     Length of message in bytes.
- * @param  [in]   sig       Signature of message.
- * @param  [in]   sigSz     Length of signature in bytes.
- * @param  [out]  verified  1 when the signature was verified and 0 otherwise.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, hash, msg, sig or ret is NULL.
- * @return  BAD_STATE_E when the curve or id hash has not been set (no key set).
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-int wc_VerifyEccsiHash(EccsiKey* key, enum wc_HashType hashType,
-        const byte* msg, word32 msgSz, const byte* sig, word32 sigSz,
-        int* verified)
-{
-    int err = 0;
-    byte* he = NULL;
-    word32 heSz = 0;
-    mp_int* r = NULL;
-    mp_int* jx = NULL;
-    mp_int* hem = NULL;
-    ecc_point* pvt = NULL;
-    ecc_point* y = NULL;
-    ecc_point* j = NULL;
-    mp_digit mp = 0;
-    EccsiKeyParams* params = NULL;
-
-    if ((key == NULL) || (msg == NULL) || (sig == NULL) || (verified == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (key->ecc.type != ECC_PRIVATEKEY) &&
-            (key->ecc.type != ECC_PUBLICKEY)) {
-        err = BAD_STATE_E;
-    }
-    if ((err == 0) && (key->idHashSz == 0)) {
-        err = BAD_STATE_E;
-    }
-
-    if (err != 0)
-        return err;
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    /* Decode the signature into components. */
-    r = wc_ecc_key_get_priv(&key->pubkey);
-    pvt = &key->pubkey.pubkey;
-    err = eccsi_decode_sig_r_pvt(key, sig, sigSz, r, pvt);
-
-    /* Load the curve parameters for operations */
-    if (err == 0) {
-        err = eccsi_load_base(key);
-    }
-    if (err == 0) {
-        err = eccsi_load_ecc_params(key);
-    }
-    if (err == 0) {
-        params = &key->params;
-        err = mp_montgomery_setup(&params->prime, &mp);
-    }
-
-    /* Step 1: Validate PVT is on curve */
-    if (err == 0) {
-        err = wc_ecc_is_point(pvt, &params->a, &params->b, &params->prime);
-    }
-
-    /* Step 2: Compute HS = hash( G | KPAK | ID | PVT )
-     * HS is key->idHash, key->idHashSz */
-
-    /* Step 3: Compute HE = hash( HS | r | M ) */
-    if (err == 0) {
-        he = key->data;
-        err = eccsi_compute_he(key, hashType, r, msg, msgSz, he, &heSz);
-    }
-
-    /* Step 4: Y = [HS]PVT + KPAK */
-    if (err == 0) {
-        y = pvt;
-        err = eccsi_calc_y(key, pvt, mp, y);
-    }
-
-    /* Step 5: Compute J = [s]( [HE]G + [r]Y ) */
-    /* [r]Y */
-    if (err == 0) {
-        hem = &key->tmp;
-        err = mp_read_unsigned_bin(hem, he, heSz);
-    }
-    if (err == 0) {
-        err = eccsi_mulmod_point(key, r, y, y, 0);
-    }
-    if (err == 0) {
-        j = params->base;
-        err = eccsi_calc_j(key, hem, sig, sigSz, y, mp, j);
-        key->params.haveBase = 0;
-    }
-
-    /* Step 6: Jx fitting, compare with r */
-    if (err == 0) {
-        jx = &key->tmp;
-        err = eccsi_fit_to_octets(j->x, &params->order, key->ecc.dp->size, jx);
-    }
-
-    if (verified != NULL) {
-        *verified = ((err == 0) && (mp_cmp(jx, r) == MP_EQ));
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-#endif /* WOLFCRYPT_ECCSI_CLIENT */
-
-#endif /* WOLFCRYPT_HAVE_ECCSI */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/ed25519.c b/src/ssl/wolfssl/wolfcrypt/ed25519.c
deleted file mode 100644
index 69c7a1b30..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ed25519.c
+++ /dev/null
@@ -1,1525 +0,0 @@
-/* ed25519.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
- /* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work. */
-
-
-/* Possible Ed25519 enable options:
- *   WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN                               Default: OFF
- *     Check that the private key didn't change during the signing operations.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_ED25519
-#if FIPS_VERSION3_GE(6,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-       #ifdef USE_WINDOWS_API
-               #pragma code_seg(".fipsA$f")
-               #pragma const_seg(".fipsB$f")
-       #endif
-#endif
-
-#include <wolfssl/wolfcrypt/ed25519.h>
-#include <wolfssl/wolfcrypt/ge_operations.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_ed25519_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000006 };
-    int wolfCrypt_FIPS_ED25519_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-#ifdef FREESCALE_LTC_ECC
-    #include <wolfssl/wolfcrypt/port/nxp/ksdk_port.h>
-#endif
-#ifdef WOLFSSL_SE050
-    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
-#endif
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_VERIFY)
-    /* Set a static message string for "Sig No Collisions Message SNC".
-    ** Note this is a static string per spec, see:
-    ** https://datatracker.ietf.org/doc/rfc8032/
-    */
-    #define ED25519CTX_SNC_MESSAGE "SigEd25519 no Ed25519 collisions"
-    #define ED25519CTX_SIZE 32 /* 32 chars: fixed length of SNC Message. */
-
-    /* The 32 bytes of ED25519CTX_SIZE is used elsewhere, but we need one
-    ** more char for saving the line ending in our ed25519Ctx[] here: */
-    static const byte ed25519Ctx[ED25519CTX_SIZE + 1] = ED25519CTX_SNC_MESSAGE;
-#endif
-
-static int ed25519_hash_init(ed25519_key* key, wc_Sha512 *sha)
-{
-    int ret;
-
-#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
-    /* when not using persistent SHA, we'll zero the sha param */
-    XMEMSET(sha, 0, sizeof(wc_Sha512));
-#endif
-
-    ret = wc_InitSha512_ex(sha, key->heap,
-
-#if defined(WOLF_CRYPTO_CB)
-                           key->devId
-#else
-                           INVALID_DEVID
-#endif
-        );
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    if (ret == 0)
-        key->sha_clean_flag = 1;
-#endif
-
-    return ret;
-}
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-static int ed25519_hash_reset(ed25519_key* key)
-{
-    int ret;
-    if (key->sha_clean_flag)
-        ret = 0;
-    else {
-        wc_Sha512Free(&key->sha);
-        ret = wc_InitSha512_ex(&key->sha, key->heap,
-#if defined(WOLF_CRYPTO_CB)
-                               key->devId
-#else
-                               INVALID_DEVID
-#endif
-            );
-        if (ret == 0)
-            key->sha_clean_flag = 1;
-    }
-    return ret;
-}
-#endif /* WOLFSSL_ED25519_PERSISTENT_SHA */
-
-static int ed25519_hash_update(ed25519_key* key, wc_Sha512 *sha,
-                               const byte* data, word32 len)
-{
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    if (key->sha_clean_flag)
-        key->sha_clean_flag = 0;
-#else
-    (void)key;
-#endif
-    return wc_Sha512Update(sha, data, len);
-}
-
-static int ed25519_hash_final(ed25519_key* key, wc_Sha512 *sha, byte* hash)
-{
-    int ret = wc_Sha512Final(sha, hash);
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    if (ret == 0)
-        key->sha_clean_flag = 1;
-#else
-    (void)key;
-#endif
-    return ret;
-}
-
-static void ed25519_hash_free(ed25519_key* key, wc_Sha512 *sha)
-{
-    wc_Sha512Free(sha);
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    key->sha_clean_flag = 0;
-#else
-    (void)key;
-#endif
-}
-
-
-static int ed25519_hash(ed25519_key* key, const byte* in, word32 inLen,
-    byte* hash)
-{
-    int ret;
-#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
-    wc_Sha512 sha[1];
-#else
-    wc_Sha512 *sha;
-#endif
-
-    if (key == NULL || (in == NULL && inLen > 0) || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    sha = &key->sha;
-    ret = ed25519_hash_reset(key);
-#else
-    ret = ed25519_hash_init(key, sha);
-#endif
-    if (ret < 0)
-        return ret;
-
-    ret = ed25519_hash_update(key, sha, in, inLen);
-    if (ret == 0)
-        ret = ed25519_hash_final(key, sha, hash);
-
-#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
-    ed25519_hash_free(key, sha);
-#endif
-
-    return ret;
-}
-
-#ifdef HAVE_ED25519_MAKE_KEY
-#if FIPS_VERSION3_GE(6,0,0)
-/* Performs a Pairwise Consistency Test on an Ed25519 key pair.
- *
- * @param [in] key  Ed25519 key to test.
- * @param [in] rng  Random number generator to use to create random digest.
- * @return  0 on success.
- * @return  ECC_PCT_E when signing or verification fail.
- * @return  Other -ve when random number generation fails.
- */
-static int ed25519_pairwise_consistency_test(ed25519_key* key, WC_RNG* rng)
-{
-    int err = 0;
-    byte digest[WC_SHA512_DIGEST_SIZE];
-    word32 digestLen = WC_SHA512_DIGEST_SIZE;
-    byte sig[ED25519_SIG_SIZE];
-    word32 sigLen = ED25519_SIG_SIZE;
-    int res = 0;
-
-    /* Generate a random digest to sign. */
-    err = wc_RNG_GenerateBlock(rng, digest, digestLen);
-    if (err == 0) {
-        /* Sign digest without context. */
-        err = wc_ed25519_sign_msg_ex(digest, digestLen, sig, &sigLen, key,
-            (byte)Ed25519, NULL, 0);
-        if (err != 0) {
-            /* Any sign failure means test failed. */
-            err = ECC_PCT_E;
-        }
-    }
-    if (err == 0) {
-        /* Verify digest without context. */
-        err = wc_ed25519_verify_msg_ex(sig, sigLen, digest, digestLen, &res,
-            key, (byte)Ed25519, NULL, 0);
-        if (err != 0) {
-            /* Any verification operation failure means test failed. */
-            err = ECC_PCT_E;
-        }
-        /* Check whether the signature verified. */
-        else if (res == 0) {
-            /* Test failed. */
-            err = ECC_PCT_E;
-        }
-    }
-
-    ForceZero(sig, sigLen);
-
-    return err;
-}
-#endif
-
-int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
-                           word32 pubKeySz)
-{
-    int   ret = 0;
-    ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
-#if !defined(FREESCALE_LTC_ECC)
-    ge_p3 A;
-#endif
-
-    if (key == NULL || pubKey == NULL || pubKeySz != ED25519_PUB_KEY_SIZE)
-        ret = BAD_FUNC_ARG;
-
-    if ((ret == 0) && (!key->privKeySet)) {
-        ret = ECC_PRIV_KEY_E;
-    }
-
-    if (ret == 0)
-        ret = ed25519_hash(key, key->k, ED25519_KEY_SIZE, az);
-    if (ret == 0) {
-        /* apply clamp */
-        az[0]  &= 248;
-        az[31] &= 63; /* same than az[31] &= 127 because of az[31] |= 64 */
-        az[31] |= 64;
-
-    #ifdef FREESCALE_LTC_ECC
-        ltc_pkha_ecc_point_t publicKey = {0};
-        publicKey.X = key->pointX;
-        publicKey.Y = key->pointY;
-        LTC_PKHA_Ed25519_PointMul(LTC_PKHA_Ed25519_BasePoint(), az,
-            ED25519_KEY_SIZE, &publicKey, kLTC_Ed25519 /* result on Ed25519 */);
-        LTC_PKHA_Ed25519_Compress(&publicKey, pubKey);
-    #else
-        ge_scalarmult_base(&A, az);
-        ge_p3_tobytes(pubKey, &A);
-    #endif
-
-        key->pubKeySet = 1;
-    }
-
-    return ret;
-}
-
-/* generate an ed25519 key pair.
- * returns 0 on success
- */
-int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key)
-{
-    int ret;
-
-    if (rng == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    /* ed25519 has 32 byte key sizes */
-    if (keySz != ED25519_KEY_SIZE)
-        return BAD_FUNC_ARG;
-
-    key->privKeySet = 0;
-    key->pubKeySet = 0;
-
-#ifdef WOLF_CRYPTO_CB
-    if (key->devId != INVALID_DEVID) {
-        ret = wc_CryptoCb_Ed25519Gen(rng, keySz, key);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    ret = wc_RNG_GenerateBlock(rng, key->k, ED25519_KEY_SIZE);
-    if (ret != 0)
-        return ret;
-
-    key->privKeySet = 1;
-    ret = wc_ed25519_make_public(key, key->p, ED25519_PUB_KEY_SIZE);
-    if (ret != 0) {
-        key->privKeySet = 0;
-        ForceZero(key->k, ED25519_KEY_SIZE);
-        return ret;
-    }
-
-    /* put public key after private key, on the same buffer */
-    XMEMMOVE(key->k + ED25519_KEY_SIZE, key->p, ED25519_PUB_KEY_SIZE);
-
-#if FIPS_VERSION3_GE(6,0,0)
-    ret = wc_ed25519_check_key(key);
-    if (ret == 0) {
-        ret = ed25519_pairwise_consistency_test(key, rng);
-    }
-#endif
-
-    return ret;
-}
-#endif /* HAVE_ED25519_MAKE_KEY */
-
-
-#ifdef HAVE_ED25519_SIGN
-/*
-    in          contains the message to sign
-    inLen       is the length of the message to sign
-    out         is the buffer to write the signature
-    outLen      [in/out] input size of out buf
-                          output gets set as the final length of out
-    key         is the ed25519 key to use when signing
-    type        one of Ed25519, Ed25519ctx or Ed25519ph
-    context     extra signing data
-    contextLen  length of extra signing data
-    return 0 on success
- */
-int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
-                            word32 *outLen, ed25519_key* key, byte type,
-                            const byte* context, byte contextLen)
-{
-    int    ret;
-#ifdef WOLFSSL_SE050
-    (void)context;
-    (void)contextLen;
-    (void)type;
-    ret = se050_ed25519_sign_msg(in, inLen, out, outLen, key);
-#else
-#ifdef FREESCALE_LTC_ECC
-    ALIGN16 byte tempBuf[ED25519_PRV_KEY_SIZE];
-    ltc_pkha_ecc_point_t ltcPoint = {0};
-#else
-    ge_p3  R;
-#endif
-    ALIGN16 byte nonce[WC_SHA512_DIGEST_SIZE];
-    ALIGN16 byte hram[WC_SHA512_DIGEST_SIZE];
-    ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
-#ifdef WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
-    byte orig_k[ED25519_KEY_SIZE];
-#endif
-
-    /* sanity check on arguments */
-    if (in == NULL || out == NULL || outLen == NULL || key == NULL ||
-                                         (context == NULL && contextLen != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (key->devId != INVALID_DEVID) {
-        ret = wc_CryptoCb_Ed25519Sign(in, inLen, out, outLen, key, type,
-            context, contextLen);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-    if (!key->pubKeySet)
-        return BAD_FUNC_ARG;
-
-    /* check and set up out length */
-    if (*outLen < ED25519_SIG_SIZE) {
-        *outLen = ED25519_SIG_SIZE;
-        return BUFFER_E;
-    }
-    *outLen = ED25519_SIG_SIZE;
-
-#ifdef WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
-    XMEMCPY(orig_k, key->k, ED25519_KEY_SIZE);
-#endif
-
-    /* step 1: create nonce to use where nonce is r in
-       r = H(h_b, ... ,h_2b-1,M) */
-    ret = ed25519_hash(key, key->k, ED25519_KEY_SIZE, az);
-    if (ret != 0)
-        return ret;
-
-    /* apply clamp */
-    az[0]  &= 248;
-    az[31] &= 63; /* same than az[31] &= 127 because of az[31] |= 64 */
-    az[31] |= 64;
-
-    {
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-        wc_Sha512 *sha = &key->sha;
-#else
-        wc_Sha512 sha[1];
-        ret = ed25519_hash_init(key, sha);
-        if (ret < 0) {
-            return ret;
-        }
-#endif
-
-        if (type == Ed25519ctx || type == Ed25519ph) {
-            ret = ed25519_hash_update(key, sha, ed25519Ctx, ED25519CTX_SIZE);
-            if (ret == 0)
-                ret = ed25519_hash_update(key, sha, &type, sizeof(type));
-            if (ret == 0)
-                ret = ed25519_hash_update(key, sha, &contextLen,
-                                          sizeof(contextLen));
-            if (ret == 0 && context != NULL)
-                ret = ed25519_hash_update(key, sha, context, contextLen);
-        }
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, az + ED25519_KEY_SIZE,
-                                      ED25519_KEY_SIZE);
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, in, inLen);
-        if (ret == 0)
-            ret = ed25519_hash_final(key, sha, nonce);
-#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
-        ed25519_hash_free(key, sha);
-#endif
-    }
-
-    if (ret != 0)
-        return ret;
-
-#ifdef FREESCALE_LTC_ECC
-    ltcPoint.X = &tempBuf[0];
-    ltcPoint.Y = &tempBuf[32];
-    LTC_PKHA_sc_reduce(nonce);
-    LTC_PKHA_Ed25519_PointMul(LTC_PKHA_Ed25519_BasePoint(), nonce,
-           ED25519_KEY_SIZE, &ltcPoint, kLTC_Ed25519 /* result on Ed25519 */);
-    LTC_PKHA_Ed25519_Compress(&ltcPoint, out);
-#else
-    sc_reduce(nonce);
-
-    /* step 2: computing R = rB where rB is the scalar multiplication of
-       r and B */
-    ge_scalarmult_base(&R,nonce);
-    ge_p3_tobytes(out,&R);
-#endif
-
-    /* step 3: hash R + public key + message getting H(R,A,M) then
-       creating S = (r + H(R,A,M)a) mod l */
-    {
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-        wc_Sha512 *sha = &key->sha;
-#else
-        wc_Sha512 sha[1];
-
-        ret = ed25519_hash_init(key, sha);
-        if (ret < 0)
-            return ret;
-#endif
-
-        if (type == Ed25519ctx || type == Ed25519ph) {
-            ret = ed25519_hash_update(key, sha, ed25519Ctx, ED25519CTX_SIZE);
-            if (ret == 0)
-                ret = ed25519_hash_update(key, sha, &type, sizeof(type));
-            if (ret == 0)
-                ret = ed25519_hash_update(key, sha, &contextLen,
-                                          sizeof(contextLen));
-            if (ret == 0 && context != NULL)
-                ret = ed25519_hash_update(key, sha, context, contextLen);
-        }
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, out, ED25519_SIG_SIZE/2);
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, key->p, ED25519_PUB_KEY_SIZE);
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, in, inLen);
-        if (ret == 0)
-            ret = ed25519_hash_final(key, sha, hram);
-#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
-        ed25519_hash_free(key, sha);
-#endif
-    }
-
-    if (ret != 0)
-        return ret;
-
-#ifdef FREESCALE_LTC_ECC
-    LTC_PKHA_sc_reduce(hram);
-    LTC_PKHA_sc_muladd(out + (ED25519_SIG_SIZE/2), hram, az, nonce);
-#else
-    sc_reduce(hram);
-    sc_muladd(out + (ED25519_SIG_SIZE/2), hram, az, nonce);
-#endif
-#endif /* WOLFSSL_SE050 */
-
-#ifdef WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
-    {
-        int  i;
-        byte c = 0;
-        for (i = 0; i < ED25519_KEY_SIZE; i++) {
-            c |= key->k[i] ^ orig_k[i];
-        }
-        ret = ctMaskGT(c, 0) & SIG_VERIFY_E;
-    }
-#endif
-
-    return ret;
-}
-
-/*
-    in     contains the message to sign
-    inLen  is the length of the message to sign
-    out    is the buffer to write the signature
-    outLen [in/out] input size of out buf
-                     output gets set as the final length of out
-    key    is the ed25519 key to use when signing
-    return 0 on success
- */
-int wc_ed25519_sign_msg(const byte* in, word32 inLen, byte* out,
-                        word32 *outLen, ed25519_key* key)
-{
-    return wc_ed25519_sign_msg_ex(in, inLen, out, outLen, key, (byte)Ed25519,
-        NULL, 0);
-}
-
-/*
-    in          contains the message to sign
-    inLen       is the length of the message to sign
-    out         is the buffer to write the signature
-    outLen      [in/out] input size of out buf
-                          output gets set as the final length of out
-    key         is the ed25519 key to use when signing
-    context     extra signing data
-    contextLen  length of extra signing data
-    return 0 on success
- */
-int wc_ed25519ctx_sign_msg(const byte* in, word32 inLen, byte* out,
-                           word32 *outLen, ed25519_key* key,
-                           const byte* context, byte contextLen)
-{
-    return wc_ed25519_sign_msg_ex(in, inLen, out, outLen, key, Ed25519ctx,
-                                                           context, contextLen);
-}
-
-/*
-    hash        contains the SHA-512 hash of the message to sign
-    hashLen     is the length of the SHA-512 hash of the message to sign
-    out         is the buffer to write the signature
-    outLen      [in/out] input size of out buf
-                          output gets set as the final length of out
-    key         is the ed25519 key to use when signing
-    context     extra signing data
-    contextLen  length of extra signing data
-    return 0 on success
- */
-int wc_ed25519ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
-                           word32 *outLen, ed25519_key* key,
-                           const byte* context, byte contextLen)
-{
-    return wc_ed25519_sign_msg_ex(hash, hashLen, out, outLen, key, Ed25519ph,
-                                                           context, contextLen);
-}
-
-/*
-    in          contains the message to sign
-    inLen       is the length of the message to sign
-    out         is the buffer to write the signature
-    outLen      [in/out] input size of out buf
-                          output gets set as the final length of out
-    key         is the ed25519 key to use when signing
-    context     extra signing data
-    contextLen  length of extra signing data
-    return 0 on success
- */
-int wc_ed25519ph_sign_msg(const byte* in, word32 inLen, byte* out,
-                          word32 *outLen, ed25519_key* key,
-                          const byte* context, byte contextLen)
-{
-    int  ret;
-    byte hash[WC_SHA512_DIGEST_SIZE];
-
-    ret = ed25519_hash(key, in, inLen, hash);
-    if (ret != 0)
-        return ret;
-
-    return wc_ed25519_sign_msg_ex(hash, sizeof(hash), out, outLen, key,
-                                                Ed25519ph, context, contextLen);
-}
-#endif /* HAVE_ED25519_SIGN */
-
-#ifdef HAVE_ED25519_VERIFY
-#ifndef WOLFSSL_SE050
-
-#ifdef WOLFSSL_CHECK_VER_FAULTS
-static const byte sha512_empty[] = {
-    0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd,
-    0xf1, 0x54, 0x28, 0x50, 0xd6, 0x6d, 0x80, 0x07,
-    0xd6, 0x20, 0xe4, 0x05, 0x0b, 0x57, 0x15, 0xdc,
-    0x83, 0xf4, 0xa9, 0x21, 0xd3, 0x6c, 0xe9, 0xce,
-    0x47, 0xd0, 0xd1, 0x3c, 0x5d, 0x85, 0xf2, 0xb0,
-    0xff, 0x83, 0x18, 0xd2, 0x87, 0x7e, 0xec, 0x2f,
-    0x63, 0xb9, 0x31, 0xbd, 0x47, 0x41, 0x7a, 0x81,
-    0xa5, 0x38, 0x32, 0x7a, 0xf9, 0x27, 0xda, 0x3e
-};
-
-/* sanity check that hash operation happened
- * returns 0 on success */
-static int ed25519_hash_check(ed25519_key* key, byte* h)
-{
-    (void)key; /* passing in key in case other hash algroithms are used */
-
-    if (XMEMCMP(h, sha512_empty, WC_SHA512_DIGEST_SIZE) != 0) {
-        return 0;
-    }
-    else {
-        return BAD_STATE_E;
-    }
-}
-#endif
-
-
-/*
-   sig        is array of bytes containing the signature
-   sigLen     is the length of sig byte array
-   key        Ed25519 public key
-   return     0 on success
-   type       variant to use -- Ed25519, Ed25519ctx, or Ed25519ph
-   context    extra signing data
-   contextLen length of extra signing data
-*/
-static int ed25519_verify_msg_init_with_sha(const byte* sig, word32 sigLen,
-                                            ed25519_key* key, wc_Sha512 *sha,
-                                            byte type, const byte* context,
-                                            byte contextLen)
-{
-    int ret;
-
-    /* sanity check on arguments */
-    if (sig == NULL || key == NULL ||
-        (context == NULL && contextLen != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* check on basics needed to verify signature */
-    if (sigLen != ED25519_SIG_SIZE || (sig[ED25519_SIG_SIZE-1] & 224))
-        return BAD_FUNC_ARG;
-
-    /* find H(R,A,M) and store it as h */
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    ret = ed25519_hash_reset(key);
-    if (ret != 0)
-        return ret;
-#else
-    ret = 0;
-#endif
-
-    if (type == Ed25519ctx || type == Ed25519ph) {
-        ret = ed25519_hash_update(key, sha, ed25519Ctx, ED25519CTX_SIZE);
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, &type, sizeof(type));
-        if (ret == 0)
-            ret = ed25519_hash_update(key, sha, &contextLen, sizeof(contextLen));
-        if (ret == 0 && context != NULL)
-            ret = ed25519_hash_update(key, sha, context, contextLen);
-    }
-    if (ret == 0)
-        ret = ed25519_hash_update(key, sha, sig, ED25519_SIG_SIZE/2);
-
-#ifdef WOLFSSL_CHECK_VER_FAULTS
-    /* sanity check that hash operation happened */
-    if (ret == 0) {
-        byte h[WC_MAX_DIGEST_SIZE];
-
-        ret = wc_Sha512GetHash(sha, h);
-        if (ret == 0) {
-            ret = ed25519_hash_check(key, h);
-            if (ret != 0) {
-                WOLFSSL_MSG("Unexpected initial state of hash found");
-            }
-        }
-    }
-#endif
-
-    if (ret == 0)
-        ret = ed25519_hash_update(key, sha, key->p, ED25519_PUB_KEY_SIZE);
-
-    return ret;
-}
-
-/*
-   msgSegment     an array of bytes containing a message segment
-   msgSegmentLen  length of msgSegment
-   key            Ed25519 public key
-   return         0 on success
-*/
-static int ed25519_verify_msg_update_with_sha(const byte* msgSegment,
-                                              word32 msgSegmentLen,
-                                              ed25519_key* key,
-                                              wc_Sha512 *sha) {
-    /* sanity check on arguments */
-    if (msgSegment == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    return ed25519_hash_update(key, sha, msgSegment, msgSegmentLen);
-}
-
-/* ed25519 order in little endian. */
-static const byte ed25519_order[] = {
-    0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
-    0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10
-};
-
-/*
-   sig     is array of bytes containing the signature
-   sigLen  is the length of sig byte array
-   res     will be 1 on successful verify and 0 on unsuccessful
-   key     Ed25519 public key
-   return  0 and res of 1 on success
-*/
-static int ed25519_verify_msg_final_with_sha(const byte* sig, word32 sigLen,
-                                             int* res, ed25519_key* key,
-                                             wc_Sha512 *sha)
-{
-    ALIGN16 byte rcheck[ED25519_KEY_SIZE];
-    ALIGN16 byte h[WC_SHA512_DIGEST_SIZE];
-#ifndef FREESCALE_LTC_ECC
-    ge_p3  A;
-    ge_p2  R;
-#endif
-    int    ret;
-    int    i;
-
-    /* sanity check on arguments */
-    if (sig == NULL || res == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    /* set verification failed by default */
-    *res = 0;
-
-    /* check on basics needed to verify signature */
-    if (sigLen != ED25519_SIG_SIZE)
-        return BAD_FUNC_ARG;
-    /* S is not larger or equal to the order:
-     *     2^252 + 0x14def9dea2f79cd65812631a5cf5d3ed
-     *   = 0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed
-     */
-
-    /* Check S is not larger than or equal to order. */
-    for (i = (int)sizeof(ed25519_order) - 1; i >= 0; i--) {
-        /* Bigger than order. */
-        if (sig[ED25519_SIG_SIZE/2 + i] > ed25519_order[i])
-            return BAD_FUNC_ARG;
-        /* Less than order. */
-        if (sig[ED25519_SIG_SIZE/2 + i] < ed25519_order[i])
-            break;
-    }
-    /* Check equal - all bytes match. */
-    if (i == -1)
-        return BAD_FUNC_ARG;
-
-    /* uncompress A (public key), test if valid, and negate it */
-#ifndef FREESCALE_LTC_ECC
-    if (ge_frombytes_negate_vartime(&A, key->p) != 0)
-        return BAD_FUNC_ARG;
-#endif
-
-    /* find H(R,A,M) and store it as h */
-
-    ret = ed25519_hash_final(key, sha, h);
-    if (ret != 0)
-        return ret;
-
-#ifdef FREESCALE_LTC_ECC
-    ret = LTC_PKHA_sc_reduce(h);
-    if (ret != kStatus_Success)
-        return ret;
-    ret = LTC_PKHA_SignatureForVerify(rcheck, h, sig + (ED25519_SIG_SIZE/2), key);
-    if (ret != kStatus_Success)
-        return ret;
-#else
-    sc_reduce(h);
-
-    /*
-       Uses a fast single-signature verification SB = R + H(R,A,M)A becomes
-       SB - H(R,A,M)A saving decompression of R
-    */
-    ret = ge_double_scalarmult_vartime(&R, h, &A, sig + (ED25519_SIG_SIZE/2));
-    if (ret != 0)
-        return ret;
-
-    ge_tobytes(rcheck, &R);
-#endif /* FREESCALE_LTC_ECC */
-
-    /* comparison of R created to R in sig */
-    ret = ConstantCompare(rcheck, sig, ED25519_SIG_SIZE/2);
-    if (ret != 0) {
-        ret = SIG_VERIFY_E;
-    }
-
-#ifdef WOLFSSL_CHECK_VER_FAULTS
-    /* redundant comparison as sanity check that first one happened */
-    if (ret == 0 && ConstantCompare(rcheck, sig, ED25519_SIG_SIZE/2) != 0) {
-        ret = SIG_VERIFY_E;
-    }
-#endif
-
-    if (ret == 0) {
-        /* set the verification status */
-        *res = 1;
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_SE050 */
-
-#if defined(WOLFSSL_ED25519_STREAMING_VERIFY) && !defined(WOLFSSL_SE050)
-
-int wc_ed25519_verify_msg_init(const byte* sig, word32 sigLen, ed25519_key* key,
-                               byte type, const byte* context, byte contextLen) {
-    return ed25519_verify_msg_init_with_sha(sig, sigLen, key, &key->sha,
-                                        type, context, contextLen);
-}
-
-int wc_ed25519_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen,
-                                        ed25519_key* key) {
-    return ed25519_verify_msg_update_with_sha(msgSegment, msgSegmentLen,
-                                          key, &key->sha);
-}
-
-int wc_ed25519_verify_msg_final(const byte* sig, word32 sigLen, int* res,
-                                ed25519_key* key) {
-    return ed25519_verify_msg_final_with_sha(sig, sigLen, res,
-                                         key, &key->sha);
-}
-
-#endif /* WOLFSSL_ED25519_STREAMING_VERIFY && !WOLFSSL_SE050 */
-
-/*
-   sig     is array of bytes containing the signature
-   sigLen  is the length of sig byte array
-   msg     the array of bytes containing the message
-   msgLen  length of msg array
-   res     will be 1 on successful verify and 0 on unsuccessful
-   key     Ed25519 public key
-   return  0 and res of 1 on success
-*/
-int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
-                              word32 msgLen, int* res, ed25519_key* key,
-                              byte type, const byte* context, byte contextLen)
-{
-    int ret;
-#ifdef WOLFSSL_SE050
-    (void)type;
-    (void)context;
-    (void)contextLen;
-    (void)ed25519Ctx;
-    ret = se050_ed25519_verify_msg(sig, sigLen, msg, msgLen, key, res);
-#else
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    wc_Sha512 *sha;
-#else
-    wc_Sha512 sha[1];
-#endif
-
-    /* sanity check on arguments */
-    if (sig == NULL || msg == NULL || res == NULL || key == NULL ||
-                                         (context == NULL && contextLen != 0))
-        return BAD_FUNC_ARG;
-
-#ifdef WOLF_CRYPTO_CB
-    if (key->devId != INVALID_DEVID) {
-        ret = wc_CryptoCb_Ed25519Verify(sig, sigLen, msg, msgLen, res, key,
-            type, context, contextLen);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    sha = &key->sha;
-#else
-    ret = ed25519_hash_init(key, sha);
-    if (ret < 0) {
-        return ret;
-    }
-#endif /* WOLFSSL_ED25519_PERSISTENT_SHA */
-
-    ret = ed25519_verify_msg_init_with_sha(sig, sigLen, key, sha, type, context,
-        contextLen);
-    if (ret == 0)
-        ret = ed25519_verify_msg_update_with_sha(msg, msgLen, key, sha);
-    if (ret == 0)
-        ret = ed25519_verify_msg_final_with_sha(sig, sigLen, res, key, sha);
-
-#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
-    ed25519_hash_free(key, sha);
-#endif
-#endif /* WOLFSSL_SE050 */
-    return ret;
-}
-
-/*
-   sig     is array of bytes containing the signature
-   sigLen  is the length of sig byte array
-   msg     the array of bytes containing the message
-   msgLen  length of msg array
-   res     will be 1 on successful verify and 0 on unsuccessful
-   key     Ed25519 public key
-   return  0 and res of 1 on success
-*/
-int wc_ed25519_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                          word32 msgLen, int* res, ed25519_key* key)
-{
-    return wc_ed25519_verify_msg_ex(sig, sigLen, msg, msgLen, res, key,
-                                    (byte)Ed25519, NULL, 0);
-}
-
-/*
-   sig         is array of bytes containing the signature
-   sigLen      is the length of sig byte array
-   msg         the array of bytes containing the message
-   msgLen      length of msg array
-   res         will be 1 on successful verify and 0 on unsuccessful
-   key         Ed25519 public key
-   context     extra signing data
-   contextLen  length of extra signing data
-   return  0 and res of 1 on success
-*/
-int wc_ed25519ctx_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                             word32 msgLen, int* res, ed25519_key* key,
-                             const byte* context, byte contextLen)
-{
-    return wc_ed25519_verify_msg_ex(sig, sigLen, msg, msgLen, res, key,
-                                    Ed25519ctx, context, contextLen);
-}
-
-/*
-   sig         is array of bytes containing the signature
-   sigLen      is the length of sig byte array
-   hash        the array of bytes containing the SHA-512 hash of the message
-   hashLen     length of hash array
-   res         will be 1 on successful verify and 0 on unsuccessful
-   key         Ed25519 public key
-   context     extra signing data
-   contextLen  length of extra signing data
-   return  0 and res of 1 on success
-*/
-int wc_ed25519ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
-                             word32 hashLen, int* res, ed25519_key* key,
-                             const byte* context, byte contextLen)
-{
-    return wc_ed25519_verify_msg_ex(sig, sigLen, hash, hashLen, res, key,
-                                    Ed25519ph, context, contextLen);
-}
-
-/*
-   sig         is array of bytes containing the signature
-   sigLen      is the length of sig byte array
-   msg         the array of bytes containing the message
-   msgLen      length of msg array
-   res         will be 1 on successful verify and 0 on unsuccessful
-   key         Ed25519 public key
-   context     extra signing data
-   contextLen  length of extra signing data
-   return  0 and res of 1 on success
-*/
-int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                            word32 msgLen, int* res, ed25519_key* key,
-                            const byte* context, byte contextLen)
-{
-    int  ret;
-    byte hash[WC_SHA512_DIGEST_SIZE];
-
-    ret = ed25519_hash(key, msg, msgLen, hash);
-    if (ret != 0)
-        return ret;
-
-    return wc_ed25519_verify_msg_ex(sig, sigLen, hash, sizeof(hash), res, key,
-                                    Ed25519ph, context, contextLen);
-}
-#endif /* HAVE_ED25519_VERIFY */
-
-#ifndef WC_NO_CONSTRUCTORS
-ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code)
-{
-    int ret;
-    ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap,
-                        DYNAMIC_TYPE_ED25519);
-    if (key == NULL) {
-        ret = MEMORY_E;
-    }
-    else {
-        ret = wc_ed25519_init_ex(key, heap, devId);
-        if (ret != 0) {
-            XFREE(key, heap, DYNAMIC_TYPE_ED25519);
-            key = NULL;
-        }
-    }
-
-    if (result_code != NULL)
-        *result_code = ret;
-
-    return key;
-}
-
-int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p) {
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-    wc_ed25519_free(key);
-    XFREE(key, key->heap, DYNAMIC_TYPE_ED25519);
-    if (key_p != NULL)
-        *key_p = NULL;
-    return 0;
-}
-#endif /* !WC_NO_CONSTRUCTORS */
-
-/* initialize information and memory for key */
-int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    /* for init, ensure the key is zeroed*/
-    XMEMSET(key, 0, sizeof(ed25519_key));
-
-#ifdef WOLF_CRYPTO_CB
-    key->devId = devId;
-#else
-    (void)devId;
-#endif
-    key->heap = heap;
-
-#ifndef FREESCALE_LTC_ECC
-    fe_init();
-#endif
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("wc_ed25519_init_ex key->k", &key->k, sizeof(key->k));
-#endif
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    return ed25519_hash_init(key, &key->sha);
-#else /* !WOLFSSL_ED25519_PERSISTENT_SHA */
-    return 0;
-#endif /* WOLFSSL_ED25519_PERSISTENT_SHA */
-}
-
-int wc_ed25519_init(ed25519_key* key)
-{
-    return wc_ed25519_init_ex(key, NULL, INVALID_DEVID);
-}
-
-/* clear memory of key */
-void wc_ed25519_free(ed25519_key* key)
-{
-    if (key == NULL)
-        return;
-
-#ifdef WOLFSSL_ED25519_PERSISTENT_SHA
-    ed25519_hash_free(key, &key->sha);
-#endif
-
-#ifdef WOLFSSL_SE050
-#ifdef WOLFSSL_SE050_AUTO_ERASE
-    wc_se050_erase_object(key->keyId);
-#endif
-    se050_ed25519_free_key(key);
-#endif
-
-    ForceZero(key, sizeof(ed25519_key));
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(key, sizeof(ed25519_key));
-#endif
-}
-
-
-#ifdef HAVE_ED25519_KEY_EXPORT
-
-/*
-    outLen should contain the size of out buffer when input. outLen is than set
-    to the final output length.
-    returns 0 on success
- */
-int wc_ed25519_export_public(const ed25519_key* key, byte* out, word32* outLen)
-{
-    /* sanity check on arguments */
-    if (key == NULL || out == NULL || outLen == NULL)
-        return BAD_FUNC_ARG;
-
-    if (*outLen < ED25519_PUB_KEY_SIZE) {
-        *outLen = ED25519_PUB_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    *outLen = ED25519_PUB_KEY_SIZE;
-    XMEMCPY(out, key->p, ED25519_PUB_KEY_SIZE);
-
-    return 0;
-}
-
-#endif /* HAVE_ED25519_KEY_EXPORT */
-
-
-#ifdef HAVE_ED25519_KEY_IMPORT
-/*
-    Imports a compressed/uncompressed public key.
-    in       the byte array containing the public key
-    inLen    the length of the byte array being passed in
-    key      ed25519 key struct to put the public key in
-    trusted  whether the public key is trusted to match private key if set
- */
-int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
-    int trusted)
-{
-    int ret = 0;
-
-    /* sanity check on arguments */
-    if (in == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    if (inLen < ED25519_PUB_KEY_SIZE)
-        return BAD_FUNC_ARG;
-
-    /* compressed prefix according to draft
-       http://www.ietf.org/id/draft-koch-eddsa-for-openpgp-02.txt */
-    if (in[0] == 0x40 && inLen == ED25519_PUB_KEY_SIZE + 1) {
-        /* key is stored in compressed format so just copy in */
-        XMEMCPY(key->p, (in + 1), ED25519_PUB_KEY_SIZE);
-#ifdef FREESCALE_LTC_ECC
-        /* recover X coordinate */
-        ltc_pkha_ecc_point_t pubKey;
-        pubKey.X = key->pointX;
-        pubKey.Y = key->pointY;
-        LTC_PKHA_Ed25519_PointDecompress(key->p, ED25519_PUB_KEY_SIZE, &pubKey);
-#endif
-    }
-    /* importing uncompressed public key */
-    else if (in[0] == 0x04 && inLen > 2*ED25519_PUB_KEY_SIZE) {
-#ifdef FREESCALE_LTC_ECC
-        /* reverse bytes for little endian byte order */
-        for (int i = 0; i < ED25519_KEY_SIZE; i++)
-        {
-            key->pointX[i] = *(in + ED25519_KEY_SIZE - i);
-            key->pointY[i] = *(in + 2*ED25519_KEY_SIZE - i);
-        }
-        XMEMCPY(key->p, key->pointY, ED25519_KEY_SIZE);
-#else
-        /* pass in (x,y) and store compressed key */
-        ret = ge_compress_key(key->p, in+1,
-                              in+1+ED25519_PUB_KEY_SIZE, ED25519_PUB_KEY_SIZE);
-#endif /* FREESCALE_LTC_ECC */
-    }
-    /* if not specified compressed or uncompressed check key size
-       if key size is equal to compressed key size copy in key */
-    else if (inLen == ED25519_PUB_KEY_SIZE) {
-        XMEMCPY(key->p, in, ED25519_PUB_KEY_SIZE);
-#ifdef FREESCALE_LTC_ECC
-        /* recover X coordinate */
-        ltc_pkha_ecc_point_t pubKey;
-        pubKey.X = key->pointX;
-        pubKey.Y = key->pointY;
-        LTC_PKHA_Ed25519_PointDecompress(key->p, ED25519_PUB_KEY_SIZE, &pubKey);
-#endif
-    }
-    else {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        key->pubKeySet = 1;
-        if (!trusted) {
-            ret = wc_ed25519_check_key(key);
-        }
-    }
-    if (ret != 0) {
-        key->pubKeySet = 0;
-    }
-
-    /* bad public key format */
-    return ret;
-}
-
-/*
-    Imports a compressed/uncompressed public key.
-    in    the byte array containing the public key
-    inLen the length of the byte array being passed in
-    key   ed25519 key struct to put the public key in
- */
-int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key)
-{
-    return wc_ed25519_import_public_ex(in, inLen, key, 0);
-}
-
-/*
-    For importing a private key.
- */
-int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
-                                                               ed25519_key* key)
-{
-    int ret = 0;
-
-    /* sanity check on arguments */
-    if (priv == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    /* key size check */
-    if (privSz != ED25519_KEY_SIZE)
-        return BAD_FUNC_ARG;
-
-    XMEMCPY(key->k, priv, ED25519_KEY_SIZE);
-    key->privKeySet = 1;
-
-    if (key->pubKeySet) {
-        /* Validate loaded public key */
-        ret = wc_ed25519_check_key(key);
-    }
-    if (ret != 0) {
-        key->privKeySet = 0;
-        ForceZero(key->k, ED25519_KEY_SIZE);
-    }
-
-    return ret;
-}
-
-
-/* Import an ed25519 private and public keys from byte array(s).
- *
- * priv     [in]  Array holding private key from
- *                wc_ed25519_export_private_only(), or private+public keys from
- *                wc_ed25519_export_private().
- * privSz   [in]  Number of bytes of data in private key array.
- * pub      [in]  Array holding public key (or NULL).
- * pubSz    [in]  Number of bytes of data in public key array (or 0).
- * key      [in]  Ed25519 private/public key.
- * trusted  [in]  Indicates whether the public key data is trusted.
- *                When 0, checks public key matches private key.
- *                When 1, doesn't check public key matches private key.
- * returns BAD_FUNC_ARG when a required parameter is NULL or an invalid
- *         combination of keys/lengths is supplied, 0 otherwise.
- */
-int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
-    const byte* pub, word32 pubSz, ed25519_key* key, int trusted)
-{
-    int ret;
-
-    /* sanity check on arguments */
-    if (priv == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    /* key size check */
-    if (privSz != ED25519_KEY_SIZE && privSz != ED25519_PRV_KEY_SIZE)
-        return BAD_FUNC_ARG;
-
-    if (pub == NULL) {
-        if (pubSz != 0)
-            return BAD_FUNC_ARG;
-        if (privSz != ED25519_PRV_KEY_SIZE)
-            return BAD_FUNC_ARG;
-        pub = priv + ED25519_KEY_SIZE;
-        pubSz = ED25519_PUB_KEY_SIZE;
-    }
-    else if (pubSz < ED25519_PUB_KEY_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(key->k, priv, ED25519_KEY_SIZE);
-    key->privKeySet = 1;
-
-    /* import public key */
-    ret = wc_ed25519_import_public_ex(pub, pubSz, key, trusted);
-    if (ret != 0) {
-        key->privKeySet = 0;
-        ForceZero(key->k, ED25519_KEY_SIZE);
-        return ret;
-    }
-
-    /* make the private key (priv + pub) */
-    XMEMCPY(key->k + ED25519_KEY_SIZE, key->p, ED25519_PUB_KEY_SIZE);
-
-    return ret;
-}
-
-/* Import an ed25519 private and public keys from byte array(s).
- *
- * priv    [in]  Array holding private key from wc_ed25519_export_private_only(),
- *               or private+public keys from wc_ed25519_export_private().
- * privSz  [in]  Number of bytes of data in private key array.
- * pub     [in]  Array holding public key (or NULL).
- * pubSz   [in]  Number of bytes of data in public key array (or 0).
- * key     [in]  Ed25519 private/public key.
- * returns BAD_FUNC_ARG when a required parameter is NULL or an invalid
- *         combination of keys/lengths is supplied, 0 otherwise.
- */
-int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
-    const byte* pub, word32 pubSz, ed25519_key* key)
-{
-    return wc_ed25519_import_private_key_ex(priv, privSz, pub, pubSz, key, 0);
-}
-#endif /* HAVE_ED25519_KEY_IMPORT */
-
-
-#ifdef HAVE_ED25519_KEY_EXPORT
-
-/*
- export private key only (secret part so 32 bytes)
- outLen should contain the size of out buffer when input. outLen is than set
- to the final output length.
- returns 0 on success
- */
-int wc_ed25519_export_private_only(const ed25519_key* key, byte* out, word32* outLen)
-{
-    /* sanity checks on arguments */
-    if (key == NULL || out == NULL || outLen == NULL)
-        return BAD_FUNC_ARG;
-
-    if (*outLen < ED25519_KEY_SIZE) {
-        *outLen = ED25519_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    *outLen = ED25519_KEY_SIZE;
-    XMEMCPY(out, key->k, ED25519_KEY_SIZE);
-
-    return 0;
-}
-
-/*
- export private key, including public part
- outLen should contain the size of out buffer when input. outLen is than set
- to the final output length.
- returns 0 on success
- */
-int wc_ed25519_export_private(const ed25519_key* key, byte* out, word32* outLen)
-{
-    /* sanity checks on arguments */
-    if (key == NULL || out == NULL || outLen == NULL)
-        return BAD_FUNC_ARG;
-
-    if (*outLen < ED25519_PRV_KEY_SIZE) {
-        *outLen = ED25519_PRV_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    *outLen = ED25519_PRV_KEY_SIZE;
-    XMEMCPY(out, key->k, ED25519_PRV_KEY_SIZE);
-
-    return 0;
-}
-
-/* export full private key and public key
-   return 0 on success
- */
-int wc_ed25519_export_key(const ed25519_key* key,
-                          byte* priv, word32 *privSz,
-                          byte* pub, word32 *pubSz)
-{
-    int ret;
-
-    /* export 'full' private part */
-    ret = wc_ed25519_export_private(key, priv, privSz);
-    if (ret != 0)
-        return ret;
-
-    /* export public part */
-    ret = wc_ed25519_export_public(key, pub, pubSz);
-
-    return ret;
-}
-
-#endif /* HAVE_ED25519_KEY_EXPORT */
-
-/* Check the public key is valid.
- *
- * When private key available, check the calculated public key matches.
- * When no private key, check Y is in range and an X is able to be calculated.
- *
- * @param [in] key  Ed25519 private/public key.
- * @return  0 otherwise.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  PUBLIC_KEY_E when the public key is not set, doesn't match or is
- *          invalid.
- * @return  other -ve value on hash failure.
- */
-int wc_ed25519_check_key(ed25519_key* key)
-{
-    int ret = 0;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check we have a public key to check. */
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = PUBLIC_KEY_E;
-    }
-
-#ifdef HAVE_ED25519_MAKE_KEY
-    /* If we have a private key just make the public key and compare. */
-    if ((ret == 0) && (key->privKeySet)) {
-        ALIGN16 unsigned char pubKey[ED25519_PUB_KEY_SIZE];
-
-        ret = wc_ed25519_make_public(key, pubKey, sizeof(pubKey));
-        if (ret == 0 && XMEMCMP(pubKey, key->p, ED25519_PUB_KEY_SIZE) != 0)
-            ret = PUBLIC_KEY_E;
-    }
-#else
-    (void)key;
-#endif /* HAVE_ED25519_MAKE_KEY */
-
-    /* No private key (or ability to make a public key), check Y is valid. */
-    if ((ret == 0)
-#ifdef HAVE_ED25519_MAKE_KEY
-        && (!key->privKeySet)
-#endif
-        ) {
-        /* Verify that Q is not identity element 0.
-         * 0 has no representation for Ed25519. */
-
-        /* Verify that xQ and yQ are integers in the interval [0, p - 1].
-         * Only have yQ so check that ordinate. p = 2^255 - 19 */
-        if ((key->p[ED25519_PUB_KEY_SIZE - 1] & 0x7f) == 0x7f) {
-            int i;
-
-            ret = PUBLIC_KEY_E;
-            /* Check up to last byte. */
-            for (i = ED25519_PUB_KEY_SIZE - 2; i > 0; i--) {
-                if (key->p[i] != 0xff) {
-                    ret = 0;
-                    break;
-                }
-            }
-            /* Bits are all one up to last byte - check less than -19. */
-            if ((ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E)) && (key->p[0] < 0xed)) {
-                ret = 0;
-            }
-        }
-
-        if (ret == 0) {
-            /* Verify that Q is on the curve.
-             * Uncompressing the public key will validate yQ. */
-            ge_p3 A;
-
-            if (ge_frombytes_negate_vartime(&A, key->p) != 0) {
-                ret = PUBLIC_KEY_E;
-            }
-        }
-    }
-
-    return ret;
-}
-
-/* returns the private key size (secret only) in bytes */
-int wc_ed25519_size(const ed25519_key* key)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    return ED25519_KEY_SIZE;
-}
-
-/* returns the private key size (secret + public) in bytes */
-int wc_ed25519_priv_size(const ed25519_key* key)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    return ED25519_PRV_KEY_SIZE;
-}
-
-/* returns the compressed key size in bytes (public key) */
-int wc_ed25519_pub_size(const ed25519_key* key)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    return ED25519_PUB_KEY_SIZE;
-}
-
-/* returns the size of signature in bytes */
-int wc_ed25519_sig_size(const ed25519_key* key)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    return ED25519_SIG_SIZE;
-}
-
-#endif /* HAVE_ED25519 */
diff --git a/src/ssl/wolfssl/wolfcrypt/ed448.c b/src/ssl/wolfssl/wolfcrypt/ed448.c
deleted file mode 100644
index 263e5ad4b..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ed448.c
+++ /dev/null
@@ -1,1458 +0,0 @@
-/* ed448.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implemented to: RFC 8032 */
-
-/* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work.
- * Reworked for curve448 by Sean Parkinson.
- */
-
-/* Possible Ed448 enable options:
- *   WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN                               Default: OFF
- *     Check that the private key didn't change during the signing operations.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_ED448
-#if FIPS_VERSION3_GE(6,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-       #ifdef USE_WINDOWS_API
-               #pragma code_seg(".fipsA$f")
-               #pragma const_seg(".fipsB$f")
-       #endif
-#endif
-
-#include <wolfssl/wolfcrypt/ed448.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(HAVE_ED448_SIGN) || defined(HAVE_ED448_VERIFY)
-/* Size of context bytes to use with hash when signing and verifying. */
-#define ED448CTX_SIZE    8
-/* Context to pass to hash when signing and verifying. */
-static const byte ed448Ctx[ED448CTX_SIZE+1] = "SigEd448";
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_ed448_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000007 };
-    int wolfCrypt_FIPS_ED448_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-static int ed448_hash_init(ed448_key* key, wc_Shake *sha)
-{
-    int ret;
-
-    ret = wc_InitShake256(sha, key->heap,
-#if defined(WOLF_CRYPTO_CB)
-                           key->devId
-#else
-                           INVALID_DEVID
-#endif
-        );
-
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    if (ret == 0)
-        key->sha_clean_flag = 1;
-#endif
-
-    return ret;
-}
-
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-static int ed448_hash_reset(ed448_key* key)
-{
-    int ret;
-
-    if (key->sha_clean_flag)
-        ret = 0;
-    else {
-        wc_Shake256_Free(&key->sha);
-        ret = wc_InitShake256(&key->sha, key->heap,
-#if defined(WOLF_CRYPTO_CB)
-                              key->devId
-#else
-                              INVALID_DEVID
-#endif
-            );
-        if (ret == 0)
-            key->sha_clean_flag = 1;
-    }
-    return ret;
-}
-#endif /* WOLFSSL_ED448_PERSISTENT_SHA */
-
-static int ed448_hash_update(ed448_key* key, wc_Shake *sha, const byte* data,
-                             word32 len)
-{
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    if (key->sha_clean_flag)
-        key->sha_clean_flag = 0;
-#else
-    (void)key;
-#endif
-    return wc_Shake256_Update(sha, data, len);
-}
-
-static int ed448_hash_final(ed448_key* key, wc_Shake *sha, byte* hash,
-                            word32 hashLen)
-{
-    int ret = wc_Shake256_Final(sha, hash, hashLen);
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    if (ret == 0)
-        key->sha_clean_flag = 1;
-#else
-    (void)key;
-#endif
-    return ret;
-}
-
-static void ed448_hash_free(ed448_key* key, wc_Shake *sha)
-{
-    wc_Shake256_Free(sha);
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    key->sha_clean_flag = 0;
-#else
-    (void)key;
-#endif
-}
-
-
-static int ed448_hash(ed448_key* key, const byte* in, word32 inLen,
-                      byte* hash, word32 hashLen)
-{
-    int ret;
-#ifndef WOLFSSL_ED448_PERSISTENT_SHA
-    wc_Shake sha[1];
-#else
-    wc_Shake *sha;
-#endif
-
-    if (key == NULL || (in == NULL && inLen > 0) || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    sha = &key->sha;
-    ret = ed448_hash_reset(key);
-#else
-    ret = ed448_hash_init(key, sha);
-#endif
-    if (ret < 0)
-        return ret;
-
-    ret = ed448_hash_update(key, sha, in, inLen);
-    if (ret == 0)
-        ret = ed448_hash_final(key, sha, hash, hashLen);
-
-#ifndef WOLFSSL_ED448_PERSISTENT_SHA
-    ed448_hash_free(key, sha);
-#endif
-
-    return ret;
-}
-
-#if FIPS_VERSION3_GE(6,0,0)
-/* Performs a Pairwise Consistency Test on an Ed448 key pair.
- *
- * @param [in] key  Ed448 key to test.
- * @param [in] rng  Random number generator to use to create random digest.
- * @return  0 on success.
- * @return  ECC_PCT_E when signing or verification fail.
- * @return  Other -ve when random number generation fails.
- */
-static int ed448_pairwise_consistency_test(ed448_key* key, WC_RNG* rng)
-{
-    int err = 0;
-    byte digest[WC_SHA256_DIGEST_SIZE];
-    word32 digestLen = WC_SHA256_DIGEST_SIZE;
-    byte sig[ED448_SIG_SIZE];
-    word32 sigLen = ED448_SIG_SIZE;
-    int res = 0;
-
-    /* Generate a random digest to sign. */
-    err = wc_RNG_GenerateBlock(rng, digest, digestLen);
-    if (err == 0) {
-        /* Sign digest without context. */
-        err = wc_ed448_sign_msg_ex(digest, digestLen, sig, &sigLen, key, Ed448,
-            NULL, 0);
-        if (err != 0) {
-            /* Any sign failure means test failed. */
-            err = ECC_PCT_E;
-        }
-    }
-    if (err == 0) {
-        /* Verify digest without context. */
-        err = wc_ed448_verify_msg_ex(sig, sigLen, digest, digestLen, &res, key,
-            Ed448, NULL, 0);
-        if (err != 0) {
-            /* Any verification operation failure means test failed. */
-            err = ECC_PCT_E;
-        }
-        /* Check whether the signature verified. */
-        else if (res == 0) {
-            /* Test failed. */
-            err = ECC_PCT_E;
-        }
-    }
-
-    ForceZero(sig, sigLen);
-
-    return err;
-}
-#endif
-
-/* Derive the public key for the private key.
- *
- * key       [in]  Ed448 key object.
- * pubKey    [in]  Byte array to hold the public key.
- * pubKeySz  [in]  Size of the array in bytes.
- * returns BAD_FUNC_ARG when key is NULL or pubKeySz is not equal to
- *         ED448_PUB_KEY_SIZE,
- *         other -ve value on hash failure,
- *         0 otherwise.
- */
-int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey, word32 pubKeySz)
-{
-    int   ret = 0;
-    byte  az[ED448_PRV_KEY_SIZE];
-    ge448_p2 A;
-
-    if ((key == NULL) || (pubKey == NULL) || (pubKeySz != ED448_PUB_KEY_SIZE)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (!key->privKeySet)) {
-        ret = ECC_PRIV_KEY_E;
-    }
-
-    if (ret == 0)
-        ret = ed448_hash(key, key->k, ED448_KEY_SIZE, az, sizeof(az));
-
-    if (ret == 0) {
-        /* apply clamp */
-        az[0]  &= 0xfc;
-        az[55] |= 0x80;
-        az[56]  = 0x00;
-
-        ret = ge448_scalarmult_base(&A, az);
-    }
-
-    if (ret == 0) {
-        ge448_to_bytes(pubKey, &A);
-
-        key->pubKeySet = 1;
-    }
-
-    return ret;
-}
-
-/* Make a new ed448 private/public key.
- *
- * rng      [in]  Random number generator.
- * keysize  [in]  Size of the key to generate.
- * key      [in]  Ed448 key object.
- * returns BAD_FUNC_ARG when rng or key is NULL or keySz is not equal to
- *         ED448_KEY_SIZE,
- *         other -ve value on random number or hash failure,
- *         0 otherwise.
- */
-int wc_ed448_make_key(WC_RNG* rng, int keySz, ed448_key* key)
-{
-    int ret = 0;
-
-    if ((rng == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* ed448 has 57 byte key sizes */
-    if ((ret == 0) && (keySz != ED448_KEY_SIZE)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        key->pubKeySet = 0;
-        key->privKeySet = 0;
-
-        ret = wc_RNG_GenerateBlock(rng, key->k, ED448_KEY_SIZE);
-    }
-    if (ret == 0) {
-        key->privKeySet = 1;
-        ret = wc_ed448_make_public(key, key->p, ED448_PUB_KEY_SIZE);
-        if (ret != 0) {
-            key->privKeySet = 0;
-            ForceZero(key->k, ED448_KEY_SIZE);
-        }
-    }
-    if (ret == 0) {
-        /* put public key after private key, on the same buffer */
-        XMEMMOVE(key->k + ED448_KEY_SIZE, key->p, ED448_PUB_KEY_SIZE);
-
-    #if FIPS_VERSION3_GE(6,0,0)
-        ret = wc_ed448_check_key(key);
-        if (ret == 0) {
-            ret = ed448_pairwise_consistency_test(key, rng);
-        }
-    #endif
-    }
-
-    return ret;
-}
-
-#ifdef HAVE_ED448_SIGN
-/* Sign the message using the ed448 private key.
- *
- *  in          [in]      Message to sign.
- *  inLen       [in]      Length of the message in bytes.
- *  out         [in]      Buffer to write signature into.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Ed448 key to use when signing
- *  type        [in]      Type of signature to perform: Ed448 or Ed448ph
- *  context     [in]      Context of signing.
- *  contextLen  [in]      Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when outLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448_sign_msg_ex(const byte* in, word32 inLen, byte* out,
-                          word32 *outLen, ed448_key* key, byte type,
-                          const byte* context, byte contextLen)
-{
-    ge448_p2 R;
-    byte     nonce[ED448_SIG_SIZE];
-    byte     hram[ED448_SIG_SIZE];
-    byte     az[ED448_PRV_KEY_SIZE];
-    int      ret = 0;
-#ifdef WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
-    byte     orig_k[ED448_KEY_SIZE];
-#endif
-
-    /* sanity check on arguments */
-    if ((in == NULL) || (out == NULL) || (outLen == NULL) || (key == NULL) ||
-                                     ((context == NULL) && (contextLen != 0))) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* check and set up out length */
-    if ((ret == 0) && (*outLen < ED448_SIG_SIZE)) {
-        *outLen = ED448_SIG_SIZE;
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        *outLen = ED448_SIG_SIZE;
-
-#ifdef WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
-        XMEMCPY(orig_k, key->k, ED448_KEY_SIZE);
-#endif
-
-        /* step 1: create nonce to use where nonce is r in
-           r = H(h_b, ... ,h_2b-1,M) */
-        ret = ed448_hash(key, key->k, ED448_KEY_SIZE, az, sizeof(az));
-    }
-    if (ret == 0) {
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-        wc_Shake *sha = &key->sha;
-#else
-        wc_Shake sha[1];
-        ret = ed448_hash_init(key, sha);
-        if (ret < 0)
-            return ret;
-#endif
-        /* apply clamp */
-        az[0]  &= 0xfc;
-        az[55] |= 0x80;
-        az[56]  = 0x00;
-
-        ret = ed448_hash_update(key, sha, ed448Ctx, ED448CTX_SIZE);
-
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, &type, sizeof(type));
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, &contextLen, sizeof(contextLen));
-        }
-        if ((ret == 0) && (context != NULL)) {
-            ret = ed448_hash_update(key, sha, context, contextLen);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, az + ED448_KEY_SIZE, ED448_KEY_SIZE);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, in, inLen);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_final(key, sha, nonce, sizeof(nonce));
-        }
-#ifndef WOLFSSL_ED448_PERSISTENT_SHA
-        ed448_hash_free(key, sha);
-#endif
-    }
-    if (ret == 0) {
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-        wc_Shake *sha = &key->sha;
-#else
-        wc_Shake sha[1];
-        ret = ed448_hash_init(key, sha);
-        if (ret < 0)
-            return ret;
-#endif
-        sc448_reduce(nonce);
-
-        /* step 2: computing R = rB where rB is the scalar multiplication of
-           r and B */
-        ret = ge448_scalarmult_base(&R,nonce);
-
-        /* step 3: hash R + public key + message getting H(R,A,M) then
-           creating S = (r + H(R,A,M)a) mod l */
-        if (ret == 0) {
-            ge448_to_bytes(out,&R);
-
-            ret = ed448_hash_update(key, sha, ed448Ctx, ED448CTX_SIZE);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, &type, sizeof(type));
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, &contextLen, sizeof(contextLen));
-        }
-        if ((ret == 0) && (context != NULL)) {
-            ret = ed448_hash_update(key, sha, context, contextLen);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, out, ED448_SIG_SIZE/2);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, key->p, ED448_PUB_KEY_SIZE);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_update(key, sha, in, inLen);
-        }
-        if (ret == 0) {
-            ret = ed448_hash_final(key, sha, hram, sizeof(hram));
-        }
-#ifndef WOLFSSL_ED448_PERSISTENT_SHA
-        ed448_hash_free(key, sha);
-#endif
-    }
-
-    if (ret == 0) {
-        sc448_reduce(hram);
-        sc448_muladd(out + (ED448_SIG_SIZE/2), hram, az, nonce);
-    }
-
-#ifdef WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
-    if (ret == 0) {
-        int  i;
-        byte c = 0;
-        for (i = 0; i < ED448_KEY_SIZE; i++) {
-            c |= key->k[i] ^ orig_k[i];
-        }
-        ret = ctMaskGT(c, 0) & SIG_VERIFY_E;
-    }
-#endif
-
-    return ret;
-}
-
-/* Sign the message using the ed448 private key.
- * Signature type is Ed448.
- *
- *  in          [in]      Message to sign.
- *  inLen       [in]      Length of the message in bytes.
- *  out         [in]      Buffer to write signature into.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Ed448 key to use when signing
- *  context     [in]      Context of signing.
- *  contextLen  [in]      Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when outLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
-                      ed448_key* key, const byte* context, byte contextLen)
-{
-    return wc_ed448_sign_msg_ex(in, inLen, out, outLen, key, Ed448, context,
-                                                                    contextLen);
-}
-
-/* Sign the hash using the ed448 private key.
- * Signature type is Ed448ph.
- *
- *  hash        [in]      Hash of message to sign.
- *  hashLen     [in]      Length of hash of message in bytes.
- *  out         [in]      Buffer to write signature into.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Ed448 key to use when signing
- *  context     [in]      Context of signing.
- *  contextLen  [in]      Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when outLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
-                         word32 *outLen, ed448_key* key,
-                         const byte* context, byte contextLen)
-{
-    return wc_ed448_sign_msg_ex(hash, hashLen, out, outLen, key, Ed448ph,
-                                context, contextLen);
-}
-
-/* Sign the message using the ed448 private key.
- * Signature type is Ed448ph.
- *
- *  in          [in]      Message to sign.
- *  inLen       [in]      Length of the message to sign in bytes.
- *  out         [in]      Buffer to write signature into.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Ed448 key to use when signing
- *  context     [in]      Context of signing.
- *  contextLen  [in]      Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when outLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448ph_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
-                        ed448_key* key, const byte* context, byte contextLen)
-{
-    int  ret;
-    byte hash[ED448_PREHASH_SIZE];
-
-    ret = ed448_hash(key, in, inLen, hash, sizeof(hash));
-
-    if (ret == 0) {
-        ret = wc_ed448ph_sign_hash(hash, sizeof(hash), out, outLen, key,
-                                                           context, contextLen);
-    }
-
-    return ret;
-}
-#endif /* HAVE_ED448_SIGN */
-
-#ifdef HAVE_ED448_VERIFY
-
-/* Verify the message using the ed448 public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  key         [in]  Ed448 key to use to verify.
- *  type        [in]  Type of signature to verify: Ed448 or Ed448ph
- *  context     [in]  Context of verification.
- *  contextLen  [in]  Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when sigLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-
-static int ed448_verify_msg_init_with_sha(const byte* sig, word32 sigLen,
-                                      ed448_key* key, wc_Shake *sha, byte type,
-                                      const byte* context, byte contextLen)
-{
-    int ret;
-
-    /* sanity check on arguments */
-    if ((sig == NULL) || (key == NULL) ||
-        ((context == NULL) && (contextLen != 0))) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* check on basics needed to verify signature */
-    if (sigLen != ED448_SIG_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* find H(R,A,M) and store it as h */
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    ret = ed448_hash_reset(key);
-    if (ret < 0)
-        return ret;
-#endif
-
-    ret = ed448_hash_update(key, sha, ed448Ctx, ED448CTX_SIZE);
-    if (ret == 0) {
-        ret = ed448_hash_update(key, sha, &type, sizeof(type));
-    }
-    if (ret == 0) {
-        ret = ed448_hash_update(key, sha, &contextLen, sizeof(contextLen));
-    }
-    if ((ret == 0) && (context != NULL)) {
-        ret = ed448_hash_update(key, sha, context, contextLen);
-    }
-    if (ret == 0) {
-        ret = ed448_hash_update(key, sha, sig, ED448_SIG_SIZE/2);
-    }
-    if (ret == 0) {
-        ret = ed448_hash_update(key, sha, key->p, ED448_PUB_KEY_SIZE);
-    }
-
-    return ret;
-}
-
-/*
-   msgSegment     an array of bytes containing a message segment
-   msgSegmentLen  length of msgSegment
-   key            Ed448 public key
-   return         0 on success
-*/
-static int ed448_verify_msg_update_with_sha(const byte* msgSegment,
-                                        word32 msgSegmentLen,
-                                        ed448_key* key,
-                                        wc_Shake *sha)
-{
-    /* sanity check on arguments */
-    if (msgSegment == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    return ed448_hash_update(key, sha, msgSegment, msgSegmentLen);
-}
-
-/* Order of the ed448 curve - little endian. */
-static const byte ed448_order[] = {
-    0xf3, 0x44, 0x58, 0xab, 0x92, 0xc2, 0x78, 0x23,
-    0x55, 0x8f, 0xc5, 0x8d, 0x72, 0xc2, 0x6c, 0x21,
-    0x90, 0x36, 0xd6, 0xae, 0x49, 0xdb, 0x4e, 0xc4,
-    0xe9, 0x23, 0xca, 0x7c, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f,
-    0x00
-};
-
-/* Verify the message using the ed448 public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Ed448 key to use to verify.
- *  returns BAD_FUNC_ARG when a parameter is NULL or public key not set,
- *          BUFFER_E when sigLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-static int ed448_verify_msg_final_with_sha(const byte* sig, word32 sigLen,
-                                     int* res, ed448_key* key, wc_Shake *sha)
-{
-    byte     rcheck[ED448_KEY_SIZE];
-    byte     h[ED448_SIG_SIZE];
-    ge448_p2 A;
-    ge448_p2 R;
-    int      ret;
-    int      i;
-
-    /* sanity check on arguments */
-    if ((sig == NULL) || (res == NULL) || (key == NULL))
-        return BAD_FUNC_ARG;
-
-    /* set verification failed by default */
-    *res = 0;
-
-    /* check on basics needed to verify signature */
-    if (sigLen != ED448_SIG_SIZE)
-        return BAD_FUNC_ARG;
-    /* Check S is not larger than or equal to order. */
-    for (i = (int)sizeof(ed448_order) - 1; i >= 0; i--) {
-        /* Bigger than order. */
-        if (sig[ED448_SIG_SIZE/2 + i] > ed448_order[i])
-            return BAD_FUNC_ARG;
-        /* Less than order. */
-        if (sig[ED448_SIG_SIZE/2 + i] < ed448_order[i])
-            break;
-    }
-    /* Same value as order. */
-    if (i == -1)
-        return BAD_FUNC_ARG;
-
-    /* uncompress A (public key), test if valid, and negate it */
-    if (ge448_from_bytes_negate_vartime(&A, key->p) != 0)
-        return BAD_FUNC_ARG;
-
-    ret = ed448_hash_final(key, sha, h, sizeof(h));
-    if (ret != 0)
-        return ret;
-
-    sc448_reduce(h);
-
-    /* Uses a fast single-signature verification SB = R + H(R,A,M)A becomes
-     * SB - H(R,A,M)A saving decompression of R
-     */
-    ret = ge448_double_scalarmult_vartime(&R, h, &A,
-                                          sig + (ED448_SIG_SIZE/2));
-    if (ret != 0)
-        return ret;
-
-    ge448_to_bytes(rcheck, &R);
-
-    /* comparison of R created to R in sig */
-    if (ConstantCompare(rcheck, sig, ED448_SIG_SIZE/2) != 0) {
-        ret = SIG_VERIFY_E;
-    }
-    else {
-        /* set the verification status */
-        *res = 1;
-    }
-
-    return ret;
-}
-
-#ifdef WOLFSSL_ED448_STREAMING_VERIFY
-int wc_ed448_verify_msg_init(const byte* sig, word32 sigLen, ed448_key* key,
-                        byte type, const byte* context, byte contextLen)
-{
-    return ed448_verify_msg_init_with_sha(sig, sigLen, key, &key->sha, type,
-                                      context, contextLen);
-}
-
-int wc_ed448_verify_msg_update(const byte* msgSegment, word32 msgSegmentLen,
-                             ed448_key* key)
-{
-    return ed448_verify_msg_update_with_sha(msgSegment, msgSegmentLen, key,
-                                        &key->sha);
-}
-
-int wc_ed448_verify_msg_final(const byte* sig, word32 sigLen,
-                              int* res, ed448_key* key)
-{
-    return ed448_verify_msg_final_with_sha(sig, sigLen, res, key, &key->sha);
-}
-#endif
-
-/* Verify the message using the ed448 public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Ed448 key to use to verify.
- *  type        [in]  Type of signature to verify: Ed448 or Ed448ph
- *  context     [in]  Context of verification.
- *  contextLen  [in]  Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when sigLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
-                            word32 msgLen, int* res, ed448_key* key,
-                            byte type, const byte* context, byte contextLen)
-{
-    int ret;
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    wc_Shake *sha;
-#else
-    wc_Shake sha[1];
-#endif
-
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    sha = &key->sha;
-#else
-    ret = ed448_hash_init(key, sha);
-    if (ret < 0)
-        return ret;
-#endif
-
-    ret = ed448_verify_msg_init_with_sha(sig, sigLen, key, sha,
-                                   type, context, contextLen);
-    if (ret == 0)
-        ret = ed448_verify_msg_update_with_sha(msg, msgLen, key, sha);
-    if (ret == 0)
-        ret = ed448_verify_msg_final_with_sha(sig, sigLen, res, key, sha);
-
-#ifndef WOLFSSL_ED448_PERSISTENT_SHA
-    ed448_hash_free(key, sha);
-#endif
-
-    return ret;
-}
-
-/* Verify the message using the ed448 public key.
- * Signature type is Ed448.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  key         [in]  Ed448 key to use to verify.
- *  context     [in]  Context of verification.
- *  contextLen  [in]  Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when sigLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                        word32 msgLen, int* res, ed448_key* key,
-                        const byte* context, byte contextLen)
-{
-    return wc_ed448_verify_msg_ex(sig, sigLen, msg, msgLen, res, key, Ed448,
-                                                           context, contextLen);
-}
-
-/* Verify the hash using the ed448 public key.
- * Signature type is Ed448ph.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  hash        [in]  Hash of message to verify.
- *  hashLen     [in]  Length of the hash in bytes.
- *  key         [in]  Ed448 key to use to verify.
- *  context     [in]  Context of verification.
- *  contextLen  [in]  Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when sigLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448ph_verify_hash(const byte* sig, word32 sigLen, const byte* hash,
-                           word32 hashLen, int* res, ed448_key* key,
-                           const byte* context, byte contextLen)
-{
-    return wc_ed448_verify_msg_ex(sig, sigLen, hash, hashLen, res, key, Ed448ph,
-                                                           context, contextLen);
-}
-
-/* Verify the message using the ed448 public key.
- * Signature type is Ed448ph.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  key         [in]  Ed448 key to use to verify.
- *  context     [in]  Context of verification.
- *  contextLen  [in]  Length of context in bytes.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          context is not NULL or public key not set,
- *          BUFFER_E when sigLen is less than ED448_SIG_SIZE,
- *          other -ve values when hash fails,
- *          0 otherwise.
- */
-int wc_ed448ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                          word32 msgLen, int* res, ed448_key* key,
-                          const byte* context, byte contextLen)
-{
-    int  ret = 0;
-    byte hash[ED448_PREHASH_SIZE];
-
-    ret = ed448_hash(key, msg, msgLen, hash, sizeof(hash));
-
-    if (ret == 0) {
-        ret = wc_ed448ph_verify_hash(sig, sigLen, hash, sizeof(hash), res, key,
-                                                           context, contextLen);
-    }
-
-    return ret;
-}
-#endif /* HAVE_ED448_VERIFY */
-
-/* Initialize the ed448 private/public key.
- *
- * key  [in]  Ed448 key.
- * heap [in]  heap pointer to pass to wc_InitShake256().
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_ed448_init_ex(ed448_key* key, void *heap, int devId)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    XMEMSET(key, 0, sizeof(ed448_key));
-
-#ifdef WOLF_CRYPTO_CB
-    key->devId = devId;
-#else
-    (void)devId;
-#endif
-    key->heap = heap;
-
-    fe448_init();
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("wc_ed448_init_ex key->k", &key->k, sizeof(key->k));
-#endif
-
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-    return ed448_hash_init(key, &key->sha);
-#else /* !WOLFSSL_ED448_PERSISTENT_SHA */
-    return 0;
-#endif /* WOLFSSL_ED448_PERSISTENT_SHA */
-}
-
-/* Initialize the ed448 private/public key.
- *
- * key  [in]  Ed448 key.
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_ed448_init(ed448_key* key) {
-    return wc_ed448_init_ex(key, NULL, INVALID_DEVID);
-}
-
-/* Clears the ed448 key data
- *
- * key  [in]  Ed448 key.
- */
-void wc_ed448_free(ed448_key* key)
-{
-    if (key != NULL) {
-#ifdef WOLFSSL_ED448_PERSISTENT_SHA
-        ed448_hash_free(key, &key->sha);
-#endif
-        ForceZero(key, sizeof(ed448_key));
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(key, sizeof(ed448_key));
-    #endif
-    }
-}
-
-
-#ifdef HAVE_ED448_KEY_EXPORT
-
-/* Export the ed448 public key.
- *
- * key     [in]      Ed448 public key.
- * out     [in]      Array to hold public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when outLen is less than ED448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_ed448_export_public(const ed448_key* key, byte* out, word32* outLen)
-{
-    int ret = 0;
-
-    /* sanity check on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (*outLen < ED448_PUB_KEY_SIZE)) {
-        *outLen = ED448_PUB_KEY_SIZE;
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        *outLen = ED448_PUB_KEY_SIZE;
-        XMEMCPY(out, key->p, ED448_PUB_KEY_SIZE);
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_ED448_KEY_EXPORT */
-
-
-#ifdef HAVE_ED448_KEY_IMPORT
-/* Import a compressed or uncompressed ed448 public key from a byte array.
- * Public key encoded in big-endian.
- *
- * in       [in]  Array holding public key.
- * inLen    [in]  Number of bytes of data in array.
- * key      [in]  Ed448 public key.
- * trusted  [in]  Indicates whether the public key data is trusted.
- *                When 0, checks public key matches private key.
- *                When 1, doesn't check public key matches private key.
- * returns BAD_FUNC_ARG when a parameter is NULL or key format is not supported,
- *         0 otherwise.
- */
-int wc_ed448_import_public_ex(const byte* in, word32 inLen, ed448_key* key,
-    int trusted)
-{
-    int ret = 0;
-
-    /* sanity check on arguments */
-    if ((in == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((inLen != ED448_PUB_KEY_SIZE) &&
-        (inLen != ED448_PUB_KEY_SIZE + 1) &&
-        (inLen != 2 * ED448_PUB_KEY_SIZE + 1)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* compressed prefix according to draft
-         * https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-06 */
-        if (in[0] == 0x40 && inLen > ED448_PUB_KEY_SIZE) {
-            /* key is stored in compressed format so just copy in */
-            XMEMCPY(key->p, (in + 1), ED448_PUB_KEY_SIZE);
-        }
-        /* importing uncompressed public key */
-        else if (in[0] == 0x04 && inLen > 2*ED448_PUB_KEY_SIZE) {
-            /* pass in (x,y) and store compressed key */
-            ret = ge448_compress_key(key->p, in+1, in+1+ED448_PUB_KEY_SIZE);
-        }
-        else if (inLen == ED448_PUB_KEY_SIZE) {
-            /* if not specified compressed or uncompressed check key size
-             * if key size is equal to compressed key size copy in key */
-            XMEMCPY(key->p, in, ED448_PUB_KEY_SIZE);
-        }
-        else {
-            /* bad public key format */
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        key->pubKeySet = 1;
-        if (!trusted) {
-            /* Check untrusted public key data matches private key. */
-            ret = wc_ed448_check_key(key);
-        }
-    }
-
-    if ((ret != 0) && (key != NULL)) {
-        /* No public key set on failure. */
-        key->pubKeySet = 0;
-    }
-
-    return ret;
-}
-
-/* Import a compressed or uncompressed ed448 public key from a byte array.
- *
- * Public key encoded in big-endian.
- * Public key is not trusted and is checked against private key if set.
- *
- * in      [in]  Array holding public key.
- * inLen   [in]  Number of bytes of data in array.
- * key     [in]  Ed448 public key.
- * returns BAD_FUNC_ARG when a parameter is NULL or key format is not supported,
- *         0 otherwise.
- */
-int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key)
-{
-    return wc_ed448_import_public_ex(in, inLen, key, 0);
-}
-
-/* Import an ed448 private key from a byte array.
- *
- * priv    [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in array.
- * key     [in]  Ed448 private key.
- * returns BAD_FUNC_ARG when a parameter is NULL or privSz is less than
- *         ED448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_ed448_import_private_only(const byte* priv, word32 privSz,
-                                 ed448_key* key)
-{
-    int ret = 0;
-
-    /* sanity check on arguments */
-    if ((priv == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* key size check */
-    if ((ret == 0) && (privSz != ED448_KEY_SIZE)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(key->k, priv, ED448_KEY_SIZE);
-        key->privKeySet = 1;
-    }
-
-    if ((ret == 0) && key->pubKeySet) {
-        /* Validate loaded public key */
-        ret = wc_ed448_check_key(key);
-    }
-
-    if ((ret != 0) && (key != NULL)) {
-        /* No private key set on error. */
-        key->privKeySet = 0;
-        ForceZero(key->k, ED448_KEY_SIZE);
-    }
-
-    return ret;
-}
-
-
-/* Import an ed448 private and public keys from byte array(s).
- *
- * priv     [in]  Array holding private key from wc_ed448_export_private_only(),
- *                or private+public keys from wc_ed448_export_private().
- * privSz   [in]  Number of bytes of data in private key array.
- * pub      [in]  Array holding public key (or NULL).
- * pubSz    [in]  Number of bytes of data in public key array (or 0).
- * key      [in]  Ed448 private/public key.
- * trusted  [in]  Indicates whether the public key data is trusted.
- *                When 0, checks public key matches private key.
- *                When 1, doesn't check public key matches private key.
- * returns BAD_FUNC_ARG when a required parameter is NULL or an invalid
- *         combination of keys/lengths is supplied, 0 otherwise.
- */
-int wc_ed448_import_private_key_ex(const byte* priv, word32 privSz,
-    const byte* pub, word32 pubSz, ed448_key* key, int trusted)
-{
-    int ret;
-
-    /* sanity check on arguments */
-    if (priv == NULL || key == NULL)
-        return BAD_FUNC_ARG;
-
-    /* key size check */
-    if (privSz != ED448_KEY_SIZE && privSz != ED448_PRV_KEY_SIZE)
-        return BAD_FUNC_ARG;
-
-    if (pub == NULL) {
-        if (pubSz != 0)
-            return BAD_FUNC_ARG;
-        if (privSz != ED448_PRV_KEY_SIZE)
-            return BAD_FUNC_ARG;
-        pub = priv + ED448_KEY_SIZE;
-        pubSz = ED448_PUB_KEY_SIZE;
-    }
-    else if (pubSz < ED448_PUB_KEY_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(key->k, priv, ED448_KEY_SIZE);
-    key->privKeySet = 1;
-
-    /* import public key */
-    ret = wc_ed448_import_public_ex(pub, pubSz, key, trusted);
-    if (ret != 0) {
-        key->privKeySet = 0;
-        ForceZero(key->k, ED448_KEY_SIZE);
-        return ret;
-    }
-
-    /* make the private key (priv + pub) */
-    XMEMCPY(key->k + ED448_KEY_SIZE, key->p, ED448_PUB_KEY_SIZE);
-
-    return ret;
-}
-
-/* Import an ed448 private and public keys from byte array(s).
- *
- * Public key is not trusted and is checked against private key.
- *
- * priv    [in]  Array holding private key from wc_ed448_export_private_only(),
- *               or private+public keys from wc_ed448_export_private().
- * privSz  [in]  Number of bytes of data in private key array.
- * pub     [in]  Array holding public key (or NULL).
- * pubSz   [in]  Number of bytes of data in public key array (or 0).
- * key     [in]  Ed448 private/public key.
- * returns BAD_FUNC_ARG when a required parameter is NULL or an invalid
- *         combination of keys/lengths is supplied, 0 otherwise.
- */
-int wc_ed448_import_private_key(const byte* priv, word32 privSz,
-                                const byte* pub, word32 pubSz, ed448_key* key)
-{
-    return wc_ed448_import_private_key_ex(priv, privSz, pub, pubSz, key, 0);
-}
-
-#endif /* HAVE_ED448_KEY_IMPORT */
-
-
-#ifdef HAVE_ED448_KEY_EXPORT
-
-/* Export the ed448 private key.
- *
- * key     [in]      Ed448 private key.
- * out     [in]      Array to hold private key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         ECC_BAD_ARG_E when outLen is less than ED448_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_ed448_export_private_only(const ed448_key* key, byte* out, word32* outLen)
-{
-    int ret = 0;
-
-    /* sanity checks on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (*outLen < ED448_KEY_SIZE)) {
-        *outLen = ED448_KEY_SIZE;
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        *outLen = ED448_KEY_SIZE;
-        XMEMCPY(out, key->k, ED448_KEY_SIZE);
-    }
-
-    return ret;
-}
-
-/* Export the ed448 private and public key.
- *
- * key     [in]      Ed448 private/public key.
- * out     [in]      Array to hold private and public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than ED448_PRV_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_ed448_export_private(const ed448_key* key, byte* out, word32* outLen)
-{
-    int ret = 0;
-
-    /* sanity checks on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (*outLen < ED448_PRV_KEY_SIZE)) {
-        *outLen = ED448_PRV_KEY_SIZE;
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        *outLen = ED448_PRV_KEY_SIZE;
-        XMEMCPY(out, key->k, ED448_PRV_KEY_SIZE);
-     }
-
-    return ret;
-}
-
-/* Export the ed448 private and public key.
- *
- * key     [in]      Ed448 private/public key.
- * priv    [in]      Array to hold private key.
- * privSz  [in/out]  On in, the number of bytes in private key array.
- * pub     [in]      Array to hold  public key.
- * pubSz   [in/out]  On in, the number of bytes in public key array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when privSz is less than ED448_PRV_KEY_SIZE or pubSz is less
- *         than ED448_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_ed448_export_key(const ed448_key* key, byte* priv, word32 *privSz,
-                        byte* pub, word32 *pubSz)
-{
-    int ret = 0;
-
-    /* export 'full' private part */
-    ret = wc_ed448_export_private(key, priv, privSz);
-    if (ret == 0) {
-        /* export public part */
-        ret = wc_ed448_export_public(key, pub, pubSz);
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_ED448_KEY_EXPORT */
-
-/* Check the public key is valid.
- *
- * When private key available, check the calculated public key matches.
- * When no private key, check Y is in range and an X is able to be calculated.
- *
- * @param [in] key  Ed448 private/public key.
- * @return  0 otherwise.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  PUBLIC_KEY_E when the public key is not set, doesn't match or is
- *          invalid.
- * @return  other -ve value on hash failure.
- */
-int wc_ed448_check_key(ed448_key* key)
-{
-    int ret = 0;
-    unsigned char pubKey[ED448_PUB_KEY_SIZE];
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check we have a public key to check. */
-    if (ret == 0 && !key->pubKeySet) {
-        ret = PUBLIC_KEY_E;
-    }
-
-    /* If we have a private key just make the public key and compare. */
-    if ((ret == 0) && key->privKeySet) {
-        ret = wc_ed448_make_public(key, pubKey, sizeof(pubKey));
-        if ((ret == 0) && (XMEMCMP(pubKey, key->p, ED448_PUB_KEY_SIZE) != 0)) {
-            ret = PUBLIC_KEY_E;
-        }
-    }
-    /* No private key, check Y is valid. */
-    else if ((ret == 0) && (!key->privKeySet)) {
-        /* Verify that Q is not identity element 0.
-         * 0 has no representation for Ed448. */
-
-        /* Verify that xQ and yQ are integers in the interval [0, p - 1].
-         * Only have yQ so check that ordinate.
-         * p = 2^448-2^224-1 = 0xff..fe..ff
-         */
-        {
-            int i;
-            ret = PUBLIC_KEY_E;
-
-            /* Check top part before 0xFE. */
-            for (i = ED448_PUB_KEY_SIZE - 1; i > ED448_PUB_KEY_SIZE/2; i--) {
-                if (key->p[i] < 0xff) {
-                    ret = 0;
-                    break;
-                }
-            }
-            if (ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E)) {
-                /* Check against 0xFE. */
-                if (key->p[ED448_PUB_KEY_SIZE/2] < 0xfe) {
-                    ret = 0;
-                }
-                else if (key->p[ED448_PUB_KEY_SIZE/2] == 0xfe) {
-                    /* Check bottom part before last byte. */
-                    for (i = ED448_PUB_KEY_SIZE/2 - 1; i > 0; i--) {
-                        if (key->p[i] != 0xff) {
-                            ret = 0;
-                            break;
-                        }
-                    }
-                    /* Check last byte. */
-                    if ((ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E)) &&
-                        (key->p[0] < 0xff)) {
-                        ret = 0;
-                    }
-                }
-            }
-        }
-
-        if (ret == 0) {
-            /* Verify that Q is on the curve.
-             * Uncompressing the public key will validate yQ. */
-            ge448_p2 A;
-
-            if (ge448_from_bytes_negate_vartime(&A, key->p) != 0) {
-                ret = PUBLIC_KEY_E;
-            }
-        }
-    }
-
-    return ret;
-}
-
-/* Returns the size of an ed448 private key.
- *
- * key     [in]      Ed448 private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         ED448_KEY_SIZE otherwise.
- */
-int wc_ed448_size(const ed448_key* key)
-{
-    int ret = ED448_KEY_SIZE;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-/* Returns the size of an ed448 private plus public key.
- *
- * key     [in]      Ed448 private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         ED448_PRV_KEY_SIZE otherwise.
- */
-int wc_ed448_priv_size(const ed448_key* key)
-{
-    int ret = ED448_PRV_KEY_SIZE;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-/* Returns the size of an ed448 public key.
- *
- * key     [in]      Ed448 private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         ED448_PUB_KEY_SIZE otherwise.
- */
-int wc_ed448_pub_size(const ed448_key* key)
-{
-    int ret = ED448_PUB_KEY_SIZE;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-/* Returns the size of an ed448 signature.
- *
- * key     [in]      Ed448 private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         ED448_SIG_SIZE otherwise.
- */
-int wc_ed448_sig_size(const ed448_key* key)
-{
-    int ret = ED448_SIG_SIZE;
-
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_ED448 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/ext_lms.c b/src/ssl/wolfssl/wolfcrypt/ext_lms.c
deleted file mode 100644
index 2486a4268..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ext_lms.c
+++ /dev/null
@@ -1,1063 +0,0 @@
-/* ext_lms.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_LMS) && defined(HAVE_LIBLMS)
-
-#include <wolfssl/wolfcrypt/ext_lms.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* If built against hss_lib_thread.a, the hash-sigs lib will spawn
- * worker threads to parallelize cpu intensive tasks. This will mainly
- * speedup key generation and signing, and to a lesser extent
- * verifying for larger levels values.
- *
- * Their default max is 16 worker threads, but can be capped with
- * hss_extra_info_set_threads(). To be safe we are capping at 4 here.
- * */
-#define EXT_LMS_MAX_THREADS (4)
-
-/* The hash-sigs hss_generate_private_key API requires a generate_random
- * callback that only has output and length args. The RNG struct must be global
- * to the function. Maybe there should be a wc_LmsKey_SetRngCb. */
-static THREAD_LS_T WC_RNG * LmsRng = NULL;
-
-static bool LmsGenerateRand(void * output, size_t length)
-{
-    int ret = 0;
-
-    if (output == NULL || LmsRng == NULL) {
-        return false;
-    }
-
-    if (length == 0) {
-        return true;
-    }
-
-    ret = wc_RNG_GenerateBlock(LmsRng, output, (word32) length);
-
-    if (ret) {
-        WOLFSSL_MSG("error: LmsGenerateRand failed");
-        return false;
-    }
-
-    return true;
-}
-
-/* Write callback passed into hash-sigs hss lib.
- *
- * Returns true on success. */
-static bool LmsWritePrivKey(unsigned char *private_key,
-                            size_t len_private_key, void *lmsKey)
-{
-    LmsKey *      key = (LmsKey *) lmsKey;
-    enum wc_LmsRc ret = WC_LMS_RC_NONE;
-
-    if (private_key == NULL || key == NULL || len_private_key <= 0) {
-        WOLFSSL_MSG("error: LmsWritePrivKey: invalid args");
-        return false;
-    }
-
-    if (key->state != WC_LMS_STATE_PARMSET && key->state != WC_LMS_STATE_OK) {
-       /* The LmsKey is not ready for writing. */
-        WOLFSSL_MSG("error: LmsWritePrivKey: LMS key not in writeable state");
-        return false;
-    }
-
-    if (key->write_private_key == NULL) {
-        WOLFSSL_MSG("error: LmsWritePrivKey: LMS key write callback not set");
-        key->state = WC_LMS_STATE_BAD;
-        return false;
-    }
-
-    /* Use write callback that saves private key to non-volatile storage. */
-    ret = key->write_private_key(private_key, (word32)len_private_key,
-                                 key->context);
-
-    if (ret != WC_LMS_RC_SAVED_TO_NV_MEMORY) {
-        WOLFSSL_MSG("error: LmsKey write_private_key failed");
-        WOLFSSL_MSG(wc_LmsKey_RcToStr(ret));
-        key->state = WC_LMS_STATE_BAD;
-        return false;
-    }
-
-    return true;
-}
-
-/* Read callback passed into hash-sigs hss lib.
- *
- * Returns true on success. */
-static bool LmsReadPrivKey(unsigned char *private_key,
-                           size_t len_private_key, void *lmsKey)
-{
-    LmsKey *      key = (LmsKey *) lmsKey;
-    enum wc_LmsRc ret = WC_LMS_RC_NONE;
-
-    if (private_key == NULL || key == NULL || len_private_key <= 0) {
-        WOLFSSL_MSG("error: LmsReadPrivKey: invalid args");
-        return false;
-    }
-
-    if (key->state != WC_LMS_STATE_PARMSET && key->state != WC_LMS_STATE_OK) {
-       /* The LmsKey is not ready for reading. */
-        WOLFSSL_MSG("error: LmsReadPrivKey: LMS key not in readable state");
-        return false;
-    }
-
-    if (key->read_private_key == NULL) {
-        WOLFSSL_MSG("error: LmsReadPrivKey: LMS key read callback not set");
-        key->state = WC_LMS_STATE_BAD;
-        return false;
-    }
-
-    /* Use read callback that reads private key from non-volatile storage. */
-    ret = key->read_private_key(private_key, (word32)len_private_key,
-                                key->context);
-
-    if (ret != WC_LMS_RC_READ_TO_MEMORY) {
-        WOLFSSL_MSG("error: LmsKey read_private_key failed");
-        WOLFSSL_MSG(wc_LmsKey_RcToStr(ret));
-        key->state = WC_LMS_STATE_BAD;
-        return false;
-    }
-
-    return true;
-}
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
-
-const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm)
-{
-    switch (lmsParm) {
-    case WC_LMS_PARM_NONE:
-        return "LMS/HSS NONE";
-    case WC_LMS_PARM_L1_H5_W1:
-        return "LMS/HSS L1_H5_W1";
-    case WC_LMS_PARM_L1_H5_W2:
-        return "LMS/HSS L1_H5_W2";
-    case WC_LMS_PARM_L1_H5_W4:
-        return "LMS/HSS L1_H5_W4";
-    case WC_LMS_PARM_L1_H5_W8:
-        return "LMS/HSS L1_H5_W8";
-    case WC_LMS_PARM_L1_H10_W2:
-        return "LMS/HSS L1_H10_W2";
-    case WC_LMS_PARM_L1_H10_W4:
-        return "LMS/HSS L1_H10_W4";
-    case WC_LMS_PARM_L1_H10_W8:
-        return "LMS/HSS L1_H10_W8";
-    case WC_LMS_PARM_L1_H15_W2:
-        return "LMS/HSS L1_H15_W2";
-    case WC_LMS_PARM_L1_H15_W4:
-        return "LMS/HSS L1_H15_W4";
-    case WC_LMS_PARM_L1_H15_W8:
-        return "LMS/HSS L1_H15_W8";
-    case WC_LMS_PARM_L1_H20_W2:
-        return "LMS/HSS L1_H20_W2";
-    case WC_LMS_PARM_L1_H20_W4:
-        return "LMS/HSS L1_H20_W4";
-    case WC_LMS_PARM_L1_H20_W8:
-        return "LMS/HSS L1_H20_W8";
-    case WC_LMS_PARM_L2_H5_W2:
-        return "LMS/HSS L2_H5_W2";
-    case WC_LMS_PARM_L2_H5_W4:
-        return "LMS/HSS L2_H5_W4";
-    case WC_LMS_PARM_L2_H5_W8:
-        return "LMS/HSS L2_H5_W8";
-    case WC_LMS_PARM_L2_H10_W2:
-        return "LMS/HSS L2_H10_W2";
-    case WC_LMS_PARM_L2_H10_W4:
-        return "LMS/HSS L2_H10_W4";
-    case WC_LMS_PARM_L2_H10_W8:
-        return "LMS/HSS L2_H10_W8";
-    case WC_LMS_PARM_L2_H15_W2:
-        return "LMS/HSS L2_H15_W2";
-    case WC_LMS_PARM_L2_H15_W4:
-        return "LMS/HSS L2_H15_W4";
-    case WC_LMS_PARM_L2_H15_W8:
-        return "LMS/HSS L2_H15_W8";
-    case WC_LMS_PARM_L2_H20_W2:
-        return "LMS/HSS L2_H20_W2";
-    case WC_LMS_PARM_L2_H20_W4:
-        return "LMS/HSS L2_H20_W4";
-    case WC_LMS_PARM_L2_H20_W8:
-        return "LMS/HSS L2_H20_W8";
-    case WC_LMS_PARM_L3_H5_W2:
-        return "LMS/HSS L3_H5_W2";
-    case WC_LMS_PARM_L3_H5_W4:
-        return "LMS/HSS L3_H5_W4";
-    case WC_LMS_PARM_L3_H5_W8:
-        return "LMS/HSS L3_H5_W8";
-    case WC_LMS_PARM_L3_H10_W4:
-        return "LMS/HSS L3_H10_W4";
-    case WC_LMS_PARM_L3_H10_W8:
-        return "LMS/HSS L3_H10_W8";
-    case WC_LMS_PARM_L4_H5_W2:
-        return "LMS/HSS L4_H5_W2";
-    case WC_LMS_PARM_L4_H5_W4:
-        return "LMS/HSS L4_H5_W4";
-    case WC_LMS_PARM_L4_H5_W8:
-        return "LMS/HSS L4_H5_W8";
-    case WC_LMS_PARM_L4_H10_W4:
-        return "LMS/HSS L4_H10_W4";
-    case WC_LMS_PARM_L4_H10_W8:
-        return "LMS/HSS L4_H10_W8";
-    default:
-        WOLFSSL_MSG("error: invalid LMS parameter");
-        break;
-    }
-
-    return "LMS_INVALID";
-}
-
-const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsEc)
-{
-    switch (lmsEc) {
-    case WC_LMS_RC_NONE:
-        return "LMS_RC_NONE";
-
-    case WC_LMS_RC_BAD_ARG:
-        return "LMS_RC_BAD_ARG";
-
-    case WC_LMS_RC_WRITE_FAIL:
-        return "LMS_RC_WRITE_FAIL";
-
-    case WC_LMS_RC_READ_FAIL:
-        return "LMS_RC_READ_FAIL";
-
-    case WC_LMS_RC_SAVED_TO_NV_MEMORY:
-        return "LMS_RC_SAVED_TO_NV_MEMORY";
-
-    case WC_LMS_RC_READ_TO_MEMORY:
-        return "LMS_RC_READ_TO_MEMORY";
-
-    default:
-        WOLFSSL_MSG("error: invalid LMS error code");
-        break;
-    }
-
-    return "LMS_RC_INVALID";
-}
-
-/* Init an LMS key.
- *
- * Call this before setting the params of an LMS key.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_Init(LmsKey * key, void * heap, int devId)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    (void) heap;
-    (void) devId;
-
-    ForceZero(key, sizeof(LmsKey));
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-    hss_init_extra_info(&key->info);
-    /* Set the max number of worker threads that hash-sigs can spawn. */
-    hss_extra_info_set_threads(&key->info, EXT_LMS_MAX_THREADS);
-
-    key->working_key = NULL;
-    key->write_private_key = NULL;
-    key->read_private_key = NULL;
-    key->context = NULL;
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
-    key->state = WC_LMS_STATE_INITED;
-
-    return 0;
-}
-
-/* Set the wc_LmsParm of an LMS key.
- *
- * Use this if you wish to set a key with a predefined parameter set,
- * such as WC_LMS_PARM_L2_H10_W8.
- *
- * Key must be inited before calling this.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_SetLmsParm(LmsKey * key, enum wc_LmsParm lmsParm)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* If NONE is passed, default to the lowest predefined set. */
-    switch (lmsParm) {
-    case WC_LMS_PARM_NONE:
-    case WC_LMS_PARM_L1_H5_W1:
-        return wc_LmsKey_SetParameters(key, 1, 5, 1);
-    case WC_LMS_PARM_L1_H5_W2:
-        return wc_LmsKey_SetParameters(key, 1, 5, 2);
-    case WC_LMS_PARM_L1_H5_W4:
-        return wc_LmsKey_SetParameters(key, 1, 5, 4);
-    case WC_LMS_PARM_L1_H5_W8:
-        return wc_LmsKey_SetParameters(key, 1, 5, 8);
-    case WC_LMS_PARM_L1_H10_W2:
-        return wc_LmsKey_SetParameters(key, 1, 10, 2);
-    case WC_LMS_PARM_L1_H10_W4:
-        return wc_LmsKey_SetParameters(key, 1, 10, 4);
-    case WC_LMS_PARM_L1_H10_W8:
-        return wc_LmsKey_SetParameters(key, 1, 10, 8);
-    case WC_LMS_PARM_L1_H15_W2:
-        return wc_LmsKey_SetParameters(key, 1, 15, 2);
-    case WC_LMS_PARM_L1_H15_W4:
-        return wc_LmsKey_SetParameters(key, 1, 15, 4);
-    case WC_LMS_PARM_L1_H15_W8:
-        return wc_LmsKey_SetParameters(key, 1, 15, 8);
-    case WC_LMS_PARM_L1_H20_W2:
-        return wc_LmsKey_SetParameters(key, 1, 20, 2);
-    case WC_LMS_PARM_L1_H20_W4:
-        return wc_LmsKey_SetParameters(key, 1, 20, 4);
-    case WC_LMS_PARM_L1_H20_W8:
-        return wc_LmsKey_SetParameters(key, 1, 20, 8);
-    case WC_LMS_PARM_L2_H5_W2:
-        return wc_LmsKey_SetParameters(key, 2, 5, 2);
-    case WC_LMS_PARM_L2_H5_W4:
-        return wc_LmsKey_SetParameters(key, 2, 5, 4);
-    case WC_LMS_PARM_L2_H5_W8:
-        return wc_LmsKey_SetParameters(key, 2, 5, 8);
-    case WC_LMS_PARM_L2_H10_W2:
-        return wc_LmsKey_SetParameters(key, 2, 10, 2);
-    case WC_LMS_PARM_L2_H10_W4:
-        return wc_LmsKey_SetParameters(key, 2, 10, 4);
-    case WC_LMS_PARM_L2_H10_W8:
-        return wc_LmsKey_SetParameters(key, 2, 10, 8);
-    case WC_LMS_PARM_L2_H15_W2:
-        return wc_LmsKey_SetParameters(key, 2, 15, 2);
-    case WC_LMS_PARM_L2_H15_W4:
-        return wc_LmsKey_SetParameters(key, 2, 15, 4);
-    case WC_LMS_PARM_L2_H15_W8:
-        return wc_LmsKey_SetParameters(key, 2, 15, 8);
-    case WC_LMS_PARM_L2_H20_W2:
-        return wc_LmsKey_SetParameters(key, 2, 20, 2);
-    case WC_LMS_PARM_L2_H20_W4:
-        return wc_LmsKey_SetParameters(key, 2, 20, 4);
-    case WC_LMS_PARM_L2_H20_W8:
-        return wc_LmsKey_SetParameters(key, 2, 20, 8);
-    case WC_LMS_PARM_L3_H5_W2:
-        return wc_LmsKey_SetParameters(key, 3, 5, 2);
-    case WC_LMS_PARM_L3_H5_W4:
-        return wc_LmsKey_SetParameters(key, 3, 5, 4);
-    case WC_LMS_PARM_L3_H5_W8:
-        return wc_LmsKey_SetParameters(key, 3, 5, 8);
-    case WC_LMS_PARM_L3_H10_W4:
-        return wc_LmsKey_SetParameters(key, 3, 10, 4);
-    case WC_LMS_PARM_L3_H10_W8:
-        return wc_LmsKey_SetParameters(key, 3, 10, 8);
-    case WC_LMS_PARM_L4_H5_W2:
-        return wc_LmsKey_SetParameters(key, 4, 5, 2);
-    case WC_LMS_PARM_L4_H5_W4:
-        return wc_LmsKey_SetParameters(key, 4, 5, 4);
-    case WC_LMS_PARM_L4_H5_W8:
-        return wc_LmsKey_SetParameters(key, 4, 5, 8);
-    case WC_LMS_PARM_L4_H10_W4:
-        return wc_LmsKey_SetParameters(key, 4, 10, 4);
-    case WC_LMS_PARM_L4_H10_W8:
-        return wc_LmsKey_SetParameters(key, 4, 10, 8);
-    default:
-        WOLFSSL_MSG("error: invalid LMS parameter set");
-        break;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Set the parameters of an LMS key.
- *
- * Use this if you wish to set specific parameters not found in the
- * wc_LmsParm predefined sets. See comments in lms.h for allowed
- * parameters.
- *
- * Key must be inited before calling this.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_SetParameters(LmsKey * key, int levels, int height,
-    int winternitz)
-{
-    int         i = 0;
-    param_set_t lm = LMS_SHA256_N32_H5;
-    param_set_t ots = LMOTS_SHA256_N32_W1;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_LMS_STATE_INITED) {
-        WOLFSSL_MSG("error: LmsKey needs init");
-        return -1;
-    }
-
-    /* Verify inputs make sense.
-     *
-     * Note: there does not seem to be a define for min or
-     * max Winternitz integer in hash-sigs lib or RFC8554. */
-
-    if (levels < MIN_HSS_LEVELS || levels > MAX_HSS_LEVELS) {
-        WOLFSSL_MSG("error: invalid level parameter");
-        return BAD_FUNC_ARG;
-    }
-
-    if (height < MIN_MERKLE_HEIGHT || height > MAX_MERKLE_HEIGHT) {
-        WOLFSSL_MSG("error: invalid height parameter");
-        return BAD_FUNC_ARG;
-    }
-
-    switch (height) {
-    case 5:
-        lm = LMS_SHA256_N32_H5;
-        break;
-    case 10:
-        lm = LMS_SHA256_N32_H10;
-        break;
-    case 15:
-        lm = LMS_SHA256_N32_H15;
-        break;
-    case 20:
-        lm = LMS_SHA256_N32_H20;
-        break;
-    case 25:
-        lm = LMS_SHA256_N32_H25;
-        break;
-    default:
-        WOLFSSL_MSG("error: invalid height parameter");
-        return BAD_FUNC_ARG;
-    }
-
-    switch (winternitz) {
-    case 1:
-        ots = LMOTS_SHA256_N32_W1;
-        break;
-    case 2:
-        ots = LMOTS_SHA256_N32_W2;
-        break;
-    case 4:
-        ots = LMOTS_SHA256_N32_W4;
-        break;
-    case 8:
-        ots = LMOTS_SHA256_N32_W8;
-        break;
-    default:
-        WOLFSSL_MSG("error: invalid winternitz parameter");
-        return BAD_FUNC_ARG;
-    }
-
-    key->levels = levels;
-
-    for (i = 0; i < levels; ++i) {
-        key->lm_type[i] = lm;
-        key->lm_ots_type[i] = ots;
-    }
-
-    /* Move the state to params set.
-     * Key is ready for MakeKey or Reload. */
-    key->state = WC_LMS_STATE_PARMSET;
-
-    return 0;
-}
-
-/* Get the parameters of an LMS key.
- *
- * Key must be inited and parameters set before calling this.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_GetParameters(const LmsKey * key, int * levels, int * height,
-    int * winternitz)
-{
-    if (key == NULL || levels == NULL || height == NULL || winternitz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* This shouldn't happen, but check the LmsKey parameters aren't invalid. */
-
-    if (key->levels < MIN_HSS_LEVELS || key->levels > MAX_HSS_LEVELS) {
-        WOLFSSL_MSG("error: LmsKey invalid level parameter");
-        return -1;
-    }
-
-    *levels = key->levels;
-
-    switch (key->lm_type[0]) {
-    case LMS_SHA256_N32_H5:
-        *height = 5;
-        break;
-    case LMS_SHA256_N32_H10:
-        *height = 10;
-        break;
-    case LMS_SHA256_N32_H15:
-        *height = 15;
-        break;
-    case LMS_SHA256_N32_H20:
-        *height = 20;
-        break;
-    case LMS_SHA256_N32_H25:
-        *height = 25;
-        break;
-    default:
-        WOLFSSL_MSG("error: LmsKey invalid height parameter");
-        return -1;
-    }
-
-    switch (key->lm_ots_type[0]) {
-    case LMOTS_SHA256_N32_W1:
-        *winternitz = 1;
-        break;
-    case LMOTS_SHA256_N32_W2:
-        *winternitz = 2;
-        break;
-    case LMOTS_SHA256_N32_W4:
-        *winternitz = 4;
-        break;
-    case LMOTS_SHA256_N32_W8:
-        *winternitz = 8;
-        break;
-    default:
-        WOLFSSL_MSG("error: LmsKey invalid winternitz parameter");
-        return -1;
-    }
-
-    return 0;
-}
-
-/* Frees the LMS key from memory.
- *
- * This does not affect the private key saved to non-volatile storage.
- * */
-void wc_LmsKey_Free(LmsKey* key)
-{
-    if (key == NULL) {
-        return;
-    }
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-    if (key->working_key != NULL) {
-        hss_free_working_key(key->working_key);
-        key->working_key = NULL;
-    }
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
-
-    ForceZero(key, sizeof(LmsKey));
-
-    key->state = WC_LMS_STATE_FREED;
-
-    return;
-}
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Set the write private key callback to the LMS key structure.
- *
- * The callback must be able to write/update the private key to
- * non-volatile storage.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_SetWriteCb(LmsKey * key, wc_lms_write_private_key_cb write_cb)
-{
-    if (key == NULL || write_cb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Changing the write callback of an already working key is forbidden. */
-    if (key->state == WC_LMS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_LmsKey_SetWriteCb: key in use");
-        return -1;
-    }
-
-    key->write_private_key = write_cb;
-
-    return 0;
-}
-
-/* Set the read private key callback to the LMS key structure.
- *
- * The callback must be able to read the private key from
- * non-volatile storage.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_SetReadCb(LmsKey * key, wc_lms_read_private_key_cb read_cb)
-{
-    if (key == NULL || read_cb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Changing the read callback of an already working key is forbidden. */
-    if (key->state == WC_LMS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_LmsKey_SetReadCb: key in use");
-        return -1;
-    }
-
-    key->read_private_key = read_cb;
-
-    return 0;
-}
-
-/* Sets the context to be used by write and read callbacks.
- *
- * E.g. this could be a filename if the callbacks write/read to file.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_SetContext(LmsKey * key, void * context)
-{
-    if (key == NULL || context == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Setting context of an already working key is forbidden. */
-    if (key->state == WC_LMS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_LmsKey_SetContext: key in use");
-        return -1;
-    }
-
-    key->context = context;
-
-    return 0;
-}
-
-/* Make the LMS private/public key pair. The key must have its parameters
- * set before calling this.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * Returns 0 on success.
- * */
-int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG * rng)
-{
-    bool result = true;
-
-    if (key == NULL || rng == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_LMS_STATE_PARMSET) {
-        WOLFSSL_MSG("error: LmsKey not ready for generation");
-        return -1;
-    }
-
-    if (key->write_private_key == NULL || key->read_private_key == NULL) {
-        WOLFSSL_MSG("error: LmsKey write/read callbacks are not set");
-        return -1;
-    }
-
-    if (key->context == NULL) {
-        WOLFSSL_MSG("error: LmsKey context is not set");
-        return -1;
-    }
-
-    LmsRng = rng;
-
-   /* TODO: The hash-sigs lib allows you to save variable length auxiliary
-    * data, which can be used to speed up key reloading when signing. The
-    * aux data can be 300B - 1KB in size.
-    *
-    * Not implemented at the moment.
-    *
-    * key->aux_data_len = hss_get_aux_data_len(AUX_DATA_MAX_LEN, key->levels,
-    *                                          key->lm_type,
-    *                                          key->lm_ots_type);
-    *
-    * key->aux_data = XMALLOC(key->aux_data_len, NULL,
-    *                         DYNAMIC_TYPE_TMP_BUFFER);
-    */
-
-    /* First generate the private key using the parameters and callbacks.
-     * If successful, private key will be saved to non-volatile storage,
-     * and the public key will be in memory. */
-    result = hss_generate_private_key(LmsGenerateRand, key->levels,
-                                      key->lm_type, key->lm_ots_type,
-                                      LmsWritePrivKey, key,
-                                      key->pub, sizeof(key->pub),
-                                      NULL, 0, &key->info);
-
-    if (!result) {
-        WOLFSSL_MSG("error: hss_generate_private_key failed");
-        key->state = WC_LMS_STATE_BAD;
-        return -1;
-    }
-
-    /* Once generated, now we must load the private key so we have
-     * an hss working key for signing operations. */
-    key->working_key = hss_load_private_key(LmsReadPrivKey, key,
-                                            0, NULL, 0, &key->info);
-
-    if (key->working_key == NULL) {
-        WOLFSSL_MSG("error: hss_load_private_key failed");
-        key->state = WC_LMS_STATE_BAD;
-        return -1;
-    }
-
-    /* This should not happen, but check just in case. */
-    if (wc_LmsKey_SigsLeft(key) == 0) {
-        WOLFSSL_MSG("error: generated LMS key signatures exhausted");
-        key->state = WC_LMS_STATE_NOSIGS;
-        return -1;
-    }
-
-    key->state = WC_LMS_STATE_OK;
-
-    return 0;
-}
-
-/* Reload a key that has been prepared with the appropriate params and
- * data. Use this if you wish to resume signing with an existing key.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * Returns 0 on success. */
-int wc_LmsKey_Reload(LmsKey * key)
-{
-    bool result = true;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_LMS_STATE_PARMSET) {
-        WOLFSSL_MSG("error: LmsKey not ready for reload");
-        return -1;
-    }
-
-    if (key->write_private_key == NULL || key->read_private_key == NULL) {
-        WOLFSSL_MSG("error: LmsKey write/read callbacks are not set");
-        return -1;
-    }
-
-    if (key->context == NULL) {
-        WOLFSSL_MSG("error: LmsKey context is not set");
-        return -1;
-    }
-
-    key->working_key = hss_load_private_key(LmsReadPrivKey, key,
-                                            0, NULL, 0, &key->info);
-
-    if (key->working_key == NULL) {
-        WOLFSSL_MSG("error: hss_load_private_key failed");
-        key->state = WC_LMS_STATE_BAD;
-        return -1;
-    }
-
-    result = hss_get_parameter_set(&key->levels, key->lm_type,
-                                   key->lm_ots_type, LmsReadPrivKey, key);
-
-    if (!result) {
-        WOLFSSL_MSG("error: hss_get_parameter_set failed");
-        key->state = WC_LMS_STATE_BAD;
-        hss_free_working_key(key->working_key);
-        key->working_key = NULL;
-        return -1;
-    }
-
-    /* Double check the key actually has signatures left. */
-    if (wc_LmsKey_SigsLeft(key) == 0) {
-        WOLFSSL_MSG("error: reloaded LMS key signatures exhausted");
-        key->state = WC_LMS_STATE_NOSIGS;
-        return -1;
-    }
-
-    key->state = WC_LMS_STATE_OK;
-
-    return 0;
-}
-
-/* Given a levels, height, winternitz parameter set, determine
- * the private key length */
-int wc_LmsKey_GetPrivLen(const LmsKey * key, word32 * len)
-{
-    if (key == NULL || len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    *len = (word32) hss_get_private_key_len(key->levels, key->lm_type,
-                                            key->lm_ots_type);
-
-    return 0;
-}
-
-int wc_LmsKey_Sign(LmsKey* key, byte * sig, word32 * sigSz, const byte * msg,
-    int msgSz)
-{
-    bool   result = true;
-    size_t len = 0;
-
-    if (key == NULL || sig == NULL || sigSz == NULL || msg == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (msgSz <= 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state == WC_LMS_STATE_NOSIGS) {
-        WOLFSSL_MSG("error: LMS signatures exhausted");
-        return -1;
-    }
-    else if (key->state != WC_LMS_STATE_OK) {
-       /* The key had an error the last time it was used, and we
-        * can't guarantee its state. */
-        WOLFSSL_MSG("error: can't sign, LMS key not in good state");
-        return -1;
-    }
-
-    len = hss_get_signature_len(key->levels, key->lm_type, key->lm_ots_type);
-
-    if (len == 0) {
-        /* Key parameters are invalid. */
-        WOLFSSL_MSG("error: hss_get_signature_len failed");
-        key->state = WC_LMS_STATE_BAD;
-        return -1;
-    }
-
-    result = hss_generate_signature(key->working_key, LmsWritePrivKey,
-                                    key, (const void *) msg, msgSz,
-                                    sig, len, &key->info);
-
-    if (!result) {
-        if (wc_LmsKey_SigsLeft(key) == 0) {
-            WOLFSSL_MSG("error: LMS signatures exhausted");
-            key->state = WC_LMS_STATE_NOSIGS;
-            return -1;
-        }
-
-        WOLFSSL_MSG("error: hss_generate_signature failed");
-        key->state = WC_LMS_STATE_BAD;
-        return -1;
-    }
-
-    *sigSz = (word32) len;
-
-    return 0;
-}
-
-/* Returns 1 if there are signatures remaining.
- * Returns 0 if available signatures are exhausted.
- *
- * Note: the number of remaining signatures is hidden behind an opaque
- * pointer in the hash-sigs lib. We could add a counter here that is
- * decremented on every signature. The number of available signatures
- * grows as
- *   N = 2 ** (levels * height)
- * so it would need to be a big integer. */
-int wc_LmsKey_SigsLeft(LmsKey * key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (hss_extra_info_test_last_signature(&key->info)) {
-        return 0;
-    }
-
-    return 1;
-}
-
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY*/
-
-/* Given a levels, height, winternitz parameter set, determine
- * the public key length */
-int wc_LmsKey_GetPubLen(const LmsKey * key, word32 * len)
-{
-    if (key == NULL || len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    *len = (word32) hss_get_public_key_len(key->levels, key->lm_type,
-                                           key->lm_ots_type);
-
-    return 0;
-}
-
-/* Export a generated public key and parameter set from one LmsKey
- * to another. Use this to prepare a signature verification LmsKey
- * that is pub only.
- *
- * Though the public key is all that is used to verify signatures,
- * the parameter set is needed to calculate the signature length
- * before hand. */
-int wc_LmsKey_ExportPub(LmsKey * keyDst, const LmsKey * keySrc)
-{
-    if (keyDst == NULL || keySrc == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ForceZero(keyDst, sizeof(LmsKey));
-
-    XMEMCPY(keyDst->pub, keySrc->pub, sizeof(keySrc->pub));
-    XMEMCPY(keyDst->lm_type, keySrc->lm_type, sizeof(keySrc->lm_type));
-    XMEMCPY(keyDst->lm_ots_type, keySrc->lm_ots_type,
-            sizeof(keySrc->lm_ots_type));
-
-    keyDst->levels = keySrc->levels;
-
-    /* Mark this key as verify only, to prevent misuse. */
-    keyDst->state = WC_LMS_STATE_VERIFYONLY;
-
-    return 0;
-}
-
-/* Exports the raw LMS public key buffer from key to out buffer.
- * The out buffer should be large enough to hold the public key, and
- * outLen should indicate the size of the buffer.
- *
- * - Returns 0 on success, and sets outLen to LMS pubLen.
- * - Returns BUFFER_E if outLen < LMS pubLen.
- *
- * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
- * */
-int wc_LmsKey_ExportPubRaw(const LmsKey * key, byte * out, word32 * outLen)
-{
-    int    ret = 0;
-    word32 pubLen = 0;
-
-    if (key == NULL || out == NULL || outLen == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_LmsKey_GetPubLen(key, &pubLen);
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: wc_LmsKey_GetPubLen failed");
-        return -1;
-    }
-
-    if (*outLen < pubLen) {
-        return BUFFER_E;
-    }
-
-    XMEMCPY(out, key->pub, pubLen);
-    *outLen = pubLen;
-
-    return 0;
-}
-
-/* Imports a raw public key buffer from in array to LmsKey key.
- *
- * The LMS parameters must be set first with wc_LmsKey_SetLmsParm or
- * wc_LmsKey_SetParameters, and inLen must match the length returned
- * by wc_LmsKey_GetPubLen.
- *
- * - Returns 0 on success.
- * - Returns BUFFER_E if inlen != LMS pubLen.
- *
- * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
- * */
-int wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in, word32 inLen)
-{
-    int    ret = 0;
-    word32 pubLen = 0;
-
-    if (key == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_LmsKey_GetPubLen(key, &pubLen);
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: wc_LmsKey_GetPubLen failed");
-        return -1;
-    }
-
-    if (inLen != pubLen) {
-        /* Something inconsistent. Parameters weren't set, or input
-         * pub key is wrong.*/
-        return BUFFER_E;
-    }
-
-    XMEMCPY(key->pub, in, pubLen);
-
-    return 0;
-}
-
-/* Given a levels, height, winternitz parameter set, determine
- * the signature length.
- *
- * Call this before wc_LmsKey_Sign so you know the length of
- * the required signature buffer. */
-int wc_LmsKey_GetSigLen(const LmsKey * key, word32 * len)
-{
-    if (key == NULL || len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    *len = (word32) hss_get_signature_len(key->levels, key->lm_type,
-                                          key->lm_ots_type);
-
-    return 0;
-}
-
-int wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz,
-    const byte * msg, int msgSz)
-{
-    bool result = true;
-
-    if (key == NULL || sig == NULL || msg == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_LMS_VERIFY_ONLY
-    result = hss_validate_signature(key->pub, (const void *) msg, msgSz, sig,
-                                    sigSz, NULL);
-#else
-    result = hss_validate_signature(key->pub, (const void *) msg, msgSz, sig,
-                                    sigSz, &key->info);
-#endif
-
-
-    if (!result) {
-        WOLFSSL_MSG("error: hss_validate_signature failed");
-        return -1;
-    }
-
-    return 0;
-}
-
-int wc_LmsKey_GetKid(LmsKey * key, const byte ** kid, word32* kidSz)
-{
-    if ((key == NULL) || (kid == NULL) || (kidSz == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    return NOT_COMPILED_IN;
-}
-
-const byte * wc_LmsKey_GetKidFromPrivRaw(const byte * priv, word32 privSz)
-{
-    if ((priv == NULL) || (privSz < 16)) {
-        return NULL;
-    }
-    return priv - 16;
-}
-
-#endif /* WOLFSSL_HAVE_LMS && HAVE_LIBLMS */
diff --git a/src/ssl/wolfssl/wolfcrypt/ext_mlkem.c b/src/ssl/wolfssl/wolfcrypt/ext_mlkem.c
deleted file mode 100644
index 0a9bd9b27..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ext_mlkem.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/* ext_mlkem.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_WC_MLKEM)
-#include <wolfssl/wolfcrypt/ext_mlkem.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined (HAVE_LIBOQS)
-
-#include <wolfssl/wolfcrypt/port/liboqs/liboqs.h>
-
-static const char* OQS_ID2name(int id) {
-    switch (id) {
-    #ifndef WOLFSSL_NO_ML_KEM
-        case WC_ML_KEM_512:  return OQS_KEM_alg_ml_kem_512;
-        case WC_ML_KEM_768:  return OQS_KEM_alg_ml_kem_768;
-        case WC_ML_KEM_1024: return OQS_KEM_alg_ml_kem_1024;
-    #endif
-    #ifdef WOLFSSL_MLKEM_KYBER
-        case KYBER_LEVEL1: return OQS_KEM_alg_kyber_512;
-        case KYBER_LEVEL3: return OQS_KEM_alg_kyber_768;
-        case KYBER_LEVEL5: return OQS_KEM_alg_kyber_1024;
-    #endif
-        default:           break;
-    }
-    return NULL;
-}
-
-int ext_mlkem_enabled(int id)
-{
-    const char * name = OQS_ID2name(id);
-    return OQS_KEM_alg_is_enabled(name);
-}
-#endif
-
-/******************************************************************************/
-/* Initializer and cleanup functions. */
-
-/**
- * Initialize the Kyber key.
- *
- * @param  [out]  key    Kyber key object to initialize.
- * @param  [in]   type   Type of key: KYBER512, KYBER768, KYBER1024.
- * @param  [in]   heap   Dynamic memory hint.
- * @param  [in]   devId  Device Id.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL or type is unrecognized.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_Init(MlKemKey* key, int type, void* heap, int devId)
-{
-    int ret = 0;
-
-    /* Validate key. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        /* Validate type. */
-        switch (type) {
-#ifndef WOLFSSL_NO_ML_KEM
-        case WC_ML_KEM_512:
-    #ifdef HAVE_LIBOQS
-        case WC_ML_KEM_768:
-        case WC_ML_KEM_1024:
-    #endif /* HAVE_LIBOQS */
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-        case KYBER_LEVEL1:
-    #ifdef HAVE_LIBOQS
-        case KYBER_LEVEL3:
-        case KYBER_LEVEL5:
-    #endif /* HAVE_LIBOQS */
-#endif
-            break;
-        default:
-            /* No other values supported. */
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-    if (ret == 0) {
-        /* Zero out all data. */
-        XMEMSET(key, 0, sizeof(*key));
-
-        /* Keep type for parameters. */
-        key->type = type;
-
-#ifdef WOLF_CRYPTO_CB
-        key->devCtx = NULL;
-        key->devId = devId;
-#endif
-    }
-
-    (void)heap;
-    (void)devId;
-
-    return ret;
-}
-
-/**
- * Free the Kyber key object.
- *
- * @param  [in, out]  key   Kyber key object to dispose of.
- */
-int wc_MlKemKey_Free(MlKemKey* key)
-{
-    if (key != NULL) {
-        /* Ensure all private data is zeroed. */
-        ForceZero(key, sizeof(*key));
-    }
-
-    return 0;
-}
-
-/******************************************************************************/
-/* Data size getters. */
-
-/**
- * Get the size in bytes of encoded private key for the key.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  len  Length of encoded private key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_PrivateKeySize(MlKemKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef HAVE_LIBOQS
-    /* NOTE: SHAKE and AES variants have the same length private key. */
-    if (ret == 0) {
-        switch (key->type) {
-    #ifndef WOLFSSL_NO_ML_KEM
-        case WC_ML_KEM_512:
-            *len = OQS_KEM_ml_kem_512_length_secret_key;
-            break;
-        case WC_ML_KEM_768:
-            *len = OQS_KEM_ml_kem_768_length_secret_key;
-            break;
-        case WC_ML_KEM_1024:
-            *len = OQS_KEM_ml_kem_1024_length_secret_key;
-            break;
-    #endif
-    #ifdef WOLFSSL_MLKEM_KYBER
-        case KYBER_LEVEL1:
-            *len = OQS_KEM_kyber_512_length_secret_key;
-            break;
-        case KYBER_LEVEL3:
-            *len = OQS_KEM_kyber_768_length_secret_key;
-            break;
-        case KYBER_LEVEL5:
-            *len = OQS_KEM_kyber_1024_length_secret_key;
-            break;
-    #endif
-        default:
-            /* No other values supported. */
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-#endif /* HAVE_LIBOQS */
-
-    return ret;
-}
-
-/**
- * Get the size in bytes of encoded public key for the key.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  len  Length of encoded public key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_PublicKeySize(MlKemKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef HAVE_LIBOQS
-    /* NOTE: SHAKE and AES variants have the same length public key. */
-    if (ret == 0) {
-        switch (key->type) {
-    #ifndef WOLFSSL_NO_ML_KEM
-        case WC_ML_KEM_512:
-            *len = OQS_KEM_ml_kem_512_length_public_key;
-            break;
-        case WC_ML_KEM_768:
-            *len = OQS_KEM_ml_kem_768_length_public_key;
-            break;
-        case WC_ML_KEM_1024:
-            *len = OQS_KEM_ml_kem_1024_length_public_key;
-            break;
-    #endif
-    #ifdef WOLFSSL_MLKEM_KYBER
-        case KYBER_LEVEL1:
-            *len = OQS_KEM_kyber_512_length_public_key;
-            break;
-        case KYBER_LEVEL3:
-            *len = OQS_KEM_kyber_768_length_public_key;
-            break;
-        case KYBER_LEVEL5:
-            *len = OQS_KEM_kyber_1024_length_public_key;
-            break;
-    #endif
-        default:
-            /* No other values supported. */
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-#endif /* HAVE_LIBOQS */
-
-    return ret;
-}
-
-/**
- * Get the size in bytes of cipher text for key.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  len  Length of cipher text in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_CipherTextSize(MlKemKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef HAVE_LIBOQS
-    /* NOTE: SHAKE and AES variants have the same length ciphertext. */
-    if (ret == 0) {
-        switch (key->type) {
-    #ifndef WOLFSSL_NO_ML_KEM
-        case WC_ML_KEM_512:
-            *len = OQS_KEM_ml_kem_512_length_ciphertext;
-            break;
-        case WC_ML_KEM_768:
-            *len = OQS_KEM_ml_kem_768_length_ciphertext;
-            break;
-        case WC_ML_KEM_1024:
-            *len = OQS_KEM_ml_kem_1024_length_ciphertext;
-            break;
-    #endif
-    #ifdef WOLFSSL_MLKEM_KYBER
-        case KYBER_LEVEL1:
-            *len = OQS_KEM_kyber_512_length_ciphertext;
-            break;
-        case KYBER_LEVEL3:
-            *len = OQS_KEM_kyber_768_length_ciphertext;
-            break;
-        case KYBER_LEVEL5:
-            *len = OQS_KEM_kyber_1024_length_ciphertext;
-            break;
-    #endif
-        default:
-            /* No other values supported. */
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-#endif /* HAVE_LIBOQS */
-
-    return ret;
-}
-
-/**
- * Size of a shared secret in bytes. Always KYBER_SS_SZ.
- *
- * @param  [in]   key  Kyber key object. Not used.
- * @param  [out]  Size of the shared secret created with a Kyber key.
- * @return  0 on success.
- * @return  0 to indicate success.
- */
-int wc_MlKemKey_SharedSecretSize(MlKemKey* key, word32* len)
-{
-    (void)key;
-    /* Validate parameters. */
-    if (len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    *len = KYBER_SS_SZ;
-
-    return 0;
-}
-
-/******************************************************************************/
-/* Cryptographic operations. */
-
-/**
- * Make a Kyber key object using a random number generator.
- *
- * NOTE: rng is ignored. OQS doesn't use our RNG.
- *
- * @param  [in, out]  key   Kyber key ovject.
- * @param  [in]       rng   Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rng is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_MakeKey(MlKemKey* key, WC_RNG* rng)
-{
-    int ret = 0;
-#ifdef HAVE_LIBOQS
-    const char* algName = NULL;
-    OQS_KEM *kem = NULL;
-#endif
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (key->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_MakePqcKemKey(rng, WC_PQC_KEM_TYPE_KYBER,
-                                        key->type, key);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-        ret = 0;
-    }
-#endif
-
-#ifdef HAVE_LIBOQS
-    if (ret == 0) {
-        algName = OQS_ID2name(key->type);
-        if (algName == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        kem = OQS_KEM_new(algName);
-        if (kem == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    if (ret == 0) {
-        ret = wolfSSL_liboqsRngMutexLock(rng);
-    }
-    if (ret == 0) {
-        if (OQS_KEM_keypair(kem, key->pub, key->priv) !=
-            OQS_SUCCESS) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    wolfSSL_liboqsRngMutexUnlock();
-    OQS_KEM_free(kem);
-#endif /* HAVE_LIBOQS */
-
-    if (ret != 0) {
-        ForceZero(key, sizeof(*key));
-    }
-
-    return ret;
-}
-
-/**
- * Make a Kyber key object using random data.
- *
- * @param  [in, out]  key   Kyber key ovject.
- * @param  [in]       rng   Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rand is NULL.
- * @return  BUFFER_E when length is not KYBER_MAKEKEY_RAND_SZ.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_MakeKeyWithRandom(MlKemKey* key, const unsigned char* rand,
-    int len)
-{
-    (void)rand;
-    (void)len;
-    /* OQS doesn't support external randomness. */
-    return wc_MlKemKey_MakeKey(key, NULL);
-}
-
-/**
- * Encapsulate with random number generator and derive secret.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  ct   Cipher text.
- * @param  [out]  ss   Shared secret generated.
- * @param  [in]   rng  Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ct, ss or RNG is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_Encapsulate(MlKemKey* key, unsigned char* ct, unsigned char* ss,
-    WC_RNG* rng)
-{
-    int ret = 0;
-#ifdef WOLF_CRYPTO_CB
-    word32 ctlen = 0;
-#endif
-#ifdef HAVE_LIBOQS
-    const char * algName = NULL;
-    OQS_KEM *kem = NULL;
-#endif
-
-    (void)rng;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (ct == NULL) || (ss == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0) {
-        ret = wc_MlKemKey_CipherTextSize(key, &ctlen);
-    }
-    if ((ret == 0)
-    #ifndef WOLF_CRYPTO_CB_FIND
-        && (key->devId != INVALID_DEVID)
-    #endif
-    ) {
-        ret = wc_CryptoCb_PqcEncapsulate(ct, ctlen, ss, KYBER_SS_SZ, rng,
-                                         WC_PQC_KEM_TYPE_KYBER, key);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-        ret = 0;
-    }
-#endif
-
-#ifdef HAVE_LIBOQS
-    if (ret == 0) {
-        algName = OQS_ID2name(key->type);
-        if (algName == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    if (ret == 0) {
-        kem = OQS_KEM_new(algName);
-        if (kem == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    if (ret == 0) {
-        ret = wolfSSL_liboqsRngMutexLock(rng);
-    }
-    if (ret == 0) {
-        if (OQS_KEM_encaps(kem, ct, ss, key->pub) != OQS_SUCCESS) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    wolfSSL_liboqsRngMutexUnlock();
-    OQS_KEM_free(kem);
-#endif /* HAVE_LIBOQS */
-
-    return ret;
-}
-
-/**
- * Encapsulate with random data and derive secret.
- *
- * @param  [out]  ct    Cipher text.
- * @param  [out]  ss    Shared secret generated.
- * @param  [in]   rand  Random data.
- * @param  [in]   len   Random data.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ct, ss or RNG is NULL.
- * @return  BUFFER_E when len is not KYBER_ENC_RAND_SZ.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_EncapsulateWithRandom(MlKemKey* key, unsigned char* ct,
-    unsigned char* ss, const unsigned char* rand, int len)
-{
-    (void)rand;
-    (void)len;
-    /* OQS doesn't support external randomness. */
-    return wc_MlKemKey_Encapsulate(key, ct, ss, NULL);
-}
-
-/**
- * Decapsulate the cipher text to calculate the shared secret.
- *
- * Validates the cipher text by encapsulating and comparing with data passed in.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  ss   Shared secret.
- * @param  [in]   ct   Cipher text.
- * @param  [in]   len  Length of cipher text.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ss or cr are NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  BUFFER_E when len is not the length of cipher text for the key type.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_Decapsulate(MlKemKey* key, unsigned char* ss,
-    const unsigned char* ct, word32 len)
-{
-    int ret = 0;
-    word32 ctlen = 0;
-#ifdef HAVE_LIBOQS
-    const char * algName = NULL;
-    OQS_KEM *kem = NULL;
-#endif
-
-    /* Validate parameters. */
-    if ((key == NULL) || (ss == NULL) || (ct == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        ret = wc_MlKemKey_CipherTextSize(key, &ctlen);
-    }
-    if ((ret == 0) && (len != ctlen)) {
-        ret = BUFFER_E;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if ((ret == 0)
-    #ifndef WOLF_CRYPTO_CB_FIND
-        && (key->devId != INVALID_DEVID)
-    #endif
-    ) {
-        ret = wc_CryptoCb_PqcDecapsulate(ct, ctlen, ss, KYBER_SS_SZ,
-                                         WC_PQC_KEM_TYPE_KYBER, key);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-        ret = 0;
-    }
-#endif
-
-#ifdef HAVE_LIBOQS
-    if (ret == 0) {
-        algName = OQS_ID2name(key->type);
-        if (algName == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    if (ret == 0) {
-        kem = OQS_KEM_new(algName);
-        if (kem == NULL) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-    if (ret == 0) {
-        if (OQS_KEM_decaps(kem, ss, ct, key->priv) != OQS_SUCCESS) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    OQS_KEM_free(kem);
-#endif /* HAVE_LIBOQS */
-
-    return ret;
-
-}
-
-/******************************************************************************/
-/* Encoding and decoding functions. */
-
-/**
- * Decode the private key.
- *
- * We store the whole thing in the private key buffer. Note this means we cannot
- * do the encapsulation operation with the private key. But generally speaking
- * this is never done.
- *
- * @param  [in, out]  key  Kyber key object.
- * @param  [in]       in   Buffer holding encoded key.
- * @param  [in]       len  Length of data in buffer.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or in is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  BUFFER_E when len is not the correct size.
- */
-int wc_MlKemKey_DecodePrivateKey(MlKemKey* key, const unsigned char* in,
-    word32 len)
-{
-    int ret = 0;
-    word32 privLen = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        ret = wc_MlKemKey_PrivateKeySize(key, &privLen);
-    }
-
-    /* Ensure the data is the correct length for the key type. */
-    if ((ret == 0) && (len != privLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(key->priv, in, privLen);
-    }
-
-    return ret;
-}
-
-/**
- * Decode public key.
- *
- * We store the whole thing in the public key buffer.
- *
- * @param  [in, out]  key  Kyber key object.
- * @param  [in]       in   Buffer holding encoded key.
- * @param  [in]       len  Length of data in buffer.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or in is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  BUFFER_E when len is not the correct size.
- */
-int wc_MlKemKey_DecodePublicKey(MlKemKey* key, const unsigned char* in,
-    word32 len)
-{
-    int ret = 0;
-    word32 pubLen = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        ret = wc_MlKemKey_PublicKeySize(key, &pubLen);
-    }
-
-    /* Ensure the data is the correct length for the key type. */
-    if ((ret == 0) && (len != pubLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(key->pub, in, pubLen);
-    }
-
-    return ret;
-}
-
-/**
- * Encode the private key.
- *
- * We stored it as a blob so we can just copy it over.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  out  Buffer to hold data.
- * @param  [in]   len  Size of buffer in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or out is NULL or private/public key not
- * available.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_EncodePrivateKey(MlKemKey* key, unsigned char* out, word32 len)
-{
-    int ret = 0;
-    unsigned int privLen = 0;
-
-    if ((key == NULL) || (out == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        ret = wc_MlKemKey_PrivateKeySize(key, &privLen);
-    }
-
-    /* Check buffer is big enough for encoding. */
-    if ((ret == 0) && (len != privLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(out, key->priv, privLen);
-    }
-
-    return ret;
-}
-
-/**
- * Encode the public key.
- *
- * We stored it as a blob so we can just copy it over.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  out  Buffer to hold data.
- * @param  [in]   len  Size of buffer in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or out is NULL or public key not available.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_EncodePublicKey(MlKemKey* key, unsigned char* out, word32 len)
-{
-    int ret = 0;
-    unsigned int pubLen = 0;
-
-    if ((key == NULL) || (out == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        ret = wc_MlKemKey_PublicKeySize(key, &pubLen);
-    }
-
-    /* Check buffer is big enough for encoding. */
-    if ((ret == 0) && (len != pubLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(out, key->pub, pubLen);
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_HAVE_MLKEM && !WOLFSSL_WC_MLKEM */
diff --git a/src/ssl/wolfssl/wolfcrypt/ext_xmss.c b/src/ssl/wolfssl/wolfcrypt/ext_xmss.c
deleted file mode 100644
index f1bc42276..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ext_xmss.c
+++ /dev/null
@@ -1,1041 +0,0 @@
-/* ext_xmss.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#include <wolfssl/wolfcrypt/sha256.h>
-
-#if defined(WOLFSSL_HAVE_XMSS) && defined(HAVE_LIBXMSS)
-
-#include <wolfssl/wolfcrypt/ext_xmss.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#include <xmss_callbacks.h>
-#include <utils.h>
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-static THREAD_LS_T WC_RNG * xmssRng = NULL;
-
-/* RNG callback used by xmss.
- * */
-static int rng_cb(void * output, size_t length)
-{
-    int ret = 0;
-
-    if (output == NULL || xmssRng == NULL) {
-        return -1;
-    }
-
-    if (length == 0) {
-        return 0;
-    }
-
-    ret = wc_RNG_GenerateBlock(xmssRng, (byte *)output, (word32)length);
-
-    if (ret) {
-        WOLFSSL_MSG("error: XMSS rng_cb failed");
-        return -1;
-    }
-
-    return 0;
-}
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
-
-/* SHA256 callback used by XMSS.
- * */
-static int sha256_cb(const unsigned char *in, unsigned long long inlen,
-                     unsigned char *out)
-{
-    wc_Sha256 sha;
-
-    if (wc_InitSha256_ex(&sha, NULL, INVALID_DEVID) != 0) {
-        WOLFSSL_MSG("SHA256 Init failed");
-        return -1;
-    }
-
-    if (wc_Sha256Update(&sha, in, (word32) inlen) != 0) {
-        WOLFSSL_MSG("SHA256 Update failed");
-        return -1;
-    }
-
-    if (wc_Sha256Final(&sha, out) != 0) {
-        WOLFSSL_MSG("SHA256 Final failed");
-        wc_Sha256Free(&sha);
-        return -1;
-    }
-    wc_Sha256Free(&sha);
-
-    return 0;
-}
-
-/* Init an XMSS key.
- *
- * Call this before setting the params of an XMSS key.
- *
- *  key         [in]  The XMSS key to init.
- *  heap        [in]  Unused.
- *  devId       [in]  Unused.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- * */
-int wc_XmssKey_Init(XmssKey * key, void * heap, int devId)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    (void) heap;
-    (void) devId;
-
-    ForceZero(key, sizeof(XmssKey));
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-    key->sk = NULL;
-    key->sk_len = 0;
-    key->write_private_key = NULL;
-    key->read_private_key = NULL;
-    key->context = NULL;
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
-    key->state = WC_XMSS_STATE_INITED;
-
-    return 0;
-}
-
-/* Sets the XMSS key parameters, given an OID.
- *
- * Note: XMSS and XMSS^MT parameter sets do have overlapping
- * OIDs, therefore is_xmssmt is necessary to toggle.
- *
- *  key         [in]  The XMSS key to set.
- *  OID         [in]  The XMSS parameter set OID.
- *  is_xmssmt   [in]  1 The OID is assumed to be XMSS^MT.
- *                    0 The OID is assumed to be XMSS.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on parse failure.
- * */
-static int wc_XmssKey_SetOid(XmssKey * key, uint32_t oid, int is_xmssmt)
-{
-    int ret = 0;
-
-    if (key == NULL || oid == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Parse the OID and load the XMSS params structure. */
-    if (is_xmssmt) {
-        ret = xmssmt_parse_oid(&key->params, oid);
-    }
-    else {
-        ret = xmss_parse_oid(&key->params, oid);
-    }
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: XMSS parse oid failed");
-        return -1;
-    }
-
-    /* Finally, sanity check that this is a supported parameter set.
-     *
-     * We are only supporting XMSS/XMSS^MT with SHA256 parameter sets
-     * that NIST SP 800-208 has standardized. See patched xmss-reference
-     * params.h for the defines. */
-    if (key->params.func != XMSS_SHA2 ||
-        key->params.n != XMSS_SHA256_N ||
-        key->params.padding_len != XMSS_SHA256_PADDING_LEN ||
-        key->params.wots_w != 16 ||
-        key->params.wots_len != XMSS_SHA256_WOTS_LEN) {
-        WOLFSSL_MSG("error: unsupported XMSS/XMSS^MT parameter set");
-        return -1;
-    }
-    if ((key->params.full_height < WOLFSSL_XMSS_MIN_HEIGHT) ||
-        (key->params.full_height > WOLFSSL_XMSS_MAX_HEIGHT)) {
-        WOLFSSL_MSG("error: unsupported XMSS/XMSS^MT parameter set - height");
-        return -1;
-    }
-
-    ret = xmss_set_sha_cb(sha256_cb);
-    if (ret != 0) {
-        WOLFSSL_MSG("error: xmss_set_sha_cb failed");
-        return -1;
-    }
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-    ret = xmss_set_rng_cb(rng_cb);
-    if (ret != 0) {
-        WOLFSSL_MSG("error: xmss_set_rng_cb failed");
-        return -1;
-    }
-#endif
-
-    key->oid = oid;
-    key->is_xmssmt = is_xmssmt;
-    key->state = WC_XMSS_STATE_PARMSET;
-
-    return 0;
-}
-
-/* Set the XMSS key parameter string.
- *
- * The input string must be one of the supported param set names in
- * the "Name" section from the table in wolfssl/wolfcrypt/xmss.h,
- * e.g. "XMSS-SHA2_10_256" or "XMSSMT-SHA2_20/4_256".
- *
- *  key         [in]  The XMSS key to set.
- *  str         [in]  The XMSS/XMSS^MT parameter string.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on failure.
- * */
-int wc_XmssKey_SetParamStr(XmssKey * key, const char * str)
-{
-    int      ret = 0;
-    uint32_t oid = 0;
-    int      is_xmssmt = 0;
-
-    if (key == NULL || str == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_XMSS_STATE_INITED) {
-        WOLFSSL_MSG("error: XMSS key needs init");
-        return BAD_FUNC_ARG;
-    }
-
-    switch(XSTRLEN(str)) {
-    case XMSS_NAME_LEN:
-        is_xmssmt = 0;
-        break;
-    case XMSSMT_NAME_MIN_LEN:
-    case XMSSMT_NAME_MAX_LEN:
-        is_xmssmt = 1;
-        break;
-    default:
-        WOLFSSL_MSG("error: XMSS param str invalid length");
-        return BAD_FUNC_ARG;
-    }
-
-    /* Convert XMSS param string to OID. */
-    if (is_xmssmt) {
-        ret = xmssmt_str_to_oid(&oid, str);
-    }
-    else {
-        ret = xmss_str_to_oid(&oid, str);
-    }
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: xmssmt_str_to_oid failed");
-        return -1;
-    }
-
-    return wc_XmssKey_SetOid(key, oid, is_xmssmt);
-}
-
-/* Force zeros and frees the XMSS key from memory.
- *
- * This does not touch the private key saved to non-volatile storage.
- *
- * This is the only function that frees the key->sk array.
- *
- *  key         [in]  The XMSS key.
- *
- *  returns     void
- * */
-void wc_XmssKey_Free(XmssKey* key)
-{
-    if (key == NULL) {
-        return;
-    }
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-    if (key->sk != NULL) {
-        ForceZero(key->sk, key->sk_len);
-        XFREE(key->sk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        key->sk = NULL;
-        key->sk_len = 0;
-    }
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
-
-    ForceZero(key, sizeof(XmssKey));
-
-    key->state = WC_XMSS_STATE_FREED;
-
-    return;
-}
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-/* Sets the XMSS write private key callback.
- *
- * The callback must be able to write/update the private key to
- * non-volatile storage.
- *
- *  key         [in]  The XMSS key.
- *  write_cb    [in]  The write private key callback.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on failure.
- * */
-int wc_XmssKey_SetWriteCb(XmssKey * key, wc_xmss_write_private_key_cb write_cb)
-{
-    if (key == NULL || write_cb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Changing the write callback of an already working key is forbidden. */
-    if (key->state == WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_XmssKey_SetWriteCb: key in use");
-        return -1;
-    }
-
-    key->write_private_key = write_cb;
-
-    return 0;
-}
-
-/* Sets the XMSS read private key callback.
- *
- * The callback must be able to read the private key from
- * non-volatile storage.
- *
- *  key         [in]  The XMSS key.
- *  read_cb     [in]  The read private key callback.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on failure.
- * */
-int wc_XmssKey_SetReadCb(XmssKey * key, wc_xmss_read_private_key_cb read_cb)
-{
-    if (key == NULL || read_cb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Changing the read callback of an already working key is forbidden. */
-    if (key->state == WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_XmssKey_SetReadCb: key in use");
-        return -1;
-    }
-
-    key->read_private_key = read_cb;
-
-    return 0;
-}
-
-/* Sets the XMSS context to be used by write and read callbacks.
- *
- * E.g. this could be a filename if the callbacks write/read to file.
- *
- *  key         [in]  The XMSS key.
- *  context     [in]  The context pointer.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on failure.
- * */
-int wc_XmssKey_SetContext(XmssKey * key, void * context)
-{
-    if (key == NULL || context == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Setting context of an already working key is forbidden. */
-    if (key->state == WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_XmssKey_SetContext: key in use");
-        return -1;
-    }
-
-    key->context = context;
-
-    return 0;
-}
-
-
-/* Allocates the XMSS secret key (sk) array.
- *
- * The XMSS/XMSS^MT secret key length is a function of the
- * parameters, and can't be allocated until the param string
- * has been set with SetParamStr.
- *
- * This is only called by MakeKey() and Reload().
- *
- * Note: the XMSS sk array is force zeroed after every use.
- *
- *  key         [in]  The XMSS key.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on failure.
- * */
-static int wc_XmssKey_AllocSk(XmssKey* key)
-{
-    int ret = 0;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->sk != NULL) {
-        WOLFSSL_MSG("error: XMSS secret key already exists");
-        return -1;
-    }
-
-    /* The XMSS/XMSS^MT secret key length is a function of the
-     * parameters. Therefore can't allocate this until param
-     * string has been set. */
-    ret = wc_XmssKey_GetPrivLen(key, &key->sk_len);
-
-    if (ret != 0 || key->sk_len <= 0) {
-        WOLFSSL_MSG("error: wc_XmssKey_GetPrivLen failed");
-        return -1;
-    }
-
-    key->sk = (unsigned char *)XMALLOC(key->sk_len, NULL,
-                                       DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (key->sk == NULL) {
-        WOLFSSL_MSG("error: malloc XMSS key->sk failed");
-        return -1;
-    }
-
-    ForceZero(key->sk, key->sk_len);
-
-    return 0;
-}
-
-/* Make the XMSS/XMSS^MT private/public key pair. The key must have its parameters
- * set before calling this.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * This function and Reload() are the only functions that allocate
- * key->sk array. wc_XmssKey_FreeKey is the only function that
- * deallocates key->sk.
- *
- *  key         [in]  The XMSS key to make.
- *  rng         [in]  Initialized WC_RNG pointer.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on verify fail.
- * */
-int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG * rng)
-{
-    int            ret = 0;
-    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
-
-    if (key == NULL || rng == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_XMSS_STATE_PARMSET) {
-        WOLFSSL_MSG("error: XmssKey not ready for generation");
-        return -1;
-    }
-
-    if (key->write_private_key == NULL || key->read_private_key == NULL) {
-        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
-        return -1;
-    }
-
-    if (key->context == NULL) {
-        WOLFSSL_MSG("error: XmssKey context is not set");
-        return -1;
-    }
-
-    /* Allocate sk array. */
-    ret = wc_XmssKey_AllocSk(key);
-
-    if (ret != 0) {
-        return ret;
-    }
-
-    xmssRng = rng;
-
-    /* Finally make the secret public key pair. Immediately write it to NV
-     * storage and then clear from memory. */
-    if (key->is_xmssmt) {
-        ret = xmssmt_keypair(key->pk, key->sk, key->oid);
-    }
-    else {
-        ret = xmss_keypair(key->pk, key->sk, key->oid);
-    }
-
-    if (ret == 0) {
-        cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
-    }
-
-    ForceZero(key->sk, key->sk_len);
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: XMSS keypair failed");
-        key->state = WC_XMSS_STATE_BAD;
-        return -1;
-    }
-
-    if (cb_rc != WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
-        WOLFSSL_MSG("error: XMSS write to NV storage failed");
-        key->state = WC_XMSS_STATE_BAD;
-        return -1;
-    }
-
-    key->state = WC_XMSS_STATE_OK;
-
-    return 0;
-}
-
-/* This function allocates the secret key buffer, and does a
- * quick sanity check to verify the secret key is readable
- * from NV storage, and then force zeros the key from memory.
- *
- * On success it sets the key state to OK.
- *
- * Use this function to resume signing with an already existing
- * XMSS key pair.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * Returns 0 on success.
- *
- * This function and MakeKey are the only functions that allocate
- * key->sk array. wc_XmssKey_FreeKey is the only function that
- * deallocates key->sk.
- *
- *  key         [in]      XMSS key to load.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on load fail.
- * */
-int wc_XmssKey_Reload(XmssKey * key)
-{
-    int            ret = 0;
-    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_XMSS_STATE_PARMSET) {
-        WOLFSSL_MSG("error: XmssKey not ready for reload");
-        return -1;
-    }
-
-    if (key->write_private_key == NULL || key->read_private_key == NULL) {
-        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
-        return -1;
-    }
-
-    if (key->context == NULL) {
-        WOLFSSL_MSG("error: XmssKey context is not set");
-        return -1;
-    }
-
-    /* Allocate sk array. */
-    ret = wc_XmssKey_AllocSk(key);
-
-    if (ret != 0) {
-        return ret;
-    }
-
-    /* Read the current secret key from NV storage. Force clear it
-     * immediately. This is just to sanity check the secret key
-     * is readable from permanent storage. */
-    cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
-    ForceZero(key->sk, key->sk_len);
-
-    if (cb_rc != WC_XMSS_RC_READ_TO_MEMORY) {
-        WOLFSSL_MSG("error: XMSS read from NV storage failed");
-        key->state = WC_XMSS_STATE_BAD;
-        return -1;
-    }
-
-    key->state = WC_XMSS_STATE_OK;
-
-    return 0;
-}
-
-/* Gets the XMSS/XMSS^MT private key length.
- *
- * Parameters must be set before calling this, as the key size (sk_bytes)
- * is a function of the parameters.
- *
- * Note: the XMSS/XMSS^MT private key format is implementation specific,
- * and not standardized. Interoperability of XMSS private keys should
- * not be expected.
- *
- *  key         [in]      The XMSS key.
- *  len         [out]     The length of the private key in bytes.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on sign fail.
- * */
-int wc_XmssKey_GetPrivLen(const XmssKey * key, word32 * len)
-{
-    if (key == NULL || len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_XMSS_STATE_OK && key->state != WC_XMSS_STATE_PARMSET) {
-        /* params.sk_bytes not set yet. */
-        return -1;
-    }
-
-    *len = XMSS_OID_LEN + (word32) key->params.sk_bytes;
-
-    return 0;
-}
-
-/* Signs the message using the XMSS secret key, and
- * updates the secret key on NV storage.
- *
- * Both operations must succeed to be considered
- * successful.
- *
- * On success:  sets key state to WC_XMSS_STATE_OK.
- * On failure:  sets key state to WC_XMSS_STATE_BAD
- *
- * If no signatures are left, sets state to WC_XMSS_STATE_NOSIGS.
- */
-static void wc_XmssKey_SignUpdate(XmssKey* key, byte * sig, word32 * sigLen,
-    const byte * msg, int msgLen)
-{
-    int                ret = -1;
-    unsigned long long len = *sigLen;
-    enum wc_XmssRc     cb_rc = WC_XMSS_RC_NONE;
-
-    /* Set the key state to bad by default. State is presumed bad
-     * unless a correct sign and update operation happen together. */
-    key->state = WC_XMSS_STATE_BAD;
-    *sigLen = 0;
-
-    /* Read the current secret key from NV storage.*/
-    cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
-
-    if (cb_rc == WC_XMSS_RC_READ_TO_MEMORY) {
-        /* Read was good. Now sign and update the secret key in memory. */
-        if (key->is_xmssmt) {
-            ret = xmssmt_sign(key->sk, sig, &len, msg, msgLen);
-        }
-        else {
-            ret = xmss_sign(key->sk, sig, &len, msg, msgLen);
-        }
-
-        if (ret == 0 && len == key->params.sig_bytes) {
-            /* The signature succeeded. key->sk is now updated and must be
-             * committed to NV storage. */
-            cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
-
-            if (cb_rc == WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
-                /* key->sk was successfully committed to NV storage. Set the
-                 * key state to OK, and set the sigLen. */
-                key->state = WC_XMSS_STATE_OK;
-                *sigLen = (word32) len;
-            }
-            else {
-                /* Write to NV storage failed. Erase the signature from
-                 * memory. */
-                ForceZero(sig, key->params.sig_bytes);
-                WOLFSSL_MSG("error: XMSS write_private_key failed");
-            }
-        }
-        else if (ret == -2) {
-            /* Signature space exhausted. */
-            key->state = WC_XMSS_STATE_NOSIGS;
-            WOLFSSL_MSG("error: no XMSS signatures remaining");
-        }
-        else {
-            /* Something failed or inconsistent in signature. Erase the
-             * signature just to be safe. */
-            ForceZero(sig, key->params.sig_bytes);
-            WOLFSSL_MSG("error: XMSS sign failed");
-        }
-    }
-    else {
-        /* Read from NV storage failed. */
-        WOLFSSL_MSG("error: XMSS read_private_key failed");
-    }
-
-    /* Force zero the secret key from memory always. */
-    ForceZero(key->sk, key->sk_len);
-
-    return;
-}
-
-/* Sign the message using the XMSS secret key.
- *
- *  key         [in]      XMSS key to use to sign.
- *  sig         [in]      Buffer to write signature into.
- *  sigLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  msg         [in]      Message to sign.
- *  msgLen      [in]      Length of the message in bytes.
- *
- *  returns     0 on success.
- *  returns     -1 on sign fail.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     BUFFER_E when sigLen is too small.
- */
-int wc_XmssKey_Sign(XmssKey* key, byte * sig, word32 * sigLen, const byte * msg,
-    int msgLen)
-{
-    if (key == NULL || sig == NULL || sigLen == NULL || msg == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (msgLen <= 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (*sigLen < key->params.sig_bytes) {
-        /* Signature buffer too small. */
-        WOLFSSL_MSG("error: XMSS sig buffer too small");
-        return BUFFER_E;
-    }
-
-    if (key->state == WC_XMSS_STATE_NOSIGS) {
-        WOLFSSL_MSG("error: XMSS signatures exhausted");
-        return -1;
-    }
-    else if (key->state != WC_XMSS_STATE_OK) {
-       /* The key had an error the last time it was used, and we
-        * can't guarantee its state. */
-        WOLFSSL_MSG("error: can't sign, XMSS key not in good state");
-        return -1;
-    }
-
-    if (key->write_private_key == NULL || key->read_private_key == NULL) {
-        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
-        return -1;
-    }
-
-    if (key->context == NULL) {
-        WOLFSSL_MSG("error: XmssKey context is not set");
-        return -1;
-    }
-
-    /* Finally, sign and update the secret key. */
-    wc_XmssKey_SignUpdate(key, sig, sigLen, msg, msgLen);
-
-    return (key->state == WC_XMSS_STATE_OK) ? 0 : -1;
-}
-
-
-/* Check if more signatures are possible with key.
- *
- * @param [in] key  XMSS key to check.
- * @return  1 when signatures possible.
- * @return  0 when key exhausted.
- */
-int  wc_XmssKey_SigsLeft(XmssKey* key)
-{
-    int ret = 0;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = 0;
-    }
-    /* Validate state. */
-    else if (key->state == WC_XMSS_STATE_NOSIGS) {
-        WOLFSSL_MSG("error: XMSS signatures exhausted");
-        ret = 0;
-    }
-    else if (key->state != WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: can't sign, XMSS key not in good state");
-        ret = 0;
-    }
-    /* Read the current secret key from NV storage.*/
-    else if (key->read_private_key(key->sk, key->sk_len, key->context) !=
-             WC_XMSS_RC_READ_TO_MEMORY) {
-        WOLFSSL_MSG("error: XMSS read_private_key failed");
-        ret = 0;
-    }
-    else {
-        /* The following assumes core_fast implementation is used
-         * from patched xmss-reference. */
-        const unsigned char* sk = (key->sk + XMSS_OID_LEN);
-        const xmss_params*   params = &key->params;
-        unsigned long long   idx = 0;
-
-        if (key->is_xmssmt) {
-            for (uint64_t i = 0; i < params->index_bytes; i++) {
-                idx |= ((unsigned long long)sk[i])
-                       << 8 * (params->index_bytes - 1 - i);
-            }
-        }
-        else {
-            idx = ((unsigned long)sk[0] << 24) |
-                  ((unsigned long)sk[1] << 16) |
-                  ((unsigned long)sk[2] <<  8) | sk[3];
-        }
-
-        ret = idx < ((1ULL << params->full_height) - 1);
-
-        /* Force zero the secret key from memory always. */
-        ForceZero(key->sk, key->sk_len);
-    }
-
-    return ret;
-}
-#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY*/
-
-/* Get the XMSS/XMSS^MT public key length. The public key
- * is static in size and does not depend on parameters,
- * other than the choice of SHA256 as hashing function.
- *
- *  key         [in]      The XMSS key.
- *  len         [out]     The length of the public key.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- */
-int wc_XmssKey_GetPubLen(const XmssKey * key, word32 * len)
-{
-    if (key == NULL || len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    *len = XMSS_SHA256_PUBLEN;
-
-    return 0;
-}
-
-/* Export a generated public key and parameter set from one XmssKey
- * to another. Use this to prepare a signature verification XmssKey
- * that is pub only.
- *
- *  keyDst      [out]    Destination key for copy.
- *  keySrc      [in]     Source key for copy.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- * */
-int wc_XmssKey_ExportPub(XmssKey * keyDst, const XmssKey * keySrc)
-{
-    if (keyDst == NULL || keySrc == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ForceZero(keyDst, sizeof(XmssKey));
-
-    XMEMCPY(keyDst->pk, keySrc->pk, sizeof(keySrc->pk));
-
-    keyDst->oid = keySrc->oid;
-    keyDst->is_xmssmt = keySrc->is_xmssmt;
-
-    /* Mark keyDst as verify only, to prevent misuse. */
-    keyDst->state = WC_XMSS_STATE_VERIFYONLY;
-
-    return 0;
-}
-
-/* Exports the raw XMSS public key buffer from key to out buffer.
- * The out buffer should be large enough to hold the public key, and
- * outLen should indicate the size of the buffer.
- *
- *  key         [in]      XMSS key.
- *  out         [out]     Array holding public key.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the public key.
- *
- *  returns     0 on success.
- *  returns     -1 on failure.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     BUFFER_E if array is too small.
- * */
-int wc_XmssKey_ExportPubRaw(const XmssKey * key, byte * out, word32 * outLen)
-{
-    int    ret = 0;
-    word32 pubLen = 0;
-
-    if (key == NULL || out == NULL || outLen == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_XmssKey_GetPubLen(key, &pubLen);
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: wc_XmssKey_GetPubLen failed");
-        return -1;
-    }
-
-    if (*outLen < pubLen) {
-        return BUFFER_E;
-    }
-
-    XMEMCPY(out, key->pk, pubLen);
-    *outLen = pubLen;
-
-    return 0;
-}
-
-/* Imports a raw public key buffer from in array to XmssKey key.
- *
- * The XMSS parameters must be set first with wc_XmssKey_SetParamStr,
- * and inLen must match the length returned by wc_XmssKey_GetPubLen.
- *
- *  key         [in]      XMSS key.
- *  in          [in]      Array holding public key.
- *  inLen       [in]      Length of array in bytes.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     BUFFER_E if array is incorrect size.
- *  returns     -1 on failure.
- * */
-int wc_XmssKey_ImportPubRaw(XmssKey * key, const byte * in, word32 inLen)
-{
-    int    ret = 0;
-    word32 pubLen = 0;
-
-    if (key == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_XMSS_STATE_PARMSET) {
-        /* XMSS key not ready for import. Param str must be set first. */
-        WOLFSSL_MSG("error: XMSS key not ready for import");
-        return -1;
-    }
-
-    ret = wc_XmssKey_GetPubLen(key, &pubLen);
-
-    if (ret != 0) {
-        WOLFSSL_MSG("error: wc_XmssKey_GetPubLen failed");
-        return -1;
-    }
-
-    if (inLen != pubLen) {
-        /* Something inconsistent. Parameters weren't set, or input
-         * pub key is wrong.*/
-        return BUFFER_E;
-    }
-
-    XMEMCPY(key->pk, in, pubLen);
-
-    key->state = WC_XMSS_STATE_VERIFYONLY;
-
-    return 0;
-}
-
-/* Gets the XMSS/XMSS^MT signature length.
- *
- * Parameters must be set before calling this, as the signature size
- * is a function of the parameters.
- *
- * Note: call this before wc_XmssKey_Sign or Verify so you know the
- * length of the required signature buffer.
- *
- *  key         [in]      XMSS key to use to sign.
- *  len         [out]     The length of the signature in bytes.
- *
- *  returns     0 on success.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     -1 on sign fail.
- * */
-int wc_XmssKey_GetSigLen(const XmssKey * key, word32 * len)
-{
-    if (key == NULL || len == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->state != WC_XMSS_STATE_OK && key->state != WC_XMSS_STATE_PARMSET) {
-        return -1;
-    }
-
-    *len = key->params.sig_bytes;
-
-    return 0;
-}
-
-/* Verify the signature using the XMSS public key.
- *
- * Requires that XMSS parameters have been set with
- * wc_XmssKey_SetParamStr, and that a public key is available
- * from importing or MakeKey().
- *
- * Call wc_XmssKey_GetSigLen() before this function to determine
- * length of the signature buffer.
- *
- *  key         [in]  XMSS key to use to verify.
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *
- *  returns     0 on success.
- *  returns     -1 on verify fail.
- *  returns     BAD_FUNC_ARG when a parameter is NULL.
- *  returns     BUFFER_E when sigLen is too small.
- */
-int wc_XmssKey_Verify(XmssKey * key, const byte * sig, word32 sigLen,
-    const byte * msg, int msgLen)
-{
-    int                ret = 0;
-    unsigned long long msg_len = 0;
-
-    msg_len = msgLen;
-
-    if (key == NULL || sig == NULL || msg == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sigLen < key->params.sig_bytes) {
-        /* Signature buffer too small. */
-        return BUFFER_E;
-    }
-
-    if (key->state != WC_XMSS_STATE_OK &&
-        key->state != WC_XMSS_STATE_VERIFYONLY) {
-        /* XMSS key not ready for verification. Param str must be
-         * set first, and Reload() called. */
-        WOLFSSL_MSG("error: XMSS key not ready for verification");
-        return -1;
-    }
-
-    if (key->is_xmssmt) {
-        ret = xmssmt_sign_open(msg, &msg_len, sig, sigLen, key->pk);
-    }
-    else {
-        ret = xmss_sign_open(msg, &msg_len, sig, sigLen, key->pk);
-    }
-
-    if (ret != 0 || (int) msg_len != msgLen) {
-        WOLFSSL_MSG("error: XMSS verify failed");
-        return -1;
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_HAVE_XMSS && HAVE_LIBXMSS */
diff --git a/src/ssl/wolfssl/wolfcrypt/falcon.c b/src/ssl/wolfssl/wolfcrypt/falcon.c
deleted file mode 100644
index 720001896..000000000
--- a/src/ssl/wolfssl/wolfcrypt/falcon.c
+++ /dev/null
@@ -1,973 +0,0 @@
-/* falcon.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/* Based on ed448.c and Reworked for Falcon by Anthony Hu. */
-
-#if defined(HAVE_PQC) && defined(HAVE_FALCON)
-
-#include <wolfssl/wolfcrypt/asn.h>
-
-#ifdef HAVE_LIBOQS
-#include <oqs/oqs.h>
-#endif
-
-#include <wolfssl/wolfcrypt/falcon.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/* Sign the message using the falcon private key.
- *
- *  in          [in]      Message to sign.
- *  inLen       [in]      Length of the message in bytes.
- *  out         [in]      Buffer to write signature into.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Falcon key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL or public key not set,
- *          BUFFER_E when outLen is less than FALCON_LEVEL1_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_falcon_sign_msg(const byte* in, word32 inLen,
-                              byte* out, word32 *outLen,
-                              falcon_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-#ifdef HAVE_LIBOQS
-    OQS_SIG *oqssig = NULL;
-    size_t localOutLen = 0;
-#endif
-
-    /* sanity check on arguments */
-    if ((in == NULL) || (out == NULL) || (outLen == NULL) || (key == NULL)) {
-        return  BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (key->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_PqcSign(in, inLen, out, outLen, NULL, 0,
-                WC_HASH_TYPE_NONE, rng, WC_PQC_SIG_TYPE_FALCON, key);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-        ret = 0;
-    }
-#endif
-
-#ifdef HAVE_LIBOQS
-    if ((ret == 0) && (!key->prvKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (key->level == 1) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_falcon_512);
-        }
-        else if (key->level == 5) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_falcon_1024);
-        }
-
-        if (oqssig == NULL) {
-            ret = SIG_TYPE_E;
-        }
-    }
-
-    if ((ret == 0) && (oqssig == NULL)) {
-        ret = BUFFER_E;
-    }
-
-    /* check and set up out length */
-    if (ret == 0) {
-        if ((key->level == 1) && (*outLen < FALCON_LEVEL1_SIG_SIZE)) {
-            *outLen = FALCON_LEVEL1_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == 5) && (*outLen < FALCON_LEVEL5_SIG_SIZE)) {
-            *outLen = FALCON_LEVEL5_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        localOutLen = *outLen;
-    }
-
-    if (ret == 0) {
-        ret = wolfSSL_liboqsRngMutexLock(rng);
-    }
-
-    if ((ret == 0) &&
-        (OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k)
-         == OQS_ERROR)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        *outLen = (word32)localOutLen;
-    }
-
-    wolfSSL_liboqsRngMutexUnlock();
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-    return ret;
-}
-
-/* Verify the message using the falcon public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Falcon key to use to verify.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          BUFFER_E when sigLen is less than FALCON_LEVEL1_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_falcon_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                        word32 msgLen, int* res, falcon_key* key)
-{
-    int ret = 0;
-#ifdef HAVE_LIBOQS
-    OQS_SIG *oqssig = NULL;
-#endif
-
-    if (key == NULL || sig == NULL || msg == NULL || res == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (key->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_PqcVerify(sig, sigLen, msg, msgLen, NULL, 0,
-                WC_HASH_TYPE_NONE, res, WC_PQC_SIG_TYPE_FALCON, key);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-        ret = 0;
-    }
-#endif
-
-#ifdef HAVE_LIBOQS
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (key->level == 1) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_falcon_512);
-        }
-        else if (key->level == 5) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_falcon_1024);
-        }
-
-        if (oqssig == NULL) {
-            ret = SIG_TYPE_E;
-        }
-    }
-
-    if ((ret == 0) && (oqssig == NULL)) {
-        ret = BUFFER_E;
-    }
-
-    if ((ret == 0) &&
-        (OQS_SIG_verify(oqssig, msg, msgLen, sig, sigLen, key->p)
-         == OQS_ERROR)) {
-         ret = SIG_VERIFY_E;
-    }
-
-    if (ret == 0) {
-        *res = 1;
-    }
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-
-    return ret;
-}
-
-/* Initialize the falcon private/public key.
- *
- * key  [in]  Falcon key.
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_falcon_init(falcon_key* key)
-{
-    return wc_falcon_init_ex(key, NULL, INVALID_DEVID);
-}
-
-/* Initialize the falcon private/public key.
- *
- * key  [in]  Falcon key.
- * heap [in]  Heap hint.
- * devId[in]  Device ID.
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_falcon_init_ex(falcon_key* key, void* heap, int devId)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ForceZero(key, sizeof(*key));
-
-#ifdef WOLF_CRYPTO_CB
-    key->devCtx = NULL;
-    key->devId = devId;
-#endif
-#ifdef WOLF_PRIVATE_KEY_ID
-    key->idLen = 0;
-    key->labelLen = 0;
-#endif
-
-    (void) heap;
-    (void) devId;
-
-    return 0;
-}
-
-#ifdef WOLF_PRIVATE_KEY_ID
-int wc_falcon_init_id(falcon_key* key, const unsigned char* id, int len,
-                         void* heap, int devId)
-{
-    int ret = 0;
-
-    if (key == NULL)
-        ret = BAD_FUNC_ARG;
-    if (ret == 0 && (len < 0 || len > FALCON_MAX_ID_LEN))
-        ret = BUFFER_E;
-
-    if (ret == 0)
-        ret = wc_falcon_init_ex(key, heap, devId);
-    if (ret == 0 && id != NULL && len != 0) {
-        XMEMCPY(key->id, id, (size_t)len);
-        key->idLen = len;
-    }
-
-    /* Set the maximum level here */
-    wc_falcon_set_level(key, 5);
-
-    return ret;
-}
-
-int wc_falcon_init_label(falcon_key* key, const char* label, void* heap,
-                            int devId)
-{
-    int ret = 0;
-    int labelLen = 0;
-
-    if (key == NULL || label == NULL)
-        ret = BAD_FUNC_ARG;
-    if (ret == 0) {
-        labelLen = (int)XSTRLEN(label);
-        if (labelLen == 0 || labelLen > FALCON_MAX_LABEL_LEN)
-            ret = BUFFER_E;
-    }
-
-    if (ret == 0)
-        ret = wc_falcon_init_ex(key, heap, devId);
-    if (ret == 0) {
-        XMEMCPY(key->label, label, (size_t)labelLen);
-        key->labelLen = labelLen;
-    }
-
-    /* Set the maximum level here */
-    wc_falcon_set_level(key, 5);
-
-    return ret;
-}
-#endif
-
-/* Set the level of the falcon private/public key.
- *
- * key   [out]  Falcon key.
- * level [in]   Either 1 or 5.
- * returns BAD_FUNC_ARG when key is NULL or level is not 1 and not 5.
- */
-int wc_falcon_set_level(falcon_key* key, byte level)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (level != 1 && level != 5) {
-        return BAD_FUNC_ARG;
-    }
-
-    key->level = level;
-    key->pubKeySet = 0;
-    key->prvKeySet = 0;
-    return 0;
-}
-
-/* Get the level of the falcon private/public key.
- *
- * key   [in]  Falcon key.
- * level [out] The level.
- * returns BAD_FUNC_ARG when key is NULL or level has not been set.
- */
-int wc_falcon_get_level(falcon_key* key, byte* level)
-{
-    if (key == NULL || level == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level != 1 && key->level != 5) {
-        return BAD_FUNC_ARG;
-    }
-
-    *level = key->level;
-    return 0;
-}
-
-/* Clears the falcon key data
- *
- * key  [in]  Falcon key.
- */
-void wc_falcon_free(falcon_key* key)
-{
-    if (key != NULL) {
-        ForceZero(key, sizeof(*key));
-    }
-}
-
-/* Export the falcon public key.
- *
- * key     [in]      Falcon public key.
- * out     [in]      Array to hold public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than FALCON_LEVEL1_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_falcon_export_public(falcon_key* key,
-                            byte* out, word32* outLen)
-{
-    /* sanity check on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (!key->pubKeySet) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* check and set up out length */
-    if ((key->level == 1) && (*outLen < FALCON_LEVEL1_PUB_KEY_SIZE)) {
-        *outLen = FALCON_LEVEL1_PUB_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 5) && (*outLen < FALCON_LEVEL5_PUB_KEY_SIZE)) {
-        *outLen = FALCON_LEVEL5_PUB_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    if (key->level == 1) {
-        *outLen = FALCON_LEVEL1_PUB_KEY_SIZE;
-        XMEMCPY(out, key->p, FALCON_LEVEL1_PUB_KEY_SIZE);
-    }
-    else if (key->level == 5) {
-        *outLen = FALCON_LEVEL5_PUB_KEY_SIZE;
-        XMEMCPY(out, key->p, FALCON_LEVEL5_PUB_KEY_SIZE);
-    }
-
-    return 0;
-}
-
-/* Import a falcon public key from a byte array.
- * Public key encoded in big-endian.
- *
- * in      [in]  Array holding public key.
- * inLen   [in]  Number of bytes of data in array.
- * key     [in]  Falcon public key.
- * returns BAD_FUNC_ARG when a parameter is NULL or key format is not supported,
- *         0 otherwise.
- */
-int wc_falcon_import_public(const byte* in, word32 inLen,
-                                   falcon_key* key)
-{
-    /* sanity check on arguments */
-    if ((in == NULL) || (key == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (inLen != FALCON_LEVEL1_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-    else if ((key->level == 5) && (inLen != FALCON_LEVEL5_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(key->p, in, inLen);
-    key->pubKeySet = 1;
-
-    return 0;
-}
-
-static int parse_private_key(const byte* priv, word32 privSz,
-                             byte** out, word32 *outSz,
-                             falcon_key* key) {
-    word32 idx = 0;
-    int ret = 0;
-    int length = 0;
-
-    /* sanity check on arguments */
-    if ((priv == NULL) || (key == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* At this point, it is still a PKCS8 private key. */
-    if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) {
-        /* ignore error, did not have PKCS8 header */
-        (void)ret;
-    }
-
-    /* Now it is a octet_string(concat(priv,pub)) */
-    if ((ret = GetOctetString(priv, &idx, &length, privSz)) < 0) {
-        return ret;
-    }
-
-    *out = (byte *)priv + idx;
-    *outSz = privSz - idx;
-
-    /* And finally it is concat(priv,pub). Key size check. */
-    if ((key->level == 1) && (*outSz != FALCON_LEVEL1_KEY_SIZE +
-                                       FALCON_LEVEL1_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-    else if ((key->level == 5) && (*outSz != FALCON_LEVEL5_KEY_SIZE +
-                                            FALCON_LEVEL5_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-
-    return 0;
-}
-
-/* Import a falcon private key from a byte array.
- *
- * priv    [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in array.
- * key     [in]  Falcon private key.
- * returns BAD_FUNC_ARG when a parameter is NULL or privSz is less than
- *         FALCON_LEVEL1_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_falcon_import_private_only(const byte* priv, word32 privSz,
-                                 falcon_key* key)
-{
-    int ret = 0;
-    byte *newPriv = NULL;
-    word32 newPrivSz = 0;
-
-    if ((ret = parse_private_key(priv, privSz, &newPriv, &newPrivSz, key))
-        != 0) {
-         return ret;
-    }
-
-    XMEMCPY(key->k, newPriv, newPrivSz);
-    key->prvKeySet = 1;
-
-    return 0;
-}
-
-/* Import a falcon private and public keys from byte array(s).
- *
- * priv    [in]  Array holding private key or private+public keys
- * privSz  [in]  Number of bytes of data in private key array.
- * pub     [in]  Array holding public key (or NULL).
- * pubSz   [in]  Number of bytes of data in public key array (or 0).
- * key     [in]  Falcon private/public key.
- * returns BAD_FUNC_ARG when a required parameter is NULL or an invalid
- *         combination of keys/lengths is supplied, 0 otherwise.
- */
-int wc_falcon_import_private_key(const byte* priv, word32 privSz,
-                                        const byte* pub, word32 pubSz,
-                                        falcon_key* key)
-{
-    int ret = 0;
-    byte *newPriv = NULL;
-    word32 newPrivSz = 0;
-
-    if ((ret = parse_private_key(priv, privSz, &newPriv, &newPrivSz, key))
-        != 0) {
-         return ret;
-    }
-
-    if (pub == NULL) {
-        if (pubSz != 0) {
-            return BAD_FUNC_ARG;
-        }
-
-        if ((newPrivSz != FALCON_LEVEL1_PRV_KEY_SIZE) &&
-            (newPrivSz != FALCON_LEVEL5_PRV_KEY_SIZE)) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (key->level == 1) {
-            pub = newPriv + FALCON_LEVEL1_KEY_SIZE;
-            pubSz = FALCON_LEVEL1_PUB_KEY_SIZE;
-        }
-        else if (key->level == 5) {
-            pub = newPriv + FALCON_LEVEL5_KEY_SIZE;
-            pubSz = FALCON_LEVEL5_PUB_KEY_SIZE;
-        }
-    }
-    else if ((pubSz != FALCON_LEVEL1_PUB_KEY_SIZE) &&
-             (pubSz != FALCON_LEVEL5_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* import public key */
-    ret = wc_falcon_import_public(pub, pubSz, key);
-
-    if (ret == 0) {
-        /* make the private key (priv + pub) */
-        XMEMCPY(key->k, newPriv, newPrivSz);
-        key->prvKeySet = 1;
-    }
-
-    return ret;
-}
-
-/* Export the falcon private key.
- *
- * key     [in]      Falcon private key.
- * out     [in]      Array to hold private key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than FALCON_LEVEL1_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_falcon_export_private_only(falcon_key* key, byte* out, word32* outLen)
-{
-    /* sanity checks on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* check and set up out length */
-    if ((key->level == 1) && (*outLen < FALCON_LEVEL1_KEY_SIZE)) {
-        *outLen = FALCON_LEVEL1_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 5) && (*outLen < FALCON_LEVEL5_KEY_SIZE)) {
-        *outLen = FALCON_LEVEL5_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    if (key->level == 1) {
-        *outLen = FALCON_LEVEL1_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        *outLen = FALCON_LEVEL5_KEY_SIZE;
-    }
-
-    XMEMCPY(out, key->k, *outLen);
-
-    return 0;
-}
-
-/* Export the falcon private and public key.
- *
- * key     [in]      Falcon private/public key.
- * out     [in]      Array to hold private and public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than FALCON_LEVEL1_PRV_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_falcon_export_private(falcon_key* key, byte* out, word32* outLen)
-{
-    /* sanity checks on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (*outLen < FALCON_LEVEL1_PRV_KEY_SIZE)) {
-        *outLen = FALCON_LEVEL1_PRV_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 5) && (*outLen < FALCON_LEVEL5_PRV_KEY_SIZE)) {
-        *outLen = FALCON_LEVEL5_PRV_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-
-    if (key->level == 1) {
-        *outLen = FALCON_LEVEL1_PRV_KEY_SIZE;
-        XMEMCPY(out, key->k, FALCON_LEVEL1_KEY_SIZE);
-        XMEMCPY(out + FALCON_LEVEL1_KEY_SIZE, key->p,
-                FALCON_LEVEL1_PUB_KEY_SIZE);
-    }
-    else if (key->level == 5) {
-        *outLen = FALCON_LEVEL5_PRV_KEY_SIZE;
-        XMEMCPY(out, key->k, FALCON_LEVEL5_KEY_SIZE);
-        XMEMCPY(out + FALCON_LEVEL5_KEY_SIZE, key->p,
-                FALCON_LEVEL5_PUB_KEY_SIZE);
-    }
-
-    return 0;
-}
-
-/* Export the falcon private and public key.
- *
- * key     [in]      Falcon private/public key.
- * priv    [in]      Array to hold private key.
- * privSz  [in/out]  On in, the number of bytes in private key array.
- * pub     [in]      Array to hold  public key.
- * pubSz   [in/out]  On in, the number of bytes in public key array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when privSz is less than FALCON_LEVEL1_PRV_KEY_SIZE or pubSz is less
- *         than FALCON_LEVEL1_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz,
-                        byte* pub, word32 *pubSz)
-{
-    int ret = 0;
-
-    /* export private part */
-    ret = wc_falcon_export_private(key, priv, privSz);
-    if (ret == 0) {
-        /* export public part */
-        ret = wc_falcon_export_public(key, pub, pubSz);
-    }
-
-    return ret;
-}
-
-/* Check the public key of the falcon key matches the private key.
- *
- * key     [in]      Falcon private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         PUBLIC_KEY_E when the public key is not set or doesn't match,
- *         other -ve value on hash failure,
- *         0 otherwise.
- */
-int wc_falcon_check_key(falcon_key* key)
-{
-    int ret = 0;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* The public key is also decoded and stored within the private key buffer
-     * behind the private key. Hence, we can compare both stored public keys. */
-    if (key->level == 1) {
-        ret = XMEMCMP(key->p, key->k + FALCON_LEVEL1_KEY_SIZE,
-                      FALCON_LEVEL1_PUB_KEY_SIZE);
-    }
-    else if (key->level == 5) {
-        ret = XMEMCMP(key->p, key->k + FALCON_LEVEL5_KEY_SIZE,
-                      FALCON_LEVEL5_PUB_KEY_SIZE);
-    }
-
-    if (ret != 0) {
-        ret = PUBLIC_KEY_E;
-    }
-
-    return ret;
-}
-
-/* Returns the size of a falcon private key.
- *
- * key     [in]      Falcon private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         FALCON_LEVEL1_KEY_SIZE otherwise.
- */
-int wc_falcon_size(falcon_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return FALCON_LEVEL1_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        return FALCON_LEVEL5_KEY_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Returns the size of a falcon private plus public key.
- *
- * key     [in]      Falcon private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         FALCON_LEVEL1_PRV_KEY_SIZE otherwise.
- */
-int wc_falcon_priv_size(falcon_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return FALCON_LEVEL1_PRV_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        return FALCON_LEVEL5_PRV_KEY_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Returns the size of a falcon public key.
- *
- * key     [in]      Falcon private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         FALCON_LEVEL1_PUB_KEY_SIZE otherwise.
- */
-int wc_falcon_pub_size(falcon_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return FALCON_LEVEL1_PUB_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        return FALCON_LEVEL5_PUB_KEY_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Returns the size of a falcon signature.
- *
- * key     [in]      Falcon private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         FALCON_LEVEL1_SIG_SIZE otherwise.
- */
-int wc_falcon_sig_size(falcon_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return FALCON_LEVEL1_SIG_SIZE;
-    }
-    else if (key->level == 5) {
-        return FALCON_LEVEL5_SIG_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx,
-                                     falcon_key* key, word32 inSz)
-{
-    int ret = 0;
-    byte privKey[FALCON_MAX_PRV_KEY_SIZE], pubKey[FALCON_MAX_PUB_KEY_SIZE];
-    word32 privKeyLen = (word32)sizeof(privKey);
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-    int keytype = 0;
-
-    if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        keytype = FALCON_LEVEL1k;
-    }
-    else if (key->level == 5) {
-        keytype = FALCON_LEVEL5k;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = DecodeAsymKey(input, inOutIdx, inSz, privKey, &privKeyLen,
-                        pubKey, &pubKeyLen, keytype);
-    if (ret == 0) {
-        if (pubKeyLen == 0) {
-            ret = wc_falcon_import_private_key(input, inSz, NULL, 0, key);
-        }
-        else {
-            ret = wc_falcon_import_private_key(input, inSz, pubKey,
-                                               pubKeyLen, key);
-        }
-    }
-    return ret;
-}
-
-int wc_Falcon_PublicKeyDecode(const byte* input, word32* inOutIdx,
-                                    falcon_key* key, word32 inSz)
-{
-    int ret = 0;
-    byte pubKey[FALCON_MAX_PUB_KEY_SIZE];
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-    int keytype = 0;
-
-    if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_falcon_import_public(input, inSz, key);
-    if (ret == 0) {
-        return 0;
-    }
-
-    if (key->level == 1) {
-        keytype = FALCON_LEVEL1k;
-    }
-    else if (key->level == 5) {
-        keytype = FALCON_LEVEL5k;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = DecodeAsymKeyPublic(input, inOutIdx, inSz, pubKey, &pubKeyLen,
-                              keytype);
-    if (ret == 0) {
-        ret = wc_falcon_import_public(pubKey, pubKeyLen, key);
-    }
-    return ret;
-}
-
-#ifdef WC_ENABLE_ASYM_KEY_EXPORT
-/* Encode the public part of an Falcon key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key       Falcon key object.
- * @param [out] output    Buffer to put encoded data in.
- * @param [in]  outLen    Size of buffer in bytes.
- * @param [in]  withAlg   Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Falcon_PublicKeyToDer(falcon_key* key, byte* output, word32 inLen,
-                             int withAlg)
-{
-    int    ret;
-    byte   pubKey[FALCON_MAX_PUB_KEY_SIZE];
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-    int    keytype = 0;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        keytype = FALCON_LEVEL1k;
-    }
-    else if (key->level == 5) {
-        keytype = FALCON_LEVEL5k;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_falcon_export_public(key, pubKey, &pubKeyLen);
-    if (ret == 0) {
-        ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen, keytype,
-                                  withAlg);
-    }
-
-    return ret;
-}
-#endif
-
-int wc_Falcon_KeyToDer(falcon_key* key, byte* output, word32 inLen)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return SetAsymKeyDer(key->k, FALCON_LEVEL1_KEY_SIZE, key->p,
-                             FALCON_LEVEL1_KEY_SIZE, output, inLen,
-                             FALCON_LEVEL1k);
-    }
-    else if (key->level == 5) {
-        return SetAsymKeyDer(key->k, FALCON_LEVEL5_KEY_SIZE, key->p,
-                             FALCON_LEVEL5_KEY_SIZE, output, inLen,
-                             FALCON_LEVEL5k);
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-int wc_Falcon_PrivateKeyToDer(falcon_key* key, byte* output, word32 inLen)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return SetAsymKeyDer(key->k, FALCON_LEVEL1_KEY_SIZE, NULL, 0, output,
-                             inLen, FALCON_LEVEL1k);
-    }
-    else if (key->level == 5) {
-        return SetAsymKeyDer(key->k, FALCON_LEVEL5_KEY_SIZE, NULL, 0, output,
-                             inLen, FALCON_LEVEL5k);
-    }
-
-    return BAD_FUNC_ARG;
-}
-#endif /* HAVE_PQC && HAVE_FALCON */
diff --git a/src/ssl/wolfssl/wolfcrypt/fe_448.c b/src/ssl/wolfssl/wolfcrypt/fe_448.c
deleted file mode 100644
index c811b79b2..000000000
--- a/src/ssl/wolfssl/wolfcrypt/fe_448.c
+++ /dev/null
@@ -1,2511 +0,0 @@
-/* fe_448.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Based On Daniel J Bernstein's curve25519 Public Domain ref10 work.
- * Small implementation based on Daniel Beer's curve25519 public domain work.
- * Reworked for curve448 by Sean Parkinson.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(HAVE_CURVE448) || defined(HAVE_ED448)
-
-#include <wolfssl/wolfcrypt/fe_448.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(CURVE448_SMALL) || defined(ED448_SMALL)
-
-/* Initialize the field element operations.
- */
-void fe448_init(void)
-{
-}
-
-/* Normalize the field element.
- * Ensure result is in range: 0..2^448-2^224-2
- *
- * a  [in]  Field element in range 0..2^448-1.
- */
-void fe448_norm(word8* a)
-{
-    int i;
-    sword16 c = 0;
-    sword16 o = 0;
-
-    for (i = 0; i < 56; i++) {
-        c += a[i];
-        if ((i == 0) || (i == 28))
-            c += 1;
-        c >>= 8;
-    }
-
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) o += c;
-        o += a[i];
-        a[i] = (word8)o;
-        o >>= 8;
-    }
-}
-
-/* Copy one field element into another: d = a.
- *
- * d  [in]  Destination field element.
- * a  [in]  Source field element.
- */
-void fe448_copy(word8* d, const word8* a)
-{
-    int i;
-    for (i = 0; i < 56; i++) {
-         d[i] = a[i];
-    }
-}
-
-/* Conditionally swap the elements.
- * Constant time implementation.
- *
- * a  [in]  First field element.
- * b  [in]  Second field element.
- * c  [in]  Swap when 1. Valid values: 0, 1.
- */
-static void fe448_cswap(word8* a, word8* b, int c)
-{
-    int i;
-    word8 mask = -(word8)c;
-    word8 t[56];
-
-    for (i = 0; i < 56; i++)
-        t[i] = (a[i] ^ b[i]) & mask;
-    for (i = 0; i < 56; i++)
-        a[i] ^= t[i];
-    for (i = 0; i < 56; i++)
-        b[i] ^= t[i];
-}
-
-/* Add two field elements. r = (a + b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold sum.
- * a  [in]  Field element to add.
- * b  [in]  Field element to add.
- */
-void fe448_add(word8* r, const word8* a, const word8* b)
-{
-    int i;
-    sword16 c = 0;
-    sword16 o = 0;
-
-    for (i = 0; i < 56; i++) {
-        c += a[i];
-        c += b[i];
-        r[i] = (word8)c;
-        c >>= 8;
-    }
-
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) o += c;
-        o += r[i];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-}
-
-/* Subtract a field element from another. r = (a - b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold difference.
- * a  [in]  Field element to subtract from.
- * b  [in]  Field element to subtract.
- */
-void fe448_sub(word8* r, const word8* a, const word8* b)
-{
-    int i;
-    sword16 c = 0;
-    sword16 o = 0;
-
-    for (i = 0; i < 56; i++) {
-        if (i == 28)
-            c += 0x1fc;
-        else
-            c += 0x1fe;
-        c += a[i];
-        c -= b[i];
-        r[i] = (word8)c;
-        c >>= 8;
-    }
-
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) o += c;
-        o += r[i];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-}
-
-/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- */
-void fe448_mul39081(word8* r, const word8* a)
-{
-    int i;
-    sword32 c = 0;
-    sword32 o = 0;
-
-    for (i = 0; i < 56; i++) {
-        c += a[i] * (sword32)39081;
-        r[i] = (word8)c;
-        c >>= 8;
-    }
-
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) o += c;
-        o += r[i];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-}
-
-/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- * b  [in]  Field element to multiply.
- */
-void fe448_mul(word8* r, const word8* a, const word8* b)
-{
-    int i, k;
-    sword32 c = 0;
-    sword16 o = 0, cc = 0;
-    word8 t[112];
-
-    for (k = 0; k < 56; k++) {
-        i = 0;
-        for (; i <= k; i++) {
-            c += (sword32)a[i] * b[k - i];
-        }
-        t[k] = (word8)c;
-        c >>= 8;
-    }
-    for (; k < 111; k++) {
-        i = k - 55;
-        for (; i < 56; i++) {
-            c += (sword32)a[i] * b[k - i];
-        }
-        t[k] = (word8)c;
-        c >>= 8;
-    }
-    t[k] = (word8)c;
-
-    for (i = 0; i < 28; i++) {
-        o += t[i];
-        o += t[i + 56];
-        o += t[i + 84];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-    for (i = 28; i < 56; i++) {
-        o += t[i];
-        o += t[i + 56];
-        o += t[i + 28];
-        o += t[i + 56];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) cc += o;
-        cc += r[i];
-        r[i] = (word8)cc;
-        cc >>= 8;
-    }
-}
-
-/* Square a field element. r = (a * a) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to square.
- */
-void fe448_sqr(word8* r, const word8* a)
-{
-    int i, k;
-    sword32 c = 0;
-    sword32 p;
-    sword16 o = 0, cc = 0;
-    word8 t[112];
-
-    for (k = 0; k < 56; k++) {
-        i = 0;
-        for (; i <= k; i++) {
-            if (k - i < i)
-                break;
-            p = (sword32)a[i] * a[k - i];
-            if (k - i != i)
-                p *= 2;
-            c += p;
-        }
-        t[k] = (word8)c;
-        c >>= 8;
-    }
-    for (; k < 111; k++) {
-         i = k - 55;
-        for (; i < 56; i++) {
-            if (k - i < i)
-                break;
-            p = (sword32)a[i] * a[k - i];
-            if (k - i != i)
-                p *= 2;
-            c += p;
-        }
-        t[k] = (word8)c;
-        c >>= 8;
-    }
-    t[k] = (word8)c;
-
-    for (i = 0; i < 28; i++) {
-        o += t[i];
-        o += t[i + 56];
-        o += t[i + 84];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-    for (i = 28; i < 56; i++) {
-        o += t[i];
-        o += t[i + 56];
-        o += t[i + 28];
-        o += t[i + 56];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) cc += o;
-        cc += r[i];
-        r[i] = (word8)cc;
-        cc >>= 8;
-    }
-    fe448_norm(r);
-}
-
-/* Invert the field element. (r * a) mod (2^448 - 2^224 - 1) = 1
- * Constant time implementation - using Fermat's little theorem:
- *   a^(p-1) mod p = 1 => a^(p-2) mod p = 1/a
- * For curve448: p - 2 = 2^448 - 2^224 - 3
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to invert.
- */
-void fe448_invert(word8* r, const word8* a)
-{
-    int i;
-    word8 t[56];
-
-    fe448_sqr(t, a);
-    fe448_mul(t, t, a);
-    for (i = 0; i < 221; i++) {
-        fe448_sqr(t, t);
-        fe448_mul(t, t, a);
-    }
-    fe448_sqr(t, t);
-    for (i = 0; i < 222; i++) {
-        fe448_sqr(t, t);
-        fe448_mul(t, t, a);
-    }
-    fe448_sqr(t, t);
-    fe448_sqr(t, t);
-    fe448_mul(r, t, a);
-}
-
-/* Scalar multiply the point by a number. r = n.a
- * Uses Montgomery ladder and only requires the x-ordinate.
- *
- * r  [in]  Field element to hold result.
- * n  [in]  Scalar as an array of bytes.
- * a  [in]  Point to multiply - x-ordinate only.
- */
-int curve448(byte* r, const byte* n, const byte* a)
-{
-    word8 x1[56];
-    word8 x2[56] = {1};
-    word8 z2[56] = {0};
-    word8 x3[56];
-    word8 z3[56] = {1};
-    word8 t0[56];
-    word8 t1[56];
-    int i;
-    unsigned int swap;
-
-    fe448_copy(x1, a);
-    fe448_copy(x3, a);
-
-    swap = 0;
-    for (i = 447; i >= 0; --i) {
-        unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
-        swap ^= b;
-        fe448_cswap(x2, x3, swap);
-        fe448_cswap(z2, z3, swap);
-        swap = b;
-
-        /* Montgomery Ladder - double and add */
-        fe448_add(t0, x2, z2);
-        fe448_add(t1, x3, z3);
-        fe448_sub(x2, x2, z2);
-        fe448_sub(x3, x3, z3);
-        fe448_mul(t1, t1, x2);
-        fe448_mul(z3, x3, t0);
-        fe448_sqr(t0, t0);
-        fe448_sqr(x2, x2);
-        fe448_add(x3, z3, t1);
-        fe448_sqr(x3, x3);
-        fe448_sub(z3, z3, t1);
-        fe448_sqr(z3, z3);
-        fe448_mul(z3, z3, x1);
-        fe448_sub(t1, t0, x2);
-        fe448_mul(x2, t0, x2);
-        fe448_mul39081(z2, t1);
-        fe448_add(z2, t0, z2);
-        fe448_mul(z2, z2, t1);
-    }
-    fe448_cswap(x2, x3, swap);
-    fe448_cswap(z2, z3, swap);
-
-    fe448_invert(z2, z2);
-    fe448_mul(r, x2, z2);
-    fe448_norm(r);
-
-    return 0;
-}
-
-#ifdef HAVE_ED448
-/* Check whether field element is not 0.
- * Field element must have been normalized before call.
- *
- * a  [in]  Field element.
- * returns 0 when zero, and any other value otherwise.
- */
-int fe448_isnonzero(const word8* a)
-{
-    int i;
-    byte c = 0;
-    for (i = 0; i < 56; i++)
-        c |= a[i];
-    return c;
-}
-
-/* Negates the field element. r = -a mod (2^448 - 2^224 - 1)
- * Add 0x200 to each element and subtract 2 from next.
- * Top element overflow handled by subtracting 2 from index 0 and 28.
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element.
- */
-void fe448_neg(word8* r, const word8* a)
-{
-    int i;
-    sword16 c = 0;
-    sword16 o = 0;
-
-    for (i = 0; i < 56; i++) {
-        if (i == 28)
-            c += 0x1fc;
-        else
-            c += 0x1fe;
-        c -= a[i];
-        r[i] = (word8)c;
-        c >>= 8;
-    }
-
-    for (i = 0; i < 56; i++) {
-        if ((i == 0) || (i == 28)) o += c;
-        o += r[i];
-        r[i] = (word8)o;
-        o >>= 8;
-    }
-}
-
-/* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calculating y-ordinate from x-ordinate for Ed448.
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to exponentiate.
- */
-void fe448_pow_2_446_222_1(word8* r, const word8* a)
-{
-    int i;
-    word8 t[56];
-
-    fe448_sqr(t, a);
-    fe448_mul(t, t, a);
-    for (i = 0; i < 221; i++) {
-        fe448_sqr(t, t);
-        fe448_mul(t, t, a);
-    }
-    fe448_sqr(t, t);
-    for (i = 0; i < 221; i++) {
-        fe448_sqr(t, t);
-        fe448_mul(t, t, a);
-    }
-    fe448_sqr(t, t);
-    fe448_mul(r, t, a);
-}
-
-/* Constant time, conditional move of b into a.
- * a is not changed if the condition is 0.
- *
- * a  A field element.
- * b  A field element.
- * c  If 1 then copy and if 0 then don't copy.
- */
-void fe448_cmov(word8* a, const word8* b, int c)
-{
-    int i;
-    word8 m = -(word8)c;
-    word8 t[56];
-
-    for (i = 0; i < 56; i++)
-        t[i] = m & (a[i] ^ b[i]);
-    for (i = 0; i < 56; i++)
-        a[i] ^= t[i];
-}
-
-#endif /* HAVE_ED448 */
-#elif defined(CURVED448_128BIT)
-
-/* Initialize the field element operations.
- */
-void fe448_init(void)
-{
-}
-
-/* Convert the field element from a byte array to an array of 56-bits.
- *
- * r  [in]  Array to encode into.
- * b  [in]  Byte array.
- */
-void fe448_from_bytes(sword64* r, const unsigned char* b)
-{
-    r[ 0] = (sword64)(
-             (((word64)b[ 0]) <<  0)
-          |  (((word64)b[ 1]) <<  8)
-          |  (((word64)b[ 2]) << 16)
-          |  (((word64)b[ 3]) << 24)
-          |  (((word64)b[ 4]) << 32)
-          |  (((word64)b[ 5]) << 40)
-          |  (((word64)b[ 6]) << 48));
-    r[ 1] = (sword64)(
-             (((word64)b[ 7]) <<  0)
-          |  (((word64)b[ 8]) <<  8)
-          |  (((word64)b[ 9]) << 16)
-          |  (((word64)b[10]) << 24)
-          |  (((word64)b[11]) << 32)
-          |  (((word64)b[12]) << 40)
-          |  (((word64)b[13]) << 48));
-    r[ 2] = (sword64)(
-             (((word64)b[14]) <<  0)
-          |  (((word64)b[15]) <<  8)
-          |  (((word64)b[16]) << 16)
-          |  (((word64)b[17]) << 24)
-          |  (((word64)b[18]) << 32)
-          |  (((word64)b[19]) << 40)
-          |  (((word64)b[20]) << 48));
-    r[ 3] = (sword64)(
-             (((word64)b[21]) <<  0)
-          |  (((word64)b[22]) <<  8)
-          |  (((word64)b[23]) << 16)
-          |  (((word64)b[24]) << 24)
-          |  (((word64)b[25]) << 32)
-          |  (((word64)b[26]) << 40)
-          |  (((word64)b[27]) << 48));
-    r[ 4] = (sword64)(
-             (((word64)b[28]) <<  0)
-          |  (((word64)b[29]) <<  8)
-          |  (((word64)b[30]) << 16)
-          |  (((word64)b[31]) << 24)
-          |  (((word64)b[32]) << 32)
-          |  (((word64)b[33]) << 40)
-          |  (((word64)b[34]) << 48));
-    r[ 5] = (sword64)(
-             (((word64)b[35]) <<  0)
-          |  (((word64)b[36]) <<  8)
-          |  (((word64)b[37]) << 16)
-          |  (((word64)b[38]) << 24)
-          |  (((word64)b[39]) << 32)
-          |  (((word64)b[40]) << 40)
-          |  (((word64)b[41]) << 48));
-    r[ 6] = (sword64)(
-             (((word64)b[42]) <<  0)
-          |  (((word64)b[43]) <<  8)
-          |  (((word64)b[44]) << 16)
-          |  (((word64)b[45]) << 24)
-          |  (((word64)b[46]) << 32)
-          |  (((word64)b[47]) << 40)
-          |  (((word64)b[48]) << 48));
-    r[ 7] = (sword64)(
-             (((word64)b[49]) <<  0)
-          |  (((word64)b[50]) <<  8)
-          |  (((word64)b[51]) << 16)
-          |  (((word64)b[52]) << 24)
-          |  (((word64)b[53]) << 32)
-          |  (((word64)b[54]) << 40)
-          |  (((word64)b[55]) << 48));
-}
-
-/* Convert the field element to a byte array from an array of 56-bits.
- *
- * b  [in]  Byte array.
- * a  [in]  Array to encode into.
- */
-void fe448_to_bytes(unsigned char* b, const sword64* a)
-{
-    sword64 t;
-    /* Mod */
-    sword64 in0 = a[0];
-    sword64 in1 = a[1];
-    sword64 in2 = a[2];
-    sword64 in3 = a[3];
-    sword64 in4 = a[4];
-    sword64 in5 = a[5];
-    sword64 in6 = a[6];
-    sword64 in7 = a[7];
-    sword64 o = in7 >> 56;
-    in7 -= (sword64)((word64)o << 56);
-    in0 += o;
-    in4 += o;
-    o = (in0 + 1) >> 56;
-    o = (o + in1) >> 56;
-    o = (o + in2) >> 56;
-    o = (o + in3) >> 56;
-    o = (o + in4 + 1) >> 56;
-    o = (o + in5) >> 56;
-    o = (o + in6) >> 56;
-    o = (o + in7) >> 56;
-    in0 += o;
-    in4 += o;
-    in7 -= (sword64)((word64)o << 56);
-    o = (sword64)(in0  >> 56); in1  += o;
-    t = (sword64)((word64)o << 56); in0  -= t;
-    o = (sword64)(in1  >> 56); in2  += o;
-    t = (sword64)((word64)o << 56); in1  -= t;
-    o = (sword64)(in2  >> 56); in3  += o;
-    t = (sword64)((word64)o << 56); in2  -= t;
-    o = (sword64)(in3  >> 56); in4  += o;
-    t = (sword64)((word64)o << 56); in3  -= t;
-    o = (sword64)(in4  >> 56); in5  += o;
-    t = (sword64)((word64)o << 56); in4  -= t;
-    o = (sword64)(in5  >> 56); in6  += o;
-    t = (sword64)((word64)o << 56); in5  -= t;
-    o = (sword64)(in6  >> 56); in7  += o;
-    t = (sword64)((word64)o << 56); in6  -= t;
-    o = (sword64)(in7  >> 56); in0  += o;
-                               in4  += o;
-    t = (sword64)((word64)o << 56); in7  -= t;
-
-    /* Output as bytes */
-    b[ 0] = (byte)(in0  >>  0);
-    b[ 1] = (byte)(in0  >>  8);
-    b[ 2] = (byte)(in0  >> 16);
-    b[ 3] = (byte)(in0  >> 24);
-    b[ 4] = (byte)(in0  >> 32);
-    b[ 5] = (byte)(in0  >> 40);
-    b[ 6] = (byte)(in0  >> 48);
-    b[ 7] = (byte)(in1  >>  0);
-    b[ 8] = (byte)(in1  >>  8);
-    b[ 9] = (byte)(in1  >> 16);
-    b[10] = (byte)(in1  >> 24);
-    b[11] = (byte)(in1  >> 32);
-    b[12] = (byte)(in1  >> 40);
-    b[13] = (byte)(in1  >> 48);
-    b[14] = (byte)(in2  >>  0);
-    b[15] = (byte)(in2  >>  8);
-    b[16] = (byte)(in2  >> 16);
-    b[17] = (byte)(in2  >> 24);
-    b[18] = (byte)(in2  >> 32);
-    b[19] = (byte)(in2  >> 40);
-    b[20] = (byte)(in2  >> 48);
-    b[21] = (byte)(in3  >>  0);
-    b[22] = (byte)(in3  >>  8);
-    b[23] = (byte)(in3  >> 16);
-    b[24] = (byte)(in3  >> 24);
-    b[25] = (byte)(in3  >> 32);
-    b[26] = (byte)(in3  >> 40);
-    b[27] = (byte)(in3  >> 48);
-    b[28] = (byte)(in4  >>  0);
-    b[29] = (byte)(in4  >>  8);
-    b[30] = (byte)(in4  >> 16);
-    b[31] = (byte)(in4  >> 24);
-    b[32] = (byte)(in4  >> 32);
-    b[33] = (byte)(in4  >> 40);
-    b[34] = (byte)(in4  >> 48);
-    b[35] = (byte)(in5  >>  0);
-    b[36] = (byte)(in5  >>  8);
-    b[37] = (byte)(in5  >> 16);
-    b[38] = (byte)(in5  >> 24);
-    b[39] = (byte)(in5  >> 32);
-    b[40] = (byte)(in5  >> 40);
-    b[41] = (byte)(in5  >> 48);
-    b[42] = (byte)(in6  >>  0);
-    b[43] = (byte)(in6  >>  8);
-    b[44] = (byte)(in6  >> 16);
-    b[45] = (byte)(in6  >> 24);
-    b[46] = (byte)(in6  >> 32);
-    b[47] = (byte)(in6  >> 40);
-    b[48] = (byte)(in6  >> 48);
-    b[49] = (byte)(in7  >>  0);
-    b[50] = (byte)(in7  >>  8);
-    b[51] = (byte)(in7  >> 16);
-    b[52] = (byte)(in7  >> 24);
-    b[53] = (byte)(in7  >> 32);
-    b[54] = (byte)(in7  >> 40);
-    b[55] = (byte)(in7  >> 48);
-}
-
-/* Set the field element to 0.
- *
- * a  [in]  Field element.
- */
-void fe448_1(sword64* a)
-{
-    a[0] = 1;
-    a[1] = 0;
-    a[2] = 0;
-    a[3] = 0;
-    a[4] = 0;
-    a[5] = 0;
-    a[6] = 0;
-    a[7] = 0;
-}
-
-/* Set the field element to 0.
- *
- * a  [in]  Field element.
- */
-void fe448_0(sword64* a)
-{
-    a[0] = 0;
-    a[1] = 0;
-    a[2] = 0;
-    a[3] = 0;
-    a[4] = 0;
-    a[5] = 0;
-    a[6] = 0;
-    a[7] = 0;
-}
-
-/* Copy one field element into another: d = a.
- *
- * d  [in]  Destination field element.
- * a  [in]  Source field element.
- */
-void fe448_copy(sword64* d, const sword64* a)
-{
-    d[0] = a[0];
-    d[1] = a[1];
-    d[2] = a[2];
-    d[3] = a[3];
-    d[4] = a[4];
-    d[5] = a[5];
-    d[6] = a[6];
-    d[7] = a[7];
-}
-
-/* Conditionally swap the elements.
- * Constant time implementation.
- *
- * a  [in]  First field element.
- * b  [in]  Second field element.
- * c  [in]  Swap when 1. Valid values: 0, 1.
- */
-static void fe448_cswap(sword64* a, sword64* b, int c)
-{
-    sword64 mask = -(sword64)c;
-    sword64 t0 = (a[0] ^ b[0]) & mask;
-    sword64 t1 = (a[1] ^ b[1]) & mask;
-    sword64 t2 = (a[2] ^ b[2]) & mask;
-    sword64 t3 = (a[3] ^ b[3]) & mask;
-    sword64 t4 = (a[4] ^ b[4]) & mask;
-    sword64 t5 = (a[5] ^ b[5]) & mask;
-    sword64 t6 = (a[6] ^ b[6]) & mask;
-    sword64 t7 = (a[7] ^ b[7]) & mask;
-    a[0] ^= t0;
-    a[1] ^= t1;
-    a[2] ^= t2;
-    a[3] ^= t3;
-    a[4] ^= t4;
-    a[5] ^= t5;
-    a[6] ^= t6;
-    a[7] ^= t7;
-    b[0] ^= t0;
-    b[1] ^= t1;
-    b[2] ^= t2;
-    b[3] ^= t3;
-    b[4] ^= t4;
-    b[5] ^= t5;
-    b[6] ^= t6;
-    b[7] ^= t7;
-}
-
-/* Add two field elements. r = (a + b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold sum.
- * a  [in]  Field element to add.
- * b  [in]  Field element to add.
- */
-void fe448_add(sword64* r, const sword64* a, const sword64* b)
-{
-    r[0] = a[0] + b[0];
-    r[1] = a[1] + b[1];
-    r[2] = a[2] + b[2];
-    r[3] = a[3] + b[3];
-    r[4] = a[4] + b[4];
-    r[5] = a[5] + b[5];
-    r[6] = a[6] + b[6];
-    r[7] = a[7] + b[7];
-}
-
-/* Subtract a field element from another. r = (a - b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold difference.
- * a  [in]  Field element to subtract from.
- * b  [in]  Field element to subtract.
- */
-void fe448_sub(sword64* r, const sword64* a, const sword64* b)
-{
-    r[0] = a[0] - b[0];
-    r[1] = a[1] - b[1];
-    r[2] = a[2] - b[2];
-    r[3] = a[3] - b[3];
-    r[4] = a[4] - b[4];
-    r[5] = a[5] - b[5];
-    r[6] = a[6] - b[6];
-    r[7] = a[7] - b[7];
-}
-
-/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- */
-void fe448_mul39081(sword64* r, const sword64* a)
-{
-    sword128 t;
-    sword64 o;
-    sword128 t0 = a[0] * (sword128)39081;
-    sword128 t1 = a[1] * (sword128)39081;
-    sword128 t2 = a[2] * (sword128)39081;
-    sword128 t3 = a[3] * (sword128)39081;
-    sword128 t4 = a[4] * (sword128)39081;
-    sword128 t5 = a[5] * (sword128)39081;
-    sword128 t6 = a[6] * (sword128)39081;
-    sword128 t7 = a[7] * (sword128)39081;
-    o = (sword64)(t0  >> 56); t1  += o;
-    t = (sword128)((word128)o << 56); t0  -= t;
-    o = (sword64)(t1  >> 56); t2  += o;
-    t = (sword128)((word128)o << 56); t1  -= t;
-    o = (sword64)(t2  >> 56); t3  += o;
-    t = (sword128)((word128)o << 56); t2  -= t;
-    o = (sword64)(t3  >> 56); t4  += o;
-    t = (sword128)((word128)o << 56); t3  -= t;
-    o = (sword64)(t4  >> 56); t5  += o;
-    t = (sword128)((word128)o << 56); t4  -= t;
-    o = (sword64)(t5  >> 56); t6  += o;
-    t = (sword128)((word128)o << 56); t5  -= t;
-    o = (sword64)(t6  >> 56); t7  += o;
-    t = (sword128)((word128)o << 56); t6  -= t;
-    o = (sword64)(t7  >> 56); t0  += o;
-                              t4  += o;
-    t = (sword128)((word128)o << 56); t7  -= t;
-
-    /* Store */
-    r[0] = (sword64)t0;
-    r[1] = (sword64)t1;
-    r[2] = (sword64)t2;
-    r[3] = (sword64)t3;
-    r[4] = (sword64)t4;
-    r[5] = (sword64)t5;
-    r[6] = (sword64)t6;
-    r[7] = (sword64)t7;
-}
-
-/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- * b  [in]  Field element to multiply.
- */
-void fe448_mul(sword64* r, const sword64* a, const sword64* b)
-{
-    sword64 o;
-    sword64 a1[4];
-    sword64 b1[4];
-    sword128 t0;
-    sword128 t1;
-    sword128 t2;
-    sword128 t3;
-    sword128 t4;
-    sword128 t5;
-    sword128 t6;
-    sword128 t7;
-    sword128 t03;
-    sword128 t04;
-    sword128 t13;
-    sword128 t14;
-
-    a1[0] = a[0] + a[4];
-    a1[1] = a[1] + a[5];
-    a1[2] = a[2] + a[6];
-    a1[3] = a[3] + a[7];
-    b1[0] = b[0] + b[4];
-    b1[1] = b[1] + b[5];
-    b1[2] = b[2] + b[6];
-    b1[3] = b[3] + b[7];
-
-    t03 = ((sword128)a[0] * b[3]) + ((sword128)a[1] * b[2])
-       + ((sword128)a[2] * b[1]) + ((sword128)a[3] * b[0]);
-    t04 = ((sword128)a[1] * b[3]) + ((sword128)a[2] * b[2])
-       + ((sword128)a[3] * b[1]);
-    t04 += t03 >> 56;
-    t03 &= 0xffffffffffffffL;
-    t13 = ((sword128)a1[0] * b1[3]) + ((sword128)a1[1] * b1[2])
-       + ((sword128)a1[2] * b1[1]) + ((sword128)a1[3] * b1[0]);
-    t14 = ((sword128)a1[1] * b1[3]) + ((sword128)a1[2] * b1[2])
-       + ((sword128)a1[3] * b1[1]);
-    t14 += t13 >> 56;
-    t13 &= 0xffffffffffffffL;
-
-    t0 = ((sword128)a[0] * b[0]) + ((sword128)a[4] * b[4]) + t14 + -t04;
-    t1 = ((sword128)a[0] * b[1]) + ((sword128)a[1] * b[0])
-       + ((sword128)a[4] * b[5]) + ((sword128)a[5] * b[4])
-       + ((sword128)a1[2] * b1[3]) + ((sword128)a1[3] * b1[2])
-       - ((sword128)a[2] * b[3]) - ((sword128)a[3] * b[2]);
-    o = (sword64)(t0  >> 56); t1 += o; t0 &= 0xffffffffffffffL;
-    t2 = ((sword128)a[0] * b[2]) + ((sword128)a[1] * b[1])
-       + ((sword128)a[2] * b[0]) + ((sword128)a[4] * b[6])
-       + ((sword128)a[5] * b[5]) + ((sword128)a[6] * b[4])
-       + ((sword128)a1[3] * b1[3]) - ((sword128)a[3] * b[3]);
-    o = (sword64)(t1  >> 56); t2 += o; t1 &= 0xffffffffffffffL;
-    t3 = t03 + ((sword128)a[4] * b[7]) + ((sword128)a[5] * b[6])
-       + ((sword128)a[6] * b[5]) + ((sword128)a[7] * b[4]);
-    o = (sword64)(t2  >> 56); t3 += o; t2 &= 0xffffffffffffffL;
-    t4 = ((sword128)a[5] * b[7]) + ((sword128)a[6] * b[6])
-       + ((sword128)a[7] * b[5]) + ((sword128)a1[0] * b1[0])
-       - ((sword128)a[0] * b[0]) + t14;
-    o = (sword64)(t3  >> 56); t4 += o; t3 &= 0xffffffffffffffL;
-    t5 = ((sword128)a[6] * b[7]) + ((sword128)a[7] * b[6])
-       + ((sword128)a1[0] * b1[1]) + ((sword128)a1[1] * b1[0])
-       - ((sword128)a[0] * b[1]) - ((sword128)a[1] * b[0])
-       + ((sword128)a1[2] * b1[3]) + ((sword128)a1[3] * b1[2]);
-    o = (sword64)(t4  >> 56); t5 += o; t4 &= 0xffffffffffffffL;
-    t6 = ((sword128)a[7] * b[7]) + ((sword128)a1[0] * b1[2])
-       + ((sword128)a1[1] * b1[1]) + ((sword128)a1[2] * b1[0])
-       - ((sword128)a[0] * b[2]) - ((sword128)a[1] * b[1])
-       - ((sword128)a[2] * b[0]) + ((sword128)a1[3] * b1[3]);
-    o = (sword64)(t5  >> 56); t6 += o; t5 &= 0xffffffffffffffL;
-    t7 = t13 + -t03;
-    o = (sword64)(t6  >> 56); t7 += o; t6 &= 0xffffffffffffffL;
-    o = (sword64)(t7 >> 56); t0  += o;
-                   t4  += o; t7 &= 0xffffffffffffffL;
-
-    /* Store */
-    r[0] = (sword64)t0;
-    r[1] = (sword64)t1;
-    r[2] = (sword64)t2;
-    r[3] = (sword64)t3;
-    r[4] = (sword64)t4;
-    r[5] = (sword64)t5;
-    r[6] = (sword64)t6;
-    r[7] = (sword64)t7;
-}
-
-/* Square a field element. r = (a * a) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to square.
- */
-void fe448_sqr(sword64* r, const sword64* a)
-{
-    sword64 o;
-    sword64 a1[4];
-    sword128 t0;
-    sword128 t1;
-    sword128 t2;
-    sword128 t3;
-    sword128 t4;
-    sword128 t5;
-    sword128 t6;
-    sword128 t7;
-    sword128 t03;
-    sword128 t04;
-    sword128 t13;
-    sword128 t14;
-
-    a1[0] = a[0] + a[4];
-    a1[1] = a[1] + a[5];
-    a1[2] = a[2] + a[6];
-    a1[3] = a[3] + a[7];
-
-    t03 = ((sword128)a[0] * (2 * a[3])) + ((sword128)a[1] * (2 * a[2]));
-    t04 = ((sword128)a[1] * (2 * a[3])) + ((sword128)a[2] * a[2]);
-    t04 += t03 >> 56;
-    t03 &= 0xffffffffffffffL;
-    t13 = ((sword128)a1[0] * (2 * a1[3])) + ((sword128)a1[1] * (2 * a1[2]));
-    t14 = ((sword128)a1[1] * (2 * a1[3])) + ((sword128)a1[2] * a1[2]);
-    t14 += t13 >> 56;
-    t13 &= 0xffffffffffffffL;
-
-    t0 = ((sword128)a[0] * a[0]) + ((sword128)a[4] * a[4]) + t14 + -t04;
-    t1 = ((sword128)a[0] * (2 * a[1])) + ((sword128)a[4] * (2 * a[5]))
-       + ((sword128)a1[2] * (2 * a1[3])) - ((sword128)a[2] * (2 * a[3]));
-    o = (sword64)(t0  >> 56); t1 += o; t0 &= 0xffffffffffffffL;
-    t2 = ((sword128)a[0] * (2 * a[2])) + ((sword128)a[1] * a[1])
-       + ((sword128)a[4] * (2 * a[6])) + ((sword128)a[5] * a[5])
-       + ((sword128)a1[3] * a1[3]) - ((sword128)a[3] * a[3]);
-    o = (sword64)(t1  >> 56); t2 += o; t1 &= 0xffffffffffffffL;
-    t3 = t03 + ((sword128)a[4] * (2 * a[7])) + ((sword128)a[5] * (2 * a[6]));
-    o = (sword64)(t2  >> 56); t3 += o; t2 &= 0xffffffffffffffL;
-    t4 = ((sword128)a[5] * (2 * a[7])) + ((sword128)a[6] * a[6])
-       + ((sword128)a1[0] * a1[0]) - ((sword128)a[0] * a[0]) + t14;
-    o = (sword64)(t3  >> 56); t4 += o; t3 &= 0xffffffffffffffL;
-    t5 = ((sword128)a[6] * (2 * a[7])) + ((sword128)a1[0] * (2 * a1[1]))
-       - ((sword128)a[0] * (2 * a[1])) + ((sword128)a1[2] * (2 * a1[3]));
-    o = (sword64)(t4  >> 56); t5 += o; t4 &= 0xffffffffffffffL;
-    t6 = ((sword128)a[7] * a[7]) + ((sword128)a1[0] * (2 * a1[2]))
-       + ((sword128)a1[1] * a1[1]) - ((sword128)a[0] * (2 * a[2]))
-       - ((sword128)a[1] * a[1]) + ((sword128)a1[3] * a1[3]);
-    o = (sword64)(t5  >> 56); t6 += o; t5 &= 0xffffffffffffffL;
-    t7 = t13 + -t03;
-    o = (sword64)(t6  >> 56); t7 += o; t6 &= 0xffffffffffffffL;
-    o = (sword64)(t7 >> 56); t0  += o;
-                   t4  += o; t7 &= 0xffffffffffffffL;
-
-    /* Store */
-    r[0] = (sword64)t0;
-    r[1] = (sword64)t1;
-    r[2] = (sword64)t2;
-    r[3] = (sword64)t3;
-    r[4] = (sword64)t4;
-    r[5] = (sword64)t5;
-    r[6] = (sword64)t6;
-    r[7] = (sword64)t7;
-}
-
-/* Invert the field element. (r * a) mod (2^448 - 2^224 - 1) = 1
- * Constant time implementation - using Fermat's little theorem:
- *   a^(p-1) mod p = 1 => a^(p-2) mod p = 1/a
- * For curve448: p - 2 = 2^448 - 2^224 - 3
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to invert.
- */
-void fe448_invert(sword64* r, const sword64* a)
-{
-    sword64 t1[8];
-    sword64 t2[8];
-    sword64 t3[8];
-    sword64 t4[8];
-    int i;
-
-    fe448_sqr(t1, a);
-    /* t1 = 2 */
-    fe448_mul(t1, t1, a);
-    /* t1 = 3 */
-    fe448_sqr(t2, t1); for (i = 1; i < 2; ++i) fe448_sqr(t2, t2);
-    /* t2 = c */
-    fe448_mul(t3, t2, a);
-    /* t3 = d */
-    fe448_mul(t1, t2, t1);
-    /* t1 = f */
-    fe448_sqr(t2, t1);
-    /* t2 = 1e */
-    fe448_mul(t4, t2, a);
-    /* t4 = 1f */
-    fe448_sqr(t2, t4); for (i = 1; i < 5; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3e0 */
-    fe448_mul(t1, t2, t4);
-    /* t1 = 3ff */
-    fe448_sqr(t2, t1); for (i = 1; i < 10; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffc00 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = fffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 5; ++i) fe448_sqr(t2, t2);
-    /* t2 = 1ffffe0 */
-    fe448_mul(t1, t2, t4);
-    /* t1 = 1ffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 25; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3fffffe000000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = 3ffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 5; ++i) fe448_sqr(t2, t2);
-    /* t2 = 7fffffffffffe0 */
-    fe448_mul(t1, t2, t4);
-    /* t1 = 7fffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 55; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3fffffffffffff80000000000000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = 3fffffffffffffffffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 110; ++i) fe448_sqr(t2, t2);
-    /* t2 = fffffffffffffffffffffffffffc000000000000000000000000000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 4; ++i) fe448_sqr(t2, t2);
-    /* t2 = fffffffffffffffffffffffffffffffffffffffffffffffffffffff0 */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    fe448_mul(t1, t3, a);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe */
-    fe448_sqr(t1, t1); for (i = 1; i < 224; ++i) fe448_sqr(t1, t1);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000000000000000000000000000000000000000000000000000 */
-    fe448_mul(r, t3, t1);
-    /* r = fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-}
-
-/* Scalar multiply the point by a number. r = n.a
- * Uses Montgomery ladder and only requires the x-ordinate.
- *
- * r  [in]  Field element to hold result.
- * n  [in]  Scalar as an array of bytes.
- * a  [in]  Point to multiply - x-ordinate only.
- */
-int curve448(byte* r, const byte* n, const byte* a)
-{
-    sword64 x1[8];
-    sword64 x2[8];
-    sword64 z2[8];
-    sword64 x3[8];
-    sword64 z3[8];
-    sword64 t0[8];
-    sword64 t1[8];
-    int i;
-    unsigned int swap;
-
-    fe448_from_bytes(x1, a);
-    fe448_1(x2);
-    fe448_0(z2);
-    fe448_copy(x3, x1);
-    fe448_1(z3);
-
-    swap = 0;
-    for (i = 447; i >= 0; --i) {
-        unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
-        swap ^= b;
-        fe448_cswap(x2, x3, (int)swap);
-        fe448_cswap(z2, z3, (int)swap);
-        swap = b;
-
-        /* Montgomery Ladder - double and add */
-        fe448_add(t0, x2, z2);
-        fe448_reduce(t0);
-        fe448_add(t1, x3, z3);
-        fe448_reduce(t1);
-        fe448_sub(x2, x2, z2);
-        fe448_sub(x3, x3, z3);
-        fe448_mul(t1, t1, x2);
-        fe448_mul(z3, x3, t0);
-        fe448_sqr(t0, t0);
-        fe448_sqr(x2, x2);
-        fe448_add(x3, z3, t1);
-        fe448_reduce(x3);
-        fe448_sqr(x3, x3);
-        fe448_sub(z3, z3, t1);
-        fe448_sqr(z3, z3);
-        fe448_mul(z3, z3, x1);
-        fe448_sub(t1, t0, x2);
-        fe448_mul(x2, t0, x2);
-        fe448_mul39081(z2, t1);
-        fe448_add(z2, t0, z2);
-        fe448_mul(z2, z2, t1);
-    }
-    /* Last two bits are 0 - no final swap check required. */
-
-    fe448_invert(z2, z2);
-    fe448_mul(x2, x2, z2);
-    fe448_to_bytes(r, x2);
-
-    return 0;
-}
-
-#ifdef HAVE_ED448
-/* Check whether field element is not 0.
- * Must convert to a normalized form before checking.
- *
- * a  [in]  Field element.
- * returns 0 when zero, and any other value otherwise.
- */
-int fe448_isnonzero(const sword64* a)
-{
-    byte b[56];
-    int i;
-    byte c = 0;
-    fe448_to_bytes(b, a);
-    for (i = 0; i < 56; i++)
-        c |= b[i];
-    return c;
-}
-
-/* Check whether field element is negative.
- * Must convert to a normalized form before checking.
- *
- * a  [in]  Field element.
- * returns 1 when negative, and 0 otherwise.
- */
-int fe448_isnegative(const sword64* a)
-{
-    byte b[56];
-    fe448_to_bytes(b, a);
-    return b[0] & 1;
-}
-
-/* Negates the field element. r = -a
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element.
- */
-void fe448_neg(sword64* r, const sword64* a)
-{
-    r[0] = -a[0];
-    r[1] = -a[1];
-    r[2] = -a[2];
-    r[3] = -a[3];
-    r[4] = -a[4];
-    r[5] = -a[5];
-    r[6] = -a[6];
-    r[7] = -a[7];
-}
-
-/* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calculating y-ordinate from x-ordinate for Ed448.
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to exponentiate.
- */
-void fe448_pow_2_446_222_1(sword64* r, const sword64* a)
-{
-    sword64 t1[8];
-    sword64 t2[8];
-    sword64 t3[8];
-    sword64 t4[8];
-    sword64 t5[8];
-    int i;
-
-    fe448_sqr(t3, a);
-    /* t3 = 2 */
-    fe448_mul(t1, t3, a);
-    /* t1 = 3 */
-    fe448_sqr(t5, t1);
-    /* t5 = 6 */
-    fe448_mul(t5, t5, a);
-    /* t5 = 7 */
-    fe448_sqr(t2, t1); for (i = 1; i < 2; ++i) fe448_sqr(t2, t2);
-    /* t2 = c */
-    fe448_mul(t3, t2, t3);
-    /* t3 = e */
-    fe448_mul(t1, t2, t1);
-    /* t1 = f */
-    fe448_sqr(t2, t1); for (i = 1; i < 3; ++i) fe448_sqr(t2, t2);
-    /* t2 = 78 */
-    fe448_mul(t5, t2, t5);
-    /* t5 = 7f */
-    fe448_sqr(t2, t1); for (i = 1; i < 4; ++i) fe448_sqr(t2, t2);
-    /* t2 = f0 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = ff */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fe */
-    fe448_sqr(t2, t1); for (i = 1; i < 7; ++i) fe448_sqr(t2, t2);
-    /* t2 = 7f80 */
-    fe448_mul(t5, t2, t5);
-    /* t5 = 7fff */
-    fe448_sqr(t2, t1); for (i = 1; i < 8; ++i) fe448_sqr(t2, t2);
-    /* t2 = ff00 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = ffff */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffe */
-    fe448_sqr(t2, t5); for (i = 1; i < 15; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3fff8000 */
-    fe448_mul(t5, t2, t5);
-    /* t5 = 3fffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 16; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffff0000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = ffffffff */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffffffe */
-    fe448_sqr(t2, t1); for (i = 1; i < 32; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffffffff00000000 */
-    fe448_mul(t2, t2, t1);
-    /* t2 = ffffffffffffffff */
-    fe448_sqr(t1, t2); for (i = 1; i < 64; ++i) fe448_sqr(t1, t1);
-    /* t1 = ffffffffffffffff0000000000000000 */
-    fe448_mul(t1, t1, t2);
-    /* t1 = ffffffffffffffffffffffffffffffff */
-    fe448_sqr(t1, t1); for (i = 1; i < 64; ++i) fe448_sqr(t1, t1);
-    /* t1 = ffffffffffffffffffffffffffffffff0000000000000000 */
-    fe448_mul(t4, t1, t2);
-    /* t4 = ffffffffffffffffffffffffffffffffffffffffffffffff */
-    fe448_sqr(t2, t4); for (i = 1; i < 32; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffffffffffffffffffffffffffffffffffffffffffffffff00000000 */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe */
-    fe448_sqr(t1, t3); for (i = 1; i < 192; ++i) fe448_sqr(t1, t1);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe000000000000000000000000000000000000000000000000 */
-    fe448_mul(t1, t1, t4);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffff */
-    fe448_sqr(t1, t1); for (i = 1; i < 30; ++i) fe448_sqr(t1, t1);
-    /* t1 = 3fffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffffffffffffffffffffffffffffffffffffffffffc0000000 */
-    fe448_mul(r, t5, t1);
-    /* r = 3fffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-}
-
-/* Constant time, conditional move of b into a.
- * a is not changed if the condition is 0.
- *
- * a  A field element.
- * b  A field element.
- * c  If 1 then copy and if 0 then don't copy.
- */
-void fe448_cmov(sword64* a, const sword64* b, int c)
-{
-    sword64 m = -(sword64)c;
-    sword64 t0 = m & (a[0] ^ b[0]);
-    sword64 t1 = m & (a[1] ^ b[1]);
-    sword64 t2 = m & (a[2] ^ b[2]);
-    sword64 t3 = m & (a[3] ^ b[3]);
-    sword64 t4 = m & (a[4] ^ b[4]);
-    sword64 t5 = m & (a[5] ^ b[5]);
-    sword64 t6 = m & (a[6] ^ b[6]);
-    sword64 t7 = m & (a[7] ^ b[7]);
-
-    a[0] ^= t0;
-    a[1] ^= t1;
-    a[2] ^= t2;
-    a[3] ^= t3;
-    a[4] ^= t4;
-    a[5] ^= t5;
-    a[6] ^= t6;
-    a[7] ^= t7;
-}
-
-#endif /* HAVE_ED448 */
-#else
-
-/* Initialize the field element operations.
- */
-void fe448_init(void)
-{
-}
-
-/* Convert the field element from a byte array to an array of 28-bits.
- *
- * r  [in]  Array to encode into.
- * b  [in]  Byte array.
- */
-void fe448_from_bytes(sword32* r, const unsigned char* b)
-{
-    r[ 0] = (sword32)(
-             (((word32)((b[ 0]        ) >>  0)) <<  0)
-          |  (((word32)((b[ 1]        ) >>  0)) <<  8)
-          |  (((word32)((b[ 2]        ) >>  0)) << 16)
-          | ((((word32)((b[ 3] & 0xf )) >>  0)) << 24));
-    r[ 1] = (sword32)(
-             (((word32)((b[ 3]        ) >>  4)) <<  0)
-          |  (((word32)((b[ 4]        ) >>  0)) <<  4)
-          |  (((word32)((b[ 5]        ) >>  0)) << 12)
-          |  (((word32)((b[ 6]        ) >>  0)) << 20));
-    r[ 2] = (sword32)(
-             (((word32)((b[ 7]        ) >>  0)) <<  0)
-          |  (((word32)((b[ 8]        ) >>  0)) <<  8)
-          |  (((word32)((b[ 9]        ) >>  0)) << 16)
-          | ((((word32)((b[10] & 0xf )) >>  0)) << 24));
-    r[ 3] = (sword32)(
-             (((word32)((b[10]        ) >>  4)) <<  0)
-          |  (((word32)((b[11]        ) >>  0)) <<  4)
-          |  (((word32)((b[12]        ) >>  0)) << 12)
-          |  (((word32)((b[13]        ) >>  0)) << 20));
-    r[ 4] = (sword32)(
-             (((word32)((b[14]        ) >>  0)) <<  0)
-          |  (((word32)((b[15]        ) >>  0)) <<  8)
-          |  (((word32)((b[16]        ) >>  0)) << 16)
-          | ((((word32)((b[17] & 0xf )) >>  0)) << 24));
-    r[ 5] = (sword32)(
-             (((word32)((b[17]        ) >>  4)) <<  0)
-          |  (((word32)((b[18]        ) >>  0)) <<  4)
-          |  (((word32)((b[19]        ) >>  0)) << 12)
-          |  (((word32)((b[20]        ) >>  0)) << 20));
-    r[ 6] = (sword32)(
-             (((word32)((b[21]        ) >>  0)) <<  0)
-          |  (((word32)((b[22]        ) >>  0)) <<  8)
-          |  (((word32)((b[23]        ) >>  0)) << 16)
-          | ((((word32)((b[24] & 0xf )) >>  0)) << 24));
-    r[ 7] = (sword32)(
-             (((word32)((b[24]        ) >>  4)) <<  0)
-          |  (((word32)((b[25]        ) >>  0)) <<  4)
-          |  (((word32)((b[26]        ) >>  0)) << 12)
-          |  (((word32)((b[27]        ) >>  0)) << 20));
-    r[ 8] = (sword32)(
-             (((word32)((b[28]        ) >>  0)) <<  0)
-          |  (((word32)((b[29]        ) >>  0)) <<  8)
-          |  (((word32)((b[30]        ) >>  0)) << 16)
-          | ((((word32)((b[31] & 0xf )) >>  0)) << 24));
-    r[ 9] = (sword32)(
-             (((word32)((b[31]        ) >>  4)) <<  0)
-          |  (((word32)((b[32]        ) >>  0)) <<  4)
-          |  (((word32)((b[33]        ) >>  0)) << 12)
-          |  (((word32)((b[34]        ) >>  0)) << 20));
-    r[10] = (sword32)(
-             (((word32)((b[35]        ) >>  0)) <<  0)
-          |  (((word32)((b[36]        ) >>  0)) <<  8)
-          |  (((word32)((b[37]        ) >>  0)) << 16)
-          | ((((word32)((b[38] & 0xf )) >>  0)) << 24));
-    r[11] = (sword32)(
-             (((word32)((b[38]        ) >>  4)) <<  0)
-          |  (((word32)((b[39]        ) >>  0)) <<  4)
-          |  (((word32)((b[40]        ) >>  0)) << 12)
-          |  (((word32)((b[41]        ) >>  0)) << 20));
-    r[12] = (sword32)(
-             (((word32)((b[42]        ) >>  0)) <<  0)
-          |  (((word32)((b[43]        ) >>  0)) <<  8)
-          |  (((word32)((b[44]        ) >>  0)) << 16)
-          | ((((word32)((b[45] & 0xf )) >>  0)) << 24));
-    r[13] = (sword32)(
-             (((word32)((b[45]        ) >>  4)) <<  0)
-          |  (((word32)((b[46]        ) >>  0)) <<  4)
-          |  (((word32)((b[47]        ) >>  0)) << 12)
-          |  (((word32)((b[48]        ) >>  0)) << 20));
-    r[14] = (sword32)(
-             (((word32)((b[49]        ) >>  0)) <<  0)
-          |  (((word32)((b[50]        ) >>  0)) <<  8)
-          |  (((word32)((b[51]        ) >>  0)) << 16)
-          | ((((word32)((b[52] & 0xf )) >>  0)) << 24));
-    r[15] = (sword32)(
-             (((word32)((b[52]        ) >>  4)) <<  0)
-          |  (((word32)((b[53]        ) >>  0)) <<  4)
-          |  (((word32)((b[54]        ) >>  0)) << 12)
-          |  (((word32)((b[55]        ) >>  0)) << 20));
-}
-
-/* Convert the field element to a byte array from an array of 28-bits.
- *
- * b  [in]  Byte array.
- * a  [in]  Array to encode into.
- */
-void fe448_to_bytes(unsigned char* b, const sword32* a)
-{
-    sword32 t;
-    /* Mod */
-    sword32 in0 = a[0];
-    sword32 in1 = a[1];
-    sword32 in2 = a[2];
-    sword32 in3 = a[3];
-    sword32 in4 = a[4];
-    sword32 in5 = a[5];
-    sword32 in6 = a[6];
-    sword32 in7 = a[7];
-    sword32 in8 = a[8];
-    sword32 in9 = a[9];
-    sword32 in10 = a[10];
-    sword32 in11 = a[11];
-    sword32 in12 = a[12];
-    sword32 in13 = a[13];
-    sword32 in14 = a[14];
-    sword32 in15 = a[15];
-    sword32 o = in15 >> 28;
-    in15 -= (sword32)((word32)o << 28);
-    in0 += o;
-    in8 += o;
-    o = (in0 + 1) >> 28;
-    o = (o + in1) >> 28;
-    o = (o + in2) >> 28;
-    o = (o + in3) >> 28;
-    o = (o + in4) >> 28;
-    o = (o + in5) >> 28;
-    o = (o + in6) >> 28;
-    o = (o + in7) >> 28;
-    o = (o + in8 + 1) >> 28;
-    o = (o + in9) >> 28;
-    o = (o + in10) >> 28;
-    o = (o + in11) >> 28;
-    o = (o + in12) >> 28;
-    o = (o + in13) >> 28;
-    o = (o + in14) >> 28;
-    o = (o + in15) >> 28;
-    in0 += o;
-    in8 += o;
-    in15 -= (sword32)((word32)o << 28);
-    o = (sword32)(in0  >> 28); in1  += o;
-    t = (sword32)((word32)o << 28); in0  -= t;
-    o = (sword32)(in1  >> 28); in2  += o;
-    t = (sword32)((word32)o << 28); in1  -= t;
-    o = (sword32)(in2  >> 28); in3  += o;
-    t = (sword32)((word32)o << 28); in2  -= t;
-    o = (sword32)(in3  >> 28); in4  += o;
-    t = (sword32)((word32)o << 28); in3  -= t;
-    o = (sword32)(in4  >> 28); in5  += o;
-    t = (sword32)((word32)o << 28); in4  -= t;
-    o = (sword32)(in5  >> 28); in6  += o;
-    t = (sword32)((word32)o << 28); in5  -= t;
-    o = (sword32)(in6  >> 28); in7  += o;
-    t = (sword32)((word32)o << 28); in6  -= t;
-    o = (sword32)(in7  >> 28); in8  += o;
-    t = (sword32)((word32)o << 28); in7  -= t;
-    o = (sword32)(in8  >> 28); in9  += o;
-    t = (sword32)((word32)o << 28); in8  -= t;
-    o = (sword32)(in9  >> 28); in10 += o;
-    t = (sword32)((word32)o << 28); in9  -= t;
-    o = (sword32)(in10 >> 28); in11 += o;
-    t = (sword32)((word32)o << 28); in10 -= t;
-    o = (sword32)(in11 >> 28); in12 += o;
-    t = (sword32)((word32)o << 28); in11 -= t;
-    o = (sword32)(in12 >> 28); in13 += o;
-    t = (sword32)((word32)o << 28); in12 -= t;
-    o = (sword32)(in13 >> 28); in14 += o;
-    t = (sword32)((word32)o << 28); in13 -= t;
-    o = (sword32)(in14 >> 28); in15 += o;
-    t = (sword32)((word32)o << 28); in14 -= t;
-    o = (sword32)(in15 >> 28); in0  += o;
-                               in8  += o;
-    t = (sword32)((word32)o << 28); in15 -= t;
-
-    /* Output as bytes */
-    b[ 0] = (byte)(in0  >>  0);
-    b[ 1] = (byte)(in0  >>  8);
-    b[ 2] = (byte)(in0  >> 16);
-    b[ 3] = (byte)((byte)(in0  >> 24) + (byte)((byte)(in1  >>  0) <<  4));
-    b[ 4] = (byte)(in1  >>  4);
-    b[ 5] = (byte)(in1  >> 12);
-    b[ 6] = (byte)(in1  >> 20);
-    b[ 7] = (byte)(in2  >>  0);
-    b[ 8] = (byte)(in2  >>  8);
-    b[ 9] = (byte)(in2  >> 16);
-    b[10] = (byte)((byte)(in2  >> 24) + (byte)((byte)(in3  >>  0) <<  4));
-    b[11] = (byte)(in3  >>  4);
-    b[12] = (byte)(in3  >> 12);
-    b[13] = (byte)(in3  >> 20);
-    b[14] = (byte)(in4  >>  0);
-    b[15] = (byte)(in4  >>  8);
-    b[16] = (byte)(in4  >> 16);
-    b[17] = (byte)((byte)(in4  >> 24) + (byte)((byte)(in5  >>  0) <<  4));
-    b[18] = (byte)(in5  >>  4);
-    b[19] = (byte)(in5  >> 12);
-    b[20] = (byte)(in5  >> 20);
-    b[21] = (byte)(in6  >>  0);
-    b[22] = (byte)(in6  >>  8);
-    b[23] = (byte)(in6  >> 16);
-    b[24] = (byte)((byte)(in6  >> 24) + (byte)((byte)(in7  >>  0) <<  4));
-    b[25] = (byte)(in7  >>  4);
-    b[26] = (byte)(in7  >> 12);
-    b[27] = (byte)(in7  >> 20);
-    b[28] = (byte)(in8  >>  0);
-    b[29] = (byte)(in8  >>  8);
-    b[30] = (byte)(in8  >> 16);
-    b[31] = (byte)((byte)(in8  >> 24) + (byte)((byte)(in9  >>  0) <<  4));
-    b[32] = (byte)(in9  >>  4);
-    b[33] = (byte)(in9  >> 12);
-    b[34] = (byte)(in9  >> 20);
-    b[35] = (byte)(in10 >>  0);
-    b[36] = (byte)(in10 >>  8);
-    b[37] = (byte)(in10 >> 16);
-    b[38] = (byte)((byte)(in10 >> 24) + (byte)((byte)(in11 >>  0) <<  4));
-    b[39] = (byte)(in11 >>  4);
-    b[40] = (byte)(in11 >> 12);
-    b[41] = (byte)(in11 >> 20);
-    b[42] = (byte)(in12 >>  0);
-    b[43] = (byte)(in12 >>  8);
-    b[44] = (byte)(in12 >> 16);
-    b[45] = (byte)((byte)(in12 >> 24) + (byte)((byte)(in13 >>  0) <<  4));
-    b[46] = (byte)(in13 >>  4);
-    b[47] = (byte)(in13 >> 12);
-    b[48] = (byte)(in13 >> 20);
-    b[49] = (byte)(in14 >>  0);
-    b[50] = (byte)(in14 >>  8);
-    b[51] = (byte)(in14 >> 16);
-    b[52] = (byte)((byte)(in14 >> 24) + (byte)((byte)(in15 >>  0) <<  4));
-    b[53] = (byte)(in15 >>  4);
-    b[54] = (byte)(in15 >> 12);
-    b[55] = (byte)(in15 >> 20);
-}
-
-/* Set the field element to 0.
- *
- * a  [in]  Field element.
- */
-void fe448_1(sword32* a)
-{
-    a[0] = 1;
-    a[1] = 0;
-    a[2] = 0;
-    a[3] = 0;
-    a[4] = 0;
-    a[5] = 0;
-    a[6] = 0;
-    a[7] = 0;
-    a[8] = 0;
-    a[9] = 0;
-    a[10] = 0;
-    a[11] = 0;
-    a[12] = 0;
-    a[13] = 0;
-    a[14] = 0;
-    a[15] = 0;
-}
-
-/* Set the field element to 0.
- *
- * a  [in]  Field element.
- */
-void fe448_0(sword32* a)
-{
-    a[0] = 0;
-    a[1] = 0;
-    a[2] = 0;
-    a[3] = 0;
-    a[4] = 0;
-    a[5] = 0;
-    a[6] = 0;
-    a[7] = 0;
-    a[8] = 0;
-    a[9] = 0;
-    a[10] = 0;
-    a[11] = 0;
-    a[12] = 0;
-    a[13] = 0;
-    a[14] = 0;
-    a[15] = 0;
-}
-
-/* Copy one field element into another: d = a.
- *
- * d  [in]  Destination field element.
- * a  [in]  Source field element.
- */
-void fe448_copy(sword32* d, const sword32* a)
-{
-    d[0] = a[0];
-    d[1] = a[1];
-    d[2] = a[2];
-    d[3] = a[3];
-    d[4] = a[4];
-    d[5] = a[5];
-    d[6] = a[6];
-    d[7] = a[7];
-    d[8] = a[8];
-    d[9] = a[9];
-    d[10] = a[10];
-    d[11] = a[11];
-    d[12] = a[12];
-    d[13] = a[13];
-    d[14] = a[14];
-    d[15] = a[15];
-}
-
-/* Conditionally swap the elements.
- * Constant time implementation.
- *
- * a  [in]  First field element.
- * b  [in]  Second field element.
- * c  [in]  Swap when 1. Valid values: 0, 1.
- */
-static void fe448_cswap(sword32* a, sword32* b, int c)
-{
-    sword32 mask = -(sword32)c;
-    sword32 t0 = (a[0] ^ b[0]) & mask;
-    sword32 t1 = (a[1] ^ b[1]) & mask;
-    sword32 t2 = (a[2] ^ b[2]) & mask;
-    sword32 t3 = (a[3] ^ b[3]) & mask;
-    sword32 t4 = (a[4] ^ b[4]) & mask;
-    sword32 t5 = (a[5] ^ b[5]) & mask;
-    sword32 t6 = (a[6] ^ b[6]) & mask;
-    sword32 t7 = (a[7] ^ b[7]) & mask;
-    sword32 t8 = (a[8] ^ b[8]) & mask;
-    sword32 t9 = (a[9] ^ b[9]) & mask;
-    sword32 t10 = (a[10] ^ b[10]) & mask;
-    sword32 t11 = (a[11] ^ b[11]) & mask;
-    sword32 t12 = (a[12] ^ b[12]) & mask;
-    sword32 t13 = (a[13] ^ b[13]) & mask;
-    sword32 t14 = (a[14] ^ b[14]) & mask;
-    sword32 t15 = (a[15] ^ b[15]) & mask;
-    a[0] ^= t0;
-    a[1] ^= t1;
-    a[2] ^= t2;
-    a[3] ^= t3;
-    a[4] ^= t4;
-    a[5] ^= t5;
-    a[6] ^= t6;
-    a[7] ^= t7;
-    a[8] ^= t8;
-    a[9] ^= t9;
-    a[10] ^= t10;
-    a[11] ^= t11;
-    a[12] ^= t12;
-    a[13] ^= t13;
-    a[14] ^= t14;
-    a[15] ^= t15;
-    b[0] ^= t0;
-    b[1] ^= t1;
-    b[2] ^= t2;
-    b[3] ^= t3;
-    b[4] ^= t4;
-    b[5] ^= t5;
-    b[6] ^= t6;
-    b[7] ^= t7;
-    b[8] ^= t8;
-    b[9] ^= t9;
-    b[10] ^= t10;
-    b[11] ^= t11;
-    b[12] ^= t12;
-    b[13] ^= t13;
-    b[14] ^= t14;
-    b[15] ^= t15;
-}
-
-/* Add two field elements. r = (a + b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold sum.
- * a  [in]  Field element to add.
- * b  [in]  Field element to add.
- */
-void fe448_add(sword32* r, const sword32* a, const sword32* b)
-{
-    r[0] = a[0] + b[0];
-    r[1] = a[1] + b[1];
-    r[2] = a[2] + b[2];
-    r[3] = a[3] + b[3];
-    r[4] = a[4] + b[4];
-    r[5] = a[5] + b[5];
-    r[6] = a[6] + b[6];
-    r[7] = a[7] + b[7];
-    r[8] = a[8] + b[8];
-    r[9] = a[9] + b[9];
-    r[10] = a[10] + b[10];
-    r[11] = a[11] + b[11];
-    r[12] = a[12] + b[12];
-    r[13] = a[13] + b[13];
-    r[14] = a[14] + b[14];
-    r[15] = a[15] + b[15];
-}
-
-/* Subtract a field element from another. r = (a - b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold difference.
- * a  [in]  Field element to subtract from.
- * b  [in]  Field element to subtract.
- */
-void fe448_sub(sword32* r, const sword32* a, const sword32* b)
-{
-    r[0] = a[0] - b[0];
-    r[1] = a[1] - b[1];
-    r[2] = a[2] - b[2];
-    r[3] = a[3] - b[3];
-    r[4] = a[4] - b[4];
-    r[5] = a[5] - b[5];
-    r[6] = a[6] - b[6];
-    r[7] = a[7] - b[7];
-    r[8] = a[8] - b[8];
-    r[9] = a[9] - b[9];
-    r[10] = a[10] - b[10];
-    r[11] = a[11] - b[11];
-    r[12] = a[12] - b[12];
-    r[13] = a[13] - b[13];
-    r[14] = a[14] - b[14];
-    r[15] = a[15] - b[15];
-}
-
-void fe448_reduce(sword32* a)
-{
-    sword64 o;
-
-    o = a[0 ] >> 28; a[1 ] += (sword32)o; a[0 ] -= (sword32)((word32)o << 28);
-    o = a[1 ] >> 28; a[2 ] += (sword32)o; a[1 ] -= (sword32)((word32)o << 28);
-    o = a[2 ] >> 28; a[3 ] += (sword32)o; a[2 ] -= (sword32)((word32)o << 28);
-    o = a[3 ] >> 28; a[4 ] += (sword32)o; a[3 ] -= (sword32)((word32)o << 28);
-    o = a[4 ] >> 28; a[5 ] += (sword32)o; a[4 ] -= (sword32)((word32)o << 28);
-    o = a[5 ] >> 28; a[6 ] += (sword32)o; a[5 ] -= (sword32)((word32)o << 28);
-    o = a[6 ] >> 28; a[7 ] += (sword32)o; a[6 ] -= (sword32)((word32)o << 28);
-    o = a[7 ] >> 28; a[8 ] += (sword32)o; a[7 ] -= (sword32)((word32)o << 28);
-    o = a[8 ] >> 28; a[9 ] += (sword32)o; a[8 ] -= (sword32)((word32)o << 28);
-    o = a[9 ] >> 28; a[10] += (sword32)o; a[9 ] -= (sword32)((word32)o << 28);
-    o = a[10] >> 28; a[11] += (sword32)o; a[10] -= (sword32)((word32)o << 28);
-    o = a[11] >> 28; a[12] += (sword32)o; a[11] -= (sword32)((word32)o << 28);
-    o = a[12] >> 28; a[13] += (sword32)o; a[12] -= (sword32)((word32)o << 28);
-    o = a[13] >> 28; a[14] += (sword32)o; a[13] -= (sword32)((word32)o << 28);
-    o = a[14] >> 28; a[15] += (sword32)o; a[14] -= (sword32)((word32)o << 28);
-    o = a[15] >> 28; a[0]  += (sword32)o;
-                     a[8]  += (sword32)o; a[15] -= (sword32)((word32)o << 28);
-}
-/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- */
-void fe448_mul39081(sword32* r, const sword32* a)
-{
-    sword64 t;
-    sword32 o;
-    sword64 t0 = a[0] * (sword64)39081;
-    sword64 t1 = a[1] * (sword64)39081;
-    sword64 t2 = a[2] * (sword64)39081;
-    sword64 t3 = a[3] * (sword64)39081;
-    sword64 t4 = a[4] * (sword64)39081;
-    sword64 t5 = a[5] * (sword64)39081;
-    sword64 t6 = a[6] * (sword64)39081;
-    sword64 t7 = a[7] * (sword64)39081;
-    sword64 t8 = a[8] * (sword64)39081;
-    sword64 t9 = a[9] * (sword64)39081;
-    sword64 t10 = a[10] * (sword64)39081;
-    sword64 t11 = a[11] * (sword64)39081;
-    sword64 t12 = a[12] * (sword64)39081;
-    sword64 t13 = a[13] * (sword64)39081;
-    sword64 t14 = a[14] * (sword64)39081;
-    sword64 t15 = a[15] * (sword64)39081;
-    o = (sword32)(t0  >> 28); t1  += o;
-    t = (sword64)((word64)o << 28); t0  -= t;
-    o = (sword32)(t1  >> 28); t2  += o;
-    t = (sword64)((word64)o << 28); t1  -= t;
-    o = (sword32)(t2  >> 28); t3  += o;
-    t = (sword64)((word64)o << 28); t2  -= t;
-    o = (sword32)(t3  >> 28); t4  += o;
-    t = (sword64)((word64)o << 28); t3  -= t;
-    o = (sword32)(t4  >> 28); t5  += o;
-    t = (sword64)((word64)o << 28); t4  -= t;
-    o = (sword32)(t5  >> 28); t6  += o;
-    t = (sword64)((word64)o << 28); t5  -= t;
-    o = (sword32)(t6  >> 28); t7  += o;
-    t = (sword64)((word64)o << 28); t6  -= t;
-    o = (sword32)(t7  >> 28); t8  += o;
-    t = (sword64)((word64)o << 28); t7  -= t;
-    o = (sword32)(t8  >> 28); t9  += o;
-    t = (sword64)((word64)o << 28); t8  -= t;
-    o = (sword32)(t9  >> 28); t10 += o;
-    t = (sword64)((word64)o << 28); t9  -= t;
-    o = (sword32)(t10 >> 28); t11 += o;
-    t = (sword64)((word64)o << 28); t10 -= t;
-    o = (sword32)(t11 >> 28); t12 += o;
-    t = (sword64)((word64)o << 28); t11 -= t;
-    o = (sword32)(t12 >> 28); t13 += o;
-    t = (sword64)((word64)o << 28); t12 -= t;
-    o = (sword32)(t13 >> 28); t14 += o;
-    t = (sword64)((word64)o << 28); t13 -= t;
-    o = (sword32)(t14 >> 28); t15 += o;
-    t = (sword64)((word64)o << 28); t14 -= t;
-    o = (sword32)(t15 >> 28); t0  += o;
-                              t8  += o;
-    t = (sword64)((word64)o << 28); t15 -= t;
-
-    /* Store */
-    r[0] = (sword32)t0;
-    r[1] = (sword32)t1;
-    r[2] = (sword32)t2;
-    r[3] = (sword32)t3;
-    r[4] = (sword32)t4;
-    r[5] = (sword32)t5;
-    r[6] = (sword32)t6;
-    r[7] = (sword32)t7;
-    r[8] = (sword32)t8;
-    r[9] = (sword32)t9;
-    r[10] = (sword32)t10;
-    r[11] = (sword32)t11;
-    r[12] = (sword32)t12;
-    r[13] = (sword32)t13;
-    r[14] = (sword32)t14;
-    r[15] = (sword32)t15;
-}
-
-/* Multiply two field elements. r = a * b
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- * b  [in]  Field element to multiply.
- */
-static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a,
-    const sword32* b)
-{
-    sword64 t;
-    sword64 o;
-    sword64 t15;
-    sword64 t0   = (sword64)a[ 0] * b[ 0];
-    sword64 t1   = (sword64)a[ 0] * b[ 1];
-    sword64 t101 = (sword64)a[ 1] * b[ 0];
-    sword64 t2   = (sword64)a[ 0] * b[ 2];
-    sword64 t102 = (sword64)a[ 1] * b[ 1];
-    sword64 t202 = (sword64)a[ 2] * b[ 0];
-    sword64 t3   = (sword64)a[ 0] * b[ 3];
-    sword64 t103 = (sword64)a[ 1] * b[ 2];
-    sword64 t203 = (sword64)a[ 2] * b[ 1];
-    sword64 t303 = (sword64)a[ 3] * b[ 0];
-    sword64 t4   = (sword64)a[ 0] * b[ 4];
-    sword64 t104 = (sword64)a[ 1] * b[ 3];
-    sword64 t204 = (sword64)a[ 2] * b[ 2];
-    sword64 t304 = (sword64)a[ 3] * b[ 1];
-    sword64 t404 = (sword64)a[ 4] * b[ 0];
-    sword64 t5   = (sword64)a[ 0] * b[ 5];
-    sword64 t105 = (sword64)a[ 1] * b[ 4];
-    sword64 t205 = (sword64)a[ 2] * b[ 3];
-    sword64 t305 = (sword64)a[ 3] * b[ 2];
-    sword64 t405 = (sword64)a[ 4] * b[ 1];
-    sword64 t505 = (sword64)a[ 5] * b[ 0];
-    sword64 t6   = (sword64)a[ 0] * b[ 6];
-    sword64 t106 = (sword64)a[ 1] * b[ 5];
-    sword64 t206 = (sword64)a[ 2] * b[ 4];
-    sword64 t306 = (sword64)a[ 3] * b[ 3];
-    sword64 t406 = (sword64)a[ 4] * b[ 2];
-    sword64 t506 = (sword64)a[ 5] * b[ 1];
-    sword64 t606 = (sword64)a[ 6] * b[ 0];
-    sword64 t7   = (sword64)a[ 0] * b[ 7];
-    sword64 t107 = (sword64)a[ 1] * b[ 6];
-    sword64 t207 = (sword64)a[ 2] * b[ 5];
-    sword64 t307 = (sword64)a[ 3] * b[ 4];
-    sword64 t407 = (sword64)a[ 4] * b[ 3];
-    sword64 t507 = (sword64)a[ 5] * b[ 2];
-    sword64 t607 = (sword64)a[ 6] * b[ 1];
-    sword64 t707 = (sword64)a[ 7] * b[ 0];
-    sword64 t8   = (sword64)a[ 1] * b[ 7];
-    sword64 t108 = (sword64)a[ 2] * b[ 6];
-    sword64 t208 = (sword64)a[ 3] * b[ 5];
-    sword64 t308 = (sword64)a[ 4] * b[ 4];
-    sword64 t408 = (sword64)a[ 5] * b[ 3];
-    sword64 t508 = (sword64)a[ 6] * b[ 2];
-    sword64 t608 = (sword64)a[ 7] * b[ 1];
-    sword64 t9   = (sword64)a[ 2] * b[ 7];
-    sword64 t109 = (sword64)a[ 3] * b[ 6];
-    sword64 t209 = (sword64)a[ 4] * b[ 5];
-    sword64 t309 = (sword64)a[ 5] * b[ 4];
-    sword64 t409 = (sword64)a[ 6] * b[ 3];
-    sword64 t509 = (sword64)a[ 7] * b[ 2];
-    sword64 t10  = (sword64)a[ 3] * b[ 7];
-    sword64 t110 = (sword64)a[ 4] * b[ 6];
-    sword64 t210 = (sword64)a[ 5] * b[ 5];
-    sword64 t310 = (sword64)a[ 6] * b[ 4];
-    sword64 t410 = (sword64)a[ 7] * b[ 3];
-    sword64 t11  = (sword64)a[ 4] * b[ 7];
-    sword64 t111 = (sword64)a[ 5] * b[ 6];
-    sword64 t211 = (sword64)a[ 6] * b[ 5];
-    sword64 t311 = (sword64)a[ 7] * b[ 4];
-    sword64 t12  = (sword64)a[ 5] * b[ 7];
-    sword64 t112 = (sword64)a[ 6] * b[ 6];
-    sword64 t212 = (sword64)a[ 7] * b[ 5];
-    sword64 t13  = (sword64)a[ 6] * b[ 7];
-    sword64 t113 = (sword64)a[ 7] * b[ 6];
-    sword64 t14  = (sword64)a[ 7] * b[ 7];
-    t1  += t101;
-    t2  += t102; t2  += t202;
-    t3  += t103; t3  += t203; t3  += t303;
-    t4  += t104; t4  += t204; t4  += t304; t4  += t404;
-    t5  += t105; t5  += t205; t5  += t305; t5  += t405; t5  += t505;
-    t6  += t106; t6  += t206; t6  += t306; t6  += t406; t6  += t506;
-    t6  += t606;
-    t7  += t107; t7  += t207; t7  += t307; t7  += t407; t7  += t507;
-    t7  += t607;
-    t8  += t108; t8  += t208; t8  += t308; t8  += t408; t8  += t508;
-    t8  += t608;
-    t9  += t109; t9  += t209; t9  += t309; t9  += t409; t9  += t509;
-    t10 += t110; t10 += t210; t10 += t310; t10 += t410;
-    t11 += t111; t11 += t211; t11 += t311;
-    t12 += t112; t12 += t212;
-    t13 += t113;
-    o = t14 >> 28;
-    t15 = o;
-    t14 -= (sword64)((word64)o << 28);
-    o = (t0  >> 28); t1  += o;
-    t = (sword64)((word64)o << 28); t0  -= t;
-    o = (t1  >> 28); t2  += o;
-    t = (sword64)((word64)o << 28); t1  -= t;
-    o = (t2  >> 28); t3  += o;
-    t = (sword64)((word64)o << 28); t2  -= t;
-    o = (t3  >> 28); t4  += o;
-    t = (sword64)((word64)o << 28); t3  -= t;
-    o = (t4  >> 28); t5  += o;
-    t = (sword64)((word64)o << 28); t4  -= t;
-    o = (t5  >> 28); t6  += o;
-    t = (sword64)((word64)o << 28); t5  -= t;
-    o = (t6  >> 28); t7  += o;
-    t = (sword64)((word64)o << 28); t6  -= t;
-    o = (t707>> 28); t8  += o;
-    t = (sword64)((word64)o << 28); t707-= t; t7 += t707;
-    o = (t7  >> 28); t8  += o;
-    t = (sword64)((word64)o << 28); t7  -= t;
-    o = (t8  >> 28); t9  += o;
-    t = (sword64)((word64)o << 28); t8  -= t;
-    o = (t9  >> 28); t10 += o;
-    t = (sword64)((word64)o << 28); t9  -= t;
-    o = (t10 >> 28); t11 += o;
-    t = (sword64)((word64)o << 28); t10 -= t;
-    o = (t11 >> 28); t12 += o;
-    t = (sword64)((word64)o << 28); t11 -= t;
-    o = (t12 >> 28); t13 += o;
-    t = (sword64)((word64)o << 28); t12 -= t;
-    o = (t13 >> 28); t14 += o;
-    t = (sword64)((word64)o << 28); t13 -= t;
-    o = (t14 >> 28); t15 += o;
-    t = (sword64)((word64)o << 28); t14 -= t;
-    o = (t15 >> 28); t0  += o;
-                     t8  += o;
-    t = (sword64)((word64)o << 28); t15 -= t;
-
-    /* Store */
-    r[0] = (sword32)t0;
-    r[1] = (sword32)t1;
-    r[2] = (sword32)t2;
-    r[3] = (sword32)t3;
-    r[4] = (sword32)t4;
-    r[5] = (sword32)t5;
-    r[6] = (sword32)t6;
-    r[7] = (sword32)t7;
-    r[8] = (sword32)t8;
-    r[9] = (sword32)t9;
-    r[10] = (sword32)t10;
-    r[11] = (sword32)t11;
-    r[12] = (sword32)t12;
-    r[13] = (sword32)t13;
-    r[14] = (sword32)t14;
-    r[15] = (sword32)t15;
-}
-
-/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to multiply.
- * b  [in]  Field element to multiply.
- */
-void fe448_mul(sword32* r, const sword32* a, const sword32* b)
-{
-    sword32 r0[16];
-    sword32 r1[16];
-    sword32* a1 = r1;
-    sword32 b1[8];
-    sword32 r2[16];
-    a1[0] = a[0] + a[8];
-    a1[1] = a[1] + a[9];
-    a1[2] = a[2] + a[10];
-    a1[3] = a[3] + a[11];
-    a1[4] = a[4] + a[12];
-    a1[5] = a[5] + a[13];
-    a1[6] = a[6] + a[14];
-    a1[7] = a[7] + a[15];
-    b1[0] = b[0] + b[8];
-    b1[1] = b[1] + b[9];
-    b1[2] = b[2] + b[10];
-    b1[3] = b[3] + b[11];
-    b1[4] = b[4] + b[12];
-    b1[5] = b[5] + b[13];
-    b1[6] = b[6] + b[14];
-    b1[7] = b[7] + b[15];
-    fe448_mul_8(r2, a + 8, b + 8);
-    fe448_mul_8(r0, a, b);
-    fe448_mul_8(r1, a1, b1);
-    r[ 0] = r0[ 0] + r2[ 0] + r1[ 8] - r0[ 8];
-    r[ 1] = r0[ 1] + r2[ 1] + r1[ 9] - r0[ 9];
-    r[ 2] = r0[ 2] + r2[ 2] + r1[10] - r0[10];
-    r[ 3] = r0[ 3] + r2[ 3] + r1[11] - r0[11];
-    r[ 4] = r0[ 4] + r2[ 4] + r1[12] - r0[12];
-    r[ 5] = r0[ 5] + r2[ 5] + r1[13] - r0[13];
-    r[ 6] = r0[ 6] + r2[ 6] + r1[14] - r0[14];
-    r[ 7] = r0[ 7] + r2[ 7] + r1[15] - r0[15];
-    r[ 8] = r2[ 8]          + r1[ 0] - r0[ 0] + r1[ 8];
-    r[ 9] = r2[ 9]          + r1[ 1] - r0[ 1] + r1[ 9];
-    r[10] = r2[10]          + r1[ 2] - r0[ 2] + r1[10];
-    r[11] = r2[11]          + r1[ 3] - r0[ 3] + r1[11];
-    r[12] = r2[12]          + r1[ 4] - r0[ 4] + r1[12];
-    r[13] = r2[13]          + r1[ 5] - r0[ 5] + r1[13];
-    r[14] = r2[14]          + r1[ 6] - r0[ 6] + r1[14];
-    r[15] = r2[15]          + r1[ 7] - r0[ 7] + r1[15];
-}
-
-/* Square a field element. r = a * a
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to square.
- */
-static WC_INLINE void fe448_sqr_8(sword32* r, const sword32* a)
-{
-    sword64 o;
-    sword64 t15;
-    sword64 t;
-    sword64 t0   =     (sword64)a[ 0] * a[ 0];
-    sword64 t1   = 2 * (sword64)a[ 0] * a[ 1];
-    sword64 t2   = 2 * (sword64)a[ 0] * a[ 2];
-    sword64 t102 =     (sword64)a[ 1] * a[ 1];
-    sword64 t3   = 2 * (sword64)a[ 0] * a[ 3];
-    sword64 t103 = 2 * (sword64)a[ 1] * a[ 2];
-    sword64 t4   = 2 * (sword64)a[ 0] * a[ 4];
-    sword64 t104 = 2 * (sword64)a[ 1] * a[ 3];
-    sword64 t204 =     (sword64)a[ 2] * a[ 2];
-    sword64 t5   = 2 * (sword64)a[ 0] * a[ 5];
-    sword64 t105 = 2 * (sword64)a[ 1] * a[ 4];
-    sword64 t205 = 2 * (sword64)a[ 2] * a[ 3];
-    sword64 t6   = 2 * (sword64)a[ 0] * a[ 6];
-    sword64 t106 = 2 * (sword64)a[ 1] * a[ 5];
-    sword64 t206 = 2 * (sword64)a[ 2] * a[ 4];
-    sword64 t306 =     (sword64)a[ 3] * a[ 3];
-    sword64 t7   = 2 * (sword64)a[ 0] * a[ 7];
-    sword64 t107 = 2 * (sword64)a[ 1] * a[ 6];
-    sword64 t207 = 2 * (sword64)a[ 2] * a[ 5];
-    sword64 t307 = 2 * (sword64)a[ 3] * a[ 4];
-    sword64 t8   = 2 * (sword64)a[ 1] * a[ 7];
-    sword64 t108 = 2 * (sword64)a[ 2] * a[ 6];
-    sword64 t208 = 2 * (sword64)a[ 3] * a[ 5];
-    sword64 t308 =     (sword64)a[ 4] * a[ 4];
-    sword64 t9   = 2 * (sword64)a[ 2] * a[ 7];
-    sword64 t109 = 2 * (sword64)a[ 3] * a[ 6];
-    sword64 t209 = 2 * (sword64)a[ 4] * a[ 5];
-    sword64 t10  = 2 * (sword64)a[ 3] * a[ 7];
-    sword64 t110 = 2 * (sword64)a[ 4] * a[ 6];
-    sword64 t210 =     (sword64)a[ 5] * a[ 5];
-    sword64 t11  = 2 * (sword64)a[ 4] * a[ 7];
-    sword64 t111 = 2 * (sword64)a[ 5] * a[ 6];
-    sword64 t12  = 2 * (sword64)a[ 5] * a[ 7];
-    sword64 t112 =     (sword64)a[ 6] * a[ 6];
-    sword64 t13  = 2 * (sword64)a[ 6] * a[ 7];
-    sword64 t14  =     (sword64)a[ 7] * a[ 7];
-    t2  += t102;
-    t3  += t103;
-    t4  += t104; t4  += t204;
-    t5  += t105; t5  += t205;
-    t6  += t106; t6  += t206; t6  += t306;
-    t7  += t107; t7  += t207;
-    t8  += t108; t8  += t208; t8  += t308;
-    t9  += t109; t9  += t209;
-    t10 += t110; t10 += t210;
-    t11 += t111;
-    t12 += t112;
-    o = t14 >> 28;
-    t15 = o;
-    t14 -= (sword64)((word64)o << 28);
-    o = (t0  >> 28); t1  += o;
-    t = (sword64)((word64)o << 28); t0  -= t;
-    o = (t1  >> 28); t2  += o;
-    t = (sword64)((word64)o << 28); t1  -= t;
-    o = (t2  >> 28); t3  += o;
-    t = (sword64)((word64)o << 28); t2  -= t;
-    o = (t3  >> 28); t4  += o;
-    t = (sword64)((word64)o << 28); t3  -= t;
-    o = (t4  >> 28); t5  += o;
-    t = (sword64)((word64)o << 28); t4  -= t;
-    o = (t5  >> 28); t6  += o;
-    t = (sword64)((word64)o << 28); t5  -= t;
-    o = (t6  >> 28); t7  += o;
-    t = (sword64)((word64)o << 28); t6  -= t;
-    o = (t307>> 28); t8  += o;
-    t = (sword64)((word64)o << 28); t307-= t; t7 += t307;
-    o = (t7  >> 28); t8  += o;
-    t = (sword64)((word64)o << 28); t7  -= t;
-    o = (t8  >> 28); t9  += o;
-    t = (sword64)((word64)o << 28); t8  -= t;
-    o = (t9  >> 28); t10 += o;
-    t = (sword64)((word64)o << 28); t9  -= t;
-    o = (t10 >> 28); t11 += o;
-    t = (sword64)((word64)o << 28); t10 -= t;
-    o = (t11 >> 28); t12 += o;
-    t = (sword64)((word64)o << 28); t11 -= t;
-    o = (t12 >> 28); t13 += o;
-    t = (sword64)((word64)o << 28); t12 -= t;
-    o = (t13 >> 28); t14 += o;
-    t = (sword64)((word64)o << 28); t13 -= t;
-    o = (t14 >> 28); t15 += o;
-    t = (sword64)((word64)o << 28); t14 -= t;
-    o = (t15 >> 28); t0  += o;
-                     t8  += o;
-    t = (sword64)((word64)o << 28); t15 -= t;
-
-    /* Store */
-    r[0] = (sword32)t0;
-    r[1] = (sword32)t1;
-    r[2] = (sword32)t2;
-    r[3] = (sword32)t3;
-    r[4] = (sword32)t4;
-    r[5] = (sword32)t5;
-    r[6] = (sword32)t6;
-    r[7] = (sword32)t7;
-    r[8] = (sword32)t8;
-    r[9] = (sword32)t9;
-    r[10] = (sword32)t10;
-    r[11] = (sword32)t11;
-    r[12] = (sword32)t12;
-    r[13] = (sword32)t13;
-    r[14] = (sword32)t14;
-    r[15] = (sword32)t15;
-}
-
-/* Square a field element. r = (a * a) mod (2^448 - 2^224 - 1)
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to square.
- */
-void fe448_sqr(sword32* r, const sword32* a)
-{
-    sword32 r0[16];
-    sword32 r1[16];
-    sword32* a1 = r1;
-    sword32 r2[16];
-    a1[0] = a[0] + a[8];
-    a1[1] = a[1] + a[9];
-    a1[2] = a[2] + a[10];
-    a1[3] = a[3] + a[11];
-    a1[4] = a[4] + a[12];
-    a1[5] = a[5] + a[13];
-    a1[6] = a[6] + a[14];
-    a1[7] = a[7] + a[15];
-    fe448_sqr_8(r2, a + 8);
-    fe448_sqr_8(r0, a);
-    fe448_sqr_8(r1, a1);
-    r[ 0] = r0[ 0] + r2[ 0] + r1[ 8] - r0[ 8];
-    r[ 1] = r0[ 1] + r2[ 1] + r1[ 9] - r0[ 9];
-    r[ 2] = r0[ 2] + r2[ 2] + r1[10] - r0[10];
-    r[ 3] = r0[ 3] + r2[ 3] + r1[11] - r0[11];
-    r[ 4] = r0[ 4] + r2[ 4] + r1[12] - r0[12];
-    r[ 5] = r0[ 5] + r2[ 5] + r1[13] - r0[13];
-    r[ 6] = r0[ 6] + r2[ 6] + r1[14] - r0[14];
-    r[ 7] = r0[ 7] + r2[ 7] + r1[15] - r0[15];
-    r[ 8] = r2[ 8]          + r1[ 0] - r0[ 0] + r1[ 8];
-    r[ 9] = r2[ 9]          + r1[ 1] - r0[ 1] + r1[ 9];
-    r[10] = r2[10]          + r1[ 2] - r0[ 2] + r1[10];
-    r[11] = r2[11]          + r1[ 3] - r0[ 3] + r1[11];
-    r[12] = r2[12]          + r1[ 4] - r0[ 4] + r1[12];
-    r[13] = r2[13]          + r1[ 5] - r0[ 5] + r1[13];
-    r[14] = r2[14]          + r1[ 6] - r0[ 6] + r1[14];
-    r[15] = r2[15]          + r1[ 7] - r0[ 7] + r1[15];
-}
-
-/* Invert the field element. (r * a) mod (2^448 - 2^224 - 1) = 1
- * Constant time implementation - using Fermat's little theorem:
- *   a^(p-1) mod p = 1 => a^(p-2) mod p = 1/a
- * For curve448: p - 2 = 2^448 - 2^224 - 3
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to invert.
- */
-void fe448_invert(sword32* r, const sword32* a)
-{
-    sword32 t1[16];
-    sword32 t2[16];
-    sword32 t3[16];
-    sword32 t4[16];
-    int i;
-
-    fe448_sqr(t1, a);
-    /* t1 = 2 */
-    fe448_mul(t1, t1, a);
-    /* t1 = 3 */
-    fe448_sqr(t2, t1); for (i = 1; i < 2; ++i) fe448_sqr(t2, t2);
-    /* t2 = c */
-    fe448_mul(t3, t2, a);
-    /* t3 = d */
-    fe448_mul(t1, t2, t1);
-    /* t1 = f */
-    fe448_sqr(t2, t1);
-    /* t2 = 1e */
-    fe448_mul(t4, t2, a);
-    /* t4 = 1f */
-    fe448_sqr(t2, t4); for (i = 1; i < 5; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3e0 */
-    fe448_mul(t1, t2, t4);
-    /* t1 = 3ff */
-    fe448_sqr(t2, t1); for (i = 1; i < 10; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffc00 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = fffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 5; ++i) fe448_sqr(t2, t2);
-    /* t2 = 1ffffe0 */
-    fe448_mul(t1, t2, t4);
-    /* t1 = 1ffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 25; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3fffffe000000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = 3ffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 5; ++i) fe448_sqr(t2, t2);
-    /* t2 = 7fffffffffffe0 */
-    fe448_mul(t1, t2, t4);
-    /* t1 = 7fffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 55; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3fffffffffffff80000000000000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = 3fffffffffffffffffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 110; ++i) fe448_sqr(t2, t2);
-    /* t2 = fffffffffffffffffffffffffffc000000000000000000000000000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 4; ++i) fe448_sqr(t2, t2);
-    /* t2 = fffffffffffffffffffffffffffffffffffffffffffffffffffffff0 */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    fe448_mul(t1, t3, a);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe */
-    fe448_sqr(t1, t1); for (i = 1; i < 224; ++i) fe448_sqr(t1, t1);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000000000000000000000000000000000000000000000000000 */
-    fe448_mul(r, t3, t1);
-    /* r = fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-}
-
-/* Scalar multiply the point by a number. r = n.a
- * Uses Montgomery ladder and only requires the x-ordinate.
- *
- * r  [in]  Field element to hold result.
- * n  [in]  Scalar as an array of bytes.
- * a  [in]  Point to multiply - x-ordinate only.
- */
-int curve448(byte* r, const byte* n, const byte* a)
-{
-    sword32 x1[16];
-    sword32 x2[16];
-    sword32 z2[16];
-    sword32 x3[16];
-    sword32 z3[16];
-    sword32 t0[16];
-    sword32 t1[16];
-    int i;
-    unsigned int swap;
-
-    fe448_from_bytes(x1, a);
-    fe448_1(x2);
-    fe448_0(z2);
-    fe448_copy(x3, x1);
-    fe448_1(z3);
-
-    swap = 0;
-    for (i = 447; i >= 0; --i) {
-        unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
-        swap ^= b;
-        fe448_cswap(x2, x3, (int)swap);
-        fe448_cswap(z2, z3, (int)swap);
-        swap = b;
-
-        /* Montgomery Ladder - double and add */
-        fe448_add(t0, x2, z2);
-        fe448_reduce(t0);
-        fe448_add(t1, x3, z3);
-        fe448_reduce(t1);
-        fe448_sub(x2, x2, z2);
-        fe448_sub(x3, x3, z3);
-        fe448_mul(t1, t1, x2);
-        fe448_mul(z3, x3, t0);
-        fe448_sqr(t0, t0);
-        fe448_sqr(x2, x2);
-        fe448_add(x3, z3, t1);
-        fe448_reduce(x3);
-        fe448_sqr(x3, x3);
-        fe448_sub(z3, z3, t1);
-        fe448_sqr(z3, z3);
-        fe448_mul(z3, z3, x1);
-        fe448_sub(t1, t0, x2);
-        fe448_mul(x2, t0, x2);
-        fe448_mul39081(z2, t1);
-        fe448_add(z2, t0, z2);
-        fe448_mul(z2, z2, t1);
-    }
-    /* Last two bits are 0 - no final swap check required. */
-
-    fe448_invert(z2, z2);
-    fe448_mul(x2, x2, z2);
-    fe448_to_bytes(r, x2);
-
-    return 0;
-}
-
-#ifdef HAVE_ED448
-/* Check whether field element is not 0.
- * Must convert to a normalized form before checking.
- *
- * a  [in]  Field element.
- * returns 0 when zero, and any other value otherwise.
- */
-int fe448_isnonzero(const sword32* a)
-{
-    byte b[56];
-    int i;
-    byte c = 0;
-    fe448_to_bytes(b, a);
-    for (i = 0; i < 56; i++)
-        c |= b[i];
-    return c;
-}
-
-/* Check whether field element is negative.
- * Must convert to a normalized form before checking.
- *
- * a  [in]  Field element.
- * returns 1 when negative, and 0 otherwise.
- */
-int fe448_isnegative(const sword32* a)
-{
-    byte b[56];
-    fe448_to_bytes(b, a);
-    return b[0] & 1;
-}
-
-/* Negates the field element. r = -a
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element.
- */
-void fe448_neg(sword32* r, const sword32* a)
-{
-    r[0] = -a[0];
-    r[1] = -a[1];
-    r[2] = -a[2];
-    r[3] = -a[3];
-    r[4] = -a[4];
-    r[5] = -a[5];
-    r[6] = -a[6];
-    r[7] = -a[7];
-    r[8] = -a[8];
-    r[9] = -a[9];
-    r[10] = -a[10];
-    r[11] = -a[11];
-    r[12] = -a[12];
-    r[13] = -a[13];
-    r[14] = -a[14];
-    r[15] = -a[15];
-}
-
-/* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calculating y-ordinate from x-ordinate for Ed448.
- *
- * r  [in]  Field element to hold result.
- * a  [in]  Field element to exponentiate.
- */
-void fe448_pow_2_446_222_1(sword32* r, const sword32* a)
-{
-    sword32 t1[16];
-    sword32 t2[16];
-    sword32 t3[16];
-    sword32 t4[16];
-    sword32 t5[16];
-    int i;
-
-    fe448_sqr(t3, a);
-    /* t3 = 2 */
-    fe448_mul(t1, t3, a);
-    /* t1 = 3 */
-    fe448_sqr(t5, t1);
-    /* t5 = 6 */
-    fe448_mul(t5, t5, a);
-    /* t5 = 7 */
-    fe448_sqr(t2, t1); for (i = 1; i < 2; ++i) fe448_sqr(t2, t2);
-    /* t2 = c */
-    fe448_mul(t3, t2, t3);
-    /* t3 = e */
-    fe448_mul(t1, t2, t1);
-    /* t1 = f */
-    fe448_sqr(t2, t1); for (i = 1; i < 3; ++i) fe448_sqr(t2, t2);
-    /* t2 = 78 */
-    fe448_mul(t5, t2, t5);
-    /* t5 = 7f */
-    fe448_sqr(t2, t1); for (i = 1; i < 4; ++i) fe448_sqr(t2, t2);
-    /* t2 = f0 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = ff */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fe */
-    fe448_sqr(t2, t1); for (i = 1; i < 7; ++i) fe448_sqr(t2, t2);
-    /* t2 = 7f80 */
-    fe448_mul(t5, t2, t5);
-    /* t5 = 7fff */
-    fe448_sqr(t2, t1); for (i = 1; i < 8; ++i) fe448_sqr(t2, t2);
-    /* t2 = ff00 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = ffff */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffe */
-    fe448_sqr(t2, t5); for (i = 1; i < 15; ++i) fe448_sqr(t2, t2);
-    /* t2 = 3fff8000 */
-    fe448_mul(t5, t2, t5);
-    /* t5 = 3fffffff */
-    fe448_sqr(t2, t1); for (i = 1; i < 16; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffff0000 */
-    fe448_mul(t1, t2, t1);
-    /* t1 = ffffffff */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffffffe */
-    fe448_sqr(t2, t1); for (i = 1; i < 32; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffffffff00000000 */
-    fe448_mul(t2, t2, t1);
-    /* t2 = ffffffffffffffff */
-    fe448_sqr(t1, t2); for (i = 1; i < 64; ++i) fe448_sqr(t1, t1);
-    /* t1 = ffffffffffffffff0000000000000000 */
-    fe448_mul(t1, t1, t2);
-    /* t1 = ffffffffffffffffffffffffffffffff */
-    fe448_sqr(t1, t1); for (i = 1; i < 64; ++i) fe448_sqr(t1, t1);
-    /* t1 = ffffffffffffffffffffffffffffffff0000000000000000 */
-    fe448_mul(t4, t1, t2);
-    /* t4 = ffffffffffffffffffffffffffffffffffffffffffffffff */
-    fe448_sqr(t2, t4); for (i = 1; i < 32; ++i) fe448_sqr(t2, t2);
-    /* t2 = ffffffffffffffffffffffffffffffffffffffffffffffff00000000 */
-    fe448_mul(t3, t3, t2);
-    /* t3 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe */
-    fe448_sqr(t1, t3); for (i = 1; i < 192; ++i) fe448_sqr(t1, t1);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffe000000000000000000000000000000000000000000000000 */
-    fe448_mul(t1, t1, t4);
-    /* t1 = fffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffff */
-    fe448_sqr(t1, t1); for (i = 1; i < 30; ++i) fe448_sqr(t1, t1);
-    /* t1 = 3fffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffffffffffffffffffffffffffffffffffffffffffc0000000 */
-    fe448_mul(r, t5, t1);
-    /* r = 3fffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-}
-
-/* Constant time, conditional move of b into a.
- * a is not changed if the condition is 0.
- *
- * a  A field element.
- * b  A field element.
- * c  If 1 then copy and if 0 then don't copy.
- */
-void fe448_cmov(sword32* a, const sword32* b, int c)
-{
-    sword32 m = -(sword32)c;
-    sword32 t0 = m & (a[0] ^ b[0]);
-    sword32 t1 = m & (a[1] ^ b[1]);
-    sword32 t2 = m & (a[2] ^ b[2]);
-    sword32 t3 = m & (a[3] ^ b[3]);
-    sword32 t4 = m & (a[4] ^ b[4]);
-    sword32 t5 = m & (a[5] ^ b[5]);
-    sword32 t6 = m & (a[6] ^ b[6]);
-    sword32 t7 = m & (a[7] ^ b[7]);
-    sword32 t8 = m & (a[8] ^ b[8]);
-    sword32 t9 = m & (a[9] ^ b[9]);
-    sword32 t10 = m & (a[10] ^ b[10]);
-    sword32 t11 = m & (a[11] ^ b[11]);
-    sword32 t12 = m & (a[12] ^ b[12]);
-    sword32 t13 = m & (a[13] ^ b[13]);
-    sword32 t14 = m & (a[14] ^ b[14]);
-    sword32 t15 = m & (a[15] ^ b[15]);
-
-    a[0] ^= t0;
-    a[1] ^= t1;
-    a[2] ^= t2;
-    a[3] ^= t3;
-    a[4] ^= t4;
-    a[5] ^= t5;
-    a[6] ^= t6;
-    a[7] ^= t7;
-    a[8] ^= t8;
-    a[9] ^= t9;
-    a[10] ^= t10;
-    a[11] ^= t11;
-    a[12] ^= t12;
-    a[13] ^= t13;
-    a[14] ^= t14;
-    a[15] ^= t15;
-}
-
-#endif /* HAVE_ED448 */
-#endif
-
-#endif /* HAVE_CURVE448 || HAVE_ED448 */
diff --git a/src/ssl/wolfssl/wolfcrypt/fe_low_mem.c b/src/ssl/wolfssl/wolfcrypt/fe_low_mem.c
deleted file mode 100644
index d2b2d8ae8..000000000
--- a/src/ssl/wolfssl/wolfcrypt/fe_low_mem.c
+++ /dev/null
@@ -1,606 +0,0 @@
-/* fe_low_mem.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/* Based from Daniel Beer's public domain work. */
-
-#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
-#if defined(CURVE25519_SMALL) || defined(ED25519_SMALL) /* use slower code that takes less memory */
-
-#include <wolfssl/wolfcrypt/fe_operations.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-void fprime_copy(byte *x, const byte *a)
-{
-    int i;
-    for (i = 0; i < F25519_SIZE; i++)
-        x[i] = a[i];
-}
-
-
-void lm_copy(byte* x, const byte* a)
-{
-    int i;
-    for (i = 0; i < F25519_SIZE; i++)
-        x[i] = a[i];
-}
-
-#if ((defined(HAVE_CURVE25519) && !defined(CURVE25519_SMALL)) || \
-    (defined(HAVE_ED25519) && !defined(ED25519_SMALL))) &&      \
-    !defined(FREESCALE_LTC_ECC)
-    /* to be Complementary to fe_low_mem.c */
-#else
-void fe_init(void)
-{
-}
-#endif
-
-#ifdef CURVE25519_SMALL
-
-/* Double an X-coordinate */
-static void xc_double(byte *x3, byte *z3,
-                      const byte *x1, const byte *z1)
-{
-    /* Explicit formulas database: dbl-1987-m
-     *
-     * source 1987 Montgomery "Speeding the Pollard and elliptic
-     *   curve methods of factorization", page 261, fourth display
-     * compute X3 = (X1^2-Z1^2)^2
-     * compute Z3 = 4 X1 Z1 (X1^2 + a X1 Z1 + Z1^2)
-     */
-    byte x1sq[F25519_SIZE];
-    byte z1sq[F25519_SIZE];
-    byte x1z1[F25519_SIZE];
-    byte a[F25519_SIZE];
-
-    fe_mul__distinct(x1sq, x1, x1);
-    fe_mul__distinct(z1sq, z1, z1);
-    fe_mul__distinct(x1z1, x1, z1);
-
-    lm_sub(a, x1sq, z1sq);
-    fe_mul__distinct(x3, a, a);
-
-    fe_mul_c(a, x1z1, 486662);
-    lm_add(a, x1sq, a);
-    lm_add(a, z1sq, a);
-    fe_mul__distinct(x1sq, x1z1, a);
-    fe_mul_c(z3, x1sq, 4);
-}
-
-
-/* Differential addition */
-static void xc_diffadd(byte *x5, byte *z5,
-                       const byte *x1, const byte *z1,
-                       const byte *x2, const byte *z2,
-                       const byte *x3, const byte *z3)
-{
-    /* Explicit formulas database: dbl-1987-m3
-     *
-     * source 1987 Montgomery "Speeding the Pollard and elliptic curve
-     *   methods of factorization", page 261, fifth display, plus
-     *   common-subexpression elimination
-     * compute A = X2+Z2
-     * compute B = X2-Z2
-     * compute C = X3+Z3
-     * compute D = X3-Z3
-     * compute DA = D A
-     * compute CB = C B
-     * compute X5 = Z1(DA+CB)^2
-     * compute Z5 = X1(DA-CB)^2
-     */
-    byte da[F25519_SIZE];
-    byte cb[F25519_SIZE];
-    byte a[F25519_SIZE];
-    byte b[F25519_SIZE];
-
-    lm_add(a, x2, z2);
-    lm_sub(b, x3, z3); /* D */
-    fe_mul__distinct(da, a, b);
-
-    lm_sub(b, x2, z2);
-    lm_add(a, x3, z3); /* C */
-    fe_mul__distinct(cb, a, b);
-
-    lm_add(a, da, cb);
-    fe_mul__distinct(b, a, a);
-    fe_mul__distinct(x5, z1, b);
-
-    lm_sub(a, da, cb);
-    fe_mul__distinct(b, a, a);
-    fe_mul__distinct(z5, x1, b);
-}
-
-#ifndef FREESCALE_LTC_ECC
-int curve25519(byte *result, const byte *n, const byte *p)
-{
-    /* Current point: P_m */
-    byte xm[F25519_SIZE];
-    byte zm[F25519_SIZE] = {1};
-
-    /* Predecessor: P_(m-1) */
-    byte xm1[F25519_SIZE] = {1};
-    byte zm1[F25519_SIZE] = {0};
-
-    int i;
-
-    /* Note: bit 254 is assumed to be 1 */
-    lm_copy(xm, p);
-
-    for (i = 253; i >= 0; i--) {
-        const int bit = (n[i >> 3] >> (i & 7)) & 1;
-        byte xms[F25519_SIZE];
-        byte zms[F25519_SIZE];
-
-        /* From P_m and P_(m-1), compute P_(2m) and P_(2m-1) */
-        xc_diffadd(xm1, zm1, p, f25519_one, xm, zm, xm1, zm1);
-        xc_double(xm, zm, xm, zm);
-
-        /* Compute P_(2m+1) */
-        xc_diffadd(xms, zms, xm1, zm1, xm, zm, p, f25519_one);
-
-        /* Select:
-         *   bit = 1 --> (P_(2m+1), P_(2m))
-         *   bit = 0 --> (P_(2m), P_(2m-1))
-         */
-        fe_select(xm1, xm1, xm, bit);
-        fe_select(zm1, zm1, zm, bit);
-        fe_select(xm, xm, xms, bit);
-        fe_select(zm, zm, zms, bit);
-    }
-
-    /* Freeze out of projective coordinates */
-    fe_inv__distinct(zm1, zm);
-    fe_mul__distinct(result, zm1, xm);
-    fe_normalize(result);
-    return 0;
-}
-#endif /* !FREESCALE_LTC_ECC */
-#endif /* CURVE25519_SMALL */
-
-
-static void raw_add(byte *x, const byte *p)
-{
-    word16 c = 0;
-    int i;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += ((word16)x[i]) + ((word16)p[i]);
-        x[i] = (byte)c;
-        c >>= 8;
-    }
-}
-
-
-static void raw_try_sub(byte *x, const byte *p)
-{
-    byte minusp[F25519_SIZE];
-    word16 c = 0;
-    int i;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c = ((word16)x[i]) - ((word16)p[i]) - c;
-        minusp[i] = (byte)c;
-        c = (c >> 8) & 1;
-    }
-
-    fprime_select(x, minusp, x, (byte)c);
-}
-
-
-static int prime_msb(const byte *p)
-{
-    int i;
-    byte x;
-    int shift = 1;
-    int z     = F25519_SIZE - 1;
-
-    /*
-       Test for any hot bits.
-       As soon as one instance is encountered set shift to 0.
-    */
-    for (i = F25519_SIZE - 1; i >= 0; i--) {
-        shift &= ((shift ^ ((-p[i] | p[i]) >> 7)) & 1);
-        z -= shift;
-    }
-    x = p[z];
-    z <<= 3;
-    shift = 1;
-    for (i = 0; i < 8; i++) {
-        shift &= ((-(x >> i) | (x >> i)) >> (7 - i) & 1);
-        z += shift;
-    }
-
-    return z - 1;
-}
-
-
-void fprime_select(byte *dst, const byte *zero, const byte *one, byte condition)
-{
-    const byte mask = -condition;
-    int i;
-
-    for (i = 0; i < F25519_SIZE; i++)
-        dst[i] = zero[i] ^ (mask & (one[i] ^ zero[i]));
-}
-
-
-void fprime_add(byte *r, const byte *a, const byte *modulus)
-{
-    raw_add(r, a);
-    raw_try_sub(r, modulus);
-}
-
-
-void fprime_sub(byte *r, const byte *a, const byte *modulus)
-{
-    raw_add(r, modulus);
-    raw_try_sub(r, a);
-    raw_try_sub(r, modulus);
-}
-
-
-void fprime_mul(byte *r, const byte *a, const byte *b,
-                const byte *modulus)
-{
-    word16 c = 0;
-    int i,j;
-
-    XMEMSET(r, 0, F25519_SIZE);
-
-    for (i = prime_msb(modulus); i >= 0; i--) {
-        const byte bit = (b[i >> 3] >> (i & 7)) & 1;
-        byte plusa[F25519_SIZE];
-
-        for (j = 0; j < F25519_SIZE; j++) {
-            c |= ((word16)r[j]) << 1;
-            r[j] = (byte)c;
-            c >>= 8;
-        }
-        raw_try_sub(r, modulus);
-
-        fprime_copy(plusa, r);
-        fprime_add(plusa, a, modulus);
-
-        fprime_select(r, r, plusa, bit);
-    }
-}
-
-
-void fe_load(byte *x, word32 c)
-{
-    word32 i;
-
-    for (i = 0; i < sizeof(c); i++) {
-        x[i] = c;
-        c >>= 8;
-    }
-
-    for (; i < F25519_SIZE; i++)
-        x[i] = 0;
-}
-
-
-void fe_normalize(byte *x)
-{
-    byte minusp[F25519_SIZE];
-    word16 c;
-    int i;
-
-    /* Reduce using 2^255 = 19 mod p */
-    c = (x[31] >> 7) * 19;
-    x[31] &= 127;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += x[i];
-        x[i] = (byte)c;
-        c >>= 8;
-    }
-
-    /* The number is now less than 2^255 + 18, and therefore less than
-     * 2p. Try subtracting p, and conditionally load the subtracted
-     * value if underflow did not occur.
-     */
-    c = 19;
-
-    for (i = 0; i + 1 < F25519_SIZE; i++) {
-        c += x[i];
-        minusp[i] = (byte)c;
-        c >>= 8;
-    }
-
-    c += ((word16)x[i]) - 128;
-    minusp[31] = (byte)c;
-
-    /* Load x-p if no underflow */
-    fe_select(x, minusp, x, (c >> 15) & 1);
-}
-
-
-void fe_select(byte *dst,
-               const byte *zero, const byte *one,
-               byte condition)
-{
-    const byte mask = -condition;
-    int i;
-
-    for (i = 0; i < F25519_SIZE; i++)
-        dst[i] = zero[i] ^ (mask & (one[i] ^ zero[i]));
-}
-
-
-void lm_add(byte* r, const byte* a, const byte* b)
-{
-    word16 c = 0;
-    int i;
-
-    /* Add */
-    for (i = 0; i < F25519_SIZE; i++) {
-        c >>= 8;
-        c += ((word16)a[i]) + ((word16)b[i]);
-        r[i] = (byte)c;
-    }
-
-    /* Reduce with 2^255 = 19 mod p */
-    r[31] &= 127;
-    c = (c >> 7) * 19;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += r[i];
-        r[i] = (byte)c;
-        c >>= 8;
-    }
-}
-
-
-void lm_sub(byte* r, const byte* a, const byte* b)
-{
-    word32 c = 0;
-    int i;
-
-    /* Calculate a + 2p - b, to avoid underflow */
-    c = 218;
-    for (i = 0; i + 1 < F25519_SIZE; i++) {
-        c += 65280 + ((word32)a[i]) - ((word32)b[i]);
-        r[i] = c;
-        c >>= 8;
-    }
-
-    c += ((word32)a[31]) - ((word32)b[31]);
-    r[31] = c & 127;
-    c = (c >> 7) * 19;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += r[i];
-        r[i] = c;
-        c >>= 8;
-    }
-}
-
-
-void lm_neg(byte* r, const byte* a)
-{
-    word32 c = 0;
-    int i;
-
-    /* Calculate 2p - a, to avoid underflow */
-    c = 218;
-    for (i = 0; i + 1 < F25519_SIZE; i++) {
-        c += 65280 - ((word32)a[i]);
-        r[i] = c;
-        c >>= 8;
-    }
-
-    c -= ((word32)a[31]);
-    r[31] = c & 127;
-    c = (c >> 7) * 19;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += r[i];
-        r[i] = c;
-        c >>= 8;
-    }
-}
-
-
-void fe_mul__distinct(byte *r, const byte *a, const byte *b)
-{
-    word32 c = 0;
-    int i;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        int j;
-
-        c >>= 8;
-        for (j = 0; j <= i; j++)
-            c += ((word32)a[j]) * ((word32)b[i - j]);
-
-        for (; j < F25519_SIZE; j++)
-            c += ((word32)a[j]) *
-                ((word32)b[i + F25519_SIZE - j]) * 38;
-
-        r[i] = c;
-    }
-
-    r[31] &= 127;
-    c = (c >> 7) * 19;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += r[i];
-        r[i] = c;
-        c >>= 8;
-    }
-}
-
-
-void lm_mul(byte *r, const byte* a, const byte *b)
-{
-    byte tmp[F25519_SIZE];
-
-    fe_mul__distinct(tmp, a, b);
-    lm_copy(r, tmp);
-}
-
-
-void fe_mul_c(byte *r, const byte *a, word32 b)
-{
-    word32 c = 0;
-    int i;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c >>= 8;
-        c += b * ((word32)a[i]);
-        r[i] = c;
-    }
-
-    r[31] &= 127;
-    c >>= 7;
-    c *= 19;
-
-    for (i = 0; i < F25519_SIZE; i++) {
-        c += r[i];
-        r[i] = c;
-        c >>= 8;
-    }
-}
-
-
-void fe_inv__distinct(byte *r, const byte *x)
-{
-    byte s[F25519_SIZE];
-    int i;
-
-    /* This is a prime field, so by Fermat's little theorem:
-     *
-     *     x^(p-1) = 1 mod p
-     *
-     * Therefore, raise to (p-2) = 2^255-21 to get a multiplicative
-     * inverse.
-     *
-     * This is a 255-bit binary number with the digits:
-     *
-     *     11111111... 01011
-     *
-     * We compute the result by the usual binary chain, but
-     * alternate between keeping the accumulator in r and s, so as
-     * to avoid copying temporaries.
-     */
-
-    /* 1 1 */
-    fe_mul__distinct(s, x, x);
-    fe_mul__distinct(r, s, x);
-
-    /* 1 x 248 */
-    for (i = 0; i < 248; i++) {
-        fe_mul__distinct(s, r, r);
-        fe_mul__distinct(r, s, x);
-    }
-
-    /* 0 */
-    fe_mul__distinct(s, r, r);
-
-    /* 1 */
-    fe_mul__distinct(r, s, s);
-    fe_mul__distinct(s, r, x);
-
-    /* 0 */
-    fe_mul__distinct(r, s, s);
-
-    /* 1 */
-    fe_mul__distinct(s, r, r);
-    fe_mul__distinct(r, s, x);
-
-    /* 1 */
-    fe_mul__distinct(s, r, r);
-    fe_mul__distinct(r, s, x);
-}
-
-
-void lm_invert(byte *r, const byte *x)
-{
-    byte tmp[F25519_SIZE];
-
-    fe_inv__distinct(tmp, x);
-    lm_copy(r, tmp);
-}
-
-
-/* Raise x to the power of (p-5)/8 = 2^252-3, using s for temporary
- * storage.
- */
-static void exp2523(byte *r, const byte *x, byte *s)
-{
-    int i;
-
-    /* This number is a 252-bit number with the binary expansion:
-     *
-     *     111111... 01
-     */
-
-    /* 1 1 */
-    fe_mul__distinct(r, x, x);
-    fe_mul__distinct(s, r, x);
-
-    /* 1 x 248 */
-    for (i = 0; i < 248; i++) {
-        fe_mul__distinct(r, s, s);
-        fe_mul__distinct(s, r, x);
-    }
-
-    /* 0 */
-    fe_mul__distinct(r, s, s);
-
-    /* 1 */
-    fe_mul__distinct(s, r, r);
-    fe_mul__distinct(r, s, x);
-}
-
-
-void fe_sqrt(byte *r, const byte *a)
-{
-    byte v[F25519_SIZE];
-    byte i[F25519_SIZE];
-    byte x[F25519_SIZE];
-    byte y[F25519_SIZE];
-
-    /* v = (2a)^((p-5)/8) [x = 2a] */
-    fe_mul_c(x, a, 2);
-    exp2523(v, x, y);
-
-    /* i = 2av^2 - 1 */
-    fe_mul__distinct(y, v, v);
-    fe_mul__distinct(i, x, y);
-    fe_load(y, 1);
-    lm_sub(i, i, y);
-
-    /* r = avi */
-    fe_mul__distinct(x, v, a);
-    fe_mul__distinct(r, x, i);
-}
-
-#endif /* CURVE25519_SMALL || ED25519_SMALL */
-#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
diff --git a/src/ssl/wolfssl/wolfcrypt/fe_x25519_128.h b/src/ssl/wolfssl/wolfcrypt/fe_x25519_128.h
deleted file mode 100644
index 554477908..000000000
--- a/src/ssl/wolfssl/wolfcrypt/fe_x25519_128.h
+++ /dev/null
@@ -1,699 +0,0 @@
-/* fe_x25519_128.h
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Generated using (from wolfssl):
- *   cd ../scripts
- *   ruby ./x25519/fe_x25519_128_gen.rb > ../wolfssl/wolfcrypt/src/fe_x25519_128.h
- */
-
-void fe_init(void)
-{
-}
-
-/* Convert a number represented as an array of bytes to an array of words with
- * 51-bits of data in each word.
- *
- * in   An array of bytes.
- * out  An array of words.
- */
-void fe_frombytes(fe out, const unsigned char *in)
-{
-    out[0] = (sword64)(
-             (((word64)((in[ 0]      )       ))      )
-           | (((word64)((in[ 1]      )       )) <<  8)
-           | (((word64)((in[ 2]      )       )) << 16)
-           | (((word64)((in[ 3]      )       )) << 24)
-           | (((word64)((in[ 4]      )       )) << 32)
-           | (((word64)((in[ 5]      )       )) << 40)
-           | (((word64)((in[ 6]      ) & 0x07)) << 48));
-    out[1] = (sword64)(
-             (((word64)((in[ 6] >>  3) & 0x1f))      )
-           | (((word64)((in[ 7]      )       )) <<  5)
-           | (((word64)((in[ 8]      )       )) << 13)
-           | (((word64)((in[ 9]      )       )) << 21)
-           | (((word64)((in[10]      )       )) << 29)
-           | (((word64)((in[11]      )       )) << 37)
-           | (((word64)((in[12]      ) & 0x3f)) << 45));
-    out[2] = (sword64)(
-             (((word64)((in[12] >>  6) & 0x03))      )
-           | (((word64)((in[13]      )       )) <<  2)
-           | (((word64)((in[14]      )       )) << 10)
-           | (((word64)((in[15]      )       )) << 18)
-           | (((word64)((in[16]      )       )) << 26)
-           | (((word64)((in[17]      )       )) << 34)
-           | (((word64)((in[18]      )       )) << 42)
-           | (((word64)((in[19]      ) & 0x01)) << 50));
-    out[3] = (sword64)(
-             (((word64)((in[19] >>  1) & 0x7f))      )
-           | (((word64)((in[20]      )       )) <<  7)
-           | (((word64)((in[21]      )       )) << 15)
-           | (((word64)((in[22]      )       )) << 23)
-           | (((word64)((in[23]      )       )) << 31)
-           | (((word64)((in[24]      )       )) << 39)
-           | (((word64)((in[25]      ) & 0x0f)) << 47));
-    out[4] = (sword64)(
-             (((word64)((in[25] >>  4) & 0x0f))      )
-           | (((word64)((in[26]      )       )) <<  4)
-           | (((word64)((in[27]      )       )) << 12)
-           | (((word64)((in[28]      )       )) << 20)
-           | (((word64)((in[29]      )       )) << 28)
-           | (((word64)((in[30]      )       )) << 36)
-           | (((word64)((in[31]      ) & 0x7f)) << 44));
-}
-
-/* Convert a number represented as an array of words to an array of bytes.
- * The array of words is normalized to an array of 51-bit data words and if
- * greater than the mod, modulo reduced by the prime 2^255 - 1.
- *
- * n    An array of words.
- * out  An array of bytes.
- */
-void fe_tobytes(unsigned char *out, const fe n)
-{
-    fe      in;
-    sword64 c;
-
-    in[0] = n[0];
-    in[1] = n[1];
-    in[2] = n[2];
-    in[3] = n[3];
-    in[4] = n[4];
-
-    /* Normalize to 51-bits of data per word. */
-    in[0] += (in[4] >> 51) * 19; in[4] &= 0x7ffffffffffff;
-
-    in[1] += in[0] >> 51; in[0] &= 0x7ffffffffffff;
-    in[2] += in[1] >> 51; in[1] &= 0x7ffffffffffff;
-    in[3] += in[2] >> 51; in[2] &= 0x7ffffffffffff;
-    in[4] += in[3] >> 51; in[3] &= 0x7ffffffffffff;
-    in[0] += (in[4] >> 51) * 19;
-    in[4] &= 0x7ffffffffffff;
-
-    c = (in[0] + 19) >> 51;
-    c = (in[1] + c) >> 51;
-    c = (in[2] + c) >> 51;
-    c = (in[3] + c) >> 51;
-    c = (in[4] + c) >> 51;
-    in[0] += c * 19;
-    in[1] += in[0] >> 51; in[0] &= 0x7ffffffffffff;
-    in[2] += in[1] >> 51; in[1] &= 0x7ffffffffffff;
-    in[3] += in[2] >> 51; in[2] &= 0x7ffffffffffff;
-    in[4] += in[3] >> 51; in[3] &= 0x7ffffffffffff;
-    in[4] &= 0x7ffffffffffff;
-
-    out[ 0] = (((byte)((in[0]      )       ))      );
-    out[ 1] = (((byte)((in[0] >>  8)       ))      );
-    out[ 2] = (((byte)((in[0] >> 16)       ))      );
-    out[ 3] = (((byte)((in[0] >> 24)       ))      );
-    out[ 4] = (((byte)((in[0] >> 32)       ))      );
-    out[ 5] = (((byte)((in[0] >> 40)       ))      );
-    out[ 6] = (byte)((((byte)((in[0] >> 48) & 0x07))      )
-                   | (((byte)((in[1]      ) & 0x1f)) <<  3));
-    out[ 7] = (((byte)((in[1] >>  5)       ))      );
-    out[ 8] = (((byte)((in[1] >> 13)       ))      );
-    out[ 9] = (((byte)((in[1] >> 21)       ))      );
-    out[10] = (((byte)((in[1] >> 29)       ))      );
-    out[11] = (((byte)((in[1] >> 37)       ))      );
-    out[12] = (byte)((((byte)((in[1] >> 45) & 0x3f))      )
-                   | (((byte)((in[2]      ) & 0x03)) <<  6));
-    out[13] = (((byte)((in[2] >>  2)       ))      );
-    out[14] = (((byte)((in[2] >> 10)       ))      );
-    out[15] = (((byte)((in[2] >> 18)       ))      );
-    out[16] = (((byte)((in[2] >> 26)       ))      );
-    out[17] = (((byte)((in[2] >> 34)       ))      );
-    out[18] = (((byte)((in[2] >> 42)       ))      );
-    out[19] = (byte)((((byte)((in[2] >> 50) & 0x01))      )
-                   | (((byte)((in[3]      ) & 0x7f)) <<  1));
-    out[20] = (((byte)((in[3] >>  7)       ))      );
-    out[21] = (((byte)((in[3] >> 15)       ))      );
-    out[22] = (((byte)((in[3] >> 23)       ))      );
-    out[23] = (((byte)((in[3] >> 31)       ))      );
-    out[24] = (((byte)((in[3] >> 39)       ))      );
-    out[25] = (byte)((((byte)((in[3] >> 47) & 0x0f))      )
-                   | (((byte)((in[4]      ) & 0x0f)) <<  4));
-    out[26] = (((byte)((in[4] >>  4)       ))      );
-    out[27] = (((byte)((in[4] >> 12)       ))      );
-    out[28] = (((byte)((in[4] >> 20)       ))      );
-    out[29] = (((byte)((in[4] >> 28)       ))      );
-    out[30] = (((byte)((in[4] >> 36)       ))      );
-    out[31] = (((byte)((in[4] >> 44) & 0x7f))      );
-}
-
-/* Set the field element to 1.
- *
- * n  The field element number.
- */
-void fe_1(fe n)
-{
-    n[0] = 0x0000000000001;
-    n[1] = 0x0000000000000;
-    n[2] = 0x0000000000000;
-    n[3] = 0x0000000000000;
-    n[4] = 0x0000000000000;
-}
-
-/* Set the field element to 0.
- *
- * n  The field element number.
- */
-void fe_0(fe n)
-{
-    n[0] = 0x0000000000000;
-    n[1] = 0x0000000000000;
-    n[2] = 0x0000000000000;
-    n[3] = 0x0000000000000;
-    n[4] = 0x0000000000000;
-}
-
-/* Copy field element a into field element r.
- *
- * r  Field element to copy into.
- * a  Field element to copy.
- */
-void fe_copy(fe r, const fe a)
-{
-    r[0] = a[0];
-    r[1] = a[1];
-    r[2] = a[2];
-    r[3] = a[3];
-    r[4] = a[4];
-}
-
-/* Constant time, conditional swap of field elements a and b.
- *
- * f  A field element.
- * g  A field element.
- * b  If 1 then swap and if 0 then don't swap.
- */
-void fe_cswap(fe f, fe g, int b)
-{
-    sword64 m = b;
-    sword64 t0, t1, t2, t3, t4;
-
-    /* Convert conditional into mask. */
-    m = -m;
-    t0 = m & (f[0] ^ g[0]);
-    t1 = m & (f[1] ^ g[1]);
-    t2 = m & (f[2] ^ g[2]);
-    t3 = m & (f[3] ^ g[3]);
-    t4 = m & (f[4] ^ g[4]);
-
-    f[0] ^= t0;
-    f[1] ^= t1;
-    f[2] ^= t2;
-    f[3] ^= t3;
-    f[4] ^= t4;
-
-    g[0] ^= t0;
-    g[1] ^= t1;
-    g[2] ^= t2;
-    g[3] ^= t3;
-    g[4] ^= t4;
-}
-
-/* Subtract b from a into r. (r = a - b)
- *
- * r  A field element.
- * a  A field element.
- * b  A field element.
- */
-void fe_sub(fe r, const fe a, const fe b)
-{
-    r[0] = a[0] - b[0];
-    r[1] = a[1] - b[1];
-    r[2] = a[2] - b[2];
-    r[3] = a[3] - b[3];
-    r[4] = a[4] - b[4];
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A field element.
- * a  A field element.
- * b  A field element.
- */
-void fe_add(fe r, const fe a, const fe b)
-{
-    r[0] = a[0] + b[0];
-    r[1] = a[1] + b[1];
-    r[2] = a[2] + b[2];
-    r[3] = a[3] + b[3];
-    r[4] = a[4] + b[4];
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A field element.
- * a  A field element.
- * b  A field element.
- */
-void fe_mul(fe r, const fe a, const fe b)
-{
-    const __int128_t k19 = 19;
-    __int128_t t0 = ((__int128_t)a[0]) * b[0];
-    __int128_t t1 = ((__int128_t)a[0]) * b[1]
-                  + ((__int128_t)a[1]) * b[0];
-    __int128_t t2 = ((__int128_t)a[0]) * b[2]
-                  + ((__int128_t)a[1]) * b[1]
-                  + ((__int128_t)a[2]) * b[0];
-    __int128_t t3 = ((__int128_t)a[0]) * b[3]
-                  + ((__int128_t)a[1]) * b[2]
-                  + ((__int128_t)a[2]) * b[1]
-                  + ((__int128_t)a[3]) * b[0];
-    __int128_t t4 = ((__int128_t)a[0]) * b[4]
-                  + ((__int128_t)a[1]) * b[3]
-                  + ((__int128_t)a[2]) * b[2]
-                  + ((__int128_t)a[3]) * b[1]
-                  + ((__int128_t)a[4]) * b[0];
-    __int128_t t5 = ((__int128_t)a[1]) * b[4]
-                  + ((__int128_t)a[2]) * b[3]
-                  + ((__int128_t)a[3]) * b[2]
-                  + ((__int128_t)a[4]) * b[1];
-    __int128_t t6 = ((__int128_t)a[2]) * b[4]
-                  + ((__int128_t)a[3]) * b[3]
-                  + ((__int128_t)a[4]) * b[2];
-    __int128_t t7 = ((__int128_t)a[3]) * b[4]
-                  + ((__int128_t)a[4]) * b[3];
-    __int128_t t8 = ((__int128_t)a[4]) * b[4];
-
-    /* Modulo reduce double long word. */
-    t0 += t5 * k19;
-    t1 += t6 * k19;
-    t2 += t7 * k19;
-    t3 += t8 * k19;
-
-    /* Normalize to 51-bits of data per word. */
-    t0 += (t4 >> 51) * k19; t4 &= 0x7ffffffffffff;
-
-    t1 += t0 >> 51; r[0] = t0 & 0x7ffffffffffff;
-    t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff;
-    t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff;
-    t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff;
-    r[0] += (sword64)((t4 >> 51) * k19);
-    r[4] = t4 & 0x7ffffffffffff;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A field element.
- * a  A field element.
- * b  A field element.
- */
-void fe_sq(fe r, const fe a)
-{
-    const __int128_t k19 = 19;
-    const __int128_t k2 = 2;
-    __int128_t t0 = ((__int128_t)a[0]) * a[0];
-    __int128_t t1 = ((__int128_t)a[0]) * a[1] * k2;
-    __int128_t t2 = ((__int128_t)a[0]) * a[2] * k2
-                  + ((__int128_t)a[1]) * a[1];
-    __int128_t t3 = ((__int128_t)a[0]) * a[3] * k2
-                  + ((__int128_t)a[1]) * a[2] * k2;
-    __int128_t t4 = ((__int128_t)a[0]) * a[4] * k2
-                  + ((__int128_t)a[1]) * a[3] * k2
-                  + ((__int128_t)a[2]) * a[2];
-    __int128_t t5 = ((__int128_t)a[1]) * a[4] * k2
-                  + ((__int128_t)a[2]) * a[3] * k2;
-    __int128_t t6 = ((__int128_t)a[2]) * a[4] * k2
-                  + ((__int128_t)a[3]) * a[3];
-    __int128_t t7 = ((__int128_t)a[3]) * a[4] * k2;
-    __int128_t t8 = ((__int128_t)a[4]) * a[4];
-
-    /* Modulo reduce double long word. */
-    t0 += t5 * k19;
-    t1 += t6 * k19;
-    t2 += t7 * k19;
-    t3 += t8 * k19;
-
-    /* Normalize to 51-bits of data per word. */
-    t0 += (t4 >> 51) * k19; t4 &= 0x7ffffffffffff;
-
-    t1 += t0 >> 51; r[0] = t0 & 0x7ffffffffffff;
-    t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff;
-    t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff;
-    t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff;
-    r[0] += (sword64)((t4 >> 51) * k19);
-    r[4] = t4 & 0x7ffffffffffff;
-}
-
-/* Multiply a by 121666 and put result in r. (r = 121666 * a)
- *
- * r  A field element.
- * a  A field element.
- * b  A field element.
- */
-void fe_mul121666(fe r, fe a)
-{
-    const __int128_t k19 = 19;
-    const __int128_t k121666 = 121666;
-    __int128_t t0 = ((__int128_t)a[0]) * k121666;
-    __int128_t t1 = ((__int128_t)a[1]) * k121666;
-    __int128_t t2 = ((__int128_t)a[2]) * k121666;
-    __int128_t t3 = ((__int128_t)a[3]) * k121666;
-    __int128_t t4 = ((__int128_t)a[4]) * k121666;
-
-    /* Normalize to 51-bits of data per word. */
-    t0 += (t4 >> 51) * k19; t4 &= 0x7ffffffffffff;
-
-    t1 += t0 >> 51; r[0] = t0 & 0x7ffffffffffff;
-    t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff;
-    t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff;
-    t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff;
-    r[0] += (sword64)((t4 >> 51) * k19);
-    r[4] = t4 & 0x7ffffffffffff;
-}
-
-/* Find the inverse of a modulo 2^255 - 1 and put result in r.
- * (r * a) mod (2^255 - 1) = 1
- * Implementation is constant time.
- *
- * r  A field element.
- * a  A field element.
- */
-void fe_invert(fe r, const fe a)
-{
-    fe  t0, t1, t2, t3;
-    int i;
-
-    /* a ^ (2^255 - 21) */
-    fe_sq(t0,  a); for (i = 1; i <   1; ++i) fe_sq(t0, t0);
-    fe_sq(t1, t0); for (i = 1; i <   2; ++i) fe_sq(t1, t1); fe_mul(t1,  a, t1);
-    fe_mul(t0, t0, t1);
-    fe_sq(t2, t0); for (i = 1; i <   1; ++i) fe_sq(t2, t2); fe_mul(t1, t1, t2);
-    fe_sq(t2, t1); for (i = 1; i <   5; ++i) fe_sq(t2, t2); fe_mul(t1, t2, t1);
-    fe_sq(t2, t1); for (i = 1; i <  10; ++i) fe_sq(t2, t2); fe_mul(t2, t2, t1);
-    fe_sq(t3, t2); for (i = 1; i <  20; ++i) fe_sq(t3, t3); fe_mul(t2, t3, t2);
-    fe_sq(t2, t2); for (i = 1; i <  10; ++i) fe_sq(t2, t2); fe_mul(t1, t2, t1);
-    fe_sq(t2, t1); for (i = 1; i <  50; ++i) fe_sq(t2, t2); fe_mul(t2, t2, t1);
-    fe_sq(t3, t2); for (i = 1; i < 100; ++i) fe_sq(t3, t3); fe_mul(t2, t3, t2);
-    fe_sq(t2, t2); for (i = 1; i <  50; ++i) fe_sq(t2, t2); fe_mul(t1, t2, t1);
-    fe_sq(t1, t1); for (i = 1; i <   5; ++i) fe_sq(t1, t1); fe_mul( r, t1, t0);
-}
-
-#ifndef CURVE25519_SMALL
-#ifndef WOLFSSL_CURVE25519_BLINDING
-/* Scalar multiply the field element a by n using Montgomery Ladder and places
- * result in r.
- *
- * r  A field element as an array of bytes.
- * n  The scalar as an array of bytes.
- * a  A field element as an array of bytes.
- */
-int curve25519(byte* r, const byte* n, const byte* a)
-{
-    fe           x1, x2, z2, x3, z3;
-    fe           t0, t1;
-    int          pos;
-    unsigned int swap;
-    unsigned int b;
-
-    fe_frombytes(x1, a);
-    fe_1(x2);
-    fe_0(z2);
-    fe_copy(x3, x1);
-    fe_1(z3);
-
-    swap = 0;
-    for (pos = 254;pos >= 0;--pos) {
-        b = (unsigned int)(n[pos / 8] >> (pos & 7));
-        b &= 1;
-        swap ^= b;
-        fe_cswap(x2, x3, (int)swap);
-        fe_cswap(z2, z3, (int)swap);
-        swap = b;
-
-        fe_sub(t0, x3, z3);
-        fe_sub(t1, x2, z2);
-        fe_add(x2, x2, z2);
-        fe_add(z2, x3, z3);
-        fe_mul(z3, t0, x2);
-        fe_mul(z2, z2, t1);
-        fe_sq(t0, t1);
-        fe_sq(t1, x2);
-        fe_add(x3, z3, z2);
-        fe_sub(z2, z3, z2);
-        fe_mul(x2, t1, t0);
-        fe_sub(t1, t1, t0);
-        fe_sq(z2, z2);
-        fe_mul121666(z3, t1);
-        fe_sq(x3, x3);
-        fe_add(t0, t0, z3);
-        fe_mul(z3, x1, z2);
-        fe_mul(z2, t1, t0);
-    }
-    fe_cswap(x2, x3, (int)swap);
-    fe_cswap(z2, z3, (int)swap);
-
-    fe_invert(z2, z2);
-    fe_mul(x2, x2, z2);
-    fe_tobytes(r, x2);
-
-    return 0;
-}
-#else
-int curve25519_blind(byte* r, const byte* n, const byte* mask, const byte* a,
-    const byte* rz)
-{
-    fe           x1, x2, z2, x3, z3;
-    fe           t0, t1;
-    int          pos;
-    unsigned int b;
-
-    fe_frombytes(x1, a);
-    fe_1(x2);
-    fe_0(z2);
-    fe_copy(x3, x1);
-    fe_frombytes(z3, rz);
-    fe_mul(x3, x3, z3);
-
-    /* mask_bits[252] */
-    b = (unsigned int)(mask[31] >> 7);
-    b &= 1;
-    fe_cswap(x2,x3,(int)b);
-    fe_cswap(z2,z3,(int)b);
-    for (pos = 255;pos >= 1;--pos) {
-        b = (unsigned int)(n[pos / 8] >> (pos & 7));
-        b &= 1;
-        fe_cswap(x2, x3, (int)b);
-        fe_cswap(z2, z3, (int)b);
-
-        /* montgomery */
-        fe_sub(t0, x3, z3);
-        fe_sub(t1, x2, z2);
-        fe_add(x2, x2, z2);
-        fe_add(z2, x3, z3);
-        fe_mul(z3, t0, x2);
-        fe_mul(z2, z2, t1);
-        fe_sq(t0, t1);
-        fe_sq(t1, x2);
-        fe_add(x3, z3, z2);
-        fe_sub(z2, z3, z2);
-        fe_mul(x2, t1, t0);
-        fe_sub(t1, t1, t0);
-        fe_sq(z2, z2);
-        fe_mul121666(z3, t1);
-        fe_sq(x3, x3);
-        fe_add(t0, t0, z3);
-        fe_mul(z3, x1, z2);
-        fe_mul(z2, t1, t0);
-
-        b = (unsigned int)(mask[(pos - 1) / 8] >> ((pos - 1) & 7));
-        b &= 1;
-        fe_cswap(x2, x3, (int)b);
-        fe_cswap(z2, z3, (int)b);
-    }
-    b = (unsigned int)(n[0] & 1);
-    fe_cswap(x2, x3, (int)b);
-    fe_cswap(z2, z3, (int)b);
-
-    fe_invert(z2, z2);
-    fe_mul(x2, x2, z2);
-    fe_tobytes(r, x2);
-
-    return 0;
-}
-#endif /* WOLFSSL_CURVE25519_BLINDING */
-#endif /* !CURVE25519_SMALL */
-
-/* The field element value 0 as an array of bytes. */
-static const unsigned char zero[32] = {0};
-
-/* Constant time check as to whether a is not 0.
- *
- * a  A field element.
- */
-int fe_isnonzero(const fe a)
-{
-    unsigned char s[32];
-    fe_tobytes(s, a);
-    return ConstantCompare(s, zero, 32);
-}
-
-/* Checks whether a is negative.
- *
- * a  A field element.
- */
-int fe_isnegative(const fe a)
-{
-    unsigned char s[32];
-    fe_tobytes(s, a);
-    return s[0] & 1;
-}
-
-/* Negates field element a and stores the result in r.
- *
- * r  A field element.
- * a  A field element.
- */
-void fe_neg(fe r, const fe a)
-{
-    r[0] = -a[0];
-    r[1] = -a[1];
-    r[2] = -a[2];
-    r[3] = -a[3];
-    r[4] = -a[4];
-}
-
-/* Constant time, conditional move of b into a.
- * a is not changed if the condition is 0.
- *
- * f  A field element.
- * g  A field element.
- * b  If 1 then copy and if 0 then don't copy.
- */
-void fe_cmov(fe f, const fe g, int b)
-{
-    sword64 m = b;
-    sword64 t0, t1, t2, t3, t4;
-
-    /* Convert conditional into mask. */
-    m = -m;
-    t0 = m & (f[0] ^ g[0]);
-    t1 = m & (f[1] ^ g[1]);
-    t2 = m & (f[2] ^ g[2]);
-    t3 = m & (f[3] ^ g[3]);
-    t4 = m & (f[4] ^ g[4]);
-
-    f[0] ^= t0;
-    f[1] ^= t1;
-    f[2] ^= t2;
-    f[3] ^= t3;
-    f[4] ^= t4;
-}
-
-void fe_pow22523(fe r, const fe a)
-{
-    fe t0, t1, t2;
-    int i;
-
-    /* a ^ (2^255 - 23) */
-    fe_sq(t0,  a); for (i = 1; i <   1; ++i) fe_sq(t0, t0);
-    fe_sq(t1, t0); for (i = 1; i <   2; ++i) fe_sq(t1, t1); fe_mul(t1,  a, t1);
-    fe_mul(t0, t0, t1);
-    fe_sq(t0, t0); for (i = 1; i <   1; ++i) fe_sq(t0, t0); fe_mul(t0, t1, t0);
-    fe_sq(t1, t0); for (i = 1; i <   5; ++i) fe_sq(t1, t1); fe_mul(t0, t1, t0);
-    fe_sq(t1, t0); for (i = 1; i <  10; ++i) fe_sq(t1, t1); fe_mul(t1, t1, t0);
-    fe_sq(t2, t1); for (i = 1; i <  20; ++i) fe_sq(t2, t2); fe_mul(t1, t2, t1);
-    fe_sq(t1, t1); for (i = 1; i <  10; ++i) fe_sq(t1, t1); fe_mul(t0, t1, t0);
-    fe_sq(t1, t0); for (i = 1; i <  50; ++i) fe_sq(t1, t1); fe_mul(t1, t1, t0);
-    fe_sq(t2, t1); for (i = 1; i < 100; ++i) fe_sq(t2, t2); fe_mul(t1, t2, t1);
-    fe_sq(t1, t1); for (i = 1; i <  50; ++i) fe_sq(t1, t1); fe_mul(t0, t1, t0);
-    fe_sq(t0, t0); for (i = 1; i <   2; ++i) fe_sq(t0, t0); fe_mul( r, t0, a);
-
-    return;
-}
-
-/* Double the square of a and put result in r. (r = 2 * a * a)
- *
- * r  A field element.
- * a  A field element.
- * b  A field element.
- */
-void fe_sq2(fe r, const fe a)
-{
-    const __int128_t k2 = 2;
-    const __int128_t k19 = 19;
-    __int128_t t0 = k2 * (((__int128_t)a[0]) * a[0]);
-    __int128_t t1 = k2 * (((__int128_t)a[0]) * a[1] * k2);
-    __int128_t t2 = k2 * (((__int128_t)a[0]) * a[2] * k2
-                  + ((__int128_t)a[1]) * a[1]);
-    __int128_t t3 = k2 * (((__int128_t)a[0]) * a[3] * k2
-                  + ((__int128_t)a[1]) * a[2] * k2);
-    __int128_t t4 = k2 * (((__int128_t)a[0]) * a[4] * k2
-                  + ((__int128_t)a[1]) * a[3] * k2
-                  + ((__int128_t)a[2]) * a[2]);
-    __int128_t t5 = k2 * (((__int128_t)a[1]) * a[4] * k2
-                  + ((__int128_t)a[2]) * a[3] * k2);
-    __int128_t t6 = k2 * (((__int128_t)a[2]) * a[4] * k2
-                  + ((__int128_t)a[3]) * a[3]);
-    __int128_t t7 = k2 * (((__int128_t)a[3]) * a[4] * k2);
-    __int128_t t8 = k2 * (((__int128_t)a[4]) * a[4]);
-
-    /* Modulo reduce double long word. */
-    t0 += t5 * k19;
-    t1 += t6 * k19;
-    t2 += t7 * k19;
-    t3 += t8 * k19;
-
-    /* Normalize to 51-bits of data per word. */
-    t0 += (t4 >> 51) * k19; t4 &= 0x7ffffffffffff;
-
-    t1 += t0 >> 51; r[0] = t0 & 0x7ffffffffffff;
-    t2 += t1 >> 51; r[1] = t1 & 0x7ffffffffffff;
-    t3 += t2 >> 51; r[2] = t2 & 0x7ffffffffffff;
-    t4 += t3 >> 51; r[3] = t3 & 0x7ffffffffffff;
-    r[0] += (sword64)((t4 >> 51) * k19);
-    r[4] = t4 & 0x7ffffffffffff;
-}
-
-/* Load 3 little endian bytes into a 64-bit word.
- *
- * in  An array of bytes.
- * returns a 64-bit word.
- */
-sword64 load_3(const unsigned char *in)
-{
-    word64 result;
-
-    result = ((((word64)in[0])      ) |
-              (((word64)in[1]) <<  8) |
-              (((word64)in[2]) << 16));
-
-    return (sword64)result;
-}
-
-/* Load 4 little endian bytes into a 64-bit word.
- *
- * in  An array of bytes.
- * returns a 64-bit word.
- */
-sword64 load_4(const unsigned char *in)
-{
-    word64 result;
-
-    result = ((((word64)in[0])      ) |
-              (((word64)in[1]) <<  8) |
-              (((word64)in[2]) << 16) |
-              (((word64)in[3]) << 24));
-
-    return (sword64)result;
-}
-
diff --git a/src/ssl/wolfssl/wolfcrypt/ge_448.c b/src/ssl/wolfssl/wolfcrypt/ge_448.c
deleted file mode 100644
index edcb3ce3a..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ge_448.c
+++ /dev/null
@@ -1,11260 +0,0 @@
-/* ge_448.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Based On Daniel J Bernstein's ed25519 Public Domain ref10 work.
- * Small implementation based on Daniel Beer's ed25519 public domain work.
- * Reworked for ed448 by Sean Parkinson.
- */
-
-/* Generated using (from wolfssl):
- *   cd ../scripts/curve448
- *   ./gen-curve448.sh
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_ED448
-
-#include <wolfssl/wolfcrypt/ge_448.h>
-#include <wolfssl/wolfcrypt/ed448.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/*
-sc means scalar.
-ge means group element.
-
-Here the group is the set of pairs (x,y) of field elements (see ge_448.h)
-satisfying -x^2 + y^2 = 1 + d x^2y^2
-where d = -39081
-
-Representations:
-  ge448_p2 (projective) :  (X:Y:Z) satisfying x=X/Z, y=Y/Z
-  ge448_precomp (affine):  (X:Y)
-*/
-
-
-#ifdef ED448_SMALL
-
-/* Base point of ed448 */
-static const ge448_p2 ed448_base = {
-    { 0x5e, 0xc0, 0x0c, 0xc7, 0x2b, 0xa8, 0x26, 0x26, 0x8e, 0x93, 0x00, 0x8b,
-      0xe1, 0x80, 0x3b, 0x43, 0x11, 0x65, 0xb6, 0x2a, 0xf7, 0x1a, 0xae, 0x12,
-      0x64, 0xa4, 0xd3, 0xa3, 0x24, 0xe3, 0x6d, 0xea, 0x67, 0x17, 0x0f, 0x47,
-      0x70, 0x65, 0x14, 0x9e, 0xda, 0x36, 0xbf, 0x22, 0xa6, 0x15, 0x1d, 0x22,
-      0xed, 0x0d, 0xed, 0x6b, 0xc6, 0x70, 0x19, 0x4f },
-    { 0x14, 0xfa, 0x30, 0xf2, 0x5b, 0x79, 0x08, 0x98, 0xad, 0xc8, 0xd7, 0x4e,
-      0x2c, 0x13, 0xbd, 0xfd, 0xc4, 0x39, 0x7c, 0xe6, 0x1c, 0xff, 0xd3, 0x3a,
-      0xd7, 0xc2, 0xa0, 0x05, 0x1e, 0x9c, 0x78, 0x87, 0x40, 0x98, 0xa3, 0x6c,
-      0x73, 0x73, 0xea, 0x4b, 0x62, 0xc7, 0xc9, 0x56, 0x37, 0x20, 0x76, 0x88,
-      0x24, 0xbc, 0xb6, 0x6e, 0x71, 0x46, 0x3f, 0x69 },
-    { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const word8 ed448_order[56] = {
-    0xf3, 0x44, 0x58, 0xab, 0x92, 0xc2, 0x78, 0x23, 0x55, 0x8f, 0xc5, 0x8d,
-    0x72, 0xc2, 0x6c, 0x21, 0x90, 0x36, 0xd6, 0xae, 0x49, 0xdb, 0x4e, 0xc4,
-    0xe9, 0x23, 0xca, 0x7c, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f,
-};
-
-/* Part of order of ed448 that needs tp be multiplied when reducing */
-static const word8 ed448_order_mul[56] = {
-    0x0d, 0xbb, 0xa7, 0x54, 0x6d, 0x3d, 0x87, 0xdc, 0xaa, 0x70, 0x3a, 0x72,
-    0x8d, 0x3d, 0x93, 0xde, 0x6f, 0xc9, 0x29, 0x51, 0xb6, 0x24, 0xb1, 0x3b,
-    0x16, 0xdc, 0x35, 0x83,
-};
-
-/* Reduce scalar mod the order of the curve.
- * Scalar Will be 114 bytes.
- *
- * Only performs a weak reduce.
- *
- * b  [in]  Scalar to reduce.
- */
-void sc448_reduce(byte* b)
-{
-    int i, j;
-    word32 t[114];
-    word8 o;
-
-    for (i = 0; i < 86; i++) {
-        t[i] = b[i];
-    }
-    for (i = 0; i < 58; i++) {
-        for (j = 0; j < 28; j++)
-            t[i+j] += b[i+56] * ((word32)ed448_order_mul[j] << 2);
-        t[i+56] = 0;
-    }
-    for (i = 54; i < 87; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    for (i = 0; i < 31; i++) {
-        for (j = 0; j < 28; j++)
-            t[i+j] += t[i+56] * ((word32)ed448_order_mul[j] << 2);
-        t[i+56] = 0;
-    }
-    for (i = 54; i < 60; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    for (i = 0; i < 4; i++) {
-        for (j = 0; j < 28; j++)
-            t[i+j] += t[i+56] * ((word32)ed448_order_mul[j] << 2);
-        t[i+56] = 0;
-    }
-    for (i = 0; i < 55; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    o = t[55] >> 6;
-    t[55] &= 0x3f;
-    for (j = 0; j < 28; j++)
-        t[j] += o * (word32)ed448_order_mul[j];
-    for (i = 0; i < 55; i++) {
-        t[i+1] += t[i] >> 8;
-        b[i] = t[i] & 0xff;
-    }
-    b[i] = t[i] & 0xff;
-    b[i+1] = 0;
-}
-
-/* Multiply a by b and add d. r = (a * b + d) mod order
- *
- * r  [in]  Scalar to hold result.
- * a  [in]  Scalar to multiply.
- * b  [in]  Scalar to multiply.
- * d  [in]  Scalar to add to multiplicative result.
- */
-void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
-{
-    int i, j;
-    word32 t[112];
-    word8 o;
-    sword16 u;
-
-    /* a * b + d */
-    for (i = 0; i < 56; i++)
-        t[i] = d[i];
-    for (i = 0; i < 56; i++) {
-        for (j = 0; j < 56; j++)
-            t[i+j] += (sword16)a[i] * b[j];
-        t[i+56] = 0;
-    }
-
-    for (i = 0; i < 111; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    for (i = 0; i < 56; i++) {
-        for (j = 0; j < 28; j++)
-            t[i+j] += t[i+56] * ((word32)ed448_order_mul[j] << 2);
-        t[i+56] = 0;
-    }
-    for (i = 54; i < 85; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    for (i = 0; i < 29; i++) {
-        for (j = 0; j < 28; j++)
-            t[i+j] += t[i+56] * ((word32)ed448_order_mul[j] << 2);
-        t[i+56] = 0;
-    }
-    for (i = 54; i < 58; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    for (i = 0; i < 2; i++) {
-        for (j = 0; j < 28; j++)
-            t[i+j] += t[i+56] * ((word32)ed448_order_mul[j] << 2);
-        t[i+56] = 0;
-    }
-    for (i = 0; i < 55; i++) {
-        t[i+1] += t[i] >> 8;
-        t[i] &= 0xff;
-    }
-    o = t[55] >> 6;
-    t[55] &= 0x3f;
-    for (j = 0; j < 28; j++)
-        t[j] += o * (word32)ed448_order_mul[j];
-    for (i = 0; i < 55; i++) {
-        t[i+1] += t[i] >> 8;
-        r[i] = t[i] & 0xff;
-    }
-    r[i] = t[i] & 0xff;
-    r[i+1] = 0;
-    /* Reduce to mod order. */
-    u = 0;
-    for (i = 0; i < 56; i++) {
-        u += r[i] - ed448_order[i]; u >>= 8;
-    }
-    o = 0 - (u >= 0);
-    u = 0;
-    for (i = 0; i < 56; i++) {
-        u += r[i] - (ed448_order[i] & o); r[i] = u & 0xff; u >>= 8;
-    }
-}
-
-/* Double the point on the Twisted Edwards curve. r = 2.p
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to double.
- */
-static WC_INLINE void ge448_dbl(ge448_p2 *r,const ge448_p2 *p)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-
-    fe448_add(t0, p->X, p->Y);    /* t0 = B1 = X1+Y1     */
-    fe448_reduce(t0);
-    fe448_sqr(t0, t0);            /* t0 = B = (X1+Y1)^2  */
-    fe448_sqr(r->X, p->X);        /* r->X = C = X1^2     */
-    fe448_sqr(r->Y, p->Y);        /* r->Y = D = Y1^2     */
-    fe448_add(t1, r->X, r->Y);    /* t1 = E = C+D        */
-    fe448_reduce(t1);
-    fe448_sub(r->Y, r->X, r->Y);  /* r->Y = Y31 = C-D    */
-    fe448_sqr(r->Z, p->Z);        /* r->Z = H = Z1^2     */
-    fe448_add(r->Z, r->Z, r->Z);  /* r->Z = J1 = 2*H     */
-    fe448_sub(r->Z, t1, r->Z);    /* r->Z = J = E-2*H    */
-    fe448_reduce(r->Z);
-    fe448_sub(r->X, t0, t1);      /* r->X = X31 = B-E    */
-    fe448_mul(r->X, r->X, r->Z);  /* r->X = X3 = (B-E)*J */
-    fe448_mul(r->Y, r->Y, t1);    /* r->Y = Y3 = E*(C-D) */
-    fe448_mul(r->Z, t1, r->Z);    /* r->Z = Z3 = E*J     */
-}
-
-/* Add two point on the Twisted Edwards curve. r = p + q
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to add.
- * q  [in]  Point to add.
- */
-static WC_INLINE void ge448_add(ge448_p2* r, const ge448_p2* p,
-                                const ge448_p2* q)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-    ge448 t2[GE448_WORDS];
-    ge448 t3[GE448_WORDS];
-    ge448 t4[GE448_WORDS];
-
-    fe448_mul(t1, p->X, q->X);      /* t1 = C = X1*X2             */
-    fe448_mul(t2, p->Y, q->Y);      /* t2 = D = Y1*Y2             */
-    fe448_mul(t3, t1, t2);          /* t3 = E1 = C*D              */
-    fe448_mul39081(t3, t3);         /* t3 = E = d*C*D             */
-    fe448_mul(r->Z, p->Z, q->Z);    /* r->Z = A = Z1*Z2           */
-    fe448_sqr(t0, r->Z);            /* t0 = B = A^2               */
-    fe448_add(t4, t0, t3);          /* t4 = F = B-(-E)            */
-    fe448_sub(t0, t0, t3);          /* t0 = G = B+(-E)            */
-    fe448_reduce(t0);
-    fe448_add(r->X, p->X, p->Y);    /* r->X = H1 = X1+Y1          */
-    fe448_reduce(r->X);
-    fe448_add(r->Y, q->X, q->Y);    /* r->Y = H2 = X2+Y2          */
-    fe448_reduce(r->Y);
-    fe448_mul(r->X, r->X, r->Y);    /* r->X = H = (X1+Y1)*(X2+Y2) */
-    fe448_sub(r->X, r->X, t1);      /* r->X = X31 = H-C           */
-    fe448_sub(r->X, r->X, t2);      /* r->X = X32 = H-C-D         */
-    fe448_reduce(r->X);
-    fe448_mul(r->X, r->X, t4);      /* r->X = X33 = F*(H-C-D)     */
-    fe448_mul(r->X, r->X, r->Z);    /* r->X = X3 = A*F*(H-C-D)    */
-    fe448_sub(r->Y, t2, t1);        /* r->Y = Y31 = D-C           */
-    fe448_reduce(r->Y);
-    fe448_mul(r->Y, r->Y, t0);      /* r->Y = Y32 = G*(D-C)       */
-    fe448_mul(r->Y, r->Y, r->Z);    /* r->Y = Y3 = A*F*(D-C)      */
-    fe448_mul(r->Z, t4, t0);        /* r->Z = Z3 = F*G            */
-}
-
-/* Convert point to byte array assuming projective ordinates.
- *
- * b  [in]  Array of bytes to hold compressed point.
- * p  [in]  Point to convert.
- */
-void ge448_to_bytes(byte *s, const ge448_p2 *h)
-{
-    ge448 recip[56];
-    ge448 x[56];
-
-    fe448_invert(recip, h->Z);
-    fe448_mul(x, h->X, recip);
-    fe448_mul(s, h->Y, recip);
-    fe448_norm(x);
-    fe448_norm(s);
-    s[56] = (byte)(x[0] & 1) << 7;
-}
-
-/* Compress the point to y-ordinate and negative bit.
- *
- * out    [in]  Array of bytes to hold compressed key.
- * xIn    [in]  The x-ordinate.
- * yIn    [in]  The y-ordinate.
- */
-int ge448_compress_key(byte* out, const byte* xIn, const byte* yIn)
-{
-    ge448 x[56];
-
-    fe448_copy(x, xIn);
-    fe448_copy(out, yIn);
-    fe448_norm(x);
-    fe448_norm(out);
-    out[56] = (byte)(x[0] & 1) << 7;
-
-    return 0;
-}
-
-/* Perform a scalar multiplication of the a point. r = p * base
- *
- * r  [in]  Point to hold result.
- * a  [in]  Scalar to multiply by.
- */
-static void ge448_scalarmult(ge448_p2* h, const ge448_p2* p, const byte* a)
-{
-    ge448_p2 r;
-    ge448_p2 s;
-    int i;
-
-    XMEMSET(&r, 0, sizeof(r));
-    r.Y[0] = 1;
-    r.Z[0] = 1;
-
-    for (i = 447; i >= 0; i--) {
-        const byte bit = (a[i >> 3] >> (i & 7)) & 1;
-
-        ge448_dbl(&r, &r);
-        ge448_add(&s, &r, p);
-
-        fe448_cmov(r.X, s.X, bit);
-        fe448_cmov(r.Y, s.Y, bit);
-        fe448_cmov(r.Z, s.Z, bit);
-    }
-
-    XMEMCPY(h, &r, sizeof(r));
-}
-
-/* Perform a scalar multiplication of the base point. r = a * base
- *
- * r  [in]  Point to hold result.
- * a  [in]  Scalar to multiply by.
- */
-int ge448_scalarmult_base(ge448_p2* h, const byte* a)
-{
-    ge448_scalarmult(h, &ed448_base, a);
-    return 0;
-}
-
-/* Perform a scalar multiplication of the base point and public point.
- *   r = a * p + b * base
- * Uses a sliding window of 5 bits.
- * Not constant time.
- *
- * r  [in]  Point to hold result.
- * a  [in]  Scalar to multiply by.
- */
-int ge448_double_scalarmult_vartime(ge448_p2 *r, const byte *a,
-                                    const ge448_p2 *A, const byte *b)
-{
-    ge448_p2 t;
-
-    ge448_scalarmult(&t, &ed448_base, b);
-    ge448_scalarmult(r, A, a);
-    ge448_add(r, r, &t);
-
-    return 0;
-}
-
-/* Convert compressed point to negative of affine point.
- * Calculates x from the y and the negative bit.
- * Not constant time.
- *
- * r  [in]  Uncompressed point.
- * b  [in]  Array of bytes representing point.
- * returns 0 on success and -1 on failure.
- */
-int ge448_from_bytes_negate_vartime(ge448_p2 *r, const byte *b)
-{
-    int   ret = 0;
-    ge448 u[GE448_WORDS];
-    ge448 v[GE448_WORDS];
-    ge448 u3[GE448_WORDS];
-    ge448 vxx[GE448_WORDS];
-    ge448 check[GE448_WORDS];
-
-    fe448_copy(r->Y, b);
-    XMEMSET(r->Z, 0, sizeof(r->Z));
-    r->Z[0] = 1;
-    fe448_sqr(u, r->Y);                /* u = y^2                      */
-    fe448_mul39081(v, u);              /* v = 39081.y^2                */
-    fe448_sub(u, u, r->Z);             /* u = y^2-1                    */
-    fe448_add(v, v, r->Z);             /* v = 39081.y^2-1              */
-    fe448_neg(v, v);                   /* v = -39081.y^2-1 = d.y^2-1   */
-
-    fe448_sqr(r->X, v);                /* x = v^2                      */
-    fe448_mul(r->X, r->X, v);          /* x = v^3                      */
-    fe448_sqr(u3, u);                  /* x = u^2.v^3                  */
-    fe448_mul(r->X, r->X, u3);         /* x = u^2.v^3                  */
-    fe448_mul(u3, u3, u);              /* u3 = u^3                     */
-    fe448_mul(r->X, r->X, u3);         /* x = u^5.v^3                  */
-
-    fe448_pow_2_446_222_1(r->X, r->X); /* x = (u^5.v^3)^((q-3)/4)      */
-    fe448_mul(r->X, r->X, u3);         /* x = u^3(u^5.v^3)^((q-3)/4)   */
-    fe448_mul(r->X, r->X, v);          /* x = u^3.v(u^5.v^3)^((q-3)/4) */
-
-    fe448_sqr(vxx, r->X);
-    fe448_mul(vxx, vxx, v);
-    fe448_sub(check, vxx, u);          /* check = v.x^2-u              */
-    fe448_norm(check);
-    fe448_norm(r->X);
-    fe448_norm(r->Y);
-    /* Note; vx^2+u is NOT correct. */
-    if (fe448_isnonzero(check)) {
-        ret = -1;
-    }
-
-    /* Calculating negative of point in bytes - negate only if X is correct. */
-    if ((r->X[0] & 1) == (b[56] >> 7)) {
-        fe448_neg(r->X, r->X);
-    }
-
-    return ret;
-}
-
-#else /* !ED448_SMALL */
-
-#if defined(CURVED448_128BIT)
-
-/* Reduce scalar mod the order of the curve.
- * Scalar Will be 114 bytes.
- *
- * Only performs a weak reduce.
- *
- * b  [in]  Scalar to reduce.
- */
-void sc448_reduce(byte* b)
-{
-    word64 d[8];
-    word128 t[17];
-    word128 c;
-    word64 o;
-
-    /* Load from bytes: 114 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 16; o++) {
-        t[o] = (word64)(
-                (((sword64)b[o * 7 + 0]) <<  0)
-              | (((sword64)b[o * 7 + 1]) <<  8)
-              | (((sword64)b[o * 7 + 2]) << 16)
-              | (((sword64)b[o * 7 + 3]) << 24)
-              | (((sword64)b[o * 7 + 4]) << 32)
-              | (((sword64)b[o * 7 + 5]) << 40)
-              | (((sword64)b[o * 7 + 6]) << 48));
-    }
-    t[16] = (word64)(
-            (((sword64)b[o * 7 + 0]) <<  0)
-          | (((sword64)b[o * 7 + 1]) <<  8));
-#else
-    t[ 0] = (word64) ((sword64) (b[ 0]) <<  0)
-          | (word64) ((sword64) (b[ 1]) <<  8)
-          | (word64) ((sword64) (b[ 2]) << 16)
-          | (word64) ((sword64) (b[ 3]) << 24)
-          | (word64) ((sword64) (b[ 4]) << 32)
-          | (word64) ((sword64) (b[ 5]) << 40)
-          | (word64) ((sword64) (b[ 6]) << 48);
-    t[ 1] = (word64) ((sword64) (b[ 7]) <<  0)
-          | (word64) ((sword64) (b[ 8]) <<  8)
-          | (word64) ((sword64) (b[ 9]) << 16)
-          | (word64) ((sword64) (b[10]) << 24)
-          | (word64) ((sword64) (b[11]) << 32)
-          | (word64) ((sword64) (b[12]) << 40)
-          | (word64) ((sword64) (b[13]) << 48);
-    t[ 2] = (word64) ((sword64) (b[14]) <<  0)
-          | (word64) ((sword64) (b[15]) <<  8)
-          | (word64) ((sword64) (b[16]) << 16)
-          | (word64) ((sword64) (b[17]) << 24)
-          | (word64) ((sword64) (b[18]) << 32)
-          | (word64) ((sword64) (b[19]) << 40)
-          | (word64) ((sword64) (b[20]) << 48);
-    t[ 3] = (word64) ((sword64) (b[21]) <<  0)
-          | (word64) ((sword64) (b[22]) <<  8)
-          | (word64) ((sword64) (b[23]) << 16)
-          | (word64) ((sword64) (b[24]) << 24)
-          | (word64) ((sword64) (b[25]) << 32)
-          | (word64) ((sword64) (b[26]) << 40)
-          | (word64) ((sword64) (b[27]) << 48);
-    t[ 4] = (word64) ((sword64) (b[28]) <<  0)
-          | (word64) ((sword64) (b[29]) <<  8)
-          | (word64) ((sword64) (b[30]) << 16)
-          | (word64) ((sword64) (b[31]) << 24)
-          | (word64) ((sword64) (b[32]) << 32)
-          | (word64) ((sword64) (b[33]) << 40)
-          | (word64) ((sword64) (b[34]) << 48);
-    t[ 5] = (word64) ((sword64) (b[35]) <<  0)
-          | (word64) ((sword64) (b[36]) <<  8)
-          | (word64) ((sword64) (b[37]) << 16)
-          | (word64) ((sword64) (b[38]) << 24)
-          | (word64) ((sword64) (b[39]) << 32)
-          | (word64) ((sword64) (b[40]) << 40)
-          | (word64) ((sword64) (b[41]) << 48);
-    t[ 6] = (word64) ((sword64) (b[42]) <<  0)
-          | (word64) ((sword64) (b[43]) <<  8)
-          | (word64) ((sword64) (b[44]) << 16)
-          | (word64) ((sword64) (b[45]) << 24)
-          | (word64) ((sword64) (b[46]) << 32)
-          | (word64) ((sword64) (b[47]) << 40)
-          | (word64) ((sword64) (b[48]) << 48);
-    t[ 7] = (word64) ((sword64) (b[49]) <<  0)
-          | (word64) ((sword64) (b[50]) <<  8)
-          | (word64) ((sword64) (b[51]) << 16)
-          | (word64) ((sword64) (b[52]) << 24)
-          | (word64) ((sword64) (b[53]) << 32)
-          | (word64) ((sword64) (b[54]) << 40)
-          | (word64) ((sword64) (b[55]) << 48);
-    t[ 8] = (word64) ((sword64) (b[56]) <<  0)
-          | (word64) ((sword64) (b[57]) <<  8)
-          | (word64) ((sword64) (b[58]) << 16)
-          | (word64) ((sword64) (b[59]) << 24)
-          | (word64) ((sword64) (b[60]) << 32)
-          | (word64) ((sword64) (b[61]) << 40)
-          | (word64) ((sword64) (b[62]) << 48);
-    t[ 9] = (word64) ((sword64) (b[63]) <<  0)
-          | (word64) ((sword64) (b[64]) <<  8)
-          | (word64) ((sword64) (b[65]) << 16)
-          | (word64) ((sword64) (b[66]) << 24)
-          | (word64) ((sword64) (b[67]) << 32)
-          | (word64) ((sword64) (b[68]) << 40)
-          | (word64) ((sword64) (b[69]) << 48);
-    t[10] = (word64) ((sword64) (b[70]) <<  0)
-          | (word64) ((sword64) (b[71]) <<  8)
-          | (word64) ((sword64) (b[72]) << 16)
-          | (word64) ((sword64) (b[73]) << 24)
-          | (word64) ((sword64) (b[74]) << 32)
-          | (word64) ((sword64) (b[75]) << 40)
-          | (word64) ((sword64) (b[76]) << 48);
-    t[11] = (word64) ((sword64) (b[77]) <<  0)
-          | (word64) ((sword64) (b[78]) <<  8)
-          | (word64) ((sword64) (b[79]) << 16)
-          | (word64) ((sword64) (b[80]) << 24)
-          | (word64) ((sword64) (b[81]) << 32)
-          | (word64) ((sword64) (b[82]) << 40)
-          | (word64) ((sword64) (b[83]) << 48);
-    t[12] = (word64) ((sword64) (b[84]) <<  0)
-          | (word64) ((sword64) (b[85]) <<  8)
-          | (word64) ((sword64) (b[86]) << 16)
-          | (word64) ((sword64) (b[87]) << 24)
-          | (word64) ((sword64) (b[88]) << 32)
-          | (word64) ((sword64) (b[89]) << 40)
-          | (word64) ((sword64) (b[90]) << 48);
-    t[13] = (word64) ((sword64) (b[91]) <<  0)
-          | (word64) ((sword64) (b[92]) <<  8)
-          | (word64) ((sword64) (b[93]) << 16)
-          | (word64) ((sword64) (b[94]) << 24)
-          | (word64) ((sword64) (b[95]) << 32)
-          | (word64) ((sword64) (b[96]) << 40)
-          | (word64) ((sword64) (b[97]) << 48);
-    t[14] = (word64) ((sword64) (b[98]) <<  0)
-          | (word64) ((sword64) (b[99]) <<  8)
-          | (word64) ((sword64) (b[100]) << 16)
-          | (word64) ((sword64) (b[101]) << 24)
-          | (word64) ((sword64) (b[102]) << 32)
-          | (word64) ((sword64) (b[103]) << 40)
-          | (word64) ((sword64) (b[104]) << 48);
-    t[15] = (word64) ((sword64) (b[105]) <<  0)
-          | (word64) ((sword64) (b[106]) <<  8)
-          | (word64) ((sword64) (b[107]) << 16)
-          | (word64) ((sword64) (b[108]) << 24)
-          | (word64) ((sword64) (b[109]) << 32)
-          | (word64) ((sword64) (b[110]) << 40)
-          | (word64) ((sword64) (b[111]) << 48);
-    t[16] = (word64) ((sword64) (b[112]) <<  0)
-          | (word64) ((sword64) (b[113]) <<  8);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-
-    /* Mod curve order */
-    /* 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d */
-    /* Mod top half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 5; o++) {
-        t[ 4 + o] += (sword128)0x21cf5b5529eec34L * t[12 + o];
-        t[ 5 + o] += (sword128)0x0f635c8e9c2ab70L * t[12 + o];
-        t[ 6 + o] += (sword128)0x2d944a725bf7a4cL * t[12 + o];
-        t[ 7 + o] += (sword128)0x20cd77058eec490L * t[12 + o];
-    }
-    t[12]  = 0;
-#else
-    t[ 4] += (sword128)0x21cf5b5529eec34L * t[12];
-    t[ 5] += (sword128)0x0f635c8e9c2ab70L * t[12];
-    t[ 6] += (sword128)0x2d944a725bf7a4cL * t[12];
-    t[ 7] += (sword128)0x20cd77058eec490L * t[12];
-    t[ 5] += (sword128)0x21cf5b5529eec34L * t[13];
-    t[ 6] += (sword128)0x0f635c8e9c2ab70L * t[13];
-    t[ 7] += (sword128)0x2d944a725bf7a4cL * t[13];
-    t[ 8] += (sword128)0x20cd77058eec490L * t[13];
-    t[ 6] += (sword128)0x21cf5b5529eec34L * t[14];
-    t[ 7] += (sword128)0x0f635c8e9c2ab70L * t[14];
-    t[ 8] += (sword128)0x2d944a725bf7a4cL * t[14];
-    t[ 9] += (sword128)0x20cd77058eec490L * t[14];
-    t[ 7] += (sword128)0x21cf5b5529eec34L * t[15];
-    t[ 8] += (sword128)0x0f635c8e9c2ab70L * t[15];
-    t[ 9] += (sword128)0x2d944a725bf7a4cL * t[15];
-    t[10] += (sword128)0x20cd77058eec490L * t[15];
-    t[ 8] += (sword128)0x21cf5b5529eec34L * t[16];
-    t[ 9] += (sword128)0x0f635c8e9c2ab70L * t[16];
-    t[10] += (sword128)0x2d944a725bf7a4cL * t[16];
-    t[11] += (sword128)0x20cd77058eec490L * t[16];
-    t[12]  = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 4] >> 56; t[ 5] += c; t[ 4] = t[ 4] & 0xffffffffffffff;
-    c = t[ 5] >> 56; t[ 6] += c; t[ 5] = t[ 5] & 0xffffffffffffff;
-    c = t[ 6] >> 56; t[ 7] += c; t[ 6] = t[ 6] & 0xffffffffffffff;
-    c = t[ 7] >> 56; t[ 8] += c; t[ 7] = t[ 7] & 0xffffffffffffff;
-    c = t[ 8] >> 56; t[ 9] += c; t[ 8] = t[ 8] & 0xffffffffffffff;
-    c = t[ 9] >> 56; t[10] += c; t[ 9] = t[ 9] & 0xffffffffffffff;
-    c = t[10] >> 56; t[11] += c; t[10] = t[10] & 0xffffffffffffff;
-    c = t[11] >> 56; t[12] += c; t[11] = t[11] & 0xffffffffffffff;
-    /* Mod bottom half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 5; o++) {
-        t[ 0 + o] += (sword128)0x21cf5b5529eec34L * t[ 8 + o];
-        t[ 1 + o] += (sword128)0x0f635c8e9c2ab70L * t[ 8 + o];
-        t[ 2 + o] += (sword128)0x2d944a725bf7a4cL * t[ 8 + o];
-        t[ 3 + o] += (sword128)0x20cd77058eec490L * t[ 8 + o];
-    }
-    t[ 8]  = 0;
-#else
-    t[ 0] += (sword128)0x21cf5b5529eec34L * t[ 8];
-    t[ 1] += (sword128)0x0f635c8e9c2ab70L * t[ 8];
-    t[ 2] += (sword128)0x2d944a725bf7a4cL * t[ 8];
-    t[ 3] += (sword128)0x20cd77058eec490L * t[ 8];
-    t[ 1] += (sword128)0x21cf5b5529eec34L * t[ 9];
-    t[ 2] += (sword128)0x0f635c8e9c2ab70L * t[ 9];
-    t[ 3] += (sword128)0x2d944a725bf7a4cL * t[ 9];
-    t[ 4] += (sword128)0x20cd77058eec490L * t[ 9];
-    t[ 2] += (sword128)0x21cf5b5529eec34L * t[10];
-    t[ 3] += (sword128)0x0f635c8e9c2ab70L * t[10];
-    t[ 4] += (sword128)0x2d944a725bf7a4cL * t[10];
-    t[ 5] += (sword128)0x20cd77058eec490L * t[10];
-    t[ 3] += (sword128)0x21cf5b5529eec34L * t[11];
-    t[ 4] += (sword128)0x0f635c8e9c2ab70L * t[11];
-    t[ 5] += (sword128)0x2d944a725bf7a4cL * t[11];
-    t[ 6] += (sword128)0x20cd77058eec490L * t[11];
-    t[ 4] += (sword128)0x21cf5b5529eec34L * t[12];
-    t[ 5] += (sword128)0x0f635c8e9c2ab70L * t[12];
-    t[ 6] += (sword128)0x2d944a725bf7a4cL * t[12];
-    t[ 7] += (sword128)0x20cd77058eec490L * t[12];
-    t[ 8]  = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 0] >> 56; t[ 1] += c; t[ 0] = t[ 0] & 0xffffffffffffff;
-    c = t[ 1] >> 56; t[ 2] += c; t[ 1] = t[ 1] & 0xffffffffffffff;
-    c = t[ 2] >> 56; t[ 3] += c; t[ 2] = t[ 2] & 0xffffffffffffff;
-    c = t[ 3] >> 56; t[ 4] += c; t[ 3] = t[ 3] & 0xffffffffffffff;
-    c = t[ 4] >> 56; t[ 5] += c; t[ 4] = t[ 4] & 0xffffffffffffff;
-    c = t[ 5] >> 56; t[ 6] += c; t[ 5] = t[ 5] & 0xffffffffffffff;
-    c = t[ 6] >> 56; t[ 7] += c; t[ 6] = t[ 6] & 0xffffffffffffff;
-    c = t[ 7] >> 56; t[ 8] += c; t[ 7] = t[ 7] & 0xffffffffffffff;
-    t[ 0] += (sword128)0x21cf5b5529eec34L * t[ 8];
-    t[ 1] += (sword128)0x0f635c8e9c2ab70L * t[ 8];
-    t[ 2] += (sword128)0x2d944a725bf7a4cL * t[ 8];
-    t[ 3] += (sword128)0x20cd77058eec490L * t[ 8];
-    /* Propagate carries */
-    c = t[ 0] >> 56; t[ 1] += c; d[ 0] = (sword64)(t[ 0] & 0xffffffffffffff);
-    c = t[ 1] >> 56; t[ 2] += c; d[ 1] = (sword64)(t[ 1] & 0xffffffffffffff);
-    c = t[ 2] >> 56; t[ 3] += c; d[ 2] = (sword64)(t[ 2] & 0xffffffffffffff);
-    c = t[ 3] >> 56; t[ 4] += c; d[ 3] = (sword64)(t[ 3] & 0xffffffffffffff);
-    c = t[ 4] >> 56; t[ 5] += c; d[ 4] = (sword64)(t[ 4] & 0xffffffffffffff);
-    c = t[ 5] >> 56; t[ 6] += c; d[ 5] = (sword64)(t[ 5] & 0xffffffffffffff);
-    c = t[ 6] >> 56; t[ 7] += c; d[ 6] = (sword64)(t[ 6] & 0xffffffffffffff);
-    d[ 7] = (word64)t[7];
-    /* Mod bits over 56 in last word */
-    o = d[7] >> 54; d[ 7] &= 0x3fffffffffffff;
-    d[ 0] += 0x873d6d54a7bb0dL * o;
-    d[ 1] += 0x3d8d723a70aadcL * o;
-    d[ 2] += 0xb65129c96fde93L * o;
-    d[ 3] += 0x8335dc163bb124L * o;
-    /* Propagate carries */
-    o = d[ 0] >> 56; d[ 1] += o; d[ 0] = d[ 0] & 0xffffffffffffff;
-    o = d[ 1] >> 56; d[ 2] += o; d[ 1] = d[ 1] & 0xffffffffffffff;
-    o = d[ 2] >> 56; d[ 3] += o; d[ 2] = d[ 2] & 0xffffffffffffff;
-    o = d[ 3] >> 56; d[ 4] += o; d[ 3] = d[ 3] & 0xffffffffffffff;
-    o = d[ 4] >> 56; d[ 5] += o; d[ 4] = d[ 4] & 0xffffffffffffff;
-    o = d[ 5] >> 56; d[ 6] += o; d[ 5] = d[ 5] & 0xffffffffffffff;
-    o = d[ 6] >> 56; d[ 7] += o; d[ 6] = d[ 6] & 0xffffffffffffff;
-
-    /* Convert to bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    {
-        word64 ow = 0;
-        for (o = 0; o < 56; o += 7) {
-            b[o + 0] = (byte)(d[ow] >>  0);
-            b[o + 1] = (byte)(d[ow] >>  8);
-            b[o + 2] = (byte)(d[ow] >> 16);
-            b[o + 3] = (byte)(d[ow] >> 24);
-            b[o + 4] = (byte)(d[ow] >> 32);
-            b[o + 5] = (byte)(d[ow] >> 40);
-            b[o + 6] = (byte)(d[ow] >> 48);
-            ow++;
-        }
-        b[56] = 0;
-    }
-#else
-    b[ 0] = (byte)(d[0 ] >>  0);
-    b[ 1] = (byte)(d[0 ] >>  8);
-    b[ 2] = (byte)(d[0 ] >> 16);
-    b[ 3] = (byte)(d[0 ] >> 24);
-    b[ 4] = (byte)(d[0 ] >> 32);
-    b[ 5] = (byte)(d[0 ] >> 40);
-    b[ 6] = (byte)(d[0 ] >> 48);
-    b[ 7] = (byte)(d[1 ] >>  0);
-    b[ 8] = (byte)(d[1 ] >>  8);
-    b[ 9] = (byte)(d[1 ] >> 16);
-    b[10] = (byte)(d[1 ] >> 24);
-    b[11] = (byte)(d[1 ] >> 32);
-    b[12] = (byte)(d[1 ] >> 40);
-    b[13] = (byte)(d[1 ] >> 48);
-    b[14] = (byte)(d[2 ] >>  0);
-    b[15] = (byte)(d[2 ] >>  8);
-    b[16] = (byte)(d[2 ] >> 16);
-    b[17] = (byte)(d[2 ] >> 24);
-    b[18] = (byte)(d[2 ] >> 32);
-    b[19] = (byte)(d[2 ] >> 40);
-    b[20] = (byte)(d[2 ] >> 48);
-    b[21] = (byte)(d[3 ] >>  0);
-    b[22] = (byte)(d[3 ] >>  8);
-    b[23] = (byte)(d[3 ] >> 16);
-    b[24] = (byte)(d[3 ] >> 24);
-    b[25] = (byte)(d[3 ] >> 32);
-    b[26] = (byte)(d[3 ] >> 40);
-    b[27] = (byte)(d[3 ] >> 48);
-    b[28] = (byte)(d[4 ] >>  0);
-    b[29] = (byte)(d[4 ] >>  8);
-    b[30] = (byte)(d[4 ] >> 16);
-    b[31] = (byte)(d[4 ] >> 24);
-    b[32] = (byte)(d[4 ] >> 32);
-    b[33] = (byte)(d[4 ] >> 40);
-    b[34] = (byte)(d[4 ] >> 48);
-    b[35] = (byte)(d[5 ] >>  0);
-    b[36] = (byte)(d[5 ] >>  8);
-    b[37] = (byte)(d[5 ] >> 16);
-    b[38] = (byte)(d[5 ] >> 24);
-    b[39] = (byte)(d[5 ] >> 32);
-    b[40] = (byte)(d[5 ] >> 40);
-    b[41] = (byte)(d[5 ] >> 48);
-    b[42] = (byte)(d[6 ] >>  0);
-    b[43] = (byte)(d[6 ] >>  8);
-    b[44] = (byte)(d[6 ] >> 16);
-    b[45] = (byte)(d[6 ] >> 24);
-    b[46] = (byte)(d[6 ] >> 32);
-    b[47] = (byte)(d[6 ] >> 40);
-    b[48] = (byte)(d[6 ] >> 48);
-    b[49] = (byte)(d[7 ] >>  0);
-    b[50] = (byte)(d[7 ] >>  8);
-    b[51] = (byte)(d[7 ] >> 16);
-    b[52] = (byte)(d[7 ] >> 24);
-    b[53] = (byte)(d[7 ] >> 32);
-    b[54] = (byte)(d[7 ] >> 40);
-    b[55] = (byte)(d[7 ] >> 48);
-    b[56] = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-}
-
-/* Multiply a by b and add d. r = (a * b + d) mod order
- *
- * r  [in]  Scalar to hold result.
- * a  [in]  Scalar to multiply.
- * b  [in]  Scalar to multiply.
- * d  [in]  Scalar to add to multiplicative result.
- */
-void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
-{
-    word64 ad[8], bd[8], dd[8], rd[8];
-    word128 t[16];
-    word128 c;
-    word64 o;
-    sword64 u;
-
-    /* Load from bytes: 56 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 8; o++) {
-        ad[o] = (word64)(
-                (((sword64)a[o * 7 + 0]) <<  0)
-              | (((sword64)a[o * 7 + 1]) <<  8)
-              | (((sword64)a[o * 7 + 2]) << 16)
-              | (((sword64)a[o * 7 + 3]) << 24)
-              | (((sword64)a[o * 7 + 4]) << 32)
-              | (((sword64)a[o * 7 + 5]) << 40)
-              | (((sword64)a[o * 7 + 6]) << 48));
-    }
-#else
-    ad[ 0] = (word64) ((sword64) (a[ 0]) <<  0)
-           | (word64) ((sword64) (a[ 1]) <<  8)
-           | (word64) ((sword64) (a[ 2]) << 16)
-           | (word64) ((sword64) (a[ 3]) << 24)
-           | (word64) ((sword64) (a[ 4]) << 32)
-           | (word64) ((sword64) (a[ 5]) << 40)
-           | (word64) ((sword64) (a[ 6]) << 48);
-    ad[ 1] = (word64) ((sword64) (a[ 7]) <<  0)
-           | (word64) ((sword64) (a[ 8]) <<  8)
-           | (word64) ((sword64) (a[ 9]) << 16)
-           | (word64) ((sword64) (a[10]) << 24)
-           | (word64) ((sword64) (a[11]) << 32)
-           | (word64) ((sword64) (a[12]) << 40)
-           | (word64) ((sword64) (a[13]) << 48);
-    ad[ 2] = (word64) ((sword64) (a[14]) <<  0)
-           | (word64) ((sword64) (a[15]) <<  8)
-           | (word64) ((sword64) (a[16]) << 16)
-           | (word64) ((sword64) (a[17]) << 24)
-           | (word64) ((sword64) (a[18]) << 32)
-           | (word64) ((sword64) (a[19]) << 40)
-           | (word64) ((sword64) (a[20]) << 48);
-    ad[ 3] = (word64) ((sword64) (a[21]) <<  0)
-           | (word64) ((sword64) (a[22]) <<  8)
-           | (word64) ((sword64) (a[23]) << 16)
-           | (word64) ((sword64) (a[24]) << 24)
-           | (word64) ((sword64) (a[25]) << 32)
-           | (word64) ((sword64) (a[26]) << 40)
-           | (word64) ((sword64) (a[27]) << 48);
-    ad[ 4] = (word64) ((sword64) (a[28]) <<  0)
-           | (word64) ((sword64) (a[29]) <<  8)
-           | (word64) ((sword64) (a[30]) << 16)
-           | (word64) ((sword64) (a[31]) << 24)
-           | (word64) ((sword64) (a[32]) << 32)
-           | (word64) ((sword64) (a[33]) << 40)
-           | (word64) ((sword64) (a[34]) << 48);
-    ad[ 5] = (word64) ((sword64) (a[35]) <<  0)
-           | (word64) ((sword64) (a[36]) <<  8)
-           | (word64) ((sword64) (a[37]) << 16)
-           | (word64) ((sword64) (a[38]) << 24)
-           | (word64) ((sword64) (a[39]) << 32)
-           | (word64) ((sword64) (a[40]) << 40)
-           | (word64) ((sword64) (a[41]) << 48);
-    ad[ 6] = (word64) ((sword64) (a[42]) <<  0)
-           | (word64) ((sword64) (a[43]) <<  8)
-           | (word64) ((sword64) (a[44]) << 16)
-           | (word64) ((sword64) (a[45]) << 24)
-           | (word64) ((sword64) (a[46]) << 32)
-           | (word64) ((sword64) (a[47]) << 40)
-           | (word64) ((sword64) (a[48]) << 48);
-    ad[ 7] = (word64) ((sword64) (a[49]) <<  0)
-           | (word64) ((sword64) (a[50]) <<  8)
-           | (word64) ((sword64) (a[51]) << 16)
-           | (word64) ((sword64) (a[52]) << 24)
-           | (word64) ((sword64) (a[53]) << 32)
-           | (word64) ((sword64) (a[54]) << 40)
-           | (word64) ((sword64) (a[55]) << 48);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Load from bytes: 56 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 8; o++) {
-        bd[o] = (word64)(
-                (((sword64)b[o * 7 + 0]) <<  0)
-              | (((sword64)b[o * 7 + 1]) <<  8)
-              | (((sword64)b[o * 7 + 2]) << 16)
-              | (((sword64)b[o * 7 + 3]) << 24)
-              | (((sword64)b[o * 7 + 4]) << 32)
-              | (((sword64)b[o * 7 + 5]) << 40)
-              | (((sword64)b[o * 7 + 6]) << 48));
-    }
-#else
-    bd[ 0] = (word64) ((sword64) (b[ 0]) <<  0)
-           | (word64) ((sword64) (b[ 1]) <<  8)
-           | (word64) ((sword64) (b[ 2]) << 16)
-           | (word64) ((sword64) (b[ 3]) << 24)
-           | (word64) ((sword64) (b[ 4]) << 32)
-           | (word64) ((sword64) (b[ 5]) << 40)
-           | (word64) ((sword64) (b[ 6]) << 48);
-    bd[ 1] = (word64) ((sword64) (b[ 7]) <<  0)
-           | (word64) ((sword64) (b[ 8]) <<  8)
-           | (word64) ((sword64) (b[ 9]) << 16)
-           | (word64) ((sword64) (b[10]) << 24)
-           | (word64) ((sword64) (b[11]) << 32)
-           | (word64) ((sword64) (b[12]) << 40)
-           | (word64) ((sword64) (b[13]) << 48);
-    bd[ 2] = (word64) ((sword64) (b[14]) <<  0)
-           | (word64) ((sword64) (b[15]) <<  8)
-           | (word64) ((sword64) (b[16]) << 16)
-           | (word64) ((sword64) (b[17]) << 24)
-           | (word64) ((sword64) (b[18]) << 32)
-           | (word64) ((sword64) (b[19]) << 40)
-           | (word64) ((sword64) (b[20]) << 48);
-    bd[ 3] = (word64) ((sword64) (b[21]) <<  0)
-           | (word64) ((sword64) (b[22]) <<  8)
-           | (word64) ((sword64) (b[23]) << 16)
-           | (word64) ((sword64) (b[24]) << 24)
-           | (word64) ((sword64) (b[25]) << 32)
-           | (word64) ((sword64) (b[26]) << 40)
-           | (word64) ((sword64) (b[27]) << 48);
-    bd[ 4] = (word64) ((sword64) (b[28]) <<  0)
-           | (word64) ((sword64) (b[29]) <<  8)
-           | (word64) ((sword64) (b[30]) << 16)
-           | (word64) ((sword64) (b[31]) << 24)
-           | (word64) ((sword64) (b[32]) << 32)
-           | (word64) ((sword64) (b[33]) << 40)
-           | (word64) ((sword64) (b[34]) << 48);
-    bd[ 5] = (word64) ((sword64) (b[35]) <<  0)
-           | (word64) ((sword64) (b[36]) <<  8)
-           | (word64) ((sword64) (b[37]) << 16)
-           | (word64) ((sword64) (b[38]) << 24)
-           | (word64) ((sword64) (b[39]) << 32)
-           | (word64) ((sword64) (b[40]) << 40)
-           | (word64) ((sword64) (b[41]) << 48);
-    bd[ 6] = (word64) ((sword64) (b[42]) <<  0)
-           | (word64) ((sword64) (b[43]) <<  8)
-           | (word64) ((sword64) (b[44]) << 16)
-           | (word64) ((sword64) (b[45]) << 24)
-           | (word64) ((sword64) (b[46]) << 32)
-           | (word64) ((sword64) (b[47]) << 40)
-           | (word64) ((sword64) (b[48]) << 48);
-    bd[ 7] = (word64) ((sword64) (b[49]) <<  0)
-           | (word64) ((sword64) (b[50]) <<  8)
-           | (word64) ((sword64) (b[51]) << 16)
-           | (word64) ((sword64) (b[52]) << 24)
-           | (word64) ((sword64) (b[53]) << 32)
-           | (word64) ((sword64) (b[54]) << 40)
-           | (word64) ((sword64) (b[55]) << 48);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Load from bytes: 56 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 8; o++) {
-        dd[o] = (word64)(
-                (((sword64)d[o * 7 + 0]) <<  0)
-              | (((sword64)d[o * 7 + 1]) <<  8)
-              | (((sword64)d[o * 7 + 2]) << 16)
-              | (((sword64)d[o * 7 + 3]) << 24)
-              | (((sword64)d[o * 7 + 4]) << 32)
-              | (((sword64)d[o * 7 + 5]) << 40)
-              | (((sword64)d[o * 7 + 6]) << 48));
-    }
-#else
-    dd[ 0] = (word64) ((sword64) (d[ 0]) <<  0)
-           | (word64) ((sword64) (d[ 1]) <<  8)
-           | (word64) ((sword64) (d[ 2]) << 16)
-           | (word64) ((sword64) (d[ 3]) << 24)
-           | (word64) ((sword64) (d[ 4]) << 32)
-           | (word64) ((sword64) (d[ 5]) << 40)
-           | (word64) ((sword64) (d[ 6]) << 48);
-    dd[ 1] = (word64) ((sword64) (d[ 7]) <<  0)
-           | (word64) ((sword64) (d[ 8]) <<  8)
-           | (word64) ((sword64) (d[ 9]) << 16)
-           | (word64) ((sword64) (d[10]) << 24)
-           | (word64) ((sword64) (d[11]) << 32)
-           | (word64) ((sword64) (d[12]) << 40)
-           | (word64) ((sword64) (d[13]) << 48);
-    dd[ 2] = (word64) ((sword64) (d[14]) <<  0)
-           | (word64) ((sword64) (d[15]) <<  8)
-           | (word64) ((sword64) (d[16]) << 16)
-           | (word64) ((sword64) (d[17]) << 24)
-           | (word64) ((sword64) (d[18]) << 32)
-           | (word64) ((sword64) (d[19]) << 40)
-           | (word64) ((sword64) (d[20]) << 48);
-    dd[ 3] = (word64) ((sword64) (d[21]) <<  0)
-           | (word64) ((sword64) (d[22]) <<  8)
-           | (word64) ((sword64) (d[23]) << 16)
-           | (word64) ((sword64) (d[24]) << 24)
-           | (word64) ((sword64) (d[25]) << 32)
-           | (word64) ((sword64) (d[26]) << 40)
-           | (word64) ((sword64) (d[27]) << 48);
-    dd[ 4] = (word64) ((sword64) (d[28]) <<  0)
-           | (word64) ((sword64) (d[29]) <<  8)
-           | (word64) ((sword64) (d[30]) << 16)
-           | (word64) ((sword64) (d[31]) << 24)
-           | (word64) ((sword64) (d[32]) << 32)
-           | (word64) ((sword64) (d[33]) << 40)
-           | (word64) ((sword64) (d[34]) << 48);
-    dd[ 5] = (word64) ((sword64) (d[35]) <<  0)
-           | (word64) ((sword64) (d[36]) <<  8)
-           | (word64) ((sword64) (d[37]) << 16)
-           | (word64) ((sword64) (d[38]) << 24)
-           | (word64) ((sword64) (d[39]) << 32)
-           | (word64) ((sword64) (d[40]) << 40)
-           | (word64) ((sword64) (d[41]) << 48);
-    dd[ 6] = (word64) ((sword64) (d[42]) <<  0)
-           | (word64) ((sword64) (d[43]) <<  8)
-           | (word64) ((sword64) (d[44]) << 16)
-           | (word64) ((sword64) (d[45]) << 24)
-           | (word64) ((sword64) (d[46]) << 32)
-           | (word64) ((sword64) (d[47]) << 40)
-           | (word64) ((sword64) (d[48]) << 48);
-    dd[ 7] = (word64) ((sword64) (d[49]) <<  0)
-           | (word64) ((sword64) (d[50]) <<  8)
-           | (word64) ((sword64) (d[51]) << 16)
-           | (word64) ((sword64) (d[52]) << 24)
-           | (word64) ((sword64) (d[53]) << 32)
-           | (word64) ((sword64) (d[54]) << 40)
-           | (word64) ((sword64) (d[55]) << 48);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-
-    /* a * b + d */
-    t[ 0] = (word128)(dd[ 0] + (word128)((sword128)ad[ 0] * bd[ 0]));
-    t[ 1] = (word128)(dd[ 1] + (word128)((sword128)ad[ 0] * bd[ 1]
-                                       + (sword128)ad[ 1] * bd[ 0]));
-    t[ 2] = (word128)(dd[ 2] + (word128)((sword128)ad[ 0] * bd[ 2]
-                                       + (sword128)ad[ 1] * bd[ 1]
-                                       + (sword128)ad[ 2] * bd[ 0]));
-    t[ 3] = (word128)(dd[ 3] + (word128)((sword128)ad[ 0] * bd[ 3]
-                                       + (sword128)ad[ 1] * bd[ 2]
-                                       + (sword128)ad[ 2] * bd[ 1]
-                                       + (sword128)ad[ 3] * bd[ 0]));
-    t[ 4] = (word128)(dd[ 4] + (word128)((sword128)ad[ 0] * bd[ 4]
-                                       + (sword128)ad[ 1] * bd[ 3]
-                                       + (sword128)ad[ 2] * bd[ 2]
-                                       + (sword128)ad[ 3] * bd[ 1]
-                                       + (sword128)ad[ 4] * bd[ 0]));
-    t[ 5] = (word128)(dd[ 5] + (word128)((sword128)ad[ 0] * bd[ 5]
-                                       + (sword128)ad[ 1] * bd[ 4]
-                                       + (sword128)ad[ 2] * bd[ 3]
-                                       + (sword128)ad[ 3] * bd[ 2]
-                                       + (sword128)ad[ 4] * bd[ 1]
-                                       + (sword128)ad[ 5] * bd[ 0]));
-    t[ 6] = (word128)(dd[ 6] + (word128)((sword128)ad[ 0] * bd[ 6]
-                                       + (sword128)ad[ 1] * bd[ 5]
-                                       + (sword128)ad[ 2] * bd[ 4]
-                                       + (sword128)ad[ 3] * bd[ 3]
-                                       + (sword128)ad[ 4] * bd[ 2]
-                                       + (sword128)ad[ 5] * bd[ 1]
-                                       + (sword128)ad[ 6] * bd[ 0]));
-    t[ 7] = (word128)(dd[ 7] + (word128)((sword128)ad[ 0] * bd[ 7]
-                                       + (sword128)ad[ 1] * bd[ 6]
-                                       + (sword128)ad[ 2] * bd[ 5]
-                                       + (sword128)ad[ 3] * bd[ 4]
-                                       + (sword128)ad[ 4] * bd[ 3]
-                                       + (sword128)ad[ 5] * bd[ 2]
-                                       + (sword128)ad[ 6] * bd[ 1]
-                                       + (sword128)ad[ 7] * bd[ 0]));
-    t[ 8] = (word128)(                   (sword128)ad[ 1] * bd[ 7]
-                                       + (sword128)ad[ 2] * bd[ 6]
-                                       + (sword128)ad[ 3] * bd[ 5]
-                                       + (sword128)ad[ 4] * bd[ 4]
-                                       + (sword128)ad[ 5] * bd[ 3]
-                                       + (sword128)ad[ 6] * bd[ 2]
-                                       + (sword128)ad[ 7] * bd[ 1]);
-    t[ 9] = (word128)(                   (sword128)ad[ 2] * bd[ 7]
-                                       + (sword128)ad[ 3] * bd[ 6]
-                                       + (sword128)ad[ 4] * bd[ 5]
-                                       + (sword128)ad[ 5] * bd[ 4]
-                                       + (sword128)ad[ 6] * bd[ 3]
-                                       + (sword128)ad[ 7] * bd[ 2]);
-    t[10] = (word128)(                   (sword128)ad[ 3] * bd[ 7]
-                                       + (sword128)ad[ 4] * bd[ 6]
-                                       + (sword128)ad[ 5] * bd[ 5]
-                                       + (sword128)ad[ 6] * bd[ 4]
-                                       + (sword128)ad[ 7] * bd[ 3]);
-    t[11] = (word128)(                   (sword128)ad[ 4] * bd[ 7]
-                                       + (sword128)ad[ 5] * bd[ 6]
-                                       + (sword128)ad[ 6] * bd[ 5]
-                                       + (sword128)ad[ 7] * bd[ 4]);
-    t[12] = (word128)(                   (sword128)ad[ 5] * bd[ 7]
-                                       + (sword128)ad[ 6] * bd[ 6]
-                                       + (sword128)ad[ 7] * bd[ 5]);
-    t[13] = (word128)(                   (sword128)ad[ 6] * bd[ 7]
-                                       + (sword128)ad[ 7] * bd[ 6]);
-    t[14] = (word128)(                   (sword128)ad[ 7] * bd[ 7]);
-    t[15] = 0;
-
-    /* Mod curve order */
-    /* 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d */
-    /* Propagate carries */
-    c = t[ 0] >> 56; t[ 1] += c; t[ 0] = t[ 0] & 0xffffffffffffff;
-    c = t[ 1] >> 56; t[ 2] += c; t[ 1] = t[ 1] & 0xffffffffffffff;
-    c = t[ 2] >> 56; t[ 3] += c; t[ 2] = t[ 2] & 0xffffffffffffff;
-    c = t[ 3] >> 56; t[ 4] += c; t[ 3] = t[ 3] & 0xffffffffffffff;
-    c = t[ 4] >> 56; t[ 5] += c; t[ 4] = t[ 4] & 0xffffffffffffff;
-    c = t[ 5] >> 56; t[ 6] += c; t[ 5] = t[ 5] & 0xffffffffffffff;
-    c = t[ 6] >> 56; t[ 7] += c; t[ 6] = t[ 6] & 0xffffffffffffff;
-    c = t[ 7] >> 56; t[ 8] += c; t[ 7] = t[ 7] & 0xffffffffffffff;
-    c = t[ 8] >> 56; t[ 9] += c; t[ 8] = t[ 8] & 0xffffffffffffff;
-    c = t[ 9] >> 56; t[10] += c; t[ 9] = t[ 9] & 0xffffffffffffff;
-    c = t[10] >> 56; t[11] += c; t[10] = t[10] & 0xffffffffffffff;
-    c = t[11] >> 56; t[12] += c; t[11] = t[11] & 0xffffffffffffff;
-    c = t[12] >> 56; t[13] += c; t[12] = t[12] & 0xffffffffffffff;
-    c = t[13] >> 56; t[14] += c; t[13] = t[13] & 0xffffffffffffff;
-    c = t[14] >> 56; t[15] += c; t[14] = t[14] & 0xffffffffffffff;
-    /* Mod top half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 4; o++) {
-        t[ 4 + o] += (sword128)0x21cf5b5529eec34L * t[12 + o];
-        t[ 5 + o] += (sword128)0x0f635c8e9c2ab70L * t[12 + o];
-        t[ 6 + o] += (sword128)0x2d944a725bf7a4cL * t[12 + o];
-        t[ 7 + o] += (sword128)0x20cd77058eec490L * t[12 + o];
-    }
-#else
-    t[ 4] += (sword128)0x21cf5b5529eec34L * t[12];
-    t[ 5] += (sword128)0x0f635c8e9c2ab70L * t[12];
-    t[ 6] += (sword128)0x2d944a725bf7a4cL * t[12];
-    t[ 7] += (sword128)0x20cd77058eec490L * t[12];
-    t[ 5] += (sword128)0x21cf5b5529eec34L * t[13];
-    t[ 6] += (sword128)0x0f635c8e9c2ab70L * t[13];
-    t[ 7] += (sword128)0x2d944a725bf7a4cL * t[13];
-    t[ 8] += (sword128)0x20cd77058eec490L * t[13];
-    t[ 6] += (sword128)0x21cf5b5529eec34L * t[14];
-    t[ 7] += (sword128)0x0f635c8e9c2ab70L * t[14];
-    t[ 8] += (sword128)0x2d944a725bf7a4cL * t[14];
-    t[ 9] += (sword128)0x20cd77058eec490L * t[14];
-    t[ 7] += (sword128)0x21cf5b5529eec34L * t[15];
-    t[ 8] += (sword128)0x0f635c8e9c2ab70L * t[15];
-    t[ 9] += (sword128)0x2d944a725bf7a4cL * t[15];
-    t[10] += (sword128)0x20cd77058eec490L * t[15];
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 4] >> 56; t[ 5] += c; t[ 4] = t[ 4] & 0xffffffffffffff;
-    c = t[ 5] >> 56; t[ 6] += c; t[ 5] = t[ 5] & 0xffffffffffffff;
-    c = t[ 6] >> 56; t[ 7] += c; t[ 6] = t[ 6] & 0xffffffffffffff;
-    c = t[ 7] >> 56; t[ 8] += c; t[ 7] = t[ 7] & 0xffffffffffffff;
-    c = t[ 8] >> 56; t[ 9] += c; t[ 8] = t[ 8] & 0xffffffffffffff;
-    c = t[ 9] >> 56; t[10] += c; t[ 9] = t[ 9] & 0xffffffffffffff;
-    c = t[10] >> 56; t[11] += c; t[10] = t[10] & 0xffffffffffffff;
-    /* Mod bottom half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 4; o++) {
-        t[ 0 + o] += (sword128)0x21cf5b5529eec34L * t[ 8 + o];
-        t[ 1 + o] += (sword128)0x0f635c8e9c2ab70L * t[ 8 + o];
-        t[ 2 + o] += (sword128)0x2d944a725bf7a4cL * t[ 8 + o];
-        t[ 3 + o] += (sword128)0x20cd77058eec490L * t[ 8 + o];
-    }
-#else
-    t[ 0] += (sword128)0x21cf5b5529eec34L * t[ 8];
-    t[ 1] += (sword128)0x0f635c8e9c2ab70L * t[ 8];
-    t[ 2] += (sword128)0x2d944a725bf7a4cL * t[ 8];
-    t[ 3] += (sword128)0x20cd77058eec490L * t[ 8];
-    t[ 1] += (sword128)0x21cf5b5529eec34L * t[ 9];
-    t[ 2] += (sword128)0x0f635c8e9c2ab70L * t[ 9];
-    t[ 3] += (sword128)0x2d944a725bf7a4cL * t[ 9];
-    t[ 4] += (sword128)0x20cd77058eec490L * t[ 9];
-    t[ 2] += (sword128)0x21cf5b5529eec34L * t[10];
-    t[ 3] += (sword128)0x0f635c8e9c2ab70L * t[10];
-    t[ 4] += (sword128)0x2d944a725bf7a4cL * t[10];
-    t[ 5] += (sword128)0x20cd77058eec490L * t[10];
-    t[ 3] += (sword128)0x21cf5b5529eec34L * t[11];
-    t[ 4] += (sword128)0x0f635c8e9c2ab70L * t[11];
-    t[ 5] += (sword128)0x2d944a725bf7a4cL * t[11];
-    t[ 6] += (sword128)0x20cd77058eec490L * t[11];
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 0] >> 56; t[ 1] += c; rd[ 0] = (sword64)(t[ 0] & 0xffffffffffffff);
-    c = t[ 1] >> 56; t[ 2] += c; rd[ 1] = (sword64)(t[ 1] & 0xffffffffffffff);
-    c = t[ 2] >> 56; t[ 3] += c; rd[ 2] = (sword64)(t[ 2] & 0xffffffffffffff);
-    c = t[ 3] >> 56; t[ 4] += c; rd[ 3] = (sword64)(t[ 3] & 0xffffffffffffff);
-    c = t[ 4] >> 56; t[ 5] += c; rd[ 4] = (sword64)(t[ 4] & 0xffffffffffffff);
-    c = t[ 5] >> 56; t[ 6] += c; rd[ 5] = (sword64)(t[ 5] & 0xffffffffffffff);
-    c = t[ 6] >> 56; t[ 7] += c; rd[ 6] = (sword64)(t[ 6] & 0xffffffffffffff);
-    rd[ 7] = (word64)t[7];
-    /* Mod bits over 56 in last word */
-    o = rd[7] >> 54; rd[ 7] &= 0x3fffffffffffff;
-    rd[ 0] += 0x873d6d54a7bb0dL * o;
-    rd[ 1] += 0x3d8d723a70aadcL * o;
-    rd[ 2] += 0xb65129c96fde93L * o;
-    rd[ 3] += 0x8335dc163bb124L * o;
-    /* Propagate carries */
-    o = rd[ 0] >> 56; rd[ 1] += o; rd[ 0] = rd[ 0] & 0xffffffffffffff;
-    o = rd[ 1] >> 56; rd[ 2] += o; rd[ 1] = rd[ 1] & 0xffffffffffffff;
-    o = rd[ 2] >> 56; rd[ 3] += o; rd[ 2] = rd[ 2] & 0xffffffffffffff;
-    o = rd[ 3] >> 56; rd[ 4] += o; rd[ 3] = rd[ 3] & 0xffffffffffffff;
-    o = rd[ 4] >> 56; rd[ 5] += o; rd[ 4] = rd[ 4] & 0xffffffffffffff;
-    o = rd[ 5] >> 56; rd[ 6] += o; rd[ 5] = rd[ 5] & 0xffffffffffffff;
-    o = rd[ 6] >> 56; rd[ 7] += o; rd[ 6] = rd[ 6] & 0xffffffffffffff;
-    /* Reduce to mod order. */
-    u = 0;
-    u += (sword64)rd[0] - (sword64)0x078c292ab5844f3L; u >>= 56;
-    u += (sword64)rd[1] - (sword64)0x0c2728dc58f5523L; u >>= 56;
-    u += (sword64)rd[2] - (sword64)0x049aed63690216cL; u >>= 56;
-    u += (sword64)rd[3] - (sword64)0x07cca23e9c44edbL; u >>= 56;
-    u += (sword64)rd[4] - (sword64)0x0ffffffffffffffL; u >>= 56;
-    u += (sword64)rd[5] - (sword64)0x0ffffffffffffffL; u >>= 56;
-    u += (sword64)rd[6] - (sword64)0x0ffffffffffffffL; u >>= 56;
-    u += (sword64)rd[7] - (sword64)0x03fffffffffffffL; u >>= 56;
-    o = (word64)0 - (u >= 0);
-    u = 0;
-    u += (sword64)rd[0] - (sword64)((word64)0x078c292ab5844f3L & o);
-    rd[0] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[1] - (sword64)((word64)0x0c2728dc58f5523L & o);
-    rd[1] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[2] - (sword64)((word64)0x049aed63690216cL & o);
-    rd[2] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[3] - (sword64)((word64)0x07cca23e9c44edbL & o);
-    rd[3] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[4] - (sword64)((word64)0x0ffffffffffffffL & o);
-    rd[4] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[5] - (sword64)((word64)0x0ffffffffffffffL & o);
-    rd[5] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[6] - (sword64)((word64)0x0ffffffffffffffL & o);
-    rd[6] = u & 0xffffffffffffff;
-    u >>= 56;
-    u += (sword64)rd[7] - (sword64)((word64)0x03fffffffffffffL & o);
-    rd[7] = u & 0xffffffffffffff;
-
-    /* Convert to bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    {
-        word64 ow = 0;
-        for (o = 0; o < 56; o += 7) {
-            r[o + 0] = (byte)(rd[ow] >>  0);
-            r[o + 1] = (byte)(rd[ow] >>  8);
-            r[o + 2] = (byte)(rd[ow] >> 16);
-            r[o + 3] = (byte)(rd[ow] >> 24);
-            r[o + 4] = (byte)(rd[ow] >> 32);
-            r[o + 5] = (byte)(rd[ow] >> 40);
-            r[o + 6] = (byte)(rd[ow] >> 48);
-            ow++;
-        }
-        r[56] = 0;
-    }
-#else
-    r[ 0] = (byte)(rd[0 ] >>  0);
-    r[ 1] = (byte)(rd[0 ] >>  8);
-    r[ 2] = (byte)(rd[0 ] >> 16);
-    r[ 3] = (byte)(rd[0 ] >> 24);
-    r[ 4] = (byte)(rd[0 ] >> 32);
-    r[ 5] = (byte)(rd[0 ] >> 40);
-    r[ 6] = (byte)(rd[0 ] >> 48);
-    r[ 7] = (byte)(rd[1 ] >>  0);
-    r[ 8] = (byte)(rd[1 ] >>  8);
-    r[ 9] = (byte)(rd[1 ] >> 16);
-    r[10] = (byte)(rd[1 ] >> 24);
-    r[11] = (byte)(rd[1 ] >> 32);
-    r[12] = (byte)(rd[1 ] >> 40);
-    r[13] = (byte)(rd[1 ] >> 48);
-    r[14] = (byte)(rd[2 ] >>  0);
-    r[15] = (byte)(rd[2 ] >>  8);
-    r[16] = (byte)(rd[2 ] >> 16);
-    r[17] = (byte)(rd[2 ] >> 24);
-    r[18] = (byte)(rd[2 ] >> 32);
-    r[19] = (byte)(rd[2 ] >> 40);
-    r[20] = (byte)(rd[2 ] >> 48);
-    r[21] = (byte)(rd[3 ] >>  0);
-    r[22] = (byte)(rd[3 ] >>  8);
-    r[23] = (byte)(rd[3 ] >> 16);
-    r[24] = (byte)(rd[3 ] >> 24);
-    r[25] = (byte)(rd[3 ] >> 32);
-    r[26] = (byte)(rd[3 ] >> 40);
-    r[27] = (byte)(rd[3 ] >> 48);
-    r[28] = (byte)(rd[4 ] >>  0);
-    r[29] = (byte)(rd[4 ] >>  8);
-    r[30] = (byte)(rd[4 ] >> 16);
-    r[31] = (byte)(rd[4 ] >> 24);
-    r[32] = (byte)(rd[4 ] >> 32);
-    r[33] = (byte)(rd[4 ] >> 40);
-    r[34] = (byte)(rd[4 ] >> 48);
-    r[35] = (byte)(rd[5 ] >>  0);
-    r[36] = (byte)(rd[5 ] >>  8);
-    r[37] = (byte)(rd[5 ] >> 16);
-    r[38] = (byte)(rd[5 ] >> 24);
-    r[39] = (byte)(rd[5 ] >> 32);
-    r[40] = (byte)(rd[5 ] >> 40);
-    r[41] = (byte)(rd[5 ] >> 48);
-    r[42] = (byte)(rd[6 ] >>  0);
-    r[43] = (byte)(rd[6 ] >>  8);
-    r[44] = (byte)(rd[6 ] >> 16);
-    r[45] = (byte)(rd[6 ] >> 24);
-    r[46] = (byte)(rd[6 ] >> 32);
-    r[47] = (byte)(rd[6 ] >> 40);
-    r[48] = (byte)(rd[6 ] >> 48);
-    r[49] = (byte)(rd[7 ] >>  0);
-    r[50] = (byte)(rd[7 ] >>  8);
-    r[51] = (byte)(rd[7 ] >> 16);
-    r[52] = (byte)(rd[7 ] >> 24);
-    r[53] = (byte)(rd[7 ] >> 32);
-    r[54] = (byte)(rd[7 ] >> 40);
-    r[55] = (byte)(rd[7 ] >> 48);
-    r[56] = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-}
-
-/* Precomputed multiples of the base point. */
-static const ge448_precomp base[58][8] = {
-{
-    {
-        { 0x26a82bc70cc05eL, 0x80e18b00938e26L, 0xf72ab66511433bL,
-          0xa3d3a46412ae1aL, 0x0f1767ea6de324L, 0x36da9e14657047L,
-          0xed221d15a622bfL, 0x4f1970c66bed0dL },
-        { 0x08795bf230fa14L, 0x132c4ed7c8ad98L, 0x1ce67c39c4fdbdL,
-          0x05a0c2d73ad3ffL, 0xa3984087789c1eL, 0xc7624bea73736cL,
-          0x248876203756c9L, 0x693f46716eb6bcL }
-    },
-    {
-        { 0x55555555555555L, 0x55555555555555L, 0x55555555555555L,
-          0x55555555555555L, 0xaaaaaaaaaaaaa9L, 0xaaaaaaaaaaaaaaL,
-          0xaaaaaaaaaaaaaaL, 0xaaaaaaaaaaaaaaL },
-        { 0xeafbcdea9386edL, 0xb2bed1cda06bdaL, 0x833a2a3098bbbcL,
-          0x8ad8c4b80d6565L, 0x884dd7b7e36d72L, 0xc2b0036ed7a035L,
-          0x8db359d6205086L, 0xae05e9634ad704L }
-    },
-    {
-        { 0x28173286ff2f8fL, 0xb769465da85757L, 0xf7f6271fd6e862L,
-          0x4a3fcfe8daa9cbL, 0xda82c7e2ba077aL, 0x943332241b8b8cL,
-          0x6455bd64316cb6L, 0x0865886b9108afL },
-        { 0x22ac13588ed6fcL, 0x9a68fed02dafb8L, 0x1bdb6767f0bffaL,
-          0xec4e1d58bb3a33L, 0x56c3b9fce43c82L, 0xa6449a4a8d9523L,
-          0xf706cbda7ad43aL, 0xe005a8dbd5125cL }
-    },
-    {
-        { 0xce42ac48ba7f30L, 0xe1798949e120e2L, 0xf1515dd8ba21aeL,
-          0x70c74cc301b7bdL, 0x0891c693fda4beL, 0x29ea255a09cf4eL,
-          0x2c1419a17226f9L, 0x49dcbc5c6c0cceL },
-        { 0xe236f86de51839L, 0x44285d0d4f5b32L, 0x7ea1ca9472b5d4L,
-          0x7b8a5bc1c0d8f9L, 0x57d845c90dc322L, 0x1b979cb7c02f04L,
-          0x27164b33a5de02L, 0xd49077e4accde5L }
-    },
-    {
-        { 0xa99d1092030034L, 0x2d8cefc6f950d0L, 0x7a920c3c96f07bL,
-          0x958812808bc0d5L, 0x62ada756d761e8L, 0x0def80cbcf7285L,
-          0x0e2ba7601eedb5L, 0x7a9f9335a48dcbL },
-        { 0xb4731472f435ebL, 0x5512881f225443L, 0xee59d2b33c5840L,
-          0xb698017127d7a4L, 0xb18fced86551f7L, 0x0ade260ca1823aL,
-          0xd3b9109ce4fd58L, 0xadfd751a2517edL }
-    },
-    {
-        { 0x7fd7652abef79cL, 0x6c20a07443a878L, 0x5c1840d12a7109L,
-          0x4a06e4a876451cL, 0x3bed0b4ad95f65L, 0x25d2e673fb0260L,
-          0x2e00349aebd971L, 0x54523e04498b72L },
-        { 0xea5d1da07c7bccL, 0xcce776938ea98cL, 0x80284e861d2b3eL,
-          0x48de76b6e1ff1bL, 0x7b121869c58522L, 0xbfd053a2765a1aL,
-          0x2d743ec056c667L, 0x3f99b9cd8ab61cL }
-    },
-    {
-        { 0xdf9567ceb5eaf7L, 0x110a6b478ac7d7L, 0x2d335014706e0bL,
-          0x0df9c7b0b5a209L, 0xba4223d568e684L, 0xd78af2d8c3719bL,
-          0x77467b9a5291b6L, 0x079748e5c89befL },
-        { 0xe20d3fadac377fL, 0x34e866972b5c09L, 0xd8687a3c40bbb7L,
-          0x7b3946fd2f84c9L, 0xd00e40ca78f50eL, 0xb87594417e7179L,
-          0x9c7373bcb23583L, 0x7ddeda3c90fd69L }
-    },
-    {
-        { 0x2538a67153bde0L, 0x223aca9406b696L, 0xf9080dc1ad713eL,
-          0x6c4cb47d816a64L, 0xbc285685dc8b97L, 0xd97b037c08e2d7L,
-          0x5b63fb45d0e66bL, 0xd1f1bc5520e8a3L },
-        { 0x4eb873ce69e09bL, 0x1663164bc8ee45L, 0x08f7003ba8d89fL,
-          0x4b98ead386ad82L, 0xa4b93b7bd94c7bL, 0x46ba408c6b38b3L,
-          0xdae87d1f3574ffL, 0xc7564f4e9bea9bL }
-    },
-},
-{
-    {
-        { 0x2e4fdb25bfac1cL, 0xf0d79aaf5f3bcaL, 0xe756b0d20fb7ccL,
-          0xe3696beb39609aL, 0xa019fc35a5ab58L, 0xa2b24853b281ddL,
-          0xe3e2be761ac0a2L, 0xf19c34feb56730L },
-        { 0x2d25ce8a30241eL, 0xf5661eab73d7a1L, 0x4611ed0daac9f4L,
-          0xd5442344ced72cL, 0xce78f52e92e985L, 0x6fe5dd44da4aadL,
-          0xfcaddc61d363ceL, 0x3beb69cc9111bfL }
-    },
-    {
-        { 0xd2e7660940ebc9L, 0xe032018b17bbe0L, 0xad4939175c0575L,
-          0xdd0b14721c7f34L, 0x52c2ba43e147e0L, 0x7dd03c60ee8973L,
-          0x5472e8decf2754L, 0x17a1cd1d6482bbL },
-        { 0xdd43b848128b3fL, 0xf0cae34ea7dd25L, 0x81ca99fff07df2L,
-          0x1c8959792ebbdcL, 0x45c7a6872155e6L, 0x907a50e39ddd08L,
-          0xbe398c2bb2d89bL, 0x38063f91b3b536L }
-    },
-    {
-        { 0x149fafbf843b23L, 0x00ab582ac7f22aL, 0xa3b981bf2f4d4cL,
-          0x2ce1a654341a22L, 0x68a40747c03b63L, 0x63206a212f2cf8L,
-          0xc9961d35149741L, 0xfb85430bc7099eL },
-        { 0x9c9107290a9e59L, 0x734e94a06de367L, 0x5cf3cbedb99214L,
-          0xc6bce3245b1fb9L, 0x1a82abedd7be0dL, 0xf74976aede7d1cL,
-          0x7025b7c21503bdL, 0xf7894910d096abL }
-    },
-    {
-        { 0x6bd48bb555a41bL, 0xfbdd0d067de206L, 0x98bc477dd6dfd1L,
-          0x1d0693b3e40b8aL, 0x6e15563da32ae4L, 0x0194a20fcebaa2L,
-          0xda116150980a93L, 0x8e119200109cecL },
-        { 0x8ea0552ffb9726L, 0xeba50a4047e44bL, 0xc050d2460ddf76L,
-          0xe009204ac690e0L, 0x47b86399b18edcL, 0x2f5b76ac77f23fL,
-          0x4296c240792905L, 0x73f6b4a06f6dc7L }
-    },
-    {
-        { 0xb6ef9ea3b10cadL, 0x312843df7c8fceL, 0x5bdcd528bedf86L,
-          0x2889059f6dd823L, 0x04578e908bfde0L, 0x3245df3123e2e5L,
-          0xbf461d57ee9e3aL, 0xddec2d46f94cebL },
-        { 0x21b43b9145768fL, 0xe79a8f9dae962aL, 0xff1972bcbb043fL,
-          0xe3dcf6d239649bL, 0xed592bdc533b85L, 0x14ff94fdbe22d0L,
-          0x6c4eb87f1d8e22L, 0xd8d4c71d18cf6dL }
-    },
-    {
-        { 0xcda666c8d96345L, 0x9ecaa25836cd21L, 0x6e885bd984606eL,
-          0x1dd5fef804f054L, 0x9dfff6b6959ae4L, 0x99b9cf8c9b55ccL,
-          0xb4716b062b9b80L, 0x13ec87c554b128L },
-        { 0xe696d1f75aacc2L, 0xf78c99387fc5ffL, 0x76c09473809d42L,
-          0x99ce62db618fa8L, 0x35e3e022f53341L, 0x62fc1ac0db6c5eL,
-          0xa1fb8e600d8b47L, 0x0bc107058f0d1eL }
-    },
-    {
-        { 0x1f4526916da513L, 0x1f2fc04f5cf341L, 0xae9208664d23e0L,
-          0x4e33082da8a113L, 0x2688ec61cfc085L, 0x6f2e8de6e5327fL,
-          0x2070db3b4e48a8L, 0xd6626973240adeL },
-        { 0xa6b317ffbd997bL, 0x9fa1b5649e26bdL, 0xcbf0d258cba0f3L,
-          0x4a7791b17b4745L, 0x25f555b5c9e190L, 0x7cd3940923ec4cL,
-          0x16f4c6ae98f1b6L, 0x7962116bcd4e0fL }
-    },
-    {
-        { 0x8d58fa302491e3L, 0x7cf76c67ab3898L, 0xbc2f657647ebc7L,
-          0x5f4bfe0d25f5a3L, 0x503f478d69505dL, 0x4a889fc3fb6645L,
-          0x33e1bc1fa86b18L, 0xabb234f5508dd8L },
-        { 0x5348e1b9a05b48L, 0x57ac5f164dc858L, 0x21f4d38ec8a2d3L,
-          0x5ec6d3ca3a3e9dL, 0xcd4062e560a0b8L, 0x49b74f73433f59L,
-          0xefd9d87cab14e3L, 0x858ce7feb964f5L }
-    },
-},
-{
-    {
-        { 0x7577254eb731b4L, 0x9fff1fb4e2397eL, 0x749b145c821715L,
-          0x40619fe2e65e67L, 0x57b82812e618d8L, 0x063186c707b83eL,
-          0xcfc80cb31b24a2L, 0xcca6185ac75169L },
-        { 0x6539f44b255818L, 0x5895da00368bceL, 0x841a30917c7482L,
-          0x85469e1b1a9c9eL, 0x05664c0e4f7d9dL, 0x8a063187b35cc0L,
-          0x214763aa0e9b0aL, 0x1bd872c4b26ac2L }
-    },
-    {
-        { 0x3578f97a93762bL, 0x434f69a72d52bcL, 0xddcca4022cb565L,
-          0xa7d1e41ff20544L, 0x823475d8a66588L, 0x9fc97c799d7bafL,
-          0x15542f1660e421L, 0xa7d1f60843faf6L },
-        { 0xbbfaab54063cccL, 0x3ad9bada49855aL, 0xffd5f1c5bddbfeL,
-          0x0e419c2ae87e59L, 0xdce6ed6f89956bL, 0xf047c21ccd8951L,
-          0x6ed4a1ba83c991L, 0x85af86e2d28e0aL }
-    },
-    {
-        { 0x04433c49ed48a8L, 0xeffa8580bc375dL, 0xfb0e1b2fa6e3b5L,
-          0x51483a2a1aaddaL, 0x733448df8b2ea8L, 0xaa0513cf639f0cL,
-          0x6bc61a3a23bf84L, 0x3e64f68dc2430dL },
-        { 0x51bf502c5876b1L, 0x6b833751c0dd2aL, 0xe597be1342914fL,
-          0x43d5ab0f8e632cL, 0x2696715d62587bL, 0xe87d20aed34f24L,
-          0x25b7e14e18baf7L, 0xf5eb753e22e084L }
-    },
-    {
-        { 0x51da71724d8295L, 0xd478e4318d1340L, 0xacf94f42cf7f66L,
-          0x230d7d13760711L, 0x078a66a5abc626L, 0xd78b0bd6b5f6daL,
-          0x23a971396d1d0bL, 0x87623d64bd960fL },
-        { 0x0841a9977db53fL, 0x23c1a53f4d03eeL, 0x2f62c2e1f95df1L,
-          0xd1e2ec1116f4e7L, 0x896d2fe34811a9L, 0xad65e2bec8096eL,
-          0x09d36f9b1744a6L, 0x564bac7ff5ddf7L }
-    },
-    {
-        { 0x48b41e2c3f77cbL, 0x52276730968938L, 0xff1b899fd9b452L,
-          0x67cf3bf2e03908L, 0x3731d90248a6fbL, 0xd800a05256598fL,
-          0x347d2f2bdc8530L, 0xc72a3007ad08a1L },
-        { 0x5e5be741d65f73L, 0x183d4ae4206eadL, 0xcb50c1cade4013L,
-          0x39db43d3102483L, 0x0eb49fa70d6325L, 0xa18f6a2c1f02b9L,
-          0x3e6fe30dbf5e66L, 0xac4eeb93a82aa5L }
-    },
-    {
-        { 0x295affd3613d47L, 0x7b7e68ab56f343L, 0x980629692b173bL,
-          0x937061ebad35fbL, 0x25019785c21eeaL, 0xe92721b787a746L,
-          0x463c46c3651631L, 0x6da4b5dc6f2d5aL },
-        { 0xcb67cc16e6d18cL, 0x1b30d520010588L, 0x1bb6ea6db1d1e8L,
-          0x9c6308aad11474L, 0xc3167413d19b1cL, 0xf2e84d7be4fb79L,
-          0xeccb873e050f77L, 0xf7c8d80cc2bf86L }
-    },
-    {
-        { 0x16fe2e17ab20e5L, 0x274deadecf3a92L, 0x9f434870972f67L,
-          0x9a65a454605751L, 0x9351f07b8980b2L, 0x412962b0eb08a5L,
-          0xb8c9bfd733f440L, 0xac2cd641ca250fL },
-        { 0x68cdd0f2ba7d26L, 0xd3d2a4a4e0beeaL, 0x50135c19f4a258L,
-          0xb475e53f0d02e4L, 0x432d8c6589283aL, 0x29141bfa0a2b6cL,
-          0xd7379ec13704bcL, 0x831562c52459bfL }
-    },
-    {
-        { 0x676b366eeec506L, 0xdd6cad545da557L, 0x9de39cb77057d2L,
-          0x388c5fedf05bf1L, 0x6e55650dfb1f03L, 0xdbceffa52126c9L,
-          0xe4d187b3a4a220L, 0xac914f9eb27020L },
-        { 0x3f4ab98d2e5f30L, 0x6ae97dadd94451L, 0x64af6950d80981L,
-          0x36b4b90f2aa2ceL, 0x6adcd7a18fcf59L, 0x3ddfe6dc116c81L,
-          0x661072b549b9e3L, 0xd9e3134ec4584dL }
-    },
-},
-{
-    {
-        { 0x6e46707a1e400cL, 0xcdc990b551e806L, 0xfa512513a07724L,
-          0x500553f1b3e4f5L, 0x67e8b58ef4dac3L, 0x958349f2cb4cc7L,
-          0x948b4ed7f9143cL, 0xe646d092b7822bL },
-        { 0xd185dd52bc3c26L, 0x34ba16ec837fc9L, 0x516d4ba5a788b7L,
-          0x72f2de756142b0L, 0x5846f61f445b3dL, 0xdaec5c9f4631a1L,
-          0xa10b18d169ea9bL, 0x85d2998af6751bL }
-    },
-    {
-        { 0xda0cac443ddf31L, 0x0966e171860911L, 0x9c3a7173cba600L,
-          0x5781880571f895L, 0x5e2a927737ac21L, 0x8a461486c253fbL,
-          0xe801cf595ee626L, 0x271166a5f84fc0L },
-        { 0x306937fba856bdL, 0x80cb179be80a43L, 0x70393b2ffb5980L,
-          0xa8e4a1c660fc64L, 0x5078abfc0d5c98L, 0x62ba530fbd31ffL,
-          0xda608449e51b88L, 0xdb6ecb0355ae15L }
-    },
-    {
-        { 0xbcbb6ea23c5d49L, 0x08906ba87959bcL, 0x61cc0880991665L,
-          0x21d6b41d90d13cL, 0x0c27ac1d03afe9L, 0x159995f5cfea52L,
-          0x4057e20bdfe220L, 0xdd1b349cbdf058L },
-        { 0x0cd66262e37159L, 0x8cea8e43eb0d17L, 0x553af085bce7f0L,
-          0xb94cb5f5b6511dL, 0x7b8d3a550e0330L, 0x415911057ab7e7L,
-          0x320820e6aa886fL, 0x130d4d6c5b6b81L }
-    },
-    {
-        { 0x2f98059c7bb2edL, 0x33ebf4ca49bdfbL, 0x04c72a1b0a675bL,
-          0x94f9ea4adb6c14L, 0x03376d8cf728c0L, 0x5c059d34c6eb6aL,
-          0x0178408eb8da48L, 0x8bf607b2956817L },
-        { 0x7ad2822ceb3d28L, 0xd07a40337ae653L, 0xbc68739c1e46b2L,
-          0x15d7cca9154ba9L, 0x6b97103a26617dL, 0xa610314b2e0d28L,
-          0x52a08bafd4d363L, 0x80c2638c7dc2afL }
-    },
-    {
-        { 0x0cde7ef3187140L, 0x93b92ca4b70acdL, 0x5696e507a79cdcL,
-          0x73cc9728eaab66L, 0x6b8c5b68f1b0c7L, 0xb39a3184f7e0b1L,
-          0x72cfb0d376108aL, 0x0c53efc98536a7L },
-        { 0x03b52a824c2f1eL, 0x717132e6399b78L, 0x31ebd25349a85dL,
-          0x265ee811a200d4L, 0x0b1aad2407d7adL, 0x9a9ebc894d2962L,
-          0x994e6cd41171d9L, 0x09178d86c8fa83L }
-    },
-    {
-        { 0x7d1d238a2593a1L, 0x863e93ab38fb19L, 0xd23a4cce7712a9L,
-          0x7477b1327efcd5L, 0x3ba69ff1392f6cL, 0x63e0c32f7bb5a5L,
-          0x20412c0026effdL, 0xd3ee8e4ef424abL },
-        { 0x14c0b2d64e5174L, 0x2a611f2e58c47bL, 0xaa58a06c1e8635L,
-          0x1870c3ecf17034L, 0xb0d5e3483f1bf3L, 0xb19905c16c7eb3L,
-          0xbf85d626efa4caL, 0xfd16b2f180f92bL }
-    },
-    {
-        { 0xc0431af3adcb48L, 0xc9a7a8dba90496L, 0xd765a163895294L,
-          0xb02a41a551de70L, 0xb71b261749b8a1L, 0x0dfa89ec6f3e47L,
-          0x392c0d80f5d9ceL, 0x43c59d831aee3cL },
-        { 0x94bfb6d4d76f49L, 0xe8f5b8227d68a5L, 0x78ae1d9630fd08L,
-          0x1379029ce1bdaeL, 0x9689da066715dcL, 0x5d4cb24d3278c7L,
-          0x77c98339e84fbcL, 0xc8478dcea1048cL }
-    },
-    {
-        { 0xe4b8f31770d2baL, 0x744f65242ea095L, 0xd06e090036f138L,
-          0xd3a3d5b3b078caL, 0xc7ae54178b8417L, 0xad6c5d4c738fd7L,
-          0x61789844676454L, 0xfbf34235d9a392L },
-        { 0x8e451a7fff772fL, 0x8605bb75ffbeadL, 0x6f75cc1930d59fL,
-          0xd4f47558f3f460L, 0xefd2d796700c8aL, 0xceb462a2406421L,
-          0x8ed0f979dfe8f1L, 0x0280bf1d1d7600L }
-    },
-},
-{
-    {
-        { 0x761c219dd9a54dL, 0x1127fcb86a39c0L, 0x7d0e4f04c9beddL,
-          0x27c017a4d976b6L, 0x800c973da042cfL, 0xe7419af2593f11L,
-          0xbd49448ae67960L, 0xd3b60b7744fd85L },
-        { 0x5e74ed961676feL, 0x7383ef339af627L, 0x34407e05e62df7L,
-          0xb0534618bf3196L, 0xd6b7184583b407L, 0xe3d068555011beL,
-          0x94083d02124b52L, 0xa908324f780aafL }
-    },
-    {
-        { 0xb27af1a73ec9c3L, 0xb66ad9f70fa725L, 0x07724f58cf73e4L,
-          0xc3fcd579949358L, 0x06efb79da0cc01L, 0x1e977d210597c9L,
-          0xcd732be703e8d6L, 0x6fd29bf6d0b69eL },
-        { 0xca658ac667128eL, 0xca0036ac7872b3L, 0xc9698585355837L,
-          0x59f3be8075cf1cL, 0x9f1b9b03809a11L, 0x6881ced9733871L,
-          0x8cda0fbe902a5fL, 0x4d8c69b4e3871eL }
-    },
-    {
-        { 0x5c3bd07ddee82fL, 0xe52dd312f9723bL, 0xcf8761174f1be8L,
-          0xd9ecbd835f8657L, 0x4f77393fbfea17L, 0xec9579fd78fe2cL,
-          0x320de920fb0450L, 0xbfc9b8d95d9c47L },
-        { 0x818bd425e1b4c3L, 0x0e0c41c40e2c78L, 0x0f7ce9abccb0d0L,
-          0xc7e9fa45ef81fbL, 0x2561d6f73574adL, 0xa2d8d99d2efb0bL,
-          0xcf8f316e96cd0aL, 0x088f0f14964807L }
-    },
-    {
-        { 0x0a8498945d5a19L, 0x47ab39c6c2131fL, 0x5c02824f3fc35dL,
-          0x3be77c89ee8127L, 0xa8491b7c90b80aL, 0x5397631a28aa93L,
-          0x54d6e816c0b344L, 0x22878be876d0e4L },
-        { 0xeecb8a46db3bf6L, 0x340f29554577a3L, 0xa7798689a00f85L,
-          0x98465d74bb9147L, 0x9532d7dda3c736L, 0x6d574f17504b20L,
-          0x6e356f4d86e435L, 0x70c2e8d4533887L }
-    },
-    {
-        { 0xdce5a0ad293980L, 0x32d7210069010eL, 0x64af59f06deaaaL,
-          0xd6b43c459239e4L, 0x74bf2559199c29L, 0x3efff4111e1e2bL,
-          0x1aa7b5ecb0f8d8L, 0x9baa22b989e395L },
-        { 0xf78db807b33ac1L, 0x05a3b4354ce80aL, 0x371defc7bc8e12L,
-          0x63305a01224610L, 0x028b1ae6d697efL, 0x7aba39c1cd8051L,
-          0x76ed7a928ee4b4L, 0x31bd02a7f99901L }
-    },
-    {
-        { 0xf9dab7af075566L, 0x84e29a5f56f18bL, 0x3a4c45af64e56dL,
-          0xcf3644a6a7302dL, 0xfb40808156b658L, 0xf33ef9cf96be52L,
-          0xfe92038caa2f08L, 0xcfaf2e3b261894L },
-        { 0xf2a0dbc224ce3fL, 0xed05009592eb27L, 0x501743f95889d0L,
-          0xa88a47877c95c2L, 0x86755fbdd63da9L, 0x9024acfc7ee828L,
-          0x634b020f38113bL, 0x3c5aacc6056e64L }
-    },
-    {
-        { 0xe03ff3aa2ef760L, 0x3b95767b1c3bacL, 0x51ce6aa940d754L,
-          0x7cbac3f47a9a3dL, 0xa864ac434f8d1aL, 0x1eff3f280dbd47L,
-          0xd8ab6607ebd5caL, 0xc4df5c405b07edL },
-        { 0x3dc92dfa4f095bL, 0x5ae36a57cdbd9aL, 0x7ff29737891e04L,
-          0x37c03130a5fe7bL, 0x210d7b0aa6e35eL, 0x6edfb53bf200d8L,
-          0x787b68d84afb85L, 0x9b5c49b72c6de3L }
-    },
-    {
-        { 0x51857164010f4eL, 0xe0b144b0536ebeL, 0xacabb14887d663L,
-          0xac1caededf584fL, 0xb43fb8faf175a3L, 0x310b6d5f992a3cL,
-          0xf2c4aa285178a4L, 0x69c99698bd56bfL },
-        { 0x73d6372a4d972eL, 0x3d5bb2e9583803L, 0x7bf7d18d891581L,
-          0xa5ce5d7568a34aL, 0x670b4331f45c81L, 0x97265a71f96910L,
-          0xdb14eb3b07c1eaL, 0xdf008eafed447cL }
-    },
-},
-{
-    {
-        { 0x0379f5a00c2f10L, 0xb320b4fd350285L, 0x74e560e8efdd7dL,
-          0xf2f017ef46a140L, 0x2ced1a60f34624L, 0x7c4b4e3ca08ec9L,
-          0xdffc2a15d8bc6bL, 0xcc8f3f3527b007L },
-        { 0x59f8ac4861fe83L, 0x8d48d2cd03144cL, 0xa8457d2bfa6dceL,
-          0xd7ed333677c136L, 0xcb8e219c228e18L, 0x5f70bc916ab1e4L,
-          0x2ae3a3d3780370L, 0x9f3365488f17adL }
-    },
-    {
-        { 0xeab0710960e4bbL, 0xc668a78ab9cfd3L, 0x2e85553b0ef946L,
-          0xa43c4b98df5df3L, 0x0ecd5593cb3646L, 0x6f543c418dbe71L,
-          0xee7edaaf59818bL, 0xc44e8d290911c1L },
-        { 0xafb38b1269b509L, 0x9e2737c52afe2cL, 0x5b2ef02ccfa664L,
-          0x1e0aeace1cc58bL, 0x37a57e95ea134eL, 0xc9c465a83b9fc2L,
-          0x4b9e8c76e3eccaL, 0xca07dbe9bdbab5L }
-    },
-    {
-        { 0xd297f3cb0d7807L, 0xee441a5f59ce61L, 0x728553bb2db844L,
-          0x90f87e5640e9e0L, 0xaa72cbfcb76dffL, 0x065c6864012d57L,
-          0xd5ee88f9678b44L, 0x3d74b852177603L },
-        { 0x3f9c947748b68eL, 0x03856d98f44d44L, 0xde34b84462426cL,
-          0xc16d1bb845ab29L, 0x9df6217d2e18deL, 0xec6d219b154643L,
-          0x22a8ec32ee0f8fL, 0x632ad3891c5175L }
-    },
-    {
-        { 0x19d9d236869267L, 0x628df94fe5532aL, 0x458d76c6dc9a01L,
-          0x405fe6c2cc39c8L, 0x7dddc67f3a04baL, 0xfee630312500c7L,
-          0x580b6f0a50e9deL, 0xfb5918a6090604L },
-        { 0xd7159253af6b2dL, 0x83d62d61c7d1ecL, 0x94398c185858c4L,
-          0x94643dc14bfb64L, 0x758fa38af7db80L, 0xe2d7d93a8a1557L,
-          0xa569e853562af1L, 0xd226bdd84346aaL }
-    },
-    {
-        { 0xc2d0a5ed0ccd20L, 0xeb9adb85dbc0cfL, 0xe0a29ee26d7e88L,
-          0x8bb39f884a8e98L, 0x511f1c137396eaL, 0xbc9ec5ac8b2fb3L,
-          0x299d81c090e5bcL, 0xe1dfe344cdd587L },
-        { 0x80f61f45e465b7L, 0x5699c531bad59eL, 0x85e92e4b79ff92L,
-          0x1e64fce9db244cL, 0x3748574a22097dL, 0xe2aa6b9efff24eL,
-          0xb951be70a10bc6L, 0x66853269067a1cL }
-    },
-    {
-        { 0xf716ddfa6114d3L, 0x9e515f5037ec1fL, 0x773454144944a6L,
-          0x1540c4caba97ccL, 0xe41e5488b54bb7L, 0x4363156cae37bcL,
-          0xc384eaff3d2ce8L, 0x72a4f454c58ba4L },
-        { 0x0ceb530dcaf3fcL, 0x72d536578dcdbbL, 0x9b44084c6320faL,
-          0x6262d34eb74c70L, 0x8abac85608e6dcL, 0x82a526410dd38dL,
-          0xbc39911a819b8dL, 0xbda15fe03ad0d9L }
-    },
-    {
-        { 0xadbf587f9dc60bL, 0xf9d814f7d846d2L, 0xccdd241b77bde0L,
-          0x89cb6d72242f50L, 0x95c0e3ee6360a8L, 0x7c7dd5adf49713L,
-          0x68e0e4957d5814L, 0x3aa097d0c16571L },
-        { 0xb56b672267d03aL, 0x4f557088c44af4L, 0x67c49e7f3252a5L,
-          0x871d6cfc94a469L, 0x57ae99801fbfaaL, 0x5c0e48f48a5d8eL,
-          0xe9bf9c85e240b9L, 0xa41018999d41caL }
-    },
-    {
-        { 0x6beb0c7b2889b4L, 0x78b7f899455370L, 0xd43421447ca364L,
-          0xdd9d2da9f21e5bL, 0xa0c7c180a7e4aaL, 0x022c0d4da1660cL,
-          0xe1f5c165a57002L, 0x51c7c9e518f68fL },
-        { 0x6d521b62586502L, 0xa0f2cb3183ec1bL, 0x578b4e0caa5e16L,
-          0x7bd4fbd764997fL, 0x7ec56c364b1804L, 0xb75a2540ee08e4L,
-          0x6bf74a6dc19080L, 0x6ec793d97d6e59L }
-    },
-},
-{
-    {
-        { 0x16789d60a4beb9L, 0x512b2cd9b9c801L, 0xf8b6d108c7bb9cL,
-          0xd85651e9ebdc8cL, 0xc9450829ba971aL, 0x852d9ea7e1cf78L,
-          0x6a45e350af01e2L, 0xe6cdadf6151dcfL },
-        { 0xc454bb42b8c01bL, 0x59e0c493d54cd2L, 0x8e1e686454d608L,
-          0x0dbae4bd8c6103L, 0xa5603a16c18b18L, 0x227a6b23369093L,
-          0xf1e89295f3de1cL, 0x42f0b588ab63c5L }
-    },
-    {
-        { 0xf1974cc5b596d8L, 0xee8093f44719f0L, 0x40ba933f6f5b54L,
-          0xd6e53652f3d654L, 0x9aeb83526d73b8L, 0x50ed5350776382L,
-          0x3be47d6ad43875L, 0x21d56dfc786e48L },
-        { 0x8a75e18b73bb39L, 0x9eba84cf265a78L, 0x7c02a4d2e772e7L,
-          0xf7df6d44c1ecd2L, 0xa8d9ea06cef71bL, 0x86e8f91cae3b68L,
-          0x2fd141199efefaL, 0x0b36ab2214e6f6L }
-    },
-    {
-        { 0xd79065cbdce61cL, 0xcb562ffdecb229L, 0xef5d3d14600849L,
-          0x348b31b1d23ac8L, 0xb2ea69915c36b8L, 0x268683d4822836L,
-          0x083edbec6f0b7dL, 0xaf4f39d1a7821cL },
-        { 0x23be6e84e64841L, 0xe9e246365bf791L, 0xa3208ac02bfd7cL,
-          0x231989cd01357dL, 0x79b8aad6422ab4L, 0x57d2b7e91b8564L,
-          0x28ebbcc8c04421L, 0xdc787d87d09c05L }
-    },
-    {
-        { 0xeb99f626c7bed5L, 0x326b15f39cd0e8L, 0xd9d53dcd860615L,
-          0xdf636e71bf4205L, 0x1eaa0bf0752209L, 0x17ce69a4744abbL,
-          0x474572df3ea2fbL, 0xc4f6f73224a7f3L },
-        { 0x7ed86ad63081b4L, 0xcd4cdc74a20afbL, 0x7563831b301b2eL,
-          0x5b4d2b1e038699L, 0xa15d1fa802a15fL, 0x6687aaf13e9172L,
-          0x3eccd36ba6da90L, 0x34e829d7474e83L }
-    },
-    {
-        { 0x4cea19b19c9b27L, 0xa14c37a5f52523L, 0x248b16d726625cL,
-          0x8c40f9f6cabc21L, 0x918470c32a5c65L, 0x314056b2a98d5bL,
-          0x6c974cf34a0714L, 0x0c8f8a94f6314aL },
-        { 0x484455770bccfdL, 0xf5835db740c9fdL, 0x12e59b5a21407cL,
-          0xbe338e0db1689dL, 0x5a50ce9dd5e915L, 0xb1780e9ef99f39L,
-          0x1262b55ee4d833L, 0x4be3f2289c5340L }
-    },
-    {
-        { 0xbb99b906c4b858L, 0xa7724d1550ca53L, 0x7d31f5a826962eL,
-          0xf239322a5804daL, 0x3e113200275048L, 0xcbb1bb83ee4cb6L,
-          0xdb865251331191L, 0xb7caf9e7d1d903L },
-        { 0x06e3b0577d7a9dL, 0x7a132b0b3bbbf5L, 0xd61fbc57c50575L,
-          0x393f712af4b646L, 0xef77972cb7efe9L, 0x20e6d5d5ea4995L,
-          0x0ac23d4fbbe4c6L, 0x8456617c807f2aL }
-    },
-    {
-        { 0x4995fb35396143L, 0xa8b4bd1b99dc46L, 0x2293e8e4150064L,
-          0x2f77d4922a3545L, 0xe866b03b2192c4L, 0x58b01f05e0aa38L,
-          0xe406b232ed246bL, 0x447edb3ed60974L },
-        { 0xf541b338869703L, 0x6959fe0383420aL, 0xd6b39db4be4e48L,
-          0x048f3b4b5714efL, 0x68b49685d9e4b8L, 0xbda8e6c2177963L,
-          0x5094e35c4211feL, 0xea591c32d46d1aL }
-    },
-    {
-        { 0x3a768ff2fef780L, 0x4218d2832970c6L, 0xce598e4ec6da17L,
-          0xf675645fbb126aL, 0xb04c23f0427617L, 0xc9f93fbe4fce74L,
-          0x44a414b3c91b00L, 0x4d982f31d3b3ccL },
-        { 0xb1d40e8b24cce0L, 0x5a21c07133e73dL, 0x6e9358e0bb589dL,
-          0x39cfb172399844L, 0x83f7647166080eL, 0xcfe7bf8450b468L,
-          0x2a288f71e8434fL, 0xd39f1e521a81e3L }
-    },
-},
-{
-    {
-        { 0x78c6f13528af6fL, 0x0001fe294b74d9L, 0xae7742501aab44L,
-          0x7cbe937ef0039cL, 0xaf3e4f00fa2a67L, 0xe28175fda1378eL,
-          0x72adeed8ccd90eL, 0x16a8ce100af22fL },
-        { 0x69fae17cbf63ddL, 0x67861729e39e26L, 0xe92b3d5f827a18L,
-          0x4d75e418403682L, 0x01a4fd99056a79L, 0x89efb2d20008f5L,
-          0xa2f6918b78ff15L, 0xf41c870a3437f5L }
-    },
-    {
-        { 0xc840ae57be353cL, 0x465a5eb3fb2691L, 0x34a89f07eba833L,
-          0xf620896013346eL, 0x563b5f0e875df2L, 0x5f7fc8bfbc44ceL,
-          0x22fcb5acfedf9dL, 0x7cf68d47dc691bL },
-        { 0x37f7c2d76a103fL, 0x728a128fd87b7dL, 0x7db2ad8ccf2132L,
-          0xa4c13feb100e63L, 0xcd28a517b511d5L, 0xb910280721ca5cL,
-          0xec1305fd84bd52L, 0xb9646422729791L }
-    },
-    {
-        { 0x83fccdf5bc7462L, 0x01f3ddad6f012fL, 0x57f11713a6a87cL,
-          0xedb47ceff403acL, 0x6c184e5baab073L, 0x5b17c7d6f0d6a1L,
-          0x45a4c4f3ef2c91L, 0x26c3f7e86a8f41L },
-        { 0x81a6db0b646514L, 0xf84059fca8b9aeL, 0xd73dab69f02305L,
-          0x0de3faec4b7c6cL, 0x18abb88696df2fL, 0x45dd1b975d7740L,
-          0x3aeccc69ee35bcL, 0x478252eb029f88L }
-    },
-    {
-        { 0x66bf85b8b2ce15L, 0x1175425335709dL, 0x00169ef8123874L,
-          0xfd3c18c9b89868L, 0xb3612f9775204eL, 0x4b8d09dc2cd510L,
-          0xafa12e614559adL, 0x1ddaa889657493L },
-        { 0x87d700b1e77a08L, 0xaf4cf2f14d2e71L, 0xe00835dbf90c94L,
-          0xb16a6ec6dc8429L, 0x02a7210f8a4d92L, 0x5a5ab403d0c48dL,
-          0x0052b3ab5b9beaL, 0x6242739e138f89L }
-    },
-    {
-        { 0x7c215d316b2819L, 0xdacb65efeb9d7aL, 0xc3c569ed833423L,
-          0xbc08435886a058L, 0x132c4db7e5cb61L, 0x6373a279422affL,
-          0x43b9d7efca9fc4L, 0xe3319a5dbe465fL },
-        { 0x51d36870b39da7L, 0xcb6d7984b75492L, 0x77eb272eadd87aL,
-          0xf2fb47de0d3f6cL, 0x807fd86f9f791cL, 0xf01086b975e885L,
-          0xf9314b5b6a3604L, 0x8cd453867be852L }
-    },
-    {
-        { 0x7c1e6b3858f79bL, 0xf0477c4938caf9L, 0xb311bbf3e88c44L,
-          0x9234c091e3a3c1L, 0x531af2b95a1d4dL, 0xf3cc969b8d1c64L,
-          0x6f3c328b51e78dL, 0x5a1bd6c34e8881L },
-        { 0x2e312393a9336fL, 0x020f0cc5ced897L, 0x4b45d7b5fab121L,
-          0x8068b1c1841210L, 0x1bd85fc8349170L, 0xfe816d80f97fe5L,
-          0x108981814b84fcL, 0x1d4fabbb93cd48L }
-    },
-    {
-        { 0x1f11d45aef599eL, 0x8d91243b09c58aL, 0xd2eec7bd08c3c3L,
-          0x5a6039b3b02793L, 0xb27fed58fb2c00L, 0xb5de44de8acf5eL,
-          0x2c3e0cd6e6c698L, 0x2f96ed4777180dL },
-        { 0x67de8bf96d0e36L, 0xd36a2b6c9b6d65L, 0x8df5d37637d59cL,
-          0x951899fc8d9878L, 0x0fa090db13fcf8L, 0xa5270811f5c7b4L,
-          0x56a6560513a37aL, 0xc6f553014dc1feL }
-    },
-    {
-        { 0x7f6def794945d6L, 0x2f52fe38cc8832L, 0x0228ad9a812ff5L,
-          0xcd282e5bb8478aL, 0xa0bc9afbe91b07L, 0x0360cdc11165e2L,
-          0xb5240fd7b857e4L, 0x67f1665fa36b08L },
-        { 0x84ce588ad2c93fL, 0x94db722e8ff4c0L, 0xad2edbb489c8a3L,
-          0x6b2d5b87e5f278L, 0x0265e58d1d0798L, 0xd2c9f264c5589eL,
-          0xde81f094e4074dL, 0xc539595303089fL }
-    },
-},
-{
-    {
-        { 0x183492f83e882cL, 0x4d58203b5e6c12L, 0x1ac96c3efec20bL,
-          0xabd5a5be1cd15eL, 0x7e1e242cbbb14bL, 0x9f03f45d0543b3L,
-          0xc94bc47d678158L, 0x7917be0a446cadL },
-        { 0x53f2be29b37394L, 0x0cb0a6c064cc76L, 0x3a857bcfba3da3L,
-          0xac86bc580fcb49L, 0x9d5336e30ab146L, 0xafb093d5bc1270L,
-          0x996689de5c3b6eL, 0x55189faea076baL }
-    },
-    {
-        { 0x99ef986646ce03L, 0xa155f8130e6100L, 0x75bef1729b6b07L,
-          0xc46f08e1de077bL, 0xf52fdc57ed0526L, 0xe09d98961a299aL,
-          0x95273297b8e93aL, 0x11255b50acd185L },
-        { 0x57919db4a6acddL, 0x708a5784451d74L, 0x5b0bd01283f7b3L,
-          0xe82f40cc3d9260L, 0x2ab96ec82bbdc2L, 0x921f680c164d87L,
-          0xf0f7883c17a6a9L, 0xc366478382a001L }
-    },
-    {
-        { 0x5c9aa072e40791L, 0xf0b72d6a0776bfL, 0x445f9b2eaa50dcL,
-          0xa929fa96bda47fL, 0x539dc713bbfc49L, 0x4f16dd0006a78bL,
-          0x331ba3deef39c7L, 0xbfa0a24c34157cL },
-        { 0x0220beb6a3b482L, 0x3164d4d6c43885L, 0xa03bb5dacdea23L,
-          0xd6b8b5a9d8f450L, 0xd218e65bd208feL, 0x43948ed35c476fL,
-          0x29a0dd80a2ed2bL, 0xa6ccf3325295b7L }
-    },
-    {
-        { 0xf68f15fac38939L, 0xb3dd5a2f8010c1L, 0xf7ac290a35f141L,
-          0xdc8f3b27388574L, 0x7ec3de1e95fed2L, 0xc625451257ac7dL,
-          0x66fc33e664e55aL, 0xd3968d34832ba5L },
-        { 0x980291bc026448L, 0xfcb212524da4a5L, 0xbca7df4827a360L,
-          0xfcc395c85ca63bL, 0xcf566ec8e9f733L, 0x835ee9bd465f70L,
-          0xe66d111372f916L, 0xc066cf904d9211L }
-    },
-    {
-        { 0xb9763a38b48818L, 0xa6d23cc4288f96L, 0xe27fcf5ed3a229L,
-          0x6aebf9cabaff00L, 0xf3375038131cd1L, 0x13ad41dffabd58L,
-          0x1bee6af861c83bL, 0x274fe969c142e7L },
-        { 0x70ebcc99b84b5bL, 0xe1a57d78191cfcL, 0x46ccd06cbf00b8L,
-          0xc233e8eefe402dL, 0xb4ab215beebeb3L, 0xb7424eabd14e7bL,
-          0x351259aa679578L, 0x6d6d01e471d684L }
-    },
-    {
-        { 0x755c465815ae38L, 0xadc3e85611db56L, 0x633999b188dd50L,
-          0xfdf7509c12d907L, 0x25bcfde238b6afL, 0x50d705d397f5e7L,
-          0xb65f60b944c974L, 0x8867fc327ac325L },
-        { 0x2edc4413763effL, 0x892c0b3341fb63L, 0xb34b83ab3a7f28L,
-          0x9aa106d15c2f18L, 0x720bbc61bb2277L, 0x637f72a5cfaefdL,
-          0xf57db6ef43e565L, 0xceb7c67b58e772L }
-    },
-    {
-        { 0x2793da56ecc1deL, 0x4e1097438f31b2L, 0x4229b4f8781267L,
-          0xe5d2272dec04a1L, 0x6abb463ec17cffL, 0x28aaa7e0cbb048L,
-          0x41dc081d22ef85L, 0xcbc361e5e63d0fL },
-        { 0xb78aafcad5dbaaL, 0x0111505fc1edc3L, 0x63ed66d92c7bfaL,
-          0x2982284e468919L, 0x30f1f21b8c0d8cL, 0xf0567472685093L,
-          0x0e085b6f03dd0fL, 0xa8c8db85581e66L }
-    },
-    {
-        { 0x42009a6264ad0cL, 0x13bf2b8593bef4L, 0x1d111905d4e8b1L,
-          0xfe3e940ef7bddcL, 0xa012275624e62cL, 0xcb659241d6d3ccL,
-          0xc7bcc70edb7ab6L, 0xff9fafbb750b1cL },
-        { 0xf65df297fea84bL, 0x17c84a890b0e02L, 0xa92a859301e821L,
-          0xbee8cb2fb480d1L, 0x7010b8c59c604eL, 0x47bf3f4e803c43L,
-          0xd64514247b3fffL, 0xc4c5dcb9f0da13L }
-    },
-},
-{
-    {
-        { 0x8af700cb5253b3L, 0x31ca605206957aL, 0x25744393eafdcdL,
-          0x2ba5ae1d3ae15eL, 0x710b7385b82579L, 0x145ab57112b95aL,
-          0x4b133a038c55c5L, 0xf7559c92a16fefL },
-        { 0x70c3e68d9ba896L, 0x475dd32c33d07aL, 0xe084e473a41e40L,
-          0xddc9382fd2e706L, 0x34b727579510bdL, 0x5e78a69a5f901eL,
-          0x429dfd7dcfb823L, 0x1d9dc18014f0a3L }
-    },
-    {
-        { 0x364fcdfaf403d7L, 0xd9ea4ffb7d7b34L, 0x21a3426cbb1dacL,
-          0xfa51052143b4f5L, 0x2bca0736df2409L, 0x7e6985a8ad7285L,
-          0x3a1a9d04aaa27fL, 0x1a815e19fc0c6cL },
-        { 0xfab6147bb65bb3L, 0xa36dc0d33ced0bL, 0x26a88592062d78L,
-          0x343861728a5fb7L, 0xe82da254ebb1adL, 0x70f5071d05aa11L,
-          0x0b7f847adaac48L, 0xeb812bc93cb269L }
-    },
-    {
-        { 0xcb317ccf7cacccL, 0xd3410d9cf85098L, 0xca68c8d7f078d7L,
-          0xfe9e812b782efcL, 0x32e7c0f5f544b5L, 0x44fe95a3a7b7f2L,
-          0xf4f1543e91327bL, 0x27d118d76645edL },
-        { 0x690547cd7abc2cL, 0xf64680fb53c8afL, 0xbe0cbe079ea989L,
-          0x6cf0ccea91af28L, 0xa3b85a29daa2f9L, 0xd4b663c91faed0L,
-          0x782c7b7a8b20baL, 0xf494fafb8d98ceL }
-    },
-    {
-        { 0x080c0d7002f55aL, 0xf4f8f142d6d9ddL, 0xb326229382f025L,
-          0x58fd0b5ad28c20L, 0x704b9928d06a15L, 0xf4545d97fbd8e4L,
-          0xc32fa63ed55581L, 0x3ab793601ac0fdL },
-        { 0x13ece526099fd1L, 0x776dba89c79178L, 0x8d28212ce26c45L,
-          0x09fddaf60d739cL, 0xf9931eda84826eL, 0x6e73d90b29439eL,
-          0x94cfefc9095e61L, 0x3050d16802f474L }
-    },
-    {
-        { 0x0898f8f9f6394bL, 0x48b8cea88b0e91L, 0x4bc99254c1b362L,
-          0xe3fccb4827d9ecL, 0x5d4cf9ad950d6aL, 0xa16f1ef39b5b38L,
-          0x3c76d1d620f288L, 0x9fdd059e119390L },
-        { 0x7b5de9efb5edf8L, 0x3e290b9769d14eL, 0x4df3a916bd10b5L,
-          0xae99bca82f8f7bL, 0x5481d5dc9524afL, 0xf112e4f69504f1L,
-          0xb048f0951931ecL, 0xbff876a18f51b1L }
-    },
-    {
-        { 0x932e2a746c1c37L, 0x903ad529aea4c1L, 0x717ac918f161f2L,
-          0xa57d197f425e2aL, 0xae89dac7f39e0eL, 0x91655c0baa2a58L,
-          0xe3dc28654836ddL, 0xb5f0baaa9ec9e6L },
-        { 0xf7c4662bdbda04L, 0xbe5393b51059c0L, 0xb16d552dd95b0fL,
-          0xde495b31b3bd96L, 0xb2a6e02c0206c5L, 0x045cc09014d3a9L,
-          0xf66a3152a2f490L, 0x208c108c5dea05L }
-    },
-    {
-        { 0x6e38b6865237eaL, 0x93a13039f27fc6L, 0x9a6d510a95068aL,
-          0x6fbf216e7c9e54L, 0x7824290571ac1dL, 0x8cb23ba91c2a0cL,
-          0x611202ec7e434dL, 0x8f901bf76058b4L },
-        { 0xef0ac050849588L, 0xe0d2ddedd31804L, 0xaf5417ceb2ca81L,
-          0x420ac065d1a509L, 0x46e345e9683bb6L, 0x6daf635f613f7fL,
-          0xc9e829148a9576L, 0x5f9f1d1176d147L }
-    },
-    {
-        { 0xd24ae1d77e9709L, 0x77751dc0047b8aL, 0xe325334c6a1593L,
-          0x9baf962671f86aL, 0x425af6ac29a15eL, 0x31086002796e33L,
-          0xb6ea78cfc253a5L, 0x4c733e0afae0eaL },
-        { 0x4b7443a97c99b9L, 0xc14e9e450203a6L, 0xd1bb51552680baL,
-          0xa56a3efd55533aL, 0xa66e38c169e1a0L, 0xb3e4df9eed7da0L,
-          0x022c937ddce3d9L, 0x8552089f6e36b4L }
-    },
-},
-{
-    {
-        { 0x8e4bf95f5cc82eL, 0x2ad80c3c3ed6c9L, 0xf2e5b2cc9045e1L,
-          0x42c906559b06d4L, 0xc1f73797b43b84L, 0x1710dbf72d7992L,
-          0xe98cf47767b41cL, 0xe713fce7bfb9e9L },
-        { 0x9f54ae99fa5134L, 0x3002fd8de40d0eL, 0xdc282b79311334L,
-          0x5519810bfeb360L, 0x31539c70f96ffeL, 0x04eacc0d27777bL,
-          0x59824108ff5053L, 0x598236632b67adL }
-    },
-    {
-        { 0x6eb45546bea5c2L, 0x82cfae0d509a33L, 0x6a69bd8394bb59L,
-          0x1880d8d5770ee1L, 0x63518447dacf9eL, 0x5b1ecc5f02b891L,
-          0xeb7d900b6c9a5aL, 0xdab8a768897da8L },
-        { 0x28c7be598851a6L, 0x0101d4f4d73c3bL, 0x3c2569c5084996L,
-          0xb9bc911280bde0L, 0x513a22acd0d4f9L, 0xdf2986d2a15f3bL,
-          0x231c28f2aa4943L, 0x29623ad0333870L }
-    },
-    {
-        { 0x2ceb1784084416L, 0x924cf1c49516cdL, 0x76536c04be856fL,
-          0x11b59cd47a265bL, 0x720dc844999494L, 0x910f794007b795L,
-          0x8434e142d3df83L, 0x8f53878bd478d3L },
-        { 0xd9b072eaeb9c2fL, 0x16f87eafd8a29fL, 0x8c42f9b2fd0de1L,
-          0x916721e0e816efL, 0x2ecb47018bde37L, 0xcde3b7a2375da2L,
-          0x30d0657ef94281L, 0x51054565cd7af8L }
-    },
-    {
-        { 0x7230b334bdced3L, 0x0c6a3e10838569L, 0xf19c9ece3493b8L,
-          0xf2759270d97c57L, 0xf14181e0c862ebL, 0xfd3bac132c72bcL,
-          0x620563ff3be362L, 0x672ccaf47283b7L },
-        { 0x191e3fa2b7bf16L, 0xf838633520dad7L, 0xd3dde553629d87L,
-          0x14d8836af86ebeL, 0x3db7dfb221b2ceL, 0x3872abb0aed72aL,
-          0xb60de528c665b7L, 0x89c259644982cbL }
-    },
-    {
-        { 0x799a2de4dbba25L, 0xd818aaea42715eL, 0xbc88f4df55c362L,
-          0x142a163713c9aeL, 0x411e8eefbfb33fL, 0x34b46296bb684aL,
-          0x4344becdc81817L, 0xcc9573d17f9d46L },
-        { 0xf85f8bcff38a7dL, 0xa14bf730caf117L, 0x126874f4ba6429L,
-          0xcc9bf22aa5db97L, 0x62b56df6aba827L, 0xfee1cb89c9772aL,
-          0xe36838f177e541L, 0x698815dadd438fL }
-    },
-    {
-        { 0xc9fd89438ed1adL, 0x73cd79d7b6a601L, 0x2210e6205e8d20L,
-          0x72384ac3592af5L, 0x5ccc079763d07eL, 0x2f31a4aa5f79ebL,
-          0x693f4ed2945a95L, 0xc7120178056fdcL },
-        { 0x361ecd2df4b09aL, 0xa5644eab7d929aL, 0x34abc0b3fabe9aL,
-          0x1a2473ce942a8cL, 0xe00c9246454bc3L, 0xab324bcdff7366L,
-          0xe1412f121b8f99L, 0x970b572e33551eL }
-    },
-    {
-        { 0x6ca4cacbd0a6b5L, 0x5584787921d654L, 0x18e5253c809bdaL,
-          0x01b32c3f0cbe5eL, 0xb9aa7540f987ddL, 0x628f4bb6dfa4dbL,
-          0x0255f0b891890bL, 0x25b7df4874e590L },
-        { 0xbded3188ed5f95L, 0x9dc428dca93023L, 0xc68f25abccf520L,
-          0xc4f3764e616e6cL, 0xd9a57f1a1d9993L, 0xd1964a5533431bL,
-          0x06cd77f02ab6d0L, 0xa66079103e52e0L }
-    },
-    {
-        { 0xab088645f72700L, 0xf77b2ff0a1a44eL, 0x43ebdd8c2a24b5L,
-          0xa6d67114f564d7L, 0x495df63f414160L, 0xf5bacd776f6de6L,
-          0x3011aff7c2b43dL, 0xbb1e64c3241928L },
-        { 0xf70c5725034073L, 0x891c62a68f1e97L, 0xed8eb2eb22e374L,
-          0xd3a53e97dbcc2fL, 0x1d06281dc8f220L, 0x9eef48face4393L,
-          0x96014f5d2abecdL, 0x1da7e092653cebL }
-    },
-},
-{
-    {
-        { 0x7593318d00bc94L, 0x586f3c6c7262a2L, 0xea68f52958ad31L,
-          0x6707fccd4e8bedL, 0xb7e35d6cb3f9ceL, 0x2cbb6f7f4b1be8L,
-          0xa5352687b41aeeL, 0x1d77845f7b39b8L },
-        { 0xb1f3995eaf9554L, 0x3250f70fe9e7d4L, 0x62e5d1ba00c23cL,
-          0x5e422f5c10e3bfL, 0x7a18039c25cec4L, 0xb4e66a17cc4d5bL,
-          0xad7c5f636d0e0cL, 0x9f40b12a4cf347L }
-    },
-    {
-        { 0x697f88251e3696L, 0xc89bc40ab0a648L, 0x8f261a59785804L,
-          0x4c7f900b51a2bdL, 0xd00e7af8a2dfcfL, 0xf9c534db642aebL,
-          0xea2a79fb63df0eL, 0x392a69af2f64a4L },
-        { 0x0c0f01cc331b6cL, 0x414bf2e6a5edb5L, 0xfe5ed815068391L,
-          0x0a8078d62fbc34L, 0x78a438254bca98L, 0xf7a49ae3d727c7L,
-          0x96c1de1ab4dffeL, 0x45901f73b9440aL }
-    },
-    {
-        { 0x3f1189facfe46eL, 0xdca6f464467443L, 0xac385422eb5bcfL,
-          0xb02dce9906bf72L, 0xdd8cdacfe1d454L, 0xc26f04c65f7218L,
-          0xb4748596ea145dL, 0xc53dc6b5bdb315L },
-        { 0xbe5be749ad7197L, 0x627e91918b5eccL, 0x57c889c9ea405dL,
-          0x2e5650c1a5360bL, 0x42290df1b30b27L, 0x4a071575242687L,
-          0x553ed1fd379133L, 0xb9d7a0701db019L }
-    },
-    {
-        { 0xcfe551c56597dcL, 0x81af92a925ebd6L, 0x83efe16f4e8d57L,
-          0x61bb4311f640d3L, 0xf80440f78b414aL, 0x72f3c636c9e3b4L,
-          0xb55f43a6a03c66L, 0x47a9dede417037L },
-        { 0x1a7e287dbb612bL, 0x895c3c7dbb9220L, 0xd50c86e6c04764L,
-          0xed5269853cf7caL, 0xc78d799f74af55L, 0xb2ba0f2b969ff2L,
-          0x06d48151c6530bL, 0x764a1fe165a575L }
-    },
-    {
-        { 0x4383a3bc1b5eceL, 0x0563c8854ff148L, 0x9a452795af796eL,
-          0xffba7c088e9953L, 0xfe9fb5eb6a3001L, 0x795098825b6b19L,
-          0x67c899ad81be5eL, 0xc89ac8d2f9d29bL },
-        { 0x7c76ba329ab8f7L, 0xb2a18c96e40f74L, 0x1b5056e3864d9bL,
-          0xdfa503d9b582b8L, 0xfb035197c9c68eL, 0xdc501316b3c22bL,
-          0x38ab231a6c96ffL, 0x4ea527c8cb1c10L }
-    },
-    {
-        { 0xd632f20c05b4edL, 0xe0199fab2a032dL, 0x373295626812d7L,
-          0x2aed855013df13L, 0x92ca24b39f96acL, 0x620273dbb9751aL,
-          0x5d0d21ef7437a1L, 0x9de2a43077de56L },
-        { 0x0569b1211a4674L, 0xfc3923e89c3989L, 0x3d127042c5c770L,
-          0x0072b9084e8c37L, 0x7178d4dac39f9aL, 0x5f8292f778d345L,
-          0x9e5bf0f77c7307L, 0x7691610c3a20f5L }
-    },
-    {
-        { 0x7c4ead5705fe96L, 0x377ec35c8e464cL, 0x3e5b9907689954L,
-          0xc0f6949a2d31eaL, 0x839d395c580671L, 0x2f347a6b215b09L,
-          0xfdcfa33683df83L, 0x6e12cc26af39a8L },
-        { 0xae46ec813a3bd2L, 0x03a7d3b59366f8L, 0xe2029d5b87aed4L,
-          0xbdc4e43fe1b83dL, 0x768437cdb8a1a8L, 0xe47acc3ea0dd7fL,
-          0x550e0cc62a0af4L, 0xcaf2cbc1a20962L }
-    },
-    {
-        { 0x5a784f7f28a78fL, 0x952a9b507e9724L, 0x8ac5e411bab7a3L,
-          0x1251e3fb7bc1e1L, 0xe360f82dc15e22L, 0x3ac72da95213f5L,
-          0x65ee9ba4dcd47bL, 0xdfeab7b3af5952L },
-        { 0x34c5c8026fd3c6L, 0xd977b08f3ac7eeL, 0x003bd017dba2f6L,
-          0xcfc5cf8ac98c8dL, 0x05eb6040e46922L, 0xc248b17faa9352L,
-          0xfa41c0f395c7a7L, 0x29931d4b71ee44L }
-    },
-},
-{
-    {
-        { 0xac087bb07861c5L, 0x3bd37db5ae8240L, 0x94c68ecf94518fL,
-          0xd32a378ff88a5bL, 0x42c8aaf9b441d1L, 0x089db70fc07f12L,
-          0x211c386d3d4455L, 0x1db9af7546b158L },
-        { 0xdfd1b6551bc927L, 0x69c04930733df4L, 0xdc72cd42aeb586L,
-          0xeebdace823aa13L, 0x51b3b3c56ad643L, 0xb983a99d4e0426L,
-          0xa1e5b6c69c4eccL, 0x37cd38245e6668L }
-    },
-    {
-        { 0x158ce6d9f73aeaL, 0x36a774914ff475L, 0x0d4e424dc0b018L,
-          0xc2c44483946f09L, 0x7a7de3ffacda62L, 0x49a19e6b486709L,
-          0x65094d8db61da7L, 0x09edfd98f5ee87L },
-        { 0xe460fcfb37226dL, 0x3b9d03969bf470L, 0x3d4d511247ca22L,
-          0xc7248d6c782cb1L, 0x91189a000ad293L, 0x1244942e8abe75L,
-          0x9f88d12bf52cdbL, 0x368463ebbbcadfL }
-    },
-    {
-        { 0x419e4b38074f45L, 0xd3f8e2e0771c83L, 0xd2743b42e68d34L,
-          0xc68b7dbb116a00L, 0xfad2cf7d84cc37L, 0xcfd27c0b7a0f4dL,
-          0x3b9e23f190e587L, 0x7bab499751ca9eL },
-        { 0x3270861a8f12eeL, 0xee1f38d31b36d5L, 0x748bb31e4c0eedL,
-          0x9be5c9b110ebadL, 0x728660bc8b6cb6L, 0x7bc9df793d914aL,
-          0x73a4f2cc88c859L, 0xbe4a2fdb4e7f0eL }
-    },
-    {
-        { 0xe566ff8a450e77L, 0xb0b40066a13abaL, 0x483a510cd7dc90L,
-          0xb1a20135fa9cccL, 0xeb0b631a80e67cL, 0x7c34e1f020801aL,
-          0x0257dc8f4e447cL, 0x7abe7d174c6f0fL },
-        { 0xf115a3ab19a576L, 0x8f0474a064ca0eL, 0x999bb6b351f99bL,
-          0x855254b773edc3L, 0x49f6c2f427d717L, 0x9f682532e0cef2L,
-          0x1fe126c2ee34f5L, 0x1ec2cae80150f7L }
-    },
-    {
-        { 0x862c5afc005b7aL, 0x61adea7ec4ef17L, 0xf885fd3007b446L,
-          0x25c129d9b0e30eL, 0xbc10f25feec7e0L, 0x3901ac4df79ee1L,
-          0xad49db7fe9e19fL, 0xc8624d9360d050L },
-        { 0xc74a576bf3260bL, 0xbde80248c010c2L, 0xf15532909b6977L,
-          0x6a5a82ed52dcf8L, 0x4fbf59d29b9dfcL, 0x337d049c7b730cL,
-          0xb3deac63a89cd4L, 0x1e07595ad2f2ebL }
-    },
-    {
-        { 0xa0b0a4d3b7c84eL, 0xf132c378cf2b00L, 0x192814beaaa8ecL,
-          0xe7929f97b4b5dfL, 0xf08a68e42d0ab7L, 0x814afb17b60cddL,
-          0x78c348c7d9c160L, 0xf8a948844db217L },
-        { 0xcdefd88eaa2578L, 0xf717f56bd0e260L, 0x7754e131694d02L,
-          0x1254c14181dbd8L, 0x0dacdd26e5f312L, 0xb8abdfbcef87bfL,
-          0xb985972e74e2eaL, 0x1717621002b424L }
-    },
-    {
-        { 0x92cc75e162df70L, 0x1e20c0618ee849L, 0xc036b4626aa590L,
-          0x31be67e4da5155L, 0x04911b5f7213b0L, 0x39261d7bb2e72eL,
-          0x9e844665c015a3L, 0x2f59fc0298ae67L },
-        { 0xa3ea7ba1701fccL, 0x87a5fa90ebd651L, 0xa607ed4301d7b1L,
-          0xbd4ec5f3b2e271L, 0x732a1a2dc4180fL, 0xbe15d82feaa8c1L,
-          0x103670266f2f3fL, 0xccfd3979e79ce8L }
-    },
-    {
-        { 0x82ab83570a54adL, 0x5c1dee8e3bec75L, 0xf583ff454b556bL,
-          0x9220199f461e60L, 0xdf61ca887fc4e7L, 0x6641fd20776dadL,
-          0x00c6edd8edd061L, 0xaf9b14255f7e87L },
-        { 0x73f15e49bbe3ecL, 0xdd3b788f8bc1faL, 0xb24cc071b8ff86L,
-          0x6c260d241be58bL, 0xec1c4e36b10adaL, 0xf6b42097fdb985L,
-          0x0d0ac85d47c212L, 0x967191c07d78d1L }
-    },
-},
-{
-    {
-        { 0x3b11638843d0f3L, 0x4b89297f27f10eL, 0x477236e863ba2aL,
-          0x1949622add280cL, 0x7cd523504da757L, 0xe0e99d279e4ff7L,
-          0xb4ef894537da41L, 0xc55dde45a24ff1L },
-        { 0x18d8e21b587521L, 0x8010b5d3777833L, 0x4af522dd3a54c8L,
-          0x7cd476b4c0ac13L, 0x4587e614099f67L, 0x494d0ed605ee64L,
-          0x3218ba2cc80903L, 0x5ff56aa0b2e169L }
-    },
-    {
-        { 0x51ec94e3a06c69L, 0xa26d7be5e65c52L, 0x156f113d44ee96L,
-          0x70f0968bf5b9b4L, 0x9b7e4695f5332dL, 0x36c295f6703829L,
-          0x1522690d04f492L, 0xcf35ca4728043bL },
-        { 0xf9ca3e1190a7c3L, 0x53d2413f971b07L, 0xae596529c48b49L,
-          0x74672b8fefff5cL, 0x0a3018ba7643b0L, 0x51919e83e9b0a8L,
-          0x89ad33dc932fb5L, 0x52a4419643e687L }
-    },
-    {
-        { 0x7778990d2d0acdL, 0x3bdbcce487fdf1L, 0xdc413ca2b03dd2L,
-          0x278755b9a2b7d0L, 0x4ebb8b535ddd7fL, 0x0465152bcbdb92L,
-          0x34f22d6671d051L, 0x1ba04c787192b9L },
-        { 0xb1693f483560c1L, 0xe08a5937d174e9L, 0x47ffdc464dc9afL,
-          0x1123596ce8126cL, 0x632d95f1124628L, 0x66287abfee7c76L,
-          0xb40fe60c552332L, 0x3f11729e304e1eL }
-    },
-    {
-        { 0x97a6ea05030a8cL, 0x692419809c27b2L, 0x3308501ac9dd5dL,
-          0x9fed7fabe73fdcL, 0xea555440535286L, 0xc7c07ab6c9b832L,
-          0x178c882c51b967L, 0x6fa0c6986ee075L },
-        { 0xbaa4a15b8b5c4aL, 0xf83c0ea3130c0aL, 0xcf8624b2800331L,
-          0xade85cd7ccbcb8L, 0x971d7f6f08445dL, 0xfd480b76a546dcL,
-          0xdc15a38c93761cL, 0xc4c495c9d04631L }
-    },
-    {
-        { 0x5f4cee89470efeL, 0x9fe896188d93adL, 0x24783b3f4e49ceL,
-          0x1bc7ed752ffb3eL, 0xa3abe6a6d81e17L, 0xd6bb8b47a333c3L,
-          0x3485c0b10a3527L, 0x7cddc9c31a9d10L },
-        { 0x0c78112c38ca37L, 0x10e249ddd2f8d8L, 0x72c88ccc511911L,
-          0x4d75b5a29a6c84L, 0xc74b267a227b1eL, 0x698390cf8e35adL,
-          0x8f27edfe98d230L, 0xec922f26bdc7f4L }
-    },
-    {
-        { 0xac34023fc32e11L, 0xe0ae2f547200d1L, 0xa7c7492bd98c82L,
-          0x3910b687b02154L, 0x6fdd06ce28ab6dL, 0xd3a7e49d98b012L,
-          0x4c1c82b9f54207L, 0xef5bbe645c176fL },
-        { 0x3d17960d3e71ebL, 0x90d7e84080e70cL, 0x83e6438bff5d9eL,
-          0x1877e1f535d85cL, 0x931ed6efbb69ccL, 0xcf962651247848L,
-          0x76d618b750da4eL, 0xc076708717fbf6L }
-    },
-    {
-        { 0x80a5ac5eec5126L, 0x6d05dd13379c80L, 0x514b0892336d32L,
-          0x586c0066725137L, 0xab2365a574f954L, 0x3c89ea0ac7d356L,
-          0xf1f2edd27460baL, 0xf200ddbab9870fL },
-        { 0xc8f1b2ca35e885L, 0x5d22f86e6e7550L, 0x24b9a409554615L,
-          0xcb41107616314fL, 0xca752f0c976a11L, 0x3e2f839a08291aL,
-          0x0cff22ff2c420eL, 0xafd603e82b9747L }
-    },
-    {
-        { 0xaddeddc810a3daL, 0x78b6c2dd3a87bfL, 0xbc7020bde3a04cL,
-          0x47ab9739b6d045L, 0x3b046d60959358L, 0x0f953e7509ee3eL,
-          0x803dc8669fc61bL, 0xcceaec0893c8d4L },
-        { 0x21f8c40b048a45L, 0xb535073fcaea8aL, 0xe712c3590e360bL,
-          0x5d0f3f48403338L, 0xe0ea26c7207f2dL, 0x20f6b57ffd9e05L,
-          0xb97d68e4788b00L, 0xb1215541889cceL }
-    },
-},
-{
-    {
-        { 0x0079817464238eL, 0x21103020d381caL, 0x1cc4c6ed9f01b5L,
-          0x5e35dc55a131b1L, 0xb61848d06944ebL, 0x83792a029631a3L,
-          0xbe1017fafca0ddL, 0x70aaa01782fcbbL },
-        { 0xc63b7a099945e7L, 0xe9164ecc4486c1L, 0xb133e35885f2c1L,
-          0x186f0d3c99ae02L, 0x2fca4922bf53e6L, 0xf922aa248a02bcL,
-          0x4fe64900dd3dcaL, 0xe8c313ff6a8207L }
-    },
-    {
-        { 0xc5b358397caf1eL, 0xa001922922a4b6L, 0x67e36bedf07c95L,
-          0xabaa0aeb2f4f34L, 0x66dc926dedc333L, 0x82021c438ec5b3L,
-          0x82b4f2600ab176L, 0x1b7c22e69c45afL },
-        { 0x07b0dbe0924ad9L, 0xe030936a407ddeL, 0x66e1ce926ccd06L,
-          0xb50c108e3505a9L, 0x8b921e1da98f51L, 0x449ca1a20cf7c7L,
-          0xadb80c7e67d079L, 0x205aa54834372dL }
-    },
-    {
-        { 0x1482b4819bf847L, 0xd6c16ab5906f0fL, 0x323fb1723ad060L,
-          0x0346389c832be7L, 0xe71b2d82ee45bfL, 0x761c37dfb22276L,
-          0xa9b33345d70be2L, 0x81a06565a0627aL },
-        { 0x337750399a6282L, 0xafc8d2ed0436f0L, 0x22f71d3c53342fL,
-          0x66ca56d8939ad3L, 0x15a919230e09baL, 0x261091ea6de890L,
-          0x609d700e78f2d5L, 0x8aa52ee8eaaf78L }
-    },
-    {
-        { 0xa398788ce76258L, 0x3031d07494b975L, 0x4a6d652043dfe2L,
-          0xdb1a849b4401ecL, 0xf81ebbbce8bbccL, 0x937dd4716efe9eL,
-          0x9c19350ef85eccL, 0x260d932214273bL },
-        { 0x1d7e21e77bf1a3L, 0x199d689a544eb7L, 0x9da594194ced50L,
-          0x71a60be8a0aeaaL, 0x183a0ae26d3b51L, 0x49f176a8df9728L,
-          0x744376e3230674L, 0xb2cb21ae25541cL }
-    },
-    {
-        { 0x7a721589a0071fL, 0xe19dd29e7d2a6bL, 0x3deb34e55113f0L,
-          0xef1f8ebede573bL, 0xa8f7ff95665e37L, 0xa2c21eaf2d7777L,
-          0x1387afa91e2e39L, 0x04057b97db68f6L },
-        { 0x8b9d5ae1c241f7L, 0x689588a8e75993L, 0x79585b45c0e2d4L,
-          0xba1ef167b64974L, 0x72685bc1c08a75L, 0xf0a5814d572eddL,
-          0x71464a35ab0e70L, 0xc93c92b339aea7L }
-    },
-    {
-        { 0x1917e2a5b8a87dL, 0xea5db763a82756L, 0x5bba2fb6420e2bL,
-          0x5cc0501019372aL, 0xb1ef8beccc5efdL, 0xaf06393f49c57dL,
-          0x3ab1adf87a0bc4L, 0x2ee4cca34fe6b6L },
-        { 0xd1606686b8ba9bL, 0xef137d97efec13L, 0x7b6046550abb76L,
-          0xb40ec2bf753a00L, 0x696ed22eaf8f1dL, 0x398c91fd8ba3d8L,
-          0x11f203437db313L, 0xe1ec33bfe5079eL }
-    },
-    {
-        { 0x8a10c00bdc81f0L, 0x5f392566fe8e05L, 0xa595dab14a368eL,
-          0x32b318138cec6bL, 0xd77afde1b00d00L, 0x3c979284d9923dL,
-          0x78f0e7a76e13ddL, 0x5ee8e59bf75675L },
-        { 0x49ec89391b130cL, 0x9416182a47a441L, 0x54555b576e2ce8L,
-          0xcbdd2fd349c40bL, 0x10ae7379392bbeL, 0x270b1112e2dab0L,
-          0x5cb7712af293f4L, 0xfc22a33d6095c6L }
-    },
-    {
-        { 0xdcb5bbd0f15878L, 0xbcf27adb6bba48L, 0x979913e7b70ebaL,
-          0x4c0f34b158578aL, 0x53f59a76ed6088L, 0x19b3b2c75b0fc2L,
-          0xad628dc0153f3cL, 0x5195a2bcec1607L },
-        { 0x95f8b84dfe0f7aL, 0x935c6b0152920bL, 0x25f9e314da1056L,
-          0x4910a94b28c229L, 0x54b03b48ee4d6eL, 0xc991fc3694e3edL,
-          0x68c4c26dbe5709L, 0xc9cfce463d7657L }
-    },
-},
-{
-    {
-        { 0x21c9227f52a44eL, 0x7f105a2e85bfbdL, 0x887781f6268fc2L,
-          0x56ee808a2d7e35L, 0x14f9de52d3930fL, 0x4a4e356dcb561aL,
-          0x87362267f95598L, 0x211c3425f34151L },
-        { 0x8fcb75b0eaf9cbL, 0xcc9edf93d60ce2L, 0x54412c9a5fe627L,
-          0x6036a72842dd09L, 0x71ce668a6c6099L, 0x02b30d75386764L,
-          0xb69bed36f18e23L, 0x124c9b1d1de9f4L }
-    },
-    {
-        { 0xe8f8d95e69b531L, 0xe1e115eaff1049L, 0x9087cd1eddea0cL,
-          0x8ed55a57449916L, 0x8009f547808404L, 0x990f21617fea55L,
-          0x68ba624fe8ecf9L, 0x8ac295056d1f47L },
-        { 0x3257887529dfb0L, 0xc4a613f244c080L, 0xabb1ac028672faL,
-          0xb2915c531eb291L, 0x6e368ca8fababaL, 0x6b8c2591fde498L,
-          0x67724a1f2a548cL, 0x6b3b7e8f90409bL }
-    },
-    {
-        { 0x5415003fae20aaL, 0x95858a985df5ceL, 0x42bc9870ac6beeL,
-          0x8d843c539ea1a9L, 0x5de200cb571043L, 0x084fcd51741a33L,
-          0xe1ca20c0009d1cL, 0x0271d28e957e6dL },
-        { 0x84cbf809e3be55L, 0xc804dda1c578c6L, 0xea85489409a93aL,
-          0x64a450a972021dL, 0xc6a2161e681312L, 0x280bff965bc111L,
-          0xd358a4b0f8526fL, 0xd967be8953a3abL }
-    },
-    {
-        { 0x4c5e6157dd066cL, 0x37afd33634c8d4L, 0xa3ac88a42d8b87L,
-          0x9681e9b938b607L, 0x7a286ab37fe4c8L, 0xdeee5742494245L,
-          0x184b9d36af75a8L, 0x20f696a3670c04L },
-        { 0x1340adfa39e8b9L, 0x03c19290850b2eL, 0x435ebd42c0e1efL,
-          0x49de18b142ee9bL, 0xb440b273f116f2L, 0xd94e9fa2214463L,
-          0x1b0ddd36311543L, 0x1ae042a991ba3cL }
-    },
-    {
-        { 0xbc322f85bb47aaL, 0x9e2562554a5845L, 0x96b65ae21115f3L,
-          0x46fbed4bb5757bL, 0x18aec4f4c42dceL, 0xc59caf68d801f0L,
-          0x91894631205521L, 0x66bd8e089feb7aL },
-        { 0x39ebe95c529ee7L, 0x28d89928eadb99L, 0x6058c786927544L,
-          0x877e7a5d3808ecL, 0x8f651111c52eafL, 0xfb59812ae221cdL,
-          0x22289c6f890391L, 0xa97695b4966e92L }
-    },
-    {
-        { 0xf0a91226ff10f0L, 0x49a931ba2a65c8L, 0x3fcebbcb1d3cb0L,
-          0x70eb79bca9685fL, 0x82520b5ab38cb6L, 0xccf991b76304c3L,
-          0x575aab1af8b07cL, 0xec8166a5ed5efbL },
-        { 0xddc5698c8689b1L, 0x227c949b2e78d7L, 0x61323218e07d91L,
-          0x658a11d22cfd62L, 0x908fb44004dd5fL, 0xe3d14f090d21b1L,
-          0x6f3db9da6a1639L, 0x09d86c0333a525L }
-    },
-    {
-        { 0xd83eaf06f043f7L, 0x88ab648b52d5f6L, 0x67c664d57144d7L,
-          0x55d7644eafc8b5L, 0x1c89f20cceb291L, 0x51aec7b831ac47L,
-          0x51172fa6148854L, 0x8fabf7ef6d7bfeL },
-        { 0x5910316477ee27L, 0x5f299dd20fe61eL, 0x48079a842826abL,
-          0xf4a83ba22591faL, 0x8fac66055482ecL, 0x48fd5f16b65b3bL,
-          0x4288a7c9fd9e19L, 0x27db8199377894L }
-    },
-    {
-        { 0x2936ee47fd9dd6L, 0xcce5f0e9ec87c6L, 0x15a50e3db6e3b4L,
-          0x61df105ad701c8L, 0x3601add1dff1f7L, 0xb761e06e8a16e1L,
-          0x4341e021af3f91L, 0x9156a4a933fa3fL },
-        { 0x9dc46ae54bc01dL, 0x605577a64eb910L, 0x22b99f85a59a99L,
-          0xab2dbaf0a229d8L, 0xa8bfb656599364L, 0x39ed4a5e94ebf0L,
-          0x7b46a1e0dbb23eL, 0x117b1958751422L }
-    },
-},
-{
-    {
-        { 0xd19e8fd423bddfL, 0x9d77042387ef59L, 0x315cbdd849590aL,
-          0xfdc637c7866c1eL, 0x72be83d03515a6L, 0xd44a4a00376780L,
-          0x3b9613119e0c2bL, 0x023aca37b1a689L },
-        { 0xf5f368782282eaL, 0x44710898a8b5c7L, 0xcd2f00a17a3066L,
-          0x754e11281ed681L, 0x9c6c70c0bfcefdL, 0xd6aced03b6f29bL,
-          0xe443d562817a2aL, 0xe590ef4e7c0012L }
-    },
-    {
-        { 0xc2f96763e62e2aL, 0x661816eb2daa26L, 0x3515fd2dd5f512L,
-          0xdc36e2756b6e75L, 0x0bdde4674cc658L, 0x102908600e7644L,
-          0xfdf00451694a09L, 0x454bcb6ceac169L },
-        { 0xf4c92ab6481eb6L, 0x8b77afa09750e7L, 0xe6f42316362d6dL,
-          0x0d45deef53a3aeL, 0xdac7aacd7dcf98L, 0x628cb7f125ec4aL,
-          0x41e8a20aec0320L, 0x7418c7eea2e35bL }
-    },
-    {
-        { 0x4d649abdf40519L, 0x8cb22d43525833L, 0x15f6d137a5333fL,
-          0x8c3991b72c23eeL, 0x248b9a50cd44a3L, 0x6b4c4e0ccc1a75L,
-          0x3221efb15c99a9L, 0x236d5040a9c504L },
-        { 0x401c7fbd559100L, 0xcf0e07507c524dL, 0x39647c034a9275L,
-          0x2355422f7e8683L, 0x3e0a16eb3ae670L, 0x1c83bcbad61b7fL,
-          0x491bcb19ca6cbeL, 0xe668dc45e29458L }
-    },
-    {
-        { 0xe44c65b219379eL, 0x211381bbb607eeL, 0xd4c7428b7bc6dbL,
-          0xba62a03b76a2e8L, 0xe1729c98bb0b31L, 0x3caeb50c6bbc10L,
-          0x6c66727b0187aaL, 0xbf9d2f0fb90dcfL },
-        { 0xec693501184dc6L, 0xd58d2a32698eb5L, 0xb366d8da316b07L,
-          0xe1e39bb251c017L, 0xbe44ba9adb157fL, 0xbaa9a9a8a8b06cL,
-          0xd0f46356e473e1L, 0xd25a8f61d681c6L }
-    },
-    {
-        { 0xba39d5fcb102c7L, 0x66eba21d8aa1ebL, 0xcc2591a697fbf4L,
-          0x5adb5792317f54L, 0xa01ae71f76c6f9L, 0x2c525de5042705L,
-          0xc8f42724f4479fL, 0x26ab54ae6d7a5bL },
-        { 0xda217b5dc28106L, 0xc7cadeaeb2ae6aL, 0x0b1609453ea3b2L,
-          0xcddcc1ccc6111bL, 0x5c47affa7a7bebL, 0xf9931bd0e52dabL,
-          0x5231835c6dcf96L, 0x7095bdef27ea4eL }
-    },
-    {
-        { 0xee8adaec33b4e2L, 0x300665163ceb44L, 0xf1476fb880b086L,
-          0x07033289569ce8L, 0x2cabf9a238b595L, 0x85017bc26c8158L,
-          0x420b5b568d5144L, 0xa9f5f1ef9c696fL },
-        { 0x1409c3ac8fec5aL, 0x541516f28e9579L, 0x06573f70e1f446L,
-          0x3e3c7062311b96L, 0x0033f1a3c2ffd8L, 0x8e808fcca6711cL,
-          0x716752d07aef98L, 0x5e53e9a92525b3L }
-    },
-    {
-        { 0xce98a425a1c29fL, 0xaa703483ca6dc9L, 0xe77d822edfa48bL,
-          0xd2e3455068abcaL, 0xb456e81482cfcaL, 0xc5aa9817fbfb08L,
-          0x8979f258243194L, 0x727f2172cd043dL },
-        { 0x7cca616aa53923L, 0x387c5aee9bcb72L, 0x0173fd437580bbL,
-          0xdd7795b75fc0d9L, 0x47d1c37345deaeL, 0x2eb5d7fb0d1c03L,
-          0xf7a1b92958f002L, 0x7365cf48f61b67L }
-    },
-    {
-        { 0x4b22c3b562a5edL, 0x711216f5c7cd07L, 0x51f72c49ba0648L,
-          0xc10d0930de9e6fL, 0xaca479bfda63baL, 0x4722a55af532b0L,
-          0x8d59eb77236f39L, 0x5cad8744465c34L },
-        { 0xa2119e5722b0c1L, 0xb670264f343ea4L, 0x6910f02c19f387L,
-          0xcfec5bc0381fbaL, 0x5f5de0d52c0a1dL, 0x4e474d56378cb6L,
-          0x2fc802727e2ba3L, 0xa215da3159b541L }
-    },
-},
-{
-    {
-        { 0xed535858499895L, 0xa0aefd565c998dL, 0x210d8502d5a561L,
-          0xc2cc23ca2cd9d6L, 0x2371d46c4d297eL, 0x88b2143d18d441L,
-          0xbebdad9043993dL, 0x6ba91e7ad5f28dL },
-        { 0xc2bb3f13a731f4L, 0xd35cfac5d0d5c3L, 0x995099835ac427L,
-          0x8938bb55458adbL, 0x0bd738cab26f3bL, 0x56db3d5a28cd8dL,
-          0x87eb95fa1d8b4bL, 0xd6700efe7f3b4bL }
-    },
-    {
-        { 0x962c920ea1e57bL, 0xd3be37e6dded6dL, 0xf499b622c96a73L,
-          0x3eaf7b46c99752L, 0xa310c89025590bL, 0x535aa4a721db23L,
-          0x56ab57819714a0L, 0xeecb4fad4048c1L },
-        { 0x7b79ec4470c466L, 0xc4e8f2e1383ceeL, 0x0f5d7765750c45L,
-          0xa3b3bc3725527dL, 0x2f5deb66d00cceL, 0x5d5a0f495a8d81L,
-          0x50a442ee02b824L, 0xafb04462a11628L }
-    },
-    {
-        { 0x72b67bc0c613deL, 0x0150d4be6f0b24L, 0x847854e8ed289dL,
-          0xe08292fa320f88L, 0xd5b6da329c6160L, 0x2a48e2d4fb9d06L,
-          0x55d9e412de087cL, 0x65683b54f02100L },
-        { 0x4dc8c2ea8886c6L, 0xe966dd220d6114L, 0x99745eba57af97L,
-          0x23a9a71b854725L, 0x8effe05621a047L, 0xf16d284049a4beL,
-          0x95828c25b0660fL, 0xd5b69ba56e96b0L }
-    },
-    {
-        { 0x0b5b4244ffa0b8L, 0x0585b45096cc5eL, 0x413e1aef505d37L,
-          0xe5652a30c7ab8dL, 0xab32fb72990120L, 0x6b8b16e3f09368L,
-          0xbf9fadbefe128eL, 0x85f366b14b7671L },
-        { 0xcb2f294090608dL, 0x25e2769ac3045fL, 0x069c4f06131904L,
-          0x1c57cf1329a779L, 0x72fe0d5b7cace7L, 0x04d9f430897a45L,
-          0xbaf32f6359a645L, 0x0fa854ffa7485aL }
-    },
-    {
-        { 0xae3533c5f56f60L, 0x9773bbb0ad9360L, 0x769b34a38fbe6bL,
-          0xb5ba8e9ffb0c00L, 0xa93931875472e4L, 0x12cac92ce5f30fL,
-          0x514fc06a9e7dbcL, 0xd7ca86558b4734L },
-        { 0xd101ff365a730bL, 0x92da451abe70e9L, 0xfb5f94aef7bf4bL,
-          0x8c3ef4c1d56c7bL, 0xb0857668435c10L, 0x7fbbbdae7ed4ccL,
-          0x1da6eaf24f372fL, 0x0ab2c1f59b8ae3L }
-    },
-    {
-        { 0x63a1a78f10a4b9L, 0xbb5278d0c7e510L, 0x97b224ef874142L,
-          0x0a9ff52b2517b1L, 0x1b5a485c5cd920L, 0x1a8e2eba1823b9L,
-          0x2b088c00e914a8L, 0xe5ec3adcf13432L },
-        { 0x0d6ab3e6e7e253L, 0x9f0f5cd6f18458L, 0x839a744f459a6dL,
-          0xb4b4f941eb15f7L, 0xe0313acc72cb14L, 0x58ee933b20472dL,
-          0x5f73d7a872543eL, 0xb1700c5501f067L }
-    },
-    {
-        { 0xb70428e085f67fL, 0x5441d5143cabe5L, 0x4d0e8c2e0a6055L,
-          0x8d39a080882e4fL, 0x615bb32c1cb39dL, 0x113f18df7a1642L,
-          0xbab8cf5250681fL, 0x3017ba2677b72aL },
-        { 0xcd2b6e95a3a876L, 0x04765012035a69L, 0x31d6440efa2ea0L,
-          0xde8f8d156874d5L, 0xcbc71cd0199d4aL, 0xc546b61e7f2170L,
-          0x4e57e4e112c4c3L, 0x58955a8d1622baL }
-    },
-    {
-        { 0x0064cd704e2f6fL, 0xe9d458de0edd38L, 0xeb1a5977e0a5c8L,
-          0xe322ece01fc0a8L, 0x8b9d1661032a19L, 0x3e7b539a89de94L,
-          0xfa30262001c754L, 0xe33de4ddb588f6L },
-        { 0x4dafbdb954eb94L, 0xbb436480584c1bL, 0x622c93e5dbe29bL,
-          0x968f9e3f57b931L, 0x98f03be0f6453bL, 0xb0ecc7f08f696cL,
-          0x5af55f4a505335L, 0x028533efb3fa9bL }
-    },
-},
-{
-    {
-        { 0x3bc8e6827e8d86L, 0x4e43b3063f105aL, 0x5301b7d4981250L,
-          0x8b0a75e9f72fa8L, 0x88f59db357348cL, 0x5f0ebb1ec4208eL,
-          0x4712561c043d3bL, 0x9e5ded0c806b97L },
-        { 0xf9bd0a62121d09L, 0x1759ecbe337cd1L, 0xd1acc0ee945542L,
-          0x3683febbd2f63aL, 0x44f1bccda5dfe9L, 0xa3606c9707f22fL,
-          0x45ef0642d96ca5L, 0xfc3107d9022df9L }
-    },
-    {
-        { 0xe81320b44be755L, 0xdf213d55c7c761L, 0xf43d2d5b4e5db9L,
-          0x3bcfd828dedcd2L, 0xdf368a6d37a9ecL, 0xfef20aef475a77L,
-          0x22f5894162c064L, 0x956bc660142a7dL },
-        { 0xaaa10e27daec78L, 0x3cb9b72b6e9a78L, 0xa740bade383f72L,
-          0xc31b4017759007L, 0xdada964a7afc50L, 0x6bf062cfd3d11fL,
-          0x9470d535db3679L, 0x339447303abf13L }
-    },
-    {
-        { 0x533f44046e5d7fL, 0xd1793e349048c8L, 0x59e11501929b94L,
-          0xcddbbcb8364134L, 0x795c794582774fL, 0x114dfc4e03081aL,
-          0x541ef68ef54042L, 0x159295b23f18cdL },
-        { 0xfb7e2ba48a2c8cL, 0xe2d4572bb6d116L, 0x7bb0b22d750b53L,
-          0xc58888cd142ee8L, 0xd11537a90c9e2dL, 0x77d5858d02eb9eL,
-          0x1fa4c75d444a79L, 0xf19b2d3d58a68dL }
-    },
-    {
-        { 0x37e5b73eb8b90fL, 0x3737f7a3f2a963L, 0x87913fa9de35e0L,
-          0xec7f9928731eddL, 0x6e6259e219491eL, 0xb2148a04de236cL,
-          0x89700e8fdd309bL, 0x9ce51e49f0bf80L },
-        { 0xe7ec421301f17bL, 0xa4b570a3bc5f4fL, 0xc2b1b2a1285ee2L,
-          0x5e86bc8c53db73L, 0xb65fceaf24fa90L, 0x9e74c5608ab024L,
-          0x5c8003df9ed877L, 0xa632e9e4a2cbbcL }
-    },
-    {
-        { 0x32a4546c91c8b5L, 0xc122b5ac969363L, 0xbbbec5e3648b3aL,
-          0xd5a365e25143b0L, 0xcf3e46454157ceL, 0x9712f04f9bab64L,
-          0xc12d43a04b4008L, 0x51932d72edf1c7L },
-        { 0xaef1655b2f8470L, 0xaa8e3f36c24aceL, 0x7da75da6b4e761L,
-          0xd371827b90bca2L, 0x84db4500afb45cL, 0xae12045ef46b5dL,
-          0x91639a5d962f98L, 0x669cbe672f2ac0L }
-    },
-    {
-        { 0x851bb3183a4356L, 0x7d436bf9a1bf15L, 0x46a3f0e120b378L,
-          0x9302abc3f5b357L, 0x1e0672693fef53L, 0xb12f4a95fd2ee9L,
-          0x94a884c7de9433L, 0x2645234a6f2874L },
-        { 0x6fb56f5cdb8dfaL, 0x4a17dfc9e0ee4eL, 0xe269d8383ab01eL,
-          0xda932dab77c10fL, 0x463af0c0321243L, 0xbe1d68216fc8a3L,
-          0x2eae3ea48b39e3L, 0x94230213b03e7bL }
-    },
-    {
-        { 0xaeb507cb22f28aL, 0xa77458b49a6b44L, 0x232ed5ac03dc17L,
-          0x79dfc169c61ac6L, 0x7c48be9cd71b93L, 0x983d68ac429cd9L,
-          0x7709c4798ae2c8L, 0xe4765c0a5df075L },
-        { 0x23c4deb3367f33L, 0xbdf2b7e37d72a7L, 0xbaab5c70af2d26L,
-          0xd609f7ffd026abL, 0x23b72b2541b039L, 0x8d06bac83be852L,
-          0x911d4a9cb23d1cL, 0xeae815cfb0dbd7L }
-    },
-    {
-        { 0x487c35c2c33481L, 0xffab636b6136dbL, 0xccd4daea3d3aa4L,
-          0x87149bbc3704e0L, 0x9de8119c0e8396L, 0xd49357a58e7ca6L,
-          0x68789181562d75L, 0xc7453815ab1fadL },
-        { 0x0f1579802c9b91L, 0x7ffc3f0b1ddde5L, 0xa01d5e06aae50dL,
-          0x6a97e65e279873L, 0x4bcf42fb5b1b41L, 0x1c6410f32f5982L,
-          0xd4f760050701c8L, 0xff02663873b90dL }
-    },
-},
-{
-    {
-        { 0xdc53ea2e5b2de2L, 0x94b352d38acecbL, 0x37d960b0d9d5e5L,
-          0xabd868f90bd997L, 0x781668f35a7376L, 0x043d59710118bfL,
-          0xd4da719f57928aL, 0x01942f6983e46cL },
-        { 0xab97fc8728bd76L, 0x825956b4b5c1c5L, 0x202809fc82a104L,
-          0xdb63e9cc8e3132L, 0xa41c701c2181afL, 0xd28018043e066aL,
-          0xc734e4124044ceL, 0x4d9ab23505193cL }
-    },
-    {
-        { 0x0bcd42af9f0c3fL, 0xda21a46b94a218L, 0xe55243c0ffc788L,
-          0x318aae647a5551L, 0x8c2938b79af9cbL, 0x5d15232ec1dce5L,
-          0x3d310ba8ad2e5cL, 0xd3d972494f792aL },
-        { 0xdeb4ca112a9553L, 0x2f1ed04eb54d9dL, 0xaa9c9cf69fb7a1L,
-          0xeb73c3a54dcd3aL, 0xee3eddcf5f201fL, 0x35f9e1cba7d234L,
-          0x1d1d04cd2e242fL, 0x48df9d80df7515L }
-    },
-    {
-        { 0x4ecc77da81dd9aL, 0xa6ac4bb03aa015L, 0x7645842bbc4fedL,
-          0x9ae34cd9d6cf52L, 0xf8ff0335917e0bL, 0x7c9da37c2cc175L,
-          0x1e74dccaaacfbeL, 0xa8f2df07999af8L },
-        { 0xd06c4ea102a466L, 0x2156e87ae190ddL, 0xc95db8aec4a863L,
-          0x49edffd244a6feL, 0x110fae6904f81eL, 0xbaa3e50a1cd104L,
-          0x5bd38a20478b65L, 0x2b57d05daefbccL }
-    },
-    {
-        { 0x1ce92ba86f4534L, 0xb2a8592414f5e3L, 0xdd7a4c69979436L,
-          0x7599aff3f0add7L, 0xe0ce4d3e2d4f64L, 0x74475cc401a29fL,
-          0xaef6541a2377d9L, 0x54048f53f917b6L },
-        { 0x1b86b2205312ecL, 0x779ba2231493cbL, 0xc718369aac9320L,
-          0xeab01a8617fce4L, 0x17b1f10f7187faL, 0xe68eda0a1aca46L,
-          0x61033fe2586342L, 0xfc14e790b6ca43L }
-    },
-    {
-        { 0x9f2231913d2491L, 0x66bdb537997202L, 0x0bafb0c4617f34L,
-          0x5917831f3bb7b3L, 0x6feb2a6b45bddbL, 0x08662b30202c19L,
-          0x0bc2b5705852f6L, 0x2c00fd491818c2L },
-        { 0xca7672cda37dacL, 0xfe4c04c5a30865L, 0x5f1399f322e92aL,
-          0xe7d67ea25b1bebL, 0xe08b014dce7f68L, 0x24df52af2f2b3cL,
-          0x2028b23750ecd1L, 0x9b25d4bc810a45L }
-    },
-    {
-        { 0xa35b7157a9d799L, 0x6da1eb301f9c99L, 0x33ef91ce363ba8L,
-          0x21c0e2ece140daL, 0xb0b11bf158cd84L, 0x6a8744293da438L,
-          0x924f10d3db585bL, 0xf5ddd7310c6159L },
-        { 0xb72dcb86a74c21L, 0x6d14198cc8f79fL, 0x99f4b6c9c5a8d6L,
-          0x063968890e135cL, 0x330edb883f6385L, 0xe1a5a6b9079675L,
-          0x6e37fa8b8f5fe0L, 0x60e2fd961dca1eL }
-    },
-    {
-        { 0xc6cb40366c395eL, 0x03b21a7b51d0f1L, 0xbc478a5e693181L,
-          0x0017c2fc6cff33L, 0x740a5b839d8d1eL, 0x3968d664d9ec6dL,
-          0xfd53738b0ef1b0L, 0x73ca8fd1ed0a04L },
-        { 0x4ace93875ab371L, 0xd602936ddad7e9L, 0x1f5424a750bcc2L,
-          0xfe09b3668c7a17L, 0x165f7de58341ecL, 0x95b825a6ce61e5L,
-          0x9d31e1966c83c4L, 0x65b3e08cc5887bL }
-    },
-    {
-        { 0xd37e93221482d1L, 0x9af659708b6380L, 0x279426a7d61e4bL,
-          0x80dd0ec80997adL, 0x7239b0dd5b76d4L, 0x92e6c73e76c098L,
-          0xeeb2321eab3e1dL, 0xa69c4a7eb1a910L },
-        { 0x46d6aa7833d9aeL, 0x3ee6957572b0feL, 0x44ccbedcdb3d97L,
-          0x342f29dcbea01bL, 0x0d518c58926876L, 0xaaabae75585d2cL,
-          0xc548c77e008f58L, 0x819e2fa21fab2cL }
-    },
-},
-{
-    {
-        { 0x468e149c16e981L, 0x286c7909ddbb7cL, 0x2a92d47db7a38aL,
-          0xde614e68a27cb2L, 0x8dc8822e5b0ab6L, 0x38441aecf48565L,
-          0x11ed5c9089435bL, 0x238928682d0d31L },
-        { 0xc6698d472f2f31L, 0x295242c56d76afL, 0x4099205eba563bL,
-          0xae7de5a3ab7384L, 0xccdf127d0ed86cL, 0xb9b6d5b965c3c3L,
-          0xe351a8f2c31ad7L, 0xa761dd8ac12f13L }
-    },
-    {
-        { 0xda115ddf171ab7L, 0x2de17b1401f93dL, 0x95019ca40964b4L,
-          0x169d1f465ba3c3L, 0x534a0070090d08L, 0x805c5e282bf410L,
-          0x15dfe1165f8d90L, 0x827a416ca72456L },
-        { 0x5af888433a36c4L, 0x8bfa54cd8ee604L, 0x08fd1419ce290fL,
-          0x2db5e8c287b3a6L, 0xe5be98103cdad2L, 0x155b874bf810b9L,
-          0x2ae42de670f473L, 0x22185847f74657L }
-    },
-    {
-        { 0x54b2a5023ffa43L, 0xcf87b16a24d919L, 0x1ff540263524e8L,
-          0x73c94e056d1e54L, 0x76515523899fb5L, 0x13a721418723bfL,
-          0x39afbdd3561517L, 0x49b790a9f2862eL },
-        { 0xc8c1f4f527d2ceL, 0x1997aec7609bb7L, 0x583ad8002a3400L,
-          0xac2374e4f79706L, 0xbf1f9a821b7183L, 0x06158ab6600fe0L,
-          0xfcc9b2ebd56751L, 0xe1de5acddaaec7L }
-    },
-    {
-        { 0x230baa1788fdabL, 0xf30860a7d04597L, 0xa2c7ece99f4caaL,
-          0xbd39f106ad065eL, 0xfd92f5d3bef7bdL, 0x6069fad96d2203L,
-          0xbff38cac4d9e0dL, 0x419a0171fda313L },
-        { 0x5d77fd8572f035L, 0x5af99f2b282b40L, 0x7257d3b23facffL,
-          0xf2ee22358c90afL, 0xcc2687d9b6a52aL, 0x140892c302430eL,
-          0xa934d5e3ec4f38L, 0xc087d7c3bd18beL }
-    },
-    {
-        { 0x7e94138a2c5ed7L, 0xbc8ceef53610bfL, 0xe89356bd86f803L,
-          0x9a3a3805a55330L, 0xe894aba11ad648L, 0x2e68fbaba95918L,
-          0x643e2bafcad344L, 0x0dd025661640aaL },
-        { 0xc02e479e25cbddL, 0xd78c4d813a1b3fL, 0xa6dae8fcca9692L,
-          0x3dd91e9e5de8a0L, 0x78ae0ce764ea36L, 0xb4ad99985dbc5eL,
-          0x967ff23e82a169L, 0xaeb26ecbaee1fcL }
-    },
-    {
-        { 0x8c502559a6f90cL, 0x56e7abe0ea374aL, 0x675c72256413b2L,
-          0xd3fc17e946753fL, 0x28c4e1fe235f7cL, 0xe209bcdb028eb0L,
-          0x7d0f93a489fe88L, 0xb966a2e063706aL },
-        { 0xb6c228c4a30319L, 0x6868efeca6d674L, 0x0610a70057311aL,
-          0x0808112bad7f89L, 0x2a2462c1dd6181L, 0x52ed9feb58e88aL,
-          0xbbff16f33821a2L, 0xda53e9617f882aL }
-    },
-    {
-        { 0xb6ffca38c30e5dL, 0xa90f9915c905f5L, 0x72fb200d753e88L,
-          0xe509d4c7256c6aL, 0x369e552d866500L, 0xee4b7e033cf8aeL,
-          0x280d954efcf6ebL, 0x5b275d3d557f0eL },
-        { 0xeb17211b5cecf8L, 0xd6ad50fbdb2f8dL, 0x2478c7b35e04b7L,
-          0x97e7143ac73bd3L, 0x09d6ede4817e24L, 0x68fea712c405e1L,
-          0x34adbc905f67a1L, 0xd20ab7073edf99L }
-    },
-    {
-        { 0xe116a96569f191L, 0xb3f0bce4d6e29aL, 0x30b9e1af51dbabL,
-          0x1dd36f3346d276L, 0x83151030749a27L, 0x242f148ab47f70L,
-          0xe8a5bcf5585681L, 0x8b801845ed79baL },
-        { 0xa4042fd3894ad1L, 0x82f781d2b88bc6L, 0x2d34cacbe4c397L,
-          0x8731aeadd99c9fL, 0x0f95498ef1d382L, 0xcaba2e1dd0bbc9L,
-          0x78889e954064e8L, 0x8cd9c9761a8ab9L }
-    },
-},
-{
-    {
-        { 0xf31f53ffa0459eL, 0xf8742a1315cd6bL, 0xabe2f50ae64e97L,
-          0xbd787419b9da48L, 0x4521a3351e526eL, 0xfa05935e10ba45L,
-          0x5c947e1e8f903cL, 0x0aa47d15a754eeL },
-        { 0xb2849efd814825L, 0x9c2a5d25c9968dL, 0x24dbb2604e634cL,
-          0x33f3a4cdb38194L, 0xe04f609c8a2b6bL, 0xcaefd8eabbbfdbL,
-          0x683119a404498bL, 0x24ab7a98b21cbdL }
-    },
-    {
-        { 0x6f1326921fa2ddL, 0xd79e61cc10a4bcL, 0xac4b3ce4bd6d46L,
-          0x52459b6bd3f37bL, 0xce0f0a3a396966L, 0x050d1d5a1ed488L,
-          0x1b9c403e0b17faL, 0xee1abd004a2e66L },
-        { 0x97065c35cf3e3bL, 0x6513d5fbe33441L, 0xcd3463479047aeL,
-          0x45cbb1cfd22df1L, 0x7a173ae967b17cL, 0x75f5ba72223cdaL,
-          0xe3d12dbefe0a73L, 0x3b7f94dfd7adcfL }
-    },
-    {
-        { 0xd596a13f1e9b7dL, 0x04f5bdd6734e0cL, 0x18b694f8be163aL,
-          0x15620c7d959fa3L, 0x65fc2c553d2a3bL, 0xd44a364c4d36f2L,
-          0xc8b421f268ceabL, 0x564139abfe2bd4L },
-        { 0xb52461019d4633L, 0x5ab3f886346934L, 0x96691fe9819422L,
-          0xdfdec898b39b82L, 0x84b1c7997cfb27L, 0xe59a98d4d6d004L,
-          0x5e5d0c612c350fL, 0xb431220d415774L }
-    },
-    {
-        { 0x3d0ca736aae0a2L, 0x7b1991f48c2d8cL, 0x00ae8565cdae72L,
-          0xdbb6ca0bd55128L, 0x3c2ab2a45c82bfL, 0xea5a55979545caL,
-          0xeba9a26d5927d0L, 0xb52e40183257fcL },
-        { 0x55ed517ca9650aL, 0xbdaa081e3ebff2L, 0x8cf7ce49f8831bL,
-          0x1d0b5bd6e3b8d3L, 0xa314a9fd8fc869L, 0x07f2079b892babL,
-          0xb700dbfa0cc9d9L, 0x7105a086dc0a39L }
-    },
-    {
-        { 0x0c7e05d8c7d901L, 0xa7ff681af3182bL, 0xb88e3caf9a0d06L,
-          0xfe20a12c343b7fL, 0x9f0257703251f9L, 0xf225dedc40c5ebL,
-          0x50e0cecb208ea7L, 0x5b250f0e6eeb65L },
-        { 0x807a1534806b6eL, 0xded120afa94139L, 0x237ddc749366fbL,
-          0xdd3674e5a34bcbL, 0xef6cdff9c4a61dL, 0x036194bb2fb896L,
-          0x38659539528cd9L, 0x0723c596936a52L }
-    },
-    {
-        { 0x1f84cd5e17719dL, 0x545939bc73b394L, 0xefbf3c583e84e7L,
-          0x6cc46f1f77fd66L, 0xa629f591383ab8L, 0x9177ffacd35cd2L,
-          0x039187f9dd411bL, 0xa9cf1cf7b7eea8L },
-        { 0xa3b105aac47e5dL, 0xa755bead0a9da4L, 0x50cfbae73da15eL,
-          0x9456cbc60b628cL, 0x7ffc3629b7a910L, 0x30b5924cd6d6a4L,
-          0x198629f0b04ab6L, 0xc74609c624dea9L }
-    },
-    {
-        { 0x27d4d77af12fa6L, 0xdd8a216690aeb2L, 0xe48fc02fe24417L,
-          0x1970403720e17eL, 0x95013fdce37b42L, 0x06817d2de4bd9bL,
-          0xc5863e763d0ba2L, 0xa1bafc0a556f5dL },
-        { 0xf28ec7b410a78aL, 0x0dcac420a01a63L, 0xfcd3fa4b5bce11L,
-          0x054d7e5d278b89L, 0x5195db85ce49e3L, 0x4c0b1672c73d96L,
-          0xd94307720a1bdbL, 0x66fa8b359c77a7L }
-    },
-    {
-        { 0xb9e93aed7462feL, 0xbfe54b218dde4fL, 0xaabb5283dbb08eL,
-          0x8c367020e5fc45L, 0x35028888e69be3L, 0x6d2efc1c12a11dL,
-          0xfce5cebf265e30L, 0x58c8bb35742c7eL },
-        { 0x32e89dcccf7fa0L, 0xa811f33dd020a4L, 0xa10d6205129fe5L,
-          0x3841c88e4ed29bL, 0xf3303a9d8b1ea6L, 0xa9a0cad1781f58L,
-          0x4502b388f3ef0bL, 0x2b7587e74c6d35L }
-    },
-},
-{
-    {
-        { 0xc6eaea123ae7cdL, 0xa1884d473c0caaL, 0x901e76fef1ea88L,
-          0xdb9935ca14269dL, 0xe8b2486947f1deL, 0x4ad56f4a657588L,
-          0xe7680542913fb1L, 0x2abff5d37600daL },
-        { 0xa814813a81a797L, 0x63e76a446acb69L, 0xb1038394ab8277L,
-          0x587de349d8e759L, 0xdfaeb8dddf62dfL, 0x24fe1cf9239d49L,
-          0x7de7409e130d1cL, 0x3ecfef9581d070L }
-    },
-    {
-        { 0x8d177a0f87c72dL, 0xae7e5818c6d1deL, 0x0077b5f8cece85L,
-          0x382483832d2187L, 0x49d8b156db2bd2L, 0xe9e5513c8d85b9L,
-          0x63c410ce05c53fL, 0xceaf2fbd86f752L },
-        { 0x0b432fe93806c5L, 0x18eb15d3d06c75L, 0xcaad82612cfc02L,
-          0x581e0401e2d045L, 0xd573cb595edcfdL, 0xce71948dbc66e3L,
-          0xcf68721acc14eaL, 0xf68bea26cac4dcL }
-    },
-    {
-        { 0xd8576afcb74da2L, 0x8771c29c433f46L, 0x7315af6e2f5b8eL,
-          0xc195481ba33928L, 0xb77dcc22fb1f94L, 0xcb3e57ca610f75L,
-          0xeb2a92753907dfL, 0x916f14923eff95L },
-        { 0xbb378e4b6cd291L, 0xa2a5e2b2f13ce1L, 0xa8a0e60bcd00b0L,
-          0x5902741682b75aL, 0xa0882c93f65a77L, 0x2069f75c93cfffL,
-          0x1ede40570c0cb9L, 0x13840c90d526c4L }
-    },
-    {
-        { 0xdc2caaa03ced48L, 0x2079219a0315beL, 0xca493563b1f642L,
-          0x0202dc7b0665f2L, 0xe5d6bbdb7a5238L, 0x36fbd5e26eab32L,
-          0xb3988f1f5819b4L, 0x5b15dc84aa4d69L },
-        { 0xa52feed54e5c24L, 0x927471be91a797L, 0xd119bfdd57f677L,
-          0xde38f7b78e4c4fL, 0xa7af516b150bc3L, 0x403b21e26b76c2L,
-          0x589067d92300dcL, 0x04e406a066802aL }
-    },
-    {
-        { 0x28e7d09a9ca9bbL, 0xaa84fd5fccf4a0L, 0xdbe9fb8635b7edL,
-          0x9ede3f5d56fc7cL, 0xa4b5031b01cb29L, 0x584299d7f93703L,
-          0xbd28868b6fe825L, 0x1d385d48b9c2d9L },
-        { 0x6606f4a822be80L, 0xb5a0165626d0fdL, 0x9920a2014568adL,
-          0x7d430f41c6d174L, 0xc243e16e02e9e9L, 0x367f1d2a6bd649L,
-          0x693910071b8c36L, 0x2ede1314de2984L }
-    },
-    {
-        { 0xdc781875beec32L, 0x1fff0cca525ff4L, 0x6e86425676df34L,
-          0x2b4e8a63f638e1L, 0xc4991d29b1e59fL, 0x399d0011589717L,
-          0x406464ebe041cdL, 0x901cb3d9e65bb0L },
-        { 0xf5f4572fb42307L, 0xf81b3b0f1b7307L, 0x8fb695cf2094d1L,
-          0x7db4792db56f7bL, 0x36836d55a794e0L, 0x2da477b09bc879L,
-          0x1cdfadb1887c40L, 0x65dc6c2f2699b6L }
-    },
-    {
-        { 0x36f9f214737972L, 0x48f0c8b7a387b0L, 0xa156ed339a1d24L,
-          0x375293a0fed268L, 0xf679f487ff75cbL, 0xd15a00f1cc9e62L,
-          0x92a7dc722c3877L, 0xe9870636fb0ed4L },
-        { 0xfd8e59c16f5f3cL, 0x375732eaeeb48eL, 0x2dd9213ca1ab42L,
-          0xcb062099ffcceaL, 0xfc611f6b23edfdL, 0x271634999b060eL,
-          0xb938b5d820de8aL, 0x138f6e7eb49a32L }
-    },
-    {
-        { 0x7feda63e485f70L, 0x646380aeb27b2cL, 0xcf8fe32c4511c7L,
-          0x2c68e1eff9406aL, 0xa9f2fd920b6020L, 0x1c98fc63b3e465L,
-          0xb8dac3593e53aaL, 0x2fb47b6a750e96L },
-        { 0xea373ef1950bb3L, 0x81566944ac7aecL, 0x8d6b3c2b55b931L,
-          0x5d13f2db62ef7dL, 0x4647f2aab9182bL, 0x8f56c5a33bf07cL,
-          0xc5ab284b35a221L, 0x0747ab75a46a6bL }
-    },
-},
-{
-    {
-        { 0x5b9236c86b85c5L, 0x5967a0dc482448L, 0x397c9557df6ae0L,
-          0xf83ee1c5378f2bL, 0xf82df656e05dd1L, 0x4c424f619d7c8bL,
-          0xa612550a6d5f2aL, 0xfe8482a63c3ebfL },
-        { 0xcb8d4030142c82L, 0x08b06623679e6cL, 0x3ea51463eca5eeL,
-          0x089eb3b1370500L, 0xcbfb19c5a0d306L, 0x2f6858842a65bbL,
-          0xe3e1db5e51e119L, 0x2c150e7110895eL }
-    },
-    {
-        { 0xf323488f6d4c4cL, 0x5fc931f63b87e2L, 0x8867da035c759fL,
-          0xb6f1eff9746d4cL, 0x8a8172d990be0aL, 0x1113eee5c407b4L,
-          0xd80dacf378ed8aL, 0x99b57cf3fa7fd1L },
-        { 0xf5bb6d95176405L, 0x6b8963a92e83b5L, 0xac55b6b8a7ef8dL,
-          0xe73fa126c1fbf0L, 0xdb3756060148dfL, 0x72f1a98f3f1fbaL,
-          0x1f71d0aea550f2L, 0xc3ea4f09544a87L }
-    },
-    {
-        { 0x5b09da24322bf3L, 0x2a573d561264e1L, 0x93cb2e1803acc4L,
-          0x397b4fbe502fc6L, 0xddfb21239e0ebcL, 0xeccd8f5bbcbc57L,
-          0x49d3bed4663788L, 0x37192aa1218df9L },
-        { 0x8a05bc92ffa3c6L, 0xc38c28123ebf4dL, 0xc80d547fe343a8L,
-          0xa8d5a5b6c63516L, 0xc5d8ce18d8fa6bL, 0xeb5e87224a87c0L,
-          0x9806e9e75bfa23L, 0x11f0889689469aL }
-    },
-    {
-        { 0x81005f68e75666L, 0xb84d861d349505L, 0xe0832829f321eaL,
-          0xb751d7acfa33a1L, 0x793cf6f067c550L, 0x073a6b21027e56L,
-          0x53f40ee66a6012L, 0x70bfaa8c210fa9L },
-        { 0x1518e39e4b5998L, 0x8f0b53024b8d9cL, 0xd91c281afdf923L,
-          0xc5cfb2824e3f69L, 0x63a529a870871fL, 0x3d3e8872128dadL,
-          0xed658dccb30cceL, 0xf9373b9afb7baeL }
-    },
-    {
-        { 0x22d4dbede58ed2L, 0x4fefc1d03f8789L, 0x6b0a1fe344817fL,
-          0x96bef40a56b0b2L, 0x32684eeda249faL, 0x8298864524a91bL,
-          0xa958baf0c736a1L, 0xd033a7def2f3e5L },
-        { 0x5be3edc43f4d6aL, 0x326a39d9c89abbL, 0x90c44f755d997aL,
-          0x20581066e966c2L, 0xdbae4906548038L, 0xac7bc97d473fc1L,
-          0xb34488b4b2603aL, 0x27aea275e9bb98L }
-    },
-    {
-        { 0xa59e7281b88773L, 0xe2f05d40c241f6L, 0xa56229e4e75749L,
-          0x8f00c0b1b10705L, 0x855994619394d3L, 0x0d7e352aaf5e32L,
-          0x526c462787b8eaL, 0x89297d9a179d48L },
-        { 0xeff17e6ef43892L, 0x17091eb221f841L, 0x82f5eb34a4b848L,
-          0x6bea4778eb7b76L, 0x21f227176c536cL, 0xd9ef2c896c81bbL,
-          0x7c2754654bf4d3L, 0x9dd4662d7c28c8L }
-    },
-    {
-        { 0xe7fff0020e1a6bL, 0x26a35c6a08d467L, 0xb3c773d3248c91L,
-          0xa646615ba7d935L, 0xa91f453b0d26faL, 0xdcf9c3460c6d32L,
-          0x63668619e3e3dcL, 0x3012813f30f3e2L },
-        { 0xac6623dc2fc61aL, 0x108dc252bfd2ffL, 0xd7f5c0d231d6eaL,
-          0xa904f9aad1107eL, 0x46941c20d1e9c8L, 0xe5b6451c810cf2L,
-          0xaba8e674f511d1L, 0x5b4b94f08373feL }
-    },
-    {
-        { 0x002d4e2849c230L, 0x9bed0efd8ba391L, 0x745e0c0828e319L,
-          0xcd40907ca58de2L, 0x2c87ab11abaa4aL, 0x3c17a97db64391L,
-          0x36b184e86c72d2L, 0xb03d202485f7aaL },
-        { 0x2b6b79bde24abaL, 0xdcb78542325fb2L, 0xf5d1db966ebae2L,
-          0x35a4d5b903840aL, 0x7afeb09190e9daL, 0x1818f6a35c1792L,
-          0x90091fa3faa269L, 0xc4ccff62570235L }
-    },
-},
-{
-    {
-        { 0xa177619ec85940L, 0xfca24db7ef7eeeL, 0xb2450f37a90c11L,
-          0x29d256ddbf4f85L, 0x920c8d051316c3L, 0x2f7f7ba04474daL,
-          0x308117f2ec9a0bL, 0xd0a231ad0d2085L },
-        { 0xf3288fc7ab641dL, 0xc68bade9f4fa32L, 0x768f014bbf8253L,
-          0x5eff260c0a33f0L, 0xc71b4536bb93ceL, 0xa71d045680697fL,
-          0xb62444cce72bc3L, 0x11f03e8d1379f3L }
-    },
-    {
-        { 0x1f54789c16df92L, 0x874c642e3ed142L, 0x6699f60fa2a9f1L,
-          0xbd1b8d33fecfc1L, 0x59682d58a3d953L, 0xf17c0214a36b81L,
-          0xeb9621d181a666L, 0x7c2c3ab3cf1ad8L },
-        { 0xe6888c3e529f7cL, 0x197b66ab355315L, 0x63b558a83e31acL,
-          0x4aa7bc5891c68eL, 0xc17d989592e360L, 0xc750a291363666L,
-          0x0d534704909ac0L, 0xd6d02724594a10L }
-    },
-    {
-        { 0x35c541b3fbb635L, 0x50016d05982afaL, 0x58ebce496b0ca0L,
-          0xb940027577ea56L, 0xf29d305e38480fL, 0x43705b0ebd6a2cL,
-          0x0e4acdae90c639L, 0xbe94a29f56e05eL },
-        { 0xc61f4a030659adL, 0x39074adc402211L, 0xfe0d8d551b621dL,
-          0x2d02e8dd1d5222L, 0x05ece3c46c2683L, 0xf70705ac689d41L,
-          0xe3caf444d837bfL, 0xfda058475ba6d0L }
-    },
-    {
-        { 0x1098163cb7d458L, 0x12b645ff5ba834L, 0x70a318128af72cL,
-          0x5f4727ef32e5ddL, 0x7cbae1510a21b4L, 0xa80bf806785389L,
-          0x9827402b8f93b7L, 0xe385f8208349daL },
-        { 0x2d054619589f6eL, 0x6aa5b26e7c0191L, 0xe79ae12bd5574dL,
-          0x5d13f914148e61L, 0x7b2be0f13716ffL, 0x82b0fe680bb81fL,
-          0x697633c3e2569cL, 0x6c1f083873f8b3L }
-    },
-    {
-        { 0x6e26d850be1674L, 0xe4e47f6ab8044fL, 0xfdf46e882fc434L,
-          0x639ae2cc89cadcL, 0x2244a524b85bdcL, 0xb1e4790b7cf4eaL,
-          0x51dce037e0bb8fL, 0xdd143352716ceeL },
-        { 0x1c049b48e8841dL, 0x6bf26dcb97c621L, 0x21d6255ba01178L,
-          0x477258a8e4f0e4L, 0xf5e437e68f8ef1L, 0xd118fbc8b03e1eL,
-          0x3d6bc51e1c91b3L, 0xa259486d5b6907L }
-    },
-    {
-        { 0x4159cfc7b6f5dcL, 0x05a52b3493694aL, 0xeeb511c83b8883L,
-          0x19d79e42b06400L, 0x8e503a2738f37eL, 0xa30e5795a94ad9L,
-          0x3981c75262618dL, 0x06b6c692dcba19L },
-        { 0xd7242ee4d1b051L, 0x6274ccb3b350c4L, 0x66df0bbf540019L,
-          0x4d66be65ae12d5L, 0xcea29601049cbaL, 0x40473398df84b3L,
-          0x7d6c96b75a31c8L, 0xbb80159874174cL }
-    },
-    {
-        { 0xf0f7be059f1aa4L, 0x798f39adcff451L, 0x96763ff8014e1eL,
-          0x03987a809cc5ecL, 0x4919656893650aL, 0x92e8eef75e24dfL,
-          0x54e97cde89d639L, 0x8081d067682cc0L },
-        { 0xb9ef41aa8ceb71L, 0xb8173a4a4d7aaaL, 0x93d81b1c54ee10L,
-          0xabe180570a445aL, 0xac0ff9764d569dL, 0x86946b23e570beL,
-          0x8e11dd24180641L, 0x3d0b33c99f67dcL }
-    },
-    {
-        { 0x2c9637e48bf5a4L, 0x9fdec19ccaf112L, 0xe5cde9d5c42023L,
-          0x9869620878f0ccL, 0xcf970a21fe6ebaL, 0x1df5ec854e678bL,
-          0x4667f0128d00ddL, 0xfa7260db0b3fa8L },
-        { 0x6bd2895b34239bL, 0x04c8bc52d2a50dL, 0x14e55ef6cb23e2L,
-          0x6440c273a278d5L, 0xf4b12e32193046L, 0x46adf645dd4c08L,
-          0x70e29984656e8cL, 0xe7b36eae4acd44L }
-    },
-},
-{
-    {
-        { 0xea64a5716cf664L, 0x8497ee426fd357L, 0x44d94b4814e851L,
-          0xf4aac225a6a2cfL, 0x947b30980c301fL, 0xf390ba17865383L,
-          0x16c4fc6d1773d3L, 0x61b98146227220L },
-        { 0x07dd03a1dd0270L, 0x290ca820f160dfL, 0x8f2205444ba955L,
-          0x4e85e450b6f1b3L, 0xfd73ce9ad78089L, 0x67c12702f2cb0eL,
-          0xa7de0d7ee33a61L, 0x6a811cc6553261L }
-    },
-    {
-        { 0x5ef05742d0a427L, 0xe8d2e95220a341L, 0xdd28cbf8044886L,
-          0xdad7b4ba1aa58bL, 0xb28f3738ec901bL, 0x1841a935bbe3dbL,
-          0x8fd7cd1a075feeL, 0x93b603fc0d3cddL },
-        { 0xca54fd55edd859L, 0xa4cb05f64ed687L, 0x3138668ed1a3d7L,
-          0x1224fdaee32be5L, 0xf1f532bc80aeb3L, 0xa4f65d0e8d4d69L,
-          0xc697a015905fe5L, 0x514da7a6690ce4L }
-    },
-    {
-        { 0xc7b9af83de4a55L, 0xc79bad7b318d93L, 0x1808071f5b1c83L,
-          0x92112efb965b16L, 0x655ab387bb740aL, 0x53dbc8b384ff87L,
-          0xd153c2872dc6f2L, 0x2ec20e199c7819L },
-        { 0x65e46ea3b854b5L, 0x272d5aec711db5L, 0xfd1bb5326e19e8L,
-          0x33280b83dc0665L, 0x95b986eb8f1c4aL, 0xa671fc4a685c4aL,
-          0xa03cbd583bdbbfL, 0xd329402ab77544L }
-    },
-    {
-        { 0x40fa6518e62b35L, 0x3913b11f9e55a6L, 0x4e8089b5270a41L,
-          0x565f52a80d1886L, 0x93b5f05512749bL, 0x35c869c141c547L,
-          0x9a44a1af86717fL, 0x2b9984b9c2b2cbL },
-        { 0x61fb6074952322L, 0x2d4072f7af1464L, 0x9b2fa8c600eb30L,
-          0x6071fb7f10668eL, 0x27cc24d90634caL, 0x3875bc2471d32bL,
-          0x678590ba11210cL, 0x352b447fcc5a9aL }
-    },
-    {
-        { 0x795d5415fa3200L, 0xadaa557a92949fL, 0x42fff063cc88c4L,
-          0x26d683171b68a5L, 0x3286549e67ad8cL, 0x5bf636386396b2L,
-          0x41229b6e12c8eaL, 0x05320c9748952eL },
-        { 0xae36b63900b460L, 0x9354ff2f2b6affL, 0x10b810b065ee0cL,
-          0x4d6925fcc8bb38L, 0x31c03fd7a22f14L, 0x76b7f4457544e8L,
-          0x3a9123cc0eed26L, 0x77acd67e0cd1ccL }
-    },
-    {
-        { 0x2e9053007ec527L, 0x32388ef62937cfL, 0xa445389e229188L,
-          0xa44b68e33bcebeL, 0x5a8722e4c4e701L, 0xfd066e8cf07e41L,
-          0xa3c1a4f95fab62L, 0xb4d6a1be542f24L },
-        { 0xe6a92e4af6c9b5L, 0x9452484c83d61dL, 0x422b55b0062276L,
-          0x261973a5279688L, 0xde8be263999fb2L, 0x64e96287b029caL,
-          0xd8edfaa06897d4L, 0x408319c6955511L }
-    },
-    {
-        { 0xff6baed50a5632L, 0x922b7d05c5885aL, 0xdf0f3b31b45864L,
-          0x27e49c0c04340eL, 0x618c566122c447L, 0x7863a38eafee7eL,
-          0x7143affb828cb0L, 0x51fcf4cf9d054eL },
-        { 0xc4a4b3127f5e09L, 0x021f47a90be2bdL, 0x1a060197ab956dL,
-          0xe77fa1586ea86bL, 0x9ccde87d550ef3L, 0x7dee53a6532654L,
-          0x8b4f060e826387L, 0xda38637ad077b5L }
-    },
-    {
-        { 0xbc901b30e9fac8L, 0xfa082046fb2a2aL, 0x92f68ab5e04efcL,
-          0x184a30a9ac12d0L, 0x1aa11aab25d479L, 0x8bc5f4c0f03161L,
-          0x7e3a083cfc8817L, 0x84d9355597f93fL },
-        { 0xc014478239abc6L, 0xb226b098d37b04L, 0xb056942f575789L,
-          0x816b95aba745ebL, 0x2a49d39b98ddb6L, 0xc41ca26291af81L,
-          0xb3afe99ab26347L, 0x59c31bc604b638L }
-    },
-},
-{
-    {
-        { 0xa16a8b9c42befdL, 0x731c9c92052f00L, 0x1ad49b41f5dfa0L,
-          0x7a289e3bffce36L, 0x868fac00c79cf1L, 0x6d6d28486721abL,
-          0x590f928e726c94L, 0x0e802cb51f3841L },
-        { 0x6a6a57a0b694bcL, 0xb9bb0cd8120fb8L, 0xad96ac79c05826L,
-          0x294da8c7768df0L, 0xfe32311b56c6c6L, 0x291c2c6ae8d050L,
-          0x1c765e7e7db4c9L, 0xe058298d65f9f7L }
-    },
-    {
-        { 0x4bfa85b7e8d345L, 0xa04ef95de1dfc8L, 0xb5f7f21324ace3L,
-          0x4b350a1574b14aL, 0x11436bff8e5c8dL, 0x1c789f97642369L,
-          0xeb5e335fb623ceL, 0x9deacd2442d562L },
-        { 0x4ff989f531ee71L, 0x43e2c49aacb52aL, 0xa76319885bfadcL,
-          0x08b6d5cd0161a0L, 0x010e3fa541f197L, 0x83a589e3279a16L,
-          0xf0991376309f9bL, 0x07c093bf1cea10L }
-    },
-    {
-        { 0x1ce3f0f33d2192L, 0x07b559ac37ce73L, 0xaa2ad38207be27L,
-          0x84f053b7ed93deL, 0xbc5c7973b98a4bL, 0xc92346163aa9b9L,
-          0x807cc16231a10cL, 0x8ffdf57a061209L },
-        { 0xa9ca741497070fL, 0xf608ec9d113b3aL, 0x51327268d0384dL,
-          0x96686acf5ec307L, 0x437bbbd71c4665L, 0xdef09d57c379caL,
-          0xf8be033621747cL, 0x2775b378ae8047L }
-    },
-    {
-        { 0x4009798b2c4fc2L, 0x148d7d1203772eL, 0x9d9392df8423fbL,
-          0xa5bd72eaf8cef4L, 0x579d58d4380b53L, 0x2ff88f18c39d24L,
-          0x9ca2fbc5706466L, 0xb42987d1e56af2L },
-        { 0xcc2556e5d94ea8L, 0x4e5c2b35369d76L, 0x5de35742a94f9cL,
-          0x8d068c95cb4145L, 0x4d553ff51bfcbfL, 0x3ab71648a23fceL,
-          0xc9cb3a9d0fa7f3L, 0xf81209bed9ced1L }
-    },
-    {
-        { 0xde7356ee5b66f5L, 0x7b2bf1ae8a25e0L, 0x09a444a2c9b725L,
-          0xfd8a2f44906c55L, 0x409cc8082514f3L, 0x47e009928999a9L,
-          0x0a582a66a312f4L, 0xf7946f8f6723deL },
-        { 0xa55f6ba92d8affL, 0xb62c3c8a544b1cL, 0xa1d14115c16a94L,
-          0xc3783192ad5e71L, 0x13d784706b1dd6L, 0x99005f8ee7ff55L,
-          0xfb5ea3f8a1e7d8L, 0xdc7f53cb4cac39L }
-    },
-    {
-        { 0x482abaf36e3794L, 0xc23e9e5c74684fL, 0x4544cf6f1629beL,
-          0xd8a8ee52f40374L, 0x2eea87ff433bdbL, 0x489a99cae9990eL,
-          0xefc131e54b23b6L, 0x25fe6998600270L },
-        { 0x03d2d9ec059a7eL, 0xa6445b56979c3cL, 0x491a10c9bfbceaL,
-          0x15b5974e937af1L, 0x4be8002797c7fcL, 0xbed8a49fedcfeeL,
-          0x35751cea9e0691L, 0xe9a9fa39ef5982L }
-    },
-    {
-        { 0xeffeaca3065de7L, 0x841d544ac4d4e2L, 0x8144679caf199fL,
-          0x98cf4f9443967aL, 0x8cd57f4f33183cL, 0x390832ac1b15ebL,
-          0xc4b1feaa53b500L, 0xd762a10dff24b5L },
-        { 0xccd3eedb0ee2a9L, 0xa6dd4a9362d485L, 0xeb4ff26f1d047aL,
-          0xc0771fd23860fcL, 0xdbb4e394b64114L, 0x2ff3f244d29b29L,
-          0x9cac005387b365L, 0x05b7aa6de5994aL }
-    },
-    {
-        { 0x5e71752c03dd63L, 0xad10fe9bc74687L, 0x51a5b0c54c76abL,
-          0x763fd501f586d4L, 0xc7bd5ce816048bL, 0x8fc83d23f744dcL,
-          0x0561802109df9aL, 0x18fb01fccf0e43L },
-        { 0xe4606fc038ab23L, 0x5878f1fa664c98L, 0x3aedbbd5da7356L,
-          0x3c578f5516746aL, 0x259477f1a17210L, 0xc7a869d028248fL,
-          0x6517a6148cbf95L, 0xbc5f91d3d04d47L }
-    },
-},
-{
-    {
-        { 0x15fd9a9083ca53L, 0x1161da02697ca6L, 0xf516af356b676cL,
-          0x8a420d575eec13L, 0x72d67421a9526bL, 0x8d8c29e76b463fL,
-          0x38a4f588815627L, 0xf7e528be0650f9L },
-        { 0x2cfa78e382edcaL, 0x638d183c4ad83cL, 0x96d3b9de4a0119L,
-          0x5769ccba7c1101L, 0xc3b3b792b8d04aL, 0x96212f64951bdeL,
-          0xad7905a481161eL, 0x8fd676241c5edfL }
-    },
-    {
-        { 0xf7b063539d6cdeL, 0x69d0549115a84aL, 0x4a976c6cbd9fe4L,
-          0xc92953f950ff96L, 0x1d7f0fe654d127L, 0x7293870da0f75dL,
-          0x7bb3652cf2277fL, 0x64798c9834484fL },
-        { 0xb94d8bfac3a76cL, 0xf5721a97ff776bL, 0x23a6e9f2722e31L,
-          0xe9da9969a5c034L, 0xb9bbf83456ebc3L, 0x239f58a96956a4L,
-          0x8b75beb18b7f00L, 0x6c2b5b8a51cb97L }
-    },
-    {
-        { 0x78b1c627eb41f3L, 0x0638fcf17c4352L, 0x939edd80c5709cL,
-          0x0a8dfc3edc906cL, 0x3942f47efb01edL, 0x4c8275749986feL,
-          0x792545c4dffa57L, 0xeee68836c3ff26L },
-        { 0x824d08e12b1218L, 0x515a478902457fL, 0xc70cc9cbae55b3L,
-          0x1240737bcef9d4L, 0xf22e6162f9db7fL, 0x98c4f0291f8da2L,
-          0xa89219cafaaa67L, 0xf35fd87e7d27e2L }
-    },
-    {
-        { 0x19b0cd701b80d0L, 0x3d7e29df9aebd1L, 0xd39c9ca0477cbcL,
-          0xac0f6155ff0d3dL, 0x8a51993520fd01L, 0x508ff54b22d6fbL,
-          0x8786c47318d3abL, 0x4312c464a683f8L },
-        { 0x73b1d3995359f6L, 0x0d94fa5963011eL, 0x5723af29bfe83eL,
-          0xafa90016841df3L, 0x791e92ab7c498aL, 0xbc931ad7ea4253L,
-          0x438e016b783c06L, 0x1347db22ca662bL }
-    },
-    {
-        { 0x41df37dfbaa861L, 0x98ecb23329e4deL, 0xdaf1560507e018L,
-          0xa902269b088e32L, 0xad898a5e4cab2fL, 0xd84e9ed02c1e1bL,
-          0xc20a5d58488af3L, 0xc7165af6cc77c6L },
-        { 0x8526f3adeb7461L, 0x03577b14a2d332L, 0x28e469de4760b5L,
-          0x442c7f9b276266L, 0x90d5c77f9c90faL, 0x7aa87163e211bdL,
-          0x56d8ff05decfd6L, 0xa204b56ee23e6eL }
-    },
-    {
-        { 0x2e4374e4aceafcL, 0x978743b6fcd5e5L, 0xa0f6345c4855caL,
-          0x9bc7e4fe98074bL, 0x3835d57c33d08aL, 0xeec7c8b6f00566L,
-          0x71628a21acf55cL, 0x5da375097fb19eL },
-        { 0x6904a8e01a7125L, 0xad33c85e6e3780L, 0x1702928c19f94aL,
-          0xb424ff27c04b3dL, 0xb212e3919e2ba3L, 0x4cca8e8c9af4c9L,
-          0x98ab7aefd9bf0eL, 0x21d245d9799db5L }
-    },
-    {
-        { 0x6b034dcec08806L, 0xfd763f2b40f2d9L, 0x5e16de029cb906L,
-          0x02b70148a0e16aL, 0x463c8eee071e12L, 0x644728125ad509L,
-          0x9ee6f2ddc0e07aL, 0x188895c68d4d97L },
-        { 0x092fff3b27f971L, 0xb3c159fc9b7722L, 0xe27d8ff3cae42dL,
-          0xf8a5ed6e87071dL, 0x318388f607ebd2L, 0x924967b53486f1L,
-          0x77304947c46e1fL, 0xf279c60f21d196L }
-    },
-    {
-        { 0xef2bc0384f3201L, 0xf8750c71f94c51L, 0xbaa4f5a986ec65L,
-          0x6f8a5de2732a33L, 0x0f13d80299e365L, 0x2709530e85261fL,
-          0x097d922f527d56L, 0x4969687be1f3f8L },
-        { 0x9f3f5043e1708dL, 0xac67b874aa4be4L, 0x75fb042320a87eL,
-          0xa361ad36e2cad6L, 0xcb01470203e9f6L, 0xe3807b7c9b76c6L,
-          0xf086833b907c09L, 0xe9bed3c7e85a01L }
-    },
-},
-{
-    {
-        { 0xa7ea98991780c7L, 0x04e4eccd2476b6L, 0x0af9f58c494b68L,
-          0xe0f269fdee64fdL, 0x85a61f6021bd26L, 0xc265c35b5d284bL,
-          0x58755ea3775afdL, 0x617f1742ecf2c6L },
-        { 0x50109e25ec556aL, 0x235366bfd57e39L, 0x7b3c97644b6b2eL,
-          0xf7f9e82b2b7b9cL, 0xb6196ab0ec6409L, 0x88f1d160a20d9eL,
-          0xe3be3b4586f761L, 0x9983c26e26395dL }
-    },
-    {
-        { 0x1d7605c6909ee2L, 0xfc4d970995ec8aL, 0x2d82e9dcf2b361L,
-          0x07f0ef61225f55L, 0xa240c13aee9c55L, 0xd449d1e5627b54L,
-          0x07164a73a44575L, 0x61a15fdbd4bd71L },
-        { 0x30696b9d3a9fe4L, 0x68308c77e7e326L, 0x3ac222bce0b8c8L,
-          0x83ee319304db8eL, 0xeca503b5e5db0bL, 0x78a8dceb1c6539L,
-          0x4a8b05e2d256bcL, 0xa1c3cb8bd9fd57L }
-    },
-    {
-        { 0x5685531d95aa96L, 0xc6f11746bd51ffL, 0xb38308ac9c2343L,
-          0x52ee64a2921841L, 0x60809c478f3b01L, 0xe297a99ae403acL,
-          0x7edc18fcb09a5bL, 0x4808bcb81ac92aL },
-        { 0x3ec1bb234dc89aL, 0x1e8b42e4e39da5L, 0xde67d5ee526486L,
-          0x237654876f0684L, 0x0a583bd285a3ddL, 0x3d8b87dfe9b009L,
-          0x45bd7360413979L, 0xb5d5f9038a727fL }
-    },
-    {
-        { 0x7b8820f4bde3eeL, 0xea712ef24d5170L, 0x517f88cdf6ec7bL,
-          0xb15cecf983ea9aL, 0x9eeee4431a4592L, 0x786c784ebb013eL,
-          0x2f06cb31f4e15dL, 0x5603fd84f4fda1L },
-        { 0xf6790e99e1321fL, 0x274c66a74a4c09L, 0xa4b70b49a41a4eL,
-          0x7700bddada5157L, 0xe54a60d51be8dcL, 0xfaf92761a477e0L,
-          0x6661c72b027eacL, 0x50e2340280b917L }
-    },
-    {
-        { 0x635f40f96ec123L, 0x4a331337a766a4L, 0x9ce4416b935587L,
-          0xbb6e1f595d97e4L, 0x26147239d4197dL, 0xabd4478490e896L,
-          0xf6a1b2a8bba895L, 0x401fa405e27a45L },
-        { 0x7354ba50620900L, 0xc443a29385678bL, 0x48aba1053cf5faL,
-          0xd67e723bbe152dL, 0x4b858e02a63d68L, 0x174e1ee72be4eeL,
-          0xad0fbb39ab8d46L, 0xa0fdffbce17dd7L }
-    },
-    {
-        { 0xa1ea3259c46fd8L, 0xeca122e9fb96efL, 0xf9074a26767acdL,
-          0x9b004a22787082L, 0x389f8077f3ba8eL, 0x6463de90d5aabeL,
-          0xf30ceaab090585L, 0x71b31e85634ab8L },
-        { 0x0dee65caf02aedL, 0x506886e20ac252L, 0x0665f7886b8a59L,
-          0xb9b784df2bb328L, 0x46e443adc6b089L, 0x3d5de1966c27fdL,
-          0x0419265f0fde70L, 0xed946122b5c034L }
-    },
-    {
-        { 0x5a52ad213b0056L, 0x9fbeb92b909ee3L, 0xb42ba18bdaab08L,
-          0xec127c4ffc8a77L, 0xc6d2985fda906aL, 0x5355547994bbe7L,
-          0xa7470c09cdfd62L, 0x31a3971d2e675aL },
-        { 0x8d8311ccc8b356L, 0xabb0bf801b4372L, 0x33c1cad0294566L,
-          0xe2e649ce07b672L, 0x9084d882ae3284L, 0x7a90d4c1835ce2L,
-          0xb4d1cd5809d44cL, 0x78227149f0528fL }
-    },
-    {
-        { 0xca884cfbf5844bL, 0x9dd05c48524cf9L, 0xdbffa1936ba889L,
-          0xef94fdd29e7666L, 0x358f81b3eaf48fL, 0x96734d51530d56L,
-          0x378b2d14adf9e5L, 0x2f850464731f61L },
-        { 0xd6ae90599dcb83L, 0xa4f89e06199239L, 0x64052498f0f958L,
-          0x2866d99cc27707L, 0x64681a2f551c0fL, 0x2c7b0d04c37080L,
-          0x218925b00ac301L, 0x8d57fb354df895L }
-    },
-},
-{
-    {
-        { 0xdaebde0809c8d7L, 0x58c761c0e95ea1L, 0xbd9965000ae5e2L,
-          0x6117a85cd51acdL, 0xc4424d87c55d56L, 0xe9b1ddedfbeeafL,
-          0xda98bb50db4791L, 0xff3a5a63fca108L },
-        { 0x172fb8e5ccbea1L, 0x9fe12a7a9f6cc9L, 0x1de4b0b8967ce2L,
-          0xc1ab60f671dbc6L, 0x338385a5dedcdaL, 0x647a4203a043feL,
-          0xe9abc6428ebc89L, 0xc357ff003ba3c8L }
-    },
-    {
-        { 0x37061e7de39ebdL, 0xebb91352be567aL, 0xa9a6f6bd6bb80aL,
-          0x039345d99f0ba2L, 0x215494e98bbf47L, 0xf2cb7a4a2a1ccbL,
-          0xf51aa1037f67c9L, 0xd29c85c17fff71L },
-        { 0x8d4e4f24d30b87L, 0x20fdf5593a8309L, 0x9b9f9cf757075cL,
-          0x09142adcd70101L, 0x901d0ee766ca55L, 0x6a5d86a32e418bL,
-          0x550ad92d7fcaecL, 0x64e8818d91b26eL }
-    },
-    {
-        { 0x5cea0f747e5ee5L, 0x8ca1d31be99699L, 0x52db8465c136c7L,
-          0x8cecb3890e0d74L, 0xb8efe9dede2ad8L, 0x18d6ff8f17ade8L,
-          0xd2227352d66c20L, 0xc46593ef2005fdL },
-        { 0xe5ebe6ff7141e1L, 0xc968315e0126f2L, 0x95adc731cb91b6L,
-          0x753b54c38a6003L, 0xa6141254230a61L, 0x23ac6eb559feceL,
-          0x9816b603865c23L, 0x567014e543a570L }
-    },
-    {
-        { 0xd46091ddd2b71fL, 0x3999a5d97d24ffL, 0xce2a4f11ecff3cL,
-          0xab2687c581c6f0L, 0xa9fb2ebcba70b4L, 0x6fde35642093e1L,
-          0x00253ecaee724aL, 0xa08ce3c2b81bddL },
-        { 0xa251238935a2b3L, 0x8cae1d4584f750L, 0x011469e988a219L,
-          0x61f7ed35a6a50eL, 0xe13ebaa01fcebdL, 0x794b97631d8867L,
-          0xf25755ccda32e7L, 0x368a97b4564cd1L }
-    },
-    {
-        { 0x0d22224aa3397bL, 0x1dbb3e638066dbL, 0xfe0b5ee0ce8e32L,
-          0x09c17c87bab4dcL, 0x5cc65ddf188b64L, 0x74c4abf211b5faL,
-          0xdcc17b7ab0ba86L, 0xfbdf46fa535501L },
-        { 0x4775087aca569eL, 0x6575f9006a1718L, 0xb5c45a9b94de93L,
-          0x0fc80068497171L, 0x775d965489f7abL, 0x8775b58f5c0c89L,
-          0x05d4e201a06254L, 0x8cab349b6d73a5L }
-    },
-    {
-        { 0xca7816339465b0L, 0x3ef914814498fdL, 0x9ca1f346255c11L,
-          0x389fd15b7f38f1L, 0xdac2089354b8f3L, 0x82d07fca840a70L,
-          0xf53fd731dd483aL, 0xa6e4eae1590578L },
-        { 0x7bf65af3c01b77L, 0x27542f3a75c982L, 0xc5bd947716cfceL,
-          0xba5fe76884b9e7L, 0x39bae14d55725dL, 0x982f64efae0eabL,
-          0xcfae6627a5293aL, 0x22a25a1d60f464L }
-    },
-    {
-        { 0x74caecc7dd5e16L, 0x23678a2ce7bca3L, 0x467393257f1ba1L,
-          0x4eb9948a4c1697L, 0x5d400e8eaba18dL, 0x128d1c89807871L,
-          0x78f9627bff38a6L, 0xf80b813a39d4ccL },
-        { 0x8aeefa031d3aadL, 0x504219927db664L, 0x244fc694cb6383L,
-          0x319047772192a3L, 0xcc86075bbfb57bL, 0xbae3a134451511L,
-          0x16cf416f6174f0L, 0xb343cc0d376813L }
-    },
-    {
-        { 0x31ac9b9d1824b7L, 0x6282260ec8f61aL, 0xbbeb9f8c781765L,
-          0x06ab5c02d110daL, 0xd583e2247146b8L, 0x79a16084100d05L,
-          0x16dbbb4f0a5c95L, 0xfe2af1de331667L },
-        { 0x26f0364af8710eL, 0x1cb8c91eec08feL, 0x436bce61d95e9fL,
-          0xfe9050c57944a0L, 0x5f45acf07b626bL, 0x48dc93f9cf1276L,
-          0x4491371a05bfb7L, 0x51063044bcf785L }
-    },
-},
-{
-    {
-        { 0xac2e294ed0b3b6L, 0x5c5ade6671637bL, 0x2f289ce1140677L,
-          0xaf446e2754eb53L, 0x70911b720421adL, 0x4b73836e0b7556L,
-          0xcadf1042a97827L, 0x4824e498005bc6L },
-        { 0xb0eeccd937c28aL, 0x1ce061d0c3ee97L, 0xcb076319f33faaL,
-          0x9980bf4aea66dcL, 0x2bd0755d111d98L, 0x43feaf67fe4de0L,
-          0xe76fb80b077b2fL, 0x227dc9f5793b04L }
-    },
-    {
-        { 0xea24ae514f49baL, 0xbc39ea611436e7L, 0x9d7fed278485d8L,
-          0xb6ef00cdf8b131L, 0x0237b4bfdbc7afL, 0x08745b564ccd27L,
-          0xaf8595dafc5a76L, 0x43657af29f5500L },
-        { 0x300718348470f8L, 0x51f91fd640fd53L, 0x859c807be15512L,
-          0x7d1a474ab3e9c5L, 0x5d714d981553e5L, 0x07573436f62310L,
-          0xedc5be06b02a62L, 0x5a4b9b7ea47832L }
-    },
-    {
-        { 0x03e0a24e93dbb3L, 0x25841dccadc884L, 0xabc1a818d10ad5L,
-          0x207e38a2042dddL, 0x7fffbdbfeba8d8L, 0x74efebba3ec9b5L,
-          0x0bc39ca0b40a9fL, 0x69ee9c90267febL },
-        { 0xd402facbc62919L, 0xe9f8fc11cf53c6L, 0xe76fa5a7cc7d81L,
-          0x4f2d87696bb19dL, 0xd4fb7f9adc67c7L, 0x40621d596702dcL,
-          0x5b6a98e438f6c5L, 0xa7c64def1a1036L }
-    },
-    {
-        { 0x84c5e809a092c7L, 0x9e40e0a11c22b7L, 0x820a091d06c99bL,
-          0x45fdc77eecca8fL, 0xfe1b8a35794f16L, 0x31f7e5b4ce3d6dL,
-          0xfd5e01082c74c8L, 0xfdabf30c1f6f7dL },
-        { 0xbfa6017b9248a0L, 0xe898d30546b941L, 0x878c492207ff65L,
-          0xbf22e8db874e64L, 0x43fdb1b53a547eL, 0xb66deda5fbd464L,
-          0x59127a6c7ae1b5L, 0xa4636466a7515aL }
-    },
-    {
-        { 0x22c4e66de9ab2eL, 0xfaf60c20203c58L, 0xed2d7bf0d5c5edL,
-          0xdbc16fe4ca0f19L, 0x54e8ef6465b979L, 0xe2d64b1a310ef9L,
-          0xa0f2c953778636L, 0xf3b4aa4281883bL },
-        { 0x4ac9af09be6629L, 0xba455e11ca90c5L, 0x0147538856f492L,
-          0xc80db7eabd7840L, 0xb3526d96beb9cdL, 0x37657fb9d81503L,
-          0x8729a16193cec3L, 0xd9a93fbd69952aL }
-    },
-    {
-        { 0xfce017594f47c6L, 0x228da21e366d05L, 0x27ce0b2dc8baf3L,
-          0x8cc660b6b4a951L, 0xf678947384bb01L, 0xc629d7d44d980cL,
-          0x47980e4e85e81fL, 0xa2e636a1cd723eL },
-        { 0x6b6ebae77fb207L, 0x70179614c92891L, 0x5569541b4d279cL,
-          0xbb6b36a41758cbL, 0xecaa22227a8e30L, 0x8b6746ab470ad9L,
-          0x4c4601763e2d3dL, 0xe19c4edd3edaecL }
-    },
-    {
-        { 0x0b43fec34718c8L, 0x553c407f33499fL, 0x8272efb970d1dbL,
-          0x008c62ca8e8d1cL, 0xe4b79d763eec45L, 0x1fd4230f2d71a3L,
-          0x090fdafa368c36L, 0xf62c101fca7baaL },
-        { 0x1c9e6c8d2395b3L, 0x671ed6304c5513L, 0x577d933299a465L,
-          0x286890e63f9986L, 0xd92a95dbfc979cL, 0xcebd79d2b51019L,
-          0xe74d88b3d07251L, 0x8b6db73906f9adL }
-    },
-    {
-        { 0xc0c43db7b3d90cL, 0x85d154e4304a06L, 0xe8aceefaf2f38eL,
-          0x5e0429383d9459L, 0x65e5e32431afd1L, 0x9e5f050a900a65L,
-          0xcbaa1718a26671L, 0x33d0b249c93de7L },
-        { 0x3dcbf92d5b6680L, 0xc47e5ec20006f9L, 0xc9711299a51924L,
-          0x665d9b8cd0ed46L, 0xed2d63fa5fcab6L, 0xa817eb6cfbfc5aL,
-          0xb38169fb76eb76L, 0x8b93544f11160bL }
-    },
-},
-{
-    {
-        { 0x02eca52693bdcdL, 0xbbf09232ae01d6L, 0x0b0a2de8b44b3eL,
-          0xdb82449b250dffL, 0x0c42b866e1c530L, 0xcd226dca64c2c4L,
-          0xcfb2bb1f046b5fL, 0x97e2fae3fccb0dL },
-        { 0xdf9290745ed156L, 0x224dcb9f641229L, 0x2126abc5f1f67eL,
-          0xa7eed5ae9c8a6bL, 0x40abedc9857d9bL, 0x3f9c7f6de941c6L,
-          0x2158d42d725ddfL, 0xbdd10158c69543L }
-    },
-    {
-        { 0xa7dd24e8df2fbcL, 0x3adbcfd13d1aeeL, 0xf6a32d113b2177L,
-          0x89a72327a9a14cL, 0xe3aef43dc65df9L, 0xeaec3e3a64d74cL,
-          0x4d387d84fec33bL, 0xaba2a0521a2128L },
-        { 0x2382c226b85e30L, 0x4352d85cd2aad3L, 0xb0c6001d9772c4L,
-          0x7ed82635f3653fL, 0x3626a6f0300f47L, 0x23909de6ca7e4eL,
-          0xb43dd81c154141L, 0x9a49fad7e4bc68L }
-    },
-    {
-        { 0xa3661df2428f88L, 0xbe48b0256e0db2L, 0x3cd1871ce79aa9L,
-          0x90ab87123dddacL, 0x9c58fb971871a6L, 0xf031f7fa34910eL,
-          0xb501eea81060e4L, 0xdb668ba791224eL },
-        { 0x240bbcb6a705bcL, 0x7e76fbd2d1865eL, 0x6e2cd022513641L,
-          0xe6c522546365c9L, 0xe46a8b8a5a01fbL, 0x696fa7bb67618bL,
-          0x418b3b90db6792L, 0x7204acd7108b9cL }
-    },
-    {
-        { 0xb5a143b8456b45L, 0x8a3ab25f53b4d9L, 0xb112a58e13a570L,
-          0x613ca3281487d2L, 0x837d8233b1e7c9L, 0x592baded41e9d5L,
-          0xdc1893a5cd02f2L, 0x08795028972e23L },
-        { 0x7003c08cb76261L, 0x14bde9e332a5e0L, 0x14b2872cbbd78eL,
-          0x5594061de238e8L, 0xad12645067466cL, 0xa8d0e64f5e4952L,
-          0x5b44b82c7f8d06L, 0xb51bea8fb1b828L }
-    },
-    {
-        { 0xebad6853f0daccL, 0x5c31b8b1cbebbcL, 0x6746975fa5a2dcL,
-          0x2d9596531d9faaL, 0x343797d00fc0e4L, 0x38d821c55fe01bL,
-          0x0bfdb247323aa0L, 0x42613c4f962a8eL },
-        { 0x599a211e134bc0L, 0x75fa4a147a7084L, 0x6e719487f734b5L,
-          0xd5ced2d6dfca2bL, 0x9fa0fdc8aeabd2L, 0x5e6b03f12361daL,
-          0xad23d315859fcfL, 0x3120ef125a5fc8L }
-    },
-    {
-        { 0x990ef628e9f638L, 0xfdaa240626a60cL, 0x4a3de202abddabL,
-          0xd5d10b7d8872b2L, 0xa01b7301ea5880L, 0x481697fa81b9d8L,
-          0x29841533471ed8L, 0xefd73f8292d37cL },
-        { 0xdda76269994bebL, 0xa0377036a4f865L, 0xda992ece5b47d5L,
-          0x912a427e53edbaL, 0x64675989264e45L, 0xd3b68c3af71222L,
-          0x9d3436c6dedc5fL, 0x1e027af076b2adL }
-    },
-    {
-        { 0xd56fca14382f4aL, 0x83712a48966b7bL, 0xd6b2cf5a4c9ddbL,
-          0xa66be29f602875L, 0x70e4266894f3d0L, 0x007d220b3195caL,
-          0xba38d8f82c74d4L, 0xdccc5fcd975cbdL },
-        { 0x03e1610c88b38bL, 0xeb9f9a152e0d8dL, 0x6a57ecab646eb7L,
-          0x161641fc76b6c1L, 0xf9025adbd2e12bL, 0x87c74db5c0e26dL,
-          0xed5cb51bfeca74L, 0x603dfb6e34a08cL }
-    },
-    {
-        { 0xc4be728cb03307L, 0xde34c0ec2741ccL, 0xe01db05a74eb17L,
-          0x1bfce0c8905e4bL, 0xb18830ad1b1826L, 0xcacbb41e87bbfbL,
-          0x8696842d2f1a79L, 0xa80e5fb08c83eaL },
-        { 0xe48f1633f1439cL, 0xc1d4108cd6987bL, 0x05705c4b751814L,
-          0xa9bffd0c1c622dL, 0x23de4af46cd053L, 0xf782f5e39457c3L,
-          0x815276b5e5d243L, 0x31320416161ae3L }
-    },
-},
-{
-    {
-        { 0x245966177f2542L, 0x203be7e8372b25L, 0xc7c9426ee2007bL,
-          0xc5641380621799L, 0xda56589c28c3ceL, 0x13e8a7c7afc1e3L,
-          0xdba81e9e352082L, 0xf43054904435c7L },
-        { 0x4d26533691de4aL, 0x364408cfb777abL, 0xccdfb43eae7f88L,
-          0xbc40f44a525b11L, 0x8e112a53c60627L, 0x7f7c581e17e696L,
-          0x0fd78781ea774aL, 0xd09e6320b1f582L }
-    },
-    {
-        { 0x44390bd70aab15L, 0x41112bc889c3f2L, 0x6b02894d685349L,
-          0x71030015584dfeL, 0x373cb1b1ba7887L, 0x53d286c2a017c7L,
-          0x2ed03883c81fdcL, 0x3bfc5e3fbcc6fcL },
-        { 0xd38ac6ffd6418dL, 0xc667e96bfad89eL, 0x46f4f77eab4d66L,
-          0x194c04f0911293L, 0x0fd09cf68c48d5L, 0x6f5b05563cf7f4L,
-          0x0c0a8c4acd562fL, 0x94c1d8336d965dL }
-    },
-    {
-        { 0x94fc8f0caa127aL, 0xc762d5dd803690L, 0x8bfdfd11ebf0d3L,
-          0xa98cdf248eac50L, 0x3d7365d8b5ff10L, 0x20dc29bc65b4deL,
-          0x62ac28e8ec7c68L, 0x7f5a13290372d2L },
-        { 0xf3d8a253246658L, 0xa4bebd39ac202aL, 0x078ede75cc1697L,
-          0x5525800c8fc022L, 0x302a8025fae77bL, 0x018013957917b6L,
-          0x7c8806d864bf55L, 0x4e2d87812f06f1L }
-    },
-    {
-        { 0x8d351183d66e88L, 0xfb861a1a91d02aL, 0x8c27c2a7850e5fL,
-          0x9fd6399a5496f6L, 0x52152ae8080049L, 0x600e2fffd1c2dcL,
-          0xc75902affe8b2eL, 0x5c4d2cce03b175L },
-        { 0x8ad7c424f57e78L, 0x77cf6061736f87L, 0x2876012f85038aL,
-          0xff328451b97b95L, 0x3cc6dd5392dfc8L, 0x72f1363a6f5075L,
-          0x028ec4471de894L, 0x7030f2f6f45a86L }
-    },
-    {
-        { 0x66400f59695817L, 0xeda0a7df20ea36L, 0x855be51d394992L,
-          0x2d082c18336f62L, 0x30944ddf28c868L, 0xfb5f8530dc86d0L,
-          0x9562ae5564a0bdL, 0x1f7ea12b6b9b51L },
-        { 0x5bd74e0d0a7148L, 0x6c8247fb91e572L, 0x699aba547da498L,
-          0xed825811f7c814L, 0x434674b62057b9L, 0x8b4df5e15c15b4L,
-          0x2a97da1b110081L, 0x2a96b0c4c417feL }
-    },
-    {
-        { 0x4f75dfc237639dL, 0xe5ad6bc1db7029L, 0xd43e06eb3d28f7L,
-          0x89f3bb5e447989L, 0xc426a2c01a1a6eL, 0x33ea71c315878fL,
-          0x8a7784ab1b5705L, 0xa59e86e77ca811L },
-        { 0xddb133c36ae155L, 0x49f1d4c0d51b42L, 0x55080829d05519L,
-          0x20e23be5291816L, 0x35047ec67181ecL, 0x6237dc47aad091L,
-          0xa1d3ce1e2e25a2L, 0x1de05220d3db4cL }
-    },
-    {
-        { 0xe9a5e19d9fd423L, 0x0c2c3d09801e43L, 0x043c2dd28df2daL,
-          0x4eecab4e1ad12aL, 0x97e17979615aa5L, 0xe57b879ca7bb5eL,
-          0xa2a903ccc92619L, 0x5cef370aa56e93L },
-        { 0xbef29fa7f3232cL, 0x1cf35ed2b7ad5cL, 0x35c48933b6077aL,
-          0xe0651487a1d47dL, 0xedb4673ce14572L, 0xdc9e98c0b17629L,
-          0xef98ebe9a02a5cL, 0x1f772e311d03c0L }
-    },
-    {
-        { 0xcbdbdcd4608f72L, 0xb4352235a13c6fL, 0xa6497f64bb3c21L,
-          0x3af238312c15c9L, 0xfbbf4b36322d11L, 0x520a5c6c641775L,
-          0x18cd967e81e0e1L, 0x980b2c63de3871L },
-        { 0xfa9db619ae44a2L, 0x0281dd2176bc56L, 0xfd037118a7f817L,
-          0x9c485454129b30L, 0xb439648039626dL, 0x355050ee4ada6bL,
-          0xc9c16d67f5d98cL, 0xf53ccc318c4d5eL }
-    },
-},
-{
-    {
-        { 0x50ae9423ffb20bL, 0xa6c0b426865eb4L, 0x4677f7d09930f1L,
-          0x742e0b64a16427L, 0x521d18ef976f9aL, 0x43ac9cfa454749L,
-          0xda3a91dc51f50dL, 0xf657029ad6f954L },
-        { 0xfe5f0646b4f99aL, 0xd92a5d963ad4ceL, 0xfcb55092e0e081L,
-          0xadc85ab8d8a858L, 0x8e9b9660632f0fL, 0xe7a4f168d7216dL,
-          0x00a4cc559c3b99L, 0xed6d0bdba09dc1L }
-    },
-    {
-        { 0x7236d141621bebL, 0x1751fd4bc7ca95L, 0xaa619d12f5319cL,
-          0xfc2b15b4e9316fL, 0x2d1a9069fd4d33L, 0x28c3bac8ced829L,
-          0xf2efab51dd998fL, 0x2c133303b149edL },
-        { 0x65237c9f601ac6L, 0xb54dd6507d6a45L, 0xa1ce391fb1a4cfL,
-          0x2957533115f67eL, 0x6456da8465279bL, 0x02890aaa993e02L,
-          0x6891853b7175e4L, 0x3fda2030f3e59bL }
-    },
-    {
-        { 0xe99fe12d8c6e0bL, 0x7cb07ff5341c56L, 0xc292c7bdf77b24L,
-          0xf52dfd0ca29906L, 0x4a6aa26772f02cL, 0x26f7684e1bbd09L,
-          0xec56b2bee7c2a8L, 0x67709e6ad4a312L },
-        { 0x99c57b2c570263L, 0xeb0100b2faafaeL, 0x980d5d1ff25ecaL,
-          0xace35e682cf936L, 0x5a82ce544679edL, 0x5c76a41074b81eL,
-          0xf36fa43a00abb1L, 0x064281904ffb2dL }
-    },
-    {
-        { 0x68f6bc804bdd28L, 0xc311d96b5dc7adL, 0xff0d646ed32e45L,
-          0xaf3cdc6e0f712dL, 0xd4508e9d483861L, 0xb624be50e1c277L,
-          0xc510275c5dd841L, 0x451c5c3298dc02L },
-        { 0xf87d479dd34d6bL, 0xda7f293dd06a38L, 0x575e129b699e9fL,
-          0x79e5fb2215b2ccL, 0xd280028657e690L, 0x7fecd09e702a71L,
-          0x85160abfa13677L, 0x5de3427ce65f64L }
-    },
-    {
-        { 0x84e4bf6e8fff38L, 0x16f3725b358b1cL, 0x360371c3b472a5L,
-          0xe64c06152f217aL, 0x8e673790501241L, 0x88e81d6ab2dd96L,
-          0xf3e218a1385604L, 0x9736cafe84184dL },
-        { 0xb55a043dbb93a3L, 0x335088f9301088L, 0xcea7a2db2a4959L,
-          0x48e5d4ab882c33L, 0x114f09bad46179L, 0x4416467b446576L,
-          0x01cb23e34c6c2fL, 0xddebf04a02db8aL }
-    },
-    {
-        { 0x36d60cc9bde8a1L, 0x20fd2f2676e4adL, 0xebdcfb78936581L,
-          0x245d0d5dbfc2c3L, 0x104c62ca9f82e5L, 0x7387457d654d9bL,
-          0xe966777ae7f10eL, 0xefeb16f1d8e582L },
-        { 0x4faf4f170364b5L, 0x0e1ab58d612472L, 0x11bbfe7fed6085L,
-          0xb360a14a59a09aL, 0x61d96e9722fdb6L, 0x16a12f194068bdL,
-          0x225bf07f73c2beL, 0x1e64665c8bd24eL }
-    },
-    {
-        { 0x27a478a3698c75L, 0x778ccd36202aa2L, 0x0149c638d87f1fL,
-          0xa660e5f784edaeL, 0xe0d4d2f82adfa8L, 0xf512dd61ba1f9dL,
-          0x90cfed96245c58L, 0x6c3a54818b53ddL },
-        { 0x833f70cbdc094fL, 0xa5f26f5b1514e7L, 0x93e7cf51c8cf13L,
-          0x1436601186ec43L, 0x81924ace78170aL, 0xcc880a08694368L,
-          0x2dfa9550b62cbbL, 0x0bc6aa496b4a2cL }
-    },
-    {
-        { 0x5157a7e3561aa2L, 0x525c5008645c1eL, 0x22feb4ece7cbb3L,
-          0x36d0d25c89a58bL, 0x43131f7c9bde9cL, 0x74afdda881f731L,
-          0x99ab87c7c8e36aL, 0xf07a476c1d4fb2L },
-        { 0x1b82056bebc606L, 0x95a1e5afcf089fL, 0xc5bccfa2b55d5cL,
-          0x8fbc18e00eb0b1L, 0x93a06fe9efb483L, 0xcafd7252d74c57L,
-          0xc7518f03de4350L, 0x9a719bfc6fd762L }
-    },
-},
-{
-    {
-        { 0x5ee0d832362087L, 0x7f2c0d70b167e8L, 0xb7327895e0e865L,
-          0xef5b2e898c4e65L, 0x222797d8fe9cc1L, 0xfe6d73e82d1e15L,
-          0xc7c0e9cf62dc4bL, 0x962acfe937cedaL },
-        { 0xd763711c1e85c7L, 0x8f2dbbc2836978L, 0xbadc0558c44e98L,
-          0xed63eaba3e93f8L, 0x807e85741b55c7L, 0xd51ae5e6d1207bL,
-          0xa0ef9a639d541bL, 0x58855f9a0c56a5L }
-    },
-    {
-        { 0x7d88eaa213091dL, 0xcbdfee745b6a0dL, 0x826a0124f5e077L,
-          0xb04fc1390f1e4cL, 0x1961ac3aea69aaL, 0x3afb719d5bb63eL,
-          0x2a378374ac7e5cL, 0x78efcc1c50ca45L },
-        { 0x346e8f0b8abdefL, 0x27e3dbd88095d0L, 0x56d3379ffc6c22L,
-          0x67d416cfa4b291L, 0xc3baaf63b1b373L, 0x0184e1fdf73baeL,
-          0x38ae8f79167528L, 0x7329d4c35d6297L }
-    },
-    {
-        { 0x45d2ac9f568c52L, 0x51348149808593L, 0x0c92d8331b7ed8L,
-          0x921327a0876ecdL, 0xf752d75052736aL, 0x7b56487bc6b837L,
-          0x6b1a320a23b4ccL, 0x1983937ec0d665L },
-        { 0x2c3017c08554abL, 0x40ad955366e87fL, 0x88c4edf8ed7f02L,
-          0x64a7db13cc5e6dL, 0x5ac91fa2dc978bL, 0x016a20d925d2a2L,
-          0x3604dfeabb57b4L, 0xc3683ecd7e2e85L }
-    },
-    {
-        { 0xc47150a4c0c6d0L, 0x30af45ee22adcfL, 0x39b5acb022ea4bL,
-          0xfbe318577203b5L, 0xe5aaa346fd9b59L, 0x0062c90dd1c8dcL,
-          0xcf113f354049acL, 0xd8fba4d63a31b5L },
-        { 0x73b54881056a69L, 0x3be6cbcd780bdaL, 0x5776ec230ba2b9L,
-          0xbe883cf8e8d6f7L, 0x64efe945c2be6fL, 0x064f704f1ade8dL,
-          0x41cfd17743110eL, 0xaac94114c20abeL }
-    },
-    {
-        { 0x91f9192f1c1468L, 0x8176e744563e13L, 0xa48b5f90bda15dL,
-          0x2a085aeda42af6L, 0xfd38ab2425c018L, 0x2884ba408abafbL,
-          0x356f318cbd091dL, 0x454e450817871bL },
-        { 0xe080e818ada531L, 0xa40f1eb3152ba8L, 0x051049f0c38eb1L,
-          0x37e4bb3bd45003L, 0x6d0980454a01e5L, 0x6de932feeb824aL,
-          0xccdef37dc93481L, 0x8633e0793a05e8L }
-    },
-    {
-        { 0xbe94256034675cL, 0x376c01d08db789L, 0x8707ee79af1b6bL,
-          0x633b3ef11bfbacL, 0x694f33fd06db60L, 0x2a68bfcbb13407L,
-          0x1c860c9da27c3aL, 0xbca16ded701ac3L },
-        { 0x2b76cfac59ffd0L, 0xf9a116554d718dL, 0xf86a1db67f0878L,
-          0xe313e05af34e85L, 0xa1888113343159L, 0xdbe4c3f0bb7ed1L,
-          0x73b67e80c732bcL, 0xa4e1c87e74110eL }
-    },
-    {
-        { 0xce1106b5c6770cL, 0x422c70b5c0bcb7L, 0x32a39908195e7fL,
-          0xa24968d1ccd4aaL, 0x8f08ecf720e557L, 0x5da10a454bcc81L,
-          0x9d3c73b6cd846eL, 0xaeb12c7368d065L },
-        { 0x2110859cf9fd1bL, 0xd2a4801ee2bd6dL, 0x376e556e9466acL,
-          0x767803b3b5aa35L, 0x343f842b8a89baL, 0x3263cc16726bbfL,
-          0x26caf1725871b0L, 0xef66ad641b8578L }
-    },
-    {
-        { 0xc9f2249638068cL, 0x96d282c1ccf9afL, 0x71df30c69b435aL,
-          0x88c943acb9d5c9L, 0xbf98ef12a8f378L, 0xffc1824114c6ffL,
-          0xda3ad2cd52e8c7L, 0xf1222bc1afcb59L },
-        { 0x459e94b0ee334aL, 0xd4477b8421933aL, 0x60fb7b0a1e401eL,
-          0xfde6e820d1e330L, 0xcecfe9b3233fdeL, 0x09ec4662e93523L,
-          0xa5ba64930775b9L, 0xcc397e5adf80f2L }
-    },
-},
-{
-    {
-        { 0x2fe182d4ddc8a8L, 0x88d6e79ac056bfL, 0xc3ff2d10e41e4eL,
-          0x32ec7f92c3679fL, 0x3561f094e61051L, 0x4553f5a6c6250aL,
-          0x2b765efdd25c5bL, 0xe3a40a26a1cd7fL },
-        { 0xb27309b5d821ddL, 0x950fb8dc2c17caL, 0xfeed0158fb0d4cL,
-          0x762c479f550179L, 0x306cf44e095840L, 0x84b413ad379e66L,
-          0xd6e5d5abb2e4f1L, 0x8bc12b794b085dL }
-    },
-    {
-        { 0xc0d4cb804b5532L, 0x7a31525b9940a6L, 0x010e7dd68c69d1L,
-          0xd81f29d2a18c35L, 0x08ae7703f11e73L, 0x5358f876e55106L,
-          0x299e8cac960ef5L, 0x89a6fb4acfc8dcL },
-        { 0x5996a406dc7d4aL, 0x21e5112e51b96eL, 0x95b8c3d09a202bL,
-          0x306ab0fd441f1fL, 0x2834fed98d4245L, 0xc29c387d0abbdeL,
-          0xf6a9bf1b805c15L, 0x602f4f8c4e458dL }
-    },
-    {
-        { 0xf041486e5a893aL, 0x53b891d8934327L, 0x11e000d4000758L,
-          0xa4ccde8662bad9L, 0xe34d3edb9a1b64L, 0x72d967584e7a6dL,
-          0x773da2f6627be4L, 0xa11c946e835ae3L },
-        { 0x02e8203650bc15L, 0x2d35936e58b78dL, 0xe9cfbe8f21a3ccL,
-          0x55ad8311049222L, 0xbf99de438fff47L, 0xebbfd803831db5L,
-          0xe990636af2af42L, 0xc26ae52b7f5a0eL }
-    },
-    {
-        { 0xb5d85b1fa8f846L, 0x4166489b3b1455L, 0x768260dd36a305L,
-          0xc6a82354ff5645L, 0xd241cd8d6e93e5L, 0xeed9aa1a406e74L,
-          0x9e96ab05f600d9L, 0xa26b8b56eca2a1L },
-        { 0x78321cfd705aefL, 0xc4fb6b3c0161ecL, 0xdc324415199cf1L,
-          0x33627d0d0a5067L, 0x13490cb15143eeL, 0x77e0ede85b4f44L,
-          0x904f12e394b165L, 0x90f50f5efab32dL }
-    },
-    {
-        { 0x4aa0a16bc2de96L, 0x172596aaa9c12bL, 0xd512e1e60e8a29L,
-          0x77d35c1f637e83L, 0xbb0d141d2aae0bL, 0x8a878a58c03738L,
-          0x6d24c01ab0e525L, 0xb7d3136f760887L },
-        { 0xdbc3f8f3f91b7cL, 0xe7b4bcaa8722c0L, 0x3286a91da0ae65L,
-          0x8372274225b084L, 0x5884cd5ae1886cL, 0xb4e63ef3a23cf7L,
-          0xfe5f202f2dd0daL, 0x951fac9653916cL }
-    },
-    {
-        { 0x05e2e8f854fa4eL, 0xf411f941edaf10L, 0x26cc562a0a928dL,
-          0x78fd34e4abce65L, 0x1d8760998a32e2L, 0x85dc76f4c37518L,
-          0xdcaeef500e8021L, 0x7fcb2f84e9b2a5L },
-        { 0x9eba91ef382c06L, 0x2052e8524cae53L, 0x617336ef5c1519L,
-          0xf1546d5b4e632bL, 0xa9edc81d7b8ffdL, 0xdb2914f29ab68cL,
-          0xe805070debbabaL, 0x775e53bc3b719eL }
-    },
-    {
-        { 0xa40e294065256aL, 0x9f113868fb031aL, 0xac03af8059667cL,
-          0x432eb3a0475f58L, 0x22332bf01faad0L, 0xc8132e9bc57a11L,
-          0x27d5a173bc3f8bL, 0x5471fc6930bf3eL },
-        { 0xba28bc0e6bff40L, 0x198d57e555e564L, 0x13ce8319c65b8fL,
-          0xb0a5c9d5681b51L, 0x467588bdeb9e11L, 0xf1891a7bb4250bL,
-          0x10b938bd12b433L, 0x0b8c80224dcda4L }
-    },
-    {
-        { 0xc428703cf332d3L, 0x9d0053cf2a5b98L, 0x4e4c6207838a15L,
-          0x2e92919fbf8a43L, 0x39ad52421cd9a5L, 0x584ed6c1561588L,
-          0x20af30517a95c8L, 0xa223077b70e1c8L },
-        { 0x679cfea2fa4871L, 0x54f2a46ac633c7L, 0x60306514cdc5f1L,
-          0xc4facda75a1dc7L, 0x710a2882d07d19L, 0xd55864e6b44992L,
-          0x44d4b6c454c5b2L, 0x2855d2872f9981L }
-    },
-},
-{
-    {
-        { 0x4071b3ec7b0674L, 0x800eb14f8794d5L, 0x70573afbe6783eL,
-          0xafaa4407785901L, 0x112d2a1405f32cL, 0x3761a52169b3e2L,
-          0xe168b31842a366L, 0x5bc322f9bf4734L },
-        { 0x36ef240976c4a0L, 0x066f3d6fea4e64L, 0x0e954bda989e57L,
-          0xe36ef5ef9466e4L, 0x6bb615abeb9226L, 0x5571e5f3d5a2caL,
-          0xa86efe24897a86L, 0xed7e9cf28a9f77L }
-    },
-    {
-        { 0xdf10c971f82c68L, 0x796ba1e3b597e6L, 0x1ac77ece718cbfL,
-          0xc8175bb410eac8L, 0x0cdf9a1bc555efL, 0x6b889f17524e05L,
-          0x6bf1e61ae26d82L, 0xb3f6ad5d2e97d9L },
-        { 0x94dcff9f226487L, 0x60e6356be03ddeL, 0xda1f93b6a3dd7dL,
-          0xf1be72179ca90cL, 0x05ed3131e6bce5L, 0xcf50908d48af3eL,
-          0x3b0e85c61e554fL, 0xfe7e35ba2778d3L }
-    },
-    {
-        { 0x42c503275ac5a9L, 0xa66a66dda062c2L, 0xa4f4f82caa7023L,
-          0x489d47664b4f86L, 0x10b108897311adL, 0x55dd637177b2ecL,
-          0xa5ccff09a267b1L, 0xf07690bff327b0L },
-        { 0x39162ed2250cd2L, 0x1426de08b255f1L, 0xf227afd1bdd731L,
-          0x78f8a36fa4c844L, 0x267a211157379cL, 0x3f05f92cc04acbL,
-          0x374496cfc69caeL, 0xbf2c5d016ebfecL }
-    },
-    {
-        { 0x605418bd0518d1L, 0x3237f809e1cbc6L, 0x37a7005286c019L,
-          0xf1fb0e0b15af0bL, 0xfc3b97caa853c0L, 0x1f48bd0e6beba2L,
-          0x8e5d7c5e6a72f1L, 0x575e66d26ebf0cL },
-        { 0x099477662eae3dL, 0x53f074f96c9c65L, 0x6cfbfdbb81badeL,
-          0x98b4efe3fed7d1L, 0xdaa112338c3382L, 0xdf88b7347b8ec6L,
-          0x9b0fe4b9504a4fL, 0x2e7df4cf30c1c3L }
-    },
-    {
-        { 0x25380cb2fc1833L, 0xb8e248c18d62deL, 0x91c8f59d82f9dbL,
-          0x5ec2b202444750L, 0x3f3a1f766b6f74L, 0x0180aa9dd7d14dL,
-          0xd0a342d2956b9cL, 0x26e910e7139873L },
-        { 0x2261dc4139e23dL, 0x7edb181b8343ddL, 0xfcf1073b4038ddL,
-          0x88870efa3bfea3L, 0x4e98ba964a263eL, 0x3c6e5dc70811f5L,
-          0x17d28f5f86055dL, 0xca9c27666e4199L }
-    },
-    {
-        { 0x0b2d8bd964ef8cL, 0x5a99b8588e2ba6L, 0x9e927b204498ceL,
-          0x9ff20c5756eb25L, 0x97cc27b3f27736L, 0xf32dd6d4729583L,
-          0xbdc26580381a94L, 0x70fef15ef2c06fL },
-        { 0x50a619149252ccL, 0x9eb4a14236b4b9L, 0x9b1b2158e00f78L,
-          0x27add366ea9c23L, 0xef61763c3a8e79L, 0xed4542fd82ce56L,
-          0xa8737e70caed75L, 0xeca0ac2d452d76L }
-    },
-    {
-        { 0x20c07793d082d0L, 0x6e3ce64c9e9f3bL, 0xb3a4dce75a195fL,
-          0x3a3c305bdd9f24L, 0xe2545c88688942L, 0xa463c82080f32bL,
-          0x442974842686b8L, 0xf50e20d7213866L },
-        { 0x265ac523826e74L, 0x26fba57228e8ecL, 0x8a1e1dbe6b3ed8L,
-          0x7c7b278f0fe65aL, 0x9a6df23c395234L, 0x99562060b0f114L,
-          0x440c8c4ef90837L, 0x21ad22a3645f65L }
-    },
-    {
-        { 0x1e023a6edd31b2L, 0xf76d1459ff8668L, 0x970705617b45c8L,
-          0x06120781e88e37L, 0x85c51c8922faacL, 0x4df392e22756d9L,
-          0x8907fd0a03c98eL, 0x626f46a52ea51cL },
-        { 0xf8f766a486c8a2L, 0x8c499a288ed18cL, 0x44d2dc63c4f0deL,
-          0x47dde686f2a0b6L, 0x9a655f84a973fdL, 0x3e7124e786ac80L,
-          0x699e61ce8a0574L, 0xdf0ba9a31cdd0dL }
-    },
-},
-{
-    {
-        { 0x76270add73e69bL, 0x991120fc67d38aL, 0x7be58309469f0cL,
-          0x93aba597db40acL, 0x2b707bc822fc08L, 0x4199fc069551cdL,
-          0x38deed4f367324L, 0xca518e12228787L },
-        { 0x72f1befd9a9277L, 0x57d4aabe49ae90L, 0x13810d5db23478L,
-          0x2a8b7809b4b77fL, 0xb542f4e1b4e004L, 0x4080fd03ec77f0L,
-          0xb49e9fecec6596L, 0x20338d33f16037L }
-    },
-    {
-        { 0x4adcdae53554b0L, 0xfea4906e04c4dbL, 0x0808bec7748233L,
-          0xde7477c47148d7L, 0xdd9124c03da38cL, 0x6b2503125ee8e9L,
-          0xae67399b0d6161L, 0x70c4acd82203b6L },
-        { 0x9683916d31dae8L, 0x34775031ac7f69L, 0x9553153988e4adL,
-          0xb58f41153a15e1L, 0xb65a2d492ba2ddL, 0x7c3efb1a90169cL,
-          0x210f45e6b1747dL, 0x16e8d1bcff488dL }
-    },
-    {
-        { 0x252adf89d703dbL, 0x259ac1dfdfeb39L, 0x7faf6af115e806L,
-          0x7aaefd6c1aff21L, 0x80542107c0113dL, 0x481f1a5e19b4b1L,
-          0x7c17d43fcc8c61L, 0x8b04452bb0bbbeL },
-        { 0xe51e5f54cebae1L, 0x05341ba56a414cL, 0x0083a2c7fb8a30L,
-          0xb4663f277f4952L, 0xce72eec4bb0074L, 0x74fdd66a3584d1L,
-          0x6b9e58eb02e076L, 0x5be45d53b961f4L }
-    },
-    {
-        { 0xc7474f31ab2e0bL, 0x2838ccbf4bf454L, 0x634392ef3c3eacL,
-          0x440e40a137602bL, 0xeea67e9d1ae8e3L, 0xafdf93a77e221eL,
-          0x3c9f3da2719a10L, 0x466ecef32c8256L },
-        { 0x1061c19f9c432fL, 0xa1332d9b1c7d98L, 0xbc735f2a425c2cL,
-          0x1429cdf4b1bccbL, 0x77b42a16bbb5f9L, 0x30078e35955ae4L,
-          0x8acd77721cc315L, 0xaa90d5fe86fa99L }
-    },
-    {
-        { 0xfcfd460721115aL, 0x6a7de3e08269b8L, 0xe5964a696dd47eL,
-          0x6717cd58dca975L, 0x7ea4ebe98b149eL, 0x6f894d5b7b8057L,
-          0xbd6f9607f30e31L, 0x61ca45323df092L },
-        { 0x32241f99d782f3L, 0x55173b02abfae2L, 0x0abe0edd15bbbdL,
-          0xb6d3c0ab438abbL, 0x62fb4679ffa20bL, 0x30926b5d31560aL,
-          0x44bf27c2a0aa6dL, 0xf7473131a4cb97L }
-    },
-    {
-        { 0xa2f6c0db0535deL, 0xcb02ae1c855166L, 0xc699e6bb3422f0L,
-          0x774febe281ba8aL, 0x1d9d24fffabcc7L, 0x0b31ba1fe12ba5L,
-          0x4c8680313d0af7L, 0x90640d32f47160L },
-        { 0xa0c4bf45876603L, 0x717f6fa950ab08L, 0xf12bb53a710de8L,
-          0xc500c616a88f50L, 0x0070f992645351L, 0x57aab5d2446893L,
-          0xd553fa8b68f657L, 0xe8537c1693c55dL }
-    },
-    {
-        { 0x58e86eb7fc7684L, 0xdf330f7bfc73a9L, 0x41e337dcc11936L,
-          0x36d92006e35759L, 0x01327033500d8bL, 0xfa684059483354L,
-          0xc8f2980667851bL, 0x538ec8918296b0L },
-        { 0xa2a2c4fcff55f9L, 0xb260d4d60d20bdL, 0x3ed576fd9cc59fL,
-          0x4ed8c64d514fccL, 0x37ebfb2c22b315L, 0xca67a3694c212cL,
-          0x4f8e08c3a1795eL, 0x498f9264e7261fL }
-    },
-    {
-        { 0xfea7382c59b3d4L, 0xb9942ed3f2925fL, 0xe4b00dc8ea77e8L,
-          0x74a18ec3cab02eL, 0xbbbb752ef16d0bL, 0x639da4fffab032L,
-          0xc371a4a3aa30f0L, 0x8e26b22caa175bL },
-        { 0x94e41567e2b62eL, 0x7cceea625a794cL, 0x931d2f4479f015L,
-          0x946183d90b25b2L, 0x1504e9768a2807L, 0xa7577d3fa49dddL,
-          0x24fc87edd48699L, 0x9edefd63d7d99cL }
-    },
-},
-{
-    {
-        { 0x0508b340f0b450L, 0xe0069a5c36f7f4L, 0x26556642a5a761L,
-          0x0193fd8848e04dL, 0xc108cf573fe2e7L, 0x05eb0ecfd787d4L,
-          0x1555ccbff28985L, 0xb5af09f651b995L },
-        { 0x167d72ce1134beL, 0xd6d98bf57c669aL, 0x40fb7166dd76faL,
-          0xeabbf202a41b31L, 0x300ff0e09b75b0L, 0x32b6fadd9a0c1eL,
-          0x805188365a80e0L, 0x8bef69332110feL }
-    },
-    {
-        { 0x637802fbef47d4L, 0xfac114b2d16eaaL, 0x7b3f3ab0415644L,
-          0x17ab8d12dd895bL, 0x271b7fe87195f3L, 0xa3f867ea71f65fL,
-          0x39ba40cc80583aL, 0x6db067256e1fccL },
-        { 0x4feab4e06662a8L, 0xc857415c74bd46L, 0x18032ed732b126L,
-          0x87c8aea7a099eaL, 0xb4a753536fe0a8L, 0x33a98da27673f6L,
-          0x3e40c022b8e549L, 0x2def1af9a4c587L }
-    },
-    {
-        { 0x9618b68a8c9ad9L, 0xd70b4aa49defdaL, 0xae8b1385f788efL,
-          0x87c3542dd523f4L, 0xe42c7055c5b004L, 0x6303360fa7df57L,
-          0x33e27a75f6d068L, 0x9b3268e8ff331aL },
-        { 0x845cc9623ee0c3L, 0x003af70ac80084L, 0x6a9f931530c41dL,
-          0xa1d7051bb127f0L, 0x642ce05ca36245L, 0xc34205b0323ee9L,
-          0x7cc8912b7b3513L, 0x6252cc8076cbdbL }
-    },
-    {
-        { 0x10e68a07089522L, 0x36c136158fc658L, 0x490397d74723a4L,
-          0x42692c0519d56cL, 0x69d251bf1ff235L, 0xe689d03c2cbf37L,
-          0xf04ceba825b7f4L, 0xd6b9bee2281c2eL },
-        { 0xc52ef3fe0043abL, 0x351bf28d1d1be8L, 0x277615f0f18a5aL,
-          0x31f717f5d6800fL, 0xf5fb82dab922e2L, 0x99aee2f2d6ae43L,
-          0x42477fec63b982L, 0x904aeb1a594a01L }
-    },
-    {
-        { 0xaa82174eb39974L, 0xbc38e6195e6aa0L, 0x6a3df8a25c0675L,
-          0xf324203ffbe739L, 0xfa5a0b4a3f0649L, 0x79c87327a7a6b8L,
-          0xeb65ecd40ad3f5L, 0x718d416e4e45c5L },
-        { 0x029dbf4e2326fdL, 0x0c63416e7942f0L, 0x6d0c7286f4e678L,
-          0x59f0b10a138601L, 0x8a1d9788d92ea9L, 0x9f8d712c22eca5L,
-          0x73970447b6b96bL, 0xa2d49eee6fb955L }
-    },
-    {
-        { 0x249f900bf14a19L, 0xd3522da63a8cd2L, 0x28a32f386964d2L,
-          0xacf712bc1fa743L, 0x98a9bfc0bb94d3L, 0x318ece1bc06824L,
-          0xfc476754fce7f0L, 0x19caec9e4135b7L },
-        { 0x6de68a8c6817bbL, 0x7121960f3b6d89L, 0xa7d4261f5a818eL,
-          0x0c0ba519157455L, 0x78b6acf450d5ffL, 0x198b4934e8649aL,
-          0x0941a3cfd05da3L, 0x264ea4adb55951L }
-    },
-    {
-        { 0xcfee91c46e5a31L, 0x47b6806fff7366L, 0xdb14be45df849dL,
-          0x3c5e22bac66cc7L, 0x7f3f284a5f4769L, 0x4e00815383be36L,
-          0x39a9f0b8072b0bL, 0x9887cd5c7eadd6L },
-        { 0x7dd8f05b659511L, 0x15c796dd2e1cb9L, 0xe5edb0c0d31345L,
-          0x2025df06939c60L, 0x6314c08bf15de1L, 0x03c154804c7fb5L,
-          0x413337fbb5d3edL, 0xfc20b40477e983L }
-    },
-    {
-        { 0x7f968805db0ef9L, 0x05562dee9c2a70L, 0x071e5bc7dae133L,
-          0xa8cdd12237fc4aL, 0x6d565e74ea492bL, 0xa17cf94381ee52L,
-          0x6ab8a4e9f5c546L, 0xbb642f340288efL },
-        { 0x64e59215df5c2dL, 0x43696e3bb906f4L, 0x73a841a74ae46cL,
-          0xe264883c506b8aL, 0x9542e1aa1be548L, 0x89385395e81b4aL,
-          0x5642cfaeaca6ceL, 0xed8077b806e0f9L }
-    },
-},
-{
-    {
-        { 0x1c776c47e13597L, 0x0ec8b289e584fdL, 0x0bb6043b8b61e8L,
-          0xdcc17489cd835bL, 0x493e6ac39fef9aL, 0xb44eb34d133e17L,
-          0xfebcd0071cb6f9L, 0xe6cf543d20eff2L },
-        { 0xf265cad0a004c7L, 0x9b06c9dd35cc12L, 0x769f985cb4ea53L,
-          0x29160a20993434L, 0xdf8dd108d939c4L, 0xefa177c6711e2fL,
-          0x1695790cd7a2cdL, 0x38da3d777f6642L }
-    },
-    {
-        { 0x9bfcfd96307b74L, 0xc26a36dbfdabc3L, 0x9341be04abe28eL,
-          0xdb20b5273d1387L, 0xf8d229c3d1949cL, 0xf1e0afeb8b3a41L,
-          0x29c60dfed565d0L, 0x6930bb58b43b2cL },
-        { 0x1d76527fc0718fL, 0xdb981431f67189L, 0x0c62f6451f32ccL,
-          0x70a66268bd35e5L, 0x1725641c1cece7L, 0x7f130a8f96f4a4L,
-          0x72319e9f06ee98L, 0x215b73867bf9b2L }
-    },
-    {
-        { 0x8d1bec20aaddd7L, 0xfb8b95bb8be4f9L, 0xeac193efde1026L,
-          0xa5edea79d5860cL, 0x4adbaea44280d3L, 0xce8b67038f4798L,
-          0x914c107ec30deaL, 0xbdc5cf7000776bL },
-        { 0xb6fd7d1a206a13L, 0x9941ebadae986eL, 0x76c27a81f1caaaL,
-          0x6967c123f108b4L, 0x6f115284aea2d0L, 0x9bb4319144ddacL,
-          0x1a4d3eac8ec6fcL, 0xfe4b0b8bf37420L }
-    },
-    {
-        { 0x5d9a4a1ec0ac6fL, 0x84b79f2fc7c80dL, 0x64222f7c14fac3L,
-          0xdd9e039c23b3f2L, 0x4a84abdea956bbL, 0x370dcbaebe09dcL,
-          0x79a9ea8e0eaf82L, 0x4cfb60aaee375fL },
-        { 0x6a10dbf9106827L, 0xa3ba5cf43f305bL, 0x481b885c1bb083L,
-          0x2f52380b3117b1L, 0x0066122ddd6791L, 0x4f8923e63bace3L,
-          0x5c5f499ecb88d4L, 0xfdc780a3bac146L }
-    },
-    {
-        { 0x34b70ae7ba1f71L, 0x909182945bd184L, 0x3b39778e707313L,
-          0xdeefc5e6164e91L, 0xbb55bed4971f39L, 0x7d523398dafc8bL,
-          0x82391bfa6adf0fL, 0xfd6f90ae319522L },
-        { 0x60fdf77f29bbc9L, 0xeff9ed8aaa4030L, 0x978e045f8c0d3fL,
-          0xe0502c3eed65cdL, 0x3104d8f3cfd4c8L, 0xab1be44a639005L,
-          0xe83f4319eeab3fL, 0x01970e8451d797L }
-    },
-    {
-        { 0xbc972f83180f4bL, 0xac053c0617779dL, 0x89392c57fa149fL,
-          0xdc4699bbcb6263L, 0x0ae8b28ce12882L, 0xdca19a7af1a4dcL,
-          0xd3d719f64e1a74L, 0xbb50201affdd5dL },
-        { 0x56f73107ac30e9L, 0x65cc9c71878900L, 0x83f586627338a3L,
-          0x122adefac5bb13L, 0x97de2001bcd4d5L, 0x6ed3985b8aa3a0L,
-          0x8680f1d6821f9bL, 0xcb42028dda9f98L }
-    },
-    {
-        { 0xcdb07080ec2db3L, 0xe28c8333dad1a1L, 0x2093e32de2da07L,
-          0x731707383b8987L, 0xad17871f552b8dL, 0x846da9851cf70aL,
-          0xf94a16e5c4f5e1L, 0x84299960f8348aL },
-        { 0x4bf3f6898db78aL, 0xad77fa83d19b52L, 0x69767728b972dcL,
-          0x7dfa35a5321be0L, 0x9881846dd344a6L, 0xe550292ad4e2a8L,
-          0x8075217bc68bf1L, 0xdd837c4893be15L }
-    },
-    {
-        { 0x09c931ed4fab5bL, 0xb2dcf08b77a0f1L, 0x7dac5c0e0d38a6L,
-          0xa5570b00ae73afL, 0xc7c19d3f5aed28L, 0x575fa6f5251e92L,
-          0xb843cd6cdf7275L, 0xd9d3d8e9a01287L },
-        { 0xf94e356b3c370bL, 0xc62b99ffe464b0L, 0x7792650a986057L,
-          0xeaa67d5c4b1874L, 0xba1ba4d0b07078L, 0xdbf636d7a03699L,
-          0x1a16c34edd32a3L, 0x6ce2495a45cb5dL }
-    },
-},
-{
-    {
-        { 0xd7c4d9aa684441L, 0xce62af630cd42aL, 0xcd2669b43014c4L,
-          0xce7e7116f65b24L, 0x1847ce9576fa19L, 0x82585ac9dd8ca6L,
-          0x3009096b42e1dbL, 0x2b2c83e384ab8bL },
-        { 0xe171ffcb4e9a6eL, 0x9de42187374b40L, 0x5701f9fdb1d616L,
-          0x211e122a3e8cbcL, 0x04e8c1a1e400bfL, 0x02974700f37159L,
-          0x41775d13df8c28L, 0xcfaad4a61ac2dbL }
-    },
-    {
-        { 0x6341b4d7dc0f49L, 0xaff6c2df471a53L, 0x20ec795fb8e91eL,
-          0x4c7a4dfc3b7b62L, 0x9f33ff2d374938L, 0x38f8c653a60f2eL,
-          0xc1168ac2efef73L, 0x046146fce408eeL },
-        { 0x9b39ac0308b0c3L, 0xe032d6136b8570L, 0xee07d8dfc4aacfL,
-          0x0a82acbd5a41ddL, 0xbe0ded27c3d726L, 0xce51d60b926ce9L,
-          0xfa2f7f45806c1eL, 0xe367c6d1dec59cL }
-    },
-    {
-        { 0x64511b6da2547bL, 0x76a349c0761405L, 0x37d662601223abL,
-          0x0e243c1f4d7c48L, 0xdc9c8b4da756a0L, 0xc7430dfd72e7e9L,
-          0x0eb130827b4210L, 0x7a9c044cf11cbdL },
-        { 0x2c08ff6e8dd150L, 0x18b738c2932fc6L, 0x07d565104513e8L,
-          0x0ca5cffaa40a17L, 0xd48634101baa8fL, 0xfb20fafb72b79eL,
-          0x1a051e5654020fL, 0xe3b33174e17f23L }
-    },
-    {
-        { 0x05910484de9428L, 0x620542a5abdf97L, 0xaa0ededa16a4d1L,
-          0xa93f71c6d65bb9L, 0x88be135b8dfaf9L, 0x1d9f4e557ca8eeL,
-          0x4c896aa26781adL, 0xd3fbe316c6c49fL },
-        { 0x088d8522c34c3dL, 0xbb6d645badff1eL, 0xe3080b8385450dL,
-          0x5ccc54c50ab1f3L, 0x4e07e6eac0657dL, 0xa7ba596b7ef2c0L,
-          0xcceca8a73a81e9L, 0xa0b804c8284c35L }
-    },
-    {
-        { 0x7c55956f17a6a2L, 0xb451d81789cfa8L, 0xdf414e82506eaaL,
-          0x6ef40fbae96562L, 0x63ea2830e0297eL, 0xf5df26e73c46faL,
-          0xe00641caac8bceL, 0xc89ed8f64371f3L },
-        { 0xd22b08e793202eL, 0x39a9033875cb50L, 0xe64eec0f85ddb4L,
-          0xdce45a77acf7b5L, 0x39d1e71b9b802dL, 0xafdfe7cbd559acL,
-          0x17ec1f8809eeb5L, 0x8c0e38a4889b8cL }
-    },
-    {
-        { 0x47eabfe17089daL, 0x2d18466ec90c50L, 0xa511aa45861531L,
-          0xebb3d348c39b39L, 0xa0ac4daf1b5282L, 0xea26be7a9dadbaL,
-          0x8992ba8554d86eL, 0x7fcbdb6d5f2ef5L },
-        { 0x320e79b56863e7L, 0xeb9d0c0a7dce2dL, 0xb9f4031784cbc6L,
-          0x68823ee7ac1f81L, 0xa6b6f4f9d87497L, 0x83c67b657f9b6eL,
-          0x37357470fef2a7L, 0xf38028f59596e2L }
-    },
-    {
-        { 0x9ea57ab7e82886L, 0x18221c548c44d5L, 0xbf8e6cf314a24fL,
-          0x70ff18efd025e5L, 0x08d03de5334468L, 0x2b206d57404fb7L,
-          0xb92327155e36b0L, 0xcc7604ab88ddd9L },
-        { 0x3df51524a746f0L, 0x8fdebd8168e3fcL, 0xffc550c7f8c32cL,
-          0x1dbbc17148743eL, 0xd48af29b88e18bL, 0x8dca11c750027cL,
-          0x717f9db1832be3L, 0x22923e02b06019L }
-    },
-    {
-        { 0xd4e06f5c1cc4d3L, 0x0fa32e32b4f03aL, 0x956b9afc4628d0L,
-          0x95c39ce939dad1L, 0x39d41e08a00416L, 0xfd7ff266fb01aaL,
-          0xc6033d545af340L, 0x2f655428e36584L },
-        { 0x14cfb1f8dff960L, 0x7236ffcda81474L, 0xc6a6788d452d0fL,
-          0x2ad4a5277f6094L, 0x369d65a07eea74L, 0x27c6c38d6229aaL,
-          0xe590e098863976L, 0x361ca6eb38b142L }
-    },
-},
-{
-    {
-        { 0x6803413dfeb7efL, 0xb669d71d3f4fadL, 0x5df402ac941606L,
-          0xe5d17768e6c5b7L, 0x131bcb392ab236L, 0x7f1fb31ce2e0e0L,
-          0xa2c020d9e98c35L, 0x33b23c0f28657bL },
-        { 0xed14e739cf7879L, 0x10d4867b4357b3L, 0x127cea331e4e04L,
-          0xc60d25faa5f8a7L, 0xfef840a025b987L, 0x78081d666f2a0aL,
-          0x0fa0b97ac36198L, 0xe0bb919134dc9fL }
-    },
-    {
-        { 0xc1d2461cc32eaeL, 0x0fdbfdf0f79a37L, 0x70f2bc21c95f02L,
-          0x7d68bec372cddfL, 0x44f78178439342L, 0xa3d56784843a6cL,
-          0xbadf77a07f8959L, 0xf45819873db4caL },
-        { 0xe8eaaf3d54f805L, 0x2f529d1b84c1e7L, 0x404e32e21e535cL,
-          0xabac85c159b5f5L, 0x4e8e594b00466fL, 0x40fcaabc941873L,
-          0x3b4e370be407c6L, 0xccd57885b2e58dL }
-    },
-    {
-        { 0x3ee615e88b74a8L, 0xd7d6608eab4e69L, 0x27cf9f1e4ace36L,
-          0x282359e7aebabbL, 0x96e509bf6d162fL, 0xad906f3f1a290aL,
-          0xe7d6c4f1314a58L, 0xeecffe4218431dL },
-        { 0xa66e0e9e2cfed9L, 0xb0887ec71f0544L, 0xd34e36ba04c5d7L,
-          0x094daa5ed4392dL, 0xcda83adc8aa925L, 0x1adef91b979786L,
-          0x3124dcbfddc5d6L, 0x5cc27ed0b70c14L }
-    },
-    {
-        { 0x386dbc00eac2d8L, 0xa716ecbc50ca30L, 0x9e3fc0580d9f04L,
-          0x37dde44cfeacebL, 0xd88d74da3522d5L, 0x6bb9e9f2cf239aL,
-          0x9e7fb49a7cbfecL, 0xe1a75f00a5c0efL },
-        { 0x6e434e7fb9229dL, 0x0ec6df5c8a79b3L, 0x7046380d3fb311L,
-          0xe957ef052e20faL, 0x0f4fe9a9ef4614L, 0x1b37d9c54d8f2bL,
-          0x23b2dc139d84a2L, 0xf62c4f6724e713L }
-    },
-    {
-        { 0xbd6922c747e219L, 0x34d14383869b7bL, 0x8c875a596f2272L,
-          0xd9602c03fe361eL, 0x081348f744839fL, 0x61bd16c61ac1f1L,
-          0x993b727d8da4e1L, 0xbb40ba87741271L },
-        { 0xe6dcc9881dcfffL, 0x9f513f593ce616L, 0xdc09683618cd8fL,
-          0xc3b1d1026639beL, 0xe8f149fc762ee2L, 0x59f26efb244aaeL,
-          0x3f2de27693dd96L, 0xd8b68f79c3a7deL }
-    },
-    {
-        { 0x6fa20b9970bd5bL, 0x87242d775f6179L, 0xa95a6c672d9308L,
-          0x6eb251837a8a58L, 0xfdea12ac59562cL, 0x4419c1e20f1fc3L,
-          0x0c1bd999d66788L, 0x4b7428832c0547L },
-        { 0x4f38accdf479abL, 0x01f6271c52a942L, 0xe3298f402ca9a7L,
-          0x533dacab718fc8L, 0x133602ab093ca8L, 0xc04da808f98104L,
-          0xd0f2e23af08620L, 0x882c817178b164L }
-    },
-    {
-        { 0x28e6678ec30a71L, 0xe646879f78aca1L, 0x868a64b88fa078L,
-          0x671030afee3433L, 0xb2a06bb87c0211L, 0x202eca946c406aL,
-          0x64d6284e4f0f59L, 0x56ae4a23c9f907L },
-        { 0x5abbb561dcc100L, 0x6fef6cf07c7784L, 0xb6e25cddb7302dL,
-          0xa26785b42980e8L, 0xe7d4043fb96801L, 0x46df55d8e4282bL,
-          0x9c0a5f5c602d6eL, 0xf06560475dfe29L }
-    },
-    {
-        { 0x0e82a1a3dcbc90L, 0xb1ee285656feacL, 0xfa4353b0d3d3b2L,
-          0xc2e7a6edd5c5dfL, 0x13707e1416ce53L, 0xc84ce0787ebc07L,
-          0xdd273ce8a9a834L, 0x432a6175e8e1e7L },
-        { 0xa359670bd0064aL, 0xc899dd56534516L, 0x666560edb27169L,
-          0x1537b22a19a068L, 0x3420507eac7527L, 0x479f25e6fc13a7L,
-          0xc847acc1bc19b3L, 0xecdecf00b20d45L }
-    },
-},
-{
-    {
-        { 0x6f241004acea57L, 0xdace1c6da68597L, 0xea7dd4150ce77fL,
-          0x1aecb841585884L, 0x92ff208ea4a85cL, 0xde9433c88eebd2L,
-          0x53cd3183f4d289L, 0x397085826539afL },
-        { 0x4b57599b827d87L, 0xdc82ac03d77638L, 0x694336652f6e61L,
-          0xb8fc4b0ad5e8a6L, 0x1b6f7dcf388642L, 0x6f24533a74dd57L,
-          0xc66937841750cfL, 0x06757eb28a37afL }
-    },
-    {
-        { 0x0e70d53c133995L, 0x88a5e0c7c8c97dL, 0x4e59dbf85f3be3L,
-          0x0f364ac0e92698L, 0x3a1e79bef6940fL, 0xc8a3941d85d23aL,
-          0x143bb999a00e58L, 0x61cf7d6c6f2f10L },
-        { 0x979c99485150feL, 0xcfd0df259d773fL, 0xce97b9daab7bcdL,
-          0xc9fff8e6afd8fcL, 0x246befd89a4628L, 0xf6302821567090L,
-          0x15393426749c58L, 0xff47d0ea0f3fd3L }
-    },
-    {
-        { 0x09b0bfd35f6706L, 0x74645812c82e69L, 0xb60729f50d5fe9L,
-          0xf13324595c74f1L, 0x33647e3bb76c89L, 0x01264045a9afccL,
-          0x46d57ee0f154abL, 0x2efa55525680a4L },
-        { 0x12ebfc65329d90L, 0xcb37ae579800afL, 0x5bb53496f8e310L,
-          0x9b59c63f1bb936L, 0x5b49baaf4610e9L, 0x2bbeeef4f2d6acL,
-          0x87ee21e0badc67L, 0x12e2aadf1ddfa0L }
-    },
-    {
-        { 0x5b4668fa9109eeL, 0xfa951338a6cea2L, 0xe45e6fc4068e16L,
-          0x8ae9a0c0205ed8L, 0x2993b96679b79bL, 0xc6b878fed604d3L,
-          0x01d020832c77f3L, 0xd45d890495a1abL },
-        { 0x99348fa29d2030L, 0x961f9a661f8f7aL, 0xfd53212674f74bL,
-          0x45cee23b3e72bcL, 0x3fccb86b77e2d5L, 0xdff03104219cb7L,
-          0x233771dc056871L, 0x1214e327d2c521L }
-    },
-    {
-        { 0x9f51e15ff2a8e1L, 0x86571c5138bc70L, 0xbfc4caf0c09d46L,
-          0x65e33fec2a0c18L, 0x8214392426867dL, 0x51ce6c080ae4edL,
-          0x6cbe8d7b110de6L, 0x7f6e947fd22ea4L },
-        { 0x7373a75cadefc4L, 0x6fca1d2b0c682fL, 0xcd2140df3c7c1eL,
-          0x8653a37558b7a5L, 0x653e74e55eb321L, 0xbe0c6b3c31af73L,
-          0x3376379f4fc365L, 0x3570b3771add4dL }
-    },
-    {
-        { 0x9061ec183c3494L, 0xaf2f28d677bc95L, 0x6fe72793bf8768L,
-          0xc5f50e30fa86d8L, 0x6c03060a3293ceL, 0x4d53357e2355a6L,
-          0x43a59eae4df931L, 0x6f48f5d13b79c6L },
-        { 0xa4d073dddc5192L, 0x6d0e318a65773fL, 0x1008792765de9eL,
-          0xa724ed239a0375L, 0x510ff1497d7c9eL, 0x251f6225baa863L,
-          0x86464fe648a351L, 0xf85e98fd50fd91L }
-    },
-    {
-        { 0x29c963486ee987L, 0x93e8e5210dcc9fL, 0xa1fc4d1c910b1fL,
-          0x015acacfeb603eL, 0xc9f25f80844a5fL, 0x50de93c73f4dacL,
-          0x1758783310a4aaL, 0x544d570358f106L },
-        { 0x4eeec7b1dc68caL, 0x6238e6fe00fbcbL, 0x34d394cb4e83c9L,
-          0x764ffa22292656L, 0x5614cd1f641f2eL, 0x4252eb69e07234L,
-          0xcbaef4568d2ba4L, 0x8c9c5508a98b17L }
-    },
-    {
-        { 0xf235d9d4106140L, 0x1bf2fc39eb601eL, 0x6fb6ca9375e0c3L,
-          0x4bf5492c0024d2L, 0x3d97093eb54cc6L, 0xc60931f5c90cb5L,
-          0xfa88808fbe0f1aL, 0xc22b83dd33e7d4L },
-        { 0x9cfec53c0abbf5L, 0x52c3f0a93723dfL, 0x0622b7e39b96b6L,
-          0x300de281667270L, 0x50b66c79ef426aL, 0x8849189c6eb295L,
-          0xeaec3a98914a7eL, 0x7ed56b0c4c99e0L }
-    },
-},
-{
-    {
-        { 0x7926403687e557L, 0xa3498165310017L, 0x1b06e91d43a8fdL,
-          0xf201db46ac23cbL, 0x6f172ad4f48750L, 0x5ed8c8ce74bd3eL,
-          0x492a654daba648L, 0x123010ba9b64ffL },
-        { 0xa83125b6e89f93L, 0x3a3b0b0398378aL, 0x9622e0b0aebe7cL,
-          0xb9cbfdc49512a4L, 0x13edffd6aaf12aL, 0x555dff59f5eafdL,
-          0x3cba6fe1212efaL, 0xd07b744d9bb0f8L }
-    },
-    {
-        { 0x45732b09a48920L, 0xf3080fc13ff36dL, 0x9347395de8f950L,
-          0x14d025a382b897L, 0x60c5a7404d72adL, 0x30be7e511a9c71L,
-          0x43ffabd31ac33aL, 0x97b06f335cbb14L },
-        { 0xe4ff5c57740de9L, 0x5fed090aacf81eL, 0x97196eee8b7c9dL,
-          0x316dcd1045910bL, 0x7a2b2f55ad8c63L, 0x674fffdc5b03bbL,
-          0xc1cd133e65953cL, 0x3c060520a83556L }
-    },
-    {
-        { 0x797c3f6091c23dL, 0x2ea2de339c9c05L, 0x5d958b4a31f67cL,
-          0xf97afe5d5f088cL, 0xbcfbd2a0b37243L, 0xc43ad3eeca630cL,
-          0xb92a33742845e0L, 0x970bff7a9a0f16L },
-        { 0x86355115970a79L, 0xcee332ef205928L, 0x2c58d70c04c208L,
-          0xdbfe19a3f5e5bfL, 0x8f8f2c88e51c56L, 0xb61f58e8e2da75L,
-          0x4046a19624d93fL, 0x7de64dbe1f9538L }
-    },
-    {
-        { 0xd018e1cc2d850eL, 0x8cdb64363a723cL, 0x9a65abe90a42afL,
-          0xfeece9616f20ccL, 0xc906800d5cff56L, 0x0acf23a3f0deedL,
-          0x2143061728dd3aL, 0x66276e2b8ce34cL },
-        { 0x23700dc73cc9c7L, 0xdb448515b1778bL, 0x330f41e4aab669L,
-          0x2f5aabcf5282a4L, 0xff837a930f9e01L, 0x1a1eb2f901cc98L,
-          0xd3f4ed9e69bd7fL, 0xa6b11418a72a7dL }
-    },
-    {
-        { 0x34bde809ea3b43L, 0x5ddcb705ced6aeL, 0x8257f5b95a6cb8L,
-          0xaac205dc77dcb8L, 0x77d740d035b397L, 0xca7847fcf7e0a6L,
-          0x9404dd6085601bL, 0x0a5046c457e4f9L },
-        { 0xcaee868bc11470L, 0xb118796005c5f6L, 0xcc04976ec79173L,
-          0x7f51ba721f6827L, 0xa8e3f0c486ff7eL, 0x327163af87838cL,
-          0xcf2883e6d039fdL, 0x6fb7ab6db8b0e2L }
-    },
-    {
-        { 0x8ca5bac620d669L, 0xff707c8ed7caa9L, 0xdaefa2b927909bL,
-          0x1d2f9557029da3L, 0x52a3ba46d131a0L, 0xe5a94fd3ab1041L,
-          0x508917799bc0aeL, 0xf750354fa1bd16L },
-        { 0xdd4e83a6cd31fdL, 0xd33505392fac84L, 0xf914cbc1691382L,
-          0x669683fda6ade6L, 0x69446438878513L, 0x429d3cc4b1a72dL,
-          0x655c46a61eec36L, 0x881eded4bc4970L }
-    },
-    {
-        { 0x5b39d377ca647fL, 0x41533c1e917b34L, 0xea2aeb57daf734L,
-          0xf1ef1eb1286560L, 0x582f2e008e0473L, 0x5913d7d5edc74aL,
-          0x588c7ec3c1e754L, 0xbd6db057146fe1L },
-        { 0x3b0d49e7634907L, 0x4c65ce4e43b9ccL, 0xb87e9582d92d5bL,
-          0x05135727ab1519L, 0x03ec0848c3aed0L, 0x4d7aa21561a641L,
-          0xe5f821199e92adL, 0x379b55f48a457cL }
-    },
-    {
-        { 0x8317c34d6a8442L, 0xb0ab4a5ae499daL, 0xebcb16e720e8ebL,
-          0xfd5c5639a96908L, 0xcab4d67ad23acfL, 0xa600a79bcdf748L,
-          0x18a6340a2a6a51L, 0xf2f415c3aabd69L },
-        { 0xdb38a4f747258aL, 0xb6ea5602e24415L, 0xfad1ea9f1f7655L,
-          0x4e27eb5c957684L, 0xf8283e1b2e1cfcL, 0x8f83bd6aa6291cL,
-          0x28d23b55619e84L, 0xb9f34e893770a4L }
-    },
-},
-{
-    {
-        { 0x1bb84377515fb1L, 0xac73f2a7b860a6L, 0x78afdfa22b390fL,
-          0x815502b66048aaL, 0xf513b9785bf620L, 0x2524e653fc5d7cL,
-          0xa10adc0178c969L, 0xa1d53965391c8dL },
-        { 0x09fccc5a8bcc45L, 0xa1f97d67710e1eL, 0xd694442897d0a1L,
-          0x7030beb5f42400L, 0xdebe08c7127908L, 0x96b715c2187637L,
-          0xc598250b528129L, 0x0f62f45a1ccb07L }
-    },
-    {
-        { 0x8404941b765479L, 0xfdecff45837dc4L, 0x1796372adbd465L,
-          0x5f84c793159806L, 0x6d2e46b6aaad34L, 0xd303b4a384b375L,
-          0x440acd5b392002L, 0x4f2a4a7c475e87L },
-        { 0x038e1da5606fc2L, 0x2d821c29c2f050L, 0xc074cb3f139db4L,
-          0xde2fee74ec59beL, 0x5a819eea84ed59L, 0xd65c62c3e98711L,
-          0x72eb440b9723c1L, 0xb92775401be611L }
-    },
-    {
-        { 0x929fe64ab9e9fcL, 0x04379fd0bf1e85L, 0xb322093bc28ee3L,
-          0x78ac4e2e4555e1L, 0xdb42b58abc5588L, 0x1c1b5e177c8b12L,
-          0xf6d78dd40366c4L, 0xc21ff75bdae22eL },
-        { 0x1e3d28ea211df2L, 0xc5a65a13617c0aL, 0x3fa02c058140d5L,
-          0x155c346b62d10cL, 0xc9cf142e48268fL, 0xdc140831993bc3L,
-          0x07c44d40ee69dcL, 0x61699505e2ac46L }
-    },
-    {
-        { 0x44e4a51d0fb585L, 0x00846bef1f3ce8L, 0xedef39a8e2de1eL,
-          0x430afe333b3934L, 0xac78b054337188L, 0x0f39de4c9a3f24L,
-          0x039edddc9ae6a4L, 0xf4701578eacd51L },
-        { 0x1e396949a2f31aL, 0xc8a40f4b19a8b1L, 0xdddd10c9d239d8L,
-          0xf974245887e066L, 0xfdb51113ea28c6L, 0xb5af0fbe1122a9L,
-          0xd30c89f36e0267L, 0x7b1c0f774f024cL }
-    },
-    {
-        { 0x1ec995607a39bfL, 0x1c3ecf23a68d15L, 0xd8a5c4e4f59fe9L,
-          0xacb2032271abc3L, 0xbc6bdf071ef239L, 0x660d7abb39b391L,
-          0x2e73bb2b627a0eL, 0x3464d7e248fc7eL },
-        { 0xaa492491666760L, 0xa257b6a8582659L, 0xf572cef5593089L,
-          0x2f51bde73ca6bfL, 0x234b63f764cff5L, 0x29f48ead411a35L,
-          0xd837840afe1db1L, 0x58ec0b1d9f4c4bL }
-    },
-    {
-        { 0x8e1deba5e6f3dcL, 0xc636cf406a5ff7L, 0xe172b06c80ca0fL,
-          0x56dc0985ffb90aL, 0x895c2189a05e83L, 0x6ddfaec7561ac2L,
-          0xaa3574996283a0L, 0x6dfb2627e7cd43L },
-        { 0x6576de52c8ca27L, 0x6a4a87249018ebL, 0x00c275c5c34342L,
-          0xe34805ad2d90c4L, 0x651b161d8743c4L, 0xb3b9d9b7312bf3L,
-          0x5d4b8e20bf7e00L, 0x8899bdf78d3d7eL }
-    },
-    {
-        { 0x9644ad8faa9cd1L, 0x34c98bf6e0e58eL, 0x6022aad404c637L,
-          0x2a11a737ac013bL, 0x5bdd1035540899L, 0x2e675721e022a4L,
-          0xe32045db834c33L, 0x74a260c2f2d01cL },
-        { 0x20d59e9c48841cL, 0x05045dde560359L, 0xeba779cac998acL,
-          0x5bed10c00a6218L, 0x25d4f8e5327ef4L, 0xa2784744597794L,
-          0xefd68ca831d11eL, 0x9ad370d934446aL }
-    },
-    {
-        { 0x3089b3e73c92acL, 0x0ff3f27957a75cL, 0x843d3d9d676f50L,
-          0xe547a19d496d43L, 0x68911c98e924a4L, 0xfab38f885b5522L,
-          0x104881183e0ac5L, 0xcaccea9dc788c4L },
-        { 0xfbe2e95e3c6aadL, 0xa7b3992b3a6cf1L, 0x5302ec587d78b1L,
-          0xf589a0e1826100L, 0x2acdb978610632L, 0x1e4ea8f9232b26L,
-          0xb21194e9c09a15L, 0xab13645849b909L }
-    },
-},
-{
-    {
-        { 0x92e5d6df3a71c1L, 0x349ed29297d661L, 0xe58bd521713fc9L,
-          0xad999a7b9ddfb5L, 0x271c30f3c28ce0L, 0xf6cd7dc2a9d460L,
-          0xaf728e9207dec7L, 0x9c2a532fcb8bf0L },
-        { 0xd70218468bf486L, 0x73b45be7ab8ea8L, 0xddfc6581795c93L,
-          0x79416606bb8da2L, 0x658f19788e07a2L, 0xa9d5b0826d3d12L,
-          0x4d7c95f9535b52L, 0xad55e25268ef8aL }
-    },
-    {
-        { 0x94a9b0ba2bc326L, 0x485ecc5167e5f3L, 0x8340bc7c97fc74L,
-          0x06f882b07aaa5cL, 0x4b57455849698aL, 0xd9281ebb36a0baL,
-          0x8918c6c8b8108fL, 0xedd1eea5b50d1dL },
-        { 0x94d737d2a25f50L, 0x0e5a8232446ad0L, 0x02a54357ced3e2L,
-          0xb09a92a4af8cedL, 0x85fc498eeecef2L, 0x06a02b9e71e3d4L,
-          0x00ad30784bb49aL, 0xf61585e64a5b4aL }
-    },
-    {
-        { 0x915f6d8b86a4c9L, 0x944bc6ba861e1fL, 0x3091ca754465efL,
-          0x11df859eb53a38L, 0xd44dde50144679L, 0x6c8da9a0994eddL,
-          0xeebcebf91241efL, 0xc419354c2f6859L },
-        { 0x1f4969349581b6L, 0x5712b10bb26cb4L, 0x8fcaa41b09fd59L,
-          0xbd39aad72e22e3L, 0xf70e794b1199b0L, 0xdf63c0cc6f863dL,
-          0xd58166fee9df4fL, 0xb9224eac45e70bL }
-    },
-    {
-        { 0x80072face525f4L, 0x8597bd666a5502L, 0xf65e203dbc9725L,
-          0xeccfbe3f2222a4L, 0x490aa422339834L, 0x134889162489e8L,
-          0xaff3f80a735084L, 0x69d53d2f3f1bd6L },
-        { 0xb123ffc813341aL, 0x359084c1173848L, 0x751425ed29b08dL,
-          0x1edda523890ad4L, 0xb64974c607cf20L, 0xa8c8cb8b42ac7cL,
-          0xd5cb305edd42e5L, 0xf3034dc44c090aL }
-    },
-    {
-        { 0x428921dbb18e19L, 0x4cfd680fed2127L, 0x671144d92ac8c3L,
-          0x2121901132c894L, 0x25d0e567604cd9L, 0xa372223afbc2a0L,
-          0xcf98a5256c16f7L, 0x71f129ab5459e1L },
-        { 0xf4afdc5b668b2eL, 0xc5d937a0c2d410L, 0xe2cc4af285d54aL,
-          0x1c827778c53e18L, 0x270f2c369a92f6L, 0x799f9ac616327aL,
-          0xce658d9d4246f2L, 0x0fb681ffb12e36L }
-    },
-    {
-        { 0xc5ab11ee0690feL, 0x80261e33f74249L, 0x8eb4b4758c1cf2L,
-          0x4895a80184ae9bL, 0x4a4bdb6d3e27ebL, 0xa7a1638bfd251cL,
-          0x29ec144417a7e3L, 0xd0736093f1b960L },
-        { 0xcb1ed8349c73d1L, 0x33fc84a8d1945aL, 0x9f668dbe965118L,
-          0x3331743a82811fL, 0xf394dec28ba540L, 0x44ce601654a454L,
-          0x240dbb63623645L, 0xf07e7f22e61048L }
-    },
-    {
-        { 0x7c9f1763d45213L, 0x3eefa709c1f77fL, 0xde3c3c51b48350L,
-          0x4a2bc649d481a7L, 0xfd4a58a7874f3dL, 0x96655d4037b302L,
-          0x945252868bf5abL, 0x1b6d46a75177f6L },
-        { 0x7de6763efb8d00L, 0xb2c1ba7a741b7bL, 0xcca6af47bae6edL,
-          0xe4378ca5b68b3fL, 0xfb757deaf71948L, 0x7f07b5ebc6ac99L,
-          0x752a56827d636dL, 0xc8b7d1d4b8a34fL }
-    },
-    {
-        { 0x76cb78e325331bL, 0x41f41c9add2eedL, 0x03db2385c5f623L,
-          0xbbc1d177102fa2L, 0x80f137a60182ecL, 0xfdd856955adf15L,
-          0x4f53f5ee3373dcL, 0xec6faf021b669bL },
-        { 0x7d4e9830b86081L, 0x10d3cd9f2d979cL, 0x0f48f5824a22c8L,
-          0x86c540c02f99eeL, 0xf4c66545e6c5fcL, 0xaf0c588bc404c8L,
-          0x2e6edbd423118aL, 0x86e32e90690eabL }
-    },
-},
-{
-    {
-        { 0x1d12656dfbfa6fL, 0xa4980957646018L, 0x2f1071bc3597d0L,
-          0x3df83f91dda80aL, 0x5853e28f3ae449L, 0xb853d319e19aadL,
-          0x863f01ba0d8a46L, 0xa84fca62fef108L },
-        { 0xbe4c0b7fb84de9L, 0x40a03dcc0727bfL, 0x781f841b18575cL,
-          0x6a63045466cddbL, 0x6be758205dc7a2L, 0x420f87f07ae811L,
-          0x28082423bf96c8L, 0x723998c51c6821L }
-    },
-    {
-        { 0x38ab64181f5863L, 0xd82ecbd05ff9e1L, 0x339c94ea065856L,
-          0x143054aa45156dL, 0xe6d64bf065628cL, 0xe530086a938589L,
-          0x22d3a49385d79bL, 0x0b107900ab8245L },
-        { 0xb0d80fbca387b5L, 0x698206e35551d7L, 0x199685da10bb73L,
-          0xa8e5fa89107378L, 0x36e5724d99dbbfL, 0xd67f476d581b03L,
-          0x7a15be788dd1e6L, 0x8dac8e4e5baa31L }
-    },
-    {
-        { 0x4d5d88fe170ef8L, 0xb6ba5de1e9e600L, 0x4a89d41edeabc5L,
-          0x737c66b8fac936L, 0x8d05b2365c3125L, 0x85a5cbcb61b68eL,
-          0x8fea62620a6af9L, 0x85115ded8b50ecL },
-        { 0x5430c8d6a6f30bL, 0x8bef9cf8474295L, 0x0648f5bbe77f38L,
-          0xfe2b72f9e47bd7L, 0xad6c5da93106e2L, 0x4fa6f3dfa7a6c3L,
-          0xdcd2ed8b396650L, 0x7de1cce1157ef9L }
-    },
-    {
-        { 0x70a5f6c1f241d1L, 0x6c354d8798cd5cL, 0x23c78381a729fbL,
-          0xcff8f15523cbdaL, 0x5683ff43493697L, 0xef7dbab7534f53L,
-          0xd7bd08e2243d53L, 0x6f644cbf8072a9L },
-        { 0xac960f9b22db63L, 0xa97f41723af04dL, 0x692b652d9798afL,
-          0x0e35967fedb156L, 0x14b5e50dfe6ee8L, 0x7597edeb411070L,
-          0x116f3ce442b3f9L, 0xe9b5ae81b2b6dbL }
-    },
-    {
-        { 0xf4385ee2315930L, 0xc8d029827a8740L, 0x7907a8dd934a43L,
-          0x20bc946c582191L, 0xa4acb3e6a405e7L, 0x8c1d6c843df2f5L,
-          0x9df1593991f0b5L, 0xbb9df984d9be9dL },
-        { 0x63620088e4b190L, 0xee1421eada3a88L, 0xb84f0ccf93b027L,
-          0x7a5d6678e95091L, 0x3974462f3e3704L, 0xfa6fb5ec593e98L,
-          0x44b6cf7a6477d2L, 0xe885b57b09a562L }
-    },
-    {
-        { 0x6e339e909a0c02L, 0x57afff00e75f29L, 0x797d8d6fb7db03L,
-          0xc6e11a3d25a236L, 0x643ce1c0107260L, 0xe644ec462eae1cL,
-          0x821d5b83f5a3f5L, 0xa8ad453c0579d6L },
-        { 0x6518ed417d43a4L, 0x46e76a53f87ccdL, 0xd6cbaabf9bef95L,
-          0x25688324f7cbcfL, 0x367159a08476b4L, 0x1d1b401be6d324L,
-          0x348cb98a605026L, 0x144f3fe43b6b1eL }
-    },
-    {
-        { 0xbabbd787b1822cL, 0xd34ba7e2aa51f8L, 0x086f1cc41fbea4L,
-          0x96f7eac746f3d9L, 0xad97f26281ecafL, 0x751a905a14ee2cL,
-          0xb4e7fe90d7335fL, 0x0d97b8f4892ff0L },
-        { 0xdb8a3155a5c40eL, 0x64e5de77ba567bL, 0x4f155f71eefe88L,
-          0xe2297e9fb6fbf4L, 0xfe24bf96c16be5L, 0x2251847cdd83e2L,
-          0x13ac2c85eda444L, 0x49d1b85283275fL }
-    },
-    {
-        { 0xca08731423e08fL, 0x7046bb087d2f14L, 0x876f10c3bc846cL,
-          0x2202b76358fbe3L, 0x0d4fc1c0e26ac6L, 0x1fc748bb986881L,
-          0x609e61c8384a18L, 0x28a72d60d88e00L },
-        { 0x1332a3178c6e2fL, 0x0367919b3526a4L, 0x53989e4698fe3eL,
-          0x14b1145b16a99bL, 0xef9ec80ddbb75fL, 0x76256240e53955L,
-          0x54e087a8744ae1L, 0xce50e8a672b875L }
-    },
-},
-{
-    {
-        { 0x4c88b2ba29629cL, 0x946559c7b2642fL, 0x933d432f7ebe4cL,
-          0x97109b663632c9L, 0x799b3fbe53184dL, 0xd4628710f069a6L,
-          0x0c182a13a68351L, 0x974a8399a2437aL },
-        { 0x29f19972a70278L, 0x01b98b6d9c424bL, 0xd85a60b08f4c37L,
-          0xcc3523f2b1da15L, 0xf922115ddffb0fL, 0xee0fe4dde84ae2L,
-          0x810440c55365beL, 0xd2f66391a457e8L }
-    },
-    {
-        { 0x5e6879fe2ddd05L, 0x92a7545abdfc61L, 0x7dedd63a5cede8L,
-          0x8a03b3f70df4bdL, 0xa5d1f6591f6cbbL, 0x372fde610f3fb2L,
-          0x4537f9ea9dee05L, 0x7eb85bbdf7aa50L },
-        { 0x963edf8e8c504dL, 0x53c8dcae7bdb6bL, 0xa246e4c6fedf2dL,
-          0x75533400c55bdeL, 0x2aa748d0270a54L, 0xadb6cf005860ddL,
-          0x8d314509b84763L, 0x626720deb405efL }
-    },
-    {
-        { 0xa3709ae6601328L, 0x68e94fd2ac2478L, 0x38793439d5d247L,
-          0xfa467af392c198L, 0x49e7b0d15df607L, 0x8c5812261792a8L,
-          0x79f76581d3762fL, 0xaa38895244a39dL },
-        { 0xef60af9c5cd0bcL, 0x2b0db53a33b3bbL, 0xe3e0b1f251015dL,
-          0xc608afce64489eL, 0xe52b05703651aaL, 0x1dda8b91c6f7b9L,
-          0x833f022ff41893L, 0x58eb0a0192818cL }
-    },
-    {
-        { 0x6c1300cfc7b5a7L, 0x6d2ffe1a83ab33L, 0x7b3cd019c02eefL,
-          0x6c64559ba60d55L, 0x2e9c16c19e2f73L, 0x11b24aedbe47b1L,
-          0xc10a2ee1b8153bL, 0x35c0e081e02e1aL },
-        { 0xa9f470c1dd6f16L, 0x4ea93b6f41a290L, 0xac240f825ee03fL,
-          0x6cd88adb85aabdL, 0x378a64a1be2f8fL, 0xbf254da417bac1L,
-          0x7e4e5a59231142L, 0x057aadc3b8c057L }
-    },
-    {
-        { 0x607c77a80af479L, 0xd3e01ff5ccdf74L, 0x9680aaf101b4c7L,
-          0xd2a7be12fc50a6L, 0x92a788db72d782L, 0x35daf2e4640b52L,
-          0xc170d6939e601cL, 0x16e05f57b25c2fL },
-        { 0x47a42a66fe37f8L, 0xeb74271beca298L, 0x401e11e179da16L,
-          0xfb8da82aa53873L, 0xd657d635bb4783L, 0x6847758fcea0b1L,
-          0x2f261fb0993154L, 0x868abe3592853aL }
-    },
-    {
-        { 0x1a4c54335766abL, 0xa1c84d66f4e4eaL, 0x5d737a660ba199L,
-          0x4a7b1e298b15a2L, 0x207877ffd967d3L, 0xcaec82dc262b4dL,
-          0x0b278494f2a37dL, 0x34781416ac1711L },
-        { 0x28e3df18fc6856L, 0xbec03f816d003fL, 0x2bd705bff39ebdL,
-          0x1dcb53b2d776d3L, 0xabafa7d5c0e7ceL, 0x5b9c8c24a53332L,
-          0xe9f90d99d90214L, 0x789747ec129690L }
-    },
-    {
-        { 0x94d3c3954e2dfaL, 0x919f406afb2a8fL, 0x159ef0534e3927L,
-          0xcdb4d14a165c37L, 0xa23e5e8288f337L, 0x95867c00f90242L,
-          0x2528150e34e781L, 0x104e5016657b95L },
-        { 0x695a6c9bcdda24L, 0x609b99523eb5faL, 0xcbce4f516a60f8L,
-          0xec63f7df084a29L, 0x3075ada20c811fL, 0x129a1928c716a1L,
-          0xd65f4d4cd4cd4aL, 0xe18fa9c62188beL }
-    },
-    {
-        { 0x1672757bac60e3L, 0x525b3b9577144bL, 0x38fc997887055bL,
-          0x7a7712631e4408L, 0x884f173cba2fcfL, 0x783cbdc5962ac0L,
-          0x4f3ed0a22287dcL, 0x8a73e3450e20e6L },
-        { 0xe7a1cd0d764583L, 0x8997d8d0d58ee6L, 0x0ea08e9aa13ed6L,
-          0xed478d0cf363cbL, 0x068523d5b37bf4L, 0x8b5a9e8783f13cL,
-          0xde47bbd87528a9L, 0xd6499cccaec313L }
-    },
-},
-{
-    {
-        { 0x54781bbe09859dL, 0x89b6e067f5e648L, 0xb006dfe7075824L,
-          0x17316600717f68L, 0x9c865540b4efe2L, 0xdbdb2575e30d8eL,
-          0xa6a5db13b4d50fL, 0x3b5662cfa47bebL },
-        { 0x9d4091f89d4a59L, 0x790517b550a7dcL, 0x19eae96c52965eL,
-          0x1a7b3c5b5ed7a4L, 0x19e9ac6eb16541L, 0x5f6262fef66852L,
-          0x1b83091c4cda27L, 0xa4adf6f3bf742bL }
-    },
-    {
-        { 0x8cc2365a5100e7L, 0x3026f508592422L, 0xa4de79a3d714d0L,
-          0xefa0d3f90fcb30L, 0x126d559474ada0L, 0xd68fa77c94350aL,
-          0xfa80e570c7cb45L, 0xe042bb83985fbfL },
-        { 0x51c80f1fe13dbaL, 0xeace234cf055d7L, 0x6b8197b73f95f7L,
-          0x9ca5a89dcdbe89L, 0x2124d5fdfd9896L, 0x7c695569e7ca37L,
-          0x58e806a8babb37L, 0x91b4cc7baf99ceL }
-    },
-    {
-        { 0x874e253197e968L, 0x36277f53160668L, 0x0b65dda8b95dbeL,
-          0x477a792f0872a1L, 0x03a7e3a314268dL, 0xa96c8420c805c7L,
-          0xb941968b7bc4a8L, 0x79dce3075db390L },
-        { 0x577d4ef6f4cc14L, 0x5b0d205b5d1107L, 0x64ff20f9f93624L,
-          0x0b15e315034a2fL, 0x3a0f6bb8b6f35cL, 0x0399a84e0d0ec5L,
-          0xd0e58230d5d521L, 0xdeb3da1cb1dd54L }
-    },
-    {
-        { 0x24684ae182401aL, 0x0b79c1c21a706fL, 0xe1d81f8d8998afL,
-          0xadf870f4bb069fL, 0xd57f85cf3dd7aaL, 0x62d8e06e4a40f8L,
-          0x0c5228c8b55aa1L, 0xc34244aa9c0a1aL },
-        { 0xb5c6cf968f544eL, 0xa560533de23ab7L, 0xaa5512047c690cL,
-          0x20eda5b12aaaa6L, 0xea0a49a751a6a0L, 0x6d6cfff2baa272L,
-          0x95b756ebf4c28aL, 0xd747074e6178a4L }
-    },
-    {
-        { 0xa27b453221a94bL, 0xd56ad13e635f20L, 0x03574b08c95117L,
-          0xf0ee953ed30b70L, 0xb48d733957796fL, 0xf5d958358c336bL,
-          0x6170cd882db529L, 0xcd3ef00ec9d1eaL },
-        { 0xd1bea0de4d105fL, 0xd2d670fad6a559L, 0x652d01252f9690L,
-          0x5f51fb2c2529b0L, 0x5e88bf0e89df2aL, 0x9a90684cd686e4L,
-          0xf519ccd882c7a1L, 0x933a0dfc2f4d37L }
-    },
-    {
-        { 0x0720a9f3f66938L, 0x99356b6d8149dfL, 0xb89c419a3d7f61L,
-          0xe6581344ba6e31L, 0xd130561ab936c8L, 0x0625f6c40dbef1L,
-          0x7b2d6a2b6bb847L, 0x3ca8b2984d506bL },
-        { 0x6bf729afb011b0L, 0x01c307833448c9L, 0x6ae95080837420L,
-          0xf781a8da207fb8L, 0xcc54d5857562a9L, 0xc9b7364858c5abL,
-          0xdfb5035359908fL, 0x8bf77fd9631138L }
-    },
-    {
-        { 0xf523365c13fbb1L, 0x88532ea9993ed5L, 0x5318b025a73492L,
-          0x94bff5ce5a8f3cL, 0x73f9e61306c2a0L, 0x00abbacf2668a3L,
-          0x23ce332076237dL, 0xc867f1734c0f9bL },
-        { 0x1e50995cfd2136L, 0x0026a6eb2b70f8L, 0x66cb1845077a7dL,
-          0xc31b2b8a3b498eL, 0xc12035b260ec86L, 0x1cbee81e1b3df0L,
-          0xfd7b8048d55a42L, 0x912a41cf47a8c8L }
-    },
-    {
-        { 0xab9ffe79e157e3L, 0x9cfe46d44dc158L, 0x435551c8a4a3efL,
-          0x638acc03b7e3a8L, 0x08a4ebd49954a7L, 0x295390c13194f7L,
-          0x3a2b68b253892aL, 0xc1662c225d5b11L },
-        { 0xcfba0723a5d2bbL, 0xffaf6d3cc327c9L, 0x6c6314bc67e254L,
-          0x66616312f32208L, 0xf780f97bea72e1L, 0x495af40002122fL,
-          0x3562f247578a99L, 0x5f479a377ce51eL }
-    },
-},
-{
-    {
-        { 0x91a58841a82a12L, 0xa75417580f3a62L, 0x399009ff73417aL,
-          0x2db1fb90a8c5cdL, 0x82c8912c046d51L, 0x0a3f5778f18274L,
-          0x2ad0ede26ccae2L, 0x7d6bd8b8a4e9c2L },
-        { 0xaa0d7974b3de44L, 0xf8658b996ac9bbL, 0x31e7be25f6c334L,
-          0x23836ce4df12c9L, 0x029027b59eb5c9L, 0x2f225315b8649dL,
-          0xa0fdf03d907162L, 0x101d9df9e80226L }
-    },
-    {
-        { 0xf12037a9a90835L, 0xd2d0882f0222a7L, 0xeaf8d40c3814e2L,
-          0xa986dc68b8146bL, 0x147a3318504653L, 0x734e0032feaf67L,
-          0x6f27bbf602bec5L, 0xa1e21f16a688f3L },
-        { 0x5a8eeab73c4ae5L, 0x4dbaddbe70b412L, 0x871cebacfd2af1L,
-          0x18603827d7a286L, 0x024059db5bb401L, 0x2557c093c39b73L,
-          0xfc5a7116681697L, 0xf881c0f891b57cL }
-    },
-    {
-        { 0x3c443f18ea191aL, 0x76faa58d700ad0L, 0x6fe6cfabe7fcbfL,
-          0xaefc5288990ef7L, 0x44e30fa80004ccL, 0xc744adc6d8ef85L,
-          0xafcd931912df70L, 0xf62a9d1572a6d8L },
-        { 0x47158a03219f27L, 0x76fb27ead73136L, 0x41bb2adcc2d614L,
-          0x8858cb9de1ec21L, 0xab402c45f15866L, 0x6675d5bbc82bbfL,
-          0x4ee9dd6f1b28d3L, 0x875884fe373c17L }
-    },
-    {
-        { 0x17806dd2a67d36L, 0xaa23a8632c9ec1L, 0xd914126fc1ee55L,
-          0xbf8f7bd653701bL, 0x9b0111aea71367L, 0x61fd4aba98e417L,
-          0xeb45298561c5a5L, 0x2187b0ae7af394L },
-        { 0x71f12db1616ddeL, 0x061760907da7b4L, 0x414d37602ddb04L,
-          0x1100be7286fb58L, 0xd7cf88d6f0d95bL, 0x8539d23746d703L,
-          0xdccc9d64e23d73L, 0xaeef1d2ec89680L }
-    },
-    {
-        { 0x82ccf1a336508dL, 0xa128c1f5bad150L, 0x551d8c029a188dL,
-          0xef13dd4771404fL, 0xdd67696c37b993L, 0x428c0e20dddad2L,
-          0x222278d038c94cL, 0x1a24a51078e3f2L },
-        { 0xd297fe6edb0db9L, 0x00988d28251a87L, 0xbb946f8bfaa0d7L,
-          0x380f7b9df45ea0L, 0x8526415afccf5eL, 0x909bfbfe9ec7bcL,
-          0x2ed7093124755cL, 0x436802889404e2L }
-    },
-    {
-        { 0x21b9fa036d9ef1L, 0xfd64b7ce433526L, 0xd9d7eb76544849L,
-          0x201620cd5b54b3L, 0x25fab3dbb61159L, 0x90d4eb0c53e0d3L,
-          0xba098319e74772L, 0x8749658ec1681cL },
-        { 0xa354349fec316bL, 0x639a9b1a743ea2L, 0x2e514ca37c50e6L,
-          0x9f4a4fddbaf6c5L, 0x0df87ef6f511c9L, 0xadd4cef0c00d95L,
-          0x401c0ebaa1433fL, 0x3c3a59ebb38af9L }
-    },
-    {
-        { 0x8706245f0e7dcaL, 0xad238cd3fb29caL, 0x03304439b7d8f0L,
-          0xfdcd6e6154f495L, 0xc67e24a7d4ad09L, 0x1b209e85438390L,
-          0xf893b81b0c211eL, 0x1aa86f07e11e36L },
-        { 0x2cca3ffedea8b1L, 0x7eedd073b306cdL, 0x78e37bc12ee222L,
-          0x257870bbc42a1dL, 0x5fb2bb91fbd397L, 0x470247009d6c60L,
-          0x11748a320bdc36L, 0x3ff24dc04280e8L }
-    },
-    {
-        { 0x0eb1c679839b52L, 0x5bcca27acfbd32L, 0xb506c1674898e3L,
-          0x37d662e2489e5eL, 0x8dc0731f694887L, 0x571149ef43f1dcL,
-          0x6430a3766d63dcL, 0x0d2640eb50dd70L },
-        { 0x2b561493b2675bL, 0x1b4806588c604fL, 0x55c86a8aafbabcL,
-          0xa7b9447608aabaL, 0xa42f63504cad8cL, 0x0f72b1dcee7788L,
-          0x1d68374755d99aL, 0xd7cdd8f5be2531L }
-    },
-},
-{
-    {
-        { 0x67873bdbcdfee1L, 0xa5a0c0afcd0a3fL, 0x59389f93cfa3d4L,
-          0x14e945ce1c865cL, 0x62d2f8e1d588ccL, 0xfd02f8a8e228b4L,
-          0x208f791b42b649L, 0x0e0dff1ab397adL },
-        { 0x30ac3d90bc6eb1L, 0xf14f16a5f313bbL, 0x70fa447e2a0ad2L,
-          0x6e406855a0db84L, 0xd52282be32e1e7L, 0x315a02a15ca330L,
-          0x9a57a70867c2feL, 0x55f07650054923L }
-    },
-    {
-        { 0x2d729f6c0cf08fL, 0x6b80138ebaf57fL, 0x6285bcc0200c25L,
-          0xee845192cd2ac7L, 0x28fce4d922778aL, 0x761325ccd1011cL,
-          0xd01f2475100e47L, 0xc7a1665c60d8e1L },
-        { 0x950966d7ceb064L, 0x0a88e8578420dbL, 0x44f2cfce096f29L,
-          0x9d9325f640f1d2L, 0x6a4a81fd2426f1L, 0x3ed6b189c905acL,
-          0xba3c0e2008854dL, 0x1df0bd6a0d321bL }
-    },
-    {
-        { 0x0117ad63feb1e7L, 0xa058ba2f1ae02fL, 0x5eee5aa31b3f06L,
-          0x540d9d4afacd4dL, 0x38992f41571d91L, 0xef2738ebf2c7deL,
-          0x28bfcab92a798dL, 0x37c7c5d2286733L },
-        { 0xb99936e6470df0L, 0x3d762d58af6a42L, 0xa8c357ac74eec5L,
-          0x9917bebf13afbcL, 0x28f0941f2dc073L, 0x306abf36ce7df7L,
-          0xa3c5f6fd6973c8L, 0x640209b3677632L }
-    },
-    {
-        { 0xee872a2e23aef7L, 0xb497b6feb9b08eL, 0xfb94d973f33c63L,
-          0x9ea1ff42b32315L, 0x537b49249a4166L, 0x89c7fe6ab4f8beL,
-          0xf68007fdad8f0fL, 0xe56ef0b71b8474L },
-        { 0x478b2e83f333f9L, 0x144e718b2607f5L, 0x13aa605a4c7ab5L,
-          0xfc1fc991d0730dL, 0xe7a04375ab3ea1L, 0xc59986a306d8d3L,
-          0x24f6111702a8b1L, 0x7741394e040ad2L }
-    },
-    {
-        { 0x34c6a2560723a7L, 0x8aabd0df4ea691L, 0x9d676a55d7497fL,
-          0x12c09577d91fa4L, 0x581c7a86479284L, 0xa54f3daf4fd449L,
-          0x2f89f3c4ef44cfL, 0xfc266b5c9ec97cL },
-        { 0xfcd3fbe88b142aL, 0x9f3109f4bd69c1L, 0x08839c0b5f5a6aL,
-          0x63ca8502e68303L, 0x2f0628dbba0a74L, 0x743cccf5d56b54L,
-          0xbd4b06613e09fdL, 0x7a8415bde2ba3eL }
-    },
-    {
-        { 0x2234a3bc076ab2L, 0xd6953e54977a98L, 0xc12215831ebe2eL,
-          0x632145fbad78e2L, 0xd7ba78aa5c4b08L, 0x6f4ea71998e32aL,
-          0x25900d23485a63L, 0x97ac6286a5176fL },
-        { 0x5df91181093f7bL, 0x2bf9829c844563L, 0x525d99d6272449L,
-          0x4281cb5b5c8a18L, 0x35df2780544a08L, 0xf4c3d2dbaeb8f4L,
-          0xc7ff3175230447L, 0x6b4d7645d2fbffL }
-    },
-    {
-        { 0x4837f802b0c9cbL, 0xb65f8168ce8418L, 0xdf66ea99fc1428L,
-          0x9788ee804ea7e8L, 0x9eae9008334e3cL, 0xbc91058d6ba1b6L,
-          0x634aba1d7064b6L, 0x12d9bb3397b368L },
-        { 0x0645c85c413aa8L, 0xb09dea6ac6b5e3L, 0x29a620d289a50bL,
-          0x104db3bbbcceb1L, 0x42e479287b3309L, 0xdfc373eec97f01L,
-          0xe953f94b93f84eL, 0x3274b7f052dfbfL }
-    },
-    {
-        { 0x9d5670a1bd6fa9L, 0xec42fc9db6c4d4L, 0xaecd4ed1b42845L,
-          0x4eed90e1b03549L, 0xeb3225cbbab1faL, 0x5345e1d28a2816L,
-          0x3741cfa0b77d2aL, 0x712b19f7ea8caaL },
-        { 0x42e6844661853eL, 0x4cf4126e4a6e5dL, 0x196a9cfc3649f6L,
-          0x06621bcf21b6b1L, 0x887021c32e29eaL, 0x5703aeb8c5680fL,
-          0x974be24660f6d7L, 0xaf09badc71864eL }
-    },
-},
-{
-    {
-        { 0x3483535a81b6d3L, 0x19e7301ca037dcL, 0x748cab763ddfebL,
-          0xe5d87f66f01a38L, 0xbba4a5c2795cd6L, 0x411c5d4615c36cL,
-          0xff48efc706f412L, 0x205bafc4b519dfL },
-        { 0xfcaa5be5227110L, 0x7832f463ad0af0L, 0x34ef2c42642b1bL,
-          0x7bbef7b072f822L, 0x93cb0a8923a616L, 0x5df02366d91ba7L,
-          0x5da94f142f7d21L, 0x3478298a14e891L }
-    },
-    {
-        { 0xad79a0fc831d39L, 0x24d19484803c44L, 0x4f8a86486aeeb2L,
-          0x0ca284b926f6b9L, 0x501829c1acd7cdL, 0x9f6038b3d12c52L,
-          0x77223abf371ef5L, 0x2e0351613bf4deL },
-        { 0x7a5a4f2b4468ccL, 0xdcea921470ae46L, 0xf23b7e811be696L,
-          0xe59ad0d720d6fbL, 0x9eacac22983469L, 0x4dd4110c4397eeL,
-          0x4ef85bdcbe2675L, 0xe4999f7aa7c74bL }
-    },
-    {
-        { 0x031838c8ea1e98L, 0x539b38304d96a2L, 0x5fbdef0163956eL,
-          0x6bd4d35ce3f52aL, 0xe538c2355e897fL, 0x6078d3a472dd3fL,
-          0x590241eca9f452L, 0x2bc8495fd7fc07L },
-        { 0x23d0c89ead4c8cL, 0x1ea55a9601c66eL, 0x41493c94f5b833L,
-          0xc49a300aa5a978L, 0xc98bdc90c69594L, 0x4e44cedccbdc8cL,
-          0xb0d4e916adccbfL, 0xd56e36b32c37aeL }
-    },
-    {
-        { 0x052bd405b93152L, 0x688b1d44f1dbfaL, 0xe77ba1abe5cc5fL,
-          0x11f8a38a6ac543L, 0x3355fd6e4bb988L, 0xdf29c5af8dffb4L,
-          0x751f58981f20eeL, 0x22a0f74da9b7fbL },
-        { 0xec8f2bc6397b49L, 0xff59fc93639201L, 0xb7f130aa048264L,
-          0xe156a63afdc4ccL, 0x0fd7c34b13acafL, 0x87698d40cb4999L,
-          0x6d6ecae7f26f24L, 0xae51fad0f296e2L }
-    },
-    {
-        { 0xd0ad5ebdd0f58dL, 0x6ec6a2c5c67880L, 0xe1ce0349af1e0fL,
-          0x08014853996d32L, 0x59af51e5e69d20L, 0x0ef743aaa48ecfL,
-          0x8d3d2ea7dafcb0L, 0x4ac4fad89189b6L },
-        { 0x92d91c2eae97f1L, 0xef5eca262b4662L, 0x440b213b38b10aL,
-          0xec90187fc661daL, 0x85f3f25f64cf8dL, 0xcee53ca457ad1bL,
-          0x8deed4bf517672L, 0x7706fb34761828L }
-    },
-    {
-        { 0x1577d9117494feL, 0x52d29be2fd7239L, 0x9a0eef00186d37L,
-          0x241d0f527fe108L, 0x42824bae6fb59fL, 0xb8d33df0d48c25L,
-          0xfffdb0a47af4b0L, 0x534c601073b0b6L },
-        { 0xe6df35951c033bL, 0x3e1002b86c0f94L, 0xa7cb55548fb9b6L,
-          0x999818ba7bbff8L, 0xe4ba3d684d8bf2L, 0x53dbb326358f0aL,
-          0xeebc1e2f2568e8L, 0xc6917ebb3e0f68L }
-    },
-    {
-        { 0xbe1bbfc19f8d13L, 0xc3951b62d4795cL, 0x9371c49ed535a9L,
-          0x77c389f68cebeaL, 0xfc1a947a141d0eL, 0x4b48d7ade44f8bL,
-          0x3db1f058580a26L, 0xeed1466258b5fcL },
-        { 0x5daa4a19854b21L, 0x5bfa46f1ab1eadL, 0xc152e3559957ebL,
-          0xdc84277ea48adaL, 0x68709cffc169b5L, 0xde50ce3720e617L,
-          0xe42f262dd9a832L, 0xddffd4d2d6ce29L }
-    },
-    {
-        { 0xd5ba5578fa0a56L, 0x0d7d0f1fafaf4cL, 0x7666e4138b63edL,
-          0x04e65135d87f02L, 0xdca8866c958f32L, 0xaa8486d3ce2686L,
-          0xe3785caf1cbcd3L, 0x8a9b11403c8335L },
-        { 0x5c1dca22e0ef60L, 0x775af5b7d3fb20L, 0xe690ffc2b373a8L,
-          0x30fe15d28330e6L, 0x8a1022bdd0f393L, 0x6bd7364966a828L,
-          0x8d4b154949208aL, 0xfb38c6bb9d9828L }
-    },
-},
-{
-    {
-        { 0x6d197640340ac2L, 0x969f473ecab5ffL, 0xead46f7c458e42L,
-          0x168646a1d00eedL, 0xf70c878e0ce0cfL, 0xa7291d38d8d15aL,
-          0x92cf916fdd10ccL, 0x6d3613424f86d5L },
-        { 0xba50d172d5c4b4L, 0xe0af5024626f15L, 0x76f3809d76098aL,
-          0x433dc27d6caaa8L, 0x72dc67a70d97a7L, 0x935b360f5c7355L,
-          0xdbaac93179bb31L, 0x76738487ed1a33L }
-    },
-    {
-        { 0x8d1ca668f9fa0dL, 0x4ed95d8a02f2bfL, 0xd19fc79f630d7bL,
-          0x0448ec4f46fa51L, 0xb371dd8623bf3fL, 0xe94fabcd650e94L,
-          0x3af3fcacd90a70L, 0x0f720c403ce3b7L },
-        { 0x590814cd636c3bL, 0xcf6928d4469945L, 0x5843aaf484a4c6L,
-          0xb5a4c1af9b4722L, 0x25116b36cfb2f9L, 0xf248cf032c2640L,
-          0x8cd059e27412a1L, 0x866d536862fc5dL }
-    },
-    {
-        { 0x156e62f6de4a2eL, 0x0365af7aafcc78L, 0x65c861819e925eL,
-          0x4db5c01f8b2191L, 0x1fd26d1ad564faL, 0x16bbc5319c8610L,
-          0x0718eef815f262L, 0x8684f4727f83d1L },
-        { 0xa30fd28b0f48dbL, 0x6fef5066ab8278L, 0xd164e771a652dfL,
-          0x5a486f3c6ebc8cL, 0xb68b498dc3132bL, 0x264b6efd73323fL,
-          0xc261eb669b2262L, 0xd17015f2a35748L }
-    },
-    {
-        { 0x4241f657c4bb1dL, 0x5671702f5187c4L, 0x8a9449f3973753L,
-          0x272f772cc0c0cdL, 0x1b7efee58e280cL, 0x7b323494b5ee9cL,
-          0xf23af4731142a5L, 0x80c0e1dd62cc9eL },
-        { 0xcbc05bf675ffe3L, 0x66215cf258ce3cL, 0xc5d223928c9110L,
-          0x30e12a32a69bc2L, 0x5ef5e8076a9f48L, 0x77964ed2329d5fL,
-          0xdf81ba58a72cf2L, 0x38ea70d6e1b365L }
-    },
-    {
-        { 0x1b186802f75c80L, 0x0c153a0698665aL, 0x6f5a7fe522e8ddL,
-          0x96738668ddfc27L, 0x7e421d50d3bdceL, 0x2d737cf25001b2L,
-          0x568840f0e8490cL, 0xea2610be30c8daL },
-        { 0xe7b1bc09561fd4L, 0xeda786c26decb0L, 0x22369906a76160L,
-          0x371c71478a3da3L, 0x1db8fce2a2d9bfL, 0x59d7b843292f92L,
-          0x8097af95a665f9L, 0x7cb4662542b7a9L }
-    },
-    {
-        { 0xa5c53aec6b0c2fL, 0xc4b87327312d84L, 0xfc374cbc732736L,
-          0xa8d78fe9310cc0L, 0xd980e8665d1752L, 0xa62692d6004727L,
-          0x5d079280146220L, 0xbd1fedb860fea5L },
-        { 0xcbc4f8ab35d111L, 0x5ba8cdf3e32f77L, 0xd5b71adb614b93L,
-          0x7b3a2df2f8808dL, 0x09b89c26ef2721L, 0x55a505447c3030L,
-          0x21044312986ae6L, 0x427a0112367d4cL }
-    },
-    {
-        { 0xe9fe256c1942d8L, 0x9e7377d96e3546L, 0x43e734cb0c1744L,
-          0x5f46821211fbcaL, 0x44f83dc32b6203L, 0x84513086ad1d96L,
-          0x54dd5192fbb455L, 0xc2a18222f10089L },
-        { 0x01055a21855bfaL, 0x9e6d7b477078b4L, 0x3f8df6d30cea0eL,
-          0x81c215032973f7L, 0x17dd761c0b3d40L, 0x040424c50d0abeL,
-          0x5599413783deabL, 0xde9271e8f3146fL }
-    },
-    {
-        { 0x5edfd25af4a11dL, 0x3a3c5307846783L, 0xb20086873edd31L,
-          0x74e00ecfe0eef8L, 0xba65d2f3dd78c7L, 0xab1364371999f1L,
-          0xfa9be5dde9a7e8L, 0xeb146ce87a8609L },
-        { 0x76afd6565353e9L, 0xfa7023dd51ba1cL, 0x7a09f2237ede4fL,
-          0xca085760ba7a1bL, 0xd973882b99950aL, 0xe894266ea5057aL,
-          0xd01c4217f55e49L, 0x69cfb9c5555679L }
-    },
-},
-{
-    {
-        { 0x67867e7c5d631aL, 0x1de88c55bcf47bL, 0x8366d06afd1352L,
-          0xd7dbdef6e20337L, 0xb0f9e2f1253ec7L, 0x1be984510ad240L,
-          0x63ec533f4a6118L, 0xd5e4c5b96ce633L },
-        { 0x1d0b6c34df4a25L, 0xef9486a5a1b554L, 0x2f0e59e47b6ef3L,
-          0x4d8042f2ff84d7L, 0x3e74aa3da359c9L, 0x1baa16fd21c160L,
-          0xb4cff210191cbaL, 0x50032d8ebc6472L }
-    },
-    {
-        { 0xb6833e01fc1b13L, 0x8a8b7ba1a5ad8fL, 0xc0cafa2622b820L,
-          0xc6663af738ed20L, 0xd8944868b18f97L, 0xcf0c1f9774fbe4L,
-          0xeedd4355be814fL, 0xd81c02db57e543L },
-        { 0x5e32afc310bad8L, 0x065bc819b813d1L, 0x8efc5fc3142795L,
-          0x5006514732d59cL, 0x91e39df2b5a3ceL, 0x2ad4477faf4204L,
-          0x1a96b184d9bd4fL, 0xc3fee95a4d9c07L }
-    },
-    {
-        { 0xfac7df06b4ba61L, 0xa6ed551061aaefL, 0x35aa2d6133f609L,
-          0x420cfba20ed13dL, 0x861c63eea03d0cL, 0x75f0c56f936d6eL,
-          0xa25f68f3d9a3d5L, 0xba0b7fecd9f66eL },
-        { 0x292e1354680772L, 0x6f6a2dba73f405L, 0xca6add924ea9e4L,
-          0x81cfd61268daaaL, 0x7a4cb6ce6f147aL, 0x8ec3454bded8f5L,
-          0xc8a893b11d61cbL, 0x2256ffc7656022L }
-    },
-    {
-        { 0x6b33271575cb78L, 0x560d305adcd23eL, 0xeedbd3ad6d834bL,
-          0x614a64a5a31e27L, 0xe40b47647ee0c8L, 0x8ef4ff68bd7c2cL,
-          0xa5297fc0b77727L, 0x8759208baf88adL },
-        { 0x86cfe64918df68L, 0x9d60a73cdd882eL, 0x546b642b953014L,
-          0xbaceae38bbef55L, 0xdf58e43f1c3467L, 0x99a83fee9f9babL,
-          0xcd52cbf57a4a8bL, 0xf744e968ae36ecL }
-    },
-    {
-        { 0xb945869a607124L, 0x810dbe9440e6f6L, 0x9911e60738e381L,
-          0x51df68c343b80bL, 0xe424336f7a3f39L, 0x2d32acb989015cL,
-          0xa69b14931019e8L, 0x8a31a38ec12f93L },
-        { 0x0d0d36997c916aL, 0xdc95f3b8885372L, 0xcf1a2613549040L,
-          0x60f6f5eabe95a2L, 0xa909e9fe141325L, 0x7d598f2355c865L,
-          0x70c6442931a9c9L, 0x2354a85b423850L }
-    },
-    {
-        { 0x4cdd22497f9619L, 0x4776fffc22162eL, 0xee5ec330cd31c2L,
-          0x7c04c10f209bb8L, 0x35bbfde579e211L, 0x0e3832515cdfc2L,
-          0x657e6d3e26ffa7L, 0xc66a7c3c65c604L },
-        { 0x322acd7b45e567L, 0x1589cf0296db9bL, 0x1fd0bd3ba1db73L,
-          0xe8826109337a40L, 0xf505a50b3035c7L, 0x4d5af066ed08d7L,
-          0xb3c376b5eda400L, 0x9c7b7001944748L }
-    },
-    {
-        { 0xd76832570c3716L, 0xda62af0dd540e0L, 0x76b155d6580feaL,
-          0x4f42acc32b5464L, 0x881bb603f5b72bL, 0x09c130ee68b9baL,
-          0x37ede3b5c50342L, 0xce61a9cfd15e7dL },
-        { 0xfff1d8572605d0L, 0x62ac2d3062abc2L, 0xa85e02efbe43ddL,
-          0x859d2baa947020L, 0x2ebc8a9111c20bL, 0x7f590a7a656f66L,
-          0x0e1384316b21a6L, 0x29b30c500c7db6L }
-    },
-    {
-        { 0x61e55e2906b8deL, 0x6a97e96949974dL, 0x24b52b526eef67L,
-          0x512f5361aa595aL, 0x81cc7b83c48fcbL, 0xa64af2328115adL,
-          0x9edf6f93d44b8eL, 0x68d7f7c1fe22e3L },
-        { 0x2b2116a520d151L, 0x66a0b7d6aa3efbL, 0x48ae70a9b0f791L,
-          0xcf12174037db88L, 0x36868cd317d9f3L, 0xb57305922fc344L,
-          0xbaa852646a5d23L, 0xad6569137fc10dL }
-    },
-},
-{
-    {
-        { 0xcf8e5f512c78d5L, 0xeb94d98805cdbdL, 0xad1dcdf2ab50b5L,
-          0xf33c136f33cd31L, 0x0d6226b10aeff5L, 0xf7ff493f2f8fc5L,
-          0x7e520d4df57165L, 0x41fbae505271a7L },
-        { 0x72c898776480baL, 0x260835925f4523L, 0xed36b8d49f5f01L,
-          0x3bc1dcef3d49ebL, 0x30c1c1a4940322L, 0x78c1cda7e0f731L,
-          0x51f2dc86d05a31L, 0x57b0aa807f3522L }
-    },
-    {
-        { 0x7ab628e71f88bcL, 0xcf585f38018f21L, 0xdbbe3a413d64f6L,
-          0x0f86df1ec493a5L, 0x8355e6c7725de9L, 0x3954ffee00fe1eL,
-          0xbb8978f9924e32L, 0x1c192987812714L },
-        { 0x7c4ce3eaabca8bL, 0xf861eb59bf7019L, 0x31a84fc682e541L,
-          0x2307ca9acd1b92L, 0x6f8b6ce4bf2842L, 0xde252accb9f9a9L,
-          0x7f0611d93c46d1L, 0x8e2bd80751dc98L }
-    },
-    {
-        { 0xf2fd8fbe27d54bL, 0x2a1e37ec248071L, 0x2fcc888ab8f49aL,
-          0x42c62a3c18a9e5L, 0xe30290870b2446L, 0x90277fac5ac55dL,
-          0x8d97d56d6dde41L, 0xf4cf8a95db04feL },
-        { 0x3e280f5d30d077L, 0x2c903073cb3293L, 0xe0be2ac24eb0ddL,
-          0xa2d1a498bcb4f0L, 0x16db466cd0cd45L, 0x3b28aa79a80232L,
-          0xdd7e52f17b008eL, 0x20685f2868e4daL }
-    },
-    {
-        { 0x0a68c147c7a486L, 0xd8ef234c429633L, 0x470667bffe7506L,
-          0x55a13c88828d51L, 0x5f327412e44befL, 0x537d92a5929f92L,
-          0x0a01d5b31c5cd5L, 0xb77aa7867eb3d7L },
-        { 0x36ec45f8b82e4dL, 0x6821da0b37b199L, 0x8af37aad7fa94eL,
-          0xf0206421085010L, 0x9b886787e56851L, 0x35f394452948ceL,
-          0x125c2baafc1361L, 0x8a57d0e453e332L }
-    },
-    {
-        { 0xefe99488043664L, 0xb8b8509db1aa55L, 0x1a2e5a9332523fL,
-          0x5e255dd1045c0fL, 0xe68dd8a7ae7180L, 0x55f1cf345bf532L,
-          0xe00722ee63a716L, 0xd1c21386116bacL },
-        { 0x626221f1c6d1f4L, 0x240b8303773278L, 0xe393a0d88def16L,
-          0x229266eca0495cL, 0x7b5c6c9d3e4608L, 0xdc559cb7927190L,
-          0x06afe42c7b3c57L, 0x8a2ad0bb439c9bL }
-    },
-    {
-        { 0xd7360fbffc3e2fL, 0xf721317fbd2e95L, 0x8cacbab5748e69L,
-          0x7c89f279054bb9L, 0xcbe50faaa86881L, 0x7aa05d375206e4L,
-          0x1ea01bcc752c66L, 0x5968cde1f2c2bcL },
-        { 0x487c55f09a853eL, 0x82cbef1e09204bL, 0xad5c492abd8670L,
-          0x7175963f12dcb3L, 0x7a85762bf6aa06L, 0x02e5697f8d5237L,
-          0xccf7d1937c6157L, 0x3b14ca6c2fd59cL }
-    },
-    {
-        { 0x5e610d81b9f77fL, 0x85876d0051b02fL, 0x5d81c63b8020ddL,
-          0xd0b4116d6ce614L, 0x91810e5aa8bf0cL, 0xf27f91fcbf8c66L,
-          0x2e5dc5f38480aeL, 0x0a13ffebec7633L },
-        { 0x61ff6492bf6af8L, 0xe6aef2d641f827L, 0xad5708a5de5f04L,
-          0xe5c3a80cdfee20L, 0x88466e268fcfa2L, 0x8e5bb3ad6e1d7bL,
-          0xa514f06ed236b8L, 0x51c9c7ba5f5274L }
-    },
-    {
-        { 0xa19d228f9bc3d8L, 0xf89c3f03381069L, 0xfee890e5c3f379L,
-          0x3d3ef3d32fb857L, 0x39988495b418ddL, 0x6786f73c46e89aL,
-          0x79691a59e0f12fL, 0x76916bf3bc022bL },
-        { 0xea073b62cd8a0aL, 0x1fbedd4102fdbcL, 0x1888b14cb9d015L,
-          0x98f2cfd76655f7L, 0xb9b591059f0494L, 0xa3dbbe1e6986a3L,
-          0xef016a5eaf2b04L, 0xf671ba7cd2d876L }
-    },
-},
-{
-    {
-        { 0x1dae3bf1ae05e9L, 0x6a029961f21fefL, 0x95df2b97aec3c6L,
-          0x9abbc5ad83189bL, 0xaf994af2d13140L, 0xc3f884686aa406L,
-          0xcd77e5075284c5L, 0x1c1e13d2a9a4d7L },
-        { 0x7f8815d744b89dL, 0xb1891332ba673eL, 0x55ea93cd594570L,
-          0x19c8a18d61b041L, 0x938ebaa8d2c580L, 0x9b4344d05ba078L,
-          0x622da438eaf9b7L, 0x809b8079fea368L }
-    },
-    {
-        { 0x3780e51c33b7a2L, 0xd7a205c387b1c8L, 0x79515f84be60e4L,
-          0xde02a8b1e18277L, 0x4645c96f0d9150L, 0x45f8acbe0b3fd1L,
-          0x5d532ba9b53ac3L, 0x7984dcdb0557c9L },
-        { 0x5ae5ca68a92f01L, 0xd2fbb3c9d569caL, 0x668cc570c297c1L,
-          0xa4829436295e89L, 0xf646bc1a33ad40L, 0x066aaa4c3f425dL,
-          0x23434cdd005de2L, 0x5aca9e9db35af4L }
-    },
-    {
-        { 0x2bca35c6877c56L, 0xab864b4f0ddd7dL, 0x5f6aa74404f46cL,
-          0x72be164539c279L, 0x1b1d73ee0283cfL, 0xe550f46ad583d9L,
-          0x4ac6518e739ad1L, 0x6b6def78d42100L },
-        { 0x4d36b8cfa8468dL, 0x2cb37735a3d7b8L, 0x577f86f5016281L,
-          0xdb6fe5f9124733L, 0xacb6d2ae29e039L, 0x2ab8330580b8a1L,
-          0x130a4ac643b2d0L, 0xa7996e35e6884eL }
-    },
-    {
-        { 0x6fb627760a0aa8L, 0xe046843cbe04f0L, 0xc01d120e6ad443L,
-          0xa42a05cabef2fcL, 0x6b793f112ff09cL, 0x5734ea8a3e5854L,
-          0xe482b36775f0adL, 0x2f4f60df864a34L },
-        { 0xf521c5884f2449L, 0x58734a99186a71L, 0x157f5d5ac5eaccL,
-          0x858d9a4248ee61L, 0x0727e6d48149c3L, 0xd5c3eaaac9ec50L,
-          0xa63a64a20ee9b5L, 0x3f0dfc487be9deL }
-    },
-    {
-        { 0x836349db13e3f4L, 0xebdd0263e9316dL, 0x3fd61e8324fd6cL,
-          0x85dddfa0964f41L, 0x06e72de52add1bL, 0xb752cff8c4a9e2L,
-          0x53b0894fdf09f7L, 0xd5220ab0bc24fdL },
-        { 0x8442b35fb1981aL, 0xa733a373edd701L, 0x42b60c3d0ef089L,
-          0xa1b16ec46e7bcaL, 0xc0df179a09aaf4L, 0xcd4f187638f3a1L,
-          0x9af64f79eab1c2L, 0x86fed79d1d78e3L }
-    },
-    {
-        { 0x42c8d86fe29980L, 0x6657b816575660L, 0x82d52c680f92caL,
-          0x8587af102d42beL, 0xb5151316e8bdf0L, 0x706e2d9c333495L,
-          0xd53601a9673064L, 0x27b1fbb8219099L },
-        { 0x3f0929d705f7c8L, 0xff40b10f3d6e6fL, 0x673c703026af5cL,
-          0x2c1dce4e25a422L, 0x5348bd73dad8b6L, 0xc39b6b6be2c329L,
-          0x47854ffb921084L, 0xb347b8bb391f20L }
-    },
-    {
-        { 0x79fc841eb9b774L, 0xf32da25b4b6c1dL, 0xcbba76bfe492cbL,
-          0x76c51fcd623903L, 0x114cf6fcf0705aL, 0x6b720497815dafL,
-          0x630b362473382eL, 0xbf40c3a9704db5L },
-        { 0xa8a9ddcc5456ebL, 0x2b4472a72f2dc1L, 0x9874444d6d6ef3L,
-          0x27e8d85a0ba5edL, 0x5d225b4194849fL, 0xe852cd6ebaa40dL,
-          0xb669c248d4bf3fL, 0xa8601eb2343991L }
-    },
-    {
-        { 0x8a0485459502d3L, 0xcab27eee269a7bL, 0x41793074875adaL,
-          0x179e685e2405f9L, 0x0d7b6987b28963L, 0x80c9db8422a43eL,
-          0xf5ff318a0f43eeL, 0x7a928054ba7aa7L },
-        { 0xa5c79fe0c0834eL, 0x837ca0d1f849ecL, 0xfe0d7fa628ab7bL,
-          0x94bcb956edd19aL, 0xa18bc932226fbfL, 0x2795379aad54a3L,
-          0xceeacf8371129eL, 0x65ca57fa588be5L }
-    },
-},
-{
-    {
-        { 0x7a578b52caa330L, 0x7c21944d8ca34aL, 0x6c0fbbb6447282L,
-          0xa8a9957f90b2e5L, 0xbbe10666586b71L, 0x716a90249138a2L,
-          0x2fa6034e7ed66dL, 0x56f77ed2b9916aL },
-        { 0x69f1e26bddefb3L, 0xa4978098c08420L, 0xc3377eb09bc184L,
-          0x796ce0cbe6dadeL, 0x3be0625d103bbbL, 0x01be27c992685cL,
-          0xc0e25597755f9fL, 0x165c40d1c0dbfaL }
-    },
-    {
-        { 0xc63a397659c761L, 0x10a0e5b630fbadL, 0xf21e8a6655ac56L,
-          0xe8580fac1181e2L, 0xbfc2d9c0a84b5cL, 0x2cdbaff7afd5d1L,
-          0x95f1182f61e85aL, 0x1173e96719eaf4L },
-        { 0xc06d55ec6de8b9L, 0x1b4c8ebafcbcaaL, 0x52af5cbbc2bbcdL,
-          0x564fab877bcd10L, 0xfd53a18ae85a6eL, 0x225785994c712fL,
-          0x29b11d71352121L, 0xab1cb76c40491aL }
-    },
-    {
-        { 0xb4e8ca8ce32eb4L, 0x7e484acb250b49L, 0x062c6f7a3e31a2L,
-          0x497fd83625d1fcL, 0x98f821c362dda7L, 0xcae1f8f6be3111L,
-          0x9077e955d4fa42L, 0xa589971a65855aL },
-        { 0xda6321d28832a9L, 0xf9ef5dc3936e9eL, 0xa37f117c9797efL,
-          0x0eb3c80db581beL, 0x207c5c4baa0002L, 0xc0401b5f38faa0L,
-          0xceee523d0f1e6eL, 0x8d27a5fd1f0045L }
-    },
-    {
-        { 0x9411063cf0af29L, 0x304385789a6693L, 0x9a9fb8f640145eL,
-          0x7d82fe954832ebL, 0xf2789e1898c520L, 0x448b402f948dc0L,
-          0xeca8fdf68996ddL, 0x22227e9a149b2fL },
-        { 0x63509ff8e62d6aL, 0xe98d81c8c9c57fL, 0xd3874071fe3bedL,
-          0xf1db013539538fL, 0xb04092e48418ceL, 0xbbf8e76d6d9d4dL,
-          0x2ea9cda2cec5aeL, 0x8414b3e5078fa9L }
-    },
-    {
-        { 0x5ad1cdbd68a073L, 0xd4cedafc18b591L, 0x78267078e4c1c9L,
-          0x9b8d9209ca302aL, 0x3101bd2326115bL, 0x6f154b54c2717aL,
-          0x618c31b263e84bL, 0x12c4138bbd6942L },
-        { 0xf9ead2580da426L, 0xe748e9947d9680L, 0x9b396a38a4210eL,
-          0xfaf03ddf4b8f72L, 0xbd94a5266159e7L, 0x5e730491d4c7cbL,
-          0x31d1f9a7910f38L, 0x4fd10ca08d6dd1L }
-    },
-    {
-        { 0x4f510ac9f2331eL, 0xee872dc7e3dcc2L, 0x4a11a32a0a0c73L,
-          0x27e5803aa5a630L, 0xe5ae5037af4a8aL, 0x2dcdeba9fffeb0L,
-          0x8c27748719d91fL, 0xd3b5b62b9cc61cL },
-        { 0x998ac90cca7939L, 0xc22b59864514e5L, 0x950aaa1b35738aL,
-          0x4b208bbdab0264L, 0x6677931a557d2eL, 0x2c696d8f7c17d3L,
-          0x1672d4a3e15c51L, 0x95fab663db0e82L }
-    },
-    {
-        { 0x3d427346ff205eL, 0x7f187d90ea9fbeL, 0xbd9367f466b2afL,
-          0x188e53203daf2fL, 0xefe132927b54d8L, 0x14faf85ef70435L,
-          0xa5061281ec95c4L, 0xad01705c22cba7L },
-        { 0x7d2dfa66197333L, 0xedd7f078b4f6edL, 0xe0cb68575df105L,
-          0x47c9ddb80f76bcL, 0x49ab5319073c54L, 0x845255ae607f44L,
-          0x0b4ed9fcc74b7cL, 0xcfb52d50f5c3a6L }
-    },
-    {
-        { 0x545c7c6c278776L, 0x92a39ae98c30f0L, 0x8aa8c01d2f4680L,
-          0xa5409ed6b7f840L, 0x0c450acdcb24e7L, 0x5da6fb2c5770d9L,
-          0x5b8e8be8658333L, 0xb26bf4a67ea4adL },
-        { 0x2e30c81c7d91faL, 0x6e50a490eeb69fL, 0x9458c2bee4bc26L,
-          0x419acf233be250L, 0x79d6f8187881abL, 0x694565d403b1beL,
-          0x34b3990234fe1dL, 0x60997d72132b38L }
-    },
-},
-{
-    {
-        { 0x00a974126975dcL, 0x42161c46cf94e7L, 0xcc9fe4bc64ed99L,
-          0x020019a4680570L, 0x885595a698da0dL, 0x008444b77dd962L,
-          0xbf3c22da4fea0eL, 0xc4630482c81245L },
-        { 0xcb248c5793ab18L, 0x4dc7a20eb4320bL, 0x9a0906f1572b7dL,
-          0xd5b3019f9ac20fL, 0x79b1bf534520a3L, 0x788dfe869b5322L,
-          0x9a05298455b7e2L, 0x2f4aecb016bca9L }
-    },
-    {
-        { 0x414d3798745618L, 0x64ba22eb7c983cL, 0x9a5d19f9f9d532L,
-          0x81a00d844a80c8L, 0xb9e24f5cae98d6L, 0x6c3769caca965aL,
-          0x50d6081f6e4e6dL, 0x0d9698054422a6L },
-        { 0xbd7e7925cdd790L, 0xcff65da6a35219L, 0x40dc3638b60ebeL,
-          0x84bee7492a50dcL, 0x57d4be415ad65eL, 0xc54256b1a6d1d3L,
-          0x141c64945717ccL, 0x05eb609cd1c736L }
-    },
-    {
-        { 0xfd52eab1e3c7ecL, 0xa4a5eca9f24895L, 0xaaa2a8d79fdb83L,
-          0xd105e6072bdfdaL, 0x59e6ae2681d97eL, 0xfedf8e08e8077fL,
-          0xb06d0ad629e462L, 0x8c7c2d096fa863L },
-        { 0x5eecc4cee8fc91L, 0x5e83ab29e61174L, 0x1fd8925b28c02dL,
-          0x93be5382072864L, 0xda0c88624c984eL, 0xdcf9f0ca008286L,
-          0x1ecb5a6a58ba75L, 0x1d9b890c2e3c83L }
-    },
-    {
-        { 0x19e866eeeee062L, 0x31c1c7f4f7b387L, 0x9be60181c06652L,
-          0xc00a93a2b68bbbL, 0x54c65d69d52b2bL, 0x4591416e8b744aL,
-          0x641bcca9a64ab6L, 0xf22bcb1ab08098L },
-        { 0x3c0db8ff1f726cL, 0x4f5739e9d2e6a6L, 0x5cb669b45c9530L,
-          0x861b04e7b472d0L, 0x3e30515894da77L, 0x3344685c9ac39bL,
-          0x9e1730573bdd29L, 0x9cac12c808dc85L }
-    },
-    {
-        { 0xf152b865e27087L, 0x267bd8590a580eL, 0xba79cec8baafc1L,
-          0x6140ab19442686L, 0xa67090c5b31693L, 0x50a103a28b4117L,
-          0x7722e610ddc08fL, 0x5d19d43e6569b2L },
-        { 0x70e0c525962bf6L, 0x808e316fb5fb02L, 0x3fb80da5b667beL,
-          0x8aa366efcfacecL, 0xcb0b3e7134280eL, 0x0bf1de4cd7d944L,
-          0x0cd23bed092df5L, 0xc9a6a79a153a0cL }
-    },
-    {
-        { 0x1c69ad02d5a4b7L, 0x4bb28d0d9e6f4aL, 0x815308ca984fc6L,
-          0x40929c79037ca5L, 0x0ea2b491bd0357L, 0xec17e5b42aad4eL,
-          0x1f32ade18e7235L, 0xbc60b05a96a9d3L },
-        { 0x3b0229ae20f707L, 0xd63505056bdfadL, 0xac2d922d8b2e1eL,
-          0x92b2998235c748L, 0x6002c3ad766f97L, 0x99198001a2a862L,
-          0x2af7567b58b684L, 0xd8fe707aaafce5L }
-    },
-    {
-        { 0x54487ab5df7a4bL, 0x51cccdec57ccc2L, 0x23943277510b53L,
-          0x3a09f02f555de3L, 0xa696aec1be484dL, 0x56f459f37817a2L,
-          0x8d8f61c623dcb4L, 0xc52223c5335656L },
-        { 0xf634111b49914aL, 0xbf8e1ab8e4f9bbL, 0x2f59578f4dba02L,
-          0x2a94199e004319L, 0x87931f0654d005L, 0x7df57d96fa0814L,
-          0xc8da316a154031L, 0x2a44ac041f658bL }
-    },
-    {
-        { 0xfb5f4f89e34ac6L, 0x0a1b10b97790f2L, 0x58fe4e74b8a06cL,
-          0x10c1710955f27cL, 0x77b798ad5ebe19L, 0xaf1c35b1f1c2dcL,
-          0xc25b8e6a1f8d69L, 0x49cf751f76bf23L },
-        { 0x15cb2db436f7b7L, 0x186d7c27e74d1aL, 0x60731dec00a415L,
-          0xea1e15615f0772L, 0xf02d591714463fL, 0x26a0c6451adeb1L,
-          0x20174cdcc5229eL, 0xb817e50efd512aL }
-    },
-},
-};
-
-static const ge448_precomp base_i[16] = {
-    {
-        { 0x26a82bc70cc05eL, 0x80e18b00938e26L, 0xf72ab66511433bL,
-          0xa3d3a46412ae1aL, 0x0f1767ea6de324L, 0x36da9e14657047L,
-          0xed221d15a622bfL, 0x4f1970c66bed0dL },
-        { 0x08795bf230fa14L, 0x132c4ed7c8ad98L, 0x1ce67c39c4fdbdL,
-          0x05a0c2d73ad3ffL, 0xa3984087789c1eL, 0xc7624bea73736cL,
-          0x248876203756c9L, 0x693f46716eb6bcL }
-    },
-    {
-        { 0x28173286ff2f8fL, 0xb769465da85757L, 0xf7f6271fd6e862L,
-          0x4a3fcfe8daa9cbL, 0xda82c7e2ba077aL, 0x943332241b8b8cL,
-          0x6455bd64316cb6L, 0x0865886b9108afL },
-        { 0x22ac13588ed6fcL, 0x9a68fed02dafb8L, 0x1bdb6767f0bffaL,
-          0xec4e1d58bb3a33L, 0x56c3b9fce43c82L, 0xa6449a4a8d9523L,
-          0xf706cbda7ad43aL, 0xe005a8dbd5125cL }
-    },
-    {
-        { 0xa99d1092030034L, 0x2d8cefc6f950d0L, 0x7a920c3c96f07bL,
-          0x958812808bc0d5L, 0x62ada756d761e8L, 0x0def80cbcf7285L,
-          0x0e2ba7601eedb5L, 0x7a9f9335a48dcbL },
-        { 0xb4731472f435ebL, 0x5512881f225443L, 0xee59d2b33c5840L,
-          0xb698017127d7a4L, 0xb18fced86551f7L, 0x0ade260ca1823aL,
-          0xd3b9109ce4fd58L, 0xadfd751a2517edL }
-    },
-    {
-        { 0xdf9567ceb5eaf7L, 0x110a6b478ac7d7L, 0x2d335014706e0bL,
-          0x0df9c7b0b5a209L, 0xba4223d568e684L, 0xd78af2d8c3719bL,
-          0x77467b9a5291b6L, 0x079748e5c89befL },
-        { 0xe20d3fadac377fL, 0x34e866972b5c09L, 0xd8687a3c40bbb7L,
-          0x7b3946fd2f84c9L, 0xd00e40ca78f50eL, 0xb87594417e7179L,
-          0x9c7373bcb23583L, 0x7ddeda3c90fd69L }
-    },
-    {
-        { 0x3d0def76ab686bL, 0x1a467ec49f7c79L, 0x3e53f4fc8989edL,
-          0x101e344430a0d9L, 0xa3ae7318ad44eeL, 0xaefa6cdae1d134L,
-          0xaa8cd7d824ad4dL, 0xef1650ced584fcL },
-        { 0xa74df674f4754fL, 0xf52cea8ef3fb8bL, 0x47c32d42971140L,
-          0x391c15da256fbbL, 0xc165faba605671L, 0xf2518c687993b9L,
-          0x2daf7acbd5a84dL, 0x1560b6298f12aeL }
-    },
-    {
-        { 0xef4da0254dc10aL, 0x63118655940db8L, 0xe20b14982f2948L,
-          0x67b93775581dbaL, 0x422ee7104f5029L, 0x5d440db5122d34L,
-          0xb1e56d71a4c640L, 0xbf12abbc2408eeL },
-        { 0x0cc9f86016af01L, 0x88366abf3d8cabL, 0x85dda13a2efe12L,
-          0x390df605d00674L, 0xf18f5806d187f7L, 0x28c900ff0c5d20L,
-          0xad308123e01733L, 0x42d35b554bf2fdL }
-    },
-    {
-        { 0x009135f2ffb1f1L, 0x099fc7e8f9c605L, 0xcc67da626bfa5aL,
-          0xc186d12344552bL, 0xb5232501b339e1L, 0x70a544fc9708c5L,
-          0x06baaec1e928e7L, 0x0baedd2ef0f50fL },
-        { 0x535d6d8bf479e5L, 0x156e536e4ec3e9L, 0x3165741ddb9be2L,
-          0x988af7159fd736L, 0x13d8a782e33dddL, 0x54604214e69002L,
-          0x34d56e0804a268L, 0xc59b84f0e52a4cL }
-    },
-    {
-        { 0x525d45f24729d9L, 0x5768aba8712327L, 0xa25e43b43035dbL,
-          0x15a1ee8927ef21L, 0xa785d216056112L, 0x45e2fbfd508af9L,
-          0xb6f721a37ba969L, 0x30d6d8c216d8d3L },
-        { 0x3065e0852074c3L, 0xfa40b4a2a0684eL, 0x851325a763f955L,
-          0xd4ef19c9f25900L, 0x799c869f665756L, 0x7b052223312990L,
-          0xc986c2b28db802L, 0xf48fb8f28ade0aL }
-    },
-    {
-        { 0x1e461731649b68L, 0xa96e5d65beb9dcL, 0x765ddff481935dL,
-          0x6cf132c9f3bf2aL, 0x9f6c5c97c35658L, 0x99cd1394696e60L,
-          0x99fa9249c0d5e4L, 0x1acd0638845a95L },
-        { 0x0b065413636087L, 0xea20e78ea17b7fL, 0x20afc5f6161967L,
-          0xfd6c8a2dc81028L, 0x4ef1357e32c8fdL, 0x8aa400400e4a88L,
-          0xd6fcaef48cb82fL, 0x7ba7c6db3cd4faL }
-    },
-    {
-        { 0xf843473d19c7abL, 0x968e76dc655c4dL, 0x52c87d9c4b9c2fL,
-          0x65f641ae4aa082L, 0x491a39733c3603L, 0xa606ffe5810098L,
-          0x09920e68bf8ad4L, 0x691a0c86db7882L },
-        { 0x5205883a4d3ef5L, 0xee839b7acf2efeL, 0x4b78e2ac00ca66L,
-          0xbe3f071f9fcb91L, 0x61e66c9bf6943aL, 0xe9b4e57061b79dL,
-          0x8d1b01b56c06bdL, 0x0dfa315df76ae5L }
-    },
-    {
-        { 0x803df65f1fd093L, 0x1cd6523489b77eL, 0x2cd2e15c20e295L,
-          0xcd490be9b912d1L, 0xdd9a2ff2e886d2L, 0xa3c836dfe9d72aL,
-          0xfcad5f2298e0c1L, 0xed126e24bcf067L },
-        { 0x1e339533dc81bcL, 0xbea4d76ece6a08L, 0x1d15de3991b252L,
-          0x74cc5cfe6daf97L, 0x5ad343f0826493L, 0x2d38a471064049L,
-          0xf7f47b9ffcfa4dL, 0xef14490418066cL }
-    },
-    {
-        { 0x4e7f86b9bb55abL, 0x310d7853f496a3L, 0xbd682fc0dec42cL,
-          0xbde047a411d32aL, 0xea639b4c5a5ea2L, 0x5052078ba08fa1L,
-          0xc968b2307729f2L, 0x567b5a623d3e28L },
-        { 0x171e825977fbf7L, 0x0319c70be990aaL, 0x8f65023e12cd69L,
-          0x1fb9b19f5015e6L, 0x0083f603568a7cL, 0xba3d30b1f3c5acL,
-          0xe7b509d3d7a988L, 0x2318b99cd0f6b6L }
-    },
-    {
-        { 0x54d3b8793ab2cfL, 0x366abead2d8306L, 0x66e8eb6d7a4977L,
-          0xa61888cae0072eL, 0x9eeeef5dbc3315L, 0x93f09db163e7f5L,
-          0xee9095959ade9aL, 0xaf7f578ce59be0L },
-        { 0x24bfd8d5ece59eL, 0x8aa698b3689523L, 0xa9a65de2de92cfL,
-          0xec11dbca6ad300L, 0x217f3fa09f88caL, 0xf6c33e3b4d6af7L,
-          0xcd3bfa21d86d2dL, 0x1497f835f13f25L }
-    },
-    {
-        { 0xa579568cd03d1dL, 0xd717cdae158af6L, 0x59eda97389a19fL,
-          0xb32c370099e99cL, 0xa2dba91dabb591L, 0x6d697d577c2c97L,
-          0x5423fc2d43fa6dL, 0x56ea8a50b382bfL },
-        { 0x4a987bad80c11aL, 0xe4cde217d590a5L, 0x3dd8860f97e559L,
-          0xff45e2543b593cL, 0x00eb4535343cb5L, 0x06b9b997bbfbddL,
-          0x4da36b716aea24L, 0x247651757a624eL }
-    },
-    {
-        { 0x32207d03474e0dL, 0x3ffbf04b41cc73L, 0x5c4dc45319eb39L,
-          0xfee29be758b463L, 0xcc8a381c30c7a7L, 0x147f4e49fe0e53L,
-          0x05b2e26e35a2deL, 0x4362f0292f3666L },
-        { 0x0476d0c8474b85L, 0x9d8c65fccaf108L, 0xf58d4041d54b6aL,
-          0x3ee6862f38e4b0L, 0x7c7c9d53b44f54L, 0x36a3fd80fb0db5L,
-          0xfcd94ba18a8ac8L, 0xc1b1d568f35c05L }
-    },
-    {
-        { 0x16539fc1bdd30dL, 0x1356e538df4afbL, 0xc0545d85a1aedbL,
-          0xeb2037a489396bL, 0x897fcbd5660894L, 0x02a58a9b7d104aL,
-          0x57fa24cc96b980L, 0xf6448e35bd8946L },
-        { 0xee727418805c83L, 0x10fa274992cfc6L, 0x95141939e66b21L,
-          0xe0ffa44bd08009L, 0x174332220da22bL, 0x4891ff359e6831L,
-          0x407ed73a7d687bL, 0x2fb4e0751d99cfL }
-    },
-};
-#else
-
-/* Reduce scalar mod the order of the curve.
- * Scalar Will be 114 bytes.
- *
- * Only performs a weak reduce.
- *
- * b  [in]  Scalar to reduce.
- */
-void sc448_reduce(byte* b)
-{
-    word32 d[16];
-    word64 t[33];
-    word64 c;
-    word32 o;
-
-    /* Load from bytes: 114 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 31; o += 2) {
-        t[o + 0] = (word32)(
-                     (((sword32)((b[o / 2 * 7 + 0]        ) >>  0)) <<  0)
-                  |  (((sword32)((b[o / 2 * 7 + 1]        ) >>  0)) <<  8)
-                  |  (((sword32)((b[o / 2 * 7 + 2]        ) >>  0)) << 16)
-                  | ((((sword32)((b[o / 2 * 7 + 3] & 0xf )) >>  0)) << 24));
-        t[o + 1] = (word32)(
-                     (((sword32)((b[o / 2 * 7 + 3]        ) >>  4)) <<  0)
-                  |  (((sword32)((b[o / 2 * 7 + 4]        ) >>  0)) <<  4)
-                  |  (((sword32)((b[o / 2 * 7 + 5]        ) >>  0)) << 12)
-                  |  (((sword32)((b[o / 2 * 7 + 6]        ) >>  0)) << 20));
-    }
-    t[32] = (word32)(
-             (((sword32)((b[112]        ) >>  0)) <<  0)
-          |  (((sword32)((b[113]        ) >>  0)) <<  8));
-#else
-    t[ 0] =  (word32) (((sword32)((b[ 0]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[ 1]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[ 2]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[ 3] & 0xf )) >>  0)) << 24);
-    t[ 1] =  (word32) (((sword32)((b[ 3]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[ 4]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[ 5]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[ 6]        ) >>  0)) << 20);
-    t[ 2] =  (word32) (((sword32)((b[ 7]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[ 8]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[ 9]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[10] & 0xf )) >>  0)) << 24);
-    t[ 3] =  (word32) (((sword32)((b[10]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[11]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[12]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[13]        ) >>  0)) << 20);
-    t[ 4] =  (word32) (((sword32)((b[14]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[15]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[16]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[17] & 0xf )) >>  0)) << 24);
-    t[ 5] =  (word32) (((sword32)((b[17]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[18]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[19]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[20]        ) >>  0)) << 20);
-    t[ 6] =  (word32) (((sword32)((b[21]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[22]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[23]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[24] & 0xf )) >>  0)) << 24);
-    t[ 7] =  (word32) (((sword32)((b[24]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[25]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[26]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[27]        ) >>  0)) << 20);
-    t[ 8] =  (word32) (((sword32)((b[28]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[29]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[30]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[31] & 0xf )) >>  0)) << 24);
-    t[ 9] =  (word32) (((sword32)((b[31]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[32]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[33]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[34]        ) >>  0)) << 20);
-    t[10] =  (word32) (((sword32)((b[35]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[36]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[37]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[38] & 0xf )) >>  0)) << 24);
-    t[11] =  (word32) (((sword32)((b[38]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[39]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[40]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[41]        ) >>  0)) << 20);
-    t[12] =  (word32) (((sword32)((b[42]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[43]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[44]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[45] & 0xf )) >>  0)) << 24);
-    t[13] =  (word32) (((sword32)((b[45]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[46]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[47]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[48]        ) >>  0)) << 20);
-    t[14] =  (word32) (((sword32)((b[49]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[50]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[51]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[52] & 0xf )) >>  0)) << 24);
-    t[15] =  (word32) (((sword32)((b[52]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[53]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[54]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[55]        ) >>  0)) << 20);
-    t[16] =  (word32) (((sword32)((b[56]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[57]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[58]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[59] & 0xf )) >>  0)) << 24);
-    t[17] =  (word32) (((sword32)((b[59]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[60]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[61]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[62]        ) >>  0)) << 20);
-    t[18] =  (word32) (((sword32)((b[63]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[64]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[65]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[66] & 0xf )) >>  0)) << 24);
-    t[19] =  (word32) (((sword32)((b[66]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[67]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[68]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[69]        ) >>  0)) << 20);
-    t[20] =  (word32) (((sword32)((b[70]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[71]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[72]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[73] & 0xf )) >>  0)) << 24);
-    t[21] =  (word32) (((sword32)((b[73]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[74]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[75]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[76]        ) >>  0)) << 20);
-    t[22] =  (word32) (((sword32)((b[77]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[78]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[79]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[80] & 0xf )) >>  0)) << 24);
-    t[23] =  (word32) (((sword32)((b[80]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[81]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[82]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[83]        ) >>  0)) << 20);
-    t[24] =  (word32) (((sword32)((b[84]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[85]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[86]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[87] & 0xf )) >>  0)) << 24);
-    t[25] =  (word32) (((sword32)((b[87]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[88]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[89]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[90]        ) >>  0)) << 20);
-    t[26] =  (word32) (((sword32)((b[91]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[92]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[93]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[94] & 0xf )) >>  0)) << 24);
-    t[27] =  (word32) (((sword32)((b[94]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[95]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[96]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[97]        ) >>  0)) << 20);
-    t[28] =  (word32) (((sword32)((b[98]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[99]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[100]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[101] & 0xf )) >>  0)) << 24);
-    t[29] =  (word32) (((sword32)((b[101]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[102]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[103]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[104]        ) >>  0)) << 20);
-    t[30] =  (word32) (((sword32)((b[105]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[106]        ) >>  0)) <<  8)
-          |  (word32) (((sword32)((b[107]        ) >>  0)) << 16)
-          |  (word32)((((sword32)((b[108] & 0xf )) >>  0)) << 24);
-    t[31] =  (word32) (((sword32)((b[108]        ) >>  4)) <<  0)
-          |  (word32) (((sword32)((b[109]        ) >>  0)) <<  4)
-          |  (word32) (((sword32)((b[110]        ) >>  0)) << 12)
-          |  (word32) (((sword32)((b[111]        ) >>  0)) << 20);
-    t[32] =  (word32) (((sword32)((b[112]        ) >>  0)) <<  0)
-          |  (word32) (((sword32)((b[113]        ) >>  0)) <<  8);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-
-    /* Mod curve order */
-    /* 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d */
-    /* Mod top half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 9; o++) {
-        t[ 8 + o] += (sword64)0x129eec34 * t[24 + o];
-        t[ 9 + o] += (sword64)0x21cf5b54 * t[24 + o];
-        t[10 + o] += (sword64)0x29c2ab70 * t[24 + o];
-        t[11 + o] += (sword64)0x0f635c8c * t[24 + o];
-        t[12 + o] += (sword64)0x25bf7a4c * t[24 + o];
-        t[13 + o] += (sword64)0x2d944a70 * t[24 + o];
-        t[14 + o] += (sword64)0x18eec490 * t[24 + o];
-        t[15 + o] += (sword64)0x20cd7704 * t[24 + o];
-    }
-    t[24]  = 0;
-#else
-    t[ 8] += (sword64)0x129eec34 * t[24];
-    t[ 9] += (sword64)0x21cf5b54 * t[24];
-    t[10] += (sword64)0x29c2ab70 * t[24];
-    t[11] += (sword64)0x0f635c8c * t[24];
-    t[12] += (sword64)0x25bf7a4c * t[24];
-    t[13] += (sword64)0x2d944a70 * t[24];
-    t[14] += (sword64)0x18eec490 * t[24];
-    t[15] += (sword64)0x20cd7704 * t[24];
-    t[ 9] += (sword64)0x129eec34 * t[25];
-    t[10] += (sword64)0x21cf5b54 * t[25];
-    t[11] += (sword64)0x29c2ab70 * t[25];
-    t[12] += (sword64)0x0f635c8c * t[25];
-    t[13] += (sword64)0x25bf7a4c * t[25];
-    t[14] += (sword64)0x2d944a70 * t[25];
-    t[15] += (sword64)0x18eec490 * t[25];
-    t[16] += (sword64)0x20cd7704 * t[25];
-    t[10] += (sword64)0x129eec34 * t[26];
-    t[11] += (sword64)0x21cf5b54 * t[26];
-    t[12] += (sword64)0x29c2ab70 * t[26];
-    t[13] += (sword64)0x0f635c8c * t[26];
-    t[14] += (sword64)0x25bf7a4c * t[26];
-    t[15] += (sword64)0x2d944a70 * t[26];
-    t[16] += (sword64)0x18eec490 * t[26];
-    t[17] += (sword64)0x20cd7704 * t[26];
-    t[11] += (sword64)0x129eec34 * t[27];
-    t[12] += (sword64)0x21cf5b54 * t[27];
-    t[13] += (sword64)0x29c2ab70 * t[27];
-    t[14] += (sword64)0x0f635c8c * t[27];
-    t[15] += (sword64)0x25bf7a4c * t[27];
-    t[16] += (sword64)0x2d944a70 * t[27];
-    t[17] += (sword64)0x18eec490 * t[27];
-    t[18] += (sword64)0x20cd7704 * t[27];
-    t[12] += (sword64)0x129eec34 * t[28];
-    t[13] += (sword64)0x21cf5b54 * t[28];
-    t[14] += (sword64)0x29c2ab70 * t[28];
-    t[15] += (sword64)0x0f635c8c * t[28];
-    t[16] += (sword64)0x25bf7a4c * t[28];
-    t[17] += (sword64)0x2d944a70 * t[28];
-    t[18] += (sword64)0x18eec490 * t[28];
-    t[19] += (sword64)0x20cd7704 * t[28];
-    t[13] += (sword64)0x129eec34 * t[29];
-    t[14] += (sword64)0x21cf5b54 * t[29];
-    t[15] += (sword64)0x29c2ab70 * t[29];
-    t[16] += (sword64)0x0f635c8c * t[29];
-    t[17] += (sword64)0x25bf7a4c * t[29];
-    t[18] += (sword64)0x2d944a70 * t[29];
-    t[19] += (sword64)0x18eec490 * t[29];
-    t[20] += (sword64)0x20cd7704 * t[29];
-    t[14] += (sword64)0x129eec34 * t[30];
-    t[15] += (sword64)0x21cf5b54 * t[30];
-    t[16] += (sword64)0x29c2ab70 * t[30];
-    t[17] += (sword64)0x0f635c8c * t[30];
-    t[18] += (sword64)0x25bf7a4c * t[30];
-    t[19] += (sword64)0x2d944a70 * t[30];
-    t[20] += (sword64)0x18eec490 * t[30];
-    t[21] += (sword64)0x20cd7704 * t[30];
-    t[15] += (sword64)0x129eec34 * t[31];
-    t[16] += (sword64)0x21cf5b54 * t[31];
-    t[17] += (sword64)0x29c2ab70 * t[31];
-    t[18] += (sword64)0x0f635c8c * t[31];
-    t[19] += (sword64)0x25bf7a4c * t[31];
-    t[20] += (sword64)0x2d944a70 * t[31];
-    t[21] += (sword64)0x18eec490 * t[31];
-    t[22] += (sword64)0x20cd7704 * t[31];
-    t[16] += (sword64)0x129eec34 * t[32];
-    t[17] += (sword64)0x21cf5b54 * t[32];
-    t[18] += (sword64)0x29c2ab70 * t[32];
-    t[19] += (sword64)0x0f635c8c * t[32];
-    t[20] += (sword64)0x25bf7a4c * t[32];
-    t[21] += (sword64)0x2d944a70 * t[32];
-    t[22] += (sword64)0x18eec490 * t[32];
-    t[23] += (sword64)0x20cd7704 * t[32];
-    t[24]  = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 8] >> 28; t[ 9] += c; t[ 8] = t[ 8] & 0xfffffff;
-    c = t[ 9] >> 28; t[10] += c; t[ 9] = t[ 9] & 0xfffffff;
-    c = t[10] >> 28; t[11] += c; t[10] = t[10] & 0xfffffff;
-    c = t[11] >> 28; t[12] += c; t[11] = t[11] & 0xfffffff;
-    c = t[12] >> 28; t[13] += c; t[12] = t[12] & 0xfffffff;
-    c = t[13] >> 28; t[14] += c; t[13] = t[13] & 0xfffffff;
-    c = t[14] >> 28; t[15] += c; t[14] = t[14] & 0xfffffff;
-    c = t[15] >> 28; t[16] += c; t[15] = t[15] & 0xfffffff;
-    c = t[16] >> 28; t[17] += c; t[16] = t[16] & 0xfffffff;
-    c = t[17] >> 28; t[18] += c; t[17] = t[17] & 0xfffffff;
-    c = t[18] >> 28; t[19] += c; t[18] = t[18] & 0xfffffff;
-    c = t[19] >> 28; t[20] += c; t[19] = t[19] & 0xfffffff;
-    c = t[20] >> 28; t[21] += c; t[20] = t[20] & 0xfffffff;
-    c = t[21] >> 28; t[22] += c; t[21] = t[21] & 0xfffffff;
-    c = t[22] >> 28; t[23] += c; t[22] = t[22] & 0xfffffff;
-    c = t[23] >> 28; t[24] += c; t[23] = t[23] & 0xfffffff;
-    /* Mod bottom half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 9; o++) {
-        t[ 0 + o] += (sword64)0x129eec34 * t[16 + o];
-        t[ 1 + o] += (sword64)0x21cf5b54 * t[16 + o];
-        t[ 2 + o] += (sword64)0x29c2ab70 * t[16 + o];
-        t[ 3 + o] += (sword64)0x0f635c8c * t[16 + o];
-        t[ 4 + o] += (sword64)0x25bf7a4c * t[16 + o];
-        t[ 5 + o] += (sword64)0x2d944a70 * t[16 + o];
-        t[ 6 + o] += (sword64)0x18eec490 * t[16 + o];
-        t[ 7 + o] += (sword64)0x20cd7704 * t[16 + o];
-    }
-    t[16]  = 0;
-#else
-    t[ 0] += (sword64)0x129eec34 * t[16];
-    t[ 1] += (sword64)0x21cf5b54 * t[16];
-    t[ 2] += (sword64)0x29c2ab70 * t[16];
-    t[ 3] += (sword64)0x0f635c8c * t[16];
-    t[ 4] += (sword64)0x25bf7a4c * t[16];
-    t[ 5] += (sword64)0x2d944a70 * t[16];
-    t[ 6] += (sword64)0x18eec490 * t[16];
-    t[ 7] += (sword64)0x20cd7704 * t[16];
-    t[ 1] += (sword64)0x129eec34 * t[17];
-    t[ 2] += (sword64)0x21cf5b54 * t[17];
-    t[ 3] += (sword64)0x29c2ab70 * t[17];
-    t[ 4] += (sword64)0x0f635c8c * t[17];
-    t[ 5] += (sword64)0x25bf7a4c * t[17];
-    t[ 6] += (sword64)0x2d944a70 * t[17];
-    t[ 7] += (sword64)0x18eec490 * t[17];
-    t[ 8] += (sword64)0x20cd7704 * t[17];
-    t[ 2] += (sword64)0x129eec34 * t[18];
-    t[ 3] += (sword64)0x21cf5b54 * t[18];
-    t[ 4] += (sword64)0x29c2ab70 * t[18];
-    t[ 5] += (sword64)0x0f635c8c * t[18];
-    t[ 6] += (sword64)0x25bf7a4c * t[18];
-    t[ 7] += (sword64)0x2d944a70 * t[18];
-    t[ 8] += (sword64)0x18eec490 * t[18];
-    t[ 9] += (sword64)0x20cd7704 * t[18];
-    t[ 3] += (sword64)0x129eec34 * t[19];
-    t[ 4] += (sword64)0x21cf5b54 * t[19];
-    t[ 5] += (sword64)0x29c2ab70 * t[19];
-    t[ 6] += (sword64)0x0f635c8c * t[19];
-    t[ 7] += (sword64)0x25bf7a4c * t[19];
-    t[ 8] += (sword64)0x2d944a70 * t[19];
-    t[ 9] += (sword64)0x18eec490 * t[19];
-    t[10] += (sword64)0x20cd7704 * t[19];
-    t[ 4] += (sword64)0x129eec34 * t[20];
-    t[ 5] += (sword64)0x21cf5b54 * t[20];
-    t[ 6] += (sword64)0x29c2ab70 * t[20];
-    t[ 7] += (sword64)0x0f635c8c * t[20];
-    t[ 8] += (sword64)0x25bf7a4c * t[20];
-    t[ 9] += (sword64)0x2d944a70 * t[20];
-    t[10] += (sword64)0x18eec490 * t[20];
-    t[11] += (sword64)0x20cd7704 * t[20];
-    t[ 5] += (sword64)0x129eec34 * t[21];
-    t[ 6] += (sword64)0x21cf5b54 * t[21];
-    t[ 7] += (sword64)0x29c2ab70 * t[21];
-    t[ 8] += (sword64)0x0f635c8c * t[21];
-    t[ 9] += (sword64)0x25bf7a4c * t[21];
-    t[10] += (sword64)0x2d944a70 * t[21];
-    t[11] += (sword64)0x18eec490 * t[21];
-    t[12] += (sword64)0x20cd7704 * t[21];
-    t[ 6] += (sword64)0x129eec34 * t[22];
-    t[ 7] += (sword64)0x21cf5b54 * t[22];
-    t[ 8] += (sword64)0x29c2ab70 * t[22];
-    t[ 9] += (sword64)0x0f635c8c * t[22];
-    t[10] += (sword64)0x25bf7a4c * t[22];
-    t[11] += (sword64)0x2d944a70 * t[22];
-    t[12] += (sword64)0x18eec490 * t[22];
-    t[13] += (sword64)0x20cd7704 * t[22];
-    t[ 7] += (sword64)0x129eec34 * t[23];
-    t[ 8] += (sword64)0x21cf5b54 * t[23];
-    t[ 9] += (sword64)0x29c2ab70 * t[23];
-    t[10] += (sword64)0x0f635c8c * t[23];
-    t[11] += (sword64)0x25bf7a4c * t[23];
-    t[12] += (sword64)0x2d944a70 * t[23];
-    t[13] += (sword64)0x18eec490 * t[23];
-    t[14] += (sword64)0x20cd7704 * t[23];
-    t[ 8] += (sword64)0x129eec34 * t[24];
-    t[ 9] += (sword64)0x21cf5b54 * t[24];
-    t[10] += (sword64)0x29c2ab70 * t[24];
-    t[11] += (sword64)0x0f635c8c * t[24];
-    t[12] += (sword64)0x25bf7a4c * t[24];
-    t[13] += (sword64)0x2d944a70 * t[24];
-    t[14] += (sword64)0x18eec490 * t[24];
-    t[15] += (sword64)0x20cd7704 * t[24];
-    t[16]  = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 0] >> 28; t[ 1] += c; t[ 0] = t[ 0] & 0xfffffff;
-    c = t[ 1] >> 28; t[ 2] += c; t[ 1] = t[ 1] & 0xfffffff;
-    c = t[ 2] >> 28; t[ 3] += c; t[ 2] = t[ 2] & 0xfffffff;
-    c = t[ 3] >> 28; t[ 4] += c; t[ 3] = t[ 3] & 0xfffffff;
-    c = t[ 4] >> 28; t[ 5] += c; t[ 4] = t[ 4] & 0xfffffff;
-    c = t[ 5] >> 28; t[ 6] += c; t[ 5] = t[ 5] & 0xfffffff;
-    c = t[ 6] >> 28; t[ 7] += c; t[ 6] = t[ 6] & 0xfffffff;
-    c = t[ 7] >> 28; t[ 8] += c; t[ 7] = t[ 7] & 0xfffffff;
-    c = t[ 8] >> 28; t[ 9] += c; t[ 8] = t[ 8] & 0xfffffff;
-    c = t[ 9] >> 28; t[10] += c; t[ 9] = t[ 9] & 0xfffffff;
-    c = t[10] >> 28; t[11] += c; t[10] = t[10] & 0xfffffff;
-    c = t[11] >> 28; t[12] += c; t[11] = t[11] & 0xfffffff;
-    c = t[12] >> 28; t[13] += c; t[12] = t[12] & 0xfffffff;
-    c = t[13] >> 28; t[14] += c; t[13] = t[13] & 0xfffffff;
-    c = t[14] >> 28; t[15] += c; t[14] = t[14] & 0xfffffff;
-    c = t[15] >> 28; t[16] += c; t[15] = t[15] & 0xfffffff;
-    t[ 0] += (sword64)0x129eec34 * t[16];
-    t[ 1] += (sword64)0x21cf5b54 * t[16];
-    t[ 2] += (sword64)0x29c2ab70 * t[16];
-    t[ 3] += (sword64)0x0f635c8c * t[16];
-    t[ 4] += (sword64)0x25bf7a4c * t[16];
-    t[ 5] += (sword64)0x2d944a70 * t[16];
-    t[ 6] += (sword64)0x18eec490 * t[16];
-    t[ 7] += (sword64)0x20cd7704 * t[16];
-    /* Propagate carries */
-    c = t[ 0] >> 28; t[ 1] += c; d[ 0] = (sword32)(t[ 0] & 0xfffffff);
-    c = t[ 1] >> 28; t[ 2] += c; d[ 1] = (sword32)(t[ 1] & 0xfffffff);
-    c = t[ 2] >> 28; t[ 3] += c; d[ 2] = (sword32)(t[ 2] & 0xfffffff);
-    c = t[ 3] >> 28; t[ 4] += c; d[ 3] = (sword32)(t[ 3] & 0xfffffff);
-    c = t[ 4] >> 28; t[ 5] += c; d[ 4] = (sword32)(t[ 4] & 0xfffffff);
-    c = t[ 5] >> 28; t[ 6] += c; d[ 5] = (sword32)(t[ 5] & 0xfffffff);
-    c = t[ 6] >> 28; t[ 7] += c; d[ 6] = (sword32)(t[ 6] & 0xfffffff);
-    c = t[ 7] >> 28; t[ 8] += c; d[ 7] = (sword32)(t[ 7] & 0xfffffff);
-    c = t[ 8] >> 28; t[ 9] += c; d[ 8] = (sword32)(t[ 8] & 0xfffffff);
-    c = t[ 9] >> 28; t[10] += c; d[ 9] = (sword32)(t[ 9] & 0xfffffff);
-    c = t[10] >> 28; t[11] += c; d[10] = (sword32)(t[10] & 0xfffffff);
-    c = t[11] >> 28; t[12] += c; d[11] = (sword32)(t[11] & 0xfffffff);
-    c = t[12] >> 28; t[13] += c; d[12] = (sword32)(t[12] & 0xfffffff);
-    c = t[13] >> 28; t[14] += c; d[13] = (sword32)(t[13] & 0xfffffff);
-    c = t[14] >> 28; t[15] += c; d[14] = (sword32)(t[14] & 0xfffffff);
-    d[15] = (word32)t[15];
-    /* Mod bits over 28 in last word */
-    o = d[15] >> 26; d[15] &= 0x3ffffff;
-    d[ 0] += 0x4a7bb0d * o;
-    d[ 1] += 0x873d6d5 * o;
-    d[ 2] += 0xa70aadc * o;
-    d[ 3] += 0x3d8d723 * o;
-    d[ 4] += 0x96fde93 * o;
-    d[ 5] += 0xb65129c * o;
-    d[ 6] += 0x63bb124 * o;
-    d[ 7] += 0x8335dc1 * o;
-    /* Propagate carries */
-    o = d[ 0] >> 28; d[ 1] += o; d[ 0] = d[ 0] & 0xfffffff;
-    o = d[ 1] >> 28; d[ 2] += o; d[ 1] = d[ 1] & 0xfffffff;
-    o = d[ 2] >> 28; d[ 3] += o; d[ 2] = d[ 2] & 0xfffffff;
-    o = d[ 3] >> 28; d[ 4] += o; d[ 3] = d[ 3] & 0xfffffff;
-    o = d[ 4] >> 28; d[ 5] += o; d[ 4] = d[ 4] & 0xfffffff;
-    o = d[ 5] >> 28; d[ 6] += o; d[ 5] = d[ 5] & 0xfffffff;
-    o = d[ 6] >> 28; d[ 7] += o; d[ 6] = d[ 6] & 0xfffffff;
-    o = d[ 7] >> 28; d[ 8] += o; d[ 7] = d[ 7] & 0xfffffff;
-    o = d[ 8] >> 28; d[ 9] += o; d[ 8] = d[ 8] & 0xfffffff;
-    o = d[ 9] >> 28; d[10] += o; d[ 9] = d[ 9] & 0xfffffff;
-    o = d[10] >> 28; d[11] += o; d[10] = d[10] & 0xfffffff;
-    o = d[11] >> 28; d[12] += o; d[11] = d[11] & 0xfffffff;
-    o = d[12] >> 28; d[13] += o; d[12] = d[12] & 0xfffffff;
-    o = d[13] >> 28; d[14] += o; d[13] = d[13] & 0xfffffff;
-    o = d[14] >> 28; d[15] += o; d[14] = d[14] & 0xfffffff;
-
-    /* Convert to bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    {
-        word32 ow = 0;
-        for (o = 0; o < 56; o += 7) {
-            b[o + 0]  = (byte)(d[ow] >>  0);
-            b[o + 1]  = (byte)(d[ow] >>  8);
-            b[o + 2]  = (byte)(d[ow] >> 16);
-            b[o + 3]  = (byte)(d[ow] >> 24);
-            ow++;
-            b[o + 3] += (byte)((d[ow] >>  0) << 4);
-            b[o + 4]  = (byte)(d[ow] >>  4);
-            b[o + 5]  = (byte)(d[ow] >> 12);
-            b[o + 6]  = (byte)(d[ow] >> 20);
-            ow++;
-        }
-        b[56] = 0;
-    }
-#else
-    b[ 0] = (byte)(d[0 ] >>  0);
-    b[ 1] = (byte)(d[0 ] >>  8);
-    b[ 2] = (byte)(d[0 ] >> 16);
-    b[ 3] = (byte)((byte)(d[0 ] >> 24) + (byte)((d[1 ] >>  0) <<  4));
-    b[ 4] = (byte)(d[1 ] >>  4);
-    b[ 5] = (byte)(d[1 ] >> 12);
-    b[ 6] = (byte)(d[1 ] >> 20);
-    b[ 7] = (byte)(d[2 ] >>  0);
-    b[ 8] = (byte)(d[2 ] >>  8);
-    b[ 9] = (byte)(d[2 ] >> 16);
-    b[10] = (byte)((byte)(d[2 ] >> 24) + (byte)((d[3 ] >>  0) <<  4));
-    b[11] = (byte)(d[3 ] >>  4);
-    b[12] = (byte)(d[3 ] >> 12);
-    b[13] = (byte)(d[3 ] >> 20);
-    b[14] = (byte)(d[4 ] >>  0);
-    b[15] = (byte)(d[4 ] >>  8);
-    b[16] = (byte)(d[4 ] >> 16);
-    b[17] = (byte)((byte)(d[4 ] >> 24) + (byte)((d[5 ] >>  0) <<  4));
-    b[18] = (byte)(d[5 ] >>  4);
-    b[19] = (byte)(d[5 ] >> 12);
-    b[20] = (byte)(d[5 ] >> 20);
-    b[21] = (byte)(d[6 ] >>  0);
-    b[22] = (byte)(d[6 ] >>  8);
-    b[23] = (byte)(d[6 ] >> 16);
-    b[24] = (byte)((byte)(d[6 ] >> 24) + (byte)((d[7 ] >>  0) <<  4));
-    b[25] = (byte)(d[7 ] >>  4);
-    b[26] = (byte)(d[7 ] >> 12);
-    b[27] = (byte)(d[7 ] >> 20);
-    b[28] = (byte)(d[8 ] >>  0);
-    b[29] = (byte)(d[8 ] >>  8);
-    b[30] = (byte)(d[8 ] >> 16);
-    b[31] = (byte)((byte)(d[8 ] >> 24) + (byte)((d[9 ] >>  0) <<  4));
-    b[32] = (byte)(d[9 ] >>  4);
-    b[33] = (byte)(d[9 ] >> 12);
-    b[34] = (byte)(d[9 ] >> 20);
-    b[35] = (byte)(d[10] >>  0);
-    b[36] = (byte)(d[10] >>  8);
-    b[37] = (byte)(d[10] >> 16);
-    b[38] = (byte)((byte)(d[10] >> 24) + (byte)((d[11] >>  0) <<  4));
-    b[39] = (byte)(d[11] >>  4);
-    b[40] = (byte)(d[11] >> 12);
-    b[41] = (byte)(d[11] >> 20);
-    b[42] = (byte)(d[12] >>  0);
-    b[43] = (byte)(d[12] >>  8);
-    b[44] = (byte)(d[12] >> 16);
-    b[45] = (byte)((byte)(d[12] >> 24) + (byte)((d[13] >>  0) <<  4));
-    b[46] = (byte)(d[13] >>  4);
-    b[47] = (byte)(d[13] >> 12);
-    b[48] = (byte)(d[13] >> 20);
-    b[49] = (byte)(d[14] >>  0);
-    b[50] = (byte)(d[14] >>  8);
-    b[51] = (byte)(d[14] >> 16);
-    b[52] = (byte)((byte)(d[14] >> 24) + (byte)((d[15] >>  0) <<  4));
-    b[53] = (byte)(d[15] >>  4);
-    b[54] = (byte)(d[15] >> 12);
-    b[55] = (byte)(d[15] >> 20);
-    b[56] = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-}
-
-/* Multiply a by b and add d. r = (a * b + d) mod order
- *
- * r  [in]  Scalar to hold result.
- * a  [in]  Scalar to multiply.
- * b  [in]  Scalar to multiply.
- * d  [in]  Scalar to add to multiplicative result.
- */
-void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
-{
-    word32 ad[16], bd[16], dd[16], rd[16];
-    word64 t[32];
-    word64 c;
-    word32 o;
-    sword32 u;
-
-    /* Load from bytes: 56 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 15; o += 2) {
-        ad[o + 0] = (word32)(
-                     (((sword32)((a[o / 2 * 7 + 0]        ) >>  0)) <<  0)
-                  |  (((sword32)((a[o / 2 * 7 + 1]        ) >>  0)) <<  8)
-                  |  (((sword32)((a[o / 2 * 7 + 2]        ) >>  0)) << 16)
-                  | ((((sword32)((a[o / 2 * 7 + 3] & 0xf )) >>  0)) << 24));
-        ad[o + 1] = (word32)(
-                     (((sword32)((a[o / 2 * 7 + 3]        ) >>  4)) <<  0)
-                  |  (((sword32)((a[o / 2 * 7 + 4]        ) >>  0)) <<  4)
-                  |  (((sword32)((a[o / 2 * 7 + 5]        ) >>  0)) << 12)
-                  |  (((sword32)((a[o / 2 * 7 + 6]        ) >>  0)) << 20));
-    }
-#else
-    ad[ 0] =  (word32) (((sword32)((a[ 0]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[ 1]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[ 2]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[ 3] & 0xf )) >>  0)) << 24);
-    ad[ 1] =  (word32) (((sword32)((a[ 3]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[ 4]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[ 5]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[ 6]        ) >>  0)) << 20);
-    ad[ 2] =  (word32) (((sword32)((a[ 7]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[ 8]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[ 9]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[10] & 0xf )) >>  0)) << 24);
-    ad[ 3] =  (word32) (((sword32)((a[10]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[11]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[12]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[13]        ) >>  0)) << 20);
-    ad[ 4] =  (word32) (((sword32)((a[14]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[15]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[16]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[17] & 0xf )) >>  0)) << 24);
-    ad[ 5] =  (word32) (((sword32)((a[17]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[18]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[19]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[20]        ) >>  0)) << 20);
-    ad[ 6] =  (word32) (((sword32)((a[21]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[22]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[23]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[24] & 0xf )) >>  0)) << 24);
-    ad[ 7] =  (word32) (((sword32)((a[24]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[25]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[26]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[27]        ) >>  0)) << 20);
-    ad[ 8] =  (word32) (((sword32)((a[28]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[29]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[30]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[31] & 0xf )) >>  0)) << 24);
-    ad[ 9] =  (word32) (((sword32)((a[31]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[32]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[33]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[34]        ) >>  0)) << 20);
-    ad[10] =  (word32) (((sword32)((a[35]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[36]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[37]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[38] & 0xf )) >>  0)) << 24);
-    ad[11] =  (word32) (((sword32)((a[38]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[39]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[40]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[41]        ) >>  0)) << 20);
-    ad[12] =  (word32) (((sword32)((a[42]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[43]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[44]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[45] & 0xf )) >>  0)) << 24);
-    ad[13] =  (word32) (((sword32)((a[45]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[46]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[47]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[48]        ) >>  0)) << 20);
-    ad[14] =  (word32) (((sword32)((a[49]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((a[50]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((a[51]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((a[52] & 0xf )) >>  0)) << 24);
-    ad[15] =  (word32) (((sword32)((a[52]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((a[53]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((a[54]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((a[55]        ) >>  0)) << 20);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Load from bytes: 56 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 15; o += 2) {
-        bd[o + 0] = (word32)(
-                     (((sword32)((b[o / 2 * 7 + 0]        ) >>  0)) <<  0)
-                  |  (((sword32)((b[o / 2 * 7 + 1]        ) >>  0)) <<  8)
-                  |  (((sword32)((b[o / 2 * 7 + 2]        ) >>  0)) << 16)
-                  | ((((sword32)((b[o / 2 * 7 + 3] & 0xf )) >>  0)) << 24));
-        bd[o + 1] = (word32)(
-                     (((sword32)((b[o / 2 * 7 + 3]        ) >>  4)) <<  0)
-                  |  (((sword32)((b[o / 2 * 7 + 4]        ) >>  0)) <<  4)
-                  |  (((sword32)((b[o / 2 * 7 + 5]        ) >>  0)) << 12)
-                  |  (((sword32)((b[o / 2 * 7 + 6]        ) >>  0)) << 20));
-    }
-#else
-    bd[ 0] =  (word32) (((sword32)((b[ 0]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[ 1]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[ 2]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[ 3] & 0xf )) >>  0)) << 24);
-    bd[ 1] =  (word32) (((sword32)((b[ 3]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[ 4]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[ 5]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[ 6]        ) >>  0)) << 20);
-    bd[ 2] =  (word32) (((sword32)((b[ 7]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[ 8]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[ 9]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[10] & 0xf )) >>  0)) << 24);
-    bd[ 3] =  (word32) (((sword32)((b[10]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[11]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[12]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[13]        ) >>  0)) << 20);
-    bd[ 4] =  (word32) (((sword32)((b[14]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[15]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[16]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[17] & 0xf )) >>  0)) << 24);
-    bd[ 5] =  (word32) (((sword32)((b[17]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[18]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[19]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[20]        ) >>  0)) << 20);
-    bd[ 6] =  (word32) (((sword32)((b[21]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[22]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[23]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[24] & 0xf )) >>  0)) << 24);
-    bd[ 7] =  (word32) (((sword32)((b[24]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[25]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[26]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[27]        ) >>  0)) << 20);
-    bd[ 8] =  (word32) (((sword32)((b[28]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[29]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[30]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[31] & 0xf )) >>  0)) << 24);
-    bd[ 9] =  (word32) (((sword32)((b[31]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[32]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[33]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[34]        ) >>  0)) << 20);
-    bd[10] =  (word32) (((sword32)((b[35]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[36]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[37]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[38] & 0xf )) >>  0)) << 24);
-    bd[11] =  (word32) (((sword32)((b[38]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[39]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[40]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[41]        ) >>  0)) << 20);
-    bd[12] =  (word32) (((sword32)((b[42]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[43]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[44]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[45] & 0xf )) >>  0)) << 24);
-    bd[13] =  (word32) (((sword32)((b[45]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[46]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[47]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[48]        ) >>  0)) << 20);
-    bd[14] =  (word32) (((sword32)((b[49]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((b[50]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((b[51]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((b[52] & 0xf )) >>  0)) << 24);
-    bd[15] =  (word32) (((sword32)((b[52]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((b[53]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((b[54]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((b[55]        ) >>  0)) << 20);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Load from bytes: 56 bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 15; o += 2) {
-        dd[o + 0] = (word32)(
-                     (((sword32)((d[o / 2 * 7 + 0]        ) >>  0)) <<  0)
-                  |  (((sword32)((d[o / 2 * 7 + 1]        ) >>  0)) <<  8)
-                  |  (((sword32)((d[o / 2 * 7 + 2]        ) >>  0)) << 16)
-                  | ((((sword32)((d[o / 2 * 7 + 3] & 0xf )) >>  0)) << 24));
-        dd[o + 1] = (word32)(
-                     (((sword32)((d[o / 2 * 7 + 3]        ) >>  4)) <<  0)
-                  |  (((sword32)((d[o / 2 * 7 + 4]        ) >>  0)) <<  4)
-                  |  (((sword32)((d[o / 2 * 7 + 5]        ) >>  0)) << 12)
-                  |  (((sword32)((d[o / 2 * 7 + 6]        ) >>  0)) << 20));
-    }
-#else
-    dd[ 0] =  (word32) (((sword32)((d[ 0]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[ 1]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[ 2]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[ 3] & 0xf )) >>  0)) << 24);
-    dd[ 1] =  (word32) (((sword32)((d[ 3]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[ 4]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[ 5]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[ 6]        ) >>  0)) << 20);
-    dd[ 2] =  (word32) (((sword32)((d[ 7]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[ 8]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[ 9]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[10] & 0xf )) >>  0)) << 24);
-    dd[ 3] =  (word32) (((sword32)((d[10]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[11]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[12]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[13]        ) >>  0)) << 20);
-    dd[ 4] =  (word32) (((sword32)((d[14]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[15]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[16]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[17] & 0xf )) >>  0)) << 24);
-    dd[ 5] =  (word32) (((sword32)((d[17]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[18]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[19]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[20]        ) >>  0)) << 20);
-    dd[ 6] =  (word32) (((sword32)((d[21]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[22]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[23]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[24] & 0xf )) >>  0)) << 24);
-    dd[ 7] =  (word32) (((sword32)((d[24]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[25]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[26]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[27]        ) >>  0)) << 20);
-    dd[ 8] =  (word32) (((sword32)((d[28]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[29]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[30]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[31] & 0xf )) >>  0)) << 24);
-    dd[ 9] =  (word32) (((sword32)((d[31]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[32]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[33]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[34]        ) >>  0)) << 20);
-    dd[10] =  (word32) (((sword32)((d[35]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[36]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[37]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[38] & 0xf )) >>  0)) << 24);
-    dd[11] =  (word32) (((sword32)((d[38]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[39]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[40]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[41]        ) >>  0)) << 20);
-    dd[12] =  (word32) (((sword32)((d[42]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[43]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[44]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[45] & 0xf )) >>  0)) << 24);
-    dd[13] =  (word32) (((sword32)((d[45]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[46]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[47]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[48]        ) >>  0)) << 20);
-    dd[14] =  (word32) (((sword32)((d[49]        ) >>  0)) <<  0)
-           |  (word32) (((sword32)((d[50]        ) >>  0)) <<  8)
-           |  (word32) (((sword32)((d[51]        ) >>  0)) << 16)
-           |  (word32)((((sword32)((d[52] & 0xf )) >>  0)) << 24);
-    dd[15] =  (word32) (((sword32)((d[52]        ) >>  4)) <<  0)
-           |  (word32) (((sword32)((d[53]        ) >>  0)) <<  4)
-           |  (word32) (((sword32)((d[54]        ) >>  0)) << 12)
-           |  (word32) (((sword32)((d[55]        ) >>  0)) << 20);
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-
-    /* a * b + d */
-    t[ 0] = (word64)(dd[ 0] + (word64)((sword64)ad[ 0] * bd[ 0]));
-    t[ 1] = (word64)(dd[ 1] + (word64)((sword64)ad[ 0] * bd[ 1]
-                                      + (sword64)ad[ 1] * bd[ 0]));
-    t[ 2] = (word64)(dd[ 2] + (word64)((sword64)ad[ 0] * bd[ 2]
-                                      + (sword64)ad[ 1] * bd[ 1]
-                                      + (sword64)ad[ 2] * bd[ 0]));
-    t[ 3] = (word64)(dd[ 3] + (word64)((sword64)ad[ 0] * bd[ 3]
-                                      + (sword64)ad[ 1] * bd[ 2]
-                                      + (sword64)ad[ 2] * bd[ 1]
-                                      + (sword64)ad[ 3] * bd[ 0]));
-    t[ 4] = (word64)(dd[ 4] + (word64)((sword64)ad[ 0] * bd[ 4]
-                                      + (sword64)ad[ 1] * bd[ 3]
-                                      + (sword64)ad[ 2] * bd[ 2]
-                                      + (sword64)ad[ 3] * bd[ 1]
-                                      + (sword64)ad[ 4] * bd[ 0]));
-    t[ 5] = (word64)(dd[ 5] + (word64)((sword64)ad[ 0] * bd[ 5]
-                                      + (sword64)ad[ 1] * bd[ 4]
-                                      + (sword64)ad[ 2] * bd[ 3]
-                                      + (sword64)ad[ 3] * bd[ 2]
-                                      + (sword64)ad[ 4] * bd[ 1]
-                                      + (sword64)ad[ 5] * bd[ 0]));
-    t[ 6] = (word64)(dd[ 6] + (word64)((sword64)ad[ 0] * bd[ 6]
-                                      + (sword64)ad[ 1] * bd[ 5]
-                                      + (sword64)ad[ 2] * bd[ 4]
-                                      + (sword64)ad[ 3] * bd[ 3]
-                                      + (sword64)ad[ 4] * bd[ 2]
-                                      + (sword64)ad[ 5] * bd[ 1]
-                                      + (sword64)ad[ 6] * bd[ 0]));
-    t[ 7] = (word64)(dd[ 7] + (word64)((sword64)ad[ 0] * bd[ 7]
-                                      + (sword64)ad[ 1] * bd[ 6]
-                                      + (sword64)ad[ 2] * bd[ 5]
-                                      + (sword64)ad[ 3] * bd[ 4]
-                                      + (sword64)ad[ 4] * bd[ 3]
-                                      + (sword64)ad[ 5] * bd[ 2]
-                                      + (sword64)ad[ 6] * bd[ 1]
-                                      + (sword64)ad[ 7] * bd[ 0]));
-    t[ 8] = (word64)(dd[ 8] + (word64)((sword64)ad[ 0] * bd[ 8]
-                                      + (sword64)ad[ 1] * bd[ 7]
-                                      + (sword64)ad[ 2] * bd[ 6]
-                                      + (sword64)ad[ 3] * bd[ 5]
-                                      + (sword64)ad[ 4] * bd[ 4]
-                                      + (sword64)ad[ 5] * bd[ 3]
-                                      + (sword64)ad[ 6] * bd[ 2]
-                                      + (sword64)ad[ 7] * bd[ 1]
-                                      + (sword64)ad[ 8] * bd[ 0]));
-    t[ 9] = (word64)(dd[ 9] + (word64)((sword64)ad[ 0] * bd[ 9]
-                                      + (sword64)ad[ 1] * bd[ 8]
-                                      + (sword64)ad[ 2] * bd[ 7]
-                                      + (sword64)ad[ 3] * bd[ 6]
-                                      + (sword64)ad[ 4] * bd[ 5]
-                                      + (sword64)ad[ 5] * bd[ 4]
-                                      + (sword64)ad[ 6] * bd[ 3]
-                                      + (sword64)ad[ 7] * bd[ 2]
-                                      + (sword64)ad[ 8] * bd[ 1]
-                                      + (sword64)ad[ 9] * bd[ 0]));
-    t[10] = (word64)(dd[10] + (word64)((sword64)ad[ 0] * bd[10]
-                                      + (sword64)ad[ 1] * bd[ 9]
-                                      + (sword64)ad[ 2] * bd[ 8]
-                                      + (sword64)ad[ 3] * bd[ 7]
-                                      + (sword64)ad[ 4] * bd[ 6]
-                                      + (sword64)ad[ 5] * bd[ 5]
-                                      + (sword64)ad[ 6] * bd[ 4]
-                                      + (sword64)ad[ 7] * bd[ 3]
-                                      + (sword64)ad[ 8] * bd[ 2]
-                                      + (sword64)ad[ 9] * bd[ 1]
-                                      + (sword64)ad[10] * bd[ 0]));
-    t[11] = (word64)(dd[11] + (word64)((sword64)ad[ 0] * bd[11]
-                                      + (sword64)ad[ 1] * bd[10]
-                                      + (sword64)ad[ 2] * bd[ 9]
-                                      + (sword64)ad[ 3] * bd[ 8]
-                                      + (sword64)ad[ 4] * bd[ 7]
-                                      + (sword64)ad[ 5] * bd[ 6]
-                                      + (sword64)ad[ 6] * bd[ 5]
-                                      + (sword64)ad[ 7] * bd[ 4]
-                                      + (sword64)ad[ 8] * bd[ 3]
-                                      + (sword64)ad[ 9] * bd[ 2]
-                                      + (sword64)ad[10] * bd[ 1]
-                                      + (sword64)ad[11] * bd[ 0]));
-    t[12] = (word64)(dd[12] + (word64)((sword64)ad[ 0] * bd[12]
-                                      + (sword64)ad[ 1] * bd[11]
-                                      + (sword64)ad[ 2] * bd[10]
-                                      + (sword64)ad[ 3] * bd[ 9]
-                                      + (sword64)ad[ 4] * bd[ 8]
-                                      + (sword64)ad[ 5] * bd[ 7]
-                                      + (sword64)ad[ 6] * bd[ 6]
-                                      + (sword64)ad[ 7] * bd[ 5]
-                                      + (sword64)ad[ 8] * bd[ 4]
-                                      + (sword64)ad[ 9] * bd[ 3]
-                                      + (sword64)ad[10] * bd[ 2]
-                                      + (sword64)ad[11] * bd[ 1]
-                                      + (sword64)ad[12] * bd[ 0]));
-    t[13] = (word64)(dd[13] + (word64)((sword64)ad[ 0] * bd[13]
-                                      + (sword64)ad[ 1] * bd[12]
-                                      + (sword64)ad[ 2] * bd[11]
-                                      + (sword64)ad[ 3] * bd[10]
-                                      + (sword64)ad[ 4] * bd[ 9]
-                                      + (sword64)ad[ 5] * bd[ 8]
-                                      + (sword64)ad[ 6] * bd[ 7]
-                                      + (sword64)ad[ 7] * bd[ 6]
-                                      + (sword64)ad[ 8] * bd[ 5]
-                                      + (sword64)ad[ 9] * bd[ 4]
-                                      + (sword64)ad[10] * bd[ 3]
-                                      + (sword64)ad[11] * bd[ 2]
-                                      + (sword64)ad[12] * bd[ 1]
-                                      + (sword64)ad[13] * bd[ 0]));
-    t[14] = (word64)(dd[14] + (word64)((sword64)ad[ 0] * bd[14]
-                                      + (sword64)ad[ 1] * bd[13]
-                                      + (sword64)ad[ 2] * bd[12]
-                                      + (sword64)ad[ 3] * bd[11]
-                                      + (sword64)ad[ 4] * bd[10]
-                                      + (sword64)ad[ 5] * bd[ 9]
-                                      + (sword64)ad[ 6] * bd[ 8]
-                                      + (sword64)ad[ 7] * bd[ 7]
-                                      + (sword64)ad[ 8] * bd[ 6]
-                                      + (sword64)ad[ 9] * bd[ 5]
-                                      + (sword64)ad[10] * bd[ 4]
-                                      + (sword64)ad[11] * bd[ 3]
-                                      + (sword64)ad[12] * bd[ 2]
-                                      + (sword64)ad[13] * bd[ 1]
-                                      + (sword64)ad[14] * bd[ 0]));
-    t[15] = (word64)(dd[15] + (word64)((sword64)ad[ 0] * bd[15]
-                                      + (sword64)ad[ 1] * bd[14]
-                                      + (sword64)ad[ 2] * bd[13]
-                                      + (sword64)ad[ 3] * bd[12]
-                                      + (sword64)ad[ 4] * bd[11]
-                                      + (sword64)ad[ 5] * bd[10]
-                                      + (sword64)ad[ 6] * bd[ 9]
-                                      + (sword64)ad[ 7] * bd[ 8]
-                                      + (sword64)ad[ 8] * bd[ 7]
-                                      + (sword64)ad[ 9] * bd[ 6]
-                                      + (sword64)ad[10] * bd[ 5]
-                                      + (sword64)ad[11] * bd[ 4]
-                                      + (sword64)ad[12] * bd[ 3]
-                                      + (sword64)ad[13] * bd[ 2]
-                                      + (sword64)ad[14] * bd[ 1]
-                                      + (sword64)ad[15] * bd[ 0]));
-    t[16] = (word64)(                   (sword64)ad[ 1] * bd[15]
-                                      + (sword64)ad[ 2] * bd[14]
-                                      + (sword64)ad[ 3] * bd[13]
-                                      + (sword64)ad[ 4] * bd[12]
-                                      + (sword64)ad[ 5] * bd[11]
-                                      + (sword64)ad[ 6] * bd[10]
-                                      + (sword64)ad[ 7] * bd[ 9]
-                                      + (sword64)ad[ 8] * bd[ 8]
-                                      + (sword64)ad[ 9] * bd[ 7]
-                                      + (sword64)ad[10] * bd[ 6]
-                                      + (sword64)ad[11] * bd[ 5]
-                                      + (sword64)ad[12] * bd[ 4]
-                                      + (sword64)ad[13] * bd[ 3]
-                                      + (sword64)ad[14] * bd[ 2]
-                                      + (sword64)ad[15] * bd[ 1]);
-    t[17] = (word64)(                   (sword64)ad[ 2] * bd[15]
-                                      + (sword64)ad[ 3] * bd[14]
-                                      + (sword64)ad[ 4] * bd[13]
-                                      + (sword64)ad[ 5] * bd[12]
-                                      + (sword64)ad[ 6] * bd[11]
-                                      + (sword64)ad[ 7] * bd[10]
-                                      + (sword64)ad[ 8] * bd[ 9]
-                                      + (sword64)ad[ 9] * bd[ 8]
-                                      + (sword64)ad[10] * bd[ 7]
-                                      + (sword64)ad[11] * bd[ 6]
-                                      + (sword64)ad[12] * bd[ 5]
-                                      + (sword64)ad[13] * bd[ 4]
-                                      + (sword64)ad[14] * bd[ 3]
-                                      + (sword64)ad[15] * bd[ 2]);
-    t[18] = (word64)(                   (sword64)ad[ 3] * bd[15]
-                                      + (sword64)ad[ 4] * bd[14]
-                                      + (sword64)ad[ 5] * bd[13]
-                                      + (sword64)ad[ 6] * bd[12]
-                                      + (sword64)ad[ 7] * bd[11]
-                                      + (sword64)ad[ 8] * bd[10]
-                                      + (sword64)ad[ 9] * bd[ 9]
-                                      + (sword64)ad[10] * bd[ 8]
-                                      + (sword64)ad[11] * bd[ 7]
-                                      + (sword64)ad[12] * bd[ 6]
-                                      + (sword64)ad[13] * bd[ 5]
-                                      + (sword64)ad[14] * bd[ 4]
-                                      + (sword64)ad[15] * bd[ 3]);
-    t[19] = (word64)(                   (sword64)ad[ 4] * bd[15]
-                                      + (sword64)ad[ 5] * bd[14]
-                                      + (sword64)ad[ 6] * bd[13]
-                                      + (sword64)ad[ 7] * bd[12]
-                                      + (sword64)ad[ 8] * bd[11]
-                                      + (sword64)ad[ 9] * bd[10]
-                                      + (sword64)ad[10] * bd[ 9]
-                                      + (sword64)ad[11] * bd[ 8]
-                                      + (sword64)ad[12] * bd[ 7]
-                                      + (sword64)ad[13] * bd[ 6]
-                                      + (sword64)ad[14] * bd[ 5]
-                                      + (sword64)ad[15] * bd[ 4]);
-    t[20] = (word64)(                   (sword64)ad[ 5] * bd[15]
-                                      + (sword64)ad[ 6] * bd[14]
-                                      + (sword64)ad[ 7] * bd[13]
-                                      + (sword64)ad[ 8] * bd[12]
-                                      + (sword64)ad[ 9] * bd[11]
-                                      + (sword64)ad[10] * bd[10]
-                                      + (sword64)ad[11] * bd[ 9]
-                                      + (sword64)ad[12] * bd[ 8]
-                                      + (sword64)ad[13] * bd[ 7]
-                                      + (sword64)ad[14] * bd[ 6]
-                                      + (sword64)ad[15] * bd[ 5]);
-    t[21] = (word64)(                   (sword64)ad[ 6] * bd[15]
-                                      + (sword64)ad[ 7] * bd[14]
-                                      + (sword64)ad[ 8] * bd[13]
-                                      + (sword64)ad[ 9] * bd[12]
-                                      + (sword64)ad[10] * bd[11]
-                                      + (sword64)ad[11] * bd[10]
-                                      + (sword64)ad[12] * bd[ 9]
-                                      + (sword64)ad[13] * bd[ 8]
-                                      + (sword64)ad[14] * bd[ 7]
-                                      + (sword64)ad[15] * bd[ 6]);
-    t[22] = (word64)(                   (sword64)ad[ 7] * bd[15]
-                                      + (sword64)ad[ 8] * bd[14]
-                                      + (sword64)ad[ 9] * bd[13]
-                                      + (sword64)ad[10] * bd[12]
-                                      + (sword64)ad[11] * bd[11]
-                                      + (sword64)ad[12] * bd[10]
-                                      + (sword64)ad[13] * bd[ 9]
-                                      + (sword64)ad[14] * bd[ 8]
-                                      + (sword64)ad[15] * bd[ 7]);
-    t[23] = (word64)(                   (sword64)ad[ 8] * bd[15]
-                                      + (sword64)ad[ 9] * bd[14]
-                                      + (sword64)ad[10] * bd[13]
-                                      + (sword64)ad[11] * bd[12]
-                                      + (sword64)ad[12] * bd[11]
-                                      + (sword64)ad[13] * bd[10]
-                                      + (sword64)ad[14] * bd[ 9]
-                                      + (sword64)ad[15] * bd[ 8]);
-    t[24] = (word64)(                   (sword64)ad[ 9] * bd[15]
-                                      + (sword64)ad[10] * bd[14]
-                                      + (sword64)ad[11] * bd[13]
-                                      + (sword64)ad[12] * bd[12]
-                                      + (sword64)ad[13] * bd[11]
-                                      + (sword64)ad[14] * bd[10]
-                                      + (sword64)ad[15] * bd[ 9]);
-    t[25] = (word64)(                   (sword64)ad[10] * bd[15]
-                                      + (sword64)ad[11] * bd[14]
-                                      + (sword64)ad[12] * bd[13]
-                                      + (sword64)ad[13] * bd[12]
-                                      + (sword64)ad[14] * bd[11]
-                                      + (sword64)ad[15] * bd[10]);
-    t[26] = (word64)(                   (sword64)ad[11] * bd[15]
-                                      + (sword64)ad[12] * bd[14]
-                                      + (sword64)ad[13] * bd[13]
-                                      + (sword64)ad[14] * bd[12]
-                                      + (sword64)ad[15] * bd[11]);
-    t[27] = (word64)(                   (sword64)ad[12] * bd[15]
-                                      + (sword64)ad[13] * bd[14]
-                                      + (sword64)ad[14] * bd[13]
-                                      + (sword64)ad[15] * bd[12]);
-    t[28] = (word64)(                   (sword64)ad[13] * bd[15]
-                                      + (sword64)ad[14] * bd[14]
-                                      + (sword64)ad[15] * bd[13]);
-    t[29] = (word64)(                   (sword64)ad[14] * bd[15]
-                                      + (sword64)ad[15] * bd[14]);
-    t[30] = (word64)(                   (sword64)ad[15] * bd[15]);
-    t[31] = 0;
-
-    /* Mod curve order */
-    /* 2^446 - 0x8335dc163bb124b65129c96fde933d8d723a70aadc873d6d54a7bb0d */
-    /* Propagate carries */
-    c = t[ 0] >> 28; t[ 1] += c; t[ 0] = t[ 0] & 0xfffffff;
-    c = t[ 1] >> 28; t[ 2] += c; t[ 1] = t[ 1] & 0xfffffff;
-    c = t[ 2] >> 28; t[ 3] += c; t[ 2] = t[ 2] & 0xfffffff;
-    c = t[ 3] >> 28; t[ 4] += c; t[ 3] = t[ 3] & 0xfffffff;
-    c = t[ 4] >> 28; t[ 5] += c; t[ 4] = t[ 4] & 0xfffffff;
-    c = t[ 5] >> 28; t[ 6] += c; t[ 5] = t[ 5] & 0xfffffff;
-    c = t[ 6] >> 28; t[ 7] += c; t[ 6] = t[ 6] & 0xfffffff;
-    c = t[ 7] >> 28; t[ 8] += c; t[ 7] = t[ 7] & 0xfffffff;
-    c = t[ 8] >> 28; t[ 9] += c; t[ 8] = t[ 8] & 0xfffffff;
-    c = t[ 9] >> 28; t[10] += c; t[ 9] = t[ 9] & 0xfffffff;
-    c = t[10] >> 28; t[11] += c; t[10] = t[10] & 0xfffffff;
-    c = t[11] >> 28; t[12] += c; t[11] = t[11] & 0xfffffff;
-    c = t[12] >> 28; t[13] += c; t[12] = t[12] & 0xfffffff;
-    c = t[13] >> 28; t[14] += c; t[13] = t[13] & 0xfffffff;
-    c = t[14] >> 28; t[15] += c; t[14] = t[14] & 0xfffffff;
-    c = t[15] >> 28; t[16] += c; t[15] = t[15] & 0xfffffff;
-    c = t[16] >> 28; t[17] += c; t[16] = t[16] & 0xfffffff;
-    c = t[17] >> 28; t[18] += c; t[17] = t[17] & 0xfffffff;
-    c = t[18] >> 28; t[19] += c; t[18] = t[18] & 0xfffffff;
-    c = t[19] >> 28; t[20] += c; t[19] = t[19] & 0xfffffff;
-    c = t[20] >> 28; t[21] += c; t[20] = t[20] & 0xfffffff;
-    c = t[21] >> 28; t[22] += c; t[21] = t[21] & 0xfffffff;
-    c = t[22] >> 28; t[23] += c; t[22] = t[22] & 0xfffffff;
-    c = t[23] >> 28; t[24] += c; t[23] = t[23] & 0xfffffff;
-    c = t[24] >> 28; t[25] += c; t[24] = t[24] & 0xfffffff;
-    c = t[25] >> 28; t[26] += c; t[25] = t[25] & 0xfffffff;
-    c = t[26] >> 28; t[27] += c; t[26] = t[26] & 0xfffffff;
-    c = t[27] >> 28; t[28] += c; t[27] = t[27] & 0xfffffff;
-    c = t[28] >> 28; t[29] += c; t[28] = t[28] & 0xfffffff;
-    c = t[29] >> 28; t[30] += c; t[29] = t[29] & 0xfffffff;
-    c = t[30] >> 28; t[31] += c; t[30] = t[30] & 0xfffffff;
-    /* Mod top half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 8; o++) {
-        t[ 8 + o] += (sword64)0x129eec34 * t[24 + o];
-        t[ 9 + o] += (sword64)0x21cf5b54 * t[24 + o];
-        t[10 + o] += (sword64)0x29c2ab70 * t[24 + o];
-        t[11 + o] += (sword64)0x0f635c8c * t[24 + o];
-        t[12 + o] += (sword64)0x25bf7a4c * t[24 + o];
-        t[13 + o] += (sword64)0x2d944a70 * t[24 + o];
-        t[14 + o] += (sword64)0x18eec490 * t[24 + o];
-        t[15 + o] += (sword64)0x20cd7704 * t[24 + o];
-    }
-#else
-    t[ 8] += (sword64)0x129eec34 * t[24];
-    t[ 9] += (sword64)0x21cf5b54 * t[24];
-    t[10] += (sword64)0x29c2ab70 * t[24];
-    t[11] += (sword64)0x0f635c8c * t[24];
-    t[12] += (sword64)0x25bf7a4c * t[24];
-    t[13] += (sword64)0x2d944a70 * t[24];
-    t[14] += (sword64)0x18eec490 * t[24];
-    t[15] += (sword64)0x20cd7704 * t[24];
-    t[ 9] += (sword64)0x129eec34 * t[25];
-    t[10] += (sword64)0x21cf5b54 * t[25];
-    t[11] += (sword64)0x29c2ab70 * t[25];
-    t[12] += (sword64)0x0f635c8c * t[25];
-    t[13] += (sword64)0x25bf7a4c * t[25];
-    t[14] += (sword64)0x2d944a70 * t[25];
-    t[15] += (sword64)0x18eec490 * t[25];
-    t[16] += (sword64)0x20cd7704 * t[25];
-    t[10] += (sword64)0x129eec34 * t[26];
-    t[11] += (sword64)0x21cf5b54 * t[26];
-    t[12] += (sword64)0x29c2ab70 * t[26];
-    t[13] += (sword64)0x0f635c8c * t[26];
-    t[14] += (sword64)0x25bf7a4c * t[26];
-    t[15] += (sword64)0x2d944a70 * t[26];
-    t[16] += (sword64)0x18eec490 * t[26];
-    t[17] += (sword64)0x20cd7704 * t[26];
-    t[11] += (sword64)0x129eec34 * t[27];
-    t[12] += (sword64)0x21cf5b54 * t[27];
-    t[13] += (sword64)0x29c2ab70 * t[27];
-    t[14] += (sword64)0x0f635c8c * t[27];
-    t[15] += (sword64)0x25bf7a4c * t[27];
-    t[16] += (sword64)0x2d944a70 * t[27];
-    t[17] += (sword64)0x18eec490 * t[27];
-    t[18] += (sword64)0x20cd7704 * t[27];
-    t[12] += (sword64)0x129eec34 * t[28];
-    t[13] += (sword64)0x21cf5b54 * t[28];
-    t[14] += (sword64)0x29c2ab70 * t[28];
-    t[15] += (sword64)0x0f635c8c * t[28];
-    t[16] += (sword64)0x25bf7a4c * t[28];
-    t[17] += (sword64)0x2d944a70 * t[28];
-    t[18] += (sword64)0x18eec490 * t[28];
-    t[19] += (sword64)0x20cd7704 * t[28];
-    t[13] += (sword64)0x129eec34 * t[29];
-    t[14] += (sword64)0x21cf5b54 * t[29];
-    t[15] += (sword64)0x29c2ab70 * t[29];
-    t[16] += (sword64)0x0f635c8c * t[29];
-    t[17] += (sword64)0x25bf7a4c * t[29];
-    t[18] += (sword64)0x2d944a70 * t[29];
-    t[19] += (sword64)0x18eec490 * t[29];
-    t[20] += (sword64)0x20cd7704 * t[29];
-    t[14] += (sword64)0x129eec34 * t[30];
-    t[15] += (sword64)0x21cf5b54 * t[30];
-    t[16] += (sword64)0x29c2ab70 * t[30];
-    t[17] += (sword64)0x0f635c8c * t[30];
-    t[18] += (sword64)0x25bf7a4c * t[30];
-    t[19] += (sword64)0x2d944a70 * t[30];
-    t[20] += (sword64)0x18eec490 * t[30];
-    t[21] += (sword64)0x20cd7704 * t[30];
-    t[15] += (sword64)0x129eec34 * t[31];
-    t[16] += (sword64)0x21cf5b54 * t[31];
-    t[17] += (sword64)0x29c2ab70 * t[31];
-    t[18] += (sword64)0x0f635c8c * t[31];
-    t[19] += (sword64)0x25bf7a4c * t[31];
-    t[20] += (sword64)0x2d944a70 * t[31];
-    t[21] += (sword64)0x18eec490 * t[31];
-    t[22] += (sword64)0x20cd7704 * t[31];
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 8] >> 28; t[ 9] += c; t[ 8] = t[ 8] & 0xfffffff;
-    c = t[ 9] >> 28; t[10] += c; t[ 9] = t[ 9] & 0xfffffff;
-    c = t[10] >> 28; t[11] += c; t[10] = t[10] & 0xfffffff;
-    c = t[11] >> 28; t[12] += c; t[11] = t[11] & 0xfffffff;
-    c = t[12] >> 28; t[13] += c; t[12] = t[12] & 0xfffffff;
-    c = t[13] >> 28; t[14] += c; t[13] = t[13] & 0xfffffff;
-    c = t[14] >> 28; t[15] += c; t[14] = t[14] & 0xfffffff;
-    c = t[15] >> 28; t[16] += c; t[15] = t[15] & 0xfffffff;
-    c = t[16] >> 28; t[17] += c; t[16] = t[16] & 0xfffffff;
-    c = t[17] >> 28; t[18] += c; t[17] = t[17] & 0xfffffff;
-    c = t[18] >> 28; t[19] += c; t[18] = t[18] & 0xfffffff;
-    c = t[19] >> 28; t[20] += c; t[19] = t[19] & 0xfffffff;
-    c = t[20] >> 28; t[21] += c; t[20] = t[20] & 0xfffffff;
-    c = t[21] >> 28; t[22] += c; t[21] = t[21] & 0xfffffff;
-    c = t[22] >> 28; t[23] += c; t[22] = t[22] & 0xfffffff;
-    /* Mod bottom half of extra words */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    for (o = 0; o < 8; o++) {
-        t[ 0 + o] += (sword64)0x129eec34 * t[16 + o];
-        t[ 1 + o] += (sword64)0x21cf5b54 * t[16 + o];
-        t[ 2 + o] += (sword64)0x29c2ab70 * t[16 + o];
-        t[ 3 + o] += (sword64)0x0f635c8c * t[16 + o];
-        t[ 4 + o] += (sword64)0x25bf7a4c * t[16 + o];
-        t[ 5 + o] += (sword64)0x2d944a70 * t[16 + o];
-        t[ 6 + o] += (sword64)0x18eec490 * t[16 + o];
-        t[ 7 + o] += (sword64)0x20cd7704 * t[16 + o];
-    }
-#else
-    t[ 0] += (sword64)0x129eec34 * t[16];
-    t[ 1] += (sword64)0x21cf5b54 * t[16];
-    t[ 2] += (sword64)0x29c2ab70 * t[16];
-    t[ 3] += (sword64)0x0f635c8c * t[16];
-    t[ 4] += (sword64)0x25bf7a4c * t[16];
-    t[ 5] += (sword64)0x2d944a70 * t[16];
-    t[ 6] += (sword64)0x18eec490 * t[16];
-    t[ 7] += (sword64)0x20cd7704 * t[16];
-    t[ 1] += (sword64)0x129eec34 * t[17];
-    t[ 2] += (sword64)0x21cf5b54 * t[17];
-    t[ 3] += (sword64)0x29c2ab70 * t[17];
-    t[ 4] += (sword64)0x0f635c8c * t[17];
-    t[ 5] += (sword64)0x25bf7a4c * t[17];
-    t[ 6] += (sword64)0x2d944a70 * t[17];
-    t[ 7] += (sword64)0x18eec490 * t[17];
-    t[ 8] += (sword64)0x20cd7704 * t[17];
-    t[ 2] += (sword64)0x129eec34 * t[18];
-    t[ 3] += (sword64)0x21cf5b54 * t[18];
-    t[ 4] += (sword64)0x29c2ab70 * t[18];
-    t[ 5] += (sword64)0x0f635c8c * t[18];
-    t[ 6] += (sword64)0x25bf7a4c * t[18];
-    t[ 7] += (sword64)0x2d944a70 * t[18];
-    t[ 8] += (sword64)0x18eec490 * t[18];
-    t[ 9] += (sword64)0x20cd7704 * t[18];
-    t[ 3] += (sword64)0x129eec34 * t[19];
-    t[ 4] += (sword64)0x21cf5b54 * t[19];
-    t[ 5] += (sword64)0x29c2ab70 * t[19];
-    t[ 6] += (sword64)0x0f635c8c * t[19];
-    t[ 7] += (sword64)0x25bf7a4c * t[19];
-    t[ 8] += (sword64)0x2d944a70 * t[19];
-    t[ 9] += (sword64)0x18eec490 * t[19];
-    t[10] += (sword64)0x20cd7704 * t[19];
-    t[ 4] += (sword64)0x129eec34 * t[20];
-    t[ 5] += (sword64)0x21cf5b54 * t[20];
-    t[ 6] += (sword64)0x29c2ab70 * t[20];
-    t[ 7] += (sword64)0x0f635c8c * t[20];
-    t[ 8] += (sword64)0x25bf7a4c * t[20];
-    t[ 9] += (sword64)0x2d944a70 * t[20];
-    t[10] += (sword64)0x18eec490 * t[20];
-    t[11] += (sword64)0x20cd7704 * t[20];
-    t[ 5] += (sword64)0x129eec34 * t[21];
-    t[ 6] += (sword64)0x21cf5b54 * t[21];
-    t[ 7] += (sword64)0x29c2ab70 * t[21];
-    t[ 8] += (sword64)0x0f635c8c * t[21];
-    t[ 9] += (sword64)0x25bf7a4c * t[21];
-    t[10] += (sword64)0x2d944a70 * t[21];
-    t[11] += (sword64)0x18eec490 * t[21];
-    t[12] += (sword64)0x20cd7704 * t[21];
-    t[ 6] += (sword64)0x129eec34 * t[22];
-    t[ 7] += (sword64)0x21cf5b54 * t[22];
-    t[ 8] += (sword64)0x29c2ab70 * t[22];
-    t[ 9] += (sword64)0x0f635c8c * t[22];
-    t[10] += (sword64)0x25bf7a4c * t[22];
-    t[11] += (sword64)0x2d944a70 * t[22];
-    t[12] += (sword64)0x18eec490 * t[22];
-    t[13] += (sword64)0x20cd7704 * t[22];
-    t[ 7] += (sword64)0x129eec34 * t[23];
-    t[ 8] += (sword64)0x21cf5b54 * t[23];
-    t[ 9] += (sword64)0x29c2ab70 * t[23];
-    t[10] += (sword64)0x0f635c8c * t[23];
-    t[11] += (sword64)0x25bf7a4c * t[23];
-    t[12] += (sword64)0x2d944a70 * t[23];
-    t[13] += (sword64)0x18eec490 * t[23];
-    t[14] += (sword64)0x20cd7704 * t[23];
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-    /* Propagate carries */
-    c = t[ 0] >> 28; t[ 1] += c; rd[ 0] = (sword32)(t[ 0] & 0xfffffff);
-    c = t[ 1] >> 28; t[ 2] += c; rd[ 1] = (sword32)(t[ 1] & 0xfffffff);
-    c = t[ 2] >> 28; t[ 3] += c; rd[ 2] = (sword32)(t[ 2] & 0xfffffff);
-    c = t[ 3] >> 28; t[ 4] += c; rd[ 3] = (sword32)(t[ 3] & 0xfffffff);
-    c = t[ 4] >> 28; t[ 5] += c; rd[ 4] = (sword32)(t[ 4] & 0xfffffff);
-    c = t[ 5] >> 28; t[ 6] += c; rd[ 5] = (sword32)(t[ 5] & 0xfffffff);
-    c = t[ 6] >> 28; t[ 7] += c; rd[ 6] = (sword32)(t[ 6] & 0xfffffff);
-    c = t[ 7] >> 28; t[ 8] += c; rd[ 7] = (sword32)(t[ 7] & 0xfffffff);
-    c = t[ 8] >> 28; t[ 9] += c; rd[ 8] = (sword32)(t[ 8] & 0xfffffff);
-    c = t[ 9] >> 28; t[10] += c; rd[ 9] = (sword32)(t[ 9] & 0xfffffff);
-    c = t[10] >> 28; t[11] += c; rd[10] = (sword32)(t[10] & 0xfffffff);
-    c = t[11] >> 28; t[12] += c; rd[11] = (sword32)(t[11] & 0xfffffff);
-    c = t[12] >> 28; t[13] += c; rd[12] = (sword32)(t[12] & 0xfffffff);
-    c = t[13] >> 28; t[14] += c; rd[13] = (sword32)(t[13] & 0xfffffff);
-    c = t[14] >> 28; t[15] += c; rd[14] = (sword32)(t[14] & 0xfffffff);
-    rd[15] = (word32)t[15];
-    /* Mod bits over 28 in last word */
-    o = rd[15] >> 26; rd[15] &= 0x3ffffff;
-    rd[ 0] += 0x4a7bb0d * o;
-    rd[ 1] += 0x873d6d5 * o;
-    rd[ 2] += 0xa70aadc * o;
-    rd[ 3] += 0x3d8d723 * o;
-    rd[ 4] += 0x96fde93 * o;
-    rd[ 5] += 0xb65129c * o;
-    rd[ 6] += 0x63bb124 * o;
-    rd[ 7] += 0x8335dc1 * o;
-    /* Propagate carries */
-    o = rd[ 0] >> 28; rd[ 1] += o; rd[ 0] = rd[ 0] & 0xfffffff;
-    o = rd[ 1] >> 28; rd[ 2] += o; rd[ 1] = rd[ 1] & 0xfffffff;
-    o = rd[ 2] >> 28; rd[ 3] += o; rd[ 2] = rd[ 2] & 0xfffffff;
-    o = rd[ 3] >> 28; rd[ 4] += o; rd[ 3] = rd[ 3] & 0xfffffff;
-    o = rd[ 4] >> 28; rd[ 5] += o; rd[ 4] = rd[ 4] & 0xfffffff;
-    o = rd[ 5] >> 28; rd[ 6] += o; rd[ 5] = rd[ 5] & 0xfffffff;
-    o = rd[ 6] >> 28; rd[ 7] += o; rd[ 6] = rd[ 6] & 0xfffffff;
-    o = rd[ 7] >> 28; rd[ 8] += o; rd[ 7] = rd[ 7] & 0xfffffff;
-    o = rd[ 8] >> 28; rd[ 9] += o; rd[ 8] = rd[ 8] & 0xfffffff;
-    o = rd[ 9] >> 28; rd[10] += o; rd[ 9] = rd[ 9] & 0xfffffff;
-    o = rd[10] >> 28; rd[11] += o; rd[10] = rd[10] & 0xfffffff;
-    o = rd[11] >> 28; rd[12] += o; rd[11] = rd[11] & 0xfffffff;
-    o = rd[12] >> 28; rd[13] += o; rd[12] = rd[12] & 0xfffffff;
-    o = rd[13] >> 28; rd[14] += o; rd[13] = rd[13] & 0xfffffff;
-    o = rd[14] >> 28; rd[15] += o; rd[14] = rd[14] & 0xfffffff;
-    /* Reduce to mod order. */
-    u = 0;
-    u += (sword32)rd[0] - (sword32)0x0b5844f3L; u >>= 28;
-    u += (sword32)rd[1] - (sword32)0x078c292aL; u >>= 28;
-    u += (sword32)rd[2] - (sword32)0x058f5523L; u >>= 28;
-    u += (sword32)rd[3] - (sword32)0x0c2728dcL; u >>= 28;
-    u += (sword32)rd[4] - (sword32)0x0690216cL; u >>= 28;
-    u += (sword32)rd[5] - (sword32)0x049aed63L; u >>= 28;
-    u += (sword32)rd[6] - (sword32)0x09c44edbL; u >>= 28;
-    u += (sword32)rd[7] - (sword32)0x07cca23eL; u >>= 28;
-    u += (sword32)rd[8] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[9] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[10] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[11] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[12] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[13] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[14] - (sword32)0x0fffffffL; u >>= 28;
-    u += (sword32)rd[15] - (sword32)0x03ffffffL; u >>= 28;
-    o = (word32)0 - (u >= 0);
-    u = 0;
-    u += (sword32)rd[0] - (sword32)((word32)0x0b5844f3L & o);
-    rd[0] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[1] - (sword32)((word32)0x078c292aL & o);
-    rd[1] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[2] - (sword32)((word32)0x058f5523L & o);
-    rd[2] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[3] - (sword32)((word32)0x0c2728dcL & o);
-    rd[3] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[4] - (sword32)((word32)0x0690216cL & o);
-    rd[4] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[5] - (sword32)((word32)0x049aed63L & o);
-    rd[5] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[6] - (sword32)((word32)0x09c44edbL & o);
-    rd[6] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[7] - (sword32)((word32)0x07cca23eL & o);
-    rd[7] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[8] - (sword32)((word32)0x0fffffffL & o);
-    rd[8] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[9] - (sword32)((word32)0x0fffffffL & o);
-    rd[9] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[10] - (sword32)((word32)0x0fffffffL & o);
-    rd[10] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[11] - (sword32)((word32)0x0fffffffL & o);
-    rd[11] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[12] - (sword32)((word32)0x0fffffffL & o);
-    rd[12] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[13] - (sword32)((word32)0x0fffffffL & o);
-    rd[13] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[14] - (sword32)((word32)0x0fffffffL & o);
-    rd[14] = u & 0xfffffff;
-    u >>= 28;
-    u += (sword32)rd[15] - (sword32)((word32)0x03ffffffL & o);
-    rd[15] = u & 0xfffffff;
-
-    /* Convert to bytes */
-#ifdef WOLFSSL_ED448_NO_LARGE_CODE
-    {
-        word32 ow = 0;
-        for (o = 0; o < 56; o += 7) {
-            r[o + 0]  = (byte)(rd[ow] >>  0);
-            r[o + 1]  = (byte)(rd[ow] >>  8);
-            r[o + 2]  = (byte)(rd[ow] >> 16);
-            r[o + 3]  = (byte)(rd[ow] >> 24);
-            ow++;
-            r[o + 3] += (byte)((rd[ow] >>  0) << 4);
-            r[o + 4]  = (byte)(rd[ow] >>  4);
-            r[o + 5]  = (byte)(rd[ow] >> 12);
-            r[o + 6]  = (byte)(rd[ow] >> 20);
-            ow++;
-        }
-        r[56] = 0;
-    }
-#else
-    r[ 0] = (byte)(rd[0 ] >>  0);
-    r[ 1] = (byte)(rd[0 ] >>  8);
-    r[ 2] = (byte)(rd[0 ] >> 16);
-    r[ 3] = (byte)((byte)(rd[0 ] >> 24) + (byte)((rd[1 ] >>  0) <<  4));
-    r[ 4] = (byte)(rd[1 ] >>  4);
-    r[ 5] = (byte)(rd[1 ] >> 12);
-    r[ 6] = (byte)(rd[1 ] >> 20);
-    r[ 7] = (byte)(rd[2 ] >>  0);
-    r[ 8] = (byte)(rd[2 ] >>  8);
-    r[ 9] = (byte)(rd[2 ] >> 16);
-    r[10] = (byte)((byte)(rd[2 ] >> 24) + (byte)((rd[3 ] >>  0) <<  4));
-    r[11] = (byte)(rd[3 ] >>  4);
-    r[12] = (byte)(rd[3 ] >> 12);
-    r[13] = (byte)(rd[3 ] >> 20);
-    r[14] = (byte)(rd[4 ] >>  0);
-    r[15] = (byte)(rd[4 ] >>  8);
-    r[16] = (byte)(rd[4 ] >> 16);
-    r[17] = (byte)((byte)(rd[4 ] >> 24) + (byte)((rd[5 ] >>  0) <<  4));
-    r[18] = (byte)(rd[5 ] >>  4);
-    r[19] = (byte)(rd[5 ] >> 12);
-    r[20] = (byte)(rd[5 ] >> 20);
-    r[21] = (byte)(rd[6 ] >>  0);
-    r[22] = (byte)(rd[6 ] >>  8);
-    r[23] = (byte)(rd[6 ] >> 16);
-    r[24] = (byte)((byte)(rd[6 ] >> 24) + (byte)((rd[7 ] >>  0) <<  4));
-    r[25] = (byte)(rd[7 ] >>  4);
-    r[26] = (byte)(rd[7 ] >> 12);
-    r[27] = (byte)(rd[7 ] >> 20);
-    r[28] = (byte)(rd[8 ] >>  0);
-    r[29] = (byte)(rd[8 ] >>  8);
-    r[30] = (byte)(rd[8 ] >> 16);
-    r[31] = (byte)((byte)(rd[8 ] >> 24) + (byte)((rd[9 ] >>  0) <<  4));
-    r[32] = (byte)(rd[9 ] >>  4);
-    r[33] = (byte)(rd[9 ] >> 12);
-    r[34] = (byte)(rd[9 ] >> 20);
-    r[35] = (byte)(rd[10] >>  0);
-    r[36] = (byte)(rd[10] >>  8);
-    r[37] = (byte)(rd[10] >> 16);
-    r[38] = (byte)((byte)(rd[10] >> 24) + (byte)((rd[11] >>  0) <<  4));
-    r[39] = (byte)(rd[11] >>  4);
-    r[40] = (byte)(rd[11] >> 12);
-    r[41] = (byte)(rd[11] >> 20);
-    r[42] = (byte)(rd[12] >>  0);
-    r[43] = (byte)(rd[12] >>  8);
-    r[44] = (byte)(rd[12] >> 16);
-    r[45] = (byte)((byte)(rd[12] >> 24) + (byte)((rd[13] >>  0) <<  4));
-    r[46] = (byte)(rd[13] >>  4);
-    r[47] = (byte)(rd[13] >> 12);
-    r[48] = (byte)(rd[13] >> 20);
-    r[49] = (byte)(rd[14] >>  0);
-    r[50] = (byte)(rd[14] >>  8);
-    r[51] = (byte)(rd[14] >> 16);
-    r[52] = (byte)((byte)(rd[14] >> 24) + (byte)((rd[15] >>  0) <<  4));
-    r[53] = (byte)(rd[15] >>  4);
-    r[54] = (byte)(rd[15] >> 12);
-    r[55] = (byte)(rd[15] >> 20);
-    r[56] = 0;
-#endif /* WOLFSSL_ED448_NO_LARGE_CODE */
-}
-
-/* Precomputed multiples of the base point. */
-static const ge448_precomp base[58][8] = {
-{
-    {
-        { 0x70cc05e, 0x26a82bc, 0x0938e26, 0x80e18b0, 0x511433b, 0xf72ab66,
-          0x412ae1a, 0xa3d3a46, 0xa6de324, 0x0f1767e, 0x4657047, 0x36da9e1,
-          0x5a622bf, 0xed221d1, 0x66bed0d, 0x4f1970c },
-        { 0x230fa14, 0x08795bf, 0x7c8ad98, 0x132c4ed, 0x9c4fdbd, 0x1ce67c3,
-          0x73ad3ff, 0x05a0c2d, 0x7789c1e, 0xa398408, 0xa73736c, 0xc7624be,
-          0x03756c9, 0x2488762, 0x16eb6bc, 0x693f467 }
-    },
-    {
-        { 0x5555555, 0x5555555, 0x5555555, 0x5555555, 0x5555555, 0x5555555,
-          0x5555555, 0x5555555, 0xaaaaaa9, 0xaaaaaaa, 0xaaaaaaa, 0xaaaaaaa,
-          0xaaaaaaa, 0xaaaaaaa, 0xaaaaaaa, 0xaaaaaaa },
-        { 0xa9386ed, 0xeafbcde, 0xda06bda, 0xb2bed1c, 0x098bbbc, 0x833a2a3,
-          0x80d6565, 0x8ad8c4b, 0x7e36d72, 0x884dd7b, 0xed7a035, 0xc2b0036,
-          0x6205086, 0x8db359d, 0x34ad704, 0xae05e96 }
-    },
-    {
-        { 0x6ff2f8f, 0x2817328, 0xda85757, 0xb769465, 0xfd6e862, 0xf7f6271,
-          0x8daa9cb, 0x4a3fcfe, 0x2ba077a, 0xda82c7e, 0x41b8b8c, 0x9433322,
-          0x4316cb6, 0x6455bd6, 0xb9108af, 0x0865886 },
-        { 0x88ed6fc, 0x22ac135, 0x02dafb8, 0x9a68fed, 0x7f0bffa, 0x1bdb676,
-          0x8bb3a33, 0xec4e1d5, 0xce43c82, 0x56c3b9f, 0xa8d9523, 0xa6449a4,
-          0xa7ad43a, 0xf706cbd, 0xbd5125c, 0xe005a8d }
-    },
-    {
-        { 0x8ba7f30, 0xce42ac4, 0x9e120e2, 0xe179894, 0x8ba21ae, 0xf1515dd,
-          0x301b7bd, 0x70c74cc, 0x3fda4be, 0x0891c69, 0xa09cf4e, 0x29ea255,
-          0x17226f9, 0x2c1419a, 0xc6c0cce, 0x49dcbc5 },
-        { 0xde51839, 0xe236f86, 0xd4f5b32, 0x44285d0, 0x472b5d4, 0x7ea1ca9,
-          0x1c0d8f9, 0x7b8a5bc, 0x90dc322, 0x57d845c, 0x7c02f04, 0x1b979cb,
-          0x3a5de02, 0x27164b3, 0x4accde5, 0xd49077e }
-    },
-    {
-        { 0x2030034, 0xa99d109, 0x6f950d0, 0x2d8cefc, 0xc96f07b, 0x7a920c3,
-          0x08bc0d5, 0x9588128, 0x6d761e8, 0x62ada75, 0xbcf7285, 0x0def80c,
-          0x01eedb5, 0x0e2ba76, 0x5a48dcb, 0x7a9f933 },
-        { 0x2f435eb, 0xb473147, 0xf225443, 0x5512881, 0x33c5840, 0xee59d2b,
-          0x127d7a4, 0xb698017, 0x86551f7, 0xb18fced, 0xca1823a, 0x0ade260,
-          0xce4fd58, 0xd3b9109, 0xa2517ed, 0xadfd751 }
-    },
-    {
-        { 0xabef79c, 0x7fd7652, 0x443a878, 0x6c20a07, 0x12a7109, 0x5c1840d,
-          0x876451c, 0x4a06e4a, 0xad95f65, 0x3bed0b4, 0x3fb0260, 0x25d2e67,
-          0xaebd971, 0x2e00349, 0x4498b72, 0x54523e0 },
-        { 0x07c7bcc, 0xea5d1da, 0x38ea98c, 0xcce7769, 0x61d2b3e, 0x80284e8,
-          0x6e1ff1b, 0x48de76b, 0x9c58522, 0x7b12186, 0x2765a1a, 0xbfd053a,
-          0x056c667, 0x2d743ec, 0xd8ab61c, 0x3f99b9c }
-    },
-    {
-        { 0xeb5eaf7, 0xdf9567c, 0x78ac7d7, 0x110a6b4, 0x4706e0b, 0x2d33501,
-          0x0b5a209, 0x0df9c7b, 0x568e684, 0xba4223d, 0x8c3719b, 0xd78af2d,
-          0xa5291b6, 0x77467b9, 0x5c89bef, 0x079748e },
-        { 0xdac377f, 0xe20d3fa, 0x72b5c09, 0x34e8669, 0xc40bbb7, 0xd8687a3,
-          0xd2f84c9, 0x7b3946f, 0xa78f50e, 0xd00e40c, 0x17e7179, 0xb875944,
-          0xcb23583, 0x9c7373b, 0xc90fd69, 0x7ddeda3 }
-    },
-    {
-        { 0x153bde0, 0x2538a67, 0x406b696, 0x223aca9, 0x1ad713e, 0xf9080dc,
-          0xd816a64, 0x6c4cb47, 0x5dc8b97, 0xbc28568, 0xc08e2d7, 0xd97b037,
-          0x5d0e66b, 0x5b63fb4, 0x520e8a3, 0xd1f1bc5 },
-        { 0xe69e09b, 0x4eb873c, 0xbc8ee45, 0x1663164, 0xba8d89f, 0x08f7003,
-          0x386ad82, 0x4b98ead, 0xbd94c7b, 0xa4b93b7, 0xc6b38b3, 0x46ba408,
-          0xf3574ff, 0xdae87d1, 0xe9bea9b, 0xc7564f4 }
-    },
-},
-{
-    {
-        { 0x5bfac1c, 0x2e4fdb2, 0xf5f3bca, 0xf0d79aa, 0x20fb7cc, 0xe756b0d,
-          0xb39609a, 0xe3696be, 0x5a5ab58, 0xa019fc3, 0x3b281dd, 0xa2b2485,
-          0x61ac0a2, 0xe3e2be7, 0xeb56730, 0xf19c34f },
-        { 0xa30241e, 0x2d25ce8, 0xb73d7a1, 0xf5661ea, 0xdaac9f4, 0x4611ed0,
-          0x4ced72c, 0xd544234, 0xe92e985, 0xce78f52, 0x4da4aad, 0x6fe5dd4,
-          0x1d363ce, 0xfcaddc6, 0xc9111bf, 0x3beb69c }
-    },
-    {
-        { 0x940ebc9, 0xd2e7660, 0xb17bbe0, 0xe032018, 0x75c0575, 0xad49391,
-          0x21c7f34, 0xdd0b147, 0x3e147e0, 0x52c2ba4, 0x0ee8973, 0x7dd03c6,
-          0xecf2754, 0x5472e8d, 0xd6482bb, 0x17a1cd1 },
-        { 0x8128b3f, 0xdd43b84, 0xea7dd25, 0xf0cae34, 0xff07df2, 0x81ca99f,
-          0x92ebbdc, 0x1c89597, 0x72155e6, 0x45c7a68, 0x39ddd08, 0x907a50e,
-          0xbb2d89b, 0xbe398c2, 0x1b3b536, 0x38063f9 }
-    },
-    {
-        { 0xf843b23, 0x149fafb, 0xac7f22a, 0x00ab582, 0xf2f4d4c, 0xa3b981b,
-          0x4341a22, 0x2ce1a65, 0x7c03b63, 0x68a4074, 0x12f2cf8, 0x63206a2,
-          0x5149741, 0xc9961d3, 0xbc7099e, 0xfb85430 },
-        { 0x90a9e59, 0x9c91072, 0x06de367, 0x734e94a, 0xdb99214, 0x5cf3cbe,
-          0x45b1fb9, 0xc6bce32, 0xdd7be0d, 0x1a82abe, 0xede7d1c, 0xf74976a,
-          0x21503bd, 0x7025b7c, 0x0d096ab, 0xf789491 }
-    },
-    {
-        { 0x555a41b, 0x6bd48bb, 0x67de206, 0xfbdd0d0, 0xdd6dfd1, 0x98bc477,
-          0x3e40b8a, 0x1d0693b, 0xda32ae4, 0x6e15563, 0xfcebaa2, 0x0194a20,
-          0x0980a93, 0xda11615, 0x0109cec, 0x8e11920 },
-        { 0xffb9726, 0x8ea0552, 0x047e44b, 0xeba50a4, 0x60ddf76, 0xc050d24,
-          0xac690e0, 0xe009204, 0x9b18edc, 0x47b8639, 0xc77f23f, 0x2f5b76a,
-          0x0792905, 0x4296c24, 0x06f6dc7, 0x73f6b4a }
-    },
-    {
-        { 0x3b10cad, 0xb6ef9ea, 0xf7c8fce, 0x312843d, 0x8bedf86, 0x5bdcd52,
-          0xf6dd823, 0x2889059, 0x08bfde0, 0x04578e9, 0x123e2e5, 0x3245df3,
-          0x7ee9e3a, 0xbf461d5, 0x6f94ceb, 0xddec2d4 },
-        { 0x145768f, 0x21b43b9, 0xdae962a, 0xe79a8f9, 0xcbb043f, 0xff1972b,
-          0x239649b, 0xe3dcf6d, 0xc533b85, 0xed592bd, 0xdbe22d0, 0x14ff94f,
-          0xf1d8e22, 0x6c4eb87, 0xd18cf6d, 0xd8d4c71 }
-    },
-    {
-        { 0x8d96345, 0xcda666c, 0x836cd21, 0x9ecaa25, 0x984606e, 0x6e885bd,
-          0x804f054, 0x1dd5fef, 0x6959ae4, 0x9dfff6b, 0xc9b55cc, 0x99b9cf8,
-          0x62b9b80, 0xb4716b0, 0x554b128, 0x13ec87c },
-        { 0x75aacc2, 0xe696d1f, 0x87fc5ff, 0xf78c993, 0x3809d42, 0x76c0947,
-          0xb618fa8, 0x99ce62d, 0x2f53341, 0x35e3e02, 0x0db6c5e, 0x62fc1ac,
-          0x00d8b47, 0xa1fb8e6, 0x58f0d1e, 0x0bc1070 }
-    },
-    {
-        { 0x16da513, 0x1f45269, 0xf5cf341, 0x1f2fc04, 0x64d23e0, 0xae92086,
-          0xda8a113, 0x4e33082, 0x1cfc085, 0x2688ec6, 0x6e5327f, 0x6f2e8de,
-          0xb4e48a8, 0x2070db3, 0x3240ade, 0xd662697 },
-        { 0xfbd997b, 0xa6b317f, 0x49e26bd, 0x9fa1b56, 0x8cba0f3, 0xcbf0d25,
-          0x17b4745, 0x4a7791b, 0x5c9e190, 0x25f555b, 0x923ec4c, 0x7cd3940,
-          0xe98f1b6, 0x16f4c6a, 0xbcd4e0f, 0x7962116 }
-    },
-    {
-        { 0x02491e3, 0x8d58fa3, 0x7ab3898, 0x7cf76c6, 0x647ebc7, 0xbc2f657,
-          0xd25f5a3, 0x5f4bfe0, 0xd69505d, 0x503f478, 0x3fb6645, 0x4a889fc,
-          0xfa86b18, 0x33e1bc1, 0x5508dd8, 0xabb234f },
-        { 0x9a05b48, 0x5348e1b, 0x64dc858, 0x57ac5f1, 0xec8a2d3, 0x21f4d38,
-          0xa3a3e9d, 0x5ec6d3c, 0x560a0b8, 0xcd4062e, 0x3433f59, 0x49b74f7,
-          0xcab14e3, 0xefd9d87, 0xeb964f5, 0x858ce7f }
-    },
-},
-{
-    {
-        { 0xeb731b4, 0x7577254, 0x4e2397e, 0x9fff1fb, 0xc821715, 0x749b145,
-          0x2e65e67, 0x40619fe, 0x2e618d8, 0x57b8281, 0x707b83e, 0x063186c,
-          0x31b24a2, 0xcfc80cb, 0xac75169, 0xcca6185 },
-        { 0xb255818, 0x6539f44, 0x0368bce, 0x5895da0, 0x17c7482, 0x841a309,
-          0xb1a9c9e, 0x85469e1, 0xe4f7d9d, 0x05664c0, 0x7b35cc0, 0x8a06318,
-          0xa0e9b0a, 0x214763a, 0x4b26ac2, 0x1bd872c }
-    },
-    {
-        { 0xa93762b, 0x3578f97, 0x72d52bc, 0x434f69a, 0x22cb565, 0xddcca40,
-          0xff20544, 0xa7d1e41, 0x8a66588, 0x823475d, 0x99d7baf, 0x9fc97c7,
-          0x660e421, 0x15542f1, 0x843faf6, 0xa7d1f60 },
-        { 0x4063ccc, 0xbbfaab5, 0xa49855a, 0x3ad9bad, 0x5bddbfe, 0xffd5f1c,
-          0xae87e59, 0x0e419c2, 0xf89956b, 0xdce6ed6, 0xccd8951, 0xf047c21,
-          0xa83c991, 0x6ed4a1b, 0x2d28e0a, 0x85af86e }
-    },
-    {
-        { 0x9ed48a8, 0x04433c4, 0x0bc375d, 0xeffa858, 0xfa6e3b5, 0xfb0e1b2,
-          0xa1aadda, 0x51483a2, 0xf8b2ea8, 0x733448d, 0xf639f0c, 0xaa0513c,
-          0xa23bf84, 0x6bc61a3, 0xdc2430d, 0x3e64f68 },
-        { 0xc5876b1, 0x51bf502, 0x1c0dd2a, 0x6b83375, 0x342914f, 0xe597be1,
-          0xf8e632c, 0x43d5ab0, 0xd62587b, 0x2696715, 0xed34f24, 0xe87d20a,
-          0xe18baf7, 0x25b7e14, 0xe22e084, 0xf5eb753 }
-    },
-    {
-        { 0x24d8295, 0x51da717, 0x18d1340, 0xd478e43, 0x2cf7f66, 0xacf94f4,
-          0x3760711, 0x230d7d1, 0x5abc626, 0x078a66a, 0x6b5f6da, 0xd78b0bd,
-          0x96d1d0b, 0x23a9713, 0x4bd960f, 0x87623d6 },
-        { 0x77db53f, 0x0841a99, 0xf4d03ee, 0x23c1a53, 0x1f95df1, 0x2f62c2e,
-          0x116f4e7, 0xd1e2ec1, 0x34811a9, 0x896d2fe, 0xec8096e, 0xad65e2b,
-          0xb1744a6, 0x09d36f9, 0xff5ddf7, 0x564bac7 }
-    },
-    {
-        { 0xc3f77cb, 0x48b41e2, 0x0968938, 0x5227673, 0xfd9b452, 0xff1b899,
-          0x2e03908, 0x67cf3bf, 0x248a6fb, 0x3731d90, 0x256598f, 0xd800a05,
-          0xbdc8530, 0x347d2f2, 0x7ad08a1, 0xc72a300 },
-        { 0x1d65f73, 0x5e5be74, 0x4206ead, 0x183d4ae, 0xade4013, 0xcb50c1c,
-          0x3102483, 0x39db43d, 0x70d6325, 0x0eb49fa, 0xc1f02b9, 0xa18f6a2,
-          0xdbf5e66, 0x3e6fe30, 0x3a82aa5, 0xac4eeb9 }
-    },
-    {
-        { 0x3613d47, 0x295affd, 0xb56f343, 0x7b7e68a, 0x92b173b, 0x9806296,
-          0xbad35fb, 0x937061e, 0x5c21eea, 0x2501978, 0x787a746, 0xe92721b,
-          0x3651631, 0x463c46c, 0xc6f2d5a, 0x6da4b5d },
-        { 0x6e6d18c, 0xcb67cc1, 0x0010588, 0x1b30d52, 0xdb1d1e8, 0x1bb6ea6,
-          0xad11474, 0x9c6308a, 0x3d19b1c, 0xc316741, 0xbe4fb79, 0xf2e84d7,
-          0xe050f77, 0xeccb873, 0xcc2bf86, 0xf7c8d80 }
-    },
-    {
-        { 0x7ab20e5, 0x16fe2e1, 0xecf3a92, 0x274dead, 0x0972f67, 0x9f43487,
-          0x4605751, 0x9a65a45, 0xb8980b2, 0x9351f07, 0x0eb08a5, 0x412962b,
-          0x733f440, 0xb8c9bfd, 0x1ca250f, 0xac2cd64 },
-        { 0x2ba7d26, 0x68cdd0f, 0x4e0beea, 0xd3d2a4a, 0x9f4a258, 0x50135c1,
-          0xf0d02e4, 0xb475e53, 0x589283a, 0x432d8c6, 0xa0a2b6c, 0x29141bf,
-          0x13704bc, 0xd7379ec, 0x52459bf, 0x831562c }
-    },
-    {
-        { 0xeeec506, 0x676b366, 0x45da557, 0xdd6cad5, 0x77057d2, 0x9de39cb,
-          0xdf05bf1, 0x388c5fe, 0xdfb1f03, 0x6e55650, 0x52126c9, 0xdbceffa,
-          0x3a4a220, 0xe4d187b, 0xeb27020, 0xac914f9 },
-        { 0xd2e5f30, 0x3f4ab98, 0xdd94451, 0x6ae97da, 0x0d80981, 0x64af695,
-          0xf2aa2ce, 0x36b4b90, 0x18fcf59, 0x6adcd7a, 0xc116c81, 0x3ddfe6d,
-          0x549b9e3, 0x661072b, 0xec4584d, 0xd9e3134 }
-    },
-},
-{
-    {
-        { 0xa1e400c, 0x6e46707, 0x551e806, 0xcdc990b, 0x3a07724, 0xfa51251,
-          0x1b3e4f5, 0x500553f, 0xef4dac3, 0x67e8b58, 0x2cb4cc7, 0x958349f,
-          0x7f9143c, 0x948b4ed, 0x2b7822b, 0xe646d09 },
-        { 0x2bc3c26, 0xd185dd5, 0xc837fc9, 0x34ba16e, 0x5a788b7, 0x516d4ba,
-          0x56142b0, 0x72f2de7, 0xf445b3d, 0x5846f61, 0xf4631a1, 0xdaec5c9,
-          0x169ea9b, 0xa10b18d, 0xaf6751b, 0x85d2998 }
-    },
-    {
-        { 0x43ddf31, 0xda0cac4, 0x1860911, 0x0966e17, 0x3cba600, 0x9c3a717,
-          0x571f895, 0x5781880, 0x737ac21, 0x5e2a927, 0x6c253fb, 0x8a46148,
-          0x95ee626, 0xe801cf5, 0x5f84fc0, 0x271166a },
-        { 0xba856bd, 0x306937f, 0xbe80a43, 0x80cb179, 0xffb5980, 0x70393b2,
-          0x660fc64, 0xa8e4a1c, 0xc0d5c98, 0x5078abf, 0xfbd31ff, 0x62ba530,
-          0x9e51b88, 0xda60844, 0x355ae15, 0xdb6ecb0 }
-    },
-    {
-        { 0x23c5d49, 0xbcbb6ea, 0x87959bc, 0x08906ba, 0x0991665, 0x61cc088,
-          0xd90d13c, 0x21d6b41, 0xd03afe9, 0x0c27ac1, 0x5cfea52, 0x159995f,
-          0xbdfe220, 0x4057e20, 0xcbdf058, 0xdd1b349 },
-        { 0x2e37159, 0x0cd6626, 0x3eb0d17, 0x8cea8e4, 0x5bce7f0, 0x553af08,
-          0x5b6511d, 0xb94cb5f, 0x50e0330, 0x7b8d3a5, 0x57ab7e7, 0x4159110,
-          0x6aa886f, 0x320820e, 0xc5b6b81, 0x130d4d6 }
-    },
-    {
-        { 0xc7bb2ed, 0x2f98059, 0xa49bdfb, 0x33ebf4c, 0xb0a675b, 0x04c72a1,
-          0xadb6c14, 0x94f9ea4, 0xcf728c0, 0x03376d8, 0x4c6eb6a, 0x5c059d3,
-          0xeb8da48, 0x0178408, 0x2956817, 0x8bf607b },
-        { 0xceb3d28, 0x7ad2822, 0x37ae653, 0xd07a403, 0xc1e46b2, 0xbc68739,
-          0x9154ba9, 0x15d7cca, 0xa26617d, 0x6b97103, 0xb2e0d28, 0xa610314,
-          0xfd4d363, 0x52a08ba, 0xc7dc2af, 0x80c2638 }
-    },
-    {
-        { 0x3187140, 0x0cde7ef, 0x4b70acd, 0x93b92ca, 0x7a79cdc, 0x5696e50,
-          0x8eaab66, 0x73cc972, 0x8f1b0c7, 0x6b8c5b6, 0x4f7e0b1, 0xb39a318,
-          0x376108a, 0x72cfb0d, 0x98536a7, 0x0c53efc },
-        { 0x24c2f1e, 0x03b52a8, 0x6399b78, 0x717132e, 0x349a85d, 0x31ebd25,
-          0x1a200d4, 0x265ee81, 0x407d7ad, 0x0b1aad2, 0x94d2962, 0x9a9ebc8,
-          0x41171d9, 0x994e6cd, 0x6c8fa83, 0x09178d8 }
-    },
-    {
-        { 0xa2593a1, 0x7d1d238, 0xb38fb19, 0x863e93a, 0xe7712a9, 0xd23a4cc,
-          0x27efcd5, 0x7477b13, 0x1392f6c, 0x3ba69ff, 0xf7bb5a5, 0x63e0c32,
-          0x026effd, 0x20412c0, 0xef424ab, 0xd3ee8e4 },
-        { 0x64e5174, 0x14c0b2d, 0xe58c47b, 0x2a611f2, 0xc1e8635, 0xaa58a06,
-          0xcf17034, 0x1870c3e, 0x83f1bf3, 0xb0d5e34, 0x16c7eb3, 0xb19905c,
-          0x6efa4ca, 0xbf85d62, 0x180f92b, 0xfd16b2f }
-    },
-    {
-        { 0x3adcb48, 0xc0431af, 0xba90496, 0xc9a7a8d, 0x3895294, 0xd765a16,
-          0x551de70, 0xb02a41a, 0x749b8a1, 0xb71b261, 0xc6f3e47, 0x0dfa89e,
-          0x0f5d9ce, 0x392c0d8, 0x31aee3c, 0x43c59d8 },
-        { 0x4d76f49, 0x94bfb6d, 0x27d68a5, 0xe8f5b82, 0x630fd08, 0x78ae1d9,
-          0xce1bdae, 0x1379029, 0x66715dc, 0x9689da0, 0xd3278c7, 0x5d4cb24,
-          0x9e84fbc, 0x77c9833, 0xea1048c, 0xc8478dc }
-    },
-    {
-        { 0x770d2ba, 0xe4b8f31, 0x42ea095, 0x744f652, 0x036f138, 0xd06e090,
-          0x3b078ca, 0xd3a3d5b, 0x78b8417, 0xc7ae541, 0xc738fd7, 0xad6c5d4,
-          0x4676454, 0x6178984, 0x5d9a392, 0xfbf3423 },
-        { 0xfff772f, 0x8e451a7, 0x5ffbead, 0x8605bb7, 0x930d59f, 0x6f75cc1,
-          0x8f3f460, 0xd4f4755, 0x6700c8a, 0xefd2d79, 0x2406421, 0xceb462a,
-          0x9dfe8f1, 0x8ed0f97, 0xd1d7600, 0x0280bf1 }
-    },
-},
-{
-    {
-        { 0xdd9a54d, 0x761c219, 0x86a39c0, 0x1127fcb, 0x4c9bedd, 0x7d0e4f0,
-          0x4d976b6, 0x27c017a, 0xda042cf, 0x800c973, 0x2593f11, 0xe7419af,
-          0xae67960, 0xbd49448, 0x744fd85, 0xd3b60b7 },
-        { 0x61676fe, 0x5e74ed9, 0x39af627, 0x7383ef3, 0x5e62df7, 0x34407e0,
-          0x8bf3196, 0xb053461, 0x583b407, 0xd6b7184, 0x55011be, 0xe3d0685,
-          0x2124b52, 0x94083d0, 0xf780aaf, 0xa908324 }
-    },
-    {
-        { 0x73ec9c3, 0xb27af1a, 0x70fa725, 0xb66ad9f, 0x8cf73e4, 0x07724f5,
-          0x9949358, 0xc3fcd57, 0xda0cc01, 0x06efb79, 0x10597c9, 0x1e977d2,
-          0x703e8d6, 0xcd732be, 0x6d0b69e, 0x6fd29bf },
-        { 0x667128e, 0xca658ac, 0xc7872b3, 0xca0036a, 0x5355837, 0xc969858,
-          0x075cf1c, 0x59f3be8, 0x3809a11, 0x9f1b9b0, 0x9733871, 0x6881ced,
-          0xe902a5f, 0x8cda0fb, 0x4e3871e, 0x4d8c69b }
-    },
-    {
-        { 0xddee82f, 0x5c3bd07, 0x2f9723b, 0xe52dd31, 0x74f1be8, 0xcf87611,
-          0x35f8657, 0xd9ecbd8, 0xfbfea17, 0x4f77393, 0xd78fe2c, 0xec9579f,
-          0x0fb0450, 0x320de92, 0x95d9c47, 0xbfc9b8d },
-        { 0x5e1b4c3, 0x818bd42, 0x40e2c78, 0x0e0c41c, 0xbccb0d0, 0x0f7ce9a,
-          0x5ef81fb, 0xc7e9fa4, 0x73574ad, 0x2561d6f, 0xd2efb0b, 0xa2d8d99,
-          0xe96cd0a, 0xcf8f316, 0x4964807, 0x088f0f1 }
-    },
-    {
-        { 0x45d5a19, 0x0a84989, 0x6c2131f, 0x47ab39c, 0xf3fc35d, 0x5c02824,
-          0x9ee8127, 0x3be77c8, 0xc90b80a, 0xa8491b7, 0xa28aa93, 0x5397631,
-          0x6c0b344, 0x54d6e81, 0x876d0e4, 0x22878be },
-        { 0x6db3bf6, 0xeecb8a4, 0x54577a3, 0x340f295, 0x9a00f85, 0xa779868,
-          0x4bb9147, 0x98465d7, 0xda3c736, 0x9532d7d, 0x7504b20, 0x6d574f1,
-          0xd86e435, 0x6e356f4, 0x4533887, 0x70c2e8d }
-    },
-    {
-        { 0xd293980, 0xdce5a0a, 0x069010e, 0x32d7210, 0x06deaaa, 0x64af59f,
-          0x59239e4, 0xd6b43c4, 0x9199c29, 0x74bf255, 0x11e1e2b, 0x3efff41,
-          0xcb0f8d8, 0x1aa7b5e, 0x989e395, 0x9baa22b },
-        { 0x7b33ac1, 0xf78db80, 0x54ce80a, 0x05a3b43, 0x7bc8e12, 0x371defc,
-          0x1224610, 0x63305a0, 0x6d697ef, 0x028b1ae, 0x1cd8051, 0x7aba39c,
-          0x28ee4b4, 0x76ed7a9, 0x7f99901, 0x31bd02a }
-    },
-    {
-        { 0xf075566, 0xf9dab7a, 0xf56f18b, 0x84e29a5, 0xf64e56d, 0x3a4c45a,
-          0x6a7302d, 0xcf3644a, 0x156b658, 0xfb40808, 0xf96be52, 0xf33ef9c,
-          0xcaa2f08, 0xfe92038, 0xb261894, 0xcfaf2e3 },
-        { 0x224ce3f, 0xf2a0dbc, 0x592eb27, 0xed05009, 0x95889d0, 0x501743f,
-          0x77c95c2, 0xa88a478, 0xdd63da9, 0x86755fb, 0xc7ee828, 0x9024acf,
-          0xf38113b, 0x634b020, 0x6056e64, 0x3c5aacc }
-    },
-    {
-        { 0xa2ef760, 0xe03ff3a, 0xb1c3bac, 0x3b95767, 0x940d754, 0x51ce6aa,
-          0x47a9a3d, 0x7cbac3f, 0x34f8d1a, 0xa864ac4, 0x80dbd47, 0x1eff3f2,
-          0x7ebd5ca, 0xd8ab660, 0x05b07ed, 0xc4df5c4 },
-        { 0xa4f095b, 0x3dc92df, 0x7cdbd9a, 0x5ae36a5, 0x7891e04, 0x7ff2973,
-          0x0a5fe7b, 0x37c0313, 0xaa6e35e, 0x210d7b0, 0xbf200d8, 0x6edfb53,
-          0x84afb85, 0x787b68d, 0x72c6de3, 0x9b5c49b }
-    },
-    {
-        { 0x4010f4e, 0x5185716, 0x0536ebe, 0xe0b144b, 0x887d663, 0xacabb14,
-          0xedf584f, 0xac1caed, 0xaf175a3, 0xb43fb8f, 0xf992a3c, 0x310b6d5,
-          0x85178a4, 0xf2c4aa2, 0x8bd56bf, 0x69c9969 },
-        { 0xa4d972e, 0x73d6372, 0x9583803, 0x3d5bb2e, 0xd891581, 0x7bf7d18,
-          0x568a34a, 0xa5ce5d7, 0x1f45c81, 0x670b433, 0x1f96910, 0x97265a7,
-          0xb07c1ea, 0xdb14eb3, 0xfed447c, 0xdf008ea }
-    },
-},
-{
-    {
-        { 0x00c2f10, 0x0379f5a, 0xd350285, 0xb320b4f, 0x8efdd7d, 0x74e560e,
-          0xf46a140, 0xf2f017e, 0x0f34624, 0x2ced1a6, 0xca08ec9, 0x7c4b4e3,
-          0x5d8bc6b, 0xdffc2a1, 0x527b007, 0xcc8f3f3 },
-        { 0x861fe83, 0x59f8ac4, 0xd03144c, 0x8d48d2c, 0xbfa6dce, 0xa8457d2,
-          0x677c136, 0xd7ed333, 0xc228e18, 0xcb8e219, 0x16ab1e4, 0x5f70bc9,
-          0x3780370, 0x2ae3a3d, 0x88f17ad, 0x9f33654 }
-    },
-    {
-        { 0x960e4bb, 0xeab0710, 0xab9cfd3, 0xc668a78, 0xb0ef946, 0x2e85553,
-          0x8df5df3, 0xa43c4b9, 0x3cb3646, 0x0ecd559, 0x18dbe71, 0x6f543c4,
-          0xf59818b, 0xee7edaa, 0x90911c1, 0xc44e8d2 },
-        { 0x269b509, 0xafb38b1, 0x52afe2c, 0x9e2737c, 0xccfa664, 0x5b2ef02,
-          0xe1cc58b, 0x1e0aeac, 0x5ea134e, 0x37a57e9, 0x83b9fc2, 0xc9c465a,
-          0x6e3ecca, 0x4b9e8c7, 0x9bdbab5, 0xca07dbe }
-    },
-    {
-        { 0xb0d7807, 0xd297f3c, 0xf59ce61, 0xee441a5, 0xb2db844, 0x728553b,
-          0x640e9e0, 0x90f87e5, 0xcb76dff, 0xaa72cbf, 0x4012d57, 0x065c686,
-          0x9678b44, 0xd5ee88f, 0x2177603, 0x3d74b85 },
-        { 0x748b68e, 0x3f9c947, 0x8f44d44, 0x03856d9, 0x462426c, 0xde34b84,
-          0x845ab29, 0xc16d1bb, 0xd2e18de, 0x9df6217, 0xb154643, 0xec6d219,
-          0x2ee0f8f, 0x22a8ec3, 0x91c5175, 0x632ad38 }
-    },
-    {
-        { 0x6869267, 0x19d9d23, 0xfe5532a, 0x628df94, 0x6dc9a01, 0x458d76c,
-          0x2cc39c8, 0x405fe6c, 0xf3a04ba, 0x7dddc67, 0x12500c7, 0xfee6303,
-          0xa50e9de, 0x580b6f0, 0x6090604, 0xfb5918a },
-        { 0x3af6b2d, 0xd715925, 0x1c7d1ec, 0x83d62d6, 0x85858c4, 0x94398c1,
-          0x14bfb64, 0x94643dc, 0xaf7db80, 0x758fa38, 0xa8a1557, 0xe2d7d93,
-          0x3562af1, 0xa569e85, 0x84346aa, 0xd226bdd }
-    },
-    {
-        { 0xd0ccd20, 0xc2d0a5e, 0x5dbc0cf, 0xeb9adb8, 0x26d7e88, 0xe0a29ee,
-          0x84a8e98, 0x8bb39f8, 0x37396ea, 0x511f1c1, 0xc8b2fb3, 0xbc9ec5a,
-          0x090e5bc, 0x299d81c, 0x4cdd587, 0xe1dfe34 },
-        { 0x5e465b7, 0x80f61f4, 0x1bad59e, 0x5699c53, 0xb79ff92, 0x85e92e4,
-          0x9db244c, 0x1e64fce, 0xa22097d, 0x3748574, 0xefff24e, 0xe2aa6b9,
-          0x0a10bc6, 0xb951be7, 0x9067a1c, 0x6685326 }
-    },
-    {
-        { 0xa6114d3, 0xf716ddf, 0x037ec1f, 0x9e515f5, 0x44944a6, 0x7734541,
-          0xaba97cc, 0x1540c4c, 0x8b54bb7, 0xe41e548, 0xcae37bc, 0x4363156,
-          0xf3d2ce8, 0xc384eaf, 0x4c58ba4, 0x72a4f45 },
-        { 0xdcaf3fc, 0x0ceb530, 0x78dcdbb, 0x72d5365, 0xc6320fa, 0x9b44084,
-          0xeb74c70, 0x6262d34, 0x608e6dc, 0x8abac85, 0x10dd38d, 0x82a5264,
-          0xa819b8d, 0xbc39911, 0x03ad0d9, 0xbda15fe }
-    },
-    {
-        { 0xf9dc60b, 0xadbf587, 0x7d846d2, 0xf9d814f, 0xb77bde0, 0xccdd241,
-          0x2242f50, 0x89cb6d7, 0xe6360a8, 0x95c0e3e, 0xdf49713, 0x7c7dd5a,
-          0x57d5814, 0x68e0e49, 0x0c16571, 0x3aa097d },
-        { 0x267d03a, 0xb56b672, 0x8c44af4, 0x4f55708, 0xf3252a5, 0x67c49e7,
-          0xc94a469, 0x871d6cf, 0x01fbfaa, 0x57ae998, 0x48a5d8e, 0x5c0e48f,
-          0x5e240b9, 0xe9bf9c8, 0x99d41ca, 0xa410189 }
-    },
-    {
-        { 0xb2889b4, 0x6beb0c7, 0x9455370, 0x78b7f89, 0x47ca364, 0xd434214,
-          0x9f21e5b, 0xdd9d2da, 0x0a7e4aa, 0xa0c7c18, 0xda1660c, 0x022c0d4,
-          0x5a57002, 0xe1f5c16, 0x518f68f, 0x51c7c9e },
-        { 0x2586502, 0x6d521b6, 0x183ec1b, 0xa0f2cb3, 0xcaa5e16, 0x578b4e0,
-          0x764997f, 0x7bd4fbd, 0x64b1804, 0x7ec56c3, 0x0ee08e4, 0xb75a254,
-          0xdc19080, 0x6bf74a6, 0x97d6e59, 0x6ec793d }
-    },
-},
-{
-    {
-        { 0x0a4beb9, 0x16789d6, 0x9b9c801, 0x512b2cd, 0x8c7bb9c, 0xf8b6d10,
-          0x9ebdc8c, 0xd85651e, 0x9ba971a, 0xc945082, 0x7e1cf78, 0x852d9ea,
-          0x0af01e2, 0x6a45e35, 0x6151dcf, 0xe6cdadf },
-        { 0x2b8c01b, 0xc454bb4, 0x3d54cd2, 0x59e0c49, 0x454d608, 0x8e1e686,
-          0xd8c6103, 0x0dbae4b, 0x6c18b18, 0xa5603a1, 0x3369093, 0x227a6b2,
-          0x5f3de1c, 0xf1e8929, 0x8ab63c5, 0x42f0b58 }
-    },
-    {
-        { 0x5b596d8, 0xf1974cc, 0x44719f0, 0xee8093f, 0xf6f5b54, 0x40ba933,
-          0x2f3d654, 0xd6e5365, 0x26d73b8, 0x9aeb835, 0x0776382, 0x50ed535,
-          0xad43875, 0x3be47d6, 0xc786e48, 0x21d56df },
-        { 0xb73bb39, 0x8a75e18, 0xf265a78, 0x9eba84c, 0x2e772e7, 0x7c02a4d,
-          0x4c1ecd2, 0xf7df6d4, 0x6cef71b, 0xa8d9ea0, 0xcae3b68, 0x86e8f91,
-          0x99efefa, 0x2fd1411, 0x214e6f6, 0x0b36ab2 }
-    },
-    {
-        { 0xbdce61c, 0xd79065c, 0xdecb229, 0xcb562ff, 0x4600849, 0xef5d3d1,
-          0x1d23ac8, 0x348b31b, 0x15c36b8, 0xb2ea699, 0x4822836, 0x268683d,
-          0xc6f0b7d, 0x083edbe, 0x1a7821c, 0xaf4f39d },
-        { 0x4e64841, 0x23be6e8, 0x65bf791, 0xe9e2463, 0x02bfd7c, 0xa3208ac,
-          0xd01357d, 0x231989c, 0x6422ab4, 0x79b8aad, 0x91b8564, 0x57d2b7e,
-          0x8c04421, 0x28ebbcc, 0x7d09c05, 0xdc787d8 }
-    },
-    {
-        { 0x6c7bed5, 0xeb99f62, 0x39cd0e8, 0x326b15f, 0xd860615, 0xd9d53dc,
-          0x1bf4205, 0xdf636e7, 0x0752209, 0x1eaa0bf, 0x4744abb, 0x17ce69a,
-          0xf3ea2fb, 0x474572d, 0x224a7f3, 0xc4f6f73 },
-        { 0x63081b4, 0x7ed86ad, 0x4a20afb, 0xcd4cdc7, 0xb301b2e, 0x7563831,
-          0xe038699, 0x5b4d2b1, 0x802a15f, 0xa15d1fa, 0x13e9172, 0x6687aaf,
-          0xba6da90, 0x3eccd36, 0x7474e83, 0x34e829d }
-    },
-    {
-        { 0x19c9b27, 0x4cea19b, 0x5f52523, 0xa14c37a, 0x726625c, 0x248b16d,
-          0x6cabc21, 0x8c40f9f, 0x32a5c65, 0x918470c, 0x2a98d5b, 0x314056b,
-          0x34a0714, 0x6c974cf, 0x4f6314a, 0x0c8f8a9 },
-        { 0x70bccfd, 0x4844557, 0x740c9fd, 0xf5835db, 0xa21407c, 0x12e59b5,
-          0xdb1689d, 0xbe338e0, 0xdd5e915, 0x5a50ce9, 0xef99f39, 0xb1780e9,
-          0xee4d833, 0x1262b55, 0x89c5340, 0x4be3f22 }
-    },
-    {
-        { 0x6c4b858, 0xbb99b90, 0x550ca53, 0xa7724d1, 0x826962e, 0x7d31f5a,
-          0xa5804da, 0xf239322, 0x0275048, 0x3e11320, 0x3ee4cb6, 0xcbb1bb8,
-          0x1331191, 0xdb86525, 0x7d1d903, 0xb7caf9e },
-        { 0x77d7a9d, 0x06e3b05, 0xb3bbbf5, 0x7a132b0, 0x7c50575, 0xd61fbc5,
-          0xaf4b646, 0x393f712, 0xcb7efe9, 0xef77972, 0x5ea4995, 0x20e6d5d,
-          0xfbbe4c6, 0x0ac23d4, 0xc807f2a, 0x8456617 }
-    },
-    {
-        { 0x5396143, 0x4995fb3, 0xb99dc46, 0xa8b4bd1, 0x4150064, 0x2293e8e,
-          0x22a3545, 0x2f77d49, 0xb2192c4, 0xe866b03, 0x5e0aa38, 0x58b01f0,
-          0x2ed246b, 0xe406b23, 0xed60974, 0x447edb3 },
-        { 0x8869703, 0xf541b33, 0x383420a, 0x6959fe0, 0x4be4e48, 0xd6b39db,
-          0xb5714ef, 0x048f3b4, 0x5d9e4b8, 0x68b4968, 0x2177963, 0xbda8e6c,
-          0xc4211fe, 0x5094e35, 0x2d46d1a, 0xea591c3 }
-    },
-    {
-        { 0x2fef780, 0x3a768ff, 0x32970c6, 0x4218d28, 0xec6da17, 0xce598e4,
-          0xfbb126a, 0xf675645, 0x0427617, 0xb04c23f, 0xe4fce74, 0xc9f93fb,
-          0x3c91b00, 0x44a414b, 0x1d3b3cc, 0x4d982f3 },
-        { 0xb24cce0, 0xb1d40e8, 0x133e73d, 0x5a21c07, 0x0bb589d, 0x6e9358e,
-          0x2399844, 0x39cfb17, 0x166080e, 0x83f7647, 0x450b468, 0xcfe7bf8,
-          0x1e8434f, 0x2a288f7, 0x21a81e3, 0xd39f1e5 }
-    },
-},
-{
-    {
-        { 0x528af6f, 0x78c6f13, 0x94b74d9, 0x0001fe2, 0x01aab44, 0xae77425,
-          0xef0039c, 0x7cbe937, 0x0fa2a67, 0xaf3e4f0, 0xda1378e, 0xe28175f,
-          0x8ccd90e, 0x72adeed, 0x00af22f, 0x16a8ce1 },
-        { 0xcbf63dd, 0x69fae17, 0x9e39e26, 0x6786172, 0xf827a18, 0xe92b3d5,
-          0x8403682, 0x4d75e41, 0x9056a79, 0x01a4fd9, 0x20008f5, 0x89efb2d,
-          0xb78ff15, 0xa2f6918, 0xa3437f5, 0xf41c870 }
-    },
-    {
-        { 0x7be353c, 0xc840ae5, 0x3fb2691, 0x465a5eb, 0x7eba833, 0x34a89f0,
-          0x013346e, 0xf620896, 0xe875df2, 0x563b5f0, 0xfbc44ce, 0x5f7fc8b,
-          0xcfedf9d, 0x22fcb5a, 0x7dc691b, 0x7cf68d4 },
-        { 0x76a103f, 0x37f7c2d, 0xfd87b7d, 0x728a128, 0xccf2132, 0x7db2ad8,
-          0xb100e63, 0xa4c13fe, 0x7b511d5, 0xcd28a51, 0x721ca5c, 0xb910280,
-          0xd84bd52, 0xec1305f, 0x2729791, 0xb964642 }
-    },
-    {
-        { 0x5bc7462, 0x83fccdf, 0xd6f012f, 0x01f3dda, 0x3a6a87c, 0x57f1171,
-          0xff403ac, 0xedb47ce, 0xbaab073, 0x6c184e5, 0x6f0d6a1, 0x5b17c7d,
-          0x3ef2c91, 0x45a4c4f, 0x86a8f41, 0x26c3f7e },
-        { 0xb646514, 0x81a6db0, 0xca8b9ae, 0xf84059f, 0x9f02305, 0xd73dab6,
-          0xc4b7c6c, 0x0de3fae, 0x696df2f, 0x18abb88, 0x75d7740, 0x45dd1b9,
-          0x9ee35bc, 0x3aeccc6, 0xb029f88, 0x478252e }
-    },
-    {
-        { 0x8b2ce15, 0x66bf85b, 0x335709d, 0x1175425, 0x8123874, 0x00169ef,
-          0x9b89868, 0xfd3c18c, 0x775204e, 0xb3612f9, 0xc2cd510, 0x4b8d09d,
-          0x14559ad, 0xafa12e6, 0x9657493, 0x1ddaa88 },
-        { 0x1e77a08, 0x87d700b, 0x14d2e71, 0xaf4cf2f, 0xbf90c94, 0xe00835d,
-          0x6dc8429, 0xb16a6ec, 0xf8a4d92, 0x02a7210, 0x3d0c48d, 0x5a5ab40,
-          0xb5b9bea, 0x0052b3a, 0xe138f89, 0x6242739 }
-    },
-    {
-        { 0x16b2819, 0x7c215d3, 0xfeb9d7a, 0xdacb65e, 0xd833423, 0xc3c569e,
-          0x886a058, 0xbc08435, 0x7e5cb61, 0x132c4db, 0x9422aff, 0x6373a27,
-          0xfca9fc4, 0x43b9d7e, 0xdbe465f, 0xe3319a5 },
-        { 0x0b39da7, 0x51d3687, 0x4b75492, 0xcb6d798, 0xeadd87a, 0x77eb272,
-          0xe0d3f6c, 0xf2fb47d, 0xf9f791c, 0x807fd86, 0x975e885, 0xf01086b,
-          0xb6a3604, 0xf9314b5, 0x67be852, 0x8cd4538 }
-    },
-    {
-        { 0x858f79b, 0x7c1e6b3, 0x938caf9, 0xf0477c4, 0x3e88c44, 0xb311bbf,
-          0x1e3a3c1, 0x9234c09, 0x95a1d4d, 0x531af2b, 0xb8d1c64, 0xf3cc969,
-          0xb51e78d, 0x6f3c328, 0x34e8881, 0x5a1bd6c },
-        { 0x3a9336f, 0x2e31239, 0x5ced897, 0x020f0cc, 0x5fab121, 0x4b45d7b,
-          0x1841210, 0x8068b1c, 0x8349170, 0x1bd85fc, 0x0f97fe5, 0xfe816d8,
-          0x14b84fc, 0x1089818, 0xb93cd48, 0x1d4fabb }
-    },
-    {
-        { 0xaef599e, 0x1f11d45, 0xb09c58a, 0x8d91243, 0xd08c3c3, 0xd2eec7b,
-          0x3b02793, 0x5a6039b, 0x8fb2c00, 0xb27fed5, 0xe8acf5e, 0xb5de44d,
-          0x6e6c698, 0x2c3e0cd, 0x777180d, 0x2f96ed4 },
-        { 0x96d0e36, 0x67de8bf, 0xc9b6d65, 0xd36a2b6, 0x637d59c, 0x8df5d37,
-          0xc8d9878, 0x951899f, 0xb13fcf8, 0x0fa090d, 0x1f5c7b4, 0xa527081,
-          0x513a37a, 0x56a6560, 0x14dc1fe, 0xc6f5530 }
-    },
-    {
-        { 0x94945d6, 0x7f6def7, 0x8cc8832, 0x2f52fe3, 0xa812ff5, 0x0228ad9,
-          0xbb8478a, 0xcd282e5, 0xbe91b07, 0xa0bc9af, 0x11165e2, 0x0360cdc,
-          0x7b857e4, 0xb5240fd, 0xfa36b08, 0x67f1665 },
-        { 0xad2c93f, 0x84ce588, 0xe8ff4c0, 0x94db722, 0x489c8a3, 0xad2edbb,
-          0x7e5f278, 0x6b2d5b8, 0xd1d0798, 0x0265e58, 0x4c5589e, 0xd2c9f26,
-          0x4e4074d, 0xde81f09, 0x303089f, 0xc539595 }
-    },
-},
-{
-    {
-        { 0x83e882c, 0x183492f, 0xb5e6c12, 0x4d58203, 0xefec20b, 0x1ac96c3,
-          0xe1cd15e, 0xabd5a5b, 0xcbbb14b, 0x7e1e242, 0xd0543b3, 0x9f03f45,
-          0xd678158, 0xc94bc47, 0xa446cad, 0x7917be0 },
-        { 0x9b37394, 0x53f2be2, 0x064cc76, 0x0cb0a6c, 0xfba3da3, 0x3a857bc,
-          0x80fcb49, 0xac86bc5, 0x30ab146, 0x9d5336e, 0x5bc1270, 0xafb093d,
-          0xe5c3b6e, 0x996689d, 0xea076ba, 0x55189fa }
-    },
-    {
-        { 0x646ce03, 0x99ef986, 0x30e6100, 0xa155f81, 0x29b6b07, 0x75bef17,
-          0x1de077b, 0xc46f08e, 0x7ed0526, 0xf52fdc5, 0x61a299a, 0xe09d989,
-          0x7b8e93a, 0x9527329, 0x0acd185, 0x11255b5 },
-        { 0x4a6acdd, 0x57919db, 0x4451d74, 0x708a578, 0x283f7b3, 0x5b0bd01,
-          0xc3d9260, 0xe82f40c, 0x82bbdc2, 0x2ab96ec, 0xc164d87, 0x921f680,
-          0xc17a6a9, 0xf0f7883, 0x382a001, 0xc366478 }
-    },
-    {
-        { 0x2e40791, 0x5c9aa07, 0xa0776bf, 0xf0b72d6, 0xeaa50dc, 0x445f9b2,
-          0x6bda47f, 0xa929fa9, 0x3bbfc49, 0x539dc71, 0x006a78b, 0x4f16dd0,
-          0xeef39c7, 0x331ba3d, 0xc34157c, 0xbfa0a24 },
-        { 0x6a3b482, 0x0220beb, 0x6c43885, 0x3164d4d, 0xacdea23, 0xa03bb5d,
-          0x9d8f450, 0xd6b8b5a, 0xbd208fe, 0xd218e65, 0x35c476f, 0x43948ed,
-          0x0a2ed2b, 0x29a0dd8, 0x25295b7, 0xa6ccf33 }
-    },
-    {
-        { 0xac38939, 0xf68f15f, 0xf8010c1, 0xb3dd5a2, 0xa35f141, 0xf7ac290,
-          0x7388574, 0xdc8f3b2, 0xe95fed2, 0x7ec3de1, 0x257ac7d, 0xc625451,
-          0x664e55a, 0x66fc33e, 0x4832ba5, 0xd3968d3 },
-        { 0xc026448, 0x980291b, 0x24da4a5, 0xfcb2125, 0x827a360, 0xbca7df4,
-          0x85ca63b, 0xfcc395c, 0x8e9f733, 0xcf566ec, 0xd465f70, 0x835ee9b,
-          0x372f916, 0xe66d111, 0x04d9211, 0xc066cf9 }
-    },
-    {
-        { 0x8b48818, 0xb9763a3, 0x4288f96, 0xa6d23cc, 0xed3a229, 0xe27fcf5,
-          0xabaff00, 0x6aebf9c, 0x8131cd1, 0xf337503, 0xffabd58, 0x13ad41d,
-          0x861c83b, 0x1bee6af, 0x9c142e7, 0x274fe96 },
-        { 0x9b84b5b, 0x70ebcc9, 0x8191cfc, 0xe1a57d7, 0xcbf00b8, 0x46ccd06,
-          0xefe402d, 0xc233e8e, 0xbeebeb3, 0xb4ab215, 0xbd14e7b, 0xb7424ea,
-          0xa679578, 0x351259a, 0x471d684, 0x6d6d01e }
-    },
-    {
-        { 0x815ae38, 0x755c465, 0x611db56, 0xadc3e85, 0x188dd50, 0x633999b,
-          0xc12d907, 0xfdf7509, 0x238b6af, 0x25bcfde, 0x397f5e7, 0x50d705d,
-          0x944c974, 0xb65f60b, 0x27ac325, 0x8867fc3 },
-        { 0x3763eff, 0x2edc441, 0x341fb63, 0x892c0b3, 0xb3a7f28, 0xb34b83a,
-          0x15c2f18, 0x9aa106d, 0x1bb2277, 0x720bbc6, 0x5cfaefd, 0x637f72a,
-          0xf43e565, 0xf57db6e, 0xb58e772, 0xceb7c67 }
-    },
-    {
-        { 0x6ecc1de, 0x2793da5, 0x38f31b2, 0x4e10974, 0x8781267, 0x4229b4f,
-          0xdec04a1, 0xe5d2272, 0xec17cff, 0x6abb463, 0x0cbb048, 0x28aaa7e,
-          0xd22ef85, 0x41dc081, 0x5e63d0f, 0xcbc361e },
-        { 0xad5dbaa, 0xb78aafc, 0xfc1edc3, 0x0111505, 0x92c7bfa, 0x63ed66d,
-          0xe468919, 0x2982284, 0xb8c0d8c, 0x30f1f21, 0x2685093, 0xf056747,
-          0xf03dd0f, 0x0e085b6, 0x5581e66, 0xa8c8db8 }
-    },
-    {
-        { 0x264ad0c, 0x42009a6, 0x593bef4, 0x13bf2b8, 0x5d4e8b1, 0x1d11190,
-          0xef7bddc, 0xfe3e940, 0x624e62c, 0xa012275, 0x1d6d3cc, 0xcb65924,
-          0xedb7ab6, 0xc7bcc70, 0xb750b1c, 0xff9fafb },
-        { 0x7fea84b, 0xf65df29, 0x90b0e02, 0x17c84a8, 0x301e821, 0xa92a859,
-          0xfb480d1, 0xbee8cb2, 0x59c604e, 0x7010b8c, 0xe803c43, 0x47bf3f4,
-          0x47b3fff, 0xd645142, 0x9f0da13, 0xc4c5dcb }
-    },
-},
-{
-    {
-        { 0xb5253b3, 0x8af700c, 0x206957a, 0x31ca605, 0x3eafdcd, 0x2574439,
-          0xd3ae15e, 0x2ba5ae1, 0x5b82579, 0x710b738, 0x112b95a, 0x145ab57,
-          0x38c55c5, 0x4b133a0, 0x2a16fef, 0xf7559c9 },
-        { 0xd9ba896, 0x70c3e68, 0xc33d07a, 0x475dd32, 0x3a41e40, 0xe084e47,
-          0xfd2e706, 0xddc9382, 0x79510bd, 0x34b7275, 0xa5f901e, 0x5e78a69,
-          0xdcfb823, 0x429dfd7, 0x014f0a3, 0x1d9dc18 }
-    },
-    {
-        { 0xaf403d7, 0x364fcdf, 0xb7d7b34, 0xd9ea4ff, 0xcbb1dac, 0x21a3426,
-          0x143b4f5, 0xfa51052, 0x6df2409, 0x2bca073, 0x8ad7285, 0x7e6985a,
-          0x4aaa27f, 0x3a1a9d0, 0x9fc0c6c, 0x1a815e1 },
-        { 0xbb65bb3, 0xfab6147, 0x33ced0b, 0xa36dc0d, 0x2062d78, 0x26a8859,
-          0x28a5fb7, 0x3438617, 0x4ebb1ad, 0xe82da25, 0xd05aa11, 0x70f5071,
-          0xadaac48, 0x0b7f847, 0x93cb269, 0xeb812bc }
-    },
-    {
-        { 0xf7caccc, 0xcb317cc, 0xcf85098, 0xd3410d9, 0x7f078d7, 0xca68c8d,
-          0xb782efc, 0xfe9e812, 0x5f544b5, 0x32e7c0f, 0x3a7b7f2, 0x44fe95a,
-          0xe91327b, 0xf4f1543, 0x76645ed, 0x27d118d },
-        { 0xd7abc2c, 0x690547c, 0xb53c8af, 0xf64680f, 0x79ea989, 0xbe0cbe0,
-          0xa91af28, 0x6cf0cce, 0x9daa2f9, 0xa3b85a2, 0x91faed0, 0xd4b663c,
-          0xa8b20ba, 0x782c7b7, 0xb8d98ce, 0xf494faf }
-    },
-    {
-        { 0x002f55a, 0x080c0d7, 0x2d6d9dd, 0xf4f8f14, 0x382f025, 0xb326229,
-          0xad28c20, 0x58fd0b5, 0x8d06a15, 0x704b992, 0x7fbd8e4, 0xf4545d9,
-          0xed55581, 0xc32fa63, 0x01ac0fd, 0x3ab7936 },
-        { 0x6099fd1, 0x13ece52, 0x9c79178, 0x776dba8, 0xce26c45, 0x8d28212,
-          0x60d739c, 0x09fddaf, 0xa84826e, 0xf9931ed, 0xb29439e, 0x6e73d90,
-          0x9095e61, 0x94cfefc, 0x802f474, 0x3050d16 }
-    },
-    {
-        { 0x9f6394b, 0x0898f8f, 0x88b0e91, 0x48b8cea, 0x4c1b362, 0x4bc9925,
-          0x827d9ec, 0xe3fccb4, 0xd950d6a, 0x5d4cf9a, 0x39b5b38, 0xa16f1ef,
-          0x620f288, 0x3c76d1d, 0xe119390, 0x9fdd059 },
-        { 0xfb5edf8, 0x7b5de9e, 0x769d14e, 0x3e290b9, 0x6bd10b5, 0x4df3a91,
-          0x82f8f7b, 0xae99bca, 0xc9524af, 0x5481d5d, 0x69504f1, 0xf112e4f,
-          0x51931ec, 0xb048f09, 0x18f51b1, 0xbff876a }
-    },
-    {
-        { 0x46c1c37, 0x932e2a7, 0x9aea4c1, 0x903ad52, 0x8f161f2, 0x717ac91,
-          0xf425e2a, 0xa57d197, 0x7f39e0e, 0xae89dac, 0xbaa2a58, 0x91655c0,
-          0x54836dd, 0xe3dc286, 0xa9ec9e6, 0xb5f0baa },
-        { 0xbdbda04, 0xf7c4662, 0x51059c0, 0xbe5393b, 0xdd95b0f, 0xb16d552,
-          0x1b3bd96, 0xde495b3, 0xc0206c5, 0xb2a6e02, 0x014d3a9, 0x045cc09,
-          0x2a2f490, 0xf66a315, 0xc5dea05, 0x208c108 }
-    },
-    {
-        { 0x65237ea, 0x6e38b68, 0x9f27fc6, 0x93a1303, 0xa95068a, 0x9a6d510,
-          0xe7c9e54, 0x6fbf216, 0x571ac1d, 0x7824290, 0x91c2a0c, 0x8cb23ba,
-          0xc7e434d, 0x611202e, 0x76058b4, 0x8f901bf },
-        { 0x0849588, 0xef0ac05, 0xdd31804, 0xe0d2dde, 0xeb2ca81, 0xaf5417c,
-          0x5d1a509, 0x420ac06, 0x9683bb6, 0x46e345e, 0xf613f7f, 0x6daf635,
-          0x48a9576, 0xc9e8291, 0x176d147, 0x5f9f1d1 }
-    },
-    {
-        { 0x77e9709, 0xd24ae1d, 0x0047b8a, 0x77751dc, 0xc6a1593, 0xe325334,
-          0x671f86a, 0x9baf962, 0xc29a15e, 0x425af6a, 0x2796e33, 0x3108600,
-          0xfc253a5, 0xb6ea78c, 0xafae0ea, 0x4c733e0 },
-        { 0x97c99b9, 0x4b7443a, 0x50203a6, 0xc14e9e4, 0x52680ba, 0xd1bb515,
-          0xd55533a, 0xa56a3ef, 0x169e1a0, 0xa66e38c, 0xeed7da0, 0xb3e4df9,
-          0xddce3d9, 0x022c937, 0xf6e36b4, 0x8552089 }
-    },
-},
-{
-    {
-        { 0xf5cc82e, 0x8e4bf95, 0xc3ed6c9, 0x2ad80c3, 0xc9045e1, 0xf2e5b2c,
-          0x59b06d4, 0x42c9065, 0x7b43b84, 0xc1f7379, 0x72d7992, 0x1710dbf,
-          0x767b41c, 0xe98cf47, 0x7bfb9e9, 0xe713fce },
-        { 0x9fa5134, 0x9f54ae9, 0xde40d0e, 0x3002fd8, 0x9311334, 0xdc282b7,
-          0xbfeb360, 0x5519810, 0x0f96ffe, 0x31539c7, 0xd27777b, 0x04eacc0,
-          0x8ff5053, 0x5982410, 0x32b67ad, 0x5982366 }
-    },
-    {
-        { 0x6bea5c2, 0x6eb4554, 0xd509a33, 0x82cfae0, 0x394bb59, 0x6a69bd8,
-          0x5770ee1, 0x1880d8d, 0x7dacf9e, 0x6351844, 0xf02b891, 0x5b1ecc5,
-          0xb6c9a5a, 0xeb7d900, 0x8897da8, 0xdab8a76 },
-        { 0x98851a6, 0x28c7be5, 0x4d73c3b, 0x0101d4f, 0x5084996, 0x3c2569c,
-          0x280bde0, 0xb9bc911, 0xcd0d4f9, 0x513a22a, 0x2a15f3b, 0xdf2986d,
-          0x2aa4943, 0x231c28f, 0x0333870, 0x29623ad }
-    },
-    {
-        { 0x4084416, 0x2ceb178, 0x49516cd, 0x924cf1c, 0x4be856f, 0x76536c0,
-          0x47a265b, 0x11b59cd, 0x4999494, 0x720dc84, 0x007b795, 0x910f794,
-          0x2d3df83, 0x8434e14, 0xbd478d3, 0x8f53878 },
-        { 0xaeb9c2f, 0xd9b072e, 0xfd8a29f, 0x16f87ea, 0x2fd0de1, 0x8c42f9b,
-          0x0e816ef, 0x916721e, 0x18bde37, 0x2ecb470, 0x2375da2, 0xcde3b7a,
-          0xef94281, 0x30d0657, 0x5cd7af8, 0x5105456 }
-    },
-    {
-        { 0x4bdced3, 0x7230b33, 0x0838569, 0x0c6a3e1, 0xe3493b8, 0xf19c9ec,
-          0x0d97c57, 0xf275927, 0x0c862eb, 0xf14181e, 0x32c72bc, 0xfd3bac1,
-          0xf3be362, 0x620563f, 0x47283b7, 0x672ccaf },
-        { 0x2b7bf16, 0x191e3fa, 0x520dad7, 0xf838633, 0x3629d87, 0xd3dde55,
-          0xaf86ebe, 0x14d8836, 0x221b2ce, 0x3db7dfb, 0x0aed72a, 0x3872abb,
-          0x8c665b7, 0xb60de52, 0x44982cb, 0x89c2596 }
-    },
-    {
-        { 0x4dbba25, 0x799a2de, 0xa42715e, 0xd818aae, 0xf55c362, 0xbc88f4d,
-          0x713c9ae, 0x142a163, 0xfbfb33f, 0x411e8ee, 0x6bb684a, 0x34b4629,
-          0xdc81817, 0x4344bec, 0x17f9d46, 0xcc9573d },
-        { 0xff38a7d, 0xf85f8bc, 0x0caf117, 0xa14bf73, 0x4ba6429, 0x126874f,
-          0xaa5db97, 0xcc9bf22, 0x6aba827, 0x62b56df, 0x9c9772a, 0xfee1cb8,
-          0x177e541, 0xe36838f, 0xadd438f, 0x698815d }
-    },
-    {
-        { 0x38ed1ad, 0xc9fd894, 0x7b6a601, 0x73cd79d, 0x05e8d20, 0x2210e62,
-          0x3592af5, 0x72384ac, 0x763d07e, 0x5ccc079, 0xa5f79eb, 0x2f31a4a,
-          0x2945a95, 0x693f4ed, 0x8056fdc, 0xc712017 },
-        { 0xdf4b09a, 0x361ecd2, 0xb7d929a, 0xa5644ea, 0x3fabe9a, 0x34abc0b,
-          0xe942a8c, 0x1a2473c, 0x6454bc3, 0xe00c924, 0xdff7366, 0xab324bc,
-          0x21b8f99, 0xe1412f1, 0xe33551e, 0x970b572 }
-    },
-    {
-        { 0xbd0a6b5, 0x6ca4cac, 0x921d654, 0x5584787, 0xc809bda, 0x18e5253,
-          0xf0cbe5e, 0x01b32c3, 0x0f987dd, 0xb9aa754, 0x6dfa4db, 0x628f4bb,
-          0x891890b, 0x0255f0b, 0x874e590, 0x25b7df4 },
-        { 0x8ed5f95, 0xbded318, 0xca93023, 0x9dc428d, 0xbccf520, 0xc68f25a,
-          0xe616e6c, 0xc4f3764, 0xa1d9993, 0xd9a57f1, 0x533431b, 0xd1964a5,
-          0x02ab6d0, 0x06cd77f, 0x03e52e0, 0xa660791 }
-    },
-    {
-        { 0x5f72700, 0xab08864, 0x0a1a44e, 0xf77b2ff, 0xc2a24b5, 0x43ebdd8,
-          0x4f564d7, 0xa6d6711, 0xf414160, 0x495df63, 0x76f6de6, 0xf5bacd7,
-          0x7c2b43d, 0x3011aff, 0x3241928, 0xbb1e64c },
-        { 0x5034073, 0xf70c572, 0x68f1e97, 0x891c62a, 0xb22e374, 0xed8eb2e,
-          0x7dbcc2f, 0xd3a53e9, 0xdc8f220, 0x1d06281, 0xace4393, 0x9eef48f,
-          0xd2abecd, 0x96014f5, 0x2653ceb, 0x1da7e09 }
-    },
-},
-{
-    {
-        { 0xd00bc94, 0x7593318, 0xc7262a2, 0x586f3c6, 0x958ad31, 0xea68f52,
-          0xd4e8bed, 0x6707fcc, 0xcb3f9ce, 0xb7e35d6, 0xf4b1be8, 0x2cbb6f7,
-          0x7b41aee, 0xa535268, 0xf7b39b8, 0x1d77845 },
-        { 0xeaf9554, 0xb1f3995, 0xfe9e7d4, 0x3250f70, 0xa00c23c, 0x62e5d1b,
-          0xc10e3bf, 0x5e422f5, 0xc25cec4, 0x7a18039, 0x7cc4d5b, 0xb4e66a1,
-          0x36d0e0c, 0xad7c5f6, 0xa4cf347, 0x9f40b12 }
-    },
-    {
-        { 0x51e3696, 0x697f882, 0xab0a648, 0xc89bc40, 0x9785804, 0x8f261a5,
-          0xb51a2bd, 0x4c7f900, 0x8a2dfcf, 0xd00e7af, 0xb642aeb, 0xf9c534d,
-          0xb63df0e, 0xea2a79f, 0xf2f64a4, 0x392a69a },
-        { 0xc331b6c, 0x0c0f01c, 0x6a5edb5, 0x414bf2e, 0x5068391, 0xfe5ed81,
-          0x62fbc34, 0x0a8078d, 0x54bca98, 0x78a4382, 0x3d727c7, 0xf7a49ae,
-          0xab4dffe, 0x96c1de1, 0x3b9440a, 0x45901f7 }
-    },
-    {
-        { 0xacfe46e, 0x3f1189f, 0x4467443, 0xdca6f46, 0x2eb5bcf, 0xac38542,
-          0x906bf72, 0xb02dce9, 0xfe1d454, 0xdd8cdac, 0x65f7218, 0xc26f04c,
-          0x6ea145d, 0xb474859, 0x5bdb315, 0xc53dc6b },
-        { 0x9ad7197, 0xbe5be74, 0x18b5ecc, 0x627e919, 0x9ea405d, 0x57c889c,
-          0x1a5360b, 0x2e5650c, 0x1b30b27, 0x42290df, 0x5242687, 0x4a07157,
-          0xd379133, 0x553ed1f, 0x01db019, 0xb9d7a07 }
-    },
-    {
-        { 0x56597dc, 0xcfe551c, 0x925ebd6, 0x81af92a, 0xf4e8d57, 0x83efe16,
-          0x1f640d3, 0x61bb431, 0x78b414a, 0xf80440f, 0x6c9e3b4, 0x72f3c63,
-          0x6a03c66, 0xb55f43a, 0xe417037, 0x47a9ded },
-        { 0xdbb612b, 0x1a7e287, 0xdbb9220, 0x895c3c7, 0x6c04764, 0xd50c86e,
-          0x53cf7ca, 0xed52698, 0xf74af55, 0xc78d799, 0xb969ff2, 0xb2ba0f2,
-          0x1c6530b, 0x06d4815, 0x165a575, 0x764a1fe }
-    },
-    {
-        { 0xc1b5ece, 0x4383a3b, 0x54ff148, 0x0563c88, 0x5af796e, 0x9a45279,
-          0x88e9953, 0xffba7c0, 0xb6a3001, 0xfe9fb5e, 0x25b6b19, 0x7950988,
-          0xd81be5e, 0x67c899a, 0x2f9d29b, 0xc89ac8d },
-        { 0x29ab8f7, 0x7c76ba3, 0x6e40f74, 0xb2a18c9, 0x3864d9b, 0x1b5056e,
-          0x9b582b8, 0xdfa503d, 0x7c9c68e, 0xfb03519, 0x6b3c22b, 0xdc50131,
-          0xa6c96ff, 0x38ab231, 0x8cb1c10, 0x4ea527c }
-    },
-    {
-        { 0xc05b4ed, 0xd632f20, 0xb2a032d, 0xe0199fa, 0x26812d7, 0x3732956,
-          0x013df13, 0x2aed855, 0x39f96ac, 0x92ca24b, 0xbb9751a, 0x620273d,
-          0xf7437a1, 0x5d0d21e, 0x077de56, 0x9de2a43 },
-        { 0x11a4674, 0x0569b12, 0x89c3989, 0xfc3923e, 0x2c5c770, 0x3d12704,
-          0x84e8c37, 0x0072b90, 0xac39f9a, 0x7178d4d, 0x778d345, 0x5f8292f,
-          0x77c7307, 0x9e5bf0f, 0xc3a20f5, 0x7691610 }
-    },
-    {
-        { 0x705fe96, 0x7c4ead5, 0xc8e464c, 0x377ec35, 0x7689954, 0x3e5b990,
-          0xa2d31ea, 0xc0f6949, 0xc580671, 0x839d395, 0xb215b09, 0x2f347a6,
-          0x683df83, 0xfdcfa33, 0x6af39a8, 0x6e12cc2 },
-        { 0x13a3bd2, 0xae46ec8, 0x59366f8, 0x03a7d3b, 0xb87aed4, 0xe2029d5,
-          0xfe1b83d, 0xbdc4e43, 0xdb8a1a8, 0x768437c, 0xea0dd7f, 0xe47acc3,
-          0x62a0af4, 0x550e0cc, 0x1a20962, 0xcaf2cbc }
-    },
-    {
-        { 0xf28a78f, 0x5a784f7, 0x07e9724, 0x952a9b5, 0x1bab7a3, 0x8ac5e41,
-          0xb7bc1e1, 0x1251e3f, 0xdc15e22, 0xe360f82, 0x95213f5, 0x3ac72da,
-          0x4dcd47b, 0x65ee9ba, 0x3af5952, 0xdfeab7b },
-        { 0x26fd3c6, 0x34c5c80, 0xf3ac7ee, 0xd977b08, 0x7dba2f6, 0x003bd01,
-          0xac98c8d, 0xcfc5cf8, 0x0e46922, 0x05eb604, 0xfaa9352, 0xc248b17,
-          0x395c7a7, 0xfa41c0f, 0xb71ee44, 0x29931d4 }
-    },
-},
-{
-    {
-        { 0x07861c5, 0xac087bb, 0x5ae8240, 0x3bd37db, 0xf94518f, 0x94c68ec,
-          0xff88a5b, 0xd32a378, 0x9b441d1, 0x42c8aaf, 0xfc07f12, 0x089db70,
-          0xd3d4455, 0x211c386, 0x546b158, 0x1db9af7 },
-        { 0x51bc927, 0xdfd1b65, 0x0733df4, 0x69c0493, 0x2aeb586, 0xdc72cd4,
-          0x823aa13, 0xeebdace, 0x56ad643, 0x51b3b3c, 0xd4e0426, 0xb983a99,
-          0x69c4ecc, 0xa1e5b6c, 0x45e6668, 0x37cd382 }
-    },
-    {
-        { 0x9f73aea, 0x158ce6d, 0x14ff475, 0x36a7749, 0xdc0b018, 0x0d4e424,
-          0x3946f09, 0xc2c4448, 0xfacda62, 0x7a7de3f, 0xb486709, 0x49a19e6,
-          0xdb61da7, 0x65094d8, 0x8f5ee87, 0x09edfd9 },
-        { 0xb37226d, 0xe460fcf, 0x69bf470, 0x3b9d039, 0x247ca22, 0x3d4d511,
-          0xc782cb1, 0xc7248d6, 0x00ad293, 0x91189a0, 0xe8abe75, 0x1244942,
-          0xbf52cdb, 0x9f88d12, 0xbbbcadf, 0x368463e }
-    },
-    {
-        { 0x8074f45, 0x419e4b3, 0x0771c83, 0xd3f8e2e, 0x2e68d34, 0xd2743b4,
-          0xb116a00, 0xc68b7db, 0xd84cc37, 0xfad2cf7, 0xb7a0f4d, 0xcfd27c0,
-          0x190e587, 0x3b9e23f, 0x751ca9e, 0x7bab499 },
-        { 0xa8f12ee, 0x3270861, 0x31b36d5, 0xee1f38d, 0xe4c0eed, 0x748bb31,
-          0x110ebad, 0x9be5c9b, 0xc8b6cb6, 0x728660b, 0x93d914a, 0x7bc9df7,
-          0xc88c859, 0x73a4f2c, 0xb4e7f0e, 0xbe4a2fd }
-    },
-    {
-        { 0xa450e77, 0xe566ff8, 0x6a13aba, 0xb0b4006, 0xcd7dc90, 0x483a510,
-          0x5fa9ccc, 0xb1a2013, 0xa80e67c, 0xeb0b631, 0x020801a, 0x7c34e1f,
-          0xf4e447c, 0x0257dc8, 0x74c6f0f, 0x7abe7d1 },
-        { 0xb19a576, 0xf115a3a, 0x064ca0e, 0x8f0474a, 0x351f99b, 0x999bb6b,
-          0x773edc3, 0x855254b, 0x427d717, 0x49f6c2f, 0x2e0cef2, 0x9f68253,
-          0x2ee34f5, 0x1fe126c, 0x80150f7, 0x1ec2cae }
-    },
-    {
-        { 0xc005b7a, 0x862c5af, 0xec4ef17, 0x61adea7, 0x007b446, 0xf885fd3,
-          0x9b0e30e, 0x25c129d, 0xfeec7e0, 0xbc10f25, 0xdf79ee1, 0x3901ac4,
-          0xfe9e19f, 0xad49db7, 0x360d050, 0xc8624d9 },
-        { 0xbf3260b, 0xc74a576, 0x8c010c2, 0xbde8024, 0x09b6977, 0xf155329,
-          0xd52dcf8, 0x6a5a82e, 0x29b9dfc, 0x4fbf59d, 0xc7b730c, 0x337d049,
-          0x3a89cd4, 0xb3deac6, 0xad2f2eb, 0x1e07595 }
-    },
-    {
-        { 0x3b7c84e, 0xa0b0a4d, 0x8cf2b00, 0xf132c37, 0xeaaa8ec, 0x192814b,
-          0x7b4b5df, 0xe7929f9, 0x42d0ab7, 0xf08a68e, 0x7b60cdd, 0x814afb1,
-          0x7d9c160, 0x78c348c, 0x44db217, 0xf8a9488 },
-        { 0xeaa2578, 0xcdefd88, 0xbd0e260, 0xf717f56, 0x1694d02, 0x7754e13,
-          0x181dbd8, 0x1254c14, 0x6e5f312, 0x0dacdd2, 0xcef87bf, 0xb8abdfb,
-          0xe74e2ea, 0xb985972, 0x002b424, 0x1717621 }
-    },
-    {
-        { 0x162df70, 0x92cc75e, 0x18ee849, 0x1e20c06, 0x26aa590, 0xc036b46,
-          0x4da5155, 0x31be67e, 0xf7213b0, 0x04911b5, 0xbb2e72e, 0x39261d7,
-          0x5c015a3, 0x9e84466, 0x298ae67, 0x2f59fc0 },
-        { 0x1701fcc, 0xa3ea7ba, 0x0ebd651, 0x87a5fa9, 0x301d7b1, 0xa607ed4,
-          0x3b2e271, 0xbd4ec5f, 0xdc4180f, 0x732a1a2, 0xfeaa8c1, 0xbe15d82,
-          0x66f2f3f, 0x1036702, 0x9e79ce8, 0xccfd397 }
-    },
-    {
-        { 0x70a54ad, 0x82ab835, 0xe3bec75, 0x5c1dee8, 0x54b556b, 0xf583ff4,
-          0xf461e60, 0x9220199, 0x87fc4e7, 0xdf61ca8, 0x0776dad, 0x6641fd2,
-          0x8edd061, 0x00c6edd, 0x55f7e87, 0xaf9b142 },
-        { 0x9bbe3ec, 0x73f15e4, 0xf8bc1fa, 0xdd3b788, 0x1b8ff86, 0xb24cc07,
-          0x41be58b, 0x6c260d2, 0x6b10ada, 0xec1c4e3, 0x7fdb985, 0xf6b4209,
-          0xd47c212, 0x0d0ac85, 0x07d78d1, 0x967191c }
-    },
-},
-{
-    {
-        { 0x843d0f3, 0x3b11638, 0xf27f10e, 0x4b89297, 0x863ba2a, 0x477236e,
-          0xadd280c, 0x1949622, 0x04da757, 0x7cd5235, 0x79e4ff7, 0xe0e99d2,
-          0x537da41, 0xb4ef894, 0x5a24ff1, 0xc55dde4 },
-        { 0xb587521, 0x18d8e21, 0x3777833, 0x8010b5d, 0xd3a54c8, 0x4af522d,
-          0x4c0ac13, 0x7cd476b, 0x4099f67, 0x4587e61, 0x605ee64, 0x494d0ed,
-          0xcc80903, 0x3218ba2, 0x0b2e169, 0x5ff56aa }
-    },
-    {
-        { 0x3a06c69, 0x51ec94e, 0x5e65c52, 0xa26d7be, 0xd44ee96, 0x156f113,
-          0xbf5b9b4, 0x70f0968, 0x5f5332d, 0x9b7e469, 0x6703829, 0x36c295f,
-          0xd04f492, 0x1522690, 0x728043b, 0xcf35ca4 },
-        { 0x190a7c3, 0xf9ca3e1, 0xf971b07, 0x53d2413, 0x9c48b49, 0xae59652,
-          0xfefff5c, 0x74672b8, 0xa7643b0, 0x0a3018b, 0x3e9b0a8, 0x51919e8,
-          0xc932fb5, 0x89ad33d, 0x643e687, 0x52a4419 }
-    },
-    {
-        { 0xd2d0acd, 0x7778990, 0x487fdf1, 0x3bdbcce, 0x2b03dd2, 0xdc413ca,
-          0x9a2b7d0, 0x278755b, 0x35ddd7f, 0x4ebb8b5, 0xbcbdb92, 0x0465152,
-          0x671d051, 0x34f22d6, 0x87192b9, 0x1ba04c7 },
-        { 0x83560c1, 0xb1693f4, 0x7d174e9, 0xe08a593, 0x64dc9af, 0x47ffdc4,
-          0xce8126c, 0x1123596, 0x1124628, 0x632d95f, 0xfee7c76, 0x66287ab,
-          0xc552332, 0xb40fe60, 0xe304e1e, 0x3f11729 }
-    },
-    {
-        { 0x5030a8c, 0x97a6ea0, 0x09c27b2, 0x6924198, 0xac9dd5d, 0x3308501,
-          0xbe73fdc, 0x9fed7fa, 0x0535286, 0xea55544, 0x6c9b832, 0xc7c07ab,
-          0xc51b967, 0x178c882, 0x86ee075, 0x6fa0c69 },
-        { 0xb8b5c4a, 0xbaa4a15, 0x3130c0a, 0xf83c0ea, 0x2800331, 0xcf8624b,
-          0x7ccbcb8, 0xade85cd, 0xf08445d, 0x971d7f6, 0x6a546dc, 0xfd480b7,
-          0xc93761c, 0xdc15a38, 0x9d04631, 0xc4c495c }
-    },
-    {
-        { 0x9470efe, 0x5f4cee8, 0x88d93ad, 0x9fe8961, 0xf4e49ce, 0x24783b3,
-          0x52ffb3e, 0x1bc7ed7, 0x6d81e17, 0xa3abe6a, 0x7a333c3, 0xd6bb8b4,
-          0x10a3527, 0x3485c0b, 0x31a9d10, 0x7cddc9c },
-        { 0xc38ca37, 0x0c78112, 0xdd2f8d8, 0x10e249d, 0xc511911, 0x72c88cc,
-          0x29a6c84, 0x4d75b5a, 0xa227b1e, 0xc74b267, 0xf8e35ad, 0x698390c,
-          0xe98d230, 0x8f27edf, 0x6bdc7f4, 0xec922f2 }
-    },
-    {
-        { 0xfc32e11, 0xac34023, 0x47200d1, 0xe0ae2f5, 0xbd98c82, 0xa7c7492,
-          0x7b02154, 0x3910b68, 0xe28ab6d, 0x6fdd06c, 0xd98b012, 0xd3a7e49,
-          0x9f54207, 0x4c1c82b, 0x45c176f, 0xef5bbe6 },
-        { 0xd3e71eb, 0x3d17960, 0x080e70c, 0x90d7e84, 0xbff5d9e, 0x83e6438,
-          0x535d85c, 0x1877e1f, 0xfbb69cc, 0x931ed6e, 0x1247848, 0xcf96265,
-          0x750da4e, 0x76d618b, 0x717fbf6, 0xc076708 }
-    },
-    {
-        { 0xeec5126, 0x80a5ac5, 0x3379c80, 0x6d05dd1, 0x2336d32, 0x514b089,
-          0x6725137, 0x586c006, 0x574f954, 0xab2365a, 0xac7d356, 0x3c89ea0,
-          0x27460ba, 0xf1f2edd, 0xab9870f, 0xf200ddb },
-        { 0xa35e885, 0xc8f1b2c, 0xe6e7550, 0x5d22f86, 0x9554615, 0x24b9a40,
-          0x616314f, 0xcb41107, 0xc976a11, 0xca752f0, 0xa08291a, 0x3e2f839,
-          0xf2c420e, 0x0cff22f, 0x82b9747, 0xafd603e }
-    },
-    {
-        { 0x810a3da, 0xaddeddc, 0xd3a87bf, 0x78b6c2d, 0xde3a04c, 0xbc7020b,
-          0x9b6d045, 0x47ab973, 0x0959358, 0x3b046d6, 0x509ee3e, 0x0f953e7,
-          0x69fc61b, 0x803dc86, 0x893c8d4, 0xcceaec0 },
-        { 0xb048a45, 0x21f8c40, 0xfcaea8a, 0xb535073, 0x90e360b, 0xe712c35,
-          0x8403338, 0x5d0f3f4, 0x7207f2d, 0xe0ea26c, 0xffd9e05, 0x20f6b57,
-          0x4788b00, 0xb97d68e, 0x1889cce, 0xb121554 }
-    },
-},
-{
-    {
-        { 0x464238e, 0x0079817, 0x0d381ca, 0x2110302, 0xd9f01b5, 0x1cc4c6e,
-          0x5a131b1, 0x5e35dc5, 0x06944eb, 0xb61848d, 0x29631a3, 0x83792a0,
-          0xafca0dd, 0xbe1017f, 0x782fcbb, 0x70aaa01 },
-        { 0x99945e7, 0xc63b7a0, 0xc4486c1, 0xe9164ec, 0x885f2c1, 0xb133e35,
-          0xc99ae02, 0x186f0d3, 0x2bf53e6, 0x2fca492, 0x48a02bc, 0xf922aa2,
-          0x0dd3dca, 0x4fe6490, 0xf6a8207, 0xe8c313f }
-    },
-    {
-        { 0x97caf1e, 0xc5b3583, 0x922a4b6, 0xa001922, 0xdf07c95, 0x67e36be,
-          0xb2f4f34, 0xabaa0ae, 0xdedc333, 0x66dc926, 0x38ec5b3, 0x82021c4,
-          0x00ab176, 0x82b4f26, 0x69c45af, 0x1b7c22e },
-        { 0x0924ad9, 0x07b0dbe, 0xa407dde, 0xe030936, 0x26ccd06, 0x66e1ce9,
-          0xe3505a9, 0xb50c108, 0xda98f51, 0x8b921e1, 0x20cf7c7, 0x449ca1a,
-          0xe67d079, 0xadb80c7, 0x834372d, 0x205aa54 }
-    },
-    {
-        { 0x19bf847, 0x1482b48, 0x5906f0f, 0xd6c16ab, 0x23ad060, 0x323fb17,
-          0xc832be7, 0x0346389, 0x2ee45bf, 0xe71b2d8, 0xfb22276, 0x761c37d,
-          0x5d70be2, 0xa9b3334, 0x5a0627a, 0x81a0656 },
-        { 0x99a6282, 0x3377503, 0xd0436f0, 0xafc8d2e, 0xc53342f, 0x22f71d3,
-          0x8939ad3, 0x66ca56d, 0x30e09ba, 0x15a9192, 0xa6de890, 0x261091e,
-          0xe78f2d5, 0x609d700, 0x8eaaf78, 0x8aa52ee }
-    },
-    {
-        { 0xce76258, 0xa398788, 0x494b975, 0x3031d07, 0x043dfe2, 0x4a6d652,
-          0xb4401ec, 0xdb1a849, 0xce8bbcc, 0xf81ebbb, 0x16efe9e, 0x937dd47,
-          0xef85ecc, 0x9c19350, 0x214273b, 0x260d932 },
-        { 0x77bf1a3, 0x1d7e21e, 0xa544eb7, 0x199d689, 0x94ced50, 0x9da5941,
-          0x8a0aeaa, 0x71a60be, 0x26d3b51, 0x183a0ae, 0x8df9728, 0x49f176a,
-          0x3230674, 0x744376e, 0xe25541c, 0xb2cb21a }
-    },
-    {
-        { 0x9a0071f, 0x7a72158, 0xe7d2a6b, 0xe19dd29, 0x55113f0, 0x3deb34e,
-          0xede573b, 0xef1f8eb, 0x5665e37, 0xa8f7ff9, 0xf2d7777, 0xa2c21ea,
-          0x91e2e39, 0x1387afa, 0x7db68f6, 0x04057b9 },
-        { 0x1c241f7, 0x8b9d5ae, 0x8e75993, 0x689588a, 0x5c0e2d4, 0x79585b4,
-          0x7b64974, 0xba1ef16, 0x1c08a75, 0x72685bc, 0xd572edd, 0xf0a5814,
-          0x5ab0e70, 0x71464a3, 0x339aea7, 0xc93c92b }
-    },
-    {
-        { 0x5b8a87d, 0x1917e2a, 0x3a82756, 0xea5db76, 0x6420e2b, 0x5bba2fb,
-          0x019372a, 0x5cc0501, 0xccc5efd, 0xb1ef8be, 0xf49c57d, 0xaf06393,
-          0x87a0bc4, 0x3ab1adf, 0x34fe6b6, 0x2ee4cca },
-        { 0x6b8ba9b, 0xd160668, 0x7efec13, 0xef137d9, 0x50abb76, 0x7b60465,
-          0xf753a00, 0xb40ec2b, 0xeaf8f1d, 0x696ed22, 0xd8ba3d8, 0x398c91f,
-          0x37db313, 0x11f2034, 0xfe5079e, 0xe1ec33b }
-    },
-    {
-        { 0xbdc81f0, 0x8a10c00, 0x6fe8e05, 0x5f39256, 0x14a368e, 0xa595dab,
-          0x38cec6b, 0x32b3181, 0x1b00d00, 0xd77afde, 0x4d9923d, 0x3c97928,
-          0x76e13dd, 0x78f0e7a, 0xbf75675, 0x5ee8e59 },
-        { 0x91b130c, 0x49ec893, 0xa47a441, 0x9416182, 0x76e2ce8, 0x54555b5,
-          0x349c40b, 0xcbdd2fd, 0x9392bbe, 0x10ae737, 0x2e2dab0, 0x270b111,
-          0xaf293f4, 0x5cb7712, 0xd6095c6, 0xfc22a33 }
-    },
-    {
-        { 0x0f15878, 0xdcb5bbd, 0xb6bba48, 0xbcf27ad, 0x7b70eba, 0x979913e,
-          0x158578a, 0x4c0f34b, 0x6ed6088, 0x53f59a7, 0x75b0fc2, 0x19b3b2c,
-          0x0153f3c, 0xad628dc, 0xcec1607, 0x5195a2b },
-        { 0xdfe0f7a, 0x95f8b84, 0x152920b, 0x935c6b0, 0x4da1056, 0x25f9e31,
-          0xb28c229, 0x4910a94, 0x8ee4d6e, 0x54b03b4, 0x694e3ed, 0xc991fc3,
-          0xdbe5709, 0x68c4c26, 0x63d7657, 0xc9cfce4 }
-    },
-},
-{
-    {
-        { 0xf52a44e, 0x21c9227, 0xe85bfbd, 0x7f105a2, 0x6268fc2, 0x887781f,
-          0xa2d7e35, 0x56ee808, 0x2d3930f, 0x14f9de5, 0xdcb561a, 0x4a4e356,
-          0x7f95598, 0x8736226, 0x5f34151, 0x211c342 },
-        { 0x0eaf9cb, 0x8fcb75b, 0x3d60ce2, 0xcc9edf9, 0xa5fe627, 0x54412c9,
-          0x842dd09, 0x6036a72, 0xa6c6099, 0x71ce668, 0x5386764, 0x02b30d7,
-          0x6f18e23, 0xb69bed3, 0xd1de9f4, 0x124c9b1 }
-    },
-    {
-        { 0xe69b531, 0xe8f8d95, 0xaff1049, 0xe1e115e, 0xeddea0c, 0x9087cd1,
-          0x7449916, 0x8ed55a5, 0x7808404, 0x8009f54, 0x17fea55, 0x990f216,
-          0xfe8ecf9, 0x68ba624, 0x56d1f47, 0x8ac2950 },
-        { 0x529dfb0, 0x3257887, 0x244c080, 0xc4a613f, 0x28672fa, 0xabb1ac0,
-          0x31eb291, 0xb2915c5, 0x8fababa, 0x6e368ca, 0x1fde498, 0x6b8c259,
-          0xf2a548c, 0x67724a1, 0xf90409b, 0x6b3b7e8 }
-    },
-    {
-        { 0xfae20aa, 0x5415003, 0x85df5ce, 0x95858a9, 0x0ac6bee, 0x42bc987,
-          0x39ea1a9, 0x8d843c5, 0xb571043, 0x5de200c, 0x1741a33, 0x084fcd5,
-          0x0009d1c, 0xe1ca20c, 0xe957e6d, 0x0271d28 },
-        { 0x9e3be55, 0x84cbf80, 0x1c578c6, 0xc804dda, 0x409a93a, 0xea85489,
-          0x972021d, 0x64a450a, 0xe681312, 0xc6a2161, 0x65bc111, 0x280bff9,
-          0x0f8526f, 0xd358a4b, 0x953a3ab, 0xd967be8 }
-    },
-    {
-        { 0x7dd066c, 0x4c5e615, 0x634c8d4, 0x37afd33, 0x42d8b87, 0xa3ac88a,
-          0x938b607, 0x9681e9b, 0x37fe4c8, 0x7a286ab, 0x2494245, 0xdeee574,
-          0x6af75a8, 0x184b9d3, 0x3670c04, 0x20f696a },
-        { 0xa39e8b9, 0x1340adf, 0x0850b2e, 0x03c1929, 0x2c0e1ef, 0x435ebd4,
-          0x142ee9b, 0x49de18b, 0x3f116f2, 0xb440b27, 0x2214463, 0xd94e9fa,
-          0x6311543, 0x1b0ddd3, 0x991ba3c, 0x1ae042a }
-    },
-    {
-        { 0x5bb47aa, 0xbc322f8, 0x54a5845, 0x9e25625, 0x21115f3, 0x96b65ae,
-          0xbb5757b, 0x46fbed4, 0x4c42dce, 0x18aec4f, 0x8d801f0, 0xc59caf6,
-          0x1205521, 0x9189463, 0x89feb7a, 0x66bd8e0 },
-        { 0xc529ee7, 0x39ebe95, 0x8eadb99, 0x28d8992, 0x6927544, 0x6058c78,
-          0xd3808ec, 0x877e7a5, 0x1c52eaf, 0x8f65111, 0xae221cd, 0xfb59812,
-          0xf890391, 0x22289c6, 0x4966e92, 0xa97695b }
-    },
-    {
-        { 0x6ff10f0, 0xf0a9122, 0xa2a65c8, 0x49a931b, 0xb1d3cb0, 0x3fcebbc,
-          0xca9685f, 0x70eb79b, 0xab38cb6, 0x82520b5, 0x76304c3, 0xccf991b,
-          0xaf8b07c, 0x575aab1, 0x5ed5efb, 0xec8166a },
-        { 0xc8689b1, 0xddc5698, 0xb2e78d7, 0x227c949, 0x8e07d91, 0x6132321,
-          0x22cfd62, 0x658a11d, 0x004dd5f, 0x908fb44, 0x90d21b1, 0xe3d14f0,
-          0xa6a1639, 0x6f3db9d, 0x333a525, 0x09d86c0 }
-    },
-    {
-        { 0x6f043f7, 0xd83eaf0, 0xb52d5f6, 0x88ab648, 0x57144d7, 0x67c664d,
-          0xeafc8b5, 0x55d7644, 0xcceb291, 0x1c89f20, 0x831ac47, 0x51aec7b,
-          0x6148854, 0x51172fa, 0xf6d7bfe, 0x8fabf7e },
-        { 0x477ee27, 0x5910316, 0x20fe61e, 0x5f299dd, 0x42826ab, 0x48079a8,
-          0x22591fa, 0xf4a83ba, 0x55482ec, 0x8fac660, 0x6b65b3b, 0x48fd5f1,
-          0x9fd9e19, 0x4288a7c, 0x9377894, 0x27db819 }
-    },
-    {
-        { 0x7fd9dd6, 0x2936ee4, 0x9ec87c6, 0xcce5f0e, 0xdb6e3b4, 0x15a50e3,
-          0xad701c8, 0x61df105, 0x1dff1f7, 0x3601add, 0xe8a16e1, 0xb761e06,
-          0x1af3f91, 0x4341e02, 0x933fa3f, 0x9156a4a },
-        { 0x54bc01d, 0x9dc46ae, 0x64eb910, 0x605577a, 0x5a59a99, 0x22b99f8,
-          0x0a229d8, 0xab2dbaf, 0x6599364, 0xa8bfb65, 0xe94ebf0, 0x39ed4a5,
-          0x0dbb23e, 0x7b46a1e, 0x8751422, 0x117b195 }
-    },
-},
-{
-    {
-        { 0x423bddf, 0xd19e8fd, 0x387ef59, 0x9d77042, 0x849590a, 0x315cbdd,
-          0x7866c1e, 0xfdc637c, 0x03515a6, 0x72be83d, 0x0376780, 0xd44a4a0,
-          0x19e0c2b, 0x3b96131, 0x7b1a689, 0x023aca3 },
-        { 0x82282ea, 0xf5f3687, 0x8a8b5c7, 0x4471089, 0x17a3066, 0xcd2f00a,
-          0x81ed681, 0x754e112, 0x0bfcefd, 0x9c6c70c, 0x3b6f29b, 0xd6aced0,
-          0x2817a2a, 0xe443d56, 0xe7c0012, 0xe590ef4 }
-    },
-    {
-        { 0x3e62e2a, 0xc2f9676, 0xb2daa26, 0x661816e, 0xdd5f512, 0x3515fd2,
-          0x56b6e75, 0xdc36e27, 0x74cc658, 0x0bdde46, 0x00e7644, 0x1029086,
-          0x1694a09, 0xfdf0045, 0xceac169, 0x454bcb6 },
-        { 0x6481eb6, 0xf4c92ab, 0x09750e7, 0x8b77afa, 0x6362d6d, 0xe6f4231,
-          0xf53a3ae, 0x0d45dee, 0xd7dcf98, 0xdac7aac, 0x125ec4a, 0x628cb7f,
-          0xaec0320, 0x41e8a20, 0xea2e35b, 0x7418c7e }
-    },
-    {
-        { 0xdf40519, 0x4d649ab, 0x3525833, 0x8cb22d4, 0x7a5333f, 0x15f6d13,
-          0x72c23ee, 0x8c3991b, 0x0cd44a3, 0x248b9a5, 0xccc1a75, 0x6b4c4e0,
-          0x15c99a9, 0x3221efb, 0x0a9c504, 0x236d504 },
-        { 0xd559100, 0x401c7fb, 0x07c524d, 0xcf0e075, 0x34a9275, 0x39647c0,
-          0xf7e8683, 0x2355422, 0xb3ae670, 0x3e0a16e, 0xad61b7f, 0x1c83bcb,
-          0x9ca6cbe, 0x491bcb1, 0x5e29458, 0xe668dc4 }
-    },
-    {
-        { 0x219379e, 0xe44c65b, 0xbb607ee, 0x211381b, 0xb7bc6db, 0xd4c7428,
-          0xb76a2e8, 0xba62a03, 0x8bb0b31, 0xe1729c9, 0xc6bbc10, 0x3caeb50,
-          0xb0187aa, 0x6c66727, 0xfb90dcf, 0xbf9d2f0 },
-        { 0x1184dc6, 0xec69350, 0x2698eb5, 0xd58d2a3, 0xa316b07, 0xb366d8d,
-          0x251c017, 0xe1e39bb, 0xadb157f, 0xbe44ba9, 0x8a8b06c, 0xbaa9a9a,
-          0x6e473e1, 0xd0f4635, 0x1d681c6, 0xd25a8f6 }
-    },
-    {
-        { 0xcb102c7, 0xba39d5f, 0xd8aa1eb, 0x66eba21, 0x697fbf4, 0xcc2591a,
-          0x2317f54, 0x5adb579, 0xf76c6f9, 0xa01ae71, 0x5042705, 0x2c525de,
-          0x4f4479f, 0xc8f4272, 0xe6d7a5b, 0x26ab54a },
-        { 0xdc28106, 0xda217b5, 0xeb2ae6a, 0xc7cadea, 0x53ea3b2, 0x0b16094,
-          0xcc6111b, 0xcddcc1c, 0xa7a7beb, 0x5c47aff, 0x0e52dab, 0xf9931bd,
-          0xc6dcf96, 0x5231835, 0xf27ea4e, 0x7095bde }
-    },
-    {
-        { 0xc33b4e2, 0xee8adae, 0x63ceb44, 0x3006651, 0x880b086, 0xf1476fb,
-          0x9569ce8, 0x0703328, 0x238b595, 0x2cabf9a, 0x26c8158, 0x85017bc,
-          0x68d5144, 0x420b5b5, 0xf9c696f, 0xa9f5f1e },
-        { 0xc8fec5a, 0x1409c3a, 0x28e9579, 0x541516f, 0x0e1f446, 0x06573f7,
-          0x2311b96, 0x3e3c706, 0x3c2ffd8, 0x0033f1a, 0xca6711c, 0x8e808fc,
-          0x07aef98, 0x716752d, 0x92525b3, 0x5e53e9a }
-    },
-    {
-        { 0x5a1c29f, 0xce98a42, 0x3ca6dc9, 0xaa70348, 0xedfa48b, 0xe77d822,
-          0x068abca, 0xd2e3455, 0x482cfca, 0xb456e81, 0x7fbfb08, 0xc5aa981,
-          0x8243194, 0x8979f25, 0x2cd043d, 0x727f217 },
-        { 0xaa53923, 0x7cca616, 0xe9bcb72, 0x387c5ae, 0x37580bb, 0x0173fd4,
-          0x75fc0d9, 0xdd7795b, 0x345deae, 0x47d1c37, 0xb0d1c03, 0x2eb5d7f,
-          0x958f002, 0xf7a1b92, 0x8f61b67, 0x7365cf4 }
-    },
-    {
-        { 0x562a5ed, 0x4b22c3b, 0x5c7cd07, 0x711216f, 0x9ba0648, 0x51f72c4,
-          0x0de9e6f, 0xc10d093, 0xfda63ba, 0xaca479b, 0xaf532b0, 0x4722a55,
-          0x7236f39, 0x8d59eb7, 0x4465c34, 0x5cad874 },
-        { 0x722b0c1, 0xa2119e5, 0xf343ea4, 0xb670264, 0xc19f387, 0x6910f02,
-          0x0381fba, 0xcfec5bc, 0x52c0a1d, 0x5f5de0d, 0x6378cb6, 0x4e474d5,
-          0x27e2ba3, 0x2fc8027, 0x159b541, 0xa215da3 }
-    },
-},
-{
-    {
-        { 0x8499895, 0xed53585, 0x65c998d, 0xa0aefd5, 0x2d5a561, 0x210d850,
-          0xa2cd9d6, 0xc2cc23c, 0xc4d297e, 0x2371d46, 0xd18d441, 0x88b2143,
-          0x043993d, 0xbebdad9, 0xad5f28d, 0x6ba91e7 },
-        { 0x3a731f4, 0xc2bb3f1, 0x5d0d5c3, 0xd35cfac, 0x35ac427, 0x9950998,
-          0x5458adb, 0x8938bb5, 0xab26f3b, 0x0bd738c, 0xa28cd8d, 0x56db3d5,
-          0xa1d8b4b, 0x87eb95f, 0xe7f3b4b, 0xd6700ef }
-    },
-    {
-        { 0xea1e57b, 0x962c920, 0x6dded6d, 0xd3be37e, 0x2c96a73, 0xf499b62,
-          0x6c99752, 0x3eaf7b4, 0x025590b, 0xa310c89, 0x721db23, 0x535aa4a,
-          0x19714a0, 0x56ab578, 0xd4048c1, 0xeecb4fa },
-        { 0x470c466, 0x7b79ec4, 0x1383cee, 0xc4e8f2e, 0x5750c45, 0x0f5d776,
-          0x725527d, 0xa3b3bc3, 0x6d00cce, 0x2f5deb6, 0x95a8d81, 0x5d5a0f4,
-          0xe02b824, 0x50a442e, 0x2a11628, 0xafb0446 }
-    },
-    {
-        { 0x0c613de, 0x72b67bc, 0xe6f0b24, 0x0150d4b, 0x8ed289d, 0x847854e,
-          0xa320f88, 0xe08292f, 0x29c6160, 0xd5b6da3, 0x4fb9d06, 0x2a48e2d,
-          0x2de087c, 0x55d9e41, 0x4f02100, 0x65683b5 },
-        { 0xa8886c6, 0x4dc8c2e, 0x20d6114, 0xe966dd2, 0xa57af97, 0x99745eb,
-          0xb854725, 0x23a9a71, 0x621a047, 0x8effe05, 0x049a4be, 0xf16d284,
-          0x5b0660f, 0x95828c2, 0x56e96b0, 0xd5b69ba }
-    },
-    {
-        { 0x4ffa0b8, 0x0b5b424, 0x096cc5e, 0x0585b45, 0xf505d37, 0x413e1ae,
-          0x0c7ab8d, 0xe5652a3, 0x2990120, 0xab32fb7, 0x3f09368, 0x6b8b16e,
-          0xefe128e, 0xbf9fadb, 0x14b7671, 0x85f366b },
-        { 0x090608d, 0xcb2f294, 0xac3045f, 0x25e2769, 0x6131904, 0x069c4f0,
-          0x329a779, 0x1c57cf1, 0xb7cace7, 0x72fe0d5, 0x0897a45, 0x04d9f43,
-          0x359a645, 0xbaf32f6, 0xfa7485a, 0x0fa854f }
-    },
-    {
-        { 0x5f56f60, 0xae3533c, 0x0ad9360, 0x9773bbb, 0x38fbe6b, 0x769b34a,
-          0xffb0c00, 0xb5ba8e9, 0x75472e4, 0xa939318, 0xce5f30f, 0x12cac92,
-          0xa9e7dbc, 0x514fc06, 0x58b4734, 0xd7ca865 },
-        { 0x65a730b, 0xd101ff3, 0xabe70e9, 0x92da451, 0xef7bf4b, 0xfb5f94a,
-          0x1d56c7b, 0x8c3ef4c, 0x8435c10, 0xb085766, 0xe7ed4cc, 0x7fbbbda,
-          0x24f372f, 0x1da6eaf, 0x59b8ae3, 0x0ab2c1f }
-    },
-    {
-        { 0xf10a4b9, 0x63a1a78, 0x0c7e510, 0xbb5278d, 0xf874142, 0x97b224e,
-          0xb2517b1, 0x0a9ff52, 0xc5cd920, 0x1b5a485, 0xa1823b9, 0x1a8e2eb,
-          0x0e914a8, 0x2b088c0, 0xcf13432, 0xe5ec3ad },
-        { 0x6e7e253, 0x0d6ab3e, 0x6f18458, 0x9f0f5cd, 0xf459a6d, 0x839a744,
-          0x1eb15f7, 0xb4b4f94, 0xc72cb14, 0xe0313ac, 0xb20472d, 0x58ee933,
-          0x872543e, 0x5f73d7a, 0x501f067, 0xb1700c5 }
-    },
-    {
-        { 0x085f67f, 0xb70428e, 0x43cabe5, 0x5441d51, 0xe0a6055, 0x4d0e8c2,
-          0x0882e4f, 0x8d39a08, 0xc1cb39d, 0x615bb32, 0xf7a1642, 0x113f18d,
-          0x250681f, 0xbab8cf5, 0x677b72a, 0x3017ba2 },
-        { 0x5a3a876, 0xcd2b6e9, 0x2035a69, 0x0476501, 0xefa2ea0, 0x31d6440,
-          0x56874d5, 0xde8f8d1, 0x0199d4a, 0xcbc71cd, 0xe7f2170, 0xc546b61,
-          0x112c4c3, 0x4e57e4e, 0xd1622ba, 0x58955a8 }
-    },
-    {
-        { 0x04e2f6f, 0x0064cd7, 0xe0edd38, 0xe9d458d, 0x7e0a5c8, 0xeb1a597,
-          0x01fc0a8, 0xe322ece, 0x1032a19, 0x8b9d166, 0xa89de94, 0x3e7b539,
-          0x001c754, 0xfa30262, 0xdb588f6, 0xe33de4d },
-        { 0x954eb94, 0x4dafbdb, 0x0584c1b, 0xbb43648, 0x5dbe29b, 0x622c93e,
-          0xf57b931, 0x968f9e3, 0x0f6453b, 0x98f03be, 0x08f696c, 0xb0ecc7f,
-          0xa505335, 0x5af55f4, 0xfb3fa9b, 0x028533e }
-    },
-},
-{
-    {
-        { 0x27e8d86, 0x3bc8e68, 0x63f105a, 0x4e43b30, 0x4981250, 0x5301b7d,
-          0x9f72fa8, 0x8b0a75e, 0x357348c, 0x88f59db, 0xec4208e, 0x5f0ebb1,
-          0xc043d3b, 0x4712561, 0xc806b97, 0x9e5ded0 },
-        { 0x2121d09, 0xf9bd0a6, 0xe337cd1, 0x1759ecb, 0xe945542, 0xd1acc0e,
-          0xbd2f63a, 0x3683feb, 0xda5dfe9, 0x44f1bcc, 0x707f22f, 0xa3606c9,
-          0x2d96ca5, 0x45ef064, 0x9022df9, 0xfc3107d }
-    },
-    {
-        { 0x44be755, 0xe81320b, 0x5c7c761, 0xdf213d5, 0xb4e5db9, 0xf43d2d5,
-          0x8dedcd2, 0x3bcfd82, 0xd37a9ec, 0xdf368a6, 0xf475a77, 0xfef20ae,
-          0x162c064, 0x22f5894, 0x0142a7d, 0x956bc66 },
-        { 0x7daec78, 0xaaa10e2, 0xb6e9a78, 0x3cb9b72, 0xe383f72, 0xa740bad,
-          0x7759007, 0xc31b401, 0xa7afc50, 0xdada964, 0xfd3d11f, 0x6bf062c,
-          0x5db3679, 0x9470d53, 0x03abf13, 0x3394473 }
-    },
-    {
-        { 0x46e5d7f, 0x533f440, 0x49048c8, 0xd1793e3, 0x1929b94, 0x59e1150,
-          0x8364134, 0xcddbbcb, 0x582774f, 0x795c794, 0xe03081a, 0x114dfc4,
-          0xef54042, 0x541ef68, 0x23f18cd, 0x159295b },
-        { 0x48a2c8c, 0xfb7e2ba, 0xbb6d116, 0xe2d4572, 0xd750b53, 0x7bb0b22,
-          0xd142ee8, 0xc58888c, 0x90c9e2d, 0xd11537a, 0xd02eb9e, 0x77d5858,
-          0xd444a79, 0x1fa4c75, 0xd58a68d, 0xf19b2d3 }
-    },
-    {
-        { 0xeb8b90f, 0x37e5b73, 0x3f2a963, 0x3737f7a, 0x9de35e0, 0x87913fa,
-          0x8731edd, 0xec7f992, 0x219491e, 0x6e6259e, 0x4de236c, 0xb2148a0,
-          0xfdd309b, 0x89700e8, 0x9f0bf80, 0x9ce51e4 },
-        { 0x301f17b, 0xe7ec421, 0x3bc5f4f, 0xa4b570a, 0x1285ee2, 0xc2b1b2a,
-          0xc53db73, 0x5e86bc8, 0xf24fa90, 0xb65fcea, 0x08ab024, 0x9e74c56,
-          0xf9ed877, 0x5c8003d, 0x4a2cbbc, 0xa632e9e }
-    },
-    {
-        { 0xc91c8b5, 0x32a4546, 0xc969363, 0xc122b5a, 0x3648b3a, 0xbbbec5e,
-          0x25143b0, 0xd5a365e, 0x54157ce, 0xcf3e464, 0xf9bab64, 0x9712f04,
-          0x04b4008, 0xc12d43a, 0x2edf1c7, 0x51932d7 },
-        { 0xb2f8470, 0xaef1655, 0x6c24ace, 0xaa8e3f3, 0x6b4e761, 0x7da75da,
-          0xb90bca2, 0xd371827, 0x0afb45c, 0x84db450, 0xef46b5d, 0xae12045,
-          0xd962f98, 0x91639a5, 0x72f2ac0, 0x669cbe6 }
-    },
-    {
-        { 0x83a4356, 0x851bb31, 0x9a1bf15, 0x7d436bf, 0x120b378, 0x46a3f0e,
-          0x3f5b357, 0x9302abc, 0x93fef53, 0x1e06726, 0x5fd2ee9, 0xb12f4a9,
-          0x7de9433, 0x94a884c, 0xa6f2874, 0x2645234 },
-        { 0xcdb8dfa, 0x6fb56f5, 0x9e0ee4e, 0x4a17dfc, 0x83ab01e, 0xe269d83,
-          0xb77c10f, 0xda932da, 0x0321243, 0x463af0c, 0x16fc8a3, 0xbe1d682,
-          0x48b39e3, 0x2eae3ea, 0x3b03e7b, 0x9423021 }
-    },
-    {
-        { 0xb22f28a, 0xaeb507c, 0x49a6b44, 0xa77458b, 0xc03dc17, 0x232ed5a,
-          0x9c61ac6, 0x79dfc16, 0xcd71b93, 0x7c48be9, 0xc429cd9, 0x983d68a,
-          0x98ae2c8, 0x7709c47, 0xa5df075, 0xe4765c0 },
-        { 0x3367f33, 0x23c4deb, 0x37d72a7, 0xbdf2b7e, 0x0af2d26, 0xbaab5c7,
-          0xfd026ab, 0xd609f7f, 0x541b039, 0x23b72b2, 0x83be852, 0x8d06bac,
-          0xcb23d1c, 0x911d4a9, 0xfb0dbd7, 0xeae815c }
-    },
-    {
-        { 0x2c33481, 0x487c35c, 0xb6136db, 0xffab636, 0xa3d3aa4, 0xccd4dae,
-          0xc3704e0, 0x87149bb, 0xc0e8396, 0x9de8119, 0x58e7ca6, 0xd49357a,
-          0x1562d75, 0x6878918, 0x5ab1fad, 0xc745381 },
-        { 0x02c9b91, 0x0f15798, 0xb1ddde5, 0x7ffc3f0, 0x6aae50d, 0xa01d5e0,
-          0xe279873, 0x6a97e65, 0xb5b1b41, 0x4bcf42f, 0x32f5982, 0x1c6410f,
-          0x50701c8, 0xd4f7600, 0x873b90d, 0xff02663 }
-    },
-},
-{
-    {
-        { 0xe5b2de2, 0xdc53ea2, 0x38acecb, 0x94b352d, 0x0d9d5e5, 0x37d960b,
-          0x90bd997, 0xabd868f, 0x35a7376, 0x781668f, 0x10118bf, 0x043d597,
-          0xf57928a, 0xd4da719, 0x983e46c, 0x01942f6 },
-        { 0x728bd76, 0xab97fc8, 0x4b5c1c5, 0x825956b, 0xc82a104, 0x202809f,
-          0xc8e3132, 0xdb63e9c, 0xc2181af, 0xa41c701, 0x43e066a, 0xd280180,
-          0x24044ce, 0xc734e41, 0x505193c, 0x4d9ab23 }
-    },
-    {
-        { 0xf9f0c3f, 0x0bcd42a, 0xb94a218, 0xda21a46, 0x0ffc788, 0xe55243c,
-          0x47a5551, 0x318aae6, 0x79af9cb, 0x8c2938b, 0xec1dce5, 0x5d15232,
-          0x8ad2e5c, 0x3d310ba, 0x94f792a, 0xd3d9724 },
-        { 0x12a9553, 0xdeb4ca1, 0xeb54d9d, 0x2f1ed04, 0x69fb7a1, 0xaa9c9cf,
-          0x54dcd3a, 0xeb73c3a, 0xf5f201f, 0xee3eddc, 0xba7d234, 0x35f9e1c,
-          0xd2e242f, 0x1d1d04c, 0x0df7515, 0x48df9d8 }
-    },
-    {
-        { 0xa81dd9a, 0x4ecc77d, 0x03aa015, 0xa6ac4bb, 0xbbc4fed, 0x7645842,
-          0x9d6cf52, 0x9ae34cd, 0x5917e0b, 0xf8ff033, 0xc2cc175, 0x7c9da37,
-          0xaaacfbe, 0x1e74dcc, 0x7999af8, 0xa8f2df0 },
-        { 0x102a466, 0xd06c4ea, 0xae190dd, 0x2156e87, 0xec4a863, 0xc95db8a,
-          0x244a6fe, 0x49edffd, 0x904f81e, 0x110fae6, 0xa1cd104, 0xbaa3e50,
-          0x0478b65, 0x5bd38a2, 0xdaefbcc, 0x2b57d05 }
-    },
-    {
-        { 0x86f4534, 0x1ce92ba, 0x414f5e3, 0xb2a8592, 0x9979436, 0xdd7a4c6,
-          0x3f0add7, 0x7599aff, 0xe2d4f64, 0xe0ce4d3, 0x401a29f, 0x74475cc,
-          0xa2377d9, 0xaef6541, 0x3f917b6, 0x54048f5 },
-        { 0x05312ec, 0x1b86b22, 0x31493cb, 0x779ba22, 0xaac9320, 0xc718369,
-          0x617fce4, 0xeab01a8, 0xf7187fa, 0x17b1f10, 0xa1aca46, 0xe68eda0,
-          0x2586342, 0x61033fe, 0x0b6ca43, 0xfc14e79 }
-    },
-    {
-        { 0x13d2491, 0x9f22319, 0x7997202, 0x66bdb53, 0x4617f34, 0x0bafb0c,
-          0xf3bb7b3, 0x5917831, 0xb45bddb, 0x6feb2a6, 0x0202c19, 0x08662b3,
-          0x05852f6, 0x0bc2b57, 0x91818c2, 0x2c00fd4 },
-        { 0xda37dac, 0xca7672c, 0x5a30865, 0xfe4c04c, 0x322e92a, 0x5f1399f,
-          0x25b1beb, 0xe7d67ea, 0xdce7f68, 0xe08b014, 0xf2f2b3c, 0x24df52a,
-          0x750ecd1, 0x2028b23, 0xc810a45, 0x9b25d4b }
-    },
-    {
-        { 0x7a9d799, 0xa35b715, 0x01f9c99, 0x6da1eb3, 0xe363ba8, 0x33ef91c,
-          0xce140da, 0x21c0e2e, 0x158cd84, 0xb0b11bf, 0x93da438, 0x6a87442,
-          0x3db585b, 0x924f10d, 0x10c6159, 0xf5ddd73 },
-        { 0x6a74c21, 0xb72dcb8, 0xcc8f79f, 0x6d14198, 0x9c5a8d6, 0x99f4b6c,
-          0x90e135c, 0x0639688, 0x83f6385, 0x330edb8, 0x9079675, 0xe1a5a6b,
-          0xb8f5fe0, 0x6e37fa8, 0x61dca1e, 0x60e2fd9 }
-    },
-    {
-        { 0x66c395e, 0xc6cb403, 0xb51d0f1, 0x03b21a7, 0xe693181, 0xbc478a5,
-          0xc6cff33, 0x0017c2f, 0x39d8d1e, 0x740a5b8, 0x4d9ec6d, 0x3968d66,
-          0xb0ef1b0, 0xfd53738, 0x1ed0a04, 0x73ca8fd },
-        { 0x75ab371, 0x4ace938, 0xddad7e9, 0xd602936, 0x750bcc2, 0x1f5424a,
-          0x68c7a17, 0xfe09b36, 0x58341ec, 0x165f7de, 0x6ce61e5, 0x95b825a,
-          0x66c83c4, 0x9d31e19, 0xcc5887b, 0x65b3e08 }
-    },
-    {
-        { 0x21482d1, 0xd37e932, 0x08b6380, 0x9af6597, 0x7d61e4b, 0x279426a,
-          0x80997ad, 0x80dd0ec, 0xd5b76d4, 0x7239b0d, 0xe76c098, 0x92e6c73,
-          0xeab3e1d, 0xeeb2321, 0xeb1a910, 0xa69c4a7 },
-        { 0x833d9ae, 0x46d6aa7, 0x572b0fe, 0x3ee6957, 0xcdb3d97, 0x44ccbed,
-          0xcbea01b, 0x342f29d, 0x8926876, 0x0d518c5, 0x5585d2c, 0xaaabae7,
-          0xe008f58, 0xc548c77, 0x21fab2c, 0x819e2fa }
-    },
-},
-{
-    {
-        { 0xc16e981, 0x468e149, 0x9ddbb7c, 0x286c790, 0xdb7a38a, 0x2a92d47,
-          0x8a27cb2, 0xde614e6, 0xe5b0ab6, 0x8dc8822, 0xcf48565, 0x38441ae,
-          0x089435b, 0x11ed5c9, 0x82d0d31, 0x2389286 },
-        { 0x72f2f31, 0xc6698d4, 0x56d76af, 0x295242c, 0xeba563b, 0x4099205,
-          0x3ab7384, 0xae7de5a, 0xd0ed86c, 0xccdf127, 0x965c3c3, 0xb9b6d5b,
-          0x2c31ad7, 0xe351a8f, 0xac12f13, 0xa761dd8 }
-    },
-    {
-        { 0xf171ab7, 0xda115dd, 0x401f93d, 0x2de17b1, 0x40964b4, 0x95019ca,
-          0x65ba3c3, 0x169d1f4, 0x0090d08, 0x534a007, 0x82bf410, 0x805c5e2,
-          0x65f8d90, 0x15dfe11, 0xca72456, 0x827a416 },
-        { 0x33a36c4, 0x5af8884, 0xd8ee604, 0x8bfa54c, 0x9ce290f, 0x08fd141,
-          0x287b3a6, 0x2db5e8c, 0x03cdad2, 0xe5be981, 0xbf810b9, 0x155b874,
-          0x670f473, 0x2ae42de, 0x7f74657, 0x2218584 }
-    },
-    {
-        { 0x23ffa43, 0x54b2a50, 0xa24d919, 0xcf87b16, 0x63524e8, 0x1ff5402,
-          0x56d1e54, 0x73c94e0, 0x3899fb5, 0x7651552, 0x18723bf, 0x13a7214,
-          0x3561517, 0x39afbdd, 0x9f2862e, 0x49b790a },
-        { 0x527d2ce, 0xc8c1f4f, 0x7609bb7, 0x1997aec, 0x02a3400, 0x583ad80,
-          0x4f79706, 0xac2374e, 0x21b7183, 0xbf1f9a8, 0x6600fe0, 0x06158ab,
-          0xbd56751, 0xfcc9b2e, 0xddaaec7, 0xe1de5ac }
-    },
-    {
-        { 0x788fdab, 0x230baa1, 0x7d04597, 0xf30860a, 0x99f4caa, 0xa2c7ece,
-          0x6ad065e, 0xbd39f10, 0x3bef7bd, 0xfd92f5d, 0x96d2203, 0x6069fad,
-          0xc4d9e0d, 0xbff38ca, 0x1fda313, 0x419a017 },
-        { 0x572f035, 0x5d77fd8, 0xb282b40, 0x5af99f2, 0x23facff, 0x7257d3b,
-          0x58c90af, 0xf2ee223, 0x9b6a52a, 0xcc2687d, 0x302430e, 0x140892c,
-          0x3ec4f38, 0xa934d5e, 0x3bd18be, 0xc087d7c }
-    },
-    {
-        { 0xa2c5ed7, 0x7e94138, 0x53610bf, 0xbc8ceef, 0xd86f803, 0xe89356b,
-          0x5a55330, 0x9a3a380, 0x11ad648, 0xe894aba, 0xba95918, 0x2e68fba,
-          0xfcad344, 0x643e2ba, 0x61640aa, 0x0dd0256 },
-        { 0xe25cbdd, 0xc02e479, 0x13a1b3f, 0xd78c4d8, 0xcca9692, 0xa6dae8f,
-          0xe5de8a0, 0x3dd91e9, 0x764ea36, 0x78ae0ce, 0x85dbc5e, 0xb4ad999,
-          0xe82a169, 0x967ff23, 0xbaee1fc, 0xaeb26ec }
-    },
-    {
-        { 0x9a6f90c, 0x8c50255, 0x0ea374a, 0x56e7abe, 0x56413b2, 0x675c722,
-          0x946753f, 0xd3fc17e, 0xe235f7c, 0x28c4e1f, 0xb028eb0, 0xe209bcd,
-          0x489fe88, 0x7d0f93a, 0x063706a, 0xb966a2e },
-        { 0x4a30319, 0xb6c228c, 0xca6d674, 0x6868efe, 0x057311a, 0x0610a70,
-          0xbad7f89, 0x0808112, 0x1dd6181, 0x2a2462c, 0xb58e88a, 0x52ed9fe,
-          0x33821a2, 0xbbff16f, 0x17f882a, 0xda53e96 }
-    },
-    {
-        { 0x8c30e5d, 0xb6ffca3, 0x5c905f5, 0xa90f991, 0xd753e88, 0x72fb200,
-          0x7256c6a, 0xe509d4c, 0xd866500, 0x369e552, 0x33cf8ae, 0xee4b7e0,
-          0xefcf6eb, 0x280d954, 0xd557f0e, 0x5b275d3 },
-        { 0xb5cecf8, 0xeb17211, 0xbdb2f8d, 0xd6ad50f, 0x35e04b7, 0x2478c7b,
-          0xac73bd3, 0x97e7143, 0x4817e24, 0x09d6ede, 0x2c405e1, 0x68fea71,
-          0x05f67a1, 0x34adbc9, 0x73edf99, 0xd20ab70 }
-    },
-    {
-        { 0x569f191, 0xe116a96, 0x4d6e29a, 0xb3f0bce, 0xf51dbab, 0x30b9e1a,
-          0x346d276, 0x1dd36f3, 0x0749a27, 0x8315103, 0xab47f70, 0x242f148,
-          0x5585681, 0xe8a5bcf, 0x5ed79ba, 0x8b80184 },
-        { 0x3894ad1, 0xa4042fd, 0x2b88bc6, 0x82f781d, 0xbe4c397, 0x2d34cac,
-          0xdd99c9f, 0x8731aea, 0xef1d382, 0x0f95498, 0xdd0bbc9, 0xcaba2e1,
-          0x54064e8, 0x78889e9, 0x61a8ab9, 0x8cd9c97 }
-    },
-},
-{
-    {
-        { 0xfa0459e, 0xf31f53f, 0x315cd6b, 0xf8742a1, 0xae64e97, 0xabe2f50,
-          0x9b9da48, 0xbd78741, 0x51e526e, 0x4521a33, 0xe10ba45, 0xfa05935,
-          0xe8f903c, 0x5c947e1, 0x5a754ee, 0x0aa47d1 },
-        { 0xd814825, 0xb2849ef, 0x5c9968d, 0x9c2a5d2, 0x04e634c, 0x24dbb26,
-          0xdb38194, 0x33f3a4c, 0xc8a2b6b, 0xe04f609, 0xabbbfdb, 0xcaefd8e,
-          0x404498b, 0x683119a, 0x8b21cbd, 0x24ab7a9 }
-    },
-    {
-        { 0x21fa2dd, 0x6f13269, 0xc10a4bc, 0xd79e61c, 0x4bd6d46, 0xac4b3ce,
-          0xbd3f37b, 0x52459b6, 0xa396966, 0xce0f0a3, 0xa1ed488, 0x050d1d5,
-          0xe0b17fa, 0x1b9c403, 0x04a2e66, 0xee1abd0 },
-        { 0x5cf3e3b, 0x97065c3, 0xbe33441, 0x6513d5f, 0x79047ae, 0xcd34634,
-          0xfd22df1, 0x45cbb1c, 0x967b17c, 0x7a173ae, 0x2223cda, 0x75f5ba7,
-          0xefe0a73, 0xe3d12db, 0xfd7adcf, 0x3b7f94d }
-    },
-    {
-        { 0xf1e9b7d, 0xd596a13, 0x6734e0c, 0x04f5bdd, 0x8be163a, 0x18b694f,
-          0xd959fa3, 0x15620c7, 0x53d2a3b, 0x65fc2c5, 0xc4d36f2, 0xd44a364,
-          0x268ceab, 0xc8b421f, 0xbfe2bd4, 0x564139a },
-        { 0x19d4633, 0xb524610, 0x6346934, 0x5ab3f88, 0x9819422, 0x96691fe,
-          0x8b39b82, 0xdfdec89, 0x97cfb27, 0x84b1c79, 0x4d6d004, 0xe59a98d,
-          0x12c350f, 0x5e5d0c6, 0xd415774, 0xb431220 }
-    },
-    {
-        { 0x6aae0a2, 0x3d0ca73, 0x48c2d8c, 0x7b1991f, 0x5cdae72, 0x00ae856,
-          0xbd55128, 0xdbb6ca0, 0x45c82bf, 0x3c2ab2a, 0x79545ca, 0xea5a559,
-          0xd5927d0, 0xeba9a26, 0x83257fc, 0xb52e401 },
-        { 0xca9650a, 0x55ed517, 0xe3ebff2, 0xbdaa081, 0x9f8831b, 0x8cf7ce4,
-          0x6e3b8d3, 0x1d0b5bd, 0xd8fc869, 0xa314a9f, 0xb892bab, 0x07f2079,
-          0xa0cc9d9, 0xb700dbf, 0x6dc0a39, 0x7105a08 }
-    },
-    {
-        { 0x8c7d901, 0x0c7e05d, 0xaf3182b, 0xa7ff681, 0xf9a0d06, 0xb88e3ca,
-          0xc343b7f, 0xfe20a12, 0x03251f9, 0x9f02577, 0xc40c5eb, 0xf225ded,
-          0xb208ea7, 0x50e0cec, 0xe6eeb65, 0x5b250f0 },
-        { 0x4806b6e, 0x807a153, 0xfa94139, 0xded120a, 0x49366fb, 0x237ddc7,
-          0x5a34bcb, 0xdd3674e, 0x9c4a61d, 0xef6cdff, 0xb2fb896, 0x036194b,
-          0x9528cd9, 0x3865953, 0x6936a52, 0x0723c59 }
-    },
-    {
-        { 0xe17719d, 0x1f84cd5, 0xc73b394, 0x545939b, 0x83e84e7, 0xefbf3c5,
-          0xf77fd66, 0x6cc46f1, 0x1383ab8, 0xa629f59, 0xcd35cd2, 0x9177ffa,
-          0x9dd411b, 0x039187f, 0x7b7eea8, 0xa9cf1cf },
-        { 0xac47e5d, 0xa3b105a, 0xd0a9da4, 0xa755bea, 0x73da15e, 0x50cfbae,
-          0x60b628c, 0x9456cbc, 0x9b7a910, 0x7ffc362, 0xcd6d6a4, 0x30b5924,
-          0x0b04ab6, 0x198629f, 0x624dea9, 0xc74609c }
-    },
-    {
-        { 0xaf12fa6, 0x27d4d77, 0x690aeb2, 0xdd8a216, 0xfe24417, 0xe48fc02,
-          0x720e17e, 0x1970403, 0xce37b42, 0x95013fd, 0xde4bd9b, 0x06817d2,
-          0x63d0ba2, 0xc5863e7, 0xa556f5d, 0xa1bafc0 },
-        { 0x410a78a, 0xf28ec7b, 0x0a01a63, 0x0dcac42, 0xb5bce11, 0xfcd3fa4,
-          0xd278b89, 0x054d7e5, 0x5ce49e3, 0x5195db8, 0x2c73d96, 0x4c0b167,
-          0x20a1bdb, 0xd943077, 0x59c77a7, 0x66fa8b3 }
-    },
-    {
-        { 0xd7462fe, 0xb9e93ae, 0x18dde4f, 0xbfe54b2, 0x3dbb08e, 0xaabb528,
-          0x0e5fc45, 0x8c36702, 0x8e69be3, 0x3502888, 0xc12a11d, 0x6d2efc1,
-          0xf265e30, 0xfce5ceb, 0x5742c7e, 0x58c8bb3 },
-        { 0xccf7fa0, 0x32e89dc, 0xdd020a4, 0xa811f33, 0x5129fe5, 0xa10d620,
-          0xe4ed29b, 0x3841c88, 0xd8b1ea6, 0xf3303a9, 0x1781f58, 0xa9a0cad,
-          0x8f3ef0b, 0x4502b38, 0x74c6d35, 0x2b7587e }
-    },
-},
-{
-    {
-        { 0x23ae7cd, 0xc6eaea1, 0x73c0caa, 0xa1884d4, 0xef1ea88, 0x901e76f,
-          0xa14269d, 0xdb9935c, 0x947f1de, 0xe8b2486, 0xa657588, 0x4ad56f4,
-          0x2913fb1, 0xe768054, 0x37600da, 0x2abff5d },
-        { 0xa81a797, 0xa814813, 0x46acb69, 0x63e76a4, 0x4ab8277, 0xb103839,
-          0x9d8e759, 0x587de34, 0xddf62df, 0xdfaeb8d, 0x9239d49, 0x24fe1cf,
-          0xe130d1c, 0x7de7409, 0x581d070, 0x3ecfef9 }
-    },
-    {
-        { 0xf87c72d, 0x8d177a0, 0x8c6d1de, 0xae7e581, 0x8cece85, 0x0077b5f,
-          0x32d2187, 0x3824838, 0x6db2bd2, 0x49d8b15, 0xc8d85b9, 0xe9e5513,
-          0xe05c53f, 0x63c410c, 0xd86f752, 0xceaf2fb },
-        { 0x93806c5, 0x0b432fe, 0x3d06c75, 0x18eb15d, 0x12cfc02, 0xcaad826,
-          0x1e2d045, 0x581e040, 0x95edcfd, 0xd573cb5, 0xdbc66e3, 0xce71948,
-          0xacc14ea, 0xcf68721, 0x6cac4dc, 0xf68bea2 }
-    },
-    {
-        { 0xcb74da2, 0xd8576af, 0xc433f46, 0x8771c29, 0xe2f5b8e, 0x7315af6,
-          0xba33928, 0xc195481, 0x2fb1f94, 0xb77dcc2, 0xa610f75, 0xcb3e57c,
-          0x53907df, 0xeb2a927, 0x23eff95, 0x916f149 },
-        { 0xb6cd291, 0xbb378e4, 0x2f13ce1, 0xa2a5e2b, 0xbcd00b0, 0xa8a0e60,
-          0x682b75a, 0x5902741, 0x3f65a77, 0xa0882c9, 0xc93cfff, 0x2069f75,
-          0x70c0cb9, 0x1ede405, 0x0d526c4, 0x13840c9 }
-    },
-    {
-        { 0x03ced48, 0xdc2caaa, 0xa0315be, 0x2079219, 0x3b1f642, 0xca49356,
-          0xb0665f2, 0x0202dc7, 0xb7a5238, 0xe5d6bbd, 0x26eab32, 0x36fbd5e,
-          0xf5819b4, 0xb3988f1, 0x4aa4d69, 0x5b15dc8 },
-        { 0x54e5c24, 0xa52feed, 0xe91a797, 0x927471b, 0xd57f677, 0xd119bfd,
-          0x78e4c4f, 0xde38f7b, 0xb150bc3, 0xa7af516, 0x26b76c2, 0x403b21e,
-          0x92300dc, 0x589067d, 0x066802a, 0x04e406a }
-    },
-    {
-        { 0xa9ca9bb, 0x28e7d09, 0xfccf4a0, 0xaa84fd5, 0x635b7ed, 0xdbe9fb8,
-          0xd56fc7c, 0x9ede3f5, 0xb01cb29, 0xa4b5031, 0x7f93703, 0x584299d,
-          0xb6fe825, 0xbd28868, 0x8b9c2d9, 0x1d385d4 },
-        { 0x822be80, 0x6606f4a, 0x626d0fd, 0xb5a0165, 0x14568ad, 0x9920a20,
-          0x1c6d174, 0x7d430f4, 0xe02e9e9, 0xc243e16, 0xa6bd649, 0x367f1d2,
-          0x71b8c36, 0x6939100, 0x4de2984, 0x2ede131 }
-    },
-    {
-        { 0x5beec32, 0xdc78187, 0xa525ff4, 0x1fff0cc, 0x676df34, 0x6e86425,
-          0x3f638e1, 0x2b4e8a6, 0x9b1e59f, 0xc4991d2, 0x1589717, 0x399d001,
-          0xbe041cd, 0x406464e, 0x9e65bb0, 0x901cb3d },
-        { 0xfb42307, 0xf5f4572, 0xf1b7307, 0xf81b3b0, 0xf2094d1, 0x8fb695c,
-          0xdb56f7b, 0x7db4792, 0x5a794e0, 0x36836d5, 0x09bc879, 0x2da477b,
-          0x1887c40, 0x1cdfadb, 0xf2699b6, 0x65dc6c2 }
-    },
-    {
-        { 0x4737972, 0x36f9f21, 0x7a387b0, 0x48f0c8b, 0x39a1d24, 0xa156ed3,
-          0x0fed268, 0x375293a, 0x7ff75cb, 0xf679f48, 0x1cc9e62, 0xd15a00f,
-          0x22c3877, 0x92a7dc7, 0x6fb0ed4, 0xe987063 },
-        { 0x16f5f3c, 0xfd8e59c, 0xaeeb48e, 0x375732e, 0xca1ab42, 0x2dd9213,
-          0x9ffccea, 0xcb06209, 0xb23edfd, 0xfc611f6, 0x99b060e, 0x2716349,
-          0x820de8a, 0xb938b5d, 0xeb49a32, 0x138f6e7 }
-    },
-    {
-        { 0xe485f70, 0x7feda63, 0xeb27b2c, 0x646380a, 0xc4511c7, 0xcf8fe32,
-          0xff9406a, 0x2c68e1e, 0x20b6020, 0xa9f2fd9, 0x3b3e465, 0x1c98fc6,
-          0x93e53aa, 0xb8dac35, 0xa750e96, 0x2fb47b6 },
-        { 0x1950bb3, 0xea373ef, 0x4ac7aec, 0x8156694, 0xb55b931, 0x8d6b3c2,
-          0xb62ef7d, 0x5d13f2d, 0xab9182b, 0x4647f2a, 0x33bf07c, 0x8f56c5a,
-          0xb35a221, 0xc5ab284, 0x5a46a6b, 0x0747ab7 }
-    },
-},
-{
-    {
-        { 0x86b85c5, 0x5b9236c, 0xc482448, 0x5967a0d, 0x7df6ae0, 0x397c955,
-          0x5378f2b, 0xf83ee1c, 0x6e05dd1, 0xf82df65, 0x19d7c8b, 0x4c424f6,
-          0xa6d5f2a, 0xa612550, 0x63c3ebf, 0xfe8482a },
-        { 0x0142c82, 0xcb8d403, 0x3679e6c, 0x08b0662, 0x3eca5ee, 0x3ea5146,
-          0x1370500, 0x089eb3b, 0x5a0d306, 0xcbfb19c, 0x42a65bb, 0x2f68588,
-          0xe51e119, 0xe3e1db5, 0x110895e, 0x2c150e7 }
-    },
-    {
-        { 0xf6d4c4c, 0xf323488, 0x63b87e2, 0x5fc931f, 0x35c759f, 0x8867da0,
-          0x9746d4c, 0xb6f1eff, 0x990be0a, 0x8a8172d, 0x5c407b4, 0x1113eee,
-          0x378ed8a, 0xd80dacf, 0x3fa7fd1, 0x99b57cf },
-        { 0x5176405, 0xf5bb6d9, 0x92e83b5, 0x6b8963a, 0x8a7ef8d, 0xac55b6b,
-          0x6c1fbf0, 0xe73fa12, 0x60148df, 0xdb37560, 0xf3f1fba, 0x72f1a98,
-          0xea550f2, 0x1f71d0a, 0x9544a87, 0xc3ea4f0 }
-    },
-    {
-        { 0x4322bf3, 0x5b09da2, 0x61264e1, 0x2a573d5, 0x803acc4, 0x93cb2e1,
-          0xe502fc6, 0x397b4fb, 0x39e0ebc, 0xddfb212, 0xbbcbc57, 0xeccd8f5,
-          0x4663788, 0x49d3bed, 0x1218df9, 0x37192aa },
-        { 0x2ffa3c6, 0x8a05bc9, 0x23ebf4d, 0xc38c281, 0xfe343a8, 0xc80d547,
-          0x6c63516, 0xa8d5a5b, 0x8d8fa6b, 0xc5d8ce1, 0x24a87c0, 0xeb5e872,
-          0x75bfa23, 0x9806e9e, 0x689469a, 0x11f0889 }
-    },
-    {
-        { 0x8e75666, 0x81005f6, 0xd349505, 0xb84d861, 0x9f321ea, 0xe083282,
-          0xcfa33a1, 0xb751d7a, 0x067c550, 0x793cf6f, 0x1027e56, 0x073a6b2,
-          0x66a6012, 0x53f40ee, 0xc210fa9, 0x70bfaa8 },
-        { 0xe4b5998, 0x1518e39, 0x24b8d9c, 0x8f0b530, 0xafdf923, 0xd91c281,
-          0x24e3f69, 0xc5cfb28, 0x870871f, 0x63a529a, 0x2128dad, 0x3d3e887,
-          0xcb30cce, 0xed658dc, 0xafb7bae, 0xf9373b9 }
-    },
-    {
-        { 0xde58ed2, 0x22d4dbe, 0x03f8789, 0x4fefc1d, 0x344817f, 0x6b0a1fe,
-          0xa56b0b2, 0x96bef40, 0xda249fa, 0x32684ee, 0x524a91b, 0x8298864,
-          0x0c736a1, 0xa958baf, 0xef2f3e5, 0xd033a7d },
-        { 0x43f4d6a, 0x5be3edc, 0x9c89abb, 0x326a39d, 0x55d997a, 0x90c44f7,
-          0x6e966c2, 0x2058106, 0x6548038, 0xdbae490, 0xd473fc1, 0xac7bc97,
-          0x4b2603a, 0xb34488b, 0x5e9bb98, 0x27aea27 }
-    },
-    {
-        { 0x1b88773, 0xa59e728, 0x0c241f6, 0xe2f05d4, 0x4e75749, 0xa56229e,
-          0x1b10705, 0x8f00c0b, 0x19394d3, 0x8559946, 0xaaf5e32, 0x0d7e352,
-          0x787b8ea, 0x526c462, 0xa179d48, 0x89297d9 },
-        { 0xef43892, 0xeff17e6, 0x221f841, 0x17091eb, 0x4a4b848, 0x82f5eb3,
-          0x8eb7b76, 0x6bea477, 0x76c536c, 0x21f2271, 0x96c81bb, 0xd9ef2c8,
-          0x54bf4d3, 0x7c27546, 0xd7c28c8, 0x9dd4662 }
-    },
-    {
-        { 0x20e1a6b, 0xe7fff00, 0xa08d467, 0x26a35c6, 0x3248c91, 0xb3c773d,
-          0xba7d935, 0xa646615, 0xb0d26fa, 0xa91f453, 0x60c6d32, 0xdcf9c34,
-          0x9e3e3dc, 0x6366861, 0xf30f3e2, 0x3012813 },
-        { 0xc2fc61a, 0xac6623d, 0x2bfd2ff, 0x108dc25, 0x231d6ea, 0xd7f5c0d,
-          0xad1107e, 0xa904f9a, 0x0d1e9c8, 0x46941c2, 0xc810cf2, 0xe5b6451,
-          0x4f511d1, 0xaba8e67, 0x08373fe, 0x5b4b94f }
-    },
-    {
-        { 0x849c230, 0x002d4e2, 0xd8ba391, 0x9bed0ef, 0x828e319, 0x745e0c0,
-          0xca58de2, 0xcd40907, 0x1abaa4a, 0x2c87ab1, 0xdb64391, 0x3c17a97,
-          0x86c72d2, 0x36b184e, 0x485f7aa, 0xb03d202 },
-        { 0xde24aba, 0x2b6b79b, 0x2325fb2, 0xdcb7854, 0x66ebae2, 0xf5d1db9,
-          0x903840a, 0x35a4d5b, 0x190e9da, 0x7afeb09, 0x35c1792, 0x1818f6a,
-          0x3faa269, 0x90091fa, 0x2570235, 0xc4ccff6 }
-    },
-},
-{
-    {
-        { 0xec85940, 0xa177619, 0x7ef7eee, 0xfca24db, 0x7a90c11, 0xb2450f3,
-          0xdbf4f85, 0x29d256d, 0x51316c3, 0x920c8d0, 0x04474da, 0x2f7f7ba,
-          0x2ec9a0b, 0x308117f, 0xd0d2085, 0xd0a231a },
-        { 0x7ab641d, 0xf3288fc, 0x9f4fa32, 0xc68bade, 0xbbf8253, 0x768f014,
-          0xc0a33f0, 0x5eff260, 0x6bb93ce, 0xc71b453, 0x680697f, 0xa71d045,
-          0xce72bc3, 0xb62444c, 0xd1379f3, 0x11f03e8 }
-    },
-    {
-        { 0xc16df92, 0x1f54789, 0xe3ed142, 0x874c642, 0xfa2a9f1, 0x6699f60,
-          0x3fecfc1, 0xbd1b8d3, 0x8a3d953, 0x59682d5, 0x4a36b81, 0xf17c021,
-          0x181a666, 0xeb9621d, 0x3cf1ad8, 0x7c2c3ab },
-        { 0xe529f7c, 0xe6888c3, 0xb355315, 0x197b66a, 0x83e31ac, 0x63b558a,
-          0x891c68e, 0x4aa7bc5, 0x592e360, 0xc17d989, 0x1363666, 0xc750a29,
-          0x4909ac0, 0x0d53470, 0x4594a10, 0xd6d0272 }
-    },
-    {
-        { 0x3fbb635, 0x35c541b, 0x5982afa, 0x50016d0, 0x96b0ca0, 0x58ebce4,
-          0x577ea56, 0xb940027, 0xe38480f, 0xf29d305, 0xebd6a2c, 0x43705b0,
-          0xe90c639, 0x0e4acda, 0xf56e05e, 0xbe94a29 },
-        { 0x30659ad, 0xc61f4a0, 0xc402211, 0x39074ad, 0x51b621d, 0xfe0d8d5,
-          0xd1d5222, 0x2d02e8d, 0x46c2683, 0x05ece3c, 0xc689d41, 0xf70705a,
-          0x4d837bf, 0xe3caf44, 0x75ba6d0, 0xfda0584 }
-    },
-    {
-        { 0xcb7d458, 0x1098163, 0xf5ba834, 0x12b645f, 0x28af72c, 0x70a3181,
-          0xf32e5dd, 0x5f4727e, 0x10a21b4, 0x7cbae15, 0x6785389, 0xa80bf80,
-          0xb8f93b7, 0x9827402, 0x08349da, 0xe385f82 },
-        { 0x9589f6e, 0x2d05461, 0xe7c0191, 0x6aa5b26, 0xbd5574d, 0xe79ae12,
-          0x4148e61, 0x5d13f91, 0x13716ff, 0x7b2be0f, 0x80bb81f, 0x82b0fe6,
-          0x3e2569c, 0x697633c, 0x873f8b3, 0x6c1f083 }
-    },
-    {
-        { 0x0be1674, 0x6e26d85, 0xab8044f, 0xe4e47f6, 0x82fc434, 0xfdf46e8,
-          0xc89cadc, 0x639ae2c, 0x4b85bdc, 0x2244a52, 0xb7cf4ea, 0xb1e4790,
-          0x7e0bb8f, 0x51dce03, 0x2716cee, 0xdd14335 },
-        { 0x8e8841d, 0x1c049b4, 0xb97c621, 0x6bf26dc, 0xba01178, 0x21d6255,
-          0x8e4f0e4, 0x477258a, 0x68f8ef1, 0xf5e437e, 0x8b03e1e, 0xd118fbc,
-          0xe1c91b3, 0x3d6bc51, 0xd5b6907, 0xa259486 }
-    },
-    {
-        { 0x7b6f5dc, 0x4159cfc, 0x493694a, 0x05a52b3, 0x83b8883, 0xeeb511c,
-          0x2b06400, 0x19d79e4, 0x738f37e, 0x8e503a2, 0x5a94ad9, 0xa30e579,
-          0x262618d, 0x3981c75, 0x2dcba19, 0x06b6c69 },
-        { 0x4d1b051, 0xd7242ee, 0x3b350c4, 0x6274ccb, 0xf540019, 0x66df0bb,
-          0x5ae12d5, 0x4d66be6, 0x1049cba, 0xcea2960, 0x8df84b3, 0x4047339,
-          0x75a31c8, 0x7d6c96b, 0x874174c, 0xbb80159 }
-    },
-    {
-        { 0x59f1aa4, 0xf0f7be0, 0xdcff451, 0x798f39a, 0x8014e1e, 0x96763ff,
-          0x09cc5ec, 0x03987a8, 0x893650a, 0x4919656, 0x75e24df, 0x92e8eef,
-          0xe89d639, 0x54e97cd, 0x7682cc0, 0x8081d06 },
-        { 0xa8ceb71, 0xb9ef41a, 0xa4d7aaa, 0xb8173a4, 0xc54ee10, 0x93d81b1,
-          0x70a445a, 0xabe1805, 0x64d569d, 0xac0ff97, 0x3e570be, 0x86946b2,
-          0x4180641, 0x8e11dd2, 0x99f67dc, 0x3d0b33c }
-    },
-    {
-        { 0x48bf5a4, 0x2c9637e, 0xccaf112, 0x9fdec19, 0x5c42023, 0xe5cde9d,
-          0x878f0cc, 0x9869620, 0x1fe6eba, 0xcf970a2, 0x54e678b, 0x1df5ec8,
-          0x28d00dd, 0x4667f01, 0xb0b3fa8, 0xfa7260d },
-        { 0xb34239b, 0x6bd2895, 0x2d2a50d, 0x04c8bc5, 0x6cb23e2, 0x14e55ef,
-          0x3a278d5, 0x6440c27, 0x2193046, 0xf4b12e3, 0x5dd4c08, 0x46adf64,
-          0x4656e8c, 0x70e2998, 0xe4acd44, 0xe7b36ea }
-    },
-},
-{
-    {
-        { 0x16cf664, 0xea64a57, 0x26fd357, 0x8497ee4, 0x814e851, 0x44d94b4,
-          0x5a6a2cf, 0xf4aac22, 0x80c301f, 0x947b309, 0x7865383, 0xf390ba1,
-          0xd1773d3, 0x16c4fc6, 0x6227220, 0x61b9814 },
-        { 0x1dd0270, 0x07dd03a, 0x0f160df, 0x290ca82, 0x44ba955, 0x8f22054,
-          0x0b6f1b3, 0x4e85e45, 0xad78089, 0xfd73ce9, 0x2f2cb0e, 0x67c1270,
-          0xee33a61, 0xa7de0d7, 0x6553261, 0x6a811cc }
-    },
-    {
-        { 0x2d0a427, 0x5ef0574, 0x220a341, 0xe8d2e95, 0x8044886, 0xdd28cbf,
-          0xa1aa58b, 0xdad7b4b, 0x8ec901b, 0xb28f373, 0x5bbe3db, 0x1841a93,
-          0xa075fee, 0x8fd7cd1, 0xc0d3cdd, 0x93b603f },
-        { 0x5edd859, 0xca54fd5, 0x64ed687, 0xa4cb05f, 0xed1a3d7, 0x3138668,
-          0xee32be5, 0x1224fda, 0xc80aeb3, 0xf1f532b, 0xe8d4d69, 0xa4f65d0,
-          0x5905fe5, 0xc697a01, 0x6690ce4, 0x514da7a }
-    },
-    {
-        { 0x3de4a55, 0xc7b9af8, 0xb318d93, 0xc79bad7, 0xf5b1c83, 0x1808071,
-          0xb965b16, 0x92112ef, 0x7bb740a, 0x655ab38, 0x384ff87, 0x53dbc8b,
-          0x72dc6f2, 0xd153c28, 0x99c7819, 0x2ec20e1 },
-        { 0x3b854b5, 0x65e46ea, 0xc711db5, 0x272d5ae, 0x26e19e8, 0xfd1bb53,
-          0x3dc0665, 0x33280b8, 0xb8f1c4a, 0x95b986e, 0xa685c4a, 0xa671fc4,
-          0x83bdbbf, 0xa03cbd5, 0xab77544, 0xd329402 }
-    },
-    {
-        { 0x8e62b35, 0x40fa651, 0xf9e55a6, 0x3913b11, 0x5270a41, 0x4e8089b,
-          0x80d1886, 0x565f52a, 0x512749b, 0x93b5f05, 0x141c547, 0x35c869c,
-          0xf86717f, 0x9a44a1a, 0x9c2b2cb, 0x2b9984b },
-        { 0x4952322, 0x61fb607, 0x7af1464, 0x2d4072f, 0x600eb30, 0x9b2fa8c,
-          0xf10668e, 0x6071fb7, 0x90634ca, 0x27cc24d, 0x471d32b, 0x3875bc2,
-          0xa11210c, 0x678590b, 0xfcc5a9a, 0x352b447 }
-    },
-    {
-        { 0x5fa3200, 0x795d541, 0xa92949f, 0xadaa557, 0x3cc88c4, 0x42fff06,
-          0x71b68a5, 0x26d6831, 0xe67ad8c, 0x3286549, 0x86396b2, 0x5bf6363,
-          0xe12c8ea, 0x41229b6, 0x748952e, 0x05320c9 },
-        { 0x900b460, 0xae36b63, 0xf2b6aff, 0x9354ff2, 0x065ee0c, 0x10b810b,
-          0xcc8bb38, 0x4d6925f, 0x7a22f14, 0x31c03fd, 0x57544e8, 0x76b7f44,
-          0xc0eed26, 0x3a9123c, 0xe0cd1cc, 0x77acd67 }
-    },
-    {
-        { 0x07ec527, 0x2e90530, 0x62937cf, 0x32388ef, 0xe229188, 0xa445389,
-          0x33bcebe, 0xa44b68e, 0x4c4e701, 0x5a8722e, 0xcf07e41, 0xfd066e8,
-          0x95fab62, 0xa3c1a4f, 0xe542f24, 0xb4d6a1b },
-        { 0xaf6c9b5, 0xe6a92e4, 0xc83d61d, 0x9452484, 0x0062276, 0x422b55b,
-          0x5279688, 0x261973a, 0x3999fb2, 0xde8be26, 0x7b029ca, 0x64e9628,
-          0x06897d4, 0xd8edfaa, 0x6955511, 0x408319c }
-    },
-    {
-        { 0x50a5632, 0xff6baed, 0x5c5885a, 0x922b7d0, 0x1b45864, 0xdf0f3b3,
-          0xc04340e, 0x27e49c0, 0x122c447, 0x618c566, 0xeafee7e, 0x7863a38,
-          0xb828cb0, 0x7143aff, 0xf9d054e, 0x51fcf4c },
-        { 0x27f5e09, 0xc4a4b31, 0x90be2bd, 0x021f47a, 0x7ab956d, 0x1a06019,
-          0x86ea86b, 0xe77fa15, 0xd550ef3, 0x9ccde87, 0x6532654, 0x7dee53a,
-          0xe826387, 0x8b4f060, 0xad077b5, 0xda38637 }
-    },
-    {
-        { 0x0e9fac8, 0xbc901b3, 0x6fb2a2a, 0xfa08204, 0x5e04efc, 0x92f68ab,
-          0x9ac12d0, 0x184a30a, 0xb25d479, 0x1aa11aa, 0x0f03161, 0x8bc5f4c,
-          0xcfc8817, 0x7e3a083, 0x597f93f, 0x84d9355 },
-        { 0x239abc6, 0xc014478, 0x8d37b04, 0xb226b09, 0xf575789, 0xb056942,
-          0xba745eb, 0x816b95a, 0xb98ddb6, 0x2a49d39, 0x291af81, 0xc41ca26,
-          0xab26347, 0xb3afe99, 0x604b638, 0x59c31bc }
-    },
-},
-{
-    {
-        { 0xc42befd, 0xa16a8b9, 0x2052f00, 0x731c9c9, 0x1f5dfa0, 0x1ad49b4,
-          0xbffce36, 0x7a289e3, 0x0c79cf1, 0x868fac0, 0x86721ab, 0x6d6d284,
-          0xe726c94, 0x590f928, 0x51f3841, 0x0e802cb },
-        { 0x0b694bc, 0x6a6a57a, 0x8120fb8, 0xb9bb0cd, 0x9c05826, 0xad96ac7,
-          0x7768df0, 0x294da8c, 0xb56c6c6, 0xfe32311, 0xae8d050, 0x291c2c6,
-          0xe7db4c9, 0x1c765e7, 0xd65f9f7, 0xe058298 }
-    },
-    {
-        { 0x7e8d345, 0x4bfa85b, 0xde1dfc8, 0xa04ef95, 0x324ace3, 0xb5f7f21,
-          0x574b14a, 0x4b350a1, 0xf8e5c8d, 0x11436bf, 0x7642369, 0x1c789f9,
-          0xfb623ce, 0xeb5e335, 0x442d562, 0x9deacd2 },
-        { 0x531ee71, 0x4ff989f, 0xaacb52a, 0x43e2c49, 0x85bfadc, 0xa763198,
-          0xd0161a0, 0x08b6d5c, 0x541f197, 0x010e3fa, 0x3279a16, 0x83a589e,
-          0x6309f9b, 0xf099137, 0xf1cea10, 0x07c093b }
-    },
-    {
-        { 0x33d2192, 0x1ce3f0f, 0xc37ce73, 0x07b559a, 0x207be27, 0xaa2ad38,
-          0x7ed93de, 0x84f053b, 0x3b98a4b, 0xbc5c797, 0x63aa9b9, 0xc923461,
-          0x231a10c, 0x807cc16, 0xa061209, 0x8ffdf57 },
-        { 0x497070f, 0xa9ca741, 0xd113b3a, 0xf608ec9, 0x8d0384d, 0x5132726,
-          0xf5ec307, 0x96686ac, 0x71c4665, 0x437bbbd, 0x7c379ca, 0xdef09d5,
-          0x621747c, 0xf8be033, 0x8ae8047, 0x2775b37 }
-    },
-    {
-        { 0xb2c4fc2, 0x4009798, 0x203772e, 0x148d7d1, 0xf8423fb, 0x9d9392d,
-          0xaf8cef4, 0xa5bd72e, 0x4380b53, 0x579d58d, 0x8c39d24, 0x2ff88f1,
-          0x5706466, 0x9ca2fbc, 0x1e56af2, 0xb42987d },
-        { 0x5d94ea8, 0xcc2556e, 0x5369d76, 0x4e5c2b3, 0x2a94f9c, 0x5de3574,
-          0x5cb4145, 0x8d068c9, 0x51bfcbf, 0x4d553ff, 0x8a23fce, 0x3ab7164,
-          0xd0fa7f3, 0xc9cb3a9, 0xed9ced1, 0xf81209b }
-    },
-    {
-        { 0xe5b66f5, 0xde7356e, 0xe8a25e0, 0x7b2bf1a, 0x2c9b725, 0x09a444a,
-          0x4906c55, 0xfd8a2f4, 0x82514f3, 0x409cc80, 0x28999a9, 0x47e0099,
-          0x6a312f4, 0x0a582a6, 0xf6723de, 0xf7946f8 },
-        { 0x92d8aff, 0xa55f6ba, 0xa544b1c, 0xb62c3c8, 0x5c16a94, 0xa1d1411,
-          0x2ad5e71, 0xc378319, 0x06b1dd6, 0x13d7847, 0xee7ff55, 0x99005f8,
-          0x8a1e7d8, 0xfb5ea3f, 0xb4cac39, 0xdc7f53c }
-    },
-    {
-        { 0x36e3794, 0x482abaf, 0xc74684f, 0xc23e9e5, 0xf1629be, 0x4544cf6,
-          0x2f40374, 0xd8a8ee5, 0xf433bdb, 0x2eea87f, 0xae9990e, 0x489a99c,
-          0x54b23b6, 0xefc131e, 0x8600270, 0x25fe699 },
-        { 0xc059a7e, 0x03d2d9e, 0x6979c3c, 0xa6445b5, 0x9bfbcea, 0x491a10c,
-          0xe937af1, 0x15b5974, 0x797c7fc, 0x4be8002, 0xfedcfee, 0xbed8a49,
-          0xa9e0691, 0x35751ce, 0x9ef5982, 0xe9a9fa3 }
-    },
-    {
-        { 0x3065de7, 0xeffeaca, 0xac4d4e2, 0x841d544, 0xcaf199f, 0x8144679,
-          0x443967a, 0x98cf4f9, 0xf33183c, 0x8cd57f4, 0xc1b15eb, 0x390832a,
-          0xa53b500, 0xc4b1fea, 0xdff24b5, 0xd762a10 },
-        { 0xb0ee2a9, 0xccd3eed, 0x362d485, 0xa6dd4a9, 0xf1d047a, 0xeb4ff26,
-          0x23860fc, 0xc0771fd, 0x4b64114, 0xdbb4e39, 0x4d29b29, 0x2ff3f24,
-          0x387b365, 0x9cac005, 0xde5994a, 0x05b7aa6 }
-    },
-    {
-        { 0xc03dd63, 0x5e71752, 0xbc74687, 0xad10fe9, 0x54c76ab, 0x51a5b0c,
-          0x1f586d4, 0x763fd50, 0x816048b, 0xc7bd5ce, 0x3f744dc, 0x8fc83d2,
-          0x109df9a, 0x0561802, 0xccf0e43, 0x18fb01f },
-        { 0x038ab23, 0xe4606fc, 0xa664c98, 0x5878f1f, 0x5da7356, 0x3aedbbd,
-          0x516746a, 0x3c578f5, 0x1a17210, 0x259477f, 0x028248f, 0xc7a869d,
-          0x48cbf95, 0x6517a61, 0x3d04d47, 0xbc5f91d }
-    },
-},
-{
-    {
-        { 0x083ca53, 0x15fd9a9, 0x2697ca6, 0x1161da0, 0x56b676c, 0xf516af3,
-          0x75eec13, 0x8a420d5, 0x1a9526b, 0x72d6742, 0x76b463f, 0x8d8c29e,
-          0x8815627, 0x38a4f58, 0xe0650f9, 0xf7e528b },
-        { 0x382edca, 0x2cfa78e, 0xc4ad83c, 0x638d183, 0xe4a0119, 0x96d3b9d,
-          0xa7c1101, 0x5769ccb, 0x2b8d04a, 0xc3b3b79, 0x4951bde, 0x96212f6,
-          0x481161e, 0xad7905a, 0x41c5edf, 0x8fd6762 }
-    },
-    {
-        { 0x39d6cde, 0xf7b0635, 0x115a84a, 0x69d0549, 0xcbd9fe4, 0x4a976c6,
-          0x950ff96, 0xc92953f, 0x654d127, 0x1d7f0fe, 0xda0f75d, 0x7293870,
-          0xcf2277f, 0x7bb3652, 0x834484f, 0x64798c9 },
-        { 0xac3a76c, 0xb94d8bf, 0x7ff776b, 0xf5721a9, 0x2722e31, 0x23a6e9f,
-          0x9a5c034, 0xe9da996, 0x456ebc3, 0xb9bbf83, 0x96956a4, 0x239f58a,
-          0x18b7f00, 0x8b75beb, 0xa51cb97, 0x6c2b5b8 }
-    },
-    {
-        { 0x7eb41f3, 0x78b1c62, 0x17c4352, 0x0638fcf, 0x0c5709c, 0x939edd8,
-          0xedc906c, 0x0a8dfc3, 0xefb01ed, 0x3942f47, 0x49986fe, 0x4c82757,
-          0x4dffa57, 0x792545c, 0x6c3ff26, 0xeee6883 },
-        { 0x12b1218, 0x824d08e, 0x902457f, 0x515a478, 0xbae55b3, 0xc70cc9c,
-          0xbcef9d4, 0x1240737, 0x2f9db7f, 0xf22e616, 0x91f8da2, 0x98c4f02,
-          0xafaaa67, 0xa89219c, 0xe7d27e2, 0xf35fd87 }
-    },
-    {
-        { 0x01b80d0, 0x19b0cd7, 0xf9aebd1, 0x3d7e29d, 0x0477cbc, 0xd39c9ca,
-          0x5ff0d3d, 0xac0f615, 0x520fd01, 0x8a51993, 0xb22d6fb, 0x508ff54,
-          0x318d3ab, 0x8786c47, 0x4a683f8, 0x4312c46 },
-        { 0x95359f6, 0x73b1d39, 0x963011e, 0x0d94fa5, 0x9bfe83e, 0x5723af2,
-          0x6841df3, 0xafa9001, 0xb7c498a, 0x791e92a, 0x7ea4253, 0xbc931ad,
-          0xb783c06, 0x438e016, 0x2ca662b, 0x1347db2 }
-    },
-    {
-        { 0xfbaa861, 0x41df37d, 0x329e4de, 0x98ecb23, 0x507e018, 0xdaf1560,
-          0xb088e32, 0xa902269, 0xe4cab2f, 0xad898a5, 0x02c1e1b, 0xd84e9ed,
-          0x8488af3, 0xc20a5d5, 0x6cc77c6, 0xc7165af },
-        { 0xdeb7461, 0x8526f3a, 0x4a2d332, 0x03577b1, 0xe4760b5, 0x28e469d,
-          0xb276266, 0x442c7f9, 0xf9c90fa, 0x90d5c77, 0x3e211bd, 0x7aa8716,
-          0x5decfd6, 0x56d8ff0, 0xee23e6e, 0xa204b56 }
-    },
-    {
-        { 0x4aceafc, 0x2e4374e, 0x6fcd5e5, 0x978743b, 0xc4855ca, 0xa0f6345,
-          0xe98074b, 0x9bc7e4f, 0xc33d08a, 0x3835d57, 0x6f00566, 0xeec7c8b,
-          0x1acf55c, 0x71628a2, 0x97fb19e, 0x5da3750 },
-        { 0x01a7125, 0x6904a8e, 0xe6e3780, 0xad33c85, 0xc19f94a, 0x1702928,
-          0x7c04b3d, 0xb424ff2, 0x19e2ba3, 0xb212e39, 0xc9af4c9, 0x4cca8e8,
-          0xfd9bf0e, 0x98ab7ae, 0x9799db5, 0x21d245d }
-    },
-    {
-        { 0xec08806, 0x6b034dc, 0xb40f2d9, 0xfd763f2, 0x29cb906, 0x5e16de0,
-          0x8a0e16a, 0x02b7014, 0xe071e12, 0x463c8ee, 0x25ad509, 0x6447281,
-          0xdc0e07a, 0x9ee6f2d, 0x68d4d97, 0x188895c },
-        { 0xb27f971, 0x092fff3, 0xc9b7722, 0xb3c159f, 0x3cae42d, 0xe27d8ff,
-          0xe87071d, 0xf8a5ed6, 0x607ebd2, 0x318388f, 0x53486f1, 0x924967b,
-          0x7c46e1f, 0x7730494, 0xf21d196, 0xf279c60 }
-    },
-    {
-        { 0x84f3201, 0xef2bc03, 0x1f94c51, 0xf8750c7, 0x986ec65, 0xbaa4f5a,
-          0x2732a33, 0x6f8a5de, 0x299e365, 0x0f13d80, 0xe85261f, 0x2709530,
-          0xf527d56, 0x097d922, 0xbe1f3f8, 0x4969687 },
-        { 0x3e1708d, 0x9f3f504, 0x4aa4be4, 0xac67b87, 0x320a87e, 0x75fb042,
-          0x6e2cad6, 0xa361ad3, 0x203e9f6, 0xcb01470, 0xc9b76c6, 0xe3807b7,
-          0xb907c09, 0xf086833, 0x7e85a01, 0xe9bed3c }
-    },
-},
-{
-    {
-        { 0x91780c7, 0xa7ea989, 0xd2476b6, 0x04e4ecc, 0xc494b68, 0x0af9f58,
-          0xdee64fd, 0xe0f269f, 0x021bd26, 0x85a61f6, 0xb5d284b, 0xc265c35,
-          0x3775afd, 0x58755ea, 0x2ecf2c6, 0x617f174 },
-        { 0x5ec556a, 0x50109e2, 0xfd57e39, 0x235366b, 0x44b6b2e, 0x7b3c976,
-          0xb2b7b9c, 0xf7f9e82, 0x0ec6409, 0xb6196ab, 0x0a20d9e, 0x88f1d16,
-          0x586f761, 0xe3be3b4, 0xe26395d, 0x9983c26 }
-    },
-    {
-        { 0x6909ee2, 0x1d7605c, 0x995ec8a, 0xfc4d970, 0xcf2b361, 0x2d82e9d,
-          0x1225f55, 0x07f0ef6, 0xaee9c55, 0xa240c13, 0x5627b54, 0xd449d1e,
-          0x3a44575, 0x07164a7, 0xbd4bd71, 0x61a15fd },
-        { 0xd3a9fe4, 0x30696b9, 0x7e7e326, 0x68308c7, 0xce0b8c8, 0x3ac222b,
-          0x304db8e, 0x83ee319, 0x5e5db0b, 0xeca503b, 0xb1c6539, 0x78a8dce,
-          0x2d256bc, 0x4a8b05e, 0xbd9fd57, 0xa1c3cb8 }
-    },
-    {
-        { 0xd95aa96, 0x5685531, 0x6bd51ff, 0xc6f1174, 0xc9c2343, 0xb38308a,
-          0x2921841, 0x52ee64a, 0x78f3b01, 0x60809c4, 0xae403ac, 0xe297a99,
-          0xcb09a5b, 0x7edc18f, 0x81ac92a, 0x4808bcb },
-        { 0x34dc89a, 0x3ec1bb2, 0x4e39da5, 0x1e8b42e, 0xe526486, 0xde67d5e,
-          0x76f0684, 0x2376548, 0x285a3dd, 0x0a583bd, 0xfe9b009, 0x3d8b87d,
-          0x0413979, 0x45bd736, 0x38a727f, 0xb5d5f90 }
-    },
-    {
-        { 0x4bde3ee, 0x7b8820f, 0x24d5170, 0xea712ef, 0xdf6ec7b, 0x517f88c,
-          0x983ea9a, 0xb15cecf, 0x31a4592, 0x9eeee44, 0xebb013e, 0x786c784,
-          0x1f4e15d, 0x2f06cb3, 0x4f4fda1, 0x5603fd8 },
-        { 0x9e1321f, 0xf6790e9, 0x74a4c09, 0x274c66a, 0x9a41a4e, 0xa4b70b4,
-          0xada5157, 0x7700bdd, 0x51be8dc, 0xe54a60d, 0x1a477e0, 0xfaf9276,
-          0xb027eac, 0x6661c72, 0x280b917, 0x50e2340 }
-    },
-    {
-        { 0x96ec123, 0x635f40f, 0x7a766a4, 0x4a33133, 0xb935587, 0x9ce4416,
-          0x95d97e4, 0xbb6e1f5, 0x9d4197d, 0x2614723, 0x490e896, 0xabd4478,
-          0x8bba895, 0xf6a1b2a, 0x5e27a45, 0x401fa40 },
-        { 0x0620900, 0x7354ba5, 0x385678b, 0xc443a29, 0x53cf5fa, 0x48aba10,
-          0xbbe152d, 0xd67e723, 0x2a63d68, 0x4b858e0, 0x72be4ee, 0x174e1ee,
-          0x9ab8d46, 0xad0fbb3, 0xce17dd7, 0xa0fdffb }
-    },
-    {
-        { 0x9c46fd8, 0xa1ea325, 0x9fb96ef, 0xeca122e, 0x6767acd, 0xf9074a2,
-          0x2787082, 0x9b004a2, 0x7f3ba8e, 0x389f807, 0x0d5aabe, 0x6463de9,
-          0xb090585, 0xf30ceaa, 0x5634ab8, 0x71b31e8 },
-        { 0xaf02aed, 0x0dee65c, 0x20ac252, 0x506886e, 0x86b8a59, 0x0665f78,
-          0xf2bb328, 0xb9b784d, 0xdc6b089, 0x46e443a, 0x66c27fd, 0x3d5de19,
-          0xf0fde70, 0x0419265, 0x2b5c034, 0xed94612 }
-    },
-    {
-        { 0x13b0056, 0x5a52ad2, 0xb909ee3, 0x9fbeb92, 0xbdaab08, 0xb42ba18,
-          0xffc8a77, 0xec127c4, 0xfda906a, 0xc6d2985, 0x994bbe7, 0x5355547,
-          0x9cdfd62, 0xa7470c0, 0xd2e675a, 0x31a3971 },
-        { 0xcc8b356, 0x8d8311c, 0x01b4372, 0xabb0bf8, 0x0294566, 0x33c1cad,
-          0xe07b672, 0xe2e649c, 0x2ae3284, 0x9084d88, 0x1835ce2, 0x7a90d4c,
-          0x809d44c, 0xb4d1cd5, 0x9f0528f, 0x7822714 }
-    },
-    {
-        { 0xbf5844b, 0xca884cf, 0x8524cf9, 0x9dd05c4, 0x36ba889, 0xdbffa19,
-          0x29e7666, 0xef94fdd, 0x3eaf48f, 0x358f81b, 0x1530d56, 0x96734d5,
-          0x4adf9e5, 0x378b2d1, 0x4731f61, 0x2f85046 },
-        { 0x99dcb83, 0xd6ae905, 0x6199239, 0xa4f89e0, 0x8f0f958, 0x6405249,
-          0xcc27707, 0x2866d99, 0xf551c0f, 0x64681a2, 0x4c37080, 0x2c7b0d0,
-          0x00ac301, 0x218925b, 0x54df895, 0x8d57fb3 }
-    },
-},
-{
-    {
-        { 0x809c8d7, 0xdaebde0, 0x0e95ea1, 0x58c761c, 0x00ae5e2, 0xbd99650,
-          0xcd51acd, 0x6117a85, 0x7c55d56, 0xc4424d8, 0xdfbeeaf, 0xe9b1dde,
-          0x0db4791, 0xda98bb5, 0x3fca108, 0xff3a5a6 },
-        { 0x5ccbea1, 0x172fb8e, 0xa9f6cc9, 0x9fe12a7, 0x8967ce2, 0x1de4b0b,
-          0x671dbc6, 0xc1ab60f, 0x5dedcda, 0x338385a, 0x3a043fe, 0x647a420,
-          0x28ebc89, 0xe9abc64, 0x03ba3c8, 0xc357ff0 }
-    },
-    {
-        { 0xde39ebd, 0x37061e7, 0x2be567a, 0xebb9135, 0xd6bb80a, 0xa9a6f6b,
-          0x99f0ba2, 0x039345d, 0x98bbf47, 0x215494e, 0xa2a1ccb, 0xf2cb7a4,
-          0x37f67c9, 0xf51aa10, 0x17fff71, 0xd29c85c },
-        { 0x4d30b87, 0x8d4e4f2, 0x93a8309, 0x20fdf55, 0x757075c, 0x9b9f9cf,
-          0xcd70101, 0x09142ad, 0x766ca55, 0x901d0ee, 0x32e418b, 0x6a5d86a,
-          0xd7fcaec, 0x550ad92, 0xd91b26e, 0x64e8818 }
-    },
-    {
-        { 0x47e5ee5, 0x5cea0f7, 0xbe99699, 0x8ca1d31, 0x5c136c7, 0x52db846,
-          0x90e0d74, 0x8cecb38, 0xede2ad8, 0xb8efe9d, 0xf17ade8, 0x18d6ff8,
-          0x2d66c20, 0xd222735, 0xf2005fd, 0xc46593e },
-        { 0xf7141e1, 0xe5ebe6f, 0xe0126f2, 0xc968315, 0x1cb91b6, 0x95adc73,
-          0x38a6003, 0x753b54c, 0x4230a61, 0xa614125, 0x559fece, 0x23ac6eb,
-          0x3865c23, 0x9816b60, 0x543a570, 0x567014e }
-    },
-    {
-        { 0xdd2b71f, 0xd46091d, 0x97d24ff, 0x3999a5d, 0x1ecff3c, 0xce2a4f1,
-          0x581c6f0, 0xab2687c, 0xcba70b4, 0xa9fb2eb, 0x42093e1, 0x6fde356,
-          0xaee724a, 0x00253ec, 0x2b81bdd, 0xa08ce3c },
-        { 0x935a2b3, 0xa251238, 0x584f750, 0x8cae1d4, 0x988a219, 0x011469e,
-          0x5a6a50e, 0x61f7ed3, 0x01fcebd, 0xe13ebaa, 0x31d8867, 0x794b976,
-          0xcda32e7, 0xf25755c, 0x4564cd1, 0x368a97b }
-    },
-    {
-        { 0xaa3397b, 0x0d22224, 0x38066db, 0x1dbb3e6, 0x0ce8e32, 0xfe0b5ee,
-          0x7bab4dc, 0x09c17c8, 0xf188b64, 0x5cc65dd, 0x211b5fa, 0x74c4abf,
-          0xab0ba86, 0xdcc17b7, 0xa535501, 0xfbdf46f },
-        { 0xaca569e, 0x4775087, 0x06a1718, 0x6575f90, 0xb94de93, 0xb5c45a9,
-          0x8497171, 0x0fc8006, 0x489f7ab, 0x775d965, 0xf5c0c89, 0x8775b58,
-          0x1a06254, 0x05d4e20, 0xb6d73a5, 0x8cab349 }
-    },
-    {
-        { 0x39465b0, 0xca78163, 0x14498fd, 0x3ef9148, 0x6255c11, 0x9ca1f34,
-          0xb7f38f1, 0x389fd15, 0x354b8f3, 0xdac2089, 0xa840a70, 0x82d07fc,
-          0x1dd483a, 0xf53fd73, 0x1590578, 0xa6e4eae },
-        { 0x3c01b77, 0x7bf65af, 0xa75c982, 0x27542f3, 0x716cfce, 0xc5bd947,
-          0x884b9e7, 0xba5fe76, 0xd55725d, 0x39bae14, 0xfae0eab, 0x982f64e,
-          0x7a5293a, 0xcfae662, 0xd60f464, 0x22a25a1 }
-    },
-    {
-        { 0x7dd5e16, 0x74caecc, 0xce7bca3, 0x23678a2, 0x57f1ba1, 0x4673932,
-          0xa4c1697, 0x4eb9948, 0xeaba18d, 0x5d400e8, 0x9807871, 0x128d1c8,
-          0xbff38a6, 0x78f9627, 0xa39d4cc, 0xf80b813 },
-        { 0x31d3aad, 0x8aeefa0, 0x27db664, 0x5042199, 0x4cb6383, 0x244fc69,
-          0x72192a3, 0x3190477, 0xbbfb57b, 0xcc86075, 0x4451511, 0xbae3a13,
-          0xf6174f0, 0x16cf416, 0xd376813, 0xb343cc0 }
-    },
-    {
-        { 0xd1824b7, 0x31ac9b9, 0xec8f61a, 0x6282260, 0xc781765, 0xbbeb9f8,
-          0x2d110da, 0x06ab5c0, 0x47146b8, 0xd583e22, 0x4100d05, 0x79a1608,
-          0xf0a5c95, 0x16dbbb4, 0xe331667, 0xfe2af1d },
-        { 0xaf8710e, 0x26f0364, 0xeec08fe, 0x1cb8c91, 0x1d95e9f, 0x436bce6,
-          0x57944a0, 0xfe9050c, 0x07b626b, 0x5f45acf, 0x9cf1276, 0x48dc93f,
-          0xa05bfb7, 0x4491371, 0x4bcf785, 0x5106304 }
-    },
-},
-{
-    {
-        { 0xed0b3b6, 0xac2e294, 0x671637b, 0x5c5ade6, 0x1140677, 0x2f289ce,
-          0x754eb53, 0xaf446e2, 0x20421ad, 0x70911b7, 0xe0b7556, 0x4b73836,
-          0x2a97827, 0xcadf104, 0x8005bc6, 0x4824e49 },
-        { 0x937c28a, 0xb0eeccd, 0x0c3ee97, 0x1ce061d, 0x9f33faa, 0xcb07631,
-          0xaea66dc, 0x9980bf4, 0xd111d98, 0x2bd0755, 0x7fe4de0, 0x43feaf6,
-          0xb077b2f, 0xe76fb80, 0x5793b04, 0x227dc9f }
-    },
-    {
-        { 0x14f49ba, 0xea24ae5, 0x11436e7, 0xbc39ea6, 0x78485d8, 0x9d7fed2,
-          0xdf8b131, 0xb6ef00c, 0xfdbc7af, 0x0237b4b, 0x64ccd27, 0x08745b5,
-          0xafc5a76, 0xaf8595d, 0x29f5500, 0x43657af },
-        { 0x48470f8, 0x3007183, 0x640fd53, 0x51f91fd, 0xbe15512, 0x859c807,
-          0xab3e9c5, 0x7d1a474, 0x81553e5, 0x5d714d9, 0x6f62310, 0x0757343,
-          0x6b02a62, 0xedc5be0, 0xea47832, 0x5a4b9b7 }
-    },
-    {
-        { 0xe93dbb3, 0x03e0a24, 0xcadc884, 0x25841dc, 0x8d10ad5, 0xabc1a81,
-          0x2042ddd, 0x207e38a, 0xfeba8d8, 0x7fffbdb, 0xa3ec9b5, 0x74efebb,
-          0x0b40a9f, 0x0bc39ca, 0x0267feb, 0x69ee9c9 },
-        { 0xbc62919, 0xd402fac, 0x1cf53c6, 0xe9f8fc1, 0x7cc7d81, 0xe76fa5a,
-          0x96bb19d, 0x4f2d876, 0xadc67c7, 0xd4fb7f9, 0x96702dc, 0x40621d5,
-          0x438f6c5, 0x5b6a98e, 0xf1a1036, 0xa7c64de }
-    },
-    {
-        { 0x9a092c7, 0x84c5e80, 0x11c22b7, 0x9e40e0a, 0xd06c99b, 0x820a091,
-          0xeecca8f, 0x45fdc77, 0x5794f16, 0xfe1b8a3, 0x4ce3d6d, 0x31f7e5b,
-          0x82c74c8, 0xfd5e010, 0xc1f6f7d, 0xfdabf30 },
-        { 0xb9248a0, 0xbfa6017, 0x546b941, 0xe898d30, 0x207ff65, 0x878c492,
-          0xb874e64, 0xbf22e8d, 0x53a547e, 0x43fdb1b, 0x5fbd464, 0xb66deda,
-          0xc7ae1b5, 0x59127a6, 0x6a7515a, 0xa463646 }
-    },
-    {
-        { 0xde9ab2e, 0x22c4e66, 0x0203c58, 0xfaf60c2, 0x0d5c5ed, 0xed2d7bf,
-          0x4ca0f19, 0xdbc16fe, 0x465b979, 0x54e8ef6, 0xa310ef9, 0xe2d64b1,
-          0x3778636, 0xa0f2c95, 0x281883b, 0xf3b4aa4 },
-        { 0x9be6629, 0x4ac9af0, 0x1ca90c5, 0xba455e1, 0x856f492, 0x0147538,
-          0xabd7840, 0xc80db7e, 0x6beb9cd, 0xb3526d9, 0x9d81503, 0x37657fb,
-          0x193cec3, 0x8729a16, 0xd69952a, 0xd9a93fb }
-    },
-    {
-        { 0x94f47c6, 0xfce0175, 0xe366d05, 0x228da21, 0xdc8baf3, 0x27ce0b2,
-          0x6b4a951, 0x8cc660b, 0x384bb01, 0xf678947, 0x44d980c, 0xc629d7d,
-          0xe85e81f, 0x47980e4, 0x1cd723e, 0xa2e636a },
-        { 0x77fb207, 0x6b6ebae, 0x4c92891, 0x7017961, 0xb4d279c, 0x5569541,
-          0x41758cb, 0xbb6b36a, 0x27a8e30, 0xecaa222, 0xb470ad9, 0x8b6746a,
-          0x63e2d3d, 0x4c46017, 0xd3edaec, 0xe19c4ed }
-    },
-    {
-        { 0x34718c8, 0x0b43fec, 0xf33499f, 0x553c407, 0x970d1db, 0x8272efb,
-          0xa8e8d1c, 0x008c62c, 0x63eec45, 0xe4b79d7, 0xf2d71a3, 0x1fd4230,
-          0xa368c36, 0x090fdaf, 0xfca7baa, 0xf62c101 },
-        { 0xd2395b3, 0x1c9e6c8, 0x04c5513, 0x671ed63, 0x299a465, 0x577d933,
-          0x63f9986, 0x286890e, 0xbfc979c, 0xd92a95d, 0x2b51019, 0xcebd79d,
-          0x3d07251, 0xe74d88b, 0x906f9ad, 0x8b6db73 }
-    },
-    {
-        { 0x7b3d90c, 0xc0c43db, 0x4304a06, 0x85d154e, 0xaf2f38e, 0xe8aceef,
-          0x83d9459, 0x5e04293, 0x431afd1, 0x65e5e32, 0xa900a65, 0x9e5f050,
-          0x8a26671, 0xcbaa171, 0x9c93de7, 0x33d0b24 },
-        { 0xd5b6680, 0x3dcbf92, 0x20006f9, 0xc47e5ec, 0x9a51924, 0xc971129,
-          0xcd0ed46, 0x665d9b8, 0xa5fcab6, 0xed2d63f, 0xcfbfc5a, 0xa817eb6,
-          0xb76eb76, 0xb38169f, 0xf11160b, 0x8b93544 }
-    },
-},
-{
-    {
-        { 0x693bdcd, 0x02eca52, 0x2ae01d6, 0xbbf0923, 0x8b44b3e, 0x0b0a2de,
-          0xb250dff, 0xdb82449, 0x6e1c530, 0x0c42b86, 0xa64c2c4, 0xcd226dc,
-          0xf046b5f, 0xcfb2bb1, 0x3fccb0d, 0x97e2fae },
-        { 0x45ed156, 0xdf92907, 0xf641229, 0x224dcb9, 0x5f1f67e, 0x2126abc,
-          0xe9c8a6b, 0xa7eed5a, 0x9857d9b, 0x40abedc, 0xde941c6, 0x3f9c7f6,
-          0xd725ddf, 0x2158d42, 0x8c69543, 0xbdd1015 }
-    },
-    {
-        { 0x8df2fbc, 0xa7dd24e, 0x13d1aee, 0x3adbcfd, 0x13b2177, 0xf6a32d1,
-          0x7a9a14c, 0x89a7232, 0xdc65df9, 0xe3aef43, 0xa64d74c, 0xeaec3e3,
-          0x4fec33b, 0x4d387d8, 0x21a2128, 0xaba2a05 },
-        { 0x6b85e30, 0x2382c22, 0xcd2aad3, 0x4352d85, 0xd9772c4, 0xb0c6001,
-          0x5f3653f, 0x7ed8263, 0x0300f47, 0x3626a6f, 0x6ca7e4e, 0x23909de,
-          0xc154141, 0xb43dd81, 0x7e4bc68, 0x9a49fad }
-    },
-    {
-        { 0x2428f88, 0xa3661df, 0x56e0db2, 0xbe48b02, 0xce79aa9, 0x3cd1871,
-          0x23dddac, 0x90ab871, 0x71871a6, 0x9c58fb9, 0xa34910e, 0xf031f7f,
-          0x81060e4, 0xb501eea, 0x791224e, 0xdb668ba },
-        { 0x6a705bc, 0x240bbcb, 0x2d1865e, 0x7e76fbd, 0x2513641, 0x6e2cd02,
-          0x46365c9, 0xe6c5225, 0xa5a01fb, 0xe46a8b8, 0xb67618b, 0x696fa7b,
-          0x0db6792, 0x418b3b9, 0x7108b9c, 0x7204acd }
-    },
-    {
-        { 0x8456b45, 0xb5a143b, 0xf53b4d9, 0x8a3ab25, 0xe13a570, 0xb112a58,
-          0x81487d2, 0x613ca32, 0x3b1e7c9, 0x837d823, 0xd41e9d5, 0x592bade,
-          0x5cd02f2, 0xdc1893a, 0x8972e23, 0x0879502 },
-        { 0xcb76261, 0x7003c08, 0x332a5e0, 0x14bde9e, 0xcbbd78e, 0x14b2872,
-          0xde238e8, 0x5594061, 0x067466c, 0xad12645, 0xf5e4952, 0xa8d0e64,
-          0xc7f8d06, 0x5b44b82, 0xfb1b828, 0xb51bea8 }
-    },
-    {
-        { 0x3f0dacc, 0xebad685, 0x1cbebbc, 0x5c31b8b, 0xfa5a2dc, 0x6746975,
-          0x31d9faa, 0x2d95965, 0x00fc0e4, 0x343797d, 0x55fe01b, 0x38d821c,
-          0x7323aa0, 0x0bfdb24, 0xf962a8e, 0x42613c4 },
-        { 0xe134bc0, 0x599a211, 0x47a7084, 0x75fa4a1, 0x7f734b5, 0x6e71948,
-          0x6dfca2b, 0xd5ced2d, 0x8aeabd2, 0x9fa0fdc, 0x12361da, 0x5e6b03f,
-          0x5859fcf, 0xad23d31, 0x25a5fc8, 0x3120ef1 }
-    },
-    {
-        { 0x8e9f638, 0x990ef62, 0x626a60c, 0xfdaa240, 0x2abddab, 0x4a3de20,
-          0xd8872b2, 0xd5d10b7, 0x1ea5880, 0xa01b730, 0xa81b9d8, 0x481697f,
-          0x3471ed8, 0x2984153, 0x292d37c, 0xefd73f8 },
-        { 0x9994beb, 0xdda7626, 0x6a4f865, 0xa037703, 0xe5b47d5, 0xda992ec,
-          0xe53edba, 0x912a427, 0x9264e45, 0x6467598, 0xaf71222, 0xd3b68c3,
-          0x6dedc5f, 0x9d3436c, 0x076b2ad, 0x1e027af }
-    },
-    {
-        { 0x4382f4a, 0xd56fca1, 0x8966b7b, 0x83712a4, 0xa4c9ddb, 0xd6b2cf5,
-          0xf602875, 0xa66be29, 0x894f3d0, 0x70e4266, 0xb3195ca, 0x007d220,
-          0x82c74d4, 0xba38d8f, 0xd975cbd, 0xdccc5fc },
-        { 0xc88b38b, 0x03e1610, 0x52e0d8d, 0xeb9f9a1, 0xb646eb7, 0x6a57eca,
-          0xc76b6c1, 0x161641f, 0xbd2e12b, 0xf9025ad, 0x5c0e26d, 0x87c74db,
-          0xbfeca74, 0xed5cb51, 0xe34a08c, 0x603dfb6 }
-    },
-    {
-        { 0xcb03307, 0xc4be728, 0xc2741cc, 0xde34c0e, 0xa74eb17, 0xe01db05,
-          0x8905e4b, 0x1bfce0c, 0xd1b1826, 0xb18830a, 0xe87bbfb, 0xcacbb41,
-          0xd2f1a79, 0x8696842, 0x08c83ea, 0xa80e5fb },
-        { 0x3f1439c, 0xe48f163, 0xcd6987b, 0xc1d4108, 0xb751814, 0x05705c4,
-          0xc1c622d, 0xa9bffd0, 0x46cd053, 0x23de4af, 0x39457c3, 0xf782f5e,
-          0x5e5d243, 0x815276b, 0x6161ae3, 0x3132041 }
-    },
-},
-{
-    {
-        { 0x77f2542, 0x2459661, 0x8372b25, 0x203be7e, 0xee2007b, 0xc7c9426,
-          0x0621799, 0xc564138, 0xc28c3ce, 0xda56589, 0x7afc1e3, 0x13e8a7c,
-          0xe352082, 0xdba81e9, 0x04435c7, 0xf430549 },
-        { 0x691de4a, 0x4d26533, 0xfb777ab, 0x364408c, 0xeae7f88, 0xccdfb43,
-          0xa525b11, 0xbc40f44, 0x3c60627, 0x8e112a5, 0xe17e696, 0x7f7c581,
-          0x1ea774a, 0x0fd7878, 0x0b1f582, 0xd09e632 }
-    },
-    {
-        { 0x70aab15, 0x44390bd, 0x889c3f2, 0x41112bc, 0xd685349, 0x6b02894,
-          0x5584dfe, 0x7103001, 0x1ba7887, 0x373cb1b, 0x2a017c7, 0x53d286c,
-          0x3c81fdc, 0x2ed0388, 0xfbcc6fc, 0x3bfc5e3 },
-        { 0xfd6418d, 0xd38ac6f, 0xbfad89e, 0xc667e96, 0xeab4d66, 0x46f4f77,
-          0x0911293, 0x194c04f, 0x68c48d5, 0x0fd09cf, 0x63cf7f4, 0x6f5b055,
-          0xacd562f, 0x0c0a8c4, 0x36d965d, 0x94c1d83 }
-    },
-    {
-        { 0xcaa127a, 0x94fc8f0, 0xd803690, 0xc762d5d, 0x1ebf0d3, 0x8bfdfd1,
-          0x48eac50, 0xa98cdf2, 0x8b5ff10, 0x3d7365d, 0xc65b4de, 0x20dc29b,
-          0x8ec7c68, 0x62ac28e, 0x90372d2, 0x7f5a132 },
-        { 0x3246658, 0xf3d8a25, 0x9ac202a, 0xa4bebd3, 0x5cc1697, 0x078ede7,
-          0xc8fc022, 0x5525800, 0x5fae77b, 0x302a802, 0x57917b6, 0x0180139,
-          0x864bf55, 0x7c8806d, 0x12f06f1, 0x4e2d878 }
-    },
-    {
-        { 0x3d66e88, 0x8d35118, 0xa91d02a, 0xfb861a1, 0x7850e5f, 0x8c27c2a,
-          0xa5496f6, 0x9fd6399, 0x8080049, 0x52152ae, 0xfd1c2dc, 0x600e2ff,
-          0xffe8b2e, 0xc75902a, 0xe03b175, 0x5c4d2cc },
-        { 0x4f57e78, 0x8ad7c42, 0x1736f87, 0x77cf606, 0xf85038a, 0x2876012,
-          0x1b97b95, 0xff32845, 0x392dfc8, 0x3cc6dd5, 0xa6f5075, 0x72f1363,
-          0x71de894, 0x028ec44, 0x6f45a86, 0x7030f2f }
-    },
-    {
-        { 0x9695817, 0x66400f5, 0xf20ea36, 0xeda0a7d, 0xd394992, 0x855be51,
-          0x8336f62, 0x2d082c1, 0xf28c868, 0x30944dd, 0x0dc86d0, 0xfb5f853,
-          0x564a0bd, 0x9562ae5, 0xb6b9b51, 0x1f7ea12 },
-        { 0xd0a7148, 0x5bd74e0, 0xb91e572, 0x6c8247f, 0x47da498, 0x699aba5,
-          0x1f7c814, 0xed82581, 0x62057b9, 0x434674b, 0x15c15b4, 0x8b4df5e,
-          0xb110081, 0x2a97da1, 0x4c417fe, 0x2a96b0c }
-    },
-    {
-        { 0x237639d, 0x4f75dfc, 0x1db7029, 0xe5ad6bc, 0xb3d28f7, 0xd43e06e,
-          0xe447989, 0x89f3bb5, 0x01a1a6e, 0xc426a2c, 0x315878f, 0x33ea71c,
-          0xb1b5705, 0x8a7784a, 0x77ca811, 0xa59e86e },
-        { 0x36ae155, 0xddb133c, 0x0d51b42, 0x49f1d4c, 0x9d05519, 0x5508082,
-          0x5291816, 0x20e23be, 0x67181ec, 0x35047ec, 0x7aad091, 0x6237dc4,
-          0xe2e25a2, 0xa1d3ce1, 0x0d3db4c, 0x1de0522 }
-    },
-    {
-        { 0xd9fd423, 0xe9a5e19, 0x9801e43, 0x0c2c3d0, 0x28df2da, 0x043c2dd,
-          0xe1ad12a, 0x4eecab4, 0x9615aa5, 0x97e1797, 0xca7bb5e, 0xe57b879,
-          0xcc92619, 0xa2a903c, 0xaa56e93, 0x5cef370 },
-        { 0x7f3232c, 0xbef29fa, 0x2b7ad5c, 0x1cf35ed, 0x3b6077a, 0x35c4893,
-          0x7a1d47d, 0xe065148, 0xce14572, 0xedb4673, 0x0b17629, 0xdc9e98c,
-          0x9a02a5c, 0xef98ebe, 0x11d03c0, 0x1f772e3 }
-    },
-    {
-        { 0x4608f72, 0xcbdbdcd, 0x5a13c6f, 0xb435223, 0x4bb3c21, 0xa6497f6,
-          0x12c15c9, 0x3af2383, 0x6322d11, 0xfbbf4b3, 0xc641775, 0x520a5c6,
-          0xe81e0e1, 0x18cd967, 0x3de3871, 0x980b2c6 },
-        { 0x9ae44a2, 0xfa9db61, 0x176bc56, 0x0281dd2, 0x8a7f817, 0xfd03711,
-          0x4129b30, 0x9c48545, 0x039626d, 0xb439648, 0xe4ada6b, 0x355050e,
-          0x7f5d98c, 0xc9c16d6, 0x18c4d5e, 0xf53ccc3 }
-    },
-},
-{
-    {
-        { 0x3ffb20b, 0x50ae942, 0x6865eb4, 0xa6c0b42, 0x09930f1, 0x4677f7d,
-          0x4a16427, 0x742e0b6, 0xf976f9a, 0x521d18e, 0xa454749, 0x43ac9cf,
-          0xc51f50d, 0xda3a91d, 0xad6f954, 0xf657029 },
-        { 0x6b4f99a, 0xfe5f064, 0x63ad4ce, 0xd92a5d9, 0x2e0e081, 0xfcb5509,
-          0x8d8a858, 0xadc85ab, 0x0632f0f, 0x8e9b966, 0x8d7216d, 0xe7a4f16,
-          0x59c3b99, 0x00a4cc5, 0xba09dc1, 0xed6d0bd }
-    },
-    {
-        { 0x1621beb, 0x7236d14, 0xbc7ca95, 0x1751fd4, 0x2f5319c, 0xaa619d1,
-          0x4e9316f, 0xfc2b15b, 0x9fd4d33, 0x2d1a906, 0x8ced829, 0x28c3bac,
-          0x1dd998f, 0xf2efab5, 0x3b149ed, 0x2c13330 },
-        { 0xf601ac6, 0x65237c9, 0x07d6a45, 0xb54dd65, 0xfb1a4cf, 0xa1ce391,
-          0x115f67e, 0x2957533, 0x465279b, 0x6456da8, 0xa993e02, 0x02890aa,
-          0xb7175e4, 0x6891853, 0x0f3e59b, 0x3fda203 }
-    },
-    {
-        { 0xd8c6e0b, 0xe99fe12, 0x5341c56, 0x7cb07ff, 0xdf77b24, 0xc292c7b,
-          0xca29906, 0xf52dfd0, 0x772f02c, 0x4a6aa26, 0xe1bbd09, 0x26f7684,
-          0xee7c2a8, 0xec56b2b, 0xad4a312, 0x67709e6 },
-        { 0xc570263, 0x99c57b2, 0x2faafae, 0xeb0100b, 0xff25eca, 0x980d5d1,
-          0x82cf936, 0xace35e6, 0x44679ed, 0x5a82ce5, 0x074b81e, 0x5c76a41,
-          0xa00abb1, 0xf36fa43, 0x04ffb2d, 0x0642819 }
-    },
-    {
-        { 0x04bdd28, 0x68f6bc8, 0xb5dc7ad, 0xc311d96, 0xed32e45, 0xff0d646,
-          0xe0f712d, 0xaf3cdc6, 0xd483861, 0xd4508e9, 0x0e1c277, 0xb624be5,
-          0xc5dd841, 0xc510275, 0x298dc02, 0x451c5c3 },
-        { 0xdd34d6b, 0xf87d479, 0xdd06a38, 0xda7f293, 0xb699e9f, 0x575e129,
-          0x215b2cc, 0x79e5fb2, 0x657e690, 0xd280028, 0xe702a71, 0x7fecd09,
-          0xfa13677, 0x85160ab, 0xce65f64, 0x5de3427 }
-    },
-    {
-        { 0xe8fff38, 0x84e4bf6, 0xb358b1c, 0x16f3725, 0x3b472a5, 0x360371c,
-          0x52f217a, 0xe64c061, 0x0501241, 0x8e67379, 0xab2dd96, 0x88e81d6,
-          0x1385604, 0xf3e218a, 0xe84184d, 0x9736caf },
-        { 0xdbb93a3, 0xb55a043, 0x9301088, 0x335088f, 0xb2a4959, 0xcea7a2d,
-          0xb882c33, 0x48e5d4a, 0xad46179, 0x114f09b, 0xb446576, 0x4416467,
-          0x34c6c2f, 0x01cb23e, 0xa02db8a, 0xddebf04 }
-    },
-    {
-        { 0x9bde8a1, 0x36d60cc, 0x676e4ad, 0x20fd2f2, 0x8936581, 0xebdcfb7,
-          0xdbfc2c3, 0x245d0d5, 0xa9f82e5, 0x104c62c, 0xd654d9b, 0x7387457,
-          0xae7f10e, 0xe966777, 0x1d8e582, 0xefeb16f },
-        { 0x70364b5, 0x4faf4f1, 0xd612472, 0x0e1ab58, 0xfed6085, 0x11bbfe7,
-          0xa59a09a, 0xb360a14, 0x722fdb6, 0x61d96e9, 0x94068bd, 0x16a12f1,
-          0xf73c2be, 0x225bf07, 0xc8bd24e, 0x1e64665 }
-    },
-    {
-        { 0x3698c75, 0x27a478a, 0x6202aa2, 0x778ccd3, 0x8d87f1f, 0x0149c63,
-          0x784edae, 0xa660e5f, 0x82adfa8, 0xe0d4d2f, 0x1ba1f9d, 0xf512dd6,
-          0x6245c58, 0x90cfed9, 0x18b53dd, 0x6c3a548 },
-        { 0xbdc094f, 0x833f70c, 0xb1514e7, 0xa5f26f5, 0x1c8cf13, 0x93e7cf5,
-          0x186ec43, 0x1436601, 0xe78170a, 0x81924ac, 0x8694368, 0xcc880a0,
-          0x0b62cbb, 0x2dfa955, 0x96b4a2c, 0x0bc6aa4 }
-    },
-    {
-        { 0x3561aa2, 0x5157a7e, 0x8645c1e, 0x525c500, 0xce7cbb3, 0x22feb4e,
-          0xc89a58b, 0x36d0d25, 0xc9bde9c, 0x43131f7, 0x881f731, 0x74afdda,
-          0x7c8e36a, 0x99ab87c, 0xc1d4fb2, 0xf07a476 },
-        { 0xbebc606, 0x1b82056, 0xfcf089f, 0x95a1e5a, 0x2b55d5c, 0xc5bccfa,
-          0x00eb0b1, 0x8fbc18e, 0x9efb483, 0x93a06fe, 0x2d74c57, 0xcafd725,
-          0x3de4350, 0xc7518f0, 0xc6fd762, 0x9a719bf }
-    },
-},
-{
-    {
-        { 0x2362087, 0x5ee0d83, 0x0b167e8, 0x7f2c0d7, 0x5e0e865, 0xb732789,
-          0x98c4e65, 0xef5b2e8, 0x8fe9cc1, 0x222797d, 0x82d1e15, 0xfe6d73e,
-          0xf62dc4b, 0xc7c0e9c, 0x937ceda, 0x962acfe },
-        { 0xc1e85c7, 0xd763711, 0x2836978, 0x8f2dbbc, 0x8c44e98, 0xbadc055,
-          0xa3e93f8, 0xed63eab, 0x41b55c7, 0x807e857, 0x6d1207b, 0xd51ae5e,
-          0x39d541b, 0xa0ef9a6, 0xa0c56a5, 0x58855f9 }
-    },
-    {
-        { 0x213091d, 0x7d88eaa, 0x45b6a0d, 0xcbdfee7, 0x4f5e077, 0x826a012,
-          0x90f1e4c, 0xb04fc13, 0xaea69aa, 0x1961ac3, 0xd5bb63e, 0x3afb719,
-          0x4ac7e5c, 0x2a37837, 0xc50ca45, 0x78efcc1 },
-        { 0xb8abdef, 0x346e8f0, 0x88095d0, 0x27e3dbd, 0xffc6c22, 0x56d3379,
-          0xfa4b291, 0x67d416c, 0x3b1b373, 0xc3baaf6, 0xdf73bae, 0x0184e1f,
-          0x9167528, 0x38ae8f7, 0x35d6297, 0x7329d4c }
-    },
-    {
-        { 0xf568c52, 0x45d2ac9, 0x9808593, 0x5134814, 0x31b7ed8, 0x0c92d83,
-          0x0876ecd, 0x921327a, 0x052736a, 0xf752d75, 0xbc6b837, 0x7b56487,
-          0xa23b4cc, 0x6b1a320, 0xec0d665, 0x1983937 },
-        { 0x08554ab, 0x2c3017c, 0x366e87f, 0x40ad955, 0x8ed7f02, 0x88c4edf,
-          0x3cc5e6d, 0x64a7db1, 0x2dc978b, 0x5ac91fa, 0x925d2a2, 0x016a20d,
-          0xabb57b4, 0x3604dfe, 0xd7e2e85, 0xc3683ec }
-    },
-    {
-        { 0x4c0c6d0, 0xc47150a, 0xe22adcf, 0x30af45e, 0x022ea4b, 0x39b5acb,
-          0x77203b5, 0xfbe3185, 0x6fd9b59, 0xe5aaa34, 0xdd1c8dc, 0x0062c90,
-          0x54049ac, 0xcf113f3, 0x63a31b5, 0xd8fba4d },
-        { 0x1056a69, 0x73b5488, 0xd780bda, 0x3be6cbc, 0x30ba2b9, 0x5776ec2,
-          0x8e8d6f7, 0xbe883cf, 0x5c2be6f, 0x64efe94, 0xf1ade8d, 0x064f704,
-          0x743110e, 0x41cfd17, 0x4c20abe, 0xaac9411 }
-    },
-    {
-        { 0xf1c1468, 0x91f9192, 0x4563e13, 0x8176e74, 0x0bda15d, 0xa48b5f9,
-          0xda42af6, 0x2a085ae, 0x425c018, 0xfd38ab2, 0x08abafb, 0x2884ba4,
-          0xcbd091d, 0x356f318, 0x817871b, 0x454e450 },
-        { 0x8ada531, 0xe080e81, 0x3152ba8, 0xa40f1eb, 0x0c38eb1, 0x051049f,
-          0xbd45003, 0x37e4bb3, 0x54a01e5, 0x6d09804, 0xeeb824a, 0x6de932f,
-          0xdc93481, 0xccdef37, 0x93a05e8, 0x8633e07 }
-    },
-    {
-        { 0x034675c, 0xbe94256, 0x08db789, 0x376c01d, 0x9af1b6b, 0x8707ee7,
-          0x11bfbac, 0x633b3ef, 0xd06db60, 0x694f33f, 0xbb13407, 0x2a68bfc,
-          0xda27c3a, 0x1c860c9, 0xd701ac3, 0xbca16de },
-        { 0xc59ffd0, 0x2b76cfa, 0x54d718d, 0xf9a1165, 0x67f0878, 0xf86a1db,
-          0xaf34e85, 0xe313e05, 0x3343159, 0xa188811, 0x0bb7ed1, 0xdbe4c3f,
-          0x0c732bc, 0x73b67e8, 0xe74110e, 0xa4e1c87 }
-    },
-    {
-        { 0x5c6770c, 0xce1106b, 0x5c0bcb7, 0x422c70b, 0x8195e7f, 0x32a3990,
-          0x1ccd4aa, 0xa24968d, 0x720e557, 0x8f08ecf, 0x54bcc81, 0x5da10a4,
-          0x6cd846e, 0x9d3c73b, 0x368d065, 0xaeb12c7 },
-        { 0xcf9fd1b, 0x2110859, 0xee2bd6d, 0xd2a4801, 0xe9466ac, 0x376e556,
-          0x3b5aa35, 0x767803b, 0xb8a89ba, 0x343f842, 0x6726bbf, 0x3263cc1,
-          0x25871b0, 0x26caf17, 0x41b8578, 0xef66ad6 }
-    },
-    {
-        { 0x638068c, 0xc9f2249, 0x1ccf9af, 0x96d282c, 0x69b435a, 0x71df30c,
-          0xcb9d5c9, 0x88c943a, 0x2a8f378, 0xbf98ef1, 0x114c6ff, 0xffc1824,
-          0xd52e8c7, 0xda3ad2c, 0x1afcb59, 0xf1222bc },
-        { 0x0ee334a, 0x459e94b, 0x421933a, 0xd4477b8, 0xa1e401e, 0x60fb7b0,
-          0x0d1e330, 0xfde6e82, 0x3233fde, 0xcecfe9b, 0x2e93523, 0x09ec466,
-          0x30775b9, 0xa5ba649, 0xadf80f2, 0xcc397e5 }
-    },
-},
-{
-    {
-        { 0x4ddc8a8, 0x2fe182d, 0xac056bf, 0x88d6e79, 0x0e41e4e, 0xc3ff2d1,
-          0x2c3679f, 0x32ec7f9, 0x4e61051, 0x3561f09, 0x6c6250a, 0x4553f5a,
-          0xdd25c5b, 0x2b765ef, 0x6a1cd7f, 0xe3a40a2 },
-        { 0x5d821dd, 0xb27309b, 0xc2c17ca, 0x950fb8d, 0x8fb0d4c, 0xfeed015,
-          0xf550179, 0x762c479, 0xe095840, 0x306cf44, 0xd379e66, 0x84b413a,
-          0xbb2e4f1, 0xd6e5d5a, 0x94b085d, 0x8bc12b7 }
-    },
-    {
-        { 0x04b5532, 0xc0d4cb8, 0xb9940a6, 0x7a31525, 0x68c69d1, 0x010e7dd,
-          0x2a18c35, 0xd81f29d, 0x3f11e73, 0x08ae770, 0x6e55106, 0x5358f87,
-          0xc960ef5, 0x299e8ca, 0xacfc8dc, 0x89a6fb4 },
-        { 0x6dc7d4a, 0x5996a40, 0xe51b96e, 0x21e5112, 0x09a202b, 0x95b8c3d,
-          0xd441f1f, 0x306ab0f, 0x98d4245, 0x2834fed, 0xd0abbde, 0xc29c387,
-          0xb805c15, 0xf6a9bf1, 0xc4e458d, 0x602f4f8 }
-    },
-    {
-        { 0xe5a893a, 0xf041486, 0x8934327, 0x53b891d, 0x4000758, 0x11e000d,
-          0x662bad9, 0xa4ccde8, 0xb9a1b64, 0xe34d3ed, 0x84e7a6d, 0x72d9675,
-          0x6627be4, 0x773da2f, 0xe835ae3, 0xa11c946 },
-        { 0x650bc15, 0x02e8203, 0xe58b78d, 0x2d35936, 0xf21a3cc, 0xe9cfbe8,
-          0x1049222, 0x55ad831, 0x38fff47, 0xbf99de4, 0x3831db5, 0xebbfd80,
-          0xaf2af42, 0xe990636, 0xb7f5a0e, 0xc26ae52 }
-    },
-    {
-        { 0xfa8f846, 0xb5d85b1, 0xb3b1455, 0x4166489, 0xd36a305, 0x768260d,
-          0x4ff5645, 0xc6a8235, 0xd6e93e5, 0xd241cd8, 0xa406e74, 0xeed9aa1,
-          0x5f600d9, 0x9e96ab0, 0x6eca2a1, 0xa26b8b5 },
-        { 0xd705aef, 0x78321cf, 0xc0161ec, 0xc4fb6b3, 0x5199cf1, 0xdc32441,
-          0xd0a5067, 0x33627d0, 0x15143ee, 0x13490cb, 0x85b4f44, 0x77e0ede,
-          0x394b165, 0x904f12e, 0xefab32d, 0x90f50f5 }
-    },
-    {
-        { 0xbc2de96, 0x4aa0a16, 0xaa9c12b, 0x172596a, 0x60e8a29, 0xd512e1e,
-          0xf637e83, 0x77d35c1, 0xd2aae0b, 0xbb0d141, 0x8c03738, 0x8a878a5,
-          0xab0e525, 0x6d24c01, 0xf760887, 0xb7d3136 },
-        { 0x3f91b7c, 0xdbc3f8f, 0xa8722c0, 0xe7b4bca, 0xda0ae65, 0x3286a91,
-          0x225b084, 0x8372274, 0xae1886c, 0x5884cd5, 0x3a23cf7, 0xb4e63ef,
-          0xf2dd0da, 0xfe5f202, 0x653916c, 0x951fac9 }
-    },
-    {
-        { 0x854fa4e, 0x05e2e8f, 0x1edaf10, 0xf411f94, 0xa0a928d, 0x26cc562,
-          0x4abce65, 0x78fd34e, 0x98a32e2, 0x1d87609, 0x4c37518, 0x85dc76f,
-          0x00e8021, 0xdcaeef5, 0x4e9b2a5, 0x7fcb2f8 },
-        { 0xf382c06, 0x9eba91e, 0x24cae53, 0x2052e85, 0xf5c1519, 0x617336e,
-          0xb4e632b, 0xf1546d5, 0xd7b8ffd, 0xa9edc81, 0x29ab68c, 0xdb2914f,
-          0xdebbaba, 0xe805070, 0xc3b719e, 0x775e53b }
-    },
-    {
-        { 0x065256a, 0xa40e294, 0x8fb031a, 0x9f11386, 0x059667c, 0xac03af8,
-          0x0475f58, 0x432eb3a, 0x01faad0, 0x22332bf, 0xbc57a11, 0xc8132e9,
-          0x3bc3f8b, 0x27d5a17, 0x930bf3e, 0x5471fc6 },
-        { 0xe6bff40, 0xba28bc0, 0x555e564, 0x198d57e, 0x9c65b8f, 0x13ce831,
-          0x5681b51, 0xb0a5c9d, 0xdeb9e11, 0x467588b, 0xbb4250b, 0xf1891a7,
-          0xd12b433, 0x10b938b, 0x24dcda4, 0x0b8c802 }
-    },
-    {
-        { 0xcf332d3, 0xc428703, 0xf2a5b98, 0x9d0053c, 0x7838a15, 0x4e4c620,
-          0xfbf8a43, 0x2e92919, 0x21cd9a5, 0x39ad524, 0x1561588, 0x584ed6c,
-          0x17a95c8, 0x20af305, 0xb70e1c8, 0xa223077 },
-        { 0x2fa4871, 0x679cfea, 0xac633c7, 0x54f2a46, 0x4cdc5f1, 0x6030651,
-          0x75a1dc7, 0xc4facda, 0x2d07d19, 0x710a288, 0x6b44992, 0xd55864e,
-          0x454c5b2, 0x44d4b6c, 0x72f9981, 0x2855d28 }
-    },
-},
-{
-    {
-        { 0xc7b0674, 0x4071b3e, 0xf8794d5, 0x800eb14, 0xbe6783e, 0x70573af,
-          0x7785901, 0xafaa440, 0x405f32c, 0x112d2a1, 0x169b3e2, 0x3761a52,
-          0x842a366, 0xe168b31, 0x9bf4734, 0x5bc322f },
-        { 0x976c4a0, 0x36ef240, 0xfea4e64, 0x066f3d6, 0xa989e57, 0x0e954bd,
-          0xf9466e4, 0xe36ef5e, 0xbeb9226, 0x6bb615a, 0x3d5a2ca, 0x5571e5f,
-          0x4897a86, 0xa86efe2, 0x28a9f77, 0xed7e9cf }
-    },
-    {
-        { 0x1f82c68, 0xdf10c97, 0x3b597e6, 0x796ba1e, 0xe718cbf, 0x1ac77ec,
-          0x410eac8, 0xc8175bb, 0xbc555ef, 0x0cdf9a1, 0x7524e05, 0x6b889f1,
-          0xae26d82, 0x6bf1e61, 0xd2e97d9, 0xb3f6ad5 },
-        { 0xf226487, 0x94dcff9, 0xbe03dde, 0x60e6356, 0x6a3dd7d, 0xda1f93b,
-          0x79ca90c, 0xf1be721, 0x1e6bce5, 0x05ed313, 0xd48af3e, 0xcf50908,
-          0x61e554f, 0x3b0e85c, 0xa2778d3, 0xfe7e35b }
-    },
-    {
-        { 0x75ac5a9, 0x42c5032, 0xda062c2, 0xa66a66d, 0xcaa7023, 0xa4f4f82,
-          0x64b4f86, 0x489d476, 0x97311ad, 0x10b1088, 0x177b2ec, 0x55dd637,
-          0x9a267b1, 0xa5ccff0, 0xff327b0, 0xf07690b },
-        { 0x2250cd2, 0x39162ed, 0x8b255f1, 0x1426de0, 0x1bdd731, 0xf227afd,
-          0xfa4c844, 0x78f8a36, 0x157379c, 0x267a211, 0xcc04acb, 0x3f05f92,
-          0xfc69cae, 0x374496c, 0x16ebfec, 0xbf2c5d0 }
-    },
-    {
-        { 0xd0518d1, 0x605418b, 0x9e1cbc6, 0x3237f80, 0x286c019, 0x37a7005,
-          0xb15af0b, 0xf1fb0e0, 0xaa853c0, 0xfc3b97c, 0xe6beba2, 0x1f48bd0,
-          0xe6a72f1, 0x8e5d7c5, 0x26ebf0c, 0x575e66d },
-        { 0x62eae3d, 0x0994776, 0x96c9c65, 0x53f074f, 0xb81bade, 0x6cfbfdb,
-          0x3fed7d1, 0x98b4efe, 0x38c3382, 0xdaa1123, 0x47b8ec6, 0xdf88b73,
-          0x9504a4f, 0x9b0fe4b, 0xf30c1c3, 0x2e7df4c }
-    },
-    {
-        { 0x2fc1833, 0x25380cb, 0x18d62de, 0xb8e248c, 0xd82f9db, 0x91c8f59,
-          0x2444750, 0x5ec2b20, 0x66b6f74, 0x3f3a1f7, 0xdd7d14d, 0x0180aa9,
-          0x2956b9c, 0xd0a342d, 0x7139873, 0x26e910e },
-        { 0x139e23d, 0x2261dc4, 0xb8343dd, 0x7edb181, 0xb4038dd, 0xfcf1073,
-          0xa3bfea3, 0x88870ef, 0x64a263e, 0x4e98ba9, 0x70811f5, 0x3c6e5dc,
-          0xf86055d, 0x17d28f5, 0x66e4199, 0xca9c276 }
-    },
-    {
-        { 0x964ef8c, 0x0b2d8bd, 0x88e2ba6, 0x5a99b85, 0x04498ce, 0x9e927b2,
-          0x756eb25, 0x9ff20c5, 0x3f27736, 0x97cc27b, 0x4729583, 0xf32dd6d,
-          0x0381a94, 0xbdc2658, 0xef2c06f, 0x70fef15 },
-        { 0x49252cc, 0x50a6191, 0x236b4b9, 0x9eb4a14, 0x8e00f78, 0x9b1b215,
-          0x6ea9c23, 0x27add36, 0xc3a8e79, 0xef61763, 0xd82ce56, 0xed4542f,
-          0x0caed75, 0xa8737e7, 0xd452d76, 0xeca0ac2 }
-    },
-    {
-        { 0x3d082d0, 0x20c0779, 0xc9e9f3b, 0x6e3ce64, 0x75a195f, 0xb3a4dce,
-          0xbdd9f24, 0x3a3c305, 0x8688942, 0xe2545c8, 0x080f32b, 0xa463c82,
-          0x42686b8, 0x4429748, 0x7213866, 0xf50e20d },
-        { 0x3826e74, 0x265ac52, 0x228e8ec, 0x26fba57, 0xe6b3ed8, 0x8a1e1db,
-          0xf0fe65a, 0x7c7b278, 0xc395234, 0x9a6df23, 0x0b0f114, 0x9956206,
-          0xef90837, 0x440c8c4, 0x3645f65, 0x21ad22a }
-    },
-    {
-        { 0xedd31b2, 0x1e023a6, 0x9ff8668, 0xf76d145, 0x17b45c8, 0x9707056,
-          0x1e88e37, 0x0612078, 0x922faac, 0x85c51c8, 0x22756d9, 0x4df392e,
-          0xa03c98e, 0x8907fd0, 0x52ea51c, 0x626f46a },
-        { 0x486c8a2, 0xf8f766a, 0x88ed18c, 0x8c499a2, 0x3c4f0de, 0x44d2dc6,
-          0x6f2a0b6, 0x47dde68, 0x4a973fd, 0x9a655f8, 0x786ac80, 0x3e7124e,
-          0xe8a0574, 0x699e61c, 0x31cdd0d, 0xdf0ba9a }
-    },
-},
-{
-    {
-        { 0xd73e69b, 0x76270ad, 0xc67d38a, 0x991120f, 0x9469f0c, 0x7be5830,
-          0x7db40ac, 0x93aba59, 0x822fc08, 0x2b707bc, 0x69551cd, 0x4199fc0,
-          0xf367324, 0x38deed4, 0x2228787, 0xca518e1 },
-        { 0xd9a9277, 0x72f1bef, 0xe49ae90, 0x57d4aab, 0xdb23478, 0x13810d5,
-          0x9b4b77f, 0x2a8b780, 0x1b4e004, 0xb542f4e, 0x3ec77f0, 0x4080fd0,
-          0xcec6596, 0xb49e9fe, 0x3f16037, 0x20338d3 }
-    },
-    {
-        { 0x53554b0, 0x4adcdae, 0xe04c4db, 0xfea4906, 0x7748233, 0x0808bec,
-          0x47148d7, 0xde7477c, 0x03da38c, 0xdd9124c, 0x25ee8e9, 0x6b25031,
-          0xb0d6161, 0xae67399, 0x82203b6, 0x70c4acd },
-        { 0xd31dae8, 0x9683916, 0x1ac7f69, 0x3477503, 0x988e4ad, 0x9553153,
-          0x53a15e1, 0xb58f411, 0x92ba2dd, 0xb65a2d4, 0xa90169c, 0x7c3efb1,
-          0x6b1747d, 0x210f45e, 0xcff488d, 0x16e8d1b }
-    },
-    {
-        { 0x9d703db, 0x252adf8, 0xfdfeb39, 0x259ac1d, 0x115e806, 0x7faf6af,
-          0xc1aff21, 0x7aaefd6, 0x7c0113d, 0x8054210, 0xe19b4b1, 0x481f1a5,
-          0xfcc8c61, 0x7c17d43, 0xbb0bbbe, 0x8b04452 },
-        { 0x4cebae1, 0xe51e5f5, 0x56a414c, 0x05341ba, 0x7fb8a30, 0x0083a2c,
-          0x77f4952, 0xb4663f2, 0x4bb0074, 0xce72eec, 0xa3584d1, 0x74fdd66,
-          0xb02e076, 0x6b9e58e, 0x3b961f4, 0x5be45d5 }
-    },
-    {
-        { 0x1ab2e0b, 0xc7474f3, 0xf4bf454, 0x2838ccb, 0xf3c3eac, 0x634392e,
-          0x137602b, 0x440e40a, 0xd1ae8e3, 0xeea67e9, 0x77e221e, 0xafdf93a,
-          0x2719a10, 0x3c9f3da, 0x32c8256, 0x466ecef },
-        { 0xf9c432f, 0x1061c19, 0xb1c7d98, 0xa1332d9, 0xa425c2c, 0xbc735f2,
-          0x4b1bccb, 0x1429cdf, 0x6bbb5f9, 0x77b42a1, 0x5955ae4, 0x30078e3,
-          0x21cc315, 0x8acd777, 0xe86fa99, 0xaa90d5f }
-    },
-    {
-        { 0x721115a, 0xfcfd460, 0x08269b8, 0x6a7de3e, 0x96dd47e, 0xe5964a6,
-          0x8dca975, 0x6717cd5, 0x98b149e, 0x7ea4ebe, 0xb7b8057, 0x6f894d5,
-          0x7f30e31, 0xbd6f960, 0x23df092, 0x61ca453 },
-        { 0x9d782f3, 0x32241f9, 0x2abfae2, 0x55173b0, 0xd15bbbd, 0x0abe0ed,
-          0xb438abb, 0xb6d3c0a, 0x9ffa20b, 0x62fb467, 0xd31560a, 0x30926b5,
-          0x2a0aa6d, 0x44bf27c, 0x1a4cb97, 0xf747313 }
-    },
-    {
-        { 0xb0535de, 0xa2f6c0d, 0xc855166, 0xcb02ae1, 0xb3422f0, 0xc699e6b,
-          0x281ba8a, 0x774febe, 0xffabcc7, 0x1d9d24f, 0xfe12ba5, 0x0b31ba1,
-          0x13d0af7, 0x4c86803, 0x2f47160, 0x90640d3 },
-        { 0x5876603, 0xa0c4bf4, 0x950ab08, 0x717f6fa, 0xa710de8, 0xf12bb53,
-          0x6a88f50, 0xc500c61, 0x2645351, 0x0070f99, 0x2446893, 0x57aab5d,
-          0xb68f657, 0xd553fa8, 0x693c55d, 0xe8537c1 }
-    },
-    {
-        { 0x7fc7684, 0x58e86eb, 0xbfc73a9, 0xdf330f7, 0xcc11936, 0x41e337d,
-          0x6e35759, 0x36d9200, 0x3500d8b, 0x0132703, 0x9483354, 0xfa68405,
-          0x667851b, 0xc8f2980, 0x18296b0, 0x538ec89 },
-        { 0xcff55f9, 0xa2a2c4f, 0x60d20bd, 0xb260d4d, 0xd9cc59f, 0x3ed576f,
-          0xd514fcc, 0x4ed8c64, 0xc22b315, 0x37ebfb2, 0x94c212c, 0xca67a36,
-          0x3a1795e, 0x4f8e08c, 0x4e7261f, 0x498f926 }
-    },
-    {
-        { 0xc59b3d4, 0xfea7382, 0x3f2925f, 0xb9942ed, 0x8ea77e8, 0xe4b00dc,
-          0x3cab02e, 0x74a18ec, 0xef16d0b, 0xbbbb752, 0xffab032, 0x639da4f,
-          0x3aa30f0, 0xc371a4a, 0xcaa175b, 0x8e26b22 },
-        { 0x7e2b62e, 0x94e4156, 0x25a794c, 0x7cceea6, 0x479f015, 0x931d2f4,
-          0x90b25b2, 0x946183d, 0x68a2807, 0x1504e97, 0xfa49ddd, 0xa7577d3,
-          0xdd48699, 0x24fc87e, 0x3d7d99c, 0x9edefd6 }
-    },
-},
-{
-    {
-        { 0x0f0b450, 0x0508b34, 0xc36f7f4, 0xe0069a5, 0x2a5a761, 0x2655664,
-          0x848e04d, 0x0193fd8, 0x73fe2e7, 0xc108cf5, 0xfd787d4, 0x05eb0ec,
-          0xff28985, 0x1555ccb, 0x651b995, 0xb5af09f },
-        { 0xe1134be, 0x167d72c, 0x57c669a, 0xd6d98bf, 0x6dd76fa, 0x40fb716,
-          0x2a41b31, 0xeabbf20, 0x09b75b0, 0x300ff0e, 0xd9a0c1e, 0x32b6fad,
-          0x65a80e0, 0x8051883, 0x32110fe, 0x8bef693 }
-    },
-    {
-        { 0xbef47d4, 0x637802f, 0x2d16eaa, 0xfac114b, 0x0415644, 0x7b3f3ab,
-          0x2dd895b, 0x17ab8d1, 0x87195f3, 0x271b7fe, 0xa71f65f, 0xa3f867e,
-          0xc80583a, 0x39ba40c, 0x56e1fcc, 0x6db0672 },
-        { 0x06662a8, 0x4feab4e, 0xc74bd46, 0xc857415, 0x732b126, 0x18032ed,
-          0x7a099ea, 0x87c8aea, 0x36fe0a8, 0xb4a7535, 0x27673f6, 0x33a98da,
-          0x2b8e549, 0x3e40c02, 0x9a4c587, 0x2def1af }
-    },
-    {
-        { 0xa8c9ad9, 0x9618b68, 0x49defda, 0xd70b4aa, 0x5f788ef, 0xae8b138,
-          0xdd523f4, 0x87c3542, 0x5c5b004, 0xe42c705, 0xfa7df57, 0x6303360,
-          0x5f6d068, 0x33e27a7, 0x8ff331a, 0x9b3268e },
-        { 0x23ee0c3, 0x845cc96, 0xac80084, 0x003af70, 0x530c41d, 0x6a9f931,
-          0xbb127f0, 0xa1d7051, 0xca36245, 0x642ce05, 0x0323ee9, 0xc34205b,
-          0xb7b3513, 0x7cc8912, 0x076cbdb, 0x6252cc8 }
-    },
-    {
-        { 0x7089522, 0x10e68a0, 0x58fc658, 0x36c1361, 0x74723a4, 0x490397d,
-          0x519d56c, 0x42692c0, 0xf1ff235, 0x69d251b, 0xc2cbf37, 0xe689d03,
-          0x825b7f4, 0xf04ceba, 0x2281c2e, 0xd6b9bee },
-        { 0xe0043ab, 0xc52ef3f, 0xd1d1be8, 0x351bf28, 0x0f18a5a, 0x277615f,
-          0x5d6800f, 0x31f717f, 0xab922e2, 0xf5fb82d, 0x2d6ae43, 0x99aee2f,
-          0xc63b982, 0x42477fe, 0xa594a01, 0x904aeb1 }
-    },
-    {
-        { 0xeb39974, 0xaa82174, 0x95e6aa0, 0xbc38e61, 0x25c0675, 0x6a3df8a,
-          0xffbe739, 0xf324203, 0xa3f0649, 0xfa5a0b4, 0x7a7a6b8, 0x79c8732,
-          0x40ad3f5, 0xeb65ecd, 0xe4e45c5, 0x718d416 },
-        { 0xe2326fd, 0x029dbf4, 0xe7942f0, 0x0c63416, 0x6f4e678, 0x6d0c728,
-          0xa138601, 0x59f0b10, 0x8d92ea9, 0x8a1d978, 0xc22eca5, 0x9f8d712,
-          0x7b6b96b, 0x7397044, 0xe6fb955, 0xa2d49ee }
-    },
-    {
-        { 0xbf14a19, 0x249f900, 0x63a8cd2, 0xd3522da, 0x86964d2, 0x28a32f3,
-          0xc1fa743, 0xacf712b, 0x0bb94d3, 0x98a9bfc, 0xbc06824, 0x318ece1,
-          0x4fce7f0, 0xfc47675, 0xe4135b7, 0x19caec9 },
-        { 0xc6817bb, 0x6de68a8, 0xf3b6d89, 0x7121960, 0xf5a818e, 0xa7d4261,
-          0x9157455, 0x0c0ba51, 0x450d5ff, 0x78b6acf, 0x4e8649a, 0x198b493,
-          0xfd05da3, 0x0941a3c, 0xdb55951, 0x264ea4a }
-    },
-    {
-        { 0x46e5a31, 0xcfee91c, 0xfff7366, 0x47b6806, 0x5df849d, 0xdb14be4,
-          0xac66cc7, 0x3c5e22b, 0xa5f4769, 0x7f3f284, 0x383be36, 0x4e00815,
-          0x8072b0b, 0x39a9f0b, 0xc7eadd6, 0x9887cd5 },
-        { 0xb659511, 0x7dd8f05, 0xd2e1cb9, 0x15c796d, 0x0d31345, 0xe5edb0c,
-          0x6939c60, 0x2025df0, 0xbf15de1, 0x6314c08, 0x04c7fb5, 0x03c1548,
-          0xbb5d3ed, 0x413337f, 0x477e983, 0xfc20b40 }
-    },
-    {
-        { 0x5db0ef9, 0x7f96880, 0xe9c2a70, 0x05562de, 0x7dae133, 0x071e5bc,
-          0x237fc4a, 0xa8cdd12, 0x4ea492b, 0x6d565e7, 0x381ee52, 0xa17cf94,
-          0x9f5c546, 0x6ab8a4e, 0x40288ef, 0xbb642f3 },
-        { 0x5df5c2d, 0x64e5921, 0xbb906f4, 0x43696e3, 0x74ae46c, 0x73a841a,
-          0xc506b8a, 0xe264883, 0xa1be548, 0x9542e1a, 0x5e81b4a, 0x8938539,
-          0xeaca6ce, 0x5642cfa, 0x806e0f9, 0xed8077b }
-    },
-},
-{
-    {
-        { 0x7e13597, 0x1c776c4, 0x9e584fd, 0x0ec8b28, 0xb8b61e8, 0x0bb6043,
-          0x9cd835b, 0xdcc1748, 0x39fef9a, 0x493e6ac, 0xd133e17, 0xb44eb34,
-          0x71cb6f9, 0xfebcd00, 0xd20eff2, 0xe6cf543 },
-        { 0x0a004c7, 0xf265cad, 0xd35cc12, 0x9b06c9d, 0xcb4ea53, 0x769f985,
-          0x0993434, 0x29160a2, 0x8d939c4, 0xdf8dd10, 0x6711e2f, 0xefa177c,
-          0xcd7a2cd, 0x1695790, 0x77f6642, 0x38da3d7 }
-    },
-    {
-        { 0x6307b74, 0x9bfcfd9, 0xbfdabc3, 0xc26a36d, 0x4abe28e, 0x9341be0,
-          0x73d1387, 0xdb20b52, 0x3d1949c, 0xf8d229c, 0xb8b3a41, 0xf1e0afe,
-          0xed565d0, 0x29c60df, 0x8b43b2c, 0x6930bb5 },
-        { 0xfc0718f, 0x1d76527, 0x1f67189, 0xdb98143, 0x51f32cc, 0x0c62f64,
-          0x8bd35e5, 0x70a6626, 0xc1cece7, 0x1725641, 0xf96f4a4, 0x7f130a8,
-          0xf06ee98, 0x72319e9, 0x67bf9b2, 0x215b738 }
-    },
-    {
-        { 0x0aaddd7, 0x8d1bec2, 0xb8be4f9, 0xfb8b95b, 0xfde1026, 0xeac193e,
-          0x9d5860c, 0xa5edea7, 0x44280d3, 0x4adbaea, 0x38f4798, 0xce8b670,
-          0xec30dea, 0x914c107, 0x000776b, 0xbdc5cf7 },
-        { 0xa206a13, 0xb6fd7d1, 0xdae986e, 0x9941eba, 0x1f1caaa, 0x76c27a8,
-          0x3f108b4, 0x6967c12, 0x4aea2d0, 0x6f11528, 0x144ddac, 0x9bb4319,
-          0xc8ec6fc, 0x1a4d3ea, 0xbf37420, 0xfe4b0b8 }
-    },
-    {
-        { 0xec0ac6f, 0x5d9a4a1, 0xfc7c80d, 0x84b79f2, 0xc14fac3, 0x64222f7,
-          0xc23b3f2, 0xdd9e039, 0xea956bb, 0x4a84abd, 0xebe09dc, 0x370dcba,
-          0xe0eaf82, 0x79a9ea8, 0xaee375f, 0x4cfb60a },
-        { 0x9106827, 0x6a10dbf, 0x43f305b, 0xa3ba5cf, 0xc1bb083, 0x481b885,
-          0xb3117b1, 0x2f52380, 0xddd6791, 0x0066122, 0x63bace3, 0x4f8923e,
-          0xecb88d4, 0x5c5f499, 0x3bac146, 0xfdc780a }
-    },
-    {
-        { 0x7ba1f71, 0x34b70ae, 0x45bd184, 0x9091829, 0xe707313, 0x3b39778,
-          0x6164e91, 0xdeefc5e, 0x4971f39, 0xbb55bed, 0x8dafc8b, 0x7d52339,
-          0xa6adf0f, 0x82391bf, 0xe319522, 0xfd6f90a },
-        { 0xf29bbc9, 0x60fdf77, 0xaaa4030, 0xeff9ed8, 0xf8c0d3f, 0x978e045,
-          0xeed65cd, 0xe0502c3, 0x3cfd4c8, 0x3104d8f, 0xa639005, 0xab1be44,
-          0x9eeab3f, 0xe83f431, 0x451d797, 0x01970e8 }
-    },
-    {
-        { 0x3180f4b, 0xbc972f8, 0x617779d, 0xac053c0, 0x7fa149f, 0x89392c5,
-          0xbcb6263, 0xdc4699b, 0xce12882, 0x0ae8b28, 0xaf1a4dc, 0xdca19a7,
-          0x64e1a74, 0xd3d719f, 0xaffdd5d, 0xbb50201 },
-        { 0x7ac30e9, 0x56f7310, 0x1878900, 0x65cc9c7, 0x27338a3, 0x83f5866,
-          0xac5bb13, 0x122adef, 0x1bcd4d5, 0x97de200, 0xb8aa3a0, 0x6ed3985,
-          0x6821f9b, 0x8680f1d, 0xdda9f98, 0xcb42028 }
-    },
-    {
-        { 0x0ec2db3, 0xcdb0708, 0x3dad1a1, 0xe28c833, 0xde2da07, 0x2093e32,
-          0x83b8987, 0x7317073, 0xf552b8d, 0xad17871, 0x51cf70a, 0x846da98,
-          0x5c4f5e1, 0xf94a16e, 0x0f8348a, 0x8429996 },
-        { 0x98db78a, 0x4bf3f68, 0x3d19b52, 0xad77fa8, 0x8b972dc, 0x6976772,
-          0x5321be0, 0x7dfa35a, 0xdd344a6, 0x9881846, 0xad4e2a8, 0xe550292,
-          0xbc68bf1, 0x8075217, 0x893be15, 0xdd837c4 }
-    },
-    {
-        { 0xd4fab5b, 0x09c931e, 0xb77a0f1, 0xb2dcf08, 0xe0d38a6, 0x7dac5c0,
-          0x0ae73af, 0xa5570b0, 0xf5aed28, 0xc7c19d3, 0x5251e92, 0x575fa6f,
-          0xcdf7275, 0xb843cd6, 0x9a01287, 0xd9d3d8e },
-        { 0xb3c370b, 0xf94e356, 0xfe464b0, 0xc62b99f, 0xa986057, 0x7792650,
-          0xc4b1874, 0xeaa67d5, 0x0b07078, 0xba1ba4d, 0x7a03699, 0xdbf636d,
-          0xedd32a3, 0x1a16c34, 0xa45cb5d, 0x6ce2495 }
-    },
-},
-{
-    {
-        { 0xa684441, 0xd7c4d9a, 0x30cd42a, 0xce62af6, 0x43014c4, 0xcd2669b,
-          0x6f65b24, 0xce7e711, 0x576fa19, 0x1847ce9, 0x9dd8ca6, 0x82585ac,
-          0xb42e1db, 0x3009096, 0x384ab8b, 0x2b2c83e },
-        { 0xb4e9a6e, 0xe171ffc, 0x7374b40, 0x9de4218, 0xdb1d616, 0x5701f9f,
-          0xa3e8cbc, 0x211e122, 0x1e400bf, 0x04e8c1a, 0x0f37159, 0x0297470,
-          0x3df8c28, 0x41775d1, 0x61ac2db, 0xcfaad4a }
-    },
-    {
-        { 0x7dc0f49, 0x6341b4d, 0xf471a53, 0xaff6c2d, 0xfb8e91e, 0x20ec795,
-          0xc3b7b62, 0x4c7a4df, 0xd374938, 0x9f33ff2, 0x3a60f2e, 0x38f8c65,
-          0x2efef73, 0xc1168ac, 0xce408ee, 0x046146f },
-        { 0x308b0c3, 0x9b39ac0, 0x36b8570, 0xe032d61, 0xfc4aacf, 0xee07d8d,
-          0xd5a41dd, 0x0a82acb, 0x7c3d726, 0xbe0ded2, 0xb926ce9, 0xce51d60,
-          0x5806c1e, 0xfa2f7f4, 0x1dec59c, 0xe367c6d }
-    },
-    {
-        { 0xda2547b, 0x64511b6, 0x0761405, 0x76a349c, 0x01223ab, 0x37d6626,
-          0xf4d7c48, 0x0e243c1, 0xda756a0, 0xdc9c8b4, 0xd72e7e9, 0xc7430df,
-          0x27b4210, 0x0eb1308, 0xcf11cbd, 0x7a9c044 },
-        { 0xe8dd150, 0x2c08ff6, 0x2932fc6, 0x18b738c, 0x04513e8, 0x07d5651,
-          0xaa40a17, 0x0ca5cff, 0x01baa8f, 0xd486341, 0xb72b79e, 0xfb20faf,
-          0x654020f, 0x1a051e5, 0x4e17f23, 0xe3b3317 }
-    },
-    {
-        { 0x4de9428, 0x0591048, 0x5abdf97, 0x620542a, 0xa16a4d1, 0xaa0eded,
-          0x6d65bb9, 0xa93f71c, 0xb8dfaf9, 0x88be135, 0x57ca8ee, 0x1d9f4e5,
-          0x26781ad, 0x4c896aa, 0x6c6c49f, 0xd3fbe31 },
-        { 0x2c34c3d, 0x088d852, 0xbadff1e, 0xbb6d645, 0x385450d, 0xe3080b8,
-          0x50ab1f3, 0x5ccc54c, 0xac0657d, 0x4e07e6e, 0xb7ef2c0, 0xa7ba596,
-          0x73a81e9, 0xcceca8a, 0x8284c35, 0xa0b804c }
-    },
-    {
-        { 0xf17a6a2, 0x7c55956, 0x789cfa8, 0xb451d81, 0x2506eaa, 0xdf414e8,
-          0xae96562, 0x6ef40fb, 0x0e0297e, 0x63ea283, 0x73c46fa, 0xf5df26e,
-          0xaac8bce, 0xe00641c, 0x64371f3, 0xc89ed8f },
-        { 0x793202e, 0xd22b08e, 0x875cb50, 0x39a9033, 0xf85ddb4, 0xe64eec0,
-          0x7acf7b5, 0xdce45a7, 0xb9b802d, 0x39d1e71, 0xbd559ac, 0xafdfe7c,
-          0x809eeb5, 0x17ec1f8, 0x4889b8c, 0x8c0e38a }
-    },
-    {
-        { 0x17089da, 0x47eabfe, 0xec90c50, 0x2d18466, 0x5861531, 0xa511aa4,
-          0x8c39b39, 0xebb3d34, 0xf1b5282, 0xa0ac4da, 0xa9dadba, 0xea26be7,
-          0x554d86e, 0x8992ba8, 0xd5f2ef5, 0x7fcbdb6 },
-        { 0x56863e7, 0x320e79b, 0xa7dce2d, 0xeb9d0c0, 0x784cbc6, 0xb9f4031,
-          0x7ac1f81, 0x68823ee, 0x9d87497, 0xa6b6f4f, 0x57f9b6e, 0x83c67b6,
-          0x0fef2a7, 0x3735747, 0x59596e2, 0xf38028f }
-    },
-    {
-        { 0x7e82886, 0x9ea57ab, 0x48c44d5, 0x18221c5, 0x314a24f, 0xbf8e6cf,
-          0xfd025e5, 0x70ff18e, 0x5334468, 0x08d03de, 0x7404fb7, 0x2b206d5,
-          0x55e36b0, 0xb923271, 0xb88ddd9, 0xcc7604a },
-        { 0x4a746f0, 0x3df5152, 0x168e3fc, 0x8fdebd8, 0x7f8c32c, 0xffc550c,
-          0x148743e, 0x1dbbc17, 0xb88e18b, 0xd48af29, 0x750027c, 0x8dca11c,
-          0x1832be3, 0x717f9db, 0x2b06019, 0x22923e0 }
-    },
-    {
-        { 0xc1cc4d3, 0xd4e06f5, 0x2b4f03a, 0x0fa32e3, 0xc4628d0, 0x956b9af,
-          0x939dad1, 0x95c39ce, 0x8a00416, 0x39d41e0, 0x6fb01aa, 0xfd7ff26,
-          0x45af340, 0xc6033d5, 0x8e36584, 0x2f65542 },
-        { 0x8dff960, 0x14cfb1f, 0xda81474, 0x7236ffc, 0xd452d0f, 0xc6a6788,
-          0x77f6094, 0x2ad4a52, 0x07eea74, 0x369d65a, 0xd6229aa, 0x27c6c38,
-          0x8863976, 0xe590e09, 0xb38b142, 0x361ca6e }
-    },
-},
-{
-    {
-        { 0xdfeb7ef, 0x6803413, 0xd3f4fad, 0xb669d71, 0xc941606, 0x5df402a,
-          0x8e6c5b7, 0xe5d1776, 0x92ab236, 0x131bcb3, 0xce2e0e0, 0x7f1fb31,
-          0x9e98c35, 0xa2c020d, 0xf28657b, 0x33b23c0 },
-        { 0x9cf7879, 0xed14e73, 0xb4357b3, 0x10d4867, 0x31e4e04, 0x127cea3,
-          0xaa5f8a7, 0xc60d25f, 0x025b987, 0xfef840a, 0x66f2a0a, 0x78081d6,
-          0xac36198, 0x0fa0b97, 0x134dc9f, 0xe0bb919 }
-    },
-    {
-        { 0xcc32eae, 0xc1d2461, 0x0f79a37, 0x0fdbfdf, 0x1c95f02, 0x70f2bc2,
-          0x372cddf, 0x7d68bec, 0x8439342, 0x44f7817, 0x4843a6c, 0xa3d5678,
-          0x07f8959, 0xbadf77a, 0x73db4ca, 0xf458198 },
-        { 0xd54f805, 0xe8eaaf3, 0xb84c1e7, 0x2f529d1, 0x21e535c, 0x404e32e,
-          0x159b5f5, 0xabac85c, 0xb00466f, 0x4e8e594, 0xc941873, 0x40fcaab,
-          0xbe407c6, 0x3b4e370, 0x5b2e58d, 0xccd5788 }
-    },
-    {
-        { 0x88b74a8, 0x3ee615e, 0xeab4e69, 0xd7d6608, 0xe4ace36, 0x27cf9f1,
-          0x7aebabb, 0x282359e, 0xf6d162f, 0x96e509b, 0xf1a290a, 0xad906f3,
-          0x1314a58, 0xe7d6c4f, 0x218431d, 0xeecffe4 },
-        { 0xe2cfed9, 0xa66e0e9, 0x71f0544, 0xb0887ec, 0xa04c5d7, 0xd34e36b,
-          0xed4392d, 0x094daa5, 0xc8aa925, 0xcda83ad, 0xb979786, 0x1adef91,
-          0xfddc5d6, 0x3124dcb, 0x0b70c14, 0x5cc27ed }
-    },
-    {
-        { 0x0eac2d8, 0x386dbc0, 0xc50ca30, 0xa716ecb, 0x80d9f04, 0x9e3fc05,
-          0xcfeaceb, 0x37dde44, 0xa3522d5, 0xd88d74d, 0x2cf239a, 0x6bb9e9f,
-          0xa7cbfec, 0x9e7fb49, 0x0a5c0ef, 0xe1a75f0 },
-        { 0xfb9229d, 0x6e434e7, 0xc8a79b3, 0x0ec6df5, 0xd3fb311, 0x7046380,
-          0x52e20fa, 0xe957ef0, 0x9ef4614, 0x0f4fe9a, 0x54d8f2b, 0x1b37d9c,
-          0x39d84a2, 0x23b2dc1, 0x724e713, 0xf62c4f6 }
-    },
-    {
-        { 0x747e219, 0xbd6922c, 0x3869b7b, 0x34d1438, 0x96f2272, 0x8c875a5,
-          0x3fe361e, 0xd9602c0, 0x744839f, 0x081348f, 0x61ac1f1, 0x61bd16c,
-          0xd8da4e1, 0x993b727, 0x7741271, 0xbb40ba8 },
-        { 0x81dcfff, 0xe6dcc98, 0x93ce616, 0x9f513f5, 0x618cd8f, 0xdc09683,
-          0x26639be, 0xc3b1d10, 0xc762ee2, 0xe8f149f, 0xb244aae, 0x59f26ef,
-          0x693dd96, 0x3f2de27, 0x9c3a7de, 0xd8b68f7 }
-    },
-    {
-        { 0x970bd5b, 0x6fa20b9, 0x75f6179, 0x87242d7, 0x72d9308, 0xa95a6c6,
-          0x37a8a58, 0x6eb2518, 0xc59562c, 0xfdea12a, 0x20f1fc3, 0x4419c1e,
-          0x9d66788, 0x0c1bd99, 0x32c0547, 0x4b74288 },
-        { 0xdf479ab, 0x4f38acc, 0xc52a942, 0x01f6271, 0x02ca9a7, 0xe3298f4,
-          0xb718fc8, 0x533daca, 0xb093ca8, 0x133602a, 0x8f98104, 0xc04da80,
-          0xaf08620, 0xd0f2e23, 0x178b164, 0x882c817 }
-    },
-    {
-        { 0xec30a71, 0x28e6678, 0xf78aca1, 0xe646879, 0x88fa078, 0x868a64b,
-          0xfee3433, 0x671030a, 0x87c0211, 0xb2a06bb, 0x46c406a, 0x202eca9,
-          0xe4f0f59, 0x64d6284, 0x3c9f907, 0x56ae4a2 },
-        { 0x1dcc100, 0x5abbb56, 0x07c7784, 0x6fef6cf, 0xdb7302d, 0xb6e25cd,
-          0x42980e8, 0xa26785b, 0xfb96801, 0xe7d4043, 0x8e4282b, 0x46df55d,
-          0xc602d6e, 0x9c0a5f5, 0x75dfe29, 0xf065604 }
-    },
-    {
-        { 0x3dcbc90, 0x0e82a1a, 0x656feac, 0xb1ee285, 0x0d3d3b2, 0xfa4353b,
-          0xdd5c5df, 0xc2e7a6e, 0x416ce53, 0x13707e1, 0x87ebc07, 0xc84ce07,
-          0x8a9a834, 0xdd273ce, 0x5e8e1e7, 0x432a617 },
-        { 0xbd0064a, 0xa359670, 0x6534516, 0xc899dd5, 0xdb27169, 0x666560e,
-          0xa19a068, 0x1537b22, 0xeac7527, 0x3420507, 0x6fc13a7, 0x479f25e,
-          0x1bc19b3, 0xc847acc, 0x0b20d45, 0xecdecf0 }
-    },
-},
-{
-    {
-        { 0x4acea57, 0x6f24100, 0xda68597, 0xdace1c6, 0x50ce77f, 0xea7dd41,
-          0x1585884, 0x1aecb84, 0xea4a85c, 0x92ff208, 0x88eebd2, 0xde9433c,
-          0x3f4d289, 0x53cd318, 0x26539af, 0x3970858 },
-        { 0xb827d87, 0x4b57599, 0x3d77638, 0xdc82ac0, 0x52f6e61, 0x6943366,
-          0xad5e8a6, 0xb8fc4b0, 0xf388642, 0x1b6f7dc, 0xa74dd57, 0x6f24533,
-          0x41750cf, 0xc669378, 0x28a37af, 0x06757eb }
-    },
-    {
-        { 0xc133995, 0x0e70d53, 0x7c8c97d, 0x88a5e0c, 0x85f3be3, 0x4e59dbf,
-          0x0e92698, 0x0f364ac, 0xef6940f, 0x3a1e79b, 0xd85d23a, 0xc8a3941,
-          0x9a00e58, 0x143bb99, 0xc6f2f10, 0x61cf7d6 },
-        { 0x85150fe, 0x979c994, 0x59d773f, 0xcfd0df2, 0xaab7bcd, 0xce97b9d,
-          0x6afd8fc, 0xc9fff8e, 0x89a4628, 0x246befd, 0x1567090, 0xf630282,
-          0x6749c58, 0x1539342, 0xa0f3fd3, 0xff47d0e }
-    },
-    {
-        { 0x35f6706, 0x09b0bfd, 0x2c82e69, 0x7464581, 0x50d5fe9, 0xb60729f,
-          0x95c74f1, 0xf133245, 0xbb76c89, 0x33647e3, 0x5a9afcc, 0x0126404,
-          0x0f154ab, 0x46d57ee, 0x25680a4, 0x2efa555 },
-        { 0x5329d90, 0x12ebfc6, 0x79800af, 0xcb37ae5, 0x6f8e310, 0x5bb5349,
-          0xf1bb936, 0x9b59c63, 0xf4610e9, 0x5b49baa, 0x4f2d6ac, 0x2bbeeef,
-          0x0badc67, 0x87ee21e, 0xf1ddfa0, 0x12e2aad }
-    },
-    {
-        { 0xa9109ee, 0x5b4668f, 0x8a6cea2, 0xfa95133, 0x4068e16, 0xe45e6fc,
-          0x0205ed8, 0x8ae9a0c, 0x679b79b, 0x2993b96, 0xed604d3, 0xc6b878f,
-          0x32c77f3, 0x01d0208, 0x495a1ab, 0xd45d890 },
-        { 0x29d2030, 0x99348fa, 0x61f8f7a, 0x961f9a6, 0x674f74b, 0xfd53212,
-          0xb3e72bc, 0x45cee23, 0xb77e2d5, 0x3fccb86, 0x4219cb7, 0xdff0310,
-          0xc056871, 0x233771d, 0x7d2c521, 0x1214e32 }
-    },
-    {
-        { 0xff2a8e1, 0x9f51e15, 0x138bc70, 0x86571c5, 0x0c09d46, 0xbfc4caf,
-          0xc2a0c18, 0x65e33fe, 0x426867d, 0x8214392, 0x80ae4ed, 0x51ce6c0,
-          0xb110de6, 0x6cbe8d7, 0xfd22ea4, 0x7f6e947 },
-        { 0xcadefc4, 0x7373a75, 0xb0c682f, 0x6fca1d2, 0xf3c7c1e, 0xcd2140d,
-          0x558b7a5, 0x8653a37, 0x55eb321, 0x653e74e, 0xc31af73, 0xbe0c6b3,
-          0xf4fc365, 0x3376379, 0x71add4d, 0x3570b37 }
-    },
-    {
-        { 0x83c3494, 0x9061ec1, 0x677bc95, 0xaf2f28d, 0x3bf8768, 0x6fe7279,
-          0x0fa86d8, 0xc5f50e3, 0xa3293ce, 0x6c03060, 0xe2355a6, 0x4d53357,
-          0xe4df931, 0x43a59ea, 0x13b79c6, 0x6f48f5d },
-        { 0xddc5192, 0xa4d073d, 0xa65773f, 0x6d0e318, 0x765de9e, 0x1008792,
-          0x39a0375, 0xa724ed2, 0x97d7c9e, 0x510ff14, 0x5baa863, 0x251f622,
-          0x648a351, 0x86464fe, 0xd50fd91, 0xf85e98f }
-    },
-    {
-        { 0x86ee987, 0x29c9634, 0x10dcc9f, 0x93e8e52, 0xc910b1f, 0xa1fc4d1,
-          0xfeb603e, 0x015acac, 0x0844a5f, 0xc9f25f8, 0x73f4dac, 0x50de93c,
-          0x310a4aa, 0x1758783, 0x358f106, 0x544d570 },
-        { 0x1dc68ca, 0x4eeec7b, 0xe00fbcb, 0x6238e6f, 0xb4e83c9, 0x34d394c,
-          0x2292656, 0x764ffa2, 0xf641f2e, 0x5614cd1, 0x9e07234, 0x4252eb6,
-          0x68d2ba4, 0xcbaef45, 0x8a98b17, 0x8c9c550 }
-    },
-    {
-        { 0x4106140, 0xf235d9d, 0x9eb601e, 0x1bf2fc3, 0x375e0c3, 0x6fb6ca9,
-          0xc0024d2, 0x4bf5492, 0xeb54cc6, 0x3d97093, 0x5c90cb5, 0xc60931f,
-          0xfbe0f1a, 0xfa88808, 0xd33e7d4, 0xc22b83d },
-        { 0xc0abbf5, 0x9cfec53, 0x93723df, 0x52c3f0a, 0x39b96b6, 0x0622b7e,
-          0x1667270, 0x300de28, 0x9ef426a, 0x50b66c7, 0xc6eb295, 0x8849189,
-          0x8914a7e, 0xeaec3a9, 0xc4c99e0, 0x7ed56b0 }
-    },
-},
-{
-    {
-        { 0x687e557, 0x7926403, 0x5310017, 0xa349816, 0xd43a8fd, 0x1b06e91,
-          0x6ac23cb, 0xf201db4, 0x4f48750, 0x6f172ad, 0xe74bd3e, 0x5ed8c8c,
-          0xdaba648, 0x492a654, 0xa9b64ff, 0x123010b },
-        { 0x6e89f93, 0xa83125b, 0x398378a, 0x3a3b0b0, 0x0aebe7c, 0x9622e0b,
-          0x49512a4, 0xb9cbfdc, 0x6aaf12a, 0x13edffd, 0x9f5eafd, 0x555dff5,
-          0x1212efa, 0x3cba6fe, 0xd9bb0f8, 0xd07b744 }
-    },
-    {
-        { 0x9a48920, 0x45732b0, 0x13ff36d, 0xf3080fc, 0xde8f950, 0x9347395,
-          0x382b897, 0x14d025a, 0x04d72ad, 0x60c5a74, 0x11a9c71, 0x30be7e5,
-          0x31ac33a, 0x43ffabd, 0x35cbb14, 0x97b06f3 },
-        { 0x7740de9, 0xe4ff5c5, 0xaacf81e, 0x5fed090, 0xe8b7c9d, 0x97196ee,
-          0x045910b, 0x316dcd1, 0x5ad8c63, 0x7a2b2f5, 0xc5b03bb, 0x674fffd,
-          0xe65953c, 0xc1cd133, 0x0a83556, 0x3c06052 }
-    },
-    {
-        { 0x091c23d, 0x797c3f6, 0x39c9c05, 0x2ea2de3, 0xa31f67c, 0x5d958b4,
-          0xd5f088c, 0xf97afe5, 0x0b37243, 0xbcfbd2a, 0xeca630c, 0xc43ad3e,
-          0x42845e0, 0xb92a337, 0xa9a0f16, 0x970bff7 },
-        { 0x5970a79, 0x8635511, 0xf205928, 0xcee332e, 0xc04c208, 0x2c58d70,
-          0x3f5e5bf, 0xdbfe19a, 0x8e51c56, 0x8f8f2c8, 0x8e2da75, 0xb61f58e,
-          0x624d93f, 0x4046a19, 0xe1f9538, 0x7de64db }
-    },
-    {
-        { 0xc2d850e, 0xd018e1c, 0x63a723c, 0x8cdb643, 0x90a42af, 0x9a65abe,
-          0x16f20cc, 0xfeece96, 0xd5cff56, 0xc906800, 0x3f0deed, 0x0acf23a,
-          0x728dd3a, 0x2143061, 0xb8ce34c, 0x66276e2 },
-        { 0x73cc9c7, 0x23700dc, 0x5b1778b, 0xdb44851, 0x4aab669, 0x330f41e,
-          0xf5282a4, 0x2f5aabc, 0x30f9e01, 0xff837a9, 0x901cc98, 0x1a1eb2f,
-          0xe69bd7f, 0xd3f4ed9, 0x8a72a7d, 0xa6b1141 }
-    },
-    {
-        { 0x9ea3b43, 0x34bde80, 0x5ced6ae, 0x5ddcb70, 0x95a6cb8, 0x8257f5b,
-          0xc77dcb8, 0xaac205d, 0x035b397, 0x77d740d, 0xcf7e0a6, 0xca7847f,
-          0x085601b, 0x9404dd6, 0x457e4f9, 0x0a5046c },
-        { 0xbc11470, 0xcaee868, 0x005c5f6, 0xb118796, 0xec79173, 0xcc04976,
-          0x21f6827, 0x7f51ba7, 0x486ff7e, 0xa8e3f0c, 0xf87838c, 0x327163a,
-          0x6d039fd, 0xcf2883e, 0xdb8b0e2, 0x6fb7ab6 }
-    },
-    {
-        { 0x620d669, 0x8ca5bac, 0xed7caa9, 0xff707c8, 0x927909b, 0xdaefa2b,
-          0x7029da3, 0x1d2f955, 0x6d131a0, 0x52a3ba4, 0x3ab1041, 0xe5a94fd,
-          0x99bc0ae, 0x5089177, 0xfa1bd16, 0xf750354 },
-        { 0x6cd31fd, 0xdd4e83a, 0x92fac84, 0xd335053, 0x1691382, 0xf914cbc,
-          0xda6ade6, 0x669683f, 0x8878513, 0x6944643, 0x4b1a72d, 0x429d3cc,
-          0x61eec36, 0x655c46a, 0x4bc4970, 0x881eded }
-    },
-    {
-        { 0x7ca647f, 0x5b39d37, 0xe917b34, 0x41533c1, 0x7daf734, 0xea2aeb5,
-          0x1286560, 0xf1ef1eb, 0x08e0473, 0x582f2e0, 0x5edc74a, 0x5913d7d,
-          0x3c1e754, 0x588c7ec, 0x7146fe1, 0xbd6db05 },
-        { 0x7634907, 0x3b0d49e, 0xe43b9cc, 0x4c65ce4, 0x2d92d5b, 0xb87e958,
-          0x7ab1519, 0x0513572, 0x8c3aed0, 0x03ec084, 0x561a641, 0x4d7aa21,
-          0x99e92ad, 0xe5f8211, 0x48a457c, 0x379b55f }
-    },
-    {
-        { 0xd6a8442, 0x8317c34, 0xae499da, 0xb0ab4a5, 0x720e8eb, 0xebcb16e,
-          0x9a96908, 0xfd5c563, 0xad23acf, 0xcab4d67, 0xbcdf748, 0xa600a79,
-          0xa2a6a51, 0x18a6340, 0x3aabd69, 0xf2f415c },
-        { 0x747258a, 0xdb38a4f, 0x2e24415, 0xb6ea560, 0xf1f7655, 0xfad1ea9,
-          0xc957684, 0x4e27eb5, 0xb2e1cfc, 0xf8283e1, 0xaa6291c, 0x8f83bd6,
-          0x5619e84, 0x28d23b5, 0x93770a4, 0xb9f34e8 }
-    },
-},
-{
-    {
-        { 0x7515fb1, 0x1bb8437, 0x7b860a6, 0xac73f2a, 0x22b390f, 0x78afdfa,
-          0x66048aa, 0x815502b, 0x85bf620, 0xf513b97, 0x3fc5d7c, 0x2524e65,
-          0x178c969, 0xa10adc0, 0x5391c8d, 0xa1d5396 },
-        { 0xa8bcc45, 0x09fccc5, 0x7710e1e, 0xa1f97d6, 0x897d0a1, 0xd694442,
-          0x5f42400, 0x7030beb, 0x7127908, 0xdebe08c, 0x2187637, 0x96b715c,
-          0xb528129, 0xc598250, 0xa1ccb07, 0x0f62f45 }
-    },
-    {
-        { 0xb765479, 0x8404941, 0x5837dc4, 0xfdecff4, 0xadbd465, 0x1796372,
-          0x3159806, 0x5f84c79, 0x6aaad34, 0x6d2e46b, 0x384b375, 0xd303b4a,
-          0xb392002, 0x440acd5, 0xc475e87, 0x4f2a4a7 },
-        { 0x5606fc2, 0x038e1da, 0x9c2f050, 0x2d821c2, 0xf139db4, 0xc074cb3,
-          0x4ec59be, 0xde2fee7, 0xa84ed59, 0x5a819ee, 0x3e98711, 0xd65c62c,
-          0xb9723c1, 0x72eb440, 0x01be611, 0xb927754 }
-    },
-    {
-        { 0xab9e9fc, 0x929fe64, 0x0bf1e85, 0x04379fd, 0xbc28ee3, 0xb322093,
-          0xe4555e1, 0x78ac4e2, 0xabc5588, 0xdb42b58, 0x77c8b12, 0x1c1b5e1,
-          0x40366c4, 0xf6d78dd, 0xbdae22e, 0xc21ff75 },
-        { 0xa211df2, 0x1e3d28e, 0x3617c0a, 0xc5a65a1, 0x58140d5, 0x3fa02c0,
-          0xb62d10c, 0x155c346, 0xe48268f, 0xc9cf142, 0x1993bc3, 0xdc14083,
-          0x0ee69dc, 0x07c44d4, 0x5e2ac46, 0x6169950 }
-    },
-    {
-        { 0xd0fb585, 0x44e4a51, 0xf1f3ce8, 0x00846be, 0x8e2de1e, 0xedef39a,
-          0x33b3934, 0x430afe3, 0x4337188, 0xac78b05, 0xc9a3f24, 0x0f39de4,
-          0xc9ae6a4, 0x039eddd, 0x8eacd51, 0xf470157 },
-        { 0x9a2f31a, 0x1e39694, 0xb19a8b1, 0xc8a40f4, 0x9d239d8, 0xdddd10c,
-          0x887e066, 0xf974245, 0x3ea28c6, 0xfdb5111, 0xe1122a9, 0xb5af0fb,
-          0x36e0267, 0xd30c89f, 0x74f024c, 0x7b1c0f7 }
-    },
-    {
-        { 0x07a39bf, 0x1ec9956, 0x3a68d15, 0x1c3ecf2, 0x4f59fe9, 0xd8a5c4e,
-          0x271abc3, 0xacb2032, 0x71ef239, 0xbc6bdf0, 0xb39b391, 0x660d7ab,
-          0xb627a0e, 0x2e73bb2, 0x248fc7e, 0x3464d7e },
-        { 0x1666760, 0xaa49249, 0x8582659, 0xa257b6a, 0x5593089, 0xf572cef,
-          0x73ca6bf, 0x2f51bde, 0x764cff5, 0x234b63f, 0xd411a35, 0x29f48ea,
-          0xafe1db1, 0xd837840, 0xd9f4c4b, 0x58ec0b1 }
-    },
-    {
-        { 0x5e6f3dc, 0x8e1deba, 0x06a5ff7, 0xc636cf4, 0xc80ca0f, 0xe172b06,
-          0x5ffb90a, 0x56dc098, 0x9a05e83, 0x895c218, 0x7561ac2, 0x6ddfaec,
-          0x96283a0, 0xaa35749, 0x7e7cd43, 0x6dfb262 },
-        { 0x2c8ca27, 0x6576de5, 0x49018eb, 0x6a4a872, 0x5c34342, 0x00c275c,
-          0xd2d90c4, 0xe34805a, 0xd8743c4, 0x651b161, 0x7312bf3, 0xb3b9d9b,
-          0x0bf7e00, 0x5d4b8e2, 0x78d3d7e, 0x8899bdf }
-    },
-    {
-        { 0xfaa9cd1, 0x9644ad8, 0x6e0e58e, 0x34c98bf, 0x404c637, 0x6022aad,
-          0x7ac013b, 0x2a11a73, 0x5540899, 0x5bdd103, 0x1e022a4, 0x2e67572,
-          0xb834c33, 0xe32045d, 0x2f2d01c, 0x74a260c },
-        { 0xc48841c, 0x20d59e9, 0xe560359, 0x05045dd, 0xac998ac, 0xeba779c,
-          0x00a6218, 0x5bed10c, 0x5327ef4, 0x25d4f8e, 0x4597794, 0xa278474,
-          0x831d11e, 0xefd68ca, 0x934446a, 0x9ad370d }
-    },
-    {
-        { 0x73c92ac, 0x3089b3e, 0x957a75c, 0x0ff3f27, 0xd676f50, 0x843d3d9,
-          0xd496d43, 0xe547a19, 0x8e924a4, 0x68911c9, 0x85b5522, 0xfab38f8,
-          0x83e0ac5, 0x1048811, 0xdc788c4, 0xcaccea9 },
-        { 0xe3c6aad, 0xfbe2e95, 0xb3a6cf1, 0xa7b3992, 0x87d78b1, 0x5302ec5,
-          0x1826100, 0xf589a0e, 0x8610632, 0x2acdb97, 0x9232b26, 0x1e4ea8f,
-          0x9c09a15, 0xb21194e, 0x849b909, 0xab13645 }
-    },
-},
-{
-    {
-        { 0xf3a71c1, 0x92e5d6d, 0x297d661, 0x349ed29, 0x1713fc9, 0xe58bd52,
-          0xb9ddfb5, 0xad999a7, 0x3c28ce0, 0x271c30f, 0x2a9d460, 0xf6cd7dc,
-          0x207dec7, 0xaf728e9, 0xfcb8bf0, 0x9c2a532 },
-        { 0x68bf486, 0xd702184, 0x7ab8ea8, 0x73b45be, 0x1795c93, 0xddfc658,
-          0x6bb8da2, 0x7941660, 0x88e07a2, 0x658f197, 0x26d3d12, 0xa9d5b08,
-          0x9535b52, 0x4d7c95f, 0x268ef8a, 0xad55e25 }
-    },
-    {
-        { 0xa2bc326, 0x94a9b0b, 0x167e5f3, 0x485ecc5, 0xc97fc74, 0x8340bc7,
-          0x07aaa5c, 0x06f882b, 0x849698a, 0x4b57455, 0xb36a0ba, 0xd9281eb,
-          0x8b8108f, 0x8918c6c, 0x5b50d1d, 0xedd1eea },
-        { 0x2a25f50, 0x94d737d, 0x2446ad0, 0x0e5a823, 0x7ced3e2, 0x02a5435,
-          0x4af8ced, 0xb09a92a, 0xeeecef2, 0x85fc498, 0xe71e3d4, 0x06a02b9,
-          0x84bb49a, 0x00ad307, 0x64a5b4a, 0xf61585e }
-    },
-    {
-        { 0xb86a4c9, 0x915f6d8, 0xa861e1f, 0x944bc6b, 0x54465ef, 0x3091ca7,
-          0xeb53a38, 0x11df859, 0x0144679, 0xd44dde5, 0x0994edd, 0x6c8da9a,
-          0x91241ef, 0xeebcebf, 0xc2f6859, 0xc419354 },
-        { 0x49581b6, 0x1f49693, 0xbb26cb4, 0x5712b10, 0xb09fd59, 0x8fcaa41,
-          0x72e22e3, 0xbd39aad, 0xb1199b0, 0xf70e794, 0xc6f863d, 0xdf63c0c,
-          0xee9df4f, 0xd58166f, 0xc45e70b, 0xb9224ea }
-    },
-    {
-        { 0xce525f4, 0x80072fa, 0x66a5502, 0x8597bd6, 0xdbc9725, 0xf65e203,
-          0xf2222a4, 0xeccfbe3, 0x2339834, 0x490aa42, 0x62489e8, 0x1348891,
-          0xa735084, 0xaff3f80, 0xf3f1bd6, 0x69d53d2 },
-        { 0x813341a, 0xb123ffc, 0x1173848, 0x359084c, 0xd29b08d, 0x751425e,
-          0x3890ad4, 0x1edda52, 0x607cf20, 0xb64974c, 0xb42ac7c, 0xa8c8cb8,
-          0xedd42e5, 0xd5cb305, 0x44c090a, 0xf3034dc }
-    },
-    {
-        { 0xbb18e19, 0x428921d, 0xfed2127, 0x4cfd680, 0x92ac8c3, 0x671144d,
-          0x132c894, 0x2121901, 0x7604cd9, 0x25d0e56, 0xafbc2a0, 0xa372223,
-          0x56c16f7, 0xcf98a52, 0xb5459e1, 0x71f129a },
-        { 0xb668b2e, 0xf4afdc5, 0x0c2d410, 0xc5d937a, 0x285d54a, 0xe2cc4af,
-          0x8c53e18, 0x1c82777, 0x69a92f6, 0x270f2c3, 0x616327a, 0x799f9ac,
-          0xd4246f2, 0xce658d9, 0xfb12e36, 0x0fb681f }
-    },
-    {
-        { 0xe0690fe, 0xc5ab11e, 0x3f74249, 0x80261e3, 0x58c1cf2, 0x8eb4b47,
-          0x184ae9b, 0x4895a80, 0xd3e27eb, 0x4a4bdb6, 0xbfd251c, 0xa7a1638,
-          0x417a7e3, 0x29ec144, 0x3f1b960, 0xd073609 },
-        { 0x49c73d1, 0xcb1ed83, 0x8d1945a, 0x33fc84a, 0xe965118, 0x9f668db,
-          0xa82811f, 0x3331743, 0x28ba540, 0xf394dec, 0x654a454, 0x44ce601,
-          0x3623645, 0x240dbb6, 0x2e61048, 0xf07e7f2 }
-    },
-    {
-        { 0x3d45213, 0x7c9f176, 0x9c1f77f, 0x3eefa70, 0x1b48350, 0xde3c3c5,
-          0x9d481a7, 0x4a2bc64, 0x7874f3d, 0xfd4a58a, 0x037b302, 0x96655d4,
-          0x68bf5ab, 0x9452528, 0x75177f6, 0x1b6d46a },
-        { 0xefb8d00, 0x7de6763, 0xa741b7b, 0xb2c1ba7, 0x7bae6ed, 0xcca6af4,
-          0x5b68b3f, 0xe4378ca, 0xaf71948, 0xfb757de, 0xbc6ac99, 0x7f07b5e,
-          0x27d636d, 0x752a568, 0x4b8a34f, 0xc8b7d1d }
-    },
-    {
-        { 0x325331b, 0x76cb78e, 0xadd2eed, 0x41f41c9, 0x5c5f623, 0x03db238,
-          0x7102fa2, 0xbbc1d17, 0x60182ec, 0x80f137a, 0x55adf15, 0xfdd8569,
-          0xe3373dc, 0x4f53f5e, 0x21b669b, 0xec6faf0 },
-        { 0x0b86081, 0x7d4e983, 0xf2d979c, 0x10d3cd9, 0x24a22c8, 0x0f48f58,
-          0x02f99ee, 0x86c540c, 0x5e6c5fc, 0xf4c6654, 0xbc404c8, 0xaf0c588,
-          0x423118a, 0x2e6edbd, 0x0690eab, 0x86e32e9 }
-    },
-},
-{
-    {
-        { 0xdfbfa6f, 0x1d12656, 0x7646018, 0xa498095, 0xc3597d0, 0x2f1071b,
-          0x1dda80a, 0x3df83f9, 0xf3ae449, 0x5853e28, 0x9e19aad, 0xb853d31,
-          0xa0d8a46, 0x863f01b, 0x2fef108, 0xa84fca6 },
-        { 0xfb84de9, 0xbe4c0b7, 0xc0727bf, 0x40a03dc, 0xb18575c, 0x781f841,
-          0x466cddb, 0x6a63045, 0x05dc7a2, 0x6be7582, 0x07ae811, 0x420f87f,
-          0x3bf96c8, 0x2808242, 0x51c6821, 0x723998c }
-    },
-    {
-        { 0x81f5863, 0x38ab641, 0x05ff9e1, 0xd82ecbd, 0xa065856, 0x339c94e,
-          0xa45156d, 0x143054a, 0x065628c, 0xe6d64bf, 0xa938589, 0xe530086,
-          0x385d79b, 0x22d3a49, 0x0ab8245, 0x0b10790 },
-        { 0xca387b5, 0xb0d80fb, 0x35551d7, 0x698206e, 0xa10bb73, 0x199685d,
-          0x9107378, 0xa8e5fa8, 0xd99dbbf, 0x36e5724, 0xd581b03, 0xd67f476,
-          0x88dd1e6, 0x7a15be7, 0xe5baa31, 0x8dac8e4 }
-    },
-    {
-        { 0xe170ef8, 0x4d5d88f, 0x1e9e600, 0xb6ba5de, 0xedeabc5, 0x4a89d41,
-          0x8fac936, 0x737c66b, 0x65c3125, 0x8d05b23, 0xb61b68e, 0x85a5cbc,
-          0x20a6af9, 0x8fea626, 0xd8b50ec, 0x85115de },
-        { 0x6a6f30b, 0x5430c8d, 0x8474295, 0x8bef9cf, 0xbe77f38, 0x0648f5b,
-          0x9e47bd7, 0xfe2b72f, 0x93106e2, 0xad6c5da, 0xfa7a6c3, 0x4fa6f3d,
-          0xb396650, 0xdcd2ed8, 0x1157ef9, 0x7de1cce }
-    },
-    {
-        { 0x1f241d1, 0x70a5f6c, 0x798cd5c, 0x6c354d8, 0x1a729fb, 0x23c7838,
-          0x523cbda, 0xcff8f15, 0x3493697, 0x5683ff4, 0x7534f53, 0xef7dbab,
-          0x2243d53, 0xd7bd08e, 0xf8072a9, 0x6f644cb },
-        { 0xb22db63, 0xac960f9, 0x23af04d, 0xa97f417, 0xd9798af, 0x692b652,
-          0xfedb156, 0x0e35967, 0xdfe6ee8, 0x14b5e50, 0xb411070, 0x7597ede,
-          0x442b3f9, 0x116f3ce, 0x1b2b6db, 0xe9b5ae8 }
-    },
-    {
-        { 0x2315930, 0xf4385ee, 0x27a8740, 0xc8d0298, 0xd934a43, 0x7907a8d,
-          0xc582191, 0x20bc946, 0x6a405e7, 0xa4acb3e, 0x43df2f5, 0x8c1d6c8,
-          0x991f0b5, 0x9df1593, 0x4d9be9d, 0xbb9df98 },
-        { 0x8e4b190, 0x6362008, 0xada3a88, 0xee1421e, 0xf93b027, 0xb84f0cc,
-          0x8e95091, 0x7a5d667, 0xf3e3704, 0x3974462, 0xc593e98, 0xfa6fb5e,
-          0xa6477d2, 0x44b6cf7, 0xb09a562, 0xe885b57 }
-    },
-    {
-        { 0x09a0c02, 0x6e339e9, 0x0e75f29, 0x57afff0, 0xfb7db03, 0x797d8d6,
-          0xd25a236, 0xc6e11a3, 0x0107260, 0x643ce1c, 0x62eae1c, 0xe644ec4,
-          0x3f5a3f5, 0x821d5b8, 0xc0579d6, 0xa8ad453 },
-        { 0x17d43a4, 0x6518ed4, 0x3f87ccd, 0x46e76a5, 0xf9bef95, 0xd6cbaab,
-          0x4f7cbcf, 0x2568832, 0x08476b4, 0x367159a, 0xbe6d324, 0x1d1b401,
-          0xa605026, 0x348cb98, 0x43b6b1e, 0x144f3fe }
-    },
-    {
-        { 0x7b1822c, 0xbabbd78, 0x2aa51f8, 0xd34ba7e, 0x41fbea4, 0x086f1cc,
-          0x746f3d9, 0x96f7eac, 0x281ecaf, 0xad97f26, 0xa14ee2c, 0x751a905,
-          0x0d7335f, 0xb4e7fe9, 0x4892ff0, 0x0d97b8f },
-        { 0x5a5c40e, 0xdb8a315, 0x7ba567b, 0x64e5de7, 0x1eefe88, 0x4f155f7,
-          0xfb6fbf4, 0xe2297e9, 0x6c16be5, 0xfe24bf9, 0xcdd83e2, 0x2251847,
-          0x5eda444, 0x13ac2c8, 0x283275f, 0x49d1b85 }
-    },
-    {
-        { 0x423e08f, 0xca08731, 0x87d2f14, 0x7046bb0, 0x3bc846c, 0x876f10c,
-          0x358fbe3, 0x2202b76, 0x0e26ac6, 0x0d4fc1c, 0xb986881, 0x1fc748b,
-          0x8384a18, 0x609e61c, 0x0d88e00, 0x28a72d6 },
-        { 0x78c6e2f, 0x1332a31, 0xb3526a4, 0x0367919, 0x698fe3e, 0x53989e4,
-          0xb16a99b, 0x14b1145, 0xddbb75f, 0xef9ec80, 0x0e53955, 0x7625624,
-          0x8744ae1, 0x54e087a, 0x672b875, 0xce50e8a }
-    },
-},
-{
-    {
-        { 0xa29629c, 0x4c88b2b, 0x7b2642f, 0x946559c, 0xf7ebe4c, 0x933d432,
-          0x63632c9, 0x97109b6, 0xe53184d, 0x799b3fb, 0x0f069a6, 0xd462871,
-          0x3a68351, 0x0c182a1, 0x9a2437a, 0x974a839 },
-        { 0x2a70278, 0x29f1997, 0xd9c424b, 0x01b98b6, 0x08f4c37, 0xd85a60b,
-          0x2b1da15, 0xcc3523f, 0xddffb0f, 0xf922115, 0xde84ae2, 0xee0fe4d,
-          0x55365be, 0x810440c, 0x1a457e8, 0xd2f6639 }
-    },
-    {
-        { 0xe2ddd05, 0x5e6879f, 0xabdfc61, 0x92a7545, 0xa5cede8, 0x7dedd63,
-          0x70df4bd, 0x8a03b3f, 0x91f6cbb, 0xa5d1f65, 0x10f3fb2, 0x372fde6,
-          0xa9dee05, 0x4537f9e, 0xdf7aa50, 0x7eb85bb },
-        { 0xe8c504d, 0x963edf8, 0xe7bdb6b, 0x53c8dca, 0x6fedf2d, 0xa246e4c,
-          0x0c55bde, 0x7553340, 0x0270a54, 0x2aa748d, 0x05860dd, 0xadb6cf0,
-          0x9b84763, 0x8d31450, 0xeb405ef, 0x626720d }
-    },
-    {
-        { 0x6601328, 0xa3709ae, 0x2ac2478, 0x68e94fd, 0x9d5d247, 0x3879343,
-          0x392c198, 0xfa467af, 0x15df607, 0x49e7b0d, 0x61792a8, 0x8c58122,
-          0x1d3762f, 0x79f7658, 0x244a39d, 0xaa38895 },
-        { 0xc5cd0bc, 0xef60af9, 0xa33b3bb, 0x2b0db53, 0x251015d, 0xe3e0b1f,
-          0xe64489e, 0xc608afc, 0x03651aa, 0xe52b057, 0x1c6f7b9, 0x1dda8b9,
-          0xff41893, 0x833f022, 0x192818c, 0x58eb0a0 }
-    },
-    {
-        { 0xfc7b5a7, 0x6c1300c, 0xa83ab33, 0x6d2ffe1, 0x9c02eef, 0x7b3cd01,
-          0xba60d55, 0x6c64559, 0x19e2f73, 0x2e9c16c, 0xdbe47b1, 0x11b24ae,
-          0x1b8153b, 0xc10a2ee, 0x1e02e1a, 0x35c0e08 },
-        { 0x1dd6f16, 0xa9f470c, 0xf41a290, 0x4ea93b6, 0x25ee03f, 0xac240f8,
-          0xb85aabd, 0x6cd88ad, 0x1be2f8f, 0x378a64a, 0x417bac1, 0xbf254da,
-          0x9231142, 0x7e4e5a5, 0x3b8c057, 0x057aadc }
-    },
-    {
-        { 0x80af479, 0x607c77a, 0x5ccdf74, 0xd3e01ff, 0x101b4c7, 0x9680aaf,
-          0x2fc50a6, 0xd2a7be1, 0xb72d782, 0x92a788d, 0x4640b52, 0x35daf2e,
-          0x39e601c, 0xc170d69, 0x7b25c2f, 0x16e05f5 },
-        { 0x6fe37f8, 0x47a42a6, 0xbeca298, 0xeb74271, 0x179da16, 0x401e11e,
-          0xaa53873, 0xfb8da82, 0x5bb4783, 0xd657d63, 0xfcea0b1, 0x6847758,
-          0x0993154, 0x2f261fb, 0x592853a, 0x868abe3 }
-    },
-    {
-        { 0x35766ab, 0x1a4c543, 0x6f4e4ea, 0xa1c84d6, 0x60ba199, 0x5d737a6,
-          0x98b15a2, 0x4a7b1e2, 0xfd967d3, 0x207877f, 0xc262b4d, 0xcaec82d,
-          0x4f2a37d, 0x0b27849, 0x6ac1711, 0x3478141 },
-        { 0x8fc6856, 0x28e3df1, 0x16d003f, 0xbec03f8, 0xff39ebd, 0x2bd705b,
-          0x2d776d3, 0x1dcb53b, 0x5c0e7ce, 0xabafa7d, 0x4a53332, 0x5b9c8c2,
-          0x9d90214, 0xe9f90d9, 0xc129690, 0x789747e }
-    },
-    {
-        { 0x54e2dfa, 0x94d3c39, 0xafb2a8f, 0x919f406, 0x34e3927, 0x159ef05,
-          0xa165c37, 0xcdb4d14, 0x288f337, 0xa23e5e8, 0x0f90242, 0x95867c0,
-          0xe34e781, 0x2528150, 0x6657b95, 0x104e501 },
-        { 0xbcdda24, 0x695a6c9, 0x23eb5fa, 0x609b995, 0x16a60f8, 0xcbce4f5,
-          0xf084a29, 0xec63f7d, 0x20c811f, 0x3075ada, 0x8c716a1, 0x129a192,
-          0xcd4cd4a, 0xd65f4d4, 0x62188be, 0xe18fa9c }
-    },
-    {
-        { 0xbac60e3, 0x1672757, 0x577144b, 0x525b3b9, 0x887055b, 0x38fc997,
-          0x31e4408, 0x7a77126, 0xcba2fcf, 0x884f173, 0x5962ac0, 0x783cbdc,
-          0x22287dc, 0x4f3ed0a, 0x50e20e6, 0x8a73e34 },
-        { 0xd764583, 0xe7a1cd0, 0x0d58ee6, 0x8997d8d, 0xaa13ed6, 0x0ea08e9,
-          0xcf363cb, 0xed478d0, 0x5b37bf4, 0x068523d, 0x783f13c, 0x8b5a9e8,
-          0x87528a9, 0xde47bbd, 0xcaec313, 0xd6499cc }
-    },
-},
-{
-    {
-        { 0xe09859d, 0x54781bb, 0x7f5e648, 0x89b6e06, 0x7075824, 0xb006dfe,
-          0x0717f68, 0x1731660, 0x0b4efe2, 0x9c86554, 0x5e30d8e, 0xdbdb257,
-          0x3b4d50f, 0xa6a5db1, 0xfa47beb, 0x3b5662c },
-        { 0x89d4a59, 0x9d4091f, 0x550a7dc, 0x790517b, 0xc52965e, 0x19eae96,
-          0xb5ed7a4, 0x1a7b3c5, 0xeb16541, 0x19e9ac6, 0xef66852, 0x5f6262f,
-          0xc4cda27, 0x1b83091, 0x3bf742b, 0xa4adf6f }
-    },
-    {
-        { 0xa5100e7, 0x8cc2365, 0x8592422, 0x3026f50, 0x3d714d0, 0xa4de79a,
-          0x90fcb30, 0xefa0d3f, 0x474ada0, 0x126d559, 0xc94350a, 0xd68fa77,
-          0x0c7cb45, 0xfa80e57, 0x3985fbf, 0xe042bb8 },
-        { 0xfe13dba, 0x51c80f1, 0xcf055d7, 0xeace234, 0x73f95f7, 0x6b8197b,
-          0xdcdbe89, 0x9ca5a89, 0xdfd9896, 0x2124d5f, 0x9e7ca37, 0x7c69556,
-          0x8babb37, 0x58e806a, 0xbaf99ce, 0x91b4cc7 }
-    },
-    {
-        { 0x197e968, 0x874e253, 0x3160668, 0x36277f5, 0x8b95dbe, 0x0b65dda,
-          0xf0872a1, 0x477a792, 0x314268d, 0x03a7e3a, 0x0c805c7, 0xa96c842,
-          0xb7bc4a8, 0xb941968, 0x75db390, 0x79dce30 },
-        { 0x6f4cc14, 0x577d4ef, 0xb5d1107, 0x5b0d205, 0x9f93624, 0x64ff20f,
-          0x5034a2f, 0x0b15e31, 0x8b6f35c, 0x3a0f6bb, 0xe0d0ec5, 0x0399a84,
-          0x0d5d521, 0xd0e5823, 0xcb1dd54, 0xdeb3da1 }
-    },
-    {
-        { 0x182401a, 0x24684ae, 0x21a706f, 0x0b79c1c, 0xd8998af, 0xe1d81f8,
-          0x4bb069f, 0xadf870f, 0xf3dd7aa, 0xd57f85c, 0xe4a40f8, 0x62d8e06,
-          0x8b55aa1, 0x0c5228c, 0xa9c0a1a, 0xc34244a },
-        { 0x68f544e, 0xb5c6cf9, 0xde23ab7, 0xa560533, 0x47c690c, 0xaa55120,
-          0x12aaaa6, 0x20eda5b, 0x751a6a0, 0xea0a49a, 0x2baa272, 0x6d6cfff,
-          0xbf4c28a, 0x95b756e, 0xe6178a4, 0xd747074 }
-    },
-    {
-        { 0x221a94b, 0xa27b453, 0xe635f20, 0xd56ad13, 0x8c95117, 0x03574b0,
-          0xed30b70, 0xf0ee953, 0x957796f, 0xb48d733, 0x58c336b, 0xf5d9583,
-          0x82db529, 0x6170cd8, 0xec9d1ea, 0xcd3ef00 },
-        { 0xe4d105f, 0xd1bea0d, 0xad6a559, 0xd2d670f, 0x52f9690, 0x652d012,
-          0xc2529b0, 0x5f51fb2, 0xe89df2a, 0x5e88bf0, 0xcd686e4, 0x9a90684,
-          0x882c7a1, 0xf519ccd, 0xc2f4d37, 0x933a0df }
-    },
-    {
-        { 0x3f66938, 0x0720a9f, 0xd8149df, 0x99356b6, 0xa3d7f61, 0xb89c419,
-          0x4ba6e31, 0xe658134, 0xab936c8, 0xd130561, 0x40dbef1, 0x0625f6c,
-          0xb6bb847, 0x7b2d6a2, 0x84d506b, 0x3ca8b29 },
-        { 0xfb011b0, 0x6bf729a, 0x33448c9, 0x01c3078, 0x0837420, 0x6ae9508,
-          0xa207fb8, 0xf781a8d, 0x57562a9, 0xcc54d58, 0x858c5ab, 0xc9b7364,
-          0x359908f, 0xdfb5035, 0x9631138, 0x8bf77fd }
-    },
-    {
-        { 0xc13fbb1, 0xf523365, 0x9993ed5, 0x88532ea, 0x5a73492, 0x5318b02,
-          0xe5a8f3c, 0x94bff5c, 0x306c2a0, 0x73f9e61, 0xf2668a3, 0x00abbac,
-          0x076237d, 0x23ce332, 0x34c0f9b, 0xc867f17 },
-        { 0xcfd2136, 0x1e50995, 0xb2b70f8, 0x0026a6e, 0x5077a7d, 0x66cb184,
-          0xa3b498e, 0xc31b2b8, 0x260ec86, 0xc12035b, 0xe1b3df0, 0x1cbee81,
-          0x8d55a42, 0xfd7b804, 0xf47a8c8, 0x912a41c }
-    },
-    {
-        { 0x9e157e3, 0xab9ffe7, 0x44dc158, 0x9cfe46d, 0x8a4a3ef, 0x435551c,
-          0x3b7e3a8, 0x638acc0, 0x49954a7, 0x08a4ebd, 0x13194f7, 0x295390c,
-          0x253892a, 0x3a2b68b, 0x25d5b11, 0xc1662c2 },
-        { 0x3a5d2bb, 0xcfba072, 0xcc327c9, 0xffaf6d3, 0xc67e254, 0x6c6314b,
-          0x2f32208, 0x6661631, 0xbea72e1, 0xf780f97, 0x002122f, 0x495af40,
-          0x7578a99, 0x3562f24, 0x77ce51e, 0x5f479a3 }
-    },
-},
-{
-    {
-        { 0x1a82a12, 0x91a5884, 0x80f3a62, 0xa754175, 0xf73417a, 0x399009f,
-          0x0a8c5cd, 0x2db1fb9, 0xc046d51, 0x82c8912, 0x8f18274, 0x0a3f577,
-          0x26ccae2, 0x2ad0ede, 0x8a4e9c2, 0x7d6bd8b },
-        { 0x4b3de44, 0xaa0d797, 0x96ac9bb, 0xf8658b9, 0x5f6c334, 0x31e7be2,
-          0x4df12c9, 0x23836ce, 0x59eb5c9, 0x029027b, 0x5b8649d, 0x2f22531,
-          0xd907162, 0xa0fdf03, 0x9e80226, 0x101d9df }
-    },
-    {
-        { 0x9a90835, 0xf12037a, 0xf0222a7, 0xd2d0882, 0xc3814e2, 0xeaf8d40,
-          0x8b8146b, 0xa986dc6, 0x8504653, 0x147a331, 0x2feaf67, 0x734e003,
-          0x602bec5, 0x6f27bbf, 0x6a688f3, 0xa1e21f1 },
-        { 0x73c4ae5, 0x5a8eeab, 0xe70b412, 0x4dbaddb, 0xcfd2af1, 0x871ceba,
-          0x7d7a286, 0x1860382, 0xb5bb401, 0x024059d, 0x3c39b73, 0x2557c09,
-          0x6681697, 0xfc5a711, 0x891b57c, 0xf881c0f }
-    },
-    {
-        { 0x8ea191a, 0x3c443f1, 0xd700ad0, 0x76faa58, 0xbe7fcbf, 0x6fe6cfa,
-          0x8990ef7, 0xaefc528, 0x80004cc, 0x44e30fa, 0x6d8ef85, 0xc744adc,
-          0x912df70, 0xafcd931, 0x572a6d8, 0xf62a9d1 },
-        { 0x3219f27, 0x47158a0, 0xad73136, 0x76fb27e, 0xcc2d614, 0x41bb2ad,
-          0xde1ec21, 0x8858cb9, 0x5f15866, 0xab402c4, 0xbc82bbf, 0x6675d5b,
-          0xf1b28d3, 0x4ee9dd6, 0xe373c17, 0x875884f }
-    },
-    {
-        { 0x2a67d36, 0x17806dd, 0x32c9ec1, 0xaa23a86, 0xfc1ee55, 0xd914126,
-          0x653701b, 0xbf8f7bd, 0xea71367, 0x9b0111a, 0xa98e417, 0x61fd4ab,
-          0x561c5a5, 0xeb45298, 0xe7af394, 0x2187b0a },
-        { 0x1616dde, 0x71f12db, 0x07da7b4, 0x0617609, 0x02ddb04, 0x414d376,
-          0x286fb58, 0x1100be7, 0x6f0d95b, 0xd7cf88d, 0x746d703, 0x8539d23,
-          0x4e23d73, 0xdccc9d6, 0xec89680, 0xaeef1d2 }
-    },
-    {
-        { 0x336508d, 0x82ccf1a, 0x5bad150, 0xa128c1f, 0x29a188d, 0x551d8c0,
-          0x771404f, 0xef13dd4, 0xc37b993, 0xdd67696, 0x0dddad2, 0x428c0e2,
-          0x038c94c, 0x222278d, 0x078e3f2, 0x1a24a51 },
-        { 0xedb0db9, 0xd297fe6, 0x8251a87, 0x00988d2, 0xbfaa0d7, 0xbb946f8,
-          0xdf45ea0, 0x380f7b9, 0xafccf5e, 0x8526415, 0xe9ec7bc, 0x909bfbf,
-          0x124755c, 0x2ed7093, 0x89404e2, 0x4368028 }
-    },
-    {
-        { 0x36d9ef1, 0x21b9fa0, 0xe433526, 0xfd64b7c, 0x6544849, 0xd9d7eb7,
-          0xd5b54b3, 0x201620c, 0xbb61159, 0x25fab3d, 0xc53e0d3, 0x90d4eb0,
-          0x9e74772, 0xba09831, 0xec1681c, 0x8749658 },
-        { 0xfec316b, 0xa354349, 0xa743ea2, 0x639a9b1, 0x37c50e6, 0x2e514ca,
-          0xdbaf6c5, 0x9f4a4fd, 0x6f511c9, 0x0df87ef, 0x0c00d95, 0xadd4cef,
-          0xaa1433f, 0x401c0eb, 0xbb38af9, 0x3c3a59e }
-    },
-    {
-        { 0xf0e7dca, 0x8706245, 0x3fb29ca, 0xad238cd, 0x9b7d8f0, 0x0330443,
-          0x154f495, 0xfdcd6e6, 0x7d4ad09, 0xc67e24a, 0x5438390, 0x1b209e8,
-          0xb0c211e, 0xf893b81, 0x7e11e36, 0x1aa86f0 },
-        { 0xedea8b1, 0x2cca3ff, 0x3b306cd, 0x7eedd07, 0x12ee222, 0x78e37bc,
-          0xbc42a1d, 0x257870b, 0x1fbd397, 0x5fb2bb9, 0x09d6c60, 0x4702470,
-          0x20bdc36, 0x11748a3, 0x04280e8, 0x3ff24dc }
-    },
-    {
-        { 0x9839b52, 0x0eb1c67, 0xacfbd32, 0x5bcca27, 0x74898e3, 0xb506c16,
-          0x2489e5e, 0x37d662e, 0xf694887, 0x8dc0731, 0xf43f1dc, 0x571149e,
-          0x66d63dc, 0x6430a37, 0xb50dd70, 0x0d2640e },
-        { 0x3b2675b, 0x2b56149, 0x88c604f, 0x1b48065, 0xaafbabc, 0x55c86a8,
-          0x608aaba, 0xa7b9447, 0x04cad8c, 0xa42f635, 0xcee7788, 0x0f72b1d,
-          0x755d99a, 0x1d68374, 0x5be2531, 0xd7cdd8f }
-    },
-},
-{
-    {
-        { 0xbcdfee1, 0x67873bd, 0xfcd0a3f, 0xa5a0c0a, 0x3cfa3d4, 0x59389f9,
-          0xe1c865c, 0x14e945c, 0x1d588cc, 0x62d2f8e, 0x8e228b4, 0xfd02f8a,
-          0xb42b649, 0x208f791, 0xab397ad, 0x0e0dff1 },
-        { 0x0bc6eb1, 0x30ac3d9, 0x5f313bb, 0xf14f16a, 0xe2a0ad2, 0x70fa447,
-          0x5a0db84, 0x6e40685, 0xe32e1e7, 0xd52282b, 0x15ca330, 0x315a02a,
-          0x867c2fe, 0x9a57a70, 0x0054923, 0x55f0765 }
-    },
-    {
-        { 0xc0cf08f, 0x2d729f6, 0xebaf57f, 0x6b80138, 0x0200c25, 0x6285bcc,
-          0x2cd2ac7, 0xee84519, 0x922778a, 0x28fce4d, 0xcd1011c, 0x761325c,
-          0x5100e47, 0xd01f247, 0xc60d8e1, 0xc7a1665 },
-        { 0x7ceb064, 0x950966d, 0x78420db, 0x0a88e85, 0xe096f29, 0x44f2cfc,
-          0x640f1d2, 0x9d9325f, 0xd2426f1, 0x6a4a81f, 0x9c905ac, 0x3ed6b18,
-          0x008854d, 0xba3c0e2, 0xa0d321b, 0x1df0bd6 }
-    },
-    {
-        { 0x3feb1e7, 0x0117ad6, 0xf1ae02f, 0xa058ba2, 0x31b3f06, 0x5eee5aa,
-          0xafacd4d, 0x540d9d4, 0x1571d91, 0x38992f4, 0xbf2c7de, 0xef2738e,
-          0x92a798d, 0x28bfcab, 0x2286733, 0x37c7c5d },
-        { 0x6470df0, 0xb99936e, 0x8af6a42, 0x3d762d5, 0xc74eec5, 0xa8c357a,
-          0xf13afbc, 0x9917beb, 0xf2dc073, 0x28f0941, 0x6ce7df7, 0x306abf3,
-          0xd6973c8, 0xa3c5f6f, 0x3677632, 0x640209b }
-    },
-    {
-        { 0xe23aef7, 0xee872a2, 0xeb9b08e, 0xb497b6f, 0x3f33c63, 0xfb94d97,
-          0x2b32315, 0x9ea1ff4, 0x49a4166, 0x537b492, 0xab4f8be, 0x89c7fe6,
-          0xdad8f0f, 0xf68007f, 0x71b8474, 0xe56ef0b },
-        { 0x3f333f9, 0x478b2e8, 0xb2607f5, 0x144e718, 0xa4c7ab5, 0x13aa605,
-          0x1d0730d, 0xfc1fc99, 0x5ab3ea1, 0xe7a0437, 0x306d8d3, 0xc59986a,
-          0x702a8b1, 0x24f6111, 0xe040ad2, 0x7741394 }
-    },
-    {
-        { 0x60723a7, 0x34c6a25, 0xf4ea691, 0x8aabd0d, 0x5d7497f, 0x9d676a5,
-          0x7d91fa4, 0x12c0957, 0x6479284, 0x581c7a8, 0xf4fd449, 0xa54f3da,
-          0x4ef44cf, 0x2f89f3c, 0xc9ec97c, 0xfc266b5 },
-        { 0x88b142a, 0xfcd3fbe, 0x4bd69c1, 0x9f3109f, 0xb5f5a6a, 0x08839c0,
-          0x2e68303, 0x63ca850, 0xbba0a74, 0x2f0628d, 0x5d56b54, 0x743cccf,
-          0x13e09fd, 0xbd4b066, 0xde2ba3e, 0x7a8415b }
-    },
-    {
-        { 0xc076ab2, 0x2234a3b, 0x4977a98, 0xd6953e5, 0x31ebe2e, 0xc122158,
-          0xbad78e2, 0x632145f, 0xa5c4b08, 0xd7ba78a, 0x998e32a, 0x6f4ea71,
-          0x3485a63, 0x25900d2, 0x6a5176f, 0x97ac628 },
-        { 0x1093f7b, 0x5df9118, 0xc844563, 0x2bf9829, 0x6272449, 0x525d99d,
-          0xb5c8a18, 0x4281cb5, 0x0544a08, 0x35df278, 0xbaeb8f4, 0xf4c3d2d,
-          0x5230447, 0xc7ff317, 0x5d2fbff, 0x6b4d764 }
-    },
-    {
-        { 0x2b0c9cb, 0x4837f80, 0x8ce8418, 0xb65f816, 0x9fc1428, 0xdf66ea9,
-          0x04ea7e8, 0x9788ee8, 0x8334e3c, 0x9eae900, 0xd6ba1b6, 0xbc91058,
-          0xd7064b6, 0x634aba1, 0x397b368, 0x12d9bb3 },
-        { 0xc413aa8, 0x0645c85, 0xac6b5e3, 0xb09dea6, 0x289a50b, 0x29a620d,
-          0xbbcceb1, 0x104db3b, 0x87b3309, 0x42e4792, 0xec97f01, 0xdfc373e,
-          0xb93f84e, 0xe953f94, 0x052dfbf, 0x3274b7f }
-    },
-    {
-        { 0x1bd6fa9, 0x9d5670a, 0xdb6c4d4, 0xec42fc9, 0x1b42845, 0xaecd4ed,
-          0x1b03549, 0x4eed90e, 0xbbab1fa, 0xeb3225c, 0x28a2816, 0x5345e1d,
-          0x0b77d2a, 0x3741cfa, 0x7ea8caa, 0x712b19f },
-        { 0x661853e, 0x42e6844, 0xe4a6e5d, 0x4cf4126, 0xc3649f6, 0x196a9cf,
-          0xf21b6b1, 0x06621bc, 0x32e29ea, 0x887021c, 0x8c5680f, 0x5703aeb,
-          0x660f6d7, 0x974be24, 0xc71864e, 0xaf09bad }
-    },
-},
-{
-    {
-        { 0xa81b6d3, 0x3483535, 0xca037dc, 0x19e7301, 0x63ddfeb, 0x748cab7,
-          0x6f01a38, 0xe5d87f6, 0x2795cd6, 0xbba4a5c, 0x615c36c, 0x411c5d4,
-          0x706f412, 0xff48efc, 0x4b519df, 0x205bafc },
-        { 0x5227110, 0xfcaa5be, 0x3ad0af0, 0x7832f46, 0x2642b1b, 0x34ef2c4,
-          0x072f822, 0x7bbef7b, 0x923a616, 0x93cb0a8, 0x6d91ba7, 0x5df0236,
-          0x42f7d21, 0x5da94f1, 0xa14e891, 0x3478298 }
-    },
-    {
-        { 0xc831d39, 0xad79a0f, 0x4803c44, 0x24d1948, 0x86aeeb2, 0x4f8a864,
-          0x926f6b9, 0x0ca284b, 0x1acd7cd, 0x501829c, 0x3d12c52, 0x9f6038b,
-          0xf371ef5, 0x77223ab, 0x13bf4de, 0x2e03516 },
-        { 0xb4468cc, 0x7a5a4f2, 0x470ae46, 0xdcea921, 0x11be696, 0xf23b7e8,
-          0x720d6fb, 0xe59ad0d, 0x2983469, 0x9eacac2, 0xc4397ee, 0x4dd4110,
-          0xcbe2675, 0x4ef85bd, 0xaa7c74b, 0xe4999f7 }
-    },
-    {
-        { 0x8ea1e98, 0x031838c, 0x04d96a2, 0x539b383, 0x163956e, 0x5fbdef0,
-          0xce3f52a, 0x6bd4d35, 0x55e897f, 0xe538c23, 0x472dd3f, 0x6078d3a,
-          0xca9f452, 0x590241e, 0xfd7fc07, 0x2bc8495 },
-        { 0xead4c8c, 0x23d0c89, 0x601c66e, 0x1ea55a9, 0x4f5b833, 0x41493c9,
-          0xaa5a978, 0xc49a300, 0x0c69594, 0xc98bdc9, 0xccbdc8c, 0x4e44ced,
-          0x6adccbf, 0xb0d4e91, 0x32c37ae, 0xd56e36b }
-    },
-    {
-        { 0x5b93152, 0x052bd40, 0x4f1dbfa, 0x688b1d4, 0xbe5cc5f, 0xe77ba1a,
-          0xa6ac543, 0x11f8a38, 0xe4bb988, 0x3355fd6, 0xf8dffb4, 0xdf29c5a,
-          0x81f20ee, 0x751f589, 0xda9b7fb, 0x22a0f74 },
-        { 0x6397b49, 0xec8f2bc, 0x3639201, 0xff59fc9, 0xa048264, 0xb7f130a,
-          0xafdc4cc, 0xe156a63, 0xb13acaf, 0x0fd7c34, 0x0cb4999, 0x87698d4,
-          0x7f26f24, 0x6d6ecae, 0x0f296e2, 0xae51fad }
-    },
-    {
-        { 0xdd0f58d, 0xd0ad5eb, 0x5c67880, 0x6ec6a2c, 0x9af1e0f, 0xe1ce034,
-          0x3996d32, 0x0801485, 0x5e69d20, 0x59af51e, 0xaa48ecf, 0x0ef743a,
-          0x7dafcb0, 0x8d3d2ea, 0x89189b6, 0x4ac4fad },
-        { 0xeae97f1, 0x92d91c2, 0x62b4662, 0xef5eca2, 0xb38b10a, 0x440b213,
-          0xfc661da, 0xec90187, 0xf64cf8d, 0x85f3f25, 0x457ad1b, 0xcee53ca,
-          0xf517672, 0x8deed4b, 0x4761828, 0x7706fb3 }
-    },
-    {
-        { 0x17494fe, 0x1577d91, 0x2fd7239, 0x52d29be, 0x0186d37, 0x9a0eef0,
-          0x27fe108, 0x241d0f5, 0xe6fb59f, 0x42824ba, 0x0d48c25, 0xb8d33df,
-          0x47af4b0, 0xfffdb0a, 0x073b0b6, 0x534c601 },
-        { 0x51c033b, 0xe6df359, 0x86c0f94, 0x3e1002b, 0x48fb9b6, 0xa7cb555,
-          0xa7bbff8, 0x999818b, 0x84d8bf2, 0xe4ba3d6, 0x6358f0a, 0x53dbb32,
-          0xf2568e8, 0xeebc1e2, 0xb3e0f68, 0xc6917eb }
-    },
-    {
-        { 0x19f8d13, 0xbe1bbfc, 0x2d4795c, 0xc3951b6, 0xed535a9, 0x9371c49,
-          0x68cebea, 0x77c389f, 0xa141d0e, 0xfc1a947, 0xde44f8b, 0x4b48d7a,
-          0x8580a26, 0x3db1f05, 0x258b5fc, 0xeed1466 },
-        { 0x9854b21, 0x5daa4a1, 0x1ab1ead, 0x5bfa46f, 0x59957eb, 0xc152e35,
-          0xea48ada, 0xdc84277, 0xfc169b5, 0x68709cf, 0x720e617, 0xde50ce3,
-          0xdd9a832, 0xe42f262, 0x2d6ce29, 0xddffd4d }
-    },
-    {
-        { 0x8fa0a56, 0xd5ba557, 0xfafaf4c, 0x0d7d0f1, 0x38b63ed, 0x7666e41,
-          0x5d87f02, 0x04e6513, 0xc958f32, 0xdca8866, 0x3ce2686, 0xaa8486d,
-          0xf1cbcd3, 0xe3785ca, 0x03c8335, 0x8a9b114 },
-        { 0x2e0ef60, 0x5c1dca2, 0x7d3fb20, 0x775af5b, 0x2b373a8, 0xe690ffc,
-          0x28330e6, 0x30fe15d, 0xdd0f393, 0x8a1022b, 0x966a828, 0x6bd7364,
-          0x949208a, 0x8d4b154, 0xb9d9828, 0xfb38c6b }
-    },
-},
-{
-    {
-        { 0x0340ac2, 0x6d19764, 0xecab5ff, 0x969f473, 0xc458e42, 0xead46f7,
-          0x1d00eed, 0x168646a, 0xe0ce0cf, 0xf70c878, 0x8d8d15a, 0xa7291d3,
-          0xfdd10cc, 0x92cf916, 0x24f86d5, 0x6d36134 },
-        { 0x2d5c4b4, 0xba50d17, 0x4626f15, 0xe0af502, 0xd76098a, 0x76f3809,
-          0xd6caaa8, 0x433dc27, 0x70d97a7, 0x72dc67a, 0xf5c7355, 0x935b360,
-          0x179bb31, 0xdbaac93, 0x7ed1a33, 0x7673848 }
-    },
-    {
-        { 0x8f9fa0d, 0x8d1ca66, 0xa02f2bf, 0x4ed95d8, 0xf630d7b, 0xd19fc79,
-          0xf46fa51, 0x0448ec4, 0x623bf3f, 0xb371dd8, 0xd650e94, 0xe94fabc,
-          0xcd90a70, 0x3af3fca, 0x03ce3b7, 0x0f720c4 },
-        { 0xd636c3b, 0x590814c, 0x4469945, 0xcf6928d, 0x484a4c6, 0x5843aaf,
-          0xf9b4722, 0xb5a4c1a, 0x6cfb2f9, 0x25116b3, 0x32c2640, 0xf248cf0,
-          0x27412a1, 0x8cd059e, 0x862fc5d, 0x866d536 }
-    },
-    {
-        { 0x6de4a2e, 0x156e62f, 0xaafcc78, 0x0365af7, 0x19e925e, 0x65c8618,
-          0xf8b2191, 0x4db5c01, 0xad564fa, 0x1fd26d1, 0x19c8610, 0x16bbc53,
-          0x815f262, 0x0718eef, 0x27f83d1, 0x8684f47 },
-        { 0xb0f48db, 0xa30fd28, 0x6ab8278, 0x6fef506, 0x1a652df, 0xd164e77,
-          0xc6ebc8c, 0x5a486f3, 0xdc3132b, 0xb68b498, 0xd73323f, 0x264b6ef,
-          0x69b2262, 0xc261eb6, 0x2a35748, 0xd17015f }
-    },
-    {
-        { 0x7c4bb1d, 0x4241f65, 0xf5187c4, 0x5671702, 0x3973753, 0x8a9449f,
-          0xcc0c0cd, 0x272f772, 0x58e280c, 0x1b7efee, 0x4b5ee9c, 0x7b32349,
-          0x31142a5, 0xf23af47, 0xd62cc9e, 0x80c0e1d },
-        { 0x675ffe3, 0xcbc05bf, 0x258ce3c, 0x66215cf, 0x28c9110, 0xc5d2239,
-          0x2a69bc2, 0x30e12a3, 0x76a9f48, 0x5ef5e80, 0x2329d5f, 0x77964ed,
-          0x8a72cf2, 0xdf81ba5, 0x6e1b365, 0x38ea70d }
-    },
-    {
-        { 0x2f75c80, 0x1b18680, 0x698665a, 0x0c153a0, 0x522e8dd, 0x6f5a7fe,
-          0x8ddfc27, 0x9673866, 0x0d3bdce, 0x7e421d5, 0x25001b2, 0x2d737cf,
-          0x0e8490c, 0x568840f, 0xe30c8da, 0xea2610b },
-        { 0x9561fd4, 0xe7b1bc0, 0x26decb0, 0xeda786c, 0x6a76160, 0x2236990,
-          0x78a3da3, 0x371c714, 0x2a2d9bf, 0x1db8fce, 0x3292f92, 0x59d7b84,
-          0x5a665f9, 0x8097af9, 0x542b7a9, 0x7cb4662 }
-    },
-    {
-        { 0xc6b0c2f, 0xa5c53ae, 0x7312d84, 0xc4b8732, 0xc732736, 0xfc374cb,
-          0x9310cc0, 0xa8d78fe, 0x65d1752, 0xd980e86, 0x6004727, 0xa62692d,
-          0x0146220, 0x5d07928, 0x860fea5, 0xbd1fedb },
-        { 0xb35d111, 0xcbc4f8a, 0x3e32f77, 0x5ba8cdf, 0xb614b93, 0xd5b71ad,
-          0x2f8808d, 0x7b3a2df, 0x6ef2721, 0x09b89c2, 0x47c3030, 0x55a5054,
-          0x2986ae6, 0x2104431, 0x2367d4c, 0x427a011 }
-    },
-    {
-        { 0xc1942d8, 0xe9fe256, 0x96e3546, 0x9e7377d, 0xb0c1744, 0x43e734c,
-          0x211fbca, 0x5f46821, 0x32b6203, 0x44f83dc, 0x6ad1d96, 0x8451308,
-          0x2fbb455, 0x54dd519, 0x2f10089, 0xc2a1822 },
-        { 0x1855bfa, 0x01055a2, 0x77078b4, 0x9e6d7b4, 0x30cea0e, 0x3f8df6d,
-          0x32973f7, 0x81c2150, 0xc0b3d40, 0x17dd761, 0x50d0abe, 0x040424c,
-          0x783deab, 0x5599413, 0x8f3146f, 0xde9271e }
-    },
-    {
-        { 0xaf4a11d, 0x5edfd25, 0x7846783, 0x3a3c530, 0x73edd31, 0xb200868,
-          0xfe0eef8, 0x74e00ec, 0x3dd78c7, 0xba65d2f, 0x71999f1, 0xab13643,
-          0xde9a7e8, 0xfa9be5d, 0x87a8609, 0xeb146ce },
-        { 0x65353e9, 0x76afd65, 0xd51ba1c, 0xfa7023d, 0x37ede4f, 0x7a09f22,
-          0x0ba7a1b, 0xca08576, 0xb99950a, 0xd973882, 0xea5057a, 0xe894266,
-          0x7f55e49, 0xd01c421, 0x5555679, 0x69cfb9c }
-    },
-},
-{
-    {
-        { 0xc5d631a, 0x67867e7, 0x5bcf47b, 0x1de88c5, 0xafd1352, 0x8366d06,
-          0x6e20337, 0xd7dbdef, 0x1253ec7, 0xb0f9e2f, 0x10ad240, 0x1be9845,
-          0xf4a6118, 0x63ec533, 0x96ce633, 0xd5e4c5b },
-        { 0x4df4a25, 0x1d0b6c3, 0x5a1b554, 0xef9486a, 0x47b6ef3, 0x2f0e59e,
-          0x2ff84d7, 0x4d8042f, 0xda359c9, 0x3e74aa3, 0xd21c160, 0x1baa16f,
-          0x0191cba, 0xb4cff21, 0xebc6472, 0x50032d8 }
-    },
-    {
-        { 0x1fc1b13, 0xb6833e0, 0x1a5ad8f, 0x8a8b7ba, 0x622b820, 0xc0cafa2,
-          0x738ed20, 0xc6663af, 0x8b18f97, 0xd894486, 0x774fbe4, 0xcf0c1f9,
-          0x5be814f, 0xeedd435, 0xb57e543, 0xd81c02d },
-        { 0x310bad8, 0x5e32afc, 0x9b813d1, 0x065bc81, 0x3142795, 0x8efc5fc,
-          0x732d59c, 0x5006514, 0x2b5a3ce, 0x91e39df, 0xfaf4204, 0x2ad4477,
-          0x4d9bd4f, 0x1a96b18, 0xa4d9c07, 0xc3fee95 }
-    },
-    {
-        { 0x6b4ba61, 0xfac7df0, 0x061aaef, 0xa6ed551, 0x133f609, 0x35aa2d6,
-          0x20ed13d, 0x420cfba, 0xea03d0c, 0x861c63e, 0xf936d6e, 0x75f0c56,
-          0x3d9a3d5, 0xa25f68f, 0xcd9f66e, 0xba0b7fe },
-        { 0x4680772, 0x292e135, 0xa73f405, 0x6f6a2db, 0x24ea9e4, 0xca6add9,
-          0x268daaa, 0x81cfd61, 0xe6f147a, 0x7a4cb6c, 0xbded8f5, 0x8ec3454,
-          0x11d61cb, 0xc8a893b, 0x7656022, 0x2256ffc }
-    },
-    {
-        { 0x575cb78, 0x6b33271, 0xadcd23e, 0x560d305, 0xd6d834b, 0xeedbd3a,
-          0x5a31e27, 0x614a64a, 0x47ee0c8, 0xe40b476, 0x8bd7c2c, 0x8ef4ff6,
-          0x0b77727, 0xa5297fc, 0xbaf88ad, 0x8759208 },
-        { 0x918df68, 0x86cfe64, 0xcdd882e, 0x9d60a73, 0xb953014, 0x546b642,
-          0x8bbef55, 0xbaceae3, 0xf1c3467, 0xdf58e43, 0xe9f9bab, 0x99a83fe,
-          0x57a4a8b, 0xcd52cbf, 0x8ae36ec, 0xf744e96 }
-    },
-    {
-        { 0xa607124, 0xb945869, 0x440e6f6, 0x810dbe9, 0x738e381, 0x9911e60,
-          0x343b80b, 0x51df68c, 0xf7a3f39, 0xe424336, 0x989015c, 0x2d32acb,
-          0x31019e8, 0xa69b149, 0xec12f93, 0x8a31a38 },
-        { 0x97c916a, 0x0d0d369, 0x8885372, 0xdc95f3b, 0x3549040, 0xcf1a261,
-          0xabe95a2, 0x60f6f5e, 0xe141325, 0xa909e9f, 0x355c865, 0x7d598f2,
-          0x931a9c9, 0x70c6442, 0xb423850, 0x2354a85 }
-    },
-    {
-        { 0x97f9619, 0x4cdd224, 0xc22162e, 0x4776fff, 0x0cd31c2, 0xee5ec33,
-          0xf209bb8, 0x7c04c10, 0x579e211, 0x35bbfde, 0x15cdfc2, 0x0e38325,
-          0xe26ffa7, 0x657e6d3, 0xc65c604, 0xc66a7c3 },
-        { 0xb45e567, 0x322acd7, 0x296db9b, 0x1589cf0, 0xba1db73, 0x1fd0bd3,
-          0x9337a40, 0xe882610, 0xb3035c7, 0xf505a50, 0x6ed08d7, 0x4d5af06,
-          0x5eda400, 0xb3c376b, 0x1944748, 0x9c7b700 }
-    },
-    {
-        { 0x70c3716, 0xd768325, 0xdd540e0, 0xda62af0, 0x6580fea, 0x76b155d,
-          0x32b5464, 0x4f42acc, 0x3f5b72b, 0x881bb60, 0xe68b9ba, 0x09c130e,
-          0x5c50342, 0x37ede3b, 0xfd15e7d, 0xce61a9c },
-        { 0x72605d0, 0xfff1d85, 0x062abc2, 0x62ac2d3, 0xfbe43dd, 0xa85e02e,
-          0xa947020, 0x859d2ba, 0x111c20b, 0x2ebc8a9, 0xa656f66, 0x7f590a7,
-          0x16b21a6, 0x0e13843, 0x00c7db6, 0x29b30c5 }
-    },
-    {
-        { 0x906b8de, 0x61e55e2, 0x949974d, 0x6a97e96, 0x26eef67, 0x24b52b5,
-          0x1aa595a, 0x512f536, 0x3c48fcb, 0x81cc7b8, 0x28115ad, 0xa64af23,
-          0x3d44b8e, 0x9edf6f9, 0x1fe22e3, 0x68d7f7c },
-        { 0x520d151, 0x2b2116a, 0x6aa3efb, 0x66a0b7d, 0x9b0f791, 0x48ae70a,
-          0x037db88, 0xcf12174, 0x317d9f3, 0x36868cd, 0x22fc344, 0xb573059,
-          0x46a5d23, 0xbaa8526, 0x37fc10d, 0xad65691 }
-    },
-},
-{
-    {
-        { 0x12c78d5, 0xcf8e5f5, 0x805cdbd, 0xeb94d98, 0x2ab50b5, 0xad1dcdf,
-          0xf33cd31, 0xf33c136, 0x10aeff5, 0x0d6226b, 0xf2f8fc5, 0xf7ff493,
-          0xdf57165, 0x7e520d4, 0x05271a7, 0x41fbae5 },
-        { 0x76480ba, 0x72c8987, 0x25f4523, 0x2608359, 0x49f5f01, 0xed36b8d,
-          0xf3d49eb, 0x3bc1dce, 0x4940322, 0x30c1c1a, 0x7e0f731, 0x78c1cda,
-          0x6d05a31, 0x51f2dc8, 0x07f3522, 0x57b0aa8 }
-    },
-    {
-        { 0x71f88bc, 0x7ab628e, 0x8018f21, 0xcf585f3, 0x13d64f6, 0xdbbe3a4,
-          0xec493a5, 0x0f86df1, 0x7725de9, 0x8355e6c, 0xe00fe1e, 0x3954ffe,
-          0x9924e32, 0xbb8978f, 0x7812714, 0x1c19298 },
-        { 0xaabca8b, 0x7c4ce3e, 0x9bf7019, 0xf861eb5, 0x682e541, 0x31a84fc,
-          0xacd1b92, 0x2307ca9, 0x4bf2842, 0x6f8b6ce, 0xcb9f9a9, 0xde252ac,
-          0x93c46d1, 0x7f0611d, 0x751dc98, 0x8e2bd80 }
-    },
-    {
-        { 0xe27d54b, 0xf2fd8fb, 0xc248071, 0x2a1e37e, 0xab8f49a, 0x2fcc888,
-          0xc18a9e5, 0x42c62a3, 0x70b2446, 0xe302908, 0xc5ac55d, 0x90277fa,
-          0xd6dde41, 0x8d97d56, 0x5db04fe, 0xf4cf8a9 },
-        { 0xd30d077, 0x3e280f5, 0x3cb3293, 0x2c90307, 0x24eb0dd, 0xe0be2ac,
-          0x8bcb4f0, 0xa2d1a49, 0xcd0cd45, 0x16db466, 0x9a80232, 0x3b28aa7,
-          0x17b008e, 0xdd7e52f, 0x868e4da, 0x20685f2 }
-    },
-    {
-        { 0x7c7a486, 0x0a68c14, 0xc429633, 0xd8ef234, 0xffe7506, 0x470667b,
-          0x8828d51, 0x55a13c8, 0x2e44bef, 0x5f32741, 0x5929f92, 0x537d92a,
-          0x31c5cd5, 0x0a01d5b, 0x67eb3d7, 0xb77aa78 },
-        { 0x8b82e4d, 0x36ec45f, 0xb37b199, 0x6821da0, 0xd7fa94e, 0x8af37aa,
-          0x1085010, 0xf020642, 0x7e56851, 0x9b88678, 0x52948ce, 0x35f3944,
-          0xafc1361, 0x125c2ba, 0x453e332, 0x8a57d0e }
-    },
-    {
-        { 0x8043664, 0xefe9948, 0xdb1aa55, 0xb8b8509, 0x332523f, 0x1a2e5a9,
-          0x1045c0f, 0x5e255dd, 0x7ae7180, 0xe68dd8a, 0x45bf532, 0x55f1cf3,
-          0xe63a716, 0xe00722e, 0x6116bac, 0xd1c2138 },
-        { 0x1c6d1f4, 0x626221f, 0x3773278, 0x240b830, 0x88def16, 0xe393a0d,
-          0xca0495c, 0x229266e, 0xd3e4608, 0x7b5c6c9, 0x7927190, 0xdc559cb,
-          0xc7b3c57, 0x06afe42, 0xb439c9b, 0x8a2ad0b }
-    },
-    {
-        { 0xffc3e2f, 0xd7360fb, 0xfbd2e95, 0xf721317, 0x5748e69, 0x8cacbab,
-          0x9054bb9, 0x7c89f27, 0xaa86881, 0xcbe50fa, 0x75206e4, 0x7aa05d3,
-          0xc752c66, 0x1ea01bc, 0x1f2c2bc, 0x5968cde },
-        { 0x09a853e, 0x487c55f, 0xe09204b, 0x82cbef1, 0xabd8670, 0xad5c492,
-          0xf12dcb3, 0x7175963, 0xbf6aa06, 0x7a85762, 0xf8d5237, 0x02e5697,
-          0x37c6157, 0xccf7d19, 0xc2fd59c, 0x3b14ca6 }
-    },
-    {
-        { 0x1b9f77f, 0x5e610d8, 0x051b02f, 0x85876d0, 0xb8020dd, 0x5d81c63,
-          0xd6ce614, 0xd0b4116, 0xaa8bf0c, 0x91810e5, 0xcbf8c66, 0xf27f91f,
-          0x38480ae, 0x2e5dc5f, 0xbec7633, 0x0a13ffe },
-        { 0x2bf6af8, 0x61ff649, 0x641f827, 0xe6aef2d, 0x5de5f04, 0xad5708a,
-          0xcdfee20, 0xe5c3a80, 0x68fcfa2, 0x88466e2, 0xd6e1d7b, 0x8e5bb3a,
-          0xed236b8, 0xa514f06, 0xa5f5274, 0x51c9c7b }
-    },
-    {
-        { 0xf9bc3d8, 0xa19d228, 0x3381069, 0xf89c3f0, 0x5c3f379, 0xfee890e,
-          0x32fb857, 0x3d3ef3d, 0x5b418dd, 0x3998849, 0xc46e89a, 0x6786f73,
-          0x9e0f12f, 0x79691a5, 0x3bc022b, 0x76916bf },
-        { 0x2cd8a0a, 0xea073b6, 0x102fdbc, 0x1fbedd4, 0xcb9d015, 0x1888b14,
-          0x76655f7, 0x98f2cfd, 0x59f0494, 0xb9b5910, 0xe6986a3, 0xa3dbbe1,
-          0xeaf2b04, 0xef016a5, 0xcd2d876, 0xf671ba7 }
-    },
-},
-{
-    {
-        { 0x1ae05e9, 0x1dae3bf, 0x1f21fef, 0x6a02996, 0x7aec3c6, 0x95df2b9,
-          0xd83189b, 0x9abbc5a, 0x2d13140, 0xaf994af, 0x86aa406, 0xc3f8846,
-          0x75284c5, 0xcd77e50, 0x2a9a4d7, 0x1c1e13d },
-        { 0x744b89d, 0x7f8815d, 0x2ba673e, 0xb189133, 0xd594570, 0x55ea93c,
-          0xd61b041, 0x19c8a18, 0x8d2c580, 0x938ebaa, 0x05ba078, 0x9b4344d,
-          0x8eaf9b7, 0x622da43, 0x9fea368, 0x809b807 }
-    },
-    {
-        { 0xc33b7a2, 0x3780e51, 0x387b1c8, 0xd7a205c, 0x4be60e4, 0x79515f8,
-          0x1e18277, 0xde02a8b, 0xf0d9150, 0x4645c96, 0xe0b3fd1, 0x45f8acb,
-          0x9b53ac3, 0x5d532ba, 0xb0557c9, 0x7984dcd },
-        { 0x8a92f01, 0x5ae5ca6, 0x9d569ca, 0xd2fbb3c, 0x0c297c1, 0x668cc57,
-          0x6295e89, 0xa482943, 0xa33ad40, 0xf646bc1, 0xc3f425d, 0x066aaa4,
-          0xd005de2, 0x23434cd, 0xdb35af4, 0x5aca9e9 }
-    },
-    {
-        { 0x6877c56, 0x2bca35c, 0xf0ddd7d, 0xab864b4, 0x404f46c, 0x5f6aa74,
-          0x539c279, 0x72be164, 0xe0283cf, 0x1b1d73e, 0xad583d9, 0xe550f46,
-          0xe739ad1, 0x4ac6518, 0x8d42100, 0x6b6def7 },
-        { 0xfa8468d, 0x4d36b8c, 0x5a3d7b8, 0x2cb3773, 0x5016281, 0x577f86f,
-          0x9124733, 0xdb6fe5f, 0xe29e039, 0xacb6d2a, 0x580b8a1, 0x2ab8330,
-          0x643b2d0, 0x130a4ac, 0x5e6884e, 0xa7996e3 }
-    },
-    {
-        { 0x60a0aa8, 0x6fb6277, 0xcbe04f0, 0xe046843, 0xe6ad443, 0xc01d120,
-          0xabef2fc, 0xa42a05c, 0x12ff09c, 0x6b793f1, 0xa3e5854, 0x5734ea8,
-          0x775f0ad, 0xe482b36, 0xf864a34, 0x2f4f60d },
-        { 0x84f2449, 0xf521c58, 0x9186a71, 0x58734a9, 0xac5eacc, 0x157f5d5,
-          0x248ee61, 0x858d9a4, 0x48149c3, 0x0727e6d, 0xac9ec50, 0xd5c3eaa,
-          0x20ee9b5, 0xa63a64a, 0x87be9de, 0x3f0dfc4 }
-    },
-    {
-        { 0xb13e3f4, 0x836349d, 0x3e9316d, 0xebdd026, 0x324fd6c, 0x3fd61e8,
-          0x0964f41, 0x85dddfa, 0x52add1b, 0x06e72de, 0x8c4a9e2, 0xb752cff,
-          0xfdf09f7, 0x53b0894, 0x0bc24fd, 0xd5220ab },
-        { 0xfb1981a, 0x8442b35, 0x3edd701, 0xa733a37, 0xd0ef089, 0x42b60c3,
-          0x46e7bca, 0xa1b16ec, 0xa09aaf4, 0xc0df179, 0x638f3a1, 0xcd4f187,
-          0x9eab1c2, 0x9af64f7, 0xd1d78e3, 0x86fed79 }
-    },
-    {
-        { 0xfe29980, 0x42c8d86, 0x6575660, 0x6657b81, 0x80f92ca, 0x82d52c6,
-          0x02d42be, 0x8587af1, 0x6e8bdf0, 0xb515131, 0xc333495, 0x706e2d9,
-          0x9673064, 0xd53601a, 0x8219099, 0x27b1fbb },
-        { 0x705f7c8, 0x3f0929d, 0xf3d6e6f, 0xff40b10, 0x026af5c, 0x673c703,
-          0xe25a422, 0x2c1dce4, 0x3dad8b6, 0x5348bd7, 0xbe2c329, 0xc39b6b6,
-          0xb921084, 0x47854ff, 0xb391f20, 0xb347b8b }
-    },
-    {
-        { 0xeb9b774, 0x79fc841, 0xb4b6c1d, 0xf32da25, 0xfe492cb, 0xcbba76b,
-          0xd623903, 0x76c51fc, 0xcf0705a, 0x114cf6f, 0x7815daf, 0x6b72049,
-          0x473382e, 0x630b362, 0x9704db5, 0xbf40c3a },
-        { 0xc5456eb, 0xa8a9ddc, 0x72f2dc1, 0x2b4472a, 0xd6d6ef3, 0x9874444,
-          0xa0ba5ed, 0x27e8d85, 0x194849f, 0x5d225b4, 0xebaa40d, 0xe852cd6,
-          0x8d4bf3f, 0xb669c24, 0x2343991, 0xa8601eb }
-    },
-    {
-        { 0x59502d3, 0x8a04854, 0xe269a7b, 0xcab27ee, 0x4875ada, 0x4179307,
-          0xe2405f9, 0x179e685, 0x7b28963, 0x0d7b698, 0x422a43e, 0x80c9db8,
-          0xa0f43ee, 0xf5ff318, 0x4ba7aa7, 0x7a92805 },
-        { 0x0c0834e, 0xa5c79fe, 0x1f849ec, 0x837ca0d, 0x628ab7b, 0xfe0d7fa,
-          0x6edd19a, 0x94bcb95, 0x2226fbf, 0xa18bc93, 0xaad54a3, 0x2795379,
-          0x371129e, 0xceeacf8, 0xa588be5, 0x65ca57f }
-    },
-},
-{
-    {
-        { 0x2caa330, 0x7a578b5, 0xd8ca34a, 0x7c21944, 0x6447282, 0x6c0fbbb,
-          0xf90b2e5, 0xa8a9957, 0x6586b71, 0xbbe1066, 0x49138a2, 0x716a902,
-          0xe7ed66d, 0x2fa6034, 0x2b9916a, 0x56f77ed },
-        { 0xbddefb3, 0x69f1e26, 0x8c08420, 0xa497809, 0x09bc184, 0xc3377eb,
-          0xbe6dade, 0x796ce0c, 0xd103bbb, 0x3be0625, 0x992685c, 0x01be27c,
-          0x7755f9f, 0xc0e2559, 0x1c0dbfa, 0x165c40d }
-    },
-    {
-        { 0x659c761, 0xc63a397, 0x630fbad, 0x10a0e5b, 0x655ac56, 0xf21e8a6,
-          0xc1181e2, 0xe8580fa, 0x0a84b5c, 0xbfc2d9c, 0x7afd5d1, 0x2cdbaff,
-          0xf61e85a, 0x95f1182, 0x719eaf4, 0x1173e96 },
-        { 0xc6de8b9, 0xc06d55e, 0xafcbcaa, 0x1b4c8eb, 0xbc2bbcd, 0x52af5cb,
-          0x77bcd10, 0x564fab8, 0xae85a6e, 0xfd53a18, 0x94c712f, 0x2257859,
-          0x1352121, 0x29b11d7, 0xc40491a, 0xab1cb76 }
-    },
-    {
-        { 0xce32eb4, 0xb4e8ca8, 0xb250b49, 0x7e484ac, 0xa3e31a2, 0x062c6f7,
-          0x625d1fc, 0x497fd83, 0x362dda7, 0x98f821c, 0x6be3111, 0xcae1f8f,
-          0x5d4fa42, 0x9077e95, 0xa65855a, 0xa589971 },
-        { 0x28832a9, 0xda6321d, 0x3936e9e, 0xf9ef5dc, 0xc9797ef, 0xa37f117,
-          0xdb581be, 0x0eb3c80, 0xbaa0002, 0x207c5c4, 0xf38faa0, 0xc0401b5,
-          0xd0f1e6e, 0xceee523, 0xd1f0045, 0x8d27a5f }
-    },
-    {
-        { 0xcf0af29, 0x9411063, 0x89a6693, 0x3043857, 0x640145e, 0x9a9fb8f,
-          0x54832eb, 0x7d82fe9, 0x898c520, 0xf2789e1, 0xf948dc0, 0x448b402,
-          0x68996dd, 0xeca8fdf, 0xa149b2f, 0x22227e9 },
-        { 0x8e62d6a, 0x63509ff, 0x8c9c57f, 0xe98d81c, 0x1fe3bed, 0xd387407,
-          0x539538f, 0xf1db013, 0x48418ce, 0xb04092e, 0xd6d9d4d, 0xbbf8e76,
-          0x2cec5ae, 0x2ea9cda, 0x5078fa9, 0x8414b3e }
-    },
-    {
-        { 0xd68a073, 0x5ad1cdb, 0xc18b591, 0xd4cedaf, 0x8e4c1c9, 0x7826707,
-          0x9ca302a, 0x9b8d920, 0x326115b, 0x3101bd2, 0x4c2717a, 0x6f154b5,
-          0x263e84b, 0x618c31b, 0xbbd6942, 0x12c4138 },
-        { 0x80da426, 0xf9ead25, 0x47d9680, 0xe748e99, 0x8a4210e, 0x9b396a3,
-          0xf4b8f72, 0xfaf03dd, 0x66159e7, 0xbd94a52, 0x1d4c7cb, 0x5e73049,
-          0x7910f38, 0x31d1f9a, 0x08d6dd1, 0x4fd10ca }
-    },
-    {
-        { 0x9f2331e, 0x4f510ac, 0x7e3dcc2, 0xee872dc, 0xa0a0c73, 0x4a11a32,
-          0xaa5a630, 0x27e5803, 0x7af4a8a, 0xe5ae503, 0x9fffeb0, 0x2dcdeba,
-          0x719d91f, 0x8c27748, 0xb9cc61c, 0xd3b5b62 },
-        { 0xcca7939, 0x998ac90, 0x64514e5, 0xc22b598, 0xb35738a, 0x950aaa1,
-          0xdab0264, 0x4b208bb, 0xa557d2e, 0x6677931, 0xf7c17d3, 0x2c696d8,
-          0x3e15c51, 0x1672d4a, 0x3db0e82, 0x95fab66 }
-    },
-    {
-        { 0x6ff205e, 0x3d42734, 0x0ea9fbe, 0x7f187d9, 0x466b2af, 0xbd9367f,
-          0x03daf2f, 0x188e532, 0x27b54d8, 0xefe1329, 0xef70435, 0x14faf85,
-          0x1ec95c4, 0xa506128, 0xc22cba7, 0xad01705 },
-        { 0x6197333, 0x7d2dfa6, 0x8b4f6ed, 0xedd7f07, 0x75df105, 0xe0cb685,
-          0x80f76bc, 0x47c9ddb, 0x9073c54, 0x49ab531, 0xe607f44, 0x845255a,
-          0xcc74b7c, 0x0b4ed9f, 0x0f5c3a6, 0xcfb52d5 }
-    },
-    {
-        { 0xc278776, 0x545c7c6, 0x98c30f0, 0x92a39ae, 0xd2f4680, 0x8aa8c01,
-          0x6b7f840, 0xa5409ed, 0xdcb24e7, 0x0c450ac, 0xc5770d9, 0x5da6fb2,
-          0x8658333, 0x5b8e8be, 0x67ea4ad, 0xb26bf4a },
-        { 0xc7d91fa, 0x2e30c81, 0x0eeb69f, 0x6e50a49, 0xee4bc26, 0x9458c2b,
-          0x33be250, 0x419acf2, 0x87881ab, 0x79d6f81, 0x403b1be, 0x694565d,
-          0x234fe1d, 0x34b3990, 0x2132b38, 0x60997d7 }
-    },
-},
-{
-    {
-        { 0x26975dc, 0x00a9741, 0x6cf94e7, 0x42161c4, 0xc64ed99, 0xcc9fe4b,
-          0x4680570, 0x020019a, 0x698da0d, 0x885595a, 0x77dd962, 0x008444b,
-          0xa4fea0e, 0xbf3c22d, 0x2c81245, 0xc463048 },
-        { 0x793ab18, 0xcb248c5, 0xeb4320b, 0x4dc7a20, 0x1572b7d, 0x9a0906f,
-          0xf9ac20f, 0xd5b3019, 0x34520a3, 0x79b1bf5, 0x69b5322, 0x788dfe8,
-          0x455b7e2, 0x9a05298, 0x016bca9, 0x2f4aecb }
-    },
-    {
-        { 0x8745618, 0x414d379, 0xb7c983c, 0x64ba22e, 0x9f9d532, 0x9a5d19f,
-          0x44a80c8, 0x81a00d8, 0xcae98d6, 0xb9e24f5, 0xaca965a, 0x6c3769c,
-          0xf6e4e6d, 0x50d6081, 0x54422a6, 0x0d96980 },
-        { 0x5cdd790, 0xbd7e792, 0x6a35219, 0xcff65da, 0x8b60ebe, 0x40dc363,
-          0x92a50dc, 0x84bee74, 0x15ad65e, 0x57d4be4, 0x1a6d1d3, 0xc54256b,
-          0x45717cc, 0x141c649, 0xcd1c736, 0x05eb609 }
-    },
-    {
-        { 0x1e3c7ec, 0xfd52eab, 0x9f24895, 0xa4a5eca, 0x79fdb83, 0xaaa2a8d,
-          0x72bdfda, 0xd105e60, 0x681d97e, 0x59e6ae2, 0x8e8077f, 0xfedf8e0,
-          0x629e462, 0xb06d0ad, 0x96fa863, 0x8c7c2d0 },
-        { 0xee8fc91, 0x5eecc4c, 0x9e61174, 0x5e83ab2, 0xb28c02d, 0x1fd8925,
-          0x2072864, 0x93be538, 0x24c984e, 0xda0c886, 0xa008286, 0xdcf9f0c,
-          0xa58ba75, 0x1ecb5a6, 0xc2e3c83, 0x1d9b890 }
-    },
-    {
-        { 0xeeee062, 0x19e866e, 0x4f7b387, 0x31c1c7f, 0x1c06652, 0x9be6018,
-          0x2b68bbb, 0xc00a93a, 0x9d52b2b, 0x54c65d6, 0xe8b744a, 0x4591416,
-          0x9a64ab6, 0x641bcca, 0xab08098, 0xf22bcb1 },
-        { 0xf1f726c, 0x3c0db8f, 0x9d2e6a6, 0x4f5739e, 0x45c9530, 0x5cb669b,
-          0x7b472d0, 0x861b04e, 0x894da77, 0x3e30515, 0xc9ac39b, 0x3344685,
-          0x73bdd29, 0x9e17305, 0x808dc85, 0x9cac12c }
-    },
-    {
-        { 0x5e27087, 0xf152b86, 0x90a580e, 0x267bd85, 0x8baafc1, 0xba79cec,
-          0x9442686, 0x6140ab1, 0x5b31693, 0xa67090c, 0x28b4117, 0x50a103a,
-          0x0ddc08f, 0x7722e61, 0xe6569b2, 0x5d19d43 },
-        { 0x5962bf6, 0x70e0c52, 0xfb5fb02, 0x808e316, 0x5b667be, 0x3fb80da,
-          0xfcfacec, 0x8aa366e, 0x134280e, 0xcb0b3e7, 0xcd7d944, 0x0bf1de4,
-          0xd092df5, 0x0cd23be, 0xa153a0c, 0xc9a6a79 }
-    },
-    {
-        { 0x2d5a4b7, 0x1c69ad0, 0xd9e6f4a, 0x4bb28d0, 0xa984fc6, 0x815308c,
-          0x9037ca5, 0x40929c7, 0x1bd0357, 0x0ea2b49, 0x42aad4e, 0xec17e5b,
-          0x18e7235, 0x1f32ade, 0xa96a9d3, 0xbc60b05 },
-        { 0xe20f707, 0x3b0229a, 0x56bdfad, 0xd635050, 0xd8b2e1e, 0xac2d922,
-          0x235c748, 0x92b2998, 0xd766f97, 0x6002c3a, 0x1a2a862, 0x9919800,
-          0xb58b684, 0x2af7567, 0xaaafce5, 0xd8fe707 }
-    },
-    {
-        { 0x5df7a4b, 0x54487ab, 0xc57ccc2, 0x51cccde, 0x7510b53, 0x2394327,
-          0xf555de3, 0x3a09f02, 0x1be484d, 0xa696aec, 0x37817a2, 0x56f459f,
-          0x623dcb4, 0x8d8f61c, 0x5335656, 0xc52223c },
-        { 0xb49914a, 0xf634111, 0x8e4f9bb, 0xbf8e1ab, 0xf4dba02, 0x2f59578,
-          0xe004319, 0x2a94199, 0x654d005, 0x87931f0, 0x6fa0814, 0x7df57d9,
-          0xa154031, 0xc8da316, 0x41f658b, 0x2a44ac0 }
-    },
-    {
-        { 0x9e34ac6, 0xfb5f4f8, 0x97790f2, 0x0a1b10b, 0x4b8a06c, 0x58fe4e7,
-          0x955f27c, 0x10c1710, 0xd5ebe19, 0x77b798a, 0x1f1c2dc, 0xaf1c35b,
-          0xa1f8d69, 0xc25b8e6, 0xf76bf23, 0x49cf751 },
-        { 0x436f7b7, 0x15cb2db, 0x7e74d1a, 0x186d7c2, 0xc00a415, 0x60731de,
-          0x15f0772, 0xea1e156, 0x714463f, 0xf02d591, 0x51adeb1, 0x26a0c64,
-          0xcc5229e, 0x20174cd, 0xefd512a, 0xb817e50 }
-    },
-},
-};
-
-static const ge448_precomp base_i[16] = {
-    {
-        { 0x70cc05e, 0x26a82bc, 0x0938e26, 0x80e18b0, 0x511433b, 0xf72ab66,
-          0x412ae1a, 0xa3d3a46, 0xa6de324, 0x0f1767e, 0x4657047, 0x36da9e1,
-          0x5a622bf, 0xed221d1, 0x66bed0d, 0x4f1970c },
-        { 0x230fa14, 0x08795bf, 0x7c8ad98, 0x132c4ed, 0x9c4fdbd, 0x1ce67c3,
-          0x73ad3ff, 0x05a0c2d, 0x7789c1e, 0xa398408, 0xa73736c, 0xc7624be,
-          0x03756c9, 0x2488762, 0x16eb6bc, 0x693f467 }
-    },
-    {
-        { 0x6ff2f8f, 0x2817328, 0xda85757, 0xb769465, 0xfd6e862, 0xf7f6271,
-          0x8daa9cb, 0x4a3fcfe, 0x2ba077a, 0xda82c7e, 0x41b8b8c, 0x9433322,
-          0x4316cb6, 0x6455bd6, 0xb9108af, 0x0865886 },
-        { 0x88ed6fc, 0x22ac135, 0x02dafb8, 0x9a68fed, 0x7f0bffa, 0x1bdb676,
-          0x8bb3a33, 0xec4e1d5, 0xce43c82, 0x56c3b9f, 0xa8d9523, 0xa6449a4,
-          0xa7ad43a, 0xf706cbd, 0xbd5125c, 0xe005a8d }
-    },
-    {
-        { 0x2030034, 0xa99d109, 0x6f950d0, 0x2d8cefc, 0xc96f07b, 0x7a920c3,
-          0x08bc0d5, 0x9588128, 0x6d761e8, 0x62ada75, 0xbcf7285, 0x0def80c,
-          0x01eedb5, 0x0e2ba76, 0x5a48dcb, 0x7a9f933 },
-        { 0x2f435eb, 0xb473147, 0xf225443, 0x5512881, 0x33c5840, 0xee59d2b,
-          0x127d7a4, 0xb698017, 0x86551f7, 0xb18fced, 0xca1823a, 0x0ade260,
-          0xce4fd58, 0xd3b9109, 0xa2517ed, 0xadfd751 }
-    },
-    {
-        { 0xeb5eaf7, 0xdf9567c, 0x78ac7d7, 0x110a6b4, 0x4706e0b, 0x2d33501,
-          0x0b5a209, 0x0df9c7b, 0x568e684, 0xba4223d, 0x8c3719b, 0xd78af2d,
-          0xa5291b6, 0x77467b9, 0x5c89bef, 0x079748e },
-        { 0xdac377f, 0xe20d3fa, 0x72b5c09, 0x34e8669, 0xc40bbb7, 0xd8687a3,
-          0xd2f84c9, 0x7b3946f, 0xa78f50e, 0xd00e40c, 0x17e7179, 0xb875944,
-          0xcb23583, 0x9c7373b, 0xc90fd69, 0x7ddeda3 }
-    },
-    {
-        { 0x6ab686b, 0x3d0def7, 0x49f7c79, 0x1a467ec, 0xc8989ed, 0x3e53f4f,
-          0x430a0d9, 0x101e344, 0x8ad44ee, 0xa3ae731, 0xae1d134, 0xaefa6cd,
-          0x824ad4d, 0xaa8cd7d, 0xed584fc, 0xef1650c },
-        { 0x4f4754f, 0xa74df67, 0xef3fb8b, 0xf52cea8, 0x2971140, 0x47c32d4,
-          0xa256fbb, 0x391c15d, 0xa605671, 0xc165fab, 0x87993b9, 0xf2518c6,
-          0xbd5a84d, 0x2daf7ac, 0x98f12ae, 0x1560b62 }
-    },
-    {
-        { 0x54dc10a, 0xef4da02, 0x5940db8, 0x6311865, 0x82f2948, 0xe20b149,
-          0x5581dba, 0x67b9377, 0x04f5029, 0x422ee71, 0x5122d34, 0x5d440db,
-          0x1a4c640, 0xb1e56d7, 0xc2408ee, 0xbf12abb },
-        { 0x016af01, 0x0cc9f86, 0xf3d8cab, 0x88366ab, 0xa2efe12, 0x85dda13,
-          0x5d00674, 0x390df60, 0x6d187f7, 0xf18f580, 0xf0c5d20, 0x28c900f,
-          0x3e01733, 0xad30812, 0x54bf2fd, 0x42d35b5 }
-    },
-    {
-        { 0x2ffb1f1, 0x009135f, 0x8f9c605, 0x099fc7e, 0x26bfa5a, 0xcc67da6,
-          0x344552b, 0xc186d12, 0x1b339e1, 0xb523250, 0xc9708c5, 0x70a544f,
-          0x1e928e7, 0x06baaec, 0xef0f50f, 0x0baedd2 },
-        { 0xbf479e5, 0x535d6d8, 0xe4ec3e9, 0x156e536, 0xddb9be2, 0x3165741,
-          0x59fd736, 0x988af71, 0x2e33ddd, 0x13d8a78, 0x4e69002, 0x5460421,
-          0x804a268, 0x34d56e0, 0x0e52a4c, 0xc59b84f }
-    },
-    {
-        { 0x24729d9, 0x525d45f, 0x8712327, 0x5768aba, 0x43035db, 0xa25e43b,
-          0x927ef21, 0x15a1ee8, 0x6056112, 0xa785d21, 0xd508af9, 0x45e2fbf,
-          0x37ba969, 0xb6f721a, 0x216d8d3, 0x30d6d8c },
-        { 0x52074c3, 0x3065e08, 0x2a0684e, 0xfa40b4a, 0x763f955, 0x851325a,
-          0x9f25900, 0xd4ef19c, 0xf665756, 0x799c869, 0x3312990, 0x7b05222,
-          0x28db802, 0xc986c2b, 0x28ade0a, 0xf48fb8f }
-    },
-    {
-        { 0x1649b68, 0x1e46173, 0x5beb9dc, 0xa96e5d6, 0x481935d, 0x765ddff,
-          0x9f3bf2a, 0x6cf132c, 0x7c35658, 0x9f6c5c9, 0x4696e60, 0x99cd139,
-          0x9c0d5e4, 0x99fa924, 0x8845a95, 0x1acd063 },
-        { 0x3636087, 0x0b06541, 0xea17b7f, 0xea20e78, 0x6161967, 0x20afc5f,
-          0xdc81028, 0xfd6c8a2, 0xe32c8fd, 0x4ef1357, 0x00e4a88, 0x8aa4004,
-          0x48cb82f, 0xd6fcaef, 0xb3cd4fa, 0x7ba7c6d }
-    },
-    {
-        { 0xd19c7ab, 0xf843473, 0xc655c4d, 0x968e76d, 0xc4b9c2f, 0x52c87d9,
-          0xe4aa082, 0x65f641a, 0x33c3603, 0x491a397, 0x5810098, 0xa606ffe,
-          0x8bf8ad4, 0x09920e6, 0x6db7882, 0x691a0c8 },
-        { 0xa4d3ef5, 0x5205883, 0xacf2efe, 0xee839b7, 0xc00ca66, 0x4b78e2a,
-          0xf9fcb91, 0xbe3f071, 0xbf6943a, 0x61e66c9, 0x061b79d, 0xe9b4e57,
-          0x56c06bd, 0x8d1b01b, 0xdf76ae5, 0x0dfa315 }
-    },
-    {
-        { 0xf1fd093, 0x803df65, 0x489b77e, 0x1cd6523, 0xc20e295, 0x2cd2e15,
-          0x9b912d1, 0xcd490be, 0x2e886d2, 0xdd9a2ff, 0xfe9d72a, 0xa3c836d,
-          0x298e0c1, 0xfcad5f2, 0x4bcf067, 0xed126e2 },
-        { 0x3dc81bc, 0x1e33953, 0xece6a08, 0xbea4d76, 0x991b252, 0x1d15de3,
-          0xe6daf97, 0x74cc5cf, 0x0826493, 0x5ad343f, 0x1064049, 0x2d38a47,
-          0xffcfa4d, 0xf7f47b9, 0x418066c, 0xef14490 }
-    },
-    {
-        { 0x9bb55ab, 0x4e7f86b, 0x3f496a3, 0x310d785, 0x0dec42c, 0xbd682fc,
-          0x411d32a, 0xbde047a, 0xc5a5ea2, 0xea639b4, 0xba08fa1, 0x5052078,
-          0x07729f2, 0xc968b23, 0x23d3e28, 0x567b5a6 },
-        { 0x977fbf7, 0x171e825, 0xbe990aa, 0x0319c70, 0xe12cd69, 0x8f65023,
-          0xf5015e6, 0x1fb9b19, 0x3568a7c, 0x0083f60, 0x1f3c5ac, 0xba3d30b,
-          0x3d7a988, 0xe7b509d, 0xcd0f6b6, 0x2318b99 }
-    },
-    {
-        { 0x93ab2cf, 0x54d3b87, 0xd2d8306, 0x366abea, 0xd7a4977, 0x66e8eb6,
-          0xae0072e, 0xa61888c, 0xdbc3315, 0x9eeeef5, 0x163e7f5, 0x93f09db,
-          0x59ade9a, 0xee90959, 0xce59be0, 0xaf7f578 },
-        { 0x5ece59e, 0x24bfd8d, 0x3689523, 0x8aa698b, 0x2de92cf, 0xa9a65de,
-          0xa6ad300, 0xec11dbc, 0x09f88ca, 0x217f3fa, 0xb4d6af7, 0xf6c33e3,
-          0x1d86d2d, 0xcd3bfa2, 0x5f13f25, 0x1497f83 }
-    },
-    {
-        { 0xcd03d1d, 0xa579568, 0xe158af6, 0xd717cda, 0x389a19f, 0x59eda97,
-          0x099e99c, 0xb32c370, 0xdabb591, 0xa2dba91, 0x77c2c97, 0x6d697d5,
-          0xd43fa6d, 0x5423fc2, 0x0b382bf, 0x56ea8a5 },
-        { 0xd80c11a, 0x4a987ba, 0x7d590a5, 0xe4cde21, 0xf97e559, 0x3dd8860,
-          0x43b593c, 0xff45e25, 0x5343cb5, 0x00eb453, 0x7bbfbdd, 0x06b9b99,
-          0x16aea24, 0x4da36b7, 0x57a624e, 0x2476517 }
-    },
-    {
-        { 0x3474e0d, 0x32207d0, 0xb41cc73, 0x3ffbf04, 0x319eb39, 0x5c4dc45,
-          0x758b463, 0xfee29be, 0xc30c7a7, 0xcc8a381, 0x9fe0e53, 0x147f4e4,
-          0xe35a2de, 0x05b2e26, 0x92f3666, 0x4362f02 },
-        { 0x8474b85, 0x0476d0c, 0xccaf108, 0x9d8c65f, 0x1d54b6a, 0xf58d404,
-          0xf38e4b0, 0x3ee6862, 0x3b44f54, 0x7c7c9d5, 0x0fb0db5, 0x36a3fd8,
-          0x18a8ac8, 0xfcd94ba, 0x8f35c05, 0xc1b1d56 }
-    },
-    {
-        { 0x1bdd30d, 0x16539fc, 0x8df4afb, 0x1356e53, 0x5a1aedb, 0xc0545d8,
-          0x489396b, 0xeb2037a, 0x5660894, 0x897fcbd, 0xb7d104a, 0x02a58a9,
-          0xc96b980, 0x57fa24c, 0x5bd8946, 0xf6448e3 },
-        { 0x8805c83, 0xee72741, 0x992cfc6, 0x10fa274, 0x9e66b21, 0x9514193,
-          0xbd08009, 0xe0ffa44, 0x20da22b, 0x1743322, 0x59e6831, 0x4891ff3,
-          0xa7d687b, 0x407ed73, 0x51d99cf, 0x2fb4e07 }
-    },
-};
-#endif
-
-/* Set the 0 point.
- *
- * p  [in]  Point to set to 0.
- */
-static WC_INLINE void ge448_0(ge448_p2 *p)
-{
-    fe448_0(p->X);
-    fe448_1(p->Y);
-    fe448_1(p->Z);
-}
-
-/* Set the precompute point to 0.
- *
- * p  [in]  Precompute point to set.
- */
-static void ge448_precomp_0(ge448_precomp *p)
-{
-    fe448_0(p->x);
-    fe448_1(p->y);
-}
-
-/* Double the point on the Twisted Edwards curve. r = 2.p
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to double.
- */
-static WC_INLINE void ge448_dbl(ge448_p2 *r,const ge448_p2 *p)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-
-    fe448_add(t0, p->X, p->Y);    /* t0 = B1 = X1+Y1     */
-    fe448_reduce(t0);
-    fe448_sqr(t0, t0);            /* t0 = B = (X1+Y1)^2  */
-    fe448_sqr(r->X, p->X);        /* r->X = C = X1^2     */
-    fe448_sqr(r->Y, p->Y);        /* r->Y = D = Y1^2     */
-    fe448_add(t1, r->X, r->Y);    /* t1 = E = C+D        */
-    fe448_reduce(t1);
-    fe448_sub(r->Y, r->X, r->Y);  /* r->Y = Y31 = C-D    */
-    fe448_sqr(r->Z, p->Z);        /* r->Z = H = Z1^2     */
-    fe448_add(r->Z, r->Z, r->Z);  /* r->Z = J1 = 2*H     */
-    fe448_sub(r->Z, t1, r->Z);    /* r->Z = J = E-2*H    */
-    fe448_reduce(r->Z);
-    fe448_sub(r->X, t0, t1);      /* r->X = X31 = B-E    */
-    fe448_mul(r->X, r->X, r->Z);  /* r->X = X3 = (B-E)*J */
-    fe448_mul(r->Y, r->Y, t1);    /* r->Y = Y3 = E*(C-D) */
-    fe448_mul(r->Z, t1, r->Z);    /* r->Z = Z3 = E*J     */
-}
-
-/* Add two point on the Twisted Edwards curve. r = p + q
- * Second point has z-ordinate of 1.
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to add.
- * q  [in]  Point to add.
- */
-static WC_INLINE void ge448_madd(ge448_p2 *r, const ge448_p2 *p,
-                                 const ge448_precomp *q)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-    ge448 t2[GE448_WORDS];
-    ge448 t3[GE448_WORDS];
-    ge448 t4[GE448_WORDS];
-
-                                    /* p->Z = A                   */
-    fe448_mul(t1, p->X, q->x);      /* t1 = C = X1*X2             */
-    fe448_mul(t2, p->Y, q->y);      /* t2 = D = Y1*Y2             */
-    fe448_mul(t3, t1, t2);          /* t3 = E1 = C*D              */
-    fe448_mul39081(t3, t3);         /* t3 = E = d*C*D             */
-    fe448_sqr(t0, p->Z);            /* t0 = B = A^2               */
-    fe448_add(t4, t0, t3);          /* t4 = F = B-(-E)            */
-    fe448_sub(t0, t0, t3);          /* t0 = G = B+(-E)            */
-    fe448_reduce(t0);
-    fe448_add(r->X, p->X, p->Y);    /* r->X = H1 = X1+Y1          */
-    fe448_reduce(r->X);
-    fe448_add(r->Y, q->x, q->y);    /* r->Y = H2 = X2+Y2          */
-    fe448_reduce(r->Y);
-    fe448_mul(r->X, r->X, r->Y);    /* r->X = H = (X1+Y1)*(X2+Y2) */
-    fe448_sub(r->X, r->X, t1);      /* r->X = X31 = H-C           */
-    fe448_sub(r->X, r->X, t2);      /* r->X = X32 = H-C-D         */
-    fe448_reduce(r->X);
-    fe448_mul(r->X, r->X, t4);      /* r->X = X33 = F*(H-C-D)     */
-    fe448_mul(r->X, r->X, p->Z);    /* r->X = X3 = A*F*(H-C-D)    */
-    fe448_sub(r->Y, t2, t1);        /* r->Y = Y31 = D-C           */
-    fe448_reduce(r->Y);
-    fe448_mul(r->Y, r->Y, t0);      /* r->Y = Y32 = G*(D-C)       */
-    fe448_mul(r->Y, r->Y, p->Z);    /* r->Y = Y3 = A*F*(D-C)      */
-    fe448_mul(r->Z, t4, t0);        /* r->Z = Z3 = F*G            */
-}
-
-/* Subtract one point from another on the Twisted Edwards curve. r = p - q
- * Second point has z-ordinate of 1.
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to subtract from.
- * q  [in]  Point to subtract.
- */
-static WC_INLINE void ge448_msub(ge448_p2 *r, const ge448_p2 *p,
-                                 const ge448_precomp *q)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-    ge448 t2[GE448_WORDS];
-    ge448 t3[GE448_WORDS];
-    ge448 t4[GE448_WORDS];
-
-                                    /* p->Z = A                   */
-    fe448_sqr(t0, p->Z);            /* t0 = B = A^2               */
-    fe448_mul(t1, p->X, q->x);      /* t1 = C = X1*X2             */
-    fe448_mul(t2, p->Y, q->y);      /* t2 = D = Y1*Y2             */
-    fe448_mul(t3, t1, t2);          /* t3 = E1 = C*D              */
-    fe448_mul39081(t3, t3);         /* t3 = E = d*C*D             */
-    fe448_sub(t4, t0, t3);          /* t4 = F = B-(--E)           */
-    fe448_add(t0, t0, t3);          /* t0 = G = B+(--E)           */
-    fe448_reduce(t0);
-    fe448_add(r->X, p->X, p->Y);    /* r->X = H1 = X1+Y1          */
-    fe448_reduce(r->X);
-    fe448_sub(r->Y, q->y, q->x);    /* r->Y = H2 = Y2+(-X2)       */
-    fe448_reduce(r->Y);
-    fe448_mul(r->X, r->X, r->Y);    /* r->X = H = (X1+Y1)*(X2+Y2) */
-    fe448_add(r->X, r->X, t1);      /* r->X = X31 = H-(-C)        */
-    fe448_sub(r->X, r->X, t2);      /* r->X = X32 = H-(-C)-D      */
-    fe448_reduce(r->X);
-    fe448_mul(r->X, r->X, t4);      /* r->X = X33 = F*(H-C-D)     */
-    fe448_mul(r->X, r->X, p->Z);    /* r->X = X3 = A*F*(H-C-D)    */
-    fe448_add(r->Y, t2, t1);        /* r->Y = Y31 = D-C           */
-    fe448_reduce(r->Y);
-    fe448_mul(r->Y, r->Y, t0);      /* r->Y = Y32 = G*(D-C)       */
-    fe448_mul(r->Y, r->Y, p->Z);    /* r->Y = Y3 = A*F*(D-C)      */
-    fe448_mul(r->Z, t4, t0);        /* r->Z = Z3 = F*G            */
-}
-
-/* Add two point on the Twisted Edwards curve. r = p + q
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to add.
- * q  [in]  Point to add.
- */
-static WC_INLINE void ge448_add(ge448_p2* r, const ge448_p2* p,
-                                const ge448_p2* q)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-    ge448 t2[GE448_WORDS];
-    ge448 t3[GE448_WORDS];
-    ge448 t4[GE448_WORDS];
-
-    fe448_mul(t1, p->X, q->X);      /* t1 = C = X1*X2             */
-    fe448_mul(t2, p->Y, q->Y);      /* t2 = D = Y1*Y2             */
-    fe448_mul(t3, t1, t2);          /* t3 = E1 = C*D              */
-    fe448_mul39081(t3, t3);         /* t3 = E = d*C*D             */
-    fe448_mul(r->Z, p->Z, q->Z);    /* r->Z = A = Z1*Z2           */
-    fe448_sqr(t0, r->Z);            /* t0 = B = A^2               */
-    fe448_add(t4, t0, t3);          /* t4 = F = B-(-E)            */
-    fe448_sub(t0, t0, t3);          /* t0 = G = B+(-E)            */
-    fe448_reduce(t0);
-    fe448_add(r->X, p->X, p->Y);    /* r->X = H1 = X1+Y1          */
-    fe448_reduce(r->X);
-    fe448_add(r->Y, q->X, q->Y);    /* r->Y = H2 = X2+Y2          */
-    fe448_reduce(r->Y);
-    fe448_mul(r->X, r->X, r->Y);    /* r->X = H = (X1+Y1)*(X2+Y2) */
-    fe448_sub(r->X, r->X, t1);      /* r->X = X31 = H-C           */
-    fe448_sub(r->X, r->X, t2);      /* r->X = X32 = H-C-D         */
-    fe448_reduce(r->X);
-    fe448_mul(r->X, r->X, t4);      /* r->X = X33 = F*(H-C-D)     */
-    fe448_mul(r->X, r->X, r->Z);    /* r->X = X3 = A*F*(H-C-D)    */
-    fe448_sub(r->Y, t2, t1);        /* r->Y = Y31 = D-C           */
-    fe448_reduce(r->Y);
-    fe448_mul(r->Y, r->Y, t0);      /* r->Y = Y32 = G*(D-C)       */
-    fe448_mul(r->Y, r->Y, r->Z);    /* r->Y = Y3 = A*F*(D-C)      */
-    fe448_mul(r->Z, t4, t0);        /* r->Z = Z3 = F*G            */
-}
-
-/* Subtract one point from another on the Twisted Edwards curve. r = p - q
- *
- * r  [in]  Point to hold result.
- * p  [in]  Point to subtract from.
- * q  [in]  Point to subtract.
- */
-static WC_INLINE void ge448_sub(ge448_p2 *r, const ge448_p2 *p,
-                                const ge448_p2 *q)
-{
-    ge448 t0[GE448_WORDS];
-    ge448 t1[GE448_WORDS];
-    ge448 t2[GE448_WORDS];
-    ge448 t3[GE448_WORDS];
-    ge448 t4[GE448_WORDS];
-
-    fe448_mul(t1, p->X, q->X);      /* t1 = C = X1*X2             */
-    fe448_mul(t2, p->Y, q->Y);      /* t2 = D = Y1*Y2             */
-    fe448_mul(t3, t1, t2);          /* t3 = E1 = C*D              */
-    fe448_mul39081(t3, t3);         /* t3 = E = d*C*D             */
-    fe448_mul(r->Z, p->Z, q->Z);    /* r->Z = A = Z1*Z2           */
-    fe448_sqr(t0, p->Z);            /* t0 = B = A^2               */
-    fe448_sub(t4, t0, t3);          /* t4 = F = B-(--E)           */
-    fe448_add(t0, t0, t3);          /* t0 = G = B+(--E)           */
-    fe448_reduce(t0);
-    fe448_add(r->X, p->X, p->Y);    /* r->X = H1 = X1+Y1          */
-    fe448_reduce(r->X);
-    fe448_sub(r->Y, q->Y, q->X);    /* r->Y = H2 = Y2+(-X2)       */
-    fe448_reduce(r->Y);
-    fe448_mul(r->X, r->X, r->Y);    /* r->X = H = (X1+Y1)*(X2+Y2) */
-    fe448_add(r->X, r->X, t1);      /* r->X = X31 = H-(-C)        */
-    fe448_sub(r->X, r->X, t2);      /* r->X = X32 = H-(-C)-D      */
-    fe448_reduce(r->X);
-    fe448_mul(r->X, r->X, t4);      /* r->X = X33 = F*(H-C-D)     */
-    fe448_mul(r->X, r->X, r->Z);    /* r->X = X3 = A*F*(H-C-D)    */
-    fe448_add(r->Y, t2, t1);        /* r->Y = Y31 = D-C           */
-    fe448_reduce(r->Y);
-    fe448_mul(r->Y, r->Y, t0);      /* r->Y = Y32 = G*(D-C)       */
-    fe448_mul(r->Y, r->Y, r->Z);    /* r->Y = Y3 = A*F*(D-C)      */
-    fe448_mul(r->Z, t4, t0);        /* r->Z = Z3 = F*G            */
-}
-
-/* Convert point to byte array assuming projective ordinates.
- *
- * b  [in]  Array of bytes to hold compressed point.
- * p  [in]  Point to convert.
- */
-void ge448_to_bytes(byte *b, const ge448_p2 *p)
-{
-    ge448 recip[GE448_WORDS];
-    ge448 x[GE448_WORDS];
-    ge448 y[GE448_WORDS];
-
-    fe448_invert(recip, p->Z);
-    fe448_mul(x, p->X, recip);
-    fe448_mul(y, p->Y, recip);
-    fe448_to_bytes(b, y);
-    b[56] = (byte)((byte)fe448_isnegative(x) << 7);
-}
-
-/* Convert point to byte array assuming z is 1.
- *
- * b  [in]  Array of bytes to hold compressed point.
- * p  [in]  Point to convert.
- */
-static void ge448_p2z1_to_bytes(byte *b, const ge448_p2 *p)
-{
-    fe448_to_bytes(b, p->Y);
-    b[56] = (byte)((byte)fe448_isnegative(p->X) << 7);
-}
-
-/* Compress the point to y-ordinate and negative bit.
- *
- * out    [in]  Array of bytes to hold compressed key.
- * xIn    [in]  The x-ordinate.
- * yIn    [in]  The y-ordinate.
- */
-int ge448_compress_key(byte* out, const byte* xIn, const byte* yIn)
-{
-    ge448_p2  g;
-    byte      bArray[ED448_KEY_SIZE];
-    word32    i;
-
-    fe448_from_bytes(g.X, xIn);
-    fe448_from_bytes(g.Y, yIn);
-    fe448_1(g.Z);
-
-    ge448_p2z1_to_bytes(bArray, &g);
-
-    for (i = 0; i < 57; i++) {
-        out[57 - 1 - i] = bArray[i];
-    }
-
-    return 0;
-}
-
-/* Determine whether the value is negative.
- *
- * b  [in]  An 8-bit signed value.
- * returns 1 when negative and 0 otherwise.
- */
-static byte negative(byte b)
-{
-    return ((byte)b) >> 7;
-}
-
-/* Determine whether two values are equal. a == b
- * Constant time implementation.
- *
- * a  [in]  An 8-bit unsigned value.
- * b  [in]  An 8-bit unsigned value.
- * returns 1 when equal and 0 otherwise.
- */
-static byte equal(byte a, byte b)
-{
-    return (byte)(((word32)(a ^ b) - 1) >> 31);
-}
-
-/* Conditional move the point into result point if two values are equal.
- * Constant time implementation.
- *
- * f  [in]  Point to conditionally overwrite.
- * p  [in]  Point to conditionally copy.
- * b  [in]  An 8-bit unsigned value.
- * n  [in]  An 8-bit unsigned value.
- */
-static WC_INLINE void cmov(ge448_precomp* r, const ge448_precomp* p, byte b,
-                           byte n)
-{
-    b = equal(b, n);
-    fe448_cmov(r->x, p->x, b);
-    fe448_cmov(r->y, p->y, b);
-}
-
-/* Select one of the entries from the precomputed table and negate if required.
- * Constant time implementation.
- *
- * r    [in]  Point to hold chosen point.
- * pos  [in]  Position of array of entries to choose from.
- * b    [in]  Index of point to select. -ve value means negate the point.
- */
-static void ge448_select(ge448_precomp* r, int pos, byte b)
-{
-    ge448 minusx[16];
-    byte bnegative = negative(b);
-    byte babs = (byte)(b - (((-bnegative) & b) << 1));
-
-    ge448_precomp_0(r);
-    cmov(r, &base[pos][0], babs, 1);
-    cmov(r, &base[pos][1], babs, 2);
-    cmov(r, &base[pos][2], babs, 3);
-    cmov(r, &base[pos][3], babs, 4);
-    cmov(r, &base[pos][4], babs, 5);
-    cmov(r, &base[pos][5], babs, 6);
-    cmov(r, &base[pos][6], babs, 7);
-    cmov(r, &base[pos][7], babs, 8);
-    fe448_neg(minusx, r->x);
-    fe448_cmov(r->x, minusx, bnegative);
-}
-
-/* Perform a scalar multiplication of the base point. r = a * base
- *
- * r  [in]  Point to hold result.
- * a  [in]  Scalar to multiply by.
- */
-int ge448_scalarmult_base(ge448_p2* r, const byte* a)
-{
-    byte          carry;
-#ifdef WOLFSSL_SMALL_STACK
-    ge448_precomp *t = NULL;
-    byte          *e = NULL;
-#else
-    ge448_precomp t[1];
-    byte          e[113];
-#endif
-    int           i;
-
-#ifdef WOLFSSL_SMALL_STACK
-    t = (ge448_precomp *)XMALLOC(sizeof(*t), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (t == NULL)
-        return MEMORY_E;
-    e = (byte *)XMALLOC(113, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (e == NULL) {
-        XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    carry = 0;
-    for (i = 0; i < 56; ++i) {
-        e[2 * i + 0] = (byte)(((a[i] >> 0) & 0xf) + carry);
-        carry = (byte)(e[2 * i + 0] + 8);
-        carry >>= 4;
-        e[2 * i + 0] = (byte)(e[2 * i + 0] - (byte)(carry << 4));
-
-        e[2 * i + 1] = (byte)(((a[i] >> 4) & 0xf) + carry);
-        carry = (byte)(e[2 * i + 1] + 8);
-        carry = (byte)(carry >> 4);
-        e[2 * i + 1] = (byte)(e[2 * i + 1] - (carry << 4));
-    }
-    e[112] = carry;
-    /* each e[i] is between -8 and 8 */
-
-    /* Odd indices first - sum based on even index so multiply by 16 */
-    ge448_select(t, 0, e[1]);
-    fe448_copy(r->X, t->x);
-    fe448_copy(r->Y, t->y);
-    fe448_1(r->Z);
-    for (i = 3; i < 112; i += 2) {
-        ge448_select(t, i / 2, e[i]);
-        ge448_madd(r, r, t);
-    }
-
-    ge448_dbl(r, r);
-    ge448_dbl(r, r);
-    ge448_dbl(r, r);
-    ge448_dbl(r, r);
-
-    /* Add even indices */
-    for (i = 0; i <= 112; i += 2) {
-        ge448_select(t, i / 2, e[i]);
-        ge448_madd(r, r, t);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return 0;
-}
-
-/* Create to a sliding window for the scalar multiplicaton.
- *
- * r  [in]  Array of indices.
- * a  [in]  Scalar to break up.
- */
-static void slide(sword8 *r, const byte *a)
-{
-    int i;
-    int b;
-    int k;
-
-    for (i = 0; i < 448; ++i) {
-        r[i] = (a[i >> 3] >> (i & 7)) & 1;
-    }
-
-    for (i = 0; i < 448; ++i) {
-        if (r[i] == 0) {
-            continue;
-        }
-
-        for (b = 1; b <= 7 && i + b < 448; ++b) {
-            if (r[i + b] == 0) {
-                continue;
-            }
-
-            if (r[i] + (r[i + b] << b) <= 31) {
-                r[i] = (sword8)(r[i] + (r[i + b] << b));
-                r[i + b] = 0;
-            }
-            else if (r[i] - (r[i + b] << b) >= -31) {
-                r[i] = (sword8)(r[i] - (r[i + b] << b));
-                for (k = i + b; k < 448; ++k) {
-                    if (!r[k]) {
-                        r[k] = 1;
-                        break;
-                    }
-                    r[k] = 0;
-                }
-            }
-            else {
-                break;
-            }
-        }
-    }
-}
-
-/* Perform a scalar multiplication of the base point and public point.
- *   r = a * p + b * base
- * Uses a sliding window of 5 bits.
- * Not constant time.
- *
- * r  [in]  Point to hold result.
- * a  [in]  Scalar to multiply by.
- */
-int ge448_double_scalarmult_vartime(ge448_p2 *r, const byte *a,
-                                    const ge448_p2 *p, const byte *b)
-{
-#define GE448_WINDOW_BUF_SIZE 448
-
-#if defined(WOLFSSL_SMALL_STACK) && (!defined(WOLFSSL_NO_MALLOC) ||                                                           defined(XMALLOC_USER))
-    sword8       *aslide = NULL;
-    sword8       *bslide = NULL;
-    ge448_p2     *pi = NULL; /* p,3p,..,31p */
-    ge448_p2     *p2 = NULL;
-#else
-    sword8       aslide[448];
-    sword8       bslide[448];
-    ge448_p2     pi[16]; /* p,3p,..,31p */
-    ge448_p2     p2[1];
-#endif
-    int          i;
-    int          ret = 0;
-
-#if defined(WOLFSSL_SMALL_STACK) && (!defined(WOLFSSL_NO_MALLOC) ||                                                           defined(XMALLOC_USER))
-    aslide = (sword8 *)XMALLOC(GE448_WINDOW_BUF_SIZE, NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-    if (aslide == NULL) {
-        ret = MEMORY_E;
-    }
-    if (ret == 0) {
-        bslide = (sword8 *)XMALLOC(GE448_WINDOW_BUF_SIZE, NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-        if (bslide == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-    if (ret == 0) {
-        pi = (ge448_p2 *)XMALLOC(16 * sizeof *pi, NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-        if (pi == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-    if (ret == 0) {
-        p2 = (ge448_p2 *)XMALLOC(sizeof *p2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (p2 == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        slide(aslide, a);
-        slide(bslide, b);
-
-        fe448_copy(pi[0].X, p->X);
-        fe448_copy(pi[0].Y, p->Y);
-        fe448_copy(pi[0].Z, p->Z);
-        ge448_dbl(p2, p);
-        ge448_add(&pi[1], p2, &pi[0]);
-        ge448_add(&pi[2], p2, &pi[1]);
-        ge448_add(&pi[3], p2, &pi[2]);
-        ge448_add(&pi[4], p2, &pi[3]);
-        ge448_add(&pi[5], p2, &pi[4]);
-        ge448_add(&pi[6], p2, &pi[5]);
-        ge448_add(&pi[7], p2, &pi[6]);
-        ge448_add(&pi[8], p2, &pi[7]);
-        ge448_add(&pi[9], p2, &pi[8]);
-        ge448_add(&pi[10], p2, &pi[9]);
-        ge448_add(&pi[11], p2, &pi[10]);
-        ge448_add(&pi[12], p2, &pi[11]);
-        ge448_add(&pi[13], p2, &pi[12]);
-        ge448_add(&pi[14], p2, &pi[13]);
-        ge448_add(&pi[15], p2, &pi[14]);
-
-        ge448_0(r);
-
-        /* Find first index that is not 0. */
-        for (i = 447; i >= 0; --i) {
-            if (aslide[i] || bslide[i]) {
-                break;
-            }
-        }
-
-        for (; i >= 0; --i) {
-            ge448_dbl(r, r);
-
-            if (aslide[i] > 0)
-                ge448_add(r, r, &pi[aslide[i]/2]);
-            else if (aslide[i] < 0)
-                ge448_sub(r, r ,&pi[(-aslide[i])/2]);
-
-            if (bslide[i] > 0)
-                ge448_madd(r, r, &base_i[bslide[i]/2]);
-            else if (bslide[i] < 0)
-                ge448_msub(r, r, &base_i[(-bslide[i])/2]);
-        }
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && (!defined(WOLFSSL_NO_MALLOC) ||                                                           defined(XMALLOC_USER))
-    XFREE(p2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(pi, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(bslide, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(aslide, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return ret;
-}
-
-/* Convert compressed point to negative of affine point.
- * Calculates x from the y and the negative bit.
- * Not constant time.
- *
- * r  [in]  Uncompressed point.
- * b  [in]  Array of bytes representing point.
- * returns 0 on success and -1 on failure.
- */
-int ge448_from_bytes_negate_vartime(ge448_p2 *r, const byte *b)
-{
-    int   ret = 0;
-    ge448 u[GE448_WORDS];
-    ge448 v[GE448_WORDS];
-    ge448 u3[GE448_WORDS];
-    ge448 vxx[GE448_WORDS];
-    ge448 check[GE448_WORDS];
-
-    fe448_from_bytes(r->Y, b);
-    fe448_1(r->Z);
-    fe448_sqr(u, r->Y);                /* u = y^2                      */
-    fe448_mul39081(v, u);              /* v = 39081.y^2                */
-    fe448_sub(u, u, r->Z);             /* u = y^2-1                    */
-    fe448_reduce(u);
-    fe448_add(v, v, r->Z);             /* v = 39081.y^2-1              */
-    fe448_reduce(v);
-    fe448_neg(v, v);                   /* v = -39081.y^2-1 = d.y^2-1   */
-
-    fe448_sqr(r->X, v);                /* x = v^2                      */
-    fe448_mul(r->X, r->X, v);          /* x = v^3                      */
-    fe448_sqr(u3, u);                  /* x = u^2.v^3                  */
-    fe448_mul(r->X, r->X, u3);         /* x = u^2.v^3                  */
-    fe448_mul(u3, u3, u);              /* u3 = u^3                     */
-    fe448_mul(r->X, r->X, u3);         /* x = u^5.v^3                  */
-
-    fe448_pow_2_446_222_1(r->X, r->X); /* x = (u^5.v^3)^((q-3)/4)      */
-    fe448_mul(r->X, r->X, u3);         /* x = u^3(u^5.v^3)^((q-3)/4)   */
-    fe448_mul(r->X, r->X, v);          /* x = u^3.v(u^5.v^3)^((q-3)/4) */
-
-    fe448_sqr(vxx, r->X);
-    fe448_mul(vxx, vxx, v);
-    fe448_sub(check, vxx, u);          /* check = v.x^2-u              */
-    fe448_reduce(check);
-    /* Note; vx^2+u is NOT correct. */
-    if (fe448_isnonzero(check)) {
-        ret = -1;
-    }
-
-    /* Calculating negative of point in bytes - negate only if X is correct. */
-    if (fe448_isnegative(r->X) == (b[56] >> 7)) {
-        fe448_neg(r->X, r->X);
-    }
-
-    return ret;
-}
-
-#endif /* ED448_SMALL */
-#endif /* HAVE_CURVE448 || HAVE_ED448 */
diff --git a/src/ssl/wolfssl/wolfcrypt/ge_low_mem.c b/src/ssl/wolfssl/wolfcrypt/ge_low_mem.c
deleted file mode 100644
index 308e73a2d..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ge_low_mem.c
+++ /dev/null
@@ -1,572 +0,0 @@
-/* ge_low_mem.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
- /* Based from Daniel Beer's public domain work. */
-
-#ifdef HAVE_ED25519
-#ifdef ED25519_SMALL /* use slower code that takes less memory */
-
-#include <wolfssl/wolfcrypt/ge_operations.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-void ed25519_smult(ge_p3 *r, const ge_p3 *a, const byte *e);
-void ed25519_add(ge_p3 *r, const ge_p3 *a, const ge_p3 *b);
-void ed25519_double(ge_p3 *r, const ge_p3 *a);
-
-
-static const byte ed25519_order[F25519_SIZE] = {
-    0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
-    0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10
-};
-
-/*Arithmetic modulo the group order mod = 2^252 +
- 27742317777372353535851937790883648493 =
- 7237005577332262213973186563042994240857116359379907606001950938285454250989 */
-
-static const word32 mod[32] = {
-    0xED,0xD3,0xF5,0x5C,0x1A,0x63,0x12,0x58,0xD6,0x9C,0xF7,0xA2,0xDE,0xF9,
-    0xDE,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-    0x00,0x00,0x00,0x10
-};
-
-static const word32 mu[33] = {
-    0x1B,0x13,0x2C,0x0A,0xA3,0xE5,0x9C,0xED,0xA7,0x29,0x63,0x08,0x5D,0x21,
-    0x06,0x21,0xEB,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-    0xFF,0xFF,0xFF,0xFF,0x0F
-};
-
-
-int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
-                        word32 keySz)
-{
-    byte tmp[F25519_SIZE];
-    byte parity;
-    byte pt[32];
-    int     i;
-
-    lm_copy(tmp, xIn);
-    parity = (tmp[0] & 1) << 7;
-
-    lm_copy(pt, yIn);
-    pt[31] |= parity;
-
-    for(i = 0; i < 32; i++) {
-        out[32-i-1] = pt[i];
-    }
-    (void)keySz;
-    return 0;
-}
-
-
-static word32 lt(word32 a,word32 b) /* 16-bit inputs */
-{
-  word32 x = a;
-  x -= (unsigned int) b; /* 0..65535: no; 4294901761..4294967295: yes */
-  x >>= 31; /* 0: no; 1: yes */
-  return x;
-}
-
-
-/* Reduce coefficients of r before calling reduce_add_sub */
-static void reduce_add_sub(word32 *r)
-{
-  word32 pb = 0;
-  word32 b;
-  word32 mask;
-  int i;
-  unsigned char t[32];
-
-  for(i=0;i<32;i++)
-  {
-    pb += mod[i];
-    b = lt(r[i],pb);
-    t[i] = r[i]-pb+(b<<8);
-    pb = b;
-  }
-  mask = b - 1;
-  for(i=0;i<32;i++)
-    r[i] ^= mask & (r[i] ^ t[i]);
-}
-
-
-/* Reduce coefficients of x before calling barrett_reduce */
-static void barrett_reduce(word32* r, word32 x[64])
-{
-  /* See HAC, Alg. 14.42 */
-  int i,j;
-  word32 q2[66];
-  word32 *q3 = q2 + 33;
-  word32 r1[33];
-  word32 r2[33];
-  word32 carry;
-  word32 pb = 0;
-
-  for (i = 0;i < 66;++i) q2[i] = 0;
-  for (i = 0;i < 33;++i) r2[i] = 0;
-
-  for(i=0;i<33;i++)
-    for(j=0;j<33;j++)
-      if(i+j >= 31) q2[i+j] += mu[i]*x[j+31];
-  carry = q2[31] >> 8;
-  q2[32] += carry;
-  carry = q2[32] >> 8;
-  q2[33] += carry;
-
-  for(i=0;i<33;i++)r1[i] = x[i];
-  for(i=0;i<32;i++)
-    for(j=0;j<33;j++)
-      if(i+j < 33) r2[i+j] += mod[i]*q3[j];
-
-  for(i=0;i<32;i++)
-  {
-    carry = r2[i] >> 8;
-    r2[i+1] += carry;
-    r2[i] &= 0xff;
-  }
-
-  for(i=0;i<32;i++)
-  {
-    word32 b;
-    pb += r2[i];
-    b = lt(r1[i],pb);
-    r[i] = r1[i]-pb+(b<<8);
-    pb = b;
-  }
-
-  /* XXX: Can it really happen that r<0?, See HAC, Alg 14.42, Step 3
-   * r is an unsigned type.
-   * If so: Handle  it here!
-   */
-
-  reduce_add_sub(r);
-  reduce_add_sub(r);
-}
-
-
-void sc_reduce(unsigned char *x)
-{
-  int i;
-  word32 t[64];
-  word32 r[32];
-  for(i=0;i<64;i++) t[i] = x[i];
-  barrett_reduce(r, t);
-  for(i=0;i<32;i++) x[i] = (r[i] & 0xFF);
-}
-
-
-void sc_muladd(byte* out, const byte* a, const byte* b, const byte* c)
-{
-
-    byte s[32];
-    byte e[64];
-
-    XMEMSET(e, 0, sizeof(e));
-    XMEMCPY(e, b, 32);
-
-    /* Obtain e */
-    sc_reduce(e);
-
-    /* Compute s = ze + k */
-    fprime_mul(s, a, e, ed25519_order);
-    fprime_add(s, c, ed25519_order);
-
-    XMEMCPY(out, s, 32);
-}
-
-
-/* Base point is (numbers wrapped):
- *
- *     x = 151122213495354007725011514095885315114
- *         54012693041857206046113283949847762202
- *     y = 463168356949264781694283940034751631413
- *         07993866256225615783033603165251855960
- *
- * y is derived by transforming the original Montgomery base (u=9). x
- * is the corresponding positive coordinate for the new curve equation.
- * t is x*y.
- */
-const ge_p3 ed25519_base = {
-    {
-        0x1a, 0xd5, 0x25, 0x8f, 0x60, 0x2d, 0x56, 0xc9,
-        0xb2, 0xa7, 0x25, 0x95, 0x60, 0xc7, 0x2c, 0x69,
-        0x5c, 0xdc, 0xd6, 0xfd, 0x31, 0xe2, 0xa4, 0xc0,
-        0xfe, 0x53, 0x6e, 0xcd, 0xd3, 0x36, 0x69, 0x21
-    },
-    {
-        0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
-        0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
-        0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
-        0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66
-    },
-    {1, 0},
-    {
-        0xa3, 0xdd, 0xb7, 0xa5, 0xb3, 0x8a, 0xde, 0x6d,
-        0xf5, 0x52, 0x51, 0x77, 0x80, 0x9f, 0xf0, 0x20,
-        0x7d, 0xe3, 0xab, 0x64, 0x8e, 0x4e, 0xea, 0x66,
-        0x65, 0x76, 0x8b, 0xd7, 0x0f, 0x5f, 0x87, 0x67
-    },
-
-};
-
-
-const ge_p3 ed25519_neutral = {
-    {0},
-    {1, 0},
-    {1, 0},
-    {0},
-
-};
-
-
-static const byte ed25519_d[F25519_SIZE] = {
-    0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75,
-    0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00,
-    0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c,
-    0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52
-};
-
-
-/* k = 2d */
-static const byte ed25519_k[F25519_SIZE] = {
-    0x59, 0xf1, 0xb2, 0x26, 0x94, 0x9b, 0xd6, 0xeb,
-    0x56, 0xb1, 0x83, 0x82, 0x9a, 0x14, 0xe0, 0x00,
-    0x30, 0xd1, 0xf3, 0xee, 0xf2, 0x80, 0x8e, 0x19,
-    0xe7, 0xfc, 0xdf, 0x56, 0xdc, 0xd9, 0x06, 0x24
-};
-
-
-void ed25519_add(ge_p3 *r,
-         const ge_p3 *p1, const ge_p3 *p2)
-{
-    /* Explicit formulas database: add-2008-hwcd-3
-     *
-     * source 2008 Hisil--Wong--Carter--Dawson,
-     *     http://eprint.iacr.org/2008/522, Section 3.1
-     * appliesto extended-1
-     * parameter k
-     * assume k = 2 d
-     * compute A = (Y1-X1)(Y2-X2)
-     * compute B = (Y1+X1)(Y2+X2)
-     * compute C = T1 k T2
-     * compute D = Z1 2 Z2
-     * compute E = B - A
-     * compute F = D - C
-     * compute G = D + C
-     * compute H = B + A
-     * compute X3 = E F
-     * compute Y3 = G H
-     * compute T3 = E H
-     * compute Z3 = F G
-     */
-    byte a[F25519_SIZE];
-    byte b[F25519_SIZE];
-    byte c[F25519_SIZE];
-    byte d[F25519_SIZE];
-    byte e[F25519_SIZE];
-    byte f[F25519_SIZE];
-    byte g[F25519_SIZE];
-    byte h[F25519_SIZE];
-
-    /* A = (Y1-X1)(Y2-X2) */
-    lm_sub(c, p1->Y, p1->X);
-    lm_sub(d, p2->Y, p2->X);
-    fe_mul__distinct(a, c, d);
-
-    /* B = (Y1+X1)(Y2+X2) */
-    lm_add(c, p1->Y, p1->X);
-    lm_add(d, p2->Y, p2->X);
-    fe_mul__distinct(b, c, d);
-
-    /* C = T1 k T2 */
-    fe_mul__distinct(d, p1->T, p2->T);
-    fe_mul__distinct(c, d, ed25519_k);
-
-    /* D = Z1 2 Z2 */
-    fe_mul__distinct(d, p1->Z, p2->Z);
-    lm_add(d, d, d);
-
-    /* E = B - A */
-    lm_sub(e, b, a);
-
-    /* F = D - C */
-    lm_sub(f, d, c);
-
-    /* G = D + C */
-    lm_add(g, d, c);
-
-    /* H = B + A */
-    lm_add(h, b, a);
-
-    /* X3 = E F */
-    fe_mul__distinct(r->X, e, f);
-
-    /* Y3 = G H */
-    fe_mul__distinct(r->Y, g, h);
-
-    /* T3 = E H */
-    fe_mul__distinct(r->T, e, h);
-
-    /* Z3 = F G */
-    fe_mul__distinct(r->Z, f, g);
-}
-
-
-void ed25519_double(ge_p3 *r, const ge_p3 *p)
-{
-    /* Explicit formulas database: dbl-2008-hwcd
-     *
-     * source 2008 Hisil--Wong--Carter--Dawson,
-     *     http://eprint.iacr.org/2008/522, Section 3.3
-     * compute A = X1^2
-     * compute B = Y1^2
-     * compute C = 2 Z1^2
-     * compute D = a A
-     * compute E = (X1+Y1)^2-A-B
-     * compute G = D + B
-     * compute F = G - C
-     * compute H = D - B
-     * compute X3 = E F
-     * compute Y3 = G H
-     * compute T3 = E H
-     * compute Z3 = F G
-     */
-    byte a[F25519_SIZE];
-    byte b[F25519_SIZE];
-    byte c[F25519_SIZE];
-    byte e[F25519_SIZE];
-    byte f[F25519_SIZE];
-    byte g[F25519_SIZE];
-    byte h[F25519_SIZE];
-
-    /* A = X1^2 */
-    fe_mul__distinct(a, p->X, p->X);
-
-    /* B = Y1^2 */
-    fe_mul__distinct(b, p->Y, p->Y);
-
-    /* C = 2 Z1^2 */
-    fe_mul__distinct(c, p->Z, p->Z);
-    lm_add(c, c, c);
-
-    /* D = a A (alter sign) */
-    /* E = (X1+Y1)^2-A-B */
-    lm_add(f, p->X, p->Y);
-    fe_mul__distinct(e, f, f);
-    lm_sub(e, e, a);
-    lm_sub(e, e, b);
-
-    /* G = D + B */
-    lm_sub(g, b, a);
-
-    /* F = G - C */
-    lm_sub(f, g, c);
-
-    /* H = D - B */
-    lm_neg(h, b);
-    lm_sub(h, h, a);
-
-    /* X3 = E F */
-    fe_mul__distinct(r->X, e, f);
-
-    /* Y3 = G H */
-    fe_mul__distinct(r->Y, g, h);
-
-    /* T3 = E H */
-    fe_mul__distinct(r->T, e, h);
-
-    /* Z3 = F G */
-    fe_mul__distinct(r->Z, f, g);
-}
-
-
-void ed25519_smult(ge_p3 *r_out, const ge_p3 *p, const byte *e)
-{
-    ge_p3 r;
-    int   i;
-
-    XMEMCPY(&r, &ed25519_neutral, sizeof(r));
-
-    for (i = 255; i >= 0; i--) {
-        const byte bit = (e[i >> 3] >> (i & 7)) & 1;
-        ge_p3 s;
-
-        ed25519_double(&r, &r);
-        ed25519_add(&s, &r, p);
-
-        fe_select(r.X, r.X, s.X, bit);
-        fe_select(r.Y, r.Y, s.Y, bit);
-        fe_select(r.Z, r.Z, s.Z, bit);
-        fe_select(r.T, r.T, s.T, bit);
-    }
-    XMEMCPY(r_out, &r, sizeof(r));
-}
-
-
-void ge_scalarmult_base(ge_p3 *R,const unsigned char *nonce)
-{
-    ed25519_smult(R, &ed25519_base, nonce);
-}
-
-
-/* pack the point h into array s */
-void ge_tobytes(unsigned char *s,const ge_p2 *h)
-{
-    byte x[F25519_SIZE];
-    byte y[F25519_SIZE];
-    byte z1[F25519_SIZE];
-    byte parity;
-
-    fe_inv__distinct(z1, h->Z);
-    fe_mul__distinct(x, h->X, z1);
-    fe_mul__distinct(y, h->Y, z1);
-
-    fe_normalize(x);
-    fe_normalize(y);
-
-    parity = (x[0] & 1) << 7;
-    lm_copy(s, y);
-    fe_normalize(s);
-    s[31] |= parity;
-}
-
-
-/*
-   Test if the public key can be uncompressed and negate it (-X,Y,Z,-T)
-   return 0 on success
- */
-int ge_frombytes_negate_vartime(ge_p3 *p,const unsigned char *s)
-{
-
-    byte parity;
-    byte x[F25519_SIZE];
-    byte y[F25519_SIZE];
-    byte a[F25519_SIZE];
-    byte b[F25519_SIZE];
-    byte c[F25519_SIZE];
-    int ret = 0;
-
-    /* unpack the key s */
-    parity = s[31] >> 7;
-    lm_copy(y, s);
-    y[31] &= 127;
-
-    fe_mul__distinct(c, y, y);
-    fe_mul__distinct(b, c, ed25519_d);
-    lm_add(a, b, f25519_one);
-    fe_inv__distinct(b, a);
-    lm_sub(a, c, f25519_one);
-    fe_mul__distinct(c, a, b);
-    fe_sqrt(a, c);
-    lm_neg(b, a);
-    fe_select(x, a, b, (a[0] ^ parity) & 1);
-
-    /* test that x^2 is equal to c */
-    fe_mul__distinct(a, x, x);
-    fe_normalize(a);
-    fe_normalize(c);
-    ret |= ConstantCompare(a, c, F25519_SIZE);
-
-    /* project the key s onto p */
-    lm_copy(p->X, x);
-    lm_copy(p->Y, y);
-    fe_load(p->Z, 1);
-    fe_mul__distinct(p->T, x, y);
-
-    /* negate, the point becomes (-X,Y,Z,-T) */
-    lm_neg(p->X,p->X);
-    lm_neg(p->T,p->T);
-
-    return ret;
-}
-
-#ifdef WOLFSSL_CHECK_VER_FAULTS
-/* return 0 if equal and -1 if not equal */
-static int ge_equal(ge a, ge b)
-{
-    if (XMEMCMP(a, b, sizeof(ge)) == 0) {
-        return 0;
-    }
-    else {
-        return -1;
-    }
-}
-
-/* returns 0 if a == b */
-static int ge_p3_equal(ge_p3* a, ge_p3* b)
-{
-    int ret = 0;
-
-    ret |= ge_equal(a->X, b->X);
-    ret |= ge_equal(a->Y, b->Y);
-    ret |= ge_equal(a->Z, b->Z);
-    ret |= ge_equal(a->T, b->T);
-
-    return ret;
-}
-#endif
-
-
-
-int ge_double_scalarmult_vartime(ge_p2* R, const unsigned char *h,
-                                 const ge_p3 *inA,const unsigned char *sig)
-{
-    ge_p3 p, A;
-    int ret = 0;
-
-    XMEMCPY(&A, inA, sizeof(ge_p3));
-
-    /* find SB */
-    ed25519_smult(&p, &ed25519_base, sig);
-
-    /* find H(R,A,M) * -A */
-    ed25519_smult(&A, &A, h);
-#ifdef WOLFSSL_CHECK_VER_FAULTS
-    if (ge_p3_equal(&A, (ge_p3*)inA) == 0) {
-        ret = BAD_STATE_E;
-    }
-#endif
-
-    /* SB + -H(R,A,M)A */
-    ed25519_add(&A, &p, &A);
-#ifdef WOLFSSL_CHECK_VER_FAULTS
-    if (ge_p3_equal(&A, &p) == 0) {
-        ret = BAD_STATE_E;
-    }
-#endif
-
-    lm_copy(R->X, A.X);
-    lm_copy(R->Y, A.Y);
-    lm_copy(R->Z, A.Z);
-
-    return ret;
-}
-
-#endif /* ED25519_SMALL */
-#endif /* HAVE_ED25519 */
diff --git a/src/ssl/wolfssl/wolfcrypt/hpke.c b/src/ssl/wolfssl/wolfcrypt/hpke.c
deleted file mode 100644
index 686abd145..000000000
--- a/src/ssl/wolfssl/wolfcrypt/hpke.c
+++ /dev/null
@@ -1,1152 +0,0 @@
-/* hpke.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* The HPKE supports ECC and X25519 with AES GCM only.
- * TODO: Add X448 and ChaCha20
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(HAVE_HPKE) && (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \
-    defined(HAVE_AESGCM)
-
-#include <wolfssl/wolfcrypt/ecc.h>
-#include <wolfssl/wolfcrypt/curve25519.h>
-#include <wolfssl/wolfcrypt/curve448.h>
-#include <wolfssl/wolfcrypt/hmac.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#include <wolfssl/wolfcrypt/sha256.h>
-#include <wolfssl/wolfcrypt/sha512.h>
-#include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/hpke.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-const int hpkeSupportedKem[HPKE_SUPPORTED_KEM_LEN] = {
-    DHKEM_P256_HKDF_SHA256,
-    DHKEM_P384_HKDF_SHA384,
-    DHKEM_P521_HKDF_SHA512,
-    DHKEM_X25519_HKDF_SHA256,
-};
-
-const int hpkeSupportedKdf[HPKE_SUPPORTED_KDF_LEN] = {
-    HKDF_SHA256,
-    HKDF_SHA384,
-    HKDF_SHA512,
-};
-
-const int hpkeSupportedAead[HPKE_SUPPORTED_AEAD_LEN] = {
-    HPKE_AES_128_GCM,
-    HPKE_AES_256_GCM,
-};
-
-static const char* KEM_STR = "KEM";
-static const int   KEM_STR_LEN = 3;
-
-static const char* HPKE_STR = "HPKE";
-static const int   HPKE_STR_LEN = 4;
-
-static const char* HPKE_VERSION_STR = "HPKE-v1";
-static const int   HPKE_VERSION_STR_LEN = 7;
-
-static const char* EAE_PRK_LABEL_STR = "eae_prk";
-static const int   EAE_PRK_LABEL_STR_LEN = 7;
-
-static const char* SHARED_SECRET_LABEL_STR = "shared_secret";
-static const int   SHARED_SECRET_LABEL_STR_LEN = 13;
-
-static const char* PSK_ID_HASH_LABEL_STR = "psk_id_hash";
-static const int   PSK_ID_HASH_LABEL_STR_LEN = 11;
-
-static const char* INFO_HASH_LABEL_STR = "info_hash";
-static const int   INFO_HASH_LABEL_STR_LEN = 9;
-
-static const char* SECRET_LABEL_STR = "secret";
-static const int   SECRET_LABEL_STR_LEN = 6;
-
-static const char* KEY_LABEL_STR = "key";
-static const int   KEY_LABEL_STR_LEN = 3;
-
-static const char* BASE_NONCE_LABEL_STR = "base_nonce";
-static const int   BASE_NONCE_LABEL_STR_LEN = 10;
-
-static const char* EXP_LABEL_STR = "exp";
-static const int   EXP_LABEL_STR_LEN = 3;
-
-/* encode n as a byte string with length w, return 0 or error */
-static int I2OSP(int n, int w, byte* out)
-{
-    int i;
-
-    if (w <= 0 || w > 32) {
-        return MP_VAL;
-    }
-
-    /* if width is less than int max check that n is less than w bytes max */
-    /* if width is greater than int max check that n is less than int max */
-    if ((w < 4 && n > ((1 << (w * 8)) - 1)) || (w >= 4 && n > 0x7fffffff)) {
-        return MP_VAL;
-    }
-
-    /* make sure the byte string is cleared */
-    XMEMSET(out, 0, (size_t)w);
-
-    for (i = 0; i < w && n > 0; i++) {
-        out[w-(i + 1)] = (byte)n;
-        n >>= 8;
-    }
-
-    return 0;
-}
-
-/* initialize the hpke struct with the desired ciphersuites, return 0 or error*/
-int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
-{
-    int ret;
-    byte* id;
-
-    if (hpke == NULL || kem == 0 || kdf == 0 || aead == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMSET(hpke, 0, sizeof(*hpke));
-    hpke->kem = (word32)kem;
-    hpke->kdf = (word32)kdf;
-    hpke->aead = (word32)aead;
-    hpke->heap = heap;
-
-    /* set kem_suite_id */
-    id = hpke->kem_suite_id;
-
-    XMEMCPY(id, KEM_STR, KEM_STR_LEN);
-    id += KEM_STR_LEN;
-
-    ret = I2OSP(kem, 2, id);
-
-    /* set hpke_suite_id */
-    id = hpke->hpke_suite_id;
-
-    XMEMCPY(id, HPKE_STR, HPKE_STR_LEN);
-    id += HPKE_STR_LEN;
-
-    if (ret == 0) {
-        ret = I2OSP(kem, 2, id);
-        id += 2;
-    }
-    if (ret == 0) {
-        ret = I2OSP(kdf, 2, id);
-        id += 2;
-    }
-    if (ret == 0) {
-        ret = I2OSP(aead, 2, id);
-    }
-
-    if (ret == 0) {
-        switch (kem) {
-#if defined(HAVE_ECC)
-#if defined(WOLFSSL_SHA224) || !defined(NO_SHA256)
-        case DHKEM_P256_HKDF_SHA256:
-            hpke->curve_id = ECC_SECP256R1;
-            hpke->Nsecret = WC_SHA256_DIGEST_SIZE;
-            hpke->Nh = WC_SHA256_DIGEST_SIZE;
-            hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
-            hpke->Npk = 1 + hpke->Ndh * 2;
-            break;
-#endif
-
-#ifdef WOLFSSL_SHA384
-        case DHKEM_P384_HKDF_SHA384:
-            hpke->curve_id = ECC_SECP384R1;
-            hpke->Nsecret = WC_SHA384_DIGEST_SIZE;
-            hpke->Nh = WC_SHA384_DIGEST_SIZE;
-            hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
-            hpke->Npk = 1 + hpke->Ndh * 2;
-            break;
-#endif
-
-#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
-        case DHKEM_P521_HKDF_SHA512:
-            hpke->curve_id = ECC_SECP521R1;
-            hpke->Nsecret = WC_SHA512_DIGEST_SIZE;
-            hpke->Nh = WC_SHA512_DIGEST_SIZE;
-            hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
-            hpke->Npk = 1 + hpke->Ndh * 2;
-            break;
-#endif
-#endif
-
-#if defined(HAVE_CURVE25519) &&\
-    (defined(WOLFSSL_SHA224) || !defined(NO_SHA256))
-        case DHKEM_X25519_HKDF_SHA256:
-            hpke->Nsecret = WC_SHA256_DIGEST_SIZE;
-            hpke->Nh = WC_SHA256_DIGEST_SIZE;
-            hpke->Ndh = CURVE25519_KEYSIZE;
-            hpke->Npk = CURVE25519_PUB_KEY_SIZE;
-            break;
-#endif
-
-#if defined(HAVE_CURVE448) &&\
-    (defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512))
-        case DHKEM_X448_HKDF_SHA512:
-            hpke->Nsecret = WC_SHA512_DIGEST_SIZE;
-            hpke->Nh = WC_SHA512_DIGEST_SIZE;
-            /* size of x448 shared secret */
-            hpke->Ndh = 64;
-            hpke->Npk = CURVE448_PUB_KEY_SIZE;
-            ret = BAD_FUNC_ARG; /* TODO: Add X448 */
-            break;
-#endif
-
-        default:
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-
-    if (ret == 0) {
-        switch (kdf) {
-        case HKDF_SHA256:
-            hpke->kdf_digest = WC_SHA256;
-            break;
-
-        case HKDF_SHA384:
-            hpke->kdf_digest = WC_SHA384;
-            break;
-
-        case HKDF_SHA512:
-            hpke->kdf_digest = WC_SHA512;
-            break;
-
-        default:
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-
-    if (ret == 0) {
-        switch (aead) {
-        case HPKE_AES_128_GCM:
-            hpke->Nk = AES_128_KEY_SIZE;
-            hpke->Nn = GCM_NONCE_MID_SZ;
-            hpke->Nt = WC_AES_BLOCK_SIZE;
-            break;
-
-        case HPKE_AES_256_GCM:
-            hpke->Nk = AES_256_KEY_SIZE;
-            hpke->Nn = GCM_NONCE_MID_SZ;
-            hpke->Nt = WC_AES_BLOCK_SIZE;
-            break;
-
-        default:
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-
-    if ((int)hpke->Ndh < 0) {
-        return (int)hpke->Ndh;
-    }
-
-    return ret;
-}
-
-/* generate a keypair for use with the supplied hpke kem method, return 0 or
- * error */
-int wc_HpkeGenerateKeyPair(Hpke* hpke, void** keypair, WC_RNG* rng)
-{
-    int ret = 0;
-
-    if (hpke == NULL || keypair == NULL || rng == NULL)
-        return BAD_FUNC_ARG;
-
-    switch (hpke->kem) {
-#if defined(HAVE_ECC)
-        case DHKEM_P256_HKDF_SHA256:
-            *keypair = wc_ecc_key_new(hpke->heap);
-            if (*keypair != NULL)
-                ret = wc_ecc_make_key_ex(rng, 32, (ecc_key*)*keypair,
-                    ECC_SECP256R1);
-            break;
-        case DHKEM_P384_HKDF_SHA384:
-            *keypair = wc_ecc_key_new(hpke->heap);
-            if (*keypair != NULL)
-                ret = wc_ecc_make_key_ex(rng, 48, (ecc_key*)*keypair,
-                    ECC_SECP384R1);
-            break;
-        case DHKEM_P521_HKDF_SHA512:
-            *keypair = wc_ecc_key_new(hpke->heap);
-            if (*keypair != NULL)
-                ret = wc_ecc_make_key_ex(rng, 66, (ecc_key*)*keypair,
-                  ECC_SECP521R1);
-            break;
-#endif
-#if defined(HAVE_CURVE25519)
-        case DHKEM_X25519_HKDF_SHA256:
-            *keypair = XMALLOC(sizeof(curve25519_key), hpke->heap,
-                DYNAMIC_TYPE_CURVE25519);
-            if (*keypair != NULL) {
-                ret = wc_curve25519_init_ex((curve25519_key*)*keypair,
-                    hpke->heap, INVALID_DEVID);
-                if (ret == 0)
-                    ret = wc_curve25519_make_key(rng, 32,
-                        (curve25519_key*)*keypair);
-            }
-            break;
-#endif
-        case DHKEM_X448_HKDF_SHA512:
-            /* TODO: Add X448 */
-        default:
-            ret = BAD_FUNC_ARG;
-            break;
-    }
-
-    if (ret == 0 && *keypair == NULL)
-        ret = MEMORY_E;
-
-    if (ret != 0 && *keypair != NULL) {
-        wc_HpkeFreeKey(hpke, (word16)hpke->kem, *keypair, hpke->heap);
-        *keypair = NULL;
-    }
-
-    return ret;
-}
-
-/* encode the provided kem key into a byte string, return 0 or error */
-int wc_HpkeSerializePublicKey(Hpke* hpke, void* key, byte* out, word16* outSz)
-{
-    int ret;
-    word32 tmpOutSz;
-
-    if (hpke == NULL || key == NULL || out == NULL || outSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    tmpOutSz = *outSz;
-
-    switch (hpke->kem)
-    {
-#if defined(HAVE_ECC)
-        case DHKEM_P256_HKDF_SHA256:
-        case DHKEM_P384_HKDF_SHA384:
-        case DHKEM_P521_HKDF_SHA512:
-            /* export x963 uncompressed */
-            ret = wc_ecc_export_x963_ex((ecc_key*)key, out, &tmpOutSz, 0);
-            break;
-#endif
-#if defined(HAVE_CURVE25519)
-        case DHKEM_X25519_HKDF_SHA256:
-            ret = wc_curve25519_export_public_ex((curve25519_key*)key, out,
-                &tmpOutSz, EC25519_LITTLE_ENDIAN);
-            break;
-#endif
-        case DHKEM_X448_HKDF_SHA512:
-        default:
-            ret = -1;
-            break;
-    }
-
-    *outSz = (word16)tmpOutSz;
-
-    return ret;
-}
-
-/* load a serialized kem key into a wolfcrypt key struct depending on the kem */
-int wc_HpkeDeserializePublicKey(Hpke* hpke, void** key, const byte* in,
-    word16 inSz)
-{
-    int ret = 0;
-
-    if (hpke == NULL || key == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (inSz < (word32)hpke->Npk) {
-        return BUFFER_E;
-    }
-
-    switch (hpke->kem)
-    {
-#if defined(HAVE_ECC)
-        case DHKEM_P256_HKDF_SHA256:
-        case DHKEM_P384_HKDF_SHA384:
-        case DHKEM_P521_HKDF_SHA512:
-            /* init the ecc key */
-            *key = wc_ecc_key_new(hpke->heap);
-            if (*key != NULL) {
-                /* import the x963 key */
-                ret = wc_ecc_import_x963_ex(in, inSz, (ecc_key*)*key,
-                    hpke->curve_id);
-            }
-            break;
-#endif
-#if defined(HAVE_CURVE25519)
-        case DHKEM_X25519_HKDF_SHA256:
-            *key = XMALLOC(sizeof(curve25519_key), hpke->heap,
-                DYNAMIC_TYPE_CURVE25519);
-            if (*key != NULL) {
-                ret = wc_curve25519_init_ex((curve25519_key*)*key, hpke->heap,
-                    INVALID_DEVID);
-                if (ret == 0)
-                    ret = wc_curve25519_import_public_ex(in, inSz,
-                        (curve25519_key*)*key, EC25519_LITTLE_ENDIAN);
-            }
-            break;
-#endif
-        case DHKEM_X448_HKDF_SHA512:
-        default:
-            ret = -1;
-            break;
-    }
-
-    if (ret == 0 && *key == NULL)
-        ret = MEMORY_E;
-
-    if (ret != 0 && *key != NULL) {
-        wc_HpkeFreeKey(hpke, (word16)hpke->kem, *key, hpke->heap);
-        *key = NULL;
-    }
-
-    return ret;
-}
-
-/* free a kem key */
-void wc_HpkeFreeKey(Hpke* hpke, word16 kem, void* keypair, void* heap)
-{
-    switch (kem)
-    {
-#if defined(HAVE_ECC)
-        case DHKEM_P256_HKDF_SHA256:
-        case DHKEM_P384_HKDF_SHA384:
-        case DHKEM_P521_HKDF_SHA512:
-            wc_ecc_key_free((ecc_key*)keypair);
-            break;
-#endif
-#if defined(HAVE_CURVE25519)
-        case DHKEM_X25519_HKDF_SHA256:
-            wc_curve25519_free((curve25519_key*)keypair);
-            XFREE(keypair, heap, DYNAMIC_TYPE_CURVE25519);
-            break;
-#endif
-        case DHKEM_X448_HKDF_SHA512:
-            /* TODO: Add X448 */
-        default:
-            break;
-    }
-    (void)hpke;
-    (void)heap;
-}
-
-static int wc_HpkeLabeledExtract(Hpke* hpke, byte* suite_id,
-    word32 suite_id_len, byte* salt, word32 salt_len, byte* label,
-    word32 label_len, byte* ikm, word32 ikm_len, byte* out)
-{
-    int ret;
-    byte* labeled_ikm_p;
-    WC_DECLARE_VAR(labeled_ikm, byte, MAX_HPKE_LABEL_SZ, 0);
-
-    if (hpke == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(labeled_ikm, byte, MAX_HPKE_LABEL_SZ, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    /* concat the labeled_ikm */
-    /* version */
-    XMEMCPY(labeled_ikm, HPKE_VERSION_STR, HPKE_VERSION_STR_LEN);
-    labeled_ikm_p = labeled_ikm + HPKE_VERSION_STR_LEN;
-
-    /* suite_id */
-    XMEMCPY(labeled_ikm_p, suite_id, suite_id_len);
-    labeled_ikm_p += suite_id_len;
-
-    /* label */
-    XMEMCPY(labeled_ikm_p, label, label_len);
-    labeled_ikm_p += label_len;
-
-    /* ikm */
-    if (ikm_len != 0) {
-        XMEMCPY(labeled_ikm_p, ikm, ikm_len);
-        labeled_ikm_p += ikm_len;
-    }
-
-    /* call extract */
-    PRIVATE_KEY_UNLOCK();
-    ret = wc_HKDF_Extract(hpke->kdf_digest, salt, salt_len, labeled_ikm,
-        (word32)(size_t)(labeled_ikm_p - labeled_ikm), out);
-    PRIVATE_KEY_LOCK();
-
-    WC_FREE_VAR_EX(labeled_ikm, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* do hkdf expand with the format specified in the hpke rfc, return 0 or
- * error */
-static int wc_HpkeLabeledExpand(Hpke* hpke, byte* suite_id, word32 suite_id_len,
-    byte* prk, word32 prk_len, byte* label, word32 label_len, byte* info,
-    word32 infoSz, word32 L, byte* out)
-{
-    int ret;
-    byte* labeled_info_p;
-    WC_DECLARE_VAR(labeled_info, byte, MAX_HPKE_LABEL_SZ, 0);
-
-    if (hpke == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(labeled_info, byte, MAX_HPKE_LABEL_SZ, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    /* copy length */
-    ret = I2OSP((int)L, 2, labeled_info);
-    labeled_info_p = labeled_info + 2;
-
-    if (ret == 0) {
-        /* version */
-        XMEMCPY(labeled_info_p, HPKE_VERSION_STR, HPKE_VERSION_STR_LEN);
-        labeled_info_p += HPKE_VERSION_STR_LEN;
-
-        /* suite_id */
-        XMEMCPY(labeled_info_p, suite_id, suite_id_len);
-        labeled_info_p += suite_id_len;
-
-        /* label */
-        XMEMCPY(labeled_info_p, label, label_len);
-        labeled_info_p += label_len;
-
-        /* info */
-        XMEMCPY(labeled_info_p, info, infoSz);
-        labeled_info_p += infoSz;
-
-        /* call expand */
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_HKDF_Expand(hpke->kdf_digest,
-            prk, prk_len,
-            labeled_info, (word32)(size_t)(labeled_info_p - labeled_info),
-            out, L);
-        PRIVATE_KEY_LOCK();
-    }
-
-    WC_FREE_VAR_EX(labeled_info, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* compute the current nonce from the base nonce using the sequence value,
- * return 0 or error */
-static int wc_HpkeContextComputeNonce(Hpke* hpke, HpkeBaseContext* context,
-    byte* out)
-{
-    int ret;
-    byte seq_bytes[HPKE_Nn_MAX];
-
-    if (hpke == NULL || context == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* convert the sequence into a byte string with the same length as the
-     * nonce */
-    ret = I2OSP(context->seq, (int)hpke->Nn, seq_bytes);
-    if (ret == 0) {
-        xorbufout(out, context->base_nonce, seq_bytes, hpke->Nn);
-    }
-
-    return ret;
-}
-
-/* call extract and expand as specified in the hpke rfc, return 0 or error */
-static int wc_HpkeExtractAndExpand( Hpke* hpke, byte* dh, word32 dh_len,
-    byte* kemContext, word32 kem_context_length, byte* sharedSecret)
-{
-    int ret;
-    /* max length is the largest hmac digest possible */
-    WC_DECLARE_VAR(eae_prk, byte, WC_MAX_DIGEST_SIZE, 0);
-
-    if (hpke == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(eae_prk, byte, WC_MAX_DIGEST_SIZE, hpke->heap,
-        DYNAMIC_TYPE_DIGEST, return MEMORY_E);
-
-    /* extract */
-    ret = wc_HpkeLabeledExtract(hpke, hpke->kem_suite_id,
-        sizeof( hpke->kem_suite_id ), NULL, 0, (byte*)EAE_PRK_LABEL_STR,
-        EAE_PRK_LABEL_STR_LEN, dh, dh_len, eae_prk);
-
-    /* expand */
-    if ( ret == 0 )
-        ret = wc_HpkeLabeledExpand(hpke, hpke->kem_suite_id,
-            sizeof( hpke->kem_suite_id ), eae_prk, hpke->Nh,
-            (byte*)SHARED_SECRET_LABEL_STR, SHARED_SECRET_LABEL_STR_LEN,
-            kemContext, kem_context_length, hpke->Nsecret, sharedSecret);
-
-    WC_FREE_VAR_EX(eae_prk, hpke->heap, DYNAMIC_TYPE_DIGEST);
-
-    return ret;
-}
-
-/* derive the key, nonce and exporter secret and store them in the context
- * struct, return 0 or error */
-static int wc_HpkeKeyScheduleBase(Hpke* hpke, HpkeBaseContext* context,
-    byte* sharedSecret, byte* info, word32 infoSz)
-{
-    int ret;
-#ifndef WOLFSSL_SMALL_STACK
-    /* 1 for mode and WC_MAX_DIGEST_SIZE times 2 for psk_id_hash and */
-    /* info_hash */
-    byte key_schedule_context[1 + 2 * WC_MAX_DIGEST_SIZE];
-    /* maximum size of secret is largest hash of extract */
-    byte secret[WC_MAX_DIGEST_SIZE];
-#else
-    byte* key_schedule_context = NULL;
-    byte* secret = NULL;
-#endif
-
-    if (hpke == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    key_schedule_context = (byte*)XMALLOC((1 + 2 * WC_MAX_DIGEST_SIZE),
-        hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    secret = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, hpke->heap,
-        DYNAMIC_TYPE_DIGEST);
-    if (key_schedule_context == NULL || secret == NULL) {
-        XFREE(key_schedule_context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(secret, hpke->heap, DYNAMIC_TYPE_DIGEST);
-        return MEMORY_E;
-    }
-#endif
-
-    /* set the sequence to 0 */
-    context->seq = 0;
-
-    /* 0 for mode */
-    key_schedule_context[0] = 0;
-
-    /* extract psk_id, which for base is null */
-    ret = wc_HpkeLabeledExtract(hpke, hpke->hpke_suite_id,
-        sizeof( hpke->hpke_suite_id ), NULL, 0, (byte*)PSK_ID_HASH_LABEL_STR,
-        PSK_ID_HASH_LABEL_STR_LEN, NULL, 0, key_schedule_context + 1);
-
-    /* extract info */
-    if (ret == 0) {
-        ret = wc_HpkeLabeledExtract(hpke, hpke->hpke_suite_id,
-            sizeof( hpke->hpke_suite_id ), NULL, 0, (byte*)INFO_HASH_LABEL_STR,
-            INFO_HASH_LABEL_STR_LEN, info, infoSz,
-            key_schedule_context + 1 + hpke->Nh);
-    }
-
-    /* extract secret */
-    if (ret == 0) {
-        ret = wc_HpkeLabeledExtract(hpke, hpke->hpke_suite_id,
-            sizeof( hpke->hpke_suite_id ), sharedSecret, hpke->Nsecret,
-            (byte*)SECRET_LABEL_STR, SECRET_LABEL_STR_LEN, NULL, 0, secret);
-    }
-
-    /* expand key */
-    if (ret == 0)
-        ret = wc_HpkeLabeledExpand(hpke, hpke->hpke_suite_id,
-            sizeof( hpke->hpke_suite_id ), secret, hpke->Nh,
-            (byte*)KEY_LABEL_STR, KEY_LABEL_STR_LEN, key_schedule_context,
-            1 + 2 * hpke->Nh, hpke->Nk, context->key);
-
-    /* expand nonce */
-    if (ret == 0) {
-        ret = wc_HpkeLabeledExpand(hpke, hpke->hpke_suite_id,
-            sizeof( hpke->hpke_suite_id ), secret, hpke->Nh,
-            (byte*)BASE_NONCE_LABEL_STR, BASE_NONCE_LABEL_STR_LEN,
-            key_schedule_context, 1 + 2 * hpke->Nh, hpke->Nn,
-            context->base_nonce);
-    }
-
-    /* expand exporter_secret */
-    if (ret == 0) {
-        ret = wc_HpkeLabeledExpand(hpke, hpke->hpke_suite_id,
-            sizeof( hpke->hpke_suite_id ), secret, hpke->Nh,
-            (byte*)EXP_LABEL_STR, EXP_LABEL_STR_LEN, key_schedule_context,
-            1 + 2 * hpke->Nh, hpke->Nh, context->exporter_secret);
-    }
-
-    WC_FREE_VAR_EX(key_schedule_context, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(secret, hpke->heap, DYNAMIC_TYPE_DIGEST);
-
-    return ret;
-}
-
-/* compute the shared secret from the ephemeral and receiver kem keys */
-static int wc_HpkeEncap(Hpke* hpke, void* ephemeralKey, void* receiverKey,
-    byte* sharedSecret)
-{
-    int ret;
-#ifdef ECC_TIMING_RESISTANT
-    WC_RNG* rng;
-#endif
-    word32 dh_len;
-    word16 receiverPubKeySz;
-    word16 ephemeralPubKeySz;
-#ifndef WOLFSSL_SMALL_STACK
-    byte dh[HPKE_Ndh_MAX];
-    byte kemContext[HPKE_Npk_MAX * 2];
-#else
-    byte* dh = NULL;
-    byte* kemContext = NULL;
-#endif
-
-    if (hpke == NULL || ephemeralKey == NULL || receiverKey == NULL ||
-        sharedSecret == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    receiverPubKeySz = (word16)hpke->Npk;
-    ephemeralPubKeySz = (word16)hpke->Npk;
-
-#ifdef WOLFSSL_SMALL_STACK
-    dh = (byte*)XMALLOC(hpke->Ndh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    kemContext = (byte*)XMALLOC(hpke->Npk * 2, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (dh == NULL || kemContext == NULL) {
-        XFREE(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* generate dh */
-    dh_len = hpke->Ndh;
-
-    switch (hpke->kem)
-    {
-#if defined(HAVE_ECC)
-        case DHKEM_P256_HKDF_SHA256:
-        case DHKEM_P384_HKDF_SHA384:
-        case DHKEM_P521_HKDF_SHA512:
-#ifdef ECC_TIMING_RESISTANT
-            rng = wc_rng_new(NULL, 0, hpke->heap);
-
-            if (rng == NULL) {
-                ret = RNG_FAILURE_E;
-                break;
-            }
-
-            wc_ecc_set_rng((ecc_key*)ephemeralKey, rng);
-#endif
-
-            ret = wc_ecc_shared_secret((ecc_key*)ephemeralKey,
-                (ecc_key*)receiverKey, dh, &dh_len);
-
-#ifdef ECC_TIMING_RESISTANT
-            wc_rng_free(rng);
-#endif
-            break;
-#endif
-#if defined(HAVE_CURVE25519)
-        case DHKEM_X25519_HKDF_SHA256:
-            ret = wc_curve25519_shared_secret_ex((curve25519_key*)ephemeralKey,
-                (curve25519_key*)receiverKey, dh, &dh_len,
-                EC25519_LITTLE_ENDIAN);
-            break;
-#endif
-        case DHKEM_X448_HKDF_SHA512:
-            /* TODO: Add X448 */
-        default:
-            ret = -1;
-            break;
-    }
-
-    if (ret == 0) {
-        /* serialize ephemeralKey into kemContext */
-        ret = wc_HpkeSerializePublicKey(hpke, ephemeralKey,
-            kemContext, &ephemeralPubKeySz);
-    }
-    if (ret == 0) {
-        /* serialize pkR into kemContext */
-        ret = wc_HpkeSerializePublicKey(hpke, receiverKey,
-            kemContext + ephemeralPubKeySz, &receiverPubKeySz);
-    }
-    if (ret == 0) {
-        /* compute the shared secret */
-        ret = wc_HpkeExtractAndExpand(hpke, dh, dh_len, kemContext,
-            hpke->Npk * 2, sharedSecret);
-    }
-
-    WC_FREE_VAR_EX(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* setup the sender context with shared key, nonce and exporter secret */
-static int wc_HpkeSetupBaseSender(Hpke* hpke, HpkeBaseContext* context,
-    void* ephemeralKey, void* receiverKey, byte* info, word32 infoSz)
-{
-    int ret;
-    WC_DECLARE_VAR(sharedSecret, byte, HPKE_Nsecret_MAX, 0);
-
-    if (hpke == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    sharedSecret = (byte*)XMALLOC(hpke->Nsecret, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    /* encap */
-    ret = wc_HpkeEncap(hpke, ephemeralKey, receiverKey, sharedSecret);
-
-    /* schedule */
-    if (ret == 0) {
-        ret = wc_HpkeKeyScheduleBase(hpke, context, sharedSecret, info,
-            infoSz);
-    }
-
-    WC_FREE_VAR_EX(sharedSecret, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* give SetupBaseSender a more intuitive and wolfCrypt friendly name */
-int wc_HpkeInitSealContext(Hpke* hpke, HpkeBaseContext* context,
-    void* ephemeralKey, void* receiverKey, byte* info, word32 infoSz)
-{
-    if (hpke == NULL || context == NULL || ephemeralKey == NULL ||
-        receiverKey == NULL || (info == NULL && infoSz > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* zero out all fields */
-    XMEMSET(context, 0, sizeof(HpkeBaseContext));
-
-    return wc_HpkeSetupBaseSender(hpke, context, ephemeralKey, receiverKey,
-        info, infoSz);
-}
-
-/* encrypt a message using an hpke base context, return 0 or error */
-int wc_HpkeContextSealBase(Hpke* hpke, HpkeBaseContext* context,
-    byte* aad, word32 aadSz, byte* plaintext, word32 ptSz, byte* out)
-{
-    int ret;
-    byte nonce[HPKE_Nn_MAX];
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    if (hpke == NULL || context == NULL || (aad == NULL && aadSz > 0) ||
-        plaintext == NULL || out == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    WC_ALLOC_VAR_EX(aes, Aes, 1, hpke->heap, DYNAMIC_TYPE_AES,
-        return MEMORY_E);
-    ret = wc_AesInit(aes, hpke->heap, INVALID_DEVID);
-    if (ret == 0) {
-        /* compute nonce */
-        ret = wc_HpkeContextComputeNonce(hpke, context, nonce);
-        if (ret == 0) {
-            ret = wc_AesGcmSetKey(aes, context->key, hpke->Nk);
-        }
-        if (ret == 0) {
-            ret = wc_AesGcmEncrypt(aes, out, plaintext, ptSz, nonce,
-                hpke->Nn, out + ptSz, hpke->Nt, aad, aadSz);
-        }
-        /* increment sequence for non one shot */
-        if (ret == 0) {
-            context->seq++;
-        }
-        wc_AesFree(aes);
-    }
-    WC_FREE_VAR_EX(aes, hpke->heap, DYNAMIC_TYPE_AES);
-    return ret;
-}
-
-/* encrypt a message using the provided ephemeral and receiver kem keys */
-int wc_HpkeSealBase(Hpke* hpke, void* ephemeralKey, void* receiverKey,
-    byte* info, word32 infoSz, byte* aad, word32 aadSz, byte* plaintext,
-    word32 ptSz, byte* ciphertext)
-{
-    int ret;
-    WC_DECLARE_VAR(context, HpkeBaseContext, 1, 0);
-
-    /* check that all the buffers are non NULL or optional with 0 length */
-    if (hpke == NULL || ephemeralKey == NULL || receiverKey == NULL ||
-        (info == NULL && infoSz != 0) || (aad == NULL && aadSz != 0) ||
-        plaintext == NULL || ciphertext == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(context, HpkeBaseContext, 1, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    PRIVATE_KEY_UNLOCK();
-
-    /* setup the context and pubKey */
-    ret = wc_HpkeSetupBaseSender(hpke, context, ephemeralKey, receiverKey, info,
-        infoSz);
-
-    /* run seal using the context */
-    if (ret == 0) {
-        ret = wc_HpkeContextSealBase(hpke, context, aad, aadSz, plaintext,
-            ptSz, ciphertext);
-    }
-
-    PRIVATE_KEY_LOCK();
-
-    WC_FREE_VAR_EX(context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* compute the shared secret from the ephemeral and receiver kem keys */
-static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey,
-    word16 pubKeySz, byte* sharedSecret)
-{
-    int ret;
-#if defined(ECC_TIMING_RESISTANT) || defined(WOLFSSL_CURVE25519_BLINDING)
-    WC_RNG* rng;
-#endif
-    word32 dh_len;
-    word16 receiverPubKeySz;
-    void* ephemeralKey = NULL;
-#ifndef WOLFSSL_SMALL_STACK
-    byte dh[HPKE_Ndh_MAX];
-    byte kemContext[HPKE_Npk_MAX * 2];
-#else
-    byte* dh = NULL;
-    byte* kemContext = NULL;
-#endif
-
-    if (hpke == NULL || receiverKey == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    receiverPubKeySz = (word16)hpke->Npk;
-
-#ifdef WOLFSSL_SMALL_STACK
-    dh = (byte*)XMALLOC(hpke->Ndh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    kemContext = (byte*)XMALLOC(hpke->Npk * 2, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (dh == NULL || kemContext == NULL) {
-        XFREE(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* deserialize ephemeralKey from pubKey */
-    ret = wc_HpkeDeserializePublicKey(hpke, &ephemeralKey, pubKey, pubKeySz);
-
-    /* generate dh */
-    dh_len = hpke->Ndh;
-
-    if (ret == 0)
-        switch (hpke->kem)
-        {
-#if defined(HAVE_ECC)
-            case DHKEM_P256_HKDF_SHA256:
-            case DHKEM_P384_HKDF_SHA384:
-            case DHKEM_P521_HKDF_SHA512:
-#ifdef ECC_TIMING_RESISTANT
-                rng = wc_rng_new(NULL, 0, hpke->heap);
-
-                if (rng == NULL) {
-                    ret = RNG_FAILURE_E;
-                    break;
-                }
-
-                wc_ecc_set_rng((ecc_key*)receiverKey, rng);
-#endif
-
-                ret = wc_ecc_shared_secret((ecc_key*)receiverKey,
-                    (ecc_key*)ephemeralKey, dh, &dh_len);
-
-#ifdef ECC_TIMING_RESISTANT
-                wc_rng_free(rng);
-#endif
-                break;
-#endif
-#if defined(HAVE_CURVE25519)
-            case DHKEM_X25519_HKDF_SHA256:
-            #ifdef WOLFSSL_CURVE25519_BLINDING
-                rng = wc_rng_new(NULL, 0, hpke->heap);
-
-                if (rng == NULL) {
-                    ret = RNG_FAILURE_E;
-                    break;
-                }
-
-                wc_curve25519_set_rng((curve25519_key*)receiverKey, rng);
-            #endif
-                ret = wc_curve25519_shared_secret_ex(
-                    (curve25519_key*)receiverKey, (curve25519_key*)ephemeralKey,
-                    dh, &dh_len, EC25519_LITTLE_ENDIAN);
-            #ifdef WOLFSSL_CURVE25519_BLINDING
-                wc_rng_free(rng);
-            #endif
-                break;
-#endif
-            case DHKEM_X448_HKDF_SHA512:
-                /* TODO: Add X448 */
-            default:
-                ret = -1;
-                break;
-        }
-
-    if (ephemeralKey != NULL)
-        wc_HpkeFreeKey(hpke, (word16)hpke->kem, ephemeralKey, hpke->heap);
-
-    if (ret == 0) {
-        /* copy pubKey into kemContext */
-        XMEMCPY(kemContext, pubKey, hpke->Npk);
-
-        /* serialize pkR into kemContext */
-        ret = wc_HpkeSerializePublicKey(hpke, receiverKey,
-            kemContext + hpke->Npk, &receiverPubKeySz);
-    }
-
-    /* compute the shared secret */
-    if (ret == 0) {
-        ret = wc_HpkeExtractAndExpand(hpke, dh, dh_len, kemContext,
-            hpke->Npk * 2, sharedSecret);
-    }
-
-    WC_FREE_VAR_EX(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* setup an hpke base context for decrypting messages, return 0 or error */
-static int wc_HpkeSetupBaseReceiver(Hpke* hpke, HpkeBaseContext* context,
-    void* receiverKey, const byte* pubKey, word16 pubKeySz, byte* info,
-    word32 infoSz)
-{
-    int ret;
-    WC_DECLARE_VAR(sharedSecret, byte, HPKE_Nsecret_MAX, 0);
-
-    WC_ALLOC_VAR_EX(sharedSecret, byte, hpke->Nsecret, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    /* decap */
-    ret = wc_HpkeDecap(hpke, receiverKey, pubKey, pubKeySz, sharedSecret);
-
-    /* schedule */
-    if (ret == 0) {
-        ret = wc_HpkeKeyScheduleBase(hpke, context, sharedSecret, info,
-            infoSz);
-    }
-
-    WC_FREE_VAR_EX(sharedSecret, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* give SetupBaseReceiver a more intuitive and wolfCrypt friendly name */
-int wc_HpkeInitOpenContext(Hpke* hpke, HpkeBaseContext* context,
-    void* receiverKey, const byte* pubKey, word16 pubKeySz, byte* info,
-    word32 infoSz)
-{
-    if (hpke == NULL || context == NULL || receiverKey == NULL || pubKey == NULL
-        || (info == NULL && infoSz > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    return wc_HpkeSetupBaseReceiver(hpke, context, receiverKey, pubKey,
-        pubKeySz, info, infoSz);
-}
-
-/* decrypt a message using a setup hpke context, return 0 or error */
-int wc_HpkeContextOpenBase(Hpke* hpke, HpkeBaseContext* context, byte* aad,
-    word32 aadSz, byte* ciphertext, word32 ctSz, byte* out)
-{
-    int ret;
-    byte nonce[HPKE_Nn_MAX];
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-    if (hpke == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    XMEMSET(nonce, 0, sizeof(nonce));
-    WC_ALLOC_VAR_EX(aes, Aes, 1, hpke->heap, DYNAMIC_TYPE_AES,
-        return MEMORY_E);
-    /* compute nonce */
-    ret = wc_HpkeContextComputeNonce(hpke, context, nonce);
-    if (ret == 0)
-        ret = wc_AesInit(aes, hpke->heap, INVALID_DEVID);
-    if (ret == 0) {
-        ret = wc_AesGcmSetKey(aes, context->key, hpke->Nk);
-        if (ret == 0) {
-            ret = wc_AesGcmDecrypt(aes, out, ciphertext, ctSz, nonce,
-                hpke->Nn, ciphertext + ctSz, hpke->Nt, aad, aadSz);
-        }
-        /* increment sequence for non one shot */
-        if (ret == 0) {
-            context->seq++;
-        }
-        wc_AesFree(aes);
-    }
-    WC_FREE_VAR_EX(aes, hpke->heap, DYNAMIC_TYPE_AES);
-    return ret;
-}
-
-/* decrypt a message using the receiver and encoded ephemeral key, return 0 or
- * error */
-int wc_HpkeOpenBase(Hpke* hpke, void* receiverKey, const byte* pubKey,
-    word16 pubKeySz, byte* info, word32 infoSz, byte* aad, word32 aadSz,
-    byte* ciphertext, word32 ctSz, byte* plaintext)
-{
-    int ret;
-    WC_DECLARE_VAR(context, HpkeBaseContext, 1, 0);
-
-    /* check that all the buffer are non NULL or optional with 0 length */
-    if (hpke == NULL || receiverKey == NULL || pubKey == NULL ||
-        pubKeySz == 0 || (info == NULL && infoSz != 0) ||
-        (aad == NULL && aadSz != 0) || plaintext == NULL ||
-        ciphertext == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(context, HpkeBaseContext, 1, hpke->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    PRIVATE_KEY_UNLOCK();
-
-    /* setup receiver */
-    ret = wc_HpkeSetupBaseReceiver(hpke, context, receiverKey, pubKey,
-        pubKeySz, info, infoSz);
-
-    if (ret == 0) {
-        /* open the ciphertext */
-        ret = wc_HpkeContextOpenBase(hpke, context, aad, aadSz, ciphertext,
-            ctSz, plaintext);
-    }
-
-    PRIVATE_KEY_LOCK();
-
-    WC_FREE_VAR_EX(context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-#endif /* HAVE_HPKE && (HAVE_ECC || HAVE_CURVE25519) && HAVE_AESGCM */
diff --git a/src/ssl/wolfssl/wolfcrypt/integer.c b/src/ssl/wolfssl/wolfcrypt/integer.c
deleted file mode 100644
index fded3d7c3..000000000
--- a/src/ssl/wolfssl/wolfcrypt/integer.c
+++ /dev/null
@@ -1,5516 +0,0 @@
-/* integer.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/*
- * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-#ifndef NO_BIG_INT
-
-#if !defined(USE_FAST_MATH) && defined(USE_INTEGER_HEAP_MATH)
-
-#ifndef WOLFSSL_SP_MATH
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#include <wolfssl/wolfcrypt/wolfmath.h>
-
-#if defined(FREESCALE_LTC_TFM)
-    #include <wolfssl/wolfcrypt/port/nxp/ksdk_port.h>
-#endif
-#ifdef WOLFSSL_DEBUG_MATH
-    #include <stdio.h>
-#endif
-
-#ifdef SHOW_GEN
-    #ifndef NO_STDIO_FILESYSTEM
-        #include <stdio.h>
-    #endif
-#endif
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-    extern "C" {
-#endif
-WOLFSSL_LOCAL int sp_ModExp_1024(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_1536(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_2048(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_3072(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_4096(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-#endif
-
-/* reverse an array, used for radix code */
-static void
-bn_reverse (unsigned char *s, int len)
-{
-    int     ix, iy;
-    unsigned char t;
-
-    ix = 0;
-    iy = len - 1;
-    while (ix < iy) {
-        t     = s[ix];
-        s[ix] = s[iy];
-        s[iy] = t;
-        ++ix;
-        --iy;
-    }
-}
-
-/* math settings check */
-word32 CheckRunTimeSettings(void)
-{
-    return CTC_SETTINGS;
-}
-
-
-/* handle up to 6 inits */
-int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
-                  mp_int* f)
-{
-    int res = MP_OKAY;
-
-    if (a) XMEMSET(a, 0, sizeof(mp_int));
-    if (b) XMEMSET(b, 0, sizeof(mp_int));
-    if (c) XMEMSET(c, 0, sizeof(mp_int));
-    if (d) XMEMSET(d, 0, sizeof(mp_int));
-    if (e) XMEMSET(e, 0, sizeof(mp_int));
-    if (f) XMEMSET(f, 0, sizeof(mp_int));
-
-    if (a && ((res = mp_init(a)) != MP_OKAY))
-        return res;
-
-    if (b && ((res = mp_init(b)) != MP_OKAY)) {
-        mp_clear(a);
-        return res;
-    }
-
-    if (c && ((res = mp_init(c)) != MP_OKAY)) {
-        mp_clear(a); mp_clear(b);
-        return res;
-    }
-
-    if (d && ((res = mp_init(d)) != MP_OKAY)) {
-        mp_clear(a); mp_clear(b); mp_clear(c);
-        return res;
-    }
-
-    if (e && ((res = mp_init(e)) != MP_OKAY)) {
-        mp_clear(a); mp_clear(b); mp_clear(c); mp_clear(d);
-        return res;
-    }
-
-    if (f && ((res = mp_init(f)) != MP_OKAY)) {
-        mp_clear(a); mp_clear(b); mp_clear(c); mp_clear(d); mp_clear(e);
-        return res;
-    }
-
-    return res;
-}
-
-
-/* init a new mp_int */
-int mp_init (mp_int * a)
-{
-  /* Safeguard against passing in a null pointer */
-  if (a == NULL)
-    return MP_VAL;
-
-  /* defer allocation until mp_grow */
-  a->dp = NULL;
-
-  /* set the used to zero, allocated digits to the default precision
-   * and sign to positive */
-  a->used  = 0;
-  a->alloc = 0;
-  a->sign  = MP_ZPOS;
-#ifdef HAVE_WOLF_BIGINT
-  wc_bigint_init(&a->raw);
-#endif
-
-  return MP_OKAY;
-}
-
-
-/* clear one (frees)  */
-void mp_clear (mp_int * a)
-{
-#ifdef HAVE_FIPS
-    mp_forcezero(a);
-#else
-  int i;
-
-  if (a == NULL)
-      return;
-
-  /* only do anything if a hasn't been freed previously */
-#ifndef HAVE_WOLF_BIGINT
-  /* When HAVE_WOLF_BIGINT then mp_free -> wc_bigint_free needs to be called
-   * because a->raw->buf may be allocated even when a->dp == NULL. This is the
-   * case for when a zero is loaded into the mp_int. */
-  if (a->dp != NULL)
-#endif
-  {
-    /* first zero the digits */
-    for (i = 0; i < a->used; i++) {
-        a->dp[i] = 0;
-    }
-
-    /* free ram */
-    mp_free(a);
-
-    /* reset members to make debugging easier */
-    a->alloc = a->used = 0;
-    a->sign  = MP_ZPOS;
-  }
-#endif
-}
-
-void mp_free (mp_int * a)
-{
-  /* only do anything if a hasn't been freed previously */
-  if (a->dp != NULL) {
-    /* free ram */
-    XFREE(a->dp, 0, DYNAMIC_TYPE_BIGINT);
-    a->dp    = NULL;
-  }
-
-#ifdef HAVE_WOLF_BIGINT
-  wc_bigint_free(&a->raw);
-#endif
-}
-
-void mp_forcezero(mp_int * a)
-{
-    if (a == NULL)
-        return;
-
-    /* only do anything if a hasn't been freed previously */
-    if (a->dp != NULL) {
-      /* force zero the used digits */
-      ForceZero(a->dp, a->used * sizeof(mp_digit));
-#ifdef HAVE_WOLF_BIGINT
-      wc_bigint_zero(&a->raw);
-#endif
-      /* free ram */
-      mp_free(a);
-
-      /* reset members to make debugging easier */
-      a->alloc = a->used = 0;
-      a->sign  = MP_ZPOS;
-    }
-
-    a->sign = MP_ZPOS;
-    a->used = 0;
-}
-
-
-/* get the size for an unsigned equivalent */
-int mp_unsigned_bin_size (const mp_int * a)
-{
-  int     size = mp_count_bits (a);
-  return (size / 8 + ((size & 7) != 0 ? 1 : 0));
-}
-
-
-/* returns the number of bits in an int */
-int mp_count_bits (const mp_int * a)
-{
-  int     r;
-  mp_digit q;
-
-  /* shortcut */
-  if (a->used == 0) {
-    return 0;
-  }
-
-  /* get number of digits and add that */
-  r = (a->used - 1) * DIGIT_BIT;
-
-  /* take the last digit and count the bits in it */
-  q = a->dp[a->used - 1];
-  while (q > ((mp_digit) 0)) {
-    ++r;
-    q >>= ((mp_digit) 1);
-  }
-  return r;
-}
-
-
-int mp_leading_bit (mp_int * a)
-{
-    int c = mp_count_bits(a);
-
-    if (c == 0) return 0;
-    return (c % 8) == 0;
-}
-
-int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b)
-{
-  int res = 0;
-  while (mp_iszero(t) == MP_NO) {
-#ifndef MP_8BIT
-      b[x++] = (unsigned char) (t->dp[0] & 255);
-#else
-      b[x++] = (unsigned char) (t->dp[0] | ((t->dp[1] & 0x01) << 7));
-#endif
-    if ((res = mp_div_2d (t, 8, t, NULL)) != MP_OKAY) {
-      return res;
-    }
-    res = x;
-  }
-  return res;
-}
-
-/* store in unsigned [big endian] format */
-int mp_to_unsigned_bin (const mp_int * a, unsigned char *b)
-{
-  int     x, res;
-  mp_int  t;
-
-  if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
-    return res;
-  }
-
-  x = mp_to_unsigned_bin_at_pos(0, &t, b);
-  if (x < 0) {
-    mp_clear(&t);
-    return x;
-  }
-
-  bn_reverse (b, x);
-  mp_clear (&t);
-  return res;
-}
-
-int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c)
-{
-    int i, len;
-
-    len = mp_unsigned_bin_size(a);
-
-    if (len > c) {
-      return MP_VAL;
-    }
-
-    /* pad front w/ zeros to match length */
-    for (i = 0; i < c - len; i++) {
-      b[i] = 0x00;
-    }
-    return mp_to_unsigned_bin(a, b + i);
-}
-
-/* creates "a" then copies b into it */
-int mp_init_copy (mp_int * a, const mp_int * b)
-{
-  int     res;
-
-  if ((res = mp_init_size (a, b->used)) != MP_OKAY) {
-    return res;
-  }
-
-  if((res = mp_copy (b, a)) != MP_OKAY) {
-    mp_clear(a);
-  }
-
-  return res;
-}
-
-
-/* copy, b = a */
-int mp_copy (const mp_int * a, mp_int * b)
-{
-  int     res, n;
-
-  /* Safeguard against passing in a null pointer */
-  if (a == NULL || b == NULL)
-    return MP_VAL;
-
-  /* if dst == src do nothing */
-  if (a == b) {
-    return MP_OKAY;
-  }
-
-  /* grow dest */
-  if (b->alloc < a->used || b->alloc == 0) {
-     if ((res = mp_grow (b, a->used)) != MP_OKAY) {
-        return res;
-     }
-  }
-
-  /* zero b and copy the parameters over */
-  {
-    mp_digit *tmpa, *tmpb;
-
-    /* pointer aliases */
-
-    /* source */
-    tmpa = a->dp;
-
-    /* destination */
-    tmpb = b->dp;
-
-    /* copy all the digits */
-    for (n = 0; n < a->used; n++) {
-      *tmpb++ = *tmpa++;
-    }
-
-    /* clear high digits */
-    for (; n < b->used && b->dp; n++) {
-      *tmpb++ = 0;
-    }
-  }
-
-  /* copy used count and sign */
-  b->used = a->used;
-  b->sign = a->sign;
-  return MP_OKAY;
-}
-
-
-/* grow as required */
-int mp_grow (mp_int * a, int size)
-{
-  mp_digit *tmp;
-
-  /* if the alloc size is smaller alloc more ram */
-  if ((a->alloc < size) || (size == 0) || (a->alloc == 0)) {
-    /* ensure there are always at least MP_PREC digits extra on top */
-    size += (MP_PREC * 2) - (size % MP_PREC);
-
-    /* reallocate the array a->dp
-     *
-     * We store the return in a temporary variable
-     * in case the operation failed we don't want
-     * to overwrite the dp member of a.
-     */
-    tmp = (mp_digit *)XREALLOC (a->dp, sizeof (mp_digit) * size, NULL,
-                                                           DYNAMIC_TYPE_BIGINT);
-    if (tmp == NULL) {
-      /* reallocation failed but "a" is still valid [can be freed] */
-      return MP_MEM;
-    }
-
-    /* reallocation succeeded so set a->dp */
-    a->dp = tmp;
-
-    /* zero excess digits */
-    XMEMSET(&a->dp[a->alloc], 0, sizeof (mp_digit) * (size - a->alloc));
-    a->alloc = size;
-  }
-  else if (a->dp == NULL) {
-      /* opportunistic sanity check for null a->dp with nonzero a->alloc */
-      return MP_VAL;
-  }
-  return MP_OKAY;
-}
-
-
-/* shift right by a certain bit count (store quotient in c, optional
-   remainder in d) */
-int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
-{
-  int     D, res;
-  mp_int  t;
-
-
-  /* if the shift count is <= 0 then we do no work */
-  if (b <= 0) {
-    res = mp_copy (a, c);
-    if (d != NULL) {
-      mp_zero (d);
-    }
-    return res;
-  }
-
-  if ((res = mp_init (&t)) != MP_OKAY) {
-    return res;
-  }
-
-  /* get the remainder */
-  if (d != NULL) {
-    if ((res = mp_mod_2d (a, b, &t)) != MP_OKAY) {
-      mp_clear (&t);
-      return res;
-    }
-  }
-
-  /* copy */
-  if ((res = mp_copy (a, c)) != MP_OKAY) {
-    mp_clear (&t);
-    return res;
-  }
-
-  /* shift by as many digits in the bit count */
-  if (b >= (int)DIGIT_BIT) {
-    mp_rshd (c, b / DIGIT_BIT);
-  }
-
-  /* shift any bit count < DIGIT_BIT */
-  D = (b % DIGIT_BIT);
-  if (D != 0) {
-    mp_rshb(c, D);
-  }
-  mp_clamp (c);
-  if (d != NULL) {
-    mp_exch (&t, d);
-  }
-  mp_clear (&t);
-  return MP_OKAY;
-}
-
-
-/* set to zero */
-void mp_zero (mp_int * a)
-{
-  int       n;
-  mp_digit *tmp;
-
-  if (a == NULL)
-      return;
-
-  a->sign = MP_ZPOS;
-  a->used = 0;
-
-  tmp = a->dp;
-  for (n = 0; tmp != NULL && n < a->alloc; n++) {
-     *tmp++ = 0;
-  }
-}
-
-
-/* trim unused digits
- *
- * This is used to ensure that leading zero digits are
- * trimmed and the leading "used" digit will be non-zero
- * Typically very fast.  Also fixes the sign if there
- * are no more leading digits
- */
-void mp_clamp (mp_int * a)
-{
-  /* decrease used while the most significant digit is
-   * zero.
-   */
-  while (a->used > 0 && a->dp[a->used - 1] == 0) {
-    --(a->used);
-  }
-
-  /* reset the sign flag if used == 0 */
-  if (a->used == 0) {
-    a->sign = MP_ZPOS;
-  }
-}
-
-
-/* swap the elements of two integers, for cases where you can't simply swap the
- * mp_int pointers around
- */
-int mp_exch (mp_int * a, mp_int * b)
-{
-  mp_int  t;
-
-  t  = *a;
-  *a = *b;
-  *b = t;
-  return MP_OKAY;
-}
-
-int mp_cond_swap_ct_ex (mp_int * a, mp_int * b, int c, int m, mp_int * t)
-{
-    (void)c;
-    (void)t;
-    if (m == 1)
-        mp_exch(a, b);
-    return MP_OKAY;
-}
-
-int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
-{
-    (void)c;
-    if (m == 1)
-        mp_exch(a, b);
-    return MP_OKAY;
-}
-
-
-/* shift right a certain number of bits */
-void mp_rshb (mp_int *c, int x)
-{
-    mp_digit *tmpc, mask, shift;
-    mp_digit r, rr;
-    mp_digit D = x;
-
-    /* shifting by a negative number not supported, and shifting by
-     * zero changes nothing.
-     */
-    if (x <= 0) return;
-
-    /* shift digits first if needed */
-    if (x >= DIGIT_BIT) {
-        mp_rshd(c, x / DIGIT_BIT);
-        /* recalculate number of bits to shift */
-        D = x % DIGIT_BIT;
-        /* check if any more shifting needed */
-        if (D == 0) return;
-    }
-
-    /* zero shifted is always zero */
-    if (mp_iszero(c)) return;
-
-    /* mask */
-    mask = (((mp_digit)1) << D) - 1;
-
-    /* shift for lsb */
-    shift = DIGIT_BIT - D;
-
-    /* alias */
-    tmpc = c->dp + (c->used - 1);
-
-    /* carry */
-    r = 0;
-    for (x = c->used - 1; x >= 0; x--) {
-      /* get the lower  bits of this word in a temp */
-      rr = *tmpc & mask;
-
-      /* shift the current word and mix in the carry bits from previous word */
-      *tmpc = (*tmpc >> D) | (r << shift);
-      --tmpc;
-
-      /* set the carry to the carry bits of the current word found above */
-      r = rr;
-    }
-    mp_clamp(c);
-}
-
-
-/* shift right a certain amount of digits */
-void mp_rshd (mp_int * a, int b)
-{
-  int     x;
-
-  /* if b <= 0 then ignore it */
-  if (b <= 0) {
-    return;
-  }
-
-  /* if b > used then simply zero it and return */
-  if (a->used <= b) {
-    mp_zero (a);
-    return;
-  }
-
-  {
-    mp_digit *bottom, *top;
-
-    /* shift the digits down */
-
-    /* bottom */
-    bottom = a->dp;
-
-    /* top [offset into digits] */
-    top = a->dp + b;
-
-    /* this is implemented as a sliding window where
-     * the window is b-digits long and digits from
-     * the top of the window are copied to the bottom
-     *
-     * e.g.
-
-     b-2 | b-1 | b0 | b1 | b2 | ... | bb |   ---->
-                 /\                   |      ---->
-                  \-------------------/      ---->
-     */
-    for (x = 0; x < (a->used - b); x++) {
-      *bottom++ = *top++;
-    }
-
-    /* zero the top digits */
-    for (; x < a->used; x++) {
-      *bottom++ = 0;
-    }
-  }
-
-  /* remove excess digits */
-  a->used -= b;
-}
-
-
-/* calc a value mod 2**b */
-int mp_mod_2d (mp_int * a, int b, mp_int * c)
-{
-  int     x, res, bmax;
-
-  /* if b is <= 0 then zero the int */
-  if (b <= 0) {
-    mp_zero (c);
-    return MP_OKAY;
-  }
-
-  /* if the modulus is larger than the value than return */
-  if (a->sign == MP_ZPOS && b >= (int) (a->used * DIGIT_BIT)) {
-    res = mp_copy (a, c);
-    return res;
-  }
-
-  /* copy */
-  if ((res = mp_copy (a, c)) != MP_OKAY) {
-    return res;
-  }
-
-  /* calculate number of digits in mod value */
-  bmax = (b / DIGIT_BIT) + ((b % DIGIT_BIT) == 0 ? 0 : 1);
-  /* zero digits above the last digit of the modulus */
-  for (x = bmax; x < c->used; x++) {
-    c->dp[x] = 0;
-  }
-
-  if (c->sign == MP_NEG) {
-     mp_digit carry = 0;
-
-     /* grow result to size of modulus */
-     if ((res = mp_grow(c, bmax)) != MP_OKAY) {
-         return res;
-     }
-     /* negate value */
-     for (x = 0; x < c->used; x++) {
-         mp_digit next = c->dp[x] > 0;
-         c->dp[x] = ((mp_digit)0 - c->dp[x] - carry) & MP_MASK;
-         carry |= next;
-     }
-     for (; x < bmax; x++) {
-         c->dp[x] = ((mp_digit)0 - carry) & MP_MASK;
-     }
-     c->used = bmax;
-     c->sign = MP_ZPOS;
-  }
-
-  /* clear the digit that is not completely outside/inside the modulus */
-  x = DIGIT_BIT - (b % DIGIT_BIT);
-  if (x != DIGIT_BIT) {
-    c->dp[bmax - 1] &=
-         ((mp_digit)~((mp_digit)0)) >> (x + ((sizeof(mp_digit)*8) - DIGIT_BIT));
-  }
-  mp_clamp (c);
-  return MP_OKAY;
-}
-
-
-/* reads a unsigned char array, assumes the msb is stored first [big endian] */
-int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c)
-{
-  int     res;
-  int     digits_needed;
-
-  while (c > 0 && b[0] == 0) {
-      c--;
-      b++;
-  }
-
-  digits_needed = ((c * CHAR_BIT) + DIGIT_BIT - 1) / DIGIT_BIT;
-
-  /* make sure there are enough digits available */
-  if (a->alloc < digits_needed) {
-     if ((res = mp_grow(a, digits_needed)) != MP_OKAY) {
-        return res;
-     }
-  }
-
-  /* zero the int */
-  mp_zero (a);
-
-  /* read the bytes in */
-  while (c-- > 0) {
-    if ((res = mp_mul_2d (a, 8, a)) != MP_OKAY) {
-      return res;
-    }
-
-#ifndef MP_8BIT
-      a->dp[0] |= *b++;
-      if (a->used == 0)
-          a->used = 1;
-#else
-      a->dp[0] = (*b & MP_MASK);
-      a->dp[1] |= ((*b++ >> 7U) & 1);
-      if (a->used == 0)
-          a->used = 2;
-#endif
-  }
-  mp_clamp (a);
-  return MP_OKAY;
-}
-
-
-/* shift left by a certain bit count */
-int mp_mul_2d (mp_int * a, int b, mp_int * c)
-{
-  mp_digit d;
-  int      res;
-
-  /* copy */
-  if (a != c) {
-     if ((res = mp_copy (a, c)) != MP_OKAY) {
-       return res;
-     }
-  }
-
-  if (c->alloc < (int)(c->used + b/DIGIT_BIT + 1)) {
-     if ((res = mp_grow (c, c->used + b / DIGIT_BIT + 1)) != MP_OKAY) {
-       return res;
-     }
-  }
-
-  /* shift by as many digits in the bit count */
-  if (b >= (int)DIGIT_BIT) {
-    if ((res = mp_lshd (c, b / DIGIT_BIT)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  /* shift any bit count < DIGIT_BIT */
-  d = (mp_digit) (b % DIGIT_BIT);
-  if (d != 0) {
-    mp_digit *tmpc, shift, mask, r, rr;
-    int x;
-
-    /* bitmask for carries */
-    mask = (((mp_digit)1) << d) - 1;
-
-    /* shift for msbs */
-    shift = DIGIT_BIT - d;
-
-    /* alias */
-    tmpc = c->dp;
-
-    /* carry */
-    r    = 0;
-    for (x = 0; x < c->used; x++) {
-      /* get the higher bits of the current word */
-      rr = (*tmpc >> shift) & mask;
-
-      /* shift the current word and OR in the carry */
-      *tmpc = (mp_digit)(((*tmpc << d) | r) & MP_MASK);
-      ++tmpc;
-
-      /* set the carry to the carry bits of the current word */
-      r = rr;
-    }
-
-    /* set final carry */
-    if (r != 0) {
-       c->dp[(c->used)++] = r;
-    }
-  }
-  mp_clamp (c);
-  return MP_OKAY;
-}
-
-
-/* shift left a certain amount of digits */
-int mp_lshd (mp_int * a, int b)
-{
-  int     x, res;
-
-  /* if its less than zero return */
-  if (b <= 0) {
-    return MP_OKAY;
-  }
-
-  /* grow to fit the new digits */
-  if (a->alloc < a->used + b) {
-     if ((res = mp_grow (a, a->used + b)) != MP_OKAY) {
-       return res;
-     }
-  }
-
-  {
-    mp_digit *top, *bottom;
-
-    /* increment the used by the shift amount then copy upwards */
-    a->used += b;
-
-    /* top */
-    top = a->dp + a->used - 1;
-
-    /* base */
-    bottom = a->dp + a->used - 1 - b;
-
-    /* much like mp_rshd this is implemented using a sliding window
-     * except the window goes the other way around.  Copying from
-     * the bottom to the top.  see bn_mp_rshd.c for more info.
-     */
-    for (x = a->used - 1; x >= b; x--) {
-      *top-- = *bottom--;
-    }
-
-    /* zero the lower digits */
-    top = a->dp;
-    for (x = 0; x < b; x++) {
-      *top++ = 0;
-    }
-  }
-  return MP_OKAY;
-}
-
-
-/* this is a shell function that calls either the normal or Montgomery
- * exptmod functions.  Originally the call to the montgomery code was
- * embedded in the normal function but that wasted a lot of stack space
- * for nothing (since 99% of the time the Montgomery code would be called)
- */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
-#else
-    int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) /* //NOLINT(misc-no-recursion) */
-#endif
-{
-  int dr;
-
-  /* modulus P must be positive */
-  if (mp_iszero(P) || P->sign == MP_NEG) {
-     return MP_VAL;
-  }
-  if (mp_isone(P)) {
-     return mp_set(Y, 0);
-  }
-  if (mp_iszero(X)) {
-     return mp_set(Y, 1);
-  }
-  if (mp_iszero(G)) {
-     return mp_set(Y, 0);
-  }
-
-  /* if exponent X is negative we have to recurse */
-  if (X->sign == MP_NEG) {
-#ifdef BN_MP_INVMOD_C
-     mp_int tmpG, tmpX;
-     int err;
-
-     /* first compute 1/G mod P */
-     if ((err = mp_init(&tmpG)) != MP_OKAY) {
-        return err;
-     }
-     if ((err = mp_invmod(G, P, &tmpG)) != MP_OKAY) {
-        mp_clear(&tmpG);
-        return err;
-     }
-
-     /* now get |X| */
-     if ((err = mp_init(&tmpX)) != MP_OKAY) {
-        mp_clear(&tmpG);
-        return err;
-     }
-     if ((err = mp_abs(X, &tmpX)) != MP_OKAY) {
-        mp_clear(&tmpG);
-        mp_clear(&tmpX);
-        return err;
-     }
-
-     /* and now compute (1/G)**|X| instead of G**X [X < 0] */
-     err = mp_exptmod(&tmpG, &tmpX, P, Y);
-     mp_clear(&tmpG);
-     mp_clear(&tmpX);
-     return err;
-#else
-     /* no invmod */
-     return MP_VAL;
-#endif
-  }
-
-#ifdef BN_MP_EXPTMOD_BASE_2
-  if (G->used == 1 && G->dp[0] == 2 && mp_isodd(P) == MP_YES) {
-    return mp_exptmod_base_2(X, P, Y);
-  }
-#endif
-
-/* modified diminished radix reduction */
-#if defined(BN_MP_REDUCE_IS_2K_L_C) && defined(BN_MP_REDUCE_2K_L_C) && \
-  defined(BN_S_MP_EXPTMOD_C)
-  if (mp_reduce_is_2k_l(P) == MP_YES) {
-     return s_mp_exptmod(G, X, P, Y, 1);
-  }
-#endif
-
-#ifdef BN_MP_DR_IS_MODULUS_C
-  /* is it a DR modulus? */
-  dr = mp_dr_is_modulus(P);
-#else
-  /* default to no */
-  dr = 0;
-#endif
-
-  (void)dr;
-
-#ifdef BN_MP_REDUCE_IS_2K_C
-  /* if not, is it a unrestricted DR modulus? */
-  if (dr == 0) {
-     dr = mp_reduce_is_2k(P) << 1;
-  }
-#endif
-
-  /* if the modulus is odd use the montgomery method, or use other known */
-#ifdef BN_MP_EXPTMOD_FAST_C
-  if (mp_isodd (P) == MP_YES || dr !=  0) {
-    return mp_exptmod_fast (G, X, P, Y, dr);
-  } else {
-#endif
-#ifdef BN_S_MP_EXPTMOD_C
-    /* otherwise use the generic Barrett reduction technique */
-    return s_mp_exptmod (G, X, P, Y, 0);
-#else
-    /* no exptmod for evens */
-    return MP_VAL;
-#endif
-#ifdef BN_MP_EXPTMOD_FAST_C
-  }
-#endif
-}
-
-int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P, mp_int * Y)
-{
-    (void)digits;
-    return mp_exptmod(G, X, P, Y);
-}
-
-/* b = |a|
- *
- * Simple function copies the input and fixes the sign to positive
- */
-int mp_abs (mp_int * a, mp_int * b)
-{
-  int     res;
-
-  /* copy a to b */
-  if (a != b) {
-     if ((res = mp_copy (a, b)) != MP_OKAY) {
-       return res;
-     }
-  }
-
-  /* force the sign of b to positive */
-  b->sign = MP_ZPOS;
-
-  return MP_OKAY;
-}
-
-
-/* hac 14.61, pp608 */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_invmod(mp_int * a, mp_int * b, mp_int * c)
-#else
-int mp_invmod (mp_int * a, mp_int * b, mp_int * c)
-#endif
-{
-  /* b cannot be negative or zero, and can not divide by 0 (1/a mod b) */
-  if (b->sign == MP_NEG || mp_iszero(b) == MP_YES || mp_iszero(a) == MP_YES) {
-    return MP_VAL;
-  }
-
-#ifdef BN_FAST_MP_INVMOD_C
-  /* if the modulus is odd we can use a faster routine instead */
-  if ((mp_isodd(b) == MP_YES) && (mp_cmp_d(b, 1) != MP_EQ)) {
-    return fast_mp_invmod (a, b, c);
-  }
-#endif
-
-#ifdef BN_MP_INVMOD_SLOW_C
-  return mp_invmod_slow(a, b, c);
-#else
-  return MP_VAL;
-#endif
-}
-
-
-/* computes the modular inverse via binary extended euclidean algorithm,
- * that is c = 1/a mod b
- *
- * Based on slow invmod except this is optimized for the case where b is
- * odd as per HAC Note 14.64 on pp. 610
- */
-int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
-{
-  mp_int  x, y, u, v, B, D;
-  int     res, loop_check = 0;
-
-  /* 2. [modified] b must be odd   */
-  if (mp_iseven (b) == MP_YES) {
-    return MP_VAL;
-  }
-
-  /* init all our temps */
-  if ((res = mp_init_multi(&x, &y, &u, &v, &B, &D)) != MP_OKAY) {
-     return res;
-  }
-
-  /* x == modulus, y == value to invert */
-  if ((res = mp_copy (b, &x)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-
-  /* we need y = |a| */
-  if ((res = mp_mod (a, b, &y)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-
-  if (mp_iszero (&y) == MP_YES) {
-    /* invmod doesn't exist for this a and b */
-    res = MP_VAL;
-    goto LBL_ERR;
-  }
-
-  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
-  if ((res = mp_copy (&x, &u)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-  if ((res = mp_copy (&y, &v)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-  if ((res = mp_set (&D, 1)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-
-top:
-  /* 4.  while u is even do */
-  while (mp_iseven (&u) == MP_YES) {
-    /* 4.1 u = u/2 */
-    if ((res = mp_div_2 (&u, &u)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-    /* 4.2 if B is odd then */
-    if (mp_isodd (&B) == MP_YES) {
-      if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) {
-        goto LBL_ERR;
-      }
-    }
-    /* B = B/2 */
-    if ((res = mp_div_2 (&B, &B)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-
-  /* 5.  while v is even do */
-  while (mp_iseven (&v) == MP_YES) {
-    /* 5.1 v = v/2 */
-    if ((res = mp_div_2 (&v, &v)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-    /* 5.2 if D is odd then */
-    if (mp_isodd (&D) == MP_YES) {
-      /* D = (D-x)/2 */
-      if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) {
-        goto LBL_ERR;
-      }
-    }
-    /* D = D/2 */
-    if ((res = mp_div_2 (&D, &D)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-
-  /* 6.  if u >= v then */
-  if (mp_cmp (&u, &v) != MP_LT) {
-    /* u = u - v, B = B - D */
-    if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-
-    if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  } else {
-    /* v - v - u, D = D - B */
-    if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-
-    if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-
-  /* if not zero goto step 4 */
-  if (mp_iszero (&u) == MP_NO) {
-    if (++loop_check > MAX_INVMOD_SZ) {
-        res = MP_VAL;
-        goto LBL_ERR;
-    }
-    goto top;
-  }
-
-  /* now a = C, b = D, gcd == g*v */
-
-  /* if v != 1 then there is no inverse */
-  if (mp_cmp_d (&v, 1) != MP_EQ) {
-    res = MP_VAL;
-    goto LBL_ERR;
-  }
-
-  /* b is now the inverse */
-  while (D.sign == MP_NEG) {
-    if ((res = mp_add (&D, b, &D)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-  /* too big */
-  while (mp_cmp_mag(&D, b) != MP_LT) {
-      if ((res = mp_sub(&D, b, &D)) != MP_OKAY) {
-         goto LBL_ERR;
-      }
-  }
-  mp_exch (&D, c);
-  res = MP_OKAY;
-
-LBL_ERR:mp_clear(&x);
-        mp_clear(&y);
-        mp_clear(&u);
-        mp_clear(&v);
-        mp_clear(&B);
-        mp_clear(&D);
-  return res;
-}
-
-
-/* hac 14.61, pp608 */
-int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
-{
-  mp_int  x, y, u, v, A, B, C, D;
-  int     res;
-
-  /* b cannot be negative */
-  if (b->sign == MP_NEG || mp_iszero(b) == MP_YES) {
-    return MP_VAL;
-  }
-
-  /* init temps */
-  if ((res = mp_init_multi(&x, &y, &u, &v,
-                           &A, &B)) != MP_OKAY) {
-    return res;
-  }
-
-  /* init rest of tmps temps */
-  if ((res = mp_init_multi(&C, &D, 0, 0, 0, 0)) != MP_OKAY) {
-    mp_clear(&x);
-    mp_clear(&y);
-    mp_clear(&u);
-    mp_clear(&v);
-    mp_clear(&A);
-    mp_clear(&B);
-    return res;
-  }
-
-  /* x = a, y = b */
-  if ((res = mp_mod(a, b, &x)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-
-  if (mp_iszero (&x) == MP_YES) {
-    /* invmod doesn't exist for this a and b */
-    res = MP_VAL;
-    goto LBL_ERR;
-  }
-
-  if (mp_isone(&x)) {
-    res = mp_set(c, 1);
-    goto LBL_ERR;
-  }
-  if ((res = mp_copy (b, &y)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-
-  /* 2. [modified] if x,y are both even then return an error! */
-  if (mp_iseven (&x) == MP_YES && mp_iseven (&y) == MP_YES) {
-    res = MP_VAL;
-    goto LBL_ERR;
-  }
-
-  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
-  if ((res = mp_copy (&x, &u)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-  if ((res = mp_copy (&y, &v)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-  if ((res = mp_set (&A, 1)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-  if ((res = mp_set (&D, 1)) != MP_OKAY) {
-    goto LBL_ERR;
-  }
-
-top:
-  /* 4.  while u is even do */
-  while (mp_iseven (&u) == MP_YES) {
-    /* 4.1 u = u/2 */
-    if ((res = mp_div_2 (&u, &u)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-    /* 4.2 if A or B is odd then */
-    if (mp_isodd (&A) == MP_YES || mp_isodd (&B) == MP_YES) {
-      /* A = (A+y)/2, B = (B-x)/2 */
-      if ((res = mp_add (&A, &y, &A)) != MP_OKAY) {
-        goto LBL_ERR;
-      }
-      if ((res = mp_sub (&B, &x, &B)) != MP_OKAY) {
-        goto LBL_ERR;
-      }
-    }
-    /* A = A/2, B = B/2 */
-    if ((res = mp_div_2 (&A, &A)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-    if ((res = mp_div_2 (&B, &B)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-
-  /* 5.  while v is even do */
-  while (mp_iseven (&v) == MP_YES) {
-    /* 5.1 v = v/2 */
-    if ((res = mp_div_2 (&v, &v)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-    /* 5.2 if C or D is odd then */
-    if (mp_isodd (&C) == MP_YES || mp_isodd (&D) == MP_YES) {
-      /* C = (C+y)/2, D = (D-x)/2 */
-      if ((res = mp_add (&C, &y, &C)) != MP_OKAY) {
-        goto LBL_ERR;
-      }
-      if ((res = mp_sub (&D, &x, &D)) != MP_OKAY) {
-        goto LBL_ERR;
-      }
-    }
-    /* C = C/2, D = D/2 */
-    if ((res = mp_div_2 (&C, &C)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-    if ((res = mp_div_2 (&D, &D)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-
-  /* 6.  if u >= v then */
-  if (mp_cmp (&u, &v) != MP_LT) {
-    /* u = u - v, A = A - C, B = B - D */
-    if ((res = mp_sub (&u, &v, &u)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-
-    if ((res = mp_sub (&A, &C, &A)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-
-    if ((res = mp_sub (&B, &D, &B)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  } else {
-    /* v - v - u, C = C - A, D = D - B */
-    if ((res = mp_sub (&v, &u, &v)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-
-    if ((res = mp_sub (&C, &A, &C)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-
-    if ((res = mp_sub (&D, &B, &D)) != MP_OKAY) {
-      goto LBL_ERR;
-    }
-  }
-
-  /* if not zero goto step 4 */
-  if (mp_iszero (&u) == MP_NO)
-    goto top;
-
-  /* now a = C, b = D, gcd == g*v */
-
-  /* if v != 1 then there is no inverse */
-  if (mp_cmp_d (&v, 1) != MP_EQ) {
-    res = MP_VAL;
-    goto LBL_ERR;
-  }
-
-  /* if its too low */
-  while (mp_cmp_d(&C, 0) == MP_LT) {
-      if ((res = mp_add(&C, b, &C)) != MP_OKAY) {
-         goto LBL_ERR;
-      }
-  }
-
-  /* too big */
-  while (mp_cmp_mag(&C, b) != MP_LT) {
-      if ((res = mp_sub(&C, b, &C)) != MP_OKAY) {
-         goto LBL_ERR;
-      }
-  }
-
-  /* C is now the inverse */
-  mp_exch (&C, c);
-  res = MP_OKAY;
-LBL_ERR:mp_clear(&x);
-        mp_clear(&y);
-        mp_clear(&u);
-        mp_clear(&v);
-        mp_clear(&A);
-        mp_clear(&B);
-        mp_clear(&C);
-        mp_clear(&D);
-  return res;
-}
-
-
-/* compare magnitude of two ints (unsigned) */
-int mp_cmp_mag (mp_int * a, mp_int * b)
-{
-  int     n;
-  mp_digit *tmpa, *tmpb;
-
-  /* compare based on # of non-zero digits */
-  if (a->used > b->used) {
-    return MP_GT;
-  }
-
-  if (a->used < b->used) {
-    return MP_LT;
-  }
-
-  if (a->used == 0)
-      return MP_EQ;
-
-  /* alias for a */
-  tmpa = a->dp + (a->used - 1);
-
-  /* alias for b */
-  tmpb = b->dp + (a->used - 1);
-
-  /* compare based on digits  */
-  for (n = 0; n < a->used; ++n, --tmpa, --tmpb) {
-    if (*tmpa > *tmpb) {
-      return MP_GT;
-    }
-
-    if (*tmpa < *tmpb) {
-      return MP_LT;
-    }
-  }
-  return MP_EQ;
-}
-
-
-/* compare two ints (signed)*/
-int mp_cmp (mp_int * a, mp_int * b)
-{
-  /* compare based on sign */
-  if (a->sign != b->sign) {
-     if (a->sign == MP_NEG) {
-        return MP_LT;
-     } else {
-        return MP_GT;
-     }
-  }
-
-  /* compare digits */
-  if (a->sign == MP_NEG) {
-     /* if negative compare opposite direction */
-     return mp_cmp_mag(b, a);
-  } else {
-     return mp_cmp_mag(a, b);
-  }
-}
-
-
-/* compare a digit */
-int mp_cmp_d(mp_int * a, mp_digit b)
-{
-  /* special case for zero*/
-  if (a->used == 0 && b == 0)
-    return MP_EQ;
-
-  /* compare based on sign */
-  if ((b && a->used == 0) || a->sign == MP_NEG) {
-    return MP_LT;
-  }
-
-  /* compare based on magnitude */
-  if (a->used > 1) {
-    return MP_GT;
-  }
-
-  /* compare the only digit of a to b */
-  if (a->dp[0] > b) {
-    return MP_GT;
-  } else if (a->dp[0] < b) {
-    return MP_LT;
-  } else {
-    return MP_EQ;
-  }
-}
-
-
-/* set to a digit */
-int mp_set (mp_int * a, mp_digit b)
-{
-  int res;
-  mp_zero (a);
-  res = mp_grow (a, 1);
-  if (res == MP_OKAY) {
-    a->dp[0] = (mp_digit)(b & MP_MASK);
-    a->used  = (a->dp[0] != 0) ? 1 : 0;
-  }
-  return res;
-}
-
-/* check if a bit is set */
-int mp_is_bit_set (mp_int *a, mp_digit b)
-{
-    mp_digit i = b / DIGIT_BIT;  /* word index */
-    mp_digit s = b % DIGIT_BIT;  /* bit index */
-
-    if ((mp_digit)a->used <= i) {
-        /* no words available at that bit count */
-        return 0;
-    }
-
-    /* get word and shift bit to check down to index 0 */
-    return (int)((a->dp[i] >> s) & (mp_digit)1);
-}
-
-/* c = a mod b, 0 <= c < b */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_mod(mp_int * a, mp_int * b, mp_int * c)
-#else
-int mp_mod (mp_int * a, mp_int * b, mp_int * c)
-#endif
-{
-  mp_int  t;
-  int     res;
-
-  if ((res = mp_init_size (&t, b->used)) != MP_OKAY) {
-    return res;
-  }
-
-  if ((res = mp_div (a, b, NULL, &t)) != MP_OKAY) {
-    mp_clear (&t);
-    return res;
-  }
-
-  if ((mp_iszero(&t) != MP_NO) || (t.sign == b->sign)) {
-    res = MP_OKAY;
-    mp_exch (&t, c);
-  } else {
-    res = mp_add (b, &t, c);
-  }
-
-  mp_clear (&t);
-  return res;
-}
-
-
-/* slower bit-bang division... also smaller */
-int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
-{
-   mp_int ta, tb, tq, q;
-   int    res, n, n2;
-
-  /* is divisor zero ? */
-  if (mp_iszero (b) == MP_YES) {
-    return MP_VAL;
-  }
-
-  /* if a < b then q=0, r = a */
-  if (mp_cmp_mag (a, b) == MP_LT) {
-    if (d != NULL) {
-      res = mp_copy (a, d);
-    } else {
-      res = MP_OKAY;
-    }
-    if (c != NULL) {
-      mp_zero (c);
-    }
-    return res;
-  }
-
-  /* init our temps */
-  if ((res = mp_init_multi(&ta, &tb, &tq, &q, 0, 0)) != MP_OKAY) {
-     return res;
-  }
-
-  if ((res = mp_set(&tq, 1)) != MP_OKAY) {
-     return res;
-  }
-  n = mp_count_bits(a) - mp_count_bits(b);
-  if (((res = mp_abs(a, &ta)) != MP_OKAY) ||
-      ((res = mp_abs(b, &tb)) != MP_OKAY) ||
-      ((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) ||
-      ((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) {
-      goto LBL_ERR;
-  }
-
-  while (n-- >= 0) {
-     if (mp_cmp(&tb, &ta) != MP_GT) {
-        if (((res = mp_sub(&ta, &tb, &ta)) != MP_OKAY) ||
-            ((res = mp_add(&q, &tq, &q)) != MP_OKAY)) {
-           goto LBL_ERR;
-        }
-     }
-     if (((res = mp_div_2d(&tb, 1, &tb, NULL)) != MP_OKAY) ||
-         ((res = mp_div_2d(&tq, 1, &tq, NULL)) != MP_OKAY)) {
-           goto LBL_ERR;
-     }
-  }
-
-  /* now q == quotient and ta == remainder */
-  n  = a->sign;
-  n2 = (a->sign == b->sign ? MP_ZPOS : MP_NEG);
-  if (c != NULL) {
-     mp_exch(c, &q);
-     c->sign  = (mp_iszero(c) == MP_YES) ? MP_ZPOS : n2;
-  }
-  if (d != NULL) {
-     mp_exch(d, &ta);
-     d->sign = (mp_iszero(d) == MP_YES) ? MP_ZPOS : n;
-  }
-LBL_ERR:
-   mp_clear(&ta);
-   mp_clear(&tb);
-   mp_clear(&tq);
-   mp_clear(&q);
-   return res;
-}
-
-
-/* b = a/2 */
-int mp_div_2(mp_int * a, mp_int * b)
-{
-  int     x, res, oldused;
-
-  /* copy */
-  if (b->alloc < a->used) {
-    if ((res = mp_grow (b, a->used)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  oldused = b->used;
-  b->used = a->used;
-  {
-    mp_digit r, rr, *tmpa, *tmpb;
-
-    /* source alias */
-    tmpa = a->dp + b->used - 1;
-
-    /* dest alias */
-    tmpb = b->dp + b->used - 1;
-
-    /* carry */
-    r = 0;
-    for (x = b->used - 1; x >= 0; x--) {
-      /* get the carry for the next iteration */
-      rr = *tmpa & 1;
-
-      /* shift the current digit, add in carry and store */
-      *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1));
-
-      /* forward carry to next iteration */
-      r = rr;
-    }
-
-    /* zero excess digits */
-    tmpb = b->dp + b->used;
-    for (x = b->used; x < oldused; x++) {
-      *tmpb++ = 0;
-    }
-  }
-  b->sign = a->sign;
-  mp_clamp (b);
-  return MP_OKAY;
-}
-
-/* c = a / 2 (mod b) - constant time (a < b and positive) */
-int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c)
-{
-    int res;
-
-    if (mp_isodd(a)) {
-        res = mp_add(a, b, c);
-        if (res == MP_OKAY) {
-            res = mp_div_2(c, c);
-        }
-    }
-    else {
-        res = mp_div_2(a, c);
-    }
-
-    return res;
-}
-
-
-/* high level addition (handles signs) */
-int mp_add (mp_int * a, mp_int * b, mp_int * c)
-{
-  int sa, sb, res;
-
-  /* get sign of both inputs */
-  sa = a->sign;
-  sb = b->sign;
-
-  /* handle two cases, not four */
-  if (sa == sb) {
-    /* both positive or both negative */
-    /* add their magnitudes, copy the sign */
-    c->sign = sa;
-    res = s_mp_add (a, b, c);
-  } else {
-    /* one positive, the other negative */
-    /* subtract the one with the greater magnitude from */
-    /* the one of the lesser magnitude.  The result gets */
-    /* the sign of the one with the greater magnitude. */
-    if (mp_cmp_mag (a, b) == MP_LT) {
-      c->sign = sb;
-      res = s_mp_sub (b, a, c);
-    } else {
-      c->sign = sa;
-      res = s_mp_sub (a, b, c);
-    }
-  }
-  return res;
-}
-
-
-/* low level addition, based on HAC pp.594, Algorithm 14.7 */
-int s_mp_add (mp_int * a, mp_int * b, mp_int * c)
-{
-  mp_int *x;
-  int     olduse, res, min_ab, max_ab;
-
-  /* find sizes, we let |a| <= |b| which means we have to sort
-   * them.  "x" will point to the input with the most digits
-   */
-  if (a->used > b->used) {
-    min_ab = b->used;
-    max_ab = a->used;
-    x = a;
-  } else {
-    min_ab = a->used;
-    max_ab = b->used;
-    x = b;
-  }
-
-  /* init result */
-  if (c->dp == NULL || c->alloc < max_ab + 1) {
-    if ((res = mp_grow (c, max_ab + 1)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  /* get old used digit count and set new one */
-  olduse = c->used;
-  c->used = max_ab + 1;
-
-  {
-    mp_digit u, *tmpa, *tmpb, *tmpc;
-    int i;
-
-    /* alias for digit pointers */
-
-    /* first input */
-    tmpa = a->dp;
-
-    /* second input */
-    tmpb = b->dp;
-
-    /* destination */
-    tmpc = c->dp;
-
-    /* sanity-check dp pointers. */
-    if ((min_ab > 0) &&
-        ((tmpa == NULL) || (tmpb == NULL) || (tmpc == NULL)))
-    {
-        return MP_VAL;
-    }
-
-    /* zero the carry */
-    u = 0;
-    for (i = 0; i < min_ab; i++) {
-      /* Compute the sum at one digit, T[i] = A[i] + B[i] + U */
-      *tmpc = *tmpa++ + *tmpb++ + u;
-
-      /* U = carry bit of T[i] */
-      u = *tmpc >> ((mp_digit)DIGIT_BIT);
-
-      /* take away carry bit from T[i] */
-      *tmpc++ &= MP_MASK;
-    }
-
-    /* now copy higher words if any, that is in A+B
-     * if A or B has more digits add those in
-     */
-    if (min_ab != max_ab) {
-      for (; i < max_ab; i++) {
-        /* T[i] = X[i] + U */
-          *tmpc = x->dp[i] + u;
-
-        /* U = carry bit of T[i] */
-        u = *tmpc >> ((mp_digit)DIGIT_BIT);
-
-        /* take away carry bit from T[i] */
-        *tmpc++ &= MP_MASK;
-      }
-    }
-
-    /* add carry */
-    *tmpc++ = u;
-
-    /* clear digits above olduse */
-    for (i = c->used; i < olduse; i++) {
-      *tmpc++ = 0;
-    }
-  }
-
-  mp_clamp (c);
-  return MP_OKAY;
-}
-
-
-/* low level subtraction (assumes |a| > |b|), HAC pp.595 Algorithm 14.9 */
-int s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
-{
-  int     olduse, res, min_b, max_a;
-
-  /* find sizes */
-  min_b = b->used;
-  max_a = a->used;
-
-  /* init result */
-  if (c->alloc < max_a) {
-    if ((res = mp_grow (c, max_a)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  /* sanity check on destination */
-  if (c->dp == NULL)
-     return MP_VAL;
-
-  olduse = c->used;
-  c->used = max_a;
-
-  {
-    mp_digit u, *tmpa, *tmpb, *tmpc;
-    int i;
-
-    /* alias for digit pointers */
-    tmpa = a->dp;
-    tmpb = b->dp;
-    tmpc = c->dp;
-
-    /* sanity-check dp pointers from a and b. */
-    if ((min_b > 0) &&
-        ((tmpa == NULL) || (tmpb == NULL)))
-    {
-        return MP_VAL;
-    }
-
-    /* set carry to zero */
-    u = 0;
-    for (i = 0; i < min_b; i++) {
-      /* T[i] = A[i] - B[i] - U */
-      *tmpc = *tmpa++ - *tmpb++ - u;
-
-      /* U = carry bit of T[i]
-       * Note this saves performing an AND operation since
-       * if a carry does occur it will propagate all the way to the
-       * MSB.  As a result a single shift is enough to get the carry
-       */
-      u = *tmpc >> ((mp_digit)(CHAR_BIT * sizeof (mp_digit) - 1));
-
-      /* Clear carry from T[i] */
-      *tmpc++ &= MP_MASK;
-    }
-
-    /* now copy higher words if any, e.g. if A has more digits than B  */
-    for (; i < max_a; i++) {
-      /* T[i] = A[i] - U */
-      *tmpc = *tmpa++ - u;
-
-      /* U = carry bit of T[i] */
-      u = *tmpc >> ((mp_digit)(CHAR_BIT * sizeof (mp_digit) - 1));
-
-      /* Clear carry from T[i] */
-      *tmpc++ &= MP_MASK;
-    }
-
-    /* clear digits above used (since we may not have grown result above) */
-    for (i = c->used; i < olduse; i++) {
-      *tmpc++ = 0;
-    }
-  }
-
-  mp_clamp (c);
-  return MP_OKAY;
-}
-
-
-/* high level subtraction (handles signs) */
-int mp_sub (mp_int * a, mp_int * b, mp_int * c)
-{
-  int     sa, sb, res;
-
-  sa = a->sign;
-  sb = b->sign;
-
-  if (sa != sb) {
-    /* subtract a negative from a positive, OR */
-    /* subtract a positive from a negative. */
-    /* In either case, ADD their magnitudes, */
-    /* and use the sign of the first number. */
-    c->sign = sa;
-    res = s_mp_add (a, b, c);
-  } else {
-    /* subtract a positive from a positive, OR */
-    /* subtract a negative from a negative. */
-    /* First, take the difference between their */
-    /* magnitudes, then... */
-    if (mp_cmp_mag (a, b) != MP_LT) {
-      /* Copy the sign from the first */
-      c->sign = sa;
-      /* The first has a larger or equal magnitude */
-      res = s_mp_sub (a, b, c);
-    } else {
-      /* The result has the *opposite* sign from */
-      /* the first number. */
-      c->sign = (sa == MP_ZPOS) ? MP_NEG : MP_ZPOS;
-      /* The second has a larger magnitude */
-      res = s_mp_sub (b, a, c);
-    }
-  }
-  return res;
-}
-
-
-/* determines if reduce_2k_l can be used */
-int mp_reduce_is_2k_l(mp_int *a)
-{
-   int ix, iy;
-
-   if (a->used == 0) {
-      return MP_NO;
-   } else if (a->used == 1) {
-      return MP_YES;
-   } else if (a->used > 1) {
-      /* if more than half of the digits are -1 we're sold */
-      for (iy = ix = 0; ix < a->used; ix++) {
-          if (a->dp[ix] == MP_MASK) {
-              ++iy;
-          }
-      }
-      return (iy >= (a->used/2)) ? MP_YES : MP_NO;
-
-   }
-   return MP_NO;
-}
-
-
-/* determines if mp_reduce_2k can be used */
-int mp_reduce_is_2k(mp_int *a)
-{
-   int ix, iy, iw;
-   mp_digit iz;
-
-   if (a->used == 0) {
-      return MP_NO;
-   } else if (a->used == 1) {
-      return MP_YES;
-   } else if (a->used > 1) {
-      iy = mp_count_bits(a);
-      iz = 1;
-      iw = 1;
-
-      /* Test every bit from the second digit up, must be 1 */
-      for (ix = DIGIT_BIT; ix < iy; ix++) {
-          if ((a->dp[iw] & iz) == 0) {
-             return MP_NO;
-          }
-          iz <<= 1;
-          if (iz > (mp_digit)MP_MASK) {
-             ++iw;
-             iz = 1;
-          }
-      }
-   }
-   return MP_YES;
-}
-
-
-/* determines if a number is a valid DR modulus */
-int mp_dr_is_modulus(mp_int *a)
-{
-   int ix;
-
-   /* must be at least two digits */
-   if (a->used < 2) {
-      return 0;
-   }
-
-   /* must be of the form b**k - a [a <= b] so all
-    * but the first digit must be equal to -1 (mod b).
-    */
-   for (ix = 1; ix < a->used; ix++) {
-       if (a->dp[ix] != MP_MASK) {
-          return 0;
-       }
-   }
-   return 1;
-}
-
-/* computes Y == G**X mod P, HAC pp.616, Algorithm 14.85
- *
- * Uses a left-to-right k-ary sliding window to compute the modular
- * exponentiation.
- * The value of k changes based on the size of the exponent.
- *
- * Uses Montgomery or Diminished Radix reduction [whichever appropriate]
- */
-
-#ifdef MP_LOW_MEM
-   #define TAB_SIZE 32
-#else
-   #define TAB_SIZE 256
-#endif
-
-int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
-                     int redmode)
-{
-  mp_int res;
-  mp_digit buf, mp;
-  int     err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
-  WC_DECLARE_VAR(M, mp_int, TAB_SIZE, 0);
-  /* use a pointer to the reduction algorithm.  This allows us to use
-   * one of many reduction algorithms without modding the guts of
-   * the code with if statements everywhere.
-   */
-  int     (*redux)(mp_int*,mp_int*,mp_digit) = NULL;
-
-  WC_ALLOC_VAR_EX(M, mp_int, TAB_SIZE, NULL, DYNAMIC_TYPE_BIGINT,
-      return MP_MEM);
-
-  /* find window size */
-  x = mp_count_bits (X);
-  if (x <= 7) {
-    winsize = 2;
-  } else if (x <= 36) {
-    winsize = 3;
-  } else if (x <= 140) {
-    winsize = 4;
-  } else if (x <= 450) {
-    winsize = 5;
-  } else if (x <= 1303) {
-    winsize = 6;
-  } else if (x <= 3529) {
-    winsize = 7;
-  } else {
-    winsize = 8;
-  }
-
-#ifdef MP_LOW_MEM
-  if (winsize > 5) {
-     winsize = 5;
-  }
-#endif
-
-  /* init M array */
-  /* init first cell */
-  if ((err = mp_init_size(&M[1], P->alloc)) != MP_OKAY) {
-     WC_FREE_VAR_EX(M, NULL, DYNAMIC_TYPE_BIGINT);
-
-     return err;
-  }
-
-  /* now init the second half of the array */
-  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
-    if ((err = mp_init_size(&M[x], P->alloc)) != MP_OKAY) {
-      for (y = 1<<(winsize-1); y < x; y++) {
-        mp_clear (&M[y]);
-      }
-      mp_clear(&M[1]);
-
-      WC_FREE_VAR_EX(M, NULL, DYNAMIC_TYPE_BIGINT);
-
-      return err;
-    }
-  }
-
-  /* determine and setup reduction code */
-  if (redmode == 0) {
-#ifdef BN_MP_MONTGOMERY_SETUP_C
-     /* now setup montgomery  */
-     if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) {
-        goto LBL_M;
-     }
-#else
-     err = MP_VAL;
-     goto LBL_M;
-#endif
-
-     /* automatically pick the comba one if available (saves quite a few
-        calls/ifs) */
-#ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C
-     if (((P->used * 2 + 1) < (int)MP_WARRAY) &&
-          P->used < (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
-        redux = fast_mp_montgomery_reduce;
-     } else
-#endif
-     {
-#ifdef BN_MP_MONTGOMERY_REDUCE_C
-        /* use slower baseline Montgomery method */
-        redux = mp_montgomery_reduce;
-#endif
-     }
-  } else if (redmode == 1) {
-#if defined(BN_MP_DR_SETUP_C) && defined(BN_MP_DR_REDUCE_C)
-     /* setup DR reduction for moduli of the form B**k - b */
-     mp_dr_setup(P, &mp);
-     redux = mp_dr_reduce;
-#endif
-  } else {
-#if defined(BN_MP_REDUCE_2K_SETUP_C) && defined(BN_MP_REDUCE_2K_C)
-     /* setup DR reduction for moduli of the form 2**k - b */
-     if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) {
-        goto LBL_M;
-     }
-     /* mp of zero is not usable */
-     if (mp != 0) {
-         redux = mp_reduce_2k;
-     }
-#endif
-  }
-
-  if (redux == NULL) {
-     err = MP_VAL;
-     goto LBL_M;
-  }
-
-  /* setup result */
-  if ((err = mp_init_size (&res, P->alloc)) != MP_OKAY) {
-    goto LBL_M;
-  }
-
-  /* create M table
-   *
-
-   *
-   * The first half of the table is not computed though accept for M[0] and M[1]
-   */
-
-  if (redmode == 0) {
-#ifdef BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
-     /* now we need R mod m */
-     if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) {
-       goto LBL_RES;
-     }
-
-     /* now set M[1] to G * R mod m */
-     if ((err = mp_mulmod (G, &res, P, &M[1])) != MP_OKAY) {
-       goto LBL_RES;
-     }
-#else
-     err = MP_VAL;
-     goto LBL_RES;
-#endif
-  } else {
-     if ((err = mp_set(&res, 1)) != MP_OKAY) {
-        goto LBL_RES;
-     }
-     if ((err = mp_mod(G, P, &M[1])) != MP_OKAY) {
-        goto LBL_RES;
-     }
-  }
-
-  /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times*/
-  if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
-    goto LBL_RES;
-  }
-
-  for (x = 0; x < (winsize - 1); x++) {
-    if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))],
-                       &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
-      goto LBL_RES;
-    }
-    if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, mp)) != MP_OKAY) {
-      goto LBL_RES;
-    }
-  }
-
-  /* create upper table */
-  for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) {
-    if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) {
-      goto LBL_RES;
-    }
-    if ((err = redux (&M[x], P, mp)) != MP_OKAY) {
-      goto LBL_RES;
-    }
-  }
-
-  /* set initial mode and bit cnt */
-  mode   = 0;
-  bitcnt = 1;
-  buf    = 0;
-  digidx = X->used - 1;
-  bitcpy = 0;
-  bitbuf = 0;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf <<= (mp_digit)1;
-
-    /* if the bit is zero and mode == 0 then we ignore it
-     * These represent the leading zero bits before the first 1 bit
-     * in the exponent.  Technically this opt is not required but it
-     * does lower the # of trivial squaring/reductions used
-     */
-    if (mode == 0 && y == 0) {
-      continue;
-    }
-
-    /* if the bit is zero and mode == 1 then we square */
-    if (mode == 1 && y == 0) {
-      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      if ((err = redux (&res, P, mp)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      continue;
-    }
-
-    /* else we add it to the window */
-    bitbuf |= (y << (winsize - ++bitcpy));
-    mode    = 2;
-
-    if (bitcpy == winsize) {
-      /* ok window is filled so square as required and multiply  */
-      /* square first */
-      for (x = 0; x < winsize; x++) {
-        if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-        if ((err = redux (&res, P, mp)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-      }
-
-      /* then multiply */
-      if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      if ((err = redux (&res, P, mp)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-
-      /* empty window and reset */
-      bitcpy = 0;
-      bitbuf = 0;
-      mode   = 1;
-    }
-  }
-
-  /* if bits remain then square/multiply */
-  if (mode == 2 && bitcpy > 0) {
-    /* square then multiply if the bit is set */
-    for (x = 0; x < bitcpy; x++) {
-      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      if ((err = redux (&res, P, mp)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-
-      /* get next bit of the window */
-      bitbuf <<= 1;
-      if ((bitbuf & (1 << winsize)) != 0) {
-        /* then multiply */
-        if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-        if ((err = redux (&res, P, mp)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-      }
-    }
-  }
-
-  if (redmode == 0) {
-     /* fixup result if Montgomery reduction is used
-      * recall that any value in a Montgomery system is
-      * actually multiplied by R mod n.  So we have
-      * to reduce one more time to cancel out the factor
-      * of R.
-      */
-     if ((err = redux(&res, P, mp)) != MP_OKAY) {
-       goto LBL_RES;
-     }
-  }
-
-  /* swap res with Y */
-  mp_exch (&res, Y);
-  err = MP_OKAY;
-LBL_RES:mp_clear (&res);
-LBL_M:
-  mp_clear(&M[1]);
-  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
-    mp_clear (&M[x]);
-  }
-
-  WC_FREE_VAR_EX(M, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return err;
-}
-
-#ifdef BN_MP_EXPTMOD_BASE_2
-#if DIGIT_BIT < 16
-    #define WINSIZE    3
-#elif DIGIT_BIT < 32
-    #define WINSIZE    4
-#elif DIGIT_BIT < 64
-    #define WINSIZE    5
-#elif DIGIT_BIT < 128
-    #define WINSIZE    6
-#endif
-int mp_exptmod_base_2(mp_int * X, mp_int * P, mp_int * Y)
-{
-  mp_digit buf, mp;
-  int      err = MP_OKAY, bitbuf, bitcpy, bitcnt, digidx, x, y;
-  mp_int   res[1];
-  int     (*redux)(mp_int*,mp_int*,mp_digit) = NULL;
-
-  /* automatically pick the comba one if available (saves quite a few
-     calls/ifs) */
-#ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C
-  if (((P->used * 2 + 1) < (int)MP_WARRAY) &&
-       P->used < (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
-     redux = fast_mp_montgomery_reduce;
-  } else
-#endif
-#ifdef BN_MP_MONTGOMERY_REDUCE_C
-  {
-     /* use slower baseline Montgomery method */
-     redux = mp_montgomery_reduce;
-  }
-#endif
-
-  if (redux == NULL) {
-      return MP_VAL;
-  }
-
-  /* now setup montgomery  */
-  if ((err = mp_montgomery_setup(P, &mp)) != MP_OKAY) {
-     goto LBL_M;
-  }
-
-  /* setup result */
-  if ((err = mp_init(res)) != MP_OKAY) {
-     goto LBL_M;
-  }
-
-  /* now we need R mod m */
-  if ((err = mp_montgomery_calc_normalization(res, P)) != MP_OKAY) {
-     goto LBL_RES;
-  }
-
-  /* Get the top bits left over after taking WINSIZE bits starting at the
-   * least-significant.
-   */
-  digidx = X->used - 1;
-  bitcpy = (X->used * DIGIT_BIT) % WINSIZE;
-  if (bitcpy > 0) {
-     bitcnt = (int)DIGIT_BIT - bitcpy;
-     buf    = X->dp[digidx--];
-     bitbuf = (int)(buf >> bitcnt);
-     /* Multiply montgomery representation of 1 by 2 ^ top */
-     err = mp_mul_2d(res, bitbuf, res);
-     if (err != MP_OKAY) {
-        goto LBL_RES;
-     }
-     err = mp_mod(res, P, res);
-     if (err != MP_OKAY) {
-        goto LBL_RES;
-     }
-     /* Move out bits used */
-     buf  <<= bitcpy;
-     bitcnt++;
-  }
-  else {
-     bitcnt = 1;
-     buf    = 0;
-  }
-
-  /* empty window and reset  */
-  bitbuf = 0;
-  bitcpy = 0;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y       = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf   <<= (mp_digit)1;
-    /* add bit to the window */
-    bitbuf |= (y << (WINSIZE - ++bitcpy));
-
-    if (bitcpy == WINSIZE) {
-      /* ok window is filled so square as required and multiply  */
-      /* square first */
-      for (x = 0; x < WINSIZE; x++) {
-        err = mp_sqr(res, res);
-        if (err != MP_OKAY) {
-          goto LBL_RES;
-        }
-        err = (*redux)(res, P, mp);
-        if (err != MP_OKAY) {
-          goto LBL_RES;
-        }
-      }
-
-      /* then multiply by 2^bitbuf */
-      err = mp_mul_2d(res, bitbuf, res);
-      if (err != MP_OKAY) {
-         goto LBL_RES;
-      }
-      err = mp_mod(res, P, res);
-      if (err != MP_OKAY) {
-         goto LBL_RES;
-      }
-
-      /* empty window and reset */
-      bitcpy = 0;
-      bitbuf = 0;
-    }
-  }
-
-  /* fixup result if Montgomery reduction is used
-   * recall that any value in a Montgomery system is
-   * actually multiplied by R mod n.  So we have
-   * to reduce one more time to cancel out the factor
-   * of R.
-   */
-  err = (*redux)(res, P, mp);
-  if (err != MP_OKAY) {
-     goto LBL_RES;
-  }
-
-  /* swap res with Y */
-  err = mp_copy(res, Y);
-
-LBL_RES:mp_clear (res);
-LBL_M:
-  return err;
-}
-
-#undef WINSIZE
-#endif /* BN_MP_EXPTMOD_BASE_2 */
-
-
-/* setups the montgomery reduction stuff */
-int mp_montgomery_setup (mp_int * n, mp_digit * rho)
-{
-  mp_digit x, b;
-
-/* fast inversion mod 2**k
- *
- * Based on the fact that
- *
- * XA = 1 (mod 2**n)  =>  (X(2-XA)) A = 1 (mod 2**2n)
- *                    =>  2*X*A - X*X*A*A = 1
- *                    =>  2*(1) - (1)     = 1
- */
-  b = n->dp[0];
-
-  if ((b & 1) == 0) {
-    return MP_VAL;
-  }
-
-  x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-  x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-#if !defined(MP_8BIT)
-  x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-#endif
-#if defined(MP_64BIT) || !(defined(MP_8BIT) || defined(MP_16BIT))
-  x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-#endif
-#ifdef MP_64BIT
-  x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-#endif
-
-  /* rho = -1/m mod b */
-  /* TAO, switched mp_word casts to mp_digit to shut up compiler */
-  *rho = (mp_digit)((((mp_digit)1 << ((mp_digit) DIGIT_BIT)) - x) & MP_MASK);
-
-  return MP_OKAY;
-}
-
-
-/* computes xR**-1 == x (mod N) via Montgomery Reduction
- *
- * This is an optimized implementation of montgomery_reduce
- * which uses the comba method to quickly calculate the columns of the
- * reduction.
- *
- * Based on Algorithm 14.32 on pp.601 of HAC.
-*/
-int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
-{
-  int     ix, res, olduse;
-  /* uses dynamic memory and slower */
-  WC_DECLARE_VAR(W, mp_word, MP_WARRAY, 0);
-
-  /* get old used count */
-  olduse = x->used;
-
-  /* grow a as required */
-  if (x->alloc < n->used + 1) {
-    if ((res = mp_grow (x, n->used + 1)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  WC_ALLOC_VAR_EX(W, mp_word, (n->used*2+2), NULL, DYNAMIC_TYPE_BIGINT,
-      return MP_MEM);
-
-  XMEMSET(W, 0, sizeof(mp_word) * (n->used * 2 + 2));
-
-  /* first we have to get the digits of the input into
-   * an array of double precision words W[...]
-   */
-  {
-    mp_word *_W;
-    mp_digit *tmpx;
-
-    /* alias for the W[] array */
-    _W   = W;
-
-    /* alias for the digits of  x*/
-    tmpx = x->dp;
-
-    /* copy the digits of a into W[0..a->used-1] */
-    for (ix = 0; ix < x->used; ix++) {
-      *_W++ = *tmpx++;
-    }
-  }
-
-  /* now we proceed to zero successive digits
-   * from the least significant upwards
-   */
-  for (ix = 0; ix < n->used; ix++) {
-    /* mu = ai * m' mod b
-     *
-     * We avoid a double precision multiplication (which isn't required)
-     * by casting the value down to a mp_digit.  Note this requires
-     * that W[ix-1] have  the carry cleared (see after the inner loop)
-     */
-    mp_digit mu;
-    mu = (mp_digit) (((W[ix] & MP_MASK) * rho) & MP_MASK);
-
-    /* a = a + mu * m * b**i
-     *
-     * This is computed in place and on the fly.  The multiplication
-     * by b**i is handled by offsetting which columns the results
-     * are added to.
-     *
-     * Note the comba method normally doesn't handle carries in the
-     * inner loop In this case we fix the carry from the previous
-     * column since the Montgomery reduction requires digits of the
-     * result (so far) [see above] to work.  This is
-     * handled by fixing up one carry after the inner loop.  The
-     * carry fixups are done in order so after these loops the
-     * first m->used words of W[] have the carries fixed
-     */
-    {
-      int iy;
-      mp_digit *tmpn;
-      mp_word *_W;
-
-      /* alias for the digits of the modulus */
-      tmpn = n->dp;
-
-      /* Alias for the columns set by an offset of ix */
-      _W = W + ix;
-
-      /* inner loop */
-      for (iy = 0; iy < n->used; iy++) {
-          *_W++ += ((mp_word)mu) * ((mp_word)*tmpn++);
-      }
-    }
-
-    /* now fix carry for next digit, W[ix+1] */
-    W[ix + 1] += W[ix] >> ((mp_word) DIGIT_BIT);
-  }
-
-  /* now we have to propagate the carries and
-   * shift the words downward [all those least
-   * significant digits we zeroed].
-   */
-  {
-    mp_digit *tmpx;
-    mp_word *_W, *_W1;
-
-    /* nox fix rest of carries */
-
-    /* alias for current word */
-    _W1 = W + ix;
-
-    /* alias for next word, where the carry goes */
-    _W = W + ++ix;
-
-    for (; ix <= n->used * 2 + 1; ix++) {
-      *_W++ += *_W1++ >> ((mp_word) DIGIT_BIT);
-    }
-
-    /* copy out, A = A/b**n
-     *
-     * The result is A/b**n but instead of converting from an
-     * array of mp_word to mp_digit than calling mp_rshd
-     * we just copy them in the right order
-     */
-
-    /* alias for destination word */
-    tmpx = x->dp;
-
-    /* alias for shifted double precision result */
-    _W = W + n->used;
-
-    for (ix = 0; ix < n->used + 1; ix++) {
-      *tmpx++ = (mp_digit)(*_W++ & ((mp_word) MP_MASK));
-    }
-
-    /* zero olduse digits, if the input a was larger than
-     * m->used+1 we'll have to clear the digits
-     */
-    for (; ix < olduse; ix++) {
-      *tmpx++ = 0;
-    }
-  }
-
-  /* set the max used and clamp */
-  x->used = n->used + 1;
-  mp_clamp (x);
-
-  WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT);
-
-  /* if A >= m then A = A - m */
-  if (mp_cmp_mag (x, n) != MP_LT) {
-    return s_mp_sub (x, n, x);
-  }
-  return MP_OKAY;
-}
-
-
-/* computes xR**-1 == x (mod N) via Montgomery Reduction */
-int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho)
-{
-  int     ix, res, digs;
-  mp_digit mu;
-
-  /* can the fast reduction [comba] method be used?
-   *
-   * Note that unlike in mul you're safely allowed *less*
-   * than the available columns [255 per default] since carries
-   * are fixed up in the inner loop.
-   */
-  digs = n->used * 2 + 1;
-  if ((digs < (int)MP_WARRAY) &&
-      n->used <
-      (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
-    return fast_mp_montgomery_reduce (x, n, rho);
-  }
-
-  /* grow the input as required */
-  if (x->alloc < digs) {
-    if ((res = mp_grow (x, digs)) != MP_OKAY) {
-      return res;
-    }
-  }
-  x->used = digs;
-
-  for (ix = 0; ix < n->used; ix++) {
-    /* mu = ai * rho mod b
-     *
-     * The value of rho must be precalculated via
-     * montgomery_setup() such that
-     * it equals -1/n0 mod b this allows the
-     * following inner loop to reduce the
-     * input one digit at a time
-     */
-    mu = (mp_digit) (((mp_word)x->dp[ix]) * ((mp_word)rho) & MP_MASK);
-
-    /* a = a + mu * m * b**i */
-    {
-      int iy;
-      mp_digit *tmpn, *tmpx, u;
-      mp_word r;
-
-      /* alias for digits of the modulus */
-      tmpn = n->dp;
-
-      /* alias for the digits of x [the input] */
-      tmpx = x->dp + ix;
-
-      /* set the carry to zero */
-      u = 0;
-
-      /* Multiply and add in place */
-      for (iy = 0; iy < n->used; iy++) {
-        /* compute product and sum */
-        r       = ((mp_word)mu) * ((mp_word)*tmpn++) +
-                  ((mp_word) u) + ((mp_word) * tmpx);
-
-        /* get carry */
-        u       = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
-
-        /* fix digit */
-        *tmpx++ = (mp_digit)(r & ((mp_word) MP_MASK));
-      }
-      /* At this point the ix'th digit of x should be zero */
-
-
-      /* propagate carries upwards as required*/
-      while (u) {
-        *tmpx   += u;
-        u        = *tmpx >> DIGIT_BIT;
-        *tmpx++ &= MP_MASK;
-      }
-    }
-  }
-
-  /* at this point the n.used'th least
-   * significant digits of x are all zero
-   * which means we can shift x to the
-   * right by n.used digits and the
-   * residue is unchanged.
-   */
-
-  /* x = x/b**n.used */
-  mp_clamp(x);
-  mp_rshd (x, n->used);
-
-  /* if x >= n then x = x - n */
-  if (mp_cmp_mag (x, n) != MP_LT) {
-    return s_mp_sub (x, n, x);
-  }
-
-  return MP_OKAY;
-}
-
-
-/* determines the setup value */
-void mp_dr_setup(mp_int *a, mp_digit *d)
-{
-   /* the casts are required if DIGIT_BIT is one less than
-    * the number of bits in a mp_digit [e.g. DIGIT_BIT==31]
-    */
-   *d = (mp_digit)((((mp_word)1) << ((mp_word)DIGIT_BIT)) -
-        ((mp_word)a->dp[0]));
-}
-
-
-/* reduce "x" in place modulo "n" using the Diminished Radix algorithm.
- *
- * Based on algorithm from the paper
- *
- * "Generating Efficient Primes for Discrete Log Cryptosystems"
- *                 Chae Hoon Lim, Pil Joong Lee,
- *          POSTECH Information Research Laboratories
- *
- * The modulus must be of a special format [see manual]
- *
- * Has been modified to use algorithm 7.10 from the LTM book instead
- *
- * Input x must be in the range 0 <= x <= (n-1)**2
- */
-int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k)
-{
-  int      err, i, m;
-  mp_word  r;
-  mp_digit mu, *tmpx1, *tmpx2;
-
-  /* m = digits in modulus */
-  m = n->used;
-
-  /* ensure that "x" has at least 2m digits */
-  if (x->alloc < m + m) {
-    if ((err = mp_grow (x, m + m)) != MP_OKAY) {
-      return err;
-    }
-  }
-
-/* top of loop, this is where the code resumes if
- * another reduction pass is required.
- */
-top:
-  /* aliases for digits */
-  /* alias for lower half of x */
-  tmpx1 = x->dp;
-
-  /* alias for upper half of x, or x/B**m */
-  tmpx2 = x->dp + m;
-
-  /* set carry to zero */
-  mu = 0;
-
-  /* compute (x mod B**m) + k * [x/B**m] inline and inplace */
-  for (i = 0; i < m; i++) {
-      r         = ((mp_word)*tmpx2++) * ((mp_word)k) + *tmpx1 + mu;
-      *tmpx1++  = (mp_digit)(r & MP_MASK);
-      mu        = (mp_digit)(r >> ((mp_word)DIGIT_BIT));
-  }
-
-  /* set final carry */
-  *tmpx1++ = mu;
-
-  /* zero words above m */
-  for (i = m + 1; i < x->used; i++) {
-      *tmpx1++ = 0;
-  }
-
-  /* clamp, sub and return */
-  mp_clamp (x);
-
-  /* if x >= n then subtract and reduce again
-   * Each successive "recursion" makes the input smaller and smaller.
-   */
-  if (mp_cmp_mag (x, n) != MP_LT) {
-    if ((err = s_mp_sub(x, n, x)) != MP_OKAY) {
-        return err;
-    }
-    goto top;
-  }
-  return MP_OKAY;
-}
-
-
-/* reduces a modulo n where n is of the form 2**p - d */
-int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d)
-{
-   mp_int q;
-   int    p, res;
-
-   if ((res = mp_init(&q)) != MP_OKAY) {
-      return res;
-   }
-
-   p = mp_count_bits(n);
-top:
-   /* q = a/2**p, a = a mod 2**p */
-   if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
-      goto ERR;
-   }
-
-   if (d != 1) {
-      /* q = q * d */
-      if ((res = mp_mul_d(&q, d, &q)) != MP_OKAY) {
-         goto ERR;
-      }
-   }
-
-   /* a = a + q */
-   if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
-      goto ERR;
-   }
-
-   if (mp_cmp_mag(a, n) != MP_LT) {
-      if ((res = s_mp_sub(a, n, a)) != MP_OKAY) {
-         goto ERR;
-      }
-      goto top;
-   }
-
-ERR:
-   mp_clear(&q);
-   return res;
-}
-
-
-/* determines the setup value */
-int mp_reduce_2k_setup(mp_int *a, mp_digit *d)
-{
-   int res, p;
-   mp_int tmp;
-
-   if ((res = mp_init(&tmp)) != MP_OKAY) {
-      return res;
-   }
-
-   p = mp_count_bits(a);
-   if ((res = mp_2expt(&tmp, p)) != MP_OKAY) {
-      mp_clear(&tmp);
-      return res;
-   }
-
-   if ((res = s_mp_sub(&tmp, a, &tmp)) != MP_OKAY) {
-      mp_clear(&tmp);
-      return res;
-   }
-
-   *d = tmp.dp[0];
-   mp_clear(&tmp);
-   return MP_OKAY;
-}
-
-
-/* set the b bit of a */
-int mp_set_bit (mp_int * a, int b)
-{
-    int i = b / DIGIT_BIT, res;
-
-    /*
-     * Require:
-     *  bit index b >= 0
-     *  a->alloc == a->used == 0 if a->dp == NULL
-     */
-    if (b < 0 || (a->dp == NULL && (a->alloc != 0 || a->used != 0)))
-        return MP_VAL;
-
-    if (a->dp == NULL || a->used < (int)(i + 1)) {
-        /* grow a to accommodate the single bit */
-        if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
-            return res;
-        }
-
-        /* set the used count of where the bit will go */
-        a->used = (int)(i + 1);
-    }
-
-    /* put the single bit in its place */
-    a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
-
-    return MP_OKAY;
-}
-
-/* computes a = 2**b
- *
- * Simple algorithm which zeros the int, set the required bit
- */
-int mp_2expt (mp_int * a, int b)
-{
-    /* zero a as per default */
-    mp_zero (a);
-
-    return mp_set_bit(a, b);
-}
-
-/* multiply by a digit */
-int mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
-{
-  mp_digit u, *tmpa, *tmpc;
-  mp_word  r;
-  int      ix, res, olduse;
-
-  /* make sure c is big enough to hold a*b */
-  if (c->dp == NULL || c->alloc < a->used + 1) {
-    if ((res = mp_grow (c, a->used + 1)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  /* get the original destinations used count */
-  olduse = c->used;
-
-  /* set the sign */
-  c->sign = a->sign;
-
-  /* alias for a->dp [source] */
-  tmpa = a->dp;
-
-  /* alias for c->dp [dest] */
-  tmpc = c->dp;
-
-  /* zero carry */
-  u = 0;
-
-  /* compute columns */
-  for (ix = 0; ix < a->used; ix++) {
-    /* compute product and carry sum for this term */
-    r       = ((mp_word) u) + ((mp_word)*tmpa++) * ((mp_word)b);
-
-    /* mask off higher bits to get a single digit */
-    *tmpc++ = (mp_digit) (r & ((mp_word) MP_MASK));
-
-    /* send carry into next iteration */
-    u       = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
-  }
-
-  /* store final carry [if any] and increment ix offset  */
-  *tmpc++ = u;
-  ++ix;
-
-  /* now zero digits above the top */
-  while (ix++ < olduse) {
-     *tmpc++ = 0;
-  }
-
-  /* set used count */
-  c->used = a->used + 1;
-  mp_clamp(c);
-
-  return MP_OKAY;
-}
-
-
-/* d = a * b (mod c) */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
-#else
-int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
-#endif
-{
-  int     res;
-  mp_int  t;
-
-  if ((res = mp_init_size (&t, c->used)) != MP_OKAY) {
-    return res;
-  }
-
-  res = mp_mul (a, b, &t);
-  if (res == MP_OKAY) {
-      res = mp_mod (&t, c, d);
-  }
-
-  mp_clear (&t);
-  return res;
-}
-
-
-/* d = a - b (mod c) */
-int mp_submod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
-{
-  int     res;
-  mp_int  t;
-
-  if ((res = mp_init (&t)) != MP_OKAY) {
-    return res;
-  }
-
-  res = mp_sub (a, b, &t);
-  if (res == MP_OKAY) {
-      res = mp_mod (&t, c, d);
-  }
-
-  mp_clear (&t);
-
-  return res;
-}
-
-/* d = a + b (mod c) */
-int mp_addmod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
-{
-  int     res;
-  mp_int  t;
-
-  if ((res = mp_init (&t)) != MP_OKAY) {
-    return res;
-  }
-
-  res = mp_add (a, b, &t);
-  if (res == MP_OKAY) {
-    res = mp_mod (&t, c, d);
-  }
-
-  mp_clear (&t);
-
-  return res;
-}
-
-/* d = a - b (mod c) - a < c and b < c and positive */
-int mp_submod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
-{
-  int     res;
-  mp_int  t;
-  mp_int* r = d;
-
-  if (c == d) {
-    r = &t;
-
-    if ((res = mp_init (r)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  res = mp_sub (a, b, r);
-  if (res == MP_OKAY) {
-    if (mp_isneg (r)) {
-      res = mp_add (r, c, d);
-    } else if (c == d) {
-      res = mp_copy (r, d);
-    }
-  }
-
-  if (c == d) {
-    mp_clear (r);
-  }
-
-  return res;
-}
-
-/* d = a + b (mod c) - a < c and b < c and positive */
-int mp_addmod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
-{
-  int     res;
-  mp_int  t;
-  mp_int* r = d;
-
-  if (c == d) {
-    r = &t;
-
-    if ((res = mp_init (r)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  res = mp_add (a, b, r);
-  if (res == MP_OKAY) {
-    if (mp_cmp (r, c) != MP_LT) {
-      res = mp_sub (r, c, d);
-    } else if (c == d) {
-      res = mp_copy (r, d);
-    }
-  }
-
-  if (c == d) {
-    mp_clear (r);
-  }
-
-  return res;
-}
-
-/* computes b = a*a */
-int mp_sqr (mp_int * a, mp_int * b)
-{
-  int     res;
-
-  {
-#ifdef BN_FAST_S_MP_SQR_C
-    /* can we use the fast comba multiplier? */
-    if ((a->used * 2 + 1) < (int)MP_WARRAY &&
-         a->used <
-         (1 << (sizeof(mp_word) * CHAR_BIT - 2*DIGIT_BIT - 1))) {
-      res = fast_s_mp_sqr (a, b);
-    } else
-#endif
-#ifdef BN_S_MP_SQR_C
-      res = s_mp_sqr (a, b);
-#else
-      res = MP_VAL;
-#endif
-  }
-  b->sign = MP_ZPOS;
-  return res;
-}
-
-
-/* high level multiplication (handles sign) */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_mul(mp_int *a, mp_int *b, mp_int *c)
-#else
-int mp_mul (mp_int * a, mp_int * b, mp_int * c)
-#endif
-{
-  int     res, neg;
-  neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG;
-
-  {
-#ifdef BN_FAST_S_MP_MUL_DIGS_C
-    /* can we use the fast multiplier?
-     *
-     * The fast multiplier can be used if the output will
-     * have less than MP_WARRAY digits and the number of
-     * digits won't affect carry propagation
-     */
-    int     digs = a->used + b->used + 1;
-
-    if ((digs < (int)MP_WARRAY) &&
-        MIN(a->used, b->used) <=
-        (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
-      res = fast_s_mp_mul_digs (a, b, c, digs);
-    } else
-#endif
-#ifdef BN_S_MP_MUL_DIGS_C
-      res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */
-#else
-      res = MP_VAL;
-#endif
-
-  }
-  c->sign = (c->used > 0) ? neg : MP_ZPOS;
-  return res;
-}
-
-
-/* b = a*2 */
-int mp_mul_2(mp_int * a, mp_int * b)
-{
-  int     x, res, oldused;
-
-  /* grow to accommodate result */
-  if (b->alloc < a->used + 1) {
-    if ((res = mp_grow (b, a->used + 1)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  oldused = b->used;
-  b->used = a->used;
-
-  {
-    mp_digit r, rr, *tmpa, *tmpb;
-
-    /* alias for source */
-    tmpa = a->dp;
-
-    /* alias for dest */
-    tmpb = b->dp;
-
-    /* carry */
-    r = 0;
-    for (x = 0; x < a->used; x++) {
-
-      /* get what will be the *next* carry bit from the
-       * MSB of the current digit
-       */
-      rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1));
-
-      /* now shift up this digit, add in the carry [from the previous] */
-      *tmpb++ = (mp_digit)(((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK);
-
-      /* copy the carry that would be from the source
-       * digit into the next iteration
-       */
-      r = rr;
-    }
-
-    /* new leading digit? */
-    if (r != 0) {
-      /* add a MSB which is always 1 at this point */
-      *tmpb = 1;
-      ++(b->used);
-    }
-
-    /* now zero any excess digits on the destination
-     * that we didn't write to
-     */
-    tmpb = b->dp + b->used;
-    for (x = b->used; x < oldused; x++) {
-      *tmpb++ = 0;
-    }
-  }
-  b->sign = a->sign;
-  return MP_OKAY;
-}
-
-
-/* divide by three (based on routine from MPI and the GMP manual) */
-int mp_div_3 (mp_int * a, mp_int *c, mp_digit * d)
-{
-  mp_int   q;
-  mp_word  w, t;
-  mp_digit b;
-  int      res, ix;
-
-  /* b = 2**DIGIT_BIT / 3 */
-  b = (mp_digit) ( (((mp_word)1) << ((mp_word)DIGIT_BIT)) / ((mp_word)3) );
-
-  if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
-     return res;
-  }
-
-  q.used = a->used;
-  q.sign = a->sign;
-  w = 0;
-
-  if (a->used == 0)
-      return MP_VAL;
-
-  for (ix = a->used - 1; ix >= 0; ix--) {
-     w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
-
-     if (w >= 3) {
-        /* multiply w by [1/3] */
-        t = (w * ((mp_word)b)) >> ((mp_word)DIGIT_BIT);
-
-        /* now subtract 3 * [w/3] from w, to get the remainder */
-        w -= t+t+t;
-
-        /* fixup the remainder as required since
-         * the optimization is not exact.
-         */
-        while (w >= 3) {
-           t += 1;
-           w -= 3;
-        }
-      } else {
-        t = 0;
-      }
-      q.dp[ix] = (mp_digit)t;
-  }
-
-  /* [optional] store the remainder */
-  if (d != NULL) {
-     *d = (mp_digit)w;
-  }
-
-  /* [optional] store the quotient */
-  if (c != NULL) {
-     mp_clamp(&q);
-     mp_exch(&q, c);
-  }
-  mp_clear(&q);
-
-  return res;
-}
-
-
-/* init an mp_init for a given size */
-int mp_init_size (mp_int * a, int size)
-{
-  /* pad size so there are always extra digits */
-  size += (MP_PREC * 2) - (size % MP_PREC);
-
-  /* alloc mem */
-  a->dp = (mp_digit *)XMALLOC (sizeof (mp_digit) * size, NULL,
-                                      DYNAMIC_TYPE_BIGINT);
-  if (a->dp == NULL) {
-    return MP_MEM;
-  }
-
-  /* set the members */
-  a->used  = 0;
-  a->alloc = size;
-  a->sign  = MP_ZPOS;
-#ifdef HAVE_WOLF_BIGINT
-  wc_bigint_init(&a->raw);
-#endif
-
-  /* zero the digits */
-  XMEMSET(a->dp, 0, sizeof (mp_digit) * size);
-
-  return MP_OKAY;
-}
-
-
-/* the list of squaring...
- * you do like mult except the offset of the tmpx [one that
- * starts closer to zero] can't equal the offset of tmpy.
- * So basically you set up iy like before then you min it with
- * (ty-tx) so that it never happens.  You double all those
- * you add in the inner loop
-
-After that loop you do the squares and add them in.
-*/
-
-int fast_s_mp_sqr (mp_int * a, mp_int * b)
-{
-  int       olduse, res, pa, ix, iz;
-  /* uses dynamic memory and slower */
-  WC_DECLARE_VAR(W, mp_digit, MP_WARRAY, 0);
-  mp_digit  *tmpx;
-  mp_word   W1;
-
-  /* grow the destination as required */
-  pa = a->used + a->used;
-  if (b->alloc < pa) {
-    if ((res = mp_grow (b, pa)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  if (pa > (int)MP_WARRAY)
-    return MP_RANGE;  /* TAO range check */
-
-  if (pa == 0) {
-    /* Nothing to do. Zero result and return. */
-    mp_zero(b);
-    return MP_OKAY;
-  }
-
-  WC_ALLOC_VAR_EX(W, mp_digit, pa, NULL, DYNAMIC_TYPE_BIGINT,
-      return MP_MEM);
-
-  /* number of output digits to produce */
-  W1 = 0;
-  for (ix = 0; ix < pa; ix++) {
-      int      tx, ty, iy;
-      mp_word  _W;
-      mp_digit *tmpy;
-
-      /* clear counter */
-      _W = 0;
-
-      /* get offsets into the two bignums */
-      ty = MIN(a->used-1, ix);
-      tx = ix - ty;
-
-      /* setup temp aliases */
-      tmpx = a->dp + tx;
-      tmpy = a->dp + ty;
-
-      /* this is the number of times the loop will iterate, essentially
-         while (tx++ < a->used && ty-- >= 0) { ... }
-       */
-      iy = MIN(a->used-tx, ty+1);
-
-      /* now for squaring tx can never equal ty
-       * we halve the distance since they approach at a rate of 2x
-       * and we have to round because odd cases need to be executed
-       */
-      iy = MIN(iy, (ty-tx+1)>>1);
-
-      /* execute loop */
-      for (iz = 0; iz < iy; iz++) {
-         _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
-      }
-
-      /* double the inner product and add carry */
-      _W = _W + _W + W1;
-
-      /* even columns have the square term in them */
-      if ((ix&1) == 0) {
-         _W += ((mp_word)a->dp[ix>>1])*((mp_word)a->dp[ix>>1]);
-      }
-
-      /* store it */
-      W[ix] = (mp_digit)(_W & MP_MASK);
-
-      /* make next carry */
-      W1 = _W >> ((mp_word)DIGIT_BIT);
-  }
-
-  /* setup dest */
-  olduse  = b->used;
-  b->used = a->used+a->used;
-
-  {
-    mp_digit *tmpb;
-    tmpb = b->dp;
-    for (ix = 0; ix < pa; ix++) {
-      *tmpb++ = (mp_digit)(W[ix] & MP_MASK);
-    }
-
-    /* clear unused digits [that existed in the old copy of c] */
-    for (; ix < olduse; ix++) {
-      *tmpb++ = 0;
-    }
-  }
-  mp_clamp (b);
-
-  WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return MP_OKAY;
-}
-
-
-/* Fast (comba) multiplier
- *
- * This is the fast column-array [comba] multiplier.  It is
- * designed to compute the columns of the product first
- * then handle the carries afterwards.  This has the effect
- * of making the nested loops that compute the columns very
- * simple and schedulable on super-scalar processors.
- *
- * This has been modified to produce a variable number of
- * digits of output so if say only a half-product is required
- * you don't have to compute the upper half (a feature
- * required for fast Barrett reduction).
- *
- * Based on Algorithm 14.12 on pp.595 of HAC.
- *
- */
-int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
-{
-  int     olduse, res, pa, ix, iz;
-  /* uses dynamic memory and slower */
-  WC_DECLARE_VAR(W, mp_digit, MP_WARRAY, 0);
-  mp_word  _W;
-
-  /* grow the destination as required */
-  if (c->alloc < digs) {
-    if ((res = mp_grow (c, digs)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  /* number of output digits to produce */
-  pa = MIN(digs, a->used + b->used);
-  if (pa > (int)MP_WARRAY)
-    return MP_RANGE;  /* TAO range check */
-
-  if (pa == 0) {
-    /* Nothing to do. Zero result and return. */
-    mp_zero(c);
-    return MP_OKAY;
-  }
-
-  WC_ALLOC_VAR_EX(W, mp_digit, pa, NULL, DYNAMIC_TYPE_BIGINT,
-      return MP_MEM);
-
-  /* clear the carry */
-  _W = 0;
-  for (ix = 0; ix < pa; ix++) {
-      int      tx, ty;
-      int      iy;
-      mp_digit *tmpx, *tmpy;
-
-      if ((a->used > 0) && (b->used > 0)) {
-          /* get offsets into the two bignums */
-          ty = MIN(b->used-1, ix);
-          tx = ix - ty;
-
-          /* setup temp aliases */
-          tmpx = a->dp + tx;
-          tmpy = b->dp + ty;
-
-          /* this is the number of times the loop will iterate, essentially
-             while (tx++ < a->used && ty-- >= 0) { ... }
-          */
-          iy = MIN(a->used-tx, ty+1);
-
-          /* execute loop */
-          for (iz = 0; iz < iy; ++iz) {
-              _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
-
-          }
-      }
-
-      /* store term */
-      W[ix] = (mp_digit)(((mp_digit)_W) & MP_MASK);
-
-      /* make next carry */
-      _W = _W >> ((mp_word)DIGIT_BIT);
- }
-
-  /* setup dest */
-  olduse  = c->used;
-  c->used = pa;
-
-  {
-    mp_digit *tmpc;
-    tmpc = c->dp;
-    for (ix = 0; ix < pa; ix++) { /* JRB, +1 could read uninitialized data */
-      /* now extract the previous digit [below the carry] */
-      *tmpc++ = W[ix];
-    }
-
-    /* clear unused digits [that existed in the old copy of c] */
-    for (; ix < olduse; ix++) {
-      *tmpc++ = 0;
-    }
-  }
-  mp_clamp (c);
-
-  WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return MP_OKAY;
-}
-
-
-/* low level squaring, b = a*a, HAC pp.596-597, Algorithm 14.16 */
-int s_mp_sqr (mp_int * a, mp_int * b)
-{
-  mp_int  t;
-  int     res, ix, iy, pa;
-  mp_word r;
-  mp_digit u, tmpx, *tmpt;
-
-  pa = a->used;
-  if ((res = mp_init_size (&t, 2*pa + 1)) != MP_OKAY) {
-    return res;
-  }
-
-  /* default used is maximum possible size */
-  t.used = 2*pa + 1;
-
-  for (ix = 0; ix < pa; ix++) {
-    /* first calculate the digit at 2*ix */
-    /* calculate double precision result */
-    r = ((mp_word) t.dp[2*ix]) +
-        ((mp_word)a->dp[ix])*((mp_word)a->dp[ix]);
-
-    /* store lower part in result */
-    t.dp[ix+ix] = (mp_digit) (r & ((mp_word) MP_MASK));
-
-    /* get the carry */
-    u           = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
-
-    /* left hand side of A[ix] * A[iy] */
-    tmpx        = a->dp[ix];
-
-    /* alias for where to store the results */
-    tmpt        = t.dp + (2*ix + 1);
-
-    for (iy = ix + 1; iy < pa; iy++) {
-      /* first calculate the product */
-      r       = ((mp_word)tmpx) * ((mp_word)a->dp[iy]);
-
-      /* now calculate the double precision result, note we use
-       * addition instead of *2 since it's easier to optimize
-       */
-      r       = ((mp_word) *tmpt) + r + r + ((mp_word) u);
-
-      /* store lower part */
-      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
-
-      /* get carry */
-      u       = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
-    }
-    /* propagate upwards */
-    while (u != ((mp_digit) 0)) {
-      r       = ((mp_word) *tmpt) + ((mp_word) u);
-      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
-      u       = (mp_digit)(r >> ((mp_word) DIGIT_BIT));
-    }
-  }
-
-  mp_clamp (&t);
-  mp_exch (&t, b);
-  mp_clear (&t);
-  return MP_OKAY;
-}
-
-
-/* multiplies |a| * |b| and only computes up to digs digits of result
- * HAC pp. 595, Algorithm 14.12  Modified so you can control how
- * many digits of output are created.
- */
-int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
-{
-  mp_int  t;
-  int     res, pa, pb, ix, iy;
-  mp_digit u;
-  mp_word r;
-  mp_digit tmpx, *tmpt, *tmpy;
-
-  /* can we use the fast multiplier? */
-  if ((digs < (int)MP_WARRAY) &&
-      MIN (a->used, b->used) <
-          (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
-    return fast_s_mp_mul_digs (a, b, c, digs);
-  }
-
-  if ((res = mp_init_size (&t, digs)) != MP_OKAY) {
-    return res;
-  }
-  t.used = digs;
-
-  /* compute the digits of the product directly */
-  pa = a->used;
-  for (ix = 0; ix < pa; ix++) {
-    /* set the carry to zero */
-    u = 0;
-
-    /* limit ourselves to making digs digits of output */
-    pb = MIN (b->used, digs - ix);
-
-    /* setup some aliases */
-    /* copy of the digit from a used within the nested loop */
-    tmpx = a->dp[ix];
-
-    /* an alias for the destination shifted ix places */
-    tmpt = t.dp + ix;
-
-    /* an alias for the digits of b */
-    tmpy = b->dp;
-
-    /* compute the columns of the output and propagate the carry */
-    for (iy = 0; iy < pb; iy++) {
-      /* compute the column as a mp_word */
-      r       = ((mp_word)*tmpt) +
-                ((mp_word)tmpx) * ((mp_word)*tmpy++) +
-                ((mp_word) u);
-
-      /* the new column is the lower part of the result */
-      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
-
-      /* get the carry word from the result */
-      u       = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
-    }
-    /* set carry if it is placed below digs */
-    if (ix + iy < digs) {
-      *tmpt = u;
-    }
-  }
-
-  mp_clamp (&t);
-  mp_exch (&t, c);
-
-  mp_clear (&t);
-  return MP_OKAY;
-}
-
-
-/*
- * shifts with subtractions when the result is greater than b.
- *
- * The method is slightly modified to shift B unconditionally up to just under
- * the leading bit of b.  This saves a lot of multiple precision shifting.
- */
-int mp_montgomery_calc_normalization (mp_int * a, mp_int * b)
-{
-  int     x, bits, res;
-
-  /* how many bits of last digit does b use */
-  bits = mp_count_bits (b) % DIGIT_BIT;
-
-  if (b->used > 1) {
-     if ((res = mp_2expt (a, (b->used - 1) * DIGIT_BIT + bits - 1))
-         != MP_OKAY) {
-        return res;
-     }
-  } else {
-     if ((res = mp_set(a, 1)) != MP_OKAY) {
-        return res;
-     }
-     bits = 1;
-  }
-
-  /* now compute C = A * B mod b */
-  for (x = bits - 1; x < (int)DIGIT_BIT; x++) {
-    if ((res = mp_mul_2 (a, a)) != MP_OKAY) {
-      return res;
-    }
-    if (mp_cmp_mag (a, b) != MP_LT) {
-      if ((res = s_mp_sub (a, b, a)) != MP_OKAY) {
-        return res;
-      }
-    }
-  }
-
-  return MP_OKAY;
-}
-
-
-#ifdef MP_LOW_MEM
-   #define TAB_SIZE 32
-#else
-   #define TAB_SIZE 256
-#endif
-
-int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode)
-{
-  mp_int  M[TAB_SIZE], res, mu;
-  mp_digit buf;
-  int     err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
-  int (*redux)(mp_int*,mp_int*,mp_int*);
-
-  /* find window size */
-  x = mp_count_bits (X);
-  if (x <= 7) {
-    winsize = 2;
-  } else if (x <= 36) {
-    winsize = 3;
-  } else if (x <= 140) {
-    winsize = 4;
-  } else if (x <= 450) {
-    winsize = 5;
-  } else if (x <= 1303) {
-    winsize = 6;
-  } else if (x <= 3529) {
-    winsize = 7;
-  } else {
-    winsize = 8;
-  }
-
-#ifdef MP_LOW_MEM
-    if (winsize > 5) {
-       winsize = 5;
-    }
-#endif
-
-  /* init M array */
-  /* init first cell */
-  if ((err = mp_init(&M[1])) != MP_OKAY) {
-     return err;
-  }
-
-  /* now init the second half of the array */
-  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
-    if ((err = mp_init(&M[x])) != MP_OKAY) {
-      for (y = 1<<(winsize-1); y < x; y++) {
-        mp_clear (&M[y]);
-      }
-      mp_clear(&M[1]);
-      return err;
-    }
-  }
-
-  /* create mu, used for Barrett reduction */
-  if ((err = mp_init (&mu)) != MP_OKAY) {
-    goto LBL_M;
-  }
-
-  if (redmode == 0) {
-     if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) {
-        goto LBL_MU;
-     }
-     redux = mp_reduce;
-  } else {
-     if ((err = mp_reduce_2k_setup_l (P, &mu)) != MP_OKAY) {
-        goto LBL_MU;
-     }
-     redux = mp_reduce_2k_l;
-  }
-
-  /* create M table
-   *
-   * The M table contains powers of the base,
-   * e.g. M[x] = G**x mod P
-   *
-   * The first half of the table is not
-   * computed though accept for M[0] and M[1]
-   */
-  if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) {
-    goto LBL_MU;
-  }
-
-  /* compute the value at M[1<<(winsize-1)] by squaring
-   * M[1] (winsize-1) times
-   */
-  if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
-    goto LBL_MU;
-  }
-
-  for (x = 0; x < (winsize - 1); x++) {
-    /* square it */
-    if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))],
-                       &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) {
-      goto LBL_MU;
-    }
-
-    /* reduce modulo P */
-    if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, &mu)) != MP_OKAY) {
-      goto LBL_MU;
-    }
-  }
-
-  /* create upper table, that is M[x] = M[x-1] * M[1] (mod P)
-   * for x = (2**(winsize - 1) + 1) to (2**winsize - 1)
-   */
-  for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) {
-    if ((err = mp_mul (&M[x - 1], &M[1], &M[x])) != MP_OKAY) {
-      goto LBL_MU;
-    }
-    if ((err = redux (&M[x], P, &mu)) != MP_OKAY) {
-      goto LBL_MU;
-    }
-  }
-
-  /* setup result */
-  if ((err = mp_init (&res)) != MP_OKAY) {
-    goto LBL_MU;
-  }
-  if ((err = mp_set (&res, 1)) != MP_OKAY) {
-    goto LBL_MU;
-  }
-
-  /* set initial mode and bit cnt */
-  mode   = 0;
-  bitcnt = 1;
-  buf    = 0;
-  digidx = X->used - 1;
-  bitcpy = 0;
-  bitbuf = 0;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset the bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int) DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y     = (int)(buf >> (mp_digit)(DIGIT_BIT - 1)) & 1;
-    buf <<= (mp_digit)1;
-
-    /* if the bit is zero and mode == 0 then we ignore it
-     * These represent the leading zero bits before the first 1 bit
-     * in the exponent.  Technically this opt is not required but it
-     * does lower the # of trivial squaring/reductions used
-     */
-    if (mode == 0 && y == 0) {
-      continue;
-    }
-
-    /* if the bit is zero and mode == 1 then we square */
-    if (mode == 1 && y == 0) {
-      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      if ((err = redux (&res, P, &mu)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      continue;
-    }
-
-    /* else we add it to the window */
-    bitbuf |= (y << (winsize - ++bitcpy));
-    mode    = 2;
-
-    if (bitcpy == winsize) {
-      /* ok window is filled so square as required and multiply  */
-      /* square first */
-      for (x = 0; x < winsize; x++) {
-        if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-        if ((err = redux (&res, P, &mu)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-      }
-
-      /* then multiply */
-      if ((err = mp_mul (&res, &M[bitbuf], &res)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      if ((err = redux (&res, P, &mu)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-
-      /* empty window and reset */
-      bitcpy = 0;
-      bitbuf = 0;
-      mode   = 1;
-    }
-  }
-
-  /* if bits remain then square/multiply */
-  if (mode == 2 && bitcpy > 0) {
-    /* square then multiply if the bit is set */
-    for (x = 0; x < bitcpy; x++) {
-      if ((err = mp_sqr (&res, &res)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-      if ((err = redux (&res, P, &mu)) != MP_OKAY) {
-        goto LBL_RES;
-      }
-
-      bitbuf <<= 1;
-      if ((bitbuf & (1 << winsize)) != 0) {
-        /* then multiply */
-        if ((err = mp_mul (&res, &M[1], &res)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-        if ((err = redux (&res, P, &mu)) != MP_OKAY) {
-          goto LBL_RES;
-        }
-      }
-    }
-  }
-
-  mp_exch (&res, Y);
-  err = MP_OKAY;
-LBL_RES:mp_clear (&res);
-LBL_MU:mp_clear (&mu);
-LBL_M:
-  mp_clear(&M[1]);
-  for (x = 1<<(winsize-1); x < (1 << winsize); x++) {
-    mp_clear (&M[x]);
-  }
-  return err;
-}
-
-
-/* pre-calculate the value required for Barrett reduction
- * For a given modulus "b" it calculates the value required in "a"
- */
-int mp_reduce_setup (mp_int * a, mp_int * b)
-{
-  int     res;
-
-  if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) {
-    return res;
-  }
-  return mp_div (a, b, a, NULL);
-}
-
-
-/* reduces x mod m, assumes 0 < x < m**2, mu is
- * precomputed via mp_reduce_setup.
- * From HAC pp.604 Algorithm 14.42
- */
-int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
-{
-  mp_int  q;
-  int     res, um = m->used;
-
-  /* q = x */
-  if ((res = mp_init_copy (&q, x)) != MP_OKAY) {
-    return res;
-  }
-
-  /* q1 = x / b**(k-1)  */
-  mp_rshd (&q, um - 1);
-
-  /* according to HAC this optimization is ok */
-  if (((mp_word) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) {
-    if ((res = mp_mul (&q, mu, &q)) != MP_OKAY) {
-      goto CLEANUP;
-    }
-  } else {
-#ifdef BN_S_MP_MUL_HIGH_DIGS_C
-    if ((res = s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
-      goto CLEANUP;
-    }
-#elif defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
-    if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
-      goto CLEANUP;
-    }
-#else
-    {
-      res = MP_VAL;
-      goto CLEANUP;
-    }
-#endif
-  }
-
-  /* q3 = q2 / b**(k+1) */
-  mp_rshd (&q, um + 1);
-
-  /* x = x mod b**(k+1), quick (no division) */
-  if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) {
-    goto CLEANUP;
-  }
-
-  /* q = q * m mod b**(k+1), quick (no division) */
-  if ((res = s_mp_mul_digs (&q, m, &q, um + 1)) != MP_OKAY) {
-    goto CLEANUP;
-  }
-
-  /* x = x - q */
-  if ((res = mp_sub (x, &q, x)) != MP_OKAY) {
-    goto CLEANUP;
-  }
-
-  /* If x < 0, add b**(k+1) to it */
-  if (mp_cmp_d (x, 0) == MP_LT) {
-    if ((res = mp_set (&q, 1)) != MP_OKAY)
-        goto CLEANUP;
-    if ((res = mp_lshd (&q, um + 1)) != MP_OKAY)
-      goto CLEANUP;
-    if ((res = mp_add (x, &q, x)) != MP_OKAY)
-      goto CLEANUP;
-  }
-
-  /* Back off if it's too big */
-  while (mp_cmp (x, m) != MP_LT) {
-    if ((res = s_mp_sub (x, m, x)) != MP_OKAY) {
-      goto CLEANUP;
-    }
-  }
-
-CLEANUP:
-  mp_clear (&q);
-
-  return res;
-}
-
-
-/* reduces a modulo n where n is of the form 2**p - d
-   This differs from reduce_2k since "d" can be larger
-   than a single digit.
-*/
-int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d)
-{
-   mp_int q;
-   int    p, res;
-
-   if ((res = mp_init(&q)) != MP_OKAY) {
-      return res;
-   }
-
-   p = mp_count_bits(n);
-top:
-   /* q = a/2**p, a = a mod 2**p */
-   if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
-      goto ERR;
-   }
-
-   /* q = q * d */
-   if ((res = mp_mul(&q, d, &q)) != MP_OKAY) {
-      goto ERR;
-   }
-
-   /* a = a + q */
-   if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
-      goto ERR;
-   }
-
-   if (mp_cmp_mag(a, n) != MP_LT) {
-      if ((res = s_mp_sub(a, n, a)) != MP_OKAY) {
-         goto ERR;
-      }
-      goto top;
-   }
-
-ERR:
-   mp_clear(&q);
-   return res;
-}
-
-
-/* determines the setup value */
-int mp_reduce_2k_setup_l(mp_int *a, mp_int *d)
-{
-   int    res;
-   mp_int tmp;
-
-   if ((res = mp_init(&tmp)) != MP_OKAY) {
-      return res;
-   }
-
-   if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) {
-      goto ERR;
-   }
-
-   if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) {
-      goto ERR;
-   }
-
-ERR:
-   mp_clear(&tmp);
-   return res;
-}
-
-
-/* multiplies |a| * |b| and does not compute the lower digs digits
- * [meant to get the higher part of the product]
- */
-int s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
-{
-  mp_int  t;
-  int     res, pa, pb, ix, iy;
-  mp_digit u;
-  mp_word r;
-  mp_digit tmpx, *tmpt, *tmpy;
-
-  /* can we use the fast multiplier? */
-#ifdef BN_FAST_S_MP_MUL_HIGH_DIGS_C
-  if (((a->used + b->used + 1) < (int)MP_WARRAY)
-      && MIN (a->used, b->used) <
-      (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
-    return fast_s_mp_mul_high_digs (a, b, c, digs);
-  }
-#endif
-
-  if ((res = mp_init_size (&t, a->used + b->used + 1)) != MP_OKAY) {
-    return res;
-  }
-  t.used = a->used + b->used + 1;
-
-  pa = a->used;
-  pb = b->used;
-  for (ix = 0; ix < pa && a->dp; ix++) {
-    /* clear the carry */
-    u = 0;
-
-    /* left hand side of A[ix] * B[iy] */
-    tmpx = a->dp[ix];
-
-    /* alias to the address of where the digits will be stored */
-    tmpt = &(t.dp[digs]);
-
-    /* alias for where to read the right hand side from */
-    tmpy = b->dp + (digs - ix);
-
-    for (iy = digs - ix; iy < pb; iy++) {
-      /* calculate the double precision result */
-      r       = ((mp_word)*tmpt) +
-                ((mp_word)tmpx) * ((mp_word)*tmpy++) +
-                ((mp_word) u);
-
-      /* get the lower part */
-      *tmpt++ = (mp_digit) (r & ((mp_word) MP_MASK));
-
-      /* carry the carry */
-      u       = (mp_digit) (r >> ((mp_word) DIGIT_BIT));
-    }
-    *tmpt = u;
-  }
-  mp_clamp (&t);
-  mp_exch (&t, c);
-  mp_clear (&t);
-  return MP_OKAY;
-}
-
-
-/* this is a modified version of fast_s_mul_digs that only produces
- * output digits *above* digs.  See the comments for fast_s_mul_digs
- * to see how it works.
- *
- * This is used in the Barrett reduction since for one of the multiplications
- * only the higher digits were needed.  This essentially halves the work.
- *
- * Based on Algorithm 14.12 on pp.595 of HAC.
- */
-int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
-{
-  int     olduse, res, pa, ix, iz;
-  /* uses dynamic memory and slower */
-  WC_DECLARE_VAR(W, mp_digit, MP_WARRAY, 0);
-  mp_word  _W;
-
-  if (a->dp == NULL) { /* JRB, avoid reading uninitialized values */
-      return MP_VAL;
-  }
-
-  /* grow the destination as required */
-  pa = a->used + b->used;
-  if (c->alloc < pa) {
-    if ((res = mp_grow (c, pa)) != MP_OKAY) {
-      return res;
-    }
-  }
-
-  if (pa > (int)MP_WARRAY)
-    return MP_RANGE;  /* TAO range check */
-
-  WC_ALLOC_VAR_EX(W, mp_digit, pa, NULL, DYNAMIC_TYPE_BIGINT,
-      return MP_MEM);
-
-  /* number of output digits to produce */
-  _W = 0;
-  for (ix = digs; ix < pa; ix++) { /* JRB, have a->dp check at top of function*/
-      int      tx, ty, iy;
-      mp_digit *tmpx, *tmpy;
-
-      /* get offsets into the two bignums */
-      ty = MIN(b->used-1, ix);
-      tx = ix - ty;
-
-      /* setup temp aliases */
-      tmpx = a->dp + tx;
-      tmpy = b->dp + ty;
-
-      /* this is the number of times the loop will iterate, essentially its
-         while (tx++ < a->used && ty-- >= 0) { ... }
-       */
-      iy = MIN(a->used-tx, ty+1);
-
-      /* execute loop */
-      for (iz = 0; iz < iy; iz++) {
-         _W += ((mp_word)*tmpx++)*((mp_word)*tmpy--);
-      }
-
-      /* store term */
-      W[ix] = (mp_digit)(((mp_digit)_W) & MP_MASK);
-
-      /* make next carry */
-      _W = _W >> ((mp_word)DIGIT_BIT);
-  }
-
-  /* setup dest */
-  olduse  = c->used;
-  c->used = pa;
-
-  {
-    mp_digit *tmpc;
-
-    tmpc = c->dp + digs;
-    for (ix = digs; ix < pa; ix++) {   /* TAO, <= could potentially overwrite */
-      /* now extract the previous digit [below the carry] */
-      *tmpc++ = W[ix];
-    }
-
-    /* clear unused digits [that existed in the old copy of c] */
-    for (; ix < olduse; ix++) {
-      *tmpc++ = 0;
-    }
-  }
-  mp_clamp (c);
-
-  WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return MP_OKAY;
-}
-
-
-#ifndef MP_SET_CHUNK_BITS
-    #define MP_SET_CHUNK_BITS 4
-#endif
-int mp_set_int (mp_int * a, unsigned long b)
-{
-  int x, res;
-
-  /* use direct mp_set if b is less than mp_digit max */
-  if (b < MP_DIGIT_MAX) {
-    return mp_set (a, (mp_digit)b);
-  }
-
-  mp_zero (a);
-
-  /* set chunk bits at a time */
-  for (x = 0; x < (int)(sizeof(b) * 8) / MP_SET_CHUNK_BITS; x++) {
-    /* shift the number up chunk bits */
-    if ((res = mp_mul_2d (a, MP_SET_CHUNK_BITS, a)) != MP_OKAY) {
-      return res;
-    }
-
-    /* OR in the top bits of the source */
-    a->dp[0] |= (b >> ((sizeof(b) * 8) - MP_SET_CHUNK_BITS)) &
-                                  ((1 << MP_SET_CHUNK_BITS) - 1);
-
-    /* shift the source up to the next chunk bits */
-    b <<= MP_SET_CHUNK_BITS;
-
-    /* ensure that digits are not clamped off */
-    a->used += 1;
-  }
-  mp_clamp (a);
-  return MP_OKAY;
-}
-
-
-#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_RSA) || \
-    !defined(NO_DSA) | !defined(NO_DH)
-
-/* c = a * a (mod b) */
-int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c)
-{
-  int     res;
-  mp_int  t;
-
-  if ((res = mp_init (&t)) != MP_OKAY) {
-    return res;
-  }
-
-  if ((res = mp_sqr (a, &t)) != MP_OKAY) {
-    mp_clear (&t);
-    return res;
-  }
-  res = mp_mod (&t, b, c);
-  mp_clear (&t);
-  return res;
-}
-
-#endif
-
-
-#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(WOLFSSL_SNIFFER) || \
-    defined(WOLFSSL_HAVE_WOLFSCEP) || defined(WOLFSSL_KEY_GEN) || \
-    defined(OPENSSL_EXTRA) || defined(WC_RSA_BLINDING) || \
-    (!defined(NO_RSA) && !defined(NO_RSA_BOUNDS_CHECK))
-
-/* single digit addition */
-int mp_add_d (mp_int* a, mp_digit b, mp_int* c) /* //NOLINT(misc-no-recursion) */
-{
-  int     res, ix, oldused;
-  mp_digit *tmpa, *tmpc, mu;
-
-  if (b > MP_DIGIT_MAX) return MP_VAL;
-
-  /* grow c as required */
-  if (c->alloc < a->used + 1) {
-     if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) {
-        return res;
-     }
-  }
-
-  /* if a is negative and |a| >= b, call c = |a| - b */
-  if (a->sign == MP_NEG && (a->used > 1 || a->dp[0] >= b)) {
-     /* temporarily fix sign of a */
-     a->sign = MP_ZPOS;
-
-     /* c = |a| - b */
-     res = mp_sub_d(a, b, c);
-
-     /* fix sign  */
-     a->sign = c->sign = MP_NEG;
-
-     /* clamp */
-     mp_clamp(c);
-
-     return res;
-  }
-
-  /* old number of used digits in c */
-  oldused = c->used;
-
-  /* source alias */
-  tmpa    = a->dp;
-
-  /* destination alias */
-  tmpc    = c->dp;
-
-  if (tmpa == NULL || tmpc == NULL) {
-    return MP_MEM;
-  }
-
-  /* if a is positive */
-  if (a->sign == MP_ZPOS) {
-     /* add digit, after this we're propagating
-      * the carry.
-      */
-     *tmpc   = *tmpa++ + b;
-     mu      = *tmpc >> DIGIT_BIT;
-     *tmpc++ &= MP_MASK;
-
-     /* now handle rest of the digits */
-     for (ix = 1; ix < a->used; ix++) {
-        *tmpc   = *tmpa++ + mu;
-        mu      = *tmpc >> DIGIT_BIT;
-        *tmpc++ &= MP_MASK;
-     }
-     /* set final carry */
-     if (ix < c->alloc) {
-        ix++;
-        *tmpc++  = mu;
-     }
-
-     /* setup size */
-     c->used = a->used + 1;
-  } else {
-     /* a was negative and |a| < b */
-     c->used  = 1;
-
-     /* the result is a single digit */
-     if (a->used == 1) {
-        *tmpc++  =  b - a->dp[0];
-     } else {
-        *tmpc++  =  b;
-     }
-
-     /* setup count so the clearing of oldused
-      * can fall through correctly
-      */
-     ix       = 1;
-  }
-
-  /* sign always positive */
-  c->sign = MP_ZPOS;
-
-  /* now zero to oldused */
-  while (ix++ < oldused) {
-     *tmpc++ = 0;
-  }
-  mp_clamp(c);
-
-  return MP_OKAY;
-}
-
-
-/* single digit subtraction */
-int mp_sub_d (mp_int * a, mp_digit b, mp_int * c) /* //NOLINT(misc-no-recursion) */
-{
-  mp_digit *tmpa, *tmpc, mu;
-  int       res, ix, oldused;
-
-  if (b > MP_MASK) return MP_VAL;
-
-  /* grow c as required */
-  if (c->alloc < a->used + 1) {
-     if ((res = mp_grow(c, a->used + 1)) != MP_OKAY) {
-        return res;
-     }
-  }
-
-  /* if a is negative just do an unsigned
-   * addition [with fudged signs]
-   */
-  if (a->sign == MP_NEG) {
-     a->sign = MP_ZPOS;
-     res     = mp_add_d(a, b, c);
-     a->sign = c->sign = MP_NEG;
-
-     /* clamp */
-     mp_clamp(c);
-
-     return res;
-  }
-
-  /* setup regs */
-  oldused = c->used;
-  tmpa    = a->dp;
-  tmpc    = c->dp;
-
-  if (tmpa == NULL || tmpc == NULL) {
-    return MP_MEM;
-  }
-
-  /* if a <= b simply fix the single digit */
-  if ((a->used == 1 && a->dp[0] <= b) || a->used == 0) {
-     if (a->used == 1) {
-        *tmpc++ = b - *tmpa;
-     } else {
-        *tmpc++ = b;
-     }
-     ix      = 1;
-
-     /* negative/1digit */
-     c->sign = MP_NEG;
-     c->used = 1;
-  } else {
-     /* positive/size */
-     c->sign = MP_ZPOS;
-     c->used = a->used;
-
-     /* subtract first digit */
-     *tmpc    = *tmpa++ - b;
-     mu       = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1);
-     *tmpc++ &= MP_MASK;
-
-     /* handle rest of the digits */
-     for (ix = 1; ix < a->used; ix++) {
-        *tmpc    = *tmpa++ - mu;
-        mu       = *tmpc >> (sizeof(mp_digit) * CHAR_BIT - 1);
-        *tmpc++ &= MP_MASK;
-     }
-  }
-
-  /* zero excess digits */
-  while (ix++ < oldused) {
-     *tmpc++ = 0;
-  }
-  mp_clamp(c);
-  return MP_OKAY;
-}
-
-#endif /* defined(HAVE_ECC) || !defined(NO_PWDBASED) */
-
-
-#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC) || \
-    defined(DEBUG_WOLFSSL) || !defined(NO_RSA) || !defined(NO_DSA) || \
-    !defined(NO_DH) || defined(WC_MP_TO_RADIX)
-
-static const int lnz[16] = {
-   4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
-};
-
-/* Counts the number of lsbs which are zero before the first zero bit */
-int mp_cnt_lsb(mp_int *a)
-{
-    int x;
-    mp_digit q = 0, qq;
-
-    /* easy out */
-    if (mp_iszero(a) == MP_YES) {
-        return 0;
-    }
-
-    /* scan lower digits until non-zero */
-    for (x = 0; x < a->used && a->dp[x] == 0; x++) {}
-    if (a->dp)
-        q = a->dp[x];
-    x *= DIGIT_BIT;
-
-    /* now scan this digit until a 1 is found */
-    if ((q & 1) == 0) {
-        do {
-            qq  = q & 15;
-            x  += lnz[qq];
-            q >>= 4;
-        } while (qq == 0);
-    }
-    return x;
-}
-
-
-
-
-static int s_is_power_of_two(mp_digit b, int *p)
-{
-   int x;
-
-   /* fast return if no power of two */
-   if ((b==0) || (b & (b-1))) {
-      return 0;
-   }
-
-   for (x = 0; x < DIGIT_BIT; x++) {
-      if (b == (((mp_digit)1)<<x)) {
-         *p = x;
-         return 1;
-      }
-   }
-   return 0;
-}
-
-/* single digit division (based on routine from MPI) */
-static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
-{
-  mp_int  q;
-  mp_word w;
-  mp_digit t;
-  int     res = MP_OKAY, ix;
-
-  /* cannot divide by zero */
-  if (b == 0) {
-     return MP_VAL;
-  }
-
-  /* quick outs */
-  if (b == 1 || mp_iszero(a) == MP_YES) {
-     if (d != NULL) {
-        *d = 0;
-     }
-     if (c != NULL) {
-        return mp_copy(a, c);
-     }
-     return MP_OKAY;
-  }
-
-  /* power of two ? */
-  if (s_is_power_of_two(b, &ix) == 1) {
-     if (d != NULL) {
-        *d = a->dp[0] & ((((mp_digit)1)<<ix) - 1);
-     }
-     if (c != NULL) {
-        return mp_div_2d(a, ix, c, NULL);
-     }
-     return MP_OKAY;
-  }
-
-#ifdef BN_MP_DIV_3_C
-  /* three? */
-  if (b == 3) {
-     return mp_div_3(a, c, d);
-  }
-#endif
-
-  /* no easy answer [c'est la vie].  Just division */
-  if (c != NULL) {
-      if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
-         return res;
-      }
-
-      q.used = a->used;
-      q.sign = a->sign;
-  }
-  else {
-      if ((res = mp_init(&q)) != MP_OKAY) {
-         return res;
-      }
-  }
-
-  w = 0;
-
-  if (a->used == 0)
-      return MP_VAL;
-
-  for (ix = a->used - 1; ix >= 0; ix--) {
-     w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
-
-     if (w >= b) {
-#ifdef WOLFSSL_LINUXKM
-        t = (mp_digit)w;
-        /* Linux kernel macro for in-place 64 bit integer division. */
-        do_div(t, b);
-#else
-        t = (mp_digit)(w / b);
-#endif
-        w -= ((mp_word)t) * ((mp_word)b);
-      } else {
-        t = 0;
-      }
-      if (c != NULL)
-        q.dp[ix] = (mp_digit)t;
-  }
-
-  if (d != NULL) {
-     *d = (mp_digit)w;
-  }
-
-  if (c != NULL) {
-     mp_clamp(&q);
-     mp_exch(&q, c);
-  }
-  mp_clear(&q);
-
-  return res;
-}
-
-
-int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
-{
-  return mp_div_d(a, b, NULL, c);
-}
-
-#endif /* WOLFSSL_KEY_GEN || HAVE_COMP_KEY || HAVE_ECC || DEBUG_WOLFSSL */
-
-#if (defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)) || !defined(NO_DH) || !defined(NO_DSA)
-
-const FLASH_QUALIFIER mp_digit ltm_prime_tab[PRIME_SIZE] = {
-  0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
-  0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
-  0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
-  0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F,
-#ifndef MP_8BIT
-  0x0083,
-  0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
-  0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
-  0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
-  0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
-
-  0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
-  0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
-  0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
-  0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
-  0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
-  0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
-  0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
-  0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
-
-  0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
-  0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
-  0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
-  0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
-  0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
-  0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
-  0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
-  0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
-
-  0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
-  0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
-  0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
-  0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
-  0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
-  0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
-  0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
-  0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653
-#endif
-};
-
-
-/* Miller-Rabin test of "a" to the base of "b" as described in
- * HAC pp. 139 Algorithm 4.24
- *
- * Sets result to 0 if definitely composite or 1 if probably prime.
- * Randomly the chance of error is no more than 1/4 and often
- * very much lower.
- */
-static int mp_prime_miller_rabin (mp_int * a, mp_int * b, int *result)
-{
-  mp_int  n1, y, r;
-  int     s, j, err;
-
-  /* default */
-  *result = MP_NO;
-
-  /* ensure b > 1 */
-  if (mp_cmp_d(b, 1) != MP_GT) {
-     return MP_VAL;
-  }
-
-  /* get n1 = a - 1 */
-  if ((err = mp_init_copy (&n1, a)) != MP_OKAY) {
-    return err;
-  }
-  if ((err = mp_sub_d (&n1, 1, &n1)) != MP_OKAY) {
-    goto LBL_N1;
-  }
-
-  /* set 2**s * r = n1 */
-  if ((err = mp_init_copy (&r, &n1)) != MP_OKAY) {
-    goto LBL_N1;
-  }
-
-  /* count the number of least significant bits
-   * which are zero
-   */
-  s = mp_cnt_lsb(&r);
-
-  /* now divide n - 1 by 2**s */
-  if ((err = mp_div_2d (&r, s, &r, NULL)) != MP_OKAY) {
-    goto LBL_R;
-  }
-
-  /* compute y = b**r mod a */
-  if ((err = mp_init (&y)) != MP_OKAY) {
-    goto LBL_R;
-  }
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-  if (mp_count_bits(a) == 1024 && mp_isodd(a))
-      err = sp_ModExp_1024(b, &r, a, &y);
-  else if (mp_count_bits(a) == 2048 && mp_isodd(a))
-      err = sp_ModExp_2048(b, &r, a, &y);
-  else
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-  if (mp_count_bits(a) == 1536 && mp_isodd(a))
-      err = sp_ModExp_1536(b, &r, a, &y);
-  else if (mp_count_bits(a) == 3072 && mp_isodd(a))
-      err = sp_ModExp_3072(b, &r, a, &y);
-  else
-#endif
-#ifdef WOLFSSL_SP_4096
-  if (mp_count_bits(a) == 4096 && mp_isodd(a))
-      err = sp_ModExp_4096(b, &r, a, &y);
-  else
-#endif
-#endif
-      err = mp_exptmod (b, &r, a, &y);
-  if (err != MP_OKAY)
-      goto LBL_Y;
-
-  /* if y != 1 and y != n1 do */
-  if (mp_cmp_d (&y, 1) != MP_EQ && mp_cmp (&y, &n1) != MP_EQ) {
-    j = 1;
-    /* while j <= s-1 and y != n1 */
-    while ((j <= (s - 1)) && mp_cmp (&y, &n1) != MP_EQ) {
-      if ((err = mp_sqrmod (&y, a, &y)) != MP_OKAY) {
-         goto LBL_Y;
-      }
-
-      /* if y == 1 then composite */
-      if (mp_cmp_d (&y, 1) == MP_EQ) {
-         goto LBL_Y;
-      }
-
-      ++j;
-    }
-
-    /* if y != n1 then composite */
-    if (mp_cmp (&y, &n1) != MP_EQ) {
-      goto LBL_Y;
-    }
-  }
-
-  /* probably prime now */
-  *result = MP_YES;
-LBL_Y:mp_clear (&y);
-LBL_R:mp_clear (&r);
-LBL_N1:mp_clear (&n1);
-  return err;
-}
-
-
-/* determines if an integers is divisible by one
- * of the first PRIME_SIZE primes or not
- *
- * sets result to 0 if not, 1 if yes
- */
-static int mp_prime_is_divisible (mp_int * a, int *result)
-{
-  int     err, ix;
-  mp_digit res;
-
-  /* default to not */
-  *result = MP_NO;
-
-  for (ix = 0; ix < PRIME_SIZE; ix++) {
-    /* what is a mod LBL_prime_tab[ix] */
-    if ((err = mp_mod_d (a, ltm_prime_tab[ix], &res)) != MP_OKAY) {
-      return err;
-    }
-
-    /* is the residue zero? */
-    if (res == 0) {
-      *result = MP_YES;
-      return MP_OKAY;
-    }
-  }
-
-  return MP_OKAY;
-}
-
-/*
- * Sets result to 1 if probably prime, 0 otherwise
- */
-int mp_prime_is_prime (mp_int * a, int t, int *result)
-{
-  mp_int  b;
-  int     ix, err, res;
-
-  /* default to no */
-  *result = MP_NO;
-
-  /* valid value of t? */
-  if (t <= 0 || t > PRIME_SIZE) {
-    return MP_VAL;
-  }
-
-  if (mp_isone(a)) {
-      *result = MP_NO;
-      return MP_OKAY;
-  }
-
-  /* is the input equal to one of the primes in the table? */
-  for (ix = 0; ix < PRIME_SIZE; ix++) {
-      if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) {
-         *result = MP_YES;
-         return MP_OKAY;
-      }
-  }
-
-  /* first perform trial division */
-  if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) {
-    return err;
-  }
-
-  /* return if it was trivially divisible */
-  if (res == MP_YES) {
-    return MP_OKAY;
-  }
-
-  /* now perform the miller-rabin rounds */
-  if ((err = mp_init (&b)) != MP_OKAY) {
-    return err;
-  }
-
-  for (ix = 0; ix < t; ix++) {
-    /* set the prime */
-    if ((err = mp_set (&b, ltm_prime_tab[ix])) != MP_OKAY) {
-        goto LBL_B;
-    }
-
-    if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) {
-      goto LBL_B;
-    }
-
-    if (res == MP_NO) {
-      goto LBL_B;
-    }
-  }
-
-  /* passed the test */
-  *result = MP_YES;
-LBL_B:mp_clear (&b);
-  return err;
-}
-
-
-/*
- * Sets result to 1 if probably prime, 0 otherwise
- */
-int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG *rng)
-{
-  mp_int  b, c;
-  int     ix, err, res;
-  byte*   base = NULL;
-  word32  bitSz = 0;
-  word32  baseSz = 0;
-
-  /* default to no */
-  *result = MP_NO;
-
-  /* valid value of t? */
-  if (t <= 0 || t > PRIME_SIZE) {
-    return MP_VAL;
-  }
-
-  if (a->sign == MP_NEG) {
-    return MP_VAL;
-  }
-
-  if (mp_isone(a)) {
-    *result = MP_NO;
-    return MP_OKAY;
-  }
-
-  /* is the input equal to one of the primes in the table? */
-  for (ix = 0; ix < PRIME_SIZE; ix++) {
-      if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) {
-         *result = MP_YES;
-         return MP_OKAY;
-      }
-  }
-
-  /* first perform trial division */
-  if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) {
-    return err;
-  }
-
-  /* return if it was trivially divisible */
-  if (res == MP_YES) {
-    return MP_OKAY;
-  }
-
-  /* now perform the miller-rabin rounds */
-  if ((err = mp_init (&b)) != MP_OKAY) {
-    return err;
-  }
-  if ((err = mp_init (&c)) != MP_OKAY) {
-      mp_clear(&b);
-    return err;
-  }
-
-  bitSz = mp_count_bits(a);
-  baseSz = (bitSz / 8) + ((bitSz % 8) ? 1 : 0);
-  bitSz %= 8;
-
-  base = (byte*)XMALLOC(baseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  if (base == NULL) {
-      err = MP_MEM;
-      goto LBL_B;
-  }
-
-  if ((err = mp_sub_d(a, 2, &c)) != MP_OKAY) {
-      goto LBL_B;
-  }
-
- /* now do a miller rabin with up to t random numbers, this should
-  * give a (1/4)^t chance of a false prime. */
-  for (ix = 0; ix < t; ix++) {
-    /* Set a test candidate. */
-    if ((err = wc_RNG_GenerateBlock(rng, base, baseSz)) != 0) {
-        goto LBL_B;
-    }
-
-    /* Clear bits higher than those in a. */
-    if (bitSz > 0) {
-        base[0] &= (1 << bitSz) - 1;
-    }
-
-    if ((err = mp_read_unsigned_bin(&b, base, baseSz)) != MP_OKAY) {
-        goto LBL_B;
-    }
-
-    if (mp_cmp_d(&b, 2) != MP_GT || mp_cmp(&b, &c) != MP_LT) {
-        ix--;
-        continue;
-    }
-
-    if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) {
-      goto LBL_B;
-    }
-
-    if (res == MP_NO) {
-      goto LBL_B;
-    }
-  }
-
-  /* passed the test */
-  *result = MP_YES;
-LBL_B:mp_clear (&b);
-      mp_clear (&c);
-      XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  return err;
-}
-
-#endif /* (WOLFSSL_KEY_GEN && !NO_RSA) || !NO_DH || !NO_DSA */
-
-#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_DH) || !defined(NO_DSA))
-
-static const int USE_BBS = 1;
-
-int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap)
-{
-    int   err, res, type;
-    byte* buf;
-
-    if (a == NULL || rng == NULL)
-        return MP_VAL;
-
-    /* get type */
-    if (len < 0) {
-        type = USE_BBS;
-        len = -len;
-    } else {
-        type = 0;
-    }
-
-    /* allow sizes between 2 and 512 bytes for a prime size */
-    if (len < 2 || len > 512) {
-        return MP_VAL;
-    }
-
-    /* allocate buffer to work with */
-    buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
-    if (buf == NULL) {
-        return MP_MEM;
-    }
-    XMEMSET(buf, 0, len);
-
-    do {
-#ifdef SHOW_GEN
-        printf(".");
-        fflush(stdout);
-#endif
-        /* generate value */
-        err = wc_RNG_GenerateBlock(rng, buf, len);
-        if (err != 0) {
-            XFREE(buf, heap, DYNAMIC_TYPE_RSA);
-            return err;
-        }
-
-        /* munge bits */
-        buf[0]     |= 0x80 | 0x40;
-        buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
-
-        /* load value */
-        if ((err = mp_read_unsigned_bin(a, buf, len)) != MP_OKAY) {
-            XFREE(buf, heap, DYNAMIC_TYPE_RSA);
-            return err;
-        }
-
-        /* test */
-        /* Running Miller-Rabin up to 3 times gives us a 2^{-80} chance
-         * of a 1024-bit candidate being a false positive, when it is our
-         * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.)
-         * Using 8 because we've always used 8. */
-        if ((err = mp_prime_is_prime_ex(a, 8, &res, rng)) != MP_OKAY) {
-            XFREE(buf, heap, DYNAMIC_TYPE_RSA);
-            return err;
-        }
-    } while (res == MP_NO);
-
-    XMEMSET(buf, 0, len);
-    XFREE(buf, heap, DYNAMIC_TYPE_RSA);
-
-    return MP_OKAY;
-}
-
-#endif
-
-#if defined(WOLFSSL_KEY_GEN)
-
-/* computes least common multiple as |a*b|/(a, b) */
-int mp_lcm (mp_int * a, mp_int * b, mp_int * c)
-{
-  int     res;
-  mp_int  t1, t2;
-
-  /* LCM of 0 and any number is undefined as 0 is not in the set of values
-   * being used. */
-  if (mp_iszero (a) == MP_YES || mp_iszero (b) == MP_YES) {
-    return MP_VAL;
-  }
-
-  if ((res = mp_init_multi (&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) {
-    return res;
-  }
-
-  /* t1 = get the GCD of the two inputs */
-  if ((res = mp_gcd (a, b, &t1)) != MP_OKAY) {
-    goto LBL_T;
-  }
-
-  /* divide the smallest by the GCD */
-  if (mp_cmp_mag(a, b) == MP_LT) {
-     /* store quotient in t2 such that t2 * b is the LCM */
-     if ((res = mp_div(a, &t1, &t2, NULL)) != MP_OKAY) {
-        goto LBL_T;
-     }
-     res = mp_mul(b, &t2, c);
-  } else {
-     /* store quotient in t2 such that t2 * a is the LCM */
-     if ((res = mp_div(b, &t1, &t2, NULL)) != MP_OKAY) {
-        goto LBL_T;
-     }
-     res = mp_mul(a, &t2, c);
-  }
-
-  /* fix the sign to positive */
-  c->sign = MP_ZPOS;
-
-LBL_T:
-  mp_clear(&t1);
-  mp_clear(&t2);
-  return res;
-}
-
-
-
-/* Greatest Common Divisor using the binary method */
-int mp_gcd (mp_int * a, mp_int * b, mp_int * c)
-{
-    mp_int  u, v;
-    int     k, u_lsb, v_lsb, res;
-
-    /* either zero than gcd is the largest */
-    if (mp_iszero (a) == MP_YES) {
-        /* GCD of 0 and 0 is undefined as all integers divide 0. */
-        if (mp_iszero (b) == MP_YES) {
-           return MP_VAL;
-        }
-        return mp_abs (b, c);
-    }
-    if (mp_iszero (b) == MP_YES) {
-        return mp_abs (a, c);
-    }
-
-    /* get copies of a and b we can modify */
-    if ((res = mp_init_copy (&u, a)) != MP_OKAY) {
-        return res;
-    }
-
-    if ((res = mp_init_copy (&v, b)) != MP_OKAY) {
-        goto LBL_U;
-    }
-
-    /* must be positive for the remainder of the algorithm */
-    u.sign = v.sign = MP_ZPOS;
-
-    /* B1.  Find the common power of two for u and v */
-    u_lsb = mp_cnt_lsb(&u);
-    v_lsb = mp_cnt_lsb(&v);
-    k     = MIN(u_lsb, v_lsb);
-
-    if (k > 0) {
-        /* divide the power of two out */
-        if ((res = mp_div_2d(&u, k, &u, NULL)) != MP_OKAY) {
-            goto LBL_V;
-        }
-
-        if ((res = mp_div_2d(&v, k, &v, NULL)) != MP_OKAY) {
-            goto LBL_V;
-        }
-    }
-
-    /* divide any remaining factors of two out */
-    if (u_lsb != k) {
-        if ((res = mp_div_2d(&u, u_lsb - k, &u, NULL)) != MP_OKAY) {
-            goto LBL_V;
-        }
-    }
-
-    if (v_lsb != k) {
-        if ((res = mp_div_2d(&v, v_lsb - k, &v, NULL)) != MP_OKAY) {
-            goto LBL_V;
-        }
-    }
-
-    while (mp_iszero(&v) == MP_NO) {
-        /* make sure v is the largest */
-        if (mp_cmp_mag(&u, &v) == MP_GT) {
-            /* swap u and v to make sure v is >= u */
-            mp_exch(&u, &v);
-        }
-
-        /* subtract smallest from largest */
-        if ((res = s_mp_sub(&v, &u, &v)) != MP_OKAY) {
-            goto LBL_V;
-        }
-
-        /* Divide out all factors of two */
-        if ((res = mp_div_2d(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) {
-            goto LBL_V;
-        }
-    }
-
-    /* multiply by 2**k which we divided out at the beginning */
-    if ((res = mp_mul_2d (&u, k, c)) != MP_OKAY) {
-        goto LBL_V;
-    }
-    c->sign = MP_ZPOS;
-    res = MP_OKAY;
-LBL_V:mp_clear (&v);
-LBL_U:mp_clear (&u);
-    return res;
-}
-
-#endif /* WOLFSSL_KEY_GEN */
-
-
-#if !defined(NO_DSA) || defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || \
-    defined(HAVE_COMP_KEY) || defined(WOLFSSL_DEBUG_MATH) || \
-    defined(DEBUG_WOLFSSL) || defined(OPENSSL_EXTRA) || defined(WC_MP_TO_RADIX)
-
-/* chars used in radix conversions */
-const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-                        "abcdefghijklmnopqrstuvwxyz+/";
-#endif
-
-#if !defined(NO_DSA) || defined(HAVE_ECC) || defined(OPENSSL_EXTRA)
-/* read a string [ASCII] in a given radix */
-int mp_read_radix (mp_int * a, const char *str, int radix)
-{
-  int     y, res, neg;
-  char    ch;
-
-  /* zero the digit bignum */
-  mp_zero(a);
-
-  /* make sure the radix is ok */
-  if (radix < MP_RADIX_BIN || radix > MP_RADIX_MAX) {
-    return MP_VAL;
-  }
-
-  /* if the leading digit is a
-   * minus set the sign to negative.
-   */
-  if (*str == '-') {
-    ++str;
-    neg = MP_NEG;
-  } else {
-    neg = MP_ZPOS;
-  }
-
-  /* set the integer to the default of zero */
-  mp_zero (a);
-
-  /* process each digit of the string */
-  while (*str != '\0') {
-    /* if the radix <= 36 the conversion is case insensitive
-     * this allows numbers like 1AB and 1ab to represent the same  value
-     * [e.g. in hex]
-     */
-    ch = (radix <= 36) ? (char)XTOUPPER((unsigned char)*str) : *str;
-    for (y = 0; y < 64; y++) {
-      if (ch == mp_s_rmap[y]) {
-         break;
-      }
-    }
-
-    /* if the char was found in the map
-     * and is less than the given radix add it
-     * to the number, otherwise exit the loop.
-     */
-    if (y < radix) {
-      if ((res = mp_mul_d (a, (mp_digit) radix, a)) != MP_OKAY) {
-         mp_zero(a);
-         return res;
-      }
-      if ((res = mp_add_d (a, (mp_digit) y, a)) != MP_OKAY) {
-         mp_zero(a);
-         return res;
-      }
-    } else {
-      break;
-    }
-    ++str;
-  }
-
-  /* Skip whitespace at end of str */
-  while (CharIsWhiteSpace(*str))
-    ++str;
-  /* if digit in isn't null term, then invalid character was found */
-  if (*str != '\0') {
-     mp_zero (a);
-     return MP_VAL;
-  }
-
-  /* set the sign only if a != 0 */
-  if (mp_iszero(a) != MP_YES) {
-     a->sign = neg;
-  }
-  return MP_OKAY;
-}
-#endif /* !defined(NO_DSA) || defined(HAVE_ECC) */
-
-#ifdef WC_MP_TO_RADIX
-
-/* returns size of ASCII representation */
-int mp_radix_size (mp_int *a, int radix, int *size)
-{
-    int     res, digs;
-    mp_int  t;
-    mp_digit d;
-
-    *size = 0;
-
-    /* special case for binary */
-    if (radix == MP_RADIX_BIN) {
-        *size = mp_count_bits(a);
-        if (*size == 0)
-          *size = 1;
-        *size += (a->sign == MP_NEG ? 1 : 0) + 1; /* "-" sign + null term */
-        return MP_OKAY;
-    }
-
-    /* make sure the radix is in range */
-    if (radix < MP_RADIX_BIN || radix > MP_RADIX_MAX) {
-        return MP_VAL;
-    }
-
-    if (mp_iszero(a) == MP_YES) {
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-        if (radix == 16)
-            *size = 3;
-        else
-#endif
-            *size = 2;
-        return MP_OKAY;
-    }
-
-    /* digs is the digit count */
-    digs = 0;
-
-    /* init a copy of the input */
-    if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
-        return res;
-    }
-
-    /* force temp to positive */
-    t.sign = MP_ZPOS;
-
-    /* fetch out all of the digits */
-    while (mp_iszero (&t) == MP_NO) {
-        if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
-            mp_clear (&t);
-            return res;
-        }
-        ++digs;
-    }
-    mp_clear (&t);
-
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-    /* For hexadecimal output, add zero padding when number of digits is odd */
-    if ((digs & 1) && (radix == 16)) {
-        ++digs;
-    }
-#endif
-
-    /* if it's negative add one for the sign */
-    if (a->sign == MP_NEG) {
-        ++digs;
-    }
-
-    /* return digs + 1, the 1 is for the NULL byte that would be required. */
-    *size = digs + 1;
-    return MP_OKAY;
-}
-
-/* stores a bignum as a ASCII string in a given radix (2..64) */
-int mp_toradix (mp_int *a, char *str, int radix)
-{
-    int     res, digs;
-    mp_int  t;
-    mp_digit d;
-    char   *_s = str;
-
-    /* check range of the radix */
-    if (radix < MP_RADIX_BIN || radix > MP_RADIX_MAX) {
-        return MP_VAL;
-    }
-
-    /* quick out if its zero */
-    if (mp_iszero(a) == MP_YES) {
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-        if (radix == 16) {
-            *str++ = '0';
-        }
-#endif
-        *str++ = '0';
-        *str = '\0';
-        return MP_OKAY;
-    }
-
-    if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
-        return res;
-    }
-
-    /* if it is negative output a - */
-    if (t.sign == MP_NEG) {
-        ++_s;
-        *str++ = '-';
-        t.sign = MP_ZPOS;
-    }
-
-    digs = 0;
-    while (mp_iszero (&t) == MP_NO) {
-        if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
-            mp_clear (&t);
-            return res;
-        }
-        *str++ = mp_s_rmap[d];
-        ++digs;
-    }
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-    /* For hexadecimal output, add zero padding when number of digits is odd */
-    if ((digs & 1) && (radix == 16)) {
-        *str++ = mp_s_rmap[0];
-        ++digs;
-    }
-#endif
-    /* reverse the digits of the string.  In this case _s points
-     * to the first digit [excluding the sign] of the number]
-     */
-    bn_reverse ((unsigned char *)_s, digs);
-
-    /* append a NULL so the string is properly terminated */
-    *str = '\0';
-
-    mp_clear (&t);
-    return MP_OKAY;
-}
-
-#ifdef WOLFSSL_DEBUG_MATH
-void mp_dump(const char* desc, mp_int* a, byte verbose)
-{
-  char *buffer;
-  int size = a->alloc;
-
-  buffer = (char*)XMALLOC(size * sizeof(mp_digit) * 2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  if (buffer == NULL) {
-    return;
-  }
-
-  printf("%s: ptr=%p, used=%d, sign=%d, size=%d, mpd=%d\n",
-    desc, a, a->used, a->sign, size, (int)sizeof(mp_digit));
-
-  mp_tohex(a, buffer);
-  printf("  %s\n  ", buffer);
-
-  if (verbose) {
-    int i;
-    for(i=0; i<a->alloc * (int)sizeof(mp_digit); i++) {
-      printf("%02x ", *(((byte*)a->dp) + i));
-    }
-    printf("\n");
-  }
-
-  XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-}
-#endif /* WOLFSSL_DEBUG_MATH */
-
-#endif /* WC_MP_TO_RADIX */
-
-#endif /* WOLFSSL_SP_MATH */
-
-#endif /* !USE_FAST_MATH && USE_INTEGER_HEAP_MATH */
-
-#endif /* NO_BIG_INT */
diff --git a/src/ssl/wolfssl/wolfcrypt/md2.c b/src/ssl/wolfssl/wolfcrypt/md2.c
deleted file mode 100644
index 9ae436fdc..000000000
--- a/src/ssl/wolfssl/wolfcrypt/md2.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* md2.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFSSL_MD2
-
-#include <wolfssl/wolfcrypt/md2.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-
-void wc_InitMd2(wc_Md2* md2)
-{
-    if (md2 == NULL)
-        return;
-
-    XMEMSET(md2->X, 0, WC_MD2_X_SIZE);
-    XMEMSET(md2->C, 0, WC_MD2_BLOCK_SIZE);
-    XMEMSET(md2->buffer, 0, WC_MD2_BLOCK_SIZE);
-    md2->count = 0;
-}
-
-
-void wc_Md2Update(wc_Md2* md2, const byte* data, word32 len)
-{
-    static const byte S[256] =
-    {
-        41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
-        19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
-        76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
-        138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
-        245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
-        148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
-        39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
-        181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
-        150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
-        112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
-        96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
-        85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
-        234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
-        129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
-        8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
-        203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
-        166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
-        31, 26, 219, 153, 141, 51, 159, 17, 131, 20
-    };
-
-    if (md2 == NULL || (data == NULL && len != 0))
-        return;
-
-    while (len) {
-        word32 L = (WC_MD2_PAD_SIZE - md2->count) < len ?
-                   (WC_MD2_PAD_SIZE - md2->count) : len;
-        XMEMCPY(md2->buffer + md2->count, data, L);
-        md2->count += L;
-        data += L;
-        len  -= L;
-
-        if (md2->count == WC_MD2_PAD_SIZE) {
-            int  i;
-            byte t;
-
-            md2->count = 0;
-            XMEMCPY(md2->X + WC_MD2_PAD_SIZE, md2->buffer, WC_MD2_PAD_SIZE);
-            t = md2->C[15];
-
-            for(i = 0; i < WC_MD2_PAD_SIZE; i++) {
-                md2->X[32 + i] = md2->X[WC_MD2_PAD_SIZE + i] ^ md2->X[i];
-                t = md2->C[i] ^= S[md2->buffer[i] ^ t];
-            }
-
-            t=0;
-            for(i = 0; i < 18; i++) {
-                int j;
-                for(j = 0; j < WC_MD2_X_SIZE; j += 8) {
-                    t = md2->X[j+0] ^= S[t];
-                    t = md2->X[j+1] ^= S[t];
-                    t = md2->X[j+2] ^= S[t];
-                    t = md2->X[j+3] ^= S[t];
-                    t = md2->X[j+4] ^= S[t];
-                    t = md2->X[j+5] ^= S[t];
-                    t = md2->X[j+6] ^= S[t];
-                    t = md2->X[j+7] ^= S[t];
-                }
-                t = (byte)((t + i) & 0xFF);
-            }
-        }
-    }
-}
-
-
-void wc_Md2Final(wc_Md2* md2, byte* hash)
-{
-    byte   padding[WC_MD2_BLOCK_SIZE];
-    word32 padLen;
-    word32 i;
-
-    if (md2 == NULL || hash == NULL)
-        return;
-
-    padLen = WC_MD2_PAD_SIZE - md2->count;
-    for (i = 0; i < padLen; i++)
-        padding[i] = (byte)padLen;
-
-    wc_Md2Update(md2, padding, padLen); /* cppcheck-suppress uninitvar */
-    wc_Md2Update(md2, md2->C, WC_MD2_BLOCK_SIZE);
-
-    XMEMCPY(hash, md2->X, WC_MD2_DIGEST_SIZE);
-
-    wc_InitMd2(md2);
-}
-
-
-int wc_Md2Hash(const byte* data, word32 len, byte* hash)
-{
-    WC_DECLARE_VAR(md2, wc_Md2, 1, 0);
-
-    WC_ALLOC_VAR_EX(md2, wc_Md2, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    wc_InitMd2(md2);
-    wc_Md2Update(md2, data, len);
-    wc_Md2Final(md2, hash);
-
-    WC_FREE_VAR_EX(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-
-
-#endif /* WOLFSSL_MD2 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/md4.c b/src/ssl/wolfssl/wolfcrypt/md4.c
deleted file mode 100644
index e7342d656..000000000
--- a/src/ssl/wolfssl/wolfcrypt/md4.c
+++ /dev/null
@@ -1,217 +0,0 @@
-/* md4.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_MD4
-
-#include <wolfssl/wolfcrypt/md4.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-
-void wc_InitMd4(wc_Md4* md4)
-{
-    if (md4 == NULL)
-        return;
-
-    md4->digest[0] = 0x67452301L;
-    md4->digest[1] = 0xefcdab89L;
-    md4->digest[2] = 0x98badcfeL;
-    md4->digest[3] = 0x10325476L;
-
-    md4->buffLen = 0;
-    md4->loLen   = 0;
-    md4->hiLen   = 0;
-}
-
-
-static void Transform(wc_Md4* md4)
-{
-#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
-#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
-#define H(x, y, z) ((x) ^ (y) ^ (z))
-
-    /* Copy context->state[] to working vars  */
-    word32 A = md4->digest[0];
-    word32 B = md4->digest[1];
-    word32 C = md4->digest[2];
-    word32 D = md4->digest[3];
-
-#define function(a,b,c,d,k,s) (a)=rotlFixed((a)+F(b,c,d)+md4->buffer[k],s);
-    function(A,B,C,D, 0, 3);
-    function(D,A,B,C, 1, 7);
-    function(C,D,A,B, 2,11);
-    function(B,C,D,A, 3,19);
-    function(A,B,C,D, 4, 3);
-    function(D,A,B,C, 5, 7);
-    function(C,D,A,B, 6,11);
-    function(B,C,D,A, 7,19);
-    function(A,B,C,D, 8, 3);
-    function(D,A,B,C, 9, 7);
-    function(C,D,A,B,10,11);
-    function(B,C,D,A,11,19);
-    function(A,B,C,D,12, 3);
-    function(D,A,B,C,13, 7);
-    function(C,D,A,B,14,11);
-    function(B,C,D,A,15,19);
-
-#undef function
-#define function(a,b,c,d,k,s) \
-    (a)=rotlFixed((a)+G(b,c,d)+md4->buffer[k]+0x5a827999,s);
-
-    function(A,B,C,D, 0, 3);
-    function(D,A,B,C, 4, 5);
-    function(C,D,A,B, 8, 9);
-    function(B,C,D,A,12,13);
-    function(A,B,C,D, 1, 3);
-    function(D,A,B,C, 5, 5);
-    function(C,D,A,B, 9, 9);
-    function(B,C,D,A,13,13);
-    function(A,B,C,D, 2, 3);
-    function(D,A,B,C, 6, 5);
-    function(C,D,A,B,10, 9);
-    function(B,C,D,A,14,13);
-    function(A,B,C,D, 3, 3);
-    function(D,A,B,C, 7, 5);
-    function(C,D,A,B,11, 9);
-    function(B,C,D,A,15,13);
-
-#undef function
-#define function(a,b,c,d,k,s) \
-    (a)=rotlFixed((a)+H(b,c,d)+md4->buffer[k]+0x6ed9eba1,s);
-
-    function(A,B,C,D, 0, 3);
-    function(D,A,B,C, 8, 9);
-    function(C,D,A,B, 4,11);
-    function(B,C,D,A,12,15);
-    function(A,B,C,D, 2, 3);
-    function(D,A,B,C,10, 9);
-    function(C,D,A,B, 6,11);
-    function(B,C,D,A,14,15);
-    function(A,B,C,D, 1, 3);
-    function(D,A,B,C, 9, 9);
-    function(C,D,A,B, 5,11);
-    function(B,C,D,A,13,15);
-    function(A,B,C,D, 3, 3);
-    function(D,A,B,C,11, 9);
-    function(C,D,A,B, 7,11);
-    function(B,C,D,A,15,15);
-
-    /* Add the working vars back into digest state[]  */
-    md4->digest[0] += A;
-    md4->digest[1] += B;
-    md4->digest[2] += C;
-    md4->digest[3] += D;
-}
-
-
-static WC_INLINE void AddLength(wc_Md4* md4, word32 len)
-{
-    word32 tmp = md4->loLen;
-    if ( (md4->loLen += len) < tmp)
-        md4->hiLen++;                       /* carry low to high */
-}
-
-
-void wc_Md4Update(wc_Md4* md4, const byte* data, word32 len)
-{
-    /* do block size increments */
-    byte* local;
-
-    if (md4 == NULL || (data == NULL && len != 0))
-        return;
-
-    local = (byte*)md4->buffer;
-    while (len) {
-        word32 add = min(len, WC_MD4_BLOCK_SIZE - md4->buffLen);
-        XMEMCPY(&local[md4->buffLen], data, add);
-
-        md4->buffLen += add;
-        data         += add;
-        len          -= add;
-
-        if (md4->buffLen == WC_MD4_BLOCK_SIZE) {
-            #ifdef BIG_ENDIAN_ORDER
-                ByteReverseWords(md4->buffer, md4->buffer, WC_MD4_BLOCK_SIZE);
-            #endif
-            Transform(md4);
-            AddLength(md4, WC_MD4_BLOCK_SIZE);
-            md4->buffLen = 0;
-        }
-    }
-}
-
-
-void wc_Md4Final(wc_Md4* md4, byte* hash)
-{
-    byte* local;
-
-    if (md4 == NULL || hash == NULL)
-        return;
-
-    local = (byte*)md4->buffer;
-    AddLength(md4, md4->buffLen);               /* before adding pads */
-
-    local[md4->buffLen++] = 0x80;  /* add 1 */
-
-    /* pad with zeros */
-    if (md4->buffLen > WC_MD4_PAD_SIZE) {
-        XMEMSET(&local[md4->buffLen], 0, WC_MD4_BLOCK_SIZE - md4->buffLen);
-        md4->buffLen += WC_MD4_BLOCK_SIZE - md4->buffLen;
-
-        #ifdef BIG_ENDIAN_ORDER
-            ByteReverseWords(md4->buffer, md4->buffer, WC_MD4_BLOCK_SIZE);
-        #endif
-        Transform(md4);
-        md4->buffLen = 0;
-    }
-    XMEMSET(&local[md4->buffLen], 0, WC_MD4_PAD_SIZE - md4->buffLen);
-
-    /* put lengths in bits */
-    md4->hiLen = (md4->loLen >> (8*sizeof(md4->loLen) - 3)) +
-                 (md4->hiLen << 3);
-    md4->loLen = md4->loLen << 3;
-
-    /* store lengths */
-    #ifdef BIG_ENDIAN_ORDER
-        ByteReverseWords(md4->buffer, md4->buffer, WC_MD4_BLOCK_SIZE);
-    #endif
-    /* ! length ordering dependent on digest endian type ! */
-    XMEMCPY(&local[WC_MD4_PAD_SIZE], &md4->loLen, sizeof(word32));
-    XMEMCPY(&local[WC_MD4_PAD_SIZE + sizeof(word32)], &md4->hiLen, sizeof(word32));
-
-    Transform(md4);
-    #ifdef BIG_ENDIAN_ORDER
-        ByteReverseWords(md4->digest, md4->digest, WC_MD4_DIGEST_SIZE);
-    #endif
-    XMEMCPY(hash, md4->digest, WC_MD4_DIGEST_SIZE);
-
-    wc_InitMd4(md4);  /* reset state */
-}
-
-
-#endif /* NO_MD4 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/md5.c b/src/ssl/wolfssl/wolfcrypt/md5.c
deleted file mode 100644
index e62a84170..000000000
--- a/src/ssl/wolfssl/wolfcrypt/md5.c
+++ /dev/null
@@ -1,592 +0,0 @@
-/* md5.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if !defined(NO_MD5)
-
-#if defined(WOLFSSL_TI_HASH)
-/* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
-
-#else
-
-#include <wolfssl/wolfcrypt/md5.h>
-#include <wolfssl/wolfcrypt/hash.h>
-
-#ifdef NO_INLINE
-#include <wolfssl/wolfcrypt/misc.h>
-#else
-#define WOLFSSL_MISC_INCLUDED
-#include <wolfcrypt/src/misc.c>
-#endif
-
-
-/* Hardware Acceleration */
-#if defined(STM32_HASH) && !defined(STM32_NOMD5)
-
-/* Supports CubeMX HAL or Standard Peripheral Library */
-#define HAVE_MD5_CUST_API
-
-int wc_InitMd5_ex(wc_Md5* md5, void* heap, int devId)
-{
-    if (md5 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    (void)devId;
-    (void)heap;
-
-    wc_Stm32_Hash_Init(&md5->stmCtx);
-
-    return 0;
-}
-
-int wc_Md5Update(wc_Md5* md5, const byte* data, word32 len)
-{
-    int ret;
-
-    if (md5 == NULL || (data == NULL && len > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        ret = wc_Stm32_Hash_Update(&md5->stmCtx, HASH_AlgoSelection_MD5,
-                                   data, len, WC_MD5_BLOCK_SIZE);
-        wolfSSL_CryptHwMutexUnLock();
-    }
-    return ret;
-}
-
-int wc_Md5Final(wc_Md5* md5, byte* hash)
-{
-    int ret;
-
-    if (md5 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        ret = wc_Stm32_Hash_Final(&md5->stmCtx, HASH_AlgoSelection_MD5,
-                                  hash, WC_MD5_DIGEST_SIZE);
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    (void)wc_InitMd5(md5);  /* reset state */
-
-    return ret;
-}
-
-#elif defined(FREESCALE_MMCAU_SHA)
-
-#ifdef FREESCALE_MMCAU_CLASSIC_SHA
-    #include "cau_api.h"
-#else
-    #include "fsl_mmcau.h"
-#endif
-
-#define XTRANSFORM(S,B)       Transform((S), (B))
-#define XTRANSFORM_LEN(S,B,L) Transform_Len((S), (B), (L))
-
-#ifndef WC_HASH_DATA_ALIGNMENT
-    /* these hardware API's require 4 byte (word32) alignment */
-    #define WC_HASH_DATA_ALIGNMENT 4
-#endif
-
-static int Transform(wc_Md5* md5, const byte* data)
-{
-    int ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-#ifdef FREESCALE_MMCAU_CLASSIC_SHA
-        cau_md5_hash_n((byte*)data, 1, (unsigned char*)md5->digest);
-#else
-        MMCAU_MD5_HashN((byte*)data, 1, (uint32_t*)md5->digest);
-#endif
-        wolfSSL_CryptHwMutexUnLock();
-    }
-    return ret;
-}
-
-static int Transform_Len(wc_Md5* md5, const byte* data, word32 len)
-{
-    int ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-    #if defined(WC_HASH_DATA_ALIGNMENT) && WC_HASH_DATA_ALIGNMENT > 0
-        if ((wc_ptr_t)data % WC_HASH_DATA_ALIGNMENT) {
-            /* data pointer is NOT aligned,
-             * so copy and perform one block at a time */
-            byte* local = (byte*)md5->buffer;
-            while (len >= WC_MD5_BLOCK_SIZE) {
-                XMEMCPY(local, data, WC_MD5_BLOCK_SIZE);
-            #ifdef FREESCALE_MMCAU_CLASSIC_SHA
-                cau_md5_hash_n(local, 1, (unsigned char*)md5->digest);
-            #else
-                MMCAU_MD5_HashN(local, 1, (uint32_t*)md5->digest);
-            #endif
-                data += WC_MD5_BLOCK_SIZE;
-                len  -= WC_MD5_BLOCK_SIZE;
-            }
-        }
-        else
-    #endif
-        {
-#ifdef FREESCALE_MMCAU_CLASSIC_SHA
-        cau_md5_hash_n((byte*)data, len / WC_MD5_BLOCK_SIZE,
-            (unsigned char*)md5->digest);
-#else
-        MMCAU_MD5_HashN((byte*)data, len / WC_MD5_BLOCK_SIZE,
-            (uint32_t*)md5->digest);
-#endif
-        }
-        wolfSSL_CryptHwMutexUnLock();
-    }
-    return ret;
-}
-
-#elif defined(WOLFSSL_PIC32MZ_HASH)
-#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
-#define HAVE_MD5_CUST_API
-
-#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
-    !defined(WOLFSSL_QNX_CAAM)
-/* functions implemented in wolfcrypt/src/port/caam/caam_sha.c */
-#define HAVE_MD5_CUST_API
-#else
-#define NEED_SOFT_MD5
-#endif /* End Hardware Acceleration */
-
-#ifdef NEED_SOFT_MD5
-
-#define XTRANSFORM(S,B)  Transform((S),(B))
-
-#define F1(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
-#define F2(x, y, z) F1(z, x, y)
-#define F3(x, y, z) ((x) ^ (y) ^ (z))
-#define F4(x, y, z) ((y) ^ ((x) | ~(z)))
-
-#define MD5STEP(f, w, x, y, z, data, s) \
-    (w) = (rotlFixed((w) + f(x, y, z) + (data), s) + (x))
-
-static int Transform(wc_Md5* md5, const byte* data)
-{
-    const word32* buffer = (const word32*)data;
-    /* Copy context->state[] to working vars  */
-    word32 a = md5->digest[0];
-    word32 b = md5->digest[1];
-    word32 c = md5->digest[2];
-    word32 d = md5->digest[3];
-
-    MD5STEP(F1, a, b, c, d, buffer[0]  + 0xd76aa478,  7);
-    MD5STEP(F1, d, a, b, c, buffer[1]  + 0xe8c7b756, 12);
-    MD5STEP(F1, c, d, a, b, buffer[2]  + 0x242070db, 17);
-    MD5STEP(F1, b, c, d, a, buffer[3]  + 0xc1bdceee, 22);
-    MD5STEP(F1, a, b, c, d, buffer[4]  + 0xf57c0faf,  7);
-    MD5STEP(F1, d, a, b, c, buffer[5]  + 0x4787c62a, 12);
-    MD5STEP(F1, c, d, a, b, buffer[6]  + 0xa8304613, 17);
-    MD5STEP(F1, b, c, d, a, buffer[7]  + 0xfd469501, 22);
-    MD5STEP(F1, a, b, c, d, buffer[8]  + 0x698098d8,  7);
-    MD5STEP(F1, d, a, b, c, buffer[9]  + 0x8b44f7af, 12);
-    MD5STEP(F1, c, d, a, b, buffer[10] + 0xffff5bb1, 17);
-    MD5STEP(F1, b, c, d, a, buffer[11] + 0x895cd7be, 22);
-    MD5STEP(F1, a, b, c, d, buffer[12] + 0x6b901122,  7);
-    MD5STEP(F1, d, a, b, c, buffer[13] + 0xfd987193, 12);
-    MD5STEP(F1, c, d, a, b, buffer[14] + 0xa679438e, 17);
-    MD5STEP(F1, b, c, d, a, buffer[15] + 0x49b40821, 22);
-
-    MD5STEP(F2, a, b, c, d, buffer[1]  + 0xf61e2562,  5);
-    MD5STEP(F2, d, a, b, c, buffer[6]  + 0xc040b340,  9);
-    MD5STEP(F2, c, d, a, b, buffer[11] + 0x265e5a51, 14);
-    MD5STEP(F2, b, c, d, a, buffer[0]  + 0xe9b6c7aa, 20);
-    MD5STEP(F2, a, b, c, d, buffer[5]  + 0xd62f105d,  5);
-    MD5STEP(F2, d, a, b, c, buffer[10] + 0x02441453,  9);
-    MD5STEP(F2, c, d, a, b, buffer[15] + 0xd8a1e681, 14);
-    MD5STEP(F2, b, c, d, a, buffer[4]  + 0xe7d3fbc8, 20);
-    MD5STEP(F2, a, b, c, d, buffer[9]  + 0x21e1cde6,  5);
-    MD5STEP(F2, d, a, b, c, buffer[14] + 0xc33707d6,  9);
-    MD5STEP(F2, c, d, a, b, buffer[3]  + 0xf4d50d87, 14);
-    MD5STEP(F2, b, c, d, a, buffer[8]  + 0x455a14ed, 20);
-    MD5STEP(F2, a, b, c, d, buffer[13] + 0xa9e3e905,  5);
-    MD5STEP(F2, d, a, b, c, buffer[2]  + 0xfcefa3f8,  9);
-    MD5STEP(F2, c, d, a, b, buffer[7]  + 0x676f02d9, 14);
-    MD5STEP(F2, b, c, d, a, buffer[12] + 0x8d2a4c8a, 20);
-
-    MD5STEP(F3, a, b, c, d, buffer[5]  + 0xfffa3942,  4);
-    MD5STEP(F3, d, a, b, c, buffer[8]  + 0x8771f681, 11);
-    MD5STEP(F3, c, d, a, b, buffer[11] + 0x6d9d6122, 16);
-    MD5STEP(F3, b, c, d, a, buffer[14] + 0xfde5380c, 23);
-    MD5STEP(F3, a, b, c, d, buffer[1]  + 0xa4beea44,  4);
-    MD5STEP(F3, d, a, b, c, buffer[4]  + 0x4bdecfa9, 11);
-    MD5STEP(F3, c, d, a, b, buffer[7]  + 0xf6bb4b60, 16);
-    MD5STEP(F3, b, c, d, a, buffer[10] + 0xbebfbc70, 23);
-    MD5STEP(F3, a, b, c, d, buffer[13] + 0x289b7ec6,  4);
-    MD5STEP(F3, d, a, b, c, buffer[0]  + 0xeaa127fa, 11);
-    MD5STEP(F3, c, d, a, b, buffer[3]  + 0xd4ef3085, 16);
-    MD5STEP(F3, b, c, d, a, buffer[6]  + 0x04881d05, 23);
-    MD5STEP(F3, a, b, c, d, buffer[9]  + 0xd9d4d039,  4);
-    MD5STEP(F3, d, a, b, c, buffer[12] + 0xe6db99e5, 11);
-    MD5STEP(F3, c, d, a, b, buffer[15] + 0x1fa27cf8, 16);
-    MD5STEP(F3, b, c, d, a, buffer[2]  + 0xc4ac5665, 23);
-
-    MD5STEP(F4, a, b, c, d, buffer[0]  + 0xf4292244,  6);
-    MD5STEP(F4, d, a, b, c, buffer[7]  + 0x432aff97, 10);
-    MD5STEP(F4, c, d, a, b, buffer[14] + 0xab9423a7, 15);
-    MD5STEP(F4, b, c, d, a, buffer[5]  + 0xfc93a039, 21);
-    MD5STEP(F4, a, b, c, d, buffer[12] + 0x655b59c3,  6);
-    MD5STEP(F4, d, a, b, c, buffer[3]  + 0x8f0ccc92, 10);
-    MD5STEP(F4, c, d, a, b, buffer[10] + 0xffeff47d, 15);
-    MD5STEP(F4, b, c, d, a, buffer[1]  + 0x85845dd1, 21);
-    MD5STEP(F4, a, b, c, d, buffer[8]  + 0x6fa87e4f,  6);
-    MD5STEP(F4, d, a, b, c, buffer[15] + 0xfe2ce6e0, 10);
-    MD5STEP(F4, c, d, a, b, buffer[6]  + 0xa3014314, 15);
-    MD5STEP(F4, b, c, d, a, buffer[13] + 0x4e0811a1, 21);
-    MD5STEP(F4, a, b, c, d, buffer[4]  + 0xf7537e82,  6);
-    MD5STEP(F4, d, a, b, c, buffer[11] + 0xbd3af235, 10);
-    MD5STEP(F4, c, d, a, b, buffer[2]  + 0x2ad7d2bb, 15);
-    MD5STEP(F4, b, c, d, a, buffer[9]  + 0xeb86d391, 21);
-
-    /* Add the working vars back into digest state[]  */
-    md5->digest[0] += a;
-    md5->digest[1] += b;
-    md5->digest[2] += c;
-    md5->digest[3] += d;
-
-    return 0;
-}
-#endif /* NEED_SOFT_MD5 */
-
-#ifndef HAVE_MD5_CUST_API
-
-static WC_INLINE void AddLength(wc_Md5* md5, word32 len)
-{
-    word32 tmp = md5->loLen;
-    if ((md5->loLen += len) < tmp) {
-        md5->hiLen++;                       /* carry low to high */
-    }
-}
-
-static int _InitMd5(wc_Md5* md5)
-{
-    int ret = 0;
-
-    md5->digest[0] = 0x67452301L;
-    md5->digest[1] = 0xefcdab89L;
-    md5->digest[2] = 0x98badcfeL;
-    md5->digest[3] = 0x10325476L;
-
-    md5->buffLen = 0;
-    md5->loLen   = 0;
-    md5->hiLen   = 0;
-#ifdef WOLFSSL_HASH_FLAGS
-    md5->flags = 0;
-#endif
-
-    return ret;
-}
-
-int wc_InitMd5_ex(wc_Md5* md5, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (md5 == NULL)
-        return BAD_FUNC_ARG;
-
-    md5->heap = heap;
-
-    ret = _InitMd5(md5);
-    if (ret != 0)
-        return ret;
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_MD5)
-    ret = wolfAsync_DevCtxInit(&md5->asyncDev, WOLFSSL_ASYNC_MARKER_MD5,
-                               md5->heap, devId);
-#else
-    (void)devId;
-#endif
-    return ret;
-}
-
-/* do block size increments/updates */
-int wc_Md5Update(wc_Md5* md5, const byte* data, word32 len)
-{
-    int ret = 0;
-    word32 blocksLen;
-    byte* local;
-
-    if (md5 == NULL || (data == NULL && len > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_MD5)
-    if (md5->asyncDev.marker == WOLFSSL_ASYNC_MARKER_MD5) {
-#if defined(HAVE_INTEL_QA)
-        return IntelQaSymMd5(&md5->asyncDev, NULL, data, len);
-#endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    /* check that internal buffLen is valid */
-    if (md5->buffLen >= WC_MD5_BLOCK_SIZE)
-        return BUFFER_E;
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-    /* add length for final */
-    AddLength(md5, len);
-
-    local = (byte*)md5->buffer;
-
-    /* process any remainder from previous operation */
-    if (md5->buffLen > 0) {
-        blocksLen = min(len, WC_MD5_BLOCK_SIZE - md5->buffLen);
-        XMEMCPY(&local[md5->buffLen], data, blocksLen);
-
-        md5->buffLen += blocksLen;
-        data         += blocksLen;
-        len          -= blocksLen;
-
-        if (md5->buffLen == WC_MD5_BLOCK_SIZE) {
-        #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-            ByteReverseWords(md5->buffer, md5->buffer, WC_MD5_BLOCK_SIZE);
-        #endif
-
-            ret = XTRANSFORM(md5, (const byte*)local);
-            if (ret != 0)
-                return ret;
-
-            md5->buffLen = 0;
-        }
-    }
-
-    /* process blocks */
-#ifdef XTRANSFORM_LEN
-    /* get number of blocks */
-    /* 64-1 = 0x3F (~ Inverted = 0xFFFFFFC0) */
-    /* len (masked by 0xFFFFFFC0) returns block aligned length */
-    blocksLen = len & ~(WC_MD5_BLOCK_SIZE-1);
-    if (blocksLen > 0) {
-        /* Byte reversal performed in function if required. */
-        XTRANSFORM_LEN(md5, data, blocksLen);
-        data += blocksLen;
-        len  -= blocksLen;
-    }
-#else
-    while (len >= WC_MD5_BLOCK_SIZE) {
-        word32* local32 = md5->buffer;
-        /* optimization to avoid memcpy if data pointer is properly aligned */
-        /* Big Endian requires byte swap, so can't use data directly */
-    #if defined(WC_HASH_DATA_ALIGNMENT) && !defined(BIG_ENDIAN_ORDER)
-        if (((wc_ptr_t)data % WC_HASH_DATA_ALIGNMENT) == 0) {
-            local32 = (word32*)data;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(local32, data, WC_MD5_BLOCK_SIZE);
-        }
-
-        data += WC_MD5_BLOCK_SIZE;
-        len  -= WC_MD5_BLOCK_SIZE;
-
-    #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-        ByteReverseWords(local32, local32, WC_MD5_BLOCK_SIZE);
-    #endif
-
-        ret = XTRANSFORM(md5, (const byte*)local32);
-    }
-#endif /* XTRANSFORM_LEN */
-
-    /* save remainder */
-    if (len > 0) {
-        XMEMCPY(local, data, len);
-        md5->buffLen = len;
-    }
-
-    return ret;
-}
-
-int wc_Md5Final(wc_Md5* md5, byte* hash)
-{
-    byte* local;
-
-    if (md5 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_MD5)
-    if (md5->asyncDev.marker == WOLFSSL_ASYNC_MARKER_MD5) {
-#if defined(HAVE_INTEL_QA)
-        return IntelQaSymMd5(&md5->asyncDev, hash, NULL, WC_MD5_DIGEST_SIZE);
-#endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    local = (byte*)md5->buffer; /* buffer allocated in word32 size */
-
-    /* ensure we have a valid buffer length; (-1 to append a byte to length) */
-    if (md5->buffLen > WC_MD5_BLOCK_SIZE - 1) {
-        /* some places consider this BAD_STATE_E */
-        return BUFFER_E;
-    }
-
-    local[md5->buffLen++] = 0x80;  /* add 1 */
-
-    /* pad with zeros */
-    if (md5->buffLen > WC_MD5_PAD_SIZE) {
-        if (md5->buffLen < WC_MD5_BLOCK_SIZE) {
-            XMEMSET(&local[md5->buffLen], 0, WC_MD5_BLOCK_SIZE - md5->buffLen);
-        }
-        md5->buffLen += WC_MD5_BLOCK_SIZE - md5->buffLen;
-
-#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-        ByteReverseWords(md5->buffer, md5->buffer, WC_MD5_BLOCK_SIZE);
-#endif
-        XTRANSFORM(md5, local);
-        md5->buffLen = 0;
-    }
-    XMEMSET(&local[md5->buffLen], 0, WC_MD5_PAD_SIZE - md5->buffLen);
-
-#if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-    ByteReverseWords(md5->buffer, md5->buffer, WC_MD5_BLOCK_SIZE);
-#endif
-
-    /* put lengths in bits */
-    md5->hiLen = (md5->loLen >> (8 * sizeof(md5->loLen) - 3)) +
-                 (md5->hiLen << 3);
-    md5->loLen = md5->loLen << 3;
-
-    /* store lengths */
-    /* ! length ordering dependent on digest endian type ! */
-    XMEMCPY(&local[WC_MD5_PAD_SIZE], &md5->loLen, sizeof(word32));
-    XMEMCPY(&local[WC_MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32));
-
-    /* final transform and result to hash */
-    XTRANSFORM(md5, local);
-#ifdef BIG_ENDIAN_ORDER
-    ByteReverseWords(md5->digest, md5->digest, WC_MD5_DIGEST_SIZE);
-#endif
-    XMEMCPY(hash, md5->digest, WC_MD5_DIGEST_SIZE);
-
-    return _InitMd5(md5); /* reset state */
-}
-#endif /* !HAVE_MD5_CUST_API */
-
-
-int wc_InitMd5(wc_Md5* md5)
-{
-    if (md5 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return wc_InitMd5_ex(md5, NULL, INVALID_DEVID);
-}
-
-void wc_Md5Free(wc_Md5* md5)
-{
-    if (md5 == NULL)
-        return;
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_MD5)
-    wolfAsync_DevCtxFree(&md5->asyncDev, WOLFSSL_ASYNC_MARKER_MD5);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifdef WOLFSSL_PIC32MZ_HASH
-    wc_Md5Pic32Free(md5);
-#endif
-}
-
-int wc_Md5GetHash(wc_Md5* md5, byte* hash)
-{
-    int ret;
-    wc_Md5 tmpMd5;
-
-    if (md5 == NULL || hash == NULL)
-        return BAD_FUNC_ARG;
-
-    ret = wc_Md5Copy(md5, &tmpMd5);
-    if (ret == 0) {
-        ret = wc_Md5Final(&tmpMd5, hash);
-    }
-
-    return ret;
-}
-
-int wc_Md5Copy(wc_Md5* src, wc_Md5* dst)
-{
-    int ret = 0;
-
-    if (src == NULL || dst == NULL)
-        return BAD_FUNC_ARG;
-
-    XMEMCPY(dst, src, sizeof(wc_Md5));
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_MD5)
-    ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
-#endif
-#ifdef WOLFSSL_PIC32MZ_HASH
-    ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
-#endif
-#ifdef WOLFSSL_HASH_FLAGS
-    dst->flags |= WC_HASH_FLAG_ISCOPY;
-#endif
-
-    return ret;
-}
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
-/* Apply MD5 transformation to the data                   */
-/* @param md5  a pointer to wc_MD5 structure              */
-/* @param data data to be applied MD5 transformation      */
-/* @return 0 on successful, otherwise non-zero on failure */
-int wc_Md5Transform(wc_Md5* md5, const byte* data)
-{
-    /* sanity check */
-    if (md5 == NULL || data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-#ifndef HAVE_MD5_CUST_API
-    return Transform(md5, data);
-#else
-    return NOT_COMPILED_IN;
-#endif
-}
-#endif /* OPENSSL_EXTRA */
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_Md5SetFlags(wc_Md5* md5, word32 flags)
-{
-    if (md5) {
-        md5->flags = flags;
-    }
-    return 0;
-}
-int wc_Md5GetFlags(wc_Md5* md5, word32* flags)
-{
-    if (md5 && flags) {
-        *flags = md5->flags;
-    }
-    return 0;
-}
-#endif
-
-#endif /* WOLFSSL_TI_HASH */
-#endif /* NO_MD5 */
diff --git a/src/ssl/wolfssl/wolfcrypt/pkcs12.c b/src/ssl/wolfssl/wolfcrypt/pkcs12.c
deleted file mode 100644
index de368ac5a..000000000
--- a/src/ssl/wolfssl/wolfcrypt/pkcs12.c
+++ /dev/null
@@ -1,2851 +0,0 @@
-/* pkcs12.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* PKCS#12 allows storage of key and certificates into containers */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(HAVE_PKCS12) && \
-    !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \
-    !defined(NO_CERTS)
-
-#include <wolfssl/wolfcrypt/asn.h>
-#include <wolfssl/wolfcrypt/asn_public.h>
-#include <wolfssl/wolfcrypt/hmac.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-#include <wolfssl/wolfcrypt/pkcs12.h>
-#include <wolfssl/wolfcrypt/pwdbased.h>
-#include <wolfssl/wolfcrypt/hash.h>
-
-
-#define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
-
-enum {
-    WC_PKCS12_DATA_OBJ_SZ = 11,
-    WC_PKCS12_MAC_SALT_SZ = 8
-};
-
-static const byte WC_PKCS12_ENCRYPTED_OID[] =
-                         {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06};
-static const byte WC_PKCS12_DATA_OID[] =
-                         {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01};
-static const byte WC_PKCS12_CertBag_Type1_OID[] =
-                   {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x16, 0x01};
-static const byte WC_PKCS12_CertBag_OID[] =
-             {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0c, 0x0a, 0x01, 0x03};
-static const byte WC_PKCS12_KeyBag_OID[] =
-             {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0c, 0x0a, 0x01, 0x01};
-static const byte WC_PKCS12_ShroudedKeyBag_OID[] =
-             {0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0c, 0x0a, 0x01, 0x02};
-
-
-typedef struct ContentInfo {
-    byte* data;
-    struct ContentInfo* next;
-    word32 encC;  /* encryptedContent */
-    word32 dataSz;
-    int type; /* DATA / encrypted / enveloped */
-} ContentInfo;
-
-
-typedef struct AuthenticatedSafe {
-    ContentInfo* CI;
-    byte* data; /* T contents.... */
-    word32 oid; /* encrypted or not */
-    word32 numCI; /* number of Content Info structs */
-    word32 dataSz;
-} AuthenticatedSafe;
-
-
-typedef struct MacData {
-    byte* digest;
-    byte* salt;
-    word32 oid;
-    word32 digestSz;
-    word32 saltSz;
-    int itt; /* number of iterations when creating HMAC key */
-} MacData;
-
-
-struct WC_PKCS12 {
-    void* heap;
-    AuthenticatedSafe* safe;
-    MacData* signData;
-    word32 oid; /* DATA / Enveloped DATA ... */
-    byte   indefinite;
-#ifdef ASN_BER_TO_DER
-    byte*  safeDer; /* der encoded version of message */
-    byte*  der; /* der encoded version of message */
-    word32 safeDersz;
-    word32 derSz;
-#endif
-};
-
-
-/* for friendlyName, localKeyId .... */
-typedef struct WC_PKCS12_ATTRIBUTE {
-    byte* data;
-    word32 oid;
-    word32 dataSz;
-} WC_PKCS12_ATTRIBUTE;
-
-
-WC_PKCS12* wc_PKCS12_new(void)
-{
-    return wc_PKCS12_new_ex(NULL);
-}
-
-
-WC_PKCS12* wc_PKCS12_new_ex(void* heap)
-{
-    WC_PKCS12* pkcs12 = (WC_PKCS12*)XMALLOC(sizeof(WC_PKCS12),
-                                                      heap, DYNAMIC_TYPE_PKCS);
-    if (pkcs12 == NULL) {
-        WOLFSSL_MSG("Memory issue when creating WC_PKCS12 struct");
-        return NULL;
-    }
-
-    XMEMSET(pkcs12, 0, sizeof(WC_PKCS12));
-    pkcs12->heap = heap;
-
-    return pkcs12;
-}
-
-
-static void freeSafe(AuthenticatedSafe* safe, void* heap)
-{
-    int i;
-
-    if (safe == NULL) {
-        return;
-    }
-
-    /* free content info structs */
-    for (i = (int)safe->numCI; i > 0; i--) {
-        ContentInfo* ci = safe->CI;
-        safe->CI = ci->next;
-        XFREE(ci, heap, DYNAMIC_TYPE_PKCS);
-    }
-    XFREE(safe->data, heap, DYNAMIC_TYPE_PKCS);
-    XFREE(safe, heap, DYNAMIC_TYPE_PKCS);
-
-    (void)heap;
-}
-
-
-void wc_PKCS12_free(WC_PKCS12* pkcs12)
-{
-    void* heap;
-
-    /* if null pointer is passed in do nothing */
-    if (pkcs12 == NULL) {
-        WOLFSSL_MSG("Trying to free null WC_PKCS12 object");
-        return;
-    }
-
-    heap = pkcs12->heap;
-    if (pkcs12->safe != NULL) {
-        freeSafe(pkcs12->safe, heap);
-    }
-
-    /* free mac data */
-    if (pkcs12->signData != NULL) {
-        XFREE(pkcs12->signData->digest, heap, DYNAMIC_TYPE_DIGEST);
-        XFREE(pkcs12->signData->salt, heap, DYNAMIC_TYPE_SALT);
-        XFREE(pkcs12->signData, heap, DYNAMIC_TYPE_PKCS);
-    }
-
-#ifdef ASN_BER_TO_DER
-    XFREE(pkcs12->der, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-    XFREE(pkcs12->safeDer, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-#endif
-
-    XFREE(pkcs12, heap, DYNAMIC_TYPE_PKCS);
-}
-
-
-/* return 0 on success */
-static int GetSafeContent(WC_PKCS12* pkcs12, const byte* input,
-                          word32* idx, word32 maxIdx)
-{
-    AuthenticatedSafe* safe;
-    word32 oid;
-    word32 localIdx = *idx;
-    int ret;
-    int size = 0;
-    byte tag;
-
-    safe = (AuthenticatedSafe*)XMALLOC(sizeof(AuthenticatedSafe), pkcs12->heap,
-                                       DYNAMIC_TYPE_PKCS);
-    if (safe == NULL) {
-        return MEMORY_E;
-    }
-    XMEMSET(safe, 0, sizeof(AuthenticatedSafe));
-
-    ret = GetObjectId(input, &localIdx, &oid, oidIgnoreType, maxIdx);
-    if (ret < 0) {
-        WOLFSSL_LEAVE("Get object id failed", ret);
-        freeSafe(safe, pkcs12->heap);
-        return ASN_PARSE_E;
-    }
-
-    safe->oid = oid;
-    /* check tag, length */
-    if (GetASNTag(input, &localIdx, &tag, maxIdx) < 0) {
-        freeSafe(safe, pkcs12->heap);
-        return ASN_PARSE_E;
-    }
-
-    if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-        WOLFSSL_MSG("Unexpected tag in PKCS12 DER");
-        freeSafe(safe, pkcs12->heap);
-        return ASN_PARSE_E;
-    }
-    if (GetLength(input, &localIdx, &size, maxIdx) <= 0) {
-        freeSafe(safe, pkcs12->heap);
-        return ASN_PARSE_E;
-    }
-
-    switch (oid) {
-        case WC_PKCS12_ENCRYPTED_DATA:
-            WOLFSSL_MSG("Found PKCS12 OBJECT: ENCRYPTED DATA");
-            break;
-
-        case WC_PKCS12_DATA:
-            WOLFSSL_MSG("Found PKCS12 OBJECT: DATA");
-            /* get octets holding contents */
-            if (GetASNTag(input, &localIdx, &tag, maxIdx) < 0) {
-                freeSafe(safe, pkcs12->heap);
-                return ASN_PARSE_E;
-            }
-
-            if (tag != ASN_OCTET_STRING) {
-                WOLFSSL_MSG("Wrong tag with content PKCS12 type DATA");
-                freeSafe(safe, pkcs12->heap);
-                return ASN_PARSE_E;
-            }
-            if (GetLength(input, &localIdx, &size, maxIdx) <= 0) {
-                freeSafe(safe, pkcs12->heap);
-                return ASN_PARSE_E;
-            }
-
-            break;
-    }
-
-    safe->dataSz = (word32)size;
-    safe->data = (byte*)XMALLOC((size_t)size, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-    if (safe->data == NULL) {
-        freeSafe(safe, pkcs12->heap);
-        return MEMORY_E;
-    }
-    XMEMCPY(safe->data, input + localIdx, (size_t)size);
-    *idx = localIdx;
-
-    localIdx = 0;
-    input = safe->data;
-    size = (int)safe->dataSz;
-
-#ifdef ASN_BER_TO_DER
-     if (pkcs12->indefinite) {
-        if (wc_BerToDer(input, safe->dataSz, NULL,
-                        &pkcs12->safeDersz) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-            WOLFSSL_MSG("Not BER sequence");
-            freeSafe(safe, pkcs12->heap);
-            return ASN_PARSE_E;
-        }
-
-        pkcs12->safeDer = (byte*)XMALLOC(pkcs12->safeDersz, pkcs12->heap,
-                DYNAMIC_TYPE_PKCS);
-        if (pkcs12->safeDer == NULL) {
-            freeSafe(safe, pkcs12->heap);
-            return MEMORY_E;
-        }
-
-        ret = wc_BerToDer(input, safe->dataSz, pkcs12->safeDer, &pkcs12->safeDersz);
-        if (ret < 0) {
-            freeSafe(safe, pkcs12->heap);
-            return ret;
-        }
-
-        input = pkcs12->safeDer;
-     }
-#endif /* ASN_BER_TO_DER */
-
-    /* an instance of AuthenticatedSafe is created from
-     * ContentInfo's strung together in a SEQUENCE. Here we iterate
-     * through the ContentInfo's and add them to our
-     * AuthenticatedSafe struct */
-    {
-        int CISz;
-        ret = GetSequence(input, &localIdx, &CISz, (word32)size);
-        if (ret < 0) {
-            freeSafe(safe, pkcs12->heap);
-            return ASN_PARSE_E;
-        }
-        CISz += (int)localIdx;
-        while (localIdx < (word32)CISz) {
-            int curSz = 0;
-            word32 curIdx;
-            ContentInfo* ci = NULL;
-
-        #ifdef WOLFSSL_DEBUG_PKCS12
-            printf("\t\tlooking for Content Info.... ");
-        #endif
-
-            if ((ret = GetSequence(input, &localIdx, &curSz, (word32)size)) < 0) {
-                freeSafe(safe, pkcs12->heap);
-                return ret;
-            }
-
-            if (curSz > CISz) {
-                /* subset should not be larger than universe */
-                freeSafe(safe, pkcs12->heap);
-                return ASN_PARSE_E;
-            }
-
-            curIdx = localIdx;
-            if ((ret = GetObjectId(input, &localIdx, &oid, oidIgnoreType,
-                                                           (word32)size)) < 0) {
-                WOLFSSL_LEAVE("Get object id failed", ret);
-                freeSafe(safe, pkcs12->heap);
-                return ret;
-            }
-
-            /* create new content info struct ... possible OID sanity check? */
-            ci = (ContentInfo*)XMALLOC(sizeof(ContentInfo), pkcs12->heap,
-                                       DYNAMIC_TYPE_PKCS);
-            if (ci == NULL) {
-                freeSafe(safe, pkcs12->heap);
-                return MEMORY_E;
-            }
-
-            ci->type   = (int)oid;
-            ci->dataSz = (word32)curSz - (localIdx-curIdx);
-            ci->data   = (byte*)input + localIdx;
-            localIdx  += ci->dataSz;
-
-        #ifdef WOLFSSL_DEBUG_PKCS12
-            switch (oid) {
-                case WC_PKCS12_ENCRYPTED_DATA:
-                    printf("CONTENT INFO: ENCRYPTED DATA, size = %d\n", ci->dataSz);
-                    break;
-
-                case WC_PKCS12_DATA:
-                    printf("CONTENT INFO: DATA, size = %d\n", ci->dataSz);
-                    break;
-                default:
-                    printf("CONTENT INFO: UNKNOWN, size = %d\n", ci->dataSz);
-            }
-        #endif
-
-            /* insert to head of list */
-            ci->next = safe->CI;
-            safe->CI = ci;
-            safe->numCI += 1;
-        }
-    }
-
-    pkcs12->safe = safe;
-    *idx += localIdx;
-
-    return ret;
-}
-
-
-/* parse optional mac data
- * return 0 on success */
-static int GetSignData(WC_PKCS12* pkcs12, const byte* mem, word32* idx,
-                       word32 totalSz)
-{
-    MacData* mac;
-    word32 curIdx = *idx;
-    word32 oid = 0;
-    int size, ret;
-    byte tag;
-
-    /* Digest Info : Sequence
-     *      DigestAlgorithmIdentifier
-     *      Digest
-     */
-    if (GetSequence(mem, &curIdx, &size, totalSz) <= 0) {
-        WOLFSSL_MSG("Failed to get PKCS12 sequence");
-        return ASN_PARSE_E;
-    }
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("\t\tSEQUENCE: DigestInfo size = %d\n", size);
-#endif
-
-    mac = (MacData*)XMALLOC(sizeof(MacData), pkcs12->heap, DYNAMIC_TYPE_PKCS);
-    if (mac == NULL) {
-        return MEMORY_E;
-    }
-    XMEMSET(mac, 0, sizeof(MacData));
-
-    /* DigestAlgorithmIdentifier */
-    if ((ret = GetAlgoId(mem, &curIdx, &oid, oidIgnoreType, totalSz)) < 0) {
-        WOLFSSL_MSG("Failed to get PKCS12 sequence");
-        XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        return ret;
-    }
-    mac->oid = oid;
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("\t\tALGO ID = %d\n", oid);
-#endif
-
-    /* Digest: should be octet type holding digest */
-    if (GetASNTag(mem, &curIdx, &tag, totalSz) < 0) {
-        XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        return ASN_PARSE_E;
-    }
-
-    if (tag != ASN_OCTET_STRING) {
-        WOLFSSL_MSG("Failed to get digest");
-        XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        return ASN_PARSE_E;
-    }
-
-    if (GetLength(mem, &curIdx, &size, totalSz) <= 0) {
-        XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        return ASN_PARSE_E;
-    }
-    mac->digestSz = (word32)size;
-    mac->digest = (byte*)XMALLOC(mac->digestSz, pkcs12->heap,
-                                 DYNAMIC_TYPE_DIGEST);
-    if (mac->digest == NULL || mac->digestSz + curIdx > totalSz) {
-        ERROR_OUT(MEMORY_E, exit_gsd);
-    }
-    XMEMCPY(mac->digest, mem + curIdx, mac->digestSz);
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    {
-        byte* p;
-        for (printf("\t\tDigest = "), p = (byte*)mem+curIdx;
-             p < (byte*)mem + curIdx + mac->digestSz;
-             printf("%02X", *p), p++);
-        printf(" : size = %d\n", mac->digestSz);
-    }
-#endif
-
-    curIdx += mac->digestSz;
-
-    /* get salt, should be octet string */
-    if (GetASNTag(mem, &curIdx, &tag, totalSz) < 0) {
-        ERROR_OUT(ASN_PARSE_E, exit_gsd);
-    }
-
-    if (tag != ASN_OCTET_STRING) {
-        WOLFSSL_MSG("Failed to get salt");
-        ERROR_OUT(ASN_PARSE_E, exit_gsd);
-    }
-
-    if ((ret = GetLength(mem, &curIdx, &size, totalSz)) < 0) {
-        goto exit_gsd;
-    }
-    mac->saltSz = (word32)size;
-    mac->salt = (byte*)XMALLOC(mac->saltSz, pkcs12->heap, DYNAMIC_TYPE_SALT);
-    if (mac->salt == NULL || mac->saltSz + curIdx > totalSz) {
-        ERROR_OUT(MEMORY_E, exit_gsd);
-    }
-    XMEMCPY(mac->salt, mem + curIdx, mac->saltSz);
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    {
-        byte* p;
-        for (printf("\t\tSalt = "), p = (byte*)mem + curIdx;
-             p < (byte*)mem + curIdx + mac->saltSz;
-             printf("%02X", *p), p++);
-        printf(" : size = %d\n", mac->saltSz);
-    }
-#endif
-
-    curIdx += mac->saltSz;
-
-    /* check for MAC iterations, default to 1 */
-    mac->itt = WC_PKCS12_MAC_DEFAULT;
-    if (curIdx < totalSz) {
-        int number = 0;
-        if (GetShortInt(mem, &curIdx, &number, totalSz) >= 0) {
-            /* found a iteration value */
-            mac->itt = number;
-        }
-    }
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("\t\tITERATIONS : %d\n", mac->itt);
-#endif
-
-    *idx = curIdx;
-    pkcs12->signData = mac;
-    ret = 0; /* success */
-
-exit_gsd:
-
-    /* failure cleanup */
-    if (ret != 0) {
-        if (mac) {
-            XFREE(mac->digest, pkcs12->heap, DYNAMIC_TYPE_DIGEST);
-            XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        }
-    }
-
-    return ret;
-}
-
-
-/* expects PKCS12 signData to be set up with OID
- *
- * returns the size of mac created on success. A negative value will be returned
- *         in the case that an error happened.
- */
-static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
-                         const byte* psw, word32 pswSz, byte* out, word32 outSz)
-{
-    Hmac     hmac;
-    MacData* mac;
-    int ret, kLen;
-    enum wc_HashType hashT;
-    int idx = 0;
-    int id  = 3; /* value from RFC 7292 indicating key is used for MAC */
-    word32 i;
-    byte unicodePasswd[MAX_UNICODE_SZ];
-    byte key[PKCS_MAX_KEY_SIZE];
-
-    if (pkcs12 == NULL || pkcs12->signData == NULL || data == NULL ||
-            out == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    mac = pkcs12->signData;
-
-    /* unicode set up from asn.c */
-    if ((pswSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
-        WOLFSSL_MSG("PKCS12 max unicode size too small");
-        return UNICODE_SIZE_E;
-    }
-
-    for (i = 0; i < pswSz; i++) {
-        unicodePasswd[idx++] = 0x00;
-        unicodePasswd[idx++] = (byte)psw[i];
-    }
-    /* add trailing NULL */
-    unicodePasswd[idx++] = 0x00;
-    unicodePasswd[idx++] = 0x00;
-
-    /* get hash type used and resulting size of HMAC key */
-    hashT = wc_OidGetHash((int)mac->oid);
-    if (hashT == WC_HASH_TYPE_NONE) {
-        ForceZero(unicodePasswd, MAX_UNICODE_SZ);
-        WOLFSSL_MSG("Unsupported hash used");
-        return BAD_FUNC_ARG;
-    }
-    kLen = wc_HashGetDigestSize(hashT);
-
-    /* check out buffer is large enough */
-    if (kLen < 0 || outSz < (word32)kLen) {
-        ForceZero(unicodePasswd, MAX_UNICODE_SZ);
-        return BAD_FUNC_ARG;
-    }
-
-    /* idx contains size of unicodePasswd */
-    ret = wc_PKCS12_PBKDF_ex(key, unicodePasswd, idx, mac->salt, (int)mac->saltSz,
-                                  mac->itt, kLen, (int)hashT, id, pkcs12->heap);
-    ForceZero(unicodePasswd, MAX_UNICODE_SZ);
-    if (ret < 0) {
-        return ret;
-    }
-
-    /* now that key has been created use it to get HMAC hash on data */
-    if ((ret = wc_HmacInit(&hmac, pkcs12->heap, INVALID_DEVID)) != 0) {
-        return ret;
-    }
-    ret = wc_HmacSetKey(&hmac, (int)hashT, key, (word32)kLen);
-    if (ret == 0)
-        ret = wc_HmacUpdate(&hmac, data, dataSz);
-    if (ret == 0)
-        ret = wc_HmacFinal(&hmac, out);
-    wc_HmacFree(&hmac);
-
-    if (ret != 0)
-        return ret;
-
-    return kLen; /* same as digest size */
-}
-
-/* check mac on pkcs12, pkcs12->mac has been sanity checked before entering *
- * returns the result of comparison, success is 0 */
-static int wc_PKCS12_verify(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
-                            const byte* psw, word32 pswSz)
-{
-    MacData* mac;
-    int ret;
-    byte digest[WC_MAX_DIGEST_SIZE];
-
-    if (pkcs12 == NULL || pkcs12->signData == NULL || data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    mac = pkcs12->signData;
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("Verifying MAC with OID = %d\n", mac->oid);
-#endif
-
-    /* check if this builds digest size is too small */
-    if (mac->digestSz > WC_MAX_DIGEST_SIZE) {
-        WOLFSSL_MSG("PKCS12 max digest size too small");
-        return BAD_FUNC_ARG;
-    }
-
-    if ((ret = wc_PKCS12_create_mac(pkcs12, data, dataSz, psw, pswSz,
-            digest, WC_MAX_DIGEST_SIZE)) < 0) {
-        return ret;
-    }
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    {
-        byte* p;
-        for (printf("\t\tHash = "), p = (byte*)digest;
-             p < (byte*)digest + mac->digestSz;
-             printf("%02X", *p), p++);
-        printf(" : size = %d\n", mac->digestSz);
-    }
-#endif
-
-    return XMEMCMP(digest, mac->digest, mac->digestSz);
-}
-
-int wc_PKCS12_verify_ex(WC_PKCS12* pkcs12, const byte* psw, word32 pswSz)
-{
-    if (pkcs12 == NULL || pkcs12->safe == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return wc_PKCS12_verify(pkcs12, pkcs12->safe->data, pkcs12->safe->dataSz,
-            psw, pswSz);
-}
-
-
-/* Convert DER format stored in der buffer to WC_PKCS12 struct
- * Puts the raw contents of Content Info into structure without completely
- * parsing or decoding.
- * der    : pointer to der buffer holding PKCS12
- * derSz  : size of der buffer
- * pkcs12 : non-null pkcs12 pointer
- * return 0 on success and negative on failure.
- */
-int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12)
-{
-    word32 idx  = 0;
-    word32 totalSz = 0;
-    int ret;
-    int size    = 0;
-    int version = 0;
-
-    WOLFSSL_ENTER("wolfSSL_d2i_PKCS12");
-
-    if (der == NULL || pkcs12 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    totalSz = derSz;
-    if (GetSequence(der, &idx, &size, totalSz) < 0) {
-        WOLFSSL_MSG("Failed to get PKCS12 sequence");
-        return ASN_PARSE_E;
-    }
-
-    /* get version */
-    if ((ret = GetMyVersion(der, &idx, &version, totalSz)) < 0) {
-        return ret;
-    }
-
-    #ifdef ASN_BER_TO_DER
-     if (size == 0) {
-         if (wc_BerToDer(der, totalSz, NULL,
-                         (word32*)&size) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-             WOLFSSL_MSG("Not BER sequence");
-             return ASN_PARSE_E;
-         }
-
-         pkcs12->der = (byte*)XMALLOC((size_t)size, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-         if (pkcs12->der == NULL)
-             return MEMORY_E;
-         ret = wc_BerToDer(der, derSz, pkcs12->der, (word32*)&size);
-         if (ret < 0) {
-             return ret;
-         }
-
-         der  = pkcs12->der;
-         pkcs12->derSz = (word32)size;
-         totalSz = (word32)size;
-         idx = 0;
-
-         if (GetSequence(der, &idx, &size, totalSz) < 0) {
-             WOLFSSL_MSG("Failed to get PKCS12 sequence");
-             return ASN_PARSE_E;
-         }
-
-         /* get version */
-         if ((ret = GetMyVersion(der, &idx, &version, totalSz)) < 0) {
-             return ret;
-         }
-
-         pkcs12->indefinite = 1;
-
-     }
-     else
-#endif /* ASN_BER_TO_DER */
-    {
-        pkcs12->indefinite = 0;
-    }
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("\nBEGIN: PKCS12 size = %d\n", totalSz);
-    printf("version = %d\n", version);
-#endif
-
-    if (version != WC_PKCS12_VERSION_DEFAULT) {
-        WOLFSSL_MSG("PKCS12 unsupported version!");
-        WOLFSSL_ERROR_VERBOSE(ASN_VERSION_E);
-        return ASN_VERSION_E;
-    }
-
-    if ((ret = GetSequence(der, &idx, &size, totalSz)) < 0) {
-        return ret;
-    }
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("\tSEQUENCE: AuthenticatedSafe size = %d\n", size);
-#endif
-
-    if ((ret = GetSafeContent(pkcs12, der, &idx, (word32)size + idx)) < 0) {
-        WOLFSSL_MSG("GetSafeContent error");
-        return ret;
-    }
-
-#ifdef ASN_BER_TO_DER
-    /* If indef, skip EOF */
-    if (pkcs12->indefinite) {
-        while((idx < totalSz) && (der[idx] == ASN_EOC)) {
-            idx+=1;
-        }
-    }
-#endif
-
-    /* if more buffer left check for MAC data */
-    if (idx < totalSz) {
-        if ((ret = GetSequence(der, &idx, &size, totalSz)) < 0) {
-            WOLFSSL_MSG("Ignoring unknown data at end of PKCS12 DER buffer");
-        }
-        else {
-        #ifdef WOLFSSL_DEBUG_PKCS12
-            printf("\tSEQUENCE: Signature size = %d\n", size);
-        #endif
-
-            if ((ret = GetSignData(pkcs12, der, &idx, totalSz)) < 0) {
-                return ASN_PARSE_E;
-            }
-        }
-    }
-
-#ifdef WOLFSSL_DEBUG_PKCS12
-    printf("END: PKCS12\n");
-#endif
-
-    return ret;
-}
-
-#ifndef NO_FILESYSTEM
-/* Parse the DER-encoded PKCS #12 object in the provided file. Populate the
- * WC_PKCS12 object pointed to by the passed in pointer, allocating the object
- * if necessary.
- *
- * file  : path to PKCS #12 file.
- * pkcs12: pointer to a pointer to a WC_PKCS12 object to populate. If *pkcs12 is
- *         NULL, this function will allocate a new WC_PKCS12.
- * return 0 on success and negative on failure.
- */
-int wc_d2i_PKCS12_fp(const char* file, WC_PKCS12** pkcs12)
-{
-    int ret = 0;
-    byte* buf = NULL;
-    size_t bufSz = 0;
-    WC_PKCS12* tmpPkcs12 = NULL;
-    int callerAlloc = 1;
-
-    WOLFSSL_ENTER("wc_d2i_PKCS12_fp");
-
-    if (pkcs12 == NULL) {
-        WOLFSSL_MSG("pkcs12 parameter NULL.");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0)
-        ret = wc_FileLoad(file, &buf, &bufSz, NULL);
-
-    if (ret == 0) {
-        if (*pkcs12 == NULL) {
-            tmpPkcs12 = wc_PKCS12_new();
-            if (tmpPkcs12 == NULL) {
-                WOLFSSL_MSG("Failed to allocate PKCS12 object.");
-                ret = MEMORY_E;
-            }
-            else {
-                *pkcs12 = tmpPkcs12;
-                callerAlloc = 0;
-            }
-        }
-    }
-    if (ret == 0) {
-        ret = wc_d2i_PKCS12(buf, (word32)bufSz, *pkcs12);
-        if (ret != 0) {
-            WOLFSSL_MSG("wc_d2i_PKCS12 failed.");
-        }
-    }
-
-    if (ret != 0 && callerAlloc == 0 && *pkcs12 != NULL) {
-        wc_PKCS12_free(*pkcs12);
-        *pkcs12 = NULL;
-    }
-    XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    WOLFSSL_LEAVE("wc_d2i_PKCS12_fp", ret);
-
-    return ret;
-}
-#endif /* NO_FILESYSTEM */
-
-/* Convert WC_PKCS12 struct to allocated DER buffer.
- * pkcs12 : non-null pkcs12 pointer
- * der    : pointer-pointer to der buffer. If NULL space will be
- *          allocated for der, which must be freed by application.
- * derSz  : size of buffer passed in when der is not NULL. NULL arg disables
- *          sanity checks on buffer read/writes. Max size gets set to derSz when
- *          the "der" buffer passed in is NULL and LENGTH_ONLY_E is returned.
- * return size of DER on success and negative on failure.
- */
-int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
-{
-    int ret = 0;
-    word32 seqSz = 0, verSz = 0, totalSz = 0, idx = 0, sdBufSz = 0;
-    byte *buf = NULL;
-    byte ver[MAX_VERSION_SZ];
-    byte seq[MAX_SEQ_SZ];
-    byte *sdBuf = NULL;
-
-    if ((pkcs12 == NULL) || (pkcs12->safe == NULL) ||
-            (der == NULL && derSz == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Create the MAC portion */
-    if (pkcs12->signData != NULL) {
-        MacData *mac = (MacData*)pkcs12->signData;
-        word32 innerSz = 0;
-        word32 outerSz = 0;
-
-        /* get exact size */
-        {
-            byte ASNLENGTH[MAX_LENGTH_SZ];
-            byte ASNSHORT[MAX_SHORT_SZ];
-            byte ASNALGO[MAX_ALGO_SZ];
-            word32 tmpIdx = 0;
-
-            /* algo id */
-            innerSz += SetAlgoID((int)mac->oid, ASNALGO, oidHashType, 0);
-
-            /* Octet string holding digest */
-            innerSz += ASN_TAG_SZ;
-            innerSz += SetLength(mac->digestSz, ASNLENGTH);
-            innerSz += mac->digestSz;
-
-            /* salt */
-            outerSz += ASN_TAG_SZ;
-            outerSz += SetLength(mac->saltSz, ASNLENGTH);
-            outerSz += mac->saltSz;
-
-            /* MAC iterations */
-            ret = SetShortInt(ASNSHORT, &tmpIdx, (word32)mac->itt, MAX_SHORT_SZ);
-            if (ret >= 0) {
-                outerSz += (word32)ret;
-                ret = 0;
-            }
-            else {
-                return ret;
-            }
-
-            /* sequence of inner data */
-            outerSz += SetSequence(innerSz, seq);
-            outerSz += innerSz;
-        }
-        sdBufSz = outerSz + SetSequence(outerSz, seq);
-        sdBuf = (byte*)XMALLOC(sdBufSz, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        if (sdBuf == NULL) {
-            ret = MEMORY_E;
-        }
-
-        if (ret == 0) {
-            idx += SetSequence(outerSz, sdBuf);
-            idx += SetSequence(innerSz, &sdBuf[idx]);
-
-            /* Set Algorithm Identifier */
-            {
-                word32 algoIdSz;
-
-                algoIdSz = SetAlgoID((int)mac->oid, &sdBuf[idx], oidHashType, 0);
-                if (algoIdSz == 0) {
-                    ret = ALGO_ID_E;
-                }
-                else {
-                    idx += algoIdSz;
-                }
-            }
-        }
-
-        if (ret == 0) {
-
-
-            /* Octet string holding digest */
-            idx += SetOctetString(mac->digestSz, &sdBuf[idx]);
-            XMEMCPY(&sdBuf[idx], mac->digest, mac->digestSz);
-            idx += mac->digestSz;
-
-            /* Set salt */
-            idx += SetOctetString(mac->saltSz, &sdBuf[idx]);
-            XMEMCPY(&sdBuf[idx], mac->salt, mac->saltSz);
-            idx += mac->saltSz;
-
-            /* MAC iterations */
-            {
-                int tmpSz;
-                word32 tmpIdx = 0;
-                byte ar[MAX_SHORT_SZ];
-                tmpSz = SetShortInt(ar, &tmpIdx, (word32)mac->itt, MAX_SHORT_SZ);
-                if (tmpSz < 0) {
-                    ret = tmpSz;
-                }
-                else {
-                    XMEMCPY(&sdBuf[idx], ar, (size_t)tmpSz);
-                }
-            }
-            totalSz += sdBufSz;
-        }
-    }
-
-    /* Calculate size of der */
-    if (ret == 0) {
-        totalSz += pkcs12->safe->dataSz;
-
-        totalSz += 4; /* Octet string */
-
-        totalSz += 4; /* Element */
-
-        totalSz += 2U + (word32)sizeof(WC_PKCS12_DATA_OID);
-
-        totalSz += 4; /* Seq */
-
-        ret = SetMyVersion(WC_PKCS12_VERSION_DEFAULT, ver, FALSE);
-        if (ret > 0) {
-            verSz = (word32)ret;
-            ret   = 0; /* value larger than 0 is success */
-            totalSz += verSz;
-
-            seqSz = SetSequence(totalSz, seq);
-            totalSz += seqSz;
-
-            /* check if getting length only */
-            if (der == NULL) {
-                /* repeat nullness check locally to mollify -Wnull-dereference. */
-                if (derSz != NULL)
-                    *derSz = (int)totalSz;
-                XFREE(sdBuf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-                return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-            }
-
-            if (*der == NULL) {
-                /* Allocate if requested */
-                buf = (byte*)XMALLOC(totalSz, NULL, DYNAMIC_TYPE_PKCS);
-            }
-            else {
-                buf = *der;
-
-                /* sanity check on buffer size if passed in */
-                if (derSz != NULL) {
-                    if (*derSz < (int)totalSz) {
-                        WOLFSSL_MSG("Buffer passed in is too small");
-                        ret = BUFFER_E;
-                    }
-                }
-            }
-        }
-    }
-
-    if (buf == NULL) {
-        ret = MEMORY_E;
-    }
-
-    if (ret == 0) {
-        idx = 0;
-
-        /* Copy parts to buf */
-        XMEMCPY(&buf[idx], seq, seqSz);
-        idx += seqSz;
-
-        XMEMCPY(&buf[idx], ver, verSz);
-        idx += verSz;
-
-        seqSz = SetSequence(totalSz - sdBufSz - idx - 4, seq);
-        XMEMCPY(&buf[idx], seq, seqSz);
-        idx += seqSz;
-
-        /* OID */
-        idx += (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), &buf[idx]);
-        XMEMCPY(&buf[idx], WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID));
-        idx += (word32)sizeof(WC_PKCS12_DATA_OID);
-
-        /* Element */
-        buf[idx++] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC;
-        idx += SetLength(totalSz - sdBufSz - idx - 3, &buf[idx]);
-
-        /* Octet string */
-        idx += SetOctetString(totalSz - sdBufSz - idx - 4, &buf[idx]);
-
-        XMEMCPY(&buf[idx], pkcs12->safe->data, pkcs12->safe->dataSz);
-        idx += pkcs12->safe->dataSz;
-
-        if (pkcs12->signData != NULL) {
-            XMEMCPY(&buf[idx], sdBuf, sdBufSz);
-        }
-
-        if (*der == NULL) {
-            /* Point to start of data allocated for DER */
-            *der = buf;
-        }
-        else {
-            /* Increment pointer to byte past DER */
-            *der = &buf[totalSz];
-        }
-
-        /* Return size of der */
-        ret = (int)totalSz;
-    }
-
-    XFREE(sdBuf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-    /* Allocation of buf was the last time ret could be a failure,
-     * so no need to free here */
-
-    return ret;
-}
-
-
-/* helper function to free WC_DerCertList */
-void wc_FreeCertList(WC_DerCertList* list, void* heap)
-{
-    WC_DerCertList* current = list;
-    WC_DerCertList* next;
-
-    if (list == NULL) {
-        return;
-    }
-
-    while (current != NULL) {
-        next = current->next;
-        XFREE(current->buffer, heap, DYNAMIC_TYPE_PKCS);
-        XFREE(current, heap, DYNAMIC_TYPE_PKCS);
-        current = next;
-    }
-
-    (void)heap;
-}
-
-static WARN_UNUSED_RESULT int freeDecCertList(WC_DerCertList** list,
-    byte** pkey, word32* pkeySz, byte** cert, word32* certSz, void* heap)
-{
-    WC_DerCertList* current  = *list;
-    WC_DerCertList* previous = NULL;
-#ifdef WOLFSSL_SMALL_STACK
-    DecodedCert *DeCert = (DecodedCert *)XMALLOC(
-        sizeof(*DeCert), heap, DYNAMIC_TYPE_PKCS);
-    if (DeCert == NULL)
-        return MEMORY_E;
-#else
-    DecodedCert DeCert[1];
-#endif
-
-    while (current != NULL) {
-
-        InitDecodedCert(DeCert, current->buffer, current->bufferSz, heap);
-        if (ParseCertRelative(DeCert, CERT_TYPE, NO_VERIFY, NULL, NULL) == 0) {
-            if (wc_CheckPrivateKeyCert(*pkey, *pkeySz, DeCert, 0, heap) == 1) {
-                WOLFSSL_MSG("Key Pair found");
-                *cert = current->buffer;
-                *certSz = current->bufferSz;
-
-                if (previous == NULL) {
-                    *list = current->next;
-                }
-                else {
-                    previous->next = current->next;
-                }
-                FreeDecodedCert(DeCert);
-                XFREE(current, heap, DYNAMIC_TYPE_PKCS);
-                break;
-            }
-        }
-        FreeDecodedCert(DeCert);
-
-        previous = current;
-        current  = current->next;
-    }
-
-    WC_FREE_VAR_EX(DeCert, heap, DYNAMIC_TYPE_PKCS);
-
-    return 0;
-}
-
-#ifdef ASN_BER_TO_DER
-/* append data to encrypted content cache in PKCS12 structure
- * return buffer on success, NULL on error */
-static byte* PKCS12_ConcatenateContent(WC_PKCS12* pkcs12,byte* mergedData,
-        word32* mergedSz, byte* in, word32 inSz)
-{
-    byte* oldContent;
-    word32 oldContentSz;
-
-    (void)pkcs12;
-
-    if (mergedData == NULL || in == NULL)
-        return NULL;
-
-    /* save pointer to old cache */
-    oldContent = mergedData;
-    oldContentSz = *mergedSz;
-
-    /* re-allocate new buffer to fit appended data */
-    mergedData = (byte*)XMALLOC(oldContentSz + inSz, pkcs12->heap,
-            DYNAMIC_TYPE_PKCS);
-    if (mergedData != NULL) {
-        if (oldContent != NULL) {
-            XMEMCPY(mergedData, oldContent, oldContentSz);
-        }
-        XMEMCPY(mergedData + oldContentSz, in, inSz);
-        *mergedSz += inSz;
-    }
-    XFREE(oldContent, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-
-    return mergedData;
-}
-
-/* Check if constructed [0] is seen after wc_BerToDer() or not.
- * returns 1 if seen, 0 if not, ASN_PARSE_E on error */
-static int PKCS12_CheckConstructedZero(byte* data, word32 dataSz, word32* idx)
-{
-    word32 oid;
-    int    ret = 0;
-    int    number, size = 0;
-    byte   tag = 0;
-
-    if (GetSequence(data, idx, &size, dataSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-
-    if (ret == 0 && GetObjectId(data, idx, &oid, oidIgnoreType, dataSz)) {
-        ret = ASN_PARSE_E;
-    }
-
-    if (ret == 0 && GetSequence(data, idx, &size, dataSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-
-    if (ret == 0 && GetOctetString(data, idx, &size, dataSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-
-    *idx += (word32)size;
-    if (ret == 0 && GetShortInt(data, idx, &number, dataSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-
-    /* Check if wc_BerToDer() handled constructed [0] and octet
-     * strings properly, manually fix it if not. */
-    if (ret == 0 && GetASNTag(data, idx, &tag, dataSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    else if (ret == 0 && tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-        ret = 1;
-    }
-
-    return ret;
-}
-
-/* Manually coalesce definite length octet strings into one unconstructed
- * definite length octet string.
- * returns 0 on success, negative on failure */
-static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
-        word32 dataSz, word32* idx, int* curIdx)
-{
-    byte*  mergedData = NULL; /* buffer for concatenated strings */
-    word32 mergedSz = 0;      /* total size of merged strings */
-    int    encryptedContentSz = 0;
-    int    originalEncSz = 0;
-    int    ret = 0;
-    word32 saveIdx;
-    byte   tag;
-
-    saveIdx = *idx;
-
-    if (GetLength(data, idx, &originalEncSz, dataSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-
-    /* Loop through octet strings and concatenate them without
-     * the tags and length */
-    while ((int)*idx < originalEncSz + *curIdx) {
-        if (GetASNTag(data, idx, &tag, dataSz) < 0) {
-            ret = ASN_PARSE_E;
-        }
-        if (ret == 0 && (tag != ASN_OCTET_STRING)) {
-            ret = ASN_PARSE_E;
-        }
-        if (ret == 0 && GetLength(data, idx,
-                    &encryptedContentSz, dataSz) <= 0) {
-            ret = ASN_PARSE_E;
-        }
-        if (ret == 0) {
-            if (mergedData == NULL) {
-                mergedData = (byte*)XMALLOC((size_t)encryptedContentSz,
-                            pkcs12->heap, DYNAMIC_TYPE_PKCS);
-                if (mergedData == NULL) {
-                    ret = MEMORY_E;
-                }
-            }
-            mergedData = PKCS12_ConcatenateContent(pkcs12, mergedData,
-                    &mergedSz, &data[*idx], (word32)encryptedContentSz);
-            if (mergedData == NULL) {
-                ret = MEMORY_E;
-            }
-        }
-        if (ret != 0) {
-            break;
-        }
-        *idx += (word32)encryptedContentSz;
-    }
-
-    if (ret == 0) {
-        *idx = saveIdx;
-
-        *idx += SetLength(mergedSz, &data[*idx]);
-
-        if (mergedSz > 0) {
-            /* Copy over concatenated octet strings into data buffer */
-            XMEMCPY(&data[*idx], mergedData, mergedSz);
-        }
-    }
-
-    XFREE(mergedData, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-
-    return ret;
-}
-#endif
-
-/* return 0 on success and negative on failure.
- * By side effect returns private key, cert, and optionally ca.
- * Parses and decodes the parts of PKCS12
- *
- * NOTE: can parse with USER RSA enabled but may return cert that is not the
- *       pair for the key when using RSA key pairs.
- *
- * pkcs12 : non-null WC_PKCS12 struct
- * psw    : password to use for PKCS12 decode
- * pkey   : Private key returned
- * cert   : x509 cert returned
- * ca     : optional ca returned
- */
-int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
-        byte** pkey, word32* pkeySz, byte** cert, word32* certSz,
-        WC_DerCertList** ca)
-{
-    return wc_PKCS12_parse_ex(pkcs12, psw, pkey, pkeySz, cert, certSz, ca, 0);
-}
-
-/* return 0 on success and negative on failure.
- * By side effect returns private key, cert, and optionally ca.
- * Parses and decodes the parts of PKCS12
- *
- * NOTE: can parse with USER RSA enabled but may return cert that is not the
- *       pair for the key when using RSA key pairs.
- *
- * pkcs12        : non-null WC_PKCS12 struct
- * psw           : password to use for PKCS12 decode
- * pkey          : Private key returned
- * cert          : x509 cert returned
- * ca            : optional ca returned
- * keepKeyHeader : 0 removes PKCS8 header, other than 0 keeps PKCS8 header
- */
-int wc_PKCS12_parse_ex(WC_PKCS12* pkcs12, const char* psw,
-        byte** pkey, word32* pkeySz, byte** cert, word32* certSz,
-        WC_DerCertList** ca, int keepKeyHeader)
-{
-    ContentInfo* ci       = NULL;
-    WC_DerCertList* certList = NULL;
-    WC_DerCertList* tailList = NULL;
-    byte* buf             = NULL;
-    word32 i, oid;
-    word32 algId;
-    int ret, pswSz;
-#ifdef ASN_BER_TO_DER
-    int curIdx;
-#endif
-
-    WOLFSSL_ENTER("wc_PKCS12_parse");
-
-    if (pkcs12 == NULL || psw == NULL || cert == NULL || certSz == NULL ||
-        pkey == NULL   || pkeySz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    pswSz = (int)XSTRLEN(psw);
-    *cert = NULL;
-    *pkey = NULL;
-    if (ca != NULL)
-        *ca = NULL;
-
-    /* if there is sign data then verify the MAC */
-    if (pkcs12->signData != NULL ) {
-        if ((ret = wc_PKCS12_verify(pkcs12, pkcs12->safe->data,
-                               pkcs12->safe->dataSz, (byte*)psw, (word32)pswSz)) != 0) {
-            WOLFSSL_MSG("PKCS12 Bad MAC on verify");
-            WOLFSSL_LEAVE("wc_PKCS12_parse verify ", ret);
-            (void)ret;
-            return MAC_CMP_FAILED_E;
-        }
-    }
-
-    if (pkcs12->safe == NULL) {
-        WOLFSSL_MSG("No PKCS12 safes to parse");
-        return BAD_FUNC_ARG;
-    }
-
-    /* Decode content infos */
-    ci = pkcs12->safe->CI;
-    for (i = 0; i < pkcs12->safe->numCI; i++) {
-        byte*  data;
-        word32 idx = 0;
-        int    size, totalSz;
-        byte   tag;
-
-        data = ci->data;
-
-        if (ci->type == WC_PKCS12_ENCRYPTED_DATA) {
-            int number;
-
-            WOLFSSL_MSG("Decrypting PKCS12 Content Info Container");
-            if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-
-            if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-            if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-
-            if ((ret = GetSequence(data, &idx, &size, ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-
-            if ((ret = GetShortInt(data, &idx, &number, ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-
-            if (number != 0) {
-                WOLFSSL_MSG("Expecting 0 for Integer with Encrypted PKCS12");
-            }
-
-            if ((ret = GetSequence(data, &idx, &size, ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-
-            ret = GetObjectId(data, &idx, &oid, oidIgnoreType, ci->dataSz);
-            if (ret < 0 || oid != WC_PKCS12_DATA) {
-                WOLFSSL_MSG("Not PKCS12 DATA object or get object parse error");
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-
-
-#ifdef ASN_BER_TO_DER
-            curIdx = (int)idx;
-            /* If indefinite length format, ensure it is in the ASN format
-             * the DecryptContent() expects */
-            if (pkcs12->indefinite && PKCS12_CheckConstructedZero(data,
-                                                    ci->dataSz, &idx) == 1) {
-                data[idx-1] = ASN_LONG_LENGTH;
-                ret = PKCS12_CoalesceOctetStrings(pkcs12, data, ci->dataSz,
-                                                  &idx, &curIdx);
-                if (ret < 0) {
-                    goto exit_pk12par;
-                }
-            }
-            idx = (word32)curIdx;
-#endif
-
-        /* decrypted content overwrites input buffer */
-            size = (int)(ci->dataSz - idx);
-            buf = (byte*)XMALLOC((size_t)size, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-            if (buf == NULL) {
-                ERROR_OUT(MEMORY_E, exit_pk12par);
-            }
-            XMEMCPY(buf, data + idx, (size_t)size);
-
-            if ((ret = DecryptContent(buf, (word32)size, psw, pswSz)) < 0) {
-                WOLFSSL_MSG("Decryption failed, algorithm not compiled in?");
-                goto exit_pk12par;
-            }
-
-            data = buf;
-            idx = 0;
-
-        #ifdef WOLFSSL_DEBUG_PKCS12
-            {
-                byte* p;
-                for (printf("\tData = "), p = (byte*)buf;
-                    p < (byte*)buf + size;
-                    printf("%02X", *p), p++);
-                printf("\n");
-            }
-        #endif
-        }
-        else { /* type DATA */
-            WOLFSSL_MSG("Parsing PKCS12 DATA Content Info Container");
-            if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-
-            if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-            if (GetLength(data, &idx, &size, ci->dataSz) <= 0) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-
-            if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-            if (tag != ASN_OCTET_STRING) {
-                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-            }
-            if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-
-        }
-
-        /* parse through bags in ContentInfo */
-        if ((ret = GetSequence(data, &idx, &totalSz, ci->dataSz)) < 0) {
-            goto exit_pk12par;
-        }
-        totalSz += (int)idx;
-
-        while ((int)idx < totalSz) {
-            int bagSz;
-            if ((ret = GetSequence(data, &idx, &bagSz, ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-            bagSz += (int)idx;
-
-            if ((ret = GetObjectId(data, &idx, &oid, oidIgnoreType,
-                                                             ci->dataSz)) < 0) {
-                goto exit_pk12par;
-            }
-
-            switch (oid) {
-                case WC_PKCS12_KeyBag: /* 667 */
-                    WOLFSSL_MSG("PKCS12 Key Bag found");
-                    if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                        ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                    }
-                    if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-                        ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                    }
-                    if ((ret = GetLength(data, &idx, &size, ci->dataSz)) <= 0) {
-                        if (ret == 0)
-                            ret = ASN_PARSE_E;
-                        goto exit_pk12par;
-                    }
-                    if (*pkey == NULL) {
-                        *pkey = (byte*)XMALLOC((size_t)size, pkcs12->heap,
-                                                       DYNAMIC_TYPE_PUBLIC_KEY);
-                        if (*pkey == NULL) {
-                            ERROR_OUT(MEMORY_E, exit_pk12par);
-                        }
-                        XMEMCPY(*pkey, data + idx, (size_t)size);
-                        if (keepKeyHeader) {
-                            *pkeySz = (word32)size;
-                        }
-                        else {
-                            *pkeySz = (word32)ToTraditional_ex(*pkey,
-                                (word32)size, &algId);
-                        }
-                    }
-
-                #ifdef WOLFSSL_DEBUG_PKCS12
-                    {
-                        byte* p;
-                        for (printf("\tKey = "), p = (byte*)*pkey;
-                            p < (byte*)*pkey + size;
-                            printf("%02X", *p), p++);
-                        printf("\n");
-                    }
-                #endif
-                    idx += (word32)size;
-                    break;
-
-                case WC_PKCS12_ShroudedKeyBag: /* 668 */
-                    {
-                        byte* k;
-
-                        WOLFSSL_MSG("PKCS12 Shrouded Key Bag found");
-                        if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                            ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                        }
-                        if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-                            ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                        }
-                        if ((ret = GetLength(data, &idx, &size,
-                                                             ci->dataSz)) < 0) {
-                            goto exit_pk12par;
-                        }
-
-                        k = (byte*)XMALLOC((size_t)size, pkcs12->heap,
-                                                       DYNAMIC_TYPE_PUBLIC_KEY);
-                        if (k == NULL) {
-                            ERROR_OUT(MEMORY_E, exit_pk12par);
-                        }
-                        XMEMCPY(k, data + idx, (size_t)size);
-
-                        /* overwrites input, be warned */
-                        if (keepKeyHeader) {
-                            if ((ret = wc_DecryptPKCS8Key(k, (word32)size, psw,
-                                pswSz)) < 0) {
-                                XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
-                                goto exit_pk12par;
-                            }
-                        }
-                        else {
-                            if ((ret = ToTraditionalEnc(k, (word32)size, psw,
-                                pswSz, &algId)) < 0) {
-                                XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
-                                goto exit_pk12par;
-                            }
-                        }
-
-                        if (ret < size) {
-                            /* shrink key buffer */
-                            byte* tmp = (byte*)XMALLOC((size_t)ret, pkcs12->heap,
-                                                 DYNAMIC_TYPE_PUBLIC_KEY);
-                            if (tmp == NULL) {
-                                XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
-                                ERROR_OUT(MEMORY_E, exit_pk12par);
-                            }
-                            XMEMCPY(tmp, k, (size_t)ret);
-                            XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
-                            k = tmp;
-                        }
-                        size = ret;
-
-                        if (*pkey == NULL) {
-                            *pkey = k;
-                            *pkeySz = (word32)size;
-                        }
-                        else { /* only expecting one key */
-                            XFREE(k, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
-                        }
-                        idx += (word32)size;
-
-                    #ifdef WOLFSSL_DEBUG_PKCS12
-                        {
-                            byte* p;
-                            for (printf("\tKey = "), p = (byte*)k;
-                                p < (byte*)k + ret;
-                                printf("%02X", *p), p++);
-                            printf("\n");
-                        }
-                    #endif
-                    }
-                    break;
-
-                case WC_PKCS12_CertBag: /* 669 */
-                {
-                    WC_DerCertList* node;
-                    WOLFSSL_MSG("PKCS12 Cert Bag found");
-                    if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                        ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                    }
-                    if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC)) {
-                        ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                    }
-                    if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
-                        goto exit_pk12par;
-                    }
-
-                    /* get cert bag type */
-                    if ((ret = GetSequence(data, &idx, &size, ci->dataSz)) <0) {
-                        goto exit_pk12par;
-                    }
-
-                    if ((ret = GetObjectId(data, &idx, &oid, oidIgnoreType,
-                                                             ci->dataSz)) < 0) {
-                        goto exit_pk12par;
-                    }
-
-                    switch (oid) {
-                        case WC_PKCS12_CertBag_Type1:  /* 675 */
-                            /* type 1 */
-                            WOLFSSL_MSG("PKCS12 cert bag type 1");
-                            if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                            }
-                            if (tag != (ASN_CONSTRUCTED |
-                                        ASN_CONTEXT_SPECIFIC)) {
-                                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                            }
-                            if ((ret = GetLength(data, &idx, &size, ci->dataSz))
-                                                                         <= 0) {
-                                if (ret == 0)
-                                    ret = ASN_PARSE_E;
-                                goto exit_pk12par;
-                            }
-                            if (GetASNTag(data, &idx, &tag, ci->dataSz) < 0) {
-                                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                            }
-                            if (tag != ASN_OCTET_STRING) {
-                                ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-
-                            }
-                            if ((ret = GetLength(data, &idx, &size, ci->dataSz))
-                                                                          < 0) {
-                                goto exit_pk12par;
-                            }
-                            break;
-                       default:
-                            WOLFSSL_MSG("Unknown PKCS12 cert bag type");
-                    }
-
-                    if (size + (int)idx > bagSz) {
-                        ERROR_OUT(ASN_PARSE_E, exit_pk12par);
-                    }
-
-                    /* list to hold all certs found */
-                    node = (WC_DerCertList*)XMALLOC(sizeof(WC_DerCertList),
-                                               pkcs12->heap, DYNAMIC_TYPE_PKCS);
-                    if (node == NULL) {
-                        ERROR_OUT(MEMORY_E, exit_pk12par);
-                    }
-                    XMEMSET(node, 0, sizeof(WC_DerCertList));
-
-                    node->buffer = (byte*)XMALLOC((size_t)size, pkcs12->heap,
-                                                             DYNAMIC_TYPE_PKCS);
-                    if (node->buffer == NULL) {
-                        XFREE(node, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-                        ERROR_OUT(MEMORY_E, exit_pk12par);
-                    }
-                    XMEMCPY(node->buffer, data + idx, (size_t)size);
-                    node->bufferSz = (word32)size;
-
-                    /* put the new node into the list */
-                    if (certList != NULL) {
-                        WOLFSSL_MSG("Pushing new cert onto queue");
-                        tailList->next = node;
-                        tailList = node;
-                    }
-                    else {
-                        certList = node;
-                        tailList = node;
-                    }
-
-                    /* on to next */
-                    idx += (word32)size;
-                }
-                    break;
-
-                case WC_PKCS12_CrlBag: /* 670 */
-                    WOLFSSL_MSG("PKCS12 CRL BAG not yet supported");
-                    break;
-
-                case WC_PKCS12_SecretBag: /* 671 */
-                    WOLFSSL_MSG("PKCS12 Secret BAG not yet supported");
-                    break;
-
-                case WC_PKCS12_SafeContentsBag: /* 672 */
-                    WOLFSSL_MSG("PKCS12 Safe Contents BAG not yet supported");
-                    break;
-
-                default:
-                    WOLFSSL_MSG("Unknown PKCS12 BAG type found");
-            }
-
-            /* Attribute, unknown bag or unsupported */
-            if ((int)idx < bagSz) {
-                idx = (word32)bagSz; /* skip for now */
-            }
-        }
-
-        /* free temporary buffer */
-        XFREE(buf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        buf = NULL;
-
-        ci = ci->next;
-        WOLFSSL_MSG("Done Parsing PKCS12 Content Info Container");
-    }
-
-    /* check if key pair, remove from list */
-    if (*pkey != NULL) {
-        ret = freeDecCertList(&certList, pkey, pkeySz, cert, certSz,
-                              pkcs12->heap);
-        if (ret < 0)
-            goto exit_pk12par;
-    }
-
-    /* if ca arg provided return certList, otherwise free it */
-    if (ca != NULL) {
-        *ca = certList;
-    }
-    else {
-        /* free list, not wanted */
-        wc_FreeCertList(certList, pkcs12->heap);
-    }
-    (void)tailList; /* not used */
-
-    ret = 0; /* success */
-
-exit_pk12par:
-
-    if (ret != 0) {
-        /* failure cleanup */
-        if (*pkey) {
-            XFREE(*pkey, pkcs12->heap, DYNAMIC_TYPE_PUBLIC_KEY);
-            *pkey = NULL;
-        }
-        XFREE(buf, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-        buf = NULL;
-
-        wc_FreeCertList(certList, pkcs12->heap);
-    }
-
-    return ret;
-}
-
-
-/* Helper function to get parameters for key and cert encryptions */
-static int wc_PKCS12_get_enc_params(int inAlgo, int* vPKCS, int* outAlgo,
-        int* blkOid, int* hmacOid)
-{
-    int ret = 0;
-
-    if (inAlgo == PBE_SHA1_RC4_128) {
-        *vPKCS = 1;   /* PKCS#12 */
-        *outAlgo = PBE_SHA1_RC4_128;
-        *blkOid = 0;  /* Unused */
-        *hmacOid = 0; /* Use SHA1 as default */
-    }
-    else if (inAlgo == PBE_SHA1_DES) {
-        *vPKCS = PKCS5;
-        *outAlgo = PBES1_SHA1_DES;
-        *blkOid = 0;  /* Unused */
-        *hmacOid = 0; /* Use SHA1 as default */
-    }
-    else if (inAlgo == PBE_SHA1_DES3) {
-        *vPKCS = 1;   /* PKCS#12 */
-        *outAlgo = PBE_SHA1_DES3;
-        *blkOid = 0;  /* Unused */
-        *hmacOid = 0; /* Use SHA1 as default */
-    }
-    else if (inAlgo == PBE_AES256_CBC) {
-        *vPKCS = PKCS5;
-        *outAlgo = PBES2;
-        *blkOid = AES256CBCb;
-        *hmacOid = HMAC_SHA256_OID;
-    }
-    else if (inAlgo == PBE_AES128_CBC) {
-        *vPKCS = PKCS5;
-        *outAlgo = PBES2;
-        *blkOid = AES128CBCb;
-        *hmacOid = HMAC_SHA256_OID;
-    }
-    else {
-        WOLFSSL_MSG("Unsupported algorithm for PKCS12 encryption");
-        ret = ALGO_ID_E;
-    }
-
-    return ret;
-}
-
-
-/* Helper function to shroud keys.
- *
- * pkcs12 structure to use with shrouding key
- * rng    random number generator used
- * out    buffer to hold results
- * outSz  size of out buffer
- * key    key that is going to be shrouded
- * keySz  size of key buffer
- * vAlgo  algorithm version
- * pass   password to use
- * passSz size of pass buffer
- * itt    number of iterations
- *
- * returns the size of the shrouded key on success
- */
-static int wc_PKCS12_shroud_key(WC_PKCS12* pkcs12, WC_RNG* rng,
-        byte* out, word32* outSz, byte* key, word32 keySz, int vAlgo,
-        const char* pass, int passSz, int itt)
-{
-    void* heap;
-    word32 tmpIdx = 0;
-    word32 sz;
-    word32 totalSz = 0;
-    int ret;
-    byte* pkcs8Key = NULL;
-    byte salt[PKCS5V2_SALT_SZ]; /* PKCS5V2_SALT_SZ > PKCS5_SALT_SZ */
-    word32 saltSz = 0;
-
-    int vPKCS = -1;
-    int outAlgo = -1;
-    int blkOid = 0;
-    int hmacOid = 0;
-
-    if (outSz == NULL || pkcs12 == NULL || rng == NULL || key == NULL ||
-            pass == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    heap = wc_PKCS12_GetHeap(pkcs12);
-
-    /* check if trying to get size */
-    if (out != NULL) {
-        tmpIdx += MAX_LENGTH_SZ + 1; /* save room for length and tag (+1) */
-        sz = *outSz - tmpIdx;
-        pkcs8Key = out + tmpIdx;
-    }
-
-    /* case of no encryption */
-    if (vAlgo < 0) {
-        const byte* curveOID = NULL;
-        word32 oidSz = 0;
-        int algoID;
-
-        WOLFSSL_MSG("creating PKCS12 Key Bag");
-
-        /* check key type and get OID if ECC */
-        if ((ret = wc_GetKeyOID(key, keySz, &curveOID, &oidSz, &algoID, heap))
-                < 0) {
-            return ret;
-        }
-
-        /* PKCS#8 wrapping around key */
-        ret = wc_CreatePKCS8Key(pkcs8Key, &sz, key, keySz, algoID, curveOID,
-                oidSz);
-    }
-    else {
-        WOLFSSL_MSG("creating PKCS12 Shrouded Key Bag");
-
-        if ((ret = wc_PKCS12_get_enc_params(vAlgo, &vPKCS, &outAlgo, &blkOid,
-                &hmacOid)) < 0) {
-            return ret;
-        }
-        saltSz = (outAlgo != PBES2) ? PKCS5_SALT_SZ : PKCS5V2_SALT_SZ;
-        if ((ret = wc_RNG_GenerateBlock(rng, salt, saltSz)) < 0) {
-            return ret;
-        }
-
-        ret = TraditionalEnc_ex(key, keySz, pkcs8Key, &sz, pass, passSz,
-                vPKCS, outAlgo, blkOid, salt, saltSz, itt, hmacOid, rng, heap);
-    }
-    if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-        *outSz =  sz + MAX_LENGTH_SZ + 1;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if (ret < 0) {
-        return ret;
-    }
-
-    totalSz += (word32)ret;
-
-    /* out should not be null at this point but check before writing */
-    if (out == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* rewind index and set tag and length */
-    tmpIdx -= MAX_LENGTH_SZ + 1;
-    sz = (word32)SetExplicit(0, (word32)ret, out + tmpIdx, 0);
-    tmpIdx += sz; totalSz += sz;
-    XMEMMOVE(out + tmpIdx, out + MAX_LENGTH_SZ + 1, (size_t)ret);
-
-    return (int)totalSz;
-}
-
-
-/* Helper function to create key bag.
- *
- * pkcs12 structure to use with key bag
- * rng    random number generator used
- * out    buffer to hold results
- * outSz  size of out buffer
- * key    key that is going into key bag
- * keySz  size of key buffer
- * algo   algorithm version
- * iter   number of iterations
- * pass   password to use
- * passSz size of pass buffer
- *
- * returns the size of the key bag on success
- */
-static int wc_PKCS12_create_key_bag(WC_PKCS12* pkcs12, WC_RNG* rng,
-        byte* out, word32* outSz, byte* key, word32 keySz, int algo, int iter,
-        char* pass, int passSz)
-{
-    void* heap;
-    byte* tmp;
-    word32 length  = 0;
-    word32 idx     = 0;
-    word32 totalSz = 0;
-    word32 sz;
-    word32 i;
-    word32 tmpSz;
-    int ret;
-
-    /* get max size for shrouded key */
-    ret =  wc_PKCS12_shroud_key(pkcs12, rng, NULL, &length, key, keySz,
-            algo, pass, passSz, iter);
-    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E) && ret < 0) {
-        return ret;
-    }
-
-    if (out == NULL) {
-        *outSz = MAX_SEQ_SZ + WC_PKCS12_DATA_OBJ_SZ + 1 + MAX_LENGTH_SZ +
-            length;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    heap = wc_PKCS12_GetHeap(pkcs12);
-
-    /* leave room for sequence */
-    idx += MAX_SEQ_SZ;
-
-    if (algo < 0) { /* not encrypted */
-        out[idx++] = ASN_OBJECT_ID; totalSz++;
-        sz = SetLength(sizeof(WC_PKCS12_KeyBag_OID), out + idx);
-        idx += sz; totalSz += sz;
-        for (i = 0; i < sizeof(WC_PKCS12_KeyBag_OID); i++) {
-            out[idx++] = WC_PKCS12_KeyBag_OID[i]; totalSz++;
-        }
-    }
-    else { /* encrypted */
-        out[idx++] = ASN_OBJECT_ID; totalSz++;
-        sz = SetLength(sizeof(WC_PKCS12_ShroudedKeyBag_OID), out + idx);
-        idx += sz; totalSz += sz;
-        for (i = 0; i < sizeof(WC_PKCS12_ShroudedKeyBag_OID); i++) {
-            out[idx++] = WC_PKCS12_ShroudedKeyBag_OID[i]; totalSz++;
-        }
-    }
-
-    /* shroud key */
-    tmp = (byte*)XMALLOC(length, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (tmp == NULL) {
-        return MEMORY_E;
-    }
-
-    ret =  wc_PKCS12_shroud_key(pkcs12, rng, tmp, &length, key, keySz,
-            algo, pass, passSz, iter);
-    if (ret < 0) {
-        XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-    length = (word32)ret;
-    XMEMCPY(out + idx, tmp, (size_t)length);
-    XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    totalSz += length;
-
-    /* set beginning sequence */
-    tmpSz = SetSequence(totalSz, out);
-    XMEMMOVE(out + tmpSz, out + MAX_SEQ_SZ, totalSz);
-
-    (void)heap;
-    return (int)(totalSz + tmpSz);
-}
-
-
-/* Helper function to create cert bag.
- *
- * pkcs12 structure to use with cert bag
- * out    buffer to hold results
- * outSz  size of out buffer
- * cert   cert that is going into cert bag
- * certSz size of cert buffer
- *
- * returns the size of the cert bag on success
- */
-static int wc_PKCS12_create_cert_bag(WC_PKCS12* pkcs12,
-        byte* out, word32* outSz, byte* cert, word32 certSz)
-{
-    word32 length = 0;
-    word32 idx = 0;
-    word32 totalSz = 0;
-    word32 sz;
-    int WC_CERTBAG_OBJECT_ID  = 13;
-    int WC_CERTBAG1_OBJECT_ID = 12;
-    word32 i;
-    word32 tmpSz;
-
-    if (out == NULL) {
-        *outSz = (word32)(MAX_SEQ_SZ + WC_CERTBAG_OBJECT_ID + 1 + MAX_LENGTH_SZ +
-            MAX_SEQ_SZ + WC_CERTBAG1_OBJECT_ID + 1 + MAX_LENGTH_SZ + 1 +
-            MAX_LENGTH_SZ + (int)certSz);
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    /* check buffer size able to handle max size */
-    if (*outSz < (word32)(MAX_SEQ_SZ + WC_CERTBAG_OBJECT_ID + 1 + MAX_LENGTH_SZ +
-            MAX_SEQ_SZ + WC_CERTBAG1_OBJECT_ID + 1 + MAX_LENGTH_SZ + 1 +
-            MAX_LENGTH_SZ + (int)certSz)) {
-        return BUFFER_E;
-    }
-
-    /* save room for sequence */
-    idx += MAX_SEQ_SZ;
-
-    /* objectId WC_PKCS12_CertBag */
-    out[idx++] = ASN_OBJECT_ID; totalSz++;
-    sz = SetLength(sizeof(WC_PKCS12_CertBag_OID), out + idx);
-    idx += sz; totalSz += sz;
-    for (i = 0; i < sizeof(WC_PKCS12_CertBag_OID); i++) {
-        out[idx++] = WC_PKCS12_CertBag_OID[i]; totalSz++;
-    }
-
-    /**** Cert Bag type 1 ****/
-    out[idx++] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC); totalSz++;
-
-    /* save room for length and sequence */
-    idx += MAX_LENGTH_SZ;
-    idx += MAX_SEQ_SZ;
-
-    /* object id WC_PKCS12_CertBag_Type1 */
-    out[idx++] = ASN_OBJECT_ID; length++;
-    sz = SetLength(sizeof(WC_PKCS12_CertBag_Type1_OID), out + idx);
-    idx += sz; length += sz;
-    for (i = 0; i < sizeof(WC_PKCS12_CertBag_Type1_OID); i++) {
-        out[idx++] = WC_PKCS12_CertBag_Type1_OID[i]; length++;
-    }
-
-    out[idx++] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC); length++;
-    sz = 0;
-    idx += MAX_LENGTH_SZ; /* save room for length */
-
-    /* place the cert in the buffer */
-    out[idx++] = ASN_OCTET_STRING; sz++;
-    tmpSz = SetLength(certSz, out + idx);
-    idx += tmpSz; sz += tmpSz;
-    XMEMCPY(out + idx, cert, certSz);
-    idx += certSz; sz += certSz;
-
-    /* rewind idx and place length */
-    idx -= (sz + MAX_LENGTH_SZ);
-    tmpSz = SetLength(sz, out + idx);
-    XMEMMOVE(out + idx + tmpSz, out + idx + MAX_LENGTH_SZ, sz);
-    idx += tmpSz + sz; length += tmpSz + sz;
-
-    /* rewind idx and set sequence */
-    idx -= (length + MAX_SEQ_SZ);
-    tmpSz = SetSequence(length, out + idx);
-    XMEMMOVE(out + idx + tmpSz, out + idx + MAX_SEQ_SZ, length);
-    length += tmpSz;
-
-    /* place final length */
-    idx -= MAX_LENGTH_SZ;
-    tmpSz = SetLength(length, out + idx);
-    XMEMMOVE(out + idx + tmpSz, out + idx + MAX_LENGTH_SZ, length);
-    length += tmpSz;
-
-    /* place final sequence */
-    totalSz += length;
-    tmpSz = SetSequence(totalSz, out);
-    XMEMMOVE(out + tmpSz, out + MAX_SEQ_SZ, totalSz);
-
-    (void)pkcs12;
-
-    return (int)(totalSz + tmpSz);
-}
-
-
-/* Helper function to encrypt content.
- *
- * pkcs12    structure to use with key bag
- * rng       random number generator used
- * out       buffer to hold results
- * outSz     size of out buffer
- * content   content to encrypt
- * contentSz size of content buffer
- * vAlgo     algorithm version
- * pass      password to use
- * passSz    size of pass buffer
- * iter      number of iterations
- * type      content type i.e WC_PKCS12_ENCRYPTED_DATA or WC_PKCS12_DATA
- *
- * returns the size of result on success
- */
-static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng,
-        byte* out, word32* outSz, byte* content, word32 contentSz, int vAlgo,
-        const char* pass, int passSz, int iter, int type)
-{
-    void* heap;
-    int ret;
-    byte*  tmp;
-    word32 idx = 0;
-    word32 totalSz = 0;
-    word32 length = 0;
-    word32 tmpSz;
-    word32 encSz;
-
-    int vPKCS = -1;
-    int outAlgo = -1;
-    int blkOid = 0;
-    int hmacOid = 0;
-
-    byte seq[MAX_SEQ_SZ];
-
-    WOLFSSL_MSG("encrypting PKCS12 content");
-
-    heap = wc_PKCS12_GetHeap(pkcs12);
-
-    /* ENCRYPTED DATA
-     * ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC
-     * length
-     * sequence
-     * short int
-     * sequence
-     * get object id */
-    if (type == WC_PKCS12_ENCRYPTED_DATA) {
-        word32 outerSz = 0;
-
-        if ((ret = wc_PKCS12_get_enc_params(vAlgo, &vPKCS, &outAlgo, &blkOid,
-                &hmacOid)) < 0) {
-            return ret;
-        }
-
-        encSz = contentSz;
-        if ((ret = EncryptContent(NULL, contentSz, NULL, &encSz,
-                   pass, passSz, vPKCS, outAlgo, blkOid, NULL, 0, iter, hmacOid,
-                   rng, heap)) < 0) {
-            if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-                return ret;
-            }
-        }
-
-        /* calculate size */
-        totalSz  = (word32)SetObjectId(sizeof(WC_PKCS12_ENCRYPTED_OID), seq);
-        totalSz += (word32)sizeof(WC_PKCS12_ENCRYPTED_OID);
-        totalSz += ASN_TAG_SZ;
-
-        length  = (word32)SetMyVersion(0, seq, 0);
-        tmpSz   = (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), seq);
-        tmpSz  += (word32)sizeof(WC_PKCS12_DATA_OID);
-        tmpSz  += encSz;
-        length += SetSequence(tmpSz, seq) + tmpSz;
-        outerSz = SetSequence(length, seq) + length;
-
-        totalSz += SetLength(outerSz, seq) + outerSz;
-        if (out == NULL) {
-            *outSz = totalSz + SetSequence(totalSz, seq);
-            return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-
-        if (*outSz < totalSz + SetSequence(totalSz, seq)) {
-            return BUFFER_E;
-        }
-
-        idx = 0;
-        idx += SetSequence(totalSz, out + idx);
-        idx += (word32)SetObjectId(sizeof(WC_PKCS12_ENCRYPTED_OID), out + idx);
-        if (idx + sizeof(WC_PKCS12_ENCRYPTED_OID) > *outSz){
-            return BUFFER_E;
-        }
-        XMEMCPY(out + idx, WC_PKCS12_ENCRYPTED_OID,
-                sizeof(WC_PKCS12_ENCRYPTED_OID));
-        idx += (word32)sizeof(WC_PKCS12_ENCRYPTED_OID);
-
-        if (idx + 1 > *outSz){
-            return BUFFER_E;
-        }
-        out[idx++] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC);
-        idx += SetLength(outerSz, out + idx);
-
-        idx += SetSequence(length, out + idx);
-        idx += (word32)SetMyVersion(0, out + idx, 0);
-        tmp = (byte*)XMALLOC(encSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (tmp == NULL) {
-            return MEMORY_E;
-        }
-
-        if ((ret = EncryptContent(content, contentSz, tmp, &encSz,
-                   pass, passSz, vPKCS, outAlgo, blkOid, NULL, 0, iter, hmacOid,
-                   rng, heap)) < 0) {
-            XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return ret;
-        }
-        encSz = (word32)ret;
-
-        #ifdef WOLFSSL_DEBUG_PKCS12
-        {
-            byte* p;
-            for (printf("(size %u) Encrypted Content = ", encSz),
-                    p = (byte*)tmp;
-                p < (byte*)tmp + encSz;
-                printf("%02X", *p), p++);
-            printf("\n");
-        }
-        #endif
-
-        idx += SetSequence(WC_PKCS12_DATA_OBJ_SZ + encSz, out + idx);
-        idx += (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), out + idx);
-        if (idx + sizeof(WC_PKCS12_DATA_OID) > *outSz){
-            WOLFSSL_MSG("Buffer not large enough for DATA OID");
-            XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return BUFFER_E;
-        }
-        XMEMCPY(out + idx, WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID));
-        idx += (word32)sizeof(WC_PKCS12_DATA_OID);
-
-        /* copy over encrypted data */
-        if (idx + encSz > *outSz){
-            XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return BUFFER_E;
-        }
-        XMEMCPY(out + idx, tmp, encSz);
-        XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        idx += encSz;
-        return (int)idx;
-    }
-
-    /* DATA
-     * ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC
-     * length
-     * ASN_OCTET_STRING
-     * length
-     * sequence containing all bags */
-    if (type == WC_PKCS12_DATA) {
-        /* calculate size */
-        totalSz = (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), seq);
-        totalSz += (word32)sizeof(WC_PKCS12_DATA_OID);
-        totalSz += ASN_TAG_SZ;
-
-        length   = SetOctetString(contentSz, seq);
-        length  += contentSz;
-        totalSz += SetLength(length, seq);
-        totalSz += length;
-
-        if (out == NULL) {
-            *outSz = totalSz + SetSequence(totalSz, seq);
-            return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-
-        if (*outSz < (totalSz + SetSequence(totalSz, seq))) {
-            return BUFFER_E;
-        }
-
-        /* place data in output buffer */
-        idx  = 0;
-        idx += SetSequence(totalSz, out);
-        idx += (word32)SetObjectId(sizeof(WC_PKCS12_DATA_OID), out + idx);
-        if (idx + sizeof(WC_PKCS12_DATA_OID) > *outSz){
-            WOLFSSL_MSG("Buffer not large enough for DATA OID");
-            return BUFFER_E;
-        }
-        XMEMCPY(out + idx, WC_PKCS12_DATA_OID, sizeof(WC_PKCS12_DATA_OID));
-        idx += (word32)sizeof(WC_PKCS12_DATA_OID);
-
-        if (idx + 1 > *outSz){
-            return BUFFER_E;
-        }
-        out[idx++] = (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC);
-        idx += SetLength(length, out + idx);
-        idx += SetOctetString(contentSz, out + idx);
-
-        if (idx + contentSz > *outSz){
-            return BUFFER_E;
-        }
-        XMEMCPY(out + idx, content, contentSz);
-        idx += contentSz;
-
-        return (int)idx;
-    }
-
-    WOLFSSL_MSG("Unknown/Unsupported content type");
-    return BAD_FUNC_ARG;
-}
-
-
-/* helper function to create the PKCS12 key content
- * keyCiSz is output buffer size
- * returns a pointer to be free'd by caller on success and NULL on failure */
-static byte* PKCS12_create_key_content(WC_PKCS12* pkcs12, int nidKey,
-        word32* keyCiSz, WC_RNG* rng, char* pass, word32 passSz,
-        byte* key, word32 keySz, int iter)
-{
-    byte*  keyBuf;
-    word32 keyBufSz = 0;
-    byte* keyCi = NULL;
-    word32 tmpSz;
-    int ret;
-    int algo;
-    void* heap;
-
-    heap = wc_PKCS12_GetHeap(pkcs12);
-    *keyCiSz = 0;
-    switch (nidKey) {
-        /* supported key encryptions */
-        case PBE_SHA1_RC4_128:
-            algo = 1;
-            break;
-
-        case PBE_SHA1_DES:
-            algo = 2;
-            break;
-
-        case PBE_SHA1_DES3:
-            algo = 3;
-            break;
-
-        case PBE_AES256_CBC:
-            algo = PBE_AES256_CBC;
-            break;
-
-        case PBE_AES128_CBC:
-            algo = PBE_AES128_CBC;
-            break;
-
-        case -1: /* no encryption */
-            algo = -1;
-            break;
-
-        default:
-            WOLFSSL_MSG("Unknown/Unsupported key encryption");
-            return NULL;
-    }
-
-    /* get max size for key bag */
-    ret = wc_PKCS12_create_key_bag(pkcs12, rng, NULL, &keyBufSz, key, keySz,
-            algo, iter, pass, (int)passSz);
-    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E) && ret < 0) {
-        WOLFSSL_MSG("Error getting key bag size");
-        return NULL;
-    }
-
-    /* account for sequence around bag */
-    keyBufSz += MAX_SEQ_SZ;
-    keyBuf = (byte*)XMALLOC(keyBufSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (keyBuf == NULL) {
-        WOLFSSL_MSG("Memory error creating keyBuf buffer");
-        return NULL;
-    }
-
-    ret = wc_PKCS12_create_key_bag(pkcs12, rng, keyBuf + MAX_SEQ_SZ, &keyBufSz,
-            key, keySz, algo, iter, pass, (int)passSz);
-    if (ret < 0) {
-        XFREE(keyBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WOLFSSL_MSG("Error creating key bag");
-        return NULL;
-    }
-    keyBufSz = (word32)ret;
-
-    tmpSz = SetSequence(keyBufSz, keyBuf);
-    XMEMMOVE(keyBuf + tmpSz, keyBuf + MAX_SEQ_SZ, keyBufSz);
-    keyBufSz += tmpSz;
-
-    #ifdef WOLFSSL_DEBUG_PKCS12
-    {
-        word32 i;
-        printf("(size %u) Key Bag = ", keyBufSz);
-        for (i = 0; i < keyBufSz; i++)
-            printf("%02X", keyBuf[i]);
-        printf("\n");
-    }
-    #endif
-    ret = wc_PKCS12_encrypt_content(pkcs12, rng, NULL, keyCiSz,
-            NULL, keyBufSz, algo, pass, (int)passSz, iter, WC_PKCS12_DATA);
-    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-        XFREE(keyBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WOLFSSL_MSG("Error getting key encrypt content size");
-        return NULL;
-    }
-    keyCi = (byte*)XMALLOC(*keyCiSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (keyCi == NULL) {
-        XFREE(keyBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return NULL;
-    }
-
-    ret = wc_PKCS12_encrypt_content(pkcs12, rng, keyCi, keyCiSz,
-            keyBuf, keyBufSz, algo, pass, (int)passSz, iter, WC_PKCS12_DATA);
-    XFREE(keyBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (ret < 0 ) {
-        XFREE(keyCi, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WOLFSSL_MSG("Error creating key encrypt content");
-        return NULL;
-    }
-    *keyCiSz = (word32)ret;
-
-    #ifdef WOLFSSL_DEBUG_PKCS12
-    {
-        word32 i;
-        printf("(size %u) Key Content Info = ", *keyCiSz);
-        for (i = 0; i < *keyCiSz; i++)
-            printf("%02X", keyCi[i]);
-        printf("\n");
-    }
-    #endif
-
-    (void)heap;
-    return keyCi;
-}
-
-
-/* helper function to create the PKCS12 certificate content
- * certCiSz is output buffer size
- * returns a pointer to be free'd by caller on success and NULL on failure */
-static byte* PKCS12_create_cert_content(WC_PKCS12* pkcs12, int nidCert,
-        WC_DerCertList* ca, byte* cert, word32 certSz, word32* certCiSz,
-        WC_RNG* rng, char* pass, word32 passSz, int iter)
-{
-    int algo;
-    int ret;
-    int type;
-
-    byte*  certBuf = NULL;
-    word32 certBufSz;
-    word32 idx;
-    word32 sz;
-    word32 tmpSz;
-
-    byte* certCi;
-    void* heap;
-
-    heap = wc_PKCS12_GetHeap(pkcs12);
-    switch (nidCert) {
-        /* supported certificate encryptions */
-        case PBE_SHA1_RC4_128:
-            type = WC_PKCS12_ENCRYPTED_DATA;
-            algo = 1;
-            break;
-
-        case PBE_SHA1_DES:
-            type = WC_PKCS12_ENCRYPTED_DATA;
-            algo = 2;
-            break;
-
-        case PBE_SHA1_DES3:
-            type = WC_PKCS12_ENCRYPTED_DATA;
-            algo = 3;
-            break;
-
-        case PBE_AES256_CBC:
-            type = WC_PKCS12_ENCRYPTED_DATA;
-            algo = PBE_AES256_CBC;
-            break;
-
-        case PBE_AES128_CBC:
-            type = WC_PKCS12_ENCRYPTED_DATA;
-            algo = PBE_AES128_CBC;
-            break;
-
-        case -1: /* no encryption */
-            type = WC_PKCS12_DATA;
-            algo = -1;
-            break;
-
-        default:
-            WOLFSSL_MSG("Unknown/Unsupported certificate encryption");
-            return NULL;
-    }
-
-    /* get max size of buffer needed */
-    ret = wc_PKCS12_create_cert_bag(pkcs12, NULL, &certBufSz, cert, certSz);
-    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-        return NULL;
-    }
-
-    if (ca != NULL) {
-        WC_DerCertList* current = ca;
-        word32 curBufSz = 0;
-
-        /* get max buffer size */
-        while (current != NULL) {
-            ret = wc_PKCS12_create_cert_bag(pkcs12, NULL, &curBufSz,
-                    current->buffer, current->bufferSz);
-            if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-                return NULL;
-            }
-            certBufSz += curBufSz;
-            current    = current->next;
-        }
-    }
-
-    /* account for Sequence that holds all certificate bags */
-    certBufSz += MAX_SEQ_SZ;
-
-    /* completed getting max size, now create buffer and start adding bags */
-    certBuf = (byte*)XMALLOC(certBufSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (certBuf == NULL) {
-        WOLFSSL_MSG("Memory error creating certificate bags");
-        return NULL;
-    }
-
-    idx = 0;
-    idx += MAX_SEQ_SZ;
-
-    sz = certBufSz - idx;
-    if ((ret = wc_PKCS12_create_cert_bag(pkcs12, certBuf + idx, &sz,
-            cert, certSz)) < 0) {
-        XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return NULL;
-    }
-    idx += (word32)ret;
-
-    if (ca != NULL) {
-        WC_DerCertList* current = ca;
-
-        while (current != NULL) {
-            sz = certBufSz - idx;
-            if ((ret = wc_PKCS12_create_cert_bag(pkcs12, certBuf + idx, &sz,
-               current->buffer, current->bufferSz)) < 0) {
-                XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-                return NULL;
-            }
-            idx += (word32)ret;
-            current = current->next;
-        }
-    }
-
-    /* set sequence and create encrypted content with all certificate bags */
-    tmpSz = SetSequence(idx - MAX_SEQ_SZ, certBuf);
-    XMEMMOVE(certBuf + tmpSz, certBuf + MAX_SEQ_SZ, idx - MAX_SEQ_SZ);
-    certBufSz = tmpSz + (idx - MAX_SEQ_SZ);
-
-    /* get buffer size needed for content info */
-    ret = wc_PKCS12_encrypt_content(pkcs12, rng, NULL, certCiSz,
-            NULL, certBufSz, algo, pass, (int)passSz, iter, type);
-    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-        XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WOLFSSL_LEAVE("wc_PKCS12_create()", ret);
-        return NULL;
-    }
-    certCi = (byte*)XMALLOC(*certCiSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (certCi == NULL) {
-        XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return NULL;
-    }
-
-    ret = wc_PKCS12_encrypt_content(pkcs12, rng, certCi, certCiSz,
-            certBuf, certBufSz, algo, pass, (int)passSz, iter, type);
-    XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (ret < 0) {
-        WOLFSSL_LEAVE("wc_PKCS12_create()", ret);
-        XFREE(certCi, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return NULL;
-    }
-    *certCiSz = (word32)ret;
-
-    #ifdef WOLFSSL_DEBUG_PKCS12
-    {
-        word32 i;
-        printf("(size %u) Encrypted Certificate Content Info = ", *certCiSz);
-        for (i = 0; i < *certCiSz; i++)
-            printf("%02X", certCi[i]);
-        printf("\n");
-    }
-    #endif
-
-    (void)heap;
-    return certCi;
-}
-
-
-/* helper function to create the PKCS12 safe
- * returns 0 on success */
-static int PKCS12_create_safe(WC_PKCS12* pkcs12, byte* certCi, word32 certCiSz,
-        byte* keyCi, word32 keyCiSz, WC_RNG* rng, char* pass, word32 passSz,
-        int iter)
-{
-    int length;
-    int ret;
-    byte seq[MAX_SEQ_SZ];
-    word32 safeDataSz;
-    word32 innerDataSz;
-    byte *innerData = NULL;
-    byte *safeData  = NULL;
-    word32 idx;
-
-    innerDataSz = certCiSz + keyCiSz+SetSequence(certCiSz + keyCiSz, seq);
-
-    /* add Content Info structs to safe, key first then cert */
-    ret = wc_PKCS12_encrypt_content(pkcs12, rng, NULL, &safeDataSz,
-            NULL, innerDataSz, 0, NULL, 0, 0, WC_PKCS12_DATA);
-    if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-        return ret;
-    }
-
-    safeData = (byte*)XMALLOC(safeDataSz, pkcs12->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (safeData == NULL) {
-        WOLFSSL_MSG("Error malloc'ing safe data buffer");
-        return MEMORY_E;
-    }
-
-    /* create sequence of inner data */
-    innerData = (byte*)XMALLOC(innerDataSz, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-    if (innerData == NULL) {
-        WOLFSSL_MSG("Error malloc'ing inner data buffer");
-        XFREE(safeData, pkcs12->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-    idx  = 0;
-    idx += SetSequence(certCiSz + keyCiSz, innerData);
-    XMEMCPY(innerData + idx, certCi, certCiSz);
-    XMEMCPY(innerData + idx + certCiSz, keyCi, keyCiSz);
-
-    ret = wc_PKCS12_encrypt_content(pkcs12, rng, safeData, &safeDataSz,
-            innerData, innerDataSz, 0, pass, (int)passSz, iter, WC_PKCS12_DATA);
-    XFREE(innerData, pkcs12->heap, DYNAMIC_TYPE_PKCS);
-    if (ret < 0 ) {
-        WOLFSSL_MSG("Error setting data type for safe contents");
-        XFREE(safeData, pkcs12->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-    idx = 0;
-
-    ret = GetSequence(safeData, &idx, &length, safeDataSz);
-    if (ret < 0) {
-        WOLFSSL_MSG("Error getting first sequence of safe");
-        XFREE(safeData, pkcs12->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-
-    ret = GetSafeContent(pkcs12, safeData, &idx, safeDataSz);
-    XFREE(safeData, pkcs12->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (ret < 0) {
-        WOLFSSL_MSG("Unable to create safe contents");
-        return ret;
-    }
-    return 0;
-}
-
-
-/*
- * pass : password to use with encryption
- * passSz : size of the password buffer
- * name : friendlyName to use
- * key  : DER format of key
- * keySz : size of key buffer
- * cert : DER format of certificate
- * certSz : size of the certificate buffer
- * ca   : a list of extra certificates
- * nidKey  : type of encryption to use on the key (-1 means no encryption)
- * nidCert : type of encryption to use on the certificate
- *           (-1 means no encryption)
- * iter    : number of iterations with encryption
- * macIter : number of iterations when creating MAC
- * keyType : flag for signature and/or encryption key
- * heap : pointer to allocate from memory
- *
- * returns a pointer to a new WC_PKCS12 structure on success and NULL if failed
- */
-WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name,
-        byte* key, word32 keySz, byte* cert, word32 certSz, WC_DerCertList* ca,
-        int nidKey, int nidCert, int iter, int macIter, int keyType, void* heap)
-{
-    WC_PKCS12* pkcs12;
-    WC_RNG     rng;
-    int ret;
-
-    byte*  certCi = NULL;
-    byte*  keyCi  = NULL;
-    word32 certCiSz;
-    word32 keyCiSz;
-
-    WOLFSSL_ENTER("wc_PKCS12_create");
-
-    if (wc_InitRng_ex(&rng, heap, INVALID_DEVID) != 0) {
-        return NULL;
-    }
-
-    if ((pkcs12 = wc_PKCS12_new_ex(heap)) == NULL) {
-        wc_FreeRng(&rng);
-        WOLFSSL_LEAVE("wc_PKCS12_create", MEMORY_E);
-        return NULL;
-    }
-
-    if (iter <= 0) {
-        iter = WC_PKCS12_ITT_DEFAULT;
-    }
-
-    /**** add private key bag ****/
-    keyCi = PKCS12_create_key_content(pkcs12, nidKey, &keyCiSz, &rng,
-            pass, passSz, key, keySz, iter);
-    if (keyCi == NULL) {
-        wc_PKCS12_free(pkcs12);
-        wc_FreeRng(&rng);
-        return NULL;
-    }
-
-    /**** add main certificate bag and extras ****/
-    certCi = PKCS12_create_cert_content(pkcs12, nidCert, ca, cert, certSz,
-            &certCiSz, &rng, pass, passSz, iter);
-    if (certCi == NULL) {
-        XFREE(keyCi, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        wc_PKCS12_free(pkcs12);
-        wc_FreeRng(&rng);
-        return NULL;
-    }
-
-    /**** create safe and Content Info ****/
-    ret = PKCS12_create_safe(pkcs12, certCi, certCiSz, keyCi, keyCiSz, &rng,
-            pass, passSz, iter);
-    XFREE(keyCi,  heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(certCi, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (ret != 0) {
-        WOLFSSL_MSG("Unable to create PKCS12 safe");
-        wc_PKCS12_free(pkcs12);
-        wc_FreeRng(&rng);
-        return NULL;
-    }
-
-    /* create MAC */
-    if (macIter > 0) {
-        MacData* mac;
-        byte digest[WC_MAX_DIGEST_SIZE]; /* for MAC */
-
-        mac = (MacData*)XMALLOC(sizeof(MacData), heap, DYNAMIC_TYPE_PKCS);
-        if (mac == NULL) {
-            wc_PKCS12_free(pkcs12);
-            wc_FreeRng(&rng);
-            WOLFSSL_MSG("Error malloc'ing mac data buffer");
-            return NULL;
-        }
-        XMEMSET(mac, 0, sizeof(MacData));
-        pkcs12->signData = mac; /* now wc_PKCS12_free will free all mac too */
-
-        #ifndef NO_SHA256
-            mac->oid = SHA256h;
-        #elif !defined(NO_SHA)
-            mac->oid = SHA;
-        #elif defined(WOLFSSL_SHA384)
-            mac->oid = SHA384;
-        #elif defined(WOLFSSL_SHA512)
-            mac->oid = SHA512;
-        #else
-            WOLFSSL_MSG("No supported hash algorithm compiled in!");
-            wc_PKCS12_free(pkcs12);
-            wc_FreeRng(&rng);
-            return NULL;
-        #endif
-
-        /* store number of iterations */
-        mac->itt = macIter;
-
-        /* set mac salt */
-        mac->saltSz = WC_PKCS12_MAC_SALT_SZ;
-        mac->salt = (byte*)XMALLOC(WC_PKCS12_MAC_SALT_SZ, heap,
-                DYNAMIC_TYPE_PKCS);
-        if (mac->salt == NULL) {
-            wc_PKCS12_free(pkcs12);
-            wc_FreeRng(&rng);
-            WOLFSSL_MSG("Error malloc'ing salt data buffer");
-            return NULL;
-        }
-
-        if (wc_RNG_GenerateBlock(&rng, mac->salt, mac->saltSz) != 0) {
-            WOLFSSL_MSG("Error generating random salt");
-            wc_PKCS12_free(pkcs12);
-            wc_FreeRng(&rng);
-            return NULL;
-        }
-        ret = wc_PKCS12_create_mac(pkcs12, pkcs12->safe->data,
-                pkcs12->safe->dataSz, (const byte*)pass, passSz, digest,
-                WC_MAX_DIGEST_SIZE);
-        if (ret < 0) {
-            wc_PKCS12_free(pkcs12);
-            wc_FreeRng(&rng);
-            WOLFSSL_MSG("Error creating mac");
-            WOLFSSL_LEAVE("wc_PKCS12_create", ret);
-            return NULL;
-        }
-
-        mac->digestSz = (word32)ret;
-        mac->digest = (byte*)XMALLOC((size_t)ret, heap, DYNAMIC_TYPE_PKCS);
-        if (mac->digest == NULL) {
-            WOLFSSL_MSG("Error malloc'ing mac digest buffer");
-            wc_PKCS12_free(pkcs12);
-            wc_FreeRng(&rng);
-            return NULL;
-        }
-        XMEMCPY(mac->digest, digest, mac->digestSz);
-    }
-    else {
-        pkcs12->signData = NULL;
-    }
-
-    wc_FreeRng(&rng);
-    (void)name;
-    (void)keyType;
-
-    return pkcs12;
-}
-
-
-/* if using a specific memory heap */
-int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap)
-{
-    if (pkcs12 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    pkcs12->heap = heap;
-
-    return 0;
-}
-
-
-/* getter for heap */
-void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12)
-{
-    if (pkcs12 == NULL) {
-        return NULL;
-    }
-
-    return pkcs12->heap;
-}
-
-#undef ERROR_OUT
-
-#endif /* HAVE_PKCS12 && !NO_ASN && !NO_PWDBASED && !NO_HMAC */
diff --git a/src/ssl/wolfssl/wolfcrypt/pkcs7.c b/src/ssl/wolfssl/wolfcrypt/pkcs7.c
deleted file mode 100644
index c529a098d..000000000
--- a/src/ssl/wolfssl/wolfcrypt/pkcs7.c
+++ /dev/null
@@ -1,15397 +0,0 @@
-/* pkcs7.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_PKCS7
-
-#include <wolfssl/wolfcrypt/pkcs7.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#ifndef NO_RSA
-    #include <wolfssl/wolfcrypt/rsa.h>
-#endif
-#ifdef HAVE_ECC
-    #include <wolfssl/wolfcrypt/ecc.h>
-#endif
-#ifdef HAVE_LIBZ
-    #include <wolfssl/wolfcrypt/compress.h>
-#endif
-#ifndef NO_PWDBASED
-    #include <wolfssl/wolfcrypt/pwdbased.h>
-#endif
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/* direction for processing, encoding or decoding */
-typedef enum {
-    WC_PKCS7_ENCODE,
-    WC_PKCS7_DECODE
-} pkcs7Direction;
-
-#define NO_USER_CHECK 0
-
-/* holds information about the signers */
-struct PKCS7SignerInfo {
-    int version;
-    byte  *sid;
-    word32 sidSz;
-};
-
-
-#ifndef WOLFSSL_PKCS7_MAX_DECOMPRESSION
-    /* 1031 comes from "Maximum Compression Factor" in the zlib tech document,
-     * typical compression is from 2:1 to 5:1 but there is rare cases where
-     * 1030.3:1 could happen (like a file with all 0's)
-     */
-    #define WOLFSSL_PKCS7_MAX_DECOMPRESSION 1031
-#endif
-
-#ifndef NO_PKCS7_STREAM
-
-#define MAX_PKCS7_STREAM_BUFFER 256
-struct PKCS7State {
-    byte* tmpCert;
-    byte* bufferPt;
-    byte* key;
-    byte* nonce;    /* stored nonce */
-    byte* aad;      /* additional data for AEAD algos */
-    byte* tag;      /* tag data for AEAD algos */
-    byte* content;
-    byte* buffer;   /* main internal read buffer */
-
-    wc_HashAlg  hashAlg;
-    enum wc_HashType hashType;
-    int   cntIdfCnt; /* count of in-definite length in content info */
-
-    /* stack variables to store for when returning */
-    word32 varOne;
-    int    varTwo;
-    int    varThree;
-
-    word32 vers;
-    word32 idx;      /* index read into current input buffer */
-    word32 maxLen;   /* sanity cap on maximum amount of data to allow
-                      * needed for GetSequence and other calls */
-    word32 length;   /* amount of data stored */
-    word32 bufferSz; /* size of internal buffer */
-    word32 expected; /* next amount of data expected, if needed */
-    word32 totalRd;  /* total amount of bytes read */
-    word32 nonceSz;  /* size of nonce stored */
-    word32 aadSz;    /* size of additional AEAD data */
-    word32 tagSz;    /* size of tag for AEAD */
-    word32 contentSz;
-    word32 currContIdx;   /* index of current content */
-    word32 currContSz;    /* size of current content */
-    word32 currContRmnSz; /* remaining size of current content */
-    word32 accumContSz;   /* size of accumulated content size */
-    int recipientSz; /* size of recipient set */
-    byte tmpIv[MAX_CONTENT_IV_SIZE]; /* store IV if needed */
-#ifdef WC_PKCS7_STREAM_DEBUG
-    word32 peakUsed; /* most bytes used for struct at any one time */
-    word32 peakRead; /* most bytes used by read buffer */
-#endif
-    WC_BITFIELD multi:1;  /* flag for if content is in multiple parts */
-    WC_BITFIELD flagOne:1;
-    WC_BITFIELD detached:1; /* flag to indicate detached signature is present */
-    WC_BITFIELD noContent:1;/* indicates content isn't included in bundle */
-    WC_BITFIELD degenerate:1;
-    WC_BITFIELD indefLen:1; /* flag to indicate indef-length encoding used */
-};
-
-
-/* creates a PKCS7State structure and returns 0 on success */
-static int wc_PKCS7_CreateStream(wc_PKCS7* pkcs7)
-{
-    WOLFSSL_MSG("creating PKCS7 stream structure");
-    pkcs7->stream = (PKCS7State*)XMALLOC(sizeof(PKCS7State), pkcs7->heap,
-        DYNAMIC_TYPE_PKCS7);
-    if (pkcs7->stream == NULL) {
-        return MEMORY_E;
-    }
-    XMEMSET(pkcs7->stream, 0, sizeof(PKCS7State));
-#ifdef WC_PKCS7_STREAM_DEBUG
-    printf("\nCreating new PKCS#7 stream %p\n", pkcs7->stream);
-#endif
-    return 0;
-}
-
-
-static void wc_PKCS7_ResetStream(wc_PKCS7* pkcs7)
-{
-    if (pkcs7 != NULL && pkcs7->stream != NULL) {
-#ifdef WC_PKCS7_STREAM_DEBUG
-        /* collect final data point in case more was read right before reset */
-        if (pkcs7->stream->length > pkcs7->stream->peakRead) {
-            pkcs7->stream->peakRead = pkcs7->stream->length;
-        }
-        if (pkcs7->stream->bufferSz + pkcs7->stream->aadSz +
-                pkcs7->stream->nonceSz + pkcs7->stream->tagSz >
-                pkcs7->stream->peakUsed) {
-            pkcs7->stream->peakUsed = pkcs7->stream->bufferSz +
-                pkcs7->stream->aadSz + pkcs7->stream->nonceSz +
-                pkcs7->stream->tagSz;
-        }
-
-        /* print out debugging statistics */
-        if (pkcs7->stream->peakUsed > 0 || pkcs7->stream->peakRead > 0) {
-            printf("PKCS#7 STREAM:\n\tPeak heap used by struct = %d"
-                                 "\n\tPeak read buffer bytes   = %d"
-                                 "\n\tTotal bytes read         = %d"
-                                 "\n",
-                   pkcs7->stream->peakUsed, pkcs7->stream->peakRead,
-                   pkcs7->stream->totalRd);
-        }
-        printf("PKCS#7 stream reset : Address [%p]\n", pkcs7->stream);
-    #endif
-
-        /* free any buffers that may be allocated */
-        XFREE(pkcs7->stream->aad, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(pkcs7->stream->tag, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(pkcs7->stream->nonce, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(pkcs7->stream->buffer, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(pkcs7->stream->key, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->stream->aad    = NULL;
-        pkcs7->stream->tag    = NULL;
-        pkcs7->stream->nonce  = NULL;
-        pkcs7->stream->buffer = NULL;
-        pkcs7->stream->key    = NULL;
-
-        /* reset values, note that content and tmpCert are saved */
-        pkcs7->stream->maxLen   = 0;
-        pkcs7->stream->length   = 0;
-        pkcs7->stream->idx      = 0;
-        pkcs7->stream->expected = 0;
-        pkcs7->stream->totalRd  = 0;
-        pkcs7->stream->bufferSz = 0;
-
-        pkcs7->stream->multi    = 0;
-        pkcs7->stream->flagOne  = 0;
-        pkcs7->stream->detached = 0;
-        pkcs7->stream->varOne   = 0;
-        pkcs7->stream->varTwo   = 0;
-        pkcs7->stream->varThree = 0;
-        pkcs7->stream->noContent    = 0;
-        pkcs7->stream->indefLen     = 0;
-        pkcs7->stream->cntIdfCnt    = 0;
-        pkcs7->stream->currContIdx  = 0;
-        pkcs7->stream->currContSz   = 0;
-        pkcs7->stream->currContRmnSz= 0;
-        pkcs7->stream->accumContSz  = 0;
-        pkcs7->stream->contentSz    = 0;
-        pkcs7->stream->hashType     = WC_HASH_TYPE_NONE;
-    }
-}
-
-
-static void wc_PKCS7_FreeStream(wc_PKCS7* pkcs7)
-{
-    if (pkcs7 != NULL && pkcs7->stream != NULL) {
-        wc_PKCS7_ResetStream(pkcs7);
-
-        XFREE(pkcs7->stream->content, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(pkcs7->stream->tmpCert, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->stream->content = NULL;
-        pkcs7->stream->tmpCert = NULL;
-        XFREE(pkcs7->stream, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->stream = NULL;
-    }
-}
-
-
-/* used to increase the max size for internal buffer
- * returns 0 on success  */
-static int wc_PKCS7_GrowStream(wc_PKCS7* pkcs7, word32 newSz)
-{
-    byte* pt;
-    pt = (byte*)XMALLOC(newSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (pt == NULL) {
-        return MEMORY_E;
-    }
-
-    if (pkcs7->stream->buffer != NULL && pkcs7->stream->bufferSz > 0) {
-        XMEMCPY(pt, pkcs7->stream->buffer, pkcs7->stream->bufferSz);
-    }
-
-#ifdef WC_PKCS7_STREAM_DEBUG
-    printf("PKCS7 increasing internal stream buffer %d -> %d\n",
-            pkcs7->stream->bufferSz, newSz);
-#endif
-    pkcs7->stream->bufferSz = newSz;
-    XFREE(pkcs7->stream->buffer, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->stream->buffer = pt;
-    return 0;
-}
-
-
-/* pt gets set to the buffer that is holding data in the case that stream struct
- *    is used.
- *
- * Sets idx to be the current offset into "pt" buffer
- * returns 0 on success
- */
-static int wc_PKCS7_AddDataToStream(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-        word32 expected, byte** pt, word32* idx)
-{
-    word32 rdSz = pkcs7->stream->idx;
-
-    /* If the input size minus current index into input buffer is greater than
-     * the expected size then use the input buffer. If data is already stored
-     * in stream buffer or if there is not enough input data available then use
-     * the stream buffer. */
-    if (inSz - rdSz >= expected && pkcs7->stream->length == 0) {
-        /* storing input buffer is not needed */
-        *pt  = in; /* reset in case previously used internal buffer */
-        *idx = rdSz;
-        return 0;
-    }
-
-    /* is there enough stored in buffer already? */
-    if (pkcs7->stream->length >= expected) {
-        *idx = 0; /* start reading from beginning of stream buffer */
-        *pt  = pkcs7->stream->buffer;
-        return 0;
-    }
-
-    /* check if all data has been read from input */
-    if (rdSz >= inSz) {
-        /* no more input to read, reset input index and request more data */
-        pkcs7->stream->idx = 0;
-        return WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E);
-    }
-
-    /* try to store input data into stream buffer */
-    if (inSz - rdSz > 0 && pkcs7->stream->length < expected) {
-        word32 len = min(inSz - rdSz, expected - pkcs7->stream->length);
-
-        /* sanity check that the input buffer is not internal buffer */
-        if (in == pkcs7->stream->buffer) {
-            return WC_PKCS7_WANT_READ_E;
-        }
-
-        /* check if internal buffer size needs to be increased */
-        if ((len + pkcs7->stream->length > pkcs7->stream->bufferSz) ||
-            (pkcs7->stream->buffer == NULL))
-        {
-            int ret = wc_PKCS7_GrowStream(pkcs7, expected);
-            if (ret < 0) {
-                return ret;
-            }
-        }
-        XMEMCPY(pkcs7->stream->buffer + pkcs7->stream->length, in + rdSz, len);
-        pkcs7->stream->length  += len;
-        pkcs7->stream->idx     += len;
-        pkcs7->stream->totalRd += len;
-    }
-
-#ifdef WC_PKCS7_STREAM_DEBUG
-    /* collects memory usage for debugging */
-    if (pkcs7->stream->length > pkcs7->stream->peakRead) {
-        pkcs7->stream->peakRead = pkcs7->stream->length;
-    }
-    if (pkcs7->stream->bufferSz + pkcs7->stream->aadSz + pkcs7->stream->nonceSz +
-        pkcs7->stream->tagSz > pkcs7->stream->peakUsed) {
-        pkcs7->stream->peakUsed = pkcs7->stream->bufferSz +
-           pkcs7->stream->aadSz + pkcs7->stream->nonceSz + pkcs7->stream->tagSz;
-    }
-#endif
-
-    /* if not enough data was read in then request more */
-    if (pkcs7->stream->length < expected) {
-        pkcs7->stream->idx = 0;
-        return WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E);
-    }
-
-    /* adjust pointer to read from stored buffer */
-    *idx = 0;
-    *pt  = pkcs7->stream->buffer;
-    return 0;
-}
-
-
-/* setter function for stored variables */
-static void wc_PKCS7_StreamStoreVar(wc_PKCS7* pkcs7, word32 var1, int var2,
-        int var3)
-{
-    if (pkcs7 != NULL && pkcs7->stream != NULL) {
-        pkcs7->stream->varOne   = var1;
-        pkcs7->stream->varTwo   = var2;
-        pkcs7->stream->varThree = var3;
-    }
-}
-
-/* Tries to peek at the SEQ and get the length
- * returns 0 on success
- */
-static int wc_PKCS7_SetMaxStream(wc_PKCS7* pkcs7, byte* in, word32 defSz)
-{
-    /* check there is a buffer to read from */
-    if (pkcs7) {
-        int     length = 0, ret;
-        word32  idx = 0, maxIdx;
-        byte*   pt;
-
-        if (pkcs7->stream->length > 0) {
-            length = (int)pkcs7->stream->length;
-            pt     = pkcs7->stream->buffer;
-        }
-        else {
-            length = (int)defSz;
-            pt     = in;
-        }
-        maxIdx = (word32)length;
-
-        if (length < MAX_SEQ_SZ) {
-            WOLFSSL_MSG("PKCS7 Error not enough data for SEQ peek");
-            return 0;
-        }
-
-        if ((ret = GetSequence_ex(pt, &idx, &length, maxIdx, NO_USER_CHECK))
-                < 0) {
-            return ret;
-        }
-
-        if (length == 0 && ret == 0) {
-            idx = 0;
-            WOLFSSL_MSG("PKCS7 found indef SEQ with peek");
-        }
-
-        pkcs7->stream->maxLen = (word32)length + idx;
-
-        if (pkcs7->stream->maxLen == 0) {
-            pkcs7->stream->maxLen = defSz;
-        }
-    }
-
-    return 0;
-}
-
-
-/* getter function for stored variables */
-static void wc_PKCS7_StreamGetVar(wc_PKCS7* pkcs7, word32* var1, int* var2,
-        int* var3)
-{
-    if (pkcs7 != NULL && pkcs7->stream != NULL) {
-        if (var1 != NULL) *var1 = pkcs7->stream->varOne;
-        if (var2 != NULL) *var2 = pkcs7->stream->varTwo;
-        if (var3 != NULL) *var3 = pkcs7->stream->varThree;
-    }
-}
-
-
-/* common update of index and total read after section complete
- * returns 0 on success */
-static int wc_PKCS7_StreamEndCase(wc_PKCS7* pkcs7, word32* tmpIdx, word32* idx)
-{
-    int ret = 0;
-
-    if (pkcs7->stream->length > 0) {
-        if (pkcs7->stream->length < *idx) {
-            WOLFSSL_MSG("PKCS7 read too much data from internal buffer");
-            ret = BUFFER_E;
-        }
-        else {
-            XMEMMOVE(pkcs7->stream->buffer, pkcs7->stream->buffer + *idx,
-                 pkcs7->stream->length - *idx);
-            pkcs7->stream->length -= *idx;
-        }
-    }
-    else {
-        pkcs7->stream->totalRd += *idx - *tmpIdx;
-        pkcs7->stream->idx = *idx; /* adjust index into input buffer */
-        *tmpIdx = *idx;
-    }
-
-    return ret;
-}
-#endif /* NO_PKCS7_STREAM */
-
-#ifdef WC_PKCS7_STREAM_DEBUG
-/* used to print out human readable state for debugging */
-static const char* wc_PKCS7_GetStateName(int in)
-{
-    switch (in) {
-        case WC_PKCS7_START: return "WC_PKCS7_START";
-
-        case WC_PKCS7_STAGE2: return "WC_PKCS7_STAGE2";
-        case WC_PKCS7_STAGE3: return "WC_PKCS7_STAGE3";
-        case WC_PKCS7_STAGE4: return "WC_PKCS7_STAGE4";
-        case WC_PKCS7_STAGE5: return "WC_PKCS7_STAGE5";
-        case WC_PKCS7_STAGE6: return "WC_PKCS7_STAGE6";
-
-        /* parse info set */
-        case WC_PKCS7_INFOSET_START:  return "WC_PKCS7_INFOSET_START";
-        case WC_PKCS7_INFOSET_BER:    return "WC_PKCS7_INFOSET_BER";
-        case WC_PKCS7_INFOSET_STAGE1: return "WC_PKCS7_INFOSET_STAGE1";
-        case WC_PKCS7_INFOSET_STAGE2: return "WC_PKCS7_INFOSET_STAGE2";
-        case WC_PKCS7_INFOSET_END:    return "WC_PKCS7_INFOSET_END";
-
-        /* decode enveloped data */
-        case WC_PKCS7_ENV_2: return "WC_PKCS7_ENV_2";
-        case WC_PKCS7_ENV_3: return "WC_PKCS7_ENV_3";
-        case WC_PKCS7_ENV_4: return "WC_PKCS7_ENV_4";
-        case WC_PKCS7_ENV_5: return "WC_PKCS7_ENV_5";
-
-        /* decode auth enveloped */
-        case WC_PKCS7_AUTHENV_2: return "WC_PKCS7_AUTHENV_2";
-        case WC_PKCS7_AUTHENV_3: return "WC_PKCS7_AUTHENV_3";
-        case WC_PKCS7_AUTHENV_4: return "WC_PKCS7_AUTHENV_4";
-        case WC_PKCS7_AUTHENV_5: return "WC_PKCS7_AUTHENV_5";
-        case WC_PKCS7_AUTHENV_6: return "WC_PKCS7_AUTHENV_6";
-        case WC_PKCS7_AUTHENV_ATRB: return "WC_PKCS7_AUTHENV_ATRB";
-        case WC_PKCS7_AUTHENV_ATRBEND: return "WC_PKCS7_AUTHENV_ATRBEND";
-        case WC_PKCS7_AUTHENV_7: return "WC_PKCS7_AUTHENV_7";
-
-        /* decryption state types */
-        case WC_PKCS7_DECRYPT_KTRI:   return "WC_PKCS7_DECRYPT_KTRI";
-        case WC_PKCS7_DECRYPT_KTRI_2: return "WC_PKCS7_DECRYPT_KTRI_2";
-        case WC_PKCS7_DECRYPT_KTRI_3: return "WC_PKCS7_DECRYPT_KTRI_3";
-
-        case WC_PKCS7_DECRYPT_KARI:  return "WC_PKCS7_DECRYPT_KARI";
-        case WC_PKCS7_DECRYPT_KEKRI: return "WC_PKCS7_DECRYPT_KEKRI";
-        case WC_PKCS7_DECRYPT_PWRI:  return "WC_PKCS7_DECRYPT_PWRI";
-        case WC_PKCS7_DECRYPT_ORI:   return "WC_PKCS7_DECRYPT_ORI";
-        case WC_PKCS7_DECRYPT_DONE:  return "WC_PKCS7_DECRYPT_DONE";
-
-        case WC_PKCS7_VERIFY_STAGE2: return "WC_PKCS7_VERIFY_STAGE2";
-        case WC_PKCS7_VERIFY_STAGE3: return "WC_PKCS7_VERIFY_STAGE3";
-        case WC_PKCS7_VERIFY_STAGE4: return "WC_PKCS7_VERIFY_STAGE4";
-        case WC_PKCS7_VERIFY_STAGE5: return "WC_PKCS7_VERIFY_STAGE5";
-        case WC_PKCS7_VERIFY_STAGE6: return "WC_PKCS7_VERIFY_STAGE6";
-        case WC_PKCS7_VERIFY_STAGE7: return "WC_PKCS7_VERIFY_STAGE7";
-
-        default:
-            return "Unknown state";
-    }
-}
-#endif
-
-/* Used to change the PKCS7 state. Having state change as a function allows
- * for easier debugging */
-static void wc_PKCS7_ChangeState(wc_PKCS7* pkcs7, int newState)
-{
-#ifdef WC_PKCS7_STREAM_DEBUG
-    printf("\tChanging from state [%02d] %s to [%02d] %s\n",
-            pkcs7->state, wc_PKCS7_GetStateName(pkcs7->state),
-            newState, wc_PKCS7_GetStateName(newState));
-#endif
-    pkcs7->state = (word32)newState;
-}
-
-#define MAX_PKCS7_DIGEST_SZ (MAX_SEQ_SZ + MAX_ALGO_SZ + \
-                             MAX_OCTET_STR_SZ + WC_MAX_DIGEST_SIZE)
-
-
-/* placed ASN.1 contentType OID into *output, return idx on success,
- * 0 upon failure */
-static int wc_SetContentType(int pkcs7TypeOID, byte* output, word32 outputSz)
-{
-    /* PKCS#7 content types, RFC 2315, section 14 */
-    static const byte pkcs7[]              =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07 };
-    static const byte data[]               =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 };
-    static const byte signedData[]         =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02};
-    static const byte envelopedData[]      =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03 };
-    static const byte authEnvelopedData[]  =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x17};
-    static const byte signedAndEnveloped[] =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04 };
-    static const byte digestedData[]       =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05 };
-#ifndef NO_PKCS7_ENCRYPTED_DATA
-    static const byte encryptedData[]      =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 };
-#endif
-    /* FirmwarePkgData (1.2.840.113549.1.9.16.1.16), RFC 4108 */
-    static const byte firmwarePkgData[]    =
-        { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x10 };
-#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
-    /* id-ct-compressedData (1.2.840.113549.1.9.16.1.9), RFC 3274 */
-    static const byte compressedData[]     =
-       { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x09 };
-#endif
-
-#if !defined(NO_PWDBASED) && !defined(NO_SHA)
-    static const byte pwriKek[]            =
-       { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x03, 0x09 };
-    static const byte pbkdf2[]             =
-       { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C };
-#endif
-
-    word32 idSz, idx = 0;
-    word32 typeSz = 0;
-    const byte* typeName = 0;
-    byte ID_Length[MAX_LENGTH_SZ];
-
-    switch (pkcs7TypeOID) {
-        case PKCS7_MSG:
-            typeSz = sizeof(pkcs7);
-            typeName = pkcs7;
-            break;
-
-        case DATA:
-            typeSz = sizeof(data);
-            typeName = data;
-            break;
-
-        case SIGNED_DATA:
-            typeSz = sizeof(signedData);
-            typeName = signedData;
-            break;
-
-        case ENVELOPED_DATA:
-            typeSz = sizeof(envelopedData);
-            typeName = envelopedData;
-            break;
-
-        case AUTH_ENVELOPED_DATA:
-            typeSz = sizeof(authEnvelopedData);
-            typeName = authEnvelopedData;
-            break;
-
-        case SIGNED_AND_ENVELOPED_DATA:
-            typeSz = sizeof(signedAndEnveloped);
-            typeName = signedAndEnveloped;
-            break;
-
-        case DIGESTED_DATA:
-            typeSz = sizeof(digestedData);
-            typeName = digestedData;
-            break;
-
-#ifndef NO_PKCS7_ENCRYPTED_DATA
-        case ENCRYPTED_DATA:
-            typeSz = sizeof(encryptedData);
-            typeName = encryptedData;
-            break;
-#endif
-#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
-        case COMPRESSED_DATA:
-            typeSz = sizeof(compressedData);
-            typeName = compressedData;
-            break;
-#endif
-        case FIRMWARE_PKG_DATA:
-            typeSz = sizeof(firmwarePkgData);
-            typeName = firmwarePkgData;
-            break;
-
-#if !defined(NO_PWDBASED) && !defined(NO_SHA)
-        case PWRI_KEK_WRAP:
-            typeSz = sizeof(pwriKek);
-            typeName = pwriKek;
-            break;
-
-        case PBKDF2_OID:
-            typeSz = sizeof(pbkdf2);
-            typeName = pbkdf2;
-            break;
-#endif
-
-        default:
-            WOLFSSL_MSG("Unknown PKCS#7 Type");
-            return 0;
-    };
-
-    if (outputSz < (MAX_LENGTH_SZ + 1 + typeSz)) {
-        WOLFSSL_MSG("CMS content type buffer too small");
-        return BAD_FUNC_ARG;
-    }
-
-    idSz  = SetLength(typeSz, ID_Length);
-    output[idx++] = ASN_OBJECT_ID;
-    XMEMCPY(output + idx, ID_Length, idSz);
-    idx += idSz;
-    XMEMCPY(output + idx, typeName, typeSz);
-    idx += typeSz;
-
-    return (int)idx;
-}
-
-
-/* get ASN.1 contentType OID sum, return 0 on success, <0 on failure */
-static int wc_GetContentType(const byte* input, word32* inOutIdx, word32* oid,
-                             word32 maxIdx)
-{
-    WOLFSSL_ENTER("wc_GetContentType");
-    if (GetObjectId(input, inOutIdx, oid, oidIgnoreType, maxIdx) < 0) {
-        WOLFSSL_LEAVE("wc_GetContentType", ASN_PARSE_E);
-        return ASN_PARSE_E;
-    }
-
-    return 0;
-}
-
-
-/* return block size for algorithm represented by oid, or <0 on error */
-static int wc_PKCS7_GetOIDBlockSize(int oid)
-{
-    int blockSz;
-
-    switch (oid) {
-#ifndef NO_AES
-    #ifdef WOLFSSL_AES_128
-        #ifdef HAVE_AES_CBC
-        case AES128CBCb:
-        #endif
-        #ifdef HAVE_AESGCM
-        case AES128GCMb:
-        #endif
-        #ifdef HAVE_AESCCM
-        case AES128CCMb:
-        #endif
-    #endif
-    #ifdef WOLFSSL_AES_192
-        #ifdef HAVE_AES_CBC
-        case AES192CBCb:
-        #endif
-        #ifdef HAVE_AESGCM
-        case AES192GCMb:
-        #endif
-        #ifdef HAVE_AESCCM
-        case AES192CCMb:
-        #endif
-    #endif
-    #ifdef WOLFSSL_AES_256
-        #ifdef HAVE_AES_CBC
-        case AES256CBCb:
-        #endif
-        #ifdef HAVE_AESGCM
-        case AES256GCMb:
-        #endif
-        #ifdef HAVE_AESCCM
-        case AES256CCMb:
-        #endif
-    #endif
-            blockSz = WC_AES_BLOCK_SIZE;
-            break;
-#endif /* !NO_AES */
-
-#ifndef NO_DES3
-        case DESb:
-        case DES3b:
-            blockSz = DES_BLOCK_SIZE;
-            break;
-#endif
-        default:
-            WOLFSSL_MSG("Unsupported content cipher type");
-            return ALGO_ID_E;
-    };
-
-    return blockSz;
-}
-
-
-/* get key size for algorithm represented by oid, or <0 on error */
-static int wc_PKCS7_GetOIDKeySize(int oid)
-{
-    int blockKeySz;
-
-    switch (oid) {
-#ifndef NO_AES
-    #ifdef WOLFSSL_AES_128
-        #ifdef HAVE_AES_CBC
-        case AES128CBCb:
-        #endif
-        #ifdef HAVE_AESGCM
-        case AES128GCMb:
-        #endif
-        #ifdef HAVE_AESCCM
-        case AES128CCMb:
-        #endif
-        case AES128_WRAP:
-            blockKeySz = 16;
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_192
-        #ifdef HAVE_AES_CBC
-        case AES192CBCb:
-        #endif
-        #ifdef HAVE_AESGCM
-        case AES192GCMb:
-        #endif
-        #ifdef HAVE_AESCCM
-        case AES192CCMb:
-        #endif
-        case AES192_WRAP:
-            blockKeySz = 24;
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_256
-        #ifdef HAVE_AES_CBC
-        case AES256CBCb:
-        #endif
-        #ifdef HAVE_AESGCM
-        case AES256GCMb:
-        #endif
-        #ifdef HAVE_AESCCM
-        case AES256CCMb:
-        #endif
-        case AES256_WRAP:
-            blockKeySz = 32;
-            break;
-    #endif
-#endif /* !NO_AES */
-
-#ifndef NO_DES3
-        case DESb:
-            blockKeySz = DES_KEYLEN;
-            break;
-        case DES3b:
-            blockKeySz = DES3_KEYLEN;
-            break;
-#endif
-        default:
-            WOLFSSL_MSG("Unsupported content cipher type");
-            return ALGO_ID_E;
-    };
-
-    return blockKeySz;
-}
-
-
-wc_PKCS7* wc_PKCS7_New(void* heap, int devId)
-{
-    wc_PKCS7* pkcs7 = (wc_PKCS7*)XMALLOC(sizeof(wc_PKCS7), heap, DYNAMIC_TYPE_PKCS7);
-    if (pkcs7) {
-        XMEMSET(pkcs7, 0, sizeof(wc_PKCS7));
-        if (wc_PKCS7_Init(pkcs7, heap, devId) == 0) {
-            pkcs7->isDynamic = 1;
-        }
-        else {
-            XFREE(pkcs7, heap, DYNAMIC_TYPE_PKCS7);
-            pkcs7 = NULL;
-        }
-    }
-    return pkcs7;
-}
-
-/* This is to initialize a PKCS7 structure. It sets all values to 0 and can be
- * used to set the heap hint.
- *
- * pkcs7 PKCS7 structure to initialize
- * heap  memory heap hint for PKCS7 structure to use
- * devId currently not used but a place holder for async operations
- *
- * returns 0 on success or a negative value for failure
- */
-int wc_PKCS7_Init(wc_PKCS7* pkcs7, void* heap, int devId)
-{
-    word16 isDynamic;
-
-    WOLFSSL_ENTER("wc_PKCS7_Init");
-
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    isDynamic = pkcs7->isDynamic;
-    XMEMSET(pkcs7, 0, sizeof(wc_PKCS7));
-    pkcs7->isDynamic = (isDynamic != 0);
-#ifdef WOLFSSL_HEAP_TEST
-    pkcs7->heap = (void*)WOLFSSL_HEAP_TEST;
-#else
-    pkcs7->heap = heap;
-#endif
-    pkcs7->devId = devId;
-
-    return 0;
-}
-
-#ifdef WC_ASN_UNKNOWN_EXT_CB
-void wc_PKCS7_SetUnknownExtCallback(wc_PKCS7* pkcs7, wc_UnknownExtCallback cb)
-{
-    if (pkcs7 != NULL) {
-        pkcs7->unknownExtCallback = cb;
-    }
-}
-#endif
-
-/* Certificate structure holding der pointer, size, and pointer to next
- * Pkcs7Cert struct. Used when creating SignedData types with multiple
- * certificates. */
-struct Pkcs7Cert {
-    byte*  der;
-    word32 derSz;
-    Pkcs7Cert* next;
-};
-
-
-/* Linked list of ASN.1 encoded RecipientInfos */
-struct Pkcs7EncodedRecip {
-    byte recip[MAX_RECIP_SZ];
-    word32 recipSz;
-    int recipType;
-    int recipVersion;
-    Pkcs7EncodedRecip* next;
-};
-
-
-/* free all members of Pkcs7Cert linked list */
-static void wc_PKCS7_FreeCertSet(wc_PKCS7* pkcs7)
-{
-    Pkcs7Cert* curr = NULL;
-    Pkcs7Cert* next = NULL;
-
-    if (pkcs7 == NULL)
-        return;
-
-    curr = pkcs7->certList;
-    pkcs7->certList = NULL;
-
-    while (curr != NULL) {
-        next = curr->next;
-        curr->next = NULL;
-        XFREE(curr, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        curr = next;
-    }
-
-    return;
-}
-
-
-/* Get total size of all recipients in recipient list.
- *
- * Returns total size of recipients, or negative upon error */
-static int wc_PKCS7_GetRecipientListSize(wc_PKCS7* pkcs7)
-{
-    word32 totalSz = 0;
-    Pkcs7EncodedRecip* tmp = NULL;
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    tmp = pkcs7->recipList;
-
-    while (tmp != NULL) {
-        totalSz += tmp->recipSz;
-        tmp = tmp->next;
-    }
-
-    return (int)totalSz;
-}
-
-
-/* free all members of Pkcs7EncodedRecip linked list */
-static void wc_PKCS7_FreeEncodedRecipientSet(wc_PKCS7* pkcs7)
-{
-    Pkcs7EncodedRecip* curr = NULL;
-    Pkcs7EncodedRecip* next = NULL;
-
-    if (pkcs7 == NULL)
-        return;
-
-    curr = pkcs7->recipList;
-    pkcs7->recipList = NULL;
-
-    while (curr != NULL) {
-        next = curr->next;
-        curr->next = NULL;
-        XFREE(curr, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        curr = next;
-    }
-
-    return;
-}
-
-
-/* search through RecipientInfo list for specific type.
- * return 1 if ANY recipient of type specified is present, otherwise
- * return 0 */
-static int wc_PKCS7_RecipientListIncludesType(wc_PKCS7* pkcs7, int type)
-{
-    Pkcs7EncodedRecip* tmp = NULL;
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    tmp = pkcs7->recipList;
-
-    while (tmp != NULL) {
-        if (tmp->recipType == type)
-            return 1;
-
-        tmp = tmp->next;
-    }
-
-    return 0;
-}
-
-
-/* searches through RecipientInfo list, returns 1 if all structure
- * versions are set to 0, otherwise returns 0 */
-static int wc_PKCS7_RecipientListVersionsAllZero(wc_PKCS7* pkcs7)
-{
-    Pkcs7EncodedRecip* tmp = NULL;
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    tmp = pkcs7->recipList;
-
-    while (tmp != NULL) {
-        if (tmp->recipVersion != 0)
-            return 0;
-
-        tmp = tmp->next;
-    }
-
-    return 1;
-}
-
-/* Verify RSA/ECC key is correctly formatted, used as sanity check after
- * import of key/cert.
- *
- * keyOID - key OID (ex: RSAk, ECDSAk)
- * key    - key in DER
- * keySz  - size of key, octets
- *
- * Returns 0 on success, negative on error */
-static int wc_PKCS7_CheckPublicKeyDer(wc_PKCS7* pkcs7, int keyOID,
-                                      const byte* key, word32 keySz)
-{
-    int ret = 0;
-    word32 scratch = 0;
-#ifdef WOLFSSL_SMALL_STACK
-    #ifndef NO_RSA
-        RsaKey* rsa;
-    #endif
-    #ifdef HAVE_ECC
-        ecc_key* ecc;
-    #endif
-#else
-    #ifndef NO_RSA
-        RsaKey rsa[1];
-    #endif
-    #ifdef HAVE_ECC
-        ecc_key ecc[1];
-    #endif
-#endif
-
-    if (pkcs7 == NULL || key == NULL || keySz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    #ifndef NO_RSA
-        rsa = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap,
-                               DYNAMIC_TYPE_TMP_BUFFER);
-        if (rsa == NULL) {
-            return MEMORY_E;
-        }
-    #endif
-
-    #ifdef HAVE_ECC
-        ecc = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (ecc == NULL) {
-            #ifndef NO_RSA
-                XFREE(rsa, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            #endif
-            return MEMORY_E;
-        }
-    #endif
-#endif
-
-    switch (keyOID) {
-#ifndef NO_RSA
-        case RSAk:
-            ret = wc_InitRsaKey_ex(rsa, pkcs7->heap, pkcs7->devId);
-            if (ret != 0) {
-                break;
-            }
-
-            /* Try to decode public key as sanity check. wc_CheckRsaKey()
-               only checks private key not public. */
-            ret = wc_RsaPublicKeyDecode(key, &scratch, rsa, keySz);
-            wc_FreeRsaKey(rsa);
-
-            break;
-#endif
-#ifdef HAVE_ECC
-        case ECDSAk:
-            ret = wc_ecc_init_ex(ecc, pkcs7->heap, pkcs7->devId);
-            if (ret != 0) {
-                break;
-            }
-
-            /* Try to decode public key and check with wc_ecc_check_key() */
-            ret = wc_EccPublicKeyDecode(key, &scratch, ecc, keySz);
-        #if defined(WOLFSSL_VALIDATE_ECC_IMPORT)
-            if (ret == 0) {
-                ret = wc_ecc_check_key(ecc);
-            }
-        #endif
-            wc_ecc_free(ecc);
-
-            break;
-#endif
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    #ifndef NO_RSA
-        XFREE(rsa, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    #endif
-    #ifdef HAVE_ECC
-        XFREE(ecc, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    #endif
-#endif
-
-    return ret;
-}
-
-
-/* Init PKCS7 struct with recipient cert, decode into DecodedCert
- * NOTE: keeps previously set pkcs7 heap hint, devId and isDynamic */
-int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz)
-{
-    int ret = 0;
-    void* heap;
-    int devId;
-    Pkcs7Cert* cert;
-    Pkcs7Cert* lastCert;
-#ifdef WC_ASN_UNKNOWN_EXT_CB
-    wc_UnknownExtCallback cb;
-#endif
-
-    if (pkcs7 == NULL || (derCert == NULL && derCertSz != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    heap = pkcs7->heap;
-    devId = pkcs7->devId;
-    cert = pkcs7->certList;
-#ifdef WC_ASN_UNKNOWN_EXT_CB
-    cb = pkcs7->unknownExtCallback; /* save / restore callback */
-#endif
-    ret = wc_PKCS7_Init(pkcs7, heap, devId);
-    if (ret != 0)
-        return ret;
-
-#ifdef WC_ASN_UNKNOWN_EXT_CB
-    pkcs7->unknownExtCallback = cb;
-#endif
-    pkcs7->certList = cert;
-
-    if (derCert != NULL && derCertSz > 0) {
-#ifdef WOLFSSL_SMALL_STACK
-        DecodedCert* dCert;
-
-        dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), pkcs7->heap,
-                                                       DYNAMIC_TYPE_DCERT);
-        if (dCert == NULL)
-            return MEMORY_E;
-#else
-        DecodedCert dCert[1];
-#endif
-
-        pkcs7->singleCert = derCert;
-        pkcs7->singleCertSz = derCertSz;
-        pkcs7->cert[0] = derCert;
-        pkcs7->certSz[0] = derCertSz;
-
-        /* create new Pkcs7Cert for recipient, freed during cleanup */
-        cert = (Pkcs7Cert*)XMALLOC(sizeof(Pkcs7Cert), pkcs7->heap,
-                                   DYNAMIC_TYPE_PKCS7);
-        if (cert == NULL) {
-            WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-            return MEMORY_E;
-        }
-        XMEMSET(cert, 0, sizeof(Pkcs7Cert));
-        cert->der = derCert;
-        cert->derSz = derCertSz;
-        cert->next = NULL;
-
-        /* free existing cert list if existing */
-        wc_PKCS7_FreeCertSet(pkcs7);
-
-        /* add cert to list */
-        if (pkcs7->certList == NULL) {
-            pkcs7->certList = cert;
-        } else {
-           lastCert = pkcs7->certList;
-           while (lastCert->next != NULL) {
-               lastCert = lastCert->next;
-           }
-           lastCert->next = cert;
-        }
-
-        InitDecodedCert(dCert, derCert, derCertSz, pkcs7->heap);
-#ifdef WC_ASN_UNKNOWN_EXT_CB
-        if (pkcs7->unknownExtCallback != NULL)
-            wc_SetUnknownExtCallback(dCert, pkcs7->unknownExtCallback);
-#endif
-        ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0);
-        if (ret < 0) {
-            FreeDecodedCert(dCert);
-            WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-            return ret;
-        }
-
-        /* verify extracted public key is valid before storing */
-        ret = wc_PKCS7_CheckPublicKeyDer(pkcs7, (int)dCert->keyOID,
-                                         dCert->publicKey, dCert->pubKeySize);
-        if (ret != 0) {
-            WOLFSSL_MSG("Invalid public key, check pkcs7->cert");
-            FreeDecodedCert(dCert);
-            WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-            return ret;
-        }
-
-        if (dCert->pubKeySize > (MAX_RSA_INT_SZ + MAX_RSA_E_SZ) ||
-            dCert->serialSz > MAX_SN_SZ) {
-            WOLFSSL_MSG("Invalid size in certificate");
-            FreeDecodedCert(dCert);
-            WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-            return ASN_PARSE_E;
-        }
-
-        XMEMCPY(pkcs7->publicKey, dCert->publicKey, dCert->pubKeySize);
-        pkcs7->publicKeySz = dCert->pubKeySize;
-        pkcs7->publicKeyOID = dCert->keyOID;
-        XMEMCPY(pkcs7->issuerHash, dCert->issuerHash, KEYID_SIZE);
-        pkcs7->issuer = dCert->issuerRaw;
-        pkcs7->issuerSz = (word32)dCert->issuerRawLen;
-        XMEMCPY(pkcs7->issuerSn, dCert->serial, (word32)dCert->serialSz);
-        pkcs7->issuerSnSz = (word32)dCert->serialSz;
-        XMEMCPY(pkcs7->issuerSubjKeyId, dCert->extSubjKeyId, KEYID_SIZE);
-
-        /* default to IssuerAndSerialNumber for SignerIdentifier */
-        pkcs7->sidType = CMS_ISSUER_AND_SERIAL_NUMBER;
-
-        /* free existing recipient list if existing */
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-
-        FreeDecodedCert(dCert);
-
-        WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-    }
-
-    return ret;
-}
-
-
-/* Adds one DER-formatted certificate to the internal PKCS7/CMS certificate
- * list, to be added as part of the certificates CertificateSet. Currently
- * used in SignedData content type.
- *
- * Must be called after wc_PKCS7_Init() or wc_PKCS7_InitWithCert().
- *
- * Does not represent the recipient/signer certificate, only certificates that
- * are part of the certificate chain used to build and verify signer
- * certificates.
- *
- * This API does not currently validate certificates.
- *
- * Returns 0 on success, negative upon error */
-int wc_PKCS7_AddCertificate(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz)
-{
-    Pkcs7Cert* cert;
-
-    if (pkcs7 == NULL || derCert == NULL || derCertSz == 0)
-        return BAD_FUNC_ARG;
-
-    cert = (Pkcs7Cert*)XMALLOC(sizeof(Pkcs7Cert), pkcs7->heap,
-                               DYNAMIC_TYPE_PKCS7);
-    if (cert == NULL)
-        return MEMORY_E;
-    XMEMSET(cert, 0, sizeof(Pkcs7Cert));
-
-    cert->der = derCert;
-    cert->derSz = derCertSz;
-
-    if (pkcs7->certList == NULL) {
-        pkcs7->certList = cert;
-    } else {
-        cert->next = pkcs7->certList;
-        pkcs7->certList = cert;
-    }
-
-    return 0;
-}
-
-
-/* free linked list of PKCS7DecodedAttrib structs */
-static void wc_PKCS7_FreeDecodedAttrib(PKCS7DecodedAttrib* attrib, void* heap)
-{
-    PKCS7DecodedAttrib* current;
-
-    if (attrib == NULL) {
-        return;
-    }
-
-    current = attrib;
-    while (current != NULL) {
-        PKCS7DecodedAttrib* next = current->next;
-        XFREE(current->oid, heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(current->value, heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(current, heap, DYNAMIC_TYPE_PKCS7);
-        current = next;
-    }
-
-    (void)heap;
-}
-
-
-/* return 0 on success */
-static int wc_PKCS7_SignerInfoNew(wc_PKCS7* pkcs7)
-{
-    XFREE(pkcs7->signerInfo, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->signerInfo = NULL;
-
-    pkcs7->signerInfo = (PKCS7SignerInfo*)XMALLOC(sizeof(PKCS7SignerInfo),
-            pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (pkcs7->signerInfo == NULL) {
-        WOLFSSL_MSG("Unable to malloc memory for signer info");
-        return MEMORY_E;
-    }
-    XMEMSET(pkcs7->signerInfo, 0, sizeof(PKCS7SignerInfo));
-    return 0;
-}
-
-
-static void wc_PKCS7_SignerInfoFree(wc_PKCS7* pkcs7)
-{
-    if (pkcs7->signerInfo != NULL) {
-        XFREE(pkcs7->signerInfo->sid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->signerInfo->sid = NULL;
-        XFREE(pkcs7->signerInfo, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->signerInfo = NULL;
-    }
-}
-
-
-/* free's any current SID and sets it to "in"
- * returns 0 on success
- */
-static int wc_PKCS7_SignerInfoSetSID(wc_PKCS7* pkcs7, byte* in, int inSz)
-{
-    if (pkcs7 == NULL || in == NULL || inSz < 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    XFREE(pkcs7->signerInfo->sid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->signerInfo->sid = NULL;
-    pkcs7->signerInfo->sid = (byte*)XMALLOC((word32)inSz, pkcs7->heap,
-            DYNAMIC_TYPE_PKCS7);
-    if (pkcs7->signerInfo->sid == NULL) {
-        return MEMORY_E;
-    }
-    XMEMCPY(pkcs7->signerInfo->sid, in, (word32)inSz);
-    pkcs7->signerInfo->sidSz = (word32)inSz;
-    return 0;
-}
-
-
-/* releases any memory allocated by a PKCS7 initializer */
-void wc_PKCS7_Free(wc_PKCS7* pkcs7)
-{
-    if (pkcs7 == NULL)
-        return;
-
-#ifndef NO_PKCS7_STREAM
-    wc_PKCS7_FreeStream(pkcs7);
-#endif
-
-    wc_PKCS7_SignerInfoFree(pkcs7);
-    wc_PKCS7_FreeDecodedAttrib(pkcs7->decodedAttrib, pkcs7->heap);
-    pkcs7->decodedAttrib = NULL;
-    wc_PKCS7_FreeCertSet(pkcs7);
-
-#ifdef ASN_BER_TO_DER
-    XFREE(pkcs7->der, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->der = NULL;
-#endif
-    XFREE(pkcs7->contentDynamic, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->contentDynamic = NULL;
-
-    if (pkcs7->cek != NULL) {
-        ForceZero(pkcs7->cek, pkcs7->cekSz);
-        XFREE(pkcs7->cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->cek = NULL;
-    }
-
-    pkcs7->contentTypeSz = 0;
-
-    if (pkcs7->signature) {
-        XFREE(pkcs7->signature, pkcs7->heap, DYNAMIC_TYPE_SIGNATURE);
-        pkcs7->signature = NULL;
-        pkcs7->signatureSz = 0;
-    }
-    if (pkcs7->plainDigest) {
-        XFREE(pkcs7->plainDigest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
-        pkcs7->plainDigest = NULL;
-        pkcs7->plainDigestSz = 0;
-    }
-    if (pkcs7->pkcs7Digest) {
-        XFREE(pkcs7->pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
-        pkcs7->pkcs7Digest = NULL;
-        pkcs7->pkcs7DigestSz = 0;
-    }
-    if (pkcs7->cachedEncryptedContent != NULL) {
-        XFREE(pkcs7->cachedEncryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->cachedEncryptedContent = NULL;
-        pkcs7->cachedEncryptedContentSz = 0;
-    }
-
-    if (pkcs7->customSKID) {
-        XFREE(pkcs7->customSKID, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->customSKID = NULL;
-        pkcs7->customSKIDSz = 0;
-    }
-
-    if (pkcs7->isDynamic) {
-        pkcs7->isDynamic = 0;
-        XFREE(pkcs7, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    }
-}
-
-
-/* helper function for parsing through attributes and finding a specific one.
- * returns PKCS7DecodedAttrib pointer on success */
-static PKCS7DecodedAttrib* findAttrib(wc_PKCS7* pkcs7, const byte* oid, word32 oidSz)
-{
-    PKCS7DecodedAttrib* list;
-
-    if (pkcs7 == NULL || oid == NULL) {
-        return NULL;
-    }
-
-    /* search attributes for pkiStatus */
-    list = pkcs7->decodedAttrib;
-    while (list != NULL) {
-        word32 sz  = oidSz;
-        word32 idx = 0;
-        int    length = 0;
-        byte   tag;
-
-        if (GetASNTag(list->oid, &idx, &tag, list->oidSz) < 0) {
-            return NULL;
-        }
-        if (tag != ASN_OBJECT_ID) {
-            WOLFSSL_MSG("Bad attribute ASN1 syntax");
-            return NULL;
-        }
-
-        if (GetLength(list->oid, &idx, &length, list->oidSz) < 0) {
-            WOLFSSL_MSG("Bad attribute length");
-            return NULL;
-        }
-
-        sz = (sz < (word32)length)? sz : (word32)length;
-        if (XMEMCMP(oid, list->oid + idx, sz) == 0) {
-            return list;
-        }
-        list = list->next;
-    }
-    return NULL;
-}
-
-
-/* Searches through decoded attributes and returns the value for the first one
- * matching the oid passed in. Note that this value includes the leading ASN1
- * syntax. So for a printable string of "3" this would be something like
- *
- * 0x13, 0x01, 0x33
- *  ID   SIZE  "3"
- *
- * pkcs7  structure to get value from
- * oid    OID value to search for with attributes
- * oidSz  size of oid buffer
- * out    buffer to hold result
- * outSz  size of out buffer (if out is NULL this is set to needed size and
-          LENGTH_ONLY_E is returned)
- *
- * returns size of value on success
- */
-int wc_PKCS7_GetAttributeValue(wc_PKCS7* pkcs7, const byte* oid, word32 oidSz,
-        byte* out, word32* outSz)
-{
-    PKCS7DecodedAttrib* attrib;
-
-    if (pkcs7 == NULL || oid == NULL || outSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    attrib = findAttrib(pkcs7, oid, oidSz);
-    if (attrib == NULL) {
-        return ASN_PARSE_E;
-    }
-
-    if (out == NULL) {
-        *outSz = attrib->valueSz;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if (*outSz < attrib->valueSz) {
-        return BUFFER_E;
-    }
-
-    XMEMCPY(out, attrib->value, attrib->valueSz);
-    return (int)attrib->valueSz;
-}
-
-
-/* build PKCS#7 data content type */
-int wc_PKCS7_EncodeData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
-{
-    static const byte oid[] =
-        { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
-                         0x07, 0x01 };
-    byte seq[MAX_SEQ_SZ];
-    byte octetStr[MAX_OCTET_STR_SZ];
-    word32 seqSz;
-    word32 octetStrSz;
-    word32 oidSz = (word32)sizeof(oid);
-    word32 idx = 0;
-
-    if (pkcs7 == NULL || output == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    octetStrSz = SetOctetString(pkcs7->contentSz, octetStr);
-    seqSz = SetSequence(pkcs7->contentSz + octetStrSz + oidSz, seq);
-
-    if (outputSz < pkcs7->contentSz + octetStrSz + oidSz + seqSz)
-        return BUFFER_E;
-
-    XMEMCPY(output, seq, seqSz);
-    idx += seqSz;
-    XMEMCPY(output + idx, oid, oidSz);
-    idx += oidSz;
-    XMEMCPY(output + idx, octetStr, octetStrSz);
-    idx += octetStrSz;
-    XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz);
-    idx += pkcs7->contentSz;
-
-    return (int)idx;
-}
-
-
-typedef struct EncodedAttrib {
-    byte valueSeq[MAX_SEQ_SZ];
-        const byte* oid;
-        byte valueSet[MAX_SET_SZ];
-        const byte* value;
-    word32 valueSeqSz, oidSz, idSz, valueSetSz, valueSz, totalSz;
-} EncodedAttrib;
-
-
-typedef struct ESD {
-    wc_HashAlg  hash;
-    enum wc_HashType hashType;
-    byte contentDigest[WC_MAX_DIGEST_SIZE + 2]; /* content only + ASN.1 heading */
-    WC_BITFIELD contentDigestSet:1;
-    byte contentAttribsDigest[WC_MAX_DIGEST_SIZE];
-    byte encContentDigest[MAX_ENCRYPTED_KEY_SZ];
-
-    byte outerSeq[MAX_SEQ_SZ];
-        byte outerContent[MAX_EXP_SZ];
-            byte innerSeq[MAX_SEQ_SZ];
-                byte version[MAX_VERSION_SZ];
-                byte digAlgoIdSet[MAX_SET_SZ];
-                    byte singleDigAlgoId[MAX_ALGO_SZ];
-
-                byte contentInfoSeq[MAX_SEQ_SZ];
-                    byte innerContSeq[MAX_EXP_SZ];
-                        byte innerOctets[MAX_OCTET_STR_SZ];
-
-                byte certsSet[MAX_SET_SZ];
-
-                byte signerInfoSet[MAX_SET_SZ];
-                    byte signerInfoSeq[MAX_SEQ_SZ];
-                        byte signerVersion[MAX_VERSION_SZ];
-                        /* issuerAndSerialNumber ...*/
-                        byte issuerSnSeq[MAX_SEQ_SZ];
-                            byte issuerName[MAX_SEQ_SZ];
-                            byte issuerSn[MAX_SN_SZ];
-                        /* OR subjectKeyIdentifier */
-                        byte issuerSKIDSeq[MAX_SEQ_SZ];
-                            byte issuerSKID[MAX_OCTET_STR_SZ];
-                        byte signerDigAlgoId[MAX_ALGO_SZ];
-                        byte digEncAlgoId[MAX_ALGO_SZ];
-                        byte signedAttribSet[MAX_SET_SZ];
-                            EncodedAttrib signedAttribs[7];
-                        byte signerDigest[MAX_OCTET_STR_SZ];
-    word32 innerOctetsSz, innerContSeqSz, contentInfoSeqSz;
-    word32 outerSeqSz, outerContentSz, innerSeqSz, versionSz, digAlgoIdSetSz,
-           singleDigAlgoIdSz, certsSetSz;
-    word32 signerInfoSetSz, signerInfoSeqSz, signerVersionSz,
-           issuerSnSeqSz, issuerNameSz, issuerSnSz, issuerSKIDSz,
-           issuerSKIDSeqSz, signerDigAlgoIdSz, digEncAlgoIdSz, signerDigestSz;
-    word32 encContentDigestSz, signedAttribsSz, signedAttribsCount,
-           signedAttribSetSz;
-} ESD;
-
-
-static int EncodeAttributes(EncodedAttrib* ea, int eaSz,
-                                            PKCS7Attrib* attribs, int attribsSz)
-{
-    int i;
-    int maxSz = (int)min((word32)eaSz, (word32)attribsSz);
-    int allAttribsSz = 0;
-
-    for (i = 0; i < maxSz; i++)
-    {
-        word32 attribSz = 0;
-
-        ea[i].value = attribs[i].value;
-        ea[i].valueSz = attribs[i].valueSz;
-        attribSz += ea[i].valueSz;
-        ea[i].valueSetSz = SetSet(attribSz, ea[i].valueSet);
-        attribSz += ea[i].valueSetSz;
-        ea[i].oid = attribs[i].oid;
-        ea[i].oidSz = attribs[i].oidSz;
-        attribSz += ea[i].oidSz;
-        ea[i].valueSeqSz = SetSequence(attribSz, ea[i].valueSeq);
-        attribSz += ea[i].valueSeqSz;
-        ea[i].totalSz = attribSz;
-
-        allAttribsSz += (int)attribSz;
-    }
-    return allAttribsSz;
-}
-
-
-typedef struct FlatAttrib {
-    byte* data;
-    word32 dataSz;
-} FlatAttrib;
-
-/* Returns a pointer to FlatAttrib whose members are initialized to 0.
-*  Caller is expected to free.
-*/
-static FlatAttrib* NewAttrib(void* heap)
-{
-    FlatAttrib* fb = (FlatAttrib*) XMALLOC(sizeof(FlatAttrib), heap,
-                                                   DYNAMIC_TYPE_TMP_BUFFER);
-    if (fb != NULL) {
-        ForceZero(fb, sizeof(FlatAttrib));
-    }
-    (void)heap;
-    return fb;
-}
-
-/* Free FlatAttrib array and memory allocated to internal struct members */
-static void FreeAttribArray(wc_PKCS7* pkcs7, FlatAttrib** arr, int rows)
-{
-    int i;
-
-    if (arr) {
-        for (i = 0; i < rows; i++) {
-            if (arr[i]) {
-                if (arr[i]->data) {
-                    ForceZero(arr[i]->data, arr[i]->dataSz);
-                    XFREE(arr[i]->data, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                }
-                ForceZero(arr[i], sizeof(FlatAttrib));
-                XFREE(arr[i], pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            }
-        }
-        ForceZero(arr, (word32)rows);
-        XFREE(arr, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    (void)pkcs7;
-}
-
-
-/* Sort FlatAttrib array in ascending order */
-static int SortAttribArray(FlatAttrib** arr, int rows)
-{
-    int i, j;
-    word32 minSz, minIdx;
-    FlatAttrib* a   = NULL;
-    FlatAttrib* b   = NULL;
-    FlatAttrib* tmp = NULL;
-
-    if (arr == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    for (i = 0; i < rows; i++) {
-        a = arr[i];
-        minSz = a->dataSz;
-        minIdx = (word32)i;
-        for (j = i+1; j < rows; j++) {
-            b = arr[j];
-            if (b->dataSz < minSz) {
-                minSz = b->dataSz;
-                minIdx = (word32)j;
-            }
-        }
-        if (minSz < a->dataSz) {
-            /* swap array positions */
-            tmp = arr[i];
-            arr[i] = arr[minIdx];
-            arr[minIdx] = tmp;
-        }
-    }
-
-    return 0;
-}
-
-
-/* Build up array of FlatAttrib structs from EncodedAttrib ones. FlatAttrib
- * holds flattened DER encoding of each attribute */
-static int FlattenEncodedAttribs(wc_PKCS7* pkcs7, FlatAttrib** derArr, int rows,
-                                 EncodedAttrib* ea, int eaSz)
-{
-    int i;
-    word32 idx, sz;
-    byte* output   = NULL;
-    FlatAttrib* fa = NULL;
-
-    if (pkcs7 == NULL || derArr == NULL || ea == NULL) {
-        WOLFSSL_MSG("Invalid arguments to FlattenEncodedAttribs");
-        return BAD_FUNC_ARG;
-    }
-
-    if (rows != eaSz) {
-        WOLFSSL_MSG("DER array not large enough to hold attribute count");
-        return BAD_FUNC_ARG;
-    }
-
-    for (i = 0; i < eaSz; i++) {
-        sz = ea[i].valueSeqSz + ea[i].oidSz + ea[i].valueSetSz + ea[i].valueSz;
-
-        output = (byte*)XMALLOC(sz, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (output == NULL) {
-            return MEMORY_E;
-        }
-
-        idx = 0;
-        XMEMCPY(output + idx, ea[i].valueSeq, ea[i].valueSeqSz);
-        idx += ea[i].valueSeqSz;
-        XMEMCPY(output + idx, ea[i].oid, ea[i].oidSz);
-        idx += ea[i].oidSz;
-        XMEMCPY(output + idx, ea[i].valueSet, ea[i].valueSetSz);
-        idx += ea[i].valueSetSz;
-        XMEMCPY(output + idx, ea[i].value, ea[i].valueSz);
-
-        fa = derArr[i];
-        fa->data = output;
-        fa->dataSz = sz;
-    }
-
-    return 0;
-}
-
-
-/* Sort and Flatten EncodedAttrib attributes into output buffer */
-static int FlattenAttributes(wc_PKCS7* pkcs7, byte* output, EncodedAttrib* ea,
-                             int eaSz)
-{
-    int i, ret;
-    word32 idx;
-    FlatAttrib** derArr = NULL;
-    FlatAttrib*  fa     = NULL;
-
-    if (pkcs7 == NULL || output == NULL || ea == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* create array of FlatAttrib struct pointers to hold DER attribs */
-    derArr = (FlatAttrib**) XMALLOC((unsigned long)eaSz * sizeof(FlatAttrib*),
-        pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (derArr == NULL) {
-        return MEMORY_E;
-    }
-    XMEMSET(derArr, 0, (unsigned long)eaSz * sizeof(FlatAttrib*));
-
-    for (i = 0; i < eaSz; i++) {
-        derArr[i] = NewAttrib(pkcs7->heap);
-        if (derArr[i] == NULL) {
-            FreeAttribArray(pkcs7, derArr, eaSz);
-            return MEMORY_E;
-        }
-        ForceZero(derArr[i], sizeof(FlatAttrib));
-    }
-
-    /* flatten EncodedAttrib into DER byte arrays */
-    ret = FlattenEncodedAttribs(pkcs7, derArr, eaSz, ea, eaSz);
-    if (ret != 0) {
-        FreeAttribArray(pkcs7, derArr, eaSz);
-        return ret;
-    }
-
-    /* SET OF DER signed attributes must be sorted in ascending order */
-    ret = SortAttribArray(derArr, eaSz);
-    if (ret != 0) {
-        FreeAttribArray(pkcs7, derArr, eaSz);
-        return ret;
-    }
-
-    /* copy sorted DER attribute arrays into output buffer */
-    idx = 0;
-    for (i = 0; i < eaSz; i++) {
-        fa = derArr[i];
-        XMEMCPY(output + idx, fa->data, fa->dataSz);
-        idx += fa->dataSz;
-    }
-
-    FreeAttribArray(pkcs7, derArr, eaSz);
-
-    return 0;
-}
-
-
-#ifndef NO_RSA
-
-static int wc_PKCS7_ImportRSA(wc_PKCS7* pkcs7, RsaKey* privKey)
-{
-    int ret;
-    word32 idx;
-
-    ret = wc_InitRsaKey_ex(privKey, pkcs7->heap, pkcs7->devId);
-    if (ret == 0) {
-        if (pkcs7->privateKey != NULL && pkcs7->privateKeySz > 0) {
-            idx = 0;
-            ret = wc_RsaPrivateKeyDecode(pkcs7->privateKey, &idx, privKey,
-                                         pkcs7->privateKeySz);
-            /* If not using old FIPS or CAVP selftest, or not using FAST,
-             * or USER RSA, able to check RSA key. */
-            if (ret == 0) {
-        #ifdef WOLFSSL_RSA_KEY_CHECK
-                /* verify imported private key is a valid key before using it */
-                ret = wc_CheckRsaKey(privKey);
-                if (ret != 0) {
-                    WOLFSSL_MSG("Invalid RSA private key, check "
-                                "pkcs7->privateKey");
-                }
-        #endif
-            }
-        #ifdef WOLF_CRYPTO_CB
-            else if (ret == WC_NO_ERR_TRACE(ASN_PARSE_E) &&
-                     pkcs7->devId != INVALID_DEVID) {
-                /* if using crypto callbacks, try public key decode */
-                idx = 0;
-                ret = wc_RsaPublicKeyDecode(pkcs7->privateKey, &idx, privKey,
-                                            pkcs7->privateKeySz);
-            }
-        #endif
-        }
-        else if (pkcs7->devId == INVALID_DEVID) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    return ret;
-}
-
-
-/* returns size of signature put into out, negative on error */
-static int wc_PKCS7_RsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd)
-{
-    int ret;
-    WC_DECLARE_VAR(privKey, RsaKey, 1, 0);
-
-    if (pkcs7 == NULL || pkcs7->rng == NULL || in == NULL || esd == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(privKey, RsaKey, 1, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    ret = wc_PKCS7_ImportRSA(pkcs7, privKey);
-    if (ret == 0) {
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        do {
-            ret = wc_AsyncWait(ret, &privKey->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-            if (ret >= 0)
-    #endif
-            {
-                ret = wc_RsaSSL_Sign(in, inSz, esd->encContentDigest,
-                                     sizeof(esd->encContentDigest),
-                                     privKey, pkcs7->rng);
-            }
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-    #endif
-    }
-
-    wc_FreeRsaKey(privKey);
-    WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-#endif /* NO_RSA */
-
-
-#ifdef HAVE_ECC
-
-static int wc_PKCS7_ImportECC(wc_PKCS7* pkcs7, ecc_key* privKey)
-{
-    int ret;
-    word32 idx;
-
-    ret = wc_ecc_init_ex(privKey, pkcs7->heap, pkcs7->devId);
-    if (ret == 0) {
-        if (pkcs7->privateKey != NULL && pkcs7->privateKeySz > 0) {
-            idx = 0;
-            ret = wc_EccPrivateKeyDecode(pkcs7->privateKey, &idx, privKey,
-                                         pkcs7->privateKeySz);
-            /* verify imported private key is a valid key before using it */
-            if (ret == 0) {
-                ret = wc_ecc_check_key(privKey);
-                if (ret != 0) {
-                    WOLFSSL_MSG("Invalid ECC private key, check "
-                                "pkcs7->privateKey");
-                }
-            }
-        #ifdef WOLF_CRYPTO_CB
-            else if (ret == WC_NO_ERR_TRACE(ASN_PARSE_E) &&
-                     pkcs7->devId != INVALID_DEVID) {
-                /* if using crypto callbacks, try public key decode */
-                idx = 0;
-                ret = wc_EccPublicKeyDecode(pkcs7->privateKey, &idx, privKey,
-                                            pkcs7->privateKeySz);
-            }
-        #endif
-        }
-        else if (pkcs7->devId == INVALID_DEVID) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    return ret;
-}
-
-
-/* returns size of signature put into out, negative on error */
-static int wc_PKCS7_EcdsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd)
-{
-    int ret;
-    word32 outSz;
-    WC_DECLARE_VAR(privKey, ecc_key, 1, 0);
-
-    if (pkcs7 == NULL || pkcs7->rng == NULL || in == NULL || esd == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(privKey, ecc_key, 1, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    ret = wc_PKCS7_ImportECC(pkcs7, privKey);
-    if (ret == 0) {
-        outSz = sizeof(esd->encContentDigest);
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        do {
-            ret = wc_AsyncWait(ret, &privKey->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-            if (ret >= 0)
-    #endif
-            {
-                ret = wc_ecc_sign_hash(in, inSz, esd->encContentDigest,
-                                       &outSz, pkcs7->rng, privKey);
-            }
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-    #endif
-        if (ret == 0)
-            ret = (int)outSz;
-    }
-
-    wc_ecc_free(privKey);
-    WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-#endif /* HAVE_ECC */
-
-/* returns encContentDigestSz based on the signature set to be used */
-static int wc_PKCS7_GetSignSize(wc_PKCS7* pkcs7)
-{
-    int ret = 0;
-
-    switch (pkcs7->publicKeyOID) {
-
-    #ifndef NO_RSA
-        case RSAk:
-        {
-        #ifndef WOLFSSL_SMALL_STACK
-            RsaKey  privKey[1];
-        #else
-            RsaKey* privKey;
-            privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            if (privKey == NULL)
-                return MEMORY_E;
-        #endif
-
-            ret = wc_PKCS7_ImportRSA(pkcs7, privKey);
-            if (ret == 0) {
-                ret = wc_RsaEncryptSize(privKey);
-            }
-            wc_FreeRsaKey(privKey);
-            WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-        break;
-    #endif
-
-    #ifdef HAVE_ECC
-        case ECDSAk:
-        {
-        #ifndef WOLFSSL_SMALL_STACK
-            ecc_key  privKey[1];
-        #else
-            ecc_key* privKey;
-            privKey = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            if (privKey == NULL)
-                return MEMORY_E;
-        #endif
-
-            ret = wc_PKCS7_ImportECC(pkcs7, privKey);
-            if (ret == 0) {
-                ret = wc_ecc_sig_size(privKey);
-            }
-            wc_ecc_free(privKey);
-            WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-        break;
-    #endif
-    }
-
-    return ret;
-}
-
-
-/* builds up SignedData signed attributes, including default ones.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- * esd   - pointer to initialized ESD structure, used for output
- *
- * return 0 on success, negative on error */
-static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd,
-                    const byte* contentType, word32 contentTypeSz,
-                    const byte* contentTypeOid, word32 contentTypeOidSz,
-                    const byte* messageDigestOid, word32 messageDigestOidSz,
-                    const byte* signingTimeOid, word32 signingTimeOidSz,
-                    byte* signingTime, word32 signingTimeSz)
-{
-    int hashSz;
-#ifdef NO_ASN_TIME
-    PKCS7Attrib cannedAttribs[2];
-#else
-    time_t tm;
-    int timeSz;
-    PKCS7Attrib cannedAttribs[3];
-#endif
-    word32 idx    = 0;
-    word32 atrIdx = 0;
-    word32 cannedAttribsCount;
-
-    if (pkcs7 == NULL || esd == NULL || contentType == NULL ||
-        contentTypeOid == NULL || messageDigestOid == NULL ||
-        signingTimeOid == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (pkcs7->defaultSignedAttribs != WOLFSSL_NO_ATTRIBUTES) {
-        hashSz = wc_HashGetDigestSize(esd->hashType);
-        if (hashSz < 0)
-            return hashSz;
-
-    #ifndef NO_ASN_TIME
-        if (signingTime == NULL || signingTimeSz == 0)
-            return BAD_FUNC_ARG;
-
-        tm = wc_Time(0);
-        timeSz = GetAsnTimeString(&tm, signingTime, signingTimeSz);
-        if (timeSz < 0)
-            return timeSz;
-    #endif
-
-        cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib);
-
-        XMEMSET(&cannedAttribs[idx], 0, sizeof(cannedAttribs[idx]));
-
-        if ((pkcs7->defaultSignedAttribs & WOLFSSL_CONTENT_TYPE_ATTRIBUTE) ||
-            pkcs7->defaultSignedAttribs == 0) {
-            cannedAttribs[idx].oid     = contentTypeOid;
-            cannedAttribs[idx].oidSz   = contentTypeOidSz;
-            cannedAttribs[idx].value   = contentType;
-            cannedAttribs[idx].valueSz = contentTypeSz;
-            idx++;
-        }
-
-    #ifndef NO_ASN_TIME
-        if ((pkcs7->defaultSignedAttribs & WOLFSSL_SIGNING_TIME_ATTRIBUTE) ||
-            pkcs7->defaultSignedAttribs == 0) {
-            cannedAttribs[idx].oid     = signingTimeOid;
-            cannedAttribs[idx].oidSz   = signingTimeOidSz;
-            cannedAttribs[idx].value   = signingTime;
-            cannedAttribs[idx].valueSz = (word32)timeSz;
-            idx++;
-        }
-    #endif
-
-        if ((pkcs7->defaultSignedAttribs & WOLFSSL_MESSAGE_DIGEST_ATTRIBUTE) ||
-            pkcs7->defaultSignedAttribs == 0) {
-            cannedAttribs[idx].oid     = messageDigestOid;
-            cannedAttribs[idx].oidSz   = messageDigestOidSz;
-            cannedAttribs[idx].value   = esd->contentDigest;
-            cannedAttribs[idx].valueSz = (word32)hashSz + 2;  /* ASN.1 heading */
-            idx++;
-        }
-
-        esd->signedAttribsCount += cannedAttribsCount;
-        esd->signedAttribsSz += (word32)EncodeAttributes(
-            &esd->signedAttribs[atrIdx], (int)idx, cannedAttribs,
-            (int)cannedAttribsCount);
-        atrIdx += idx;
-    } else {
-        esd->signedAttribsCount = 0;
-        esd->signedAttribsSz = 0;
-    }
-
-    /* add custom signed attributes if set */
-    if (pkcs7->signedAttribsSz > 0 && pkcs7->signedAttribs != NULL) {
-        esd->signedAttribsCount += pkcs7->signedAttribsSz;
-        esd->signedAttribsSz += (word32)EncodeAttributes(
-            &esd->signedAttribs[atrIdx], (int)esd->signedAttribsCount,
-            pkcs7->signedAttribs, (int)pkcs7->signedAttribsSz);
-    }
-
-#ifdef NO_ASN_TIME
-    (void)signingTimeOidSz;
-    (void)signingTime;
-    (void)signingTimeSz;
-#endif
-
-    return 0;
-}
-
-
-/* gets correct encryption algo ID for SignedData, either CTC_<hash>wRSA or
- * CTC_<hash>wECDSA, from pkcs7->publicKeyOID and pkcs7->hashOID.
- *
- * pkcs7          - pointer to PKCS7 structure
- * digEncAlgoId   - [OUT] output int to store correct algo ID in
- * digEncAlgoType - [OUT] output for algo ID type
- *
- * return 0 on success, negative on error */
-static int wc_PKCS7_SignedDataGetEncAlgoId(wc_PKCS7* pkcs7, int* digEncAlgoId,
-                                           int* digEncAlgoType)
-{
-    int algoId   = 0;
-    int algoType = 0;
-
-    if (pkcs7 == NULL || digEncAlgoId == NULL || digEncAlgoType == NULL)
-        return BAD_FUNC_ARG;
-
-    if (pkcs7->publicKeyOID == RSAk) {
-
-        algoType = oidSigType;
-
-        switch (pkcs7->hashOID) {
-        #ifndef NO_SHA
-            case SHAh:
-                algoId = CTC_SHAwRSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA224
-            case SHA224h:
-                algoId = CTC_SHA224wRSA;
-                break;
-        #endif
-        #ifndef NO_SHA256
-            case SHA256h:
-                algoId = CTC_SHA256wRSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA384
-            case SHA384h:
-                algoId = CTC_SHA384wRSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA512
-            case SHA512h:
-                algoId = CTC_SHA512wRSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA3
-        #ifndef WOLFSSL_NOSHA3_224
-            case SHA3_224h:
-                algoId = CTC_SHA3_224wRSA;
-                break;
-        #endif
-        #ifndef WOLFSSL_NOSHA3_256
-            case SHA3_256h:
-                algoId = CTC_SHA3_256wRSA;
-                break;
-        #endif
-        #ifndef WOLFSSL_NOSHA3_384
-            case SHA3_384h:
-                algoId = CTC_SHA3_384wRSA;
-                break;
-        #endif
-        #ifndef WOLFSSL_NOSHA3_512
-            case SHA3_512h:
-                algoId = CTC_SHA3_512wRSA;
-                break;
-        #endif
-        #endif
-        }
-
-    }
-#ifdef HAVE_ECC
-    else if (pkcs7->publicKeyOID == ECDSAk) {
-
-        algoType = oidSigType;
-
-        switch (pkcs7->hashOID) {
-        #ifndef NO_SHA
-            case SHAh:
-                algoId = CTC_SHAwECDSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA224
-            case SHA224h:
-                algoId = CTC_SHA224wECDSA;
-                break;
-        #endif
-        #ifndef NO_SHA256
-            case SHA256h:
-                algoId = CTC_SHA256wECDSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA384
-            case SHA384h:
-                algoId = CTC_SHA384wECDSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA512
-            case SHA512h:
-                algoId = CTC_SHA512wECDSA;
-                break;
-        #endif
-        #ifdef WOLFSSL_SHA3
-        #ifndef WOLFSSL_NOSHA3_224
-            case SHA3_224h:
-                algoId = CTC_SHA3_224wECDSA;
-                break;
-        #endif
-        #ifndef WOLFSSL_NOSHA3_256
-            case SHA3_256h:
-                algoId = CTC_SHA3_256wECDSA;
-                break;
-        #endif
-        #ifndef WOLFSSL_NOSHA3_384
-            case SHA3_384h:
-                algoId = CTC_SHA3_384wECDSA;
-                break;
-        #endif
-        #ifndef WOLFSSL_NOSHA3_512
-            case SHA3_512h:
-                algoId = CTC_SHA3_512wECDSA;
-                break;
-        #endif
-        #endif
-        }
-    }
-#endif /* HAVE_ECC */
-
-    if (algoId == 0) {
-        WOLFSSL_MSG("Invalid signature algorithm type");
-        return BAD_FUNC_ARG;
-    }
-
-    *digEncAlgoId = algoId;
-    *digEncAlgoType = algoType;
-
-    return 0;
-}
-
-
-/* build SignedData DigestInfo for use with PKCS#7/RSA
- *
- * pkcs7 - pointer to initialized PKCS7 struct
- * flatSignedAttribs - flattened, signed attributes
- * flatSignedAttrbsSz - size of flatSignedAttribs, octets
- * esd - pointer to initialized ESD struct
- * digestInfo - [OUT] output array for DigestInfo
- * digestInfoSz - [IN/OUT] - input size of array, size of digestInfo
- *
- * return 0 on success, negative on error */
-static int wc_PKCS7_BuildDigestInfo(wc_PKCS7* pkcs7, byte* flatSignedAttribs,
-                                    word32 flatSignedAttribsSz, ESD* esd,
-                                    byte* digestInfo, word32* digestInfoSz)
-{
-    int ret, digIdx = 0;
-    byte digestInfoSeq[MAX_SEQ_SZ];
-    byte digestStr[MAX_OCTET_STR_SZ];
-    byte attribSet[MAX_SET_SZ];
-    byte algoId[MAX_ALGO_SZ];
-    word32 digestInfoSeqSz, digestStrSz, algoIdSz, dgstInfoSz, hashSz;
-    word32 attribSetSz;
-
-    if (pkcs7 == NULL || esd == NULL || digestInfo == NULL ||
-        digestInfoSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_HashGetDigestSize(esd->hashType);
-    if (ret < 0)
-        return ret;
-    hashSz = (word32)ret;
-
-    if (flatSignedAttribsSz != 0) {
-
-        if (flatSignedAttribs == NULL)
-            return BAD_FUNC_ARG;
-
-        attribSetSz = SetSet(flatSignedAttribsSz, attribSet);
-
-        ret = wc_HashInit(&esd->hash, esd->hashType);
-        if (ret < 0)
-            return ret;
-
-        ret = wc_HashUpdate(&esd->hash, esd->hashType,
-                            attribSet, attribSetSz);
-        if (ret == 0)
-            ret = wc_HashUpdate(&esd->hash, esd->hashType,
-                                flatSignedAttribs, flatSignedAttribsSz);
-        if (ret == 0)
-            ret = wc_HashFinal(&esd->hash, esd->hashType,
-                               esd->contentAttribsDigest);
-        wc_HashFree(&esd->hash, esd->hashType);
-
-        if (ret < 0)
-            return ret;
-
-    } else {
-        /* when no attrs, digest is contentDigest without tag and length */
-        XMEMCPY(esd->contentAttribsDigest, esd->contentDigest + 2, hashSz);
-    }
-
-    /* Set algoID, allow absent hash params */
-    algoIdSz = SetAlgoIDEx(pkcs7->hashOID, algoId, oidHashType,
-                           0, pkcs7->hashParamsAbsent);
-
-    digestStrSz = SetOctetString(hashSz, digestStr);
-    dgstInfoSz = algoIdSz + digestStrSz + hashSz;
-    digestInfoSeqSz = SetSequence(dgstInfoSz, digestInfoSeq);
-
-    if (*digestInfoSz < (digestInfoSeqSz + dgstInfoSz)) {
-        return BUFFER_E;
-    }
-
-    XMEMCPY(digestInfo + digIdx, digestInfoSeq, digestInfoSeqSz);
-    digIdx += (int)digestInfoSeqSz;
-    XMEMCPY(digestInfo + digIdx, algoId, algoIdSz);
-    digIdx += (int)algoIdSz;
-    XMEMCPY(digestInfo + digIdx, digestStr, digestStrSz);
-    digIdx += (int)digestStrSz;
-    XMEMCPY(digestInfo + digIdx, esd->contentAttribsDigest, hashSz);
-    digIdx += (int)hashSz;
-
-    *digestInfoSz = (word32)digIdx;
-
-    return 0;
-}
-
-
-/* build SignedData signature over DigestInfo or content digest
- *
- * pkcs7 - pointer to initialized PKCS7 struct
- * flatSignedAttribs - flattened, signed attributes
- * flatSignedAttribsSz - size of flatSignedAttribs, octets
- * esd - pointer to initialized ESD struct
- *
- * returns length of signature on success, negative on error */
-static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7,
-                                             byte* flatSignedAttribs,
-                                             word32 flatSignedAttribsSz,
-                                             ESD* esd)
-{
-    int ret = 0;
-#if defined(HAVE_ECC) || \
-    (defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA))
-    int hashSz = 0;
-#endif
-#if defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA)
-    int hashOID;
-#endif
-    word32 digestInfoSz = MAX_PKCS7_DIGEST_SZ;
-    WC_DECLARE_VAR(digestInfo, byte, MAX_PKCS7_DIGEST_SZ, 0);
-
-    if (pkcs7 == NULL || esd == NULL)
-        return BAD_FUNC_ARG;
-
-    WC_ALLOC_VAR_EX(digestInfo, byte, digestInfoSz, pkcs7->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-    XMEMSET(digestInfo, 0, digestInfoSz);
-
-    ret = wc_PKCS7_BuildDigestInfo(pkcs7, flatSignedAttribs,
-                                   flatSignedAttribsSz, esd, digestInfo,
-                                   &digestInfoSz);
-    if (ret < 0) {
-        WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-
-#if defined(HAVE_ECC) || \
-    (defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && !defined(NO_RSA))
-    /* get digest size from hash type */
-    hashSz = wc_HashGetDigestSize(esd->hashType);
-    if (hashSz < 0) {
-        WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return hashSz;
-    }
-#endif
-
-    /* sign digestInfo */
-    switch (pkcs7->publicKeyOID) {
-
-#ifndef NO_RSA
-        case RSAk:
-        #ifdef HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
-            if (pkcs7->rsaSignRawDigestCb != NULL) {
-                /* get hash OID */
-                hashOID = wc_HashGetOID(esd->hashType);
-
-                /* user signing plain digest, build DigestInfo themselves */
-                ret = pkcs7->rsaSignRawDigestCb(pkcs7,
-                           esd->contentAttribsDigest, hashSz,
-                           esd->encContentDigest, sizeof(esd->encContentDigest),
-                           pkcs7->privateKey, pkcs7->privateKeySz, pkcs7->devId,
-                           hashOID);
-                break;
-            }
-        #endif
-            ret = wc_PKCS7_RsaSign(pkcs7, digestInfo, digestInfoSz, esd);
-            break;
-#endif
-
-#ifdef HAVE_ECC
-        case ECDSAk:
-            /* CMS with ECDSA does not sign DigestInfo structure
-             * like PKCS#7 with RSA does */
-            ret = wc_PKCS7_EcdsaSign(pkcs7, esd->contentAttribsDigest,
-                                     (word32)hashSz, esd);
-            break;
-#endif
-
-        default:
-            WOLFSSL_MSG("Unsupported public key type");
-            ret = BAD_FUNC_ARG;
-    }
-
-    WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (ret >= 0) {
-        esd->encContentDigestSz = (word32)ret;
-    }
-
-    return ret;
-}
-
-#ifndef BER_OCTET_LENGTH
-    #define BER_OCTET_LENGTH 4096
-#endif
-
-/**
- * This helper function encodes a chunk of content stream and writes it out.
- *
- * @param pkcs7 Pointer to a PKCS7 structure.
- * @param cipherType The type of cipher to use for encryption.
- * @param aes Optional pointer to an Aes structure for AES encryption.
- * @param encContentOut Buffer to hold the encrypted content.
- * @param contentData Buffer holding the content to be encrypted.
- * @param contentDataSz Size of the content to be encrypted.
- * @param out Buffer to hold the output data.
- * @param outIdx Pointer to an index into the output buffer.
- * @param esd Pointer to an ESD structure for digest calculation.
- * @return Returns 0 on success, and a negative value on failure.
- */
-static int wc_PKCS7_EncodeContentStreamHelper(wc_PKCS7* pkcs7, int cipherType,
-    Aes* aes, byte* encContentOut, byte* contentData, int contentDataSz,
-    byte* out, word32* outIdx, ESD* esd)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-    byte   encContentOutOct[MAX_OCTET_STR_SZ];
-    word32 encContentOutOctSz = 0;
-
-    switch (cipherType) {
-        case WC_CIPHER_NONE:
-            XMEMCPY(encContentOut, contentData, (word32)contentDataSz);
-            if (esd && esd->contentDigestSet != 1) {
-                ret = wc_HashUpdate(&esd->hash, esd->hashType,
-                    contentData, (word32)contentDataSz);
-            }
-            break;
-
-    #ifndef NO_AES
-        case WC_CIPHER_AES_CBC:
-            ret = wc_AesCbcEncrypt(aes, encContentOut,
-                contentData, (word32)contentDataSz);
-            break;
-    #endif
-
-    #ifdef WOLFSSL_AESGCM_STREAM
-        case WC_CIPHER_AES_GCM:
-            ret = wc_AesGcmEncryptUpdate(aes, encContentOut,
-                    contentData, (word32)contentDataSz, NULL, 0);
-            break;
-    #endif
-    }
-
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        /* async encrypt not available here, so block till done */
-        if (ret == WC_NO_ERR_TRACE(WC_PENDING_E) &&
-            cipherType != WC_CIPHER_NONE) {
-            ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE);
-        }
-    #endif
-
-    if (ret == 0) {
-        encContentOutOctSz = SetOctetString((word32)contentDataSz, encContentOutOct);
-        wc_PKCS7_WriteOut(pkcs7, (out)? out + *outIdx: NULL,
-                          encContentOutOct, encContentOutOctSz);
-        *outIdx += encContentOutOctSz;
-        wc_PKCS7_WriteOut(pkcs7, (out)? out + *outIdx : NULL,
-                                            encContentOut, (word32)contentDataSz);
-        *outIdx += (word32)contentDataSz;
-    }
-
-    return ret;
-}
-
-
-/* Used for encoding the content, potentially one octet chunk at a time if
- * in streaming mode with IO callbacks set.
- * Can handle the cipher types:
- *      - WC_CIPHER_NONE, used for encoding signed bundle where no encryption is
- *                        done.
- *      - WC_CIPHER_AES_CBC
- *      - WC_CIPHER_AES_GCM, requires WOLFSSL_AESGCM_STREAM for streaming
- *                           encryption
- * If ESD is passed in then hash of the conentet is collected as processed.
- *
- * Returns 0 on success */
-#ifndef NO_AES
-static int wc_PKCS7_EncodeContentStream(wc_PKCS7* pkcs7, ESD* esd, Aes* aes,
-    byte* in, int inSz, byte* out, int cipherType)
-#else
-static int wc_PKCS7_EncodeContentStream(wc_PKCS7* pkcs7, ESD* esd, void* aes,
-    byte* in, int inSz, byte* out, int cipherType)
-#endif
-{
-    int ret = 0;
-    int devId  = pkcs7->devId;
-    void* heap = pkcs7->heap;
-
-    if (pkcs7->encodeStream) {
-        int    sz;
-        word32 totalSz = 0;
-        byte*  buf;
-        byte*  encContentOut;
-        byte*  contentData;
-        word32 idx = 0, outIdx = 0;
-        word32 padSz = 0;
-
-        if (cipherType != WC_CIPHER_NONE) {
-            padSz = (word32)wc_PKCS7_GetPadSize(pkcs7->contentSz,
-                   (word32)wc_PKCS7_GetOIDBlockSize(pkcs7->encryptOID));
-        }
-
-        if (cipherType == WC_CIPHER_NONE && esd && esd->contentDigestSet != 1) {
-            /* calculate hash for content */
-            ret = wc_HashInit(&esd->hash, esd->hashType);
-            if (ret != 0) {
-                return ret;
-            }
-        }
-
-        encContentOut = (byte *)XMALLOC(BER_OCTET_LENGTH + MAX_OCTET_STR_SZ,
-                heap, DYNAMIC_TYPE_PKCS7);
-        contentData = (byte *)XMALLOC(BER_OCTET_LENGTH + padSz,
-                heap, DYNAMIC_TYPE_PKCS7);
-
-        if (encContentOut == NULL || contentData == NULL) {
-            XFREE(encContentOut, heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(contentData, heap, DYNAMIC_TYPE_PKCS7);
-            WOLFSSL_MSG("Memory allocation failed for content data");
-            return MEMORY_E;
-        }
-
-        /* keep pulling from content until empty */
-        do {
-            int contentDataRead = 0;
-
-        #ifdef ASN_BER_TO_DER
-            if (pkcs7->getContentCb) {
-                contentDataRead = pkcs7->getContentCb(pkcs7,
-                                                      &buf, pkcs7->streamCtx);
-
-                if (buf == NULL) {
-                    WOLFSSL_MSG("Get content callback returned null "
-                        "buffer pointer");
-                    XFREE(encContentOut, heap, DYNAMIC_TYPE_PKCS7);
-                    XFREE(contentData, heap, DYNAMIC_TYPE_PKCS7);
-                    return BAD_FUNC_ARG;
-                }
-            }
-            else
-        #endif
-            {
-                int szLeft = BER_OCTET_LENGTH;
-
-                if (in == NULL) {
-                    XFREE(encContentOut, heap, DYNAMIC_TYPE_PKCS7);
-                    XFREE(contentData, heap, DYNAMIC_TYPE_PKCS7);
-                    return BAD_FUNC_ARG;
-                }
-
-                if ((word32)szLeft + totalSz > (word32)inSz)
-                    szLeft = inSz - (int)totalSz;
-
-                contentDataRead = szLeft;
-                buf = in + totalSz;
-            }
-
-            if (contentDataRead <= 0) {
-                /* no more data returned from callback */
-                break;
-            }
-            totalSz += (word32)contentDataRead;
-
-            /* check and handle octet boundary */
-            sz = contentDataRead;
-            if ((int)idx + sz > BER_OCTET_LENGTH) {
-                int amtWritten = 0;
-
-                /* loop over current buffer until it is empty */
-                while (idx + (word32)sz > BER_OCTET_LENGTH) {
-                    sz = BER_OCTET_LENGTH;
-                    if (idx > 0) { /* account for previously stored data */
-                        sz = BER_OCTET_LENGTH - (int)idx;
-                    }
-                    contentDataRead -= sz;
-
-                    XMEMCPY(contentData + idx, buf, (word32)sz);
-                    ret = wc_PKCS7_EncodeContentStreamHelper(pkcs7, cipherType,
-                        aes, encContentOut, contentData, BER_OCTET_LENGTH, out,
-                        &outIdx, esd);
-                    if (ret != 0) {
-                        XFREE(encContentOut, heap, DYNAMIC_TYPE_PKCS7);
-                        XFREE(contentData, heap, DYNAMIC_TYPE_PKCS7);
-                        return ret;
-                    }
-                    idx = 0; /* cleared out previously stored data */
-                    amtWritten += sz;
-                    sz  = contentDataRead;
-                }
-
-                /* copy over any remaining data */
-                XMEMCPY(contentData, buf + amtWritten, (word32)contentDataRead);
-                idx = (word32)contentDataRead;
-            }
-            else {
-                /* was not on an octet boundary, copy full
-                 * amount over */
-                XMEMCPY(contentData + idx, buf, (word32)sz);
-                idx += (word32)sz;
-            }
-        } while (totalSz < pkcs7->contentSz);
-
-        /* add in padding to the end */
-        if ((cipherType != WC_CIPHER_NONE) && (totalSz == pkcs7->contentSz)) {
-            word32 i;
-
-            if (BER_OCTET_LENGTH < idx) {
-                XFREE(encContentOut, heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(contentData, heap, DYNAMIC_TYPE_PKCS7);
-                return BAD_FUNC_ARG;
-            }
-
-            for (i = 0; i < padSz; i++) {
-                contentData[idx + i] = (byte)padSz;
-            }
-            idx += (word32)padSz;
-        }
-
-        /* encrypt and flush out remainder of content data */
-        ret = wc_PKCS7_EncodeContentStreamHelper(pkcs7, cipherType, aes,
-                    encContentOut, contentData, (int)idx, out, &outIdx, esd);
-        if (ret == 0) {
-            if (cipherType == WC_CIPHER_NONE && esd &&
-                    esd->contentDigestSet != 1) {
-                ret = wc_HashFinal(&esd->hash, esd->hashType,
-                    esd->contentDigest + 2);
-                wc_HashFree(&esd->hash, esd->hashType);
-            }
-        }
-
-        XFREE(encContentOut, heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(contentData, heap, DYNAMIC_TYPE_PKCS7);
-    }
-    else {
-        if (in == NULL || out == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        switch (cipherType) {
-            case WC_CIPHER_NONE:
-                if (!pkcs7->detached) {
-                    XMEMCPY(out, in, (word32)inSz);
-                }
-                if (esd && esd->contentDigestSet != 1) {
-                    ret = wc_HashInit(&esd->hash, esd->hashType);
-                    if (ret == 0)
-                        ret = wc_HashUpdate(&esd->hash, esd->hashType, in,
-                                            (word32)inSz);
-                    if (ret == 0)
-                        ret = wc_HashFinal(&esd->hash, esd->hashType,
-                                           esd->contentDigest + 2);
-                    wc_HashFree(&esd->hash, esd->hashType);
-                }
-                break;
-
-        #ifndef NO_AES
-            case WC_CIPHER_AES_CBC:
-                ret = wc_AesCbcEncrypt(aes, out, in, (word32)inSz);
-                break;
-        #endif
-
-        #ifdef WOLFSSL_AESGCM_STREAM
-            case WC_CIPHER_AES_GCM:
-                ret = wc_AesGcmEncryptUpdate(aes, out, in, (word32)inSz, NULL, 0);
-                break;
-        #endif
-        }
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        /* async encrypt not available here, so block till done */
-        if (cipherType != WC_CIPHER_NONE) {
-            ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE);
-        }
-    #endif
-    }
-
-    (void)devId;
-    (void)heap;
-
-    return ret;
-}
-
-
-/* build PKCS#7 signedData content type */
-/* To get the output size then set output = 0 and *outputSz = 0 */
-static int PKCS7_EncodeSigned(wc_PKCS7* pkcs7,
-    const byte* hashBuf, word32 hashSz, byte* output, word32* outputSz,
-    byte* output2, word32* output2Sz)
-{
-    /* contentType OID (1.2.840.113549.1.9.3) */
-    static const byte contentTypeOid[] =
-            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
-                             0x09, 0x03 };
-
-    /* messageDigest OID (1.2.840.113549.1.9.4) */
-    static const byte messageDigestOid[] =
-            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
-                             0x09, 0x04 };
-
-    /* signingTime OID () */
-    static const byte signingTimeOid[] =
-            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
-                             0x09, 0x05};
-
-    Pkcs7Cert* certPtr = NULL;
-    word32 certSetSz = 0;
-
-    word32 signerInfoSz = 0;
-    word32 totalSz, total2Sz;
-    int idx = 0, ret = 0;
-    int digEncAlgoId, digEncAlgoType;
-    int keyIdSize;
-    byte* flatSignedAttribs = NULL;
-    word32 flatSignedAttribsSz = 0;
-
-    WC_DECLARE_VAR(esd, ESD, 1, 0);
-#ifdef ASN_BER_TO_DER
-    word32 streamSz = 0;
-#endif
-    WC_DECLARE_VAR(signedDataOid, byte, MAX_OID_SZ, 0);
-    word32 signedDataOidSz;
-
-    byte signingTime[MAX_TIME_STRING_SZ];
-
-    if (pkcs7 == NULL || pkcs7->hashOID == 0 ||
-        outputSz == NULL) {
-        WOLFSSL_MSG("PKCS7 struct / outputSz null, or hashOID is 0");
-        return BAD_FUNC_ARG;
-    }
-
-    if (hashSz == 0 && hashBuf != NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* signature size varies with ECDSA, with a varying sign size the content
-     * hash must be known in order to create the surrounding ASN1 syntax
-     * properly before writing out the content and generating the hash on the
-     * fly and then creating the signature */
-    if (hashBuf == NULL && pkcs7->publicKeyOID == ECDSAk) {
-        WOLFSSL_MSG("Pre-calculated content hash is needed in this case");
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           pkcs7->publicKeyOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    /* use custom SKID if set */
-    if (pkcs7->customSKIDSz > 0) {
-        if (pkcs7->customSKID == NULL) {
-            WOLFSSL_MSG("Bad custom SKID setup, size > 0 and was NULL");
-            return BAD_FUNC_ARG;
-        }
-        keyIdSize = pkcs7->customSKIDSz;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    signedDataOid = (byte *)XMALLOC(MAX_OID_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (signedDataOid == NULL) {
-        idx = MEMORY_E;
-        goto out;
-    }
-
-    esd = (ESD*)XMALLOC(sizeof(ESD), pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (esd == NULL) {
-        idx = MEMORY_E;
-        goto out;
-    }
-#endif
-
-    XMEMSET(esd, 0, sizeof(ESD));
-
-    /* set content type based on contentOID, unless user has set custom one
-       with wc_PKCS7_SetContentType() */
-    if (pkcs7->contentTypeSz == 0) {
-
-        /* default to DATA content type if user has not set */
-        if (pkcs7->contentOID == 0) {
-            pkcs7->contentOID = DATA;
-        }
-
-        ret = wc_SetContentType(pkcs7->contentOID, pkcs7->contentType,
-                                sizeof(pkcs7->contentType));
-        if (ret < 0) {
-            idx = ret;
-            goto out;
-        }
-        pkcs7->contentTypeSz = (word32)ret;
-    }
-
-    /* set signedData outer content type */
-    ret = wc_SetContentType(SIGNED_DATA, signedDataOid, MAX_OID_SZ);
-    if (ret < 0) {
-        idx = ret;
-        goto out;
-    }
-    signedDataOidSz = (word32)ret;
-
-    if (pkcs7->sidType != DEGENERATE_SID) {
-        esd->hashType = wc_OidGetHash(pkcs7->hashOID);
-        if (hashBuf != NULL &&
-                wc_HashGetDigestSize(esd->hashType) != (int)hashSz) {
-            WOLFSSL_MSG("hashSz did not match hashOID");
-            idx = BUFFER_E;
-            goto out;
-        }
-
-        /* include hash if provided, otherwise create hash when processing
-         * content data */
-        esd->contentDigest[0] = ASN_OCTET_STRING;
-        if (hashBuf != NULL) {
-            esd->contentDigestSet = 1;
-            esd->contentDigest[1] = (byte)hashSz;
-            XMEMCPY(&esd->contentDigest[2], hashBuf, hashSz);
-        }
-        else {
-            esd->contentDigest[1] = (byte)wc_HashGetDigestSize(esd->hashType);
-        }
-    }
-
-    if (pkcs7->detached == 1) {
-        /* do not include content if generating detached signature */
-        esd->innerOctetsSz = 0;
-        esd->innerContSeqSz = 0;
-        esd->contentInfoSeqSz = SetSequence(pkcs7->contentTypeSz,
-                                            esd->contentInfoSeq);
-    }
-    else {
-        esd->innerOctetsSz = SetOctetStringEx(pkcs7->contentSz, esd->innerOctets,
-                                    pkcs7->encodeStream);
-        esd->innerContSeqSz = SetExplicit(0, esd->innerOctetsSz +
-                                    pkcs7->contentSz, esd->innerContSeq,
-                                    pkcs7->encodeStream);
-        esd->contentInfoSeqSz = SetSequenceEx(pkcs7->contentSz +
-                                    esd->innerOctetsSz + pkcs7->contentTypeSz +
-                                    esd->innerContSeqSz, esd->contentInfoSeq,
-                                    pkcs7->encodeStream);
-    }
-
-    /* SignerIdentifier */
-    if (pkcs7->sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-        /* IssuerAndSerialNumber */
-        ret = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz,
-                                          esd->issuerSn, MAX_SN_SZ, MAX_SN_SZ);
-        if (ret < 0) {
-            idx = ret;
-            goto out;
-        }
-        esd->issuerSnSz = (word32)ret;
-        signerInfoSz += esd->issuerSnSz;
-        esd->issuerNameSz = SetSequence(pkcs7->issuerSz, esd->issuerName);
-        signerInfoSz += esd->issuerNameSz + pkcs7->issuerSz;
-        esd->issuerSnSeqSz = SetSequence(signerInfoSz, esd->issuerSnSeq);
-        signerInfoSz += esd->issuerSnSeqSz;
-
-        if (pkcs7->version == 3) {
-            /* RFC 4108 version MUST be 3 for firmware package signer */
-            esd->signerVersionSz = (word32)SetMyVersion(3, esd->signerVersion, 0);
-        }
-        else {
-            /* version MUST be 1 otherwise*/
-            esd->signerVersionSz = (word32)SetMyVersion(1, esd->signerVersion, 0);
-        }
-
-    } else if (pkcs7->sidType == CMS_SKID) {
-        /* SubjectKeyIdentifier */
-        esd->issuerSKIDSz = SetOctetString((word32)keyIdSize, esd->issuerSKID);
-        esd->issuerSKIDSeqSz = SetExplicit(0, esd->issuerSKIDSz +
-                                           (word32)keyIdSize,
-                                           esd->issuerSKIDSeq, 0);
-        signerInfoSz += (esd->issuerSKIDSz + esd->issuerSKIDSeqSz +
-                         (word32)keyIdSize);
-
-        /* version MUST be 3 */
-        esd->signerVersionSz = (word32)SetMyVersion(3, esd->signerVersion, 0);
-    } else if (pkcs7->sidType == DEGENERATE_SID) {
-        /* no signer info added */
-    } else {
-        idx = SKID_E;
-        goto out;
-    }
-
-    if (pkcs7->sidType != DEGENERATE_SID) {
-        signerInfoSz += esd->signerVersionSz;
-        esd->signerDigAlgoIdSz = SetAlgoIDEx(pkcs7->hashOID, esd->signerDigAlgoId,
-                                          oidHashType, 0, pkcs7->hashParamsAbsent);
-        signerInfoSz += esd->signerDigAlgoIdSz;
-
-        /* set signatureAlgorithm */
-        ret = wc_PKCS7_SignedDataGetEncAlgoId(pkcs7, &digEncAlgoId,
-                                              &digEncAlgoType);
-        if (ret < 0) {
-            idx = ret;
-            goto out;
-        }
-        esd->digEncAlgoIdSz = SetAlgoIDEx(digEncAlgoId, esd->digEncAlgoId,
-                                        digEncAlgoType, 0, pkcs7->hashParamsAbsent);
-        signerInfoSz += esd->digEncAlgoIdSz;
-
-        /* build up signed attributes, include contentType, signingTime, and
-           messageDigest by default */
-        ret = wc_PKCS7_BuildSignedAttributes(pkcs7, esd, pkcs7->contentType,
-                                     pkcs7->contentTypeSz,
-                                     contentTypeOid, sizeof(contentTypeOid),
-                                     messageDigestOid, sizeof(messageDigestOid),
-                                     signingTimeOid, sizeof(signingTimeOid),
-                                     signingTime, sizeof(signingTime));
-        if (ret < 0) {
-            idx = ret;
-            goto out;
-        }
-
-        if (esd->signedAttribsSz > 0) {
-            flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, pkcs7->heap,
-                                                             DYNAMIC_TYPE_PKCS7);
-            if (flatSignedAttribs == NULL) {
-                idx = MEMORY_E;
-                goto out;
-            }
-
-            flatSignedAttribsSz = esd->signedAttribsSz;
-
-            FlattenAttributes(pkcs7, flatSignedAttribs, esd->signedAttribs,
-                                                  (int)esd->signedAttribsCount);
-            esd->signedAttribSetSz = SetImplicit(ASN_SET, 0, esd->signedAttribsSz,
-                                                              esd->signedAttribSet, 0);
-        } else {
-            esd->signedAttribSetSz = 0;
-        }
-
-        if (pkcs7->publicKeyOID != ECDSAk && hashBuf == NULL) {
-            ret = wc_PKCS7_GetSignSize(pkcs7);
-            esd->encContentDigestSz = (word32)ret;
-        }
-        else {
-            ret = wc_PKCS7_SignedDataBuildSignature(pkcs7, flatSignedAttribs,
-                                            flatSignedAttribsSz, esd);
-        }
-        if (ret < 0) {
-            idx = ret;
-            goto out;
-        }
-
-        signerInfoSz += flatSignedAttribsSz + esd->signedAttribSetSz;
-
-        esd->signerDigestSz = SetOctetString(esd->encContentDigestSz,
-                                                                 esd->signerDigest);
-        signerInfoSz += esd->signerDigestSz + esd->encContentDigestSz;
-
-        esd->signerInfoSeqSz = SetSequence(signerInfoSz, esd->signerInfoSeq);
-        signerInfoSz += esd->signerInfoSeqSz;
-    }
-    esd->signerInfoSetSz = SetSet(signerInfoSz, esd->signerInfoSet);
-    signerInfoSz += esd->signerInfoSetSz;
-
-    /* certificates [0] IMPLICIT CertificateSet */
-    /* get total certificates size */
-    if (pkcs7->noCerts != 1) {
-        certPtr = pkcs7->certList;
-        while (certPtr != NULL) {
-            certSetSz += certPtr->derSz;
-            certPtr = certPtr->next;
-        }
-    }
-    certPtr = NULL;
-
-    if (certSetSz > 0)
-        esd->certsSetSz = SetImplicit(ASN_SET, 0, certSetSz, esd->certsSet, 0);
-
-    if (pkcs7->sidType != DEGENERATE_SID) {
-        esd->singleDigAlgoIdSz = SetAlgoIDEx(pkcs7->hashOID, esd->singleDigAlgoId,
-                                      oidHashType, 0, pkcs7->hashParamsAbsent);
-    }
-    esd->digAlgoIdSetSz = SetSet(esd->singleDigAlgoIdSz, esd->digAlgoIdSet);
-
-    if (pkcs7->version == 3) {
-        /* RFC 4108 version MUST be 3 for firmware package signer */
-        esd->versionSz = (word32)SetMyVersion(3, esd->version, 0);
-    }
-    else {
-        esd->versionSz = (word32)SetMyVersion(1, esd->version, 0);
-    }
-
-    totalSz = esd->versionSz + esd->singleDigAlgoIdSz + esd->digAlgoIdSetSz +
-              esd->contentInfoSeqSz + pkcs7->contentTypeSz +
-              esd->innerContSeqSz + esd->innerOctetsSz;
-
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->encodeStream) {
-        word32 tmpIdx = 0;
-        totalSz += (3 * ASN_INDEF_END_SZ) ; /* 00's for BER with inner content */
-
-        StreamOctetString(pkcs7->content, pkcs7->contentSz, NULL, &streamSz,
-            &tmpIdx);
-        totalSz += streamSz + (3 * ASN_INDEF_END_SZ);
-    }
-    else
-#endif
-    {
-        totalSz += pkcs7->contentSz;
-    }
-    total2Sz = esd->certsSetSz + certSetSz + signerInfoSz;
-
-    if (pkcs7->detached) {
-        totalSz -= pkcs7->contentSz;
-    }
-
-    esd->innerSeqSz = SetSequenceEx(totalSz + total2Sz, esd->innerSeq,
-        pkcs7->encodeStream);
-    totalSz += esd->innerSeqSz;
-    if (pkcs7->encodeStream) {
-        totalSz += ASN_INDEF_END_SZ;
-    }
-
-    esd->outerContentSz = SetExplicit(0, totalSz + total2Sz,
-        esd->outerContent, pkcs7->encodeStream);
-    totalSz += esd->outerContentSz + signedDataOidSz;
-    if (pkcs7->encodeStream) {
-        totalSz += ASN_INDEF_END_SZ;
-    }
-
-    esd->outerSeqSz = SetSequenceEx(totalSz + total2Sz, esd->outerSeq,
-        pkcs7->encodeStream);
-    totalSz += esd->outerSeqSz;
-    if (pkcs7->encodeStream) {
-        totalSz += ASN_INDEF_END_SZ;
-    }
-
-    /* if using header/footer, we are not returning the content */
-    if (output2 && output2Sz) {
-        if (total2Sz > *output2Sz) {
-            if (*outputSz == 0 && *output2Sz == 0) {
-                *outputSz = totalSz;
-                *output2Sz = total2Sz;
-                idx = 0;
-                goto out;
-            }
-            idx = BUFFER_E;
-            goto out;
-        }
-
-        if (!pkcs7->detached) {
-            totalSz -= pkcs7->contentSz;
-        }
-    }
-    else {
-        /* if using single output buffer include content and footer */
-        totalSz += total2Sz;
-    }
-
-    if (totalSz > *outputSz
-    #ifdef ASN_BER_TO_DER
-        && pkcs7->streamOutCb == NULL
-    #endif
-    ) {
-        if (*outputSz == 0) {
-        #ifdef HAVE_ECC
-            if (pkcs7->publicKeyOID == ECDSAk) {
-                totalSz += ECC_MAX_PAD_SZ; /* signatures size can vary */
-            }
-        #endif
-            *outputSz = totalSz;
-            idx = (int)totalSz;
-            goto out;
-        }
-        idx = BUFFER_E;
-        goto out;
-    }
-
-#ifdef ASN_BER_TO_DER
-    if (output == NULL && pkcs7->streamOutCb == NULL) {
-#else
-    if (output == NULL) {
-#endif
-        idx = BUFFER_E;
-        goto out;
-    }
-
-    idx = 0;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->outerSeq, esd->outerSeqSz);
-    idx += (int)esd->outerSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            signedDataOid, signedDataOidSz);
-    idx += (int)signedDataOidSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->outerContent, esd->outerContentSz);
-    idx += (int)esd->outerContentSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->innerSeq, esd->innerSeqSz);
-    idx += (int)esd->innerSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->version, esd->versionSz);
-    idx += (int)esd->versionSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->digAlgoIdSet, esd->digAlgoIdSetSz);
-    idx += (int)esd->digAlgoIdSetSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->singleDigAlgoId, esd->singleDigAlgoIdSz);
-    idx += (int)esd->singleDigAlgoIdSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->contentInfoSeq, esd->contentInfoSeqSz);
-    idx += (int)esd->contentInfoSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            pkcs7->contentType, pkcs7->contentTypeSz);
-    idx += (int)pkcs7->contentTypeSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->innerContSeq, esd->innerContSeqSz);
-    idx += (int)esd->innerContSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            esd->innerOctets, esd->innerOctetsSz);
-    idx += (int)esd->innerOctetsSz;
-
-    /* support returning header and footer without content */
-    if (output2 && output2Sz) {
-        *outputSz = (word32)idx;
-        idx = 0;
-    }
-    else {
-        if (
-        #ifdef ASN_BER_TO_DER
-            (pkcs7->content != NULL || pkcs7->getContentCb != NULL)
-        #else
-            pkcs7->content != NULL
-        #endif
-             && pkcs7->contentSz > 0) {
-            wc_PKCS7_EncodeContentStream(pkcs7, esd, NULL, pkcs7->content,
-                (int)pkcs7->contentSz, (output)? output + idx : NULL,
-                WC_CIPHER_NONE);
-            if (!pkcs7->detached) {
-            #ifdef ASN_BER_TO_DER
-                if (pkcs7->encodeStream) {
-                    byte indefEnd[ASN_INDEF_END_SZ * 3];
-                    word32 localIdx = 0;
-
-                    idx += (int)streamSz;
-
-                    /* end of content octet string */
-                    localIdx += SetIndefEnd(indefEnd + localIdx);
-
-                    /* end of inner content seq */
-                    localIdx += SetIndefEnd(indefEnd + localIdx);
-
-                    /* end of inner content info seq */
-                    localIdx += SetIndefEnd(indefEnd + localIdx);
-
-                    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-                        indefEnd, localIdx);
-                    idx += (int)localIdx;
-                }
-                else
-            #endif
-                {
-                        idx += (int)pkcs7->contentSz;
-                }
-            }
-        }
-        output2 = output;
-    }
-
-    /* certificates */
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-        esd->certsSet, esd->certsSetSz);
-    idx += (int)esd->certsSetSz;
-
-    if (pkcs7->noCerts != 1) {
-        certPtr = pkcs7->certList;
-        while (certPtr != NULL) {
-            wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                certPtr->der, certPtr->derSz);
-            idx += (int)certPtr->derSz;
-            certPtr = certPtr->next;
-        }
-    }
-
-    wc_PKCS7_FreeCertSet(pkcs7);
-
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->signerInfoSet, esd->signerInfoSetSz);
-    idx += (int)esd->signerInfoSetSz;
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->signerInfoSeq, esd->signerInfoSeqSz);
-    idx += (int)esd->signerInfoSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->signerVersion, esd->signerVersionSz);
-    idx += (int)esd->signerVersionSz;
-    /* SignerIdentifier */
-    if (pkcs7->sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-        /* IssuerAndSerialNumber */
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->issuerSnSeq, esd->issuerSnSeqSz);
-        idx += (int)esd->issuerSnSeqSz;
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->issuerName, esd->issuerNameSz);
-        idx += (int)esd->issuerNameSz;
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                pkcs7->issuer, pkcs7->issuerSz);
-        idx += (int)pkcs7->issuerSz;
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->issuerSn, esd->issuerSnSz);
-        idx += (int)esd->issuerSnSz;
-    } else if (pkcs7->sidType == CMS_SKID) {
-        /* SubjectKeyIdentifier */
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->issuerSKIDSeq, esd->issuerSKIDSeqSz);
-        idx += (int)esd->issuerSKIDSeqSz;
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->issuerSKID, esd->issuerSKIDSz);
-        idx += (int)esd->issuerSKIDSz;
-
-        if (pkcs7->customSKID) {
-            wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                pkcs7->customSKID, (word32)keyIdSize);
-        }
-        else {
-            wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                pkcs7->issuerSubjKeyId, (word32)keyIdSize);
-        }
-        idx += keyIdSize;
-    } else if (pkcs7->sidType == DEGENERATE_SID) {
-        /* no signer infos in degenerate case */
-    } else {
-        idx = SKID_E;
-        goto out;
-    }
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->signerDigAlgoId, esd->signerDigAlgoIdSz);
-    idx += (int)esd->signerDigAlgoIdSz;
-
-    /* SignerInfo:Attributes */
-    if (flatSignedAttribsSz > 0) {
-        /* if the original hash buffer passed in was null then recreate the
-        * signature */
-        if (hashBuf == NULL && pkcs7->sidType != DEGENERATE_SID) {
-            /* recreate flat attribs after the content hash is known if needed
-             * build up signed attributes, include contentType, signingTime, and
-               messageDigest by default */
-            esd->signedAttribsCount = 0;
-            esd->signedAttribsSz = 0;
-            ret = wc_PKCS7_BuildSignedAttributes(pkcs7, esd, pkcs7->contentType,
-                                     pkcs7->contentTypeSz,
-                                     contentTypeOid, sizeof(contentTypeOid),
-                                     messageDigestOid, sizeof(messageDigestOid),
-                                     signingTimeOid, sizeof(signingTimeOid),
-                                     signingTime, sizeof(signingTime));
-            if (ret < 0) {
-                idx = ret;
-                goto out;
-            }
-
-            if (esd->signedAttribsSz > 0) {
-                if (flatSignedAttribs == NULL) {
-                    idx = MEMORY_E;
-                    goto out;
-                }
-
-                flatSignedAttribsSz = esd->signedAttribsSz;
-                FlattenAttributes(pkcs7, flatSignedAttribs,
-                                  esd->signedAttribs,
-                                  (int)esd->signedAttribsCount);
-            } else {
-                esd->signedAttribSetSz = 0;
-            }
-        }
-
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->signedAttribSet, esd->signedAttribSetSz);
-        idx += (int)esd->signedAttribSetSz;
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                flatSignedAttribs, flatSignedAttribsSz);
-        idx += (int)flatSignedAttribsSz;
-    }
-
-    if (hashBuf == NULL && pkcs7->sidType != DEGENERATE_SID) {
-        /* Calculate the final hash and encrypt it. */
-        WOLFSSL_MSG("Recreating signature with new hash");
-        ret = wc_PKCS7_SignedDataBuildSignature(pkcs7, flatSignedAttribs,
-                                                flatSignedAttribsSz, esd);
-        if (ret < 0) {
-            idx = ret;
-            goto out;
-        }
-    }
-
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->digEncAlgoId, esd->digEncAlgoIdSz);
-    idx += (int)esd->digEncAlgoIdSz;
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->signerDigest, esd->signerDigestSz);
-    idx += (int)esd->signerDigestSz;
-
-    wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                esd->encContentDigest, esd->encContentDigestSz);
-    idx += (int)esd->encContentDigestSz;
-
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->encodeStream) {
-        byte indefEnd[ASN_INDEF_END_SZ * 3];
-        word32 localIdx = 0;
-
-        /* end of signedData seq */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        /* end of outer content set */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        /* end of outer content info seq */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        wc_PKCS7_WriteOut(pkcs7, (output2)? (output2 + idx) : NULL,
-                    indefEnd, localIdx);
-        idx += (int)localIdx;
-    }
-#endif
-
-    if (output2Sz) {
-        *output2Sz = (word32)idx;
-        idx = 0; /* success */
-    }
-    else {
-        *outputSz = (word32)idx;
-    }
-
-  out:
-
-    XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    WC_FREE_VAR_EX(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(signedDataOid, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return idx;
-}
-
-/* hashBuf: The computed digest for the pkcs7->content
- * hashSz: The size of computed digest for the pkcs7->content based on hashOID
- * outputHead: The PKCS7 header that goes on top of the raw data signed.
- * outputFoot: The PKCS7 footer that goes at the end of the raw data signed.
- * pkcs7->content: Not used
- * pkcs7->contentSz: Must be provided as actual sign of raw data
- * return codes: 0=success, negative=error
- */
-int wc_PKCS7_EncodeSignedData_ex(wc_PKCS7* pkcs7, const byte* hashBuf,
-    word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot,
-    word32* outputFootSz)
-{
-    int ret;
-
-    /* other args checked in wc_PKCS7_EncodeSigned_ex */
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef ASN_BER_TO_DER
-    if (outputFoot == NULL || outputFootSz == NULL)
-#else
-    if (pkcs7->getContentCb == NULL &&
-        (outputFoot == NULL || outputFootSz == NULL))
-#endif
-    {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = PKCS7_EncodeSigned(pkcs7, hashBuf, hashSz,
-        outputHead, outputHeadSz, outputFoot, outputFootSz);
-
-    return ret;
-}
-
-
-/* Sets a custom SKID in PKCS7 struct, used before calling an encode operation
- * Returns 0 on success, negative upon error. */
-int wc_PKCS7_SetCustomSKID(wc_PKCS7* pkcs7, const byte* in, word16 inSz)
-{
-    int ret = 0;
-
-    if (pkcs7 == NULL || (in == NULL && inSz > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (in == NULL) {
-        if (pkcs7->customSKID != NULL) {
-            XFREE(pkcs7->customSKID, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        }
-        pkcs7->customSKIDSz = 0;
-        pkcs7->customSKID   = NULL;
-    }
-    else {
-        pkcs7->customSKID = (byte*)XMALLOC(inSz, pkcs7->heap,
-            DYNAMIC_TYPE_PKCS7);
-        if (pkcs7->customSKID == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMCPY(pkcs7->customSKID, in, inSz);
-            pkcs7->customSKIDSz = inSz;
-        }
-    }
-
-    return ret;
-}
-
-
-/* Toggle detached signature mode on/off for PKCS#7/CMS SignedData content type.
- * By default wolfCrypt includes the data to be signed in the SignedData
- * bundle. This data can be omitted in the case when a detached signature is
- * being created. To enable generation of detached signatures, set flag to "1",
- * otherwise set to "0":
- *
- *     flag 1 turns on support
- *     flag 0 turns off support
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- * flag  - turn on/off detached signature generation (1 or 0)
- *
- * Returns 0 on success, negative upon error. */
-int wc_PKCS7_SetDetached(wc_PKCS7* pkcs7, word16 flag)
-{
-    if (pkcs7 == NULL || (flag != 0 && flag != 1))
-        return BAD_FUNC_ARG;
-
-    pkcs7->detached = (flag != 0);
-
-    return 0;
-}
-
-/* By default, SignedData bundles have the following signed attributes attached:
- *     contentType (1.2.840.113549.1.9.3)
- *     signingTime (1.2.840.113549.1.9.5)
- *     messageDigest (1.2.840.113549.1.9.4)
- *
- * Calling this API before wc_PKCS7_EncodeSignedData() will disable the
- * inclusion of those attributes.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- *
- * Returns 0 on success, negative upon error. */
-int wc_PKCS7_NoDefaultSignedAttribs(wc_PKCS7* pkcs7)
-{
-    return wc_PKCS7_SetDefaultSignedAttribs(pkcs7, WOLFSSL_NO_ATTRIBUTES);
-}
-
-
-/* By default, SignedData bundles have the following signed attributes attached:
- *     contentType (1.2.840.113549.1.9.3)
- *     signingTime (1.2.840.113549.1.9.5)
- *     messageDigest (1.2.840.113549.1.9.4)
- *
- * Calling this API before wc_PKCS7_EncodeSignedData() allows control over which
- * default attributes are added.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- *
- * Returns 0 on success, negative upon error. */
-int  wc_PKCS7_SetDefaultSignedAttribs(wc_PKCS7* pkcs7, word16 flag)
-{
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (flag & WOLFSSL_NO_ATTRIBUTES) {
-        if (flag ^ WOLFSSL_NO_ATTRIBUTES) {
-            WOLFSSL_MSG("Error, can not have additional flags with no "
-                "attributes flag set");
-            return BAD_FUNC_ARG;
-        }
-        pkcs7->defaultSignedAttribs = 0;
-    }
-
-    /* check for unknown flags */
-    if (flag & ~(WOLFSSL_CONTENT_TYPE_ATTRIBUTE |
-                WOLFSSL_SIGNING_TIME_ATTRIBUTE |
-                WOLFSSL_MESSAGE_DIGEST_ATTRIBUTE | WOLFSSL_NO_ATTRIBUTES)) {
-        WOLFSSL_MSG("Unknown attribute flags found");
-        return BAD_FUNC_ARG;
-    }
-
-    pkcs7->defaultSignedAttribs |= flag;
-    return 0;
-}
-
-
-/* return codes: >0: Size of signed PKCS7 output buffer, negative: error */
-int wc_PKCS7_EncodeSignedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
-{
-    int ret;
-
-    /* other args checked in wc_PKCS7_EncodeSigned_ex */
-    if (pkcs7 == NULL || (pkcs7->contentSz > 0 &&
-    #ifdef ASN_BER_TO_DER
-        (pkcs7->content == NULL && pkcs7->getContentCb == NULL))
-    #else
-        pkcs7->content == NULL)
-    #endif
-    ) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* pre-calculate hash for ECC signatures */
-    if (pkcs7->publicKeyOID == ECDSAk) {
-        int hashSz;
-        enum wc_HashType hashType;
-        byte hashBuf[WC_MAX_DIGEST_SIZE];
-        wc_HashAlg hash;
-
-        /* get hash type and size, validate hashOID */
-        hashType = wc_OidGetHash(pkcs7->hashOID);
-        hashSz = wc_HashGetDigestSize(hashType);
-        if (hashSz < 0)
-            return hashSz;
-
-        /* calculate hash for content */
-        ret = wc_HashInit(&hash, hashType);
-        if (ret == 0) {
-            ret = wc_HashUpdate(&hash, hashType,
-                            pkcs7->content, pkcs7->contentSz);
-            if (ret == 0) {
-                ret = wc_HashFinal(&hash, hashType, hashBuf);
-            }
-            wc_HashFree(&hash, hashType);
-        }
-        if (ret == 0) {
-            ret = PKCS7_EncodeSigned(pkcs7, hashBuf, (word32)hashSz,
-                output, &outputSz, NULL, NULL);
-        }
-    }
-    else {
-        ret = PKCS7_EncodeSigned(pkcs7, NULL, 0, output, &outputSz,
-            NULL, NULL);
-    }
-    return ret;
-}
-
-
-/* Single-shot API to generate a CMS SignedData bundle that encapsulates a
- * content of type FirmwarePkgData. Any recipient certificates should be
- * loaded into the PKCS7 structure prior to calling this function, using
- * wc_PKCS7_InitWithCert() and/or wc_PKCS7_AddCertificate().
- *
- * pkcs7                - pointer to initialized PKCS7 struct
- * privateKey           - private RSA/ECC key, used for signing SignedData
- * privateKeySz         - size of privateKey, octets
- * signOID              - public key algorithm OID, used for sign operation
- * hashOID              - hash algorithm OID, used for signature generation
- * content              - content to be encapsulated, of type FirmwarePkgData
- * contentSz            - size of content, octets
- * signedAttribs        - optional signed attributes
- * signedAttribsSz      - number of PKCS7Attrib members in signedAttribs
- * output               - output buffer for final bundle
- * outputSz             - size of output buffer, octets
- *
- * Returns length of generated bundle on success, negative upon error. */
-int wc_PKCS7_EncodeSignedFPD(wc_PKCS7* pkcs7, byte* privateKey,
-                             word32 privateKeySz, int signOID, int hashOID,
-                             byte* content, word32 contentSz,
-                             PKCS7Attrib* signedAttribs, word32 signedAttribsSz,
-                             byte* output, word32 outputSz)
-{
-    int ret = 0;
-    WC_RNG rng;
-
-    if (pkcs7 == NULL || privateKey == NULL || privateKeySz == 0 ||
-        content == NULL || contentSz == 0 || output == NULL || outputSz == 0)
-        return BAD_FUNC_ARG;
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0)
-        return ret;
-
-    pkcs7->rng = &rng;
-    pkcs7->content = content;
-    pkcs7->contentSz = contentSz;
-    pkcs7->contentOID = FIRMWARE_PKG_DATA;
-    pkcs7->hashOID = hashOID;
-    pkcs7->encryptOID = signOID;
-    pkcs7->privateKey = privateKey;
-    pkcs7->privateKeySz = privateKeySz;
-    pkcs7->signedAttribs = signedAttribs;
-    pkcs7->signedAttribsSz = signedAttribsSz;
-    pkcs7->version = 3;
-
-    ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
-    if (ret <= 0) {
-        WOLFSSL_MSG("Error encoding CMS SignedData content type");
-    }
-
-    pkcs7->rng = NULL;
-    wc_FreeRng(&rng);
-
-    return ret;
-}
-
-#ifndef NO_PKCS7_ENCRYPTED_DATA
-
-/* Single-shot API to generate a CMS SignedData bundle that encapsulates a
- * CMS EncryptedData bundle. Content of inner EncryptedData is set to that
- * of FirmwarePkgData. Any recipient certificates should be loaded into the
- * PKCS7 structure prior to calling this function, using wc_PKCS7_InitWithCert()
- * and/or wc_PKCS7_AddCertificate().
- *
- * pkcs7                - pointer to initialized PKCS7 struct
- * encryptKey           - encryption key used for encrypting EncryptedData
- * encryptKeySz         - size of encryptKey, octets
- * privateKey           - private RSA/ECC key, used for signing SignedData
- * privateKeySz         - size of privateKey, octets
- * encryptOID           - encryption algorithm OID, to be used as encryption
- *                        algorithm for EncryptedData
- * signOID              - public key algorithm OID, to be used for sign
- *                        operation in SignedData generation
- * hashOID              - hash algorithm OID, to be used for signature in
- *                        SignedData generation
- * content              - content to be encapsulated
- * contentSz            - size of content, octets
- * unprotectedAttribs   - optional unprotected attributes, for EncryptedData
- * unprotectedAttribsSz - number of PKCS7Attrib members in unprotectedAttribs
- * signedAttribs        - optional signed attributes, for SignedData
- * signedAttribsSz      - number of PKCS7Attrib members in signedAttribs
- * output               - output buffer for final bundle
- * outputSz             - size of output buffer, octets
- *
- * Returns length of generated bundle on success, negative upon error. */
-int wc_PKCS7_EncodeSignedEncryptedFPD(wc_PKCS7* pkcs7, byte* encryptKey,
-                                      word32 encryptKeySz, byte* privateKey,
-                                      word32 privateKeySz, int encryptOID,
-                                      int signOID, int hashOID,
-                                      byte* content, word32 contentSz,
-                                      PKCS7Attrib* unprotectedAttribs,
-                                      word32 unprotectedAttribsSz,
-                                      PKCS7Attrib* signedAttribs,
-                                      word32 signedAttribsSz,
-                                      byte* output, word32 outputSz)
-{
-    int ret = 0, encryptedSz = 0;
-    byte* encrypted = NULL;
-    WC_RNG rng;
-
-    if (pkcs7 == NULL || encryptKey == NULL || encryptKeySz == 0 ||
-        privateKey == NULL || privateKeySz == 0 || content == NULL ||
-        contentSz == 0 || output == NULL || outputSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* 1: build up EncryptedData using FirmwarePkgData type, use output
-     *    buffer as tmp for storage and to get size */
-
-    /* set struct elements, inner content type is FirmwarePkgData */
-    pkcs7->content = content;
-    pkcs7->contentSz = contentSz;
-    pkcs7->contentOID = FIRMWARE_PKG_DATA;
-    pkcs7->encryptOID = encryptOID;
-    pkcs7->encryptionKey = encryptKey;
-    pkcs7->encryptionKeySz = encryptKeySz;
-    pkcs7->unprotectedAttribs = unprotectedAttribs;
-    pkcs7->unprotectedAttribsSz = unprotectedAttribsSz;
-    pkcs7->version = 3;
-
-    encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, output, outputSz);
-    if (encryptedSz < 0) {
-        WOLFSSL_MSG("Error encoding CMS EncryptedData content type");
-        return encryptedSz;
-    }
-
-    /* save encryptedData, reset output buffer and struct */
-    encrypted = (byte*)XMALLOC((word32)encryptedSz, pkcs7->heap,
-                               DYNAMIC_TYPE_PKCS7);
-    if (encrypted == NULL) {
-        ForceZero(output, outputSz);
-        return MEMORY_E;
-    }
-
-    XMEMCPY(encrypted, output, (word32)encryptedSz);
-    ForceZero(output, outputSz);
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        ForceZero(encrypted, (word32)encryptedSz);
-        XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* 2: build up SignedData, encapsulating EncryptedData */
-    pkcs7->rng = &rng;
-    pkcs7->content = encrypted;
-    pkcs7->contentSz = (word32)encryptedSz;
-    pkcs7->contentOID = ENCRYPTED_DATA;
-    pkcs7->hashOID = hashOID;
-    pkcs7->encryptOID = signOID;
-    pkcs7->privateKey = privateKey;
-    pkcs7->privateKeySz = privateKeySz;
-    pkcs7->signedAttribs = signedAttribs;
-    pkcs7->signedAttribsSz = signedAttribsSz;
-
-    ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
-    if (ret <= 0) {
-        WOLFSSL_MSG("Error encoding CMS SignedData content type");
-    }
-
-    ForceZero(encrypted, (word32)encryptedSz);
-    XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->rng = NULL;
-    wc_FreeRng(&rng);
-
-    return ret;
-}
-
-#endif /* NO_PKCS7_ENCRYPTED_DATA */
-
-#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
-/* Single-shot API to generate a CMS SignedData bundle that encapsulates a
- * CMS CompressedData bundle. Content of inner CompressedData is set to that
- * of FirmwarePkgData. Any recipient certificates should be loaded into the
- * PKCS7 structure prior to calling this function, using wc_PKCS7_InitWithCert()
- * and/or wc_PKCS7_AddCertificate().
- *
- * pkcs7                - pointer to initialized PKCS7 struct
- * privateKey           - private RSA/ECC key, used for signing SignedData
- * privateKeySz         - size of privateKey, octets
- * signOID              - public key algorithm OID, to be used for sign
- *                        operation in SignedData generation
- * hashOID              - hash algorithm OID, to be used for signature in
- *                        SignedData generation
- * content              - content to be encapsulated
- * contentSz            - size of content, octets
- * signedAttribs        - optional signed attributes, for SignedData
- * signedAttribsSz      - number of PKCS7Attrib members in signedAttribs
- * output               - output buffer for final bundle
- * outputSz             - size of output buffer, octets
- *
- * Returns length of generated bundle on success, negative upon error. */
-int wc_PKCS7_EncodeSignedCompressedFPD(wc_PKCS7* pkcs7, byte* privateKey,
-                                       word32 privateKeySz, int signOID,
-                                       int hashOID, byte* content,
-                                       word32 contentSz,
-                                       PKCS7Attrib* signedAttribs,
-                                       word32 signedAttribsSz, byte* output,
-                                       word32 outputSz)
-{
-    int ret = 0, compressedSz = 0;
-    byte* compressed = NULL;
-    WC_RNG rng;
-
-    if (pkcs7 == NULL || privateKey == NULL || privateKeySz == 0 ||
-        content == NULL || contentSz == 0 || output == NULL || outputSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* 1: build up CompressedData using FirmwarePkgData type, use output
-     *    buffer as tmp for storage and to get size */
-
-    /* set struct elements, inner content type is FirmwarePkgData */
-    pkcs7->content = content;
-    pkcs7->contentSz = contentSz;
-    pkcs7->contentOID = FIRMWARE_PKG_DATA;
-    pkcs7->version = 3;
-
-    compressedSz = wc_PKCS7_EncodeCompressedData(pkcs7, output, outputSz);
-    if (compressedSz < 0) {
-        WOLFSSL_MSG("Error encoding CMS CompressedData content type");
-        return compressedSz;
-    }
-
-    /* save compressedData, reset output buffer and struct */
-    compressed = (byte*)XMALLOC(compressedSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (compressed == NULL) {
-        ForceZero(output, outputSz);
-        return MEMORY_E;
-    }
-
-    XMEMCPY(compressed, output, compressedSz);
-    ForceZero(output, outputSz);
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        ForceZero(compressed, compressedSz);
-        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* 2: build up SignedData, encapsulating EncryptedData */
-    pkcs7->rng = &rng;
-    pkcs7->content = compressed;
-    pkcs7->contentSz = compressedSz;
-    pkcs7->contentOID = COMPRESSED_DATA;
-    pkcs7->hashOID = hashOID;
-    pkcs7->encryptOID = signOID;
-    pkcs7->privateKey = privateKey;
-    pkcs7->privateKeySz = privateKeySz;
-    pkcs7->signedAttribs = signedAttribs;
-    pkcs7->signedAttribsSz = signedAttribsSz;
-
-    ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
-    if (ret <= 0) {
-        WOLFSSL_MSG("Error encoding CMS SignedData content type");
-    }
-
-    ForceZero(compressed, compressedSz);
-    XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->rng = NULL;
-    wc_FreeRng(&rng);
-
-    return ret;
-}
-
-#ifndef NO_PKCS7_ENCRYPTED_DATA
-
-/* Single-shot API to generate a CMS SignedData bundle that encapsulates a
- * CMS EncryptedData bundle, which then encapsulates a CMS CompressedData
- * bundle. Content of inner CompressedData is set to that of FirmwarePkgData.
- * Any recipient certificates should be loaded into the PKCS7 structure prior
- * to calling this function, using wc_PKCS7_InitWithCert() and/or
- * wc_PKCS7_AddCertificate().
- *
- * pkcs7                - pointer to initialized PKCS7 struct
- * encryptKey           - encryption key used for encrypting EncryptedData
- * encryptKeySz         - size of encryptKey, octets
- * privateKey           - private RSA/ECC key, used for signing SignedData
- * privateKeySz         - size of privateKey, octets
- * encryptOID           - encryption algorithm OID, to be used as encryption
- *                        algorithm for EncryptedData
- * signOID              - public key algorithm OID, to be used for sign
- *                        operation in SignedData generation
- * hashOID              - hash algorithm OID, to be used for signature in
- *                        SignedData generation
- * content              - content to be encapsulated
- * contentSz            - size of content, octets
- * unprotectedAttribs   - optional unprotected attributes, for EncryptedData
- * unprotectedAttribsSz - number of PKCS7Attrib members in unprotectedAttribs
- * signedAttribs        - optional signed attributes, for SignedData
- * signedAttribsSz      - number of PKCS7Attrib members in signedAttribs
- * output               - output buffer for final bundle
- * outputSz             - size of output buffer, octets
- *
- * Returns length of generated bundle on success, negative upon error. */
-int  wc_PKCS7_EncodeSignedEncryptedCompressedFPD(wc_PKCS7* pkcs7, byte* encryptKey,
-                                       word32 encryptKeySz, byte* privateKey,
-                                       word32 privateKeySz, int encryptOID,
-                                       int signOID, int hashOID, byte* content,
-                                       word32 contentSz,
-                                       PKCS7Attrib* unprotectedAttribs,
-                                       word32 unprotectedAttribsSz,
-                                       PKCS7Attrib* signedAttribs,
-                                       word32 signedAttribsSz,
-                                       byte* output, word32 outputSz)
-{
-    int ret = 0, compressedSz = 0, encryptedSz = 0;
-    byte* compressed = NULL;
-    byte* encrypted = NULL;
-    WC_RNG rng;
-
-    if (pkcs7 == NULL || encryptKey == NULL || encryptKeySz == 0 ||
-        privateKey == NULL || privateKeySz == 0 || content == NULL ||
-        contentSz == 0 || output == NULL || outputSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* 1: build up CompressedData using FirmwarePkgData type, use output
-     *    buffer as tmp for storage and to get size */
-    pkcs7->content = content;
-    pkcs7->contentSz = contentSz;
-    pkcs7->contentOID = FIRMWARE_PKG_DATA;
-    pkcs7->version = 3;
-
-    compressedSz = wc_PKCS7_EncodeCompressedData(pkcs7, output, outputSz);
-    if (compressedSz < 0) {
-        WOLFSSL_MSG("Error encoding CMS CompressedData content type");
-        return compressedSz;
-    }
-
-    /* save compressedData, reset output buffer and struct */
-    compressed = (byte*)XMALLOC(compressedSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (compressed == NULL)
-        return MEMORY_E;
-
-    XMEMCPY(compressed, output, compressedSz);
-    ForceZero(output, outputSz);
-
-    /* 2: build up EncryptedData using CompressedData, use output
-     *    buffer as tmp for storage and to get size */
-    pkcs7->content = compressed;
-    pkcs7->contentSz = compressedSz;
-    pkcs7->contentOID = COMPRESSED_DATA;
-    pkcs7->encryptOID = encryptOID;
-    pkcs7->encryptionKey = encryptKey;
-    pkcs7->encryptionKeySz = encryptKeySz;
-    pkcs7->unprotectedAttribs = unprotectedAttribs;
-    pkcs7->unprotectedAttribsSz = unprotectedAttribsSz;
-
-    encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, output, outputSz);
-    if (encryptedSz < 0) {
-        WOLFSSL_MSG("Error encoding CMS EncryptedData content type");
-        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return encryptedSz;
-    }
-
-    /* save encryptedData, reset output buffer and struct */
-    encrypted = (byte*)XMALLOC(encryptedSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (encrypted == NULL) {
-        ForceZero(compressed, compressedSz);
-        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    XMEMCPY(encrypted, output, encryptedSz);
-    ForceZero(compressed, compressedSz);
-    XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    ForceZero(output, outputSz);
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        ForceZero(encrypted, encryptedSz);
-        XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* 3: build up SignedData, encapsulating EncryptedData */
-    pkcs7->rng = &rng;
-    pkcs7->content = encrypted;
-    pkcs7->contentSz = encryptedSz;
-    pkcs7->contentOID = ENCRYPTED_DATA;
-    pkcs7->hashOID = hashOID;
-    pkcs7->encryptOID = signOID;
-    pkcs7->privateKey = privateKey;
-    pkcs7->privateKeySz = privateKeySz;
-    pkcs7->signedAttribs = signedAttribs;
-    pkcs7->signedAttribsSz = signedAttribsSz;
-
-    ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
-    if (ret <= 0) {
-        WOLFSSL_MSG("Error encoding CMS SignedData content type");
-    }
-
-    ForceZero(encrypted, encryptedSz);
-    XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->rng = NULL;
-    wc_FreeRng(&rng);
-
-    return ret;
-}
-
-#endif /* !NO_PKCS7_ENCRYPTED_DATA */
-#endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */
-
-
-#ifndef NO_RSA
-
-#ifdef HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
-/* register raw RSA sign digest callback */
-int wc_PKCS7_SetRsaSignRawDigestCb(wc_PKCS7* pkcs7, CallbackRsaSignRawDigest cb)
-{
-    if (pkcs7 == NULL || cb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    pkcs7->rsaSignRawDigestCb = cb;
-
-    return 0;
-}
-#endif
-
-/* returns size of signature put into out, negative on error */
-static int wc_PKCS7_RsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz,
-                              byte* hash, word32 hashSz)
-{
-    int ret = 0, i;
-    word32 scratch = 0, verified = 0;
-#ifdef WOLFSSL_SMALL_STACK
-    byte* digest;
-    RsaKey* key;
-    DecodedCert* dCert;
-#else
-#ifdef WOLFSSL_NO_MALLOC
-    byte digest[RSA_MAX_SIZE / WOLFSSL_BIT_SIZE]; /* accessed in-place with size
-                                                   * key->dataLen
-                                                   */
-#else
-    byte digest[MAX_PKCS7_DIGEST_SZ];
-#endif
-    RsaKey key[1];
-    DecodedCert stack_dCert;
-    DecodedCert* dCert = &stack_dCert;
-#endif
-
-    if (pkcs7 == NULL || sig == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    digest = (byte*)XMALLOC(MAX_PKCS7_DIGEST_SZ, pkcs7->heap,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (digest == NULL)
-        return MEMORY_E;
-
-    key = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (key == NULL) {
-        XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-
-    dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), pkcs7->heap,
-                                  DYNAMIC_TYPE_DCERT);
-    if (dCert == NULL) {
-        XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ);
-
-    /* loop over certs received in certificates set, try to find one
-     * that will validate signature */
-    for (i = 0; i < MAX_PKCS7_CERTS; i++) {
-
-        verified = 0;
-        scratch  = 0;
-
-        if (pkcs7->certSz[i] == 0)
-            continue;
-
-        ret = wc_InitRsaKey_ex(key, pkcs7->heap, pkcs7->devId);
-        if (ret != 0) {
-            WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-            return ret;
-        }
-
-        InitDecodedCert(dCert, pkcs7->cert[i], pkcs7->certSz[i], pkcs7->heap);
-        /* not verifying, only using this to extract public key */
-        ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0);
-        if (ret < 0) {
-            WOLFSSL_MSG("ASN RSA cert parse error");
-            FreeDecodedCert(dCert);
-            wc_FreeRsaKey(key);
-            continue;
-        }
-
-        if (wc_RsaPublicKeyDecode(dCert->publicKey, &scratch, key,
-                                  dCert->pubKeySize) < 0) {
-            WOLFSSL_MSG("ASN RSA key decode error");
-            FreeDecodedCert(dCert);
-            wc_FreeRsaKey(key);
-            continue;
-        }
-
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        do {
-            ret = wc_AsyncWait(ret, &key->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-    #endif
-            if (ret >= 0) {
-                ret = wc_RsaSSL_Verify(sig, (word32)sigSz, digest, MAX_PKCS7_DIGEST_SZ,
-                    key);
-            }
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-    #endif
-        FreeDecodedCert(dCert);
-        wc_FreeRsaKey(key);
-
-        if ((ret > 0) && (hashSz == (word32)ret)) {
-            if (XMEMCMP(digest, hash, hashSz) == 0) {
-                /* found signer that successfully verified signature */
-                verified = 1;
-                pkcs7->verifyCert   = pkcs7->cert[i];
-                pkcs7->verifyCertSz = pkcs7->certSz[i];
-                break;
-            }
-        }
-    }
-
-    if (verified == 0) {
-        ret = SIG_VERIFY_E;
-    }
-
-    WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-
-    return ret;
-}
-
-#endif /* NO_RSA */
-
-
-#ifdef HAVE_ECC
-
-/* returns size of signature put into out, negative on error */
-static int wc_PKCS7_EcdsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz,
-                                byte* hash, word32 hashSz)
-{
-    int ret = 0, i;
-    int res = 0;
-    int verified = 0;
-#ifdef WOLFSSL_SMALL_STACK
-    byte* digest;
-    ecc_key* key;
-    DecodedCert* dCert;
-#else
-    byte digest[MAX_PKCS7_DIGEST_SZ];
-    ecc_key key[1];
-    DecodedCert stack_dCert;
-    DecodedCert* dCert = &stack_dCert;
-#endif
-    word32 idx = 0;
-
-    if (pkcs7 == NULL || sig == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-    digest = (byte*)XMALLOC(MAX_PKCS7_DIGEST_SZ, pkcs7->heap,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (digest == NULL)
-        return MEMORY_E;
-
-    key = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (key == NULL) {
-        XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-
-    dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), pkcs7->heap,
-                                  DYNAMIC_TYPE_DCERT);
-    if (dCert == NULL) {
-        XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(key,    pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ);
-
-    /* loop over certs received in certificates set, try to find one
-     * that will validate signature */
-    for (i = 0; i < MAX_PKCS7_CERTS; i++) {
-
-        verified = 0;
-        idx = 0;
-
-        if (pkcs7->certSz[i] == 0)
-            continue;
-
-        ret = wc_ecc_init_ex(key, pkcs7->heap, pkcs7->devId);
-        if (ret != 0) {
-            WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-            return ret;
-        }
-
-        InitDecodedCert(dCert, pkcs7->cert[i], pkcs7->certSz[i], pkcs7->heap);
-        /* not verifying, only using this to extract public key */
-        ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0);
-        if (ret < 0) {
-            WOLFSSL_MSG("ASN ECC cert parse error");
-            FreeDecodedCert(dCert);
-            wc_ecc_free(key);
-            continue;
-        }
-
-        if (wc_EccPublicKeyDecode(dCert->publicKey, &idx, key,
-                                  dCert->pubKeySize) < 0) {
-            WOLFSSL_MSG("ASN ECC key decode error");
-            FreeDecodedCert(dCert);
-            wc_ecc_free(key);
-            continue;
-        }
-
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        do {
-            ret = wc_AsyncWait(ret, &key->asyncDev,
-                WC_ASYNC_FLAG_CALL_AGAIN);
-    #endif
-            if (ret >= 0) {
-                ret = wc_ecc_verify_hash(sig, (word32)sigSz, hash, hashSz, &res, key);
-            }
-    #ifdef WOLFSSL_ASYNC_CRYPT
-        } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-    #endif
-
-        if (ret == 0 && res == 1) {
-            /* found signer that successfully verified signature */
-            verified = 1;
-            XMEMCPY(pkcs7->issuerSubjKeyId, dCert->extSubjKeyId, KEYID_SIZE);
-            pkcs7->verifyCert   = pkcs7->cert[i];
-            pkcs7->verifyCertSz = pkcs7->certSz[i];
-        }
-
-        wc_ecc_free(key);
-        FreeDecodedCert(dCert);
-
-        if (ret == 0 && res == 1) {
-            break;
-        }
-    }
-
-    if (verified == 0) {
-        ret = SIG_VERIFY_E;
-    }
-
-    WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT);
-
-    return ret;
-}
-
-#endif /* HAVE_ECC */
-
-
-/* build SignedData digest, both in PKCS#7 DigestInfo format and
- * as plain digest for CMS.
- *
- * pkcs7          - pointer to initialized PKCS7 struct
- * signedAttrib   - signed attributes
- * signedAttribSz - size of signedAttrib, octets
- * pkcs7Digest    - [OUT] PKCS#7 DigestInfo
- * pkcs7DigestSz  - [IN/OUT] size of pkcs7Digest
- * plainDigest    - [OUT] pointer to plain digest, offset into pkcs7Digest
- * plainDigestSz  - [OUT] size of digest at plainDigest
- *
- * returns 0 on success, negative on error */
-static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib,
-                                      word32 signedAttribSz, byte* pkcs7Digest,
-                                      word32* pkcs7DigestSz, byte** plainDigest,
-                                      word32* plainDigestSz,
-                                      const byte* hashBuf, word32 hashBufSz)
-{
-    int ret = 0, digIdx = 0;
-    word32 attribSetSz = 0, hashSz = 0;
-    byte attribSet[MAX_SET_SZ];
-    byte digest[WC_MAX_DIGEST_SIZE];
-    byte digestInfoSeq[MAX_SEQ_SZ];
-    byte digestStr[MAX_OCTET_STR_SZ];
-    byte algoId[MAX_ALGO_SZ];
-    word32 digestInfoSeqSz, digestStrSz, algoIdSz;
-    WC_DECLARE_VAR(digestInfo, byte, MAX_PKCS7_DIGEST_SZ, 0);
-
-    wc_HashAlg hash;
-    enum wc_HashType hashType;
-
-    /* check arguments */
-    if (pkcs7 == NULL || pkcs7Digest == NULL ||
-        pkcs7DigestSz == NULL || plainDigest == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    hashType = wc_OidGetHash(pkcs7->hashOID);
-    ret = wc_HashGetDigestSize(hashType);
-    if (ret < 0)
-        return ret;
-    hashSz = (word32)ret;
-
-    if (signedAttribSz > 0) {
-        if (signedAttrib == NULL)
-            return BAD_FUNC_ARG;
-    }
-    else {
-        if (hashBuf && hashBufSz > 0) {
-            if (hashSz != hashBufSz)
-                return BAD_FUNC_ARG;
-        }
-        else if (pkcs7->content == NULL)
-            return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(digestInfo, byte, MAX_PKCS7_DIGEST_SZ, pkcs7->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    XMEMSET(pkcs7Digest, 0, *pkcs7DigestSz);
-    XMEMSET(digest,      0, WC_MAX_DIGEST_SIZE);
-    XMEMSET(digestInfo,  0, MAX_PKCS7_DIGEST_SZ);
-
-
-    /* calculate digest */
-    if (hashBuf && hashBufSz > 0 && signedAttribSz == 0) {
-        XMEMCPY(digest, hashBuf, hashBufSz);
-    }
-    else {
-        ret = wc_HashInit(&hash, hashType);
-        if (ret < 0) {
-            WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return ret;
-        }
-
-        if (signedAttribSz > 0) {
-            attribSetSz = SetSet(signedAttribSz, attribSet);
-
-            /* calculate digest */
-            ret = wc_HashUpdate(&hash, hashType, attribSet, attribSetSz);
-            if (ret == 0)
-                ret = wc_HashUpdate(&hash, hashType, signedAttrib, signedAttribSz);
-            if (ret == 0)
-                ret = wc_HashFinal(&hash, hashType, digest);
-        } else {
-            ret = wc_HashUpdate(&hash, hashType, pkcs7->content, pkcs7->contentSz);
-            if (ret == 0)
-                ret = wc_HashFinal(&hash, hashType, digest);
-        }
-
-        wc_HashFree(&hash, hashType);
-        if (ret < 0) {
-            WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return ret;
-        }
-    }
-
-    /* Set algoID, match whatever was input to match either NULL or absent */
-    algoIdSz = SetAlgoIDEx(pkcs7->hashOID, algoId, oidHashType,
-                            0, pkcs7->hashParamsAbsent);
-
-    digestStrSz = SetOctetString(hashSz, digestStr);
-    digestInfoSeqSz = SetSequence(algoIdSz + digestStrSz + hashSz,
-                                  digestInfoSeq);
-
-    XMEMCPY(digestInfo + digIdx, digestInfoSeq, digestInfoSeqSz);
-    digIdx += (int)digestInfoSeqSz;
-    XMEMCPY(digestInfo + digIdx, algoId, algoIdSz);
-    digIdx += (int)algoIdSz;
-    XMEMCPY(digestInfo + digIdx, digestStr, digestStrSz);
-    digIdx += (int)digestStrSz;
-    XMEMCPY(digestInfo + digIdx, digest, hashSz);
-    digIdx += (int)hashSz;
-
-    XMEMCPY(pkcs7Digest, digestInfo, (word32)digIdx);
-    *pkcs7DigestSz = (word32)digIdx;
-
-    /* set plain digest pointer */
-    *plainDigest = pkcs7Digest + digIdx - hashSz;
-    *plainDigestSz = hashSz;
-
-    WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    return 0;
-}
-
-
-/* Verifies CMS/PKCS7 SignedData content digest matches that which is
- * included in the messageDigest signed attribute. Only called when
- * signed attributes are present, otherwise original signature verification
- * is done over content.
- *
- * pkcs7          - pointer to initialized PKCS7 struct
- * hashBuf        - pointer to user-provided hash buffer, used with
- *                  wc_PKCS7_VerifySignedData_ex()
- * hashBufSz      - size of hashBuf, octets
- *
- * return 0 on success, negative on error */
-static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7,
-                                               const byte* hashBuf,
-                                               word32 hashSz)
-{
-    int ret = 0, digestSz = 0, innerAttribSz = 0;
-    int contentLen = 0;
-    word32 idx = 0;
-    word32 contentIdx = 0;
-    byte* content = NULL;
-    byte* digestBuf = NULL;
-    WC_DECLARE_VAR(digest, byte, MAX_PKCS7_DIGEST_SZ, 0);
-    PKCS7DecodedAttrib* attrib;
-    enum wc_HashType hashType;
-
-    /* messageDigest OID (1.2.840.113549.1.9.4) */
-    const byte mdOid[] =
-            { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04 };
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    if ((pkcs7->content == NULL || pkcs7->contentSz == 0) &&
-        (hashBuf == NULL || hashSz == 0)) {
-        WOLFSSL_MSG("SignedData bundle has no content or hash to verify");
-        return BAD_FUNC_ARG;
-    }
-
-    /* lookup messageDigest attribute */
-    attrib = findAttrib(pkcs7, mdOid, sizeof(mdOid));
-    if (attrib == NULL) {
-        WOLFSSL_MSG("messageDigest attribute not in bundle, must be when "
-                    "signed attribs are present");
-        return ASN_PARSE_E;
-    }
-
-    /* advance past attrib->value ASN.1 header and length */
-    if (attrib->value == NULL || attrib->valueSz == 0)
-        return ASN_PARSE_E;
-
-    if (attrib->value[idx++] != ASN_OCTET_STRING)
-        return ASN_PARSE_E;
-
-    if (GetLength(attrib->value, &idx, &innerAttribSz, attrib->valueSz) < 0)
-        return ASN_PARSE_E;
-
-    /* get hash type and size */
-    hashType = wc_OidGetHash(pkcs7->hashOID);
-    if (hashType == WC_HASH_TYPE_NONE) {
-        WOLFSSL_MSG("Error getting hash type for PKCS7 content verification");
-        return BAD_FUNC_ARG;
-    }
-
-    /* build content hash if needed, or use existing hash value */
-    if (hashBuf == NULL) {
-
-        WC_ALLOC_VAR_EX(digest, byte, MAX_PKCS7_DIGEST_SZ, pkcs7->heap,
-            DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-        XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ);
-
-        content = pkcs7->content;
-        contentLen = (int)pkcs7->contentSz;
-
-        if (pkcs7->contentIsPkcs7Type == 1) {
-            /* Content follows PKCS#7 RFC, which defines type as ANY. CMS
-             * mandates OCTET_STRING which has already been stripped off.
-             * For PKCS#7 message digest calculation, digest is calculated
-             * only on the "value" of the DER encoding. As such, advance past
-             * the tag and length */
-            if (contentLen > 1) {
-                contentIdx++;
-            }
-
-            if (GetLength_ex(content, &contentIdx, &contentLen,
-                    (word32)contentLen, 1) < 0) {
-                    WC_FREE_VAR_EX(digest, pkcs7->heap,
-                        DYNAMIC_TYPE_TMP_BUFFER);
-                return ASN_PARSE_E;
-            }
-        }
-
-        ret = wc_Hash(hashType, content + contentIdx, (word32)contentLen, digest,
-                      MAX_PKCS7_DIGEST_SZ);
-        if (ret < 0) {
-            WOLFSSL_MSG("Error hashing PKCS7 content for verification");
-            WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return ret;
-        }
-
-        digestBuf = digest;
-        digestSz = wc_HashGetDigestSize(hashType);
-        if (digestSz < 0) {
-            WOLFSSL_MSG("Invalid hash type");
-            WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return digestSz;
-        }
-    } else {
-
-        /* user passed in pre-computed hash */
-        digestBuf = (byte*)hashBuf;
-        digestSz  = (int)hashSz;
-    }
-
-    /* compare generated to hash in messageDigest attribute */
-    if ((innerAttribSz != digestSz) ||
-        (XMEMCMP(attrib->value + idx, digestBuf, (size_t)digestSz) != 0)) {
-        WOLFSSL_MSG("Content digest does not match messageDigest attrib value");
-        WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return SIG_VERIFY_E;
-    }
-
-    if (hashBuf == NULL) {
-        WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-
-    return 0;
-}
-
-
-/* verifies SignedData signature, over either PKCS#7 DigestInfo or
- * content digest.
- *
- * pkcs7          - pointer to initialized PKCS7 struct
- * sig            - signature to verify
- * sigSz          - size of sig
- * signedAttrib   - signed attributes, or null if empty
- * signedAttribSz - size of signedAttributes
- *
- * return 0 on success, negative on error */
-static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig,
-                                             word32 sigSz, byte* signedAttrib,
-                                             word32 signedAttribSz,
-                                             const byte* hashBuf, word32 hashSz)
-{
-    int ret = 0;
-    word32 plainDigestSz = 0, pkcs7DigestSz;
-    byte* plainDigest = NULL; /* offset into pkcs7Digest */
-    WC_DECLARE_VAR(pkcs7Digest, byte, MAX_PKCS7_DIGEST_SZ, 0);
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    /* allocate space to build hash */
-    pkcs7DigestSz = MAX_PKCS7_DIGEST_SZ;
-    WC_ALLOC_VAR_EX(pkcs7Digest, byte, pkcs7DigestSz, pkcs7->heap,
-        DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-    XMEMSET(pkcs7Digest, 0, pkcs7DigestSz);
-
-    /* verify signed attrib digest matches that of content */
-    if (signedAttrib != NULL) {
-        ret = wc_PKCS7_VerifyContentMessageDigest(pkcs7, hashBuf, hashSz);
-        if (ret != 0) {
-            WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            return ret;
-        }
-    }
-
-    /* build hash to verify against */
-    ret = wc_PKCS7_BuildSignedDataDigest(pkcs7, signedAttrib,
-                                         signedAttribSz, pkcs7Digest,
-                                         &pkcs7DigestSz, &plainDigest,
-                                         &plainDigestSz, hashBuf, hashSz);
-    if (ret < 0) {
-        WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-
-    /* If no certificates are available then store the signature and hash for
-     * user to verify. Make sure that different return value than success is
-     * returned because the signature was not verified here. */
-    if (ret == 0) {
-        byte haveCert = 0;
-        int  i;
-
-        for (i = 0; i < MAX_PKCS7_CERTS; i++) {
-            if (pkcs7->certSz[i] == 0)
-                continue;
-            haveCert = 1;
-        }
-
-        if (!haveCert) {
-            WOLFSSL_MSG("No certificates in bundle to verify signature");
-
-            /* store signature */
-            XFREE(pkcs7->signature, pkcs7->heap, DYNAMIC_TYPE_SIGNATURE);
-            pkcs7->signature = NULL;
-            pkcs7->signatureSz = 0;
-            pkcs7->signature = (byte*)XMALLOC(sigSz, pkcs7->heap,
-                    DYNAMIC_TYPE_SIGNATURE);
-            if (pkcs7->signature == NULL) {
-                WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-                return MEMORY_E;
-            }
-            XMEMCPY(pkcs7->signature, sig, sigSz);
-            pkcs7->signatureSz = sigSz;
-
-            /* store plain digest (CMS and ECC) */
-            XFREE(pkcs7->plainDigest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
-            pkcs7->plainDigest = NULL;
-            pkcs7->plainDigestSz = 0;
-            pkcs7->plainDigest = (byte*)XMALLOC(plainDigestSz, pkcs7->heap,
-                    DYNAMIC_TYPE_DIGEST);
-            if (pkcs7->plainDigest == NULL) {
-                WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-                return MEMORY_E;
-            }
-            XMEMCPY(pkcs7->plainDigest, plainDigest, plainDigestSz);
-            pkcs7->plainDigestSz = plainDigestSz;
-
-            /* store pkcs7 digest (default RSA) */
-            XFREE(pkcs7->pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_DIGEST);
-            pkcs7->pkcs7Digest = NULL;
-            pkcs7->pkcs7DigestSz = 0;
-            pkcs7->pkcs7Digest = (byte*)XMALLOC(pkcs7DigestSz, pkcs7->heap,
-                    DYNAMIC_TYPE_DIGEST);
-            if (pkcs7->pkcs7Digest == NULL) {
-                WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-                return MEMORY_E;
-            }
-            XMEMCPY(pkcs7->pkcs7Digest, pkcs7Digest, pkcs7DigestSz);
-            pkcs7->pkcs7DigestSz = pkcs7DigestSz;
-
-            WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            return PKCS7_SIGNEEDS_CHECK;
-        }
-    }
-
-
-
-    switch (pkcs7->publicKeyOID) {
-
-#ifndef NO_RSA
-        case RSAk:
-            ret = wc_PKCS7_RsaVerify(pkcs7, sig, (int)sigSz, pkcs7Digest,
-                                     pkcs7DigestSz);
-            if (ret < 0) {
-                WOLFSSL_MSG("PKCS#7 verification failed, trying CMS");
-                ret = wc_PKCS7_RsaVerify(pkcs7, sig, (int)sigSz, plainDigest,
-                                         plainDigestSz);
-            }
-            break;
-#endif
-
-#ifdef HAVE_ECC
-        case ECDSAk:
-            ret = wc_PKCS7_EcdsaVerify(pkcs7, sig, (int)sigSz, plainDigest,
-                                       plainDigestSz);
-            break;
-#endif
-
-        default:
-            WOLFSSL_MSG("Unsupported public key type");
-            ret = BAD_FUNC_ARG;
-    }
-
-     WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    return ret;
-}
-
-
-/* set correct public key OID based on signature OID, stores in
- * pkcs7->publicKeyOID and returns same value */
-static int wc_PKCS7_SetPublicKeyOID(wc_PKCS7* pkcs7, int sigOID)
-{
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    pkcs7->publicKeyOID = 0;
-
-    switch (sigOID) {
-
-    #ifndef NO_RSA
-        /* RSA signature types */
-        case CTC_MD2wRSA:
-        case CTC_MD5wRSA:
-        case CTC_SHAwRSA:
-        case CTC_SHA224wRSA:
-        case CTC_SHA256wRSA:
-        case CTC_SHA384wRSA:
-        case CTC_SHA512wRSA:
-        case CTC_SHA3_224wRSA:
-        case CTC_SHA3_256wRSA:
-        case CTC_SHA3_384wRSA:
-        case CTC_SHA3_512wRSA:
-            pkcs7->publicKeyOID = RSAk;
-            break;
-
-        /* if sigOID is already RSAk */
-        case RSAk:
-            pkcs7->publicKeyOID = (word32)sigOID;
-            break;
-    #endif
-
-    #ifndef NO_DSA
-        /* DSA signature types */
-        case CTC_SHAwDSA:
-            pkcs7->publicKeyOID = DSAk;
-            break;
-
-        /* if sigOID is already DSAk */
-        case DSAk:
-            pkcs7->publicKeyOID = (word32)sigOID;
-            break;
-    #endif
-
-    #ifdef HAVE_ECC
-        /* ECDSA signature types */
-        case CTC_SHAwECDSA:
-        case CTC_SHA224wECDSA:
-        case CTC_SHA256wECDSA:
-        case CTC_SHA384wECDSA:
-        case CTC_SHA512wECDSA:
-        case CTC_SHA3_224wECDSA:
-        case CTC_SHA3_256wECDSA:
-        case CTC_SHA3_384wECDSA:
-        case CTC_SHA3_512wECDSA:
-            pkcs7->publicKeyOID = ECDSAk;
-            break;
-
-        /* if sigOID is already ECDSAk */
-        case ECDSAk:
-            pkcs7->publicKeyOID = (word32)sigOID;
-            break;
-    #endif
-
-        default:
-            WOLFSSL_MSG("Unsupported public key algorithm");
-            return ASN_SIG_KEY_E;
-    }
-
-    return (int)pkcs7->publicKeyOID;
-}
-
-
-/* Parses through the attributes and adds them to the PKCS7 structure
- * Creates dynamic attribute structures that are free'd with calling
- * wc_PKCS7_Free()
- *
- * NOTE: An attribute has the ASN1 format of
- ** Sequence
- ****** Object ID
- ****** Set
- ********** {PrintableString, UTCTime, OCTET STRING ...}
- *
- * pkcs7  the PKCS7 structure to put the parsed attributes into
- * in     buffer holding all attributes
- * inSz   size of in buffer
- *
- * returns the number of attributes parsed on success
- */
-static int wc_PKCS7_ParseAttribs(wc_PKCS7* pkcs7, byte* in, int inSz)
-{
-    int    found = 0;
-    word32 idx   = 0;
-    word32 oid;
-
-    if (pkcs7 == NULL || in == NULL || inSz < 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    while (idx < (word32)inSz) {
-        int length  = 0;
-        word32 oidIdx;
-        PKCS7DecodedAttrib* attrib;
-
-        if (GetSequence(in, &idx, &length, (word32)inSz) < 0)
-            return ASN_PARSE_E;
-
-        attrib = (PKCS7DecodedAttrib*)XMALLOC(sizeof(PKCS7DecodedAttrib),
-                pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        if (attrib == NULL) {
-            return MEMORY_E;
-        }
-        XMEMSET(attrib, 0, sizeof(PKCS7DecodedAttrib));
-
-        oidIdx = idx;
-        if (GetObjectId(in, &idx, &oid, oidIgnoreType, (word32)inSz)
-                < 0) {
-            XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return ASN_PARSE_E;
-        }
-        attrib->oidSz = idx - oidIdx;
-        attrib->oid = (byte*)XMALLOC(attrib->oidSz, pkcs7->heap,
-                                     DYNAMIC_TYPE_PKCS7);
-        if (attrib->oid == NULL) {
-            XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return MEMORY_E;
-        }
-        XMEMCPY(attrib->oid, in + oidIdx, attrib->oidSz);
-
-        /* Get Set that contains the printable string value */
-        if (GetSet(in, &idx, &length, (word32)inSz) < 0) {
-            XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return ASN_PARSE_E;
-        }
-
-        if ((inSz - (int)idx) < length) {
-            XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return ASN_PARSE_E;
-        }
-
-        attrib->valueSz = (word32)length;
-        attrib->value = (byte*)XMALLOC(attrib->valueSz, pkcs7->heap,
-                                       DYNAMIC_TYPE_PKCS7);
-        if (attrib->value == NULL) {
-            XFREE(attrib->oid, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(attrib, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return MEMORY_E;
-        }
-        XMEMCPY(attrib->value, in + idx, attrib->valueSz);
-        idx += (word32)length;
-
-        /* store attribute in linked list */
-        if (pkcs7->decodedAttrib != NULL) {
-            attrib->next = pkcs7->decodedAttrib;
-            pkcs7->decodedAttrib = attrib;
-        } else {
-            pkcs7->decodedAttrib = attrib;
-        }
-        found++;
-    }
-
-    return found;
-}
-
-
-/* option to turn off support for degenerate cases
- * flag 0 turns off support
- * flag 1 turns on support
- *
- * by default support for SignedData degenerate cases is on
- */
-void wc_PKCS7_AllowDegenerate(wc_PKCS7* pkcs7, word16 flag)
-{
-    if (pkcs7) {
-        if (flag) { /* flag of 1 turns on support for degenerate */
-            pkcs7->noDegenerate = 0;
-        }
-        else { /* flag of 0 turns off support */
-            pkcs7->noDegenerate = 1;
-        }
-    }
-}
-
-/* Parses through a signerInfo set. Reads buffer "in" from "idxIn" to "idxIn" +
- * length treating the current "idxIn" plus the length of set as max possible
- * index.
- *
- * In the case that signed attributes are found "signedAttrib" gets set to point
- *  at their location in the buffer "in". Also in this case signedAttribSz gets
- *  set to the size of the signedAttrib buffer.
- *
- * returns 0 on success
- */
-static int wc_PKCS7_ParseSignerInfo(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-        word32* idxIn, int degenerate, byte** signedAttrib, int* signedAttribSz)
-{
-    int ret = 0;
-    int length = 0;
-    int version = 0;
-    word32 sigOID = 0, hashOID = 0;
-    word32 idx = *idxIn, localIdx;
-    byte tag;
-    byte absentParams = FALSE;
-
-    WOLFSSL_ENTER("wc_PKCS7_ParseSignerInfo");
-    /* require a signer if degenerate case not allowed */
-    if (inSz == 0 && pkcs7->noDegenerate == 1) {
-        WOLFSSL_MSG("Set to not allow degenerate cases");
-        return PKCS7_NO_SIGNER_E;
-    }
-
-    if (inSz == 0 && degenerate == 0) {
-        WOLFSSL_MSG("PKCS7 signers expected");
-        return PKCS7_NO_SIGNER_E;
-    }
-
-    /* not a degenerate case and there is elements in the set */
-    if (inSz > 0 && degenerate == 0) {
-        ret = wc_PKCS7_SignerInfoNew(pkcs7);
-
-        /* Get the sequence of the first signerInfo */
-        if (ret == 0 && GetSequence(in, &idx, &length, inSz) < 0)
-            ret = ASN_PARSE_E;
-
-        /* Get the version */
-        if (ret == 0 && GetMyVersion(in, &idx, &version, inSz) < 0)
-            ret = ASN_PARSE_E;
-
-        if (ret == 0) {
-            pkcs7->signerInfo->version = version;
-        }
-
-        if (ret == 0 && version == 1) {
-            /* Get the sequence of IssuerAndSerialNumber */
-            if (GetSequence(in, &idx, &length, inSz) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0) {
-                ret = wc_PKCS7_SignerInfoSetSID(pkcs7, in + idx, length);
-                idx += (word32)length;
-            }
-
-        } else if (ret == 0 && version == 3) {
-            /* Get the sequence of SubjectKeyIdentifier */
-            if (idx + 1 > inSz)
-                ret = BUFFER_E;
-
-            localIdx = idx;
-            if (ret == 0 && GetASNTag(in, &localIdx, &tag, inSz) == 0 &&
-                   tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-                idx++;
-
-                if (GetLength(in, &idx, &length, inSz) <= 0)
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && idx + 1 > inSz)
-                    ret = BUFFER_E;
-
-                if (ret == 0 && GetASNTag(in, &idx, &tag, inSz) < 0)
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && tag != ASN_OCTET_STRING)
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && GetLength(in, &idx, &length, inSz) < 0)
-                    ret = ASN_PARSE_E;
-            }
-            else {
-                /* check if SKID with ASN_CONTEXT_SPECIFIC otherwise in version
-                 * 3 try to get issuerAndSerial */
-                localIdx = idx;
-                if (GetASNTag(in, &localIdx, &tag, inSz) == 0 &&
-                        tag == ASN_CONTEXT_SPECIFIC) {
-                    idx++;
-                    if (ret == 0 && GetLength(in, &idx, &length, inSz) < 0)
-                        ret = ASN_PARSE_E;
-                }
-                else {
-                    if (pkcs7->version != 3) {
-                        WOLFSSL_MSG("Unexpected signer info found with version");
-                        ret = ASN_PARSE_E;
-                    }
-
-                    if (ret == 0 && GetSequence(in, &idx, &length, inSz) < 0)
-                        ret = ASN_PARSE_E;
-                }
-            }
-
-            if (ret == 0) {
-                if (length > (int)inSz - (int)idx)
-                    ret = BUFFER_E;
-            }
-
-            if (ret == 0) {
-                ret = wc_PKCS7_SignerInfoSetSID(pkcs7, in + idx, length);
-                idx += (word32)length;
-            }
-
-        } else {
-            WOLFSSL_MSG("PKCS#7 signerInfo version must be 1 or 3");
-            ret = ASN_VERSION_E;
-        }
-
-        /* Get the sequence of digestAlgorithm */
-        if (ret == 0 && GetAlgoIdEx(in, &idx, &hashOID, oidHashType,
-                                    inSz, &absentParams) < 0) {
-            ret = ASN_PARSE_E;
-        }
-        pkcs7->hashOID = (int)hashOID;
-        pkcs7->hashParamsAbsent = (absentParams != 0);
-
-        /* Get the IMPLICIT[0] SET OF signedAttributes */
-        localIdx = idx;
-        if (ret == 0 && GetASNTag(in, &localIdx, &tag, inSz) == 0 &&
-                tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-            idx++;
-
-            if (GetLength(in, &idx, &length, inSz) < 0)
-                ret = ASN_PARSE_E;
-
-            /* save pointer and length */
-            *signedAttrib = &in[idx];
-            *signedAttribSz = length;
-
-            if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, *signedAttrib,
-                        *signedAttribSz) < 0) {
-                WOLFSSL_MSG("Error parsing signed attributes");
-                ret = ASN_PARSE_E;
-            }
-
-            idx += (word32)length;
-        }
-
-        /* Get digestEncryptionAlgorithm - key type or signature type */
-        if (ret == 0 && GetAlgoId(in, &idx, &sigOID, oidIgnoreType, inSz) < 0) {
-            ret = ASN_PARSE_E;
-        }
-
-        /* store public key type based on digestEncryptionAlgorithm */
-        if (ret == 0) {
-            ret = wc_PKCS7_SetPublicKeyOID(pkcs7, (int)sigOID);
-            if (ret < 0) {
-                WOLFSSL_MSG("Failed to set public key OID from signature");
-            }
-            else {
-                /* if previous return was positive then was success */
-                ret = 0;
-            }
-        }
-    }
-
-    /* update index on success */
-    if (ret == 0) {
-        *idxIn = idx;
-    }
-
-    return ret;
-}
-
-/* parse input to get single/multiple octet strings.
- * get each octet string from stream up to the size defined by
- * MAX_PKCS7_STREAM_BUFFER then hash and store them to the content buffer.
- * hash is stored to pkcs7->stream->hashBuf and its size in
- * pkcs7->stream->hashBufSz if keepContent is true, accumulates content into
- * pkcs7->stream->content and stores its size in pkcs7->stream->contentSz.
- */
-#ifndef NO_PKCS7_STREAM
-static int wc_PKCS7_HandleOctetStrings(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                                word32* tmpIdx, word32* idx, int keepContent)
-{
-    int ret, length = 0;
-    word32 msgSz, i, contBufSz;
-    byte tag;
-    byte* msg = NULL;
-    byte* tempBuf = NULL;
-
-    /* allow 0 for inSz in streaming */
-    if (inSz == 0) {
-        return WC_PKCS7_WANT_READ_E;
-    }
-
-    if (pkcs7 == NULL || in == NULL || idx == NULL)
-        return BAD_FUNC_ARG;
-
-    /* no content case, do nothing */
-    if (pkcs7->stream->noContent) {
-        if (pkcs7->content && pkcs7->contentSz > 0) {
-            XFREE(pkcs7->stream->content, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            pkcs7->stream->content = NULL;
-
-            pkcs7->stream->content = (byte*)XMALLOC(pkcs7->contentSz,
-                                            pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            if (pkcs7->stream->content == NULL) {
-                WOLFSSL_MSG("Failed to grow content buffer.");
-                return MEMORY_E;
-            }
-            XMEMCPY(pkcs7->stream->content, pkcs7->content, pkcs7->contentSz);
-            pkcs7->stream->contentSz = pkcs7->contentSz;
-        }
-        return 0;
-    }
-
-    /* free pkcs7->contentDynamic buffer */
-    XFREE(pkcs7->contentDynamic, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    pkcs7->contentDynamic = NULL;
-
-    while(1) {
-        if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &msg, idx)) != 0) {
-            break;
-        }
-
-        msgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length:inSz;
-
-        if (pkcs7->stream->currContRmnSz == 0) {
-
-            /* processed single OCTET STRING, try to find another one. */
-            if ((ret = GetASNTag(msg, idx, &tag, msgSz)) < 0) {
-                break;
-            }
-
-            /* if another OCTET STRING is found, get its length */
-            if (ret == 0 && tag == ASN_OCTET_STRING) {
-
-                if (ret == 0 && GetLength_ex(msg, idx, &length, msgSz,
-                                                            NO_USER_CHECK) < 0){
-                    ret = ASN_PARSE_E;
-                    break;
-                }
-
-                /* set up for next octet string */
-                pkcs7->stream->currContSz    = (word32)length;
-                pkcs7->stream->currContRmnSz = (word32)length;
-                pkcs7->stream->expected      = min(pkcs7->stream->currContRmnSz,
-                                                   MAX_PKCS7_STREAM_BUFFER);
-
-                /* advance read index */
-                if (wc_PKCS7_StreamEndCase(pkcs7, tmpIdx, idx) != 0) {
-                    break;
-                }
-
-                /* check if expected data is available in stream */
-                ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &msg, idx);
-                if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-                    break;  /* ask user more input */
-                }
-
-                /* data available, continue processing */
-                continue;
-            }
-            /* reached to the end of contents. trailing zeros may follow. */
-            else if (ret == 0 && tag == ASN_EOC) {
-
-                /* ASN_EOC tag and one zero follows to show the end of
-                 * in-definite length encoding.
-                 * number of indef is stored in pkcs7->stream->cntIdfCnt.
-                 */
-                pkcs7->stream->expected = (word32)(ASN_TAG_SZ + TRAILING_ZERO) *
-                                               (word32)pkcs7->stream->cntIdfCnt;
-
-                /* dec idx by one since already consumed to get ASN_EOC */
-                (*idx)--;
-
-                if (wc_PKCS7_StreamEndCase(pkcs7, tmpIdx, idx) != 0) {
-                    break;
-                }
-
-                /* check if expected data is available in stream */
-                ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &msg, idx);
-                if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-                    break;  /* ask user more input */
-                }
-
-                /* data available, continue processing trailing zeros */
-                for (i = 0; i < pkcs7->stream->expected; i++) {
-                    if (msg[*idx + i] != 0) {
-                        ret = ASN_PARSE_E;
-                        break;
-                    }
-                }
-                /* reset indef-length count */
-                pkcs7->stream->cntIdfCnt = 0;
-
-                /* advance read index */
-                *idx += pkcs7->stream->expected;
-
-                if (wc_PKCS7_StreamEndCase(pkcs7, tmpIdx, idx) != 0) {
-                    break;
-                }
-
-                /* handled OCTET STRINGs successfully */
-                ret = 0;
-                break;
-            }
-            /* reached to the end of contents without trailing zeros */
-            else if (ret == 0) {
-
-                /* dec idx by one since already consumed to get ASN_EOC */
-                (*idx)--;
-
-                if (wc_PKCS7_StreamEndCase(pkcs7, tmpIdx, idx) != 0) {
-                    break;
-                }
-
-                ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &msg, idx);
-                if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-                    break;
-                }
-
-                /* handled OCTET STRINGs successfully */
-                ret = 0;
-                break;
-            }
-            else {
-                break;
-            }
-        }
-        else {
-            /* got partial octet string data */
-            /* accumulate partial octet string to buffer */
-            if (keepContent) {
-            #ifdef ASN_BER_TO_DER
-                if (pkcs7->streamOutCb) {
-                    ret = wc_HashUpdate(&pkcs7->stream->hashAlg,
-                        pkcs7->stream->hashType,
-                        msg + *idx, pkcs7->stream->expected);
-                    if (ret != 0)
-                        break;
-                    pkcs7->streamOutCb(pkcs7, msg + *idx,
-                        pkcs7->stream->expected, pkcs7->streamCtx);
-                }
-                else
-            #endif /* ASN_BER_TO_DER */
-                {
-                    /* store current content buffer temporarily */
-                    tempBuf = pkcs7->stream->content;
-                    pkcs7->stream->content = NULL;
-
-                    /* grow content buffer */
-                    contBufSz = pkcs7->stream->accumContSz;
-                    pkcs7->stream->accumContSz += pkcs7->stream->expected;
-
-                    pkcs7->stream->content =
-                                    (byte*)XMALLOC(pkcs7->stream->accumContSz,
-                                               pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-                    if (pkcs7->stream->content == NULL) {
-                        WOLFSSL_MSG("failed to grow content buffer.");
-                            if (tempBuf != NULL) {
-                        XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                        tempBuf = NULL;
-                            }
-                        ret = MEMORY_E;
-                        break;
-                    }
-                    else {
-                        /* accumulate content */
-                        if (tempBuf != NULL && contBufSz != 0) {
-                            XMEMCPY(pkcs7->stream->content, tempBuf, contBufSz);
-                        }
-                        XMEMCPY(pkcs7->stream->content + contBufSz, msg + *idx,
-                                                       pkcs7->stream->expected);
-                        if (tempBuf != NULL) {
-                            XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                            tempBuf = NULL;
-                        }
-                    }
-                }
-            }
-
-            *idx                         += pkcs7->stream->expected;
-            pkcs7->stream->currContRmnSz -= pkcs7->stream->expected;
-            pkcs7->stream->contentSz     += pkcs7->stream->expected;
-
-            if (wc_PKCS7_StreamEndCase(pkcs7, tmpIdx, idx) != 0) {
-                break;
-            }
-
-            if (pkcs7->stream->currContRmnSz > 0) {
-                pkcs7->stream->expected = min(pkcs7->stream->currContRmnSz,
-                                              MAX_PKCS7_STREAM_BUFFER);
-            }
-            else {
-                /* Processed current OCTET STRING. Proceed to the next one. */
-                pkcs7->stream->currContRmnSz = 0;
-                pkcs7->stream->currContSz    = 0;
-                pkcs7->stream->expected= ASN_TAG_SZ + MAX_LENGTH_SZ;
-
-                if (pkcs7->stream->maxLen > 0 &&
-                    (pkcs7->stream->maxLen - pkcs7->stream->totalRd)
-                                                < ASN_TAG_SZ + MAX_LENGTH_SZ) {
-                    /* seems reached to end of content */
-                    ret = 0;
-                    break;
-                }
-            }
-
-            /* data available */
-            continue;
-        }
-    }
-    return ret;
-}
-#endif /* !NO_PKCS7_STREAM */
-/* Finds the certificates in the message and saves it. By default allows
- * degenerate cases which can have no signer.
- *
- * By default expects type SIGNED_DATA (SignedData) which can have any number of
- * elements in signerInfos collection, including zero. (RFC2315 section 9.1)
- * When adding support for the case of SignedAndEnvelopedData content types a
- * signer is required. In this case the PKCS7 flag noDegenerate could be set.
- */
-static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
-    word32 hashSz, byte* in, word32 inSz,
-    byte* in2, word32 in2Sz)
-{
-    word32 idx, maxIdx = inSz, outerContentType = 0, contentTypeSz = 0, totalSz = 0;
-    int length = 0, version = 0, ret = 0;
-    byte* content = NULL;
-    byte* contentDynamic = NULL;
-    byte* sig = NULL;
-    byte* cert = NULL;
-    byte* signedAttrib = NULL;
-    byte* contentType = NULL;
-    int encapContentInfoLen = 0;
-    int contentSz = 0, sigSz = 0, certSz = 0, signedAttribSz = 0;
-    word32 localIdx, start;
-    word32 certIdx, certIdx2;
-    byte degenerate = 0;
-    byte detached = 0;
-    byte tag = 0;
-    word16 contentIsPkcs7Type = 0;
-#ifdef ASN_BER_TO_DER
-    byte* der;
-#endif
-    int multiPart = 0, keepContent;
-    int contentLen = 0;
-
-    byte* pkiMsg    = in;
-    word32 pkiMsgSz = inSz;
-#ifndef NO_PKCS7_STREAM
-    word32 stateIdx = 0;
-    word32 hashOID = 0;
-    enum wc_HashType hashType = WC_HASH_TYPE_NONE;
-    byte*   src = NULL;
-    word32  srcSz;
-#endif
-    byte* pkiMsg2 = in2;
-    word32 pkiMsg2Sz = in2Sz;
-    (void)keepContent;
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-#ifndef NO_PKCS7_STREAM
-    /* allow for 0 size inputs with stream mode */
-    if (pkiMsg == NULL && pkiMsgSz > 0)
-        return BAD_FUNC_ARG;
-
-#else
-    if (pkiMsg == NULL || pkiMsgSz == 0)
-        return BAD_FUNC_ARG;
-#endif
-
-    if ((hashSz > 0 && hashBuf == NULL) || (pkiMsg2Sz > 0 && pkiMsg2 == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-    idx = 0;
-
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->derSz > 0 && pkcs7->der) {
-        pkiMsg = pkcs7->der;
-    }
-#endif
-
-#ifndef NO_PKCS7_STREAM
-    if (pkcs7->stream == NULL) {
-        if ((ret = wc_PKCS7_CreateStream(pkcs7)) != 0) {
-            return ret;
-        }
-    }
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_START:
-        #ifndef NO_PKCS7_STREAM
-            /* The expected size calculation originally assumed digest OID
-             * with NULL params, -2 to also accept with absent params */
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, (MAX_SEQ_SZ +
-                            MAX_VERSION_SZ + MAX_SEQ_SZ + MAX_LENGTH_SZ +
-                            ASN_TAG_SZ + MAX_OID_SZ + MAX_SEQ_SZ) - 2,
-                            &pkiMsg, &idx)) != 0) {
-                break;
-            }
-
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            /* get content info size */
-            localIdx = 0;
-            if (GetSequence_ex(pkiMsg, &localIdx, &length, pkiMsgSz,
-                                        NO_USER_CHECK) < 0) {
-                break;
-            }
-            if (ret == 0 && length > 0)
-                pkcs7->stream->maxLen = (word32)length + localIdx;
-            else
-                pkcs7->stream->maxLen = inSz;
-
-        #endif
-
-            /* determine total message size */
-            totalSz = pkiMsgSz;
-            if (pkiMsg2 && pkiMsg2Sz > 0) {
-                totalSz += pkiMsg2Sz + pkcs7->contentSz;
-            }
-
-            /* Get the contentInfo sequence */
-            if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, totalSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && length == 0 && pkiMsg[idx-1] == ASN_INDEF_LENGTH) {
-
-    #if defined(NO_PKCS7_STREAM)
-        #ifdef ASN_BER_TO_DER
-                word32 len = 0;
-
-                ret = wc_BerToDer(pkiMsg, pkiMsgSz, NULL, &len);
-                if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E))
-                    return ret;
-                pkcs7->der = (byte*)XMALLOC(len, pkcs7->heap,
-                                                        DYNAMIC_TYPE_PKCS7);
-                if (pkcs7->der == NULL)
-                    return MEMORY_E;
-                ret = wc_BerToDer(pkiMsg, pkiMsgSz, pkcs7->der, &len);
-                if (ret < 0)
-                    return ret;
-
-                pkiMsg   = in = pkcs7->der;
-                inSz = pkcs7->derSz = len;
-                idx = 0;
-            #ifdef NO_PKCS7_STREAM
-                pkiMsgSz = len;
-            #else
-                wc_PKCS7_ResetStream(pkcs7);
-                if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                                MAX_SEQ_SZ + MAX_VERSION_SZ + MAX_SEQ_SZ +
-                                MAX_LENGTH_SZ + ASN_TAG_SZ + MAX_OID_SZ +
-                                MAX_SEQ_SZ, &pkiMsg, &idx)) != 0) {
-                    break;
-                }
-
-                pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                                                        inSz;
-
-                totalSz = pkiMsgSz;
-                if (pkiMsg2 && pkiMsg2Sz > 0) {
-                    totalSz += pkiMsg2Sz + pkcs7->contentSz;
-                }
-
-                if ((ret = wc_PKCS7_SetMaxStream(pkcs7, in, len)) != 0) {
-                    break;
-                }
-            #endif
-                if (GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    return ASN_PARSE_E;
-        #else
-                ret = BER_INDEF_E;
-        #endif
-    #else
-                /* the bundle has indefinite length encoding */
-                pkcs7->stream->indefLen = 1;
-
-    #endif /* NO_PKCS7_STREAM */
-            }
-
-            /* Get the contentInfo contentType */
-            if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &outerContentType,
-                        pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && outerContentType != SIGNED_DATA) {
-                WOLFSSL_MSG("PKCS#7 input not of type SignedData");
-                ret = PKCS7_OID_E;
-            }
-
-            /* get the ContentInfo content */
-            if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, totalSz) != 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && GetLength_ex(pkiMsg, &idx, &length, totalSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            /* Get the signedData sequence */
-            if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, totalSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            /* Get the version */
-            if (ret == 0 && GetMyVersion(pkiMsg, &idx, &version, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-
-            /* version 1 follows RFC 2315 */
-            /* version 3 follows RFC 4108 */
-            if (ret == 0 && (version != 1 && version != 3)) {
-                WOLFSSL_MSG("PKCS#7 signedData needs to be version 1 or 3");
-                ret = ASN_VERSION_E;
-            }
-            pkcs7->version = (byte)version;
-
-            /* Get the set of DigestAlgorithmIdentifiers */
-            if (ret == 0 && GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            localIdx = idx;
-
-        #ifndef NO_PKCS7_STREAM
-            /* initialize hashType*/
-            pkcs7->stream->hashType = WC_HASH_TYPE_NONE;
-
-            /* Get the first DigestAlgorithmIdentifier from the SET */
-            if (ret == 0 && length > 0) {
-                if (GetAlgoId(pkiMsg, &idx, &hashOID, oidHashType, pkiMsgSz)
-                                                                          < 0)
-                    ret = ASN_PARSE_E;
-
-                pkcs7->hashOID = (int)hashOID;
-                /* get hash type */
-                hashType = wc_OidGetHash(pkcs7->hashOID);
-
-                if (hashType == WC_HASH_TYPE_NONE) {
-                    WOLFSSL_MSG("Error getting hash type for PKCS7 content"
-                                                            " verification");
-                    ret = ASN_PARSE_E;
-                }
-                if (wc_HashGetDigestSize(hashType) < 0) {
-                    WOLFSSL_MSG("Error getting digest size");
-                    ret = ASN_PARSE_E;
-                }
-                /* store hashType for later hashing */
-                pkcs7->stream->hashType = hashType;
-
-                /* restore idx */
-                idx = localIdx;
-
-                WOLFSSL_MSG("DigestAlgorithmIdentifier found in bundle");
-            }
-        #endif /* !NO_PKCS7_STREAM */
-
-            /* Skip the set. */
-            idx += (word32)length;
-            degenerate = (length == 0) ? 1 : 0;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->degenerate = (degenerate != 0);
-        #endif /* !NO_PKCS7_STREAM */
-            if (pkcs7->noDegenerate == 1 && degenerate != 0) {
-                ret = PKCS7_NO_SIGNER_E;
-            }
-
-            if (ret != 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &stateIdx, &idx)) != 0) {
-                break;
-            }
-            if (pkiMsg2 && pkiMsg2Sz > 0) {
-                pkcs7->stream->maxLen += pkiMsg2Sz + pkcs7->contentSz;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, totalSz, 0, 0);
-
-        #endif
-
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE2);
-
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->expected = MAX_SEQ_SZ + MAX_OID_SZ + ASN_TAG_SZ +
-                                    MAX_LENGTH_SZ + ASN_TAG_SZ + MAX_LENGTH_SZ;
-        #endif /* !NO_PKCS7_STREAM */
-            FALL_THROUGH;
-
-        case WC_PKCS7_VERIFY_STAGE2:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz + in2Sz,
-                           pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                break;
-            }
-            degenerate = pkcs7->stream->degenerate;
-
-            wc_PKCS7_StreamGetVar(pkcs7, &totalSz, 0, 0);
-            if (pkcs7->stream->length > 0)
-                pkiMsgSz = pkcs7->stream->length;
-        #ifdef ASN_BER_TO_DER
-            else if (pkcs7->der)
-                pkiMsgSz = pkcs7->derSz;
-        #endif
-            else
-                pkiMsgSz = inSz;
-
-        #endif
-            /* Get the inner ContentInfo sequence */
-            if (GetSequence_ex(pkiMsg, &idx, &encapContentInfoLen, pkiMsgSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            /* Get the inner ContentInfo contentType */
-            if (ret == 0) {
-                int isIndef = 0;
-                word32 tmpIdx = idx;
-                if (encapContentInfoLen == 0 &&
-                    pkiMsg[idx-1] == ASN_INDEF_LENGTH) {
-                    isIndef = 1;
-            #ifndef NO_PKCS7_STREAM
-                    /* count up indef-length count  */
-                    pkcs7->stream->cntIdfCnt++;
-            #endif
-                }
-                if (GetASNObjectId(pkiMsg, &idx, &length, pkiMsgSz) == 0) {
-                    contentType = pkiMsg + tmpIdx;
-                    contentTypeSz = (word32)length + (idx - tmpIdx);
-                    idx += (word32)length;
-                }
-                else {
-                    ret = ASN_PARSE_E;
-                }
-                /* if indef, skip EOF */
-                if (isIndef) {
-                    if (idx + 1 >= pkiMsgSz) {
-                        ret = ASN_PARSE_E;
-                    }
-                    else if (pkiMsg[idx] == ASN_EOC && pkiMsg[idx+1] == 0) {
-                        idx += 2; /* skip EOF + zero byte */
-            #ifndef NO_PKCS7_STREAM
-                        pkcs7->stream->cntIdfCnt--;
-            #endif
-                    }
-                }
-            }
-
-            if (ret != 0)
-                break;
-
-            /* Check for content, it could be omitted when degenerate */
-            localIdx = idx;
-            ret = 0;
-            if (localIdx + 1 > pkiMsgSz) {
-                ret = BUFFER_E;
-                break;
-            }
-
-            /* Set error state if no more data left in ContentInfo, meaning
-             * no content - may be detached. Will recover from error below */
-            if ((encapContentInfoLen != 0) &&
-                ((word32)encapContentInfoLen - contentTypeSz == 0)) {
-                ret = ASN_PARSE_E;
-            #ifndef NO_PKCS7_STREAM
-                pkcs7->stream->noContent = 1;
-            #endif
-            }
-
-            /* PKCS#7 spec:
-             *     content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
-             * CMS spec:
-             *     eContent [0] EXPLICIT OCTET STRING OPTIONAL
-             */
-            if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) != 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
-                ret = ASN_PARSE_E;
-
-            /* Get length of inner eContent payload. For CMS, spec defines
-             * OCTET_STRING will be next. If so, we use the length retrieved
-             * there. PKCS#7 spec defines ANY as eContent type. In this case
-             * we fall back and save this content length for use later */
-            if (ret == 0 && pkiMsg[localIdx] != ASN_INDEF_LENGTH) {
-                if (GetLength_ex(pkiMsg, &localIdx, &length, pkiMsgSz,
-                        NO_USER_CHECK) <= 0) {
-                    ret = ASN_PARSE_E;
-                }
-
-                if (localIdx >= pkiMsgSz) {
-                    ret = BUFFER_E;
-                }
-            }
-            else if (ret == 0 && pkiMsg[localIdx] == ASN_INDEF_LENGTH) {
-        #ifndef NO_PKCS7_STREAM
-                pkcs7->stream->cntIdfCnt++;    /* count up indef-length count */
-        #endif
-                length = 0;
-                localIdx++;
-            }
-            else {
-                length = 0;
-                localIdx++;
-            }
-
-            /* Save idx to back up in case of PKCS#7 eContent */
-            start = localIdx;
-
-            /* get length of content in the case that there is multiple parts */
-            if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 &&
-                (tag != (ASN_OCTET_STRING | ASN_CONSTRUCTED) &&
-                (tag != ASN_OCTET_STRING))) {
-
-                /* If reached end of ContentInfo, or we see the next element
-                 * ([0] IMPLICIT CertificateSet), set error state. Either
-                 * true error or detached */
-                if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-                    ret = ASN_PARSE_E;
-                }
-
-                /* Back up before getting tag, process as PKCS#7 ANY and use
-                 * this as start of content. */
-                localIdx = start;
-                pkcs7->contentIsPkcs7Type = 1;
-            }
-            else {
-                /* CMS eContent OCTET_STRING */
-                if (ret == 0 && tag == (ASN_OCTET_STRING | ASN_CONSTRUCTED)) {
-                    multiPart = 1;
-
-                    /* Get length of all OCTET_STRINGs. */
-                    if (GetLength_ex(pkiMsg, &localIdx, &contentLen, pkiMsgSz,
-                                NO_USER_CHECK) < 0)
-                        ret = ASN_PARSE_E;
-                #ifndef NO_PKCS7_STREAM
-                    if (ret == 0 && pkiMsg[localIdx - 1] == ASN_INDEF_LENGTH) {
-                        pkcs7->stream->cntIdfCnt++;  /* indef-length count  */
-                    }
-                #endif
-                    /* Check whether there is one OCTET_STRING inside. */
-                    start = localIdx;
-                    if (localIdx >= pkiMsgSz) {
-                        ret = BUFFER_E;
-                    }
-
-                    if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz)
-                            != 0)
-                        ret = ASN_PARSE_E;
-
-                    if (ret == 0 && tag != ASN_OCTET_STRING)
-                        ret = ASN_PARSE_E;
-
-                    if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
-                                pkiMsgSz, NO_USER_CHECK) < 0)
-                        ret = ASN_PARSE_E;
-
-                    if (ret == 0) {
-                        /* Use single OCTET_STRING directly, or reset length. */
-                        if (localIdx - start + (word32)length ==
-                                                           (word32)contentLen) {
-                            multiPart = 0;
-                        } else {
-                        #ifndef NO_PKCS7_STREAM
-                            pkcs7->stream->multi         = (multiPart != 0);
-                            pkcs7->stream->currContIdx   = localIdx;
-                            pkcs7->stream->currContSz    = (word32)length;
-                            pkcs7->stream->currContRmnSz = (word32)length;
-                        #endif
-                            /* reset length to outer OCTET_STRING for bundle
-                             * size check below */
-                            length = contentLen;
-                        }
-                        localIdx = start;
-                    }
-
-                    if (ret != 0) {
-                        /* failed ASN1 parsing during OCTET_STRING checks */
-                        break;
-                    }
-                }
-
-                /* get length of content in case of single part */
-                if (ret == 0 && !multiPart) {
-                    if (tag != ASN_OCTET_STRING)
-                        ret = ASN_PARSE_E;
-
-                    if (ret == 0 && GetLength_ex(pkiMsg, &localIdx,
-                                &length, pkiMsgSz, NO_USER_CHECK) < 0)
-                        ret = ASN_PARSE_E;
-                #ifndef NO_PKCS7_STREAM
-                    if (ret == 0) {
-                        pkcs7->stream->multi         = (multiPart != 0);
-                        pkcs7->stream->currContIdx   = localIdx;
-                        pkcs7->stream->currContSz    = (word32)length;
-                        pkcs7->stream->currContRmnSz = (word32)length;
-                    }
-                #endif
-                }
-            }
-
-            /* update idx if successful */
-            if (ret == 0) {
-                /* support using header and footer without content */
-                if (pkiMsg2 && pkiMsg2Sz > 0 && hashBuf && hashSz > 0) {
-                    localIdx = 0;
-            #ifndef NO_PKCS7_STREAM
-                    pkcs7->stream->noContent = 1;
-            #endif
-
-                }
-                idx = localIdx;
-            }
-            else {
-
-                /* If either pkcs7->content and pkcs7->contentSz are set
-                 * (detached signature where user has set content explicitly
-                 * into pkcs7->content/contentSz) OR pkcs7->hashBuf and
-                 * pkcs7->hashSz are set (user has pre-computed content
-                 * digest and passed in instead of content directly), try to
-                 * process as a detached signature */
-                if (!degenerate &&
-                    ((pkcs7->content != NULL && pkcs7->contentSz != 0) ||
-                     (hashBuf != NULL && hashSz > 0)) ) {
-                    WOLFSSL_MSG("Trying to process as detached signature");
-                    detached = 1;
-                }
-
-                if (!degenerate && !detached && ret != 0)
-                    break;
-
-                /* no content to read */
-                length = 0;
-                contentLen = 0;
-
-                pkiMsg2   = pkiMsg;
-                pkiMsg2Sz = pkiMsgSz;
-
-                /* reset ret */
-                ret = 0;
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            /* save detached flag value */
-            pkcs7->stream->detached = (detached != 0);
-
-            /* save contentType */
-            pkcs7->stream->nonce = (byte*)XMALLOC(contentTypeSz, pkcs7->heap,
-                    DYNAMIC_TYPE_PKCS7);
-            if (pkcs7->stream->nonce == NULL) {
-                ret = MEMORY_E;
-                break;
-            }
-            else {
-                pkcs7->stream->nonceSz = contentTypeSz;
-                XMEMCPY(pkcs7->stream->nonce, contentType, contentTypeSz);
-            }
-            if (ret < 0)
-                break;
-
-            if (pkcs7->stream->noContent) {
-                pkcs7->stream->expected = 0;
-            }
-            else {
-                if (multiPart) {
-                    idx = pkcs7->stream->currContIdx;
-                }
-                if (in2Sz > 0 && hashSz > 0) {
-                    /* seems no content included */
-                    pkcs7->stream->expected = + ASN_TAG_SZ + MAX_LENGTH_SZ;
-                }
-                else {
-                    pkcs7->stream->expected = pkcs7->stream->currContSz;
-                }
-            }
-
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &stateIdx, &idx)) != 0) {
-                break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, pkiMsg2Sz, (int)localIdx, length);
-
-
-        #endif /* !NO_PKCS7_STREAM */
-
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE3);
-
-        #ifndef NO_PKCS7_STREAM
-        #ifdef ASN_BER_TO_DER
-            /* setup hash struct for creating hash of content if needed */
-            if (pkcs7->streamOutCb) {
-                ret = wc_HashInit_ex(&pkcs7->stream->hashAlg,
-                    pkcs7->stream->hashType, pkcs7->heap, pkcs7->devId);
-                if (ret != 0)
-                    break;
-            }
-        #endif /* ASN_BER_TO_DER */
-
-        /* free pkcs7->stream->content buffer */
-        XFREE(pkcs7->stream->content, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->stream->content = NULL;
-        #endif /* !NO_PKCS7_STREAM */
-
-            FALL_THROUGH;
-
-        case WC_PKCS7_VERIFY_STAGE3:
-            keepContent = !(pkiMsg2 && pkiMsg2Sz > 0 && hashBuf && hashSz > 0);
-        #ifndef NO_PKCS7_STREAM
-            ret = wc_PKCS7_HandleOctetStrings(pkcs7, in, inSz,
-                                                &stateIdx, &idx, keepContent);
-            if (ret != 0)
-                break;
-
-            /* copy content to pkcs7->contentDynamic */
-            if (keepContent && pkcs7->stream->content &&
-                                            pkcs7->stream->contentSz >0) {
-                pkcs7->contentDynamic = (byte*)XMALLOC(pkcs7->stream->contentSz,
-                                              pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                if (pkcs7->contentDynamic == NULL) {
-                    ret = MEMORY_E;
-                    break;
-                }
-                XMEMCPY(pkcs7->contentDynamic, pkcs7->stream->content,
-                                               pkcs7->stream->contentSz);
-
-                pkcs7->contentSz = pkcs7->stream->contentSz;
-                pkcs7->content   = pkcs7->contentDynamic;
-            }
-
-            /* check if bundle has more elements or footer, if not, set content
-             * to pkcs7->content and hash to pkcs7->hash.
-             */
-            if (ret == 0 && pkcs7->stream->maxLen > 0 &&
-                    (pkcs7->stream->maxLen - pkcs7->stream->totalRd)
-                                                < ASN_TAG_SZ + MAX_LENGTH_SZ) {
-
-                ret = 0;
-                break;
-            }
-            /* expect data length to be enough to check set and seq of certs */
-            pkcs7->stream->expected = (ASN_TAG_SZ + MAX_LENGTH_SZ) * 2;
-
-        #else
-            /* Break out before content because it can be optional in degenerate
-             * cases. */
-            if (ret != 0 && !degenerate)
-                break;
-
-            /* get parts of content */
-            if (ret == 0 && multiPart) {
-                int i = 0;
-                keepContent = !(pkiMsg2 && pkiMsg2Sz > 0 && hashBuf &&
-                                                                hashSz > 0);
-
-                if (keepContent) {
-                    /* Create a buffer to hold content of OCTET_STRINGs. */
-                    pkcs7->contentDynamic = (byte*)XMALLOC(contentLen,
-                                            pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                    if (pkcs7->contentDynamic == NULL)
-                        ret = MEMORY_E;
-                }
-
-                start = localIdx;
-                /* Use the data from each OCTET_STRING. */
-                while (ret == 0 && localIdx < start + contentLen) {
-                    if (GetASNTag(pkiMsg, &localIdx, &tag, totalSz) < 0)
-                        ret = ASN_PARSE_E;
-                    if (ret == 0 && tag != ASN_OCTET_STRING)
-                        ret = ASN_PARSE_E;
-
-                    if (ret == 0 && GetLength(pkiMsg, &localIdx, &length,
-                                                                totalSz) < 0)
-                        ret = ASN_PARSE_E;
-                    if (ret == 0 && length + localIdx > start + contentLen)
-                        ret = ASN_PARSE_E;
-
-                    if (ret == 0) {
-                        if (keepContent) {
-                            XMEMCPY(pkcs7->contentDynamic + i,
-                                                    pkiMsg + localIdx, length);
-                        }
-                        i += length;
-                        localIdx += length;
-                    }
-                }
-                localIdx = start; /* reset for sanity check, increment later */
-                length = i;
-            }
-
-            /* Save the inner data as the content. */
-            if (ret == 0 && length > 0) {
-                contentSz = length;
-
-                /* support using header and footer without content */
-                if (pkiMsg2 && pkiMsg2Sz > 0 && hashBuf && hashSz > 0) {
-                    /* Content not provided, use provided pkiMsg2 footer */
-                    content = NULL;
-                    localIdx = 0;
-                    if (contentSz != (int)pkcs7->contentSz) {
-                        WOLFSSL_MSG("Data signed does not match contentSz"
-                                                                " provided");
-                        ret = BUFFER_E;
-                    }
-                }
-                else {
-                    if ((word32)length > pkiMsgSz - localIdx) {
-                        ret = BUFFER_E;
-                    }
-
-                    /* Content pointer for calculating hashes later */
-                    if (ret == 0 && !multiPart) {
-                        content = &pkiMsg[localIdx];
-                    }
-                    if (ret == 0 && multiPart) {
-                        content = pkcs7->contentDynamic;
-                    }
-
-                    if (ret == 0) {
-                        idx += length;
-                    }
-
-                    pkiMsg2   = pkiMsg;
-                    pkiMsg2Sz = pkiMsgSz;
-                }
-            }
-            else {
-                pkiMsg2 = pkiMsg;
-                pkiMsg2Sz = pkiMsgSz;
-            }
-
-            /* If getting the content info failed with non degenerate then
-             * return the error case. Otherwise with a degenerate it is ok
-             * if the content info was omitted */
-            if (!degenerate && !detached && (ret != 0)) {
-                break;
-            }
-            else {
-                ret = 0; /* reset ret state on degenerate case */
-            }
-
-            /* save content */
-            if (detached == 1) {
-                /* if detached, use content from user in pkcs7 struct */
-                content = pkcs7->content;
-                contentSz = pkcs7->contentSz;
-            }
-        #endif /* !NO_PKCS7_STREAM */
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE4);
-
-            FALL_THROUGH;
-
-       case WC_PKCS7_VERIFY_STAGE4:
-        #ifndef NO_PKCS7_STREAM
-            if (in2 && in2Sz > 0) {
-                src     = in2;
-                srcSz   = in2Sz;
-                pkiMsg2 = in2;
-            }
-            else {
-                src     = in;
-                srcSz   = inSz;
-                pkiMsg2 = in;
-            }
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, src, srcSz,
-                            pkcs7->stream->expected, &pkiMsg2, &idx)) != 0) {
-                break;
-            }
-
-        #ifdef ASN_BER_TO_DER
-            if (pkcs7->derSz != 0)
-                pkiMsg2Sz = pkcs7->derSz;
-            else
-        #endif
-                pkiMsg2Sz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                    srcSz;
-
-            if (pkcs7->stream->length > 0) {
-                localIdx = 0;
-            }
-
-            maxIdx = idx + pkcs7->stream->expected;
-        #endif /* !NO_PKCS7_STREAM */
-
-            if (pkiMsg2 == NULL || pkiMsg2Sz == 0) {
-                pkiMsg2Sz = pkiMsgSz;
-                pkiMsg2   = pkiMsg;
-            }
-
-            /* Certificates begin "footer" section (ie pkiMsg2) if being used */
-            /* Get the implicit[0] set of certificates */
-            if (ret == 0 && idx >= pkiMsg2Sz)
-                ret = BUFFER_E;
-
-            length = 0; /* set length to 0 to check if reading in any certs */
-            localIdx = idx;
-
-            if (ret == 0 && GetASNTag(pkiMsg2, &localIdx, &tag, pkiMsg2Sz) == 0
-                    && tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-                idx++;
-
-                /* if certificates set has indefinite length, try to get
-                 * the first certificate length of the set.
-                 */
-                if (ret == 0 && pkiMsg2[localIdx] == ASN_INDEF_LENGTH) {
-
-                    localIdx++;
-                    certIdx = localIdx;
-                #ifndef NO_PKCS7_STREAM
-                /* set indef-length count. used for skipping trailing zeros */
-                    pkcs7->stream->cntIdfCnt = 1;
-                #endif
-                    ret = GetASNTag(pkiMsg2, &localIdx, &tag, pkiMsg2Sz);
-                    if (ret == 0 && tag == (ASN_CONSTRUCTED | ASN_SEQUENCE)) {
-                        if (GetLength_ex(pkiMsg2, &localIdx, &length, maxIdx,
-                                                NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
-
-                        WOLFSSL_MSG("certificate set found");
-
-                        /* adjust cert length */
-                        length += (int)(localIdx - certIdx);
-                        idx = certIdx;
-                    }
-                }
-                /* in case certificates set has definite length  */
-                else {
-
-                    if (GetLength_ex(pkiMsg2, &localIdx, &length, maxIdx,
-                                                NO_USER_CHECK) < 0)
-                        ret = ASN_PARSE_E;
-
-                    idx = localIdx;
-                }
-            }
-
-            if (ret != 0) {
-                break;
-            }
-        #ifndef NO_PKCS7_STREAM
-            if (in2 && in2Sz > 0 && hashBuf && hashSz > 0) {
-                stateIdx = idx; /* case where all data was read from in2 */
-            }
-
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &stateIdx, &idx)) != 0) {
-                break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, pkiMsg2Sz, 0, length);
-            if (length > 0) {
-                pkcs7->stream->expected = (word32)length;
-            }
-            else {
-                pkcs7->stream->expected = MAX_SEQ_SZ;
-                if (pkcs7->stream->expected > (pkcs7->stream->maxLen -
-                            pkcs7->stream->totalRd) + pkcs7->stream->length) {
-                    pkcs7->stream->expected = (pkcs7->stream->maxLen -
-                                pkcs7->stream->totalRd) + pkcs7->stream->length;
-                }
-            }
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE5);
-            FALL_THROUGH;
-
-        case WC_PKCS7_VERIFY_STAGE5:
-        #ifndef NO_PKCS7_STREAM
-            if (in2 && in2Sz > 0) {
-                src     = in2;
-                srcSz   = in2Sz;
-                pkiMsg2 = in2;
-            }
-            else {
-                src     = in;
-                srcSz   = inSz;
-                pkiMsg2 = in;
-            }
-
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, src, srcSz,
-                            pkcs7->stream->expected, &pkiMsg2, &idx)) != 0) {
-                break;
-            }
-            pkiMsg2Sz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                                                                        srcSz;
-
-            wc_PKCS7_StreamGetVar(pkcs7, &pkiMsg2Sz, 0, &length);
-
-            /* restore content */
-            content   = pkcs7->stream->content;
-            contentSz = (int)pkcs7->stream->contentSz;
-
-            /* restore detached flag */
-            detached = pkcs7->stream->detached;
-
-            /* store current index to get the signerInfo index later  */
-            certIdx2 = idx;
-            /* store certificate if needed */
-            if (length > 0 && in2Sz == 0) {
-                /* free tmpCert if not NULL */
-                XFREE(pkcs7->stream->tmpCert, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                pkcs7->stream->tmpCert = (byte*)XMALLOC((word32)length,
-                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                if ((pkiMsg2 == NULL) || (pkcs7->stream->tmpCert == NULL)) {
-                    ret = MEMORY_E;
-                    break;
-                }
-                XMEMCPY(pkcs7->stream->tmpCert, pkiMsg2 + idx, (word32)length);
-                pkiMsg2 = pkcs7->stream->tmpCert;
-                pkiMsg2Sz = (word32)length;
-                idx = 0;
-            }
-        #else
-            /* store current index to get the signerInfo index later  */
-            certIdx2 = idx;
-        #endif
-
-                if (length > 0) {
-                    /* At this point, idx is at the first certificate in
-                     * a set of certificates. There may be more than one,
-                     * or none, or they may be a PKCS 6 extended
-                     * certificate. We want to save the first cert if it
-                     * is X.509. */
-
-                    certIdx = idx;
-
-                    if (length < MAX_LENGTH_SZ + ASN_TAG_SZ)
-                        ret = BUFFER_E;
-
-                    if (ret == 0)
-                        ret = GetASNTag(pkiMsg2, &certIdx, &tag, pkiMsg2Sz);
-
-                    if (ret == 0 && tag == (ASN_CONSTRUCTED | ASN_SEQUENCE)) {
-                        if (GetLength_ex(pkiMsg2, &certIdx, &certSz, pkiMsg2Sz,
-                                                        NO_USER_CHECK) < 0)
-                            ret = ASN_PARSE_E;
-
-                        cert = &pkiMsg2[idx];
-                        certSz += (int)(certIdx - idx);
-                        if (certSz > length) {
-                            ret = BUFFER_E;
-                            break;
-                        }
-                    }
-        #ifdef ASN_BER_TO_DER
-                    der = pkcs7->der;
-                    pkcs7->der = NULL;
-        #endif
-                    version = pkcs7->version;
-                    contentIsPkcs7Type = pkcs7->contentIsPkcs7Type;
-
-                    if (ret == 0) {
-                        byte isDynamic = (byte)pkcs7->isDynamic;
-                    #ifndef NO_PKCS7_STREAM
-                        PKCS7State* stream = pkcs7->stream;
-                        pkcs7->stream = NULL;
-                    #endif
-
-                        /* Save dynamic content before freeing PKCS7 struct */
-                        if (pkcs7->contentDynamic != NULL) {
-                            contentDynamic = (byte*)XMALLOC((word32)contentSz,
-                                               pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                            if (contentDynamic == NULL) {
-                            #ifndef NO_PKCS7_STREAM
-                                pkcs7->stream = stream;
-                            #endif
-                                ret = MEMORY_E;
-                                break;
-                            }
-                            XMEMCPY(contentDynamic, pkcs7->contentDynamic,
-                                    (word32)contentSz);
-                        }
-
-                        /* Free pkcs7 resources but not the structure itself */
-                        pkcs7->isDynamic = 0;
-                        wc_PKCS7_Free(pkcs7);
-                        pkcs7->isDynamic = (isDynamic != 0);
-                        /* This will reset PKCS7 structure and then set the
-                         * certificate */
-                        ret = wc_PKCS7_InitWithCert(pkcs7, cert, (word32)certSz);
-
-                        /* Restore pkcs7->contentDynamic from above, will be
-                         * freed by application with wc_PKCS7_Free() */
-                        if (contentDynamic != NULL) {
-                            pkcs7->contentDynamic = contentDynamic;
-                            contentDynamic = NULL;
-                        }
-
-                        /* Restore content is PKCS#7 flag */
-                        pkcs7->contentIsPkcs7Type = (contentIsPkcs7Type != 0);
-
-                    #ifndef NO_PKCS7_STREAM
-                        pkcs7->stream = stream;
-                    #endif
-                    }
-                    pkcs7->version = (byte)version;
-        #ifdef ASN_BER_TO_DER
-                    pkcs7->der = der;
-        #endif
-                    if (ret != 0)
-                        break;
-
-                    /* iterate through any additional certificates */
-                    if (ret == 0 && MAX_PKCS7_CERTS > 0) {
-                        int sz = 0;
-                        int i;
-
-                        pkcs7->cert[0]   = cert;
-                        pkcs7->certSz[0] = (word32)certSz;
-                        certIdx = idx + (word32)certSz;
-
-                        for (i = 1; i < MAX_PKCS7_CERTS &&
-                                certIdx + 1 < pkiMsg2Sz &&
-                                certIdx + 1 < (word32)length; i++) {
-                            localIdx = certIdx;
-
-                            if (ret == 0 && GetASNTag(pkiMsg2, &certIdx, &tag,
-                                        pkiMsg2Sz) < 0) {
-                                ret = ASN_PARSE_E;
-                                break;
-                            }
-
-                            if (ret == 0 &&
-                                    tag == (ASN_CONSTRUCTED | ASN_SEQUENCE)) {
-                                if (GetLength(pkiMsg2, &certIdx, &sz,
-                                            pkiMsg2Sz) < 0) {
-                                    ret = ASN_PARSE_E;
-                                    break;
-                                }
-
-                                pkcs7->cert[i]   = &pkiMsg2[localIdx];
-                                pkcs7->certSz[i] = (word32)sz +
-                                                   (certIdx - localIdx);
-                                certIdx += (word32)sz;
-                            }
-                        }
-                    }
-                }
-                idx += (word32)length;
-
-            if (!detached) {
-                /* set content and size after init of PKCS7 structure */
-                pkcs7->content   = content;
-                pkcs7->contentSz = (word32)contentSz;
-            }
-
-            idx = certIdx2 + (word32)length;
-
-            if (ret != 0) {
-                break;
-            }
-        #ifndef NO_PKCS7_STREAM
-            /* factor in that recent idx was in cert buffer. If in2 buffer was
-             * used then don't advance idx. */
-            if (length > 0 && pkcs7->stream->flagOne &&
-                    pkcs7->stream->length == 0) {
-                idx = stateIdx + idx;
-                if (idx > inSz) {
-                    /* index is more than input size */
-                    ret = BUFFER_E;
-                    break;
-                }
-            }
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &stateIdx, &idx)) != 0) {
-                break;
-            }
-
-            pkcs7->stream->expected = MAX_OID_SZ + ASN_TAG_SZ + MAX_LENGTH_SZ +
-                                      MAX_SET_SZ;
-            /* if certificate set has indef-length, there maybe trailing zeros.
-             * add expected size to include size of zeros. */
-            if (pkcs7->stream->cntIdfCnt > 0) {
-                pkcs7->stream->expected += (word32)pkcs7->stream->cntIdfCnt * 2;
-            }
-
-            if (pkcs7->stream->expected > (pkcs7->stream->maxLen -
-                                pkcs7->stream->totalRd) + pkcs7->stream->length)
-                pkcs7->stream->expected = (pkcs7->stream->maxLen -
-                                pkcs7->stream->totalRd) + pkcs7->stream->length;
-
-            wc_PKCS7_StreamGetVar(pkcs7, &pkiMsg2Sz,  0, 0);
-            wc_PKCS7_StreamStoreVar(pkcs7, pkiMsg2Sz, 0, length);
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE6);
-            FALL_THROUGH;
-
-        case WC_PKCS7_VERIFY_STAGE6:
-        #ifndef NO_PKCS7_STREAM
-
-            if (in2 && in2Sz > 0) {
-                src     = in2;
-                srcSz   = in2Sz;
-                pkiMsg2 = in2;
-            }
-            else {
-                src     = in;
-                srcSz   = inSz;
-                pkiMsg2 = in;
-            }
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, src, srcSz,
-                            pkcs7->stream->expected, &pkiMsg2, &idx)) != 0) {
-                break;
-            }
-            wc_PKCS7_StreamGetVar(pkcs7, &pkiMsg2Sz, 0, &length);
-
-            /* check if using internal stream buffer and should adjust sz */
-            pkiMsg2Sz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                                                                        srcSz;
-
-            /* restore content type */
-            contentType   = pkcs7->stream->nonce;
-            contentTypeSz = pkcs7->stream->nonceSz;
-
-            maxIdx = idx + pkcs7->stream->expected;
-            if (maxIdx > pkiMsg2Sz) {
-                ret = BUFFER_E;
-                break;
-            }
-            stateIdx = idx;
-        #else
-            /* if not streaming, maxIdx is just pkiMsg2Sz */
-            maxIdx = pkiMsg2Sz;
-        #endif
-
-            /* set contentType and size after init of PKCS7 structure */
-            if (ret == 0 && wc_PKCS7_SetContentType(pkcs7, contentType,
-                        contentTypeSz) < 0)
-                ret = ASN_PARSE_E;
-        #ifndef NO_PKCS7_STREAM
-            /* prior to find set of crls, remove trailing zeros of
-             * set of certificates */
-            if (ret == 0 && pkcs7->stream->cntIdfCnt > 0) {
-                word32 i;
-                word32 sz = (word32)pkcs7->stream->cntIdfCnt * ASN_INDEF_END_SZ;
-                localIdx = idx;
-                for (i = 0; i < sz; i++) {
-                    if (pkiMsg2[localIdx + i] == 0)
-                        continue;
-                    else {
-                        ret = ASN_PARSE_E;
-                        break;
-                    }
-                }
-                if (ret == 0) {
-                    idx += (word32)pkcs7->stream->cntIdfCnt * ASN_INDEF_END_SZ;
-                    pkcs7->stream->cntIdfCnt = 0;
-                }
-            }
-        #endif /* !NO_PKCS7_STREAM */
-            /* Get the implicit[1] set of crls */
-            if (ret == 0 && idx >= maxIdx)
-                ret = BUFFER_E;
-
-            localIdx = idx;
-            if (ret == 0 && GetASNTag(pkiMsg2, &localIdx, &tag, pkiMsg2Sz) == 0
-                    && tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) {
-                idx++;
-                if (GetLength(pkiMsg2, &idx, &length, pkiMsg2Sz) < 0)
-                    ret = ASN_PARSE_E;
-
-                /* Skip the set */
-                idx += (word32)length;
-            }
-
-            /* Get the set of signerInfos */
-            if (ret == 0 && GetSet_ex(pkiMsg2, &idx, &length, maxIdx,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret != 0)
-                break;
-        #ifndef NO_PKCS7_STREAM
-            if (!pkcs7->stream->flagOne) {
-                stateIdx = idx; /* didn't read any from internal buffer */
-            }
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &stateIdx, &idx)) != 0) {
-                break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, pkiMsg2Sz, 0, length);
-
-            if (in2 && in2Sz > 0 && hashBuf && hashSz > 0) {
-                if (length > 0) {
-                    pkcs7->stream->expected = (word32)length;
-                }
-                else {
-                    pkcs7->stream->expected = 0;
-                }
-            }
-            else {
-                /* last state expect the rest of the buffer */
-                pkcs7->stream->expected = (pkcs7->stream->maxLen -
-                    pkcs7->stream->totalRd) + pkcs7->stream->length;
-            }
-            /* In case of indefinite length used in the bundle, terminating
-             * zero's should exist at the end of the bundle.
-             */
-            if (pkcs7->stream->indefLen == 1) {
-                pkcs7->stream->expected = (word32)length + 3 * ASN_INDEF_END_SZ;
-            }
-            else  {
-                pkcs7->stream->expected = (word32)length;
-            }
-
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE7);
-        #endif /* !NO_PKCS7_STREAM */
-            FALL_THROUGH;
-
-        case WC_PKCS7_VERIFY_STAGE7:
-        #ifndef NO_PKCS7_STREAM
-            if (in2 && in2Sz > 0) {
-                src     = in2;
-                srcSz   = in2Sz;
-                pkiMsg2 = in2;
-            }
-            else {
-                src     = in;
-                srcSz   = inSz;
-                pkiMsg2 = in;
-            }
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, src, srcSz,
-                            pkcs7->stream->expected, &pkiMsg2, &idx)) != 0) {
-                break;
-            }
-
-            wc_PKCS7_StreamGetVar(pkcs7, &pkiMsg2Sz, 0, &length);
-            pkiMsg2Sz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                                                                        srcSz;
-            degenerate = pkcs7->stream->degenerate;
-
-            /* restore content */
-            content   = pkcs7->stream->content;
-            contentSz = (int)pkcs7->stream->contentSz;
-        #endif
-
-            ret = wc_PKCS7_ParseSignerInfo(pkcs7, pkiMsg2, pkiMsg2Sz, &idx,
-                    degenerate, &signedAttrib, &signedAttribSz);
-
-            /* parse out the signature if present and verify it */
-            if (ret == 0 && length > 0 && degenerate == 0) {
-                WOLFSSL_MSG("Parsing signature and verifying");
-                if (idx >= pkiMsg2Sz)
-                    ret = BUFFER_E;
-
-                /* Get the signature */
-                localIdx = idx;
-                if (ret == 0 && GetASNTag(pkiMsg2, &localIdx, &tag,
-                            pkiMsg2Sz) == 0 && tag == ASN_OCTET_STRING) {
-                    idx++;
-
-                    if (GetLength(pkiMsg2, &idx, &length, pkiMsg2Sz) < 0)
-                        ret = ASN_PARSE_E;
-
-                    /* save pointer and length */
-                    sig = &pkiMsg2[idx];
-                    sigSz = length;
-
-                    idx += (word32)length;
-                }
-
-                pkcs7->content = content;
-                pkcs7->contentSz = (word32)contentSz;
-
-                if (ret == 0) {
-                #if !defined(NO_PKCS7_STREAM) && defined(ASN_BER_TO_DER)
-                    byte streamHash[WC_MAX_DIGEST_SIZE];
-
-                    /* get final hash if having done hash updates while
-                     * streaming out the content */
-                    if (pkcs7->streamOutCb) {
-                        ret = wc_HashFinal(&pkcs7->stream->hashAlg,
-                            pkcs7->stream->hashType, streamHash);
-                        hashBuf = streamHash;
-                        length  = wc_HashGetDigestSize(pkcs7->stream->hashType);
-                        if (length < 0) {
-                            WOLFSSL_MSG("Error getting digest size");
-                            ret = ASN_PARSE_E;
-                        }
-                        else {
-                            hashSz = (word32)length;
-                        }
-                        wc_HashFree(&pkcs7->stream->hashAlg,
-                            pkcs7->stream->hashType);
-                        if (ret != 0)
-                            break;
-                    }
-                #endif /* !NO_PKCS7_STREAM && ASN_BER_TO_DER */
-                    ret = wc_PKCS7_SignedDataVerifySignature(pkcs7, sig,
-                            (word32)sigSz, signedAttrib, (word32)signedAttribSz,
-                                                   hashBuf, hashSz);
-                }
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            /* make sure that terminating zero's follow */
-            if ((ret == WC_NO_ERR_TRACE(PKCS7_SIGNEEDS_CHECK) || ret >= 0) &&
-                    pkcs7->stream->indefLen == 1) {
-                word32 i;
-                for (i = 0; i < 3 * ASN_INDEF_END_SZ; i++) {
-                    if (pkiMsg2[idx + i] != 0) {
-                        ret = ASN_PARSE_E;
-                        break;
-                    }
-                }
-            }
-        #endif /* NO_PKCS7_STREAM */
-
-            if (ret < 0)
-                break;
-
-
-            ret = 0; /* success */
-        #ifndef NO_PKCS7_STREAM
-            wc_PKCS7_ResetStream(pkcs7);
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-            break;
-
-        default:
-            WOLFSSL_MSG("PKCS7 Unknown verify state");
-            ret = BAD_FUNC_ARG;
-    }
-
-    if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-    #ifndef NO_PKCS7_STREAM
-        wc_PKCS7_ResetStream(pkcs7);
-    #endif
-        wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-    }
-    return ret;
-}
-
-
-/* Gets a copy of the SID parsed from signerInfo. This can be called after
- * wc_PKCS7_VerifySignedData has been called. SID can be SKID in version 3 case
- * or issuerAndSerialNumber.
- *
- * return 0 on success and LENGTH_ONLY_E if just setting "outSz" for buffer
- *  length needed.
- */
-int wc_PKCS7_GetSignerSID(wc_PKCS7* pkcs7, byte* out, word32* outSz)
-{
-    if (outSz == NULL || pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (pkcs7->signerInfo == NULL) {
-        WOLFSSL_MSG("Either the bundle had no signers or"
-                "wc_PKCS7_VerifySignedData needs called yet");
-        return PKCS7_NO_SIGNER_E;
-    }
-
-    if (pkcs7->signerInfo->sidSz == 0) {
-        WOLFSSL_MSG("Bundle had no signer SID set");
-        return PKCS7_NO_SIGNER_E;
-    }
-
-    if (out == NULL) {
-        *outSz = pkcs7->signerInfo->sidSz;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if (*outSz < pkcs7->signerInfo->sidSz) {
-        WOLFSSL_MSG("Buffer being passed in is not large enough for SKID");
-        return BUFFER_E;
-    }
-    XMEMCPY(out, pkcs7->signerInfo->sid, pkcs7->signerInfo->sidSz);
-    *outSz = pkcs7->signerInfo->sidSz;
-    return 0;
-}
-
-
-/* SignedData verification function variant that allows pre-computed content
- * message digest and optional PKCS7/CMS bundle content header/footer to be
- * used for verification. Useful for large data signing.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- * hashBuf - message digest of content
- * hashSz - size of hashBuf, octets
- * pkiMsgHead - PKCS7/CMS header that goes on top of the raw data signed,
- *              as output from wc_PKCS7_EncodeSignedData_ex (if also using
- *              pkiMsgFoot). Otherwise, PKCS7/CMS bundle with
- *              detached signature - will use hashBuf/hashSz to verify.
- * pkiMsgHeadSz - size of pkiMsgHead, octets
- * pkiMsgFoot - PKCS7/CMS footer that goes at the end of the raw data signed,
- *              as output from wc_PKCS7_EncodeSignedData_ex. Can be NULL
- *              if pkiMsgHead is a direct detached signature bundle to be used
- *              with hashBuf/hashSz.
- * pkiMsgFootSz - size of pkiMsgFoot, octets. Should be 0 if pkiMsgFoot is NULL.
- *
- * Returns 0 on success, negative upon error.
- *
- */
-int wc_PKCS7_VerifySignedData_ex(wc_PKCS7* pkcs7, const byte* hashBuf,
-    word32 hashSz, byte* pkiMsgHead, word32 pkiMsgHeadSz, byte* pkiMsgFoot,
-    word32 pkiMsgFootSz)
-{
-    return PKCS7_VerifySignedData(pkcs7, hashBuf, hashSz,
-        pkiMsgHead, pkiMsgHeadSz, pkiMsgFoot, pkiMsgFootSz);
-}
-
-int wc_PKCS7_VerifySignedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
-{
-    return PKCS7_VerifySignedData(pkcs7, NULL, 0, pkiMsg, pkiMsgSz, NULL, 0);
-}
-
-
-/* Generate random content encryption key, store into pkcs7->cek and
- * pkcs7->cekSz.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- * len   - length of key to be generated
- *
- * Returns 0 on success, negative upon error */
-static int PKCS7_GenerateContentEncryptionKey(wc_PKCS7* pkcs7, word32 len)
-{
-    int ret;
-    WC_RNG rng;
-    byte* tmpKey;
-
-    if (pkcs7 == NULL || len == 0)
-        return BAD_FUNC_ARG;
-
-    /* if key already exists, don't need to re-generate */
-    if (pkcs7->cek != NULL && pkcs7->cekSz != 0) {
-
-        /* if key exists, but is different size, return error */
-        if (pkcs7->cekSz != len) {
-            WOLFSSL_MSG("Random content-encryption key size is inconsistent "
-                        "between CMS recipients");
-            return WC_KEY_SIZE_E;
-        }
-
-        return 0;
-    }
-
-    /* allocate space for cek */
-    tmpKey = (byte*)XMALLOC(len, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (tmpKey == NULL)
-        return MEMORY_E;
-
-    XMEMSET(tmpKey, 0, len);
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        XFREE(tmpKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    ret = wc_RNG_GenerateBlock(&rng, tmpKey, len);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        XFREE(tmpKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* store into PKCS7, memory freed during final cleanup */
-    pkcs7->cek = tmpKey;
-    pkcs7->cekSz = len;
-
-    wc_FreeRng(&rng);
-
-    return 0;
-}
-
-
-/* wrap CEK (content encryption key) with KEK, returns output size (> 0) on
- * success, < 0 on error */
-static int wc_PKCS7_KeyWrap(const wc_PKCS7 * pkcs7, const byte * cek,
-        word32 cekSz, const byte * kek, word32 kekSz, byte * out, word32 outSz,
-        int keyWrapAlgo, int direction)
-{
-    int ret = 0;
-
-    if (pkcs7 == NULL || cek == NULL || kek == NULL || out == NULL)
-        return BAD_FUNC_ARG;
-
-    switch (keyWrapAlgo) {
-#ifndef NO_AES
-    #ifdef WOLFSSL_AES_128
-        case AES128_WRAP:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192_WRAP:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256_WRAP:
-    #endif
-
-            if (direction == AES_ENCRYPTION) {
-                if (pkcs7->aesKeyWrapUnwrapCb != NULL) {
-                    ret = pkcs7->aesKeyWrapUnwrapCb(kek, kekSz, cek, cekSz, 1,
-                                                    out, outSz);
-                }
-                else {
-                #ifdef HAVE_AES_KEYWRAP
-                    ret = wc_AesKeyWrap(kek, kekSz, cek, cekSz,
-                                        out, outSz, NULL);
-                #else
-                    ret = NOT_COMPILED_IN;
-                #endif
-                }
-
-            } else if (direction == AES_DECRYPTION) {
-                if (pkcs7->aesKeyWrapUnwrapCb != NULL) {
-                    ret = pkcs7->aesKeyWrapUnwrapCb(kek, kekSz, cek, cekSz, 0,
-                                                    out, outSz);
-                }
-                else {
-                #ifdef HAVE_AES_KEYWRAP
-                    ret = wc_AesKeyUnWrap(kek, kekSz, cek, cekSz,
-                                          out, outSz, NULL);
-                #else
-                    ret = NOT_COMPILED_IN;
-                #endif
-                }
-            } else {
-                WOLFSSL_MSG("Bad key un/wrap direction");
-                return BAD_FUNC_ARG;
-            }
-
-            if (ret <= 0)
-                return ret;
-            break;
-#endif /* NO_AES */
-
-        default:
-            WOLFSSL_MSG("Unsupported key wrap algorithm");
-            return BAD_KEYWRAP_ALG_E;
-    };
-
-    (void)cekSz;
-    (void)kekSz;
-    (void)outSz;
-    (void)direction;
-    return ret;
-}
-
-
-#ifdef HAVE_ECC
-
-/* KARI == KeyAgreeRecipientInfo (key agreement) */
-typedef struct WC_PKCS7_KARI {
-    DecodedCert* decoded;          /* decoded recip cert */
-    void*    heap;                 /* user heap, points to PKCS7->heap */
-    int      devId;                /* device ID for HW based private key */
-    ecc_key* recipKey;             /* recip key  (pub | priv) */
-    ecc_key* senderKey;            /* sender key (pub | priv) */
-    byte*    senderKeyExport;      /* sender ephemeral key DER */
-    byte*    kek;                  /* key encryption key */
-    byte*    ukm;                  /* OPTIONAL user keying material */
-    byte*    sharedInfo;           /* ECC-CMS-SharedInfo ASN.1 encoded blob */
-    word32   senderKeyExportSz;    /* size of sender ephemeral key DER */
-    word32   kekSz;                /* size of key encryption key */
-    word32   ukmSz;                /* size of user keying material */
-    word32   sharedInfoSz;         /* size of ECC-CMS-SharedInfo encoded */
-    byte     ukmOwner;             /* do we own ukm buffer? 1:yes, 0:no */
-    byte     direction;            /* WC_PKCS7_ENCODE | WC_PKCS7_DECODE */
-    WC_BITFIELD decodedInit:1;     /* indicates decoded was initialized */
-    WC_BITFIELD recipKeyInit:1;    /* indicates recipKey was initialized */
-    WC_BITFIELD senderKeyInit:1;   /* indicates senderKey was initialized */
-} WC_PKCS7_KARI;
-
-
-/* allocate and create new WC_PKCS7_KARI struct,
- * returns struct pointer on success, NULL on failure */
-static WC_PKCS7_KARI* wc_PKCS7_KariNew(wc_PKCS7* pkcs7, byte direction)
-{
-    WC_PKCS7_KARI* kari = NULL;
-
-    if (pkcs7 == NULL)
-        return NULL;
-
-    kari = (WC_PKCS7_KARI*)XMALLOC(sizeof(WC_PKCS7_KARI), pkcs7->heap,
-                                   DYNAMIC_TYPE_PKCS7);
-    if (kari == NULL) {
-        WOLFSSL_MSG("Failed to allocate WC_PKCS7_KARI");
-        return NULL;
-    }
-
-    kari->decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), pkcs7->heap,
-                                          DYNAMIC_TYPE_PKCS7);
-    if (kari->decoded == NULL) {
-        WOLFSSL_MSG("Failed to allocate DecodedCert");
-        XFREE(kari, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return NULL;
-    }
-    XMEMSET(kari->decoded, 0, sizeof(DecodedCert));
-
-    kari->recipKey = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
-                                       DYNAMIC_TYPE_PKCS7);
-    if (kari->recipKey == NULL) {
-        WOLFSSL_MSG("Failed to allocate recipient ecc_key");
-        XFREE(kari->decoded, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kari, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return NULL;
-    }
-
-    kari->senderKey = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
-                                        DYNAMIC_TYPE_PKCS7);
-    if (kari->senderKey == NULL) {
-        WOLFSSL_MSG("Failed to allocate sender ecc_key");
-        XFREE(kari->recipKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kari->decoded, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kari, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return NULL;
-    }
-
-    kari->senderKeyExport = NULL;
-    kari->senderKeyExportSz = 0;
-    kari->kek = NULL;
-    kari->kekSz = 0;
-    kari->ukm = NULL;
-    kari->ukmSz = 0;
-    kari->ukmOwner = 0;
-    kari->sharedInfo = NULL;
-    kari->sharedInfoSz = 0;
-    kari->direction = direction;
-    kari->decodedInit = 0;
-    kari->recipKeyInit = 0;
-    kari->senderKeyInit = 0;
-
-    kari->heap = pkcs7->heap;
-    kari->devId = pkcs7->devId;
-
-    return kari;
-}
-
-
-/* free WC_PKCS7_KARI struct, return 0 on success */
-static int wc_PKCS7_KariFree(WC_PKCS7_KARI* kari)
-{
-    void* heap;
-
-    if (kari) {
-        heap = kari->heap;
-
-        if (kari->decoded) {
-            if (kari->decodedInit)
-                FreeDecodedCert(kari->decoded);
-            XFREE(kari->decoded, heap, DYNAMIC_TYPE_PKCS7);
-        }
-        if (kari->senderKey) {
-            if (kari->senderKeyInit)
-                wc_ecc_free(kari->senderKey);
-            XFREE(kari->senderKey, heap, DYNAMIC_TYPE_PKCS7);
-        }
-        if (kari->recipKey) {
-            if (kari->recipKeyInit)
-                wc_ecc_free(kari->recipKey);
-            XFREE(kari->recipKey, heap, DYNAMIC_TYPE_PKCS7);
-        }
-        if (kari->senderKeyExport) {
-            ForceZero(kari->senderKeyExport, kari->senderKeyExportSz);
-            XFREE(kari->senderKeyExport, heap, DYNAMIC_TYPE_PKCS7);
-            kari->senderKeyExportSz = 0;
-        }
-        if (kari->kek) {
-            ForceZero(kari->kek, kari->kekSz);
-            XFREE(kari->kek, heap, DYNAMIC_TYPE_PKCS7);
-            kari->kekSz = 0;
-        }
-        if (kari->ukm) {
-            if (kari->ukmOwner == 1) {
-                XFREE(kari->ukm, heap, DYNAMIC_TYPE_PKCS7);
-            }
-            kari->ukmSz = 0;
-        }
-        if (kari->sharedInfo) {
-            ForceZero(kari->sharedInfo, kari->sharedInfoSz);
-            XFREE(kari->sharedInfo, heap, DYNAMIC_TYPE_PKCS7);
-            kari->sharedInfoSz = 0;
-        }
-        XFREE(kari, heap, DYNAMIC_TYPE_PKCS7);
-    }
-
-    (void)heap;
-
-    return 0;
-}
-
-
-/* parse recipient cert/key, return 0 on success, negative on error
- * key/keySz only needed during decoding (WC_PKCS7_DECODE) */
-static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
-                                       word32 certSz, const byte* key,
-                                       word32 keySz)
-{
-    int ret;
-    word32 idx;
-
-    if (kari == NULL || kari->decoded == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* decode certificate */
-    if (cert != NULL) {
-        InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
-        kari->decodedInit = 1;
-        ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
-        if (ret < 0)
-            return ret;
-
-        /* only supports ECDSA for now */
-        if (kari->decoded->keyOID != ECDSAk) {
-            WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
-            return BAD_FUNC_ARG;
-        }
-
-        /* make sure subject key id was read from cert */
-        if (kari->decoded->extSubjKeyIdSet == 0) {
-            WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
-            return BAD_FUNC_ARG;
-        }
-    }
-    ret = wc_ecc_init_ex(kari->recipKey, kari->heap, kari->devId);
-    if (ret != 0)
-        return ret;
-
-    kari->recipKeyInit = 1;
-
-    /* get recip public key */
-    if (kari->direction == WC_PKCS7_ENCODE) {
-        if (cert == NULL) {
-            WOLFSSL_MSG("Error recipient cert can not be null with encode");
-            return BAD_FUNC_ARG;
-        }
-
-        idx = 0;
-        ret = wc_EccPublicKeyDecode(kari->decoded->publicKey, &idx,
-                                    kari->recipKey, kari->decoded->pubKeySize);
-        if (ret != 0)
-            return ret;
-    }
-    /* get recip private key */
-    else if (kari->direction == WC_PKCS7_DECODE) {
-        if (key != NULL && keySz > 0) {
-            idx = 0;
-            ret = wc_EccPrivateKeyDecode(key, &idx, kari->recipKey, keySz);
-        }
-        else if (kari->devId == INVALID_DEVID) {
-            ret = BAD_FUNC_ARG;
-        }
-        if (ret != 0)
-            return ret;
-
-    } else {
-        /* bad direction */
-        return BAD_FUNC_ARG;
-    }
-
-    (void)idx;
-
-    return 0;
-}
-
-
-/* create ephemeral ECC key, places ecc_key in kari->senderKey,
- * DER encoded in kari->senderKeyExport. return 0 on success,
- * negative on error */
-static int wc_PKCS7_KariGenerateEphemeralKey(WC_PKCS7_KARI* kari)
-{
-    int ret;
-    WC_RNG rng;
-
-    if (kari == NULL || kari->decoded == NULL ||
-        kari->recipKey == NULL || kari->recipKey->dp == NULL)
-        return BAD_FUNC_ARG;
-
-    kari->senderKeyExport = (byte*)XMALLOC(kari->decoded->pubKeySize,
-                                           kari->heap, DYNAMIC_TYPE_PKCS7);
-    if (kari->senderKeyExport == NULL)
-        return MEMORY_E;
-
-    kari->senderKeyExportSz = kari->decoded->pubKeySize;
-
-    ret = wc_ecc_init_ex(kari->senderKey, kari->heap, kari->devId);
-    if (ret != 0) {
-        XFREE(kari->senderKeyExport, kari->heap, DYNAMIC_TYPE_PKCS7);
-        kari->senderKeyExportSz = 0;
-        kari->senderKeyExport   = NULL;
-        return ret;
-    }
-
-    kari->senderKeyInit = 1;
-
-    ret = wc_InitRng_ex(&rng, kari->heap, kari->devId);
-    if (ret != 0) {
-        XFREE(kari->senderKeyExport, kari->heap, DYNAMIC_TYPE_PKCS7);
-        kari->senderKeyExportSz = 0;
-        kari->senderKeyExport   = NULL;
-        return ret;
-    }
-
-    ret = wc_ecc_make_key_ex(&rng, kari->recipKey->dp->size,
-                             kari->senderKey, kari->recipKey->dp->id);
-    if (ret != 0) {
-        XFREE(kari->senderKeyExport, kari->heap, DYNAMIC_TYPE_PKCS7);
-        kari->senderKeyExportSz = 0;
-        kari->senderKeyExport   = NULL;
-        wc_FreeRng(&rng);
-        return ret;
-    }
-
-    wc_FreeRng(&rng);
-
-    /* dump generated key to X.963 DER for output in CMS bundle */
-    PRIVATE_KEY_UNLOCK();
-    ret = wc_ecc_export_x963(kari->senderKey, kari->senderKeyExport,
-                             &kari->senderKeyExportSz);
-    PRIVATE_KEY_LOCK();
-    if (ret != 0) {
-        XFREE(kari->senderKeyExport, kari->heap, DYNAMIC_TYPE_PKCS7);
-        kari->senderKeyExportSz = 0;
-        kari->senderKeyExport   = NULL;
-        return ret;
-    }
-
-    return 0;
-}
-
-
-/* create ASN.1 encoded ECC-CMS-SharedInfo using specified key wrap algorithm,
- * place in kari->sharedInfo. returns 0 on success, negative on error */
-static int wc_PKCS7_KariGenerateSharedInfo(WC_PKCS7_KARI* kari, int keyWrapOID)
-{
-    int idx = 0;
-    int sharedInfoSeqSz = 0;
-    int keyInfoSz = 0;
-    int suppPubInfoSeqSz = 0;
-    int entityUInfoOctetSz = 0;
-    int entityUInfoExplicitSz = 0;
-    int kekOctetSz = 0;
-    int sharedInfoSz = 0;
-
-    word32 kekBitSz = 0;
-
-    byte sharedInfoSeq[MAX_SEQ_SZ];
-    byte keyInfo[MAX_ALGO_SZ];
-    byte suppPubInfoSeq[MAX_SEQ_SZ];
-    byte entityUInfoOctet[MAX_OCTET_STR_SZ];
-    byte entityUInfoExplicitSeq[MAX_SEQ_SZ];
-    byte kekOctet[MAX_OCTET_STR_SZ];
-
-    if (kari == NULL)
-        return BAD_FUNC_ARG;
-
-    if ((kari->ukmSz > 0) && (kari->ukm == NULL))
-        return BAD_FUNC_ARG;
-
-    /* kekOctet */
-    kekOctetSz = (int)SetOctetString(sizeof(word32), kekOctet);
-    sharedInfoSz += (kekOctetSz + (int)sizeof(word32));
-
-    /* suppPubInfo */
-    suppPubInfoSeqSz = (int)SetImplicit(ASN_SEQUENCE, 2,
-                                        (word32)kekOctetSz + (word32)sizeof(word32),
-                                        suppPubInfoSeq, 0);
-    sharedInfoSz += suppPubInfoSeqSz;
-
-    /* optional ukm/entityInfo */
-    if (kari->ukmSz > 0) {
-        entityUInfoOctetSz = (int)SetOctetString(kari->ukmSz, entityUInfoOctet);
-        sharedInfoSz += (entityUInfoOctetSz + (int)kari->ukmSz);
-
-        entityUInfoExplicitSz = (int)SetExplicit(0,
-                                       (word32)entityUInfoOctetSz + kari->ukmSz,
-                                       entityUInfoExplicitSeq, 0);
-        sharedInfoSz += entityUInfoExplicitSz;
-    }
-
-    /* keyInfo */
-    keyInfoSz = (int)SetAlgoID(keyWrapOID, keyInfo, oidKeyWrapType, 0);
-    sharedInfoSz += keyInfoSz;
-
-    /* sharedInfo */
-    sharedInfoSeqSz = (int)SetSequence((word32)sharedInfoSz, sharedInfoSeq);
-    sharedInfoSz += sharedInfoSeqSz;
-
-    kari->sharedInfo = (byte*)XMALLOC((word32)sharedInfoSz, kari->heap,
-                                      DYNAMIC_TYPE_PKCS7);
-    if (kari->sharedInfo == NULL)
-        return MEMORY_E;
-
-    kari->sharedInfoSz = (word32)sharedInfoSz;
-
-    XMEMCPY(kari->sharedInfo + idx, sharedInfoSeq, (word32)sharedInfoSeqSz);
-    idx += sharedInfoSeqSz;
-    XMEMCPY(kari->sharedInfo + idx, keyInfo, (word32)keyInfoSz);
-    idx += keyInfoSz;
-    if (kari->ukmSz > 0) {
-        XMEMCPY(kari->sharedInfo + idx, entityUInfoExplicitSeq,
-                (word32)entityUInfoExplicitSz);
-        idx += entityUInfoExplicitSz;
-        XMEMCPY(kari->sharedInfo + idx, entityUInfoOctet,
-                (word32)entityUInfoOctetSz);
-        idx += entityUInfoOctetSz;
-        XMEMCPY(kari->sharedInfo + idx, kari->ukm, kari->ukmSz);
-        idx += (int)kari->ukmSz;
-    }
-    XMEMCPY(kari->sharedInfo + idx, suppPubInfoSeq, (word32)suppPubInfoSeqSz);
-    idx += suppPubInfoSeqSz;
-    XMEMCPY(kari->sharedInfo + idx, kekOctet, (word32)kekOctetSz);
-    idx += kekOctetSz;
-
-    kekBitSz = (kari->kekSz) * 8;              /* convert to bits */
-#ifdef LITTLE_ENDIAN_ORDER
-    kekBitSz = ByteReverseWord32(kekBitSz);    /* network byte order */
-#endif
-    XMEMCPY(kari->sharedInfo + idx, &kekBitSz, sizeof(kekBitSz));
-
-    return 0;
-}
-
-
-/* create key encryption key (KEK) using key wrap algorithm and key encryption
- * algorithm, place in kari->kek. return 0 on success, <0 on error. */
-static int wc_PKCS7_KariGenerateKEK(WC_PKCS7_KARI* kari, WC_RNG* rng,
-                                    int keyWrapOID, int keyEncOID)
-{
-    int ret;
-    int kSz;
-    enum wc_HashType kdfType;
-    byte*  secret;
-    word32 secretSz;
-
-    if (kari == NULL || kari->recipKey == NULL ||
-        kari->senderKey == NULL || kari->senderKey->dp == NULL)
-        return BAD_FUNC_ARG;
-
-    /* get KEK size, allocate buff */
-    kSz = wc_PKCS7_GetOIDKeySize(keyWrapOID);
-    if (kSz < 0)
-        return kSz;
-
-    kari->kek = (byte*)XMALLOC((word32)kSz, kari->heap, DYNAMIC_TYPE_PKCS7);
-    if (kari->kek == NULL)
-        return MEMORY_E;
-
-    kari->kekSz = (word32)kSz;
-
-    /* generate ECC-CMS-SharedInfo */
-    ret = wc_PKCS7_KariGenerateSharedInfo(kari, keyWrapOID);
-    if (ret != 0)
-        return ret;
-
-    /* generate shared secret */
-    secretSz = (word32)kari->senderKey->dp->size;
-    secret = (byte*)XMALLOC(secretSz, kari->heap, DYNAMIC_TYPE_PKCS7);
-    if (secret == NULL)
-        return MEMORY_E;
-
-#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
-    !defined(HAVE_SELFTEST)
-    ret = wc_ecc_set_rng(kari->senderKey, rng);
-    if (ret != 0) {
-        XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-    ret = wc_ecc_set_rng(kari->recipKey, rng);
-    if (ret != 0) {
-        XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-#else
-    (void)rng;
-#endif
-
-    if (kari->direction == WC_PKCS7_ENCODE) {
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_shared_secret(kari->senderKey, kari->recipKey,
-                                   secret, &secretSz);
-        PRIVATE_KEY_LOCK();
-    } else if (kari->direction == WC_PKCS7_DECODE) {
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_shared_secret(kari->recipKey, kari->senderKey,
-                                   secret, &secretSz);
-        PRIVATE_KEY_LOCK();
-    } else {
-        /* bad direction */
-        XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
-        return BAD_FUNC_ARG;
-    }
-
-    if (ret != 0) {
-        XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* run through KDF */
-    switch (keyEncOID) {
-
-    #ifndef NO_SHA
-        case dhSinglePass_stdDH_sha1kdf_scheme:
-            kdfType = WC_HASH_TYPE_SHA;
-            break;
-    #endif
-    #ifndef WOLFSSL_SHA224
-        case dhSinglePass_stdDH_sha224kdf_scheme:
-            kdfType = WC_HASH_TYPE_SHA224;
-            break;
-    #endif
-    #ifndef NO_SHA256
-        case dhSinglePass_stdDH_sha256kdf_scheme:
-            kdfType = WC_HASH_TYPE_SHA256;
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA384
-        case dhSinglePass_stdDH_sha384kdf_scheme:
-            kdfType = WC_HASH_TYPE_SHA384;
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA512
-        case dhSinglePass_stdDH_sha512kdf_scheme:
-            kdfType = WC_HASH_TYPE_SHA512;
-            break;
-    #endif
-        default:
-            WOLFSSL_MSG("Unsupported key agreement algorithm");
-            XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
-            return BAD_FUNC_ARG;
-    };
-
-#ifdef HAVE_X963_KDF
-    ret = wc_X963_KDF(kdfType, secret, secretSz, kari->sharedInfo,
-                      kari->sharedInfoSz, kari->kek, kari->kekSz);
-#else
-    (void)kdfType;
-    ret = NOT_COMPILED_IN;
-#endif
-
-    XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
-    return ret;
-}
-
-
-/* Encode and add CMS EnvelopedData KARI (KeyAgreeRecipientInfo) RecipientInfo
- * to CMS/PKCS#7 EnvelopedData structure.
- *
- * Returns 0 on success, negative upon error */
-int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz,
-                               int keyWrapOID, int keyAgreeOID, byte* ukm,
-                               word32 ukmSz, int options)
-{
-    Pkcs7EncodedRecip* recip;
-    Pkcs7EncodedRecip* lastRecip = NULL;
-    WC_PKCS7_KARI* kari = NULL;
-
-    word32 idx = 0;
-    word32 encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-
-    int ret = 0;
-    int keySz, direction = 0;
-    int blockKeySz = 0;
-    int keyIdSize;
-
-    /* ASN.1 layout */
-    int totalSz = 0;
-    int kariSeqSz = 0;
-    byte kariSeq[MAX_SEQ_SZ];           /* IMPLICIT [1] */
-    int verSz = 0;
-    byte ver[MAX_VERSION_SZ];
-
-    int origIdOrKeySeqSz = 0;
-    byte origIdOrKeySeq[MAX_SEQ_SZ];    /* IMPLICIT [0] */
-    int origPubKeySeqSz = 0;
-    byte origPubKeySeq[MAX_SEQ_SZ];     /* IMPLICIT [1] */
-    int origAlgIdSz = 0;
-    byte origAlgId[MAX_ALGO_SZ];
-    int origPubKeyStrSz = 0;
-    byte origPubKeyStr[MAX_OCTET_STR_SZ];
-
-    /* optional user keying material */
-    int ukmOctetSz = 0;
-    byte ukmOctetStr[MAX_OCTET_STR_SZ];
-    int ukmExplicitSz = 0;
-    byte ukmExplicitSeq[MAX_SEQ_SZ];
-
-    int keyEncryptAlgoIdSz = 0;
-    byte keyEncryptAlgoId[MAX_ALGO_SZ];
-    int keyWrapAlgSz = 0;
-    byte keyWrapAlg[MAX_ALGO_SZ];
-
-    int recipEncKeysSeqSz = 0;
-    byte recipEncKeysSeq[MAX_SEQ_SZ];
-    int recipEncKeySeqSz = 0;
-    byte recipEncKeySeq[MAX_SEQ_SZ];
-    int recipKeyIdSeqSz = 0;
-    byte recipKeyIdSeq[MAX_SEQ_SZ];     /* IMPLICIT [0] */
-    int subjKeyIdOctetSz = 0;
-    byte subjKeyIdOctet[MAX_OCTET_STR_SZ];
-    int encryptedKeyOctetSz = 0;
-    byte encryptedKeyOctet[MAX_OCTET_STR_SZ];
-
-#ifdef WOLFSSL_SMALL_STACK
-    byte* encryptedKey;
-
-    encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
-                                  DYNAMIC_TYPE_TMP_BUFFER);
-    if (encryptedKey == NULL) {
-        return MEMORY_E;
-    }
-#else
-    byte encryptedKey[MAX_ENCRYPTED_KEY_SZ];
-#endif
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           pkcs7->publicKeyOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    /* allocate and init memory for recipient */
-    recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap,
-                                 DYNAMIC_TYPE_PKCS7);
-    if (recip == NULL) {
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-    XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip));
-
-    /* get key size for content-encryption key based on algorithm */
-    blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (blockKeySz < 0) {
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return blockKeySz;
-    }
-
-    /* generate random content encryption key, if needed */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz);
-    if (ret < 0) {
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* set direction based on keyWrapAlgo */
-    switch (keyWrapOID) {
-#ifndef NO_AES
-    #ifdef WOLFSSL_AES_128
-        case AES128_WRAP:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192_WRAP:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256_WRAP:
-    #endif
-            direction = AES_ENCRYPTION;
-            break;
-#endif
-        default:
-            WOLFSSL_MSG("Unsupported key wrap algorithm");
-            WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return BAD_KEYWRAP_ALG_E;
-    }
-
-    kari = wc_PKCS7_KariNew(pkcs7, WC_PKCS7_ENCODE);
-    if (kari == NULL) {
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    /* set user keying material if available */
-    if (ukmSz > 0 && ukm != NULL) {
-        kari->ukm = ukm;
-        kari->ukmSz = ukmSz;
-        kari->ukmOwner = 0;
-    }
-
-    /* parse recipient cert, get public key */
-    ret = wc_PKCS7_KariParseRecipCert(kari, cert, certSz, NULL, 0);
-    if (ret != 0) {
-        wc_PKCS7_KariFree(kari);
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* generate sender ephemeral ECC key */
-    ret = wc_PKCS7_KariGenerateEphemeralKey(kari);
-    if (ret != 0) {
-        wc_PKCS7_KariFree(kari);
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* generate KEK (key encryption key) */
-    ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng, keyWrapOID, keyAgreeOID);
-    if (ret != 0) {
-        wc_PKCS7_KariFree(kari);
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* encrypt CEK with KEK */
-    keySz = wc_PKCS7_KeyWrap(pkcs7, pkcs7->cek, pkcs7->cekSz, kari->kek,
-                             kari->kekSz, encryptedKey, encryptedKeySz,
-                             keyWrapOID, direction);
-    if (keySz <= 0) {
-        wc_PKCS7_KariFree(kari);
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return keySz;
-    }
-    encryptedKeySz = (word32)keySz;
-
-    /* Start of RecipientEncryptedKeys */
-
-    /* EncryptedKey */
-    encryptedKeyOctetSz = (int)SetOctetString(encryptedKeySz,
-                                              encryptedKeyOctet);
-    totalSz += (encryptedKeyOctetSz + (int)encryptedKeySz);
-
-    /* SubjectKeyIdentifier */
-    subjKeyIdOctetSz = (int)SetOctetString((word32)keyIdSize, subjKeyIdOctet);
-    totalSz += (subjKeyIdOctetSz + keyIdSize);
-
-    /* RecipientKeyIdentifier IMPLICIT [0] */
-    recipKeyIdSeqSz = (int)SetImplicit(ASN_SEQUENCE, 0,
-                                       (word32)(subjKeyIdOctetSz + keyIdSize),
-                                       recipKeyIdSeq, 0);
-    totalSz += recipKeyIdSeqSz;
-
-    /* RecipientEncryptedKey */
-    recipEncKeySeqSz = (int)SetSequence((word32)totalSz, recipEncKeySeq);
-    totalSz += recipEncKeySeqSz;
-
-    /* RecipientEncryptedKeys */
-    recipEncKeysSeqSz = (int)SetSequence((word32)totalSz, recipEncKeysSeq);
-    totalSz += recipEncKeysSeqSz;
-
-    /* Start of optional UserKeyingMaterial */
-
-    if (kari->ukmSz > 0) {
-        ukmOctetSz = (int)SetOctetString(kari->ukmSz, ukmOctetStr);
-        totalSz += (ukmOctetSz + (int)kari->ukmSz);
-
-        ukmExplicitSz = (int)SetExplicit(1, (word32)ukmOctetSz + kari->ukmSz,
-                                    ukmExplicitSeq, 0);
-        totalSz += ukmExplicitSz;
-    }
-
-    /* Start of KeyEncryptionAlgorithmIdentifier */
-
-    /* KeyWrapAlgorithm */
-    keyWrapAlgSz = (int)SetAlgoID(keyWrapOID, keyWrapAlg, oidKeyWrapType, 0);
-    totalSz += keyWrapAlgSz;
-
-    /* KeyEncryptionAlgorithmIdentifier */
-    keyEncryptAlgoIdSz = (int)SetAlgoID(keyAgreeOID, keyEncryptAlgoId,
-                                   oidCmsKeyAgreeType, keyWrapAlgSz);
-    totalSz += keyEncryptAlgoIdSz;
-
-    /* Start of OriginatorIdentifierOrKey */
-
-    /* recipient ECPoint, public key */
-    XMEMSET(origPubKeyStr, 0, sizeof(origPubKeyStr)); /* no unused bits */
-    origPubKeyStr[0] = ASN_BIT_STRING;
-    origPubKeyStrSz = (int)SetLength(kari->senderKeyExportSz + 1,
-                                origPubKeyStr + 1) + 2;
-    totalSz += (origPubKeyStrSz + (int)kari->senderKeyExportSz);
-
-    /* Originator AlgorithmIdentifier, params set to NULL for interop
-       compatibility */
-    origAlgIdSz = (int)SetAlgoID(ECDSAk, origAlgId, oidKeyType, 2);
-    origAlgId[origAlgIdSz++] = ASN_TAG_NULL;
-    origAlgId[origAlgIdSz++] = 0;
-    totalSz += origAlgIdSz;
-
-    /* outer OriginatorPublicKey IMPLICIT [1] */
-    origPubKeySeqSz = (int)SetImplicit(ASN_SEQUENCE, 1,
-                               (word32)(origAlgIdSz + origPubKeyStrSz +
-                               (int)kari->senderKeyExportSz), origPubKeySeq, 0);
-    totalSz += origPubKeySeqSz;
-
-    /* outer OriginatorIdentifierOrKey IMPLICIT [0] */
-    origIdOrKeySeqSz = (int)SetImplicit(ASN_SEQUENCE, 0,
-                                (word32)(origPubKeySeqSz + origAlgIdSz +
-                                origPubKeyStrSz + (int)kari->senderKeyExportSz),
-                                origIdOrKeySeq, 0);
-    totalSz += origIdOrKeySeqSz;
-
-    /* version, always 3 */
-    verSz = SetMyVersion(3, ver, 0);
-    totalSz += verSz;
-    recip->recipVersion = 3;
-
-    /* outer IMPLICIT [1] kari */
-    kariSeqSz = (int)SetImplicit(ASN_SEQUENCE, 1, (word32)totalSz, kariSeq, 0);
-    totalSz += kariSeqSz;
-
-    if (totalSz > MAX_RECIP_SZ) {
-        WOLFSSL_MSG("KeyAgreeRecipientInfo output buffer too small");
-        wc_PKCS7_KariFree(kari);
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    XMEMCPY(recip->recip + idx, kariSeq, (word32)kariSeqSz);
-    idx += (word32)kariSeqSz;
-    XMEMCPY(recip->recip + idx, ver, (word32)verSz);
-    idx += (word32)verSz;
-
-    XMEMCPY(recip->recip + idx, origIdOrKeySeq, (word32)origIdOrKeySeqSz);
-    idx += (word32)origIdOrKeySeqSz;
-    XMEMCPY(recip->recip + idx, origPubKeySeq, (word32)origPubKeySeqSz);
-    idx += (word32)origPubKeySeqSz;
-
-    /* AlgorithmIdentifier with NULL parameter */
-    XMEMCPY(recip->recip + idx, origAlgId, (word32)origAlgIdSz);
-    idx += (word32)origAlgIdSz;
-
-    XMEMCPY(recip->recip + idx, origPubKeyStr, (word32)origPubKeyStrSz);
-    idx += (word32)origPubKeyStrSz;
-    /* ephemeral public key */
-    XMEMCPY(recip->recip + idx, kari->senderKeyExport, kari->senderKeyExportSz);
-    idx += kari->senderKeyExportSz;
-
-    if (kari->ukmSz > 0) {
-        XMEMCPY(recip->recip + idx, ukmExplicitSeq, (word32)ukmExplicitSz);
-        idx += (word32)ukmExplicitSz;
-        XMEMCPY(recip->recip + idx, ukmOctetStr, (word32)ukmOctetSz);
-        idx += (word32)ukmOctetSz;
-        XMEMCPY(recip->recip + idx, kari->ukm, kari->ukmSz);
-        idx += kari->ukmSz;
-    }
-
-    XMEMCPY(recip->recip + idx, keyEncryptAlgoId, (word32)keyEncryptAlgoIdSz);
-    idx += (word32)keyEncryptAlgoIdSz;
-    XMEMCPY(recip->recip + idx, keyWrapAlg, (word32)keyWrapAlgSz);
-    idx += (word32)keyWrapAlgSz;
-
-    XMEMCPY(recip->recip + idx, recipEncKeysSeq, (word32)recipEncKeysSeqSz);
-    idx += (word32)recipEncKeysSeqSz;
-    XMEMCPY(recip->recip + idx, recipEncKeySeq, (word32)recipEncKeySeqSz);
-    idx += (word32)recipEncKeySeqSz;
-    XMEMCPY(recip->recip + idx, recipKeyIdSeq, (word32)recipKeyIdSeqSz);
-    idx += (word32)recipKeyIdSeqSz;
-    XMEMCPY(recip->recip + idx, subjKeyIdOctet, (word32)subjKeyIdOctetSz);
-    idx += (word32)subjKeyIdOctetSz;
-    /* subject key id */
-    XMEMCPY(recip->recip + idx, kari->decoded->extSubjKeyId, (word32)keyIdSize);
-    idx += (word32)keyIdSize;
-    XMEMCPY(recip->recip + idx, encryptedKeyOctet, (word32)encryptedKeyOctetSz);
-    idx += (word32)encryptedKeyOctetSz;
-    /* encrypted CEK */
-    XMEMCPY(recip->recip + idx, encryptedKey, encryptedKeySz);
-    idx += encryptedKeySz;
-
-    wc_PKCS7_KariFree(kari);
-    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    /* store recipient size */
-    recip->recipSz = idx;
-    recip->recipType = PKCS7_KARI;
-
-    /* add recipient to recip list */
-    if (pkcs7->recipList == NULL) {
-        pkcs7->recipList = recip;
-    } else {
-        lastRecip = pkcs7->recipList;
-        while (lastRecip->next != NULL) {
-            lastRecip = lastRecip->next;
-        }
-        lastRecip->next = recip;
-    }
-
-    (void)options;
-
-    return (int)idx;
-}
-
-#endif /* HAVE_ECC */
-
-#ifndef NO_RSA
-
-/* Encode and add CMS EnvelopedData KTRI (KeyTransRecipientInfo) RecipientInfo
- * to CMS/PKCS#7 EnvelopedData structure.
- *
- * Returns 0 on success, negative upon error */
-int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz,
-                               int options)
-{
-    Pkcs7EncodedRecip* recip = NULL;
-    Pkcs7EncodedRecip* lastRecip = NULL;
-
-    WC_RNG rng;
-    word32 idx = 0;
-    word32 encryptedKeySz = 0;
-    int keyIdSize;
-
-    int ret = 0, blockKeySz;
-    int verSz = 0, issuerSz = 0, snSz = 0, keyEncAlgSz = 0;
-    int issuerSeqSz = 0, recipSeqSz = 0, issuerSerialSeqSz = 0;
-    int encKeyOctetStrSz;
-    int sidType;
-
-    byte ver[MAX_VERSION_SZ];
-    byte issuerSerialSeq[MAX_SEQ_SZ];
-    byte recipSeq[MAX_SEQ_SZ];
-    byte issuerSeq[MAX_SEQ_SZ];
-    byte encKeyOctetStr[MAX_OCTET_STR_SZ];
-
-    byte issuerSKID[MAX_LENGTH_SZ];
-    word32 issuerSKIDSz = 0;
-
-    byte*   encryptedKey;
-
-#ifdef WOLFSSL_SMALL_STACK
-    byte*   serial;
-    byte*   keyAlgArray;
-    RsaKey* pubKey;
-    DecodedCert* decoded;
-
-    serial = (byte*)XMALLOC(MAX_SN_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    keyAlgArray = (byte*)XMALLOC(MAX_ALGO_SZ, pkcs7->heap,
-                                 DYNAMIC_TYPE_TMP_BUFFER);
-    decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), pkcs7->heap,
-                                    DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (decoded == NULL || serial == NULL || keyAlgArray == NULL) {
-        XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#else
-    byte serial[MAX_SN_SZ];
-    byte keyAlgArray[MAX_ALGO_SZ];
-    RsaKey pubKey[1];
-    DecodedCert decoded[1];
-#endif
-
-    /* Always allocate to ensure aligned use with RSA */
-    encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
-                                  DYNAMIC_TYPE_WOLF_BIGINT);
-    if (encryptedKey == NULL) {
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-
-    encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-    XMEMSET(encryptedKey, 0, encryptedKeySz);
-
-    /* default to IssuerAndSerialNumber if not set */
-    if (pkcs7->sidType != 0) {
-        sidType = pkcs7->sidType;
-    } else {
-        sidType = CMS_ISSUER_AND_SERIAL_NUMBER;
-    }
-
-    /* allow options to override SubjectIdentifier type if set */
-    if (options & CMS_SKID) {
-        sidType = CMS_SKID;
-    } else if (options & CMS_ISSUER_AND_SERIAL_NUMBER) {
-        sidType = CMS_ISSUER_AND_SERIAL_NUMBER;
-    }
-
-    /* allocate recipient struct */
-    recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap,
-                                 DYNAMIC_TYPE_PKCS7);
-    if (recip == NULL) {
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        return MEMORY_E;
-    }
-    XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip));
-
-    /* get key size for content-encryption key based on algorithm */
-    blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (blockKeySz < 0) {
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return blockKeySz;
-    }
-
-    /* generate random content encryption key, if needed */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz);
-    if (ret < 0) {
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    InitDecodedCert(decoded, (byte*)cert, certSz, pkcs7->heap);
-    ret = ParseCert(decoded, CA_TYPE, NO_VERIFY, 0);
-    if (ret < 0) {
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           decoded->signatureOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-
-        /* version, must be 0 for IssuerAndSerialNumber */
-        verSz = SetMyVersion(0, ver, 0);
-        recip->recipVersion = 0;
-
-        /* IssuerAndSerialNumber */
-        if (decoded->issuerRaw == NULL || decoded->issuerRawLen == 0) {
-            WOLFSSL_MSG("DecodedCert lacks raw issuer pointer and length");
-            FreeDecodedCert(decoded);
-            WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return -1;
-        }
-        issuerSz    = decoded->issuerRawLen;
-        issuerSeqSz = (int)SetSequence((word32)issuerSz, issuerSeq);
-
-        if (decoded->serialSz == 0) {
-            WOLFSSL_MSG("DecodedCert missing serial number");
-            FreeDecodedCert(decoded);
-            WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return -1;
-        }
-        snSz = SetSerialNumber(decoded->serial, (word32)decoded->serialSz,
-                               serial, MAX_SN_SZ, MAX_SN_SZ);
-        if (snSz < 0) {
-            WOLFSSL_MSG("Error setting the serial number");
-            FreeDecodedCert(decoded);
-            WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return -1;
-        }
-        issuerSerialSeqSz = (int)SetSequence((word32)(issuerSeqSz + issuerSz +
-                                             snSz), issuerSerialSeq);
-    } else if (sidType == CMS_SKID) {
-
-        /* version, must be 2 for SubjectKeyIdentifier */
-        verSz = SetMyVersion(2, ver, 0);
-        recip->recipVersion = 2;
-
-        issuerSKIDSz = SetLength((word32)keyIdSize, issuerSKID);
-    } else {
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return PKCS7_RECIP_E;
-    }
-
-    pkcs7->publicKeyOID = decoded->keyOID;
-
-    /* KeyEncryptionAlgorithmIdentifier, only support RSA now */
-    if (pkcs7->publicKeyOID != RSAk) {
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ALGO_ID_E;
-    }
-
-    keyEncAlgSz = (int)SetAlgoID((int)pkcs7->publicKeyOID, keyAlgArray,
-                                 oidKeyType, 0);
-    if (keyEncAlgSz == 0) {
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    pubKey = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap,
-            DYNAMIC_TYPE_TMP_BUFFER);
-    if (pubKey == NULL) {
-        FreeDecodedCert(decoded);
-        XFREE(serial,       pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(keyAlgArray,  pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(decoded,      pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-#endif
-
-    /* EncryptedKey */
-    ret = wc_InitRsaKey_ex(pubKey, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    if (wc_RsaPublicKeyDecode(decoded->publicKey, &idx, pubKey,
-                              decoded->pubKeySize) < 0) {
-        WOLFSSL_MSG("ASN RSA key decode error");
-        wc_FreeRsaKey(pubKey);
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return PUBLIC_KEY_E;
-    }
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        wc_FreeRsaKey(pubKey);
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    /* Currently the call to RSA public encrypt here is blocking @TODO */
-    do {
-        ret = wc_AsyncWait(ret, &pubKey->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
-        if (ret >= 0)
-#endif
-        {
-            ret = wc_RsaPublicEncrypt(pkcs7->cek, pkcs7->cekSz, encryptedKey,
-                              encryptedKeySz, pubKey, &rng);
-        }
-#ifdef WOLFSSL_ASYNC_CRYPT
-    } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-#endif
-    wc_FreeRsaKey(pubKey);
-    wc_FreeRng(&rng);
-
-    WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    if (ret < 0) {
-        WOLFSSL_MSG("RSA Public Encrypt failed");
-        FreeDecodedCert(decoded);
-        WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-    encryptedKeySz = (word32)ret;
-
-    encKeyOctetStrSz = (int)SetOctetString(encryptedKeySz, encKeyOctetStr);
-
-    /* RecipientInfo */
-    if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-        int recipLen =  verSz + (int)issuerSerialSeqSz + issuerSeqSz +
-            issuerSz + snSz + keyEncAlgSz + encKeyOctetStrSz +
-            (int)encryptedKeySz;
-        recipSeqSz = (int)SetSequence((word32)recipLen, recipSeq);
-
-        if ((recipSeqSz + recipLen) > MAX_RECIP_SZ) {
-            WOLFSSL_MSG("RecipientInfo output buffer too small");
-            FreeDecodedCert(decoded);
-            WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return BUFFER_E;
-        }
-
-    } else {
-        int recipLen =  verSz + ASN_TAG_SZ + (int)issuerSKIDSz + keyIdSize +
-                keyEncAlgSz + encKeyOctetStrSz + (int)encryptedKeySz;
-        recipSeqSz = (int)SetSequence((word32)recipLen, recipSeq);
-        if ((recipSeqSz + recipLen) > MAX_RECIP_SZ) {
-            WOLFSSL_MSG("RecipientInfo output buffer too small");
-            FreeDecodedCert(decoded);
-            WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return BUFFER_E;
-        }
-    }
-
-    idx = 0;
-    XMEMCPY(recip->recip + idx, recipSeq, (word32)recipSeqSz);
-    idx += (word32)recipSeqSz;
-    XMEMCPY(recip->recip + idx, ver, (word32)verSz);
-    idx += (word32)verSz;
-    if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-        XMEMCPY(recip->recip + idx, issuerSerialSeq, (word32)issuerSerialSeqSz);
-        idx += (word32)issuerSerialSeqSz;
-        XMEMCPY(recip->recip + idx, issuerSeq, (word32)issuerSeqSz);
-        idx += (word32)issuerSeqSz;
-        XMEMCPY(recip->recip + idx, decoded->issuerRaw, (word32)issuerSz);
-        idx += (word32)issuerSz;
-        XMEMCPY(recip->recip + idx, serial, (word32)snSz);
-        idx += (word32)snSz;
-    } else {
-        recip->recip[idx] = ASN_CONTEXT_SPECIFIC;
-        idx += ASN_TAG_SZ;
-        XMEMCPY(recip->recip + idx, issuerSKID, issuerSKIDSz);
-        idx += issuerSKIDSz;
-        XMEMCPY(recip->recip + idx, pkcs7->issuerSubjKeyId, (word32)keyIdSize);
-        idx += (word32)keyIdSize;
-    }
-    XMEMCPY(recip->recip + idx, keyAlgArray, (word32)keyEncAlgSz);
-    idx += (word32)keyEncAlgSz;
-    XMEMCPY(recip->recip + idx, encKeyOctetStr, (word32)encKeyOctetStrSz);
-    idx += (word32)encKeyOctetStrSz;
-    XMEMCPY(recip->recip + idx, encryptedKey, encryptedKeySz);
-    idx += encryptedKeySz;
-
-    FreeDecodedCert(decoded);
-
-    WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-
-    /* store recipient size */
-    recip->recipSz = idx;
-    recip->recipType = PKCS7_KTRI;
-
-    /* add recipient to recip list */
-    if (pkcs7->recipList == NULL) {
-        pkcs7->recipList = recip;
-    } else {
-        lastRecip = pkcs7->recipList;
-        while (lastRecip->next != NULL) {
-            lastRecip = lastRecip->next;
-        }
-        lastRecip->next = recip;
-    }
-
-    return (int)idx;
-}
-
-#endif /* !NO_RSA */
-
-/* abstraction for writing out PKCS7 bundle during creation
-   returns 0 on success
- */
-int wc_PKCS7_WriteOut(wc_PKCS7* pkcs7, byte* output, const byte* input,
-    word32 inputSz)
-{
-    int ret = 0;
-
-    if (inputSz == 0)
-        return 0;
-
-    if (input == NULL) {
-        WOLFSSL_MSG("Internal error, trying to write out NULL buffer");
-        return -1;
-    }
-
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->streamOutCb) {
-        ret = pkcs7->streamOutCb(pkcs7, input, inputSz, pkcs7->streamCtx);
-        /* sanity check on user provided ret value */
-        if (ret < 0) {
-            WOLFSSL_MSG("Return value error from stream out callback");
-            ret = BUFFER_E;
-        }
-    }
-    else
-#endif
-    if (output) {
-        XMEMCPY(output, input, inputSz);
-    }
-    else {
-        WOLFSSL_MSG("No way provided to output bundle");
-        ret = BUFFER_E;
-    }
-
-    (void)pkcs7;
-    return ret;
-}
-
-
-/* encrypt content using encryptOID algo */
-static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key,
-                                   int keySz,
-                                   byte* iv, int ivSz, byte* aad, word32 aadSz,
-                                   byte* authTag, word32 authTagSz, byte* in,
-                                   int inSz, byte* out)
-{
-    int ret;
-#ifndef NO_AES
-    WC_DECLARE_VAR(aes, Aes, 1, 0);
-#endif
-#ifndef NO_DES3
-    Des  des;
-    Des3 des3;
-#endif
-    int devId  = pkcs7->devId;
-    void* heap = pkcs7->heap;
-
-    if (key == NULL || iv == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef ASN_BER_TO_DER
-    if ((in == NULL && pkcs7->getContentCb == NULL) ||
-        (out == NULL && pkcs7->streamOutCb == NULL)) {
-        WOLFSSL_MSG("No input or output set for encrypt");
-        return BAD_FUNC_ARG;
-    }
-#else
-    if (in == NULL || out == NULL)
-        return BAD_FUNC_ARG;
-#endif
-
-    switch (encryptOID) {
-#ifndef NO_AES
-    #ifdef HAVE_AES_CBC
-    #ifdef WOLFSSL_AES_128
-        case AES128CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256CBCb:
-    #endif
-            if (
-                #ifdef WOLFSSL_AES_128
-                    (encryptOID == AES128CBCb && keySz != 16 ) ||
-                #endif
-                #ifdef WOLFSSL_AES_192
-                    (encryptOID == AES192CBCb && keySz != 24 ) ||
-                #endif
-                #ifdef WOLFSSL_AES_256
-                    (encryptOID == AES256CBCb && keySz != 32 ) ||
-                #endif
-                    (ivSz  != WC_AES_BLOCK_SIZE) )
-                return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-            if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                                      DYNAMIC_TYPE_AES)) == NULL)
-                return MEMORY_E;
-#endif
-            ret = wc_AesInit(aes, heap, devId);
-            if (ret == 0) {
-                ret = wc_AesSetKey(aes, key, (word32)keySz, iv, AES_ENCRYPTION);
-                if (ret == 0) {
-                    ret = wc_PKCS7_EncodeContentStream(pkcs7, NULL, aes, in,
-                        inSz, out, WC_CIPHER_AES_CBC);
-                }
-                wc_AesFree(aes);
-            }
-            WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES);
-            break;
-    #endif /* HAVE_AES_CBC */
-    #ifdef HAVE_AESGCM
-        #ifdef WOLFSSL_AES_128
-        case AES128GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256GCMb:
-        #endif
-        #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-            defined(WOLFSSL_AES_256)
-            if (authTag == NULL)
-                return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-            if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                                      DYNAMIC_TYPE_AES)) == NULL)
-                return MEMORY_E;
-#endif
-            ret = wc_AesInit(aes, heap, devId);
-            if (ret == 0) {
-                ret = wc_AesGcmSetKey(aes, key, (word32)keySz);
-                if (ret == 0) {
-                #ifndef WOLFSSL_AESGCM_STREAM
-                    if (pkcs7->encodeStream) {
-                        WOLFSSL_MSG("Not AES-GCM stream support compiled in");
-                        ret = NOT_COMPILED_IN;
-                    }
-                    else {
-                        ret = wc_AesGcmEncrypt(aes, out, in, (word32)inSz, iv,
-                                  (word32)ivSz, authTag, authTagSz, aad, aadSz);
-                    #ifdef WOLFSSL_ASYNC_CRYPT
-                        /* async encrypt not available here, so block till done
-                         */
-                        ret = wc_AsyncWait(ret, &aes->asyncDev,
-                            WC_ASYNC_FLAG_NONE);
-                    #endif
-                    }
-                #else
-                    ret = wc_AesGcmEncryptInit(aes, key, (word32)keySz, iv,
-                        (word32)ivSz);
-                    if (ret == 0) {
-                        ret = wc_AesGcmEncryptUpdate(aes, NULL, NULL, 0, aad,
-                            aadSz);
-                    }
-                    if (ret == 0) {
-                        ret = wc_PKCS7_EncodeContentStream(pkcs7, NULL, aes, in,
-                            inSz, out, WC_CIPHER_AES_GCM);
-                    }
-
-                    if (ret == 0) {
-                        ret = wc_AesGcmEncryptFinal(aes, authTag, authTagSz);
-                    }
-                #endif
-                }
-                wc_AesFree(aes);
-            }
-            WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES);
-            break;
-        #endif
-    #endif /* HAVE_AESGCM */
-    #ifdef HAVE_AESCCM
-        #ifdef WOLFSSL_AES_128
-        case AES128CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256CCMb:
-        #endif
-        #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-            defined(WOLFSSL_AES_256)
-            if (authTag == NULL)
-                return BAD_FUNC_ARG;
-
-            if (pkcs7->encodeStream) {
-                WOLFSSL_MSG("Streaming encoding not supported with AES-CCM");
-                return BAD_FUNC_ARG;
-            }
-
-#ifdef WOLFSSL_SMALL_STACK
-            if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                                      DYNAMIC_TYPE_AES)) == NULL)
-                return MEMORY_E;
-#endif
-            ret = wc_AesInit(aes, heap, devId);
-            if (ret == 0) {
-                ret = wc_AesCcmSetKey(aes, key, (word32)keySz);
-                if (ret == 0) {
-                    ret = wc_AesCcmEncrypt(aes, out, in, (word32)inSz, iv,
-                                           (word32)ivSz, authTag, authTagSz,
-                                           aad, aadSz);
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    /* async encrypt not available here, so block till done */
-                    ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE);
-                #endif
-                }
-                wc_AesFree(aes);
-            }
-            WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES);
-            break;
-        #endif
-    #endif /* HAVE_AESCCM */
-#endif /* !NO_AES */
-#ifndef NO_DES3
-        case DESb:
-            if (keySz != DES_KEYLEN || ivSz != DES_BLOCK_SIZE)
-                return BAD_FUNC_ARG;
-
-            if (pkcs7->encodeStream) {
-                WOLFSSL_MSG("Streaming encoding not supported with DES3");
-                return BAD_FUNC_ARG;
-            }
-
-            ret = wc_Des_SetKey(&des, key, iv, DES_ENCRYPTION);
-            if (ret == 0)
-                ret = wc_Des_CbcEncrypt(&des, out, in, (word32)inSz);
-
-            break;
-
-        case DES3b:
-            if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
-                return BAD_FUNC_ARG;
-
-            if (pkcs7->encodeStream) {
-                WOLFSSL_MSG("Streaming encoding not supported with DES3");
-                return BAD_FUNC_ARG;
-            }
-
-            ret = wc_Des3Init(&des3, heap, devId);
-            if (ret == 0) {
-                ret = wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION);
-                if (ret == 0) {
-                    ret = wc_Des3_CbcEncrypt(&des3, out, in, (word32)inSz);
-                #ifdef WOLFSSL_ASYNC_CRYPT
-                    /* async encrypt not available here, so block till done */
-                    ret = wc_AsyncWait(ret, &des3.asyncDev, WC_ASYNC_FLAG_NONE);
-                #endif
-                }
-                wc_Des3Free(&des3);
-            }
-            break;
-#endif /* !NO_DES3 */
-        default:
-            WOLFSSL_MSG("Unsupported content cipher type");
-            return ALGO_ID_E;
-    };
-
-#if defined(NO_AES) || (!defined(HAVE_AESGCM) && !defined(HAVE_AESCCM))
-    (void)authTag;
-    (void)authTagSz;
-    (void)aad;
-    (void)aadSz;
-#endif
-    return ret;
-}
-
-
-static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, word32 encryptOID,
-    byte* key, word32 keySz, byte* iv, int ivSz, int devId, void* heap)
-{
-    int ret;
-#ifndef NO_AES
-    Aes  *aes;
-#endif
-#ifndef NO_DES3
-    Des  *des;
-    Des3 *des3;
-#endif
-
-    if (iv == NULL)
-        return BAD_FUNC_ARG;
-
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    switch (encryptOID) {
-#ifndef NO_AES
-    #ifdef HAVE_AES_CBC
-    #ifdef WOLFSSL_AES_128
-        case AES128CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256CBCb:
-    #endif
-            if (
-                #ifdef WOLFSSL_AES_128
-                    (encryptOID == AES128CBCb && keySz != 16 ) ||
-                #endif
-                #ifdef WOLFSSL_AES_192
-                    (encryptOID == AES192CBCb && keySz != 24 ) ||
-                #endif
-                #ifdef WOLFSSL_AES_256
-                    (encryptOID == AES256CBCb && keySz != 32 ) ||
-                #endif
-                    (ivSz  != WC_AES_BLOCK_SIZE) )
-                return BAD_FUNC_ARG;
-
-            pkcs7->decryptKey.aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                                      DYNAMIC_TYPE_AES);
-            aes = pkcs7->decryptKey.aes;
-            if (aes == NULL)
-                return MEMORY_E;
-            ret = wc_AesInit(aes, heap, devId);
-            if (ret == 0) {
-                ret = wc_AesSetKey(aes, key, (word32)keySz, iv, AES_DECRYPTION);
-            }
-            break;
-
-    #endif /* HAVE_AES_CBC */
-    #ifdef HAVE_AESGCM
-        #ifdef WOLFSSL_AES_128
-        case AES128GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256GCMb:
-        #endif
-        #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-            defined(WOLFSSL_AES_256)
-            pkcs7->decryptKey.aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                                      DYNAMIC_TYPE_AES);
-            aes = pkcs7->decryptKey.aes;
-            if (aes == NULL)
-                return MEMORY_E;
-            ret = wc_AesInit(aes, heap, devId);
-            if (ret == 0) {
-                ret = wc_AesGcmSetKey(aes, key, (word32)keySz);
-            }
-            break;
-        #endif
-    #endif /* HAVE_AESGCM */
-    #ifdef HAVE_AESCCM
-        #ifdef WOLFSSL_AES_128
-        case AES128CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256CCMb:
-        #endif
-        #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-            defined(WOLFSSL_AES_256)
-            pkcs7->decryptKey.aes = (Aes *)XMALLOC(sizeof *aes, NULL,
-                                      DYNAMIC_TYPE_AES);
-            aes = pkcs7->decryptKey.aes;
-            if (aes == NULL)
-                return MEMORY_E;
-            ret = wc_AesInit(aes, heap, devId);
-            if (ret == 0) {
-                ret = wc_AesCcmSetKey(aes, key, (word32)keySz);
-            }
-            break;
-        #endif
-    #endif /* HAVE_AESCCM */
-#endif /* !NO_AES */
-#ifndef NO_DES3
-        case DESb:
-            if (keySz != DES_KEYLEN || ivSz != DES_BLOCK_SIZE)
-                return BAD_FUNC_ARG;
-
-            pkcs7->decryptKey.des = (Des *)XMALLOC(sizeof *des, NULL,
-                                      DYNAMIC_TYPE_PKCS7);
-            des = pkcs7->decryptKey.des;
-            if (des == NULL) {
-                return MEMORY_E;
-            }
-            ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
-            break;
-        case DES3b:
-            if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
-                return BAD_FUNC_ARG;
-
-            pkcs7->decryptKey.des3 = (Des3 *)XMALLOC(sizeof *des3, NULL,
-                                      DYNAMIC_TYPE_PKCS7);
-            des3 = pkcs7->decryptKey.des3;
-            if (des3 == NULL) {
-                return MEMORY_E;
-            }
-            ret = wc_Des3Init(des3, heap, devId);
-            if (ret == 0) {
-                ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
-            }
-
-            break;
-#endif /* !NO_DES3 */
-        default:
-            WOLFSSL_MSG("Unsupported content cipher type");
-            return ALGO_ID_E;
-    };
-
-    return ret;
-}
-
-
-/* Only does decryption of content using encryptOID algo and already set keys
- * returns 0 on success */
-static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, word32 encryptOID,
-    byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag,
-    word32 authTagSz, byte* in, int inSz, byte* out)
-{
-    int ret;
-
-    if (in == NULL
-    #ifdef ASN_BER_TO_DER
-        && pkcs7->getContentCb == NULL
-    #endif
-    ) {
-        return BAD_FUNC_ARG;
-    }
-
-    switch (encryptOID) {
-#ifndef NO_AES
-    #ifdef HAVE_AES_CBC
-    #ifdef WOLFSSL_AES_128
-        case AES128CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256CBCb:
-    #endif
-            ret = wc_AesCbcDecrypt(pkcs7->decryptKey.aes, out, in,
-                (word32)inSz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* async decrypt not available here, so block till done */
-            ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev,
-                WC_ASYNC_FLAG_NONE);
-        #endif
-            break;
-    #endif /* HAVE_AES_CBC */
-    #ifdef HAVE_AESGCM
-        #ifdef WOLFSSL_AES_128
-        case AES128GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256GCMb:
-        #endif
-        #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-            defined(WOLFSSL_AES_256)
-            if (authTag == NULL)
-                return BAD_FUNC_ARG;
-
-            ret = wc_AesGcmDecrypt(pkcs7->decryptKey.aes, out, in,
-                    (word32)inSz, iv, (word32)ivSz, authTag, authTagSz,
-                    aad, aadSz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* async decrypt not available here, so block till done */
-            ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev,
-                WC_ASYNC_FLAG_NONE);
-        #endif
-            break;
-        #endif
-    #endif /* HAVE_AESGCM */
-    #ifdef HAVE_AESCCM
-        #ifdef WOLFSSL_AES_128
-        case AES128CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256CCMb:
-        #endif
-            ret = wc_AesCcmDecrypt(pkcs7->decryptKey.aes, out, in,
-                (word32)inSz, iv, (word32)ivSz, authTag, authTagSz,
-                aad, aadSz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* async decrypt not available here, so block till done */
-            ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev,
-                WC_ASYNC_FLAG_NONE);
-        #endif
-            break;
-    #endif /* HAVE_AESCCM */
-#endif /* !NO_AES */
-#ifndef NO_DES3
-        case DESb:
-            ret = wc_Des_CbcDecrypt(pkcs7->decryptKey.des, out, in,
-                (word32)inSz);
-            break;
-
-        case DES3b:
-            ret = wc_Des3_CbcDecrypt(pkcs7->decryptKey.des3, out, in,
-                (word32)inSz);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            /* async decrypt not available here, so block till done */
-            ret = wc_AsyncWait(ret,
-              &pkcs7->decryptKey.des3->asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-            break;
-#endif /* !NO_DES3 */
-        default:
-            WOLFSSL_MSG("Unsupported content cipher type");
-            return ALGO_ID_E;
-    };
-
-#if defined(NO_AES) || (!defined(HAVE_AESGCM) && !defined(HAVE_AESCCM))
-    (void)authTag;
-    (void)authTagSz;
-    (void)aad;
-    (void)aadSz;
-#endif
-
-    return ret;
-}
-
-
-/* clears up struct for algo used and free's memory */
-static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, word32 encryptOID,
-    void* heap)
-{
-    switch (encryptOID) {
-#ifndef NO_AES
-    #ifdef HAVE_AES_CBC
-    #ifdef WOLFSSL_AES_128
-        case AES128CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192CBCb:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256CBCb:
-    #endif
-    #endif /* HAVE_AES_CBC */
-    #ifdef HAVE_AESGCM
-        #ifdef WOLFSSL_AES_128
-        case AES128GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192GCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256GCMb:
-        #endif
-    #endif /* HAVE_AESGCM */
-    #ifdef HAVE_AESCCM
-        #ifdef WOLFSSL_AES_128
-        case AES128CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_192
-        case AES192CCMb:
-        #endif
-        #ifdef WOLFSSL_AES_256
-        case AES256CCMb:
-        #endif
-    #endif /* HAVE_AESCCM */
-            if (pkcs7->decryptKey.aes != NULL) {
-                wc_AesFree(pkcs7->decryptKey.aes);
-                XFREE(pkcs7->decryptKey.aes, heap, DYNAMIC_TYPE_AES);
-                pkcs7->decryptKey.aes = NULL;
-            }
-            break;
-#endif /* !NO_AES */
-#ifndef NO_DES3
-        case DESb:
-            if (pkcs7->decryptKey.des != NULL) {
-                XFREE(pkcs7->decryptKey.des, heap, DYNAMIC_TYPE_PKCS7);
-                pkcs7->decryptKey.des = NULL;
-            }
-            break;
-        case DES3b:
-            if (pkcs7->decryptKey.des3 != NULL) {
-                wc_Des3Free(pkcs7->decryptKey.des3);
-                XFREE(pkcs7->decryptKey.des3, heap, DYNAMIC_TYPE_PKCS7);
-                pkcs7->decryptKey.des3 = NULL;
-            }
-            break;
-#endif /* !NO_DES3 */
-        default:
-            WOLFSSL_MSG("Unsupported content cipher type");
-    };
-}
-
-
-/* decrypts the content in one shot, doing init / decrypt / free
- * returns 0 on success
- */
-static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, word32 encryptOID,
-        byte* key, word32 keySz, byte* iv, int ivSz, byte* aad, word32 aadSz,
-        byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out,
-        int devId, void* heap)
-{
-    int ret;
-
-    if (pkcs7->decryptionCb != NULL) {
-        return pkcs7->decryptionCb(pkcs7, (int)encryptOID, iv, ivSz,
-                                      aad, aadSz, authTag, authTagSz, in,
-                                      inSz, out, pkcs7->decryptionCtx);
-    }
-
-    ret = wc_PKCS7_DecryptContentInit(pkcs7, encryptOID, key, keySz, iv, ivSz,
-        devId, heap);
-
-    if (ret == 0) {
-        ret = wc_PKCS7_DecryptContentEx(pkcs7, encryptOID, iv, ivSz, aad,
-            aadSz, authTag, authTagSz, in, inSz, out);
-    }
-
-    wc_PKCS7_DecryptContentFree(pkcs7, encryptOID, heap);
-
-    return ret;
-}
-
-
-/* Generate random block, place in out, return 0 on success negative on error.
- * Used for generation of IV, nonce, etc */
-static int wc_PKCS7_GenerateBlock(wc_PKCS7* pkcs7, WC_RNG* rng, byte* out,
-                                  word32 outSz)
-{
-    int ret;
-    WC_RNG* rnd = NULL;
-
-    if (out == NULL || outSz == 0)
-        return BAD_FUNC_ARG;
-
-    /* input RNG is optional, init local one if input rng is NULL */
-    if (rng == NULL) {
-        rnd = (WC_RNG*)XMALLOC(sizeof(WC_RNG), pkcs7->heap, DYNAMIC_TYPE_RNG);
-        if (rnd == NULL)
-            return MEMORY_E;
-
-        ret = wc_InitRng_ex(rnd, pkcs7->heap, pkcs7->devId);
-        if (ret != 0) {
-            XFREE(rnd, pkcs7->heap, DYNAMIC_TYPE_RNG);
-            return ret;
-        }
-
-    } else {
-        rnd = rng;
-    }
-
-    ret = wc_RNG_GenerateBlock(rnd, out, outSz);
-
-    if (rng == NULL) {
-        wc_FreeRng(rnd);
-        XFREE(rnd, pkcs7->heap, DYNAMIC_TYPE_RNG);
-    }
-
-    return ret;
-}
-
-
-/* Set default SignerIdentifier type to be used. Is either
- * IssuerAndSerialNumber or SubjectKeyIdentifier. Encoding defaults to using
- * IssuerAndSerialNumber unless set with this function or explicitly
- * overridden via options when adding RecipientInfo type.
- *
- * Using the type DEGENERATE_SID skips over signer information. In degenerate
- * cases there are no signers.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- * type  - either CMS_ISSUER_AND_SERIAL_NUMBER, CMS_SKID or DEGENERATE_SID
- *
- * return 0 on success, negative upon error */
-int wc_PKCS7_SetSignerIdentifierType(wc_PKCS7* pkcs7, int type)
-{
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    if (type != CMS_ISSUER_AND_SERIAL_NUMBER &&
-        type != CMS_SKID &&
-        type != DEGENERATE_SID) {
-        return BAD_FUNC_ARG;
-    }
-
-    pkcs7->sidType = type;
-
-    return 0;
-}
-
-
-/* Set custom contentType, currently supported with SignedData type
- *
- * pkcs7       - pointer to initialized PKCS7 structure
- * contentType - pointer to array with ASN.1 encoded OID value
- * sz          - length of contentType array, octets
- *
- * return 0 on success, negative upon error */
-int wc_PKCS7_SetContentType(wc_PKCS7* pkcs7, byte* contentType, word32 sz)
-{
-    if (pkcs7 == NULL || contentType == NULL || sz == 0)
-        return BAD_FUNC_ARG;
-
-    if (sz > MAX_OID_SZ) {
-        WOLFSSL_MSG("input array too large, bounded by MAX_OID_SZ");
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(pkcs7->contentType, contentType, sz);
-    pkcs7->contentTypeSz = sz;
-
-    return 0;
-}
-
-
-/* return size of padded data, padded to blockSz chunks, or negative on error */
-int wc_PKCS7_GetPadSize(word32 inputSz, word32 blockSz)
-{
-    if (blockSz == 0)
-        return BAD_FUNC_ARG;
-
-    return (int)(blockSz - (inputSz % blockSz));
-}
-
-
-/* pad input data to blockSz chunk, place in outSz. out must be big enough
- * for input + pad bytes. See wc_PKCS7_GetPadSize() helper. */
-int wc_PKCS7_PadData(byte* in, word32 inSz, byte* out, word32 outSz,
-                     word32 blockSz)
-{
-    if (in == NULL  || inSz == 0 ||
-        out == NULL || outSz == 0 || blockSz == 0)
-        return BAD_FUNC_ARG;
-
-    if (outSz < wc_PkcsPad(NULL, inSz, blockSz))
-        return BAD_FUNC_ARG;
-
-    XMEMCPY(out, in, inSz);
-
-    return (int)wc_PkcsPad(out, inSz, blockSz);
-}
-
-
-/* Encode and add CMS EnvelopedData ORI (OtherRecipientInfo) RecipientInfo
- * to CMS/PKCS#7 EnvelopedData structure.
- *
- * Return 0 on success, negative upon error */
-int wc_PKCS7_AddRecipient_ORI(wc_PKCS7* pkcs7, CallbackOriEncrypt oriEncryptCb,
-                              int options)
-{
-    int oriTypeLenSz, blockKeySz, ret;
-    word32 idx, recipSeqSz;
-
-    Pkcs7EncodedRecip* recip = NULL;
-    Pkcs7EncodedRecip* lastRecip = NULL;
-
-    byte recipSeq[MAX_SEQ_SZ];
-    byte oriTypeLen[MAX_LENGTH_SZ];
-
-    byte oriType[MAX_ORI_TYPE_SZ];
-    byte oriValue[MAX_ORI_VALUE_SZ];
-    word32 oriTypeSz = MAX_ORI_TYPE_SZ;
-    word32 oriValueSz = MAX_ORI_VALUE_SZ;
-
-    if (pkcs7 == NULL || oriEncryptCb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* allocate memory for RecipientInfo, KEK, encrypted key */
-    recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip),
-                                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (recip == NULL)
-        return MEMORY_E;
-    XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip));
-
-    /* get key size for content-encryption key based on algorithm */
-    blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (blockKeySz < 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return blockKeySz;
-    }
-
-    /* generate random content encryption key, if needed */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz);
-    if (ret < 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* call user callback to encrypt CEK and get oriType and oriValue
-       values back */
-    ret = oriEncryptCb(pkcs7, pkcs7->cek, pkcs7->cekSz, oriType, &oriTypeSz,
-                       oriValue, &oriValueSz, pkcs7->oriEncryptCtx);
-    if (ret != 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    oriTypeLenSz = (int)SetLength(oriTypeSz, oriTypeLen);
-
-    recipSeqSz = SetImplicit(ASN_SEQUENCE, 4, 1 + (word32)oriTypeLenSz +
-                             oriTypeSz + oriValueSz, recipSeq, 0);
-
-    idx = 0;
-    XMEMCPY(recip->recip + idx, recipSeq, recipSeqSz);
-    idx += recipSeqSz;
-    /* oriType */
-    recip->recip[idx] = ASN_OBJECT_ID;
-    idx += 1;
-    XMEMCPY(recip->recip + idx, oriTypeLen, (word32)oriTypeLenSz);
-    idx += (word32)oriTypeLenSz;
-    XMEMCPY(recip->recip + idx, oriType, oriTypeSz);
-    idx += oriTypeSz;
-    /* oriValue, input MUST already be ASN.1 encoded */
-    XMEMCPY(recip->recip + idx, oriValue, oriValueSz);
-    idx += oriValueSz;
-
-    /* store recipient size */
-    recip->recipSz = idx;
-    recip->recipType = PKCS7_ORI;
-    recip->recipVersion = 4;
-
-    /* add recipient to recip list */
-    if (pkcs7->recipList == NULL) {
-        pkcs7->recipList = recip;
-    } else {
-        lastRecip = pkcs7->recipList;
-        while (lastRecip->next != NULL) {
-            lastRecip = lastRecip->next;
-        }
-        lastRecip->next = recip;
-    }
-
-    (void)options;
-
-    return (int)idx;
-}
-
-#if !defined(NO_PWDBASED) && !defined(NO_SHA)
-
-
-static int wc_PKCS7_GenerateKEK_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen,
-                                     byte* salt, word32 saltSz, int kdfOID,
-                                     int prfOID, int iterations, byte* out,
-                                     word32 outSz)
-{
-    int ret;
-
-    if (pkcs7 == NULL || passwd == NULL || salt == NULL || out == NULL)
-        return BAD_FUNC_ARG;
-
-    switch (kdfOID) {
-
-        case PBKDF2_OID:
-
-            ret = wc_PBKDF2(out, passwd, (int)pLen, salt, (int)saltSz,
-                            iterations, (int)outSz, prfOID);
-            if (ret != 0) {
-                return ret;
-            }
-
-            break;
-
-        default:
-            WOLFSSL_MSG("Unsupported KDF OID");
-            return PKCS7_OID_E;
-    }
-
-    return 0;
-}
-
-
-/* RFC3211 (Section 2.3.1) key wrap algorithm (id-alg-PWRI-KEK).
- *
- * Returns output size on success, negative upon error */
-static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek,
-        word32 kekSz, const byte* cek, word32 cekSz,
-        byte* out, word32 *outSz, const byte* iv, word32 ivSz, int algID)
-{
-    WC_RNG rng;
-    int blockSz, outLen, ret;
-    word32 padSz;
-    byte* lastBlock;
-
-    if (kek == NULL || cek == NULL || iv == NULL || outSz == NULL)
-        return BAD_FUNC_ARG;
-
-    /* get encryption algorithm block size */
-    blockSz = wc_PKCS7_GetOIDBlockSize(algID);
-    if (blockSz <= 0) {
-        if (blockSz < 0)
-            return blockSz;
-        else
-            return ALGO_ID_E;
-    }
-
-    /* get pad bytes needed to block boundary */
-    padSz = (word32)blockSz - ((4 + cekSz) % (word32)blockSz);
-    outLen = (int)(4 + cekSz + padSz);
-
-    /* must be at least two blocks long */
-    if (outLen < 2 * blockSz)
-        padSz += (word32)blockSz;
-
-    /* if user set out to NULL, give back required length */
-    if (out == NULL) {
-        *outSz = (word32)outLen;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    /* verify output buffer is large enough */
-    if (*outSz < (word32)outLen)
-        return BUFFER_E;
-
-    out[0] = (byte)cekSz;
-    out[1] = (byte)~cek[0];
-    out[2] = (byte)~cek[1];
-    out[3] = (byte)~cek[2];
-    XMEMCPY(out + 4, cek, cekSz);
-
-    /* random padding of size padSz */
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_RNG_GenerateBlock(&rng, out + 4 + cekSz, padSz);
-
-    if (ret == 0) {
-        /* encrypt, normal */
-        ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, (int)kekSz,
-                                    (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, out,
-                                    outLen, out);
-    }
-
-    if (ret == 0) {
-        /* encrypt again, using last ciphertext block as IV */
-        lastBlock = out + (((outLen / blockSz) - 1) * blockSz);
-        ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, (int)kekSz,
-                                      lastBlock, blockSz, NULL, 0, NULL, 0, out,
-                                      outLen, out);
-    }
-
-    if (ret == 0) {
-        *outSz = (word32)outLen;
-    } else {
-        outLen = ret;
-    }
-
-    wc_FreeRng(&rng);
-
-    return outLen;
-}
-
-
-/* RFC3211 (Section 2.3.2) key unwrap algorithm (id-alg-PWRI-KEK).
- *
- * Returns cek size on success, negative upon error */
-static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek,
-                                      word32 kekSz, const byte* in, word32 inSz,
-                                      byte* out, word32 outSz, const byte* iv,
-                                      word32 ivSz, word32 algID)
-{
-    int blockSz, cekLen, ret;
-    byte* tmpIv     = NULL;
-    byte* lastBlock = NULL;
-    byte* outTmp    = NULL;
-
-    if (pkcs7 == NULL || kek == NULL || in == NULL ||
-        out == NULL || iv == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    outTmp = (byte*)XMALLOC(inSz, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (outTmp == NULL)
-        return MEMORY_E;
-
-    /* get encryption algorithm block size */
-    blockSz = wc_PKCS7_GetOIDBlockSize((int)algID);
-    if (blockSz <= 0) {
-        XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (blockSz < 0)
-            return blockSz;
-        else
-            return ALGO_ID_E;
-    }
-
-    /* input needs to be blockSz multiple and at least 2 * blockSz */
-    if (((inSz % (word32)blockSz) != 0) || (inSz < (2 * (word32)blockSz))) {
-        WOLFSSL_MSG("PWRI-KEK unwrap input must of block size and >= 2 "
-                    "times block size");
-        XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return BAD_FUNC_ARG;
-    }
-
-    /* use block out[n-1] as IV to decrypt block out[n] */
-    lastBlock = (byte*)in + inSz - blockSz;
-    tmpIv = lastBlock - blockSz;
-
-    /* decrypt last block */
-    ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz, tmpIv,
-            blockSz, NULL, 0, NULL, 0, lastBlock, blockSz,
-            outTmp + inSz - blockSz, pkcs7->devId, pkcs7->heap);
-
-    if (ret == 0) {
-        /* using last decrypted block as IV, decrypt [0 ... n-1] blocks */
-        lastBlock = outTmp + inSz - blockSz;
-        ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz,
-                lastBlock, blockSz, NULL, 0, NULL, 0, (byte*)in,
-                (int)inSz - blockSz, outTmp, pkcs7->devId, pkcs7->heap);
-    }
-
-    if (ret == 0) {
-        /* decrypt using original kek and iv */
-        ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz,
-                (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, outTmp, (int)inSz,
-                outTmp, pkcs7->devId, pkcs7->heap);
-    }
-
-    if (ret != 0) {
-        ForceZero(outTmp, inSz);
-        XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-
-    cekLen = outTmp[0];
-
-    /* verify length */
-    if ((word32)cekLen > inSz) {
-        ForceZero(outTmp, inSz);
-        XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return BAD_FUNC_ARG;
-    }
-
-    /* verify check bytes */
-    if ((outTmp[1] ^ outTmp[4]) != 0xFF ||
-        (outTmp[2] ^ outTmp[5]) != 0xFF ||
-        (outTmp[3] ^ outTmp[6]) != 0xFF) {
-        ForceZero(outTmp, inSz);
-        XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return BAD_FUNC_ARG;
-    }
-
-    if (outSz < (word32)cekLen) {
-        ForceZero(outTmp, inSz);
-        XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return BUFFER_E;
-    }
-
-    XMEMCPY(out, outTmp + 4, outTmp[0]);
-    ForceZero(outTmp, inSz);
-    XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return cekLen;
-}
-
-
-/* Encode and add CMS EnvelopedData PWRI (PasswordRecipientInfo) RecipientInfo
- * to CMS/PKCS#7 EnvelopedData structure.
- *
- * Return 0 on success, negative upon error */
-int wc_PKCS7_AddRecipient_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen,
-                               byte* salt, word32 saltSz, int kdfOID,
-                               int hashOID, int iterations, int kekEncryptOID,
-                               int options)
-{
-    Pkcs7EncodedRecip* recip = NULL;
-    Pkcs7EncodedRecip* lastRecip = NULL;
-
-    /* PasswordRecipientInfo */
-    byte recipSeq[MAX_SEQ_SZ];
-    byte ver[MAX_VERSION_SZ];
-    word32 recipSeqSz, verSz;
-
-    /* KeyDerivationAlgorithmIdentifier */
-    byte kdfAlgoIdSeq[MAX_SEQ_SZ];
-    byte kdfAlgoId[MAX_OID_SZ];
-    byte kdfParamsSeq[MAX_SEQ_SZ];              /* PBKDF2-params */
-    byte kdfSaltOctetStr[MAX_OCTET_STR_SZ];     /* salt OCTET STRING */
-    byte kdfIterations[MAX_VERSION_SZ];
-    word32 kdfAlgoIdSeqSz, kdfAlgoIdSz;
-    word32 kdfParamsSeqSz, kdfSaltOctetStrSz, kdfIterationsSz;
-    /* OPTIONAL: keyLength, not supported yet */
-    /* OPTIONAL: prf AlgorithmIdentifier, not supported yet */
-
-    /* KeyEncryptionAlgorithmIdentifier */
-    byte keyEncAlgoIdSeq[MAX_SEQ_SZ];
-    byte keyEncAlgoId[MAX_OID_SZ];              /* id-alg-PWRI-KEK */
-    byte pwriEncAlgoId[MAX_ALGO_SZ];
-    byte ivOctetString[MAX_OCTET_STR_SZ];
-    word32 keyEncAlgoIdSeqSz, keyEncAlgoIdSz;
-    word32 pwriEncAlgoIdSz, ivOctetStringSz;
-
-    /* EncryptedKey */
-    byte encKeyOctetStr[MAX_OCTET_STR_SZ];
-    word32 encKeyOctetStrSz;
-
-    byte tmpIv[MAX_CONTENT_IV_SIZE];
-    byte* encryptedKey = NULL;
-    byte* kek = NULL;
-
-    int cekKeySz = 0, kekKeySz = 0, kekBlockSz = 0, ret = 0;
-    int encryptOID;
-    word32 idx, totalSz = 0, encryptedKeySz;
-
-    if (pkcs7 == NULL || passwd == NULL || pLen == 0 ||
-        salt == NULL || saltSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* allow user to use different KEK encryption algorithm than used for
-     * main content encryption algorithm, if passed in */
-    if (kekEncryptOID != 0) {
-        encryptOID = kekEncryptOID;
-    } else {
-        encryptOID = pkcs7->encryptOID;
-    }
-
-    /* get content-encryption key size, based on algorithm */
-    cekKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (cekKeySz < 0)
-        return cekKeySz;
-
-    /* get KEK encryption key size, based on algorithm */
-    if (encryptOID != pkcs7->encryptOID) {
-        kekKeySz = wc_PKCS7_GetOIDKeySize(encryptOID);
-    } else {
-        kekKeySz = cekKeySz;
-    }
-
-    /* get KEK encryption block size */
-    kekBlockSz = wc_PKCS7_GetOIDBlockSize(encryptOID);
-    if (kekBlockSz < 0)
-        return kekBlockSz;
-
-    /* generate random CEK */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)cekKeySz);
-    if (ret < 0)
-        return ret;
-
-    /* generate random IV */
-    ret = wc_PKCS7_GenerateBlock(pkcs7, NULL, tmpIv, (word32)kekBlockSz);
-    if (ret != 0)
-        return ret;
-
-    /* allocate memory for RecipientInfo, KEK, encrypted key */
-    recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip),
-                                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (recip == NULL)
-        return MEMORY_E;
-
-    kek = (byte*)XMALLOC((word32)kekKeySz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (kek == NULL) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ,
-                                  pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (encryptedKey == NULL) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-    XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip));
-    XMEMSET(kek, 0, (word32)kekKeySz);
-    XMEMSET(encryptedKey, 0, encryptedKeySz);
-
-    /* generate KEK: expand password into KEK */
-    ret = wc_PKCS7_GenerateKEK_PWRI(pkcs7, passwd, pLen, salt, saltSz,
-                                    kdfOID, hashOID, iterations, kek,
-                                    (word32)kekKeySz);
-    if (ret < 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* generate encrypted key: encrypt CEK with KEK */
-    ret = wc_PKCS7_PwriKek_KeyWrap(pkcs7, kek, (word32)kekKeySz, pkcs7->cek,
-                                   pkcs7->cekSz, encryptedKey, &encryptedKeySz,
-                                   tmpIv, (word32)kekBlockSz, encryptOID);
-    if (ret < 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-    encryptedKeySz = (word32)ret;
-
-    /* put together encrypted key OCTET STRING */
-    encKeyOctetStrSz = SetOctetString(encryptedKeySz, encKeyOctetStr);
-    totalSz += (encKeyOctetStrSz + encryptedKeySz);
-
-    /* put together IV OCTET STRING */
-    ivOctetStringSz = SetOctetString((word32)kekBlockSz, ivOctetString);
-    totalSz += (ivOctetStringSz + (word32)kekBlockSz);
-
-    /* set PWRIAlgorithms AlgorithmIdentifier, adding (ivOctetStringSz +
-       blockKeySz) for IV OCTET STRING */
-    pwriEncAlgoIdSz = SetAlgoID(encryptOID, pwriEncAlgoId,
-                                oidBlkType, (int)ivOctetStringSz + kekBlockSz);
-    totalSz += pwriEncAlgoIdSz;
-
-    /* set KeyEncryptionAlgorithms OID */
-    ret = wc_SetContentType(PWRI_KEK_WRAP, keyEncAlgoId, sizeof(keyEncAlgoId));
-    if (ret <= 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-    keyEncAlgoIdSz = (word32)ret;
-    totalSz += keyEncAlgoIdSz;
-
-    /* KeyEncryptionAlgorithm SEQ */
-    keyEncAlgoIdSeqSz = SetSequence(keyEncAlgoIdSz + pwriEncAlgoIdSz +
-                                    ivOctetStringSz + (word32)kekBlockSz,
-                                    keyEncAlgoIdSeq);
-    totalSz += keyEncAlgoIdSeqSz;
-
-    /* set KDF salt */
-    kdfSaltOctetStrSz = SetOctetString(saltSz, kdfSaltOctetStr);
-    totalSz += (kdfSaltOctetStrSz + saltSz);
-
-    /* set KDF iteration count */
-    kdfIterationsSz = (word32)SetMyVersion((word32)iterations, kdfIterations,
-        0);
-    totalSz += kdfIterationsSz;
-
-    /* set KDF params SEQ */
-    kdfParamsSeqSz = SetSequence(kdfSaltOctetStrSz + saltSz + kdfIterationsSz,
-                                 kdfParamsSeq);
-    totalSz += kdfParamsSeqSz;
-
-    /* set KDF algo OID */
-    ret = wc_SetContentType(kdfOID, kdfAlgoId, sizeof(kdfAlgoId));
-    if (ret <= 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-    kdfAlgoIdSz = (word32)ret;
-    totalSz += kdfAlgoIdSz;
-
-    /* set KeyDerivationAlgorithmIdentifier EXPLICIT [0] SEQ */
-    kdfAlgoIdSeqSz = SetExplicit(0, kdfAlgoIdSz + kdfParamsSeqSz +
-                                 kdfSaltOctetStrSz + saltSz + kdfIterationsSz,
-                                 kdfAlgoIdSeq, 0);
-    totalSz += kdfAlgoIdSeqSz;
-
-    /* set PasswordRecipientInfo CMSVersion, MUST be 0 */
-    verSz = (word32)SetMyVersion(0, ver, 0);
-    totalSz += verSz;
-    recip->recipVersion = 0;
-
-    /* set PasswordRecipientInfo SEQ */
-    recipSeqSz = SetImplicit(ASN_SEQUENCE, 3, totalSz, recipSeq, 0);
-    totalSz += recipSeqSz;
-
-    if (totalSz > MAX_RECIP_SZ) {
-        WOLFSSL_MSG("CMS Recipient output buffer too small");
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    idx = 0;
-    XMEMCPY(recip->recip + idx, recipSeq, recipSeqSz);
-    idx += recipSeqSz;
-    XMEMCPY(recip->recip + idx, ver, verSz);
-    idx += verSz;
-    XMEMCPY(recip->recip + idx, kdfAlgoIdSeq, kdfAlgoIdSeqSz);
-    idx += kdfAlgoIdSeqSz;
-    XMEMCPY(recip->recip + idx, kdfAlgoId, kdfAlgoIdSz);
-    idx += kdfAlgoIdSz;
-    XMEMCPY(recip->recip + idx, kdfParamsSeq, kdfParamsSeqSz);
-    idx += kdfParamsSeqSz;
-    XMEMCPY(recip->recip + idx, kdfSaltOctetStr, kdfSaltOctetStrSz);
-    idx += kdfSaltOctetStrSz;
-    XMEMCPY(recip->recip + idx, salt, saltSz);
-    idx += saltSz;
-    XMEMCPY(recip->recip + idx, kdfIterations, kdfIterationsSz);
-    idx += kdfIterationsSz;
-    XMEMCPY(recip->recip + idx, keyEncAlgoIdSeq, keyEncAlgoIdSeqSz);
-    idx += keyEncAlgoIdSeqSz;
-    XMEMCPY(recip->recip + idx, keyEncAlgoId, keyEncAlgoIdSz);
-    idx += keyEncAlgoIdSz;
-    XMEMCPY(recip->recip + idx, pwriEncAlgoId, pwriEncAlgoIdSz);
-    idx += pwriEncAlgoIdSz;
-    XMEMCPY(recip->recip + idx, ivOctetString, ivOctetStringSz);
-    idx += ivOctetStringSz;
-    XMEMCPY(recip->recip + idx, tmpIv, (word32)kekBlockSz);
-    idx += (word32)kekBlockSz;
-    XMEMCPY(recip->recip + idx, encKeyOctetStr, encKeyOctetStrSz);
-    idx += encKeyOctetStrSz;
-    XMEMCPY(recip->recip + idx, encryptedKey, encryptedKeySz);
-    idx += encryptedKeySz;
-
-    ForceZero(kek, (word32)kekBlockSz);
-    ForceZero(encryptedKey, encryptedKeySz);
-    XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    /* store recipient size */
-    recip->recipSz = idx;
-    recip->recipType = PKCS7_PWRI;
-
-    /* add recipient to recip list */
-    if (pkcs7->recipList == NULL) {
-        pkcs7->recipList = recip;
-    } else {
-        lastRecip = pkcs7->recipList;
-        while (lastRecip->next != NULL) {
-            lastRecip = lastRecip->next;
-        }
-        lastRecip->next = recip;
-    }
-
-    (void)options;
-
-    return (int)idx;
-}
-
-/* Import password and KDF settings into a PKCS7 structure. Used for setting
- * the password info for decryption a EnvelopedData PWRI RecipientInfo.
- *
- * Returns 0 on success, negative upon error */
-int wc_PKCS7_SetPassword(wc_PKCS7* pkcs7, byte* passwd, word32 pLen)
-{
-    if (pkcs7 == NULL || passwd == NULL || pLen == 0)
-        return BAD_FUNC_ARG;
-
-    pkcs7->pass = passwd;
-    pkcs7->passSz = pLen;
-
-    return 0;
-}
-
-#endif /* NO_PWDBASED */
-
-
-/* Encode and add CMS EnvelopedData KEKRI (KEKRecipientInfo) RecipientInfo
- * to CMS/PKCS#7 EnvelopedData structure.
- *
- * pkcs7 - pointer to initialized PKCS7 structure
- * keyWrapOID - OID sum of key wrap algorithm identifier
- * kek        - key encryption key
- * kekSz      - size of kek, bytes
- * keyID      - key-encryption key identifier, pre-distributed to endpoints
- * keyIDSz    - size of keyID, bytes
- * timePtr    - pointer to "time_t", which is typically "long" (OPTIONAL)
- * otherOID   - ASN.1 encoded OID of other attribute (OPTIONAL)
- * otherOIDSz - size of otherOID, bytes (OPTIONAL)
- * other      - other attribute (OPTIONAL)
- * otherSz    - size of other (OPTIONAL)
- *
- * Returns 0 on success, negative upon error */
-int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek,
-                                word32 kekSz, byte* keyId, word32 keyIdSz,
-                                void* timePtr, byte* otherOID,
-                                word32 otherOIDSz, byte* other, word32 otherSz,
-                                int options)
-{
-    Pkcs7EncodedRecip* recip = NULL;
-    Pkcs7EncodedRecip* lastRecip = NULL;
-
-    byte recipSeq[MAX_SEQ_SZ];
-    byte ver[MAX_VERSION_SZ];
-    byte kekIdSeq[MAX_SEQ_SZ];
-    byte kekIdOctetStr[MAX_OCTET_STR_SZ];
-    byte genTime[ASN_GENERALIZED_TIME_SIZE];
-    byte otherAttSeq[MAX_SEQ_SZ];
-    byte encAlgoId[MAX_ALGO_SZ];
-    byte encKeyOctetStr[MAX_OCTET_STR_SZ];
-    WC_DECLARE_VAR(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ, 0);
-
-    int blockKeySz = 0, ret = 0, direction;
-    word32 idx = 0;
-    word32 totalSz = 0;
-    word32 recipSeqSz = 0, verSz = 0;
-    word32 kekIdSeqSz = 0, kekIdOctetStrSz = 0;
-    word32 otherAttSeqSz = 0, encAlgoIdSz = 0, encKeyOctetStrSz = 0;
-    int encryptedKeySz;
-
-    int timeSz = 0;
-#ifndef NO_ASN_TIME
-    time_t* tm = NULL;
-#endif
-
-    if (pkcs7 == NULL || kek == NULL || keyId == NULL)
-        return BAD_FUNC_ARG;
-
-    recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap,
-                                 DYNAMIC_TYPE_PKCS7);
-    if (recip == NULL)
-        return MEMORY_E;
-
-    XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip));
-
-    /* get key size for content-encryption key based on algorithm */
-    blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (blockKeySz < 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return blockKeySz;
-    }
-
-    /* generate random content encryption key, if needed */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz);
-    if (ret < 0) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* EncryptedKey */
-#ifdef WOLFSSL_SMALL_STACK
-    encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
-                                  DYNAMIC_TYPE_PKCS7);
-    if (encryptedKey == NULL) {
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-#endif
-    encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-    XMEMSET(encryptedKey, 0, (word32)encryptedKeySz);
-
-    #ifndef NO_AES
-        direction = AES_ENCRYPTION;
-    #else
-        direction = DES_ENCRYPTION;
-    #endif
-
-    encryptedKeySz = wc_PKCS7_KeyWrap(pkcs7, pkcs7->cek, pkcs7->cekSz, kek,
-            kekSz, encryptedKey, (word32)encryptedKeySz, keyWrapOID, direction);
-    if (encryptedKeySz < 0) {
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return encryptedKeySz;
-    }
-    /* handle a zero size encKey case as WC_KEY_SIZE_E */
-    if (encryptedKeySz == 0 || encryptedKeySz > MAX_ENCRYPTED_KEY_SZ) {
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return WC_KEY_SIZE_E;
-    }
-
-    encKeyOctetStrSz = SetOctetString((word32)encryptedKeySz, encKeyOctetStr);
-    totalSz += (encKeyOctetStrSz + (word32)encryptedKeySz);
-
-    /* KeyEncryptionAlgorithmIdentifier */
-    encAlgoIdSz = SetAlgoID(keyWrapOID, encAlgoId, oidKeyWrapType, 0);
-    totalSz += encAlgoIdSz;
-
-    /* KEKIdentifier: keyIdentifier */
-    kekIdOctetStrSz = SetOctetString(keyIdSz, kekIdOctetStr);
-    totalSz += (kekIdOctetStrSz + keyIdSz);
-
-    /* KEKIdentifier: GeneralizedTime (OPTIONAL) */
-#ifndef NO_ASN_TIME
-    if (timePtr != NULL) {
-        tm = (time_t*)timePtr;
-        timeSz = GetAsnTimeString(tm, genTime, sizeof(genTime));
-        if (timeSz < 0) {
-            XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return timeSz;
-        }
-        totalSz += (word32)timeSz;
-    }
-#endif
-
-    /* KEKIdentifier: OtherKeyAttribute SEQ (OPTIONAL) */
-    if (other != NULL && otherSz > 0) {
-        otherAttSeqSz = SetSequence(otherOIDSz + otherSz, otherAttSeq);
-        totalSz += otherAttSeqSz + otherOIDSz + otherSz;
-    }
-
-    /* KEKIdentifier SEQ */
-    kekIdSeqSz = SetSequence(kekIdOctetStrSz + keyIdSz + (word32)timeSz +
-                             otherAttSeqSz + otherOIDSz + otherSz, kekIdSeq);
-    totalSz += kekIdSeqSz;
-
-    /* version */
-    verSz = (word32)SetMyVersion(4, ver, 0);
-    totalSz += verSz;
-    recip->recipVersion = 4;
-
-    /* KEKRecipientInfo SEQ */
-    recipSeqSz = SetImplicit(ASN_SEQUENCE, 2, totalSz, recipSeq, 0);
-    totalSz += recipSeqSz;
-
-    if (totalSz > MAX_RECIP_SZ) {
-        WOLFSSL_MSG("CMS Recipient output buffer too small");
-        XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    XMEMCPY(recip->recip + idx, recipSeq, recipSeqSz);
-    idx += recipSeqSz;
-    XMEMCPY(recip->recip + idx, ver, verSz);
-    idx += verSz;
-    XMEMCPY(recip->recip + idx, kekIdSeq, kekIdSeqSz);
-    idx += kekIdSeqSz;
-    XMEMCPY(recip->recip + idx, kekIdOctetStr, kekIdOctetStrSz);
-    idx += kekIdOctetStrSz;
-    XMEMCPY(recip->recip + idx, keyId, keyIdSz);
-    idx += keyIdSz;
-    if (timePtr != NULL) {
-        XMEMCPY(recip->recip + idx, genTime, (word32)timeSz);
-        idx += (word32)timeSz;
-    }
-    if (other != NULL && otherSz > 0) {
-        XMEMCPY(recip->recip + idx, otherAttSeq, otherAttSeqSz);
-        idx += otherAttSeqSz;
-        XMEMCPY(recip->recip + idx, otherOID, otherOIDSz);
-        idx += otherOIDSz;
-        XMEMCPY(recip->recip + idx, other, otherSz);
-        idx += otherSz;
-    }
-    XMEMCPY(recip->recip + idx, encAlgoId, encAlgoIdSz);
-    idx += encAlgoIdSz;
-    XMEMCPY(recip->recip + idx, encKeyOctetStr, encKeyOctetStrSz);
-    idx += encKeyOctetStrSz;
-    XMEMCPY(recip->recip + idx, encryptedKey, (word32)encryptedKeySz);
-    idx += (word32)encryptedKeySz;
-
-    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    /* store recipient size */
-    recip->recipSz = idx;
-    recip->recipType = PKCS7_KEKRI;
-
-    /* add recipient to recip list */
-    if (pkcs7->recipList == NULL) {
-        pkcs7->recipList = recip;
-    } else {
-        lastRecip = pkcs7->recipList;
-        while(lastRecip->next != NULL) {
-            lastRecip = lastRecip->next;
-        }
-        lastRecip->next = recip;
-    }
-
-    (void)options;
-
-    return (int)idx;
-}
-
-
-static int wc_PKCS7_GetCMSVersion(wc_PKCS7* pkcs7, int cmsContentType)
-{
-    int version = -1;
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    switch (cmsContentType) {
-        case ENVELOPED_DATA:
-
-            /* NOTE: EnvelopedData does not currently support
-               originatorInfo or unprotectedAttributes. When either of these
-               are added, version checking below needs to be updated to match
-               Section 6.1 of RFC 5652 */
-
-            /* if RecipientInfos include pwri or ori, version is 3 */
-            if (wc_PKCS7_RecipientListIncludesType(pkcs7, PKCS7_PWRI) ||
-                wc_PKCS7_RecipientListIncludesType(pkcs7, PKCS7_ORI)) {
-                version = 3;
-                break;
-            }
-
-            /* if unprotectedAttrs is absent AND all RecipientInfo structs
-               are version 0, version is 0 */
-            if (wc_PKCS7_RecipientListVersionsAllZero(pkcs7)) {
-                version = 0;
-                break;
-            }
-
-            /* otherwise, version is 2 */
-            version = 2;
-            break;
-
-        default:
-            break;
-    }
-
-    return version;
-}
-
-
-/* build PKCS#7 envelopedData content type, return enveloped size */
-int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
-{
-    int ret, idx = 0;
-    int totalSz, padSz, encryptedOutSz;
-
-    int contentInfoSeqSz = 0, outerContentTypeSz = 0, outerContentSz;
-    byte contentInfoSeq[MAX_SEQ_SZ];
-    byte outerContentType[MAX_ALGO_SZ];
-    byte outerContent[MAX_SEQ_SZ];
-
-    int kariVersion;
-    int envDataSeqSz, verSz;
-    byte envDataSeq[MAX_SEQ_SZ];
-    byte ver[MAX_VERSION_SZ];
-
-    WC_RNG rng;
-    int blockSz, blockKeySz;
-    byte* plain            = NULL;
-    byte* encryptedContent = NULL;
-
-    Pkcs7EncodedRecip* tmpRecip = NULL;
-    int recipSz, recipSetSz;
-    byte recipSet[MAX_SET_SZ];
-
-    int encContentOctetSz, encContentSeqSz, contentTypeSz;
-    int contentEncAlgoSz, ivOctetStringSz;
-    byte encContentSeq[MAX_SEQ_SZ];
-    byte contentType[MAX_ALGO_SZ];
-    byte contentEncAlgo[MAX_ALGO_SZ];
-    byte tmpIv[MAX_CONTENT_IV_SIZE];
-    byte ivOctetString[MAX_OCTET_STR_SZ];
-    byte encContentOctet[MAX_OCTET_STR_SZ];
-#ifdef ASN_BER_TO_DER
-    word32 streamSz = 0;
-#endif
-
-    if (pkcs7 == NULL
-        #ifndef ASN_BER_TO_DER
-            || pkcs7->content == NULL
-        #endif
-            || pkcs7->contentSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef ASN_BER_TO_DER
-    if (output == NULL || outputSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-#else
-    /* if both output and callback are not set then error out */
-    if ((output == NULL || outputSz == 0) && (pkcs7->streamOutCb == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-#endif
-
-    blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (blockKeySz < 0)
-        return blockKeySz;
-
-    blockSz = wc_PKCS7_GetOIDBlockSize(pkcs7->encryptOID);
-    if (blockSz < 0)
-        return blockSz;
-
-    if (pkcs7->contentOID != FIRMWARE_PKG_DATA) {
-        /* outer content type */
-        ret = wc_SetContentType(ENVELOPED_DATA, outerContentType,
-                                sizeof(outerContentType));
-        if (ret < 0)
-            return ret;
-
-        outerContentTypeSz = ret;
-    }
-
-    /* generate random content encryption key */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz);
-    if (ret != 0) {
-        return ret;
-    }
-
-    /* build RecipientInfo, only if user manually set singleCert and size */
-    if (pkcs7->singleCert != NULL && pkcs7->singleCertSz > 0) {
-        switch (pkcs7->publicKeyOID) {
-        #ifndef NO_RSA
-            case RSAk:
-                ret = wc_PKCS7_AddRecipient_KTRI(pkcs7, pkcs7->singleCert,
-                                                 pkcs7->singleCertSz, 0);
-                break;
-        #endif
-        #ifdef HAVE_ECC
-            case ECDSAk:
-                ret = wc_PKCS7_AddRecipient_KARI(pkcs7, pkcs7->singleCert,
-                                                 pkcs7->singleCertSz,
-                                                 pkcs7->keyWrapOID,
-                                                 pkcs7->keyAgreeOID, pkcs7->ukm,
-                                                 pkcs7->ukmSz, 0);
-                break;
-        #endif
-
-            default:
-                WOLFSSL_MSG("Unsupported RecipientInfo public key type");
-                return BAD_FUNC_ARG;
-        };
-
-        if (ret < 0) {
-            WOLFSSL_MSG("Failed to create RecipientInfo");
-            return ret;
-        }
-    }
-
-    recipSz = wc_PKCS7_GetRecipientListSize(pkcs7);
-    if (recipSz < 0) {
-        return ret;
-
-    } else if (recipSz == 0) {
-        WOLFSSL_MSG("You must add at least one CMS recipient");
-        return PKCS7_RECIP_E;
-    }
-    recipSetSz = (int)SetSet((word32)recipSz, recipSet);
-
-    /* version, defined in Section 6.1 of RFC 5652 */
-    kariVersion = wc_PKCS7_GetCMSVersion(pkcs7, ENVELOPED_DATA);
-    if (kariVersion < 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        WOLFSSL_MSG("Failed to set CMS EnvelopedData version");
-        return PKCS7_RECIP_E;
-    }
-
-    verSz = SetMyVersion((word32)kariVersion, ver, 0);
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return ret;
-    }
-
-    /* generate IV for block cipher */
-    ret = wc_PKCS7_GenerateBlock(pkcs7, &rng, tmpIv, (word32)blockSz);
-    wc_FreeRng(&rng);
-    if (ret != 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return ret;
-    }
-
-    /* EncryptedContentInfo */
-    ret = wc_SetContentType(pkcs7->contentOID, contentType,
-                            sizeof(contentType));
-    if (ret < 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return ret;
-    }
-
-    contentTypeSz = ret;
-
-    /* allocate encrypted content buffer and PKCS#7 padding */
-    padSz = wc_PKCS7_GetPadSize(pkcs7->contentSz, (word32)blockSz);
-    if (padSz < 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return padSz;
-    }
-
-    encryptedOutSz = (int)pkcs7->contentSz + padSz;
-
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->getContentCb == NULL)
-#endif
-    {
-        plain = (byte*)XMALLOC((word32)encryptedOutSz, pkcs7->heap,
-                               DYNAMIC_TYPE_PKCS7);
-        if (plain == NULL) {
-            wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-            return MEMORY_E;
-        }
-
-        ret = wc_PKCS7_PadData(pkcs7->content, pkcs7->contentSz, plain,
-                               (word32)encryptedOutSz, (word32)blockSz);
-        if (ret < 0) {
-            XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-            return ret;
-        }
-
-    }
-
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->streamOutCb == NULL)
-#endif
-    {
-        encryptedContent = (byte*)XMALLOC((word32)encryptedOutSz, pkcs7->heap,
-                                          DYNAMIC_TYPE_PKCS7);
-        if (encryptedContent == NULL) {
-            XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-            return MEMORY_E;
-        }
-    }
-
-    /* put together IV OCTET STRING */
-    ivOctetStringSz = (int)SetOctetString((word32)blockSz, ivOctetString);
-
-    /* build up our ContentEncryptionAlgorithmIdentifier sequence,
-     * adding (ivOctetStringSz + blockSz) for IV OCTET STRING */
-    contentEncAlgoSz = (int)SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
-                                 oidBlkType, ivOctetStringSz + blockSz);
-
-    if (contentEncAlgoSz == 0) {
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return BAD_FUNC_ARG;
-    }
-
-    encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0,
-            (word32)encryptedOutSz, encContentOctet, pkcs7->encodeStream);
-    encContentSeqSz = (int)SetSequenceEx((word32)(contentTypeSz +
-                              contentEncAlgoSz + ivOctetStringSz + blockSz +
-                              encContentOctetSz + encryptedOutSz),
-                              encContentSeq, pkcs7->encodeStream);
-
-    /* keep track of sizes for outer wrapper layering */
-    totalSz = verSz + recipSetSz + recipSz + encContentSeqSz + contentTypeSz +
-              contentEncAlgoSz + ivOctetStringSz + blockSz +
-              encContentOctetSz + encryptedOutSz;
-
-    /* EnvelopedData */
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->encodeStream) {
-        word32 tmpIdx = 0;
-
-        /* account for ending of encContentOctet */
-        totalSz += ASN_INDEF_END_SZ;
-
-        /* account for ending of encContentSeq */
-        totalSz += ASN_INDEF_END_SZ;
-
-        /* account for asn1 syntax around octet strings */
-        StreamOctetString(NULL, (word32)encryptedOutSz, NULL, &streamSz,
-                                                                       &tmpIdx);
-        totalSz += ((int)streamSz - encryptedOutSz);
-
-        /* resize encrypted content buffer */
-        if (encryptedContent != NULL) {
-            XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            encryptedContent = (byte*)XMALLOC(streamSz, pkcs7->heap,
-                                              DYNAMIC_TYPE_PKCS7);
-            if (encryptedContent == NULL) {
-                XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-                return MEMORY_E;
-            }
-        }
-    }
-#endif
-    envDataSeqSz = (int)SetSequenceEx((word32)totalSz, envDataSeq,
-        pkcs7->encodeStream);
-    totalSz += envDataSeqSz;
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->encodeStream) {
-        totalSz += ASN_INDEF_END_SZ;
-    }
-#endif
-
-    /* outer content */
-    outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent,
-        pkcs7->encodeStream);
-#ifdef ASN_BER_TO_DER
-    if (pkcs7->encodeStream) {
-        totalSz += ASN_INDEF_END_SZ;
-    }
-#endif
-    totalSz += outerContentTypeSz;
-    totalSz += outerContentSz;
-
-    if (pkcs7->contentOID != FIRMWARE_PKG_DATA) {
-        /* ContentInfo */
-        contentInfoSeqSz = (int)SetSequenceEx((word32)totalSz, contentInfoSeq,
-            pkcs7->encodeStream);
-        totalSz += contentInfoSeqSz;
-    #ifdef ASN_BER_TO_DER
-        if (pkcs7->encodeStream) {
-            totalSz += ASN_INDEF_END_SZ;
-        }
-    #endif
-    }
-
-    if ((totalSz > (int)outputSz)
-    #ifdef ASN_BER_TO_DER
-         && (pkcs7->streamOutCb == NULL)
-    #endif
-    ) {
-        WOLFSSL_MSG("Pkcs7_encrypt output buffer too small");
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return BUFFER_E;
-    }
-
-    /* begin writing out PKCS7 bundle */
-    if (pkcs7->contentOID != FIRMWARE_PKG_DATA) {
-        wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            contentInfoSeq, (word32)contentInfoSeqSz);
-        idx += contentInfoSeqSz;
-        wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            outerContentType, (word32)outerContentTypeSz);
-        idx += outerContentTypeSz;
-        wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            outerContent, (word32)outerContentSz);
-        idx += outerContentSz;
-    }
-
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            envDataSeq, (word32)envDataSeqSz);
-    idx += envDataSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            ver, (word32)verSz);
-    idx += verSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            recipSet, (word32)recipSetSz);
-    idx += recipSetSz;
-    /* copy in recipients from list */
-    tmpRecip = pkcs7->recipList;
-    while (tmpRecip != NULL) {
-        wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            tmpRecip->recip, tmpRecip->recipSz);
-        idx += (int)tmpRecip->recipSz;
-        tmpRecip = tmpRecip->next;
-    }
-    wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            encContentSeq, (word32)encContentSeqSz);
-    idx += encContentSeqSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            contentType, (word32)contentTypeSz);
-    idx += contentTypeSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            contentEncAlgo, (word32)contentEncAlgoSz);
-    idx += contentEncAlgoSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            ivOctetString, (word32)ivOctetStringSz);
-    idx += ivOctetStringSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            tmpIv, (word32)blockSz);
-    idx += blockSz;
-    wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            encContentOctet, (word32)encContentOctetSz);
-    idx += encContentOctetSz;
-
-    /* encrypt content */
-    ret = wc_PKCS7_EncryptContent(pkcs7, pkcs7->encryptOID, pkcs7->cek,
-            (int)pkcs7->cekSz, tmpIv, blockSz, NULL, 0, NULL, 0, plain,
-            encryptedOutSz, encryptedContent);
-    if (ret != 0) {
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return ret;
-    }
-
-#ifdef ASN_BER_TO_DER
-    /* stream the content (octet string with multiple octet elements) */
-    if (pkcs7->encodeStream) {
-        byte indefEnd[ASN_INDEF_END_SZ * 5];
-        word32 localIdx = 0;
-
-        /* advance index past encrypted content */
-        if (!pkcs7->streamOutCb) {
-            wc_PKCS7_WriteOut(pkcs7, (output)? output + idx : NULL,
-                encryptedContent, streamSz);
-        }
-        idx += (int)streamSz;
-
-        /* end of encrypted content */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        /* end of encrypted content info */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        /* end of Enveloped Data seq */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        /* end of outer content set */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        /* end of outer content info seq */
-        localIdx += SetIndefEnd(indefEnd + localIdx);
-
-        wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            indefEnd, localIdx);
-        idx += (int)localIdx;
-    }
-    else
-#endif
-    {
-        wc_PKCS7_WriteOut(pkcs7, (output)? (output + idx) : NULL,
-            encryptedContent, (word32)encryptedOutSz);
-        idx += encryptedOutSz;
-    }
-
-    XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    return idx;
-}
-
-#ifndef NO_RSA
-/* decode KeyTransRecipientInfo (ktri), return 0 on success, <0 on error */
-static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                               word32* idx, byte* decryptedKey,
-                               word32* decryptedKeySz, int* recipFound)
-{
-    int length, encryptedKeySz = 0, ret = 0;
-    int keySz, version, sidType = 0;
-    int keyIdSize;
-    word32 encOID = 0;
-    word32 keyIdx;
-    byte   issuerHash[KEYID_SIZE];
-    byte*  outKey   = NULL;
-    byte* pkiMsg    = in;
-    word32 pkiMsgSz = inSz;
-    byte   tag;
-
-
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = *idx;
-#endif
-#ifdef WC_RSA_BLINDING
-    WC_RNG rng;
-#endif
-
-    byte* encryptedKey = NULL;
-
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int* serialNum  = NULL;
-    RsaKey* privKey    = NULL;
-#else
-    mp_int serialNum[1];
-    RsaKey privKey[1];
-#endif
-    XMEMSET(issuerHash, 0, sizeof(issuerHash));
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           pkcs7->publicKeyOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_DECRYPT_KTRI:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_VERSION_SZ,
-                            &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-            if (GetMyVersion(pkiMsg, idx, &version, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            if (version == 0) {
-                sidType = CMS_ISSUER_AND_SERIAL_NUMBER;
-            } else if (version == 2) {
-                sidType = CMS_SKID;
-            } else {
-                return ASN_VERSION_E;
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, 0, sidType, version);
-
-            /* @TODO getting total amount left because of GetInt call later on
-             * this could be optimized to stream better */
-            if (pkcs7->stream->totalRd > pkcs7->stream->maxLen) {
-                WOLFSSL_MSG("PKCS7 read more than expected");
-                ret = BUFFER_E;
-                break;
-            }
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_2);
-            FALL_THROUGH;
-
-        case WC_PKCS7_DECRYPT_KTRI_2:
-        #ifndef NO_PKCS7_STREAM
-
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-
-            if (in != pkiMsg) {
-                pkiMsgSz =  pkcs7->stream->length;
-            }
-
-            wc_PKCS7_StreamGetVar(pkcs7, NULL, &sidType, &version);
-
-            /* @TODO get expected size for next part, does not account for
-             * GetInt call well */
-            if (pkcs7->stream->expected == MAX_SEQ_SZ) {
-                int sz;
-                word32 lidx;
-
-                if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-                    lidx = *idx;
-                    ret = GetSequence(pkiMsg, &lidx, &sz, pkiMsgSz);
-                    if (ret < 0)
-                        return ret;
-                }
-                else {
-                    lidx = *idx + ASN_TAG_SZ;
-                    ret = GetLength(pkiMsg, &lidx, &sz, pkiMsgSz);
-                    if (ret < 0)
-                        return ret;
-                }
-
-                pkcs7->stream->expected = (word32)sz + MAX_ALGO_SZ + ASN_TAG_SZ +
-                                          MAX_LENGTH_SZ + 512;
-                if (pkcs7->stream->length > 0 &&
-                        pkcs7->stream->length < pkcs7->stream->expected) {
-                    return WC_PKCS7_WANT_READ_E;
-                }
-            }
-        #endif /* !NO_PKCS7_STREAM */
-
-            if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
-
-                /* remove IssuerAndSerialNumber */
-                if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                    return ASN_PARSE_E;
-
-                if (GetNameHash_ex(pkiMsg, idx, issuerHash, (int)pkiMsgSz,
-                                   pkcs7->publicKeyOID) < 0)
-                    return ASN_PARSE_E;
-
-                /* if we found correct recipient, issuer hashes will match */
-                if (XMEMCMP(issuerHash, pkcs7->issuerHash,
-                            (word32)keyIdSize) == 0) {
-                    *recipFound = 1;
-                }
-
-                WC_ALLOC_VAR_EX(serialNum, mp_int, 1, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E);
-
-                if (GetInt(serialNum, pkiMsg, idx, pkiMsgSz) < 0) {
-                    WC_FREE_VAR_EX(serialNum, pkcs7->heap,
-                        DYNAMIC_TYPE_TMP_BUFFER);
-                    return ASN_PARSE_E;
-                }
-
-                mp_clear(serialNum);
-
-                WC_FREE_VAR_EX(serialNum, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-
-            } else {
-                /* parse SubjectKeyIdentifier
-                 * RFC 5652 lists SubjectKeyIdentifier as [0] followed by
-                 * simple type of octet string
-                 *
-                 *  RecipientIdentifier ::= CHOICE {
-                 *  issuerAndSerialNumber IssuerAndSerialNumber,
-                 *  subjectKeyIdentifier [0] SubjectKeyIdentifier }
-                 *
-                 * The choice of subjectKeyIdentifier (where version was 2) is
-                 * context specific with tag number 0 within the class.
-                 */
-
-                if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-                    return ASN_PARSE_E;
-
-                /* should be context specific and tag number 0: [0] (0x80) */
-                if (tag != ASN_CONTEXT_SPECIFIC) {
-                    return ASN_PARSE_E;
-                }
-
-                if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                    return ASN_PARSE_E;
-
-                if ((word32)keyIdSize > pkiMsgSz - (*idx))
-                    return BUFFER_E;
-
-                /* if we found correct recipient, SKID will match */
-                if (XMEMCMP(pkiMsg + (*idx), pkcs7->issuerSubjKeyId,
-                            (word32)keyIdSize) == 0) {
-                    *recipFound = 1;
-                }
-                (*idx) += (word32)keyIdSize;
-            }
-
-            if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            /* key encryption algorithm must be RSA for now */
-            if (encOID != RSAk
-            #ifndef WC_NO_RSA_OAEP
-                && encOID != RSAESOAEPk
-            #endif
-                )
-                return ALGO_ID_E;
-
-        #ifndef WC_NO_RSA_OAEP
-            if (encOID == RSAESOAEPk) {
-                if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
-                    return ASN_PARSE_E;
-                }
-                if (length > 0) {
-                    WOLFSSL_MSG("only supported default OAEP");
-                    WOLFSSL_ERROR(ALGO_ID_E);
-                    return ALGO_ID_E;
-                }
-            }
-        #endif
-
-            /* read encryptedKey */
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            if (tag != ASN_OCTET_STRING)
-                return ASN_PARSE_E;
-
-            if (GetLength(pkiMsg, idx, &encryptedKeySz, pkiMsgSz) < 0) {
-                return ASN_PARSE_E;
-            }
-            if (encryptedKeySz > MAX_ENCRYPTED_KEY_SZ) {
-               return BUFFER_E;
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, (word32)encryptedKeySz, sidType,
-                version);
-            pkcs7->stream->expected = (word32)encryptedKeySz;
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_3);
-            FALL_THROUGH;
-
-        case WC_PKCS7_DECRYPT_KTRI_3:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            encryptedKeySz = (int)pkcs7->stream->expected;
-        #endif
-
-            /* Always allocate to ensure aligned use with RSA */
-            encryptedKey = (byte*)XMALLOC((word32)encryptedKeySz, pkcs7->heap,
-                                          DYNAMIC_TYPE_WOLF_BIGINT);
-            if (encryptedKey == NULL)
-                return MEMORY_E;
-
-            if (*recipFound == 1)
-                XMEMCPY(encryptedKey, &pkiMsg[*idx], (word32)encryptedKeySz);
-            *idx += (word32)encryptedKeySz;
-
-            /* If this is not the correct recipient then do not try to decode
-             * the encrypted key */
-            if (*recipFound == 0) {
-                XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-                ret = PKCS7_RECIP_E;
-                break;
-            }
-
-            /* load private key */
-        #ifdef WOLFSSL_SMALL_STACK
-            privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            if (privKey == NULL) {
-                XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-                return MEMORY_E;
-            }
-        #endif
-
-            ret = wc_InitRsaKey_ex(privKey, pkcs7->heap, pkcs7->devId);
-            if (ret != 0) {
-                XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-                WC_FREE_VAR_EX(privKey, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-                return ret;
-            }
-
-            if (pkcs7->privateKey != NULL && pkcs7->privateKeySz > 0) {
-                keyIdx = 0;
-                ret = wc_RsaPrivateKeyDecode(pkcs7->privateKey, &keyIdx,
-                        privKey, pkcs7->privateKeySz);
-            }
-            else if (pkcs7->devId == INVALID_DEVID) {
-                ret = BAD_FUNC_ARG;
-            }
-            if (ret != 0) {
-                WOLFSSL_MSG("Failed to decode RSA private key");
-                wc_FreeRsaKey(privKey);
-                XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-                WC_FREE_VAR_EX(privKey, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-                return ret;
-            }
-
-            /* decrypt encryptedKey */
-            #ifdef WC_RSA_BLINDING
-            ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-            if (ret == 0) {
-                ret = wc_RsaSetRNG(privKey, &rng);
-            }
-            #endif
-            if (ret == 0) {
-            #ifdef WOLFSSL_ASYNC_CRYPT
-                /* Currently the call to RSA decrypt here is blocking @TODO */
-                keySz = 0; /* set initial "ret" value to 0 */
-                do {
-                    keySz = wc_AsyncWait(keySz, &privKey->asyncDev,
-                                         WC_ASYNC_FLAG_CALL_AGAIN);
-                if (keySz >= 0)
-            #endif
-                {
-            #ifndef WC_NO_RSA_OAEP
-                    if (encOID != RSAESOAEPk) {
-            #endif
-                        keySz = wc_RsaPrivateDecryptInline(encryptedKey,
-                                                (word32)encryptedKeySz, &outKey,
-                                                privKey);
-            #ifndef WC_NO_RSA_OAEP
-                    }
-                    else {
-                        word32 outLen = (word32)wc_RsaEncryptSize(privKey);
-                        outKey = (byte*)XMALLOC(outLen, pkcs7->heap,
-                                                    DYNAMIC_TYPE_TMP_BUFFER);
-                        if (!outKey) {
-                            WOLFSSL_MSG("Failed to allocate out key buffer");
-                            wc_FreeRsaKey(privKey);
-                            XFREE(encryptedKey, pkcs7->heap,
-                                                    DYNAMIC_TYPE_WOLF_BIGINT);
-                                    WC_FREE_VAR_EX(privKey, pkcs7->heap,
-                                        DYNAMIC_TYPE_TMP_BUFFER);
-                            WOLFSSL_ERROR_VERBOSE(MEMORY_E);
-                            return MEMORY_E;
-                        }
-
-                        keySz = wc_RsaPrivateDecrypt_ex(encryptedKey,
-                                (word32)encryptedKeySz, outKey, outLen, privKey,
-                                WC_RSA_OAEP_PAD,
-                                WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
-                    }
-            #endif
-                }
-            #ifdef WOLFSSL_ASYNC_CRYPT
-                } while (keySz == WC_NO_ERR_TRACE(WC_PENDING_E));
-            #endif
-                #ifdef WC_RSA_BLINDING
-                    wc_FreeRng(&rng);
-                #endif
-            } else {
-                keySz = ret;
-            }
-            wc_FreeRsaKey(privKey);
-
-            if (keySz <= 0 || outKey == NULL) {
-                ForceZero(encryptedKey, (word32)encryptedKeySz);
-                XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-                WC_FREE_VAR_EX(privKey, pkcs7->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-        #ifndef WC_NO_RSA_OAEP
-                if (encOID == RSAESOAEPk) {
-                    if (!outKey) {
-                        XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                    }
-                }
-        #endif
-                return keySz;
-            } else {
-                *decryptedKeySz = (word32)keySz;
-                XMEMCPY(decryptedKey, outKey, (word32)keySz);
-                ForceZero(encryptedKey, (word32)encryptedKeySz);
-            }
-
-            XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        #ifndef WC_NO_RSA_OAEP
-            if (encOID == RSAESOAEPk) {
-                if (!outKey) {
-                    XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                }
-            }
-        #endif
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-        #endif
-            ret = 0; /* success */
-            break;
-
-        default:
-            WOLFSSL_MSG("PKCS7 Unknown KTRI decrypt state");
-            ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-#endif /* !NO_RSA */
-
-#ifdef HAVE_ECC
-
-/* remove ASN.1 OriginatorIdentifierOrKey, return 0 on success, <0 on error */
-static int wc_PKCS7_KariGetOriginatorIdentifierOrKey(WC_PKCS7_KARI* kari,
-                        byte* pkiMsg, word32 pkiMsgSz, word32* idx)
-{
-    int ret, length;
-    word32 keyOID, oidSum = 0;
-    int curve_id = ECC_CURVE_DEF;
-    byte tag;
-
-    if (kari == NULL || pkiMsg == NULL || idx == NULL)
-        return BAD_FUNC_ARG;
-
-    /* remove OriginatorIdentifierOrKey */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) == 0 &&
-            tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-        if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-            return ASN_PARSE_E;
-
-    } else {
-        return ASN_PARSE_E;
-    }
-
-    /* remove OriginatorPublicKey */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) == 0 &&
-            tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) {
-        if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-            return ASN_PARSE_E;
-
-    } else {
-        return ASN_PARSE_E;
-    }
-
-    /* remove AlgorithmIdentifier */
-    if (GetAlgoId(pkiMsg, idx, &keyOID, oidKeyType, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (keyOID != ECDSAk)
-        return ASN_PARSE_E;
-
-    /* optional algorithm parameters */
-    ret = GetObjectId(pkiMsg, idx, &oidSum, oidIgnoreType, pkiMsgSz);
-    if (ret == 0) {
-        /* get curve id */
-        curve_id = wc_ecc_get_oid(oidSum, NULL, 0);
-        if (curve_id < 0)
-            return ECC_CURVE_OID_E;
-    }
-
-    /* remove ECPoint BIT STRING */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (tag != ASN_BIT_STRING)
-        return ASN_PARSE_E;
-
-    if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-        return ASN_EXPECT_0_E;
-
-    if (tag != ASN_OTHER_TYPE)
-        return ASN_EXPECT_0_E;
-
-    /* get sender ephemeral public ECDSA key */
-    ret = wc_ecc_init_ex(kari->senderKey, kari->heap, kari->devId);
-    if (ret != 0)
-        return ret;
-
-    kari->senderKeyInit = 1;
-
-    /* length-1 for unused bits counter */
-    ret = wc_ecc_import_x963_ex(pkiMsg + (*idx), (word32)length - 1,
-            kari->senderKey, curve_id);
-    if (ret != 0) {
-        ret = wc_EccPublicKeyDecode(pkiMsg, idx, kari->senderKey,
-            *idx + (word32)length - 1);
-        if (ret != 0)
-            return ret;
-    }
-    else {
-        (*idx) += (word32)(length - 1);
-    }
-
-    return 0;
-}
-
-
-/* remove optional UserKeyingMaterial if available, return 0 on success,
- * < 0 on error */
-static int wc_PKCS7_KariGetUserKeyingMaterial(WC_PKCS7_KARI* kari,
-                        byte* pkiMsg, word32 pkiMsgSz, word32* idx)
-{
-    int length;
-    word32 savedIdx;
-    byte tag;
-
-    if (kari == NULL || pkiMsg == NULL || idx == NULL)
-        return BAD_FUNC_ARG;
-
-    savedIdx = *idx;
-
-    /* starts with EXPLICIT [1] */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
-        *idx = savedIdx;
-        return 0;
-    }
-    if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) {
-        *idx = savedIdx;
-        return 0;
-    }
-
-    if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0) {
-        *idx = savedIdx;
-        return 0;
-    }
-
-    /* get OCTET STRING */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
-        *idx = savedIdx;
-        return 0;
-    }
-    if (tag != ASN_OCTET_STRING) {
-        *idx = savedIdx;
-        return 0;
-    }
-
-    if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0) {
-        *idx = savedIdx;
-        return 0;
-    }
-
-    kari->ukm = NULL;
-    if (length > 0) {
-        kari->ukm = (byte*)XMALLOC((word32)length, kari->heap,
-                                                            DYNAMIC_TYPE_PKCS7);
-        if (kari->ukm == NULL)
-            return MEMORY_E;
-
-        XMEMCPY(kari->ukm, pkiMsg + (*idx), (word32)length);
-        kari->ukmOwner = 1;
-    }
-
-    (*idx) += (word32)length;
-    kari->ukmSz = (word32)length;
-
-    return 0;
-}
-
-
-/* remove ASN.1 KeyEncryptionAlgorithmIdentifier, return 0 on success,
- * < 0 on error */
-static int wc_PKCS7_KariGetKeyEncryptionAlgorithmId(WC_PKCS7_KARI* kari,
-        byte* pkiMsg, word32 pkiMsgSz, word32* idx,
-        word32* keyAgreeOID, word32* keyWrapOID)
-{
-    int length = 0;
-    word32 localIdx;
-
-    if (kari == NULL || pkiMsg == NULL || idx == NULL ||
-        keyAgreeOID == NULL || keyWrapOID == NULL)
-        return BAD_FUNC_ARG;
-
-    localIdx = *idx;
-
-    /* remove KeyEncryptionAlgorithmIdentifier */
-    if (GetSequence(pkiMsg, &localIdx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    localIdx = *idx;
-    if (GetAlgoId(pkiMsg, &localIdx, keyAgreeOID, oidCmsKeyAgreeType,
-              pkiMsgSz) < 0) {
-        return ASN_PARSE_E;
-    }
-
-    if (localIdx < *idx + (word32)length) {
-        *idx = localIdx;
-    }
-    /* remove KeyWrapAlgorithm, stored in parameter of KeyEncAlgoId */
-    if (GetAlgoId(pkiMsg, idx, keyWrapOID, oidKeyWrapType, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    return 0;
-}
-
-
-/* remove ASN.1 SubjectKeyIdentifier, return 0 on success, < 0 on error
- * if subject key ID matches, recipFound is set to 1 */
-static int wc_PKCS7_KariGetSubjectKeyIdentifier(WC_PKCS7_KARI* kari,
-                        byte* pkiMsg, word32 pkiMsgSz, word32* idx,
-                        int* recipFound, byte* rid)
-{
-    int length;
-    byte tag;
-    int keyIdSize;
-
-    if (kari == NULL || pkiMsg == NULL || idx == NULL || recipFound == NULL ||
-            rid == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           kari->decoded->signatureOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    /* remove RecipientKeyIdentifier IMPLICIT [0] */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
-        return ASN_PARSE_E;
-    }
-
-    if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-        if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-            return ASN_PARSE_E;
-
-    } else {
-        return ASN_PARSE_E;
-    }
-
-    /* remove SubjectKeyIdentifier */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
-        return ASN_PARSE_E;
-    }
-
-    if (tag != ASN_OCTET_STRING)
-        return ASN_PARSE_E;
-
-    if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (length != keyIdSize)
-        return ASN_PARSE_E;
-
-    XMEMCPY(rid, pkiMsg + (*idx), (word32)keyIdSize);
-    (*idx) += (word32)length;
-
-    /* subject key id should match if recipient found */
-    if (XMEMCMP(rid, kari->decoded->extSubjKeyId, (word32)keyIdSize) == 0) {
-        *recipFound = 1;
-    }
-
-    return 0;
-}
-
-
-/* remove ASN.1 IssuerAndSerialNumber, return 0 on success, < 0 on error
- * if issuer and serial number match, recipFound is set to 1 */
-static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
-                        byte* pkiMsg, word32 pkiMsgSz, word32* idx,
-                        int* recipFound, byte* rid)
-{
-    int length, ret;
-    int keyIdSize;
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int* serial;
-    mp_int* recipSerial;
-#else
-    mp_int  serial[1];
-    mp_int  recipSerial[1];
-#endif
-
-    if (rid == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           kari->decoded->signatureOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    /* remove IssuerAndSerialNumber */
-    if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (GetNameHash_ex(pkiMsg, idx, rid, (int)pkiMsgSz,
-                       kari->decoded->signatureOID) < 0) {
-        return ASN_PARSE_E;
-    }
-
-    /* if we found correct recipient, issuer hashes will match */
-    if (kari->decodedInit == 1) {
-        if (XMEMCMP(rid, kari->decoded->issuerHash, (word32)keyIdSize) == 0) {
-            *recipFound = 1;
-        }
-    }
-    else {
-        /* can not confirm recipient serial number with no cert provided */
-        WOLFSSL_MSG("No recipient cert loaded to match with CMS serial number");
-        *recipFound = 1;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    serial = (mp_int*)XMALLOC(sizeof(mp_int), kari->heap,
-                              DYNAMIC_TYPE_TMP_BUFFER);
-    if (serial == NULL)
-        return MEMORY_E;
-
-    recipSerial = (mp_int*)XMALLOC(sizeof(mp_int), kari->heap,
-                                   DYNAMIC_TYPE_TMP_BUFFER);
-    if (recipSerial == NULL) {
-        XFREE(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    if (GetInt(serial, pkiMsg, idx, pkiMsgSz) < 0) {
-        WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ASN_PARSE_E;
-    }
-
-    ret = mp_init(recipSerial);
-    if (ret == MP_OKAY)
-        ret = mp_read_unsigned_bin(recipSerial, kari->decoded->serial,
-                             (word32)kari->decoded->serialSz);
-    if (ret != MP_OKAY) {
-        mp_clear(serial);
-        WOLFSSL_MSG("Failed to parse CMS recipient serial number");
-        WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return ret;
-    }
-
-    if (kari->decodedInit == 1 &&
-            mp_cmp(recipSerial, serial) != MP_EQ) {
-        mp_clear(serial);
-        mp_clear(recipSerial);
-        WOLFSSL_MSG("CMS serial number does not match recipient");
-        WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return PKCS7_RECIP_E;
-    }
-
-    mp_clear(serial);
-    mp_clear(recipSerial);
-
-    WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-
-
-/* remove ASN.1 RecipientEncryptedKeys, return 0 on success, < 0 on error */
-static int wc_PKCS7_KariGetRecipientEncryptedKeys(WC_PKCS7_KARI* kari,
-                        byte* pkiMsg, word32 pkiMsgSz, word32* idx,
-                        int* recipFound, byte* encryptedKey,
-                        int* encryptedKeySz, byte* rid)
-{
-    int length;
-    int ret = 0;
-    byte tag;
-    word32 localIdx;
-
-    if (kari == NULL || pkiMsg == NULL || idx == NULL ||
-        recipFound == NULL || encryptedKey == NULL)
-        return BAD_FUNC_ARG;
-
-    /* remove RecipientEncryptedKeys */
-    if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* remove RecipientEncryptedKeys */
-    if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* KeyAgreeRecipientIdentifier is CHOICE of IssuerAndSerialNumber
-     * or [0] IMPLICIT RecipientKeyIdentifier */
-    localIdx = *idx;
-    if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
-        /* try to get RecipientKeyIdentifier */
-        ret = wc_PKCS7_KariGetSubjectKeyIdentifier(kari, pkiMsg, pkiMsgSz,
-                                                   idx, recipFound, rid);
-    } else {
-        /* try to get IssuerAndSerialNumber */
-        ret = wc_PKCS7_KariGetIssuerAndSerialNumber(kari, pkiMsg, pkiMsgSz,
-                                                    idx, recipFound, rid);
-    }
-
-    /* if we don't have either option, malformed CMS */
-    if (ret != 0)
-        return ret;
-
-    /* remove EncryptedKey */
-    if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (tag != ASN_OCTET_STRING)
-        return ASN_PARSE_E;
-
-    if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* put encrypted CEK in decryptedKey buffer for now, decrypt later */
-    if (length > *encryptedKeySz)
-        return BUFFER_E;
-
-    XMEMCPY(encryptedKey, pkiMsg + (*idx), (word32)length);
-    *encryptedKeySz = length;
-    (*idx) += (word32)length;
-
-    return 0;
-}
-
-#endif /* HAVE_ECC */
-
-
-int wc_PKCS7_SetOriEncryptCtx(wc_PKCS7* pkcs7, void* ctx)
-{
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    pkcs7->oriEncryptCtx = ctx;
-
-    return 0;
-}
-
-
-int wc_PKCS7_SetOriDecryptCtx(wc_PKCS7* pkcs7, void* ctx)
-{
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    pkcs7->oriDecryptCtx = ctx;
-
-    return 0;
-}
-
-
-int wc_PKCS7_SetOriDecryptCb(wc_PKCS7* pkcs7, CallbackOriDecrypt cb)
-{
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    pkcs7->oriDecryptCb = cb;
-
-    return 0;
-}
-
-
-/* return 0 on success */
-int wc_PKCS7_SetWrapCEKCb(wc_PKCS7* pkcs7, CallbackWrapCEK cb)
-{
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    pkcs7->wrapCEKCb = cb;
-
-    return 0;
-}
-
-
-/* return 0 on success */
-int wc_PKCS7_SetAESKeyWrapUnwrapCb(wc_PKCS7* pkcs7, CallbackAESKeyWrapUnwrap aesKeyWrapUnwrapCb)
-{
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    pkcs7->aesKeyWrapUnwrapCb = aesKeyWrapUnwrapCb;
-
-    return 0;
-}
-
-
-/* Decrypt ASN.1 OtherRecipientInfo (ori), as defined by:
- *
- *   OtherRecipientInfo ::= SEQUENCE {
- *     oriType OBJECT IDENTIFIER,
- *     oriValue ANY DEFINED BY oriType }
- *
- * pkcs7          - pointer to initialized PKCS7 structure
- * pkiMsg         - pointer to encoded CMS bundle
- * pkiMsgSz       - size of pkiMsg, bytes
- * idx            - [IN/OUT] pointer to index into pkiMsg
- * decryptedKey   - [OUT] output buf for decrypted content encryption key
- * decryptedKeySz - [IN/OUT] size of buffer, size of decrypted key
- * recipFound     - [OUT] 1 if recipient has been found, 0 if not
- *
- * Return 0 on success, negative upon error.
- */
-static int wc_PKCS7_DecryptOri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                               word32* idx, byte* decryptedKey,
-                               word32* decryptedKeySz, int* recipFound)
-{
-    int ret, seqSz, oriOIDSz;
-    word32 oriValueSz, tmpIdx;
-    byte* oriValue;
-    byte oriOID[MAX_OID_SZ];
-
-    byte* pkiMsg    = in;
-    word32 pkiMsgSz = inSz;
-#ifndef NO_PKCS7_STREAM
-    word32 stateIdx = *idx;
-#endif
-
-    if (pkcs7->oriDecryptCb == NULL) {
-        WOLFSSL_MSG("You must register an ORI Decrypt callback");
-        return BAD_FUNC_ARG;
-    }
-
-    switch (pkcs7->state) {
-
-        case WC_PKCS7_DECRYPT_ORI:
-        #ifndef NO_PKCS7_STREAM
-            /* @TODO for now just get full buffer, needs divided up */
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                   (pkcs7->stream->maxLen - pkcs7->stream->totalRd) +
-                   pkcs7->stream->length, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-            /* get OtherRecipientInfo sequence length */
-            if (GetLength(pkiMsg, idx, &seqSz, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            tmpIdx = *idx;
-
-            /* remove and store oriType OBJECT IDENTIFIER */
-            if (GetASNObjectId(pkiMsg, idx, &oriOIDSz, pkiMsgSz) != 0)
-                return ASN_PARSE_E;
-
-            XMEMCPY(oriOID, pkiMsg + *idx, (word32)oriOIDSz);
-            *idx += (word32)oriOIDSz;
-
-            /* get oriValue, increment idx */
-            oriValue = pkiMsg + *idx;
-            oriValueSz = (word32)seqSz - (*idx - tmpIdx);
-            *idx += oriValueSz;
-
-            /* pass oriOID and oriValue to user callback, expect back
-               decryptedKey and size */
-            ret = pkcs7->oriDecryptCb(pkcs7, oriOID, (word32)oriOIDSz, oriValue,
-                                      oriValueSz, decryptedKey, decryptedKeySz,
-                                      pkcs7->oriDecryptCtx);
-
-            if (ret != 0 || decryptedKey == NULL || *decryptedKeySz == 0) {
-                /* decrypt operation failed */
-                *recipFound = 0;
-                return PKCS7_RECIP_E;
-            }
-
-            /* mark recipFound, since we only support one RecipientInfo for
-             * now */
-            *recipFound = 1;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &stateIdx, idx)) != 0) {
-                break;
-            }
-        #endif
-            ret = 0; /* success */
-            break;
-
-        default:
-            WOLFSSL_MSG("PKCS7 ORI unknown state");
-            ret = BAD_FUNC_ARG;
-
-    }
-
-    return ret;
-}
-
-#if !defined(NO_PWDBASED) && !defined(NO_SHA)
-
-/* decode ASN.1 PasswordRecipientInfo (pwri), return 0 on success,
- * < 0 on error */
-static int wc_PKCS7_DecryptPwri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                               word32* idx, byte* decryptedKey,
-                               word32* decryptedKeySz, int* recipFound)
-{
-    byte* salt;
-    byte* cek;
-    byte* kek;
-
-    byte tmpIv[MAX_CONTENT_IV_SIZE];
-
-    int ret = 0, length, saltSz, iterations, blockSz, kekKeySz;
-    int hashOID = WC_SHA; /* default to SHA1 */
-    word32 kdfAlgoId, pwriEncAlgoId, keyEncAlgoId, cekSz;
-    byte* pkiMsg = in;
-    word32 pkiMsgSz = inSz;
-    byte  tag;
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = *idx;
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_DECRYPT_PWRI:
-        #ifndef NO_PKCS7_STREAM
-            /*@TODO for now just get full buffer, needs divided up */
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                   (pkcs7->stream->maxLen - pkcs7->stream->totalRd) +
-                   pkcs7->stream->length, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            #ifdef ASN_BER_TO_DER
-            /* check if pkcs7->der is being used after BER to DER */
-            if (pkcs7->derSz > 0) {
-                pkiMsgSz = pkcs7->derSz;
-            }
-            else
-            #endif
-            {
-                pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                                                        inSz;
-            }
-        #endif
-            /* remove KeyDerivationAlgorithmIdentifier */
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
-                return ASN_PARSE_E;
-
-            if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            /* get KeyDerivationAlgorithmIdentifier */
-            if (wc_GetContentType(pkiMsg, idx, &kdfAlgoId, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            /* get KDF params SEQ */
-            if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            /* get KDF salt OCTET STRING */
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            if (tag != ASN_OCTET_STRING)
-                return ASN_PARSE_E;
-
-            if (GetLength(pkiMsg, idx, &saltSz, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            salt = (byte*)XMALLOC((word32)saltSz, pkcs7->heap,
-                                                            DYNAMIC_TYPE_PKCS7);
-            if (salt == NULL)
-                return MEMORY_E;
-
-            XMEMCPY(salt, pkiMsg + (*idx), (word32)saltSz);
-            *idx += (word32)saltSz;
-
-            /* get KDF iterations */
-            if (GetMyVersion(pkiMsg, idx, &iterations, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            /* get KeyEncAlgoId SEQ */
-            if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            /* get KeyEncAlgoId */
-            if (wc_GetContentType(pkiMsg, idx, &keyEncAlgoId, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            /* get pwriEncAlgoId */
-            if (GetAlgoId(pkiMsg, idx, &pwriEncAlgoId, oidBlkType,
-                                                                pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            blockSz = wc_PKCS7_GetOIDBlockSize((int)pwriEncAlgoId);
-            if (blockSz < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return blockSz;
-            }
-
-            /* get content-encryption key size, based on algorithm */
-            kekKeySz = wc_PKCS7_GetOIDKeySize((int)pwriEncAlgoId);
-            if (kekKeySz < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return kekKeySz;
-            }
-
-            /* get block cipher IV, stored in OPTIONAL parameter of AlgoID */
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            if (tag != ASN_OCTET_STRING) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            if (length != blockSz) {
-                WOLFSSL_MSG("Incorrect IV length, must be of content alg block "
-                            "size");
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            XMEMCPY(tmpIv, pkiMsg + (*idx), (word32)length);
-            *idx += (word32)length;
-
-            /* get EncryptedKey */
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            if (tag != ASN_OCTET_STRING) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            /* allocate temporary space for decrypted key */
-            cekSz = (word32)length;
-            cek = (byte*)XMALLOC(cekSz, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            if (cek == NULL) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return MEMORY_E;
-            }
-
-            /* generate KEK */
-            kek = (byte*)XMALLOC((word32)kekKeySz, pkcs7->heap,
-                                                            DYNAMIC_TYPE_PKCS7);
-            if (kek == NULL) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return MEMORY_E;
-            }
-
-            ret = wc_PKCS7_GenerateKEK_PWRI(pkcs7, pkcs7->pass, pkcs7->passSz,
-                                  salt, (word32)saltSz, (int)kdfAlgoId, hashOID,
-                                  iterations, kek, (word32)kekKeySz);
-            if (ret < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ASN_PARSE_E;
-            }
-
-            /* decrypt CEK with KEK */
-            ret = wc_PKCS7_PwriKek_KeyUnWrap(pkcs7, kek, (word32)kekKeySz,
-                                             pkiMsg + (*idx), (word32)length,
-                                             cek, cekSz, tmpIv, (word32)blockSz,
-                                             pwriEncAlgoId);
-            if (ret < 0) {
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-            cekSz = (word32)ret;
-
-            if (*decryptedKeySz < cekSz) {
-                WOLFSSL_MSG("Decrypted key buffer too small for CEK");
-                XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return BUFFER_E;
-            }
-
-            XMEMCPY(decryptedKey, cek, cekSz);
-            *decryptedKeySz = cekSz;
-
-            XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(cek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-            /* mark recipFound, since we only support one RecipientInfo for now */
-            *recipFound = 1;
-            *idx += (word32)length;
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-        #endif
-            ret = 0; /* success */
-            break;
-
-        default:
-            WOLFSSL_MSG("PKCS7 PWRI unknown state");
-            ret = BAD_FUNC_ARG;
-    }
-
-    return ret;
-}
-
-#endif /* NO_PWDBASED | NO_SHA */
-
-/* decode ASN.1 KEKRecipientInfo (kekri), return 0 on success,
- * < 0 on error */
-static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                               word32* idx, byte* decryptedKey,
-                               word32* decryptedKeySz, int* recipFound)
-{
-    int length, keySz, dateLen, direction;
-    byte* keyId = NULL;
-    const byte* datePtr = NULL;
-    byte  dateFormat, tag;
-    word32 keyIdSz, kekIdSz, keyWrapOID, localIdx;
-
-    int ret = 0;
-    byte* pkiMsg    = in;
-    word32 pkiMsgSz = inSz;
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = *idx;
-#endif
-
-    WOLFSSL_ENTER("wc_PKCS7_DecryptKekri");
-    switch (pkcs7->state) {
-        case WC_PKCS7_DECRYPT_KEKRI:
-        #ifndef NO_PKCS7_STREAM
-            /* @TODO for now just get full buffer, needs divided up */
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                   (pkcs7->stream->maxLen - pkcs7->stream->totalRd) +
-                   pkcs7->stream->length, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-            /* remove KEKIdentifier */
-            if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            kekIdSz = (word32)length;
-
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            if (tag != ASN_OCTET_STRING)
-                return ASN_PARSE_E;
-
-            if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            /* save keyIdentifier and length */
-            keyId = pkiMsg + *idx;
-            keyIdSz = (word32)length;
-            *idx += keyIdSz;
-
-            /* may have OPTIONAL GeneralizedTime */
-            localIdx = *idx;
-            if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag,
-                        pkiMsgSz) == 0 && tag == ASN_GENERALIZED_TIME) {
-                if (wc_GetDateInfo(pkiMsg + *idx, (int)pkiMsgSz, &datePtr,
-                        &dateFormat, &dateLen) != 0) {
-                    return ASN_PARSE_E;
-                }
-                *idx += (word32)(dateLen + 1);
-            }
-
-            if (*idx > pkiMsgSz) {
-                return ASN_PARSE_E;
-            }
-
-            /* may have OPTIONAL OtherKeyAttribute */
-            localIdx = *idx;
-            if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag,
-                            pkiMsgSz) == 0 && tag == (ASN_SEQUENCE |
-                            ASN_CONSTRUCTED)) {
-                if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                    return ASN_PARSE_E;
-
-                /* skip it */
-                *idx += (word32)length;
-            }
-
-            if (*idx > pkiMsgSz) {
-                return ASN_PARSE_E;
-            }
-
-            /* get KeyEncryptionAlgorithmIdentifier */
-            if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz)
-                    < 0)
-                return ASN_PARSE_E;
-
-            /* get EncryptedKey */
-            if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            if (tag != ASN_OCTET_STRING)
-                return ASN_PARSE_E;
-
-            if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
-                return ASN_PARSE_E;
-
-            #ifndef NO_AES
-                direction = AES_DECRYPTION;
-            #else
-                direction = DES_DECRYPTION;
-            #endif
-
-            /* decrypt CEK with KEK */
-            if (pkcs7->wrapCEKCb) {
-                keySz = pkcs7->wrapCEKCb(pkcs7, pkiMsg + *idx, (word32)length,
-                                    keyId, keyIdSz, NULL, 0, decryptedKey,
-                                    *decryptedKeySz, (int)keyWrapOID,
-                                    (int)PKCS7_KEKRI, direction);
-            }
-            else {
-                keySz = wc_PKCS7_KeyWrap(pkcs7, pkiMsg + *idx, (word32)length,
-                        pkcs7->privateKey, pkcs7->privateKeySz, decryptedKey,
-                        *decryptedKeySz, (int)keyWrapOID, direction);
-            }
-            if (keySz <= 0)
-                return keySz;
-
-            *decryptedKeySz = (word32)keySz;
-
-            /* mark recipFound, since we only support one RecipientInfo for
-             * now */
-            *recipFound = 1;
-            *idx += (word32)length;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-        #endif
-            ret = 0; /* success */
-            break;
-
-        default:
-            WOLFSSL_MSG("PKCS7 KEKRI unknown state");
-            ret = BAD_FUNC_ARG;
-
-    }
-
-    (void)keyId;
-    return ret;
-}
-
-
-/* decode ASN.1 KeyAgreeRecipientInfo (kari), return 0 on success,
- * < 0 on error */
-static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                               word32* idx, byte* decryptedKey,
-                               word32* decryptedKeySz, int* recipFound)
-{
-#ifdef HAVE_ECC
-    int ret, keySz;
-    int encryptedKeySz;
-    int direction = 0;
-    int keyIdSize;
-    word32 keyAgreeOID, keyWrapOID;
-    byte rid[KEYID_SIZE];
-
-    WC_DECLARE_VAR(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ, 0);
-
-    byte* pkiMsg    = in;
-    word32 pkiMsgSz = inSz;
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = (idx) ? *idx : 0;
-#endif
-    WOLFSSL_ENTER("wc_PKCS7_DecryptKari");
-    if (pkcs7 == NULL || pkiMsg == NULL ||
-        idx == NULL || decryptedKey == NULL || decryptedKeySz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
-    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
-           pkcs7->publicKeyOID)));
-#else
-    keyIdSize = KEYID_SIZE;
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_DECRYPT_KARI: {
-            WC_PKCS7_KARI* kari;
-
-        #ifndef NO_PKCS7_STREAM
-            /* @TODO for now just get full buffer, needs divided up */
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                   (pkcs7->stream->maxLen - pkcs7->stream->totalRd) +
-                   pkcs7->stream->length, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-
-            kari = wc_PKCS7_KariNew(pkcs7, WC_PKCS7_DECODE);
-            if (kari == NULL)
-                return MEMORY_E;
-
-            WC_ALLOC_VAR_EX(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ,
-                pkcs7->heap, DYNAMIC_TYPE_PKCS7,
-            {
-                wc_PKCS7_KariFree(kari);
-                return MEMORY_E;
-            });
-            encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-
-            /* parse cert and key */
-            ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
-                                         pkcs7->singleCertSz, pkcs7->privateKey,
-                                         pkcs7->privateKeySz);
-
-             if (ret != 0) {
-                wc_PKCS7_KariFree(kari);
-                WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                    DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-
-            /* remove OriginatorIdentifierOrKey */
-            ret = wc_PKCS7_KariGetOriginatorIdentifierOrKey(kari, pkiMsg,
-                                                            pkiMsgSz, idx);
-            if (ret != 0) {
-                wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-
-            /* try and remove optional UserKeyingMaterial */
-            ret = wc_PKCS7_KariGetUserKeyingMaterial(kari, pkiMsg, pkiMsgSz,
-                idx);
-            if (ret != 0) {
-                wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-
-            /* remove KeyEncryptionAlgorithmIdentifier */
-            ret = wc_PKCS7_KariGetKeyEncryptionAlgorithmId(kari, pkiMsg,
-                    pkiMsgSz, idx, &keyAgreeOID, &keyWrapOID);
-            if (ret != 0) {
-                wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-
-            /* if user has not explicitly set keyAgreeOID, set from one in
-             * bundle */
-            if (pkcs7->keyAgreeOID == 0)
-                pkcs7->keyAgreeOID = (int)keyAgreeOID;
-
-            /* set direction based on key wrap algorithm */
-            switch (keyWrapOID) {
-        #ifndef NO_AES
-            #ifdef WOLFSSL_AES_128
-                case AES128_WRAP:
-            #endif
-            #ifdef WOLFSSL_AES_192
-                case AES192_WRAP:
-            #endif
-            #ifdef WOLFSSL_AES_256
-                case AES256_WRAP:
-            #endif
-                    direction = AES_DECRYPTION;
-                    break;
-        #endif
-                default:
-                    WOLFSSL_MSG("AES key wrap algorithm unsupported");
-                    if (pkcs7->wrapCEKCb) {
-                        WOLFSSL_MSG("Direction not set!");
-                        break; /* if unwrapping callback is set then do not
-                                * force restriction of supported wrap
-                                * algorithms */
-                    }
-
-                    wc_PKCS7_KariFree(kari);
-                        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                            DYNAMIC_TYPE_PKCS7);
-                    return BAD_KEYWRAP_ALG_E;
-            }
-
-            /* remove RecipientEncryptedKeys */
-            ret = wc_PKCS7_KariGetRecipientEncryptedKeys(kari, pkiMsg, pkiMsgSz,
-                           idx, recipFound, encryptedKey, &encryptedKeySz, rid);
-            if (ret != 0) {
-                wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-
-            /* decrypt CEK with KEK */
-            if (pkcs7->wrapCEKCb) {
-                word32 tmpKeySz = 0;
-                byte* tmpKeyDer = NULL;
-
-                PRIVATE_KEY_UNLOCK();
-                ret = wc_ecc_export_x963(kari->senderKey, NULL, &tmpKeySz);
-                PRIVATE_KEY_LOCK();
-                if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-                    wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                    return ret;
-                }
-
-                /* buffer space for algorithm/curve */
-                tmpKeySz += MAX_SEQ_SZ;
-                tmpKeySz += 2 * MAX_ALGO_SZ;
-
-                /* buffer space for public key sequence */
-                tmpKeySz += MAX_SEQ_SZ;
-                tmpKeySz += TRAILING_ZERO;
-
-                tmpKeyDer = (byte*)XMALLOC(tmpKeySz, pkcs7->heap,
-                        DYNAMIC_TYPE_TMP_BUFFER);
-                if (tmpKeyDer == NULL) {
-                    wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                    return MEMORY_E;
-                }
-
-                ret = wc_EccPublicKeyToDer(kari->senderKey, tmpKeyDer,
-                                         tmpKeySz, 1);
-                if (ret < 0) {
-                    wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                    XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                    return ret;
-                }
-                tmpKeySz = (word32)ret;
-
-                keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey,
-                    (word32)encryptedKeySz, rid, (word32)keyIdSize, tmpKeyDer,
-                    tmpKeySz, decryptedKey, *decryptedKeySz,
-                    (int)keyWrapOID, (int)PKCS7_KARI, direction);
-                XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-                if (keySz  > 0) {
-                    /* If unwrapping was successful then consider recipient
-                     * found. Checking for NULL singleCert to confirm previous
-                     * SID check was not done */
-                    if (pkcs7->singleCert == NULL)
-                        *recipFound = 1;
-                }
-            }
-            else {
-                /* create KEK */
-                ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng,
-                    (int)keyWrapOID, pkcs7->keyAgreeOID);
-                if (ret != 0) {
-                    wc_PKCS7_KariFree(kari);
-                        WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                            DYNAMIC_TYPE_PKCS7);
-                    return ret;
-                }
-
-                /* decrypt CEK with KEK */
-                keySz = wc_PKCS7_KeyWrap(pkcs7, encryptedKey,
-                        (word32)encryptedKeySz, kari->kek, kari->kekSz,
-                        decryptedKey, *decryptedKeySz, (int)keyWrapOID,
-                        direction);
-            }
-            if (keySz <= 0) {
-                wc_PKCS7_KariFree(kari);
-                    WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                        DYNAMIC_TYPE_PKCS7);
-                return keySz;
-            }
-            *decryptedKeySz = (word32)keySz;
-
-            wc_PKCS7_KariFree(kari);
-                WC_FREE_VAR_EX(encryptedKey, pkcs7->heap,
-                    DYNAMIC_TYPE_PKCS7);
-            #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-            #endif
-            ret = 0; /* success */
-        }
-        break;
-
-        default:
-            WOLFSSL_MSG("PKCS7 kari unknown state");
-            ret = BAD_FUNC_ARG;
-
-    }
-
-    (void)pkiMsg;
-    (void)pkiMsgSz;
-
-    return ret;
-#else
-    (void)in;
-    (void)inSz;
-    (void)pkcs7;
-    (void)idx;
-    (void)decryptedKey;
-    (void)decryptedKeySz;
-    (void)recipFound;
-
-    return NOT_COMPILED_IN;
-#endif /* HAVE_ECC */
-}
-
-
-/* decode ASN.1 RecipientInfos SET, return 0 on success, < 0 on error */
-static int wc_PKCS7_DecryptRecipientInfos(wc_PKCS7* pkcs7, byte* in,
-                            word32  inSz, word32* idx, byte* decryptedKey,
-                            word32* decryptedKeySz, int* recipFound)
-{
-    word32 savedIdx;
-    int version, ret = 0, length;
-    byte* pkiMsg = in;
-    word32 pkiMsgSz = inSz;
-    byte  tag;
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx;
-#endif
-
-    if (pkcs7 == NULL || pkiMsg == NULL || idx == NULL ||
-        decryptedKey == NULL || decryptedKeySz == NULL ||
-        recipFound == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WOLFSSL_ENTER("wc_PKCS7_DecryptRecipientInfos");
-#ifndef NO_PKCS7_STREAM
-    tmpIdx = *idx;
-#endif
-
-    /* check if in the process of decrypting */
-    switch (pkcs7->state) {
-        case WC_PKCS7_DECRYPT_KTRI:
-        case WC_PKCS7_DECRYPT_KTRI_2:
-        case WC_PKCS7_DECRYPT_KTRI_3:
-        #ifndef NO_RSA
-            ret = wc_PKCS7_DecryptKtri(pkcs7, in, inSz, idx,
-                                      decryptedKey, decryptedKeySz, recipFound);
-        #else
-            return NOT_COMPILED_IN;
-        #endif
-            break;
-
-        case WC_PKCS7_DECRYPT_KARI:
-                ret = wc_PKCS7_DecryptKari(pkcs7, in, inSz, idx,
-                                      decryptedKey, decryptedKeySz, recipFound);
-                break;
-
-        case WC_PKCS7_DECRYPT_KEKRI:
-                ret = wc_PKCS7_DecryptKekri(pkcs7, in, inSz, idx,
-                                      decryptedKey, decryptedKeySz, recipFound);
-                break;
-
-        case WC_PKCS7_DECRYPT_PWRI:
-        #if !defined(NO_PWDBASED) && !defined(NO_SHA)
-                ret = wc_PKCS7_DecryptPwri(pkcs7, in, inSz, idx,
-                                      decryptedKey, decryptedKeySz, recipFound);
-                break;
-        #else
-                return NOT_COMPILED_IN;
-        #endif
-
-        case WC_PKCS7_DECRYPT_ORI:
-            ret = wc_PKCS7_DecryptOri(pkcs7, in, inSz, idx,
-                                      decryptedKey, decryptedKeySz, recipFound);
-            break;
-
-        default:
-            /* not in decrypting state */
-            break;
-    }
-
-    if (ret < 0) {
-        return ret;
-    }
-
-    savedIdx = *idx;
-#ifndef NO_PKCS7_STREAM
-    pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-    if (pkcs7->stream->length > 0)
-        pkiMsg = pkcs7->stream->buffer;
-#endif
-
-    /* when looking for next recipient, use first sequence and version to
-     * indicate there is another, if not, move on */
-    while (*recipFound == 0) {
-
-        /* remove RecipientInfo, if we don't have a SEQUENCE, back up idx to
-         * last good saved one */
-        if (GetSequence_ex(pkiMsg, idx, &length, pkiMsgSz, NO_USER_CHECK) > 0) {
-
-        #ifndef NO_RSA
-            /* found ktri */
-            #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-            #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI);
-            ret = wc_PKCS7_DecryptKtri(pkcs7, in, inSz, idx,
-                                      decryptedKey, decryptedKeySz,
-                                      recipFound);
-            if (ret != 0) {
-                if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E) &&
-                        *recipFound == 0) {
-                    continue; /* try next recipient */
-                }
-                else {
-                    return ret; /* found recipient and failed decrypt */
-                }
-            }
-        #else
-            return NOT_COMPILED_IN;
-        #endif
-        }
-        else {
-            word32 localIdx;
-            /* kari is IMPLICIT[1] */
-            *idx = savedIdx;
-            localIdx = *idx;
-
-            if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) != 0) {
-                /* no room for recipient info */
-                break;
-            }
-
-            if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) {
-                (*idx)++;
-                if (GetLength_ex(pkiMsg, idx, &length, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    return ASN_PARSE_E;
-
-                if (GetMyVersion(pkiMsg, idx, &version, pkiMsgSz) < 0) {
-                    *idx = savedIdx;
-                    break;
-                }
-
-                if (version != 3)
-                    return ASN_VERSION_E;
-
-                /* found kari */
-            #ifndef NO_PKCS7_STREAM
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-                }
-            #endif
-                wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KARI);
-                ret = wc_PKCS7_DecryptKari(pkcs7, in, inSz, idx,
-                                          decryptedKey, decryptedKeySz,
-                                          recipFound);
-                if (ret != 0)
-                    return ret;
-
-            /* kekri is IMPLICIT[2] */
-            } else if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2)) {
-                (*idx)++;
-
-                if (GetLength_ex(pkiMsg, idx, &version, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    return ASN_PARSE_E;
-
-                if (GetMyVersion(pkiMsg, idx, &version, pkiMsgSz) < 0) {
-                    *idx = savedIdx;
-                    break;
-                }
-
-                if (version != 4)
-                    return ASN_VERSION_E;
-
-                /* found kekri */
-            #ifndef NO_PKCS7_STREAM
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-                }
-            #endif
-                wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KEKRI);
-                ret = wc_PKCS7_DecryptKekri(pkcs7, in, inSz, idx,
-                                           decryptedKey, decryptedKeySz,
-                                           recipFound);
-                if (ret != 0)
-                    return ret;
-
-            /* pwri is IMPLICIT[3] */
-            } else if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 3)) {
-        #if !defined(NO_PWDBASED) && !defined(NO_SHA)
-                (*idx)++;
-
-                if (GetLength_ex(pkiMsg, idx, &version, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    return ASN_PARSE_E;
-
-                if (GetMyVersion(pkiMsg, idx, &version, pkiMsgSz) < 0) {
-                    *idx = savedIdx;
-                    break;
-                }
-
-                if (version != 0)
-                    return ASN_VERSION_E;
-
-                /* found pwri */
-            #ifndef NO_PKCS7_STREAM
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-                }
-            #endif
-                wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_PWRI);
-                ret = wc_PKCS7_DecryptPwri(pkcs7, in, inSz, idx,
-                                           decryptedKey, decryptedKeySz,
-                                           recipFound);
-                if (ret != 0)
-                    return ret;
-        #else
-                return NOT_COMPILED_IN;
-        #endif
-
-            /* ori is IMPLICIT[4] */
-            } else if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 4)) {
-                (*idx)++;
-
-                /* found ori */
-            #ifndef NO_PKCS7_STREAM
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-                }
-            #endif
-                wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_ORI);
-                ret = wc_PKCS7_DecryptOri(pkcs7, in, inSz, idx,
-                                          decryptedKey, decryptedKeySz,
-                                          recipFound);
-                if (ret != 0)
-                    return ret;
-            }
-            else {
-                /* failed to find RecipientInfo, restore idx and continue */
-                *idx = savedIdx;
-                break;
-            }
-        }
-
-        /* update good idx */
-        savedIdx = *idx;
-    }
-
-    return ret;
-}
-
-
-/* Parse encoded EnvelopedData bundle up to RecipientInfo set.
- *
- * return size of RecipientInfo SET on success, negative upon error */
-static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in,
-                                            word32 inSz, word32* idx,
-                                            int type)
-{
-    int version = 0, length = 0, ret = 0;
-    word32 contentType= 0;
-    word32 pkiMsgSz = inSz;
-    byte*  pkiMsg = in;
-    byte   tag = 0;
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = 0;
-#endif
-
-    if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0 || idx == NULL)
-        return BAD_FUNC_ARG;
-
-    if ((type != ENVELOPED_DATA) && (type != AUTH_ENVELOPED_DATA) &&
-            pkcs7->contentOID != FIRMWARE_PKG_DATA
-        #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
-            && pkcs7->contentOID != COMPRESSED_DATA
-        #endif
-       )
-        return BAD_FUNC_ARG;
-
-#ifndef NO_PKCS7_STREAM
-    if (pkcs7->stream == NULL) {
-        if ((ret = wc_PKCS7_CreateStream(pkcs7)) != 0) {
-            return ret;
-        }
-    }
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_INFOSET_START:
-        case WC_PKCS7_INFOSET_STAGE1:
-        case WC_PKCS7_INFOSET_STAGE2:
-        case WC_PKCS7_INFOSET_END:
-            break;
-
-        default:
-            WOLFSSL_MSG("Warning, setting PKCS7 info state to start");
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_INFOSET_START);
-    }
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_INFOSET_START:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_SEQ_SZ +
-                            ASN_TAG_SZ, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            if ((ret = wc_PKCS7_SetMaxStream(pkcs7, in, inSz)) != 0) {
-                break;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-            /* read past ContentInfo, verify type is envelopedData */
-            if (ret == 0 && GetSequence_ex(pkiMsg, idx, &length, pkiMsgSz,
-                        NO_USER_CHECK) < 0)
-            {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && length == 0 && pkiMsg[(*idx)-1] == 0x80) {
-        #ifdef ASN_BER_TO_DER
-                pkcs7->indefDepth++;
-        #else
-                return BER_INDEF_E;
-        #endif
-            }
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_INFOSET_STAGE1);
-            FALL_THROUGH;
-
-        case WC_PKCS7_INFOSET_STAGE1:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_OID_SZ +
-                            MAX_LENGTH_SZ + ASN_TAG_SZ, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length :inSz;
-        #endif
-            if (pkcs7->contentOID != FIRMWARE_PKG_DATA ||
-                    type == AUTH_ENVELOPED_DATA) {
-                if (ret == 0 && wc_GetContentType(pkiMsg, idx, &contentType,
-                            pkiMsgSz) < 0)
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0) {
-                    if (type == ENVELOPED_DATA && contentType !=
-                            ENVELOPED_DATA) {
-                        WOLFSSL_MSG("PKCS#7 input not of type EnvelopedData");
-                        ret = PKCS7_OID_E;
-                    } else if (type == AUTH_ENVELOPED_DATA &&
-                           contentType != AUTH_ENVELOPED_DATA) {
-                        WOLFSSL_MSG("PKCS#7 input not of type AuthEnvelopedData");
-                        ret = PKCS7_OID_E;
-                    }
-                }
-
-                if (ret == 0 && GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) != 0)
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC
-                            | 0))
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && GetLength_ex(pkiMsg, idx, &length, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
-            }
-
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                    break;
-            }
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_INFOSET_STAGE2);
-            FALL_THROUGH;
-
-        case WC_PKCS7_INFOSET_STAGE2:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_SEQ_SZ +
-                            MAX_VERSION_SZ, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-            /* remove EnvelopedData and version */
-            if (pkcs7->contentOID != FIRMWARE_PKG_DATA ||
-                    type == AUTH_ENVELOPED_DATA) {
-                if (ret == 0 && GetSequence_ex(pkiMsg, idx, &length, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && GetMyVersion(pkiMsg, idx, &version, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-
-            pkcs7->stream->varOne = (word32)version;
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_INFOSET_END);
-            FALL_THROUGH;
-
-        case WC_PKCS7_INFOSET_END:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            MAX_SET_SZ, &pkiMsg, idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-            version = (int)pkcs7->stream->varOne;
-        #endif
-
-            if (type == ENVELOPED_DATA) {
-                /* TODO :: make this more accurate */
-                if ((pkcs7->publicKeyOID == RSAk &&
-                     (version != 0 && version != 2))
-                #ifdef HAVE_ECC
-                        || (pkcs7->publicKeyOID == ECDSAk &&
-                            (version != 0 && version != 2 && version != 3))
-                #endif
-                        ) {
-                    WOLFSSL_MSG("PKCS#7 envelopedData version incorrect");
-                    ret = ASN_VERSION_E;
-                }
-            } else {
-                /* AuthEnvelopedData version MUST be 0 */
-                if (version != 0) {
-                    WOLFSSL_MSG(
-                           "PKCS#7 AuthEnvelopedData needs to be of version 0");
-                    ret = ASN_VERSION_E;
-                }
-            }
-
-            /* remove RecipientInfo set, get length of set */
-            if (ret == 0 && GetSet_ex(pkiMsg, idx, &length, pkiMsgSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->expected = (word32)length;
-
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
-                break;
-            }
-
-            /* update the stored max length */
-            if (pkcs7->stream->totalRd + pkcs7->stream->expected >
-                    pkcs7->stream->maxLen) {
-                pkcs7->stream->maxLen = pkcs7->stream->totalRd +
-                    pkcs7->stream->expected;
-            }
-        #endif
-
-            if (ret == 0)
-                ret = length;
-
-            break;
-
-        default:
-            WOLFSSL_MSG("Bad PKCS7 info set state");
-            ret = BAD_FUNC_ARG;
-            break;
-    }
-
-    return ret;
-}
-
-
-/* Import secret/private key into a PKCS7 structure. Used for setting
- * the secret key for decryption a EnvelopedData KEKRI RecipientInfo.
- *
- * Returns 0 on success, negative upon error */
-int wc_PKCS7_SetKey(wc_PKCS7* pkcs7, byte* key, word32 keySz)
-{
-    if (pkcs7 == NULL || key == NULL || keySz == 0)
-        return BAD_FUNC_ARG;
-
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = keySz;
-
-    return 0;
-}
-
-
-#if 0
-/* append data to encrypted content cache in PKCS7 structure
- * return 0 on success, negative on error */
-static int PKCS7_CacheEncryptedContent(wc_PKCS7* pkcs7, byte* in, word32 inSz)
-{
-    byte* oldCache;
-    word32 oldCacheSz;
-
-    if (pkcs7 == NULL || in == NULL)
-        return BAD_FUNC_ARG;
-
-    /* save pointer to old cache */
-    oldCache = pkcs7->cachedEncryptedContent;
-    oldCacheSz = pkcs7->cachedEncryptedContentSz;
-
-    /* re-allocate new buffer to fit appended data */
-    pkcs7->cachedEncryptedContent = (byte*)XMALLOC(oldCacheSz + inSz,
-            pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (pkcs7->cachedEncryptedContent == NULL) {
-        pkcs7->cachedEncryptedContentSz = 0;
-        XFREE(oldCache, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    if (oldCache != NULL) {
-        XMEMCPY(pkcs7->cachedEncryptedContent, oldCache, oldCacheSz);
-    }
-    XMEMCPY(pkcs7->cachedEncryptedContent + oldCacheSz, in, inSz);
-    pkcs7->cachedEncryptedContentSz += inSz;
-
-    XFREE(oldCache, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    return 0;
-}
-#endif
-
-
-/* unwrap and decrypt PKCS#7 envelopedData object, return decoded size */
-int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
-                                         word32 inSz, byte* output,
-                                         word32 outputSz)
-{
-    int recipFound = 0;
-    int ret, length = 0;
-    word32 idx = 0;
-    word32 tmpIdx = 0;
-    word32 recipientSetSz = 0;
-    word32 contentType = 0, encOID = 0;
-    word32 decryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-
-    int expBlockSz = 0, blockKeySz = 0;
-    byte  tmpIvBuf[MAX_CONTENT_IV_SIZE];
-    byte* tmpIv = tmpIvBuf;
-
-    byte* pkiMsg    = in;
-    word32 pkiMsgSz = inSz;
-    byte* decryptedKey = NULL;
-    int encryptedContentTotalSz = 0;
-    int encryptedContentSz = 0;
-    byte padLen;
-    byte* encryptedContent = NULL;
-    int explicitOctet = 0;
-    word32 localIdx = 0;
-    byte   tag = 0;
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    if (pkiMsg == NULL || pkiMsgSz == 0)
-        return BAD_FUNC_ARG;
-
-    if ((output == NULL || outputSz == 0)
-    #ifdef ASN_BER_TO_DER
-        && pkcs7->streamOutCb == NULL
-    #endif
-    ) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef NO_PKCS7_STREAM
-    (void)tmpIv; /* help out static analysis */
-    if (pkcs7->stream == NULL) {
-        if ((ret = wc_PKCS7_CreateStream(pkcs7)) != 0) {
-            return ret;
-        }
-    }
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_START:
-        case WC_PKCS7_INFOSET_START:
-        case WC_PKCS7_INFOSET_STAGE1:
-        case WC_PKCS7_INFOSET_STAGE2:
-        case WC_PKCS7_INFOSET_END:
-            ret = wc_PKCS7_ParseToRecipientInfoSet(pkcs7, pkiMsg, pkiMsgSz,
-                    &idx, ENVELOPED_DATA);
-            if (ret < 0) {
-                break;
-            }
-
-            decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
-                                                       DYNAMIC_TYPE_PKCS7);
-            if (decryptedKey == NULL)
-                return MEMORY_E;
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_2);
-            tmpIdx = idx;
-            recipientSetSz = (word32)ret;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->aad = decryptedKey;
-            /* get the full recipient set */
-            pkcs7->stream->expected     = recipientSetSz;
-            pkcs7->stream->recipientSz  = ret;
-        #endif
-            FALL_THROUGH;
-
-        case WC_PKCS7_ENV_2:
-        #ifndef NO_PKCS7_STREAM
-            /* store up enough buffer for initial info set decode */
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                    pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-        #endif
-            FALL_THROUGH;
-
-        case WC_PKCS7_DECRYPT_KTRI:
-        case WC_PKCS7_DECRYPT_KTRI_2:
-        case WC_PKCS7_DECRYPT_KTRI_3:
-        case WC_PKCS7_DECRYPT_KARI:
-        case WC_PKCS7_DECRYPT_KEKRI:
-        case WC_PKCS7_DECRYPT_PWRI:
-        case WC_PKCS7_DECRYPT_ORI:
-        #ifndef NO_PKCS7_STREAM
-            decryptedKey   = pkcs7->stream->aad;
-            decryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-            tmpIdx = idx;
-        #endif
-            ret = wc_PKCS7_DecryptRecipientInfos(pkcs7, in, inSz, &idx,
-                                        decryptedKey, &decryptedKeySz,
-                                        &recipFound);
-            if (ret == 0 && recipFound == 0) {
-                WOLFSSL_MSG(
-                      "No recipient found in envelopedData that matches input");
-                ret = PKCS7_RECIP_E;
-            }
-
-            if (ret != 0)
-                break;
-        #ifndef NO_PKCS7_STREAM
-            /* advance idx past recipient info set if not all recipients
-             * parsed */
-            if (pkcs7->stream->totalRd < ((word32)pkcs7->stream->recipientSz +
-                    tmpIdx)) {
-                idx = tmpIdx + (word32)pkcs7->stream->recipientSz;
-
-                /* process additional recipients as read */
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                    break;
-                }
-            }
-
-            tmpIdx               = idx;
-            pkcs7->stream->aadSz = decryptedKeySz;
-            pkcs7->stream->expected = MAX_LENGTH_SZ + MAX_VERSION_SZ +
-                ASN_TAG_SZ + MAX_LENGTH_SZ;
-        #else
-            idx = tmpIdx + recipientSetSz;
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_3);
-            FALL_THROUGH;
-
-        case WC_PKCS7_ENV_3:
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                    pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #else
-            ret = 0;
-        #endif
-
-            /* remove EncryptedContentInfo */
-            if (GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                        NO_USER_CHECK) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            if (length == 0) {
-                /* if indefinite length, assume worst case size
-                 * - Content Type OID + tag/length
-                 * - Algorithm ID structure (OID + parameters)
-                 * - Version
-                 */
-                pkcs7->stream->expected = MAX_SEQ_SZ +    /* outer sequence */
-                                          MAX_OID_SZ +    /* content type OID */
-                                          MAX_ALGO_SZ +   /* algo identifier */
-                                          MAX_VERSION_SZ +/* version */
-                                          ASN_TAG_SZ +    /* tag */
-                                          MAX_LENGTH_SZ;  /* length */
-            }
-            else {
-                /* revize expected size if known */
-                pkcs7->stream->expected = (word32)length + ASN_TAG_SZ;
-            }
-
-            /* Did we get enough for the expected length? */
-            if (pkcs7->stream->expected > pkiMsgSz) {
-                localIdx = idx;
-                if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                        pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                    return ret;
-                }
-                pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
-                                                        inSz;
-                if (pkcs7->stream->length > 0) {
-                    idx = localIdx; /* account for byte used with seq read */
-                }
-            }
-        #endif
-
-            if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType,
-                        pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0) {
-                pkcs7->contentOID = (int)contentType;
-            }
-
-            if (ret == 0 && GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType,
-                        pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            blockKeySz = wc_PKCS7_GetOIDKeySize((int)encOID);
-            if (ret == 0 && blockKeySz < 0) {
-                ret = blockKeySz;
-            }
-
-            expBlockSz = wc_PKCS7_GetOIDBlockSize((int)encOID);
-            if (ret == 0 && expBlockSz < 0) {
-                ret = expBlockSz;
-            }
-
-            /* get block cipher IV, stored in OPTIONAL parameter of AlgoID */
-            if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) != 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && tag != ASN_OCTET_STRING) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                        NO_USER_CHECK) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && length != expBlockSz) {
-                WOLFSSL_MSG(
-                      "Incorrect IV length, must be of content alg block size");
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret != 0)
-                break;
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, length);
-            pkcs7->stream->contentSz = (word32)blockKeySz;
-            pkcs7->stream->expected = (word32)length + MAX_LENGTH_SZ +
-                MAX_LENGTH_SZ + ASN_TAG_SZ + ASN_TAG_SZ;
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_4);
-            FALL_THROUGH;
-
-        case WC_PKCS7_ENV_4:
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            wc_PKCS7_StreamGetVar(pkcs7, 0, 0, &length);
-            tmpIv = pkcs7->stream->tmpIv;
-            if (tmpIv == NULL) {
-                /* check added to help out static analysis tool */
-                ret = MEMORY_E;
-                break;
-            }
-        #else
-            ret = 0;
-        #endif
-
-            XMEMCPY(tmpIv, &pkiMsg[idx], (word32)length);
-            idx += (word32)length;
-
-            explicitOctet = 0;
-            localIdx = idx;
-            if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 &&
-                    tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) {
-                explicitOctet = 1;
-            }
-
-            /* read encryptedContent, cont[0] */
-            if (tag != (ASN_CONTEXT_SPECIFIC | 0) &&
-                          tag != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) {
-                ret = ASN_PARSE_E;
-            }
-            idx++;
-
-            if (ret == 0 && GetLength_ex(pkiMsg, &idx, &encryptedContentTotalSz,
-                                                            pkiMsgSz, 0) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret != 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-            pkcs7->stream->expected = (word32)encryptedContentTotalSz;
-            if (explicitOctet) {
-                pkcs7->stream->expected = MAX_OCTET_STR_SZ;
-            }
-            wc_PKCS7_StreamGetVar(pkcs7, &encOID, &expBlockSz, 0);
-            wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet);
-
-            if (explicitOctet) {
-                /* initialize decryption state in preparation */
-                if (pkcs7->decryptionCb == NULL) {
-                    ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID,
-                        pkcs7->stream->aad, pkcs7->stream->aadSz,
-                        pkcs7->stream->tmpIv, expBlockSz,
-                        pkcs7->devId, pkcs7->heap);
-                    if (ret != 0)
-                        break;
-                }
-            }
-
-        #endif
-            pkcs7->totalEncryptedContentSz = 0;
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_5);
-            FALL_THROUGH;
-
-        case WC_PKCS7_ENV_5:
-
-        #ifndef NO_PKCS7_STREAM
-
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-                    wc_PKCS7_StreamGetVar(pkcs7, &encOID, NULL, NULL);
-                    wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap);
-                }
-                return ret;
-            }
-
-            wc_PKCS7_StreamGetVar(pkcs7, &encOID, &expBlockSz, &explicitOctet);
-            tmpIv = pkcs7->stream->tmpIv;
-            encryptedContentTotalSz = (int)pkcs7->stream->expected;
-
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            /* restore decrypted key */
-            decryptedKey   = pkcs7->stream->aad;
-            decryptedKeySz = pkcs7->stream->aadSz;
-            blockKeySz = (int)pkcs7->stream->contentSz;
-        #else
-            ret = 0;
-        #endif
-
-            if (explicitOctet) {
-                /* encrypted content may be fragmented into multiple
-                 * consecutive OCTET STRINGs, if so loop through
-                 * decrypting and outputting or caching contents until the indef
-                 * ending tag is found */
-
-                while (1) {
-                    encryptedContentSz = 0;
-                    if (pkiMsgSz <= localIdx + MAX_OCTET_STR_SZ) {
-                    #ifndef NO_PKCS7_STREAM
-                        /* ran out of data to parse */
-                        if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                            break;
-                        }
-                        pkiMsgSz = (pkcs7->stream->length > 0) ?
-                            pkcs7->stream->length : inSz;
-                    #else
-                        ret = BUFFER_E;
-                    #endif
-                    }
-
-                    localIdx = idx;
-                    if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0) {
-                        ret = ASN_PARSE_E;
-                    }
-
-                    if (ret == 0 && (tag != ASN_OCTET_STRING)) {
-                        ret = ASN_PARSE_E;
-                    }
-
-                    if (ret == 0 && GetLength_ex(pkiMsg, &localIdx,
-                                &encryptedContentSz, pkiMsgSz, 0) <= 0) {
-                        ret = ASN_PARSE_E;
-                    }
-                #ifndef NO_PKCS7_STREAM
-                    if (ret == 0) {
-                        /* always try to get 2 extra bytes to catch indef ending */
-                        pkcs7->stream->expected = (word32)encryptedContentSz +
-                            (localIdx - idx) + ASN_INDEF_END_SZ;
-                    }
-                #endif
-
-                    if (ret == 0 &&
-                         pkcs7->cachedEncryptedContentSz <
-                         (word32)encryptedContentSz) {
-                        if (pkcs7->cachedEncryptedContent != NULL) {
-                            XFREE(pkcs7->cachedEncryptedContent, pkcs7->heap,
-                                DYNAMIC_TYPE_PKCS7);
-                        }
-                        pkcs7->cachedEncryptedContent = (byte*)XMALLOC(
-                            (word32)encryptedContentSz, pkcs7->heap,
-                            DYNAMIC_TYPE_PKCS7);
-                        if (pkcs7->cachedEncryptedContent == NULL) {
-                            ret = MEMORY_E;
-                        }
-                    }
-                    pkcs7->cachedEncryptedContentSz =
-                        (word32)encryptedContentSz;
-
-                    /* sanity check that the buffer has all of the data */
-                    if (ret == 0 && (localIdx + (word32)encryptedContentSz) >
-                            pkiMsgSz) {
-                    #ifndef NO_PKCS7_STREAM
-                        word32 ofsetIdx = localIdx - idx;
-                        if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &localIdx))
-                                != 0) {
-                            return ret;
-                        }
-                        localIdx += ofsetIdx;
-                        pkiMsgSz = (pkcs7->stream->length > 0)?
-                            pkcs7->stream->length: inSz;
-                    #else
-                        ret = BUFFER_E;
-                    #endif
-                    }
-
-                    /* Use callback for decryption still, if set */
-                    if (ret == 0 && pkcs7->decryptionCb != NULL) {
-                        ret = pkcs7->decryptionCb(pkcs7, (int)encOID, tmpIv,
-                            expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx],
-                            encryptedContentSz, pkcs7->cachedEncryptedContent,
-                            pkcs7->decryptionCtx);
-                    }
-
-                    if (ret == 0) {
-                        ret = wc_PKCS7_DecryptContentEx(pkcs7, encOID,
-                            tmpIv, expBlockSz, NULL, 0, NULL, 0,
-                            &pkiMsg[localIdx], encryptedContentSz,
-                            pkcs7->cachedEncryptedContent);
-                    }
-
-                #ifndef NO_PKCS7_STREAM
-                    if (ret != 0) {
-                        if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-                            wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx);
-                        }
-                        break;
-                    }
-                #endif
-
-                    /* advance idx past encrypted content */
-                    localIdx += (word32)encryptedContentSz;
-
-                    /* keep track of total encrypted content size */
-                    pkcs7->totalEncryptedContentSz +=
-                        (word32)encryptedContentSz;
-
-                    if (localIdx + ASN_INDEF_END_SZ <= pkiMsgSz) {
-                        if (pkiMsg[localIdx] == ASN_EOC &&
-                                pkiMsg[localIdx+1] == ASN_EOC) {
-                            /* found the end of encrypted content */
-                            localIdx += ASN_INDEF_END_SZ;
-                            break;
-                        }
-                    }
-                #ifndef NO_PKCS7_STREAM
-                    pkcs7->stream->expected = MAX_OCTET_STR_SZ;
-                    if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx,
-                            &localIdx)) != 0) {
-                        break;
-                    }
-                #endif
-
-                    /* save last decrypted string to handle padding (this output
-                     * flush happens outside of the while loop in the case that
-                     * the indef end was found) */
-                    if (ret == 0) {
-                    #ifdef ASN_BER_TO_DER
-                        if (pkcs7->streamOutCb) {
-                            ret = pkcs7->streamOutCb(pkcs7,
-                                pkcs7->cachedEncryptedContent,
-                                (word32)encryptedContentSz, pkcs7->streamCtx);
-                        }
-                    #endif /* ASN_BER_TO_DER */
-                    }
-
-                    idx = localIdx;
-                }
-
-                if (ret != 0) {
-                    if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-                        /* free up in an error case if not looking for more
-                         * data */
-                        wc_PKCS7_DecryptContentFree(pkcs7, encOID,
-                            pkcs7->heap);
-                    }
-                    break;
-                }
-                wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap);
-            } else {
-                pkcs7->cachedEncryptedContentSz =
-                    (word32)encryptedContentTotalSz;
-                pkcs7->totalEncryptedContentSz =
-                    (word32)encryptedContentTotalSz;
-                pkcs7->cachedEncryptedContent = (byte*)XMALLOC(
-                        pkcs7->cachedEncryptedContentSz, pkcs7->heap,
-                    DYNAMIC_TYPE_PKCS7);
-
-                /* decrypt encryptedContent */
-                ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey,
-                        (word32)blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0,
-                        &pkiMsg[idx], encryptedContentTotalSz,
-                        pkcs7->cachedEncryptedContent,
-                        pkcs7->devId, pkcs7->heap);
-                if (ret != 0) {
-                    break;
-                }
-
-                idx += (word32)encryptedContentTotalSz;
-            }
-
-            /* use cached content */
-            encryptedContent = pkcs7->cachedEncryptedContent;
-            encryptedContentSz = (int)pkcs7->cachedEncryptedContentSz;
-            padLen = encryptedContent[encryptedContentSz-1];
-
-            /* copy plaintext to output */
-            if (padLen > encryptedContentSz) {
-                ret = BUFFER_E;
-                break;
-            }
-
-        #ifdef ASN_BER_TO_DER
-            if (pkcs7->streamOutCb) {
-                ret = pkcs7->streamOutCb(pkcs7, encryptedContent,
-                                (word32)encryptedContentSz - padLen,
-                                pkcs7->streamCtx);
-                if (ret != 0) {
-                    WOLFSSL_MSG("Stream out callback returned failure");
-                    ret = BUFFER_E;
-                    break;
-                }
-            }
-            else
-        #endif /* ASN_BER_TO_DER */
-            {
-                if (output == NULL || (word32)(encryptedContentSz - padLen) >
-                        outputSz) {
-                    ret = BUFFER_E;
-                    break;
-                }
-                XMEMCPY(output, encryptedContent,
-                                           (word32)encryptedContentSz - padLen);
-            }
-
-            /* free memory, zero out keys */
-            ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ);
-            XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            if (pkcs7->cachedEncryptedContent != NULL) {
-                XFREE(pkcs7->cachedEncryptedContent, pkcs7->heap,
-                      DYNAMIC_TYPE_PKCS7);
-                pkcs7->cachedEncryptedContent = NULL;
-                pkcs7->cachedEncryptedContentSz = 0;
-            }
-
-            ret = (int)pkcs7->totalEncryptedContentSz - padLen;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->aad = NULL;
-            pkcs7->stream->aadSz = 0;
-            wc_PKCS7_ResetStream(pkcs7);
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-            break;
-
-        default:
-            WOLFSSL_MSG("PKCS#7 unknown decode enveloped state");
-            ret = BAD_FUNC_ARG;
-    }
-
-#ifndef NO_PKCS7_STREAM
-    if (ret < 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-        wc_PKCS7_ResetStream(pkcs7);
-        wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-        if (pkcs7->cachedEncryptedContent != NULL) {
-            XFREE(pkcs7->cachedEncryptedContent, pkcs7->heap,
-                  DYNAMIC_TYPE_PKCS7);
-            pkcs7->cachedEncryptedContent = NULL;
-            pkcs7->cachedEncryptedContentSz = 0;
-        }
-    }
-#else
-    if (decryptedKey != NULL && ret < 0) {
-        ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ);
-        XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    }
-    if (pkcs7->cachedEncryptedContent != NULL && ret < 0) {
-        XFREE(pkcs7->cachedEncryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        pkcs7->cachedEncryptedContent = NULL;
-        pkcs7->cachedEncryptedContentSz = 0;
-    }
-#endif
-    return ret;
-}
-
-
-int wc_PKCS7_GetEnvelopedDataKariRid(const byte * in, word32 inSz,
-        byte * out, word32 * outSz)
-{
-    int ret = 0;
-    word32 idx = 0;
-    int length = 0;
-    word32 contentType = 0;
-    word32 ridIdx = 0;
-    byte ridTag = 0;
-
-    if (in == NULL || inSz == 0 || out == NULL || outSz == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Consume ContentInfo SEQUENCE header. */
-    else if (GetSequence(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Validate the EnvelopedData OBJECT IDENTIFIER. */
-    else if (wc_GetContentType(in, &idx, &contentType, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    else if (contentType != ENVELOPED_DATA) {
-        WOLFSSL_MSG("PKCS#7 input not of type EnvelopedData");
-        ret = PKCS7_OID_E;
-    }
-    /* Consume EXPLICIT content [0] header. */
-    else if (GetASNHeader(in, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED, &idx,
-                &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume EnvelopedData SEQUENCE header. */
-    else if (GetSequence(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume version. */
-    else if (GetMyVersion(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume originatorInfo if present. */
-    else if (GetASNHeader(in, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED, &idx,
-                &length, inSz) >= 0) {
-        idx += (word32)length;
-    }
-    /* Consume recipientInfos SET OF header. */
-    if (ret == 0 && GetSet(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume kari [1] header. */
-    if (ret == 0 && GetASNHeader(in, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1,
-                &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume KARI version. */
-    if (ret == 0 && GetMyVersion(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume KARI originator [0] header. */
-    if (ret == 0 && GetASNHeader(in, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED,
-                &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Skip originator [0] content. */
-    if (ret == 0)
-        idx += (word32)length;
-    /* Consume KARI ukm [1] if present. */
-    if (ret == 0 && GetASNHeader(in, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1,
-                &idx, &length, inSz) >= 0) {
-        idx += (word32) length;
-    }
-    /* Consume KARI keyEncryptionAlgorithm. */
-    if (ret == 0 && GetSequence(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Skip keyEncryptionAlgorithm content. */
-    if (ret == 0)
-        idx += (word32)length;
-    /* Consume RecipientEncryptedKeys SEQUENCE OF header. */
-    if (ret == 0 && GetSequence(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume RecipientEncryptedKey SEQUENCE header. */
-    if (ret == 0 && GetSequence(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    if (ret == 0)
-        ridIdx = idx;
-    /* Consume KeyAgreeRecipientIdentifier tag. */
-    if (ret == 0 && GetASNTag(in, &idx, &ridTag, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Consume KeyAgreeRecipientIdentifier length. */
-    if (ret == 0 && GetLength(in, &idx, &length, inSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    if (ret == 0) {
-        word32 ridSz = (idx + (word32)length) - ridIdx;
-        if (ridSz > *outSz) {
-            /* Not enough room in output buffer. */
-            ret = BUFFER_E;
-        }
-        else {
-            /* Copy KeyAgreeRecipientIdentifier to output buffer. */
-            XMEMCPY(out, &in[ridIdx], ridSz);
-            *outSz = ridSz;
-        }
-    }
-    return ret;
-}
-
-
-/* build PKCS#7 authEnvelopedData content type, return enveloped size */
-int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output,
-                                     word32 outputSz)
-{
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-    int ret, idx = 0;
-    int totalSz, encryptedAllocSz, encryptedOutSz;
-
-    int contentInfoSeqSz, outerContentTypeSz, outerContentSz;
-    byte contentInfoSeq[MAX_SEQ_SZ];
-    byte outerContentType[MAX_ALGO_SZ];
-    byte outerContent[MAX_SEQ_SZ];
-
-    int envDataSeqSz, verSz;
-    byte envDataSeq[MAX_SEQ_SZ];
-    byte ver[MAX_VERSION_SZ];
-
-    WC_RNG rng;
-    int blockSz, blockKeySz;
-    byte* plain;
-    byte* encryptedContent;
-
-    Pkcs7EncodedRecip* tmpRecip = NULL;
-    int recipSz, recipSetSz;
-    byte recipSet[MAX_SET_SZ];
-
-    int encContentOctetSz, encContentSeqSz, contentTypeSz;
-    int contentEncAlgoSz, nonceOctetStringSz, macOctetStringSz;
-    byte encContentSeq[MAX_SEQ_SZ];
-    byte contentType[MAX_ALGO_SZ];
-    byte contentEncAlgo[MAX_ALGO_SZ];
-    byte nonceOctetString[MAX_OCTET_STR_SZ];
-    byte encContentOctet[MAX_OCTET_STR_SZ];
-    byte macOctetString[MAX_OCTET_STR_SZ];
-
-    byte authTag[WC_AES_BLOCK_SIZE];
-    byte nonce[GCM_NONCE_MID_SZ];   /* GCM nonce is larger than CCM */
-    byte macInt[MAX_VERSION_SZ];
-    byte algoParamSeq[MAX_SEQ_SZ];
-    word32 nonceSz = 0, macIntSz = 0, algoParamSeqSz = 0;
-
-    /* authAttribs */
-    byte* flatAuthAttribs = NULL;
-    byte authAttribSet[MAX_SET_SZ];
-    EncodedAttrib authAttribs[MAX_AUTH_ATTRIBS_SZ];
-    word32 authAttribsSz = 0, authAttribsCount = 0;
-    word32 authAttribsSetSz = 0;
-
-    byte* aadBuffer = NULL;
-    word32 aadBufferSz = 0;
-    byte authAttribAadSet[MAX_SET_SZ];
-    word32 authAttribsAadSetSz = 0;
-
-    /* unauthAttribs */
-    byte* flatUnauthAttribs = NULL;
-    byte unauthAttribSet[MAX_SET_SZ];
-    EncodedAttrib unauthAttribs[MAX_UNAUTH_ATTRIBS_SZ];
-    word32 unauthAttribsSz = 0, unauthAttribsCount = 0;
-    word32 unauthAttribsSetSz = 0;
-
-
-    PKCS7Attrib contentTypeAttrib;
-    byte contentTypeValue[MAX_OID_SZ];
-    /* contentType OID (1.2.840.113549.1.9.3) */
-    const byte contentTypeOid[] =
-            { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01,
-                             0x09, 0x03 };
-    if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0)
-        return BAD_FUNC_ARG;
-
-    if (output == NULL || outputSz == 0)
-        return BAD_FUNC_ARG;
-
-    switch (pkcs7->encryptOID) {
-#ifdef HAVE_AESGCM
-    #ifdef WOLFSSL_AES_128
-        case AES128GCMb:
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192GCMb:
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256GCMb:
-            break;
-    #endif
-#endif
-#ifdef HAVE_AESCCM
-    #ifdef WOLFSSL_AES_128
-        case AES128CCMb:
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192CCMb:
-            break;
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256CCMb:
-            break;
-    #endif
-#endif
-        default:
-            WOLFSSL_MSG("CMS AuthEnvelopedData must use AES-GCM or AES-CCM");
-            return BAD_FUNC_ARG;
-    }
-
-    blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID);
-    if (blockKeySz < 0)
-        return blockKeySz;
-
-    blockSz = wc_PKCS7_GetOIDBlockSize(pkcs7->encryptOID);
-    if (blockSz < 0)
-        return blockSz;
-
-    /* outer content type */
-    ret = wc_SetContentType(AUTH_ENVELOPED_DATA, outerContentType,
-                            sizeof(outerContentType));
-    if (ret < 0)
-        return ret;
-
-    outerContentTypeSz = ret;
-
-    /* version, defined as 0 in RFC 5083 */
-    verSz = SetMyVersion(0, ver, 0);
-
-    /* generate random content encryption key */
-    ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz);
-    if (ret != 0) {
-        return ret;
-    }
-
-    /* build RecipientInfo, only if user manually set singleCert and size */
-    if (pkcs7->singleCert != NULL && pkcs7->singleCertSz > 0) {
-        switch (pkcs7->publicKeyOID) {
-        #ifndef NO_RSA
-            case RSAk:
-                ret = wc_PKCS7_AddRecipient_KTRI(pkcs7, pkcs7->singleCert,
-                                                 pkcs7->singleCertSz, 0);
-                break;
-        #endif
-        #ifdef HAVE_ECC
-            case ECDSAk:
-                ret = wc_PKCS7_AddRecipient_KARI(pkcs7, pkcs7->singleCert,
-                                                 pkcs7->singleCertSz,
-                                                 pkcs7->keyWrapOID,
-                                                 pkcs7->keyAgreeOID, pkcs7->ukm,
-                                                 pkcs7->ukmSz, 0);
-                break;
-        #endif
-
-            default:
-                WOLFSSL_MSG("Unsupported RecipientInfo public key type");
-                return BAD_FUNC_ARG;
-        };
-
-        if (ret < 0) {
-            WOLFSSL_MSG("Failed to create RecipientInfo");
-            return ret;
-        }
-    }
-
-    recipSz = wc_PKCS7_GetRecipientListSize(pkcs7);
-    if (recipSz < 0) {
-        return ret;
-
-    } else if (recipSz == 0) {
-        WOLFSSL_MSG("You must add at least one CMS recipient");
-        return PKCS7_RECIP_E;
-    }
-    recipSetSz = (int)SetSet((word32)recipSz, recipSet);
-
-    /* generate random nonce and IV for encryption */
-    switch (pkcs7->encryptOID) {
-#ifdef HAVE_AESGCM
-    #ifdef WOLFSSL_AES_128
-        case AES128GCMb:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192GCMb:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256GCMb:
-    #endif
-    #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-        defined(WOLFSSL_AES_256)
-            /* GCM nonce is GCM_NONCE_MID_SZ (12) */
-            nonceSz = GCM_NONCE_MID_SZ;
-            break;
-    #endif
-#endif /* HAVE_AESGCM */
-#ifdef HAVE_AESCCM
-    #ifdef WOLFSSL_AES_128
-        case AES128CCMb:
-    #endif
-    #ifdef WOLFSSL_AES_192
-        case AES192CCMb:
-    #endif
-    #ifdef WOLFSSL_AES_256
-        case AES256CCMb:
-    #endif
-    #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \
-        defined(WOLFSSL_AES_256)
-            /* CCM nonce is CCM_NONCE_MIN_SZ (7) */
-            nonceSz = CCM_NONCE_MIN_SZ;
-            break;
-    #endif
-#endif /* HAVE_AESCCM */
-    }
-
-    ret = wc_InitRng_ex(&rng, pkcs7->heap, pkcs7->devId);
-    if (ret != 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return ret;
-    }
-
-    ret = wc_PKCS7_GenerateBlock(pkcs7, &rng, nonce, nonceSz);
-    wc_FreeRng(&rng);
-    if (ret != 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        return ret;
-    }
-
-
-    /* authAttribs: add contentType attrib if needed */
-    if (pkcs7->contentOID != DATA) {
-
-        XMEMSET(&contentTypeAttrib, 0, sizeof contentTypeAttrib);
-
-        /* if type is not id-data, contentType attribute MUST be added */
-        contentTypeAttrib.oid = contentTypeOid;
-        contentTypeAttrib.oidSz = sizeof(contentTypeOid);
-
-        /* try to set from contentOID first, known types */
-        ret = wc_SetContentType(pkcs7->contentOID, contentTypeValue,
-                                sizeof(contentTypeValue));
-        if (ret > 0) {
-            contentTypeAttrib.value = contentTypeValue;
-            contentTypeAttrib.valueSz = (word32)ret;
-
-        /* otherwise, try to set from custom content type */
-        } else {
-            if (pkcs7->contentTypeSz == 0) {
-                WOLFSSL_MSG("CMS pkcs7->contentType must be set if "
-                            "contentOID is not");
-                wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-                return BAD_FUNC_ARG;
-            }
-            contentTypeAttrib.value = pkcs7->contentType;
-            contentTypeAttrib.valueSz = pkcs7->contentTypeSz;
-        }
-
-        authAttribsSz += (word32)EncodeAttributes(authAttribs, 1,
-                                                         &contentTypeAttrib, 1);
-        authAttribsCount += 1;
-    }
-
-    /* authAttribs: add in user authenticated attributes */
-    if (pkcs7->authAttribs != NULL && pkcs7->authAttribsSz > 0) {
-        authAttribsSz += (word32)EncodeAttributes(
-                                 authAttribs + authAttribsCount,
-                                 (int)(MAX_AUTH_ATTRIBS_SZ - authAttribsCount),
-                                 pkcs7->authAttribs,
-                                 (int)pkcs7->authAttribsSz);
-        authAttribsCount += pkcs7->authAttribsSz;
-    }
-
-    /* authAttribs: flatten authAttribs */
-    if (authAttribsSz > 0 && authAttribsCount > 0) {
-        flatAuthAttribs = (byte*)XMALLOC(authAttribsSz, pkcs7->heap,
-                                         DYNAMIC_TYPE_PKCS7);
-        if (flatAuthAttribs == NULL) {
-            wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-            return MEMORY_E;
-        }
-
-        ret = FlattenAttributes(pkcs7, flatAuthAttribs, authAttribs,
-                          (int)authAttribsCount);
-        if (ret != 0) {
-            wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-            XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return ret;
-        }
-
-        authAttribsSetSz = SetImplicit(ASN_SET, 1, authAttribsSz,
-                                       authAttribSet, 0);
-
-        /* From RFC5083, "For the purpose of constructing the AAD, the
-         * IMPLICIT [1] tag in the authAttrs field is not used for the
-         * DER encoding: rather a universal SET OF tag is used. */
-        authAttribsAadSetSz = SetSet(authAttribsSz, authAttribAadSet);
-
-        /* allocate temp buffer to hold alternate attrib encoding for aad */
-        aadBuffer = (byte*)XMALLOC(authAttribsSz + authAttribsAadSetSz,
-                                   pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (aadBuffer == NULL) {
-            wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-            XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return MEMORY_E;
-        }
-
-        /* build up alternate attrib encoding for aad */
-        aadBufferSz = 0;
-        XMEMCPY(aadBuffer + aadBufferSz, authAttribAadSet, authAttribsAadSetSz);
-        aadBufferSz += authAttribsAadSetSz;
-        XMEMCPY(aadBuffer + aadBufferSz, flatAuthAttribs, authAttribsSz);
-        aadBufferSz += authAttribsSz;
-    }
-
-    /* build up unauthenticated attributes (unauthAttrs) */
-    if (pkcs7->unauthAttribsSz > 0) {
-        unauthAttribsSz = (word32)EncodeAttributes(
-                              unauthAttribs + unauthAttribsCount,
-                              (int)(MAX_UNAUTH_ATTRIBS_SZ - unauthAttribsCount),
-                              pkcs7->unauthAttribs,
-                              (int)pkcs7->unauthAttribsSz);
-        unauthAttribsCount = pkcs7->unauthAttribsSz;
-
-        if (unauthAttribsSz > 0) {
-            flatUnauthAttribs = (byte*)XMALLOC(unauthAttribsSz, pkcs7->heap,
-                                               DYNAMIC_TYPE_PKCS7);
-            if (flatUnauthAttribs == NULL) {
-                wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-                XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return MEMORY_E;
-            }
-
-            FlattenAttributes(pkcs7, flatUnauthAttribs, unauthAttribs,
-                              (int)unauthAttribsCount);
-        }
-
-        unauthAttribsSetSz = SetImplicit(ASN_SET, 2, unauthAttribsSz,
-                                         unauthAttribSet, 0);
-    }
-
-    /* AES-GCM/CCM does NOT require padding for plaintext content or
-     * AAD inputs RFC 5084 section 3.1 and 3.2, but we must alloc
-     * full blocks to ensure crypto only gets full blocks */
-    encryptedOutSz = (int)pkcs7->contentSz;
-    encryptedAllocSz = (encryptedOutSz % blockSz) ?
-                           encryptedOutSz + blockSz -
-                           (encryptedOutSz % blockSz) :
-                           encryptedOutSz;
-
-    /* Copy content to plain buffer (zero-padded) to encrypt in full,
-     * contiguous blocks */
-    plain = (byte*)XMALLOC((word32)encryptedAllocSz, pkcs7->heap,
-        DYNAMIC_TYPE_PKCS7);
-    if (plain == NULL) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    XMEMCPY(plain, pkcs7->content, pkcs7->contentSz);
-    if ((encryptedAllocSz - encryptedOutSz) > 0) {
-        XMEMSET(plain + encryptedOutSz, 0,
-            (word32)(encryptedAllocSz - encryptedOutSz));
-    }
-
-    encryptedContent = (byte*)XMALLOC((word32)encryptedAllocSz, pkcs7->heap,
-                                      DYNAMIC_TYPE_PKCS7);
-    if (encryptedContent == NULL) {
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    /* encrypt content */
-    ret = wc_PKCS7_EncryptContent(pkcs7, pkcs7->encryptOID, pkcs7->cek,
-            (int)pkcs7->cekSz, nonce, (int)nonceSz, aadBuffer, aadBufferSz,
-            authTag, sizeof(authTag), plain, encryptedOutSz, encryptedContent);
-
-    XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    plain = NULL;
-
-    XFREE(aadBuffer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    aadBuffer = NULL;
-
-    if (ret != 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    /* EncryptedContentInfo */
-    ret = wc_SetContentType(pkcs7->contentOID, contentType,
-                            sizeof(contentType));
-    if (ret < 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    contentTypeSz = ret;
-
-    /* put together nonce OCTET STRING */
-    nonceOctetStringSz = (int)SetOctetString(nonceSz, nonceOctetString);
-
-    /* put together aes-ICVlen INTEGER */
-    macIntSz = (word32)SetMyVersion(sizeof(authTag), macInt, 0);
-
-    /* add nonce and icv len into parameters string RFC5084 */
-    algoParamSeqSz = SetSequence((word32)nonceOctetStringSz + nonceSz +
-            macIntSz, algoParamSeq);
-
-    /* build up our ContentEncryptionAlgorithmIdentifier sequence,
-     * adding (nonceOctetStringSz + blockSz + macIntSz) for nonce OCTET STRING
-     * and tag size */
-    contentEncAlgoSz = (int)SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
-                                 oidBlkType, nonceOctetStringSz + (int)nonceSz +
-                                 (int)macIntSz + (int)algoParamSeqSz);
-
-    if (contentEncAlgoSz == 0) {
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BAD_FUNC_ARG;
-    }
-
-    encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0,
-                                (word32)encryptedOutSz, encContentOctet, 0);
-    encContentSeqSz = (int)SetSequence((word32)contentTypeSz +
-                               (word32)contentEncAlgoSz +
-                               (word32)nonceOctetStringSz + nonceSz + macIntSz +
-                               algoParamSeqSz + (word32)encContentOctetSz +
-                               (word32)encryptedOutSz, encContentSeq);
-
-    macOctetStringSz = (int)SetOctetString(sizeof(authTag), macOctetString);
-
-    /* keep track of sizes for outer wrapper layering */
-    totalSz = verSz + recipSetSz + recipSz + encContentSeqSz +
-              contentTypeSz + contentEncAlgoSz + nonceOctetStringSz +
-              (int)nonceSz + (int)macIntSz + (int)algoParamSeqSz +
-              encContentOctetSz + encryptedOutSz + (int)authAttribsSz +
-              (int)authAttribsSetSz + macOctetStringSz + (int)sizeof(authTag) +
-              (int)unauthAttribsSz + (int)unauthAttribsSetSz;
-
-    /* EnvelopedData */
-    envDataSeqSz = (int)SetSequence((word32)totalSz, envDataSeq);
-    totalSz += envDataSeqSz;
-
-    /* outer content */
-    outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent, 0);
-    totalSz += outerContentTypeSz;
-    totalSz += outerContentSz;
-
-    /* ContentInfo */
-    contentInfoSeqSz = (int)SetSequence((word32)totalSz, contentInfoSeq);
-    totalSz += contentInfoSeqSz;
-
-    if (totalSz > (int)outputSz) {
-        WOLFSSL_MSG("Pkcs7_encrypt output buffer too small");
-        wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-        XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    XMEMCPY(output + idx, contentInfoSeq, (word32)contentInfoSeqSz);
-    idx += contentInfoSeqSz;
-    XMEMCPY(output + idx, outerContentType, (word32)outerContentTypeSz);
-    idx += outerContentTypeSz;
-    XMEMCPY(output + idx, outerContent, (word32)outerContentSz);
-    idx += outerContentSz;
-    XMEMCPY(output + idx, envDataSeq, (word32)envDataSeqSz);
-    idx += envDataSeqSz;
-    XMEMCPY(output + idx, ver, (word32)verSz);
-    idx += verSz;
-    XMEMCPY(output + idx, recipSet, (word32)recipSetSz);
-    idx += recipSetSz;
-    /* copy in recipients from list */
-    tmpRecip = pkcs7->recipList;
-    while (tmpRecip != NULL) {
-        XMEMCPY(output + idx, tmpRecip->recip, tmpRecip->recipSz);
-        idx += (int)tmpRecip->recipSz;
-        tmpRecip = tmpRecip->next;
-    }
-    wc_PKCS7_FreeEncodedRecipientSet(pkcs7);
-    XMEMCPY(output + idx, encContentSeq, (word32)encContentSeqSz);
-    idx += encContentSeqSz;
-    XMEMCPY(output + idx, contentType, (word32)contentTypeSz);
-    idx += contentTypeSz;
-    XMEMCPY(output + idx, contentEncAlgo, (word32)contentEncAlgoSz);
-    idx += contentEncAlgoSz;
-    XMEMCPY(output + idx, algoParamSeq, algoParamSeqSz);
-    idx += (int)algoParamSeqSz;
-    XMEMCPY(output + idx, nonceOctetString, (word32)nonceOctetStringSz);
-    idx += nonceOctetStringSz;
-    XMEMCPY(output + idx, nonce, nonceSz);
-    idx += (int)nonceSz;
-    XMEMCPY(output + idx, macInt, macIntSz);
-    idx += (int)macIntSz;
-
-
-    XMEMCPY(output + idx, encContentOctet, (word32)encContentOctetSz);
-    idx += encContentOctetSz;
-    XMEMCPY(output + idx, encryptedContent, (word32)encryptedOutSz);
-    idx += encryptedOutSz;
-
-    /* authenticated attributes */
-    if (flatAuthAttribs && authAttribsSz > 0) {
-        XMEMCPY(output + idx, authAttribSet, authAttribsSetSz);
-        idx += (int)authAttribsSetSz;
-        XMEMCPY(output + idx, flatAuthAttribs, authAttribsSz);
-        idx += (int)authAttribsSz;
-        XFREE(flatAuthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    }
-
-    XMEMCPY(output + idx, macOctetString, (word32)macOctetStringSz);
-    idx += macOctetStringSz;
-    XMEMCPY(output + idx, authTag, sizeof(authTag));
-    idx += (int)sizeof(authTag);
-
-    /* unauthenticated attributes */
-    if (unauthAttribsSz > 0) {
-        XMEMCPY(output + idx, unauthAttribSet, unauthAttribsSetSz);
-        idx += (int)unauthAttribsSetSz;
-        XMEMCPY(output + idx, flatUnauthAttribs, unauthAttribsSz);
-        idx += (int)unauthAttribsSz;
-    }
-
-    XFREE(flatUnauthAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    return idx;
-
-#else
-    WOLFSSL_MSG("AuthEnvelopedData requires AES-GCM or AES-CCM to be enabled");
-    (void)pkcs7;
-    (void)output;
-    (void)outputSz;
-
-    return NOT_COMPILED_IN;
-#endif /* HAVE_AESGCM | HAVE_AESCCM */
-}
-
-
-/* unwrap and decrypt PKCS#7 AuthEnvelopedData object, return decoded size */
-int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
-                                                 word32 inSz, byte* output,
-                                                 word32 outputSz)
-{
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-    int recipFound = 0;
-    int ret = 0, length = 0;
-    word32 idx = 0;
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = 0;
-#endif
-    word32 contentType = 0, encOID = 0;
-    word32 decryptedKeySz = 0;
-    byte* pkiMsg = in;
-    word32 pkiMsgSz = inSz;
-
-    int expBlockSz = 0, blockKeySz = 0;
-    byte authTag[WC_AES_BLOCK_SIZE];
-    byte nonce[GCM_NONCE_MID_SZ];       /* GCM nonce is larger than CCM */
-    int nonceSz = 0, macSz = 0;
-    word32 authTagSz = 0;
-    byte* decryptedKey = NULL;
-    int encryptedContentSz = 0;
-    int encryptedAllocSz = 0;
-    byte* encryptedContent = NULL;
-    int explicitOctet = 0;
-
-    byte* encodedAttribs = NULL;
-    word32 encodedAttribIdx = 0, encodedAttribSz = 0;
-    byte* authAttrib = NULL;
-    int authAttribSz = 0;
-    word32 localIdx;
-    byte tag = 0;
-
-    if (pkcs7 == NULL)
-        return BAD_FUNC_ARG;
-
-    if (pkiMsg == NULL || pkiMsgSz == 0 ||
-        output == NULL || outputSz == 0)
-        return BAD_FUNC_ARG;
-#ifndef NO_PKCS7_STREAM
-    if (pkcs7->stream == NULL) {
-        if ((ret = wc_PKCS7_CreateStream(pkcs7)) != 0) {
-            return ret;
-        }
-    }
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_START:
-        case WC_PKCS7_INFOSET_START:
-        case WC_PKCS7_INFOSET_STAGE1:
-        case WC_PKCS7_INFOSET_STAGE2:
-        case WC_PKCS7_INFOSET_END:
-            ret = wc_PKCS7_ParseToRecipientInfoSet(pkcs7, pkiMsg, pkiMsgSz,
-                    &idx, AUTH_ENVELOPED_DATA);
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            tmpIdx = idx;
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_2);
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_2:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ +
-                            MAX_VERSION_SZ + ASN_TAG_SZ, &pkiMsg, &idx)) != 0) {
-                break;
-            }
-        #endif
-            decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
-                                                            DYNAMIC_TYPE_PKCS7);
-            if (decryptedKey == NULL) {
-                ret = MEMORY_E;
-                break;
-            }
-            else {
-                XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ);
-            }
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->key = decryptedKey;
-        #endif
-            XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ);
-            FALL_THROUGH;
-
-        case WC_PKCS7_DECRYPT_KTRI:
-        case WC_PKCS7_DECRYPT_KTRI_2:
-        case WC_PKCS7_DECRYPT_KTRI_3:
-        case WC_PKCS7_DECRYPT_KARI:
-        case WC_PKCS7_DECRYPT_KEKRI:
-        case WC_PKCS7_DECRYPT_PWRI:
-        case WC_PKCS7_DECRYPT_ORI:
-
-            decryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
-        #ifndef NO_PKCS7_STREAM
-            decryptedKey = pkcs7->stream->key;
-        #endif
-
-            ret = wc_PKCS7_DecryptRecipientInfos(pkcs7, in, inSz, &idx,
-                                                decryptedKey, &decryptedKeySz,
-                                                &recipFound);
-            if (ret != 0) {
-                break;
-            }
-
-            if (recipFound == 0) {
-                WOLFSSL_MSG(
-                      "No recipient found in envelopedData that matches input");
-                ret = PKCS7_RECIP_E;
-                break;
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            tmpIdx = idx;
-            pkcs7->stream->expected = MAX_SEQ_SZ;
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_3);
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_3:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                    pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                break;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-
-            /* remove EncryptedContentInfo */
-            if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz, 0)
-                    < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-        #ifndef NO_PKCS7_STREAM
-            /* check that the expected size was accurate */
-            if (ret == 0) {
-                if (length > (int)pkcs7->stream->expected && length >
-                        (int)pkiMsgSz) {
-                    pkcs7->stream->expected = (word32)length + 1;
-                    if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                        break;
-                    }
-                }
-            }
-        #endif
-
-            if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType,
-                        pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0) {
-                pkcs7->contentOID = (int)contentType;
-            }
-
-            if (ret == 0 && GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType,
-                        pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0) {
-                blockKeySz = wc_PKCS7_GetOIDKeySize((int)encOID);
-                if (blockKeySz < 0) {
-                    ret = blockKeySz;
-                }
-            }
-
-            if (ret == 0) {
-                expBlockSz = wc_PKCS7_GetOIDBlockSize((int)encOID);
-                if (expBlockSz < 0) {
-                    ret = expBlockSz;
-                }
-            }
-
-            /* get nonce, stored in OPTIONAL parameter of AlgoID
-             * RFC 5084 Appendix lists GCM parameters as
-             * seq
-             * ---->octet string with nonce
-             * ---->aes gcm icvlen
-             */
-            if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-
-            if (ret == 0 && tag != (ASN_CONSTRUCTED | ASN_SEQUENCE)) {
-                WOLFSSL_MSG("Optional parameters is not wrapped in a sequence");
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-            wc_PKCS7_StreamStoreVar(pkcs7, encOID, blockKeySz, 0);
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_4);
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_4:
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ +
-                            MAX_VERSION_SZ + ASN_TAG_SZ + MAX_LENGTH_SZ,
-                            &pkiMsg, &idx)) != 0) {
-                break;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-        #endif
-            /* get length of optional parameter sequence */
-            if (ret == 0 && GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            /* get nonce from octet string */
-            if (ret == 0 &&
-                GetOctetString(pkiMsg, &idx, &nonceSz, pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && nonceSz > (int)sizeof(nonce)) {
-                WOLFSSL_MSG("AuthEnvelopedData nonce too large for buffer");
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0) {
-                XMEMCPY(nonce, &pkiMsg[idx], (word32)nonceSz);
-                idx += (word32)nonceSz;
-            }
-
-            /* get mac size, also stored in OPTIONAL parameter of AlgoID */
-            if (ret == 0 && GetMyVersion(pkiMsg, &idx, &macSz, pkiMsgSz) < 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0) {
-                explicitOctet = 0;
-                localIdx = idx;
-                if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 &&
-                        tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
-                    explicitOctet = 1;
-
-                /* read encryptedContent, cont[0] */
-                ret = GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz);
-            }
-
-            if (ret == 0 &&
-                    tag != (ASN_CONTEXT_SPECIFIC | 0) &&
-                    tag != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0 && GetLength_ex(pkiMsg, &idx, &encryptedContentSz,
-                        pkiMsgSz, 0) <= 0) {
-                ret = ASN_PARSE_E;
-            }
-
-            if (explicitOctet) {
-                if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0) {
-                    ret = ASN_PARSE_E;
-                }
-                if (ret == 0 && tag != ASN_OCTET_STRING) {
-                    ret = ASN_PARSE_E;
-                }
-
-                if (ret == 0 && GetLength(pkiMsg, &idx, &encryptedContentSz,
-                            pkiMsgSz) <= 0) {
-                    ret = ASN_PARSE_E;
-                }
-            }
-
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-
-            /* store nonce for later */
-            if (nonceSz > 0) {
-                pkcs7->stream->nonceSz = (word32)nonceSz;
-                pkcs7->stream->nonce = (byte*)XMALLOC((word32)nonceSz,
-                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                if (pkcs7->stream->nonce == NULL) {
-                    ret = MEMORY_E;
-                    break;
-                }
-                else {
-                    XMEMCPY(pkcs7->stream->nonce, nonce, (word32)nonceSz);
-                }
-            }
-
-            pkcs7->stream->expected = (word32)encryptedContentSz +
-                    MAX_LENGTH_SZ + ASN_TAG_SZ + ASN_TAG_SZ;
-            wc_PKCS7_StreamStoreVar(pkcs7, encOID, blockKeySz,
-                    encryptedContentSz);
-        #endif
-
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_5);
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_5:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                    pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                break;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz,
-                &encryptedContentSz);
-        #else
-            pkiMsgSz = inSz;
-        #endif
-
-            if (expBlockSz == 0) {
-        #ifndef NO_PKCS7_STREAM
-        #endif
-                if (encOID == 0)
-                    expBlockSz = 1;
-                else {
-                    expBlockSz = wc_PKCS7_GetOIDBlockSize((int)encOID);
-                    if (expBlockSz < 0) {
-                        ret = expBlockSz;
-                        break;
-                    } else if (expBlockSz == 0)
-                        expBlockSz = 1;
-                }
-            }
-
-            /* AES-GCM/CCM does NOT require padding for plaintext content or
-             * AAD inputs RFC 5084 section 3.1 and 3.2, but we must alloc
-             * full blocks to ensure crypto only gets full blocks */
-            encryptedAllocSz = (encryptedContentSz % expBlockSz) ?
-                                   encryptedContentSz + expBlockSz -
-                                   (encryptedContentSz % expBlockSz) :
-                                   encryptedContentSz;
-            encryptedContent = (byte*)XMALLOC((word32)encryptedAllocSz,
-                                               pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            if (ret == 0 && encryptedContent == NULL) {
-                ret = MEMORY_E;
-            }
-
-            if (ret == 0) {
-                XMEMCPY(encryptedContent, &pkiMsg[idx],
-                                                    (word32)encryptedContentSz);
-                idx += (word32)encryptedContentSz;
-            }
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->bufferPt = encryptedContent;
-        #endif
-
-            /* may have IMPLICIT [1] authenticatedAttributes */
-            localIdx = idx;
-            if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 &&
-                    tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) {
-                encodedAttribIdx = idx;
-                idx++;
-
-                if (GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) <= 0) {
-                    ret = ASN_PARSE_E;
-                }
-            #ifndef NO_PKCS7_STREAM
-                pkcs7->stream->expected = (word32)length;
-            #endif
-                encodedAttribSz = (word32)length + (idx - encodedAttribIdx);
-
-                if (ret != 0)
-                    break;
-
-                if (encodedAttribSz > 0) {
-                    encodedAttribs = (byte*)XMALLOC(encodedAttribSz,
-                            pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                    if (encodedAttribs == NULL) {
-                        ret = MEMORY_E;
-                        break;
-                    }
-                }
-
-            #ifndef NO_PKCS7_STREAM
-                if (encodedAttribSz > 0) {
-                    pkcs7->stream->aadSz = encodedAttribSz;
-                    pkcs7->stream->aad   = encodedAttribs;
-                }
-
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                    break;
-                }
-            #endif
-                wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_ATRB);
-            }
-            else {
-            #ifndef NO_PKCS7_STREAM
-                if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                    break;
-                }
-                pkcs7->stream->expected = MAX_LENGTH_SZ + ASN_TAG_SZ;
-            #endif
-                wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_ATRBEND);
-                goto authenv_atrbend; /* jump over attribute cases */
-            }
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_ATRB:
-    #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-
-            length = (int)pkcs7->stream->expected;
-            encodedAttribs = pkcs7->stream->aad;
-    #endif
-
-            /* save pointer and length */
-            authAttrib = &pkiMsg[idx];
-            authAttribSz = length;
-
-            {
-                word32 ofst;
-
-                /* From RFC5083, "For the purpose of constructing the
-                * AAD, the IMPLICIT [1] tag in the authAttrs field is
-                * not used for the DER encoding: rather a universal SET
-                * OF tag is used. */
-                ofst = SetSet((word32)length, encodedAttribs);
-
-                XMEMCPY(encodedAttribs + ofst, authAttrib,
-                    (word32)authAttribSz);
-            }
-
-            /* ignoring the size returned, we know it is
-                * idx - encodedAttribIdx from parsing what's given */
-
-            if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, authAttrib,
-                    authAttribSz) < 0) {
-                WOLFSSL_MSG("Error parsing authenticated attributes");
-                ret = ASN_PARSE_E;
-                break;
-            }
-
-            idx += (word32)length;
-
-    #ifndef NO_PKCS7_STREAM
-            if (pkcs7->stream->aadSz > 0) {
-                XMEMCPY(pkcs7->stream->aad + (pkcs7->stream->aadSz -
-                        (word32)length), authAttrib, (word32)authAttribSz);
-            }
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-            pkcs7->stream->expected = MAX_LENGTH_SZ + ASN_TAG_SZ;
-    #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_ATRBEND);
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_ATRBEND:
-authenv_atrbend:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                    pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            if (pkcs7->stream->aadSz > 0) {
-                encodedAttribSz = pkcs7->stream->aadSz;
-                encodedAttribs  = pkcs7->stream->aad;
-            }
-        #endif
-
-
-            localIdx = idx;
-
-            /* Get authTag OCTET STRING */
-            if (ret == 0 && pkiMsg[localIdx] != ASN_OCTET_STRING) {
-                ret = ASN_PARSE_E;
-            }
-            localIdx++; /* move past ASN_OCTET_STRING */
-
-            if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
-                    pkiMsgSz, 0) < 0) {
-                ret = ASN_PARSE_E;
-            }
-            authTagSz = (word32)length;
-
-        #ifndef NO_PKCS7_STREAM
-            /* there might not be enough data for the auth tag too */
-            if (ret == 0) {
-                if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected &&
-                    (authTagSz + (localIdx - idx)) > pkiMsgSz) {
-                        pkcs7->stream->expected = authTagSz +
-                            (localIdx - idx);
-                        if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                            return ret;
-                        }
-                }
-            }
-        #endif
-            idx = localIdx;
-
-            if (ret == 0 && authTagSz > (word32)sizeof(authTag)) {
-                WOLFSSL_MSG("AuthEnvelopedData authTag too large for buffer");
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret == 0) {
-                XMEMCPY(authTag, &pkiMsg[idx], authTagSz);
-                idx += authTagSz;
-            }
-
-            if (ret < 0)
-                break;
-
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-            pkcs7->stream->expected = (pkcs7->stream->maxLen -
-                pkcs7->stream->totalRd) + pkcs7->stream->length;
-
-
-            /* store tag for later */
-            if (authTagSz > 0) {
-                pkcs7->stream->tagSz = authTagSz;
-                pkcs7->stream->tag = (byte*)XMALLOC(authTagSz,
-                        pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                if (pkcs7->stream->tag == NULL) {
-                    ret = MEMORY_E;
-                    break;
-                }
-                else {
-                    XMEMCPY(pkcs7->stream->tag, authTag, authTagSz);
-                }
-            }
-
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_6);
-            FALL_THROUGH;
-
-        case WC_PKCS7_AUTHENV_6:
-        #ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                break;
-            }
-
-            /* restore all variables needed */
-            if (pkcs7->stream->nonceSz > 0) {
-                nonceSz = (int)pkcs7->stream->nonceSz;
-                if (nonceSz > GCM_NONCE_MID_SZ) {
-                    WOLFSSL_MSG("PKCS7 saved nonce is too large");
-                    ret = BUFFER_E;
-                    break;
-                }
-                else {
-                    XMEMCPY(nonce, pkcs7->stream->nonce, (word32)nonceSz);
-                }
-            }
-
-            if (pkcs7->stream->tagSz > 0) {
-                authTagSz = pkcs7->stream->tagSz;
-                if (authTagSz > WC_AES_BLOCK_SIZE) {
-                    WOLFSSL_MSG("PKCS7 saved tag is too large");
-                    ret = BUFFER_E;
-                    break;
-                }
-                else {
-                    XMEMCPY(authTag, pkcs7->stream->tag, authTagSz);
-                }
-            }
-
-            if (pkcs7->stream->aadSz > 0) {
-                encodedAttribSz = pkcs7->stream->aadSz;
-                encodedAttribs  = pkcs7->stream->aad;
-            }
-
-            wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz,
-                                  &encryptedContentSz);
-            encryptedContent   = pkcs7->stream->bufferPt;
-            decryptedKey = pkcs7->stream->key;
-        #endif
-
-            /* decrypt encryptedContent */
-            ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey,
-                    (word32)blockKeySz, nonce, nonceSz, encodedAttribs,
-                    encodedAttribSz, authTag, authTagSz,
-                    encryptedContent, encryptedContentSz, encryptedContent,
-                    pkcs7->devId, pkcs7->heap);
-            if (ret != 0) {
-                XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-
-            if (encodedAttribs != NULL) {
-                XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                encodedAttribs = NULL;
-            #ifndef NO_PKCS7_STREAM
-                pkcs7->stream->aad = NULL;
-            #endif
-            }
-
-            /* copy plaintext to output */
-            XMEMCPY(output, encryptedContent, (word32)encryptedContentSz);
-
-            /* free memory, zero out keys */
-            ForceZero(encryptedContent, (word32)encryptedContentSz);
-            XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            encryptedContent = NULL;
-            ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ);
-            XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            decryptedKey = NULL;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->key = NULL;
-        #endif
-            ret = encryptedContentSz;
-        #ifndef NO_PKCS7_STREAM
-            wc_PKCS7_ResetStream(pkcs7);
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-            break;
-        default:
-            WOLFSSL_MSG("Unknown PKCS7 state");
-            ret = BAD_FUNC_ARG;
-    }
-
-    if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-        if (decryptedKey != NULL) {
-            ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ);
-            XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            decryptedKey = NULL;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->key = NULL;
-        #endif
-        }
-
-        if (encryptedContent != NULL) {
-            ForceZero(encryptedContent, (word32)encryptedContentSz);
-            XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            encryptedContent = NULL;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->bufferPt = NULL;
-        #endif
-        }
-
-        if (encodedAttribs != NULL) {
-            XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            encodedAttribs = NULL;
-        #ifndef NO_PKCS7_STREAM
-            pkcs7->stream->aad = NULL;
-        #endif
-        }
-    }
-
-#ifndef NO_PKCS7_STREAM
-    if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
-        wc_PKCS7_ResetStream(pkcs7);
-    }
-#endif
-
-    return ret;
-
-#else
-    WOLFSSL_MSG("AuthEnvelopedData requires AES-GCM or AES-CCM to be enabled");
-    (void)pkcs7;
-    (void)in;
-    (void)inSz;
-    (void)output;
-    (void)outputSz;
-
-    return NOT_COMPILED_IN;
-#endif /* HAVE_AESGCM | HAVE_AESCCM */
-}
-
-
-#ifndef NO_PKCS7_ENCRYPTED_DATA
-
-/* build PKCS#7 encryptedData content type, return encrypted size */
-int wc_PKCS7_EncodeEncryptedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
-{
-    int ret, idx = 0;
-    int totalSz, padSz, encryptedOutSz;
-
-    int contentInfoSeqSz, outerContentTypeSz, outerContentSz;
-    byte contentInfoSeq[MAX_SEQ_SZ];
-    byte outerContentType[MAX_ALGO_SZ];
-    byte outerContent[MAX_SEQ_SZ];
-
-    int encDataSeqSz, verSz, blockSz;
-    byte encDataSeq[MAX_SEQ_SZ];
-    byte ver[MAX_VERSION_SZ];
-
-    byte* plain = NULL;
-    byte* encryptedContent = NULL;
-
-    int encContentOctetSz, encContentSeqSz, contentTypeSz;
-    int contentEncAlgoSz, ivOctetStringSz;
-    byte encContentSeq[MAX_SEQ_SZ];
-    byte contentType[MAX_OID_SZ];
-    byte contentEncAlgo[MAX_ALGO_SZ];
-    byte tmpIv[MAX_CONTENT_IV_SIZE];
-    byte ivOctetString[MAX_OCTET_STR_SZ];
-    byte encContentOctet[MAX_OCTET_STR_SZ];
-
-    byte attribSet[MAX_SET_SZ];
-    EncodedAttrib* attribs = NULL;
-    word32 attribsSz;
-    word32 attribsCount;
-    word32 attribsSetSz;
-
-    byte* flatAttribs = NULL;
-
-    if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 ||
-        pkcs7->encryptOID == 0 || pkcs7->encryptionKey == NULL ||
-        pkcs7->encryptionKeySz == 0)
-        return BAD_FUNC_ARG;
-
-    if (output == NULL || outputSz == 0)
-        return BAD_FUNC_ARG;
-
-    if (pkcs7->version == 3) {
-        verSz = SetMyVersion(0, ver, 0);
-        outerContentTypeSz = 0;
-    }
-    else {
-        /* outer content type */
-        ret = wc_SetContentType(ENCRYPTED_DATA, outerContentType,
-                                sizeof(outerContentType));
-        if (ret < 0)
-            return ret;
-
-        outerContentTypeSz = ret;
-
-        /* version, 2 if unprotectedAttrs present, 0 if absent */
-        if (pkcs7->unprotectedAttribsSz > 0) {
-            verSz = SetMyVersion(2, ver, 0);
-        } else {
-            verSz = SetMyVersion(0, ver, 0);
-        }
-    }
-
-    /* EncryptedContentInfo */
-    ret = wc_SetContentType(pkcs7->contentOID, contentType,
-                            sizeof(contentType));
-    if (ret < 0)
-        return ret;
-
-    contentTypeSz = ret;
-
-    /* allocate encrypted content buffer, do PKCS#7 padding */
-    blockSz = wc_PKCS7_GetOIDBlockSize(pkcs7->encryptOID);
-    if (blockSz < 0)
-        return blockSz;
-
-    padSz = wc_PKCS7_GetPadSize(pkcs7->contentSz, (word32)blockSz);
-    if (padSz < 0)
-        return padSz;
-
-    encryptedOutSz = (int)pkcs7->contentSz + padSz;
-
-    plain = (byte*)XMALLOC((word32)encryptedOutSz, pkcs7->heap,
-                           DYNAMIC_TYPE_PKCS7);
-    if (plain == NULL)
-        return MEMORY_E;
-
-    ret = wc_PKCS7_PadData(pkcs7->content, pkcs7->contentSz, plain,
-                           (word32)encryptedOutSz, (word32)blockSz);
-    if (ret < 0) {
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    encryptedContent = (byte*)XMALLOC((word32)encryptedOutSz, pkcs7->heap,
-                                      DYNAMIC_TYPE_PKCS7);
-    if (encryptedContent == NULL) {
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return MEMORY_E;
-    }
-
-    /* put together IV OCTET STRING */
-    ivOctetStringSz = (int)SetOctetString((word32)blockSz, ivOctetString);
-
-    /* build up ContentEncryptionAlgorithmIdentifier sequence,
-       adding (ivOctetStringSz + blockSz) for IV OCTET STRING */
-    contentEncAlgoSz = (int)SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
-                                 oidBlkType, ivOctetStringSz + blockSz);
-    if (contentEncAlgoSz == 0) {
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BAD_FUNC_ARG;
-    }
-
-    /* encrypt content */
-    WOLFSSL_MSG("Encrypting the content");
-    ret = wc_PKCS7_GenerateBlock(pkcs7, NULL, tmpIv, (word32)blockSz);
-    if (ret != 0) {
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    ret = wc_PKCS7_EncryptContent(pkcs7, pkcs7->encryptOID,
-            pkcs7->encryptionKey, (int)pkcs7->encryptionKeySz, tmpIv, blockSz,
-            NULL, 0, NULL, 0, plain, encryptedOutSz, encryptedContent);
-    if (ret != 0) {
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0,
-                                    (word32)encryptedOutSz, encContentOctet, 0);
-
-    encContentSeqSz = (int)SetSequence((word32)(contentTypeSz +
-                                  contentEncAlgoSz + ivOctetStringSz + blockSz +
-                                  encContentOctetSz + encryptedOutSz),
-                                  encContentSeq);
-
-    /* optional UnprotectedAttributes */
-    if (pkcs7->unprotectedAttribsSz != 0) {
-
-        if (pkcs7->unprotectedAttribs == NULL) {
-            XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return BAD_FUNC_ARG;
-        }
-
-        attribs = (EncodedAttrib*)XMALLOC(
-                sizeof(EncodedAttrib) * pkcs7->unprotectedAttribsSz,
-                pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        if (attribs == NULL) {
-            XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return MEMORY_E;
-        }
-
-        attribsCount = pkcs7->unprotectedAttribsSz;
-        attribsSz = (word32)EncodeAttributes(attribs,
-                                     (int)pkcs7->unprotectedAttribsSz,
-                                     pkcs7->unprotectedAttribs,
-                                     (int)pkcs7->unprotectedAttribsSz);
-
-        if (attribsSz > 0) {
-            flatAttribs = (byte*)XMALLOC(attribsSz, pkcs7->heap,
-                                         DYNAMIC_TYPE_PKCS7);
-            if (flatAttribs == NULL) {
-                XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return MEMORY_E;
-            }
-
-            ret = FlattenAttributes(pkcs7, flatAttribs, attribs,
-                                    (int)attribsCount);
-            if (ret != 0) {
-                XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                return ret;
-            }
-        }
-
-        attribsSetSz = SetImplicit(ASN_SET, 1, attribsSz, attribSet, 0);
-
-    } else {
-        attribsSz = 0;
-        attribsSetSz = 0;
-    }
-
-    /* keep track of sizes for outer wrapper layering */
-    totalSz = verSz + encContentSeqSz + contentTypeSz + contentEncAlgoSz +
-              ivOctetStringSz + blockSz + encContentOctetSz + encryptedOutSz +
-              (int)attribsSz + (int)attribsSetSz;
-
-    /* EncryptedData */
-    encDataSeqSz = (int)SetSequence((word32)totalSz, encDataSeq);
-    totalSz += encDataSeqSz;
-
-    if (pkcs7->version != 3) {
-        /* outer content */
-        outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent, 0);
-        totalSz += outerContentTypeSz;
-        totalSz += outerContentSz;
-        /* ContentInfo */
-        contentInfoSeqSz = (int)SetSequence((word32)totalSz, contentInfoSeq);
-        totalSz += contentInfoSeqSz;
-    } else {
-        contentInfoSeqSz = 0;
-        outerContentSz = 0;
-    }
-
-    if (totalSz > (int)outputSz) {
-        WOLFSSL_MSG("PKCS#7 output buffer too small");
-        XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    XMEMCPY(output + idx, contentInfoSeq, (word32)contentInfoSeqSz);
-    idx += contentInfoSeqSz;
-    XMEMCPY(output + idx, outerContentType, (word32)outerContentTypeSz);
-    idx += outerContentTypeSz;
-    XMEMCPY(output + idx, outerContent, (word32)outerContentSz);
-    idx += outerContentSz;
-    XMEMCPY(output + idx, encDataSeq, (word32)encDataSeqSz);
-    idx += encDataSeqSz;
-    XMEMCPY(output + idx, ver, (word32)verSz);
-    idx += verSz;
-    XMEMCPY(output + idx, encContentSeq, (word32)encContentSeqSz);
-    idx += encContentSeqSz;
-    XMEMCPY(output + idx, contentType, (word32)contentTypeSz);
-    idx += contentTypeSz;
-    XMEMCPY(output + idx, contentEncAlgo, (word32)contentEncAlgoSz);
-    idx += contentEncAlgoSz;
-    XMEMCPY(output + idx, ivOctetString, (word32)ivOctetStringSz);
-    idx += ivOctetStringSz;
-    XMEMCPY(output + idx, tmpIv, (word32)blockSz);
-    idx += blockSz;
-    XMEMCPY(output + idx, encContentOctet, (word32)encContentOctetSz);
-    idx += encContentOctetSz;
-    XMEMCPY(output + idx, encryptedContent, (word32)encryptedOutSz);
-    idx += encryptedOutSz;
-
-    if (pkcs7->unprotectedAttribsSz != 0) {
-        XMEMCPY(output + idx, attribSet, attribsSetSz);
-        idx += (int)attribsSetSz;
-        if (attribsSz > 0) {
-            XMEMCPY(output + idx, flatAttribs, attribsSz);
-            idx += (int)attribsSz;
-        }
-    }
-
-    XFREE(attribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    XFREE(flatAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    return idx;
-}
-
-
-/* decode and store unprotected attributes in PKCS7->decodedAttrib. Return
- * 0 on success, negative on error. User must call wc_PKCS7_Free(). */
-static int wc_PKCS7_DecodeUnprotectedAttributes(wc_PKCS7* pkcs7, byte* pkiMsg,
-                                             word32 pkiMsgSz, word32* inOutIdx)
-{
-    int ret, attribLen;
-    word32 idx;
-    byte tag;
-
-    if (pkcs7 == NULL || pkiMsg == NULL ||
-        pkiMsgSz == 0 || inOutIdx == NULL)
-        return BAD_FUNC_ARG;
-
-    idx = *inOutIdx;
-
-    if (GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
-        return ASN_PARSE_E;
-
-    if (GetLength(pkiMsg, &idx, &attribLen, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* loop through attributes */
-    if ((ret = wc_PKCS7_ParseAttribs(pkcs7, pkiMsg + idx, attribLen)) < 0) {
-        return ret;
-    }
-
-    *inOutIdx = idx;
-
-    return 0;
-}
-
-
-/* unwrap and decrypt PKCS#7/CMS encrypted-data object, returned decoded size */
-int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
-                                 byte* output, word32 outputSz)
-{
-    int ret = 0, version = 0, length = 0, haveAttribs = 0;
-    word32 idx = 0;
-
-#ifndef NO_PKCS7_STREAM
-    word32 tmpIdx = 0;
-#endif
-    word32 contentType = 0, encOID = 0;
-
-    int expBlockSz = 0;
-    byte tmpIvBuf[MAX_CONTENT_IV_SIZE];
-    byte *tmpIv = tmpIvBuf;
-
-    int encryptedContentSz = 0;
-    byte padLen = 0;
-    byte* encryptedContent = NULL;
-
-    byte* pkiMsg = in;
-    word32 pkiMsgSz = inSz;
-    byte  tag = 0;
-
-    if (pkcs7 == NULL ||
-            ((pkcs7->encryptionKey == NULL || pkcs7->encryptionKeySz == 0) &&
-              pkcs7->decryptionCb == NULL))
-        return BAD_FUNC_ARG;
-
-    if (pkiMsg == NULL || pkiMsgSz == 0 ||
-        output == NULL || outputSz == 0)
-        return BAD_FUNC_ARG;
-
-#ifndef NO_PKCS7_STREAM
-    (void)tmpIv; /* help out static analysis */
-    if (pkcs7->stream == NULL) {
-        if ((ret = wc_PKCS7_CreateStream(pkcs7)) != 0) {
-            return ret;
-        }
-    }
-#endif
-
-    switch (pkcs7->state) {
-        case WC_PKCS7_START:
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_SEQ_SZ +
-                            MAX_ALGO_SZ, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-
-            if ((ret = wc_PKCS7_SetMaxStream(pkcs7, in, inSz)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-#endif
-
-            if (GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            if (pkcs7->version != 3) { /* ContentInfo not in firmware bundles */
-                /* read past ContentInfo, verify type is encrypted-data */
-                if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType,
-                            pkiMsgSz) < 0)
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && contentType != ENCRYPTED_DATA) {
-                    WOLFSSL_MSG("PKCS#7 input not of type EncryptedData");
-                    ret = PKCS7_OID_E;
-                }
-            }
-            if (ret != 0) break;
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-#endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_STAGE2);
-            FALL_THROUGH;
-            /* end of stage 1 */
-
-        case WC_PKCS7_STAGE2:
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            MAX_LENGTH_SZ + MAX_SEQ_SZ + ASN_TAG_SZ, &pkiMsg,
-                            &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-#endif
-            if (pkcs7->version != 3) {
-                if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0)
-                    ret = ASN_PARSE_E;
-                if (ret == 0 && tag !=
-                        (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
-                    ret = ASN_PARSE_E;
-
-                if (ret == 0 && GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
-
-                /* remove EncryptedData and version */
-                if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
-            }
-
-            if (ret != 0) break;
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-#endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_STAGE3);
-            FALL_THROUGH;
-            /* end of stage 2 */
-
-       case WC_PKCS7_STAGE3:
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            MAX_VERSION_SZ + MAX_SEQ_SZ + MAX_ALGO_SZ * 2,
-                            &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-#endif
-            /* get version, check later */
-            haveAttribs = 0;
-            if (ret == 0 && GetMyVersion(pkiMsg, &idx, &version, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            /* remove EncryptedContentInfo */
-            if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
-                        NO_USER_CHECK) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType,
-                        pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0) {
-                pkcs7->contentOID = (int)contentType;
-            }
-
-            if (ret == 0 && (ret = GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType,
-                        pkiMsgSz)) < 0)
-                ret = ASN_PARSE_E;
-            if (ret == 0 && (expBlockSz =
-                    wc_PKCS7_GetOIDBlockSize((int)encOID)) < 0)
-                ret = expBlockSz;
-
-            if (ret != 0) break;
-#ifndef NO_PKCS7_STREAM
-            /* store expBlockSz for later */
-            pkcs7->stream->varOne = (word32)expBlockSz;
-            pkcs7->stream->varTwo = (int)encOID;
-
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-
-            /* store version for later */
-            pkcs7->stream->vers = (word32)version;
-#endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_STAGE4);
-            FALL_THROUGH;
-            /* end of stage 3 */
-
-        /* get block cipher IV, stored in OPTIONAL parameter of AlgoID */
-       case WC_PKCS7_STAGE4:
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            ASN_TAG_SZ + MAX_LENGTH_SZ, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            /* restore saved variables */
-            expBlockSz = (int)pkcs7->stream->varOne;
-#endif
-            if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-            if (ret == 0 && tag != ASN_OCTET_STRING)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && length != expBlockSz) {
-                WOLFSSL_MSG(
-                      "Incorrect IV length, must be of content alg block size");
-                ret = ASN_PARSE_E;
-            }
-
-            if (ret != 0) break;
-#ifndef NO_PKCS7_STREAM
-            /* next chunk of data expected should have the IV */
-            pkcs7->stream->expected = (word32)length;
-
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-#endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_STAGE5);
-            FALL_THROUGH;
-            /* end of stage 4 */
-
-       case WC_PKCS7_STAGE5:
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected + ASN_TAG_SZ +
-                            MAX_LENGTH_SZ, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            /* use IV buffer from stream structure */
-            tmpIv  = pkcs7->stream->tmpIv;
-            length = (int)pkcs7->stream->expected;
-#endif
-            XMEMCPY(tmpIv, &pkiMsg[idx], (word32)length);
-            idx += (word32)length;
-            /* read encryptedContent, cont[0] */
-            if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0)
-                ret = ASN_PARSE_E;
-            if (ret == 0 && tag != (ASN_CONTEXT_SPECIFIC | 0))
-                ret = ASN_PARSE_E;
-
-            if (ret == 0 && GetLength_ex(pkiMsg, &idx, &encryptedContentSz,
-                        pkiMsgSz, NO_USER_CHECK) <= 0)
-                ret = ASN_PARSE_E;
-
-            if (ret < 0)
-                break;
-#ifndef NO_PKCS7_STREAM
-            /* next chunk of data should contain encrypted content */
-            pkcs7->stream->varThree = encryptedContentSz;
-            if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
-                break;
-            }
-
-            if (pkcs7->stream->totalRd + (word32)encryptedContentSz <
-                    pkcs7->stream->maxLen) {
-                pkcs7->stream->flagOne = 1;
-            }
-
-            pkcs7->stream->expected = (pkcs7->stream->maxLen -
-                pkcs7->stream->totalRd) + pkcs7->stream->length;
-
-#endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_STAGE6);
-            FALL_THROUGH;
-            /* end of stage 5 */
-
-        case WC_PKCS7_STAGE6:
-#ifndef NO_PKCS7_STREAM
-            if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
-                            pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
-                return ret;
-            }
-            pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
-
-            /* restore saved variables */
-            expBlockSz = (int)pkcs7->stream->varOne;
-            encOID     = (word32)pkcs7->stream->varTwo;
-            encryptedContentSz = pkcs7->stream->varThree;
-            version    = (int)pkcs7->stream->vers;
-            tmpIv      = pkcs7->stream->tmpIv;
-#endif
-            if (encryptedContentSz <= 0) {
-                ret = BUFFER_E;
-                break;
-            }
-
-            if (ret == 0 && (encryptedContent = (byte*)XMALLOC(
-                                  (unsigned int)encryptedContentSz, pkcs7->heap,
-                                  DYNAMIC_TYPE_PKCS7)) == NULL) {
-                ret = MEMORY_E;
-                break;
-            }
-
-            if (ret == 0) {
-                XMEMCPY(encryptedContent, &pkiMsg[idx],
-                    (unsigned int)encryptedContentSz);
-                idx += (word32)encryptedContentSz;
-
-                /* decrypt encryptedContent */
-                ret = wc_PKCS7_DecryptContent(pkcs7, encOID,
-                              pkcs7->encryptionKey, pkcs7->encryptionKeySz,
-                              tmpIv, expBlockSz, NULL, 0, NULL, 0,
-                              encryptedContent, encryptedContentSz,
-                              encryptedContent, pkcs7->devId, pkcs7->heap);
-                if (ret != 0) {
-                    XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                }
-            }
-
-            if (ret == 0) {
-                padLen = encryptedContent[encryptedContentSz-1];
-
-                if (padLen > encryptedContentSz) {
-                    WOLFSSL_MSG("Bad padding size found");
-                    ret = BUFFER_E;
-                    XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                    break;
-                }
-
-                /* copy plaintext to output */
-                XMEMCPY(output, encryptedContent,
-                    (unsigned int)(encryptedContentSz - padLen));
-
-                /* get implicit[1] unprotected attributes, optional */
-                wc_PKCS7_FreeDecodedAttrib(pkcs7->decodedAttrib, pkcs7->heap);
-                pkcs7->decodedAttrib = NULL;
-            #ifndef NO_PKCS7_STREAM
-                if (pkcs7->stream->flagOne)
-            #else
-                if (idx < pkiMsgSz)
-            #endif
-                {
-                    haveAttribs = 1;
-
-                    ret = wc_PKCS7_DecodeUnprotectedAttributes(pkcs7, pkiMsg,
-                                                       pkiMsgSz, &idx);
-                    if (ret != 0) {
-                        ForceZero(encryptedContent, (word32)encryptedContentSz);
-                        XFREE(encryptedContent, pkcs7->heap,
-                            DYNAMIC_TYPE_PKCS7);
-                        ret = ASN_PARSE_E;
-                    }
-                }
-            }
-
-            if (ret == 0) {
-                ForceZero(encryptedContent, (word32)encryptedContentSz);
-                XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-                /* go back and check the version now that attribs have been
-                 * processed */
-                if (pkcs7->version == 3 && version != 0) {
-                    WOLFSSL_MSG("Wrong PKCS#7 FirmwareEncryptedData version");
-                    return ASN_VERSION_E;
-                }
-
-                if (pkcs7->version != 3 &&
-                   ((haveAttribs == 0 && version != 0) ||
-                    (haveAttribs == 1 && version != 2))) {
-                    WOLFSSL_MSG("Wrong PKCS#7 EncryptedData version");
-                    return ASN_VERSION_E;
-                }
-                ret = encryptedContentSz - padLen;
-            }
-
-            if (ret != 0) break;
-        #ifndef NO_PKCS7_STREAM
-            wc_PKCS7_ResetStream(pkcs7);
-        #endif
-            wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-            break;
-
-        default:
-            WOLFSSL_MSG("Error in unknown PKCS#7 Decode Encrypted Data state");
-            return BAD_STATE_E;
-    }
-
-    if (ret != 0) {
-    #ifndef NO_PKCS7_STREAM
-        /* restart in error case */
-        wc_PKCS7_ResetStream(pkcs7);
-    #endif
-        wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_START);
-    }
-    return ret;
-}
-
-
-/* Function to set callback during decryption, this overrides the default
- * decryption function and can be used for choosing a key at run time based
- * on the parsed bundle so far.
- * returns 0 on success
- */
-int wc_PKCS7_SetDecodeEncryptedCb(wc_PKCS7* pkcs7,
-        CallbackDecryptContent decryptionCb)
-{
-    if (pkcs7 != NULL) {
-        pkcs7->decryptionCb = decryptionCb;
-    }
-    return 0;
-}
-
-
-/* Set an optional user context that gets passed to callback
- * returns 0 on success
- */
-int wc_PKCS7_SetDecodeEncryptedCtx(wc_PKCS7* pkcs7, void* ctx)
-{
-    if (pkcs7 != NULL) {
-        pkcs7->decryptionCtx = ctx;
-    }
-    return 0;
-}
-#endif /* NO_PKCS7_ENCRYPTED_DATA */
-
-
-/* Unwrap and decrypt PKCS#7/CMS EncryptedKeyPackage object, return the
- * decoded size. */
-int wc_PKCS7_DecodeEncryptedKeyPackage(wc_PKCS7 * pkcs7,
-        byte * pkiMsg, word32 pkiMsgSz, byte * output, word32 outputSz)
-{
-    int ret = 0;
-    word32 pkiIndex = 0;
-    word32 contentType = 0;
-    int length = 0;
-
-    if (pkiMsg == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Expect a SEQUENCE header to start the EncryptedKeyPackage
-     * ContentInfo. */
-    else if (GetSequence_ex(pkiMsg, &pkiIndex, &length, pkiMsgSz, 1) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Validate the EncryptedKeyPackage OBJECT IDENTIFIER. */
-    else if (wc_GetContentType(pkiMsg, &pkiIndex, &contentType, pkiMsgSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    else if (contentType != ENCRYPTED_KEY_PACKAGE) {
-        WOLFSSL_MSG("PKCS#7 input not of type EncryptedKeyPackage");
-        ret = PKCS7_OID_E;
-    }
-    /* Expect content [0] tag */
-    else if (GetASNHeader(pkiMsg, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED,
-                &pkiIndex, &length, pkiMsgSz) < 0) {
-        ret = ASN_PARSE_E;
-    }
-    /* Check for an EncryptedKeyPackage explicit CHOICE [0] tag, indicating
-     * an EnvelopedData subtype. */
-    else if (GetASNHeader(pkiMsg, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED,
-                &pkiIndex, &length, pkiMsgSz) >= 0) {
-        /* An explicit CHOICE [0] tag was found. pkiIndex now should point
-         * to the EnvelopedData ContentInfo object within the
-         * EncryptedKeyPackage. */
-        ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, &pkiMsg[pkiIndex],
-                pkiMsgSz - pkiIndex, output, outputSz);
-    }
-    else {
-#ifndef NO_PKCS7_ENCRYPTED_DATA
-        /* An explicit CHOICE [0] tag was not found. Check if we have an
-         * EncryptedData blob. */
-        ret = wc_PKCS7_DecodeEncryptedData(pkcs7, &pkiMsg[pkiIndex],
-                pkiMsgSz - pkiIndex, output, outputSz);
-#else
-        ret = ASN_PARSE_E;
-#endif
-    }
-
-    return ret;
-}
-
-
-/* set stream mode for encoding and signing
- * returns 0 on success */
-int wc_PKCS7_SetStreamMode(wc_PKCS7* pkcs7, byte flag,
-    CallbackGetContent getContentCb,
-    CallbackStreamOut streamOutCb, void* ctx)
-{
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-#ifdef ASN_BER_TO_DER
-    pkcs7->encodeStream = (flag != 0);
-    pkcs7->getContentCb = getContentCb;
-    pkcs7->streamOutCb  = streamOutCb;
-    pkcs7->streamCtx    = ctx;
-    return 0;
-#else
-    (void)flag;
-    (void)getContentCb;
-    (void)streamOutCb;
-    (void)ctx;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-
-/* returns to current stream mode flag on success, negative values on fail */
-int wc_PKCS7_GetStreamMode(wc_PKCS7* pkcs7)
-{
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-#ifdef ASN_BER_TO_DER
-    return pkcs7->encodeStream;
-#else
-    return 0;
-#endif
-}
-
-
-/* set option to not include certificates when creating a bundle
- * returns 0 on success */
-int wc_PKCS7_SetNoCerts(wc_PKCS7* pkcs7, byte flag)
-{
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    pkcs7->noCerts = (flag != 0);
-    return 0;
-}
-
-
-/* returns the current noCerts flag value on success, negative values on fail */
-int wc_PKCS7_GetNoCerts(wc_PKCS7* pkcs7)
-{
-    if (pkcs7 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return pkcs7->noCerts;
-}
-
-
-#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
-
-/* build PKCS#7 compressedData content type, return encrypted size */
-int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output,
-    word32 outputSz)
-{
-    byte contentInfoSeq[MAX_SEQ_SZ];
-    byte contentInfoTypeOid[MAX_OID_SZ];
-    byte contentInfoContentSeq[MAX_SEQ_SZ]; /* EXPLICIT [0] */
-    byte compressedDataSeq[MAX_SEQ_SZ];
-    byte cmsVersion[MAX_VERSION_SZ];
-    byte compressAlgId[MAX_ALGO_SZ];
-    byte encapContentInfoSeq[MAX_SEQ_SZ];
-    byte contentTypeOid[MAX_OID_SZ];
-    byte contentSeq[MAX_SEQ_SZ];            /* EXPLICIT [0] */
-    byte contentOctetStr[MAX_OCTET_STR_SZ];
-
-    int ret;
-    word32 totalSz, idx;
-    word32 contentInfoSeqSz, contentInfoContentSeqSz, contentInfoTypeOidSz;
-    word32 compressedDataSeqSz, cmsVersionSz, compressAlgIdSz;
-    word32 encapContentInfoSeqSz, contentTypeOidSz, contentSeqSz;
-    word32 contentOctetStrSz;
-
-    byte* compressed;
-    word32 compressedSz;
-
-    if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 ||
-        output == NULL || outputSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* allocate space for compressed content. The libz code says the compressed
-     * buffer should be srcSz + 0.1% + 12. */
-    compressedSz = (pkcs7->contentSz + (word32)(pkcs7->contentSz * 0.001) + 12);
-    compressed = (byte*)XMALLOC(compressedSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-    if (compressed == NULL) {
-        WOLFSSL_MSG("Error allocating memory for CMS compressed content");
-        return MEMORY_E;
-    }
-
-    /* compress content */
-    ret = wc_Compress(compressed, compressedSz, pkcs7->content,
-                      pkcs7->contentSz, 0);
-    if (ret < 0) {
-        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-    compressedSz = (word32)ret;
-
-    /* eContent OCTET STRING, working backwards */
-    contentOctetStrSz = SetOctetString(compressedSz, contentOctetStr);
-    totalSz = contentOctetStrSz + compressedSz;
-
-    /* EXPLICIT [0] eContentType */
-    contentSeqSz = SetExplicit(0, totalSz, contentSeq, 0);
-    totalSz += contentSeqSz;
-
-    /* eContentType OBJECT IDENTIFIER */
-    ret = wc_SetContentType(pkcs7->contentOID, contentTypeOid,
-                            sizeof(contentTypeOid));
-    if (ret < 0) {
-        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return ret;
-    }
-
-    contentTypeOidSz = ret;
-    totalSz += contentTypeOidSz;
-
-    /* EncapsulatedContentInfo SEQUENCE */
-    encapContentInfoSeqSz = SetSequence(totalSz, encapContentInfoSeq);
-    totalSz += encapContentInfoSeqSz;
-
-    /* compressionAlgorithm AlgorithmIdentifier */
-    /* Only supports zlib for compression currently:
-     * id-alg-zlibCompress (1.2.840.113549.1.9.16.3.8) */
-    compressAlgIdSz = SetAlgoID(ZLIBc, compressAlgId, oidCompressType, 0);
-    totalSz += compressAlgIdSz;
-
-    /* version */
-    cmsVersionSz = SetMyVersion(0, cmsVersion, 0);
-    totalSz += cmsVersionSz;
-
-    /* CompressedData SEQUENCE */
-    compressedDataSeqSz = SetSequence(totalSz, compressedDataSeq);
-    totalSz += compressedDataSeqSz;
-
-    if (pkcs7->version == 3) {
-        /* RFC 4108 section 2
-         * When the SignedData is version 3 and eContent is compressedData then
-         * the encoding is :
-         * CompressedData {
-         *   version
-         *   compressionAlgorithm
-         *   encapContentInfo
-         * }
-         */
-        contentInfoSeqSz        = 0;
-        contentInfoTypeOidSz    = 0;
-        contentInfoContentSeqSz = 0;
-    }
-    else {
-        /* EncryptedData eContent type is encoded with:
-         * EncryptedData {
-         *  version
-         *  EncryptedContentInfo {
-         *      contentType (i.e id-ct-compressedData)
-         *      contentEncryptionAlgorithm
-         *      octet string of CompressedData or FirmwarePkgData
-         *  }
-         *  attributes
-         * }
-         */
-
-        /* ContentInfo content EXPLICIT SEQUENCE */
-        contentInfoContentSeqSz = SetExplicit(0, totalSz, contentInfoContentSeq,
-            0);
-        totalSz += contentInfoContentSeqSz;
-
-        ret = wc_SetContentType(COMPRESSED_DATA, contentInfoTypeOid,
-                                sizeof(contentInfoTypeOid));
-        if (ret < 0) {
-            XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-            return ret;
-        }
-
-        contentInfoTypeOidSz = ret;
-        totalSz += contentInfoTypeOidSz;
-
-        /* ContentInfo SEQUENCE */
-        contentInfoSeqSz = SetSequence(totalSz, contentInfoSeq);
-        totalSz += contentInfoSeqSz;
-    }
-
-    if (outputSz < totalSz) {
-        XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    idx = 0;
-    if (contentInfoSeqSz > 0) {
-        XMEMCPY(output + idx, contentInfoSeq, contentInfoSeqSz);
-        idx += contentInfoSeqSz;
-    }
-    if (contentInfoTypeOidSz > 0) {
-        XMEMCPY(output + idx, contentInfoTypeOid, contentInfoTypeOidSz);
-        idx += contentInfoTypeOidSz;
-    }
-    if (contentInfoContentSeqSz > 0) {
-        XMEMCPY(output + idx, contentInfoContentSeq, contentInfoContentSeqSz);
-        idx += contentInfoContentSeqSz;
-    }
-    XMEMCPY(output + idx, compressedDataSeq, compressedDataSeqSz);
-    idx += compressedDataSeqSz;
-    XMEMCPY(output + idx, cmsVersion, cmsVersionSz);
-    idx += cmsVersionSz;
-    XMEMCPY(output + idx, compressAlgId, compressAlgIdSz);
-    idx += compressAlgIdSz;
-    XMEMCPY(output + idx, encapContentInfoSeq, encapContentInfoSeqSz);
-    idx += encapContentInfoSeqSz;
-    XMEMCPY(output + idx, contentTypeOid, contentTypeOidSz);
-    idx += contentTypeOidSz;
-    XMEMCPY(output + idx, contentSeq, contentSeqSz);
-    idx += contentSeqSz;
-    XMEMCPY(output + idx, contentOctetStr, contentOctetStrSz);
-    idx += contentOctetStrSz;
-    XMEMCPY(output + idx, compressed, compressedSz);
-    idx += compressedSz;
-
-    XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    return idx;
-}
-
-/* unwrap and decompress PKCS#7/CMS compressedData object,
- * Handles content wrapped compressed data and raw compressed data packet
- * returned decoded size */
-int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg,
-    word32 pkiMsgSz, byte* output, word32 outputSz)
-{
-    int length, version, ret;
-    word32 idx = 0, algOID, contentType;
-    byte tag;
-
-    byte* decompressed;
-    word32 decompressedSz;
-
-    if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0 ||
-        output == NULL || outputSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* unwarp content surrounding if found */
-    {
-        word32 localIdx = idx;
-        int err = 0;
-
-        /* get ContentInfo SEQUENCE */
-        if (GetSequence(pkiMsg, &localIdx, &length, pkiMsgSz) < 0)
-            err = ASN_PARSE_E;
-
-        if (err == 0 && pkcs7->version != 3) {
-            /* get ContentInfo contentType */
-            if (wc_GetContentType(pkiMsg, &localIdx, &contentType, pkiMsgSz)
-                    < 0)
-                err = ASN_PARSE_E;
-
-            if (err == 0 && contentType != COMPRESSED_DATA)
-                err = ASN_PARSE_E;
-        }
-
-        /* get ContentInfo content EXPLICIT SEQUENCE */
-        if (err == 0) {
-            if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0)
-                err = ASN_PARSE_E;
-        }
-
-        if (err == 0) {
-            if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
-                err = ASN_PARSE_E;
-        }
-
-        if (err == 0) {
-            if (GetLength(pkiMsg, &localIdx, &length, pkiMsgSz) < 0)
-                err = ASN_PARSE_E;
-        }
-
-        /* successful content unwrap, update index */
-        if (err == 0) {
-            idx = localIdx;
-        }
-    }
-
-    /* get CompressedData SEQUENCE */
-    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* get version */
-    if (GetMyVersion(pkiMsg, &idx, &version, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (version != 0) {
-        WOLFSSL_MSG("CMS CompressedData version MUST be 0, but is not");
-        return ASN_PARSE_E;
-    }
-
-    /* get CompressionAlgorithmIdentifier */
-    if (GetAlgoId(pkiMsg, &idx, &algOID, oidIgnoreType, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* Only supports zlib for compression currently:
-     * id-alg-zlibCompress (1.2.840.113549.1.9.16.3.8) */
-    if (algOID != ZLIBc) {
-        WOLFSSL_MSG("CMS CompressedData only supports zlib algorithm");
-        return ASN_PARSE_E;
-    }
-
-    /* get EncapsulatedContentInfo SEQUENCE */
-    if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* get ContentType OID */
-    if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    pkcs7->contentOID = contentType;
-
-    /* get eContent EXPLICIT SEQUENCE */
-    if (GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
-        return ASN_PARSE_E;
-
-    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* get content OCTET STRING */
-    if (GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    if (tag != ASN_OCTET_STRING)
-        return ASN_PARSE_E;
-
-    if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
-        return ASN_PARSE_E;
-
-    /* decompress content */
-    ret = wc_DeCompressDynamic(&decompressed, WOLFSSL_PKCS7_MAX_DECOMPRESSION,
-            DYNAMIC_TYPE_PKCS7, &pkiMsg[idx], length, 0, pkcs7->heap);
-    if (ret < 0) {
-        return ret;
-    }
-    decompressedSz = (word32)ret;
-
-    /* get content */
-    if (outputSz < decompressedSz) {
-        WOLFSSL_MSG("CMS output buffer too small to hold decompressed data");
-        XFREE(decompressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-        return BUFFER_E;
-    }
-
-    XMEMCPY(output, decompressed, decompressedSz);
-    XFREE(decompressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-
-    return decompressedSz;
-}
-
-#endif /* HAVE_LIBZ && !NO_PKCS7_COMPRESSED_DATA */
-
-static int wc_PKCS7_DecodeSymmetricKeyPackage(const byte * skp, word32 skpSz,
-        size_t index, const byte ** out, word32 * outSz, int getKey)
-{
-    word32 skpIndex = 0;
-    int length = 0;
-    int version = 0;
-    int ret = 0;
-
-    if (skp == NULL || out == NULL || outSz == NULL)
-        ret = BAD_FUNC_ARG;
-
-    /* Expect a SEQUENCE header to start the SymmetricKeyPackage object. */
-    if (ret == 0 && GetSequence(skp, &skpIndex, &length, skpSz) < 0)
-        ret = ASN_PARSE_E;
-
-    /* Expect version v1 */
-    if (ret == 0 && GetMyVersion(skp, &skpIndex, &version, skpSz) < 0)
-        ret = ASN_PARSE_E;
-
-    if (ret == 0 && version != 1)
-        ret = ASN_PARSE_E;
-
-    if (ret == 0 && GetASNHeader(skp, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED,
-            &skpIndex, &length, skpSz) >= 0) {
-        /* sKeyPkgAttrs [0] tag found so there are attributes present. */
-        if (getKey != 0) {
-            /* Key was requested, not attribute, so skip the attributes. */
-            skpIndex += (word32)length;
-        }
-        else {
-            /* sKeyPkgAttrs is present at &skp[skpIndex], length in length */
-            ret = wc_IndexSequenceOf(&skp[skpIndex], (word32)length, index,
-                    out, outSz);
-        }
-    }
-    else if (ret == 0 && getKey == 0) {
-        /* An attribute was requested, but none are present. */
-        ret = BAD_INDEX_E;
-    }
-
-    if (ret == 0 && getKey != 0) {
-        /* sKeys is present at &skp[skpIndex]. */
-        ret = wc_IndexSequenceOf(&skp[skpIndex], skpSz - skpIndex, index,
-                out, outSz);
-    }
-
-    return ret;
-}
-
-int wc_PKCS7_DecodeSymmetricKeyPackageAttribute(const byte * skp,
-        word32 skpSz, size_t index, const byte ** attr, word32 * attrSz)
-{
-    return wc_PKCS7_DecodeSymmetricKeyPackage(skp, skpSz, index, attr, attrSz,
-            0);
-}
-
-int wc_PKCS7_DecodeSymmetricKeyPackageKey(const byte * skp,
-        word32 skpSz, size_t index, const byte ** key, word32 * keySz)
-{
-    return wc_PKCS7_DecodeSymmetricKeyPackage(skp, skpSz, index, key, keySz, 1);
-}
-
-int wc_PKCS7_DecodeOneSymmetricKeyAttribute(const byte * osk,
-        word32 oskSz, size_t index, const byte ** attr, word32 * attrSz)
-{
-    word32 oskIndex = 0;
-    word32 tmpIndex;
-    int length = 0;
-    int ret = 0;
-
-    if (osk == NULL || attr == NULL || attrSz == NULL)
-        ret = BAD_FUNC_ARG;
-
-    /* Expect a SEQUENCE header to start the OneSymmetricKey object. */
-    if (ret == 0 && GetSequence(osk, &oskIndex, &length, oskSz) < 0)
-        ret = ASN_PARSE_E;
-
-    tmpIndex = oskIndex;
-
-    if (ret == 0 && GetSequence(osk, &tmpIndex, &length, oskSz) < 0) {
-        /* sKeyAttrs is not present. */
-        ret = BAD_INDEX_E;
-    }
-
-    /* Index the sKeyAttrs SEQUENCE OF object with the given index. */
-    if (ret == 0)
-        ret = wc_IndexSequenceOf(&osk[oskIndex], oskSz - oskIndex, index, attr,
-            attrSz);
-
-    return ret;
-}
-
-int wc_PKCS7_DecodeOneSymmetricKeyKey(const byte * osk,
-        word32 oskSz, const byte ** key, word32 * keySz)
-{
-    word32 oskIndex = 0;
-    int length = 0;
-    int ret = 0;
-
-    if (osk == NULL || key == NULL || keySz == NULL)
-        ret = BAD_FUNC_ARG;
-
-    /* Expect a SEQUENCE header to start the OneSymmetricKey object. */
-    if (ret == 0 && GetSequence(osk, &oskIndex, &length, oskSz) < 0)
-        ret = ASN_PARSE_E;
-
-    if (ret == 0 && GetSequence(osk, &oskIndex, &length, oskSz) >= 0) {
-        /* sKeyAttrs is present. Skip it. */
-        oskIndex += (word32)length;
-    }
-
-    if (ret == 0 && GetASNHeader(osk, ASN_OCTET_STRING, &oskIndex, &length,
-                oskSz) < 0)
-        ret = ASN_PARSE_E;
-
-    if (ret == 0) {
-        *key = &osk[oskIndex];
-        *keySz = (word32)length;
-    }
-
-    return ret;
-}
-
-#else  /* HAVE_PKCS7 */
-
-
-#ifdef _MSC_VER
-    /* 4206 warning for blank file */
-    #pragma warning(disable: 4206)
-#endif
-
-
-#endif /* HAVE_PKCS7 */
diff --git a/src/ssl/wolfssl/wolfcrypt/pwdbased.c b/src/ssl/wolfssl/wolfcrypt/pwdbased.c
deleted file mode 100644
index d0179249c..000000000
--- a/src/ssl/wolfssl/wolfcrypt/pwdbased.c
+++ /dev/null
@@ -1,873 +0,0 @@
-/* pwdbased.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_PWDBASED
-
-#if FIPS_VERSION3_GE(6,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-       #ifdef USE_WINDOWS_API
-               #pragma code_seg(".fipsA$h")
-               #pragma const_seg(".fipsB$h")
-       #endif
-#endif
-
-#include <wolfssl/wolfcrypt/pwdbased.h>
-#include <wolfssl/wolfcrypt/hmac.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#include <wolfssl/wolfcrypt/wolfmath.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_pbkdf_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000010 };
-    int wolfCrypt_FIPS_PBKDF_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-#ifdef HAVE_PBKDF1
-
-/* PKCS#5 v1.5 with non standard extension to optionally derive the extra data (IV) */
-int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen,
-    const byte* passwd, int passwdLen, const byte* salt, int saltLen,
-    int iterations, int hashType, void* heap)
-{
-    int  err;
-    int  keyLeft, ivLeft, i;
-    int  store;
-    int  keyOutput = 0;
-    int  digestLen;
-    byte digest[WC_MAX_DIGEST_SIZE];
-    WC_DECLARE_VAR(hash, wc_HashAlg, 1, 0);
-    enum wc_HashType hashT;
-
-    (void)heap;
-
-    if (key == NULL || keyLen < 0 || passwdLen < 0 || saltLen < 0 || ivLen < 0){
-        return BAD_FUNC_ARG;
-    }
-
-    if (iterations <= 0)
-        iterations = 1;
-
-    hashT = wc_HashTypeConvert(hashType);
-    err = wc_HashGetDigestSize(hashT);
-    if (err < 0)
-        return err;
-    digestLen = err;
-
-    /* initialize hash */
-    WC_ALLOC_VAR_EX(hash, wc_HashAlg, 1, heap, DYNAMIC_TYPE_HASHCTX,
-        return MEMORY_E);
-
-    err = wc_HashInit_ex(hash, hashT, heap, INVALID_DEVID);
-    if (err != 0) {
-        WC_FREE_VAR_EX(hash, heap, DYNAMIC_TYPE_HASHCTX);
-        return err;
-    }
-
-    keyLeft = keyLen;
-    ivLeft  = ivLen;
-    while (keyOutput < (keyLen + ivLen)) {
-        int digestLeft = digestLen;
-        /* D_(i - 1) */
-        if (keyOutput) { /* first time D_0 is empty */
-            err = wc_HashUpdate(hash, hashT, digest, (word32)digestLen);
-            if (err != 0) break;
-        }
-
-        /* data */
-        err = wc_HashUpdate(hash, hashT, passwd, (word32)passwdLen);
-        if (err != 0) break;
-
-        /* salt */
-        if (salt) {
-            err = wc_HashUpdate(hash, hashT, salt, (word32)saltLen);
-            if (err != 0) break;
-        }
-
-        err = wc_HashFinal(hash, hashT, digest);
-        if (err != 0) break;
-
-        /* count */
-        for (i = 1; i < iterations; i++) {
-            err = wc_HashUpdate(hash, hashT, digest, (word32)digestLen);
-            if (err != 0) break;
-
-            err = wc_HashFinal(hash, hashT, digest);
-            if (err != 0) break;
-        }
-
-        if (err != 0) break;
-
-        if (keyLeft) {
-            store = (int)min((word32)keyLeft, (word32)digestLen);
-            XMEMCPY(&key[keyLen - keyLeft], digest, (size_t)store);
-
-            keyOutput  += store;
-            keyLeft    -= store;
-            digestLeft -= store;
-        }
-
-        if (ivLeft && digestLeft) {
-            store = (int)min((word32)ivLeft, (word32)digestLeft);
-            if (iv != NULL)
-                XMEMCPY(&iv[ivLen - ivLeft],
-                        &digest[digestLen - digestLeft], (size_t)store);
-            keyOutput += store;
-            ivLeft    -= store;
-        }
-    }
-
-    wc_HashFree(hash, hashT);
-
-    WC_FREE_VAR_EX(hash, heap, DYNAMIC_TYPE_HASHCTX);
-
-    if (err != 0)
-        return err;
-
-    if (keyOutput != (keyLen + ivLen))
-        return BUFFER_E;
-
-    return err;
-}
-
-/* PKCS#5 v1.5 */
-int wc_PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt,
-           int sLen, int iterations, int kLen, int hashType)
-{
-
-    return wc_PBKDF1_ex(output, kLen, NULL, 0,
-        passwd, pLen, salt, sLen, iterations, hashType, NULL);
-}
-
-#endif /* HAVE_PKCS5 */
-
-#if defined(HAVE_PBKDF2) && !defined(NO_HMAC)
-
-int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen, const byte* salt,
-           int sLen, int iterations, int kLen, int hashType, void* heap, int devId)
-{
-    int    hLen;
-    int    ret;
-#ifdef WOLFSSL_SMALL_STACK
-    byte*  buffer;
-    Hmac*  hmac;
-#else
-    byte   buffer[WC_MAX_DIGEST_SIZE];
-    Hmac   hmac[1];
-#endif
-    enum wc_HashType hashT;
-
-    if (output == NULL || pLen < 0 || sLen < 0 || kLen < 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#if FIPS_VERSION3_GE(6,0,0)
-    /* Per SP800-132 section 5 "The kLen value shall be at least 112 bits in
-     * length", ensure the returned bits for the derived master key are at a
-     * minimum 14-bytes or 112-bits after stretching and strengthening
-     * (iterations) */
-    if (kLen < HMAC_FIPS_MIN_KEY)
-        return BAD_LENGTH_E;
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0) && defined(DEBUG_WOLFSSL)
-    /* SP800-132 section 5.2 recommends an iteration count of 1000 but this is
-     * not strictly enforceable and is listed in Appendix B Table 1 as a
-     * non-testable requirement. wolfCrypt will log it when appropriate but
-     * take no action */
-    if (iterations < 1000) {
-        WOLFSSL_MSG("WARNING: Iteration < 1,000, see SP800-132 section 5.2");
-    }
-#endif
-    if (iterations <= 0)
-        iterations = 1;
-
-    hashT = wc_HashTypeConvert(hashType);
-    hLen = wc_HashGetDigestSize(hashT);
-    if (hLen < 0)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-    buffer = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (buffer == NULL)
-        return MEMORY_E;
-    hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
-    if (hmac == NULL) {
-        XFREE(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    ret = wc_HmacInit(hmac, heap, devId);
-    if (ret == 0) {
-        word32 i = 1;
-        /* use int hashType here, since HMAC FIPS uses the old unique value */
-    #if FIPS_VERSION3_GE(6,0,0)
-        {
-            /* Allow passwords that are less than 14-bytes for compatibility
-             * / interoperability, only since module v6.0.0 */
-            int allowShortPasswd = 1;
-            ret = wc_HmacSetKey_ex(hmac, hashType, passwd, (word32)pLen,
-                                   allowShortPasswd);
-        }
-    #else
-        ret = wc_HmacSetKey(hmac, hashType, passwd, (word32)pLen);
-    #endif
-
-        while (ret == 0 && kLen) {
-            int currentLen;
-            int j;
-
-            ret = wc_HmacUpdate(hmac, salt, (word32)sLen);
-            if (ret != 0)
-                break;
-
-            /* encode i */
-            for (j = 0; j < 4; j++) {
-                byte b = (byte)(i >> ((3-j) * 8));
-
-                ret = wc_HmacUpdate(hmac, &b, 1);
-                if (ret != 0)
-                    break;
-            }
-
-            /* check ret from inside for loop */
-            if (ret != 0)
-                break;
-
-            ret = wc_HmacFinal(hmac, buffer);
-            if (ret != 0)
-                break;
-
-            currentLen = (int)min((word32)kLen, (word32)hLen);
-            XMEMCPY(output, buffer, (size_t)currentLen);
-
-            for (j = 1; j < iterations; j++) {
-                ret = wc_HmacUpdate(hmac, buffer, (word32)hLen);
-                if (ret != 0)
-                    break;
-                ret = wc_HmacFinal(hmac, buffer);
-                if (ret != 0)
-                    break;
-                xorbuf(output, buffer, (word32)currentLen);
-            }
-
-            /* check ret from inside for loop */
-            if (ret != 0)
-                break;
-
-            output += currentLen;
-            kLen   -= currentLen;
-            i++;
-        }
-        wc_HmacFree(hmac);
-    }
-
-    WC_FREE_VAR_EX(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(hmac, heap, DYNAMIC_TYPE_HMAC);
-
-    return ret;
-}
-
-int wc_PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt,
-           int sLen, int iterations, int kLen, int hashType)
-{
-    return wc_PBKDF2_ex(output, passwd, pLen, salt, sLen, iterations, kLen,
-        hashType, NULL, INVALID_DEVID);
-}
-
-#endif /* HAVE_PBKDF2 && !NO_HMAC */
-
-#ifdef HAVE_PKCS12
-
-/* helper for PKCS12_PBKDF(), does hash operation */
-static int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen,
-                 byte* Ai, word32 u, int iterations)
-{
-    int i;
-    int ret = 0;
-    WC_DECLARE_VAR(hash, wc_HashAlg, 1, 0);
-    enum wc_HashType hashT;
-
-    if (buffer == NULL || Ai == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    hashT = wc_HashTypeConvert(hashType);
-
-    /* initialize hash */
-    WC_ALLOC_VAR_EX(hash, wc_HashAlg, 1, NULL, DYNAMIC_TYPE_HASHCTX,
-        return MEMORY_E);
-
-    ret = wc_HashInit(hash, hashT);
-    if (ret != 0) {
-        WC_FREE_VAR_EX(hash, NULL, DYNAMIC_TYPE_HASHCTX);
-        return ret;
-    }
-
-    ret = wc_HashUpdate(hash, hashT, buffer, totalLen);
-
-    if (ret == 0)
-        ret = wc_HashFinal(hash, hashT, Ai);
-
-    for (i = 1; i < iterations; i++) {
-        if (ret == 0)
-            ret = wc_HashUpdate(hash, hashT, Ai, u);
-        if (ret == 0)
-            ret = wc_HashFinal(hash, hashT, Ai);
-    }
-
-    wc_HashFree(hash, hashT);
-
-    WC_FREE_VAR_EX(hash, NULL, DYNAMIC_TYPE_HASHCTX);
-
-    return ret;
-}
-
-
-int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,
-    const byte* salt, int saltLen, int iterations, int kLen, int hashType,
-    int id)
-{
-    return wc_PKCS12_PBKDF_ex(output, passwd, passLen, salt, saltLen,
-                              iterations, kLen, hashType, id, NULL);
-}
-
-
-/* extended API that allows a heap hint to be used */
-int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
-                       const byte* salt, int saltLen, int iterations, int kLen,
-                       int hashType, int id, void* heap)
-{
-    /* all in bytes instead of bits */
-    word32 u, v, dLen, pLen, iLen, sLen, totalLen;
-    int    dynamic = 0;
-    int    ret = 0;
-    word32 i;
-    byte   *D, *S, *P, *I;
-#ifdef WOLFSSL_SMALL_STACK
-    byte   staticBuffer[1]; /* force dynamic usage */
-#else
-    byte   staticBuffer[1024];
-#endif
-    byte*  buffer = staticBuffer;
-
-#ifdef WOLFSSL_SMALL_STACK
-    byte*  Ai = NULL;
-    byte*  B = NULL;
-    mp_int *B1 = NULL;
-    mp_int *i1 = NULL;
-    mp_int *res = NULL;
-#else
-    byte   Ai[WC_MAX_DIGEST_SIZE];
-    byte   B[WC_MAX_BLOCK_SIZE];
-    mp_int B1[1];
-    mp_int i1[1];
-    mp_int res[1];
-#endif
-    enum wc_HashType hashT;
-
-    (void)heap;
-
-    if (output == NULL || passLen <= 0 || saltLen <= 0 || kLen < 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (iterations <= 0)
-        iterations = 1;
-
-    hashT = wc_HashTypeConvert(hashType);
-    ret = wc_HashGetDigestSize(hashT);
-    if (ret < 0)
-        return ret;
-    if (ret == 0)
-        return BAD_STATE_E;
-    u = (word32)ret;
-
-    ret = wc_HashGetBlockSize(hashT);
-    if (ret < 0)
-        return ret;
-    if (ret == 0)
-        return BAD_STATE_E;
-    v = (word32)ret;
-
-#ifdef WOLFSSL_SMALL_STACK
-    Ai = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (Ai == NULL)
-        return MEMORY_E;
-
-    B = (byte*)XMALLOC(WC_MAX_BLOCK_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (B == NULL) {
-        XFREE(Ai, heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    XMEMSET(Ai, 0, WC_MAX_DIGEST_SIZE);
-    XMEMSET(B,  0, WC_MAX_BLOCK_SIZE);
-
-    dLen = v;
-    sLen = v * (((word32)saltLen + v - 1) / v);
-
-    /* with passLen checked at the top of the function for >= 0 then passLen
-     * must be 1 or greater here and is always 'true' */
-    pLen = v * (((word32)passLen + v - 1) / v);
-    iLen = sLen + pLen;
-
-    totalLen = dLen + sLen + pLen;
-
-    if (totalLen > sizeof(staticBuffer)) {
-        buffer = (byte*)XMALLOC(totalLen, heap, DYNAMIC_TYPE_KEY);
-        if (buffer == NULL) {
-            WC_FREE_VAR_EX(Ai, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            WC_FREE_VAR_EX(B, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return MEMORY_E;
-        }
-        dynamic = 1;
-    }
-
-    D = buffer;
-    S = D + dLen;
-    P = S + sLen;
-    I = S;
-
-    XMEMSET(D, id, dLen);
-
-    for (i = 0; i < sLen; i++)
-        S[i] = salt[i % (word32)saltLen];
-    for (i = 0; i < pLen; i++)
-        P[i] = passwd[i % (word32)passLen];
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (((B1 = (mp_int *)XMALLOC(sizeof(*B1), heap, DYNAMIC_TYPE_TMP_BUFFER))
-         == NULL) ||
-        ((i1 = (mp_int *)XMALLOC(sizeof(*i1), heap, DYNAMIC_TYPE_TMP_BUFFER))
-         == NULL) ||
-        ((res = (mp_int *)XMALLOC(sizeof(*res), heap, DYNAMIC_TYPE_TMP_BUFFER))
-         == NULL)) {
-        ret = MEMORY_E;
-        goto out;
-    }
-#endif
-
-    while (kLen > 0) {
-        word32 currentLen;
-
-        ret = DoPKCS12Hash(hashType, buffer, totalLen, Ai, u, iterations);
-        if (ret < 0)
-            break;
-
-        for (i = 0; i < v; i++)
-            B[i] = Ai[(word32)i % u];
-
-        if (mp_init(B1) != MP_OKAY)
-            ret = MP_INIT_E;
-        else if (mp_read_unsigned_bin(B1, B, v) != MP_OKAY)
-            ret = MP_READ_E;
-        else if (mp_add_d(B1, (mp_digit)1, B1) != MP_OKAY)
-            ret = MP_ADD_E;
-
-        if (ret != 0) {
-            mp_clear(B1);
-            break;
-        }
-
-        for (i = 0; i < iLen; i += v) {
-            int    outSz;
-
-            if (mp_init_multi(i1, res, NULL, NULL, NULL, NULL) != MP_OKAY) {
-                ret = MP_INIT_E;
-                break;
-            }
-            if (mp_read_unsigned_bin(i1, I + i, v) != MP_OKAY)
-                ret = MP_READ_E;
-            else if (mp_add(i1, B1, res) != MP_OKAY)
-                ret = MP_ADD_E;
-            else if ( (outSz = mp_unsigned_bin_size(res)) < 0)
-                ret = MP_TO_E;
-            else {
-                if (outSz > (int)v) {
-                    /* take off MSB */
-                    byte  tmp[WC_MAX_BLOCK_SIZE + 1];
-                    ret = mp_to_unsigned_bin(res, tmp);
-                    XMEMCPY(I + i, tmp + 1, v);
-                }
-                else if (outSz < (int)v) {
-                    XMEMSET(I + i, 0, v - (word32)outSz);
-                    ret = mp_to_unsigned_bin(res, I + i + v - (word32)outSz);
-                }
-                else
-                    ret = mp_to_unsigned_bin(res, I + i);
-            }
-
-            mp_clear(i1);
-            mp_clear(res);
-            if (ret < 0) break;
-        }
-
-        if (ret < 0) {
-            mp_clear(B1);
-            break;
-        }
-
-        currentLen = min((word32)kLen, u);
-        XMEMCPY(output, Ai, currentLen);
-        output += currentLen;
-        kLen   -= (int)currentLen;
-        mp_clear(B1);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-  out:
-
-    XFREE(Ai, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(B, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(B1, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(i1, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(res, heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    if (dynamic)
-        XFREE(buffer, heap, DYNAMIC_TYPE_KEY);
-
-    return ret;
-}
-
-#endif /* HAVE_PKCS12 */
-
-#ifdef HAVE_SCRYPT
-#ifdef NO_HMAC
-   #error scrypt requires HMAC
-#endif
-
-/* Rotate the 32-bit value a by b bits to the left.
- *
- * a  32-bit value.
- * b  Number of bits to rotate.
- * returns rotated value.
- */
-#define R(a, b) rotlFixed(a, b)
-
-/* (2^32 - 1) */
-#define SCRYPT_WORD32_MAX 4294967295U
-
-/* One round of Salsa20/8.
- * Code taken from RFC 7914: scrypt PBKDF.
- *
- * out  Output buffer.
- * in   Input data to hash.
- */
-static void scryptSalsa(word32* out, word32* in)
-{
-    int    i;
-    word32 x[16];
-
-#ifdef LITTLE_ENDIAN_ORDER
-    XMEMCPY(x, in, sizeof(x));
-#else
-    for (i = 0; i < 16; i++)
-        x[i] = ByteReverseWord32(in[i]);
-#endif
-    for (i = 8; i > 0; i -= 2) {
-        x[ 4] ^= R(x[ 0] + x[12],  7);  x[ 8] ^= R(x[ 4] + x[ 0],  9);
-        x[12] ^= R(x[ 8] + x[ 4], 13);  x[ 0] ^= R(x[12] + x[ 8], 18);
-        x[ 9] ^= R(x[ 5] + x[ 1],  7);  x[13] ^= R(x[ 9] + x[ 5],  9);
-        x[ 1] ^= R(x[13] + x[ 9], 13);  x[ 5] ^= R(x[ 1] + x[13], 18);
-        x[14] ^= R(x[10] + x[ 6],  7);  x[ 2] ^= R(x[14] + x[10],  9);
-        x[ 6] ^= R(x[ 2] + x[14], 13);  x[10] ^= R(x[ 6] + x[ 2], 18);
-        x[ 3] ^= R(x[15] + x[11],  7);  x[ 7] ^= R(x[ 3] + x[15],  9);
-        x[11] ^= R(x[ 7] + x[ 3], 13);  x[15] ^= R(x[11] + x[ 7], 18);
-        x[ 1] ^= R(x[ 0] + x[ 3],  7);  x[ 2] ^= R(x[ 1] + x[ 0],  9);
-        x[ 3] ^= R(x[ 2] + x[ 1], 13);  x[ 0] ^= R(x[ 3] + x[ 2], 18);
-        x[ 6] ^= R(x[ 5] + x[ 4],  7);  x[ 7] ^= R(x[ 6] + x[ 5],  9);
-        x[ 4] ^= R(x[ 7] + x[ 6], 13);  x[ 5] ^= R(x[ 4] + x[ 7], 18);
-        x[11] ^= R(x[10] + x[ 9],  7);  x[ 8] ^= R(x[11] + x[10],  9);
-        x[ 9] ^= R(x[ 8] + x[11], 13);  x[10] ^= R(x[ 9] + x[ 8], 18);
-        x[12] ^= R(x[15] + x[14],  7);  x[13] ^= R(x[12] + x[15],  9);
-        x[14] ^= R(x[13] + x[12], 13);  x[15] ^= R(x[14] + x[13], 18);
-    }
-#ifdef LITTLE_ENDIAN_ORDER
-    for (i = 0; i < 16; ++i)
-        out[i] = in[i] + x[i];
-#else
-    for (i = 0; i < 16; i++)
-        out[i] = ByteReverseWord32(ByteReverseWord32(in[i]) + x[i]);
-#endif
-}
-
-/* Mix a block using Salsa20/8.
- * Based on RFC 7914: scrypt PBKDF.
- *
- * b  Blocks to mix.
- * y  Temporary storage.
- * r  Size of the block.
- */
-static void scryptBlockMix(byte* b, byte* y, int r)
-{
-#ifdef WORD64_AVAILABLE
-    word64  x[8];
-    word64* b64 = (word64*)b;
-    word64* y64 = (word64*)y;
-#else
-    word32  x[16];
-    word32* b32 = (word32*)b;
-    word32* y32 = (word32*)y;
-#endif
-    int  i;
-    int  j;
-
-    /* Step 1. */
-    XMEMCPY(x, b + (2 * r - 1) * 64, sizeof(x));
-    /* Step 2. */
-    for (i = 0; i < 2 * r; i++)
-    {
-#ifdef WORD64_AVAILABLE
-        for (j = 0; j < 8; j++)
-            x[j] ^= b64[i * 8 + j];
-
-#else
-        for (j = 0; j < 16; j++)
-            x[j] ^= b32[i * 16 + j];
-#endif
-        scryptSalsa((word32*)x, (word32*)x);
-        XMEMCPY(y + i * 64, x, sizeof(x));
-    }
-    /* Step 3. */
-    for (i = 0; i < r; i++) {
-#ifdef WORD64_AVAILABLE
-        for (j = 0; j < 8; j++) {
-            b64[i * 8 + j] = y64[2 * i * 8 + j];
-            b64[(r + i) * 8 + j] = y64[(2 * i + 1) * 8 + j];
-        }
-#else
-        for (j = 0; j < 16; j++) {
-            b32[i * 16 + j] = y32[2 * i * 16 + j];
-            b32[(r + i) * 16 + j] = y32[(2 * i + 1) * 16 + j];
-        }
-#endif
-    }
-}
-
-/* Random oracles mix.
- * Based on RFC 7914: scrypt PBKDF.
- *
- * x  Data to mix.
- * v  Temporary buffer.
- * y  Temporary buffer for the block mix.
- * r  Block size parameter.
- * n  CPU/Memory cost parameter.
- */
-static void scryptROMix(byte* x, byte* v, byte* y, int r, word32 n)
-{
-    word32 i;
-    word32 j;
-    word32 k;
-    word32 bSz = (word32)(128 * r);
-#ifdef WORD64_AVAILABLE
-    word64* x64 = (word64*)x;
-    word64* v64 = (word64*)v;
-#else
-    word32* x32 = (word32*)x;
-    word32* v32 = (word32*)v;
-#endif
-
-    /* Step 1. X = B (B not needed therefore not implemented) */
-    /* Step 2. */
-    for (i = 0; i < n; i++)
-    {
-        XMEMCPY(v + i * bSz, x, bSz);
-        scryptBlockMix(x, y, r);
-    }
-
-    /* Step 3. */
-    for (i = 0; i < n; i++)
-    {
-#ifdef LITTLE_ENDIAN_ORDER
-#ifdef WORD64_AVAILABLE
-        j = (word32)(*(word64*)(x + (2*r - 1) * 64) & (n-1));
-#else
-        j = *(word32*)(x + (2*r - 1) * 64) & (n-1);
-#endif
-#else
-        byte* t = x + (2*r - 1) * 64;
-        j = (t[0] | (t[1] << 8) | (t[2] << 16) | ((word32)t[3] << 24)) & (n-1);
-#endif
-#ifdef WORD64_AVAILABLE
-        for (k = 0; k < bSz / 8; k++)
-            x64[k] ^= v64[j * bSz / 8 + k];
-#else
-        for (k = 0; k < bSz / 4; k++)
-            x32[k] ^= v32[j * bSz / 4 + k];
-#endif
-        scryptBlockMix(x, y, r);
-    }
-    /* Step 4. B' = X (B = X = B' so not needed, therefore not implemented) */
-}
-
-/* Generates an key derived from a password and salt using a memory hard
- * algorithm.
- * Implements RFC 7914: scrypt PBKDF.
- *
- * output     The derived key.
- * passwd     The password to derive key from.
- * passLen    The length of the password.
- * salt       The key specific data.
- * saltLen    The length of the salt data.
- * cost       The CPU/memory cost parameter. Range: 1..(128*r/8-1)
- *            (Iterations = 2^cost)
- * blockSize  The number of 128 byte octets in a working block.
- * parallel   The number of parallel mix operations to perform.
- *            (Note: this implementation does not use threads.)
- * dkLen      The length of the derived key in bytes.
- * returns BAD_FUNC_ARG when: blockSize is too large for cost.
- */
-int wc_scrypt(byte* output, const byte* passwd, int passLen,
-              const byte* salt, int saltLen, int cost, int blockSize,
-              int parallel, int dkLen)
-{
-    int    ret = 0;
-    int    i;
-    byte*  v = NULL;
-    byte*  y = NULL;
-    byte*  blocks = NULL;
-    word32 blocksSz;
-    word32 bSz;
-
-    if (blockSize > 8)
-        return BAD_FUNC_ARG;
-
-    if (cost < 1 || cost >= 128 * blockSize / 8 || parallel < 1 || dkLen < 1)
-        return BAD_FUNC_ARG;
-
-    /* The following comparison used to be:
-     *    ((word32)parallel > (SCRYPT_MAX / (128 * blockSize)))
-     * where SCRYPT_MAX is (2^32 - 1) * 32. For some compilers, the RHS of
-     * the comparison is greater than parallel's type. It wouldn't promote
-     * both sides to word64. What follows is just arithmetic simplification.
-     */
-    if (parallel > (int)((SCRYPT_WORD32_MAX / 4) / (word32)blockSize))
-        return BAD_FUNC_ARG;
-
-    bSz = 128 * (word32)blockSize;
-    if (parallel > (int)(SCRYPT_WORD32_MAX / bSz))
-        return BAD_FUNC_ARG;
-    blocksSz = bSz * (word32)parallel;
-    blocks = (byte*)XMALLOC((size_t)blocksSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (blocks == NULL) {
-        ret = MEMORY_E;
-        goto end;
-    }
-
-    /* Check that (1 << cost) * bSz won't overflow or exceed allowed max */
-    if (((size_t)1 << cost) * (size_t)bSz > SCRYPT_WORD32_MAX) {
-        ret = BAD_FUNC_ARG;
-        goto end;
-    }
-
-    /* Temporary for scryptROMix. */
-    v = (byte*)XMALLOC(((size_t)1 << cost) * (size_t)bSz, NULL,
-                         DYNAMIC_TYPE_TMP_BUFFER);
-    if (v == NULL) {
-        ret = MEMORY_E;
-        goto end;
-    }
-    /* Temporary for scryptBlockMix. */
-    y = (byte*)XMALLOC((size_t)(blockSize * 128), NULL,
-                       DYNAMIC_TYPE_TMP_BUFFER);
-    if (y == NULL) {
-        ret = MEMORY_E;
-        goto end;
-    }
-
-    XMEMSET(y, 0, (size_t)(blockSize * 128));
-
-    /* Step 1. */
-    ret = wc_PBKDF2(blocks, passwd, passLen, salt, saltLen, 1, (int)blocksSz,
-                    WC_SHA256);
-    if (ret != 0)
-        goto end;
-
-    /* Step 2. */
-    for (i = 0; i < parallel; i++)
-        scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize,
-                    (word32)((size_t)1 << cost));
-
-    /* Step 3. */
-    ret = wc_PBKDF2(output, passwd, passLen, blocks, (int)blocksSz, 1, dkLen,
-                    WC_SHA256);
-end:
-    XFREE(blocks, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(v, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(y, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/* Generates an key derived from a password and salt using a memory hard
- * algorithm.
- * Implements RFC 7914: scrypt PBKDF.
- *
- * output      Derived key.
- * passwd      Password to derive key from.
- * passLen     Length of the password.
- * salt        Key specific data.
- * saltLen     Length of the salt data.
- * iterations  Number of iterations to perform. Range: 1 << (1..(128*r/8-1))
- * blockSize   Number of 128 byte octets in a working block.
- * parallel    Number of parallel mix operations to perform.
- *             (Note: this implementation does not use threads.)
- * dkLen       Length of the derived key in bytes.
- * returns BAD_FUNC_ARG when: iterations is not a power of 2 or blockSize is too
- *                            large for iterations.
- */
-int wc_scrypt_ex(byte* output, const byte* passwd, int passLen,
-                 const byte* salt, int saltLen, word32 iterations,
-                 int blockSize, int parallel, int dkLen)
-{
-    int cost;
-
-    /* Iterations must be a power of 2. */
-    if ((iterations & (iterations - 1)) != 0)
-        return BAD_FUNC_ARG;
-
-    for (cost = -1; iterations != 0; cost++) {
-        iterations >>= 1;
-    }
-
-    return wc_scrypt(output, passwd, passLen, salt, saltLen, cost, blockSize,
-                     parallel, dkLen);
-}
-#endif /* HAVE_SCRYPT */
-
-#endif /* NO_PWDBASED */
diff --git a/src/ssl/wolfssl/wolfcrypt/rc2.c b/src/ssl/wolfssl/wolfcrypt/rc2.c
deleted file mode 100644
index a75413937..000000000
--- a/src/ssl/wolfssl/wolfcrypt/rc2.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/* rc2.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/*
-
-DESCRIPTION
-This library provides the interface to the RC2 encryption algorithm (RFC 2268)
-
-*/
-
-#ifdef WC_RC2
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#include <wolfssl/wolfcrypt/rc2.h>
-
-/* Table based on value of PI, defined in RFC 2268 */
-static const byte pitable[256] = {
-    0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed,
-    0x28, 0xe9, 0xfd, 0x79, 0x4a, 0xa0, 0xd8, 0x9d,
-    0xc6, 0x7e, 0x37, 0x83, 0x2b, 0x76, 0x53, 0x8e,
-    0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b, 0xfb, 0xa2,
-    0x17, 0x9a, 0x59, 0xf5, 0x87, 0xb3, 0x4f, 0x13,
-    0x61, 0x45, 0x6d, 0x8d, 0x09, 0x81, 0x7d, 0x32,
-    0xbd, 0x8f, 0x40, 0xeb, 0x86, 0xb7, 0x7b, 0x0b,
-    0xf0, 0x95, 0x21, 0x22, 0x5c, 0x6b, 0x4e, 0x82,
-    0x54, 0xd6, 0x65, 0x93, 0xce, 0x60, 0xb2, 0x1c,
-    0x73, 0x56, 0xc0, 0x14, 0xa7, 0x8c, 0xf1, 0xdc,
-    0x12, 0x75, 0xca, 0x1f, 0x3b, 0xbe, 0xe4, 0xd1,
-    0x42, 0x3d, 0xd4, 0x30, 0xa3, 0x3c, 0xb6, 0x26,
-    0x6f, 0xbf, 0x0e, 0xda, 0x46, 0x69, 0x07, 0x57,
-    0x27, 0xf2, 0x1d, 0x9b, 0xbc, 0x94, 0x43, 0x03,
-    0xf8, 0x11, 0xc7, 0xf6, 0x90, 0xef, 0x3e, 0xe7,
-    0x06, 0xc3, 0xd5, 0x2f, 0xc8, 0x66, 0x1e, 0xd7,
-    0x08, 0xe8, 0xea, 0xde, 0x80, 0x52, 0xee, 0xf7,
-    0x84, 0xaa, 0x72, 0xac, 0x35, 0x4d, 0x6a, 0x2a,
-    0x96, 0x1a, 0xd2, 0x71, 0x5a, 0x15, 0x49, 0x74,
-    0x4b, 0x9f, 0xd0, 0x5e, 0x04, 0x18, 0xa4, 0xec,
-    0xc2, 0xe0, 0x41, 0x6e, 0x0f, 0x51, 0xcb, 0xcc,
-    0x24, 0x91, 0xaf, 0x50, 0xa1, 0xf4, 0x70, 0x39,
-    0x99, 0x7c, 0x3a, 0x85, 0x23, 0xb8, 0xb4, 0x7a,
-    0xfc, 0x02, 0x36, 0x5b, 0x25, 0x55, 0x97, 0x31,
-    0x2d, 0x5d, 0xfa, 0x98, 0xe3, 0x8a, 0x92, 0xae,
-    0x05, 0xdf, 0x29, 0x10, 0x67, 0x6c, 0xba, 0xc9,
-    0xd3, 0x00, 0xe6, 0xcf, 0xe1, 0x9e, 0xa8, 0x2c,
-    0x63, 0x16, 0x01, 0x3f, 0x58, 0xe2, 0x89, 0xa9,
-    0x0d, 0x38, 0x34, 0x1b, 0xab, 0x33, 0xff, 0xb0,
-    0xbb, 0x48, 0x0c, 0x5f, 0xb9, 0xb1, 0xcd, 0x2e,
-    0xc5, 0xf3, 0xdb, 0x47, 0xe5, 0xa5, 0x9c, 0x77,
-    0x0a, 0xa6, 0x20, 0x68, 0xfe, 0x7f, 0xc1, 0xad
-};
-
-/**
-  Sets RC2 IV, for use with CBC mode.
-  rc2       RC2 structure to load IV into
-  iv        IV, of size RC2_BLOCK_SIZE octets
-  return    0 on success, negative on error
-*/
-int wc_Rc2SetIV(Rc2* rc2, const byte* iv)
-{
-    if (rc2 == NULL)
-        return BAD_FUNC_ARG;
-
-    if (iv)
-        XMEMCPY(rc2->reg, iv, RC2_BLOCK_SIZE);
-    else
-        XMEMSET(rc2->reg,  0, RC2_BLOCK_SIZE);
-
-    return 0;
-}
-
-/**
-   Set RC2 key, performing key expansion operation
-   rc2      RC2 structure to load expanded key into
-   key      User key, up to 64 bytes
-   length   Length of key, octets
-   bits     Effective RC2 key length in bits (max 1024 bits)
-   return   0 on success, negative on error
- */
-int wc_Rc2SetKey(Rc2* rc2, const byte* key, word32 length,
-                 const byte* iv, word32 bits)
-{
-    int i;
-    unsigned int T8, TM;
-    byte* L = NULL;
-
-    if (rc2 == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (length == 0 || length > 128 || bits == 0 || bits > 1024) {
-        return WC_KEY_SIZE_E;
-    }
-
-    rc2->keylen = length;
-    rc2->bits   = bits;
-
-    L = (byte*)rc2->key;
-    XMEMCPY(L, key, length);
-
-    /* compute effective key length in bytes (T8) */
-    T8 = (bits + 7) >> 3;
-
-    /* TM mask has 8 - (8*T8 - T1) least significant bits set */
-    TM = 0xff >> (8*T8 - bits);
-
-    /* key expansion */
-    for (i = length; i < RC2_MAX_KEY_SIZE; i++) {
-        L[i] = pitable[(L[i-1] + L[i-length]) & 255];
-    }
-
-    L[RC2_MAX_KEY_SIZE - T8] = pitable[L[RC2_MAX_KEY_SIZE - T8] & TM];
-
-    for (i = RC2_MAX_KEY_SIZE-T8-1; i >= 0; i--) {
-        L[i] = pitable[L[i+1] ^ L[i+T8]];
-    }
-
-    /* store key into 16-bit word format */
-    for (i = 0; i < RC2_MAX_KEY_SIZE/2; i++) {
-       rc2->key[i] = (word16)L[2*i] + ((word16)L[2*i+1] << 8);
-    }
-
-    return wc_Rc2SetIV(rc2, iv);
-}
-
-/**
-   RC2 ECB encrypt operation on one single RC2_BLOCK_SIZE block.
-   rc2      Initialized RC2 structure
-   out      [out] Destination for the encrypted ciphertext
-   in       Input plaintext to be encrypted
-   sz       Size of the output buffer, out
-   return   0 on success, negative on error
-*/
-int wc_Rc2EcbEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
-{
-    int i, j = 0;
-    word16 r10, r32, r54, r76;
-    word16* key;
-
-    if (rc2 == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    key = rc2->key;
-
-    if (sz != RC2_BLOCK_SIZE) {
-        return BUFFER_E;
-    }
-
-    r10 = (in[1] << 8) | in[0]; /* R[0] */
-    r32 = (in[3] << 8) | in[2]; /* R[1] */
-    r54 = (in[5] << 8) | in[4]; /* R[2] */
-    r76 = (in[7] << 8) | in[6]; /* R[3] */
-
-    for (i = 0; i < 16; i++) {
-        j = i * 4;
-
-        /* mixing round */
-        r10 = r10 + key[j] + (r76 & r54) + (~r76 & r32);
-        r10 = rotlFixed16(r10, 1);
-
-        r32 = r32 + key[j+1] + (r10 & r76) + (~r10 & r54);
-        r32 = rotlFixed16(r32, 2);
-
-        r54 = r54 + key[j+2] + (r32 & r10) + (~r32 & r76);
-        r54 = rotlFixed16(r54, 3);
-
-        r76 = r76 + key[j+3] + (r54 & r32) + (~r54 & r10);
-        r76 = rotlFixed16(r76, 5);
-
-        /* mashing round on loop 5, 11 */
-        if (i == 4 || i == 10) {
-            r10 = r10 + key[r76 & 63];
-            r32 = r32 + key[r10 & 63];
-            r54 = r54 + key[r32 & 63];
-            r76 = r76 + key[r54 & 63];
-        }
-    }
-
-    out[0] = (byte)r10;
-    out[1] = (byte)(r10 >> 8);
-    out[2] = (byte)r32;
-    out[3] = (byte)(r32 >> 8);
-    out[4] = (byte)r54;
-    out[5] = (byte)(r54 >> 8);
-    out[6] = (byte)r76;
-    out[7] = (byte)(r76 >> 8);
-
-    return 0;
-}
-
-/**
-   RC2 ECB decrypt operation on one single RC2_BLOCK_SIZE block.
-   rc2      Initialized RC2 structure
-   out      [out] Destination for decrypted plaintext
-   in       Input ciphertext to be decrypted
-   sz       Size of the output buffer, out
-   return   0 on success, negative on error
-*/
-int wc_Rc2EcbDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
-{
-    int i, j = 63;
-    word16 r0, r1, r2, r3;
-    word16* key;
-
-    if (rc2 == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    key = rc2->key;
-
-    if (sz != RC2_BLOCK_SIZE) {
-        return BUFFER_E;
-    }
-
-    r0 = (in[1] << 8) | in[0];
-    r1 = (in[3] << 8) | in[2];
-    r2 = (in[5] << 8) | in[4];
-    r3 = (in[7] << 8) | in[6];
-
-    for (i = 16; i > 0; i--) {
-        j = 4*i - 1;
-
-        r3 = rotrFixed16(r3, 5);
-        r3 = r3 - key[j] - (r2 & r1) - (~r2 & r0);
-
-        r2 = rotrFixed16(r2, 3);
-        r2 = r2 - key[j-1] - (r1 & r0) - (~r1 & r3);
-
-        r1 = rotrFixed16(r1, 2);
-        r1 = r1 - key[j-2] - (r0 & r3) - (~r0 & r2);
-
-        r0 = rotrFixed16(r0, 1);
-        r0 = r0 - key[j-3] - (r3 & r2) - (~r3 & r1);
-
-        if (i == 12 || i == 6) {
-            r3 = r3 - key[r2 & 63];
-            r2 = r2 - key[r1 & 63];
-            r1 = r1 - key[r0 & 63];
-            r0 = r0 - key[r3 & 63];
-        }
-    }
-
-    out[0] = (byte)r0;
-    out[1] = (byte)(r0 >> 8);
-    out[2] = (byte)r1;
-    out[3] = (byte)(r1 >> 8);
-    out[4] = (byte)r2;
-    out[5] = (byte)(r2 >> 8);
-    out[6] = (byte)r3;
-    out[7] = (byte)(r3 >> 8);
-
-    return 0;
-}
-
-int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
-{
-    int ret;
-    word32 blocks = (sz / RC2_BLOCK_SIZE);
-
-    if (rc2 == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz == 0) {
-        return 0;
-    }
-
-    while (blocks--) {
-        xorbuf((byte*)rc2->reg, in, RC2_BLOCK_SIZE);
-        ret = wc_Rc2EcbEncrypt(rc2, (byte*)rc2->reg, (byte*)rc2->reg,
-                               RC2_BLOCK_SIZE);
-        if (ret != 0) {
-            return ret;
-        }
-        XMEMCPY(out, rc2->reg, RC2_BLOCK_SIZE);
-
-        out += RC2_BLOCK_SIZE;
-        in  += RC2_BLOCK_SIZE;
-    }
-
-    return 0;
-}
-
-int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
-{
-    int ret;
-    word32 blocks = (sz / RC2_BLOCK_SIZE);
-
-    if (rc2 == NULL || out == NULL || in == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (sz == 0) {
-        return 0;
-    }
-
-    while (blocks--) {
-        XMEMCPY(rc2->tmp, in, RC2_BLOCK_SIZE);
-        ret = wc_Rc2EcbDecrypt(rc2, out, (byte*)rc2->tmp, RC2_BLOCK_SIZE);
-        if (ret != 0) {
-            return ret;
-        }
-        xorbuf(out, (byte*)rc2->reg, RC2_BLOCK_SIZE);
-        /* store iv for next call */
-        XMEMCPY(rc2->reg, rc2->tmp, RC2_BLOCK_SIZE);
-
-        out += RC2_BLOCK_SIZE;
-        in  += RC2_BLOCK_SIZE;
-    }
-
-    return 0;
-}
-
-
-#endif /* WC_RC2 */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/ripemd.c b/src/ssl/wolfssl/wolfcrypt/ripemd.c
deleted file mode 100644
index 73e9d3210..000000000
--- a/src/ssl/wolfssl/wolfcrypt/ripemd.c
+++ /dev/null
@@ -1,364 +0,0 @@
-/* ripemd.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFSSL_RIPEMD
-
-#include <wolfssl/wolfcrypt/ripemd.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-int wc_InitRipeMd(RipeMd* ripemd)
-{
-    if (ripemd == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ripemd->digest[0] = 0x67452301L;
-    ripemd->digest[1] = 0xEFCDAB89L;
-    ripemd->digest[2] = 0x98BADCFEL;
-    ripemd->digest[3] = 0x10325476L;
-    ripemd->digest[4] = 0xC3D2E1F0L;
-
-    ripemd->buffLen = 0;
-    ripemd->loLen   = 0;
-    ripemd->hiLen   = 0;
-
-    return 0;
-}
-
-
-/* for all */
-#define F(x, y, z)    ((x) ^ (y) ^ (z))
-#define G(x, y, z)    ((z) ^ ((x) & ((y)^(z))))
-#define H(x, y, z)    ((z) ^ ((x) | ~(y)))
-#define I(x, y, z)    ((y) ^ ((z) & ((x)^(y))))
-#define J(x, y, z)    ((x) ^ ((y) | ~(z)))
-
-#define k0 0
-#define k1 0x5a827999
-#define k2 0x6ed9eba1
-#define k3 0x8f1bbcdc
-#define k4 0xa953fd4e
-#define k5 0x50a28be6
-#define k6 0x5c4dd124
-#define k7 0x6d703ef3
-#define k8 0x7a6d76e9
-#define k9 0
-
-/* for 160 and 320 */
-#define Subround(f, a, b, c, d, e, x, s, k) \
-    a += f(b, c, d) + (x) + (k);            \
-    (a) = rotlFixed((word32)(a), s) + (e);  \
-    (c) = rotlFixed((word32)(c), 10U)
-
-static void Transform(RipeMd* ripemd)
-{
-    word32 a1, b1, c1, d1, e1, a2, b2, c2, d2, e2;
-    a1 = a2 = ripemd->digest[0];
-    b1 = b2 = ripemd->digest[1];
-    c1 = c2 = ripemd->digest[2];
-    d1 = d2 = ripemd->digest[3];
-    e1 = e2 = ripemd->digest[4];
-
-    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 11, k0);
-    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 1], 14, k0);
-    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 2], 15, k0);
-    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 12, k0);
-    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 4],  5, k0);
-    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[ 5],  8, k0);
-    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[ 6],  7, k0);
-    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[ 7],  9, k0);
-    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 11, k0);
-    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 13, k0);
-    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[10], 14, k0);
-    Subround(F, e1, a1, b1, c1, d1, ripemd->buffer[11], 15, k0);
-    Subround(F, d1, e1, a1, b1, c1, ripemd->buffer[12],  6, k0);
-    Subround(F, c1, d1, e1, a1, b1, ripemd->buffer[13],  7, k0);
-    Subround(F, b1, c1, d1, e1, a1, ripemd->buffer[14],  9, k0);
-    Subround(F, a1, b1, c1, d1, e1, ripemd->buffer[15],  8, k0);
-
-    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 7],  7, k1);
-    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 4],  6, k1);
-    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[13],  8, k1);
-    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 13, k1);
-    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[10], 11, k1);
-    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 6],  9, k1);
-    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[15],  7, k1);
-    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 3], 15, k1);
-    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[12],  7, k1);
-    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 12, k1);
-    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 15, k1);
-    Subround(G, d1, e1, a1, b1, c1, ripemd->buffer[ 5],  9, k1);
-    Subround(G, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 11, k1);
-    Subround(G, b1, c1, d1, e1, a1, ripemd->buffer[14],  7, k1);
-    Subround(G, a1, b1, c1, d1, e1, ripemd->buffer[11], 13, k1);
-    Subround(G, e1, a1, b1, c1, d1, ripemd->buffer[ 8], 12, k1);
-
-    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 11, k2);
-    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[10], 13, k2);
-    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[14],  6, k2);
-    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 4],  7, k2);
-    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 9], 14, k2);
-    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[15],  9, k2);
-    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 13, k2);
-    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[ 1], 15, k2);
-    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 14, k2);
-    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 7],  8, k2);
-    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 13, k2);
-    Subround(H, c1, d1, e1, a1, b1, ripemd->buffer[ 6],  6, k2);
-    Subround(H, b1, c1, d1, e1, a1, ripemd->buffer[13],  5, k2);
-    Subround(H, a1, b1, c1, d1, e1, ripemd->buffer[11], 12, k2);
-    Subround(H, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  7, k2);
-    Subround(H, d1, e1, a1, b1, c1, ripemd->buffer[12],  5, k2);
-
-    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 11, k3);
-    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[ 9], 12, k3);
-    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[11], 14, k3);
-    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[10], 15, k3);
-    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 0], 14, k3);
-    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 8], 15, k3);
-    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[12],  9, k3);
-    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[ 4],  8, k3);
-    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[13],  9, k3);
-    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 3], 14, k3);
-    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 7],  5, k3);
-    Subround(I, b1, c1, d1, e1, a1, ripemd->buffer[15],  6, k3);
-    Subround(I, a1, b1, c1, d1, e1, ripemd->buffer[14],  8, k3);
-    Subround(I, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  6, k3);
-    Subround(I, d1, e1, a1, b1, c1, ripemd->buffer[ 6],  5, k3);
-    Subround(I, c1, d1, e1, a1, b1, ripemd->buffer[ 2], 12, k3);
-
-    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 4],  9, k4);
-    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 0], 15, k4);
-    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[ 5],  5, k4);
-    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 9], 11, k4);
-    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 7],  6, k4);
-    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[12],  8, k4);
-    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 2], 13, k4);
-    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[10], 12, k4);
-    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[14],  5, k4);
-    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[ 1], 12, k4);
-    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[ 3], 13, k4);
-    Subround(J, a1, b1, c1, d1, e1, ripemd->buffer[ 8], 14, k4);
-    Subround(J, e1, a1, b1, c1, d1, ripemd->buffer[11], 11, k4);
-    Subround(J, d1, e1, a1, b1, c1, ripemd->buffer[ 6],  8, k4);
-    Subround(J, c1, d1, e1, a1, b1, ripemd->buffer[15],  5, k4);
-    Subround(J, b1, c1, d1, e1, a1, ripemd->buffer[13],  6, k4);
-
-    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 5],  8, k5);
-    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[14],  9, k5);
-    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 7],  9, k5);
-    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[ 0], 11, k5);
-    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 13, k5);
-    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[ 2], 15, k5);
-    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[11], 15, k5);
-    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 4],  5, k5);
-    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[13],  7, k5);
-    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 6],  7, k5);
-    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[15],  8, k5);
-    Subround(J, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 11, k5);
-    Subround(J, d2, e2, a2, b2, c2, ripemd->buffer[ 1], 14, k5);
-    Subround(J, c2, d2, e2, a2, b2, ripemd->buffer[10], 14, k5);
-    Subround(J, b2, c2, d2, e2, a2, ripemd->buffer[ 3], 12, k5);
-    Subround(J, a2, b2, c2, d2, e2, ripemd->buffer[12],  6, k5);
-
-    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 6],  9, k6);
-    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[11], 13, k6);
-    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 3], 15, k6);
-    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 7],  7, k6);
-    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 12, k6);
-    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[13],  8, k6);
-    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[ 5],  9, k6);
-    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[10], 11, k6);
-    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[14],  7, k6);
-    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[15],  7, k6);
-    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 12, k6);
-    Subround(I, d2, e2, a2, b2, c2, ripemd->buffer[12],  7, k6);
-    Subround(I, c2, d2, e2, a2, b2, ripemd->buffer[ 4],  6, k6);
-    Subround(I, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 15, k6);
-    Subround(I, a2, b2, c2, d2, e2, ripemd->buffer[ 1], 13, k6);
-    Subround(I, e2, a2, b2, c2, d2, ripemd->buffer[ 2], 11, k6);
-
-    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[15],  9, k7);
-    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 5],  7, k7);
-    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 1], 15, k7);
-    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 3], 11, k7);
-    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  8, k7);
-    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[14],  6, k7);
-    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 6],  6, k7);
-    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[ 9], 14, k7);
-    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[11], 12, k7);
-    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 8], 13, k7);
-    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[12],  5, k7);
-    Subround(H, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 14, k7);
-    Subround(H, b2, c2, d2, e2, a2, ripemd->buffer[10], 13, k7);
-    Subround(H, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 13, k7);
-    Subround(H, e2, a2, b2, c2, d2, ripemd->buffer[ 4],  7, k7);
-    Subround(H, d2, e2, a2, b2, c2, ripemd->buffer[13],  5, k7);
-
-    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 8], 15, k8);
-    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[ 6],  5, k8);
-    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 4],  8, k8);
-    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 1], 11, k8);
-    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 14, k8);
-    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[11], 14, k8);
-    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[15],  6, k8);
-    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 0], 14, k8);
-    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 5],  6, k8);
-    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[12],  9, k8);
-    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 12, k8);
-    Subround(G, b2, c2, d2, e2, a2, ripemd->buffer[13],  9, k8);
-    Subround(G, a2, b2, c2, d2, e2, ripemd->buffer[ 9], 12, k8);
-    Subround(G, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  5, k8);
-    Subround(G, d2, e2, a2, b2, c2, ripemd->buffer[10], 15, k8);
-    Subround(G, c2, d2, e2, a2, b2, ripemd->buffer[14],  8, k8);
-
-    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[12],  8, k9);
-    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[15],  5, k9);
-    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[10], 12, k9);
-    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 4],  9, k9);
-    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 1], 12, k9);
-    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[ 5],  5, k9);
-    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[ 8], 14, k9);
-    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 7],  6, k9);
-    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 6],  8, k9);
-    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 2], 13, k9);
-    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[13],  6, k9);
-    Subround(F, a2, b2, c2, d2, e2, ripemd->buffer[14],  5, k9);
-    Subround(F, e2, a2, b2, c2, d2, ripemd->buffer[ 0], 15, k9);
-    Subround(F, d2, e2, a2, b2, c2, ripemd->buffer[ 3], 13, k9);
-    Subround(F, c2, d2, e2, a2, b2, ripemd->buffer[ 9], 11, k9);
-    Subround(F, b2, c2, d2, e2, a2, ripemd->buffer[11], 11, k9);
-
-    c1                = ripemd->digest[1] + c1 + d2;
-    ripemd->digest[1] = ripemd->digest[2] + d1 + e2;
-    ripemd->digest[2] = ripemd->digest[3] + e1 + a2;
-    ripemd->digest[3] = ripemd->digest[4] + a1 + b2;
-    ripemd->digest[4] = ripemd->digest[0] + b1 + c2;
-    ripemd->digest[0] = c1;
-}
-
-
-static WC_INLINE void AddLength(RipeMd* ripemd, word32 len)
-{
-    word32 tmp = ripemd->loLen;
-    if ( (ripemd->loLen += len) < tmp)
-        ripemd->hiLen++;                       /* carry low to high */
-}
-
-
-int wc_RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len)
-{
-    /* do block size increments */
-    byte* local;
-
-    if (ripemd == NULL || (data == NULL && len > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    local = (byte*)ripemd->buffer;
-
-    while (len) {
-        word32 add = min(len, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
-        XMEMCPY(&local[ripemd->buffLen], data, add);
-
-        ripemd->buffLen += add;
-        data         += add;
-        len          -= add;
-
-        if (ripemd->buffLen == RIPEMD_BLOCK_SIZE) {
-            #ifdef BIG_ENDIAN_ORDER
-                ByteReverseWords(ripemd->buffer, ripemd->buffer,
-                                 RIPEMD_BLOCK_SIZE);
-            #endif
-            Transform(ripemd);
-            AddLength(ripemd, RIPEMD_BLOCK_SIZE);
-            ripemd->buffLen = 0;
-        }
-    }
-    return 0;
-}
-
-
-int wc_RipeMdFinal(RipeMd* ripemd, byte* hash)
-{
-    byte* local;
-
-    if (ripemd == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    local = (byte*)ripemd->buffer;
-
-    AddLength(ripemd, ripemd->buffLen);               /* before adding pads */
-
-    /* ensure we have a valid buffer length; */
-    if (ripemd->buffLen > RIPEMD_BLOCK_SIZE) {
-        /* exit with error code if there's a bad buffer size in buffLen */
-        return BAD_STATE_E;
-    } /* buffLen check */
-
-    local[ripemd->buffLen++] = 0x80;  /* add 1 */
-
-    /* pad with zeros */
-    if (ripemd->buffLen > RIPEMD_PAD_SIZE) {
-        XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_BLOCK_SIZE - ripemd->buffLen);
-        ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen;
-
-        #ifdef BIG_ENDIAN_ORDER
-            ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
-        #endif
-        Transform(ripemd);
-        ripemd->buffLen = 0;
-    }
-    XMEMSET(&local[ripemd->buffLen], 0, RIPEMD_PAD_SIZE - ripemd->buffLen);
-
-    /* put lengths in bits */
-    ripemd->loLen = ripemd->loLen << 3;
-    ripemd->hiLen = (ripemd->loLen >> (8*sizeof(ripemd->loLen) - 3)) +
-                 (ripemd->hiLen << 3);
-
-    /* store lengths */
-    #ifdef BIG_ENDIAN_ORDER
-        ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE);
-    #endif
-    /* ! length ordering dependent on digest endian type ! */
-    XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32));
-    XMEMCPY(&local[RIPEMD_PAD_SIZE + sizeof(word32)], &ripemd->hiLen,
-           sizeof(word32));
-
-    Transform(ripemd);
-    #ifdef BIG_ENDIAN_ORDER
-        ByteReverseWords(ripemd->digest, ripemd->digest, RIPEMD_DIGEST_SIZE);
-    #endif
-    XMEMCPY(hash, ripemd->digest, RIPEMD_DIGEST_SIZE);
-
-    return wc_InitRipeMd(ripemd);  /* reset state */
-}
-
-
-#endif /* WOLFSSL_RIPEMD */
diff --git a/src/ssl/wolfssl/wolfcrypt/rsa.c b/src/ssl/wolfssl/wolfcrypt/rsa.c
deleted file mode 100644
index c870dba58..000000000
--- a/src/ssl/wolfssl/wolfcrypt/rsa.c
+++ /dev/null
@@ -1,5377 +0,0 @@
-/* rsa.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/*
-
-DESCRIPTION
-This library provides the interface to the RSA.
-RSA keys can be used to encrypt, decrypt, sign and verify data.
-
-*/
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifndef NO_RSA
-
-#if FIPS_VERSION3_GE(2,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-       #ifdef USE_WINDOWS_API
-               #pragma code_seg(".fipsA$j")
-               #pragma const_seg(".fipsB$j")
-       #endif
-#endif
-
-#include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/logging.h>
-
-#ifdef WOLFSSL_AFALG_XILINX_RSA
-#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
-#endif
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-#include <xsecure_rsaclient.h>
-#endif
-#if defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
-#endif
-#ifdef WOLFSSL_HAVE_SP_RSA
-#include <wolfssl/wolfcrypt/sp.h>
-#endif
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && !defined(WOLFSSL_SP_ASM)
-    /* force off unneeded vector register save/restore. */
-    #undef SAVE_VECTOR_REGISTERS
-    #define SAVE_VECTOR_REGISTERS(fail_clause) SAVE_NO_VECTOR_REGISTERS(fail_clause)
-    #undef RESTORE_VECTOR_REGISTERS
-    #define RESTORE_VECTOR_REGISTERS() RESTORE_NO_VECTOR_REGISTERS()
-#endif
-
-/*
-Possible RSA enable options:
- * NO_RSA:                Overall control of RSA                    default: on
- *                                                                 (not defined)
- * WC_RSA_BLINDING:       Uses Blinding w/ Private Ops              default: on
-                          Note: slower by ~20%
- * WOLFSSL_KEY_GEN:       Allows Private Key Generation             default: off
- * RSA_LOW_MEM:           NON CRT Private Operations, less memory   default: off
- * WC_NO_RSA_OAEP:        Disables RSA OAEP padding                 default: on
- *                                                                 (not defined)
- * WC_RSA_NONBLOCK:       Enables support for RSA non-blocking      default: off
- * WC_RSA_NONBLOCK_TIME:  Enables support for time based blocking   default: off
- *                        time calculation.
- * WC_RSA_NO_FERMAT_CHECK:Don't check for small difference in       default: off
- *                        p and q (Fermat's factorization is       (not defined)
- *                        possible when small difference).
-*/
-
-/*
-RSA Key Size Configuration:
- * FP_MAX_BITS:         With USE_FAST_MATH only                     default: 4096
-    If USE_FAST_MATH then use this to override default.
-    Value is key size * 2. Example: RSA 3072 = 6144
-*/
-
-
-#include <wolfssl/wolfcrypt/random.h>
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_rsa_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000012 };
-    int wolfCrypt_FIPS_RSA_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-enum {
-    RSA_STATE_NONE = 0,
-
-    RSA_STATE_ENCRYPT_PAD,
-    RSA_STATE_ENCRYPT_EXPTMOD,
-    RSA_STATE_ENCRYPT_RES,
-
-    RSA_STATE_DECRYPT_EXPTMOD,
-    RSA_STATE_DECRYPT_UNPAD,
-    RSA_STATE_DECRYPT_RES
-};
-
-static void wc_RsaCleanup(RsaKey* key)
-{
-#if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
-    (!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
-    if (key != NULL) {
-    #ifndef WOLFSSL_RSA_PUBLIC_ONLY
-        /* if private operation zero temp buffer */
-        if ((key->data != NULL && key->dataLen > 0) &&
-            (key->type == RSA_PRIVATE_DECRYPT ||
-             key->type == RSA_PRIVATE_ENCRYPT)) {
-            ForceZero(key->data, key->dataLen);
-        }
-    #endif
-        /* make sure any allocated memory is free'd */
-        if (key->dataIsAlloc) {
-            XFREE(key->data, key->heap, DYNAMIC_TYPE_WOLF_BIGINT);
-            key->dataIsAlloc = 0;
-        }
-
-        key->data = NULL;
-        key->dataLen = 0;
-    }
-#else
-    (void)key;
-#endif
-}
-
-#ifndef WC_NO_CONSTRUCTORS
-RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code)
-{
-    int ret;
-    RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA);
-    if (key == NULL) {
-        ret = MEMORY_E;
-    }
-    else {
-        ret = wc_InitRsaKey_ex(key, heap, devId);
-        if (ret != 0) {
-            XFREE(key, heap, DYNAMIC_TYPE_RSA);
-            key = NULL;
-        }
-    }
-
-    if (result_code != NULL)
-        *result_code = ret;
-
-    return key;
-}
-
-int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-    wc_FreeRsaKey(key);
-    XFREE(key, key->heap, DYNAMIC_TYPE_RSA);
-    if (key_p != NULL)
-        *key_p = NULL;
-    return 0;
-}
-#endif /* !WC_NO_CONSTRUCTORS */
-
-int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMSET(key, 0, sizeof(RsaKey));
-
-    key->type = RSA_TYPE_UNKNOWN;
-    key->state = RSA_STATE_NONE;
-    key->heap = heap;
-#if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
-    (!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
-    key->dataIsAlloc = 0;
-#endif
-    key->data = NULL;
-    key->dataLen = 0;
-#ifdef WC_RSA_BLINDING
-    key->rng = NULL;
-#endif
-
-#ifdef WOLF_CRYPTO_CB
-    key->devId = devId;
-#else
-    (void)devId;
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    #ifdef WOLFSSL_CERT_GEN
-        XMEMSET(&key->certSignCtx, 0, sizeof(CertSignCtx));
-    #endif
-
-    #ifdef WC_ASYNC_ENABLE_RSA
-        #ifdef WOLF_CRYPTO_CB
-        /* prefer crypto callback */
-        if (key->devId != INVALID_DEVID)
-        #endif
-        {
-            /* handle as async */
-            ret = wolfAsync_DevCtxInit(&key->asyncDev,
-                    WOLFSSL_ASYNC_MARKER_RSA, key->heap, devId);
-            if (ret != 0)
-                return ret;
-        }
-    #endif /* WC_ASYNC_ENABLE_RSA */
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-    ret = mp_init_multi(&key->n, &key->e, NULL, NULL, NULL, NULL);
-    if (ret != MP_OKAY)
-        return ret;
-
-#if !defined(WOLFSSL_KEY_GEN) && !defined(OPENSSL_EXTRA) && defined(RSA_LOW_MEM)
-    ret = mp_init_multi(&key->d, &key->p, &key->q, NULL, NULL, NULL);
-#else
-    ret = mp_init_multi(&key->d, &key->p, &key->q, &key->dP, &key->dQ, &key->u);
-#endif
-    if (ret != MP_OKAY) {
-        mp_clear(&key->n);
-        mp_clear(&key->e);
-        return ret;
-    }
-#else
-    ret = mp_init(&key->n);
-    if (ret != MP_OKAY)
-        return ret;
-    ret = mp_init(&key->e);
-    if (ret != MP_OKAY) {
-        mp_clear(&key->n);
-        return ret;
-    }
-#endif
-
-#ifdef WOLFSSL_XILINX_CRYPT
-    key->pubExp = 0;
-    key->mod    = NULL;
-#endif
-
-#ifdef WOLFSSL_AFALG_XILINX_RSA
-    key->alFd = WC_SOCK_NOTSET;
-    key->rdFd = WC_SOCK_NOTSET;
-#endif
-
-#ifdef WOLFSSL_KCAPI_RSA
-    key->handle = NULL;
-#endif
-
-#if defined(WOLFSSL_RENESAS_FSPSM)
-    key->ctx.wrapped_pri1024_key = NULL;
-    key->ctx.wrapped_pub1024_key = NULL;
-    key->ctx.wrapped_pri2048_key = NULL;
-    key->ctx.wrapped_pub2048_key = NULL;
-    key->ctx.keySz = 0;
-#endif
-
-    return ret;
-}
-
-int wc_InitRsaKey(RsaKey* key, void* heap)
-{
-    return wc_InitRsaKey_ex(key, heap, INVALID_DEVID);
-}
-
-#ifdef WOLF_PRIVATE_KEY_ID
-int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap,
-                     int devId)
-{
-    int ret = 0;
-#if defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-    /* SE050 TLS users store a word32 at id, need to cast back */
-    word32* keyPtr = NULL;
-#endif
-
-    if (key == NULL)
-        ret = BAD_FUNC_ARG;
-    if (ret == 0 && (len < 0 || len > RSA_MAX_ID_LEN))
-        ret = BUFFER_E;
-    if (ret == 0)
-        ret = wc_InitRsaKey_ex(key, heap, devId);
-    if (ret == 0 && id != NULL && len != 0) {
-        XMEMCPY(key->id, id, (size_t)len);
-        key->idLen = len;
-    #if defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-        /* Set SE050 ID from word32, populate RsaKey with public from SE050 */
-        if (len == (int)sizeof(word32)) {
-            keyPtr = (word32*)key->id;
-            ret = wc_RsaUseKeyId(key, *keyPtr, 0);
-        }
-    #endif
-    }
-
-    return ret;
-}
-
-int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap, int devId)
-{
-    int ret = 0;
-    int labelLen = 0;
-
-    if (key == NULL || label == NULL)
-        ret = BAD_FUNC_ARG;
-    if (ret == 0) {
-        labelLen = (int)XSTRLEN(label);
-        if (labelLen == 0 || labelLen > RSA_MAX_LABEL_LEN)
-            ret = BUFFER_E;
-    }
-    if (ret == 0)
-        ret = wc_InitRsaKey_ex(key, heap, devId);
-    if (ret == 0) {
-        XMEMCPY(key->label, label, (size_t)labelLen);
-        key->labelLen = labelLen;
-    }
-
-    return ret;
-}
-#endif /* WOLF_PRIVATE_KEY_ID */
-
-
-#ifdef WOLFSSL_XILINX_CRYPT
-#define MAX_E_SIZE 4
-/* Used to setup hardware state
- *
- * key  the RSA key to setup
- *
- * returns 0 on success
- */
-int wc_InitRsaHw(RsaKey* key)
-{
-    unsigned char* m; /* RSA modulus */
-    word32 e = 0;     /* RSA public exponent */
-    int mSz;
-    int eSz;
-    int ret;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    mSz = mp_unsigned_bin_size(&(key->n));
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-    if (mSz > WOLFSSL_XSECURE_RSA_KEY_SIZE) {
-        return BAD_FUNC_ARG;
-    }
-    /* Allocate 4 bytes more for the public exponent. */
-    m = (unsigned char*) XMALLOC(WOLFSSL_XSECURE_RSA_KEY_SIZE + 4, key->heap,
-                                 DYNAMIC_TYPE_KEY);
-#else
-    m = (unsigned char*)XMALLOC(mSz, key->heap, DYNAMIC_TYPE_KEY);
-#endif
-    if (m == NULL) {
-        return MEMORY_E;
-    }
-
-    if (mp_to_unsigned_bin(&(key->n), m) != MP_OKAY) {
-        WOLFSSL_MSG("Unable to get RSA key modulus");
-        XFREE(m, key->heap, DYNAMIC_TYPE_KEY);
-        return MP_READ_E;
-    }
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-    XMEMSET(m + mSz, 0, WOLFSSL_XSECURE_RSA_KEY_SIZE + 4 - mSz);
-#endif
-
-    eSz = mp_unsigned_bin_size(&(key->e));
-    if (eSz > MAX_E_SIZE) {
-        WOLFSSL_MSG("Exponent of size 4 bytes expected");
-        XFREE(m, key->heap, DYNAMIC_TYPE_KEY);
-        return BAD_FUNC_ARG;
-    }
-
-    if (mp_to_unsigned_bin(&(key->e), (byte*)&e + (MAX_E_SIZE - eSz))
-                != MP_OKAY) {
-        XFREE(m, key->heap, DYNAMIC_TYPE_KEY);
-        WOLFSSL_MSG("Unable to get RSA key exponent");
-        return MP_READ_E;
-    }
-
-    /* check for existing mod buffer to avoid memory leak */
-    XFREE(key->mod, key->heap, DYNAMIC_TYPE_KEY);
-
-    key->pubExp = e;
-    key->mod    = m;
-
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-    ret = wc_InitXsecure(&(key->xSec));
-    if (ret != 0) {
-        WOLFSSL_MSG("Unable to initialize xSecure for RSA");
-        XFREE(m, key->heap, DYNAMIC_TYPE_KEY);
-        return ret;
-    }
-    XMEMCPY(&m[WOLFSSL_XSECURE_RSA_KEY_SIZE], &e, sizeof(e));
-    key->mSz = mSz;
-#else
-    if (XSecure_RsaInitialize(&(key->xRsa), key->mod, NULL,
-                (byte*)&(key->pubExp)) != XST_SUCCESS) {
-        WOLFSSL_MSG("Unable to initialize RSA on hardware");
-        XFREE(m, key->heap, DYNAMIC_TYPE_KEY);
-        return BAD_STATE_E;
-    }
-
-#ifdef WOLFSSL_XILINX_PATCH
-   /* currently a patch of xsecure_rsa.c for 2048 bit keys */
-   if (wc_RsaEncryptSize(key) == 256) {
-       if (XSecure_RsaSetSize(&(key->xRsa), 2048) != XST_SUCCESS) {
-           WOLFSSL_MSG("Unable to set RSA key size on hardware");
-           XFREE(m, key->heap, DYNAMIC_TYPE_KEY);
-           return BAD_STATE_E;
-       }
-   }
-#endif
-#endif
-    return 0;
-} /* WOLFSSL_XILINX_CRYPT*/
-
-#elif defined(WOLFSSL_CRYPTOCELL)
-
-int wc_InitRsaHw(RsaKey* key)
-{
-    CRYSError_t ret = 0;
-    byte e[3];
-    word32 eSz = sizeof(e);
-    byte n[256];
-    word32 nSz = sizeof(n);
-    byte d[256];
-    word32 dSz = sizeof(d);
-    byte p[128];
-    word32 pSz = sizeof(p);
-    byte q[128];
-    word32 qSz = sizeof(q);
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_RsaExportKey(key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q, &qSz);
-    if (ret != 0)
-        return MP_READ_E;
-
-    ret = CRYS_RSA_Build_PubKey(&key->ctx.pubKey, e, eSz, n, nSz);
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_Build_PubKey failed");
-        return ret;
-    }
-
-    ret =  CRYS_RSA_Build_PrivKey(&key->ctx.privKey, d, dSz, e, eSz, n, nSz);
-
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_Build_PrivKey failed");
-        return ret;
-    }
-    key->type = RSA_PRIVATE;
-    return 0;
-}
-
-static int cc310_RSA_GenerateKeyPair(RsaKey* key, int size, long e)
-{
-    CRYSError_t             ret = 0;
-    CRYS_RSAKGData_t        KeyGenData;
-    CRYS_RSAKGFipsContext_t FipsCtx;
-    byte ex[3];
-    word16 eSz = sizeof(ex);
-    byte n[256];
-    word16 nSz = sizeof(n);
-
-    ret = CRYS_RSA_KG_GenerateKeyPair(&wc_rndState,
-                        wc_rndGenVectFunc,
-                        (byte*)&e,
-                        3*sizeof(byte),
-                        size,
-                        &key->ctx.privKey,
-                        &key->ctx.pubKey,
-                        &KeyGenData,
-                        &FipsCtx);
-
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_KG_GenerateKeyPair failed");
-        return ret;
-    }
-
-    ret = CRYS_RSA_Get_PubKey(&key->ctx.pubKey, ex, &eSz, n, &nSz);
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_Get_PubKey failed");
-        return ret;
-    }
-    ret = wc_RsaPublicKeyDecodeRaw(n, nSz, ex, eSz, key);
-
-    key->type = RSA_PRIVATE;
-
-    return ret;
-}
-#endif /* WOLFSSL_CRYPTOCELL */
-
-#if defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-/* Use specified hardware key ID with RsaKey operations. Unlike devId,
- * keyId is a word32 so can handle key IDs larger than an int.
- *
- * key    initialized RsaKey struct
- * keyId  hardware key ID which stores RSA key
- * flags  optional flags, currently unused
- *
- * Return 0 on success, negative on error */
-int wc_RsaUseKeyId(RsaKey* key, word32 keyId, word32 flags)
-{
-    (void)flags;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    return se050_rsa_use_key_id(key, keyId);
-}
-
-/* Get hardware key ID associated with this RsaKey structure.
- *
- * key    initialized RsaKey struct
- * keyId  [OUT] output for key ID associated with this structure
- *
- * Returns 0 on success, negative on error.
- */
-int wc_RsaGetKeyId(RsaKey* key, word32* keyId)
-{
-    if (key == NULL || keyId == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    return se050_rsa_get_key_id(key, keyId);
-}
-#endif /* WOLFSSL_SE050 */
-
-int wc_FreeRsaKey(RsaKey* key)
-{
-    int ret = 0;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    wc_RsaCleanup(key);
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA)
-    wolfAsync_DevCtxFree(&key->asyncDev, WOLFSSL_ASYNC_MARKER_RSA);
-#endif
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-    if (key->type == RSA_PRIVATE) {
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
-        mp_forcezero(&key->u);
-        mp_forcezero(&key->dQ);
-        mp_forcezero(&key->dP);
-#endif
-        mp_forcezero(&key->q);
-        mp_forcezero(&key->p);
-        mp_forcezero(&key->d);
-    }
-    else {
-        /* private part */
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
-        mp_clear(&key->u);
-        mp_clear(&key->dQ);
-        mp_clear(&key->dP);
-#endif
-        mp_clear(&key->q);
-        mp_clear(&key->p);
-        mp_clear(&key->d);
-    }
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-
-    /* public part */
-    mp_clear(&key->e);
-    mp_clear(&key->n);
-
-#ifdef WOLFSSL_XILINX_CRYPT
-    XFREE(key->mod, key->heap, DYNAMIC_TYPE_KEY);
-    key->mod = NULL;
-#endif
-
-#ifdef WOLFSSL_AFALG_XILINX_RSA
-    /* make sure that sockets are closed on cleanup */
-    if (key->alFd > 0) {
-        close(key->alFd);
-        key->alFd = WC_SOCK_NOTSET;
-    }
-    if (key->rdFd > 0) {
-        close(key->rdFd);
-        key->rdFd = WC_SOCK_NOTSET;
-    }
-#endif
-
-#ifdef WOLFSSL_KCAPI_RSA
-    KcapiRsa_Free(key);
-#endif
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Check(key, sizeof(RsaKey));
-#endif
-
-#if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
-    wc_fspsm_RsaKeyFree(key);
-#endif
-
-    return ret;
-}
-
-#ifdef WOLFSSL_RSA_KEY_CHECK
-/* Check the pair-wise consistency of the RSA key. */
-static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng)
-{
-    static const char* msg = "Everyone gets Friday off.";
-    byte* sig;
-    byte* plain;
-    int ret = 0;
-    word32 msgLen, plainLen, sigLen;
-
-    msgLen = (word32)XSTRLEN(msg);
-    ret = wc_RsaEncryptSize(key);
-    if (ret < 0)
-        return ret;
-    else if (ret == 0)
-        return BAD_FUNC_ARG;
-    sigLen = (word32)ret;
-
-    WOLFSSL_MSG("Doing RSA consistency test");
-
-    /* Sign and verify. */
-    sig = (byte*)XMALLOC(sigLen, key->heap, DYNAMIC_TYPE_RSA);
-    if (sig == NULL) {
-        return MEMORY_E;
-    }
-    XMEMSET(sig, 0, sigLen);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("Pairwise CT sig", sig, sigLen);
-#endif
-    plain = sig;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    /* Do blocking async calls here, caller does not support WC_PENDING_E */
-    do {
-        if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
-            ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
-        if (ret >= 0)
-#endif
-            ret = wc_RsaSSL_Sign((const byte*)msg, msgLen, sig, sigLen, key, rng);
-#ifdef WOLFSSL_ASYNC_CRYPT
-    } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-#endif
-
-    if (ret > 0) {
-        sigLen = (word32)ret;
-#ifdef WOLFSSL_ASYNC_CRYPT
-        /* Do blocking async calls here, caller does not support WC_PENDING_E */
-        do {
-            if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
-                ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
-            if (ret >= 0)
-#endif
-                ret = wc_RsaSSL_VerifyInline(sig, sigLen, &plain, key);
-#ifdef WOLFSSL_ASYNC_CRYPT
-        } while (ret == WC_NO_ERR_TRACE(WC_PENDING_E));
-#endif
-    }
-
-    if (ret > 0) {
-        plainLen = (word32)ret;
-        ret = (msgLen != plainLen) || (XMEMCMP(plain, msg, msgLen) != 0);
-    }
-
-    if (ret != 0)
-        ret = RSA_KEY_PAIR_E;
-
-    ForceZero(sig, sigLen);
-    XFREE(sig, key->heap, DYNAMIC_TYPE_RSA);
-
-    return ret;
-}
-
-
-int wc_CheckRsaKey(RsaKey* key)
-{
-    WC_DECLARE_VAR(rng, WC_RNG, 1, 0);
-    int ret = 0;
-    DECL_MP_INT_SIZE_DYN(tmp, (key)? mp_bitsused(&key->n) : 0, RSA_MAX_SIZE);
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_CAAM
-    /* can not perform these checks on an encrypted key */
-    if (key->blackKey != 0) {
-        return 0;
-    }
-#endif
-
-    WC_ALLOC_VAR_EX(rng, WC_RNG, 1, NULL, DYNAMIC_TYPE_RNG,
-        return MEMORY_E);
-    NEW_MP_INT_SIZE(tmp, mp_bitsused(&key->n), NULL, DYNAMIC_TYPE_RSA);
-#ifdef MP_INT_SIZE_CHECK_NULL
-    if (tmp == NULL) {
-        XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
-        return MEMORY_E;
-    }
-#endif
-
-    ret = wc_InitRng(rng);
-
-    SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-    if (ret == 0) {
-        if (INIT_MP_INT_SIZE(tmp, mp_bitsused(&key->n)) != MP_OKAY)
-            ret = MP_INIT_E;
-    }
-
-    if (ret == 0)
-        ret = _ifc_pairwise_consistency_test(key, rng);
-
-    /* Check d is less than n. */
-    if (ret == 0 ) {
-        if (mp_cmp(&key->d, &key->n) != MP_LT) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-    /* Check p*q = n. */
-    if (ret == 0 ) {
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        mp_memzero_add("RSA CheckKey tmp", tmp);
-    #endif
-        if (mp_mul(&key->p, &key->q, tmp) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-    if (ret == 0 ) {
-        if (mp_cmp(&key->n, tmp) != MP_EQ) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-
-#ifndef WC_RSA_NO_FERMAT_CHECK
-    /* Fermat's Factorization works when difference between p and q
-     * is less than (conservatively):
-     *     n^(1/4) + 32
-     *  ~= 2^(bit count of n)^(1/4) + 32) = 2^((bit count of n)/4 + 32)
-     */
-    if (ret == 0) {
-        ret = mp_sub(&key->p, &key->q, tmp);
-    }
-    if (ret == 0) {
-        if (mp_count_bits(tmp) <= (mp_count_bits(&key->n) / 4 + 32)) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-#endif
-
-    /* Check dP, dQ and u if they exist */
-    if (ret == 0 && !mp_iszero(&key->dP)) {
-        if (mp_sub_d(&key->p, 1, tmp) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-        }
-        /* Check dP <= p-1. */
-        if (ret == 0) {
-            if (mp_cmp(&key->dP, tmp) != MP_LT) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        /* Check e*dP mod p-1 = 1. (dP = 1/e mod p-1) */
-        if (ret == 0) {
-            if (mp_mulmod(&key->dP, &key->e, tmp, tmp) != MP_OKAY) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        if (ret == 0 ) {
-            if (!mp_isone(tmp)) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-
-        if (ret == 0) {
-            if (mp_sub_d(&key->q, 1, tmp) != MP_OKAY) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        /* Check dQ <= q-1. */
-        if (ret == 0) {
-            if (mp_cmp(&key->dQ, tmp) != MP_LT) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        /* Check e*dP mod p-1 = 1. (dQ = 1/e mod q-1) */
-        if (ret == 0) {
-            if (mp_mulmod(&key->dQ, &key->e, tmp, tmp) != MP_OKAY) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        if (ret == 0 ) {
-            if (!mp_isone(tmp)) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-
-        /* Check u <= p. */
-        if (ret == 0) {
-            if (mp_cmp(&key->u, &key->p) != MP_LT) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        /* Check u*q mod p = 1. (u = 1/q mod p) */
-        if (ret == 0) {
-            if (mp_mulmod(&key->u, &key->q, &key->p, tmp) != MP_OKAY) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-        if (ret == 0 ) {
-            if (!mp_isone(tmp)) {
-                ret = MP_EXPTMOD_E;
-            }
-        }
-    }
-
-    mp_forcezero(tmp);
-
-    RESTORE_VECTOR_REGISTERS();
-
-    wc_FreeRng(rng);
-    FREE_MP_INT_SIZE(tmp, NULL, DYNAMIC_TYPE_RSA);
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(tmp);
-#endif
-
-    return ret;
-}
-#endif /* WOLFSSL_RSA_KEY_CHECK */
-
-
-#if !defined(WC_NO_RSA_OAEP) || defined(WC_RSA_PSS)
-/* Uses MGF1 standard as a mask generation function
-   hType: hash type used
-   seed:  seed to use for generating mask
-   seedSz: size of seed buffer
-   out:   mask output after generation
-   outSz: size of output buffer
- */
-#if !defined(NO_SHA) || !defined(NO_SHA256) || defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
-static int RsaMGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
-                                        byte* out, word32 outSz, void* heap)
-{
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    byte* tmp = NULL;
-    byte   tmpF = 0;     /* 1 if dynamic memory needs freed */
-#else
-    byte tmp[RSA_MAX_SIZE/8];
-#endif
-    /* needs to be large enough for seed size plus counter(4) */
-    byte  tmpA[WC_MAX_DIGEST_SIZE + 4];
-    word32 tmpSz = 0;
-    int hLen;
-    int ret;
-    word32 counter;
-    word32 idx;
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    wc_HashAlg *hash;
-#endif
-    hLen    = wc_HashGetDigestSize(hType);
-    counter = 0;
-    idx     = 0;
-
-    (void)heap;
-
-    XMEMSET(tmpA, 0, sizeof(tmpA));
-    /* check error return of wc_HashGetDigestSize */
-    if (hLen < 0) {
-        return hLen;
-    }
-
-    /* if tmp is not large enough than use some dynamic memory */
-    if ((seedSz + 4) > sizeof(tmpA) || (word32)hLen > sizeof(tmpA)) {
-        /* find largest amount of memory needed which will be the max of
-         * hLen and (seedSz + 4) since tmp is used to store the hash digest */
-        tmpSz = ((seedSz + 4) > (word32)hLen)? seedSz + 4: (word32)hLen;
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        tmp = (byte*)XMALLOC(tmpSz, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        if (tmp == NULL) {
-            return MEMORY_E;
-        }
-        tmpF = 1; /* make sure to free memory when done */
-#else
-        if (tmpSz > RSA_MAX_SIZE/8)
-            return BAD_FUNC_ARG;
-#endif
-    }
-    else {
-        /* use array on the stack */
-    #ifndef WOLFSSL_SMALL_STACK_CACHE
-        tmpSz = sizeof(tmpA);
-    #endif
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        tmp  = tmpA;
-        tmpF = 0; /* no need to free memory at end */
-#endif
-    }
-
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    hash = (wc_HashAlg*)XMALLOC(sizeof(*hash), heap, DYNAMIC_TYPE_DIGEST);
-    if (hash == NULL) {
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        if (tmpF) {
-            XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        }
-    #endif
-        return MEMORY_E;
-    }
-    ret = wc_HashInit_ex(hash, hType, heap, INVALID_DEVID);
-    if (ret != 0) {
-        XFREE(hash, heap, DYNAMIC_TYPE_DIGEST);
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        if (tmpF) {
-            XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        }
-    #endif
-        return ret;
-    }
-#endif
-
-    do {
-        int i = 0;
-        XMEMCPY(tmp, seed, seedSz);
-
-        /* counter to byte array appended to tmp */
-        tmp[seedSz]     = (byte)((counter >> 24) & 0xFF);
-        tmp[seedSz + 1] = (byte)((counter >> 16) & 0xFF);
-        tmp[seedSz + 2] = (byte)((counter >>  8) & 0xFF);
-        tmp[seedSz + 3] = (byte)((counter)       & 0xFF);
-
-        /* hash and append to existing output */
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-        ret = wc_HashUpdate(hash, hType, tmp, (seedSz + 4));
-        if (ret == 0) {
-            ret = wc_HashFinal(hash, hType, tmp);
-        }
-#else
-        ret = wc_Hash(hType, tmp, (seedSz + 4), tmp, tmpSz);
-#endif
-        if (ret != 0) {
-            /* check for if dynamic memory was needed, then free */
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-            if (tmpF) {
-                XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            }
-#endif
-            return ret;
-        }
-
-        for (i = 0; i < hLen && idx < outSz; i++) {
-            out[idx++] = tmp[i];
-        }
-        counter++;
-    } while (idx < outSz);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* check for if dynamic memory was needed, then free */
-    if (tmpF) {
-        XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-    }
-#endif
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    wc_HashFree(hash, hType);
-    XFREE(hash, heap, DYNAMIC_TYPE_DIGEST);
-#endif
-
-    return 0;
-}
-#endif /* SHA2 Hashes */
-
-/* helper function to direct which mask generation function is used
-   switched on type input
- */
-static int RsaMGF(int type, byte* seed, word32 seedSz, byte* out,
-                                                    word32 outSz, void* heap)
-{
-    int ret;
-
-    switch(type) {
-    #ifndef NO_SHA
-        case WC_MGF1SHA1:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA, seed, seedSz, out, outSz, heap);
-            break;
-    #endif
-    #ifndef NO_SHA256
-    #ifdef WOLFSSL_SHA224
-        case WC_MGF1SHA224:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA224, seed, seedSz, out, outSz, heap);
-            break;
-    #endif
-        case WC_MGF1SHA256:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA256, seed, seedSz, out, outSz, heap);
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA384
-        case WC_MGF1SHA384:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA384, seed, seedSz, out, outSz, heap);
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA512
-        case WC_MGF1SHA512:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA512, seed, seedSz, out, outSz, heap);
-            break;
-        #ifndef WOLFSSL_NOSHA512_224
-        case WC_MGF1SHA512_224:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA512_224, seed, seedSz, out, outSz,
-                heap);
-            break;
-        #endif
-        #ifndef WOLFSSL_NOSHA512_256
-        case WC_MGF1SHA512_256:
-            ret = RsaMGF1(WC_HASH_TYPE_SHA512_256, seed, seedSz, out, outSz,
-                heap);
-            break;
-        #endif
-    #endif
-        default:
-            WOLFSSL_MSG("Unknown MGF type: check build options");
-            ret = BAD_FUNC_ARG;
-    }
-
-    /* in case of default avoid unused warning */
-    (void)seed;
-    (void)seedSz;
-    (void)out;
-    (void)outSz;
-    (void)heap;
-
-    return ret;
-}
-#endif /* !WC_NO_RSA_OAEP || WC_RSA_PSS */
-
-
-/* Padding */
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-#ifndef WC_NO_RNG
-#ifndef WC_NO_RSA_OAEP
-static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
-        word32 pkcsBlockLen, byte padValue, WC_RNG* rng,
-        enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen,
-        void* heap)
-{
-    int ret;
-    word32 hLen;
-    int psLen;
-    word32 idx;
-
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        byte* dbMask = NULL;
-        byte* lHash = NULL;
-        byte* seed  = NULL;
-    #else
-        byte dbMask[RSA_MAX_SIZE/8 + RSA_PSS_PAD_SZ];
-        /* must be large enough to contain largest hash */
-        byte lHash[WC_MAX_DIGEST_SIZE];
-        byte seed[WC_MAX_DIGEST_SIZE];
-    #endif
-
-    /* no label is allowed, but catch if no label provided and length > 0 */
-    if (optLabel == NULL && labelLen > 0) {
-        return BUFFER_E;
-    }
-
-    /* limit of label is the same as limit of hash function which is massive */
-    ret = wc_HashGetDigestSize(hType);
-    if (ret < 0) {
-        return ret;
-    }
-    hLen = (word32)ret;
-
-    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-        lHash = (byte*)XMALLOC(hLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        if (lHash == NULL) {
-            return MEMORY_E;
-        }
-        seed = (byte*)XMALLOC(hLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        if (seed == NULL) {
-            XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            return MEMORY_E;
-        }
-    #else
-        /* hLen should never be larger than lHash since size is max digest size,
-           but check before blindly calling wc_Hash */
-        if (hLen > sizeof(lHash)) {
-            WOLFSSL_MSG("OAEP lHash to small for digest!!");
-            return MEMORY_E;
-        }
-    #endif
-
-    if ((ret = wc_Hash(hType, optLabel, labelLen, lHash, hLen)) != 0) {
-        WOLFSSL_MSG("OAEP hash type possibly not supported or lHash to small");
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return ret;
-    }
-
-    /* handles check of location for idx as well as psLen, cast to int to check
-       for pkcsBlockLen(k) - 2 * hLen - 2 being negative
-       This check is similar to decryption where k > 2 * hLen + 2 as msg
-       size approaches 0. In decryption if k is less than or equal -- then there
-       is no possible room for msg.
-       k = RSA key size
-       hLen = hash digest size -- will always be >= 0 at this point
-     */
-    if ((2 * hLen + 2) > pkcsBlockLen) {
-        WOLFSSL_MSG("OAEP pad error hash to big for RSA key size");
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return BAD_FUNC_ARG;
-    }
-
-    if (inputLen > (pkcsBlockLen - 2 * hLen - 2)) {
-        WOLFSSL_MSG("OAEP pad error message too long");
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return BAD_FUNC_ARG;
-    }
-
-    /* concatenate lHash || PS || 0x01 || msg */
-    idx = pkcsBlockLen - 1 - inputLen;
-    psLen = (int)pkcsBlockLen - (int)inputLen - 2 * (int)hLen - 2;
-    if (pkcsBlockLen < inputLen) { /*make sure not writing over end of buffer */
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return BUFFER_E;
-    }
-    XMEMCPY(pkcsBlock + (pkcsBlockLen - inputLen), input, inputLen);
-    pkcsBlock[idx--] = 0x01; /* PS and M separator */
-    XMEMSET(pkcsBlock + idx - psLen + 1, 0, (size_t)psLen);
-    idx -= (word32)psLen;
-
-    idx = idx - hLen + 1;
-    XMEMCPY(pkcsBlock + idx, lHash, hLen);
-
-    /* generate random seed */
-    if ((ret = wc_RNG_GenerateBlock(rng, seed, hLen)) != 0) {
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return ret;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* create maskedDB from dbMask */
-    dbMask = (byte*)XMALLOC(pkcsBlockLen - hLen - 1, heap, DYNAMIC_TYPE_RSA);
-    if (dbMask == NULL) {
-
-            XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            XFREE(seed,  heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return MEMORY_E;
-    }
-#else
-    if (pkcsBlockLen - hLen - 1 > sizeof(dbMask)) {
-        return MEMORY_E;
-    }
-#endif
-    XMEMSET(dbMask, 0, pkcsBlockLen - hLen - 1); /* help static analyzer */
-    ret = RsaMGF(mgf, seed, hLen, dbMask, pkcsBlockLen - hLen - 1, heap);
-    if (ret != 0) {
-            WC_FREE_VAR_EX(dbMask, heap, DYNAMIC_TYPE_RSA);
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return ret;
-    }
-
-    xorbuf(pkcsBlock + hLen + 1, dbMask,pkcsBlockLen - hLen - 1);
-
-    WC_FREE_VAR_EX(dbMask, heap, DYNAMIC_TYPE_RSA);
-
-    /* create maskedSeed from seedMask */
-    pkcsBlock[0] = 0x00;
-    /* create seedMask inline */
-    if ((ret = RsaMGF(mgf, pkcsBlock + hLen + 1, pkcsBlockLen - hLen - 1,
-                                           pkcsBlock + 1, hLen, heap)) != 0) {
-            WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return ret;
-    }
-
-    /* xor created seedMask with seed to make maskedSeed */
-    xorbuf(pkcsBlock + 1, seed, hLen);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    /* Seed must be zeroized now that it has been used. */
-    wc_MemZero_Add("Pad OAEP seed", seed, hLen);
-#endif
-
-    /* Zeroize masking bytes so that padding can't be unmasked. */
-    ForceZero(seed, hLen);
-    #ifdef WOLFSSL_SMALL_STACK
-        XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        XFREE(seed,  heap, DYNAMIC_TYPE_RSA_BUFFER);
-    #elif defined(WOLFSSL_CHECK_MEM_ZERO)
-        wc_MemZero_Check(seed, hLen);
-    #endif
-    (void)padValue;
-
-    return 0;
-}
-#endif /* !WC_NO_RSA_OAEP */
-
-#ifdef WC_RSA_PSS
-
-/* 0x00 .. 0x00 0x01 | Salt | Gen Hash | 0xbc
- * XOR MGF over all bytes down to end of Salt
- * Gen Hash = HASH(8 * 0x00 | Message Hash | Salt)
- *
- * input         Digest of the message.
- * inputLen      Length of digest.
- * pkcsBlock     Buffer to write to.
- * pkcsBlockLen  Length of buffer to write to.
- * rng           Random number generator (for salt).
- * htype         Hash function to use.
- * mgf           Mask generation function.
- * saltLen       Length of salt to put in padding.
- * bits          Length of key in bits.
- * heap          Used for dynamic memory allocation.
- * returns 0 on success, PSS_SALTLEN_E when the salt length is invalid
- * and other negative values on error.
- */
-static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock,
-        word32 pkcsBlockLen, WC_RNG* rng, enum wc_HashType hType, int mgf,
-        int saltLen, int bits, void* heap)
-{
-    int   ret = 0;
-    int   hLen, o, maskLen, hiBits;
-    byte* m;
-    byte* s;
-#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
-    byte msg[RSA_MAX_SIZE/8 + RSA_PSS_PAD_SZ];
-#else
-    byte* msg = NULL;
-#endif
-#if defined(WOLFSSL_PSS_LONG_SALT) || defined(WOLFSSL_PSS_SALT_LEN_DISCOVER)
-    byte* salt;
-#else
-    byte salt[WC_MAX_DIGEST_SIZE];
-#endif
-
-#if defined(WOLFSSL_PSS_LONG_SALT) || defined(WOLFSSL_PSS_SALT_LEN_DISCOVER)
-    if (pkcsBlockLen > RSA_MAX_SIZE/8) {
-        return MEMORY_E;
-    }
-#endif
-
-    hLen = wc_HashGetDigestSize(hType);
-    if (hLen < 0)
-        return hLen;
-    if ((int)inputLen != hLen) {
-        return BAD_FUNC_ARG;
-    }
-
-    hiBits = (bits - 1) & 0x7;
-    if (hiBits == 0) {
-        /* Per RFC8017, set the leftmost 8emLen - emBits bits of the
-           leftmost octet in DB to zero.
-        */
-        *(pkcsBlock++) = 0;
-        pkcsBlockLen--;
-    }
-
-    if (saltLen == RSA_PSS_SALT_LEN_DEFAULT) {
-        saltLen = hLen;
-        #ifdef WOLFSSL_SHA512
-            /* See FIPS 186-4 section 5.5 item (e). */
-            if (bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE) {
-                saltLen = RSA_PSS_SALT_MAX_SZ;
-            }
-        #endif
-    }
-#ifndef WOLFSSL_PSS_LONG_SALT
-    else if (saltLen > hLen) {
-        return PSS_SALTLEN_E;
-    }
-#endif
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    else if (saltLen < RSA_PSS_SALT_LEN_DEFAULT) {
-        return PSS_SALTLEN_E;
-    }
-#else
-    else if (saltLen == RSA_PSS_SALT_LEN_DISCOVER) {
-        saltLen = (int)pkcsBlockLen - hLen - 2;
-        if (saltLen < 0) {
-            return PSS_SALTLEN_E;
-        }
-    }
-    else if (saltLen < RSA_PSS_SALT_LEN_DISCOVER) {
-        return PSS_SALTLEN_E;
-    }
-#endif
-    if ((int)pkcsBlockLen - hLen < saltLen + 2) {
-        return PSS_SALTLEN_E;
-    }
-    maskLen = (int)pkcsBlockLen - 1 - hLen;
-
-#if defined(WOLFSSL_PSS_LONG_SALT) || defined(WOLFSSL_PSS_SALT_LEN_DISCOVER)
-    #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-        msg = (byte*)XMALLOC(
-                          (size_t)(RSA_PSS_PAD_SZ + inputLen + (word32)saltLen),
-                          heap, DYNAMIC_TYPE_RSA_BUFFER);
-        if (msg == NULL) {
-            return MEMORY_E;
-        }
-    #endif
-    salt = s = m = msg;
-    XMEMSET(m, 0, RSA_PSS_PAD_SZ);
-    m += RSA_PSS_PAD_SZ;
-    XMEMCPY(m, input, inputLen);
-    m += inputLen;
-    o = (int)(m - s);
-    if (saltLen > 0) {
-        ret = wc_RNG_GenerateBlock(rng, m, (word32)saltLen);
-        if (ret == 0) {
-            m += saltLen;
-        }
-    }
-#else
-    if ((int)pkcsBlockLen < RSA_PSS_PAD_SZ + (int)inputLen + saltLen) {
-    #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-        msg = (byte*)XMALLOC(
-                          (size_t)(RSA_PSS_PAD_SZ + inputLen + (word32)saltLen),
-                          heap, DYNAMIC_TYPE_RSA_BUFFER);
-        if (msg == NULL) {
-            return MEMORY_E;
-        }
-    #endif
-        m = msg;
-    }
-    else {
-        m = pkcsBlock;
-    }
-    s = m;
-    XMEMSET(m, 0, RSA_PSS_PAD_SZ);
-    m += RSA_PSS_PAD_SZ;
-    XMEMCPY(m, input, inputLen);
-    m += inputLen;
-    o = 0;
-    if (saltLen > 0) {
-        ret = wc_RNG_GenerateBlock(rng, salt, (word32)saltLen);
-        if (ret == 0) {
-            XMEMCPY(m, salt, (size_t)saltLen);
-            m += saltLen;
-        }
-    }
-#endif
-    if (ret == 0) {
-        /* Put Hash at end of pkcsBlock - 1 */
-        ret = wc_Hash(hType, s, (word32)(m - s), pkcsBlock + maskLen, (word32)hLen);
-    }
-    if (ret == 0) {
-       /* Set the last eight bits or trailer field to the octet 0xbc */
-        pkcsBlock[pkcsBlockLen - 1] = RSA_PSS_PAD_TERM;
-
-        ret = RsaMGF(mgf, pkcsBlock + maskLen, (word32)hLen, pkcsBlock, (word32)maskLen, heap);
-    }
-    if (ret == 0) {
-        /* Clear the first high bit when "8emLen - emBits" is non-zero.
-           where emBits = n modBits - 1 */
-        if (hiBits)
-            pkcsBlock[0] &= (byte)((1 << hiBits) - 1);
-
-        m = pkcsBlock + maskLen - saltLen - 1;
-        *(m++) ^= 0x01;
-        xorbuf(m, salt + o, (word32)saltLen);
-    }
-
-#if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-    /* msg is always not NULL as we bail on allocation failure */
-    XFREE(msg, heap, DYNAMIC_TYPE_RSA_BUFFER);
-#endif
-    return ret;
-}
-#endif /* WC_RSA_PSS */
-#endif /* !WC_NO_RNG */
-
-static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
-                           word32 pkcsBlockLen, byte padValue, WC_RNG* rng)
-{
-    if (input == NULL || inputLen == 0 || pkcsBlock == NULL ||
-                                                        pkcsBlockLen == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (pkcsBlockLen - RSA_MIN_PAD_SZ < inputLen) {
-        WOLFSSL_MSG("RsaPad error, invalid length");
-        return RSA_PAD_E;
-    }
-    pkcsBlock[0] = 0x0;       /* set first byte to zero and advance */
-    pkcsBlock++; pkcsBlockLen--;
-    pkcsBlock[0] = padValue;  /* insert padValue */
-
-    if (padValue == RSA_BLOCK_TYPE_1) {
-
-        /* pad with 0xff bytes */
-        XMEMSET(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2);
-    }
-    else {
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WC_NO_RNG)
-        /* pad with non-zero random bytes */
-        word32 padLen, i;
-        int    ret;
-        padLen = pkcsBlockLen - inputLen - 1;
-        ret    = wc_RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
-        if (ret != 0) {
-            return ret;
-        }
-
-        /* remove zeros */
-        for (i = 1; i < padLen; i++) {
-            if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01;
-        }
-#else
-        (void)rng;
-        return RSA_WRONG_TYPE_E;
-#endif
-    }
-
-    pkcsBlock[pkcsBlockLen-inputLen-1] = 0;     /* separator */
-    XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
-
-    return 0;
-}
-
-/* helper function to direct which padding is used */
-int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
-    word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType,
-    enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen,
-    int saltLen, int bits, void* heap)
-{
-    int ret;
-
-    switch (padType)
-    {
-        case WC_RSA_PKCSV15_PAD:
-            /*WOLFSSL_MSG("wolfSSL Using RSA PKCSV15 padding");*/
-            ret = RsaPad(input, inputLen, pkcsBlock, pkcsBlockLen,
-                                                                 padValue, rng);
-            break;
-
-#ifndef WC_NO_RNG
-    #ifndef WC_NO_RSA_OAEP
-        case WC_RSA_OAEP_PAD:
-            WOLFSSL_MSG("wolfSSL Using RSA OAEP padding");
-            ret = RsaPad_OAEP(input, inputLen, pkcsBlock, pkcsBlockLen,
-                           padValue, rng, hType, mgf, optLabel, labelLen, heap);
-            break;
-    #endif
-
-    #ifdef WC_RSA_PSS
-        case WC_RSA_PSS_PAD:
-            WOLFSSL_MSG("wolfSSL Using RSA PSS padding");
-            ret = RsaPad_PSS(input, inputLen, pkcsBlock, pkcsBlockLen, rng,
-                                               hType, mgf, saltLen, bits, heap);
-            break;
-    #endif
-#endif /* !WC_NO_RNG */
-
-    #ifdef WC_RSA_NO_PADDING
-        case WC_RSA_NO_PAD:
-        {
-            int bytes = (bits + WOLFSSL_BIT_SIZE - 1) / WOLFSSL_BIT_SIZE;
-
-            WOLFSSL_MSG("wolfSSL Using NO padding");
-
-            /* In the case of no padding being used check that input is exactly
-             * the RSA key length */
-            if ((bits <= 0) || (inputLen != (word32)bytes)) {
-                WOLFSSL_MSG("Bad input size");
-                ret = RSA_PAD_E;
-            }
-            else {
-                XMEMCPY(pkcsBlock, input, inputLen);
-                ret = 0;
-            }
-            break;
-        }
-    #endif
-
-        default:
-            WOLFSSL_MSG("Unknown RSA Pad Type");
-            ret = RSA_PAD_E;
-    }
-
-    /* silence warning if not used with padding scheme */
-    (void)input;
-    (void)inputLen;
-    (void)pkcsBlock;
-    (void)pkcsBlockLen;
-    (void)padValue;
-    (void)rng;
-    (void)padType;
-    (void)hType;
-    (void)mgf;
-    (void)optLabel;
-    (void)labelLen;
-    (void)saltLen;
-    (void)bits;
-    (void)heap;
-
-    return ret;
-}
-#endif /* WOLFSSL_RSA_VERIFY_ONLY */
-
-
-/* UnPadding */
-#if !defined(WC_NO_RSA_OAEP) && !defined(NO_HASH_WRAPPER)
-/* UnPad plaintext, set start to *output, return length of plaintext,
- * < 0 on error */
-static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
-                            byte **output, enum wc_HashType hType, int mgf,
-                            byte* optLabel, word32 labelLen, void* heap)
-{
-    word32 hLen;
-    volatile int ret;
-    byte h[WC_MAX_DIGEST_SIZE]; /* max digest size */
-    word32 idx;
-    word32 i;
-    volatile word32 inc;
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    byte* tmp  = NULL;
-#else
-    byte tmp[RSA_MAX_SIZE/8 + RSA_PSS_PAD_SZ];
-#endif
-
-    /* no label is allowed, but catch if no label provided and length > 0 */
-    if (optLabel == NULL && labelLen > 0) {
-        return BUFFER_E;
-    }
-
-    ret = wc_HashGetDigestSize(hType);
-    if ((ret < 0) || (pkcsBlockLen < (2 * (word32)ret + 2))) {
-        return BAD_FUNC_ARG;
-    }
-    hLen = (word32)ret;
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    tmp = (byte*)XMALLOC(pkcsBlockLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
-    if (tmp == NULL) {
-        return MEMORY_E;
-    }
-#endif
-    XMEMSET(tmp, 0, pkcsBlockLen);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("OAEP UnPad temp", tmp, pkcsBlockLen);
-#endif
-
-    /* find seedMask value */
-    if ((ret = RsaMGF(mgf, (byte*)(pkcsBlock + (hLen + 1)),
-                            pkcsBlockLen - hLen - 1, tmp, hLen, heap)) != 0) {
-        WC_FREE_VAR_EX(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        return ret;
-    }
-
-    /* xor seedMask value with maskedSeed to get seed value */
-    xorbuf(tmp, pkcsBlock + 1, hLen);
-
-    /* get dbMask value */
-    if ((ret = RsaMGF(mgf, tmp, hLen, tmp + hLen,
-                                       pkcsBlockLen - hLen - 1, heap)) != 0) {
-        ForceZero(tmp, hLen);
-#ifdef WOLFSSL_SMALL_STACK
-        XFREE(tmp, NULL, DYNAMIC_TYPE_RSA_BUFFER);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-        wc_MemZero_Check(tmp, hLen);
-#endif
-        return ret;
-    }
-
-    /* get DB value by doing maskedDB xor dbMask */
-    xorbuf(pkcsBlock + hLen + 1, tmp + hLen, pkcsBlockLen - hLen - 1);
-
-    ForceZero(tmp, pkcsBlockLen);
-#ifdef WOLFSSL_SMALL_STACK
-    /* done with use of tmp buffer */
-    XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    wc_MemZero_Check(tmp, pkcsBlockLen);
-#endif
-
-    /* advance idx to index of PS and msg separator, account for PS size of 0*/
-    idx = hLen + 1 + hLen;
-    /* Don't reveal length of message: look at every byte. */
-    inc = 1;
-    for (i = hLen + 1 + hLen; i < pkcsBlockLen - 1; i++) {
-        /* Looking for non-zero byte. */
-        inc &= 1 - (((word32)0 - pkcsBlock[i]) >> 31);
-        idx += inc;
-    }
-
-    /* create hash of label for comparison with hash sent */
-    if ((ret = wc_Hash(hType, optLabel, labelLen, h, hLen)) != 0) {
-        return ret;
-    }
-
-    /* say no to chosen ciphertext attack.
-       Comparison of lHash, Y, and separator value needs to all happen in
-       constant time.
-       Attackers should not be able to get error condition from the timing of
-       these checks.
-     */
-    ret = 0;
-    ret |= ConstantCompare(pkcsBlock + hLen + 1, h, (int)hLen);
-    ret += pkcsBlock[idx++] ^ 0x01; /* separator value is 0x01 */
-    ret += pkcsBlock[0]     ^ 0x00; /* Y, the first value, should be 0 */
-
-    /* Return 0 data length on error. */
-    idx = ctMaskSelWord32(ctMaskEq(ret, 0), idx, pkcsBlockLen);
-
-    /* adjust pointer to correct location in array and return size of M */
-    *output = (byte*)(pkcsBlock + idx);
-    return (int)(pkcsBlockLen - idx);
-}
-#endif /* !WC_NO_RSA_OAEP */
-
-#ifdef WC_RSA_PSS
-/* 0x00 .. 0x00 0x01 | Salt | Gen Hash | 0xbc
- * MGF over all bytes down to end of Salt
- *
- * pkcsBlock     Buffer holding decrypted data.
- * pkcsBlockLen  Length of buffer.
- * htype         Hash function to use.
- * mgf           Mask generation function.
- * saltLen       Length of salt to put in padding.
- * bits          Length of key in bits.
- * heap          Used for dynamic memory allocation.
- * returns       the sum of salt length and SHA-256 digest size on success.
- *               Otherwise, PSS_SALTLEN_E for an incorrect salt length,
- *               WC_KEY_SIZE_E for an incorrect encoded message (EM) size
-                 and other negative values on error.
- */
-static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
-                        byte **output, enum wc_HashType hType, int mgf,
-                        int saltLen, int bits, void* heap)
-{
-    int   ret;
-    byte* tmp;
-    int   hLen, i, maskLen;
-#ifdef WOLFSSL_SHA512
-    int orig_bits = bits;
-#endif
-#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_STATIC_MEMORY)
-    byte tmp_buf[RSA_MAX_SIZE/8];
-    tmp = tmp_buf;
-
-    if (pkcsBlockLen > RSA_MAX_SIZE/8) {
-        return MEMORY_E;
-    }
-#endif
-
-    hLen = wc_HashGetDigestSize(hType);
-    if (hLen < 0)
-        return hLen;
-    bits = (bits - 1) & 0x7;
-    if ((pkcsBlock[0] & (0xff << bits)) != 0) {
-        return BAD_PADDING_E;
-    }
-    if (bits == 0) {
-        pkcsBlock++;
-        pkcsBlockLen--;
-    }
-    maskLen = (int)pkcsBlockLen - 1 - hLen;
-    if (maskLen < 0) {
-        WOLFSSL_MSG("RsaUnPad_PSS: Hash too large");
-        return WC_KEY_SIZE_E;
-    }
-
-    if (saltLen == RSA_PSS_SALT_LEN_DEFAULT) {
-        saltLen = hLen;
-        #ifdef WOLFSSL_SHA512
-            /* See FIPS 186-4 section 5.5 item (e). */
-            if (orig_bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
-                saltLen = RSA_PSS_SALT_MAX_SZ;
-        #endif
-    }
-#ifndef WOLFSSL_PSS_LONG_SALT
-    else if (saltLen > hLen)
-        return PSS_SALTLEN_E;
-#endif
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    else if (saltLen < RSA_PSS_SALT_LEN_DEFAULT)
-        return PSS_SALTLEN_E;
-    if (maskLen < saltLen + 1) {
-        return PSS_SALTLEN_E;
-    }
-#else
-    else if (saltLen < RSA_PSS_SALT_LEN_DISCOVER)
-        return PSS_SALTLEN_E;
-    if (saltLen != RSA_PSS_SALT_LEN_DISCOVER && maskLen < saltLen + 1) {
-        return WC_KEY_SIZE_E;
-    }
-#endif
-
-    if (pkcsBlock[pkcsBlockLen - 1] != RSA_PSS_PAD_TERM) {
-        WOLFSSL_MSG("RsaUnPad_PSS: Padding Term Error");
-        return BAD_PADDING_E;
-    }
-
-#if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-    tmp = (byte*)XMALLOC((size_t)maskLen, heap, DYNAMIC_TYPE_RSA_BUFFER);
-    if (tmp == NULL) {
-        return MEMORY_E;
-    }
-    XMEMSET(tmp, 0, (size_t)maskLen);
-#endif
-
-    if ((ret = RsaMGF(mgf, pkcsBlock + maskLen, (word32)hLen, tmp, (word32)maskLen,
-                                                                  heap)) != 0) {
-        #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-        XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-        #endif
-        return ret;
-    }
-
-    tmp[0] &= (byte)((1 << bits) - 1);
-    pkcsBlock[0] &= (byte)((1 << bits) - 1);
-#ifdef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    if (saltLen == RSA_PSS_SALT_LEN_DISCOVER) {
-        for (i = 0; i < maskLen - 1; i++) {
-            if (tmp[i] != pkcsBlock[i]) {
-                break;
-            }
-        }
-        if (tmp[i] != (pkcsBlock[i] ^ 0x01)) {
-            #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-            XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            #endif
-            WOLFSSL_MSG("RsaUnPad_PSS: Padding Error Match");
-            return PSS_SALTLEN_RECOVER_E;
-        }
-        saltLen = maskLen - (i + 1);
-    }
-    else
-#endif
-    {
-        for (i = 0; i < maskLen - 1 - saltLen; i++) {
-            if (tmp[i] != pkcsBlock[i]) {
-                #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-                XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-                #endif
-                WOLFSSL_MSG("RsaUnPad_PSS: Padding Error Match");
-                return PSS_SALTLEN_E;
-            }
-        }
-        if (tmp[i] != (pkcsBlock[i] ^ 0x01)) {
-            #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-            XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-            #endif
-            WOLFSSL_MSG("RsaUnPad_PSS: Padding Error End");
-            return PSS_SALTLEN_E;
-        }
-    }
-    xorbuf(pkcsBlock + i, tmp + i, (word32)(maskLen - i));
-
-#if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
-    XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
-#endif
-
-    *output = pkcsBlock + maskLen - saltLen;
-    return saltLen + hLen;
-}
-#endif
-
-/* UnPad plaintext, set start to *output, return length of plaintext,
- * < 0 on error */
-static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
-                    byte **output, byte padValue)
-{
-    int    ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-    word16 i;
-
-    if (output == NULL || pkcsBlockLen < 2 || pkcsBlockLen > 0xFFFF) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (padValue == RSA_BLOCK_TYPE_1) {
-        /* First byte must be 0x00 and Second byte, block type, 0x01 */
-        if (pkcsBlock[0] != 0 || pkcsBlock[1] != RSA_BLOCK_TYPE_1) {
-            WOLFSSL_MSG("RsaUnPad error, invalid formatting");
-            return RSA_PAD_E;
-        }
-
-        /* check the padding until we find the separator */
-        for (i = 2; i < pkcsBlockLen; ) {
-            if (pkcsBlock[i++] != 0xFF) {
-                break;
-            }
-        }
-
-        /* Minimum of 11 bytes of pre-message data and must have separator. */
-        if (i < RSA_MIN_PAD_SZ || pkcsBlock[i-1] != 0) {
-            WOLFSSL_MSG("RsaUnPad error, bad formatting");
-            return RSA_PAD_E;
-        }
-
-        *output = (byte *)(pkcsBlock + i);
-        ret = (int)pkcsBlockLen - i;
-    }
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-    else {
-        unsigned int    j;
-        volatile word16 pastSep = 0;
-        volatile byte   invalid = 0;
-        volatile byte   minPad;
-        volatile int    invalidMask;
-
-        i = 0;
-        /* Decrypted with private key - unpad must be constant time. */
-        for (j = 2; j < pkcsBlockLen; j++) {
-           /* Update i if not passed the separator and at separator. */
-            i |= (word16)(~pastSep) & ctMask16Eq(pkcsBlock[j], 0x00) &
-                (word16)(j + 1);
-            pastSep |= ctMask16Eq(pkcsBlock[j], 0x00);
-        }
-
-        /* Minimum of 11 bytes of pre-message data - including leading 0x00. */
-        minPad = ctMaskLT(i, RSA_MIN_PAD_SZ);
-        invalid |= minPad;
-        /* Must have seen separator. */
-        invalid |= (byte)~pastSep;
-        /* First byte must be 0x00. */
-        invalid |= ctMaskNotEq(pkcsBlock[0], 0x00);
-        /* Check against expected block type: padValue */
-        invalid |= ctMaskNotEq(pkcsBlock[1], padValue);
-
-        *output = (byte *)(pkcsBlock + i);
-        invalidMask = (int)-1 + (int)(invalid >> 7);
-        ret = invalidMask & ((int)pkcsBlockLen - i);
-    }
-#endif
-
-    return ret;
-}
-
-/* helper function to direct unpadding
- *
- * bits is the key modulus size in bits
- */
-int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
-                   byte padValue, int padType, enum wc_HashType hType,
-                   int mgf, byte* optLabel, word32 labelLen, int saltLen,
-                   int bits, void* heap)
-{
-    int ret;
-
-    switch (padType) {
-        case WC_RSA_PKCSV15_PAD:
-            /*WOLFSSL_MSG("wolfSSL Using RSA PKCSV15 un-padding");*/
-            ret = RsaUnPad(pkcsBlock, pkcsBlockLen, out, padValue);
-            break;
-
-    #ifndef WC_NO_RSA_OAEP
-        case WC_RSA_OAEP_PAD:
-            WOLFSSL_MSG("wolfSSL Using RSA OAEP un-padding");
-            ret = RsaUnPad_OAEP((byte*)pkcsBlock, pkcsBlockLen, out,
-                                        hType, mgf, optLabel, labelLen, heap);
-            break;
-    #endif
-
-    #ifdef WC_RSA_PSS
-        case WC_RSA_PSS_PAD:
-            WOLFSSL_MSG("wolfSSL Using RSA PSS un-padding");
-            ret = RsaUnPad_PSS((byte*)pkcsBlock, pkcsBlockLen, out, hType, mgf,
-                                                           saltLen, bits, heap);
-            break;
-    #endif
-
-    #ifdef WC_RSA_NO_PADDING
-        case WC_RSA_NO_PAD:
-            WOLFSSL_MSG("wolfSSL Using NO un-padding");
-
-            /* In the case of no padding being used check that input is exactly
-             * the RSA key length */
-            if (bits <= 0 || pkcsBlockLen !=
-                         ((word32)(bits+WOLFSSL_BIT_SIZE-1)/WOLFSSL_BIT_SIZE)) {
-                WOLFSSL_MSG("Bad input size");
-                ret = RSA_PAD_E;
-            }
-            else {
-                if (out != NULL) {
-                    *out = pkcsBlock;
-                }
-                ret = (int)pkcsBlockLen;
-            }
-            break;
-    #endif /* WC_RSA_NO_PADDING */
-
-        default:
-            WOLFSSL_MSG("Unknown RSA UnPad Type");
-            ret = RSA_PAD_E;
-    }
-
-    /* silence warning if not used with padding scheme */
-    (void)hType;
-    (void)mgf;
-    (void)optLabel;
-    (void)labelLen;
-    (void)saltLen;
-    (void)bits;
-    (void)heap;
-
-    return ret;
-}
-
-int wc_hash2mgf(enum wc_HashType hType)
-{
-    switch (hType) {
-    case WC_HASH_TYPE_NONE:
-        return WC_MGF1NONE;
-    case WC_HASH_TYPE_SHA:
-#ifndef NO_SHA
-        return WC_MGF1SHA1;
-#else
-        break;
-#endif
-    case WC_HASH_TYPE_SHA224:
-#ifdef WOLFSSL_SHA224
-        return WC_MGF1SHA224;
-#else
-        break;
-#endif
-    case WC_HASH_TYPE_SHA256:
-#ifndef NO_SHA256
-        return WC_MGF1SHA256;
-#else
-        break;
-#endif
-    case WC_HASH_TYPE_SHA384:
-#ifdef WOLFSSL_SHA384
-        return WC_MGF1SHA384;
-#else
-        break;
-#endif
-    case WC_HASH_TYPE_SHA512:
-#ifdef WOLFSSL_SHA512
-        return WC_MGF1SHA512;
-#else
-        break;
-#endif
-    case WC_HASH_TYPE_MD2:
-    case WC_HASH_TYPE_MD4:
-    case WC_HASH_TYPE_MD5:
-    case WC_HASH_TYPE_MD5_SHA:
-    #ifndef WOLFSSL_NOSHA512_224
-        case WC_HASH_TYPE_SHA512_224:
-    #endif
-    #ifndef WOLFSSL_NOSHA512_256
-        case WC_HASH_TYPE_SHA512_256:
-    #endif
-    case WC_HASH_TYPE_SHA3_224:
-    case WC_HASH_TYPE_SHA3_256:
-    case WC_HASH_TYPE_SHA3_384:
-    case WC_HASH_TYPE_SHA3_512:
-    case WC_HASH_TYPE_BLAKE2B:
-    case WC_HASH_TYPE_BLAKE2S:
-#ifdef WOLFSSL_SM3
-    case WC_HASH_TYPE_SM3:
-#endif
-    #ifdef WOLFSSL_SHAKE128
-        case WC_HASH_TYPE_SHAKE128:
-    #endif
-    #ifdef WOLFSSL_SHAKE256
-        case WC_HASH_TYPE_SHAKE256:
-    #endif
-    default:
-        break;
-    }
-    WOLFSSL_MSG("Unrecognized or unsupported hash function");
-    return WC_MGF1NONE;
-}
-
-#ifdef WC_RSA_NONBLOCK
-static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
-                          word32* outLen, int type, RsaKey* key)
-{
-    int    ret = 0;
-    word32 keyLen, len;
-
-    if (key == NULL || key->nb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->nb->exptmod.state == TFM_EXPTMOD_NB_INIT) {
-        if (mp_init(&key->nb->tmp) != MP_OKAY) {
-            ret = MP_INIT_E;
-        }
-
-        if (ret == 0) {
-            if (mp_read_unsigned_bin(&key->nb->tmp, (byte*)in, inLen) != MP_OKAY) {
-                ret = MP_READ_E;
-            }
-        }
-    }
-
-    if (ret == 0) {
-        switch(type) {
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-            ret = fp_exptmod_nb(&key->nb->exptmod, &key->nb->tmp, &key->d,
-                &key->n, &key->nb->tmp);
-            if (ret == FP_WOULDBLOCK)
-                return ret;
-            if (ret != MP_OKAY)
-                ret = MP_EXPTMOD_E;
-            break;
-#endif
-        case RSA_PUBLIC_ENCRYPT:
-        case RSA_PUBLIC_DECRYPT:
-            ret = fp_exptmod_nb(&key->nb->exptmod, &key->nb->tmp, &key->e,
-                &key->n, &key->nb->tmp);
-            if (ret == FP_WOULDBLOCK)
-                return ret;
-            if (ret != MP_OKAY)
-                ret = MP_EXPTMOD_E;
-            break;
-        default:
-            ret = RSA_WRONG_TYPE_E;
-            break;
-        }
-    }
-
-    if (ret == 0) {
-        keyLen = wc_RsaEncryptSize(key);
-        if (keyLen > *outLen)
-            ret = RSA_BUFFER_E;
-    }
-    if (ret == 0) {
-        len = mp_unsigned_bin_size(&key->nb->tmp);
-
-        /* pad front w/ zeros to match key length */
-        while (len < keyLen) {
-            *out++ = 0x00;
-            len++;
-        }
-
-        *outLen = keyLen;
-
-        /* convert */
-        if (mp_to_unsigned_bin(&key->nb->tmp, out) != MP_OKAY) {
-             ret = MP_TO_E;
-        }
-    }
-
-    mp_clear(&key->nb->tmp);
-
-    return ret;
-}
-#endif /* WC_RSA_NONBLOCK */
-
-#ifdef WOLFSSL_XILINX_CRYPT
-/*
- * Xilinx hardened crypto acceleration.
- *
- * Returns 0 on success and negative values on error.
- */
-static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
-                          word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    int    ret = 0;
-    word32 keyLen;
-    (void)rng;
-
-    keyLen = wc_RsaEncryptSize(key);
-    if (keyLen > *outLen) {
-        WOLFSSL_MSG("Output buffer is not big enough");
-        return BAD_FUNC_ARG;
-    }
-
-    if (inLen != keyLen) {
-        WOLFSSL_MSG("Expected that inLen equals RSA key length");
-        return BAD_FUNC_ARG;
-    }
-
-    switch(type) {
-    case RSA_PRIVATE_DECRYPT:
-    case RSA_PRIVATE_ENCRYPT:
-    #ifdef WOLFSSL_XILINX_CRYPTO_OLD
-        /* Currently public exponent is loaded by default.
-         * In SDK 2017.1 RSA exponent values are expected to be of 4 bytes
-         * leading to private key operations with Xsecure_RsaDecrypt not being
-         * supported */
-        ret = RSA_WRONG_TYPE_E;
-    #else
-        {
-            byte *d;
-            int dSz;
-#if !defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-            XSecure_Rsa rsa;
-#endif
-
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-            dSz = WOLFSSL_XSECURE_RSA_KEY_SIZE * 2;
-#else
-            dSz = mp_unsigned_bin_size(&key->d);
-#endif
-            d = (byte*)XMALLOC(dSz, key->heap, DYNAMIC_TYPE_PRIVATE_KEY);
-            if (d == NULL) {
-                ret = MEMORY_E;
-            } else {
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-                XMEMSET(d, 0, dSz);
-                XMEMCPY(d, key->mod, key->mSz);
-                ret = mp_to_unsigned_bin(&key->d, &d[WOLFSSL_XSECURE_RSA_KEY_SIZE]);
-#else
-                ret = mp_to_unsigned_bin(&key->d, d);
-                XSecure_RsaInitialize(&rsa, key->mod, NULL, d);
-#endif
-            }
-
-            if (ret == 0) {
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-                WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)d, dSz);
-                WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)in, inLen);
-                if (XSecure_RsaPrivateDecrypt(&(key->xSec.cinst), XIL_CAST_U64(d),
-                                              XIL_CAST_U64(in), inLen,
-                                              XIL_CAST_U64(out)) != XST_SUCCESS) {
-                    ret = BAD_STATE_E;
-                }
-                WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, inLen);
-#else
-                if (XSecure_RsaPrivateDecrypt(&rsa, (u8*)in, inLen, out) !=
-                        XST_SUCCESS) {
-                    ret = BAD_STATE_E;
-                }
-#endif
-            }
-
-            XFREE(d, key->heap, DYNAMIC_TYPE_PRIVATE_KEY);
-        }
-    #endif
-        break;
-    case RSA_PUBLIC_ENCRYPT:
-    case RSA_PUBLIC_DECRYPT:
-#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
-        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)key->mod,
-                                       WOLFSSL_XSECURE_RSA_KEY_SIZE + 4);
-        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)in, inLen);
-        if (XSecure_RsaPublicEncrypt(&(key->xSec.cinst),
-                                     XIL_CAST_U64(key->mod),
-                                     XIL_CAST_U64(in), inLen,
-                                     XIL_CAST_U64(out))) {
-            WOLFSSL_MSG("RSA public operation failed");
-            ret = BAD_STATE_E;
-        }
-        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, inLen);
-#elif defined(WOLFSSL_XILINX_CRYPTO_OLD)
-        if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) {
-            ret = BAD_STATE_E;
-        }
-#else
-        /* starting at Xilinx release 2019 the function XSecure_RsaDecrypt was removed */
-        if (XSecure_RsaPublicEncrypt(&(key->xRsa), (u8*)in, inLen, out) != XST_SUCCESS) {
-            WOLFSSL_MSG("Error happened when calling hardware RSA public operation");
-            ret = BAD_STATE_E;
-        }
-#endif
-        break;
-    default:
-        ret = RSA_WRONG_TYPE_E;
-    }
-
-    *outLen = keyLen;
-
-    return ret;
-}
-
-#elif defined(WOLFSSL_AFALG_XILINX_RSA)
-#ifndef ERROR_OUT
-#define ERROR_OUT(x) ret = (x); goto done
-#endif
-
-static const char WC_TYPE_ASYMKEY[] = "skcipher";
-static const char WC_NAME_RSA[] = "xilinx-zynqmp-rsa";
-#ifndef MAX_XILINX_RSA_KEY
-    /* max key size of 4096 bits / 512 bytes */
-    #define MAX_XILINX_RSA_KEY 512
-#endif
-static const byte XILINX_RSA_FLAG[] = {0x1};
-
-
-/* AF_ALG implementation of RSA */
-static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
-                          word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    struct msghdr   msg;
-    struct cmsghdr* cmsg;
-    struct iovec      iov;
-    byte*  keyBuf   = NULL;
-    word32 keyBufSz = 0;
-    char cbuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) + 1)] = {0};
-    int    ret = 0;
-    int    op  = 0;    /* decryption vs encryption flag */
-    word32 keyLen;
-
-    /* input and output buffer need to be aligned */
-    ALIGN64 byte outBuf[MAX_XILINX_RSA_KEY];
-    ALIGN64 byte inBuf[MAX_XILINX_RSA_KEY];
-
-    XMEMSET(&msg, 0, sizeof(struct msghdr));
-    (void)rng;
-
-    keyLen = wc_RsaEncryptSize(key);
-    if (keyLen > *outLen) {
-        ERROR_OUT(RSA_BUFFER_E);
-    }
-
-    if (keyLen > MAX_XILINX_RSA_KEY) {
-        WOLFSSL_MSG("RSA key size larger than supported");
-        ERROR_OUT(BAD_FUNC_ARG);
-    }
-
-    if (inLen != keyLen) {
-        WOLFSSL_MSG("Expected that inLen equals RSA key length");
-        ERROR_OUT(BAD_FUNC_ARG);
-    }
-
-    if ((keyBuf = (byte*)XMALLOC(keyLen * 2, key->heap, DYNAMIC_TYPE_KEY))
-            == NULL) {
-        ERROR_OUT(MEMORY_E);
-    }
-
-    if ((ret = mp_to_unsigned_bin(&(key->n), keyBuf)) != MP_OKAY) {
-        ERROR_OUT(MP_TO_E);
-    }
-
-    switch(type) {
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-            op = 1; /* set as decrypt */
-            {
-                keyBufSz = mp_unsigned_bin_size(&(key->d));
-                if ((mp_to_unsigned_bin(&(key->d), keyBuf + keyLen))
-                        != MP_OKAY) {
-                    ERROR_OUT(MP_TO_E);
-                }
-            #ifdef WOLFSSL_CHECK_MEM_ZERO
-                /* Seed must be zeroized now that it has been used. */
-                wc_MemZero_Add("RSA Sync Priv Enc/Dec keyBuf", keyBuf + keyLen,
-                    keyBufSz);
-            #endif
-            }
-            break;
-
-        case RSA_PUBLIC_DECRYPT:
-        case RSA_PUBLIC_ENCRYPT: {
-            word32 exp = 0;
-            word32 eSz = mp_unsigned_bin_size(&(key->e));
-            if ((mp_to_unsigned_bin(&(key->e), (byte*)&exp +
-                            (sizeof(word32) - eSz))) != MP_OKAY) {
-                ERROR_OUT(MP_TO_E);
-            }
-            keyBufSz = sizeof(word32);
-            XMEMCPY(keyBuf + keyLen, (byte*)&exp, keyBufSz);
-            break;
-        }
-
-        default:
-            ERROR_OUT(RSA_WRONG_TYPE_E);
-    }
-    keyBufSz += keyLen; /* add size of modulus */
-
-    /* check for existing sockets before creating new ones */
-    if (key->alFd > 0) {
-        close(key->alFd);
-        key->alFd = WC_SOCK_NOTSET;
-    }
-    if (key->rdFd > 0) {
-        close(key->rdFd);
-        key->rdFd = WC_SOCK_NOTSET;
-    }
-
-    /* create new sockets and set the key to use */
-    if ((key->alFd = wc_Afalg_Socket()) < 0) {
-        WOLFSSL_MSG("Unable to create socket");
-        ERROR_OUT(key->alFd);
-    }
-    if ((key->rdFd = wc_Afalg_CreateRead(key->alFd, WC_TYPE_ASYMKEY,
-                    WC_NAME_RSA)) < 0) {
-        WOLFSSL_MSG("Unable to bind and create read/send socket");
-        ERROR_OUT(key->rdFd);
-    }
-    if ((ret = setsockopt(key->alFd, SOL_ALG, ALG_SET_KEY, keyBuf,
-                    keyBufSz)) < 0) {
-        WOLFSSL_MSG("Error setting RSA key");
-        ERROR_OUT(ret);
-    }
-
-    msg.msg_control    = cbuf;
-    msg.msg_controllen = sizeof(cbuf);
-    cmsg = CMSG_FIRSTHDR(&msg);
-    if ((ret = wc_Afalg_SetOp(cmsg, op)) < 0) {
-        ERROR_OUT(ret);
-    }
-
-    /* set flag in IV spot, needed for Xilinx hardware acceleration use */
-    cmsg = CMSG_NXTHDR(&msg, cmsg);
-    if ((ret = wc_Afalg_SetIv(cmsg, (byte*)XILINX_RSA_FLAG,
-                    sizeof(XILINX_RSA_FLAG))) != 0) {
-        ERROR_OUT(ret);
-    }
-
-    /* compose and send msg */
-    XMEMCPY(inBuf, (byte*)in, inLen); /* for alignment */
-    iov.iov_base = inBuf;
-    iov.iov_len  = inLen;
-    msg.msg_iov  = &iov;
-    msg.msg_iovlen = 1;
-    if ((ret = sendmsg(key->rdFd, &msg, 0)) <= 0) {
-        ERROR_OUT(WC_AFALG_SOCK_E);
-    }
-
-    if ((ret = read(key->rdFd, outBuf, inLen)) <= 0) {
-        ERROR_OUT(WC_AFALG_SOCK_E);
-    }
-    XMEMCPY(out, outBuf, ret);
-    *outLen = keyLen;
-
-done:
-    /* clear key data and free buffer */
-    if (keyBuf != NULL) {
-        ForceZero(keyBuf, keyBufSz);
-    }
-    XFREE(keyBuf, key->heap, DYNAMIC_TYPE_KEY);
-
-    if (key->alFd > 0) {
-        close(key->alFd);
-        key->alFd = WC_SOCK_NOTSET;
-    }
-    if (key->rdFd > 0) {
-        close(key->rdFd);
-        key->rdFd = WC_SOCK_NOTSET;
-    }
-
-    return ret;
-}
-
-#elif defined(WOLFSSL_KCAPI_RSA)
-static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
-                              word32* outLen, int type, RsaKey* key,
-                              WC_RNG* rng)
-{
-    int ret;
-
-    (void)rng;
-
-    switch(type) {
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-            ret = KcapiRsa_Decrypt(key, in, inLen, out, outLen);
-            break;
-
-        case RSA_PUBLIC_DECRYPT:
-        case RSA_PUBLIC_ENCRYPT:
-            ret = KcapiRsa_Encrypt(key, in, inLen, out, outLen);
-            break;
-
-        default:
-            ret = RSA_WRONG_TYPE_E;
-    }
-
-    return ret;
-}
-#else
-#ifndef WOLF_CRYPTO_CB_ONLY_RSA
-#ifdef WOLFSSL_HAVE_SP_RSA
-static int RsaFunction_SP(const byte* in, word32 inLen, byte* out,
-    word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    (void)rng;
-
-#ifndef WOLFSSL_SP_NO_2048
-    if (mp_count_bits(&key->n) == 2048) {
-        switch(type) {
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-    #ifdef WC_RSA_BLINDING
-            if (rng == NULL)
-                return MISSING_RNG_E;
-    #endif
-    #ifndef RSA_LOW_MEM
-            if ((mp_count_bits(&key->p) == 1024) &&
-                    (mp_count_bits(&key->q) == 1024) &&
-                    (mp_count_bits(&key->dP) > 0) &&
-                    (mp_count_bits(&key->dQ) > 0) &&
-                    (mp_count_bits(&key->u) > 0)) {
-                return sp_RsaPrivate_2048(in, inLen, &key->d, &key->p, &key->q,
-                                          &key->dP, &key->dQ, &key->u, &key->n,
-                                          out, outLen);
-            }
-            break;
-    #else
-            return sp_RsaPrivate_2048(in, inLen, &key->d, NULL, NULL, NULL,
-                                      NULL, NULL, &key->n, out, outLen);
-    #endif
-#endif
-        case RSA_PUBLIC_ENCRYPT:
-        case RSA_PUBLIC_DECRYPT:
-            return sp_RsaPublic_2048(in, inLen, &key->e, &key->n, out, outLen);
-        default:
-            break;
-        }
-    }
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-    if (mp_count_bits(&key->n) == 3072) {
-        switch(type) {
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-    #ifdef WC_RSA_BLINDING
-            if (rng == NULL)
-                return MISSING_RNG_E;
-    #endif
-    #ifndef RSA_LOW_MEM
-            if ((mp_count_bits(&key->p) == 1536) &&
-                    (mp_count_bits(&key->q) == 1536) &&
-                    (mp_count_bits(&key->dP) > 0) &&
-                    (mp_count_bits(&key->dQ) > 0) &&
-                    (mp_count_bits(&key->u) > 0)) {
-                return sp_RsaPrivate_3072(in, inLen, &key->d, &key->p, &key->q,
-                                          &key->dP, &key->dQ, &key->u, &key->n,
-                                          out, outLen);
-            }
-            break;
-    #else
-            return sp_RsaPrivate_3072(in, inLen, &key->d, NULL, NULL, NULL,
-                                      NULL, NULL, &key->n, out, outLen);
-    #endif
-#endif
-        case RSA_PUBLIC_ENCRYPT:
-        case RSA_PUBLIC_DECRYPT:
-            return sp_RsaPublic_3072(in, inLen, &key->e, &key->n, out, outLen);
-        default:
-            break;
-        }
-    }
-#endif
-#ifdef WOLFSSL_SP_4096
-    if (mp_count_bits(&key->n) == 4096) {
-        switch(type) {
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-    #ifdef WC_RSA_BLINDING
-            if (rng == NULL)
-                return MISSING_RNG_E;
-    #endif
-    #ifndef RSA_LOW_MEM
-            if ((mp_count_bits(&key->p) == 2048) &&
-                    (mp_count_bits(&key->q) == 2048) &&
-                    (mp_count_bits(&key->dP) > 0) &&
-                    (mp_count_bits(&key->dQ) > 0) &&
-                    (mp_count_bits(&key->u) > 0)) {
-                return sp_RsaPrivate_4096(in, inLen, &key->d, &key->p, &key->q,
-                                          &key->dP, &key->dQ, &key->u, &key->n,
-                                          out, outLen);
-            }
-            break;
-    #else
-            return sp_RsaPrivate_4096(in, inLen, &key->d, NULL, NULL, NULL,
-                                      NULL, NULL, &key->n, out, outLen);
-    #endif
-#endif
-        case RSA_PUBLIC_ENCRYPT:
-        case RSA_PUBLIC_DECRYPT:
-            return sp_RsaPublic_4096(in, inLen, &key->e, &key->n, out, outLen);
-        default:
-            break;
-        }
-    }
-#endif
-
-    /* SP not able to do operation. */
-    return WC_KEY_SIZE_E;
-}
-#endif
-
-#if !defined(WOLFSSL_SP_MATH)
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int RsaFunctionPrivate(mp_int* tmp, RsaKey* key, WC_RNG* rng)
-{
-    int    ret = 0;
-#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
-    mp_digit mp = 0;
-    DECL_MP_INT_SIZE_DYN(rnd, mp_bitsused(&key->n), RSA_MAX_SIZE);
-    DECL_MP_INT_SIZE_DYN(rndi, mp_bitsused(&key->n), RSA_MAX_SIZE);
-#endif /* WC_RSA_BLINDING && !WC_NO_RNG */
-
-    (void)rng;
-
-#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
-    NEW_MP_INT_SIZE(rnd, mp_bitsused(&key->n), key->heap, DYNAMIC_TYPE_RSA);
-    NEW_MP_INT_SIZE(rndi, mp_bitsused(&key->n), key->heap, DYNAMIC_TYPE_RSA);
-#ifdef MP_INT_SIZE_CHECK_NULL
-    if ((rnd == NULL) || (rndi == NULL)) {
-        FREE_MP_INT_SIZE(rnd, key->heap, DYNAMIC_TYPE_RSA);
-        FREE_MP_INT_SIZE(rndi, key->heap, DYNAMIC_TYPE_RSA);
-        return MEMORY_E;
-    }
-#endif
-
-    if ((INIT_MP_INT_SIZE(rnd, mp_bitsused(&key->n)) != MP_OKAY) ||
-            (INIT_MP_INT_SIZE(rndi, mp_bitsused(&key->n)) != MP_OKAY)) {
-        ret = MP_INIT_E;
-    }
-
-    if (ret == 0) {
-        /* blind */
-        ret = mp_rand(rnd, mp_get_digit_count(&key->n), rng);
-    }
-    if (ret == 0) {
-        /* rndi = 1/rnd mod n */
-        if (mp_invmod(rnd, &key->n, rndi) != MP_OKAY) {
-            ret = MP_INVMOD_E;
-        }
-    }
-    if (ret == 0) {
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        mp_memzero_add("RSA Private rnd", rnd);
-        mp_memzero_add("RSA Private rndi", rndi);
-    #endif
-
-        /* rnd = rnd^e */
-    #ifndef WOLFSSL_SP_MATH_ALL
-        if (mp_exptmod(rnd, &key->e, &key->n, rnd) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-        }
-    #else
-        if (mp_exptmod_nct(rnd, &key->e, &key->n, rnd) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-        }
-    #endif
-    }
-
-    if (ret == 0) {
-        /* tmp = tmp*rnd mod n */
-        if (mp_mulmod(tmp, rnd, &key->n, tmp) != MP_OKAY) {
-            ret = MP_MULMOD_E;
-        }
-    }
-#endif /* WC_RSA_BLINDING && !WC_NO_RNG */
-
-#ifdef RSA_LOW_MEM      /* half as much memory but twice as slow */
-    if (ret == 0) {
-        if (mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-#else
-    if (ret == 0 && (mp_iszero(&key->p) || mp_iszero(&key->q) ||
-            mp_iszero(&key->dP) || mp_iszero(&key->dQ) || mp_iszero(&key->u))) {
-        if (mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-    else if (ret == 0) {
-        mp_int* tmpa = tmp;
-#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
-        mp_int* tmpb = rnd;
-#else
-        DECL_MP_INT_SIZE_DYN(tmpb, mp_bitsused(&key->n), RSA_MAX_SIZE);
-#endif
-
-#if !defined(WC_RSA_BLINDING) || defined(WC_NO_RNG)
-        NEW_MP_INT_SIZE(tmpb, mp_bitsused(&key->n), key->heap,
-            DYNAMIC_TYPE_RSA);
-    #ifdef MP_INT_SIZE_CHECK_NULL
-        if (tmpb == NULL) {
-            ret = MEMORY_E;
-        }
-    #endif
-        if ((ret == 0) && INIT_MP_INT_SIZE(tmpb, mp_bitsused(&key->n)) !=
-                MP_OKAY) {
-            ret = MP_INIT_E;
-        }
-#endif
-
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        if (ret == 0) {
-            mp_memzero_add("RSA Sync tmpb", tmpb);
-        }
-    #endif
-
-        /* tmpb = tmp^dQ mod q */
-        if (ret == 0 && mp_exptmod(tmp, &key->dQ, &key->q, tmpb) != MP_OKAY)
-            ret = MP_EXPTMOD_E;
-
-        /* tmpa = tmp^dP mod p */
-        if (ret == 0 && mp_exptmod(tmp, &key->dP, &key->p, tmpa) != MP_OKAY)
-            ret = MP_EXPTMOD_E;
-
-        /* tmp = (tmp - tmpb) * qInv (mod p) */
-    #if (defined(WOLFSSL_SP_MATH) || (defined(WOLFSSL_SP_MATH_ALL)) && \
-                                              !defined(WOLFSSL_SP_INT_NEGATIVE))
-        if (ret == 0 && mp_submod(tmpa, tmpb, &key->p, tmp) != MP_OKAY)
-            ret = MP_SUB_E;
-    #else
-        if (ret == 0 && mp_sub(tmpa, tmpb, tmp) != MP_OKAY)
-            ret = MP_SUB_E;
-    #endif
-
-        if (ret == 0 && mp_mulmod(tmp, &key->u, &key->p, tmp) != MP_OKAY)
-            ret = MP_MULMOD_E;
-
-        /* tmp = tmpb + q * tmp */
-        if (ret == 0 && mp_mul(tmp, &key->q, tmp) != MP_OKAY)
-            ret = MP_MUL_E;
-
-        if (ret == 0 && mp_add(tmp, tmpb, tmp) != MP_OKAY)
-            ret = MP_ADD_E;
-
-#if !defined(WC_RSA_BLINDING) || defined(WC_NO_RNG)
-        mp_forcezero(tmpb);
-        FREE_MP_INT_SIZE(tmpb, key->heap, DYNAMIC_TYPE_RSA);
-    #if !defined(MP_INT_SIZE_CHECK_NULL) && defined(WOLFSSL_CHECK_MEM_ZERO)
-        mp_memzero_check(tmpb);
-    #endif
-#endif
-    }
-#endif   /* RSA_LOW_MEM */
-
-#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
-    /* Multiply result (tmp) by blinding invertor (rndi).
-     * Use Montgomery form to make operation more constant time.
-     */
-    if ((ret == 0) && (mp_montgomery_setup(&key->n, &mp) != MP_OKAY)) {
-        ret = MP_MULMOD_E;
-    }
-    if ((ret == 0) && (mp_montgomery_calc_normalization(rnd, &key->n) !=
-            MP_OKAY)) {
-        ret = MP_MULMOD_E;
-    }
-    /* Convert blinding invert to Montgomery form. */
-    if ((ret == 0) && (mp_mul(rndi, rnd, rndi) != MP_OKAY)) {
-        ret = MP_MULMOD_E;
-    }
-    if ((ret == 0) && (mp_mod(rndi, &key->n, rndi) != MP_OKAY)) {
-        ret = MP_MULMOD_E;
-    }
-    /* Multiply result by blinding invert. */
-    if ((ret == 0) && (mp_mul(tmp, rndi, tmp) != MP_OKAY)) {
-        ret = MP_MULMOD_E;
-    }
-    /* Reduce result. */
-    if ((ret == 0) && (mp_montgomery_reduce_ct(tmp, &key->n, mp) != MP_OKAY)) {
-        ret = MP_MULMOD_E;
-    }
-
-    mp_forcezero(rndi);
-    mp_forcezero(rnd);
-    FREE_MP_INT_SIZE(rndi, key->heap, DYNAMIC_TYPE_RSA);
-    FREE_MP_INT_SIZE(rnd, key->heap, DYNAMIC_TYPE_RSA);
-#if !defined(MP_INT_SIZE_CHECK_NULL) && defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(rnd);
-    mp_memzero_check(rndi);
-#endif
-#endif /* WC_RSA_BLINDING && !WC_NO_RNG */
-    return ret;
-}
-#endif
-
-static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
-    word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    DECL_MP_INT_SIZE_DYN(tmp, mp_bitsused(&key->n), RSA_MAX_SIZE);
-    int    ret = 0;
-
-    (void)rng;
-
-    NEW_MP_INT_SIZE(tmp, mp_bitsused(&key->n), key->heap, DYNAMIC_TYPE_RSA);
-#ifdef MP_INT_SIZE_CHECK_NULL
-    if (tmp == NULL) {
-        WOLFSSL_MSG("NEW_MP_INT_SIZE tmp is NULL, return MEMORY_E");
-        return MEMORY_E;
-    }
-#endif
-
-    if (INIT_MP_INT_SIZE(tmp, mp_bitsused(&key->n)) != MP_OKAY) {
-        WOLFSSL_MSG("INIT_MP_INT_SIZE failed.");
-        ret = MP_INIT_E;
-    }
-
-#ifndef TEST_UNPAD_CONSTANT_TIME
-    if (ret == 0 && mp_read_unsigned_bin(tmp, in, inLen) != MP_OKAY)
-        ret = MP_READ_E;
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    if (ret == 0) {
-        mp_memzero_add("RSA sync tmp", tmp);
-    }
-#endif
-
-    if (ret == 0) {
-        switch(type) {
-    #if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
-        case RSA_PRIVATE_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-        {
-            ret = RsaFunctionPrivate(tmp, key, rng);
-            break;
-        }
-    #endif
-        case RSA_PUBLIC_ENCRYPT:
-        case RSA_PUBLIC_DECRYPT:
-            if (mp_exptmod_nct(tmp, &key->e, &key->n, tmp) != MP_OKAY) {
-                WOLFSSL_MSG_CERT_LOG("mp_exptmod_nct failed");
-                ret = MP_EXPTMOD_E;
-            }
-            break;
-        default:
-            ret = RSA_WRONG_TYPE_E;
-            break;
-        }
-    }
-
-    if (ret == 0) {
-        WOLFSSL_MSG("mp_to_unsigned_bin_len_ct...");
-        if (mp_to_unsigned_bin_len_ct(tmp, out, (int)*outLen) != MP_OKAY) {
-            WOLFSSL_MSG("mp_to_unsigned_bin_len_ct failed");
-            ret = MP_TO_E;
-        }
-    }
-#ifdef WOLFSSL_RSA_CHECK_D_ON_DECRYPT
-    if ((ret == 0) && (type == RSA_PRIVATE_DECRYPT)) {
-        mp_sub(&key->n, &key->p, tmp);
-        mp_sub(tmp, &key->q, tmp);
-        mp_add_d(tmp, 1, tmp);
-        mp_mulmod(&key->d, &key->e, tmp, tmp);
-        if (!mp_isone(tmp)) {
-            ret = MP_EXPTMOD_E;
-        }
-    }
-#endif
-#else
-    (void)type;
-    (void)key;
-    XMEMCPY(out, in, inLen);
-#endif
-
-    mp_forcezero(tmp);
-    FREE_MP_INT_SIZE(tmp, key->heap, DYNAMIC_TYPE_RSA);
-#if !defined(MP_INT_SIZE_CHECK_NULL) && defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(tmp);
-#endif
-    return ret;
-}
-#endif /* !WOLFSSL_SP_MATH */
-
-static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
-                          word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    int ret;
-    word32 keyLen;
-
-    ret = wc_RsaEncryptSize(key);
-    if (ret < 0) {
-#ifdef DEBUG_WOLFSSL
-        WOLFSSL_MSG_EX("wc_RsaEncryptSize failed err = %d", ret);
-#endif
-        return ret;
-    }
-    keyLen = (word32)ret;
-
-    if (inLen > keyLen) {
-        WOLFSSL_MSG("Expected that inLen be no longer RSA key length");
-        return BAD_FUNC_ARG;
-    }
-    if (keyLen > *outLen) {
-        WOLFSSL_MSG("Expected that outLen be no shorter RSA key length");
-        return RSA_BUFFER_E;
-    }
-
-    if (mp_iseven(&key->n)) {
-        WOLFSSL_MSG("MP_VAL is even");
-        return MP_VAL;
-    }
-
-#ifdef WOLFSSL_HAVE_SP_RSA
-    ret = RsaFunction_SP(in, inLen, out, outLen, type, key, rng);
-    if (ret != WC_NO_ERR_TRACE(WC_KEY_SIZE_E))
-        return ret;
-#endif /* WOLFSSL_HAVE_SP_RSA */
-
-#if defined(WOLFSSL_SP_MATH)
-    (void)rng;
-#ifndef WOLFSSL_HAVE_SP_RSA
-    (void)in;
-    (void)inLen;
-    (void)out;
-    (void)outLen;
-    (void)type;
-    (void)key;
-    #error RSA SP option invalid (enable WOLFSSL_HAVE_SP_RSA or disable WOLFSSL_SP_MATH)
-    return NOT_COMPILED_IN;
-#else
-    WOLFSSL_MSG("SP Key Size Error");
-    return WC_KEY_SIZE_E;
-#endif
-#else
-    *outLen = keyLen;
-    return RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
-#endif /* WOLFSSL_SP_MATH */
-} /* wc_RsaFunctionSync */
-#endif /* WOLF_CRYPTO_CB_ONLY_RSA */
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA)
-static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
-                          word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    int ret = 0;
-
-    (void)rng;
-
-#ifdef WOLFSSL_ASYNC_CRYPT_SW
-    if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_RSA_FUNC)) {
-        WC_ASYNC_SW* sw = &key->asyncDev.sw;
-        sw->rsaFunc.in = in;
-        sw->rsaFunc.inSz = inLen;
-        sw->rsaFunc.out = out;
-        sw->rsaFunc.outSz = outLen;
-        sw->rsaFunc.type = type;
-        sw->rsaFunc.key = key;
-        sw->rsaFunc.rng = rng;
-        return WC_PENDING_E;
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT_SW */
-
-    switch (type) {
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-    case RSA_PRIVATE_DECRYPT:
-    case RSA_PRIVATE_ENCRYPT:
-    #ifdef HAVE_CAVIUM
-        key->dataLen = key->n.raw.len;
-        ret = NitroxRsaExptMod(in, inLen,
-                               key->d.raw.buf, key->d.raw.len,
-                               key->n.raw.buf, key->n.raw.len,
-                               out, outLen, key);
-    #elif defined(HAVE_INTEL_QA)
-        #ifdef RSA_LOW_MEM
-            ret = IntelQaRsaPrivate(&key->asyncDev, in, inLen,
-                                    &key->d.raw, &key->n.raw,
-                                    out, outLen);
-        #else
-            ret = IntelQaRsaCrtPrivate(&key->asyncDev, in, inLen,
-                                &key->p.raw, &key->q.raw,
-                                &key->dP.raw, &key->dQ.raw,
-                                &key->u.raw,
-                                out, outLen);
-        #endif
-    #else
-        ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
-    #endif
-        break;
-#endif
-
-    case RSA_PUBLIC_ENCRYPT:
-    case RSA_PUBLIC_DECRYPT:
-    #ifdef HAVE_CAVIUM
-        key->dataLen = key->n.raw.len;
-        ret = NitroxRsaExptMod(in, inLen,
-                               key->e.raw.buf, key->e.raw.len,
-                               key->n.raw.buf, key->n.raw.len,
-                               out, outLen, key);
-    #elif defined(HAVE_INTEL_QA)
-        ret = IntelQaRsaPublic(&key->asyncDev, in, inLen,
-                               &key->e.raw, &key->n.raw,
-                               out, outLen);
-    #else
-        ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
-    #endif
-        break;
-
-    default:
-        ret = RSA_WRONG_TYPE_E;
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_RSA */
-
-#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING) || \
-    defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
-/* Performs direct RSA computation without padding. The input and output must
- * match the key size (ex: 2048-bits = 256 bytes). Returns the size of the
- * output on success or negative value on failure. */
-int wc_RsaDirect(const byte* in, word32 inLen, byte* out, word32* outSz,
-        RsaKey* key, int type, WC_RNG* rng)
-{
-    int ret;
-
-    if (in == NULL || outSz == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* sanity check on type of RSA operation */
-    switch (type) {
-        case RSA_PUBLIC_ENCRYPT:
-        case RSA_PUBLIC_DECRYPT:
-        case RSA_PRIVATE_ENCRYPT:
-        case RSA_PRIVATE_DECRYPT:
-            break;
-        default:
-            WOLFSSL_MSG("Bad RSA type");
-            return BAD_FUNC_ARG;
-    }
-
-    if ((ret = wc_RsaEncryptSize(key)) < 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (inLen != (word32)ret) {
-        WOLFSSL_MSG("Bad input length. Should be RSA key size");
-        return BAD_FUNC_ARG;
-    }
-
-    if (out == NULL) {
-        *outSz = inLen;
-        return WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    switch (key->state) {
-        case RSA_STATE_NONE:
-        case RSA_STATE_ENCRYPT_PAD:
-        case RSA_STATE_ENCRYPT_EXPTMOD:
-        case RSA_STATE_DECRYPT_EXPTMOD:
-        case RSA_STATE_DECRYPT_UNPAD:
-            key->state = (type == RSA_PRIVATE_ENCRYPT ||
-                    type == RSA_PUBLIC_ENCRYPT) ? RSA_STATE_ENCRYPT_EXPTMOD:
-                                                  RSA_STATE_DECRYPT_EXPTMOD;
-
-            key->dataLen = *outSz;
-
-            ret = wc_RsaFunction(in, inLen, out, &key->dataLen, type, key, rng);
-            if (ret >= 0 || ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-                key->state = (type == RSA_PRIVATE_ENCRYPT ||
-                    type == RSA_PUBLIC_ENCRYPT) ? RSA_STATE_ENCRYPT_RES:
-                                                  RSA_STATE_DECRYPT_RES;
-            }
-            if (ret < 0) {
-                break;
-            }
-
-            FALL_THROUGH;
-
-        case RSA_STATE_ENCRYPT_RES:
-        case RSA_STATE_DECRYPT_RES:
-            ret = (int)key->dataLen;
-            break;
-
-        default:
-            ret = BAD_STATE_E;
-    }
-
-    /* if async pending then skip cleanup*/
-    if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)
-    #ifdef WC_RSA_NONBLOCK
-        || ret == FP_WOULDBLOCK
-    #endif
-    ) {
-        return ret;
-    }
-
-    key->state = RSA_STATE_NONE;
-    wc_RsaCleanup(key);
-
-    return ret;
-}
-#endif /* WC_RSA_DIRECT || WC_RSA_NO_PADDING || OPENSSL_EXTRA || \
-        * OPENSSL_EXTRA_X509_SMALL */
-
-#if defined(WOLFSSL_CRYPTOCELL)
-static int cc310_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
-                            word32 outLen, RsaKey* key)
-{
-    CRYSError_t ret = 0;
-    CRYS_RSAPrimeData_t primeData;
-    int modulusSize = wc_RsaEncryptSize(key);
-
-    /* The out buffer must be at least modulus size bytes long. */
-    if (outLen < modulusSize)
-        return BAD_FUNC_ARG;
-
-    ret = CRYS_RSA_PKCS1v15_Encrypt(&wc_rndState,
-                                    wc_rndGenVectFunc,
-                                    &key->ctx.pubKey,
-                                    &primeData,
-                                    (byte*)in,
-                                    inLen,
-                                    out);
-
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_PKCS1v15_Encrypt failed");
-        return -1;
-    }
-
-    return modulusSize;
-}
-static int cc310_RsaPublicDecrypt(const byte* in, word32 inLen, byte* out,
-                            word32 outLen, RsaKey* key)
-{
-    CRYSError_t ret = 0;
-    CRYS_RSAPrimeData_t primeData;
-    word16 actualOutLen = outLen;
-
-    ret = CRYS_RSA_PKCS1v15_Decrypt(&key->ctx.privKey,
-                                    &primeData,
-                                    (byte*)in,
-                                    inLen,
-                                    out,
-                                    &actualOutLen);
-
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_PKCS1v15_Decrypt failed");
-        return -1;
-    }
-    return actualOutLen;
-}
-
-int cc310_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
-                  word32 outLen, RsaKey* key, CRYS_RSA_HASH_OpMode_t mode)
-{
-    CRYSError_t ret = 0;
-    word16 actualOutLen = outLen*sizeof(byte);
-    CRYS_RSAPrivUserContext_t  contextPrivate;
-
-    ret =  CRYS_RSA_PKCS1v15_Sign(&wc_rndState,
-                wc_rndGenVectFunc,
-                &contextPrivate,
-                &key->ctx.privKey,
-                mode,
-                (byte*)in,
-                inLen,
-                out,
-                &actualOutLen);
-
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_PKCS1v15_Sign failed");
-        return -1;
-    }
-    return actualOutLen;
-}
-
-int cc310_RsaSSL_Verify(const byte* in, word32 inLen, byte* sig,
-                               RsaKey* key, CRYS_RSA_HASH_OpMode_t mode)
-{
-    CRYSError_t ret = 0;
-    CRYS_RSAPubUserContext_t contextPub;
-
-    /* verify the signature in the sig pointer */
-    ret =  CRYS_RSA_PKCS1v15_Verify(&contextPub,
-                &key->ctx.pubKey,
-                mode,
-                (byte*)in,
-                inLen,
-                sig);
-
-    if (ret != SA_SILIB_RET_OK){
-        WOLFSSL_MSG("CRYS_RSA_PKCS1v15_Verify failed");
-        return -1;
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_CRYPTOCELL */
-
-#ifndef WOLF_CRYPTO_CB_ONLY_RSA
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(TEST_UNPAD_CONSTANT_TIME) && \
-    !defined(NO_RSA_BOUNDS_CHECK)
-/* Check that 1 < in < n-1. (Requirement of 800-56B.) */
-int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key,
-    int checkSmallCt)
-{
-    int ret = 0;
-    DECL_MP_INT_SIZE_DYN(c, mp_bitsused(&key->n), RSA_MAX_SIZE);
-
-    NEW_MP_INT_SIZE(c, mp_bitsused(&key->n), key->heap, DYNAMIC_TYPE_RSA);
-#ifdef MP_INT_SIZE_CHECK_NULL
-    if (c == NULL)
-        ret = MEMORY_E;
-#endif
-
-    if (ret == 0 && INIT_MP_INT_SIZE(c, mp_bitsused(&key->n)) != MP_OKAY) {
-        ret = MP_INIT_E;
-    }
-    if (ret == 0) {
-        if (mp_read_unsigned_bin(c, in, inLen) != 0)
-            ret = MP_READ_E;
-    }
-    if (ret == 0) {
-        /* check c > 1 */
-        if (checkSmallCt && (mp_cmp_d(c, 1) != MP_GT))
-            ret = RSA_OUT_OF_RANGE_E;
-    }
-    if (ret == 0) {
-        /* add c+1 */
-        if (mp_add_d(c, 1, c) != MP_OKAY)
-            ret = MP_ADD_E;
-    }
-    if (ret == 0) {
-        /* check c+1 < n */
-        if (mp_cmp(c, &key->n) != MP_LT)
-            ret = RSA_OUT_OF_RANGE_E;
-    }
-    mp_clear(c);
-
-    FREE_MP_INT_SIZE(c, key->heap, DYNAMIC_TYPE_RSA);
-
-    return ret;
-}
-#endif /* !WOLFSSL_RSA_VERIFY_ONLY && !TEST_UNPAD_CONSTANT_TIME &&
-        * !NO_RSA_BOUNDS_CHECK */
-#endif /* WOLF_CRYPTO_CB_ONLY_RSA */
-
-static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
-                             word32* outLen, int type, RsaKey* key, WC_RNG* rng,
-                             int checkSmallCt)
-{
-    int ret = 0;
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
-    RsaPadding padding;
-#endif
-
-    (void)rng;
-    (void)checkSmallCt;
-
-    if (key == NULL || in == NULL || inLen == 0 || out == NULL ||
-            outLen == NULL || *outLen == 0 || type == RSA_TYPE_UNKNOWN) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (key->devId != INVALID_DEVID)
-    #endif
-    {
-    #if defined(WOLF_CRYPTO_CB_RSA_PAD)
-        /* If we are here, either the RSA PAD callback was already called
-         * and returned that it could not implement for that padding scheme,
-         * or this is a public verify operation. Either way indicate to the
-         * callback that this should be a raw RSA operation with no padding.*/
-        XMEMSET(&padding, 0, sizeof(RsaPadding));
-        padding.pad_type = WC_RSA_NO_PAD;
-        ret = wc_CryptoCb_RsaPad(in, inLen, out,
-                            outLen, type, key, rng, &padding);
-    #else
-        ret = wc_CryptoCb_Rsa(in, inLen, out, outLen, type, key, rng);
-    #endif
-        #ifndef WOLF_CRYPTO_CB_ONLY_RSA
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable and try using software */
-        #endif
-        #ifdef WOLF_CRYPTO_CB_ONLY_RSA
-        if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-            return NO_VALID_DEVID;
-        }
-        return ret;
-        #endif
-    }
-#endif
-
-#ifdef WOLF_CRYPTO_CB_ONLY_RSA
-    return NO_VALID_DEVID;
-#else /* !WOLF_CRYPTO_CB_ONLY_RSA */
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(TEST_UNPAD_CONSTANT_TIME) && \
-    !defined(NO_RSA_BOUNDS_CHECK)
-    if (type == RSA_PRIVATE_DECRYPT &&
-        key->state == RSA_STATE_DECRYPT_EXPTMOD) {
-
-        ret = RsaFunctionCheckIn(in, inLen, key, checkSmallCt);
-        if (ret != 0) {
-            RESTORE_VECTOR_REGISTERS();
-            return ret;
-        }
-    }
-#endif /* !WOLFSSL_RSA_VERIFY_ONLY && !TEST_UNPAD_CONSTANT_TIME && \
-        * !NO_RSA_BOUNDS_CHECK */
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA)
-    if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA &&
-                                                        key->n.raw.len > 0) {
-        ret = wc_RsaFunctionAsync(in, inLen, out, outLen, type, key, rng);
-    }
-    else
-#endif
-#ifdef WC_RSA_NONBLOCK
-    if (key->nb) {
-        ret = wc_RsaFunctionNonBlock(in, inLen, out, outLen, type, key);
-    }
-    else
-#endif
-    {
-        ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    /* handle error */
-    if (ret < 0 && ret != WC_NO_ERR_TRACE(WC_PENDING_E)
-    #ifdef WC_RSA_NONBLOCK
-        && ret != FP_WOULDBLOCK
-    #endif
-    ) {
-        if (ret == WC_NO_ERR_TRACE(MP_EXPTMOD_E)) {
-            /* This can happen due to incorrectly set FP_MAX_BITS or missing XREALLOC */
-            WOLFSSL_MSG("RSA_FUNCTION MP_EXPTMOD_E: memory/config problem");
-        }
-
-        key->state = RSA_STATE_NONE;
-        wc_RsaCleanup(key);
-    }
-    return ret;
-#endif /* !WOLF_CRYPTO_CB_ONLY_RSA */
-}
-
-int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
-                          word32* outLen, int type, RsaKey* key, WC_RNG* rng)
-{
-    /* Always check for ciphertext of 0 or 1. (Shouldn't for OAEP decrypt.) */
-    return wc_RsaFunction_ex(in, inLen, out, outLen, type, key, rng, 1);
-}
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-/* Internal Wrappers */
-/* Gives the option of choosing padding type
-   in : input to be encrypted
-   inLen: length of input buffer
-   out: encrypted output
-   outLen: length of encrypted output buffer
-   key   : wolfSSL initialized RSA key struct
-   rng   : wolfSSL initialized random number struct
-   rsa_type  : type of RSA: RSA_PUBLIC_ENCRYPT, RSA_PUBLIC_DECRYPT,
-        RSA_PRIVATE_ENCRYPT or RSA_PRIVATE_DECRYPT
-   pad_value: RSA_BLOCK_TYPE_1 or RSA_BLOCK_TYPE_2
-   pad_type  : type of padding: WC_RSA_PKCSV15_PAD, WC_RSA_OAEP_PAD,
-        WC_RSA_NO_PAD or WC_RSA_PSS_PAD
-   hash  : type of hash algorithm to use found in wolfssl/wolfcrypt/hash.h
-   mgf   : type of mask generation function to use
-   label : optional label
-   labelSz : size of optional label buffer
-   saltLen : Length of salt used in PSS
-   rng : random number generator */
-static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
-                            word32 outLen, RsaKey* key, int rsa_type,
-                            byte pad_value, int pad_type,
-                            enum wc_HashType hash, int mgf,
-                            byte* label, word32 labelSz, int saltLen,
-                            WC_RNG* rng)
-{
-    int ret = 0;
-    int sz;
-    int state;
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
-    RsaPadding padding;
-#endif
-
-    if (in == NULL || inLen == 0 || out == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    sz = wc_RsaEncryptSize(key);
-    if (sz > (int)outLen) {
-        return RSA_BUFFER_E;
-    }
-
-    if (sz < RSA_MIN_PAD_SZ || sz > (int)RSA_MAX_SIZE/8) {
-        return WC_KEY_SIZE_E;
-    }
-
-    if (inLen > (word32)(sz - RSA_MIN_PAD_SZ)) {
-#ifdef WC_RSA_NO_PADDING
-        /* In the case that no padding is used the input length can and should
-         * be the same size as the RSA key. */
-        if (pad_type != WC_RSA_NO_PAD)
-#endif
-        return RSA_BUFFER_E;
-    }
-
-#ifndef WOLFSSL_BIND
-    state = key->state;
-#else
-    /* Bind9 shares the EVP_PKEY struct across multiple threads so let's just
-     * force a restart on each RsaPublicEncryptEx call for it. */
-    state = RSA_STATE_NONE;
-#ifdef WOLFSSL_ASYNC_CRYPT
-#error wolfSSL does not handle building bind support with async crypto
-#endif
-#endif
-    switch (state) {
-    case RSA_STATE_NONE:
-    case RSA_STATE_ENCRYPT_PAD:
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \
-            defined(HAVE_CAVIUM)
-        if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA &&
-                                 pad_type != WC_RSA_PSS_PAD && key->n.raw.buf) {
-            /* Async operations that include padding */
-            if (rsa_type == RSA_PUBLIC_ENCRYPT &&
-                                                pad_value == RSA_BLOCK_TYPE_2) {
-                key->state = RSA_STATE_ENCRYPT_RES;
-                key->dataLen = key->n.raw.len;
-                return NitroxRsaPublicEncrypt(in, inLen, out, outLen, key);
-            }
-            else if (rsa_type == RSA_PRIVATE_ENCRYPT &&
-                                                pad_value == RSA_BLOCK_TYPE_1) {
-                key->state = RSA_STATE_ENCRYPT_RES;
-                key->dataLen = key->n.raw.len;
-                return NitroxRsaSSL_Sign(in, inLen, out, outLen, key);
-            }
-        }
-    #elif defined(WOLFSSL_CRYPTOCELL)
-        if (rsa_type == RSA_PUBLIC_ENCRYPT &&
-                                            pad_value == RSA_BLOCK_TYPE_2) {
-
-            return cc310_RsaPublicEncrypt(in, inLen, out, outLen, key);
-        }
-        else if (rsa_type == RSA_PRIVATE_ENCRYPT &&
-                                         pad_value == RSA_BLOCK_TYPE_1) {
-            return cc310_RsaSSL_Sign(in, inLen, out, outLen, key,
-                                  cc310_hashModeRSA(hash, 0));
-        }
-    #elif defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-        if (rsa_type == RSA_PUBLIC_ENCRYPT && pad_value == RSA_BLOCK_TYPE_2) {
-            return se050_rsa_public_encrypt(in, inLen, out, outLen, key,
-                                            rsa_type, pad_value, pad_type, hash,
-                                            mgf, label, labelSz, sz);
-        }
-        else if (rsa_type == RSA_PRIVATE_ENCRYPT &&
-                                              pad_value == RSA_BLOCK_TYPE_1) {
-            return se050_rsa_sign(in, inLen, out, outLen, key, rsa_type,
-                                  pad_value, pad_type, hash, mgf, label,
-                                  labelSz, sz);
-        }
-    #endif /* RSA CRYPTO HW */
-
-    #if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
-        if (key->devId != INVALID_DEVID) {
-            XMEMSET(&padding, 0, sizeof(RsaPadding));
-            padding.pad_value = pad_value;
-            padding.pad_type = pad_type;
-            padding.hash = hash;
-            padding.mgf = mgf;
-            padding.label = label;
-            padding.labelSz = labelSz;
-            padding.saltLen = saltLen;
-            ret = wc_CryptoCb_RsaPad(in, inLen, out, &outLen, rsa_type, key, rng,
-                                     &padding);
-
-            if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-                if (ret < 0) {
-                    break;
-                }
-
-                ret = outLen;
-                break;
-            }
-        }
-    #endif
-        key->state = RSA_STATE_ENCRYPT_PAD;
-        ret = wc_RsaPad_ex(in, inLen, out, (word32)sz, pad_value, rng, pad_type,
-                           hash, mgf, label, labelSz, saltLen,
-                           mp_count_bits(&key->n), key->heap);
-        if (ret < 0) {
-            break;
-        }
-
-        key->state = RSA_STATE_ENCRYPT_EXPTMOD;
-        FALL_THROUGH;
-
-    case RSA_STATE_ENCRYPT_EXPTMOD:
-
-        key->dataLen = outLen;
-        ret = wc_RsaFunction(out, (word32)sz, out, &key->dataLen, rsa_type, key,
-                             rng);
-
-        if (ret >= 0 || ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-            key->state = RSA_STATE_ENCRYPT_RES;
-        }
-        if (ret < 0) {
-            break;
-        }
-
-        FALL_THROUGH;
-
-    case RSA_STATE_ENCRYPT_RES:
-        ret = (int)key->dataLen;
-        break;
-
-    default:
-        ret = BAD_STATE_E;
-        break;
-    }
-
-    /* if async pending then return and skip done cleanup below */
-    if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)
-    #ifdef WC_RSA_NONBLOCK
-        || ret == FP_WOULDBLOCK
-    #endif
-    ) {
-        return ret;
-    }
-
-    key->state = RSA_STATE_NONE;
-    wc_RsaCleanup(key);
-
-    return ret;
-}
-
-#endif
-
-/* Gives the option of choosing padding type
-   in : input to be decrypted
-   inLen: length of input buffer
-   out:  decrypted message
-   outLen: length of decrypted message in bytes
-   outPtr: optional inline output pointer (if provided doing inline)
-   key   : wolfSSL initialized RSA key struct
-   rsa_type  : type of RSA: RSA_PUBLIC_ENCRYPT, RSA_PUBLIC_DECRYPT,
-        RSA_PRIVATE_ENCRYPT or RSA_PRIVATE_DECRYPT
-   pad_value: RSA_BLOCK_TYPE_1 or RSA_BLOCK_TYPE_2
-   pad_type  : type of padding: WC_RSA_PKCSV15_PAD, WC_RSA_OAEP_PAD,
-        WC_RSA_NO_PAD, WC_RSA_PSS_PAD
-   hash  : type of hash algorithm to use found in wolfssl/wolfcrypt/hash.h
-   mgf   : type of mask generation function to use
-   label : optional label
-   labelSz : size of optional label buffer
-   saltLen : Length of salt used in PSS
-   rng : random number generator */
-static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
-                            word32 outLen, byte** outPtr, RsaKey* key,
-                            int rsa_type, byte pad_value, int pad_type,
-                            enum wc_HashType hash, int mgf,
-                            byte* label, word32 labelSz, int saltLen,
-                            WC_RNG* rng)
-{
-    int ret = WC_NO_ERR_TRACE(RSA_WRONG_TYPE_E);
-    byte* pad = NULL;
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
-    RsaPadding padding;
-#endif
-
-    if (in == NULL || inLen == 0 || out == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    switch (key->state) {
-    case RSA_STATE_NONE:
-        key->dataLen = inLen;
-
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \
-            defined(HAVE_CAVIUM)
-        /* Async operations that include padding */
-        if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA &&
-                                                   pad_type != WC_RSA_PSS_PAD) {
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-            if (rsa_type == RSA_PRIVATE_DECRYPT &&
-                                                pad_value == RSA_BLOCK_TYPE_2) {
-                key->state = RSA_STATE_DECRYPT_RES;
-                key->data = NULL;
-                return NitroxRsaPrivateDecrypt(in, inLen, out, &key->dataLen,
-                                               key);
-#endif
-            }
-            else if (rsa_type == RSA_PUBLIC_DECRYPT &&
-                                                pad_value == RSA_BLOCK_TYPE_1) {
-                key->state = RSA_STATE_DECRYPT_RES;
-                key->data = NULL;
-                return NitroxRsaSSL_Verify(in, inLen, out, &key->dataLen, key);
-            }
-        }
-    #elif defined(WOLFSSL_CRYPTOCELL)
-        if (rsa_type == RSA_PRIVATE_DECRYPT &&
-                                            pad_value == RSA_BLOCK_TYPE_2) {
-            ret = cc310_RsaPublicDecrypt(in, inLen, out, outLen, key);
-            if (outPtr != NULL)
-                *outPtr = out; /* for inline */
-            return ret;
-        }
-        else if (rsa_type == RSA_PUBLIC_DECRYPT &&
-                                            pad_value == RSA_BLOCK_TYPE_1) {
-            return cc310_RsaSSL_Verify(in, inLen, out, key,
-                                       cc310_hashModeRSA(hash, 0));
-        }
-    #elif defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-        if (rsa_type == RSA_PRIVATE_DECRYPT && pad_value == RSA_BLOCK_TYPE_2) {
-            ret = se050_rsa_private_decrypt(in, inLen, out, outLen, key,
-                                            rsa_type, pad_value, pad_type, hash,
-                                            mgf, label, labelSz);
-            if (outPtr != NULL) {
-                *outPtr = out;
-            }
-            return ret;
-        }
-        else if (rsa_type == RSA_PUBLIC_DECRYPT &&
-                                                pad_value == RSA_BLOCK_TYPE_1) {
-            ret = se050_rsa_verify(in, inLen, out, outLen, key, rsa_type,
-                                   pad_value, pad_type, hash, mgf, label,
-                                   labelSz);
-            if (outPtr != NULL) {
-                *outPtr = out;
-            }
-            return ret;
-        }
-    #endif /* RSA CRYPTO HW */
-
-
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
-    !defined(WOLFSSL_NO_MALLOC)
-        /* verify the tmp ptr is NULL, otherwise indicates bad state */
-        if (key->data != NULL) {
-            ret = BAD_STATE_E;
-            break;
-        }
-
-        /* if not doing this inline then allocate a buffer for it */
-        if (outPtr == NULL) {
-            key->data = (byte*)XMALLOC(inLen, key->heap,
-                                                      DYNAMIC_TYPE_WOLF_BIGINT);
-            key->dataIsAlloc = 1;
-            if (key->data == NULL) {
-                ret = MEMORY_E;
-                break;
-            }
-            XMEMCPY(key->data, in, inLen);
-            key->dataLen = inLen;
-        }
-        else {
-            key->dataIsAlloc = 0;
-            key->data = out;
-        }
-#endif
-
-        key->state = RSA_STATE_DECRYPT_EXPTMOD;
-        FALL_THROUGH;
-
-    case RSA_STATE_DECRYPT_EXPTMOD:
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
-    if ((key->devId != INVALID_DEVID)
-    #if !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
-        !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
-    && (rsa_type != RSA_PUBLIC_DECRYPT)
-    #endif
-    ) {
-        /* Everything except verify goes to crypto cb if
-         * WOLF_CRYPTO_CB_RSA_PAD defined */
-        XMEMSET(&padding, 0, sizeof(RsaPadding));
-        padding.pad_value = pad_value;
-        padding.pad_type = pad_type;
-        padding.hash = hash;
-        padding.mgf = mgf;
-        padding.label = label;
-        padding.labelSz = labelSz;
-        padding.saltLen = saltLen;
-        ret = wc_CryptoCb_RsaPad(in, inLen, out,
-                            &outLen, rsa_type, key, rng, &padding);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-            if (outPtr != NULL) {
-                *outPtr = out;
-            }
-            if (ret == 0) {
-                ret = (int)outLen;
-            }
-            break;
-        }
-    }
-#endif
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
-    !defined(WOLFSSL_NO_MALLOC)
-        ret = wc_RsaFunction_ex(key->data, inLen, key->data, &key->dataLen,
-                                                   rsa_type, key, rng,
-                                                   pad_type != WC_RSA_OAEP_PAD);
-#else
-        ret = wc_RsaFunction_ex(in, inLen, out, &key->dataLen, rsa_type, key,
-                                              rng, pad_type != WC_RSA_OAEP_PAD);
-#endif
-
-        if (ret >= 0 || ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
-            key->state = RSA_STATE_DECRYPT_UNPAD;
-        }
-        if (ret < 0) {
-            break;
-        }
-
-        FALL_THROUGH;
-
-    case RSA_STATE_DECRYPT_UNPAD:
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
-    !defined(WOLFSSL_NO_MALLOC)
-        ret = wc_RsaUnPad_ex(key->data,
-            key->dataLen, &pad, pad_value, pad_type, hash, mgf,
-            label, labelSz, saltLen, mp_count_bits(&key->n), key->heap);
-#else
-        ret = wc_RsaUnPad_ex(out,
-            key->dataLen, &pad, pad_value, pad_type, hash, mgf, label,
-            labelSz, saltLen, mp_count_bits(&key->n), key->heap);
-#endif
-        if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen) {
-            ret = RSA_BUFFER_E;
-        }
-        else if (ret >= 0 && pad != NULL) {
-            /* only copy output if not inline */
-            if (outPtr == NULL) {
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
-    !defined(WOLFSSL_NO_MALLOC)
-                if (rsa_type == RSA_PRIVATE_DECRYPT) {
-                    word32 i = 0;
-                    word32 j;
-                    int start = (int)((size_t)pad - (size_t)key->data);
-
-                    for (j = 0; j < key->dataLen; j++) {
-                        signed char c;
-                        out[i] = key->data[j];
-                        c  = (signed char)ctMaskGTE((int)j, start);
-                        c &= (signed char)ctMaskLT((int)i, (int)outLen);
-                        /* 0 - no add, -1 add */
-                        i += (word32)((byte)(-c));
-                    }
-                }
-                else
-#endif
-                {
-                    XMEMCPY(out, pad, (size_t)ret);
-                }
-            }
-            else {
-                *outPtr = pad;
-            }
-
-#if !defined(WOLFSSL_RSA_VERIFY_ONLY)
-            ret = ctMaskSelInt(ctMaskLTE(ret, (int)outLen), ret,
-                               WC_NO_ERR_TRACE(RSA_BUFFER_E));
-    #ifndef WOLFSSL_RSA_DECRYPT_TO_0_LEN
-            ret = ctMaskSelInt(ctMaskNotEq(ret, 0), ret,
-                               WC_NO_ERR_TRACE(RSA_BUFFER_E));
-    #endif
-#else
-            if (outLen < (word32)ret)
-                ret = RSA_BUFFER_E;
-#endif
-        }
-
-        key->state = RSA_STATE_DECRYPT_RES;
-        FALL_THROUGH;
-
-    case RSA_STATE_DECRYPT_RES:
-    #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \
-            defined(HAVE_CAVIUM)
-        if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA &&
-                                                   pad_type != WC_RSA_PSS_PAD) {
-            ret = key->asyncDev.event.ret;
-            if (ret >= 0) {
-                /* convert result */
-                byte* dataLen = (byte*)&key->dataLen;
-                ret = (dataLen[0] << 8) | (dataLen[1]);
-
-                if (outPtr)
-                    *outPtr = in;
-            }
-        }
-    #endif
-        break;
-
-    default:
-        ret = BAD_STATE_E;
-        break;
-    }
-
-    /* if async pending then return and skip done cleanup below */
-    if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)
-    #ifdef WC_RSA_NONBLOCK
-        || ret == FP_WOULDBLOCK
-    #endif
-    ) {
-        return ret;
-    }
-
-    key->state = RSA_STATE_NONE;
-    wc_RsaCleanup(key);
-
-    return ret;
-}
-
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-/* Public RSA Functions */
-int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
-                                                     RsaKey* key, WC_RNG* rng)
-{
-    int ret;
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPublicEncryptEx(in, inLen, out, outLen, key,
-        RSA_PUBLIC_ENCRYPT, RSA_BLOCK_TYPE_2, WC_RSA_PKCSV15_PAD,
-        WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-
-#if !defined(WC_NO_RSA_OAEP) || defined(WC_RSA_NO_PADDING)
-int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
-                    word32 outLen, RsaKey* key, WC_RNG* rng, int type,
-                    enum wc_HashType hash, int mgf, byte* label,
-                    word32 labelSz)
-{
-    int ret;
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPublicEncryptEx(in, inLen, out, outLen, key, RSA_PUBLIC_ENCRYPT,
-        RSA_BLOCK_TYPE_2, type, hash, mgf, label, labelSz, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-#endif /* WC_NO_RSA_OAEP */
-#endif
-
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, in, inLen, out, key,
-        RSA_PRIVATE_DECRYPT, RSA_BLOCK_TYPE_2, WC_RSA_PKCSV15_PAD,
-        WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-
-#ifndef WC_NO_RSA_OAEP
-int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, byte** out,
-                                  RsaKey* key, int type, enum wc_HashType hash,
-                                  int mgf, byte* label, word32 labelSz)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, in, inLen, out, key,
-        RSA_PRIVATE_DECRYPT, RSA_BLOCK_TYPE_2, type, hash,
-        mgf, label, labelSz, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-#endif /* WC_NO_RSA_OAEP */
-
-
-int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
-                                                 word32 outLen, RsaKey* key)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, out, outLen, NULL, key,
-        RSA_PRIVATE_DECRYPT, RSA_BLOCK_TYPE_2, WC_RSA_PKCSV15_PAD,
-        WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-#if !defined(WC_NO_RSA_OAEP) || defined(WC_RSA_NO_PADDING)
-int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen, byte* out,
-                            word32 outLen, RsaKey* key, int type,
-                            enum wc_HashType hash, int mgf, byte* label,
-                            word32 labelSz)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, out, outLen, NULL, key,
-        RSA_PRIVATE_DECRYPT, RSA_BLOCK_TYPE_2, type, hash, mgf, label,
-        labelSz, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-#endif /* WC_NO_RSA_OAEP || WC_RSA_NO_PADDING */
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-
-#if !defined(WOLFSSL_CRYPTOCELL)
-int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, in, inLen, out, key,
-        RSA_PUBLIC_DECRYPT, RSA_BLOCK_TYPE_1, WC_RSA_PKCSV15_PAD,
-        WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_RSA_VERIFY_INLINE
-int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
-                                                                 RsaKey* key)
-{
-    return wc_RsaSSL_Verify_ex(in, inLen, out, outLen, key, WC_RSA_PKCSV15_PAD);
-}
-
-int  wc_RsaSSL_Verify_ex(const byte* in, word32 inLen, byte* out, word32 outLen,
-                         RsaKey* key, int pad_type)
-{
-    int ret;
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = wc_RsaSSL_Verify_ex2(in, inLen, out, outLen, key, pad_type,
-            WC_HASH_TYPE_NONE);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-int  wc_RsaSSL_Verify_ex2(const byte* in, word32 inLen, byte* out, word32 outLen,
-                         RsaKey* key, int pad_type, enum wc_HashType hash)
-{
-    WC_RNG* rng;
-    int ret;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WC_RSA_BLINDING
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    ret = RsaPrivateDecryptEx(in, inLen, out, outLen, NULL, key,
-        RSA_PUBLIC_DECRYPT, RSA_BLOCK_TYPE_1, pad_type,
-        hash, wc_hash2mgf(hash), NULL, 0, RSA_PSS_SALT_LEN_DEFAULT, rng);
-#else
-    ret = RsaPrivateDecryptEx(in, inLen, out, outLen, NULL, key,
-        RSA_PUBLIC_DECRYPT, RSA_BLOCK_TYPE_1, pad_type,
-        hash, wc_hash2mgf(hash), NULL, 0, RSA_PSS_SALT_LEN_DISCOVER, rng);
-#endif
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-#endif
-
-#ifdef WC_RSA_PSS
-/* Verify the message signed with RSA-PSS.
- * The input buffer is reused for the output buffer.
- * Salt length is equal to hash length.
- *
- * in     Buffer holding encrypted data.
- * inLen  Length of data in buffer.
- * out    Pointer to address containing the PSS data.
- * hash   Hash algorithm.
- * mgf    Mask generation function.
- * key    Public RSA key.
- * returns the length of the PSS data on success and negative indicates failure.
- */
-int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
-                           enum wc_HashType hash, int mgf, RsaKey* key)
-{
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    return wc_RsaPSS_VerifyInline_ex(in, inLen, out, hash, mgf,
-                                                 RSA_PSS_SALT_LEN_DEFAULT, key);
-#else
-    return wc_RsaPSS_VerifyInline_ex(in, inLen, out, hash, mgf,
-                                                RSA_PSS_SALT_LEN_DISCOVER, key);
-#endif
-}
-
-/* Verify the message signed with RSA-PSS.
- * The input buffer is reused for the output buffer.
- *
- * in       Buffer holding encrypted data.
- * inLen    Length of data in buffer.
- * out      Pointer to address containing the PSS data.
- * hash     Hash algorithm.
- * mgf      Mask generation function.
- * key      Public RSA key.
- * saltLen  Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt
- *          length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER
- *          indicates salt length is determined from the data.
- * returns the length of the PSS data on success and negative indicates failure.
- */
-int wc_RsaPSS_VerifyInline_ex(byte* in, word32 inLen, byte** out,
-                              enum wc_HashType hash, int mgf, int saltLen,
-                              RsaKey* key)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, in, inLen, out, key,
-        RSA_PUBLIC_DECRYPT, RSA_BLOCK_TYPE_1, WC_RSA_PSS_PAD,
-        hash, mgf, NULL, 0, saltLen, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-/* Verify the message signed with RSA-PSS.
- * Salt length is equal to hash length.
- *
- * in     Buffer holding encrypted data.
- * inLen  Length of data in buffer.
- * out    Pointer to address containing the PSS data.
- * hash   Hash algorithm.
- * mgf    Mask generation function.
- * key    Public RSA key.
- * returns the length of the PSS data on success and negative indicates failure.
- */
-int wc_RsaPSS_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
-                     enum wc_HashType hash, int mgf, RsaKey* key)
-{
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    return wc_RsaPSS_Verify_ex(in, inLen, out, outLen, hash, mgf,
-                                                 RSA_PSS_SALT_LEN_DEFAULT, key);
-#else
-    return wc_RsaPSS_Verify_ex(in, inLen, out, outLen, hash, mgf,
-                                                RSA_PSS_SALT_LEN_DISCOVER, key);
-#endif
-}
-
-/* Verify the message signed with RSA-PSS.
- *
- * in       Buffer holding encrypted data.
- * inLen    Length of data in buffer.
- * out      Pointer to address containing the PSS data.
- * hash     Hash algorithm.
- * mgf      Mask generation function.
- * key      Public RSA key.
- * saltLen  Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt
- *          length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER
- *          indicates salt length is determined from the data.
- * returns the length of the PSS data on success and negative indicates failure.
- */
-int wc_RsaPSS_Verify_ex(const byte* in, word32 inLen, byte* out, word32 outLen,
-                        enum wc_HashType hash, int mgf, int saltLen,
-                        RsaKey* key)
-{
-    WC_RNG* rng;
-    int ret;
-#ifdef WC_RSA_BLINDING
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    rng = key->rng;
-#else
-    rng = NULL;
-#endif
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPrivateDecryptEx(in, inLen, out, outLen, NULL, key,
-        RSA_PUBLIC_DECRYPT, RSA_BLOCK_TYPE_1, WC_RSA_PSS_PAD,
-        hash, mgf, NULL, 0, saltLen, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-
-/* Checks the PSS data to ensure that the signature matches.
- * Salt length is equal to hash length.
- *
- * in        Hash of the data that is being verified.
- * inSz      Length of hash.
- * sig       Buffer holding PSS data.
- * sigSz     Size of PSS data.
- * hashType  Hash algorithm.
- * returns BAD_PADDING_E when the PSS data is invalid, BAD_FUNC_ARG when
- * NULL is passed in to in or sig or inSz is not the same as the hash
- * algorithm length and 0 on success.
- */
-int wc_RsaPSS_CheckPadding(const byte* in, word32 inSz, const byte* sig,
-                           word32 sigSz, enum wc_HashType hashType)
-{
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-    return wc_RsaPSS_CheckPadding_ex(in, inSz, sig, sigSz, hashType, RSA_PSS_SALT_LEN_DEFAULT, 0);
-#else
-    return wc_RsaPSS_CheckPadding_ex(in, inSz, sig, sigSz, hashType, RSA_PSS_SALT_LEN_DISCOVER, 0);
-#endif
-}
-
-/* Checks the PSS data to ensure that the signature matches.
- *
- * in        Hash of the data that is being verified.
- * inSz      Length of hash.
- * sig       Buffer holding PSS data.
- * sigSz     Size of PSS data.
- * hashType  Hash algorithm.
- * saltLen   Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt
- *           length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER
- *           indicates salt length is determined from the data.
- * bits      Can be used to calculate salt size in FIPS case
- * returns BAD_PADDING_E when the PSS data is invalid, BAD_FUNC_ARG when
- * NULL is passed in to in or sig or inSz is not the same as the hash
- * algorithm length and 0 on success.
- */
-int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, const byte* sig,
-                               word32 sigSz, enum wc_HashType hashType,
-                               int saltLen, int bits, void* heap)
-{
-    int ret = 0;
-    byte sigCheckBuf[WC_MAX_DIGEST_SIZE*2 + RSA_PSS_PAD_SZ];
-    byte *sigCheck = sigCheckBuf;
-    int digSz;
-    (void)bits;
-
-    digSz = wc_HashGetDigestSize(hashType);
-
-    if (in == NULL || sig == NULL || digSz < 0 || inSz != (word32)digSz) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (saltLen == RSA_PSS_SALT_LEN_DEFAULT) {
-            saltLen = (int)inSz;
-            #ifdef WOLFSSL_SHA512
-                /* See FIPS 186-4 section 5.5 item (e). */
-                if (bits == 1024 && inSz == WC_SHA512_DIGEST_SIZE) {
-                    saltLen = RSA_PSS_SALT_MAX_SZ;
-                }
-            #endif
-        }
-#ifndef WOLFSSL_PSS_LONG_SALT
-        else if (saltLen > (int)inSz) {
-            ret = PSS_SALTLEN_E;
-        }
-#endif
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-        else if (saltLen < RSA_PSS_SALT_LEN_DEFAULT) {
-            ret = PSS_SALTLEN_E;
-        }
-#else
-        else if (saltLen == RSA_PSS_SALT_LEN_DISCOVER) {
-            saltLen = sigSz - inSz;
-            if (saltLen < 0) {
-                ret = PSS_SALTLEN_E;
-            }
-        }
-        else if (saltLen < RSA_PSS_SALT_LEN_DISCOVER) {
-            ret = PSS_SALTLEN_E;
-        }
-#endif
-    }
-
-    /* Sig = Salt | Exp Hash */
-    if (ret == 0) {
-        word32 totalSz;
-        if ((WC_SAFE_SUM_WORD32(inSz, (word32)saltLen, totalSz) == 0) ||
-            (sigSz != totalSz))
-        {
-            ret = PSS_SALTLEN_E;
-        }
-    }
-
-#ifdef WOLFSSL_PSS_LONG_SALT
-    /* if long salt is larger then default maximum buffer then allocate a buffer */
-    if ((ret == 0) &&
-            (sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + (word32)saltLen))) {
-        sigCheck = (byte*)XMALLOC(
-                              (size_t)(RSA_PSS_PAD_SZ + inSz + (word32)saltLen),
-                              heap, DYNAMIC_TYPE_RSA_BUFFER);
-        if (sigCheck == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#else
-    if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + (word32)saltLen)) {
-        ret = BUFFER_E;
-    }
-#endif
-
-    /* Exp Hash = HASH(8 * 0x00 | Message Hash | Salt) */
-    if (ret == 0) {
-        XMEMSET(sigCheck, 0, RSA_PSS_PAD_SZ);
-        XMEMCPY(sigCheck + RSA_PSS_PAD_SZ, in, inSz);
-        XMEMCPY(sigCheck + RSA_PSS_PAD_SZ + inSz, sig, (size_t)saltLen);
-        ret = wc_Hash(hashType, sigCheck, RSA_PSS_PAD_SZ + inSz + (word32)saltLen,
-                      sigCheck, inSz);
-    }
-    if (ret == 0) {
-        if (XMEMCMP(sigCheck, sig + saltLen, inSz) != 0) {
-            WOLFSSL_MSG("RsaPSS_CheckPadding: Padding Error");
-            ret = BAD_PADDING_E;
-        }
-    }
-
-#ifdef WOLFSSL_PSS_LONG_SALT
-    if (sigCheck != NULL && sigCheck != sigCheckBuf) {
-        XFREE(sigCheck, heap, DYNAMIC_TYPE_RSA_BUFFER);
-    }
-#endif
-
-    (void)heap; /* unused if memory is disabled */
-    return ret;
-}
-int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inSz, const byte* sig,
-                               word32 sigSz, enum wc_HashType hashType,
-                               int saltLen, int bits)
-{
-    return wc_RsaPSS_CheckPadding_ex2(in, inSz, sig, sigSz, hashType, saltLen,
-        bits, NULL);
-}
-
-
-/* Verify the message signed with RSA-PSS.
- * The input buffer is reused for the output buffer.
- * Salt length is equal to hash length.
- *
- * in     Buffer holding encrypted data.
- * inLen  Length of data in buffer.
- * out    Pointer to address containing the PSS data.
- * digest Hash of the data that is being verified.
- * digestLen Length of hash.
- * hash   Hash algorithm.
- * mgf    Mask generation function.
- * key    Public RSA key.
- * returns the length of the PSS data on success and negative indicates failure.
- */
-int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
-                           const byte* digest, word32 digestLen,
-                           enum wc_HashType hash, int mgf, RsaKey* key)
-{
-    int ret = 0, verify, saltLen, hLen, bits = 0;
-
-    hLen = wc_HashGetDigestSize(hash);
-    if (hLen < 0)
-        return BAD_FUNC_ARG;
-    if ((word32)hLen != digestLen)
-        return BAD_FUNC_ARG;
-
-    saltLen = hLen;
-    #ifdef WOLFSSL_SHA512
-        if (key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        /* See FIPS 186-4 section 5.5 item (e). */
-        bits = mp_count_bits(&key->n);
-        if (bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
-            saltLen = RSA_PSS_SALT_MAX_SZ;
-    #endif
-
-    verify = wc_RsaPSS_VerifyInline_ex(in, inLen, out, hash, mgf, saltLen, key);
-    if (verify > 0)
-        ret = wc_RsaPSS_CheckPadding_ex(digest, digestLen, *out, (word32)verify,
-                                        hash, saltLen, bits);
-    if (ret == 0)
-        ret = verify;
-
-    return ret;
-}
-
-
-/* Verify the message signed with RSA-PSS.
- * Salt length is equal to hash length.
- *
- * in     Buffer holding encrypted data.
- * inLen  Length of data in buffer.
- * out    Pointer to address containing the PSS data.
- * outLen Length of the output.
- * digest Hash of the data that is being verified.
- * digestLen Length of hash.
- * hash   Hash algorithm.
- * mgf    Mask generation function.
- * key    Public RSA key.
- * returns the length of the PSS data on success and negative indicates failure.
- */
-int wc_RsaPSS_VerifyCheck(const byte* in, word32 inLen, byte* out, word32 outLen,
-                          const byte* digest, word32 digestLen,
-                          enum wc_HashType hash, int mgf,
-                          RsaKey* key)
-{
-    int ret = 0, verify, saltLen, hLen, bits = 0;
-
-    hLen = wc_HashGetDigestSize(hash);
-    if (hLen < 0)
-        return hLen;
-    if ((word32)hLen != digestLen)
-        return BAD_FUNC_ARG;
-
-    saltLen = hLen;
-    #ifdef WOLFSSL_SHA512
-        if (key == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        /* See FIPS 186-4 section 5.5 item (e). */
-        bits = mp_count_bits(&key->n);
-        if (bits == 1024 && hLen == WC_SHA512_DIGEST_SIZE)
-            saltLen = RSA_PSS_SALT_MAX_SZ;
-    #endif
-
-    verify = wc_RsaPSS_Verify_ex(in, inLen, out, outLen, hash,
-                                 mgf, saltLen, key);
-    if (verify > 0)
-        ret = wc_RsaPSS_CheckPadding_ex(digest, digestLen, out, (word32)verify,
-                                        hash, saltLen, bits);
-    if (ret == 0)
-        ret = verify;
-
-    return ret;
-}
-
-#endif
-
-#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
-int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
-                                                   RsaKey* key, WC_RNG* rng)
-{
-    int ret;
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPublicEncryptEx(in, inLen, out, outLen, key,
-        RSA_PRIVATE_ENCRYPT, RSA_BLOCK_TYPE_1, WC_RSA_PKCSV15_PAD,
-        WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0, 0, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-
-#ifdef WC_RSA_PSS
-/* Sign the hash of a message using RSA-PSS.
- * Salt length is equal to hash length.
- *
- * in      Buffer holding hash of message.
- * inLen   Length of data in buffer (hash length).
- * out     Buffer to write encrypted signature into.
- * outLen  Size of buffer to write to.
- * hash    Hash algorithm.
- * mgf     Mask generation function.
- * key     Public RSA key.
- * rng     Random number generator.
- * returns the length of the encrypted signature on success, a negative value
- * indicates failure.
- */
-int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
-                       enum wc_HashType hash, int mgf, RsaKey* key, WC_RNG* rng)
-{
-    return wc_RsaPSS_Sign_ex(in, inLen, out, outLen, hash, mgf,
-                                            RSA_PSS_SALT_LEN_DEFAULT, key, rng);
-}
-
-/* Sign the hash of a message using RSA-PSS.
- *
- * in       Buffer holding hash of message.
- * inLen    Length of data in buffer (hash length).
- * out      Buffer to write encrypted signature into.
- * outLen   Size of buffer to write to.
- * hash     Hash algorithm.
- * mgf      Mask generation function.
- * saltLen  Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt
- *          length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER
- *          indicates salt length is determined from the data.
- * key      Public RSA key.
- * rng      Random number generator.
- * returns the length of the encrypted signature on success, a negative value
- * indicates failure.
- */
-int wc_RsaPSS_Sign_ex(const byte* in, word32 inLen, byte* out, word32 outLen,
-                      enum wc_HashType hash, int mgf, int saltLen, RsaKey* key,
-                      WC_RNG* rng)
-{
-    int ret;
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = RsaPublicEncryptEx(in, inLen, out, outLen, key,
-        RSA_PRIVATE_ENCRYPT, RSA_BLOCK_TYPE_1, WC_RSA_PSS_PAD,
-        hash, mgf, NULL, 0, saltLen, rng);
-    RESTORE_VECTOR_REGISTERS();
-    return ret;
-}
-#endif
-#endif
-
-int wc_RsaEncryptSize(const RsaKey* key)
-{
-    int ret;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = mp_unsigned_bin_size(&key->n);
-
-#ifdef WOLF_CRYPTO_CB
-    if (ret == 0 && key->devId != INVALID_DEVID) {
-        if (wc_CryptoCb_RsaGetSize(key, &ret) == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-            ret = 2048/8; /* hardware handles, use 2048-bit as default */
-        }
-    }
-#endif
-
-    return ret;
-}
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-/* flatten RsaKey structure into individual elements (e, n) */
-int wc_RsaFlattenPublicKey(const RsaKey* key, byte* e, word32* eSz, byte* n,
-                                                                   word32* nSz)
-{
-    int sz, ret;
-
-    if (key == NULL || e == NULL || eSz == NULL || n == NULL || nSz == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    sz = mp_unsigned_bin_size(&key->e);
-    if ((word32)sz > *eSz)
-        return RSA_BUFFER_E;
-    ret = mp_to_unsigned_bin(&key->e, e);
-    if (ret != MP_OKAY)
-        return ret;
-    *eSz = (word32)sz;
-
-    sz = wc_RsaEncryptSize(key);
-    if ((word32)sz > *nSz)
-        return RSA_BUFFER_E;
-    ret = mp_to_unsigned_bin(&key->n, n);
-    if (ret != MP_OKAY)
-        return ret;
-    *nSz = (word32)sz;
-
-    return 0;
-}
-#endif
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-static int RsaGetValue(const mp_int* in, byte* out, word32* outSz)
-{
-    word32 sz;
-    int ret = 0;
-
-    /* Parameters ensured by calling function. */
-
-    sz = (word32)mp_unsigned_bin_size(in);
-    if (sz > *outSz)
-        ret = RSA_BUFFER_E;
-
-    if (ret == 0)
-        ret = mp_to_unsigned_bin(in, out);
-
-    if (ret == MP_OKAY)
-        *outSz = sz;
-
-    return ret;
-}
-
-
-int wc_RsaExportKey(const RsaKey* key,
-                    byte* e, word32* eSz, byte* n, word32* nSz,
-                    byte* d, word32* dSz, byte* p, word32* pSz,
-                    byte* q, word32* qSz)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    if (key && e && eSz && n && nSz && d && dSz && p && pSz && q && qSz)
-        ret = 0;
-
-    if (ret == 0)
-        ret = RsaGetValue(&key->e, e, eSz);
-    if (ret == 0)
-        ret = RsaGetValue(&key->n, n, nSz);
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-    if (ret == 0)
-        ret = RsaGetValue(&key->d, d, dSz);
-    if (ret == 0)
-        ret = RsaGetValue(&key->p, p, pSz);
-    if (ret == 0)
-        ret = RsaGetValue(&key->q, q, qSz);
-#else
-    /* no private parts to key */
-    if (d == NULL || p == NULL || q == NULL || dSz == NULL || pSz == NULL
-            || qSz == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    else {
-        *dSz = 0;
-        *pSz = 0;
-        *qSz = 0;
-    }
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-
-    return ret;
-}
-#endif
-
-
-#if defined(WOLFSSL_KEY_GEN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-
-/* Check that |p-q| > 2^((size/2)-100) */
-static int wc_CompareDiffPQ(mp_int* p, mp_int* q, int size, int* valid)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int *c = NULL, *d = NULL;
-#else
-    mp_int c[1], d[1];
-#endif
-    int ret;
-
-    if (p == NULL || q == NULL)
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (((c = (mp_int *)XMALLOC(sizeof(*c), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
-        ((d = (mp_int *)XMALLOC(sizeof(*d), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL))
-        ret = MEMORY_E;
-    else
-        ret = 0;
-
-    if (ret == 0)
-#endif
-        ret = mp_init_multi(c, d, NULL, NULL, NULL, NULL);
-
-    /* c = 2^((size/2)-100) */
-    if (ret == 0)
-        ret = mp_2expt(c, (size/2)-100);
-
-    /* d = |p-q| */
-    if (ret == 0)
-        ret = mp_sub(p, q, d);
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    if (ret == 0)
-        mp_memzero_add("Compare PQ d", d);
-#endif
-
-#if !defined(WOLFSSL_SP_MATH) && (!defined(WOLFSSL_SP_MATH_ALL) || \
-                                               defined(WOLFSSL_SP_INT_NEGATIVE))
-    if (ret == 0)
-        ret = mp_abs(d, d);
-#endif
-
-    /* compare */
-    if (ret == 0)
-        *valid = (mp_cmp(d, c) == MP_GT);
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (d != NULL) {
-        mp_forcezero(d);
-        XFREE(d, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-    if (c != NULL) {
-        mp_clear(c);
-        XFREE(c, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-#else
-    mp_forcezero(d);
-    mp_clear(c);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    mp_memzero_check(d);
-#endif
-#endif
-
-    return ret;
-}
-
-
-/* The lower_bound value is floor(2^(0.5) * 2^((nlen/2)-1)) where nlen is 4096.
- * This number was calculated using a small test tool written with a common
- * large number math library. Other values of nlen may be checked with a subset
- * of lower_bound. */
-static const byte lower_bound[] = {
-    0xB5, 0x04, 0xF3, 0x33, 0xF9, 0xDE, 0x64, 0x84,
-    0x59, 0x7D, 0x89, 0xB3, 0x75, 0x4A, 0xBE, 0x9F,
-    0x1D, 0x6F, 0x60, 0xBA, 0x89, 0x3B, 0xA8, 0x4C,
-    0xED, 0x17, 0xAC, 0x85, 0x83, 0x33, 0x99, 0x15,
-/* 512 */
-    0x4A, 0xFC, 0x83, 0x04, 0x3A, 0xB8, 0xA2, 0xC3,
-    0xA8, 0xB1, 0xFE, 0x6F, 0xDC, 0x83, 0xDB, 0x39,
-    0x0F, 0x74, 0xA8, 0x5E, 0x43, 0x9C, 0x7B, 0x4A,
-    0x78, 0x04, 0x87, 0x36, 0x3D, 0xFA, 0x27, 0x68,
-/* 1024 */
-    0xD2, 0x20, 0x2E, 0x87, 0x42, 0xAF, 0x1F, 0x4E,
-    0x53, 0x05, 0x9C, 0x60, 0x11, 0xBC, 0x33, 0x7B,
-    0xCA, 0xB1, 0xBC, 0x91, 0x16, 0x88, 0x45, 0x8A,
-    0x46, 0x0A, 0xBC, 0x72, 0x2F, 0x7C, 0x4E, 0x33,
-    0xC6, 0xD5, 0xA8, 0xA3, 0x8B, 0xB7, 0xE9, 0xDC,
-    0xCB, 0x2A, 0x63, 0x43, 0x31, 0xF3, 0xC8, 0x4D,
-    0xF5, 0x2F, 0x12, 0x0F, 0x83, 0x6E, 0x58, 0x2E,
-    0xEA, 0xA4, 0xA0, 0x89, 0x90, 0x40, 0xCA, 0x4A,
-/* 2048 */
-    0x81, 0x39, 0x4A, 0xB6, 0xD8, 0xFD, 0x0E, 0xFD,
-    0xF4, 0xD3, 0xA0, 0x2C, 0xEB, 0xC9, 0x3E, 0x0C,
-    0x42, 0x64, 0xDA, 0xBC, 0xD5, 0x28, 0xB6, 0x51,
-    0xB8, 0xCF, 0x34, 0x1B, 0x6F, 0x82, 0x36, 0xC7,
-    0x01, 0x04, 0xDC, 0x01, 0xFE, 0x32, 0x35, 0x2F,
-    0x33, 0x2A, 0x5E, 0x9F, 0x7B, 0xDA, 0x1E, 0xBF,
-    0xF6, 0xA1, 0xBE, 0x3F, 0xCA, 0x22, 0x13, 0x07,
-    0xDE, 0xA0, 0x62, 0x41, 0xF7, 0xAA, 0x81, 0xC2,
-/* 3072 */
-    0xC1, 0xFC, 0xBD, 0xDE, 0xA2, 0xF7, 0xDC, 0x33,
-    0x18, 0x83, 0x8A, 0x2E, 0xAF, 0xF5, 0xF3, 0xB2,
-    0xD2, 0x4F, 0x4A, 0x76, 0x3F, 0xAC, 0xB8, 0x82,
-    0xFD, 0xFE, 0x17, 0x0F, 0xD3, 0xB1, 0xF7, 0x80,
-    0xF9, 0xAC, 0xCE, 0x41, 0x79, 0x7F, 0x28, 0x05,
-    0xC2, 0x46, 0x78, 0x5E, 0x92, 0x95, 0x70, 0x23,
-    0x5F, 0xCF, 0x8F, 0x7B, 0xCA, 0x3E, 0xA3, 0x3B,
-    0x4D, 0x7C, 0x60, 0xA5, 0xE6, 0x33, 0xE3, 0xE1
-/* 4096 */
-};
-
-
-/* returns 1 on key size ok and 0 if not ok */
-static WC_INLINE int RsaSizeCheck(int size)
-{
-    if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE) {
-        return 0;
-    }
-
-#ifdef HAVE_FIPS
-    /* Key size requirements for CAVP */
-    switch (size) {
-        case 1024:
-        case 2048:
-        case 3072:
-        case 4096:
-            return 1;
-    }
-
-    return 0;
-#else
-    return 1; /* allow unusual key sizes in non FIPS mode */
-#endif /* HAVE_FIPS */
-}
-
-
-static int _CheckProbablePrime(mp_int* p, mp_int* q, mp_int* e, int nlen,
-                                    int* isPrime, WC_RNG* rng)
-{
-    int ret;
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int *tmp1 = NULL, *tmp2 = NULL;
-#else
-    mp_int tmp1[1], tmp2[2];
-#endif
-    mp_int* prime;
-
-    if (p == NULL || e == NULL || isPrime == NULL)
-        return BAD_FUNC_ARG;
-
-    if (!RsaSizeCheck(nlen))
-        return BAD_FUNC_ARG;
-
-    *isPrime = MP_NO;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (((tmp1 = (mp_int *)XMALLOC(sizeof(*tmp1), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
-        ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL)) {
-        ret = MEMORY_E;
-        goto notOkay;
-    }
-#endif
-
-    ret = mp_init_multi(tmp1, tmp2, NULL, NULL, NULL, NULL);
-    if (ret != MP_OKAY) goto notOkay;
-
-    if (q != NULL) {
-        int valid = 0;
-        /* 5.4 (186-4) 5.5 (186-5) -
-         * check that |p-q| <= (2^(1/2))(2^((nlen/2)-1)) */
-        ret = wc_CompareDiffPQ(p, q, nlen, &valid);
-        if ((ret != MP_OKAY) || (!valid)) goto notOkay;
-        prime = q;
-    }
-    else
-        prime = p;
-
-    /* 4.4,5.5 (186-4) 4.4,5.4 (186-5) -
-     * Check that prime >= (2^(1/2))(2^((nlen/2)-1))
-     *           This is a comparison against lowerBound */
-    ret = mp_read_unsigned_bin(tmp1, lower_bound, (word32)nlen/16);
-    if (ret != MP_OKAY) goto notOkay;
-    ret = mp_cmp(prime, tmp1);
-    if (ret == MP_LT) goto exit;
-
-    /* 4.5,5.6 (186-4 & 186-5) - Check that GCD(p-1, e) == 1 */
-    ret = mp_sub_d(prime, 1, tmp1);  /* tmp1 = prime-1 */
-    if (ret != MP_OKAY) goto notOkay;
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    mp_memzero_add("Check Probable Prime tmp1", tmp1);
-#endif
-    ret = mp_gcd(tmp1, e, tmp2);  /* tmp2 = gcd(prime-1, e) */
-    if (ret != MP_OKAY) goto notOkay;
-    ret = mp_cmp_d(tmp2, 1);
-    if (ret != MP_EQ) goto exit; /* e divides p-1 */
-
-    /* 4.5.1,5.6.1 - Check primality of p with 8 rounds of M-R.
-     * mp_prime_is_prime_ex() performs test divisions against the first 256
-     * prime numbers. After that it performs 8 rounds of M-R using random
-     * bases between 2 and n-2.
-     * mp_prime_is_prime() performs the same test divisions and then does
-     * M-R with the first 8 primes. Both functions set isPrime as a
-     * side-effect. */
-    if (rng != NULL)
-        ret = mp_prime_is_prime_ex(prime, 8, isPrime, rng);
-    else
-        ret = mp_prime_is_prime(prime, 8, isPrime);
-    if (ret != MP_OKAY) goto notOkay;
-
-exit:
-    ret = MP_OKAY;
-
-notOkay:
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (tmp1 != NULL) {
-        mp_forcezero(tmp1);
-        XFREE(tmp1, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-    if (tmp2 != NULL) {
-        mp_clear(tmp2);
-        XFREE(tmp2, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    }
-#else
-    mp_forcezero(tmp1);
-    mp_clear(tmp2);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    mp_memzero_check(tmp1);
-#endif
-#endif
-
-    return ret;
-}
-
-
-int wc_CheckProbablePrime_ex(const byte* pRaw, word32 pRawSz,
-                          const byte* qRaw, word32 qRawSz,
-                          const byte* eRaw, word32 eRawSz,
-                          int nlen, int* isPrime, WC_RNG* rng)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int *p = NULL, *q = NULL, *e = NULL;
-#else
-    mp_int p[1], q[1], e[1];
-#endif
-    mp_int* Q = NULL;
-    int ret;
-
-    if (pRaw == NULL || pRawSz == 0 ||
-        eRaw == NULL || eRawSz == 0 ||
-        isPrime == NULL) {
-
-        return BAD_FUNC_ARG;
-    }
-
-    if ((qRaw != NULL && qRawSz == 0) || (qRaw == NULL && qRawSz != 0))
-        return BAD_FUNC_ARG;
-
-#ifdef WOLFSSL_SMALL_STACK
-
-    if (((p = (mp_int *)XMALLOC(sizeof(*p), NULL, DYNAMIC_TYPE_RSA_BUFFER)) == NULL) ||
-        ((q = (mp_int *)XMALLOC(sizeof(*q), NULL, DYNAMIC_TYPE_RSA_BUFFER)) == NULL) ||
-        ((e = (mp_int *)XMALLOC(sizeof(*e), NULL, DYNAMIC_TYPE_RSA_BUFFER)) == NULL))
-        ret = MEMORY_E;
-    else
-        ret = 0;
-    if (ret == 0)
-#endif
-        ret = mp_init_multi(p, q, e, NULL, NULL, NULL);
-
-    if (ret == MP_OKAY)
-        ret = mp_read_unsigned_bin(p, pRaw, pRawSz);
-
-    if (ret == MP_OKAY) {
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        mp_memzero_add("wc_CheckProbablePrime_ex p", p);
-    #endif
-        if (qRaw != NULL) {
-            ret = mp_read_unsigned_bin(q, qRaw, qRawSz);
-            if (ret == MP_OKAY) {
-            #ifdef WOLFSSL_CHECK_MEM_ZERO
-                mp_memzero_add("wc_CheckProbablePrime_ex q", q);
-            #endif
-                Q = q;
-            }
-        }
-    }
-
-    if (ret == MP_OKAY)
-        ret = mp_read_unsigned_bin(e, eRaw, eRawSz);
-
-    if (ret == MP_OKAY)
-        SAVE_VECTOR_REGISTERS(ret = _svr_ret;);
-
-    if (ret == 0) {
-        ret = _CheckProbablePrime(p, Q, e, nlen, isPrime, rng);
-        RESTORE_VECTOR_REGISTERS();
-    }
-
-    ret = (ret == MP_OKAY) ? 0 : PRIME_GEN_E;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (p != NULL) {
-        mp_forcezero(p);
-        XFREE(p, NULL, DYNAMIC_TYPE_RSA_BUFFER);
-    }
-    if (q != NULL) {
-        mp_forcezero(q);
-        XFREE(q, NULL, DYNAMIC_TYPE_RSA_BUFFER);
-    }
-    if (e != NULL) {
-        mp_clear(e);
-        XFREE(e, NULL, DYNAMIC_TYPE_RSA_BUFFER);
-    }
-#else
-    mp_forcezero(p);
-    mp_forcezero(q);
-    mp_clear(e);
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    mp_memzero_check(p);
-    mp_memzero_check(q);
-#endif
-#endif
-
-    return ret;
-}
-
-
-int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz,
-                          const byte* qRaw, word32 qRawSz,
-                          const byte* eRaw, word32 eRawSz,
-                          int nlen, int* isPrime)
-{
-    return wc_CheckProbablePrime_ex(pRaw, pRawSz, qRaw, qRawSz,
-                          eRaw, eRawSz, nlen, isPrime, NULL);
-}
-
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS) && \
-        defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
-/* Make an RSA key for size bits, with e specified, 65537 is a good e */
-int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
-{
-#ifndef WC_NO_RNG
-#if !defined(WOLFSSL_CRYPTOCELL) && \
-    (!defined(WOLFSSL_SE050) || defined(WOLFSSL_SE050_NO_RSA)) && \
-    !defined(WOLF_CRYPTO_CB_ONLY_RSA)
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int *p = NULL;
-    mp_int *q = NULL;
-    mp_int *tmp1 = NULL;
-    mp_int *tmp2 = NULL;
-    mp_int *tmp3 = NULL;
-#else
-    mp_int p_buf, *p = &p_buf;
-    mp_int q_buf, *q = &q_buf;
-    mp_int tmp1_buf, *tmp1 = &tmp1_buf;
-    mp_int tmp2_buf, *tmp2 = &tmp2_buf;
-    mp_int tmp3_buf, *tmp3 = &tmp3_buf;
-#endif /* WOLFSSL_SMALL_STACK */
-    int i, failCount, isPrime = 0;
-    word32 primeSz;
-#ifndef WOLFSSL_NO_MALLOC
-    byte* buf = NULL;
-#else
-    /* RSA_MAX_SIZE is the size of n in bits. */
-    byte buf[RSA_MAX_SIZE/16];
-#endif
-#endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */
-    int err;
-
-    if (key == NULL || rng == NULL) {
-        err = BAD_FUNC_ARG;
-        goto out;
-    }
-
-    if (!RsaSizeCheck(size)) {
-        err = BAD_FUNC_ARG;
-        goto out;
-    }
-
-    if (e < 3 || (e & 1) == 0) {
-        err = BAD_FUNC_ARG;
-        goto out;
-    }
-
-#if defined(WOLFSSL_CRYPTOCELL)
-    err = cc310_RSA_GenerateKeyPair(key, size, e);
-    goto out;
-#elif defined(WOLFSSL_SE050) && !defined(WOLFSSL_SE050_NO_RSA)
-    err = se050_rsa_create_key(key, size, e);
-    goto out;
-#else
-    /* software crypto */
-
-#ifdef WOLFSSL_SMALL_STACK
-    p = (mp_int *)XMALLOC(sizeof *p, key->heap, DYNAMIC_TYPE_RSA);
-    q = (mp_int *)XMALLOC(sizeof *q, key->heap, DYNAMIC_TYPE_RSA);
-    tmp1 = (mp_int *)XMALLOC(sizeof *tmp1, key->heap, DYNAMIC_TYPE_RSA);
-    tmp2 = (mp_int *)XMALLOC(sizeof *tmp2, key->heap, DYNAMIC_TYPE_RSA);
-    tmp3 = (mp_int *)XMALLOC(sizeof *tmp3, key->heap, DYNAMIC_TYPE_RSA);
-
-    if ((p == NULL) ||
-        (q == NULL) ||
-        (tmp1 == NULL) ||
-        (tmp2 == NULL) ||
-        (tmp3 == NULL)) {
-      err = MEMORY_E;
-      goto out;
-    }
-#endif
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    XMEMSET(p, 0, sizeof(*p));
-    XMEMSET(q, 0, sizeof(*q));
-    XMEMSET(tmp1, 0, sizeof(*tmp1));
-    XMEMSET(tmp2, 0, sizeof(*tmp2));
-    XMEMSET(tmp3, 0, sizeof(*tmp3));
-#endif
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (key->devId != INVALID_DEVID)
-    #endif
-    {
-        err = wc_CryptoCb_MakeRsaKey(key, size, e, rng);
-    #ifdef WOLF_CRYPTO_CB_ONLY_RSA
-        if (err == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-            err = NO_VALID_DEVID;
-            goto out;
-        }
-    #else
-        if (err != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-            goto out;
-        }
-        /* fall-through when unavailable */
-    #endif
-    }
-    #if !defined(WOLF_CRYPTO_CB_FIND) && defined(WOLF_CRYPTO_CB_ONLY_RSA)
-    else {
-        err = NO_VALID_DEVID;
-    }
-    #endif
-#endif
-
-#ifndef WOLF_CRYPTO_CB_ONLY_RSA
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \
-    defined(WC_ASYNC_ENABLE_RSA_KEYGEN)
-    if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_RSA) {
-    #ifdef HAVE_CAVIUM
-        /* TODO: Not implemented */
-    #elif defined(HAVE_INTEL_QA)
-        err = IntelQaRsaKeyGen(&key->asyncDev, key, size, e, rng);
-        goto out;
-    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
-        if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_RSA_MAKE)) {
-            WC_ASYNC_SW* sw = &key->asyncDev.sw;
-            sw->rsaMake.rng = rng;
-            sw->rsaMake.key = key;
-            sw->rsaMake.size = size;
-            sw->rsaMake.e = e;
-            err = WC_PENDING_E;
-            goto out;
-        }
-    #endif
-    }
-#endif
-
-    err = mp_init_multi(p, q, tmp1, tmp2, tmp3, NULL);
-
-    if (err == MP_OKAY)
-        err = mp_set_int(tmp3, (unsigned long)e);
-
-    /* The failCount value comes from NIST FIPS 186-4, section B.3.3,
-     * process steps 4.7 and 5.8. */
-    failCount = 5 * (size / 2);
-    primeSz = (word32)size / 16; /* size is the size of n in bits.
-                            primeSz is in bytes. */
-
-#ifndef WOLFSSL_NO_MALLOC
-    /* allocate buffer to work with */
-    if (err == MP_OKAY) {
-        buf = (byte*)XMALLOC(primeSz, key->heap, DYNAMIC_TYPE_RSA);
-        if (buf == NULL)
-            err = MEMORY_E;
-    }
-#endif
-
-    SAVE_VECTOR_REGISTERS(err = _svr_ret;);
-
-    /* make p */
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Add("RSA gen buf", buf, primeSz);
-        mp_memzero_add("RSA gen p", p);
-        mp_memzero_add("RSA gen q", q);
-        mp_memzero_add("RSA gen tmp1", tmp1);
-        mp_memzero_add("RSA gen tmp2", tmp2);
-        mp_memzero_add("RSA gen tmp3", tmp3);
-    #endif
-        isPrime = 0;
-        i = 0;
-        for (;;) {
-#ifdef SHOW_GEN
-            printf(".");
-            fflush(stdout);
-#endif
-            /* generate value */
-            err = wc_RNG_GenerateBlock(rng, buf, primeSz);
-            if (err == 0) {
-                /* prime lower bound has the MSB set, set it in candidate */
-                buf[0] |= 0x80;
-                /* make candidate odd */
-                buf[primeSz-1] |= 0x01;
-                /* load value */
-                err = mp_read_unsigned_bin(p, buf, primeSz);
-            }
-
-            if (err == MP_OKAY)
-                err = _CheckProbablePrime(p, NULL, tmp3, size, &isPrime, rng);
-
-#ifdef HAVE_FIPS
-            i++;
-#else
-            /* Keep the old retry behavior in non-FIPS build. */
-#endif
-
-            if (err != MP_OKAY || isPrime || i >= failCount)
-                break;
-
-            /* linuxkm: release the kernel for a moment before iterating. */
-            RESTORE_VECTOR_REGISTERS();
-            SAVE_VECTOR_REGISTERS(err = _svr_ret; break;);
-        };
-    }
-
-    if (err == MP_OKAY && !isPrime)
-        err = PRIME_GEN_E;
-
-    /* make q */
-    if (err == MP_OKAY) {
-        isPrime = 0;
-        i = 0;
-        do {
-#ifdef SHOW_GEN
-            printf(".");
-            fflush(stdout);
-#endif
-            /* generate value */
-            err = wc_RNG_GenerateBlock(rng, buf, primeSz);
-            if (err == 0) {
-                /* prime lower bound has the MSB set, set it in candidate */
-                buf[0] |= 0x80;
-                /* make candidate odd */
-                buf[primeSz-1] |= 0x01;
-                /* load value */
-                err = mp_read_unsigned_bin(q, buf, primeSz);
-            }
-
-            if (err == MP_OKAY)
-                err = _CheckProbablePrime(p, q, tmp3, size, &isPrime, rng);
-
-#ifndef WC_RSA_NO_FERMAT_CHECK
-            if (err == MP_OKAY && isPrime) {
-                /* Fermat's Factorization works when difference between p and q
-                 * is less than (conservatively):
-                 *     n^(1/4) + 32
-                 *  ~= 2^(bit count of n)^(1/4) + 32)
-                 *   = 2^((bit count of n)/4 + 32)
-                 */
-                err = mp_sub(p, q, tmp1);
-                if (err == MP_OKAY && mp_count_bits(tmp1) <= (size / 4) + 32) {
-                    isPrime = 0;
-                }
-            }
-#endif
-
-#ifdef HAVE_FIPS
-            i++;
-#else
-            /* Keep the old retry behavior in non-FIPS build. */
-            (void)i;
-#endif
-        } while (err == MP_OKAY && !isPrime && i < failCount);
-    }
-
-    if (err == MP_OKAY && !isPrime)
-        err = PRIME_GEN_E;
-
-#ifndef WOLFSSL_NO_MALLOC
-    if (buf) {
-        ForceZero(buf, primeSz);
-        XFREE(buf, key->heap, DYNAMIC_TYPE_RSA);
-    }
-#else
-    ForceZero(buf, primeSz);
-#endif
-
-    if (err == MP_OKAY && mp_cmp(p, q) < 0) {
-        err = mp_copy(p, tmp1);
-        if (err == MP_OKAY)
-            err = mp_copy(q, p);
-        if (err == MP_OKAY)
-            mp_copy(tmp1, q);
-    }
-
-    /* Setup RsaKey buffers */
-    if (err == MP_OKAY)
-        err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL);
-    if (err == MP_OKAY)
-        err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL);
-
-    /* Software Key Calculation */
-    if (err == MP_OKAY)                /* tmp1 = p-1 */
-        err = mp_sub_d(p, 1, tmp1);
-    if (err == MP_OKAY)                /* tmp2 = q-1 */
-        err = mp_sub_d(q, 1, tmp2);
-#ifdef WC_RSA_BLINDING
-    if (err == MP_OKAY)                /* tmp3 = order of n */
-        err = mp_mul(tmp1, tmp2, tmp3);
-#else
-    if (err == MP_OKAY)                /* tmp3 = lcm(p-1, q-1), last loop */
-        err = mp_lcm(tmp1, tmp2, tmp3);
-#endif
-    /* make key */
-    if (err == MP_OKAY)                /* key->e = e */
-        err = mp_set_int(&key->e, (unsigned long)e);
-#ifdef WC_RSA_BLINDING
-    /* Blind the inverse operation with a value that is invertable */
-    if (err == MP_OKAY) {
-        do {
-            err = mp_rand(&key->p, mp_get_digit_count(tmp3), rng);
-            if (err == MP_OKAY)
-                err = mp_set_bit(&key->p, 0);
-            if (err == MP_OKAY)
-                err = mp_set_bit(&key->p, size - 1);
-            if (err == MP_OKAY)
-                err = mp_gcd(&key->p, tmp3, &key->q);
-        }
-        while ((err == MP_OKAY) && !mp_isone(&key->q));
-    }
-    /* 8/16-bit word size requires a full multiply when e=0x10001 */
-    if (err == MP_OKAY)
-        err = mp_mul(&key->p, &key->e, &key->e);
-#endif
-    if (err == MP_OKAY)                /* key->d = 1/e mod lcm(p-1, q-1) */
-        err = mp_invmod(&key->e, tmp3, &key->d);
-#ifdef WC_RSA_BLINDING
-    /* Take off blinding from d and reset e */
-    if (err == MP_OKAY)
-        err = mp_mulmod(&key->d, &key->p, tmp3, &key->d);
-    if (err == MP_OKAY)
-        err = mp_set_int(&key->e, (unsigned long)e);
-#endif
-    if (err == MP_OKAY)                /* key->n = pq */
-        err = mp_mul(p, q, &key->n);
-    if (err == MP_OKAY)                /* key->dP = d mod(p-1) */
-        err = mp_mod(&key->d, tmp1, &key->dP);
-    if (err == MP_OKAY)                /* key->dQ = d mod(q-1) */
-        err = mp_mod(&key->d, tmp2, &key->dQ);
-#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
-    if (err == MP_OKAY)                /* key->u = 1/q mod p */
-        err = mp_invmod(q, p, &key->u);
-#else
-    if (err == MP_OKAY)
-        err = mp_sub_d(p, 2, tmp3);
-    if (err == MP_OKAY)                /* key->u = 1/q mod p = q^p-2 mod p */
-        err = mp_exptmod(q, tmp3, p, &key->u);
-#endif
-    if (err == MP_OKAY)
-        err = mp_copy(p, &key->p);
-    if (err == MP_OKAY)
-        err = mp_copy(q, &key->q);
-
-#ifdef HAVE_WOLF_BIGINT
-    /* make sure raw unsigned bin version is available */
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->n, &key->n.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->e, &key->e.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->d, &key->d.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->p, &key->p.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->q, &key->q.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->dP, &key->dP.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->dQ, &key->dQ.raw);
-    if (err == MP_OKAY)
-         err = wc_mp_to_bigint(&key->u, &key->u.raw);
-#endif
-
-    if (err == MP_OKAY)
-        key->type = RSA_PRIVATE;
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-    if (err == MP_OKAY) {
-        mp_memzero_add("Make RSA key d", &key->d);
-        mp_memzero_add("Make RSA key p", &key->p);
-        mp_memzero_add("Make RSA key q", &key->q);
-        mp_memzero_add("Make RSA key dP", &key->dP);
-        mp_memzero_add("Make RSA key dQ", &key->dQ);
-        mp_memzero_add("Make RSA key u", &key->u);
-    }
-#endif
-
-    if (err != WC_NO_ERR_TRACE(WC_ACCEL_INHIBIT_E))
-        RESTORE_VECTOR_REGISTERS();
-
-    /* Last value p - 1. */
-    mp_forcezero(tmp1);
-    /* Last value q - 1. */
-    mp_forcezero(tmp2);
-    /* Last value p - 2. */
-    mp_forcezero(tmp3);
-    mp_forcezero(p);
-    mp_forcezero(q);
-
-#ifdef WOLFSSL_RSA_KEY_CHECK
-    /* Perform the pair-wise consistency test on the new key. */
-    if (err == 0)
-        err = _ifc_pairwise_consistency_test(key, rng);
-#endif
-
-    if (err != 0) {
-        wc_FreeRsaKey(key);
-        goto out;
-    }
-
-#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL)
-    if (wc_InitRsaHw(key) != 0) {
-        return BAD_STATE_E;
-    }
-#endif
-
-    err = 0;
-#endif /* WOLF_CRYPTO_CB_ONLY_RSA */
-#endif /* WOLFSSL_CRYPTOCELL / SW only */
-  out:
-
-#if !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SE050)
-#ifdef WOLFSSL_SMALL_STACK
-    if (key != NULL) {
-        XFREE(p, key->heap, DYNAMIC_TYPE_RSA);
-        XFREE(q, key->heap, DYNAMIC_TYPE_RSA);
-        XFREE(tmp1, key->heap, DYNAMIC_TYPE_RSA);
-        XFREE(tmp2, key->heap, DYNAMIC_TYPE_RSA);
-        XFREE(tmp3, key->heap, DYNAMIC_TYPE_RSA);
-    }
-#elif defined(WOLFSSL_CHECK_MEM_ZERO)
-    mp_memzero_check(p);
-    mp_memzero_check(q);
-    mp_memzero_check(tmp1);
-    mp_memzero_check(tmp2);
-    mp_memzero_check(tmp3);
-#endif /* WOLFSSL_SMALL_STACK */
-#endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */
-
-    return err;
-
-#else
-    return NOT_COMPILED_IN;
-#endif
-}
-#endif /* !FIPS || FIPS_VER >= 2 */
-#endif /* WOLFSSL_KEY_GEN */
-
-
-#ifdef WC_RSA_BLINDING
-int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng)
-{
-    if (key == NULL || rng == NULL)
-        return BAD_FUNC_ARG;
-
-    key->rng = rng;
-
-    return 0;
-}
-#endif /* WC_RSA_BLINDING */
-
-#ifdef WC_RSA_NONBLOCK
-int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-
-    if (nb) {
-        XMEMSET(nb, 0, sizeof(RsaNb));
-    }
-
-    /* Allow nb == NULL to clear non-block mode */
-    key->nb = nb;
-
-    return 0;
-}
-#ifdef WC_RSA_NONBLOCK_TIME
-int wc_RsaSetNonBlockTime(RsaKey* key, word32 maxBlockUs, word32 cpuMHz)
-{
-    if (key == NULL || key->nb == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* calculate maximum number of instructions to block */
-    key->nb->exptmod.maxBlockInst = cpuMHz * maxBlockUs;
-
-    return 0;
-}
-#endif /* WC_RSA_NONBLOCK_TIME */
-#endif /* WC_RSA_NONBLOCK */
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
-/*
- * Calculate  y = d mod(x-1)
- */
-static int CalcDX(mp_int* y, mp_int* x, mp_int* d)
-{
-    int err;
-#ifndef WOLFSSL_SMALL_STACK
-    mp_int  m[1];
-#else
-    mp_int* m = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-    if (m == NULL)
-        return MEMORY_E;
-#endif
-
-    err = mp_init(m);
-    if (err == MP_OKAY) {
-        err = mp_sub_d(x, 1, m);
-        if (err == MP_OKAY)
-            err = mp_mod(d, m, y);
-        mp_forcezero(m);
-    }
-
-    WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_WOLF_BIGINT);
-
-    return err;
-}
-#endif
-
-int wc_RsaPrivateKeyDecodeRaw(const byte* n, word32 nSz,
-        const byte* e, word32 eSz, const byte* d, word32 dSz,
-        const byte* u, word32 uSz, const byte* p, word32 pSz,
-        const byte* q, word32 qSz, const byte* dP, word32 dPSz,
-        const byte* dQ, word32 dQSz, RsaKey* key)
-{
-    int err = MP_OKAY;
-
-    if (n == NULL || nSz == 0 || e == NULL || eSz == 0
-            || d == NULL || dSz == 0 || p == NULL || pSz == 0
-            || q == NULL || qSz == 0 || key == NULL) {
-        err = BAD_FUNC_ARG;
-    }
-
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
-    if (err == MP_OKAY) {
-        if ((u == NULL || uSz == 0)
-                || (dP != NULL && dPSz == 0)
-                || (dQ != NULL && dQSz == 0)) {
-            err = BAD_FUNC_ARG;
-        }
-    }
-#else
-    (void)u;
-    (void)uSz;
-    (void)dP;
-    (void)dPSz;
-    (void)dQ;
-    (void)dQSz;
-#endif
-
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(&key->n, n, nSz);
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(&key->e, e, eSz);
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(&key->d, d, dSz);
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(&key->p, p, pSz);
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(&key->q, q, qSz);
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
-    if (err == MP_OKAY)
-        err = mp_read_unsigned_bin(&key->u, u, uSz);
-    if (err == MP_OKAY) {
-        if (dP != NULL)
-            err = mp_read_unsigned_bin(&key->dP, dP, dPSz);
-        else
-            err = CalcDX(&key->dP, &key->p, &key->d);
-    }
-    if (err == MP_OKAY) {
-        if (dQ != NULL)
-            err = mp_read_unsigned_bin(&key->dQ, dQ, dQSz);
-        else
-            err = CalcDX(&key->dQ, &key->q, &key->d);
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        key->type = RSA_PRIVATE;
-    }
-    else if (key != NULL) {
-        mp_clear(&key->n);
-        mp_clear(&key->e);
-        mp_clear(&key->d);
-        mp_clear(&key->p);
-        mp_clear(&key->q);
-#if defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)
-        mp_clear(&key->u);
-        mp_clear(&key->dP);
-        mp_clear(&key->dQ);
-#endif
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-
-#endif /* NO_RSA */
diff --git a/src/ssl/wolfssl/wolfcrypt/sakke.c b/src/ssl/wolfssl/wolfcrypt/sakke.c
deleted file mode 100644
index 155c8c5d4..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sakke.c
+++ /dev/null
@@ -1,6955 +0,0 @@
-/* sakke.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-    #include <wolfssl/wolfcrypt/sp.h>
-#endif
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-
-#include <wolfssl/wolfcrypt/sakke.h>
-#include <wolfssl/wolfcrypt/asn_public.h>
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && !defined(WOLFSSL_SP_ASM)
-    /* force off unneeded vector register save/restore. */
-    #undef SAVE_VECTOR_REGISTERS
-    #define SAVE_VECTOR_REGISTERS(fail_clause) SAVE_NO_VECTOR_REGISTERS(fail_clause)
-    #undef RESTORE_VECTOR_REGISTERS
-    #define RESTORE_VECTOR_REGISTERS() RESTORE_NO_VECTOR_REGISTERS()
-#endif
-
-#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
-    /* FIPS build has replaced ecc.h. */
-    #define wc_ecc_key_get_priv(key) (&((key)->k))
-    #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
-#endif
-
-/* SAKKE Build Options:
- * WOLFSSL_SAKKE_SMALL:          Small code size version of SAKKE.
- * WOLFSSL_SAKKE_SMALL_MODEXP:   Small code size for just SAKKE modexp.
- */
-
-
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-/*
- * Initialize the client components of the SAKKE key.
- *
- * @param  [in]  key      SAKKE key to initialize.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_init_client(SakkeKey* key)
-{
-    int err = 0;
-
-    key->tmp.p1 = wc_ecc_new_point_h(key->ecc.heap);
-    if (key->tmp.p1 == NULL) {
-        err = MEMORY_E;
-    }
-    if (err == 0) {
-        key->tmp.p2 = wc_ecc_new_point_h(key->ecc.heap);
-        if (key->tmp.p2 == NULL) {
-            err = MEMORY_E;
-        }
-    }
-    if (err == 0) {
-        key->tmp.p3 = wc_ecc_new_point_h(key->ecc.heap);
-        if (key->tmp.p3 == NULL) {
-            err = MEMORY_E;
-        }
-    }
-    if (err == 0) {
-        key->rsk.rsk = wc_ecc_new_point_h(key->ecc.heap);
-        if (key->rsk.rsk == NULL) {
-            err = MEMORY_E;
-        }
-    }
-    if (err == 0) {
-        key->i.i = wc_ecc_new_point_h(key->ecc.heap);
-        if (key->i.i == NULL) {
-            err = MEMORY_E;
-        }
-    }
-
-    return err;
-}
-#endif
-
-/**
- * Initialize the components of the SAKKE key.
- *
- * Must be called before performing any operations.
- * Free the SAKKE key with wc_FreeSakkeKey() when no longer needed.
- *
- * @param  [in]  key      SAKKE key to initialize.
- * @param  [in]  keySize  Size of the curve. For SAKKE set 1, use 128.
- * @param  [in]  curveId  ID of curve. For SAKKE set 1, use ECC_SAKKE_1.
- * @param  [in]  heap     Heap hint.
- * @param  [in]  devId    Device identifier.
- *                        Use INVALID_DEVID when no device used.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_InitSakkeKey_ex(SakkeKey* key, int keySize, int curveId, void* heap,
-        int devId)
-{
-    int err = 0;
-    SakkeKeyParams* params = NULL;
-
-    if (key == NULL) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        XMEMSET(key, 0, sizeof(*key));
-        key->heap = heap;
-        params = &key->params;
-
-        err = wc_ecc_init_ex(&key->ecc, heap, devId);
-    }
-    if (err == 0) {
-        err = wc_ecc_set_curve(&key->ecc, keySize, curveId);
-    }
-    if (err == 0) {
-        params->base = wc_ecc_new_point_h(key->ecc.heap);
-        if (params->base == NULL) {
-            err = MEMORY_E;
-        }
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-        if (err == 0) {
-            err = sakke_init_client(key);
-        }
-#endif
-        if (err == 0) {
-            err = mp_init_multi(&params->prime, &params->q, &params->g,
-                    &params->a, &key->tmp.m1,
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-                    &key->tmp.m2
-#else
-                    NULL
-#endif
-                    );
-        }
-        if (err == 0) {
-            key->mpInit = 1;
-        }
-
-        if (err != 0) {
-            wc_FreeSakkeKey(key);
-        }
-    }
-
-    return err;
-}
-
-/**
- * Initialize the components of the SAKKE key.
- *
- * Must be called before performing any operations.
- * Free the SAKKE key with wc_FreeSakkeKey() when no longer needed.
- *
- * @param  [in]  key      SAKKE key to initialize.
- * @param  [in]  heap     Heap hint.
- * @param  [in]  devId    Device identifier.
- *                        Use INVALID_DEVID when no device used.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_InitSakkeKey(SakkeKey* key, void* heap, int devId)
-{
-    return wc_InitSakkeKey_ex(key, 128, ECC_SAKKE_1, heap, devId);
-}
-
-/**
- * Frees memory associated with components of the SAKKE key.
- *
- * Must be called when finished with the SAKKE key.
- *
- * @param  [in]  key  SAKKE key.
- */
-void wc_FreeSakkeKey(SakkeKey* key)
-{
-    if (key != NULL) {
-        SakkeKeyParams* params = &key->params;
-
-        if (key->mpInit) {
-            mp_free(&params->prime);
-            mp_free(&params->q);
-            mp_free(&params->g);
-            mp_free(&params->a);
-            mp_free(&key->tmp.m1);
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-            mp_free(&key->tmp.m2);
-#endif
-        }
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-        if (key->i.i != NULL) {
-            wc_ecc_del_point_h(key->i.i, key->ecc.heap);
-        }
-        if (key->rsk.rsk != NULL) {
-            wc_ecc_del_point_h(key->rsk.rsk, key->ecc.heap);
-        }
-        if (key->tmp.p3 != NULL) {
-            wc_ecc_del_point_h(key->tmp.p3, key->ecc.heap);
-        }
-        if (key->tmp.p2 != NULL) {
-            wc_ecc_del_point_h(key->tmp.p2, key->ecc.heap);
-        }
-        if (key->tmp.p1 != NULL) {
-            wc_ecc_del_point_h(key->tmp.p1, key->ecc.heap);
-        }
-#endif
-        if (params->base != NULL) {
-            wc_ecc_del_point_h(params->base, key->ecc.heap);
-        }
-        wc_ecc_free(&key->ecc);
-    }
-}
-
-/*
- * Load order (q), prime (p) and a, hex strings in ECC object, into fields of
- * key.
- *
- * Flags that the p, q and a are available so it isn't loaded multiple times.
- *
- * @param  [in]  key  SAKKE key.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_load_params(SakkeKey* key)
-{
-    int err = 0;
-    SakkeKeyParams* params = &key->params;
-
-    if (!params->havePrime) {
-        /* Load prime or modulus from string. */
-        err = mp_read_radix(&params->prime, key->ecc.dp->prime, MP_RADIX_HEX);
-        if (err == 0) {
-            params->havePrime = 1;
-        }
-    }
-    if (!params->haveQ) {
-        /* Load order from string. */
-        err = mp_read_radix(&params->q, key->ecc.dp->order, MP_RADIX_HEX);
-        if (err == 0) {
-            params->haveQ = 1;
-        }
-    }
-    if (!params->haveA) {
-        /* Load parameter A from string. */
-        err = mp_read_radix(&params->a, key->ecc.dp->Af, MP_RADIX_HEX);
-        if (err == 0) {
-            params->haveA = 1;
-        }
-    }
-
-    return err;
-}
-
-/*
- * Load the base point, hex encoded in the ECC object, as an ecc_point.
- *
- * @param  [in]   key   SAKKE key.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_load_base_point(SakkeKey* key)
-{
-    int err = 0;
-    SakkeKeyParams* params = &key->params;
-
-    if (!params->haveBase) {
-        /* Load base point modulus from string. */
-        err = mp_read_radix(params->base->x, key->ecc.dp->Gx, MP_RADIX_HEX);
-        if (err == 0) {
-            err = mp_read_radix(params->base->y, key->ecc.dp->Gy, MP_RADIX_HEX);
-        }
-        if (err == 0) {
-            /* Affine coordinates have a Z of 1 in Jacobian. */
-            err = mp_set(params->base->z, 1);
-        }
-        if (err == 0) {
-            /* Base point loaded. */
-            params->haveBase = 1;
-        }
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-/*
- * Scalar multiply the base point.
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   n     MP integer that is the scalar.
- * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine coordinates.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
-        int map)
-{
-    int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-#ifdef WOLFSSL_SP_1024
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
-        err = sp_ecc_mulmod_base_1024(n, res, map, key->heap);
-    }
-    else
-#endif
-    {
-        err = NOT_COMPILED_IN;
-    }
-
-    return err;
-}
-
-/*
- * Scalar multiply the base point and add a point.
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   n     MP integer that is the scalar.
- * @param  [in]   a     ECC point to add.
- * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine coordinates.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n,
-        const ecc_point* a, ecc_point* res, int map)
-{
-    int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-#ifdef WOLFSSL_SP_1024
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
-        err = sp_ecc_mulmod_base_add_1024(n, a, 0, res, map, key->heap);
-    }
-    else
-#endif
-    {
-        err = NOT_COMPILED_IN;
-    }
-
-    return err;
-}
-#else
-/*
- * Scalar multiply the base point.
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   n     MP integer that is the scalar.
- * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine coordinates.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
-        int map)
-{
-    int err;
-    SakkeKeyParams* params = &key->params;
-
-    err = wc_ecc_mulmod(n, params->base, res, &params->a, &params->prime, map);
-
-    return err;
-}
-
-/*
- * Scalar multiply the base point and add a point.
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   n     MP integer that is the scalar.
- * @param  [in]   a     ECC point to add. Point ordinates must be in Montgomery
- *                      form.
- * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine coordinates.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n, ecc_point* a,
-        ecc_point* res, int map)
-{
-    int err;
-    mp_digit mp = 0;
-    SakkeKeyParams* params = &key->params;
-
-    /* Scalar multiply base by n - leaves ordinates in Montgomery form. */
-    err = wc_ecc_mulmod(n, params->base, res, &params->a, &params->prime, 0);
-    if (err == 0) {
-        err = mp_montgomery_setup(&params->prime, &mp);
-    }
-    if (err == 0) {
-        /* Add a to result. */
-        err = ecc_projective_add_point(res, a, res, &params->a,
-                &params->prime, mp);
-    }
-    if ((err == 0) && map) {
-        /* Map result back to affine coordinates. */
-        err = ecc_map(res, &params->prime, mp);
-    }
-
-    return err;
-}
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-/*
- * Scalar multiply a point.
- *
- * @param  [in]   key    SAKKE key.
- * @param  [in]   n      MP integer that is the scalar.
- * @param  [in]   p      ECC point to multiply.
- * @param  [in]   table  Precomputation table for p. May be NULL.
- * @param  [out]  res    ECC point to hold the result.
- * @param  [in]   map    Map the result to affine coordinates.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_mulmod_point(SakkeKey* key, const mp_int* n,
-        const ecc_point* p, byte* table, ecc_point* res, int map)
-{
-    int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-#ifdef WOLFSSL_SP_1024
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
-        if (table == NULL) {
-            err = sp_ecc_mulmod_1024(n, p, res, map, key->heap);
-        }
-        else {
-            err = sp_ecc_mulmod_table_1024(n, p, table, res, map, key->heap);
-        }
-    }
-    else
-#endif
-    {
-        err = NOT_COMPILED_IN;
-    }
-
-    return err;
-}
-#else
-/*
- * Scalar multiply a point.
- *
- * @param  [in]   key    SAKKE key.
- * @param  [in]   n      MP integer that is the scalar.
- * @param  [in]   p      ECC point to multiply.
- * @param  [in]   table  Precomputation table for p. May be NULL.
- * @param  [out]  res    ECC point to hold the result.
- * @param  [in]   map    Map the result to affine coordinates.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_mulmod_point(SakkeKey* key, const mp_int* n, ecc_point* p,
-        const byte* table, ecc_point* res, int map)
-{
-    int err;
-    SakkeKeyParams* params = &key->params;
-
-    err = wc_ecc_mulmod(n, p, res, &params->a, &params->prime, map);
-
-    (void)table;
-    return err;
-}
-#endif
-
-#ifdef WOLFCRYPT_SAKKE_KMS
-/**
- * Generate KMS Master Secret (z_T) and KMS Public Key (Z_T).
- *
- * RFC 6508, Section 4.1
- *
- * Called when establishing a new KMS.\n
- * z_T must be kept secret while Z_T is required by clients for encapsulating
- * and deriving.
- * Export key using wc_ExportSakkeKey(), once generated, to reuse the key.\n
- * Export KPAK using wc_ExportSakkePublicKey(), once generate to send to
- * clients.
- *
- * @param  [in]  key      SAKKE key.
- * @param  [in]  rng      Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rng is NULL.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-int wc_MakeSakkeKey(SakkeKey* key, WC_RNG* rng)
-{
-    int err = 0;
-    int digits = 0;
-
-    if ((key == NULL) || (rng == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        digits = (key->ecc.dp->size * 8 + DIGIT_BIT - 1) / DIGIT_BIT;
-
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-    if (err == 0) {
-        int genTryCnt = 0;
-
-        /* Generate a random number that is not 0 - master secret. */
-        do {
-            /* Don't infinitely loop on random number generation failure. */
-            if ((++genTryCnt) > SAKKE_MAX_GEN_COUNT) {
-                err = RNG_FAILURE_E;
-            }
-            if (err == 0) {
-                err = mp_rand(wc_ecc_key_get_priv(&key->ecc), digits, rng);
-            }
-            if (err == 0) {
-                err = mp_mod(wc_ecc_key_get_priv(&key->ecc), &key->params.q,
-                    wc_ecc_key_get_priv(&key->ecc));
-            }
-        }
-        while ((err == 0) && mp_iszero(wc_ecc_key_get_priv(&key->ecc)));
-    }
-    if (err == 0) {
-        /* Calculate public key by multiply master secret by base point. */
-        err = sakke_mulmod_base(key, wc_ecc_key_get_priv(&key->ecc),
-            &key->ecc.pubkey, 1);
-    }
-    if (err == 0) {
-        key->ecc.type = ECC_PRIVATEKEY;
-    }
-
-    return err;
-}
-
-/**
- * Generates the KMS Public Key (Z_T) from the KMS Master Secret (z_T).
- *
- * Only z_T is required to calculate Receiver Secret Key (RSK).
- *
- * @param  [in]   key  SAKKE key.
- * @param  [out]  pub  ECC point containing KPAK.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or pub is NULL.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-int wc_MakeSakkePublicKey(SakkeKey* key, ecc_point* pub)
-{
-    int err = 0;
-
-    if ((key == NULL) || (pub == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-    if (err == 0) {
-        err = sakke_mulmod_base(key, wc_ecc_key_get_priv(&key->ecc), pub, 1);
-    }
-
-    return err;
-}
-
-/**
- * Export the SAKKE key as encoded public/private ECC key.
- *
- * Use when saving the KMS key pair.
- *
- * Private key, x ordinate of public key and y ordinate of public key
- * concatenated. Each number is zero padded to key size.
- *
- * @param  [in]      key   SAKKE key.
- * @param  [out]     data  Buffer to hold encoded SAKKE key.
- * @param  [in,out]  sz    In, size of buffer in bytes.
- *                         Out, size of encoded SAKKE key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when size of buffer is too small.
- */
-int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (data == NULL)) {
-        *sz = (word32)(3 * key->ecc.dp->size);
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err >= 0) && (*sz < (word32)(3 * key->ecc.dp->size))) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        /* Write out the secret value into key size bytes. */
-        err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
-            key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Write out the public key point's x ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(key->ecc.pubkey.x, data,
-                key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Write out the public key point's y ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(key->ecc.pubkey.y, data,
-                key->ecc.dp->size);
-    }
-    if (err == 0) {
-        *sz = (word32)(3 * key->ecc.dp->size);
-    }
-
-    return err;
-}
-
-/**
- * Import the SAKKE key as DER encoded public/private ECC key.
- *
- * Use when restoring the KMS key pair.
- *
- * Private key, x ordinate of public key and y ordinate of public key
- * concatenated. Each number is zero padded to key size.
- *
- * @param  [in]  key   SAKKE key.
- * @param  [in]  data  Buffer holding encoded SAKKE key.
- * @param  [in]  sz    Size of encoded SAKKE key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or data is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_ImportSakkeKey(SakkeKey* key, const byte* data, word32 sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (sz != (word32)key->ecc.dp->size * 3)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        /* Read the secret value from key size bytes. */
-        err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
-            (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Read the public key point's x value from key size bytes. */
-        err = mp_read_unsigned_bin(key->ecc.pubkey.x, data,
-            (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Read the public key point's y value from key size bytes. */
-        err = mp_read_unsigned_bin(key->ecc.pubkey.y, data,
-            (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        err = mp_set(key->ecc.pubkey.z, 1);
-    }
-    if (err == 0) {
-        key->ecc.type = ECC_PRIVATEKEY;
-    }
-
-    return err;
-}
-
-/**
- * Export the SAKKE key as DER encoded private ECC key.
- *
- * Use when saving the KMS private key.
- *
- * Private key zero padded to key size.
- *
- * @param  [in]      key   SAKKE key.
- * @param  [out]     data  Buffer to hold encoded SAKKE key.
- * @param  [in,out]  sz    In, size of buffer in bytes.
- *                         Out, size of encoded SAKKE key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz is set.
- * @return  BUFFER_E when size of buffer is too small.
- */
-int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (data == NULL)) {
-        *sz = (word32)key->ecc.dp->size;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err >= 0) && (*sz < (word32)key->ecc.dp->size)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        /* Write out the secret value into key size bytes. */
-        err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
-            key->ecc.dp->size);
-    }
-    if (err == 0) {
-        *sz = (word32)key->ecc.dp->size;
-    }
-
-    return err;
-}
-
-/**
- * Import the SAKKE key as DER encoded private ECC key.
- *
- * Use when restoring the KMS private key.
- * Use wc_MakeSakkePublicKey() to recalculate the public key.
- *
- * Private key zero padded to key size.
- *
- * @param  [in]  key   SAKKE key.
- * @param  [in]  data  Buffer holding encoded SAKKE key.
- * @param  [in]  sz    Size of encoded SAKKE key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or data is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_ImportSakkePrivateKey(SakkeKey* key, const byte* data, word32 sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (sz != (word32)key->ecc.dp->size)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        /* Read the secret value from key size bytes. */
-        err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
-            (word32)key->ecc.dp->size);
-    }
-
-    return err;
-}
-
-/*
- * Convert the public key from montgomery form.
- *
- * The public key is needed in Montgomery form for validation and derivation.
- *
- * @param  [in]  key      SAKKE key.
- * @return  0 on success.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-static int sakke_z_from_mont(SakkeKey* key)
-{
-    int err = 0;
-    mp_digit mp;
-    ecc_point* z = &key->ecc.pubkey;
-    mp_int* prime = &key->params.prime;
-
-    if (key->zMont) {
-        err = mp_montgomery_setup(prime, &mp);
-        if (err == 0) {
-            err = mp_montgomery_reduce(z->x, prime, mp);
-        }
-        if (err == 0) {
-            err = mp_montgomery_reduce(z->y, prime, mp);
-        }
-        if (err == 0) {
-            err = mp_montgomery_reduce(z->z, prime, mp);
-        }
-        if (err == 0) {
-            key->zMont = 0;
-        }
-    }
-
-    return err;
-}
-
-/*
- * Encode a point into a buffer.
- *
- * X and y ordinate of point concatenated. Each number is zero padded tosize.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]      point    ECC point to encode.
- * @param  [in]      size     Size of prime in bytes - maximum ordinate length.
- * @param  [out]     data     Buffer to hold encoded data.
- *                            NULL when needing length of encoded data.
- * @param  [in,out]  sz       In, the size of the buffer in bytes.
- *                            Out, the size of the encoded data in bytes.
- * @param  [in]      raw      On 0, prepend descriptor byte.
- *                            On 1, only include ordinates.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz will hold the size in bytes of
- *          the encoded data.
- * @return  BUFFER_E when size of buffer is too small.
- */
-static int sakke_encode_point(ecc_point* point, word32 size, byte* data,
-        word32* sz, int raw)
-{
-    int err = 0;
-
-    if (data == NULL) {
-        *sz = size * 2 + !raw;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*sz < size * 2 + !raw)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        if (!raw) {
-            data[0] = 0x04;
-            data++;
-        }
-
-        /* Write out the point's x ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(point->x, data, (int)size);
-    }
-    if (err == 0) {
-        data += size;
-        /* Write out the point's y ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(point->y, data, (int)size);
-    }
-    if (err == 0) {
-        *sz = size * 2 + !raw;
-    }
-
-    return err;
-}
-
-/*
- * Decode the data into an ECC point.
- *
- * X and y ordinate of point concatenated. Each number is zero padded to
- * key size. Supports prepended descriptor byte (0x04).
- *
- * @param  [out]  point  ECC point to encode.
- * @param  [in]   size   Size of prime in bytes - maximum ordinate length.
- * @param  [in]   data   Encoded public key.
- * @param  [in]   sz     Size of the encoded public key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or z is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-static int sakke_decode_point(ecc_point* point, word32 size, const byte* data,
-        word32 sz)
-{
-    int err = 0;
-
-    if ((sz != size * 2) && (sz != size * 2 + 1)) {
-        err = BUFFER_E;
-    }
-
-    if ((err == 0) && (sz & 1)) {
-        if (data[0] != 0x04) {
-            err = ASN_PARSE_E;
-        }
-        data++;
-    }
-
-    if (err == 0) {
-        /* Read the public key point's x value from key size bytes. */
-        err = mp_read_unsigned_bin(point->x, data, size);
-    }
-    if (err == 0) {
-        data += size;
-        /* Read the public key point's y value from key size bytes. */
-        err = mp_read_unsigned_bin(point->y, data, size);
-    }
-    if (err == 0) {
-        err = mp_set(point->z, 1);
-    }
-
-    return err;
-}
-
-
-/**
- * Encode the KMS public key (Z_T) into a buffer.
- *
- * Z_T is required by all clients in order to perform cryptographic operations.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]      key      SAKKE key.
- * @param  [out]     data     Buffer to hold encoded data.
- *                            NULL when needing length of encoded data.
- * @param  [in,out]  sz       In, the size of the buffer in bytes.
- *                            Out, the size of the encoded data in bytes.
- * @param  [in]      raw      On 0, prepend descriptor byte.
- *                            On 1, only include ordinates.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz will hold the size in bytes of
- *          the encoded data.
- * @return  BUFFER_E when size of buffer is too small.
- */
-int wc_ExportSakkePublicKey(SakkeKey* key, byte* data, word32* sz, int raw)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (data != NULL)) {
-        err = sakke_z_from_mont(key);
-    }
-
-    if (err == 0) {
-        err = sakke_encode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size,
-                data, sz, raw);
-    }
-
-    return err;
-}
-
-/**
- * Calculates the Receiver Secret Key (RSK) for the identity.
- *
- * RFC 6508, Section 6.1.1
- *
- * RSK = [ (a + z_T) ^ 1 modulo q ]P\n
- * RSK is required by receiver to derive SSV.
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   id    Identity to create hash for.
- * @param  [in]   idSz  Length of identity in bytes.
- * @param  [out]  rsk   Receiver Secret Key as an ECC point.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, id, or rsk is NULL.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  Other value when an an internal operation fails.
- */
-int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz, ecc_point* rsk)
-{
-    int err = 0;
-    mp_int* a = NULL;
-
-    if ((key == NULL) || (id == NULL) || (rsk == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-
-    /* Compute RSK = [ (a + z_T) ^ 1 modulo q ]P */
-    if (err == 0) {
-        a = &key->tmp.m1;
-        err = mp_read_unsigned_bin(a, id, idSz);
-    }
-    /* a + z_T */
-    if (err == 0) {
-        err = mp_addmod(a, wc_ecc_key_get_priv(&key->ecc), &key->params.q, a);
-    }
-    /* (a + z_T) ^ 1 modulo q */
-    if (err == 0) {
-        err = mp_invmod(a, &key->params.q, a);
-    }
-
-    /* [ (a + z_T) ^ 1 modulo q ]P */
-    if (err == 0) {
-        err = sakke_mulmod_base(key, a, rsk, 1);
-    }
-
-    return err;
-}
-
-/**
- * Encode the SAKKE Receiver Secret Key (RSK) as DER encoded public ECC key.
- *
- * Encode the RSK to send to the receiving client.
- *
- * X and y ordinate of RSK point concatenated. Each number is zero padded to
- * key size.
- * Descriptor byte (0x04) is prepended when not raw.
- *
- * @param  [in]      key   SAKKE key.
- * @param  [in]      rsk   ECC point that is the Receiver Secret Key (RSK).
- * @param  [out]     out   Buffer to hold encoded RSK.
- * @param  [in,out]  sz    In, size of buffer in bytes.
- *                         Out, size of encoded RSK in bytes.
- * @param  [in]      raw   On 0, prepend descriptor byte.
- *                         On 1, only include ordinates.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, rsk, or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL - sz will hold the size in bytes of
- *          the encoded data.
- * @return  BUFFER_E when size of buffer is too small.
- */
-int wc_EncodeSakkeRsk(const SakkeKey* key, ecc_point* rsk, byte* out,
-        word32* sz, int raw)
-{
-    int err = 0;
-
-    if ((key == NULL) || (rsk == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = sakke_encode_point(rsk, (word32)key->ecc.dp->size, out, sz, raw);
-    }
-
-    return err;
-}
-
-#endif /* WOLFCRYPT_SAKKE_KMS */
-
-#ifdef WOLFCRYPT_SAKKE_CLIENT
-
-/**
- * Decode the KMS public key (Z_T) into the key.
- *
- * A client imports Z_T to perform derivation of SSV.
- *
- * X and y ordinate of public key concatenated. Each number is zero padded to
- * key size. Supports prepended descriptor byte (0x04).
- *
- * @param  [in]  key   SAKKE key.
- * @param  [in]  data  Encoded public key.
- * @param  [in]  sz    Size of the encoded public key in bytes.
- * @param  [in]  trusted  1 when public key is trusted.
- *                        0 when validation is required to be performed.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or z is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- * @return  ECC_OUT_OF_RANGE_E when point is invalid.
- * @return  ECC_INF_E when point is at infinity and invalid.
- */
-int wc_ImportSakkePublicKey(SakkeKey* key, const byte* data, word32 sz,
-        int trusted)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = sakke_decode_point(&key->ecc.pubkey, (word32)key->ecc.dp->size,
-                data, sz);
-    }
-    if (err == 0) {
-        key->ecc.type = ECC_PUBLICKEY;
-        key->zMont = 0;
-    }
-    if ((err == 0) && (!trusted)) {
-        err = wc_ecc_check_key(&key->ecc);
-    }
-
-    return err;
-}
-
-/**
- * Decode the SAKKE Receiver Secret Key (RSK) as DER encoded public ECC key.
- *
- * A receiving client needs the RSK for deriving SSV.
- *
- * X and y ordinate of RSK point concatenated. Each number is zero padded to
- * key size. Supports prepended descriptor byte (0x04).
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   data  Buffer holding encoded SAKKE key.
- * @param  [in]   sz    Size of encoded RSK in bytes.
- * @param  [out]  rsk   ECC point to hold the Receiver Secret Key (RSK).
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, data or rsk is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  ASN_PARSE_E when format byte is invalid.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_DecodeSakkeRsk(const SakkeKey* key, const byte* data, word32 sz,
-        ecc_point* rsk)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL) || (rsk == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = sakke_decode_point(rsk, (word32)key->ecc.dp->size, data, sz);
-    }
-
-    return err;
-}
-
-/**
- * Decode the SAKKE Receiver Secret Key (RSK) as DER encoded public ECC key and
- * stores internally.
- *
- * A receiving client needs the RSK for deriving SSV.
- *
- * X and y ordinate of RSK point concatenated. Each number is zero padded to
- * key size. Supports prepended descriptor byte (0x04).
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   data  Buffer holding encoded SAKKE key.
- * @param  [in]   sz    Size of encoded RSK in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or data is NULL.
- * @return  BUFFER_E when size of data is not equal to the expected size.
- * @return  MP_MEM or MEMORY_E when dynamic memory allocation fails.
- */
-int wc_ImportSakkeRsk(SakkeKey* key, const byte* data, word32 sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = wc_DecodeSakkeRsk(key, data, sz, key->rsk.rsk);
-    }
-
-    return err;
-}
-
-/* Base (g) for SAKKE parameter set 1. */
-static const byte sakke_param_set_1_base[] = {
-    0x66, 0xFC, 0x2A, 0x43, 0x2B, 0x6E, 0xA3, 0x92,
-    0x14, 0x8F, 0x15, 0x86, 0x7D, 0x62, 0x30, 0x68,
-    0xC6, 0xA8, 0x7B, 0xD1, 0xFB, 0x94, 0xC4, 0x1E,
-    0x27, 0xFA, 0xBE, 0x65, 0x8E, 0x01, 0x5A, 0x87,
-    0x37, 0x1E, 0x94, 0x74, 0x4C, 0x96, 0xFE, 0xDA,
-    0x44, 0x9A, 0xE9, 0x56, 0x3F, 0x8B, 0xC4, 0x46,
-    0xCB, 0xFD, 0xA8, 0x5D, 0x5D, 0x00, 0xEF, 0x57,
-    0x70, 0x72, 0xDA, 0x8F, 0x54, 0x17, 0x21, 0xBE,
-    0xEE, 0x0F, 0xAE, 0xD1, 0x82, 0x8E, 0xAB, 0x90,
-    0xB9, 0x9D, 0xFB, 0x01, 0x38, 0xC7, 0x84, 0x33,
-    0x55, 0xDF, 0x04, 0x60, 0xB4, 0xA9, 0xFD, 0x74,
-    0xB4, 0xF1, 0xA3, 0x2B, 0xCA, 0xFA, 0x1F, 0xFA,
-    0xD6, 0x82, 0xC0, 0x33, 0xA7, 0x94, 0x2B, 0xCC,
-    0xE3, 0x72, 0x0F, 0x20, 0xB9, 0xB7, 0xB0, 0x40,
-    0x3C, 0x8C, 0xAE, 0x87, 0xB7, 0xA0, 0x04, 0x2A,
-    0xCD, 0xE0, 0xFA, 0xB3, 0x64, 0x61, 0xEA, 0x46
-};
-
-/*
- * Load Pairing Base (g), hex strings in ECC object, into field of key.
- *
- * Flags that the g is available so it isn't loaded multiple times.
- *
- * @param  [in]  key  SAKKE key.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_load_pairing_base(SakkeKey* key)
-{
-    int err = 0;
-    SakkeKeyParams* params = &key->params;
-
-    if (!params->haveG) {
-        if (key->ecc.dp->id != ECC_SAKKE_1) {
-            err = NOT_COMPILED_IN;
-        }
-        if (err == 0) {
-            err = mp_read_unsigned_bin(&params->g, sakke_param_set_1_base,
-                    sizeof(sakke_param_set_1_base));
-            if (err == 0) {
-                params->haveG = 1;
-            }
-        }
-    }
-
-    return err;
-}
-
-#ifndef WOLFSSL_HAVE_SP_ECC
-/*
- * Put point into Montgomery form.
- *
- * @param  [in]  p      ECC point.
- * @param  [in]  prime  Prime modulus.
- * @param  [in]  mu     Temporary MP integer to hold mu.
- * @param  [in]  set    1 when mu is set and 0 when it needs to be calculated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_point_to_mont(ecc_point* p, mp_int* prime, mp_int* mu, int set)
-{
-    int err = 0;
-
-    if (!set) {
-        /* Calculate multiplier that converts to Montgomery form. */
-        err = mp_montgomery_calc_normalization(mu, prime);
-    }
-    if (err == 0) {
-        err = mp_mulmod(p->x, mu, prime, p->x);
-    }
-    if (err == 0) {
-        err = mp_mulmod(p->y, mu, prime, p->y);
-    }
-    if (err == 0) {
-        err = mp_mulmod(p->z, mu, prime, p->z);
-    }
-
-    return err;
-}
-
-/*
- * Take point out of Montgomery form.
- *
- * @param  [in]  p      ECC point.
- * @param  [in]  prime  Prime modulus.
- * @param  [in]  mp     Multiplier to use when converting from Montgomery form.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_point_from_mont(ecc_point* p, mp_int* prime, mp_digit mp)
-{
-    int err;
-
-    err = mp_montgomery_reduce(p->x, prime, mp);
-    if (err == 0) {
-        err = mp_montgomery_reduce(p->y, prime, mp);
-    }
-    if (err == 0) {
-        err = mp_montgomery_reduce(p->z, prime, mp);
-    }
-
-    return err;
-}
-
-/*
- * Put Z into Montgomery form.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  mu   Temporary MP integer.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_z_to_mont(SakkeKey* key, mp_int* tmp)
-{
-    int err = 0;
-    ecc_point* z = &key->ecc.pubkey;
-
-    if (!key->zMont) {
-        err = sakke_point_to_mont(z, &key->params.prime, tmp, 0);
-        if (err == 0) {
-            key->zMont = 1;
-        }
-    }
-
-    return err;
-}
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-/**
- * Generate a pre-computation table for the RSK point.
- *
- * The table contains sensitive data.
- *
- * @param  [in]      key    SAKKE key.
- * @param  [in]      rsk    Point to generate table for.
- * @param  [out]     table  Pre-generated values. Passing NULL indicates that
- *                          the length of the table is required.
- * @param  [in,out]  len    On in, the size of table buffer in bytes.
- *                          On out, the size of the pre-generated data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, rsk or len is NULL.
- * @return  LENGTH_ONLY_E when table is NULL.
- * @return  BAD_LENGTH_E when table is specified and len is too small.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_GenerateSakkeRskTable(const SakkeKey* key, const ecc_point* rsk,
-        byte* table, word32* len)
-{
-    int err = 0;
-
-    if ((key == NULL) || (rsk == NULL) || (len == 0)) {
-        err = BAD_FUNC_ARG;
-    }
-    if (err == 0) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#ifdef WOLFSSL_SP_1024
-        err = sp_Pairing_gen_precomp_1024(rsk, table, len);
-#else
-        err = NOT_COMPILED_IN;
-#endif
-        RESTORE_VECTOR_REGISTERS();
-    }
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   p    First point on E(F_p)[q].
- * @param  [in]   q    Second point on E(F_p)[q].
- * @param  [out]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_pairing(const SakkeKey* key, const ecc_point* p,
-    const ecc_point* q, mp_int* r, const byte* table, word32 len)
-{
-    int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-#ifdef WOLFSSL_SP_1024
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
-        if (table == NULL) {
-            err = sp_Pairing_1024(p, q, r);
-        }
-        else {
-            err = sp_Pairing_precomp_1024(p, q, r, table, len);
-        }
-    }
-    else {
-        err = NOT_COMPILED_IN;
-    }
-#else
-    (void)key;
-    (void)p;
-    (void)q;
-    (void)r;
-    (void)table;
-    (void)len;
-    err = NOT_COMPILED_IN;
-#endif
-
-    return err;
-}
-
-#else /* WOLFSSL_HAVE_SP_ECC */
-/**
- * Generate a pre-computation table for the RSK point.
- *
- * Empty table as not supported in this implementation.
- *
- * @param  [in]      key    SAKKE key.
- * @param  [in]      rsk    Point to generate table for.
- * @param  [out]     table  Pre-generated values. Passing NULL indicates that
- *                          the length of the table is required.
- * @param  [in,out]  len    On in, the size of table buffer in bytes.
- *                          On out, the size of the pre-generated data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, rsk or len is NULL.
- * @return  LENGTH_ONLY_E when table is NULL.
- * @return  BAD_LENGTH_E when table is specified and len is too small.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_GenerateSakkeRskTable(const SakkeKey* key, const ecc_point* rsk,
-        byte* table, word32* len)
-{
-    int err = 0;
-
-    if ((key == NULL) || (rsk == NULL) || (len == 0)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)table;
-
-    return err;
-}
-
-/*
- * Square a modulo m in Montgomery.
- *
- * @param  [in]   a   MP integer that is number to square.
- * @param  [in]   m   MP integer that is modulus.
- * @param  [out]  r   MP integer that is the result.
- * @param  [in]   mp  Multiplier to use when converting from Montgomery form.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_mont_sqrmod(mp_int* a, mp_int* m, mp_int* r, mp_digit mp)
-{
-    int err;
-
-    err = mp_sqr(a, r);
-    if (err == 0) {
-        err = mp_montgomery_reduce(r, m, mp);
-    }
-
-    return err;
-}
-
-/*
- * Multiply a by b modulo m in Montgomery.
- *
- * @param  [in]   a   MP integer that is first number to multiply.
- * @param  [in]   b   MP integer that is second number to multiply.
- * @param  [in]   m   MP integer that is modulus.
- * @param  [out]  r   MP integer that is the result.
- * @param  [in]   mp  Multiplier to use when converting from Montgomery form.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_mont_mulmod(mp_int* a, mp_int* b, mp_int* m, mp_int* r,
-        mp_digit mp)
-{
-    int err;
-
-    err = mp_mul(a, b, r);
-    if (err == 0) {
-        err = mp_montgomery_reduce(r, m, mp);
-    }
-
-    return err;
-}
-
-/*
- * Add a and b modulo m. r = a + b % m
- *
- * @param  [in]   a   MP integer that is first number to add.
- * @param  [in]   b   MP integer that is second number to add.
- * @param  [out]  m   MP integer that is modulus.
- * @param  [in]   r   MP integer that is the result.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_addmod(mp_int* a, mp_int* b, mp_int* m, mp_int* r)
-{
-    int err;
-
-    err = mp_add(a, b, r);
-    if ((err == 0) && (mp_cmp(r, m) != MP_LT)) {
-        err = mp_sub(r, m, r);
-    }
-
-    return err;
-}
-
-/*
- * Triple a modulo m. r = 3.a % m
- *
- * @param  [in]   a   MP integer that is number to triple
- * @param  [out]  m   MP integer that is modulus.
- * @param  [in]   r   MP integer that is the result.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_tplmod(mp_int* a, mp_int* m, mp_int* r)
-{
-    int err;
-
-    err = mp_mul_d(a, 3, r);
-    if ((err == 0) && (mp_cmp(r, m) != MP_LT)) {
-        err = mp_sub(r, m, r);
-    }
-    if ((err == 0) && (mp_cmp(r, m) != MP_LT)) {
-        err = mp_sub(r, m, r);
-    }
-    if ((err == 0) && (mp_cmp(r, m) != MP_LT)) {
-        err = mp_sub(r, m, r);
-    }
-
-    return err;
-}
-
-/*
- * Subtract b from a modulo m. r = a - b % m
- *
- * @param  [in]   a   MP integer that is first number to add.
- * @param  [in]   b   MP integer that is second number to add.
- * @param  [in]   m   MP integer that is modulus.
- * @param  [out]  r   MP integer that is the result.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_submod(mp_int* a, mp_int* b, mp_int* m, mp_int* r)
-{
-    int err;
-
-#if !defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_INT_NEGATIVE)
-    err = mp_sub(a, b, r);
-    if ((err == 0) && mp_isneg(r)) {
-        err = mp_add(r, m, r);
-    }
-#else
-    err = sp_submod_ct(a, b, m, r);
-#endif
-
-    return err;
-}
-
-/*
- * Square the element of PF_p[q] (projectivization of F_p with order q).
- *
- * Calculation:
- *   r.x = (p.x + p.y) * (p.x - p.y)
- *   r.y = (p.x * p.y) * 2
- *
- * @param  [in]   p      MP projective integer - value to square.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      MP projective integer - Result of square.
- * @param  [in]   t1     MP integer temporary.
- * @param  [in]   t2     MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_proj_sqr(mp_proj* p, mp_int* prime, mp_digit mp, mp_proj* r,
-        mp_int* t1, mp_int* t2)
-{
-    int err;
-
-    /* t1 = p.x + p.y */
-    err = sakke_addmod(p->x, p->y, prime, t1);
-    /* t2 = p.x - p.y */
-    if (err == 0) {
-        err = sakke_submod(p->x, p->y, prime, t2);
-    }
-    /* r.y = p.x * p.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->x, p->y, prime, r->y, mp);
-    }
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    if (err == 0) {
-        err = sakke_mont_mulmod(t1, t2, prime, r->x, mp);
-    }
-    /* r.y = (p.x * p.y) * 2 */
-    if (err == 0) {
-        err = sakke_addmod(r->y, r->y, prime, r->y);
-    }
-
-    return err;
-}
-
-/*
- * Multiply two elements of PF_p[q] (projectivization of F_p with order q).
- *
- * q must not be the same object as r.
- * Calculation:
- *   r.x = (p.x * q.x) - (p.y * q.y)
- *   r.y = (p.x * q.y) + (p.y * q.x)
- *
- * @param  [in]   p      MP projective integer - first value to multiply.
- * @param  [in]   q      MP projective integer - second value to multiply.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      Result of operation.
- * @param  [in]   t1     MP integer temporary.
- * @param  [in]   t2     MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_proj_mul(mp_proj* p, mp_proj* q, mp_int* prime, mp_digit mp,
-        mp_proj* r, mp_int* t1, mp_int* t2)
-{
-    int err;
-
-    /* t1 = p.x * q.y */
-    err = sakke_mont_mulmod(p->x, q->y, prime, t1, mp);
-    /* r->x = p.x * q.x */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->x, q->x, prime, r->x, mp);
-    }
-    /* t2 = p.y * q.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->y, q->y, prime, t2, mp);
-    }
-    /* r.x = (p.x * q.x) - (p.y * q.y) */
-    if (err == 0) {
-        err = sakke_submod(r->x, t2, prime, r->x);
-    }
-    /* r.y = p.y * q.x */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->y, q->x, prime, r->y, mp);
-    }
-    /* r.y = (p.x * q.y) + (p.y * q.x) */
-    if (err == 0) {
-        err = sakke_addmod(t1, r->y, prime, r->y);
-    }
-
-    return err;
-}
-
-/*
- * Multiply two elements of PF_p[q] (projectivization of F_p with order q).
- *
- * q must not be the same object as r.
- * Calculation:
- *   r.x = (p.x * q.x) - (p.y * q.y)
- *   r.y = (p.x * q.y) + (p.y * q.x)
- * But qx = 1
- *   r.x = p.x - (p.y * q.y)
- *   r.y = (p.x * q.y) + p.y
- *
- * @param  [in]   p      MP projective integer - first value to multiply.
- * @param  [in]   q      MP projective integer - second value to multiply.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      Result of operation.
- * @param  [in]   t1     MP integer temporary.
- * @param  [in]   t2     MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_proj_mul_qx1(mp_proj* p, mp_int* q, mp_int* prime, mp_digit mp,
-        mp_proj* r, mp_int* t1, mp_int* t2)
-{
-    int err;
-
-    /* t1 = p.x * q.y */
-    err = sakke_mont_mulmod(p->x, q, prime, t1, mp);
-    /* t2 = p.y * q.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->y, q, prime, t2, mp);
-    }
-    /* r.x = p.x - (p.y * q.y) */
-    if (err == 0) {
-        err = sakke_submod(p->x, t2, prime, r->x);
-    }
-    /* r.y = (p.x * q.y) + p.y */
-    if (err == 0) {
-        err = sakke_addmod(t1, p->y, prime, r->y);
-    }
-
-    return err;
-}
-
-/*
- * Calculate the gradient of line through P, P and [-2]P.
- *
- * @param  [in]   p      ECC point - first point on the elliptic curve.
- * @param  [in]   t2     MP integer temporary.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  l      MP integer representing gradient.
- * @param  [out]  z2     MP integer representing p.z^2.
- */
-static int sakke_calc_dbl_rx(ecc_point* p, ecc_point* q, mp_int* prime,
-        mp_digit mp, mp_proj* r, mp_int* l, mp_int* z2)
-{
-    int err;
-    mp_int* t = r->y;
-
-    /* z2 = p.z^2 */
-    err = sakke_mont_sqrmod(p->z, prime, z2, mp);
-    /* t = p.x + p.z^2 */
-    if (err == 0) {
-        err = sakke_addmod(p->x, z2, prime, l);
-    }
-    /* r1 = p.x - p.z^2 */
-    if (err == 0) {
-        err = sakke_submod(p->x, z2, prime, t);
-    }
-    /* l = ((p.x - p.z^2) * (p.x + p.z^2) = p.x ^ 2 - p.z^4  */
-    if (err == 0) {
-        err = sakke_mont_mulmod(l, t, prime, l, mp);
-    }
-    /* l = ((p.x ^ 2) - p.z^4) * 3 */
-    if (err == 0) {
-        err = sakke_tplmod(l, prime, l);
-    }
-    /* t = q.x * p.z^2 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(q->x, z2, prime, t, mp);
-    }
-    /* t = p.x + q.x * p.z^2 */
-    if (err == 0) {
-        err = sakke_addmod(p->x, t, prime, t);
-    }
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    if (err == 0) {
-        err = sakke_mont_mulmod(l, t, prime, r->x, mp);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SAKKE_SMALL
-/*
- * Calculate gradient of line through P, P and [-2]P and accumulate line.
- *
- * Calculation:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y
- *   v* = v*^2 * r*
- *
- * @param  [in]   p      ECC point - first point on the elliptic curve.
- * @param  [in]   q      ECC point - second point on the elliptic curve.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      MP projective integer - gradient in PF_p[q].
- * @param  [in]   t1     MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_accumulate_line_dbl(mp_proj* v, ecc_point* p, ecc_point* q,
-        mp_int* prime, mp_digit mp, mp_proj* r, mp_int** t)
-{
-    int err;
-    mp_int* t1 = t[0];
-    mp_int* t2 = r->z;
-    mp_int* z2 = t[1];
-    mp_int* l = t1;
-
-    /* v = v^2 */
-    err = sakke_proj_sqr(v, prime, mp, v, t1, t2);
-    /* l = 3 * (p.x^2 - p.z^4), z2 = p.z^2, rx = l * (p.x + q.x * p.z^2) */
-    if (err == 0) {
-        err = sakke_calc_dbl_rx(p, q, prime, mp, r, l, z2);
-    }
-    /* t1 = p.y ^ 2 */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(p->y, prime, t1, mp);
-    }
-    /* t1 = 2 * (p.y ^ 2) */
-    if (err == 0) {
-        err = sakke_addmod(t1, t1, prime, t1);
-    }
-    /* r.x -= 2 * (p.y ^ 2) */
-    if (err == 0) {
-        err = sakke_submod(r->x, t1, prime, r->x);
-    }
-    /* r.y = p.y * 2 */
-    if (err == 0) {
-        err = sakke_addmod(p->y, p->y, prime, r->y);
-    }
-    /* r.y = (p.y * 2) * q.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->y, q->y, prime, r->y, mp);
-    }
-    /* t2 = p.z^3 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->z, z2, prime, t2, mp);
-    }
-    /* r.y *= p.z^3 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->y, t2, prime, r->y, mp);
-    }
-    /* v = v^2 * r */
-    if (err == 0) {
-        err = sakke_proj_mul(v, r, prime, mp, v, t1, t2);
-    }
-
-    return err;
-}
-
-/*
- * Calculate gradient of line through C, P and -C-P and accumulate line.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *
- * @param  [in]   p      First point on elliptic curve.
- * @param  [in]   q      Second point on elliptic curve.
- * @param  [in]   c      Third point on elliptic curve.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      Resulting gradient in PF_p[q].
- * @param  [in]   t      MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_accumulate_line_add_one(mp_proj* v, mp_int* prime, mp_digit mp,
-        ecc_point* p, ecc_point* q, ecc_point* c, mp_proj* r, mp_int* t1)
-{
-    int err;
-    mp_int* t2 = r->z;
-
-    /* r.x = (q.x + p.x) * c.y */
-    err = sakke_addmod(q->x, p->x, prime, r->x);
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->x, c->y, prime, r->x, mp);
-    }
-    /* t2 = c.z^2 */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(c->z, prime, t2, mp);
-    }
-    /* t = q.x * c.z^2 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(q->x, t2, prime, t1, mp);
-    }
-    /* t = q.x * c.z^2 + c.x */
-    if (err == 0) {
-        err = sakke_addmod(t1, c->x, prime, t1);
-    }
-    /* t = (q.x * c.z^2 + c.x) * p.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(t1, p->y, prime, t1, mp);
-    }
-    /* t *= c.z */
-    if (err == 0) {
-        err = sakke_mont_mulmod(t1, c->z, prime, t1, mp);
-    }
-    /* r.x -= t */
-    if (err == 0) {
-        err = sakke_submod(r->x, t1, prime, r->x);
-    }
-    /* t = p.x * c.z^2 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->x, t2, prime, t1, mp);
-    }
-    /* r.y = c.x - p.x * c.z^2 */
-    if (err == 0) {
-        err = sakke_submod(c->x, t1, prime, r->y);
-    }
-    /* r.y = (c.x - p.x) * q.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->y, q->y, prime, r->y, mp);
-    }
-    /* r.y = c.x - p.x) * q.y * c.z */
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->y, c->z, prime, r->y, mp);
-    }
-    /* v = v * r */
-    if (err == 0) {
-        err = sakke_proj_mul(v, r, prime, mp, v, t1, t2);
-    }
-
-    return err;
-}
-#else
-/*
- * Calculate gradient of line through P, P and [-2]P and accumulate line.
- * Double the point p.
- *
- * Calculation:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in]   p      ECC point - first point on the elliptic curve.
- * @param  [in]   q      ECC point - second point on the elliptic curve.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      MP projective integer - gradient in PF_p[q].
- * @param  [in]   t1     MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_accumulate_line_dbl(mp_proj* v, ecc_point* p, ecc_point* q,
-        mp_int* prime, mp_digit mp, mp_proj* r, mp_int** t)
-{
-    int err = 0;
-    mp_int* t1 = t[0];
-    mp_int* t2 = r->z;
-    mp_int* z2 = t[1];
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int* l = NULL;
-    mp_int* ty = NULL;
-    l = (mp_int *)XMALLOC(sizeof(*l), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (l == NULL)
-        err = 1;
-    ty = (mp_int *)XMALLOC(sizeof(*ty), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (ty == NULL)
-        err = 1;
-#else
-    mp_int tmp[2];
-    mp_int* l = &tmp[0];
-    mp_int* ty = &tmp[1];
-#endif
-
-    if (err == 0)
-        err = mp_init(l);
-    if (err == 0) {
-        err = mp_init(ty);
-    }
-
-    /* v = v^2 */
-    if (err == 0) {
-        err = sakke_proj_sqr(v, prime, mp, v, t1, t2);
-    }
-    /* l = 3 * (p.x^2 - p.z^4), z2 = p.z^2, rx = l * (p.x + q.x * p.z^2) */
-    if (err == 0) {
-        err = sakke_calc_dbl_rx(p, q, prime, mp, r, l, z2);
-    }
-    /* ty = p.y ^ 2 */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(p->y, prime, ty, mp);
-    }
-    /* ty = 2 * (p.y ^ 2) */
-    if (err == 0) {
-        err = sakke_addmod(ty, ty, prime, ty);
-    }
-    /* r.x -= 2 * (p.y ^ 2) */
-    if (err == 0) {
-        err = sakke_submod(r->x, ty, prime, r->x);
-    }
-    /* r.y = p.y * 2 */
-    if (err == 0) {
-        err = sakke_addmod(p->y, p->y, prime, r->y);
-    }
-    /* r.y = p.y * 2 * p.z */
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->y, p->z, prime, p->z, mp);
-    }
-    /* r.y = p.y * 2 * p.z^3 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->z, z2, prime, r->y, mp);
-    }
-    /* r.y = (p.y * 2 * p.z^3) * q.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->y, q->y, prime, r->y, mp);
-    }
-    /* v = v^2 * r */
-    if (err == 0) {
-        err = sakke_proj_mul(v, r, prime, mp, v, t1, t2);
-    }
-
-    /* Double point using previously calculated values
-     *   l = 3 * (X - Z^2).(X + Z^2)
-     *   ty = 2 * Y^2
-     *   Z = 2 * Y * Z
-     */
-    /* Y = 2 * 2 * Y^2 */
-    if (err == 0) {
-        err = sakke_addmod(ty, ty, prime, p->y);
-    }
-    /* T2 = 4 * Y^4 */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(ty, prime, t2, mp);
-    }
-    /* T2 = 8 * Y^4 */
-    if (err == 0) {
-        err = sakke_addmod(t2, t2, prime, t2);
-    }
-    /* Y = Y * X */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->y, p->x, prime, p->y, mp);
-    }
-    /* X = l * l */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(l, prime, p->x, mp);
-    }
-    /* X = X - Y */
-    if (err == 0) {
-        err = sakke_submod(p->x, p->y, prime, p->x);
-    }
-    /* X = X - Y */
-    if (err == 0) {
-        err = sakke_submod(p->x, p->y, prime, p->x);
-    }
-    /* Y = Y - X */
-    if (err == 0) {
-        err = sakke_submod(p->y, p->x, prime, p->y);
-    }
-    /* Y = Y * l */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->y, l, prime, p->y, mp);
-    }
-    /* Y = Y - T2 */
-    if (err == 0) {
-        err = sakke_submod(p->y, t2, prime, p->y);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (ty != NULL) {
-        mp_free(ty);
-        XFREE(ty, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (l != NULL) {
-        mp_free(l);
-        XFREE(l, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#else
-    mp_free(ty);
-    mp_free(l);
-#endif
-
-    return err;
-}
-
-/*
- * Calculate gradient of line through C, P and -C-P and accumulate line.
- * Add point p into c.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in]   p      First point on elliptic curve.
- * @param  [in]   q      Second point on elliptic curve.
- * @param  [in]   c      Third point on elliptic curve.
- * @param  [in]   prime  MP integer that is the modulus of the field.
- * @param  [in]   mp     Multiplier to use when converting from Montgomery form.
- * @param  [out]  r      Resulting gradient in PF_p[q].
- * @param  [in]   t      MP integer temporary.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_accumulate_line_add_one(mp_proj* v, mp_int* prime, mp_digit mp,
-        ecc_point* p, ecc_point* q, ecc_point* c, mp_proj* r, mp_int** t)
-{
-    int err = 0;
-    mp_int* t1 = t[0];
-    mp_int* t2 = t[1];
-#ifdef WOLFSSL_SMALL_STACK
-    mp_int* h = NULL;
-    mp_int* ty = NULL;
-    mp_int* tz = NULL;
-    mp_int* t3 = NULL;
-    h = (mp_int *)XMALLOC(sizeof(*h), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (h == NULL)
-        err = 1;
-    ty = (mp_int *)XMALLOC(sizeof(*ty), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (ty == NULL)
-        err = 1;
-    tz = (mp_int *)XMALLOC(sizeof(*tz), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (tz == NULL)
-        err = 1;
-    t3 = (mp_int *)XMALLOC(sizeof(*t3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (t3 == NULL)
-        err = 1;
-#else
-    mp_int tmp[4];
-    mp_int* h = &tmp[0];
-    mp_int* ty = &tmp[1];
-    mp_int* tz = &tmp[2];
-    mp_int* t3 = &tmp[3];
-#endif
-
-    if (err == 0)
-        err = mp_init_multi(h, ty, tz, t3, NULL, NULL);
-
-    /* r.x = (q.x + p.x) * c.y */
-    if (err == 0) {
-        err = sakke_addmod(q->x, p->x, prime, r->x);
-    }
-    if (err == 0) {
-        err = sakke_mont_mulmod(r->x, c->y, prime, r->x, mp);
-    }
-    /* tz = c.z^2 */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(c->z, prime, tz, mp);
-    }
-    /* t = q.x * c.z^2 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(q->x, tz, prime, t1, mp);
-    }
-    /* t = q.x * c.z^2 + c.x */
-    if (err == 0) {
-        err = sakke_addmod(t1, c->x, prime, t1);
-    }
-    /* ty = p.y * c.z */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->y, c->z, prime, ty, mp);
-    }
-    /* t = (q.x * c.z^2 + c.x) * p.y * c.z */
-    if (err == 0) {
-        err = sakke_mont_mulmod(t1, ty, prime, t1, mp);
-    }
-    /* r.x -= t */
-    if (err == 0) {
-        err = sakke_submod(r->x, t1, prime, r->x);
-    }
-    /* t = p.x * c.z^2 */
-    if (err == 0) {
-        err = sakke_mont_mulmod(p->x, tz, prime, t1, mp);
-    }
-    /* h = c.x - p.x * c.z^2 */
-    if (err == 0) {
-        err = sakke_submod(c->x, t1, prime, h);
-    }
-    /* t3 = (c.x - p.x * c.z^2 ) * c.z*/
-    if (err == 0) {
-        err = sakke_mont_mulmod(h, c->z, prime, t3, mp);
-    }
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(t3, q->y, prime, r->y, mp);
-    }
-    /* v = v * r */
-    if (err == 0) {
-        err = sakke_proj_mul(v, r, prime, mp, v, t1, t2);
-    }
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   ty = p.y * c.z
-     *   tz = c.z^2
-     *   t3 = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* R = p.y * c.z^3 - c.y */
-    if (err == 0) {
-        err = sakke_mont_mulmod(ty, tz, prime, ty, mp);
-    }
-    if (err == 0) {
-        err = sakke_submod(ty, c->y, prime, ty);
-    }
-    /* c'.z = -H * c.z */
-    if (err == 0) {
-        err = sakke_submod(prime, t3, prime, c->z);
-    }
-    /* c'.x = R^2 + H^3 - 2 * c.x * H^2 */
-    if (err == 0) {
-        err = sakke_mont_sqrmod(ty, prime, t1, mp);
-    }
-    if (err == 0) {
-        err = sakke_mont_sqrmod(h, prime, t2, mp);
-    }
-    if (err == 0) {
-        err = sakke_mont_mulmod(c->x, t2, prime, t3, mp);
-    }
-    if (err == 0) {
-        err = sakke_mont_mulmod(t2, h, prime, t2, mp);
-    }
-    if (err == 0) {
-        err = sakke_addmod(t1, t2, prime, c->x);
-    }
-    if (err == 0) {
-        err = sakke_addmod(t3, t3, prime, t1);
-    }
-    if (err == 0) {
-        err = sakke_submod(c->x, t1, prime, c->x);
-    }
-    /* c'.y = R * (c.x * H^2 - c'.x) + c.y * H^3 */
-    if (err == 0) {
-        err = sakke_submod(t3, c->x, prime, t3);
-    }
-    if (err == 0) {
-        err = sakke_mont_mulmod(t3, ty, prime, t3, mp);
-    }
-    if (err == 0) {
-        err = sakke_mont_mulmod(t2, c->y, prime, t2, mp);
-    }
-    if (err == 0) {
-        err = sakke_addmod(t3, t2, prime, c->y);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    if (t3 != NULL) {
-        mp_free(t3);
-        XFREE(t3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (tz != NULL) {
-        mp_free(tz);
-        XFREE(tz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (ty != NULL) {
-        mp_free(ty);
-        XFREE(ty, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (h != NULL) {
-        mp_free(h);
-        XFREE(h, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#else
-    mp_free(t3);
-    mp_free(tz);
-    mp_free(ty);
-    mp_free(h);
-#endif
-
-    return err;
-}
-#endif /* WOLFSSL_SAKKE_SMALL */
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   p    First point on E(F_p)[q].
- * @param  [in]   q    Second point on E(F_p)[q].
- * @param  [out]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_pairing(SakkeKey* key, ecc_point* p, ecc_point* q, mp_int* r,
-    const byte* table, word32 len)
-{
-    int err;
-    ecc_point* v = key->params.base;
-    ecc_point* c = key->tmp.p1;
-    mp_proj* t2 = key->tmp.p3;
-    mp_int* t3 = &key->tmp.m2;
-    mp_int* prime = &key->params.prime;
-    mp_int* t[2];
-    int i;
-    mp_digit mp = 0;
-    SakkeKeyParams* params = &key->params;
-
-    t[0] = &key->tmp.m1;
-    t[1] = t3;
-
-    (void)table;
-    (void)len;
-
-    err = sakke_point_to_mont(p, prime, &key->tmp.m1, 0);
-    if (err == 0) {
-        err = sakke_point_to_mont(q, prime, &key->tmp.m1, 1);
-    }
-    if (err == 0) {
-        err = wc_ecc_copy_point(p, c);
-    }
-    /* Set v to 1. */
-    if (err == 0) {
-        params->haveBase = 0;
-        err = mp_set(v->x, 1);
-    }
-    if (err == 0) {
-        err = mp_set(v->y, 0);
-    }
-    if (err == 0) {
-        err = mp_montgomery_setup(prime, &mp);
-    }
-
-    for (i = mp_count_bits(&params->q) - 2; (err == 0) && (i >= 0); i--) {
-#ifdef WOLFSSL_SAKKE_SMALL
-        /* Accumulate line into v and double point. */
-        err = sakke_accumulate_line_dbl(v, c, q, prime, mp, t2, t);
-        if (err == 0) {
-            err = ecc_projective_dbl_point(c, c, NULL, prime, mp);
-        }
-
-        if ((err == 0) && (i > 0) && mp_is_bit_set(&params->q, i)) {
-            /* Accumulate line into v and add P into C. */
-            err = sakke_accumulate_line_add_one(v, prime, mp, p, q, c, t2,
-                    &key->tmp.m1);
-            if (err == 0) {
-                err = ecc_projective_add_point(p, c, c, NULL, prime, mp);
-            }
-        }
-#else
-        /* Accumulate line into v and double point. */
-        err = sakke_accumulate_line_dbl(v, c, q, prime, mp, t2, t);
-
-        if ((err == 0) && (i > 0) && mp_is_bit_set(&params->q, i)) {
-            /* Accumulate line into v and add P into C. */
-            err = sakke_accumulate_line_add_one(v, prime, mp, p, q, c, t2, t);
-        }
-#endif /* WOLFSSL_SAKKE_SMALL */
-    }
-
-    /* Final exponentiation */
-    if (err == 0) {
-        err = sakke_proj_sqr(v, prime, mp, v, &key->tmp.m1, t3);
-    }
-    if (err == 0) {
-        err = sakke_proj_sqr(v, prime, mp, v, &key->tmp.m1, t3);
-    }
-    /* Convert from PF_p[q] to F_p */
-    if (err == 0) {
-        err = mp_invmod(v->x, prime, r);
-    }
-    if (err == 0) {
-        err = mp_mulmod(r, v->y, prime, r);
-    }
-
-    if (err == 0) {
-        err = sakke_point_from_mont(p, prime, mp);
-    }
-    if (err == 0) {
-        err = sakke_point_from_mont(q, prime, mp);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_ECC */
-
-/**
- * Set the Receiver Secret Key (RSK) and any table associated with it.
- *
- * @param  [in]  key    SAKKE key.
- * @param  [in]  rsk    Receiver Secret Key (RSK) as an ECC point.
- * @param  [in]  table  Pre-computation table. May be NULL.
- * @param  [in]  len    Size of pre-computation table in bytes.
- * @return  0 on success.
- * @return BAD_FUNC_ARG when key or rsk is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_SetSakkeRsk(SakkeKey* key, const ecc_point* rsk, byte* table, word32 len)
-{
-    int err = 0;
-
-    if ((key == NULL) || (rsk == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if (err == 0) {
-        key->rsk.set = 0;
-        err = wc_ecc_copy_point(rsk, key->rsk.rsk);
-    }
-    if (err == 0) {
-        key->rsk.table = table;
-        key->rsk.tableLen = len;
-        key->rsk.set = 1;
-    }
-
-    return err;
-}
-
-/*
- * Compute the elliptic curve point I for device B. Partial for point R.
- *
- * RFC 6508, Section 6.2.1, Step 3.\n
- * RFC 6508, Section 6.2.2, Step 5.\n
- * I = [b]P + Z_S
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   id    Identifier to of device B.
- * @param  [in]   idSz  Size of identifier in bytes.
- * @param  [out]  i     ECC point - partial for point R.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_compute_point_i(SakkeKey* key, const byte* id, word16 idSz,
-        ecc_point* i)
-{
-    int err;
-    mp_int* b = wc_ecc_key_get_priv(&key->ecc);
-
-    /* Load b - ID of receiver */
-    err = mp_read_unsigned_bin(b, id, idSz);
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-#ifndef WOLFSSL_HAVE_SP_ECC
-    /* Convert to montgomery form for add operation. */
-    if (err == 0) {
-        err = sakke_z_to_mont(key, &key->tmp.m2);
-    }
-#endif
-    /* [b]P + Z_S */
-    if (err == 0) {
-        ecc_point* z = &key->ecc.pubkey;
-        err = sakke_mulmod_base_add(key, b, z, i, 1);
-    }
-    return err;
-}
-
-/**
- * Validate the Receiver Secret Key (RSK) with the identity.
- *
- * RFC 6508, Section 6.1.2
- *
- * A receiving client should validate an RSK before use.
- *
- * @param  [in]   key    SAKKE key.
- * @param  [in]   id     Identity to use.
- * @param  [in]   idSz   Size of identity in bytes.
- * @param  [in]   rsk    Receiver Secret Key as an ECC point.
- * @param  [out]  valid  1 indicates RSK is valid for identity.
- *                       0 otherwise.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, id, rsk or valid is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int wc_ValidateSakkeRsk(SakkeKey* key, const byte* id, word16 idSz,
-        ecc_point* rsk, int* valid)
-{
-    int err = 0;
-    mp_int* a = NULL;
-
-    if ((key == NULL) || (id == NULL) || (rsk == NULL) || (valid == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    /* Load elliptic curve parameters */
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-    /* Load pairing base - g */
-    if (err == 0) {
-        err = sakke_load_pairing_base(key);
-    }
-    /* Load a - identifier */
-    if (err == 0) {
-        a = &key->tmp.m1;
-        err = mp_read_unsigned_bin(a, id, idSz);
-    }
-
-    if (err == 0) {
-        /* I = [b]P + Z_S */
-        err = sakke_compute_point_i(key, id, idSz, key->i.i);
-        if ((err == 0) && (idSz <= SAKKE_ID_MAX_SIZE)) {
-            XMEMCPY(key->i.id, id, idSz);
-            key->i.idSz = idSz;
-        }
-    }
-    /* < [a]P + Z, K_(a,T) > = < K_(a,T), [a]P + Z > = < rsk, i >*/
-    if (err == 0) {
-        err = sakke_pairing(key, rsk, key->i.i, a, NULL, 0);
-    }
-
-    /* Compare pairing result with generator. */
-    if (valid != NULL) {
-        *valid = ((err == 0) && (mp_cmp(a, &key->params.g) == MP_EQ));
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-
-/**
- * Get the size of the authentication data that is the first part of the
- * encapsulated data.
- *
- * Clients need to know how long the authentication data so as the SSV starts
- * after the authentication data in a buffer.\n
- * For SAKKE parameter set 1: 257 bytes
- *
- * @param  [in]   key     SAKKE key.
- * @param  [out]  authSz  Size of authentication data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or authSz is NULL.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int wc_GetSakkeAuthSize(SakkeKey* key, word16* authSz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (authSz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        word16 n = (word16)((mp_count_bits(&key->params.prime) + 7) / 8);
-        *authSz = (word16)(1 + 2 * n);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-/*
- * Modular exponentiate the value in F_p*.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   b    MP integer that is the base to exponentiate.
- * @param  [in]   e    MP integer that is the exponent.
- * @param  [out]  r    Result of exponentiation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_modexp(const SakkeKey* key, const mp_int* b, mp_int* e,
-        mp_int* r)
-{
-    int err = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-#ifdef WOLFSSL_SP_1024
-    if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
-            (ecc_sets[key->ecc.idx].id == ECC_SAKKE_1)) {
-        err = sp_ModExp_Fp_star_1024(b, e, r);
-    }
-    else
-#endif
-    {
-        err = NOT_COMPILED_IN;
-    }
-
-    return err;
-}
-#else
-#ifdef WOLFSSL_SAKKE_SMALL
-/*
- * Modular exponentiate the value in F_p*.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   b    MP integer that is the base to exponentiate.
- * @param  [in]   e    MP integer that is the exponent.
- * @param  [out]  c    Result of exponentiation.
- * @param  [in]   mp   Multiplier to use when converting from Montgomery form.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_modexp_loop(SakkeKey* key, mp_int* b, mp_int* e, mp_proj* c,
-        mp_digit mp)
-{
-    int err;
-    mp_int* t1 = &key->tmp.m1;
-    mp_int* t2 = &key->tmp.m2;
-    mp_int* by = key->tmp.p1->z;
-    mp_int* prime = &key->params.prime;
-    int i;
-
-    /* Set the working value to the base in PF_p[q] */
-    err = mp_montgomery_calc_normalization(c->x, prime);
-    /* Set c->y as montgomery form of b - base */
-    if (err == 0) {
-        err = mp_mulmod(b, c->x, prime, by);
-    }
-    /* Set by as montgomery form of b - base */
-    if (err == 0) {
-        err = mp_copy(by, c->y);
-    }
-    /* Simple non-constant time exponentiation over a field. */
-    for (i = mp_count_bits(e) - 2; (err == 0) && (i >= 0); i--) {
-        err = sakke_proj_sqr(c, prime, mp, c, t1, t2);
-        if (err == 0) {
-            if (mp_is_bit_set(e, i)) {
-                err = sakke_proj_mul_qx1(c, by, prime, mp, c, t1, t2);
-            }
-        }
-    }
-
-    return err;
-}
-
-#elif defined(WOLFSSL_SAKKE_SMALL_MODEXP) || !defined(USE_FAST_MATH)
-
-/*
- * Modular exponentiate the value in F_p*.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   b    MP integer that is the base to exponentiate.
- * @param  [in]   e    MP integer that is the exponent.
- * @param  [out]  r    Result of exponentiation.
- * @param  [in]   mp   Multiplier to use when converting from Montgomery form.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_modexp_loop(SakkeKey* key, mp_int* b, mp_int* e, mp_proj* r,
-        mp_digit mp)
-{
-    int err;
-#ifdef WC_NO_CACHE_RESISTANT
-    mp_proj* c[2];
-#else
-    mp_proj* c[3];
-#endif
-    mp_int* t1 = &key->tmp.m1;
-    mp_int* t2 = &key->tmp.m2;
-    mp_int* by = key->tmp.p1->z;
-    mp_int* prime = &key->params.prime;
-    int i;
-
-#ifdef WC_NO_CACHE_RESISTANT
-    c[0] = r;
-    c[1] = key->tmp.p2;
-#else
-    c[0] = r;
-    c[1] = key->tmp.p3;
-    c[2] = key->tmp.p2;
-#endif
-
-    /* Set the working value to the base in PF_p[q] */
-    err = mp_montgomery_calc_normalization(c[0]->x, prime);
-    /* Set c[0] to [mont_one, zero] */
-    if (err == 0) {
-        mp_zero(c[0]->y);
-
-        /* Set 'by' to montgomery form of 'b' - base */
-        err = mp_mulmod(b, c[0]->x, prime, by);
-    }
-    for (i = mp_count_bits(&key->params.q) - 1; (err == 0) && (i >= 0); i--) {
-        int j = mp_is_bit_set(e, i);
-        err = sakke_proj_sqr(c[0], prime, mp, c[0], t1, t2);
-        if (err == 0) {
-#ifdef WC_NO_CACHE_RESISTANT
-            err = sakke_proj_mul_qx1(c[0], by, prime, mp, c[j^1], t1, t2);
-#else
-            err = sakke_proj_mul_qx1(c[0], by, prime, mp, c[2], t1, t2);
-            mp_copy(c[2]->x,
-            (mp_int*) ( ((wc_ptr_t)c[0]->x & wc_off_on_addr[j]) +
-                        ((wc_ptr_t)c[1]->x & wc_off_on_addr[j^1]) ) );
-            mp_copy(c[2]->y,
-            (mp_int*) ( ((wc_ptr_t)c[0]->y & wc_off_on_addr[j]) +
-                        ((wc_ptr_t)c[1]->y & wc_off_on_addr[j^1]) ) );
-#endif
-        }
-    }
-
-    return err;
-}
-
-#else
-
-/* Table for 8-bit striping exponentiation. */
-static const byte sakke_1024_g_table[256][128] = {
-    { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-    { 0x59, 0xe9, 0x3c, 0x6a, 0x6b, 0xd3, 0xba, 0xf4, 0xaf, 0xd5,
-      0x88, 0x91, 0xe8, 0x6c, 0xb2, 0x21, 0x61, 0x52, 0xba, 0x02,
-      0xc7, 0x27, 0xc9, 0x8e, 0x21, 0xf1, 0x1c, 0x06, 0x7d, 0x3b,
-      0x4f, 0x7d, 0x66, 0xdb, 0xd0, 0x9a, 0x9b, 0x67, 0xe0, 0x96,
-      0x6f, 0xaf, 0x7a, 0x00, 0x61, 0xc1, 0xf3, 0x0d, 0x0e, 0x74,
-      0x1a, 0x1b, 0x2d, 0x8e, 0xae, 0x58, 0xd6, 0xd8, 0x59, 0xbf,
-      0x16, 0xac, 0x6c, 0x6f, 0xad, 0xde, 0xdc, 0x85, 0x8f, 0x88,
-      0x71, 0x7c, 0x27, 0xbe, 0x88, 0x2c, 0x2f, 0xd1, 0x51, 0xe6,
-      0xd8, 0x9e, 0x2d, 0x14, 0x72, 0xbf, 0x1a, 0xfb, 0x3a, 0xf4,
-      0x9b, 0xb4, 0xb3, 0x65, 0x76, 0xd1, 0x26, 0x46, 0xf8, 0x15,
-      0x82, 0x64, 0x24, 0x75, 0x40, 0xe8, 0xf3, 0xdf, 0x43, 0xca,
-      0x4a, 0x73, 0xea, 0xc9, 0xe9, 0x71, 0xe1, 0x00, 0x7a, 0x58,
-      0x17, 0x0a, 0x46, 0xd2, 0x33, 0x5c, 0x16, 0x85 },
-    { 0x63, 0xef, 0x18, 0x7b, 0x74, 0xf6, 0x2e, 0x03, 0xbe, 0x85,
-      0xac, 0x6a, 0x9b, 0x6a, 0x52, 0xb9, 0x5f, 0x19, 0xc2, 0x0d,
-      0x6f, 0x83, 0x73, 0xd3, 0x16, 0xf1, 0x86, 0x31, 0x50, 0xa9,
-      0xd0, 0xd9, 0x13, 0x94, 0x6d, 0x17, 0x9f, 0x7b, 0xfa, 0x2e,
-      0xdd, 0x9f, 0x6a, 0x91, 0x0a, 0x18, 0x0e, 0xb6, 0x51, 0xf7,
-      0x11, 0x9b, 0x4a, 0xc8, 0x43, 0x1c, 0xfd, 0x45, 0x62, 0x67,
-      0x40, 0x38, 0x98, 0x13, 0x81, 0x3d, 0x1c, 0xb2, 0x2e, 0xcb,
-      0x96, 0x52, 0xb9, 0xbd, 0x3a, 0xfd, 0xf5, 0xcb, 0x6a, 0xb5,
-      0x11, 0x8b, 0xd7, 0x92, 0xc1, 0x13, 0x99, 0xfa, 0x97, 0x53,
-      0x79, 0x4c, 0x8f, 0x5c, 0x14, 0x18, 0x85, 0x88, 0xaa, 0x99,
-      0x3f, 0x52, 0x09, 0x28, 0x9e, 0xa5, 0xa4, 0x4e, 0xa1, 0x9f,
-      0x65, 0x30, 0xbb, 0xc9, 0xcc, 0x9f, 0x00, 0xae, 0xf1, 0xe6,
-      0xe5, 0x4d, 0xd3, 0x6f, 0x71, 0xdd, 0x45, 0x94 },
-    { 0x4f, 0xe6, 0x79, 0x1c, 0xf1, 0x92, 0xda, 0x23, 0x90, 0xdc,
-      0xc7, 0x94, 0xdd, 0xac, 0x2c, 0xda, 0x50, 0x5e, 0x8e, 0xc2,
-      0xeb, 0x19, 0x96, 0x33, 0x68, 0x2e, 0xcc, 0x49, 0x47, 0x68,
-      0x5f, 0xbe, 0xab, 0x0c, 0xb6, 0x3c, 0x12, 0x9f, 0x85, 0xcb,
-      0xb1, 0x36, 0x09, 0x86, 0x15, 0x55, 0x9c, 0x41, 0x7f, 0xf3,
-      0x35, 0x4e, 0x3f, 0x98, 0x60, 0xc8, 0xa0, 0xed, 0x29, 0x9b,
-      0x0f, 0x5c, 0x6c, 0xd1, 0xae, 0x18, 0x28, 0x30, 0x73, 0x3f,
-      0xa3, 0xbe, 0x93, 0x3e, 0x0d, 0x41, 0xb3, 0x30, 0xbc, 0x4d,
-      0x5b, 0x40, 0x74, 0x74, 0xbb, 0x60, 0xf8, 0xcf, 0xbd, 0xa4,
-      0x1b, 0x1f, 0x72, 0x41, 0x09, 0x8b, 0x6f, 0xdb, 0xf0, 0xa2,
-      0xc7, 0xaf, 0xd8, 0x1d, 0x73, 0x92, 0xf7, 0x41, 0xce, 0x42,
-      0x9b, 0x60, 0x1c, 0x1b, 0xdb, 0x57, 0x2b, 0xec, 0x82, 0xf8,
-      0x7c, 0x37, 0x6b, 0x7f, 0x01, 0x6f, 0x45, 0xe7 },
-    { 0x04, 0x48, 0x2a, 0x18, 0x56, 0x1d, 0xb2, 0x97, 0x55, 0x5d,
-      0x1f, 0xfe, 0xbe, 0x78, 0xd9, 0xd2, 0x18, 0xc2, 0x1f, 0x61,
-      0x1a, 0x04, 0x01, 0x70, 0x30, 0x95, 0x70, 0xc4, 0x4e, 0x9a,
-      0x1e, 0x52, 0xfa, 0x4d, 0xb1, 0x14, 0x8e, 0x95, 0x07, 0x61,
-      0x30, 0xcf, 0xa7, 0xce, 0x5c, 0xac, 0x4a, 0xab, 0xb5, 0x5e,
-      0xfd, 0xd0, 0x60, 0x68, 0x9a, 0x9a, 0xea, 0x52, 0xd0, 0x26,
-      0x23, 0x3f, 0x98, 0xd5, 0xaa, 0xa7, 0xa6, 0x1a, 0x7b, 0x81,
-      0xce, 0xa6, 0x43, 0x0a, 0x6d, 0xe5, 0xe8, 0x8c, 0xea, 0xf6,
-      0x9d, 0xfd, 0xe9, 0xed, 0xb2, 0xc1, 0x7b, 0x09, 0x00, 0xc8,
-      0x75, 0xe2, 0x71, 0x3b, 0xd7, 0x21, 0x0c, 0x44, 0x71, 0xc6,
-      0xdb, 0x41, 0x81, 0xcc, 0x23, 0x7c, 0x7e, 0x88, 0xe9, 0x61,
-      0xb3, 0x22, 0xcc, 0x84, 0x5e, 0x65, 0x1d, 0x57, 0x17, 0xc1,
-      0x94, 0xa4, 0x23, 0xd5, 0x05, 0xe8, 0x73, 0x3c },
-    { 0x83, 0x3a, 0x0f, 0xf8, 0xde, 0xdb, 0xf8, 0x9f, 0x1a, 0x9c,
-      0x3f, 0x25, 0x68, 0xcc, 0xdb, 0x44, 0xfa, 0x13, 0x50, 0xd3,
-      0xe7, 0x34, 0x27, 0x02, 0x0d, 0x26, 0x7f, 0xd9, 0x86, 0x92,
-      0x07, 0x7a, 0x66, 0xe1, 0xa4, 0x9f, 0xd7, 0x35, 0x57, 0xe9,
-      0x5b, 0x51, 0x85, 0x4d, 0x35, 0x45, 0x96, 0x68, 0x40, 0xc2,
-      0x7a, 0x04, 0x32, 0xa3, 0xd2, 0x22, 0x96, 0x3b, 0x05, 0x3e,
-      0xd7, 0xb2, 0xea, 0x45, 0xc8, 0xe4, 0x49, 0x9c, 0x57, 0x12,
-      0x8d, 0x37, 0xd6, 0xf2, 0x1f, 0x1a, 0x7e, 0x44, 0xfe, 0xb5,
-      0x28, 0xfc, 0x30, 0x7c, 0x45, 0x31, 0xbc, 0x60, 0x56, 0x0b,
-      0xee, 0x25, 0xbd, 0x8c, 0x22, 0x60, 0xa0, 0xe5, 0x4f, 0x02,
-      0xf3, 0x37, 0x36, 0x30, 0x72, 0x3c, 0x99, 0xfc, 0x21, 0x88,
-      0xab, 0x4f, 0x81, 0x69, 0xf9, 0x46, 0x61, 0xcd, 0xc1, 0xe7,
-      0xe7, 0x75, 0x8a, 0xc2, 0x73, 0xd4, 0x86, 0xd8 },
-    { 0x69, 0x2b, 0x3c, 0xe3, 0xeb, 0x24, 0x96, 0x5f, 0x2e, 0x2d,
-      0xf9, 0x5a, 0x85, 0xf8, 0x11, 0xa0, 0x74, 0x1f, 0xd5, 0x1a,
-      0xf4, 0xf0, 0x5c, 0x0c, 0x03, 0xf7, 0x3e, 0xa6, 0xa2, 0xb7,
-      0x44, 0xf1, 0x1f, 0xec, 0x95, 0xe1, 0xd8, 0xa1, 0x05, 0x8a,
-      0x22, 0xd6, 0x39, 0xc8, 0xcb, 0x11, 0x87, 0xdb, 0x42, 0x13,
-      0xbe, 0x88, 0x2d, 0xd0, 0x6e, 0xc0, 0xf3, 0x66, 0xed, 0x59,
-      0xe9, 0xdb, 0xad, 0xd1, 0x33, 0x9e, 0xda, 0xd6, 0xa1, 0xd5,
-      0xc2, 0x70, 0xe5, 0x13, 0x35, 0x0b, 0xe6, 0xeb, 0x26, 0x0b,
-      0x04, 0xbe, 0x5a, 0xee, 0xb4, 0xc1, 0x6a, 0x2a, 0x56, 0xfe,
-      0xe0, 0x7b, 0x09, 0x8c, 0x0a, 0x88, 0x93, 0x1b, 0xa5, 0x1e,
-      0xa6, 0x25, 0x75, 0xa6, 0xe5, 0x6b, 0xb9, 0xe2, 0xa9, 0x0c,
-      0x51, 0x4d, 0x3b, 0x72, 0x94, 0xf3, 0x27, 0xd0, 0xf0, 0xcc,
-      0xa8, 0xc4, 0x19, 0xc7, 0xab, 0x37, 0x6b, 0x76 },
-    { 0x33, 0x3e, 0x43, 0x0a, 0xf4, 0x00, 0x42, 0xd6, 0xc0, 0xcf,
-      0x0a, 0xaf, 0x81, 0xde, 0x5f, 0xe0, 0x77, 0x41, 0x91, 0xb1,
-      0x89, 0xef, 0x09, 0xf2, 0x64, 0x47, 0x90, 0x38, 0x70, 0x36,
-      0x1f, 0x25, 0x32, 0xd6, 0x43, 0x31, 0xd4, 0x12, 0x83, 0x27,
-      0x8c, 0x4e, 0x85, 0x33, 0x54, 0x52, 0x64, 0x3c, 0x05, 0xb9,
-      0x49, 0x1c, 0xa0, 0x9d, 0x46, 0x95, 0x58, 0x1f, 0xa3, 0x97,
-      0x3d, 0x65, 0x29, 0x36, 0x54, 0xc2, 0x40, 0xd7, 0x7d, 0x2a,
-      0xf8, 0x31, 0x17, 0x4d, 0x0b, 0x40, 0x74, 0xe2, 0x52, 0xf9,
-      0x2f, 0x42, 0x6c, 0xae, 0x4d, 0xe4, 0xe6, 0x65, 0xc8, 0x14,
-      0x5c, 0x6d, 0xb2, 0xed, 0xbe, 0x8c, 0x16, 0x3d, 0x9a, 0x01,
-      0xe0, 0xab, 0x96, 0xee, 0x43, 0xec, 0xf4, 0x63, 0x47, 0xa3,
-      0x76, 0x16, 0x66, 0xa4, 0x6e, 0xa5, 0x8f, 0x92, 0x81, 0x6f,
-      0x0c, 0xe6, 0xcb, 0x72, 0xd2, 0xa1, 0x27, 0xb4 },
-    { 0x10, 0xe8, 0xb3, 0x1d, 0xd6, 0xbb, 0xd7, 0x08, 0xae, 0x12,
-      0x76, 0x36, 0x2f, 0x77, 0x91, 0xd1, 0xbb, 0x18, 0xd1, 0x75,
-      0x4a, 0xeb, 0x02, 0xa3, 0x8a, 0xdc, 0x6f, 0xe5, 0x45, 0x9e,
-      0xa4, 0x62, 0xeb, 0x9a, 0x71, 0xa1, 0x15, 0xaa, 0xa4, 0x08,
-      0x94, 0xfe, 0x18, 0x62, 0x65, 0x72, 0xcd, 0x52, 0xb3, 0xa1,
-      0x04, 0xe5, 0xcd, 0xde, 0xb5, 0x8c, 0x3f, 0xc2, 0x1e, 0x74,
-      0x04, 0x63, 0x13, 0x86, 0xb5, 0x44, 0x34, 0x83, 0xfe, 0x3e,
-      0xe7, 0x55, 0x94, 0x8a, 0x37, 0xaf, 0xf1, 0x3b, 0x85, 0x87,
-      0xd9, 0xd0, 0x4d, 0xd9, 0x65, 0xc9, 0x13, 0xbb, 0x1f, 0xfc,
-      0x9d, 0x7d, 0x0b, 0x06, 0x10, 0x37, 0xef, 0x29, 0x1e, 0xa4,
-      0x85, 0x03, 0x73, 0x60, 0xa4, 0x01, 0x3c, 0x5f, 0x18, 0x08,
-      0xb6, 0x64, 0x57, 0xa7, 0x73, 0x06, 0xb5, 0x3f, 0x79, 0xbe,
-      0x5d, 0xf0, 0x4d, 0xe4, 0xcf, 0x26, 0xd3, 0xb7 },
-    { 0x64, 0x85, 0x52, 0x4c, 0x0c, 0xdc, 0xc4, 0xbc, 0xfd, 0x26,
-      0x1c, 0x83, 0x2a, 0x84, 0x95, 0xab, 0x38, 0x64, 0x6b, 0x32,
-      0xe7, 0xac, 0x0a, 0x06, 0x9a, 0x87, 0x39, 0x3f, 0x5b, 0x6f,
-      0x55, 0x57, 0x3c, 0x8e, 0x1d, 0xb2, 0xda, 0x0a, 0x55, 0x68,
-      0xcb, 0x1f, 0xbc, 0x54, 0xf3, 0x5e, 0x1a, 0x88, 0xcf, 0xcb,
-      0x6e, 0xae, 0x4f, 0xdc, 0x3f, 0x7f, 0xfe, 0x59, 0x0d, 0xfe,
-      0x03, 0x6c, 0x03, 0x57, 0x90, 0x38, 0xf9, 0x5d, 0x2f, 0xbe,
-      0xb5, 0x4c, 0x6d, 0xc7, 0xfc, 0x7c, 0x26, 0xd5, 0x5e, 0xf5,
-      0x97, 0x82, 0xe9, 0xe4, 0x93, 0x82, 0x54, 0x7a, 0xb1, 0x65,
-      0x4d, 0x17, 0x1a, 0xf9, 0x9c, 0x15, 0x18, 0x77, 0xe2, 0xb0,
-      0x26, 0xb1, 0xe8, 0x5b, 0x38, 0xdc, 0xd6, 0x30, 0x74, 0xce,
-      0x15, 0xb8, 0x03, 0xad, 0x24, 0x77, 0x56, 0x67, 0x61, 0x66,
-      0xb8, 0x7f, 0x03, 0xe5, 0x3e, 0xd9, 0xf1, 0xaf },
-    { 0x1f, 0x76, 0xf3, 0xf2, 0xf2, 0x34, 0x56, 0x3c, 0xa4, 0x06,
-      0x1c, 0x7a, 0x2d, 0xf8, 0xb4, 0x49, 0x65, 0x46, 0xa6, 0x0c,
-      0x00, 0xa3, 0x3d, 0x80, 0x24, 0x07, 0x8b, 0xac, 0xfa, 0x38,
-      0x3f, 0x09, 0xa6, 0x50, 0xa8, 0xf5, 0x63, 0x2d, 0x28, 0xb2,
-      0x32, 0x75, 0x8d, 0x24, 0x57, 0x4b, 0x99, 0x97, 0x13, 0x5c,
-      0x44, 0x37, 0x19, 0x81, 0x18, 0x2d, 0x5d, 0x51, 0x81, 0xd5,
-      0xb9, 0x14, 0xbe, 0x7c, 0x70, 0x0b, 0x19, 0x03, 0x57, 0x0c,
-      0xbb, 0x5b, 0x92, 0x41, 0x1f, 0xeb, 0x91, 0x7b, 0x1e, 0x7a,
-      0xb9, 0xf0, 0x76, 0x4d, 0x49, 0xa0, 0x1f, 0x05, 0x38, 0x18,
-      0x6a, 0xe9, 0xd2, 0xa1, 0x82, 0xcb, 0x23, 0x37, 0x88, 0x3a,
-      0xba, 0x5d, 0xbd, 0x93, 0x88, 0x42, 0x27, 0xf0, 0x89, 0xaf,
-      0xf7, 0x42, 0x2a, 0xa0, 0x3f, 0xba, 0x35, 0xa6, 0x42, 0x8a,
-      0x1a, 0xbf, 0xb3, 0xe2, 0xc4, 0xa6, 0xff, 0x2a },
-    { 0x04, 0x92, 0x4f, 0xfb, 0x3d, 0x10, 0x8e, 0x05, 0xd0, 0xf3,
-      0x67, 0xbb, 0x04, 0x9e, 0xa7, 0x26, 0xc0, 0x28, 0xca, 0x94,
-      0x4e, 0xd2, 0xa5, 0x38, 0xfd, 0x9f, 0xc3, 0x3c, 0x04, 0xed,
-      0x89, 0x9d, 0x3c, 0x25, 0x62, 0xaf, 0xf1, 0xd4, 0x99, 0x5a,
-      0xaf, 0x92, 0xa4, 0xcc, 0xdc, 0x84, 0xbc, 0x92, 0x3a, 0x6f,
-      0x93, 0xdd, 0x18, 0x12, 0xac, 0xb7, 0x7f, 0x87, 0x80, 0x26,
-      0x2e, 0xe5, 0xfd, 0xe8, 0xa9, 0x8a, 0x5a, 0x8c, 0x9b, 0xb9,
-      0x44, 0x3a, 0xb2, 0x7b, 0xf6, 0x93, 0x11, 0x6b, 0x74, 0x88,
-      0xa9, 0x9f, 0x29, 0x15, 0x3a, 0xdc, 0xe7, 0x1e, 0xf8, 0x31,
-      0x46, 0x4f, 0x7d, 0x0a, 0xfa, 0x48, 0x85, 0x76, 0x1f, 0x41,
-      0xed, 0x56, 0xba, 0x82, 0x35, 0xf3, 0x11, 0x7b, 0x5f, 0x6d,
-      0xb2, 0xdf, 0x79, 0x07, 0x05, 0x56, 0x1f, 0x69, 0xc8, 0x7a,
-      0x9a, 0xa2, 0xc1, 0x43, 0x44, 0xc4, 0x36, 0xb0 },
-    { 0x4d, 0xfc, 0xe8, 0x09, 0xc3, 0x80, 0xae, 0x35, 0x08, 0xcd,
-      0x84, 0x9c, 0xc1, 0x46, 0x84, 0x26, 0x58, 0xa8, 0x2b, 0x76,
-      0x9f, 0x14, 0x27, 0x99, 0x87, 0x80, 0xa7, 0x84, 0xf3, 0xc5,
-      0x3b, 0xce, 0xda, 0xd9, 0xe1, 0x82, 0x90, 0x62, 0xfa, 0x49,
-      0xb4, 0x0b, 0x07, 0x2e, 0x25, 0x07, 0x26, 0x61, 0x79, 0xa7,
-      0xb2, 0xcb, 0x15, 0x08, 0x27, 0x2a, 0xc9, 0x7e, 0x24, 0xa3,
-      0x92, 0x5e, 0x5f, 0x4e, 0xf8, 0xa0, 0xdf, 0x66, 0xe0, 0x12,
-      0x90, 0xd3, 0x4a, 0xe8, 0xb7, 0xd4, 0x20, 0x99, 0x1b, 0x8c,
-      0x4b, 0x8e, 0xbb, 0x8e, 0x14, 0xd7, 0xe9, 0x5b, 0x76, 0x73,
-      0x91, 0xc0, 0x41, 0xd6, 0xe1, 0x8e, 0x42, 0x4e, 0x20, 0x64,
-      0x6e, 0xbe, 0x55, 0x7b, 0xe6, 0x1f, 0xd3, 0x2b, 0x5e, 0x1c,
-      0x69, 0x77, 0xd3, 0xb3, 0x30, 0x25, 0xe2, 0xea, 0xe4, 0x8c,
-      0x06, 0x54, 0x8e, 0x3d, 0xc6, 0x73, 0x56, 0x2f },
-    { 0x0d, 0x07, 0x59, 0x08, 0xb8, 0xa0, 0x68, 0x02, 0xdc, 0x7d,
-      0xaf, 0xf8, 0x93, 0x39, 0xbd, 0x23, 0xc5, 0x62, 0x59, 0x5d,
-      0xe4, 0x28, 0xa4, 0x08, 0x59, 0xe9, 0xe8, 0x1d, 0xe2, 0x15,
-      0x3c, 0x22, 0x24, 0xa5, 0x71, 0x53, 0x9f, 0x3a, 0x53, 0x2f,
-      0x30, 0x7f, 0xd7, 0xd8, 0x47, 0xd0, 0x12, 0x28, 0x7f, 0xce,
-      0xcb, 0x04, 0x5c, 0x4e, 0xd9, 0xba, 0xf1, 0x73, 0xdc, 0x2e,
-      0x81, 0xdc, 0x56, 0xb3, 0x1e, 0x10, 0xf1, 0x39, 0xd1, 0x5c,
-      0x8d, 0x8a, 0x83, 0xfa, 0x8c, 0xc5, 0xca, 0x91, 0x6e, 0x7c,
-      0xd6, 0x89, 0x13, 0x82, 0x45, 0xf0, 0xff, 0x47, 0x4c, 0x65,
-      0x26, 0x23, 0x55, 0x4a, 0xdf, 0x3c, 0x34, 0x10, 0x2c, 0x26,
-      0xbb, 0x2d, 0x1b, 0x2b, 0x10, 0xcc, 0x60, 0x0b, 0xe2, 0x7d,
-      0x02, 0x63, 0xd5, 0x2d, 0xa0, 0x15, 0x97, 0x79, 0x30, 0xdd,
-      0x45, 0x06, 0x9c, 0xb2, 0xd5, 0x27, 0xb7, 0x80 },
-    { 0x24, 0xfa, 0x96, 0x1c, 0x2f, 0x08, 0x53, 0x5a, 0xf2, 0xcd,
-      0xe2, 0x15, 0xa4, 0x36, 0x0d, 0xfe, 0xfb, 0xee, 0xd7, 0xed,
-      0x70, 0x0c, 0x11, 0x51, 0x28, 0x3f, 0x74, 0x4d, 0x39, 0x3f,
-      0x2e, 0x2a, 0xb6, 0x86, 0x12, 0xb9, 0xf0, 0x49, 0x28, 0xe9,
-      0xf5, 0xda, 0xfc, 0xec, 0x52, 0x61, 0x17, 0xe5, 0xef, 0x0d,
-      0x22, 0x44, 0x1c, 0xfc, 0xbc, 0x52, 0x88, 0x3d, 0x0b, 0xb5,
-      0xa8, 0xd6, 0x4e, 0xf6, 0x39, 0x2f, 0x28, 0x96, 0x27, 0x26,
-      0x95, 0xbe, 0x01, 0x48, 0xcf, 0x1c, 0x79, 0x10, 0xc6, 0x82,
-      0x5c, 0x05, 0xc2, 0xf5, 0x6d, 0xca, 0x36, 0x15, 0x83, 0xb9,
-      0x60, 0x21, 0xf6, 0x22, 0xda, 0x0d, 0x1f, 0x02, 0xa2, 0xe4,
-      0x85, 0x59, 0xf8, 0x51, 0x88, 0xc0, 0xd2, 0x61, 0x59, 0xca,
-      0x41, 0x3b, 0x88, 0xfc, 0xd2, 0x4f, 0xbe, 0x99, 0xb2, 0xe5,
-      0x87, 0x0a, 0xf2, 0xa7, 0xde, 0x08, 0x5f, 0x2a },
-    { 0x37, 0x1c, 0xc2, 0x3d, 0xfc, 0x4f, 0x01, 0x14, 0x94, 0xd7,
-      0xa0, 0x3d, 0x4a, 0x6f, 0xb6, 0xe1, 0x20, 0x1f, 0x61, 0xd1,
-      0x77, 0x52, 0xfa, 0x60, 0x8e, 0xff, 0x77, 0xe3, 0x75, 0x56,
-      0x03, 0xf3, 0xf6, 0x35, 0xb1, 0xfc, 0x8f, 0x4d, 0x7d, 0x4e,
-      0x5e, 0x1b, 0x8b, 0x7f, 0xe5, 0x0e, 0xe1, 0x73, 0x8c, 0xeb,
-      0x75, 0x9f, 0x39, 0xad, 0x43, 0xab, 0x27, 0x3e, 0x1c, 0x8f,
-      0x41, 0x95, 0x01, 0x58, 0xc0, 0x32, 0x14, 0xe9, 0xcc, 0x94,
-      0x2f, 0x9e, 0x5a, 0x57, 0xf4, 0x86, 0xc9, 0x89, 0x51, 0x45,
-      0xba, 0xb4, 0x6a, 0xf4, 0xd6, 0xc2, 0x7d, 0x12, 0x18, 0xb1,
-      0x91, 0xdf, 0xcc, 0x89, 0xa0, 0x60, 0x22, 0x84, 0xf3, 0x45,
-      0x68, 0x96, 0x43, 0xdb, 0x17, 0x4d, 0xaa, 0x90, 0x6e, 0x82,
-      0xd5, 0x44, 0x64, 0x30, 0x57, 0xd8, 0xfb, 0xd9, 0x03, 0x26,
-      0x07, 0x67, 0xdb, 0x3f, 0x61, 0x6d, 0xf7, 0xf6 },
-    { 0x92, 0xb6, 0xbc, 0xa0, 0x0c, 0x80, 0xfb, 0x7f, 0x3e, 0x60,
-      0x2e, 0x4f, 0xc9, 0xf4, 0xd7, 0x8f, 0x33, 0x0f, 0x6a, 0x7a,
-      0xf1, 0xbc, 0x13, 0xe8, 0x03, 0xc2, 0xc0, 0xe8, 0x5b, 0xa6,
-      0xe6, 0xc6, 0x06, 0xf6, 0xa5, 0x8d, 0x76, 0x40, 0xc3, 0x0e,
-      0x70, 0xd9, 0x7d, 0x07, 0x26, 0xdd, 0xe2, 0x4a, 0x45, 0x69,
-      0x7e, 0x91, 0xe8, 0x7d, 0x34, 0x74, 0x40, 0xa4, 0x94, 0xd3,
-      0x3a, 0x80, 0x20, 0x38, 0x3f, 0x9a, 0x6d, 0x78, 0x99, 0xcb,
-      0x39, 0x53, 0x12, 0x80, 0xf1, 0x56, 0xe0, 0x02, 0x40, 0xf2,
-      0x88, 0x36, 0xcd, 0x08, 0xdc, 0x4c, 0x80, 0x7b, 0xdc, 0x4f,
-      0x7e, 0x36, 0x08, 0x10, 0x01, 0x27, 0xcc, 0x28, 0xc1, 0x64,
-      0x6f, 0x57, 0x64, 0x2f, 0x77, 0xa8, 0x92, 0x02, 0xf6, 0x50,
-      0xb3, 0x1b, 0x6d, 0x19, 0x6e, 0xbf, 0x36, 0x4d, 0x9c, 0x06,
-      0x28, 0x9b, 0x11, 0x5d, 0xda, 0x90, 0xc3, 0x51 },
-    { 0x71, 0xff, 0x62, 0xc9, 0x4f, 0x02, 0xf8, 0x9d, 0xe7, 0xdb,
-      0x4b, 0x98, 0xcf, 0x33, 0x87, 0x1c, 0x21, 0x5a, 0xd8, 0x30,
-      0x1f, 0x27, 0x7e, 0x31, 0x9a, 0xaf, 0x6e, 0x67, 0x79, 0x0e,
-      0x30, 0x88, 0xd7, 0xec, 0x5e, 0xda, 0xa3, 0xb6, 0x27, 0x59,
-      0xf4, 0x01, 0x41, 0xb8, 0x3f, 0xd5, 0x8f, 0x65, 0xfe, 0x2b,
-      0xae, 0x08, 0x4a, 0x9b, 0x63, 0xb6, 0xa4, 0xe1, 0xd8, 0x72,
-      0x5c, 0xde, 0xbb, 0x70, 0xe8, 0xf0, 0x9e, 0x7e, 0x00, 0xf0,
-      0xc0, 0xf9, 0xcd, 0x47, 0x2a, 0xfa, 0xea, 0x3b, 0x91, 0x53,
-      0xed, 0xfb, 0x7b, 0xaa, 0x4a, 0x92, 0xca, 0x27, 0x0b, 0xee,
-      0x9c, 0xee, 0x1b, 0xb1, 0x41, 0x3f, 0x6b, 0x4e, 0x32, 0xad,
-      0xa7, 0xcc, 0x19, 0x54, 0x81, 0xc3, 0x29, 0xc4, 0x92, 0xb0,
-      0xa3, 0x30, 0x0e, 0x82, 0x57, 0x12, 0xb8, 0xb1, 0x6f, 0x12,
-      0x2e, 0x3d, 0x5c, 0x83, 0x5f, 0x00, 0x82, 0x2e },
-    { 0x40, 0xfd, 0x47, 0xe7, 0x5f, 0x95, 0x82, 0x73, 0xe6, 0xa8,
-      0x3f, 0xe9, 0xdf, 0x1b, 0xba, 0x69, 0x6c, 0x18, 0xb3, 0x50,
-      0x84, 0xef, 0x6b, 0x4c, 0xf1, 0xe1, 0x9f, 0xc6, 0xfd, 0xc3,
-      0x7d, 0xda, 0x38, 0xdb, 0xb6, 0x3e, 0xa3, 0xd2, 0x66, 0x1c,
-      0xd3, 0xaa, 0x0f, 0x7d, 0xd2, 0x22, 0x64, 0x32, 0xed, 0xde,
-      0x69, 0x2a, 0x72, 0xcc, 0xd1, 0xf0, 0x92, 0xed, 0xc4, 0xb1,
-      0xb6, 0xd4, 0xf6, 0x8a, 0x75, 0x3f, 0x28, 0xa0, 0x33, 0xaf,
-      0x53, 0x6b, 0x8b, 0x83, 0x2d, 0x46, 0xf5, 0x98, 0x28, 0xc1,
-      0xe1, 0xe9, 0xf9, 0x90, 0xca, 0x04, 0x41, 0x80, 0xa4, 0xc5,
-      0x98, 0xe1, 0x09, 0xe6, 0x50, 0x33, 0x83, 0xf5, 0xef, 0x9f,
-      0xff, 0xf1, 0x20, 0xa5, 0x3b, 0x11, 0xa8, 0xa5, 0xf1, 0xcd,
-      0x65, 0x78, 0xe2, 0xee, 0x4a, 0xcd, 0x5e, 0xbc, 0x71, 0xe6,
-      0xaa, 0x4c, 0x71, 0x02, 0x2a, 0x4a, 0x84, 0xd9 },
-    { 0x5b, 0x1c, 0x11, 0x57, 0xe6, 0x39, 0x33, 0x8c, 0x0b, 0x33,
-      0x4d, 0x98, 0xdf, 0xfb, 0xe2, 0x86, 0x68, 0xd8, 0x21, 0x11,
-      0xd8, 0x54, 0xa6, 0x95, 0x18, 0xb9, 0xfa, 0xb3, 0xf9, 0xb6,
-      0xae, 0x43, 0x1a, 0xc1, 0x6a, 0x26, 0x1f, 0x57, 0x8a, 0xa3,
-      0x20, 0xcf, 0x0b, 0x97, 0xf7, 0x30, 0x08, 0x4d, 0xe5, 0x2c,
-      0x01, 0x39, 0xec, 0x6c, 0x21, 0x74, 0x14, 0xd6, 0x8a, 0x08,
-      0x41, 0x13, 0x42, 0x5c, 0x2d, 0x85, 0xd4, 0x52, 0x1b, 0x46,
-      0x83, 0x37, 0x93, 0x38, 0x9c, 0x05, 0x41, 0x71, 0xfb, 0x69,
-      0x95, 0xd5, 0xc9, 0x6e, 0xb5, 0xa2, 0x19, 0x50, 0xcf, 0xc2,
-      0x21, 0x4a, 0x8a, 0xc8, 0xff, 0x88, 0x69, 0xbe, 0xeb, 0xa1,
-      0x2e, 0xb6, 0xef, 0xc2, 0xdd, 0x9e, 0xc8, 0x8e, 0x69, 0x86,
-      0x25, 0x48, 0x6d, 0xbb, 0xfc, 0x1e, 0xea, 0xb6, 0xf2, 0xfb,
-      0x5b, 0x88, 0xb7, 0x46, 0x26, 0x71, 0x40, 0xa4 },
-    { 0x96, 0x3a, 0xb8, 0x3a, 0xa7, 0x56, 0xee, 0xf4, 0x84, 0xde,
-      0x9c, 0xb8, 0x33, 0xe5, 0x0a, 0xb3, 0xce, 0x16, 0x48, 0x01,
-      0x6e, 0x1c, 0x63, 0x44, 0xe4, 0xd3, 0xfc, 0x44, 0xda, 0x0f,
-      0xd5, 0x91, 0xb6, 0xad, 0x1c, 0xf4, 0x78, 0x5e, 0x67, 0xa3,
-      0x0a, 0xc3, 0xbd, 0x66, 0xc7, 0x79, 0x1a, 0x48, 0x1f, 0x91,
-      0x65, 0x1c, 0x7d, 0xa1, 0x2c, 0x10, 0x4f, 0xd1, 0xac, 0xe6,
-      0x81, 0xc6, 0x5f, 0x57, 0xab, 0x18, 0xd8, 0x30, 0xea, 0x6e,
-      0xdc, 0xa8, 0x28, 0x09, 0xc7, 0x64, 0xa4, 0xf3, 0x2c, 0x9d,
-      0x16, 0xe7, 0x06, 0xe7, 0x05, 0x6d, 0xcf, 0x94, 0xcb, 0x2d,
-      0x66, 0xa3, 0x63, 0x24, 0x20, 0xdc, 0x31, 0x6d, 0xc6, 0x5f,
-      0xcb, 0x54, 0xdc, 0xe4, 0xf4, 0x2b, 0xa3, 0xc5, 0xfe, 0x69,
-      0x4c, 0x73, 0x8d, 0xc6, 0x4e, 0xd2, 0x02, 0xfc, 0x92, 0xc2,
-      0x90, 0xed, 0xaa, 0xb1, 0x72, 0xb6, 0xbb, 0x8f },
-    { 0x44, 0x34, 0x80, 0xfc, 0xbe, 0x45, 0xc5, 0x58, 0x6b, 0x82,
-      0xb8, 0x99, 0x07, 0x6b, 0x98, 0x84, 0xc8, 0x9b, 0x91, 0xfd,
-      0x83, 0xc1, 0xdc, 0x07, 0x66, 0x59, 0x4a, 0xaa, 0x83, 0x73,
-      0x82, 0xda, 0x01, 0x1b, 0x25, 0x21, 0xa6, 0x0c, 0xfb, 0x6a,
-      0x03, 0x7d, 0x13, 0x21, 0xb9, 0x9f, 0x4e, 0x3b, 0x8e, 0x55,
-      0x09, 0x69, 0x7d, 0x7d, 0x95, 0x78, 0x81, 0x89, 0xe8, 0xb0,
-      0x7c, 0x20, 0xbf, 0xd8, 0x36, 0x45, 0xbc, 0xb6, 0x33, 0x19,
-      0xad, 0xac, 0xfe, 0x8c, 0x39, 0x0d, 0xbb, 0xa7, 0x55, 0x70,
-      0x71, 0x00, 0x6f, 0x29, 0x04, 0x05, 0x7d, 0xce, 0x3f, 0xee,
-      0x20, 0x4d, 0xf5, 0x50, 0x71, 0xbc, 0x84, 0xe5, 0x5b, 0x3e,
-      0xe7, 0xc9, 0x9e, 0x15, 0xd1, 0x6e, 0x7d, 0x58, 0x8a, 0x3c,
-      0x35, 0x64, 0x96, 0x56, 0x88, 0x15, 0x5c, 0xfe, 0x45, 0xfe,
-      0x94, 0x4b, 0x47, 0xd8, 0xdf, 0x4e, 0xa5, 0xa3 },
-    { 0x97, 0x11, 0x8a, 0x88, 0xcf, 0xfa, 0xa7, 0xeb, 0xab, 0x6d,
-      0x1e, 0xb0, 0xa1, 0x70, 0x03, 0x71, 0xb9, 0xd3, 0x55, 0xcf,
-      0x8e, 0xb0, 0x3e, 0x6d, 0x9b, 0x6c, 0x22, 0x4b, 0xf6, 0xd7,
-      0x2b, 0x58, 0xd5, 0xb1, 0x38, 0xd8, 0xc4, 0x42, 0xbe, 0x82,
-      0xc2, 0xda, 0xda, 0x9e, 0x06, 0x5a, 0x8e, 0xe9, 0x38, 0x14,
-      0x90, 0x71, 0xd3, 0x16, 0x05, 0xac, 0xdb, 0xef, 0x7c, 0x00,
-      0xc1, 0x17, 0xa7, 0x8d, 0xa3, 0x86, 0x89, 0x17, 0xe7, 0x21,
-      0xba, 0x7b, 0x24, 0x12, 0x84, 0xed, 0x24, 0x57, 0x2a, 0xc6,
-      0xc2, 0xa9, 0xd0, 0xf2, 0xfb, 0x43, 0xa8, 0x6a, 0xb2, 0x29,
-      0x65, 0x37, 0xfb, 0xfe, 0x9b, 0x77, 0xef, 0x3e, 0x6b, 0x31,
-      0xd6, 0xf9, 0x61, 0x52, 0x42, 0xe2, 0xd0, 0xe4, 0x0f, 0xa5,
-      0x47, 0x87, 0x4a, 0xec, 0x4f, 0x2e, 0x3e, 0x85, 0x7a, 0x7a,
-      0xf8, 0xff, 0xff, 0xb4, 0x91, 0x14, 0x22, 0x1a },
-    { 0x17, 0xc0, 0x77, 0x8d, 0x4b, 0x71, 0xfa, 0x82, 0xd5, 0x6a,
-      0x17, 0x7a, 0xa5, 0x73, 0x38, 0x7c, 0x30, 0xb5, 0x40, 0x5a,
-      0x27, 0x0f, 0x45, 0xf6, 0x55, 0x4f, 0xe7, 0x63, 0xfe, 0x52,
-      0xea, 0xe7, 0xdb, 0xa2, 0xba, 0x26, 0x85, 0xc3, 0xfc, 0x72,
-      0xe4, 0xe7, 0x62, 0x99, 0x8a, 0x02, 0x23, 0xa5, 0xa4, 0x2c,
-      0x02, 0xf4, 0x10, 0x2f, 0xee, 0x2a, 0xa2, 0x73, 0x00, 0x83,
-      0x3b, 0x06, 0xef, 0xa5, 0x5b, 0xa7, 0x0a, 0x49, 0x8a, 0x88,
-      0x2f, 0xf2, 0xb8, 0x58, 0x63, 0x7b, 0x14, 0xb3, 0xe5, 0x01,
-      0xa8, 0xb0, 0xd8, 0x20, 0x3e, 0xf2, 0xa1, 0xc4, 0x9d, 0x35,
-      0x2f, 0xbb, 0x0f, 0xbf, 0xb7, 0x81, 0xe7, 0x79, 0xa3, 0xca,
-      0xa0, 0x20, 0x70, 0xb4, 0x24, 0xe0, 0xdd, 0x81, 0x04, 0x77,
-      0x4f, 0xbf, 0x80, 0x83, 0xc8, 0x1b, 0xa9, 0x3a, 0x68, 0x66,
-      0xbf, 0x9c, 0x59, 0xa2, 0xcd, 0xec, 0xb5, 0xd8 },
-    { 0x12, 0x19, 0xd5, 0xc8, 0x57, 0x1f, 0xe4, 0xc6, 0xd6, 0xce,
-      0x84, 0xe1, 0xa4, 0x52, 0xed, 0x66, 0x9f, 0xfe, 0xc3, 0xa1,
-      0xe2, 0xbf, 0x5d, 0x84, 0x6d, 0xd1, 0x2a, 0xe0, 0x1a, 0xd2,
-      0x3a, 0x38, 0x5a, 0x8d, 0xb7, 0x9b, 0xa9, 0x6c, 0xc9, 0xa3,
-      0x72, 0x3f, 0x43, 0x09, 0xa0, 0xff, 0xce, 0x0e, 0x7a, 0x0d,
-      0x91, 0x57, 0x37, 0x85, 0x9a, 0x6a, 0x16, 0xe1, 0x2c, 0x45,
-      0xe8, 0x6d, 0x5f, 0xd5, 0xf2, 0x24, 0x95, 0x2b, 0x18, 0x69,
-      0x1c, 0x4a, 0x76, 0x8b, 0xca, 0x70, 0x05, 0x28, 0xbd, 0x40,
-      0xa1, 0xa1, 0xde, 0xcd, 0x96, 0x7a, 0x2e, 0xca, 0x8c, 0x3f,
-      0xa1, 0x77, 0xf5, 0xb0, 0x43, 0x77, 0x40, 0xfa, 0x45, 0x18,
-      0xba, 0x09, 0xf3, 0xc4, 0xa2, 0xf5, 0xac, 0x9d, 0x9e, 0xbb,
-      0xa9, 0x78, 0xc9, 0x88, 0x4e, 0x56, 0x65, 0x6e, 0xc5, 0x72,
-      0x0e, 0x6d, 0xff, 0x1d, 0x27, 0x35, 0xe3, 0x7b },
-    { 0x2c, 0x8d, 0x7a, 0xb2, 0xd6, 0x57, 0xf2, 0x30, 0x13, 0x14,
-      0xa8, 0x2f, 0x7e, 0x62, 0x6f, 0x42, 0x70, 0xb5, 0x7e, 0x1f,
-      0x0b, 0xe2, 0x9e, 0xce, 0x76, 0xf9, 0x28, 0x39, 0x3a, 0x07,
-      0x93, 0xf9, 0x3c, 0x29, 0x6b, 0x0d, 0xd2, 0x34, 0xa0, 0x7a,
-      0x28, 0x65, 0xdd, 0x61, 0xcb, 0xa5, 0x7c, 0xc8, 0x43, 0x08,
-      0xf7, 0x62, 0xa0, 0x4e, 0x6b, 0x87, 0x21, 0x6a, 0x61, 0xd0,
-      0x7f, 0xac, 0x67, 0xc6, 0x95, 0xcd, 0x99, 0x90, 0xeb, 0x24,
-      0xc3, 0x88, 0x14, 0x84, 0xbd, 0xb1, 0x8b, 0xac, 0x11, 0xd6,
-      0x51, 0xd3, 0xd0, 0x75, 0xa9, 0x74, 0x3e, 0x6b, 0xff, 0xff,
-      0xca, 0xd8, 0xe5, 0x80, 0xbd, 0xbd, 0x0f, 0x82, 0xb0, 0xed,
-      0x8d, 0x15, 0x02, 0x74, 0xe6, 0x12, 0x7e, 0x51, 0x57, 0xbb,
-      0x09, 0x09, 0x3a, 0x3a, 0xb3, 0x9d, 0x2f, 0x03, 0xe7, 0x73,
-      0x43, 0xea, 0xa6, 0x7f, 0x26, 0x29, 0x69, 0xeb },
-    { 0x22, 0x99, 0xd2, 0x77, 0x4b, 0x09, 0xd9, 0x58, 0x96, 0xeb,
-      0x70, 0x5a, 0x1b, 0x40, 0x4c, 0x44, 0x59, 0x60, 0x13, 0xdb,
-      0x94, 0xa2, 0x0b, 0x11, 0xb0, 0xfd, 0x1c, 0xd5, 0xd1, 0xd3,
-      0x98, 0xfb, 0xd4, 0x42, 0x8b, 0x2e, 0xed, 0x8c, 0xd5, 0x9a,
-      0x74, 0x74, 0xbf, 0x0d, 0x77, 0xf8, 0x4a, 0x34, 0x6c, 0x98,
-      0xd0, 0x5d, 0xc6, 0x7d, 0x6a, 0x8a, 0x69, 0xce, 0xd5, 0xaa,
-      0xac, 0xa2, 0xd7, 0xef, 0xda, 0x89, 0x78, 0xbd, 0x29, 0xe3,
-      0x7f, 0xeb, 0x11, 0x8a, 0xab, 0x77, 0x5a, 0x4d, 0xf3, 0x81,
-      0x99, 0xda, 0xe4, 0x69, 0xd4, 0x5e, 0xbb, 0xa7, 0x8c, 0x4b,
-      0x14, 0xdd, 0x9d, 0xf6, 0x43, 0x6a, 0x22, 0x9f, 0x89, 0xf5,
-      0x8d, 0xd0, 0x96, 0x3f, 0x63, 0xe6, 0x65, 0xd8, 0x13, 0x10,
-      0x10, 0x8d, 0xdf, 0x51, 0xea, 0xa5, 0x6e, 0xf8, 0x3b, 0x44,
-      0x67, 0xcf, 0x58, 0x92, 0x08, 0x25, 0xe4, 0xd6 },
-    { 0x21, 0xac, 0x67, 0x79, 0x19, 0x36, 0x61, 0x8e, 0xaf, 0x9f,
-      0xfa, 0x57, 0x27, 0xb4, 0x6c, 0x26, 0x97, 0x1b, 0x73, 0x6f,
-      0x52, 0xca, 0x0d, 0x50, 0x71, 0xc4, 0x41, 0x35, 0xf0, 0xb6,
-      0x59, 0x34, 0xc7, 0xad, 0x1d, 0x2b, 0x82, 0x1c, 0x44, 0x6b,
-      0xe8, 0xd3, 0x8b, 0x48, 0x25, 0x31, 0x7e, 0x95, 0x0c, 0xf5,
-      0x62, 0x91, 0xac, 0xe0, 0x07, 0x4e, 0x69, 0x25, 0xb1, 0xb3,
-      0x04, 0x2d, 0xf4, 0x8e, 0x33, 0x6f, 0xd1, 0x3d, 0x91, 0x6e,
-      0xe9, 0x8b, 0xed, 0x5d, 0x51, 0x89, 0xbe, 0xc4, 0xf8, 0xa0,
-      0xdc, 0x96, 0x3f, 0x2d, 0x41, 0x1d, 0xb5, 0xf6, 0xa4, 0xb2,
-      0x80, 0xcd, 0xe5, 0x3c, 0x01, 0xfd, 0x40, 0x5a, 0xe2, 0x87,
-      0x8f, 0xcd, 0xc6, 0x8c, 0x58, 0x66, 0xd8, 0xe1, 0x3e, 0x9f,
-      0x1d, 0xb2, 0xac, 0x19, 0x8f, 0x1e, 0xbf, 0x6d, 0xd3, 0x1e,
-      0x5b, 0x9c, 0xd5, 0x8d, 0xc6, 0x43, 0x97, 0xe6 },
-    { 0x0e, 0x8e, 0xc1, 0xe7, 0x0e, 0x62, 0xd9, 0xd8, 0x66, 0x3d,
-      0x88, 0xd6, 0x24, 0x48, 0x3a, 0x56, 0x01, 0x5f, 0x7e, 0x78,
-      0x92, 0xc2, 0xe1, 0xbb, 0x30, 0x46, 0x3e, 0xe4, 0xe7, 0xf7,
-      0xbe, 0x9f, 0x61, 0x22, 0x11, 0xdb, 0xee, 0x01, 0x64, 0xcd,
-      0xc3, 0xf1, 0xc4, 0x31, 0xb2, 0x61, 0xca, 0x1c, 0xff, 0xa3,
-      0x49, 0x6a, 0x3e, 0x60, 0x2f, 0x74, 0xfc, 0x0e, 0x1a, 0x45,
-      0x61, 0x5a, 0x43, 0x89, 0x4f, 0x39, 0x89, 0x97, 0x0f, 0xf2,
-      0x7b, 0x9c, 0x70, 0x97, 0x8a, 0x59, 0x03, 0x7c, 0x19, 0xb8,
-      0x13, 0xd6, 0xf3, 0x75, 0xa0, 0xf2, 0x28, 0x14, 0xdf, 0xc1,
-      0x9b, 0x09, 0xb3, 0x3c, 0x36, 0x25, 0x6f, 0xcd, 0x42, 0x36,
-      0x38, 0x07, 0xb7, 0xd3, 0x49, 0x20, 0x33, 0xf8, 0x4d, 0xf5,
-      0xd4, 0xb4, 0x12, 0x72, 0x24, 0x73, 0x97, 0xbd, 0xfc, 0x18,
-      0xab, 0x42, 0x0e, 0x3f, 0x2d, 0x7f, 0xbc, 0xd2 },
-    { 0x65, 0x3a, 0x79, 0x5f, 0x5d, 0x10, 0x36, 0x35, 0xd8, 0x50,
-      0xc1, 0xc0, 0x1b, 0x6b, 0x73, 0xfd, 0xe2, 0xa2, 0xbd, 0x12,
-      0xf4, 0xb1, 0x3e, 0x5b, 0x76, 0xaa, 0x0f, 0x56, 0x86, 0x4d,
-      0x83, 0x26, 0x58, 0x19, 0x2c, 0x86, 0xa2, 0x94, 0xa3, 0x25,
-      0x67, 0xb1, 0x21, 0x7e, 0xd0, 0x77, 0x36, 0x66, 0xe1, 0x84,
-      0x7a, 0x4c, 0x49, 0x5d, 0x83, 0x25, 0x78, 0x30, 0xae, 0x28,
-      0x9b, 0x23, 0x7e, 0x91, 0x59, 0xef, 0x6c, 0xdd, 0xe0, 0xb9,
-      0x14, 0x53, 0x42, 0xee, 0x03, 0x82, 0x4c, 0x67, 0xa7, 0x71,
-      0xb7, 0x4b, 0x3d, 0xe7, 0x95, 0x9c, 0x48, 0xe3, 0x30, 0x78,
-      0x5b, 0xd4, 0x88, 0xd2, 0x21, 0xa1, 0x31, 0x6d, 0x02, 0x3e,
-      0xdd, 0x58, 0xa3, 0x15, 0x90, 0x34, 0x48, 0x20, 0xa5, 0x17,
-      0x36, 0x17, 0x99, 0xac, 0x17, 0x5d, 0x66, 0x40, 0x07, 0x1a,
-      0xa8, 0x8c, 0xcc, 0x29, 0x8a, 0x08, 0x78, 0xdd },
-    { 0x30, 0xdf, 0xc4, 0x7b, 0xd4, 0x44, 0x67, 0x5e, 0x08, 0x3f,
-      0x65, 0xa5, 0xfb, 0x9d, 0x79, 0x76, 0x11, 0x18, 0x6d, 0x31,
-      0x9a, 0x40, 0xda, 0x4b, 0xd2, 0x89, 0xeb, 0x4f, 0x27, 0xfb,
-      0x0f, 0xd1, 0xf9, 0x94, 0xa1, 0x14, 0x7c, 0x6a, 0x42, 0xb1,
-      0x46, 0xec, 0xbd, 0x3f, 0x1f, 0xef, 0x20, 0xe9, 0xbd, 0x75,
-      0x73, 0x9c, 0xee, 0x7d, 0xaa, 0x26, 0xc9, 0x97, 0xf9, 0x3e,
-      0xb2, 0x12, 0x5e, 0x8e, 0x14, 0xf9, 0x70, 0xcb, 0xdb, 0x45,
-      0xd7, 0x63, 0x0b, 0x12, 0x83, 0x9a, 0xc5, 0xd1, 0xb1, 0x13,
-      0xe2, 0x06, 0xb1, 0xd8, 0x1d, 0xb7, 0x25, 0xc7, 0x3a, 0xa7,
-      0x04, 0xde, 0xe2, 0xb1, 0x2d, 0x52, 0xb0, 0xe5, 0x28, 0x8d,
-      0x27, 0xf1, 0x31, 0xb5, 0xbc, 0xa7, 0xd7, 0xc3, 0xc9, 0x76,
-      0x03, 0xd0, 0xb3, 0x5b, 0x8e, 0x5e, 0x7f, 0xa0, 0x2b, 0x60,
-      0xcf, 0xe2, 0x89, 0x85, 0x50, 0xdc, 0xb1, 0x99 },
-    { 0x57, 0x2a, 0x59, 0x1f, 0x54, 0xc2, 0x12, 0xcf, 0xe1, 0x6f,
-      0xe8, 0x72, 0x39, 0x7f, 0x25, 0x01, 0x15, 0x35, 0xc7, 0xda,
-      0xae, 0x0f, 0xe2, 0x18, 0x9a, 0xc5, 0x2a, 0x4d, 0x40, 0x7a,
-      0x3a, 0xa0, 0x98, 0x3a, 0xf1, 0x75, 0x25, 0x18, 0x49, 0x39,
-      0x5d, 0xa6, 0x9e, 0x0b, 0xeb, 0x1a, 0xe2, 0x89, 0x27, 0x61,
-      0x92, 0xbf, 0x07, 0xd7, 0xc3, 0xc8, 0x86, 0xe1, 0x14, 0xa6,
-      0x2d, 0xdf, 0x7a, 0xc6, 0x17, 0x07, 0x3c, 0xe6, 0x3e, 0x2f,
-      0x69, 0x84, 0xb7, 0xbe, 0x23, 0x36, 0xc4, 0xb7, 0x8e, 0x1c,
-      0xa3, 0x51, 0x4b, 0x21, 0x98, 0x83, 0x11, 0x0f, 0xb1, 0xa3,
-      0xdf, 0x7a, 0x30, 0x59, 0x06, 0x8e, 0xa2, 0xb9, 0xc2, 0x04,
-      0x56, 0xa6, 0xa2, 0x14, 0xab, 0x07, 0x02, 0xdf, 0x8b, 0x53,
-      0x35, 0x61, 0x25, 0x02, 0x7e, 0x54, 0xb4, 0xd4, 0xe8, 0x12,
-      0xbc, 0xfc, 0x5a, 0xe2, 0x9e, 0xaa, 0xdf, 0xe8 },
-    { 0x65, 0xc2, 0xcb, 0xe1, 0xd8, 0xc8, 0x2c, 0x3c, 0x80, 0xc8,
-      0x65, 0x53, 0x24, 0x91, 0x9a, 0x4e, 0x12, 0x0c, 0x6f, 0xbc,
-      0x6c, 0x8b, 0x19, 0x0e, 0x81, 0x42, 0xdb, 0x5c, 0x90, 0xaf,
-      0xd0, 0x7b, 0x6e, 0x3e, 0x49, 0x9d, 0x8d, 0x15, 0x76, 0x7a,
-      0x90, 0x2f, 0xe9, 0x29, 0xf9, 0x08, 0xab, 0x43, 0xa3, 0x84,
-      0x67, 0xdc, 0xe5, 0x3d, 0x1a, 0xa9, 0x15, 0xbc, 0xf3, 0xc6,
-      0x11, 0xcb, 0x8c, 0x31, 0xf1, 0xd3, 0x62, 0x2b, 0x67, 0xf3,
-      0x3f, 0x76, 0xb7, 0x05, 0xed, 0x61, 0x3d, 0x67, 0x4f, 0xe5,
-      0xbb, 0xa5, 0x97, 0xce, 0xca, 0x03, 0x06, 0xd8, 0x6d, 0x96,
-      0x71, 0xc0, 0x2f, 0xed, 0x95, 0x78, 0xbd, 0x3c, 0xbf, 0x9b,
-      0xf2, 0x21, 0x26, 0xd4, 0xf9, 0xce, 0xb4, 0xb2, 0x3e, 0xef,
-      0xd6, 0x90, 0x3f, 0x05, 0x43, 0x18, 0x32, 0x77, 0x33, 0xbc,
-      0x49, 0x66, 0x84, 0x19, 0x09, 0xa5, 0x55, 0x3a },
-    { 0x83, 0x14, 0x40, 0xd5, 0x3b, 0xa7, 0x7f, 0x66, 0xd8, 0x05,
-      0x50, 0x16, 0x0e, 0x78, 0x88, 0xb9, 0x25, 0x33, 0xad, 0x58,
-      0xa0, 0xdc, 0xf4, 0xab, 0x43, 0x53, 0xd7, 0x2e, 0x1a, 0x09,
-      0x98, 0x52, 0x46, 0xdb, 0x73, 0x8d, 0xdf, 0xae, 0x7a, 0x1a,
-      0x78, 0x3e, 0xff, 0x1b, 0x94, 0xef, 0x7e, 0xd3, 0xa5, 0xc4,
-      0xf1, 0xdc, 0x22, 0x9b, 0xd3, 0xde, 0x8c, 0x3c, 0xa3, 0x49,
-      0x73, 0xe1, 0xd2, 0xf1, 0x5e, 0x34, 0xe3, 0x00, 0x47, 0x73,
-      0x81, 0x83, 0x92, 0xea, 0x15, 0xec, 0x95, 0x01, 0x17, 0x70,
-      0x82, 0x9b, 0xc6, 0xb3, 0x41, 0x3f, 0x57, 0x9e, 0xb6, 0x88,
-      0x42, 0x77, 0x08, 0x45, 0x2d, 0x44, 0x79, 0xc1, 0x62, 0xe5,
-      0x67, 0x9d, 0xd1, 0x58, 0x76, 0x47, 0x2c, 0xf6, 0x6b, 0xa0,
-      0xee, 0xd7, 0x27, 0xdc, 0x3b, 0x0a, 0x86, 0xe8, 0x62, 0x45,
-      0x68, 0x4c, 0xda, 0x20, 0xa6, 0x60, 0xbb, 0x63 },
-    { 0x50, 0x4c, 0x3a, 0x8a, 0x6d, 0x5f, 0x45, 0x66, 0x4a, 0x98,
-      0x5a, 0x70, 0xe1, 0x5a, 0x28, 0x15, 0x38, 0x53, 0x99, 0xcd,
-      0xbc, 0xf1, 0x19, 0xca, 0x57, 0x39, 0xac, 0x8f, 0x98, 0x5f,
-      0xb4, 0x6d, 0xe9, 0x56, 0x63, 0xcc, 0x1b, 0x41, 0x1e, 0x3e,
-      0x3c, 0xd1, 0x7f, 0x7f, 0x82, 0x14, 0x7b, 0x71, 0x7e, 0x0c,
-      0x7a, 0x3c, 0x64, 0xca, 0xdf, 0xc6, 0x04, 0x88, 0x38, 0x2f,
-      0x48, 0x53, 0x6b, 0x3b, 0xc9, 0x97, 0x7d, 0xb5, 0x63, 0x8c,
-      0xe1, 0x1a, 0xea, 0x3f, 0xce, 0x98, 0x3d, 0xe0, 0x78, 0xdd,
-      0x73, 0x5b, 0x86, 0x0a, 0x10, 0x1e, 0x85, 0x17, 0x92, 0x9d,
-      0x7f, 0x66, 0xdf, 0xd2, 0x7a, 0x66, 0xc4, 0x5c, 0x28, 0xe6,
-      0x1d, 0x3e, 0x44, 0xf0, 0xe8, 0x97, 0xf3, 0xe8, 0x82, 0x0b,
-      0x3c, 0x0d, 0x5d, 0x06, 0x6e, 0x29, 0xd0, 0xfa, 0x46, 0xac,
-      0xf4, 0x3e, 0x2e, 0x32, 0xf6, 0x11, 0xb2, 0xda },
-    { 0x49, 0x6e, 0x46, 0x99, 0xc7, 0x1d, 0x21, 0xd2, 0xc2, 0x7a,
-      0xf0, 0xb1, 0x69, 0xf5, 0x6a, 0xdd, 0x38, 0xca, 0xf7, 0xd0,
-      0x77, 0xfd, 0xc5, 0x20, 0xbf, 0x2e, 0xa6, 0xc9, 0xf8, 0x43,
-      0x04, 0x22, 0x5e, 0xca, 0xc3, 0xe5, 0x6d, 0xe9, 0x37, 0xdc,
-      0x2a, 0xe6, 0x84, 0xde, 0x55, 0x37, 0xb7, 0xda, 0x85, 0xa7,
-      0xa9, 0xc3, 0xe6, 0xe2, 0x8e, 0xac, 0xbc, 0x70, 0xb3, 0xce,
-      0xa6, 0x96, 0x73, 0xea, 0xb3, 0x5e, 0x56, 0x7e, 0xa6, 0xe8,
-      0xa3, 0xbb, 0x4c, 0x23, 0xc6, 0xb6, 0x67, 0x0b, 0x27, 0x02,
-      0xa2, 0xdc, 0x00, 0x1d, 0x7e, 0xe8, 0x1e, 0xe1, 0x6a, 0xd3,
-      0x89, 0x56, 0xaa, 0xbc, 0xc6, 0x74, 0x29, 0x83, 0x24, 0x30,
-      0xe5, 0xa1, 0x29, 0xed, 0x23, 0x4d, 0x24, 0x1c, 0x43, 0x7c,
-      0xe2, 0x5f, 0x98, 0x5c, 0xff, 0x38, 0x50, 0x94, 0x74, 0xe3,
-      0x00, 0xb5, 0x52, 0x83, 0xb8, 0xfa, 0x53, 0xc7 },
-    { 0x13, 0x38, 0x91, 0x73, 0x13, 0x03, 0x7f, 0xe8, 0x4f, 0x2b,
-      0x5c, 0xcf, 0xcb, 0x37, 0x44, 0xb5, 0x35, 0x4c, 0xdc, 0xdb,
-      0xe5, 0xf0, 0x69, 0x52, 0xc1, 0x4b, 0x21, 0x5e, 0xb0, 0xd6,
-      0x86, 0x3a, 0x8b, 0xa0, 0xd9, 0xe9, 0xae, 0xab, 0x51, 0xf9,
-      0xd6, 0x7a, 0xac, 0xaf, 0x76, 0x5b, 0xa2, 0x68, 0xce, 0xb4,
-      0x0e, 0xdc, 0x95, 0x11, 0x67, 0xb7, 0x97, 0xbf, 0x6a, 0x54,
-      0x22, 0x03, 0xd5, 0xc4, 0x5a, 0x21, 0xec, 0xe6, 0x2c, 0xd6,
-      0x40, 0xc5, 0xbd, 0x01, 0xfa, 0x86, 0xbb, 0x04, 0x79, 0x3b,
-      0xc4, 0x63, 0xbd, 0xa6, 0x17, 0xc0, 0x81, 0xb8, 0x40, 0xbf,
-      0xd0, 0x80, 0x81, 0xf3, 0x21, 0x6a, 0xbc, 0x85, 0x97, 0x52,
-      0x36, 0x86, 0xbd, 0xcc, 0x65, 0x9b, 0xcf, 0xaf, 0x48, 0x33,
-      0xe0, 0x9b, 0xc2, 0xe3, 0x76, 0x84, 0x0e, 0xb2, 0xa6, 0x14,
-      0xba, 0x14, 0xfc, 0x82, 0x9f, 0xa9, 0x34, 0x67 },
-    { 0x42, 0x2e, 0xb5, 0x73, 0xf3, 0x83, 0x3f, 0xbd, 0x4c, 0x81,
-      0x02, 0xb4, 0x6d, 0xa1, 0xf3, 0x45, 0xd2, 0xce, 0xfa, 0x09,
-      0x69, 0x5e, 0x3a, 0x02, 0x02, 0xc5, 0x10, 0x4d, 0x4d, 0xea,
-      0x47, 0x96, 0x50, 0xf0, 0xc0, 0xa6, 0x04, 0x85, 0xdf, 0xf4,
-      0x4b, 0xb2, 0x95, 0x2e, 0x55, 0xfb, 0xdb, 0xac, 0x9e, 0x7a,
-      0x9b, 0x46, 0x3b, 0x45, 0xfe, 0xa5, 0xae, 0xc0, 0xfc, 0xb2,
-      0x6b, 0xc8, 0xaa, 0x2a, 0x68, 0x07, 0x41, 0x72, 0x54, 0x33,
-      0x04, 0xef, 0x0b, 0xc4, 0x93, 0xf9, 0x50, 0xa3, 0x4a, 0x7b,
-      0xec, 0xc4, 0xcf, 0xb0, 0x26, 0x09, 0x90, 0xc8, 0xbb, 0x57,
-      0x76, 0x2d, 0x38, 0xf3, 0x7e, 0x01, 0x81, 0xe3, 0x4e, 0xb9,
-      0xc7, 0xce, 0xa9, 0x5c, 0x4b, 0xcd, 0x41, 0x9f, 0xde, 0x8e,
-      0x53, 0x14, 0xfd, 0xac, 0x17, 0xbc, 0x44, 0xae, 0x2a, 0xc6,
-      0xee, 0x68, 0x06, 0x40, 0x45, 0x00, 0x3c, 0xd1 },
-    { 0x36, 0x85, 0x41, 0xcf, 0x2c, 0x25, 0x25, 0x82, 0xcf, 0xba,
-      0x27, 0xd7, 0xa0, 0xda, 0x2d, 0xc6, 0xa9, 0xfb, 0xbb, 0x4c,
-      0xb7, 0xfd, 0x2b, 0x05, 0x7d, 0x19, 0xb9, 0xc2, 0x72, 0x79,
-      0x99, 0xff, 0x09, 0xfe, 0xbc, 0x9c, 0x74, 0x73, 0x12, 0xe1,
-      0x40, 0xf1, 0xc7, 0xe1, 0x66, 0xa3, 0xf2, 0xbf, 0xee, 0x63,
-      0xfa, 0x8b, 0x88, 0x9d, 0xf8, 0xbc, 0x26, 0xea, 0x5a, 0x54,
-      0xd6, 0x60, 0x59, 0xfe, 0xf2, 0xe2, 0x0c, 0xb4, 0x5b, 0x0f,
-      0xd3, 0xad, 0xc8, 0x9e, 0x89, 0x20, 0xcb, 0xa0, 0x3c, 0xdc,
-      0xf2, 0xa6, 0xba, 0x41, 0xda, 0xfb, 0x73, 0x6a, 0x72, 0x53,
-      0x76, 0xac, 0x54, 0xb1, 0x27, 0x23, 0xcf, 0x7c, 0x94, 0xe2,
-      0x64, 0xea, 0x58, 0x03, 0x57, 0xc1, 0xe9, 0x19, 0x07, 0x28,
-      0x14, 0x59, 0xb0, 0x86, 0x1f, 0x6d, 0x97, 0x14, 0xba, 0x0e,
-      0xac, 0x59, 0x2e, 0xb6, 0xa6, 0xad, 0x3f, 0x47 },
-    { 0x59, 0xa5, 0xbf, 0x59, 0x22, 0x26, 0x13, 0x34, 0xb8, 0x97,
-      0x78, 0x80, 0x22, 0x41, 0xa5, 0x66, 0x07, 0x3b, 0xf8, 0x69,
-      0xc7, 0xf9, 0x27, 0xe9, 0x09, 0xd8, 0xcf, 0x2d, 0x86, 0xa5,
-      0x86, 0xf4, 0x16, 0x69, 0x78, 0x6a, 0x97, 0xe9, 0x4c, 0x11,
-      0xe2, 0x64, 0xfa, 0x41, 0xb6, 0xa1, 0x3d, 0x00, 0xb0, 0x0d,
-      0xbf, 0x9d, 0x2a, 0xc1, 0xaf, 0x48, 0xe6, 0x7c, 0x10, 0x2a,
-      0xf5, 0x15, 0xe2, 0x3e, 0x34, 0xb4, 0x73, 0xf0, 0x65, 0x4b,
-      0xe2, 0xf2, 0xd0, 0x20, 0x8a, 0x03, 0xbd, 0x07, 0xd8, 0x77,
-      0xd5, 0xa6, 0xf2, 0xaf, 0xac, 0x06, 0x7f, 0xe8, 0x79, 0x75,
-      0x41, 0xb6, 0x0e, 0x84, 0x2d, 0xc2, 0x69, 0xb5, 0x3c, 0x2a,
-      0xaf, 0xc8, 0xdf, 0xc2, 0x4e, 0x6a, 0xe1, 0x8f, 0x08, 0x0f,
-      0x79, 0x5b, 0x1b, 0x67, 0x7d, 0xe5, 0xac, 0xfa, 0x33, 0x3a,
-      0x51, 0x0d, 0x3c, 0x9e, 0x22, 0x79, 0x9d, 0x37 },
-    { 0x46, 0x75, 0x64, 0xc1, 0x43, 0xeb, 0x79, 0x9c, 0xf1, 0x4e,
-      0xf6, 0x18, 0xd3, 0xd3, 0xe0, 0xf8, 0x04, 0xda, 0x45, 0xf8,
-      0x98, 0x4c, 0xfd, 0x36, 0x8d, 0x0b, 0x5c, 0xbe, 0x4a, 0xcc,
-      0x5f, 0x4d, 0x77, 0xe7, 0xe0, 0x79, 0xb1, 0x3f, 0x3b, 0xd1,
-      0x36, 0xdd, 0xc2, 0x37, 0x2a, 0xaa, 0x91, 0x35, 0xaa, 0x1b,
-      0x05, 0xe0, 0x39, 0x84, 0x8b, 0xc9, 0x9c, 0xaa, 0x06, 0xb7,
-      0xa6, 0x15, 0x6f, 0x8a, 0x6a, 0x6a, 0x71, 0xaa, 0xda, 0xdb,
-      0x47, 0xfb, 0xf9, 0x38, 0x60, 0xd0, 0x94, 0x22, 0x81, 0x00,
-      0x82, 0x67, 0xfd, 0x78, 0xf8, 0xdd, 0x3c, 0x6c, 0x08, 0xbe,
-      0xe9, 0xf1, 0xd9, 0x1b, 0x9a, 0xa0, 0xda, 0x93, 0xcf, 0xcc,
-      0xda, 0xa7, 0xd3, 0x97, 0x07, 0x88, 0x87, 0x67, 0xa9, 0xd4,
-      0x6a, 0x7f, 0x18, 0x6c, 0x1a, 0xbc, 0xeb, 0x96, 0x99, 0x72,
-      0xe9, 0xd1, 0xc9, 0x1e, 0x81, 0x34, 0x71, 0x91 },
-    { 0x8a, 0x0d, 0xee, 0x16, 0x4e, 0xe9, 0x84, 0xd5, 0x0d, 0x0f,
-      0x7a, 0xdb, 0xed, 0x6a, 0x1e, 0x03, 0x17, 0x73, 0xf0, 0x16,
-      0x7b, 0x7c, 0x50, 0xd9, 0x06, 0x8f, 0x39, 0xcb, 0x4f, 0x81,
-      0xe0, 0x9e, 0xfe, 0x8d, 0x72, 0x8c, 0x7a, 0x03, 0x62, 0x18,
-      0xf3, 0x16, 0x77, 0x32, 0x2f, 0x15, 0xb8, 0x50, 0x9f, 0x71,
-      0xbc, 0x0c, 0xa5, 0xd2, 0xa0, 0x06, 0xa2, 0x8f, 0xe1, 0x28,
-      0xc7, 0x9e, 0xdc, 0xb2, 0x8e, 0xb4, 0x8b, 0x15, 0x01, 0x1b,
-      0xc6, 0xf3, 0xac, 0x92, 0xb6, 0xa2, 0xea, 0x87, 0x74, 0x86,
-      0x61, 0xc5, 0x03, 0x18, 0x94, 0xd3, 0x5c, 0x61, 0xa2, 0xfe,
-      0xb4, 0xaf, 0x68, 0xa2, 0xb9, 0xb0, 0x32, 0x23, 0x5f, 0xc1,
-      0x43, 0xba, 0xec, 0x39, 0x90, 0x95, 0xd5, 0x75, 0x6d, 0x20,
-      0xb8, 0xaa, 0x03, 0x7f, 0x33, 0xaf, 0x92, 0xdc, 0x47, 0x52,
-      0x8d, 0x72, 0x59, 0x04, 0xb6, 0xff, 0xf5, 0xd7 },
-    { 0x7b, 0x04, 0xb5, 0xd2, 0xee, 0x97, 0xce, 0x23, 0x2c, 0xe7,
-      0xfe, 0x7d, 0xb6, 0xf6, 0xbe, 0xd2, 0x9e, 0x9d, 0xb1, 0x9f,
-      0xc1, 0xf0, 0x00, 0x73, 0x77, 0x78, 0xa9, 0x66, 0x3f, 0xe0,
-      0xa1, 0x7c, 0xe8, 0x9b, 0xbc, 0x1d, 0x7b, 0x62, 0x84, 0x03,
-      0xf1, 0xe8, 0x0c, 0x84, 0x55, 0x4c, 0xc2, 0x77, 0xf9, 0x7c,
-      0xfd, 0x0e, 0x7e, 0x20, 0xa2, 0xc3, 0x31, 0x0d, 0x91, 0xf1,
-      0xe3, 0xe1, 0x81, 0x09, 0xc0, 0x36, 0x7e, 0xf8, 0xbb, 0xaa,
-      0x1e, 0x8c, 0x6a, 0x8e, 0x45, 0x3e, 0xc7, 0xee, 0x80, 0x8d,
-      0xdb, 0x8d, 0x1b, 0x57, 0xc9, 0x1e, 0x21, 0x5f, 0x56, 0xa7,
-      0x85, 0xf9, 0x40, 0x44, 0x5e, 0x43, 0xbb, 0xb4, 0x6a, 0xa6,
-      0x3f, 0x19, 0x61, 0xe2, 0x14, 0xc4, 0xc7, 0x51, 0xa4, 0x0c,
-      0xce, 0x36, 0xb8, 0x08, 0x4d, 0x9f, 0xe8, 0x6c, 0x30, 0x05,
-      0x50, 0x49, 0x91, 0xbf, 0x47, 0x36, 0x6e, 0x6f },
-    { 0x1c, 0x6a, 0x95, 0xa4, 0xc9, 0x9b, 0xe3, 0x1c, 0x51, 0x5b,
-      0x08, 0x1c, 0x9c, 0x7b, 0x27, 0x2c, 0x4f, 0x14, 0xd0, 0x32,
-      0x37, 0x86, 0x97, 0x7a, 0xd8, 0x51, 0x19, 0xa0, 0xa8, 0xd8,
-      0x18, 0x22, 0xe5, 0x46, 0x5a, 0x55, 0x33, 0x88, 0x63, 0x72,
-      0x3a, 0xe2, 0x1b, 0x23, 0xa6, 0xdd, 0x80, 0x2f, 0xcd, 0x4d,
-      0x50, 0x89, 0xc6, 0x22, 0xd6, 0xe3, 0x07, 0x29, 0x02, 0xd7,
-      0x66, 0xe3, 0xad, 0xf0, 0x0a, 0xa2, 0xac, 0x6e, 0xcf, 0xa5,
-      0x18, 0x57, 0x2e, 0xc6, 0xf0, 0xbb, 0xe1, 0xbb, 0xef, 0x41,
-      0x60, 0x77, 0x38, 0xfb, 0xe0, 0xc1, 0x48, 0xec, 0xc7, 0x35,
-      0x17, 0x31, 0xc3, 0xc3, 0xc3, 0x7c, 0x83, 0x3a, 0x10, 0x13,
-      0xe9, 0x56, 0xd5, 0x1f, 0x3d, 0x56, 0x68, 0x61, 0xe7, 0x78,
-      0x51, 0xe0, 0x1a, 0x73, 0x4c, 0x5e, 0x8e, 0xb8, 0x10, 0x97,
-      0x5b, 0x54, 0x6b, 0xc7, 0x82, 0xc5, 0xfa, 0xf8 },
-    { 0x72, 0x70, 0x8a, 0x02, 0x30, 0xa8, 0x64, 0xc9, 0xa5, 0xc0,
-      0x9c, 0x84, 0x14, 0xf6, 0x87, 0x9c, 0xd4, 0xb3, 0x91, 0x9e,
-      0x08, 0x18, 0xe4, 0xbe, 0x4c, 0xec, 0x87, 0x09, 0xe6, 0x56,
-      0x25, 0xfb, 0x5c, 0x91, 0x22, 0x6e, 0xba, 0x9a, 0xbd, 0xa3,
-      0x2a, 0x46, 0x48, 0x81, 0x34, 0xbd, 0x9a, 0xf1, 0x83, 0x6f,
-      0x61, 0x64, 0x4b, 0x70, 0xab, 0x45, 0x99, 0xdd, 0x0a, 0xd6,
-      0xdb, 0xbb, 0xa8, 0xfe, 0x47, 0x5a, 0x79, 0x23, 0xb7, 0x5f,
-      0x3b, 0x76, 0xf4, 0xaa, 0xda, 0xb8, 0x1a, 0x1d, 0x9f, 0xb1,
-      0x6f, 0x87, 0xbd, 0xf4, 0x75, 0xcb, 0xad, 0x1f, 0x92, 0xc9,
-      0xc0, 0x98, 0xf0, 0x81, 0xd9, 0x27, 0xf4, 0x12, 0xab, 0x39,
-      0x82, 0x48, 0x9e, 0x27, 0xae, 0xf5, 0xd2, 0xc4, 0xcc, 0xad,
-      0xe8, 0x48, 0x82, 0x9c, 0x18, 0x23, 0x4d, 0x17, 0xde, 0x1c,
-      0xa6, 0xb1, 0x4a, 0xd5, 0xc2, 0x82, 0x13, 0x63 },
-    { 0x74, 0x91, 0xc7, 0x4c, 0x73, 0x26, 0x5d, 0x21, 0x7d, 0xb5,
-      0x5c, 0x0b, 0x43, 0x69, 0x51, 0x13, 0x95, 0x25, 0xc4, 0x73,
-      0x73, 0x46, 0x7e, 0x9d, 0xf1, 0x69, 0xd3, 0xcc, 0xfa, 0xe1,
-      0x03, 0xf7, 0xc8, 0x65, 0xf9, 0xfb, 0x61, 0xa8, 0x5b, 0xd5,
-      0x9e, 0x08, 0x18, 0x69, 0xf7, 0x09, 0x69, 0x1c, 0xcf, 0xe8,
-      0xb5, 0xce, 0xbb, 0x16, 0xb5, 0x15, 0x35, 0x5e, 0xb6, 0xe2,
-      0x3e, 0x5c, 0x1b, 0x2a, 0xdb, 0x62, 0xd5, 0xb0, 0xb3, 0x5c,
-      0x93, 0x65, 0x2b, 0x59, 0x06, 0x49, 0xc9, 0x79, 0x3e, 0x1c,
-      0x73, 0x3d, 0xa7, 0x13, 0xce, 0xc6, 0xf4, 0x32, 0xe2, 0x41,
-      0x6c, 0x2a, 0xbb, 0x04, 0x3d, 0xa3, 0x82, 0x4c, 0x71, 0x46,
-      0x90, 0x88, 0x08, 0x81, 0xd7, 0x0f, 0x0f, 0xee, 0x0e, 0x28,
-      0x78, 0x5c, 0xa1, 0xba, 0xe0, 0x9c, 0x7f, 0x9d, 0x45, 0xba,
-      0x4f, 0x33, 0xc0, 0xb1, 0xf3, 0x4a, 0x46, 0x6c },
-    { 0x8b, 0xcf, 0xd3, 0xe5, 0x74, 0x17, 0x68, 0x41, 0x68, 0x29,
-      0xd1, 0xc2, 0x68, 0x90, 0x6b, 0x76, 0xb7, 0x32, 0x9f, 0xab,
-      0xbc, 0xe6, 0x86, 0x64, 0xcb, 0x59, 0x14, 0x93, 0xc6, 0xe8,
-      0xdc, 0xbb, 0x00, 0xfd, 0x4b, 0x01, 0x0b, 0x3b, 0xa2, 0x2e,
-      0xe5, 0x48, 0x7e, 0x25, 0xd3, 0xdd, 0x4a, 0xbd, 0x1f, 0xda,
-      0x9f, 0x37, 0xc8, 0x5d, 0x3c, 0xb9, 0xd6, 0xc4, 0x70, 0x9f,
-      0x01, 0x2a, 0xa3, 0xba, 0x69, 0xe7, 0x57, 0x84, 0xd9, 0xfc,
-      0x5a, 0xdc, 0x93, 0xe2, 0x95, 0xc8, 0x59, 0x74, 0xb2, 0x01,
-      0xda, 0xa7, 0xd8, 0x98, 0xe4, 0x2b, 0xcd, 0x5a, 0x2d, 0xfb,
-      0x29, 0xee, 0x59, 0xef, 0x9c, 0xed, 0x31, 0x7c, 0xcf, 0x6b,
-      0xae, 0xb8, 0x2c, 0x8e, 0xac, 0x86, 0xc5, 0x8c, 0xd6, 0x22,
-      0x19, 0xa1, 0x1b, 0x8a, 0xc6, 0x33, 0xba, 0x4b, 0x26, 0x0b,
-      0x31, 0x2e, 0xd5, 0xbf, 0x80, 0xd2, 0xb9, 0x4d },
-    { 0x53, 0xca, 0xdc, 0xf7, 0xbd, 0x37, 0xab, 0x49, 0x3e, 0x18,
-      0xd1, 0xe4, 0x90, 0x5a, 0x93, 0x78, 0xbd, 0x78, 0x01, 0x0e,
-      0x1d, 0xb9, 0x32, 0xad, 0xf1, 0x4d, 0xda, 0x81, 0x52, 0x89,
-      0x04, 0x18, 0x6f, 0x54, 0x25, 0x09, 0x05, 0x7f, 0xe9, 0x1e,
-      0xd1, 0xe5, 0xf8, 0xaf, 0x67, 0x1e, 0xc3, 0x79, 0xd9, 0xe8,
-      0xd2, 0x06, 0x40, 0x22, 0xa6, 0x91, 0x09, 0xd7, 0x97, 0x0b,
-      0x50, 0x74, 0x62, 0x57, 0x83, 0x44, 0x6b, 0x89, 0x6a, 0xf2,
-      0x0e, 0xad, 0xd5, 0x8b, 0x3d, 0xf2, 0x2f, 0x58, 0x63, 0x89,
-      0x0a, 0x06, 0x96, 0x48, 0x27, 0xdf, 0xfd, 0x4f, 0x15, 0x52,
-      0x7e, 0x5e, 0x1f, 0x99, 0x22, 0x27, 0x53, 0x65, 0xe0, 0xd8,
-      0x77, 0x92, 0x47, 0x87, 0xb9, 0x37, 0xf7, 0xc3, 0xc0, 0x68,
-      0xba, 0x16, 0x95, 0xf0, 0xb2, 0xf1, 0x11, 0x87, 0x08, 0x33,
-      0x06, 0x88, 0x27, 0x34, 0xd3, 0xc8, 0xc3, 0x14 },
-    { 0x90, 0x84, 0x99, 0x64, 0xbf, 0x8c, 0x62, 0xb1, 0x69, 0xbd,
-      0x75, 0xe9, 0xc3, 0x2d, 0x10, 0x46, 0x75, 0x42, 0xa5, 0xae,
-      0xb6, 0x9a, 0x97, 0x60, 0x10, 0x6f, 0x19, 0x0a, 0xa6, 0x50,
-      0xec, 0x5c, 0x36, 0x94, 0x14, 0x85, 0x10, 0xf2, 0x62, 0x24,
-      0x3d, 0xcd, 0xb9, 0xd2, 0x1e, 0x79, 0x42, 0x9e, 0xca, 0xf6,
-      0x78, 0x4b, 0x49, 0x1f, 0x2b, 0xed, 0x01, 0x8b, 0x4e, 0xab,
-      0x9e, 0x42, 0x87, 0x9c, 0x61, 0x75, 0x2e, 0x59, 0xda, 0x55,
-      0xdd, 0x53, 0x4e, 0x10, 0x64, 0x82, 0x23, 0x96, 0x24, 0xd1,
-      0x8c, 0x1e, 0x58, 0x67, 0x7d, 0xc9, 0xe5, 0x95, 0xab, 0xa6,
-      0x79, 0x4b, 0xb1, 0x73, 0xb3, 0x17, 0xb3, 0x01, 0x83, 0x45,
-      0xe2, 0x2b, 0x6a, 0x33, 0x64, 0x91, 0xb0, 0xf8, 0x12, 0x20,
-      0x6d, 0x15, 0xd8, 0x86, 0x60, 0x6c, 0x88, 0x8a, 0xbf, 0x67,
-      0x1b, 0xb5, 0xed, 0xf7, 0x5e, 0x53, 0xd0, 0xff },
-    { 0x3d, 0x7f, 0x6f, 0xfa, 0x46, 0x8c, 0xd7, 0xe8, 0xc2, 0xb7,
-      0x5b, 0xe4, 0x73, 0x58, 0x0d, 0x22, 0xd4, 0xed, 0xbd, 0x5e,
-      0x08, 0xdc, 0x4c, 0xc0, 0xcd, 0xee, 0x18, 0xf0, 0xe9, 0x3c,
-      0x92, 0x68, 0x3e, 0x19, 0x49, 0xab, 0xf6, 0xb7, 0xde, 0x33,
-      0xf6, 0x86, 0x22, 0x09, 0xc4, 0x21, 0xfb, 0x7a, 0xbd, 0x86,
-      0xd2, 0xca, 0xc4, 0x10, 0x12, 0x4b, 0x49, 0xd3, 0x2d, 0x7b,
-      0x87, 0x5e, 0xc5, 0x16, 0xc9, 0x21, 0xb3, 0x37, 0x60, 0x89,
-      0xa4, 0xf2, 0x96, 0xfd, 0xa5, 0x0e, 0xbb, 0x5a, 0x42, 0xf8,
-      0xf9, 0xb4, 0x38, 0x2d, 0x4e, 0x62, 0x42, 0x3e, 0x6e, 0x67,
-      0xfe, 0xbd, 0x7c, 0x71, 0x48, 0x7c, 0x1b, 0x0c, 0xbb, 0x8f,
-      0x67, 0x72, 0xde, 0x9a, 0x92, 0xa9, 0x3a, 0x9d, 0xa5, 0x1a,
-      0x17, 0x88, 0x18, 0x48, 0x62, 0x64, 0x9d, 0xb5, 0xf0, 0x56,
-      0xb1, 0x39, 0x0c, 0xf6, 0x5a, 0x93, 0xc6, 0x61 },
-    { 0x8f, 0xb1, 0x2d, 0x3f, 0x6d, 0xde, 0x74, 0xe6, 0x40, 0x99,
-      0x4d, 0x6f, 0xfd, 0x43, 0x4e, 0x7c, 0x3e, 0x18, 0xc4, 0xfd,
-      0x22, 0x54, 0xab, 0xee, 0x30, 0x3f, 0x9e, 0xb9, 0x1d, 0x16,
-      0xa5, 0x55, 0x3f, 0x06, 0x4e, 0xd4, 0x51, 0x1e, 0x60, 0x19,
-      0x56, 0x75, 0x28, 0xe3, 0x9c, 0x9c, 0x60, 0x17, 0xb5, 0x41,
-      0x92, 0x03, 0x94, 0x92, 0xf2, 0x3a, 0x5f, 0xc6, 0x89, 0x35,
-      0x54, 0x8b, 0xa5, 0x62, 0x55, 0x77, 0x1b, 0xf5, 0x55, 0x65,
-      0x16, 0x33, 0x65, 0x9a, 0x34, 0x2c, 0xd8, 0x3c, 0x21, 0xf4,
-      0x56, 0x12, 0x46, 0x7f, 0x7f, 0x19, 0x5b, 0x60, 0x85, 0x19,
-      0xdf, 0x2b, 0xb2, 0xae, 0x4d, 0x82, 0xbc, 0x69, 0x0a, 0xf5,
-      0x42, 0xdc, 0xe6, 0x8e, 0x56, 0x68, 0x0b, 0x08, 0x90, 0xfe,
-      0xed, 0xc9, 0x9d, 0x75, 0x9d, 0xa6, 0x97, 0x03, 0x38, 0xdf,
-      0xea, 0x7b, 0x29, 0x0c, 0xdf, 0xfb, 0xd5, 0xd1 },
-    { 0x3f, 0xcc, 0x67, 0x31, 0x75, 0xd2, 0x37, 0xb1, 0x4f, 0x93,
-      0x03, 0xa2, 0x06, 0xff, 0x34, 0x53, 0xbe, 0x94, 0x6a, 0x59,
-      0x19, 0xab, 0x1c, 0x97, 0xe7, 0x85, 0x8e, 0xcd, 0x37, 0x59,
-      0x81, 0xec, 0x9b, 0x64, 0x3e, 0x77, 0x86, 0x7c, 0xa0, 0xe9,
-      0x5f, 0x20, 0xfd, 0x2e, 0x4f, 0x47, 0x49, 0x9d, 0xaf, 0x77,
-      0x1f, 0x6d, 0xfe, 0x23, 0x9f, 0x83, 0x29, 0xdd, 0x85, 0x0a,
-      0x26, 0x8a, 0x5a, 0xf7, 0x87, 0x89, 0x69, 0x96, 0x29, 0x32,
-      0xfb, 0x89, 0x13, 0x58, 0xf9, 0x7b, 0x4c, 0x2f, 0x13, 0x07,
-      0x14, 0x68, 0x1a, 0x14, 0xf6, 0xf5, 0x80, 0xa0, 0x4a, 0x2b,
-      0x69, 0x6a, 0x71, 0x6b, 0xa4, 0xdd, 0xe8, 0x9f, 0xfa, 0xd0,
-      0x57, 0x8c, 0xae, 0x91, 0x4f, 0x21, 0x28, 0x23, 0x07, 0x8a,
-      0xc3, 0xef, 0x45, 0x3e, 0x09, 0xf0, 0xb8, 0x7b, 0x7e, 0x4d,
-      0x6c, 0x63, 0x81, 0xa2, 0x29, 0x3c, 0xb7, 0xa4 },
-    { 0x64, 0x51, 0x46, 0xfd, 0xc7, 0x15, 0x1c, 0x34, 0xd4, 0x13,
-      0x45, 0xdc, 0xb3, 0xfa, 0x86, 0x85, 0x75, 0xf0, 0xfb, 0xac,
-      0xaf, 0x42, 0x99, 0x39, 0x24, 0xec, 0x69, 0x03, 0x7e, 0x62,
-      0xa1, 0x88, 0xbe, 0xbe, 0x30, 0xcf, 0xa1, 0xf5, 0x24, 0x9c,
-      0xc3, 0xa5, 0xa0, 0x5d, 0x56, 0x46, 0x12, 0xb7, 0x15, 0x44,
-      0x24, 0xa3, 0x6b, 0x0f, 0x25, 0x4b, 0x60, 0xdd, 0x62, 0xcf,
-      0xdf, 0x0c, 0xb3, 0xc2, 0x2a, 0x2f, 0x5d, 0x62, 0xf1, 0x0f,
-      0xdb, 0xd2, 0x56, 0x08, 0x5a, 0x59, 0x5b, 0x51, 0xbc, 0x46,
-      0x12, 0xf3, 0xe4, 0xc0, 0x9f, 0xb3, 0xf1, 0xdc, 0x1d, 0x4c,
-      0x93, 0xf4, 0x7d, 0xeb, 0x92, 0x6b, 0xf2, 0x12, 0x08, 0x55,
-      0x2c, 0x37, 0xa1, 0x22, 0x24, 0x29, 0xcb, 0xfd, 0x95, 0xa6,
-      0x4a, 0xaf, 0xfa, 0xf7, 0x0e, 0x1f, 0xc1, 0x40, 0x1b, 0x90,
-      0x50, 0x9d, 0xeb, 0xd5, 0xdf, 0x21, 0xf9, 0x20 },
-    { 0x44, 0x8d, 0x3d, 0x72, 0xab, 0xfb, 0x9f, 0x2e, 0x2a, 0x7c,
-      0xa4, 0xa9, 0x4d, 0x00, 0x5d, 0xda, 0x6d, 0xc7, 0x85, 0x05,
-      0x6c, 0x05, 0x0a, 0x74, 0x92, 0xd7, 0x0a, 0x9f, 0x54, 0xba,
-      0x14, 0xce, 0xca, 0xd0, 0x3b, 0xe7, 0xc0, 0x58, 0xfa, 0x80,
-      0x1d, 0xc0, 0x77, 0x55, 0x29, 0xaa, 0x26, 0x5d, 0x43, 0x4d,
-      0x09, 0xb9, 0x81, 0x97, 0xbe, 0x85, 0x7a, 0xf2, 0xd3, 0x5f,
-      0x98, 0x58, 0xfa, 0x48, 0xf1, 0x78, 0x9c, 0x69, 0x6e, 0xd1,
-      0xa9, 0xc3, 0x01, 0xbc, 0x30, 0x05, 0x7b, 0xb1, 0xd0, 0x00,
-      0x6e, 0x21, 0xd5, 0x8f, 0xd3, 0x14, 0x12, 0xb8, 0x95, 0x45,
-      0xa6, 0xaa, 0x51, 0xdc, 0x5a, 0x74, 0xca, 0x53, 0x19, 0x19,
-      0xef, 0x3d, 0x8e, 0x00, 0x20, 0x37, 0x57, 0xac, 0x7e, 0x50,
-      0xfc, 0x17, 0xbb, 0xa6, 0xf1, 0x36, 0x00, 0x63, 0x26, 0xe1,
-      0xec, 0xec, 0x63, 0x3a, 0xba, 0x19, 0x24, 0xf9 },
-    { 0x76, 0x88, 0x14, 0x79, 0xcb, 0x70, 0x19, 0xa5, 0x72, 0x49,
-      0x71, 0x75, 0xd9, 0x2a, 0x30, 0x9f, 0x28, 0x5a, 0x33, 0xdf,
-      0x99, 0x63, 0xc4, 0x59, 0x4d, 0x8c, 0x5d, 0x67, 0x25, 0x92,
-      0x8c, 0x78, 0x20, 0x81, 0x78, 0xec, 0x96, 0xf2, 0xfd, 0x89,
-      0x3d, 0xcd, 0x13, 0x1f, 0xb4, 0x6f, 0x7c, 0xbc, 0xb8, 0x25,
-      0xb1, 0x62, 0xd0, 0xe2, 0xf3, 0x37, 0x40, 0x2e, 0xf5, 0x84,
-      0xe5, 0x48, 0x44, 0xc9, 0x10, 0x8a, 0x28, 0xb8, 0xf6, 0xa4,
-      0x47, 0x0a, 0x0c, 0x61, 0xec, 0x99, 0x56, 0x66, 0xef, 0xdf,
-      0xd3, 0xaa, 0xc7, 0x15, 0xa5, 0x0e, 0xaa, 0x91, 0x13, 0xad,
-      0xe4, 0xec, 0x5f, 0xf6, 0xe4, 0xa3, 0x95, 0x5c, 0xe4, 0x2a,
-      0x3c, 0xd9, 0xf3, 0x3b, 0xb3, 0xf4, 0x56, 0x13, 0x4b, 0x07,
-      0x44, 0x14, 0x86, 0x83, 0x51, 0xbc, 0xa9, 0xae, 0x81, 0x5a,
-      0xdc, 0x56, 0xf1, 0x45, 0x29, 0xb3, 0x39, 0x89 },
-    { 0x67, 0x0e, 0xb0, 0x1c, 0x5e, 0x5a, 0x86, 0x26, 0xf3, 0x76,
-      0x00, 0xfb, 0x53, 0x2c, 0xe1, 0x80, 0x67, 0x13, 0x52, 0x60,
-      0x59, 0xfa, 0xe5, 0x06, 0x50, 0xb9, 0xd0, 0x6e, 0xdd, 0xab,
-      0xed, 0x19, 0xa4, 0x79, 0x24, 0x1c, 0x9f, 0xff, 0x0e, 0x3a,
-      0xde, 0x25, 0x3f, 0x4c, 0x56, 0xcc, 0xe8, 0x15, 0xc3, 0x59,
-      0x25, 0xd0, 0x4b, 0x18, 0x69, 0x2d, 0x17, 0x91, 0x4e, 0x1d,
-      0xb0, 0xb7, 0x12, 0xa7, 0x1c, 0xff, 0x0e, 0xe7, 0xd0, 0x8a,
-      0x26, 0x5d, 0x75, 0xb8, 0xd5, 0x75, 0x8b, 0xf2, 0xe1, 0xd7,
-      0x4b, 0xc0, 0x62, 0x64, 0xa0, 0xb2, 0xae, 0xe5, 0xc2, 0xc5,
-      0x63, 0xb4, 0x4a, 0x9e, 0xad, 0x62, 0x63, 0x60, 0x44, 0x21,
-      0x2a, 0x33, 0x54, 0x15, 0xe8, 0xa2, 0x2c, 0xe0, 0x03, 0xa5,
-      0xe2, 0x1a, 0x5e, 0x11, 0xb9, 0xad, 0x92, 0xbf, 0x65, 0xdb,
-      0xba, 0x43, 0xa1, 0x14, 0x91, 0x76, 0x7e, 0xed },
-    { 0x50, 0x48, 0x52, 0xe7, 0x63, 0x5d, 0xff, 0x27, 0xb7, 0x7f,
-      0x03, 0x66, 0x00, 0x75, 0x16, 0x6a, 0x2d, 0x0f, 0x2f, 0x98,
-      0x1c, 0xba, 0xae, 0x32, 0x1f, 0xa9, 0xc8, 0xf5, 0x91, 0x12,
-      0xf7, 0xd6, 0x2e, 0xe9, 0xcc, 0x15, 0x4b, 0xb9, 0x0b, 0x1f,
-      0x23, 0x55, 0x29, 0x32, 0x7f, 0x4b, 0x79, 0x6b, 0x7b, 0x82,
-      0x12, 0x50, 0xdb, 0x23, 0x45, 0xe9, 0x80, 0x93, 0x89, 0x9e,
-      0x5d, 0x64, 0xee, 0xce, 0x7d, 0x93, 0x23, 0x40, 0x97, 0x5a,
-      0x46, 0xf0, 0xa6, 0x9e, 0x94, 0x30, 0xb5, 0xe4, 0xb4, 0x76,
-      0xfc, 0x3b, 0x3b, 0x4e, 0x7c, 0x2d, 0x13, 0x22, 0x43, 0x52,
-      0xf3, 0x8d, 0xbe, 0xac, 0x7e, 0xff, 0x69, 0xa1, 0x04, 0xf2,
-      0x92, 0x24, 0xdd, 0xf1, 0x91, 0x78, 0x05, 0x41, 0x2a, 0x1a,
-      0x38, 0x45, 0xcf, 0x08, 0xec, 0xc5, 0x7f, 0x24, 0x31, 0xad,
-      0xdf, 0x73, 0xc0, 0xaf, 0x73, 0xcd, 0xbb, 0x43 },
-    { 0x99, 0x2f, 0xe1, 0x51, 0xf7, 0xe9, 0x0c, 0xc4, 0xfb, 0x24,
-      0xdc, 0x40, 0x52, 0x40, 0xf8, 0xb0, 0x50, 0xd0, 0xce, 0xe7,
-      0x61, 0x8c, 0xe6, 0xc4, 0x3f, 0x4c, 0x9a, 0x19, 0xb9, 0x1e,
-      0xae, 0x9c, 0x2f, 0x3a, 0x73, 0x08, 0xe9, 0xa9, 0xe1, 0x3f,
-      0xd0, 0x5e, 0xf6, 0x9b, 0xe8, 0x66, 0x7d, 0x30, 0xab, 0xff,
-      0xd9, 0xfc, 0xa9, 0xc7, 0xde, 0xb9, 0xa0, 0x53, 0x00, 0x02,
-      0x05, 0x8b, 0x31, 0x77, 0x8a, 0x31, 0xb1, 0x2a, 0x1f, 0xab,
-      0xf0, 0x27, 0x77, 0x35, 0x14, 0x0e, 0xd3, 0xc4, 0x29, 0xa0,
-      0xc6, 0x6f, 0xd6, 0x17, 0x38, 0x53, 0xaf, 0x38, 0x71, 0x30,
-      0x5c, 0x24, 0x2d, 0x95, 0x09, 0x08, 0xb0, 0x1b, 0x16, 0xd3,
-      0xcb, 0xe8, 0xe9, 0x93, 0xad, 0x01, 0xde, 0x92, 0x84, 0xba,
-      0xaa, 0xf6, 0x32, 0x6c, 0x07, 0x6a, 0xec, 0x6c, 0x90, 0x78,
-      0x2f, 0x0f, 0x3c, 0xe5, 0xa2, 0xf3, 0x92, 0xfa },
-    { 0x5a, 0x68, 0xbf, 0xa8, 0x4c, 0x5b, 0x71, 0xe0, 0x13, 0x4e,
-      0xcf, 0x4b, 0x9c, 0x8e, 0xb9, 0xfb, 0x1d, 0xc8, 0x16, 0x8a,
-      0x99, 0x2b, 0xcc, 0x2a, 0xca, 0x92, 0xe4, 0x84, 0x9b, 0x60,
-      0x82, 0xa9, 0x73, 0x21, 0xbe, 0xb9, 0xa2, 0xb0, 0xab, 0xd2,
-      0x6e, 0xea, 0x5e, 0x98, 0x38, 0xa5, 0xe3, 0x3d, 0x62, 0x6e,
-      0xe7, 0x5f, 0xc4, 0x41, 0x32, 0x5c, 0xc4, 0x45, 0x1e, 0x9c,
-      0xef, 0x10, 0x35, 0x50, 0xa9, 0xbe, 0x08, 0x0a, 0xcd, 0x50,
-      0xe9, 0x6b, 0xba, 0x5b, 0xb4, 0xa8, 0x47, 0x47, 0x55, 0x73,
-      0x20, 0xb8, 0x4f, 0xa8, 0x48, 0x0c, 0xb3, 0xae, 0xe3, 0x8c,
-      0xb0, 0x9f, 0xdd, 0x98, 0xef, 0xec, 0x98, 0x21, 0xe1, 0xae,
-      0xa3, 0x1e, 0x48, 0xc6, 0x97, 0xb4, 0x27, 0xb0, 0x44, 0xf0,
-      0xa8, 0x28, 0xa4, 0xde, 0xd6, 0x9d, 0x87, 0x87, 0x2f, 0x98,
-      0x44, 0x54, 0xdb, 0x31, 0x38, 0xf1, 0x97, 0xaa },
-    { 0x78, 0xac, 0xfd, 0xf9, 0x9f, 0x5e, 0xf4, 0x39, 0x56, 0xce,
-      0x6e, 0xf7, 0xbe, 0xf1, 0x62, 0x8f, 0xd1, 0x5c, 0x8f, 0xa0,
-      0xa6, 0x33, 0x7b, 0x7c, 0x4b, 0xc2, 0x4a, 0x46, 0x08, 0x5a,
-      0xd5, 0xe7, 0xeb, 0x40, 0xb0, 0x45, 0x81, 0x89, 0x7b, 0xc1,
-      0xff, 0x98, 0x2e, 0x0a, 0x0d, 0x5c, 0xa5, 0x77, 0x71, 0xe0,
-      0xdc, 0x98, 0x40, 0x11, 0xa3, 0x96, 0x91, 0xca, 0x1e, 0x3a,
-      0xb8, 0xcb, 0xbb, 0xec, 0x6a, 0xb3, 0x63, 0xa8, 0x50, 0x9b,
-      0xef, 0x61, 0x48, 0x71, 0x54, 0x8a, 0xe2, 0x41, 0x8f, 0x2e,
-      0x6a, 0x22, 0xf4, 0x93, 0xf4, 0xdb, 0x3c, 0x0e, 0x2f, 0x5a,
-      0x24, 0x53, 0x02, 0x6d, 0x39, 0x17, 0xed, 0x16, 0x86, 0x5b,
-      0x0d, 0x3b, 0x9d, 0x04, 0x14, 0xde, 0x58, 0x85, 0x5b, 0x1c,
-      0x0c, 0x26, 0xd1, 0x05, 0xff, 0xf9, 0x55, 0x02, 0xf8, 0xb0,
-      0xb4, 0xff, 0x3b, 0x45, 0xff, 0x0a, 0x2b, 0xfb },
-    { 0x0a, 0xd9, 0x2d, 0x73, 0xd0, 0x75, 0xa3, 0x66, 0x8c, 0xb4,
-      0xb4, 0x8c, 0xb0, 0x61, 0xc9, 0x49, 0x6f, 0x10, 0xae, 0x0f,
-      0x90, 0x8b, 0x4a, 0x29, 0x66, 0xbc, 0xb8, 0xf0, 0x8b, 0xaa,
-      0x6e, 0xd2, 0xf2, 0x5c, 0x93, 0xf6, 0x90, 0xae, 0x48, 0x90,
-      0x2d, 0xfc, 0x53, 0x32, 0x37, 0xde, 0x86, 0x1f, 0xe8, 0xda,
-      0x25, 0x3c, 0xbf, 0x31, 0xbe, 0x71, 0x98, 0x62, 0xbb, 0x76,
-      0xa0, 0x41, 0x23, 0x1a, 0x53, 0x81, 0x52, 0x18, 0xb8, 0x3a,
-      0x58, 0xe0, 0xe2, 0x30, 0x6e, 0xa0, 0xae, 0x36, 0xb6, 0xf7,
-      0xde, 0x76, 0xa1, 0x24, 0x05, 0xe9, 0xf1, 0x23, 0xcd, 0x93,
-      0x39, 0x29, 0x48, 0x14, 0xcc, 0x52, 0xd2, 0xd6, 0x02, 0x67,
-      0x1f, 0x4a, 0x34, 0x87, 0x39, 0xed, 0xc6, 0xb9, 0xdf, 0xa2,
-      0x2e, 0x1b, 0x95, 0x42, 0x02, 0xa0, 0xc7, 0x7f, 0x61, 0xc4,
-      0x45, 0xbf, 0x7f, 0x15, 0xf8, 0x52, 0x01, 0x89 },
-    { 0x95, 0xbb, 0xd8, 0xa0, 0x70, 0xa6, 0xe9, 0xae, 0x8e, 0xf4,
-      0xdc, 0xaf, 0x07, 0x5b, 0x3c, 0xed, 0x1a, 0x4f, 0xe9, 0x34,
-      0x27, 0x9a, 0xa6, 0x6b, 0x1b, 0x78, 0xb4, 0xba, 0x0b, 0x50,
-      0xa9, 0xeb, 0x5e, 0xbf, 0x80, 0xb7, 0x94, 0xb9, 0x0b, 0xcf,
-      0x08, 0xfa, 0x64, 0xd3, 0x46, 0x42, 0x10, 0x97, 0xdc, 0x2a,
-      0xc1, 0x7b, 0xa3, 0xd7, 0xd8, 0x8f, 0xec, 0x1c, 0xcf, 0xd1,
-      0x98, 0xc3, 0x11, 0x63, 0x9a, 0xdc, 0x51, 0x51, 0xb3, 0xae,
-      0xd5, 0xf6, 0x3e, 0xf2, 0xcb, 0x4d, 0x4a, 0xeb, 0x7f, 0xe8,
-      0xf2, 0x2a, 0x8f, 0x4b, 0x02, 0xf4, 0x01, 0x61, 0x84, 0x7b,
-      0x79, 0x95, 0x13, 0xe6, 0x81, 0xed, 0xea, 0x3b, 0xe0, 0x93,
-      0xd4, 0xbe, 0x89, 0x02, 0xbe, 0x99, 0x15, 0x4b, 0x34, 0x66,
-      0xc2, 0x80, 0x47, 0x78, 0xc6, 0x20, 0x80, 0xcd, 0x89, 0xab,
-      0xbf, 0xb9, 0x5f, 0xed, 0xc2, 0xca, 0x54, 0x8a },
-    { 0x37, 0x5a, 0x88, 0x4f, 0xc1, 0x25, 0xa9, 0x19, 0x48, 0x0d,
-      0xc6, 0x6f, 0xb8, 0x86, 0x7a, 0x2a, 0xad, 0x14, 0x70, 0x59,
-      0xf2, 0x0d, 0xfc, 0xf5, 0xa0, 0xa1, 0x0d, 0x6d, 0xdf, 0xb9,
-      0xcf, 0x21, 0xe2, 0x9f, 0xb0, 0x60, 0x2a, 0xeb, 0xe4, 0x87,
-      0xab, 0x1d, 0x86, 0xb7, 0x2a, 0x35, 0x94, 0x7f, 0x89, 0x30,
-      0x53, 0xfc, 0xc0, 0x55, 0x4e, 0xc1, 0x69, 0xff, 0x35, 0xea,
-      0x51, 0x4f, 0x5c, 0x04, 0xca, 0xc1, 0xe5, 0xd0, 0xbd, 0x07,
-      0xd9, 0x0f, 0xfa, 0x42, 0x9c, 0x71, 0xe2, 0xf0, 0xe3, 0x89,
-      0x07, 0x2b, 0xaa, 0x63, 0x5c, 0x16, 0xd3, 0x36, 0x31, 0x4e,
-      0xf4, 0xe0, 0xaa, 0xde, 0x06, 0x6a, 0x2b, 0xfa, 0xaf, 0x47,
-      0x8e, 0x83, 0x5c, 0x42, 0xe2, 0x47, 0xc9, 0xec, 0xfc, 0x1b,
-      0xd6, 0xa7, 0x75, 0x67, 0xa8, 0x87, 0xb8, 0x23, 0xe3, 0x63,
-      0x59, 0xf9, 0x24, 0x95, 0xe6, 0x14, 0xbb, 0xd0 },
-    { 0x26, 0x8d, 0x81, 0x8b, 0x08, 0xcb, 0x84, 0xec, 0x66, 0xbb,
-      0x09, 0x3b, 0x38, 0x41, 0x53, 0x79, 0x9f, 0xe0, 0xdd, 0xa7,
-      0x19, 0x68, 0x83, 0x8a, 0x01, 0xcd, 0xcd, 0xe2, 0x4f, 0xd1,
-      0x2a, 0xdb, 0xde, 0xc7, 0x5c, 0x81, 0xaf, 0xa6, 0x3c, 0x55,
-      0xc7, 0x30, 0x3c, 0x80, 0x1e, 0xaa, 0x8c, 0x47, 0x26, 0xaa,
-      0x69, 0xea, 0x60, 0x79, 0xc9, 0xa0, 0xfd, 0x97, 0xfb, 0xb0,
-      0xb9, 0x1a, 0x67, 0x63, 0xfd, 0xf3, 0x67, 0x63, 0x54, 0x1e,
-      0x06, 0x67, 0xb9, 0x3e, 0xd9, 0xc9, 0x2f, 0x1c, 0x59, 0x50,
-      0x40, 0x32, 0x5f, 0x99, 0xc8, 0xd3, 0x06, 0x68, 0xba, 0xeb,
-      0xc6, 0x64, 0xd1, 0x3a, 0x0d, 0x86, 0x67, 0x88, 0x64, 0xa0,
-      0xe4, 0xfd, 0x73, 0xca, 0xf7, 0x70, 0x7e, 0xc0, 0x1b, 0xdb,
-      0x1a, 0x54, 0x1a, 0x16, 0x1e, 0x2a, 0x87, 0x5c, 0x6d, 0xab,
-      0x17, 0x8c, 0xbe, 0x2e, 0x12, 0x17, 0xf7, 0xea },
-    { 0x8b, 0x02, 0x73, 0x5c, 0x05, 0x6c, 0xa4, 0x4b, 0x84, 0x19,
-      0xed, 0x4b, 0x01, 0xb5, 0x3a, 0x56, 0x3e, 0xb9, 0x3b, 0x33,
-      0x4f, 0x5f, 0x2b, 0xf5, 0x11, 0x71, 0xfe, 0x3c, 0x44, 0x35,
-      0x51, 0x6a, 0xe2, 0x4c, 0x02, 0x8a, 0x2e, 0x7a, 0x20, 0x8e,
-      0x81, 0x6b, 0x63, 0x3a, 0x0f, 0x97, 0x91, 0x89, 0x88, 0x3f,
-      0xad, 0x37, 0xbd, 0x70, 0x7c, 0x2e, 0xa5, 0xe7, 0x7e, 0xed,
-      0x3a, 0x7d, 0x83, 0x75, 0x86, 0xef, 0x4e, 0xdb, 0x33, 0x9e,
-      0x4a, 0x78, 0x7f, 0x7d, 0x31, 0x64, 0x2b, 0x72, 0x01, 0x40,
-      0xb5, 0xae, 0x04, 0xe4, 0x64, 0x38, 0xd7, 0xee, 0x37, 0xb0,
-      0xcb, 0x5b, 0x9f, 0xa8, 0xe0, 0x66, 0xda, 0x40, 0x99, 0xf2,
-      0xb2, 0x4e, 0xe9, 0xde, 0x24, 0x0c, 0x10, 0x13, 0xbe, 0xcc,
-      0xc1, 0xab, 0x4f, 0xc3, 0x2e, 0x67, 0x47, 0x3d, 0x10, 0x3b,
-      0x73, 0xda, 0xe3, 0x58, 0x41, 0x58, 0x05, 0x55 },
-    { 0x40, 0x0e, 0x3a, 0xa0, 0x4b, 0x4d, 0x85, 0xfe, 0x5a, 0xb4,
-      0x5c, 0x3f, 0x04, 0x36, 0x50, 0x42, 0x58, 0x22, 0xa7, 0x82,
-      0xfd, 0x35, 0x40, 0xd8, 0xb3, 0x2e, 0xcf, 0x7e, 0x58, 0x77,
-      0x3d, 0x4c, 0xf5, 0x71, 0xff, 0xdb, 0xc3, 0x00, 0x6c, 0x0d,
-      0xd1, 0xf0, 0x02, 0x4c, 0x8a, 0x0c, 0x81, 0x82, 0x3e, 0x14,
-      0x9a, 0xf9, 0x5e, 0x98, 0x97, 0x34, 0x16, 0x7d, 0x82, 0x81,
-      0xd7, 0xe3, 0xad, 0x1b, 0xba, 0xe6, 0xc7, 0xfe, 0x8e, 0x1b,
-      0x76, 0xc2, 0xd9, 0x55, 0x2d, 0x19, 0xaf, 0xbc, 0xe2, 0x65,
-      0x97, 0xc6, 0x76, 0x8e, 0xe6, 0x49, 0x1f, 0xfe, 0x48, 0x5d,
-      0x7a, 0xb4, 0x0d, 0x99, 0x5b, 0xc9, 0xec, 0x71, 0xbc, 0x5a,
-      0x91, 0xbd, 0xf9, 0x2f, 0xac, 0x12, 0x0e, 0x6e, 0x2b, 0xfc,
-      0x3b, 0x21, 0x1d, 0xe4, 0xc0, 0x26, 0xf3, 0xfc, 0x28, 0xc1,
-      0xb8, 0x9b, 0xb4, 0x64, 0xe1, 0x01, 0x91, 0x95 },
-    { 0x13, 0x1c, 0x3d, 0xa2, 0x8d, 0xa6, 0xe0, 0x39, 0x4a, 0x42,
-      0xb9, 0xac, 0xf3, 0xa6, 0xa1, 0x98, 0x36, 0x2f, 0x76, 0x47,
-      0xad, 0xaf, 0x1f, 0x4d, 0x09, 0xc1, 0x57, 0xd4, 0x4a, 0x13,
-      0x00, 0x9b, 0xc8, 0x07, 0xc7, 0x79, 0x96, 0x71, 0x85, 0xb1,
-      0x27, 0xc3, 0xe0, 0x32, 0x67, 0xcb, 0x58, 0x6f, 0x3e, 0xd3,
-      0x50, 0xb9, 0xf1, 0x64, 0x51, 0xa7, 0xa3, 0xc2, 0x85, 0x06,
-      0xc8, 0x9f, 0xc3, 0xf5, 0xfe, 0xd6, 0x60, 0xd5, 0x06, 0x21,
-      0xa9, 0x9b, 0xff, 0x38, 0x67, 0xb8, 0xa5, 0x01, 0x22, 0x96,
-      0x65, 0xb2, 0x2e, 0xc9, 0x73, 0xc2, 0x53, 0xdb, 0xda, 0x17,
-      0xc4, 0x1b, 0xc5, 0x10, 0x7a, 0xb7, 0x5e, 0x13, 0xaa, 0xc3,
-      0xe5, 0xe0, 0xac, 0x2e, 0x65, 0x92, 0x23, 0xb1, 0xc6, 0x0e,
-      0xc7, 0x7d, 0x37, 0xa2, 0xed, 0x64, 0x24, 0x13, 0x60, 0x74,
-      0x47, 0x32, 0x16, 0x49, 0x5e, 0x46, 0xe4, 0xa2 },
-    { 0x71, 0xd1, 0xa4, 0x6a, 0x34, 0x54, 0x5c, 0xe9, 0xde, 0x80,
-      0x98, 0xad, 0x44, 0xaa, 0x0f, 0xf0, 0xb9, 0x20, 0xaa, 0xc1,
-      0xb2, 0xc1, 0x76, 0x15, 0xa7, 0xc0, 0x74, 0xf1, 0x1c, 0xb0,
-      0xe8, 0xff, 0x13, 0x15, 0x14, 0xd7, 0x5d, 0x75, 0xf1, 0x54,
-      0x6b, 0x79, 0xcf, 0x97, 0xc4, 0xc6, 0x90, 0xc9, 0x0f, 0xf7,
-      0x83, 0x8b, 0x9d, 0xf1, 0xe7, 0xc8, 0x06, 0x0c, 0xa4, 0xdf,
-      0xcb, 0x02, 0xdb, 0x90, 0x60, 0xc2, 0x61, 0xaf, 0x73, 0x0e,
-      0x83, 0xfd, 0x19, 0x8c, 0x44, 0x4b, 0xf4, 0xc2, 0x08, 0x3c,
-      0x99, 0xbb, 0x45, 0x04, 0xcd, 0x3b, 0x2f, 0x32, 0x3d, 0x32,
-      0xd6, 0x10, 0xfd, 0xa2, 0x51, 0xb9, 0xc5, 0x8d, 0x41, 0x1a,
-      0x80, 0xf5, 0xf4, 0xa2, 0x7c, 0x08, 0x99, 0xbd, 0xec, 0x03,
-      0xf8, 0x12, 0xf4, 0x15, 0xb4, 0x25, 0xd0, 0x4f, 0x44, 0x36,
-      0x4a, 0x78, 0x5f, 0xf1, 0xa7, 0xda, 0x83, 0xba },
-    { 0x6c, 0xd2, 0x69, 0x9f, 0x11, 0x67, 0xf5, 0x21, 0xb9, 0x5c,
-      0xc4, 0x16, 0x53, 0x3d, 0x0a, 0xcb, 0x39, 0x64, 0xff, 0x3a,
-      0x24, 0xc5, 0x2d, 0x4b, 0x3e, 0x90, 0xd7, 0x16, 0x36, 0x48,
-      0xfa, 0xb9, 0x00, 0x8e, 0xab, 0xdf, 0x32, 0x5f, 0xc1, 0x3a,
-      0xd8, 0xcc, 0xf9, 0x0c, 0x17, 0xd3, 0xb6, 0xd5, 0x82, 0x4f,
-      0xda, 0xdd, 0x5e, 0x4d, 0x60, 0xf6, 0x0f, 0x47, 0xb3, 0xa8,
-      0x4f, 0x78, 0x54, 0x0b, 0xc3, 0xb4, 0x4a, 0x85, 0x60, 0xa4,
-      0x56, 0x41, 0x1f, 0x65, 0xda, 0xfd, 0x6e, 0x65, 0xe3, 0xd7,
-      0xf6, 0x37, 0xa5, 0x88, 0x79, 0x3c, 0xec, 0xcf, 0xc5, 0x41,
-      0x0d, 0xb6, 0xca, 0x3b, 0xed, 0x06, 0x27, 0xd3, 0x8b, 0xa4,
-      0x8d, 0x72, 0x62, 0x2c, 0xaa, 0x5a, 0xab, 0x2a, 0xc5, 0xd4,
-      0xd1, 0x30, 0xa0, 0xd8, 0xec, 0xc3, 0x77, 0x2d, 0xda, 0x0d,
-      0x76, 0x17, 0x8f, 0x76, 0xfa, 0x1b, 0x38, 0x2e },
-    { 0x32, 0x7c, 0x06, 0x3f, 0xda, 0x34, 0x5d, 0xc2, 0x19, 0xee,
-      0xe2, 0x74, 0xc7, 0xee, 0xb8, 0x26, 0xfa, 0x2e, 0xfc, 0xb8,
-      0x6c, 0x88, 0xc9, 0x65, 0xe8, 0xf0, 0x37, 0x42, 0x30, 0xab,
-      0x19, 0x6f, 0x93, 0x38, 0xc3, 0x4d, 0xf2, 0x73, 0x55, 0x69,
-      0x4b, 0x4b, 0x19, 0xa6, 0xc6, 0x1a, 0x04, 0xbc, 0x0d, 0xe4,
-      0x17, 0xeb, 0xe2, 0xba, 0xc3, 0x9b, 0xd3, 0x0f, 0xe4, 0x0b,
-      0xa5, 0x8a, 0xcb, 0xb4, 0x7b, 0xbd, 0xc7, 0x49, 0x16, 0xab,
-      0x7b, 0x5e, 0xe1, 0x5f, 0x28, 0x2c, 0x08, 0x7a, 0xda, 0xdd,
-      0x89, 0x27, 0x95, 0xa7, 0x58, 0x57, 0x42, 0xf2, 0xeb, 0x70,
-      0x93, 0xd0, 0xcd, 0x8f, 0x14, 0x42, 0x22, 0xdd, 0x68, 0x93,
-      0x7c, 0x5a, 0x8c, 0x82, 0x54, 0x00, 0x34, 0xf8, 0x30, 0xf3,
-      0x73, 0x26, 0xb0, 0x3d, 0xcf, 0xe2, 0x99, 0xd1, 0xbd, 0xfb,
-      0x2d, 0x8c, 0x0b, 0x3b, 0x12, 0xf4, 0xf3, 0xac },
-    { 0x02, 0x0f, 0x19, 0xd1, 0xc0, 0xdf, 0x68, 0x56, 0xeb, 0x6b,
-      0x9d, 0x2a, 0x36, 0x70, 0x11, 0x2c, 0x9a, 0xfb, 0xa8, 0x22,
-      0x48, 0xb0, 0x1a, 0xf2, 0x7a, 0x42, 0xa9, 0x4b, 0xda, 0x5f,
-      0xa5, 0xbf, 0x1a, 0xf4, 0xc4, 0x96, 0x6c, 0x27, 0xb8, 0x3b,
-      0x72, 0xaa, 0x22, 0xb2, 0xee, 0xcb, 0x4f, 0x87, 0x06, 0x23,
-      0xa1, 0xfe, 0x39, 0xf3, 0xcd, 0x22, 0x1b, 0xe4, 0xe0, 0x59,
-      0x93, 0xb4, 0x87, 0x80, 0x37, 0x04, 0x00, 0xf2, 0x13, 0x0b,
-      0xfb, 0x7c, 0xd1, 0x59, 0x50, 0x9e, 0xda, 0x81, 0x33, 0x36,
-      0xe5, 0x8d, 0xfc, 0xc8, 0x36, 0x6d, 0x6a, 0x5f, 0xc4, 0x21,
-      0x6b, 0x79, 0x02, 0x2d, 0xe2, 0x71, 0xc3, 0xe7, 0xc2, 0xaa,
-      0xb1, 0xc2, 0x5a, 0x16, 0xe6, 0x4e, 0xcc, 0x7b, 0x14, 0x02,
-      0xa8, 0x66, 0xbb, 0xe9, 0x86, 0x9d, 0x19, 0x43, 0xae, 0xfe,
-      0xab, 0x39, 0x9e, 0xff, 0x5b, 0x47, 0xcd, 0x53 },
-    { 0x79, 0xe7, 0x27, 0x20, 0xb0, 0x05, 0x05, 0x44, 0xf7, 0x57,
-      0xe1, 0xff, 0x0c, 0x88, 0x8f, 0x60, 0x99, 0xd0, 0x90, 0xeb,
-      0xac, 0xca, 0x11, 0x60, 0x54, 0xb0, 0x09, 0x2a, 0xf1, 0x8a,
-      0x07, 0x70, 0x26, 0x27, 0x43, 0x86, 0x8b, 0x4f, 0x6b, 0xba,
-      0x47, 0x69, 0x9e, 0xbe, 0x72, 0x0c, 0x3a, 0xdb, 0x91, 0x60,
-      0x58, 0xec, 0x5b, 0x23, 0x17, 0x27, 0x5f, 0xba, 0x16, 0xd3,
-      0xcc, 0xdd, 0xef, 0xce, 0x79, 0xfb, 0xbf, 0xd3, 0xa3, 0xd0,
-      0x57, 0xcf, 0xe3, 0x7e, 0xe2, 0xf2, 0x4c, 0xd6, 0x11, 0x47,
-      0x3b, 0x93, 0x7e, 0xe3, 0x3a, 0x48, 0x62, 0x68, 0xe9, 0xff,
-      0x02, 0x3d, 0x10, 0x28, 0x5a, 0x24, 0x94, 0x40, 0x30, 0x2d,
-      0xd2, 0xbc, 0xcc, 0x4d, 0x9a, 0x78, 0x0a, 0x19, 0xe6, 0x52,
-      0x58, 0x40, 0xb6, 0x18, 0xeb, 0xc6, 0xdb, 0x1d, 0xe5, 0xc5,
-      0x37, 0x05, 0x1a, 0x86, 0xa4, 0xdb, 0xba, 0x20 },
-    { 0x00, 0x1d, 0x3c, 0xe3, 0x70, 0x15, 0x84, 0x6d, 0xe4, 0x28,
-      0xb2, 0xb5, 0x95, 0x11, 0xa0, 0x56, 0xa4, 0x48, 0x79, 0x27,
-      0x38, 0xa1, 0x93, 0x9d, 0x37, 0xaf, 0x7f, 0x83, 0xfb, 0xd1,
-      0x5e, 0x05, 0xe9, 0xb5, 0xbb, 0x45, 0x2a, 0x9f, 0x55, 0x8c,
-      0x58, 0xda, 0xa7, 0x3a, 0xa1, 0x26, 0x85, 0x1c, 0x14, 0xa3,
-      0x85, 0x4e, 0xcb, 0xc5, 0x38, 0xf9, 0x70, 0xc7, 0x9c, 0x56,
-      0x66, 0xcd, 0xbd, 0x8d, 0xe9, 0x61, 0xaf, 0x3e, 0x77, 0x43,
-      0xa9, 0x85, 0xf2, 0x52, 0xca, 0x0c, 0x78, 0x93, 0x75, 0xa1,
-      0x9f, 0x29, 0xd9, 0x7b, 0xde, 0x16, 0x67, 0x6f, 0x54, 0x84,
-      0x55, 0xa0, 0xb9, 0x80, 0x44, 0x6d, 0xd2, 0x45, 0x3c, 0x39,
-      0x5a, 0x3e, 0xe7, 0xaa, 0xd6, 0x1f, 0xd6, 0xba, 0x48, 0xc0,
-      0xa1, 0xdf, 0xb1, 0xa3, 0x97, 0x4e, 0xaa, 0xe6, 0xb3, 0x10,
-      0x63, 0x2a, 0xcf, 0x25, 0x28, 0x20, 0xa2, 0x39 },
-    { 0x4b, 0xb8, 0xc6, 0xfc, 0x40, 0xaf, 0xc6, 0x84, 0xb3, 0x28,
-      0x03, 0x60, 0x79, 0x0b, 0x7a, 0x04, 0x05, 0x75, 0x90, 0x47,
-      0xfc, 0x58, 0x5e, 0x46, 0x07, 0x1b, 0xd5, 0xfc, 0x11, 0xd4,
-      0x01, 0x94, 0x34, 0xcc, 0x13, 0x4a, 0xfc, 0xd2, 0xc4, 0x04,
-      0xe7, 0x36, 0x94, 0xbc, 0xf3, 0x69, 0x3a, 0x18, 0xcc, 0x12,
-      0xa4, 0x9d, 0x56, 0x83, 0x3e, 0xdc, 0x65, 0xed, 0x39, 0xc7,
-      0x59, 0x4d, 0x02, 0xb3, 0xb4, 0xc8, 0x0e, 0x2f, 0xff, 0xb8,
-      0x16, 0x5d, 0x91, 0xcd, 0xd7, 0x54, 0x75, 0x0f, 0x28, 0xe4,
-      0xb1, 0xa1, 0xf7, 0x0b, 0x51, 0x2f, 0x79, 0x7c, 0xa5, 0xab,
-      0x62, 0xb8, 0xd9, 0x08, 0x97, 0xb1, 0x95, 0x10, 0x44, 0xe6,
-      0xc3, 0x43, 0xf5, 0x39, 0x2e, 0x56, 0x2e, 0x7d, 0xe7, 0xc0,
-      0xf6, 0xdb, 0xf3, 0xe3, 0x93, 0x8a, 0x00, 0x9c, 0x56, 0x64,
-      0xd6, 0xbe, 0x36, 0xb9, 0xe1, 0x45, 0xb1, 0xd7 },
-    { 0x36, 0x99, 0xa8, 0x81, 0xb6, 0xa7, 0x7e, 0x78, 0x2e, 0x8f,
-      0xea, 0x9e, 0x9a, 0x13, 0x5d, 0x89, 0xd4, 0xf9, 0xcf, 0xa5,
-      0x6c, 0x43, 0x28, 0x27, 0x99, 0xa3, 0xe8, 0x8d, 0x10, 0xff,
-      0xa6, 0x90, 0xc0, 0x3f, 0x5d, 0xf9, 0x59, 0x12, 0x0b, 0xfc,
-      0x56, 0x96, 0xd5, 0x45, 0x36, 0xd5, 0x05, 0x29, 0xac, 0xd1,
-      0xd6, 0xf2, 0x70, 0x9d, 0xc5, 0x90, 0x86, 0x0c, 0x21, 0x8a,
-      0xc8, 0x2c, 0x9c, 0x16, 0x2f, 0x12, 0x4e, 0x3b, 0x29, 0x35,
-      0x19, 0xeb, 0xeb, 0x8a, 0xf4, 0x44, 0x01, 0x99, 0xb5, 0x3c,
-      0x48, 0x7f, 0xe9, 0xcd, 0x9f, 0xeb, 0xc0, 0x05, 0x39, 0xe4,
-      0xec, 0xf0, 0x8c, 0xb8, 0x14, 0x39, 0x37, 0xe5, 0xb6, 0xd6,
-      0x60, 0x07, 0x27, 0x3b, 0xfe, 0xa3, 0x66, 0xc0, 0xa9, 0x36,
-      0x9c, 0x6e, 0x69, 0x68, 0xa4, 0x0d, 0xb1, 0x33, 0xc9, 0xde,
-      0x31, 0x20, 0xe2, 0xdd, 0xfd, 0x0f, 0x87, 0x96 },
-    { 0x4f, 0x3a, 0x4b, 0x03, 0x20, 0x8a, 0xff, 0x8b, 0x1d, 0xf0,
-      0x8e, 0x9f, 0x82, 0x53, 0x51, 0x87, 0x72, 0x71, 0xf3, 0x9e,
-      0x5e, 0xc3, 0x1c, 0xaa, 0xca, 0x94, 0x75, 0xe9, 0x78, 0x1c,
-      0xb4, 0x73, 0xb9, 0xe0, 0x8e, 0xc0, 0x3d, 0x7a, 0x4d, 0x52,
-      0x83, 0x8d, 0xaa, 0x54, 0xd3, 0xb7, 0xc2, 0x35, 0xee, 0x2c,
-      0xd2, 0x0d, 0x6a, 0x8d, 0x4f, 0x9f, 0x8c, 0x23, 0xc2, 0x5f,
-      0x14, 0x26, 0xa8, 0x0d, 0x79, 0x5e, 0xc6, 0xcb, 0xc5, 0xe6,
-      0x7c, 0x02, 0x94, 0xdb, 0xdf, 0xe2, 0xe9, 0xac, 0x3a, 0x75,
-      0x82, 0xc5, 0x3a, 0x7e, 0x88, 0x34, 0xe9, 0xc5, 0xcb, 0xde,
-      0x41, 0x6e, 0x20, 0x58, 0xb3, 0x7f, 0x06, 0xc1, 0x71, 0x51,
-      0x4f, 0x7c, 0xbf, 0x4d, 0xb7, 0xe2, 0xe9, 0xb3, 0x65, 0x37,
-      0x10, 0x6f, 0xe9, 0xcf, 0x3a, 0x2d, 0xf1, 0xd2, 0x81, 0x54,
-      0x5b, 0xca, 0x33, 0x72, 0x1e, 0xb1, 0xc6, 0x4d },
-    { 0x6d, 0x87, 0x44, 0x46, 0xa6, 0xd1, 0x79, 0xfd, 0x9e, 0x52,
-      0x5c, 0x03, 0x0b, 0x5a, 0x7b, 0x80, 0x44, 0xf2, 0x4f, 0x4a,
-      0x52, 0xae, 0x84, 0xdb, 0x49, 0xbe, 0x1c, 0x18, 0x7a, 0x02,
-      0x32, 0x5e, 0x13, 0x15, 0x2b, 0x3e, 0xb0, 0x20, 0x60, 0x7a,
-      0x56, 0xd7, 0x14, 0xab, 0xd1, 0x04, 0x9d, 0xf4, 0xc4, 0x3d,
-      0x54, 0xfa, 0x5a, 0xc4, 0x88, 0xaa, 0x9f, 0x53, 0x59, 0xfd,
-      0xdf, 0x86, 0xe0, 0xa2, 0xf9, 0x60, 0x38, 0x68, 0x6d, 0xf2,
-      0x0d, 0x7c, 0xb4, 0xec, 0xd5, 0xdb, 0xd7, 0x2b, 0x21, 0xc1,
-      0x24, 0x54, 0xbb, 0x9c, 0x42, 0x1e, 0xec, 0x37, 0xb9, 0x63,
-      0x4a, 0x97, 0xe3, 0xe0, 0xf1, 0x6e, 0xb1, 0x14, 0x63, 0x4e,
-      0x07, 0xd8, 0xe3, 0x11, 0x8b, 0x0f, 0x98, 0x52, 0xaf, 0xb3,
-      0x6d, 0x1d, 0x23, 0xe3, 0x7f, 0xa6, 0xda, 0x22, 0x6d, 0x4e,
-      0x0f, 0x7b, 0x81, 0x07, 0x1e, 0xd0, 0x95, 0xf8 },
-    { 0x3c, 0xf3, 0x84, 0xc9, 0xff, 0x9c, 0x56, 0x09, 0x95, 0xa4,
-      0xac, 0xa9, 0x7b, 0xb7, 0x0f, 0x3d, 0x95, 0xa3, 0x97, 0x34,
-      0x90, 0x4f, 0xc5, 0x31, 0x17, 0xf5, 0x14, 0xad, 0x07, 0xac,
-      0x75, 0x9d, 0x0f, 0x5d, 0x79, 0x1f, 0xaf, 0x08, 0x48, 0xbc,
-      0x5c, 0xaa, 0xc2, 0x70, 0x7d, 0xeb, 0x85, 0x80, 0xa0, 0xed,
-      0xc4, 0xa7, 0x42, 0xc1, 0xd2, 0x13, 0xe0, 0x3f, 0x1f, 0x34,
-      0xf3, 0xfd, 0x3b, 0x74, 0x6e, 0x1a, 0x0f, 0x01, 0xf5, 0x7f,
-      0x7c, 0xeb, 0x27, 0xfb, 0xa8, 0x76, 0xcf, 0x28, 0xcc, 0xc2,
-      0x05, 0xf6, 0xdf, 0x92, 0x31, 0xae, 0x94, 0xe4, 0x99, 0xc2,
-      0xb4, 0xdc, 0xf8, 0xd4, 0x4f, 0x12, 0x4e, 0x19, 0xe0, 0xdf,
-      0x88, 0xfe, 0xe9, 0x1a, 0x71, 0xa7, 0x5a, 0x6d, 0x9d, 0xc6,
-      0x9e, 0xa1, 0x1f, 0xd5, 0x31, 0x6c, 0x37, 0x81, 0xcc, 0xc8,
-      0xd2, 0x9d, 0x07, 0xaa, 0xbe, 0x9a, 0x42, 0xf5 },
-    { 0x2b, 0x24, 0x88, 0x50, 0xee, 0x73, 0xdf, 0x26, 0x3c, 0x67,
-      0xe7, 0x3c, 0x71, 0x03, 0x07, 0x70, 0x8c, 0x8c, 0x54, 0x05,
-      0xd8, 0x56, 0x0a, 0x65, 0x26, 0x48, 0x28, 0xd9, 0xd4, 0x55,
-      0xe8, 0x20, 0x85, 0x52, 0x5d, 0x65, 0xbe, 0x99, 0xa6, 0x08,
-      0x09, 0x98, 0x06, 0xbb, 0x74, 0x7e, 0x5d, 0x2a, 0xf4, 0xd9,
-      0x7a, 0xfb, 0x14, 0x83, 0x21, 0xbd, 0xf3, 0x80, 0xfc, 0xb5,
-      0x05, 0xe4, 0x51, 0xe9, 0x51, 0x17, 0x4e, 0x1a, 0x57, 0x7b,
-      0x24, 0xf4, 0xb6, 0xc5, 0xd9, 0x91, 0x62, 0x93, 0x62, 0xe1,
-      0x1e, 0xf3, 0x39, 0xb7, 0xfe, 0x24, 0xf3, 0x9a, 0x90, 0x58,
-      0x0b, 0x90, 0xce, 0x26, 0xa8, 0xe1, 0xca, 0x86, 0x02, 0xa8,
-      0x79, 0xb2, 0x09, 0xf7, 0x2b, 0x4a, 0x1b, 0x8d, 0xe7, 0x2b,
-      0xf7, 0xb3, 0x49, 0x72, 0x17, 0x42, 0x67, 0x6b, 0x03, 0x99,
-      0x70, 0x05, 0x06, 0xba, 0xce, 0x1f, 0xc9, 0xe3 },
-    { 0x93, 0x8b, 0x3b, 0xcc, 0x6a, 0x3a, 0xc2, 0x15, 0x17, 0x26,
-      0x1e, 0xce, 0x74, 0x41, 0x4a, 0x1c, 0xa1, 0x08, 0xb5, 0x4d,
-      0x1d, 0x46, 0x21, 0xd1, 0x52, 0x48, 0x67, 0x58, 0xe8, 0x1b,
-      0x0d, 0xf0, 0xac, 0x07, 0xf2, 0xa3, 0x73, 0xce, 0x49, 0xe8,
-      0xb2, 0xf9, 0xd4, 0x41, 0xc1, 0x26, 0xbc, 0xbe, 0x63, 0x48,
-      0xf7, 0xf2, 0xe6, 0x6c, 0x66, 0xf6, 0x4b, 0x90, 0x36, 0x3d,
-      0x74, 0xc6, 0x69, 0x75, 0x12, 0x48, 0xc5, 0x8f, 0x62, 0xd8,
-      0x43, 0xb9, 0x6c, 0x56, 0xb8, 0xef, 0x81, 0x0f, 0xcc, 0x6c,
-      0xdb, 0x0e, 0x58, 0x7c, 0xb5, 0xed, 0x29, 0x45, 0x07, 0x1a,
-      0x02, 0x10, 0xa6, 0xb2, 0x34, 0x4a, 0x52, 0xc2, 0x07, 0xd6,
-      0xa8, 0xb2, 0x3e, 0x40, 0x07, 0xa2, 0x86, 0x19, 0x1f, 0x2c,
-      0xa1, 0xc7, 0x78, 0x22, 0x4c, 0x18, 0x4f, 0xb4, 0x10, 0xb2,
-      0x21, 0x73, 0xcd, 0xe6, 0x85, 0x41, 0x15, 0x9f },
-    { 0x6c, 0xff, 0x58, 0xa5, 0xd9, 0xe8, 0x9d, 0x6b, 0x24, 0xe8,
-      0xc9, 0xed, 0x15, 0x30, 0x73, 0x41, 0x98, 0x47, 0x46, 0x07,
-      0x84, 0xe8, 0x3c, 0x06, 0x8a, 0xe7, 0xe0, 0xe8, 0xf2, 0xda,
-      0xce, 0x56, 0x79, 0x70, 0x17, 0x9b, 0x93, 0x74, 0x7e, 0xa5,
-      0x60, 0xf7, 0xa1, 0xb5, 0xa5, 0x5b, 0x44, 0xb7, 0xae, 0x46,
-      0x55, 0xe5, 0x74, 0xd6, 0xeb, 0x5f, 0xb5, 0x66, 0xb7, 0x90,
-      0x92, 0x53, 0x3d, 0x97, 0x74, 0x02, 0x05, 0x76, 0x56, 0xf7,
-      0x6d, 0x5f, 0x81, 0x8c, 0x2a, 0xec, 0xf5, 0x54, 0x2d, 0xf5,
-      0xe6, 0x0f, 0xb6, 0x1a, 0xda, 0x0b, 0xb6, 0x4c, 0xf3, 0x04,
-      0xfc, 0x58, 0x49, 0x10, 0x1b, 0x06, 0x1c, 0x3a, 0x04, 0x34,
-      0xaa, 0xa6, 0x57, 0xa9, 0x97, 0x08, 0x96, 0x06, 0xdc, 0xd7,
-      0x3a, 0xcb, 0x8e, 0x65, 0xfb, 0x2a, 0x80, 0xe8, 0x80, 0x36,
-      0xa9, 0xe4, 0xa1, 0x6b, 0xe4, 0xde, 0xd3, 0x40 },
-    { 0x5f, 0xe4, 0xac, 0x8f, 0x31, 0xb7, 0x93, 0x27, 0x5f, 0x67,
-      0xf8, 0xaa, 0xeb, 0x93, 0x6a, 0xf7, 0x3c, 0x62, 0x7f, 0xc5,
-      0x48, 0x63, 0xb3, 0xac, 0xc3, 0x3f, 0x83, 0xd8, 0x04, 0x6e,
-      0x2e, 0x48, 0x7f, 0xa8, 0x47, 0xe6, 0x6e, 0xc1, 0x3f, 0x84,
-      0x13, 0x3d, 0x54, 0x44, 0xcc, 0xc8, 0xc7, 0xdf, 0xb1, 0xd4,
-      0x04, 0xdc, 0x38, 0xd3, 0x17, 0xe0, 0x0b, 0x68, 0x0b, 0x0a,
-      0xff, 0x18, 0x20, 0xb8, 0xfb, 0xbb, 0x2f, 0xa6, 0xd0, 0x23,
-      0x3f, 0xdc, 0x35, 0x00, 0x10, 0x13, 0x80, 0x9f, 0x50, 0xf4,
-      0x05, 0x5c, 0x3b, 0x1e, 0x9b, 0x45, 0x38, 0x96, 0xd1, 0x48,
-      0x46, 0x7d, 0x60, 0x7d, 0x97, 0x98, 0x25, 0x5e, 0x90, 0x7a,
-      0x03, 0xe4, 0x15, 0xb7, 0xf7, 0x99, 0x8d, 0x0b, 0x09, 0xbd,
-      0x88, 0x05, 0xe1, 0xd1, 0xf2, 0x25, 0x1d, 0x2f, 0xe7, 0xd6,
-      0x50, 0x8c, 0x01, 0xb0, 0x03, 0xe5, 0x1f, 0x68 },
-    { 0x81, 0x37, 0x71, 0x64, 0x12, 0x1c, 0x05, 0x48, 0x20, 0x93,
-      0x1c, 0x89, 0xeb, 0x2a, 0xbd, 0xad, 0x86, 0xe2, 0x54, 0xc9,
-      0x69, 0x77, 0xa4, 0x20, 0x29, 0x0d, 0x95, 0xf2, 0x20, 0x10,
-      0xf2, 0xe7, 0x8d, 0xcc, 0x0c, 0x42, 0x49, 0xa2, 0x78, 0x64,
-      0x69, 0xc9, 0xcf, 0xb0, 0xb1, 0x84, 0xce, 0xe8, 0xdd, 0x8d,
-      0xec, 0x2b, 0x34, 0xe7, 0xe7, 0x12, 0x55, 0xc3, 0x85, 0x93,
-      0x00, 0xbb, 0x42, 0xdc, 0xba, 0xfc, 0x1d, 0x34, 0x6b, 0x83,
-      0xe9, 0x5c, 0x18, 0x63, 0x7c, 0x7c, 0x7f, 0xef, 0x96, 0xd0,
-      0x06, 0x6c, 0x55, 0xfb, 0x99, 0xa4, 0x6e, 0xaf, 0x54, 0x54,
-      0xa7, 0xd4, 0x69, 0x37, 0x1c, 0x95, 0xfd, 0xd1, 0x1f, 0x04,
-      0x9c, 0x22, 0xbc, 0xd4, 0x7b, 0x01, 0x87, 0x26, 0x6f, 0xb0,
-      0x7b, 0x4a, 0x05, 0xdb, 0x12, 0xa3, 0xad, 0x5c, 0x7e, 0xd4,
-      0x58, 0x1a, 0xa4, 0xbf, 0x8b, 0x6f, 0x40, 0x1e },
-    { 0x79, 0xc2, 0x80, 0xee, 0x9c, 0xd2, 0xdb, 0x98, 0xbf, 0x24,
-      0x73, 0x5c, 0xd2, 0xf1, 0x46, 0xfe, 0x4d, 0x7b, 0xb3, 0x61,
-      0x82, 0xe8, 0xc5, 0xba, 0x92, 0x32, 0xb3, 0x7e, 0xa6, 0x00,
-      0x85, 0x15, 0x31, 0xfc, 0x58, 0x82, 0xf8, 0xf2, 0xc0, 0x75,
-      0x8c, 0xcd, 0x79, 0xb0, 0x67, 0x62, 0x2c, 0x9e, 0xe0, 0xcf,
-      0x16, 0xee, 0xc4, 0x7c, 0xa8, 0x96, 0xd7, 0xf6, 0x58, 0x52,
-      0x7c, 0x25, 0x0c, 0x78, 0x57, 0x3e, 0xbd, 0x17, 0x51, 0xfd,
-      0xff, 0x34, 0x56, 0x2a, 0xbc, 0xfa, 0x67, 0x7d, 0x0a, 0x92,
-      0xba, 0xda, 0xd7, 0xb1, 0x02, 0xf7, 0x1b, 0xef, 0x3e, 0x2c,
-      0xfb, 0xd9, 0xb3, 0x85, 0x38, 0x2a, 0x24, 0x2f, 0xa7, 0xf9,
-      0x62, 0x74, 0x46, 0x17, 0x5f, 0x02, 0x73, 0x7d, 0x48, 0x76,
-      0xee, 0xdf, 0x6e, 0x13, 0x88, 0xc2, 0x10, 0x78, 0xa7, 0xad,
-      0x62, 0x66, 0xb2, 0x5e, 0x9c, 0x5a, 0x8e, 0xdf },
-    { 0x75, 0x80, 0x73, 0xa4, 0xa9, 0xe3, 0xff, 0x4f, 0x9f, 0xd9,
-      0xf7, 0x91, 0x52, 0xc8, 0xf4, 0x08, 0x3f, 0x9d, 0xd5, 0x78,
-      0xb5, 0xbe, 0x5b, 0xe4, 0x26, 0xdb, 0xc5, 0x8e, 0x73, 0xe4,
-      0x0e, 0x3b, 0xe0, 0xb0, 0x44, 0x26, 0xb5, 0x1e, 0x38, 0xbc,
-      0x3e, 0x3a, 0xf3, 0xc6, 0x9c, 0x66, 0x27, 0x4b, 0x1b, 0x2b,
-      0xf8, 0x9f, 0x18, 0x3e, 0xae, 0x42, 0x6c, 0x51, 0x23, 0x5c,
-      0xce, 0xe6, 0xb6, 0x06, 0x57, 0x0c, 0x5b, 0xb7, 0x81, 0x6b,
-      0x62, 0x30, 0x24, 0xd2, 0x8c, 0xa0, 0x6b, 0xc1, 0x4b, 0x2e,
-      0x17, 0xaa, 0x5a, 0xea, 0x8e, 0x1a, 0xb8, 0x20, 0x73, 0x39,
-      0xe7, 0x21, 0x67, 0x6d, 0xe2, 0x50, 0xab, 0x83, 0x89, 0x97,
-      0x82, 0xc1, 0x00, 0x1c, 0xac, 0xf0, 0x64, 0xdc, 0x9f, 0xc4,
-      0x88, 0x5e, 0xa8, 0xc0, 0x49, 0x16, 0xb0, 0x4a, 0xc4, 0x8e,
-      0xbd, 0xcc, 0x82, 0x03, 0xf2, 0xb4, 0x81, 0x22 },
-    { 0x3f, 0x3e, 0x34, 0x58, 0xfa, 0xf6, 0x6a, 0xa8, 0x93, 0x42,
-      0xa7, 0xfa, 0x86, 0x61, 0xd3, 0x2d, 0xfb, 0xab, 0x9f, 0xa1,
-      0x49, 0xe9, 0xe1, 0x04, 0x06, 0xe5, 0x25, 0x99, 0xb4, 0xfd,
-      0x4c, 0x45, 0x2d, 0x21, 0x64, 0x76, 0x08, 0xc7, 0xf3, 0xff,
-      0x3d, 0x0b, 0x10, 0xbf, 0xfd, 0x7b, 0xe6, 0xc7, 0xbd, 0xa4,
-      0xc8, 0x24, 0x29, 0x7e, 0xe2, 0x03, 0x4b, 0xc0, 0xd0, 0x30,
-      0xa9, 0xfd, 0x97, 0x83, 0x14, 0x64, 0x6e, 0x53, 0xcf, 0x4b,
-      0x84, 0x32, 0xde, 0xf4, 0x44, 0xc1, 0x13, 0x66, 0x84, 0x3a,
-      0x56, 0xd5, 0x75, 0x0c, 0x3c, 0x47, 0x4d, 0xbd, 0x2e, 0x16,
-      0x6d, 0xe7, 0xc8, 0xa0, 0xe2, 0x4c, 0xc5, 0xd1, 0x8a, 0x2a,
-      0x75, 0x53, 0x66, 0x07, 0xe8, 0x4b, 0xd3, 0x85, 0xac, 0x79,
-      0x54, 0x13, 0xf2, 0x06, 0xbf, 0xd6, 0x13, 0xa2, 0xa1, 0xb6,
-      0x7d, 0x27, 0xb0, 0x57, 0x86, 0x91, 0xca, 0x22 },
-    { 0x64, 0x0d, 0x20, 0xc4, 0x34, 0xc2, 0x94, 0xef, 0x1e, 0x9e,
-      0x17, 0xed, 0x6c, 0x48, 0x29, 0x5e, 0x44, 0x1e, 0xed, 0xe2,
-      0x2a, 0x0e, 0x2f, 0x63, 0x56, 0xd9, 0xf8, 0x07, 0x3c, 0x83,
-      0x14, 0xae, 0xe7, 0x7b, 0x2e, 0x4c, 0xc1, 0x43, 0x3d, 0x67,
-      0xc8, 0xee, 0x32, 0x3e, 0x30, 0xc7, 0x8d, 0x2b, 0xd8, 0x2d,
-      0x5e, 0x9f, 0x65, 0x45, 0x7d, 0x95, 0x87, 0x34, 0xed, 0xdc,
-      0xfc, 0x40, 0xe8, 0x1b, 0xb7, 0x63, 0x87, 0x58, 0x35, 0x29,
-      0x2c, 0x32, 0xb8, 0xfa, 0x29, 0x56, 0x19, 0x9e, 0x5f, 0x98,
-      0xf9, 0x9e, 0xe9, 0xdf, 0xed, 0xe1, 0xf0, 0x9c, 0x8a, 0x69,
-      0x65, 0x53, 0xfd, 0x9b, 0xb9, 0xc3, 0x42, 0x3e, 0xca, 0x49,
-      0x51, 0x5a, 0x29, 0x35, 0x02, 0x76, 0xcd, 0x9c, 0x9b, 0xf4,
-      0xef, 0xf5, 0xb6, 0x77, 0xd4, 0xac, 0x49, 0xdf, 0x64, 0xeb,
-      0x51, 0xec, 0x35, 0xaf, 0x95, 0x15, 0x97, 0xaa },
-    { 0x0f, 0x9c, 0x1c, 0xa8, 0xc0, 0xd9, 0x28, 0x16, 0xb9, 0x68,
-      0x90, 0x2a, 0xc7, 0x2e, 0x05, 0xc1, 0x8e, 0xe4, 0x0d, 0x66,
-      0x34, 0x9a, 0xa6, 0x39, 0xf3, 0x9e, 0x46, 0x09, 0x91, 0x2b,
-      0xd1, 0x7a, 0xdf, 0xe5, 0x2b, 0x11, 0x87, 0x6c, 0x29, 0xc3,
-      0x69, 0xa0, 0x74, 0xb6, 0x28, 0x57, 0x42, 0xe8, 0xb6, 0x30,
-      0x2b, 0x33, 0x0f, 0x32, 0xd3, 0x67, 0x8b, 0xc4, 0x09, 0x4d,
-      0x57, 0x46, 0x0e, 0x65, 0xca, 0x8e, 0x35, 0x1d, 0xfc, 0x9f,
-      0x1b, 0x73, 0x4e, 0x46, 0x1a, 0xca, 0x6d, 0x4a, 0xd4, 0xc2,
-      0x29, 0xb6, 0xef, 0x13, 0x30, 0x3f, 0x07, 0xa8, 0x8d, 0x9d,
-      0x47, 0xdc, 0x25, 0x49, 0xfc, 0x46, 0xd8, 0x0b, 0xdc, 0xfc,
-      0x1d, 0xe5, 0x0d, 0xb7, 0xb3, 0x6e, 0x74, 0x07, 0x45, 0xac,
-      0xd5, 0x2a, 0x07, 0x4c, 0x35, 0x45, 0xf3, 0x15, 0x05, 0x3a,
-      0x4e, 0x9a, 0x0b, 0x8e, 0x32, 0x84, 0xd5, 0x13 },
-    { 0x7e, 0x31, 0xc1, 0x2f, 0x45, 0xd3, 0x6e, 0xc5, 0x34, 0xbd,
-      0x9b, 0xa7, 0x09, 0x8a, 0x82, 0x40, 0x9b, 0x9a, 0xce, 0xc6,
-      0xe6, 0xe6, 0xff, 0x33, 0x63, 0x94, 0x9c, 0x91, 0x3e, 0x72,
-      0x63, 0xf8, 0x3d, 0xb4, 0x7f, 0x70, 0xc6, 0x5e, 0x3e, 0xaf,
-      0x48, 0x59, 0x3d, 0xb8, 0xb6, 0x63, 0x0f, 0xb1, 0x83, 0x20,
-      0x27, 0x89, 0xd7, 0x69, 0x4f, 0x9b, 0x58, 0xad, 0x74, 0xb0,
-      0x7b, 0x29, 0x0d, 0xfd, 0x5e, 0xa6, 0x0d, 0xfa, 0x66, 0x08,
-      0xb3, 0x88, 0xcf, 0x25, 0x67, 0x30, 0x0a, 0x3b, 0x13, 0x26,
-      0x73, 0x13, 0x99, 0xa3, 0x0b, 0x4d, 0xca, 0x09, 0x4b, 0x63,
-      0x88, 0x54, 0xd5, 0x37, 0x34, 0x51, 0x72, 0xc9, 0x18, 0xcb,
-      0x65, 0xe4, 0x08, 0xf9, 0x13, 0xa3, 0x20, 0xd8, 0x97, 0xf0,
-      0xc5, 0xcc, 0xb6, 0xaa, 0x53, 0x47, 0x15, 0xd3, 0x62, 0x8c,
-      0x1e, 0xbb, 0xaa, 0xb3, 0x67, 0x43, 0x3d, 0xf3 },
-    { 0x1a, 0x21, 0x9c, 0x45, 0x32, 0x6d, 0x53, 0x57, 0x4d, 0xe4,
-      0x1a, 0x30, 0x7e, 0x23, 0xba, 0x60, 0xac, 0x19, 0x6c, 0xf5,
-      0x33, 0x7c, 0xa1, 0xbb, 0xc5, 0x3b, 0x7e, 0x03, 0xfc, 0x4f,
-      0xbb, 0x2e, 0x86, 0xbe, 0x92, 0xd3, 0xef, 0xc4, 0xd9, 0x3c,
-      0x4f, 0x64, 0xee, 0x41, 0x0e, 0x2b, 0x37, 0x47, 0x74, 0x1f,
-      0x0d, 0x73, 0x15, 0x6c, 0x4e, 0xe1, 0xfa, 0x91, 0x92, 0x5d,
-      0xdc, 0xc7, 0x22, 0x23, 0x76, 0xb3, 0xbf, 0xad, 0xfc, 0x94,
-      0x70, 0x76, 0x33, 0x6e, 0x30, 0x9e, 0xde, 0x13, 0xfd, 0x1b,
-      0x7a, 0x46, 0x31, 0xbe, 0x79, 0x69, 0xa1, 0x0d, 0xfd, 0xd5,
-      0xfc, 0x30, 0xcf, 0xfb, 0xb4, 0x06, 0x66, 0x0c, 0x8d, 0xfa,
-      0x95, 0x9c, 0xb3, 0xbc, 0xb9, 0xc3, 0x00, 0x5f, 0x94, 0x43,
-      0x1f, 0x97, 0x1e, 0xfa, 0xcb, 0x00, 0x24, 0xab, 0x61, 0xd8,
-      0xbe, 0x28, 0x1d, 0x68, 0x0d, 0xfd, 0x2d, 0xd7 },
-    { 0x17, 0xaa, 0xa9, 0x99, 0xbc, 0x90, 0x19, 0x2f, 0xe0, 0x2b,
-      0xcf, 0x77, 0xb6, 0xd0, 0xbf, 0x93, 0x6a, 0xc1, 0x53, 0x7e,
-      0xf8, 0x03, 0x06, 0x62, 0xf0, 0x4c, 0xe5, 0x90, 0xbe, 0xa6,
-      0x94, 0x03, 0x73, 0xcd, 0x50, 0x2d, 0x43, 0x74, 0x42, 0xd1,
-      0x92, 0xff, 0x23, 0x29, 0x95, 0x56, 0x6b, 0xe6, 0x42, 0x2a,
-      0x33, 0x0a, 0xc4, 0xf8, 0x9c, 0xb8, 0x95, 0x3e, 0x69, 0xb2,
-      0x5b, 0x53, 0xf1, 0xc3, 0x4d, 0x6c, 0x45, 0x7f, 0x69, 0xe5,
-      0x7f, 0x8e, 0xfd, 0x0d, 0xe2, 0xcb, 0x2b, 0x0c, 0x81, 0x20,
-      0x78, 0xe1, 0x0e, 0xc1, 0x82, 0xcc, 0x60, 0x43, 0x99, 0x7c,
-      0x8e, 0x35, 0xa2, 0xfc, 0x0e, 0xdb, 0xc0, 0xce, 0xc2, 0xe2,
-      0xff, 0xdc, 0x77, 0x71, 0xc2, 0x63, 0x90, 0x67, 0x3d, 0x8a,
-      0x19, 0x2f, 0x2e, 0x23, 0x18, 0x06, 0x7b, 0x6c, 0x99, 0x63,
-      0xfd, 0xcf, 0x7e, 0xf8, 0xaa, 0x4d, 0xb0, 0xbc },
-    { 0x6b, 0x28, 0x2a, 0xf0, 0xa5, 0xf3, 0xb2, 0x4a, 0xfb, 0xd5,
-      0xff, 0x8c, 0x22, 0x64, 0x74, 0xbc, 0x3b, 0x4b, 0x2d, 0x8f,
-      0xbe, 0x76, 0x08, 0xef, 0xa2, 0x8f, 0xd8, 0x6b, 0xa5, 0xbf,
-      0xd2, 0x67, 0x0f, 0x45, 0x6a, 0x4c, 0x0f, 0x97, 0xfa, 0x97,
-      0x78, 0xbe, 0xdd, 0xe1, 0x21, 0x4f, 0x96, 0xc5, 0xe8, 0x92,
-      0x5e, 0x91, 0xb4, 0x3b, 0x68, 0x13, 0x0a, 0x44, 0xa0, 0xe5,
-      0x0e, 0x4a, 0x49, 0xbe, 0x94, 0xb5, 0x5c, 0x87, 0x4f, 0xf0,
-      0x6b, 0x25, 0xf4, 0x00, 0xac, 0x1e, 0xdd, 0x20, 0x45, 0xc0,
-      0x72, 0x17, 0xfd, 0xd9, 0xbd, 0xd6, 0x72, 0xcf, 0x23, 0xf9,
-      0x9c, 0x36, 0xdd, 0x95, 0xf7, 0xa9, 0xa6, 0xff, 0x3b, 0x35,
-      0xea, 0x17, 0xe2, 0x7c, 0x1a, 0x14, 0x40, 0xe5, 0x5b, 0x88,
-      0x46, 0x2f, 0x83, 0x5d, 0xee, 0x43, 0x3b, 0x94, 0x68, 0x51,
-      0x0d, 0x3d, 0x56, 0x43, 0x8e, 0x55, 0xdb, 0x2e },
-    { 0x6d, 0x4f, 0x5d, 0x23, 0x54, 0x70, 0x6e, 0xbf, 0xb6, 0x64,
-      0xf5, 0x29, 0xee, 0x8d, 0x97, 0x62, 0x13, 0xe6, 0x44, 0x27,
-      0x2b, 0x41, 0x2d, 0xfb, 0x42, 0x9d, 0x16, 0x7b, 0x48, 0x02,
-      0xc2, 0x45, 0x76, 0xa5, 0x45, 0xc6, 0xc2, 0xbe, 0x9f, 0x3d,
-      0x80, 0xb0, 0xbd, 0x68, 0xb2, 0x30, 0x6b, 0x0e, 0xee, 0x37,
-      0x8b, 0xf4, 0xa8, 0x02, 0x45, 0xde, 0x69, 0xe9, 0xbe, 0x5c,
-      0x59, 0x45, 0x50, 0x88, 0x2a, 0x2b, 0x2d, 0x2d, 0x0b, 0xfd,
-      0x87, 0xb1, 0x10, 0x2d, 0xdf, 0x09, 0x8f, 0xd2, 0xfb, 0x64,
-      0x14, 0x5d, 0x94, 0x66, 0x95, 0xa7, 0xac, 0xb4, 0x91, 0x14,
-      0x14, 0xd3, 0x08, 0x3e, 0x16, 0xc4, 0x3f, 0x94, 0x66, 0xd3,
-      0x75, 0x54, 0x78, 0x33, 0x72, 0xbd, 0x6e, 0x3d, 0xeb, 0x44,
-      0x68, 0x42, 0x59, 0x1c, 0x38, 0xd6, 0xa4, 0x45, 0xe2, 0x8c,
-      0x78, 0xfc, 0x02, 0x5f, 0x63, 0x41, 0xa5, 0x95 },
-    { 0x4a, 0xaf, 0x0b, 0x4f, 0xd6, 0x5d, 0x34, 0xad, 0x6e, 0xda,
-      0x93, 0xc4, 0x40, 0xdb, 0x81, 0xb4, 0x55, 0x1f, 0xc8, 0x72,
-      0xb9, 0x97, 0x7d, 0x90, 0xe7, 0x8b, 0xd7, 0xa5, 0x74, 0x07,
-      0x0b, 0xb3, 0x9c, 0x2a, 0x5e, 0x92, 0x58, 0xf3, 0x75, 0x80,
-      0xb2, 0x08, 0x51, 0x70, 0x01, 0x16, 0xde, 0xb6, 0xe0, 0xfe,
-      0x46, 0x78, 0x24, 0xd0, 0x5f, 0x74, 0xd2, 0xf0, 0xa7, 0xdd,
-      0x2f, 0x07, 0xae, 0xa3, 0xa9, 0xe3, 0xd5, 0x9f, 0x79, 0xb7,
-      0x8a, 0x26, 0x72, 0xeb, 0xa5, 0x7e, 0x88, 0x18, 0x43, 0x4d,
-      0x02, 0x8d, 0xca, 0x62, 0x63, 0xc9, 0x64, 0x87, 0x3e, 0x30,
-      0x8e, 0x6f, 0xf3, 0x7d, 0xcb, 0xa6, 0x33, 0x5c, 0xe6, 0xce,
-      0xa7, 0xac, 0x78, 0x1e, 0x0a, 0x12, 0x6d, 0x42, 0xb3, 0xb8,
-      0x1e, 0x5b, 0xfd, 0xc8, 0x07, 0xe0, 0x7b, 0xb6, 0xd0, 0xbf,
-      0x35, 0xc8, 0xf2, 0xb6, 0x00, 0xba, 0x9f, 0x88 },
-    { 0x8b, 0x2c, 0xbd, 0x39, 0x82, 0xbc, 0x63, 0x37, 0xa1, 0xd4,
-      0x16, 0x5b, 0x1c, 0x2e, 0x14, 0xd7, 0xf9, 0x9c, 0x52, 0x6b,
-      0xd6, 0xeb, 0xf3, 0xa9, 0x14, 0x4d, 0xad, 0xe1, 0xa7, 0x21,
-      0xec, 0xd9, 0x72, 0xae, 0xc5, 0x77, 0xb2, 0xc1, 0x1f, 0xb1,
-      0x16, 0xde, 0xde, 0x4e, 0x09, 0x70, 0x18, 0xc7, 0x11, 0xa5,
-      0xa8, 0x04, 0x8b, 0xe4, 0x4a, 0xa0, 0x06, 0xf9, 0x83, 0x6b,
-      0x85, 0x72, 0x86, 0x36, 0x64, 0xde, 0x98, 0x9a, 0x25, 0xbc,
-      0x04, 0xdb, 0xc1, 0xcd, 0xd5, 0x2f, 0xa0, 0x61, 0xdb, 0xdb,
-      0x4e, 0xef, 0x38, 0x6b, 0x8b, 0xd9, 0xc4, 0x66, 0xb2, 0x49,
-      0x0f, 0xc0, 0x92, 0x1d, 0x32, 0xdd, 0xd8, 0xdb, 0xfa, 0xb5,
-      0x17, 0x3b, 0x86, 0x85, 0xef, 0x3c, 0xae, 0x87, 0x8f, 0xa3,
-      0xec, 0x58, 0xb0, 0x9e, 0x7d, 0xad, 0xbc, 0x18, 0x1e, 0xad,
-      0x9b, 0xef, 0x25, 0x06, 0x35, 0x14, 0xc7, 0xaf },
-    { 0x57, 0xe2, 0x83, 0x04, 0x7d, 0xbe, 0x36, 0x70, 0x22, 0x0e,
-      0xea, 0xec, 0x8f, 0xc5, 0xc8, 0x31, 0x86, 0xc2, 0x82, 0x4e,
-      0x87, 0x4c, 0xcd, 0x58, 0x39, 0x9a, 0x79, 0xc8, 0xf0, 0x24,
-      0x3c, 0xf5, 0x23, 0xdf, 0x80, 0xe6, 0x08, 0x6e, 0x33, 0xf6,
-      0x04, 0x1e, 0xc0, 0xb5, 0x45, 0x61, 0x6b, 0xfd, 0xd1, 0x55,
-      0xf5, 0x78, 0x03, 0xbf, 0x1d, 0x4c, 0xcc, 0x64, 0xee, 0xb3,
-      0x35, 0xde, 0xea, 0xe7, 0x9a, 0xa3, 0xf4, 0xb3, 0xee, 0x40,
-      0x5e, 0x89, 0xc7, 0x0c, 0xa9, 0x3b, 0x06, 0xba, 0x06, 0xd2,
-      0xca, 0x14, 0xf1, 0xa7, 0xa3, 0x19, 0x48, 0x8a, 0xbd, 0x32,
-      0x98, 0xd1, 0x48, 0x7c, 0x2a, 0x2d, 0x3f, 0xc2, 0x57, 0xb3,
-      0xc5, 0x76, 0x2b, 0x9c, 0x83, 0x07, 0xd1, 0x30, 0xc6, 0x34,
-      0xea, 0x45, 0x0b, 0xa2, 0x02, 0xf6, 0xcf, 0x9d, 0x42, 0xec,
-      0x28, 0xec, 0x1b, 0xf2, 0x8a, 0x52, 0xe9, 0x91 },
-    { 0x4f, 0x12, 0xe0, 0x37, 0x69, 0x6f, 0xfd, 0xa6, 0xe8, 0xbe,
-      0xe9, 0xd4, 0xc9, 0x1d, 0x60, 0x63, 0xd0, 0xd3, 0xcb, 0x56,
-      0x19, 0xd4, 0xa2, 0xd7, 0x3a, 0xc0, 0xfb, 0xd5, 0x7c, 0xba,
-      0x21, 0x7d, 0xeb, 0x28, 0x9d, 0x0a, 0xa9, 0x36, 0x17, 0xb0,
-      0x5e, 0xcb, 0xbc, 0x8c, 0xad, 0x54, 0xef, 0x05, 0xef, 0x96,
-      0xf7, 0x31, 0x53, 0xde, 0x1b, 0x2f, 0x96, 0xb3, 0x7e, 0x87,
-      0xb6, 0x05, 0x47, 0x05, 0x46, 0x98, 0x99, 0x25, 0x20, 0x30,
-      0xfa, 0x5a, 0x76, 0xd4, 0xf2, 0xb7, 0x0c, 0xa3, 0x76, 0x01,
-      0x65, 0xc0, 0xf4, 0x92, 0x53, 0x39, 0x8a, 0x72, 0x65, 0x5c,
-      0x4b, 0x9b, 0x28, 0x42, 0x3b, 0x20, 0xd7, 0x6b, 0xf7, 0x5e,
-      0x52, 0x2b, 0xc8, 0x8d, 0x40, 0x44, 0xad, 0xba, 0x80, 0x49,
-      0x84, 0x36, 0xbd, 0xd0, 0x6a, 0x99, 0x8b, 0xeb, 0xb1, 0xd2,
-      0x6e, 0x60, 0xb6, 0x98, 0xfb, 0xcd, 0xf6, 0x66 },
-    { 0x83, 0xd2, 0x33, 0x3e, 0xb1, 0x26, 0x6f, 0x91, 0xa8, 0xf7,
-      0x8e, 0xa7, 0x58, 0x58, 0xaf, 0xb2, 0x1a, 0x49, 0x6e, 0xa9,
-      0x5b, 0x52, 0x1e, 0xcb, 0x73, 0xe6, 0x9c, 0x6e, 0xa9, 0x44,
-      0x8b, 0x02, 0xf8, 0x88, 0xe9, 0x2c, 0xf2, 0x77, 0xba, 0xb1,
-      0x45, 0xb2, 0x32, 0xb2, 0x9b, 0xd6, 0x44, 0x4a, 0x61, 0xa0,
-      0x86, 0x6d, 0x32, 0x02, 0x53, 0x71, 0x9d, 0x9e, 0xd8, 0x9f,
-      0xf9, 0xc1, 0xd4, 0xdd, 0x8c, 0x34, 0xd2, 0x2c, 0xb9, 0x5a,
-      0xe1, 0x6a, 0x74, 0xe7, 0xce, 0xe7, 0x93, 0xc4, 0x80, 0x4e,
-      0xfb, 0x6b, 0xa8, 0x8c, 0x70, 0xa8, 0xa0, 0xfa, 0x36, 0x46,
-      0x4c, 0x65, 0x14, 0x6d, 0x13, 0x20, 0xfa, 0x15, 0xb4, 0x84,
-      0x4b, 0x28, 0x4e, 0x2a, 0x12, 0x46, 0xa4, 0x54, 0x73, 0x83,
-      0x81, 0x34, 0x80, 0x4a, 0x5c, 0x55, 0x37, 0x86, 0x51, 0x9a,
-      0x4c, 0xcf, 0xa4, 0x22, 0x15, 0xf1, 0xa6, 0x10 },
-    { 0x73, 0x62, 0xf1, 0x3e, 0xc5, 0xa3, 0x16, 0x21, 0x46, 0x35,
-      0x32, 0x15, 0x2f, 0x40, 0xa5, 0x5b, 0x82, 0x26, 0xb6, 0xaf,
-      0xb7, 0xd1, 0xe5, 0x86, 0x8e, 0xdb, 0x61, 0x22, 0xf8, 0xe8,
-      0x6e, 0xf3, 0x28, 0xb2, 0x28, 0x0e, 0x3d, 0x40, 0x75, 0x4c,
-      0xa0, 0x1e, 0x0f, 0x59, 0x6b, 0xf7, 0x6d, 0xad, 0x17, 0xde,
-      0x4b, 0xfe, 0xd5, 0xbe, 0xe3, 0x97, 0xd6, 0xb4, 0x3e, 0xf6,
-      0xf4, 0x5d, 0x9f, 0xbb, 0xb3, 0x97, 0x8d, 0xb8, 0xd8, 0x54,
-      0xdf, 0xb2, 0x52, 0x8f, 0xef, 0x00, 0x93, 0xf5, 0x5f, 0x0a,
-      0xe8, 0x12, 0x01, 0x19, 0x70, 0xe7, 0x3d, 0x77, 0x15, 0x9d,
-      0x66, 0x60, 0xa8, 0x11, 0x7a, 0x87, 0x69, 0xf1, 0xf2, 0x88,
-      0x89, 0x3c, 0xd6, 0x96, 0x05, 0xb6, 0xab, 0x30, 0x18, 0xd2,
-      0x24, 0x1b, 0xa1, 0xee, 0x1a, 0xe1, 0x50, 0xa2, 0xfc, 0x9c,
-      0x1c, 0x63, 0x32, 0x88, 0x67, 0xb4, 0x78, 0xd7 },
-    { 0x2f, 0x10, 0x69, 0x3f, 0xa3, 0x8c, 0x0e, 0xad, 0xd9, 0xb1,
-      0x6f, 0x02, 0xda, 0x0a, 0x20, 0xa8, 0xf0, 0x86, 0x1d, 0x92,
-      0x90, 0x98, 0x36, 0x95, 0x1f, 0xc3, 0x9b, 0xac, 0x89, 0xf0,
-      0xbf, 0x0b, 0xe7, 0xaf, 0x9c, 0xd7, 0x2f, 0x2b, 0x39, 0x9e,
-      0x0e, 0xb1, 0xe7, 0x15, 0xff, 0x56, 0x8f, 0x64, 0x2c, 0x91,
-      0x15, 0x4e, 0xae, 0xc8, 0x91, 0xf9, 0x63, 0xe2, 0xfd, 0xbf,
-      0xb6, 0xc1, 0xa4, 0x55, 0xb6, 0x51, 0x0c, 0xd8, 0xe3, 0xa8,
-      0xd0, 0xd5, 0xd9, 0x36, 0x1d, 0x68, 0x39, 0x87, 0x79, 0x5e,
-      0x37, 0x6f, 0x4f, 0x58, 0xf0, 0xaa, 0x86, 0x08, 0xbb, 0xf0,
-      0xa8, 0x1a, 0x4b, 0x6f, 0xbb, 0xf4, 0x18, 0x94, 0x56, 0x88,
-      0x81, 0x4b, 0x49, 0x47, 0x50, 0xa5, 0xce, 0xce, 0xd2, 0x19,
-      0x4f, 0x1b, 0x8c, 0xc0, 0xa6, 0x5f, 0xa5, 0x1c, 0x36, 0x57,
-      0x79, 0x2e, 0xb2, 0x7c, 0x73, 0xc0, 0xc4, 0x30 },
-    { 0x98, 0x5f, 0x83, 0xe4, 0x4f, 0xe7, 0xa0, 0x43, 0x27, 0x75,
-      0xdb, 0xdd, 0x96, 0x43, 0x7c, 0xdb, 0x1e, 0xff, 0x68, 0xd4,
-      0xad, 0x6f, 0x19, 0x40, 0x5b, 0x53, 0xd2, 0x79, 0x9d, 0xaa,
-      0x9e, 0x4f, 0x25, 0x51, 0xc8, 0xe4, 0xaf, 0x39, 0x53, 0xc8,
-      0x7c, 0x7a, 0xfb, 0x14, 0x08, 0xea, 0x2f, 0x6e, 0x82, 0x8c,
-      0x3a, 0x05, 0xd5, 0x9c, 0xda, 0x99, 0xa6, 0x86, 0xae, 0x49,
-      0x47, 0xf3, 0x82, 0x83, 0x64, 0xba, 0x66, 0xfc, 0x8f, 0xaa,
-      0x62, 0x9e, 0x67, 0x59, 0xac, 0xfe, 0x10, 0xd6, 0x33, 0xac,
-      0x9c, 0xbd, 0x11, 0x13, 0xdc, 0x96, 0xa2, 0x01, 0x1f, 0xb2,
-      0xf8, 0x9f, 0x36, 0x9e, 0xe5, 0x48, 0x04, 0xb6, 0x18, 0x91,
-      0x1e, 0xd6, 0x06, 0x26, 0xe4, 0x68, 0xbf, 0xd6, 0xa9, 0xf6,
-      0x35, 0xa6, 0xf9, 0x74, 0x84, 0x2f, 0x2f, 0xd9, 0x08, 0x7b,
-      0x07, 0xa6, 0xce, 0x91, 0x0c, 0x06, 0xde, 0xd2 },
-    { 0x0c, 0x88, 0xe5, 0x40, 0x0f, 0xe9, 0x62, 0xf1, 0x54, 0xd7,
-      0x79, 0xd5, 0x50, 0xdc, 0xc7, 0x99, 0xbb, 0xf1, 0x5a, 0x6f,
-      0x1e, 0x78, 0x1c, 0xa7, 0x2d, 0x9f, 0x17, 0x9c, 0x0d, 0x8c,
-      0xbc, 0x2e, 0x68, 0xfd, 0xda, 0xa9, 0x92, 0xc0, 0x03, 0xb3,
-      0x07, 0x01, 0x9c, 0x93, 0x1a, 0x44, 0x3c, 0xfa, 0xb0, 0x7d,
-      0x2c, 0xd1, 0xe9, 0xdf, 0x45, 0xcc, 0xa5, 0x25, 0x9e, 0x63,
-      0x9a, 0xbc, 0x45, 0x2a, 0xee, 0x66, 0x84, 0xba, 0xe3, 0x4c,
-      0x5c, 0x22, 0x5a, 0xc5, 0xee, 0xa3, 0xf8, 0xb2, 0x4f, 0x0e,
-      0x3d, 0xc3, 0xf0, 0x76, 0x9c, 0x8a, 0xc1, 0xe1, 0x0c, 0x5b,
-      0x02, 0x8b, 0x74, 0xf4, 0x1b, 0x68, 0x70, 0x79, 0xcf, 0x02,
-      0xed, 0x94, 0x33, 0x40, 0x4c, 0x11, 0x20, 0x18, 0x39, 0xd6,
-      0xb5, 0x2d, 0x70, 0x13, 0x11, 0x60, 0xc2, 0x4b, 0x57, 0x51,
-      0x89, 0x60, 0x3c, 0x16, 0xea, 0xf4, 0x52, 0x94 },
-    { 0x8e, 0x25, 0x60, 0xb8, 0xaf, 0x11, 0x07, 0x15, 0x4e, 0x5d,
-      0xe4, 0x99, 0x3a, 0x25, 0xce, 0xd6, 0xeb, 0xae, 0xa0, 0x19,
-      0xfa, 0x87, 0x77, 0x2f, 0x89, 0xf3, 0x36, 0x27, 0x3b, 0x3a,
-      0x2c, 0xd7, 0x8c, 0x17, 0xae, 0x85, 0x98, 0x7b, 0x90, 0x7a,
-      0x8c, 0x19, 0xfd, 0x8f, 0x92, 0x2d, 0xbc, 0xe8, 0x67, 0x4e,
-      0xac, 0x95, 0x5a, 0x33, 0x06, 0x5a, 0xeb, 0xbb, 0x1f, 0xaf,
-      0xee, 0xd0, 0xe1, 0x97, 0x7b, 0x32, 0x8e, 0x6f, 0xf2, 0xbc,
-      0x37, 0x92, 0x75, 0x98, 0x84, 0x64, 0xb8, 0x0e, 0x32, 0xae,
-      0xbb, 0x9d, 0x5a, 0x38, 0xf7, 0x4f, 0x8d, 0x3a, 0xe2, 0x80,
-      0x14, 0xc1, 0x07, 0x5e, 0x3c, 0x8e, 0xce, 0xca, 0xf0, 0x84,
-      0x8a, 0x75, 0x3e, 0xf2, 0x33, 0x4c, 0x9d, 0x9e, 0x5a, 0xeb,
-      0xc6, 0x80, 0xf7, 0x5b, 0x4b, 0xf6, 0x3a, 0x3c, 0xab, 0x6a,
-      0x84, 0xf7, 0x1a, 0x6a, 0xe8, 0xf4, 0x43, 0x57 },
-    { 0x59, 0x00, 0x5f, 0x22, 0x83, 0x24, 0xf2, 0xe5, 0xfe, 0xf3,
-      0xd9, 0x2b, 0x92, 0xfd, 0x9a, 0x29, 0x88, 0xbe, 0x0c, 0x92,
-      0x8f, 0x92, 0x23, 0x15, 0x23, 0x0c, 0xc7, 0x7c, 0x53, 0x91,
-      0xca, 0x50, 0xb4, 0x1a, 0xb2, 0x65, 0x23, 0x31, 0xd6, 0x11,
-      0x61, 0x27, 0x5a, 0xc2, 0x0a, 0xdf, 0x09, 0xc7, 0x40, 0x40,
-      0x34, 0x5c, 0x8e, 0x0a, 0x28, 0xab, 0x89, 0x29, 0xd4, 0xde,
-      0x97, 0x52, 0x3b, 0x1f, 0x60, 0x78, 0x34, 0x0a, 0x65, 0x10,
-      0x46, 0xd5, 0x27, 0x19, 0xdb, 0x5d, 0xa3, 0x83, 0xbb, 0xa7,
-      0x49, 0xa8, 0x02, 0x00, 0xb1, 0x16, 0x01, 0x18, 0x1e, 0x0b,
-      0x15, 0xcd, 0x3a, 0x94, 0x08, 0xff, 0x22, 0x23, 0x76, 0x32,
-      0x9d, 0xfd, 0x95, 0x0e, 0xb6, 0x38, 0x28, 0x31, 0x9c, 0xdd,
-      0x27, 0xc7, 0x45, 0xa1, 0x07, 0x9f, 0xba, 0xb2, 0xcf, 0x9e,
-      0x56, 0xd3, 0x74, 0x6c, 0x31, 0x41, 0xab, 0xa6 },
-    { 0x57, 0xa7, 0x8e, 0x26, 0xd7, 0x83, 0xdf, 0x6e, 0xe4, 0x49,
-      0x59, 0x36, 0xb4, 0x3b, 0xae, 0x8d, 0xe9, 0x79, 0x18, 0x51,
-      0x32, 0x62, 0xa3, 0x38, 0x00, 0x85, 0xac, 0x6e, 0x17, 0x38,
-      0x2d, 0xa1, 0x00, 0x80, 0xfc, 0x0c, 0xf3, 0x9e, 0xad, 0x9c,
-      0x2d, 0xf1, 0x90, 0xac, 0xb0, 0xe0, 0x86, 0x18, 0x97, 0x71,
-      0x43, 0x01, 0x44, 0xa6, 0x63, 0xda, 0x19, 0x17, 0x57, 0x14,
-      0x85, 0x58, 0xca, 0x58, 0xd0, 0xa7, 0x51, 0xf1, 0x48, 0x8c,
-      0x0d, 0xe6, 0x91, 0x3d, 0xd0, 0x1c, 0xb1, 0x8b, 0x72, 0xb2,
-      0x54, 0x89, 0x16, 0xf7, 0x3f, 0xf3, 0x89, 0x7f, 0x2b, 0x70,
-      0x43, 0xb1, 0x50, 0x44, 0x6c, 0xde, 0x8c, 0x97, 0xf9, 0x32,
-      0x3a, 0x86, 0x56, 0xb6, 0x85, 0xa7, 0x5d, 0x92, 0x66, 0xc5,
-      0x97, 0x3f, 0xbe, 0x73, 0xaa, 0xc0, 0xe9, 0x66, 0xfb, 0x79,
-      0x6b, 0xb1, 0x75, 0x0c, 0x3c, 0x4c, 0x1c, 0x74 },
-    { 0x1c, 0xa3, 0x70, 0xc5, 0x81, 0xc4, 0x72, 0xe8, 0x32, 0x51,
-      0xe4, 0x12, 0x8f, 0x6a, 0xda, 0x87, 0xb4, 0xc5, 0x33, 0xa7,
-      0xf6, 0xd3, 0x5b, 0x7e, 0x85, 0x24, 0x07, 0xd8, 0x08, 0xd8,
-      0xa0, 0x36, 0x41, 0x91, 0x04, 0x8f, 0xac, 0x0f, 0x46, 0x2d,
-      0x6c, 0xa5, 0xef, 0x6a, 0xc4, 0x54, 0xe2, 0x88, 0xe6, 0xec,
-      0x93, 0x01, 0xe0, 0x84, 0x17, 0xd7, 0x65, 0x8f, 0x58, 0x9b,
-      0x0c, 0x45, 0x44, 0xd0, 0xec, 0xfa, 0x24, 0x45, 0xad, 0x96,
-      0xad, 0xc3, 0xc4, 0x6b, 0x39, 0x18, 0x67, 0xf0, 0x86, 0x43,
-      0xe5, 0xd7, 0xa6, 0x7d, 0xc2, 0x0e, 0xf5, 0x00, 0x9c, 0x8d,
-      0x59, 0xf5, 0x40, 0xdf, 0x57, 0x9d, 0x72, 0xdf, 0x32, 0x32,
-      0x33, 0xb9, 0x3d, 0xeb, 0x8c, 0x54, 0x27, 0x83, 0x18, 0x86,
-      0xcf, 0x3b, 0x2b, 0x49, 0xa9, 0x27, 0x94, 0x10, 0xc3, 0xac,
-      0x16, 0x1b, 0x34, 0x6f, 0x40, 0xdb, 0xdd, 0xd8 },
-    { 0x25, 0x84, 0xb3, 0x4c, 0x4c, 0x33, 0xac, 0x79, 0x32, 0xdb,
-      0x52, 0xf4, 0xe6, 0x26, 0x5b, 0xaa, 0x53, 0xd0, 0x44, 0x8a,
-      0x1d, 0xbd, 0x3b, 0x03, 0x83, 0xbf, 0x46, 0x4e, 0x2e, 0xfd,
-      0x90, 0x03, 0x71, 0xa1, 0x17, 0x20, 0x2b, 0x42, 0x50, 0x72,
-      0x6c, 0x31, 0x1c, 0x3d, 0xc0, 0x86, 0x7e, 0x39, 0xca, 0xd4,
-      0x67, 0xb5, 0x08, 0xcd, 0x1c, 0xd2, 0x0d, 0xd2, 0x80, 0x1d,
-      0xf9, 0x9d, 0xae, 0x74, 0x22, 0x4b, 0x28, 0x82, 0xe1, 0x88,
-      0xf1, 0x2d, 0xb5, 0xde, 0xcf, 0xd0, 0x23, 0x90, 0x4c, 0x35,
-      0x0b, 0xf1, 0x61, 0xa1, 0xc7, 0xbd, 0x31, 0xf7, 0x78, 0xde,
-      0x52, 0x3a, 0x9c, 0xda, 0x12, 0x8b, 0xb5, 0xfe, 0x87, 0xf4,
-      0xf5, 0xb0, 0x1f, 0xdb, 0x49, 0x05, 0xaa, 0xbf, 0x41, 0x16,
-      0x32, 0x02, 0x73, 0x12, 0x87, 0x9c, 0xfd, 0x19, 0x98, 0xb3,
-      0x94, 0xbd, 0x51, 0x71, 0xa8, 0x01, 0xb6, 0x8a },
-    { 0x7e, 0x81, 0x13, 0x74, 0x3f, 0x9a, 0xb0, 0x85, 0xac, 0xdd,
-      0xb6, 0xff, 0x95, 0x1c, 0xa4, 0x9a, 0xe1, 0xc8, 0x35, 0x45,
-      0x69, 0x80, 0x7b, 0xaa, 0xaf, 0xb6, 0x02, 0x69, 0xff, 0x51,
-      0xa9, 0xff, 0xfe, 0x6a, 0xd2, 0x2e, 0xf2, 0xd5, 0x73, 0x7c,
-      0x6b, 0x3f, 0xaa, 0xbe, 0x18, 0x78, 0x97, 0xe0, 0x59, 0x27,
-      0xdd, 0x51, 0xdc, 0x7c, 0xb4, 0x88, 0x00, 0x26, 0x67, 0x06,
-      0x4d, 0xf6, 0xc7, 0xd0, 0x2e, 0x42, 0xc3, 0xe1, 0x62, 0xee,
-      0x7c, 0xc8, 0x76, 0xdd, 0x30, 0x45, 0xa8, 0xb9, 0xa6, 0x57,
-      0x3f, 0x27, 0x18, 0x54, 0xac, 0x05, 0x45, 0x24, 0x04, 0xc2,
-      0xbb, 0x36, 0xfa, 0x17, 0xd8, 0x0d, 0x45, 0x5d, 0x18, 0x5c,
-      0x48, 0x74, 0x91, 0x3d, 0x42, 0x2e, 0x71, 0xf7, 0xfd, 0x60,
-      0xb5, 0xf8, 0xa5, 0xe7, 0x40, 0xba, 0x45, 0xfb, 0xe5, 0x23,
-      0x3c, 0xb8, 0x63, 0x89, 0x2a, 0xee, 0xc6, 0x88 },
-    { 0x43, 0x6b, 0x8c, 0x64, 0xdf, 0x84, 0x85, 0xa6, 0x00, 0x1c,
-      0x79, 0x18, 0xba, 0x56, 0xfa, 0x91, 0x63, 0x76, 0xc1, 0xa2,
-      0x63, 0xdb, 0x2b, 0xfe, 0xfe, 0x0c, 0x9f, 0x81, 0x39, 0x6d,
-      0xa4, 0x22, 0xe4, 0x53, 0x86, 0x67, 0x32, 0xa1, 0xad, 0x94,
-      0x23, 0xe0, 0xb4, 0x6c, 0xae, 0xec, 0x0b, 0xfe, 0x97, 0xd7,
-      0x1e, 0xff, 0x50, 0x04, 0xf2, 0x86, 0xbb, 0x07, 0x6b, 0x98,
-      0xe3, 0x91, 0xc0, 0xcd, 0xda, 0x77, 0x4d, 0xe5, 0xf5, 0xff,
-      0x43, 0xcb, 0x0c, 0x1c, 0x15, 0x5a, 0x23, 0x86, 0xc4, 0x53,
-      0x98, 0x45, 0xcd, 0x06, 0x15, 0xb0, 0xcd, 0x5e, 0x2f, 0xd0,
-      0x9d, 0xb0, 0xe5, 0x89, 0x66, 0x9c, 0xb5, 0x38, 0x12, 0xd3,
-      0x6c, 0x46, 0xd1, 0xd3, 0x3e, 0x02, 0xd0, 0xb8, 0x04, 0x09,
-      0xb4, 0x7d, 0x91, 0x91, 0x8e, 0xa8, 0xce, 0x11, 0x17, 0xe1,
-      0xad, 0x72, 0x2a, 0x8b, 0x83, 0x0a, 0x88, 0xb1 },
-    { 0x52, 0x66, 0xca, 0x9e, 0x6d, 0xbe, 0x95, 0xe1, 0x1d, 0xf7,
-      0xaa, 0xe4, 0x07, 0x68, 0xcb, 0x66, 0x6f, 0x7c, 0x90, 0xe1,
-      0x53, 0x7d, 0xa5, 0xff, 0xe5, 0xdc, 0xde, 0x62, 0x17, 0x95,
-      0x44, 0x05, 0x50, 0x60, 0x07, 0x5e, 0x02, 0x43, 0xdc, 0xb6,
-      0xe5, 0x01, 0x85, 0x17, 0xcd, 0x51, 0xe5, 0x3f, 0xe6, 0x14,
-      0x14, 0x8e, 0xd4, 0x73, 0x94, 0xa3, 0x79, 0x90, 0x8b, 0x90,
-      0x8c, 0x92, 0x79, 0x9d, 0xe4, 0xf9, 0xd4, 0x1e, 0x18, 0xd9,
-      0x70, 0x68, 0xdd, 0x7d, 0x68, 0xc9, 0x43, 0xc8, 0xc2, 0x86,
-      0x63, 0x3b, 0x95, 0xde, 0xb2, 0x3b, 0x41, 0xdf, 0x01, 0xa5,
-      0x2e, 0x33, 0x07, 0x1a, 0x34, 0x7a, 0x54, 0x89, 0x16, 0xaf,
-      0xfc, 0x94, 0x51, 0xdc, 0x5a, 0x77, 0x65, 0xd3, 0x0c, 0x18,
-      0xee, 0xbd, 0xdf, 0xa6, 0x1e, 0x94, 0xa0, 0x77, 0xdf, 0x84,
-      0x88, 0x11, 0x7e, 0x9d, 0x8a, 0xb7, 0x64, 0xbc },
-    { 0x41, 0xf3, 0x25, 0xb9, 0x9c, 0xd8, 0x4a, 0x2b, 0xc1, 0x7a,
-      0x09, 0x20, 0x1f, 0xc6, 0x70, 0x3a, 0x0f, 0x32, 0xb4, 0x49,
-      0x4f, 0xb4, 0xcb, 0x67, 0xa9, 0x75, 0x04, 0x4e, 0x62, 0x6b,
-      0xea, 0x27, 0x7d, 0xec, 0x36, 0x2b, 0x7b, 0xd3, 0xe2, 0x20,
-      0x89, 0x9a, 0x20, 0xb4, 0x14, 0x6e, 0xf8, 0xff, 0x20, 0x7c,
-      0x13, 0x47, 0x2b, 0x2f, 0x3b, 0xff, 0x6f, 0xb8, 0xcb, 0x1d,
-      0x14, 0x96, 0x0d, 0x7c, 0xf1, 0xe2, 0x98, 0xfd, 0x94, 0x0c,
-      0xe1, 0xe8, 0x8f, 0x34, 0xe1, 0x74, 0x86, 0xc3, 0x1f, 0xf0,
-      0x35, 0x19, 0xc6, 0xe3, 0x19, 0xfd, 0x70, 0xc1, 0x3e, 0x6e,
-      0x69, 0x24, 0x30, 0x25, 0x7c, 0xfc, 0x21, 0x38, 0xa1, 0xe8,
-      0xfd, 0xe5, 0xa4, 0xfd, 0xb3, 0x41, 0x84, 0x40, 0xeb, 0x04,
-      0xf4, 0x9d, 0xf9, 0xe4, 0xaf, 0x5a, 0x7c, 0x38, 0xe5, 0x40,
-      0x84, 0xdd, 0xee, 0x6d, 0x13, 0x86, 0xb3, 0xdb },
-    { 0x56, 0xb3, 0x0f, 0xb6, 0xe5, 0x8c, 0xea, 0x9e, 0x7d, 0xb3,
-      0xd3, 0x7b, 0xd9, 0xaa, 0x18, 0xfd, 0x49, 0xef, 0x46, 0x70,
-      0xeb, 0x8c, 0x34, 0x68, 0x00, 0xf2, 0xe3, 0xac, 0x24, 0x2c,
-      0xa8, 0xfd, 0x89, 0x47, 0xba, 0x6d, 0x9b, 0xfd, 0x07, 0xdd,
-      0xc6, 0x47, 0x70, 0x5e, 0xa7, 0x61, 0xba, 0x43, 0x3d, 0xb6,
-      0xd2, 0x8d, 0x23, 0x40, 0x0a, 0xa7, 0x59, 0x23, 0x52, 0x1f,
-      0x1d, 0xac, 0x89, 0x44, 0xdf, 0xe2, 0xdc, 0x47, 0xf1, 0x7b,
-      0x73, 0x41, 0x98, 0x27, 0x6d, 0x96, 0x28, 0x9e, 0x7b, 0xb9,
-      0x2a, 0x57, 0x8c, 0xb5, 0x06, 0x3e, 0x7b, 0x38, 0x59, 0x05,
-      0xe1, 0xd9, 0x4b, 0xed, 0x33, 0x8d, 0x34, 0x06, 0x47, 0x04,
-      0xa6, 0x20, 0x08, 0x3b, 0xa8, 0xef, 0x28, 0x22, 0x4d, 0x86,
-      0x4c, 0xe5, 0xe7, 0x48, 0x49, 0x8e, 0x00, 0x72, 0x8a, 0xfc,
-      0x31, 0x2e, 0xd5, 0x13, 0xce, 0x28, 0x43, 0xa4 },
-    { 0x13, 0x53, 0xcc, 0x57, 0x58, 0xbd, 0xd1, 0x46, 0x89, 0x90,
-      0x81, 0xe5, 0xdc, 0xcf, 0x7f, 0x07, 0xe4, 0x72, 0xfb, 0x8b,
-      0x17, 0xc0, 0xd9, 0x69, 0x58, 0xf8, 0x8c, 0x51, 0xc6, 0x52,
-      0x3a, 0x79, 0x3e, 0xdf, 0x81, 0xf5, 0x85, 0xd3, 0xcd, 0x83,
-      0xde, 0xa9, 0xb4, 0xfa, 0xf8, 0x72, 0x04, 0xae, 0x30, 0x92,
-      0x23, 0x77, 0x90, 0xbb, 0x1c, 0xd8, 0xc4, 0xe0, 0xb7, 0xf8,
-      0x94, 0x39, 0x2a, 0x91, 0x78, 0xb6, 0x34, 0xa5, 0xad, 0xe8,
-      0xa8, 0x8d, 0x0b, 0xfa, 0xef, 0xa5, 0x1f, 0x2f, 0xae, 0xcb,
-      0xc3, 0x4e, 0x40, 0x75, 0x65, 0xf8, 0x07, 0xd3, 0x21, 0x23,
-      0x53, 0x3c, 0xb2, 0xe8, 0x1c, 0x3a, 0x3b, 0xed, 0x9a, 0x44,
-      0x92, 0x4b, 0x00, 0x8a, 0x20, 0xd8, 0x87, 0x98, 0x3a, 0xda,
-      0x44, 0x1f, 0x7a, 0xf9, 0x22, 0xdc, 0x87, 0x32, 0xc8, 0x91,
-      0x07, 0xec, 0xdc, 0xaa, 0xcd, 0x80, 0xa4, 0x28 },
-    { 0x3e, 0xc2, 0x18, 0x5d, 0xf4, 0x51, 0xdf, 0x58, 0x72, 0x3a,
-      0x83, 0x0e, 0x5a, 0x21, 0xe7, 0x89, 0x8d, 0x1d, 0xf4, 0x3c,
-      0xbb, 0x1c, 0xc1, 0xf1, 0x8f, 0x41, 0x93, 0xa9, 0xa6, 0xb1,
-      0x6e, 0xbd, 0xbc, 0x69, 0xcf, 0xc0, 0x52, 0x87, 0x7a, 0xe5,
-      0x75, 0xf4, 0xe5, 0x70, 0xf8, 0xa3, 0x62, 0x35, 0xa5, 0x58,
-      0xf9, 0x28, 0x15, 0x5c, 0xe6, 0xde, 0x8a, 0x79, 0x7f, 0xc7,
-      0x95, 0x8d, 0xdb, 0xad, 0x49, 0x68, 0x5d, 0x86, 0xcd, 0x39,
-      0xe4, 0x2b, 0x84, 0x16, 0xa7, 0xe0, 0x72, 0xd6, 0x72, 0x97,
-      0xf1, 0x58, 0x3e, 0xd6, 0x27, 0xf8, 0x12, 0x94, 0x2a, 0xb3,
-      0xa1, 0x64, 0x6a, 0x7b, 0x8e, 0x82, 0xd9, 0x35, 0xbf, 0x51,
-      0x20, 0x47, 0x04, 0x0c, 0x8d, 0x94, 0x34, 0xa0, 0xdc, 0xe8,
-      0xb8, 0xe7, 0x59, 0xe8, 0xb5, 0xa2, 0x64, 0x9b, 0x89, 0xc7,
-      0x28, 0xa5, 0x64, 0x97, 0x39, 0xbf, 0x6e, 0x18 },
-    { 0x89, 0xb3, 0x56, 0xb6, 0xa2, 0x11, 0xab, 0xe5, 0x30, 0x87,
-      0xdc, 0x5c, 0xe9, 0xd4, 0x47, 0xa3, 0x5f, 0x1d, 0xe8, 0xcc,
-      0x39, 0xbd, 0xd6, 0x66, 0xbc, 0x93, 0xc5, 0xf3, 0x54, 0x97,
-      0xaa, 0x72, 0xb5, 0x27, 0xc5, 0x7b, 0x8b, 0xc9, 0x76, 0x07,
-      0xb4, 0xa6, 0x7a, 0xe7, 0xd3, 0x89, 0x51, 0xe0, 0xb0, 0xd8,
-      0x4b, 0x1f, 0x8d, 0x7d, 0x43, 0x29, 0x8e, 0x40, 0x61, 0x21,
-      0x06, 0xbc, 0x05, 0x50, 0xba, 0x18, 0x8c, 0x56, 0x7b, 0xc2,
-      0x8b, 0x9d, 0x60, 0x24, 0x2a, 0xcb, 0x12, 0xf0, 0xd2, 0xc8,
-      0x69, 0xd4, 0x9c, 0xe1, 0xc7, 0x78, 0x50, 0xbe, 0x35, 0x03,
-      0x14, 0x9f, 0x37, 0xf3, 0x51, 0xf9, 0xb7, 0xdd, 0x2d, 0x25,
-      0x04, 0x7a, 0xe0, 0x9c, 0x92, 0xe0, 0x2d, 0x93, 0xa0, 0x9f,
-      0x80, 0xf6, 0x69, 0x82, 0xc6, 0xcc, 0x6e, 0x51, 0xd4, 0x12,
-      0xb9, 0xd4, 0xc7, 0xd7, 0x1f, 0x0b, 0xc2, 0xd7 },
-    { 0x39, 0xc4, 0xf1, 0x0d, 0x57, 0xc5, 0xd1, 0x26, 0x65, 0x6f,
-      0x18, 0xe0, 0x8a, 0x0d, 0x4f, 0x52, 0x7e, 0x12, 0x02, 0xbe,
-      0x87, 0xad, 0xc2, 0xf9, 0x4e, 0xf3, 0xa8, 0x0e, 0xdc, 0x60,
-      0xee, 0xe5, 0x2c, 0xc2, 0x7c, 0xef, 0x00, 0xbf, 0x79, 0x28,
-      0xe1, 0xbb, 0x97, 0x02, 0x55, 0x84, 0xbc, 0x86, 0x9c, 0xf5,
-      0x81, 0x7f, 0x87, 0x64, 0x86, 0x43, 0x01, 0x16, 0x19, 0xc9,
-      0xcb, 0x16, 0x2d, 0xc2, 0xee, 0x62, 0x8e, 0xce, 0xf4, 0x26,
-      0xda, 0xea, 0x63, 0xe1, 0x1d, 0x26, 0x37, 0x43, 0x36, 0x58,
-      0x11, 0xb0, 0x4f, 0x72, 0x0e, 0x41, 0xd9, 0x4e, 0x56, 0x64,
-      0xa2, 0xda, 0x8b, 0x86, 0x57, 0xa3, 0xf5, 0xb5, 0x6b, 0xf7,
-      0xad, 0xac, 0x9e, 0x5c, 0x41, 0x3a, 0xbf, 0xc9, 0x1c, 0x1d,
-      0x4b, 0x72, 0x0f, 0xb8, 0x0b, 0xaa, 0xa8, 0x71, 0xb7, 0xa9,
-      0xed, 0x6d, 0xb0, 0xaf, 0xdf, 0xdc, 0xc8, 0x37 },
-    { 0x41, 0x4b, 0x54, 0x2d, 0x49, 0x15, 0x2b, 0x00, 0xcf, 0xf1,
-      0x64, 0x78, 0x90, 0x69, 0xfb, 0xcc, 0x0b, 0x9a, 0x17, 0x07,
-      0xb6, 0xe5, 0x79, 0xcf, 0x44, 0xc6, 0xc9, 0x77, 0x5a, 0xed,
-      0x24, 0xc4, 0xfd, 0xe5, 0xbe, 0x8d, 0x73, 0xf7, 0xe3, 0x39,
-      0x28, 0x17, 0xeb, 0xb3, 0xd4, 0x6f, 0xf5, 0x1b, 0xbe, 0xc7,
-      0x76, 0x7e, 0xc7, 0xd4, 0xc5, 0x56, 0xf2, 0xb6, 0x37, 0x25,
-      0xf1, 0xaa, 0x12, 0x02, 0xa7, 0xbc, 0x17, 0x75, 0x89, 0x4c,
-      0x44, 0x44, 0xc8, 0x41, 0xe9, 0xea, 0x3b, 0xd1, 0x62, 0x83,
-      0x6d, 0x1e, 0x6d, 0x35, 0xa8, 0x1a, 0x0a, 0x78, 0x7d, 0xac,
-      0x80, 0xd0, 0x81, 0x1a, 0xc7, 0x2d, 0x79, 0xb6, 0x8b, 0x67,
-      0x02, 0x06, 0x8d, 0x84, 0xed, 0xc1, 0xcd, 0xad, 0x4b, 0xd4,
-      0xee, 0x54, 0x55, 0x5b, 0x09, 0x18, 0xa5, 0x18, 0xaa, 0x9d,
-      0xb3, 0xa9, 0xb6, 0x8c, 0xe8, 0x8a, 0xec, 0xd3 },
-    { 0x52, 0x67, 0x8d, 0x6a, 0xe0, 0x0b, 0x8b, 0x2a, 0x43, 0x97,
-      0x78, 0x74, 0x44, 0x4e, 0x85, 0x15, 0x3c, 0x73, 0x62, 0xfa,
-      0x96, 0x08, 0xf5, 0xbf, 0xf4, 0x8e, 0x62, 0x3e, 0x27, 0x0d,
-      0x17, 0xa6, 0x13, 0x33, 0x8e, 0xf8, 0xed, 0x55, 0x6a, 0x6c,
-      0x74, 0xab, 0x92, 0x48, 0xd1, 0x84, 0x30, 0x07, 0xaf, 0x1f,
-      0x4a, 0x6e, 0x74, 0x0d, 0xb2, 0x9c, 0xb2, 0xe4, 0xd6, 0x6c,
-      0x1b, 0xa2, 0xae, 0xa9, 0x70, 0x8f, 0x9b, 0x32, 0x44, 0xaf,
-      0x08, 0x2e, 0xe1, 0x31, 0xe8, 0x8f, 0x94, 0x50, 0x69, 0x0a,
-      0x9f, 0x9d, 0x35, 0xac, 0x81, 0xc6, 0xe6, 0xd7, 0x3e, 0xf0,
-      0x56, 0x02, 0x90, 0x13, 0xe4, 0xec, 0xc7, 0x88, 0xc6, 0x17,
-      0x05, 0x12, 0x0e, 0x70, 0x42, 0x5f, 0xb5, 0x12, 0xde, 0xbb,
-      0x20, 0xaf, 0x5b, 0x7f, 0x4e, 0x1b, 0x90, 0xe6, 0x71, 0x3a,
-      0x33, 0xc3, 0x1e, 0x58, 0x60, 0x6e, 0x17, 0x3b },
-    { 0x70, 0x40, 0xba, 0x5b, 0xc1, 0x0c, 0xee, 0xdd, 0x04, 0x5a,
-      0xc6, 0x14, 0xc8, 0xef, 0xce, 0xa6, 0x23, 0xa5, 0x9c, 0x1d,
-      0xbf, 0x22, 0xf6, 0x82, 0xb8, 0xee, 0x84, 0x2a, 0x5d, 0x99,
-      0x74, 0xc9, 0x4b, 0x58, 0xf9, 0xb2, 0xd3, 0x05, 0x3b, 0x4f,
-      0x3e, 0xcd, 0x40, 0x75, 0x0f, 0x79, 0x48, 0xa9, 0x0e, 0x41,
-      0x19, 0x6e, 0xf6, 0xd2, 0xd7, 0xff, 0xf3, 0x9c, 0x49, 0x0e,
-      0x5a, 0xa5, 0x69, 0x5c, 0xfa, 0xb4, 0x18, 0xd3, 0x2c, 0x1b,
-      0xf9, 0x06, 0x1a, 0x33, 0xe9, 0x4f, 0x3f, 0x7d, 0x9e, 0x09,
-      0x2b, 0xd6, 0x18, 0x04, 0x93, 0x33, 0x44, 0x85, 0x25, 0x8c,
-      0x2c, 0x52, 0xa5, 0x71, 0xf8, 0x9b, 0x85, 0x09, 0xd4, 0x14,
-      0x2d, 0xfd, 0x49, 0x1f, 0x0e, 0x03, 0xf4, 0x96, 0x92, 0x7a,
-      0x5f, 0x81, 0x52, 0xd6, 0x65, 0x3c, 0xa9, 0x2b, 0xc0, 0xab,
-      0x5d, 0xff, 0x1c, 0x59, 0xdf, 0x36, 0xae, 0xb4 },
-    { 0x90, 0x43, 0xa6, 0xd6, 0x0b, 0xd1, 0xc9, 0xc1, 0x3d, 0x28,
-      0x1e, 0x1a, 0xfe, 0x87, 0x32, 0x48, 0xff, 0x2d, 0xff, 0x4e,
-      0x70, 0xf4, 0xea, 0xa3, 0xfa, 0xc3, 0xe5, 0x82, 0x43, 0x65,
-      0x78, 0x4a, 0x97, 0xd2, 0xb7, 0x21, 0xb7, 0x74, 0xc3, 0x1e,
-      0xaf, 0x9a, 0x23, 0xe8, 0xe7, 0xe3, 0x86, 0x0e, 0xc1, 0xfe,
-      0x0d, 0x8a, 0xde, 0x1d, 0x33, 0x6f, 0x65, 0x27, 0x34, 0x9f,
-      0xfb, 0x29, 0x4c, 0x4a, 0x2f, 0xd4, 0xf0, 0xc6, 0x5b, 0x25,
-      0xf0, 0x06, 0x34, 0x92, 0x27, 0x6b, 0x86, 0x67, 0x69, 0x6b,
-      0x1e, 0x01, 0xa7, 0x42, 0x28, 0x14, 0xc1, 0x77, 0x88, 0x86,
-      0xd8, 0x76, 0xd2, 0xcd, 0xa9, 0xd2, 0x9d, 0x76, 0x94, 0xf1,
-      0x27, 0x3b, 0x61, 0x73, 0x0a, 0x09, 0x66, 0x50, 0x1a, 0xd9,
-      0x3d, 0x4f, 0x31, 0xa6, 0x35, 0x03, 0x18, 0x43, 0x27, 0xe0,
-      0x2c, 0x36, 0x4f, 0x81, 0x51, 0x5a, 0x1a, 0x96 },
-    { 0x26, 0x36, 0x2b, 0x48, 0x3a, 0x12, 0x5f, 0x35, 0xb0, 0x76,
-      0x0a, 0x3c, 0xb7, 0x3e, 0xac, 0x46, 0xe4, 0x5c, 0x75, 0xdf,
-      0xff, 0xaa, 0xd0, 0x78, 0x7b, 0xd2, 0xc1, 0x38, 0x1e, 0x35,
-      0x79, 0xb2, 0x95, 0x77, 0x1f, 0xa2, 0xdb, 0x4e, 0x80, 0x1a,
-      0x79, 0xbc, 0x85, 0xc6, 0x4e, 0x8d, 0xa1, 0x54, 0x2c, 0x8d,
-      0x38, 0x34, 0x40, 0xc9, 0x2a, 0xf9, 0xfb, 0x12, 0xea, 0x4d,
-      0xf5, 0x97, 0xf6, 0x63, 0xc3, 0xc3, 0x46, 0x3a, 0xe4, 0x06,
-      0x98, 0x80, 0x99, 0x6b, 0x08, 0x22, 0xce, 0xdf, 0xcd, 0x94,
-      0x8a, 0xd7, 0xa0, 0x3a, 0x9c, 0xbe, 0x10, 0x6f, 0xb8, 0x01,
-      0xc8, 0x3d, 0x34, 0xa2, 0xea, 0x06, 0x92, 0x87, 0x54, 0xbd,
-      0x61, 0x62, 0x00, 0xf3, 0x2a, 0xc1, 0x60, 0xcc, 0xe0, 0x08,
-      0x88, 0xac, 0x1b, 0x2d, 0xed, 0x5c, 0xab, 0xbc, 0x3b, 0xe3,
-      0x15, 0x11, 0xa0, 0xfe, 0x76, 0x6c, 0x79, 0x37 },
-    { 0x2e, 0x95, 0x2b, 0x20, 0x55, 0x5c, 0x93, 0x5e, 0x45, 0x2f,
-      0xe2, 0x31, 0x09, 0xff, 0x59, 0xba, 0x9c, 0x86, 0xe0, 0xb2,
-      0x96, 0xc6, 0xb5, 0xee, 0x92, 0xc2, 0x65, 0x63, 0xc1, 0x43,
-      0x92, 0x73, 0x5a, 0xce, 0x53, 0xd1, 0xbe, 0xe0, 0xf2, 0xe9,
-      0x19, 0x3f, 0x88, 0xc8, 0x05, 0x4d, 0x54, 0x71, 0x7b, 0x60,
-      0xd4, 0x64, 0xa7, 0xbf, 0x21, 0xda, 0x45, 0xe4, 0xf2, 0xa5,
-      0xbe, 0xa9, 0xcd, 0x49, 0x21, 0xfb, 0xd3, 0x10, 0x1e, 0x06,
-      0xd4, 0x85, 0x39, 0x1f, 0x68, 0x8a, 0x44, 0xf9, 0x71, 0x45,
-      0xa5, 0xee, 0xb2, 0xb1, 0x4c, 0x0d, 0xa1, 0xe9, 0xfd, 0x3d,
-      0x20, 0xea, 0xff, 0x55, 0x2b, 0xac, 0xdb, 0x70, 0x90, 0x72,
-      0xcb, 0x86, 0xb3, 0x33, 0x8b, 0x07, 0xbb, 0x86, 0xaf, 0x5e,
-      0x4b, 0x75, 0x2d, 0x0e, 0xe8, 0x77, 0x69, 0xe9, 0xee, 0x71,
-      0x25, 0xc6, 0x8d, 0x28, 0xee, 0xfc, 0x3e, 0x89 },
-    { 0x12, 0x36, 0xd0, 0x17, 0x30, 0x37, 0x8e, 0x4b, 0x1c, 0x0a,
-      0x84, 0xc9, 0xeb, 0x53, 0xef, 0x06, 0xa5, 0xc1, 0x48, 0x96,
-      0xdb, 0x2f, 0x02, 0x73, 0x2b, 0xcd, 0x96, 0xb0, 0xb0, 0x93,
-      0x77, 0xe0, 0xff, 0x60, 0x4a, 0x11, 0x17, 0x55, 0x9a, 0x30,
-      0x7c, 0x14, 0xef, 0x33, 0x53, 0xb1, 0xfa, 0x97, 0x7a, 0xaa,
-      0x53, 0xf2, 0xa4, 0x4d, 0x2f, 0xa8, 0x8e, 0xf8, 0x3f, 0xb3,
-      0x9d, 0x6e, 0xbc, 0xb1, 0xa5, 0xc2, 0x6e, 0x3a, 0x7f, 0xbd,
-      0x85, 0x6d, 0x02, 0x51, 0x13, 0xec, 0x6c, 0x12, 0x20, 0x76,
-      0x28, 0x35, 0xb3, 0x86, 0x18, 0x1e, 0x5e, 0x33, 0xbc, 0x70,
-      0x2f, 0x26, 0xa2, 0x63, 0xec, 0xc9, 0x58, 0x0e, 0x2e, 0xc9,
-      0x35, 0x5f, 0xf2, 0xb5, 0x10, 0x3e, 0x45, 0xb6, 0x00, 0x7b,
-      0x1b, 0x86, 0xe6, 0x8a, 0x5d, 0xbe, 0xd4, 0x3d, 0xfc, 0x58,
-      0x2a, 0x84, 0x6b, 0xca, 0xd7, 0x5f, 0x88, 0x6e },
-    { 0x02, 0xa4, 0x80, 0x14, 0x62, 0x0c, 0xb5, 0x6e, 0x35, 0x3c,
-      0x2d, 0x85, 0x4b, 0x9e, 0xc7, 0xea, 0xe6, 0x16, 0xf5, 0x55,
-      0x6c, 0x97, 0xf0, 0xe9, 0x19, 0x88, 0x19, 0x41, 0xd1, 0x46,
-      0x58, 0xf3, 0xb3, 0xfc, 0xd3, 0x65, 0x24, 0x38, 0x90, 0x6d,
-      0xbb, 0x0c, 0x5d, 0x66, 0x74, 0xcc, 0x95, 0xcb, 0x7d, 0x2c,
-      0x72, 0x7d, 0xba, 0x75, 0x30, 0xe9, 0x3b, 0xdd, 0xe1, 0xa8,
-      0x70, 0x6e, 0xf8, 0x17, 0x65, 0xba, 0xf5, 0x94, 0x33, 0x0a,
-      0x32, 0x82, 0xf0, 0xec, 0x0b, 0x38, 0x42, 0x31, 0x45, 0x76,
-      0x55, 0x4f, 0xbb, 0x9f, 0xed, 0x01, 0x08, 0x00, 0x86, 0x52,
-      0x46, 0x29, 0x0e, 0x2b, 0xe7, 0xe2, 0x37, 0x12, 0x71, 0x4c,
-      0x93, 0x4b, 0xc2, 0xb0, 0x13, 0x00, 0xdf, 0xa0, 0x61, 0x3b,
-      0xc3, 0x4b, 0x29, 0xae, 0x47, 0x68, 0x64, 0x60, 0x97, 0xae,
-      0xd7, 0x48, 0x1c, 0x8f, 0xc0, 0x84, 0x37, 0x3b },
-    { 0x1d, 0x8b, 0xde, 0x6f, 0x8f, 0x21, 0x7f, 0xe0, 0x31, 0x39,
-      0x04, 0x14, 0xb5, 0x5f, 0x75, 0xf3, 0xa4, 0x4e, 0x2c, 0x25,
-      0xc3, 0x55, 0x6d, 0x18, 0xbe, 0x2d, 0xa8, 0x87, 0xa2, 0xe8,
-      0xc3, 0xda, 0x43, 0x04, 0x46, 0x60, 0x91, 0xeb, 0x25, 0x99,
-      0x19, 0x2a, 0x64, 0xb7, 0x36, 0x9f, 0x46, 0xc7, 0x32, 0x39,
-      0x5d, 0xee, 0x1e, 0x01, 0x14, 0xde, 0xee, 0x95, 0x7c, 0x67,
-      0x49, 0xfc, 0xb8, 0x80, 0xde, 0xc0, 0xff, 0xbf, 0x8e, 0xc9,
-      0x55, 0xfd, 0x99, 0xab, 0x26, 0xbd, 0x9f, 0x15, 0x4d, 0x1f,
-      0xf0, 0xa7, 0xb4, 0x27, 0xaa, 0xda, 0xc2, 0x58, 0xf5, 0xd6,
-      0x3b, 0xbb, 0x83, 0x83, 0x50, 0x83, 0xe8, 0x7e, 0x1b, 0x46,
-      0xd8, 0x28, 0x93, 0x7d, 0x71, 0x7c, 0x9c, 0x27, 0x69, 0xd0,
-      0x11, 0xc5, 0x22, 0x9a, 0x1c, 0x54, 0x90, 0x59, 0xba, 0xa6,
-      0x11, 0xd6, 0xd2, 0x3d, 0x50, 0x6c, 0xcd, 0x38 },
-    { 0x34, 0x9c, 0x69, 0x43, 0xc6, 0x10, 0x13, 0xc1, 0xf5, 0x65,
-      0xb2, 0x8b, 0xcc, 0x83, 0x20, 0x9e, 0xb3, 0x6e, 0xd3, 0x5c,
-      0xde, 0xb9, 0x3b, 0x87, 0xb9, 0xb0, 0x0a, 0x02, 0x36, 0x0d,
-      0x3a, 0x26, 0xdc, 0x37, 0x5c, 0x84, 0xee, 0x8d, 0x21, 0x39,
-      0xd8, 0x19, 0x6b, 0x5b, 0xb6, 0xfc, 0x65, 0x5a, 0x74, 0xfc,
-      0x2a, 0x6a, 0xbf, 0xb1, 0x76, 0x38, 0x79, 0x93, 0xf5, 0x7a,
-      0xac, 0x94, 0xd4, 0xd1, 0x59, 0x4d, 0x4d, 0x43, 0xf8, 0x8b,
-      0x05, 0xe6, 0x41, 0x4d, 0xec, 0xcb, 0xa6, 0x72, 0xba, 0x38,
-      0xf4, 0x21, 0x38, 0x26, 0x6f, 0x1b, 0xb6, 0x5c, 0x93, 0x97,
-      0xc9, 0x7a, 0xb1, 0x0f, 0xec, 0x10, 0xdb, 0xe0, 0x67, 0x16,
-      0x5a, 0x06, 0x07, 0x76, 0x86, 0x2b, 0xbc, 0xb7, 0xd6, 0xf0,
-      0x58, 0x46, 0x6e, 0x54, 0xf1, 0x9c, 0xb0, 0x6e, 0xcb, 0x9f,
-      0x03, 0xcd, 0x39, 0xf8, 0xa2, 0x02, 0x89, 0x24 },
-    { 0x05, 0x65, 0x87, 0xab, 0x89, 0xc2, 0xd8, 0xfa, 0xa3, 0x2f,
-      0x32, 0x7e, 0x87, 0x25, 0x57, 0x69, 0x21, 0x19, 0x52, 0x99,
-      0x08, 0x17, 0xc5, 0xc2, 0x9c, 0xf8, 0x42, 0xd5, 0x27, 0x18,
-      0x2a, 0xc9, 0xd0, 0xd3, 0xa1, 0x77, 0x07, 0x38, 0x96, 0x35,
-      0x96, 0x08, 0x9e, 0x8a, 0x5f, 0x0e, 0x12, 0x9b, 0x3a, 0x7f,
-      0x3e, 0x90, 0xf4, 0xbd, 0x1f, 0x91, 0xc9, 0x91, 0xf1, 0xc7,
-      0xed, 0x0b, 0xd5, 0x0a, 0x24, 0x3a, 0x66, 0x6e, 0x53, 0x37,
-      0xf4, 0x53, 0xc5, 0xa8, 0xe2, 0xec, 0x21, 0x46, 0x7e, 0xbf,
-      0x2d, 0x74, 0x29, 0x38, 0x73, 0x7c, 0x70, 0xf0, 0x40, 0x0b,
-      0xa5, 0x79, 0xba, 0xef, 0x0c, 0x18, 0x74, 0x9f, 0x75, 0x64,
-      0x08, 0x50, 0x99, 0x3e, 0xb6, 0xf4, 0x58, 0xa2, 0x21, 0xc2,
-      0xb7, 0x80, 0xd5, 0xc2, 0xc4, 0x71, 0x47, 0x00, 0x20, 0x7e,
-      0xd1, 0xb3, 0x94, 0x44, 0x4d, 0xe6, 0xc8, 0x8a },
-    { 0x1b, 0x87, 0xf2, 0xed, 0xb8, 0x6c, 0xdb, 0xde, 0x81, 0x5f,
-      0x15, 0x65, 0x3f, 0x1d, 0x0f, 0x6c, 0xc4, 0x38, 0x76, 0x4b,
-      0xf6, 0xca, 0xae, 0x00, 0x63, 0xd0, 0xa0, 0xe9, 0x0f, 0xb1,
-      0x54, 0x38, 0x6f, 0x3c, 0x0d, 0x68, 0x88, 0x3e, 0x09, 0x72,
-      0x58, 0xfd, 0x14, 0x37, 0x6f, 0xff, 0x25, 0x4f, 0xc2, 0xca,
-      0xee, 0x3f, 0x31, 0x90, 0xb5, 0x1e, 0xc2, 0xa8, 0x9e, 0x9f,
-      0xc4, 0x05, 0x2e, 0xe1, 0xc4, 0xad, 0x91, 0x8f, 0x7e, 0x87,
-      0x2a, 0xbb, 0x0e, 0x5b, 0x34, 0xd8, 0x9b, 0xd2, 0x70, 0x3e,
-      0x6b, 0xe8, 0x4c, 0x8f, 0x2a, 0xc2, 0xd2, 0xf6, 0x57, 0xc9,
-      0x50, 0x36, 0x36, 0xb3, 0x59, 0x76, 0x89, 0x49, 0x4c, 0x5e,
-      0xb6, 0x1a, 0x8c, 0x13, 0x5f, 0x03, 0x02, 0x1f, 0xa9, 0xab,
-      0x46, 0xb9, 0x5f, 0xaf, 0xf7, 0xcb, 0x98, 0xe5, 0x14, 0x44,
-      0x00, 0x85, 0x62, 0xed, 0x1c, 0xe4, 0x73, 0x3d },
-    { 0x8e, 0x02, 0x27, 0xc4, 0x3e, 0x95, 0xbc, 0x23, 0xb2, 0x2b,
-      0x87, 0xb1, 0xc4, 0xa3, 0xe5, 0x9e, 0xbe, 0x3f, 0x3c, 0x77,
-      0x88, 0x84, 0x8a, 0x99, 0x37, 0x4b, 0xf4, 0x16, 0x97, 0x12,
-      0xa0, 0xca, 0xe2, 0x43, 0x0d, 0xe8, 0xed, 0xfc, 0xa0, 0xcc,
-      0x8d, 0xf9, 0xcb, 0x47, 0x7e, 0xb8, 0x05, 0x6d, 0x87, 0xb9,
-      0xb9, 0x4d, 0x39, 0x63, 0x29, 0x90, 0x4d, 0x62, 0x1e, 0x73,
-      0xba, 0x32, 0x23, 0xa3, 0xb0, 0x50, 0x79, 0x1e, 0x7a, 0xa8,
-      0xcc, 0x54, 0xce, 0x3e, 0x84, 0xe0, 0x2d, 0x10, 0x52, 0xc2,
-      0x07, 0x70, 0xf0, 0x7a, 0x95, 0xd6, 0x80, 0x66, 0x0e, 0x3f,
-      0x55, 0x56, 0xc4, 0x70, 0x31, 0xc6, 0x00, 0x54, 0x50, 0xbd,
-      0xc2, 0x98, 0xd1, 0xef, 0xfb, 0xac, 0xff, 0xd9, 0xdd, 0x8f,
-      0x37, 0x79, 0xa3, 0xe4, 0xb5, 0xa7, 0xce, 0x6b, 0xa7, 0x79,
-      0x35, 0x79, 0x2b, 0xbb, 0x2b, 0x0b, 0x15, 0xb1 },
-    { 0x14, 0xb1, 0x5a, 0xb5, 0x40, 0x54, 0x5d, 0x6e, 0x84, 0x8e,
-      0xcb, 0x11, 0x4e, 0xa2, 0x06, 0xbc, 0x52, 0x8e, 0x59, 0x93,
-      0x53, 0x94, 0xe9, 0x50, 0x5e, 0x9a, 0x26, 0xd3, 0x38, 0xa0,
-      0x84, 0xdb, 0x3a, 0x3c, 0x16, 0xb3, 0xbd, 0xa9, 0xf3, 0x06,
-      0xb3, 0xae, 0x38, 0x99, 0x4b, 0x7e, 0xf0, 0xe2, 0xc6, 0xf9,
-      0xdd, 0x0d, 0xa6, 0x16, 0x5e, 0x5d, 0x22, 0x8a, 0x46, 0xe4,
-      0x37, 0x8c, 0x26, 0x1d, 0xb9, 0x8e, 0xce, 0x1b, 0x0c, 0x1a,
-      0x8d, 0xeb, 0xd0, 0x0e, 0x60, 0x3a, 0xbb, 0x3f, 0x82, 0x98,
-      0x86, 0xec, 0xa7, 0x14, 0x32, 0x24, 0xb4, 0xf5, 0x1c, 0xc5,
-      0x74, 0xcb, 0x8b, 0xdc, 0xc9, 0x0c, 0xd0, 0x28, 0x33, 0xe0,
-      0x67, 0xcd, 0xca, 0xe3, 0x02, 0x17, 0x3a, 0x1f, 0xda, 0xf1,
-      0xea, 0xd7, 0xdc, 0xcd, 0x5d, 0xf5, 0xff, 0x05, 0x6e, 0xeb,
-      0x00, 0x0e, 0x22, 0xa8, 0x32, 0x10, 0x96, 0x4d },
-    { 0x74, 0x2b, 0xbe, 0xd8, 0xc4, 0x38, 0x9e, 0x2e, 0x1e, 0x16,
-      0xac, 0x76, 0x00, 0x9a, 0x55, 0xf5, 0xce, 0x57, 0xe1, 0xca,
-      0x61, 0x2b, 0x57, 0x1f, 0xcb, 0xba, 0x6e, 0x30, 0x47, 0xea,
-      0x72, 0x2f, 0xdf, 0x20, 0xe0, 0xe9, 0x4b, 0x63, 0xd7, 0x01,
-      0xdb, 0xee, 0x97, 0xa8, 0x18, 0xfb, 0xf9, 0xfa, 0xca, 0x88,
-      0x95, 0x3d, 0x60, 0x94, 0x76, 0x3c, 0xcc, 0x89, 0x6a, 0xe7,
-      0x29, 0x2e, 0x9d, 0x87, 0xd6, 0xf1, 0x8d, 0x2f, 0x3f, 0x09,
-      0xb4, 0xee, 0xc0, 0xad, 0x9f, 0xfa, 0xc8, 0x7b, 0x28, 0xe1,
-      0xa4, 0xee, 0x0d, 0xef, 0x0d, 0x5d, 0x4e, 0x05, 0x79, 0xa0,
-      0xd4, 0xe7, 0x45, 0x87, 0x08, 0x0b, 0x5f, 0x23, 0x25, 0xd9,
-      0x81, 0x76, 0xa7, 0xe0, 0x33, 0xf9, 0xb5, 0x69, 0x90, 0x72,
-      0xcb, 0x8e, 0x3d, 0xfe, 0x2b, 0xe1, 0x60, 0xfd, 0x7a, 0xa5,
-      0x0f, 0x6d, 0x86, 0xc9, 0x66, 0x4c, 0x59, 0xa2 },
-    { 0x97, 0xbd, 0x5a, 0x14, 0xb5, 0xc9, 0x41, 0x24, 0x15, 0x1e,
-      0x33, 0x08, 0xf7, 0xcd, 0xd6, 0x9b, 0x71, 0x7d, 0x1c, 0xe6,
-      0xe1, 0xec, 0xc1, 0x7c, 0xb3, 0x90, 0x8b, 0xbf, 0xb8, 0x65,
-      0xc7, 0xf9, 0xb6, 0xbc, 0x34, 0xe8, 0x7d, 0x11, 0xe4, 0x15,
-      0xed, 0x8b, 0x3d, 0xfe, 0xeb, 0x8f, 0xe0, 0xc9, 0xe6, 0xc3,
-      0x5b, 0xb3, 0x4b, 0x18, 0x7c, 0x7d, 0x4c, 0x82, 0x60, 0x57,
-      0x46, 0xe2, 0xa2, 0x78, 0xc8, 0xc2, 0xe0, 0x2d, 0x1f, 0x72,
-      0xe0, 0x11, 0x4d, 0x88, 0xd5, 0x40, 0xe3, 0x64, 0xab, 0x94,
-      0x78, 0x9d, 0xba, 0x22, 0xa9, 0xb7, 0xad, 0x78, 0x7d, 0x54,
-      0xc6, 0x4b, 0x54, 0xe6, 0x6a, 0x7d, 0xde, 0x68, 0xa6, 0xe0,
-      0x8c, 0xb5, 0xca, 0xc7, 0x07, 0xf8, 0xfa, 0x1f, 0x24, 0xd8,
-      0xca, 0x1f, 0x4b, 0xbb, 0xfd, 0x5b, 0xc1, 0x64, 0x3a, 0xbf,
-      0x23, 0xea, 0x86, 0xdc, 0xc1, 0xdc, 0x2c, 0x73 },
-    { 0x31, 0x7c, 0x6d, 0x31, 0x48, 0xcc, 0x54, 0x69, 0xf8, 0x92,
-      0xc5, 0x8c, 0x86, 0x4f, 0xba, 0x2e, 0x50, 0xf5, 0x3b, 0xe4,
-      0xa6, 0x42, 0x4c, 0x2a, 0x4d, 0x63, 0x36, 0x7a, 0xff, 0xab,
-      0xda, 0x18, 0xf0, 0x53, 0xe8, 0x48, 0x0c, 0xec, 0x8b, 0x9a,
-      0xb0, 0xd9, 0xb9, 0xba, 0x26, 0xf8, 0x30, 0x5f, 0x03, 0x89,
-      0xbb, 0xd8, 0xca, 0x60, 0x13, 0xc3, 0xaf, 0x77, 0xd2, 0xd1,
-      0x0a, 0x8a, 0x0a, 0xf4, 0x52, 0xe8, 0x4c, 0x5f, 0xa2, 0x0c,
-      0x8b, 0x96, 0x9d, 0xf7, 0x6b, 0x9b, 0x58, 0x2d, 0xe7, 0x5f,
-      0xce, 0x84, 0x35, 0xa8, 0x55, 0x0f, 0x29, 0xd8, 0xb4, 0xf1,
-      0x5f, 0x52, 0xc7, 0x2a, 0x45, 0xf4, 0xb8, 0xb4, 0x93, 0x74,
-      0x5a, 0xbb, 0xbf, 0xdd, 0x7e, 0x52, 0xe5, 0x5b, 0xe6, 0x5e,
-      0x91, 0xe5, 0x70, 0x3d, 0x4b, 0x6d, 0xdd, 0x42, 0xc4, 0x0e,
-      0xe0, 0x1c, 0x62, 0xfe, 0x81, 0xe8, 0x28, 0x61 },
-    { 0x6a, 0xe5, 0x97, 0x39, 0x9d, 0xa0, 0xb8, 0xfd, 0x45, 0x16,
-      0x51, 0xf0, 0xee, 0x3d, 0x3f, 0x17, 0x9c, 0xc3, 0x48, 0x3c,
-      0x1d, 0x90, 0x63, 0x0b, 0x37, 0x69, 0x79, 0x6a, 0xc2, 0x76,
-      0x3c, 0x30, 0x49, 0x02, 0x22, 0x79, 0x52, 0x5f, 0x86, 0x36,
-      0xf9, 0xd7, 0x06, 0x41, 0xec, 0xcb, 0xc1, 0x1c, 0xfc, 0x1a,
-      0xe3, 0xf5, 0xef, 0xbe, 0x40, 0x08, 0x6d, 0xb9, 0x6d, 0x16,
-      0xdc, 0x3f, 0x49, 0xda, 0xe9, 0xa1, 0xd2, 0x7f, 0x02, 0x2d,
-      0xe1, 0x81, 0x59, 0xaf, 0xce, 0x48, 0x11, 0x0e, 0x0d, 0x6e,
-      0xa0, 0x14, 0x6b, 0x5a, 0x41, 0x25, 0x2a, 0x19, 0x7f, 0xbe,
-      0xf6, 0x8a, 0x71, 0x8e, 0xb2, 0x3d, 0x6b, 0x01, 0x40, 0x2f,
-      0xe0, 0xc1, 0x0e, 0xa0, 0x8d, 0x5d, 0x20, 0x22, 0xff, 0x20,
-      0x40, 0x8f, 0x55, 0x24, 0x0b, 0xc9, 0x31, 0x0f, 0xac, 0xae,
-      0x0c, 0x35, 0x25, 0xb0, 0x2c, 0xb7, 0xd4, 0x2b },
-    { 0x66, 0x49, 0x04, 0x8d, 0xbc, 0x63, 0xfe, 0x72, 0xa8, 0x4e,
-      0xe5, 0xf1, 0xe7, 0x44, 0xb8, 0x2b, 0x9e, 0xf9, 0xcf, 0x3e,
-      0xf1, 0x51, 0xa7, 0x26, 0x8a, 0x85, 0x95, 0xb2, 0xfa, 0x2a,
-      0xff, 0xfc, 0x8f, 0xe7, 0x3b, 0xff, 0x97, 0xb6, 0x49, 0x7e,
-      0x28, 0x88, 0x05, 0x34, 0xd3, 0x46, 0xf2, 0x14, 0x1a, 0x89,
-      0xae, 0x22, 0xd6, 0xcf, 0x00, 0x7a, 0xb0, 0xff, 0x72, 0x26,
-      0x2d, 0x97, 0xa7, 0x74, 0xee, 0x26, 0x1f, 0xb1, 0x5a, 0x2a,
-      0xfa, 0x4c, 0xc5, 0x64, 0x86, 0x1f, 0xfd, 0x5f, 0x87, 0xb7,
-      0xcf, 0x2c, 0x5b, 0x59, 0x8e, 0x61, 0xf9, 0x44, 0xc0, 0x6f,
-      0x4a, 0x85, 0x4e, 0x0c, 0x33, 0x89, 0x1d, 0x5f, 0x23, 0x2a,
-      0x5e, 0xfd, 0x55, 0xbe, 0xb6, 0x25, 0x4b, 0xd5, 0x07, 0x94,
-      0x93, 0x6c, 0x20, 0x75, 0x42, 0x29, 0x30, 0xb1, 0x73, 0xd8,
-      0x57, 0xb1, 0x3b, 0xc7, 0xbf, 0xf4, 0xd2, 0xee },
-    { 0x4e, 0xb9, 0x3b, 0x5c, 0xf3, 0xfa, 0x49, 0xec, 0x6f, 0x2d,
-      0x7a, 0xda, 0x0f, 0x13, 0x87, 0x3a, 0x3e, 0x0e, 0x98, 0xe2,
-      0xa9, 0x3b, 0x0d, 0xe4, 0x96, 0xf0, 0x52, 0x6d, 0x16, 0xab,
-      0xed, 0xdd, 0x2c, 0x9c, 0x1c, 0xc1, 0x83, 0xf0, 0xf1, 0xc9,
-      0xfa, 0x17, 0x63, 0x77, 0xef, 0x6b, 0x1e, 0x86, 0x48, 0xb7,
-      0x93, 0x56, 0xcf, 0x6c, 0x80, 0xc7, 0x09, 0x13, 0x6a, 0x6e,
-      0x28, 0x30, 0xec, 0xe2, 0x85, 0x06, 0xab, 0x37, 0x9c, 0x58,
-      0x1e, 0x46, 0xdc, 0xcc, 0xbf, 0xb5, 0x7d, 0x65, 0x48, 0x68,
-      0x31, 0x8d, 0xbc, 0x70, 0x34, 0xb0, 0xab, 0x0b, 0x5a, 0x03,
-      0x2f, 0x8a, 0xa2, 0x9b, 0xe3, 0xdb, 0x4a, 0x6d, 0xd2, 0x26,
-      0xbf, 0xfc, 0x14, 0x8e, 0x81, 0x49, 0x3d, 0x9f, 0xfa, 0xb5,
-      0x22, 0x6f, 0xd4, 0x7b, 0x0b, 0xd8, 0x25, 0xaa, 0xda, 0xa0,
-      0x91, 0xb7, 0xbb, 0x78, 0x1e, 0x8b, 0x76, 0x0d },
-    { 0x2b, 0x58, 0x2d, 0x93, 0x7c, 0x04, 0x3f, 0x68, 0xcd, 0xf5,
-      0xc9, 0x0b, 0xc7, 0x00, 0x1c, 0xc8, 0x53, 0xe7, 0x81, 0xde,
-      0x86, 0x80, 0x41, 0x72, 0x56, 0x05, 0xe2, 0x23, 0xe9, 0xc6,
-      0xc4, 0xe0, 0xbf, 0x56, 0x54, 0x06, 0xa1, 0x9d, 0x48, 0xb6,
-      0x82, 0xcf, 0xfd, 0xb3, 0xd9, 0x9f, 0x0c, 0x16, 0x18, 0x9a,
-      0x5c, 0xc8, 0xbd, 0x8a, 0x68, 0x78, 0x12, 0xae, 0xef, 0xef,
-      0xef, 0x3d, 0x51, 0x73, 0x93, 0x1c, 0x3f, 0x52, 0x75, 0x87,
-      0x8a, 0x2a, 0xaf, 0xbb, 0xb6, 0x85, 0xfd, 0x33, 0x67, 0x6f,
-      0x82, 0x22, 0x24, 0x19, 0xc1, 0x3c, 0xa2, 0xca, 0xbb, 0x9e,
-      0x88, 0x97, 0x05, 0xba, 0x00, 0x68, 0x1d, 0x84, 0x9a, 0x57,
-      0x55, 0x52, 0x79, 0xb7, 0x1b, 0x00, 0x14, 0xdf, 0x49, 0x1c,
-      0x3f, 0x6f, 0xd1, 0x3d, 0x74, 0xf5, 0xc4, 0x02, 0x3f, 0x51,
-      0xbd, 0x89, 0xf7, 0xe5, 0xe1, 0x1f, 0xae, 0x32 },
-    { 0x78, 0x61, 0x51, 0x09, 0x86, 0x2d, 0xb4, 0xc0, 0x4f, 0xa4,
-      0x9c, 0xe3, 0xfa, 0x57, 0x4a, 0xfd, 0xc1, 0xd8, 0xeb, 0x48,
-      0xeb, 0x7c, 0xee, 0x9a, 0x4b, 0xee, 0x10, 0xd7, 0xb3, 0xf2,
-      0xf7, 0xaa, 0xfe, 0x8e, 0x33, 0xcd, 0xe9, 0x3a, 0xcf, 0xcd,
-      0x91, 0x5c, 0x3d, 0x06, 0xf5, 0x08, 0x64, 0xa3, 0x71, 0xcb,
-      0x93, 0x6b, 0x83, 0x1e, 0xdd, 0xfb, 0xa8, 0xe3, 0x92, 0x64,
-      0x9e, 0x34, 0x8c, 0x09, 0xce, 0xed, 0x17, 0x2c, 0x2f, 0x11,
-      0xc4, 0x1c, 0x85, 0xe2, 0x11, 0x03, 0xd9, 0xef, 0xf3, 0x2a,
-      0x78, 0x75, 0x0d, 0xb4, 0xc9, 0x8d, 0xbd, 0xd5, 0xdc, 0xba,
-      0xc9, 0xf3, 0xb5, 0x7f, 0xa2, 0x1c, 0x5d, 0x60, 0x38, 0x26,
-      0x54, 0x77, 0x65, 0x06, 0xc0, 0x97, 0xb3, 0xd2, 0x07, 0xff,
-      0xf6, 0x6f, 0xa7, 0x33, 0x80, 0xf5, 0xe2, 0xb6, 0x9e, 0xca,
-      0xa1, 0x16, 0x5c, 0x82, 0x81, 0xab, 0xc2, 0xae },
-    { 0x54, 0x0b, 0x6b, 0xb7, 0x6b, 0xc9, 0xc0, 0x25, 0x9f, 0x9a,
-      0x28, 0xab, 0x84, 0x16, 0x1c, 0x68, 0x6d, 0x51, 0xf9, 0x3c,
-      0x3a, 0xa9, 0x56, 0xf9, 0xb4, 0xd8, 0x0e, 0xc0, 0xc3, 0xaf,
-      0xa2, 0xcf, 0x64, 0x37, 0x36, 0x05, 0x54, 0x28, 0xde, 0xb5,
-      0x0c, 0x8a, 0xdc, 0x05, 0x34, 0x37, 0x4c, 0x20, 0x18, 0xd4,
-      0x04, 0xe4, 0x67, 0xb8, 0xe8, 0x7b, 0x57, 0xb7, 0x8b, 0x93,
-      0x8e, 0xec, 0x6e, 0x1e, 0x9b, 0x0a, 0x43, 0xee, 0x28, 0x4d,
-      0x3c, 0xcf, 0xbb, 0xe4, 0xed, 0x12, 0xf4, 0x27, 0xef, 0x5a,
-      0x7a, 0x14, 0xcf, 0xfe, 0x82, 0xbd, 0x5f, 0xcd, 0x2a, 0x3a,
-      0x43, 0x97, 0xd7, 0xcd, 0xbb, 0x24, 0x37, 0x9a, 0xe0, 0x94,
-      0x51, 0xb4, 0xf1, 0xab, 0xc7, 0x6e, 0xe1, 0xe8, 0xf8, 0xc3,
-      0xa4, 0x54, 0x63, 0x1a, 0xa1, 0x44, 0xfd, 0x0f, 0x0d, 0xa5,
-      0x3f, 0xe3, 0xf4, 0x80, 0x7a, 0xe7, 0x2c, 0x21 },
-    { 0x89, 0x7c, 0xab, 0x14, 0x92, 0xe0, 0x38, 0x8c, 0x2c, 0xa2,
-      0x58, 0x67, 0x52, 0xdd, 0x50, 0xf6, 0xe1, 0xc2, 0x87, 0x76,
-      0x5e, 0x20, 0xe8, 0x18, 0x3d, 0xb7, 0xd1, 0xa3, 0x44, 0x61,
-      0xcd, 0x29, 0xe0, 0xb5, 0x05, 0xa1, 0x75, 0x02, 0x05, 0x38,
-      0xf6, 0x9d, 0x98, 0xf0, 0x7c, 0xad, 0xf0, 0xe9, 0xdc, 0xe7,
-      0xda, 0xbe, 0x0c, 0x92, 0x4d, 0x60, 0x2a, 0x97, 0x3d, 0x97,
-      0xaa, 0xbf, 0x65, 0x85, 0x43, 0xaf, 0xbc, 0x78, 0xea, 0x36,
-      0x2f, 0x45, 0x43, 0x6d, 0xb2, 0x93, 0x1d, 0x62, 0x98, 0xeb,
-      0x2e, 0x4a, 0x83, 0x7e, 0xb9, 0xbc, 0x53, 0xde, 0x6a, 0x21,
-      0xe9, 0xad, 0x58, 0x77, 0x57, 0x0f, 0x1f, 0xb0, 0x7a, 0x49,
-      0xac, 0xdc, 0x78, 0x9a, 0xea, 0xfa, 0xe1, 0x45, 0xbb, 0xa8,
-      0xcd, 0x81, 0x4e, 0xf5, 0x66, 0x12, 0xd8, 0x6e, 0x05, 0xd0,
-      0x04, 0xe1, 0x73, 0x4c, 0x32, 0x1d, 0x31, 0x5d },
-    { 0x64, 0xb0, 0x07, 0x63, 0x47, 0x6b, 0x0e, 0xc5, 0xdc, 0x62,
-      0xc4, 0xa4, 0xff, 0xf6, 0x73, 0xaa, 0x2f, 0xf4, 0x7d, 0xac,
-      0x30, 0xeb, 0x93, 0xa5, 0x2c, 0x82, 0x2e, 0x67, 0x20, 0xa5,
-      0x18, 0x2d, 0xab, 0x90, 0x6b, 0xa3, 0xbf, 0x6c, 0xd9, 0x49,
-      0x82, 0xf6, 0x29, 0xaa, 0xa6, 0xc2, 0x4f, 0xa6, 0x56, 0x4f,
-      0x2a, 0x4d, 0xcf, 0x0a, 0xc9, 0x3e, 0x44, 0xf8, 0xf7, 0xfb,
-      0x14, 0xfa, 0x88, 0xd2, 0xd8, 0x83, 0x62, 0x8b, 0x6c, 0x91,
-      0x2f, 0xe0, 0x70, 0xd2, 0xed, 0x84, 0x0d, 0x1a, 0x83, 0x1e,
-      0x74, 0x98, 0x4b, 0x11, 0xf3, 0x83, 0x37, 0x1c, 0x44, 0x92,
-      0x81, 0x05, 0xb9, 0x74, 0x11, 0xa0, 0x86, 0xad, 0x0d, 0x3a,
-      0x7a, 0xc8, 0x96, 0x74, 0x06, 0x87, 0xbf, 0x2c, 0x40, 0x58,
-      0x14, 0x15, 0xc1, 0x1d, 0x36, 0x4c, 0xa4, 0x38, 0x20, 0x0a,
-      0x59, 0xed, 0x38, 0x13, 0x0d, 0x8b, 0xab, 0x8a },
-    { 0x7d, 0xd2, 0x2e, 0xa6, 0x66, 0x18, 0xed, 0x8c, 0x29, 0x1f,
-      0xb8, 0x2c, 0x09, 0xe5, 0x0e, 0x84, 0x25, 0x55, 0x94, 0x24,
-      0x19, 0xd6, 0x8e, 0x36, 0xe3, 0x92, 0x51, 0x53, 0x57, 0x6c,
-      0xa9, 0x64, 0x0b, 0x52, 0xc3, 0x9f, 0xb0, 0x70, 0xa2, 0x93,
-      0x80, 0x17, 0x8b, 0x12, 0xc2, 0x37, 0x00, 0x2a, 0xfb, 0xc7,
-      0x6f, 0x56, 0xe1, 0x21, 0x7a, 0x95, 0x42, 0xda, 0xf0, 0xbb,
-      0x9e, 0xf5, 0x55, 0x1c, 0x21, 0x7c, 0xab, 0x32, 0xc3, 0x9b,
-      0x5a, 0xcf, 0x3f, 0x8f, 0xc0, 0x9d, 0xdc, 0x08, 0x4e, 0x01,
-      0xd8, 0x78, 0x49, 0x35, 0x01, 0xec, 0x5c, 0xf1, 0xcc, 0xfd,
-      0x3b, 0x33, 0xce, 0x26, 0xca, 0xd0, 0x7c, 0xe7, 0xf4, 0xc4,
-      0x07, 0x38, 0xee, 0xd4, 0xc7, 0xf1, 0x3e, 0x29, 0x6c, 0x25,
-      0x36, 0x93, 0xb1, 0xdb, 0x7f, 0x73, 0xb7, 0xef, 0x99, 0x52,
-      0x1e, 0x3f, 0x53, 0x3e, 0xb3, 0xc9, 0xa4, 0x04 },
-    { 0x31, 0x37, 0x7c, 0x66, 0x5f, 0x18, 0xfc, 0xc8, 0x95, 0x59,
-      0xc8, 0x8a, 0xb1, 0x3b, 0x74, 0x89, 0x5c, 0x8f, 0x98, 0xfc,
-      0x51, 0xca, 0xdf, 0x0f, 0x68, 0x5f, 0xf9, 0x4b, 0xbd, 0x3b,
-      0x9d, 0x82, 0x95, 0xf9, 0x49, 0x30, 0xda, 0xc6, 0xf7, 0x90,
-      0x60, 0xaf, 0xd4, 0x47, 0xb6, 0xf6, 0xa9, 0x16, 0x41, 0x64,
-      0x03, 0xc1, 0x14, 0x14, 0xa4, 0x85, 0x67, 0xa9, 0xf6, 0x33,
-      0x20, 0x1a, 0x42, 0x37, 0x6b, 0x0d, 0x3d, 0xdd, 0x83, 0x24,
-      0x7b, 0x72, 0x8c, 0xf4, 0xeb, 0x32, 0x82, 0xe5, 0x74, 0x2b,
-      0x39, 0xa1, 0x48, 0x92, 0x96, 0x95, 0x7f, 0x34, 0x2c, 0x75,
-      0xd4, 0xb9, 0x30, 0x63, 0x57, 0x18, 0x95, 0x6d, 0x7f, 0x26,
-      0xe5, 0x12, 0x77, 0xfc, 0x1e, 0x6e, 0xe5, 0x37, 0x9f, 0x5a,
-      0x84, 0x5a, 0xde, 0x0c, 0xc7, 0x04, 0x55, 0x62, 0xfb, 0x25,
-      0x7f, 0xfe, 0x84, 0x4b, 0x49, 0xcb, 0xb3, 0xbf },
-    { 0x3d, 0xac, 0xc5, 0x0c, 0xa1, 0x1e, 0x52, 0x71, 0x3a, 0x5f,
-      0xd6, 0x95, 0x58, 0x7e, 0xda, 0xbd, 0xef, 0x45, 0x42, 0x3c,
-      0x64, 0x8a, 0x01, 0x79, 0xe2, 0x89, 0xd0, 0x24, 0x0c, 0x8f,
-      0x45, 0x24, 0xb3, 0x5a, 0x98, 0x24, 0x00, 0xd5, 0xe4, 0x67,
-      0xd8, 0xf9, 0x93, 0xb6, 0x05, 0x62, 0x4d, 0xd2, 0xfc, 0xf3,
-      0x64, 0xfa, 0xa9, 0x50, 0x70, 0xe0, 0x44, 0x09, 0x76, 0x63,
-      0x03, 0xd3, 0xe6, 0x0a, 0xe5, 0x2e, 0xfb, 0x53, 0x69, 0xe9,
-      0x0a, 0x6f, 0x43, 0x98, 0x80, 0xcf, 0x25, 0x96, 0xda, 0xd2,
-      0x75, 0x2e, 0xd1, 0x59, 0x71, 0xbf, 0xe6, 0x07, 0x9d, 0x95,
-      0xcd, 0x4f, 0xb0, 0x9a, 0x19, 0xb5, 0x0c, 0x2d, 0xd4, 0x8a,
-      0xf7, 0xb4, 0xb3, 0x75, 0x7e, 0x93, 0xe8, 0x5d, 0x75, 0x76,
-      0xcb, 0x63, 0x2d, 0xcc, 0xca, 0x9f, 0x01, 0xcc, 0x36, 0xf8,
-      0x35, 0xc5, 0xde, 0x09, 0x7d, 0xcf, 0xb3, 0x5f },
-    { 0x86, 0x69, 0x49, 0xe1, 0x69, 0x47, 0x44, 0xf7, 0x46, 0x9b,
-      0x75, 0x61, 0x23, 0x24, 0x8a, 0x31, 0xbe, 0xd3, 0xf2, 0xc3,
-      0xe0, 0x69, 0xdf, 0x05, 0x5d, 0xd2, 0xdf, 0x7a, 0x60, 0xdf,
-      0x19, 0x4d, 0xcd, 0x1e, 0xfd, 0xb4, 0xf3, 0xe9, 0xdf, 0x64,
-      0x6f, 0xd5, 0x76, 0x87, 0xf9, 0xdd, 0x9f, 0x0a, 0x7a, 0xb2,
-      0x44, 0x04, 0xb1, 0x7b, 0x28, 0x42, 0xe5, 0x1a, 0x0d, 0x53,
-      0x88, 0x07, 0xf3, 0xa0, 0x0a, 0x9b, 0xa3, 0x85, 0xb9, 0xbf,
-      0xd2, 0xfb, 0xf3, 0xfb, 0x62, 0x10, 0xae, 0xc2, 0x3e, 0xaf,
-      0xf7, 0xb7, 0xb9, 0xba, 0xdf, 0x1c, 0xdb, 0x49, 0xf3, 0x5e,
-      0x45, 0x18, 0xaa, 0x28, 0x6f, 0xd0, 0xb6, 0xc6, 0x4d, 0x28,
-      0xd8, 0x48, 0x1e, 0x45, 0x80, 0x7f, 0x5c, 0xe9, 0xbe, 0x78,
-      0x2e, 0x8a, 0xa4, 0x6d, 0xcb, 0xe1, 0x70, 0x53, 0xc5, 0x27,
-      0xcb, 0x3e, 0x4f, 0x94, 0x64, 0x99, 0xae, 0x4c },
-    { 0x57, 0x43, 0x52, 0xb8, 0x8b, 0x1f, 0xa5, 0x98, 0xdc, 0x38,
-      0x84, 0xff, 0x5b, 0x08, 0x31, 0x77, 0xc2, 0xd3, 0x83, 0x73,
-      0x94, 0xf7, 0xec, 0x4e, 0x37, 0xa5, 0x05, 0x69, 0xc2, 0x95,
-      0xdc, 0x46, 0xfa, 0x84, 0x4e, 0xb0, 0x7b, 0x96, 0xd4, 0x80,
-      0x0d, 0x2b, 0x84, 0x1b, 0x33, 0x29, 0xdb, 0x82, 0x85, 0x2d,
-      0x44, 0x35, 0x4e, 0x2d, 0x5d, 0xd0, 0xd7, 0x9d, 0xb1, 0xbb,
-      0xd7, 0x4c, 0x70, 0x91, 0x3b, 0x66, 0x4b, 0x1e, 0x7d, 0x08,
-      0x77, 0xb5, 0x50, 0x01, 0x39, 0x4e, 0x99, 0x0c, 0x03, 0xa0,
-      0x38, 0x59, 0x8e, 0xa1, 0x06, 0x6c, 0xb4, 0xd7, 0x93, 0xaf,
-      0x1f, 0xbd, 0xd3, 0xb2, 0x18, 0xab, 0xc9, 0x58, 0x1c, 0x3e,
-      0x84, 0x8e, 0x3d, 0x58, 0x0c, 0x92, 0xe9, 0x21, 0xb2, 0x3c,
-      0xf2, 0x90, 0x2c, 0xd6, 0xf3, 0x33, 0xf5, 0x4a, 0x6f, 0xbf,
-      0x3a, 0x9a, 0x0d, 0xa5, 0x3f, 0x4a, 0xb0, 0x7a },
-    { 0x3e, 0x43, 0x1a, 0xf2, 0x06, 0xae, 0x3c, 0x4f, 0x24, 0x18,
-      0xc6, 0x24, 0xd3, 0xb6, 0xa3, 0xa1, 0x38, 0x84, 0xd5, 0xd8,
-      0xf8, 0x53, 0xa9, 0x4e, 0x5f, 0xcb, 0xcc, 0x09, 0x69, 0x96,
-      0x01, 0x1a, 0x44, 0x45, 0x21, 0xa1, 0x09, 0x9f, 0x68, 0x73,
-      0x3f, 0x20, 0x43, 0x40, 0xd2, 0x94, 0x64, 0x93, 0x25, 0x3a,
-      0x3a, 0x69, 0xf0, 0xd6, 0x78, 0x2b, 0xa9, 0x63, 0x35, 0xbc,
-      0x09, 0x1c, 0x19, 0xeb, 0x4e, 0x76, 0x48, 0xc7, 0x61, 0xc2,
-      0x20, 0x1d, 0x99, 0x6c, 0xca, 0xf0, 0xde, 0x20, 0x28, 0xd8,
-      0x2e, 0xc2, 0x7e, 0x49, 0x28, 0x59, 0x85, 0xdf, 0x8a, 0x84,
-      0xec, 0x00, 0xba, 0xa7, 0x01, 0x98, 0xdd, 0x9d, 0xa8, 0x60,
-      0x78, 0x27, 0x0d, 0x56, 0x7c, 0x44, 0xab, 0x59, 0x7b, 0xe6,
-      0x5f, 0xd0, 0x3c, 0x19, 0xfd, 0x26, 0x0b, 0x48, 0x7e, 0xaf,
-      0xed, 0x21, 0x93, 0xf7, 0x0d, 0x5d, 0x7c, 0xe9 },
-    { 0x6d, 0xad, 0x3f, 0x15, 0xe2, 0x66, 0x4d, 0x35, 0x1c, 0x3d,
-      0x7d, 0x82, 0xa2, 0x03, 0xce, 0xf1, 0x8a, 0x0f, 0xbb, 0xd1,
-      0x86, 0xbb, 0xfa, 0x41, 0xf2, 0x69, 0x31, 0xba, 0xad, 0x89,
-      0x6c, 0x2a, 0xcd, 0x57, 0x76, 0x66, 0x53, 0xbb, 0xb3, 0x43,
-      0x4f, 0x1c, 0x96, 0x86, 0x11, 0xe9, 0x35, 0xc5, 0x7f, 0xc2,
-      0xa3, 0xed, 0x85, 0x1e, 0xe4, 0x1e, 0xfd, 0x1b, 0xfe, 0x44,
-      0x1a, 0x94, 0x2f, 0x7d, 0x33, 0x6a, 0x4f, 0xda, 0xae, 0xfd,
-      0xb6, 0x46, 0xd0, 0x90, 0xa6, 0xa3, 0xaa, 0x45, 0x6d, 0x6f,
-      0xfe, 0xb2, 0xaf, 0xa6, 0x36, 0xf0, 0xb7, 0x55, 0x43, 0xae,
-      0x07, 0x41, 0xd9, 0x2f, 0x29, 0x00, 0xa8, 0x6d, 0x15, 0x98,
-      0x50, 0x93, 0xa6, 0xd3, 0xbf, 0x3a, 0xf4, 0xd0, 0x54, 0x41,
-      0x07, 0x68, 0x36, 0x50, 0x1a, 0xae, 0xd0, 0xc0, 0x33, 0xc3,
-      0xf9, 0x67, 0xd9, 0x39, 0x83, 0xd3, 0x81, 0xf1 },
-    { 0x24, 0x38, 0xe9, 0xd4, 0x5f, 0x51, 0x7a, 0x3f, 0xc8, 0x7a,
-      0x53, 0x90, 0x27, 0xd2, 0xd5, 0x5f, 0xfc, 0x3e, 0xe7, 0xc6,
-      0x0b, 0xff, 0x83, 0x7c, 0x56, 0x59, 0x0b, 0xa4, 0x93, 0x83,
-      0xd2, 0xd3, 0x08, 0xe5, 0x84, 0x48, 0x67, 0x23, 0x75, 0xc5,
-      0x11, 0x09, 0xa6, 0x13, 0xdf, 0x3a, 0x8d, 0xc3, 0x51, 0x7f,
-      0x2f, 0x1d, 0xbe, 0xbd, 0x01, 0x29, 0xb0, 0x69, 0x59, 0x9d,
-      0xf8, 0x95, 0x8c, 0x6f, 0x7a, 0x41, 0x40, 0x21, 0x71, 0x98,
-      0xb2, 0x1b, 0x97, 0x4a, 0x9f, 0x03, 0x8c, 0x0a, 0xcb, 0xa7,
-      0x06, 0x1b, 0xc9, 0x26, 0xc3, 0xd9, 0x6a, 0x19, 0x15, 0x09,
-      0x0f, 0x55, 0xd9, 0x90, 0x3c, 0x43, 0x5e, 0x76, 0x90, 0x4a,
-      0x33, 0xc5, 0x8e, 0xb6, 0x2c, 0xc2, 0x78, 0xc6, 0xf1, 0x33,
-      0x21, 0xd5, 0x62, 0x19, 0xc5, 0xb6, 0xe7, 0xdf, 0xb1, 0x28,
-      0xd1, 0x94, 0x0b, 0x7d, 0x12, 0xec, 0x35, 0xa1 },
-    { 0x13, 0xf3, 0x90, 0x11, 0xaf, 0xe3, 0x0e, 0x01, 0x00, 0xa8,
-      0xb7, 0xb2, 0x96, 0x20, 0x0e, 0x67, 0x9d, 0x2a, 0x97, 0xcd,
-      0xff, 0x79, 0x5b, 0xb3, 0xf4, 0xad, 0xa5, 0x11, 0xbd, 0x41,
-      0x6b, 0x67, 0xdd, 0xb4, 0x7c, 0x73, 0x68, 0xf1, 0xf7, 0xf2,
-      0x8b, 0x33, 0xef, 0x46, 0x2a, 0x51, 0x34, 0x90, 0xf1, 0xb4,
-      0x63, 0x3c, 0xd7, 0x70, 0x1f, 0x5b, 0x20, 0x5b, 0x4c, 0x89,
-      0x1b, 0xe2, 0x81, 0xcb, 0x71, 0x50, 0xe0, 0x4b, 0x6b, 0xbc,
-      0x4f, 0xb1, 0xf7, 0x37, 0xc3, 0xc2, 0xf1, 0xda, 0x60, 0x10,
-      0x6f, 0x14, 0x42, 0x9c, 0xd0, 0xb3, 0xe2, 0x31, 0xbd, 0x0d,
-      0xac, 0x54, 0xe6, 0x3f, 0x24, 0x90, 0x61, 0xc6, 0x1d, 0x94,
-      0x12, 0xe5, 0x1e, 0xb5, 0xae, 0xf1, 0xcd, 0xc9, 0x97, 0xb6,
-      0x5d, 0xdf, 0xe5, 0x5f, 0x1a, 0x32, 0xf3, 0xc9, 0xbe, 0xd5,
-      0xc4, 0xa4, 0x53, 0x08, 0x88, 0x15, 0xaf, 0x3c },
-    { 0x45, 0x8d, 0x4b, 0x6b, 0x68, 0x07, 0x03, 0xb6, 0x17, 0xa7,
-      0xce, 0x24, 0xcb, 0xda, 0x1b, 0x0b, 0x29, 0x84, 0x66, 0xd4,
-      0x72, 0x2b, 0x7b, 0xc9, 0xbc, 0x07, 0x5b, 0x73, 0xd8, 0xc4,
-      0xba, 0x8b, 0x33, 0xdd, 0x77, 0xa0, 0x1c, 0xf2, 0xb8, 0x66,
-      0x24, 0x97, 0xe0, 0xbf, 0xa4, 0xd8, 0xd0, 0x18, 0xfe, 0x31,
-      0x1a, 0xd0, 0x1b, 0xbd, 0xa0, 0x05, 0xce, 0xea, 0x99, 0xd5,
-      0x56, 0x41, 0x51, 0x10, 0x29, 0x3b, 0xb5, 0xe7, 0x53, 0x5c,
-      0x5d, 0x0b, 0x2a, 0x83, 0x8c, 0xa8, 0x26, 0x3b, 0x60, 0x62,
-      0x3f, 0x90, 0xd7, 0x10, 0x68, 0xc0, 0xe5, 0x84, 0xcb, 0xb8,
-      0x30, 0x24, 0x99, 0x80, 0x45, 0xdf, 0xde, 0x8d, 0x80, 0x45,
-      0x26, 0x8b, 0xca, 0x77, 0xf8, 0x79, 0x30, 0x68, 0x1c, 0x9a,
-      0x51, 0x5a, 0x50, 0x61, 0x10, 0xf3, 0x4a, 0x29, 0xff, 0x46,
-      0x3d, 0xd2, 0x96, 0xef, 0x7b, 0xd0, 0xc8, 0x27 },
-    { 0x5f, 0x13, 0xf5, 0xfa, 0xb6, 0xfb, 0xbf, 0x91, 0x62, 0x8e,
-      0x3b, 0x06, 0x56, 0x68, 0xf9, 0x5c, 0x00, 0xae, 0x04, 0x57,
-      0x62, 0x4d, 0xb0, 0x1a, 0x32, 0x59, 0xef, 0x18, 0x2f, 0x72,
-      0x55, 0x6b, 0x68, 0xef, 0x0b, 0x70, 0x8f, 0x27, 0xd4, 0x9f,
-      0x21, 0xae, 0x03, 0x19, 0x97, 0x84, 0x70, 0x64, 0xfe, 0x5b,
-      0x5c, 0xb5, 0x85, 0xc9, 0xeb, 0x8a, 0x3e, 0xfc, 0x2e, 0x9b,
-      0x1b, 0x48, 0x20, 0xc3, 0xea, 0xe9, 0x5e, 0xa5, 0x99, 0x23,
-      0x02, 0x20, 0xe1, 0x0a, 0x14, 0x49, 0xa1, 0xb3, 0x64, 0x10,
-      0x46, 0xb9, 0xb0, 0x00, 0x73, 0x04, 0x02, 0xbd, 0x18, 0x12,
-      0xe8, 0x19, 0x36, 0x94, 0xd0, 0x0d, 0x7a, 0x4a, 0xdc, 0x3c,
-      0x2f, 0x65, 0x49, 0xa8, 0x69, 0x8b, 0x58, 0x58, 0xf9, 0x94,
-      0xf7, 0x00, 0x05, 0xa5, 0x69, 0x6e, 0x4d, 0x32, 0x0a, 0x0d,
-      0x8a, 0x26, 0xa2, 0x0e, 0x4d, 0x54, 0xd8, 0xb2 },
-    { 0x21, 0x96, 0x49, 0x5d, 0xa3, 0x7b, 0xa4, 0xa2, 0x11, 0x62,
-      0x5a, 0x44, 0x05, 0xf8, 0x02, 0xf6, 0x35, 0x0d, 0xc5, 0x65,
-      0x6f, 0x5a, 0x17, 0x4d, 0x7c, 0x0a, 0x3c, 0x53, 0x17, 0x71,
-      0x3a, 0x1a, 0x37, 0xc9, 0xe3, 0xa2, 0xe8, 0x03, 0xe6, 0x9c,
-      0x90, 0xac, 0xb2, 0x90, 0x25, 0xce, 0xc9, 0x9c, 0x73, 0x71,
-      0x3e, 0x66, 0x55, 0xbf, 0x1c, 0xa7, 0x0e, 0xed, 0x92, 0xdf,
-      0x6b, 0x9c, 0x48, 0x2d, 0xfd, 0xf0, 0xec, 0xe7, 0xc3, 0x59,
-      0x89, 0xca, 0x1f, 0x0f, 0xdf, 0x17, 0x7d, 0x11, 0x67, 0x4e,
-      0xf7, 0x41, 0xc8, 0xf2, 0x29, 0x0d, 0xf0, 0x5c, 0xc4, 0xd3,
-      0x31, 0x7b, 0x68, 0x21, 0x7f, 0xfd, 0xde, 0xfa, 0x6a, 0xbc,
-      0x9a, 0x66, 0xe3, 0xab, 0xea, 0x66, 0xbf, 0x88, 0xea, 0x8b,
-      0x36, 0x77, 0xae, 0xa1, 0xbd, 0xe9, 0x6f, 0x88, 0x3e, 0xc8,
-      0x7c, 0x6e, 0xd9, 0xae, 0x3a, 0x9b, 0x0d, 0xc6 },
-    { 0x93, 0xad, 0x0e, 0xb0, 0x04, 0x47, 0x5f, 0x08, 0x29, 0x71,
-      0xce, 0xa7, 0x3d, 0x56, 0xfa, 0x62, 0x5a, 0xa0, 0xc4, 0x7d,
-      0x6c, 0xe5, 0x48, 0xa0, 0x04, 0xa1, 0x79, 0x40, 0xd2, 0x18,
-      0x97, 0xc1, 0x33, 0xef, 0x7b, 0xc3, 0x42, 0x7f, 0x34, 0x35,
-      0x2c, 0x3c, 0x8c, 0xbd, 0x14, 0x41, 0x54, 0xb0, 0x9f, 0xf1,
-      0x09, 0x52, 0x9a, 0xaa, 0xa4, 0x04, 0xc4, 0x8e, 0xfc, 0x6b,
-      0x95, 0xb1, 0x97, 0xf9, 0xf3, 0x69, 0x31, 0x29, 0x8e, 0x8f,
-      0x7d, 0xb5, 0x97, 0x09, 0xbc, 0x28, 0x51, 0x6e, 0xc8, 0xec,
-      0x84, 0xad, 0xb1, 0xa2, 0xd7, 0x38, 0xf1, 0xff, 0x3c, 0x2b,
-      0x79, 0x86, 0xcb, 0x6e, 0xc2, 0x50, 0xbe, 0xef, 0xce, 0x58,
-      0x0a, 0xe2, 0x2b, 0xc5, 0xc6, 0xa0, 0xce, 0xab, 0xdf, 0xe2,
-      0x66, 0x9e, 0xab, 0x9e, 0x91, 0xd7, 0x65, 0xd1, 0x4c, 0xf4,
-      0x00, 0xcb, 0x2f, 0xd3, 0x13, 0x14, 0x26, 0x80 },
-    { 0x73, 0xf8, 0xc3, 0xf0, 0xea, 0x41, 0xc0, 0x34, 0x44, 0x08,
-      0xdd, 0x42, 0x58, 0x44, 0xd1, 0xf9, 0x2b, 0x95, 0x22, 0x09,
-      0x57, 0x6e, 0x58, 0x8d, 0xc5, 0xfc, 0x88, 0xd5, 0x44, 0x17,
-      0xea, 0xde, 0x05, 0x86, 0xf7, 0x2f, 0xbc, 0xcd, 0xe4, 0x51,
-      0xe5, 0x67, 0x4c, 0x4b, 0xf8, 0x23, 0xd7, 0x97, 0xef, 0x8a,
-      0x94, 0x48, 0xc9, 0x01, 0x6c, 0x8c, 0x1d, 0x56, 0x46, 0xb8,
-      0x14, 0x3f, 0xe0, 0x79, 0xc0, 0x4e, 0xd0, 0xb7, 0x26, 0xe6,
-      0x62, 0xf7, 0x25, 0x4c, 0x05, 0xc3, 0xe0, 0x2f, 0xcc, 0xcf,
-      0x18, 0xf6, 0xf0, 0x9c, 0x13, 0x02, 0xe3, 0x23, 0x3c, 0x38,
-      0xd3, 0xfb, 0x68, 0x7a, 0x5b, 0x3d, 0x63, 0xa9, 0xb8, 0xd5,
-      0xd3, 0x39, 0x22, 0xde, 0x62, 0x74, 0xe3, 0x86, 0x3b, 0x6b,
-      0x50, 0xf2, 0x61, 0xe4, 0x77, 0xf7, 0x65, 0x15, 0xe8, 0xdd,
-      0x7a, 0x0b, 0x69, 0x67, 0x98, 0x8a, 0x99, 0x63 },
-    { 0x01, 0x08, 0xae, 0x39, 0xad, 0xbe, 0xdd, 0x75, 0xdf, 0xed,
-      0x25, 0xd9, 0x7c, 0xaa, 0x51, 0xb8, 0x7c, 0xf9, 0xd4, 0x07,
-      0x21, 0x34, 0x1a, 0x8a, 0x0f, 0x26, 0x87, 0x45, 0xfc, 0xa3,
-      0x25, 0xe4, 0xa2, 0xe0, 0x58, 0xfc, 0xb1, 0x5a, 0xe2, 0x06,
-      0xa1, 0x4e, 0x05, 0x52, 0x2d, 0x16, 0xe3, 0x61, 0x96, 0x3d,
-      0xee, 0xa6, 0x28, 0xb7, 0x91, 0xcc, 0xef, 0xff, 0x6d, 0xae,
-      0x33, 0x21, 0xed, 0xcd, 0x74, 0x9e, 0x0d, 0x98, 0xea, 0x36,
-      0xa0, 0x15, 0x62, 0x6e, 0xec, 0xf1, 0x29, 0x3a, 0xa8, 0xcf,
-      0xaa, 0x58, 0x44, 0x28, 0x51, 0x9f, 0x7b, 0xf3, 0x78, 0x04,
-      0xc9, 0xad, 0x85, 0x7c, 0xae, 0xa6, 0x1d, 0x39, 0x09, 0x44,
-      0xcb, 0x20, 0x88, 0x8e, 0x0d, 0xb5, 0xbe, 0x17, 0x6e, 0x8f,
-      0x15, 0xa0, 0x3b, 0x14, 0x27, 0xf3, 0x3a, 0xc7, 0x18, 0x36,
-      0x89, 0x53, 0x4f, 0xc8, 0x5d, 0xf7, 0x63, 0xdd },
-    { 0x80, 0x7c, 0x06, 0xd8, 0xeb, 0x13, 0xc1, 0xdf, 0x34, 0x8b,
-      0xb4, 0x2f, 0xa0, 0xc4, 0x52, 0x33, 0x88, 0x48, 0x08, 0x9b,
-      0xac, 0x85, 0xa4, 0xe1, 0xdf, 0xfc, 0x46, 0xab, 0xd5, 0x09,
-      0x7e, 0x1f, 0x0c, 0x9a, 0xad, 0x75, 0x44, 0x5d, 0xad, 0x00,
-      0x88, 0x89, 0x1e, 0x36, 0xfb, 0x3a, 0x9b, 0x17, 0xfb, 0xbe,
-      0x4b, 0xe8, 0x1e, 0xe0, 0xa5, 0x99, 0xc3, 0xf6, 0x5b, 0x99,
-      0x46, 0xc5, 0xda, 0xfc, 0xdd, 0xc8, 0x38, 0x03, 0x9d, 0x59,
-      0x51, 0x1a, 0x16, 0xaf, 0x05, 0x99, 0x0c, 0xc6, 0x9c, 0x89,
-      0xfc, 0x8b, 0xef, 0xe7, 0x54, 0xe3, 0x09, 0x0b, 0xde, 0x10,
-      0xb0, 0x73, 0xe9, 0xbb, 0x00, 0x4d, 0x24, 0xdb, 0x7d, 0xae,
-      0x8d, 0x0b, 0x91, 0xc8, 0x77, 0x3a, 0x53, 0xe6, 0xe2, 0x61,
-      0xd8, 0xa6, 0xaa, 0x05, 0xb1, 0x1e, 0xab, 0x0c, 0x73, 0x25,
-      0x54, 0xd1, 0x78, 0xf3, 0xa9, 0xe8, 0x8f, 0x63 },
-    { 0x16, 0x42, 0x4c, 0x6c, 0x99, 0x60, 0x7a, 0x61, 0xb2, 0xfd,
-      0xfa, 0x36, 0xb5, 0x53, 0x99, 0xfc, 0x26, 0x92, 0xc6, 0x26,
-      0x17, 0x58, 0x3b, 0x53, 0xaa, 0xc4, 0xff, 0xcf, 0xc3, 0x9b,
-      0x06, 0x34, 0x93, 0xf1, 0x80, 0xf7, 0xfa, 0x2f, 0x35, 0x8b,
-      0x5d, 0xf7, 0x6b, 0x3a, 0xef, 0x0f, 0x27, 0x5a, 0x08, 0xff,
-      0x7d, 0x15, 0x99, 0x82, 0x11, 0xa4, 0x89, 0xb5, 0x68, 0x81,
-      0xf7, 0x21, 0x09, 0xbd, 0xce, 0x15, 0x25, 0xc9, 0xed, 0x39,
-      0x9c, 0x0e, 0x97, 0x4d, 0xb3, 0xde, 0xda, 0x86, 0x1d, 0x3b,
-      0x53, 0xa9, 0xa9, 0x42, 0x99, 0x8c, 0x95, 0xfb, 0xe5, 0x93,
-      0x43, 0xe4, 0x60, 0xad, 0x1a, 0xf2, 0x7b, 0xdb, 0x20, 0x1a,
-      0x8b, 0x70, 0x55, 0x7c, 0x24, 0x48, 0x4c, 0x92, 0xa0, 0x2f,
-      0x8f, 0xdb, 0xba, 0x9d, 0x54, 0x83, 0x8b, 0xb7, 0xb7, 0xaf,
-      0x00, 0xa9, 0x69, 0xec, 0x98, 0xee, 0x0e, 0xf6 },
-    { 0x55, 0x44, 0xe6, 0x02, 0xa4, 0xf4, 0x47, 0x8a, 0xdd, 0xda,
-      0xf4, 0xb9, 0xfb, 0x58, 0x31, 0xb1, 0x3d, 0xfe, 0x6b, 0xc1,
-      0x72, 0x53, 0xa5, 0x1b, 0xa3, 0xc9, 0xad, 0xff, 0xac, 0xcc,
-      0xb8, 0x5c, 0x47, 0x4a, 0x3e, 0x14, 0xf0, 0x3d, 0xed, 0x28,
-      0x3d, 0x16, 0xfc, 0x45, 0x45, 0xb0, 0xe9, 0xeb, 0xa9, 0xe6,
-      0x55, 0xe4, 0x2e, 0x7f, 0x34, 0x04, 0x44, 0xff, 0x67, 0xb9,
-      0xed, 0x64, 0xd1, 0x2c, 0xd4, 0x39, 0x61, 0x41, 0x4b, 0x8e,
-      0xfa, 0x0c, 0x88, 0xae, 0x40, 0x98, 0xbc, 0xc7, 0x72, 0x72,
-      0xbc, 0xec, 0xd2, 0x58, 0xca, 0xf2, 0xd1, 0x22, 0x98, 0x38,
-      0x45, 0x50, 0x9b, 0xe9, 0x96, 0x74, 0x30, 0xb7, 0xab, 0x25,
-      0xa9, 0xdf, 0x69, 0x1a, 0x32, 0xc8, 0x2e, 0x99, 0xef, 0xe8,
-      0xb0, 0x89, 0x25, 0x44, 0xc1, 0xc2, 0xfe, 0x3a, 0xf4, 0x18,
-      0x5d, 0xd6, 0x5c, 0x55, 0xdd, 0x27, 0x44, 0xa9 },
-    { 0x57, 0x35, 0x99, 0x5c, 0xe2, 0x41, 0xd2, 0x61, 0xdd, 0x7d,
-      0x3e, 0xdd, 0x1e, 0xd6, 0x0f, 0x42, 0xc1, 0xa4, 0xcd, 0xce,
-      0x2d, 0xec, 0x53, 0xcf, 0x80, 0xb7, 0xec, 0xdc, 0x22, 0x99,
-      0x4b, 0x43, 0x72, 0x0b, 0x59, 0xde, 0x19, 0xb1, 0xb5, 0x40,
-      0xd0, 0xf7, 0x0e, 0x6e, 0xb2, 0x79, 0x46, 0x81, 0x76, 0xc8,
-      0x8b, 0xd2, 0x09, 0xd0, 0x9a, 0xf1, 0x83, 0x10, 0x74, 0x46,
-      0xcb, 0x42, 0x03, 0x3c, 0x20, 0x53, 0xc5, 0xe0, 0x1f, 0x6c,
-      0x7d, 0x29, 0x83, 0x49, 0xdd, 0x73, 0xc2, 0x90, 0xd9, 0xd8,
-      0x16, 0x3d, 0x05, 0x00, 0xed, 0x94, 0x58, 0x70, 0x35, 0x2c,
-      0x8c, 0x3f, 0x2d, 0x34, 0x1a, 0xb1, 0xe9, 0xd9, 0xe1, 0xe9,
-      0x08, 0x83, 0x30, 0x8c, 0xae, 0x27, 0x42, 0xdb, 0x7b, 0x42,
-      0xc5, 0xa8, 0x01, 0x22, 0x71, 0x6f, 0x63, 0xbd, 0xc8, 0xef,
-      0x89, 0x7c, 0x53, 0x13, 0xba, 0xa8, 0x0b, 0x4f },
-    { 0x88, 0x54, 0x86, 0xdf, 0x3e, 0xc4, 0x5e, 0xf0, 0xe4, 0x68,
-      0xed, 0x5f, 0x04, 0x9a, 0x69, 0x17, 0xbb, 0xd3, 0xb0, 0x81,
-      0x8a, 0x95, 0x40, 0xc2, 0x5c, 0xc2, 0x28, 0x21, 0x76, 0x8a,
-      0xd9, 0x9a, 0xf8, 0x72, 0x9b, 0xc0, 0xea, 0xce, 0x64, 0xc9,
-      0xac, 0x39, 0x04, 0xe4, 0xc9, 0xcf, 0x34, 0x65, 0xdb, 0x9a,
-      0x59, 0x84, 0xbb, 0x1f, 0xf9, 0x4d, 0xd1, 0x43, 0xb2, 0xda,
-      0x4a, 0x4c, 0x5e, 0x89, 0x7b, 0x0c, 0x46, 0xcd, 0x7c, 0x1b,
-      0x7d, 0xfd, 0x1b, 0x71, 0x85, 0xcf, 0x08, 0x86, 0x87, 0x73,
-      0xec, 0x49, 0x74, 0x21, 0x5b, 0x60, 0x0f, 0x33, 0x4e, 0xee,
-      0x44, 0x19, 0x61, 0x18, 0xa1, 0xf5, 0xab, 0xde, 0xb0, 0x33,
-      0xe3, 0x03, 0x1b, 0xec, 0xc0, 0x1e, 0xeb, 0xbd, 0x27, 0x1e,
-      0xc6, 0x12, 0x68, 0x56, 0xc1, 0x64, 0x33, 0xab, 0x33, 0x88,
-      0xdc, 0x4b, 0xa3, 0xfb, 0xa0, 0x23, 0x70, 0x56 },
-    { 0x31, 0xce, 0xcf, 0xe8, 0xd4, 0xab, 0x96, 0x2d, 0xc5, 0xdd,
-      0x4d, 0x3e, 0xc9, 0x1f, 0xf9, 0xd7, 0x29, 0x08, 0x32, 0x87,
-      0xaa, 0xa4, 0xce, 0x0c, 0x33, 0xd8, 0x16, 0x97, 0xf1, 0x19,
-      0xd6, 0xe0, 0x4d, 0x0e, 0x8b, 0xcf, 0x99, 0x4f, 0xc5, 0x03,
-      0x1a, 0x0b, 0x96, 0xe4, 0x0f, 0x81, 0xf9, 0x1c, 0x98, 0xb5,
-      0xd0, 0xab, 0x18, 0x5e, 0xae, 0x19, 0x29, 0xe1, 0x1a, 0xa2,
-      0x68, 0x85, 0xe6, 0xb9, 0xbc, 0xb0, 0xe8, 0xa2, 0x71, 0xd3,
-      0x68, 0x10, 0x9e, 0x24, 0x96, 0x0f, 0x1a, 0x1b, 0x73, 0xc6,
-      0x76, 0x07, 0xdd, 0x08, 0x55, 0xef, 0x8d, 0xef, 0xac, 0xa6,
-      0x9a, 0xe8, 0x24, 0x1e, 0xe8, 0xff, 0x20, 0x55, 0xa3, 0x1b,
-      0x19, 0xfe, 0x33, 0x39, 0xcc, 0xb0, 0x07, 0x0b, 0x32, 0x5b,
-      0xe3, 0x24, 0x3d, 0xb2, 0x71, 0x9f, 0x25, 0xa7, 0xb4, 0x51,
-      0x6a, 0x94, 0x2c, 0x93, 0x4b, 0xdf, 0xf4, 0x64 },
-    { 0x69, 0x61, 0xb4, 0x6a, 0xda, 0x25, 0x47, 0xb3, 0x5d, 0x8f,
-      0x3c, 0xf0, 0x9a, 0x6a, 0x4e, 0xc3, 0x11, 0xb0, 0x86, 0x3b,
-      0xd6, 0xd6, 0xf1, 0xd2, 0x72, 0xfe, 0xfc, 0x05, 0x75, 0xd9,
-      0xcb, 0x3d, 0x2b, 0x7c, 0x79, 0x45, 0xff, 0x32, 0x52, 0xf8,
-      0x65, 0xff, 0xa5, 0xf6, 0x6c, 0x74, 0x2a, 0xc4, 0x48, 0x0e,
-      0xd4, 0xfb, 0xc5, 0x51, 0x6c, 0xa9, 0xf5, 0x02, 0xf6, 0x6d,
-      0xec, 0xd6, 0xfa, 0x3d, 0x83, 0x9a, 0xa7, 0xbd, 0xc9, 0xd2,
-      0x0f, 0xf1, 0x10, 0x09, 0xc0, 0xd9, 0xb4, 0xfb, 0xb5, 0x9c,
-      0x98, 0x00, 0xa2, 0x3f, 0xae, 0xcd, 0x69, 0x75, 0x96, 0x63,
-      0xe6, 0xad, 0x5b, 0xb5, 0x23, 0xbd, 0x8e, 0x9d, 0xe8, 0x4d,
-      0xa3, 0xd0, 0xfa, 0x90, 0xfe, 0x59, 0x02, 0xd4, 0x92, 0x1c,
-      0x36, 0xa0, 0xe5, 0xdd, 0x32, 0xb3, 0xb1, 0x94, 0x36, 0xdf,
-      0x43, 0x7b, 0xfd, 0x9a, 0xfc, 0x8b, 0x21, 0xe8 },
-    { 0x6a, 0x63, 0xa9, 0x0c, 0x53, 0x75, 0x52, 0x12, 0x19, 0x64,
-      0xe2, 0x2f, 0x07, 0x81, 0xaa, 0xd9, 0x89, 0xa9, 0xa3, 0x2e,
-      0xcd, 0x3f, 0x79, 0x4f, 0xdd, 0xae, 0xc4, 0x2b, 0x73, 0xce,
-      0x5b, 0xe9, 0x2e, 0x25, 0x4d, 0x9e, 0x36, 0x05, 0x1f, 0x9f,
-      0x1e, 0xb5, 0x1f, 0x32, 0x54, 0xe8, 0x41, 0x23, 0x69, 0x7e,
-      0x20, 0xa2, 0x97, 0x07, 0xfa, 0x21, 0xda, 0x78, 0x2d, 0x1d,
-      0x93, 0x41, 0x3c, 0xa7, 0xd6, 0x71, 0x20, 0xe6, 0xb6, 0x55,
-      0xaf, 0x5d, 0xf9, 0x78, 0x1e, 0xdd, 0x24, 0x6e, 0x3f, 0xd2,
-      0x4e, 0x4b, 0x88, 0xed, 0xfb, 0x8c, 0xe1, 0x90, 0xa6, 0xe7,
-      0x19, 0xfd, 0x9c, 0x6f, 0x40, 0x0e, 0xa1, 0xf9, 0x1d, 0x44,
-      0x70, 0x9d, 0x54, 0xf0, 0xec, 0xa1, 0x7a, 0x5b, 0xdb, 0x28,
-      0xa0, 0x4c, 0x1e, 0xd5, 0x54, 0x6b, 0x57, 0xaf, 0x14, 0xd9,
-      0xd0, 0x7b, 0x58, 0x7e, 0xcb, 0x35, 0xe2, 0xac },
-    { 0x51, 0xed, 0x4a, 0x22, 0xd1, 0x51, 0xd9, 0x0e, 0xff, 0xc8,
-      0x9f, 0xfd, 0x82, 0x55, 0x29, 0x61, 0xa5, 0x47, 0x64, 0x46,
-      0x82, 0x35, 0xcd, 0x0b, 0x8c, 0x27, 0xf8, 0x92, 0x86, 0x17,
-      0xf1, 0x65, 0xc2, 0x0b, 0x93, 0x07, 0x0e, 0x02, 0x1e, 0xd3,
-      0xa5, 0x3a, 0x81, 0xb3, 0x6e, 0xa5, 0x02, 0xea, 0x80, 0x9b,
-      0xf0, 0x74, 0xe8, 0x44, 0xa5, 0x76, 0xab, 0xcc, 0x78, 0x13,
-      0x5c, 0xa4, 0x71, 0xdd, 0xd6, 0xed, 0x58, 0x16, 0x5b, 0xa3,
-      0xf4, 0xa1, 0x65, 0x88, 0x80, 0xc1, 0x5a, 0x4d, 0x3e, 0x7c,
-      0xf8, 0x65, 0x80, 0x21, 0x7b, 0x37, 0x0f, 0x7f, 0x08, 0x6a,
-      0x3c, 0xdf, 0x0c, 0xd6, 0xd2, 0xf6, 0x01, 0x66, 0x77, 0x14,
-      0x3e, 0xb9, 0x4d, 0x4f, 0xe4, 0xa2, 0x96, 0x72, 0x38, 0x8c,
-      0x51, 0x9b, 0x2c, 0x01, 0x66, 0x8a, 0xb7, 0x4f, 0x61, 0x08,
-      0x76, 0x55, 0x4e, 0x00, 0x3d, 0x7a, 0xcb, 0xbb },
-    { 0x2d, 0x69, 0x51, 0xbc, 0x2b, 0x8b, 0x5c, 0xe5, 0x41, 0x73,
-      0xd9, 0x4a, 0xe9, 0xf4, 0x92, 0x56, 0xeb, 0x7a, 0xfe, 0x26,
-      0x74, 0xa9, 0x79, 0x3c, 0x0d, 0x5f, 0x6f, 0xb1, 0xd2, 0xd1,
-      0x69, 0xbf, 0x93, 0xdf, 0x3f, 0x2a, 0xe1, 0xef, 0x97, 0x12,
-      0xaf, 0x0a, 0x92, 0x60, 0x6c, 0x29, 0xfe, 0x48, 0x7a, 0x87,
-      0x21, 0x38, 0x23, 0x50, 0x0e, 0xcc, 0x0e, 0x29, 0x71, 0x1f,
-      0x71, 0x06, 0x61, 0x5e, 0x41, 0xc5, 0x3c, 0xf6, 0x28, 0xce,
-      0x68, 0x5f, 0x68, 0xfc, 0x32, 0x0c, 0x5e, 0xd7, 0xc8, 0x97,
-      0xf2, 0xa6, 0x0d, 0x2d, 0x6c, 0xeb, 0x5d, 0x5e, 0xfd, 0x67,
-      0x48, 0x0e, 0xce, 0x64, 0x3b, 0x9b, 0x75, 0xa7, 0xa0, 0x55,
-      0xdb, 0x50, 0xbf, 0x7d, 0x3e, 0xf9, 0xbe, 0x15, 0xb5, 0x72,
-      0x96, 0x5f, 0xea, 0x8d, 0x91, 0xa3, 0xbb, 0x27, 0xca, 0xf2,
-      0x37, 0xd6, 0x96, 0x3a, 0x44, 0x97, 0x01, 0xb4 },
-    { 0x65, 0xc4, 0x8e, 0x78, 0xe0, 0x8c, 0xc5, 0xf0, 0xa2, 0x4e,
-      0xba, 0x02, 0x16, 0x5b, 0x3a, 0xee, 0x46, 0x49, 0x04, 0xc1,
-      0xb8, 0x3b, 0x93, 0xf9, 0x75, 0xc4, 0xd0, 0x89, 0xa7, 0xaf,
-      0x22, 0x68, 0x0b, 0xad, 0x73, 0x0c, 0xbc, 0xf9, 0x31, 0xa0,
-      0x32, 0x20, 0x48, 0xb1, 0x44, 0x7b, 0x5e, 0x6d, 0x92, 0x43,
-      0x53, 0xf5, 0x8b, 0x92, 0xa7, 0x42, 0xd4, 0xb6, 0x4d, 0x78,
-      0xe7, 0x0e, 0x16, 0x27, 0x83, 0xd9, 0x5d, 0x9c, 0x2b, 0x87,
-      0x4f, 0x55, 0x82, 0x0a, 0x8f, 0x66, 0x71, 0x1e, 0x71, 0xa0,
-      0xc7, 0x95, 0xcb, 0x7d, 0xc2, 0x74, 0x35, 0x19, 0x6e, 0x7f,
-      0xea, 0x3a, 0x0b, 0x0f, 0x42, 0xf1, 0x29, 0x57, 0x34, 0x15,
-      0xcf, 0xc7, 0x75, 0x18, 0xd4, 0x99, 0x4e, 0x8b, 0x8f, 0x42,
-      0x9e, 0xee, 0x33, 0x3f, 0x24, 0x8f, 0x86, 0xf4, 0xe1, 0x09,
-      0xdd, 0x00, 0x7d, 0x9f, 0x90, 0x4e, 0x22, 0x2e },
-    { 0x36, 0xb5, 0xcd, 0x2c, 0x7a, 0x6b, 0x22, 0x6f, 0xf6, 0x3d,
-      0xd9, 0xff, 0xd4, 0x38, 0xba, 0x2d, 0x40, 0x2d, 0x57, 0x85,
-      0xa8, 0xd9, 0xa3, 0xcb, 0xe2, 0x28, 0x0f, 0xa6, 0xef, 0x24,
-      0x54, 0x45, 0xe1, 0x06, 0xf4, 0x89, 0x08, 0xb0, 0x55, 0x3a,
-      0xd8, 0x28, 0x67, 0xed, 0xb2, 0x89, 0x5d, 0x2e, 0xf0, 0x6f,
-      0x0a, 0x46, 0x25, 0xe7, 0xec, 0xe0, 0x38, 0x09, 0xfa, 0x28,
-      0x07, 0xd3, 0xe0, 0x13, 0x76, 0xa3, 0xf2, 0xd1, 0x10, 0xf1,
-      0x8d, 0x12, 0xdb, 0xf6, 0x7f, 0x0b, 0x4d, 0x31, 0x88, 0xc0,
-      0xf5, 0x4d, 0x3e, 0xee, 0x94, 0x73, 0x51, 0x07, 0xfb, 0x1c,
-      0x58, 0x1c, 0x31, 0x20, 0x4c, 0xef, 0x28, 0x4a, 0xdf, 0x8f,
-      0x59, 0xfc, 0xec, 0x77, 0x03, 0x01, 0xcb, 0x14, 0xb2, 0x14,
-      0x3b, 0x06, 0x56, 0x83, 0xd8, 0xcd, 0xfc, 0xea, 0x23, 0xb4,
-      0x1a, 0x1c, 0x73, 0xce, 0xde, 0x22, 0x2c, 0x22 },
-    { 0x08, 0xd7, 0xc1, 0x44, 0xdb, 0x39, 0xbf, 0xd8, 0x06, 0x92,
-      0xf4, 0xc5, 0x39, 0xa5, 0x1d, 0xc8, 0xd2, 0x7c, 0xc9, 0x60,
-      0xf7, 0x44, 0x5e, 0x8a, 0x18, 0xf7, 0x3c, 0xaf, 0x52, 0x23,
-      0x89, 0xff, 0x45, 0x59, 0x3d, 0xf1, 0x37, 0x6a, 0x9a, 0xb6,
-      0x14, 0xe1, 0x82, 0xa7, 0x93, 0xcf, 0x99, 0xc4, 0xff, 0x50,
-      0x15, 0x1e, 0xea, 0xa7, 0x4d, 0xf8, 0x8d, 0x0e, 0x85, 0xf9,
-      0x36, 0xa5, 0x1a, 0x37, 0xc6, 0xa2, 0x1d, 0x11, 0x2f, 0x41,
-      0x22, 0x44, 0x74, 0x83, 0x97, 0x79, 0x0c, 0xc2, 0xe8, 0x10,
-      0x74, 0x50, 0x19, 0x83, 0x78, 0x1a, 0x67, 0x8a, 0x0d, 0x47,
-      0x5d, 0x79, 0x8d, 0x93, 0x5a, 0x5e, 0xa1, 0x9e, 0xaf, 0x39,
-      0xc8, 0x5a, 0xf1, 0xa3, 0x90, 0xa3, 0x57, 0xfa, 0x9b, 0x45,
-      0x9c, 0xd8, 0x64, 0xd8, 0x0b, 0x41, 0x45, 0x20, 0xc7, 0x50,
-      0x87, 0xff, 0x4e, 0x20, 0x54, 0x56, 0x79, 0xa7 },
-    { 0x5f, 0x2a, 0xa8, 0xee, 0xba, 0xb7, 0x02, 0x02, 0x8e, 0x2c,
-      0x38, 0x79, 0x04, 0x00, 0x4a, 0xd9, 0x1d, 0x30, 0x50, 0xae,
-      0xb5, 0xee, 0x14, 0x7b, 0x4c, 0x38, 0x5e, 0x8b, 0xc7, 0x36,
-      0x7d, 0x1f, 0xb5, 0x90, 0x52, 0x64, 0x0f, 0x9b, 0x2b, 0x49,
-      0xf3, 0xfe, 0x9c, 0x42, 0xbb, 0x0c, 0xd2, 0xbf, 0x01, 0x97,
-      0x24, 0x3e, 0xe3, 0x47, 0x69, 0x4a, 0x3f, 0xe1, 0xe8, 0xb5,
-      0x89, 0x83, 0x08, 0xe3, 0x95, 0xe9, 0x5b, 0xb8, 0xa8, 0xde,
-      0x7a, 0xa4, 0x7c, 0xc6, 0xe8, 0x38, 0x5f, 0xce, 0x17, 0xbd,
-      0xf3, 0xc1, 0xa1, 0x01, 0x61, 0x30, 0xa4, 0xc6, 0x7a, 0x96,
-      0x6d, 0x8b, 0xd1, 0x58, 0x7b, 0x7e, 0x77, 0x31, 0x23, 0x74,
-      0x2a, 0x67, 0x8c, 0xdf, 0xf0, 0xec, 0xcd, 0x74, 0xdb, 0x6b,
-      0xd6, 0x41, 0x87, 0xea, 0x91, 0x92, 0xd4, 0x8c, 0x21, 0x56,
-      0x80, 0x9c, 0x0d, 0x96, 0x3e, 0xcc, 0xa7, 0x73 },
-    { 0x62, 0x50, 0x1a, 0x98, 0xb4, 0x6f, 0xf9, 0x49, 0xa3, 0x16,
-      0x49, 0x80, 0x83, 0xc9, 0xf2, 0x24, 0xe8, 0x84, 0xac, 0x76,
-      0x78, 0x4b, 0xe8, 0x2f, 0xd9, 0xff, 0x03, 0x40, 0x02, 0xbc,
-      0xd3, 0xc7, 0xc2, 0x82, 0x78, 0xb4, 0x86, 0x6e, 0x5a, 0xe8,
-      0x59, 0xdc, 0x52, 0xe6, 0x1e, 0xa6, 0xf0, 0x6e, 0xed, 0xcf,
-      0x2d, 0x1a, 0xe2, 0xd9, 0xd3, 0x86, 0x95, 0x9a, 0xfc, 0xba,
-      0x8e, 0x2d, 0x85, 0xd1, 0x2b, 0xab, 0xb2, 0x7e, 0x18, 0xbe,
-      0x05, 0xf6, 0x7d, 0xab, 0xa1, 0x27, 0x05, 0xeb, 0x67, 0xb8,
-      0x26, 0xf6, 0xee, 0x3b, 0x0f, 0xcb, 0x53, 0x4c, 0xef, 0x34,
-      0x9c, 0x61, 0xc6, 0x82, 0xe4, 0xd6, 0x0a, 0x69, 0xe8, 0xd3,
-      0xe6, 0x42, 0xdd, 0x46, 0xa5, 0xaa, 0x68, 0x5e, 0xda, 0x10,
-      0x6e, 0xbf, 0xb7, 0xbf, 0x38, 0x80, 0xd0, 0xa1, 0x9f, 0x66,
-      0xe2, 0x08, 0xd4, 0x64, 0x12, 0x66, 0x52, 0x4b },
-    { 0x49, 0x7b, 0x15, 0xfe, 0xfd, 0x3f, 0xc6, 0x65, 0xcc, 0x9c,
-      0x5f, 0x73, 0xa1, 0xf3, 0x53, 0x1a, 0xab, 0xaa, 0x4c, 0x49,
-      0xc0, 0xde, 0xa5, 0x86, 0x78, 0x49, 0x9b, 0x73, 0x91, 0xf9,
-      0xda, 0x5e, 0xd1, 0xac, 0xf7, 0xa0, 0xb5, 0xc4, 0xeb, 0x10,
-      0xfd, 0x74, 0x10, 0x1c, 0x9a, 0x6f, 0xea, 0x8a, 0x51, 0x9d,
-      0x21, 0x33, 0xd5, 0x9b, 0x17, 0x41, 0xbd, 0x9a, 0x8e, 0x31,
-      0x4f, 0x0d, 0x1b, 0x70, 0x52, 0xfb, 0xf5, 0x4d, 0xce, 0xcc,
-      0xfe, 0x77, 0x62, 0x28, 0x06, 0xe0, 0x2e, 0xa8, 0xab, 0xd3,
-      0x81, 0x30, 0xc9, 0xb0, 0xed, 0x55, 0x3e, 0xac, 0xfa, 0x3c,
-      0x91, 0x97, 0x20, 0xaa, 0x45, 0x36, 0xa2, 0x88, 0xda, 0xc8,
-      0x46, 0xe6, 0x4b, 0x19, 0xe8, 0x25, 0x30, 0x02, 0x8c, 0x8d,
-      0x3d, 0x67, 0xca, 0x6a, 0x33, 0xdb, 0xa5, 0xe0, 0xe4, 0xbd,
-      0x56, 0x3f, 0x7d, 0x9a, 0xad, 0x26, 0x40, 0x86 },
-    { 0x18, 0xd4, 0x6a, 0x6c, 0x9e, 0x51, 0x4c, 0xb7, 0xb7, 0xae,
-      0x7e, 0x5c, 0x2f, 0xf6, 0x37, 0xe6, 0xc2, 0xee, 0xbd, 0x13,
-      0xed, 0xea, 0x10, 0x71, 0xda, 0xfa, 0x33, 0xfe, 0x06, 0x80,
-      0x12, 0xca, 0x40, 0x5d, 0x3e, 0x84, 0xd6, 0x30, 0x8e, 0xdc,
-      0xdd, 0x8d, 0xff, 0xbf, 0x86, 0xa9, 0xb7, 0xce, 0x2a, 0x80,
-      0xd0, 0xd2, 0x42, 0xc0, 0x07, 0xf4, 0x99, 0xaa, 0x68, 0xac,
-      0xba, 0x3e, 0xbd, 0x91, 0x8f, 0x31, 0xf0, 0x44, 0x3e, 0x21,
-      0x6d, 0xbf, 0x9c, 0xd0, 0x6d, 0x31, 0xca, 0x90, 0xf0, 0x2e,
-      0x81, 0x09, 0xfc, 0x75, 0xa2, 0x9c, 0x53, 0x9f, 0x8c, 0x8c,
-      0xdb, 0xa2, 0x02, 0xa0, 0xf5, 0xb4, 0xc8, 0x65, 0x22, 0xf8,
-      0x4a, 0xc3, 0x7d, 0xa9, 0xdb, 0xb0, 0x3d, 0xd3, 0x9a, 0xb2,
-      0x53, 0x9a, 0xf4, 0x91, 0xa0, 0xfe, 0xc7, 0x19, 0x2a, 0x6f,
-      0x8a, 0x56, 0xcb, 0xaa, 0xf4, 0x55, 0x68, 0xe9 },
-    { 0x55, 0x04, 0x46, 0x01, 0xd3, 0xf6, 0x2e, 0x40, 0x69, 0xe6,
-      0xf8, 0xe4, 0x5a, 0x38, 0xfe, 0xf9, 0x10, 0xd5, 0x4f, 0x8a,
-      0x7e, 0x93, 0x05, 0x0d, 0x45, 0xf9, 0x3d, 0x41, 0xa0, 0x6e,
-      0x70, 0x8c, 0x3f, 0x0d, 0xb5, 0xcd, 0x7b, 0xb5, 0xe7, 0x51,
-      0x37, 0x0d, 0xe9, 0xc8, 0xdc, 0xd7, 0x05, 0xad, 0x14, 0x10,
-      0x9d, 0x29, 0x7c, 0x29, 0x54, 0xf3, 0xab, 0x0b, 0x36, 0xf9,
-      0xd8, 0x51, 0x76, 0xac, 0x70, 0xeb, 0x06, 0x03, 0x6d, 0xa7,
-      0xa5, 0x2b, 0x74, 0x07, 0xa7, 0x88, 0xb1, 0x41, 0x71, 0xb9,
-      0x6c, 0xfe, 0x05, 0x71, 0x13, 0xac, 0x73, 0x45, 0x2e, 0x0d,
-      0x83, 0x25, 0xa3, 0x25, 0xfd, 0x40, 0xac, 0x0a, 0xbc, 0xda,
-      0xb4, 0xce, 0xb4, 0xe4, 0xc4, 0xeb, 0x2f, 0x3e, 0x42, 0xae,
-      0x8a, 0xdd, 0x07, 0x45, 0xdd, 0xb2, 0x49, 0x7c, 0xba, 0xf4,
-      0x86, 0x8c, 0xbb, 0x22, 0xa7, 0x8b, 0x78, 0x02 },
-    { 0x0d, 0xa3, 0x13, 0xfc, 0xd7, 0xb0, 0xec, 0x4f, 0x56, 0x3a,
-      0x8f, 0xf7, 0xc6, 0xf5, 0xd7, 0xdb, 0xf3, 0x42, 0x52, 0x09,
-      0x3d, 0xd7, 0x9f, 0x93, 0xa1, 0x21, 0x18, 0xac, 0x9a, 0x2b,
-      0xd0, 0x1b, 0x27, 0x07, 0x41, 0x76, 0xf5, 0x32, 0x97, 0x3f,
-      0x47, 0x7c, 0xa3, 0xdb, 0x9f, 0xf1, 0x00, 0xbc, 0xbc, 0xb5,
-      0x31, 0x89, 0x70, 0xc2, 0xae, 0xe3, 0xe2, 0x22, 0x0e, 0x85,
-      0x9a, 0xee, 0xfe, 0x98, 0x33, 0x65, 0xc8, 0xe5, 0x29, 0xad,
-      0x51, 0x66, 0x90, 0x42, 0x59, 0x6b, 0x91, 0x79, 0x2e, 0x6b,
-      0x1c, 0xde, 0x06, 0xe7, 0x40, 0x0d, 0x14, 0x4f, 0x1d, 0x21,
-      0xfb, 0xfa, 0x29, 0x51, 0xfc, 0x83, 0x39, 0x72, 0x1f, 0xfe,
-      0x29, 0xad, 0x5f, 0x82, 0x7c, 0xd8, 0x66, 0x3e, 0x11, 0x23,
-      0x6f, 0xb8, 0x54, 0x20, 0x74, 0xd7, 0x41, 0xd0, 0x00, 0x14,
-      0xd1, 0xc5, 0xc9, 0x10, 0x06, 0xcb, 0x9c, 0xc9 },
-    { 0x63, 0x63, 0x0b, 0xe8, 0xdb, 0x41, 0x4a, 0xcc, 0x62, 0x02,
-      0x30, 0xd8, 0x1e, 0x82, 0x29, 0x0e, 0x44, 0x16, 0x74, 0x10,
-      0xa1, 0x16, 0x2d, 0x03, 0x50, 0x94, 0x0c, 0x26, 0x94, 0x1c,
-      0x25, 0x54, 0xad, 0xfa, 0xe4, 0xe1, 0x73, 0x10, 0x83, 0xef,
-      0x6d, 0x7c, 0x2e, 0xa0, 0xf8, 0x70, 0x46, 0x64, 0xe2, 0x95,
-      0x9b, 0xea, 0x09, 0xc2, 0x8f, 0x27, 0x3a, 0xf0, 0xec, 0xbb,
-      0xca, 0x3d, 0xe5, 0x0c, 0x47, 0x3d, 0x50, 0xd6, 0x1f, 0x1b,
-      0x7f, 0x00, 0x4d, 0x29, 0xa6, 0x16, 0xf0, 0x3d, 0x06, 0x60,
-      0xd5, 0x53, 0x1a, 0x0d, 0x04, 0x9a, 0xea, 0xc2, 0x2d, 0x2b,
-      0xf4, 0xff, 0xc9, 0xe2, 0xce, 0x18, 0x0d, 0x3e, 0x9a, 0x74,
-      0x7c, 0xb0, 0x04, 0x2a, 0x48, 0x71, 0x39, 0x94, 0x67, 0xb8,
-      0xa8, 0x23, 0xca, 0x21, 0xd7, 0x0c, 0x00, 0x89, 0x3e, 0x9c,
-      0x37, 0x12, 0x5a, 0x8c, 0x15, 0xaa, 0x25, 0x57 },
-    { 0x30, 0x6a, 0x98, 0x71, 0xf1, 0x66, 0x88, 0xed, 0x29, 0x58,
-      0x45, 0xc0, 0x68, 0x54, 0x4e, 0xb0, 0x68, 0x07, 0x4f, 0x37,
-      0xd5, 0xe5, 0xaa, 0x72, 0xeb, 0x0c, 0xd4, 0x78, 0xf8, 0xac,
-      0x8f, 0x89, 0xfc, 0xe5, 0x18, 0x6c, 0xe5, 0x58, 0xf6, 0xbe,
-      0x36, 0x9b, 0x3e, 0x98, 0xbb, 0x44, 0x3c, 0x07, 0x56, 0xae,
-      0xaf, 0xa8, 0x5a, 0x14, 0x36, 0xfa, 0x3d, 0x4f, 0xd9, 0x77,
-      0x26, 0x1d, 0x1b, 0x79, 0xca, 0x3d, 0x70, 0x25, 0x58, 0xe2,
-      0x60, 0x6d, 0x1f, 0x69, 0xb2, 0x0c, 0x13, 0xce, 0xa0, 0x45,
-      0x9d, 0x99, 0x7d, 0x18, 0xb4, 0xb7, 0x0c, 0x4c, 0xbf, 0x3f,
-      0x38, 0xf4, 0x49, 0xb9, 0xdc, 0x38, 0x88, 0x3e, 0x04, 0xd6,
-      0xde, 0x2c, 0x59, 0xad, 0x1b, 0x4d, 0x33, 0xdd, 0x6c, 0x40,
-      0x2d, 0x89, 0x49, 0xe7, 0x58, 0x23, 0xeb, 0x62, 0xf8, 0x79,
-      0xbf, 0x8d, 0x52, 0x22, 0x8a, 0x7d, 0x2e, 0x41 },
-    { 0x28, 0x33, 0xac, 0x41, 0xe8, 0x10, 0x3e, 0x37, 0x64, 0x43,
-      0xeb, 0xe0, 0x58, 0xe5, 0x7c, 0xd4, 0x71, 0xab, 0xa7, 0x31,
-      0x93, 0xc9, 0xd5, 0x88, 0x93, 0x06, 0x21, 0x5b, 0x77, 0xf4,
-      0xc0, 0x1c, 0x55, 0x1e, 0x7a, 0x17, 0x6e, 0x72, 0xa1, 0x3d,
-      0xf9, 0xfa, 0x62, 0x8d, 0x1b, 0xea, 0xa5, 0x11, 0xf6, 0xd4,
-      0x18, 0xf8, 0x82, 0x07, 0x5f, 0x91, 0xc0, 0x75, 0xc7, 0x01,
-      0xf5, 0x32, 0x70, 0x1b, 0x28, 0xe6, 0xf6, 0x31, 0x82, 0xa9,
-      0xd2, 0x2b, 0x4a, 0xf2, 0x2b, 0xc0, 0x0a, 0xc9, 0xc2, 0xde,
-      0x60, 0xe5, 0x64, 0xd8, 0xc7, 0xaf, 0xb8, 0x99, 0x35, 0x28,
-      0x32, 0x38, 0x9a, 0x2d, 0x60, 0x23, 0x87, 0xb6, 0xef, 0x20,
-      0xc5, 0xbf, 0xee, 0x67, 0xa9, 0xbe, 0x01, 0x52, 0xc0, 0xdb,
-      0x41, 0x20, 0x1e, 0xdf, 0x27, 0xca, 0x0e, 0x6f, 0x65, 0x8f,
-      0xbc, 0x45, 0x1e, 0x9d, 0x63, 0x4e, 0xc1, 0x36 },
-    { 0x12, 0x0c, 0xd4, 0x54, 0xa4, 0x9d, 0x63, 0x03, 0x67, 0x30,
-      0x20, 0xed, 0x0b, 0xcf, 0x35, 0x38, 0xbd, 0x59, 0xc7, 0x57,
-      0xde, 0x5c, 0x01, 0x91, 0x65, 0x5b, 0xa9, 0xe4, 0x08, 0x77,
-      0x87, 0xd9, 0xe1, 0xdc, 0xbc, 0xd6, 0x99, 0x76, 0x32, 0x7e,
-      0xf4, 0x2f, 0xaa, 0x97, 0x20, 0x6b, 0x5f, 0xaa, 0xc0, 0x9c,
-      0x1c, 0x5a, 0x47, 0x22, 0xb4, 0xd7, 0xec, 0xb6, 0x8b, 0xd1,
-      0x04, 0xba, 0xa4, 0x31, 0x1b, 0x87, 0xa5, 0x8e, 0x13, 0x93,
-      0xc6, 0xe6, 0xd5, 0xf3, 0x23, 0xf8, 0x27, 0x32, 0x04, 0x49,
-      0x7d, 0x5a, 0x27, 0x00, 0xdc, 0xfa, 0x19, 0x41, 0xb4, 0x38,
-      0xe4, 0xcf, 0xfd, 0xc6, 0x03, 0x39, 0x35, 0x12, 0xaf, 0xe7,
-      0x9d, 0x34, 0x3d, 0xc2, 0x9d, 0x7c, 0x1f, 0x0b, 0x8c, 0x57,
-      0xa7, 0x28, 0xac, 0x3d, 0x9d, 0xa8, 0x1c, 0x08, 0xdb, 0x24,
-      0x7e, 0x56, 0x4b, 0x86, 0x8d, 0xa5, 0xec, 0x5c },
-    { 0x02, 0x1c, 0xfd, 0x16, 0x7f, 0xde, 0xea, 0x3e, 0x8e, 0xf1,
-      0x67, 0x7e, 0x70, 0x19, 0x33, 0x6e, 0xd5, 0x69, 0x84, 0x96,
-      0xeb, 0x40, 0x54, 0xbc, 0x15, 0x1f, 0x69, 0x3a, 0x9b, 0xe0,
-      0x24, 0x30, 0xa6, 0x7a, 0xd9, 0xf6, 0x8f, 0x01, 0x03, 0xcb,
-      0x75, 0x8d, 0xaf, 0x64, 0x5e, 0xb3, 0x3e, 0x34, 0x66, 0xda,
-      0xe2, 0xc2, 0xd4, 0x67, 0xfa, 0x92, 0xde, 0x1f, 0xaa, 0x12,
-      0x0b, 0xc9, 0xae, 0xc1, 0x2e, 0xf0, 0x5b, 0x4b, 0x0e, 0x93,
-      0xdf, 0xf2, 0xbd, 0x16, 0xf5, 0x58, 0x29, 0xdb, 0xdd, 0xcd,
-      0xef, 0x2f, 0xf3, 0x80, 0x21, 0xa4, 0xf0, 0xd3, 0x3d, 0xe4,
-      0x87, 0xf0, 0x47, 0x21, 0xab, 0x5c, 0x64, 0x2e, 0xd3, 0xa6,
-      0x9b, 0x95, 0x77, 0x74, 0x9b, 0x6a, 0x68, 0x41, 0x5a, 0x8d,
-      0x06, 0x65, 0xbc, 0x00, 0x3e, 0xf0, 0x2c, 0xce, 0x58, 0xee,
-      0xeb, 0xfd, 0xb8, 0xf4, 0xca, 0xb0, 0xf9, 0xee },
-    { 0x07, 0x26, 0x5b, 0x46, 0xc7, 0x3c, 0xf7, 0x8e, 0x71, 0xed,
-      0xcd, 0x9c, 0xa2, 0x05, 0x95, 0xa3, 0x5d, 0xed, 0xc2, 0x31,
-      0xeb, 0x12, 0x8b, 0xb6, 0x80, 0x7c, 0x22, 0xdf, 0xbf, 0x8e,
-      0xd5, 0x9c, 0xc8, 0x8f, 0xa8, 0x17, 0xfd, 0x0a, 0xe2, 0x8a,
-      0xdc, 0x0c, 0x7e, 0x57, 0x99, 0x74, 0x30, 0x2c, 0xaf, 0x86,
-      0xe3, 0x91, 0xed, 0x2a, 0xb5, 0x1a, 0xb9, 0x7a, 0xd5, 0xf9,
-      0x22, 0x4a, 0x47, 0x0f, 0xfa, 0xeb, 0x52, 0xef, 0x15, 0x60,
-      0x08, 0xb5, 0x52, 0x67, 0x07, 0x3f, 0x66, 0x34, 0x3d, 0x5a,
-      0x0d, 0x8f, 0x71, 0x7e, 0x3d, 0x3b, 0xb1, 0x8b, 0xfd, 0xb1,
-      0x67, 0x76, 0x30, 0x4a, 0xe4, 0xca, 0x1e, 0x5e, 0xc7, 0xb7,
-      0x0f, 0x39, 0x93, 0xc8, 0x55, 0x36, 0x8d, 0x10, 0xf2, 0xcf,
-      0x77, 0x13, 0x70, 0x3b, 0xde, 0x37, 0xd6, 0x4a, 0xd2, 0x54,
-      0x5c, 0x73, 0x71, 0x5f, 0xdf, 0x5c, 0x36, 0xf3 },
-    { 0x36, 0xc5, 0x75, 0x4b, 0x31, 0xd1, 0x49, 0x6c, 0x6e, 0x9d,
-      0x66, 0x7d, 0x0c, 0xc2, 0xf4, 0xbd, 0x8f, 0x47, 0x57, 0x5d,
-      0x06, 0x44, 0x08, 0x0e, 0xdd, 0x88, 0xde, 0xee, 0x7a, 0x0a,
-      0xc6, 0xe9, 0x6d, 0xcc, 0xa4, 0x9b, 0x49, 0xc1, 0x2a, 0xa2,
-      0xcd, 0x9c, 0x0c, 0x08, 0xad, 0xaf, 0x79, 0x6f, 0x33, 0x3f,
-      0x27, 0xd0, 0xf8, 0xa4, 0x3a, 0x97, 0x03, 0x89, 0xf3, 0x41,
-      0x3b, 0xd3, 0x43, 0x02, 0xf8, 0xad, 0xf7, 0x2f, 0x06, 0x95,
-      0x7b, 0x1f, 0xea, 0x39, 0x9c, 0xaa, 0x25, 0x57, 0x75, 0x3b,
-      0x55, 0xea, 0x0e, 0x3a, 0x69, 0x73, 0xb9, 0x5a, 0x0e, 0x0e,
-      0x1b, 0x1a, 0x52, 0x3c, 0x42, 0x8d, 0x23, 0x9e, 0xa8, 0xaa,
-      0x7a, 0x94, 0x3f, 0x3b, 0xaf, 0x82, 0x6d, 0xfa, 0x5b, 0x86,
-      0x0f, 0xc4, 0xc5, 0x9a, 0xaf, 0x89, 0xc4, 0x02, 0x77, 0x16,
-      0x73, 0xdd, 0x99, 0xf0, 0xbd, 0x66, 0x23, 0x2f },
-    { 0x06, 0xfb, 0xf8, 0x61, 0x19, 0x46, 0x94, 0x4e, 0xfc, 0x8a,
-      0x8a, 0xc9, 0xa2, 0x97, 0x5e, 0xb5, 0xa2, 0xdd, 0xad, 0xe5,
-      0xc1, 0x64, 0xd9, 0x4f, 0x40, 0xc0, 0x15, 0x32, 0xc9, 0x58,
-      0x22, 0xde, 0xc0, 0x78, 0x44, 0x94, 0xc4, 0x8a, 0xf5, 0xae,
-      0x3d, 0x67, 0x42, 0xe9, 0x6b, 0x0b, 0x17, 0x05, 0xa9, 0x4c,
-      0x3a, 0x40, 0x50, 0x51, 0x3d, 0xed, 0x6c, 0x49, 0x07, 0x5b,
-      0x37, 0xef, 0x67, 0x77, 0x1c, 0x09, 0xdf, 0xf3, 0xc4, 0x18,
-      0x00, 0xc5, 0x52, 0x97, 0xda, 0x6b, 0x4b, 0x23, 0xe4, 0xba,
-      0x1c, 0x18, 0xd0, 0xf7, 0xcd, 0x6d, 0xef, 0x49, 0xc9, 0x05,
-      0x46, 0x6a, 0x74, 0x0f, 0x8c, 0x79, 0x63, 0x39, 0x84, 0x4a,
-      0x80, 0x79, 0x97, 0x4e, 0x4b, 0x0e, 0xaf, 0x4e, 0x92, 0x1b,
-      0x80, 0x55, 0xa6, 0x99, 0x11, 0x22, 0x7e, 0x78, 0x9c, 0x4f,
-      0x91, 0x20, 0x04, 0x6e, 0xf3, 0x23, 0xd8, 0x4b },
-    { 0x5e, 0x9c, 0xa0, 0xfd, 0x1f, 0x0f, 0xa9, 0xea, 0x5e, 0x64,
-      0x29, 0x53, 0x04, 0xbb, 0x5a, 0xb1, 0x2a, 0x7d, 0x84, 0x11,
-      0xa0, 0x3e, 0x8f, 0x0e, 0xd9, 0xd1, 0x96, 0x53, 0xd9, 0x5e,
-      0xef, 0xa1, 0x83, 0x3d, 0x46, 0xa1, 0x36, 0x19, 0xcf, 0x4d,
-      0x96, 0xd2, 0xe9, 0x57, 0x9d, 0xa0, 0x79, 0x33, 0x7c, 0x88,
-      0xb1, 0x0b, 0x23, 0xd3, 0x43, 0x4e, 0xc9, 0x21, 0xe6, 0x9d,
-      0x95, 0x71, 0xae, 0x28, 0x42, 0x2c, 0x32, 0x6d, 0xf0, 0x66,
-      0x12, 0xa5, 0xe4, 0x0a, 0xbc, 0x9d, 0x5c, 0xbf, 0x6b, 0xf3,
-      0x4c, 0x5f, 0x2a, 0x2a, 0xfb, 0x65, 0xbd, 0x03, 0x98, 0x2b,
-      0x61, 0xf5, 0xb3, 0x0a, 0x1a, 0x23, 0x7b, 0xeb, 0x07, 0x1a,
-      0xe4, 0xd7, 0x41, 0x7c, 0x05, 0xfe, 0xf5, 0x9b, 0x0f, 0xde,
-      0xf8, 0xb9, 0xd8, 0x3b, 0x58, 0xc8, 0x1d, 0x04, 0x0f, 0xeb,
-      0x2d, 0x65, 0x33, 0x8e, 0x3f, 0x45, 0xaa, 0x97 },
-    { 0x94, 0x06, 0x22, 0xb3, 0xc6, 0x83, 0x6a, 0xf8, 0x8c, 0xc2,
-      0x04, 0x5b, 0x49, 0x95, 0x5f, 0x34, 0x69, 0xb1, 0xf1, 0xc7,
-      0x36, 0x24, 0x24, 0xa6, 0x75, 0xb3, 0x18, 0xdc, 0x76, 0x93,
-      0x69, 0x14, 0xd3, 0x39, 0x17, 0x17, 0x06, 0x4d, 0xdc, 0x77,
-      0xea, 0xcc, 0x55, 0x13, 0x65, 0x64, 0x78, 0xe3, 0x7b, 0xc9,
-      0x3a, 0x45, 0x03, 0xe3, 0xe0, 0x13, 0x7f, 0x16, 0x5f, 0xd3,
-      0xa8, 0xf9, 0xac, 0x8a, 0x6a, 0xdc, 0x4b, 0x9e, 0x1e, 0x84,
-      0x72, 0x8b, 0x26, 0xe3, 0x6f, 0xbe, 0x61, 0xf6, 0x4b, 0x56,
-      0xfc, 0x79, 0x56, 0x2c, 0xd4, 0x03, 0x4a, 0x9a, 0xc1, 0xfc,
-      0x9c, 0x7b, 0xc7, 0x58, 0xc6, 0xa3, 0xe9, 0x52, 0xdc, 0x2c,
-      0x0d, 0x17, 0x46, 0x7c, 0x65, 0xfb, 0x9e, 0xfc, 0xff, 0xdb,
-      0x0e, 0xb2, 0xe2, 0xda, 0x40, 0xbf, 0xe7, 0x8a, 0x95, 0xa2,
-      0x5b, 0xd5, 0x45, 0x71, 0x19, 0x7c, 0x5d, 0xc4 },
-    { 0x80, 0xbb, 0x16, 0x64, 0x78, 0x5b, 0xed, 0xb6, 0xb9, 0xf4,
-      0x98, 0x24, 0xbd, 0xe6, 0xbd, 0x71, 0xe2, 0xb4, 0x9c, 0x8c,
-      0xcf, 0xde, 0x33, 0x68, 0xd8, 0xa9, 0x98, 0xa4, 0xf1, 0x90,
-      0xa2, 0xc8, 0x2e, 0x0f, 0x86, 0x08, 0x3c, 0x23, 0xba, 0x9c,
-      0x1e, 0xf1, 0xea, 0x8a, 0x49, 0x7a, 0x40, 0xda, 0xaf, 0x3f,
-      0x5d, 0xe2, 0xce, 0xd2, 0xbf, 0x77, 0x69, 0xaa, 0x40, 0x75,
-      0xae, 0x9c, 0x44, 0xb2, 0x0f, 0x82, 0xb3, 0xa6, 0xad, 0x98,
-      0x02, 0xb6, 0x47, 0xe9, 0x7d, 0xa8, 0xf0, 0x16, 0x52, 0xa4,
-      0xde, 0x6d, 0x87, 0x54, 0x6f, 0xc8, 0x3b, 0x11, 0x05, 0x41,
-      0xaf, 0x9d, 0x3d, 0x26, 0x22, 0x46, 0xc6, 0x32, 0x1e, 0x0a,
-      0x67, 0x3e, 0x14, 0xa5, 0x8c, 0xf0, 0xc4, 0xd5, 0x5b, 0x97,
-      0xab, 0xd5, 0x3b, 0x29, 0x62, 0x5d, 0xd3, 0xf8, 0xf1, 0x15,
-      0x47, 0x10, 0xcc, 0xb7, 0x0d, 0x99, 0x79, 0x73 },
-    { 0x07, 0x7b, 0xa5, 0xea, 0x41, 0x21, 0x23, 0x50, 0xed, 0xfc,
-      0x15, 0x48, 0x63, 0xb8, 0x5a, 0x35, 0x95, 0x10, 0x79, 0x18,
-      0x11, 0x0c, 0x77, 0x9c, 0x96, 0x95, 0x98, 0xdd, 0xcc, 0x58,
-      0x00, 0x0b, 0x64, 0x97, 0x59, 0x63, 0xcb, 0x11, 0x8f, 0xf9,
-      0x79, 0xea, 0x49, 0xc2, 0x54, 0xe2, 0x9c, 0xdc, 0xcd, 0x65,
-      0xd2, 0x37, 0x1f, 0x20, 0xb3, 0x22, 0x7d, 0x5a, 0x6f, 0xf6,
-      0x54, 0xeb, 0x49, 0xff, 0x0b, 0x66, 0xd7, 0x89, 0x76, 0xf8,
-      0x2d, 0xbd, 0xb6, 0xba, 0x85, 0x00, 0x8b, 0xb4, 0xcb, 0x93,
-      0xc3, 0xbf, 0xd6, 0xa8, 0x3e, 0x70, 0x86, 0xfa, 0x2f, 0xb9,
-      0xe0, 0xc3, 0xa2, 0xa7, 0xba, 0x07, 0x9f, 0x15, 0x53, 0xde,
-      0x13, 0x3b, 0x23, 0x38, 0x46, 0x1e, 0x70, 0xcf, 0x87, 0x93,
-      0xb2, 0x73, 0x15, 0x5e, 0xe5, 0x61, 0xac, 0x5e, 0x68, 0x83,
-      0x05, 0xe5, 0x75, 0xfe, 0xfd, 0x14, 0x5c, 0xb5 },
-    { 0x6b, 0x20, 0x06, 0xdf, 0x45, 0x91, 0xa2, 0xe2, 0xba, 0xf7,
-      0x58, 0x1d, 0x9b, 0xc7, 0x7d, 0x21, 0x5b, 0x3c, 0x81, 0xb2,
-      0xf4, 0x73, 0x96, 0x53, 0x09, 0x01, 0x26, 0x5c, 0xaf, 0xf0,
-      0x75, 0x86, 0x81, 0x38, 0x99, 0x5a, 0x52, 0x35, 0x0e, 0x80,
-      0xc9, 0x31, 0x79, 0xbd, 0xd3, 0xf5, 0x5c, 0x07, 0xab, 0xe5,
-      0x23, 0x6e, 0x62, 0x99, 0xae, 0x7f, 0x2b, 0xe7, 0x02, 0x0d,
-      0x45, 0xad, 0x59, 0x20, 0x9d, 0x28, 0x6e, 0xa7, 0x2c, 0xda,
-      0xde, 0x77, 0xd5, 0x69, 0xaf, 0x36, 0x9a, 0xbf, 0x49, 0xee,
-      0xd4, 0x6e, 0xc7, 0xe5, 0xf4, 0x64, 0xe8, 0xb3, 0xbb, 0x1d,
-      0x31, 0xd1, 0x0e, 0x80, 0xc7, 0x60, 0x01, 0xdc, 0x1f, 0x98,
-      0x8a, 0x32, 0xf1, 0x0f, 0x19, 0x12, 0xed, 0xc5, 0x80, 0x6d,
-      0x02, 0x72, 0x43, 0x12, 0x14, 0x45, 0x05, 0x02, 0xa0, 0xab,
-      0x0b, 0x3a, 0x38, 0xd3, 0xcd, 0xd8, 0x6f, 0x61 },
-    { 0x53, 0x21, 0x7e, 0xa6, 0xbd, 0x26, 0xb5, 0x50, 0x85, 0x5b,
-      0x91, 0x1c, 0x66, 0x86, 0x8a, 0xfc, 0x84, 0x95, 0x40, 0xc0,
-      0x32, 0xc3, 0x8e, 0x83, 0x24, 0xd1, 0x16, 0xe6, 0x38, 0xd6,
-      0xb0, 0xa0, 0x26, 0x2a, 0x6f, 0xb8, 0xc9, 0x17, 0xb1, 0x6c,
-      0xd6, 0xc1, 0x2e, 0x10, 0x62, 0x57, 0x41, 0xa4, 0x5c, 0x8d,
-      0x7a, 0x75, 0x27, 0x55, 0xf8, 0x94, 0xb4, 0x76, 0xf4, 0x1e,
-      0x9d, 0xc1, 0x2c, 0xe9, 0x10, 0xd0, 0xcb, 0x97, 0x6f, 0xa8,
-      0xb7, 0x75, 0x70, 0xa9, 0xf4, 0x0c, 0x15, 0x31, 0xc0, 0x5a,
-      0x54, 0xf1, 0xa7, 0x01, 0x35, 0x7f, 0x67, 0x9e, 0x4f, 0x8a,
-      0x61, 0x84, 0xd2, 0x12, 0x5c, 0xaf, 0x84, 0x72, 0x8f, 0x25,
-      0x53, 0xd5, 0x12, 0x5e, 0xd5, 0x71, 0x8d, 0x33, 0x00, 0x0e,
-      0x7f, 0x99, 0x93, 0x1f, 0x53, 0x6a, 0x96, 0x2b, 0xb4, 0xfd,
-      0xb2, 0xfe, 0x50, 0xa8, 0x96, 0x5b, 0x1b, 0xc1 },
-    { 0x03, 0x86, 0x93, 0x1e, 0xd9, 0xad, 0xbe, 0xef, 0x64, 0xbd,
-      0x60, 0x01, 0x61, 0x83, 0x0a, 0xc2, 0xa0, 0x8d, 0x33, 0x79,
-      0xf9, 0x78, 0x1b, 0x12, 0x99, 0x89, 0x3d, 0xd0, 0xf2, 0xbd,
-      0x29, 0x5b, 0xf8, 0xe2, 0xd1, 0x73, 0x60, 0x44, 0xa9, 0xa6,
-      0xa9, 0xe0, 0x8d, 0xcb, 0x4a, 0x6d, 0x65, 0xa1, 0xc8, 0x1e,
-      0x01, 0xc9, 0xe9, 0xa0, 0x6f, 0x07, 0xa7, 0x27, 0xda, 0xcc,
-      0x35, 0xcc, 0x05, 0x2f, 0x0f, 0x93, 0x8d, 0x1e, 0x42, 0xce,
-      0x9e, 0xa8, 0xc4, 0xfa, 0xe9, 0xe8, 0xc3, 0xd4, 0xb1, 0xe1,
-      0xa0, 0x7a, 0x96, 0xb3, 0x41, 0xc8, 0x15, 0xef, 0x6d, 0xc3,
-      0xb8, 0x48, 0x38, 0x1a, 0x4f, 0xf7, 0xab, 0x7d, 0xaa, 0x2d,
-      0xe4, 0xa5, 0x43, 0x44, 0x96, 0x4e, 0xb8, 0x5e, 0xca, 0xcb,
-      0xd2, 0x6e, 0x96, 0x8d, 0xa9, 0xcb, 0xe6, 0x21, 0x14, 0x6c,
-      0xfc, 0x84, 0x04, 0x73, 0x25, 0x9f, 0x52, 0xb4 },
-    { 0x2c, 0xaa, 0xf7, 0x49, 0x15, 0x04, 0x1c, 0x20, 0x0e, 0x49,
-      0x67, 0xcd, 0xb4, 0xa8, 0x74, 0x8b, 0xcd, 0x3a, 0x21, 0xd6,
-      0xd5, 0x8c, 0x6d, 0xb8, 0x1b, 0xa0, 0x97, 0xfc, 0xb7, 0x66,
-      0x86, 0x3d, 0x81, 0xce, 0x36, 0xef, 0x8b, 0xbd, 0xcc, 0xb2,
-      0x45, 0x9e, 0x93, 0x67, 0xbf, 0x32, 0x0e, 0x0e, 0x82, 0x59,
-      0x68, 0x87, 0xe5, 0xef, 0x50, 0x2f, 0x67, 0x7e, 0xdc, 0x88,
-      0x29, 0x72, 0x72, 0x1a, 0x75, 0xba, 0xcd, 0x75, 0x0f, 0x9c,
-      0x6c, 0x40, 0x41, 0x86, 0x79, 0xfd, 0x49, 0xff, 0xf5, 0xc4,
-      0x55, 0xcb, 0xe7, 0x09, 0x03, 0x31, 0x6a, 0xd2, 0x35, 0x4f,
-      0xf4, 0x47, 0x11, 0x15, 0x94, 0xcd, 0x61, 0xca, 0x2e, 0x78,
-      0x69, 0x9c, 0xe4, 0xd6, 0x3b, 0xc2, 0x38, 0xcf, 0x53, 0x6e,
-      0xba, 0xed, 0xed, 0x9d, 0x2b, 0x67, 0xe3, 0x55, 0xbb, 0x07,
-      0xd0, 0xd7, 0xab, 0xb3, 0xd0, 0x98, 0x85, 0xa5 },
-    { 0x86, 0xd7, 0xf5, 0x32, 0x45, 0xfe, 0x3b, 0xd8, 0x65, 0xa1,
-      0xbb, 0xe2, 0x93, 0x50, 0x36, 0x1e, 0xc7, 0xc7, 0x1f, 0x3d,
-      0x09, 0xd8, 0xff, 0x91, 0x36, 0xe8, 0x86, 0xe2, 0x70, 0xb0,
-      0x55, 0x18, 0xb5, 0x6e, 0x45, 0xf1, 0xad, 0x50, 0xd9, 0xd9,
-      0x6b, 0xb5, 0xd5, 0x11, 0xc1, 0x8a, 0x2b, 0xe7, 0x65, 0x6a,
-      0x47, 0xca, 0x57, 0xd1, 0xa1, 0x70, 0x11, 0x72, 0x5d, 0x69,
-      0xab, 0xac, 0x96, 0xf9, 0x30, 0x2c, 0x8f, 0x78, 0xf5, 0x67,
-      0x23, 0xde, 0xb9, 0x09, 0xd2, 0x32, 0xd9, 0x25, 0xdc, 0xf2,
-      0x9c, 0xe8, 0xe6, 0x81, 0x2d, 0xf3, 0x1f, 0xa4, 0x6c, 0xa8,
-      0xb3, 0x20, 0x35, 0x6d, 0x39, 0x82, 0x48, 0xd0, 0xab, 0x75,
-      0x7a, 0xe5, 0xb7, 0x0b, 0x26, 0x8e, 0xd1, 0xa5, 0x78, 0x1a,
-      0x8c, 0x86, 0xb3, 0xe4, 0xea, 0x23, 0x22, 0x47, 0x15, 0x45,
-      0x44, 0xf9, 0x80, 0x06, 0x6e, 0xd2, 0x04, 0x24 },
-    { 0x68, 0x2a, 0x55, 0xe3, 0x86, 0xc0, 0xb4, 0xdd, 0x5a, 0x4c,
-      0x3c, 0x6f, 0xcb, 0xc1, 0xff, 0x85, 0x52, 0xc9, 0x4d, 0x0f,
-      0x7d, 0x83, 0x6c, 0x5a, 0x5f, 0xfe, 0x5f, 0x94, 0x3d, 0xb6,
-      0x08, 0x3c, 0x68, 0xee, 0xea, 0x62, 0xea, 0xe7, 0x5b, 0x16,
-      0x68, 0xa6, 0x76, 0xdb, 0x88, 0x37, 0xd5, 0x1d, 0x00, 0x7f,
-      0x3b, 0xaf, 0x24, 0x19, 0x8f, 0xd2, 0x4f, 0x5b, 0x45, 0x39,
-      0x6e, 0x2b, 0xd8, 0x11, 0x0f, 0xb2, 0x39, 0xa8, 0x57, 0x9b,
-      0xcc, 0x13, 0x36, 0x9f, 0x3b, 0xd9, 0x83, 0x55, 0xb0, 0x58,
-      0x58, 0x30, 0x06, 0x44, 0xfb, 0xea, 0x45, 0xb8, 0x4d, 0xa3,
-      0xb9, 0xdb, 0x88, 0x7e, 0xc6, 0x66, 0xd3, 0xe3, 0xac, 0x54,
-      0x90, 0x89, 0x8d, 0x1c, 0xfa, 0xe5, 0x0e, 0x52, 0x26, 0xcd,
-      0x01, 0xb4, 0xb6, 0x97, 0x50, 0x98, 0x8b, 0xc3, 0xd9, 0x13,
-      0x99, 0xf1, 0x6e, 0xb6, 0xb0, 0xbf, 0x71, 0x9a },
-    { 0x02, 0x22, 0x7f, 0xa6, 0xfe, 0xfe, 0x4d, 0xcd, 0x05, 0x4f,
-      0x25, 0x42, 0xe4, 0x0d, 0x39, 0x05, 0xd2, 0xcd, 0xf0, 0x1b,
-      0x76, 0x88, 0xd7, 0x0c, 0xdc, 0xec, 0xc3, 0xab, 0x7b, 0x4c,
-      0x7c, 0x91, 0xad, 0x73, 0x70, 0x52, 0xc6, 0xfd, 0xd7, 0xa6,
-      0x41, 0x5d, 0x46, 0xa0, 0x85, 0x2f, 0x76, 0x11, 0x2c, 0xc3,
-      0x0a, 0x31, 0xff, 0x4b, 0x04, 0x5c, 0x9b, 0xc7, 0xfd, 0x4f,
-      0x14, 0x52, 0xd0, 0xac, 0x6c, 0x44, 0x76, 0x84, 0x49, 0xcd,
-      0xc2, 0x1a, 0x15, 0x43, 0xf2, 0x7e, 0x23, 0x24, 0xa6, 0x8b,
-      0xc8, 0x99, 0x27, 0xe6, 0x8a, 0x87, 0x72, 0x27, 0x1b, 0x13,
-      0x34, 0x2f, 0x14, 0x29, 0x66, 0x29, 0x89, 0x0d, 0x39, 0x65,
-      0xec, 0xc3, 0xe5, 0xe7, 0xd6, 0xae, 0x0c, 0xc5, 0xb7, 0x5a,
-      0x46, 0xe3, 0x22, 0x76, 0x02, 0x6c, 0x34, 0xc7, 0x24, 0x5d,
-      0xc8, 0xf2, 0x35, 0xa4, 0x58, 0x74, 0x95, 0xaa },
-    { 0x54, 0x7e, 0x24, 0x9a, 0x29, 0x26, 0x97, 0x78, 0x44, 0x6e,
-      0x6a, 0x62, 0x15, 0xeb, 0xc7, 0xd0, 0x34, 0x27, 0xe5, 0x4d,
-      0x7d, 0xd3, 0x75, 0x78, 0x64, 0xfc, 0x55, 0xfc, 0x28, 0xff,
-      0xba, 0x81, 0x97, 0x1e, 0xb9, 0x15, 0xd5, 0xc4, 0xe8, 0x43,
-      0x5f, 0x37, 0x16, 0xdf, 0xe3, 0x42, 0x0e, 0xea, 0xf5, 0xa5,
-      0xc2, 0x2e, 0xbb, 0xc9, 0xf1, 0xa5, 0x64, 0xd1, 0x6e, 0x9f,
-      0x88, 0x11, 0x67, 0xf4, 0xb0, 0x21, 0xe1, 0x4e, 0x07, 0x10,
-      0xae, 0x9a, 0xbc, 0x1f, 0x27, 0x9d, 0x68, 0xfa, 0x4f, 0xce,
-      0x21, 0xc9, 0x55, 0xf9, 0x8e, 0x08, 0xcb, 0x04, 0x09, 0x59,
-      0xd0, 0x44, 0xb4, 0xcb, 0xec, 0xa0, 0x9d, 0x10, 0x90, 0xbf,
-      0x96, 0xf7, 0xc5, 0xe5, 0xcb, 0x12, 0x8e, 0x09, 0x4f, 0x2c,
-      0x8b, 0x22, 0x8e, 0xfe, 0xed, 0x46, 0xfd, 0xfd, 0x22, 0x5d,
-      0x18, 0x05, 0xef, 0xd9, 0xb7, 0x51, 0x94, 0x8b },
-    { 0x45, 0xa4, 0x1c, 0xc0, 0xd2, 0xb0, 0x8e, 0xea, 0xc4, 0x2d,
-      0xc7, 0x45, 0xbf, 0xe6, 0xc1, 0xeb, 0x1c, 0x68, 0x5c, 0xea,
-      0x3c, 0x61, 0x32, 0xe6, 0xfc, 0xeb, 0x5c, 0x90, 0x8b, 0xcb,
-      0x25, 0x05, 0x34, 0x79, 0xbe, 0xa1, 0xc2, 0x20, 0x21, 0x8b,
-      0x74, 0x75, 0xe0, 0xe8, 0x31, 0x91, 0xd4, 0xe3, 0xd2, 0x45,
-      0x65, 0x69, 0x79, 0x32, 0xa1, 0xf0, 0xe5, 0x7e, 0x4d, 0x29,
-      0x61, 0x6f, 0xde, 0xda, 0x7f, 0xfd, 0xdf, 0x84, 0x03, 0xdc,
-      0xf1, 0xce, 0xa0, 0xc5, 0xbb, 0x1d, 0xdd, 0xee, 0xc0, 0x25,
-      0x18, 0xc9, 0x9d, 0x83, 0xaa, 0x2f, 0x7d, 0x51, 0x3d, 0x2c,
-      0x09, 0xba, 0xf9, 0x34, 0x28, 0x23, 0x5b, 0x41, 0x27, 0xea,
-      0x9d, 0xe5, 0xe7, 0x0a, 0xf6, 0x51, 0x51, 0xe1, 0x0a, 0x63,
-      0xf3, 0xd8, 0xb4, 0xe6, 0xcd, 0xcc, 0x79, 0x55, 0xcf, 0x50,
-      0x47, 0x06, 0x86, 0x8a, 0xa1, 0xff, 0xda, 0x27 },
-    { 0x12, 0x87, 0x63, 0xc9, 0x42, 0xee, 0x40, 0xc8, 0xba, 0x85,
-      0x0a, 0xc9, 0xd0, 0x87, 0xda, 0x02, 0xa8, 0x4c, 0x06, 0xb6,
-      0xb6, 0xac, 0x2a, 0xf6, 0x36, 0x2d, 0x7a, 0x77, 0xd8, 0x8e,
-      0x69, 0x44, 0x2d, 0x32, 0x59, 0xd4, 0x8a, 0x0f, 0x29, 0x8c,
-      0x0f, 0x0b, 0xd9, 0xbd, 0x28, 0xff, 0xf6, 0xdd, 0x14, 0x56,
-      0x01, 0xed, 0x3d, 0x58, 0x9b, 0xea, 0xc8, 0x7b, 0xe1, 0xe4,
-      0x49, 0xdf, 0x78, 0x1e, 0x96, 0x32, 0x3d, 0x25, 0x24, 0x21,
-      0xe3, 0x75, 0xb2, 0xaf, 0xbd, 0xdc, 0x0d, 0xf3, 0x18, 0x4e,
-      0x93, 0xdf, 0x7d, 0xa4, 0x98, 0x4f, 0xd1, 0x1f, 0x2c, 0x9e,
-      0x4f, 0x52, 0xa2, 0x85, 0x74, 0x1a, 0x4f, 0x54, 0x12, 0xd2,
-      0xa9, 0xbe, 0xb1, 0x7e, 0xdc, 0x1e, 0xa7, 0x58, 0x5e, 0xeb,
-      0x4c, 0x66, 0x41, 0xff, 0x96, 0x2f, 0xa1, 0x7c, 0xf7, 0x0e,
-      0x3e, 0xa9, 0xb2, 0xc7, 0x4d, 0xbb, 0xf0, 0xe1 },
-    { 0x75, 0xe9, 0x6b, 0xcc, 0xfc, 0x4f, 0x74, 0xd2, 0x1e, 0x82,
-      0x04, 0xb7, 0x68, 0xbb, 0x63, 0x7f, 0x6a, 0x7e, 0x00, 0x67,
-      0xb4, 0x12, 0x6d, 0x72, 0x5e, 0x8c, 0xa1, 0xf9, 0xb2, 0x0f,
-      0xcd, 0x74, 0x7e, 0x8d, 0xa5, 0x13, 0x99, 0xb3, 0xa0, 0xeb,
-      0x21, 0x60, 0xcb, 0x18, 0xb1, 0x3e, 0xb7, 0x1b, 0x07, 0x36,
-      0x55, 0x61, 0xb1, 0xc9, 0x95, 0xf3, 0xb4, 0x76, 0x56, 0x5e,
-      0x03, 0x21, 0x81, 0x23, 0x3f, 0x1d, 0x8d, 0x88, 0xc1, 0xde,
-      0x7e, 0xbc, 0xfe, 0x9f, 0xda, 0x66, 0x8b, 0x88, 0x17, 0x52,
-      0x5b, 0x29, 0xd2, 0x13, 0x9a, 0x2e, 0x8e, 0x03, 0x7c, 0x75,
-      0xf5, 0xc4, 0xcb, 0x08, 0x85, 0x48, 0xb2, 0x11, 0x5d, 0xa3,
-      0x86, 0x61, 0x57, 0x67, 0xe9, 0x63, 0x1d, 0x14, 0x70, 0xfe,
-      0xde, 0xd2, 0x7c, 0xc2, 0x00, 0x44, 0x34, 0xb0, 0x8f, 0x6e,
-      0x29, 0xa8, 0x0f, 0x07, 0xac, 0xba, 0xc1, 0x78 },
-    { 0x30, 0x9a, 0x6e, 0x9a, 0xba, 0x26, 0x89, 0x49, 0xd8, 0x8f,
-      0x56, 0x6b, 0xa1, 0x6e, 0x52, 0x3d, 0x8a, 0x86, 0xf0, 0x9b,
-      0x5d, 0x6b, 0x81, 0x96, 0xae, 0xba, 0x4f, 0xe4, 0x8a, 0xe5,
-      0xb6, 0x87, 0xfe, 0x02, 0xf8, 0x3c, 0xb1, 0x48, 0x76, 0x27,
-      0x9c, 0x57, 0xb0, 0x29, 0xcf, 0x3d, 0xe4, 0x92, 0x98, 0x5e,
-      0xf8, 0xd2, 0x42, 0xd1, 0xd9, 0x92, 0xe8, 0x0b, 0x2e, 0x7a,
-      0xc1, 0x5b, 0x24, 0x89, 0xa7, 0x67, 0x26, 0x83, 0xea, 0x87,
-      0x6f, 0x48, 0x60, 0x08, 0x3b, 0xd8, 0x81, 0x50, 0x91, 0x29,
-      0xa9, 0x78, 0x88, 0x36, 0x4f, 0x53, 0xf5, 0x5f, 0x91, 0xd8,
-      0x5d, 0x46, 0x4d, 0x6f, 0xd5, 0xb7, 0x12, 0xb6, 0xbf, 0x83,
-      0x6c, 0x07, 0x15, 0x0f, 0x64, 0xa8, 0x46, 0xd1, 0xea, 0x98,
-      0x7d, 0x2a, 0xdf, 0x58, 0x50, 0x58, 0x7c, 0x38, 0x45, 0x25,
-      0x18, 0x9d, 0x1f, 0xdc, 0x0d, 0x19, 0x71, 0x6e },
-    { 0x04, 0x58, 0x25, 0x8a, 0xd7, 0x59, 0x37, 0x89, 0xee, 0xb3,
-      0x66, 0x53, 0x57, 0x69, 0xb2, 0x02, 0xe3, 0x59, 0x78, 0xfd,
-      0x71, 0x4f, 0xea, 0x55, 0xcf, 0x96, 0x73, 0xc7, 0x75, 0xd6,
-      0x8a, 0xc1, 0xd4, 0x2e, 0x87, 0x7f, 0xdb, 0x2a, 0x35, 0x8a,
-      0x92, 0x4d, 0xbe, 0x7d, 0x53, 0xbe, 0x7e, 0xfd, 0xd3, 0x1c,
-      0xcf, 0xd6, 0x21, 0xc2, 0xb6, 0x3d, 0x26, 0x7f, 0x8d, 0x8f,
-      0x8e, 0x1e, 0xee, 0x88, 0x0f, 0xbb, 0x17, 0x14, 0x1f, 0xa2,
-      0x64, 0xe8, 0xa1, 0x5b, 0x33, 0x62, 0xc4, 0x9d, 0x5c, 0xcb,
-      0xc5, 0x81, 0xef, 0x87, 0xeb, 0x90, 0x86, 0x81, 0xc0, 0xc3,
-      0xac, 0xdb, 0x75, 0x50, 0xed, 0x3a, 0x8f, 0xa1, 0x5a, 0x85,
-      0xbe, 0xd3, 0x6c, 0xc5, 0xcc, 0x7b, 0xeb, 0x01, 0x7f, 0xe0,
-      0x9f, 0x5c, 0x1a, 0x5f, 0xe7, 0x0f, 0xb8, 0xc5, 0x0c, 0x4d,
-      0xef, 0x27, 0xee, 0x50, 0xbd, 0xfb, 0xe9, 0x7a },
-    { 0x53, 0xf4, 0xa3, 0xe0, 0x95, 0xb7, 0x73, 0x58, 0xa2, 0xb8,
-      0x80, 0xe5, 0x6f, 0x86, 0xc0, 0x29, 0x00, 0x4b, 0x87, 0x57,
-      0xe4, 0x1f, 0xac, 0xc0, 0xba, 0xaf, 0x66, 0x3c, 0x96, 0xd1,
-      0x09, 0x91, 0x7f, 0x74, 0x91, 0x5b, 0x2e, 0x84, 0xec, 0x34,
-      0xbe, 0xe1, 0x48, 0x43, 0x4f, 0x02, 0x90, 0x4b, 0x83, 0xc8,
-      0xf6, 0xa6, 0xe7, 0xb6, 0xd8, 0x86, 0xc0, 0x89, 0x5b, 0xff,
-      0x39, 0x77, 0x7e, 0x00, 0xb3, 0x5f, 0xce, 0x26, 0xd6, 0xb3,
-      0xc7, 0x42, 0x98, 0xc0, 0x56, 0x58, 0x43, 0x34, 0x6b, 0x9c,
-      0xe0, 0xee, 0x85, 0x1d, 0xa3, 0x07, 0x67, 0xc3, 0xf5, 0x6a,
-      0x8d, 0xef, 0x0f, 0x0e, 0x6b, 0x5f, 0x28, 0x5d, 0x67, 0x45,
-      0xca, 0x2e, 0x89, 0x2e, 0x0e, 0x66, 0xcb, 0xa7, 0x0d, 0x2e,
-      0x66, 0x57, 0x2d, 0x40, 0x58, 0x57, 0x57, 0x79, 0xdf, 0xa2,
-      0x5d, 0xf7, 0x1a, 0x74, 0xa0, 0x42, 0xdb, 0xdf },
-    { 0x0a, 0x99, 0xe6, 0x53, 0xd7, 0x23, 0xd2, 0x36, 0xaa, 0xf9,
-      0x8d, 0x74, 0x69, 0x08, 0xd5, 0x63, 0x85, 0x01, 0x56, 0x2e,
-      0x30, 0x5e, 0x99, 0xf0, 0x13, 0xa3, 0xf1, 0x45, 0x51, 0xd9,
-      0x10, 0x73, 0x7c, 0x26, 0x4e, 0x6d, 0x48, 0x3e, 0xd8, 0x9a,
-      0x16, 0xe8, 0xd9, 0x89, 0x24, 0x9e, 0x26, 0xf2, 0xfe, 0xb8,
-      0xcc, 0xa0, 0xc4, 0x58, 0x45, 0xcf, 0x97, 0xc8, 0xdc, 0x0e,
-      0xfc, 0x1c, 0xb5, 0xb5, 0xd3, 0x59, 0x47, 0xf5, 0xf3, 0xa8,
-      0xf7, 0xf0, 0x38, 0xee, 0xc0, 0xcd, 0x28, 0x5d, 0xf2, 0xbf,
-      0x42, 0xaa, 0x1a, 0xb6, 0x2b, 0x77, 0xb7, 0xa9, 0xe2, 0x6d,
-      0x90, 0xb1, 0x76, 0x31, 0x91, 0x60, 0x7d, 0x2e, 0xfa, 0xea,
-      0x79, 0x75, 0x7c, 0xb6, 0xf0, 0x6b, 0xcb, 0xf8, 0xa0, 0xc1,
-      0xcb, 0x5a, 0xba, 0x60, 0xc5, 0x77, 0xaf, 0xab, 0x5a, 0xeb,
-      0x11, 0xbb, 0x08, 0xce, 0x89, 0xfc, 0x48, 0xe7 },
-    { 0x3a, 0x95, 0xcb, 0x45, 0x01, 0x0f, 0xcb, 0xc0, 0xb5, 0x95,
-      0xdb, 0xd1, 0x3e, 0xeb, 0xf7, 0xea, 0x96, 0x50, 0xfc, 0x31,
-      0x75, 0x32, 0x55, 0x48, 0x9f, 0x76, 0x87, 0x75, 0x33, 0x26,
-      0x39, 0xe7, 0xd9, 0x73, 0x43, 0xee, 0x83, 0x23, 0xdd, 0xfa,
-      0xfe, 0x20, 0x21, 0xe3, 0x42, 0x48, 0xe3, 0xd8, 0xc1, 0x26,
-      0xa9, 0x3a, 0x0d, 0x0e, 0x30, 0x63, 0xcf, 0x74, 0x72, 0x73,
-      0xf7, 0x84, 0x85, 0x23, 0xc5, 0xcd, 0x9a, 0xbe, 0x29, 0xb7,
-      0x4d, 0x9a, 0x9a, 0xd3, 0x18, 0x93, 0x8c, 0x17, 0x0a, 0x36,
-      0xa6, 0xf2, 0xdf, 0x8b, 0x46, 0x65, 0x52, 0xdb, 0xc6, 0x0f,
-      0xf5, 0x7a, 0xab, 0x79, 0x3a, 0x2d, 0x61, 0x25, 0x4b, 0xe1,
-      0x13, 0x78, 0xe9, 0x07, 0x22, 0x9f, 0xd2, 0x29, 0x0c, 0x16,
-      0x81, 0xb5, 0xc1, 0x63, 0x06, 0x7b, 0x9a, 0xa1, 0xa1, 0x60,
-      0x23, 0x53, 0x6f, 0x46, 0xab, 0xbc, 0x05, 0x59 },
-    { 0x36, 0x6d, 0x22, 0x2e, 0x03, 0x0b, 0x72, 0x45, 0x5d, 0x71,
-      0x3c, 0x1d, 0xda, 0xd6, 0x72, 0xc3, 0x93, 0x59, 0x7f, 0x66,
-      0x32, 0x97, 0x84, 0xf1, 0x48, 0x5b, 0xb4, 0x36, 0xcd, 0xba,
-      0x93, 0xda, 0x01, 0x70, 0x2d, 0xc1, 0x47, 0x44, 0xae, 0xe6,
-      0xa5, 0xfb, 0x63, 0x9b, 0x41, 0xcc, 0xab, 0xa3, 0x2a, 0x2f,
-      0xa3, 0xa0, 0x24, 0x53, 0x2a, 0xb3, 0x01, 0x57, 0xca, 0xa4,
-      0x8c, 0xd0, 0x92, 0xda, 0xf0, 0x07, 0x7c, 0xdb, 0xd2, 0x7e,
-      0x64, 0xdb, 0x54, 0x5d, 0x09, 0x25, 0x51, 0x86, 0xd2, 0x18,
-      0x1a, 0x5b, 0xc3, 0xc3, 0xa6, 0x90, 0x2b, 0xda, 0x0c, 0x57,
-      0x98, 0xab, 0x32, 0xcd, 0x08, 0xd2, 0x79, 0x65, 0xc0, 0xb0,
-      0x91, 0xca, 0xd8, 0xce, 0x02, 0xa9, 0x2c, 0x77, 0x71, 0x69,
-      0x43, 0x8a, 0x8d, 0xd1, 0xcb, 0x4b, 0xc1, 0xd5, 0xc4, 0x8f,
-      0x95, 0x4e, 0x68, 0xcb, 0x39, 0xd7, 0xff, 0x2e },
-    { 0x90, 0x72, 0xba, 0x99, 0x79, 0xde, 0xfd, 0x25, 0x17, 0x3d,
-      0xcc, 0xd2, 0x06, 0x61, 0xbf, 0xda, 0x44, 0x28, 0x71, 0x53,
-      0xd3, 0x08, 0x93, 0xfd, 0x4b, 0xb7, 0x6e, 0x73, 0xe5, 0x93,
-      0x2b, 0x7e, 0x05, 0x5e, 0xa6, 0xdd, 0xad, 0xf1, 0xb3, 0x68,
-      0x43, 0x40, 0x8d, 0xe1, 0x5f, 0x97, 0x1b, 0x8e, 0x4e, 0x8b,
-      0x31, 0x45, 0xdd, 0x2f, 0x17, 0x59, 0x98, 0xed, 0x14, 0x99,
-      0x2b, 0x8a, 0x78, 0xd8, 0x6d, 0xc5, 0xfe, 0xe7, 0x3f, 0x48,
-      0xca, 0x07, 0x66, 0x92, 0x71, 0x2c, 0x7b, 0x5a, 0xd0, 0x7d,
-      0xae, 0x14, 0x11, 0x47, 0xd3, 0x2a, 0xcd, 0x21, 0x0b, 0x8e,
-      0xbf, 0x05, 0xa5, 0x38, 0xbf, 0x49, 0x72, 0x2a, 0x80, 0xa5,
-      0xcf, 0x11, 0x44, 0x60, 0x7b, 0x53, 0xfa, 0x65, 0x7a, 0x1a,
-      0x03, 0x10, 0x0f, 0xce, 0x40, 0x1b, 0xa9, 0x0d, 0xa4, 0x4d,
-      0xd5, 0x0b, 0x48, 0x75, 0x57, 0x3e, 0xa5, 0xb2 },
-    { 0x8d, 0x92, 0xc6, 0xbd, 0x35, 0x54, 0x6c, 0x29, 0x26, 0xac,
-      0x96, 0x52, 0x43, 0x9d, 0x16, 0x54, 0x7e, 0x8f, 0x23, 0xd9,
-      0xb6, 0xa8, 0x8f, 0x46, 0x7e, 0x60, 0x8d, 0x97, 0x7d, 0x6c,
-      0x02, 0xee, 0x4d, 0x81, 0x5a, 0x40, 0x7f, 0x0f, 0x15, 0x3f,
-      0x6b, 0x19, 0xbe, 0xa9, 0x35, 0xe1, 0x1b, 0xda, 0x33, 0xb2,
-      0x88, 0x6d, 0x6b, 0x87, 0x1f, 0x8d, 0x56, 0x17, 0x1e, 0xcf,
-      0xb0, 0xa0, 0xf5, 0x92, 0x6a, 0xe0, 0xe2, 0x2b, 0xfb, 0xdf,
-      0xa5, 0xba, 0xea, 0x3e, 0x8a, 0xc6, 0x8a, 0xd1, 0x22, 0x42,
-      0xa6, 0xe4, 0xc9, 0x87, 0x72, 0x9c, 0x09, 0xe3, 0x4e, 0xd0,
-      0x72, 0xb3, 0x8f, 0x0e, 0xc9, 0xb3, 0x6a, 0x38, 0x28, 0x6f,
-      0x3f, 0x3d, 0xf1, 0xd5, 0x0b, 0x0e, 0x8b, 0xb1, 0xcd, 0x3a,
-      0x9c, 0x43, 0xfb, 0xf1, 0x64, 0x9f, 0xc8, 0x31, 0xce, 0xe8,
-      0x47, 0x4d, 0xe4, 0xdd, 0x96, 0x20, 0xea, 0x39 },
-    { 0x4e, 0x4b, 0xec, 0x17, 0x5c, 0x1a, 0xe5, 0xc0, 0x8d, 0x43,
-      0xd8, 0x98, 0x8d, 0xd8, 0x27, 0xea, 0xf8, 0x05, 0x39, 0x6c,
-      0x29, 0x05, 0x3e, 0xf5, 0x30, 0xaa, 0x52, 0xb1, 0xcb, 0xbb,
-      0x54, 0x70, 0xa8, 0x8f, 0xda, 0xbf, 0x78, 0x88, 0x4c, 0x25,
-      0x54, 0xbf, 0x9d, 0xe1, 0x53, 0xbd, 0xe6, 0x3d, 0xbe, 0x6a,
-      0x50, 0x2b, 0x81, 0xf9, 0x0b, 0xdc, 0x97, 0xad, 0xec, 0x2d,
-      0xf0, 0xa6, 0x21, 0xb0, 0xab, 0xcc, 0x81, 0x5a, 0xfa, 0x57,
-      0xae, 0x0a, 0x91, 0x6a, 0x77, 0x9c, 0xbd, 0xa0, 0xb9, 0x47,
-      0x87, 0x4e, 0xe8, 0x40, 0xf9, 0x3f, 0x58, 0x1c, 0x12, 0x45,
-      0xad, 0xbc, 0x43, 0x5c, 0xfe, 0xe1, 0x9e, 0xce, 0x2e, 0x1f,
-      0x1c, 0xd4, 0x4b, 0xc3, 0x57, 0xd1, 0xb2, 0x26, 0xde, 0x80,
-      0x84, 0x99, 0xfb, 0xe3, 0x52, 0x54, 0x3e, 0x0e, 0x42, 0xf8,
-      0xb3, 0xe0, 0xd7, 0xce, 0xab, 0xeb, 0x0f, 0xf7 },
-    { 0x7a, 0x4a, 0xa3, 0xf5, 0x6f, 0x9d, 0xed, 0x24, 0x72, 0xe6,
-      0x7d, 0x1a, 0xb4, 0x87, 0x76, 0x77, 0x64, 0x7e, 0x3d, 0x28,
-      0xec, 0x7e, 0x81, 0xa2, 0x02, 0xb9, 0x4c, 0xb3, 0x32, 0x92,
-      0x81, 0x3a, 0x44, 0x9c, 0x20, 0xa5, 0x98, 0xf5, 0x08, 0xa8,
-      0xa9, 0xc8, 0x08, 0x00, 0xec, 0x2c, 0x63, 0xfe, 0x2c, 0x0e,
-      0x8f, 0x30, 0xff, 0x56, 0xa9, 0xa1, 0xa6, 0xdc, 0xe0, 0x67,
-      0xb4, 0xe8, 0x33, 0xa5, 0x0b, 0xd4, 0xbc, 0x6b, 0xd4, 0xfd,
-      0x13, 0x5e, 0x47, 0x70, 0x45, 0x81, 0xb9, 0x0a, 0xf0, 0xb5,
-      0x8d, 0x1b, 0x95, 0xd0, 0x9e, 0xd7, 0x46, 0xf0, 0x64, 0x4b,
-      0xba, 0x98, 0x16, 0xe3, 0x51, 0x58, 0xe7, 0x91, 0x5f, 0xd2,
-      0x84, 0x3f, 0xe7, 0xd8, 0xa6, 0x85, 0x2e, 0xf3, 0xd7, 0x02,
-      0xa5, 0xdd, 0x45, 0x7c, 0x4a, 0x3f, 0x19, 0xea, 0x9a, 0x94,
-      0xbf, 0x84, 0x83, 0xa2, 0xfc, 0xc0, 0x96, 0x76 },
-    { 0x60, 0x28, 0x2a, 0x7b, 0xf7, 0xf0, 0xad, 0xe1, 0x0c, 0xbd,
-      0x7d, 0xc8, 0xc0, 0xa2, 0x69, 0xc5, 0xdc, 0x9d, 0xfa, 0x4f,
-      0xb4, 0x1a, 0xb5, 0xdf, 0x48, 0xfc, 0xeb, 0xde, 0x9f, 0xd0,
-      0x9d, 0xf8, 0x15, 0x99, 0x2f, 0xb4, 0x28, 0xd6, 0x9b, 0x12,
-      0x38, 0xe0, 0xbf, 0x42, 0x1a, 0x19, 0x27, 0x4f, 0xc1, 0xee,
-      0xb3, 0xf3, 0xa9, 0xd3, 0xfe, 0x55, 0x67, 0xdc, 0xa1, 0x9d,
-      0xcd, 0xce, 0x38, 0x1e, 0x77, 0x5d, 0xce, 0x9d, 0xb0, 0x51,
-      0x2e, 0xa6, 0x96, 0xcc, 0x64, 0x0f, 0xcd, 0x3f, 0x4b, 0xb7,
-      0x74, 0xf8, 0xfe, 0xe0, 0x34, 0xa2, 0xc8, 0x3b, 0x5a, 0xc6,
-      0x81, 0x32, 0xaf, 0xfa, 0x1f, 0xcf, 0x97, 0x54, 0x4f, 0xc5,
-      0x9b, 0x3f, 0x9c, 0x54, 0x23, 0xa4, 0x78, 0xe4, 0x39, 0xcf,
-      0x8d, 0x24, 0xdc, 0x81, 0x2d, 0x4f, 0xb2, 0x42, 0xcb, 0x50,
-      0x55, 0x9e, 0xf1, 0xba, 0xe2, 0x7a, 0x00, 0x45 },
-    { 0x5f, 0x4a, 0xe9, 0xc7, 0x23, 0xc6, 0xb9, 0x42, 0x3f, 0xd2,
-      0x86, 0xd9, 0x4a, 0x5f, 0xbe, 0x70, 0xe4, 0x7a, 0x75, 0x39,
-      0x68, 0xcc, 0x39, 0xed, 0x2d, 0x6a, 0x40, 0x7d, 0xfb, 0xc5,
-      0xc3, 0x72, 0x55, 0x50, 0xf7, 0xac, 0xd8, 0xc7, 0x3a, 0x43,
-      0xe9, 0x01, 0x66, 0xd0, 0x0f, 0xa5, 0x16, 0xae, 0x5f, 0xb7,
-      0x42, 0xf9, 0x19, 0x01, 0x91, 0x38, 0xc3, 0x0b, 0x71, 0x4e,
-      0x16, 0xfe, 0x46, 0x6a, 0xf1, 0xe8, 0x2f, 0xfe, 0x00, 0x86,
-      0x9b, 0xcd, 0x38, 0x69, 0x2c, 0xa8, 0x2c, 0xad, 0x14, 0x40,
-      0x4c, 0x99, 0xf2, 0x58, 0x91, 0xa7, 0xb6, 0x42, 0xc6, 0x3a,
-      0x34, 0x17, 0xb5, 0xe6, 0xb4, 0x05, 0xf2, 0x1b, 0x69, 0xfb,
-      0xc7, 0x77, 0x6a, 0x10, 0x67, 0x68, 0x28, 0xf9, 0x4f, 0x1f,
-      0x65, 0x16, 0x38, 0xa3, 0x22, 0xc8, 0x3c, 0x42, 0x06, 0x1d,
-      0x7c, 0x07, 0xe5, 0x38, 0xdc, 0xee, 0xa2, 0xe7 },
-    { 0x92, 0xa0, 0x14, 0x23, 0xdc, 0x46, 0xaf, 0xd2, 0x9c, 0xd3,
-      0xe2, 0x91, 0x40, 0x1a, 0xa5, 0x03, 0x93, 0x9a, 0x7f, 0x26,
-      0xac, 0xa4, 0xaa, 0x80, 0x2f, 0x64, 0xce, 0x73, 0x51, 0x0e,
-      0x4d, 0x9c, 0xa2, 0x35, 0x27, 0x35, 0x2f, 0x27, 0x52, 0xaf,
-      0xf5, 0xb3, 0xb4, 0xc6, 0xc9, 0x01, 0x42, 0x0c, 0x32, 0xee,
-      0x98, 0xd4, 0x15, 0x66, 0x1c, 0x2d, 0x88, 0xb3, 0x46, 0x49,
-      0x6b, 0x73, 0x66, 0xa9, 0xbb, 0xca, 0xdb, 0x87, 0x7a, 0x68,
-      0xfc, 0x0a, 0xa4, 0xbc, 0xa8, 0x6e, 0xa8, 0x65, 0x88, 0x17,
-      0xb9, 0x8c, 0x47, 0x1e, 0xf9, 0xe5, 0xee, 0x02, 0xc4, 0x15,
-      0x1b, 0x0a, 0xa3, 0x76, 0x61, 0xb3, 0x25, 0x48, 0x8a, 0x0d,
-      0x9f, 0x21, 0x95, 0xea, 0x44, 0x9a, 0x01, 0xfb, 0xfd, 0xd4,
-      0xb0, 0x51, 0x28, 0x6d, 0x45, 0xd0, 0x16, 0xda, 0x19, 0x92,
-      0xd9, 0x6a, 0x2d, 0xda, 0x53, 0xf4, 0xd5, 0x61 },
-    { 0x0f, 0xc8, 0xfe, 0x1e, 0xaa, 0x88, 0xcb, 0x9b, 0x90, 0x74,
-      0x87, 0x06, 0x16, 0x1c, 0x51, 0x5b, 0x6f, 0x2c, 0x42, 0x8b,
-      0x89, 0x60, 0x95, 0x7e, 0xf9, 0x60, 0xb5, 0xb9, 0x94, 0x06,
-      0xc3, 0xbd, 0x86, 0xdc, 0x2b, 0xa3, 0xe4, 0x88, 0x78, 0x9e,
-      0x9c, 0xa1, 0x9a, 0x43, 0xd9, 0x9b, 0x08, 0x57, 0x2a, 0x22,
-      0x62, 0x63, 0x16, 0xa4, 0xc8, 0x7e, 0x04, 0x57, 0x9f, 0x2c,
-      0xac, 0xb5, 0xe4, 0x6e, 0x9f, 0x62, 0x30, 0xd7, 0x74, 0x24,
-      0x01, 0x95, 0x82, 0x3f, 0xee, 0x7a, 0x82, 0x56, 0x6a, 0xbd,
-      0x27, 0x4d, 0xd8, 0x5e, 0x05, 0x8d, 0x90, 0xbd, 0xe8, 0x7f,
-      0x7d, 0x01, 0x7a, 0x67, 0x56, 0xfb, 0x9a, 0xb7, 0x13, 0xe2,
-      0x48, 0x14, 0x19, 0x41, 0x96, 0x3e, 0x25, 0xbb, 0x86, 0x48,
-      0xf1, 0x28, 0xda, 0x8c, 0x90, 0x0f, 0xb7, 0xd5, 0x27, 0xfa,
-      0xe9, 0xf2, 0x4b, 0xe1, 0x1c, 0x2f, 0x7d, 0xbd },
-    { 0x2d, 0x0b, 0xa8, 0x62, 0xdf, 0xd3, 0x78, 0x9f, 0x3c, 0x95,
-      0x4d, 0x86, 0xd9, 0x98, 0x92, 0xdd, 0x39, 0x28, 0x5e, 0x51,
-      0x5d, 0xc6, 0xdc, 0xbe, 0x3a, 0xd2, 0x75, 0x30, 0x5e, 0x88,
-      0x74, 0xc5, 0xc6, 0xcc, 0xf5, 0xce, 0x70, 0x1a, 0xfb, 0xf3,
-      0x2b, 0x3f, 0x1d, 0xab, 0xa2, 0xc4, 0xb1, 0x60, 0x95, 0xe8,
-      0xf4, 0x6e, 0x78, 0xc1, 0x31, 0x8f, 0xe1, 0x50, 0xb6, 0xb4,
-      0x2b, 0xf3, 0x29, 0x41, 0xdf, 0x36, 0x7c, 0x75, 0x1d, 0x89,
-      0x83, 0x7e, 0xb1, 0x39, 0x1e, 0x70, 0xc8, 0x60, 0xf3, 0xff,
-      0xc2, 0x64, 0x86, 0x8e, 0x16, 0x2c, 0xab, 0x31, 0xbd, 0x7e,
-      0xa7, 0x03, 0x5e, 0x6f, 0x75, 0x29, 0x35, 0x4c, 0x24, 0x10,
-      0xf8, 0xbe, 0x75, 0xc2, 0x2b, 0xe6, 0x2f, 0x9c, 0xf6, 0x4e,
-      0x96, 0x35, 0xf3, 0x93, 0xbb, 0x3c, 0xa4, 0x8b, 0x15, 0x59,
-      0x68, 0xae, 0x1b, 0xed, 0xfe, 0xb9, 0x0f, 0x2d },
-    { 0x96, 0x3c, 0x87, 0x12, 0x4d, 0x41, 0xdb, 0xfc, 0xcc, 0xf6,
-      0x4c, 0x75, 0x48, 0xa3, 0x76, 0xda, 0x70, 0x53, 0x75, 0xa4,
-      0x09, 0xb6, 0x23, 0x5b, 0x0d, 0x12, 0x9f, 0x4a, 0x89, 0x49,
-      0x76, 0x81, 0x26, 0x4c, 0xf1, 0xf9, 0xe2, 0x3c, 0xfb, 0xb7,
-      0x7b, 0xe7, 0xee, 0xca, 0xa9, 0x33, 0xae, 0x7a, 0x5d, 0x3e,
-      0x36, 0x7f, 0xb7, 0xf7, 0x0d, 0x81, 0xb9, 0x77, 0x17, 0x55,
-      0x92, 0xa5, 0xed, 0x54, 0xc1, 0xd2, 0x8c, 0x9f, 0xd5, 0x35,
-      0x4d, 0x69, 0xee, 0x33, 0x4d, 0xa1, 0xd1, 0x36, 0x67, 0x77,
-      0x5e, 0xb0, 0x92, 0x5e, 0x9a, 0x81, 0xe5, 0x1e, 0xa9, 0x35,
-      0x3d, 0xde, 0xa4, 0xee, 0x2f, 0x39, 0xfc, 0xcd, 0x60, 0xd7,
-      0xfe, 0x6f, 0xc7, 0x06, 0x9b, 0x52, 0x0b, 0xf8, 0xd0, 0xd9,
-      0x3f, 0xbd, 0xeb, 0x35, 0x4e, 0xae, 0xb7, 0x6a, 0xbb, 0xcc,
-      0xea, 0xcd, 0x8e, 0xe8, 0xb4, 0x72, 0xe1, 0xaf },
-    { 0x2d, 0x03, 0xeb, 0x3c, 0xff, 0x55, 0xd7, 0xbd, 0x17, 0x51,
-      0xfb, 0xad, 0xa8, 0xce, 0xc7, 0xef, 0xb2, 0x96, 0xbe, 0x59,
-      0x5d, 0x57, 0xbe, 0xac, 0x71, 0xda, 0x4f, 0xfa, 0x4e, 0x00,
-      0xc0, 0xc0, 0x9d, 0x8f, 0xbb, 0x9e, 0x2e, 0xcf, 0x3c, 0x63,
-      0x3e, 0xb6, 0x63, 0x0a, 0xee, 0xee, 0x42, 0x15, 0xfb, 0x9e,
-      0x02, 0x84, 0xe3, 0xe6, 0x96, 0xbb, 0x53, 0xe8, 0xbd, 0xf9,
-      0x43, 0xad, 0x74, 0x9c, 0xff, 0xca, 0x86, 0xaf, 0xf8, 0x48,
-      0xc1, 0x06, 0xd0, 0xa2, 0x5d, 0x9a, 0xd8, 0x0a, 0x7f, 0x60,
-      0x85, 0x6a, 0xff, 0x17, 0xbb, 0x51, 0x91, 0x1e, 0x43, 0x4d,
-      0x76, 0x51, 0x90, 0x29, 0xec, 0x72, 0x0a, 0x7d, 0x19, 0xfd,
-      0x29, 0x72, 0x0c, 0xea, 0x0e, 0xba, 0xd8, 0x67, 0xf7, 0x7f,
-      0xe0, 0xe1, 0x9b, 0xdb, 0x01, 0x95, 0x73, 0x3b, 0x12, 0xb5,
-      0xba, 0xe2, 0x90, 0xcb, 0xde, 0x36, 0xa8, 0x14 },
-    { 0x84, 0x2e, 0x40, 0xc1, 0xc5, 0x4b, 0xac, 0xd9, 0xa3, 0xca,
-      0x8d, 0x24, 0xa7, 0xcf, 0x61, 0xb7, 0xc2, 0x4f, 0x8a, 0x79,
-      0x3e, 0xe6, 0xb7, 0xa7, 0xd9, 0x09, 0x32, 0x1b, 0x66, 0x37,
-      0x82, 0x6b, 0xb9, 0x43, 0x85, 0xa2, 0x63, 0xef, 0xcd, 0x37,
-      0x2d, 0x44, 0xc7, 0x37, 0xec, 0x2e, 0xe4, 0x11, 0x62, 0x69,
-      0x84, 0xfe, 0xed, 0x21, 0x9b, 0x6c, 0x88, 0x9e, 0xe7, 0x71,
-      0xf7, 0x55, 0xba, 0x6e, 0x88, 0x9f, 0x9b, 0xd7, 0x6b, 0xd7,
-      0x33, 0x5e, 0xf3, 0xc4, 0x46, 0x0f, 0x13, 0xb0, 0xf3, 0xe3,
-      0x6f, 0x14, 0xef, 0xb5, 0x5e, 0xe8, 0xed, 0x23, 0xc2, 0x82,
-      0x72, 0xb3, 0x8c, 0xb9, 0x5d, 0x5b, 0x89, 0x1d, 0xf4, 0x4b,
-      0x3f, 0x71, 0x03, 0x5b, 0x44, 0x2d, 0xf6, 0x04, 0xaa, 0xd9,
-      0xd9, 0xe0, 0xa8, 0x78, 0xf2, 0x76, 0x0d, 0x14, 0x7e, 0xe2,
-      0xeb, 0x16, 0x92, 0x5f, 0x04, 0xf2, 0xec, 0x1d },
-    { 0x0e, 0x63, 0x31, 0x9a, 0xca, 0xc9, 0x13, 0x28, 0xa5, 0x96,
-      0xb7, 0xcb, 0xbc, 0x31, 0xfe, 0x6c, 0x2d, 0x52, 0x66, 0xac,
-      0x51, 0x28, 0xfc, 0x09, 0x77, 0x73, 0xc2, 0xa5, 0x62, 0x23,
-      0xd0, 0x93, 0xcc, 0x6a, 0xe2, 0x97, 0x28, 0x5a, 0x40, 0x9f,
-      0xd5, 0x96, 0x48, 0x14, 0x0d, 0x93, 0x32, 0xd2, 0x8c, 0xaf,
-      0x6d, 0x9a, 0xcc, 0x87, 0x97, 0xcc, 0xb7, 0xf4, 0xcb, 0x08,
-      0xe3, 0x07, 0x75, 0x13, 0xac, 0x52, 0x76, 0xc1, 0xdd, 0xe4,
-      0x55, 0x06, 0xc5, 0x54, 0xec, 0x0a, 0xca, 0x5f, 0xca, 0x2f,
-      0x82, 0x7f, 0x82, 0xca, 0x1e, 0xfe, 0x42, 0xd0, 0xbd, 0xac,
-      0x5b, 0xf6, 0x57, 0xb2, 0xe2, 0x80, 0x69, 0x0d, 0xec, 0xb4,
-      0xc6, 0x69, 0x59, 0x67, 0x16, 0xe6, 0xfe, 0xd1, 0x13, 0x11,
-      0xe1, 0x77, 0x02, 0x32, 0x8c, 0xca, 0x4f, 0x5b, 0x30, 0xcd,
-      0x5a, 0x26, 0x8e, 0xd6, 0xa6, 0x61, 0xd8, 0x43 },
-    { 0x88, 0x83, 0x9d, 0xa2, 0x18, 0x72, 0x70, 0x5a, 0x49, 0x39,
-      0xec, 0xef, 0x28, 0xe1, 0xa7, 0xc2, 0x0b, 0x7a, 0x9d, 0x51,
-      0xff, 0xa5, 0xa3, 0x5b, 0x27, 0xa5, 0xa2, 0x22, 0xff, 0x83,
-      0x89, 0xe2, 0xb0, 0x73, 0xbc, 0x04, 0xb3, 0xab, 0xaf, 0x32,
-      0x90, 0xf3, 0x80, 0x18, 0x9b, 0x4c, 0xe3, 0xb6, 0x93, 0x4d,
-      0xef, 0xa4, 0x9c, 0x22, 0xa0, 0x06, 0xb4, 0x15, 0x28, 0xb5,
-      0x9b, 0x7b, 0x42, 0xd5, 0x5b, 0x1a, 0x3d, 0xb5, 0x69, 0xd3,
-      0xe6, 0xa1, 0xe3, 0x65, 0x9c, 0x29, 0x0b, 0xfc, 0xc7, 0xf5,
-      0x03, 0x79, 0xa9, 0x6b, 0x3f, 0xcc, 0xc5, 0x2d, 0x3d, 0xfc,
-      0xf1, 0xb8, 0x52, 0x6c, 0x07, 0x0e, 0x9d, 0x5f, 0xa3, 0x8d,
-      0xaa, 0x9a, 0xc5, 0x54, 0x82, 0xc6, 0xcf, 0x10, 0xe2, 0x5b,
-      0x9b, 0x14, 0x86, 0xb6, 0x60, 0xde, 0x28, 0x5e, 0x60, 0x5a,
-      0xb5, 0xcd, 0x2f, 0xad, 0xf0, 0x36, 0x0a, 0xc2 },
-    { 0x64, 0x12, 0x8c, 0xfe, 0xa1, 0xf5, 0x0c, 0x26, 0xfc, 0x59,
-      0xcc, 0xa7, 0x1d, 0x2e, 0x21, 0xc9, 0x39, 0xd0, 0xa5, 0x1d,
-      0x44, 0x15, 0xc3, 0x69, 0xf3, 0x7f, 0xb2, 0xeb, 0xdb, 0x68,
-      0x1b, 0x90, 0x35, 0x79, 0x1b, 0x90, 0xe9, 0xea, 0xef, 0x52,
-      0x8f, 0x88, 0xb1, 0xdb, 0xb0, 0x52, 0x19, 0x0b, 0x1f, 0xaa,
-      0x36, 0xb9, 0x6f, 0xc0, 0x51, 0x80, 0x42, 0x94, 0xf4, 0xf7,
-      0x35, 0x5b, 0x67, 0x76, 0xc9, 0x34, 0xdb, 0x47, 0x0e, 0x72,
-      0x73, 0xef, 0x21, 0x7f, 0x27, 0x57, 0x30, 0x00, 0xe9, 0xac,
-      0xf5, 0xcc, 0xa6, 0x4a, 0xdd, 0x20, 0x38, 0x5a, 0xe7, 0x26,
-      0x9c, 0x86, 0xfa, 0x2e, 0xe3, 0xca, 0xfe, 0xe5, 0x71, 0xe6,
-      0x37, 0x3e, 0x3d, 0x13, 0xd4, 0xda, 0xfc, 0x0c, 0x10, 0x5f,
-      0x9f, 0x21, 0x3a, 0xca, 0xf1, 0x26, 0x58, 0x98, 0x1d, 0x50,
-      0x56, 0xb6, 0x6c, 0x30, 0x70, 0x1c, 0xe2, 0x9a },
-    { 0x93, 0x63, 0x4a, 0x09, 0xbd, 0xab, 0xcb, 0xda, 0x01, 0x4f,
-      0x54, 0xda, 0x17, 0x4a, 0x13, 0x2e, 0x32, 0x2c, 0xf0, 0xc2,
-      0x7c, 0xe9, 0x87, 0x1b, 0x45, 0x99, 0xe9, 0x05, 0xe2, 0x53,
-      0xe3, 0x7d, 0xd8, 0x65, 0xd0, 0x59, 0x01, 0x6d, 0xae, 0x01,
-      0x09, 0x10, 0x49, 0xdb, 0x88, 0xb3, 0xa2, 0x06, 0xc6, 0x6b,
-      0xa6, 0x86, 0x8f, 0x12, 0xcf, 0xd3, 0xdd, 0x4e, 0x27, 0x08,
-      0x30, 0xc9, 0x28, 0xd1, 0x84, 0x92, 0x28, 0xc0, 0xd5, 0x1a,
-      0xa4, 0x75, 0x78, 0xdf, 0xf0, 0x0c, 0xd4, 0x48, 0xf3, 0x45,
-      0x3d, 0x18, 0xf0, 0xed, 0xf3, 0x82, 0x30, 0xf7, 0xf3, 0x9f,
-      0x00, 0x33, 0xfa, 0xa8, 0xbb, 0xb0, 0x07, 0x5c, 0xa3, 0x46,
-      0xbc, 0x83, 0xaf, 0x98, 0x41, 0x44, 0x04, 0x41, 0x93, 0xca,
-      0x7c, 0xec, 0x5c, 0x7e, 0x24, 0x9c, 0xd3, 0x40, 0xf0, 0x59,
-      0xf0, 0x36, 0x78, 0xa2, 0xe8, 0xf5, 0xb0, 0xb5 },
-    { 0x26, 0x6c, 0xb4, 0x67, 0xbc, 0x06, 0x35, 0x7e, 0x4b, 0x4c,
-      0x5b, 0xf2, 0x26, 0xde, 0xee, 0xe7, 0xc4, 0x08, 0xc3, 0x2d,
-      0x9d, 0xcc, 0x22, 0xb2, 0x36, 0x20, 0x77, 0xa3, 0xb4, 0x04,
-      0x87, 0x63, 0x1e, 0xd6, 0x72, 0xda, 0x4f, 0x87, 0xd7, 0x8e,
-      0x30, 0x2f, 0x90, 0x9c, 0xd1, 0x39, 0xd6, 0x3b, 0x53, 0x72,
-      0x77, 0x7b, 0x37, 0x3e, 0x0c, 0xfb, 0x97, 0xf0, 0x00, 0x9a,
-      0x3f, 0x1c, 0xf6, 0x1e, 0xbb, 0xc1, 0x10, 0x71, 0xb9, 0xde,
-      0xda, 0x81, 0xe4, 0xcb, 0xa6, 0x01, 0x6f, 0xa9, 0x5e, 0xab,
-      0x72, 0x95, 0x57, 0x2b, 0x80, 0x38, 0xe6, 0x6d, 0x29, 0x65,
-      0x5c, 0xf1, 0x2b, 0x5f, 0x46, 0xfd, 0x7e, 0x9b, 0x6b, 0x85,
-      0xa9, 0x84, 0x7c, 0xfe, 0x91, 0x3a, 0xb8, 0x32, 0x22, 0x38,
-      0x17, 0x10, 0xc5, 0x7e, 0x18, 0x66, 0xc1, 0xa4, 0xc1, 0x24,
-      0x62, 0x82, 0x6b, 0x27, 0xa9, 0xa2, 0xe3, 0x04 },
-    { 0x4b, 0x1d, 0x5a, 0x1b, 0x52, 0x45, 0x4e, 0xe1, 0xbc, 0xb0,
-      0x29, 0xa8, 0x3c, 0x8f, 0x2a, 0xf3, 0x78, 0x2f, 0xd0, 0xd1,
-      0xf7, 0x47, 0x3a, 0xc1, 0x7e, 0xe7, 0xb5, 0xbc, 0x53, 0x15,
-      0xb8, 0xd7, 0x09, 0x32, 0xbf, 0xcb, 0xa1, 0xb7, 0xd1, 0x20,
-      0x15, 0x48, 0x82, 0x8e, 0xc3, 0x6a, 0xb6, 0x11, 0xc1, 0x54,
-      0xe8, 0x92, 0x63, 0xab, 0x8c, 0x9e, 0x68, 0xb2, 0xf4, 0xeb,
-      0x9d, 0x5c, 0xf3, 0x64, 0xe3, 0xc3, 0x28, 0x7d, 0x09, 0xf3,
-      0x51, 0x1d, 0x60, 0x6e, 0x1e, 0xb9, 0x88, 0x70, 0xdc, 0x95,
-      0x55, 0xca, 0xa8, 0x33, 0xa5, 0x36, 0xbf, 0x78, 0xcf, 0x44,
-      0xb2, 0xec, 0xf1, 0x99, 0x11, 0xa6, 0x5b, 0x34, 0xae, 0x3e,
-      0xfa, 0x00, 0x4b, 0x84, 0x14, 0x35, 0x8d, 0xde, 0x2b, 0x9e,
-      0x65, 0x97, 0x4b, 0x4f, 0xd0, 0x78, 0x3c, 0x1a, 0xa4, 0xdb,
-      0x6f, 0xaa, 0x41, 0x54, 0xb5, 0x63, 0x63, 0xe8 },
-    { 0x81, 0x86, 0xb9, 0x3f, 0x50, 0x8e, 0x4b, 0x27, 0xe0, 0x74,
-      0x39, 0xfa, 0xb6, 0x22, 0xd4, 0x2a, 0xc8, 0x31, 0xfd, 0xce,
-      0x12, 0x0b, 0xf6, 0x19, 0x6f, 0xc0, 0x77, 0x62, 0xbe, 0x6a,
-      0xbb, 0xd0, 0xbb, 0xf7, 0xee, 0x13, 0x3e, 0xa5, 0xa2, 0xec,
-      0x0d, 0x4e, 0x56, 0xf1, 0x30, 0xee, 0xa0, 0xe3, 0x10, 0x81,
-      0x0f, 0x3d, 0x52, 0x07, 0xec, 0x91, 0x7c, 0xc8, 0x00, 0xd4,
-      0x65, 0x75, 0x7d, 0x4e, 0x32, 0x87, 0x36, 0x1b, 0x0d, 0xf5,
-      0x11, 0xc8, 0xd7, 0xde, 0x5e, 0x12, 0xfc, 0xa3, 0xda, 0xda,
-      0xba, 0x31, 0xf6, 0xb5, 0xb1, 0x5e, 0x08, 0x0a, 0x90, 0x12,
-      0x3a, 0x0a, 0x79, 0x7e, 0x81, 0x07, 0x88, 0xb3, 0xf1, 0xca,
-      0xac, 0xfa, 0x5a, 0x43, 0x5c, 0x62, 0x15, 0x63, 0x36, 0x0e,
-      0x39, 0x56, 0x37, 0x35, 0x52, 0x5e, 0x18, 0x8c, 0x09, 0x9d,
-      0x12, 0xfe, 0x51, 0x74, 0x63, 0xd5, 0x2c, 0x0c },
-    { 0x0b, 0xf9, 0x7e, 0x97, 0xc9, 0xee, 0x2b, 0x2a, 0x47, 0x43,
-      0xde, 0x57, 0xf3, 0x4a, 0x9b, 0xfa, 0x79, 0xcf, 0xc6, 0xd7,
-      0x22, 0xc3, 0xab, 0x57, 0x12, 0xbf, 0xff, 0x1a, 0x27, 0xb5,
-      0x21, 0x4e, 0xb1, 0x39, 0xc0, 0x76, 0x90, 0xbe, 0x35, 0x7e,
-      0x30, 0x08, 0x6c, 0xf4, 0x43, 0x58, 0x0b, 0x7a, 0xab, 0xa6,
-      0x58, 0x91, 0x05, 0xd4, 0x11, 0x0a, 0x4b, 0xb8, 0x63, 0xb9,
-      0xd9, 0x47, 0x7c, 0x91, 0x35, 0x1e, 0x6a, 0x00, 0x9b, 0x7d,
-      0x9b, 0x1c, 0x7b, 0x5d, 0xc4, 0x44, 0x83, 0x1c, 0x04, 0x97,
-      0xec, 0xb0, 0x1c, 0x0b, 0xbe, 0xb4, 0xd6, 0x44, 0xed, 0x30,
-      0xed, 0x65, 0xce, 0x68, 0xb8, 0xfe, 0x50, 0xaa, 0x50, 0x57,
-      0xa4, 0xfc, 0x3d, 0x82, 0xc1, 0xcf, 0x16, 0x68, 0x1f, 0x5f,
-      0x5d, 0xda, 0x7e, 0x04, 0x2c, 0x05, 0xbf, 0xaf, 0x7d, 0xb4,
-      0xc6, 0x19, 0xd1, 0x54, 0x09, 0x31, 0x28, 0x67 },
-    { 0x8f, 0xe5, 0x48, 0x2c, 0x3e, 0x40, 0xaa, 0xbb, 0x3b, 0xd9,
-      0x1b, 0xb4, 0xfe, 0xaa, 0xc2, 0x3f, 0x57, 0x6a, 0x87, 0x0d,
-      0x56, 0x76, 0xf1, 0x20, 0xe6, 0xbf, 0xa9, 0xe0, 0x0a, 0x9d,
-      0x0b, 0xc8, 0x6b, 0x7a, 0xc0, 0xab, 0x9e, 0x69, 0xd9, 0x4e,
-      0x3d, 0xe3, 0x7a, 0x9a, 0x9f, 0x5e, 0xf4, 0x39, 0xe2, 0x2c,
-      0x79, 0x76, 0xad, 0x47, 0x35, 0x99, 0xd3, 0xd7, 0x41, 0x6e,
-      0x1d, 0x2d, 0xc7, 0xdf, 0x9e, 0xb8, 0x1a, 0x0f, 0x32, 0xf1,
-      0x28, 0x06, 0x18, 0x96, 0xec, 0xda, 0xb3, 0x93, 0x97, 0x30,
-      0x65, 0xce, 0x25, 0xf1, 0x95, 0xbc, 0x3e, 0x13, 0x98, 0xa6,
-      0x97, 0xa4, 0x62, 0xfd, 0xcc, 0x09, 0x1a, 0xc6, 0xf6, 0x8b,
-      0x0d, 0x9a, 0x0d, 0x99, 0x7e, 0x83, 0x61, 0x2b, 0x65, 0xf6,
-      0x91, 0x8a, 0x54, 0xce, 0x18, 0xea, 0x6c, 0x30, 0x6e, 0x8b,
-      0x96, 0xec, 0x4e, 0xc8, 0xdd, 0xa1, 0x9e, 0x96 },
-    { 0x39, 0x28, 0xc6, 0x69, 0xbb, 0xc8, 0xbc, 0x3f, 0x4a, 0xeb,
-      0x62, 0x06, 0xb4, 0x2d, 0x3b, 0xf6, 0x18, 0x9e, 0xd1, 0x8b,
-      0x6b, 0x4b, 0x5c, 0x8d, 0x95, 0xa9, 0x13, 0xb9, 0xca, 0xd2,
-      0xde, 0xd6, 0xa6, 0x7c, 0x11, 0x4c, 0x64, 0x27, 0x5d, 0x2c,
-      0x4c, 0x91, 0x8b, 0xb1, 0x23, 0xda, 0xb5, 0x66, 0xa7, 0xd4,
-      0x84, 0xbe, 0x0f, 0x64, 0x0a, 0x5f, 0xc5, 0xc0, 0x09, 0xa1,
-      0x52, 0x19, 0x9f, 0x43, 0x69, 0x67, 0x9f, 0x1e, 0x50, 0xb4,
-      0xd1, 0x8f, 0xc8, 0x7e, 0xf5, 0x15, 0xb6, 0x4a, 0xe8, 0xb6,
-      0xdc, 0x62, 0x07, 0x8d, 0xf0, 0x2e, 0xb0, 0xda, 0x99, 0x61,
-      0xf5, 0xbc, 0xe7, 0x1c, 0x29, 0x4e, 0x80, 0x3d, 0xe0, 0xad,
-      0x30, 0x8f, 0xb4, 0x1c, 0x5c, 0x6c, 0x8f, 0x3a, 0x25, 0xd0,
-      0x61, 0x92, 0x4c, 0x3e, 0xb8, 0x03, 0x4f, 0x1d, 0x20, 0x38,
-      0x85, 0xae, 0x67, 0xc2, 0xce, 0x9a, 0x4d, 0x1e },
-    { 0x6c, 0xcc, 0x88, 0x8f, 0x35, 0x51, 0x34, 0xf6, 0x17, 0x04,
-      0xd2, 0xe1, 0x91, 0x50, 0xd0, 0xd9, 0x81, 0xc3, 0x5b, 0x3e,
-      0xf0, 0x71, 0xcd, 0xe4, 0xf0, 0x1d, 0xff, 0x93, 0x73, 0x89,
-      0x27, 0x54, 0x3b, 0xaa, 0xdc, 0x8b, 0x21, 0xd4, 0x05, 0xd1,
-      0x1b, 0x14, 0xd9, 0xe6, 0xbe, 0xa1, 0xc1, 0xfd, 0xad, 0xee,
-      0xfa, 0x98, 0xc2, 0x59, 0xd0, 0xd4, 0x68, 0x1d, 0xf6, 0xdd,
-      0xa7, 0xc9, 0x30, 0xeb, 0x7f, 0xae, 0x8b, 0xbe, 0x4e, 0x3b,
-      0x2f, 0x0d, 0x31, 0x67, 0x4a, 0x4f, 0x67, 0xce, 0xe9, 0x84,
-      0x5a, 0xd8, 0xa5, 0x96, 0x21, 0x21, 0xb7, 0x7b, 0x42, 0x60,
-      0x42, 0xbc, 0x40, 0x7b, 0x85, 0xc4, 0x90, 0x44, 0x8f, 0xbd,
-      0xd3, 0x6f, 0x33, 0x1e, 0xf3, 0xaa, 0xc9, 0x4e, 0x7a, 0x91,
-      0x12, 0xa4, 0x03, 0xf6, 0x2a, 0x44, 0xf2, 0x61, 0x79, 0xa1,
-      0xde, 0x4b, 0xea, 0x4a, 0xda, 0xcb, 0x4b, 0x64 },
-    { 0x2f, 0x15, 0x19, 0x80, 0xb2, 0x6f, 0xae, 0xf9, 0x6a, 0xfa,
-      0x63, 0x57, 0xad, 0x4e, 0xd7, 0xbd, 0x03, 0x5f, 0xf1, 0x10,
-      0xc8, 0xc0, 0xf8, 0x15, 0x8f, 0x79, 0x2b, 0x21, 0x1a, 0xca,
-      0x3c, 0xe9, 0x53, 0xd5, 0xb8, 0x43, 0x74, 0xb9, 0x13, 0x93,
-      0xa1, 0x7e, 0x14, 0x84, 0x25, 0x9d, 0x52, 0x54, 0x17, 0xed,
-      0x0f, 0x5d, 0x39, 0x73, 0xca, 0xcf, 0xa4, 0x84, 0x13, 0x78,
-      0xfa, 0xb1, 0xe8, 0xbe, 0xcb, 0x8f, 0xd9, 0x8b, 0x9c, 0xbd,
-      0x35, 0x1a, 0x31, 0x20, 0x24, 0xa9, 0x09, 0xb8, 0xce, 0x1e,
-      0x0b, 0x8c, 0x1a, 0x82, 0x99, 0xad, 0x8e, 0xb7, 0x68, 0x25,
-      0xa6, 0xe6, 0x01, 0x4e, 0xdc, 0xfc, 0x12, 0x76, 0xf4, 0xce,
-      0xba, 0xeb, 0xf3, 0x2f, 0x0d, 0xcd, 0x1e, 0xde, 0xfe, 0xde,
-      0x67, 0xaa, 0xbc, 0xa3, 0x26, 0x5f, 0xf7, 0x95, 0x9d, 0xdd,
-      0xf8, 0xd3, 0x6f, 0x0e, 0x7a, 0xd7, 0x50, 0x4c },
-    { 0x35, 0x4b, 0x05, 0xb7, 0x0a, 0xc5, 0x8d, 0x65, 0x6c, 0x80,
-      0x5c, 0xe8, 0xbe, 0xb5, 0x4a, 0xaa, 0x1c, 0x21, 0x90, 0x85,
-      0xa8, 0xeb, 0x99, 0x20, 0xf7, 0xbe, 0x03, 0x89, 0x20, 0x5c,
-      0x4e, 0x92, 0x3a, 0x20, 0x2c, 0x70, 0xfd, 0x22, 0xdf, 0x11,
-      0xe6, 0x17, 0x32, 0x71, 0xf4, 0xab, 0x67, 0xb3, 0x44, 0xed,
-      0xf3, 0xf9, 0x13, 0xbe, 0xee, 0xf6, 0x63, 0x8f, 0x6b, 0x74,
-      0x94, 0x98, 0xfd, 0x7d, 0xc7, 0x1d, 0xb2, 0x90, 0x15, 0xa3,
-      0x1b, 0xdf, 0x83, 0x81, 0xe3, 0xd8, 0x0a, 0xef, 0x5a, 0x85,
-      0x03, 0x1d, 0xb9, 0xe7, 0xf3, 0x35, 0x5a, 0x17, 0xba, 0xaa,
-      0x17, 0x67, 0x9d, 0x88, 0xc6, 0x58, 0x6d, 0x6c, 0xf4, 0xc0,
-      0xb6, 0xce, 0x47, 0xec, 0x3e, 0x5a, 0x97, 0x92, 0x6c, 0x05,
-      0xb7, 0x5b, 0x12, 0x1f, 0xbb, 0xc2, 0xbc, 0x03, 0x99, 0x55,
-      0x0c, 0x86, 0x31, 0xda, 0x29, 0xd2, 0xd4, 0x39 },
-    { 0x48, 0xdc, 0x55, 0xc4, 0xae, 0x35, 0x23, 0xa1, 0xd4, 0x1b,
-      0xe8, 0x93, 0xcf, 0x09, 0xfa, 0xc2, 0x3e, 0x7d, 0xac, 0xb8,
-      0x70, 0xac, 0xc7, 0x05, 0x99, 0x38, 0xf9, 0x32, 0xe5, 0x5e,
-      0xfc, 0xf9, 0x61, 0x96, 0xe2, 0x17, 0xa4, 0x68, 0x1b, 0xe2,
-      0x84, 0x7a, 0xf9, 0xfc, 0x44, 0x82, 0xf1, 0x3b, 0xf3, 0x1d,
-      0x33, 0x32, 0xec, 0xa6, 0x86, 0x30, 0xf3, 0x24, 0x1a, 0xb8,
-      0xa9, 0xf8, 0x1a, 0x18, 0xa3, 0x2f, 0xb5, 0xbc, 0xbb, 0xbc,
-      0xe7, 0x6f, 0x52, 0x59, 0x1a, 0xc3, 0x2f, 0xf0, 0xa7, 0x2b,
-      0x00, 0x05, 0x8e, 0x3f, 0x5c, 0x3d, 0x97, 0x1e, 0xb7, 0x13,
-      0x8a, 0x7f, 0x96, 0x5c, 0x7d, 0x01, 0xa7, 0x3e, 0x8c, 0xe3,
-      0xa6, 0x6c, 0xae, 0x1a, 0xff, 0xbe, 0x82, 0x4f, 0x3c, 0xdd,
-      0xcc, 0xfb, 0x01, 0xee, 0xc4, 0x2d, 0x4c, 0xad, 0x50, 0xcd,
-      0x71, 0x71, 0xe2, 0x36, 0x7a, 0x91, 0x70, 0xe9 },
-    { 0x5f, 0x6a, 0x8e, 0xdd, 0x0b, 0x6d, 0xc0, 0x21, 0x40, 0x5c,
-      0xe4, 0xc5, 0x66, 0xe3, 0x8c, 0x68, 0x87, 0x25, 0xe2, 0x4b,
-      0xb9, 0x3b, 0x9c, 0x33, 0xcb, 0x94, 0xcc, 0xff, 0x98, 0x6b,
-      0x8d, 0x62, 0x19, 0xf2, 0x9d, 0x71, 0x8b, 0x8a, 0xf2, 0xcd,
-      0x85, 0x1c, 0x9f, 0x4b, 0x1d, 0x0d, 0x7b, 0x3a, 0x5d, 0x67,
-      0xb9, 0x73, 0xba, 0x15, 0x59, 0x04, 0xcd, 0xeb, 0xa9, 0xf7,
-      0x71, 0x31, 0x3c, 0x58, 0x18, 0x70, 0x70, 0x75, 0x8a, 0x51,
-      0xcf, 0x02, 0x15, 0x4e, 0x10, 0x77, 0x8a, 0xf5, 0x88, 0x69,
-      0x38, 0x2e, 0xb6, 0xe7, 0xa5, 0x12, 0x15, 0x1c, 0x98, 0x2d,
-      0xef, 0x67, 0x97, 0xd0, 0x0e, 0x38, 0x41, 0x78, 0x06, 0x40,
-      0x83, 0xc7, 0xd2, 0x45, 0x2f, 0x13, 0x56, 0xaf, 0x25, 0xc9,
-      0xeb, 0x41, 0xe4, 0x6e, 0xc3, 0x62, 0x68, 0x98, 0x97, 0x0c,
-      0x8e, 0x62, 0x38, 0x26, 0xa5, 0x09, 0x21, 0x93 },
-    { 0x1c, 0xa6, 0x50, 0x72, 0xca, 0x7f, 0x87, 0xac, 0x2e, 0x12,
-      0xe0, 0x7a, 0x9e, 0xb8, 0x14, 0xbb, 0x9b, 0x33, 0x48, 0x0d,
-      0x5a, 0x87, 0x97, 0xd3, 0x15, 0x6c, 0xcb, 0x70, 0x8b, 0xfb,
-      0x7c, 0xf0, 0x84, 0x0f, 0x04, 0x21, 0xf2, 0x7d, 0xb4, 0x90,
-      0xcc, 0xe6, 0x56, 0x2b, 0xf4, 0x3c, 0xe0, 0x1e, 0x64, 0x8d,
-      0xa3, 0x42, 0x0e, 0xa2, 0x43, 0xdb, 0xe4, 0x42, 0x8a, 0xcd,
-      0xdf, 0x32, 0x57, 0x97, 0x4c, 0xa2, 0xb9, 0xe4, 0x4f, 0xe1,
-      0xf7, 0x39, 0x53, 0x79, 0x51, 0xb3, 0xb8, 0xa5, 0x97, 0x94,
-      0x00, 0x5c, 0xfb, 0xba, 0x4e, 0xa4, 0x57, 0xa8, 0x78, 0x04,
-      0x66, 0x4a, 0x04, 0xaa, 0xb2, 0x6d, 0x4c, 0xd5, 0x8f, 0x16,
-      0xbc, 0xe3, 0xa4, 0xcf, 0xfb, 0xc1, 0x2d, 0x8c, 0x69, 0x20,
-      0x10, 0x28, 0x3f, 0x36, 0x97, 0x66, 0x2f, 0x76, 0xa4, 0x07,
-      0x83, 0x70, 0x4c, 0xa5, 0x8f, 0x9a, 0x86, 0x90 },
-    { 0x46, 0x2c, 0xaf, 0xb6, 0xcb, 0xad, 0x3c, 0xee, 0xac, 0x44,
-      0xfd, 0x91, 0x35, 0xff, 0xff, 0x64, 0xac, 0xa6, 0x63, 0x99,
-      0x1f, 0xb3, 0x07, 0xa1, 0x05, 0x5d, 0xec, 0x1c, 0x14, 0xf9,
-      0xa1, 0x92, 0x9f, 0x7a, 0xff, 0x32, 0x49, 0xfa, 0xca, 0xba,
-      0xd0, 0xd7, 0x10, 0xc0, 0x68, 0x98, 0x09, 0x85, 0x7f, 0xad,
-      0x3b, 0xd1, 0xe6, 0x67, 0x54, 0x3c, 0x4d, 0xd2, 0xdb, 0x49,
-      0x96, 0x46, 0xaa, 0x34, 0xef, 0x8d, 0x44, 0x3e, 0x0d, 0x85,
-      0x8c, 0x5f, 0x39, 0xb7, 0x52, 0x43, 0x8b, 0xbe, 0x33, 0x91,
-      0x1d, 0x96, 0xb5, 0x07, 0x89, 0xb7, 0x8d, 0xa8, 0x9b, 0x74,
-      0xd8, 0xfe, 0x56, 0x47, 0xdd, 0x68, 0x56, 0xed, 0x1e, 0xa4,
-      0x7d, 0x80, 0x06, 0x8f, 0xc1, 0xc1, 0x53, 0x0e, 0x59, 0xe3,
-      0x68, 0xb5, 0x66, 0xaf, 0xfd, 0xca, 0x40, 0xa7, 0x46, 0xdb,
-      0xfb, 0xb3, 0x21, 0xcf, 0x2b, 0x9d, 0x25, 0xa0 },
-    { 0x12, 0x93, 0xc9, 0x8c, 0x6c, 0xd9, 0x36, 0x08, 0x2a, 0x29,
-      0x15, 0x03, 0xb5, 0x46, 0xea, 0xfd, 0xd2, 0xfb, 0x77, 0x18,
-      0x3e, 0x8f, 0x9d, 0x13, 0x23, 0x15, 0x5e, 0x22, 0x51, 0x3f,
-      0x83, 0xc0, 0xaa, 0x78, 0x4f, 0xab, 0x65, 0xf4, 0x85, 0x76,
-      0x06, 0xfe, 0xe7, 0xfe, 0xd9, 0xba, 0xa6, 0xd3, 0x0f, 0x75,
-      0xd2, 0x35, 0xa7, 0x32, 0xd1, 0xcc, 0xbc, 0x87, 0x5d, 0x03,
-      0x0a, 0x2e, 0xbe, 0x41, 0xdf, 0xef, 0xc9, 0x7d, 0xa9, 0xc3,
-      0x91, 0x7f, 0x4e, 0x7e, 0x8d, 0xfc, 0x25, 0xa9, 0xa1, 0x2b,
-      0xa1, 0xa2, 0xbe, 0x74, 0x6e, 0xf1, 0x83, 0x31, 0x18, 0x75,
-      0x39, 0x3d, 0x1c, 0x93, 0xe2, 0x98, 0x15, 0xef, 0x04, 0x3e,
-      0x72, 0x6b, 0x91, 0x4a, 0xf7, 0x87, 0x9f, 0x59, 0xdd, 0xfa,
-      0x55, 0xf8, 0x95, 0xf7, 0x35, 0xcc, 0x82, 0xb8, 0x74, 0x04,
-      0x16, 0x60, 0xa6, 0x47, 0xde, 0x32, 0x37, 0xdd },
-    { 0x53, 0xb7, 0x9a, 0xa1, 0x68, 0xea, 0x94, 0xba, 0x73, 0xe4,
-      0xb5, 0xf3, 0xe4, 0x6f, 0x8f, 0xb1, 0xed, 0xb2, 0x58, 0x4c,
-      0x39, 0x46, 0x98, 0x8b, 0xc6, 0x92, 0x9c, 0xd4, 0xfd, 0xfd,
-      0x61, 0x4f, 0xa0, 0xa4, 0x7f, 0x05, 0x06, 0x4e, 0x71, 0x42,
-      0x16, 0xe7, 0x9e, 0x41, 0x74, 0xad, 0x91, 0x07, 0xd0, 0x5c,
-      0x23, 0xc5, 0x49, 0x40, 0xc3, 0xe8, 0x58, 0xcf, 0xb2, 0xfb,
-      0x1a, 0xe9, 0xd7, 0xc7, 0xbe, 0x1c, 0x0f, 0xb8, 0xa1, 0xbd,
-      0x18, 0x9e, 0xca, 0x83, 0xcb, 0x86, 0xe7, 0x7b, 0x11, 0x1a,
-      0xb0, 0xb0, 0x28, 0x9c, 0x8c, 0x87, 0x53, 0x0d, 0x49, 0x5f,
-      0x6a, 0xbf, 0x33, 0xb3, 0x75, 0x22, 0x82, 0x38, 0xc7, 0x08,
-      0x87, 0xe7, 0x71, 0xc1, 0xb7, 0xd7, 0xc7, 0xdb, 0x4a, 0x36,
-      0xb7, 0x11, 0xa6, 0xab, 0x40, 0x3d, 0x96, 0xea, 0xfa, 0xc7,
-      0x72, 0x78, 0x12, 0x51, 0x49, 0xd5, 0x3b, 0x77 },
-    { 0x82, 0x90, 0xd6, 0xd1, 0x56, 0xc2, 0xe8, 0x33, 0x40, 0xa6,
-      0xf7, 0xd5, 0xf3, 0x87, 0x2c, 0x9d, 0x15, 0x0f, 0xb4, 0xa9,
-      0x58, 0x40, 0x11, 0x04, 0xc8, 0x9d, 0xc0, 0x1b, 0x32, 0x81,
-      0x51, 0xe1, 0xe5, 0xef, 0x49, 0x97, 0xc8, 0x3a, 0xf2, 0xa8,
-      0x04, 0x09, 0x99, 0x03, 0xc9, 0xd5, 0xda, 0x0f, 0xb9, 0x28,
-      0x7f, 0x58, 0x53, 0x46, 0x61, 0x1d, 0x64, 0x00, 0xbc, 0x54,
-      0x23, 0x45, 0x96, 0xc4, 0x0d, 0x53, 0x9d, 0x8d, 0x47, 0x39,
-      0x7c, 0x05, 0x23, 0x11, 0x98, 0x69, 0x29, 0xfe, 0x89, 0xa2,
-      0x64, 0x96, 0x8e, 0xe6, 0x51, 0x2c, 0x67, 0x38, 0xfe, 0xd5,
-      0xab, 0xce, 0x7b, 0x4e, 0xc0, 0x14, 0x02, 0x2e, 0xaf, 0x3d,
-      0xf1, 0x9e, 0xfa, 0xfe, 0xef, 0x1e, 0x4b, 0x30, 0xa9, 0xdd,
-      0x93, 0x9a, 0xd3, 0xa5, 0xbb, 0xa0, 0x67, 0x82, 0x17, 0x28,
-      0x21, 0x6f, 0xaf, 0xce, 0x44, 0xbb, 0xb6, 0xa1 },
-    { 0x50, 0x6e, 0xf1, 0xab, 0x30, 0x4f, 0xab, 0xb0, 0x6f, 0xa1,
-      0xd9, 0x69, 0xee, 0x95, 0x2e, 0x14, 0x45, 0x9f, 0x29, 0x7b,
-      0xa0, 0xaa, 0x98, 0x4e, 0x00, 0xf3, 0x32, 0xe1, 0xec, 0x47,
-      0xb3, 0xcf, 0xfd, 0x22, 0x3e, 0x26, 0xf0, 0x6a, 0x2a, 0x08,
-      0x51, 0xcc, 0x6e, 0xf9, 0xb3, 0x3f, 0xa0, 0xe1, 0x1b, 0xea,
-      0xd0, 0x2c, 0xa6, 0x75, 0x23, 0x5a, 0x6e, 0x6b, 0x55, 0xe9,
-      0xdb, 0x32, 0x16, 0x60, 0x23, 0x80, 0xed, 0x5c, 0xed, 0x96,
-      0x78, 0x11, 0xcc, 0x20, 0x8d, 0xe6, 0x33, 0xaa, 0xfc, 0xa5,
-      0xa2, 0x71, 0x4c, 0xa6, 0x0b, 0xca, 0xdb, 0x5f, 0xe6, 0x2a,
-      0xe5, 0x2d, 0x2d, 0x67, 0x84, 0xa9, 0xb4, 0x25, 0x57, 0xfe,
-      0x0d, 0xc7, 0xb8, 0x09, 0xd4, 0x23, 0x59, 0xa4, 0xd7, 0x89,
-      0x00, 0x7e, 0xda, 0x13, 0x4a, 0x39, 0x69, 0xec, 0x57, 0xfa,
-      0xf8, 0x46, 0x37, 0xc6, 0xd8, 0x54, 0x69, 0x46 },
-    { 0x41, 0x5b, 0x7d, 0xbf, 0x15, 0x20, 0x03, 0x44, 0xda, 0xaf,
-      0x3f, 0xdb, 0x4d, 0x85, 0xc6, 0x78, 0x6c, 0xcd, 0x2f, 0xbf,
-      0xf7, 0x1a, 0x70, 0x6e, 0x14, 0x04, 0xcc, 0xf8, 0xb9, 0x8f,
-      0xcb, 0xc7, 0xfa, 0xbe, 0x77, 0x43, 0xfa, 0x8f, 0xeb, 0x1f,
-      0xe1, 0x4a, 0x45, 0x6f, 0x8e, 0xed, 0x67, 0x65, 0x6e, 0xec,
-      0x74, 0xd2, 0x37, 0x9d, 0x92, 0xd1, 0xdf, 0xea, 0x34, 0x23,
-      0xd4, 0xdc, 0xbc, 0x3c, 0xdd, 0x35, 0x4c, 0xac, 0xbd, 0xc8,
-      0x9a, 0x16, 0xa2, 0x8d, 0x63, 0x3d, 0xdf, 0x73, 0xad, 0x9c,
-      0x36, 0xa6, 0xaf, 0x39, 0xe3, 0x07, 0x1b, 0x58, 0xf5, 0x09,
-      0x0a, 0x7e, 0xa7, 0x30, 0x75, 0xaa, 0xa2, 0xda, 0xf1, 0xa5,
-      0x9d, 0xd1, 0xc3, 0xd5, 0x66, 0xac, 0xeb, 0x3f, 0x9d, 0xeb,
-      0x27, 0xce, 0x71, 0x30, 0xb9, 0x6f, 0xea, 0x9f, 0xa9, 0x84,
-      0x11, 0xb4, 0xeb, 0x27, 0x35, 0xbf, 0xf1, 0x63 },
-    { 0x1e, 0xc3, 0x14, 0xf1, 0xaf, 0x58, 0x87, 0x9d, 0x52, 0x5d,
-      0xc9, 0xbd, 0xec, 0x83, 0x1d, 0x59, 0xfc, 0xe0, 0xfa, 0xfc,
-      0xc1, 0x75, 0xd4, 0x3f, 0x00, 0x69, 0x65, 0xed, 0xb4, 0x12,
-      0x2e, 0x05, 0x35, 0x22, 0xce, 0xf0, 0xa2, 0xb5, 0x51, 0x1c,
-      0x76, 0x9a, 0x2e, 0xf9, 0x85, 0xf0, 0x68, 0xaa, 0x01, 0xdc,
-      0x4c, 0x3f, 0xe6, 0x93, 0x65, 0x08, 0xf9, 0x31, 0x8c, 0x91,
-      0x97, 0xf0, 0x0f, 0x11, 0x45, 0x49, 0x97, 0x51, 0x86, 0x32,
-      0x0a, 0x01, 0x0c, 0xda, 0x36, 0xd9, 0x6e, 0x0e, 0x54, 0xc2,
-      0xfc, 0x6a, 0xc6, 0xc6, 0x0f, 0xeb, 0x9f, 0x3b, 0x71, 0x2f,
-      0xa1, 0x3c, 0xe9, 0xe5, 0xa2, 0xb8, 0x4b, 0xc7, 0x09, 0x5d,
-      0x93, 0xc8, 0xf2, 0x90, 0xfd, 0x67, 0xd2, 0x89, 0xf0, 0x3a,
-      0x4c, 0x32, 0x06, 0x8a, 0x3d, 0x68, 0xcb, 0x80, 0x32, 0x72,
-      0x97, 0x01, 0x05, 0x86, 0x7d, 0x83, 0x77, 0xa7 },
-    { 0x17, 0xe9, 0x1d, 0x12, 0x7f, 0xff, 0x57, 0x88, 0xad, 0x5c,
-      0xc0, 0x8f, 0x2d, 0xc1, 0x05, 0xde, 0x71, 0x93, 0x6c, 0xb4,
-      0x52, 0xab, 0xfa, 0x6b, 0x76, 0x51, 0x35, 0xd2, 0x3d, 0xe5,
-      0xa6, 0x64, 0xbb, 0x32, 0xf1, 0x7c, 0x96, 0x93, 0x9c, 0x82,
-      0xe0, 0xc8, 0xb6, 0xf7, 0xf5, 0x87, 0x5a, 0xec, 0xa9, 0x31,
-      0xb9, 0x9d, 0x77, 0x46, 0xe0, 0xc7, 0xd3, 0xbb, 0x0a, 0x97,
-      0x26, 0xec, 0xcf, 0xa0, 0xf0, 0x01, 0xc4, 0x6e, 0xdd, 0x2f,
-      0x9e, 0x6f, 0x01, 0x8b, 0x1c, 0x63, 0xae, 0x4b, 0x9b, 0xc6,
-      0x34, 0x13, 0x02, 0xf9, 0xf7, 0xde, 0x17, 0x11, 0x50, 0x77,
-      0x33, 0x20, 0xb5, 0x42, 0xf8, 0xdf, 0xcd, 0xe4, 0xa3, 0x8f,
-      0x63, 0x7e, 0xc2, 0xc5, 0x39, 0x2b, 0x10, 0xfc, 0xe5, 0x34,
-      0x68, 0x87, 0xaa, 0x7e, 0x14, 0xda, 0x45, 0x7e, 0x3f, 0x74,
-      0x06, 0x63, 0xfe, 0xef, 0x2c, 0x83, 0x10, 0xc2 },
-    { 0x11, 0x8f, 0x3b, 0x4b, 0x3d, 0xdd, 0x0c, 0x01, 0xdf, 0x24,
-      0x22, 0x82, 0xaf, 0xc4, 0xa0, 0xd5, 0x16, 0x29, 0xf7, 0xc2,
-      0x63, 0xf7, 0xb9, 0x7e, 0xf3, 0x01, 0xa3, 0x8f, 0xb1, 0x8a,
-      0xe1, 0xf9, 0xca, 0x7c, 0x98, 0xed, 0x57, 0x25, 0x71, 0xdf,
-      0x6e, 0x65, 0x3e, 0xa4, 0x1d, 0xeb, 0x3e, 0x28, 0x99, 0x58,
-      0x4a, 0xeb, 0x91, 0xd4, 0xa3, 0xb6, 0x0d, 0x76, 0x59, 0x57,
-      0xb5, 0x99, 0x73, 0x2d, 0x35, 0x49, 0x97, 0xe4, 0x77, 0x96,
-      0x3e, 0x0e, 0xa7, 0xbd, 0x46, 0x92, 0x8c, 0x36, 0x5a, 0xec,
-      0x54, 0x50, 0x9e, 0x65, 0xd1, 0x2a, 0x19, 0xee, 0x39, 0x52,
-      0x49, 0xa3, 0xd2, 0x89, 0xe9, 0xc7, 0x3e, 0xa6, 0x62, 0x27,
-      0xce, 0x9d, 0x6b, 0x31, 0xc8, 0xab, 0x4b, 0x52, 0x00, 0x86,
-      0x78, 0x4b, 0xc6, 0x44, 0xd4, 0xfd, 0x19, 0xc7, 0x76, 0xd4,
-      0xbe, 0x92, 0xce, 0xd3, 0xb7, 0xe0, 0x51, 0xca },
-    { 0x01, 0xd0, 0xa6, 0x7c, 0x8d, 0x03, 0xe7, 0x27, 0x3b, 0x9b,
-      0x53, 0x6a, 0x44, 0xf1, 0x70, 0x24, 0x22, 0xce, 0x8a, 0x79,
-      0x44, 0xf5, 0x93, 0xc2, 0x21, 0xd2, 0xb6, 0x31, 0x21, 0xb6,
-      0x17, 0x10, 0x1d, 0xbd, 0xbd, 0x1a, 0xc2, 0xdd, 0x61, 0x7f,
-      0x87, 0x8e, 0xcc, 0x0d, 0x00, 0x71, 0x5b, 0xa1, 0x15, 0x61,
-      0x8d, 0x0b, 0x1b, 0xdf, 0xe5, 0x2f, 0x5b, 0xc1, 0x8b, 0x4f,
-      0xdf, 0x75, 0x86, 0x95, 0x73, 0x5e, 0xb6, 0x86, 0xe7, 0x7a,
-      0x4c, 0x05, 0xa3, 0xe1, 0x78, 0x34, 0x5b, 0x08, 0x46, 0xe5,
-      0xc2, 0x44, 0xa6, 0x09, 0x5d, 0xd6, 0x14, 0x7a, 0x83, 0x63,
-      0x7f, 0xfb, 0x3e, 0xcc, 0x1d, 0xba, 0xc0, 0xbe, 0x87, 0x86,
-      0x7e, 0x60, 0xd9, 0x8b, 0x16, 0xff, 0x49, 0x60, 0x4c, 0xf7,
-      0x6d, 0x86, 0x1a, 0xef, 0x84, 0xda, 0x8c, 0x58, 0xd1, 0x75,
-      0x74, 0xa0, 0xa0, 0xa8, 0x7a, 0xd4, 0x76, 0x2b },
-    { 0x1b, 0x62, 0x5b, 0x06, 0x7d, 0xa6, 0x32, 0x0f, 0xc9, 0xad,
-      0xba, 0x24, 0x99, 0x7c, 0x08, 0xe6, 0xdd, 0x52, 0x7b, 0x43,
-      0xc5, 0x6b, 0xb0, 0x44, 0xca, 0xdd, 0x2d, 0xfa, 0x48, 0x6e,
-      0x2f, 0x84, 0x5a, 0xd8, 0xb5, 0x72, 0xc9, 0x50, 0xd5, 0xd4,
-      0x7f, 0x47, 0xd4, 0x56, 0xb4, 0xed, 0x85, 0x69, 0x52, 0x36,
-      0x4b, 0xa1, 0xfa, 0xbd, 0x59, 0x52, 0xcd, 0x57, 0x2d, 0xfd,
-      0x2a, 0xf0, 0x3b, 0x37, 0x59, 0x6c, 0xce, 0xb5, 0xd2, 0xe8,
-      0x65, 0x0a, 0x03, 0xd5, 0x45, 0x21, 0x11, 0xe6, 0x8d, 0xa6,
-      0x7b, 0x67, 0xec, 0xdb, 0xe7, 0x6c, 0x0d, 0x63, 0x74, 0xa6,
-      0x9b, 0xdd, 0x4c, 0xb6, 0x63, 0xe3, 0x71, 0x35, 0xe8, 0x1d,
-      0xd8, 0x3c, 0x7a, 0x45, 0x01, 0x9b, 0x5d, 0x16, 0xa4, 0x2c,
-      0x4a, 0x18, 0xe9, 0x47, 0x79, 0x90, 0xfb, 0x88, 0xc2, 0xae,
-      0x7b, 0x96, 0x42, 0x36, 0x1e, 0x46, 0x53, 0x3c },
-    { 0x33, 0x3e, 0xca, 0x96, 0x19, 0xfc, 0x94, 0x8d, 0xbd, 0xf1,
-      0x43, 0x28, 0x84, 0x00, 0x73, 0x6e, 0x15, 0x39, 0x79, 0x21,
-      0xa7, 0x07, 0x66, 0x39, 0x13, 0xf5, 0xca, 0x6f, 0xbf, 0x06,
-      0x97, 0x68, 0x32, 0x1f, 0xaa, 0xc2, 0x98, 0x26, 0x65, 0x6a,
-      0xc4, 0xca, 0x56, 0x7c, 0x36, 0x0c, 0xb3, 0x65, 0xf6, 0x68,
-      0x20, 0x65, 0x3f, 0x7d, 0xf0, 0xc2, 0x6d, 0x6e, 0x32, 0x58,
-      0x24, 0x33, 0xda, 0x34, 0xdb, 0x1f, 0x80, 0xc6, 0x34, 0xd8,
-      0x52, 0xd7, 0x87, 0xdc, 0xb5, 0x34, 0x2b, 0x41, 0xc5, 0xdd,
-      0x6b, 0x24, 0x5e, 0x5c, 0x1f, 0x49, 0x09, 0x8b, 0x2b, 0x97,
-      0x1c, 0xba, 0x87, 0x15, 0x6b, 0xc9, 0xf3, 0x3c, 0x43, 0x4f,
-      0xbb, 0xa9, 0x75, 0x8b, 0xbf, 0x44, 0x43, 0x88, 0xfe, 0x88,
-      0x38, 0xb5, 0xc0, 0x1b, 0x2f, 0x01, 0xaf, 0x6f, 0xeb, 0xeb,
-      0x44, 0xdf, 0xaa, 0x7b, 0x4f, 0xd8, 0x44, 0x6d },
-    { 0x72, 0xfc, 0x21, 0x10, 0x87, 0x28, 0xd1, 0x35, 0xae, 0x9d,
-      0x9c, 0x07, 0x4c, 0xcf, 0x07, 0x46, 0x4d, 0x25, 0xc7, 0x42,
-      0xf2, 0xcd, 0x13, 0x4f, 0x76, 0x50, 0x82, 0xa5, 0x37, 0xe7,
-      0xb1, 0x5d, 0x55, 0x7b, 0x32, 0x2a, 0x65, 0xcd, 0x44, 0x9d,
-      0x98, 0x7d, 0xa7, 0x4a, 0xe5, 0x4b, 0x64, 0xa7, 0xf3, 0x5e,
-      0x8c, 0xf1, 0x33, 0x93, 0x74, 0x3e, 0x90, 0xc1, 0x6e, 0xeb,
-      0xcb, 0x25, 0xb9, 0x99, 0x5a, 0x17, 0xf8, 0xe5, 0x1d, 0x61,
-      0x6e, 0x91, 0xd7, 0x24, 0x08, 0xdc, 0x52, 0x35, 0x96, 0x61,
-      0x5d, 0xb3, 0x56, 0x5a, 0x7f, 0x5c, 0x01, 0xf0, 0x2b, 0x3a,
-      0x13, 0xa4, 0x13, 0xfb, 0x3b, 0x5b, 0xaa, 0xd3, 0x62, 0x36,
-      0x54, 0x70, 0x3f, 0xe7, 0x62, 0x3c, 0x7a, 0x4f, 0xbc, 0xfc,
-      0xe9, 0x48, 0x38, 0xc2, 0x51, 0x8f, 0xd4, 0x1d, 0xbb, 0xca,
-      0x23, 0x33, 0x79, 0x48, 0xac, 0x77, 0x5d, 0x81 },
-    { 0x48, 0x09, 0x46, 0xf8, 0xb1, 0x1e, 0xd9, 0x2d, 0x23, 0x8e,
-      0xf1, 0x7c, 0x88, 0x40, 0xa6, 0xc6, 0xe1, 0xa2, 0x73, 0x8e,
-      0xa1, 0x7e, 0x35, 0xa4, 0xe5, 0x73, 0xf6, 0x48, 0x9d, 0xef,
-      0xf9, 0xa0, 0x03, 0x80, 0x3d, 0x84, 0x56, 0x17, 0x70, 0x40,
-      0x1e, 0xe4, 0x8d, 0xe3, 0x2f, 0x7b, 0x16, 0x5b, 0x76, 0x0f,
-      0x8d, 0x28, 0x5c, 0x2f, 0xfc, 0x3c, 0x22, 0x8a, 0x39, 0x1b,
-      0x5d, 0x33, 0x6d, 0x51, 0xfb, 0xbd, 0xcf, 0x0c, 0x7d, 0x3d,
-      0xe6, 0x66, 0xeb, 0x9a, 0xde, 0x06, 0x9a, 0x3d, 0xf8, 0x5e,
-      0x4a, 0x1f, 0xee, 0x78, 0xbc, 0xe8, 0x20, 0x62, 0x91, 0xc8,
-      0xcc, 0xa9, 0x55, 0xa0, 0x60, 0x81, 0x4a, 0x9e, 0xa6, 0xfb,
-      0xe5, 0x50, 0xc8, 0xee, 0xd7, 0x7d, 0x58, 0x67, 0x55, 0xf3,
-      0x59, 0x09, 0xd8, 0x3f, 0x95, 0xcf, 0x45, 0x80, 0x55, 0xff,
-      0xa9, 0x06, 0xb2, 0x03, 0xf9, 0x60, 0x04, 0xc8 },
-    { 0x8d, 0xab, 0x61, 0xfd, 0xc7, 0x38, 0x69, 0x02, 0x16, 0xe8,
-      0xe8, 0xae, 0xcf, 0x68, 0xaf, 0xc7, 0xf8, 0x6f, 0x2b, 0xe6,
-      0xc1, 0xf8, 0x53, 0x9f, 0xc0, 0x1c, 0x2e, 0xb2, 0x46, 0x46,
-      0x4d, 0x9e, 0xa1, 0xae, 0x66, 0x6b, 0x4b, 0xa8, 0x46, 0xe4,
-      0xcb, 0x3b, 0x43, 0x61, 0xe4, 0xbb, 0xd0, 0x07, 0x00, 0x89,
-      0xc0, 0x6e, 0x7d, 0x06, 0xe6, 0x84, 0xe2, 0x77, 0x5e, 0xb6,
-      0x09, 0x92, 0xf7, 0xd0, 0x3b, 0x72, 0xb0, 0x4d, 0x6c, 0x2b,
-      0x7d, 0xd4, 0xc8, 0x86, 0x9a, 0xba, 0xe2, 0x0f, 0xd6, 0x24,
-      0x84, 0x97, 0x50, 0x96, 0x2c, 0xaa, 0xf8, 0x92, 0xa1, 0xa9,
-      0x90, 0x24, 0xc6, 0x30, 0xb8, 0xc0, 0x48, 0xa4, 0x88, 0x99,
-      0xab, 0x18, 0xd6, 0xf4, 0x0e, 0x2f, 0x67, 0x86, 0x62, 0x98,
-      0x58, 0x7a, 0x19, 0xe6, 0x5c, 0x5e, 0x53, 0xeb, 0x36, 0x95,
-      0x84, 0xc7, 0x47, 0xa8, 0xfd, 0x71, 0xf1, 0x19 },
-    { 0x6f, 0x77, 0xe6, 0x2d, 0xf9, 0x9b, 0x29, 0xe7, 0xe0, 0x3c,
-      0xa8, 0x79, 0x11, 0x8f, 0x69, 0x0c, 0x9d, 0xef, 0x7a, 0xd1,
-      0x67, 0xb9, 0x7e, 0xe1, 0x3e, 0xb2, 0x1b, 0x14, 0xcb, 0xd7,
-      0xce, 0xf1, 0x55, 0xbe, 0x8a, 0x15, 0x2c, 0xaf, 0x08, 0x0e,
-      0x5e, 0xce, 0x77, 0xab, 0xb8, 0x16, 0x9f, 0xed, 0x86, 0x94,
-      0x22, 0x9f, 0x31, 0xdc, 0xc9, 0x57, 0xa1, 0x04, 0x44, 0xeb,
-      0xa5, 0x90, 0x70, 0x0d, 0x80, 0x27, 0x14, 0xc1, 0x9e, 0xc5,
-      0x15, 0x02, 0x87, 0x7f, 0x8b, 0xcf, 0x3f, 0x06, 0xfd, 0xc2,
-      0x1d, 0xe7, 0x6a, 0xed, 0x91, 0x1f, 0x32, 0xe6, 0xd3, 0xd2,
-      0x39, 0xbb, 0x34, 0x86, 0x54, 0x02, 0x35, 0xb2, 0xba, 0x2b,
-      0x08, 0xc4, 0x62, 0x1a, 0x2d, 0x88, 0xb5, 0x20, 0x34, 0xd4,
-      0x78, 0xb4, 0xac, 0xd4, 0x29, 0x7e, 0xff, 0x4f, 0x9b, 0xa2,
-      0x42, 0xa5, 0xc9, 0x03, 0xd5, 0x4d, 0x1d, 0x45 },
-    { 0x63, 0x81, 0x9c, 0x91, 0xc3, 0xd2, 0xcf, 0x80, 0x79, 0x9d,
-      0x78, 0x86, 0x81, 0x84, 0xf0, 0xeb, 0x23, 0x44, 0xe0, 0x0f,
-      0x68, 0xbe, 0xd1, 0x02, 0xee, 0x6d, 0x75, 0x78, 0xc1, 0xcf,
-      0x55, 0x80, 0x86, 0x13, 0x60, 0x73, 0x2e, 0x5a, 0x8b, 0xe6,
-      0xae, 0x5e, 0x2e, 0x76, 0xd6, 0x69, 0x84, 0x0a, 0x31, 0x4d,
-      0x5d, 0x57, 0x77, 0x3b, 0x7b, 0x3a, 0x91, 0xe0, 0xa2, 0xef,
-      0x06, 0xc0, 0xcc, 0x42, 0x99, 0xaa, 0xfa, 0xbf, 0xf8, 0x5c,
-      0x3f, 0xbf, 0x11, 0xaa, 0x01, 0x2f, 0xff, 0x3b, 0xf3, 0xb5,
-      0x97, 0x92, 0xa8, 0xfd, 0x6f, 0x38, 0xea, 0xc7, 0x22, 0xeb,
-      0x71, 0x13, 0xa8, 0x13, 0x35, 0x9f, 0x34, 0x65, 0xb4, 0x66,
-      0x4b, 0x71, 0xb0, 0x2f, 0x17, 0x55, 0xe0, 0x35, 0x73, 0x54,
-      0x1c, 0xd1, 0x17, 0x7b, 0xa4, 0x53, 0x64, 0x01, 0xaa, 0xd6,
-      0xa2, 0x71, 0xbd, 0xed, 0xe4, 0x0b, 0xbf, 0x59 },
-    { 0x67, 0xd4, 0x8d, 0x12, 0x82, 0x65, 0xd7, 0xee, 0xc8, 0x0a,
-      0xfe, 0xec, 0x55, 0xe4, 0x9b, 0x47, 0xe4, 0x3a, 0x0b, 0xe7,
-      0x0a, 0x2f, 0x8c, 0xab, 0xc0, 0xd0, 0x31, 0x9a, 0x50, 0x4b,
-      0x6b, 0xc1, 0xe0, 0xfc, 0x16, 0xd3, 0x4e, 0xbd, 0x45, 0x3e,
-      0xe1, 0x31, 0xcc, 0x9a, 0xbd, 0xa6, 0x12, 0x5a, 0x10, 0xb2,
-      0xcf, 0xe7, 0x97, 0x6a, 0x84, 0x4b, 0x1f, 0xf6, 0x0c, 0x51,
-      0xa0, 0xd3, 0xd8, 0x1a, 0xc5, 0xb3, 0x37, 0x6f, 0x17, 0x1d,
-      0x12, 0x04, 0x5a, 0xab, 0xf3, 0x91, 0xfa, 0xde, 0x65, 0x00,
-      0xeb, 0xf5, 0x75, 0x89, 0x2a, 0xea, 0x4f, 0xbf, 0xf9, 0x66,
-      0x64, 0xee, 0x1b, 0xf9, 0x6b, 0x91, 0xcb, 0x2a, 0xc0, 0x7c,
-      0xe4, 0xc4, 0x7b, 0x70, 0x3d, 0x07, 0xf5, 0xf0, 0x90, 0x70,
-      0x38, 0xa7, 0x9e, 0xc3, 0xa1, 0xfc, 0xeb, 0x12, 0x67, 0xea,
-      0xca, 0x53, 0x92, 0xe1, 0x78, 0x84, 0xb0, 0x73 },
-    { 0x27, 0x95, 0x0e, 0x38, 0xe8, 0x38, 0x4d, 0xc7, 0xa3, 0xd7,
-      0xeb, 0xc3, 0x1f, 0x0e, 0x43, 0xf5, 0x2c, 0xf1, 0x13, 0xa9,
-      0x28, 0xb0, 0x1d, 0xf5, 0xd4, 0x90, 0x0d, 0x0f, 0x10, 0xd1,
-      0xc1, 0x84, 0x3e, 0xfc, 0xaa, 0x50, 0xab, 0xf2, 0x94, 0x01,
-      0xfe, 0x8b, 0xb1, 0x20, 0x5e, 0xe6, 0x05, 0x96, 0xfd, 0xd5,
-      0x6b, 0x1b, 0x4d, 0xc9, 0x27, 0xcd, 0x95, 0xf6, 0x2c, 0x85,
-      0xc5, 0xb6, 0x49, 0xd4, 0x84, 0x22, 0x9d, 0xf4, 0x75, 0x61,
-      0xa0, 0x10, 0x47, 0x2d, 0xdc, 0x3d, 0x64, 0xa2, 0xf9, 0xa8,
-      0xde, 0xe7, 0xca, 0x2b, 0x75, 0xba, 0x8c, 0x3d, 0x89, 0xa2,
-      0x42, 0xe7, 0xf7, 0x7e, 0x62, 0x93, 0xfb, 0xb6, 0x39, 0xca,
-      0x07, 0x20, 0x4e, 0xbc, 0x6b, 0xd1, 0x1d, 0xb0, 0xae, 0x73,
-      0x66, 0xcd, 0xd7, 0x1a, 0xbd, 0x0e, 0x27, 0x48, 0x0a, 0x63,
-      0x06, 0x8d, 0x59, 0xa7, 0xea, 0x2d, 0x56, 0xd6 },
-    { 0x54, 0xff, 0x78, 0x84, 0x79, 0xb2, 0x5d, 0x71, 0xa1, 0xc9,
-      0x98, 0x13, 0xff, 0x22, 0x25, 0xab, 0xae, 0x80, 0x45, 0x3f,
-      0xbb, 0x1e, 0x5b, 0xd8, 0xa7, 0xf0, 0x44, 0x0c, 0x9f, 0x68,
-      0x4f, 0x25, 0x33, 0x5c, 0xc4, 0xf8, 0x5d, 0x15, 0xdf, 0xbf,
-      0xff, 0x3a, 0xba, 0x5c, 0x69, 0x62, 0x80, 0x46, 0x55, 0xce,
-      0x84, 0x91, 0x58, 0x80, 0xcd, 0xaf, 0x8e, 0xe0, 0x0e, 0x1a,
-      0x8e, 0xef, 0x6c, 0xc9, 0x4e, 0x01, 0x41, 0xae, 0x85, 0x02,
-      0xaa, 0x89, 0x20, 0x73, 0x95, 0x4c, 0xd2, 0xe9, 0x6d, 0xdf,
-      0x14, 0x42, 0xbf, 0x36, 0x7d, 0xd4, 0xc5, 0x31, 0x46, 0x71,
-      0x6f, 0x79, 0xa9, 0x25, 0xe7, 0xe7, 0xbb, 0x48, 0x27, 0xfa,
-      0x4e, 0xb2, 0x1f, 0x6b, 0x4c, 0x93, 0x46, 0x89, 0x2f, 0xe3,
-      0x74, 0xcb, 0x4b, 0x9f, 0xd0, 0x33, 0x04, 0x8b, 0x5d, 0xe9,
-      0xea, 0xb2, 0x1f, 0xf0, 0xe1, 0xd0, 0xfa, 0x79 },
-    { 0x8a, 0xdb, 0xad, 0x85, 0x3f, 0x18, 0x30, 0xfe, 0x4e, 0x4e,
-      0x45, 0x73, 0xee, 0x30, 0xb2, 0x86, 0x8a, 0xcd, 0xa9, 0x65,
-      0x9f, 0xa1, 0x01, 0xe6, 0x17, 0x87, 0x55, 0x00, 0x28, 0xc9,
-      0x30, 0x2c, 0x06, 0x9e, 0x82, 0xdc, 0x36, 0x78, 0xa4, 0x27,
-      0xd6, 0xa2, 0xc0, 0x1d, 0x8b, 0x6a, 0x6c, 0x6b, 0x28, 0x94,
-      0x5e, 0x31, 0xc9, 0x55, 0xae, 0xad, 0x91, 0x53, 0x62, 0xdc,
-      0xb7, 0x86, 0xea, 0x9f, 0x33, 0x9d, 0xf0, 0x81, 0x0c, 0xcd,
-      0x9e, 0xc9, 0xc6, 0x8f, 0x1b, 0x3b, 0x4a, 0x2c, 0x08, 0xe3,
-      0xbb, 0x74, 0xe5, 0x8f, 0xdc, 0xb0, 0xc0, 0x0f, 0xe3, 0x28,
-      0x54, 0x41, 0x8d, 0xf9, 0x0d, 0x2b, 0x50, 0xa5, 0xa5, 0xad,
-      0xc0, 0x41, 0x81, 0x15, 0xe2, 0x4a, 0x46, 0x04, 0xfa, 0x3b,
-      0x21, 0xf6, 0x92, 0x26, 0x46, 0x5b, 0xe6, 0xf3, 0xa5, 0x1e,
-      0x27, 0xc6, 0xee, 0x30, 0xde, 0x40, 0xb0, 0x68 },
-    { 0x73, 0x93, 0x00, 0x36, 0xc0, 0x94, 0x5e, 0x5f, 0xf3, 0x42,
-      0xc1, 0xaa, 0x02, 0x7e, 0x71, 0xc1, 0xb7, 0x5c, 0x41, 0xa6,
-      0x66, 0xcb, 0xc9, 0x6c, 0xf5, 0x88, 0xb4, 0xf8, 0x17, 0x17,
-      0xe1, 0xaf, 0x14, 0xeb, 0x86, 0xf3, 0x58, 0x40, 0x7a, 0x1d,
-      0xdb, 0xe3, 0x86, 0xcb, 0x81, 0x6c, 0x07, 0x30, 0x40, 0x3f,
-      0x16, 0x8c, 0x30, 0x26, 0xcd, 0x41, 0x95, 0xb1, 0x6c, 0xcc,
-      0xcd, 0x5e, 0x87, 0xe7, 0x40, 0xd8, 0x6f, 0x30, 0x12, 0x43,
-      0xf3, 0xef, 0x40, 0x90, 0xcf, 0xa6, 0x1b, 0x46, 0x4b, 0x28,
-      0xcd, 0xbc, 0x2a, 0xd2, 0x09, 0x84, 0xfb, 0x0e, 0x6a, 0xa1,
-      0xf5, 0xde, 0x8e, 0x1c, 0x0f, 0x7f, 0x45, 0x6b, 0x9c, 0xf2,
-      0xe2, 0x33, 0x6d, 0x4f, 0x3c, 0xec, 0x67, 0x66, 0x7c, 0xc1,
-      0xfc, 0xc2, 0xf4, 0x2f, 0xda, 0xf7, 0xf3, 0x9b, 0xcc, 0x79,
-      0x06, 0x0a, 0xe1, 0x1f, 0x09, 0x69, 0xd5, 0x24 },
-    { 0x8b, 0xc6, 0xec, 0x4a, 0xe4, 0x29, 0x65, 0xe2, 0x5b, 0xd1,
-      0x01, 0x82, 0xaa, 0x7c, 0x99, 0xd3, 0x9c, 0x28, 0xa9, 0x67,
-      0x73, 0xea, 0xf2, 0x23, 0xcf, 0x56, 0x13, 0x48, 0xe0, 0x96,
-      0x1b, 0x31, 0x45, 0xb9, 0xe6, 0x1b, 0x73, 0x1f, 0xc4, 0x47,
-      0x61, 0xa5, 0x14, 0xe1, 0xb5, 0x24, 0x63, 0x2f, 0x43, 0x4a,
-      0xc7, 0xb1, 0x64, 0xac, 0x8f, 0x15, 0x70, 0x5d, 0xdd, 0x5a,
-      0xd9, 0x11, 0x08, 0xcc, 0xda, 0xcd, 0xfd, 0x5d, 0xd2, 0x9c,
-      0x01, 0xaa, 0x4b, 0xd7, 0xd6, 0x9d, 0x61, 0x17, 0x9c, 0xae,
-      0x17, 0x15, 0x90, 0x3e, 0x6a, 0x4f, 0x69, 0x85, 0x92, 0xb3,
-      0x05, 0xd1, 0x02, 0x2c, 0xeb, 0x91, 0x69, 0x64, 0x2e, 0x08,
-      0xf1, 0x8f, 0xd5, 0xbc, 0x8b, 0x98, 0x68, 0x19, 0xf5, 0x51,
-      0x4f, 0x25, 0x78, 0x8b, 0x59, 0x1d, 0xf4, 0x18, 0x1a, 0xab,
-      0x95, 0x4f, 0x75, 0x7d, 0x22, 0xcd, 0xaf, 0x42 },
-    { 0x8e, 0x85, 0x43, 0x7d, 0xbe, 0x9c, 0x7e, 0x15, 0x2b, 0x3c,
-      0x8f, 0x71, 0xdc, 0xeb, 0x89, 0x55, 0xab, 0x01, 0x2c, 0x2c,
-      0x58, 0x47, 0xa4, 0xd7, 0x28, 0x44, 0xd9, 0x6a, 0x98, 0x2f,
-      0xc0, 0xd4, 0xd6, 0xa7, 0xdf, 0x0d, 0xaa, 0x60, 0xaa, 0x6a,
-      0xd3, 0x08, 0xfc, 0x21, 0xae, 0x9b, 0x2a, 0xa8, 0xfc, 0x9a,
-      0xc3, 0xb9, 0x48, 0xd6, 0x5c, 0xbb, 0xe5, 0x65, 0x43, 0x1c,
-      0x8b, 0x65, 0xc9, 0xa1, 0xe3, 0x14, 0x71, 0xee, 0x6b, 0xe6,
-      0xc8, 0xca, 0x73, 0x24, 0x83, 0xe3, 0x51, 0xb7, 0xda, 0x61,
-      0xa0, 0xac, 0xfc, 0xa2, 0x2b, 0x29, 0xb2, 0xb7, 0x51, 0x0e,
-      0x18, 0x60, 0x84, 0x57, 0xaa, 0x6e, 0x66, 0x55, 0xfc, 0x9c,
-      0xbb, 0x60, 0x54, 0xa6, 0x06, 0xfe, 0x43, 0x7c, 0x40, 0x1e,
-      0x36, 0x0c, 0xff, 0x54, 0x80, 0x0c, 0x09, 0x38, 0x8a, 0x30,
-      0xd0, 0x96, 0xe5, 0xc0, 0xe7, 0xf2, 0xa3, 0x2b },
-};
-
-/*
- * Loop for modular exponentiate the value in F_p*.
- *
- * Using 8-bit stripe table.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   b    MP integer that is the base to exponentiate.
- * @param  [in]   e    MP integer that is the exponent.
- * @param  [out]  c    Result of exponentiation.
- * @param  [in]   mp   Multiplier to use when converting from Montgomery form.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_modexp_loop(SakkeKey* key, const mp_int* b, mp_int* e,
-        mp_proj* c, mp_digit mp)
-{
-    int err = 0;
-    mp_int* t1 = &key->tmp.m1;
-    mp_int* t2 = &key->tmp.m2;
-    mp_int* by = key->tmp.p1->z;
-    mp_int* prime = &key->params.prime;
-    unsigned char eb[128];
-    int i;
-    int y;
-
-    /* Use table for values of b exponentiated. */
-    (void)b;
-
-    (void)mp_to_unsigned_bin_len(e, eb, sizeof(eb));
-
-    /* Set the working value to the base in PF_p[q] */
-    err = mp_montgomery_calc_normalization(c->x, prime);
-    if (err == 0) {
-        y  =  (eb[112] >> 7) & 1;
-        y |= ((eb[ 96] >> 7) & 1) << 1;
-        y |= ((eb[ 80] >> 7) & 1) << 2;
-        y |= ((eb[ 64] >> 7) & 1) << 3;
-        y |= ((eb[ 48] >> 7) & 1) << 4;
-        y |= ((eb[ 32] >> 7) & 1) << 5;
-        y |= ((eb[ 16] >> 7) & 1) << 6;
-        y |= ((eb[  0] >> 7) & 1) << 7;
-
-        (void)mp_read_unsigned_bin(c->y, sakke_1024_g_table[y], 128);
-    }
-    for (i = 128 - 2; (err == 0) && (i >= 0); i--) {
-        y  =  (eb[127 -  i / 8       ] >> (i & 0x7)) & 1;
-        y |= ((eb[127 - (i / 8 +  16)] >> (i & 0x7)) & 1) << 1;
-        y |= ((eb[127 - (i / 8 +  32)] >> (i & 0x7)) & 1) << 2;
-        y |= ((eb[127 - (i / 8 +  48)] >> (i & 0x7)) & 1) << 3;
-        y |= ((eb[127 - (i / 8 +  64)] >> (i & 0x7)) & 1) << 4;
-        y |= ((eb[127 - (i / 8 +  80)] >> (i & 0x7)) & 1) << 5;
-        y |= ((eb[127 - (i / 8 +  96)] >> (i & 0x7)) & 1) << 6;
-        y |= ((eb[127 - (i / 8 + 112)] >> (i & 0x7)) & 1) << 7;
-
-        err = sakke_proj_sqr(c, prime, mp, c, t1, t2);
-        if (err == 0) {
-            (void)mp_read_unsigned_bin(by, sakke_1024_g_table[y], 128);
-            err = sakke_proj_mul_qx1(c, by, prime, mp, c, t1, t2);
-        }
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SAKKE_SMALL */
-
-/*
- * Modular exponentiate the value in F_p*.
- *
- * @param  [in]   key  SAKKE key.
- * @param  [in]   b    MP integer that is the base to exponentiate.
- * @param  [in]   e    MP integer that is the exponent.
- * @param  [out]  r    Result of exponentiation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_modexp(SakkeKey* key, mp_int* b, mp_int* e, mp_int* r)
-{
-    int err;
-    mp_digit mp;
-    mp_int* prime = &key->params.prime;
-    mp_proj* c = key->tmp.p1;
-
-    (void)b;
-
-    err = mp_montgomery_setup(prime, &mp);
-    if (err == 0) {
-        err = sakke_modexp_loop(key, b, e, c, mp);
-    }
-
-    if (err == 0) {
-        err = mp_montgomery_reduce(c->x, prime, mp);
-    }
-    if (err == 0) {
-        err = mp_montgomery_reduce(c->y, prime, mp);
-    }
-    /* Convert value back from PF_p[q] to F_p* */
-    if (err == 0) {
-        err = mp_invmod(c->x, prime, c->x);
-    }
-    if (err == 0) {
-        err = mp_mulmod(c->x, c->y, prime, r);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_ECC */
-
-/*
- * Calculate the hash values h and v.
- *
- * RFC 6508, section 5.1, Steps 4.a and 4.b.
- *
- * @param  [in]   key       SAKKE key.
- * @param  [in]   hashType  Hash algorithm to use.
- * @param  [in]   hashSz    Size of output of hash algorithm in bytes.
- * @param  [in]   a         Hash of data and extra.
- * @param  [in]   h         Rolling hash result.
- * @param  [out]  v         Output bytes of hashing.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when hashType is not supported.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_calc_h_v(SakkeKey* key, enum wc_HashType hashType,
-        word32 hashSz, const byte* a, byte* h, byte* v)
-{
-    int err;
-
-    /* Step 4.a: h_i = hashfn(h_(i - 1)) */
-    err = wc_HashUpdate(&key->hash, hashType, h, hashSz);
-    if (err == 0) {
-        err = wc_HashFinal(&key->hash, hashType, h);
-    }
-
-    /* Step 4.b: v_i = hashfn(h_i | A) */
-    if (err == 0) {
-        err = wc_HashUpdate(&key->hash, hashType, h, hashSz);
-    }
-    if (err == 0) {
-        err = wc_HashUpdate(&key->hash, hashType, a, hashSz);
-    }
-    if (err == 0) {
-        err = wc_HashFinal(&key->hash, hashType, v);
-    }
-
-    return err;
-}
-
-/*
- * XOR hash output v into output, with length n, starting at index i.
- *
- * @param  [in]      v       Output bytes of hashing.
- * @param  [in]      hashSz  Size of output of hash algorithm in bytes.
- * @param  [in,out]  out     Data to be XORed.
- * @param  [in]      idx     Index to start XORing into.
- * @param  [in]      n       Length of data to XOR (mask) in bytes.
- */
-static void sakke_xor_in_v(const byte* v, word32 hashSz, byte* out, word32 idx,
-        word32 n)
-{
-    int o;
-    word32 i;
-
-    if (idx == 0) {
-        i = hashSz - (n % hashSz);
-        if (i == hashSz) {
-            i = 0;
-        }
-    }
-    else {
-        i = 0;
-    }
-    o = (int)i;
-    xorbuf(out + idx + i - o, v + i, hashSz - i);
-}
-
-/*
- * Hash octet strings to an integer range.
- *
- * RFC 6508, section 5.1, Steps 1 to 4.
- *
- * @param  [in]   key       SAKKE key.
- * @param  [in]   hashType  Hash algorithm to use.
- * @param  [in]   data      First block of data.
- * @param  [in]   sz        Size of first block of data in bytes.
- * @param  [in]   extra     Extra block of data.
- * @param  [in]   extraSz   Size of extra block of data in bytes.
- * @param  [out]  a         Output bytes of hashing.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when hashType is not supported.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_calc_a(SakkeKey* key, enum wc_HashType hashType,
-        const byte* data, word32 sz, const byte* extra, word32 extraSz, byte* a)
-{
-    int err;
-    int hash_inited = 0;
-
-    /* Step 1: A = hashfn( s ), where s = data | extra */
-    err = wc_HashInit_ex(&key->hash, hashType, key->heap, INVALID_DEVID);
-    if (err == 0) {
-        hash_inited = 1;
-        err = wc_HashUpdate(&key->hash, hashType, data, sz);
-    }
-    if ((err == 0) && (extra != NULL)) {
-        err = wc_HashUpdate(&key->hash, hashType, extra, extraSz);
-    }
-    if (err == 0) {
-        err = wc_HashFinal(&key->hash, hashType, a);
-    }
-
-    if (hash_inited) {
-        (void)wc_HashFree(&key->hash, hashType);
-    }
-
-    return err;
-}
-
-/*
- * Hash octet strings to an integer range.
- *
- * RFC 6508, section 5.1, Steps 1 to 4.
- *
- * @param  [in]   key       SAKKE key.
- * @param  [in]   hashType  Hash algorithm to use.
- * @param  [in]   a         Hash of original data.
- * @param  [out]  out       Output bytes of hashing.
- * @param  [in]   n         Size of output buffer in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when hashType is not supported.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_hash_to_range(SakkeKey* key, enum wc_HashType hashType,
-        const byte* a, byte* out, word32 n)
-{
-    int err = 0;
-    byte h[WC_MAX_DIGEST_SIZE];
-    byte v[WC_MAX_DIGEST_SIZE];
-    word32 hashSz = 1;
-    word32 i;
-    int hash_inited = 0;
-
-    err = wc_HashInit_ex(&key->hash, hashType, key->heap, INVALID_DEVID);
-    if (err == 0) {
-        hash_inited = 1;
-
-    /* Step 1: A = hashfn( s ), where s = data | extra
-     * See sakke_calc_a (need function parameters to be 7 or less)
-     */
-
-    /* Step 2: h_0 = 00...00, a string of null bits of length hashlen bits */
-        err = wc_HashGetDigestSize(hashType);
-    }
-    if (err > 0) {
-        hashSz = (word32)err;
-        XMEMSET(h, 0, hashSz);
-        err = 0; /* reset err value after getting digest size */
-    }
-    else if (err == 0) {
-        /* invalid hash digest size */
-        err = BAD_FUNC_ARG;
-    }
-
-    /* Step 3: l = Ceiling(lg(n)/hashlen) */
-    /* Step 4: For each i in 1 to l, do */
-    for (i = 0; (err == 0) && (i < n); i += hashSz) {
-        /* Steps 4.a and 4.b */
-        err = sakke_calc_h_v(key, hashType, hashSz, a, h, v);
-
-        /* XOR in the result into output buffer. */
-        if (err == 0) {
-            sakke_xor_in_v(v, hashSz, out, i, n);
-        }
-    }
-
-    if (hash_inited) {
-        (void)wc_HashFree(&key->hash, hashType);
-    }
-
-    return err;
-}
-
-/*
- * Hash octet strings to an integer range - RFC 6508 section 5.1.
- * Steps 1 to 6.
- *
- * @param  [in]   key       SAKKE key.
- * @param  [in]   hashType  Hash algorithm to use.
- * @param  [in]   a         Hash of original data.
- * @param  [in]   q         MP integer representing modulus.
- * @param  [in]   n         Size of output in bytes.
- * @param  [out]  r         MP integer representing modulo reduced hashes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when hashType is not supported.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_hash_to_range_int(SakkeKey* key, enum wc_HashType hashType,
-        const byte* a, mp_int* q, word32 n, mp_int* r)
-{
-    int err;
-    byte* rb = key->data;
-
-    /* Make all zeros so that hash output can be XORed in. */
-    XMEMSET(rb, 0, n);
-
-    /* Steps 1-4 */
-    err = sakke_hash_to_range(key, hashType, a, rb, n);
-    if (err == 0) {
-        /* Steps 5 v' = v_1 | ...  | v_l */
-        err = mp_read_unsigned_bin(r, rb, n);
-    }
-    if (err == 0) {
-        /* Steps 6 v = v' mod n */
-        err = mp_mod(r, q, r);
-    }
-
-    return err;
-}
-
-/**
- * Set the identity to perform operations with.
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   id    Identity.
- * @param  [in]   idSz  Size of identity in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or id is NULL or idSz > SAKKE_ID_MAX_SIZE.
- */
-int wc_SetSakkeIdentity(SakkeKey* key, const byte* id, word16 idSz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (id == NULL) || (idSz > SAKKE_ID_MAX_SIZE)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        XMEMCPY(key->id, id, idSz);
-        key->idSz = idSz;
-    }
-
-    return err;
-}
-
-/**
- * Compute the elliptic curve point I for identity. Partial for point R.
- *
- * RFC 6508, Section 6.2.1, Step 3.\n
- * RFC 6508, Section 6.2.2, Step 5.\n
- * I = [b]P + Z_S
- *
- * @param  [in]   key   SAKKE key.
- * @param  [in]   id    Identity.
- * @param  [in]   idSz  Size of identity in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or id is NULL or idSz > SAKKE_ID_MAX_SIZE.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int wc_MakeSakkePointI(SakkeKey* key, const byte* id, word16 idSz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (id == NULL) || (idSz > SAKKE_ID_MAX_SIZE)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        /* I = [b]P + Z_S */
-        err = sakke_compute_point_i(key, id, idSz, key->i.i);
-    }
-    if (err == 0) {
-        XMEMCPY(key->i.id, id, idSz);
-        key->i.idSz = idSz;
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-
-/**
- * Get the elliptic curve point I - a partial calculation for point R.
- *
- * RFC 6508, Section 6.2.1, Step 3.\n
- * RFC 6508, Section 6.2.2, Step 5.\n
- * I = [b]P + Z_S
- *
- * @param  [in]      key   SAKKE key.
- * @param  [out]     data  Encoding of point I.
- * @param  [in,out]  sz    On in, the size of data in bytes.
- *                         On out, the size of the encoding in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or sz is NULL.
- * @return  LENGTH_ONLY_E when data is NULL. Number of bytes required returned
- *          in sz.
- * @return  BUFFER_E when sz is too small to hold encoding.
- */
-int wc_GetSakkePointI(SakkeKey* key, byte* data, word32* sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (sz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (data == NULL)) {
-        *sz = (word32)(key->ecc.dp->size * 2);
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*sz < (word32)key->ecc.dp->size * 2)) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        /* Write out the x ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(key->i.i->x, data, key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Write data the y ordinate into key size bytes. */
-        err = mp_to_unsigned_bin_len(key->i.i->y, data, key->ecc.dp->size);
-    }
-    if (err == 0) {
-        *sz = (word32)(key->ecc.dp->size * 2);
-    }
-
-    return err;
-}
-
-/**
- * Set the elliptic curve point I - a partial calculation for point R - and the
- * identity that it belongs to.
- *
- * RFC 6508, Section 6.2.1, Step 3.\n
- * RFC 6508, Section 6.2.2, Step 5.\n
- * I = [b]P + Z_S
- *
- * @param  [in]      key   SAKKE key.
- * @param  [out]     data  Encoding of point I.
- * @param  [in,out]  sz    On in, the size of data in bytes.
- *                         On out, the size of the encoding in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, id or data is NULL.
- * @return  BUFFER_E when idSz is too big to store or sz is not the required
- *          size.
- */
-int wc_SetSakkePointI(SakkeKey* key, const byte* id, word16 idSz,
-        const byte* data, word32 sz)
-{
-    int err = 0;
-
-    if ((key == NULL) || (id == NULL) || (data == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && ((idSz > SAKKE_ID_MAX_SIZE) ||
-            (sz != (word32)key->ecc.dp->size * 2))) {
-        err = BUFFER_E;
-    }
-
-    if (err == 0) {
-        /* Read the x value from key size bytes. */
-        err = mp_read_unsigned_bin(key->i.i->x, data,
-            (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        data += key->ecc.dp->size;
-        /* Read the y value from key size bytes. */
-        err = mp_read_unsigned_bin(key->i.i->y, data,
-            (word32)key->ecc.dp->size);
-    }
-    if (err == 0) {
-        err = mp_set(key->i.i->z, 1);
-    }
-    if (err == 0) {
-        XMEMCPY(key->i.id, id, idSz);
-        key->i.idSz = idSz;
-    }
-
-    return err;
-}
-
-/**
- * Generate the pre-computation table for point I.
- *
- * A reference to the table is stored if successfully generated.
- *
- * @param  [in]      key    SAKKE key.
- * @param  [in,out]  table  Pre-computation table.
- *                          NULL to indicate that only length required.
- * @param  [in,out]  len    On in, the size of table buffer in bytes.
- *                          On out, the size of table data in bytes.
- * @return  BAD_FUNC_ARG then key or len is NULL.
- * @return  LENGTH_ONLY_E when only the length is returned.
- * @return  BUFFER_E when len is too small.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int wc_GenerateSakkePointITable(SakkeKey* key, byte* table, word32* len)
-{
-    int err = 0;
-
-    if ((key == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-    if (err == 0) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        err = sp_ecc_gen_table_1024(key->i.i, table, len, key->heap);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    if (err == 0) {
-        key->i.table = table;
-        key->i.tableLen = *len;
-    }
-#else
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        *len = 0;
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-        key->i.table = table;
-        key->i.tableLen = *len;
-    }
-#endif
-
-    return err;
-}
-
-/**
- * Sets the pre-computation table for point I.
- * Speeds up making and deriving the encapsulated SSV.
- *
- * @param  [in]  key    SAKKE key.
- * @param  [in]  table  Pre-computation table for Point I.
- * @param  [in]  len    Length of pre-computation table in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or table is NULL.
- */
-int wc_SetSakkePointITable(SakkeKey* key, byte* table, word32 len)
-{
-    int err = 0;
-#ifdef WOLFSSL_HAVE_SP_ECC
-    word32 sz = 0;
-#endif
-
-    if ((key == NULL) || (table == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-    if (err == 0) {
-        err = sp_ecc_gen_table_1024(key->i.i, NULL, &sz, NULL);
-        if (err == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-            err = 0;
-        }
-    }
-    if ((err == 0) && (len != sz)) {
-        err = BUFFER_E;
-    }
-#else
-    if ((err == 0) && (len != 0)) {
-        err = BUFFER_E;
-    }
-#endif
-
-    if (err == 0) {
-        key->i.table = table;
-        key->i.tableLen = len;
-    }
-
-    return err;
-}
-
-/**
- * Clears the pre-computation table for point I.
- *
- * Must be called once the table has been disposed of.
- *
- * @param  [in]  key    SAKKE key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- */
-int wc_ClearSakkePointITable(SakkeKey* key)
-{
-    int err = 0;
-
-    if (key == NULL) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if (err == 0) {
-        key->i.table = NULL;
-        key->i.tableLen = 0;
-    }
-
-    return err;
-}
-
-/*
- * Compute the elliptic curve point R for device B.
- *
- * RFC 6508, Section 6.2.1, Step 3.\n
- * RFC 6508, Section 6.2.2, Step 5.\n
- * R = [r]([b]P + Z_S)
- *
- * @param  [in]  key   SAKKE key.
- * @param  [in]  id    Identifier to of device B.
- * @param  [in]  idSz  Size of identifier in bytes.
- * @param  [in]  z     ECC point - KMS Public Key Z_S.
- * @param  [in]  n     Number of bytes in r.
- * @param  [in]  out   Result R encoded to bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sakke_compute_point_r(SakkeKey* key, const byte* id, word16 idSz,
-        const mp_int* r, word32 n, byte* out)
-{
-    int err = 0;
-    ecc_point* i = key->i.i;
-    ecc_point* rp = key->tmp.p2;
-    word32 sz;
-
-    if ((key->i.idSz == 0) || (key->i.idSz != idSz) ||
-            (XMEMCMP(id, key->i.id, idSz) != 0)) {
-        /* I = [b]P + Z_S */
-        err = sakke_compute_point_i(key, id, idSz, i);
-        if ((err == 0) && (idSz <= SAKKE_ID_MAX_SIZE)) {
-            XMEMCPY(key->i.id, id, idSz);
-            key->i.idSz = idSz;
-        }
-        key->i.table = NULL;
-        key->i.tableLen = 0;
-    }
-    /* [r]([b]P + Z_S) */
-    if (err == 0) {
-        err = sakke_mulmod_point(key, r, i, key->i.table, rp, 1);
-    }
-    /* Export to canonical form */
-    if (err == 0) {
-        sz = n * 2 + 1;
-        err = wc_ecc_export_point_der(wc_ecc_get_curve_idx(key->ecc.dp->id), rp,
-                 out, &sz);
-    }
-
-    return err;
-}
-
-/**
- * Makes the Shared Secret Value (SSV) encapsulated and returns the
- * authentication data.
- *
- * RFC 6508, Section 6.2.1.
- *
- * SSV is overwritten with encapsulated SSV.
- *
- * Call wc_SetSakkeIdentity() to set the identity to use with operation.
- *
- * @param  [in]      key       SAKKE key.
- * @param  [in,out]  ssv       On in, Shared Secret Value (SSV) data.
- *                             On out, encrypted Shared Secret Value (SSV) data.
- * @param  [in]      ssvSz     Size of SSV in bytes.
- * @param  [in]      hashType  Hash algorithm to use.
- * @param  [out]     auth      Authentication data.
- * @param  [out]     authSz    Size of authentication data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ssv or encSz is NULL, ssvSz is to big or
- *          encSz is too small.
- * @return  BAD_STATE_E when identity not set.
- * @return  LENGTH_ONLY_E when auth is NULL. authSz contains required size of
- *          auth in bytes.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int wc_MakeSakkeEncapsulatedSSV(SakkeKey* key, enum wc_HashType hashType,
-        byte* ssv, word16 ssvSz, byte* auth, word16* authSz)
-{
-    int err = 0;
-    mp_int* r = NULL;
-    word16 n = 0;
-    word16 outSz = 0;
-    byte a[WC_MAX_DIGEST_SIZE];
-
-    if ((key == NULL) || (ssv == NULL) || (authSz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (key->idSz == 0)) {
-        err = BAD_STATE_E;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    /* Load parameters */
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        n = (word16)((mp_count_bits(&key->params.prime) + 7) / 8);
-
-        /* Uncompressed point */
-        outSz = (word16)(1 + 2 * n);
-
-        if ((auth != NULL) && (*authSz < outSz)) {
-            err = BAD_FUNC_ARG;
-        }
-    }
-    if (err == 0) {
-        *authSz = outSz;
-
-        if (auth == NULL) {
-            err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-    }
-
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-    if (err == 0) {
-        err = sakke_load_pairing_base(key);
-    }
-
-    /* Step 1: Generate a random SSV 0..(2^n)-1
-     * Already generated - see wc_MakeSakkeEncapsulated()
-     */
-    /* Step 2: Compute r = HashToIntegerRange( SSV | b, q, Hash ) */
-    if (err == 0) {
-        err = sakke_calc_a(key, hashType, ssv, ssvSz, key->id, key->idSz, a);
-    }
-    if (err == 0) {
-        r = key->tmp.p3->z;
-        err = sakke_hash_to_range_int(key, hashType, a, &key->params.q, n, r);
-    }
-    /* Step 3: Compute R_(b,S) = [r]([b]P + Z_S) in E(F_p) */
-    if (err == 0) {
-        err = sakke_compute_point_r(key, key->id, key->idSz, r, n, auth);
-    }
-
-    /* Step 4.a: Compute g^r */
-    if (err == 0) {
-        err = sakke_modexp(key, &key->params.g, r, r);
-    }
-
-    /* Step 4.b: Compute H := SSV XOR HashToIntegerRange( g^r, 2^n, Hash ) */
-    if (err == 0) {
-        err = mp_to_unsigned_bin_len(r, key->data, n);
-    }
-    /* ssv ^= HashToIntegerRange( g^r, 2^n, Hash ) */
-    if (err == 0) {
-        err = sakke_calc_a(key, hashType, key->data, n, NULL, 0, a);
-    }
-    if (err == 0) {
-        err = sakke_hash_to_range(key, hashType, a, ssv, ssvSz);
-    }
-
-    /* Step 5: Form the Encapsulated Data ( R_(b,S), H )
-     * R_(b,S) encoded in sakke_compute_point_r, H is a pointer into enc.
-     */
-
-    /* Step 6: Output SSV - already encoded in buffer */
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-
-/**
- * Generate a random Shared Secret Value (SSV).
- *
- * RFC 6508, Section 6.2.1, Step 1.
- *
- * @param  [in]   key    SAKKE key.
- * @param  [in]   rng    Random number generator.
- * @param  [out]  ssv    Shared Secret Value (SSV) data.
- * @param  [out]  ssvSz  Size of SSV in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, rng or ssvSz is NULL or ssvSz is to small.
- * @return  LENGTH_ONLY_E when ssv is NULL. ssvSz contains the required size of
- *          in bytes.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv, word16* ssvSz)
-{
-    int err = 0;
-    word16 n = 0;
-
-    if ((key == NULL) || (rng == NULL) || (ssvSz == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    /* Load parameters */
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        n = (word16)((mp_count_bits(&key->params.prime) + 7) / 8);
-
-        if ((ssv != NULL) && (*ssvSz > n)) {
-            err = BAD_FUNC_ARG;
-        }
-    }
-    if (err == 0) {
-        /* Return length only if an output buffer is NULL. */
-        if (ssv == NULL) {
-            *ssvSz = (word16) (n / 8);
-            err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-        }
-        else {
-            n = *ssvSz;
-        }
-    }
-
-    /* Step 1: Select a random ephemeral integer value. Range 0..(2^n - 1) */
-    if (err == 0) {
-        err = wc_RNG_GenerateBlock(rng, ssv, n);
-    }
-
-    return err;
-}
-
-/**
- * Derive the Shared Secret Value from the encapsulated data using the set
- * RSK
- *
- * RFC 6508, Section 6.2.2.
- *
- * Encapsulated SSV is overwritten with SSV.
- *
- * Call wc_SetSakkeIdentity() to set the identity to use with operation.
- *
- * Call wc_SetSakkeRSK() to set the Receiver Secret Key (RSK) to use with
- * operation.
- *
- * @param  [in]      key       SAKKE key.
- * @param  [in]      hashType  Hash algorithm to use.
- * @param  [in,out]  ssv       On in, encrypted Secret Shared Value (SSV) data.
- *                             On out, Secret Shared Value (SSV) data.
- * @param  [in]      ssvSz     Size of SSV in bytes.
- * @param  [in]      auth      Authentication data.
- * @param  [in]      authSz    Size of authentication data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ssv or auth is NULL.
- * @return  BAD_STATE_E when RSK or identity not set.
- * @return  SAKKE_VERIFY_FAIL_E when calculated R doesn't match the encapsulated
- *          data's R.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int wc_DeriveSakkeSSV(SakkeKey* key, enum wc_HashType hashType, byte* ssv,
-        word16 ssvSz, const byte* auth, word16 authSz)
-{
-    int err = 0;
-    word16 n = 0;
-    ecc_point* r = NULL;
-    mp_int* w = NULL;
-    mp_int* ri = NULL;
-    byte* wb = NULL;
-    byte* test = NULL;
-    byte a[WC_MAX_DIGEST_SIZE] = {0};
-
-    if ((key == NULL) || (ssv == NULL) || (auth == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-    if ((err == 0) && (!key->rsk.set || (key->idSz == 0))) {
-        err = BAD_STATE_E;
-    }
-
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-
-    /* Load parameters */
-    if (err == 0) {
-        err = sakke_load_params(key);
-    }
-    if (err == 0) {
-        n = (word16)((mp_count_bits(&key->params.prime) + 7) / 8);
-
-        if (authSz != 2 * n + 1) {
-            err = BAD_FUNC_ARG;
-        }
-    }
-    if (err == 0) {
-        err = sakke_load_base_point(key);
-    }
-
-    /* Step 1: Parse the Encapsulated Data ( R_(b,S), H )
-     * H = auth, so already extracted. */
-    if (err == 0) {
-        r = key->tmp.p2;
-
-        err = wc_ecc_import_point_der(auth, (word32)(n * 2 + 1),
-                wc_ecc_get_curve_idx(key->ecc.dp->id), r);
-    }
-
-    /* Step 2: w = < R_(b,S), K_(b,S) > = < K_(b,S), R_(b,S) > = < rsk , r > */
-    if (err == 0) {
-        w = &key->tmp.m1;
-
-        err = sakke_pairing(key, key->rsk.rsk, r, w, key->rsk.table,
-                key->rsk.tableLen);
-    }
-
-    /* Step 3: Compute SSV = H XOR HashToIntegerRange( w, 2^n, Hash ) */
-    if (err == 0) {
-        wb = key->data;
-        err = mp_to_unsigned_bin_len(w, wb, n);
-    }
-    /* HashToIntegerRange( w, 2^n, Hash ) */
-    if (err == 0) {
-        err = sakke_calc_a(key, hashType, wb, n, NULL, 0, a);
-    }
-    if (err == 0) {
-        err = sakke_hash_to_range(key, hashType, a, ssv, ssvSz);
-    }
-
-    /* Step 4: r = HashToIntegerRange( SSV | b, q, Hash ) */
-    if (err == 0) {
-        err = sakke_calc_a(key, hashType, ssv, ssvSz, key->id, key->idSz, a);
-    }
-    if (err == 0) {
-        ri = &key->tmp.m1;
-        err = sakke_hash_to_range_int(key, hashType, a, &key->params.q, n, ri);
-    }
-
-    /* Step 5: Compute TEST = [r]([b]P + Z_S) == R_(b,S) */
-    if (err == 0) {
-        test = key->data;
-
-        err = sakke_compute_point_r(key, key->id, key->idSz, ri, n, test);
-    }
-    if ((err == 0) && (XMEMCMP(auth, test, (size_t)(2 * n + 1)) != 0)) {
-        err = SAKKE_VERIFY_FAIL_E;
-    }
-
-    RESTORE_VECTOR_REGISTERS();
-
-    return err;
-}
-#endif /* WOLFCRYPT_SAKKE_CLIENT */
-
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/sha.c b/src/ssl/wolfssl/wolfcrypt/sha.c
deleted file mode 100644
index 700380951..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sha.c
+++ /dev/null
@@ -1,1239 +0,0 @@
-/* sha.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef DEBUG_WOLFSSL_VERBOSE
-    #if defined(WOLFSSL_ESPIDF)
-        #include <esp_log.h>
-    #endif
-#endif
-
-#if !defined(NO_SHA)
-
-#if FIPS_VERSION3_GE(2,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$k")
-        #pragma const_seg(".fipsB$k")
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/sha.h>
-#include <wolfssl/wolfcrypt/hash.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#ifdef WOLFSSL_IMXRT1170_CAAM
-#include <wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h>
-#endif
-
-#if defined(WOLFSSL_PSOC6_CRYPTO)
-    #include <wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h>
-#endif
-
-/* Assume no hash HW available until supporting HW found. */
-#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-
-#if defined(WOLFSSL_ESP32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-    /* define a single keyword for simplicity & readability
-     *
-     * by default the HW acceleration is on for ESP32-WROOM32
-     * but individual components can be turned off.
-     */
-    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-    #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
-
-    /* Although we have hardware acceleration,
-    ** we may need to fall back to software */
-    #define USE_SHA_SOFTWARE_IMPL
-
-#elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
-    /* The ESP32C3 is different; HW crypto here. Not yet implemented.
-    ** We'll be using software for RISC-V at this time */
-#else
-    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-#endif
-
-#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-    /* define a single keyword for simplicity & readability
-     *
-     * by default the HW acceleration is on for ESP32-WROOM32
-     * but individual components can be turned off.
-     */
-    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-    #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
-
-    /* Although we have hardware acceleration,
-    ** we may need to fall back to software */
-    #define USE_SHA_SOFTWARE_IMPL
-    static const char* TAG = "wc_sha";
-#elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
-    /* The ESP32C3 is different; HW crypto here. Not yet implemented.
-    ** We'll be using software for RISC-V at this time */
-    static const char* TAG = "wc_sha-c3";
-#else
-    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-#endif
-
-#if defined(WOLFSSL_TI_HASH)
-    /* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
-
-#else
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_sha_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000013 };
-    int wolfCrypt_FIPS_SHA_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-/* Hardware Acceleration */
-#if defined(WOLFSSL_PIC32MZ_HASH)
-    #include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
-
-#elif defined(STM32_HASH)
-
-    /* Supports CubeMX HAL or Standard Peripheral Library */
-    int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
-    {
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        (void)devId;
-        (void)heap;
-
-        wc_Stm32_Hash_Init(&sha->stmCtx);
-
-        return 0;
-    }
-
-    int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
-    {
-        int ret;
-
-        if (sha == NULL || (data == NULL && len > 0)) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Update(&sha->stmCtx, HASH_AlgoSelection_SHA1,
-                data, len, WC_SHA_BLOCK_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    int wc_ShaFinal(wc_Sha* sha, byte* hash)
-    {
-        int ret;
-
-        if (sha == NULL || hash == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Final(&sha->stmCtx, HASH_AlgoSelection_SHA1,
-                hash, WC_SHA_DIGEST_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-
-        (void)wc_InitSha(sha);  /* reset state */
-
-        return ret;
-    }
-
-
-#elif defined(FREESCALE_LTC_SHA)
-
-    #include "fsl_ltc.h"
-    int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
-    {
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        (void)devId;
-        (void)heap;
-
-        LTC_HASH_Init(LTC_BASE, &sha->ctx, kLTC_Sha1, NULL, 0);
-        return 0;
-    }
-
-    int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
-    {
-        LTC_HASH_Update(&sha->ctx, data, len);
-        return 0;
-    }
-
-    int wc_ShaFinal(wc_Sha* sha, byte* hash)
-    {
-        word32 hashlen = WC_SHA_DIGEST_SIZE;
-        LTC_HASH_Finish(&sha->ctx, hash, &hashlen);
-        return wc_InitSha(sha);  /* reset state */
-    }
-
-
-#elif defined(FREESCALE_MMCAU_SHA)
-
-    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
-        #include "cau_api.h"
-    #else
-        #include "fsl_mmcau.h"
-    #endif
-
-    #define USE_SHA_SOFTWARE_IMPL /* Only for API's, actual transform is here */
-
-    #define XTRANSFORM(S,B)       Transform((S),(B))
-    #define XTRANSFORM_LEN(S,B,L) Transform_Len((S),(B),(L))
-
-    #ifndef WC_HASH_DATA_ALIGNMENT
-        /* these hardware API's require 4 byte (word32) alignment */
-        #define WC_HASH_DATA_ALIGNMENT 4
-    #endif
-
-    static int InitSha(wc_Sha* sha)
-    {
-        int ret = 0;
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret != 0) {
-            return ret;
-        }
-    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
-        cau_sha1_initialize_output(sha->digest);
-    #else
-        MMCAU_SHA1_InitializeOutput((word32*)sha->digest);
-    #endif
-        wolfSSL_CryptHwMutexUnLock();
-
-        sha->buffLen = 0;
-        sha->loLen   = 0;
-        sha->hiLen   = 0;
-
-        return ret;
-    }
-
-    static int Transform(wc_Sha* sha, const byte* data)
-    {
-        int ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
-            cau_sha1_hash_n((byte*)data, 1, sha->digest);
-    #else
-            MMCAU_SHA1_HashN((byte*)data, 1, (word32*)sha->digest);
-    #endif
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    static int Transform_Len(wc_Sha* sha, const byte* data, word32 len)
-    {
-        int ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-        #if defined(WC_HASH_DATA_ALIGNMENT) && WC_HASH_DATA_ALIGNMENT > 0
-            if ((wc_ptr_t)data % WC_HASH_DATA_ALIGNMENT) {
-                /* data pointer is NOT aligned,
-                 * so copy and perform one block at a time */
-                byte* local = (byte*)sha->buffer;
-                while (len >= WC_SHA_BLOCK_SIZE) {
-                    XMEMCPY(local, data, WC_SHA_BLOCK_SIZE);
-                #ifdef FREESCALE_MMCAU_CLASSIC_SHA
-                    cau_sha1_hash_n(local, 1, sha->digest);
-                #else
-                    MMCAU_SHA1_HashN(local, 1, sha->digest);
-                #endif
-                    data += WC_SHA_BLOCK_SIZE;
-                    len  -= WC_SHA_BLOCK_SIZE;
-                }
-            }
-            else
-        #endif
-            {
-    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
-            cau_sha1_hash_n((byte*)data, len/WC_SHA_BLOCK_SIZE, sha->digest);
-    #else
-            MMCAU_SHA1_HashN((byte*)data, len/WC_SHA_BLOCK_SIZE,
-                (word32*)sha->digest);
-    #endif
-            }
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-#elif defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
-    !defined(WOLFSSL_QNX_CAAM)
-    /* wolfcrypt/src/port/caam/caam_sha.c */
-
-#elif defined(MAX3266X_SHA)
-    /* Already brought in by sha.h */
-    /* #include <wolfssl/wolfcrypt/port/maxim/max3266x.h> */
-
-#elif defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) || \
-      defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
-
-    /* This function initializes SHA.
-    ** This is automatically called by wc_ShaHash */
-    static int InitSha(wc_Sha* sha)
-    {
-        int ret = 0;
-
-        sha->digest[0] = 0x67452301L;
-        sha->digest[1] = 0xEFCDAB89L;
-        sha->digest[2] = 0x98BADCFEL;
-        sha->digest[3] = 0x10325476L;
-        sha->digest[4] = 0xC3D2E1F0L;
-
-        sha->buffLen = 0;
-        sha->loLen   = 0;
-        sha->hiLen   = 0;
-
-        /* HW needs to be carefully initialized, taking into account soft copy.
-        ** If already in use; copy may revert to SW as needed. */
-        ret = esp_sha_init(&(sha->ctx), WC_HASH_TYPE_SHA);
-
-        return ret;
-    }
-
-#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
-
-    /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
-
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-
-    /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(WOLFSSL_IMXRT_DCP)
-    #include <wolfssl/wolfcrypt/port/nxp/dcp_port.h>
-    /* implemented in wolfcrypt/src/port/nxp/dcp_port.c */
-
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-
-    /* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
-
-#elif defined(WOLFSSL_RENESAS_RX64_HASH)
-
-/* implemented in wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c */
-
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-
-    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
-    int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
-    {
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        (void)devId;
-
-        return se050_hash_init(&sha->se050Ctx, heap);
-    }
-
-    int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
-    {
-        return se050_hash_update(&sha->se050Ctx, data, len);
-
-    }
-
-    int wc_ShaFinal(wc_Sha* sha, byte* hash)
-    {
-        int ret = 0;
-        ret = se050_hash_final(&sha->se050Ctx, hash, WC_SHA_DIGEST_SIZE,
-                               kAlgorithm_SSS_SHA1);
-        return ret;
-    }
-    int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
-    {
-        int ret = 0;
-        ret = se050_hash_final(&sha->se050Ctx, hash, WC_SHA_DIGEST_SIZE,
-                               kAlgorithm_SSS_SHA1);
-        return ret;
-    }
-
-#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_HASH)
-/* implemented in wolfcrypt/src/port/psa/psa_hash.c */
-#elif defined(PSOC6_HASH_SHA1)
-    /* Implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-#else
-    /* Software implementation */
-    #define USE_SHA_SOFTWARE_IMPL
-
-    static int InitSha(wc_Sha* sha)
-    {
-        int ret = 0;
-
-        sha->digest[0] = 0x67452301L;
-        sha->digest[1] = 0xEFCDAB89L;
-        sha->digest[2] = 0x98BADCFEL;
-        sha->digest[3] = 0x10325476L;
-        sha->digest[4] = 0xC3D2E1F0L;
-
-        sha->buffLen = 0;
-        XMEMSET(sha->buffer, 0, sizeof(sha->buffer));
-        sha->loLen   = 0;
-        sha->hiLen   = 0;
-    #ifdef WOLFSSL_HASH_FLAGS
-        sha->flags = 0;
-    #endif
-
-        return ret;
-    }
-#endif /* End Hardware Acceleration */
-
-/* Software implementation */
-#ifdef USE_SHA_SOFTWARE_IMPL
-
-static WC_INLINE void AddLength(wc_Sha* sha, word32 len)
-{
-    word32 tmp = sha->loLen;
-    if ((sha->loLen += len) < tmp)
-        sha->hiLen++;                       /* carry low to high */
-}
-
-/* Check if custom wc_Sha transform is used */
-#ifndef XTRANSFORM
-    #define XTRANSFORM(S,B)   Transform((S),(B))
-
-    #define blk0(i) (W[i] = *((word32*)&data[(i)*sizeof(word32)]))
-    #define blk1(i) (W[(i)&15] = \
-        rotlFixed(W[((i)+13)&15]^W[((i)+8)&15]^W[((i)+2)&15]^W[(i)&15],1))
-
-    #define f1(x,y,z) ((z)^((x) &((y)^(z))))
-    #define f2(x,y,z) ((x)^(y)^(z))
-    #define f3(x,y,z) (((x)&(y))|((z)&((x)|(y))))
-    #define f4(x,y,z) ((x)^(y)^(z))
-
-    #if defined(WOLFSSL_NUCLEUS_1_2) || defined(NUCLEUS_PLUS_2_3)
-        /* nucleus.h also defines R1-R4 */
-        #undef R1
-        #undef R2
-        #undef R3
-        #undef R4
-    #endif
-
-    /* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-    #define R0(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk0((i)) + 0x5A827999+ \
-        rotlFixed((v),5); (w) = rotlFixed((w),30);
-    #define R1(v,w,x,y,z,i) (z)+= f1((w),(x),(y)) + blk1((i)) + 0x5A827999+ \
-        rotlFixed((v),5); (w) = rotlFixed((w),30);
-    #define R2(v,w,x,y,z,i) (z)+= f2((w),(x),(y)) + blk1((i)) + 0x6ED9EBA1+ \
-        rotlFixed((v),5); (w) = rotlFixed((w),30);
-    #define R3(v,w,x,y,z,i) (z)+= f3((w),(x),(y)) + blk1((i)) + 0x8F1BBCDC+ \
-        rotlFixed((v),5); (w) = rotlFixed((w),30);
-    #define R4(v,w,x,y,z,i) (z)+= f4((w),(x),(y)) + blk1((i)) + 0xCA62C1D6+ \
-        rotlFixed((v),5); (w) = rotlFixed((w),30);
-
-    static int Transform(wc_Sha* sha, const byte* data)
-    {
-        word32 W[WC_SHA_BLOCK_SIZE / sizeof(word32)];
-
-        /* Copy context->state[] to working vars */
-        word32 a = sha->digest[0];
-        word32 b = sha->digest[1];
-        word32 c = sha->digest[2];
-        word32 d = sha->digest[3];
-        word32 e = sha->digest[4];
-
-    #ifdef USE_SLOW_SHA
-        word32 t, i;
-
-        for (i = 0; i < 16; i++) {
-            R0(a, b, c, d, e, i);
-            t = e; e = d; d = c; c = b; b = a; a = t;
-        }
-
-        for (; i < 20; i++) {
-            R1(a, b, c, d, e, i);
-            t = e; e = d; d = c; c = b; b = a; a = t;
-        }
-
-        for (; i < 40; i++) {
-            R2(a, b, c, d, e, i);
-            t = e; e = d; d = c; c = b; b = a; a = t;
-        }
-
-        for (; i < 60; i++) {
-            R3(a, b, c, d, e, i);
-            t = e; e = d; d = c; c = b; b = a; a = t;
-        }
-
-        for (; i < 80; i++) {
-            R4(a, b, c, d, e, i);
-            t = e; e = d; d = c; c = b; b = a; a = t;
-        }
-    #else
-        /* nearly 1 K bigger in code size but 25% faster */
-        /* 4 rounds of 20 operations each. Loop unrolled. */
-        R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
-        R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
-        R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
-        R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
-
-        R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
-
-        R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
-        R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
-        R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
-        R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
-        R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
-
-        R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
-        R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
-        R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
-        R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
-        R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
-
-        R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
-        R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
-        R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
-        R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
-        R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
-    #endif
-
-        /* Add the working vars back into digest state[] */
-        sha->digest[0] += a;
-        sha->digest[1] += b;
-        sha->digest[2] += c;
-        sha->digest[3] += d;
-        sha->digest[4] += e;
-
-        (void)data; /* Not used */
-
-        return 0;
-    }
-#endif /* XTRANSFORM when USE_SHA_SOFTWARE_IMPL is enabled */
-
-
-/*
-** wolfCrypt InitSha external wrapper.
-**
-** we'll assume this is ALWAYS for a new, uninitialized sha
-*/
-int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
-{
-    int ret = 0;
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    sha->heap = heap;
-#ifdef WOLF_CRYPTO_CB
-    sha->devId = devId;
-    sha->devCtx = NULL;
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    ret = wc_MXC_TPU_SHA_Init(&(sha->mxcCtx));
-    if (ret != 0) {
-        return ret;
-    }
-#endif
-
-#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-    if (sha->ctx.mode != ESP32_SHA_INIT) {
-        /* it may be interesting to see old values during debugging */
-        ESP_LOGV(TAG, "Set ctx mode from prior value: %d", sha->ctx.mode);
-    }
-    /* We know this is a fresh, uninitialized item, so set to INIT */
-    sha->ctx.mode = ESP32_SHA_INIT;
-#endif
-
-    ret = InitSha(sha);
-    if (ret != 0) {
-        return ret;
-    }
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
-    ret = wolfAsync_DevCtxInit(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA,
-                                                            sha->heap, devId);
-#else
-    (void)devId;
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#ifdef WOLFSSL_IMXRT1170_CAAM
-   ret = wc_CAAM_HashInit(&sha->hndl, &sha->ctx, WC_HASH_TYPE_SHA);
-#endif
-
-    return ret;
-} /* wc_InitSha_ex */
-
-/* do block size increments/updates */
-int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
-{
-    int ret = 0;
-    word32 blocksLen;
-    byte* local;
-
-    if (sha == NULL || (data == NULL && len > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    if (sha->devId != INVALID_DEVID) {
-        ret = wc_CryptoCb_ShaHash(sha, data, len, NULL);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        ret = 0; /* reset ret */
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
-    if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
-    #if defined(HAVE_INTEL_QA)
-        return IntelQaSymSha(&sha->asyncDev, NULL, data, len);
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    /* check that internal buffLen is valid */
-    if (sha->buffLen >= WC_SHA_BLOCK_SIZE) {
-        return BUFFER_E;
-    }
-
-    /* add length for final */
-    AddLength(sha, len);
-
-    local = (byte*)sha->buffer;
-
-    /* process any remainder from previous operation */
-    if (sha->buffLen > 0) {
-        blocksLen = min(len, WC_SHA_BLOCK_SIZE - sha->buffLen);
-        XMEMCPY(&local[sha->buffLen], data, blocksLen);
-
-        sha->buffLen += blocksLen;
-        data         += blocksLen;
-        len          -= blocksLen;
-
-        if (sha->buffLen == WC_SHA_BLOCK_SIZE) {
-        #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-            if (sha->ctx.mode == ESP32_SHA_INIT) {
-                #if defined(WOLFSSL_DEBUG_MUTEX)
-                {
-                    ESP_LOGI(TAG, "wc_ShaUpdate try hardware");
-                }
-                #endif
-                esp_sha_try_hw_lock(&sha->ctx);
-            }
-        #endif
-
-        #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-            #if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-                  defined(CONFIG_IDF_TARGET_ESP8684) || \
-                  defined(CONFIG_IDF_TARGET_ESP32C3) || \
-                  defined(CONFIG_IDF_TARGET_ESP32C6)    \
-                ) && \
-                 defined(WOLFSSL_ESP32_CRYPT) && \
-                !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-                /* For Espressif RISC-V Targets, we *may* need to reverse bytes
-                 * depending on if HW is active or not. */
-                if (esp_sha_need_byte_reversal(&sha->ctx))
-            #endif
-            {
-                ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
-            }
-        #endif
-
-        #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-            if (sha->ctx.mode == ESP32_SHA_SW) {
-                #if defined(WOLFSSL_DEBUG_MUTEX)
-                {
-                    ESP_LOGI(TAG, "wc_ShaUpdate process software");
-                }
-                #endif
-                ret = XTRANSFORM(sha, (const byte*)local);
-            }
-            else {
-                #if defined(WOLFSSL_DEBUG_MUTEX)
-                {
-                    ESP_LOGI(TAG, "wc_ShaUpdate process hardware");
-                }
-                #endif
-                esp_sha_process(sha, (const byte*)local);
-            }
-        #elif defined (WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
-            ESP_LOGI(TAG, "wc_ShaUpdate not implemented for ESP32C3");
-            ret = XTRANSFORM(sha, (const byte*)local);
-        #else
-            ret = XTRANSFORM(sha, (const byte*)local);
-        #endif
-            if (ret != 0) {
-                return ret;
-            }
-
-            sha->buffLen = 0; /* Nothing left to do, so set to zero. */
-        } /* (sha->buffLen == WC_SHA_BLOCK_SIZE) */
-    } /* (sha->buffLen > 0)  Process any remainder from previous operation. */
-
-    /* process blocks */
-#ifdef XTRANSFORM_LEN
-    /* get number of blocks */
-    /* 64-1 = 0x3F (~ Inverted = 0xFFFFFFC0) */
-    /* len (masked by 0xFFFFFFC0) returns block aligned length */
-    blocksLen = len & ~(WC_SHA_BLOCK_SIZE-1);
-    if (blocksLen > 0) {
-        /* Byte reversal performed in function if required. */
-        XTRANSFORM_LEN(sha, data, blocksLen);
-        data += blocksLen;
-        len  -= blocksLen;
-    }
-#else
-    while (len >= WC_SHA_BLOCK_SIZE) {
-        word32* local32 = sha->buffer;
-        /* optimization to avoid memcpy if data pointer is properly aligned */
-        /* Little Endian requires byte swap, so can't use data directly */
-    #if defined(WC_HASH_DATA_ALIGNMENT) && !defined(LITTLE_ENDIAN_ORDER)
-        if (((wc_ptr_t)data % WC_HASH_DATA_ALIGNMENT) == 0) {
-            local32 = (word32*)data;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(local32, data, WC_SHA_BLOCK_SIZE);
-        }
-
-        data += WC_SHA_BLOCK_SIZE;
-        len  -= WC_SHA_BLOCK_SIZE;
-
-    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-        if (sha->ctx.mode == ESP32_SHA_INIT){
-            esp_sha_try_hw_lock(&sha->ctx);
-        }
-    #endif
-
-    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-        #if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-              defined(CONFIG_IDF_TARGET_ESP8684) || \
-              defined(CONFIG_IDF_TARGET_ESP32C3) || \
-              defined(CONFIG_IDF_TARGET_ESP32C6)    \
-            ) && \
-             defined(WOLFSSL_ESP32_CRYPT) && \
-            !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-            /* For Espressif RISC-V Targets, we *may* need to reverse bytes
-             * depending on if HW is active or not. */
-            if (esp_sha_need_byte_reversal(&sha->ctx))
-        #endif
-        {
-            ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
-        }
-    #endif
-
-    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-        if (sha->ctx.mode == ESP32_SHA_SW){
-            ret = XTRANSFORM(sha, (const byte*)local32);
-        }
-        else {
-            esp_sha_process(sha, (const byte*)local32);
-        }
-    #else
-        ret = XTRANSFORM(sha, (const byte*)local32);
-    #endif
-    }
-#endif /* XTRANSFORM_LEN */
-
-    /* save remainder */
-    if (len > 0) {
-        XMEMCPY(local, data, len);
-        sha->buffLen = len;
-    }
-
-    return ret;
-}
-
-int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
-{
-#ifdef LITTLE_ENDIAN_ORDER
-    word32 digest[WC_SHA_DIGEST_SIZE / sizeof(word32)];
-    XMEMSET(digest, 0, sizeof(digest));
-#endif
-
-    if (sha == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef LITTLE_ENDIAN_ORDER
-    #if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-          defined(CONFIG_IDF_TARGET_ESP8684) || \
-          defined(CONFIG_IDF_TARGET_ESP32C3) || \
-          defined(CONFIG_IDF_TARGET_ESP32C6)    \
-        ) && \
-         defined(WOLFSSL_ESP32_CRYPT) && \
-        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-        /* For Espressif RISC-V Targets, we *may* need to reverse bytes
-         * depending on if HW is active or not. */
-        if (esp_sha_need_byte_reversal(&sha->ctx))
-    #endif
-    {
-        ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
-    }
-    XMEMCPY(hash, (byte *)&digest[0], WC_SHA_DIGEST_SIZE);
-#else
-    XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
-#endif
-
-    return 0;
-}
-
-/*
-** Finalizes hashing of data. Result is placed into hash.
-** Resets state of sha struct.
-*/
-int wc_ShaFinal(wc_Sha* sha, byte* hash)
-{
-    int ret;
-    byte* local;
-
-    if (sha == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    local = (byte*)sha->buffer;
-
-#ifdef WOLF_CRYPTO_CB
-    if (sha->devId != INVALID_DEVID) {
-        ret = wc_CryptoCb_ShaHash(sha, NULL, 0, hash);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
-    if (sha->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA) {
-    #if defined(HAVE_INTEL_QA)
-        return IntelQaSymSha(&sha->asyncDev, hash, NULL, WC_SHA_DIGEST_SIZE);
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    /* we'll add a 0x80 byte at the end,
-    ** so make sure we have appropriate buffer length. */
-    if (sha->buffLen > WC_SHA_BLOCK_SIZE - 1) {
-        /* exit with error code if there's a bad buffer size in buffLen */
-        return BAD_STATE_E;
-    } /* buffLen check */
-
-    local[sha->buffLen++] = 0x80;  /* add 1 */
-
-    /* pad with zeros */
-    if (sha->buffLen > WC_SHA_PAD_SIZE) {
-        if (sha->buffLen < WC_SHA_BLOCK_SIZE) {
-            XMEMSET(&local[sha->buffLen], 0, WC_SHA_BLOCK_SIZE - sha->buffLen);
-        }
-
-        sha->buffLen += WC_SHA_BLOCK_SIZE - sha->buffLen;
-
-    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-        /* For a fresh sha.ctx, try to use hardware acceleration */
-        if (sha->ctx.mode == ESP32_SHA_INIT) {
-            esp_sha_try_hw_lock(&sha->ctx);
-        }
-    #endif
-
-    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-        #if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-              defined(CONFIG_IDF_TARGET_ESP8684) || \
-              defined(CONFIG_IDF_TARGET_ESP32C3) || \
-              defined(CONFIG_IDF_TARGET_ESP32C6)    \
-            ) && \
-             defined(WOLFSSL_ESP32_CRYPT) && \
-            !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-            /* For Espressif RISC-V Targets, we *may* need to reverse bytes
-             * depending on if HW is active or not. */
-            if (esp_sha_need_byte_reversal(&sha->ctx))
-        #endif
-        {
-            ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
-        }
-    #endif
-
-    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-        /* if HW was busy, we may need to fall back to SW. */
-        if (sha->ctx.mode == ESP32_SHA_SW) {
-            ret = XTRANSFORM(sha, (const byte*)local);
-        }
-        else {
-            ret = esp_sha_process(sha, (const byte*)local);
-        }
-    #else
-        /*
-        ** The #if defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW) also falls
-        ** though here to SW, as it's not yet implemented for HW.
-        */
-        ret = XTRANSFORM(sha, (const byte*)local);
-    #endif
-        if (ret != 0) {
-            return ret;
-        }
-
-        sha->buffLen = 0;
-    } /* (sha->buffLen > WC_SHA_PAD_SIZE) */
-
-    XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen);
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-    if (sha->ctx.mode == ESP32_SHA_INIT) {
-        esp_sha_try_hw_lock(&sha->ctx);
-    }
-#endif
-
-#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-    #if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-          defined(CONFIG_IDF_TARGET_ESP8684) || \
-          defined(CONFIG_IDF_TARGET_ESP32C3) || \
-          defined(CONFIG_IDF_TARGET_ESP32C6)    \
-        ) && \
-         defined(WOLFSSL_ESP32_CRYPT) && \
-        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-        /* For Espressif RISC-V Targets, we *may* need to reverse bytes
-         * depending on if HW is active or not. */
-        if (esp_sha_need_byte_reversal(&sha->ctx))
-    #endif
-    { /* reminder local also points to sha->buffer  */
-        ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
-    }
-#endif
-
-    /* store lengths */
-    /* put lengths in bits */
-    sha->hiLen = (sha->loLen >> (8*sizeof(sha->loLen) - 3)) + (sha->hiLen << 3);
-    sha->loLen = sha->loLen << 3;
-
-    /* ! length ordering dependent on digest endian type ! */
-    XMEMCPY(&local[WC_SHA_PAD_SIZE], &sha->hiLen, sizeof(word32));
-    XMEMCPY(&local[WC_SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32));
-
-#if defined(FREESCALE_MMCAU_SHA)
-    /* Kinetis requires only these bytes reversed */
-    ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)],
-                     &sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)],
-                     2 * sizeof(word32));
-#endif
-
-
-#if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-      defined(CONFIG_IDF_TARGET_ESP8684) || \
-      defined(CONFIG_IDF_TARGET_ESP32C3) || \
-      defined(CONFIG_IDF_TARGET_ESP32C6)    \
-    ) && \
-    defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-if (sha->ctx.mode == ESP32_SHA_HW) {
-    #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
-    {
-        ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
-    }
-    #endif
-    ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */
-                     &sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in  */
-                     2 * sizeof(word32) /* byte count to reverse */
-                    );
-    #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
-    {
-        ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
-    }
-    #endif
-} /* end if (sha->ctx.mode == ESP32_SHA_HW) */
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-    if (sha->ctx.mode == ESP32_SHA_SW) {
-        ret = XTRANSFORM(sha, (const byte*)local);
-    }
-    else {
-        ret = esp_sha_digest_process(sha, 1);
-    }
-/*
-** The #if defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW) also falls
-** though here to SW, as it's not yet implemented for HW.
-*/
-#else
-    ret = XTRANSFORM(sha, (const byte*)local);
-#endif
-
-#ifdef LITTLE_ENDIAN_ORDER
-    #if ( defined(CONFIG_IDF_TARGET_ESP32C2) || \
-          defined(CONFIG_IDF_TARGET_ESP8684) || \
-          defined(CONFIG_IDF_TARGET_ESP32C3) || \
-          defined(CONFIG_IDF_TARGET_ESP32C6)    \
-        ) && \
-        defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-        /* For Espressif RISC-V Targets, we *may* need to reverse bytes
-         * depending on if HW is active or not. */
-        if (esp_sha_need_byte_reversal(&sha->ctx))
-    #endif
-    {
-        ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
-    }
-#endif
-
-    XMEMCPY(hash, (byte *)&sha->digest[0], WC_SHA_DIGEST_SIZE);
-
-    /* we'll always reset state upon exit and return the error code from above,
-     * which may cause fall back to SW if HW is busy. we do not return result
-     * of initSha here */
-    (void)InitSha(sha); /* reset state */
-    return ret;
-}
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
-/* Apply SHA1 transformation to the data                  */
-/* @param sha  a pointer to wc_Sha structure              */
-/* @param data data to be applied SHA1 transformation     */
-/* @return 0 on successful, otherwise non-zero on failure */
-int wc_ShaTransform(wc_Sha* sha, const unsigned char* data)
-{
-    /* sanity check */
-    if (sha == NULL || data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return (Transform(sha, data));
-}
-#endif
-
-#endif /* USE_SHA_SOFTWARE_IMPL */
-
-/*
-** This function initializes SHA. This is automatically called by wc_ShaHash.
-*/
-int wc_InitSha(wc_Sha* sha)
-{
-    return wc_InitSha_ex(sha, NULL, INVALID_DEVID);
-}
-
-
-#if !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)
-
-#ifndef MAX3266X_SHA
-
-void wc_ShaFree(wc_Sha* sha)
-{
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    int ret = 0;
-#endif
-
-    if (sha == NULL)
-        return;
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Free(sha->devId, WC_ALGO_TYPE_HASH,
-                         WC_HASH_TYPE_SHA, (void*)sha);
-        /* If they want the standard free, they can call it themselves */
-        /* via their callback setting devId to INVALID_DEVID */
-        /* otherwise assume the callback handled it */
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return;
-        /* fall-through when unavailable */
-    }
-
-    /* silence compiler warning */
-    (void)ret;
-
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
-
-#if defined(WOLFSSL_ESP32) &&  !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-    esp_sha_release_unfinished_lock(&sha->ctx);
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
-    wolfAsync_DevCtxFree(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifdef WOLFSSL_PIC32MZ_HASH
-    wc_ShaPic32Free(sha);
-#endif
-#ifdef MAX3266X_SHA_CB
-    wc_MXC_TPU_SHA_Free(&(sha->mxcCtx));
-#endif
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-    se050_hash_free(&sha->se050Ctx);
-#endif
-#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) || \
-    (defined(WOLFSSL_RENESAS_RSIP) && (WOLFSSL_RENESAS_RZFSP_VER >= 220)) ||\
-    defined(WOLFSSL_RENESAS_RX64_HASH)
-    XFREE(sha->msg, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    sha->msg = NULL;
-#endif
-#ifdef WOLFSSL_IMXRT_DCP
-    DCPShaFree(sha);
-#endif
-
-#if defined(PSOC6_HASH_SHA1)
-    wc_Psoc6_Sha_Free();
-#endif
-}
-
-#endif /* !MAX3266X_SHA */
-#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
-#endif /* !WOLFSSL_TI_HASH */
-
-#if !defined(WOLFSSL_TI_HASH) && !defined(WOLFSSL_IMXRT_DCP)
-
-#if ((!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
-     !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) || \
-    defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
-    (!defined(WOLFSSL_RENESAS_RSIP) || \
-      defined(NO_WOLFSSL_RENESAS_FSPSM_HASH))
-#if !defined(WOLFSSL_RENESAS_RX64_HASH)
-
-#if !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)
-
-#ifndef MAX3266X_SHA
-
-/* wc_ShaGetHash get hash value */
-int wc_ShaGetHash(wc_Sha* sha, byte* hash)
-{
-    int ret;
-    WC_DECLARE_VAR(tmpSha, wc_Sha, 1, 0);
-
-    if (sha == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(tmpSha, wc_Sha, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    ret = wc_ShaCopy(sha, tmpSha);
-    if (ret == 0) {
-        ret = wc_ShaFinal(tmpSha, hash);
-    }
-
-    WC_FREE_VAR_EX(tmpSha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
-{
-    int ret = 0;
-
-    if (src == NULL || dst == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (src->devId != INVALID_DEVID)
-    #endif
-    {
-        /* Cast the source and destination to be void to keep the abstraction */
-        ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
-                               WC_HASH_TYPE_SHA, (void*)src, (void*)dst);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-    ret = 0; /* Reset ret to 0 to avoid returning the callback error code */
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
-
-    XMEMCPY(dst, src, sizeof(wc_Sha));
-
-#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
-    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
-    ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
-#endif
-
-#ifdef WOLFSSL_PIC32MZ_HASH
-    ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-    ret = se050_hash_copy(&src->se050Ctx, &dst->se050Ctx);
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
-    esp_sha_ctx_copy(src, dst);
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx));
-    if (ret != 0) {
-        return ret;
-    }
-#endif
-
-#if defined(PSOC6_HASH_SHA1)
-    wc_Psoc6_Sha1_Sha2_Init(dst, WC_PSOC6_SHA1, 0);
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-    dst->flags |= WC_HASH_FLAG_ISCOPY;
-#endif
-    return ret;
-}
-#endif /* WOLFSSL_RENESAS_RX64_HASH */
-#endif /* !MAX3266X_SHA */
-#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
-#endif /* !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
-          !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) ||
-          defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) */
-#endif /* !defined(WOLFSSL_TI_HASH) && !defined(WOLFSSL_IMXRT_DCP) */
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_ShaSetFlags(wc_Sha* sha, word32 flags)
-{
-    if (sha) {
-        sha->flags = flags;
-    }
-    return 0;
-}
-int wc_ShaGetFlags(wc_Sha* sha, word32* flags)
-{
-    if (sha && flags) {
-        *flags = sha->flags;
-    }
-    return 0;
-}
-#endif
-
-#endif /* !NO_SHA */
diff --git a/src/ssl/wolfssl/wolfcrypt/sha3.c b/src/ssl/wolfssl/wolfcrypt/sha3.c
deleted file mode 100644
index da73966d9..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sha3.c
+++ /dev/null
@@ -1,2071 +0,0 @@
-/* sha3.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WC_SHA3_NO_ASM
-    #undef USE_INTEL_SPEEDUP
-    #undef WOLFSSL_ARMASM
-    #undef WOLFSSL_RISCV_ASM
-#endif
-
-#if defined(WOLFSSL_PSOC6_CRYPTO)
-    #include <wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h>
-#endif
-
-#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
-   !defined(WOLFSSL_AFALG_XILINX_SHA3)
-
-#if FIPS_VERSION3_GE(2,0,0)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$n")
-        #pragma const_seg(".fipsB$n")
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/sha3.h>
-#include <wolfssl/wolfcrypt/hash.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_sha3_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000016 };
-    int wolfCrypt_FIPS_SHA3_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-
-#if defined(USE_INTEL_SPEEDUP) || (defined(__aarch64__) && \
-        defined(WOLFSSL_ARMASM))
-    #include <wolfssl/wolfcrypt/cpuid.h>
-
-    static cpuid_flags_t cpuid_flags = WC_CPUID_INITIALIZER;
-#ifdef WC_C_DYNAMIC_FALLBACK
-    #define SHA3_BLOCK (sha3->sha3_block)
-    #define SHA3_BLOCK_N (sha3->sha3_block_n)
-#else
-    void (*sha3_block)(word64 *s) = NULL;
-    void (*sha3_block_n)(word64 *s, const byte* data, word32 n,
-        word64 c) = NULL;
-    #define SHA3_BLOCK sha3_block
-    #define SHA3_BLOCK_N sha3_block_n
-#endif
-#endif
-
-#if !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_RISCV_ASM)
-
-#ifdef WOLFSSL_SHA3_SMALL
-/* Rotate a 64-bit value left.
- *
- * a  Number to rotate left.
- * r  Number od bits to rotate left.
- * returns the rotated number.
- */
-#define ROTL64(a, n)    (((a)<<(n))|((a)>>(64-(n))))
-
-/* An array of values to XOR for block operation. */
-static const word64 hash_keccak_r[24] =
-{
-    0x0000000000000001UL, 0x0000000000008082UL,
-    0x800000000000808aUL, 0x8000000080008000UL,
-    0x000000000000808bUL, 0x0000000080000001UL,
-    0x8000000080008081UL, 0x8000000000008009UL,
-    0x000000000000008aUL, 0x0000000000000088UL,
-    0x0000000080008009UL, 0x000000008000000aUL,
-    0x000000008000808bUL, 0x800000000000008bUL,
-    0x8000000000008089UL, 0x8000000000008003UL,
-    0x8000000000008002UL, 0x8000000000000080UL,
-    0x000000000000800aUL, 0x800000008000000aUL,
-    0x8000000080008081UL, 0x8000000000008080UL,
-    0x0000000080000001UL, 0x8000000080008008UL
-};
-
-/* Indices used in swap and rotate operation. */
-#define K_I_0   10
-#define K_I_1    7
-#define K_I_2   11
-#define K_I_3   17
-#define K_I_4   18
-#define K_I_5    3
-#define K_I_6    5
-#define K_I_7   16
-#define K_I_8    8
-#define K_I_9   21
-#define K_I_10  24
-#define K_I_11   4
-#define K_I_12  15
-#define K_I_13  23
-#define K_I_14  19
-#define K_I_15  13
-#define K_I_16  12
-#define K_I_17   2
-#define K_I_18  20
-#define K_I_19  14
-#define K_I_20  22
-#define K_I_21   9
-#define K_I_22   6
-#define K_I_23   1
-
-/* Number of bits to rotate in swap and rotate operation. */
-#define K_R_0    1
-#define K_R_1    3
-#define K_R_2    6
-#define K_R_3   10
-#define K_R_4   15
-#define K_R_5   21
-#define K_R_6   28
-#define K_R_7   36
-#define K_R_8   45
-#define K_R_9   55
-#define K_R_10   2
-#define K_R_11  14
-#define K_R_12  27
-#define K_R_13  41
-#define K_R_14  56
-#define K_R_15   8
-#define K_R_16  25
-#define K_R_17  43
-#define K_R_18  62
-#define K_R_19  18
-#define K_R_20  39
-#define K_R_21  61
-#define K_R_22  20
-#define K_R_23  44
-
-/* Swap and rotate left operation.
- *
- * s   The state.
- * t1  Temporary value.
- * t2  Second temporary value.
- * i   The index of the loop.
- */
-#define SWAP_ROTL(s, t1, t2, i)                                         \
-do {                                                                    \
-    t2 = s[K_I_##i]; s[K_I_##i] = ROTL64(t1, K_R_##i);                  \
-}                                                                       \
-while (0)
-
-/* Mix the XOR of the column's values into each number by column.
- *
- * s  The state.
- * b  Temporary array of XORed column values.
- * x  The index of the column.
- * t  Temporary variable.
- */
-#define COL_MIX(s, b, x, t)                                             \
-do {                                                                    \
-    for (x = 0; x < 5; x++)                                             \
-        b[x] = s[x + 0] ^ s[x + 5] ^ s[x + 10] ^ s[x + 15] ^ s[x + 20]; \
-    for (x = 0; x < 5; x++) {                                           \
-        t = b[(x + 4) % 5] ^ ROTL64(b[(x + 1) % 5], 1);                 \
-        s[x +  0] ^= t;                                                 \
-        s[x +  5] ^= t;                                                 \
-        s[x + 10] ^= t;                                                 \
-        s[x + 15] ^= t;                                                 \
-        s[x + 20] ^= t;                                                 \
-    }                                                                   \
-}                                                                       \
-while (0)
-
-#ifdef SHA3_BY_SPEC
-/* Mix the row values.
- * BMI1 has ANDN instruction ((~a) & b) - Haswell and above.
- *
- * s   The state.
- * b   Temporary array of XORed row values.
- * y   The index of the row to work on.
- * x   The index of the column.
- * t0  Temporary variable.
- * t1  Temporary variable.
- */
-#define ROW_MIX(s, b, y, x, t0, t1)                                     \
-do {                                                                    \
-    for (y = 0; y < 5; y++) {                                           \
-        for (x = 0; x < 5; x++)                                         \
-            b[x] = s[y * 5 + x];                                        \
-        for (x = 0; x < 5; x++)                                         \
-            s[y * 5 + x] = b[x] ^ (~b[(x + 1) % 5] & b[(x + 2) % 5]);   \
-    }                                                                   \
-}                                                                       \
-while (0)
-#else
-/* Mix the row values.
- * a ^ (~b & c) == a ^ (c & (b ^ c)) == (a ^ b) ^ (b | c)
- *
- * s   The state.
- * b   Temporary array of XORed row values.
- * y   The index of the row to work on.
- * x   The index of the column.
- * t0  Temporary variable.
- * t1  Temporary variable.
- */
-#define ROW_MIX(s, b, y, x, t12, t34)                                   \
-do {                                                                    \
-    for (y = 0; y < 5; y++) {                                           \
-        for (x = 0; x < 5; x++)                                         \
-            b[x] = s[y * 5 + x];                                        \
-        t12 = (b[1] ^ b[2]); t34 = (b[3] ^ b[4]);                       \
-        s[y * 5 + 0] = b[0] ^ (b[2] &  t12);                            \
-        s[y * 5 + 1] =  t12 ^ (b[2] | b[3]);                            \
-        s[y * 5 + 2] = b[2] ^ (b[4] &  t34);                            \
-        s[y * 5 + 3] =  t34 ^ (b[4] | b[0]);                            \
-        s[y * 5 + 4] = b[4] ^ (b[1] & (b[0] ^ b[1]));                   \
-    }                                                                   \
-}                                                                       \
-while (0)
-#endif /* SHA3_BY_SPEC */
-
-/* The block operation performed on the state.
- *
- * s  The state.
- */
-void BlockSha3(word64* s)
-{
-    byte i, x, y;
-    word64 t0, t1;
-    word64 b[5];
-
-    for (i = 0; i < 24; i++)
-    {
-        COL_MIX(s, b, x, t0);
-
-        t0 = s[1];
-        SWAP_ROTL(s, t0, t1,  0);
-        SWAP_ROTL(s, t1, t0,  1);
-        SWAP_ROTL(s, t0, t1,  2);
-        SWAP_ROTL(s, t1, t0,  3);
-        SWAP_ROTL(s, t0, t1,  4);
-        SWAP_ROTL(s, t1, t0,  5);
-        SWAP_ROTL(s, t0, t1,  6);
-        SWAP_ROTL(s, t1, t0,  7);
-        SWAP_ROTL(s, t0, t1,  8);
-        SWAP_ROTL(s, t1, t0,  9);
-        SWAP_ROTL(s, t0, t1, 10);
-        SWAP_ROTL(s, t1, t0, 11);
-        SWAP_ROTL(s, t0, t1, 12);
-        SWAP_ROTL(s, t1, t0, 13);
-        SWAP_ROTL(s, t0, t1, 14);
-        SWAP_ROTL(s, t1, t0, 15);
-        SWAP_ROTL(s, t0, t1, 16);
-        SWAP_ROTL(s, t1, t0, 17);
-        SWAP_ROTL(s, t0, t1, 18);
-        SWAP_ROTL(s, t1, t0, 19);
-        SWAP_ROTL(s, t0, t1, 20);
-        SWAP_ROTL(s, t1, t0, 21);
-        SWAP_ROTL(s, t0, t1, 22);
-        SWAP_ROTL(s, t1, t0, 23);
-
-        ROW_MIX(s, b, y, x, t0, t1);
-
-        s[0] ^= hash_keccak_r[i];
-    }
-}
-#else
-/* Rotate a 64-bit value left.
- *
- * a  Number to rotate left.
- * r  Number od bits to rotate left.
- * returns the rotated number.
- */
-#define ROTL64(a, n)    (((a)<<(n))|((a)>>(64-(n))))
-
-#if !defined(STM32_HASH_SHA3) && !defined(PSOC6_HASH_SHA3)
-/* An array of values to XOR for block operation. */
-static const word64 hash_keccak_r[24] =
-{
-    W64LIT(0x0000000000000001), W64LIT(0x0000000000008082),
-    W64LIT(0x800000000000808a), W64LIT(0x8000000080008000),
-    W64LIT(0x000000000000808b), W64LIT(0x0000000080000001),
-    W64LIT(0x8000000080008081), W64LIT(0x8000000000008009),
-    W64LIT(0x000000000000008a), W64LIT(0x0000000000000088),
-    W64LIT(0x0000000080008009), W64LIT(0x000000008000000a),
-    W64LIT(0x000000008000808b), W64LIT(0x800000000000008b),
-    W64LIT(0x8000000000008089), W64LIT(0x8000000000008003),
-    W64LIT(0x8000000000008002), W64LIT(0x8000000000000080),
-    W64LIT(0x000000000000800a), W64LIT(0x800000008000000a),
-    W64LIT(0x8000000080008081), W64LIT(0x8000000000008080),
-    W64LIT(0x0000000080000001), W64LIT(0x8000000080008008)
-};
-#endif
-
-/* Indices used in swap and rotate operation. */
-#define KI_0     6
-#define KI_1    12
-#define KI_2    18
-#define KI_3    24
-#define KI_4     3
-#define KI_5     9
-#define KI_6    10
-#define KI_7    16
-#define KI_8    22
-#define KI_9     1
-#define KI_10    7
-#define KI_11   13
-#define KI_12   19
-#define KI_13   20
-#define KI_14    4
-#define KI_15    5
-#define KI_16   11
-#define KI_17   17
-#define KI_18   23
-#define KI_19    2
-#define KI_20    8
-#define KI_21   14
-#define KI_22   15
-#define KI_23   21
-
-/* Number of bits to rotate in swap and rotate operation. */
-#define KR_0    44
-#define KR_1    43
-#define KR_2    21
-#define KR_3    14
-#define KR_4    28
-#define KR_5    20
-#define KR_6     3
-#define KR_7    45
-#define KR_8    61
-#define KR_9     1
-#define KR_10    6
-#define KR_11   25
-#define KR_12    8
-#define KR_13   18
-#define KR_14   27
-#define KR_15   36
-#define KR_16   10
-#define KR_17   15
-#define KR_18   56
-#define KR_19   62
-#define KR_20   55
-#define KR_21   39
-#define KR_22   41
-#define KR_23    2
-
-/* Mix the XOR of the column's values into each number by column.
- *
- * s  The state.
- * b  Temporary array of XORed column values.
- * x  The index of the column.
- * t  Temporary variable.
- */
-#define COL_MIX(s, b, x, t)                                                         \
-do {                                                                                \
-    (b)[0] = (s)[0] ^ (s)[5] ^ (s)[10] ^ (s)[15] ^ (s)[20];                         \
-    (b)[1] = (s)[1] ^ (s)[6] ^ (s)[11] ^ (s)[16] ^ (s)[21];                         \
-    (b)[2] = (s)[2] ^ (s)[7] ^ (s)[12] ^ (s)[17] ^ (s)[22];                         \
-    (b)[3] = (s)[3] ^ (s)[8] ^ (s)[13] ^ (s)[18] ^ (s)[23];                         \
-    (b)[4] = (s)[4] ^ (s)[9] ^ (s)[14] ^ (s)[19] ^ (s)[24];                         \
-    (t) = (b)[(0 + 4) % 5] ^ ROTL64((b)[(0 + 1) % 5], 1);                           \
-    (s)[ 0] ^= (t); (s)[ 5] ^= (t); (s)[10] ^= (t); (s)[15] ^= (t); (s)[20] ^= (t); \
-    (t) = (b)[(1 + 4) % 5] ^ ROTL64((b)[(1 + 1) % 5], 1);                           \
-    (s)[ 1] ^= (t); (s)[ 6] ^= (t); (s)[11] ^= (t); (s)[16] ^= (t); (s)[21] ^= (t); \
-    (t) = (b)[(2 + 4) % 5] ^ ROTL64((b)[(2 + 1) % 5], 1);                           \
-    (s)[ 2] ^= (t); (s)[ 7] ^= (t); (s)[12] ^= (t); (s)[17] ^= (t); (s)[22] ^= (t); \
-    (t) = (b)[(3 + 4) % 5] ^ ROTL64((b)[(3 + 1) % 5], 1);                           \
-    (s)[ 3] ^= (t); (s)[ 8] ^= (t); (s)[13] ^= (t); (s)[18] ^= (t); (s)[23] ^= (t); \
-    (t) = (b)[(4 + 4) % 5] ^ ROTL64((b)[(4 + 1) % 5], 1);                           \
-    (s)[ 4] ^= (t); (s)[ 9] ^= (t); (s)[14] ^= (t); (s)[19] ^= (t); (s)[24] ^= (t); \
-}                                                                                   \
-while (0)
-
-#define S(s1, i) ROTL64((s1)[KI_##i], KR_##i)
-
-#ifdef SHA3_BY_SPEC
-/* Mix the row values.
- * BMI1 has ANDN instruction ((~a) & b) - Haswell and above.
- *
- * s2  The new state.
- * s1  The current state.
- * b   Temporary array of XORed row values.
- * t0  Temporary variable. (Unused)
- * t1  Temporary variable. (Unused)
- */
-#define ROW_MIX(s2, s1, b, t0, t1)                    \
-do {                                                  \
-    (b)[0] = (s1)[0];                                 \
-    (b)[1] = S((s1), 0);                              \
-    (b)[2] = S((s1), 1);                              \
-    (b)[3] = S((s1), 2);                              \
-    (b)[4] = S((s1), 3);                              \
-    (s2)[0] = (b)[0] ^ (~(b)[1] & (b)[2]);            \
-    (s2)[1] = (b)[1] ^ (~(b)[2] & (b)[3]);            \
-    (s2)[2] = (b)[2] ^ (~(b)[3] & (b)[4]);            \
-    (s2)[3] = (b)[3] ^ (~(b)[4] & (b)[0]);            \
-    (s2)[4] = (b)[4] ^ (~(b)[0] & (b)[1]);            \
-    (b)[0] = S((s1), 4);                              \
-    (b)[1] = S((s1), 5);                              \
-    (b)[2] = S((s1), 6);                              \
-    (b)[3] = S((s1), 7);                              \
-    (b)[4] = S((s1), 8);                              \
-    (s2)[5] = (b)[0] ^ (~(b)[1] & (b)[2]);            \
-    (s2)[6] = (b)[1] ^ (~(b)[2] & (b)[3]);            \
-    (s2)[7] = (b)[2] ^ (~(b)[3] & (b)[4]);            \
-    (s2)[8] = (b)[3] ^ (~(b)[4] & (b)[0]);            \
-    (s2)[9] = (b)[4] ^ (~(b)[0] & (b)[1]);            \
-    (b)[0] = S((s1), 9);                              \
-    (b)[1] = S((s1), 10);                             \
-    (b)[2] = S((s1), 11);                             \
-    (b)[3] = S((s1), 12);                             \
-    (b)[4] = S((s1), 13);                             \
-    (s2)[10] = (b)[0] ^ (~(b)[1] & (b)[2]);           \
-    (s2)[11] = (b)[1] ^ (~(b)[2] & (b)[3]);           \
-    (s2)[12] = (b)[2] ^ (~(b)[3] & (b)[4]);           \
-    (s2)[13] = (b)[3] ^ (~(b)[4] & (b)[0]);           \
-    (s2)[14] = (b)[4] ^ (~(b)[0] & (b)[1]);           \
-    (b)[0] = S((s1), 14);                             \
-    (b)[1] = S((s1), 15);                             \
-    (b)[2] = S((s1), 16);                             \
-    (b)[3] = S((s1), 17);                             \
-    (b)[4] = S((s1), 18);                             \
-    (s2)[15] = (b)[0] ^ (~(b)[1] & (b)[2]);           \
-    (s2)[16] = (b)[1] ^ (~(b)[2] & (b)[3]);           \
-    (s2)[17] = (b)[2] ^ (~(b)[3] & (b)[4]);           \
-    (s2)[18] = (b)[3] ^ (~(b)[4] & (b)[0]);           \
-    (s2)[19] = (b)[4] ^ (~(b)[0] & (b)[1]);           \
-    (b)[0] = S((s1), 19);                             \
-    (b)[1] = S((s1), 20);                             \
-    (b)[2] = S((s1), 21);                             \
-    (b)[3] = S((s1), 22);                             \
-    (b)[4] = S((s1), 23);                             \
-    (s2)[20] = (b)[0] ^ (~(b)[1] & (b)[2]);           \
-    (s2)[21] = (b)[1] ^ (~(b)[2] & (b)[3]);           \
-    (s2)[22] = (b)[2] ^ (~(b)[3] & (b)[4]);           \
-    (s2)[23] = (b)[3] ^ (~(b)[4] & (b)[0]);           \
-    (s2)[24] = (b)[4] ^ (~(b)[0] & (b)[1]);           \
-}                                                     \
-while (0)
-#else
-/* Mix the row values.
- * a ^ (~b & c) == a ^ (c & (b ^ c)) == (a ^ b) ^ (b | c)
- *
- * s2  The new state.
- * s1  The current state.
- * b   Temporary array of XORed row values.
- * t12 Temporary variable.
- * t34 Temporary variable.
- */
-#define ROW_MIX(s2, s1, b, t12, t34)                      \
-do {                                                      \
-    (b)[0] = (s1)[0];                                     \
-    (b)[1] = S((s1), 0);                                  \
-    (b)[2] = S((s1), 1);                                  \
-    (b)[3] = S((s1), 2);                                  \
-    (b)[4] = S((s1), 3);                                  \
-    (t12) = ((b)[1] ^ (b)[2]); (t34) = ((b)[3] ^ (b)[4]); \
-    (s2)[0] = (b)[0] ^ ((b)[2] &  (t12));                 \
-    (s2)[1] =  (t12) ^ ((b)[2] | (b)[3]);                 \
-    (s2)[2] = (b)[2] ^ ((b)[4] &  (t34));                 \
-    (s2)[3] =  (t34) ^ ((b)[4] | (b)[0]);                 \
-    (s2)[4] = (b)[4] ^ ((b)[1] & ((b)[0] ^ (b)[1]));      \
-    (b)[0] = S((s1), 4);                                  \
-    (b)[1] = S((s1), 5);                                  \
-    (b)[2] = S((s1), 6);                                  \
-    (b)[3] = S((s1), 7);                                  \
-    (b)[4] = S((s1), 8);                                  \
-    (t12) = ((b)[1] ^ (b)[2]); (t34) = ((b)[3] ^ (b)[4]); \
-    (s2)[5] = (b)[0] ^ ((b)[2] &  (t12));                 \
-    (s2)[6] =  (t12) ^ ((b)[2] | (b)[3]);                 \
-    (s2)[7] = (b)[2] ^ ((b)[4] &  (t34));                 \
-    (s2)[8] =  (t34) ^ ((b)[4] | (b)[0]);                 \
-    (s2)[9] = (b)[4] ^ ((b)[1] & ((b)[0] ^ (b)[1]));      \
-    (b)[0] = S((s1), 9);                                  \
-    (b)[1] = S((s1), 10);                                 \
-    (b)[2] = S((s1), 11);                                 \
-    (b)[3] = S((s1), 12);                                 \
-    (b)[4] = S((s1), 13);                                 \
-    (t12) = ((b)[1] ^ (b)[2]); (t34) = ((b)[3] ^ (b)[4]); \
-    (s2)[10] = (b)[0] ^ ((b)[2] &  (t12));                \
-    (s2)[11] =  (t12) ^ ((b)[2] | (b)[3]);                \
-    (s2)[12] = (b)[2] ^ ((b)[4] &  (t34));                \
-    (s2)[13] =  (t34) ^ ((b)[4] | (b)[0]);                \
-    (s2)[14] = (b)[4] ^ ((b)[1] & ((b)[0] ^ (b)[1]));     \
-    (b)[0] = S((s1), 14);                                 \
-    (b)[1] = S((s1), 15);                                 \
-    (b)[2] = S((s1), 16);                                 \
-    (b)[3] = S((s1), 17);                                 \
-    (b)[4] = S((s1), 18);                                 \
-    (t12) = ((b)[1] ^ (b)[2]); (t34) = ((b)[3] ^ (b)[4]); \
-    (s2)[15] = (b)[0] ^ ((b)[2] &  (t12));                \
-    (s2)[16] =  (t12) ^ ((b)[2] | (b)[3]);                \
-    (s2)[17] = (b)[2] ^ ((b)[4] &  (t34));                \
-    (s2)[18] =  (t34) ^ ((b)[4] | (b)[0]);                \
-    (s2)[19] = (b)[4] ^ ((b)[1] & ((b)[0] ^ (b)[1]));     \
-    (b)[0] = S((s1), 19);                                 \
-    (b)[1] = S((s1), 20);                                 \
-    (b)[2] = S((s1), 21);                                 \
-    (b)[3] = S((s1), 22);                                 \
-    (b)[4] = S((s1), 23);                                 \
-    (t12) = ((b)[1] ^ (b)[2]); (t34) = ((b)[3] ^ (b)[4]); \
-    (s2)[20] = (b)[0] ^ ((b)[2] &  (t12));                \
-    (s2)[21] =  (t12) ^ ((b)[2] | (b)[3]);                \
-    (s2)[22] = (b)[2] ^ ((b)[4] &  (t34));                \
-    (s2)[23] =  (t34) ^ ((b)[4] | (b)[0]);                \
-    (s2)[24] = (b)[4] ^ ((b)[1] & ((b)[0] ^ (b)[1]));     \
-}                                                         \
-while (0)
-#endif /* SHA3_BY_SPEC */
-
-#if !defined(STM32_HASH_SHA3) && !defined(PSOC6_HASH_SHA3)
-/* The block operation performed on the state.
- *
- * s  The state.
- */
-void BlockSha3(word64* s)
-{
-    word64 n[25];
-    word64 b[5];
-    word64 t0;
-#ifndef SHA3_BY_SPEC
-    word64 t1;
-#endif
-    word32 i;
-
-    for (i = 0; i < 24; i += 2)
-    {
-        COL_MIX(s, b, x, t0);
-        ROW_MIX(n, s, b, t0, t1);
-        n[0] ^= hash_keccak_r[i];
-
-        COL_MIX(n, b, x, t0);
-        ROW_MIX(s, n, b, t0, t1);
-        s[0] ^= hash_keccak_r[i+1];
-    }
-}
-#endif /* WOLFSSL_SHA3_SMALL */
-#endif /* STM32_HASH_SHA3 */
-#endif /* !WOLFSSL_ARMASM && !WOLFSSL_RISCV_ASM */
-
-#if !defined(STM32_HASH_SHA3) && !defined(PSOC6_HASH_SHA3)
-#if defined(BIG_ENDIAN_ORDER)
-static WC_INLINE word64 Load64Unaligned(const unsigned char *a)
-{
-    return ((word64)a[0] <<  0) |
-           ((word64)a[1] <<  8) |
-           ((word64)a[2] << 16) |
-           ((word64)a[3] << 24) |
-           ((word64)a[4] << 32) |
-           ((word64)a[5] << 40) |
-           ((word64)a[6] << 48) |
-           ((word64)a[7] << 56);
-}
-
-/* Convert the array of bytes, in little-endian order, to a 64-bit integer.
- *
- * a  Array of bytes.
- * returns a 64-bit integer.
- */
-static word64 Load64BitBigEndian(const byte* a)
-{
-    word64 n = 0;
-    int i;
-
-    for (i = 0; i < 8; i++)
-        n |= (word64)a[i] << (8 * i);
-
-    return n;
-}
-#endif
-
-/* Initialize the state for a SHA3-224 hash operation.
- *
- * sha3   wc_Sha3 object holding state.
- * returns 0 on success.
- */
-
-static int InitSha3(wc_Sha3* sha3)
-{
-    int i;
-
-    for (i = 0; i < 25; i++)
-        sha3->s[i] = 0;
-    sha3->i = 0;
-#ifdef WOLFSSL_HASH_FLAGS
-    sha3->flags = 0;
-#endif
-
-#ifdef USE_INTEL_SPEEDUP
-    {
-        int cpuid_flags_were_updated = cpuid_get_flags_ex(&cpuid_flags);
-#ifdef WC_C_DYNAMIC_FALLBACK
-        (void)cpuid_flags_were_updated;
-        if (! CAN_SAVE_VECTOR_REGISTERS()) {
-            SHA3_BLOCK = BlockSha3;
-            SHA3_BLOCK_N = NULL;
-        }
-        else
-#else
-        if ((! cpuid_flags_were_updated) && (SHA3_BLOCK != NULL)) {
-        }
-        else
-#endif
-        if (IS_INTEL_AVX2(cpuid_flags)) {
-            SHA3_BLOCK = sha3_block_avx2;
-            SHA3_BLOCK_N = sha3_block_n_avx2;
-        }
-        else if (IS_INTEL_BMI1(cpuid_flags) && IS_INTEL_BMI2(cpuid_flags)) {
-            SHA3_BLOCK = sha3_block_bmi2;
-            SHA3_BLOCK_N = sha3_block_n_bmi2;
-        }
-        else {
-            SHA3_BLOCK = BlockSha3;
-            SHA3_BLOCK_N = NULL;
-        }
-    }
-#define SHA3_FUNC_PTR
-#endif /* USE_INTEL_SPEEDUP */
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-    {
-        int cpuid_flags_were_updated = cpuid_get_flags_ex(&cpuid_flags);
-        if ((! cpuid_flags_were_updated) && (SHA3_BLOCK != NULL)) {
-        }
-        else
-    #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
-        if (IS_AARCH64_SHA3(cpuid_flags)) {
-            SHA3_BLOCK = BlockSha3_crypto;
-            SHA3_BLOCK_N = NULL;
-        }
-        else
-    #endif
-        {
-            SHA3_BLOCK = BlockSha3_base;
-            SHA3_BLOCK_N = NULL;
-        }
-    }
-#define SHA3_FUNC_PTR
-#endif
-
-    return 0;
-}
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-void BlockSha3(word64* s)
-{
-    (*SHA3_BLOCK)(s);
-}
-#endif
-
-/* Update the SHA-3 hash state with message data.
- *
- * sha3  wc_Sha3 object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * p     Number of 64-bit numbers in a block of data to process.
- * returns 0 on success.
- */
-static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
-{
-    word32 i;
-    word32 blocks;
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    }
-#endif
-    if (sha3->i > 0) {
-        byte *t;
-        byte l = (byte)(p * 8 - sha3->i);
-        if (l > len) {
-            l = (byte)len;
-        }
-
-        t = &sha3->t[sha3->i];
-        for (i = 0; i < l; i++) {
-            t[i] = data[i];
-        }
-        data += i;
-        len -= i;
-        sha3->i = (byte)(sha3->i + i);
-
-        if (sha3->i == p * 8) {
-        #if !defined(BIG_ENDIAN_ORDER)
-            xorbuf(sha3->s, sha3->t, (word32)(p * 8));
-        #else
-            for (i = 0; i < p; i++) {
-                sha3->s[i] ^= Load64BitBigEndian(sha3->t + 8 * i);
-            }
-        #endif
-        #ifdef SHA3_FUNC_PTR
-            (*SHA3_BLOCK)(sha3->s);
-        #else
-            BlockSha3(sha3->s);
-        #endif
-            sha3->i = 0;
-        }
-    }
-    blocks = len / (p * 8U);
-    #ifdef SHA3_FUNC_PTR
-    if ((SHA3_BLOCK_N != NULL) && (blocks > 0)) {
-        (*SHA3_BLOCK_N)(sha3->s, data, blocks, p * 8U);
-        len -= blocks * (p * 8U);
-        data += blocks * (p * 8U);
-        blocks = 0;
-    }
-    #endif
-    for (; blocks > 0; blocks--) {
-    #if !defined(BIG_ENDIAN_ORDER)
-        xorbuf(sha3->s, data, (word32)(p * 8));
-    #else
-        for (i = 0; i < p; i++) {
-            sha3->s[i] ^= Load64Unaligned(data + 8 * i);
-        }
-    #endif
-    #ifdef SHA3_FUNC_PTR
-        (*SHA3_BLOCK)(sha3->s);
-    #else
-        BlockSha3(sha3->s);
-    #endif
-        len -= p * 8U;
-        data += p * 8U;
-    }
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2) {
-        RESTORE_VECTOR_REGISTERS();
-    }
-#endif
-    if (len > 0) {
-        XMEMCPY(sha3->t, data, len);
-    }
-    sha3->i = (byte)(sha3->i + len);
-
-    return 0;
-}
-
-/* Calculate the SHA-3 hash based on all the message data seen.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result.
- * p     Number of 64-bit numbers in a block of data to process.
- * len   Number of bytes in output.
- * returns 0 on success.
- */
-static int Sha3Final(wc_Sha3* sha3, byte padChar, byte* hash, byte p, word32 l)
-{
-    word32 rate = p * 8U;
-    word32 j;
-#if defined(BIG_ENDIAN_ORDER)
-    word32 i;
-#endif
-
-#if !defined(BIG_ENDIAN_ORDER)
-    xorbuf(sha3->s, sha3->t, sha3->i);
-#ifdef WOLFSSL_HASH_FLAGS
-    if ((p == WC_SHA3_256_COUNT) && (sha3->flags & WC_HASH_SHA3_KECCAK256)) {
-        padChar = 0x01;
-    }
-#endif
-    ((byte*)sha3->s)[sha3->i ] ^= padChar;
-    ((byte*)sha3->s)[rate - 1] ^= 0x80;
-#else
-    sha3->t[rate - 1]  = 0x00;
-#ifdef WOLFSSL_HASH_FLAGS
-    if ((p == WC_SHA3_256_COUNT) && (sha3->flags & WC_HASH_SHA3_KECCAK256)) {
-        padChar = 0x01;
-    }
-#endif
-    sha3->t[sha3->i ]  = padChar;
-    sha3->t[rate - 1] |= 0x80;
-    if (rate - 1 > (word32)sha3->i + 1) {
-        XMEMSET(sha3->t + sha3->i + 1, 0, rate - 1U - (sha3->i + 1U));
-    }
-    for (i = 0; i < p; i++) {
-        sha3->s[i] ^= Load64BitBigEndian(sha3->t + 8 * i);
-    }
-#endif
-
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2)
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#endif
-
-    for (j = 0; l - j >= rate; j += rate) {
-    #ifdef SHA3_FUNC_PTR
-        (*SHA3_BLOCK)(sha3->s);
-    #else
-        BlockSha3(sha3->s);
-    #endif
-    #if defined(BIG_ENDIAN_ORDER)
-        ByteReverseWords64((word64*)(hash + j), sha3->s, rate);
-    #else
-        XMEMCPY(hash + j, sha3->s, rate);
-    #endif
-    }
-    if (j != l) {
-    #ifdef SHA3_FUNC_PTR
-        (*SHA3_BLOCK)(sha3->s);
-    #else
-        BlockSha3(sha3->s);
-    #endif
-    #if defined(BIG_ENDIAN_ORDER)
-        ByteReverseWords64(sha3->s, sha3->s, rate);
-    #endif
-        XMEMCPY(hash + j, sha3->s, l - j);
-    }
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2) {
-        RESTORE_VECTOR_REGISTERS();
-    }
-#endif
-
-    return 0;
-}
-#endif
-#if defined(STM32_HASH_SHA3)
-
-    /* Supports CubeMX HAL or Standard Peripheral Library */
-
-    static int wc_InitSha3(wc_Sha3* sha3, void* heap, int devId)
-    {
-        if (sha3 == NULL)
-            return BAD_FUNC_ARG;
-
-        (void)devId;
-        (void)heap;
-
-        XMEMSET(sha3, 0, sizeof(wc_Sha3));
-        wc_Stm32_Hash_Init(&sha3->stmCtx);
-        return 0;
-    }
-
-    static int Stm32GetAlgo(byte p)
-    {
-        switch(p) {
-            case WC_SHA3_224_COUNT:
-                return HASH_ALGOSELECTION_SHA3_224;
-            case WC_SHA3_256_COUNT:
-                return HASH_ALGOSELECTION_SHA3_256;
-            case WC_SHA3_384_COUNT:
-                return HASH_ALGOSELECTION_SHA3_384;
-            case WC_SHA3_512_COUNT:
-                return HASH_ALGOSELECTION_SHA3_512;
-        }
-        /* Should never get here */
-        return WC_SHA3_224_COUNT;
-    }
-
-    static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
-    {
-        int ret = 0;
-
-        if (sha3 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-        if (data == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Update(&sha3->stmCtx,
-                Stm32GetAlgo(p), data, len, p * 8);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
-    {
-        int ret = 0;
-
-        if (sha3 == NULL || hash == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Final(&sha3->stmCtx,
-                Stm32GetAlgo(p), hash, len);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-
-        (void)wc_InitSha3(sha3, NULL, 0); /* reset state */
-
-        return ret;
-    }
-#elif defined(PSOC6_HASH_SHA3)
-
-static int wc_InitSha3(wc_Sha3* sha3, void* heap, int devId)
-{
-    int ret;
-    if (sha3 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    (void)devId;
-    (void)heap;
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Initialize hash state for SHA-3 operation */
-        ret = wc_Psoc6_Sha3_Init(sha3);
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
-{
-    int ret;
-
-    if (sha3 == NULL || (data == NULL && len > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Perform SHA3 on the input data and update the hash state */
-        ret = wc_Psoc6_Sha3_Update(sha3, data, len, p);
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
-{
-    int ret;
-
-    if (sha3 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Finalize SHA3 operations and produce digest */
-        ret = wc_Psoc6_Sha3_Final(sha3, 0x06, hash, p, len);
-        if (ret == 0) {
-            /* Initialize hash state for SHA-3 operation */
-            ret = wc_Psoc6_Sha3_Init(sha3);
-        }
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-#else
-
-/* Initialize the state for a SHA-3 hash operation.
- *
- * sha3   wc_Sha3 object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-static int wc_InitSha3(wc_Sha3* sha3, void* heap, int devId)
-{
-    int ret = 0;
-
-    if (sha3 == NULL)
-        return BAD_FUNC_ARG;
-
-    sha3->heap = heap;
-    ret = InitSha3(sha3);
-    if (ret != 0)
-        return ret;
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)
-    ret = wolfAsync_DevCtxInit(&sha3->asyncDev,
-                        WOLFSSL_ASYNC_MARKER_SHA3, sha3->heap, devId);
-#endif
-#if defined(WOLF_CRYPTO_CB)
-    sha3->devId = devId;
-    /* Set to none to determine the hash type later */
-    /* in the update/final functions based on the p value */
-    sha3->hashType = WC_HASH_TYPE_NONE;
-#endif
-    (void)devId;
-
-    return ret;
-}
-
-/* Update the SHA-3 hash state with message data.
- *
- * sha3  wc_Sha3 object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * p     Number of 64-bit numbers in a block of data to process.
- * returns 0 on success.
- */
-static int wc_Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
-{
-    int ret;
-
-    if (sha3 == NULL || (data == NULL && len > 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha3->devId != INVALID_DEVID)
-    #endif
-    {
-        /* If the hash type is not set, determine it based on the p value */
-        /* We can skip the switch statement if the hash type set already */
-        if (sha3->hashType == WC_HASH_TYPE_NONE) {
-            switch (p) {
-                case WC_SHA3_224_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_224; break;
-                case WC_SHA3_256_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_256; break;
-                case WC_SHA3_384_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_384; break;
-                case WC_SHA3_512_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_512; break;
-                default: return BAD_FUNC_ARG;
-            }
-        }
-        ret = wc_CryptoCb_Sha3Hash(sha3, sha3->hashType, data, len, NULL);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)
-    if (sha3->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA3) {
-    #if defined(HAVE_INTEL_QA) && defined(QAT_V2)
-        /* QAT only supports SHA3_256 */
-        if (p == WC_SHA3_256_COUNT) {
-            ret = IntelQaSymSha3(&sha3->asyncDev, NULL, data, len);
-            if (ret != WC_NO_ERR_TRACE(NOT_COMPILED_IN))
-                return ret;
-            /* fall-through when unavailable */
-        }
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    ret = Sha3Update(sha3, data, len, p);
-
-    return ret;
-}
-
-/* Calculate the SHA-3 hash based on all the message data seen.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result.
- * p     Number of 64-bit numbers in a block of data to process.
- * len   Number of bytes in output.
- * returns 0 on success.
- */
-static int wc_Sha3Final(wc_Sha3* sha3, byte* hash, byte p, byte len)
-{
-    int ret;
-
-    if (sha3 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha3->devId != INVALID_DEVID)
-    #endif
-    {
-        /* If the hash type is not set, determine it based on the p value */
-        /* We can skip the switch statement if the hash type is set already */
-        if (sha3->hashType == WC_HASH_TYPE_NONE) {
-            switch (p) {
-                case WC_SHA3_224_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_224; break;
-                case WC_SHA3_256_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_256; break;
-                case WC_SHA3_384_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_384; break;
-                case WC_SHA3_512_COUNT:
-                    sha3->hashType = WC_HASH_TYPE_SHA3_512; break;
-                default: return BAD_FUNC_ARG;
-            }
-        }
-        ret = wc_CryptoCb_Sha3Hash(sha3, sha3->hashType, NULL, 0, hash);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)
-    if (sha3->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA3) {
-    #if defined(HAVE_INTEL_QA) && defined(QAT_V2)
-        /* QAT only supports SHA3_256 */
-        /* QAT SHA-3 only supported on v2 (8970 or later cards) */
-        if (len == WC_SHA3_256_DIGEST_SIZE) {
-            ret = IntelQaSymSha3(&sha3->asyncDev, hash, NULL, len);
-            if (ret != WC_NO_ERR_TRACE(NOT_COMPILED_IN))
-                return ret;
-            /* fall-through when unavailable */
-        }
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    ret = Sha3Final(sha3, 0x06, hash, p, (word32)len);
-    if (ret != 0)
-        return ret;
-
-    return InitSha3(sha3);  /* reset state */
-}
-#endif
-
-/* Dispose of any dynamically allocated data from the SHA3-384 operation.
- * (Required for async ops.)
- *
- * sha3  wc_Sha3 object holding state.
- * returns 0 on success.
- */
-static void wc_Sha3Free(wc_Sha3* sha3)
-{
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    int ret = 0;
-#endif
-
-    (void)sha3;
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    if (sha3 == NULL)
-        return;
-
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha3->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Free(sha3->devId, WC_ALGO_TYPE_HASH,
-                         sha3->hashType, (void*)sha3);
-        /* If they want the standard free, they can call it themselves */
-        /* via their callback setting devId to INVALID_DEVID */
-        /* otherwise assume the callback handled it */
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return;
-        /* fall-through when unavailable */
-    }
-
-    /* silence compiler warning */
-    (void)ret;
-
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)
-    if (sha3 == NULL)
-        return;
-
-    wolfAsync_DevCtxFree(&sha3->asyncDev, WOLFSSL_ASYNC_MARKER_SHA3);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#if defined(PSOC6_HASH_SHA3)
-    wc_Psoc6_Sha_Free();
-#endif
-}
-
-/* Copy the state of the SHA3 operation.
- *
- * src  wc_Sha3 object holding state top copy.
- * dst  wc_Sha3 object to copy into.
- * returns 0 on success.
- */
-static int wc_Sha3Copy(wc_Sha3* src, wc_Sha3* dst)
-{
-    int ret = 0;
-
-    if (src == NULL || dst == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (src->devId != INVALID_DEVID)
-    #endif
-    {
-        /* Cast the source and destination to be void to keep the abstraction */
-        ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
-                               src->hashType, (void*)src, (void*)dst);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-    ret = 0; /* Reset ret to 0 to avoid returning the callback error code */
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
-
-    XMEMCPY(dst, src, sizeof(wc_Sha3));
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA3)
-    ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
-#endif
-
-#if defined(PSOC6_HASH_SHA3)
-    /* Re-initialize internal pointers in hash_state that point inside sha_buffers */
-    dst->hash_state.hash = (uint8_t*)((cy_stc_crypto_v2_sha3_buffers_t *)&dst->sha_buffers)->hash;
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-     dst->flags |= WC_HASH_FLAG_ISCOPY;
-#endif
-
-    return ret;
-}
-
-/* Calculate the SHA3-224 hash based on all the message data so far.
- * More message data can be added, after this operation, using the current
- * state.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 28 bytes.
- * p     Number of 64-bit numbers in a block of data to process.
- * len   Number of bytes in output.
- * returns 0 on success.
- */
-static int wc_Sha3GetHash(wc_Sha3* sha3, byte* hash, byte p, byte len)
-{
-    int ret;
-    wc_Sha3 tmpSha3;
-
-    if (sha3 == NULL || hash == NULL)
-        return BAD_FUNC_ARG;
-
-    ret = wc_Sha3Copy(sha3, &tmpSha3);
-    if (ret == 0) {
-        ret = wc_Sha3Final(&tmpSha3, hash, p, len);
-    }
-    return ret;
-}
-
-/* Initialize the state for a SHA3-224 hash operation.
- *
- * sha3   wc_Sha3 object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-int wc_InitSha3_224(wc_Sha3* sha3, void* heap, int devId)
-{
-    return wc_InitSha3(sha3, heap, devId);
-}
-
-/* Update the SHA3-224 hash state with message data.
- *
- * sha3  wc_Sha3 object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * returns 0 on success.
- */
-int wc_Sha3_224_Update(wc_Sha3* sha3, const byte* data, word32 len)
-{
-    return wc_Sha3Update(sha3, data, len, WC_SHA3_224_COUNT);
-}
-
-/* Calculate the SHA3-224 hash based on all the message data seen.
- * The state is initialized ready for a new message to hash.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 28 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_224_Final(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3Final(sha3, hash, WC_SHA3_224_COUNT, WC_SHA3_224_DIGEST_SIZE);
-}
-
-/* Dispose of any dynamically allocated data from the SHA3-224 operation.
- * (Required for async ops.)
- *
- * sha3  wc_Sha3 object holding state.
- * returns 0 on success.
- */
-void wc_Sha3_224_Free(wc_Sha3* sha3)
-{
-    wc_Sha3Free(sha3);
-}
-
-/* Calculate the SHA3-224 hash based on all the message data so far.
- * More message data can be added, after this operation, using the current
- * state.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 28 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_224_GetHash(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3GetHash(sha3, hash, WC_SHA3_224_COUNT, WC_SHA3_224_DIGEST_SIZE);
-}
-
-/* Copy the state of the SHA3-224 operation.
- *
- * src  wc_Sha3 object holding state top copy.
- * dst  wc_Sha3 object to copy into.
- * returns 0 on success.
- */
-int wc_Sha3_224_Copy(wc_Sha3* src, wc_Sha3* dst)
-{
-    return wc_Sha3Copy(src, dst);
-}
-
-
-/* Initialize the state for a SHA3-256 hash operation.
- *
- * sha3   wc_Sha3 object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-int wc_InitSha3_256(wc_Sha3* sha3, void* heap, int devId)
-{
-    return wc_InitSha3(sha3, heap, devId);
-}
-
-/* Update the SHA3-256 hash state with message data.
- *
- * sha3  wc_Sha3 object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * returns 0 on success.
- */
-int wc_Sha3_256_Update(wc_Sha3* sha3, const byte* data, word32 len)
-{
-    return wc_Sha3Update(sha3, data, len, WC_SHA3_256_COUNT);
-}
-
-/* Calculate the SHA3-256 hash based on all the message data seen.
- * The state is initialized ready for a new message to hash.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 32 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_256_Final(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3Final(sha3, hash, WC_SHA3_256_COUNT, WC_SHA3_256_DIGEST_SIZE);
-}
-
-/* Dispose of any dynamically allocated data from the SHA3-256 operation.
- * (Required for async ops.)
- *
- * sha3  wc_Sha3 object holding state.
- * returns 0 on success.
- */
-void wc_Sha3_256_Free(wc_Sha3* sha3)
-{
-    wc_Sha3Free(sha3);
-}
-
-/* Calculate the SHA3-256 hash based on all the message data so far.
- * More message data can be added, after this operation, using the current
- * state.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 32 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_256_GetHash(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3GetHash(sha3, hash, WC_SHA3_256_COUNT, WC_SHA3_256_DIGEST_SIZE);
-}
-
-/* Copy the state of the SHA3-256 operation.
- *
- * src  wc_Sha3 object holding state top copy.
- * dst  wc_Sha3 object to copy into.
- * returns 0 on success.
- */
-int wc_Sha3_256_Copy(wc_Sha3* src, wc_Sha3* dst)
-{
-    return wc_Sha3Copy(src, dst);
-}
-
-
-/* Initialize the state for a SHA3-384 hash operation.
- *
- * sha3   wc_Sha3 object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-int wc_InitSha3_384(wc_Sha3* sha3, void* heap, int devId)
-{
-    return wc_InitSha3(sha3, heap, devId);
-}
-
-/* Update the SHA3-384 hash state with message data.
- *
- * sha3  wc_Sha3 object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * returns 0 on success.
- */
-int wc_Sha3_384_Update(wc_Sha3* sha3, const byte* data, word32 len)
-{
-    return wc_Sha3Update(sha3, data, len, WC_SHA3_384_COUNT);
-}
-
-/* Calculate the SHA3-384 hash based on all the message data seen.
- * The state is initialized ready for a new message to hash.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 48 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_384_Final(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3Final(sha3, hash, WC_SHA3_384_COUNT, WC_SHA3_384_DIGEST_SIZE);
-}
-
-/* Dispose of any dynamically allocated data from the SHA3-384 operation.
- * (Required for async ops.)
- *
- * sha3  wc_Sha3 object holding state.
- * returns 0 on success.
- */
-void wc_Sha3_384_Free(wc_Sha3* sha3)
-{
-    wc_Sha3Free(sha3);
-}
-
-/* Calculate the SHA3-384 hash based on all the message data so far.
- * More message data can be added, after this operation, using the current
- * state.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 48 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_384_GetHash(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3GetHash(sha3, hash, WC_SHA3_384_COUNT, WC_SHA3_384_DIGEST_SIZE);
-}
-
-/* Copy the state of the SHA3-384 operation.
- *
- * src  wc_Sha3 object holding state top copy.
- * dst  wc_Sha3 object to copy into.
- * returns 0 on success.
- */
-int wc_Sha3_384_Copy(wc_Sha3* src, wc_Sha3* dst)
-{
-    return wc_Sha3Copy(src, dst);
-}
-
-
-/* Initialize the state for a SHA3-512 hash operation.
- *
- * sha3   wc_Sha3 object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-int wc_InitSha3_512(wc_Sha3* sha3, void* heap, int devId)
-{
-    return wc_InitSha3(sha3, heap, devId);
-}
-
-/* Update the SHA3-512 hash state with message data.
- *
- * sha3  wc_Sha3 object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * returns 0 on success.
- */
-int wc_Sha3_512_Update(wc_Sha3* sha3, const byte* data, word32 len)
-{
-    return wc_Sha3Update(sha3, data, len, WC_SHA3_512_COUNT);
-}
-
-/* Calculate the SHA3-512 hash based on all the message data seen.
- * The state is initialized ready for a new message to hash.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 64 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_512_Final(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3Final(sha3, hash, WC_SHA3_512_COUNT, WC_SHA3_512_DIGEST_SIZE);
-}
-
-/* Dispose of any dynamically allocated data from the SHA3-512 operation.
- * (Required for async ops.)
- *
- * sha3  wc_Sha3 object holding state.
- * returns 0 on success.
- */
-void wc_Sha3_512_Free(wc_Sha3* sha3)
-{
-    wc_Sha3Free(sha3);
-}
-
-/* Calculate the SHA3-512 hash based on all the message data so far.
- * More message data can be added, after this operation, using the current
- * state.
- *
- * sha3  wc_Sha3 object holding state.
- * hash  Buffer to hold the hash result. Must be at least 64 bytes.
- * returns 0 on success.
- */
-int wc_Sha3_512_GetHash(wc_Sha3* sha3, byte* hash)
-{
-    return wc_Sha3GetHash(sha3, hash, WC_SHA3_512_COUNT, WC_SHA3_512_DIGEST_SIZE);
-}
-
-/* Copy the state of the SHA3-512 operation.
- *
- * src  wc_Sha3 object holding state top copy.
- * dst  wc_Sha3 object to copy into.
- * returns 0 on success.
- */
-int wc_Sha3_512_Copy(wc_Sha3* src, wc_Sha3* dst)
-{
-    return wc_Sha3Copy(src, dst);
-}
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_Sha3_SetFlags(wc_Sha3* sha3, word32 flags)
-{
-    if (sha3) {
-        sha3->flags = flags;
-    }
-    return 0;
-}
-int wc_Sha3_GetFlags(wc_Sha3* sha3, word32* flags)
-{
-    if (sha3 && flags) {
-        *flags = sha3->flags;
-    }
-    return 0;
-}
-#endif
-
-#ifdef WOLFSSL_SHAKE128
-/* Initialize the state for a Shake128 hash operation.
- *
- * shake  wc_Shake object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-int wc_InitShake128(wc_Shake* shake, void* heap, int devId)
-{
-    return wc_InitSha3(shake, heap, devId);
-}
-
-#if defined(PSOC6_HASH_SHA3)
-
-int wc_Shake128_Update(wc_Shake* shake, const byte* data, word32 len)
-{
-    int ret;
-    if (shake == NULL || (data == NULL && len > 0)) {
-         return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Perform SHA3 on the input data and update the hash state */
-        ret = wc_Psoc6_Sha3_Update(shake, data, len, WC_SHA3_128_COUNT);
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-int wc_Shake128_Final(wc_Shake* shake, byte* hash, word32 hashLen)
-{
-    int ret;
-
-    if (shake == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Finalize SHA3 operations and produce digest */
-        ret = wc_Psoc6_Sha3_Final(shake, 0x1f, hash, WC_SHA3_128_COUNT, hashLen);
-        if (ret == 0) {
-            /* Initialize hash state for SHA-3 operation */
-            ret = wc_Psoc6_Sha3_Init(shake);
-        }
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-
-}
-
-int wc_Shake128_Absorb(wc_Shake* shake, const byte* data, word32 len)
-{
-    int ret;
-
-    if ((shake == NULL) || (data == NULL && len != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Perform SHA3 on the input data and update the hash state */
-        ret = wc_Psoc6_Sha3_Update(shake, data, len, WC_SHA3_128_COUNT);
-        if (ret == 0) {
-            /* Finalize SHA3 operations and produce digest */
-            ret = wc_Psoc6_Sha3_Final(shake, 0x1f, NULL, WC_SHA3_128_COUNT, 0);
-        }
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-
-int wc_Shake128_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
-{
-    int ret;
-    if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Squeeze output blocks from current hash state */
-        ret = wc_Psoc6_Shake_SqueezeBlocks(shake, out, blockCnt);
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-#else
-/* Update the SHAKE128 hash state with message data.
- *
- * shake  wc_Shake object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * returns 0 on success.
- */
-int wc_Shake128_Update(wc_Shake* shake, const byte* data, word32 len)
-{
-    if (shake == NULL || (data == NULL && len > 0)) {
-         return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-    return Sha3Update(shake, data, len, WC_SHA3_128_COUNT);
-}
-
-/* Calculate the SHAKE128 hash based on all the message data seen.
- * The state is initialized ready for a new message to hash.
- *
- * shake  wc_Shake object holding state.
- * hash  Buffer to hold the hash result. Must be at least 64 bytes.
- * returns 0 on success.
- */
-int wc_Shake128_Final(wc_Shake* shake, byte* hash, word32 hashLen)
-{
-    int ret;
-
-    if (shake == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = Sha3Final(shake, 0x1f, hash, WC_SHA3_128_COUNT, hashLen);
-    if (ret != 0)
-        return ret;
-
-    return InitSha3(shake);  /* reset state */
-}
-
-/* Absorb the data for squeezing.
- *
- * Update and final with data but no output and no reset
- *
- * shake  wc_Shake object holding state.
- * data  Data to absorb.
- * len  Length of d to absorb in bytes.
- * returns 0 on success.
- */
-int wc_Shake128_Absorb(wc_Shake* shake, const byte* data, word32 len)
-{
-    int ret;
-
-    if ((shake == NULL) || (data == NULL && len != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = Sha3Update(shake, data, len, WC_SHA3_128_COUNT);
-    if (ret == 0) {
-        byte hash[1];
-        ret = Sha3Final(shake, 0x1f, hash, WC_SHA3_128_COUNT, 0);
-    }
-    /* No partial data. */
-    shake->i = 0;
-
-    return ret;
-}
-
-#ifdef WC_C_DYNAMIC_FALLBACK
-    #undef SHA3_BLOCK
-    #undef SHA3_BLOCK_N
-    #define SHA3_BLOCK (shake->sha3_block)
-    #define SHA3_BLOCK_N (shake->sha3_block_n)
-#endif
-
-/* Squeeze the state to produce pseudo-random output.
- *
- * shake  wc_Shake object holding state.
- * out  Output buffer.
- * blockCnt  Number of blocks to write.
- * returns 0 on success.
- */
-int wc_Shake128_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
-{
-    if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
-        return BAD_FUNC_ARG;
-    }
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2)
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#endif
-    for (; (blockCnt > 0); blockCnt--) {
-    #ifdef SHA3_FUNC_PTR
-        (*SHA3_BLOCK)(shake->s);
-    #else
-        BlockSha3(shake->s);
-    #endif
-    #if defined(BIG_ENDIAN_ORDER)
-        ByteReverseWords64((word64*)out, shake->s, WC_SHA3_128_COUNT * 8);
-    #else
-        XMEMCPY(out, shake->s, WC_SHA3_128_COUNT * 8);
-    #endif
-        out += WC_SHA3_128_COUNT * 8;
-    }
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2)
-        RESTORE_VECTOR_REGISTERS();
-#endif
-
-    return 0;
-}
-#endif
-
-
-/* Dispose of any dynamically allocated data from the SHAKE128 operation.
- * (Required for async ops.)
- *
- * shake  wc_Shake object holding state.
- * returns 0 on success.
- */
-void wc_Shake128_Free(wc_Shake* shake)
-{
-    wc_Sha3Free(shake);
-}
-
-/* Copy the state of the SHA3-512 operation.
- *
- * src  wc_Shake object holding state top copy.
- * dst  wc_Shake object to copy into.
- * returns 0 on success.
- */
-int wc_Shake128_Copy(wc_Shake* src, wc_Shake* dst)
-{
-    return wc_Sha3Copy(src, dst);
-}
-#endif
-
-#ifdef WOLFSSL_SHAKE256
-/* Initialize the state for a Shake256 hash operation.
- *
- * shake  wc_Shake object holding state.
- * heap   Heap reference for dynamic memory allocation. (Used in async ops.)
- * devId  Device identifier for asynchronous operation.
- * returns 0 on success.
- */
-int wc_InitShake256(wc_Shake* shake, void* heap, int devId)
-{
-    return wc_InitSha3(shake, heap, devId);
-}
-
-
-#ifdef PSOC6_HASH_SHA3
-
-int wc_Shake256_Update(wc_Shake* shake, const byte* data, word32 len)
-{
-    int ret;
-    if (shake == NULL || (data == NULL && len > 0)) {
-         return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Perform SHA3 on the input data and update the hash state */
-        ret = wc_Psoc6_Sha3_Update(shake, data, len, WC_SHA3_256_COUNT);
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-int wc_Shake256_Final(wc_Shake* shake, byte* hash, word32 hashLen)
-{
-    int ret;
-    if (shake == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Finalize SHA3 operations and produce digest */
-        ret = wc_Psoc6_Sha3_Final(shake, 0x1f, hash, WC_SHA3_256_COUNT, hashLen);
-        if (ret == 0) {
-            /* Initialize hash state for SHA-3 operation */
-            ret = wc_Psoc6_Sha3_Init(shake);
-        }
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-int wc_Shake256_Absorb(wc_Shake* shake, const byte* data, word32 len)
-{
-    int ret;
-
-    if ((shake == NULL) || (data == NULL && len != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Perform SHA3 on the input data and update the hash state */
-        ret = wc_Psoc6_Sha3_Update(shake, data, len, WC_SHA3_256_COUNT);
-        if (ret == 0) {
-            /* Finalize SHA3 operations and produce digest */
-            ret = wc_Psoc6_Sha3_Final(shake, 0x1f, NULL, WC_SHA3_256_COUNT, 0);
-        }
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
-{
-    int ret;
-    if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Lock the mutex to perform crypto operations */
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        /* Squeeze output blocks from current hash state */
-        ret = wc_Psoc6_Shake_SqueezeBlocks(shake, out, blockCnt);
-        /* Release the lock */
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    return ret;
-}
-
-#else
-/* Update the SHAKE256 hash state with message data.
- *
- * shake  wc_Shake object holding state.
- * data  Message data to be hashed.
- * len   Length of the message data.
- * returns 0 on success.
- */
-int wc_Shake256_Update(wc_Shake* shake, const byte* data, word32 len)
-{
-    if (shake == NULL || (data == NULL && len > 0)) {
-         return BAD_FUNC_ARG;
-    }
-
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-
-    return Sha3Update(shake, data, len, WC_SHA3_256_COUNT);
-}
-
-/* Calculate the SHAKE256 hash based on all the message data seen.
- * The state is initialized ready for a new message to hash.
- *
- * shake  wc_Shake object holding state.
- * hash  Buffer to hold the hash result. Must be at least 64 bytes.
- * hashLen Size of hash in bytes.
- * returns 0 on success.
- */
-int wc_Shake256_Final(wc_Shake* shake, byte* hash, word32 hashLen)
-{
-    int ret;
-
-    if (shake == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = Sha3Final(shake, 0x1f, hash, WC_SHA3_256_COUNT, hashLen);
-    if (ret != 0)
-        return ret;
-
-    return InitSha3(shake);  /* reset state */
-}
-
-/* Absorb the data for squeezing.
- *
- * Update and final with data but no output and no reset
- *
- * shake  wc_Shake object holding state.
- * data  Data to absorb.
- * len  Length of d to absorb in bytes.
- * returns 0 on success.
- */
-int wc_Shake256_Absorb(wc_Shake* shake, const byte* data, word32 len)
-{
-    int ret;
-
-    if ((shake == NULL) || (data == NULL && len != 0)) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = Sha3Update(shake, data, len, WC_SHA3_256_COUNT);
-    if (ret == 0) {
-        byte hash[1];
-        ret = Sha3Final(shake, 0x1f, hash, WC_SHA3_256_COUNT, 0);
-    }
-    /* No partial data. */
-    shake->i = 0;
-
-    return ret;
-}
-
-/* Squeeze the state to produce pseudo-random output.
- *
- * shake  wc_Shake object holding state.
- * out  Output buffer.
- * blockCnt  Number of blocks to write.
- * returns 0 on success.
- */
-int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt)
-{
-    if ((shake == NULL) || (out == NULL && blockCnt != 0)) {
-        return BAD_FUNC_ARG;
-    }
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2)
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#endif
-    for (; (blockCnt > 0); blockCnt--) {
-    #ifdef SHA3_FUNC_PTR
-        (*SHA3_BLOCK)(shake->s);
-    #else
-        BlockSha3(shake->s);
-    #endif
-    #if defined(BIG_ENDIAN_ORDER)
-        ByteReverseWords64((word64*)out, shake->s, WC_SHA3_256_COUNT * 8);
-    #else
-        XMEMCPY(out, shake->s, WC_SHA3_256_COUNT * 8);
-    #endif
-        out += WC_SHA3_256_COUNT * 8;
-    }
-#if defined(WOLFSSL_USE_SAVE_VECTOR_REGISTERS) && defined(USE_INTEL_SPEEDUP)
-    if (SHA3_BLOCK == sha3_block_avx2)
-        RESTORE_VECTOR_REGISTERS();
-#endif
-
-    return 0;
-}
-#endif
-
-/* Dispose of any dynamically allocated data from the SHAKE256 operation.
- * (Required for async ops.)
- *
- * shake  wc_Shake object holding state.
- * returns 0 on success.
- */
-void wc_Shake256_Free(wc_Shake* shake)
-{
-    wc_Sha3Free(shake);
-}
-
-/* Copy the state of the SHA3-512 operation.
- *
- * src  wc_Shake object holding state top copy.
- * dst  wc_Shake object to copy into.
- * returns 0 on success.
- */
-int wc_Shake256_Copy(wc_Shake* src, wc_Shake* dst)
-{
-    return wc_Sha3Copy(src, dst);
-}
-#endif
-
-#endif /* WOLFSSL_SHA3 */
diff --git a/src/ssl/wolfssl/wolfcrypt/sha512.c b/src/ssl/wolfssl/wolfcrypt/sha512.c
deleted file mode 100644
index dded60eb6..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sha512.c
+++ /dev/null
@@ -1,2757 +0,0 @@
-/* sha512.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
-    !defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_RISCV_ASM)
-
-/* determine if we are using Espressif SHA hardware acceleration */
-#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-    #include "sdkconfig.h"
-    /* Define a single keyword for simplicity & readability.
-     *
-     * By default the HW acceleration is on for ESP32 Chipsets,
-     * but individual components can be turned off. See user_settings.h
-     */
-    #define TAG "wc_sha_512"
-    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-#else
-    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
-#endif
-
-#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
-    /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
-    #define FIPS_NO_WRAPPERS
-
-    #ifdef USE_WINDOWS_API
-        #pragma code_seg(".fipsA$m")
-        #pragma const_seg(".fipsB$m")
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/sha512.h>
-#include <wolfssl/wolfcrypt/cpuid.h>
-#include <wolfssl/wolfcrypt/hash.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-#endif
-
-#ifdef WOLFSSL_IMXRT1170_CAAM
-    #include <wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h>
-#endif
-
-/* deprecated USE_SLOW_SHA2 (replaced with USE_SLOW_SHA512) */
-#if defined(USE_SLOW_SHA2) && !defined(USE_SLOW_SHA512)
-    #define USE_SLOW_SHA512
-#endif
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if FIPS_VERSION3_GE(6,0,0)
-    const unsigned int wolfCrypt_FIPS_sha512_ro_sanity[2] =
-                                                     { 0x1a2b3c4d, 0x00000015 };
-    int wolfCrypt_FIPS_SHA512_sanity(void)
-    {
-        return 0;
-    }
-#endif
-
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-    #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
-#endif
-
-#if defined(MAX3266X_SHA)
-    /* Already brought in by sha512.h */
-    /* #include <wolfssl/wolfcrypt/port/maxim/max3266x.h> */
-#endif
-
-#if defined(WOLFSSL_PSOC6_CRYPTO)
-    #include <wolfssl/wolfcrypt/port/cypress/psoc6_crypto.h>
-#endif
-
-#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP)
-    #if defined(__GNUC__) && ((__GNUC__ < 4) || \
-                              (__GNUC__ == 4 && __GNUC_MINOR__ <= 8))
-        #undef  NO_AVX2_SUPPORT
-        #define NO_AVX2_SUPPORT
-    #endif
-    #if defined(__clang__) && ((__clang_major__ < 3) || \
-                               (__clang_major__ == 3 && __clang_minor__ <= 5))
-        #define NO_AVX2_SUPPORT
-    #elif defined(__clang__) && defined(NO_AVX2_SUPPORT)
-        #undef NO_AVX2_SUPPORT
-    #endif
-
-    #define HAVE_INTEL_AVX1
-    #ifndef NO_AVX2_SUPPORT
-        #define HAVE_INTEL_AVX2
-    #endif
-#endif
-
-#if defined(HAVE_INTEL_AVX1)
-    /* #define DEBUG_XMM  */
-#endif
-
-#if defined(HAVE_INTEL_AVX2)
-    #define HAVE_INTEL_RORX
-    /* #define DEBUG_YMM  */
-#endif
-
-#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
-    !defined(WOLFSSL_QNX_CAAM)
-    /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
-
-#elif defined(WOLFSSL_SILABS_SHA512)
-    /* functions defined in wolfcrypt/src/port/silabs/silabs_hash.c */
-
-#elif defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-    int wc_InitSha512(wc_Sha512* sha512)
-    {
-        if (sha512 == NULL)
-            return BAD_FUNC_ARG;
-        return se050_hash_init(&sha512->se050Ctx, NULL);
-    }
-    int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
-    {
-        if (sha512 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        (void)devId;
-        return se050_hash_init(&sha512->se050Ctx, heap);
-    }
-    int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
-    {
-        if (sha512 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-        if (data == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        return se050_hash_update(&sha512->se050Ctx, data, len);
-    }
-    int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
-    {
-        int ret = 0;
-        int devId = INVALID_DEVID;
-        if (sha512 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-    #ifdef WOLF_CRYPTO_CB
-        devId = sha512->devId;
-    #endif
-        ret = se050_hash_final(&sha512->se050Ctx, hash, WC_SHA512_DIGEST_SIZE,
-                               kAlgorithm_SSS_SHA512);
-        return ret;
-    }
-    int wc_Sha512FinalRaw(wc_Sha512* sha512, byte* hash)
-    {
-        int ret = 0;
-        int devId = INVALID_DEVID;
-        if (sha512 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-    #ifdef WOLF_CRYPTO_CB
-        devId = sha512->devId;
-    #endif
-        ret = se050_hash_final(&sha512->se050Ctx, hash, WC_SHA512_DIGEST_SIZE,
-                               kAlgorithm_SSS_SHA512);
-        return ret;
-    }
-    void wc_Sha512Free(wc_Sha512* sha512)
-    {
-        se050_hash_free(&sha512->se050Ctx);
-    }
-#elif defined(STM32_HASH_SHA512)
-
-    /* Supports CubeMX HAL or Standard Peripheral Library */
-
-    int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
-    {
-        if (sha512 == NULL)
-            return BAD_FUNC_ARG;
-
-        (void)devId;
-        (void)heap;
-
-        XMEMSET(sha512, 0, sizeof(wc_Sha512));
-        wc_Stm32_Hash_Init(&sha512->stmCtx);
-        return 0;
-    }
-
-    int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
-    {
-        int ret = 0;
-
-        if (sha512 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-        if (data == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Update(&sha512->stmCtx,
-                HASH_ALGOSELECTION_SHA512, data, len, WC_SHA512_BLOCK_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
-    {
-        int ret = 0;
-
-        if (sha512 == NULL || hash == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Final(&sha512->stmCtx,
-                HASH_ALGOSELECTION_SHA512, hash, WC_SHA512_DIGEST_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-
-        (void)wc_InitSha512(sha512); /* reset state */
-
-        return ret;
-    }
-#elif defined(PSOC6_HASH_SHA2)
-    /* Functions defined in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-
-#else
-
-#ifdef WOLFSSL_SHA512
-
-#if (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-     (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))) || \
-    defined(WOLFSSL_ARMASM)
-#ifdef WC_C_DYNAMIC_FALLBACK
-    #define SHA512_SETTRANSFORM_ARGS int *sha_method
-#else
-    #define SHA512_SETTRANSFORM_ARGS void
-#endif
-static void Sha512_SetTransform(SHA512_SETTRANSFORM_ARGS);
-#endif
-
-static int InitSha512(wc_Sha512* sha512)
-{
-    if (sha512 == NULL)
-        return BAD_FUNC_ARG;
-
-    sha512->digest[0] = W64LIT(0x6a09e667f3bcc908);
-    sha512->digest[1] = W64LIT(0xbb67ae8584caa73b);
-    sha512->digest[2] = W64LIT(0x3c6ef372fe94f82b);
-    sha512->digest[3] = W64LIT(0xa54ff53a5f1d36f1);
-    sha512->digest[4] = W64LIT(0x510e527fade682d1);
-    sha512->digest[5] = W64LIT(0x9b05688c2b3e6c1f);
-    sha512->digest[6] = W64LIT(0x1f83d9abfb41bd6b);
-    sha512->digest[7] = W64LIT(0x5be0cd19137e2179);
-
-    sha512->buffLen = 0;
-    sha512->loLen   = 0;
-    sha512->hiLen   = 0;
-
-#if (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-     (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))) || \
-    defined(WOLFSSL_ARMASM)
-#ifdef WC_C_DYNAMIC_FALLBACK
-    sha512->sha_method = 0;
-    Sha512_SetTransform(&sha512->sha_method);
-#else
-    Sha512_SetTransform();
-#endif
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-
-    /* HW needs to be carefully initialized, taking into account soft copy.
-    ** If already in use; copy may revert to SW as needed. */
-    esp_sha_init(&(sha512->ctx), WC_HASH_TYPE_SHA512);
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-    sha512->flags = 0;
-#endif
-#if defined(WOLFSSL_SHA512_HASHTYPE)
-    sha512->hashType = WC_HASH_TYPE_SHA512;
-#endif /* WOLFSSL_SHA512_HASHTYPE */
-    return 0;
-}
-
-#if !defined(WOLFSSL_NOSHA512_224) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-
-/**
- * Initialize given wc_Sha512 structure with value specific to sha512/224.
- * Note that sha512/224 has different initial hash value from sha512.
- * The initial hash value consists of eight 64bit words. They are given
- * in FIPS180-4.
- */
-static int InitSha512_224(wc_Sha512* sha512)
-{
-    if (sha512 == NULL)
-        return BAD_FUNC_ARG;
-
-    sha512->digest[0] = W64LIT(0x8c3d37c819544da2);
-    sha512->digest[1] = W64LIT(0x73e1996689dcd4d6);
-    sha512->digest[2] = W64LIT(0x1dfab7ae32ff9c82);
-    sha512->digest[3] = W64LIT(0x679dd514582f9fcf);
-    sha512->digest[4] = W64LIT(0x0f6d2b697bd44da8);
-    sha512->digest[5] = W64LIT(0x77e36f7304c48942);
-    sha512->digest[6] = W64LIT(0x3f9d85a86a1d36c8);
-    sha512->digest[7] = W64LIT(0x1112e6ad91d692a1);
-
-    sha512->buffLen = 0;
-    sha512->loLen   = 0;
-    sha512->hiLen   = 0;
-
-#if (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-     (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))) || \
-    defined(WOLFSSL_ARMASM)
-#ifdef WC_C_DYNAMIC_FALLBACK
-    sha512->sha_method = 0;
-    Sha512_SetTransform(&sha512->sha_method);
-#else
-    Sha512_SetTransform();
-#endif
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    /* HW needs to be carefully initialized, taking into account soft copy.
-    ** If already in use; copy may revert to SW as needed.
-    **
-    ** Note for original ESP32, there's no HW for SHA512/224
-    */
-    esp_sha_init(&(sha512->ctx), WC_HASH_TYPE_SHA512_224);
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-    sha512->flags = 0;
-#endif
-#if defined(WOLFSSL_SHA512_HASHTYPE)
-    sha512->hashType = WC_HASH_TYPE_SHA512_224;
-#endif /* WOLFSSL_SHA512_HASHTYPE */
-    return 0;
-}
-#endif /* !WOLFSSL_NOSHA512_224 && !FIPS ... */
-
-#if !defined(WOLFSSL_NOSHA512_256) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-/**
- * Initialize given wc_Sha512 structure with value specific to sha512/256.
- * Note that sha512/256 has different initial hash value from sha512.
- * The initial hash value consists of eight 64bit words. They are given
- * in FIPS180-4.
- */
-static int InitSha512_256(wc_Sha512* sha512)
-{
-    if (sha512 == NULL)
-        return BAD_FUNC_ARG;
-
-    sha512->digest[0] = W64LIT(0x22312194fc2bf72c);
-    sha512->digest[1] = W64LIT(0x9f555fa3c84c64c2);
-    sha512->digest[2] = W64LIT(0x2393b86b6f53b151);
-    sha512->digest[3] = W64LIT(0x963877195940eabd);
-    sha512->digest[4] = W64LIT(0x96283ee2a88effe3);
-    sha512->digest[5] = W64LIT(0xbe5e1e2553863992);
-    sha512->digest[6] = W64LIT(0x2b0199fc2c85b8aa);
-    sha512->digest[7] = W64LIT(0x0eb72ddc81c52ca2);
-
-    sha512->buffLen = 0;
-    sha512->loLen   = 0;
-    sha512->hiLen   = 0;
-
-#if (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-     (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))) || \
-    defined(WOLFSSL_ARMASM)
-#ifdef WC_C_DYNAMIC_FALLBACK
-    sha512->sha_method = 0;
-    Sha512_SetTransform(&sha512->sha_method);
-#else
-    Sha512_SetTransform();
-#endif
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    /* HW needs to be carefully initialized, taking into account soft copy.
-    ** If already in use; copy may revert to SW as needed.
-    **
-    ** Note for original ESP32, there's no HW for SHA512/2256.
-    */
-    esp_sha_init(&(sha512->ctx), WC_HASH_TYPE_SHA512_256);
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-    sha512->flags = 0;
-#endif
-#if defined(WOLFSSL_SHA512_HASHTYPE)
-    sha512->hashType = WC_HASH_TYPE_SHA512_256;
-#endif /* WOLFSSL_SHA512_HASHTYPE */
-    return 0;
-}
-#endif /* !WOLFSSL_NOSHA512_256 && !FIPS... */
-
-#endif /* WOLFSSL_SHA512 */
-
-/* Hardware Acceleration */
-#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-    (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-
-    /*****
-    Intel AVX1/AVX2 Macro Control Structure
-
-    #if defined(HAVE_INTEL_SPEEDUP)
-        #define HAVE_INTEL_AVX1
-        #define HAVE_INTEL_AVX2
-    #endif
-
-    int InitSha512(wc_Sha512* sha512) {
-         Save/Recover XMM, YMM
-         ...
-
-         Check Intel AVX cpuid flags
-    }
-
-    #if defined(HAVE_INTEL_AVX1)|| defined(HAVE_INTEL_AVX2)
-      Transform_Sha512_AVX1(); # Function prototype
-      Transform_Sha512_AVX2(); #
-    #endif
-
-      _Transform_Sha512() {     # Native Transform Function body
-
-      }
-
-      int Sha512Update() {
-         Save/Recover XMM, YMM
-         ...
-      }
-
-      int Sha512Final() {
-         Save/Recover XMM, YMM
-         ...
-      }
-
-
-    #if defined(HAVE_INTEL_AVX1)
-
-       XMM Instructions/INLINE asm Definitions
-
-    #endif
-
-    #if defined(HAVE_INTEL_AVX2)
-
-       YMM Instructions/INLINE asm Definitions
-
-    #endif
-
-    #if defined(HAVE_INTEL_AVX1)
-
-      int Transform_Sha512_AVX1() {
-          Stitched Message Sched/Round
-      }
-
-    #endif
-
-    #if defined(HAVE_INTEL_AVX2)
-
-      int Transform_Sha512_AVX2() {
-          Stitched Message Sched/Round
-      }
-    #endif
-
-    */
-
-
-    /* Each platform needs to query info type 1 from cpuid to see if aesni is
-     * supported. Also, let's setup a macro for proper linkage w/o ABI conflicts
-     */
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-    #if defined(HAVE_INTEL_AVX1)
-        extern int Transform_Sha512_AVX1(wc_Sha512 *sha512);
-        extern int Transform_Sha512_AVX1_Len(wc_Sha512 *sha512, word32 len);
-    #endif
-    #if defined(HAVE_INTEL_AVX2)
-        extern int Transform_Sha512_AVX2(wc_Sha512 *sha512);
-        extern int Transform_Sha512_AVX2_Len(wc_Sha512 *sha512, word32 len);
-        #if defined(HAVE_INTEL_RORX)
-            extern int Transform_Sha512_AVX1_RORX(wc_Sha512 *sha512);
-            extern int Transform_Sha512_AVX1_RORX_Len(wc_Sha512 *sha512,
-                                                      word32 len);
-            extern int Transform_Sha512_AVX2_RORX(wc_Sha512 *sha512);
-            extern int Transform_Sha512_AVX2_RORX_Len(wc_Sha512 *sha512,
-                                                      word32 len);
-        #endif
-    #endif
-
-#ifdef __cplusplus
-    }  /* extern "C" */
-#endif
-
-    static cpuid_flags_t intel_flags = WC_CPUID_INITIALIZER;
-
-#if defined(WC_C_DYNAMIC_FALLBACK) && !defined(WC_NO_INTERNAL_FUNCTION_POINTERS)
-    #define WC_NO_INTERNAL_FUNCTION_POINTERS
-#endif
-
-    static int _Transform_Sha512(wc_Sha512 *sha512);
-
-#ifdef WC_NO_INTERNAL_FUNCTION_POINTERS
-
-    enum sha_methods { SHA512_UNSET = 0, SHA512_AVX1, SHA512_AVX2,
-                       SHA512_AVX1_RORX, SHA512_AVX2_RORX, SHA512_C };
-
-#ifndef WC_C_DYNAMIC_FALLBACK
-    /* note that all write access to this static variable must be idempotent,
-     * as arranged by Sha512_SetTransform(), else it will be susceptible to
-     * data races.
-     */
-    static enum sha_methods sha_method = SHA512_UNSET;
-#endif
-
-    static void Sha512_SetTransform(SHA512_SETTRANSFORM_ARGS)
-    {
-    #ifdef WC_C_DYNAMIC_FALLBACK
-        #define SHA_METHOD (*sha_method)
-    #else
-        #define SHA_METHOD sha_method
-    #endif
-        if (SHA_METHOD != SHA512_UNSET)
-            return;
-
-    #ifdef WC_C_DYNAMIC_FALLBACK
-        if (! CAN_SAVE_VECTOR_REGISTERS()) {
-            SHA_METHOD = SHA512_C;
-            return;
-        }
-    #endif
-
-        cpuid_get_flags_ex(&intel_flags);
-
-    #if defined(HAVE_INTEL_AVX2)
-        if (IS_INTEL_AVX2(intel_flags)) {
-        #ifdef HAVE_INTEL_RORX
-            if (IS_INTEL_BMI2(intel_flags)) {
-                SHA_METHOD = SHA512_AVX2_RORX;
-            }
-            else
-        #endif
-            {
-                SHA_METHOD = SHA512_AVX2;
-            }
-        }
-        else
-    #endif
-    #if defined(HAVE_INTEL_AVX1)
-        if (IS_INTEL_AVX1(intel_flags)) {
-        #ifdef HAVE_INTEL_RORX
-            if (IS_INTEL_BMI2(intel_flags)) {
-                SHA_METHOD = SHA512_AVX1_RORX;
-            }
-            else
-        #endif
-            {
-                SHA_METHOD = SHA512_AVX1;
-            }
-        }
-        else
-    #endif
-        {
-            SHA_METHOD = SHA512_C;
-        }
-    #undef SHA_METHOD
-    }
-
-    static WC_INLINE int Transform_Sha512(wc_Sha512 *sha512) {
-    #ifdef WC_C_DYNAMIC_FALLBACK
-        #define SHA_METHOD (sha512->sha_method)
-    #else
-        #define SHA_METHOD sha_method
-    #endif
-        int ret;
-        if (SHA_METHOD == SHA512_C)
-            return _Transform_Sha512(sha512);
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        switch (SHA_METHOD) {
-        case SHA512_AVX2:
-            ret = Transform_Sha512_AVX2(sha512);
-            break;
-        case SHA512_AVX2_RORX:
-            ret = Transform_Sha512_AVX2_RORX(sha512);
-            break;
-        case SHA512_AVX1:
-            ret = Transform_Sha512_AVX1(sha512);
-            break;
-        case SHA512_AVX1_RORX:
-            ret = Transform_Sha512_AVX1_RORX(sha512);
-            break;
-        case SHA512_C:
-        case SHA512_UNSET:
-        default:
-            ret = _Transform_Sha512(sha512);
-            break;
-        }
-        RESTORE_VECTOR_REGISTERS();
-        return ret;
-    #undef SHA_METHOD
-    }
-
-    static WC_INLINE int Transform_Sha512_Len(wc_Sha512 *sha512, word32 len) {
-    #ifdef WC_C_DYNAMIC_FALLBACK
-        #define SHA_METHOD (sha512->sha_method)
-    #else
-        #define SHA_METHOD sha_method
-    #endif
-        int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        switch (SHA_METHOD) {
-        case SHA512_AVX2:
-            ret = Transform_Sha512_AVX2_Len(sha512, len);
-            break;
-        case SHA512_AVX2_RORX:
-            ret = Transform_Sha512_AVX2_RORX_Len(sha512, len);
-            break;
-        case SHA512_AVX1:
-            ret = Transform_Sha512_AVX1_Len(sha512, len);
-            break;
-        case SHA512_AVX1_RORX:
-            ret = Transform_Sha512_AVX1_RORX_Len(sha512, len);
-            break;
-        case SHA512_C:
-        case SHA512_UNSET:
-        default:
-            ret = 0;
-            break;
-        }
-        RESTORE_VECTOR_REGISTERS();
-        return ret;
-    #undef SHA_METHOD
-    }
-
-#else /* !WC_NO_INTERNAL_FUNCTION_POINTERS */
-
-    static int (*Transform_Sha512_p)(wc_Sha512* sha512) = _Transform_Sha512;
-    static int (*Transform_Sha512_Len_p)(wc_Sha512* sha512, word32 len) = NULL;
-    static int transform_check = 0;
-    static int Transform_Sha512_is_vectorized = 0;
-
-    static WC_INLINE int Transform_Sha512(wc_Sha512 *sha512) {
-        int ret;
-    #ifdef WOLFSSL_USE_SAVE_VECTOR_REGISTERS
-        if (Transform_Sha512_is_vectorized)
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    #endif
-        ret = (*Transform_Sha512_p)(sha512);
-    #ifdef WOLFSSL_USE_SAVE_VECTOR_REGISTERS
-        if (Transform_Sha512_is_vectorized)
-            RESTORE_VECTOR_REGISTERS();
-    #endif
-        return ret;
-    }
-    static WC_INLINE int Transform_Sha512_Len(wc_Sha512 *sha512, word32 len) {
-        int ret;
-    #ifdef WOLFSSL_USE_SAVE_VECTOR_REGISTERS
-        if (Transform_Sha512_is_vectorized)
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    #endif
-        ret = (*Transform_Sha512_Len_p)(sha512, len);
-    #ifdef WOLFSSL_USE_SAVE_VECTOR_REGISTERS
-        if (Transform_Sha512_is_vectorized)
-            RESTORE_VECTOR_REGISTERS();
-    #endif
-        return ret;
-    }
-
-    static void Sha512_SetTransform(void)
-    {
-        if (transform_check)
-            return;
-
-        cpuid_get_flags_ex(&intel_flags);
-
-    #if defined(HAVE_INTEL_AVX2)
-        if (IS_INTEL_AVX2(intel_flags)) {
-        #ifdef HAVE_INTEL_RORX
-            if (IS_INTEL_BMI2(intel_flags)) {
-                Transform_Sha512_p = Transform_Sha512_AVX2_RORX;
-                Transform_Sha512_Len_p = Transform_Sha512_AVX2_RORX_Len;
-                Transform_Sha512_is_vectorized = 1;
-            }
-            else
-        #endif
-            {
-                Transform_Sha512_p = Transform_Sha512_AVX2;
-                Transform_Sha512_Len_p = Transform_Sha512_AVX2_Len;
-                Transform_Sha512_is_vectorized = 1;
-            }
-        }
-        else
-    #endif
-    #if defined(HAVE_INTEL_AVX1)
-        if (IS_INTEL_AVX1(intel_flags)) {
-        #ifdef HAVE_INTEL_RORX
-            if (IS_INTEL_BMI2(intel_flags)) {
-                Transform_Sha512_p = Transform_Sha512_AVX1_RORX;
-                Transform_Sha512_Len_p = Transform_Sha512_AVX1_RORX_Len;
-                Transform_Sha512_is_vectorized = 1;
-            }
-            else
-        #endif
-            {
-                Transform_Sha512_p = Transform_Sha512_AVX1;
-                Transform_Sha512_Len_p = Transform_Sha512_AVX1_Len;
-                Transform_Sha512_is_vectorized = 1;
-            }
-        }
-        else
-    #endif
-        {
-            Transform_Sha512_p = _Transform_Sha512;
-            Transform_Sha512_Len_p = NULL;
-            Transform_Sha512_is_vectorized = 0;
-        }
-
-        transform_check = 1;
-    }
-
-#endif /* !WC_NO_INTERNAL_FUNCTION_POINTERS */
-
-#elif defined(WOLFSSL_ARMASM)
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM_NO_NEON)
-#error "No SHA-512 implementation."
-#endif
-
-static int transform_check = 0;
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM_CRYPTO_SHA512)
-static word32 cpuid_flags = 0;
-static int cpuid_flags_set = 0;
-#endif
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM_CRYPTO_SHA512)
-static void Transform_Sha512_crypto(wc_Sha512* sha512, const byte* data)
-{
-    Transform_Sha512_Len_crypto(sha512, data, WC_SHA512_BLOCK_SIZE);
-}
-#endif
-#if !defined(WOLFSSL_ARMASM_THUMB2) && !defined(WOLFSSL_ARMASM_NO_NEON)
-static void Transform_Sha512_neon(wc_Sha512* sha512, const byte* data)
-{
-    Transform_Sha512_Len_neon(sha512, data, WC_SHA512_BLOCK_SIZE);
-}
-#endif
-#if defined(WOLFSSL_ARMASM_THUMB2) || defined(WOLFSSL_ARMASM_NO_NEON)
-static void Transform_Sha512_base(wc_Sha512* sha512, const byte* data)
-{
-    Transform_Sha512_Len_base(sha512, data, WC_SHA512_BLOCK_SIZE);
-}
-#endif
-
-static void (*Transform_Sha512_p)(wc_Sha512* sha512, const byte* data) = NULL;
-static void (*Transform_Sha512_Len_p)(wc_Sha512* sha512, const byte* data,
-    word32 len) = NULL;
-
-static WC_INLINE int Transform_Sha512(wc_Sha512 *sha512, const byte* data)
-{
-    (*Transform_Sha512_p)(sha512, data);
-    return 0;
-}
-static WC_INLINE int Transform_Sha512_Len(wc_Sha512 *sha512, const byte* data,
-    word32 len)
-{
-    (*Transform_Sha512_Len_p)(sha512, data, len);
-    return 0;
-}
-
-static void Sha512_SetTransform(void)
-{
-    if (transform_check)
-        return;
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM_CRYPTO_SHA512)
-    if (!cpuid_flags_set) {
-        cpuid_flags = cpuid_get_flags();
-        cpuid_flags_set = 1;
-    }
-#endif
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM_CRYPTO_SHA512)
-    if (IS_AARCH64_SHA512(cpuid_flags)) {
-        Transform_Sha512_p = Transform_Sha512_crypto;
-        Transform_Sha512_Len_p = Transform_Sha512_Len_crypto;
-    }
-    else
-#endif
-#if !defined(WOLFSSL_ARMASM_THUMB2) && !defined(WOLFSSL_ARMASM_NO_NEON)
-    {
-        Transform_Sha512_p = Transform_Sha512_neon;
-        Transform_Sha512_Len_p = Transform_Sha512_Len_neon;
-    }
-#else
-    {
-        Transform_Sha512_p = Transform_Sha512_base;
-        Transform_Sha512_Len_p = Transform_Sha512_Len_base;
-    }
-#endif
-
-    transform_check = 1;
-}
-
-#else
-    #define Transform_Sha512(sha512) _Transform_Sha512(sha512)
-
-#endif
-
-#ifdef WOLFSSL_SHA512
-
-static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId,
-                             int (*initfp)(wc_Sha512*))
-{
-    int ret = 0;
-
-    if (sha512 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-
-    sha512->heap = heap;
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    sha512->W = NULL;
-#endif
-#ifdef WOLF_CRYPTO_CB
-    sha512->devId = devId;
-    sha512->devCtx = NULL;
-#endif
-
-    /* call the initialization function pointed to by initfp */
-    ret = initfp(sha512);
-    if (ret != 0)
-        return ret;
-
-#ifdef WOLFSSL_HASH_KEEP
-    sha512->msg  = NULL;
-    sha512->len  = 0;
-    sha512->used = 0;
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
-    ret = wolfAsync_DevCtxInit(&sha512->asyncDev,
-                        WOLFSSL_ASYNC_MARKER_SHA512, sha512->heap, devId);
-#else
-    (void)devId;
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#ifdef WOLFSSL_IMXRT1170_CAAM
-     ret = wc_CAAM_HashInit(&sha512->hndl, &sha512->ctx, WC_HASH_TYPE_SHA512);
-#endif
-    return ret;
-} /* InitSha512_Family */
-
-int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
-{
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    if (sha512->ctx.mode != ESP32_SHA_INIT) {
-        ESP_LOGV(TAG, "Set ctx mode from prior value: "
-                      "%d", sha512->ctx.mode);
-    }
-    /* We know this is a fresh, uninitialized item, so set to INIT */
-    sha512->ctx.mode = ESP32_SHA_INIT;
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    if (wc_MXC_TPU_SHA_Init(&(sha512->mxcCtx)) != 0){
-        return BAD_FUNC_ARG;
-    }
-#endif
-
-    return InitSha512_Family(sha512, heap, devId, InitSha512);
-}
-
-#if !defined(WOLFSSL_NOSHA512_224) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
-{
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    /* No SHA512/224 HW support is available, set to SW. */
-    sha512->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
-#endif
-    return InitSha512_Family(sha512, heap, devId, InitSha512_224);
-}
-#endif /* !WOLFSSL_NOSHA512_224 ... */
-
-#if !defined(WOLFSSL_NOSHA512_256) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
-{
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    /* No SHA512/256 HW support is available on ESP32, set to SW. */
-    sha512->ctx.mode = ESP32_SHA_SW;
-#endif
-    return InitSha512_Family(sha512, heap, devId, InitSha512_256);
-}
-#endif /* !WOLFSSL_NOSHA512_256 ... */
-
-#endif /* WOLFSSL_SHA512 */
-
-#ifndef WOLFSSL_ARMASM
-
-static const word64 K512[80] = {
-    W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
-    W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
-    W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
-    W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
-    W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
-    W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
-    W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
-    W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
-    W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
-    W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
-    W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
-    W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
-    W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
-    W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
-    W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
-    W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
-    W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
-    W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
-    W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
-    W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
-    W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
-    W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
-    W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
-    W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
-    W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
-    W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
-    W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
-    W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
-    W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
-    W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
-    W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
-    W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
-    W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
-    W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
-    W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
-    W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
-    W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
-    W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
-    W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
-    W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
-};
-
-#define blk0(i) (W[i] = sha512->buffer[i])
-
-#define blk2(i) (\
-               W[ (i)     & 15] += \
-            s1(W[((i)-2)  & 15])+ \
-               W[((i)-7)  & 15] + \
-            s0(W[((i)-15) & 15])  \
-        )
-
-#define Ch(x,y,z)  ((z) ^ ((x) & ((y) ^ (z))))
-#define Maj(x,y,z) (((x) & (y)) | ((z) & ((x) | (y))))
-
-#define a(i) T[(0-(i)) & 7]
-#define b(i) T[(1-(i)) & 7]
-#define c(i) T[(2-(i)) & 7]
-#define d(i) T[(3-(i)) & 7]
-#define e(i) T[(4-(i)) & 7]
-#define f(i) T[(5-(i)) & 7]
-#define g(i) T[(6-(i)) & 7]
-#define h(i) T[(7-(i)) & 7]
-
-#define S0(x) (rotrFixed64(x,28) ^ rotrFixed64(x,34) ^ rotrFixed64(x,39))
-#define S1(x) (rotrFixed64(x,14) ^ rotrFixed64(x,18) ^ rotrFixed64(x,41))
-#define s0(x) (rotrFixed64(x,1)  ^ rotrFixed64(x,8)  ^ ((x)>>7))
-#define s1(x) (rotrFixed64(x,19) ^ rotrFixed64(x,61) ^ ((x)>>6))
-
-#define R(i) \
-    h(i) += S1(e(i)) + Ch(e(i),f(i),g(i)) + K[(i)+j] + (j ? blk2(i) : blk0(i)); \
-    d(i) += h(i); \
-    h(i) += S0(a(i)) + Maj(a(i),b(i),c(i))
-
-static int _Transform_Sha512(wc_Sha512* sha512)
-{
-    const word64* K = K512;
-    word32 j;
-    word64 T[8];
-
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    word64* W = sha512->W;
-    if (W == NULL) {
-        W = (word64*)XMALLOC(sizeof(word64) * 16, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (W == NULL)
-            return MEMORY_E;
-        sha512->W = W;
-    }
-#elif defined(WOLFSSL_SMALL_STACK)
-    word64* W;
-    W = (word64*) XMALLOC(sizeof(word64) * 16, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (W == NULL)
-        return MEMORY_E;
-#else
-    word64 W[16];
-#endif
-
-    /* Copy digest to working vars */
-    XMEMCPY(T, sha512->digest, sizeof(T));
-
-#ifdef USE_SLOW_SHA512
-    /* over twice as small, but 50% slower */
-    /* 80 operations, not unrolled */
-    for (j = 0; j < 80; j += 16) {
-        int m;
-        for (m = 0; m < 16; m++) { /* braces needed here for macros {} */
-            R(m);
-        }
-    }
-#else
-    /* 80 operations, partially loop unrolled */
-    for (j = 0; j < 80; j += 16) {
-        R( 0); R( 1); R( 2); R( 3);
-        R( 4); R( 5); R( 6); R( 7);
-        R( 8); R( 9); R(10); R(11);
-        R(12); R(13); R(14); R(15);
-    }
-#endif /* USE_SLOW_SHA512 */
-
-    /* Add the working vars back into digest */
-    sha512->digest[0] += a(0);
-    sha512->digest[1] += b(0);
-    sha512->digest[2] += c(0);
-    sha512->digest[3] += d(0);
-    sha512->digest[4] += e(0);
-    sha512->digest[5] += f(0);
-    sha512->digest[6] += g(0);
-    sha512->digest[7] += h(0);
-
-    /* Wipe variables */
-    ForceZero(W, sizeof(word64) * 16);
-    ForceZero(T, sizeof(T));
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE)
-    XFREE(W, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return 0;
-}
-#endif
-
-
-static WC_INLINE void AddLength(wc_Sha512* sha512, word32 len)
-{
-    word64 tmp = sha512->loLen;
-    if ( (sha512->loLen += len) < tmp)
-        sha512->hiLen++;                       /* carry low to high */
-}
-
-static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
-{
-    int ret = 0;
-    /* do block size increments */
-    byte* local = (byte*)sha512->buffer;
-
-    /* check that internal buffLen is valid */
-    if (sha512->buffLen >= WC_SHA512_BLOCK_SIZE)
-        return BUFFER_E;
-
-    if (len == 0)
-        return 0;
-
-    AddLength(sha512, len);
-
-    if (sha512->buffLen > 0) {
-        word32 add = min(len, WC_SHA512_BLOCK_SIZE - sha512->buffLen);
-        if (add > 0) {
-            XMEMCPY(&local[sha512->buffLen], data, add);
-
-            sha512->buffLen += add;
-            data            += add;
-            len             -= add;
-        }
-
-        if (sha512->buffLen == WC_SHA512_BLOCK_SIZE) {
-    #if defined(LITTLE_ENDIAN_ORDER)
-        #if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-            (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-            #ifdef WC_C_DYNAMIC_FALLBACK
-            if (sha512->sha_method == SHA512_C)
-            #else
-            if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
-            #endif
-        #endif
-            {
-        #if (!defined(WOLFSSL_ESP32_CRYPT) || \
-              defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-              defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)) && \
-             !defined(WOLFSSL_ARMASM)
-                ByteReverseWords64(sha512->buffer, sha512->buffer,
-                                                         WC_SHA512_BLOCK_SIZE);
-        #endif
-            }
-    #endif
-    #ifdef WOLFSSL_ARMASM
-            Transform_Sha512(sha512, (const byte*)sha512->buffer);
-    #elif !defined(WOLFSSL_ESP32_CRYPT) || \
-           defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-           defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-            ret = Transform_Sha512(sha512);
-    #else
-            if (sha512->ctx.mode == ESP32_SHA_INIT) {
-                esp_sha_try_hw_lock(&sha512->ctx);
-            }
-            if (sha512->ctx.mode == ESP32_SHA_SW) {
-                ByteReverseWords64(sha512->buffer, sha512->buffer,
-                                                         WC_SHA512_BLOCK_SIZE);
-                ret = Transform_Sha512(sha512);
-            }
-            else {
-                ret = esp_sha512_process(sha512);
-            }
-    #endif
-            if (ret == 0)
-                sha512->buffLen = 0;
-            else
-                len = 0;
-        }
-    }
-
-#if defined(WOLFSSL_ARMASM)
-    if (len >= WC_SHA512_BLOCK_SIZE) {
-        word32 blocksLen = len & ~((word32)WC_SHA512_BLOCK_SIZE-1);
-
-        Transform_Sha512_Len(sha512, data, blocksLen);
-        data += blocksLen;
-        len  -= blocksLen;
-    }
-#else
-#if (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-     (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)))
-
-    #ifdef WC_C_DYNAMIC_FALLBACK
-    if (sha512->sha_method != SHA512_C)
-    #elif defined(WC_NO_INTERNAL_FUNCTION_POINTERS)
-    if (sha_method != SHA512_C)
-    #else
-    if (Transform_Sha512_Len_p != NULL)
-    #endif
-
-    {
-        word32 blocksLen = len & ~((word32)WC_SHA512_BLOCK_SIZE-1);
-
-        if (blocksLen > 0) {
-            sha512->data = data;
-            /* Byte reversal performed in function if required. */
-            Transform_Sha512_Len(sha512, blocksLen);
-            data += blocksLen;
-            len  -= blocksLen;
-        }
-    }
-    else
-#endif
-#if !defined(LITTLE_ENDIAN_ORDER) || (defined(WOLFSSL_X86_64_BUILD) && \
-        defined(USE_INTEL_SPEEDUP) && (defined(HAVE_INTEL_AVX1) || \
-        defined(HAVE_INTEL_AVX2)))
-    {
-        while (len >= WC_SHA512_BLOCK_SIZE) {
-            XMEMCPY(local, data, WC_SHA512_BLOCK_SIZE);
-
-            data += WC_SHA512_BLOCK_SIZE;
-            len  -= WC_SHA512_BLOCK_SIZE;
-
-        #if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-            (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-            #ifdef WC_C_DYNAMIC_FALLBACK
-            if (sha512->sha_method == SHA512_C)
-            #else
-            if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
-            #endif
-            {
-                ByteReverseWords64(sha512->buffer, sha512->buffer,
-                                                          WC_SHA512_BLOCK_SIZE);
-            }
-        #endif
-            /* Byte reversal performed in function if required. */
-            ret = Transform_Sha512(sha512);
-            if (ret != 0)
-                break;
-        }
-    }
-#else
-    {
-        while (len >= WC_SHA512_BLOCK_SIZE) {
-            XMEMCPY(local, data, WC_SHA512_BLOCK_SIZE);
-
-            data += WC_SHA512_BLOCK_SIZE;
-            len  -= WC_SHA512_BLOCK_SIZE;
-    #if !defined(WOLFSSL_ESP32_CRYPT) || \
-         defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-         defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-            ByteReverseWords64(sha512->buffer, sha512->buffer,
-                                                       WC_SHA512_BLOCK_SIZE);
-    #endif
-    #if !defined(WOLFSSL_ESP32_CRYPT) || \
-         defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-         defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-            ret = Transform_Sha512(sha512);
-    #else
-            if(sha512->ctx.mode == ESP32_SHA_INIT) {
-                esp_sha_try_hw_lock(&sha512->ctx);
-            }
-            if (sha512->ctx.mode == ESP32_SHA_SW) {
-                ByteReverseWords64(sha512->buffer, sha512->buffer,
-                                                          WC_SHA512_BLOCK_SIZE);
-                ret = Transform_Sha512(sha512);
-            }
-            else {
-                ret = esp_sha512_process(sha512);
-            }
-    #endif
-            if (ret != 0)
-                break;
-        } /* while (len >= WC_SHA512_BLOCK_SIZE) */
-    }
-#endif
-#endif
-
-    if (ret == 0 && len > 0) {
-        XMEMCPY(local, data, len);
-        sha512->buffLen = len;
-    }
-
-    return ret;
-}
-
-#ifdef WOLFSSL_SHA512
-
-int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
-{
-    if (sha512 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-    if (data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha512->devId != INVALID_DEVID)
-    #endif
-    {
-        int ret = wc_CryptoCb_Sha512Hash(sha512, data, len, NULL, 0);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
-    if (sha512->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA512) {
-    #if defined(HAVE_INTEL_QA)
-        return IntelQaSymSha512(&sha512->asyncDev, NULL, data, len);
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    return Sha512Update(sha512, data, len);
-}
-
-#endif /* WOLFSSL_SHA512 */
-
-#endif /* WOLFSSL_IMX6_CAAM || WOLFSSL_SILABS_SHA512 */
-
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-   !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-
-#elif defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-#elif defined(STM32_HASH_SHA512)
-#elif defined(PSOC6_HASH_SHA2)
-#else
-
-static WC_INLINE int Sha512Final(wc_Sha512* sha512)
-{
-#ifndef WOLFSSL_ARMASM
-    int ret;
-#endif
-    byte* local;
-
-    if (sha512 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    local = (byte*)sha512->buffer;
-
-    /* we'll add a 0x80 byte at the end,
-    ** so make sure we have appropriate buffer length. */
-    if (sha512->buffLen > WC_SHA512_BLOCK_SIZE - 1) {
-        return BAD_STATE_E;
-    } /* buffLen check */
-
-    local[sha512->buffLen++] = 0x80;  /* add 1 */
-
-    /* pad with zeros */
-    if (sha512->buffLen > WC_SHA512_PAD_SIZE) {
-        if (sha512->buffLen < WC_SHA512_BLOCK_SIZE ) {
-            XMEMSET(&local[sha512->buffLen], 0,
-                WC_SHA512_BLOCK_SIZE - sha512->buffLen);
-        }
-
-        sha512->buffLen += WC_SHA512_BLOCK_SIZE - sha512->buffLen;
-#if defined(LITTLE_ENDIAN_ORDER)
-    #if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-        (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-        #ifdef WC_C_DYNAMIC_FALLBACK
-        if (sha512->sha_method == SHA512_C)
-        #else
-        if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
-        #endif
-    #endif
-        {
-
-        #if (!defined(WOLFSSL_ESP32_CRYPT) || \
-              defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-              defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)) && \
-             !defined(WOLFSSL_ARMASM)
-            ByteReverseWords64(sha512->buffer,sha512->buffer,
-                                                         WC_SHA512_BLOCK_SIZE);
-        #endif
-        }
-
-#endif /* LITTLE_ENDIAN_ORDER */
-#ifdef WOLFSSL_ARMASM
-        Transform_Sha512(sha512, (const byte*)sha512->buffer);
-#else
-    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-       !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-        if (sha512->ctx.mode == ESP32_SHA_INIT) {
-            esp_sha_try_hw_lock(&sha512->ctx);
-        }
-        if (sha512->ctx.mode == ESP32_SHA_SW) {
-            ByteReverseWords64(sha512->buffer,sha512->buffer,
-                                                         WC_SHA512_BLOCK_SIZE);
-            ret = Transform_Sha512(sha512);
-        }
-        else {
-            ret = esp_sha512_process(sha512);
-        }
-    #else
-        ret = Transform_Sha512(sha512);
-    #endif
-        if (ret != 0) {
-            return ret;
-        }
-#endif
-
-        sha512->buffLen = 0;
-    } /* (sha512->buffLen > WC_SHA512_PAD_SIZE) pad with zeros */
-
-    XMEMSET(&local[sha512->buffLen], 0, WC_SHA512_PAD_SIZE - sha512->buffLen);
-
-    /* put lengths in bits */
-    sha512->hiLen = (sha512->loLen >> (8 * sizeof(sha512->loLen) - 3)) +
-                                                         (sha512->hiLen << 3);
-    sha512->loLen = sha512->loLen << 3;
-
-    /* store lengths */
-#if defined(LITTLE_ENDIAN_ORDER)
-    #if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-        (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-        #ifdef WC_C_DYNAMIC_FALLBACK
-        if (sha512->sha_method == SHA512_C)
-        #else
-        if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
-        #endif
-    #endif
-    #if (!defined(WOLFSSL_ESP32_CRYPT) || \
-          defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-          defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)) && \
-         !defined(WOLFSSL_ARMASM)
-            ByteReverseWords64(sha512->buffer, sha512->buffer, WC_SHA512_PAD_SIZE);
-    #endif
-#endif
-    /* ! length ordering dependent on digest endian type ! */
-
-#if !defined(WOLFSSL_ESP32_CRYPT) || \
-     defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-     defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
-    sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
-#endif
-
-#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-    (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-    #ifdef WC_C_DYNAMIC_FALLBACK
-    if (sha512->sha_method != SHA512_C)
-    #else
-    if (IS_INTEL_AVX1(intel_flags) || IS_INTEL_AVX2(intel_flags))
-    #endif
-    {
-        ByteReverseWords64(&(sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2]),
-                           &(sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2]),
-                           WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE);
-    }
-#elif defined(WOLFSSL_ARMASM)
-    #define SHA512_PAD_LEN_64  (WC_SHA512_PAD_SIZE / sizeof(word64))
-    {
-        ByteReverseWords64(&(sha512->buffer[SHA512_PAD_LEN_64]),
-                           &(sha512->buffer[SHA512_PAD_LEN_64]),
-                           WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE);
-    }
-#endif
-
-#ifdef WOLFSSL_ARMASM
-    Transform_Sha512(sha512, (const byte*)sha512->buffer);
-#else
-#if !defined(WOLFSSL_ESP32_CRYPT) || \
-      defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
-      defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    ret = Transform_Sha512(sha512);
-#else
-    if(sha512->ctx.mode == ESP32_SHA_INIT) {
-        /* typically for tiny block: first = last */
-        esp_sha_try_hw_lock(&sha512->ctx);
-    }
-    if (sha512->ctx.mode == ESP32_SHA_SW) {
-        ByteReverseWords64(sha512->buffer,
-                           sha512->buffer,
-                           WC_SHA512_BLOCK_SIZE);
-        sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
-        sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
-        ret = Transform_Sha512(sha512);
-    }
-    else {
-        ret = esp_sha512_digest_process(sha512, 1);
-    }
-#endif
-
-    if (ret != 0)
-        return ret;
-#endif
-
-    #ifdef LITTLE_ENDIAN_ORDER
-        ByteReverseWords64(sha512->digest, sha512->digest,
-            WC_SHA512_DIGEST_SIZE);
-    #endif
-
-
-    return 0;
-}
-
-#endif /* WOLFSSL_KCAPI_HASH */
-
-#ifdef WOLFSSL_SHA512
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-#elif defined(STM32_HASH_SHA512)
-#elif defined(PSOC6_HASH_SHA2)
-#elif defined(WOLFSSL_SILABS_SHA512)
-#else
-
-static int Sha512FinalRaw(wc_Sha512* sha512, byte* hash, word32 digestSz)
-{
-    if (sha512 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef LITTLE_ENDIAN_ORDER
-    if ((digestSz & 0x7) == 0)
-        ByteReverseWords64((word64 *)hash, sha512->digest, digestSz);
-    else {
-        ByteReverseWords64(sha512->digest, sha512->digest,
-                           WC_SHA512_DIGEST_SIZE);
-        XMEMCPY(hash, sha512->digest, digestSz);
-    }
-#else
-    XMEMCPY(hash, sha512->digest, digestSz);
-#endif
-
-    return 0;
-}
-
-int wc_Sha512FinalRaw(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512FinalRaw(sha512, hash, WC_SHA512_DIGEST_SIZE);
-}
-
-static int Sha512_Family_Final(wc_Sha512* sha512, byte* hash, size_t digestSz,
-                               int (*initfp)(wc_Sha512*))
-{
-    int ret;
-
-    if (sha512 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha512->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Sha512Hash(sha512, NULL, 0, hash, digestSz);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
-            return ret;
-        }
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
-    if (sha512->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA512) {
-    #if defined(HAVE_INTEL_QA)
-        return IntelQaSymSha512(&sha512->asyncDev, hash, NULL, digestSz);
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    ret = Sha512Final(sha512);
-    if (ret != 0)
-        return ret;
-
-    XMEMCPY(hash, sha512->digest, digestSz);
-
-    /* initialize Sha512 structure for the next use */
-    return initfp(sha512);
-}
-
-#ifndef STM32_HASH_SHA512
-int wc_Sha512Final(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512_Family_Final(sha512, hash, WC_SHA512_DIGEST_SIZE, InitSha512);
-}
-#endif
-
-#endif /* WOLFSSL_KCAPI_HASH */
-
-#if defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-
-#else
-#if !defined(WOLFSSL_SE050) || !defined(WOLFSSL_SE050_HASH)
-int wc_InitSha512(wc_Sha512* sha512)
-{
-    int devId = INVALID_DEVID;
-
-#ifdef WOLF_CRYPTO_CB
-    devId = wc_CryptoCb_DefaultDevID();
-#endif
-    return wc_InitSha512_ex(sha512, NULL, devId);
-}
-
-void wc_Sha512Free(wc_Sha512* sha512)
-{
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    int ret = 0;
-#endif
-
-    if (sha512 == NULL)
-        return;
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha512->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Free(sha512->devId, WC_ALGO_TYPE_HASH,
-                         WC_HASH_TYPE_SHA512, (void*)sha512);
-        /* If they want the standard free, they can call it themselves */
-        /* via their callback setting devId to INVALID_DEVID */
-        /* otherwise assume the callback handled it */
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return;
-        /* fall-through when unavailable */
-    }
-
-    /* silence compiler warning */
-    (void)ret;
-
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
-
-#if defined(WOLFSSL_ESP32) && \
-    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)  && \
-    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    esp_sha_release_unfinished_lock(&sha512->ctx);
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    if (sha512->W != NULL) {
-        ForceZero(sha512->W, sizeof(word64) * 16);
-        XFREE(sha512->W, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        sha512->W = NULL;
-    }
-#endif
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    KcapiHashFree(&sha512->kcapi);
-#endif
-
-#if defined(WOLFSSL_HASH_KEEP) ||\
-   (defined(WOLFSSL_RENESAS_RSIP) && (WOLFSSL_RENESAS_RZFSP_VER >= 220))
-    if (sha512->msg != NULL) {
-        ForceZero(sha512->msg, sha512->len);
-        XFREE(sha512->msg, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        sha512->msg = NULL;
-    }
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    wc_MXC_TPU_SHA_Free(&(sha512->mxcCtx));
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
-    wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#if defined(PSOC6_HASH_SHA2)
-    wc_Psoc6_Sha_Free();
-#endif
-
-    ForceZero(sha512, sizeof(*sha512));
-}
-#endif
-
-#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) \
-    && !defined(WOLFSSL_KCAPI_HASH)
-/* Apply SHA512 transformation to the data                */
-/* @param sha  a pointer to wc_Sha512 structure           */
-/* @param data data to be applied SHA512 transformation   */
-/* @return 0 on successful, otherwise non-zero on failure */
-int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
-{
-    int ret;
-    /* back up buffer */
-    WC_DECLARE_VAR(buffer, word64, WC_SHA512_BLOCK_SIZE  / sizeof(word64),
-        0);
-
-    /* sanity check */
-    if (sha == NULL || data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    buffer = (word64*)XMALLOC(WC_SHA512_BLOCK_SIZE, sha->heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (buffer == NULL)
-        return MEMORY_E;
-#endif
-
-#if defined(LITTLE_ENDIAN_ORDER)
-#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-    (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
-    #ifdef WC_C_DYNAMIC_FALLBACK
-    if (sha->sha_method == SHA512_C)
-    #else
-    if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
-    #endif
-#endif
-    {
-        ByteReverseWords64((word64*)data, (word64*)data,
-                                                WC_SHA512_BLOCK_SIZE);
-    }
-#endif /* LITTLE_ENDIAN_ORDER */
-
-#if defined(WOLFSSL_ARMASM)
-    ByteReverseWords64(buffer, (word64*)data, WC_SHA512_BLOCK_SIZE);
-    Transform_Sha512(sha, (const byte*)buffer);
-    ret = 0;
-#else
-    XMEMCPY(buffer, sha->buffer, WC_SHA512_BLOCK_SIZE);
-    XMEMCPY(sha->buffer, data, WC_SHA512_BLOCK_SIZE);
-
-    ret = Transform_Sha512(sha);
-
-    XMEMCPY(sha->buffer, buffer, WC_SHA512_BLOCK_SIZE);
-#endif
-#ifdef WOLFSSL_SMALL_STACK
-    ForceZero(buffer, WC_SHA512_BLOCK_SIZE);
-    XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return ret;
-}
-#endif /* OPENSSL_EXTRA */
-#endif /* WOLFSSL_SHA512 */
-#endif /* !WOLFSSL_SE050 || !WOLFSSL_SE050_HASH */
-
-
-/* -------------------------------------------------------------------------- */
-/* SHA384 */
-/* -------------------------------------------------------------------------- */
-#ifdef WOLFSSL_SHA384
-
-#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH) && \
-    !defined(WOLFSSL_QNX_CAAM)
-    /* functions defined in wolfcrypt/src/port/caam/caam_sha.c */
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-    int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
-    {
-        if (sha384 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        (void)devId;
-        return se050_hash_init(&sha384->se050Ctx, heap);
-    }
-    int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
-    {
-        if (sha384 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-        if (data == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        return se050_hash_update(&sha384->se050Ctx, data, len);
-
-    }
-    int wc_Sha384Final(wc_Sha384* sha384, byte* hash)
-    {
-        int ret = 0;
-        ret = se050_hash_final(&sha384->se050Ctx, hash, WC_SHA384_DIGEST_SIZE,
-                               kAlgorithm_SSS_SHA384);
-        return ret;
-    }
-
-#elif defined(WOLFSSL_SILABS_SHA384)
-    /* functions defined in wolfcrypt/src/port/silabs/silabs_hash.c */
-
-#elif defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-#elif defined(STM32_HASH_SHA384)
-
-    int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
-    {
-        if (sha384 == NULL)
-            return BAD_FUNC_ARG;
-
-        (void)devId;
-        (void)heap;
-
-        XMEMSET(sha384, 0, sizeof(wc_Sha384));
-        wc_Stm32_Hash_Init(&sha384->stmCtx);
-        return 0;
-    }
-
-    int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
-    {
-        int ret = 0;
-
-        if (sha384 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-        if (data == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Update(&sha384->stmCtx,
-                HASH_ALGOSELECTION_SHA384, data, len, WC_SHA384_BLOCK_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    int wc_Sha384Final(wc_Sha384* sha384, byte* hash)
-    {
-        int ret = 0;
-
-        if (sha384 == NULL || hash == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Final(&sha384->stmCtx,
-                HASH_ALGOSELECTION_SHA384, hash, WC_SHA384_DIGEST_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-
-        (void)wc_InitSha384(sha384); /* reset state */
-
-        return ret;
-    }
-
-#elif defined(PSOC6_HASH_SHA2)
-    /* implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-
-#else
-
-static int InitSha384(wc_Sha384* sha384)
-{
-    if (sha384 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    sha384->digest[0] = W64LIT(0xcbbb9d5dc1059ed8);
-    sha384->digest[1] = W64LIT(0x629a292a367cd507);
-    sha384->digest[2] = W64LIT(0x9159015a3070dd17);
-    sha384->digest[3] = W64LIT(0x152fecd8f70e5939);
-    sha384->digest[4] = W64LIT(0x67332667ffc00b31);
-    sha384->digest[5] = W64LIT(0x8eb44a8768581511);
-    sha384->digest[6] = W64LIT(0xdb0c2e0d64f98fa7);
-    sha384->digest[7] = W64LIT(0x47b5481dbefa4fa4);
-
-    sha384->buffLen = 0;
-    sha384->loLen   = 0;
-    sha384->hiLen   = 0;
-
-#if (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
-     (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))) || \
-    defined(WOLFSSL_ARMASM)
-#ifdef WC_C_DYNAMIC_FALLBACK
-    sha384->sha_method = 0;
-    Sha512_SetTransform(&sha384->sha_method);
-#else
-    Sha512_SetTransform();
-#endif
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)  && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
-    /* HW needs to be carefully initialized, taking into account soft copy.
-    ** If already in use; copy may revert to SW as needed. */
-    esp_sha_init(&(sha384->ctx), WC_HASH_TYPE_SHA384);
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-    sha384->flags = 0;
-#endif
-
-#ifdef HAVE_ARIA
-    sha384->hSession = NULL;
-#endif
-
-#ifdef WOLFSSL_HASH_KEEP
-    sha384->msg  = NULL;
-    sha384->len  = 0;
-    sha384->used = 0;
-#endif
-
-    return 0;
-}
-
-int wc_Sha384Update(wc_Sha384* sha384, const byte* data, word32 len)
-{
-
-    if (sha384 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-    if (data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha384->devId != INVALID_DEVID)
-    #endif
-    {
-        int ret = wc_CryptoCb_Sha384Hash(sha384, data, len, NULL);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
-    if (sha384->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA384) {
-    #if defined(HAVE_INTEL_QA)
-        return IntelQaSymSha384(&sha384->asyncDev, NULL, data, len);
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    return Sha512Update((wc_Sha512*)sha384, data, len);
-}
-
-
-int wc_Sha384FinalRaw(wc_Sha384* sha384, byte* hash)
-{
-    if (sha384 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef LITTLE_ENDIAN_ORDER
-    ByteReverseWords64((word64 *)hash, sha384->digest, WC_SHA384_DIGEST_SIZE);
-#else
-    XMEMCPY(hash, sha384->digest, WC_SHA384_DIGEST_SIZE);
-#endif
-
-    return 0;
-}
-
-int wc_Sha384Final(wc_Sha384* sha384, byte* hash)
-{
-    int ret;
-
-    if (sha384 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLF_CRYPTO_CB
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha384->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Sha384Hash(sha384, NULL, 0, hash);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
-    if (sha384->asyncDev.marker == WOLFSSL_ASYNC_MARKER_SHA384) {
-    #if defined(HAVE_INTEL_QA)
-        return IntelQaSymSha384(&sha384->asyncDev, hash, NULL,
-                                            WC_SHA384_DIGEST_SIZE);
-    #endif
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    ret = Sha512Final((wc_Sha512*)sha384);
-    if (ret != 0)
-        return ret;
-
-    XMEMCPY(hash, sha384->digest, WC_SHA384_DIGEST_SIZE);
-
-    return InitSha384(sha384);  /* reset state */
-}
-
-int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
-{
-    int ret;
-
-    if (sha384 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    sha384->heap = heap;
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    sha384->W = NULL;
-#endif
-#ifdef WOLF_CRYPTO_CB
-    sha384->devId = devId;
-    sha384->devCtx = NULL;
-#endif
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)  && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
-    if (sha384->ctx.mode != ESP32_SHA_INIT) {
-        ESP_LOGV(TAG, "Set ctx mode from prior value: "
-                           "%d", sha384->ctx.mode);
-    }
-    /* We know this is a fresh, uninitialized item, so set to INIT */
-    sha384->ctx.mode = ESP32_SHA_INIT;
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    ret = wc_MXC_TPU_SHA_Init(&(sha384->mxcCtx));
-    if (ret != 0) {
-        return ret;
-    }
-#endif
-
-    ret = InitSha384(sha384);
-    if (ret != 0) {
-        return ret;
-    }
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
-    ret = wolfAsync_DevCtxInit(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384,
-                                                           sha384->heap, devId);
-#else
-    (void)devId;
-#endif /* WOLFSSL_ASYNC_CRYPT */
-#ifdef WOLFSSL_IMXRT1170_CAAM
-     ret = wc_CAAM_HashInit(&sha384->hndl, &sha384->ctx, WC_HASH_TYPE_SHA384);
-#endif
-    return ret;
-}
-
-#endif /* WOLFSSL_IMX6_CAAM || WOLFSSL_SILABS_SHA384 || WOLFSSL_KCAPI_HASH */
-
-#if defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-
-#else
-int wc_InitSha384(wc_Sha384* sha384)
-{
-    int devId = INVALID_DEVID;
-
-#ifdef WOLF_CRYPTO_CB
-    devId = wc_CryptoCb_DefaultDevID();
-#endif
-    return wc_InitSha384_ex(sha384, NULL, devId);
-}
-
-void wc_Sha384Free(wc_Sha384* sha384)
-{
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    int ret = 0;
-#endif
-
-    if (sha384 == NULL)
-        return;
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (sha384->devId != INVALID_DEVID)
-    #endif
-    {
-        ret = wc_CryptoCb_Free(sha384->devId, WC_ALGO_TYPE_HASH,
-                         WC_HASH_TYPE_SHA384, (void*)sha384);
-        /* If they want the standard free, they can call it themselves */
-        /* via their callback setting devId to INVALID_DEVID */
-        /* otherwise assume the callback handled it */
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return;
-        /* fall-through when unavailable */
-    }
-
-    /* silence compiler warning */
-    (void)ret;
-
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
-
-#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)  && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
-    esp_sha_release_unfinished_lock(&sha384->ctx);
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    if (sha384->W != NULL) {
-        ForceZero(sha384->W, sizeof(word64) * 16);
-        XFREE(sha384->W, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        sha384->W = NULL;
-    }
-#endif
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    KcapiHashFree(&sha384->kcapi);
-#endif
-
-#if defined(WOLFSSL_HASH_KEEP) || \
-   (defined(WOLFSSL_RENESAS_RSIP) && (WOLFSSL_RENESAS_RZFSP_VER >= 220))
-    if (sha384->msg != NULL) {
-        ForceZero(sha384->msg, sha384->len);
-        XFREE(sha384->msg, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        sha384->msg = NULL;
-    }
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-    se050_hash_free(&sha384->se050Ctx);
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
-    wolfAsync_DevCtxFree(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384);
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-#ifdef HAVE_ARIA
-    if (sha384->hSession != NULL) {
-        MC_CloseSession(sha384->hSession);
-        sha384->hSession = NULL;
-    }
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    wc_MXC_TPU_SHA_Free(&(sha384->mxcCtx));
-#endif
-
-    ForceZero(sha384, sizeof(*sha384));
-}
-
-#endif
-#endif /* WOLFSSL_SHA384 */
-
-#ifdef WOLFSSL_SHA512
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-
-#else
-
-static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash,
-                                 int (*finalfp)(wc_Sha512*, byte*))
-{
-    int ret;
-    WC_DECLARE_VAR(tmpSha512, wc_Sha512, 1, 0);
-
-    if (sha512 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(tmpSha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    /* copy this sha512 into tmpSha */
-    ret = wc_Sha512Copy(sha512, tmpSha512);
-    if (ret == 0) {
-        ret = finalfp(tmpSha512, hash);
-        wc_Sha512Free(tmpSha512);
-    }
-
-    WC_FREE_VAR_EX(tmpSha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512_Family_GetHash(sha512, hash, wc_Sha512Final);
-}
-
-int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
-{
-    int ret = 0;
-
-    if (src == NULL || dst == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (src->devId != INVALID_DEVID)
-    #endif
-    {
-        /* Cast the source and destination to be void to keep the abstraction */
-        ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
-                               WC_HASH_TYPE_SHA512, (void*)src, (void*)dst);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-    ret = 0; /* Reset ret to 0 to avoid returning the callback error code */
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
-
-    XMEMCPY(dst, src, sizeof(wc_Sha512));
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    dst->W = NULL;
-#endif
-
-#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) && \
-    defined(WOLFSSL_SILABS_SHA512)
-    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
-    ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
-    #if defined(CONFIG_IDF_TARGET_ESP32)
-    if (ret == 0) {
-        ret = esp_sha512_ctx_copy(src, dst);
-    }
-    #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
-          defined(CONFIG_IDF_TARGET_ESP8684) || \
-          defined(CONFIG_IDF_TARGET_ESP32C3) || \
-          defined(CONFIG_IDF_TARGET_ESP32C6)
-        ESP_LOGV(TAG, "No SHA-512 HW on the ESP32-C3");
-
-    #elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
-          defined(CONFIG_IDF_TARGET_ESP32S3)
-        if (ret == 0) {
-            ret = esp_sha512_ctx_copy(src, dst);
-        }
-    #else
-        ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
-                       CONFIG_IDF_TARGET);
-    #endif
-
-#endif /* WOLFSSL_USE_ESP32_CRYPT_HASH_HW */
-
-#ifdef WOLFSSL_HASH_FLAGS
-     dst->flags |= WC_HASH_FLAG_ISCOPY;
-#endif
-
-#if defined(WOLFSSL_HASH_KEEP)
-    if (src->msg != NULL) {
-        dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (dst->msg == NULL)
-            return MEMORY_E;
-        XMEMCPY(dst->msg, src->msg, src->len);
-    }
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx));
-    if (ret != 0) {
-        return ret;
-    }
-#endif
-
-#if defined(PSOC6_HASH_SHA2)
-    wc_Psoc6_Sha1_Sha2_Init(dst, WC_PSOC6_SHA512, 0);
-#endif
-
-    return ret;
-}
-
-#endif /* WOLFSSL_KCAPI_HASH */
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_Sha512SetFlags(wc_Sha512* sha512, word32 flags)
-{
-    if (sha512) {
-        sha512->flags = flags;
-    }
-    return 0;
-}
-int wc_Sha512GetFlags(wc_Sha512* sha512, word32* flags)
-{
-    if (sha512 && flags) {
-        *flags = sha512->flags;
-    }
-    return 0;
-}
-#endif /* WOLFSSL_HASH_FLAGS */
-
-#if !defined(WOLFSSL_NOSHA512_224) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-
-#if defined(STM32_HASH_SHA512_224)
-
-int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
-{
-    if (sha512 == NULL)
-        return BAD_FUNC_ARG;
-
-    (void)devId;
-    (void)heap;
-
-    XMEMSET(sha512, 0, sizeof(wc_Sha512));
-    wc_Stm32_Hash_Init(&sha512->stmCtx);
-    return 0;
-}
-
-int wc_Sha512_224Update(wc_Sha512* sha512, const byte* data, word32 len)
-{
-    int ret = 0;
-
-    if (sha512 == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    if (data == NULL && len == 0) {
-        /* valid, but do nothing */
-        return 0;
-    }
-    if (data == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        ret = wc_Stm32_Hash_Update(&sha512->stmCtx,
-            HASH_ALGOSELECTION_SHA512_224, data, len, WC_SHA512_224_BLOCK_SIZE);
-        wolfSSL_CryptHwMutexUnLock();
-    }
-    return ret;
-}
-
-int wc_Sha512_224Final(wc_Sha512* sha512, byte* hash)
-{
-    int ret = 0;
-
-    if (sha512 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wolfSSL_CryptHwMutexLock();
-    if (ret == 0) {
-        ret = wc_Stm32_Hash_Final(&sha512->stmCtx,
-            HASH_ALGOSELECTION_SHA512_224, hash, WC_SHA512_224_DIGEST_SIZE);
-        wolfSSL_CryptHwMutexUnLock();
-    }
-
-    (void)wc_InitSha512_224(sha512); /* reset state */
-
-    return ret;
-}
-#elif defined(PSOC6_HASH_SHA2)
-    /* functions defined in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-#endif
-int wc_InitSha512_224(wc_Sha512* sha)
-{
-    return wc_InitSha512_224_ex(sha, NULL, INVALID_DEVID);
-}
-#if !defined(STM32_HASH_SHA512_224) && !defined(PSOC6_HASH_SHA2)
-int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)
-{
-    return wc_Sha512Update(sha, data, len);
-}
-#endif
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-#elif defined(STM32_HASH_SHA512_224)
-#elif defined(PSOC6_HASH_SHA2)
-    /* functions defined in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-
-#else
-int wc_Sha512_224FinalRaw(wc_Sha512* sha, byte* hash)
-{
-    return Sha512FinalRaw(sha, hash, WC_SHA512_224_DIGEST_SIZE);
-}
-
-int wc_Sha512_224Final(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512_Family_Final(sha512, hash, WC_SHA512_224_DIGEST_SIZE,
-                               InitSha512_224);
-}
-#endif /* else none of the above: WOLFSSL_KCAPI_HASH, WOLFSSL_SE050 */
-
-void wc_Sha512_224Free(wc_Sha512* sha)
-{
-    wc_Sha512Free(sha);
-}
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#else
-int wc_Sha512_224GetHash(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512_Family_GetHash(sha512, hash, wc_Sha512_224Final);
-}
-
-int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst)
-{
-    return wc_Sha512Copy(src, dst);
-}
-#endif /* else none of the above: WOLFSSL_KCAPI_HASH, WOLFSSL_SE050 */
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_Sha512_224SetFlags(wc_Sha512* sha, word32 flags)
-{
-    return wc_Sha512SetFlags(sha, flags);
-}
-int wc_Sha512_224GetFlags(wc_Sha512* sha, word32* flags)
-{
-    return wc_Sha512GetFlags(sha, flags);
-}
-#endif /* WOLFSSL_HASH_FLAGS */
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
-int wc_Sha512_224Transform(wc_Sha512* sha, const unsigned char* data)
-{
-    return wc_Sha512Transform(sha, data);
-}
-#endif /* OPENSSL_EXTRA */
-
-
-#endif /* !WOLFSSL_NOSHA512_224 && !FIPS ... */
-
-#if !defined(WOLFSSL_NOSHA512_256) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-#if defined(STM32_HASH_SHA512_256)
-
-    int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
-    {
-        if (sha512 == NULL)
-            return BAD_FUNC_ARG;
-
-        (void)devId;
-        (void)heap;
-
-        XMEMSET(sha512, 0, sizeof(wc_Sha512));
-        wc_Stm32_Hash_Init(&sha512->stmCtx);
-        return 0;
-    }
-
-    int wc_Sha512_256Update(wc_Sha512* sha512, const byte* data, word32 len)
-    {
-        int ret = 0;
-
-        if (sha512 == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-        if (data == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Update(&sha512->stmCtx,
-                HASH_ALGOSELECTION_SHA512_256, data, len, WC_SHA512_256_BLOCK_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-        return ret;
-    }
-
-    int wc_Sha512_256Final(wc_Sha512* sha512, byte* hash)
-    {
-        int ret = 0;
-
-        if (sha512 == NULL || hash == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        ret = wolfSSL_CryptHwMutexLock();
-        if (ret == 0) {
-            ret = wc_Stm32_Hash_Final(&sha512->stmCtx,
-                HASH_ALGOSELECTION_SHA512_256, hash, WC_SHA512_256_DIGEST_SIZE);
-            wolfSSL_CryptHwMutexUnLock();
-        }
-
-        (void)wc_InitSha512_256(sha512); /* reset state */
-
-        return ret;
-    }
-#elif defined(PSOC6_HASH_SHA2)
-    /* functions defined in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-#endif
-int wc_InitSha512_256(wc_Sha512* sha)
-{
-    return wc_InitSha512_256_ex(sha, NULL, INVALID_DEVID);
-}
-#if !defined(STM32_HASH_SHA512_256) && !defined(PSOC6_HASH_SHA2)
-int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
-{
-    return wc_Sha512Update(sha, data, len);
-}
-#endif
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
-#elif defined(STM32_HASH_SHA512_256)
-#elif defined(PSOC6_HASH_SHA2)
-    /* functions defined in wolfcrypt/src/port/cypress/psoc6_crypto.c */
-#else
-int wc_Sha512_256FinalRaw(wc_Sha512* sha, byte* hash)
-{
-    return Sha512FinalRaw(sha, hash, WC_SHA512_256_DIGEST_SIZE);
-}
-
-int wc_Sha512_256Final(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512_Family_Final(sha512, hash, WC_SHA512_256_DIGEST_SIZE,
-                               InitSha512_256);
-}
-#endif
-
-void wc_Sha512_256Free(wc_Sha512* sha)
-{
-    wc_Sha512Free(sha);
-}
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
-
-#else
-int wc_Sha512_256GetHash(wc_Sha512* sha512, byte* hash)
-{
-    return Sha512_Family_GetHash(sha512, hash, wc_Sha512_256Final);
-}
-int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst)
-{
-    return wc_Sha512Copy(src, dst);
-}
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_Sha512_256SetFlags(wc_Sha512* sha, word32 flags)
-{
-    return wc_Sha512SetFlags(sha, flags);
-}
-int wc_Sha512_256GetFlags(wc_Sha512* sha, word32* flags)
-{
-    return wc_Sha512GetFlags(sha, flags);
-}
-#endif /* WOLFSSL_HASH_FLAGS */
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
-int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data)
-{
-    return wc_Sha512Transform(sha, data);
-}
-#endif /* OPENSSL_EXTRA */
-
-
-#endif /* !WOLFSSL_NOSHA512_256 && !FIPS ... */
-
-#endif /* WOLFSSL_SHA512 */
-
-#ifdef WOLFSSL_SHA384
-
-#if defined(WOLFSSL_KCAPI_HASH)
-    /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-#elif defined(WOLFSSL_RENESAS_RSIP) && \
-     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
-    /* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
-#elif defined(MAX3266X_SHA)
-    /* Functions defined in wolfcrypt/src/port/maxim/max3266x.c */
-
-#else
-
-int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)
-{
-    int ret;
-    WC_DECLARE_VAR(tmpSha384, wc_Sha384, 1, 0);
-
-    if (sha384 == NULL || hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    WC_ALLOC_VAR_EX(tmpSha384, wc_Sha384, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    /* copy this sha384 into tmpSha */
-    ret = wc_Sha384Copy(sha384, tmpSha384);
-    if (ret == 0) {
-        ret = wc_Sha384Final(tmpSha384, hash);
-        wc_Sha384Free(tmpSha384);
-    }
-
-    WC_FREE_VAR_EX(tmpSha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
-{
-    int ret = 0;
-
-    if (src == NULL || dst == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_COPY)
-    #ifndef WOLF_CRYPTO_CB_FIND
-    if (src->devId != INVALID_DEVID)
-    #endif
-    {
-        /* Cast the source and destination to be void to keep the abstraction */
-        ret = wc_CryptoCb_Copy(src->devId, WC_ALGO_TYPE_HASH,
-                               WC_HASH_TYPE_SHA384, (void*)src, (void*)dst);
-        if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
-            return ret;
-        /* fall-through when unavailable */
-    }
-    ret = 0; /* Reset ret to 0 to avoid returning the callback error code */
-#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_COPY */
-
-    XMEMCPY(dst, src, sizeof(wc_Sha384));
-
-#ifdef WOLFSSL_SMALL_STACK_CACHE
-    dst->W = NULL;
-#endif
-
-#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) && \
-    defined(WOLFSSL_SILABS_SHA384)
-    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
-#endif
-
-#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
-    ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
-#endif
-
-#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
-   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
-    #if defined(CONFIG_IDF_TARGET_ESP32)
-        esp_sha384_ctx_copy(src, dst);
-    #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
-          defined(CONFIG_IDF_TARGET_ESP8684) || \
-          defined(CONFIG_IDF_TARGET_ESP32C3) || \
-          defined(CONFIG_IDF_TARGET_ESP32C6)
-        ESP_LOGV(TAG, "No SHA-384 HW on the ESP32-C3");
-    #elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
-          defined(CONFIG_IDF_TARGET_ESP32S3)
-        esp_sha384_ctx_copy(src, dst);
-    #else
-        ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
-                       CONFIG_IDF_TARGET);
-    #endif
-#endif
-
-#ifdef HAVE_ARIA
-    dst->hSession = NULL;
-    if((src->hSession != NULL) && (MC_CopySession(src->hSession, &(dst->hSession)) != MC_OK)) {
-        return MEMORY_E;
-    }
-#endif
-
-#ifdef WOLFSSL_HASH_FLAGS
-     dst->flags |= WC_HASH_FLAG_ISCOPY;
-#endif
-
-#if defined(WOLFSSL_HASH_KEEP)
-    if (src->msg != NULL) {
-        dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (dst->msg == NULL)
-            return MEMORY_E;
-        XMEMCPY(dst->msg, src->msg, src->len);
-    }
-#endif
-
-#ifdef MAX3266X_SHA_CB
-    ret = wc_MXC_TPU_SHA_Copy(&(src->mxcCtx), &(dst->mxcCtx));
-    if (ret != 0) {
-        return ret;
-    }
-#endif
-
-#if defined(PSOC6_HASH_SHA2)
-    wc_Psoc6_Sha1_Sha2_Init(dst, WC_PSOC6_SHA384, 0);
-#endif
-
-    return ret;
-}
-
-#endif /* WOLFSSL_KCAPI_HASH */
-
-#ifdef WOLFSSL_HASH_FLAGS
-int wc_Sha384SetFlags(wc_Sha384* sha384, word32 flags)
-{
-    if (sha384) {
-        sha384->flags = flags;
-    }
-    return 0;
-}
-int wc_Sha384GetFlags(wc_Sha384* sha384, word32* flags)
-{
-    if (sha384 && flags) {
-        *flags = sha384->flags;
-    }
-    return 0;
-}
-#endif
-
-#endif /* WOLFSSL_SHA384 */
-
-#ifdef WOLFSSL_HASH_KEEP
-/* Some hardware have issues with update, this function stores the data to be
- * hashed into an array. Once ready, the Final operation is called on all of the
- * data to be hashed at once.
- * returns 0 on success
- */
-int wc_Sha512_Grow(wc_Sha512* sha512, const byte* in, int inSz)
-{
-    return _wc_Hash_Grow(&(sha512->msg), &(sha512->used), &(sha512->len), in,
-                        inSz, sha512->heap);
-}
-#ifdef WOLFSSL_SHA384
-int wc_Sha384_Grow(wc_Sha384* sha384, const byte* in, int inSz)
-{
-    return _wc_Hash_Grow(&(sha384->msg), &(sha384->used), &(sha384->len), in,
-                        inSz, sha384->heap);
-}
-#endif /* WOLFSSL_SHA384 */
-#endif /* WOLFSSL_HASH_KEEP */
-#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
diff --git a/src/ssl/wolfssl/wolfcrypt/siphash.c b/src/ssl/wolfssl/wolfcrypt/siphash.c
deleted file mode 100644
index 67e26a129..000000000
--- a/src/ssl/wolfssl/wolfcrypt/siphash.c
+++ /dev/null
@@ -1,941 +0,0 @@
-/* siphash.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WC_SIPHASH_NO_ASM) && !defined(WOLFSSL_NO_ASM)
-    #define WOLFSSL_NO_ASM
-#endif
-
-#include <wolfssl/wolfcrypt/siphash.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-
-/* DESCRIPTION
- *
- * SipHash is a PseudoRandom Function (PRF) that can be used with small
- * messages (less than 256 bytes).
- * SipHash can be used for Message Authentication Codes (MACs) and as such must
- * be passed a secret key.
- * https://eprint.iacr.org/2012/351.pdf
- *
- * SipHash is commonly used in hash tables.
- * Do not use this as a hash not as a general purpose MAC.
- *
- * WOLFSSL_SIPHASH_CROUNDS and WOLFSSL_SIPHASH_DROUNDS can be defined at build
- * time to change the algorithm.
- * Default is SipHash-2-4:
- *   WOLFSSL_SIPHASH_CROUNDS = 2
- *   WOLFSSL_SIPHASH_DROUNDS = 4
- *
- * Inline assembly implementations of wc_SipHash() written for:
- *   - GCC for Intel x86_64
- *   - GCC for Aarch64.
- */
-
-#ifdef WOLFSSL_SIPHASH
-
-#ifdef LITTLE_ENDIAN_ORDER
-/**
- * Decode little-endian byte array to 64-bit number.
- *
- * @param [in] a  Little-endian byte array.
- * @return 64-bit number.
- */
-#define GET_U64(a)      readUnalignedWord64(a)
-/**
- * Decode little-endian byte array to 32-bit number.
- *
- * @param [in] a  Little-endian byte array.
- * @return 32-bit number.
- */
-#define GET_U32(a)      readUnalignedWord32(a)
-/**
- * Decode little-endian byte array to 16-bit number.
- *
- * @param [in] a  Little-endian byte array.
- * @return 16-bit number.
- */
-#define GET_U16(a)      (*(word16*)(a))
-/**
- * Encode 64-bit number to a little-endian byte array.
- *
- * @param [out] a  Byte array to write into.
- * @param [in]  n  Number to encode.
- */
-#define SET_U64(a, n)   writeUnalignedWord64(a, n)
-#else
-/**
- * Decode little-endian byte array to 64-bit number.
- *
- * @param [in] a  Little-endian byte array.
- * @return 64-bit number.
- */
-#define GET_U64(a)      (((word64)((a)[7]) << 56) |     \
-                         ((word64)((a)[6]) << 48) |     \
-                         ((word64)((a)[5]) << 40) |     \
-                         ((word64)((a)[4]) << 32) |     \
-                         ((word64)((a)[3]) << 24) |     \
-                         ((word64)((a)[2]) << 16) |     \
-                         ((word64)((a)[1]) <<  8) |     \
-                         ((word64)((a)[0])      ))
-/**
- * Decode little-endian byte array to 32-bit number.
- *
- * @param [in] a  Little-endian byte array.
- * @return 32-bit number.
- */
-#define GET_U32(a)      (((word32)((a)[3]) << 24) |     \
-                         ((word32)((a)[2]) << 16) |     \
-                         ((word32)((a)[1]) <<  8) |     \
-                         ((word32)((a)[0])      ))
-/**
- * Decode little-endian byte array to 16-bit number.
- *
- * @param [in] a  Little-endian byte array.
- * @return 16-bit number.
- */
-#define GET_U16(a)      (((word16)((a)[1]) <<  8) |     \
-                         ((word16)((a)[0])      ))
-/**
- * Encode 64-bit number to a little-endian byte array.
- *
- * @param [out] a  Byte array to write into.
- * @param [in]  n  Number to encode.
- */
-#define SET_U64(a, n)   (a)[0] = (byte)((n)      );     \
-                        (a)[1] = (byte)((n) >>  8);     \
-                        (a)[2] = (byte)((n) >> 16);     \
-                        (a)[3] = (byte)((n) >> 24);     \
-                        (a)[4] = (byte)((n) >> 32);     \
-                        (a)[5] = (byte)((n) >> 40);     \
-                        (a)[6] = (byte)((n) >> 48);     \
-                        (a)[7] = (byte)((n) >> 56)
-#endif
-
-/**
- * Initialize SipHash operation with a key.
- *
- * @param [out] sipHash  SipHash object.
- * @param [in]  key      16 byte array - little endian.
- * @return  BAD_FUNC_ARG when sipHash or key is NULL.
- * @return  BAD_FUNC_ARG when outSz is neither 8 nor 16.
- * @return  0 on success.
- */
-int wc_InitSipHash(SipHash* sipHash, const unsigned char* key,
-    unsigned char outSz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((sipHash == NULL) || (key == NULL) ||
-        ((outSz != SIPHASH_MAC_SIZE_8) && (outSz != SIPHASH_MAC_SIZE_16))) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        word64 k0 = GET_U64(key + 0);
-        word64 k1 = GET_U64(key + 8);
-
-        /* Initialize state with key. */
-        sipHash->v[0] = W64LIT(0x736f6d6570736575);
-        if (outSz == SIPHASH_MAC_SIZE_8) {
-            sipHash->v[1] = W64LIT(0x646f72616e646f6d);
-        }
-        else {
-            sipHash->v[1] = W64LIT(0x646f72616e646f83);
-        }
-        sipHash->v[2] = W64LIT(0x6c7967656e657261);
-        sipHash->v[3] = W64LIT(0x7465646279746573);
-
-        sipHash->v[0] ^= k0;
-        sipHash->v[1] ^= k1;
-        sipHash->v[2] ^= k0;
-        sipHash->v[3] ^= k1;
-
-        /* No cached message bytes. */
-        sipHash->cacheCnt = 0;
-        /* No message bytes compressed yet. */
-        sipHash->inCnt = 0;
-        /* Keep the output size to check against final call. */
-        sipHash->outSz = outSz;
-    }
-
-    return ret;
-}
-
-/**
- * One round of SipHash.
- *
- * @param [in, out] sipHash  SipHash object.
- */
-static WC_INLINE void SipRound(SipHash *sipHash)
-{
-    word64* v = sipHash->v;
-
-    v[0] += v[1];
-    v[2] += v[3];
-    v[1] = rotlFixed64(v[1], 13);
-    v[3] = rotlFixed64(v[3], 16);
-    v[1] ^= v[0];
-    v[3] ^= v[2];
-    v[0] = rotlFixed64(v[0], 32);
-    v[2] += v[1];
-    v[0] += v[3];
-    v[1] = rotlFixed64(v[1], 17);
-    v[3] = rotlFixed64(v[3], 21);
-    v[1] ^= v[2];
-    v[3] ^= v[0];
-    v[2] = rotlFixed64(v[2], 32);
-}
-
-/**
- * One step of the compression operation.
- *
- * @param [in, out] sipHash  SipHash object.
- * @param [in]      m        Message to compress.
- */
-static WC_INLINE void SipHashCompress(SipHash* sipHash, const byte* m)
-{
-    int i;
-
-    sipHash->v[3] ^= GET_U64(m);
-    for (i = 0; i < WOLFSSL_SIPHASH_CROUNDS; i++) {
-        SipRound(sipHash);
-    }
-    sipHash->v[0] ^= GET_U64(m);
-}
-
-/**
- * Update the SipHash operation with more data.
- *
- * @param [in, out] sipHash  SipHash object.
- * @param [in]      in       Input message.
- * @param [in]      inSz     Size of input message.
- * @return  BAD_FUNC_ARG when sipHash is NULL.
- * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
- * @return  0 on success.
- */
-int wc_SipHashUpdate(SipHash* sipHash, const unsigned char* in, word32 inSz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((sipHash == NULL) || ((in == NULL) && (inSz != 0))) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Process any message bytes. */
-    if ((ret == 0) && (inSz > 0)) {
-        /* Add to cache if already started. */
-        if (sipHash->cacheCnt > 0) {
-            byte len = (byte)(SIPHASH_BLOCK_SIZE - sipHash->cacheCnt);
-            if (len > inSz) {
-                len = (byte)inSz;
-            }
-            XMEMCPY(sipHash->cache + sipHash->cacheCnt, in, len);
-            in += len;
-            inSz -= len;
-            sipHash->cacheCnt = (byte)(sipHash->cacheCnt + len);
-
-            if (sipHash->cacheCnt == SIPHASH_BLOCK_SIZE) {
-                /* Compress the block from the cache. */
-                SipHashCompress(sipHash, sipHash->cache);
-                sipHash->inCnt += SIPHASH_BLOCK_SIZE;
-                sipHash->cacheCnt = 0;
-            }
-        }
-
-        /* Process more blocks from message. */
-        while (inSz >= SIPHASH_BLOCK_SIZE) {
-            /* Compress the next block from the message data. */
-            SipHashCompress(sipHash, in);
-            in += SIPHASH_BLOCK_SIZE;
-            inSz -= SIPHASH_BLOCK_SIZE;
-            sipHash->inCnt += SIPHASH_BLOCK_SIZE;
-        }
-
-        if (inSz > 0) {
-            /* Cache remaining message bytes less than a block. */
-            XMEMCPY(sipHash->cache, in, inSz);
-            sipHash->cacheCnt = (byte)inSz;
-        }
-    }
-
-    return ret;
-}
-
-/**
- * Calculate 8-bytes of output.
- *
- * @param [in, out] sipHash  SipHash object.
- * @param [out]     out      Buffer to place 8-bytes of MAC into.
- */
-static WC_INLINE void SipHashOut(SipHash* sipHash, byte* out)
-{
-    word64 n;
-    int i;
-
-    for (i = 0; i < WOLFSSL_SIPHASH_DROUNDS; i++) {
-        SipRound(sipHash);
-    }
-    n = sipHash->v[0] ^ sipHash->v[1] ^ sipHash->v[2] ^ sipHash->v[3];
-    SET_U64(out, n);
-}
-
-/**
- * Finalize SipHash operation.
- *
- * @param [in, out] sipHash  SipHash object.
- * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of output MAC. 8 or 16 only.
- * @return  BAD_FUNC_ARG when sipHash or out is NULL.
- * @return  BAD_FUNC_ARG when outSz is not the same as initialized value.
- * @return  0 on success.
- */
-int wc_SipHashFinal(SipHash* sipHash, unsigned char* out, unsigned char outSz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((sipHash == NULL) || (out == NULL) || (outSz != sipHash->outSz)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Put in remaining cached message bytes. */
-        XMEMSET(sipHash->cache + sipHash->cacheCnt, 0, 7U - sipHash->cacheCnt);
-        sipHash->cache[7] = (byte)(sipHash->inCnt + sipHash->cacheCnt);
-
-        SipHashCompress(sipHash, sipHash->cache);
-        sipHash->cacheCnt = 0;
-
-        /* Output either 8 or 16 bytes. */
-        if (outSz == SIPHASH_MAC_SIZE_8) {
-            sipHash->v[2] ^= (word64)0xff;
-            SipHashOut(sipHash, out);
-        }
-        else {
-            sipHash->v[2] ^= (word64)0xee;
-            SipHashOut(sipHash, out);
-            sipHash->v[1] ^= (word64)0xdd;
-            SipHashOut(sipHash, out + 8);
-        }
-    }
-
-    return ret;
-}
-
-#if !defined(WOLFSSL_NO_ASM) && defined(__GNUC__) && defined(__x86_64__) && \
-    (WOLFSSL_SIPHASH_CROUNDS == 1 || WOLFSSL_SIPHASH_CROUNDS == 2) && \
-    (WOLFSSL_SIPHASH_DROUNDS == 2 || WOLFSSL_SIPHASH_DROUNDS == 4)
-
-#define SIPHASH_ROUND(v0, v1, v2, v3)   \
-        "addq   " #v1 ", " #v0 "\n\t"   \
-        "addq   " #v3 ", " #v2 "\n\t"   \
-        "rolq   $13, " #v1 "\n\t"       \
-        "rolq   $16, " #v3 "\n\t"       \
-        "xorq   " #v0 ", " #v1 "\n\t"   \
-        "xorq   " #v2 ", " #v3 "\n\t"   \
-        "rolq   $32, " #v0 "\n\t"       \
-        "addq   " #v1 ", " #v2 "\n\t"   \
-        "addq   " #v3 ", " #v0 "\n\t"   \
-        "rolq   $17, " #v1 "\n\t"       \
-        "rolq   $21, " #v3 "\n\t"       \
-        "xorq   " #v2 ", " #v1 "\n\t"   \
-        "xorq   " #v0 ", " #v3 "\n\t"   \
-        "rolq   $32, " #v2 "\n\t"
-
-#define SIPHASH_LAST_ROUND(v0, v1, v2, v3)  \
-        "addq   " #v1 ", " #v0 "\n\t"       \
-        "addq   " #v3 ", " #v2 "\n\t"       \
-        "rolq   $13, " #v1 "\n\t"           \
-        "rolq   $16, " #v3 "\n\t"           \
-        "xorq   " #v0 ", " #v1 "\n\t"       \
-        "xorq   " #v2 ", " #v3 "\n\t"       \
-        "addq   " #v1 ", " #v2 "\n\t"       \
-        "rolq   $17, " #v1 "\n\t"           \
-        "rolq   $21, " #v3 "\n\t"           \
-        "xorq   " #v2 ", " #v1 "\n\t"       \
-        "rolq   $32, " #v2 "\n\t"
-
-/**
- * Perform SipHash operation on input with key.
- *
- * @param [in]      key      16 byte array - little endian.
- * @param [in]      in       Input message.
- * @param [in]      inSz     Size of input message.
- * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of output MAC. 8 or 16 only.
- * @return  BAD_FUNC_ARG when key or out is NULL.
- * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
- * @return  BAD_FUNC_ARG when outSz is neither 8 nor 16.
- * @return  0 on success.
- */
-int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
-    unsigned char* out, unsigned char outSz)
-{
-    word64 v0 = 0x736f6d6570736575L;
-    word64 v1 = 0x646f72616e646f6dL;
-    word64 v2 = 0x6c7967656e657261L;
-    word64 v3 = 0x7465646279746573L;
-    word64 k0;
-    word64 k1;
-
-    if ((key == NULL) || ((in == NULL) && (inSz != 0)) || (out == NULL) ||
-            ((outSz != SIPHASH_MAC_SIZE_8) && (outSz != SIPHASH_MAC_SIZE_16))) {
-        return BAD_FUNC_ARG;
-    }
-
-    k0 = ((word64*)key)[0];
-    k1 = ((word64*)key)[1];
-    __asm__ __volatile__ (
-        "xorq   %[k0], %[v0]\n\t"
-        "xorq   %[k1], %[v1]\n\t"
-        "xorq   %[k0], %[v2]\n\t"
-        "xorq   %[k1], %[v3]\n\t"
-
-        "cmp    $8, %[outSz]\n\t"
-        "mov    %[inSz], %k[k1]\n\t"
-        "je     L_siphash_8_top\n\t"
-        "xorq   $0xee, %[v1]\n\t"
-        "L_siphash_8_top:\n\t"
-
-        "sub    $8, %[inSz]\n\t"
-        "jb     L_siphash_done_input_8\n\t"
-        "L_siphash_input:\n\t"
-        "movq   (%[in]), %[k0]\n\t"
-        "addq   $8, %[in]\n\t"
-        "xorq   %[k0], %[v3]\n\t"
-#if WOLFSSL_SIPHASH_CROUNDS == 1
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_CROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "xorq   %[k0], %[v0]\n\t"
-        "sub    $8, %[inSz]\n\t"
-        "jge    L_siphash_input\n\t"
-        "L_siphash_done_input_8:\n\t"
-        "add    $8, %[inSz]\n\t"
-
-        "shlq   $56, %[k1]\n\t"
-        "cmp    $0, %[inSz]\n\t"
-        "je     L_siphash_last_done\n\t"
-        "cmp    $4, %[inSz]\n\t"
-        "jl     L_siphash_last_lt4\n\t"
-
-        "cmp    $7, %[inSz]\n\t"
-        "jl     L_siphash_n7\n\t"
-        "movzbq 6(%[in]), %[k0]\n\t"
-        "shlq   $48, %[k0]\n\t"
-        "orq    %[k0], %[k1]\n\t"
-        "L_siphash_n7:\n\t"
-
-        "cmp    $6, %[inSz]\n\t"
-        "jl     L_siphash_n6\n\t"
-        "movzbq 5(%[in]), %[k0]\n\t"
-        "shlq   $40, %[k0]\n\t"
-        "orq    %[k0], %[k1]\n\t"
-        "L_siphash_n6:\n\t"
-
-        : [in] "+r" (in), [inSz] "+r" (inSz), [k0] "+r" (k0), [k1] "+r" (k1),
-          [v0] "+r" (v0), [v1] "+r" (v1), [v2] "+r" (v2), [v3] "+r" (v3)
-        : [out] "r" (out) , [outSz] "r" (outSz)
-        : "memory"
-    );
-
-    __asm__ __volatile__ (
-        "cmp    $5, %[inSz]\n\t"
-        "jl     L_siphash_n5\n\t"
-        "movzbq 4(%[in]), %[k0]\n\t"
-        "shlq   $32, %[k0]\n\t"
-        "orq    %[k0], %[k1]\n\t"
-        "L_siphash_n5:\n\t"
-
-        "mov    (%[in]), %k[k0]\n\t"
-        "orq    %[k0], %[k1]\n\t"
-        "jmp    L_siphash_last_done\n\t"
-
-        "L_siphash_last_lt4:\n\t"
-
-        "cmp    $1, %[inSz]\n\t"
-        "je     L_siphash_last_1\n\t"
-
-        "cmp    $3, %[inSz]\n\t"
-        "jl     L_siphash_n3\n\t"
-        "movzbq 2(%[in]), %[k0]\n\t"
-        "shlq   $16, %[k0]\n\t"
-        "orq    %[k0], %[k1]\n\t"
-        "L_siphash_n3:\n\t"
-
-        "movw   (%[in]), %w[k0]\n\t"
-        "or     %w[k0], %w[k1]\n\t"
-        "jmp    L_siphash_last_done\n\t"
-
-        "L_siphash_last_1:\n\t"
-        "movb   (%[in]), %b[k0]\n\t"
-        "or     %b[k0], %b[k1]\n\t"
-
-        "L_siphash_last_done:\n\t"
-
-        "xorq   %[k1], %[v3]\n\t"
-#if WOLFSSL_SIPHASH_CROUNDS == 1
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_CROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "xorq   %[k1], %[v0]\n\t"
-
-        : [in] "+r" (in), [inSz] "+r" (inSz), [k0] "+r" (k0), [k1] "+r" (k1),
-          [v0] "+r" (v0), [v1] "+r" (v1), [v2] "+r" (v2), [v3] "+r" (v3)
-        : [out] "r" (out) , [outSz] "r" (outSz)
-        : "memory"
-    );
-
-    __asm__ __volatile__ (
-        "cmp    $8, %[outSz]\n\t"
-        "je     L_siphash_8_end\n\t"
-
-        "xor    $0xee, %b[v2]\n\t"
-#if WOLFSSL_SIPHASH_DROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_DROUNDS == 4
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "movq   %[v0], %[k0]\n\t"
-        "xorq   %[v1], %[k0]\n\t"
-        "xorq   %[v2], %[k0]\n\t"
-        "xorq   %[v3], %[k0]\n\t"
-        "movq   %[k0], (%[out])\n\t"
-
-        "xor    $0xdd, %b[v1]\n\t"
-#if WOLFSSL_SIPHASH_DROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_DROUNDS == 4
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "xorq   %[v3], %[v1]\n\t"
-        "xorq   %[v2], %[v1]\n\t"
-        "movq   %[v1], 8(%[out])\n\t"
-        "jmp    L_siphash_done\n\t"
-
-        "L_siphash_8_end:\n\t"
-        "xor    $0xff, %b[v2]\n\t"
-#if WOLFSSL_SIPHASH_DROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_DROUNDS == 4
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "xorq   %[v3], %[v1]\n\t"
-        "xorq   %[v2], %[v1]\n\t"
-        "movq   %[v1], (%[out])\n\t"
-
-        "L_siphash_done:\n\t"
-
-        : [in] "+r" (in), [inSz] "+r" (inSz), [k0] "+r" (k0), [k1] "+r" (k1),
-          [v0] "+r" (v0), [v1] "+r" (v1), [v2] "+r" (v2), [v3] "+r" (v3)
-        : [out] "r" (out) , [outSz] "r" (outSz)
-        : "memory"
-    );
-
-    return 0;
-}
-
-#elif defined(WOLFSSL_ARMASM) && defined(__GNUC__) && defined(__aarch64__) && \
-    (WOLFSSL_SIPHASH_CROUNDS == 1 || WOLFSSL_SIPHASH_CROUNDS == 2) && \
-    (WOLFSSL_SIPHASH_DROUNDS == 2 || WOLFSSL_SIPHASH_DROUNDS == 4)
-
-#define SIPHASH_ROUND(v0, v1, v2, v3)            \
-        "add    " #v0 ", " #v0 ", " #v1 "\n\t"   \
-        "add    " #v2 ", " #v2 ", " #v3 "\n\t"   \
-        "ror    " #v1 ", " #v1 ", #51\n\t"       \
-        "ror    " #v3 ", " #v3 ", #48\n\t"       \
-        "eor    " #v1 ", " #v1 ", " #v0 "\n\t"   \
-        "eor    " #v3 ", " #v3 ", " #v2 "\n\t"   \
-        "ror    " #v0 ", " #v0 ", #32\n\t"       \
-        "add    " #v2 ", " #v2 ", " #v1 "\n\t"   \
-        "add    " #v0 ", " #v0 ", " #v3 "\n\t"   \
-        "ror    " #v1 ", " #v1 ", #47\n\t"       \
-        "ror    " #v3 ", " #v3 ", #43\n\t"       \
-        "eor    " #v1 ", " #v1 ", " #v2 "\n\t"   \
-        "eor    " #v3 ", " #v3 ", " #v0 "\n\t"   \
-        "ror    " #v2 ", " #v2 ", #32\n\t"
-
-#define SIPHASH_LAST_ROUND(v0, v1, v2, v3)       \
-        "add    " #v0 ", " #v0 ", " #v1 "\n\t"   \
-        "add    " #v2 ", " #v2 ", " #v3 "\n\t"   \
-        "ror    " #v1 ", " #v1 ", #51\n\t"       \
-        "ror    " #v3 ", " #v3 ", #48\n\t"       \
-        "eor    " #v1 ", " #v1 ", " #v0 "\n\t"   \
-        "eor    " #v3 ", " #v3 ", " #v2 "\n\t"   \
-        "add    " #v2 ", " #v2 ", " #v1 "\n\t"   \
-        "ror    " #v1 ", " #v1 ", #47\n\t"       \
-        "ror    " #v3 ", " #v3 ", #43\n\t"       \
-        "eor    " #v1 ", " #v1 ", " #v2 "\n\t"   \
-        "ror    " #v2 ", " #v2 ", #32\n\t"
-
-/**
- * Perform SipHash operation on input with key.
- *
- * @param [in]      key      16 byte array - little endian.
- * @param [in]      in       Input message.
- * @param [in]      inSz     Size of input message.
- * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of output MAC. 8 or 16 only.
- * @return  BAD_FUNC_ARG when key or out is NULL.
- * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
- * @return  BAD_FUNC_ARG when outSz is not 8 nor 16.
- * @return  0 on success.
- */
-int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
-    unsigned char* out, unsigned char outSz)
-{
-    word64 v0 = 0x736f6d6570736575L;
-    word64 v1 = 0x646f72616e646f6dL;
-    word64 v2 = 0x6c7967656e657261L;
-    word64 v3 = 0x7465646279746573L;
-    word64 k0;
-    word64 k1;
-
-    if ((key == NULL) || ((in == NULL) && (inSz != 0)) || (out == NULL) ||
-            ((outSz != SIPHASH_MAC_SIZE_8) && (outSz != SIPHASH_MAC_SIZE_16))) {
-        return BAD_FUNC_ARG;
-    }
-
-    k0 = ((word64*)key)[0];
-    k1 = ((word64*)key)[1];
-    __asm__ __volatile__ (
-        "eor    %[v0], %[v0], %[k0]\n\t"
-        "eor    %[v1], %[v1], %[k1]\n\t"
-        "eor    %[v2], %[v2], %[k0]\n\t"
-        "eor    %[v3], %[v3], %[k1]\n\t"
-
-        "mov    %w[k1], %w[inSz]\n\t"
-        "cmp    %w[outSz], #8\n\t"
-        "b.eq   L_siphash_8_top\n\t"
-        "mov    %w[k0], #0xee\n\t"
-        "eor    %[v1], %[v1], %[k0]\n\t"
-        "L_siphash_8_top:\n\t"
-
-        "subs   %w[inSz], %w[inSz], #8\n\t"
-        "b.mi   L_siphash_done_input_8\n\t"
-        "L_siphash_input:\n\t"
-        "ldr    %[k0], [%[in]], #8\n\t"
-        "eor    %[v3], %[v3], %[k0]\n\t"
-#if WOLFSSL_SIPHASH_CROUNDS == 1
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_CROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "eor    %[v0], %[v0], %[k0]\n\t"
-        "subs   %w[inSz], %w[inSz], #8\n\t"
-        "b.ge   L_siphash_input\n\t"
-        "L_siphash_done_input_8:\n\t"
-        "add    %w[inSz], %w[inSz], #8\n\t"
-
-        "lsl    %[k1], %[k1], #56\n\t"
-        "cmp    %w[inSz], #0\n\t"
-        "b.eq   L_siphash_last_done\n\t"
-        "cmp    %w[inSz], #4\n\t"
-        "b.lt   L_siphash_last_lt4\n\t"
-
-        "cmp    %w[inSz], #7\n\t"
-        "b.lt   L_siphash_n7\n\t"
-        "ldrb   %w[k0], [%[in], 6]\n\t"
-        "orr    %[k1], %[k1], %[k0], lsl 48\n\t"
-        "L_siphash_n7:\n\t"
-
-        "cmp    %w[inSz], #6\n\t"
-        "b.lt   L_siphash_n6\n\t"
-        "ldrb   %w[k0], [%[in], 5]\n\t"
-        "orr    %[k1], %[k1], %[k0], lsl 40\n\t"
-        "L_siphash_n6:\n\t"
-
-        "cmp    %w[inSz], #5\n\t"
-        "b.lt   L_siphash_n5\n\t"
-        "ldrb   %w[k0], [%[in], 4]\n\t"
-        "orr    %[k1], %[k1], %[k0], lsl 32\n\t"
-        "L_siphash_n5:\n\t"
-
-        "ldr    %w[k0], [%[in]]\n\t"
-        "orr    %[k1], %[k1], %[k0]\n\t"
-        "b      L_siphash_last_done\n\t"
-
-        "L_siphash_last_lt4:\n\t"
-
-        "cmp    %w[inSz], #1\n\t"
-        "b.eq   L_siphash_last_1\n\t"
-
-        "cmp    %w[inSz], #3\n\t"
-        "b.lt   L_siphash_n3\n\t"
-        "ldrb   %w[k0], [%[in], 2]\n\t"
-        "orr    %[k1], %[k1], %[k0], lsl 16\n\t"
-        "L_siphash_n3:\n\t"
-
-        "ldrh   %w[k0], [%[in]]\n\t"
-        "orr    %[k1], %[k1], %[k0]\n\t"
-        "b      L_siphash_last_done\n\t"
-
-        "L_siphash_last_1:\n\t"
-        "ldrb   %w[k0], [%[in]]\n\t"
-        "orr    %[k1], %[k1], %[k0]\n\t"
-
-        "L_siphash_last_done:\n\t"
-
-        "eor    %[v3], %[v3], %[k1]\n\t"
-#if WOLFSSL_SIPHASH_CROUNDS == 1
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_CROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "eor    %[v0], %[v0], %[k1]\n\t"
-
-        "cmp    %w[outSz], #8\n\t"
-        "b.eq   L_siphash_8_end\n\t"
-
-        : [in] "+r" (in), [inSz] "+r" (inSz), [k0] "+r" (k0), [k1] "+r" (k1),
-          [v0] "+r" (v0), [v1] "+r" (v1), [v2] "+r" (v2), [v3] "+r" (v3)
-        : [key] "r" (key), [out] "r" (out) , [outSz] "r" (outSz)
-        : "memory"
-    );
-
-    __asm__ __volatile__ (
-
-        "mov    %w[k1], #0xee\n\t"
-        "eor    %[v2], %[v2], %[k1]\n\t"
-#if WOLFSSL_SIPHASH_DROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_DROUNDS == 4
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "eor    %[k0], %[v0], %[v1]\n\t"
-        "eor    %[k1], %[v2], %[v3]\n\t"
-        "eor    %[k0], %[k0], %[k1]\n\t"
-
-        "mov    %w[k1], #0xdd\n\t"
-        "eor    %[v1], %[v1], %[k1]\n\t"
-#if WOLFSSL_SIPHASH_DROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_DROUNDS == 4
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "eor    %[k1], %[v3], %[v1]\n\t"
-        "eor    %[k1], %[k1], %[v2]\n\t"
-        "stp    %[k0], %[k1], [%[out]]\n\t"
-        "b      L_siphash_done\n\t"
-
-        "L_siphash_8_end:\n\t"
-        "mov    %w[k1], #0xff\n\t"
-        "eor    %[v2], %[v2], %[k1]\n\t"
-#if WOLFSSL_SIPHASH_DROUNDS == 2
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#elif WOLFSSL_SIPHASH_DROUNDS == 4
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_ROUND(%[v0], %[v1], %[v2], %[v3])
-        SIPHASH_LAST_ROUND(%[v0], %[v1], %[v2], %[v3])
-#endif
-        "eor    %[k1], %[v3], %[v1]\n\t"
-        "eor    %[k1], %[k1], %[v2]\n\t"
-        "str    %[k1], [%[out]]\n\t"
-
-        "L_siphash_done:\n\t"
-
-        : [in] "+r" (in), [inSz] "+r" (inSz), [k0] "+r" (k0), [k1] "+r" (k1),
-          [v0] "+r" (v0), [v1] "+r" (v1), [v2] "+r" (v2), [v3] "+r" (v3)
-        : [key] "r" (key), [out] "r" (out) , [outSz] "r" (outSz)
-        : "memory"
-    );
-
-    return 0;
-}
-
-#else
-
-#define SipRoundV(v0, v1, v2, v3)   \
-    (v0) += (v1);                   \
-    (v2) += (v3);                   \
-    (v1) = rotlFixed64(v1, 13);     \
-    (v3) = rotlFixed64(v3, 16);     \
-    (v1) ^= (v0);                   \
-    (v3) ^= (v2);                   \
-    (v0) = rotlFixed64(v0, 32);     \
-    (v2) += (v1);                   \
-    (v0) += (v3);                   \
-    (v1) = rotlFixed64(v1, 17);     \
-    (v3) = rotlFixed64(v3, 21);     \
-    (v1) ^= (v2);                   \
-    (v3) ^= (v0);                   \
-    (v2) = rotlFixed64(v2, 32);
-
-#define SipHashCompressV(v0, v1, v2, v3, m)             \
-    do {                                                \
-        int i;                                          \
-        (v3) ^= (m);                                    \
-        for (i = 0; i < WOLFSSL_SIPHASH_CROUNDS; i++) { \
-            SipRoundV(v0, v1, v2, v3);                  \
-        }                                               \
-        (v0) ^= (m);                                    \
-    }                                                   \
-    while (0)
-
-#define SipHashOutV(v0, v1, v2, v3, out)                \
-    do {                                                \
-        word64 n;                                       \
-        int i;                                          \
-                                                        \
-        for (i = 0; i < WOLFSSL_SIPHASH_DROUNDS; i++) { \
-            SipRoundV(v0, v1, v2, v3);                  \
-        }                                               \
-        n = (v0) ^ (v1) ^ (v2) ^ (v3);                  \
-        SET_U64(out, n);                                \
-    }                                                   \
-    while (0)
-
-/**
- * Perform SipHash operation on input with key.
- *
- * @param [in]      key      16 byte array - little endian.
- * @param [in]      in       Input message.
- * @param [in]      inSz     Size of input message.
- * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of output MAC. 8 or 16 only.
- * @return  BAD_FUNC_ARG when key or out is NULL.
- * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
- * @return  BAD_FUNC_ARG when outSz is not 8 nor 16.
- * @return  0 on success.
- */
-int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
-    unsigned char* out, unsigned char outSz)
-{
-    int ret = 0;
-
-    if ((key == NULL) || ((in == NULL) && (inSz != 0)) || (out == NULL) ||
-            ((outSz != SIPHASH_MAC_SIZE_8) && (outSz != SIPHASH_MAC_SIZE_16))) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        word64 v0, v1, v2, v3;
-        word64 k0 = GET_U64(key + 0);
-        word64 k1 = GET_U64(key + 8);
-        word64 b = (word64)((word64)inSz << 56);
-
-        /* Initialize state with key. */
-        v0 = 0x736f6d6570736575ULL;
-        v1 = 0x646f72616e646f6dULL;
-        v2 = 0x6c7967656e657261ULL;
-        v3 = 0x7465646279746573ULL;
-
-        if (outSz == SIPHASH_MAC_SIZE_16) {
-            v1 ^= 0xee;
-        }
-
-        v0 ^= k0;
-        v1 ^= k1;
-        v2 ^= k0;
-        v3 ^= k1;
-
-        /* Process blocks from message. */
-        while (inSz >= SIPHASH_BLOCK_SIZE) {
-            word64 m = GET_U64(in);
-            /* Compress the next block from the message data. */
-            SipHashCompressV(v0, v1, v2, v3, m);
-            in += SIPHASH_BLOCK_SIZE;
-            inSz -= SIPHASH_BLOCK_SIZE;
-        }
-
-        switch (inSz) {
-            case 7:
-                b |= (word64)in[6] << 48;
-                FALL_THROUGH;
-            case 6:
-                b |= (word64)in[5] << 40;
-                FALL_THROUGH;
-            case 5:
-                b |= (word64)in[4] << 32;
-                FALL_THROUGH;
-            case 4:
-                b |= (word64)GET_U32(in);
-                break;
-            case 3:
-                b |= (word64)in[2] << 16;
-                FALL_THROUGH;
-            case 2:
-                b |= (word64)GET_U16(in);
-                break;
-            case 1:
-                b |= (word64)in[0];
-                break;
-            case 0:
-                break;
-        }
-        SipHashCompressV(v0, v1, v2, v3, b);
-
-        /* Output either 8 or 16 bytes. */
-        if (outSz == SIPHASH_MAC_SIZE_8) {
-            v2 ^= (word64)0xff;
-            SipHashOutV(v0, v1, v2, v3, out);
-        }
-        else {
-            v2 ^= (word64)0xee;
-            SipHashOutV(v0, v1, v2, v3, out);
-            v1 ^= (word64)0xdd;
-            SipHashOutV(v0, v1, v2, v3, out + 8);
-        }
-    }
-
-    return ret;
-}
-#endif /* !ASM */
-
-#endif /* WOLFSSL_SIPHASH */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_arm32.c b/src/ssl/wolfssl/wolfcrypt/sp_arm32.c
deleted file mode 100644
index 73221adb2..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_arm32.c
+++ /dev/null
@@ -1,158628 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifdef WOLFSSL_SP_ARM32_ASM
-#define SP_PRINT_NUM(var, name, total, words, bits)         \
-    do {                                                    \
-        int ii;                                             \
-        fprintf(stderr, name "=0x");                        \
-        for (ii = (((bits) + 31) / 32) - 1; ii >= 0; ii--)  \
-            fprintf(stderr, SP_PRINT_FMT, (var)[ii]);       \
-        fprintf(stderr, "\n");                              \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                             \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                             \
-    fprintf(stderr, name "=%d\n", var)
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_64(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 63; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_64(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_64(a)
-
-#ifndef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        /* A[0] * B[0] */
-        "ldr	r11, [%[a]]\n\t"
-        "ldr	r12, [%[b]]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r3, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * B[0] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * B[1] */
-        "ldr	r11, [%[a], #4]\n\t"
-        "ldr	r12, [%[b], #4]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[0] * B[2] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[1] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[1] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[0] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[1] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[2] */
-        "ldr	r11, [%[a], #8]\n\t"
-        "ldr	r12, [%[b], #8]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * B[3] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[0] * B[4] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * B[4] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[2] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[1] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[0] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[1] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[2] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[3] */
-        "ldr	r11, [%[a], #12]\n\t"
-        "ldr	r12, [%[b], #12]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[4] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[1] * B[5] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[0] * B[6] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * B[6] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[5] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[3] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[2] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[1] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[0] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* A[7] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[2] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[3] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[4] */
-        "ldr	r11, [%[a], #16]\n\t"
-        "ldr	r12, [%[b], #16]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[5] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[6] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * B[7] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        /* A[2] * B[7] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[6] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[4] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[3] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[7] * B[2] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        /* A[7] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[4] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[5] */
-        "ldr	r11, [%[a], #20]\n\t"
-        "ldr	r12, [%[b], #20]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[6] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[7] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        /* A[4] * B[7] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[5] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[7] * B[4] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        /* A[7] * B[5] */
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[6] */
-        "ldr	r11, [%[a], #24]\n\t"
-        "ldr	r12, [%[b], #24]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[7] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        /* A[6] * B[7] */
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[6] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        /* A[7] * B[7] */
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #36\n\t"
-        "str	%[r], [sp, #32]\n\t"
-        "mov	%[r], #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        /* A[0] * B[0] */
-        "ldr	lr, [%[b]]\n\t"
-        "umull	r3, r4, r12, lr\n\t"
-        /* A[0] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "umull	r5, r6, r12, lr\n\t"
-        /* A[0] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "umull	r7, r8, r12, lr\n\t"
-        /* A[0] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "umull	r9, r10, r12, lr\n\t"
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "mov	r11, %[r]\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[0] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[0] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[0] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r3, %[r], #0\n\t"
-        "umlal	r10, r3, r12, lr\n\t"
-        /* A[1] * B[0] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[1] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[1] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[1] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[1] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[1] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[1] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[1] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r4, %[r], #0\n\t"
-        "umlal	r3, r4, r12, lr\n\t"
-        /* A[2] * B[0] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "str	r5, [sp, #8]\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[2] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[2] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[2] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[2] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[2] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[2] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[2] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r5, %[r], #0\n\t"
-        "umlal	r4, r5, r12, lr\n\t"
-        /* A[3] * B[0] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "str	r6, [sp, #12]\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[3] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[3] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[3] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[3] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[3] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[3] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[3] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r6, %[r], #0\n\t"
-        "umlal	r5, r6, r12, lr\n\t"
-        /* A[4] * B[0] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "str	r7, [sp, #16]\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[4] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[4] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[4] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[4] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[4] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[4] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[4] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r7, %[r], #0\n\t"
-        "umlal	r6, r7, r12, lr\n\t"
-        /* A[5] * B[0] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "str	r8, [sp, #20]\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[5] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[5] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[5] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[5] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[5] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[5] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[5] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r8, %[r], #0\n\t"
-        "umlal	r7, r8, r12, lr\n\t"
-        /* A[6] * B[0] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[6] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[6] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[6] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[6] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[6] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[6] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[6] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r9, %[r], #0\n\t"
-        "umlal	r8, r9, r12, lr\n\t"
-        /* A[7] * B[0] */
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "str	r10, [sp, #28]\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[7] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[7] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[7] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[7] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[7] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[7] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[7] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r10, %[r], #0\n\t"
-        "umlal	r9, r10, r12, lr\n\t"
-        "ldr	%[r], [sp, #32]\n\t"
-        "add	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "sub	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	sp, sp, #36\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #44\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	%[r], [sp, #36]\n\t"
-        "str	%[a], [sp, #40]\n\t"
-#else
-        "strd	%[r], %[a], [sp, #36]\n\t"
-#endif
-        "mov	lr, %[b]\n\t"
-        "ldm	%[a], {r0, r1, r2, r3}\n\t"
-        "ldm	lr!, {r4, r5, r6}\n\t"
-        "umull	r10, r11, %[r], r4\n\t"
-        "umull	r12, r7, %[a], r4\n\t"
-        "umaal	r11, r12, %[r], r5\n\t"
-        "umull	r8, r9, %[b], r4\n\t"
-        "umaal	r12, r8, %[a], r5\n\t"
-        "umaal	r12, r7, %[r], r6\n\t"
-        "umaal	r8, r9, r3, r4\n\t"
-        "stm	sp, {r10, r11, r12}\n\t"
-        "umaal	r7, r8, %[b], r5\n\t"
-        "ldm	lr!, {r4}\n\t"
-        "umull	r10, r11, %[a], r6\n\t"
-        "umaal	r8, r9, %[b], r6\n\t"
-        "umaal	r7, r10, %[r], r4\n\t"
-        "umaal	r8, r11, r3, r5\n\t"
-        "str	r7, [sp, #12]\n\t"
-        "umaal	r8, r10, %[a], r4\n\t"
-        "umaal	r9, r11, r3, r6\n\t"
-        "umaal	r9, r10, %[b], r4\n\t"
-        "umaal	r10, r11, r3, r4\n\t"
-        "ldm	lr, {r4, r5, r6, r7}\n\t"
-        "mov	r12, #0\n\t"
-        "umlal	r8, r12, %[r], r4\n\t"
-        "umaal	r9, r12, %[a], r4\n\t"
-        "umaal	r10, r12, %[b], r4\n\t"
-        "umaal	r11, r12, r3, r4\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r9, r4, %[r], r5\n\t"
-        "umaal	r10, r4, %[a], r5\n\t"
-        "umaal	r11, r4, %[b], r5\n\t"
-        "umaal	r12, r4, r3, r5\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, %[r], r6\n\t"
-        "umaal	r11, r5, %[a], r6\n\t"
-        "umaal	r12, r5, %[b], r6\n\t"
-        "umaal	r4, r5, r3, r6\n\t"
-        "mov	r6, #0\n\t"
-        "umlal	r11, r6, %[r], r7\n\t"
-        "ldr	%[r], [sp, #40]\n\t"
-        "umaal	r12, r6, %[a], r7\n\t"
-        "add	%[r], %[r], #16\n\t"
-        "umaal	r4, r6, %[b], r7\n\t"
-        "sub	lr, lr, #16\n\t"
-        "umaal	r5, r6, r3, r7\n\t"
-        "ldm	%[r], {r0, r1, r2, r3}\n\t"
-        "str	r6, [sp, #32]\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r7, #0\n\t"
-        "umlal	r8, r7, %[r], r6\n\t"
-        "umaal	r9, r7, %[a], r6\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "umaal	r10, r7, %[b], r6\n\t"
-        "umaal	r11, r7, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r8, #0\n\t"
-        "umlal	r9, r8, %[r], r6\n\t"
-        "umaal	r10, r8, %[a], r6\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "umaal	r11, r8, %[b], r6\n\t"
-        "umaal	r12, r8, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r9, #0\n\t"
-        "umlal	r10, r9, %[r], r6\n\t"
-        "umaal	r11, r9, %[a], r6\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "umaal	r12, r9, %[b], r6\n\t"
-        "umaal	r4, r9, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r10, #0\n\t"
-        "umlal	r11, r10, %[r], r6\n\t"
-        "umaal	r12, r10, %[a], r6\n\t"
-        "str	r11, [sp, #28]\n\t"
-        "umaal	r4, r10, %[b], r6\n\t"
-        "umaal	r5, r10, r3, r6\n\t"
-        "ldm	lr!, {r11}\n\t"
-        "umaal	r12, r7, %[r], r11\n\t"
-        "umaal	r4, r7, %[a], r11\n\t"
-        "ldr	r6, [sp, #32]\n\t"
-        "umaal	r5, r7, %[b], r11\n\t"
-        "umaal	r6, r7, r3, r11\n\t"
-        "ldm	lr!, {r11}\n\t"
-        "umaal	r4, r8, %[r], r11\n\t"
-        "umaal	r5, r8, %[a], r11\n\t"
-        "umaal	r6, r8, %[b], r11\n\t"
-        "umaal	r7, r8, r3, r11\n\t"
-        "ldm	lr, {r11, lr}\n\t"
-        "umaal	r5, r9, %[r], r11\n\t"
-        "umaal	r6, r10, %[r], lr\n\t"
-        "umaal	r6, r9, %[a], r11\n\t"
-        "umaal	r7, r10, %[a], lr\n\t"
-        "umaal	r7, r9, %[b], r11\n\t"
-        "umaal	r8, r10, %[b], lr\n\t"
-        "umaal	r8, r9, r3, r11\n\t"
-        "umaal	r9, r10, r3, lr\n\t"
-        "mov	r3, r12\n\t"
-        "ldr	lr, [sp, #36]\n\t"
-        "add	lr, lr, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "sub	lr, lr, #32\n\t"
-        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	sp, sp, #44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7",
-            "r8", "r9", "lr"
-    );
-}
-
-#endif
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[16];
-    sp_digit a1[8];
-    sp_digit b1[8];
-    sp_digit* z2 = r + 16;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_8(a1, a, &a[8]);
-    cb = sp_2048_add_8(b1, b, &b[8]);
-    u  = ca & cb;
-
-    sp_2048_mul_8(z2, &a[8], &b[8]);
-    sp_2048_mul_8(z0, a, b);
-    sp_2048_mul_8(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(z1, z2);
-    sp_2048_mask_8(a1, a1, 0 - cb);
-    u += sp_2048_add_8(z1 + 8, z1 + 8, a1);
-    sp_2048_mask_8(b1, b1, 0 - ca);
-    u += sp_2048_add_8(z1 + 8, z1 + 8, b1);
-
-    u += sp_2048_add_16(r + 8, r + 8, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (8 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_8(r + 24, r + 24, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_16(a1, a, &a[16]);
-    cb = sp_2048_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_2048_mul_16(z2, &a[16], &b[16]);
-    sp_2048_mul_16(z0, a, b);
-    sp_2048_mul_16(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(z1, z2);
-    sp_2048_mask_16(a1, a1, 0 - cb);
-    u += sp_2048_add_16(z1 + 16, z1 + 16, a1);
-    sp_2048_mask_16(b1, b1, 0 - ca);
-    u += sp_2048_add_16(z1 + 16, z1 + 16, b1);
-
-    u += sp_2048_add_32(r + 16, r + 16, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (16 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_16(r + 48, r + 48, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[64];
-    sp_digit a1[32];
-    sp_digit b1[32];
-    sp_digit* z2 = r + 64;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_32(a1, a, &a[32]);
-    cb = sp_2048_add_32(b1, b, &b[32]);
-    u  = ca & cb;
-
-    sp_2048_mul_32(z2, &a[32], &b[32]);
-    sp_2048_mul_32(z0, a, b);
-    sp_2048_mul_32(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_64(z1, z0);
-    u += sp_2048_sub_in_place_64(z1, z2);
-    sp_2048_mask_32(a1, a1, 0 - cb);
-    u += sp_2048_add_32(z1 + 32, z1 + 32, a1);
-    sp_2048_mask_32(b1, b1, 0 - ca);
-    u += sp_2048_add_32(z1 + 32, z1 + 32, b1);
-
-    u += sp_2048_add_64(r + 32, r + 32, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (32 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_32(r + 96, r + 96, a1);
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        /* A[0] * A[0] */
-        "ldr	r10, [%[a]]\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r2, r10, #16\n\t"
-        "lsr	r2, r2, #16\n\t"
-        "mul	r8, r2, r2\n\t"
-        "mul	r3, r9, r9\n\t"
-        "mul	r2, r9, r2\n\t"
-        "lsr	r9, r2, #15\n\t"
-        "lsl	r2, r2, #17\n\t"
-        "adds	r8, r8, r2\n\t"
-        "adc	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[1] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[2] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[2] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[2] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[3] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[2] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[3] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #28]\n\t"
-        /* A[1] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[2] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[3] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[4] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        /* A[2] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[3] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[4] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        /* A[3] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[4] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[5] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        /* A[4] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        /* A[5] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        /* A[6] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        /* A[7] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        "mov	%[r], #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        /* A[0] * A[1] */
-        "ldr	lr, [%[a], #4]\n\t"
-        "umull	r4, r5, r12, lr\n\t"
-        /* A[0] * A[3] */
-        "ldr	lr, [%[a], #12]\n\t"
-        "umull	r6, r7, r12, lr\n\t"
-        /* A[0] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "umull	r8, r9, r12, lr\n\t"
-        /* A[0] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "umull	r10, r3, r12, lr\n\t"
-        /* A[0] * A[2] */
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[0] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[0] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "str	r5, [sp, #8]\n\t"
-        /* A[1] * A[2] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "str	r6, [sp, #12]\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[1] * A[3] */
-        "ldr	lr, [%[a], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "str	r7, [sp, #16]\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[1] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[1] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[1] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[1] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r4, %[r], #0\n\t"
-        "umlal	r3, r4, r12, lr\n\t"
-        /* A[2] * A[3] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[a], #12]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "str	r8, [sp, #20]\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[2] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[2] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[2] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[2] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r5, %[r], #0\n\t"
-        "umlal	r4, r5, r12, lr\n\t"
-        /* A[3] * A[4] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[a], #16]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "str	r10, [sp, #28]\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[3] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[3] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[3] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r6, %[r], #0\n\t"
-        "umlal	r5, r6, r12, lr\n\t"
-        /* A[4] * A[5] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[a], #20]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[4] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[4] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r7, %[r], #0\n\t"
-        "umlal	r6, r7, r12, lr\n\t"
-        /* A[5] * A[6] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[a], #24]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[5] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r8, %[r], #0\n\t"
-        "umlal	r7, r8, r12, lr\n\t"
-        /* A[6] * A[7] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[a], #28]\n\t"
-        "mov	r9, #0\n\t"
-        "umlal	r8, r9, r12, lr\n\t"
-        "add	lr, sp, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "add	lr, sp, #4\n\t"
-        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "adcs	r3, r3, r3\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adc	r10, %[r], #0\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	lr, sp, #4\n\t"
-        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "mov	lr, sp\n\t"
-        /* A[0] * A[0] */
-        "ldr	r12, [%[a]]\n\t"
-        "umull	r3, r11, r12, r12\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[1] * A[1] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, r12\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[2] * A[2] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, r12\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[3] * A[3] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, r12\n\t"
-        "adds	r10, r10, r11\n\t"
-        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* A[4] * A[4] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, r12\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[5] * A[5] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, r12\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[6] * A[6] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, r12\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[7] * A[7] */
-        "ldr	r12, [%[a], #28]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r10, #0\n\t"
-        "umlal	r9, r10, r12, r12\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "add	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "sub	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        "str	%[r], [sp, #28]\n\t"
-        "ldm	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
-        "umull	r9, r10, %[r], %[r]\n\t"
-        "umull	r11, r12, %[r], %[a]\n\t"
-        "adds	r11, r11, r11\n\t"
-        "mov	lr, #0\n\t"
-        "umaal	r10, r11, lr, lr\n\t"
-        "stm	sp, {r9, r10}\n\t"
-        "mov	r8, lr\n\t"
-        "umaal	r8, r12, %[r], r2\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "umaal	r8, r11, %[a], %[a]\n\t"
-        "umull	r9, r10, %[r], r3\n\t"
-        "umaal	r9, r12, %[a], r2\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, lr, lr\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [sp, #8]\n\t"
-        "str	r9, [sp, #12]\n\t"
-#else
-        "strd	r8, r9, [sp, #8]\n\t"
-#endif
-        "mov	r9, lr\n\t"
-        "umaal	r9, r10, %[r], r4\n\t"
-        "umaal	r9, r12, %[a], r3\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, r2, r2\n\t"
-        "str	r9, [sp, #16]\n\t"
-        "umull	r9, r8, %[r], r5\n\t"
-        "umaal	r9, r12, %[a], r4\n\t"
-        "umaal	r9, r10, r2, r3\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, lr, lr\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "mov	r9, lr\n\t"
-        "umaal	r9, r8, %[r], r6\n\t"
-        "umaal	r9, r12, %[a], r5\n\t"
-        "umaal	r9, r10, r2, r4\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, r3, r3\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "umull	%[r], r9, %[r], r7\n\t"
-        "umaal	%[r], r8, %[a], r6\n\t"
-        "umaal	%[r], r12, r2, r5\n\t"
-        "umaal	%[r], r10, r3, r4\n\t"
-        "adcs	%[r], %[r], %[r]\n\t"
-        "umaal	%[r], r11, lr, lr\n\t"
-        /* R[7] = r0 */
-        "umaal	r9, r8, %[a], r7\n\t"
-        "umaal	r9, r10, r2, r6\n\t"
-        "umaal	r12, r9, r3, r5\n\t"
-        "adcs	r12, r12, r12\n\t"
-        "umaal	r12, r11, r4, r4\n\t"
-        /* R[8] = r12 */
-        "umaal	r9, r8, r2, r7\n\t"
-        "umaal	r10, r9, r3, r6\n\t"
-        "mov	r2, lr\n\t"
-        "umaal	r10, r2, r4, r5\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "umaal	r11, r10, lr, lr\n\t"
-        /* R[9] = r11 */
-        "umaal	r2, r8, r3, r7\n\t"
-        "umaal	r2, r9, r4, r6\n\t"
-        "adcs	r3, r2, r2\n\t"
-        "umaal	r10, r3, r5, r5\n\t"
-        /* R[10] = r10 */
-        "mov	%[a], lr\n\t"
-        "umaal	%[a], r8, r4, r7\n\t"
-        "umaal	%[a], r9, r5, r6\n\t"
-        "adcs	r4, %[a], %[a]\n\t"
-        "umaal	r3, r4, lr, lr\n\t"
-        /* R[11] = r3 */
-        "umaal	r8, r9, r5, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "umaal	r4, r8, r6, r6\n\t"
-        /* R[12] = r4 */
-        "mov	r5, lr\n\t"
-        "umaal	r5, r9, r6, r7\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "umaal	r8, r5, lr, lr\n\t"
-        /* R[13] = r8 */
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r5, r7, r7\n\t"
-        "adcs	r7, r5, lr\n\t"
-        /* R[14] = r9 */
-        /* R[15] = r7 */
-        "ldr	lr, [sp, #28]\n\t"
-        "add	lr, lr, #28\n\t"
-        "stm	lr!, {r0, r12}\n\t"
-        "stm	lr!, {r11}\n\t"
-        "stm	lr!, {r10}\n\t"
-        "stm	lr!, {r3, r4, r8, r9}\n\t"
-        "stm	lr!, {r7}\n\t"
-        "sub	lr, lr, #0x40\n\t"
-        "ldm	sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "stm	lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "add	sp, sp, #32\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#endif
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 16;
-    sp_digit z1[16];
-    sp_digit* a1 = z1;
-    sp_digit zero[8];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 8);
-
-    mask = sp_2048_sub_8(a1, a, &a[8]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_8(a1, p1, p2);
-
-    sp_2048_sqr_8(z2, &a[8]);
-    sp_2048_sqr_8(z0, a);
-    sp_2048_sqr_8(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_16(z1, z2);
-    u -= sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(r + 8, z1);
-    zero[0] = u;
-    (void)sp_2048_add_8(r + 24, r + 24, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit zero[16];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_2048_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_16(a1, p1, p2);
-
-    sp_2048_sqr_16(z2, &a[16]);
-    sp_2048_sqr_16(z0, a);
-    sp_2048_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_32(z1, z2);
-    u -= sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(r + 16, z1);
-    zero[0] = u;
-    (void)sp_2048_add_16(r + 48, r + 48, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 64;
-    sp_digit z1[64];
-    sp_digit* a1 = z1;
-    sp_digit zero[32];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 32);
-
-    mask = sp_2048_sub_32(a1, a, &a[32]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_32(a1, p1, p2);
-
-    sp_2048_sqr_32(z2, &a[32]);
-    sp_2048_sqr_32(z0, a);
-    sp_2048_sqr_32(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_64(z1, z2);
-    u -= sp_2048_sub_in_place_64(z1, z0);
-    u += sp_2048_sub_in_place_64(r + 32, z1);
-    zero[0] = u;
-    (void)sp_2048_add_32(r + 96, r + 96, zero);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0x100\n\t"
-        "\n"
-    "L_sp_2048_add_64_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_2048_add_64_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x100\n\t"
-        "\n"
-    "L_sp_2048_sub_in_pkace_64_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_2048_sub_in_pkace_64_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x200\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_2048_mul_64_outer_%=: \n\t"
-        "subs	r3, r5, #0xfc\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_2048_mul_64_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_2048_mul_64_inner_done_%=\n\t"
-        "blt	L_sp_2048_mul_64_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_2048_mul_64_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x1f4\n\t"
-        "ble	L_sp_2048_mul_64_outer_%=\n\t"
-        "ldr	lr, [%[a], #252]\n\t"
-        "ldr	r11, [%[b], #252]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_2048_mul_64_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_2048_mul_64_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x200\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_outer_%=: \n\t"
-        "subs	r3, r5, #0xfc\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_2048_sqr_64_inner_done_%=\n\t"
-        "blt	L_sp_2048_sqr_64_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_2048_sqr_64_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x1f4\n\t"
-        "ble	L_sp_2048_sqr_64_outer_%=\n\t"
-        "ldr	lr, [%[a], #252]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_2048_sqr_64_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0x80\n\t"
-        "\n"
-    "L_sp_2048_add_32_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_2048_add_32_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x80\n\t"
-        "\n"
-    "L_sp_2048_sub_in_pkace_32_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_2048_sub_in_pkace_32_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x100\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_2048_mul_32_outer_%=: \n\t"
-        "subs	r3, r5, #0x7c\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_2048_mul_32_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_2048_mul_32_inner_done_%=\n\t"
-        "blt	L_sp_2048_mul_32_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_2048_mul_32_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf4\n\t"
-        "ble	L_sp_2048_mul_32_outer_%=\n\t"
-        "ldr	lr, [%[a], #124]\n\t"
-        "ldr	r11, [%[b], #124]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_2048_mul_32_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_2048_mul_32_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x100\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_outer_%=: \n\t"
-        "subs	r3, r5, #0x7c\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_2048_sqr_32_inner_done_%=\n\t"
-        "blt	L_sp_2048_sqr_32_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_2048_sqr_32_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf4\n\t"
-        "ble	L_sp_2048_sqr_32_outer_%=\n\t"
-        "ldr	lr, [%[a], #124]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_2048_sqr_32_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_2048_mul_d_64_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0x100\n\t"
-        "blt	L_sp_2048_mul_d_64_word_%=\n\t"
-        "str	r3, [%[r], #256]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[17] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[18] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[19] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[20] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[21] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[22] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[23] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[24] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[25] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[26] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[27] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[28] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[29] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[30] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[31] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[32] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[33] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[34] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[35] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[36] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[37] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[38] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[39] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[40] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[41] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[42] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[43] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[44] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[45] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[46] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[47] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[48] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[49] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[50] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[51] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[52] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[53] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[54] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[55] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[56] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[57] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[58] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[59] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[60] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[61] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[62] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[63] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "str	r4, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 32);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_32(r, m);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_2048_cond_sub_32_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0x80\n\t"
-        "blt	L_sp_2048_cond_sub_32_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_32_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #124]\n\t"
-#else
-        "ldr	r7, [%[m], #124]\n\t"
-#endif
-        "ldr	r10, [%[a], #124]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x80\n\t"
-        "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_32_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x80\n\t"
-        "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_32_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r10, [%[m], #68]\n\t"
-        "ldr	r9, [%[a], #68]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r10, [%[m], #72]\n\t"
-        "ldr	r9, [%[a], #72]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r10, [%[m], #76]\n\t"
-        "ldr	r9, [%[a], #76]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r10, [%[m], #80]\n\t"
-        "ldr	r9, [%[a], #80]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r10, [%[m], #84]\n\t"
-        "ldr	r9, [%[a], #84]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r10, [%[m], #88]\n\t"
-        "ldr	r9, [%[a], #88]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r10, [%[m], #92]\n\t"
-        "ldr	r9, [%[a], #92]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r10, [%[m], #96]\n\t"
-        "ldr	r9, [%[a], #96]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r10, [%[m], #100]\n\t"
-        "ldr	r9, [%[a], #100]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r10, [%[m], #104]\n\t"
-        "ldr	r9, [%[a], #104]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r10, [%[m], #108]\n\t"
-        "ldr	r9, [%[a], #108]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r10, [%[m], #112]\n\t"
-        "ldr	r9, [%[a], #112]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r10, [%[m], #116]\n\t"
-        "ldr	r9, [%[a], #116]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r10, [%[m], #120]\n\t"
-        "ldr	r9, [%[a], #120]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r10, [%[m], #124]\n\t"
-        "ldr	r9, [%[a], #124]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #128]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #124]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #128]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0x80\n\t"
-        "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_32(r, a, b);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_32(r, a);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_2048_mul_d_32_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0x80\n\t"
-        "blt	L_sp_2048_mul_d_32_word_%=\n\t"
-        "str	r3, [%[r], #128]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[17] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[18] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[19] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[20] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[21] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[22] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[23] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[24] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[25] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[26] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[27] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[28] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[29] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[30] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[31] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "str	r5, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_32(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_32(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_2048_word_32_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_2048_word_32_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #0x7c\n\t"
-        "\n"
-    "L_sp_2048_cmp_32_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_2048_cmp_32_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #124]\n\t"
-        "ldr	lr, [%[b], #124]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #120]\n\t"
-        "ldr	lr, [%[b], #120]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #116]\n\t"
-        "ldr	lr, [%[b], #116]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #112]\n\t"
-        "ldr	lr, [%[b], #112]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #108]\n\t"
-        "ldr	lr, [%[b], #108]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #104]\n\t"
-        "ldr	lr, [%[b], #104]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #100]\n\t"
-        "ldr	lr, [%[b], #100]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #96]\n\t"
-        "ldr	lr, [%[b], #96]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #92]\n\t"
-        "ldr	lr, [%[b], #92]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #88]\n\t"
-        "ldr	lr, [%[b], #88]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #84]\n\t"
-        "ldr	lr, [%[b], #84]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #80]\n\t"
-        "ldr	lr, [%[b], #80]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #76]\n\t"
-        "ldr	lr, [%[b], #76]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #72]\n\t"
-        "ldr	lr, [%[b], #72]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #68]\n\t"
-        "ldr	lr, [%[b], #68]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_2048_cmp_32(&t1[32], d) >= 0;
-    sp_2048_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_2048_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_32(t1, d) >= 0;
-    sp_2048_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_2048_div_32(a, m, NULL, r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 64);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 64);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_32(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 64);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_64(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_2048_cond_sub_64_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0x100\n\t"
-        "blt	L_sp_2048_cond_sub_64_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_64_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r7, [%[m], #192]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r7, [%[m], #196]\n\t"
-        "ldr	r10, [%[a], #196]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #196]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r7, [%[m], #200]\n\t"
-        "ldr	r10, [%[a], #200]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #200]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r7, [%[m], #204]\n\t"
-        "ldr	r10, [%[a], #204]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #204]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r7, [%[m], #208]\n\t"
-        "ldr	r10, [%[a], #208]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #208]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r7, [%[m], #212]\n\t"
-        "ldr	r10, [%[a], #212]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #212]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r7, [%[m], #216]\n\t"
-        "ldr	r10, [%[a], #216]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #216]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r7, [%[m], #220]\n\t"
-        "ldr	r10, [%[a], #220]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #220]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r7, [%[m], #224]\n\t"
-        "ldr	r10, [%[a], #224]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #224]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r7, [%[m], #228]\n\t"
-        "ldr	r10, [%[a], #228]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #228]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r7, [%[m], #232]\n\t"
-        "ldr	r10, [%[a], #232]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #232]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r7, [%[m], #236]\n\t"
-        "ldr	r10, [%[a], #236]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #236]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r7, [%[m], #240]\n\t"
-        "ldr	r10, [%[a], #240]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #240]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r7, [%[m], #244]\n\t"
-        "ldr	r10, [%[a], #244]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #244]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r7, [%[m], #248]\n\t"
-        "ldr	r10, [%[a], #248]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #248]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+63] += m[63] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #252]\n\t"
-#else
-        "ldr	r7, [%[m], #252]\n\t"
-#endif
-        "ldr	r10, [%[a], #252]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #252]\n\t"
-        "ldr	r10, [%[a], #256]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #256]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x100\n\t"
-        "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_64_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r7, [%[m], #192]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r7, [%[m], #196]\n\t"
-        "ldr	r10, [%[a], #196]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #196]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r7, [%[m], #200]\n\t"
-        "ldr	r10, [%[a], #200]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #200]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r7, [%[m], #204]\n\t"
-        "ldr	r10, [%[a], #204]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #204]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r7, [%[m], #208]\n\t"
-        "ldr	r10, [%[a], #208]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #208]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r7, [%[m], #212]\n\t"
-        "ldr	r10, [%[a], #212]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #212]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r7, [%[m], #216]\n\t"
-        "ldr	r10, [%[a], #216]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #216]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r7, [%[m], #220]\n\t"
-        "ldr	r10, [%[a], #220]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #220]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r7, [%[m], #224]\n\t"
-        "ldr	r10, [%[a], #224]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #224]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r7, [%[m], #228]\n\t"
-        "ldr	r10, [%[a], #228]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #228]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r7, [%[m], #232]\n\t"
-        "ldr	r10, [%[a], #232]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #232]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r7, [%[m], #236]\n\t"
-        "ldr	r10, [%[a], #236]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #236]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r7, [%[m], #240]\n\t"
-        "ldr	r10, [%[a], #240]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #240]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r7, [%[m], #244]\n\t"
-        "ldr	r10, [%[a], #244]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #244]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r7, [%[m], #248]\n\t"
-        "ldr	r10, [%[a], #248]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #248]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r7, [%[m], #252]\n\t"
-        "ldr	r10, [%[a], #252]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #252]\n\t"
-        "ldr	r10, [%[a], #256]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #256]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x100\n\t"
-        "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_64_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r10, [%[m], #68]\n\t"
-        "ldr	r9, [%[a], #68]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r10, [%[m], #72]\n\t"
-        "ldr	r9, [%[a], #72]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r10, [%[m], #76]\n\t"
-        "ldr	r9, [%[a], #76]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r10, [%[m], #80]\n\t"
-        "ldr	r9, [%[a], #80]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r10, [%[m], #84]\n\t"
-        "ldr	r9, [%[a], #84]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r10, [%[m], #88]\n\t"
-        "ldr	r9, [%[a], #88]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r10, [%[m], #92]\n\t"
-        "ldr	r9, [%[a], #92]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r10, [%[m], #96]\n\t"
-        "ldr	r9, [%[a], #96]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r10, [%[m], #100]\n\t"
-        "ldr	r9, [%[a], #100]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r10, [%[m], #104]\n\t"
-        "ldr	r9, [%[a], #104]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r10, [%[m], #108]\n\t"
-        "ldr	r9, [%[a], #108]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r10, [%[m], #112]\n\t"
-        "ldr	r9, [%[a], #112]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r10, [%[m], #116]\n\t"
-        "ldr	r9, [%[a], #116]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r10, [%[m], #120]\n\t"
-        "ldr	r9, [%[a], #120]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r10, [%[m], #124]\n\t"
-        "ldr	r9, [%[a], #124]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r10, [%[m], #128]\n\t"
-        "ldr	r9, [%[a], #128]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r10, [%[m], #132]\n\t"
-        "ldr	r9, [%[a], #132]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r10, [%[m], #136]\n\t"
-        "ldr	r9, [%[a], #136]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r10, [%[m], #140]\n\t"
-        "ldr	r9, [%[a], #140]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r10, [%[m], #144]\n\t"
-        "ldr	r9, [%[a], #144]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r10, [%[m], #148]\n\t"
-        "ldr	r9, [%[a], #148]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r10, [%[m], #152]\n\t"
-        "ldr	r9, [%[a], #152]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r10, [%[m], #156]\n\t"
-        "ldr	r9, [%[a], #156]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r10, [%[m], #160]\n\t"
-        "ldr	r9, [%[a], #160]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r10, [%[m], #164]\n\t"
-        "ldr	r9, [%[a], #164]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r10, [%[m], #168]\n\t"
-        "ldr	r9, [%[a], #168]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r10, [%[m], #172]\n\t"
-        "ldr	r9, [%[a], #172]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r10, [%[m], #176]\n\t"
-        "ldr	r9, [%[a], #176]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r10, [%[m], #180]\n\t"
-        "ldr	r9, [%[a], #180]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r10, [%[m], #184]\n\t"
-        "ldr	r9, [%[a], #184]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r10, [%[m], #188]\n\t"
-        "ldr	r9, [%[a], #188]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #188]\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r10, [%[m], #192]\n\t"
-        "ldr	r9, [%[a], #192]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #192]\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r10, [%[m], #196]\n\t"
-        "ldr	r9, [%[a], #196]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #196]\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r10, [%[m], #200]\n\t"
-        "ldr	r9, [%[a], #200]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #200]\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r10, [%[m], #204]\n\t"
-        "ldr	r9, [%[a], #204]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #204]\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r10, [%[m], #208]\n\t"
-        "ldr	r9, [%[a], #208]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #208]\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r10, [%[m], #212]\n\t"
-        "ldr	r9, [%[a], #212]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #212]\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r10, [%[m], #216]\n\t"
-        "ldr	r9, [%[a], #216]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #216]\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r10, [%[m], #220]\n\t"
-        "ldr	r9, [%[a], #220]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #220]\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r10, [%[m], #224]\n\t"
-        "ldr	r9, [%[a], #224]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #224]\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r10, [%[m], #228]\n\t"
-        "ldr	r9, [%[a], #228]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #228]\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r10, [%[m], #232]\n\t"
-        "ldr	r9, [%[a], #232]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #232]\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r10, [%[m], #236]\n\t"
-        "ldr	r9, [%[a], #236]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #236]\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r10, [%[m], #240]\n\t"
-        "ldr	r9, [%[a], #240]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #240]\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r10, [%[m], #244]\n\t"
-        "ldr	r9, [%[a], #244]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #244]\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r10, [%[m], #248]\n\t"
-        "ldr	r9, [%[a], #248]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #248]\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r10, [%[m], #252]\n\t"
-        "ldr	r9, [%[a], #252]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #256]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #252]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #256]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0x100\n\t"
-        "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_64(r, a, b);
-    sp_2048_mont_reduce_64(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_64(r, a);
-    sp_2048_mont_reduce_64(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x100\n\t"
-        "\n"
-    "L_sp_2048_sub_64_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_2048_sub_64_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12", "lr"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_64(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_64(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_2048_word_64_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_2048_word_64_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    for (i = 63; i > 0; i--) {
-        if (t1[i + 64] != d[i])
-            break;
-    }
-    if (t1[i + 64] >= d[i]) {
-        sp_2048_sub_in_place_64(&t1[64], d);
-    }
-    for (i = 63; i >= 0; i--) {
-        if (t1[64 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_2048_word_64(t1[64 + i], t1[64 + i - 1], div);
-        }
-
-        sp_2048_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_2048_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        if (t1[64 + i] != 0) {
-            t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], d);
-            if (t1[64 + i] != 0)
-                t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 63; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_2048_sub_64(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 64);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_2048_div_64_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<64; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 64; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #0xfc\n\t"
-        "\n"
-    "L_sp_2048_cmp_64_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_2048_cmp_64_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #252]\n\t"
-        "ldr	lr, [%[b], #252]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #248]\n\t"
-        "ldr	lr, [%[b], #248]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #244]\n\t"
-        "ldr	lr, [%[b], #244]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #240]\n\t"
-        "ldr	lr, [%[b], #240]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #236]\n\t"
-        "ldr	lr, [%[b], #236]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #232]\n\t"
-        "ldr	lr, [%[b], #232]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #228]\n\t"
-        "ldr	lr, [%[b], #228]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #224]\n\t"
-        "ldr	lr, [%[b], #224]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #220]\n\t"
-        "ldr	lr, [%[b], #220]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #216]\n\t"
-        "ldr	lr, [%[b], #216]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #212]\n\t"
-        "ldr	lr, [%[b], #212]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #208]\n\t"
-        "ldr	lr, [%[b], #208]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #204]\n\t"
-        "ldr	lr, [%[b], #204]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #200]\n\t"
-        "ldr	lr, [%[b], #200]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #196]\n\t"
-        "ldr	lr, [%[b], #196]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #192]\n\t"
-        "ldr	lr, [%[b], #192]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #188]\n\t"
-        "ldr	lr, [%[b], #188]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #184]\n\t"
-        "ldr	lr, [%[b], #184]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #180]\n\t"
-        "ldr	lr, [%[b], #180]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #176]\n\t"
-        "ldr	lr, [%[b], #176]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #172]\n\t"
-        "ldr	lr, [%[b], #172]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #168]\n\t"
-        "ldr	lr, [%[b], #168]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #164]\n\t"
-        "ldr	lr, [%[b], #164]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #160]\n\t"
-        "ldr	lr, [%[b], #160]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #156]\n\t"
-        "ldr	lr, [%[b], #156]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #152]\n\t"
-        "ldr	lr, [%[b], #152]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #148]\n\t"
-        "ldr	lr, [%[b], #148]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #144]\n\t"
-        "ldr	lr, [%[b], #144]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #140]\n\t"
-        "ldr	lr, [%[b], #140]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #136]\n\t"
-        "ldr	lr, [%[b], #136]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #132]\n\t"
-        "ldr	lr, [%[b], #132]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #128]\n\t"
-        "ldr	lr, [%[b], #128]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #124]\n\t"
-        "ldr	lr, [%[b], #124]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #120]\n\t"
-        "ldr	lr, [%[b], #120]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #116]\n\t"
-        "ldr	lr, [%[b], #116]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #112]\n\t"
-        "ldr	lr, [%[b], #112]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #108]\n\t"
-        "ldr	lr, [%[b], #108]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #104]\n\t"
-        "ldr	lr, [%[b], #104]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #100]\n\t"
-        "ldr	lr, [%[b], #100]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #96]\n\t"
-        "ldr	lr, [%[b], #96]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #92]\n\t"
-        "ldr	lr, [%[b], #92]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #88]\n\t"
-        "ldr	lr, [%[b], #88]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #84]\n\t"
-        "ldr	lr, [%[b], #84]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #80]\n\t"
-        "ldr	lr, [%[b], #80]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #76]\n\t"
-        "ldr	lr, [%[b], #76]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #72]\n\t"
-        "ldr	lr, [%[b], #72]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #68]\n\t"
-        "ldr	lr, [%[b], #68]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    r1 = sp_2048_cmp_64(&t1[64], d) >= 0;
-    sp_2048_cond_sub_64(&t1[64], &t1[64], d, (sp_digit)0 - r1);
-    for (i = 63; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[64 + i] == div);
-        sp_digit hi = t1[64 + i] + mask;
-        r1 = div_2048_word_64(hi, t1[64 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_2048_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        sp_2048_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], t2);
-        sp_2048_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_64(t1, d) >= 0;
-    sp_2048_cond_sub_64(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_2048_div_64(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 128);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 128);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_64(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_64(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_64(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_64(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_64(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_64(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_64(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_64(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 64 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 256 ||
-                                                     mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 64;
-        r = a + 64 * 2;
-        m = r + 64 * 2;
-
-        sp_2048_from_bin(ah, 64, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 64, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_2048_mont_sqr_64(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_2048_mont_mul_64(r, r, ah, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_64(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_2048_sqr_64(r, ah);
-                err = sp_2048_mod_64_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_2048_mul_64(r, ah, r);
-                err = sp_2048_mod_64_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 64);
-                for (i--; i >= 0; i--) {
-                    sp_2048_mont_sqr_64(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_64(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-                sp_2048_mont_reduce_64(r, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_64(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "\n"
-    "L_sp_2048_cond_add_32_words_%=: \n\t"
-        "adds	lr, lr, #-1\n\t"
-        "ldr	r4, [%[a], r12]\n\t"
-        "ldr	r5, [%[b], r12]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "adc	lr, r6, r6\n\t"
-        "str	r4, [%[r], r12]\n\t"
-        "add	r12, r12, #4\n\t"
-        "cmp	r12, #0x80\n\t"
-        "blt	L_sp_2048_cond_add_32_words_%=\n\t"
-        "mov	%[r], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r8, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "adc	%[r], r8, r8\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 64 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 64 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 64;
-        m = a + 128;
-        r = a;
-
-        sp_2048_from_bin(a, 64, in, inLen);
-        sp_2048_from_mp(d, 64, dm);
-        sp_2048_from_mp(m, 64, mm);
-        err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 64, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 32 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 256 || mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 64 * 2;
-        q = p + 32;
-        qi = dq = dp = q + 32;
-        tmpa = qi + 32;
-        tmpb = tmpa + 64;
-        r = a;
-
-        sp_2048_from_bin(a, 64, in, inLen);
-        sp_2048_from_mp(p, 32, pm);
-        sp_2048_from_mp(q, 32, qm);
-        sp_2048_from_mp(dp, 32, dpm);
-
-        err = sp_2048_mod_exp_32(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(dq, 32, dqm);
-        err = sp_2048_mod_exp_32(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_32(tmpa, tmpb);
-        c += sp_2048_cond_add_32(tmpa, tmpa, p, c);
-        sp_2048_cond_add_32(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 32, qim);
-        sp_2048_mul_32(tmpa, tmpa, qi);
-        err = sp_2048_mod_32(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_32(tmpa, q, tmpa);
-        XMEMSET(&tmpb[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_add_64(r, tmpb, tmpa);
-
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 64);
-        r->used = 64;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 64, base);
-        sp_2048_from_mp(e, 64, exp);
-        sp_2048_from_mp(m, 64, mod);
-
-        err = sp_2048_mod_exp_64(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register byte n asm ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "rsb	r12, %[n], #31\n\t"
-        "ldr	r5, [%[a], #252]\n\t"
-        "lsr	r6, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r6, r6, r12\n\t"
-        "ldr	r4, [%[a], #248]\n\t"
-        "str	r6, [%[r], #256]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #244]\n\t"
-        "str	r5, [%[r], #252]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #240]\n\t"
-        "str	r4, [%[r], #248]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #236]\n\t"
-        "str	r6, [%[r], #244]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #232]\n\t"
-        "str	r5, [%[r], #240]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #228]\n\t"
-        "str	r4, [%[r], #236]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #224]\n\t"
-        "str	r6, [%[r], #232]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #220]\n\t"
-        "str	r5, [%[r], #228]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #216]\n\t"
-        "str	r4, [%[r], #224]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #212]\n\t"
-        "str	r6, [%[r], #220]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #208]\n\t"
-        "str	r5, [%[r], #216]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #204]\n\t"
-        "str	r4, [%[r], #212]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #200]\n\t"
-        "str	r6, [%[r], #208]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #196]\n\t"
-        "str	r5, [%[r], #204]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #192]\n\t"
-        "str	r4, [%[r], #200]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #188]\n\t"
-        "str	r6, [%[r], #196]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #184]\n\t"
-        "str	r5, [%[r], #192]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #180]\n\t"
-        "str	r4, [%[r], #188]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #176]\n\t"
-        "str	r6, [%[r], #184]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #172]\n\t"
-        "str	r5, [%[r], #180]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #168]\n\t"
-        "str	r4, [%[r], #176]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #164]\n\t"
-        "str	r6, [%[r], #172]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #160]\n\t"
-        "str	r5, [%[r], #168]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #156]\n\t"
-        "str	r4, [%[r], #164]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #152]\n\t"
-        "str	r6, [%[r], #160]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #148]\n\t"
-        "str	r5, [%[r], #156]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #144]\n\t"
-        "str	r4, [%[r], #152]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #140]\n\t"
-        "str	r6, [%[r], #148]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #136]\n\t"
-        "str	r5, [%[r], #144]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #132]\n\t"
-        "str	r4, [%[r], #140]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #128]\n\t"
-        "str	r6, [%[r], #136]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #124]\n\t"
-        "str	r5, [%[r], #132]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #120]\n\t"
-        "str	r4, [%[r], #128]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #116]\n\t"
-        "str	r6, [%[r], #124]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #112]\n\t"
-        "str	r5, [%[r], #120]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #108]\n\t"
-        "str	r4, [%[r], #116]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "str	r6, [%[r], #112]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #100]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #96]\n\t"
-        "str	r4, [%[r], #104]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #92]\n\t"
-        "str	r6, [%[r], #100]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #88]\n\t"
-        "str	r5, [%[r], #96]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "str	r6, [%[r], #88]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #76]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #72]\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #68]\n\t"
-        "str	r6, [%[r], #76]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #64]\n\t"
-        "str	r5, [%[r], #72]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r6, [%[r], #64]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r6, [%[r], #52]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r6, [%[r], #40]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r6, [%[r], #28]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r6, [%[r], #16]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "str	r5, [%[r]]\n\t"
-        "str	r6, [%[r], #4]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r12"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 193);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 193, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 128;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_2048_lshift_64(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_lshift_64(r, r, y);
-            sp_2048_mul_d_64(tmp, norm, r[64]);
-            r[64] = 0;
-            o = sp_2048_add_64(r, r, tmp);
-            sp_2048_cond_sub_64(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 64, base);
-        sp_2048_from_bin(e, 64, exp, expLen);
-        sp_2048_from_mp(m, 64, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2 && m[63] == (sp_digit)-1)
-            err = sp_2048_mod_exp_2_64(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_2048_mod_exp_64(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-        for (i=0; i<256 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[64];
-    sp_digit e[32];
-    sp_digit m[32];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_mp(e, 32, exp);
-        sp_2048_from_mp(m, 32, mod);
-
-        err = sp_2048_mod_exp_32(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 32, 0, sizeof(*r) * 32U);
-        err = sp_2048_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_96(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 95; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_96(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_96(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #48\n\t"
-        /* A[0] * B[0] */
-        "ldr	r11, [%[a]]\n\t"
-        "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r3, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-#else
-        "umull	r3, r4, r11, r12\n\t"
-        "mov	r5, #0\n\t"
-#endif
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[0] */
-        "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[1] */
-        "ldr	r11, [%[a], #4]\n\t"
-        "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[2] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[1] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[0] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[1] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[2] */
-        "ldr	r11, [%[a], #8]\n\t"
-        "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[3] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[4] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[4] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[2] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[1] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[0] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[1] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[2] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[3] */
-        "ldr	r11, [%[a], #12]\n\t"
-        "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[4] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[5] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[0] * B[6] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[6] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[5] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[3] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[2] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[1] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[0] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[1] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[2] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[3] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[4] */
-        "ldr	r11, [%[a], #16]\n\t"
-        "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[5] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[6] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[7] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[8] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[8] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[7] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[6] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[4] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[3] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[2] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[1] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[0] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[1] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[2] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[3] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[4] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[5] */
-        "ldr	r11, [%[a], #20]\n\t"
-        "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[6] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[7] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[8] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[9] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[10] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[10] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[9] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[8] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[7] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[5] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[4] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[3] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[2] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[1] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[0] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #44]\n\t"
-        /* A[11] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[2] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[3] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[4] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[5] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[6] */
-        "ldr	r11, [%[a], #24]\n\t"
-        "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[7] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[8] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[9] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[10] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[11] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #48]\n\t"
-        /* A[2] * B[11] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[10] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[9] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[8] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[6] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[5] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[4] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[3] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[2] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #52]\n\t"
-        /* A[11] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[4] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[5] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[6] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[7] */
-        "ldr	r11, [%[a], #28]\n\t"
-        "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[8] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[9] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[10] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[11] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #56]\n\t"
-        /* A[4] * B[11] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[10] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[9] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[8] */
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[7] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[6] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[5] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[4] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #60]\n\t"
-        /* A[11] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[6] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[7] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[8] */
-        "ldr	r11, [%[a], #32]\n\t"
-        "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[9] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[10] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[11] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        /* A[6] * B[11] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[10] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[8] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[7] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[6] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #68]\n\t"
-        /* A[11] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[8] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[9] */
-        "ldr	r11, [%[a], #36]\n\t"
-        "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[10] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[11] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #72]\n\t"
-        /* A[8] * B[11] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[10] */
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[9] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[8] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #76]\n\t"
-        /* A[11] * B[9] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[10] */
-        "ldr	r11, [%[a], #40]\n\t"
-        "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[11] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #80]\n\t"
-        /* A[10] * B[11] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[10] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #84]\n\t"
-        /* A[11] * B[11] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, r8, r9\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<12; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-    r[9] = a[9] & m;
-    r[10] = a[10] & m;
-    r[11] = a[11] & m;
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[24];
-    sp_digit a1[12];
-    sp_digit b1[12];
-    sp_digit* z2 = r + 24;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_12(a1, a, &a[12]);
-    cb = sp_3072_add_12(b1, b, &b[12]);
-    u  = ca & cb;
-
-    sp_3072_mul_12(z2, &a[12], &b[12]);
-    sp_3072_mul_12(z0, a, b);
-    sp_3072_mul_12(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(z1, z2);
-    sp_3072_mask_12(a1, a1, 0 - cb);
-    u += sp_3072_add_12(z1 + 12, z1 + 12, a1);
-    sp_3072_mask_12(b1, b1, 0 - ca);
-    u += sp_3072_add_12(z1 + 12, z1 + 12, b1);
-
-    u += sp_3072_add_24(r + 12, r + 12, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (12 - 1));
-    a1[0] = u;
-    (void)sp_3072_add_12(r + 36, r + 36, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<24; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[48];
-    sp_digit a1[24];
-    sp_digit b1[24];
-    sp_digit* z2 = r + 48;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_24(a1, a, &a[24]);
-    cb = sp_3072_add_24(b1, b, &b[24]);
-    u  = ca & cb;
-
-    sp_3072_mul_24(z2, &a[24], &b[24]);
-    sp_3072_mul_24(z0, a, b);
-    sp_3072_mul_24(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(z1, z2);
-    sp_3072_mask_24(a1, a1, 0 - cb);
-    u += sp_3072_add_24(z1 + 24, z1 + 24, a1);
-    sp_3072_mask_24(b1, b1, 0 - ca);
-    u += sp_3072_add_24(z1 + 24, z1 + 24, b1);
-
-    u += sp_3072_add_48(r + 24, r + 24, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (24 - 1));
-    a1[0] = u;
-    (void)sp_3072_add_24(r + 72, r + 72, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[96];
-    sp_digit a1[48];
-    sp_digit b1[48];
-    sp_digit* z2 = r + 96;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_48(a1, a, &a[48]);
-    cb = sp_3072_add_48(b1, b, &b[48]);
-    u  = ca & cb;
-
-    sp_3072_mul_48(z2, &a[48], &b[48]);
-    sp_3072_mul_48(z0, a, b);
-    sp_3072_mul_48(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_96(z1, z0);
-    u += sp_3072_sub_in_place_96(z1, z2);
-    sp_3072_mask_48(a1, a1, 0 - cb);
-    u += sp_3072_add_48(z1 + 48, z1 + 48, a1);
-    sp_3072_mask_48(b1, b1, 0 - ca);
-    u += sp_3072_add_48(z1 + 48, z1 + 48, b1);
-
-    u += sp_3072_add_96(r + 48, r + 48, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (48 - 1));
-    a1[0] = u;
-    (void)sp_3072_add_48(r + 144, r + 144, a1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #48\n\t"
-        /* A[0] * A[0] */
-        "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r2, r10, #16\n\t"
-        "lsr	r2, r2, #16\n\t"
-        "mul	r8, r2, r2\n\t"
-        "mul	r3, r9, r9\n\t"
-        "mul	r2, r9, r2\n\t"
-        "lsr	r9, r2, #15\n\t"
-        "lsl	r2, r2, #17\n\t"
-        "adds	r8, r8, r2\n\t"
-        "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r3, r10, r10\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[1] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[2] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #44]\n\t"
-        /* A[1] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[2] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        /* A[2] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[3] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        /* A[3] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[4] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        /* A[4] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[5] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        /* A[5] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[6] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        /* A[6] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[7] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        /* A[7] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [%[r], #72]\n\t"
-        /* A[8] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[9] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [%[r], #76]\n\t"
-        /* A[9] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        /* A[10] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [%[r], #84]\n\t"
-        /* A[11] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adc	r4, r4, r9\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adc	r4, r4, r9\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adc	r4, r4, r9\n\t"
-#endif
-        "str	r3, [%[r], #88]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 24;
-    sp_digit z1[24];
-    sp_digit* a1 = z1;
-    sp_digit zero[12];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 12);
-
-    mask = sp_3072_sub_12(a1, a, &a[12]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_12(a1, p1, p2);
-
-    sp_3072_sqr_12(z2, &a[12]);
-    sp_3072_sqr_12(z0, a);
-    sp_3072_sqr_12(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_24(z1, z2);
-    u -= sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(r + 12, z1);
-    zero[0] = u;
-    (void)sp_3072_add_12(r + 36, r + 36, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 48;
-    sp_digit z1[48];
-    sp_digit* a1 = z1;
-    sp_digit zero[24];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 24);
-
-    mask = sp_3072_sub_24(a1, a, &a[24]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_24(a1, p1, p2);
-
-    sp_3072_sqr_24(z2, &a[24]);
-    sp_3072_sqr_24(z0, a);
-    sp_3072_sqr_24(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_48(z1, z2);
-    u -= sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(r + 24, z1);
-    zero[0] = u;
-    (void)sp_3072_add_24(r + 72, r + 72, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 96;
-    sp_digit z1[96];
-    sp_digit* a1 = z1;
-    sp_digit zero[48];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 48);
-
-    mask = sp_3072_sub_48(a1, a, &a[48]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_48(a1, p1, p2);
-
-    sp_3072_sqr_48(z2, &a[48]);
-    sp_3072_sqr_48(z0, a);
-    sp_3072_sqr_48(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_96(z1, z2);
-    u -= sp_3072_sub_in_place_96(z1, z0);
-    u += sp_3072_sub_in_place_96(r + 48, z1);
-    zero[0] = u;
-    (void)sp_3072_add_48(r + 144, r + 144, zero);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0x180\n\t"
-        "\n"
-    "L_sp_3072_add_96_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_3072_add_96_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x180\n\t"
-        "\n"
-    "L_sp_3072_sub_in_pkace_96_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_3072_sub_in_pkace_96_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x300\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_3072_mul_96_outer_%=: \n\t"
-        "subs	r3, r5, #0x17c\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_3072_mul_96_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_3072_mul_96_inner_done_%=\n\t"
-        "blt	L_sp_3072_mul_96_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_3072_mul_96_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x2f4\n\t"
-        "ble	L_sp_3072_mul_96_outer_%=\n\t"
-        "ldr	lr, [%[a], #380]\n\t"
-        "ldr	r11, [%[b], #380]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_3072_mul_96_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_3072_mul_96_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x300\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_outer_%=: \n\t"
-        "subs	r3, r5, #0x17c\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_3072_sqr_96_inner_done_%=\n\t"
-        "blt	L_sp_3072_sqr_96_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sqr_96_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x2f4\n\t"
-        "ble	L_sp_3072_sqr_96_outer_%=\n\t"
-        "ldr	lr, [%[a], #380]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_3072_sqr_96_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0xc0\n\t"
-        "\n"
-    "L_sp_3072_add_48_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_3072_add_48_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0xc0\n\t"
-        "\n"
-    "L_sp_3072_sub_in_pkace_48_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_3072_sub_in_pkace_48_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x180\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_3072_mul_48_outer_%=: \n\t"
-        "subs	r3, r5, #0xbc\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_3072_mul_48_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_3072_mul_48_inner_done_%=\n\t"
-        "blt	L_sp_3072_mul_48_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_3072_mul_48_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x174\n\t"
-        "ble	L_sp_3072_mul_48_outer_%=\n\t"
-        "ldr	lr, [%[a], #188]\n\t"
-        "ldr	r11, [%[b], #188]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_3072_mul_48_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_3072_mul_48_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x180\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_outer_%=: \n\t"
-        "subs	r3, r5, #0xbc\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_3072_sqr_48_inner_done_%=\n\t"
-        "blt	L_sp_3072_sqr_48_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sqr_48_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x174\n\t"
-        "ble	L_sp_3072_sqr_48_outer_%=\n\t"
-        "ldr	lr, [%[a], #188]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_3072_sqr_48_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_3072_mul_d_96_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0x180\n\t"
-        "blt	L_sp_3072_mul_d_96_word_%=\n\t"
-        "str	r3, [%[r], #384]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[17] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[18] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[19] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[20] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[21] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[22] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[23] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[24] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[25] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[26] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[27] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[28] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[29] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[30] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[31] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[32] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[33] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[34] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[35] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[36] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[37] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[38] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[39] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[40] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[41] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[42] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[43] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[44] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[45] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[46] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[47] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[48] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[49] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[50] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[51] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[52] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[53] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[54] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[55] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[56] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[57] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[58] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[59] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[60] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[61] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[62] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[63] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[64] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[65] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[66] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[67] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[68] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[69] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[70] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[71] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[72] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[73] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[74] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[75] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[76] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[77] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[78] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[79] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[80] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[81] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[82] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[83] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[84] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[85] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[86] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[87] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[88] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[89] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[90] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[91] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[92] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[93] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[94] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[95] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "str	r3, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 48);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_48(r, m);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_3072_cond_sub_48_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0xc0\n\t"
-        "blt	L_sp_3072_cond_sub_48_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_48_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #188]\n\t"
-#else
-        "ldr	r7, [%[m], #188]\n\t"
-#endif
-        "ldr	r10, [%[a], #188]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0xc0\n\t"
-        "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_48_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0xc0\n\t"
-        "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_48_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r10, [%[m], #68]\n\t"
-        "ldr	r9, [%[a], #68]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r10, [%[m], #72]\n\t"
-        "ldr	r9, [%[a], #72]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r10, [%[m], #76]\n\t"
-        "ldr	r9, [%[a], #76]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r10, [%[m], #80]\n\t"
-        "ldr	r9, [%[a], #80]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r10, [%[m], #84]\n\t"
-        "ldr	r9, [%[a], #84]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r10, [%[m], #88]\n\t"
-        "ldr	r9, [%[a], #88]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r10, [%[m], #92]\n\t"
-        "ldr	r9, [%[a], #92]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r10, [%[m], #96]\n\t"
-        "ldr	r9, [%[a], #96]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r10, [%[m], #100]\n\t"
-        "ldr	r9, [%[a], #100]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r10, [%[m], #104]\n\t"
-        "ldr	r9, [%[a], #104]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r10, [%[m], #108]\n\t"
-        "ldr	r9, [%[a], #108]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r10, [%[m], #112]\n\t"
-        "ldr	r9, [%[a], #112]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r10, [%[m], #116]\n\t"
-        "ldr	r9, [%[a], #116]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r10, [%[m], #120]\n\t"
-        "ldr	r9, [%[a], #120]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r10, [%[m], #124]\n\t"
-        "ldr	r9, [%[a], #124]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r10, [%[m], #128]\n\t"
-        "ldr	r9, [%[a], #128]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r10, [%[m], #132]\n\t"
-        "ldr	r9, [%[a], #132]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r10, [%[m], #136]\n\t"
-        "ldr	r9, [%[a], #136]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r10, [%[m], #140]\n\t"
-        "ldr	r9, [%[a], #140]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r10, [%[m], #144]\n\t"
-        "ldr	r9, [%[a], #144]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r10, [%[m], #148]\n\t"
-        "ldr	r9, [%[a], #148]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r10, [%[m], #152]\n\t"
-        "ldr	r9, [%[a], #152]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r10, [%[m], #156]\n\t"
-        "ldr	r9, [%[a], #156]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r10, [%[m], #160]\n\t"
-        "ldr	r9, [%[a], #160]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r10, [%[m], #164]\n\t"
-        "ldr	r9, [%[a], #164]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r10, [%[m], #168]\n\t"
-        "ldr	r9, [%[a], #168]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r10, [%[m], #172]\n\t"
-        "ldr	r9, [%[a], #172]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r10, [%[m], #176]\n\t"
-        "ldr	r9, [%[a], #176]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r10, [%[m], #180]\n\t"
-        "ldr	r9, [%[a], #180]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r10, [%[m], #184]\n\t"
-        "ldr	r9, [%[a], #184]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r10, [%[m], #188]\n\t"
-        "ldr	r9, [%[a], #188]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #192]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #188]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #192]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0xc0\n\t"
-        "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_48(r, a, b);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_48(r, a);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_3072_mul_d_48_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0xc0\n\t"
-        "blt	L_sp_3072_mul_d_48_word_%=\n\t"
-        "str	r3, [%[r], #192]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[17] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[18] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[19] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[20] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[21] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[22] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[23] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[24] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[25] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[26] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[27] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[28] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[29] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[30] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[31] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[32] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[33] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[34] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[35] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[36] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[37] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[38] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[39] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[40] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[41] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[42] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[43] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[44] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[45] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[46] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[47] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "str	r3, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_48(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_48(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_3072_word_48_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_3072_word_48_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #0xbc\n\t"
-        "\n"
-    "L_sp_3072_cmp_48_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_3072_cmp_48_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #188]\n\t"
-        "ldr	lr, [%[b], #188]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #184]\n\t"
-        "ldr	lr, [%[b], #184]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #180]\n\t"
-        "ldr	lr, [%[b], #180]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #176]\n\t"
-        "ldr	lr, [%[b], #176]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #172]\n\t"
-        "ldr	lr, [%[b], #172]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #168]\n\t"
-        "ldr	lr, [%[b], #168]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #164]\n\t"
-        "ldr	lr, [%[b], #164]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #160]\n\t"
-        "ldr	lr, [%[b], #160]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #156]\n\t"
-        "ldr	lr, [%[b], #156]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #152]\n\t"
-        "ldr	lr, [%[b], #152]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #148]\n\t"
-        "ldr	lr, [%[b], #148]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #144]\n\t"
-        "ldr	lr, [%[b], #144]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #140]\n\t"
-        "ldr	lr, [%[b], #140]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #136]\n\t"
-        "ldr	lr, [%[b], #136]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #132]\n\t"
-        "ldr	lr, [%[b], #132]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #128]\n\t"
-        "ldr	lr, [%[b], #128]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #124]\n\t"
-        "ldr	lr, [%[b], #124]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #120]\n\t"
-        "ldr	lr, [%[b], #120]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #116]\n\t"
-        "ldr	lr, [%[b], #116]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #112]\n\t"
-        "ldr	lr, [%[b], #112]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #108]\n\t"
-        "ldr	lr, [%[b], #108]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #104]\n\t"
-        "ldr	lr, [%[b], #104]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #100]\n\t"
-        "ldr	lr, [%[b], #100]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #96]\n\t"
-        "ldr	lr, [%[b], #96]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #92]\n\t"
-        "ldr	lr, [%[b], #92]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #88]\n\t"
-        "ldr	lr, [%[b], #88]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #84]\n\t"
-        "ldr	lr, [%[b], #84]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #80]\n\t"
-        "ldr	lr, [%[b], #80]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #76]\n\t"
-        "ldr	lr, [%[b], #76]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #72]\n\t"
-        "ldr	lr, [%[b], #72]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #68]\n\t"
-        "ldr	lr, [%[b], #68]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[96], t2[49];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    r1 = sp_3072_cmp_48(&t1[48], d) >= 0;
-    sp_3072_cond_sub_48(&t1[48], &t1[48], d, (sp_digit)0 - r1);
-    for (i = 47; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[48 + i] == div);
-        sp_digit hi = t1[48 + i] + mask;
-        r1 = div_3072_word_48(hi, t1[48 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_48(t1, d) >= 0;
-    sp_3072_cond_sub_48(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_3072_div_48(a, m, NULL, r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 96);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 96);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_48(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_48(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_48(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_48(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_48(t[20], t[10], m, mp);
-        sp_3072_mont_mul_48(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_48(t[22], t[11], m, mp);
-        sp_3072_mont_mul_48(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_48(t[24], t[12], m, mp);
-        sp_3072_mont_mul_48(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_48(t[26], t[13], m, mp);
-        sp_3072_mont_mul_48(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_48(t[28], t[14], m, mp);
-        sp_3072_mont_mul_48(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_48(t[30], t[15], m, mp);
-        sp_3072_mont_mul_48(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 96);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_96(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_3072_cond_sub_96_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0x180\n\t"
-        "blt	L_sp_3072_cond_sub_96_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_96_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r7, [%[m], #192]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r7, [%[m], #196]\n\t"
-        "ldr	r10, [%[a], #196]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #196]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r7, [%[m], #200]\n\t"
-        "ldr	r10, [%[a], #200]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #200]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r7, [%[m], #204]\n\t"
-        "ldr	r10, [%[a], #204]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #204]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r7, [%[m], #208]\n\t"
-        "ldr	r10, [%[a], #208]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #208]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r7, [%[m], #212]\n\t"
-        "ldr	r10, [%[a], #212]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #212]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r7, [%[m], #216]\n\t"
-        "ldr	r10, [%[a], #216]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #216]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r7, [%[m], #220]\n\t"
-        "ldr	r10, [%[a], #220]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #220]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r7, [%[m], #224]\n\t"
-        "ldr	r10, [%[a], #224]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #224]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r7, [%[m], #228]\n\t"
-        "ldr	r10, [%[a], #228]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #228]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r7, [%[m], #232]\n\t"
-        "ldr	r10, [%[a], #232]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #232]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r7, [%[m], #236]\n\t"
-        "ldr	r10, [%[a], #236]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #236]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r7, [%[m], #240]\n\t"
-        "ldr	r10, [%[a], #240]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #240]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r7, [%[m], #244]\n\t"
-        "ldr	r10, [%[a], #244]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #244]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r7, [%[m], #248]\n\t"
-        "ldr	r10, [%[a], #248]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #248]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r7, [%[m], #252]\n\t"
-        "ldr	r10, [%[a], #252]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #252]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+64] += m[64] * mu */
-        "ldr	r7, [%[m], #256]\n\t"
-        "ldr	r10, [%[a], #256]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #256]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+65] += m[65] * mu */
-        "ldr	r7, [%[m], #260]\n\t"
-        "ldr	r10, [%[a], #260]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #260]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+66] += m[66] * mu */
-        "ldr	r7, [%[m], #264]\n\t"
-        "ldr	r10, [%[a], #264]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #264]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+67] += m[67] * mu */
-        "ldr	r7, [%[m], #268]\n\t"
-        "ldr	r10, [%[a], #268]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #268]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+68] += m[68] * mu */
-        "ldr	r7, [%[m], #272]\n\t"
-        "ldr	r10, [%[a], #272]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #272]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+69] += m[69] * mu */
-        "ldr	r7, [%[m], #276]\n\t"
-        "ldr	r10, [%[a], #276]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #276]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+70] += m[70] * mu */
-        "ldr	r7, [%[m], #280]\n\t"
-        "ldr	r10, [%[a], #280]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #280]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+71] += m[71] * mu */
-        "ldr	r7, [%[m], #284]\n\t"
-        "ldr	r10, [%[a], #284]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #284]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+72] += m[72] * mu */
-        "ldr	r7, [%[m], #288]\n\t"
-        "ldr	r10, [%[a], #288]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #288]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+73] += m[73] * mu */
-        "ldr	r7, [%[m], #292]\n\t"
-        "ldr	r10, [%[a], #292]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #292]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+74] += m[74] * mu */
-        "ldr	r7, [%[m], #296]\n\t"
-        "ldr	r10, [%[a], #296]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #296]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+75] += m[75] * mu */
-        "ldr	r7, [%[m], #300]\n\t"
-        "ldr	r10, [%[a], #300]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #300]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+76] += m[76] * mu */
-        "ldr	r7, [%[m], #304]\n\t"
-        "ldr	r10, [%[a], #304]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #304]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+77] += m[77] * mu */
-        "ldr	r7, [%[m], #308]\n\t"
-        "ldr	r10, [%[a], #308]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #308]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+78] += m[78] * mu */
-        "ldr	r7, [%[m], #312]\n\t"
-        "ldr	r10, [%[a], #312]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #312]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+79] += m[79] * mu */
-        "ldr	r7, [%[m], #316]\n\t"
-        "ldr	r10, [%[a], #316]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #316]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+80] += m[80] * mu */
-        "ldr	r7, [%[m], #320]\n\t"
-        "ldr	r10, [%[a], #320]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #320]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+81] += m[81] * mu */
-        "ldr	r7, [%[m], #324]\n\t"
-        "ldr	r10, [%[a], #324]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #324]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+82] += m[82] * mu */
-        "ldr	r7, [%[m], #328]\n\t"
-        "ldr	r10, [%[a], #328]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #328]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+83] += m[83] * mu */
-        "ldr	r7, [%[m], #332]\n\t"
-        "ldr	r10, [%[a], #332]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #332]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+84] += m[84] * mu */
-        "ldr	r7, [%[m], #336]\n\t"
-        "ldr	r10, [%[a], #336]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #336]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+85] += m[85] * mu */
-        "ldr	r7, [%[m], #340]\n\t"
-        "ldr	r10, [%[a], #340]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #340]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+86] += m[86] * mu */
-        "ldr	r7, [%[m], #344]\n\t"
-        "ldr	r10, [%[a], #344]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #344]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+87] += m[87] * mu */
-        "ldr	r7, [%[m], #348]\n\t"
-        "ldr	r10, [%[a], #348]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #348]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+88] += m[88] * mu */
-        "ldr	r7, [%[m], #352]\n\t"
-        "ldr	r10, [%[a], #352]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #352]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+89] += m[89] * mu */
-        "ldr	r7, [%[m], #356]\n\t"
-        "ldr	r10, [%[a], #356]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #356]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+90] += m[90] * mu */
-        "ldr	r7, [%[m], #360]\n\t"
-        "ldr	r10, [%[a], #360]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #360]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+91] += m[91] * mu */
-        "ldr	r7, [%[m], #364]\n\t"
-        "ldr	r10, [%[a], #364]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #364]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+92] += m[92] * mu */
-        "ldr	r7, [%[m], #368]\n\t"
-        "ldr	r10, [%[a], #368]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #368]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+93] += m[93] * mu */
-        "ldr	r7, [%[m], #372]\n\t"
-        "ldr	r10, [%[a], #372]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #372]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+94] += m[94] * mu */
-        "ldr	r7, [%[m], #376]\n\t"
-        "ldr	r10, [%[a], #376]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #376]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+95] += m[95] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #380]\n\t"
-#else
-        "ldr	r7, [%[m], #380]\n\t"
-#endif
-        "ldr	r10, [%[a], #380]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #380]\n\t"
-        "ldr	r10, [%[a], #384]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #384]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x180\n\t"
-        "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_96_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r7, [%[m], #192]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r7, [%[m], #196]\n\t"
-        "ldr	r10, [%[a], #196]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #196]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r7, [%[m], #200]\n\t"
-        "ldr	r10, [%[a], #200]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #200]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r7, [%[m], #204]\n\t"
-        "ldr	r10, [%[a], #204]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #204]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r7, [%[m], #208]\n\t"
-        "ldr	r10, [%[a], #208]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #208]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r7, [%[m], #212]\n\t"
-        "ldr	r10, [%[a], #212]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #212]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r7, [%[m], #216]\n\t"
-        "ldr	r10, [%[a], #216]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #216]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r7, [%[m], #220]\n\t"
-        "ldr	r10, [%[a], #220]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #220]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r7, [%[m], #224]\n\t"
-        "ldr	r10, [%[a], #224]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #224]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r7, [%[m], #228]\n\t"
-        "ldr	r10, [%[a], #228]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #228]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r7, [%[m], #232]\n\t"
-        "ldr	r10, [%[a], #232]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #232]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r7, [%[m], #236]\n\t"
-        "ldr	r10, [%[a], #236]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #236]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r7, [%[m], #240]\n\t"
-        "ldr	r10, [%[a], #240]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #240]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r7, [%[m], #244]\n\t"
-        "ldr	r10, [%[a], #244]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #244]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r7, [%[m], #248]\n\t"
-        "ldr	r10, [%[a], #248]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #248]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r7, [%[m], #252]\n\t"
-        "ldr	r10, [%[a], #252]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #252]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+64] += m[64] * mu */
-        "ldr	r7, [%[m], #256]\n\t"
-        "ldr	r10, [%[a], #256]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #256]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+65] += m[65] * mu */
-        "ldr	r7, [%[m], #260]\n\t"
-        "ldr	r10, [%[a], #260]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #260]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+66] += m[66] * mu */
-        "ldr	r7, [%[m], #264]\n\t"
-        "ldr	r10, [%[a], #264]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #264]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+67] += m[67] * mu */
-        "ldr	r7, [%[m], #268]\n\t"
-        "ldr	r10, [%[a], #268]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #268]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+68] += m[68] * mu */
-        "ldr	r7, [%[m], #272]\n\t"
-        "ldr	r10, [%[a], #272]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #272]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+69] += m[69] * mu */
-        "ldr	r7, [%[m], #276]\n\t"
-        "ldr	r10, [%[a], #276]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #276]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+70] += m[70] * mu */
-        "ldr	r7, [%[m], #280]\n\t"
-        "ldr	r10, [%[a], #280]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #280]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+71] += m[71] * mu */
-        "ldr	r7, [%[m], #284]\n\t"
-        "ldr	r10, [%[a], #284]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #284]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+72] += m[72] * mu */
-        "ldr	r7, [%[m], #288]\n\t"
-        "ldr	r10, [%[a], #288]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #288]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+73] += m[73] * mu */
-        "ldr	r7, [%[m], #292]\n\t"
-        "ldr	r10, [%[a], #292]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #292]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+74] += m[74] * mu */
-        "ldr	r7, [%[m], #296]\n\t"
-        "ldr	r10, [%[a], #296]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #296]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+75] += m[75] * mu */
-        "ldr	r7, [%[m], #300]\n\t"
-        "ldr	r10, [%[a], #300]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #300]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+76] += m[76] * mu */
-        "ldr	r7, [%[m], #304]\n\t"
-        "ldr	r10, [%[a], #304]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #304]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+77] += m[77] * mu */
-        "ldr	r7, [%[m], #308]\n\t"
-        "ldr	r10, [%[a], #308]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #308]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+78] += m[78] * mu */
-        "ldr	r7, [%[m], #312]\n\t"
-        "ldr	r10, [%[a], #312]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #312]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+79] += m[79] * mu */
-        "ldr	r7, [%[m], #316]\n\t"
-        "ldr	r10, [%[a], #316]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #316]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+80] += m[80] * mu */
-        "ldr	r7, [%[m], #320]\n\t"
-        "ldr	r10, [%[a], #320]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #320]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+81] += m[81] * mu */
-        "ldr	r7, [%[m], #324]\n\t"
-        "ldr	r10, [%[a], #324]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #324]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+82] += m[82] * mu */
-        "ldr	r7, [%[m], #328]\n\t"
-        "ldr	r10, [%[a], #328]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #328]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+83] += m[83] * mu */
-        "ldr	r7, [%[m], #332]\n\t"
-        "ldr	r10, [%[a], #332]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #332]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+84] += m[84] * mu */
-        "ldr	r7, [%[m], #336]\n\t"
-        "ldr	r10, [%[a], #336]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #336]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+85] += m[85] * mu */
-        "ldr	r7, [%[m], #340]\n\t"
-        "ldr	r10, [%[a], #340]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #340]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+86] += m[86] * mu */
-        "ldr	r7, [%[m], #344]\n\t"
-        "ldr	r10, [%[a], #344]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #344]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+87] += m[87] * mu */
-        "ldr	r7, [%[m], #348]\n\t"
-        "ldr	r10, [%[a], #348]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #348]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+88] += m[88] * mu */
-        "ldr	r7, [%[m], #352]\n\t"
-        "ldr	r10, [%[a], #352]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #352]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+89] += m[89] * mu */
-        "ldr	r7, [%[m], #356]\n\t"
-        "ldr	r10, [%[a], #356]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #356]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+90] += m[90] * mu */
-        "ldr	r7, [%[m], #360]\n\t"
-        "ldr	r10, [%[a], #360]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #360]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+91] += m[91] * mu */
-        "ldr	r7, [%[m], #364]\n\t"
-        "ldr	r10, [%[a], #364]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #364]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+92] += m[92] * mu */
-        "ldr	r7, [%[m], #368]\n\t"
-        "ldr	r10, [%[a], #368]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #368]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+93] += m[93] * mu */
-        "ldr	r7, [%[m], #372]\n\t"
-        "ldr	r10, [%[a], #372]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #372]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+94] += m[94] * mu */
-        "ldr	r7, [%[m], #376]\n\t"
-        "ldr	r10, [%[a], #376]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #376]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+95] += m[95] * mu */
-        "ldr	r7, [%[m], #380]\n\t"
-        "ldr	r10, [%[a], #380]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #380]\n\t"
-        "ldr	r10, [%[a], #384]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #384]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x180\n\t"
-        "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_96_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r10, [%[m], #68]\n\t"
-        "ldr	r9, [%[a], #68]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r10, [%[m], #72]\n\t"
-        "ldr	r9, [%[a], #72]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r10, [%[m], #76]\n\t"
-        "ldr	r9, [%[a], #76]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r10, [%[m], #80]\n\t"
-        "ldr	r9, [%[a], #80]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r10, [%[m], #84]\n\t"
-        "ldr	r9, [%[a], #84]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r10, [%[m], #88]\n\t"
-        "ldr	r9, [%[a], #88]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r10, [%[m], #92]\n\t"
-        "ldr	r9, [%[a], #92]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r10, [%[m], #96]\n\t"
-        "ldr	r9, [%[a], #96]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r10, [%[m], #100]\n\t"
-        "ldr	r9, [%[a], #100]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r10, [%[m], #104]\n\t"
-        "ldr	r9, [%[a], #104]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r10, [%[m], #108]\n\t"
-        "ldr	r9, [%[a], #108]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r10, [%[m], #112]\n\t"
-        "ldr	r9, [%[a], #112]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r10, [%[m], #116]\n\t"
-        "ldr	r9, [%[a], #116]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r10, [%[m], #120]\n\t"
-        "ldr	r9, [%[a], #120]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r10, [%[m], #124]\n\t"
-        "ldr	r9, [%[a], #124]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r10, [%[m], #128]\n\t"
-        "ldr	r9, [%[a], #128]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r10, [%[m], #132]\n\t"
-        "ldr	r9, [%[a], #132]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r10, [%[m], #136]\n\t"
-        "ldr	r9, [%[a], #136]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r10, [%[m], #140]\n\t"
-        "ldr	r9, [%[a], #140]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r10, [%[m], #144]\n\t"
-        "ldr	r9, [%[a], #144]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r10, [%[m], #148]\n\t"
-        "ldr	r9, [%[a], #148]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r10, [%[m], #152]\n\t"
-        "ldr	r9, [%[a], #152]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r10, [%[m], #156]\n\t"
-        "ldr	r9, [%[a], #156]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r10, [%[m], #160]\n\t"
-        "ldr	r9, [%[a], #160]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r10, [%[m], #164]\n\t"
-        "ldr	r9, [%[a], #164]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r10, [%[m], #168]\n\t"
-        "ldr	r9, [%[a], #168]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r10, [%[m], #172]\n\t"
-        "ldr	r9, [%[a], #172]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r10, [%[m], #176]\n\t"
-        "ldr	r9, [%[a], #176]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r10, [%[m], #180]\n\t"
-        "ldr	r9, [%[a], #180]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r10, [%[m], #184]\n\t"
-        "ldr	r9, [%[a], #184]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r10, [%[m], #188]\n\t"
-        "ldr	r9, [%[a], #188]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #188]\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r10, [%[m], #192]\n\t"
-        "ldr	r9, [%[a], #192]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #192]\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r10, [%[m], #196]\n\t"
-        "ldr	r9, [%[a], #196]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #196]\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r10, [%[m], #200]\n\t"
-        "ldr	r9, [%[a], #200]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #200]\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r10, [%[m], #204]\n\t"
-        "ldr	r9, [%[a], #204]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #204]\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r10, [%[m], #208]\n\t"
-        "ldr	r9, [%[a], #208]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #208]\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r10, [%[m], #212]\n\t"
-        "ldr	r9, [%[a], #212]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #212]\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r10, [%[m], #216]\n\t"
-        "ldr	r9, [%[a], #216]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #216]\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r10, [%[m], #220]\n\t"
-        "ldr	r9, [%[a], #220]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #220]\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r10, [%[m], #224]\n\t"
-        "ldr	r9, [%[a], #224]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #224]\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r10, [%[m], #228]\n\t"
-        "ldr	r9, [%[a], #228]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #228]\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r10, [%[m], #232]\n\t"
-        "ldr	r9, [%[a], #232]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #232]\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r10, [%[m], #236]\n\t"
-        "ldr	r9, [%[a], #236]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #236]\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r10, [%[m], #240]\n\t"
-        "ldr	r9, [%[a], #240]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #240]\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r10, [%[m], #244]\n\t"
-        "ldr	r9, [%[a], #244]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #244]\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r10, [%[m], #248]\n\t"
-        "ldr	r9, [%[a], #248]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #248]\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r10, [%[m], #252]\n\t"
-        "ldr	r9, [%[a], #252]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #252]\n\t"
-        /* a[i+64] += m[64] * mu */
-        "ldr	r10, [%[m], #256]\n\t"
-        "ldr	r9, [%[a], #256]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #256]\n\t"
-        /* a[i+65] += m[65] * mu */
-        "ldr	r10, [%[m], #260]\n\t"
-        "ldr	r9, [%[a], #260]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #260]\n\t"
-        /* a[i+66] += m[66] * mu */
-        "ldr	r10, [%[m], #264]\n\t"
-        "ldr	r9, [%[a], #264]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #264]\n\t"
-        /* a[i+67] += m[67] * mu */
-        "ldr	r10, [%[m], #268]\n\t"
-        "ldr	r9, [%[a], #268]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #268]\n\t"
-        /* a[i+68] += m[68] * mu */
-        "ldr	r10, [%[m], #272]\n\t"
-        "ldr	r9, [%[a], #272]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #272]\n\t"
-        /* a[i+69] += m[69] * mu */
-        "ldr	r10, [%[m], #276]\n\t"
-        "ldr	r9, [%[a], #276]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #276]\n\t"
-        /* a[i+70] += m[70] * mu */
-        "ldr	r10, [%[m], #280]\n\t"
-        "ldr	r9, [%[a], #280]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #280]\n\t"
-        /* a[i+71] += m[71] * mu */
-        "ldr	r10, [%[m], #284]\n\t"
-        "ldr	r9, [%[a], #284]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #284]\n\t"
-        /* a[i+72] += m[72] * mu */
-        "ldr	r10, [%[m], #288]\n\t"
-        "ldr	r9, [%[a], #288]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #288]\n\t"
-        /* a[i+73] += m[73] * mu */
-        "ldr	r10, [%[m], #292]\n\t"
-        "ldr	r9, [%[a], #292]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #292]\n\t"
-        /* a[i+74] += m[74] * mu */
-        "ldr	r10, [%[m], #296]\n\t"
-        "ldr	r9, [%[a], #296]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #296]\n\t"
-        /* a[i+75] += m[75] * mu */
-        "ldr	r10, [%[m], #300]\n\t"
-        "ldr	r9, [%[a], #300]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #300]\n\t"
-        /* a[i+76] += m[76] * mu */
-        "ldr	r10, [%[m], #304]\n\t"
-        "ldr	r9, [%[a], #304]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #304]\n\t"
-        /* a[i+77] += m[77] * mu */
-        "ldr	r10, [%[m], #308]\n\t"
-        "ldr	r9, [%[a], #308]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #308]\n\t"
-        /* a[i+78] += m[78] * mu */
-        "ldr	r10, [%[m], #312]\n\t"
-        "ldr	r9, [%[a], #312]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #312]\n\t"
-        /* a[i+79] += m[79] * mu */
-        "ldr	r10, [%[m], #316]\n\t"
-        "ldr	r9, [%[a], #316]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #316]\n\t"
-        /* a[i+80] += m[80] * mu */
-        "ldr	r10, [%[m], #320]\n\t"
-        "ldr	r9, [%[a], #320]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #320]\n\t"
-        /* a[i+81] += m[81] * mu */
-        "ldr	r10, [%[m], #324]\n\t"
-        "ldr	r9, [%[a], #324]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #324]\n\t"
-        /* a[i+82] += m[82] * mu */
-        "ldr	r10, [%[m], #328]\n\t"
-        "ldr	r9, [%[a], #328]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #328]\n\t"
-        /* a[i+83] += m[83] * mu */
-        "ldr	r10, [%[m], #332]\n\t"
-        "ldr	r9, [%[a], #332]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #332]\n\t"
-        /* a[i+84] += m[84] * mu */
-        "ldr	r10, [%[m], #336]\n\t"
-        "ldr	r9, [%[a], #336]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #336]\n\t"
-        /* a[i+85] += m[85] * mu */
-        "ldr	r10, [%[m], #340]\n\t"
-        "ldr	r9, [%[a], #340]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #340]\n\t"
-        /* a[i+86] += m[86] * mu */
-        "ldr	r10, [%[m], #344]\n\t"
-        "ldr	r9, [%[a], #344]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #344]\n\t"
-        /* a[i+87] += m[87] * mu */
-        "ldr	r10, [%[m], #348]\n\t"
-        "ldr	r9, [%[a], #348]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #348]\n\t"
-        /* a[i+88] += m[88] * mu */
-        "ldr	r10, [%[m], #352]\n\t"
-        "ldr	r9, [%[a], #352]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #352]\n\t"
-        /* a[i+89] += m[89] * mu */
-        "ldr	r10, [%[m], #356]\n\t"
-        "ldr	r9, [%[a], #356]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #356]\n\t"
-        /* a[i+90] += m[90] * mu */
-        "ldr	r10, [%[m], #360]\n\t"
-        "ldr	r9, [%[a], #360]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #360]\n\t"
-        /* a[i+91] += m[91] * mu */
-        "ldr	r10, [%[m], #364]\n\t"
-        "ldr	r9, [%[a], #364]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #364]\n\t"
-        /* a[i+92] += m[92] * mu */
-        "ldr	r10, [%[m], #368]\n\t"
-        "ldr	r9, [%[a], #368]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #368]\n\t"
-        /* a[i+93] += m[93] * mu */
-        "ldr	r10, [%[m], #372]\n\t"
-        "ldr	r9, [%[a], #372]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #372]\n\t"
-        /* a[i+94] += m[94] * mu */
-        "ldr	r10, [%[m], #376]\n\t"
-        "ldr	r9, [%[a], #376]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #376]\n\t"
-        /* a[i+95] += m[95] * mu */
-        "ldr	r10, [%[m], #380]\n\t"
-        "ldr	r9, [%[a], #380]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #384]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #380]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #384]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0x180\n\t"
-        "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_96(r, a, b);
-    sp_3072_mont_reduce_96(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_96(r, a);
-    sp_3072_mont_reduce_96(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x180\n\t"
-        "\n"
-    "L_sp_3072_sub_96_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_3072_sub_96_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12", "lr"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_96(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_96(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_3072_word_96_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_3072_word_96_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[192], t2[97];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[95];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 96);
-    for (i = 95; i > 0; i--) {
-        if (t1[i + 96] != d[i])
-            break;
-    }
-    if (t1[i + 96] >= d[i]) {
-        sp_3072_sub_in_place_96(&t1[96], d);
-    }
-    for (i = 95; i >= 0; i--) {
-        if (t1[96 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_3072_word_96(t1[96 + i], t1[96 + i - 1], div);
-        }
-
-        sp_3072_mul_d_96(t2, d, r1);
-        t1[96 + i] += sp_3072_sub_in_place_96(&t1[i], t2);
-        t1[96 + i] -= t2[96];
-        if (t1[96 + i] != 0) {
-            t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], d);
-            if (t1[96 + i] != 0)
-                t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 95; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_3072_sub_96(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 96);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_3072_div_96_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<96; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 96; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r4, #0x7c\n\t"
-        "orr	r4, r4, #0x100\n\t"
-#else
-        "mov	r4, #0x17c\n\t"
-#endif
-        "\n"
-    "L_sp_3072_cmp_96_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_3072_cmp_96_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #380]\n\t"
-        "ldr	lr, [%[b], #380]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #376]\n\t"
-        "ldr	lr, [%[b], #376]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #372]\n\t"
-        "ldr	lr, [%[b], #372]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #368]\n\t"
-        "ldr	lr, [%[b], #368]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #364]\n\t"
-        "ldr	lr, [%[b], #364]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #360]\n\t"
-        "ldr	lr, [%[b], #360]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #356]\n\t"
-        "ldr	lr, [%[b], #356]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #352]\n\t"
-        "ldr	lr, [%[b], #352]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #348]\n\t"
-        "ldr	lr, [%[b], #348]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #344]\n\t"
-        "ldr	lr, [%[b], #344]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #340]\n\t"
-        "ldr	lr, [%[b], #340]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #336]\n\t"
-        "ldr	lr, [%[b], #336]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #332]\n\t"
-        "ldr	lr, [%[b], #332]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #328]\n\t"
-        "ldr	lr, [%[b], #328]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #324]\n\t"
-        "ldr	lr, [%[b], #324]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #320]\n\t"
-        "ldr	lr, [%[b], #320]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #316]\n\t"
-        "ldr	lr, [%[b], #316]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #312]\n\t"
-        "ldr	lr, [%[b], #312]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #308]\n\t"
-        "ldr	lr, [%[b], #308]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #304]\n\t"
-        "ldr	lr, [%[b], #304]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #300]\n\t"
-        "ldr	lr, [%[b], #300]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #296]\n\t"
-        "ldr	lr, [%[b], #296]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #292]\n\t"
-        "ldr	lr, [%[b], #292]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #288]\n\t"
-        "ldr	lr, [%[b], #288]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #284]\n\t"
-        "ldr	lr, [%[b], #284]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #280]\n\t"
-        "ldr	lr, [%[b], #280]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #276]\n\t"
-        "ldr	lr, [%[b], #276]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #272]\n\t"
-        "ldr	lr, [%[b], #272]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #268]\n\t"
-        "ldr	lr, [%[b], #268]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #264]\n\t"
-        "ldr	lr, [%[b], #264]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #260]\n\t"
-        "ldr	lr, [%[b], #260]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #256]\n\t"
-        "ldr	lr, [%[b], #256]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #252]\n\t"
-        "ldr	lr, [%[b], #252]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #248]\n\t"
-        "ldr	lr, [%[b], #248]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #244]\n\t"
-        "ldr	lr, [%[b], #244]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #240]\n\t"
-        "ldr	lr, [%[b], #240]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #236]\n\t"
-        "ldr	lr, [%[b], #236]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #232]\n\t"
-        "ldr	lr, [%[b], #232]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #228]\n\t"
-        "ldr	lr, [%[b], #228]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #224]\n\t"
-        "ldr	lr, [%[b], #224]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #220]\n\t"
-        "ldr	lr, [%[b], #220]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #216]\n\t"
-        "ldr	lr, [%[b], #216]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #212]\n\t"
-        "ldr	lr, [%[b], #212]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #208]\n\t"
-        "ldr	lr, [%[b], #208]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #204]\n\t"
-        "ldr	lr, [%[b], #204]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #200]\n\t"
-        "ldr	lr, [%[b], #200]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #196]\n\t"
-        "ldr	lr, [%[b], #196]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #192]\n\t"
-        "ldr	lr, [%[b], #192]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #188]\n\t"
-        "ldr	lr, [%[b], #188]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #184]\n\t"
-        "ldr	lr, [%[b], #184]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #180]\n\t"
-        "ldr	lr, [%[b], #180]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #176]\n\t"
-        "ldr	lr, [%[b], #176]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #172]\n\t"
-        "ldr	lr, [%[b], #172]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #168]\n\t"
-        "ldr	lr, [%[b], #168]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #164]\n\t"
-        "ldr	lr, [%[b], #164]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #160]\n\t"
-        "ldr	lr, [%[b], #160]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #156]\n\t"
-        "ldr	lr, [%[b], #156]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #152]\n\t"
-        "ldr	lr, [%[b], #152]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #148]\n\t"
-        "ldr	lr, [%[b], #148]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #144]\n\t"
-        "ldr	lr, [%[b], #144]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #140]\n\t"
-        "ldr	lr, [%[b], #140]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #136]\n\t"
-        "ldr	lr, [%[b], #136]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #132]\n\t"
-        "ldr	lr, [%[b], #132]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #128]\n\t"
-        "ldr	lr, [%[b], #128]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #124]\n\t"
-        "ldr	lr, [%[b], #124]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #120]\n\t"
-        "ldr	lr, [%[b], #120]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #116]\n\t"
-        "ldr	lr, [%[b], #116]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #112]\n\t"
-        "ldr	lr, [%[b], #112]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #108]\n\t"
-        "ldr	lr, [%[b], #108]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #104]\n\t"
-        "ldr	lr, [%[b], #104]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #100]\n\t"
-        "ldr	lr, [%[b], #100]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #96]\n\t"
-        "ldr	lr, [%[b], #96]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #92]\n\t"
-        "ldr	lr, [%[b], #92]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #88]\n\t"
-        "ldr	lr, [%[b], #88]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #84]\n\t"
-        "ldr	lr, [%[b], #84]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #80]\n\t"
-        "ldr	lr, [%[b], #80]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #76]\n\t"
-        "ldr	lr, [%[b], #76]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #72]\n\t"
-        "ldr	lr, [%[b], #72]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #68]\n\t"
-        "ldr	lr, [%[b], #68]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[192], t2[97];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[95];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 96);
-    r1 = sp_3072_cmp_96(&t1[96], d) >= 0;
-    sp_3072_cond_sub_96(&t1[96], &t1[96], d, (sp_digit)0 - r1);
-    for (i = 95; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[96 + i] == div);
-        sp_digit hi = t1[96 + i] + mask;
-        r1 = div_3072_word_96(hi, t1[96 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_96(t2, d, r1);
-        t1[96 + i] += sp_3072_sub_in_place_96(&t1[i], t2);
-        t1[96 + i] -= t2[96];
-        sp_3072_mask_96(t2, d, t1[96 + i]);
-        t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], t2);
-        sp_3072_mask_96(t2, d, t1[96 + i]);
-        t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_96(t1, d) >= 0;
-    sp_3072_cond_sub_96(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_3072_div_96(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 192);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 192;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 96U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_96(t[1] + 96, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_96(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 96, a, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_96(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_96(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_96(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_96(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_96(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_96(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 96);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_mont_mul_96(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 192);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 192;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 96U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_96(t[1] + 96, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_96(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 96, a, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_96(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_96(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_96(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_96(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_96(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_96(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_96(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_96(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_96(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_96(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_96(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_96(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_96(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_96(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 96);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_mont_mul_96(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 96 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 384 ||
-                                                     mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 96 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 96;
-        r = a + 96 * 2;
-        m = r + 96 * 2;
-
-        sp_3072_from_bin(ah, 96, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 96, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_3072_mont_sqr_96(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_3072_mont_mul_96(r, r, ah, m, mp);
-
-                for (i = 95; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_96(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_3072_sqr_96(r, ah);
-                err = sp_3072_mod_96_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_3072_mul_96(r, ah, r);
-                err = sp_3072_mod_96_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 96);
-                for (i--; i >= 0; i--) {
-                    sp_3072_mont_sqr_96(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_96(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[96], 0, sizeof(sp_digit) * 96);
-                sp_3072_mont_reduce_96(r, m, mp);
-
-                for (i = 95; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_96(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "\n"
-    "L_sp_3072_cond_add_48_words_%=: \n\t"
-        "adds	lr, lr, #-1\n\t"
-        "ldr	r4, [%[a], r12]\n\t"
-        "ldr	r5, [%[b], r12]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "adc	lr, r6, r6\n\t"
-        "str	r4, [%[r], r12]\n\t"
-        "add	r12, r12, #4\n\t"
-        "cmp	r12, #0xc0\n\t"
-        "blt	L_sp_3072_cond_add_48_words_%=\n\t"
-        "mov	%[r], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r8, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "adc	%[r], r8, r8\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 96 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 96 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 96;
-        m = a + 192;
-        r = a;
-
-        sp_3072_from_bin(a, 96, in, inLen);
-        sp_3072_from_mp(d, 96, dm);
-        sp_3072_from_mp(m, 96, mm);
-        err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 96, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 48 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 384 || mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 48 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 96 * 2;
-        q = p + 48;
-        qi = dq = dp = q + 48;
-        tmpa = qi + 48;
-        tmpb = tmpa + 96;
-        r = a;
-
-        sp_3072_from_bin(a, 96, in, inLen);
-        sp_3072_from_mp(p, 48, pm);
-        sp_3072_from_mp(q, 48, qm);
-        sp_3072_from_mp(dp, 48, dpm);
-
-        err = sp_3072_mod_exp_48(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(dq, 48, dqm);
-        err = sp_3072_mod_exp_48(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_3072_sub_in_place_48(tmpa, tmpb);
-        c += sp_3072_cond_add_48(tmpa, tmpa, p, c);
-        sp_3072_cond_add_48(tmpa, tmpa, p, c);
-
-        sp_3072_from_mp(qi, 48, qim);
-        sp_3072_mul_48(tmpa, tmpa, qi);
-        err = sp_3072_mod_48(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_48(tmpa, q, tmpa);
-        XMEMSET(&tmpb[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_add_96(r, tmpb, tmpa);
-
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 48 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 96);
-        r->used = 96;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 96; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 96; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[192];
-    sp_digit e[96];
-    sp_digit m[96];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 96, base);
-        sp_3072_from_mp(e, 96, exp);
-        sp_3072_from_mp(m, 96, mod);
-
-        err = sp_3072_mod_exp_96(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register byte n asm ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "rsb	r12, %[n], #31\n\t"
-        "ldr	r5, [%[a], #380]\n\t"
-        "lsr	r6, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r6, r6, r12\n\t"
-        "ldr	r4, [%[a], #376]\n\t"
-        "str	r6, [%[r], #384]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #372]\n\t"
-        "str	r5, [%[r], #380]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #368]\n\t"
-        "str	r4, [%[r], #376]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #364]\n\t"
-        "str	r6, [%[r], #372]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #360]\n\t"
-        "str	r5, [%[r], #368]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #356]\n\t"
-        "str	r4, [%[r], #364]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #352]\n\t"
-        "str	r6, [%[r], #360]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #348]\n\t"
-        "str	r5, [%[r], #356]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #344]\n\t"
-        "str	r4, [%[r], #352]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #340]\n\t"
-        "str	r6, [%[r], #348]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #336]\n\t"
-        "str	r5, [%[r], #344]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #332]\n\t"
-        "str	r4, [%[r], #340]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #328]\n\t"
-        "str	r6, [%[r], #336]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #324]\n\t"
-        "str	r5, [%[r], #332]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #320]\n\t"
-        "str	r4, [%[r], #328]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #316]\n\t"
-        "str	r6, [%[r], #324]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #312]\n\t"
-        "str	r5, [%[r], #320]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #308]\n\t"
-        "str	r4, [%[r], #316]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #304]\n\t"
-        "str	r6, [%[r], #312]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #300]\n\t"
-        "str	r5, [%[r], #308]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #296]\n\t"
-        "str	r4, [%[r], #304]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #292]\n\t"
-        "str	r6, [%[r], #300]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #288]\n\t"
-        "str	r5, [%[r], #296]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #284]\n\t"
-        "str	r4, [%[r], #292]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #280]\n\t"
-        "str	r6, [%[r], #288]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #276]\n\t"
-        "str	r5, [%[r], #284]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #272]\n\t"
-        "str	r4, [%[r], #280]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #268]\n\t"
-        "str	r6, [%[r], #276]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #264]\n\t"
-        "str	r5, [%[r], #272]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #260]\n\t"
-        "str	r4, [%[r], #268]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #256]\n\t"
-        "str	r6, [%[r], #264]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #252]\n\t"
-        "str	r5, [%[r], #260]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #248]\n\t"
-        "str	r4, [%[r], #256]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #244]\n\t"
-        "str	r6, [%[r], #252]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #240]\n\t"
-        "str	r5, [%[r], #248]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #236]\n\t"
-        "str	r4, [%[r], #244]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #232]\n\t"
-        "str	r6, [%[r], #240]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #228]\n\t"
-        "str	r5, [%[r], #236]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #224]\n\t"
-        "str	r4, [%[r], #232]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #220]\n\t"
-        "str	r6, [%[r], #228]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #216]\n\t"
-        "str	r5, [%[r], #224]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #212]\n\t"
-        "str	r4, [%[r], #220]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #208]\n\t"
-        "str	r6, [%[r], #216]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #204]\n\t"
-        "str	r5, [%[r], #212]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #200]\n\t"
-        "str	r4, [%[r], #208]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #196]\n\t"
-        "str	r6, [%[r], #204]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #192]\n\t"
-        "str	r5, [%[r], #200]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #188]\n\t"
-        "str	r4, [%[r], #196]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #184]\n\t"
-        "str	r6, [%[r], #192]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #180]\n\t"
-        "str	r5, [%[r], #188]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #176]\n\t"
-        "str	r4, [%[r], #184]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #172]\n\t"
-        "str	r6, [%[r], #180]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #168]\n\t"
-        "str	r5, [%[r], #176]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #164]\n\t"
-        "str	r4, [%[r], #172]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #160]\n\t"
-        "str	r6, [%[r], #168]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #156]\n\t"
-        "str	r5, [%[r], #164]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #152]\n\t"
-        "str	r4, [%[r], #160]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #148]\n\t"
-        "str	r6, [%[r], #156]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #144]\n\t"
-        "str	r5, [%[r], #152]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #140]\n\t"
-        "str	r4, [%[r], #148]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #136]\n\t"
-        "str	r6, [%[r], #144]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #132]\n\t"
-        "str	r5, [%[r], #140]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #128]\n\t"
-        "str	r4, [%[r], #136]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #124]\n\t"
-        "str	r6, [%[r], #132]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #120]\n\t"
-        "str	r5, [%[r], #128]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #116]\n\t"
-        "str	r4, [%[r], #124]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "str	r6, [%[r], #120]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #108]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #104]\n\t"
-        "str	r4, [%[r], #112]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #100]\n\t"
-        "str	r6, [%[r], #108]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #96]\n\t"
-        "str	r5, [%[r], #104]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #92]\n\t"
-        "str	r4, [%[r], #100]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #88]\n\t"
-        "str	r6, [%[r], #96]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #84]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #80]\n\t"
-        "str	r4, [%[r], #88]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #76]\n\t"
-        "str	r6, [%[r], #84]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #72]\n\t"
-        "str	r5, [%[r], #80]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #68]\n\t"
-        "str	r4, [%[r], #76]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "str	r6, [%[r], #72]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r6, [%[r], #60]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r6, [%[r], #48]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r6, [%[r], #36]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r6, [%[r], #24]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "str	r6, [%[r]]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r12"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 289);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 289, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 192;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_3072_lshift_96(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_lshift_96(r, r, y);
-            sp_3072_mul_d_96(tmp, norm, r[96]);
-            r[96] = 0;
-            o = sp_3072_add_96(r, r, tmp);
-            sp_3072_cond_sub_96(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[192];
-    sp_digit e[96];
-    sp_digit m[96];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 96, base);
-        sp_3072_from_bin(e, 96, exp, expLen);
-        sp_3072_from_mp(m, 96, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2 && m[95] == (sp_digit)-1)
-            err = sp_3072_mod_exp_2_96(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_3072_mod_exp_96(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-        for (i=0; i<384 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[96];
-    sp_digit e[48];
-    sp_digit m[48];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_mp(e, 48, exp);
-        sp_3072_from_mp(m, 48, mod);
-
-        err = sp_3072_mod_exp_48(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 48, 0, sizeof(*r) * 48U);
-        err = sp_3072_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_128(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 127; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_128(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_128(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[128];
-    sp_digit a1[64];
-    sp_digit b1[64];
-    sp_digit* z2 = r + 128;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_64(a1, a, &a[64]);
-    cb = sp_2048_add_64(b1, b, &b[64]);
-    u  = ca & cb;
-
-    sp_2048_mul_64(z2, &a[64], &b[64]);
-    sp_2048_mul_64(z0, a, b);
-    sp_2048_mul_64(z1, a1, b1);
-
-    u += sp_4096_sub_in_place_128(z1, z0);
-    u += sp_4096_sub_in_place_128(z1, z2);
-    sp_2048_mask_64(a1, a1, 0 - cb);
-    u += sp_2048_add_64(z1 + 64, z1 + 64, a1);
-    sp_2048_mask_64(b1, b1, 0 - ca);
-    u += sp_2048_add_64(z1 + 64, z1 + 64, b1);
-
-    u += sp_4096_add_128(r + 64, r + 64, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (64 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_64(r + 192, r + 192, a1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 128;
-    sp_digit z1[128];
-    sp_digit* a1 = z1;
-    sp_digit zero[64];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 64);
-
-    mask = sp_2048_sub_64(a1, a, &a[64]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_64(a1, p1, p2);
-
-    sp_2048_sqr_64(z2, &a[64]);
-    sp_2048_sqr_64(z0, a);
-    sp_2048_sqr_64(z1, a1);
-
-    u = 0;
-    u -= sp_4096_sub_in_place_128(z1, z2);
-    u -= sp_4096_sub_in_place_128(z1, z0);
-    u += sp_4096_sub_in_place_128(r + 64, z1);
-    zero[0] = u;
-    (void)sp_2048_add_64(r + 192, r + 192, zero);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0x200\n\t"
-        "\n"
-    "L_sp_4096_add_128_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_4096_add_128_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x200\n\t"
-        "\n"
-    "L_sp_4096_sub_in_pkace_128_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_4096_sub_in_pkace_128_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x400\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_4096_mul_128_outer_%=: \n\t"
-        "subs	r3, r5, #0x1fc\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_4096_mul_128_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_4096_mul_128_inner_done_%=\n\t"
-        "blt	L_sp_4096_mul_128_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_4096_mul_128_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x3f4\n\t"
-        "ble	L_sp_4096_mul_128_outer_%=\n\t"
-        "ldr	lr, [%[a], #508]\n\t"
-        "ldr	r11, [%[b], #508]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_4096_mul_128_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_4096_mul_128_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r,
-    const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x400\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_outer_%=: \n\t"
-        "subs	r3, r5, #0x1fc\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_4096_sqr_128_inner_done_%=\n\t"
-        "blt	L_sp_4096_sqr_128_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_4096_sqr_128_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x3f4\n\t"
-        "ble	L_sp_4096_sqr_128_outer_%=\n\t"
-        "ldr	lr, [%[a], #508]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_4096_sqr_128_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_4096_mul_d_128_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0x200\n\t"
-        "blt	L_sp_4096_mul_d_128_word_%=\n\t"
-        "str	r3, [%[r], #512]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[17] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[18] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[19] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[20] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[21] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[22] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[23] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[24] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[25] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[26] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[27] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[28] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[29] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[30] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[31] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[32] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[33] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[34] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[35] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[36] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[37] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[38] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[39] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[40] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[41] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[42] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[43] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[44] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[45] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[46] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[47] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[48] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[49] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[50] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[51] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[52] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[53] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[54] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[55] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[56] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[57] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[58] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[59] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[60] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[61] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[62] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[63] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[64] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[65] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[66] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[67] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[68] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[69] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[70] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[71] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[72] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[73] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[74] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[75] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[76] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[77] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[78] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[79] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[80] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[81] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[82] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[83] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[84] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[85] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[86] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[87] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[88] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[89] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[90] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[91] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[92] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[93] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[94] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[95] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[96] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[97] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[98] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[99] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[100] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[101] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[102] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[103] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[104] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[105] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[106] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[107] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[108] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[109] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[110] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[111] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[112] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[113] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[114] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[115] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[116] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[117] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[118] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[119] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[120] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[121] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[122] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[123] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[124] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[125] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[126] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[127] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "str	r5, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 128);
-
-    /* r = 2^n mod m */
-    sp_4096_sub_in_place_128(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_4096_cond_sub_128_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0x200\n\t"
-        "blt	L_sp_4096_cond_sub_128_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_4096_mont_reduce_128_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r7, [%[m], #192]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r7, [%[m], #196]\n\t"
-        "ldr	r10, [%[a], #196]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #196]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r7, [%[m], #200]\n\t"
-        "ldr	r10, [%[a], #200]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #200]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r7, [%[m], #204]\n\t"
-        "ldr	r10, [%[a], #204]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #204]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r7, [%[m], #208]\n\t"
-        "ldr	r10, [%[a], #208]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #208]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r7, [%[m], #212]\n\t"
-        "ldr	r10, [%[a], #212]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #212]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r7, [%[m], #216]\n\t"
-        "ldr	r10, [%[a], #216]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #216]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r7, [%[m], #220]\n\t"
-        "ldr	r10, [%[a], #220]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #220]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r7, [%[m], #224]\n\t"
-        "ldr	r10, [%[a], #224]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #224]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r7, [%[m], #228]\n\t"
-        "ldr	r10, [%[a], #228]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #228]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r7, [%[m], #232]\n\t"
-        "ldr	r10, [%[a], #232]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #232]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r7, [%[m], #236]\n\t"
-        "ldr	r10, [%[a], #236]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #236]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r7, [%[m], #240]\n\t"
-        "ldr	r10, [%[a], #240]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #240]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r7, [%[m], #244]\n\t"
-        "ldr	r10, [%[a], #244]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #244]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r7, [%[m], #248]\n\t"
-        "ldr	r10, [%[a], #248]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #248]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r7, [%[m], #252]\n\t"
-        "ldr	r10, [%[a], #252]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #252]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+64] += m[64] * mu */
-        "ldr	r7, [%[m], #256]\n\t"
-        "ldr	r10, [%[a], #256]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #256]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+65] += m[65] * mu */
-        "ldr	r7, [%[m], #260]\n\t"
-        "ldr	r10, [%[a], #260]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #260]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+66] += m[66] * mu */
-        "ldr	r7, [%[m], #264]\n\t"
-        "ldr	r10, [%[a], #264]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #264]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+67] += m[67] * mu */
-        "ldr	r7, [%[m], #268]\n\t"
-        "ldr	r10, [%[a], #268]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #268]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+68] += m[68] * mu */
-        "ldr	r7, [%[m], #272]\n\t"
-        "ldr	r10, [%[a], #272]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #272]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+69] += m[69] * mu */
-        "ldr	r7, [%[m], #276]\n\t"
-        "ldr	r10, [%[a], #276]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #276]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+70] += m[70] * mu */
-        "ldr	r7, [%[m], #280]\n\t"
-        "ldr	r10, [%[a], #280]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #280]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+71] += m[71] * mu */
-        "ldr	r7, [%[m], #284]\n\t"
-        "ldr	r10, [%[a], #284]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #284]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+72] += m[72] * mu */
-        "ldr	r7, [%[m], #288]\n\t"
-        "ldr	r10, [%[a], #288]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #288]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+73] += m[73] * mu */
-        "ldr	r7, [%[m], #292]\n\t"
-        "ldr	r10, [%[a], #292]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #292]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+74] += m[74] * mu */
-        "ldr	r7, [%[m], #296]\n\t"
-        "ldr	r10, [%[a], #296]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #296]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+75] += m[75] * mu */
-        "ldr	r7, [%[m], #300]\n\t"
-        "ldr	r10, [%[a], #300]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #300]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+76] += m[76] * mu */
-        "ldr	r7, [%[m], #304]\n\t"
-        "ldr	r10, [%[a], #304]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #304]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+77] += m[77] * mu */
-        "ldr	r7, [%[m], #308]\n\t"
-        "ldr	r10, [%[a], #308]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #308]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+78] += m[78] * mu */
-        "ldr	r7, [%[m], #312]\n\t"
-        "ldr	r10, [%[a], #312]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #312]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+79] += m[79] * mu */
-        "ldr	r7, [%[m], #316]\n\t"
-        "ldr	r10, [%[a], #316]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #316]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+80] += m[80] * mu */
-        "ldr	r7, [%[m], #320]\n\t"
-        "ldr	r10, [%[a], #320]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #320]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+81] += m[81] * mu */
-        "ldr	r7, [%[m], #324]\n\t"
-        "ldr	r10, [%[a], #324]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #324]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+82] += m[82] * mu */
-        "ldr	r7, [%[m], #328]\n\t"
-        "ldr	r10, [%[a], #328]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #328]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+83] += m[83] * mu */
-        "ldr	r7, [%[m], #332]\n\t"
-        "ldr	r10, [%[a], #332]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #332]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+84] += m[84] * mu */
-        "ldr	r7, [%[m], #336]\n\t"
-        "ldr	r10, [%[a], #336]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #336]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+85] += m[85] * mu */
-        "ldr	r7, [%[m], #340]\n\t"
-        "ldr	r10, [%[a], #340]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #340]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+86] += m[86] * mu */
-        "ldr	r7, [%[m], #344]\n\t"
-        "ldr	r10, [%[a], #344]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #344]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+87] += m[87] * mu */
-        "ldr	r7, [%[m], #348]\n\t"
-        "ldr	r10, [%[a], #348]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #348]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+88] += m[88] * mu */
-        "ldr	r7, [%[m], #352]\n\t"
-        "ldr	r10, [%[a], #352]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #352]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+89] += m[89] * mu */
-        "ldr	r7, [%[m], #356]\n\t"
-        "ldr	r10, [%[a], #356]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #356]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+90] += m[90] * mu */
-        "ldr	r7, [%[m], #360]\n\t"
-        "ldr	r10, [%[a], #360]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #360]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+91] += m[91] * mu */
-        "ldr	r7, [%[m], #364]\n\t"
-        "ldr	r10, [%[a], #364]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #364]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+92] += m[92] * mu */
-        "ldr	r7, [%[m], #368]\n\t"
-        "ldr	r10, [%[a], #368]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #368]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+93] += m[93] * mu */
-        "ldr	r7, [%[m], #372]\n\t"
-        "ldr	r10, [%[a], #372]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #372]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+94] += m[94] * mu */
-        "ldr	r7, [%[m], #376]\n\t"
-        "ldr	r10, [%[a], #376]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #376]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+95] += m[95] * mu */
-        "ldr	r7, [%[m], #380]\n\t"
-        "ldr	r10, [%[a], #380]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #380]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+96] += m[96] * mu */
-        "ldr	r7, [%[m], #384]\n\t"
-        "ldr	r10, [%[a], #384]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #384]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+97] += m[97] * mu */
-        "ldr	r7, [%[m], #388]\n\t"
-        "ldr	r10, [%[a], #388]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #388]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+98] += m[98] * mu */
-        "ldr	r7, [%[m], #392]\n\t"
-        "ldr	r10, [%[a], #392]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #392]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+99] += m[99] * mu */
-        "ldr	r7, [%[m], #396]\n\t"
-        "ldr	r10, [%[a], #396]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #396]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+100] += m[100] * mu */
-        "ldr	r7, [%[m], #400]\n\t"
-        "ldr	r10, [%[a], #400]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #400]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+101] += m[101] * mu */
-        "ldr	r7, [%[m], #404]\n\t"
-        "ldr	r10, [%[a], #404]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #404]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+102] += m[102] * mu */
-        "ldr	r7, [%[m], #408]\n\t"
-        "ldr	r10, [%[a], #408]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #408]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+103] += m[103] * mu */
-        "ldr	r7, [%[m], #412]\n\t"
-        "ldr	r10, [%[a], #412]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #412]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+104] += m[104] * mu */
-        "ldr	r7, [%[m], #416]\n\t"
-        "ldr	r10, [%[a], #416]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #416]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+105] += m[105] * mu */
-        "ldr	r7, [%[m], #420]\n\t"
-        "ldr	r10, [%[a], #420]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #420]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+106] += m[106] * mu */
-        "ldr	r7, [%[m], #424]\n\t"
-        "ldr	r10, [%[a], #424]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #424]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+107] += m[107] * mu */
-        "ldr	r7, [%[m], #428]\n\t"
-        "ldr	r10, [%[a], #428]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #428]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+108] += m[108] * mu */
-        "ldr	r7, [%[m], #432]\n\t"
-        "ldr	r10, [%[a], #432]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #432]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+109] += m[109] * mu */
-        "ldr	r7, [%[m], #436]\n\t"
-        "ldr	r10, [%[a], #436]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #436]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+110] += m[110] * mu */
-        "ldr	r7, [%[m], #440]\n\t"
-        "ldr	r10, [%[a], #440]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #440]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+111] += m[111] * mu */
-        "ldr	r7, [%[m], #444]\n\t"
-        "ldr	r10, [%[a], #444]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #444]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+112] += m[112] * mu */
-        "ldr	r7, [%[m], #448]\n\t"
-        "ldr	r10, [%[a], #448]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #448]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+113] += m[113] * mu */
-        "ldr	r7, [%[m], #452]\n\t"
-        "ldr	r10, [%[a], #452]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #452]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+114] += m[114] * mu */
-        "ldr	r7, [%[m], #456]\n\t"
-        "ldr	r10, [%[a], #456]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #456]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+115] += m[115] * mu */
-        "ldr	r7, [%[m], #460]\n\t"
-        "ldr	r10, [%[a], #460]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #460]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+116] += m[116] * mu */
-        "ldr	r7, [%[m], #464]\n\t"
-        "ldr	r10, [%[a], #464]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #464]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+117] += m[117] * mu */
-        "ldr	r7, [%[m], #468]\n\t"
-        "ldr	r10, [%[a], #468]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #468]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+118] += m[118] * mu */
-        "ldr	r7, [%[m], #472]\n\t"
-        "ldr	r10, [%[a], #472]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #472]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+119] += m[119] * mu */
-        "ldr	r7, [%[m], #476]\n\t"
-        "ldr	r10, [%[a], #476]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #476]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+120] += m[120] * mu */
-        "ldr	r7, [%[m], #480]\n\t"
-        "ldr	r10, [%[a], #480]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #480]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+121] += m[121] * mu */
-        "ldr	r7, [%[m], #484]\n\t"
-        "ldr	r10, [%[a], #484]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #484]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+122] += m[122] * mu */
-        "ldr	r7, [%[m], #488]\n\t"
-        "ldr	r10, [%[a], #488]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #488]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+123] += m[123] * mu */
-        "ldr	r7, [%[m], #492]\n\t"
-        "ldr	r10, [%[a], #492]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #492]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+124] += m[124] * mu */
-        "ldr	r7, [%[m], #496]\n\t"
-        "ldr	r10, [%[a], #496]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #496]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+125] += m[125] * mu */
-        "ldr	r7, [%[m], #500]\n\t"
-        "ldr	r10, [%[a], #500]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #500]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+126] += m[126] * mu */
-        "ldr	r7, [%[m], #504]\n\t"
-        "ldr	r10, [%[a], #504]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #504]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+127] += m[127] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #508]\n\t"
-#else
-        "ldr	r7, [%[m], #508]\n\t"
-#endif
-        "ldr	r10, [%[a], #508]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #508]\n\t"
-        "ldr	r10, [%[a], #512]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #512]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x200\n\t"
-        "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_4096_mont_reduce_128_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r7, [%[m], #128]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r7, [%[m], #132]\n\t"
-        "ldr	r10, [%[a], #132]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #132]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r7, [%[m], #136]\n\t"
-        "ldr	r10, [%[a], #136]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #136]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r7, [%[m], #140]\n\t"
-        "ldr	r10, [%[a], #140]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #140]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r7, [%[m], #144]\n\t"
-        "ldr	r10, [%[a], #144]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #144]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r7, [%[m], #148]\n\t"
-        "ldr	r10, [%[a], #148]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #148]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r7, [%[m], #152]\n\t"
-        "ldr	r10, [%[a], #152]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #152]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r7, [%[m], #156]\n\t"
-        "ldr	r10, [%[a], #156]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #156]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r7, [%[m], #160]\n\t"
-        "ldr	r10, [%[a], #160]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #160]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r7, [%[m], #164]\n\t"
-        "ldr	r10, [%[a], #164]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #164]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r7, [%[m], #168]\n\t"
-        "ldr	r10, [%[a], #168]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #168]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r7, [%[m], #172]\n\t"
-        "ldr	r10, [%[a], #172]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #172]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r7, [%[m], #176]\n\t"
-        "ldr	r10, [%[a], #176]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #176]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r7, [%[m], #180]\n\t"
-        "ldr	r10, [%[a], #180]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #180]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r7, [%[m], #184]\n\t"
-        "ldr	r10, [%[a], #184]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #184]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r7, [%[m], #188]\n\t"
-        "ldr	r10, [%[a], #188]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #188]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r7, [%[m], #192]\n\t"
-        "ldr	r10, [%[a], #192]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #192]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r7, [%[m], #196]\n\t"
-        "ldr	r10, [%[a], #196]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #196]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r7, [%[m], #200]\n\t"
-        "ldr	r10, [%[a], #200]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #200]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r7, [%[m], #204]\n\t"
-        "ldr	r10, [%[a], #204]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #204]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r7, [%[m], #208]\n\t"
-        "ldr	r10, [%[a], #208]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #208]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r7, [%[m], #212]\n\t"
-        "ldr	r10, [%[a], #212]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #212]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r7, [%[m], #216]\n\t"
-        "ldr	r10, [%[a], #216]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #216]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r7, [%[m], #220]\n\t"
-        "ldr	r10, [%[a], #220]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #220]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r7, [%[m], #224]\n\t"
-        "ldr	r10, [%[a], #224]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #224]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r7, [%[m], #228]\n\t"
-        "ldr	r10, [%[a], #228]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #228]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r7, [%[m], #232]\n\t"
-        "ldr	r10, [%[a], #232]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #232]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r7, [%[m], #236]\n\t"
-        "ldr	r10, [%[a], #236]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #236]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r7, [%[m], #240]\n\t"
-        "ldr	r10, [%[a], #240]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #240]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r7, [%[m], #244]\n\t"
-        "ldr	r10, [%[a], #244]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #244]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r7, [%[m], #248]\n\t"
-        "ldr	r10, [%[a], #248]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #248]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r7, [%[m], #252]\n\t"
-        "ldr	r10, [%[a], #252]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #252]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+64] += m[64] * mu */
-        "ldr	r7, [%[m], #256]\n\t"
-        "ldr	r10, [%[a], #256]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #256]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+65] += m[65] * mu */
-        "ldr	r7, [%[m], #260]\n\t"
-        "ldr	r10, [%[a], #260]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #260]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+66] += m[66] * mu */
-        "ldr	r7, [%[m], #264]\n\t"
-        "ldr	r10, [%[a], #264]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #264]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+67] += m[67] * mu */
-        "ldr	r7, [%[m], #268]\n\t"
-        "ldr	r10, [%[a], #268]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #268]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+68] += m[68] * mu */
-        "ldr	r7, [%[m], #272]\n\t"
-        "ldr	r10, [%[a], #272]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #272]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+69] += m[69] * mu */
-        "ldr	r7, [%[m], #276]\n\t"
-        "ldr	r10, [%[a], #276]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #276]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+70] += m[70] * mu */
-        "ldr	r7, [%[m], #280]\n\t"
-        "ldr	r10, [%[a], #280]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #280]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+71] += m[71] * mu */
-        "ldr	r7, [%[m], #284]\n\t"
-        "ldr	r10, [%[a], #284]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #284]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+72] += m[72] * mu */
-        "ldr	r7, [%[m], #288]\n\t"
-        "ldr	r10, [%[a], #288]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #288]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+73] += m[73] * mu */
-        "ldr	r7, [%[m], #292]\n\t"
-        "ldr	r10, [%[a], #292]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #292]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+74] += m[74] * mu */
-        "ldr	r7, [%[m], #296]\n\t"
-        "ldr	r10, [%[a], #296]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #296]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+75] += m[75] * mu */
-        "ldr	r7, [%[m], #300]\n\t"
-        "ldr	r10, [%[a], #300]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #300]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+76] += m[76] * mu */
-        "ldr	r7, [%[m], #304]\n\t"
-        "ldr	r10, [%[a], #304]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #304]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+77] += m[77] * mu */
-        "ldr	r7, [%[m], #308]\n\t"
-        "ldr	r10, [%[a], #308]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #308]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+78] += m[78] * mu */
-        "ldr	r7, [%[m], #312]\n\t"
-        "ldr	r10, [%[a], #312]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #312]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+79] += m[79] * mu */
-        "ldr	r7, [%[m], #316]\n\t"
-        "ldr	r10, [%[a], #316]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #316]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+80] += m[80] * mu */
-        "ldr	r7, [%[m], #320]\n\t"
-        "ldr	r10, [%[a], #320]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #320]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+81] += m[81] * mu */
-        "ldr	r7, [%[m], #324]\n\t"
-        "ldr	r10, [%[a], #324]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #324]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+82] += m[82] * mu */
-        "ldr	r7, [%[m], #328]\n\t"
-        "ldr	r10, [%[a], #328]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #328]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+83] += m[83] * mu */
-        "ldr	r7, [%[m], #332]\n\t"
-        "ldr	r10, [%[a], #332]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #332]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+84] += m[84] * mu */
-        "ldr	r7, [%[m], #336]\n\t"
-        "ldr	r10, [%[a], #336]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #336]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+85] += m[85] * mu */
-        "ldr	r7, [%[m], #340]\n\t"
-        "ldr	r10, [%[a], #340]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #340]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+86] += m[86] * mu */
-        "ldr	r7, [%[m], #344]\n\t"
-        "ldr	r10, [%[a], #344]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #344]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+87] += m[87] * mu */
-        "ldr	r7, [%[m], #348]\n\t"
-        "ldr	r10, [%[a], #348]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #348]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+88] += m[88] * mu */
-        "ldr	r7, [%[m], #352]\n\t"
-        "ldr	r10, [%[a], #352]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #352]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+89] += m[89] * mu */
-        "ldr	r7, [%[m], #356]\n\t"
-        "ldr	r10, [%[a], #356]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #356]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+90] += m[90] * mu */
-        "ldr	r7, [%[m], #360]\n\t"
-        "ldr	r10, [%[a], #360]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #360]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+91] += m[91] * mu */
-        "ldr	r7, [%[m], #364]\n\t"
-        "ldr	r10, [%[a], #364]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #364]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+92] += m[92] * mu */
-        "ldr	r7, [%[m], #368]\n\t"
-        "ldr	r10, [%[a], #368]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #368]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+93] += m[93] * mu */
-        "ldr	r7, [%[m], #372]\n\t"
-        "ldr	r10, [%[a], #372]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #372]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+94] += m[94] * mu */
-        "ldr	r7, [%[m], #376]\n\t"
-        "ldr	r10, [%[a], #376]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #376]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+95] += m[95] * mu */
-        "ldr	r7, [%[m], #380]\n\t"
-        "ldr	r10, [%[a], #380]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #380]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+96] += m[96] * mu */
-        "ldr	r7, [%[m], #384]\n\t"
-        "ldr	r10, [%[a], #384]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #384]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+97] += m[97] * mu */
-        "ldr	r7, [%[m], #388]\n\t"
-        "ldr	r10, [%[a], #388]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #388]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+98] += m[98] * mu */
-        "ldr	r7, [%[m], #392]\n\t"
-        "ldr	r10, [%[a], #392]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #392]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+99] += m[99] * mu */
-        "ldr	r7, [%[m], #396]\n\t"
-        "ldr	r10, [%[a], #396]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #396]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+100] += m[100] * mu */
-        "ldr	r7, [%[m], #400]\n\t"
-        "ldr	r10, [%[a], #400]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #400]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+101] += m[101] * mu */
-        "ldr	r7, [%[m], #404]\n\t"
-        "ldr	r10, [%[a], #404]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #404]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+102] += m[102] * mu */
-        "ldr	r7, [%[m], #408]\n\t"
-        "ldr	r10, [%[a], #408]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #408]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+103] += m[103] * mu */
-        "ldr	r7, [%[m], #412]\n\t"
-        "ldr	r10, [%[a], #412]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #412]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+104] += m[104] * mu */
-        "ldr	r7, [%[m], #416]\n\t"
-        "ldr	r10, [%[a], #416]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #416]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+105] += m[105] * mu */
-        "ldr	r7, [%[m], #420]\n\t"
-        "ldr	r10, [%[a], #420]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #420]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+106] += m[106] * mu */
-        "ldr	r7, [%[m], #424]\n\t"
-        "ldr	r10, [%[a], #424]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #424]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+107] += m[107] * mu */
-        "ldr	r7, [%[m], #428]\n\t"
-        "ldr	r10, [%[a], #428]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #428]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+108] += m[108] * mu */
-        "ldr	r7, [%[m], #432]\n\t"
-        "ldr	r10, [%[a], #432]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #432]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+109] += m[109] * mu */
-        "ldr	r7, [%[m], #436]\n\t"
-        "ldr	r10, [%[a], #436]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #436]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+110] += m[110] * mu */
-        "ldr	r7, [%[m], #440]\n\t"
-        "ldr	r10, [%[a], #440]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #440]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+111] += m[111] * mu */
-        "ldr	r7, [%[m], #444]\n\t"
-        "ldr	r10, [%[a], #444]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #444]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+112] += m[112] * mu */
-        "ldr	r7, [%[m], #448]\n\t"
-        "ldr	r10, [%[a], #448]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #448]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+113] += m[113] * mu */
-        "ldr	r7, [%[m], #452]\n\t"
-        "ldr	r10, [%[a], #452]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #452]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+114] += m[114] * mu */
-        "ldr	r7, [%[m], #456]\n\t"
-        "ldr	r10, [%[a], #456]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #456]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+115] += m[115] * mu */
-        "ldr	r7, [%[m], #460]\n\t"
-        "ldr	r10, [%[a], #460]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #460]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+116] += m[116] * mu */
-        "ldr	r7, [%[m], #464]\n\t"
-        "ldr	r10, [%[a], #464]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #464]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+117] += m[117] * mu */
-        "ldr	r7, [%[m], #468]\n\t"
-        "ldr	r10, [%[a], #468]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #468]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+118] += m[118] * mu */
-        "ldr	r7, [%[m], #472]\n\t"
-        "ldr	r10, [%[a], #472]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #472]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+119] += m[119] * mu */
-        "ldr	r7, [%[m], #476]\n\t"
-        "ldr	r10, [%[a], #476]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #476]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+120] += m[120] * mu */
-        "ldr	r7, [%[m], #480]\n\t"
-        "ldr	r10, [%[a], #480]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #480]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+121] += m[121] * mu */
-        "ldr	r7, [%[m], #484]\n\t"
-        "ldr	r10, [%[a], #484]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #484]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+122] += m[122] * mu */
-        "ldr	r7, [%[m], #488]\n\t"
-        "ldr	r10, [%[a], #488]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #488]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+123] += m[123] * mu */
-        "ldr	r7, [%[m], #492]\n\t"
-        "ldr	r10, [%[a], #492]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #492]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+124] += m[124] * mu */
-        "ldr	r7, [%[m], #496]\n\t"
-        "ldr	r10, [%[a], #496]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #496]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+125] += m[125] * mu */
-        "ldr	r7, [%[m], #500]\n\t"
-        "ldr	r10, [%[a], #500]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #500]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+126] += m[126] * mu */
-        "ldr	r7, [%[m], #504]\n\t"
-        "ldr	r10, [%[a], #504]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #504]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+127] += m[127] * mu */
-        "ldr	r7, [%[m], #508]\n\t"
-        "ldr	r10, [%[a], #508]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #508]\n\t"
-        "ldr	r10, [%[a], #512]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #512]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x200\n\t"
-        "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_4096_mont_reduce_128_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r10, [%[m], #68]\n\t"
-        "ldr	r9, [%[a], #68]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r10, [%[m], #72]\n\t"
-        "ldr	r9, [%[a], #72]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r10, [%[m], #76]\n\t"
-        "ldr	r9, [%[a], #76]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r10, [%[m], #80]\n\t"
-        "ldr	r9, [%[a], #80]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r10, [%[m], #84]\n\t"
-        "ldr	r9, [%[a], #84]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r10, [%[m], #88]\n\t"
-        "ldr	r9, [%[a], #88]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r10, [%[m], #92]\n\t"
-        "ldr	r9, [%[a], #92]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r10, [%[m], #96]\n\t"
-        "ldr	r9, [%[a], #96]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r10, [%[m], #100]\n\t"
-        "ldr	r9, [%[a], #100]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r10, [%[m], #104]\n\t"
-        "ldr	r9, [%[a], #104]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r10, [%[m], #108]\n\t"
-        "ldr	r9, [%[a], #108]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r10, [%[m], #112]\n\t"
-        "ldr	r9, [%[a], #112]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r10, [%[m], #116]\n\t"
-        "ldr	r9, [%[a], #116]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r10, [%[m], #120]\n\t"
-        "ldr	r9, [%[a], #120]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r10, [%[m], #124]\n\t"
-        "ldr	r9, [%[a], #124]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "ldr	r10, [%[m], #128]\n\t"
-        "ldr	r9, [%[a], #128]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "ldr	r10, [%[m], #132]\n\t"
-        "ldr	r9, [%[a], #132]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "ldr	r10, [%[m], #136]\n\t"
-        "ldr	r9, [%[a], #136]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "ldr	r10, [%[m], #140]\n\t"
-        "ldr	r9, [%[a], #140]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "ldr	r10, [%[m], #144]\n\t"
-        "ldr	r9, [%[a], #144]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "ldr	r10, [%[m], #148]\n\t"
-        "ldr	r9, [%[a], #148]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "ldr	r10, [%[m], #152]\n\t"
-        "ldr	r9, [%[a], #152]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "ldr	r10, [%[m], #156]\n\t"
-        "ldr	r9, [%[a], #156]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "ldr	r10, [%[m], #160]\n\t"
-        "ldr	r9, [%[a], #160]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "ldr	r10, [%[m], #164]\n\t"
-        "ldr	r9, [%[a], #164]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "ldr	r10, [%[m], #168]\n\t"
-        "ldr	r9, [%[a], #168]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "ldr	r10, [%[m], #172]\n\t"
-        "ldr	r9, [%[a], #172]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "ldr	r10, [%[m], #176]\n\t"
-        "ldr	r9, [%[a], #176]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "ldr	r10, [%[m], #180]\n\t"
-        "ldr	r9, [%[a], #180]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "ldr	r10, [%[m], #184]\n\t"
-        "ldr	r9, [%[a], #184]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "ldr	r10, [%[m], #188]\n\t"
-        "ldr	r9, [%[a], #188]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #188]\n\t"
-        /* a[i+48] += m[48] * mu */
-        "ldr	r10, [%[m], #192]\n\t"
-        "ldr	r9, [%[a], #192]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #192]\n\t"
-        /* a[i+49] += m[49] * mu */
-        "ldr	r10, [%[m], #196]\n\t"
-        "ldr	r9, [%[a], #196]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #196]\n\t"
-        /* a[i+50] += m[50] * mu */
-        "ldr	r10, [%[m], #200]\n\t"
-        "ldr	r9, [%[a], #200]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #200]\n\t"
-        /* a[i+51] += m[51] * mu */
-        "ldr	r10, [%[m], #204]\n\t"
-        "ldr	r9, [%[a], #204]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #204]\n\t"
-        /* a[i+52] += m[52] * mu */
-        "ldr	r10, [%[m], #208]\n\t"
-        "ldr	r9, [%[a], #208]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #208]\n\t"
-        /* a[i+53] += m[53] * mu */
-        "ldr	r10, [%[m], #212]\n\t"
-        "ldr	r9, [%[a], #212]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #212]\n\t"
-        /* a[i+54] += m[54] * mu */
-        "ldr	r10, [%[m], #216]\n\t"
-        "ldr	r9, [%[a], #216]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #216]\n\t"
-        /* a[i+55] += m[55] * mu */
-        "ldr	r10, [%[m], #220]\n\t"
-        "ldr	r9, [%[a], #220]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #220]\n\t"
-        /* a[i+56] += m[56] * mu */
-        "ldr	r10, [%[m], #224]\n\t"
-        "ldr	r9, [%[a], #224]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #224]\n\t"
-        /* a[i+57] += m[57] * mu */
-        "ldr	r10, [%[m], #228]\n\t"
-        "ldr	r9, [%[a], #228]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #228]\n\t"
-        /* a[i+58] += m[58] * mu */
-        "ldr	r10, [%[m], #232]\n\t"
-        "ldr	r9, [%[a], #232]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #232]\n\t"
-        /* a[i+59] += m[59] * mu */
-        "ldr	r10, [%[m], #236]\n\t"
-        "ldr	r9, [%[a], #236]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #236]\n\t"
-        /* a[i+60] += m[60] * mu */
-        "ldr	r10, [%[m], #240]\n\t"
-        "ldr	r9, [%[a], #240]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #240]\n\t"
-        /* a[i+61] += m[61] * mu */
-        "ldr	r10, [%[m], #244]\n\t"
-        "ldr	r9, [%[a], #244]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #244]\n\t"
-        /* a[i+62] += m[62] * mu */
-        "ldr	r10, [%[m], #248]\n\t"
-        "ldr	r9, [%[a], #248]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #248]\n\t"
-        /* a[i+63] += m[63] * mu */
-        "ldr	r10, [%[m], #252]\n\t"
-        "ldr	r9, [%[a], #252]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #252]\n\t"
-        /* a[i+64] += m[64] * mu */
-        "ldr	r10, [%[m], #256]\n\t"
-        "ldr	r9, [%[a], #256]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #256]\n\t"
-        /* a[i+65] += m[65] * mu */
-        "ldr	r10, [%[m], #260]\n\t"
-        "ldr	r9, [%[a], #260]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #260]\n\t"
-        /* a[i+66] += m[66] * mu */
-        "ldr	r10, [%[m], #264]\n\t"
-        "ldr	r9, [%[a], #264]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #264]\n\t"
-        /* a[i+67] += m[67] * mu */
-        "ldr	r10, [%[m], #268]\n\t"
-        "ldr	r9, [%[a], #268]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #268]\n\t"
-        /* a[i+68] += m[68] * mu */
-        "ldr	r10, [%[m], #272]\n\t"
-        "ldr	r9, [%[a], #272]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #272]\n\t"
-        /* a[i+69] += m[69] * mu */
-        "ldr	r10, [%[m], #276]\n\t"
-        "ldr	r9, [%[a], #276]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #276]\n\t"
-        /* a[i+70] += m[70] * mu */
-        "ldr	r10, [%[m], #280]\n\t"
-        "ldr	r9, [%[a], #280]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #280]\n\t"
-        /* a[i+71] += m[71] * mu */
-        "ldr	r10, [%[m], #284]\n\t"
-        "ldr	r9, [%[a], #284]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #284]\n\t"
-        /* a[i+72] += m[72] * mu */
-        "ldr	r10, [%[m], #288]\n\t"
-        "ldr	r9, [%[a], #288]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #288]\n\t"
-        /* a[i+73] += m[73] * mu */
-        "ldr	r10, [%[m], #292]\n\t"
-        "ldr	r9, [%[a], #292]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #292]\n\t"
-        /* a[i+74] += m[74] * mu */
-        "ldr	r10, [%[m], #296]\n\t"
-        "ldr	r9, [%[a], #296]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #296]\n\t"
-        /* a[i+75] += m[75] * mu */
-        "ldr	r10, [%[m], #300]\n\t"
-        "ldr	r9, [%[a], #300]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #300]\n\t"
-        /* a[i+76] += m[76] * mu */
-        "ldr	r10, [%[m], #304]\n\t"
-        "ldr	r9, [%[a], #304]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #304]\n\t"
-        /* a[i+77] += m[77] * mu */
-        "ldr	r10, [%[m], #308]\n\t"
-        "ldr	r9, [%[a], #308]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #308]\n\t"
-        /* a[i+78] += m[78] * mu */
-        "ldr	r10, [%[m], #312]\n\t"
-        "ldr	r9, [%[a], #312]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #312]\n\t"
-        /* a[i+79] += m[79] * mu */
-        "ldr	r10, [%[m], #316]\n\t"
-        "ldr	r9, [%[a], #316]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #316]\n\t"
-        /* a[i+80] += m[80] * mu */
-        "ldr	r10, [%[m], #320]\n\t"
-        "ldr	r9, [%[a], #320]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #320]\n\t"
-        /* a[i+81] += m[81] * mu */
-        "ldr	r10, [%[m], #324]\n\t"
-        "ldr	r9, [%[a], #324]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #324]\n\t"
-        /* a[i+82] += m[82] * mu */
-        "ldr	r10, [%[m], #328]\n\t"
-        "ldr	r9, [%[a], #328]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #328]\n\t"
-        /* a[i+83] += m[83] * mu */
-        "ldr	r10, [%[m], #332]\n\t"
-        "ldr	r9, [%[a], #332]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #332]\n\t"
-        /* a[i+84] += m[84] * mu */
-        "ldr	r10, [%[m], #336]\n\t"
-        "ldr	r9, [%[a], #336]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #336]\n\t"
-        /* a[i+85] += m[85] * mu */
-        "ldr	r10, [%[m], #340]\n\t"
-        "ldr	r9, [%[a], #340]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #340]\n\t"
-        /* a[i+86] += m[86] * mu */
-        "ldr	r10, [%[m], #344]\n\t"
-        "ldr	r9, [%[a], #344]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #344]\n\t"
-        /* a[i+87] += m[87] * mu */
-        "ldr	r10, [%[m], #348]\n\t"
-        "ldr	r9, [%[a], #348]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #348]\n\t"
-        /* a[i+88] += m[88] * mu */
-        "ldr	r10, [%[m], #352]\n\t"
-        "ldr	r9, [%[a], #352]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #352]\n\t"
-        /* a[i+89] += m[89] * mu */
-        "ldr	r10, [%[m], #356]\n\t"
-        "ldr	r9, [%[a], #356]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #356]\n\t"
-        /* a[i+90] += m[90] * mu */
-        "ldr	r10, [%[m], #360]\n\t"
-        "ldr	r9, [%[a], #360]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #360]\n\t"
-        /* a[i+91] += m[91] * mu */
-        "ldr	r10, [%[m], #364]\n\t"
-        "ldr	r9, [%[a], #364]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #364]\n\t"
-        /* a[i+92] += m[92] * mu */
-        "ldr	r10, [%[m], #368]\n\t"
-        "ldr	r9, [%[a], #368]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #368]\n\t"
-        /* a[i+93] += m[93] * mu */
-        "ldr	r10, [%[m], #372]\n\t"
-        "ldr	r9, [%[a], #372]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #372]\n\t"
-        /* a[i+94] += m[94] * mu */
-        "ldr	r10, [%[m], #376]\n\t"
-        "ldr	r9, [%[a], #376]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #376]\n\t"
-        /* a[i+95] += m[95] * mu */
-        "ldr	r10, [%[m], #380]\n\t"
-        "ldr	r9, [%[a], #380]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #380]\n\t"
-        /* a[i+96] += m[96] * mu */
-        "ldr	r10, [%[m], #384]\n\t"
-        "ldr	r9, [%[a], #384]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #384]\n\t"
-        /* a[i+97] += m[97] * mu */
-        "ldr	r10, [%[m], #388]\n\t"
-        "ldr	r9, [%[a], #388]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #388]\n\t"
-        /* a[i+98] += m[98] * mu */
-        "ldr	r10, [%[m], #392]\n\t"
-        "ldr	r9, [%[a], #392]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #392]\n\t"
-        /* a[i+99] += m[99] * mu */
-        "ldr	r10, [%[m], #396]\n\t"
-        "ldr	r9, [%[a], #396]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #396]\n\t"
-        /* a[i+100] += m[100] * mu */
-        "ldr	r10, [%[m], #400]\n\t"
-        "ldr	r9, [%[a], #400]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #400]\n\t"
-        /* a[i+101] += m[101] * mu */
-        "ldr	r10, [%[m], #404]\n\t"
-        "ldr	r9, [%[a], #404]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #404]\n\t"
-        /* a[i+102] += m[102] * mu */
-        "ldr	r10, [%[m], #408]\n\t"
-        "ldr	r9, [%[a], #408]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #408]\n\t"
-        /* a[i+103] += m[103] * mu */
-        "ldr	r10, [%[m], #412]\n\t"
-        "ldr	r9, [%[a], #412]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #412]\n\t"
-        /* a[i+104] += m[104] * mu */
-        "ldr	r10, [%[m], #416]\n\t"
-        "ldr	r9, [%[a], #416]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #416]\n\t"
-        /* a[i+105] += m[105] * mu */
-        "ldr	r10, [%[m], #420]\n\t"
-        "ldr	r9, [%[a], #420]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #420]\n\t"
-        /* a[i+106] += m[106] * mu */
-        "ldr	r10, [%[m], #424]\n\t"
-        "ldr	r9, [%[a], #424]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #424]\n\t"
-        /* a[i+107] += m[107] * mu */
-        "ldr	r10, [%[m], #428]\n\t"
-        "ldr	r9, [%[a], #428]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #428]\n\t"
-        /* a[i+108] += m[108] * mu */
-        "ldr	r10, [%[m], #432]\n\t"
-        "ldr	r9, [%[a], #432]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #432]\n\t"
-        /* a[i+109] += m[109] * mu */
-        "ldr	r10, [%[m], #436]\n\t"
-        "ldr	r9, [%[a], #436]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #436]\n\t"
-        /* a[i+110] += m[110] * mu */
-        "ldr	r10, [%[m], #440]\n\t"
-        "ldr	r9, [%[a], #440]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #440]\n\t"
-        /* a[i+111] += m[111] * mu */
-        "ldr	r10, [%[m], #444]\n\t"
-        "ldr	r9, [%[a], #444]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #444]\n\t"
-        /* a[i+112] += m[112] * mu */
-        "ldr	r10, [%[m], #448]\n\t"
-        "ldr	r9, [%[a], #448]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #448]\n\t"
-        /* a[i+113] += m[113] * mu */
-        "ldr	r10, [%[m], #452]\n\t"
-        "ldr	r9, [%[a], #452]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #452]\n\t"
-        /* a[i+114] += m[114] * mu */
-        "ldr	r10, [%[m], #456]\n\t"
-        "ldr	r9, [%[a], #456]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #456]\n\t"
-        /* a[i+115] += m[115] * mu */
-        "ldr	r10, [%[m], #460]\n\t"
-        "ldr	r9, [%[a], #460]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #460]\n\t"
-        /* a[i+116] += m[116] * mu */
-        "ldr	r10, [%[m], #464]\n\t"
-        "ldr	r9, [%[a], #464]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #464]\n\t"
-        /* a[i+117] += m[117] * mu */
-        "ldr	r10, [%[m], #468]\n\t"
-        "ldr	r9, [%[a], #468]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #468]\n\t"
-        /* a[i+118] += m[118] * mu */
-        "ldr	r10, [%[m], #472]\n\t"
-        "ldr	r9, [%[a], #472]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #472]\n\t"
-        /* a[i+119] += m[119] * mu */
-        "ldr	r10, [%[m], #476]\n\t"
-        "ldr	r9, [%[a], #476]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #476]\n\t"
-        /* a[i+120] += m[120] * mu */
-        "ldr	r10, [%[m], #480]\n\t"
-        "ldr	r9, [%[a], #480]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #480]\n\t"
-        /* a[i+121] += m[121] * mu */
-        "ldr	r10, [%[m], #484]\n\t"
-        "ldr	r9, [%[a], #484]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #484]\n\t"
-        /* a[i+122] += m[122] * mu */
-        "ldr	r10, [%[m], #488]\n\t"
-        "ldr	r9, [%[a], #488]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #488]\n\t"
-        /* a[i+123] += m[123] * mu */
-        "ldr	r10, [%[m], #492]\n\t"
-        "ldr	r9, [%[a], #492]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #492]\n\t"
-        /* a[i+124] += m[124] * mu */
-        "ldr	r10, [%[m], #496]\n\t"
-        "ldr	r9, [%[a], #496]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #496]\n\t"
-        /* a[i+125] += m[125] * mu */
-        "ldr	r10, [%[m], #500]\n\t"
-        "ldr	r9, [%[a], #500]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #500]\n\t"
-        /* a[i+126] += m[126] * mu */
-        "ldr	r10, [%[m], #504]\n\t"
-        "ldr	r9, [%[a], #504]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #504]\n\t"
-        /* a[i+127] += m[127] * mu */
-        "ldr	r10, [%[m], #508]\n\t"
-        "ldr	r9, [%[a], #508]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #512]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #508]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #512]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0x200\n\t"
-        "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_128(r, a, b);
-    sp_4096_mont_reduce_128(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_128(r, a);
-    sp_4096_mont_reduce_128(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x200\n\t"
-        "\n"
-    "L_sp_4096_sub_128_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_4096_sub_128_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12", "lr"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_4096_word_128(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_4096_word_128(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_4096_word_128(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_4096_word_128(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_4096_word_128_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_4096_word_128_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[256], t2[129];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[127];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 128);
-    for (i = 127; i > 0; i--) {
-        if (t1[i + 128] != d[i])
-            break;
-    }
-    if (t1[i + 128] >= d[i]) {
-        sp_4096_sub_in_place_128(&t1[128], d);
-    }
-    for (i = 127; i >= 0; i--) {
-        if (t1[128 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_4096_word_128(t1[128 + i], t1[128 + i - 1], div);
-        }
-
-        sp_4096_mul_d_128(t2, d, r1);
-        t1[128 + i] += sp_4096_sub_in_place_128(&t1[i], t2);
-        t1[128 + i] -= t2[128];
-        if (t1[128 + i] != 0) {
-            t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], d);
-            if (t1[128 + i] != 0)
-                t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 127; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_4096_sub_128(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 128);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_4096_div_128_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<128; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 128; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r4, #0xfc\n\t"
-        "orr	r4, r4, #0x100\n\t"
-#else
-        "mov	r4, #0x1fc\n\t"
-#endif
-        "\n"
-    "L_sp_4096_cmp_128_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_4096_cmp_128_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #508]\n\t"
-        "ldr	lr, [%[b], #508]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #504]\n\t"
-        "ldr	lr, [%[b], #504]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #500]\n\t"
-        "ldr	lr, [%[b], #500]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #496]\n\t"
-        "ldr	lr, [%[b], #496]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #492]\n\t"
-        "ldr	lr, [%[b], #492]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #488]\n\t"
-        "ldr	lr, [%[b], #488]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #484]\n\t"
-        "ldr	lr, [%[b], #484]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #480]\n\t"
-        "ldr	lr, [%[b], #480]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #476]\n\t"
-        "ldr	lr, [%[b], #476]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #472]\n\t"
-        "ldr	lr, [%[b], #472]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #468]\n\t"
-        "ldr	lr, [%[b], #468]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #464]\n\t"
-        "ldr	lr, [%[b], #464]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #460]\n\t"
-        "ldr	lr, [%[b], #460]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #456]\n\t"
-        "ldr	lr, [%[b], #456]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #452]\n\t"
-        "ldr	lr, [%[b], #452]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #448]\n\t"
-        "ldr	lr, [%[b], #448]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #444]\n\t"
-        "ldr	lr, [%[b], #444]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #440]\n\t"
-        "ldr	lr, [%[b], #440]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #436]\n\t"
-        "ldr	lr, [%[b], #436]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #432]\n\t"
-        "ldr	lr, [%[b], #432]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #428]\n\t"
-        "ldr	lr, [%[b], #428]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #424]\n\t"
-        "ldr	lr, [%[b], #424]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #420]\n\t"
-        "ldr	lr, [%[b], #420]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #416]\n\t"
-        "ldr	lr, [%[b], #416]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #412]\n\t"
-        "ldr	lr, [%[b], #412]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #408]\n\t"
-        "ldr	lr, [%[b], #408]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #404]\n\t"
-        "ldr	lr, [%[b], #404]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #400]\n\t"
-        "ldr	lr, [%[b], #400]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #396]\n\t"
-        "ldr	lr, [%[b], #396]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #392]\n\t"
-        "ldr	lr, [%[b], #392]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #388]\n\t"
-        "ldr	lr, [%[b], #388]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #384]\n\t"
-        "ldr	lr, [%[b], #384]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #380]\n\t"
-        "ldr	lr, [%[b], #380]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #376]\n\t"
-        "ldr	lr, [%[b], #376]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #372]\n\t"
-        "ldr	lr, [%[b], #372]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #368]\n\t"
-        "ldr	lr, [%[b], #368]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #364]\n\t"
-        "ldr	lr, [%[b], #364]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #360]\n\t"
-        "ldr	lr, [%[b], #360]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #356]\n\t"
-        "ldr	lr, [%[b], #356]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #352]\n\t"
-        "ldr	lr, [%[b], #352]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #348]\n\t"
-        "ldr	lr, [%[b], #348]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #344]\n\t"
-        "ldr	lr, [%[b], #344]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #340]\n\t"
-        "ldr	lr, [%[b], #340]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #336]\n\t"
-        "ldr	lr, [%[b], #336]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #332]\n\t"
-        "ldr	lr, [%[b], #332]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #328]\n\t"
-        "ldr	lr, [%[b], #328]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #324]\n\t"
-        "ldr	lr, [%[b], #324]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #320]\n\t"
-        "ldr	lr, [%[b], #320]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #316]\n\t"
-        "ldr	lr, [%[b], #316]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #312]\n\t"
-        "ldr	lr, [%[b], #312]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #308]\n\t"
-        "ldr	lr, [%[b], #308]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #304]\n\t"
-        "ldr	lr, [%[b], #304]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #300]\n\t"
-        "ldr	lr, [%[b], #300]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #296]\n\t"
-        "ldr	lr, [%[b], #296]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #292]\n\t"
-        "ldr	lr, [%[b], #292]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #288]\n\t"
-        "ldr	lr, [%[b], #288]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #284]\n\t"
-        "ldr	lr, [%[b], #284]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #280]\n\t"
-        "ldr	lr, [%[b], #280]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #276]\n\t"
-        "ldr	lr, [%[b], #276]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #272]\n\t"
-        "ldr	lr, [%[b], #272]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #268]\n\t"
-        "ldr	lr, [%[b], #268]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #264]\n\t"
-        "ldr	lr, [%[b], #264]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #260]\n\t"
-        "ldr	lr, [%[b], #260]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #256]\n\t"
-        "ldr	lr, [%[b], #256]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #252]\n\t"
-        "ldr	lr, [%[b], #252]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #248]\n\t"
-        "ldr	lr, [%[b], #248]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #244]\n\t"
-        "ldr	lr, [%[b], #244]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #240]\n\t"
-        "ldr	lr, [%[b], #240]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #236]\n\t"
-        "ldr	lr, [%[b], #236]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #232]\n\t"
-        "ldr	lr, [%[b], #232]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #228]\n\t"
-        "ldr	lr, [%[b], #228]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #224]\n\t"
-        "ldr	lr, [%[b], #224]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #220]\n\t"
-        "ldr	lr, [%[b], #220]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #216]\n\t"
-        "ldr	lr, [%[b], #216]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #212]\n\t"
-        "ldr	lr, [%[b], #212]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #208]\n\t"
-        "ldr	lr, [%[b], #208]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #204]\n\t"
-        "ldr	lr, [%[b], #204]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #200]\n\t"
-        "ldr	lr, [%[b], #200]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #196]\n\t"
-        "ldr	lr, [%[b], #196]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #192]\n\t"
-        "ldr	lr, [%[b], #192]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #188]\n\t"
-        "ldr	lr, [%[b], #188]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #184]\n\t"
-        "ldr	lr, [%[b], #184]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #180]\n\t"
-        "ldr	lr, [%[b], #180]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #176]\n\t"
-        "ldr	lr, [%[b], #176]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #172]\n\t"
-        "ldr	lr, [%[b], #172]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #168]\n\t"
-        "ldr	lr, [%[b], #168]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #164]\n\t"
-        "ldr	lr, [%[b], #164]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #160]\n\t"
-        "ldr	lr, [%[b], #160]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #156]\n\t"
-        "ldr	lr, [%[b], #156]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #152]\n\t"
-        "ldr	lr, [%[b], #152]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #148]\n\t"
-        "ldr	lr, [%[b], #148]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #144]\n\t"
-        "ldr	lr, [%[b], #144]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #140]\n\t"
-        "ldr	lr, [%[b], #140]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #136]\n\t"
-        "ldr	lr, [%[b], #136]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #132]\n\t"
-        "ldr	lr, [%[b], #132]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #128]\n\t"
-        "ldr	lr, [%[b], #128]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #124]\n\t"
-        "ldr	lr, [%[b], #124]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #120]\n\t"
-        "ldr	lr, [%[b], #120]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #116]\n\t"
-        "ldr	lr, [%[b], #116]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #112]\n\t"
-        "ldr	lr, [%[b], #112]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #108]\n\t"
-        "ldr	lr, [%[b], #108]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #104]\n\t"
-        "ldr	lr, [%[b], #104]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #100]\n\t"
-        "ldr	lr, [%[b], #100]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #96]\n\t"
-        "ldr	lr, [%[b], #96]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #92]\n\t"
-        "ldr	lr, [%[b], #92]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #88]\n\t"
-        "ldr	lr, [%[b], #88]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #84]\n\t"
-        "ldr	lr, [%[b], #84]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #80]\n\t"
-        "ldr	lr, [%[b], #80]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #76]\n\t"
-        "ldr	lr, [%[b], #76]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #72]\n\t"
-        "ldr	lr, [%[b], #72]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #68]\n\t"
-        "ldr	lr, [%[b], #68]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[256], t2[129];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[127];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 128);
-    r1 = sp_4096_cmp_128(&t1[128], d) >= 0;
-    sp_4096_cond_sub_128(&t1[128], &t1[128], d, (sp_digit)0 - r1);
-    for (i = 127; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[128 + i] == div);
-        sp_digit hi = t1[128 + i] + mask;
-        r1 = div_4096_word_128(hi, t1[128 + i - 1], div);
-        r1 |= mask;
-
-        sp_4096_mul_d_128(t2, d, r1);
-        t1[128 + i] += sp_4096_sub_in_place_128(&t1[i], t2);
-        t1[128 + i] -= t2[128];
-        sp_4096_mask_128(t2, d, t1[128 + i]);
-        t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], t2);
-        sp_4096_mask_128(t2, d, t1[128 + i]);
-        t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_4096_cmp_128(t1, d) >= 0;
-    sp_4096_cond_sub_128(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_4096_div_128(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 256);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 256;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 128U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_128(t[1] + 128, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_128(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 128, a, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_128(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_128(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_128(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_128(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_128(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_128(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 128);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_mont_mul_128(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 256);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 256;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 128U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_128(t[1] + 128, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_128(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 128, a, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_128(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_128(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_128(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_128(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_128(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_128(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_128(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_128(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_128(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_128(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_128(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_128(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_128(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_128(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 128);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_mont_mul_128(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 128 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 512 ||
-                                                     mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 128 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 128;
-        r = a + 128 * 2;
-        m = r + 128 * 2;
-
-        sp_4096_from_bin(ah, 128, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 128, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_4096_mont_sqr_128(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_4096_mont_mul_128(r, r, ah, m, mp);
-
-                for (i = 127; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_128(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_4096_sqr_128(r, ah);
-                err = sp_4096_mod_128_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_4096_mul_128(r, ah, r);
-                err = sp_4096_mod_128_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 128);
-                for (i--; i >= 0; i--) {
-                    sp_4096_mont_sqr_128(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_128(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[128], 0, sizeof(sp_digit) * 128);
-                sp_4096_mont_reduce_128(r, m, mp);
-
-                for (i = 127; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_128(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "\n"
-    "L_sp_4096_cond_add_64_words_%=: \n\t"
-        "adds	lr, lr, #-1\n\t"
-        "ldr	r4, [%[a], r12]\n\t"
-        "ldr	r5, [%[b], r12]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "adc	lr, r6, r6\n\t"
-        "str	r4, [%[r], r12]\n\t"
-        "add	r12, r12, #4\n\t"
-        "cmp	r12, #0x100\n\t"
-        "blt	L_sp_4096_cond_add_64_words_%=\n\t"
-        "mov	%[r], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r8, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "adc	%[r], r8, r8\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 128 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 128 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 128;
-        m = a + 256;
-        r = a;
-
-        sp_4096_from_bin(a, 128, in, inLen);
-        sp_4096_from_mp(d, 128, dm);
-        sp_4096_from_mp(m, 128, mm);
-        err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 128, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 64 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 512 || mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 128 * 2;
-        q = p + 64;
-        qi = dq = dp = q + 64;
-        tmpa = qi + 64;
-        tmpb = tmpa + 128;
-        r = a;
-
-        sp_4096_from_bin(a, 128, in, inLen);
-        sp_4096_from_mp(p, 64, pm);
-        sp_4096_from_mp(q, 64, qm);
-        sp_4096_from_mp(dp, 64, dpm);
-
-        err = sp_2048_mod_exp_64(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(dq, 64, dqm);
-        err = sp_2048_mod_exp_64(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_64(tmpa, tmpb);
-        c += sp_4096_cond_add_64(tmpa, tmpa, p, c);
-        sp_4096_cond_add_64(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 64, qim);
-        sp_2048_mul_64(tmpa, tmpa, qi);
-        err = sp_2048_mod_64(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_64(tmpa, q, tmpa);
-        XMEMSET(&tmpb[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_add_128(r, tmpb, tmpa);
-
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 64 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 128);
-        r->used = 128;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 128; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 128; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[256];
-    sp_digit e[128];
-    sp_digit m[128];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 128, base);
-        sp_4096_from_mp(e, 128, exp);
-        sp_4096_from_mp(m, 128, mod);
-
-        err = sp_4096_mod_exp_128(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register byte n asm ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "rsb	r12, %[n], #31\n\t"
-        "ldr	r5, [%[a], #508]\n\t"
-        "lsr	r6, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r6, r6, r12\n\t"
-        "ldr	r4, [%[a], #504]\n\t"
-        "str	r6, [%[r], #512]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #500]\n\t"
-        "str	r5, [%[r], #508]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #496]\n\t"
-        "str	r4, [%[r], #504]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #492]\n\t"
-        "str	r6, [%[r], #500]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #488]\n\t"
-        "str	r5, [%[r], #496]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #484]\n\t"
-        "str	r4, [%[r], #492]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #480]\n\t"
-        "str	r6, [%[r], #488]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #476]\n\t"
-        "str	r5, [%[r], #484]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #472]\n\t"
-        "str	r4, [%[r], #480]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #468]\n\t"
-        "str	r6, [%[r], #476]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #464]\n\t"
-        "str	r5, [%[r], #472]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #460]\n\t"
-        "str	r4, [%[r], #468]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #456]\n\t"
-        "str	r6, [%[r], #464]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #452]\n\t"
-        "str	r5, [%[r], #460]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #448]\n\t"
-        "str	r4, [%[r], #456]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #444]\n\t"
-        "str	r6, [%[r], #452]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #440]\n\t"
-        "str	r5, [%[r], #448]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #436]\n\t"
-        "str	r4, [%[r], #444]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #432]\n\t"
-        "str	r6, [%[r], #440]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #428]\n\t"
-        "str	r5, [%[r], #436]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #424]\n\t"
-        "str	r4, [%[r], #432]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #420]\n\t"
-        "str	r6, [%[r], #428]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #416]\n\t"
-        "str	r5, [%[r], #424]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #412]\n\t"
-        "str	r4, [%[r], #420]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #408]\n\t"
-        "str	r6, [%[r], #416]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #404]\n\t"
-        "str	r5, [%[r], #412]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #400]\n\t"
-        "str	r4, [%[r], #408]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #396]\n\t"
-        "str	r6, [%[r], #404]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #392]\n\t"
-        "str	r5, [%[r], #400]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #388]\n\t"
-        "str	r4, [%[r], #396]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #384]\n\t"
-        "str	r6, [%[r], #392]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #380]\n\t"
-        "str	r5, [%[r], #388]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #376]\n\t"
-        "str	r4, [%[r], #384]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #372]\n\t"
-        "str	r6, [%[r], #380]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #368]\n\t"
-        "str	r5, [%[r], #376]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #364]\n\t"
-        "str	r4, [%[r], #372]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #360]\n\t"
-        "str	r6, [%[r], #368]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #356]\n\t"
-        "str	r5, [%[r], #364]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #352]\n\t"
-        "str	r4, [%[r], #360]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #348]\n\t"
-        "str	r6, [%[r], #356]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #344]\n\t"
-        "str	r5, [%[r], #352]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #340]\n\t"
-        "str	r4, [%[r], #348]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #336]\n\t"
-        "str	r6, [%[r], #344]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #332]\n\t"
-        "str	r5, [%[r], #340]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #328]\n\t"
-        "str	r4, [%[r], #336]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #324]\n\t"
-        "str	r6, [%[r], #332]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #320]\n\t"
-        "str	r5, [%[r], #328]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #316]\n\t"
-        "str	r4, [%[r], #324]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #312]\n\t"
-        "str	r6, [%[r], #320]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #308]\n\t"
-        "str	r5, [%[r], #316]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #304]\n\t"
-        "str	r4, [%[r], #312]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #300]\n\t"
-        "str	r6, [%[r], #308]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #296]\n\t"
-        "str	r5, [%[r], #304]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #292]\n\t"
-        "str	r4, [%[r], #300]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #288]\n\t"
-        "str	r6, [%[r], #296]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #284]\n\t"
-        "str	r5, [%[r], #292]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #280]\n\t"
-        "str	r4, [%[r], #288]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #276]\n\t"
-        "str	r6, [%[r], #284]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #272]\n\t"
-        "str	r5, [%[r], #280]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #268]\n\t"
-        "str	r4, [%[r], #276]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #264]\n\t"
-        "str	r6, [%[r], #272]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #260]\n\t"
-        "str	r5, [%[r], #268]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #256]\n\t"
-        "str	r4, [%[r], #264]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #252]\n\t"
-        "str	r6, [%[r], #260]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #248]\n\t"
-        "str	r5, [%[r], #256]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #244]\n\t"
-        "str	r4, [%[r], #252]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #240]\n\t"
-        "str	r6, [%[r], #248]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #236]\n\t"
-        "str	r5, [%[r], #244]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #232]\n\t"
-        "str	r4, [%[r], #240]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #228]\n\t"
-        "str	r6, [%[r], #236]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #224]\n\t"
-        "str	r5, [%[r], #232]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #220]\n\t"
-        "str	r4, [%[r], #228]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #216]\n\t"
-        "str	r6, [%[r], #224]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #212]\n\t"
-        "str	r5, [%[r], #220]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #208]\n\t"
-        "str	r4, [%[r], #216]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #204]\n\t"
-        "str	r6, [%[r], #212]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #200]\n\t"
-        "str	r5, [%[r], #208]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #196]\n\t"
-        "str	r4, [%[r], #204]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #192]\n\t"
-        "str	r6, [%[r], #200]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #188]\n\t"
-        "str	r5, [%[r], #196]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #184]\n\t"
-        "str	r4, [%[r], #192]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #180]\n\t"
-        "str	r6, [%[r], #188]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #176]\n\t"
-        "str	r5, [%[r], #184]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #172]\n\t"
-        "str	r4, [%[r], #180]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #168]\n\t"
-        "str	r6, [%[r], #176]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #164]\n\t"
-        "str	r5, [%[r], #172]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #160]\n\t"
-        "str	r4, [%[r], #168]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #156]\n\t"
-        "str	r6, [%[r], #164]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #152]\n\t"
-        "str	r5, [%[r], #160]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #148]\n\t"
-        "str	r4, [%[r], #156]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #144]\n\t"
-        "str	r6, [%[r], #152]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #140]\n\t"
-        "str	r5, [%[r], #148]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #136]\n\t"
-        "str	r4, [%[r], #144]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #132]\n\t"
-        "str	r6, [%[r], #140]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #128]\n\t"
-        "str	r5, [%[r], #136]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #124]\n\t"
-        "str	r4, [%[r], #132]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #120]\n\t"
-        "str	r6, [%[r], #128]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #116]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #112]\n\t"
-        "str	r4, [%[r], #120]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #108]\n\t"
-        "str	r6, [%[r], #116]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #104]\n\t"
-        "str	r5, [%[r], #112]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #100]\n\t"
-        "str	r4, [%[r], #108]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #96]\n\t"
-        "str	r6, [%[r], #104]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #92]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #88]\n\t"
-        "str	r4, [%[r], #96]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #84]\n\t"
-        "str	r6, [%[r], #92]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #80]\n\t"
-        "str	r5, [%[r], #88]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #76]\n\t"
-        "str	r4, [%[r], #84]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #72]\n\t"
-        "str	r6, [%[r], #80]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #68]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #64]\n\t"
-        "str	r4, [%[r], #72]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r6, [%[r], #68]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r6, [%[r], #56]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r6, [%[r], #44]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r6, [%[r], #32]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r6, [%[r], #20]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "str	r6, [%[r], #8]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r12"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 385);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 385, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 256;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_4096_lshift_128(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_lshift_128(r, r, y);
-            sp_4096_mul_d_128(tmp, norm, r[128]);
-            r[128] = 0;
-            o = sp_4096_add_128(r, r, tmp);
-            sp_4096_cond_sub_128(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[256];
-    sp_digit e[128];
-    sp_digit m[128];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 128, base);
-        sp_4096_from_bin(e, 128, exp, expLen);
-        sp_4096_from_mp(m, 128, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2 && m[127] == (sp_digit)-1)
-            err = sp_4096_mod_exp_2_128(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_4096_mod_exp_128(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-        for (i=0; i<512 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 8];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 8];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 8];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[8] = {
-    0xffffffff,0xffffffff,0xffffffff,0x00000000,0x00000000,0x00000000,
-    0x00000001,0xffffffff
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[8] = {
-    0x00000001,0x00000000,0x00000000,0xffffffff,0xffffffff,0xffffffff,
-    0xfffffffe,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[8] = {
-    0xfc632551,0xf3b9cac2,0xa7179e84,0xbce6faad,0xffffffff,0xffffffff,
-    0x00000000,0xffffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[8] = {
-    0xfc63254f,0xf3b9cac2,0xa7179e84,0xbce6faad,0xffffffff,0xffffffff,
-    0x00000000,0xffffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[8] = {
-    0x039cdaaf,0x0c46353d,0x58e8617b,0x43190552,0x00000000,0x00000000,
-    0xffffffff,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0xee00bc4f;
-#endif
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0xd898c296,0xf4a13945,0x2deb33a0,0x77037d81,0x63a440f2,0xf8bce6e5,
-        0xe12c4247,0x6b17d1f2,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x37bf51f5,0xcbb64068,0x6b315ece,0x2bce3357,0x7c0f9e16,0x8ee7eb4a,
-        0xfe1a7f9b,0x4fe342e2,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[8] = {
-    0x27d2604b,0x3bce3c3e,0xcc53b0f6,0x651d06b0,0x769886bc,0xb3ebbd55,
-    0xaa3a93e7,0x5ac635d8
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_256_mul_8_outer_%=: \n\t"
-        "subs	r3, r5, #28\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_256_mul_8_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_256_mul_8_inner_done_%=\n\t"
-        "blt	L_sp_256_mul_8_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_256_mul_8_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #52\n\t"
-        "ble	L_sp_256_mul_8_outer_%=\n\t"
-        "ldr	lr, [%[a], #28]\n\t"
-        "ldr	r11, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_256_mul_8_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_256_mul_8_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        /* A[0] * B[0] */
-        "ldr	r11, [%[a]]\n\t"
-        "ldr	r12, [%[b]]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r3, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * B[0] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * B[1] */
-        "ldr	r11, [%[a], #4]\n\t"
-        "ldr	r12, [%[b], #4]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[0] * B[2] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[1] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[1] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[0] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[1] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[2] */
-        "ldr	r11, [%[a], #8]\n\t"
-        "ldr	r12, [%[b], #8]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * B[3] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[0] * B[4] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * B[4] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[2] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[1] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[0] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[1] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[2] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[3] */
-        "ldr	r11, [%[a], #12]\n\t"
-        "ldr	r12, [%[b], #12]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[4] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[1] * B[5] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[0] * B[6] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * B[6] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[5] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[3] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[2] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[1] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[0] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* A[7] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[2] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[3] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[4] */
-        "ldr	r11, [%[a], #16]\n\t"
-        "ldr	r12, [%[b], #16]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[5] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[6] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * B[7] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        /* A[2] * B[7] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[6] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[4] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[3] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[7] * B[2] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        /* A[7] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[4] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[5] */
-        "ldr	r11, [%[a], #20]\n\t"
-        "ldr	r12, [%[b], #20]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[6] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[7] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        /* A[4] * B[7] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[5] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[7] * B[4] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        /* A[7] * B[5] */
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[6] */
-        "ldr	r11, [%[a], #24]\n\t"
-        "ldr	r12, [%[b], #24]\n\t"
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[7] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        /* A[6] * B[7] */
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[6] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        /* A[7] * B[7] */
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #36\n\t"
-        "str	%[r], [sp, #32]\n\t"
-        "mov	%[r], #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        /* A[0] * B[0] */
-        "ldr	lr, [%[b]]\n\t"
-        "umull	r3, r4, r12, lr\n\t"
-        /* A[0] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "umull	r5, r6, r12, lr\n\t"
-        /* A[0] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "umull	r7, r8, r12, lr\n\t"
-        /* A[0] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "umull	r9, r10, r12, lr\n\t"
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "mov	r11, %[r]\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[0] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[0] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[0] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r3, %[r], #0\n\t"
-        "umlal	r10, r3, r12, lr\n\t"
-        /* A[1] * B[0] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[1] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[1] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[1] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[1] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[1] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[1] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[1] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r4, %[r], #0\n\t"
-        "umlal	r3, r4, r12, lr\n\t"
-        /* A[2] * B[0] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "str	r5, [sp, #8]\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[2] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[2] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[2] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[2] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[2] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[2] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[2] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r5, %[r], #0\n\t"
-        "umlal	r4, r5, r12, lr\n\t"
-        /* A[3] * B[0] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "str	r6, [sp, #12]\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[3] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[3] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[3] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[3] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[3] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[3] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[3] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r6, %[r], #0\n\t"
-        "umlal	r5, r6, r12, lr\n\t"
-        /* A[4] * B[0] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "str	r7, [sp, #16]\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[4] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[4] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[4] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[4] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[4] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[4] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[4] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r7, %[r], #0\n\t"
-        "umlal	r6, r7, r12, lr\n\t"
-        /* A[5] * B[0] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "str	r8, [sp, #20]\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[5] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[5] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[5] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[5] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[5] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[5] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[5] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r8, %[r], #0\n\t"
-        "umlal	r7, r8, r12, lr\n\t"
-        /* A[6] * B[0] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[6] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[6] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[6] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[6] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[6] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[6] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[6] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r9, %[r], #0\n\t"
-        "umlal	r8, r9, r12, lr\n\t"
-        /* A[7] * B[0] */
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "str	r10, [sp, #28]\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[7] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[7] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[7] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[7] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[7] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[7] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[7] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r10, %[r], #0\n\t"
-        "umlal	r9, r10, r12, lr\n\t"
-        "ldr	%[r], [sp, #32]\n\t"
-        "add	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "sub	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	sp, sp, #36\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #44\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	%[r], [sp, #36]\n\t"
-        "str	%[a], [sp, #40]\n\t"
-#else
-        "strd	%[r], %[a], [sp, #36]\n\t"
-#endif
-        "mov	lr, %[b]\n\t"
-        "ldm	%[a], {r0, r1, r2, r3}\n\t"
-        "ldm	lr!, {r4, r5, r6}\n\t"
-        "umull	r10, r11, %[r], r4\n\t"
-        "umull	r12, r7, %[a], r4\n\t"
-        "umaal	r11, r12, %[r], r5\n\t"
-        "umull	r8, r9, %[b], r4\n\t"
-        "umaal	r12, r8, %[a], r5\n\t"
-        "umaal	r12, r7, %[r], r6\n\t"
-        "umaal	r8, r9, r3, r4\n\t"
-        "stm	sp, {r10, r11, r12}\n\t"
-        "umaal	r7, r8, %[b], r5\n\t"
-        "ldm	lr!, {r4}\n\t"
-        "umull	r10, r11, %[a], r6\n\t"
-        "umaal	r8, r9, %[b], r6\n\t"
-        "umaal	r7, r10, %[r], r4\n\t"
-        "umaal	r8, r11, r3, r5\n\t"
-        "str	r7, [sp, #12]\n\t"
-        "umaal	r8, r10, %[a], r4\n\t"
-        "umaal	r9, r11, r3, r6\n\t"
-        "umaal	r9, r10, %[b], r4\n\t"
-        "umaal	r10, r11, r3, r4\n\t"
-        "ldm	lr, {r4, r5, r6, r7}\n\t"
-        "mov	r12, #0\n\t"
-        "umlal	r8, r12, %[r], r4\n\t"
-        "umaal	r9, r12, %[a], r4\n\t"
-        "umaal	r10, r12, %[b], r4\n\t"
-        "umaal	r11, r12, r3, r4\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r9, r4, %[r], r5\n\t"
-        "umaal	r10, r4, %[a], r5\n\t"
-        "umaal	r11, r4, %[b], r5\n\t"
-        "umaal	r12, r4, r3, r5\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, %[r], r6\n\t"
-        "umaal	r11, r5, %[a], r6\n\t"
-        "umaal	r12, r5, %[b], r6\n\t"
-        "umaal	r4, r5, r3, r6\n\t"
-        "mov	r6, #0\n\t"
-        "umlal	r11, r6, %[r], r7\n\t"
-        "ldr	%[r], [sp, #40]\n\t"
-        "umaal	r12, r6, %[a], r7\n\t"
-        "add	%[r], %[r], #16\n\t"
-        "umaal	r4, r6, %[b], r7\n\t"
-        "sub	lr, lr, #16\n\t"
-        "umaal	r5, r6, r3, r7\n\t"
-        "ldm	%[r], {r0, r1, r2, r3}\n\t"
-        "str	r6, [sp, #32]\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r7, #0\n\t"
-        "umlal	r8, r7, %[r], r6\n\t"
-        "umaal	r9, r7, %[a], r6\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "umaal	r10, r7, %[b], r6\n\t"
-        "umaal	r11, r7, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r8, #0\n\t"
-        "umlal	r9, r8, %[r], r6\n\t"
-        "umaal	r10, r8, %[a], r6\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "umaal	r11, r8, %[b], r6\n\t"
-        "umaal	r12, r8, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r9, #0\n\t"
-        "umlal	r10, r9, %[r], r6\n\t"
-        "umaal	r11, r9, %[a], r6\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "umaal	r12, r9, %[b], r6\n\t"
-        "umaal	r4, r9, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r10, #0\n\t"
-        "umlal	r11, r10, %[r], r6\n\t"
-        "umaal	r12, r10, %[a], r6\n\t"
-        "str	r11, [sp, #28]\n\t"
-        "umaal	r4, r10, %[b], r6\n\t"
-        "umaal	r5, r10, r3, r6\n\t"
-        "ldm	lr!, {r11}\n\t"
-        "umaal	r12, r7, %[r], r11\n\t"
-        "umaal	r4, r7, %[a], r11\n\t"
-        "ldr	r6, [sp, #32]\n\t"
-        "umaal	r5, r7, %[b], r11\n\t"
-        "umaal	r6, r7, r3, r11\n\t"
-        "ldm	lr!, {r11}\n\t"
-        "umaal	r4, r8, %[r], r11\n\t"
-        "umaal	r5, r8, %[a], r11\n\t"
-        "umaal	r6, r8, %[b], r11\n\t"
-        "umaal	r7, r8, r3, r11\n\t"
-        "ldm	lr, {r11, lr}\n\t"
-        "umaal	r5, r9, %[r], r11\n\t"
-        "umaal	r6, r10, %[r], lr\n\t"
-        "umaal	r6, r9, %[a], r11\n\t"
-        "umaal	r7, r10, %[a], lr\n\t"
-        "umaal	r7, r9, %[b], r11\n\t"
-        "umaal	r8, r10, %[b], lr\n\t"
-        "umaal	r8, r9, r3, r11\n\t"
-        "umaal	r9, r10, r3, lr\n\t"
-        "mov	r3, r12\n\t"
-        "ldr	lr, [sp, #36]\n\t"
-        "add	lr, lr, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "sub	lr, lr, #32\n\t"
-        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	sp, sp, #44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7",
-            "r8", "r9", "lr"
-    );
-}
-
-#endif
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_256_sqr_8_outer_%=: \n\t"
-        "subs	r3, r5, #28\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_256_sqr_8_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_256_sqr_8_inner_done_%=\n\t"
-        "blt	L_sp_256_sqr_8_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_256_sqr_8_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #52\n\t"
-        "ble	L_sp_256_sqr_8_outer_%=\n\t"
-        "ldr	lr, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_256_sqr_8_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_256_sqr_8_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        /* A[0] * A[0] */
-        "ldr	r10, [%[a]]\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r2, r10, #16\n\t"
-        "lsr	r2, r2, #16\n\t"
-        "mul	r8, r2, r2\n\t"
-        "mul	r3, r9, r9\n\t"
-        "mul	r2, r9, r2\n\t"
-        "lsr	r9, r2, #15\n\t"
-        "lsl	r2, r2, #17\n\t"
-        "adds	r8, r8, r2\n\t"
-        "adc	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[1] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[1] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[2] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[2] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[2] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[3] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[2] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[3] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #28]\n\t"
-        /* A[1] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[2] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[3] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[4] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        /* A[2] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[3] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        /* A[4] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        /* A[3] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[4] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        /* A[5] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        /* A[4] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        /* A[5] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        /* A[6] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        /* A[7] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        "mov	%[r], #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        /* A[0] * A[1] */
-        "ldr	lr, [%[a], #4]\n\t"
-        "umull	r4, r5, r12, lr\n\t"
-        /* A[0] * A[3] */
-        "ldr	lr, [%[a], #12]\n\t"
-        "umull	r6, r7, r12, lr\n\t"
-        /* A[0] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "umull	r8, r9, r12, lr\n\t"
-        /* A[0] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "umull	r10, r3, r12, lr\n\t"
-        /* A[0] * A[2] */
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[0] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[0] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "str	r5, [sp, #8]\n\t"
-        /* A[1] * A[2] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "str	r6, [sp, #12]\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[1] * A[3] */
-        "ldr	lr, [%[a], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "str	r7, [sp, #16]\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[1] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[1] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[1] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[1] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r4, %[r], #0\n\t"
-        "umlal	r3, r4, r12, lr\n\t"
-        /* A[2] * A[3] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[a], #12]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "str	r8, [sp, #20]\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[2] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[2] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[2] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[2] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r5, %[r], #0\n\t"
-        "umlal	r4, r5, r12, lr\n\t"
-        /* A[3] * A[4] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[a], #16]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "str	r10, [sp, #28]\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[3] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[3] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[3] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r6, %[r], #0\n\t"
-        "umlal	r5, r6, r12, lr\n\t"
-        /* A[4] * A[5] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[a], #20]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[4] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[4] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r7, %[r], #0\n\t"
-        "umlal	r6, r7, r12, lr\n\t"
-        /* A[5] * A[6] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[a], #24]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[5] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r8, %[r], #0\n\t"
-        "umlal	r7, r8, r12, lr\n\t"
-        /* A[6] * A[7] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[a], #28]\n\t"
-        "mov	r9, #0\n\t"
-        "umlal	r8, r9, r12, lr\n\t"
-        "add	lr, sp, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "add	lr, sp, #4\n\t"
-        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "adcs	r3, r3, r3\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adc	r10, %[r], #0\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	lr, sp, #4\n\t"
-        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "mov	lr, sp\n\t"
-        /* A[0] * A[0] */
-        "ldr	r12, [%[a]]\n\t"
-        "umull	r3, r11, r12, r12\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[1] * A[1] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, r12\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[2] * A[2] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, r12\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[3] * A[3] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, r12\n\t"
-        "adds	r10, r10, r11\n\t"
-        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* A[4] * A[4] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, r12\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[5] * A[5] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, r12\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[6] * A[6] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, r12\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[7] * A[7] */
-        "ldr	r12, [%[a], #28]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r10, #0\n\t"
-        "umlal	r9, r10, r12, r12\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "add	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "sub	%[r], %[r], #32\n\t"
-        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        "str	%[r], [sp, #28]\n\t"
-        "ldm	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
-        "umull	r9, r10, %[r], %[r]\n\t"
-        "umull	r11, r12, %[r], %[a]\n\t"
-        "adds	r11, r11, r11\n\t"
-        "mov	lr, #0\n\t"
-        "umaal	r10, r11, lr, lr\n\t"
-        "stm	sp, {r9, r10}\n\t"
-        "mov	r8, lr\n\t"
-        "umaal	r8, r12, %[r], r2\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "umaal	r8, r11, %[a], %[a]\n\t"
-        "umull	r9, r10, %[r], r3\n\t"
-        "umaal	r9, r12, %[a], r2\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, lr, lr\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [sp, #8]\n\t"
-        "str	r9, [sp, #12]\n\t"
-#else
-        "strd	r8, r9, [sp, #8]\n\t"
-#endif
-        "mov	r9, lr\n\t"
-        "umaal	r9, r10, %[r], r4\n\t"
-        "umaal	r9, r12, %[a], r3\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, r2, r2\n\t"
-        "str	r9, [sp, #16]\n\t"
-        "umull	r9, r8, %[r], r5\n\t"
-        "umaal	r9, r12, %[a], r4\n\t"
-        "umaal	r9, r10, r2, r3\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, lr, lr\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "mov	r9, lr\n\t"
-        "umaal	r9, r8, %[r], r6\n\t"
-        "umaal	r9, r12, %[a], r5\n\t"
-        "umaal	r9, r10, r2, r4\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, r3, r3\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "umull	%[r], r9, %[r], r7\n\t"
-        "umaal	%[r], r8, %[a], r6\n\t"
-        "umaal	%[r], r12, r2, r5\n\t"
-        "umaal	%[r], r10, r3, r4\n\t"
-        "adcs	%[r], %[r], %[r]\n\t"
-        "umaal	%[r], r11, lr, lr\n\t"
-        /* R[7] = r0 */
-        "umaal	r9, r8, %[a], r7\n\t"
-        "umaal	r9, r10, r2, r6\n\t"
-        "umaal	r12, r9, r3, r5\n\t"
-        "adcs	r12, r12, r12\n\t"
-        "umaal	r12, r11, r4, r4\n\t"
-        /* R[8] = r12 */
-        "umaal	r9, r8, r2, r7\n\t"
-        "umaal	r10, r9, r3, r6\n\t"
-        "mov	r2, lr\n\t"
-        "umaal	r10, r2, r4, r5\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "umaal	r11, r10, lr, lr\n\t"
-        /* R[9] = r11 */
-        "umaal	r2, r8, r3, r7\n\t"
-        "umaal	r2, r9, r4, r6\n\t"
-        "adcs	r3, r2, r2\n\t"
-        "umaal	r10, r3, r5, r5\n\t"
-        /* R[10] = r10 */
-        "mov	%[a], lr\n\t"
-        "umaal	%[a], r8, r4, r7\n\t"
-        "umaal	%[a], r9, r5, r6\n\t"
-        "adcs	r4, %[a], %[a]\n\t"
-        "umaal	r3, r4, lr, lr\n\t"
-        /* R[11] = r3 */
-        "umaal	r8, r9, r5, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "umaal	r4, r8, r6, r6\n\t"
-        /* R[12] = r4 */
-        "mov	r5, lr\n\t"
-        "umaal	r5, r9, r6, r7\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "umaal	r8, r5, lr, lr\n\t"
-        /* R[13] = r8 */
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r5, r7, r7\n\t"
-        "adcs	r7, r5, lr\n\t"
-        /* R[14] = r9 */
-        /* R[15] = r7 */
-        "ldr	lr, [sp, #28]\n\t"
-        "add	lr, lr, #28\n\t"
-        "stm	lr!, {r0, r12}\n\t"
-        "stm	lr!, {r11}\n\t"
-        "stm	lr!, {r10}\n\t"
-        "stm	lr!, {r3, r4, r8, r9}\n\t"
-        "stm	lr!, {r7}\n\t"
-        "sub	lr, lr, #0x40\n\t"
-        "ldm	sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "stm	lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "add	sp, sp, #32\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#endif
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #32\n\t"
-        "\n"
-    "L_sp_256_add_8_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_256_add_8_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #24\n\t"
-        "ldm	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        /* Clear overflow and underflow */
-        "mov	lr, #0\n\t"
-        "mov	r10, #0\n\t"
-        "# t[0] =  1  1  0 -1 -1 -1 -1  0\n\t"
-        "adds	r12, r2, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "subs	r12, r12, r5\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r6\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r7\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r8\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[0] */
-        "str	r12, [sp]\n\t"
-        "neg	r10, r10\n\t"
-        "mov	r12, #0\n\t"
-        "# t[1] =  0  1  1  0 -1 -1 -1 -1\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	lr, lr, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	lr, lr, r6\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r7\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r8\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r9\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[1] */
-        "str	lr, [sp, #4]\n\t"
-        "neg	r10, r10\n\t"
-        "mov	lr, #0\n\t"
-        "# t[2] =  0  0  1  1  0 -1 -1 -1\n\t"
-        "adds	r12, r12, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	lr, lr, #0\n\t"
-        "subs	r12, r12, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	r12, r12, r7\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r8\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r9\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[2] */
-        "str	r12, [sp, #8]\n\t"
-        "neg	r10, r10\n\t"
-        "mov	r12, #0\n\t"
-        "# t[3] = -1 -1  0  2  2  1  0 -1\n\t"
-        "adds	lr, lr, r5\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r5\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	lr, lr, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	lr, lr, r2\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r3\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r9\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[3] */
-        "str	lr, [sp, #12]\n\t"
-        "neg	r10, r10\n\t"
-        "mov	lr, #0\n\t"
-        "# t[4] =  0 -1 -1  0  2  2  1  0\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r8\n\t"
-        "adc	lr, lr, #0\n\t"
-        "subs	r12, r12, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	r12, r12, r3\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r4\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[4] */
-        "str	r12, [sp, #16]\n\t"
-        "neg	r10, r10\n\t"
-        "mov	r12, #0\n\t"
-        "# t[5] =  0  0 -1 -1  0  2  2  1\n\t"
-        "adds	lr, lr, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r8\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r8\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r9\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	lr, lr, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	lr, lr, r4\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r5\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[5] */
-        "str	lr, [sp, #20]\n\t"
-        "neg	r10, r10\n\t"
-        "mov	lr, #0\n\t"
-        "# t[6] = -1 -1  0  0  0  1  3  2\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r8\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r8\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r8\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r12, r12, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "subs	r12, r12, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	r12, r12, r2\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	r12, r12, r3\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[6] */
-        "mov	r8, r12\n\t"
-        "neg	r10, r10\n\t"
-        "mov	r12, #0\n\t"
-        "# t[7] =  1  0 -1 -1 -1 -1  0  3\n\t"
-        "adds	lr, lr, r2\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r9\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r9\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	lr, lr, r9\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	lr, lr, r10\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "subs	lr, lr, r4\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r5\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r6\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "subs	lr, lr, r7\n\t"
-        "sbc	r10, r10, #0\n\t"
-        /* Store t[7] */
-        /* Load intermediate */
-        "ldm	sp, {r2, r3, r4, r5, r6, r7}\n\t"
-        "neg	r10, r10\n\t"
-        /* Add overflow */
-        /* Subtract underflow - add neg underflow */
-        "adds	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, r10\n\t"
-        "adcs	lr, lr, r12\n\t"
-        "mov	r9, #0\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* Subtract overflow */
-        /* Add underflow - subtract neg underflow */
-        "subs	r2, r2, r10\n\t"
-        "sbcs	r3, r3, #0\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, r12\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, r12\n\t"
-        "sbcs	lr, lr, r10\n\t"
-        "mov	r10, #0\n\t"
-        "sbc	r10, r10, #0\n\t"
-        "neg	r10, r10\n\t"
-        /* Add overflow */
-        /* Subtract underflow - add neg underflow */
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, r10\n\t"
-        "adc	lr, lr, r9\n\t"
-        /* Subtract overflow */
-        /* Add underflow - subtract neg underflow */
-        "subs	r2, r2, r10\n\t"
-        "sbcs	r3, r3, #0\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, r9\n\t"
-        "sbc	lr, lr, r10\n\t"
-        /* Store result */
-        "stm	%[r], {r2, r3, r4, r5, r6, r7, r8, lr}\n\t"
-        "mov	%[r], #0\n\t"
-        "add	sp, sp, #24\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr", "r10"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-    return (word32)(size_t)r;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_8(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 8, pm->x);
-    sp_256_from_mp(p->y, 8, pm->y);
-    sp_256_from_mp(p->z, 8, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 8);
-        r->used = 8;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 8; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 8; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p,
-    sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * B[0] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r8, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r3, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r9, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r9, r9, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adc	r9, r9, r4\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "mov	r10, #0\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r10, r10, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        /* A[1] * B[0] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r9, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, lr, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	lr, lr, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, lr, r4\n\t"
-        /* A[1] * B[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[0] * B[2] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "str	r10, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[1] * B[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[2] * B[1] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[3] * B[0] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "str	lr, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[3] * B[1] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[2] * B[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[1] * B[3] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[0] * B[4] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "str	r8, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[1] * B[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[2] * B[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[3] * B[2] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[4] * B[1] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[5] * B[0] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r9, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[5] * B[1] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[4] * B[2] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[3] * B[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[2] * B[4] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[1] * B[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[0] * B[6] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "str	r10, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r7, [%[b], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[1] * B[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[2] * B[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[3] * B[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[4] * B[3] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[5] * B[2] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[6] * B[1] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[7] * B[0] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "str	lr, [sp, #28]\n\t"
-        /* A[7] * B[1] */
-        "ldr	r7, [%[b], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[6] * B[2] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[5] * B[3] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[4] * B[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[3] * B[5] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[2] * B[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[1] * B[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "str	r8, [sp, #32]\n\t"
-        /* A[2] * B[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[3] * B[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[4] * B[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[5] * B[4] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[6] * B[3] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[7] * B[2] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r7, [%[b], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r9, [sp, #36]\n\t"
-        /* A[7] * B[3] */
-        "ldr	r7, [%[b], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[6] * B[4] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[5] * B[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[4] * B[6] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[3] * B[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "str	r10, [sp, #40]\n\t"
-        /* A[4] * B[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[5] * B[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[6] * B[5] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[7] * B[4] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r7, [%[b], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "str	lr, [sp, #44]\n\t"
-        /* A[7] * B[5] */
-        "ldr	r7, [%[b], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[6] * B[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[5] * B[7] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[6] * B[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[7] * B[6] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r7, [%[b], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[7] * B[7] */
-        "ldr	r7, [%[b], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, lr, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	lr, lr, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, lr, r4\n\t"
-        "str	r8, [sp, #48]\n\t"
-        "str	r9, [sp, #52]\n\t"
-        "str	r10, [sp, #56]\n\t"
-        "str	lr, [sp, #60]\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p,
-    sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        "mov	%[r], #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        /* A[0] * B[0] */
-        "ldr	lr, [%[b]]\n\t"
-        "umull	r3, r4, r12, lr\n\t"
-        /* A[0] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "umull	r5, r6, r12, lr\n\t"
-        /* A[0] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "umull	r7, r8, r12, lr\n\t"
-        /* A[0] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "umull	r9, r10, r12, lr\n\t"
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "mov	r11, %[r]\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[0] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[0] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[0] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r3, %[r], #0\n\t"
-        "umlal	r10, r3, r12, lr\n\t"
-        /* A[1] * B[0] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[1] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[1] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[1] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[1] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[1] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[1] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[1] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r4, %[r], #0\n\t"
-        "umlal	r3, r4, r12, lr\n\t"
-        /* A[2] * B[0] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "str	r5, [sp, #8]\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[2] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[2] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[2] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[2] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[2] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[2] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[2] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r5, %[r], #0\n\t"
-        "umlal	r4, r5, r12, lr\n\t"
-        /* A[3] * B[0] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "str	r6, [sp, #12]\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[3] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[3] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[3] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[3] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[3] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[3] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[3] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r6, %[r], #0\n\t"
-        "umlal	r5, r6, r12, lr\n\t"
-        /* A[4] * B[0] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "str	r7, [sp, #16]\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[4] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[4] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[4] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[4] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[4] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[4] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[4] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r7, %[r], #0\n\t"
-        "umlal	r6, r7, r12, lr\n\t"
-        /* A[5] * B[0] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "str	r8, [sp, #20]\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[5] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[5] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[5] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[5] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[5] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[5] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[5] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r8, %[r], #0\n\t"
-        "umlal	r7, r8, r12, lr\n\t"
-        /* A[6] * B[0] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[6] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[6] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[6] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[6] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[6] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[6] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[6] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r9, %[r], #0\n\t"
-        "umlal	r8, r9, r12, lr\n\t"
-        /* A[7] * B[0] */
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "str	r10, [sp, #28]\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[7] * B[1] */
-        "ldr	lr, [%[b], #4]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[7] * B[2] */
-        "ldr	lr, [%[b], #8]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[7] * B[3] */
-        "ldr	lr, [%[b], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[7] * B[4] */
-        "ldr	lr, [%[b], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[7] * B[5] */
-        "ldr	lr, [%[b], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[7] * B[6] */
-        "ldr	lr, [%[b], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[7] * B[7] */
-        "ldr	lr, [%[b], #28]\n\t"
-        "adc	r10, %[r], #0\n\t"
-        "umlal	r9, r10, r12, lr\n\t"
-        "add	lr, sp, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#else
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p,
-    sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x4c\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	%[r], [sp, #68]\n\t"
-        "str	%[a], [sp, #72]\n\t"
-#else
-        "strd	%[r], %[a], [sp, #68]\n\t"
-#endif
-        "mov	lr, %[b]\n\t"
-        "ldm	%[a], {r0, r1, r2, r3}\n\t"
-        "ldm	lr!, {r4, r5, r6}\n\t"
-        "umull	r10, r11, %[r], r4\n\t"
-        "umull	r12, r7, %[a], r4\n\t"
-        "umaal	r11, r12, %[r], r5\n\t"
-        "umull	r8, r9, %[b], r4\n\t"
-        "umaal	r12, r8, %[a], r5\n\t"
-        "umaal	r12, r7, %[r], r6\n\t"
-        "umaal	r8, r9, r3, r4\n\t"
-        "stm	sp, {r10, r11, r12}\n\t"
-        "umaal	r7, r8, %[b], r5\n\t"
-        "ldm	lr!, {r4}\n\t"
-        "umull	r10, r11, %[a], r6\n\t"
-        "umaal	r8, r9, %[b], r6\n\t"
-        "umaal	r7, r10, %[r], r4\n\t"
-        "umaal	r8, r11, r3, r5\n\t"
-        "str	r7, [sp, #12]\n\t"
-        "umaal	r8, r10, %[a], r4\n\t"
-        "umaal	r9, r11, r3, r6\n\t"
-        "umaal	r9, r10, %[b], r4\n\t"
-        "umaal	r10, r11, r3, r4\n\t"
-        "ldm	lr, {r4, r5, r6, r7}\n\t"
-        "mov	r12, #0\n\t"
-        "umlal	r8, r12, %[r], r4\n\t"
-        "umaal	r9, r12, %[a], r4\n\t"
-        "umaal	r10, r12, %[b], r4\n\t"
-        "umaal	r11, r12, r3, r4\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r9, r4, %[r], r5\n\t"
-        "umaal	r10, r4, %[a], r5\n\t"
-        "umaal	r11, r4, %[b], r5\n\t"
-        "umaal	r12, r4, r3, r5\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, %[r], r6\n\t"
-        "umaal	r11, r5, %[a], r6\n\t"
-        "umaal	r12, r5, %[b], r6\n\t"
-        "umaal	r4, r5, r3, r6\n\t"
-        "mov	r6, #0\n\t"
-        "umlal	r11, r6, %[r], r7\n\t"
-        "ldr	%[r], [sp, #72]\n\t"
-        "umaal	r12, r6, %[a], r7\n\t"
-        "add	%[r], %[r], #16\n\t"
-        "umaal	r4, r6, %[b], r7\n\t"
-        "sub	lr, lr, #16\n\t"
-        "umaal	r5, r6, r3, r7\n\t"
-        "ldm	%[r], {r0, r1, r2, r3}\n\t"
-        "str	r6, [sp, #64]\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r7, #0\n\t"
-        "umlal	r8, r7, %[r], r6\n\t"
-        "umaal	r9, r7, %[a], r6\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "umaal	r10, r7, %[b], r6\n\t"
-        "umaal	r11, r7, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r8, #0\n\t"
-        "umlal	r9, r8, %[r], r6\n\t"
-        "umaal	r10, r8, %[a], r6\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "umaal	r11, r8, %[b], r6\n\t"
-        "umaal	r12, r8, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r9, #0\n\t"
-        "umlal	r10, r9, %[r], r6\n\t"
-        "umaal	r11, r9, %[a], r6\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "umaal	r12, r9, %[b], r6\n\t"
-        "umaal	r4, r9, r3, r6\n\t"
-        "ldm	lr!, {r6}\n\t"
-        "mov	r10, #0\n\t"
-        "umlal	r11, r10, %[r], r6\n\t"
-        "umaal	r12, r10, %[a], r6\n\t"
-        "str	r11, [sp, #28]\n\t"
-        "umaal	r4, r10, %[b], r6\n\t"
-        "umaal	r5, r10, r3, r6\n\t"
-        "ldm	lr!, {r11}\n\t"
-        "umaal	r12, r7, %[r], r11\n\t"
-        "umaal	r4, r7, %[a], r11\n\t"
-        "ldr	r6, [sp, #64]\n\t"
-        "umaal	r5, r7, %[b], r11\n\t"
-        "umaal	r6, r7, r3, r11\n\t"
-        "ldm	lr!, {r11}\n\t"
-        "umaal	r4, r8, %[r], r11\n\t"
-        "umaal	r5, r8, %[a], r11\n\t"
-        "umaal	r6, r8, %[b], r11\n\t"
-        "umaal	r7, r8, r3, r11\n\t"
-        "ldm	lr, {r11, lr}\n\t"
-        "umaal	r5, r9, %[r], r11\n\t"
-        "umaal	r6, r10, %[r], lr\n\t"
-        "umaal	r6, r9, %[a], r11\n\t"
-        "umaal	r7, r10, %[a], lr\n\t"
-        "umaal	r7, r9, %[b], r11\n\t"
-        "umaal	r8, r10, %[b], lr\n\t"
-        "umaal	r8, r9, r3, r11\n\t"
-        "umaal	r9, r10, r3, lr\n\t"
-        "mov	r3, r12\n\t"
-        "add	lr, sp, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[r], [sp, #68]\n\t"
-        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x4c\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7",
-            "r8", "r9", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "sub	sp, sp, #0x44\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * A[1] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[a], #4]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r9, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r3, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r10, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r10, r10, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        "str	r9, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r7, [%[a], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "mov	lr, #0\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, lr, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	lr, lr, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, lr, r4\n\t"
-        "str	r10, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r7, [%[a], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "mov	r8, #0\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adc	r8, r8, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r8, r8, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adc	r8, r8, r4\n\t"
-        /* A[1] * A[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[a], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "str	lr, [sp, #12]\n\t"
-        /* A[1] * A[3] */
-        "ldr	r7, [%[a], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adc	r9, r9, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r9, r9, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adc	r9, r9, r4\n\t"
-        /* A[0] * A[4] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "str	r8, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r7, [%[a], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r10, r10, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        /* A[1] * A[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[2] * A[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r9, [sp, #20]\n\t"
-        /* A[2] * A[4] */
-        "ldr	r7, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[0] * A[6] */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "str	r10, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r7, [%[a], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[2] * A[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[3] * A[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "str	lr, [sp, #28]\n\t"
-        /* A[3] * A[5] */
-        "ldr	r7, [%[a], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[2] * A[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        /* A[1] * A[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, r10\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "str	r8, [sp, #32]\n\t"
-        /* A[2] * A[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[3] * A[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        /* A[4] * A[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	lr, r5, lr\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r9, [sp, #36]\n\t"
-        /* A[4] * A[6] */
-        "ldr	r7, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        /* A[3] * A[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adcs	lr, lr, #0\n\t"
-        "adc	r8, r5, r8\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, lr, r4\n\t"
-        "adc	r8, r8, #0\n\t"
-        "str	r10, [sp, #40]\n\t"
-        /* A[4] * A[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        /* A[5] * A[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r5, r9\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	r9, r9, #0\n\t"
-        "str	lr, [sp, #44]\n\t"
-        /* A[5] * A[7] */
-        "ldr	r7, [%[a], #28]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r5, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "str	r8, [sp, #48]\n\t"
-        /* A[6] * A[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "lsl	r3, r6, #16\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adc	r10, r10, #0\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsr	r4, r7, #16\n\t"
-        "mul	r4, r3, r4\n\t"
-        "add	r10, r10, r4\n\t"
-        "lsl	r4, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r3, r4, r3\n\t"
-        "lsr	r4, r3, #16\n\t"
-        "lsl	r3, r3, #16\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r10, r4\n\t"
-        "str	r9, [sp, #52]\n\t"
-        "str	r10, [sp, #56]\n\t"
-        /* Double */
-        "ldr	r4, [sp, #4]\n\t"
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	lr, [sp, #28]\n\t"
-        "ldr	r12, [sp, #32]\n\t"
-        "ldr	r3, [sp, #36]\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	lr, lr, lr\n\t"
-        "adcs	r12, r12, r12\n\t"
-        "adcs	r3, r3, r3\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "str	r6, [sp, #8]\n\t"
-        "str	r7, [sp, #12]\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "str	lr, [sp, #28]\n\t"
-        "str	r12, [sp, #32]\n\t"
-        "str	r3, [sp, #36]\n\t"
-        "ldr	r4, [sp, #40]\n\t"
-        "ldr	r6, [sp, #44]\n\t"
-        "ldr	r7, [sp, #48]\n\t"
-        "ldr	r8, [sp, #52]\n\t"
-        "ldr	r9, [sp, #56]\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "str	r4, [sp, #40]\n\t"
-        "str	r6, [sp, #44]\n\t"
-        "str	r7, [sp, #48]\n\t"
-        "str	r8, [sp, #52]\n\t"
-        "str	r9, [sp, #56]\n\t"
-        "adc	r10, r5, #0\n\t"
-        "str	r10, [sp, #60]\n\t"
-        "ldr	r4, [sp, #4]\n\t"
-        "ldr	r5, [sp, #8]\n\t"
-        "ldr	r12, [sp, #12]\n\t"
-        /* A[0] * A[0] */
-        "ldr	r6, [%[a]]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r8, r6, r6\n\t"
-        "mul	r9, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adds	r8, r8, r6\n\t"
-        "adc	r9, r9, r7\n\t"
-        /* A[1] * A[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r10, r6, r6\n\t"
-        "mul	lr, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	lr, lr, r7\n\t"
-        "adds	r9, r9, r4\n\t"
-        "adcs	r10, r10, r5\n\t"
-        "adcs	lr, lr, r12\n\t"
-        "str	r8, [sp]\n\t"
-        "str	r9, [sp, #4]\n\t"
-        "str	r10, [sp, #8]\n\t"
-        "str	lr, [sp, #12]\n\t"
-        "ldr	r3, [sp, #16]\n\t"
-        "ldr	r4, [sp, #20]\n\t"
-        "ldr	r5, [sp, #24]\n\t"
-        "ldr	r12, [sp, #28]\n\t"
-        /* A[2] * A[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r8, r6, r6\n\t"
-        "mul	r9, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adcs	r8, r8, r6\n\t"
-        "adc	r9, r9, r7\n\t"
-        /* A[3] * A[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r10, r6, r6\n\t"
-        "mul	lr, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	lr, lr, r7\n\t"
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "adcs	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-#else
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-#endif
-        "adcs	r10, r10, r5\n\t"
-        "adcs	lr, lr, r12\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "str	lr, [sp, #28]\n\t"
-        "ldr	r3, [sp, #32]\n\t"
-        "ldr	r4, [sp, #36]\n\t"
-        "ldr	r5, [sp, #40]\n\t"
-        "ldr	r12, [sp, #44]\n\t"
-        /* A[4] * A[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r8, r6, r6\n\t"
-        "mul	r9, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adcs	r8, r8, r6\n\t"
-        "adc	r9, r9, r7\n\t"
-        /* A[5] * A[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r10, r6, r6\n\t"
-        "mul	lr, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	lr, lr, r7\n\t"
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "adcs	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-#else
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-#endif
-        "adcs	r10, r10, r5\n\t"
-        "adcs	lr, lr, r12\n\t"
-        "str	r8, [sp, #32]\n\t"
-        "str	r9, [sp, #36]\n\t"
-        "str	r10, [sp, #40]\n\t"
-        "str	lr, [sp, #44]\n\t"
-        "ldr	r3, [sp, #48]\n\t"
-        "ldr	r4, [sp, #52]\n\t"
-        "ldr	r5, [sp, #56]\n\t"
-        "ldr	r12, [sp, #60]\n\t"
-        /* A[6] * A[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r8, r6, r6\n\t"
-        "mul	r9, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adcs	r8, r8, r6\n\t"
-        "adc	r9, r9, r7\n\t"
-        /* A[7] * A[7] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r10, r6, r6\n\t"
-        "mul	lr, r7, r7\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #15\n\t"
-        "lsl	r6, r6, #17\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	lr, lr, r7\n\t"
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "adcs	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-#else
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, r4\n\t"
-#endif
-        "adcs	r10, r10, r5\n\t"
-        "adc	lr, lr, r12\n\t"
-        "str	r8, [sp, #48]\n\t"
-        "str	r9, [sp, #52]\n\t"
-        "str	r10, [sp, #56]\n\t"
-        "str	lr, [sp, #60]\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r12", "r8", "r9",
-            "r10", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        "mov	%[r], #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        /* A[0] * A[1] */
-        "ldr	lr, [%[a], #4]\n\t"
-        "umull	r4, r5, r12, lr\n\t"
-        /* A[0] * A[3] */
-        "ldr	lr, [%[a], #12]\n\t"
-        "umull	r6, r7, r12, lr\n\t"
-        /* A[0] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "umull	r8, r9, r12, lr\n\t"
-        /* A[0] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "umull	r10, r3, r12, lr\n\t"
-        /* A[0] * A[2] */
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[0] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[0] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "str	r4, [sp, #4]\n\t"
-        "str	r5, [sp, #8]\n\t"
-        /* A[1] * A[2] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "str	r6, [sp, #12]\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[1] * A[3] */
-        "ldr	lr, [%[a], #12]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, lr\n\t"
-        "str	r7, [sp, #16]\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[1] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[1] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[1] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[1] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r4, %[r], #0\n\t"
-        "umlal	r3, r4, r12, lr\n\t"
-        /* A[2] * A[3] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[a], #12]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r8, r11, r12, lr\n\t"
-        "str	r8, [sp, #20]\n\t"
-        "adds	r9, r9, r11\n\t"
-        /* A[2] * A[4] */
-        "ldr	lr, [%[a], #16]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, lr\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "adds	r10, r10, r11\n\t"
-        /* A[2] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[2] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[2] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r5, %[r], #0\n\t"
-        "umlal	r4, r5, r12, lr\n\t"
-        /* A[3] * A[4] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[a], #16]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r10, r11, r12, lr\n\t"
-        "str	r10, [sp, #28]\n\t"
-        "adds	r3, r3, r11\n\t"
-        /* A[3] * A[5] */
-        "ldr	lr, [%[a], #20]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, lr\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[3] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[3] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r6, %[r], #0\n\t"
-        "umlal	r5, r6, r12, lr\n\t"
-        /* A[4] * A[5] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[a], #20]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r4, r11, r12, lr\n\t"
-        "adds	r5, r5, r11\n\t"
-        /* A[4] * A[6] */
-        "ldr	lr, [%[a], #24]\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, lr\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[4] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r7, %[r], #0\n\t"
-        "umlal	r6, r7, r12, lr\n\t"
-        /* A[5] * A[6] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[a], #24]\n\t"
-        "mov	r11, #0\n\t"
-        "umlal	r6, r11, r12, lr\n\t"
-        "adds	r7, r7, r11\n\t"
-        /* A[5] * A[7] */
-        "ldr	lr, [%[a], #28]\n\t"
-        "adc	r8, %[r], #0\n\t"
-        "umlal	r7, r8, r12, lr\n\t"
-        /* A[6] * A[7] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[a], #28]\n\t"
-        "mov	r9, #0\n\t"
-        "umlal	r8, r9, r12, lr\n\t"
-        "add	lr, sp, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "add	lr, sp, #4\n\t"
-        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "adcs	r3, r3, r3\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adc	r10, %[r], #0\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "add	lr, sp, #4\n\t"
-        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "mov	lr, sp\n\t"
-        /* A[0] * A[0] */
-        "ldr	r12, [%[a]]\n\t"
-        "umull	r3, r11, r12, r12\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[1] * A[1] */
-        "ldr	r12, [%[a], #4]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, r12\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[2] * A[2] */
-        "ldr	r12, [%[a], #8]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, r12\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[3] * A[3] */
-        "ldr	r12, [%[a], #12]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r9, r11, r12, r12\n\t"
-        "adds	r10, r10, r11\n\t"
-        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* A[4] * A[4] */
-        "ldr	r12, [%[a], #16]\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r3, r11, r12, r12\n\t"
-        "adds	r4, r4, r11\n\t"
-        /* A[5] * A[5] */
-        "ldr	r12, [%[a], #20]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r5, r11, r12, r12\n\t"
-        "adds	r6, r6, r11\n\t"
-        /* A[6] * A[6] */
-        "ldr	r12, [%[a], #24]\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r11, %[r], #0\n\t"
-        "umlal	r7, r11, r12, r12\n\t"
-        "adds	r8, r8, r11\n\t"
-        /* A[7] * A[7] */
-        "ldr	r12, [%[a], #28]\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adc	r10, r10, #0\n\t"
-        "umlal	r9, r10, r12, r12\n\t"
-        "add	lr, sp, #32\n\t"
-        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#else
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "str	%[r], [sp, #64]\n\t"
-        "ldm	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
-        "umull	r9, r10, %[r], %[r]\n\t"
-        "umull	r11, r12, %[r], %[a]\n\t"
-        "adds	r11, r11, r11\n\t"
-        "mov	lr, #0\n\t"
-        "umaal	r10, r11, lr, lr\n\t"
-        "stm	sp, {r9, r10}\n\t"
-        "mov	r8, lr\n\t"
-        "umaal	r8, r12, %[r], r2\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "umaal	r8, r11, %[a], %[a]\n\t"
-        "umull	r9, r10, %[r], r3\n\t"
-        "umaal	r9, r12, %[a], r2\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, lr, lr\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [sp, #8]\n\t"
-        "str	r9, [sp, #12]\n\t"
-#else
-        "strd	r8, r9, [sp, #8]\n\t"
-#endif
-        "mov	r9, lr\n\t"
-        "umaal	r9, r10, %[r], r4\n\t"
-        "umaal	r9, r12, %[a], r3\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, r2, r2\n\t"
-        "str	r9, [sp, #16]\n\t"
-        "umull	r9, r8, %[r], r5\n\t"
-        "umaal	r9, r12, %[a], r4\n\t"
-        "umaal	r9, r10, r2, r3\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, lr, lr\n\t"
-        "str	r9, [sp, #20]\n\t"
-        "mov	r9, lr\n\t"
-        "umaal	r9, r8, %[r], r6\n\t"
-        "umaal	r9, r12, %[a], r5\n\t"
-        "umaal	r9, r10, r2, r4\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r11, r3, r3\n\t"
-        "str	r9, [sp, #24]\n\t"
-        "umull	%[r], r9, %[r], r7\n\t"
-        "umaal	%[r], r8, %[a], r6\n\t"
-        "umaal	%[r], r12, r2, r5\n\t"
-        "umaal	%[r], r10, r3, r4\n\t"
-        "adcs	%[r], %[r], %[r]\n\t"
-        "umaal	%[r], r11, lr, lr\n\t"
-        /* R[7] = r0 */
-        "umaal	r9, r8, %[a], r7\n\t"
-        "umaal	r9, r10, r2, r6\n\t"
-        "umaal	r12, r9, r3, r5\n\t"
-        "adcs	r12, r12, r12\n\t"
-        "umaal	r12, r11, r4, r4\n\t"
-        /* R[8] = r12 */
-        "umaal	r9, r8, r2, r7\n\t"
-        "umaal	r10, r9, r3, r6\n\t"
-        "mov	r2, lr\n\t"
-        "umaal	r10, r2, r4, r5\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "umaal	r11, r10, lr, lr\n\t"
-        /* R[9] = r11 */
-        "umaal	r2, r8, r3, r7\n\t"
-        "umaal	r2, r9, r4, r6\n\t"
-        "adcs	r3, r2, r2\n\t"
-        "umaal	r10, r3, r5, r5\n\t"
-        /* R[10] = r10 */
-        "mov	%[a], lr\n\t"
-        "umaal	%[a], r8, r4, r7\n\t"
-        "umaal	%[a], r9, r5, r6\n\t"
-        "adcs	r4, %[a], %[a]\n\t"
-        "umaal	r3, r4, lr, lr\n\t"
-        /* R[11] = r3 */
-        "umaal	r8, r9, r5, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "umaal	r4, r8, r6, r6\n\t"
-        /* R[12] = r4 */
-        "mov	r5, lr\n\t"
-        "umaal	r5, r9, r6, r7\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "umaal	r8, r5, lr, lr\n\t"
-        /* R[13] = r8 */
-        "adcs	r9, r9, r9\n\t"
-        "umaal	r9, r5, r7, r7\n\t"
-        "adcs	r7, r5, lr\n\t"
-        /* R[14] = r9 */
-        /* R[15] = r7 */
-        "mov	lr, sp\n\t"
-        "add	lr, lr, #28\n\t"
-        "stm	lr!, {r0, r12}\n\t"
-        "stm	lr!, {r11}\n\t"
-        "stm	lr!, {r10}\n\t"
-        "stm	lr!, {r3, r4, r8, r9}\n\t"
-        "stm	lr!, {r7}\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[r], [sp, #64]\n\t"
-        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#endif
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_8(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_8(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word32 p256_mod_minus_2[8] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0x00000000U,0x00000000U,0x00000000U,
-    0x00000001U,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 8);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_8(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_256_mont_mul_8(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 8);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 8;
-    sp_digit* t3 = td + 4 * 8;
-    /* 0x2 */
-    sp_256_mont_sqr_8(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_8(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_8(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_8(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_8(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_8(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_8(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_8(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_8(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_8(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_8(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_8(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_8(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #28\n\t"
-        "\n"
-    "L_sp_256_cmp_8_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_256_cmp_8_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_256_norm_8(a)
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_256_cond_sub_8_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #32\n\t"
-        "blt	L_sp_256_cond_sub_8_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_SP_SMALL
-#define sp_256_mont_reduce_order_8    sp_256_mont_reduce_8
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_8_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #28]\n\t"
-#else
-        "ldr	r7, [%[m], #28]\n\t"
-#endif
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #32\n\t"
-        "blt	L_sp_256_mont_reduce_8_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_8_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #32\n\t"
-        "blt	L_sp_256_mont_reduce_8_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_8_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #32]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #32]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #32\n\t"
-        "blt	L_sp_256_mont_reduce_8_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-#else
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "str	%[a], [sp, #64]\n\t"
-        "mov	lr, sp\n\t"
-        "ldm	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "stm	lr!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "stm	lr, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        /* Start Reduction */
-        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "mov	r3, r11\n\t"
-        "mov	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        "adds	r11, r11, r5\n\t"
-        "adc	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "sub	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "mov	r0, r8\n\t"
-        "mov	r1, r9\n\t"
-        "mov	r2, r10\n\t"
-        "adds	r8, r8, r5\n\t"
-        "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, r7\n\t"
-        "adcs	r11, r11, r0\n\t"
-        "adc	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "adds	r0, r0, r5\n\t"
-        "adcs	r1, r1, r6\n\t"
-        "adcs	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "add	r0, sp, #32\n\t"
-        "ldm	r0, {r2, r3, r4}\n\t"
-        "adds	r2, r2, lr\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r7\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "stm	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
-        "adds	r0, r0, lr\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	lr, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r8\n\t"
-        "adcs	r1, r1, r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, r11\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r0, r0, r10\n\t"
-        "adcs	r1, r1, r11\n\t"
-        "adcs	r2, r2, r12\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	lr, lr, #0\n\t"
-        "str	r0, [sp, #44]\n\t"
-        "str	r1, [sp, #48]\n\t"
-        "str	r2, [sp, #52]\n\t"
-        "str	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "add	r0, sp, #28\n\t"
-        "ldm	r0, {r0, r1, r2, r3}\n\t"
-        "subs	r0, r0, r5\n\t"
-        "sbcs	r1, r1, r6\n\t"
-        "sbcs	r2, r2, r7\n\t"
-        "sbcs	r3, r3, r8\n\t"
-        "add	r0, sp, #44\n\t"
-        "mov	r8, r4\n\t"
-        "ldm	r0, {r4, r5, r6, r7}\n\t"
-        "sbcs	r4, r4, r9\n\t"
-        "sbcs	r5, r5, r10\n\t"
-        "sbcs	r6, r6, r11\n\t"
-        "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbc	lr, lr, #0\n\t"
-        /* mask m and sub from result if overflow */
-        "rsb	lr, lr, #0\n\t"
-        "subs	r1, r1, lr\n\t"
-        "sbcs	r2, r2, lr\n\t"
-        "sbcs	r3, r3, lr\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, lr, lsr #31\n\t"
-        "sbc	r8, r8, lr\n\t"
-        "ldr	%[a], [sp, #64]\n\t"
-        "stm	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add	sp, sp, #0x44\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #28]\n\t"
-#else
-        "ldr	r7, [%[m], #28]\n\t"
-#endif
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #32\n\t"
-        "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #32\n\t"
-        "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_256_mont_reduce_order_8(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #32]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #32]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #32\n\t"
-        "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-#endif /* WOLFSSL_SP_SMALL */
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_int32 n;
-
-    sp_256_mont_inv_8(t1, p->z, t + 2*8);
-
-    sp_256_mont_sqr_8(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_8(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 8, 0, sizeof(sp_digit) * 8U);
-    sp_256_mont_reduce_8(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_8(r->x, p256_mod);
-    sp_256_cond_sub_8(r->x, r->x, p256_mod, (sp_digit)~(n >> 31));
-    sp_256_norm_8(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_8(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 8, 0, sizeof(sp_digit) * 8U);
-    sp_256_mont_reduce_8(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_8(r->y, p256_mod);
-    sp_256_cond_sub_8(r->y, r->y, p256_mod, (sp_digit)~(n >> 31));
-    sp_256_norm_8(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mont_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mont_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r4\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "adcs	r7, r7, r3\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "adcs	r12, r12, r4\n\t"
-        "adc	lr, lr, #0\n\t"
-        "rsb	lr, lr, #0\n\t"
-        "subs	r5, r5, lr\n\t"
-        "sbcs	r6, r6, lr\n\t"
-        "sbcs	r7, r7, lr\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, #0\n\t"
-        "sbcs	r11, r11, lr, lsr #31\n\t"
-        "sbcs	r12, r12, lr\n\t"
-        "sbc	%[b], %[b], %[b]\n\t"
-        "sub	lr, lr, %[b]\n\t"
-        "subs	r5, r5, lr\n\t"
-        "sbcs	r6, r6, lr\n\t"
-        "sbcs	r7, r7, lr\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, #0\n\t"
-        "sbcs	r11, r11, lr, lsr #31\n\t"
-        "sbc	r12, r12, lr\n\t"
-        "stm	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mont_dbl_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mont_dbl_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #0\n\t"
-        "ldm	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "adc	r2, r2, #0\n\t"
-        "rsb	r2, r2, #0\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r2, lsr #31\n\t"
-        "sbcs	r11, r11, r2\n\t"
-        "sbc	%[a], %[a], %[a]\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r2, lsr #31\n\t"
-        "sbc	r11, r11, r2\n\t"
-        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mont_tpl_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mont_tpl_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "adc	r12, r12, #0\n\t"
-        "rsb	r12, r12, #0\n\t"
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, r12\n\t"
-        "sbcs	r6, r6, r12\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r12, lsr #31\n\t"
-        "sbcs	r11, r11, r12\n\t"
-        "sbc	r2, r2, r2\n\t"
-        "sub	r12, r12, r2\n\t"
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, r12\n\t"
-        "sbcs	r6, r6, r12\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r12, lsr #31\n\t"
-        "sbc	r11, r11, r12\n\t"
-        "ldm	%[a]!, {r2, r3}\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "ldm	%[a]!, {r2, r3}\n\t"
-        "adcs	r6, r6, r2\n\t"
-        "adcs	r7, r7, r3\n\t"
-        "ldm	%[a]!, {r2, r3}\n\t"
-        "adcs	r8, r8, r2\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "ldm	%[a]!, {r2, r3}\n\t"
-        "adcs	r10, r10, r2\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "adc	r12, r12, #0\n\t"
-        "rsb	r12, r12, #0\n\t"
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, r12\n\t"
-        "sbcs	r6, r6, r12\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r12, lsr #31\n\t"
-        "sbcs	r11, r11, r12\n\t"
-        "sbc	r2, r2, r2\n\t"
-        "sub	r12, r12, r2\n\t"
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, r12\n\t"
-        "sbcs	r6, r6, r12\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r12, lsr #31\n\t"
-        "sbc	r11, r11, r12\n\t"
-        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2", "r3", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mont_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mont_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "subs	r5, r5, r3\n\t"
-        "sbcs	r6, r6, r4\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "sbcs	r7, r7, r3\n\t"
-        "sbcs	r8, r8, r4\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "sbcs	r9, r9, r3\n\t"
-        "sbcs	r10, r10, r4\n\t"
-        "ldm	%[b]!, {r3, r4}\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "sbcs	r12, r12, r4\n\t"
-        "sbc	lr, lr, #0\n\t"
-        "adds	r5, r5, lr\n\t"
-        "adcs	r6, r6, lr\n\t"
-        "adcs	r7, r7, lr\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, lr, lsr #31\n\t"
-        "adcs	r12, r12, lr\n\t"
-        "adc	lr, lr, #0\n\t"
-        "adds	r5, r5, lr\n\t"
-        "adcs	r6, r6, lr\n\t"
-        "adcs	r7, r7, lr\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, lr, lsr #31\n\t"
-        "adc	r12, r12, lr\n\t"
-        "stm	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mont_div2_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mont_div2_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r4, r5, r6, r7}\n\t"
-        "and	r3, r4, #1\n\t"
-        "rsb	r8, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "adcs	r6, r6, r8\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "stm	%[r], {r4, r5, r6, r7}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #24]\n\t"
-#endif
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, r8, lsr #31\n\t"
-        "adcs	r7, r7, r8\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r4, #1\n\t"
-        "lsr	r9, r5, #1\n\t"
-        "lsr	r10, r6, #1\n\t"
-        "lsr	r11, r7, #1\n\t"
-        "orr	r8, r8, r5, lsl #31\n\t"
-        "orr	r9, r9, r6, lsl #31\n\t"
-        "orr	r10, r10, r7, lsl #31\n\t"
-        "orr	r11, r11, r3, lsl #31\n\t"
-        "mov	r3, r4\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "lsr	r8, r4, #1\n\t"
-        "lsr	r9, r5, #1\n\t"
-        "lsr	r10, r6, #1\n\t"
-        "lsr	r11, r7, #1\n\t"
-        "orr	r8, r8, r5, lsl #31\n\t"
-        "orr	r9, r9, r6, lsl #31\n\t"
-        "orr	r10, r10, r7, lsl #31\n\t"
-        "orr	r11, r11, r3, lsl #31\n\t"
-        "stm	%[r], {r8, r9, r10, r11}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3"
-    );
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_8(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_8(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_8(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_8(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_8(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_8(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_8(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_8(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_8(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_8(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_8(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_8(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_8(x, x, y, p256_mod);
-    /* Y = Y - X */
-    sp_256_mont_sub_8(y, y, x, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_8(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_8_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_8_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*8;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_8(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_8(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_8(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_8(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_8(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_8(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_8(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_8(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_8(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_8(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_8(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_8(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_8(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_8(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_8(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*8;
-    sp_digit* t2 = t + 4*8;
-    sp_digit* t3 = t + 6*8;
-    sp_digit* t4 = t + 8*8;
-    sp_digit* t5 = t + 10*8;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_8(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_8(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_8(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_8(t2, t1) &
-            sp_256_cmp_equal_8(t4, t3)) {
-        sp_256_proj_point_dbl_8(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_8(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(x, x, t5, p256_mod);
-        sp_256_mont_mul_8(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_8(t3, y, p256_mod);
-        sp_256_mont_sub_8(x, x, t3, p256_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_8_ctx {
-    int state;
-    sp_256_proj_point_dbl_8_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_8_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_8_ctx* ctx = (sp_256_proj_point_add_8_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*8;
-        ctx->t2 = t + 4*8;
-        ctx->t3 = t + 6*8;
-        ctx->t4 = t + 8*8;
-        ctx->t5 = t + 10*8;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_8(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_8(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_8(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_8(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_8(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_8(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_8(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_8(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_8(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_8(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_8(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_8(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_8(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_8(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_8(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_8(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_8(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_8(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_8(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_8(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_256_mont_dbl_8(ctx->t3, ctx->y, p256_mod);
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->t3, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_8(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 256 doubles.
- * 76 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_point_256* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_256, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_256, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_256_mod_mul_norm_8(t[1].x, g->x, p256_mod);
-        (void)sp_256_mod_mul_norm_8(t[1].y, g->y, p256_mod);
-        (void)sp_256_mod_mul_norm_8(t[1].z, g->z, p256_mod);
-        t[1].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_256_proj_point_add_8(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_256_proj_point_add_8(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_256_proj_point_add_8(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 6;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_16_8(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_256));
-        }
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_16_8(p, t, y);
-                p->infinity = !y;
-                sp_256_proj_point_add_8(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_256_proj_point_add_8(rt, rt, &t[y], tmp);
-            }
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 8 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_256, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_256, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*8;
-    sp_digit* b = t + 4*8;
-    sp_digit* t1 = t + 6*8;
-    sp_digit* t2 = t + 8*8;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_8(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_8(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_8(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_8(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_8(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_8(t2, b, p256_mod);
-        sp_256_mont_sub_8(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_8(t2, b, x, p256_mod);
-        sp_256_mont_dbl_8(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_8(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_8(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_8(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_8(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_8(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_8(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_dbl_8(t2, b, p256_mod);
-    sp_256_mont_sub_8(x, x, t2, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_sub_8(t2, b, x, p256_mod);
-    sp_256_mont_dbl_8(b, t2, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_8(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_8(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_8(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_8(y, y, p256_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_8(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 8;
-    sp_digit* tmp = t + 4 * 8;
-
-    sp_256_mont_inv_8(t1, a->z, tmp);
-
-    sp_256_mont_sqr_8(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_8(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[8];
-    sp_digit y[8];
-} sp_table_entry_256;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*8;
-    sp_digit* t6 = t + 4*8;
-    sp_digit* t1 = t + 6*8;
-    sp_digit* t4 = t + 8*8;
-    sp_digit* t5 = t + 10*8;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_8(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_8(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_8(p->x, t2) &
-            sp_256_cmp_equal_8(p->y, t4)) {
-        sp_256_proj_point_dbl_8(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_8(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
-        sp_256_mont_dbl_8(t5, t3, p256_mod);
-        sp_256_mont_sub_8(x, t2, t5, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_8(t3, t3, x, p256_mod);
-        sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 64 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_8(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_8(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_8(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_256_proj_point_dbl_n_8(t, 64, tmp);
-            sp_256_proj_to_affine_8(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_8(t, s1, s2, tmp);
-                sp_256_proj_to_affine_8(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_16_8(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 8 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 63;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 64;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_16_8(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=62; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 64;
-            }
-
-            sp_256_proj_point_dbl_8(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_16_8(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_8(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[8];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[8];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_8(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_8(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_8(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_8(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 32 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_8(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_8(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_8(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_8(t, 32, tmp);
-            sp_256_proj_to_affine_8(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_8(t, s1, s2, tmp);
-                sp_256_proj_to_affine_8(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_256_8(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 8 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 31;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 32;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_256_8(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 32;
-            }
-
-            sp_256_proj_point_dbl_8(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_256_8(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_8(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[8];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[8];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_8(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_8(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_8(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_8(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(point, gm);
-
-            err = sp_256_ecc_mulmod_8(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 8 + 8 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8 + 8 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 8;
-
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(point, gm);
-        sp_256_point_from_ecc_point_8(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_8(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_8(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 64 between points.
- */
-static const sp_table_entry_256 p256_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x79e730d4,0x5fedb601,0x75ba95fc,0x77622510,0x79fb732b,
-        0xa53755c6,0x18905f76 },
-      { 0xce95560a,0xddf25357,0xba19e45c,0x8b4ab8e4,0xdd21f325,0xd2e88688,
-        0x25885d85,0x8571ff18 } },
-    /* 2 */
-    { { 0x16a0d2bb,0x4f922fc5,0x1a623499,0x0d5cc16c,0x57c62c8b,0x9241cf3a,
-        0xfd1b667f,0x2f5e6961 },
-      { 0xf5a01797,0x5c15c70b,0x60956192,0x3d20b44d,0x071fdb52,0x04911b37,
-        0x8d6f0f7b,0xf648f916 } },
-    /* 3 */
-    { { 0xe137bbbc,0x9e566847,0x8a6a0bec,0xe434469e,0x79d73463,0xb1c42761,
-        0x133d0015,0x5abe0285 },
-      { 0xc04c7dab,0x92aa837c,0x43260c07,0x573d9f4c,0x78e6cc37,0x0c931562,
-        0x6b6f7383,0x94bb725b } },
-    /* 4 */
-    { { 0xbfe20925,0x62a8c244,0x8fdce867,0x91c19ac3,0xdd387063,0x5a96a5d5,
-        0x21d324f6,0x61d587d4 },
-      { 0xa37173ea,0xe87673a2,0x53778b65,0x23848008,0x05bab43e,0x10f8441e,
-        0x4621efbe,0xfa11fe12 } },
-    /* 5 */
-    { { 0x2cb19ffd,0x1c891f2b,0xb1923c23,0x01ba8d5b,0x8ac5ca8e,0xb6d03d67,
-        0x1f13bedc,0x586eb04c },
-      { 0x27e8ed09,0x0c35c6e5,0x1819ede2,0x1e81a33c,0x56c652fa,0x278fd6c0,
-        0x70864f11,0x19d5ac08 } },
-    /* 6 */
-    { { 0xd2b533d5,0x62577734,0xa1bdddc0,0x673b8af6,0xa79ec293,0x577e7c9a,
-        0xc3b266b1,0xbb6de651 },
-      { 0xb65259b3,0xe7e9303a,0xd03a7480,0xd6a0afd3,0x9b3cfc27,0xc5ac83d1,
-        0x5d18b99b,0x60b4619a } },
-    /* 7 */
-    { { 0x1ae5aa1c,0xbd6a38e1,0x49e73658,0xb8b7652b,0xee5f87ed,0x0b130014,
-        0xaeebffcd,0x9d0f27b2 },
-      { 0x7a730a55,0xca924631,0xddbbc83a,0x9c955b2f,0xac019a71,0x07c1dfe0,
-        0x356ec48d,0x244a566d } },
-    /* 8 */
-    { { 0xf4f8b16a,0x56f8410e,0xc47b266a,0x97241afe,0x6d9c87c1,0x0a406b8e,
-        0xcd42ab1b,0x803f3e02 },
-      { 0x04dbec69,0x7f0309a8,0x3bbad05f,0xa83b85f7,0xad8e197f,0xc6097273,
-        0x5067adc1,0xc097440e } },
-    /* 9 */
-    { { 0xc379ab34,0x846a56f2,0x841df8d1,0xa8ee068b,0x176c68ef,0x20314459,
-        0x915f1f30,0xf1af32d5 },
-      { 0x5d75bd50,0x99c37531,0xf72f67bc,0x837cffba,0x48d7723f,0x0613a418,
-        0xe2d41c8b,0x23d0f130 } },
-    /* 10 */
-    { { 0xd5be5a2b,0xed93e225,0x5934f3c6,0x6fe79983,0x22626ffc,0x43140926,
-        0x7990216a,0x50bbb4d9 },
-      { 0xe57ec63e,0x378191c6,0x181dcdb2,0x65422c40,0x0236e0f6,0x41a8099b,
-        0x01fe49c3,0x2b100118 } },
-    /* 11 */
-    { { 0x9b391593,0xfc68b5c5,0x598270fc,0xc385f5a2,0xd19adcbb,0x7144f3aa,
-        0x83fbae0c,0xdd558999 },
-      { 0x74b82ff4,0x93b88b8e,0x71e734c9,0xd2e03c40,0x43c0322a,0x9a7a9eaf,
-        0x149d6041,0xe6e4c551 } },
-    /* 12 */
-    { { 0x80ec21fe,0x5fe14bfe,0xc255be82,0xf6ce116a,0x2f4a5d67,0x98bc5a07,
-        0xdb7e63af,0xfad27148 },
-      { 0x29ab05b3,0x90c0b6ac,0x4e251ae6,0x37a9a83c,0xc2aade7d,0x0a7dc875,
-        0x9f0e1a84,0x77387de3 } },
-    /* 13 */
-    { { 0xa56c0dd7,0x1e9ecc49,0x46086c74,0xa5cffcd8,0xf505aece,0x8f7a1408,
-        0xbef0c47e,0xb37b85c0 },
-      { 0xcc0e6a8f,0x3596b6e4,0x6b388f23,0xfd6d4bbf,0xc39cef4e,0xaba453fa,
-        0xf9f628d5,0x9c135ac8 } },
-    /* 14 */
-    { { 0x95c8f8be,0x0a1c7294,0x3bf362bf,0x2961c480,0xdf63d4ac,0x9e418403,
-        0x91ece900,0xc109f9cb },
-      { 0x58945705,0xc2d095d0,0xddeb85c0,0xb9083d96,0x7a40449b,0x84692b8d,
-        0x2eee1ee1,0x9bc3344f } },
-    /* 15 */
-    { { 0x42913074,0x0d5ae356,0x48a542b1,0x55491b27,0xb310732a,0x469ca665,
-        0x5f1a4cc1,0x29591d52 },
-      { 0xb84f983f,0xe76f5b6b,0x9f5f84e1,0xbe7eef41,0x80baa189,0x1200d496,
-        0x18ef332c,0x6376551f } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_8(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 32 between points.
- */
-static const sp_table_entry_256 p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x79e730d4,0x5fedb601,0x75ba95fc,0x77622510,0x79fb732b,
-        0xa53755c6,0x18905f76 },
-      { 0xce95560a,0xddf25357,0xba19e45c,0x8b4ab8e4,0xdd21f325,0xd2e88688,
-        0x25885d85,0x8571ff18 } },
-    /* 2 */
-    { { 0x4147519a,0x20288602,0x26b372f0,0xd0981eac,0xa785ebc8,0xa9d4a7ca,
-        0xdbdf58e9,0xd953c50d },
-      { 0xfd590f8f,0x9d6361cc,0x44e6c917,0x72e9626b,0x22eb64cf,0x7fd96110,
-        0x9eb288f3,0x863ebb7e } },
-    /* 3 */
-    { { 0x5cdb6485,0x7856b623,0x2f0a2f97,0x808f0ea2,0x4f7e300b,0x3e68d954,
-        0xb5ff80a0,0x00076055 },
-      { 0x838d2010,0x7634eb9b,0x3243708a,0x54014fbb,0x842a6606,0xe0e47d39,
-        0x34373ee0,0x83087761 } },
-    /* 4 */
-    { { 0x16a0d2bb,0x4f922fc5,0x1a623499,0x0d5cc16c,0x57c62c8b,0x9241cf3a,
-        0xfd1b667f,0x2f5e6961 },
-      { 0xf5a01797,0x5c15c70b,0x60956192,0x3d20b44d,0x071fdb52,0x04911b37,
-        0x8d6f0f7b,0xf648f916 } },
-    /* 5 */
-    { { 0xe137bbbc,0x9e566847,0x8a6a0bec,0xe434469e,0x79d73463,0xb1c42761,
-        0x133d0015,0x5abe0285 },
-      { 0xc04c7dab,0x92aa837c,0x43260c07,0x573d9f4c,0x78e6cc37,0x0c931562,
-        0x6b6f7383,0x94bb725b } },
-    /* 6 */
-    { { 0x720f141c,0xbbf9b48f,0x2df5bc74,0x6199b3cd,0x411045c4,0xdc3f6129,
-        0x2f7dc4ef,0xcdd6bbcb },
-      { 0xeaf436fd,0xcca6700b,0xb99326be,0x6f647f6d,0x014f2522,0x0c0fa792,
-        0x4bdae5f6,0xa361bebd } },
-    /* 7 */
-    { { 0x597c13c7,0x28aa2558,0x50b7c3e1,0xc38d635f,0xf3c09d1d,0x07039aec,
-        0xc4b5292c,0xba12ca09 },
-      { 0x59f91dfd,0x9e408fa4,0xceea07fb,0x3af43b66,0x9d780b29,0x1eceb089,
-        0x701fef4b,0x53ebb99d } },
-    /* 8 */
-    { { 0xb0e63d34,0x4fe7ee31,0xa9e54fab,0xf4600572,0xd5e7b5a4,0xc0493334,
-        0x06d54831,0x8589fb92 },
-      { 0x6583553a,0xaa70f5cc,0xe25649e5,0x0879094a,0x10044652,0xcc904507,
-        0x02541c4f,0xebb0696d } },
-    /* 9 */
-    { { 0xac1647c5,0x4616ca15,0xc4cf5799,0xb8127d47,0x764dfbac,0xdc666aa3,
-        0xd1b27da3,0xeb2820cb },
-      { 0x6a87e008,0x9406f8d8,0x922378f3,0xd87dfa9d,0x80ccecb2,0x56ed2e42,
-        0x55a7da1d,0x1f28289b } },
-    /* 10 */
-    { { 0x3b89da99,0xabbaa0c0,0xb8284022,0xa6f2d79e,0xb81c05e8,0x27847862,
-        0x05e54d63,0x337a4b59 },
-      { 0x21f7794a,0x3c67500d,0x7d6d7f61,0x207005b7,0x04cfd6e8,0x0a5a3781,
-        0xf4c2fbd6,0x0d65e0d5 } },
-    /* 11 */
-    { { 0xb5275d38,0xd9d09bbe,0x0be0a358,0x4268a745,0x973eb265,0xf0762ff4,
-        0x52f4a232,0xc23da242 },
-      { 0x0b94520c,0x5da1b84f,0xb05bd78e,0x09666763,0x94d29ea1,0x3a4dcb86,
-        0xc790cff1,0x19de3b8c } },
-    /* 12 */
-    { { 0x26c5fe04,0x183a716c,0x3bba1bdb,0x3b28de0b,0xa4cb712c,0x7432c586,
-        0x91fccbfd,0xe34dcbd4 },
-      { 0xaaa58403,0xb408d46b,0x82e97a53,0x9a697486,0x36aaa8af,0x9e390127,
-        0x7b4e0f7f,0xe7641f44 } },
-    /* 13 */
-    { { 0xdf64ba59,0x7d753941,0x0b0242fc,0xd33f10ec,0xa1581859,0x4f06dfc6,
-        0x052a57bf,0x4a12df57 },
-      { 0x9439dbd0,0xbfa6338f,0xbde53e1f,0xd3c24bd4,0x21f1b314,0xfd5e4ffa,
-        0xbb5bea46,0x6af5aa93 } },
-    /* 14 */
-    { { 0x10c91999,0xda10b699,0x2a580491,0x0a24b440,0xb8cc2090,0x3e0094b4,
-        0x66a44013,0x5fe3475a },
-      { 0xf93e7b4b,0xb0f8cabd,0x7c23f91a,0x292b501a,0xcd1e6263,0x42e889ae,
-        0xecfea916,0xb544e308 } },
-    /* 15 */
-    { { 0x16ddfdce,0x6478c6e9,0xf89179e6,0x2c329166,0x4d4e67e1,0x4e8d6e76,
-        0xa6b0c20b,0xe0b6b2bd },
-      { 0xbb7efb57,0x0d312df2,0x790c4007,0x1aac0dde,0x679bc944,0xf90336ad,
-        0x25a63774,0x71c023de } },
-    /* 16 */
-    { { 0xbfe20925,0x62a8c244,0x8fdce867,0x91c19ac3,0xdd387063,0x5a96a5d5,
-        0x21d324f6,0x61d587d4 },
-      { 0xa37173ea,0xe87673a2,0x53778b65,0x23848008,0x05bab43e,0x10f8441e,
-        0x4621efbe,0xfa11fe12 } },
-    /* 17 */
-    { { 0x2cb19ffd,0x1c891f2b,0xb1923c23,0x01ba8d5b,0x8ac5ca8e,0xb6d03d67,
-        0x1f13bedc,0x586eb04c },
-      { 0x27e8ed09,0x0c35c6e5,0x1819ede2,0x1e81a33c,0x56c652fa,0x278fd6c0,
-        0x70864f11,0x19d5ac08 } },
-    /* 18 */
-    { { 0x309a4e1f,0x1e99f581,0xe9270074,0xab7de71b,0xefd28d20,0x26a5ef0b,
-        0x7f9c563f,0xe7c0073f },
-      { 0x0ef59f76,0x1f6d663a,0x20fcb050,0x669b3b54,0x7a6602d4,0xc08c1f7a,
-        0xc65b3c0a,0xe08504fe } },
-    /* 19 */
-    { { 0xa031b3ca,0xf098f68d,0xe6da6d66,0x6d1cab9e,0x94f246e8,0x5bfd81fa,
-        0x5b0996b4,0x78f01882 },
-      { 0x3a25787f,0xb7eefde4,0x1dccac9b,0x8016f80d,0xb35bfc36,0x0cea4877,
-        0x7e94747a,0x43a773b8 } },
-    /* 20 */
-    { { 0xd2b533d5,0x62577734,0xa1bdddc0,0x673b8af6,0xa79ec293,0x577e7c9a,
-        0xc3b266b1,0xbb6de651 },
-      { 0xb65259b3,0xe7e9303a,0xd03a7480,0xd6a0afd3,0x9b3cfc27,0xc5ac83d1,
-        0x5d18b99b,0x60b4619a } },
-    /* 21 */
-    { { 0x1ae5aa1c,0xbd6a38e1,0x49e73658,0xb8b7652b,0xee5f87ed,0x0b130014,
-        0xaeebffcd,0x9d0f27b2 },
-      { 0x7a730a55,0xca924631,0xddbbc83a,0x9c955b2f,0xac019a71,0x07c1dfe0,
-        0x356ec48d,0x244a566d } },
-    /* 22 */
-    { { 0xeacf1f96,0x6db0394a,0x024c271c,0x9f2122a9,0x82cbd3b9,0x2626ac1b,
-        0x3581ef69,0x45e58c87 },
-      { 0xa38f9dbc,0xd3ff479d,0xe888a040,0xa8aaf146,0x46e0bed7,0x945adfb2,
-        0xc1e4b7a4,0xc040e21c } },
-    /* 23 */
-    { { 0x6f8117b6,0x847af000,0x73a35433,0x651969ff,0x1d9475eb,0x482b3576,
-        0x682c6ec7,0x1cdf5c97 },
-      { 0x11f04839,0x7db775b4,0x48de1698,0x7dbeacf4,0xb70b3219,0xb2921dd1,
-        0xa92dff3d,0x046755f8 } },
-    /* 24 */
-    { { 0xbce8ffcd,0xcc8ac5d2,0x2fe61a82,0x0d53c48b,0x7202d6c7,0xf6f16172,
-        0x3b83a5f3,0x046e5e11 },
-      { 0xd8007f01,0xe7b8ff64,0x5af43183,0x7fb1ef12,0x35e1a03c,0x045c5ea6,
-        0x303d005b,0x6e0106c3 } },
-    /* 25 */
-    { { 0x88dd73b1,0x48c73584,0x995ed0d9,0x7670708f,0xc56a2ab7,0x38385ea8,
-        0xe901cf1f,0x442594ed },
-      { 0x12d4b65b,0xf8faa2c9,0x96c90c37,0x94c2343b,0x5e978d1f,0xd326e4a1,
-        0x4c2ee68e,0xa796fa51 } },
-    /* 26 */
-    { { 0x823addd7,0x359fb604,0xe56693b3,0x9e2a6183,0x3cbf3c80,0xf885b78e,
-        0xc69766e9,0xe4ad2da9 },
-      { 0x8e048a61,0x357f7f42,0xc092d9a0,0x082d198c,0xc03ed8ef,0xfc3a1af4,
-        0xc37b5143,0xc5e94046 } },
-    /* 27 */
-    { { 0x2be75f9e,0x476a538c,0xcb123a78,0x6fd1a9e8,0xb109c04b,0xd85e4df0,
-        0xdb464747,0x63283daf },
-      { 0xbaf2df15,0xce728cf7,0x0ad9a7f4,0xe592c455,0xe834bcc3,0xfab226ad,
-        0x1981a938,0x68bd19ab } },
-    /* 28 */
-    { { 0x1887d659,0xc08ead51,0xb359305a,0x3374d5f4,0xcfe74fe3,0x96986981,
-        0x3c6fdfd6,0x495292f5 },
-      { 0x1acec896,0x4a878c9e,0xec5b4484,0xd964b210,0x664d60a7,0x6696f7e2,
-        0x26036837,0x0ec7530d } },
-    /* 29 */
-    { { 0xad2687bb,0x2da13a05,0xf32e21fa,0xa1f83b6a,0x1dd4607b,0x390f5ef5,
-        0x64863f0b,0x0f6207a6 },
-      { 0x0f138233,0xbd67e3bb,0x272aa718,0xdd66b96c,0x26ec88ae,0x8ed00407,
-        0x08ed6dcf,0xff0db072 } },
-    /* 30 */
-    { { 0x4c95d553,0x749fa101,0x5d680a8a,0xa44052fd,0xff3b566f,0x183b4317,
-        0x88740ea3,0x313b513c },
-      { 0x08d11549,0xb402e2ac,0xb4dee21c,0x071ee10b,0x47f2320e,0x26b987dd,
-        0x86f19f81,0x2d3abcf9 } },
-    /* 31 */
-    { { 0x815581a2,0x4c288501,0x632211af,0x9a0a6d56,0x0cab2e99,0x19ba7a0f,
-        0xded98cdf,0xc036fa10 },
-      { 0xc1fbd009,0x29ae08ba,0x06d15816,0x0b68b190,0x9b9e0d8f,0xc2eb3277,
-        0xb6d40194,0xa6b2a2c4 } },
-    /* 32 */
-    { { 0x6d3549cf,0xd433e50f,0xfacd665e,0x6f33696f,0xce11fcb4,0x695bfdac,
-        0xaf7c9860,0x810ee252 },
-      { 0x7159bb2c,0x65450fe1,0x758b357b,0xf7dfbebe,0xd69fea72,0x2b057e74,
-        0x92731745,0xd485717a } },
-    /* 33 */
-    { { 0xf0cb5a98,0x11741a8a,0x1f3110bf,0xd3da8f93,0xab382adf,0x1994e2cb,
-        0x2f9a604e,0x6a6045a7 },
-      { 0xa2b2411d,0x170c0d3f,0x510e96e0,0xbe0eb83e,0x8865b3cc,0x3bcc9f73,
-        0xf9e15790,0xd3e45cfa } },
-    /* 34 */
-    { { 0xe83f7669,0xce1f69bb,0x72877d6b,0x09f8ae82,0x3244278d,0x9548ae54,
-        0xe3c2c19c,0x207755de },
-      { 0x6fef1945,0x87bd61d9,0xb12d28c3,0x18813cef,0x72df64aa,0x9fbcd1d6,
-        0x7154b00d,0x48dc5ee5 } },
-    /* 35 */
-    { { 0xf7e5a199,0x123790bf,0x989ccbb7,0xe0efb8cf,0x0a519c79,0xc27a2bfe,
-        0xdff6f445,0xf2fb0aed },
-      { 0xf0b5025f,0x41c09575,0x40fa9f22,0x550543d7,0x380bfbd0,0x8fa3c8ad,
-        0xdb28d525,0xa13e9015 } },
-    /* 36 */
-    { { 0xa2b65cbc,0xf9f7a350,0x2a464226,0x0b04b972,0xe23f07a1,0x265ce241,
-        0x1497526f,0x2bf0d6b0 },
-      { 0x4b216fb7,0xd3d4dd3f,0xfbdda26a,0xf7d7b867,0x6708505c,0xaeb7b83f,
-        0x162fe89f,0x42a94a5a } },
-    /* 37 */
-    { { 0xeaadf191,0x5846ad0b,0x25a268d7,0x0f8a4890,0x494dc1f6,0xe8603050,
-        0xc65ede3d,0x2c2dd969 },
-      { 0x93849c17,0x6d02171d,0x1da250dd,0x460488ba,0x3c3a5485,0x4810c706,
-        0x42c56dbc,0xf437fa1f } },
-    /* 38 */
-    { { 0x4a0f7dab,0x6aa0d714,0x1776e9ac,0x0f049793,0xf5f39786,0x52c0a050,
-        0x54707aa8,0xaaf45b33 },
-      { 0xc18d364a,0x85e37c33,0x3e497165,0xd40b9b06,0x15ec5444,0xf4171681,
-        0xf4f272bc,0xcdf6310d } },
-    /* 39 */
-    { { 0x8ea8b7ef,0x7473c623,0x85bc2287,0x08e93518,0x2bda8e34,0x41956772,
-        0xda9e2ff2,0xf0d008ba },
-      { 0x2414d3b1,0x2912671d,0xb019ea76,0xb3754985,0x453bcbdb,0x5c61b96d,
-        0xca887b8b,0x5bd5c2f5 } },
-    /* 40 */
-    { { 0xf49a3154,0xef0f469e,0x6e2b2e9a,0x3e85a595,0xaa924a9c,0x45aaec1e,
-        0xa09e4719,0xaa12dfc8 },
-      { 0x4df69f1d,0x26f27227,0xa2ff5e73,0xe0e4c82c,0xb7a9dd44,0xb9d8ce73,
-        0xe48ca901,0x6c036e73 } },
-    /* 41 */
-    { { 0x0f6e3138,0x5cfae12a,0x25ad345a,0x6966ef00,0x45672bc5,0x8993c64b,
-        0x96afbe24,0x292ff658 },
-      { 0x5e213402,0xd5250d44,0x4392c9fe,0xf6580e27,0xda1c72e8,0x097b397f,
-        0x311b7276,0x644e0c90 } },
-    /* 42 */
-    { { 0xa47153f0,0xe1e421e1,0x920418c9,0xb86c3b79,0x705d7672,0x93bdce87,
-        0xcab79a77,0xf25ae793 },
-      { 0x6d869d0c,0x1f3194a3,0x4986c264,0x9d55c882,0x096e945e,0x49fb5ea3,
-        0x13db0a3e,0x39b8e653 } },
-    /* 43 */
-    { { 0xb6fd2e59,0x37754200,0x9255c98f,0x35e2c066,0x0e2a5739,0xd9dab21a,
-        0x0f19db06,0x39122f2f },
-      { 0x03cad53c,0xcfbce1e0,0xe65c17e3,0x225b2c0f,0x9aa13877,0x72baf1d2,
-        0xce80ff8d,0x8de80af8 } },
-    /* 44 */
-    { { 0x207bbb76,0xafbea8d9,0x21782758,0x921c7e7c,0x1c0436b1,0xdfa2b74b,
-        0x2e368c04,0x87194906 },
-      { 0xa3993df5,0xb5f928bb,0xf3b3d26a,0x639d75b5,0x85b55050,0x011aa78a,
-        0x5b74fde1,0xfc315e6a } },
-    /* 45 */
-    { { 0xe8d6ecfa,0x561fd41a,0x1aec7f86,0x5f8c44f6,0x4924741d,0x98452a7b,
-        0xee389088,0xe6d4a7ad },
-      { 0x4593c75d,0x60552ed1,0xdd271162,0x70a70da4,0x7ba2c7db,0xd2aede93,
-        0x9be2ae57,0x35dfaf9a } },
-    /* 46 */
-    { { 0xaa736636,0x6b956fcd,0xae2cab7e,0x09f51d97,0x0f349966,0xfb10bf41,
-        0x1c830d2b,0x1da5c7d7 },
-      { 0x3cce6825,0x5c41e483,0xf9573c3b,0x15ad118f,0xf23036b8,0xa28552c7,
-        0xdbf4b9d6,0x7077c0fd } },
-    /* 47 */
-    { { 0x46b9661c,0xbf63ff8d,0x0d2cfd71,0xa1dfd36b,0xa847f8f7,0x0373e140,
-        0xe50efe44,0x53a8632e },
-      { 0x696d8051,0x0976ff68,0xc74f468a,0xdaec0c95,0x5e4e26bd,0x62994dc3,
-        0x34e1fcc1,0x028ca76d } },
-    /* 48 */
-    { { 0xfc9877ee,0xd11d47dc,0x801d0002,0xc8b36210,0x54c260b6,0xd002c117,
-        0x6962f046,0x04c17cd8 },
-      { 0xb0daddf5,0x6d9bd094,0x24ce55c0,0xbea23575,0x72da03b5,0x663356e6,
-        0xfed97474,0xf7ba4de9 } },
-    /* 49 */
-    { { 0xebe1263f,0xd0dbfa34,0x71ae7ce6,0x55763735,0x82a6f523,0xd2440553,
-        0x52131c41,0xe31f9600 },
-      { 0xea6b6ec6,0xd1bb9216,0x73c2fc44,0x37a1d12e,0x89d0a294,0xc10e7eac,
-        0xce34d47b,0xaa3a6259 } },
-    /* 50 */
-    { { 0x36f3dcd3,0xfbcf9df5,0xd2bf7360,0x6ceded50,0xdf504f5b,0x491710fa,
-        0x7e79daee,0x2398dd62 },
-      { 0x6d09569e,0xcf4705a3,0x5149f769,0xea0619bb,0x35f6034c,0xff9c0377,
-        0x1c046210,0x5717f5b2 } },
-    /* 51 */
-    { { 0x21dd895e,0x9fe229c9,0x40c28451,0x8e518500,0x1d637ecd,0xfa13d239,
-        0x0e3c28de,0x660a2c56 },
-      { 0xd67fcbd0,0x9cca88ae,0x0ea9f096,0xc8472478,0x72e92b4d,0x32b2f481,
-        0x4f522453,0x624ee54c } },
-    /* 52 */
-    { { 0xd897eccc,0x09549ce4,0x3f9880aa,0x4d49d1d9,0x043a7c20,0x723c2423,
-        0x92bdfbc0,0x4f392afb },
-      { 0x7de44fd9,0x6969f8fa,0x57b32156,0xb66cfbe4,0x368ebc3c,0xdb2fa803,
-        0xccdb399c,0x8a3e7977 } },
-    /* 53 */
-    { { 0x06c4b125,0xdde1881f,0xf6e3ca8c,0xae34e300,0x5c7a13e9,0xef6999de,
-        0x70c24404,0x3888d023 },
-      { 0x44f91081,0x76280356,0x5f015504,0x3d9fcf61,0x632cd36e,0x1827edc8,
-        0x18102336,0xa5e62e47 } },
-    /* 54 */
-    { { 0x2facd6c8,0x1a825ee3,0x54bcbc66,0x699c6354,0x98df9931,0x0ce3edf7,
-        0x466a5adc,0x2c4768e6 },
-      { 0x90a64bc9,0xb346ff8c,0xe4779f5c,0x630a6020,0xbc05e884,0xd949d064,
-        0xf9e652a0,0x7b5e6441 } },
-    /* 55 */
-    { { 0x1d28444a,0x2169422c,0xbe136a39,0xe996c5d8,0xfb0c7fce,0x2387afe5,
-        0x0c8d744a,0xb8af73cb },
-      { 0x338b86fd,0x5fde83aa,0xa58a5cff,0xfee3f158,0x20ac9433,0xc9ee8f6f,
-        0x7f3f0895,0xa036395f } },
-    /* 56 */
-    { { 0xa10f7770,0x8c73c6bb,0xa12a0e24,0xa6f16d81,0x51bc2b9f,0x100df682,
-        0x875fb533,0x4be36b01 },
-      { 0x9fb56dbb,0x9226086e,0x07e7a4f8,0x306fef8b,0x66d52f20,0xeeaccc05,
-        0x1bdc00c0,0x8cbc9a87 } },
-    /* 57 */
-    { { 0xc0dac4ab,0xe131895c,0x712ff112,0xa874a440,0x6a1cee57,0x6332ae7c,
-        0x0c0835f8,0x44e7553e },
-      { 0x7734002d,0x6d503fff,0x0b34425c,0x9d35cb8b,0x0e8738b5,0x95f70276,
-        0x5eb8fc18,0x470a683a } },
-    /* 58 */
-    { { 0x90513482,0x81b761dc,0x01e9276a,0x0287202a,0x0ce73083,0xcda441ee,
-        0xc63dc6ef,0x16410690 },
-      { 0x6d06a2ed,0xf5034a06,0x189b100b,0xdd4d7745,0xab8218c9,0xd914ae72,
-        0x7abcbb4f,0xd73479fd } },
-    /* 59 */
-    { { 0x5ad4c6e5,0x7edefb16,0x5b06d04d,0x262cf08f,0x8575cb14,0x12ed5bb1,
-        0x0771666b,0x816469e3 },
-      { 0x561e291e,0xd7ab9d79,0xc1de1661,0xeb9daf22,0x135e0513,0xf49827eb,
-        0xf0dd3f9c,0x0a36dd23 } },
-    /* 60 */
-    { { 0x41d5533c,0x098d32c7,0x8684628f,0x7c5f5a9e,0xe349bd11,0x39a228ad,
-        0xfdbab118,0xe331dfd6 },
-      { 0x6bcc6ed8,0x5100ab68,0xef7a260e,0x7160c3bd,0xbce850d7,0x9063d9a7,
-        0x492e3389,0xd3b4782a } },
-    /* 61 */
-    { { 0xf3821f90,0xa149b6e8,0x66eb7aad,0x92edd9ed,0x1a013116,0x0bb66953,
-        0x4c86a5bd,0x7281275a },
-      { 0xd3ff47e5,0x503858f7,0x61016441,0x5e1616bc,0x7dfd9bb1,0x62b0f11a,
-        0xce145059,0x2c062e7e } },
-    /* 62 */
-    { { 0x0159ac2e,0xa76f996f,0xcbdb2713,0x281e7736,0x08e46047,0x2ad6d288,
-        0x2c4e7ef1,0x282a35f9 },
-      { 0xc0ce5cd2,0x9c354b1e,0x1379c229,0xcf99efc9,0x3e82c11e,0x992caf38,
-        0x554d2abd,0xc71cd513 } },
-    /* 63 */
-    { { 0x09b578f4,0x4885de9c,0xe3affa7a,0x1884e258,0x59182f1f,0x8f76b1b7,
-        0xcf47f3a3,0xc50f6740 },
-      { 0x374b68ea,0xa9c4adf3,0x69965fe2,0xa406f323,0x85a53050,0x2f86a222,
-        0x212958dc,0xb9ecb3a7 } },
-    /* 64 */
-    { { 0xf4f8b16a,0x56f8410e,0xc47b266a,0x97241afe,0x6d9c87c1,0x0a406b8e,
-        0xcd42ab1b,0x803f3e02 },
-      { 0x04dbec69,0x7f0309a8,0x3bbad05f,0xa83b85f7,0xad8e197f,0xc6097273,
-        0x5067adc1,0xc097440e } },
-    /* 65 */
-    { { 0xc379ab34,0x846a56f2,0x841df8d1,0xa8ee068b,0x176c68ef,0x20314459,
-        0x915f1f30,0xf1af32d5 },
-      { 0x5d75bd50,0x99c37531,0xf72f67bc,0x837cffba,0x48d7723f,0x0613a418,
-        0xe2d41c8b,0x23d0f130 } },
-    /* 66 */
-    { { 0xf41500d9,0x857ab6ed,0xfcbeada8,0x0d890ae5,0x89725951,0x52fe8648,
-        0xc0a3fadd,0xb0288dd6 },
-      { 0x650bcb08,0x85320f30,0x695d6e16,0x71af6313,0xb989aa76,0x31f520a7,
-        0xf408c8d2,0xffd3724f } },
-    /* 67 */
-    { { 0xb458e6cb,0x53968e64,0x317a5d28,0x992dad20,0x7aa75f56,0x3814ae0b,
-        0xd78c26df,0xf5590f4a },
-      { 0xcf0ba55a,0x0fc24bd3,0x0c778bae,0x0fc4724a,0x683b674a,0x1ce9864f,
-        0xf6f74a20,0x18d6da54 } },
-    /* 68 */
-    { { 0xd5be5a2b,0xed93e225,0x5934f3c6,0x6fe79983,0x22626ffc,0x43140926,
-        0x7990216a,0x50bbb4d9 },
-      { 0xe57ec63e,0x378191c6,0x181dcdb2,0x65422c40,0x0236e0f6,0x41a8099b,
-        0x01fe49c3,0x2b100118 } },
-    /* 69 */
-    { { 0x9b391593,0xfc68b5c5,0x598270fc,0xc385f5a2,0xd19adcbb,0x7144f3aa,
-        0x83fbae0c,0xdd558999 },
-      { 0x74b82ff4,0x93b88b8e,0x71e734c9,0xd2e03c40,0x43c0322a,0x9a7a9eaf,
-        0x149d6041,0xe6e4c551 } },
-    /* 70 */
-    { { 0x1e9af288,0x55f655bb,0xf7ada931,0x647e1a64,0xcb2820e5,0x43697e4b,
-        0x07ed56ff,0x51e00db1 },
-      { 0x771c327e,0x43d169b8,0x4a96c2ad,0x29cdb20b,0x3deb4779,0xc07d51f5,
-        0x49829177,0xe22f4241 } },
-    /* 71 */
-    { { 0x635f1abb,0xcd45e8f4,0x68538874,0x7edc0cb5,0xb5a8034d,0xc9472c1f,
-        0x52dc48c9,0xf709373d },
-      { 0xa8af30d6,0x401966bb,0xf137b69c,0x95bf5f4a,0x9361c47e,0x3966162a,
-        0xe7275b11,0xbd52d288 } },
-    /* 72 */
-    { { 0x9c5fa877,0xab155c7a,0x7d3a3d48,0x17dad672,0x73d189d8,0x43f43f9e,
-        0xc8aa77a6,0xa0d0f8e4 },
-      { 0xcc94f92d,0x0bbeafd8,0x0c4ddb3a,0xd818c8be,0xb82eba14,0x22cc65f8,
-        0x946d6a00,0xa56c78c7 } },
-    /* 73 */
-    { { 0x0dd09529,0x2962391b,0x3daddfcf,0x803e0ea6,0x5b5bf481,0x2c77351f,
-        0x731a367a,0xd8befdf8 },
-      { 0xfc0157f4,0xab919d42,0xfec8e650,0xf51caed7,0x02d48b0a,0xcdf9cb40,
-        0xce9f6478,0x854a68a5 } },
-    /* 74 */
-    { { 0x63506ea5,0xdc35f67b,0xa4fe0d66,0x9286c489,0xfe95cd4d,0x3f101d3b,
-        0x98846a95,0x5cacea0b },
-      { 0x9ceac44d,0xa90df60c,0x354d1c3a,0x3db29af4,0xad5dbabe,0x08dd3de8,
-        0x35e4efa9,0xe4982d12 } },
-    /* 75 */
-    { { 0xc34cd55e,0x23104a22,0x2680d132,0x58695bb3,0x1fa1d943,0xfb345afa,
-        0x16b20499,0x8046b7f6 },
-      { 0x38e7d098,0xb533581e,0xf46f0b70,0xd7f61e8d,0x44cb78c4,0x30dea9ea,
-        0x9082af55,0xeb17ca7b } },
-    /* 76 */
-    { { 0x76a145b9,0x1751b598,0xc1bc71ec,0xa5cf6b0f,0x392715bb,0xd3e03565,
-        0xfab5e131,0x097b00ba },
-      { 0x565f69e1,0xaa66c8e9,0xb5be5199,0x77e8f75a,0xda4fd984,0x6033ba11,
-        0xafdbcc9e,0xf95c747b } },
-    /* 77 */
-    { { 0xbebae45e,0x558f01d3,0xc4bc6955,0xa8ebe9f0,0xdbc64fc6,0xaeb705b1,
-        0x566ed837,0x3512601e },
-      { 0xfa1161cd,0x9336f1e1,0x4c65ef87,0x328ab8d5,0x724f21e5,0x4757eee2,
-        0x6068ab6b,0x0ef97123 } },
-    /* 78 */
-    { { 0x54ca4226,0x02598cf7,0xf8642c8e,0x5eede138,0x468e1790,0x48963f74,
-        0x3b4fbc95,0xfc16d933 },
-      { 0xe7c800ca,0xbe96fb31,0x2678adaa,0x13806331,0x6ff3e8b5,0x3d624497,
-        0xb95d7a17,0x14ca4af1 } },
-    /* 79 */
-    { { 0xbd2f81d5,0x7a4771ba,0x01f7d196,0x1a5f9d69,0xcad9c907,0xd898bef7,
-        0xf59c231d,0x4057b063 },
-      { 0x89c05c0a,0xbffd82fe,0x1dc0df85,0xe4911c6f,0xa35a16db,0x3befccae,
-        0xf1330b13,0x1c3b5d64 } },
-    /* 80 */
-    { { 0x80ec21fe,0x5fe14bfe,0xc255be82,0xf6ce116a,0x2f4a5d67,0x98bc5a07,
-        0xdb7e63af,0xfad27148 },
-      { 0x29ab05b3,0x90c0b6ac,0x4e251ae6,0x37a9a83c,0xc2aade7d,0x0a7dc875,
-        0x9f0e1a84,0x77387de3 } },
-    /* 81 */
-    { { 0xa56c0dd7,0x1e9ecc49,0x46086c74,0xa5cffcd8,0xf505aece,0x8f7a1408,
-        0xbef0c47e,0xb37b85c0 },
-      { 0xcc0e6a8f,0x3596b6e4,0x6b388f23,0xfd6d4bbf,0xc39cef4e,0xaba453fa,
-        0xf9f628d5,0x9c135ac8 } },
-    /* 82 */
-    { { 0x84e35743,0x32aa3202,0x85a3cdef,0x320d6ab1,0x1df19819,0xb821b176,
-        0xc433851f,0x5721361f },
-      { 0x71fc9168,0x1f0db36a,0x5e5c403c,0x5f98ba73,0x37bcd8f5,0xf64ca87e,
-        0xe6bb11bd,0xdcbac3c9 } },
-    /* 83 */
-    { { 0x4518cbe2,0xf01d9968,0x9c9eb04e,0xd242fc18,0xe47feebf,0x727663c7,
-        0x2d626862,0xb8c1c89e },
-      { 0xc8e1d569,0x51a58bdd,0xb7d88cd0,0x563809c8,0xf11f31eb,0x26c27fd9,
-        0x2f9422d4,0x5d23bbda } },
-    /* 84 */
-    { { 0x95c8f8be,0x0a1c7294,0x3bf362bf,0x2961c480,0xdf63d4ac,0x9e418403,
-        0x91ece900,0xc109f9cb },
-      { 0x58945705,0xc2d095d0,0xddeb85c0,0xb9083d96,0x7a40449b,0x84692b8d,
-        0x2eee1ee1,0x9bc3344f } },
-    /* 85 */
-    { { 0x42913074,0x0d5ae356,0x48a542b1,0x55491b27,0xb310732a,0x469ca665,
-        0x5f1a4cc1,0x29591d52 },
-      { 0xb84f983f,0xe76f5b6b,0x9f5f84e1,0xbe7eef41,0x80baa189,0x1200d496,
-        0x18ef332c,0x6376551f } },
-    /* 86 */
-    { { 0x562976cc,0xbda5f14e,0x0ef12c38,0x22bca3e6,0x6cca9852,0xbbfa3064,
-        0x08e2987a,0xbdb79dc8 },
-      { 0xcb06a772,0xfd2cb5c9,0xfe536dce,0x38f475aa,0x7c2b5db8,0xc2a3e022,
-        0xadd3c14a,0x8ee86001 } },
-    /* 87 */
-    { { 0xa4ade873,0xcbe96981,0xc4fba48c,0x7ee9aa4d,0x5a054ba5,0x2cee2899,
-        0x6f77aa4b,0x92e51d7a },
-      { 0x7190a34d,0x948bafa8,0xf6bd1ed1,0xd698f75b,0x0caf1144,0xd00ee6e3,
-        0x0a56aaaa,0x5182f86f } },
-    /* 88 */
-    { { 0x7a4cc99c,0xfba6212c,0x3e6d9ca1,0xff609b68,0x5ac98c5a,0x5dbb27cb,
-        0x4073a6f2,0x91dcab5d },
-      { 0x5f575a70,0x01b6cc3d,0x6f8d87fa,0x0cb36139,0x89981736,0x165d4e8c,
-        0x97974f2b,0x17a0cedb } },
-    /* 89 */
-    { { 0x076c8d3a,0x38861e2a,0x210f924b,0x701aad39,0x13a835d9,0x94d0eae4,
-        0x7f4cdf41,0x2e8ce36c },
-      { 0x037a862b,0x91273dab,0x60e4c8fa,0x01ba9bb7,0x33baf2dd,0xf9645388,
-        0x34f668f3,0xf4ccc6cb } },
-    /* 90 */
-    { { 0xf1f79687,0x44ef525c,0x92efa815,0x7c595495,0xa5c78d29,0xe1231741,
-        0x9a0df3c9,0xac0db488 },
-      { 0xdf01747f,0x86bfc711,0xef17df13,0x592b9358,0x5ccb6bb5,0xe5880e4f,
-        0x94c974a2,0x95a64a61 } },
-    /* 91 */
-    { { 0xc15a4c93,0x72c1efda,0x82585141,0x40269b73,0x16cb0bad,0x6a8dfb1c,
-        0x29210677,0x231e54ba },
-      { 0x8ae6d2dc,0xa70df917,0x39112918,0x4d6aa63f,0x5e5b7223,0xf627726b,
-        0xd8a731e1,0xab0be032 } },
-    /* 92 */
-    { { 0x8d131f2d,0x097ad0e9,0x3b04f101,0x637f09e3,0xd5e9a748,0x1ac86196,
-        0x2cf6a679,0xf1bcc880 },
-      { 0xe8daacb4,0x25c69140,0x60f65009,0x3c4e4055,0x477937a6,0x591cc8fc,
-        0x5aebb271,0x85169469 } },
-    /* 93 */
-    { { 0xf1dcf593,0xde35c143,0xb018be3b,0x78202b29,0x9bdd9d3d,0xe9cdadc2,
-        0xdaad55d8,0x8f67d9d2 },
-      { 0x7481ea5f,0x84111656,0xe34c590c,0xe7d2dde9,0x05053fa8,0xffdd43f4,
-        0xc0728b5d,0xf84572b9 } },
-    /* 94 */
-    { { 0x97af71c9,0x5e1a7a71,0x7a736565,0xa1449444,0x0e1d5063,0xa1b4ae07,
-        0x616b2c19,0xedee2710 },
-      { 0x11734121,0xb2f034f5,0x4a25e9f0,0x1cac6e55,0xa40c2ecf,0x8dc148f3,
-        0x44ebd7f4,0x9fd27e9b } },
-    /* 95 */
-    { { 0xf6e2cb16,0x3cc7658a,0xfe5919b6,0xe3eb7d2c,0x168d5583,0x5a8c5816,
-        0x958ff387,0xa40c2fb6 },
-      { 0xfedcc158,0x8c9ec560,0x55f23056,0x7ad804c6,0x9a307e12,0xd9396704,
-        0x7dc6decf,0x99bc9bb8 } },
-    /* 96 */
-    { { 0x927dafc6,0x84a9521d,0x5c09cd19,0x52c1fb69,0xf9366dde,0x9d9581a0,
-        0xa16d7e64,0x9abe210b },
-      { 0x48915220,0x480af84a,0x4dd816c6,0xfa73176a,0x1681ca5a,0xc7d53987,
-        0x87f344b0,0x7881c257 } },
-    /* 97 */
-    { { 0xe0bcf3ff,0x93399b51,0x127f74f6,0x0d02cbc5,0xdd01d968,0x8fb465a2,
-        0xa30e8940,0x15e6e319 },
-      { 0x3e0e05f4,0x646d6e0d,0x43588404,0xfad7bddc,0xc4f850d3,0xbe61c7d1,
-        0x191172ce,0x0e55facf } },
-    /* 98 */
-    { { 0xf8787564,0x7e9d9806,0x31e85ce6,0x1a331721,0xb819e8d6,0x6b0158ca,
-        0x6fe96577,0xd73d0976 },
-      { 0x1eb7206e,0x42483425,0xc618bb42,0xa519290f,0x5e30a520,0x5dcbb859,
-        0x8f15a50b,0x9250a374 } },
-    /* 99 */
-    { { 0xbe577410,0xcaff08f8,0x5077a8c6,0xfd408a03,0xec0a63a4,0xf1f63289,
-        0xc1cc8c0b,0x77414082 },
-      { 0xeb0991cd,0x05a40fa6,0x49fdc296,0xc1ca0866,0xb324fd40,0x3a68a3c7,
-        0x12eb20b9,0x8cb04f4d } },
-    /* 100 */
-    { { 0x6906171c,0xb1c2d055,0xb0240c3f,0x9073e9cd,0xd8906841,0xdb8e6b4f,
-        0x47123b51,0xe4e429ef },
-      { 0x38ec36f4,0x0b8dd53c,0xff4b6a27,0xf9d2dc01,0x879a9a48,0x5d066e07,
-        0x3c6e6552,0x37bca2ff } },
-    /* 101 */
-    { { 0xdf562470,0x4cd2e3c7,0xc0964ac9,0x44f272a2,0x80c793be,0x7c6d5df9,
-        0x3002b22a,0x59913edc },
-      { 0x5750592a,0x7a139a83,0xe783de02,0x99e01d80,0xea05d64f,0xcf8c0375,
-        0xb013e226,0x43786e4a } },
-    /* 102 */
-    { { 0x9e56b5a6,0xff32b0ed,0xd9fc68f9,0x0750d9a6,0x597846a7,0xec15e845,
-        0xb7e79e7a,0x8638ca98 },
-      { 0x0afc24b2,0x2f5ae096,0x4dace8f2,0x05398eaf,0xaecba78f,0x3b765dd0,
-        0x7b3aa6f0,0x1ecdd36a } },
-    /* 103 */
-    { { 0x6c5ff2f3,0x5d3acd62,0x2873a978,0xa2d516c0,0xd2110d54,0xad94c9fa,
-        0xd459f32d,0xd85d0f85 },
-      { 0x10b11da3,0x9f700b8d,0xa78318c4,0xd2c22c30,0x9208decd,0x556988f4,
-        0xb4ed3c62,0xa04f19c3 } },
-    /* 104 */
-    { { 0xed7f93bd,0x087924c8,0x392f51f6,0xcb64ac5d,0x821b71af,0x7cae330a,
-        0x5c0950b0,0x92b2eeea },
-      { 0x85b6e235,0x85ac4c94,0x2936c0f0,0xab2ca4a9,0xe0508891,0x80faa6b3,
-        0x5834276c,0x1ee78221 } },
-    /* 105 */
-    { { 0xe63e79f7,0xa60a2e00,0xf399d906,0xf590e7b2,0x6607c09d,0x9021054a,
-        0x57a6e150,0xf3f2ced8 },
-      { 0xf10d9b55,0x200510f3,0xd8642648,0x9d2fcfac,0xe8bd0e7c,0xe5631aa7,
-        0x3da3e210,0x0f56a454 } },
-    /* 106 */
-    { { 0x1043e0df,0x5b21bffa,0x9c007e6d,0x6c74b6cc,0xd4a8517a,0x1a656ec0,
-        0x1969e263,0xbd8f1741 },
-      { 0xbeb7494a,0x8a9bbb86,0x45f3b838,0x1567d46f,0xa4e5a79a,0xdf7a12a7,
-        0x30ccfa09,0x2d1a1c35 } },
-    /* 107 */
-    { { 0x506508da,0x192e3813,0xa1d795a7,0x336180c4,0x7a9944b3,0xcddb5949,
-        0xb91fba46,0xa107a65e },
-      { 0x0f94d639,0xe6d1d1c5,0x8a58b7d7,0x8b4af375,0xbd37ca1c,0x1a7c5584,
-        0xf87a9af2,0x183d760a } },
-    /* 108 */
-    { { 0x0dde59a4,0x29d69711,0x0e8bef87,0xf1ad8d07,0x4f2ebe78,0x229b4963,
-        0xc269d754,0x1d44179d },
-      { 0x8390d30e,0xb32dc0cf,0x0de8110c,0x0a3b2753,0x2bc0339a,0x31af1dc5,
-        0x9606d262,0x771f9cc2 } },
-    /* 109 */
-    { { 0x85040739,0x99993e77,0x8026a939,0x44539db9,0xf5f8fc26,0xcf40f6f2,
-        0x0362718e,0x64427a31 },
-      { 0x85428aa8,0x4f4f2d87,0xebfb49a8,0x7b7adc3f,0xf23d01ac,0x201b2c6d,
-        0x6ae90d6d,0x49d9b749 } },
-    /* 110 */
-    { { 0x435d1099,0xcc78d8bc,0x8e8d1a08,0x2adbcd4e,0x2cb68a41,0x02c2e2a0,
-        0x3f605445,0x9037d81b },
-      { 0x074c7b61,0x7cdbac27,0x57bfd72e,0xfe2031ab,0x596d5352,0x61ccec96,
-        0x7cc0639c,0x08c3de6a } },
-    /* 111 */
-    { { 0xf6d552ab,0x20fdd020,0x05cd81f1,0x56baff98,0x91351291,0x06fb7c3e,
-        0x45796b2f,0xc6909442 },
-      { 0x41231bd1,0x17b3ae9c,0x5cc58205,0x1eac6e87,0xf9d6a122,0x208837ab,
-        0xcafe3ac0,0x3fa3db02 } },
-    /* 112 */
-    { { 0x05058880,0xd75a3e65,0x643943f2,0x7da365ef,0xfab24925,0x4147861c,
-        0xfdb808ff,0xc5c4bdb0 },
-      { 0xb272b56b,0x73513e34,0x11b9043a,0xc8327e95,0xf8844969,0xfd8ce37d,
-        0x46c2b6b5,0x2d56db94 } },
-    /* 113 */
-    { { 0xff46ac6b,0x2461782f,0x07a2e425,0xd19f7926,0x09a48de1,0xfafea3c4,
-        0xe503ba42,0x0f56bd9d },
-      { 0x345cda49,0x137d4ed1,0x816f299d,0x821158fc,0xaeb43402,0xe7c6a54a,
-        0x1173b5f1,0x4003bb9d } },
-    /* 114 */
-    { { 0xa0803387,0x3b8e8189,0x39cbd404,0xece115f5,0xd2877f21,0x4297208d,
-        0xa07f2f9e,0x53765522 },
-      { 0xa8a4182d,0xa4980a21,0x3219df79,0xa2bbd07a,0x1a19a2d4,0x674d0a2e,
-        0x6c5d4549,0x7a056f58 } },
-    /* 115 */
-    { { 0x9d8a2a47,0x646b2558,0xc3df2773,0x5b582948,0xabf0d539,0x51ec000e,
-        0x7a1a2675,0x77d482f1 },
-      { 0x87853948,0xb8a1bd95,0x6cfbffee,0xa6f817bd,0x80681e47,0xab6ec057,
-        0x2b38b0e4,0x4115012b } },
-    /* 116 */
-    { { 0x6de28ced,0x3c73f0f4,0x9b13ec47,0x1d5da760,0x6e5c6392,0x61b8ce9e,
-        0xfbea0946,0xcdf04572 },
-      { 0x6c53c3b0,0x1cb3c58b,0x447b843c,0x97fe3c10,0x2cb9780e,0xfb2b8ae1,
-        0x97383109,0xee703dda } },
-    /* 117 */
-    { { 0xff57e43a,0x34515140,0xb1b811b8,0xd44660d3,0x8f42b986,0x2b3b5dff,
-        0xa162ce21,0x2a0ad89d },
-      { 0x6bc277ba,0x64e4a694,0xc141c276,0xc788c954,0xcabf6274,0x141aa64c,
-        0xac2b4659,0xd62d0b67 } },
-    /* 118 */
-    { { 0x2c054ac4,0x39c5d87b,0xf27df788,0x57005859,0xb18128d6,0xedf7cbf3,
-        0x991c2426,0xb39a23f2 },
-      { 0xf0b16ae5,0x95284a15,0xa136f51b,0x0c6a05b1,0xf2700783,0x1d63c137,
-        0xc0674cc5,0x04ed0092 } },
-    /* 119 */
-    { { 0x9ae90393,0x1f4185d1,0x4a3d64e6,0x3047b429,0x9854fc14,0xae0001a6,
-        0x0177c387,0xa0a91fc1 },
-      { 0xae2c831e,0xff0a3f01,0x2b727e16,0xbb76ae82,0x5a3075b4,0x8f12c8a1,
-        0x9ed20c41,0x084cf988 } },
-    /* 120 */
-    { { 0xfca6becf,0xd98509de,0x7dffb328,0x2fceae80,0x4778e8b9,0x5d8a15c4,
-        0x73abf77e,0xd57955b2 },
-      { 0x31b5d4f1,0x210da79e,0x3cfa7a1c,0xaa52f04b,0xdc27c20b,0xd4d12089,
-        0x02d141f1,0x8e14ea42 } },
-    /* 121 */
-    { { 0xf2897042,0xeed50345,0x43402c4a,0x8d05331f,0xc8bdfb21,0xc8d9c194,
-        0x2aa4d158,0x597e1a37 },
-      { 0xcf0bd68c,0x0327ec1a,0xab024945,0x6d4be0dc,0xc9fe3e84,0x5b9c8d7a,
-        0x199b4dea,0xca3f0236 } },
-    /* 122 */
-    { { 0x6170bd20,0x592a10b5,0x6d3f5de7,0x0ea897f1,0x44b2ade2,0xa3363ff1,
-        0x309c07e4,0xbde7fd7e },
-      { 0xb8f5432c,0x516bb6d2,0xe043444b,0x210dc1cb,0xf8f95b5a,0x3db01e6f,
-        0x0a7dd198,0xb623ad0e } },
-    /* 123 */
-    { { 0x60c7b65b,0xa75bd675,0x23a4a289,0xab8c5590,0xd7b26795,0xf8220fd0,
-        0x58ec137b,0xd6aa2e46 },
-      { 0x5138bb85,0x10abc00b,0xd833a95c,0x8c31d121,0x1702a32e,0xb24ff00b,
-        0x2dcc513a,0x111662e0 } },
-    /* 124 */
-    { { 0xefb42b87,0x78114015,0x1b6c4dff,0xbd9f5d70,0xa7d7c129,0x66ecccd7,
-        0x94b750f8,0xdb3ee1cb },
-      { 0xf34837cf,0xb26f3db0,0xb9578d4f,0xe7eed18b,0x7c56657d,0x5d2cdf93,
-        0x52206a59,0x886a6442 } },
-    /* 125 */
-    { { 0x65b569ea,0x3c234cfb,0xf72119c1,0x20011141,0xa15a619e,0x8badc85d,
-        0x018a17bc,0xa70cf4eb },
-      { 0x8c4a6a65,0x224f97ae,0x0134378f,0x36e5cf27,0x4f7e0960,0xbe3a609e,
-        0xd1747b77,0xaa4772ab } },
-    /* 126 */
-    { { 0x7aa60cc0,0x67676131,0x0368115f,0xc7916361,0xbbc1bb5a,0xded98bb4,
-        0x30faf974,0x611a6ddc },
-      { 0xc15ee47a,0x30e78cbc,0x4e0d96a5,0x2e896282,0x3dd9ed88,0x36f35adf,
-        0x16429c88,0x5cfffaf8 } },
-    /* 127 */
-    { { 0x9b7a99cd,0xc0d54cff,0x843c45a1,0x7bf3b99d,0x62c739e1,0x038a908f,
-        0x7dc1994c,0x6e5a6b23 },
-      { 0x0ba5db77,0xef8b454e,0xacf60d63,0xb7b8807f,0x76608378,0xe591c0c6,
-        0x242dabcc,0x481a238d } },
-    /* 128 */
-    { { 0x35d0b34a,0xe3417bc0,0x8327c0a7,0x440b386b,0xac0362d1,0x8fb7262d,
-        0xe0cdf943,0x2c41114c },
-      { 0xad95a0b1,0x2ba5cef1,0x67d54362,0xc09b37a8,0x01e486c9,0x26d6cdd2,
-        0x42ff9297,0x20477abf } },
-    /* 129 */
-    { { 0x18d65dbf,0x2f75173c,0x339edad8,0x77bf940e,0xdcf1001c,0x7022d26b,
-        0xc77396b6,0xac66409a },
-      { 0xc6261cc3,0x8b0bb36f,0x190e7e90,0x213f7bc9,0xa45e6c10,0x6541ceba,
-        0xcc122f85,0xce8e6975 } },
-    /* 130 */
-    { { 0xbc0a67d2,0x0f121b41,0x444d248a,0x62d4760a,0x659b4737,0x0e044f1d,
-        0x250bb4a8,0x08fde365 },
-      { 0x848bf287,0xaceec3da,0xd3369d6e,0xc2a62182,0x92449482,0x3582dfdc,
-        0x565d6cd7,0x2f7e2fd2 } },
-    /* 131 */
-    { { 0xc3770fa7,0xae4b92db,0x379043f9,0x095e8d5c,0x17761171,0x54f34e9d,
-        0x907702ae,0xc65be92e },
-      { 0xf6fd0a40,0x2758a303,0xbcce784b,0xe7d822e3,0x4f9767bf,0x7ae4f585,
-        0xd1193b3a,0x4bff8e47 } },
-    /* 132 */
-    { { 0x00ff1480,0xcd41d21f,0x0754db16,0x2ab8fb7d,0xbbe0f3ea,0xac81d2ef,
-        0x5772967d,0x3e4e4ae6 },
-      { 0x3c5303e6,0x7e18f36d,0x92262397,0x3bd9994b,0x1324c3c0,0x9ed70e26,
-        0x58ec6028,0x5388aefd } },
-    /* 133 */
-    { { 0x5e5d7713,0xad1317eb,0x75de49da,0x09b985ee,0xc74fb261,0x32f5bc4f,
-        0x4f75be0e,0x5cf908d1 },
-      { 0x8e657b12,0x76043510,0xb96ed9e6,0xbfd421a5,0x8970ccc2,0x0e29f51f,
-        0x60f00ce2,0xa698ba40 } },
-    /* 134 */
-    { { 0xef748fec,0x73db1686,0x7e9d2cf9,0xe6e755a2,0xce265eff,0x630b6544,
-        0x7aebad8d,0xb142ef8a },
-      { 0x17d5770a,0xad31af9f,0x2cb3412f,0x66af3b67,0xdf3359de,0x6bd60d1b,
-        0x58515075,0xd1896a96 } },
-    /* 135 */
-    { { 0x33c41c08,0xec5957ab,0x5468e2e1,0x87de94ac,0xac472f6c,0x18816b73,
-        0x7981da39,0x267b0e0b },
-      { 0x8e62b988,0x6e554e5d,0x116d21e7,0xd8ddc755,0x3d2a6f99,0x4610faf0,
-        0xa1119393,0xb54e287a } },
-    /* 136 */
-    { { 0x178a876b,0x0a0122b5,0x085104b4,0x51ff96ff,0x14f29f76,0x050b31ab,
-        0x5f87d4e6,0x84abb28b },
-      { 0x8270790a,0xd5ed439f,0x85e3f46b,0x2d6cb59d,0x6c1e2212,0x75f55c1b,
-        0x17655640,0xe5436f67 } },
-    /* 137 */
-    { { 0x2286e8d5,0x53f9025e,0x864453be,0x353c95b4,0xe408e3a0,0xd832f5bd,
-        0x5b9ce99e,0x0404f68b },
-      { 0xa781e8e5,0xcad33bde,0x163c2f5b,0x3cdf5018,0x0119caa3,0x57576960,
-        0x0ac1c701,0x3a4263df } },
-    /* 138 */
-    { { 0x9aeb596d,0xc2965ecc,0x023c92b4,0x01ea03e7,0x2e013961,0x4704b4b6,
-        0x905ea367,0x0ca8fd3f },
-      { 0x551b2b61,0x92523a42,0x390fcd06,0x1eb7a89c,0x0392a63e,0xe7f1d2be,
-        0x4ddb0c33,0x96dca264 } },
-    /* 139 */
-    { { 0x387510af,0x203bb43a,0xa9a36a01,0x846feaa8,0x2f950378,0xd23a5770,
-        0x3aad59dc,0x4363e212 },
-      { 0x40246a47,0xca43a1c7,0xe55dd24d,0xb362b8d2,0x5d8faf96,0xf9b08604,
-        0xd8bb98c4,0x840e115c } },
-    /* 140 */
-    { { 0x1023e8a7,0xf12205e2,0xd8dc7a0b,0xc808a8cd,0x163a5ddf,0xe292a272,
-        0x30ded6d4,0x5e0d6abd },
-      { 0x7cfc0f64,0x07a721c2,0x0e55ed88,0x42eec01d,0x1d1f9db2,0x26a7bef9,
-        0x2945a25a,0x7dea48f4 } },
-    /* 141 */
-    { { 0xe5060a81,0xabdf6f1c,0xf8f95615,0xe79f9c72,0x06ac268b,0xcfd36c54,
-        0xebfd16d1,0xabc2a2be },
-      { 0xd3e2eac7,0x8ac66f91,0xd2dd0466,0x6f10ba63,0x0282d31b,0x6790e377,
-        0x6c7eefc1,0x4ea35394 } },
-    /* 142 */
-    { { 0x5266309d,0xed8a2f8d,0x81945a3e,0x0a51c6c0,0x578c5dc1,0xcecaf45a,
-        0x1c94ffc3,0x3a76e689 },
-      { 0x7d7b0d0f,0x9aace8a4,0x8f584a5f,0x963ace96,0x4e697fbe,0x51a30c72,
-        0x465e6464,0x8212a10a } },
-    /* 143 */
-    { { 0xcfab8caa,0xef7c61c3,0x0e142390,0x18eb8e84,0x7e9733ca,0xcd1dff67,
-        0x599cb164,0xaa7cab71 },
-      { 0xbc837bd1,0x02fc9273,0xc36af5d7,0xc06407d0,0xf423da49,0x17621292,
-        0xfe0617c3,0x40e38073 } },
-    /* 144 */
-    { { 0xa7bf9b7c,0xf4f80824,0x3fbe30d0,0x365d2320,0x97cf9ce3,0xbfbe5320,
-        0xb3055526,0xe3604700 },
-      { 0x6cc6c2c7,0x4dcb9911,0xba4cbee6,0x72683708,0x637ad9ec,0xdcded434,
-        0xa3dee15f,0x6542d677 } },
-    /* 145 */
-    { { 0x7b6c377a,0x3f32b6d0,0x903448be,0x6cb03847,0x20da8af7,0xd6fdd3a8,
-        0x09bb6f21,0xa6534aee },
-      { 0x1035facf,0x30a1780d,0x9dcb47e6,0x35e55a33,0xc447f393,0x6ea50fe1,
-        0xdc9aef22,0xf3cb672f } },
-    /* 146 */
-    { { 0x3b55fd83,0xeb3719fe,0x875ddd10,0xe0d7a46c,0x05cea784,0x33ac9fa9,
-        0xaae870e7,0x7cafaa2e },
-      { 0x1d53b338,0x9b814d04,0xef87e6c6,0xe0acc0a0,0x11672b0f,0xfb93d108,
-        0xb9bd522e,0x0aab13c1 } },
-    /* 147 */
-    { { 0xd2681297,0xddcce278,0xb509546a,0xcb350eb1,0x7661aaf2,0x2dc43173,
-        0x847012e9,0x4b91a602 },
-      { 0x72f8ddcf,0xdcff1095,0x9a911af4,0x08ebf61e,0xc372430e,0x48f4360a,
-        0x72321cab,0x49534c53 } },
-    /* 148 */
-    { { 0xf07b7e9d,0x83df7d71,0x13cd516f,0xa478efa3,0x6c047ee3,0x78ef264b,
-        0xd65ac5ee,0xcaf46c4f },
-      { 0x92aa8266,0xa04d0c77,0x913684bb,0xedf45466,0xae4b16b0,0x56e65168,
-        0x04c6770f,0x14ce9e57 } },
-    /* 149 */
-    { { 0x965e8f91,0x99445e3e,0xcb0f2492,0xd3aca1ba,0x90c8a0a0,0xd31cc70f,
-        0x3e4c9a71,0x1bb708a5 },
-      { 0x558bdd7a,0xd5ca9e69,0x018a26b1,0x734a0508,0x4c9cf1ec,0xb093aa71,
-        0xda300102,0xf9d126f2 } },
-    /* 150 */
-    { { 0xaff9563e,0x749bca7a,0xb49914a0,0xdd077afe,0xbf5f1671,0xe27a0311,
-        0x729ecc69,0x807afcb9 },
-      { 0xc9b08b77,0x7f8a9337,0x443c7e38,0x86c3a785,0x476fd8ba,0x85fafa59,
-        0x6568cd8c,0x751adcd1 } },
-    /* 151 */
-    { { 0x10715c0d,0x8aea38b4,0x8f7697f7,0xd113ea71,0x93fbf06d,0x665eab14,
-        0x2537743f,0x29ec4468 },
-      { 0xb50bebbc,0x3d94719c,0xe4505422,0x399ee5bf,0x8d2dedb1,0x90cd5b3a,
-        0x92a4077d,0xff9370e3 } },
-    /* 152 */
-    { { 0xc6b75b65,0x59a2d69b,0x266651c5,0x4188f8d5,0x3de9d7d2,0x28a9f33e,
-        0xa2a9d01a,0x9776478b },
-      { 0x929af2c7,0x8852622d,0x4e690923,0x334f5d6d,0xa89a51e9,0xce6cc7e5,
-        0xac2f82fa,0x74a6313f } },
-    /* 153 */
-    { { 0xb75f079c,0xb2f4dfdd,0x18e36fbb,0x85b07c95,0xe7cd36dd,0x1b6cfcf0,
-        0x0ff4863d,0xab75be15 },
-      { 0x173fc9b7,0x81b367c0,0xd2594fd0,0xb90a7420,0xc4091236,0x15fdbf03,
-        0x0b4459f6,0x4ebeac2e } },
-    /* 154 */
-    { { 0x5c9f2c53,0xeb6c5fe7,0x8eae9411,0xd2522011,0xf95ac5d8,0xc8887633,
-        0x2c1baffc,0xdf99887b },
-      { 0x850aaecb,0xbb78eed2,0x01d6a272,0x9d49181b,0xb1cdbcac,0x978dd511,
-        0x779f4058,0x27b040a7 } },
-    /* 155 */
-    { { 0xf73b2eb2,0x90405db7,0x8e1b2118,0xe0df8508,0x5962327e,0x501b7152,
-        0xe4cfa3f5,0xb393dd37 },
-      { 0x3fd75165,0xa1230e7b,0xbcd33554,0xd66344c2,0x0f7b5022,0x6c36f1be,
-        0xd0463419,0x09588c12 } },
-    /* 156 */
-    { { 0x02601c3b,0xe086093f,0xcf5c335f,0xfb0252f8,0x894aff28,0x955cf280,
-        0xdb9f648b,0x81c879a9 },
-      { 0xc6f56c51,0x040e687c,0x3f17618c,0xfed47169,0x9059353b,0x44f88a41,
-        0x5fc11bc4,0xfa0d48f5 } },
-    /* 157 */
-    { { 0xe1608e4d,0xbc6e1c9d,0x3582822c,0x010dda11,0x157ec2d7,0xf6b7ddc1,
-        0xb6a367d6,0x8ea0e156 },
-      { 0x2383b3b4,0xa354e02f,0x3f01f53c,0x69966b94,0x2de03ca5,0x4ff6632b,
-        0xfa00b5ac,0x3f5ab924 } },
-    /* 158 */
-    { { 0x59739efb,0x337bb0d9,0xe7ebec0d,0xc751b0f4,0x411a67d1,0x2da52dd6,
-        0x2b74256e,0x8bc76887 },
-      { 0x82d3d253,0xa5be3b72,0xf58d779f,0xa9f679a1,0xe16767bb,0xa1cac168,
-        0x60fcf34f,0xb386f190 } },
-    /* 159 */
-    { { 0x2fedcfc2,0x31f3c135,0x62f8af0d,0x5396bf62,0xe57288c2,0x9a02b4ea,
-        0x1b069c4d,0x4cb460f7 },
-      { 0x5b8095ea,0xae67b4d3,0x6fc07603,0x92bbf859,0xb614a165,0xe1475f66,
-        0x95ef5223,0x52c0d508 } },
-    /* 160 */
-    { { 0x15339848,0x231c210e,0x70778c8d,0xe87a28e8,0x6956e170,0x9d1de661,
-        0x2bb09c0b,0x4ac3c938 },
-      { 0x6998987d,0x19be0551,0xae09f4d6,0x8b2376c4,0x1a3f933d,0x1de0b765,
-        0xe39705f4,0x380d94c7 } },
-    /* 161 */
-    { { 0x81542e75,0x01a355aa,0xee01b9b7,0x96c724a1,0x624d7087,0x6b3a2977,
-        0xde2637af,0x2ce3e171 },
-      { 0xf5d5bc1a,0xcfefeb49,0x2777e2b5,0xa655607e,0x9513756c,0x4feaac2f,
-        0x0b624e4d,0x2e6cd852 } },
-    /* 162 */
-    { { 0x8c31c31d,0x3685954b,0x5bf21a0c,0x68533d00,0x75c79ec9,0x0bd7626e,
-        0x42c69d54,0xca177547 },
-      { 0xf6d2dbb2,0xcc6edaff,0x174a9d18,0xfd0d8cbd,0xaa4578e8,0x875e8793,
-        0x9cab2ce6,0xa976a713 } },
-    /* 163 */
-    { { 0x93fb353d,0x0a651f1b,0x57fcfa72,0xd75cab8b,0x31b15281,0xaa88cfa7,
-        0x0a1f4999,0x8720a717 },
-      { 0x693e1b90,0x8c3e8d37,0x16f6dfc3,0xd345dc0b,0xb52a8742,0x8ea8d00a,
-        0xc769893c,0x9719ef29 } },
-    /* 164 */
-    { { 0x58e35909,0x820eed8d,0x33ddc116,0x9366d8dc,0x6e205026,0xd7f999d0,
-        0xe15704c1,0xa5072976 },
-      { 0xc4e70b2e,0x002a37ea,0x6890aa8a,0x84dcf657,0x645b2a5c,0xcd71bf18,
-        0xf7b77725,0x99389c9d } },
-    /* 165 */
-    { { 0x7ada7a4b,0x238c08f2,0xfd389366,0x3abe9d03,0x766f512c,0x6b672e89,
-        0x202c82e4,0xa88806aa },
-      { 0xd380184e,0x6602044a,0x126a8b85,0xa8cb78c4,0xad844f17,0x79d670c0,
-        0x4738dcfe,0x0043bffb } },
-    /* 166 */
-    { { 0x36d5192e,0x8d59b5dc,0x4590b2af,0xacf885d3,0x11601781,0x83566d0a,
-        0xba6c4866,0x52f3ef01 },
-      { 0x0edcb64d,0x3986732a,0x8068379f,0x0a482c23,0x7040f309,0x16cbe5fa,
-        0x9ef27e75,0x3296bd89 } },
-    /* 167 */
-    { { 0x454d81d7,0x476aba89,0x51eb9b3c,0x9eade7ef,0x81c57986,0x619a21cd,
-        0xaee571e9,0x3b90febf },
-      { 0x5496f7cb,0x9393023e,0x7fb51bc4,0x55be41d8,0x99beb5ce,0x03f1dd48,
-        0x9f810b18,0x6e88069d } },
-    /* 168 */
-    { { 0xb43ea1db,0xce37ab11,0x5259d292,0x0a7ff1a9,0x8f84f186,0x851b0221,
-        0xdefaad13,0xa7222bea },
-      { 0x2b0a9144,0xa2ac78ec,0xf2fa59c5,0x5a024051,0x6147ce38,0x91d1eca5,
-        0xbc2ac690,0xbe94d523 } },
-    /* 169 */
-    { { 0x0b226ce7,0x72f4945e,0x967e8b70,0xb8afd747,0x85a6c63e,0xedea46f1,
-        0x9be8c766,0x7782defe },
-      { 0x3db38626,0x760d2aa4,0x76f67ad1,0x460ae787,0x54499cdb,0x341b86fc,
-        0xa2892e4b,0x03838567 } },
-    /* 170 */
-    { { 0x79ec1a0f,0x2d8daefd,0xceb39c97,0x3bbcd6fd,0x58f61a95,0xf5575ffc,
-        0xadf7b420,0xdbd986c4 },
-      { 0x15f39eb7,0x81aa8814,0xb98d976c,0x6ee2fcf5,0xcf2f717d,0x5465475d,
-        0x6860bbd0,0x8e24d3c4 } },
-    /* 171 */
-    { { 0x9a587390,0x749d8e54,0x0cbec588,0x12bb194f,0xb25983c6,0x46e07da4,
-        0x407bafc8,0x541a99c4 },
-      { 0x624c8842,0xdb241692,0xd86c05ff,0x6044c12a,0x4f7fcf62,0xc59d14b4,
-        0xf57d35d1,0xc0092c49 } },
-    /* 172 */
-    { { 0xdf2e61ef,0xd3cc75c3,0x2e1b35ca,0x7e8841c8,0x909f29f4,0xc62d30d1,
-        0x7286944d,0x75e40634 },
-      { 0xbbc237d0,0xe7d41fc5,0xec4f01c9,0xc9537bf0,0x282bd534,0x91c51a16,
-        0xc7848586,0x5b7cb658 } },
-    /* 173 */
-    { { 0x8a28ead1,0x964a7084,0xfd3b47f6,0x802dc508,0x767e5b39,0x9ae4bfd1,
-        0x8df097a1,0x7ae13eba },
-      { 0xeadd384e,0xfd216ef8,0xb6b2ff06,0x0361a2d9,0x4bcdb5f3,0x204b9878,
-        0xe2a8e3fd,0x787d8074 } },
-    /* 174 */
-    { { 0x757fbb1c,0xc5e25d6b,0xca201deb,0xe47bddb2,0x6d2233ff,0x4a55e9a3,
-        0x9ef28484,0x5c222819 },
-      { 0x88315250,0x773d4a85,0x827097c1,0x21b21a2b,0xdef5d33f,0xab7c4ea1,
-        0xbaf0f2b0,0xe45d37ab } },
-    /* 175 */
-    { { 0x28511c8a,0xd2df1e34,0xbdca6cd3,0xebb229c8,0x627c39a7,0x578a71a7,
-        0x84dfb9d3,0xed7bc122 },
-      { 0x93dea561,0xcf22a6df,0xd48f0ed1,0x5443f18d,0x5bad23e8,0xd8b86140,
-        0x45ca6d27,0xaac97cc9 } },
-    /* 176 */
-    { { 0xa16bd00a,0xeb54ea74,0xf5c0bcc1,0xd839e9ad,0x1f9bfc06,0x092bb7f1,
-        0x1163dc4e,0x318f97b3 },
-      { 0xc30d7138,0xecc0c5be,0xabc30220,0x44e8df23,0xb0223606,0x2bb7972f,
-        0x9a84ff4d,0xfa41faa1 } },
-    /* 177 */
-    { { 0xa6642269,0x4402d974,0x9bb783bd,0xc81814ce,0x7941e60b,0x398d38e4,
-        0x1d26e9e2,0x38bb6b2c },
-      { 0x6a577f87,0xc64e4a25,0xdc11fe1c,0x8b52d253,0x62280728,0xff336abf,
-        0xce7601a5,0x94dd0905 } },
-    /* 178 */
-    { { 0xde93f92a,0x156cf7dc,0x89b5f315,0xa01333cb,0xc995e750,0x02404df9,
-        0xd25c2ae9,0x92077867 },
-      { 0x0bf39d44,0xe2471e01,0x96bb53d7,0x5f2c9020,0x5c9c3d8f,0x4c44b7b3,
-        0xd29beb51,0x81e8428b } },
-    /* 179 */
-    { { 0xc477199f,0x6dd9c2ba,0x6b5ecdd9,0x8cb8eeee,0xee40fd0e,0x8af7db3f,
-        0xdbbfa4b1,0x1b94ab62 },
-      { 0xce47f143,0x44f0d8b3,0x63f46163,0x51e623fc,0xcc599383,0xf18f270f,
-        0x055590ee,0x06a38e28 } },
-    /* 180 */
-    { { 0xb3355b49,0x2e5b0139,0xb4ebf99b,0x20e26560,0xd269f3dc,0xc08ffa6b,
-        0x83d9d4f8,0xa7b36c20 },
-      { 0x1b3e8830,0x64d15c3a,0xa89f9c0b,0xd5fceae1,0xe2d16930,0xcfeee4a2,
-        0xa2822a20,0xbe54c6b4 } },
-    /* 181 */
-    { { 0x8d91167c,0xd6cdb3df,0xe7a6625e,0x517c3f79,0x346ac7f4,0x7105648f,
-        0xeae022bb,0xbf30a5ab },
-      { 0x93828a68,0x8e7785be,0x7f3ef036,0x5161c332,0x592146b2,0xe11b5feb,
-        0x2732d13a,0xd1c820de } },
-    /* 182 */
-    { { 0x9038b363,0x043e1347,0x6b05e519,0x58c11f54,0x6026cad1,0x4fe57abe,
-        0x68a18da3,0xb7d17bed },
-      { 0xe29c2559,0x44ca5891,0x5bfffd84,0x4f7a0376,0x74e46948,0x498de4af,
-        0x6412cc64,0x3997fd5e } },
-    /* 183 */
-    { { 0x8bd61507,0xf2074682,0x34a64d2a,0x29e132d5,0x8a8a15e3,0xffeddfb0,
-        0x3c6c13e8,0x0eeb8929 },
-      { 0xa7e259f8,0xe9b69a3e,0xd13e7e67,0xce1db7e6,0xad1fa685,0x277318f6,
-        0xc922b6ef,0x228916f8 } },
-    /* 184 */
-    { { 0x0a12ab5b,0x959ae25b,0x957bc136,0xcc11171f,0xd16e2b0c,0x8058429e,
-        0x6e93097e,0xec05ad1d },
-      { 0xac3f3708,0x157ba5be,0x30b59d77,0x31baf935,0x118234e5,0x47b55237,
-        0x7ff11b37,0x7d314156 } },
-    /* 185 */
-    { { 0xf6dfefab,0x7bd9c05c,0xdcb37707,0xbe2f2268,0x3a38bb95,0xe53ead97,
-        0x9bc1d7a3,0xe9ce66fc },
-      { 0x6f6a02a1,0x75aa1576,0x60e600ed,0x38c087df,0x68cdc1b9,0xf8947f34,
-        0x72280651,0xd9650b01 } },
-    /* 186 */
-    { { 0x5a057e60,0x504b4c4a,0x8def25e4,0xcbccc3be,0x17c1ccbd,0xa6353208,
-        0x804eb7a2,0x14d6699a },
-      { 0xdb1f411a,0x2c8a8415,0xf80d769c,0x09fbaf0b,0x1c2f77ad,0xb4deef90,
-        0x0d43598a,0x6f4c6841 } },
-    /* 187 */
-    { { 0x96c24a96,0x8726df4e,0xfcbd99a3,0x534dbc85,0x8b2ae30a,0x3c466ef2,
-        0x61189abb,0x4c4350fd },
-      { 0xf855b8da,0x2967f716,0x463c38a1,0x41a42394,0xeae93343,0xc37e1413,
-        0x5a3118b5,0xa726d242 } },
-    /* 188 */
-    { { 0x948c1086,0xdae6b3ee,0xcbd3a2e1,0xf1de503d,0x03d022f3,0x3f35ed3f,
-        0xcc6cf392,0x13639e82 },
-      { 0xcdafaa86,0x9ac938fb,0x2654a258,0xf45bc5fb,0x45051329,0x1963b26e,
-        0xc1a335a3,0xca9365e1 } },
-    /* 189 */
-    { { 0x4c3b2d20,0x3615ac75,0x904e241b,0x742a5417,0xcc9d071d,0xb08521c4,
-        0x970b72a5,0x9ce29c34 },
-      { 0x6d3e0ad6,0x8cc81f73,0xf2f8434c,0x8060da9e,0x6ce862d9,0x35ed1d1a,
-        0xab42af98,0x48c4abd7 } },
-    /* 190 */
-    { { 0x40c7485a,0xd221b0cc,0xe5274dbf,0xead455bb,0x9263d2e8,0x493c7698,
-        0xf67b33cb,0x78017c32 },
-      { 0x930cb5ee,0xb9d35769,0x0c408ed2,0xc0d14e94,0x272f1a4d,0xf8b7bf55,
-        0xde5c1c04,0x53cd0454 } },
-    /* 191 */
-    { { 0x5d28ccac,0xbcd585fa,0x005b746e,0x5f823e56,0xcd0123aa,0x7c79f0a1,
-        0xd3d7fa8f,0xeea465c1 },
-      { 0x0551803b,0x7810659f,0x7ce6af70,0x6c0b599f,0x29288e70,0x4195a770,
-        0x7ae69193,0x1b6e42a4 } },
-    /* 192 */
-    { { 0xf67d04c3,0x2e80937c,0x89eeb811,0x1e312be2,0x92594d60,0x56b5d887,
-        0x187fbd3d,0x0224da14 },
-      { 0x0c5fe36f,0x87abb863,0x4ef51f5f,0x580f3c60,0xb3b429ec,0x964fb1bf,
-        0x42bfff33,0x60838ef0 } },
-    /* 193 */
-    { { 0x7e0bbe99,0x432cb2f2,0x04aa39ee,0x7bda44f3,0x9fa93903,0x5f497c7a,
-        0x2d331643,0x636eb202 },
-      { 0x93ae00aa,0xfcfd0e61,0x31ae6d2f,0x875a00fe,0x9f93901c,0xf43658a2,
-        0x39218bac,0x8844eeb6 } },
-    /* 194 */
-    { { 0x6b3bae58,0x114171d2,0x17e39f3e,0x7db3df71,0x81a8eada,0xcd37bc7f,
-        0x51fb789e,0x27ba83dc },
-      { 0xfbf54de5,0xa7df439f,0xb5fe1a71,0x7277030b,0xdb297a48,0x42ee8e35,
-        0x87f3a4ab,0xadb62d34 } },
-    /* 195 */
-    { { 0xa175df2a,0x9b1168a2,0x618c32e9,0x082aa04f,0x146b0916,0xc9e4f2e7,
-        0x75e7c8b2,0xb990fd76 },
-      { 0x4df37313,0x0829d96b,0xd0b40789,0x1c205579,0x78087711,0x66c9ae4a,
-        0x4d10d18d,0x81707ef9 } },
-    /* 196 */
-    { { 0x03d6ff96,0x97d7cab2,0x0d843360,0x5b851bfc,0xd042db4b,0x268823c4,
-        0xd5a8aa5c,0x3792daea },
-      { 0x941afa0b,0x52818865,0x42d83671,0xf3e9e741,0x5be4e0a7,0x17c82527,
-        0x94b001ba,0x5abd635e } },
-    /* 197 */
-    { { 0x0ac4927c,0x727fa84e,0xa7c8cf23,0xe3886035,0x4adca0df,0xa4bcd5ea,
-        0x846ab610,0x5995bf21 },
-      { 0x829dfa33,0xe90f860b,0x958fc18b,0xcaafe2ae,0x78630366,0x9b3baf44,
-        0xd483411e,0x44c32ca2 } },
-    /* 198 */
-    { { 0xe40ed80c,0xa74a97f1,0x31d2ca82,0x5f938cb1,0x7c2d6ad9,0x53f2124b,
-        0x8082a54c,0x1f2162fb },
-      { 0x720b173e,0x7e467cc5,0x085f12f9,0x40e8a666,0x4c9d65dc,0x8cebc20e,
-        0xc3e907c9,0x8f1d402b } },
-    /* 199 */
-    { { 0xfbc4058a,0x4f592f9c,0x292f5670,0xb15e14b6,0xbc1d8c57,0xc55cfe37,
-        0x926edbf9,0xb1980f43 },
-      { 0x32c76b09,0x98c33e09,0x33b07f78,0x1df5279d,0x863bb461,0x6f08ead4,
-        0x37448e45,0x2828ad9b } },
-    /* 200 */
-    { { 0xc4cf4ac5,0x696722c4,0xdde64afb,0xf5ac1a3f,0xe0890832,0x0551baa2,
-        0x5a14b390,0x4973f127 },
-      { 0x322eac5d,0xe59d8335,0x0bd9b568,0x5e07eef5,0xa2588393,0xab36720f,
-        0xdb168ac7,0x6dac8ed0 } },
-    /* 201 */
-    { { 0xeda835ef,0xf7b545ae,0x1d10ed51,0x4aa113d2,0x13741b09,0x035a65e0,
-        0x20b9de4c,0x4b23ef59 },
-      { 0x3c4c7341,0xe82bb680,0x3f58bc37,0xd457706d,0xa51e3ee8,0x73527863,
-        0xddf49a4e,0x4dd71534 } },
-    /* 202 */
-    { { 0x95476cd9,0xbf944672,0xe31a725b,0x648d072f,0xfc4b67e0,0x1441c8b8,
-        0x2f4a4dbb,0xfd317000 },
-      { 0x8995d0e1,0x1cb43ff4,0x0ef729aa,0x76e695d1,0x41798982,0xe0d5f976,
-        0x9569f365,0x14fac58c } },
-    /* 203 */
-    { { 0xf312ae18,0xad9a0065,0xfcc93fc9,0x51958dc0,0x8a7d2846,0xd9a14240,
-        0x36abda50,0xed7c7651 },
-      { 0x25d4abbc,0x46270f1a,0xf1a113ea,0x9b5dd8f3,0x5b51952f,0xc609b075,
-        0x4d2e9f53,0xfefcb7f7 } },
-    /* 204 */
-    { { 0xba119185,0xbd09497a,0xaac45ba4,0xd54e8c30,0xaa521179,0x492479de,
-        0x87e0d80b,0x1801a57e },
-      { 0xfcafffb0,0x073d3f8d,0xae255240,0x6cf33c0b,0x5b5fdfbc,0x781d763b,
-        0x1ead1064,0x9f8fc11e } },
-    /* 205 */
-    { { 0x5e69544c,0x1583a171,0xf04b7813,0x0eaf8567,0x278a4c32,0x1e22a8fd,
-        0x3d3a69a9,0xa9d3809d },
-      { 0x59a2da3b,0x936c2c2c,0x1895c847,0x38ccbcf6,0x63d50869,0x5e65244e,
-        0xe1178ef7,0x3006b9ae } },
-    /* 206 */
-    { { 0xc9eead28,0x0bb1f2b0,0x89f4dfbc,0x7eef635d,0xb2ce8939,0x074757fd,
-        0x45f8f761,0x0ab85fd7 },
-      { 0x3e5b4549,0xecda7c93,0x97922f21,0x4be2bb5c,0xb43b8040,0x261a1274,
-        0x11e942c2,0xb122d675 } },
-    /* 207 */
-    { { 0x66a5ae7a,0x3be607be,0x76adcbe3,0x01e703fa,0x4eb6e5c5,0xaf904301,
-        0x097dbaec,0x9f599dc1 },
-      { 0x0ff250ed,0x6d75b718,0x349a20dc,0x8eb91574,0x10b227a3,0x425605a4,
-        0x8a294b78,0x7d5528e0 } },
-    /* 208 */
-    { { 0x20c26def,0xf0f58f66,0x582b2d1e,0x025585ea,0x01ce3881,0xfbe7d79b,
-        0x303f1730,0x28ccea01 },
-      { 0x79644ba5,0xd1dabcd1,0x06fff0b8,0x1fc643e8,0x66b3e17b,0xa60a76fc,
-        0xa1d013bf,0xc18baf48 } },
-    /* 209 */
-    { { 0x5dc4216d,0x34e638c8,0x206142ac,0x00c01067,0x95f5064a,0xd453a171,
-        0xb7a9596b,0x9def809d },
-      { 0x67ab8d2c,0x41e8642e,0x6237a2b6,0xb4240433,0x64c4218b,0x7d506a6d,
-        0x68808ce5,0x0357f8b0 } },
-    /* 210 */
-    { { 0x4cd2cc88,0x8e9dbe64,0xf0b8f39d,0xcc61c28d,0xcd30a0c8,0x4a309874,
-        0x1b489887,0xe4a01add },
-      { 0xf57cd8f9,0x2ed1eeac,0xbd594c48,0x1b767d3e,0x7bd2f787,0xa7295c71,
-        0xce10cc30,0x466d7d79 } },
-    /* 211 */
-    { { 0x9dada2c7,0x47d31892,0x8f9aa27d,0x4fa0a6c3,0x820a59e1,0x90e4fd28,
-        0x451ead1a,0xc672a522 },
-      { 0x5d86b655,0x30607cc8,0xf9ad4af1,0xf0235d3b,0x571172a6,0x99a08680,
-        0xf2a67513,0x5e3d64fa } },
-    /* 212 */
-    { { 0x9b3b4416,0xaa6410c7,0xeab26d99,0xcd8fcf85,0xdb656a74,0x5ebff74a,
-        0xeb8e42fc,0x6c8a7a95 },
-      { 0xb02a63bd,0x10c60ba7,0x8b8f0047,0x6b2f2303,0x312d90b0,0x8c6c3738,
-        0xad82ca91,0x348ae422 } },
-    /* 213 */
-    { { 0x5ccda2fb,0x7f474663,0x8e0726d2,0x22accaa1,0x492b1f20,0x85adf782,
-        0xd9ef2d2e,0xc1074de0 },
-      { 0xae9a65b3,0xfcf3ce44,0x05d7151b,0xfd71e4ac,0xce6a9788,0xd4711f50,
-        0xc9e54ffc,0xfbadfbdb } },
-    /* 214 */
-    { { 0x20a99363,0x1713f1cd,0x6cf22775,0xb915658f,0x24d359b2,0x968175cd,
-        0x83716fcd,0xb7f976b4 },
-      { 0x5d6dbf74,0x5758e24d,0x71c3af36,0x8d23bafd,0x0243dfe3,0x48f47760,
-        0xcafcc805,0xf4d41b2e } },
-    /* 215 */
-    { { 0xfdabd48d,0x51f1cf28,0x32c078a4,0xce81be36,0x117146e9,0x6ace2974,
-        0xe0160f10,0x180824ea },
-      { 0x66e58358,0x0387698b,0xce6ca358,0x63568752,0x5e41e6c5,0x82380e34,
-        0x83cf6d25,0x67e5f639 } },
-    /* 216 */
-    { { 0xcf4899ef,0xf89ccb8d,0x9ebb44c0,0x949015f0,0xb2598ec9,0x546f9276,
-        0x04c11fc6,0x9fef789a },
-      { 0x53d2a071,0x6d367ecf,0xa4519b09,0xb10e1a7f,0x611e2eef,0xca6b3fb0,
-        0xa99c4e20,0xbc80c181 } },
-    /* 217 */
-    { { 0xe5eb82e6,0x972536f8,0xf56cb920,0x1a484fc7,0x50b5da5e,0xc78e2171,
-        0x9f8cdf10,0x49270e62 },
-      { 0xea6b50ad,0x1a39b7bb,0xa2388ffc,0x9a0284c1,0x8107197b,0x5403eb17,
-        0x61372f7f,0xd2ee52f9 } },
-    /* 218 */
-    { { 0x88e0362a,0xd37cd285,0x8fa5d94d,0x442fa8a7,0xa434a526,0xaff836e5,
-        0xe5abb733,0xdfb478be },
-      { 0x673eede6,0xa91f1ce7,0x2b5b2f04,0xa5390ad4,0x5530da2f,0x5e66f7bf,
-        0x08df473a,0xd9a140b4 } },
-    /* 219 */
-    { { 0x6e8ea498,0x0e0221b5,0x3563ee09,0x62347829,0x335d2ade,0xe06b8391,
-        0x623f4b1a,0x760c058d },
-      { 0xc198aa79,0x0b89b58c,0xf07aba7f,0xf74890d2,0xfde2556a,0x4e204110,
-        0x8f190409,0x7141982d } },
-    /* 220 */
-    { { 0x4d4b0f45,0x6f0a0e33,0x392a94e1,0xd9280b38,0xb3c61d5e,0x3af324c6,
-        0x89d54e47,0x3af9d1ce },
-      { 0x20930371,0xfd8f7981,0x21c17097,0xeda2664c,0xdc42309b,0x0e9545dc,
-        0x73957dd6,0xb1f815c3 } },
-    /* 221 */
-    { { 0x89fec44a,0x84faa78e,0x3caa4caf,0xc8c2ae47,0xc1b6a624,0x691c807d,
-        0x1543f052,0xa41aed14 },
-      { 0x7d5ffe04,0x42435399,0x625b6e20,0x8bacb2df,0x87817775,0x85d660be,
-        0x86fb60ef,0xd6e9c1dd } },
-    /* 222 */
-    { { 0xc6853264,0x3aa2e97e,0xe2304a0b,0x771533b7,0xb8eae9be,0x1b912bb7,
-        0xae9bf8c2,0x9c9c6e10 },
-      { 0xe030b74c,0xa2309a59,0x6a631e90,0x4ed7494d,0xa49b79f2,0x89f44b23,
-        0x40fa61b6,0x566bd596 } },
-    /* 223 */
-    { { 0xc18061f3,0x066c0118,0x7c83fc70,0x190b25d3,0x27273245,0xf05fc8e0,
-        0xf525345e,0xcf2c7390 },
-      { 0x10eb30cf,0xa09bceb4,0x0d77703a,0xcfd2ebba,0x150ff255,0xe842c43a,
-        0x8aa20979,0x02f51755 } },
-    /* 224 */
-    { { 0xaddb7d07,0x396ef794,0x24455500,0x0b4fc742,0xc78aa3ce,0xfaff8eac,
-        0xe8d4d97d,0x14e9ada5 },
-      { 0x2f7079e2,0xdaa480a1,0xe4b0800e,0x45baa3cd,0x7838157d,0x01765e2d,
-        0x8e9d9ae8,0xa0ad4fab } },
-    /* 225 */
-    { { 0x4a653618,0x0bfb7621,0x31eaaa5f,0x1872813c,0x44949d5e,0x1553e737,
-        0x6e56ed1e,0xbcd530b8 },
-      { 0x32e9c47b,0x169be853,0xb50059ab,0xdc2776fe,0x192bfbb4,0xcdba9761,
-        0x6979341d,0x909283cf } },
-    /* 226 */
-    { { 0x76e81a13,0x67b00324,0x62171239,0x9bee1a99,0xd32e19d6,0x08ed361b,
-        0xace1549a,0x35eeb7c9 },
-      { 0x7e4e5bdc,0x1280ae5a,0xb6ceec6e,0x2dcd2cd3,0x6e266bc1,0x52e4224c,
-        0x448ae864,0x9a8b2cf4 } },
-    /* 227 */
-    { { 0x09d03b59,0xf6471bf2,0xb65af2ab,0xc90e62a3,0xebd5eec9,0xff7ff168,
-        0xd4491379,0x6bdb60f4 },
-      { 0x8a55bc30,0xdadafebc,0x10097fe0,0xc79ead16,0x4c1e3bdd,0x42e19741,
-        0x94ba08a9,0x01ec3cfd } },
-    /* 228 */
-    { { 0xdc9485c2,0xba6277eb,0x22fb10c7,0x48cc9a79,0x70a28d8a,0x4f61d60f,
-        0x475464f6,0xd1acb1c0 },
-      { 0x26f36612,0xd26902b1,0xe0618d8b,0x59c3a44e,0x308357ee,0x4df8a813,
-        0x405626c2,0x7dcd079d } },
-    /* 229 */
-    { { 0xf05a4b48,0x5ce7d4d3,0x37230772,0xadcd2952,0x812a915a,0xd18f7971,
-        0x377d19b8,0x0bf53589 },
-      { 0x6c68ea73,0x35ecd95a,0x823a584d,0xc7f3bbca,0xf473a723,0x9fb674c6,
-        0xe16686fc,0xd28be4d9 } },
-    /* 230 */
-    { { 0x38fa8e4b,0x5d2b9906,0x893fd8fc,0x559f186e,0x436fb6fc,0x3a6de2aa,
-        0x510f88ce,0xd76007aa },
-      { 0x523a4988,0x2d10aab6,0x74dd0273,0xb455cf44,0xa3407278,0x7f467082,
-        0xb303bb01,0xf2b52f68 } },
-    /* 231 */
-    { { 0x9835b4ca,0x0d57eafa,0xbb669cbc,0x2d2232fc,0xc6643198,0x8eeeb680,
-        0xcc5aed3a,0xd8dbe98e },
-      { 0xc5a02709,0xcba9be3f,0xf5ba1fa8,0x30be68e5,0xf10ea852,0xfebd43cd,
-        0xee559705,0xe01593a3 } },
-    /* 232 */
-    { { 0xea75a0a6,0xd3e5af50,0x57858033,0x512226ac,0xd0176406,0x6fe6d50f,
-        0xaeb8ef06,0xafec07b1 },
-      { 0x80bb0a31,0x7fb99567,0x37309aae,0x6f1af3cc,0x01abf389,0x9153a15a,
-        0x6e2dbfdd,0xa71b9354 } },
-    /* 233 */
-    { { 0x18f593d2,0xbf8e12e0,0xa078122b,0xd1a90428,0x0ba4f2ad,0x150505db,
-        0x628523d9,0x53a2005c },
-      { 0xe7f2b935,0x07c8b639,0xc182961a,0x2bff975a,0x7518ca2c,0x86bceea7,
-        0x3d588e3d,0xbf47d19b } },
-    /* 234 */
-    { { 0xdd7665d5,0x672967a7,0x2f2f4de5,0x4e303057,0x80d4903f,0x144005ae,
-        0x39c9a1b6,0x001c2c7f },
-      { 0x69efc6d6,0x143a8014,0x7bc7a724,0xc810bdaa,0xa78150a4,0x5f65670b,
-        0x86ffb99b,0xfdadf8e7 } },
-    /* 235 */
-    { { 0xffc00785,0xfd38cb88,0x3b48eb67,0x77fa7591,0xbf368fbc,0x0454d055,
-        0x5aa43c94,0x3a838e4d },
-      { 0x3e97bb9a,0x56166329,0x441d94d9,0x9eb93363,0x0adb2a83,0x515591a6,
-        0x873e1da3,0x3cdb8257 } },
-    /* 236 */
-    { { 0x7de77eab,0x137140a9,0x41648109,0xf7e1c50d,0xceb1d0df,0x762dcad2,
-        0xf1f57fba,0x5a60cc89 },
-      { 0x40d45673,0x80b36382,0x5913c655,0x1b82be19,0xdd64b741,0x057284b8,
-        0xdbfd8fc0,0x922ff56f } },
-    /* 237 */
-    { { 0xc9a129a1,0x1b265dee,0xcc284e04,0xa5b1ce57,0xcebfbe3c,0x04380c46,
-        0xf6c5cd62,0x72919a7d },
-      { 0x8fb90f9a,0x298f453a,0x88e4031b,0xd719c00b,0x796f1856,0xe32c0e77,
-        0x3624089a,0x5e791780 } },
-    /* 238 */
-    { { 0x7f63cdfb,0x5c16ec55,0xf1cae4fd,0x8e6a3571,0x560597ca,0xfce26bea,
-        0xe24c2fab,0x4e0a5371 },
-      { 0xa5765357,0x276a40d3,0x0d73a2b4,0x3c89af44,0x41d11a32,0xb8f370ae,
-        0xd56604ee,0xf5ff7818 } },
-    /* 239 */
-    { { 0x1a09df21,0xfbf3e3fe,0xe66e8e47,0x26d5d28e,0x29c89015,0x2096bd0a,
-        0x533f5e64,0xe41df0e9 },
-      { 0xb3ba9e3f,0x305fda40,0x2604d895,0xf2340ceb,0x7f0367c7,0x0866e192,
-        0xac4f155f,0x8edd7d6e } },
-    /* 240 */
-    { { 0x0bfc8ff3,0xc9a1dc0e,0xe936f42f,0x14efd82b,0xcca381ef,0x67016f7c,
-        0xed8aee96,0x1432c1ca },
-      { 0x70b23c26,0xec684829,0x0735b273,0xa64fe873,0xeaef0f5a,0xe389f6e5,
-        0x5ac8d2c6,0xcaef480b } },
-    /* 241 */
-    { { 0x75315922,0x5245c978,0x3063cca5,0xd8295171,0xb64ef2cb,0xf3ce60d0,
-        0x8efae236,0xd0ba177e },
-      { 0xb1b3af60,0x53a9ae8f,0x3d2da20e,0x1a796ae5,0xdf9eef28,0x01d63605,
-        0x1c54ae16,0xf31c957c } },
-    /* 242 */
-    { { 0x49cc4597,0xc0f58d52,0xbae0a028,0xdc5015b0,0x734a814a,0xefc5fc55,
-        0x96e17c3a,0x013404cb },
-      { 0xc9a824bf,0xb29e2585,0x001eaed7,0xd593185e,0x61ef68ac,0x8d6ee682,
-        0x91933e6c,0x6f377c4b } },
-    /* 243 */
-    { { 0xa8333fd2,0x9f93bad1,0x5a2a95b8,0xa8930202,0xeaf75ace,0x211e5037,
-        0xd2d09506,0x6dba3e4e },
-      { 0xd04399cd,0xa48ef98c,0xe6b73ade,0x1811c66e,0xc17ecaf3,0x72f60752,
-        0x3becf4a7,0xf13cf342 } },
-    /* 244 */
-    { { 0xa919e2eb,0xceeb9ec0,0xf62c0f68,0x83a9a195,0x7aba2299,0xcfba3bb6,
-        0x274bbad3,0xc83fa9a9 },
-      { 0x62fa1ce0,0x0d7d1b0b,0x3418efbf,0xe58b60f5,0x52706f04,0xbfa8ef9e,
-        0x5d702683,0xb49d70f4 } },
-    /* 245 */
-    { { 0xfad5513b,0x914c7510,0xb1751e2d,0x05f32eec,0xd9fb9d59,0x6d850418,
-        0x0c30f1cf,0x59cfadbb },
-      { 0x55cb7fd6,0xe167ac23,0x820426a3,0x249367b8,0x90a78864,0xeaeec58c,
-        0x354a4b67,0x5babf362 } },
-    /* 246 */
-    { { 0xee424865,0x37c981d1,0xf2e5577f,0x8b002878,0xb9e0c058,0x702970f1,
-        0x9026c8f0,0x6188c6a7 },
-      { 0xd0f244da,0x06f9a19b,0xfb080873,0x1ecced5c,0x9f213637,0x35470f9b,
-        0xdf50b9d9,0x993fe475 } },
-    /* 247 */
-    { { 0x9b2c3609,0x68e31cdf,0x2c46d4ea,0x84eb19c0,0x9a775101,0x7ac9ec1a,
-        0x4c80616b,0x81f76466 },
-      { 0x75fbe978,0x1d7c2a5a,0xf183b356,0x6743fed3,0x501dd2bf,0x838d1f04,
-        0x5fe9060d,0x564a812a } },
-    /* 248 */
-    { { 0xfa817d1d,0x7a5a64f4,0xbea82e0f,0x55f96844,0xcd57f9aa,0xb5ff5a0f,
-        0x00e51d6c,0x226bf3cf },
-      { 0x2f2833cf,0xd6d1a9f9,0x4f4f89a8,0x20a0a35a,0x8f3f7f77,0x11536c49,
-        0xff257836,0x68779f47 } },
-    /* 249 */
-    { { 0x73043d08,0x79b0c1c1,0x1fc020fa,0xa5446774,0x9a6d26d0,0xd3767e28,
-        0xeb092e0b,0x97bcb0d1 },
-      { 0xf32ed3c3,0x2ab6eaa8,0xb281bc48,0xc8a4f151,0xbfa178f3,0x4d1bf4f3,
-        0x0a784655,0xa872ffe8 } },
-    /* 250 */
-    { { 0xa32b2086,0xb1ab7935,0x8160f486,0xe1eb710e,0x3b6ae6be,0x9bd0cd91,
-        0xb732a36a,0x02812bfc },
-      { 0xcf605318,0xa63fd7ca,0xfdfd6d1d,0x646e5d50,0x2102d619,0xa1d68398,
-        0xfe5396af,0x07391cc9 } },
-    /* 251 */
-    { { 0x8b80d02b,0xc50157f0,0x62877f7f,0x6b8333d1,0x78d542ae,0x7aca1af8,
-        0x7e6d2a08,0x355d2adc },
-      { 0x287386e1,0xb41f335a,0xf8e43275,0xfd272a94,0xe79989ea,0x286ca2cd,
-        0x7c2a3a79,0x3dc2b1e3 } },
-    /* 252 */
-    { { 0x04581352,0xd689d21c,0x376782be,0x0a00c825,0x9fed701f,0x203bd590,
-        0x3ccd846b,0xc4786910 },
-      { 0x24c768ed,0x5dba7708,0x6841f657,0x72feea02,0x6accce0e,0x73313ed5,
-        0xd5bb4d32,0xccc42968 } },
-    /* 253 */
-    { { 0x3d7620b9,0x94e50de1,0x5992a56a,0xd89a5c8a,0x675487c9,0xdc007640,
-        0xaa4871cf,0xe147eb42 },
-      { 0xacf3ae46,0x274ab4ee,0x50350fbe,0xfd4936fb,0x48c840ea,0xdf2afe47,
-        0x080e96e3,0x239ac047 } },
-    /* 254 */
-    { { 0x2bfee8d4,0x481d1f35,0xfa7b0fec,0xce80b5cf,0x2ce9af3c,0x105c4c9e,
-        0xf5f7e59d,0xc55fa1a3 },
-      { 0x8257c227,0x3186f14e,0x342be00b,0xc5b1653f,0xaa904fb2,0x09afc998,
-        0xd4f4b699,0x094cd99c } },
-    /* 255 */
-    { { 0xd703beba,0x8a981c84,0x32ceb291,0x8631d150,0xe3bd49ec,0xa445f2c9,
-        0x42abad33,0xb90a30b6 },
-      { 0xb4a5abf9,0xb465404f,0x75db7603,0x004750c3,0xca35d89f,0x6f9a42cc,
-        0x1b7924f7,0x019f8b9a } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_8(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, km);
-
-            err = sp_256_ecc_mulmod_base_8(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 8 + 8 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8 + 8 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 8;
-
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_8(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_8(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_8(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adds	r1, r1, #1\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r4"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 8, buf, (int)sizeof(buf));
-            if (sp_256_cmp_8(k, p256_order2) <= 0) {
-                sp_256_add_one_8(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 8);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_8(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_8(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_8(point->x) || sp_256_iszero_8(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-    sp_digit k[8];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_8(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_8(ctx->point->x) ||
-                    sp_256_iszero_8(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_8(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_8(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 7; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, priv);
-        sp_256_point_from_ecc_point_8(point, pub);
-            err = sp_256_ecc_mulmod_8(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_8(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-    };
-    sp_digit k[8];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 8, priv);
-            sp_256_point_from_ecc_point_8(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_8(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #32\n\t"
-        "\n"
-    "L_sp_256_sub_in_pkace_8_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_256_sub_in_pkace_8_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_256_mul_d_8_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #32\n\t"
-        "blt	L_sp_256_mul_d_8_word_%=\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "str	r5, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_256_word_8(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_256_word_8(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_256_word_8_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_256_word_8_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[16], t2[9];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[7];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 8);
-    r1 = sp_256_cmp_8(&t1[8], d) >= 0;
-    sp_256_cond_sub_8(&t1[8], &t1[8], d, (sp_digit)0 - r1);
-    for (i = 7; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[8 + i] == div);
-        sp_digit hi = t1[8 + i] + mask;
-        r1 = div_256_word_8(hi, t1[8 + i - 1], div);
-        r1 |= mask;
-
-        sp_256_mul_d_8(t2, d, r1);
-        t1[8 + i] += sp_256_sub_in_place_8(&t1[i], t2);
-        t1[8 + i] -= t2[8];
-        sp_256_mask_8(t2, d, t1[8 + i]);
-        t1[8 + i] += sp_256_add_8(&t1[i], &t1[i], t2);
-        sp_256_mask_8(t2, d, t1[8 + i]);
-        t1[8 + i] += sp_256_add_8(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_256_cmp_8(t1, d) >= 0;
-    sp_256_cond_sub_8(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_256_div_8(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_256_mul_8(r, a, b);
-    sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word32 p256_order_minus_2[8] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU,0xffffffffU,0xffffffffU,
-    0x00000000U,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[4] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a)
-{
-    sp_256_sqr_8(r, a);
-    sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_256_mont_sqr_order_8(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_8(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_mont_inv_order_8_ctx {
-    int state;
-    int i;
-} sp_256_mont_inv_order_8_ctx;
-static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_mont_inv_order_8_ctx* ctx = (sp_256_mont_inv_order_8_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 8);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_8(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 8U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 8);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_8(t, t);
-        if ((p256_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 8U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 8;
-    sp_digit* t3 = td + 4 * 8;
-    int i;
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_8(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_8(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_8(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_8(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_8(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_8(t, t2, t3);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_8(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_8(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_8(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_8(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_8(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    sp_256_mont_sqr_order_8(t2, t2);
-    sp_256_mont_mul_order_8(t2, t2, a);
-    sp_256_mont_sqr_n_order_8(t2, t2, 5);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    for (i=121; i>=112; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_8(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_8(k, k, p256_norm_order);
-    err = sp_256_mod_8(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_8(k);
-
-        /* kInv = 1/k mod order */
-            sp_256_mont_inv_order_8(kInv, k, tmp);
-        sp_256_norm_8(kInv);
-
-        /* s = r * x + e */
-            sp_256_mul_8(x, x, r);
-        err = sp_256_mod_8(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_8(x);
-        carry = sp_256_add_8(s, e, x);
-        sp_256_cond_sub_8(s, s, p256_order, 0 - carry);
-        sp_256_norm_8(s);
-        c = sp_256_cmp_8(s, p256_order);
-        sp_256_cond_sub_8(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(s);
-
-        /* s = s * k^-1 mod order */
-            sp_256_mont_mul_order_8(s, s, kInv);
-        sp_256_norm_8(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 8);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 8;
-        k = e + 4 * 8;
-        r = e + 6 * 8;
-        tmp = e + 8 * 8;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_8(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 8, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_256_ecc_mulmod_base_8(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 8U);
-            sp_256_norm_8(r);
-            c = sp_256_cmp_8(r, p256_order);
-            sp_256_cond_sub_8(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_8(r);
-
-            if (!sp_256_iszero_8(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 8, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 8, hash, (int)hashLen);
-
-                err = sp_256_calc_s_8(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_8(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 8, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-        sp_256_mont_inv_order_8_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*8];
-    sp_digit x[2*8];
-    sp_digit k[2*8];
-    sp_digit r[2*8];
-    sp_digit tmp[3 * 2*8];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_8(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 8, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 8U);
-        sp_256_norm_8(ctx->r);
-        c = sp_256_cmp_8(ctx->r, p256_order);
-        sp_256_cond_sub_8(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 8, priv);
-        sp_256_from_bin(ctx->e, 8, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_8(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_8(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_8(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_8_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_8(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_8(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_8(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_256_norm_8(ctx->x);
-        carry = sp_256_add_8(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_8(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_8(ctx->s);
-        c = sp_256_cmp_8(ctx->s, p256_order);
-        sp_256_cond_sub_8(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_8(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_8(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_8(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 8U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #32\n\t"
-        "\n"
-    "L_sp_256_sub_8_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_256_sub_8_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12", "lr"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r,
-    const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r2, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-#else
-        "ldrd	r2, r3, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #24]\n\t"
-#endif
-        "lsr	r6, r2, #1\n\t"
-        "lsr	r7, r3, #1\n\t"
-        "lsr	r8, r4, #1\n\t"
-        "lsr	r9, r5, #1\n\t"
-        "orr	r6, r6, r3, lsl #31\n\t"
-        "orr	r7, r7, r4, lsl #31\n\t"
-        "orr	r8, r8, r5, lsl #31\n\t"
-        "orr	r9, r9, r12, lsl #31\n\t"
-        "mov	r12, r2\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r6, [%[r], #16]\n\t"
-        "str	r7, [%[r], #20]\n\t"
-#else
-        "strd	r6, r7, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [%[r], #24]\n\t"
-        "str	r9, [%[r], #28]\n\t"
-#else
-        "strd	r8, r9, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldm	r1, {r2, r3}\n\t"
-#else
-        "ldrd	r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #8]\n\t"
-#endif
-        "lsr	r6, r2, #1\n\t"
-        "lsr	r7, r3, #1\n\t"
-        "lsr	r8, r4, #1\n\t"
-        "lsr	r9, r5, #1\n\t"
-        "orr	r6, r6, r3, lsl #31\n\t"
-        "orr	r7, r7, r4, lsl #31\n\t"
-        "orr	r8, r8, r5, lsl #31\n\t"
-        "orr	r9, r9, r12, lsl #31\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "stm	r0, {r6, r7}\n\t"
-#else
-        "strd	r6, r7, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [%[r], #8]\n\t"
-        "str	r9, [%[r], #12]\n\t"
-#else
-        "strd	r8, r9, [%[r], #8]\n\t"
-#endif
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr", "r10"
-    );
-}
-
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "ands	r3, r4, #1\n\t"
-        "beq	L_sp_256_div2_mod_8_even_%=\n\t"
-        "ldm	%[a]!, {r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "adc	r3, r12, r12\n\t"
-        "b	L_sp_256_div2_mod_8_div2_%=\n\t"
-        "\n"
-    "L_sp_256_div2_mod_8_even_%=: \n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #12]\n\t"
-        "ldr	r5, [%[a], #16]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #12]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #20]\n\t"
-#endif
-        "\n"
-    "L_sp_256_div2_mod_8_div2_%=: \n\t"
-        "lsr	r8, r4, #1\n\t"
-        "and	r4, r4, #1\n\t"
-        "lsr	r9, r5, #1\n\t"
-        "lsr	r10, r6, #1\n\t"
-        "lsr	r11, r7, #1\n\t"
-        "orr	r8, r8, r5, lsl #31\n\t"
-        "orr	r9, r9, r6, lsl #31\n\t"
-        "orr	r10, r10, r7, lsl #31\n\t"
-        "orr	r11, r11, r3, lsl #31\n\t"
-        "mov	r3, r4\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "lsr	r8, r4, #1\n\t"
-        "lsr	r9, r5, #1\n\t"
-        "lsr	r10, r6, #1\n\t"
-        "lsr	r11, r7, #1\n\t"
-        "orr	r8, r8, r5, lsl #31\n\t"
-        "orr	r9, r9, r6, lsl #31\n\t"
-        "orr	r10, r10, r7, lsl #31\n\t"
-        "orr	r11, r11, r3, lsl #31\n\t"
-        "stm	%[r], {r8, r9, r10, r11}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-static const byte L_sp_256_num_bits_8_table[] = {
-    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
-    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-};
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register byte* L_sp_256_num_bits_8_table_c asm ("r1") =
-        (byte*)&L_sp_256_num_bits_8_table;
-#else
-    register byte* L_sp_256_num_bits_8_table_c =
-        (byte*)&L_sp_256_num_bits_8_table;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, %[L_sp_256_num_bits_8_table]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_7_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_7_3_%=\n\t"
-        "mov	r2, #0xf8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_7_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_7_2_%=\n\t"
-        "mov	r2, #0xf0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_7_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_7_1_%=\n\t"
-        "mov	r2, #0xe8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_7_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xe0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_7_%=: \n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_6_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_6_3_%=\n\t"
-        "mov	r2, #0xd8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_6_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_6_2_%=\n\t"
-        "mov	r2, #0xd0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_6_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_6_1_%=\n\t"
-        "mov	r2, #0xc8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_6_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xc0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_6_%=: \n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_5_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_5_3_%=\n\t"
-        "mov	r2, #0xb8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_5_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_5_2_%=\n\t"
-        "mov	r2, #0xb0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_5_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_5_1_%=\n\t"
-        "mov	r2, #0xa8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_5_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xa0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_5_%=: \n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_4_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_4_3_%=\n\t"
-        "mov	r2, #0x98\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_4_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_4_2_%=\n\t"
-        "mov	r2, #0x90\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_4_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_4_1_%=\n\t"
-        "mov	r2, #0x88\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_4_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x80\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_4_%=: \n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_3_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_3_3_%=\n\t"
-        "mov	r2, #0x78\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_3_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_3_2_%=\n\t"
-        "mov	r2, #0x70\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_3_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_3_1_%=\n\t"
-        "mov	r2, #0x68\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_3_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x60\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_3_%=: \n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_2_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_2_3_%=\n\t"
-        "mov	r2, #0x58\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_2_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_2_2_%=\n\t"
-        "mov	r2, #0x50\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_2_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_2_1_%=\n\t"
-        "mov	r2, #0x48\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_2_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x40\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_2_%=: \n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_1_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_1_3_%=\n\t"
-        "mov	r2, #56\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_1_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_1_2_%=\n\t"
-        "mov	r2, #48\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_1_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_1_1_%=\n\t"
-        "mov	r2, #40\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_1_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #32\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_1_%=: \n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_0_3_%=\n\t"
-        "mov	r2, #24\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_0_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_0_2_%=\n\t"
-        "mov	r2, #16\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_0_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_0_1_%=\n\t"
-        "mov	r2, #8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_0_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_9_%=: \n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a),
-          [L_sp_256_num_bits_8_table] "+r" (L_sp_256_num_bits_8_table_c)
-        :
-#else
-        :
-        : [a] "r" (a),
-          [L_sp_256_num_bits_8_table] "r" (L_sp_256_num_bits_8_table_c)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r1, [%[a], #28]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_7_%=\n\t"
-        "mov	r2, #0x100\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_7_%=: \n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_6_%=\n\t"
-        "mov	r2, #0xe0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_6_%=: \n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_5_%=\n\t"
-        "mov	r2, #0xc0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_5_%=: \n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_4_%=\n\t"
-        "mov	r2, #0xa0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_4_%=: \n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_3_%=\n\t"
-        "mov	r2, #0x80\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_3_%=: \n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_2_%=\n\t"
-        "mov	r2, #0x60\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_2_%=: \n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_256_num_bits_8_1_%=\n\t"
-        "mov	r2, #0x40\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_1_%=: \n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "mov	r2, #32\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_9_%=: \n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r12", "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[8];
-    sp_digit v[8];
-    sp_digit b[8];
-    sp_digit d[8];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_256_num_bits_8(u);
-    vt = sp_256_num_bits_8(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_256_rshift1_8(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_256_rshift1_8(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_256_rshift1_8(v, v);
-            sp_256_div2_mod_8(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
-            sp_256_sub_8(u, u, v);
-            o = sp_256_sub_8(b, b, d);
-            if (o != 0)
-                sp_256_add_8(b, b, m);
-            ut = sp_256_num_bits_8(u);
-
-            do {
-                sp_256_rshift1_8(u, u);
-                sp_256_div2_mod_8(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_256_sub_8(v, v, u);
-            o = sp_256_sub_8(d, d, b);
-            if (o != 0)
-                sp_256_add_8(d, d, m);
-            vt = sp_256_num_bits_8(v);
-
-            do {
-                sp_256_rshift1_8(v, v);
-                sp_256_div2_mod_8(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-
-        sp_256_proj_point_add_8(p1, p1, p2, tmp);
-    if (sp_256_iszero_8(p1->z)) {
-        if (sp_256_iszero_8(p1->x) && sp_256_iszero_8(p1->y)) {
-                sp_256_proj_point_dbl_8(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_256_mod_inv_8(s, s, p256_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_256_mul_8(s, s, p256_norm_order);
-        err = sp_256_mod_8(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_8(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_256_mont_inv_order_8(s, s, tmp);
-            sp_256_mont_mul_order_8(u1, u1, s);
-            sp_256_mont_mul_order_8(u2, u2, s);
-        }
-#else
-        {
-            sp_256_mont_mul_order_8(u1, u1, s);
-            sp_256_mont_mul_order_8(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_256_ecc_mulmod_base_8(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_8(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_8(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_8(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 8);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 8;
-        s   = u1 + 4 * 8;
-        tmp = u1 + 6 * 8;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 8, hash, (int)hashLen);
-        sp_256_from_mp(u2, 8, rm);
-        sp_256_from_mp(s, 8, sm);
-        sp_256_from_mp(p2->x, 8, pX);
-        sp_256_from_mp(p2->y, 8, pY);
-        sp_256_from_mp(p2->z, 8, pZ);
-
-        err = sp_256_calc_vfy_point_8(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 8, rm);
-        err = sp_256_mod_mul_norm_8(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_256_mont_sqr_8(p1->z, p1->z, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_8(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_8(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 8, rm);
-            carry = sp_256_add_8(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_8(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_8(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_8(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_256_mont_mul_8(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_8(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-        sp_256_mont_inv_order_8_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_8_ctx dbl_ctx;
-        sp_256_proj_point_add_8_ctx add_ctx;
-    };
-    sp_digit u1[2*8];
-    sp_digit u2[2*8];
-    sp_digit s[2*8];
-    sp_digit tmp[2*8 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 8, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 8, rm);
-        sp_256_from_mp(ctx->s, 8, sm);
-        sp_256_from_mp(ctx->p2.x, 8, pX);
-        sp_256_from_mp(ctx->p2.y, 8, pY);
-        sp_256_from_mp(ctx->p2.z, 8, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_8(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_8(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_8(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_8_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_8(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_8(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_8(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_8(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_8_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 8, rm);
-        err = sp_256_mod_mul_norm_8(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_8(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_8(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_8(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 8, rm);
-            carry = sp_256_add_8(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_8(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_8(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_8(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_8(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_8(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_8(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 8 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 8 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 8;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_8(t1, point->y);
-        (void)sp_256_mod_8(t1, t1, p256_mod);
-        sp_256_sqr_8(t2, point->x);
-        (void)sp_256_mod_8(t2, t2, p256_mod);
-        sp_256_mul_8(t2, t2, point->x);
-        (void)sp_256_mod_8(t2, t2, p256_mod);
-        sp_256_mont_sub_8(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_8(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 8, pX);
-        sp_256_from_mp(pub->y, 8, pY);
-        sp_256_from_bin(pub->z, 8, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_8(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 8);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 8, pX);
-        sp_256_from_mp(pub->y, 8, pY);
-        sp_256_from_bin(pub->z, 8, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 8, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_8(pub->x) != 0) &&
-            (sp_256_iszero_8(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_8(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_8(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_8(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_256_ecc_mulmod_8(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_8(p->x) == 0) ||
-                             (sp_256_iszero_8(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_8(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_8(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        sp_256_from_mp(q->x, 8, qX);
-        sp_256_from_mp(q->y, 8, qY);
-        sp_256_from_mp(q->z, 8, qZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-        q->infinity = sp_256_iszero_8(q->x) &
-                      sp_256_iszero_8(q->y);
-
-            sp_256_proj_point_add_8(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-
-            sp_256_proj_point_dbl_8(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-
-            sp_256_map_8(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_8(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 8);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 8;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_8(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_8(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_8(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_8(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_8(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_8(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_8(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_8(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_8(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_8(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 8);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 8;
-
-        sp_256_from_mp(x, 8, xm);
-        err = sp_256_mod_mul_norm_8(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_8(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_8(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_8(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_8(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_8(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 8, 0, 8U * sizeof(sp_digit));
-        sp_256_mont_reduce_8(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_8(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 12];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 12];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 12];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[12] = {
-    0xffffffff,0x00000000,0x00000000,0xffffffff,0xfffffffe,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[12] = {
-    0x00000001,0xffffffff,0xffffffff,0x00000000,0x00000001,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[12] = {
-    0xccc52973,0xecec196a,0x48b0a77a,0x581a0db2,0xf4372ddf,0xc7634d81,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[12] = {
-    0xccc52971,0xecec196a,0x48b0a77a,0x581a0db2,0xf4372ddf,0xc7634d81,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[12] = {
-    0x333ad68d,0x1313e695,0xb74f5885,0xa7e5f24d,0x0bc8d220,0x389cb27e,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0xe88fdc45;
-#endif
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x72760ab7,0x3a545e38,0xbf55296c,0x5502f25d,0x82542a38,0x59f741e0,
-        0x8ba79b98,0x6e1d3b62,0xf320ad74,0x8eb1c71e,0xbe8b0537,0xaa87ca22,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x90ea0e5f,0x7a431d7c,0x1d7e819d,0x0a60b1ce,0xb5f0b8c0,0xe9da3113,
-        0x289a147c,0xf8f41dbd,0x9292dc29,0x5d9e98bf,0x96262c6f,0x3617de4a,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[12] = {
-    0xd3ec2aef,0x2a85c8ed,0x8a2ed19d,0xc656398d,0x5013875a,0x0314088f,
-    0xfe814112,0x181d9c6e,0xe3f82d19,0x988e056b,0xe23ee7e4,0xb3312fa7
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x60\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_384_mul_12_outer_%=: \n\t"
-        "subs	r3, r5, #44\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_384_mul_12_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_384_mul_12_inner_done_%=\n\t"
-        "blt	L_sp_384_mul_12_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_384_mul_12_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x54\n\t"
-        "ble	L_sp_384_mul_12_outer_%=\n\t"
-        "ldr	lr, [%[a], #44]\n\t"
-        "ldr	r11, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_384_mul_12_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_384_mul_12_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #48\n\t"
-        /* A[0] * B[0] */
-        "ldr	r11, [%[a]]\n\t"
-        "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r3, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-#else
-        "umull	r3, r4, r11, r12\n\t"
-        "mov	r5, #0\n\t"
-#endif
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[0] */
-        "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[1] */
-        "ldr	r11, [%[a], #4]\n\t"
-        "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[2] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[1] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[0] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[1] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[2] */
-        "ldr	r11, [%[a], #8]\n\t"
-        "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[3] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[4] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[4] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[2] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[1] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[0] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[1] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[2] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[3] */
-        "ldr	r11, [%[a], #12]\n\t"
-        "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[4] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[5] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[0] * B[6] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[6] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[5] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[3] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[2] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[1] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[0] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[1] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[2] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[3] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[4] */
-        "ldr	r11, [%[a], #16]\n\t"
-        "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[5] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[6] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[7] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[8] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[8] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[7] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[6] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[4] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[3] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[2] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[1] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[0] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[1] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[2] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[3] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[4] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[5] */
-        "ldr	r11, [%[a], #20]\n\t"
-        "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[6] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[7] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[8] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[9] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[10] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[10] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[9] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[8] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[7] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[5] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[4] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[3] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[2] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[1] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[0] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #44]\n\t"
-        /* A[11] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[2] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[3] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[4] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[5] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[6] */
-        "ldr	r11, [%[a], #24]\n\t"
-        "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[7] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[8] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[9] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[10] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[11] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #48]\n\t"
-        /* A[2] * B[11] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[10] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[9] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[8] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[6] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[5] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[4] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[3] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[2] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #52]\n\t"
-        /* A[11] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[4] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[5] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[6] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[7] */
-        "ldr	r11, [%[a], #28]\n\t"
-        "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[8] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[9] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[10] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[11] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #56]\n\t"
-        /* A[4] * B[11] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[10] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[9] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[8] */
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[7] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[6] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[5] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[4] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #60]\n\t"
-        /* A[11] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[6] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[7] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[8] */
-        "ldr	r11, [%[a], #32]\n\t"
-        "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[9] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[10] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[11] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        /* A[6] * B[11] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[10] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[8] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[7] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[6] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #68]\n\t"
-        /* A[11] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[8] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[9] */
-        "ldr	r11, [%[a], #36]\n\t"
-        "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[10] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[11] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #72]\n\t"
-        /* A[8] * B[11] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[10] */
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[9] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[8] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #76]\n\t"
-        /* A[11] * B[9] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[10] */
-        "ldr	r11, [%[a], #40]\n\t"
-        "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[11] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #80]\n\t"
-        /* A[10] * B[11] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[10] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #84]\n\t"
-        /* A[11] * B[11] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, r8, r9\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x60\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_384_sqr_12_outer_%=: \n\t"
-        "subs	r3, r5, #44\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_384_sqr_12_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_384_sqr_12_inner_done_%=\n\t"
-        "blt	L_sp_384_sqr_12_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_384_sqr_12_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x54\n\t"
-        "ble	L_sp_384_sqr_12_outer_%=\n\t"
-        "ldr	lr, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_384_sqr_12_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_384_sqr_12_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #48\n\t"
-        /* A[0] * A[0] */
-        "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r2, r10, #16\n\t"
-        "lsr	r2, r2, #16\n\t"
-        "mul	r8, r2, r2\n\t"
-        "mul	r3, r9, r9\n\t"
-        "mul	r2, r9, r2\n\t"
-        "lsr	r9, r2, #15\n\t"
-        "lsl	r2, r2, #17\n\t"
-        "adds	r8, r8, r2\n\t"
-        "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r3, r10, r10\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[1] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[2] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #44]\n\t"
-        /* A[1] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[2] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        /* A[2] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[3] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        /* A[3] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[4] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        /* A[4] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[5] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        /* A[5] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[6] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        /* A[6] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[7] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        /* A[7] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [%[r], #72]\n\t"
-        /* A[8] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[9] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [%[r], #76]\n\t"
-        /* A[9] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        /* A[10] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [%[r], #84]\n\t"
-        /* A[11] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adc	r4, r4, r9\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adc	r4, r4, r9\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adc	r4, r4, r9\n\t"
-#endif
-        "str	r3, [%[r], #88]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #48\n\t"
-        "\n"
-    "L_sp_384_add_12_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_384_add_12_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 12);
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + (int64_t)a[0] + (int64_t)a[8] + (int64_t)a[9] - (int64_t)a[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - (int64_t)a[0] + (int64_t)a[1] - (int64_t)a[8] + (int64_t)a[10] + (int64_t)a[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - (int64_t)a[1] + (int64_t)a[2] - (int64_t)a[9] + (int64_t)a[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + (int64_t)a[0] - (int64_t)a[2] + (int64_t)a[3] + (int64_t)a[8] + (int64_t)a[9] - (int64_t)a[10] - (int64_t)a[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + (int64_t)a[0] + (int64_t)a[1] - (int64_t)a[3] + (int64_t)a[4] + (int64_t)a[8] + 2 * (int64_t)a[9] + (int64_t)a[10] -  2 * (int64_t)a[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + (int64_t)a[1] + (int64_t)a[2] - (int64_t)a[4] + (int64_t)a[5] + (int64_t)a[9] + 2 * (int64_t)a[10] + (int64_t)a[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + (int64_t)a[2] + (int64_t)a[3] - (int64_t)a[5] + (int64_t)a[6] + (int64_t)a[10] + 2 * (int64_t)a[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + (int64_t)a[3] + (int64_t)a[4] - (int64_t)a[6] + (int64_t)a[7] + (int64_t)a[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + (int64_t)a[4] + (int64_t)a[5] - (int64_t)a[7] + (int64_t)a[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + (int64_t)a[5] + (int64_t)a[6] - (int64_t)a[8] + (int64_t)a[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + (int64_t)a[6] + (int64_t)a[7] - (int64_t)a[9] + (int64_t)a[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + (int64_t)a[7] + (int64_t)a[8] - (int64_t)a[10] + (int64_t)a[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = (sp_digit)t[0];
-        r[1] = (sp_digit)t[1];
-        r[2] = (sp_digit)t[2];
-        r[3] = (sp_digit)t[3];
-        r[4] = (sp_digit)t[4];
-        r[5] = (sp_digit)t[5];
-        r[6] = (sp_digit)t[6];
-        r[7] = (sp_digit)t[7];
-        r[8] = (sp_digit)t[8];
-        r[9] = (sp_digit)t[9];
-        r[10] = (sp_digit)t[10];
-        r[11] = (sp_digit)t[11];
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_12(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 12, pm->x);
-    sp_384_from_mp(p->y, 12, pm->y);
-    sp_384_from_mp(p->z, 12, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 12);
-        r->used = 12;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 12; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 12; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_384_cond_sub_12_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #48\n\t"
-        "blt	L_sp_384_cond_sub_12_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#define sp_384_mont_reduce_order_12   sp_384_mont_reduce_12
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_384_mont_reduce_12_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #44]\n\t"
-#else
-        "ldr	r7, [%[m], #44]\n\t"
-#endif
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #48\n\t"
-        "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_384_mont_reduce_12_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #48\n\t"
-        "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_384_mont_reduce_12_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #48]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #48]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #48\n\t"
-        "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_12(r, a, b);
-    sp_384_mont_reduce_12(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_12(r, a);
-    sp_384_mont_reduce_12(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_12(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_12(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word32 p384_mod_minus_2[12] = {
-    0xfffffffdU,0x00000000U,0x00000000U,0xffffffffU,0xfffffffeU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 12);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_12(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_384_mont_mul_12(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 12);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 12;
-    sp_digit* t3 = td + 4 * 12;
-    sp_digit* t4 = td + 6 * 12;
-    sp_digit* t5 = td + 8 * 12;
-
-    /* 0x2 */
-    sp_384_mont_sqr_12(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_12(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_12(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_12(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_12(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_12(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_12(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_12(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_12(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_12(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_12(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_12(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_12(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_12(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_12(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #44\n\t"
-        "\n"
-    "L_sp_384_cmp_12_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_384_cmp_12_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_384_norm_12(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_int32 n;
-
-    sp_384_mont_inv_12(t1, p->z, t + 2*12);
-
-    sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_12(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 12, 0, sizeof(sp_digit) * 12U);
-    sp_384_mont_reduce_12(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_12(r->x, p384_mod);
-    sp_384_cond_sub_12(r->x, r->x, p384_mod, (sp_digit)~(n >> 31));
-    sp_384_norm_12(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_12(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 12, 0, sizeof(sp_digit) * 12U);
-    sp_384_mont_reduce_12(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_12(r->y, p384_mod);
-    sp_384_cond_sub_12(r->y, r->y, p384_mod, (sp_digit)~(n >> 31));
-    sp_384_norm_12(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mont_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mont_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "adc	r3, r3, #0\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "rsb	r3, r3, #0\n\t"
-        "lsr	r12, r3, #1\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "subs	r8, r8, r3\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, #0\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "sbcs	r8, r8, r12, LSL #1\n\t"
-        "sbcs	r9, r9, r3\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "sbcs	r8, r8, r3\n\t"
-        "sbcs	r9, r9, r3\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "sbc	%[b], %[b], %[b]\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "sub	r3, r3, %[b]\n\t"
-        "lsr	r12, r3, #1\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "subs	r8, r8, r3\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, #0\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "sbcs	r8, r8, r12, LSL #1\n\t"
-        "sbcs	r9, r9, r3\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "sbcs	r8, r8, r3\n\t"
-        "sbcs	r9, r9, r3\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbc	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mont_dbl_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mont_dbl_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "adc	r2, r2, #0\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "rsb	r2, r2, #0\n\t"
-        "lsr	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r3, LSL #1\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbcs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbc	%[a], %[a], %[a]\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "lsr	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r3, LSL #1\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbcs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbc	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r3"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mont_tpl_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mont_tpl_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "adc	r2, r2, #0\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "rsb	r2, r2, #0\n\t"
-        "lsr	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r3, LSL #1\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbcs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "sub	r2, r2, r12\n\t"
-        "lsr	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r3, LSL #1\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbcs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbc	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "sub	%[a], %[a], #48\n\t"
-        "mov	r2, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "adc	r2, r2, #0\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "rsb	r2, r2, #0\n\t"
-        "lsr	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r3, LSL #1\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbcs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "sub	r2, r2, r12\n\t"
-        "lsr	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r3, LSL #1\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "sbcs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
-        "sbcs	r7, r7, r2\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbc	r9, r9, r2\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #48\n\t"
-        "\n"
-    "L_sp_384_sub_12_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_384_sub_12_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12", "lr"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "\n"
-    "L_sp_384_cond_add_12_words_%=: \n\t"
-        "adds	lr, lr, #-1\n\t"
-        "ldr	r4, [%[a], r12]\n\t"
-        "ldr	r5, [%[b], r12]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "adc	lr, r6, r6\n\t"
-        "str	r4, [%[r], r12]\n\t"
-        "add	r12, r12, #4\n\t"
-        "cmp	r12, #48\n\t"
-        "blt	L_sp_384_cond_add_12_words_%=\n\t"
-        "mov	%[r], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r8, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "adc	%[r], r8, r8\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mont_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mont_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "subs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "sbcs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "sbcs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "sbc	r3, r3, #0\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "lsr	r12, r3, #1\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r12, LSL #1\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r3\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "adc	r3, r3, #0\n\t"
-        "sub	%[r], %[r], #48\n\t"
-        "lsr	r12, r3, #1\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r12, LSL #1\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r3\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adc	r11, r11, r3\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#else
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r,
-    const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3}\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_cond_add_12(r, a, m, 0 - (a[0] & 1));
-    sp_384_rshift1_12(r, r);
-    r[11] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_12(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_12(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_12(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_12(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_12(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_12(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_12(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_12(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_12(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_12(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_12(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_12(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_12(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_12(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_12(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_12_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_12_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*12;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_12(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_12(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_12(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_12(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_12(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_12(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_12(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_12(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_12(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_12(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_12(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_12(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_12(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_12(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_12(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*12;
-    sp_digit* t2 = t + 4*12;
-    sp_digit* t3 = t + 6*12;
-    sp_digit* t4 = t + 8*12;
-    sp_digit* t5 = t + 10*12;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_12(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_12(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_12(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_12(t2, t1) &
-            sp_384_cmp_equal_12(t4, t3)) {
-        sp_384_proj_point_dbl_12(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_12(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(x, x, t5, p384_mod);
-        sp_384_mont_mul_12(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_12(t3, y, p384_mod);
-        sp_384_mont_sub_12(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_12_ctx {
-    int state;
-    sp_384_proj_point_dbl_12_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_12_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_12_ctx* ctx = (sp_384_proj_point_add_12_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*12;
-        ctx->t2 = t + 4*12;
-        ctx->t3 = t + 6*12;
-        ctx->t4 = t + 8*12;
-        ctx->t5 = t + 10*12;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_12(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_12(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_12(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_12(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_12(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_12(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_12(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_12(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_12(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_12(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_12(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_12(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_12(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_12(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_12(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_12(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_12(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_12(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_12(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_12(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_12(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_12(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 384 doubles.
- * 108 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    sp_point_384* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_384, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_384, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_384_mod_mul_norm_12(t[1].x, g->x, p384_mod);
-        (void)sp_384_mod_mul_norm_12(t[1].y, g->y, p384_mod);
-        (void)sp_384_mod_mul_norm_12(t[1].z, g->z, p384_mod);
-        t[1].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_384_proj_point_add_12(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_384_proj_point_add_12(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_384_proj_point_add_12(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 10;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_16_12(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_384));
-        }
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_16_12(p, t, y);
-                p->infinity = !y;
-                sp_384_proj_point_add_12(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_384_proj_point_add_12(rt, rt, &t[y], tmp);
-            }
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 12 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_384, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_384, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*12;
-    sp_digit* b = t + 4*12;
-    sp_digit* t1 = t + 6*12;
-    sp_digit* t2 = t + 8*12;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_12(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_12(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_12(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_12(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_12(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_12(t2, b, p384_mod);
-        sp_384_mont_sub_12(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_12(t2, b, x, p384_mod);
-        sp_384_mont_dbl_12(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_12(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_12(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_12(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_12(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_12(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_12(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_12(t2, b, p384_mod);
-    sp_384_mont_sub_12(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_12(t2, b, x, p384_mod);
-    sp_384_mont_dbl_12(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_12(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_12(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_12(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_12(y, y, p384_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_12(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 12;
-    sp_digit* tmp = t + 4 * 12;
-
-    sp_384_mont_inv_12(t1, a->z, tmp);
-
-    sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_12(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[12];
-    sp_digit y[12];
-} sp_table_entry_384;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*12;
-    sp_digit* t6 = t + 4*12;
-    sp_digit* t1 = t + 6*12;
-    sp_digit* t4 = t + 8*12;
-    sp_digit* t5 = t + 10*12;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_12(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_12(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_12(p->x, t2) &
-            sp_384_cmp_equal_12(p->y, t4)) {
-        sp_384_proj_point_dbl_12(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_12(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_12(t5, t3, p384_mod);
-        sp_384_mont_sub_12(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_12(t3, t3, x, p384_mod);
-        sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 96 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_12(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_12(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_12(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_384_proj_point_dbl_n_12(t, 96, tmp);
-            sp_384_proj_to_affine_12(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_12(t, s1, s2, tmp);
-                sp_384_proj_to_affine_12(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_16_12(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^96, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 12 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 95;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 96;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_16_12(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=94; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 96;
-            }
-
-            sp_384_proj_point_dbl_12(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_16_12(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_12(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[12];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[12];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_12(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_12(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_12(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_12(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 48 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_12(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_12(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_12(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_384_proj_point_dbl_n_12(t, 48, tmp);
-            sp_384_proj_to_affine_12(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_12(t, s1, s2, tmp);
-                sp_384_proj_to_affine_12(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_256_12(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 12 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 47;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 48;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_256_12(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=46; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 48;
-            }
-
-            sp_384_proj_point_dbl_12(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_256_12(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_12(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[12];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[12];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_12(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_12(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_12(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_12(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(point, gm);
-
-            err = sp_384_ecc_mulmod_12(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 12 + 12 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12 + 12 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 12;
-
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(point, gm);
-        sp_384_point_from_ecc_point_12(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_12(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_12(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 96 between points.
- */
-static const sp_table_entry_384 p384_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x49c0b528,0x3dd07566,0xa0d6ce38,0x20e378e2,0x541b4d6e,0x879c3afc,
-        0x59a30eff,0x64548684,0x614ede2b,0x812ff723,0x299e1513,0x4d3aadc2 },
-      { 0x4b03a4fe,0x23043dad,0x7bb4a9ac,0xa1bfa8bf,0x2e83b050,0x8bade756,
-        0x68f4ffd9,0xc6c35219,0x3969a840,0xdd800226,0x5a15c5e9,0x2b78abc2 } },
-    /* 2 */
-    { { 0xf26feef9,0x24480c57,0x3a0e1240,0xc31a2694,0x273e2bc7,0x735002c3,
-        0x3ef1ed4c,0x8c42e9c5,0x7f4948e8,0x028babf6,0x8a978632,0x6a502f43 },
-      { 0xb74536fe,0xf5f13a46,0xd8a9f0eb,0x1d218bab,0x37232768,0x30f36bcc,
-        0x576e8c18,0xc5317b31,0x9bbcb766,0xef1d57a6,0xb3e3d4dc,0x917c4930 } },
-    /* 3 */
-    { { 0xe349ddd0,0x11426e2e,0x9b2fc250,0x9f117ef9,0xec0174a6,0xff36b480,
-        0x18458466,0x4f4bde76,0x05806049,0x2f2edb6d,0x19dfca92,0x8adc75d1 },
-      { 0xb7d5a7ce,0xa619d097,0xa34411e9,0x874275e5,0x0da4b4ef,0x5403e047,
-        0x77901d8f,0x2ebaafd9,0xa747170f,0x5e63ebce,0x7f9d8036,0x12a36944 } },
-    /* 4 */
-    { { 0x2f9fbe67,0x378205de,0x7f728e44,0xc4afcb83,0x682e00f1,0xdbcec06c,
-        0x114d5423,0xf2a145c3,0x7a52463e,0xa01d9874,0x7d717b0a,0xfc0935b1 },
-      { 0xd4d01f95,0x9653bc4f,0x9560ad34,0x9aa83ea8,0xaf8e3f3f,0xf77943dc,
-        0xe86fe16e,0x70774a10,0xbf9ffdcf,0x6b62e6f1,0x588745c9,0x8a72f39e } },
-    /* 5 */
-    { { 0x2341c342,0x73ade4da,0xea704422,0xdd326e54,0x3741cef3,0x336c7d98,
-        0x59e61549,0x1eafa00d,0xbd9a3efd,0xcd3ed892,0xc5c6c7e4,0x03faf26c },
-      { 0x3045f8ac,0x087e2fcf,0x174f1e73,0x14a65532,0xfe0af9a7,0x2cf84f28,
-        0x2cdc935b,0xddfd7a84,0x6929c895,0x4c0f117b,0x4c8bcfcc,0x356572d6 } },
-    /* 6 */
-    { { 0x3f3b236f,0xfab08607,0x81e221da,0x19e9d41d,0x3927b428,0xf3f6571e,
-        0x7550f1f6,0x4348a933,0xa85e62f0,0x7167b996,0x7f5452bf,0x62d43759 },
-      { 0xf2955926,0xd85feb9e,0x6df78353,0x440a561f,0x9ca36b59,0x389668ec,
-        0xa22da016,0x052bf1a1,0xf6093254,0xbdfbff72,0xe22209f3,0x94e50f28 } },
-    /* 7 */
-    { { 0x3062e8af,0x90b2e5b3,0xe8a3d369,0xa8572375,0x201db7b1,0x3fe1b00b,
-        0xee651aa2,0xe926def0,0xb9b10ad7,0x6542c9be,0xa2fcbe74,0x098e309b },
-      { 0xfff1d63f,0x779deeb3,0x20bfd374,0x23d0e80a,0x8768f797,0x8452bb3b,
-        0x1f952856,0xcf75bb4d,0x29ea3faa,0x8fe6b400,0x81373a53,0x12bd3e40 } },
-    /* 8 */
-    { { 0x16973cf4,0x070d34e1,0x7e4f34f7,0x20aee08b,0x5eb8ad29,0x269af9b9,
-        0xa6a45dda,0xdde0a036,0x63df41e0,0xa18b528e,0xa260df2a,0x03cc71b2 },
-      { 0xa06b1dd7,0x24a6770a,0x9d2675d3,0x5bfa9c11,0x96844432,0x73c1e2a1,
-        0x131a6cf0,0x3660558d,0x2ee79454,0xb0289c83,0xc6d8ddcd,0xa6aefb01 } },
-    /* 9 */
-    { { 0x01ab5245,0xba1464b4,0xc48d93ff,0x9b8d0b6d,0x93ad272c,0x939867dc,
-        0xae9fdc77,0xbebe085e,0x894ea8bd,0x73ae5103,0x39ac22e1,0x740fc89a },
-      { 0x28e23b23,0x5e28b0a3,0xe13104d0,0x2352722e,0xb0a2640d,0xf4667a18,
-        0x49bb37c3,0xac74a72e,0xe81e183a,0x79f734f0,0x3fd9c0eb,0xbffe5b6c } },
-    /* 10 */
-    { { 0x00623f3b,0x03cf2922,0x5f29ebff,0x095c7111,0x80aa6823,0x42d72247,
-        0x7458c0b0,0x044c7ba1,0x0959ec20,0xca62f7ef,0xf8ca929f,0x40ae2ab7 },
-      { 0xa927b102,0xb8c5377a,0xdc031771,0x398a86a0,0xc216a406,0x04908f9d,
-        0x918d3300,0xb423a73a,0xe0b94739,0x634b0ff1,0x2d69f697,0xe29de725 } },
-    /* 11 */
-    { { 0x8435af04,0x744d1400,0xfec192da,0x5f255b1d,0x336dc542,0x1f17dc12,
-        0x636a68a8,0x5c90c2a7,0x7704ca1e,0x960c9eb7,0x6fb3d65a,0x9de8cf1e },
-      { 0x511d3d06,0xc60fee0d,0xf9eb52c7,0x466e2313,0x206b0914,0x743c0f5f,
-        0x2191aa4d,0x42f55bac,0xffebdbc2,0xcefc7c8f,0xe6e8ed1c,0xd4fa6081 } },
-    /* 12 */
-    { { 0x98683186,0x867db639,0xddcc4ea9,0xfb5cf424,0xd4f0e7bd,0xcc9a7ffe,
-        0x7a779f7e,0x7c57f71c,0xd6b25ef2,0x90774079,0xb4081680,0x90eae903 },
-      { 0x0ee1fceb,0xdf2aae5e,0xe86c1a1f,0x3ff1da24,0xca193edf,0x80f587d6,
-        0xdc9b9d6a,0xa5695523,0x85920303,0x7b840900,0xba6dbdef,0x1efa4dfc } },
-    /* 13 */
-    { { 0xe0540015,0xfbd838f9,0xc39077dc,0x2c323946,0xad619124,0x8b1fb9e6,
-        0x0ca62ea8,0x9612440c,0x2dbe00ff,0x9ad9b52c,0xae197643,0xf52abaa1 },
-      { 0x2cac32ad,0xd0e89894,0x62a98f91,0xdfb79e42,0x276f55cb,0x65452ecf,
-        0x7ad23e12,0xdb1ac0d2,0xde4986f0,0xf68c5f6a,0x82ce327d,0x389ac37b } },
-    /* 14 */
-    { { 0xb8a9e8c9,0xcd96866d,0x5bb8091e,0xa11963b8,0x045b3cd2,0xc7f90d53,
-        0x80f36504,0x755a72b5,0x21d3751c,0x46f8b399,0x53c193de,0x4bffdc91 },
-      { 0xb89554e7,0xcd15c049,0xf7a26be6,0x353c6754,0xbd41d970,0x79602370,
-        0x12b176c0,0xde16470b,0x40c8809d,0x56ba1175,0xe435fb1e,0xe2db35c3 } },
-    /* 15 */
-    { { 0x6328e33f,0xd71e4aab,0xaf8136d1,0x5486782b,0x86d57231,0x07a4995f,
-        0x1651a968,0xf1f0a5bd,0x76803b6d,0xa5dc5b24,0x42dda935,0x5c587cbc },
-      { 0xbae8b4c0,0x2b6cdb32,0xb1331138,0x66d1598b,0x5d7e9614,0x4a23b2d2,
-        0x74a8c05d,0x93e402a6,0xda7ce82e,0x45ac94e6,0xe463d465,0xeb9f8281 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^96, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_12(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 48 between points.
- */
-static const sp_table_entry_384 p384_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x49c0b528,0x3dd07566,0xa0d6ce38,0x20e378e2,0x541b4d6e,0x879c3afc,
-        0x59a30eff,0x64548684,0x614ede2b,0x812ff723,0x299e1513,0x4d3aadc2 },
-      { 0x4b03a4fe,0x23043dad,0x7bb4a9ac,0xa1bfa8bf,0x2e83b050,0x8bade756,
-        0x68f4ffd9,0xc6c35219,0x3969a840,0xdd800226,0x5a15c5e9,0x2b78abc2 } },
-    /* 2 */
-    { { 0x2b0c535b,0x29864753,0x70506296,0x90dd6953,0x216ab9ac,0x038cd6b4,
-        0xbe12d76a,0x3df9b7b7,0x5f347bdb,0x13f4d978,0x13e94489,0x222c5c9c },
-      { 0x2680dc64,0x5f8e796f,0x58352417,0x120e7cb7,0xd10740b8,0x254b5d8a,
-        0x5337dee6,0xc38b8efb,0x94f02247,0xf688c2e1,0x6c25bc4c,0x7b5c75f3 } },
-    /* 3 */
-    { { 0x9edffea5,0xe26a3cc3,0x37d7e9fc,0x35bbfd1c,0x9bde3ef6,0xf0e7700d,
-        0x1a538f5a,0x0380eb47,0x05bf9eb3,0x2e9da8bb,0x1a460c3e,0xdbb93c73 },
-      { 0xf526b605,0x37dba260,0xfd785537,0x95d4978e,0xed72a04a,0x24ed793a,
-        0x76005b1a,0x26948377,0x9e681f82,0x99f557b9,0xd64954ef,0xae5f9557 } },
-    /* 4 */
-    { { 0xf26feef9,0x24480c57,0x3a0e1240,0xc31a2694,0x273e2bc7,0x735002c3,
-        0x3ef1ed4c,0x8c42e9c5,0x7f4948e8,0x028babf6,0x8a978632,0x6a502f43 },
-      { 0xb74536fe,0xf5f13a46,0xd8a9f0eb,0x1d218bab,0x37232768,0x30f36bcc,
-        0x576e8c18,0xc5317b31,0x9bbcb766,0xef1d57a6,0xb3e3d4dc,0x917c4930 } },
-    /* 5 */
-    { { 0xe349ddd0,0x11426e2e,0x9b2fc250,0x9f117ef9,0xec0174a6,0xff36b480,
-        0x18458466,0x4f4bde76,0x05806049,0x2f2edb6d,0x19dfca92,0x8adc75d1 },
-      { 0xb7d5a7ce,0xa619d097,0xa34411e9,0x874275e5,0x0da4b4ef,0x5403e047,
-        0x77901d8f,0x2ebaafd9,0xa747170f,0x5e63ebce,0x7f9d8036,0x12a36944 } },
-    /* 6 */
-    { { 0x4fc52870,0x28f9c07a,0x1a53a961,0xce0b3748,0x0e1828d9,0xd550fa18,
-        0x6adb225a,0xa24abaf7,0x6e58a348,0xd11ed0a5,0x948acb62,0xf3d811e6 },
-      { 0x4c61ed22,0x8618dd77,0x80b47c9d,0x0bb747f9,0xde6b8559,0x22bf796f,
-        0x680a21e9,0xfdfd1c6d,0x2af2c9dd,0xc0db1577,0xc1e90f3d,0xa09379e6 } },
-    /* 7 */
-    { { 0xe085c629,0x386c66ef,0x095bc89a,0x5fc2a461,0x203f4b41,0x1353d631,
-        0x7e4bd8f5,0x7ca1972b,0xa7df8ce9,0xb077380a,0xee7e4ea3,0xd8a90389 },
-      { 0xe7b14461,0x1bc74dc7,0x0c9c4f78,0xdc2cb014,0x84ef0a10,0x52b4b3a6,
-        0x20327fe2,0xbde6ea5d,0x660f9615,0xb71ec435,0xb8ad8173,0xeede5a04 } },
-    /* 8 */
-    { { 0x893b9a2d,0x5584cbb3,0x00850c5d,0x820c660b,0x7df2d43d,0x4126d826,
-        0x0109e801,0xdd5bbbf0,0x38172f1c,0x85b92ee3,0xf31430d9,0x609d4f93 },
-      { 0xeadaf9d6,0x1e059a07,0x0f125fb0,0x70e6536c,0x560f20e7,0xd6220751,
-        0x7aaf3a9a,0xa59489ae,0x64bae14e,0x7b70e2f6,0x76d08249,0x0dd03701 } },
-    /* 9 */
-    { { 0x8510521f,0x4cc13be8,0xf724cc17,0x87315ba9,0x353dc263,0xb49d83bb,
-        0x0c279257,0x8b677efe,0xc93c9537,0x510a1c1c,0xa4702c99,0x33e30cd8 },
-      { 0x2208353f,0xf0ffc89d,0xced42b2b,0x0170fa8d,0x26e2a5f5,0x090851ed,
-        0xecb52c96,0x81276455,0x7fe1adf4,0x0646c4e1,0xb0868eab,0x513f047e } },
-    /* 10 */
-    { { 0xdf5bdf53,0xc07611f4,0x58b11a6d,0x45d331a7,0x1c4ee394,0x58965daf,
-        0x5a5878d1,0xba8bebe7,0x82dd3025,0xaecc0a18,0xa923eb8b,0xcf2a3899 },
-      { 0xd24fd048,0xf98c9281,0x8bbb025d,0x841bfb59,0xc9ab9d53,0xb8ddf8ce,
-        0x7fef044e,0x538a4cb6,0x23236662,0x092ac21f,0x0b66f065,0xa919d385 } },
-    /* 11 */
-    { { 0x85d480d8,0x3db03b40,0x1b287a7d,0x8cd9f479,0x4a8f3bae,0x8f24dc75,
-        0x3db41892,0x482eb800,0x9c56e0f5,0x38bf9eb3,0x9a91dc6f,0x8b977320 },
-      { 0x7209cfc2,0xa31b05b2,0x05b2db70,0x4c49bf85,0xd619527b,0x56462498,
-        0x1fac51ba,0x3fe51039,0xab4b8342,0xfb04f55e,0x04c6eabf,0xc07c10dc } },
-    /* 12 */
-    { { 0xdb32f048,0xad22fe4c,0x475ed6df,0x5f23bf91,0xaa66b6cb,0xa50ce0c0,
-        0xf03405c0,0xdf627a89,0xf95e2d6a,0x3674837d,0xba42e64e,0x081c95b6 },
-      { 0xe71d6ceb,0xeba3e036,0x6c6b0271,0xb45bcccf,0x0684701d,0x67b47e63,
-        0xe712523f,0x60f8f942,0x5cd47adc,0x82423472,0x87649cbb,0x83027d79 } },
-    /* 13 */
-    { { 0x3615b0b8,0xb3929ea6,0xa54dac41,0xb41441fd,0xb5b6a368,0x8995d556,
-        0x167ef05e,0xa80d4529,0x6d25a27f,0xf6bcb4a1,0x7bd55b68,0x210d6a4c },
-      { 0x25351130,0xf3804abb,0x903e37eb,0x1d2df699,0x084c25c8,0x5f201efc,
-        0xa1c68e91,0x31a28c87,0x563f62a5,0x81dad253,0xd6c415d4,0x5dd6de70 } },
-    /* 14 */
-    { { 0x846612ce,0x29f470fd,0xda18d997,0x986f3eec,0x2f34af86,0x6b84c161,
-        0x46ddaf8b,0x5ef0a408,0xe49e795f,0x14405a00,0xaa2f7a37,0x5f491b16 },
-      { 0xdb41b38d,0xc7f07ae4,0x18fbfcaa,0xef7d119e,0x14443b19,0x3a18e076,
-        0x79a19926,0x4356841a,0xe2226fbe,0x91f4a91c,0x3cc88721,0xdc77248c } },
-    /* 15 */
-    { { 0xe4b1ec9d,0xd570ff1a,0xe7eef706,0x21d23e0e,0xca19e086,0x3cde40f4,
-        0xcd4bb270,0x7d6523c4,0xbf13aa6c,0x16c1f06c,0xd14c4b60,0x5aa7245a },
-      { 0x44b74de8,0x37f81467,0x620a934e,0x839e7a17,0xde8b1aa1,0xf74d14e8,
-        0xf30d75e2,0x8789fa51,0xc81c261e,0x09b24052,0x33c565ee,0x654e2678 } },
-    /* 16 */
-    { { 0x2f9fbe67,0x378205de,0x7f728e44,0xc4afcb83,0x682e00f1,0xdbcec06c,
-        0x114d5423,0xf2a145c3,0x7a52463e,0xa01d9874,0x7d717b0a,0xfc0935b1 },
-      { 0xd4d01f95,0x9653bc4f,0x9560ad34,0x9aa83ea8,0xaf8e3f3f,0xf77943dc,
-        0xe86fe16e,0x70774a10,0xbf9ffdcf,0x6b62e6f1,0x588745c9,0x8a72f39e } },
-    /* 17 */
-    { { 0x2341c342,0x73ade4da,0xea704422,0xdd326e54,0x3741cef3,0x336c7d98,
-        0x59e61549,0x1eafa00d,0xbd9a3efd,0xcd3ed892,0xc5c6c7e4,0x03faf26c },
-      { 0x3045f8ac,0x087e2fcf,0x174f1e73,0x14a65532,0xfe0af9a7,0x2cf84f28,
-        0x2cdc935b,0xddfd7a84,0x6929c895,0x4c0f117b,0x4c8bcfcc,0x356572d6 } },
-    /* 18 */
-    { { 0x7d8c1bba,0x7ecbac01,0x90b0f3d5,0x6058f9c3,0xf6197d0f,0xaee116e3,
-        0x4033b128,0xc4dd7068,0xc209b983,0xf084dba6,0x831dbc4a,0x97c7c2cf },
-      { 0xf96010e8,0x2f4e61dd,0x529faa17,0xd97e4e20,0x69d37f20,0x4ee66660,
-        0x3d366d72,0xccc139ed,0x13488e0f,0x690b6ee2,0xf3a6d533,0x7cad1dc5 } },
-    /* 19 */
-    { { 0xda57a41f,0x660a9a81,0xec0039b6,0xe74a0412,0x5e1dad15,0x42343c6b,
-        0x46681d4c,0x284f3ff5,0x63749e89,0xb51087f1,0x6f9f2f13,0x070f23cc },
-      { 0x5d186e14,0x542211da,0xfddb0dff,0x84748f37,0xdb1f4180,0x41a3aab4,
-        0xa6402d0e,0x25ed667b,0x02f58355,0x2f2924a9,0xfa44a689,0x5844ee7c } },
-    /* 20 */
-    { { 0x3f3b236f,0xfab08607,0x81e221da,0x19e9d41d,0x3927b428,0xf3f6571e,
-        0x7550f1f6,0x4348a933,0xa85e62f0,0x7167b996,0x7f5452bf,0x62d43759 },
-      { 0xf2955926,0xd85feb9e,0x6df78353,0x440a561f,0x9ca36b59,0x389668ec,
-        0xa22da016,0x052bf1a1,0xf6093254,0xbdfbff72,0xe22209f3,0x94e50f28 } },
-    /* 21 */
-    { { 0x3062e8af,0x90b2e5b3,0xe8a3d369,0xa8572375,0x201db7b1,0x3fe1b00b,
-        0xee651aa2,0xe926def0,0xb9b10ad7,0x6542c9be,0xa2fcbe74,0x098e309b },
-      { 0xfff1d63f,0x779deeb3,0x20bfd374,0x23d0e80a,0x8768f797,0x8452bb3b,
-        0x1f952856,0xcf75bb4d,0x29ea3faa,0x8fe6b400,0x81373a53,0x12bd3e40 } },
-    /* 22 */
-    { { 0x104cbba5,0xc023780d,0xfa35dd4c,0x6207e747,0x1ca9b6a3,0x35c23928,
-        0x97987b10,0x4ff19be8,0x8022eee8,0xb8476bbf,0xd3bbe74d,0xaa0a4a14 },
-      { 0x187d4543,0x20f94331,0x79f6e066,0x32153870,0xac7e82e1,0x83b0f74e,
-        0x828f06ab,0xa7748ba2,0xc26ef35f,0xc5f0298a,0x8e9a7dbd,0x0f0c5070 } },
-    /* 23 */
-    { { 0xdef029dd,0x0c5c244c,0x850661b8,0x3dabc687,0xfe11d981,0x9992b865,
-        0x6274dbad,0xe9801b8f,0x098da242,0xe54e6319,0x91a53d08,0x9929a91a },
-      { 0x35285887,0x37bffd72,0xf1418102,0xbc759425,0xfd2e6e20,0x9280cc35,
-        0xfbc42ee5,0x735c600c,0x8837619a,0xb7ad2864,0xa778c57b,0xa3627231 } },
-    /* 24 */
-    { { 0x91361ed8,0xae799b5c,0x6c63366c,0x47d71b75,0x1b265a6a,0x54cdd521,
-        0x98d77b74,0xe0215a59,0xbab29db0,0x4424d9b7,0x7fd9e536,0x8b0ffacc },
-      { 0x37b5d9ef,0x46d85d12,0xbfa91747,0x5b106d62,0x5f99ba2d,0xed0479f8,
-        0x1d104de4,0x0e6f3923,0x25e8983f,0x83a84c84,0xf8105a70,0xa9507e0a } },
-    /* 25 */
-    { { 0x14cf381c,0xf6c68a6e,0xc22e31cc,0xaf9d27bd,0xaa8a5ccb,0x23568d4d,
-        0xe338e4d2,0xe431eec0,0x8f52ad1f,0xf1a828fe,0xe86acd80,0xdb6a0579 },
-      { 0x4507832a,0x2885672e,0x887e5289,0x73fc275f,0x05610d08,0x65f80278,
-        0x075ff5b0,0x8d9b4554,0x09f712b5,0x3a8e8fb1,0x2ebe9cf2,0x39f0ac86 } },
-    /* 26 */
-    { { 0x4c52edf5,0xd8fabf78,0xa589ae53,0xdcd737e5,0xd791ab17,0x94918bf0,
-        0xbcff06c9,0xb5fbd956,0xdca46d45,0xf6d3032e,0x41a3e486,0x2cdff7e1 },
-      { 0x61f47ec8,0x6674b3ba,0xeef84608,0x8a882163,0x4c687f90,0xa257c705,
-        0xf6cdf227,0xe30cb2ed,0x7f6ea846,0x2c4c64ca,0xcc6bcd3c,0x186fa17c } },
-    /* 27 */
-    { { 0x1dfcb91e,0x48a3f536,0x646d358a,0x83595e13,0x91128798,0xbd15827b,
-        0x2187757a,0x3ce612b8,0x61bd7372,0x873150a1,0xb662f568,0xf4684530 },
-      { 0x401896f6,0x8833950b,0x77f3e090,0xe11cb89a,0x48e7f4a5,0xb2f12cac,
-        0xf606677e,0x313dd769,0x16579f93,0xfdcf08b3,0x46b8f22b,0x6429cec9 } },
-    /* 28 */
-    { { 0xbb75f9a4,0x4984dd54,0x29d3b570,0x4aef06b9,0x3d6e4c1e,0xb5f84ca2,
-        0xb083ef35,0x24c61c11,0x392ca9ff,0xce4a7392,0x6730a800,0x865d6517 },
-      { 0x722b4a2b,0xca3dfe76,0x7b083e0e,0x12c04bf9,0x1b86b8a5,0x803ce5b5,
-        0x6a7e3e0c,0x3fc7632d,0xc81adbe4,0xc89970c2,0x120e16b1,0x3cbcd3ad } },
-    /* 29 */
-    { { 0xec30ce93,0xfbfb4cc7,0xb72720a2,0x10ed6c7d,0x47b55500,0xec675bf7,
-        0x333ff7c3,0x90725903,0x5075bfc0,0xc7c3973e,0x07acf31b,0xb049ecb0 },
-      { 0x4f58839c,0xb4076eaf,0xa2b05e4f,0x101896da,0xab40c66e,0x3f6033b0,
-        0xc8d864ba,0x19ee9eeb,0x47bf6d2a,0xeb6cf155,0xf826477d,0x8e5a9663 } },
-    /* 30 */
-    { { 0xf7fbd5e1,0x69e62fdd,0x76912b1d,0x38ecfe54,0xd1da3bfb,0x845a3d56,
-        0x1c86f0d4,0x0494950e,0x3bc36ce8,0x83cadbf9,0x4fccc8d1,0x41fce572 },
-      { 0x8332c144,0x05f939c2,0x0871e46e,0xb17f248b,0x66e8aff6,0x3d8534e2,
-        0x3b85c629,0x1d06f1dc,0xa3131b73,0xdb06a32e,0x8b3f64e5,0xf295184d } },
-    /* 31 */
-    { { 0x36ddc103,0xd9653ff7,0x95ef606f,0x25f43e37,0xfe06dce8,0x09e301fc,
-        0x30b6eebf,0x85af2341,0x0ff56b20,0x79b12b53,0xfe9a3c6b,0x9b4fb499 },
-      { 0x51d27ac2,0x0154f892,0x56ca5389,0xd33167e3,0xafc065a6,0x7828ec1f,
-        0x7f746c9b,0x0959a258,0x0c44f837,0xb18f1be3,0xc4132fdb,0xa7946117 } },
-    /* 32 */
-    { { 0x5e3c647b,0xc0426b77,0x8cf05348,0xbfcbd939,0x172c0d3d,0x31d312e3,
-        0xee754737,0x5f49fde6,0x6da7ee61,0x895530f0,0xe8b3a5fb,0xcf281b0a },
-      { 0x41b8a543,0xfd149735,0x3080dd30,0x41a625a7,0x653908cf,0xe2baae07,
-        0xba02a278,0xc3d01436,0x7b21b8f8,0xa0d0222e,0xd7ec1297,0xfdc270e9 } },
-    /* 33 */
-    { { 0xbc7f41d6,0x00873c0c,0x1b7ad641,0xd976113e,0x238443fb,0x2a536ff4,
-        0x41e62e45,0x030d00e2,0x5f545fc6,0x532e9867,0x8e91208c,0xcd033108 },
-      { 0x9797612c,0xd1a04c99,0xeea674e2,0xd4393e02,0xe19742a1,0xd56fa69e,
-        0x85f0590e,0xdd2ab480,0x48a2243d,0xa5cefc52,0x54383f41,0x48cc67b6 } },
-    /* 34 */
-    { { 0xfc14ab48,0x4e50430e,0x26706a74,0x195b7f4f,0xcc881ff6,0x2fe8a228,
-        0xd945013d,0xb1b968e2,0x4b92162b,0x936aa579,0x364e754a,0x4fb766b7 },
-      { 0x31e1ff7f,0x13f93bca,0xce4f2691,0x696eb5ca,0xa2b09e02,0xff754bf8,
-        0xe58e3ff8,0x58f13c9c,0x1678c0b0,0xb757346f,0xa86692b3,0xd54200db } },
-    /* 35 */
-    { { 0x6dda1265,0x9a030bbd,0xe89718dd,0xf7b4f3fc,0x936065b8,0xa6a4931f,
-        0x5f72241c,0xbce72d87,0x65775857,0x6cbb51cb,0x4e993675,0xc7161815 },
-      { 0x2ee32189,0xe81a0f79,0x277dc0b2,0xef2fab26,0xb71f469f,0x9e64f6fe,
-        0xdfdaf859,0xb448ce33,0xbe6b5df1,0x3f5c1c4c,0x1de45f7b,0xfb8dfb00 } },
-    /* 36 */
-    { { 0x4d5bb921,0xc7345fa7,0x4d2b667e,0x5c7e04be,0x282d7a3e,0x47ed3a80,
-        0x7e47b2a4,0x5c2777f8,0x08488e2e,0x89b3b100,0xb2eb5b45,0x9aad77c2 },
-      { 0xdaac34ae,0xd681bca7,0x26afb326,0x2452e4e5,0x41a1ee14,0x0c887924,
-        0xc2407ade,0x743b04d4,0xfc17a2ac,0xcb5e999b,0x4a701a06,0x4dca2f82 } },
-    /* 37 */
-    { { 0x1127bc1a,0x68e31ca6,0x17ead3be,0xa3edd59b,0xe25f5a15,0x67b6b645,
-        0xa420e15e,0x76221794,0x4b1e872e,0x794fd83b,0xb2dece1b,0x7cab3f03 },
-      { 0xca9b3586,0x7119bf15,0x4d250bd7,0xa5545924,0xcc6bcf24,0x173633ea,
-        0xb1b6f884,0x9bd308c2,0x447d38c3,0x3bae06f5,0xf341fe1c,0x54dcc135 } },
-    /* 38 */
-    { { 0x943caf0d,0x56d3598d,0x225ff133,0xce044ea9,0x563fadea,0x9edf6a7c,
-        0x73e8dc27,0x632eb944,0x3190dcab,0x814b467e,0x6dbb1e31,0x2d4f4f31 },
-      { 0xa143b7ca,0x8d69811c,0xde7cf950,0x4ec1ac32,0x37b5fe82,0x223ab5fd,
-        0x9390f1d9,0xe82616e4,0x75804610,0xabff4b20,0x875b08f0,0x11b9be15 } },
-    /* 39 */
-    { { 0x3bbe682c,0x4ae31a3d,0x74eef2dd,0xbc7c5d26,0x3c47dd40,0x92afd10a,
-        0xc14ab9e1,0xec7e0a3b,0xb2e495e4,0x6a6c3dd1,0x309bcd85,0x085ee5e9 },
-      { 0x8c2e67fd,0xf381a908,0xe261eaf2,0x32083a80,0x96deee15,0x0fcd6a49,
-        0x5e524c79,0xe3b8fb03,0x1d5b08b9,0x8dc360d9,0x7f26719f,0x3a06e2c8 } },
-    /* 40 */
-    { { 0x7237cac0,0x5cd9f5a8,0x43586794,0x93f0b59d,0xe94f6c4e,0x4384a764,
-        0xb62782d3,0x8304ed2b,0xcde06015,0x0b8db8b3,0x5dbe190f,0x4336dd53 },
-      { 0x92ab473a,0x57443553,0xbe5ed046,0x031c7275,0x21909aa4,0x3e78678c,
-        0x99202ddb,0x4ab7e04f,0x6977e635,0x2648d206,0x093198be,0xd427d184 } },
-    /* 41 */
-    { { 0x0f9b5a31,0x822848f5,0xbaadb62a,0xbb003468,0x3357559c,0x233a0472,
-        0x79aee843,0x49ef6880,0xaeb9e1e3,0xa89867a0,0x1f6f9a55,0xc151931b },
-      { 0xad74251e,0xd264eb0b,0x4abf295e,0x37b9b263,0x04960d10,0xb600921b,
-        0x4da77dc0,0x0de53dbc,0xd2b18697,0x01d9bab3,0xf7156ddf,0xad54ec7a } },
-    /* 42 */
-    { { 0x79efdc58,0x8e74dc35,0x4ff68ddb,0x456bd369,0xd32096a5,0x724e74cc,
-        0x386783d0,0xe41cff42,0x7c70d8a4,0xa04c7f21,0xe61a19a2,0x41199d2f },
-      { 0x29c05dd2,0xd389a3e0,0xe7e3fda9,0x535f2a6b,0x7c2b4df8,0x26ecf72d,
-        0xfe745294,0x678275f4,0x9d23f519,0x6319c9cc,0x88048fc4,0x1e05a02d } },
-    /* 43 */
-    { { 0xd4d5ffe8,0x75cc8e2e,0xdbea17f2,0xf8bb4896,0xcee3cb4a,0x35059790,
-        0xa47c6165,0x4c06ee85,0x92935d2f,0xf98fff25,0x32ffd7c7,0x34c4a572 },
-      { 0xea0376a2,0xc4b14806,0x4f115e02,0x2ea5e750,0x1e55d7c0,0x532d76e2,
-        0xf31044da,0x68dc9411,0x71b77993,0x9272e465,0x93a8cfd5,0xadaa38bb } },
-    /* 44 */
-    { { 0x7d4ed72a,0x4bf0c712,0xba1f79a3,0xda0e9264,0xf4c39ea4,0x48c0258b,
-        0x2a715138,0xa5394ed8,0xbf06c660,0x4af511ce,0xec5c37cd,0xfcebceef },
-      { 0x779ae8c1,0xf23b75aa,0xad1e606e,0xdeff59cc,0x22755c82,0xf3f526fd,
-        0xbb32cefd,0x64c5ab44,0x915bdefd,0xa96e11a2,0x1143813e,0xab19746a } },
-    /* 45 */
-    { { 0xec837d7d,0x43c78585,0xb8ee0ba4,0xca5b6fbc,0xd5dbb5ee,0x34e924d9,
-        0xbb4f1ca5,0x3f4fa104,0x398640f7,0x15458b72,0xd7f407ea,0x4231faa9 },
-      { 0xf96e6896,0x53e0661e,0xd03b0f9d,0x554e4c69,0x9c7858d1,0xd4fcb07b,
-        0x52cb04fa,0x7e952793,0x8974e7f7,0x5f5f1574,0x6b6d57c8,0x2e3fa558 } },
-    /* 46 */
-    { { 0x6a9951a8,0x42cd4803,0x42792ad0,0xa8b15b88,0xabb29a73,0x18e8bcf9,
-        0x409933e8,0xbfd9a092,0xefb88dc4,0x760a3594,0x40724458,0x14418863 },
-      { 0x99caedc7,0x162a56ee,0x91d101c9,0x8fb12ecd,0x393202da,0xea671967,
-        0xa4ccd796,0x1aac8c4a,0x1cf185a8,0x7db05036,0x8cfd095a,0x0c9f86cd } },
-    /* 47 */
-    { { 0x10b2a556,0x9a728147,0x327b70b2,0x767ca964,0x5e3799b7,0x04ed9e12,
-        0x22a3eb2a,0x6781d2dc,0x0d9450ac,0x5bd116eb,0xa7ebe08a,0xeccac1fc },
-      { 0xdc2d6e94,0xde68444f,0x35ecf21b,0x3621f429,0x29e03a2c,0x14e2d543,
-        0x7d3e7f0a,0x53e42cd5,0x73ed00b9,0xbba26c09,0xc57d2272,0x00297c39 } },
-    /* 48 */
-    { { 0xb8243a7d,0x3aaaab10,0x8fa58c5b,0x6eeef93e,0x9ae7f764,0xf866fca3,
-        0x61ab04d3,0x64105a26,0x03945d66,0xa3578d8a,0x791b848c,0xb08cd3e4 },
-      { 0x756d2411,0x45edc5f8,0xa755128c,0xd4a790d9,0x49e5f6a0,0xc2cf0963,
-        0xf649beaa,0xc66d267d,0x8467039e,0x3ce6d968,0x42f7816f,0x50046c6b } },
-    /* 49 */
-    { { 0x66425043,0x92ae1602,0xf08db890,0x1ff66afd,0x8f162ce5,0x386f5a7f,
-        0xfcf5598f,0x18d2dea0,0x1a8ca18e,0x78372b3a,0x8cd0e6f7,0xdf0d20eb },
-      { 0x75bb4045,0x7edd5e1d,0xb96d94b7,0x252a47ce,0x2c626776,0xbdb29358,
-        0x40dd1031,0x853c3943,0x7d5f47fd,0x9dc9becf,0xbae4044a,0x27c2302f } },
-    /* 50 */
-    { { 0x8f2d49ce,0x2d1d208a,0x162df0a2,0x0d91aa02,0x09a07f65,0x9c5cce87,
-        0x84339012,0xdf07238b,0x419442cd,0x5028e2c8,0x72062aba,0x2dcbd358 },
-      { 0xe4680967,0xb5fbc3cb,0x9f92d72c,0x2a7bc645,0x116c369d,0x806c76e1,
-        0x3177e8d8,0x5c50677a,0x4569df57,0x753739eb,0x36c3f40b,0x2d481ef6 } },
-    /* 51 */
-    { { 0xfea1103e,0x1a2d39fd,0x95f81b17,0xeaae5592,0xf59b264a,0xdbd0aa18,
-        0xcb592ee0,0x90c39c1a,0x9750cca3,0xdf62f80d,0xdf97cc6c,0xda4d8283 },
-      { 0x1e201067,0x0a6dd346,0x69fb1f6b,0x1531f859,0x1d60121f,0x4895e552,
-        0x4c041c91,0x0b21aab0,0xbcc1ccf8,0x9d896c46,0x3141bde7,0xd24da3b3 } },
-    /* 52 */
-    { { 0x53b0a354,0x575a0537,0x0c6ddcd8,0x392ff2f4,0x56157b94,0x0b8e8cff,
-        0x3b1b80d1,0x073e57bd,0x3fedee15,0x2a75e0f0,0xaa8e6f19,0x752380e4 },
-      { 0x6558ffe9,0x1f4e227c,0x19ec5415,0x3a348618,0xf7997085,0xab382d5e,
-        0xddc46ac2,0x5e6deaff,0xfc8d094c,0xe5144078,0xf60e37c6,0xf674fe51 } },
-    /* 53 */
-    { { 0xaf63408f,0x6fb87ae5,0xcd75a737,0xa39c36a9,0xcf4c618d,0x7833313f,
-        0xf034c88d,0xfbcd4482,0x39b35288,0x4469a761,0x66b5d9c9,0x77a711c5 },
-      { 0x944f8d65,0x4a695dc7,0x161aaba8,0xe6da5f65,0x24601669,0x8654e9c3,
-        0x28ae7491,0xbc8b93f5,0x8f5580d8,0x5f1d1e83,0xcea32cc8,0x8ccf9a1a } },
-    /* 54 */
-    { { 0x7196fee2,0x28ab110c,0x874c8945,0x75799d63,0x29aedadd,0xa2629348,
-        0x2be88ff4,0x9714cc7b,0xd58d60d6,0xf71293cf,0x32a564e9,0xda6b6cb3 },
-      { 0x3dd821c2,0xf43fddb1,0x90dd323d,0xf2f2785f,0x048489f8,0x91246419,
-        0xd24c6749,0x61660f26,0xc803c15c,0x961d9e8c,0xfaadc4c9,0x631c6158 } },
-    /* 55 */
-    { { 0xfd752366,0xacf2ebe0,0x139be88b,0xb93c340e,0x0f20179e,0x98f66485,
-        0xff1da785,0x14820254,0x4f85c16e,0x5278e276,0x7aab1913,0xa246ee45 },
-      { 0x53763b33,0x43861eb4,0x45c0bc0d,0xc49f03fc,0xad6b1ea1,0xafff16bc,
-        0x6fd49c99,0xce33908b,0xf7fde8c3,0x5c51e9bf,0xff142c5e,0x076a7a39 } },
-    /* 56 */
-    { { 0x9e338d10,0x04639dfe,0xf42b411b,0x8ee6996f,0xa875cef2,0x960461d1,
-        0x95b4d0ba,0x1057b6d6,0xa906e0bc,0x27639252,0xe1c20f8a,0x2c19f09a },
-      { 0xeef4c43d,0x5b8fc3f0,0x07a84aa9,0xe2e1b1a8,0x835d2bdb,0x5f455528,
-        0x207132dd,0x0f4aee4d,0x3907f675,0xe9f8338c,0x0e0531f0,0x7a874dc9 } },
-    /* 57 */
-    { { 0x97c27050,0x84b22d45,0x59e70bf8,0xbd0b8df7,0x79738b9b,0xb4d67405,
-        0xcd917c4f,0x47f4d5f5,0x13ce6e33,0x9099c4ce,0x521d0f8b,0x942bfd39 },
-      { 0xa43b566d,0x5028f0f6,0x21bff7de,0xaf6e8669,0xc44232cd,0x83f6f856,
-        0xf915069a,0x65680579,0xecfecb85,0xd12095a2,0xdb01ba16,0xcf7f06ae } },
-    /* 58 */
-    { { 0x8ef96c80,0x0f56e3c4,0x3ddb609c,0xd521f2b3,0x7dc1450d,0x2be94102,
-        0x02a91fe2,0x2d21a071,0x1efa37de,0x2e6f74fa,0x156c28a1,0x9a9a90b8 },
-      { 0x9dc7dfcb,0xc54ea9ea,0x2c2c1d62,0xc74e66fc,0x49d3e067,0x9f23f967,
-        0x54dd38ad,0x1c7c3a46,0x5946cee3,0xc7005884,0x45cc045d,0x89856368 } },
-    /* 59 */
-    { { 0xfce73946,0x29da7cd4,0x23168563,0x8f697db5,0xcba92ec6,0x8e235e9c,
-        0x9f91d3ea,0x55d4655f,0xaa50a6cd,0xf3689f23,0x21e6a1a0,0xdcf21c26 },
-      { 0x61b818bf,0xcffbc82e,0xda47a243,0xc74a2f96,0x8bc1a0cf,0x234e980a,
-        0x7929cb6d,0xf35fd6b5,0xefe17d6c,0x81468e12,0x58b2dafb,0xddea6ae5 } },
-    /* 60 */
-    { { 0x7e787b2e,0x294de887,0x39a9310d,0x258acc1f,0xac14265d,0x92d9714a,
-        0x708b48a0,0x18b5591c,0xe1abbf71,0x27cc6bb0,0x568307b9,0xc0581fa3 },
-      { 0xf24d4d58,0x9e0f58a3,0xe0ce2327,0xfebe9bb8,0x9d1be702,0x91fd6a41,
-        0xfacac993,0x9a7d8a45,0x9e50d66d,0xabc0a08c,0x06498201,0x02c342f7 } },
-    /* 61 */
-    { { 0x157bdbc2,0xccd71407,0xad0e1605,0x72fa89c6,0xb92a015f,0xb1d3da2b,
-        0xa0a3fe56,0x8ad9e7cd,0x24f06737,0x160edcbd,0x61275be6,0x79d4db33 },
-      { 0x5f3497c4,0xd3d31fd9,0x04192fb0,0x8cafeaee,0x13a50af3,0xe13ca745,
-        0x8c85aae5,0x18826167,0x9eb556ff,0xce06cea8,0xbdb549f3,0x2eef1995 } },
-    /* 62 */
-    { { 0x50596edc,0x8ed7d3eb,0x905243a2,0xaa359362,0xa4b6d02b,0xa212c2c2,
-        0xc4fbec68,0x611fd727,0xb84f733d,0x8a0b8ff7,0x5f0daf0e,0xd85a6b90 },
-      { 0xd4091cf7,0x60e899f5,0x2eff2768,0x4fef2b67,0x10c33964,0xc1f195cb,
-        0x93626a8f,0x8275d369,0x0d6c840a,0xc77904f4,0x7a868acd,0x88d8b7fd } },
-    /* 63 */
-    { { 0x7bd98425,0x85f23723,0xc70b154e,0xd4463992,0x96687a2e,0xcbb00ee2,
-        0xc83214fd,0x905fdbf7,0x13593684,0x2019d293,0xef51218e,0x0428c393 },
-      { 0x981e909a,0x40c7623f,0x7be192da,0x92513385,0x4010907e,0x48fe480f,
-        0x3120b459,0xdd7a187c,0xa1fd8f3c,0xc9d7702d,0xe358efc5,0x66e4753b } },
-    /* 64 */
-    { { 0x16973cf4,0x070d34e1,0x7e4f34f7,0x20aee08b,0x5eb8ad29,0x269af9b9,
-        0xa6a45dda,0xdde0a036,0x63df41e0,0xa18b528e,0xa260df2a,0x03cc71b2 },
-      { 0xa06b1dd7,0x24a6770a,0x9d2675d3,0x5bfa9c11,0x96844432,0x73c1e2a1,
-        0x131a6cf0,0x3660558d,0x2ee79454,0xb0289c83,0xc6d8ddcd,0xa6aefb01 } },
-    /* 65 */
-    { { 0x01ab5245,0xba1464b4,0xc48d93ff,0x9b8d0b6d,0x93ad272c,0x939867dc,
-        0xae9fdc77,0xbebe085e,0x894ea8bd,0x73ae5103,0x39ac22e1,0x740fc89a },
-      { 0x28e23b23,0x5e28b0a3,0xe13104d0,0x2352722e,0xb0a2640d,0xf4667a18,
-        0x49bb37c3,0xac74a72e,0xe81e183a,0x79f734f0,0x3fd9c0eb,0xbffe5b6c } },
-    /* 66 */
-    { { 0xc6a2123f,0xb1a358f5,0xfe28df6d,0x927b2d95,0xf199d2f9,0x89702753,
-        0x1a3f82dc,0x0a73754c,0x777affe1,0x063d029d,0xdae6d34d,0x5439817e },
-      { 0x6b8b83c4,0xf7979eef,0x9d945682,0x615cb214,0xc5e57eae,0x8f0e4fac,
-        0x113047dd,0x042b89b8,0x93f36508,0x888356dc,0x5fd1f32f,0xbf008d18 } },
-    /* 67 */
-    { { 0x4e8068db,0x8012aa24,0xa5729a47,0xc72cc641,0x43f0691d,0x3c33df2c,
-        0x1d92145f,0xfa057347,0xb97f7946,0xaefc0f2f,0x2f8121bf,0x813d75cb },
-      { 0x4383bba6,0x05613c72,0xa4224b3f,0xa924ce70,0x5f2179a6,0xe59cecbe,
-        0x79f62b61,0x78e2e8aa,0x53ad8079,0x3ac2cc3b,0xd8f4fa96,0x55518d71 } },
-    /* 68 */
-    { { 0x00623f3b,0x03cf2922,0x5f29ebff,0x095c7111,0x80aa6823,0x42d72247,
-        0x7458c0b0,0x044c7ba1,0x0959ec20,0xca62f7ef,0xf8ca929f,0x40ae2ab7 },
-      { 0xa927b102,0xb8c5377a,0xdc031771,0x398a86a0,0xc216a406,0x04908f9d,
-        0x918d3300,0xb423a73a,0xe0b94739,0x634b0ff1,0x2d69f697,0xe29de725 } },
-    /* 69 */
-    { { 0x8435af04,0x744d1400,0xfec192da,0x5f255b1d,0x336dc542,0x1f17dc12,
-        0x636a68a8,0x5c90c2a7,0x7704ca1e,0x960c9eb7,0x6fb3d65a,0x9de8cf1e },
-      { 0x511d3d06,0xc60fee0d,0xf9eb52c7,0x466e2313,0x206b0914,0x743c0f5f,
-        0x2191aa4d,0x42f55bac,0xffebdbc2,0xcefc7c8f,0xe6e8ed1c,0xd4fa6081 } },
-    /* 70 */
-    { { 0xb0ab9645,0xb5e405d3,0xd5f1f711,0xaeec7f98,0x585c2a6e,0x8ad42311,
-        0x512c6944,0x045acb9e,0xa90db1c6,0xae106c4e,0x898e6563,0xb89f33d5 },
-      { 0x7fed2ce4,0x43b07cd9,0xdd815b20,0xf9934e17,0x0a81a349,0x6778d4d5,
-        0x52918061,0x9e616ade,0xd7e67112,0xfa06db06,0x88488091,0x1da23cf1 } },
-    /* 71 */
-    { { 0x42f2c4b5,0x821c46b3,0x66059e47,0x931513ef,0x66f50cd1,0x7030ae43,
-        0x43e7b127,0x43b536c9,0x5fca5360,0x006258cf,0x6b557abf,0xe4e3ee79 },
-      { 0x24c8b22f,0xbb6b3900,0xfcbf1054,0x2eb5e2c1,0x567492af,0x937b18c9,
-        0xacf53957,0xf09432e4,0x1dbf3a56,0x585f5a9d,0xbe0887cf,0xf86751fd } },
-    /* 72 */
-    { { 0x9d10e0b2,0x157399cb,0x60dc51b7,0x1c0d5956,0x1f583090,0x1d496b8a,
-        0x88590484,0x6658bc26,0x03213f28,0x88c08ab7,0x7ae58de4,0x8d2e0f73 },
-      { 0x486cfee6,0x9b79bc95,0xe9e5bc57,0x036a26c7,0xcd8ae97a,0x1ad03601,
-        0xff3a0494,0x06907f87,0x2c7eb584,0x078f4bbf,0x7e8d0a5a,0xe3731bf5 } },
-    /* 73 */
-    { { 0xe1cd0abe,0x72f2282b,0x87efefa2,0xd4f9015e,0x6c3834bd,0x9d189806,
-        0xb8a29ced,0x9c8cdcc1,0xfee82ebc,0x0601b9f4,0x7206a756,0x371052bc },
-      { 0x46f32562,0x76fa1092,0x17351bb4,0xdaad534c,0xb3636bb5,0xc3d64c37,
-        0x45d54e00,0x038a8c51,0x32c09e7c,0x301e6180,0x95735151,0x9764eae7 } },
-    /* 74 */
-    { { 0xcbd5256a,0x8791b19f,0x6ca13a3b,0x4007e0f2,0x4cf06904,0x03b79460,
-        0xb6c17589,0xb18a9c22,0x81d45908,0xa1cb7d7d,0x21bb68f1,0x6e13fa9d },
-      { 0xa71e6e16,0x47183c62,0xe18749ed,0x5cf0ef8e,0x2e5ed409,0x2c9c7f9b,
-        0xe6e117e1,0x042eeacc,0x13fb5a7f,0xb86d4816,0xc9e5feb1,0xea1cf0ed } },
-    /* 75 */
-    { { 0xcea4cc9b,0x6e6573c9,0xafcec8f3,0x5417961d,0xa438b6f6,0x804bf02a,
-        0xdcd4ea88,0xb894b03c,0x3799571f,0xd0f807e9,0x862156e8,0x3466a7f5 },
-      { 0x56515664,0x51e59acd,0xa3c5eb0b,0x55b0f93c,0x6a4279db,0x84a06b02,
-        0xc5fae08e,0x5c850579,0xa663a1a2,0xcf07b8db,0xf46ffc8d,0x49a36bbc } },
-    /* 76 */
-    { { 0x46d93106,0xe47f5acc,0xaa897c9c,0x65b7ade0,0x12d7e4be,0x37cf4c94,
-        0xd4b2caa9,0xa2ae9b80,0xe60357a3,0x5e7ce09c,0xc8ecd5f9,0x29f77667 },
-      { 0xa8a0b1c5,0xdf6868f5,0x62978ad8,0x240858cf,0xdc0002a1,0x0f7ac101,
-        0xffe9aa05,0x1d28a9d7,0x5b962c97,0x744984d6,0x3d28c8b2,0xa8a7c00b } },
-    /* 77 */
-    { { 0xae11a338,0x7c58a852,0xd1af96e7,0xa78613f1,0x5355cc73,0x7e9767d2,
-        0x792a2de6,0x6ba37009,0x124386b2,0x7d60f618,0x11157674,0xab09b531 },
-      { 0x98eb9dd0,0x95a04841,0x15070328,0xe6c17acc,0x489c6e49,0xafc6da45,
-        0xbb211530,0xab45a60a,0x7d7ea933,0xc58d6592,0x095642c6,0xa3ef3c65 } },
-    /* 78 */
-    { { 0xdf010879,0x89d420e9,0x39576179,0x9d25255d,0xe39513b6,0x9cdefd50,
-        0xd5d1c313,0xe4efe45b,0x3f7af771,0xc0149de7,0x340ab06b,0x55a6b4f4 },
-      { 0xebeaf771,0xf1325251,0x878d4288,0x2ab44128,0x18e05afe,0xfcd5832e,
-        0xcc1fb62b,0xef52a348,0xc1c4792a,0x2bd08274,0x877c6dc7,0x345c5846 } },
-    /* 79 */
-    { { 0xbea65e90,0xde15ceb0,0x2416d99c,0x0987f72b,0xfd863dec,0x44db578d,
-        0xac6a3578,0xf617b74b,0xdb48e999,0x9e62bd7a,0xeab1a1be,0x877cae61 },
-      { 0x3a358610,0x23adddaa,0x325e2b07,0x2fc4d6d1,0x1585754e,0x897198f5,
-        0xb392b584,0xf741852c,0xb55f7de1,0x9927804c,0x1aa8efae,0xe9e6c4ed } },
-    /* 80 */
-    { { 0x98683186,0x867db639,0xddcc4ea9,0xfb5cf424,0xd4f0e7bd,0xcc9a7ffe,
-        0x7a779f7e,0x7c57f71c,0xd6b25ef2,0x90774079,0xb4081680,0x90eae903 },
-      { 0x0ee1fceb,0xdf2aae5e,0xe86c1a1f,0x3ff1da24,0xca193edf,0x80f587d6,
-        0xdc9b9d6a,0xa5695523,0x85920303,0x7b840900,0xba6dbdef,0x1efa4dfc } },
-    /* 81 */
-    { { 0xe0540015,0xfbd838f9,0xc39077dc,0x2c323946,0xad619124,0x8b1fb9e6,
-        0x0ca62ea8,0x9612440c,0x2dbe00ff,0x9ad9b52c,0xae197643,0xf52abaa1 },
-      { 0x2cac32ad,0xd0e89894,0x62a98f91,0xdfb79e42,0x276f55cb,0x65452ecf,
-        0x7ad23e12,0xdb1ac0d2,0xde4986f0,0xf68c5f6a,0x82ce327d,0x389ac37b } },
-    /* 82 */
-    { { 0xf8e60f5b,0x511188b4,0x48aa2ada,0x7fe67015,0x381abca2,0xdb333cb8,
-        0xdaf3fc97,0xb15e6d9d,0x36aabc03,0x4b24f6eb,0x72a748b4,0xc59789df },
-      { 0x29cf5279,0x26fcb8a5,0x01ad9a6c,0x7a3c6bfc,0x4b8bac9b,0x866cf88d,
-        0x9c80d041,0xf4c89989,0x70add148,0xf0a04241,0x45d81a41,0x5a02f479 } },
-    /* 83 */
-    { { 0xc1c90202,0xfa5c877c,0xf8ac7570,0xd099d440,0xd17881f7,0x428a5b1b,
-        0x5b2501d7,0x61e267db,0xf2e4465b,0xf889bf04,0x76aa4cb8,0x4da3ae08 },
-      { 0xe3e66861,0x3ef0fe26,0x3318b86d,0x5e772953,0x747396df,0xc3c35fbc,
-        0x439ffd37,0x5115a29c,0xb2d70374,0xbfc4bd97,0x56246b9d,0x088630ea } },
-    /* 84 */
-    { { 0xb8a9e8c9,0xcd96866d,0x5bb8091e,0xa11963b8,0x045b3cd2,0xc7f90d53,
-        0x80f36504,0x755a72b5,0x21d3751c,0x46f8b399,0x53c193de,0x4bffdc91 },
-      { 0xb89554e7,0xcd15c049,0xf7a26be6,0x353c6754,0xbd41d970,0x79602370,
-        0x12b176c0,0xde16470b,0x40c8809d,0x56ba1175,0xe435fb1e,0xe2db35c3 } },
-    /* 85 */
-    { { 0x6328e33f,0xd71e4aab,0xaf8136d1,0x5486782b,0x86d57231,0x07a4995f,
-        0x1651a968,0xf1f0a5bd,0x76803b6d,0xa5dc5b24,0x42dda935,0x5c587cbc },
-      { 0xbae8b4c0,0x2b6cdb32,0xb1331138,0x66d1598b,0x5d7e9614,0x4a23b2d2,
-        0x74a8c05d,0x93e402a6,0xda7ce82e,0x45ac94e6,0xe463d465,0xeb9f8281 } },
-    /* 86 */
-    { { 0xfecf5b9b,0x34e0f9d1,0xf206966a,0xa115b12b,0x1eaa0534,0x5591cf3b,
-        0xfb1558f9,0x5f0293cb,0x1bc703a5,0x1c8507a4,0x862c1f81,0x92e6b81c },
-      { 0xcdaf24e3,0xcc9ebc66,0x72fcfc70,0x68917ecd,0x8157ba48,0x6dc9a930,
-        0xb06ab2b2,0x5d425c08,0x36e929c4,0x362f8ce7,0x62e89324,0x09f6f57c } },
-    /* 87 */
-    { { 0xd29375fb,0x1c7d6b78,0xe35d1157,0xfabd851e,0x4243ea47,0xf6f62dcd,
-        0x8fe30b0f,0x1dd92460,0xffc6e709,0x08166dfa,0x0881e6a7,0xc6c4c693 },
-      { 0xd6a53fb0,0x20368f87,0x9eb4d1f9,0x38718e9f,0xafd7e790,0x03f08acd,
-        0x72fe2a1c,0x0835eb44,0x88076e5d,0x7e050903,0xa638e731,0x538f765e } },
-    /* 88 */
-    { { 0xc2663b4b,0x0e0249d9,0x47cd38dd,0xe700ab5b,0x2c46559f,0xb192559d,
-        0x4bcde66d,0x8f9f74a8,0x3e2aced5,0xad161523,0x3dd03a5b,0xc155c047 },
-      { 0x3be454eb,0x346a8799,0x83b7dccd,0x66ee94db,0xab9d2abe,0x1f6d8378,
-        0x7733f355,0x4a396dd2,0xf53553c2,0x419bd40a,0x731dd943,0xd0ead98d } },
-    /* 89 */
-    { { 0xec142408,0x908e0b0e,0x4114b310,0x98943cb9,0x1742b1d7,0x03dbf7d8,
-        0x693412f4,0xd270df6b,0x8f69e20c,0xc5065494,0x697e43a1,0xa76a90c3 },
-      { 0x4624825a,0xe0fa3384,0x8acc34c2,0x82e48c0b,0xe9a14f2b,0x7b24bd14,
-        0x4db30803,0x4f5dd5e2,0x932da0a3,0x0c77a9e7,0x74c653dc,0x20db90f2 } },
-    /* 90 */
-    { { 0x0e6c5fd9,0x261179b7,0x6c982eea,0xf8bec123,0xd4957b7e,0x47683338,
-        0x0a72f66a,0xcc47e664,0x1bad9350,0xbd54bf6a,0xf454e95a,0xdfbf4c6a },
-      { 0x6907f4fa,0x3f7a7afa,0x865ca735,0x7311fae0,0x2a496ada,0x24737ab8,
-        0x15feb79b,0x13e425f1,0xa1b93c21,0xe9e97c50,0x4ddd3eb5,0xb26b6eac } },
-    /* 91 */
-    { { 0x2a2e5f2b,0x81cab9f5,0xbf385ac4,0xf93caf29,0xc909963a,0xf4bf35c3,
-        0x74c9143c,0x081e7300,0xc281b4c5,0x3ea57fa8,0x9b340741,0xe497905c },
-      { 0x55ab3cfb,0xf556dd8a,0x518db6ad,0xd444b96b,0x5ef4b955,0x34f5425a,
-        0xecd26aa3,0xdda7a3ac,0xda655e97,0xb57da11b,0xc2024c70,0x02da3eff } },
-    /* 92 */
-    { { 0x6481d0d9,0xe24b0036,0x818fdfe2,0x3740dbe5,0x190fda00,0xc1fc1f45,
-        0x3cf27fde,0x329c9280,0x6934f43e,0x7435cb53,0x7884e8fe,0x2b505a5d },
-      { 0x711adcc9,0x6cfcc6a6,0x531e21e1,0xf034325c,0x9b2a8a99,0xa2f4a967,
-        0x3c21bdff,0x9d5f3842,0x31b57d66,0xb25c7811,0x0b8093b9,0xdb5344d8 } },
-    /* 93 */
-    { { 0xae50a2f5,0x0d72e667,0xe4a861d1,0x9b7f8d8a,0x330df1cb,0xa129f70f,
-        0xe04fefc3,0xe90aa5d7,0xe72c3ae1,0xff561ecb,0xcdb955fa,0x0d8fb428 },
-      { 0xd7663784,0xd2235f73,0x7e2c456a,0xc05baec6,0x2adbfccc,0xe5c292e4,
-        0xefb110d5,0x4fd17988,0xd19d49f3,0x27e57734,0x84f679fe,0x188ac4ce } },
-    /* 94 */
-    { { 0xa796c53e,0x7ee344cf,0x0868009b,0xbbf6074d,0x474a1295,0x1f1594f7,
-        0xac11632d,0x66776edc,0x04e2fa5a,0x1862278b,0xc854a89a,0x52665cf2 },
-      { 0x8104ab58,0x7e376464,0x7204fd6d,0x16775913,0x44ea1199,0x86ca06a5,
-        0x1c9240dd,0xaa3f765b,0x24746149,0x5f8501a9,0xdcd251d7,0x7b982e30 } },
-    /* 95 */
-    { { 0xc15f3060,0xe44e9efc,0xa87ebbe6,0x5ad62f2e,0xc79500d4,0x36499d41,
-        0x336fa9d1,0xa66d6dc0,0x5afd3b1f,0xf8afc495,0xe5c9822b,0x1d8ccb24 },
-      { 0x79d7584b,0x4031422b,0xea3f20dd,0xc54a0580,0x958468c5,0x3f837c8f,
-        0xfbea7735,0x3d82f110,0x7dffe2fc,0x679a8778,0x20704803,0x48eba63b } },
-    /* 96 */
-    { { 0xdf46e2f6,0x89b10d41,0x19514367,0x13ab57f8,0x1d469c87,0x067372b9,
-        0x4f6c5798,0x0c195afa,0x272c9acf,0xea43a12a,0x678abdac,0x9dadd8cb },
-      { 0xe182579a,0xcce56c6b,0x2d26c2d8,0x86febadb,0x2a44745c,0x1c668ee1,
-        0x98dc047a,0x580acd86,0x51b9ec2d,0x5a2b79cc,0x4054f6a0,0x007da608 } },
-    /* 97 */
-    { { 0x17b00dd0,0x9e3ca352,0x0e81a7a6,0x046779cb,0xd482d871,0xb999fef3,
-        0xd9233fbc,0xe6f38134,0xf48cd0e0,0x112c3001,0x3c6c66ae,0x934e7576 },
-      { 0xd73234dc,0xb44d4fc3,0x864eafc1,0xfcae2062,0x26bef21a,0x843afe25,
-        0xf3b75fdf,0x61355107,0x794c2e6b,0x8367a5aa,0x8548a372,0x3d2629b1 } },
-    /* 98 */
-    { { 0x437cfaf8,0x6230618f,0x2032c299,0x5b8742cb,0x2293643a,0x949f7247,
-        0x09464f79,0xb8040f1a,0x4f254143,0x049462d2,0x366c7e76,0xabd6b522 },
-      { 0xd5338f55,0x119b392b,0x01495a0c,0x1a80a9ce,0xf8d7537e,0xf3118ca7,
-        0x6bf4b762,0xb715adc2,0xa8482b6c,0x24506165,0x96a7c84d,0xd958d7c6 } },
-    /* 99 */
-    { { 0xbdc21f31,0x9ad8aa87,0x8063e58c,0xadb3cab4,0xb07dd7b8,0xefd86283,
-        0x1be7c6b4,0xc7b9b762,0x015582de,0x2ef58741,0x299addf3,0xc970c52e },
-      { 0x22f24d66,0x78f02e2a,0x74cc100a,0xefec1d10,0x09316e1a,0xaf2a6a39,
-        0x5849dd49,0xce7c2205,0x96bffc4c,0x9c1fe75c,0x7ba06ec0,0xcad98fd2 } },
-    /* 100 */
-    { { 0xb648b73e,0xed76e2d0,0x1cfd285e,0xa9f92ce5,0x2ed13de1,0xa8c86c06,
-        0xa5191a93,0x1d3a574e,0x1ad1b8bf,0x385cdf8b,0x47d2cfe3,0xbbecc28a },
-      { 0x69cec548,0x98d326c0,0xf240a0b2,0x4f5bc1dd,0x29057236,0x241a7062,
-        0xc68294a4,0x0fc6e9c5,0xa319f17a,0x4d04838b,0x9ffc1c6f,0x8b612cf1 } },
-    /* 101 */
-    { { 0x4c3830eb,0x9bb0b501,0x8ee0d0c5,0x3d08f83c,0x79ba9389,0xa4a62642,
-        0x9cbc2914,0x5d5d4044,0x074c46f0,0xae9eb83e,0x74ead7d6,0x63bb758f },
-      { 0xc6bb29e0,0x1c40d2ea,0x4b02f41e,0x95aa2d87,0x53cb199a,0x92989175,
-        0x51584f6d,0xdd91bafe,0x31a1aaec,0x3715efb9,0x46780f9e,0xc1b6ae5b } },
-    /* 102 */
-    { { 0x42772f41,0xcded3e4b,0x3bcb79d1,0x3a700d5d,0x80feee60,0x4430d50e,
-        0xf5e5d4bb,0x444ef1fc,0xe6e358ff,0xc660194f,0x6a91b43c,0xe68a2f32 },
-      { 0x977fe4d2,0x5842775c,0x7e2a41eb,0x78fdef5c,0xff8df00e,0x5f3bec02,
-        0x5852525d,0xf4b840cd,0x4e6988bd,0x0870483a,0xcc64b837,0x39499e39 } },
-    /* 103 */
-    { { 0xb08df5fe,0xfc05de80,0x63ba0362,0x0c12957c,0xd5cf1428,0xea379414,
-        0x54ef6216,0xc559132a,0xb9e65cf8,0x33d5f12f,0x1695d663,0x09c60278 },
-      { 0x61f7a2fb,0x3ac1ced4,0xd4f5eeb8,0xdd838444,0x8318fcad,0x82a38c6c,
-        0xe9f1a864,0x315be2e5,0x442daf47,0x317b5771,0x95aa5f9e,0x81b5904a } },
-    /* 104 */
-    { { 0x8b21d232,0x6b6b1c50,0x8c2cba75,0x87f3dbc0,0xae9f0faf,0xa7e74b46,
-        0xbb7b8079,0x036a0985,0x8d974a25,0x4f185b90,0xd9af5ec9,0x5aa7cef0 },
-      { 0x57dcfffc,0xe0566a70,0xb8453225,0x6ea311da,0x23368aa9,0x72ea1a8d,
-        0x48cd552d,0xed9b2083,0xc80ea435,0xb987967c,0x6c104173,0xad735c75 } },
-    /* 105 */
-    { { 0xcee76ef4,0xaea85ab3,0xaf1d2b93,0x44997444,0xeacb923f,0x0851929b,
-        0x51e3bc0c,0xb080b590,0x59be68a2,0xc4ee1d86,0x64b26cda,0xf00de219 },
-      { 0xf2e90d4d,0x8d7fb5c0,0x77d9ec64,0x00e219a7,0x5d1c491c,0xc4e6febd,
-        0x1a8f4585,0x080e3754,0x48d2af9c,0x4a9b86c8,0xb6679851,0x2ed70db6 } },
-    /* 106 */
-    { { 0x586f25cb,0xaee44116,0xa0fcf70f,0xf7b6861f,0x18a350e8,0x55d2cd20,
-        0x92dc286f,0x861bf3e5,0x6226aba7,0x9ab18ffa,0xa9857b03,0xd15827be },
-      { 0x92e6acef,0x26c1f547,0xac1fbac3,0x422c63c8,0xfcbfd71d,0xa2d8760d,
-        0xb2511224,0x35f6a539,0x048d1a21,0xbaa88fa1,0xebf999db,0x49f1abe9 } },
-    /* 107 */
-    { { 0xf7492b73,0x16f9f4f4,0xcb392b1a,0xcf28ec1e,0x69ca6ffc,0x45b130d4,
-        0xb72efa58,0x28ba8d40,0x5ca066f5,0xace987c7,0x4ad022eb,0x3e399246 },
-      { 0x752555bb,0x63a2d84e,0x9c2ae394,0xaaa93b4a,0xc89539ca,0xcd80424e,
-        0xaa119a99,0x6d6b5a6d,0x379f2629,0xbd50334c,0xef3cc7d3,0x899e925e } },
-    /* 108 */
-    { { 0xbf825dc4,0xb7ff3651,0x40b9c462,0x0f741cc4,0x5cc4fb5b,0x771ff5a9,
-        0x47fd56fe,0xcb9e9c9b,0x5626c0d3,0xbdf053db,0xf7e14098,0xa97ce675 },
-      { 0x6c934f5e,0x68afe5a3,0xccefc46f,0x6cd5e148,0xd7a88586,0xc7758570,
-        0xdd558d40,0x49978f5e,0x64ae00c1,0xa1d5088a,0xf1d65bb2,0x58f2a720 } },
-    /* 109 */
-    { { 0x3e4daedb,0x66fdda4a,0x65d1b052,0x38318c12,0x4c4bbf5c,0x28d910a2,
-        0x78a9cd14,0x762fe5c4,0xd2cc0aee,0x08e5ebaa,0xca0c654c,0xd2cdf257 },
-      { 0x08b717d2,0x48f7c58b,0x386cd07a,0x3807184a,0xae7d0112,0x3240f626,
-        0xc43917b0,0x03e9361b,0x20aea018,0xf261a876,0x7e1e6372,0x53f556a4 } },
-    /* 110 */
-    { { 0x2f512a90,0xc84cee56,0x1b0ea9f1,0x24b3c004,0xe26cc1ea,0x0ee15d2d,
-        0xf0c9ef7d,0xd848762c,0xd5341435,0x1026e9c5,0xfdb16b31,0x8f5b73dc },
-      { 0xd2c75d95,0x1f69bef2,0xbe064dda,0x8d33d581,0x57ed35e6,0x8c024c12,
-        0xc309c281,0xf8d435f9,0xd6960193,0xfd295061,0xe9e49541,0x66618d78 } },
-    /* 111 */
-    { { 0x8ce382de,0x571cfd45,0xde900dde,0x175806ee,0x34aba3b5,0x61849965,
-        0xde7aec95,0xe899778a,0xff4aa97f,0xe8f00f6e,0x010b0c6d,0xae971cb5 },
-      { 0x3af788f1,0x1827eebc,0xe413fe2d,0xd46229ff,0x4741c9b4,0x8a15455b,
-        0xf8e424eb,0x5f02e690,0xdae87712,0x40a1202e,0x64944f6d,0x49b3bda2 } },
-    /* 112 */
-    { { 0x035b2d69,0xd63c6067,0x6bed91b0,0xb507150d,0x7afb39b2,0x1f35f82f,
-        0x16012b66,0xb9bd9c01,0xed0a5f50,0x00d97960,0x2716f7c9,0xed705451 },
-      { 0x127abdb4,0x1576eff4,0xf01e701c,0x6850d698,0x3fc87e2f,0x9fa7d749,
-        0xb0ce3e48,0x0b6bcc6f,0xf7d8c1c0,0xf4fbe1f5,0x02719cc6,0xcf75230e } },
-    /* 113 */
-    { { 0x722d94ed,0x6761d6c2,0x3718820e,0xd1ec3f21,0x25d0e7c6,0x65a40b70,
-        0xbaf3cf31,0xd67f830e,0xb93ea430,0x633b3807,0x0bc96c69,0x17faa0ea },
-      { 0xdf866b98,0xe6bf3482,0xa9db52d4,0x205c1ee9,0xff9ab869,0x51ef9bbd,
-        0x75eeb985,0x3863dad1,0xd3cf442a,0xef216c3b,0xf9c8e321,0x3fb228e3 } },
-    /* 114 */
-    { { 0x0760ac07,0x94f9b70c,0x9d79bf4d,0xf3c9ccae,0xc5ffc83d,0x73cea084,
-        0xdc49c38e,0xef50f943,0xbc9e7330,0xf467a2ae,0x44ea7fba,0x5ee534b6 },
-      { 0x03609e7f,0x20cb6272,0x62fdc9f0,0x09844355,0x0f1457f7,0xaf5c8e58,
-        0xb4b25941,0xd1f50a6c,0x2ec82395,0x77cb247c,0xda3dca33,0xa5f3e1e5 } },
-    /* 115 */
-    { { 0x7d85fa94,0x023489d6,0x2db9ce47,0x0ba40537,0xaed7aad1,0x0fdf7a1f,
-        0x9a4ccb40,0xa57b0d73,0x5b18967c,0x48fcec99,0xb7274d24,0xf30b5b6e },
-      { 0xc81c5338,0x7ccb4773,0xa3ed6bd0,0xb85639e6,0x1d56eada,0x7d9df95f,
-        0x0a1607ad,0xe256d57f,0x957574d6,0x6da7ffdc,0x01c7a8c4,0x65f84046 } },
-    /* 116 */
-    { { 0xcba1e7f1,0x8d45d0cb,0x02b55f64,0xef0a08c0,0x17e19892,0x771ca31b,
-        0x4885907e,0xe1843ecb,0x364ce16a,0x67797ebc,0x8df4b338,0x816d2b2d },
-      { 0x39aa8671,0xe870b0e5,0xc102b5f5,0x9f0db3e4,0x1720c697,0x34296659,
-        0x613c0d2a,0x0ad4c89e,0x418ddd61,0x1af900b2,0xd336e20e,0xe087ca72 } },
-    /* 117 */
-    { { 0xaba10079,0x222831ff,0x6d64fff2,0x0dc5f87b,0x3e8cb330,0x44547907,
-        0x702a33fb,0xe815aaa2,0x5fba3215,0x338d6b2e,0x79f549c8,0x0f7535cb },
-      { 0x2ee95923,0x471ecd97,0xc6d1c09f,0x1e868b37,0xc666ef4e,0x2bc7b8ec,
-        0x808a4bfc,0xf5416589,0x3fbc4d2e,0xf23e9ee2,0x2d75125b,0x4357236c } },
-    /* 118 */
-    { { 0xba9cdb1b,0xfe176d95,0x2f82791e,0x45a1ca01,0x4de4cca2,0x97654af2,
-        0x5cc4bcb9,0xbdbf9d0e,0xad97ac0a,0xf6a7df50,0x61359fd6,0xc52112b0 },
-      { 0x4f05eae3,0x696d9ce3,0xe943ac2b,0x903adc02,0x0848be17,0xa9075347,
-        0x2a3973e5,0x1e20f170,0x6feb67e9,0xe1aacc1c,0xe16bc6b9,0x2ca0ac32 } },
-    /* 119 */
-    { { 0xef871eb5,0xffea12e4,0xa8bf0a7a,0x94c2f25d,0x78134eaa,0x4d1e4c2a,
-        0x0360fb10,0x11ed16fb,0x85fc11be,0x4029b6db,0xf4d390fa,0x5e9f7ab7 },
-      { 0x30646612,0x5076d72f,0xdda1d0d8,0xa0afed1d,0x85a1d103,0x29022257,
-        0x4e276bcd,0xcb499e17,0x51246c3d,0x16d1da71,0x589a0443,0xc72d56d3 } },
-    /* 120 */
-    { { 0xdae5bb45,0xdf5ffc74,0x261bd6dc,0x99068c4a,0xaa98ec7b,0xdc0afa7a,
-        0xf121e96d,0xedd2ee00,0x1414045c,0x163cc7be,0x335af50e,0xb0b1bbce },
-      { 0x01a06293,0xd440d785,0x6552e644,0xcdebab7c,0x8c757e46,0x48cb8dbc,
-        0x3cabe3cb,0x81f9cf78,0xb123f59a,0xddd02611,0xeeb3784d,0x3dc7b88e } },
-    /* 121 */
-    { { 0xc4741456,0xe1b8d398,0x6032a121,0xa9dfa902,0x1263245b,0x1cbfc86d,
-        0x5244718c,0xf411c762,0x05b0fc54,0x96521d54,0xdbaa4985,0x1afab46e },
-      { 0x8674b4ad,0xa75902ba,0x5ad87d12,0x486b43ad,0x36e0d099,0x72b1c736,
-        0xbb6cd6d6,0x39890e07,0x59bace4e,0x8128999c,0x7b535e33,0xd8da430b } },
-    /* 122 */
-    { { 0xc6b75791,0x39f65642,0x21806bfb,0x050947a6,0x1362ef84,0x0ca3e370,
-        0x8c3d2391,0x9bc60aed,0x732e1ddc,0x9b488671,0xa98ee077,0x12d10d9e },
-      { 0x3651b7dc,0xb6f2822d,0x80abd138,0x6345a5ba,0x472d3c84,0x62033262,
-        0xacc57527,0xd54a1d40,0x424447cb,0x6ea46b3a,0x2fb1a496,0x5bc41057 } },
-    /* 123 */
-    { { 0xa751cd0e,0xe70c57a3,0xeba3c7d6,0x190d8419,0x9d47d55a,0xb1c3bee7,
-        0xf912c6d8,0xda941266,0x407a6ad6,0x12e9aacc,0x6e838911,0xd6ce5f11 },
-      { 0x70e1f2ce,0x063ca97b,0x8213d434,0xa3e47c72,0x84df810a,0xa016e241,
-        0xdfd881a4,0x688ad7b0,0xa89bf0ad,0xa37d99fc,0xa23c2d23,0xd8e3f339 } },
-    /* 124 */
-    { { 0x750bed6f,0xbdf53163,0x83e68b0a,0x808abc32,0x5bb08a33,0x85a36627,
-        0x6b0e4abe,0xf72a3a0f,0xfaf0c6ad,0xf7716d19,0x5379b25f,0x22dcc020 },
-      { 0xf9a56e11,0x7400bf8d,0x56a47f21,0x6cb8bad7,0x7a6eb644,0x7c97176f,
-        0xd1f5b646,0xe8fd84f7,0x44ddb054,0x98320a94,0x1dde86f5,0x07071ba3 } },
-    /* 125 */
-    { { 0x98f8fcb9,0x6fdfa0e5,0x94d0d70c,0x89cec8e0,0x106d20a8,0xa0899397,
-        0xba8acc9c,0x915bfb9a,0x5507e01c,0x1370c94b,0x8a821ffb,0x83246a60 },
-      { 0xbe3c378f,0xa8273a9f,0x35a25be9,0x7e544789,0x4dd929d7,0x6cfa4972,
-        0x365bd878,0x987fed9d,0x5c29a7ae,0x4982ac94,0x5ddd7ec5,0x4589a5d7 } },
-    /* 126 */
-    { { 0xa95540a9,0x9fabb174,0x0162c5b0,0x7cfb886f,0xea3dee18,0x17be766b,
-        0xe88e624c,0xff7da41f,0x8b919c38,0xad0b71eb,0xf31ff9a9,0x86a522e0 },
-      { 0x868bc259,0xbc8e6f72,0x3ccef9e4,0x6130c638,0x9a466555,0x09f1f454,
-        0x19b2bfb4,0x8e6c0f09,0x0ca7bb22,0x945c46c9,0x4dafb67b,0xacd87168 } },
-    /* 127 */
-    { { 0x10c53841,0x090c72ca,0x55a4fced,0xc20ae01b,0xe10234ad,0x03f7ebd5,
-        0x85892064,0xb3f42a6a,0xb4a14722,0xbdbc30c0,0x8ca124cc,0x971bc437 },
-      { 0x517ff2ff,0x6f79f46d,0xecba947b,0x6a9c96e2,0x62925122,0x5e79f2f4,
-        0x6a4e91f1,0x30a96bb1,0x2d4c72da,0x1147c923,0x5811e4df,0x65bc311f } },
-    /* 128 */
-    { { 0x139b3239,0x87c7dd7d,0x4d833bae,0x8b57824e,0x9fff0015,0xbcbc4878,
-        0x909eaf1a,0x8ffcef8b,0xf1443a78,0x9905f4ee,0xe15cbfed,0x020dd4a2 },
-      { 0xa306d695,0xca2969ec,0xb93caf60,0xdf940cad,0x87ea6e39,0x67f7fab7,
-        0xf98c4fe5,0x0d0ee10f,0xc19cb91e,0xc646879a,0x7d1d7ab4,0x4b4ea50c } },
-    /* 129 */
-    { { 0x7a0db57e,0x19e40945,0x9a8c9702,0xe6017cad,0x1be5cff9,0xdbf739e5,
-        0xa7a938a2,0x3646b3cd,0x68350dfc,0x04511085,0x56e098b5,0xad3bd6f3 },
-      { 0xee2e3e3e,0x935ebabf,0x473926cb,0xfbd01702,0x9e9fb5aa,0x7c735b02,
-        0x2e3feff0,0xc52a1b85,0x046b405a,0x9199abd3,0x39039971,0xe306fcec } },
-    /* 130 */
-    { { 0x23e4712c,0xd6d9aec8,0xc3c198ee,0x7ca8376c,0x31bebd8a,0xe6d83187,
-        0xd88bfef3,0xed57aff3,0xcf44edc7,0x72a645ee,0x5cbb1517,0xd4e63d0b },
-      { 0xceee0ecf,0x98ce7a1c,0x5383ee8e,0x8f012633,0xa6b455e8,0x3b879078,
-        0xc7658c06,0xcbcd3d96,0x0783336a,0x721d6fe7,0x5a677136,0xf21a7263 } },
-    /* 131 */
-    { { 0x9586ba11,0x19d8b3cd,0x8a5c0480,0xd9e0aeb2,0x2230ef5c,0xe4261dbf,
-        0x02e6bf09,0x095a9dee,0x80dc7784,0x8963723c,0x145157b1,0x5c97dbaf },
-      { 0x4bc4503e,0x97e74434,0x85a6b370,0x0fb1cb31,0xcd205d4b,0x3e8df2be,
-        0xf8f765da,0x497dd1bc,0x6c988a1a,0x92ef95c7,0x64dc4cfa,0x3f924baa } },
-    /* 132 */
-    { { 0x7268b448,0x6bf1b8dd,0xefd79b94,0xd4c28ba1,0xe4e3551f,0x2fa1f8c8,
-        0x5c9187a9,0x769e3ad4,0x40326c0d,0x28843b4d,0x50d5d669,0xfefc8094 },
-      { 0x90339366,0x30c85bfd,0x5ccf6c3a,0x4eeb56f1,0x28ccd1dc,0x0e72b149,
-        0xf2ce978e,0x73ee85b5,0x3165bb23,0xcdeb2bf3,0x4e410abf,0x8106c923 } },
-    /* 133 */
-    { { 0x7d02f4ee,0xc8df0161,0x18e21225,0x8a781547,0x6acf9e40,0x4ea895eb,
-        0x6e5a633d,0x8b000cb5,0x7e981ffb,0xf31d86d5,0x4475bc32,0xf5c8029c },
-      { 0x1b568973,0x764561ce,0xa62996ec,0x2f809b81,0xda085408,0x9e513d64,
-        0xe61ce309,0xc27d815d,0x272999e0,0x0da6ff99,0xfead73f7,0xbd284779 } },
-    /* 134 */
-    { { 0x9b1cdf2b,0x6033c2f9,0xbc5fa151,0x2a99cf06,0x12177b3b,0x7d27d259,
-        0xc4485483,0xb1f15273,0x102e2297,0x5fd57d81,0xc7f6acb7,0x3d43e017 },
-      { 0x3a70eb28,0x41a8bb0b,0x3e80b06b,0x67de2d8e,0x70c28de5,0x09245a41,
-        0xa7b26023,0xad7dbcb1,0x2cbc6c1e,0x70b08a35,0x9b33041f,0xb504fb66 } },
-    /* 135 */
-    { { 0xf97a27c2,0xa8e85ab5,0xc10a011b,0x6ac5ec8b,0xffbcf161,0x55745533,
-        0x65790a60,0x01780e85,0x99ee75b0,0xe451bf85,0x39c29881,0x8907a63b },
-      { 0x260189ed,0x76d46738,0x47bd35cb,0x284a4436,0x20cab61e,0xd74e8c40,
-        0x416cf20a,0x6264bf8c,0x5fd820ce,0xfa5a6c95,0xf24bb5fc,0xfa7154d0 } },
-    /* 136 */
-    { { 0x9b3f5034,0x18482cec,0xcd9e68fd,0x962d445a,0x95746f23,0x266fb1d6,
-        0x58c94a4b,0xc66ade5a,0xed68a5b6,0xdbbda826,0x7ab0d6ae,0x05664a4d },
-      { 0x025e32fc,0xbcd4fe51,0xa96df252,0x61a5aebf,0x31592a31,0xd88a07e2,
-        0x98905517,0x5d9d94de,0x5fd440e7,0x96bb4010,0xe807db4c,0x1b0c47a2 } },
-    /* 137 */
-    { { 0x08223878,0x5c2a6ac8,0xe65a5558,0xba08c269,0x9bbc27fd,0xd22b1b9b,
-        0x72b9607d,0x919171bf,0xe588dc58,0x9ab455f9,0x23662d93,0x6d54916e },
-      { 0x3b1de0c1,0x8da8e938,0x804f278f,0xa84d186a,0xd3461695,0xbf4988cc,
-        0xe10eb0cb,0xf5eae3be,0xbf2a66ed,0x1ff8b68f,0xc305b570,0xa68daf67 } },
-    /* 138 */
-    { { 0x44b2e045,0xc1004cff,0x4b1c05d4,0x91b5e136,0x88a48a07,0x53ae4090,
-        0xea11bb1a,0x73fb2995,0x3d93a4ea,0x32048570,0x3bfc8a5f,0xcce45de8 },
-      { 0xc2b3106e,0xaff4a97e,0xb6848b4f,0x9069c630,0xed76241c,0xeda837a6,
-        0x6cc3f6cf,0x8a0daf13,0x3da018a8,0x199d049d,0xd9093ba3,0xf867c6b1 } },
-    /* 139 */
-    { { 0x56527296,0xe4d42a56,0xce71178d,0xae26c73d,0x6c251664,0x70a0adac,
-        0x5dc0ae1d,0x813483ae,0xdaab2daf,0x7574eacd,0xc2d55f4f,0xc56b52dc },
-      { 0x95f32923,0x872bc167,0x5bdd2a89,0x4be17581,0xa7699f00,0x9b57f1e7,
-        0x3ac2de02,0x5fcd9c72,0x92377739,0x83af3ba1,0xfc50b97f,0xa64d4e2b } },
-    /* 140 */
-    { { 0x0e552b40,0x2172dae2,0xd34d52e8,0x62f49725,0x07958f98,0x7930ee40,
-        0x751fdd74,0x56da2a90,0xf53e48c3,0xf1192834,0x8e53c343,0x34d2ac26 },
-      { 0x13111286,0x1073c218,0xda9d9827,0x201dac14,0xee95d378,0xec2c29db,
-        0x1f3ee0b1,0x9316f119,0x544ce71c,0x7890c9f0,0x27612127,0xd77138af } },
-    /* 141 */
-    { { 0x3b4ad1cd,0x78045e6d,0x4aa49bc1,0xcd86b94e,0xfd677a16,0x57e51f1d,
-        0xfa613697,0xd9290935,0x34f4d893,0x7a3f9593,0x5d5fcf9b,0x8c9c248b },
-      { 0x6f70d4e9,0x9f23a482,0x63190ae9,0x17273454,0x5b081a48,0x4bdd7c13,
-        0x28d65271,0x1e2de389,0xe5841d1f,0x0bbaaa25,0x746772e5,0xc4c18a79 } },
-    /* 142 */
-    { { 0x593375ac,0x10ee2681,0x7dd5e113,0x4f3288be,0x240f3538,0x9a97b2fb,
-        0x1de6b1e2,0xfa11089f,0x1351bc58,0x516da562,0x2dfa85b5,0x573b6119 },
-      { 0x6cba7df5,0x89e96683,0x8c28ab40,0xf299be15,0xad43fcbf,0xe91c9348,
-        0x9a1cefb3,0xe9bbc7cc,0x738b2775,0xc8add876,0x775eaa01,0x6e3b1f2e } },
-    /* 143 */
-    { { 0xb677788b,0x0365a888,0x3fd6173c,0x634ae8c4,0x9e498dbe,0x30498761,
-        0xc8f779ab,0x08c43e6d,0x4c09aca9,0x068ae384,0x2018d170,0x2380c70b },
-      { 0xa297c5ec,0xcf77fbc3,0xca457948,0xdacbc853,0x336bec7e,0x3690de04,
-        0x14eec461,0x26bbac64,0x1f713abf,0xd1c23c7e,0xe6fd569e,0xf08bbfcd } },
-    /* 144 */
-    { { 0x84770ee3,0x5f8163f4,0x744a1706,0x0e0c7f94,0xe1b2d46d,0x9c8f05f7,
-        0xd01fd99a,0x417eafe7,0x11440e5b,0x2ba15df5,0x91a6fbcf,0xdc5c552a },
-      { 0xa270f721,0x86271d74,0xa004485b,0x32c0a075,0x8defa075,0x9d1a87e3,
-        0xbf0d20fe,0xb590a7ac,0x8feda1f5,0x430c41c2,0x58f6ec24,0x454d2879 } },
-    /* 145 */
-    { { 0x7c525435,0x52b7a635,0x37c4bdbc,0x3d9ef57f,0xdffcc475,0x2bb93e9e,
-        0x7710f3be,0xf7b8ba98,0x21b727de,0x42ee86da,0x2e490d01,0x55ac3f19 },
-      { 0xc0c1c390,0x487e3a6e,0x446cde7b,0x036fb345,0x496ae951,0x089eb276,
-        0x71ed1234,0xedfed4d9,0x900f0b46,0x661b0dd5,0x8582f0d3,0x11bd6f1b } },
-    /* 146 */
-    { { 0x076bc9d1,0x5cf9350f,0xcf3cd2c3,0x15d903be,0x25af031c,0x21cfc8c2,
-        0x8b1cc657,0xe0ad3248,0x70014e87,0xdd9fb963,0x297f1658,0xf0f3a5a1 },
-      { 0xf1f703aa,0xbb908fba,0x2f6760ba,0x2f9cc420,0x66a38b51,0x00ceec66,
-        0x05d645da,0x4deda330,0xf7de3394,0xb9cf5c72,0x1ad4c906,0xaeef6502 } },
-    /* 147 */
-    { { 0x7a19045d,0x0583c8b1,0xd052824c,0xae7c3102,0xff6cfa58,0x2a234979,
-        0x62c733c0,0xfe9dffc9,0x9c0c4b09,0x3a7fa250,0x4fe21805,0x516437bb },
-      { 0xc2a23ddb,0x9454e3d5,0x289c104e,0x0726d887,0x4fd15243,0x8977d918,
-        0x6d7790ba,0xc559e73f,0x465af85f,0x8fd3e87d,0x5feee46b,0xa2615c74 } },
-    /* 148 */
-    { { 0x4335167d,0xc8d607a8,0xe0f5c887,0x8b42d804,0x398d11f9,0x5f9f13df,
-        0x20740c67,0x5aaa5087,0xa3d9234b,0x83da9a6a,0x2a54bad1,0xbd3a5c4e },
-      { 0x2db0f658,0xdd13914c,0x5a3f373a,0x29dcb66e,0x5245a72b,0xbfd62df5,
-        0x91e40847,0x19d18023,0xb136b1ae,0xd9df74db,0x3f93bc5b,0x72a06b6b } },
-    /* 149 */
-    { { 0xad19d96f,0x6da19ec3,0xfb2a4099,0xb342daa4,0x662271ea,0x0e61633a,
-        0xce8c054b,0x3bcece81,0x8bd62dc6,0x7cc8e061,0xee578d8b,0xae189e19 },
-      { 0xdced1eed,0x73e7a25d,0x7875d3ab,0xc1257f0a,0x1cfef026,0x2cb2d5a2,
-        0xb1fdf61c,0xd98ef39b,0x24e83e6c,0xcd8e6f69,0xc7b7088b,0xd71e7076 } },
-    /* 150 */
-    { { 0x9d4245bf,0x33936830,0x2ac2953b,0x22d96217,0x56c3c3cd,0xb3bf5a82,
-        0x0d0699e8,0x50c9be91,0x8f366459,0xec094463,0x513b7c35,0x6c056dba },
-      { 0x045ab0e3,0x687a6a83,0x445c9295,0x8d40b57f,0xa16f5954,0x0f345048,
-        0x3d8f0a87,0x64b5c639,0x9f71c5e2,0x106353a2,0x874f0dd4,0xdd58b475 } },
-    /* 151 */
-    { { 0x62230c72,0x67ec084f,0x481385e3,0xf14f6cca,0x4cda7774,0xf58bb407,
-        0xaa2dbb6b,0xe15011b1,0x0c035ab1,0xd488369d,0x8245f2fd,0xef83c24a },
-      { 0x9fdc2538,0xfb57328f,0x191fe46a,0x79808293,0x32ede548,0xe28f5c44,
-        0xea1a022c,0x1b3cda99,0x3df2ec7f,0x39e639b7,0x760e9a18,0x77b6272b } },
-    /* 152 */
-    { { 0xa65d56d5,0x2b1d51bd,0x7ea696e0,0x3a9b71f9,0x9904f4c4,0x95250ecc,
-        0xe75774b7,0x8bc4d6eb,0xeaeeb9aa,0x0e343f8a,0x930e04cb,0xc473c1d1 },
-      { 0x064cd8ae,0x282321b1,0x5562221c,0xf4b4371e,0xd1bf1221,0xc1cc81ec,
-        0xe2c8082f,0xa52a07a9,0xba64a958,0x350d8e59,0x6fb32c9a,0x29e4f3de } },
-    /* 153 */
-    { { 0xba89aaa5,0x0aa9d56c,0xc4c6059e,0xf0208ac0,0xbd6ddca4,0x7400d9c6,
-        0xf2c2f74a,0xb384e475,0xb1562dd3,0x4c1061fc,0x2e153b8d,0x3924e248 },
-      { 0x849808ab,0xf38b8d98,0xa491aa36,0x29bf3260,0x88220ede,0x85159ada,
-        0xbe5bc422,0x8b47915b,0xd7300967,0xa934d72e,0x2e515d0d,0xc4f30398 } },
-    /* 154 */
-    { { 0x1b1de38b,0xe3e9ee42,0x42636760,0xa124e25a,0x90165b1a,0x90bf73c0,
-        0x146434c5,0x21802a34,0x2e1fa109,0x54aa83f2,0xed9c51e9,0x1d4bd03c },
-      { 0x798751e6,0xc2d96a38,0x8c3507f5,0xed27235f,0xc8c24f88,0xb5fb80e2,
-        0xd37f4f78,0xf873eefa,0xf224ba96,0x7229fd74,0x9edd7149,0x9dcd9199 } },
-    /* 155 */
-    { { 0x4e94f22a,0xee9f81a6,0xf71ec341,0xe5609892,0xa998284e,0x6c818ddd,
-        0x3b54b098,0x9fd47295,0x0e8a7cc9,0x47a6ac03,0xb207a382,0xde684e5e },
-      { 0x2b6b956b,0x4bdd1ecd,0xf01b3583,0x09084414,0x55233b14,0xe2f80b32,
-        0xef5ebc5e,0x5a0fec54,0xbf8b29a2,0x74cf25e6,0x7f29e014,0x1c757fa0 } },
-    /* 156 */
-    { { 0xeb0fdfe4,0x1bcb5c4a,0xf0899367,0xd7c649b3,0x05bc083b,0xaef68e3f,
-        0xa78aa607,0x57a06e46,0x21223a44,0xa2136ecc,0x52f5a50b,0x89bd6484 },
-      { 0x4455f15a,0x724411b9,0x08a9c0fd,0x23dfa970,0x6db63bef,0x7b0da4d1,
-        0xfb162443,0x6f8a7ec1,0xe98284fb,0xc1ac9cee,0x33566022,0x085a582b } },
-    /* 157 */
-    { { 0xec1f138a,0x15cb61f9,0x668f0c28,0x11c9a230,0xdf93f38f,0xac829729,
-        0x4048848d,0xcef25698,0x2bba8fbf,0x3f686da0,0x111c619a,0xed5fea78 },
-      { 0xd6d1c833,0x9b4f73bc,0x86e7bf80,0x50951606,0x042b1d51,0xa2a73508,
-        0x5fb89ec2,0x9ef6ea49,0x5ef8b892,0xf1008ce9,0x9ae8568b,0x78a7e684 } },
-    /* 158 */
-    { { 0x10470cd8,0x3fe83a7c,0xf86df000,0x92734682,0xda9409b5,0xb5dac06b,
-        0x94939c5f,0x1e7a9660,0x5cc116dc,0xdec6c150,0x66bac8cc,0x1a52b408 },
-      { 0x6e864045,0x5303a365,0x9139efc1,0x45eae72a,0x6f31d54f,0x83bec646,
-        0x6e958a6d,0x2fb4a86f,0x4ff44030,0x6760718e,0xe91ae0df,0x008117e3 } },
-    /* 159 */
-    { { 0x384310a2,0x5d5833ba,0x1fd6c9fc,0xbdfb4edc,0x849c4fb8,0xb9a4f102,
-        0x581c1e1f,0xe5fb239a,0xd0a9746d,0xba44b2e7,0x3bd942b9,0x78f7b768 },
-      { 0xc87607ae,0x076c8ca1,0xd5caaa7e,0x82b23c2e,0x2763e461,0x6a581f39,
-        0x3886df11,0xca8a5e4a,0x264e7f22,0xc87e90cf,0x215cfcfc,0x04f74870 } },
-    /* 160 */
-    { { 0x141d161c,0x5285d116,0x93c4ed17,0x67cd2e0e,0x7c36187e,0x12c62a64,
-        0xed2584ca,0xf5329539,0x42fbbd69,0xc4c777c4,0x1bdfc50a,0x107de776 },
-      { 0xe96beebd,0x9976dcc5,0xa865a151,0xbe2aff95,0x9d8872af,0x0e0a9da1,
-        0xa63c17cc,0x5e357a3d,0xe15cc67c,0xd31fdfd8,0x7970c6d8,0xc44bbefd } },
-    /* 161 */
-    { { 0x4c0c62f1,0x703f83e2,0x4e195572,0x9b1e28ee,0xfe26cced,0x6a82858b,
-        0xc43638fa,0xd381c84b,0xa5ba43d8,0x94f72867,0x10b82743,0x3b4a783d },
-      { 0x7576451e,0xee1ad7b5,0x14b6b5c8,0xc3d0b597,0xfcacc1b8,0x3dc30954,
-        0x472c9d7b,0x55df110e,0x02f8a328,0x97c86ed7,0x88dc098f,0xd0433413 } },
-    /* 162 */
-    { { 0x2ca8f2fe,0x1a60d152,0x491bd41f,0x61640948,0x58dfe035,0x6dae29a5,
-        0x278e4863,0x9a615bea,0x9ad7c8e5,0xbbdb4477,0x2ceac2fc,0x1c706630 },
-      { 0x99699b4b,0x5e2b54c6,0x239e17e8,0xb509ca6d,0xea063a82,0x728165fe,
-        0xb6a22e02,0x6b5e609d,0xb26ee1df,0x12813905,0x439491fa,0x07b9f722 } },
-    /* 163 */
-    { { 0x48ff4e49,0x1592ec14,0x6d644129,0x3e4e9f17,0x1156acc0,0x7acf8288,
-        0xbb092b0b,0x5aa34ba8,0x7d38393d,0xcd0f9022,0xea4f8187,0x416724dd },
-      { 0xc0139e73,0x3c4e641c,0x91e4d87d,0xe0fe46cf,0xcab61f8a,0xedb3c792,
-        0xd3868753,0x4cb46de4,0x20f1098a,0xe449c21d,0xf5b8ea6e,0x5e5fd059 } },
-    /* 164 */
-    { { 0x75856031,0x7fcadd46,0xeaf2fbd0,0x89c7a4cd,0x7a87c480,0x1af523ce,
-        0x61d9ae90,0xe5fc1095,0xbcdb95f5,0x3fb5864f,0xbb5b2c7d,0xbeb5188e },
-      { 0x3ae65825,0x3d1563c3,0x0e57d641,0x116854c4,0x1942ebd3,0x11f73d34,
-        0xc06955b3,0x24dc5904,0x995a0a62,0x8a0d4c83,0x5d577b7d,0xfb26b86d } },
-    /* 165 */
-    { { 0xc686ae17,0xc53108e7,0xd1c1da56,0x9090d739,0x9aec50ae,0x4583b013,
-        0xa49a6ab2,0xdd9a088b,0xf382f850,0x28192eea,0xf5fe910e,0xcc8df756 },
-      { 0x9cab7630,0x877823a3,0xfb8e7fc1,0x64984a9a,0x364bfc16,0x5448ef9c,
-        0xc44e2a9a,0xbbb4f871,0x435c95e9,0x901a41ab,0xaaa50a06,0xc6c23e5f } },
-    /* 166 */
-    { { 0x9034d8dd,0xb78016c1,0x0b13e79b,0x856bb44b,0xb3241a05,0x85c6409a,
-        0x2d78ed21,0x8d2fe19a,0x726eddf2,0xdcc7c26d,0x25104f04,0x3ccaff5f },
-      { 0x6b21f843,0x397d7edc,0xe975de4c,0xda88e4dd,0x4f5ab69e,0x5273d396,
-        0x9aae6cc0,0x537680e3,0x3e6f9461,0xf749cce5,0x957bffd3,0x021ddbd9 } },
-    /* 167 */
-    { { 0x777233cf,0x7b64585f,0x0942a6f0,0xfe6771f6,0xdfe6eef0,0x636aba7a,
-        0x86038029,0x63bbeb56,0xde8fcf36,0xacee5842,0xd4a20524,0x48d9aa99 },
-      { 0x0da5e57a,0xcff7a74c,0xe549d6c9,0xc232593c,0xf0f2287b,0x68504bcc,
-        0xbc8360b5,0x6d7d098d,0x5b402f41,0xeac5f149,0xb87d1bf1,0x61936f11 } },
-    /* 168 */
-    { { 0xb8153a9d,0xaa9da167,0x9e83ecf0,0xa49fe3ac,0x1b661384,0x14c18f8e,
-        0x38434de1,0x61c24dab,0x283dae96,0x3d973c3a,0x82754fc9,0xc99baa01 },
-      { 0x4c26b1e3,0x477d198f,0xa7516202,0x12e8e186,0x362addfa,0x386e52f6,
-        0xc3962853,0x31e8f695,0x6aaedb60,0xdec2af13,0x29cf74ac,0xfcfdb4c6 } },
-    /* 169 */
-    { { 0xcca40298,0x6b3ee958,0xf2f5d195,0xc3878153,0xed2eae5b,0x0c565630,
-        0x3a697cf2,0xd089b37e,0xad5029ea,0xc2ed2ac7,0x0f0dda6a,0x7e5cdfad },
-      { 0xd9b86202,0xf98426df,0x4335e054,0xed1960b1,0x3f14639e,0x1fdb0246,
-        0x0db6c670,0x17f709c3,0x773421e1,0xbfc687ae,0x26c1a8ac,0x13fefc4a } },
-    /* 170 */
-    { { 0x7ffa0a5f,0xe361a198,0xc63fe109,0xf4b26102,0x6c74e111,0x264acbc5,
-        0x77abebaf,0x4af445fa,0x24cddb75,0x448c4fdd,0x44506eea,0x0b13157d },
-      { 0x72e9993d,0x22a6b159,0x85e5ecbe,0x2c3c57e4,0xfd83e1a1,0xa673560b,
-        0xc3b8c83b,0x6be23f82,0x40bbe38e,0x40b13a96,0xad17399b,0x66eea033 } },
-    /* 171 */
-    { { 0xb4c6c693,0x49fc6e95,0x36af7d38,0xefc735de,0x35fe42fc,0xe053343d,
-        0x6a9ab7c3,0xf0aa427c,0x4a0fcb24,0xc79f0436,0x93ebbc50,0x16287243 },
-      { 0x16927e1e,0x5c3d6bd0,0x673b984c,0x40158ed2,0x4cd48b9a,0xa7f86fc8,
-        0x60ea282d,0x1643eda6,0xe2a1beed,0x45b393ea,0x19571a94,0x664c839e } },
-    /* 172 */
-    { { 0x27eeaf94,0x57745750,0xea99e1e7,0x2875c925,0x5086adea,0xc127e7ba,
-        0x86fe424f,0x765252a0,0x2b6c0281,0x1143cc6c,0xd671312d,0xc9bb2989 },
-      { 0x51acb0a5,0x880c337c,0xd3c60f78,0xa3710915,0x9262b6ed,0x496113c0,
-        0x9ce48182,0x5d25d9f8,0xb3813586,0x53b6ad72,0x4c0e159c,0x0ea3bebc } },
-    /* 173 */
-    { { 0xc5e49bea,0xcaba450a,0x7c05da59,0x684e5415,0xde7ac36c,0xa2e9cab9,
-        0x2e6f957b,0x4ca79b5f,0x09b817b1,0xef7b0247,0x7d89df0f,0xeb304990 },
-      { 0x46fe5096,0x508f7307,0x2e04eaaf,0x695810e8,0x3512f76c,0x88ef1bd9,
-        0x3ebca06b,0x77661351,0xccf158b7,0xf7d4863a,0x94ee57da,0xb2a81e44 } },
-    /* 174 */
-    { { 0x6d53e6ba,0xff288e5b,0x14484ea2,0xa90de1a9,0xed33c8ec,0x2fadb60c,
-        0x28b66a40,0x579d6ef3,0xec24372d,0x4f2dd6dd,0x1d66ec7d,0xe9e33fc9 },
-      { 0x039eab6e,0x110899d2,0x3e97bb5e,0xa31a667a,0xcfdce68e,0x6200166d,
-        0x5137d54b,0xbe83ebae,0x4800acdf,0x085f7d87,0x0c6f8c86,0xcf4ab133 } },
-    /* 175 */
-    { { 0x931e08fb,0x03f65845,0x1506e2c0,0x6438551e,0x9c36961f,0x5791f0dc,
-        0xe3dcc916,0x68107b29,0xf495d2ca,0x83242374,0x6ee5895b,0xd8cfb663 },
-      { 0xa0349b1b,0x525e0f16,0x4a0fab86,0x33cd2c6c,0x2af8dda9,0x46c12ee8,
-        0x71e97ad3,0x7cc424ba,0x37621eb0,0x69766ddf,0xa5f0d390,0x95565f56 } },
-    /* 176 */
-    { { 0x1a0f5e94,0xe0e7bbf2,0x1d82d327,0xf771e115,0xceb111fa,0x10033e3d,
-        0xd3426638,0xd269744d,0x00d01ef6,0xbdf2d9da,0xa049ceaf,0x1cb80c71 },
-      { 0x9e21c677,0x17f18328,0x19c8f98b,0x6452af05,0x80b67997,0x35b9c5f7,
-        0x40f8f3d4,0x5c2e1cbe,0x66d667ca,0x43f91656,0xcf9d6e79,0x9faaa059 } },
-    /* 177 */
-    { { 0x0a078fe6,0x8ad24618,0x464fd1dd,0xf6cc73e6,0xc3e37448,0x4d2ce34d,
-        0xe3271b5f,0x624950c5,0xefc5af72,0x62910f5e,0xaa132bc6,0x8b585bf8 },
-      { 0xa839327f,0x11723985,0x4aac252f,0x34e2d27d,0x6296cc4e,0x402f59ef,
-        0x47053de9,0x00ae055c,0x28b4f09b,0xfc22a972,0xfa0c180e,0xa9e86264 } },
-    /* 178 */
-    { { 0xbc310ecc,0x0b7b6224,0x67fa14ed,0x8a1a74f1,0x7214395c,0x87dd0960,
-        0xf5c91128,0xdf1b3d09,0x86b264a8,0x39ff23c6,0x3e58d4c5,0xdc2d49d0 },
-      { 0xa9d6f501,0x2152b7d3,0xc04094f7,0xf4c32e24,0xd938990f,0xc6366596,
-        0x94fb207f,0x084d078f,0x328594cb,0xfd99f1d7,0xcb2d96b3,0x36defa64 } },
-    /* 179 */
-    { { 0x13ed7cbe,0x4619b781,0x9784bd0e,0x95e50015,0x2c7705fe,0x2a32251c,
-        0x5f0dd083,0xa376af99,0x0361a45b,0x55425c6c,0x1f291e7b,0x812d2cef },
-      { 0x5fd94972,0xccf581a0,0xe56dc383,0x26e20e39,0x63dbfbf0,0x0093685d,
-        0x36b8c575,0x1fc164cc,0x390ef5e7,0xb9c5ab81,0x26908c66,0x40086beb } },
-    /* 180 */
-    { { 0x37e3c115,0xe5e54f79,0xc1445a8a,0x69b8ee8c,0xb7659709,0x79aedff2,
-        0x1b46fbe6,0xe288e163,0xd18d7bb7,0xdb4844f0,0x48aa6424,0xe0ea23d0 },
-      { 0xf3d80a73,0x714c0e4e,0x3bd64f98,0x87a0aa9e,0x2ec63080,0x8844b8a8,
-        0x255d81a3,0xe0ac9c30,0x455397fc,0x86151237,0x2f820155,0x0b979464 } },
-    /* 181 */
-    { { 0x4ae03080,0x127a255a,0x580a89fb,0x232306b4,0x6416f539,0x04e8cd6a,
-        0x13b02a0e,0xaeb70dee,0x4c09684a,0xa3038cf8,0x28e433ee,0xa710ec3c },
-      { 0x681b1f7d,0x77a72567,0x2fc28170,0x86fbce95,0xf5735ac8,0xd3408683,
-        0x6bd68e93,0x3a324e2a,0xc027d155,0x7ec74353,0xd4427177,0xab60354c } },
-    /* 182 */
-    { { 0xef4c209d,0x32a5342a,0x08d62704,0x2ba75274,0xc825d5fe,0x4bb4af6f,
-        0xd28e7ff1,0x1c3919ce,0xde0340f6,0x1dfc2fdc,0x29f33ba9,0xc6580baf },
-      { 0x41d442cb,0xae121e75,0x3a4724e4,0x4c7727fd,0x524f3474,0xe556d6a4,
-        0x785642a2,0x87e13cc7,0xa17845fd,0x182efbb1,0x4e144857,0xdcec0cf1 } },
-    /* 183 */
-    { { 0xe9539819,0x1cb89541,0x9d94dbf1,0xc8cb3b4f,0x417da578,0x1d353f63,
-        0x8053a09e,0xb7a697fb,0xc35d8b78,0x8d841731,0xb656a7a9,0x85748d6f },
-      { 0xc1859c5d,0x1fd03947,0x535d22a2,0x6ce965c1,0x0ca3aadc,0x1966a13e,
-        0x4fb14eff,0x9802e41d,0x76dd3fcd,0xa9048cbb,0xe9455bba,0x89b182b5 } },
-    /* 184 */
-    { { 0x43360710,0xd777ad6a,0x55e9936b,0x841287ef,0x04a21b24,0xbaf5c670,
-        0x35ad86f1,0xf2c0725f,0xc707e72e,0x338fa650,0xd8883e52,0x2bf8ed2e },
-      { 0xb56e0d6a,0xb0212cf4,0x6843290c,0x50537e12,0x98b3dc6f,0xd8b184a1,
-        0x0210b722,0xd2be9a35,0x559781ee,0x407406db,0x0bc18534,0x5a78d591 } },
-    /* 185 */
-    { { 0xd748b02c,0x4d57aa2a,0xa12b3b95,0xbe5b3451,0x64711258,0xadca7a45,
-        0x322153db,0x597e091a,0x32eb1eab,0xf3271006,0x2873f301,0xbd9adcba },
-      { 0x38543f7f,0xd1dc79d1,0x921b1fef,0x00022092,0x1e5df8ed,0x86db3ef5,
-        0x9e6b944a,0x888cae04,0x791a32b4,0x71bd29ec,0xa6d1c13e,0xd3516206 } },
-    /* 186 */
-    { { 0x55924f43,0x2ef6b952,0x4f9de8d5,0xd2f401ae,0xadc68042,0xfc73e8d7,
-        0x0d9d1bb4,0x627ea70c,0xbbf35679,0xc3bb3e3e,0xd882dee4,0x7e8a254a },
-      { 0xb5924407,0x08906f50,0xa1ad444a,0xf14a0e61,0x65f3738e,0xaa0efa21,
-        0xae71f161,0xd60c7dd6,0xf175894d,0x9e8390fa,0x149f4c00,0xd115cd20 } },
-    /* 187 */
-    { { 0xa52abf77,0x2f2e2c1d,0x54232568,0xc2a0dca5,0x54966dcc,0xed423ea2,
-        0xcd0dd039,0xe48c93c7,0x176405c7,0x1e54a225,0x70d58f2e,0x1efb5b16 },
-      { 0x94fb1471,0xa751f9d9,0x67d2941d,0xfdb31e1f,0x53733698,0xa6c74eb2,
-        0x89a0f64a,0xd3155d11,0xa4b8d2b6,0x4414cfe4,0xf7a8e9e3,0x8d5a4be8 } },
-    /* 188 */
-    { { 0x52669e98,0x5c96b4d4,0x8fd42a03,0x4547f922,0xd285174e,0xcf5c1319,
-        0x064bffa0,0x805cd1ae,0x246d27e7,0x50e8bc4f,0xd5781e11,0xf89ef98f },
-      { 0xdee0b63f,0xb4ff95f6,0x222663a4,0xad850047,0x4d23ce9c,0x02691860,
-        0x50019f59,0x3e5309ce,0x69a508ae,0x27e6f722,0x267ba52c,0xe9376652 } },
-    /* 189 */
-    { { 0xc0368708,0xa04d289c,0x5e306e1d,0xc458872f,0x33112fea,0x76fa23de,
-        0x6efde42e,0x718e3974,0x1d206091,0xf0c98cdc,0x14a71987,0x5fa3ca62 },
-      { 0xdcaa9f2a,0xeee8188b,0x589a860d,0x312cc732,0xc63aeb1f,0xf9808dd6,
-        0x4ea62b53,0x70fd43db,0x890b6e97,0x2c2bfe34,0xfa426aa6,0x105f863c } },
-    /* 190 */
-    { { 0xb38059ad,0x0b29795d,0x90647ea0,0x5686b77e,0xdb473a3e,0xeff0470e,
-        0xf9b6d1e2,0x278d2340,0xbd594ec7,0xebbff95b,0xd3a7f23d,0xf4b72334 },
-      { 0xa5a83f0b,0x2a285980,0x9716a8b3,0x0786c41a,0x22511812,0x138901bd,
-        0xe2fede6e,0xd1b55221,0xdf4eb590,0x0806e264,0x762e462e,0x6c4c897e } },
-    /* 191 */
-    { { 0xb4b41d9d,0xd10b905f,0x4523a65b,0x826ca466,0xb699fa37,0x535bbd13,
-        0x73bc8f90,0x5b9933d7,0xcd2118ad,0x9332d61f,0xd4a65fd0,0x158c693e },
-      { 0xe6806e63,0x4ddfb2a8,0xb5de651b,0xe31ed3ec,0x819bc69a,0xf9460e51,
-        0x2c76b1f8,0x6229c0d6,0x901970a3,0xbb78f231,0x9cee72b8,0x31f3820f } },
-    /* 192 */
-    { { 0xc09e1c72,0xe931caf2,0x12990cf4,0x0715f298,0x943262d8,0x33aad81d,
-        0x73048d3f,0x5d292b7a,0xdc7415f6,0xb152aaa4,0x0fd19587,0xc3d10fd9 },
-      { 0x75ddadd0,0xf76b35c5,0x1e7b694c,0x9f5f4a51,0xc0663025,0x2f1ab7eb,
-        0x920260b0,0x01c9cc87,0x05d39da6,0xc4b1f61a,0xeb4a9c4e,0x6dcd76c4 } },
-    /* 193 */
-    { { 0xfdc83f01,0x0ba0916f,0x9553e4f9,0x354c8b44,0xffc5e622,0xa6cc511a,
-        0xe95be787,0xb954726a,0x75b41a62,0xcb048115,0xebfde989,0xfa2ae6cd },
-      { 0x0f24659a,0x6376bbc7,0x4c289c43,0x13a999fd,0xec9abd8b,0xc7134184,
-        0xa789ab04,0x28c02bf6,0xd3e526ec,0xff841ebc,0x640893a8,0x442b191e } },
-    /* 194 */
-    { { 0xfa2b6e20,0x4cac6c62,0xf6d69861,0x97f29e9b,0xbc96d12d,0x228ab1db,
-        0x5e8e108d,0x6eb91327,0x40771245,0xd4b3d4d1,0xca8a803a,0x61b20623 },
-      { 0xa6a560b1,0x2c2f3b41,0x3859fcf4,0x879e1d40,0x024dbfc3,0x7cdb5145,
-        0x3bfa5315,0x55d08f15,0xaa93823a,0x2f57d773,0xc6a2c9a2,0xa97f259c } },
-    /* 195 */
-    { { 0xe58edbbb,0xc306317b,0x79dfdf13,0x25ade51c,0x16d83dd6,0x6b5beaf1,
-        0x1dd8f925,0xe8038a44,0xb2a87b6b,0x7f00143c,0xf5b438de,0xa885d00d },
-      { 0xcf9e48bd,0xe9f76790,0xa5162768,0xf0bdf9f0,0xad7b57cb,0x0436709f,
-        0xf7c15db7,0x7e151c12,0x5d90ee3b,0x3514f022,0x2c361a8d,0x2e84e803 } },
-    /* 196 */
-    { { 0x563ec8d8,0x2277607d,0xe3934cb7,0xa661811f,0xf58fd5de,0x3ca72e7a,
-        0x62294c6a,0x7989da04,0xf6bbefe9,0x88b3708b,0x53ed7c82,0x0d524cf7 },
-      { 0x2f30c073,0x69f699ca,0x9dc1dcf3,0xf0fa264b,0x05f0aaf6,0x44ca4568,
-        0xd19b9baf,0x0f5b23c7,0xeabd1107,0x39193f41,0x2a7c9b83,0x9e3e10ad } },
-    /* 197 */
-    { { 0xd4ae972f,0xa90824f0,0xc6e846e7,0x43eef02b,0x29d2160a,0x7e460612,
-        0xfe604e91,0x29a178ac,0x4eb184b2,0x23056f04,0xeb54cdf4,0x4fcad55f },
-      { 0xae728d15,0xa0ff96f3,0xc6a00331,0x8a2680c6,0x7ee52556,0x5f84cae0,
-        0xc5a65dad,0x5e462c3a,0xe2d23f4f,0x5d2b81df,0xc5b1eb07,0x6e47301b } },
-    /* 198 */
-    { { 0xaf8219b9,0x77411d68,0x51b1907a,0xcb883ce6,0x101383b5,0x25c87e57,
-        0x982f970d,0x9c7d9859,0x118305d2,0xaa6abca5,0x9013a5db,0x725fed2f },
-      { 0xababd109,0x487cdbaf,0x87586528,0xc0f8cf56,0x8ad58254,0xa02591e6,
-        0xdebbd526,0xc071b1d1,0x961e7e31,0x927dfe8b,0x9263dfe1,0x55f895f9 } },
-    /* 199 */
-    { { 0xb175645b,0xf899b00d,0xb65b4b92,0x51f3a627,0xb67399ef,0xa2f3ac8d,
-        0xe400bc20,0xe717867f,0x1967b952,0x42cc9020,0x3ecd1de1,0x3d596751 },
-      { 0xdb979775,0xd41ebcde,0x6a2e7e88,0x99ba61bc,0x321504f2,0x039149a5,
-        0x27ba2fad,0xe7dc2314,0xb57d8368,0x9f556308,0x57da80a7,0x2b6d16c9 } },
-    /* 200 */
-    { { 0x279ad982,0x84af5e76,0x9c8b81a6,0x9bb4c92d,0x0e698e67,0xd79ad44e,
-        0x265fc167,0xe8be9048,0x0c3a4ccc,0xf135f7e6,0xb8863a33,0xa0a10d38 },
-      { 0xd386efd9,0xe197247c,0xb52346c2,0x0eefd3f9,0x78607bc8,0xc22415f9,
-        0x508674ce,0xa2a8f862,0xc8c9d607,0xa72ad09e,0x50fa764f,0xcd9f0ede } },
-    /* 201 */
-    { { 0xd1a46d4d,0x063391c7,0x9eb01693,0x2df51c11,0x849e83de,0xc5849800,
-        0x8ad08382,0x48fd09aa,0xaa742736,0xa405d873,0xe1f9600c,0xee49e61e },
-      { 0x48c76f73,0xd76676be,0x01274b2a,0xd9c100f6,0x83f8718d,0x110bb67c,
-        0x02fc0d73,0xec85a420,0x744656ad,0xc0449e1e,0x37d9939b,0x28ce7376 } },
-    /* 202 */
-    { { 0x44544ac7,0x97e9af72,0xba010426,0xf2c658d5,0xfb3adfbd,0x732dec39,
-        0xa2df0b07,0xd12faf91,0x2171e208,0x8ac26725,0x5b24fa54,0xf820cdc8 },
-      { 0x94f4cf77,0x307a6eea,0x944a33c6,0x18c783d2,0x0b741ac5,0x4b939d4c,
-        0x3ffbb6e4,0x1d7acd15,0x7a255e44,0x06a24858,0xce336d50,0x14fbc494 } },
-    /* 203 */
-    { { 0x51584e3c,0x9b920c0c,0xf7e54027,0xc7733c59,0x88422bbe,0xe24ce139,
-        0x523bd6ab,0x11ada812,0xb88e6def,0xde068800,0xfe8c582d,0x7b872671 },
-      { 0x7de53510,0x4e746f28,0xf7971968,0x492f8b99,0x7d928ac2,0x1ec80bc7,
-        0x432eb1b5,0xb3913e48,0x32028f6e,0xad084866,0x8fc2f38b,0x122bb835 } },
-    /* 204 */
-    { { 0x3b0b29c3,0x0a9f3b1e,0x4fa44151,0x837b6432,0x17b28ea7,0xb9905c92,
-        0x98451750,0xf39bc937,0xce8b6da1,0xcd383c24,0x010620b2,0x299f57db },
-      { 0x58afdce3,0x7b6ac396,0x3d05ef47,0xa15206b3,0xb9bb02ff,0xa0ae37e2,
-        0x9db3964c,0x107760ab,0x67954bea,0xe29de9a0,0x431c3f82,0x446a1ad8 } },
-    /* 205 */
-    { { 0x5c6b8195,0xc6fecea0,0xf49e71b9,0xd744a7c5,0x177a7ae7,0xa8e96acc,
-        0x358773a7,0x1a05746c,0x37567369,0xa4162146,0x87d1c971,0xaa0217f7 },
-      { 0x77fd3226,0x61e9d158,0xe4f600be,0x0f6f2304,0x7a6dff07,0xa9c4cebc,
-        0x09f12a24,0xd15afa01,0x8c863ee9,0x2bbadb22,0xe5eb8c78,0xa28290e4 } },
-    /* 206 */
-    { { 0x3e9de330,0x55b87fa0,0x195c145b,0x12b26066,0xa920bef0,0xe08536e0,
-        0x4d195adc,0x7bff6f2c,0x945f4187,0x7f319e9d,0xf892ce47,0xf9848863 },
-      { 0x4fe37657,0xd0efc1d3,0x5cf0e45a,0x3c58de82,0x8b0ccbbe,0x626ad21a,
-        0xaf952fc5,0xd2a31208,0xeb437357,0x81791995,0x98e95d4f,0x5f19d30f } },
-    /* 207 */
-    { { 0x0e6865bb,0x72e83d9a,0xf63456a6,0x22f5af3b,0x463c8d9e,0x409e9c73,
-        0xdfe6970e,0x40e9e578,0x711b91ca,0x876b6efa,0x942625a3,0x895512cf },
-      { 0xcb4e462b,0x84c8eda8,0x4412e7c8,0x84c0154a,0xceb7b71f,0x04325db1,
-        0x66f70877,0x1537dde3,0x1992b9ac,0xf3a09399,0xd498ae77,0xa7316606 } },
-    /* 208 */
-    { { 0xcad260f5,0x13990d2f,0xeec0e8c0,0x76c3be29,0x0f7bd7d5,0x7dc5bee0,
-        0xefebda4b,0x9be167d2,0x9122b87e,0xcce3dde6,0x82b5415c,0x75a28b09 },
-      { 0xe84607a6,0xf6810bcd,0x6f4dbf0d,0xc6d58128,0x1b4dafeb,0xfead577d,
-        0x066b28eb,0x9bc440b2,0x8b17e84b,0x53f1da97,0xcda9a575,0x0459504b } },
-    /* 209 */
-    { { 0x329e5836,0x13e39a02,0xf717269d,0x2c9e7d51,0xf26c963b,0xc5ac58d6,
-        0x79967bf5,0x3b0c6c43,0x55908d9d,0x60bbea3f,0xf07c9ad1,0xd84811e7 },
-      { 0x5bd20e4a,0xfe7609a7,0x0a70baa8,0xe4325dd2,0xb3600386,0x3711f370,
-        0xd0924302,0x97f9562f,0x4acc4436,0x040dc0c3,0xde79cdd4,0xfd6d725c } },
-    /* 210 */
-    { { 0xcf13eafb,0xb3efd0e3,0x5aa0ae5f,0x21009cbb,0x79022279,0xe480c553,
-        0xb2fc9a6d,0x755cf334,0x07096ae7,0x8564a5bf,0xbd238139,0xddd649d0 },
-      { 0x8a045041,0xd0de10b1,0xc957d572,0x6e05b413,0x4e0fb25c,0x5c5ff806,
-        0x641162fb,0xd933179b,0xe57439f9,0x42d48485,0x8a8d72aa,0x70c5bd0a } },
-    /* 211 */
-    { { 0x97bdf646,0xa7671738,0xab329f7c,0xaa1485b4,0xf8f25fdf,0xce3e11d6,
-        0xc6221824,0x76a3fc7e,0xf3924740,0x045f281f,0x96d13a9a,0x24557d4e },
-      { 0xdd4c27cd,0x875c804b,0x0f5c7fea,0x11c5f0f4,0xdc55ff7e,0xac8c880b,
-        0x1103f101,0x2acddec5,0xf99faa89,0x38341a21,0xce9d6b57,0xc7b67a2c } },
-    /* 212 */
-    { { 0x8e357586,0x9a0d724f,0xdf648da0,0x1d7f4ff5,0xfdee62a5,0x9c3e6c9b,
-        0x0389b372,0x0499cef0,0x98eab879,0xe904050d,0x6c051617,0xe8eef1b6 },
-      { 0xc37e3ca9,0xebf5bfeb,0xa4e0b91d,0x7c5e946d,0x2c4bea28,0x79097314,
-        0xee67b2b7,0x81f6c109,0xdafc5ede,0xaf237d9b,0x2abb04c7,0xd2e60201 } },
-    /* 213 */
-    { { 0x8a4f57bf,0x6156060c,0xff11182a,0xf9758696,0x6296ef00,0x8336773c,
-        0xff666899,0x9c054bce,0x719cd11c,0xd6a11611,0xdbe1acfa,0x9824a641 },
-      { 0xba89fd01,0x0b7b7a5f,0x889f79d8,0xf8d3b809,0xf578285c,0xc5e1ea08,
-        0xae6d8288,0x7ac74536,0x7521ef5f,0x5d37a200,0xb260a25d,0x5ecc4184 } },
-    /* 214 */
-    { { 0xa708c8d3,0xddcebb19,0xc63f81ec,0xe63ed04f,0x11873f95,0xd045f5a0,
-        0x79f276d5,0x3b5ad544,0x425ae5b3,0x81272a3d,0x10ce1605,0x8bfeb501 },
-      { 0x888228bf,0x4233809c,0xb2aff7df,0x4bd82acf,0x0cbd4a7f,0x9c68f180,
-        0x6b44323d,0xfcd77124,0x891db957,0x60c0fcf6,0x04da8f7f,0xcfbb4d89 } },
-    /* 215 */
-    { { 0x3b26139a,0x9a6a5df9,0xb2cc7eb8,0x3e076a83,0x5a964bcd,0x47a8e82d,
-        0xb9278d6b,0x8a4e2a39,0xe4443549,0x93506c98,0xf1e0d566,0x06497a8f },
-      { 0x2b1efa05,0x3dee8d99,0x45393e33,0x2da63ca8,0xcf0579ad,0xa4af7277,
-        0x3236d8ea,0xaf4b4639,0x32b617f5,0x6ccad95b,0xb88bb124,0xce76d8b8 } },
-    /* 216 */
-    { { 0x083843dc,0x63d2537a,0x1e4153b4,0x89eb3514,0xea9afc94,0x5175ebc4,
-        0x8ed1aed7,0x7a652580,0xd85e8297,0x67295611,0xb584b73d,0x8dd2d68b },
-      { 0x0133c3a4,0x237139e6,0x4bd278ea,0x9de838ab,0xc062fcd9,0xe829b072,
-        0x63ba8706,0x70730d4f,0xd3cd05ec,0x6080483f,0x0c85f84d,0x872ab5b8 } },
-    /* 217 */
-    { { 0x999d4d49,0xfc0776d3,0xec3f45e7,0xa3eb59de,0x0dae1fc1,0xbc990e44,
-        0xa15371ff,0x33596b1e,0x9bc7ab25,0xd447dcb2,0x35979582,0xcd5b63e9 },
-      { 0x77d1ff11,0xae3366fa,0xedee6903,0x59f28f05,0xa4433bf2,0x6f43fed1,
-        0xdf9ce00e,0x15409c9b,0xaca9c5dc,0x21b5cded,0x82d7bdb4,0xf9f33595 } },
-    /* 218 */
-    { { 0x9422c792,0x95944378,0xc958b8bf,0x239ea923,0xdf076541,0x4b61a247,
-        0xbb9fc544,0x4d29ce85,0x0b424559,0x9a692a67,0x0e486900,0x6e0ca5a0 },
-      { 0x85b3bece,0x6b79a782,0xc61f9892,0x41f35e39,0xae747f82,0xff82099a,
-        0xd0ca59d6,0x58c8ae3f,0x99406b5f,0x4ac930e2,0x9df24243,0x2ce04eb9 } },
-    /* 219 */
-    { { 0x1ac37b82,0x4366b994,0x25b04d83,0xff0c728d,0x19c47b7c,0x1f551361,
-        0xbeff13e7,0xdbf2d5ed,0xe12a683d,0xf78efd51,0x989cf9c4,0x82cd85b9 },
-      { 0xe0cb5d37,0xe23c6db6,0x72ee1a15,0x818aeebd,0x28771b14,0x8212aafd,
-        0x1def817d,0x7bc221d9,0x9445c51f,0xdac403a2,0x12c3746b,0x711b0517 } },
-    /* 220 */
-    { { 0x5ea99ecc,0x0ed9ed48,0xb8cab5e1,0xf799500d,0xb570cbdc,0xa8ec87dc,
-        0xd35dfaec,0x52cfb2c2,0x6e4d80a4,0x8d31fae2,0xdcdeabe5,0xe6a37dc9 },
-      { 0x1deca452,0x5d365a34,0x0d68b44e,0x09a5f8a5,0xa60744b1,0x59238ea5,
-        0xbb4249e9,0xf2fedc0d,0xa909b2e3,0xe395c74e,0x39388250,0xe156d1a5 } },
-    /* 221 */
-    { { 0x47181ae9,0xd796b3d0,0x44197808,0xbaf44ba8,0x34cf3fac,0xe6933094,
-        0xc3bd5c46,0x41aa6ade,0xeed947c6,0x4fda75d8,0x9ea5a525,0xacd9d412 },
-      { 0xd430301b,0x65cc55a3,0x7b52ea49,0x3c9a5bcf,0x159507f0,0x22d319cf,
-        0xde74a8dd,0x2ee0b9b5,0x877ac2b6,0x20c26a1e,0x92e7c314,0x387d73da } },
-    /* 222 */
-    { { 0x8cd3fdac,0x13c4833e,0x332e5b8e,0x76fcd473,0xe2fe1fd3,0xff671b4b,
-        0x5d98d8ec,0x4d734e8b,0x514bbc11,0xb1ead3c6,0x7b390494,0xd14ca858 },
-      { 0x5d2d37e9,0x95a443af,0x00464622,0x73c6ea73,0x15755044,0xa44aeb4b,
-        0xfab58fee,0xba3f8575,0xdc680a6f,0x9779dbc9,0x7b37ddfc,0xe1ee5f5a } },
-    /* 223 */
-    { { 0x12d29f46,0xcd0b4648,0x0ed53137,0x93295b0b,0x80bef6c9,0xbfe26094,
-        0x54248b00,0xa6565788,0x80e7f9c4,0x69c43fca,0xbe141ea1,0x2190837b },
-      { 0xa1b26cfb,0x875e159a,0x7affe852,0x90ca9f87,0x92ca598e,0x15e6550d,
-        0x1938ad11,0xe3e0945d,0x366ef937,0xef7636bb,0xb39869e5,0xb6034d0b } },
-    /* 224 */
-    { { 0x26d8356e,0x4d255e30,0xd314626f,0xf83666ed,0xd0c8ed64,0x421ddf61,
-        0x26677b61,0x96e473c5,0x9e9b18b3,0xdad4af7e,0xa9393f75,0xfceffd4a },
-      { 0x11c731d5,0x843138a1,0xb2f141d9,0x05bcb3a1,0x617b7671,0x20e1fa95,
-        0x88ccec7b,0xbefce812,0x90f1b568,0x582073dc,0x1f055cb7,0xf572261a } },
-    /* 225 */
-    { { 0x36973088,0xf3148277,0x86a9f980,0xc008e708,0xe046c261,0x1b795947,
-        0xca76bca0,0xdf1e6a7d,0x71acddf0,0xabafd886,0x1364d8f4,0xff7054d9 },
-      { 0xe2260594,0x2cf63547,0xd73b277e,0x468a5372,0xef9bd35e,0xc7419e24,
-        0x24043cc3,0x2b4a1c20,0x890b39cd,0xa28f047a,0x46f9a2e3,0xdca2cea1 } },
-    /* 226 */
-    { { 0x53277538,0xab788736,0xcf697738,0xa734e225,0x6b22e2c1,0x66ee1d1e,
-        0xebe1d212,0x2c615389,0x02bb0766,0xf36cad40,0x3e64f207,0x120885c3 },
-      { 0x90fbfec2,0x59e77d56,0xd7a574ae,0xf9e781aa,0x5d045e53,0x801410b0,
-        0xa91b5f0e,0xd3b5f0aa,0x7fbb3521,0xb3d1df00,0xc72bee9a,0x11c4b33e } },
-    /* 227 */
-    { { 0x83c3a7f3,0xd32b9832,0x88d8a354,0x8083abcf,0x50f4ec5a,0xdeb16404,
-        0x641e2907,0x18d747f0,0xf1bbf03e,0x4e8978ae,0x88a0cd89,0x932447dc },
-      { 0xcf3d5897,0x561e0feb,0x13600e6d,0xfc3a682f,0xd16a6b73,0xc78b9d73,
-        0xd29bf580,0xe713fede,0x08d69e5c,0x0a225223,0x1ff7fda4,0x3a924a57 } },
-    /* 228 */
-    { { 0xb4093bee,0xfb64554c,0xa58c6ec0,0xa6d65a25,0x43d0ed37,0x4126994d,
-        0x55152d44,0xa5689a51,0x284caa8d,0xb8e5ea8c,0xd1f25538,0x33f05d4f },
-      { 0x1b615d6e,0xe0fdfe09,0x705507da,0x2ded7e8f,0x17bbcc80,0xdd5631e5,
-        0x267fd11f,0x4f87453e,0xff89d62d,0xc6da723f,0xe3cda21d,0x55cbcae2 } },
-    /* 229 */
-    { { 0x6b4e84f3,0x336bc94e,0x4ef72c35,0x72863031,0xeeb57f99,0x6d85fdee,
-        0xa42ece1b,0x7f4e3272,0x36f0320a,0x7f86cbb5,0x923331e6,0xf09b6a2b },
-      { 0x56778435,0x21d3ecf1,0x8323b2d2,0x2977ba99,0x1704bc0f,0x6a1b57fb,
-        0x389f048a,0xd777cf8b,0xac6b42cd,0x9ce2174f,0x09e6c55a,0x404e2bff } },
-    /* 230 */
-    { { 0x204c5ddb,0x9b9b135e,0x3eff550e,0x9dbfe044,0xec3be0f6,0x35eab4bf,
-        0x0a43e56f,0x8b4c3f0d,0x0e73f9b3,0x4c1c6673,0x2c78c905,0x92ed38bd },
-      { 0xa386e27c,0xc7003f6a,0xaced8507,0xb9c4f46f,0x59df5464,0xea024ec8,
-        0x429572ea,0x4af96152,0xe1fc1194,0x279cd5e2,0x281e358c,0xaa376a03 } },
-    /* 231 */
-    { { 0x3cdbc95c,0x07859223,0xef2e337a,0xaae1aa6a,0x472a8544,0xc040108d,
-        0x8d037b7d,0x80c853e6,0x8c7eee24,0xd221315c,0x8ee47752,0x195d3856 },
-      { 0xdacd7fbe,0xd4b1ba03,0xd3e0c52b,0x4b5ac61e,0x6aab7b52,0x68d3c052,
-        0x660e3fea,0xf0d7248c,0x3145efb4,0xafdb3f89,0x8f40936d,0xa73fd9a3 } },
-    /* 232 */
-    { { 0xbb1b17ce,0x891b9ef3,0xc6127f31,0x14023667,0x305521fd,0x12b2e58d,
-        0xe3508088,0x3a47e449,0xff751507,0xe49fc84b,0x5310d16e,0x4023f722 },
-      { 0xb73399fa,0xa608e5ed,0xd532aa3e,0xf12632d8,0x845e8415,0x13a2758e,
-        0x1fc2d861,0xae4b6f85,0x339d02f2,0x3879f5b1,0x80d99ebd,0x446d22a6 } },
-    /* 233 */
-    { { 0x4be164f1,0x0f502302,0x88b81920,0x8d09d2d6,0x984aceff,0x514056f1,
-        0x75e9e80d,0xa5c4ddf0,0xdf496a93,0x38cb47e6,0x38df6bf7,0x899e1d6b },
-      { 0xb59eb2a6,0x69e87e88,0x9b47f38b,0x280d9d63,0x3654e955,0x599411ea,
-        0x969aa581,0xcf8dd4fd,0x530742a7,0xff5c2baf,0x1a373085,0xa4391536 } },
-    /* 234 */
-    { { 0xa8a4bdd2,0x6ace72a3,0xb68ef702,0xc656cdd1,0x90c4dad8,0xd4a33e7e,
-        0x9d951c50,0x4aece08a,0x085d68e6,0xea8005ae,0x6f7502b8,0xfdd7a7d7 },
-      { 0x98d6fa45,0xce6fb0a6,0x1104eb8c,0x228f8672,0xda09d7dc,0xd23d8787,
-        0x2ae93065,0x5521428b,0xea56c366,0x95faba3d,0x0a88aca5,0xedbe5039 } },
-    /* 235 */
-    { { 0xbfb26c82,0xd64da0ad,0x952c2f9c,0xe5d70b3c,0xf7e77f68,0xf5e8f365,
-        0x08f2d695,0x7234e002,0xd12e7be6,0xfaf900ee,0x4acf734e,0x27dc6934 },
-      { 0xc260a46a,0x80e4ff5e,0x2dc31c28,0x7da5ebce,0xca69f552,0x485c5d73,
-        0x69cc84c2,0xcdfb6b29,0xed6d4eca,0x031c5afe,0x22247637,0xc7bbf4c8 } },
-    /* 236 */
-    { { 0x49fe01b2,0x9d5b72c7,0x793a91b8,0x34785186,0xcf460438,0xa3ba3c54,
-        0x3ab21b6f,0x73e8e43d,0xbe57b8ab,0x50cde8e0,0xdd204264,0x6488b3a7 },
-      { 0xdddc4582,0xa9e398b3,0x5bec46fe,0x1698c1a9,0x156d3843,0x7f1446ef,
-        0x770329a2,0x3fd25dd8,0x2c710668,0x05b1221a,0xa72ee6cf,0x65b2dc2a } },
-    /* 237 */
-    { { 0xcd021d63,0x21a885f7,0xfea61f08,0x3f344b15,0xc5cf73e6,0xad5ba6dd,
-        0x227a8b23,0x154d0d8f,0xdc559311,0x9b74373c,0x98620fa1,0x4feab715 },
-      { 0x7d9ec924,0x5098938e,0x6d47e550,0x84d54a5e,0x1b617506,0x1a2d1bdc,
-        0x615868a4,0x99fe1782,0x3005a924,0x171da780,0x7d8f79b6,0xa70bf5ed } },
-    /* 238 */
-    { { 0xfe2216c5,0x0bc1250d,0x7601b351,0x2c37e250,0xd6f06b7e,0xb6300175,
-        0x8bfeb9b7,0x4dde8ca1,0xb82f843d,0x4f210432,0xb1ac0afd,0x8d70e2f9 },
-      { 0xaae91abb,0x25c73b78,0x863028f2,0x0230dca3,0xe5cf30b7,0x8b923ecf,
-        0x5506f265,0xed754ec2,0x729a5e39,0x8e41b88c,0xbabf889b,0xee67cec2 } },
-    /* 239 */
-    { { 0x1be46c65,0xe183acf5,0xe7565d7a,0x9789538f,0xd9627b4e,0x87873391,
-        0x9f1d9187,0xbf4ac4c1,0x4691f5c8,0x5db99f63,0x74a1fb98,0xa68df803 },
-      { 0xbf92b5fa,0x3c448ed1,0x3e0bdc32,0xa098c841,0x79bf016c,0x8e74cd55,
-        0x115e244d,0x5df0d09c,0x3410b66e,0x9418ad01,0x17a02130,0x8b6124cb } },
-    /* 240 */
-    { { 0xc26e3392,0x425ec3af,0xa1722e00,0xc07f8470,0xe2356b43,0xdcc28190,
-        0xb1ef59a6,0x4ed97dff,0xc63028c1,0xc22b3ad1,0x68c18988,0x070723c2 },
-      { 0x4cf49e7d,0x70da302f,0x3f12a522,0xc5e87c93,0x18594148,0x74acdd1d,
-        0xca74124c,0xad5f73ab,0xd69fd478,0xe72e4a3e,0x7b117cc3,0x61593868 } },
-    /* 241 */
-    { { 0xa9aa0486,0x7b7b9577,0xa063d557,0x6e41fb35,0xda9047d7,0xb017d5c7,
-        0x68a87ba9,0x8c748280,0xdf08ad93,0xab45fa5c,0x4c288a28,0xcd9fb217 },
-      { 0x5747843d,0x59544642,0xa56111e3,0x34d64c6c,0x4bfce8d5,0x12e47ea1,
-        0x6169267f,0x17740e05,0xeed03fb5,0x5c49438e,0x4fc3f513,0x9da30add } },
-    /* 242 */
-    { { 0xccfa5200,0xc4e85282,0x6a19b13d,0x2707608f,0xf5726e2f,0xdcb9a53d,
-        0xe9427de5,0x612407c9,0xd54d582a,0x3e5a17e1,0x655ae118,0xb99877de },
-      { 0x015254de,0x6f0e972b,0xf0a6f7c5,0x92a56db1,0xa656f8b2,0xd297e4e1,
-        0xad981983,0x99fe0052,0x07cfed84,0xd3652d2f,0x843c1738,0xc784352e } },
-    /* 243 */
-    { { 0x7e9b2d8a,0x6ee90af0,0x57cf1964,0xac8d7018,0x71f28efc,0xf6ed9031,
-        0x6812b20e,0x7f70d5a9,0xf1c61eee,0x27b557f4,0xc6263758,0xf1c9bd57 },
-      { 0x2a1a6194,0x5cf7d014,0x1890ab84,0xdd614e0b,0x0e93c2a6,0x3ef9de10,
-        0xe0cd91c5,0xf98cf575,0x14befc32,0x504ec0c6,0x6279d68c,0xd0513a66 } },
-    /* 244 */
-    { { 0xa859fb6a,0xa8eadbad,0xdb283666,0xcf8346e7,0x3e22e355,0x7b35e61a,
-        0x99639c6b,0x293ece2c,0x56f241c8,0xfa0162e2,0xbf7a1dda,0xd2e6c7b9 },
-      { 0x40075e63,0xd0de6253,0xf9ec8286,0x2405aa61,0x8fe45494,0x2237830a,
-        0x364e9c8c,0x4fd01ac7,0x904ba750,0x4d9c3d21,0xaf1b520b,0xd589be14 } },
-    /* 245 */
-    { { 0x4662e53b,0x13576a4f,0xf9077676,0x35ec2f51,0x97c0af97,0x66297d13,
-        0x9e598b58,0xed3201fe,0x5e70f604,0x49bc752a,0xbb12d951,0xb54af535 },
-      { 0x212c1c76,0x36ea4c2b,0xeb250dfd,0x18f5bbc7,0x9a0a1a46,0xa0d466cc,
-        0xdac2d917,0x52564da4,0x8e95fab5,0x206559f4,0x9ca67a33,0x7487c190 } },
-    /* 246 */
-    { { 0xdde98e9c,0x75abfe37,0x2a411199,0x99b90b26,0xdcdb1f7c,0x1b410996,
-        0x8b3b5675,0xab346f11,0xf1f8ae1e,0x04852193,0x6b8b98c1,0x1ec4d227 },
-      { 0x45452baa,0xba3bc926,0xacc4a572,0x387d1858,0xe51f171e,0x9478eff6,
-        0x931e1c00,0xf357077d,0xe54c8ca8,0xffee77cd,0x551dc9a4,0xfb4892ff } },
-    /* 247 */
-    { { 0x2db8dff8,0x5b1bdad0,0x5a2285a2,0xd462f4fd,0xda00b461,0x1d6aad8e,
-        0x41306d1b,0x43fbefcf,0x6a13fe19,0x428e86f3,0x17f89404,0xc8b2f118 },
-      { 0xf0d51afb,0x762528aa,0x549b1d06,0xa3e2fea4,0xea3ddf66,0x86fad8f2,
-        0x4fbdd206,0x0d9ccc4b,0xc189ff5a,0xcde97d4c,0x199f19a6,0xc36793d6 } },
-    /* 248 */
-    { { 0x51b85197,0xea38909b,0xb4c92895,0xffb17dd0,0x1ddb3f3f,0x0eb0878b,
-        0xc57cf0f2,0xb05d28ff,0x1abd57e2,0xd8bde2e7,0xc40c1b20,0x7f2be28d },
-      { 0x299a2d48,0x6554dca2,0x8377982d,0x5130ba2e,0x1071971a,0x8863205f,
-        0x7cf2825d,0x15ee6282,0x03748f2b,0xd4b6c57f,0x430385a0,0xa9e3f4da } },
-    /* 249 */
-    { { 0x83fbc9c6,0x33eb7cec,0x4541777e,0x24a311c7,0x4f0767fc,0xc81377f7,
-        0x4ab702da,0x12adae36,0x2a779696,0xb7fcb6db,0x01cea6ad,0x4a6fb284 },
-      { 0xcdfc73de,0x5e8b1d2a,0x1b02fd32,0xd0efae8d,0xd81d8519,0x3f99c190,
-        0xfc808971,0x3c18f7fa,0x51b7ae7b,0x41f713e7,0xf07fc3f8,0x0a4b3435 } },
-    /* 250 */
-    { { 0x019b7d2e,0x7dda3c4c,0xd4dc4b89,0x631c8d1a,0x1cdb313c,0x5489cd6e,
-        0x4c07bb06,0xd44aed10,0x75f000d1,0x8f97e13a,0xdda5df4d,0x0e9ee64f },
-      { 0x3e346910,0xeaa99f3b,0xfa294ad7,0x622f6921,0x0d0b2fe9,0x22aaa20d,
-        0x1e5881ba,0x4fed2f99,0xc1571802,0x9af3b2d6,0xdc7ee17c,0x919e67a8 } },
-    /* 251 */
-    { { 0x76250533,0xc724fe4c,0x7d817ef8,0x8a2080e5,0x172c9751,0xa2afb0f4,
-        0x17c0702e,0x9b10cdeb,0xc9b7e3e9,0xbf3975e3,0x1cd0cdc5,0x206117df },
-      { 0xbe05ebd5,0xfb049e61,0x16c782c0,0xeb0bb55c,0xab7fed09,0x13a331b8,
-        0x632863f0,0xf6c58b1d,0x4d3b6195,0x6264ef6e,0x9a53f116,0x92c51b63 } },
-    /* 252 */
-    { { 0x288b364d,0xa57c7bc8,0x7b41e5c4,0x4a562e08,0x698a9a11,0x699d21c6,
-        0xf3f849b9,0xa4ed9581,0x9eb726ba,0xa223eef3,0xcc2884f9,0x13159c23 },
-      { 0x3a3f4963,0x73931e58,0x0ada6a81,0x96500389,0x5ab2950b,0x3ee8a1c6,
-        0x775fab52,0xeedf4949,0x4f2671b6,0x63d652e1,0x3c4e2f55,0xfed4491c } },
-    /* 253 */
-    { { 0xf4eb453e,0x335eadc3,0xcadd1a5b,0x5ff74b63,0x5d84a91a,0x6933d0d7,
-        0xb49ba337,0x9ca3eeb9,0xc04c15b8,0x1f6facce,0xdc09a7e4,0x4ef19326 },
-      { 0x3dca3233,0x53d2d324,0xa2259d4b,0x0ee40590,0x5546f002,0x18c22edb,
-        0x09ea6b71,0x92429801,0xb0e91e61,0xaada0add,0x99963c50,0x5fe53ef4 } },
-    /* 254 */
-    { { 0x90c28c65,0x372dd06b,0x119ce47d,0x1765242c,0x6b22fc82,0xc041fb80,
-        0xb0a7ccc1,0x667edf07,0x1261bece,0xc79599e7,0x19cff22a,0xbc69d9ba },
-      { 0x13c06819,0x009d77cd,0xe282b79d,0x635a66ae,0x225b1be8,0x4edac4a6,
-        0x524008f9,0x57d4f4e4,0xb056af84,0xee299ac5,0x3a0bc386,0xcc38444c } },
-    /* 255 */
-    { { 0xcd4c2356,0x490643b1,0x750547be,0x740a4851,0xd4944c04,0x643eaf29,
-        0x299a98a0,0xba572479,0xee05fdf9,0x48b29f16,0x089b2d7b,0x33fb4f61 },
-      { 0xa950f955,0x86704902,0xfedc3ddf,0x97e1034d,0x05fbb6a2,0x211320b6,
-        0x432299bb,0x23d7b93f,0x8590e4a3,0x1fe1a057,0xf58c0ce6,0x8e1d0586 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_12(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, km);
-
-            err = sp_384_ecc_mulmod_base_12(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 12 + 12 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12 + 12 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 12;
-
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_12(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_12(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_12(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adds	r1, r1, #1\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r4"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 12, buf, (int)sizeof(buf));
-            if (sp_384_cmp_12(k, p384_order2) <= 0) {
-                sp_384_add_one_12(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 12);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_12(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_12(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_12(point->x) || sp_384_iszero_12(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-    sp_digit k[12];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_12(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_12(ctx->point->x) ||
-                    sp_384_iszero_12(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_12(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_12(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 11; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, priv);
-        sp_384_point_from_ecc_point_12(point, pub);
-            err = sp_384_ecc_mulmod_12(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_12(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-    };
-    sp_digit k[12];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 12, priv);
-            sp_384_point_from_ecc_point_12(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_12(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #48\n\t"
-        "\n"
-    "L_sp_384_sub_in_pkace_12_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_384_sub_in_pkace_12_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_384_mul_d_12_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #48\n\t"
-        "blt	L_sp_384_mul_d_12_word_%=\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "str	r3, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_384_word_12(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_384_word_12(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_384_word_12_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_384_word_12_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<12; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-    r[9] = a[9] & m;
-    r[10] = a[10] & m;
-    r[11] = a[11] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[24], t2[13];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[11];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 12);
-    r1 = sp_384_cmp_12(&t1[12], d) >= 0;
-    sp_384_cond_sub_12(&t1[12], &t1[12], d, (sp_digit)0 - r1);
-    for (i = 11; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[12 + i] == div);
-        sp_digit hi = t1[12 + i] + mask;
-        r1 = div_384_word_12(hi, t1[12 + i - 1], div);
-        r1 |= mask;
-
-        sp_384_mul_d_12(t2, d, r1);
-        t1[12 + i] += sp_384_sub_in_place_12(&t1[i], t2);
-        t1[12 + i] -= t2[12];
-        sp_384_mask_12(t2, d, t1[12 + i]);
-        t1[12 + i] += sp_384_add_12(&t1[i], &t1[i], t2);
-        sp_384_mask_12(t2, d, t1[12 + i]);
-        t1[12 + i] += sp_384_add_12(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_384_cmp_12(t1, d) >= 0;
-    sp_384_cond_sub_12(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_384_div_12(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_12(r, a, b);
-    sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word32 p384_order_minus_2[12] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word32 p384_order_low[6] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_12(r, a);
-    sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_12(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_12(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_12_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_12_ctx;
-static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_12_ctx* ctx = (sp_384_mont_inv_order_12_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 12);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_12(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 12U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 12);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_12(t, t);
-        if ((p384_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 12U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 12;
-    sp_digit* t3 = td + 4 * 12;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_12(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_12(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_12(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_12(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_12(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_12(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_12(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_12(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_12(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_12(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_12(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_12(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_12(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_12(t2, t2);
-        if ((p384_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_12(t2, t2);
-    sp_384_mont_mul_order_12(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_12(k, k, p384_norm_order);
-    err = sp_384_mod_12(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_12(k);
-
-        /* kInv = 1/k mod order */
-            sp_384_mont_inv_order_12(kInv, k, tmp);
-        sp_384_norm_12(kInv);
-
-        /* s = r * x + e */
-            sp_384_mul_12(x, x, r);
-        err = sp_384_mod_12(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_12(x);
-        carry = sp_384_add_12(s, e, x);
-        sp_384_cond_sub_12(s, s, p384_order, 0 - carry);
-        sp_384_norm_12(s);
-        c = sp_384_cmp_12(s, p384_order);
-        sp_384_cond_sub_12(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(s);
-
-        /* s = s * k^-1 mod order */
-            sp_384_mont_mul_order_12(s, s, kInv);
-        sp_384_norm_12(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 12);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 12;
-        k = e + 4 * 12;
-        r = e + 6 * 12;
-        tmp = e + 8 * 12;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_12(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 12, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_384_ecc_mulmod_base_12(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 12U);
-            sp_384_norm_12(r);
-            c = sp_384_cmp_12(r, p384_order);
-            sp_384_cond_sub_12(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_12(r);
-
-            if (!sp_384_iszero_12(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 12, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 12, hash, (int)hashLen);
-
-                err = sp_384_calc_s_12(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_12(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 12, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-        sp_384_mont_inv_order_12_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*12];
-    sp_digit x[2*12];
-    sp_digit k[2*12];
-    sp_digit r[2*12];
-    sp_digit tmp[3 * 2*12];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_12(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 12, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 12U);
-        sp_384_norm_12(ctx->r);
-        c = sp_384_cmp_12(ctx->r, p384_order);
-        sp_384_cond_sub_12(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 12, priv);
-        sp_384_from_bin(ctx->e, 12, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_12(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_12(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_12(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_12_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_12(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_12(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_12(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_384_norm_12(ctx->x);
-        carry = sp_384_add_12(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_12(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_12(ctx->s);
-        c = sp_384_cmp_12(ctx->s, p384_order);
-        sp_384_cond_sub_12(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_12(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_12(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_12(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 12U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r4}\n\t"
-        "ands	r3, r4, #1\n\t"
-        "beq	L_sp_384_div2_mod_12_even_%=\n\t"
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "adc	r3, r12, r12\n\t"
-        "b	L_sp_384_div2_mod_12_div2_%=\n\t"
-        "\n"
-    "L_sp_384_div2_mod_12_even_%=: \n\t"
-        "ldm	%[a]!, {r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "\n"
-    "L_sp_384_div2_mod_12_div2_%=: \n\t"
-        "sub	%[r], %[r], #48\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldm	r0, {r8, r9}\n\t"
-#else
-        "ldrd	r8, r9, [%[r]]\n\t"
-#endif
-        "lsr	r8, r8, #1\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #8]\n\t"
-        "str	r8, [%[r]]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #12]\n\t"
-        "str	r9, [%[r], #4]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #16]\n\t"
-        "str	r10, [%[r], #8]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #20]\n\t"
-        "str	r8, [%[r], #12]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #24]\n\t"
-        "str	r9, [%[r], #16]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #28]\n\t"
-        "str	r10, [%[r], #20]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #32]\n\t"
-        "str	r8, [%[r], #24]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #36]\n\t"
-        "str	r9, [%[r], #28]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #40]\n\t"
-        "str	r10, [%[r], #32]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #44]\n\t"
-        "str	r8, [%[r], #36]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "orr	r10, r10, r3, lsl #31\n\t"
-        "str	r9, [%[r], #40]\n\t"
-        "str	r10, [%[r], #44]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-static const byte L_sp_384_num_bits_12_table[] = {
-    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
-    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-};
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register byte* L_sp_384_num_bits_12_table_c asm ("r1") =
-        (byte*)&L_sp_384_num_bits_12_table;
-#else
-    register byte* L_sp_384_num_bits_12_table_c =
-        (byte*)&L_sp_384_num_bits_12_table;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, %[L_sp_384_num_bits_12_table]\n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_11_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_11_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x78\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x178\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_11_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_11_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x70\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x170\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_11_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_11_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x68\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x168\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_11_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x60\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x160\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_11_%=: \n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_10_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_10_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x58\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x158\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_10_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_10_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x50\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x150\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_10_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_10_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x48\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x148\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_10_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x40\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x140\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_10_%=: \n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_9_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_9_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x38\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x138\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_9_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_9_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x30\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x130\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_9_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_9_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x28\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x128\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_9_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x20\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x120\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_9_%=: \n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_8_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_8_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x18\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x118\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_8_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_8_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x10\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x110\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_8_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_8_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x108\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_8_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x100\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_8_%=: \n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_7_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_7_3_%=\n\t"
-        "mov	r2, #0xf8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_7_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_7_2_%=\n\t"
-        "mov	r2, #0xf0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_7_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_7_1_%=\n\t"
-        "mov	r2, #0xe8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_7_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xe0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_7_%=: \n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_6_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_6_3_%=\n\t"
-        "mov	r2, #0xd8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_6_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_6_2_%=\n\t"
-        "mov	r2, #0xd0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_6_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_6_1_%=\n\t"
-        "mov	r2, #0xc8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_6_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xc0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_6_%=: \n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_5_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_5_3_%=\n\t"
-        "mov	r2, #0xb8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_5_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_5_2_%=\n\t"
-        "mov	r2, #0xb0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_5_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_5_1_%=\n\t"
-        "mov	r2, #0xa8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_5_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xa0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_5_%=: \n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_4_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_4_3_%=\n\t"
-        "mov	r2, #0x98\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_4_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_4_2_%=\n\t"
-        "mov	r2, #0x90\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_4_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_4_1_%=\n\t"
-        "mov	r2, #0x88\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_4_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x80\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_4_%=: \n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_3_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_3_3_%=\n\t"
-        "mov	r2, #0x78\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_3_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_3_2_%=\n\t"
-        "mov	r2, #0x70\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_3_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_3_1_%=\n\t"
-        "mov	r2, #0x68\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_3_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x60\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_3_%=: \n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_2_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_2_3_%=\n\t"
-        "mov	r2, #0x58\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_2_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_2_2_%=\n\t"
-        "mov	r2, #0x50\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_2_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_2_1_%=\n\t"
-        "mov	r2, #0x48\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_2_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x40\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_2_%=: \n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_1_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_1_3_%=\n\t"
-        "mov	r2, #56\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_1_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_1_2_%=\n\t"
-        "mov	r2, #48\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_1_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_1_1_%=\n\t"
-        "mov	r2, #40\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_1_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #32\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_1_%=: \n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_0_3_%=\n\t"
-        "mov	r2, #24\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_0_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_0_2_%=\n\t"
-        "mov	r2, #16\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_0_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_0_1_%=\n\t"
-        "mov	r2, #8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_0_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_13_%=: \n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a),
-          [L_sp_384_num_bits_12_table] "+r" (L_sp_384_num_bits_12_table_c)
-        :
-#else
-        :
-        : [a] "r" (a),
-          [L_sp_384_num_bits_12_table] "r" (L_sp_384_num_bits_12_table_c)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r1, [%[a], #44]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_11_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x80\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x180\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_11_%=: \n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_10_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x60\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x160\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_10_%=: \n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_9_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x40\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x140\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_9_%=: \n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_8_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x20\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x120\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_8_%=: \n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_7_%=\n\t"
-        "mov	r2, #0x100\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_7_%=: \n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_6_%=\n\t"
-        "mov	r2, #0xe0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_6_%=: \n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_5_%=\n\t"
-        "mov	r2, #0xc0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_5_%=: \n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_4_%=\n\t"
-        "mov	r2, #0xa0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_4_%=: \n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_3_%=\n\t"
-        "mov	r2, #0x80\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_3_%=: \n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_2_%=\n\t"
-        "mov	r2, #0x60\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_2_%=: \n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_384_num_bits_12_1_%=\n\t"
-        "mov	r2, #0x40\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_1_%=: \n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "mov	r2, #32\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_13_%=: \n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r12", "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[12];
-    sp_digit v[12];
-    sp_digit b[12];
-    sp_digit d[12];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_384_num_bits_12(u);
-    vt = sp_384_num_bits_12(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_384_rshift1_12(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_384_rshift1_12(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_384_rshift1_12(v, v);
-            sp_384_div2_mod_12(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
-            sp_384_sub_12(u, u, v);
-            o = sp_384_sub_12(b, b, d);
-            if (o != 0)
-                sp_384_add_12(b, b, m);
-            ut = sp_384_num_bits_12(u);
-
-            do {
-                sp_384_rshift1_12(u, u);
-                sp_384_div2_mod_12(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_384_sub_12(v, v, u);
-            o = sp_384_sub_12(d, d, b);
-            if (o != 0)
-                sp_384_add_12(d, d, m);
-            vt = sp_384_num_bits_12(v);
-
-            do {
-                sp_384_rshift1_12(v, v);
-                sp_384_div2_mod_12(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-
-        sp_384_proj_point_add_12(p1, p1, p2, tmp);
-    if (sp_384_iszero_12(p1->z)) {
-        if (sp_384_iszero_12(p1->x) && sp_384_iszero_12(p1->y)) {
-                sp_384_proj_point_dbl_12(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_12(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_384_mul_12(s, s, p384_norm_order);
-        err = sp_384_mod_12(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_12(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_384_mont_inv_order_12(s, s, tmp);
-            sp_384_mont_mul_order_12(u1, u1, s);
-            sp_384_mont_mul_order_12(u2, u2, s);
-        }
-#else
-        {
-            sp_384_mont_mul_order_12(u1, u1, s);
-            sp_384_mont_mul_order_12(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_384_ecc_mulmod_base_12(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_12(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_12(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_12(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 12);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 12;
-        s   = u1 + 4 * 12;
-        tmp = u1 + 6 * 12;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 12, hash, (int)hashLen);
-        sp_384_from_mp(u2, 12, rm);
-        sp_384_from_mp(s, 12, sm);
-        sp_384_from_mp(p2->x, 12, pX);
-        sp_384_from_mp(p2->y, 12, pY);
-        sp_384_from_mp(p2->z, 12, pZ);
-
-        err = sp_384_calc_vfy_point_12(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 12, rm);
-        err = sp_384_mod_mul_norm_12(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_384_mont_sqr_12(p1->z, p1->z, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_12(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_12(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 12, rm);
-            carry = sp_384_add_12(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_12(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_12(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_12(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_384_mont_mul_12(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_12(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-        sp_384_mont_inv_order_12_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_12_ctx dbl_ctx;
-        sp_384_proj_point_add_12_ctx add_ctx;
-    };
-    sp_digit u1[2*12];
-    sp_digit u2[2*12];
-    sp_digit s[2*12];
-    sp_digit tmp[2*12 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 12, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 12, rm);
-        sp_384_from_mp(ctx->s, 12, sm);
-        sp_384_from_mp(ctx->p2.x, 12, pX);
-        sp_384_from_mp(ctx->p2.y, 12, pY);
-        sp_384_from_mp(ctx->p2.z, 12, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_12(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_12(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_12(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_12_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_12(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_12(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_12(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_12(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_12_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 12, rm);
-        err = sp_384_mod_mul_norm_12(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_12(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_12(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_12(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 12, rm);
-            carry = sp_384_add_12(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_12(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_12(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_12(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_12(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_12(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_12(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 12 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 12 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 12;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_12(t1, point->y);
-        (void)sp_384_mod_12(t1, t1, p384_mod);
-        sp_384_sqr_12(t2, point->x);
-        (void)sp_384_mod_12(t2, t2, p384_mod);
-        sp_384_mul_12(t2, t2, point->x);
-        (void)sp_384_mod_12(t2, t2, p384_mod);
-        sp_384_mont_sub_12(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_12(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 12, pX);
-        sp_384_from_mp(pub->y, 12, pY);
-        sp_384_from_bin(pub->z, 12, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_12(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 12);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 12, pX);
-        sp_384_from_mp(pub->y, 12, pY);
-        sp_384_from_bin(pub->z, 12, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 12, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_12(pub->x) != 0) &&
-            (sp_384_iszero_12(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_12(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_12(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_12(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_384_ecc_mulmod_12(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_12(p->x) == 0) ||
-                             (sp_384_iszero_12(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_12(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_12(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        sp_384_from_mp(q->x, 12, qX);
-        sp_384_from_mp(q->y, 12, qY);
-        sp_384_from_mp(q->z, 12, qZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-        q->infinity = sp_384_iszero_12(q->x) &
-                      sp_384_iszero_12(q->y);
-
-            sp_384_proj_point_add_12(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-
-            sp_384_proj_point_dbl_12(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-
-            sp_384_map_12(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_12(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 12);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 12;
-        t3 = t1 + 4 * 12;
-        t4 = t1 + 6 * 12;
-        t5 = t1 + 8 * 12;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_12(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_12(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_12(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_12(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_12(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_12(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_12(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_12(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_12(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_12(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_12(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_12(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_12(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_12(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_12(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_12(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_12(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_12(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 12);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 12;
-
-        sp_384_from_mp(x, 12, xm);
-        err = sp_384_mod_mul_norm_12(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_384_mont_sqr_12(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_12(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_12(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_12(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_12(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 12, 0, 12U * sizeof(sp_digit));
-        sp_384_mont_reduce_12(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_12(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 17];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 17];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 17];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[17] = {
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[17] = {
-    0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[17] = {
-    0x91386409,0xbb6fb71e,0x899c47ae,0x3bb5c9b8,0xf709a5d0,0x7fcc0148,
-    0xbf2f966b,0x51868783,0xfffffffa,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[17] = {
-    0x91386407,0xbb6fb71e,0x899c47ae,0x3bb5c9b8,0xf709a5d0,0x7fcc0148,
-    0xbf2f966b,0x51868783,0xfffffffa,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[17] = {
-    0x6ec79bf7,0x449048e1,0x7663b851,0xc44a3647,0x08f65a2f,0x8033feb7,
-    0x40d06994,0xae79787c,0x00000005,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x79a995c7;
-#endif
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[17] = {
-    0x6b503f00,0xef451fd4,0x3d2c34f1,0x3573df88,0x3bb1bf07,0x1652c0bd,
-    0xec7e937b,0x56193951,0x8ef109e1,0xb8b48991,0x99b315f3,0xa2da725b,
-    0xb68540ee,0x929a21a0,0x8e1c9a1f,0x953eb961,0x00000051
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x88\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_521_mul_17_outer_%=: \n\t"
-        "subs	r3, r5, #0x40\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_521_mul_17_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_521_mul_17_inner_done_%=\n\t"
-        "blt	L_sp_521_mul_17_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_521_mul_17_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x7c\n\t"
-        "ble	L_sp_521_mul_17_outer_%=\n\t"
-        "ldr	lr, [%[a], #64]\n\t"
-        "ldr	r11, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "ldm	sp!, {r6, r7}\n\t"
-        "stm	%[r]!, {r6, r7}\n\t"
-        "sub	r5, r5, #8\n\t"
-        "\n"
-    "L_sp_521_mul_17_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_521_mul_17_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        /* A[0] * B[0] */
-        "ldr	r11, [%[a]]\n\t"
-        "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r3, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-#else
-        "umull	r3, r4, r11, r12\n\t"
-        "mov	r5, #0\n\t"
-#endif
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[0] */
-        "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[1] */
-        "ldr	r11, [%[a], #4]\n\t"
-        "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[2] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[1] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[0] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[1] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[2] */
-        "ldr	r11, [%[a], #8]\n\t"
-        "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[3] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[4] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[4] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[2] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[1] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[0] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[1] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[2] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[3] */
-        "ldr	r11, [%[a], #12]\n\t"
-        "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[4] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[5] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[0] * B[6] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[6] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[5] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[3] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[2] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[1] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[0] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[1] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[2] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[3] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[4] */
-        "ldr	r11, [%[a], #16]\n\t"
-        "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[5] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[6] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[7] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[8] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[8] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[7] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[6] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[4] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[3] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[2] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[1] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[0] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[1] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[2] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[3] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[4] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[5] */
-        "ldr	r11, [%[a], #20]\n\t"
-        "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[6] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[7] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[8] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[9] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[10] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[10] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[9] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[8] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[7] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[5] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[4] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[3] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[2] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[1] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[0] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #44]\n\t"
-        /* A[12] * B[0] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[1] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[2] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[3] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[4] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[5] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[6] */
-        "ldr	r11, [%[a], #24]\n\t"
-        "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[7] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[8] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[9] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[10] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[11] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[0] * B[12] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #48]\n\t"
-        /* A[0] * B[13] */
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[12] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[11] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[10] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[9] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[8] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[6] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[5] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[4] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[3] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[2] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[1] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[0] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #52]\n\t"
-        /* A[14] * B[0] */
-        "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[1] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[2] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[3] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[4] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[5] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[6] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[7] */
-        "ldr	r11, [%[a], #28]\n\t"
-        "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[8] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[9] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[10] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[11] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[12] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[13] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[14] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #56]\n\t"
-        /* A[0] * B[15] */
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[14] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[13] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[12] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[11] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[10] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[9] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[8] */
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[7] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[6] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[5] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[4] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[3] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[2] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[1] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[0] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #60]\n\t"
-        /* A[16] * B[0] */
-        "ldr	r8, [%[a], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[1] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[2] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[3] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[4] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[5] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[6] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[7] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[8] */
-        "ldr	r11, [%[a], #32]\n\t"
-        "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[9] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[10] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[11] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[12] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[13] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[14] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[15] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[16] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #64]\n\t"
-        /* A[1] * B[16] */
-        "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[15] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[14] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[13] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[12] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[11] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[10] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[8] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[7] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[6] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[5] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[4] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[3] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[2] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[16] * B[1] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #68]\n\t"
-        /* A[16] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[3] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[4] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[5] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[6] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[7] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[8] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[9] */
-        "ldr	r11, [%[a], #36]\n\t"
-        "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[10] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[11] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[12] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[13] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[14] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[15] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[16] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #72]\n\t"
-        /* A[3] * B[16] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[15] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[14] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[13] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[12] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[11] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[10] */
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[9] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[8] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[7] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[6] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[5] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[4] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[16] * B[3] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #76]\n\t"
-        /* A[16] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[5] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[6] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[7] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[8] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[9] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[10] */
-        "ldr	r11, [%[a], #40]\n\t"
-        "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[11] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[12] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[13] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[14] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[15] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[16] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #80]\n\t"
-        /* A[5] * B[16] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[15] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[14] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[13] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[12] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[10] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[9] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[8] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[7] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[6] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[16] * B[5] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #84]\n\t"
-        /* A[16] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[7] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[8] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[9] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[10] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[11] */
-        "ldr	r11, [%[a], #44]\n\t"
-        "ldr	r12, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[12] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[13] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[14] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[15] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[16] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        /* A[7] * B[16] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[15] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[14] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[13] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[12] */
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[11] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[10] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[9] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[8] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[16] * B[7] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #92]\n\t"
-        /* A[16] * B[8] */
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[9] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[10] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[11] */
-        "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[12] */
-        "ldr	r11, [%[a], #48]\n\t"
-        "ldr	r12, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[13] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[14] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[15] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[16] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #96]\n\t"
-        /* A[9] * B[16] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[15] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[14] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[13] */
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[12] */
-        "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[11] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[10] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[16] * B[9] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #100]\n\t"
-        /* A[16] * B[10] */
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[11] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[12] */
-        "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[13] */
-        "ldr	r11, [%[a], #52]\n\t"
-        "ldr	r12, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[14] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[15] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[16] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #104]\n\t"
-        /* A[11] * B[16] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[15] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[14] */
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[13] */
-        "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[12] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[16] * B[11] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #108]\n\t"
-        /* A[16] * B[12] */
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[13] */
-        "ldr	r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[14] */
-        "ldr	r11, [%[a], #56]\n\t"
-        "ldr	r12, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[15] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[16] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        /* A[13] * B[16] */
-        "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[15] */
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[14] */
-        "ldr	r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[16] * B[13] */
-        "ldr	r8, [%[a], #64]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #116]\n\t"
-        /* A[16] * B[14] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[15] */
-        "ldr	r11, [%[a], #60]\n\t"
-        "ldr	r12, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[16] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #120]\n\t"
-        /* A[15] * B[16] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[16] * B[15] */
-        "ldr	r8, [%[a], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #124]\n\t"
-        /* A[16] * B[16] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, r8, r9\n\t"
-#endif
-        "str	r5, [%[r], #128]\n\t"
-        "str	r3, [%[r], #132]\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3}\n\t"
-        "stm	%[r]!, {r3}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x88\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_521_sqr_17_outer_%=: \n\t"
-        "subs	r3, r5, #0x40\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_521_sqr_17_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_521_sqr_17_inner_done_%=\n\t"
-        "blt	L_sp_521_sqr_17_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_521_sqr_17_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x7c\n\t"
-        "ble	L_sp_521_sqr_17_outer_%=\n\t"
-        "ldr	lr, [%[a], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "ldm	sp!, {r6, r7}\n\t"
-        "stm	%[r]!, {r6, r7}\n\t"
-        "sub	r5, r5, #8\n\t"
-        "\n"
-    "L_sp_521_sqr_17_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_521_sqr_17_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        /* A[0] * A[0] */
-        "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r2, r10, #16\n\t"
-        "lsr	r2, r2, #16\n\t"
-        "mul	r8, r2, r2\n\t"
-        "mul	r3, r9, r9\n\t"
-        "mul	r2, r9, r2\n\t"
-        "lsr	r9, r2, #15\n\t"
-        "lsl	r2, r2, #17\n\t"
-        "adds	r8, r8, r2\n\t"
-        "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r3, r10, r10\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[1] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[2] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #44]\n\t"
-        /* A[0] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #48]\n\t"
-        /* A[0] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #52]\n\t"
-        /* A[0] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #56]\n\t"
-        /* A[0] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #60]\n\t"
-        /* A[0] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #64]\n\t"
-        /* A[1] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[2] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        /* A[2] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[3] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #72]\n\t"
-        /* A[3] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[4] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #76]\n\t"
-        /* A[4] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[5] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        /* A[5] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[6] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #84]\n\t"
-        /* A[6] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[7] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #88]\n\t"
-        /* A[7] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[8] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        /* A[8] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[9] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[12] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #96]\n\t"
-        /* A[9] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[10] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[12] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #100]\n\t"
-        /* A[10] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[11] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[12] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[13] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #104]\n\t"
-        /* A[11] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[12] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[13] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #108]\n\t"
-        /* A[12] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[13] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[14] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [%[r], #112]\n\t"
-        /* A[13] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #116]\n\t"
-        /* A[14] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [%[r], #120]\n\t"
-        /* A[15] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [%[r], #124]\n\t"
-        /* A[16] * A[16] */
-        "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-#endif
-        "str	r4, [%[r], #128]\n\t"
-        "str	r2, [%[r], #132]\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2}\n\t"
-        "stm	%[r]!, {r2}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0x40\n\t"
-        "\n"
-    "L_sp_521_add_17_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_521_add_17_word_%=\n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a], {r4}\n\t"
-        "ldm	%[b], {r8}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	%[r], r4, #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "ldm	%[b]!, {r7}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "stm	%[r]!, {r3}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)m;
-
-    if (r != a) {
-        XMEMCPY(r, a, 17 * sizeof(sp_digit));
-    }
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_17(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 17, pm->x);
-    sp_521_from_mp(p->y, 17, pm->y);
-    sp_521_from_mp(p->z, 17, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 17);
-        r->used = 17;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 17; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 17; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_521_cond_sub_17_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0x44\n\t"
-        "blt	L_sp_521_cond_sub_17_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "mov	r12, sp\n\t"
-        /* Shift top down by 9 bits */
-        "add	lr, %[a], #0x40\n\t"
-        /*  0-7 */
-        "ldm	lr!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "lsr	r1, r1, #9\n\t"
-        "orr	r1, r1, r2, lsl #23\n\t"
-        "lsr	r2, r2, #9\n\t"
-        "orr	r2, r2, r3, lsl #23\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r4, lsl #23\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r6, lsl #23\n\t"
-        "lsr	r6, r6, #9\n\t"
-        "orr	r6, r6, r7, lsl #23\n\t"
-        "lsr	r7, r7, #9\n\t"
-        "orr	r7, r7, r8, lsl #23\n\t"
-        "lsr	r8, r8, #9\n\t"
-        "orr	r8, r8, r9, lsl #23\n\t"
-        "stm	r12!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "mov	r1, r9\n\t"
-        /*  8-16 */
-        "ldm	lr!, {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "lsr	r1, r1, #9\n\t"
-        "orr	r1, r1, r2, lsl #23\n\t"
-        "lsr	r2, r2, #9\n\t"
-        "orr	r2, r2, r3, lsl #23\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r4, lsl #23\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r6, lsl #23\n\t"
-        "lsr	r6, r6, #9\n\t"
-        "orr	r6, r6, r7, lsl #23\n\t"
-        "lsr	r7, r7, #9\n\t"
-        "orr	r7, r7, r8, lsl #23\n\t"
-        "lsr	r8, r8, #9\n\t"
-        "orr	r8, r8, r9, lsl #23\n\t"
-        "lsr	r9, r9, #9\n\t"
-        "stm	r12!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        /* Add top to bottom */
-        /*  0-5 */
-        "ldm	%[a], {r1, r2, r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r7, r8, r9, r10, r11, r12}\n\t"
-        "adds	r1, r1, r7\n\t"
-        "adcs	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adcs	r5, r5, r11\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
-        /*  6-11 */
-        "ldm	%[a], {r1, r2, r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r7, r8, r9, r10, r11, r12}\n\t"
-        "adcs	r1, r1, r7\n\t"
-        "adcs	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adcs	r5, r5, r11\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
-        /*  12-16 */
-        "ldm	%[a], {r1, r2, r3, r4, r5}\n\t"
-        "ldm	sp!, {r7, r8, r9, r10, r11}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	lr, #0xff\n\t"
-        "orr	lr, lr, #0x100\n\t"
-#else
-        "mov	lr, #0x1ff\n\t"
-#endif
-        "and	r5, r5, lr\n\t"
-        "adcs	r1, r1, r7\n\t"
-        "adcs	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adcs	r5, r5, r11\n\t"
-        "lsr	r12, r5, #9\n\t"
-        "and	r5, r5, lr\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4, r5}\n\t"
-        "sub	%[a], %[a], #0x44\n\t"
-        /* Add overflow */
-        /*  0-8 */
-        "ldm	%[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "adds	r1, r1, r12\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        /*  9-16 */
-        "ldm	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        "cmp	r9, #0x40\n\t"
-        "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r7, #0xff\n\t"
-        "orr	r7, r7, #0x100\n\t"
-#else
-        "mov	r7, #0x1ff\n\t"
-#endif
-        "and	r8, r8, r7\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "str	r12, [%[a]]\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #64]\n\t"
-#else
-        "ldr	r7, [%[m], #64]\n\t"
-#endif
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "adcs	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x44\n\t"
-        "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "sub	%[a], %[a], #4\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #64]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "str	r4, [%[a], #68]\n\t"
-        "lsr	r3, r4, #9\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        "cmp	r9, #0x40\n\t"
-        "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r7, #0xff\n\t"
-        "orr	r7, r7, #0x100\n\t"
-#else
-        "mov	r7, #0x1ff\n\t"
-#endif
-        "and	r8, r8, r7\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        "str	r12, [%[a]]\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "adcs	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x44\n\t"
-        "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "sub	%[a], %[a], #4\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "orr	r4, r4, r5, lsl #23\n\t"
-        "str	r4, [%[a], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "lsr	r5, r5, #9\n\t"
-        "orr	r5, r5, r4, lsl #23\n\t"
-        "str	r5, [%[a], #64]\n\t"
-        "lsr	r4, r4, #9\n\t"
-        "str	r4, [%[a], #68]\n\t"
-        "lsr	r3, r4, #9\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_521_mont_reduce_order_17(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        "cmp	r12, #0x40\n\t"
-        "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r10, #0xff\n\t"
-        "orr	r10, r10, #0x100\n\t"
-#else
-        "mov	r10, #0x1ff\n\t"
-#endif
-        "and	r11, r11, r10\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        "str	r4, [%[a]]\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #68]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #68]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0x44\n\t"
-        "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "sub	%[a], %[a], #4\n\t"
-        "ldr	r10, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #4]\n\t"
-        "ldr	r10, [%[a], #8]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #8]\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #24]\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #32]\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #40]\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #48]\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #56]\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "orr	r10, r10, r3, lsl #23\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r3, r3, #9\n\t"
-        "orr	r3, r3, r10, lsl #23\n\t"
-        "str	r3, [%[a], #64]\n\t"
-        "lsr	r10, r10, #9\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "lsr	lr, r10, #9\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mul_17(r, a, b);
-    sp_521_mont_reduce_17(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_521_sqr_17(r, a);
-    sp_521_mont_reduce_17(r, m, mp);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_17(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_17(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word32 p521_mod_minus_2[17] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 17);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_521_mont_mul_17(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 17);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 17;
-    sp_digit* t3 = td + 4 * 17;
-
-    /* 0x2 */
-    sp_521_mont_sqr_17(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_17(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_17(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_17(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_17(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_17(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_17(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_17(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_17(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_17(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_17(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_17(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #0x40\n\t"
-        "\n"
-    "L_sp_521_cmp_17_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_521_cmp_17_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_521_norm_17(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_int32 n;
-
-    sp_521_mont_inv_17(t1, p->z, t + 2*17);
-
-    sp_521_mont_sqr_17(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_17(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 17, 0, sizeof(sp_digit) * 17U);
-    sp_521_mont_reduce_17(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_17(r->x, p521_mod);
-    sp_521_cond_sub_17(r->x, r->x, p521_mod, (sp_digit)~(n >> 31));
-    sp_521_norm_17(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_17(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 17, 0, sizeof(sp_digit) * 17U);
-    sp_521_mont_reduce_17(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_17(r->y, p521_mod);
-    sp_521_cond_sub_17(r->y, r->y, p521_mod, (sp_digit)~(n >> 31));
-    sp_521_norm_17(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mont_add_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mont_add_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8}\n\t"
-        "ldm	%[b]!, {r4}\n\t"
-        "adcs	r8, r8, r4\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r12, #0xff\n\t"
-        "orr	r12, r12, #0x100\n\t"
-#else
-        "mov	r12, #0x1ff\n\t"
-#endif
-        "lsr	r3, r8, #9\n\t"
-        "and	r8, r8, r12\n\t"
-        "stm	%[r]!, {r8}\n\t"
-        "sub	%[r], %[r], #0x44\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4}\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[r]!, {r4}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mont_dbl_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mont_dbl_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "adcs	r4, r4, r4\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r3, #0xff\n\t"
-        "orr	r3, r3, #0x100\n\t"
-#else
-        "mov	r3, #0x1ff\n\t"
-#endif
-        "lsr	r2, r4, #9\n\t"
-        "and	r4, r4, r3\n\t"
-        "stm	%[r]!, {r4}\n\t"
-        "sub	%[r], %[r], #0x44\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adcs	r11, r11, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4}\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[r]!, {r4}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2", "r3"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mont_tpl_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mont_tpl_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "stm	%[r]!, {r4}\n\t"
-        "sub	%[r], %[r], #0x44\n\t"
-        "sub	%[a], %[a], #0x44\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4}\n\t"
-        "ldm	%[a]!, {r8}\n\t"
-        "adcs	r4, r4, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r3, #0xff\n\t"
-        "orr	r3, r3, #0x100\n\t"
-#else
-        "mov	r3, #0x1ff\n\t"
-#endif
-        "lsr	r2, r4, #9\n\t"
-        "and	r4, r4, r3\n\t"
-        "stm	%[r]!, {r4}\n\t"
-        "sub	%[r], %[r], #0x44\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4}\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[r]!, {r4}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2", "r3"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mont_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mont_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "subs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "sbcs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "sbcs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "sbcs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8}\n\t"
-        "ldm	%[b]!, {r4}\n\t"
-        "sbcs	r8, r8, r4\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r12, #0xff\n\t"
-        "orr	r12, r12, #0x100\n\t"
-#else
-        "mov	r12, #0x1ff\n\t"
-#endif
-        "asr	r3, r8, #9\n\t"
-        "and	r8, r8, r12\n\t"
-        "neg	r3, r3\n\t"
-        "stm	%[r]!, {r8}\n\t"
-        "sub	%[r], %[r], #0x44\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, #0\n\t"
-        "sbcs	r11, r11, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbcs	r5, r5, #0\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r7, r7, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, #0\n\t"
-        "sbcs	r11, r11, #0\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4}\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "stm	%[r]!, {r4}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r,
-    const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3}\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit o = a[0] & 1;
-
-    (void)m;
-
-    sp_521_rshift1_17(r, r);
-    r[16] |= o << 8;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_17(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_17(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_17(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_17(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_17(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_17(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_17(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_17(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_17(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_17(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_17(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_17(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_17(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_17(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_17(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_17_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_17_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*17;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_17(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_17(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_17(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_17(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_17(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_17(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_17(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_17(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_17(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_17(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_17(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_17(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_17(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_17(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_17(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*17;
-    sp_digit* t2 = t + 4*17;
-    sp_digit* t3 = t + 6*17;
-    sp_digit* t4 = t + 8*17;
-    sp_digit* t5 = t + 10*17;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_17(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_17(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_17(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_17(t2, t1) &
-            sp_521_cmp_equal_17(t4, t3)) {
-        sp_521_proj_point_dbl_17(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_17(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(x, x, t5, p521_mod);
-        sp_521_mont_mul_17(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_17(t3, y, p521_mod);
-        sp_521_mont_sub_17(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_17_ctx {
-    int state;
-    sp_521_proj_point_dbl_17_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_17_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_17_ctx* ctx = (sp_521_proj_point_add_17_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*17;
-        ctx->t2 = t + 4*17;
-        ctx->t3 = t + 6*17;
-        ctx->t4 = t + 8*17;
-        ctx->t5 = t + 10*17;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_17(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_17(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_17(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_17(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_17(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_17(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_17(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_17(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_17(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_17(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_17(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_17(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_17(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_17(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_17(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_17(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_17(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_17(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_17(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_17(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_17(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_17(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    r->z[12] = 0;
-    r->z[13] = 0;
-    r->z[14] = 0;
-    r->z[15] = 0;
-    r->z[16] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-        r->z[12] |= mask & table[i].z[12];
-        r->z[13] |= mask & table[i].z[13];
-        r->z[14] |= mask & table[i].z[14];
-        r->z[15] |= mask & table[i].z[15];
-        r->z[16] |= mask & table[i].z[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 521 doubles.
- * 143 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_point_521* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_521, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_521, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_521_mod_mul_norm_17(t[1].x, g->x, p521_mod);
-        (void)sp_521_mod_mul_norm_17(t[1].y, g->y, p521_mod);
-        (void)sp_521_mod_mul_norm_17(t[1].z, g->z, p521_mod);
-        t[1].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_521_proj_point_add_17(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_521_proj_point_add_17(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_521_proj_point_add_17(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 15;
-        n = k[i+1] << 0;
-        c = 5;
-        y = (int)(n >> 5);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_16_17(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_521));
-        }
-        n <<= 27;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n = (k[i+1] << 31) | (k[i] >> 1);
-                i--;
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_16_17(p, t, y);
-                p->infinity = !y;
-                sp_521_proj_point_add_17(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
-            }
-        }
-        y = k[0] & 0x1;
-        sp_521_proj_point_dbl_17(rt, rt, tmp);
-        sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 17 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_521, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_521, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*17;
-    sp_digit* b = t + 4*17;
-    sp_digit* t1 = t + 6*17;
-    sp_digit* t2 = t + 8*17;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_17(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_17(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_17(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_17(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_17(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_17(t2, b, p521_mod);
-        sp_521_mont_sub_17(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_17(t2, b, x, p521_mod);
-        sp_521_mont_dbl_17(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_17(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_17(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_17(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_17(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_17(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_17(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_17(t2, b, p521_mod);
-    sp_521_mont_sub_17(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_17(t2, b, x, p521_mod);
-    sp_521_mont_dbl_17(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_17(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_17(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_17(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_17(y, y, p521_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_17(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 17;
-    sp_digit* tmp = t + 4 * 17;
-
-    sp_521_mont_inv_17(t1, a->z, tmp);
-
-    sp_521_mont_sqr_17(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_17(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[17];
-    sp_digit y[17];
-} sp_table_entry_521;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*17;
-    sp_digit* t6 = t + 4*17;
-    sp_digit* t1 = t + 6*17;
-    sp_digit* t4 = t + 8*17;
-    sp_digit* t5 = t + 10*17;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_17(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_17(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_17(p->x, t2) &
-            sp_521_cmp_equal_17(p->y, t4)) {
-        sp_521_proj_point_dbl_17(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_17(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_17(t5, t3, p521_mod);
-        sp_521_mont_sub_17(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_17(t3, t3, x, p521_mod);
-        sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 130 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_17(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_17(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_17(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_521_proj_point_dbl_n_17(t, 131, tmp);
-            sp_521_proj_to_affine_17(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_17(t, s1, s2, tmp);
-                sp_521_proj_to_affine_17(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_16_17(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^130, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 17 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 130;
-        for (j=0; j<4 && x<521; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 131;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_16_17(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=129; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4 && x<521; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 131;
-            }
-
-            sp_521_proj_point_dbl_17(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_16_17(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_17(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[17];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[17];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_17(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_17(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_17(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_17(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 65 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_17(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_17(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_17(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_521_proj_point_dbl_n_17(t, 66, tmp);
-            sp_521_proj_to_affine_17(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_17(t, s1, s2, tmp);
-                sp_521_proj_to_affine_17(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_256_17(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 17 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 65;
-        for (j=0; j<8 && x<521; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 66;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_256_17(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=64; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8 && x<521; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 66;
-            }
-
-            sp_521_proj_point_dbl_17(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_256_17(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_17(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[17];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[17];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_17(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_17(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_17(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_17(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(point, gm);
-
-            err = sp_521_ecc_mulmod_17(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 17 + 17 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17 + 17 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 17;
-
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(point, gm);
-        sp_521_point_from_ecc_point_17(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_17(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_17(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 131 between points.
- */
-static const sp_table_entry_521 p521_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6 },
-      { 0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118 } },
-    /* 2 */
-    { { 0x66fd07ca,0x1036eb9b,0x6b7fb490,0x6ca52cc1,0xd3e0c270,0x512e973e,
-        0x73d92d11,0x889980bf,0xa4005eea,0x38b4cfe4,0x8ceb4313,0xb6f992cc,
-        0x6daf7c23,0xd0ac2f8d,0xe32a93cb,0x1ccfbf17,0x000000c2 },
-      { 0x2f508cca,0x7bd9d6f1,0x595a72af,0xe82d7171,0x97512873,0x25d02976,
-        0x8cf39fbc,0xefc1de8b,0x9a1237f4,0x25e6b77f,0xd4d98b5d,0x9f3b73e7,
-        0xeccb07fe,0xe1fda62b,0x625350cf,0xdb813b03,0x00000014 } },
-    /* 3 */
-    { { 0x9b27bd61,0x415a1c9b,0x606854d6,0x74522753,0x92e73538,0x9e331ef4,
-        0x817e7a6d,0x0b3dba85,0x49ac273b,0x55c4bd53,0xfcb5417f,0xad42c78d,
-        0x92e08d38,0x528998b9,0xcc1914cc,0x14c2fff6,0x000000c1 },
-      { 0x767e9645,0x35b26fb0,0xc5e5a659,0x162b512f,0xcc47fbb8,0xa6e03696,
-        0x0a29a69b,0x732db065,0xd56bdf5d,0x058a74ed,0x25c858d9,0x4b7b60a0,
-        0xbd43373d,0x17f8a6d4,0xedf610b4,0x7b968f51,0x0000011f } },
-    /* 4 */
-    { { 0x1bc0fa77,0x5f56b5a4,0x64fd36f5,0x6cdd6bb5,0x8a5b7c7f,0xd0ac68b5,
-        0x09919ef9,0x4a92d9bf,0x71c3c520,0xc305e12b,0xdb699aee,0x554a9d1c,
-        0x61f54643,0x7fde0077,0x479115ce,0x99c13124,0x00000039 },
-      { 0xc271ac2d,0x25f890e1,0x94b370ac,0x1353ccd3,0x744d4011,0xc7b5adf6,
-        0xbe378127,0x9ccd7687,0x06c4e3cd,0xa8489b5c,0x305505f9,0x1945580a,
-        0x4ab3b12b,0x07190a20,0x1534ea4d,0x0ff53eb1,0x00000159 } },
-    /* 5 */
-    { { 0x91798548,0x877d4edd,0x031d657a,0xc43c7b25,0xfab18a04,0x47603671,
-        0xf670b476,0x7e39e7f2,0xb02fcc03,0xf7b76431,0x877f46f5,0x7c5662f3,
-        0x1c8b0c61,0x5bf8327e,0x4a8be322,0xe9cdb353,0x000001ae },
-      { 0x9d264420,0xa2d7092e,0x533ff3db,0x1f970352,0x99b5b52e,0x31dd232b,
-        0x850f45e9,0x8a9ce16b,0xc3011849,0x01c99023,0xc8e9301e,0x4bc30989,
-        0xcd95f64c,0x77a4de70,0x1026f289,0xbc8797bb,0x000000d7 } },
-    /* 6 */
-    { { 0x2be9edf8,0x98ea0934,0xfcb98199,0x6c2f3132,0xfaf83aeb,0xf579893d,
-        0xc73fda0f,0x858e87bb,0x7a0b9d1c,0xd3c0b3fb,0x71ee68b1,0x21fe6305,
-        0x66aa6f16,0x5bf8f01f,0xbca825ed,0x30934c99,0x000000d1 },
-      { 0x913022f2,0xe4309850,0xde5b80ce,0xfdc336c9,0x8b6130ef,0xb716d689,
-        0xa758d2f4,0x8a58b405,0xaa5cbc1c,0x98879df8,0xc12ce0bb,0x847cfd06,
-        0x8c02ff3c,0xa1006360,0x3438695b,0x836e906a,0x00000136 } },
-    /* 7 */
-    { { 0x259ce02d,0xac8fe351,0xdae5e0f7,0xa506da0c,0xf043421d,0x77b56e98,
-        0xa1647490,0xe0d041c7,0x9cb90101,0xe41f0789,0xda3e72e6,0x29bbf572,
-        0x04a14df0,0x6b635c47,0xe81ef5d3,0x56873f58,0x000001dd },
-      { 0x5cf9e33f,0x77abe79e,0x0a1117fd,0x91aab581,0xcbac2fe1,0x11edf3b1,
-        0xd72113b7,0xef43e017,0x06b74002,0xf9ad685c,0x8fbd3b1a,0x7e6370ce,
-        0x42f73a82,0x550dd50b,0xc5e64a9b,0x8f2146be,0x000001f2 } },
-    /* 8 */
-    { { 0x2934ed82,0x05a704cc,0x989edd8c,0x647089fb,0x0ce7c62d,0xe0b239d4,
-        0x105a5eff,0x4c892ea6,0xd5ed6b04,0xa519395f,0x509ed794,0x806c7003,
-        0xe70ce5c4,0x882e9886,0xff01f6a9,0x50730ca1,0x00000088 },
-      { 0xdbcc5484,0x90a78a16,0xfd454b50,0xc1ab078c,0xcb09e525,0x6f488252,
-        0xe19b2ed7,0xdd663f53,0xa67bf59c,0x16b10da1,0x36bb770a,0xb47f6b95,
-        0x777b2bce,0x6bdc8428,0x561553f8,0xcd02ae3d,0x00000017 } },
-    /* 9 */
-    { { 0x1579d15a,0x1e3633a0,0x3e98cd1f,0x574f0c23,0xc60f4f99,0x45969dca,
-        0x49fb9f24,0x10062c93,0xd378f640,0xd29a29d7,0xd7d48c2f,0xec941760,
-        0x31fbea5c,0xf0591c59,0xb40f9ebf,0xd6173e6b,0x00000063 },
-      { 0x5a984a72,0x220f4f39,0x32510f26,0x9a3f82ce,0x8c069a1d,0xf3d04c76,
-        0x69a21e57,0xf1d6d891,0xdc4db601,0x6b96b30b,0x64dcf3e0,0x71eeb728,
-        0xc7caaff3,0x6f80c483,0x571b66e4,0x45533092,0x000000b0 } },
-    /* 10 */
-    { { 0x87140dad,0x49ae4521,0x57e2803e,0xda73032b,0x026ea20a,0x13f5e5eb,
-        0x6e00afb9,0x2d54c4b0,0x7a150474,0x4393b92b,0x13f1a7da,0xb5b41bf8,
-        0x02b5867a,0x6d786907,0xaf2ea4d1,0x5193a9ac,0x000001b3 },
-      { 0xa6b186cb,0x2a1563f7,0xe28e57b6,0x73a70a44,0x78fc8a1d,0xd7c4fc6d,
-        0xdf3d6d99,0x4c9b4581,0x1e373aab,0x544f5249,0xe913498e,0xe99434a2,
-        0xc4700f4c,0x30159749,0xe5142766,0xb8ef02cc,0x000001d0 } },
-    /* 11 */
-    { { 0xb9e6ffc9,0xe99805a6,0xf74d977b,0x1a357f05,0x5c9941bc,0xc8ddef31,
-        0xcbe842e7,0x4b6d66ca,0xa20dc12d,0x84e1f75f,0x5f0c02fc,0x8b1b2c50,
-        0x037b493d,0x3fa1889e,0x95705046,0x720bd9e0,0x000001c2 },
-      { 0x93ab9309,0x1a1f3378,0x226a8f94,0xe05a30a2,0x4045f1bd,0x2c01a52d,
-        0xab5f5115,0xf42e8fd5,0x0c05fecf,0x954d1d09,0x8d0650d3,0x47e964d1,
-        0x3c860801,0x6866fa5d,0x5abbb4af,0xac2fecbf,0x0000012c } },
-    /* 12 */
-    { { 0xe5537747,0x846dc3d2,0x1f5f9f46,0xe28e00df,0x3f31e42d,0x041af624,
-        0x256af225,0x4948947f,0xff4f9550,0x3896c61a,0x34bb5a3e,0xcb40c773,
-        0xeceafacc,0xb9becb07,0x4d45e83e,0xfe29f049,0x000001aa },
-      { 0x6b5578db,0x83fb71b3,0x0a710526,0x3017f115,0x5f220d77,0x189ec946,
-        0x48465e68,0xba87ae07,0x70e0cbea,0x1da474d5,0x2b2ba7c5,0xb92cb0a6,
-        0x8b1fb7e2,0x35cb356d,0x2cc8cb18,0x1155296a,0x0000000f } },
-    /* 13 */
-    { { 0x6ed0f604,0x7f9c9d9b,0xcb49c6d7,0x765e43e9,0xae9be5ca,0x03c4dd67,
-        0x405aed36,0x5480888b,0x920ccddb,0x3a69ebb2,0x03f0c7cc,0x44ec0573,
-        0xce89b026,0x158e2437,0x4f179a17,0x86795029,0x0000003a },
-      { 0x9f193dd9,0xf7854032,0xdcc158a9,0x531e4068,0x3642b1a5,0x774171bf,
-        0xc1e53aa3,0x12b4920f,0xfd87478d,0xd1c5fb53,0xa7cba7ca,0x48958c58,
-        0x3f66f2c7,0x375b2cb2,0x598899bd,0x1b510d0f,0x000001b8 } },
-    /* 14 */
-    { { 0x52007e41,0xfe96299d,0xcd708dcd,0x997140b5,0xf655f6fa,0xe9294eed,
-        0xd58b839d,0x7701d45d,0xb6f77cdb,0x5dbdf5ad,0x95a572f0,0x265189f4,
-        0xb3515e7b,0xc162794e,0x72655e0b,0xbfb571e0,0x00000168 },
-      { 0xbda82a6b,0xf0d2b863,0x390a9cc7,0x3df5b283,0x700fcd7b,0xbab9995a,
-        0xfa4e6c06,0xc01ef0af,0x76a392d4,0x10a98513,0x955392f0,0xa7e3fc72,
-        0x1d7a8550,0x8e3c0128,0x361898a8,0xcbca551a,0x0000010f } },
-    /* 15 */
-    { { 0x3ab71115,0xc8a4cd40,0xbcb9b55b,0xb783170d,0xabd9b426,0x1be20f6a,
-        0x5377b714,0x32d2ea64,0x6b358bbf,0xda342480,0x6e202211,0x782bc800,
-        0xaa27c499,0xf80974c4,0x50341cde,0xc2e66fa9,0x0000004e },
-      { 0x24ae60c3,0x082cb95b,0x83ad7484,0xd4b80af4,0x6205256b,0x84b739ce,
-        0xae1fe063,0x616f505e,0x342f218f,0xef14ea68,0x64a01186,0x2b17d66c,
-        0x50858bce,0x60e889ce,0xd5881005,0xdb046c59,0x000001e1 } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^130, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_17(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 66 between points.
- */
-static const sp_table_entry_521 p521_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6 },
-      { 0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118 } },
-    /* 2 */
-    { { 0x0f0ccb51,0x80398667,0x3654974a,0xb87e1d01,0xb2b29ed9,0x7f58cf21,
-        0xa3add337,0x06c0e9aa,0xe9d08ffb,0xf13b35d0,0x96761627,0xdd8bf44c,
-        0x758a3ef4,0xa4a18c14,0xa0043adb,0x96a576dd,0x0000013e },
-      { 0x632d95a3,0x2bde24f8,0x4c524829,0x79f15ef1,0x9bdaba19,0xaadd863e,
-        0xa962b707,0xdde053f4,0x14258d98,0xc598a2de,0x061c235c,0x9fa5a19d,
-        0xe8ffd32c,0x0ed46510,0xef78ceac,0x2aea9dd1,0x00000185 } },
-    /* 3 */
-    { { 0xeaaf1fe3,0xd0a91dd8,0x4400b52b,0x0db38662,0x21abf0d2,0xff6a06a9,
-        0xa768c940,0x9412879a,0x9a1eec37,0xf3791abc,0x2738343c,0xc913fbe6,
-        0xe222abc1,0x728b42ab,0x2b9ef313,0x874c0a86,0x00000157 },
-      { 0xe6f03d49,0x0ac8f184,0x1e48be03,0xa9c357e4,0x815cbdef,0x02ce5ef3,
-        0x5fd8dc3c,0x7a41c7ab,0xfaeb109d,0x4bef67c9,0xa84f4d38,0x2f98cca1,
-        0x672f0aae,0x7e03d47d,0x1d58968b,0x24b1ab58,0x00000007 } },
-    /* 4 */
-    { { 0xdf9314e0,0x904f2d4b,0xe7a00aac,0xdaae850d,0x582efb03,0x79231083,
-        0xec7fe6d2,0x80f1c283,0x199d74a8,0x2d5b3996,0x395007e7,0x5f120b9b,
-        0x4773f03e,0x30d23773,0x3b78b686,0xf4c19273,0x00000121 },
-      { 0xfa8b51f0,0xf103ff6d,0x40e2bdf0,0xae7afb51,0x83254171,0x1130380e,
-        0xcda10d95,0xe83501b8,0x4f3a8c01,0x1057771e,0xac807069,0x8f52196a,
-        0xa5623821,0x3609b0aa,0x94a0a7f1,0x8c257906,0x000001db } },
-    /* 5 */
-    { { 0xb2c0958d,0x300370cc,0x69a7b387,0x89aef166,0x480c9b38,0x2792f3cf,
-        0xfab3e149,0x0b2984f2,0x50748967,0x9751e436,0xad33db2a,0x9cab99d5,
-        0xb44a4daa,0x4d945d32,0x16c77325,0xa26cca52,0x0000000a },
-      { 0xf9e66d18,0xcdbe1d41,0xaa117e7a,0x80aeef96,0xddb0d24b,0x053214a2,
-        0x5c98b7bf,0x6dcfb227,0xdfd3c848,0x613e7436,0x3ca4d52c,0x6e703fa1,
-        0x18551e64,0x0c8e2977,0xbfa8527d,0xf5e90eac,0x000001c6 } },
-    /* 6 */
-    { { 0x4ab2d58f,0xa2c2f1e7,0x2a097802,0xc1bbf82c,0x770bb76a,0x6583eb24,
-        0x5667f7bd,0x8e4ed9ed,0xfd96897e,0xd8c01d86,0x3fbe0f15,0x66395a13,
-        0xd99cdcb1,0x51e4f39d,0x720deb25,0xde08424a,0x00000082 },
-      { 0x60ea91af,0x97aa53b2,0x7a31dfdd,0xa4384af7,0x5cd09bbe,0xcd82f239,
-        0xf30058e1,0x997c19da,0xe5c78e97,0x443b60c6,0x575b1845,0xfaae9b5f,
-        0x08c2ce16,0x5ce86f33,0x4f63fa86,0x983ce58f,0x00000073 } },
-    /* 7 */
-    { { 0x8217609d,0xaee93131,0x2412fc00,0x7f8a9dd4,0x286c6329,0xe117e64c,
-        0x7bf1c65e,0xcc3782d6,0x8d03eee5,0xe8c144db,0x9ab93799,0x01acacb2,
-        0xb07784c7,0x215eb1b5,0x1affcd87,0x2c409fa8,0x000000f8 },
-      { 0x378139a4,0x007d3766,0xb55bea93,0xc6d969eb,0x68c8bc9d,0xc7c60d6f,
-        0x5f93f242,0x844e8461,0x741717d9,0x8461ca2a,0xf0bf120e,0x8e930e79,
-        0x6b5699d7,0xe1554a02,0x6a4fb6de,0xe69c7702,0x0000007d } },
-    /* 8 */
-    { { 0x4bee80d7,0x61b51bb0,0x7692de69,0x0e1f6a1f,0xa0ebc3bd,0x8379e46c,
-        0x930644f0,0x1c0bffa7,0x390db077,0x97c67b87,0xfada1ce9,0x095c33e1,
-        0xac54b512,0x3c500add,0xd3118656,0xc231d360,0x000000b0 },
-      { 0x39bcab2f,0x06289298,0x64dd220a,0xc0c06780,0x763dc2a0,0x062f6084,
-        0x1938c3e3,0x88e9da73,0x52e46eb9,0x69be8f2d,0x6a5de0fd,0xe55c8d2d,
-        0xdb2c0e26,0xf3a3fd63,0x1e4bff57,0x899c6d9f,0x0000014a } },
-    /* 9 */
-    { { 0xec05ce88,0x9ff6e3a1,0xb6afd202,0xf8fc2496,0x6fbeb007,0x0b9d2077,
-        0xeebded40,0xb50ec0bd,0x693700f7,0xaef97742,0x3f7b030e,0x806e37a1,
-        0x1b901f77,0x5cf17d17,0xca95ae0f,0x9036e5df,0x00000159 },
-      { 0x000e8e0c,0x00af64b5,0x06fb4df9,0xd3f2ae04,0x449f23ba,0x5f61da67,
-        0x255b25a9,0x0ca91842,0x8e33c650,0xfa6af3e6,0xc2c027c1,0x14373c00,
-        0x972840a5,0x99f3cda1,0xd0e84240,0x98c62b79,0x000000e7 } },
-    /* 10 */
-    { { 0xae4d0f28,0xe8c7c4a8,0x566d006e,0x3a8a55ef,0x066e4023,0x37985f65,
-        0x5d321b76,0x8deccab5,0xb8351b07,0x38b966d6,0x57d548ab,0x2e889e53,
-        0xe631ab0b,0x7a9e8e2f,0xe75c537b,0x45c60f95,0x00000059 },
-      { 0x7867d79c,0xbca27d34,0x81c81980,0x7f460b15,0x976b8c51,0x7ec2d9ab,
-        0x61b91ed9,0xfcd04486,0xd9c1d15f,0x730a7a25,0xf94c9db9,0x8a2cf259,
-        0x5dec5a3b,0x8e784b87,0x3e5131ee,0x06252607,0x00000004 } },
-    /* 11 */
-    { { 0xf1631bba,0xdee04e5c,0x156f4524,0x40e6c1df,0xe4c30990,0x06603f30,
-        0x6b6abec7,0xdb649a43,0xf6b94f6e,0x354f509c,0x36b7e0b5,0x7fecf469,
-        0xba1e6dd2,0xa7a7107e,0x689450ca,0x889edac5,0x00000022 },
-      { 0xd05596f2,0x9012916e,0xb023cb8b,0xe3901dac,0xe7d4abe1,0x2501d3ec,
-        0xa9c90313,0xb2815040,0xc6d146d0,0x9dbcd3f1,0x74ee1896,0x6fa1d5b1,
-        0xa91226fb,0x49aea161,0xb8a80984,0x754ceedf,0x00000154 } },
-    /* 12 */
-    { { 0x4270b2f0,0xb64e27b0,0xbf4d74d7,0x84b34e48,0x0c2722ba,0xb186be8b,
-        0x9ff9b71c,0xf54a589d,0x34fd6bc4,0x9887e4df,0x7412f49d,0xb7c669fd,
-        0x77f89d16,0x4008d9bb,0xc902e074,0xafb9426b,0x000001cf },
-      { 0x662935ca,0xcca4f2d1,0x997dcc46,0x2847c703,0x353c79f8,0xc089e9e5,
-        0x5215f0f4,0x9ed8d989,0x80911b9d,0x59cf08bc,0x6de27aa3,0x4b03540e,
-        0xf69e320d,0x52f4d63e,0x94ef193b,0xa0217fd6,0x000000e6 } },
-    /* 13 */
-    { { 0x74214780,0xb77de627,0x207459ea,0xca066817,0xe9c7fb01,0xf78579b7,
-        0xd6d4b7c7,0xe55548c1,0xa66caa39,0x45756190,0x98505a4f,0xf8141b03,
-        0x4c8864eb,0xa5ca0d7c,0x9e129d3f,0xbf8af950,0x00000053 },
-      { 0x85285092,0xbc9b29d8,0x8eed5e5f,0x82f31daa,0xf618aab9,0x9c33690e,
-        0xd2626ed1,0x0eee14f4,0x07ed8e09,0x4229570b,0x8736d040,0x1977920e,
-        0xede7d01d,0x47ee25ff,0xbc7ab73b,0x3c921c3a,0x000001b9 } },
-    /* 14 */
-    { { 0xa08b2b14,0x0b6a07cc,0xbf174c7f,0xaa978deb,0xc40cb2a4,0x291cb828,
-        0x90adc838,0x95c78272,0x8c1edde6,0x08da8b2a,0x90fbd220,0x741ceb2f,
-        0x322db94e,0x5f89c9e5,0xb73c548e,0x18266085,0x0000007d },
-      { 0x2defd012,0x69ebf82a,0x5a1537ef,0x01ecb094,0x3ef0811d,0x3c557535,
-        0xb2bd4dea,0x59c882a7,0x7bf969c8,0x00a1f972,0x0b25ad1b,0x063adf5e,
-        0xf2536005,0x4c1ff306,0x4112fe18,0x8e515bec,0x00000117 } },
-    /* 15 */
-    { { 0xefe3d3d5,0x9314787f,0x9d897227,0x29e76f65,0xe0b6acf5,0x15c77ed1,
-        0x1c5e8dd9,0x9c2b7b20,0x5f5667af,0x788038f1,0xf3576ef4,0xf38c766f,
-        0x0040154a,0x9f0623c8,0xde883b53,0x47d3c44b,0x00000096 },
-      { 0xde1b21a4,0x32075638,0x571081c1,0xbb6399c1,0x75c03599,0x322e6067,
-        0xade60cf5,0x5c7fde7f,0xefc19059,0x1b195440,0xdd7b3960,0x7e70ac8c,
-        0x6a6fa73e,0x4aa5a83d,0x63080764,0x34f8cfac,0x00000042 } },
-    /* 16 */
-    { { 0x286492ad,0xee31e71a,0x65f86ac4,0x08f3de44,0xda713cb4,0xe89700d4,
-        0xa86b7104,0x7ad0f5e9,0x2572c161,0xd9a62e4f,0x25cc1c99,0x77d223ef,
-        0x3b962e0c,0xedff6961,0x81d8b205,0x818d28f3,0x0000008e },
-      { 0x8cdf1f60,0x721231cf,0x6717760f,0x8b640f2b,0xe045a403,0xbe726f8c,
-        0x0370689f,0x422285dc,0x72ea0dcb,0x7196bf8f,0xc8086623,0xa16f7855,
-        0xc326fe48,0xd4e19fc7,0x8f68bf44,0xfdbc856e,0x0000013e } },
-    /* 17 */
-    { { 0xe6a3ace5,0xde34d04f,0x896191c1,0x0dbb603e,0xf75ed0f4,0xb4dc0007,
-        0x95b259b5,0x15e0e6bc,0x2615f020,0xdfbcba66,0xd31ea3f8,0xb2ec5433,
-        0x103ff824,0x42b0b0e4,0xc480332e,0x19315060,0x00000111 },
-      { 0x045452f1,0x9997ea28,0x71f3f73b,0x80b678cf,0x41e9328e,0x4a52bddc,
-        0xe6af1c23,0xb7f2656e,0xb44215e7,0xc43805b9,0xf0a4028b,0x3aa734f2,
-        0x422476e2,0xe3c72479,0x68c60cf7,0x6dc2e8b0,0x000001f1 } },
-    /* 18 */
-    { { 0xfffc0de5,0xbcdfae6f,0xab4a5f24,0xa801814f,0xea2aa8dd,0x19013658,
-        0xda4f0441,0xf3b1caf5,0x34100611,0xf24b9cdb,0x96e0cf88,0x48c324ed,
-        0x23055c82,0x4b7ea334,0x89092e29,0x6e835b64,0x000001d3 },
-      { 0x07372f27,0x7eb77ae7,0x83bae19a,0x4779b4fa,0x65429ebb,0xa175dae1,
-        0xfc03ef3f,0x942ec266,0x6991c7c4,0x0e5fc6a9,0x56253d3c,0xa0f61e4f,
-        0xde74e738,0x7a11ff58,0x624de919,0x60524cd4,0x00000002 } },
-    /* 19 */
-    { { 0x01342e08,0x45b5d0ca,0xb749f0af,0x509ed4f0,0x6529d804,0xeb5502d9,
-        0x6d80359c,0x5eb087db,0x4c384800,0xeaa66a87,0xc75a8784,0xe972c7a0,
-        0x6874317e,0x8c169e21,0xe5c9fbf4,0x81c556e0,0x0000014f },
-      { 0xe120674d,0x26b0b12b,0x219f00ac,0xc6bf09b9,0xd658caa6,0x1e1e732d,
-        0x8292d99e,0xc771c5af,0x25fdbf80,0x5d813529,0x3666c37d,0xe61bd798,
-        0x1d0df680,0x8dac946a,0xc39f0983,0x58dcf684,0x0000009f } },
-    /* 20 */
-    { { 0x7b7dc837,0x14169102,0xb50eb1c4,0x2d719754,0xd7e6741b,0x04f4092a,
-        0xbc824a38,0x1d0a7f1d,0xc8e20bcf,0x570b2056,0xda181db0,0x6732e3b9,
-        0x0a7b508a,0x7880636e,0xc9f70492,0x11af502c,0x00000045 },
-      { 0xc56f4ffa,0x0b820d94,0xc4f0c0fa,0x1c6205a2,0xa1a0606a,0x99f33d4e,
-        0x79b316fb,0x1bab6466,0xe4f240fc,0x05aa0852,0x92d7dc43,0x22539b78,
-        0x06e3c073,0x03657f12,0xcedb6633,0x28405280,0x00000059 } },
-    /* 21 */
-    { { 0x4397760c,0x90d08711,0x1c9fcd06,0xb9020b76,0x987e24f7,0xc7fec7fa,
-        0x522335a0,0x0e33b8a0,0xae21ca10,0x73dbeafd,0x3b032220,0x458c060a,
-        0xee145da6,0x9b9c73b8,0x27ff62ef,0x31c661e5,0x000000aa },
-      { 0x81430b5e,0xaf518eb0,0x50ee0d69,0xb32f9cea,0xaa6ebe8b,0x0ecdb0b5,
-        0x9fe1d689,0x1f15f7f2,0x1a59cc9a,0xce5d68f3,0x08ab2a63,0xf4d67994,
-        0x4347ce54,0xe85b1cef,0x286d0776,0x8ff423c0,0x00000176 } },
-    /* 22 */
-    { { 0x33dcec23,0x8564104c,0xcdd07519,0xbaf0d61b,0x4c4f309a,0x486daf51,
-        0xde488715,0xf01bc8f5,0xd3539ba3,0xddd6baf1,0x3a3be8ec,0xbb7e665d,
-        0xcb5d865f,0xf919dac3,0xf12149a0,0xfe203da3,0x00000173 },
-      { 0x78d4a3d1,0x043ae9a1,0x865316d8,0xa4d5cf58,0x41176463,0xeaf026c0,
-        0xf84afa44,0x316c638f,0xffea422d,0x512f2397,0x6622b613,0x691eaa04,
-        0x97e7068d,0x48856ea3,0xf4a1b33c,0x42d1b2e3,0x000001b5 } },
-    /* 23 */
-    { { 0x1f487402,0xf51b2d5e,0x7aaf1dd5,0xe36016e6,0x6da9c20a,0x1eb3f1f5,
-        0xece45bfd,0x25b7d361,0x027a9e18,0x42db0633,0xe8411649,0xbf228777,
-        0x458773d0,0xf5fce0c4,0x2dd7a5f0,0xb2b3151d,0x0000001f },
-      { 0xfbaa096a,0x102773e8,0xe093a878,0x152726eb,0x2c7f1781,0x5c53cd07,
-        0xab5dca76,0x38d3dfd0,0x87ef2d4a,0xbb4a7d85,0xb7eb11c2,0x5c9c2013,
-        0x0b6da22f,0x5e353c34,0xa325ecad,0x846d50a5,0x00000039 } },
-    /* 24 */
-    { { 0x1677df58,0x76da7736,0x1cb50d6c,0x364bd567,0x0a080ff2,0x0443c7d7,
-        0x86532430,0xa0a85429,0xc35101e7,0x82002dd2,0x48c5cd76,0xbebc6143,
-        0xca6cf13f,0xff1591ae,0x98bf8dc0,0x91c7c2e6,0x000000fb },
-      { 0x12de14d5,0x6a7c5cad,0x6561c822,0xbc448c5f,0x7cdbb3da,0x9f8de430,
-        0xc76811d7,0x9c58f011,0x75462049,0x1e89806e,0xc9a74e49,0xe52ad0a2,
-        0xb2be37c3,0x2034685c,0x0a0bc72d,0x7a863245,0x000000ec } },
-    /* 25 */
-    { { 0x8a86786e,0x33818c21,0x2137e2c8,0xed537f74,0xa7e6eb20,0x5d9690d1,
-        0x5cdc4803,0x9790ec70,0x24f7bd75,0x469162c8,0x4e1f0f14,0x09e7ef9d,
-        0xce9915ca,0xd30c128b,0x6c71226f,0x810145f6,0x0000002d },
-      { 0xb71d87e5,0x312749f5,0x7b02ceda,0x25f3b141,0xe0baff16,0x02456d2e,
-        0xfcae6627,0x97f7b3a9,0x37bd985f,0x0d6ebf8f,0x7fa6d0c1,0x20aa81b9,
-        0x21f2f137,0xb29f1a01,0x5cc0ddb1,0xe326a2f8,0x0000003d } },
-    /* 26 */
-    { { 0x38c2ee78,0x26f3398b,0xa75a0bee,0x40c3d101,0x565a7f8e,0x35a31706,
-        0x04019e5d,0xd12985e3,0xb8174b6e,0x21e2a642,0xaf80a52a,0x25a15ee8,
-        0x8518d80e,0x5d1e0fe6,0x04f6ea9a,0x8cbbc138,0x00000084 },
-      { 0xdfd45169,0x76828690,0x59d3e8d0,0x38d7e098,0xcdb8bfc2,0x23758811,
-        0x162cf648,0x8499547a,0xb4d15b8c,0x494bab3b,0xc60499a6,0x822cbc57,
-        0xa8a1cfed,0xac43224e,0x57c6598b,0x43563469,0x000000d9 } },
-    /* 27 */
-    { { 0x68271323,0x2b069253,0x49cd04d7,0x24d9e0a8,0x2b31cc7d,0xaae35fbf,
-        0x57a3e361,0x44f64b4f,0x0294e856,0x14904686,0x43ced4ae,0xddc82ee7,
-        0x7e2cda47,0xcb92a6a5,0xbfc1f968,0x989c42ef,0x0000013f },
-      { 0xb8651600,0xbed98bdf,0x7a3cfaee,0x8c363434,0x35b1a226,0x93a12543,
-        0xd5825507,0x558da7dd,0x852eb1e9,0xa5173b23,0x2295f545,0xdf5ae585,
-        0x6646d101,0xe546e2ef,0x5d89f862,0xf7e16a2c,0x000001fa } },
-    /* 28 */
-    { { 0xc7ec136d,0x0d746c8e,0xcd11351b,0xf8e1d827,0xf187a116,0x764a3ad3,
-        0x136e8465,0x2f1b968f,0x850983c2,0xd41aa294,0xbe717259,0x2123ecc4,
-        0x763c149c,0xdcdcab52,0x1022b82d,0xa7f50b18,0x0000016d },
-      { 0x0ca5e258,0xf99e532d,0x97b62a7b,0xa148ad17,0xc77fddef,0x8d0a242e,
-        0x74f9b6c4,0x58518bcd,0x7fd122d4,0xc53b30b8,0xfb50b2d7,0xbb8cd193,
-        0xbc01aae9,0x1a169aee,0x1de26e09,0x7e49b10a,0x000001c5 } },
-    /* 29 */
-    { { 0x21210716,0x2cabe675,0x07e02400,0x81a296a3,0x8c83795b,0x94afc11d,
-        0xdd9efa6a,0x68f20334,0x677d686f,0x5be2f9eb,0xbf5ce275,0x6a13f277,
-        0xb9757c5c,0xf7d92241,0xc74f4b8c,0x70c3d2f4,0x00000132 },
-      { 0x8d209aa4,0xf9c8609c,0xdb2b5436,0x46f413a2,0x2992345d,0x96b72d1a,
-        0x9487c34f,0x186f2aeb,0xb440a375,0x4fa72176,0x7da5358e,0x3a420936,
-        0xff25b310,0xf11eade3,0x505d60b8,0x9a570153,0x000001a9 } },
-    /* 30 */
-    { { 0x6e7495bb,0xae151393,0x490879d1,0xebd2fd28,0x29fd76fc,0x9c232b0b,
-        0xc60e721c,0xa1a0d49b,0x517a09e2,0x9f582b83,0x9d8badf8,0xac37809e,
-        0x0ad48bb4,0x4aa4de9e,0xcb6cc487,0xfd041312,0x00000027 },
-      { 0xead4fb6d,0xc05502ee,0x0a602cbe,0x760c25ed,0xbd7f4a07,0x58ba6841,
-        0x54edce14,0xc28b6032,0x0397614c,0xb9d41e39,0x181eed93,0x4221b71d,
-        0x332d4b0b,0xd010e3c2,0xdab0e419,0xdfe58a27,0x00000096 } },
-    /* 31 */
-    { { 0x7debd24e,0x4cd6fcd6,0x9ae2b075,0xbe3fca60,0xf217c26c,0xa7d8c22e,
-        0xb9620e3f,0xd42d03e0,0xc7f9f87d,0x634bf216,0x8972ffee,0x22b1ec53,
-        0xd60d3e77,0x83a957c1,0x0f6a537e,0xedfe5f86,0x00000162 },
-      { 0xf0ea20b8,0x40a05400,0x1d796900,0x2872ac7e,0x0edb0cac,0x7765a5c9,
-        0xb62939a7,0x9df5b930,0xaf2cb708,0xf78a676e,0x52febc12,0x030732bf,
-        0xba190ad3,0x3a6640de,0x93e7e341,0x36eae15f,0x000000d5 } },
-    /* 32 */
-    { { 0xa1c88f3c,0x6c6119f6,0x2ec6944a,0x924e5fec,0x5742ff2a,0x4c8aac60,
-        0xddb22c7c,0x60adde1e,0xfa5d25bb,0x9728938c,0xec117de0,0xfa5ac4f7,
-        0x482929c1,0x41f35ab7,0x0afd95f5,0xd1c4e8f9,0x00000180 },
-      { 0xa7cd8358,0x2fc4e73d,0xf2a1c920,0x39361a57,0xad94d288,0xf6f2f130,
-        0x2b6a78e2,0xe37e2466,0x79c262cd,0x0babff8b,0x61b597b9,0x6cae01ef,
-        0xa60d4e64,0x9c1e33f0,0xdd01f845,0x52a42280,0x0000000e } },
-    /* 33 */
-    { { 0x0f013755,0x72d640a4,0xfb8380e9,0x0b6dce77,0x7eb64b31,0x2789ce79,
-        0x93ca5a36,0x8e704b0b,0x58bdffc9,0x18c360ff,0xb230c372,0x53b1f323,
-        0x5a7385d1,0xd6b39088,0x56b93bf7,0x071130f5,0x0000004a },
-      { 0xfeef3f88,0x29a2096b,0xb82b3945,0x22eba869,0x872664a7,0x7fe2184a,
-        0x858ff942,0xa0dc0ba1,0x7490c9da,0x33799eb5,0x81588ce8,0x1d356f62,
-        0xa7b2cee2,0x7dd9bc7f,0xa3cfaee9,0x1e61a4e8,0x000000d2 } },
-    /* 34 */
-    { { 0xe9068656,0xec5db629,0x9fede4df,0x623bd70c,0xfcd45546,0xc78ad5bd,
-        0x6291a741,0xf7981dd2,0x761e688e,0x3ac53d92,0x55b9272f,0x6a96892a,
-        0x06546fec,0x4217e7b8,0xab9e2f56,0x793c03cb,0x0000015e },
-      { 0x6eff39be,0x08fd9543,0xdbff4f68,0x5a1af07e,0xb0241616,0x83d47abd,
-        0xd4798029,0x37c5d2fd,0x60b2e6fb,0x9d86d978,0xce8db998,0xe3e3284e,
-        0xd868b9bb,0x9f049eb5,0x9dad18b3,0x3b3e8a78,0x0000018e } },
-    /* 35 */
-    { { 0xe51e61f0,0x57026c56,0x307f2757,0xdddbcaa3,0xb1aeaf41,0x92a026eb,
-        0xe2d7f5ba,0xa33e937c,0xbc5ead91,0x1f7cc01e,0x2e46807d,0x90ab665d,
-        0x53419519,0xc2a44f55,0x79664049,0x099c1ca6,0x000000aa },
-      { 0x8f97e387,0xb561a909,0x45e1dd69,0xf6051778,0x7ff1d6ab,0x1ffa512b,
-        0xd09a9c89,0x42da55a4,0xd2282e2b,0x5e5a7c71,0xe74185ad,0xdfa5a203,
-        0xea0baeff,0x19b1369d,0x1ecc0a16,0xa5eef914,0x000001a3 } },
-    /* 36 */
-    { { 0x7a573b81,0x2af20d0a,0x66194cef,0x7eac1ca8,0x0b711c34,0xef0d2d8d,
-        0xba099d42,0x6aea016c,0x5067a8ca,0xa6609d28,0x7a1351ef,0x6a52c600,
-        0xb11c2634,0xdab85818,0xbb1c033c,0xf17fa45d,0x00000121 },
-      { 0xfc3279d6,0x9fb8b87a,0xc201f1e1,0xe30e76ab,0x806c21dd,0x02af6a83,
-        0xc63f824f,0xeafd7e2b,0x46bd1a53,0x7b074e26,0xa2139164,0xcd6f4931,
-        0xc172d9bf,0xab2cfd39,0x4db59cf1,0x62f3eb4b,0x0000010a } },
-    /* 37 */
-    { { 0xe0689a1b,0xe402de36,0x7dcafe72,0x9dccc9fd,0x255d0bfb,0xe4dead7e,
-        0x4ada04d9,0xd7ee87ee,0xbfd2e774,0x5a85039e,0x770b2b9b,0x282c6657,
-        0xba103bba,0xa7aca826,0xc7cd5071,0xac7028ba,0x0000011a },
-      { 0x680c8f04,0x2e61d39c,0xb48b3b5e,0x2f09c4cc,0x95744f3c,0x131609bd,
-        0xaaccb593,0x6d72e4b4,0x5adfb209,0xdb7060ca,0x1fd3eccf,0xc67d9e43,
-        0xe1752a73,0x1487a26f,0x64d0857c,0x3d953663,0x000001e3 } },
-    /* 38 */
-    { { 0x4cec9e7f,0xe664506b,0x30aab98f,0xa44564b4,0x173fa284,0x5e1b501f,
-        0x15c97472,0xe7b7bd7e,0x82dec033,0xd6cc67a8,0x0a63b762,0x1fe2e934,
-        0x3f8e2fcd,0x3a084e1b,0x9ae6e752,0xccce4da8,0x000000fd },
-      { 0xc12fd820,0x0797f8ee,0x96da4733,0x325f892a,0x55997bf4,0x597d241d,
-        0x02b753cf,0x3aef35ac,0xf677ceba,0x8a73f95d,0xd1bbac6c,0x5b2892b7,
-        0xcc5278b0,0x90751583,0xa47f45f6,0x2f5ed53f,0x0000001c } },
-    /* 39 */
-    { { 0xab40b79c,0x3914165e,0x25b489a8,0xbfb6eed8,0x8a6c107f,0xda136b7d,
-        0x8e01f28b,0xd431db8b,0xa4d79907,0x84e5d0dd,0xa471e685,0x69a91472,
-        0x98376ff8,0x58d06969,0xc46311fd,0xce369b74,0x00000006 },
-      { 0x1add1452,0x6c0773d1,0xed8e9a2a,0x2e4e9c95,0xca15a40c,0xe8ff8e32,
-        0xaf62f18f,0x3fcb7d36,0xeec9484b,0x2ca336ee,0x3b20405b,0xa4d6e7a9,
-        0x956d8352,0x6d90d031,0xd9ca03e7,0xdd375603,0x000000e5 } },
-    /* 40 */
-    { { 0x8b481bf7,0xcc5f297d,0x2a13383c,0x06a2a3e4,0xdc40b96c,0x9e14528c,
-        0x1189da3c,0x9a2bf35f,0x6cd57fa7,0xb8adb989,0x9357d32b,0xc1a4935c,
-        0xc2d76fad,0x51fb2580,0x24f23de1,0x98721eb4,0x000001ba },
-      { 0x52a4b397,0x8c02daaf,0x0d0b4e54,0xc3c5f4cc,0x7b7e79cd,0x29be4db3,
-        0xb33970b6,0xf34336ec,0x92808c7f,0xed3dcb7c,0x02288db1,0xec290eff,
-        0xe96ed59a,0x2a479d51,0x76d8fa5f,0x9d7ed870,0x00000092 } },
-    /* 41 */
-    { { 0xe660043c,0xd8edaf0b,0x016e074d,0x84aa2ccb,0xe2cc3b3d,0x9d2368e7,
-        0x5c269fc4,0x47b50130,0x3de33e36,0xd0194ee1,0x789ca504,0xdb3361b9,
-        0x984db11d,0x8cd51833,0xc8ec92f0,0xd5b801ec,0x000000c6 },
-      { 0x47ab9887,0x33f91c15,0x6b5ab011,0x2f285e2a,0x133fc818,0x9b734e5a,
-        0x38d8692c,0x5c435a74,0x43282e81,0x3c92b47c,0x9c7bcdaa,0x191231f5,
-        0x4d158c86,0x3ae425c3,0xc5a23cca,0x7f568feb,0x00000011 } },
-    /* 42 */
-    { { 0xbf5caa87,0x8ccbd9d5,0x68dd8c9d,0x17bfc60f,0xc7d4dede,0x63eb4dbb,
-        0x8270b5bf,0xbf6e5945,0xcc098fe7,0x887137a5,0x05d7b8f5,0xca5eb687,
-        0x4b25a533,0x4b7deeee,0x4a700a6c,0x8e045c32,0x000000ef },
-      { 0x70cf52bc,0x160c1c92,0x90cc6298,0x4bf3f63a,0xbf3028fb,0x5fff421c,
-        0x523beff1,0x0a8102d7,0x8b9ce105,0xff3309a3,0x06621b1e,0x8e9da4d0,
-        0xcc0a7807,0x9775f89f,0x00178612,0x59044865,0x000000eb } },
-    /* 43 */
-    { { 0xebbd33ec,0x8a6664fd,0xce5ad579,0x0cf9a660,0x50fb56ed,0xecd06c05,
-        0x1d5aaa6e,0xb4ca5fad,0x948a7f07,0x36daee5b,0xefe1c11a,0xd2e37887,
-        0x91d2544b,0x41f61ac4,0x2bffd8ea,0x49df7071,0x000000be },
-      { 0x65acdb56,0x60e2f1f5,0x5e5e5bde,0xf2f13c84,0xe17a0412,0xb97fd354,
-        0xd9c93bef,0x8a2867cf,0x25a957e4,0x9ca9d16b,0x4a18635f,0x1f55c19b,
-        0x8d26ae71,0x9b3868f5,0x4c94541d,0xac448041,0x00000000 } },
-    /* 44 */
-    { { 0xd4ad38db,0x6c1bcf89,0x3d714511,0x1180f381,0xcb70243a,0x5b4c2759,
-        0x163a716c,0x5dd64d63,0x13648bdb,0xbbd2efea,0xe4de9969,0xa47187f9,
-        0xe2de8c45,0x65de6912,0x4bdad0a7,0xe075f29c,0x00000048 },
-      { 0x5e4dd88d,0x00335474,0x80577afc,0x18283638,0x227288f7,0xe4b35c01,
-        0xe68989de,0xd008fd91,0xcd3f71ba,0x42142315,0x3e4da1e2,0x5cb023ff,
-        0xb5662bb1,0x7e6b9c35,0x7fb04fe5,0x143f4165,0x00000072 } },
-    /* 45 */
-    { { 0x26f40f2c,0xb06b046c,0x6cd7c31d,0xbd5d246c,0x1953a9b7,0xaaa56270,
-        0x8f00436f,0x5ac929b8,0x21d0660d,0x1937392c,0x9bd6dbe6,0xd279ed15,
-        0xd17c43f9,0x377c4d5a,0xb8fcd025,0x800eda50,0x00000179 },
-      { 0x36132f31,0xb88ddc0b,0x2ade73a3,0x6f8f4f01,0x203de2b9,0x38859ec3,
-        0x231b6533,0xedb03814,0xa14093ca,0xad08cd20,0x5c2be2f9,0xb9f86d44,
-        0xf6ebc09f,0xfd3d9532,0x1aef478d,0x757b5899,0x0000013d } },
-    /* 46 */
-    { { 0x580f894b,0x7d9ad100,0xd925e46f,0xb612488a,0x2e5a6865,0x45497e14,
-        0x17f9a813,0xc86e1053,0xf8a33541,0xd8aa820a,0x7a66d578,0xa6790660,
-        0x5f758e23,0x47df60ae,0xa7f8ab5c,0xcadd4c90,0x00000107 },
-      { 0x6764ad0e,0x356b044f,0x250189b3,0xf69fe0e1,0x5f14db6a,0x2deaca62,
-        0x1bd77d54,0xe9f2779f,0x5cfa895c,0x979911f2,0xb6f19ac3,0xd4e94ced,
-        0x01af44b1,0xc3533417,0x50c727f5,0xcac43fff,0x0000003b } },
-    /* 47 */
-    { { 0x83c1d4cf,0x1742951c,0xb245c34f,0xe03791d0,0x9c2dcc71,0xea8f8ef6,
-        0x2a310767,0x2ea57a29,0xb12948bd,0x255b46bb,0x0feaeb83,0x2adc1e09,
-        0x449abf59,0xa0d2d18c,0xc4a8a689,0x9e8c9ff5,0x00000019 },
-      { 0xeb28171a,0xc9f7b9cd,0xd576987b,0xefd78403,0x22ff824c,0x58b4f3bf,
-        0xbf333cc5,0xee09b393,0xb01ceb72,0xebff83a2,0x220299cd,0x5bb34c45,
-        0x66ebf751,0xa3c3e8a0,0x49d05cf3,0x5dee07bb,0x000001a6 } },
-    /* 48 */
-    { { 0xb114257b,0x09a958d6,0xd4975e30,0x729afd41,0x3aae7b11,0x072879b5,
-        0xedd1ac83,0x0791b093,0x1eb67975,0xcfefc7d1,0xe2675b4a,0x0e54bd37,
-        0x8d69517f,0x89a62d7e,0x202109a3,0x96f805d8,0x0000006b },
-      { 0x57b5f9f4,0x4815d517,0x405b44d1,0xe5c9e436,0xe4870160,0x3442dde0,
-        0x1ef6b3f8,0x953fef95,0xf7497faf,0x919e4cf5,0x016ef0b7,0x24e3cc4d,
-        0x2512eeed,0xfc5caa87,0xa3bd1703,0xf1ba4029,0x000001b6 } },
-    /* 49 */
-    { { 0x529252ac,0x2a668435,0x74e7b0d8,0x3da626c0,0xe0be86ab,0x55080cc1,
-        0x4ed5dc53,0x534a53f7,0x0cd41fd0,0xa9eff140,0x5674891c,0x0e7c945c,
-        0xec53b5ad,0xdea4b895,0x15150988,0xefc67bef,0x000001ff },
-      { 0x306033fd,0x988dc109,0xf36875d9,0x1b287979,0xe3c335c5,0x4d39af26,
-        0x124e29d6,0xa47259fd,0xc41dbdfc,0x5d60c570,0x0cc0d895,0x06224b61,
-        0xeea8ff86,0xa041d4e5,0xae4d8707,0x2920e15c,0x000001fd } },
-    /* 50 */
-    { { 0xcd67da85,0x66d15f0c,0x5ac54a15,0xae98b6f4,0xf1ac71c3,0x2f05e021,
-        0x47559224,0x1feb2226,0x66e856dc,0x2a2f1561,0x6fb4ba47,0x65eb1456,
-        0xa29d920b,0x34688bd2,0xf9d4cb9b,0x943ce86e,0x00000061 },
-      { 0xaac91174,0xb4696218,0x41dd9234,0x85b519ec,0x9f0763a4,0xb7efadf2,
-        0x712c8b33,0x98517f27,0xb0538630,0xa02e7ec3,0x1ff3e3e4,0x46bc45bb,
-        0x29496486,0x46ae896f,0xebd2b93f,0x2aeb1649,0x00000146 } },
-    /* 51 */
-    { { 0xe8e4d3c3,0x1f34f41f,0x5bb7e9db,0xc80d87ff,0xd910b579,0xf0216c0a,
-        0xb87349ae,0x2a24b761,0x2b0a6cc0,0x054bc528,0xaf2d1957,0x3b4c7029,
-        0xadbe6cdd,0x0e4b90e2,0x26060a34,0x8e774f81,0x000000cf },
-      { 0x2e229950,0x3c7f9dbc,0xd9f82b70,0xab11f846,0xf10c05f3,0x2b7ad9a3,
-        0x0f1820ca,0x203ead4f,0xccbfb332,0x51dbcbc8,0x066706f1,0x3bd9caf0,
-        0x06059d5e,0x5a39be25,0xdcafe64e,0x984387c8,0x0000014c } },
-    /* 52 */
-    { { 0x8e011531,0x708a757f,0xc3dcd57c,0x7f45b172,0xc2d99e29,0xa8eac9fd,
-        0xb93b6415,0x9d4ee81f,0xa5488e86,0xa5833b54,0x0bb7ab70,0xddd561c3,
-        0xb3bdf3a9,0xb5bda384,0x1ddf332b,0xf909f8e0,0x00000124 },
-      { 0xab41e782,0xc5b8aa84,0x851ddb87,0x1de20126,0x99482bd2,0xf49baa7d,
-        0xf4b6413b,0x05963deb,0x7cd1e224,0xed369fbb,0x1bad60ee,0xdcf495dd,
-        0x892e30ed,0xeb475693,0xaf0a212d,0xaaf11bd8,0x0000010b } },
-    /* 53 */
-    { { 0x16ec64e2,0x71460174,0x7d7c6ebe,0xbfd14acf,0x668b7176,0x1e3504a3,
-        0x741b041c,0x72e3f3f3,0x2d3b67b0,0x651fa54a,0xe57d928d,0x623edca3,
-        0x72c8f419,0x29b74e8b,0x327abaef,0x3d99cb47,0x00000038 },
-      { 0xda342a3f,0x808dd0b3,0xdef4a954,0x12002462,0xeab5a860,0x1b1c642e,
-        0x06e54b6d,0x5e1e2a05,0x10c6cf1a,0x9ba1710f,0x0f903cd0,0x334fc366,
-        0x134166f5,0x969e0001,0x155c4353,0xfaa26074,0x000000fa } },
-    /* 54 */
-    { { 0x712de285,0xc85cd0e6,0x869f5dc5,0xcd2ff8b0,0xdf4ed389,0x372a2b92,
-        0x55b99c84,0x63524d30,0xe07a0033,0x46fef5a2,0xd6e09493,0x0a2c82da,
-        0x72a8952b,0xb3626621,0xaf217eb6,0x9afcb188,0x0000002c },
-      { 0x9a64c5b5,0xd3b9d476,0x44c4cfe1,0xa0d8d5de,0x11c6dbff,0x560858ef,
-        0x41c14aed,0xce1d978f,0x35efe854,0x251f9e72,0x0474575d,0xf9d0c14c,
-        0xbda89c03,0x0d2c838e,0x36cc9dc0,0xa25f040b,0x0000016f } },
-    /* 55 */
-    { { 0x9cad682d,0xb23d9dea,0x46369391,0x87acb1b3,0x5c0f24d7,0x9f5c1988,
-        0xd41883ce,0xdff62fc7,0x53555e46,0xd1ab29df,0x891cda05,0x569b1cb2,
-        0x52c633ed,0xdb14dbc4,0x2a345428,0x1acbb86c,0x00000194 },
-      { 0x24db8127,0xd86a70c8,0x41b7cf5b,0x84a6563f,0xb908d9b4,0x8d84dabe,
-        0x899c260a,0xaaeaae63,0x44436957,0x13ed6b2b,0xd0a92c8d,0x3bc94f99,
-        0xd04bcb97,0x978f2e2b,0x716a565f,0x56a388ef,0x00000074 } },
-    /* 56 */
-    { { 0x96fc1f77,0x6082dfe4,0x1347ad6a,0xb04c435f,0x25ebe457,0xf42694dc,
-        0xb6f764aa,0x64a17069,0x04d83da1,0xe03873d5,0xe0c82330,0xb0b9db52,
-        0xd4239b3e,0x9886b34e,0x598814da,0x76587f2a,0x0000016a },
-      { 0xebc71a5d,0x6918f8e8,0x85405233,0x49141a42,0xc182cbcc,0xd63f09cc,
-        0xe09057a7,0x4afe59d3,0xe239d8eb,0xe633db0d,0xfd9494b2,0xbac8582d,
-        0x4704fd61,0x8b915a41,0xfceaefd9,0xe0866a9d,0x0000010e } },
-    /* 57 */
-    { { 0x52e07a4d,0x2b50c470,0xe5d745d0,0x7f6d38b8,0xe1af1226,0xb414c47c,
-        0x39c505f7,0x03e4b44b,0x86f739be,0x59f3d795,0xe7c2f1bc,0xca19bca7,
-        0xc063fad4,0x1c51c01e,0x7f428afb,0xda3937a5,0x00000080 },
-      { 0x102369fa,0xe9d8ca9d,0x706c0e35,0xe009bffb,0x96b55d80,0x2e0a19a7,
-        0xac0d094c,0xda0e42de,0x787c187a,0x6c1be2c5,0x9cfa04b6,0x6d4ae2cc,
-        0x76577340,0x5b0cea60,0xc7c96285,0x2d525245,0x000000d8 } },
-    /* 58 */
-    { { 0xae93de69,0x6dcb238c,0x3bfdae9b,0x4963c833,0xe8b79836,0x33c81f4d,
-        0xae8bf8ae,0xe13a2244,0x4c3ebacc,0x0bc6e786,0x555a5ad6,0xa837a53c,
-        0xbc7e9459,0x875d8d35,0xf9f46fcd,0xb3705534,0x0000001f },
-      { 0x7fb974a1,0x78e9270c,0xe9ed2481,0x23448fa0,0x64bffbd4,0x14166c3d,
-        0xd79f4b3c,0xa05aa443,0x3b9f32a0,0xd855a4f1,0xac90235e,0x4bebcf8d,
-        0x8db52b48,0x65849987,0xe48d09d1,0xaa4d59f1,0x00000183 } },
-    /* 59 */
-    { { 0xdbffad9f,0xee585d75,0xf419d8fc,0x64df6174,0xe6c69345,0x6f73bf59,
-        0x83d59b0c,0xb80793d1,0x929c8950,0x6baf4fc3,0x29962bab,0xbd445a95,
-        0xeaa91273,0x52b61945,0x3d1c785b,0x4fccdfff,0x000001be },
-      { 0x7cb2857f,0x05c384d9,0x06b7abf4,0x4cf83058,0x43ace6b2,0xf528dd17,
-        0xbc43d6b6,0x2c7b8fa2,0x14e564b9,0x8f0e28bf,0xd2b9f01a,0x1b69bc73,
-        0x3dd383e6,0xab8beb40,0x9791946b,0xaccea0c5,0x000000ae } },
-    /* 60 */
-    { { 0x0163c2de,0x9a68baee,0xeb2768a4,0xc42d0b2b,0xffdae767,0x5686f124,
-        0x0aaca943,0x926da5d5,0xe01091cf,0x699c34ce,0x5324becd,0x3d254540,
-        0x4193a0a9,0x1b6b58f1,0xd611cc9d,0xf144925e,0x0000014f },
-      { 0xc1ed9259,0x7f61a60c,0x2f1d5a7f,0x1be37aa3,0x07aef431,0x0384713d,
-        0x4e6fa7ba,0x99f33d49,0x8bd3730c,0x43928c16,0x5b9557dc,0x73cf8ccf,
-        0xd1a2bee5,0x0bc6d460,0x83b15610,0x27cd1943,0x00000145 } },
-    /* 61 */
-    { { 0x3427af4e,0x4be65135,0x310d937d,0x2e6c0bb1,0xcaa671c3,0xbd8ea76a,
-        0xd3a9c376,0x9d7b3fd4,0x471709aa,0x124ce863,0x018051c0,0x225ce41d,
-        0xf9e8ee1c,0x5489284f,0x535c4ec8,0x22d829c9,0x0000013d },
-      { 0xa1b15e02,0x6b01ed9d,0x301e5868,0x1d092bac,0x5764135b,0xbfa7a183,
-        0x6f7159a4,0xc0ee59b7,0x18090d0d,0x9171a051,0xb8052196,0x5c1531bb,
-        0x20927904,0x740930fc,0x76337685,0x963b48cc,0x00000008 } },
-    /* 62 */
-    { { 0xf4aaaed5,0x0fe8b620,0xfe871ee8,0x1068de7d,0xfebfcb4b,0x2b22030f,
-        0xc3a2155b,0xd4dfbee7,0x2769b805,0xa7a26a8c,0x6d39eaf0,0x377de770,
-        0xf615f032,0xf1a92447,0x42d9b731,0xa1b81a84,0x0000012a },
-      { 0xb1152e8f,0x299e67d0,0x92b5e14c,0x2e773d97,0xf1cb57a2,0xe0d81073,
-        0xbf1da4a2,0x03af0a9c,0xc22b449a,0x169b160e,0xdd2d7d1d,0xb82c1ac8,
-        0xbfc98ee4,0x7508aca6,0xe3cbea15,0x54992440,0x00000150 } },
-    /* 63 */
-    { { 0xa13a4602,0x70004a0a,0xd0d2c60e,0x505c71a3,0xa6d79bc5,0xa4fe2463,
-        0xd54d9df4,0xe878eb3a,0x73d3c7b8,0x7ecca907,0x244ecfa5,0x5b3bb278,
-        0xb124d179,0x8a30f61f,0x4f632af0,0x5b7e5001,0x00000115 },
-      { 0x9ef0021a,0x62c42ecc,0xf856c9d4,0x58017fd7,0x2e6478bc,0x10e243b8,
-        0x1505a4db,0xaf074669,0x4cd7eea5,0xd9bb0a1c,0xd52aed0a,0xe8ba39a2,
-        0xb549f09d,0x0747449a,0x9e57fa64,0xd5c8f7bd,0x0000013f } },
-    /* 64 */
-    { { 0x5a53c22b,0x1bd8ce7b,0x7cab446a,0x78733fcd,0x48acb394,0xc44ca4e2,
-        0xa38c790f,0xa9888b1e,0x15c34237,0x36afb6eb,0xfb702063,0xb913b8a8,
-        0x917508fa,0x34b77cc5,0xf9e4732b,0xa931d7a7,0x00000050 },
-      { 0x56d21d18,0xa90a4290,0x55b410a1,0x82666307,0x894a6b05,0xb4684a8b,
-        0x828cf75c,0x8a1ade63,0x127702a3,0x4fb2f85a,0xadf7b709,0x83ff7d05,
-        0xa68d1db6,0x1d3f5a92,0xc093cd5c,0x243ce1db,0x000000f5 } },
-    /* 65 */
-    { { 0xd37d7891,0x8fc183c3,0xfd865eca,0x17b50149,0x8f218441,0x0f6e43d6,
-        0x5a07f658,0xaf51ec25,0xad303202,0x8fe5a6cb,0x10676ef5,0x95de68f3,
-        0xca4e000c,0x7508e31f,0x77735254,0x783e5a95,0x00000159 },
-      { 0x2e537ad9,0xbc1db571,0x35be9cf7,0x5e87112d,0xd57f9bcb,0xbb522b48,
-        0xa8b3cbc7,0x1eff7890,0xe5ecdb5c,0x4f306e11,0x3387e7ed,0x30da8392,
-        0x72321e3d,0x4d91fcf4,0xe412a67c,0x8487bb62,0x0000009f } },
-    /* 66 */
-    { { 0x8cb8e08e,0x86f5f80f,0x2496fed6,0x7cfd2c41,0x60b7dcdf,0x0061b743,
-        0x57f4d05f,0x4dbaffdf,0x458061f2,0xb1993c2a,0x9de994c4,0x6c6ca8d0,
-        0x2747e062,0xef70d24d,0xb9995cbc,0xd4e5d4e3,0x000000ff },
-      { 0xc6f40077,0x3171e245,0x0723e506,0x1592e045,0x6a6bfd88,0x35c86f7e,
-        0x6d9d9ce0,0xba0959d1,0x3eb5770c,0x2e7f8fe8,0xc40d63dd,0x58eb0881,
-        0xeb9e4419,0x56333bda,0x3afd1f4d,0xfb0397df,0x00000034 } },
-    /* 67 */
-    { { 0xb358815c,0x7b84e05e,0xe41087d9,0x3abcb2d4,0x07f05d7a,0x87a75889,
-        0x7a9d481c,0x350778d5,0x42d64cbd,0x9d34cff8,0xccf289fe,0x0859cd5a,
-        0xdd2b2c6e,0x8372d591,0x18b40b62,0xc06d482e,0x0000006b },
-      { 0xda4ed375,0xd10695a0,0x298daaea,0x51baf588,0xf4b7092c,0xb028a1b4,
-        0x7a335b35,0x8ab87dae,0x0567efd8,0xa7359362,0x3320c374,0x7a49fc10,
-        0xa3558b30,0x737acac4,0x4c0fce9b,0xd30696a3,0x0000001e } },
-    /* 68 */
-    { { 0xbd3902fe,0xd9550ab0,0x86a9d3b3,0x9bba4b4b,0x975cac37,0x3a59e0a9,
-        0x333605dc,0x045e8731,0x1afc2c58,0xf2c598c2,0xeef9cbf1,0x81ff8d6f,
-        0x9bf83c42,0x82bed5d0,0x528131d5,0x9d1d9d5b,0x00000157 },
-      { 0x5519258e,0x687da305,0x027de2a8,0x73f539f9,0xd6a230d6,0x69fa9747,
-        0x5f5d1684,0xab1aeb23,0x5f7e41f5,0x5bbfe947,0x16a7feb3,0xbd546abb,
-        0xe16d5187,0x2afbd4e8,0xbcc953dd,0x7437be13,0x00000160 } },
-    /* 69 */
-    { { 0xee9755a3,0x55f165a9,0xb82c9ab1,0x0c8d5a1a,0xab6b97e6,0x65a1e45a,
-        0xab05e271,0x3004cdb0,0x6db0830f,0x9e0c3b52,0x75acbdeb,0xaae1ec1a,
-        0x761e8498,0x413d4484,0xb1b9c62e,0x589e09bb,0x000001e9 },
-      { 0x9c72258d,0x67512081,0x5c1593d4,0x61dcd734,0x91c11fdb,0x6c627a7b,
-        0x8857908e,0xd1d3e9bf,0x530bc68e,0x9aac06fe,0x6b5b44ff,0x125c16bb,
-        0xdb90edd5,0x38860bb6,0xfbbedb5c,0x96fe8b08,0x000001aa } },
-    /* 70 */
-    { { 0xf257c0f8,0x323a5dd8,0xdd3a10d9,0x4884dc92,0xbbb8ce03,0x03f379ce,
-        0xa47262a9,0x6217ad53,0x52e06c6d,0xa1df2017,0xc32428cd,0xf5b723e0,
-        0x2c30c62c,0x1e5d3889,0x477f82cc,0xd9a90f1f,0x000001fd },
-      { 0x1763ab59,0x830d27ba,0x723783e9,0xcf27d93e,0x945968aa,0x81558264,
-        0x1700d5d5,0x63251a32,0x03146d9f,0xcf6bbe73,0xe65bf0f2,0x6cdcf455,
-        0x632323fb,0x80aa00ce,0xd96a4744,0x6e49e62c,0x00000149 } },
-    /* 71 */
-    { { 0x40574c09,0xbeff0b7e,0x3fe80e96,0xb76f2643,0xeb237d91,0x0b3bd352,
-        0x7edc3102,0x3c0c62b7,0x424a36dc,0xf989394b,0x7c6c435e,0xe9ea64c2,
-        0xe388d076,0x2dfc21c4,0xa4e69e4b,0xcc3852f6,0x00000139 },
-      { 0xbb096b91,0x5238a3ff,0x73d8d43e,0xee72c9e5,0x8c577558,0xc116db11,
-        0xdc47d4b4,0x54ec89d2,0x42e1955f,0x2006dd35,0x7437475c,0x004aed6a,
-        0x2bee9041,0xc1ddc32a,0xed9332c9,0x597417a2,0x000001fb } },
-    /* 72 */
-    { { 0x859bae66,0x3c0f1981,0x845d7c1b,0xab48e9b1,0x452a3c1e,0xc6ce9c03,
-        0xff810339,0x2384a00c,0x5f98d6fe,0xcd7ede11,0x38a0dd5b,0xf7a00e3d,
-        0x3c7e1c06,0x56dd948a,0x8e53a61f,0x9d21a7d1,0x000000d0 },
-      { 0x880eb3fb,0xf9cfdbaf,0x5e83f7c9,0x64cfd297,0xa28a74b4,0x61ba7d6f,
-        0xdfb13e03,0xb8200d5f,0x232a6128,0x03bc8f4b,0x81a8d86e,0xd1fb92c2,
-        0x706d6ea7,0x68675fae,0xefab18c2,0x9b08608a,0x0000011d } },
-    /* 73 */
-    { { 0xbbd2f539,0x17cf6146,0x76e26ba2,0x96052fc0,0xd4be4a67,0x36821d18,
-        0x9f3f39a8,0x8f823422,0x433f873a,0x68b846b9,0x716f4568,0x7a1d3f36,
-        0x2fd47750,0xdf603e28,0x6975e226,0x77cb02c5,0x00000003 },
-      { 0x8c01dd59,0xf275add3,0xb9c1a37a,0x9c213a9e,0x4dfc5403,0x690ad104,
-        0x07ee0d86,0x202ee206,0x661fc40e,0x896ede95,0xd0b02f56,0x6b4d7398,
-        0xe5af1a24,0xccb96991,0xc13f7125,0xd5c281af,0x0000009f } },
-    /* 74 */
-    { { 0xd7073a5a,0xc858c54b,0x861eac7d,0x87c81a5c,0xe720201a,0x51f84a39,
-        0x40e003ce,0x952a9f8e,0x58f199de,0x76bdc4ab,0xd56cc02b,0x1cf12322,
-        0x83f162f3,0xb6634e63,0x8f969e11,0x84c017ee,0x00000169 },
-      { 0x5c89f1fa,0xf1f43362,0xb697b078,0x4a02a630,0x4b05b7f4,0x33311e5c,
-        0x4fede4cc,0xa7ccae51,0x4b025aa4,0x0d26e874,0xf84db7ad,0x7d5b77bb,
-        0xf571c1fe,0x39ef1aa8,0x418ccd20,0x65eba928,0x0000018d } },
-    /* 75 */
-    { { 0x8abb2537,0xa37866ab,0x65b3096f,0x14ac4cbb,0x2a428ad3,0x827fa7ed,
-        0x10e9e196,0x95d19f62,0x89801b4e,0x31eb97a0,0xaae8b823,0xaae77a62,
-        0x5f5c9642,0x9693d62a,0x3e368b84,0xff5bfe97,0x000000ad },
-      { 0x492b0dee,0xa3efae21,0x9602c2ce,0x2143e9ee,0x6f3b99e5,0x21367c99,
-        0xe93b8f59,0xdd78b2b0,0x1064c13e,0x8d541c38,0xf5738e7a,0xe6b970da,
-        0x8373b1a4,0xaf6ecc16,0x74ae208f,0xdbfa3f4f,0x00000180 } },
-    /* 76 */
-    { { 0x907a6aa0,0xb024621a,0x407879f6,0xef56cb68,0x8168a934,0x44c38b68,
-        0x9b9a9048,0x70d638d3,0x82541f20,0x6968caa0,0x1fc88b50,0x0c597053,
-        0xaf635784,0x5564ded5,0xc4d494cf,0xe7e898c7,0x00000097 },
-      { 0x6b6ebb2f,0xe1dc98d9,0x7aa9e126,0x292a17fc,0xfa2a2c68,0xb60f0fdb,
-        0xb2e1851b,0x9c63270c,0x81ca4cfe,0x898db265,0xb11959d5,0x94082638,
-        0xa54b8d19,0xe44f308e,0x44e63094,0x96399eb8,0x000000d6 } },
-    /* 77 */
-    { { 0xb83769ee,0xfa00f362,0x3efc4cb3,0x72d040ac,0x57abd687,0xc3933889,
-        0x940a7128,0x62264425,0xec242a31,0x909c4c8f,0x65a1a551,0xd1e48f1e,
-        0x049c2172,0x68bd70f1,0x709b7fd4,0xc8692d2b,0x00000041 },
-      { 0xdf816784,0x4e388aa1,0x01be75ce,0x4a58c8a5,0x02a67812,0x9b49dffb,
-        0xeda721e0,0xa73299e0,0xe67a65ec,0x8a0bd1f5,0x856c71b6,0xd81e91e8,
-        0xc005aa30,0x37aee2f4,0x0595bbf2,0xd9400750,0x00000073 } },
-    /* 78 */
-    { { 0x010c0ef3,0xa912ac4a,0x4e81b1a0,0x0e654bd8,0x4f353509,0x8f0563dc,
-        0xb47d189a,0x10dc41f3,0xf238c09c,0x122edd06,0xc41acf67,0x224c16af,
-        0x83758520,0x1ccb9334,0x2275ae6f,0x1a4b5f29,0x00000127 },
-      { 0x3ce688b5,0x792fd473,0xdca9c68b,0x14566d37,0x541711d0,0xfce9326e,
-        0x3cc341a8,0xe3ba14ee,0x2122c11f,0x6b8ab4cc,0xf5d379b5,0xc0fa763b,
-        0xf1522f91,0x95e2d2ae,0x31cf95a5,0xd4e21b3d,0x000000ac } },
-    /* 79 */
-    { { 0x1d8e061a,0x4013a779,0xacc84a30,0x62707e70,0xeb2f636a,0x6ac08266,
-        0x77b25c9d,0xe917ea21,0x70ff35cf,0xddb78bbd,0x041898be,0x5008db2b,
-        0xce0ae445,0x0f58a4fc,0x2257d0e7,0xed092397,0x00000043 },
-      { 0xe2e129e6,0x2cad77b3,0x0f1be4d7,0xfb8c4a87,0x20056333,0xaee50dff,
-        0x2a691543,0xbc2658c1,0xb8fe2640,0x95dc0cca,0x1965a0af,0x694eb584,
-        0xedd1d99e,0x7d3baa53,0x8a1edc87,0x2df13b20,0x00000083 } },
-    /* 80 */
-    { { 0xd181c3f2,0xfead2247,0xf337b23f,0x915d35be,0x74890672,0xdb4cfcba,
-        0xfda7a3a1,0xe4f70d8f,0x79275686,0x226b6419,0x6ff1f79e,0xe8040863,
-        0xcf5fa4e8,0x98e84b39,0xd8a09f60,0x57aa0be9,0x000000da },
-      { 0x4efcea66,0xd40cecf5,0xafc76fae,0x98df2aec,0xc91585a8,0x63f19a48,
-        0x13f00aa5,0xb111bda7,0x44b5cb9f,0x6687afab,0x652620d1,0xc6d5fb12,
-        0xbacb35ab,0xaf953f1b,0xff94c4d2,0x99709370,0x000000ed } },
-    /* 81 */
-    { { 0x68b54c89,0xac9f56e0,0xce737c22,0x08ecc17d,0xab089b53,0x208ee83f,
-        0x543fbd1b,0xb0f3a129,0x844dd706,0x1b204cf8,0xdec2e40d,0x80975c89,
-        0x9399914a,0x08b011ae,0x74674df7,0x6b4ba170,0x00000017 },
-      { 0x8fdfc175,0x71216ea9,0x7e0f5b0c,0x77b7fc63,0xceb33a34,0x88d0285f,
-        0x0223eab7,0xb679814f,0x51c6d922,0x9078720b,0x9c13f51d,0x5859d5a4,
-        0xfaed60b5,0xe69f850b,0x6d0ccab2,0x2499a844,0x0000005c } },
-    /* 82 */
-    { { 0x73e7bcf1,0x41d581fb,0xdd3c17be,0x16dde61c,0xfa199fd9,0xc62997ec,
-        0xc159db97,0x1a758873,0x64132830,0x4ed77896,0x2942a918,0x9672ce89,
-        0x816ba4bb,0xf3ee4587,0xce54dd7f,0x4fb7a148,0x00000123 },
-      { 0xf009be8c,0xf05d80af,0x78df1ba1,0x62e938d7,0x312de620,0xa7e22e84,
-        0x6070c4b9,0x48d29e7f,0xa1b5da37,0x5cd9c3eb,0xa4717453,0x1e51bd2f,
-        0x56ab9e67,0x94098ab0,0x49f7c6a1,0xbb584abc,0x00000049 } },
-    /* 83 */
-    { { 0x1ea470f7,0xa9f25530,0xe9254e30,0xa01bf808,0x71a0038d,0x098569ea,
-        0x5913ca87,0x0d2b2ee1,0xb8281fdb,0xae17004b,0x118e5c2a,0xdb5c6eb0,
-        0x1fa943ab,0xa56ac64c,0x1a92d501,0x1aaf6477,0x00000053 },
-      { 0x06345730,0x9679ef49,0x846f37c2,0x946aaa4e,0x1a7c3aab,0xf81726b0,
-        0x8166df4e,0xcb808da2,0x4e04dc3e,0xe9fb3fc2,0x76ec19b4,0x9e0b61db,
-        0xeed6d13e,0x6e7f665e,0x86a75384,0x70ed8c07,0x000000e5 } },
-    /* 84 */
-    { { 0x108ce13f,0x66456e58,0x0e397813,0xb5bfc58d,0xea3949e9,0x04b6a84b,
-        0x75af667d,0xea9b66bc,0xa891566b,0x7cb4d6dc,0xbf61595a,0x1b3cecf0,
-        0x002e2520,0x4312c73d,0x6135a5fa,0x81d76898,0x0000014b },
-      { 0x841078ec,0x4047bc25,0x179c454d,0x75aa9c96,0x4851f8fc,0x6a160609,
-        0xce34091f,0x998d4e3e,0x88e54102,0x9a9f6704,0x5da8ac5e,0xbf280f88,
-        0x8fec230c,0xc64caca0,0x5094b775,0x0ac864b0,0x0000002b } },
-    /* 85 */
-    { { 0x8f5daf7f,0x6b606e39,0x10927506,0x48385489,0x08c58a72,0xa2255c5c,
-        0xc90f3ee3,0x2f362fd0,0x08795f02,0xc9633af4,0x0425f5aa,0x71710bd1,
-        0xec06dbfb,0xc2017e05,0xc1b8bbcd,0xd9c7dc82,0x000001c8 },
-      { 0x18b8bed9,0x7db41fdf,0xe3a23125,0xe9483308,0x7291c4bb,0xbcf91de7,
-        0x41448aaf,0x9b0b972b,0xc44da462,0x95dfc633,0x01bf50a2,0x90b9c463,
-        0x869e3131,0x18b66f77,0x121baad9,0xa8a4e2fa,0x000000f5 } },
-    /* 86 */
-    { { 0xca0251ea,0x8ca55109,0x27a6c9b0,0xf2aeed8b,0x5620f528,0x901a8beb,
-        0xae13fc56,0x9a8421e8,0x85993c07,0x1349f1c4,0x0d1ab0d7,0x29e08359,
-        0xaeb5d909,0x96e2929b,0xf599a66f,0x96c2f1f8,0x000000ce },
-      { 0x12be8bd7,0xe4bc4b51,0x3c67e99b,0xf4846a0f,0x4d3a3864,0xd89cc7d3,
-        0x73f43981,0x1f647112,0x26dce567,0xc32bc324,0xf02b096b,0xf7134ebf,
-        0x0d0682b7,0x5604f00b,0xe3ce8b59,0xfd23d7ea,0x0000011c } },
-    /* 87 */
-    { { 0xa27689a6,0xf89646cc,0x5564172b,0xd6a7dc43,0xb57cbfcc,0x30bda48e,
-        0x5b1adfe5,0x9b11fffb,0x711d8bf4,0x9f2d80db,0xb70e5a5b,0xe879fdf0,
-        0x6bd18a1d,0x97534183,0x8cbfd504,0xc8c526bd,0x00000114 },
-      { 0xef7388bd,0xd5fe725b,0xe7ffaea7,0xf1c3dbdf,0x7e6de2ac,0x78395b89,
-        0x9ebf1bfb,0x81a72c9a,0x69785146,0x65265707,0xf52670af,0x3925ecd9,
-        0x83d57d48,0x437bcdd2,0xc80ecb02,0xb5d732a7,0x000001ce } },
-    /* 88 */
-    { { 0xcfd376d7,0xa7f9fcce,0xa66b084d,0x6b4eab3e,0xd5b91bd8,0x6ac90d08,
-        0x8aa304d8,0xaa3d5b7e,0x7f866a4f,0x27f3d42b,0xbb813ae1,0x95d19fa8,
-        0xe34a9206,0xd38798d7,0xa32c1cdd,0xdf7c0a69,0x00000073 },
-      { 0x38315b16,0xbe2c01bb,0x9e18c8f9,0x1daa7c89,0x08b6b853,0xa3d43fb4,
-        0x68092a81,0xb159e48c,0x836faad4,0x77e93d9e,0xa4699730,0xd4ed6361,
-        0x6297e476,0x569cb3f6,0xe7811fa6,0xb69d8183,0x00000185 } },
-    /* 89 */
-    { { 0xab9cb764,0x18f27eb3,0x8ebc1d6d,0xbbbefc21,0x0479aa79,0x47760ddb,
-        0x09e542f5,0xb4d16d24,0xbc699b96,0xe35c38d1,0x8c8d8c8a,0x13b2ae25,
-        0x67a3a45d,0x8579c152,0x6c554c04,0x773b7357,0x000000d9 },
-      { 0x0218c299,0x9620a473,0x99f78a33,0x69be29b3,0x484f414f,0x4684a009,
-        0x9a2ca4d4,0xb2c74937,0x68db7ab3,0x09c0773e,0x935c357f,0x6181f059,
-        0x8b7de3f2,0x0931303d,0xe0fb6e08,0xf3effcd0,0x00000060 } },
-    /* 90 */
-    { { 0xb25d6530,0x723c14be,0x9a97d40f,0x5e015b39,0xfbf7f622,0x209c3c4b,
-        0x14b4f0f1,0x83d8c59c,0x3f7e8ecf,0xcf002fde,0x1eb1ef0f,0x35d353c9,
-        0x201f0c60,0x394c42a5,0x7be8ee34,0x787128ab,0x000001b5 },
-      { 0xb70110cd,0xa0937d3a,0x477911b5,0xe0fa4efc,0xc53a4c19,0xc6acaf5b,
-        0x38d509f2,0xbd3010f3,0xe54ac1c6,0x3ee2a82b,0xe4f2a3bf,0x31ea67c3,
-        0xf089c7b9,0x7a4ca66e,0x34a2362f,0x5bda2c4f,0x000000b0 } },
-    /* 91 */
-    { { 0xd1f575cd,0xb424a071,0xa5237182,0x15693b01,0x9a2c9d40,0x14133602,
-        0x9c914a60,0x50c4348b,0x095b31c1,0x9024573d,0x22fd4962,0x6f975fd2,
-        0xe210b277,0xa1704886,0x6dba937b,0xac29b813,0x000001f6 },
-      { 0x775da491,0x09edef55,0x2b6aad82,0x25953f9e,0x1bb40d5b,0x6696a106,
-        0x4d5127d8,0xcfc45311,0x81ead062,0x2f21dca9,0xaf3b7123,0x3f3e4f07,
-        0x9646f20d,0x12cd06b8,0x6910f5bb,0x24136369,0x0000015e } },
-    /* 92 */
-    { { 0x3ecfc44e,0x0c844fd0,0x5043b3d5,0x4095f2c8,0xc9bd059a,0x9a5fe7db,
-        0xf65becdf,0x239328fa,0xa67961cd,0xe3102471,0xbbb5dfdd,0xea9e39bf,
-        0x133dc5ba,0x8022b6d0,0x5f12c379,0xbed7aa9b,0x00000141 },
-      { 0xfd94d941,0x096f0059,0x7d4ff018,0xfc6e9f00,0x779f05e3,0xe63af598,
-        0x00483c99,0x4c40f0b3,0x72a19870,0x04d2feef,0x464a4a71,0xdb773b5b,
-        0x49367f1e,0x00b6770f,0x2a9fbd2a,0x4f7e0301,0x00000169 } },
-    /* 93 */
-    { { 0x8a9095fd,0x0df5dd73,0xd3ce857a,0xc4b7a021,0xe5edc767,0x90aa796b,
-        0x180a0808,0x56497eff,0x66f10aab,0xb9856e1f,0x39879766,0x31298824,
-        0x3ba80601,0x61748cf7,0x555da929,0x07d9076c,0x00000012 },
-      { 0x1c44394d,0x0b049a01,0x0ce49e45,0xf5f25ef7,0xb1694265,0x1e3a09f0,
-        0x109b33f8,0x2c5bd9fe,0xa30932e4,0x07f2a43f,0xc6cf8af2,0x736abfca,
-        0xf3366722,0xadf7fa04,0xfa9d26b0,0x2f1e92fb,0x000000e0 } },
-    /* 94 */
-    { { 0x63be4d4a,0x9524e4a6,0x66f3cc91,0x1fa57bed,0x7e7a7ccd,0xdd7c93fa,
-        0x88c5d1d3,0x70e8cf6a,0x3f251f1e,0xb257997a,0xe3554cf5,0x0a5ec58e,
-        0x065a7109,0x68d268d7,0x085089ea,0x7c23d4d2,0x0000004c },
-      { 0xbd52d132,0x63ae575b,0x38c81cc5,0x0fb8daa7,0xe4e63b99,0x096a6e51,
-        0xb239d387,0x51d6b366,0xa5d49fed,0xed5f8874,0x43a8c07a,0x025091d9,
-        0xe4686ae2,0x100f845a,0x7eb4ef5a,0x1af59d74,0x000001c2 } },
-    /* 95 */
-    { { 0xdd441308,0x5f7bc01e,0x86308890,0x0dc34944,0x759611cd,0x2af38a74,
-        0x4c23ce66,0x11a71261,0xf8bafed2,0x37f317b5,0x4c93e079,0x4efbb9ff,
-        0x8ecc52cf,0x880f0edd,0xddc9d82a,0x480cdd2c,0x00000028 },
-      { 0xc3f807ac,0xe8f1ca0d,0xbd070549,0x6a3e4fc2,0x91f8bb6c,0xad3d0a14,
-        0x3d6dfacd,0xe3ee1cfd,0x5fb46ffb,0xee46b1b9,0x7dd5cfbc,0x5207b3ac,
-        0xb1b8e8b7,0xd580c0d9,0xc7bdd11a,0x52c669f4,0x00000084 } },
-    /* 96 */
-    { { 0xc0ace6d5,0xa42b4747,0xbe7287ad,0xd5acb64b,0x89bc2614,0xf3304899,
-        0xff05c71e,0x817fe836,0xd35ac450,0x772eb246,0x375a9c3c,0x7f5fc216,
-        0xcbc0d6fd,0xfb6f9e1a,0x720e9733,0x7643c315,0x0000009a },
-      { 0xf3845ccf,0x4b2216b4,0x90bc05bd,0x9c174e80,0xd6049037,0x7a550c74,
-        0x6358c806,0xbd7220a1,0xaa677b6d,0x838f9c41,0x66e2e08e,0x37332c19,
-        0x496f6da5,0xb032875e,0x9c30630d,0x52b274cf,0x0000000c } },
-    /* 97 */
-    { { 0x8ea58beb,0x6ec2e782,0x3665fa48,0x2b404c1d,0x20b40ff0,0x546d5fad,
-        0x29d3e6a5,0xfb5df7b6,0x66c81991,0xf186846d,0x6e2cfe3e,0xbe690bde,
-        0x1410d16b,0x97aeb9a0,0xbacc8e92,0x59d81548,0x000000cb },
-      { 0xbaf66a23,0xd905d3ad,0x40dfb081,0xc3337387,0x4b00f432,0x6d5535de,
-        0x07d3a03e,0xe17fe8e8,0x066bca80,0x29544ff7,0xbadffa55,0x60c2b96c,
-        0x45a26ea4,0x9f018d94,0x24a34ffc,0xd5438167,0x0000011e } },
-    /* 98 */
-    { { 0xbd7f8a61,0x62a873fb,0xbbe580bb,0x5e18cd71,0x667f6980,0xfd5c9eb3,
-        0x571d3dc0,0xab8d4f61,0x783f9bc8,0xe2e45215,0x24398b14,0x36c3774b,
-        0x74d811b5,0x2db4a363,0x2debe3c3,0x9f7f1297,0x00000138 },
-      { 0x798fefb2,0xbb97f21c,0x107baa72,0x9c76fcb5,0xfadbb568,0x12fbf760,
-        0xd33ea6c5,0x1a648be7,0x236134a5,0x412a2993,0x8985893b,0x4a3d8169,
-        0x3e66ada4,0x6144958f,0x7687b457,0xb4dfc79b,0x00000140 } },
-    /* 99 */
-    { { 0x7abe5bb9,0x83b14570,0xe51d81be,0xae0cbfd8,0xc9827aff,0x20dadf49,
-        0xa687b554,0xc3a72548,0xeeb41733,0x080263fb,0xd3827c63,0x7014fdc3,
-        0xb5e3b70e,0x7d018f84,0xfbcf7168,0x1d483e00,0x00000015 },
-      { 0x6b578aa3,0x154e3c7c,0xd3043dae,0x511ce9b5,0xb6008101,0x55f89e9b,
-        0xf405ac6f,0x4ec31112,0x2008ac7b,0x7e66a4d8,0x25c52fa6,0x73c00d39,
-        0x8acac2eb,0xee1b9998,0x60b57453,0xdfa31d95,0x0000008f } },
-    /* 100 */
-    { { 0x251cf8d8,0xcc74a0e0,0x041f2bd2,0xd4d8949d,0x33ebce52,0x0b734a49,
-        0x5c5bcdae,0xe1ac5f51,0x16200b93,0xd3ecdfcc,0xa793736e,0x2506a266,
-        0xea6e6940,0x585a1c8b,0x9190f935,0x081cdd53,0x0000000e },
-      { 0x53e28412,0x055f9956,0xdb27164b,0x0d1526f2,0x1df3adc7,0xcd5625eb,
-        0xdd35dedd,0xd2c453ca,0xa838ffe2,0xed442849,0x5c0ce589,0xad20c137,
-        0xbd99b609,0x2d5fba81,0x622efb07,0x5be41dcc,0x000001ad } },
-    /* 101 */
-    { { 0x8f850756,0x563af667,0x52f3b597,0x86d37aae,0x796842f5,0x10d38a53,
-        0xf743f997,0xcdaaf99f,0x93f1a8ba,0x2fa755e5,0x409f7cd9,0x1af04e15,
-        0xd6d0650b,0x63bf9a0a,0x55abfd9a,0x67b1cead,0x0000000e },
-      { 0xb5f43178,0x3660a8e0,0x9cc35b33,0x56bd412d,0x880f6808,0x3d7bfa63,
-        0x2e622c71,0x7f372d66,0x6ff82445,0xad7b7be7,0x8db04e51,0x0f2bde80,
-        0x4bd15c8d,0xe1e781fe,0xb8e502f2,0x1f475bfb,0x00000194 } },
-    /* 102 */
-    { { 0xd63543ec,0x79482bf9,0xa117ef3e,0x985cb67c,0x160ccc63,0x8ac50638,
-        0x729bdc1e,0x556cbed5,0xa22686df,0xd62ed97d,0xc81eb77c,0xb124cb5f,
-        0x72fa2ed9,0x4d7b4f66,0x78335b96,0x60b29aa7,0x00000172 },
-      { 0xa43df7c6,0x21bfc7b6,0xbc20706c,0x85acac23,0x345d9580,0xeb6f37bc,
-        0xa32a08bc,0x9d8f20d2,0xd1953c5e,0xf08924f6,0xc4f680d0,0x7d25d7c6,
-        0x2de9912c,0x64e6a237,0x52ce644c,0xda1c06c4,0x000000eb } },
-    /* 103 */
-    { { 0x411dd110,0x26677c5c,0x2c991c4a,0x0d6787aa,0xa45666d6,0x53be6a41,
-        0xc15f9f15,0x73e716aa,0x0e0cc7b2,0xa93b863f,0x2a624ab0,0xa4057117,
-        0x1a39c260,0xe5e7656e,0x2ef6f130,0xaf8d78b5,0x00000046 },
-      { 0x70f38dff,0x796214b1,0x123a1105,0x3e35d828,0x957ed812,0x046a44d4,
-        0x0da60161,0x618fa9ba,0x54f84413,0xe7cdd2a5,0x19ea95ab,0xf1c2563e,
-        0xcb2a30b4,0xc4459e14,0x61ff9aa9,0xc748add6,0x00000183 } },
-    /* 104 */
-    { { 0x9de58caf,0x32981f39,0x8753ea64,0x05bb80fd,0x2d119486,0xc83f9f24,
-        0x03eeb00a,0xf490cf06,0x7c73d79c,0x4037f251,0x724d461b,0x844209fd,
-        0x272420cf,0x6b03f6d2,0xb3438fa2,0x6f4bd29e,0x00000152 },
-      { 0xc389e51c,0x964d034a,0x6db7d98e,0xacda55e9,0xe913c583,0xb2ae97de,
-        0xfeb03440,0x0793077b,0x9d461e29,0xaa16e378,0x043bf8be,0xb0a67533,
-        0xba7d8c3f,0x9d749a42,0x6bb925dc,0x7c41e6d6,0x000000ec } },
-    /* 105 */
-    { { 0xc5da8398,0x2e9b345d,0xbb38c430,0xbc66841f,0x7c3bb47a,0xce3ac562,
-        0x738d2cdd,0x8fbeb12b,0x68731185,0xd4bc2ad7,0xbbd4f4f4,0x9521db1c,
-        0xfe4e1b0e,0x2a690cae,0x7bfebe3e,0x375215eb,0x00000194 },
-      { 0x2edfd661,0x4cb234f1,0xed52c1f4,0x0149984e,0xd8f8f98c,0x32d27260,
-        0x7be38590,0xfe76e4e4,0x95e8b672,0x5435873d,0xf2b00e82,0x916c397f,
-        0xbad61eb8,0x3b9bf705,0xae131bbe,0x7ee90182,0x00000000 } },
-    /* 106 */
-    { { 0x93fbcb5c,0xd36fea9e,0x9fa8529b,0x382be583,0xfd611ba0,0x0b243125,
-        0xcd8a2637,0xa59ae37f,0x3d8d4704,0xab78c60e,0x44c41b79,0x1bac243d,
-        0xeda49cc5,0xc4001fea,0x83dc7e9f,0x988ea44a,0x000000f6 },
-      { 0xf077f79e,0x4d90caa4,0xd9e2590d,0xf4d17601,0xd21b4b77,0x11debbb3,
-        0x9037e1b6,0x031b3f60,0x135becf0,0xf113ed82,0xf2903dda,0xf6c01379,
-        0xa6f19296,0x36bde7ca,0x9dbbad85,0x57d3b684,0x0000006c } },
-    /* 107 */
-    { { 0x9abfccb0,0x963fee38,0xb9676e63,0x6c6e2a24,0x84ba6d27,0xf8768f02,
-        0x465853d1,0xc38ba3ba,0x1b8ab9b6,0x6e3ab36d,0x47a07331,0x01fc9742,
-        0x25233f32,0xfdd41718,0xac61de7a,0x4dacfa81,0x00000021 },
-      { 0xeaa3198c,0x365a9f37,0xfc8b99d5,0xcbe8a345,0xd4f5ecbc,0xa427f12a,
-        0x0c237514,0xe841ff60,0x28a27b05,0x5d9e8c5a,0x62859ff3,0x2d377444,
-        0xea8bde37,0x1c0460ff,0x29cf5bf8,0x0a0e49a1,0x00000181 } },
-    /* 108 */
-    { { 0x45843c3e,0x688203af,0xaabebae7,0x4601e303,0x624df62b,0x397b08f3,
-        0xd21e5aa8,0x5687348a,0x9a242b0e,0x2cf12c73,0x32a76c6d,0xc848ed01,
-        0xf52751a2,0xb72aa1c2,0x92c02d05,0xb63296c3,0x000000f3 },
-      { 0xc6f3d1f0,0xce4b42ad,0x2f532b94,0x2f0dcc53,0x83443d9c,0x57813335,
-        0xdc8dd9cb,0xb50118ee,0xee87192f,0x3039e1a5,0x557419c2,0x9977267d,
-        0x30f96b0c,0x462efa4c,0x3cd3c35a,0x454fb796,0x000001f7 } },
-    /* 109 */
-    { { 0x9d153926,0x10f28194,0x82b57548,0x42e28c91,0x509e94c9,0x4b423b30,
-        0xde9d6b57,0xc5acc52a,0x8b3ca314,0xaa746c39,0xc63d5bc5,0x0f4ea307,
-        0xe1ccc989,0x425553a2,0xf76d9194,0x271198bf,0x0000008e },
-      { 0x3c8e672b,0xc7900e46,0x3f2dfc27,0x703675cd,0xaf2163c9,0x704951f7,
-        0x7aceaab0,0x74d69908,0x7e8d2369,0x482f21a9,0x813dc115,0xdcfbc1dc,
-        0x04f6cd13,0x0ce2bc80,0x82bfaff2,0x2a54662c,0x0000003f } },
-    /* 110 */
-    { { 0x1588a8bc,0x0dcf41e6,0x210c52cb,0x6f48cd0e,0x758e7a45,0x338562bd,
-        0x48b9b957,0x1600d54b,0xa6b89b9e,0x461df80b,0x098cc82f,0xf7fd4f17,
-        0x14977147,0x167f01cd,0x6116c5f9,0xb1338511,0x00000048 },
-      { 0x5d2617f0,0xdeb76333,0x6ecb8606,0x3f9a5772,0x1b91fce9,0xa93c032d,
-        0x6c84b997,0xf7a4388b,0x823ca5be,0xbfe80225,0x35a32f6b,0x6f19c028,
-        0xe3cb5c58,0xf26cd5ad,0x6d0c1dd9,0x7f5ddc77,0x000001e7 } },
-    /* 111 */
-    { { 0x6ee764c9,0x3c9feec8,0xb07c82cc,0xd1bec836,0xa005b142,0x6bf1b2e6,
-        0x29e8a5ea,0x70ef51a3,0x3ffe241c,0x517d298e,0x72966c28,0xbb389e28,
-        0x2c7acc76,0x3a2da8a9,0x732a21b5,0x902c9126,0x0000004a },
-      { 0x8f7ce110,0x96c51b9c,0xaeb036f1,0xdcc33a87,0x0a6a59e2,0x82695098,
-        0xe78db500,0xceaf26a7,0xc95bb030,0x82f3c384,0x24c42f42,0x6dd6e9f7,
-        0x70ac4a0a,0x768dde29,0x03d22efc,0x4aedce4b,0x0000016f } },
-    /* 112 */
-    { { 0xeded03c0,0x077f032a,0x588ddd4d,0x2684a052,0x9a85be0f,0x6d09bc4f,
-        0xe0b9b6bb,0xbdda0c7f,0xf2fb5887,0x19689c7e,0xec3cce7e,0xf8a96960,
-        0x768d2ae5,0xb043d9d5,0xdb21219a,0x29c8081b,0x00000068 },
-      { 0xde59f006,0x6bf872fa,0xcb97ef5a,0xc2b9ffc6,0x58ae7ef8,0x371915db,
-        0xf4ccaa1f,0xc2e23ca1,0x89c27cc4,0x1af8c60e,0xc86bdcc6,0xeee5d7e7,
-        0x9bd8de43,0x9225b47f,0x4b24f08b,0x53e7f463,0x000000b4 } },
-    /* 113 */
-    { { 0xe3048bda,0x54c496d0,0x43c3de4e,0xe2b67499,0x4c2d509e,0xac2049f7,
-        0x543c5089,0xb01f691e,0x105a365b,0xcd9960a3,0x78b17049,0x34d93ffe,
-        0xf82c9467,0x029f99b3,0x0161a755,0x785c5ea2,0x00000091 },
-      { 0x953dbdb6,0xb455f978,0x97eca19f,0xea9e84d9,0x36d4d75a,0x473bd029,
-        0xc15276fa,0xa9c17ca8,0x47c76356,0x9cf66133,0x039738d2,0x4a68360b,
-        0x69733609,0xd3e430a8,0xe2b27f21,0x0ae532de,0x000001b4 } },
-    /* 114 */
-    { { 0x5164cb8b,0x68110e82,0x2552a67d,0x6979af4f,0x8d185527,0xe10d6d0e,
-        0xfb64eac4,0xcf6c5787,0xac424592,0x8408163b,0xfce0d810,0x5d8fff37,
-        0xda84c15c,0x8b284e49,0x32663ec9,0xed805567,0x00000010 },
-      { 0x51f3ee9e,0x106f4030,0xb38adf1e,0x2e8e3ee9,0xa13d6449,0xd3c87a6e,
-        0x80e1abb1,0x27b49f45,0x0bfd7298,0xc283d179,0xafc7a35f,0x8fe50fa5,
-        0xade3ad4f,0x773da545,0xd9a21df2,0x78bfaae4,0x000001f8 } },
-    /* 115 */
-    { { 0xabad5678,0xae60d8e8,0xe600c25b,0x0afa72ce,0x4c288e21,0xb9d4e0b4,
-        0xd254cf9f,0x64447f76,0x959e2ba5,0x1fb36bc4,0x2961132c,0x393c44d7,
-        0xfc140f19,0xd7a8881f,0x8d096648,0x27a86128,0x00000091 },
-      { 0x8a9e690c,0xb536c021,0xeab4fa15,0x85dcc521,0xb00ee54c,0x09af4423,
-        0xaf3a8e48,0xb3793525,0xb7731d85,0xe1f36308,0x141cfb55,0xb5361d78,
-        0xeffc4529,0xea41f29e,0x9f7d2634,0xcf5755b1,0x000000e8 } },
-    /* 116 */
-    { { 0xd212b398,0x01edb80d,0xd53dd373,0xd0396181,0x8a52fa95,0x0e086047,
-        0xa7825e6d,0xad1e6432,0x330ece4f,0xe0185bc5,0xb078936f,0x508f7313,
-        0x9e7f6ea3,0x1dc982fd,0xd5556b60,0xdbf3a602,0x000000e8 },
-      { 0x279e05bc,0xc3763234,0xf44453d3,0x7f5f40ec,0x7fa30793,0x310c5f4d,
-        0x108d7e22,0x5cffad36,0xc2a98bbc,0xf2f01ef3,0xd7d47f80,0x30ab1719,
-        0xa9b22e1c,0x7bc9f918,0xe834df94,0xf53dc52a,0x000001f9 } },
-    /* 117 */
-    { { 0xc183f89b,0xf266b49e,0x5f5806d4,0xd3fb5f02,0x94ec3080,0xd30a42b5,
-        0x371cd917,0x4b6b1940,0xb7f7e26d,0xf7541aab,0x2d5b7b64,0xe55269eb,
-        0x7f8036c5,0x0e1a85c1,0xda5f2675,0xa0ff0f22,0x000001ce },
-      { 0x3a8e11f8,0x602bd56a,0xf5f9ab54,0x29864021,0x0ccc92d7,0xc6742c5a,
-        0x523f650b,0xd64569e6,0xf7fabfb4,0xc8e4681b,0xc3c9e6cb,0xb4275947,
-        0x38f5ff20,0x2b3952d5,0x1f04aea2,0x818f8e38,0x000001b0 } },
-    /* 118 */
-    { { 0xe50d90f0,0x3be5bffa,0xf5011cdc,0x4cb3b11b,0xa691dfac,0xe10ca711,
-        0x4ea1a773,0x62ec211d,0xe586eeb6,0x5a979ebb,0xa0c2f1fd,0x4df16ab1,
-        0xc57bbfea,0xfe9e3f7e,0x5ae526f6,0x1b05960e,0x0000015e },
-      { 0x8630e62e,0x1c8e04a5,0x6447e1b7,0x3d00310e,0x43b4447a,0xcf1e6b61,
-        0x7462e7a3,0x92abb851,0x0002724d,0x8309ea08,0xe45296df,0x1d805d70,
-        0x3d4ed812,0x0f3849b3,0x6834d44e,0x2d6bffbc,0x00000096 } },
-    /* 119 */
-    { { 0x48e07711,0xd13fe58d,0xd270a3b2,0x70f83648,0x8cdff04c,0x1517892d,
-        0x51411f14,0x15bb6578,0x3e4f8a55,0x6c31cd90,0x0413362f,0x73f87152,
-        0xeca06d4d,0x2fe025ee,0x954e317f,0x32a6e417,0x000000ad },
-      { 0x69d147df,0x7e38c63f,0x710bf37b,0xb69bb06e,0x28d514de,0xb94debef,
-        0x8d11c3d9,0x4b2307fb,0x0385c604,0x3b369df9,0xe7800e83,0x68ea2f49,
-        0x7d501c1c,0xf028b258,0x5cef7818,0x97078221,0x00000055 } },
-    /* 120 */
-    { { 0x54c1d751,0x10c351db,0xba0f9512,0x81445301,0xbfdc8bed,0xa77eb34f,
-        0xcf23680a,0x498d8138,0xe04f2860,0x928c14a4,0x16a5b6da,0x96192dba,
-        0x5f9a9103,0x49dea95b,0x01724102,0x80dd4578,0x00000085 },
-      { 0x0e09221c,0xe9072500,0xf21de056,0x62e05b21,0xe0e60950,0x448cafa1,
-        0x6f775129,0x657fb97b,0xf1f34aca,0x5d2991bd,0x49ff15d6,0xa66cd5ac,
-        0xd049ec79,0xdc1d6897,0xe72baea8,0x388fca84,0x00000067 } },
-    /* 121 */
-    { { 0xa6ef1dd3,0x6520b49d,0x3ba6cd76,0x391a045e,0xf33d5f48,0x9c84980a,
-        0xef07474a,0xe53cf5b2,0x78bfb1ea,0xa35b2e9a,0xeda906fa,0xeca97fd6,
-        0x1b9f2cf4,0xf1a93789,0x3ab28589,0x66753369,0x0000010d },
-      { 0x73691faf,0x5b510496,0xd57ec618,0xdc73d3a9,0x930a8525,0x7e2921bb,
-        0x40b05b69,0x094f571e,0x413bedca,0x5e96a017,0x8d1a6b98,0x9e7d4f72,
-        0x3eade8b7,0x55143fda,0xd16e454d,0x859b8444,0x000000fb } },
-    /* 122 */
-    { { 0x7c667aaf,0x7c22083e,0x4a91ccba,0x33545cb9,0x8ca0e94a,0xca1e9931,
-        0xe4eaa0c7,0xc3afff23,0x42f56844,0xa21ac436,0x60d52d0b,0xfcc68a8b,
-        0x6a9301d4,0x401a585b,0x907abce1,0x547f762c,0x000000a3 },
-      { 0xfbe260ce,0x63dd3ed3,0x80dc01fa,0x2717752d,0x6f1da3e4,0xd5fab75d,
-        0x5261f10e,0x5f16864a,0xd20cd6bb,0xbe7b1f63,0x221ac656,0x9d638c10,
-        0x673b918e,0x3137b8f6,0x4ada2fb8,0x23eb4438,0x00000174 } },
-    /* 123 */
-    { { 0x2a1fbcf4,0x194e27c4,0x5facd5ee,0x4c0d285b,0x915e6607,0x75c2ebdd,
-        0xef0a6a9a,0x1e696510,0x067cf458,0x13c5afa1,0x7bee1fba,0x2be013c1,
-        0xdad279e7,0x85a406d6,0x5142cf59,0x0042951d,0x00000031 },
-      { 0xa22bbc45,0x6a735ec1,0x7f56f4d8,0x4ee5391a,0x236001de,0x305af9d0,
-        0xaa2f8d25,0xa8b21851,0x187db78a,0x0e2c36d8,0xa1a888c3,0xcfcc083f,
-        0xbd3e7d5b,0xb91dab7f,0xf4fdd023,0x62d85460,0x000000f4 } },
-    /* 124 */
-    { { 0x4972d703,0xf568ba02,0x39098a03,0xfc44ca1d,0xae28c855,0xe9b8e542,
-        0x5b1b4536,0x4fd4f360,0x4c7f7e48,0x2e08b07b,0x2230823d,0x042f3b98,
-        0x1889fd13,0xc9ffd313,0xc6c68359,0x56af0652,0x000001bb },
-      { 0x06e0f16a,0xedbf05e2,0xd74644a5,0xfc1ac2fa,0x0f92c71a,0xe59a0a98,
-        0x36c800a1,0x13ae37d7,0x236178dc,0x5f20efc6,0x2b46ef10,0x443a58b8,
-        0x442509e4,0xc9517dcf,0x640ed9b0,0x7d0bb415,0x00000166 } },
-    /* 125 */
-    { { 0x3d22842d,0x3aa30a61,0xb3c4ece0,0x8c6e00f5,0x6df82b79,0x8764cf87,
-        0x78d208c5,0xda92d86d,0xe788854a,0x0a52d391,0xa59b0994,0x499b26fb,
-        0x04c5fc9a,0x5dc133ad,0x34e3f134,0xa5c09269,0x000001dd },
-      { 0xfad6d673,0x6f0dcac2,0x00f3b3fe,0x6d8fdf05,0x631756e9,0xece71941,
-        0x0a4d80e3,0x3990f493,0x31d13001,0xf2aca936,0x75581638,0xee91966c,
-        0xe6dd5679,0x6df0f574,0xccd71cda,0xbe124868,0x00000111 } },
-    /* 126 */
-    { { 0x475cc1b4,0xf644c726,0x2b73978c,0x915fc2f9,0x0e3d7eb7,0x65a7e6d1,
-        0xf40c38e0,0xbb44e21a,0xe1ad24fc,0x988662b9,0xc35606e5,0x270ba4dd,
-        0x1a4f93f7,0xc3834a2c,0x3362a4d7,0x93d0c9a2,0x00000021 },
-      { 0xf769fd7f,0xe2cb7b8c,0x89a213b9,0x1815da97,0x6b910fef,0x7b4f8c56,
-        0x26931438,0x2088b309,0x925b37c0,0x477b71bd,0x26a640e5,0xa049a921,
-        0xfd21c6ef,0xd3ddf1bd,0x232a56b2,0x9b5f9d7d,0x00000064 } },
-    /* 127 */
-    { { 0x679a9c35,0xd640adf8,0xcb74d796,0xcdad98e3,0x5f8e9daf,0x464b8ebb,
-        0xad4a073c,0x4738614e,0x2edde557,0xbd86c0ee,0x576ce0b9,0x77331738,
-        0x4095fb96,0x9b5d3327,0xee09aead,0x72f0aeb3,0x00000136 },
-      { 0x64e54ba5,0xa388c76d,0xdc474d21,0x63fe7af1,0xb2a77081,0x7fa3e9d1,
-        0xde1240ad,0x0447b49e,0xc720303a,0xd9f64b66,0xe6bd0213,0xb1c78029,
-        0x0aa03ea5,0x1caf1c70,0x3bb85d2b,0x179180eb,0x00000103 } },
-    /* 128 */
-    { { 0xaf2ed12f,0xadbf4f9f,0xf380fd8a,0xce1d19e4,0xa39e81ae,0x0957bdb5,
-        0x626ef6bc,0xf9833321,0x0cf5b28d,0x110ae5ea,0x20392cd4,0xab159450,
-        0x6bc67855,0x67c49887,0xa3fd61c6,0xce7e5938,0x0000004a },
-      { 0x28c7dea9,0x59c5b9ef,0x0a6a7184,0xd02f95ba,0x8202769c,0x034dc257,
-        0x94dd6896,0x213b0b08,0xb5dea95a,0x03730b7f,0x617ca889,0xfe243ed0,
-        0xfb1ba052,0x16cf4d17,0x226f96da,0xd8691d6b,0x000001c0 } },
-    /* 129 */
-    { { 0xbf8015c2,0xaa2edf3f,0xc49502d8,0xe7f8236d,0xa6a43157,0xe890f6e0,
-        0xa2d04b0c,0x318ef325,0xa809dbab,0x9cc0668d,0xda67ca21,0xdd26937a,
-        0x83febc49,0x8f27c12c,0x3c9b9844,0x87b3db2f,0x00000029 },
-      { 0xfd2e3dc7,0x37e7aed0,0x7415fd55,0x498e8bdb,0x58a45f25,0xfc0d6c9a,
-        0x209c85d0,0x83d5baba,0xd579e1ee,0x31ec8dc6,0xa502bfed,0x1f4cad0b,
-        0x1f41bef1,0xc432e6ce,0xbbffca65,0x3b10afaa,0x00000191 } },
-    /* 130 */
-    { { 0x53053af7,0xbd9f7df0,0xb28a1cf4,0x60304765,0x7ce90438,0x441778fc,
-        0xac8c5ddd,0x8fbed36e,0xfb59ec61,0x27b1313b,0xa1b1becf,0x9d2656ff,
-        0x945973a9,0x334e1345,0xc362b595,0x3261888c,0x0000018c },
-      { 0xaa7f6ff8,0xf413a414,0x3fab7c7a,0x092aeb88,0x7cc307ba,0xfa1d886b,
-        0x2346100e,0xdc81c125,0x02140c93,0x93d4d273,0xe6104835,0xa1ed7e3c,
-        0xdf1795f3,0xe2b91ecf,0x369ed416,0x160dc11a,0x00000191 } },
-    /* 131 */
-    { { 0x8b57d7cc,0x9a72f46e,0x4bf02386,0x3140b0e5,0x05b3a91d,0x886c396e,
-        0xa4ec26e0,0x1b9ab3a9,0xc50f58e9,0x742feaeb,0x55e26af0,0x1592c608,
-        0xbb1cd9f7,0x943cd476,0xc7f02c89,0x3ed97fd4,0x0000017c },
-      { 0xe6d54964,0x53b02503,0xc6a318c0,0xd9bd1162,0x9cc28c22,0x18ff6cf4,
-        0x03534640,0xa45c7840,0xb4cc0668,0x8ea3335e,0xf42dbe03,0x7ad727f8,
-        0xfdf6c3cd,0xb157e911,0xec992d76,0xa7f894c9,0x000001b3 } },
-    /* 132 */
-    { { 0xaf09ea77,0x91e6e397,0x75dc25c5,0x26a760b9,0xb94a197b,0x8c040c08,
-        0xb68ce619,0x041baca8,0x5bd23564,0xa19a0d15,0xd977b33f,0x86ca5b94,
-        0xe5fbd029,0xf31f87f8,0xb1901f99,0xf76c55a6,0x000000b8 },
-      { 0x3846ec9f,0x175bf8c3,0x9deaca46,0xf462205c,0xa3108df0,0x92cb5ec0,
-        0xcfaed928,0x879db283,0x65049fb2,0x477dc004,0x96ee5031,0x48d24bac,
-        0x56adce45,0xa7db6b16,0xab1c684f,0x0110cdab,0x000000fc } },
-    /* 133 */
-    { { 0x4d308bf2,0x151b66d8,0xd6638004,0x99013c9f,0xfd383bf9,0x6892df92,
-        0x3ffc8efc,0xa10efd84,0x313ea287,0x527e316c,0x3a0df740,0x8ef6e3cd,
-        0xf6ebd2a1,0xcb96e430,0xa70ee4ce,0xc1ebecf2,0x0000018c },
-      { 0x1a70404c,0x80d14ad7,0xf9ce2a30,0x6ad21dd0,0x3aa3e072,0xb94cbcde,
-        0x6363a690,0x0ab59611,0xc6b1e2b4,0xe70bff45,0x66ceec5b,0x1296dd0b,
-        0x747757c0,0xd4cb2a74,0x3d7d91e8,0x08988ca6,0x000000aa } },
-    /* 134 */
-    { { 0xf8db0396,0xaa2dcfca,0xb422da76,0xe8ae8f37,0x96485724,0x652f8349,
-        0x7bf1493f,0xf647c3c4,0xb0247a4e,0x8b600b46,0x7aebda8e,0xabf3e439,
-        0xa7958df0,0x2e1d231f,0xf881bab2,0x38e692b1,0x000000ef },
-      { 0x26cf3047,0x1f3c1689,0x59539858,0xdad14f94,0x293f20b6,0xfde85d1c,
-        0xf57abb17,0x2ea5436e,0x1794de38,0x0d1a8ffc,0x2bfecd2f,0x9ba508e2,
-        0xdb786042,0x110f0a7f,0x7cde31f8,0x2ade6f64,0x00000196 } },
-    /* 135 */
-    { { 0xfec78898,0xc996a537,0xde0fa77f,0x0b39de72,0xd34cb08f,0xf6d076ac,
-        0xda78d353,0xacd8bb82,0xa0392cc1,0x5fe804d3,0xe581549d,0xab7adede,
-        0xc067c6d9,0x883901a0,0x4ed93f37,0x5855ffa2,0x00000191 },
-      { 0xbf9ebef3,0x29570e36,0xdf4b3177,0xe21046a5,0xa6816b5c,0xf9b89a95,
-        0x288d0e11,0xadf39281,0x3979159a,0xd6baabe5,0x5c8fabb2,0x411afee0,
-        0xe5c7af10,0xf192c3af,0xd7dce37b,0xaa72e81c,0x000000f7 } },
-    /* 136 */
-    { { 0x16c386ee,0x20fa3c0f,0xd4c09839,0xb33b0469,0x876a3136,0x79e0d722,
-        0x3c406c06,0x343c0a92,0x4debe27d,0xef220e3e,0x196f00ea,0x09d7b1e1,
-        0x24a9dcff,0x4a0f5dd8,0x99c1d085,0x53582ec5,0x000001e2 },
-      { 0x5138c7ed,0xcc8ef262,0x6547f88d,0xdec43194,0xdd0a9488,0x2b6e53ad,
-        0x8257ebdc,0xeb9f1efa,0x1f08c989,0xc583c6eb,0x40163768,0xf1736911,
-        0xdbc20e3d,0x6282ff8b,0x9cbd514e,0x26b81005,0x000000d5 } },
-    /* 137 */
-    { { 0xa0025949,0x2449522f,0x0bbd8945,0xb26d888f,0xe637216f,0x33442f5f,
-        0x472827f6,0xd8ec3b64,0x99fc2681,0x91d8a1a3,0x68c7710d,0x6d232ead,
-        0xe51b2762,0x8e5bfe2f,0xfd109fa7,0x0f9f4fed,0x00000004 },
-      { 0x6b4a05e0,0x1952ea51,0xf21c78eb,0xcb0d48ee,0x1997dfdb,0x64d36619,
-        0x8b4c21fd,0x0d11b204,0xbe92303a,0xa6f569b6,0x78c5e809,0x2b8f6096,
-        0x36805d8e,0x7226b5ab,0xdb349ca2,0xd6cff180,0x000001bd } },
-    /* 138 */
-    { { 0x943cc612,0xa49f8576,0x832b31c7,0xc914319e,0xcccadebd,0x9225e297,
-        0xb0619821,0x4918fb42,0x25b1cc7c,0xaccb3084,0xa646e5f0,0x751d3347,
-        0x590e3e22,0xeafb4aae,0x2c4a0008,0x82146038,0x00000151 },
-      { 0xbf96a461,0x3c2481db,0xb52a3ba4,0x51c122e9,0x464db08b,0x21c2858e,
-        0x6d6a081d,0xb1014b78,0xf533cef7,0x167d3ed4,0x81545f7c,0x6cfb3294,
-        0x449b7b9f,0xea46d31c,0x9621c299,0xcfad7613,0x00000081 } },
-    /* 139 */
-    { { 0x478a7f0e,0xef796327,0xde17705d,0x914183e2,0x572117e8,0xd24a26df,
-        0xb7cd52cf,0x3cdb1b09,0xad83c160,0x9e42b9fb,0x709ef8c9,0x6971d2ea,
-        0x8ee54ccd,0x1894fc5b,0x34a520fc,0xf757b4e5,0x000000fc },
-      { 0x86b62347,0x5a5518cc,0x7bc2a928,0xec51c9d2,0x2966727f,0x2eea2b05,
-        0x0ae43e6f,0xbc8a8e3a,0x05ca066b,0x80535b5e,0x8833986d,0x91ffcdb1,
-        0x32374cdd,0x2f4a5bba,0x0d202243,0x08763a49,0x00000124 } },
-    /* 140 */
-    { { 0x4efac14d,0xe498b972,0xa79a9d3c,0xb6f4bf8d,0xd6e07c29,0x0f1e8dbd,
-        0x71771538,0xfac30cfd,0x71b03263,0x4c91ed22,0x19b455f5,0xbf938335,
-        0x127092bf,0x76a5e789,0xb4813bd9,0xa97674e1,0x00000128 },
-      { 0x583e5924,0x29b63c41,0x8f171d06,0x61f9aff1,0xab227a28,0x2b45b3cd,
-        0x8a11ab70,0x939d5dda,0xe8db6971,0x2bfb47b0,0x0ec10805,0x562379df,
-        0x24ce1801,0xaf5a6481,0x34f94aba,0x8d98c434,0x00000150 } },
-    /* 141 */
-    { { 0xcfffc80f,0xdea9fe73,0xd43473f6,0xe23e2e9b,0xc9d37ba7,0x27fb3ed3,
-        0x7a3fc357,0x733766d2,0x8e04a03d,0xd0db4cf3,0x2bbe0f43,0x8ce01752,
-        0xda986f4f,0xd87eb719,0x2fe6b037,0x6d1b50ae,0x00000153 },
-      { 0xda40bab1,0x371f5def,0x9b2bda63,0x07d6a8af,0x0d4aca87,0x5e8a5c89,
-        0x643ff8ab,0x4d72f0ff,0x4bf8ec2f,0x9c4c10d9,0x0eb93e22,0x36b0eaba,
-        0x1d2dfd01,0xbc4b0e8f,0x9d34a082,0x9f252e5a,0x00000142 } },
-    /* 142 */
-    { { 0x7d0e7020,0x4affd4c1,0xb5482168,0x9b169aaa,0x588f348f,0xdbe01708,
-        0x885986bb,0xdaebf6ff,0x15f9c381,0xb33987f5,0x04a94a7b,0x7e455f2c,
-        0xa0ed6849,0x39a41442,0x1ef7798c,0x1c1ad4a6,0x00000154 },
-      { 0x072709c4,0x7647b628,0x8810e5fe,0xb330d68b,0xe92e0f63,0xd1bd8874,
-        0xf8bea9ba,0x144e4fb9,0x8318981a,0xc15afc18,0xb68c6a07,0xe19c5c82,
-        0x36e00b66,0x858c57a2,0x07cb7aec,0x9b255110,0x00000011 } },
-    /* 143 */
-    { { 0xc887027d,0x121ced27,0x2bfab286,0x6050f335,0x19d511e2,0x6e373c1c,
-        0x7f4c69f5,0x02d4c3a9,0x25226bb4,0xe6f356af,0x83e7ac30,0x3b9011c3,
-        0x33d8fdfb,0x43b0c23d,0xaf2ea363,0xa8c390f7,0x0000000b },
-      { 0x7e851bac,0xc430c3d6,0xa5f544fc,0x8991c389,0x67fba061,0x006bbc64,
-        0x97cbdbf4,0xd49d024e,0x7734adad,0x4539b7dd,0x28cb6d2a,0x90ba8f9f,
-        0x4de4b3ad,0x7a921830,0xa7b96928,0xb28732ef,0x0000006a } },
-    /* 144 */
-    { { 0x22ed5986,0x71dab52d,0x58533e06,0xdeee627a,0xcf155fe3,0xe8fee37a,
-        0x7ae8b132,0xcd61490d,0x34a08b94,0x2706e185,0xf9c15c30,0xa85ffd52,
-        0x51a5ad46,0xd5a224f3,0x54d700bb,0x44d1b6d5,0x000001e6 },
-      { 0x862e4e9c,0x96830686,0x48763fe4,0xfe5cd76c,0xc0839caa,0x60309679,
-        0x8d83d62d,0xc0e4cbeb,0x11bc4ae2,0x911e254e,0x64fca062,0x96a0d7c8,
-        0xe9a27045,0xf5785dd5,0xf3e0412c,0x2f4677d0,0x000001be } },
-    /* 145 */
-    { { 0xab01a6dc,0x4c0012dd,0xae1adb69,0x391bd6c1,0xb9b05079,0x3ae7daec,
-        0x62a1061f,0xc2714f9e,0xa96536b7,0x71978ee7,0x5e17654b,0xeec11bd0,
-        0xefab3dd4,0xc71166e0,0x87edbf61,0x0f7aa572,0x000001d7 },
-      { 0x51eb5932,0x26ea6f7d,0x5f882ca4,0x354ea0aa,0x7739f7dc,0x175b6097,
-        0x9be57934,0xd335192a,0x78545ecc,0x9801f423,0x7b643c9d,0x32b8e256,
-        0x23e3abec,0xb9411dd7,0xcf1c6509,0x656dea68,0x000000ee } },
-    /* 146 */
-    { { 0xa0890deb,0x4d38e140,0xbceb84bd,0xbf7bd87d,0xba041dec,0x51f0ff72,
-        0xa6820be9,0xafeec70a,0x8c486298,0x755190a3,0xe7010ec4,0xecdba558,
-        0x8c7879b1,0xced91db8,0xef5e215c,0x08de3e4c,0x0000014c },
-      { 0x16266da2,0x9c1534ed,0x7b4c9009,0x9ce322eb,0x69927688,0x37decaef,
-        0x05c2844d,0x6525097f,0x1ac519ab,0xd23b7e13,0x65a3cc86,0x682ebb72,
-        0x628c4575,0x0c531db9,0x73805373,0x2e00e8b8,0x000000be } },
-    /* 147 */
-    { { 0x57ed32e9,0x3807c800,0x7c024997,0x427e40cf,0xabb54830,0x58506abb,
-        0xce820bf4,0x5649776f,0xb2c43e81,0xb5353293,0xcfef6648,0x671e8353,
-        0x903bdca5,0x27217d3f,0xa813fd79,0x40a9c109,0x000001dc },
-      { 0x3db21a38,0x6beaa6c3,0xd73ef7e4,0xcae222e1,0xbd1d507f,0x1ff684e7,
-        0x587a77ab,0xf5bac664,0x0c64a4d6,0x58c74f62,0x6a7c378a,0x4ca837d9,
-        0x3e42e409,0xf43df531,0xfb49e14f,0x8a9a4347,0x0000013f } },
-    /* 148 */
-    { { 0x992f8923,0x85ab4edf,0x6fd209f3,0xe24aa5e0,0x1b1340ee,0x27be9b87,
-        0x91e0bb40,0x2957d11f,0xf3d4c62c,0x425afad2,0xc7ff7aaf,0x2d231286,
-        0x0114cbe9,0x96412b2b,0xc3e23529,0x6706a231,0x0000019f },
-      { 0x225c02af,0x06b3bbd2,0x3fa3e98d,0x53ebc166,0xb84f482e,0xa6df2b75,
-        0x2bfc55df,0x912b4521,0x512a73da,0x30bdbd40,0x3d53eaa4,0xac0f43d9,
-        0x0c27fd53,0xfc358fe4,0x919424b4,0x2cb183be,0x000000a3 } },
-    /* 149 */
-    { { 0x3fa6a746,0xe39b0c2d,0x1d5a24a8,0xe84a7922,0x78cdf2b5,0x70a58914,
-        0x30666cb3,0x8a88067d,0xf6d71d06,0xb09a709e,0x0065d184,0x50007a3e,
-        0xb8dc9448,0x7046af4b,0xc65493ac,0x2b6a3129,0x000001fd },
-      { 0xe45f2771,0xd3d5d5bd,0xf432ed95,0x8542b08a,0xf232a6bb,0x2ecd40fb,
-        0xe8beccb2,0x0fcb6143,0xbf8e247f,0xcecc513a,0x8da3039b,0x955d56f7,
-        0x56c2a0df,0x9157c619,0x3031fe2a,0xa6d35cbf,0x0000018c } },
-    /* 150 */
-    { { 0xbe0c4923,0xdd800b1b,0x6902907b,0x046ae740,0x957bd0c7,0x2398b37f,
-        0x9655f8b8,0xaa8e1a9d,0x500f4150,0xcd2927fa,0x202e7aee,0x826a9c6d,
-        0x9f29692e,0xb4cf58b3,0xbf41577c,0x3093868c,0x0000011f },
-      { 0x333ed442,0xadcb5e7a,0x906fef7b,0xae5c8e2f,0x3d98f228,0x2d9b0123,
-        0x7ffe125c,0x4632f2da,0xba231835,0x59487731,0x12d2c512,0xa0caae5b,
-        0x9857d9c4,0xbf00e658,0x54f200f6,0xc5d10086,0x00000172 } },
-    /* 151 */
-    { { 0x2fc283e0,0x58954046,0x7ee0880e,0xf7633984,0xb7fd1622,0xfaf1b40e,
-        0xf598c5ed,0xecf5151e,0x7e00d9bb,0x6b4d92f7,0xa8c43fd4,0x7543e3b3,
-        0x6511d1d2,0x3994e12c,0xaf05b6d3,0xdd841a1d,0x000000c6 },
-      { 0x23b991ad,0x23da17e0,0x71fba514,0xaab2b213,0x0ddc1879,0xb417ec5a,
-        0x5f63acdc,0x173bc8ad,0x1e2a7d50,0x2fcf5210,0x6106d008,0x63373fd0,
-        0x7db012cf,0x1e8211de,0x576545ef,0xa07766d9,0x0000018c } },
-    /* 152 */
-    { { 0xaf80dfaf,0x8e4347b9,0x9c4667f3,0xa80b631f,0x6ddbc238,0x6ff1db26,
-        0xaa8718a0,0x6161e365,0xaf31c35f,0xe7f7ac90,0xfc6846e8,0xc03831d1,
-        0x684175b4,0x1e669d10,0x934b731a,0x6da9d620,0x000000c7 },
-      { 0xa3e4e78b,0x981f597b,0x55099f9a,0x2c14dedc,0x93088c61,0xbf373995,
-        0x9b207458,0x7c568307,0xa2276900,0xc4440c47,0xf7e6daf3,0xb6df23c8,
-        0x42929103,0x4f662c25,0x8b3b7963,0xf4ea6db1,0x000000f9 } },
-    /* 153 */
-    { { 0xced36049,0xc669eb88,0xf41b99f8,0x87a4ffe1,0x6a72e108,0x690b7563,
-        0x65a0bb8a,0x67dd6a8c,0x96e42955,0x42cf8c58,0x1aabffad,0x5286b5f3,
-        0x8f6f26a4,0x1f7dfaf2,0x0e1ae503,0xc5d9e0ac,0x00000120 },
-      { 0xacc10da7,0xafbee3ff,0x944946e5,0x67e2d5f9,0x3c4220ff,0x8ec17e86,
-        0xbd6f632e,0xfe6f7414,0xc3fc9ef4,0x4a9e3c0f,0x03bfb870,0x25ff3cba,
-        0xbb03342d,0x18fd3600,0x0050cd2e,0x1e63e753,0x000001ac } },
-    /* 154 */
-    { { 0x8f3d6a02,0xdd83d07c,0x7ef4d0d1,0x71fc143c,0xd4c7af61,0xca994bf0,
-        0x827c5cf0,0xc8a93e98,0x2b697882,0x4a102c7b,0x8a55e8ba,0x633c87d5,
-        0xcc2d64f0,0x1ae8822f,0x986d01fc,0x2ce9b53f,0x000001c1 },
-      { 0x95dc1b79,0x859639fd,0x3f4e616a,0x2728f754,0xede2fb9f,0x6e703c4c,
-        0xd50fae9e,0x042f7680,0xc2d530ed,0x0546bc3b,0xcdd598ac,0x00a4006b,
-        0xe1294910,0x3f3286c9,0xb6bf9629,0x77782255,0x00000146 } },
-    /* 155 */
-    { { 0xe30c98fe,0xaf81421e,0xfc2cd705,0xdeb0feb0,0x14df6ad2,0x9b2c4ca6,
-        0x9ba314e8,0xd38134de,0x4f04b16d,0xa443deb8,0xf07f8ca8,0xfc556ee0,
-        0x3a4f3917,0x3c1c83bb,0xb1adcd41,0x8397dd24,0x00000199 },
-      { 0xdf4781e6,0xca01e17e,0x46f1f901,0x32d7c319,0xb53090da,0xa227a613,
-        0xa7c8c607,0x2495b1dc,0xddc69709,0x1cf2fbee,0x45608098,0x1d3d82bb,
-        0x085134d7,0xcfcddda3,0x96798c41,0x3dd171b5,0x000000d2 } },
-    /* 156 */
-    { { 0xd4dd7e96,0x97a40f84,0x8409fc0c,0x7114c8ea,0xa9d11393,0xc56f29e6,
-        0x8fd8c6d6,0x3b606621,0x00269e7c,0xad3baa86,0x05929d5f,0x1413c6b0,
-        0x222e365b,0xc1ad7e40,0x4798aaec,0x6a82621a,0x000001d3 },
-      { 0xc1003c81,0xaeac45c4,0xf43d8602,0x9ef9ef5a,0x60f77469,0x36a65f5e,
-        0xbf5d2858,0xf312e7ab,0xc84acef1,0x2f53ec81,0x9d248b52,0x63e32ca2,
-        0x81e65c60,0xfe9aa7c5,0x52841973,0xe3686c9a,0x00000017 } },
-    /* 157 */
-    { { 0x9e90de99,0x0b2efe65,0xad05ab63,0xbe4485bc,0xe14e4892,0xc48a6a52,
-        0x22628687,0x2ad85430,0x5eb3db54,0x261f0e95,0xd45e5841,0x48e81863,
-        0x8ed75739,0xcfe1ce0f,0x7d84ade4,0xbd6f1ff5,0x0000003f },
-      { 0xd1bf968c,0xd43711dd,0x48dfa472,0xd558d7cd,0xe425a566,0x49f09223,
-        0x5c26d041,0x0cf83338,0x7c2c1743,0xbe7b81f1,0x5143d9d9,0xe3bdc33e,
-        0x94fd3fae,0xf385ac35,0x9fd1811a,0x7551cf42,0x00000113 } },
-    /* 158 */
-    { { 0x20193bb2,0x4928f55b,0x7310b872,0x96e579d0,0xd345d276,0x5ee06309,
-        0xa871868a,0x9a43e432,0x11038683,0x28c113e1,0xa332f108,0x8286ecf3,
-        0x0385cbb4,0x3348aa37,0xef158daf,0x698ffcaa,0x000000c6 },
-      { 0xf6908745,0xa044c54a,0x6a3353fb,0xa6b336e4,0xd561e821,0x694c2852,
-        0x3634917f,0x1b297970,0x81f61315,0x6e1023b9,0xef46a5ef,0x6817dc2b,
-        0x8e114f7f,0x93dea0af,0xed72c5bf,0xc3cf3cd5,0x00000136 } },
-    /* 159 */
-    { { 0x7b080de4,0xbb8799ab,0xd69d8396,0x3b8f781d,0x986f8f63,0x76b42aaa,
-        0xa54bc5ca,0x5d74c038,0xa9c2fbb9,0x76fcb605,0x80178930,0x8451b440,
-        0x9d286f0d,0x40f00c38,0x0c543263,0x3038e952,0x0000014c },
-      { 0x6977aad9,0xc94bc381,0xd7087be3,0xadbfd082,0x875fed08,0x06d0820c,
-        0x345656fc,0xe1ce84d4,0x0fd6dd4e,0x71c4d8e0,0x6a5fab40,0x23338b22,
-        0x0baeeb6f,0xd477eac1,0x5f80c26c,0xe4db08bb,0x00000078 } },
-    /* 160 */
-    { { 0x1078342a,0x0111d12a,0x559a1064,0x0534725e,0x0fd3ffdd,0xea459d59,
-        0x06f0ac1f,0xcf694a9f,0x3e19bc69,0xf6d24adb,0xb9ddcd00,0x3ce38f5e,
-        0xb632dd4e,0x38400f66,0xe15e1c55,0xcab8fdfb,0x00000085 },
-      { 0x8d09422f,0x0a943f6b,0x0f988c3b,0x17d29756,0x2ef2e4d9,0x55a441fa,
-        0x35f7c13f,0x6743523b,0xedaad3ff,0x274d3407,0x9347242d,0x59411435,
-        0x3bb8615d,0x1cb27301,0xbd7794cd,0xa0437004,0x0000007d } },
-    /* 161 */
-    { { 0x2d712c44,0x824b99a6,0xa6962577,0x148368f8,0xd65e2287,0x8ed68432,
-        0x6f5bc5f8,0x14028306,0x4ec3479d,0xe6cf3121,0x9326db70,0x96db6f44,
-        0xca32936b,0xca5ac098,0x2fea21af,0x69e248c7,0x0000004d },
-      { 0xa71269fb,0x0aa89092,0x18650b60,0x2f6bdba8,0x9fb55db2,0x1d9cc2a3,
-        0x6311e9d0,0x0fceb0df,0x90ac2c1d,0x6faeb79c,0xcb1f372a,0x2393b222,
-        0xbc8c4193,0x62a6f3df,0x2fe8e674,0x9dea30b2,0x00000001 } },
-    /* 162 */
-    { { 0x12b3118b,0x7df689ac,0x6cb6ea56,0xd06ee39d,0x187cd978,0xcfcc22c2,
-        0x8d537d87,0xb985b681,0xe9f56db2,0x75845152,0x5e098c15,0x0f839871,
-        0x3b212cd2,0xbe96a5c8,0xd9ac1c47,0x3dda0338,0x000001fb },
-      { 0xcfa0a9b8,0xf06b7fe0,0xe22dcf75,0x9478bac7,0x136887c8,0xf3815e04,
-        0x914c54bc,0xed811dde,0x0f51ea64,0xc8c24160,0x4c870577,0x63914d83,
-        0xa8abbcb4,0xed24e552,0x2644f52e,0x9e5eb9e8,0x00000001 } },
-    /* 163 */
-    { { 0x66d52313,0x1f65a04e,0x4d3f72bd,0xfd694545,0xa6b7ae11,0x2bc0ddaf,
-        0x571ab247,0x921f79d8,0xae5a8d68,0xd4c5f966,0xaec5ce13,0xfde17716,
-        0xb764bd39,0x70e6eda4,0x990d6783,0xffe94085,0x000001ef },
-      { 0xd88f92e8,0xf3fa0e27,0x9c77123c,0xa21ef0fd,0x89274dba,0x6259974c,
-        0xb9ba2762,0xd4cfa4a5,0x46ebcaf6,0x10c909d2,0x8f8e2870,0x0317a10d,
-        0x453aeea2,0xb0771de1,0x68c6b0a3,0xdf0c4791,0x000000ea } },
-    /* 164 */
-    { { 0x4c854477,0x11bc1e48,0x8638e47c,0x2bec25b4,0x869c54d9,0x43d4e02b,
-        0xbe1e7ed2,0xe318de32,0x6b460c4a,0xf5471eb0,0xaa426afe,0x38ae7bf3,
-        0xd8452dc1,0x23ae26dd,0x5782de9d,0x9d3fc1d5,0x00000164 },
-      { 0x0ade1979,0xd87cae31,0x3b4bc728,0xa847041d,0x56c3c9be,0x38923c40,
-        0xd74ae467,0x36fe182a,0xecbe49ae,0x92bff6f4,0xdc41f9f5,0x6680db80,
-        0xe4630715,0x35bac06f,0xd6d07307,0x6d68b4c7,0x000000c0 } },
-    /* 165 */
-    { { 0x854dfcf2,0xdbe22be7,0xa6ae3bd0,0xee21a7df,0xa521ec46,0xf4633ad1,
-        0x41a9484c,0xee94527a,0x2aa123f3,0x1145eb9b,0xcae3ca92,0x5634a82a,
-        0xfc85d925,0xe176aca0,0x19082d8c,0x504cf7fc,0x00000078 },
-      { 0x3799793c,0xd74ce7c4,0xb5519fb5,0x74ddd618,0x95ff9808,0x2cf6df93,
-        0xb8bf61e6,0x00ea45d1,0xdcfcf54f,0x26863613,0x030035b0,0x67423b76,
-        0x4028a9cb,0x9fbc7534,0x051a077e,0x7b52ce37,0x000000f4 } },
-    /* 166 */
-    { { 0x96bec962,0xebf7d8ad,0x17e0107a,0xd1cc81f6,0x214e1058,0x64c44509,
-        0x42394c9f,0x6c298c43,0x1a660513,0xd910052d,0x90df8243,0xc3643754,
-        0xfe5cdea4,0x2313be1e,0xd27fb7b1,0x249a60f7,0x00000076 },
-      { 0x1cf593a0,0x74975838,0x8364c59e,0x0c9ceefb,0xe05c9991,0x2f5a1333,
-        0x421808e3,0x30ea5e1f,0x4f5e8f4f,0x56fb3a4f,0xb6c0cb47,0x2cae6e2e,
-        0x08bdcc6a,0x60b307fd,0x0ff8c117,0xee17901c,0x0000001a } },
-    /* 167 */
-    { { 0x89aa9e14,0xc048336b,0xf676700f,0x66634271,0x906b6980,0x4daa0433,
-        0xebb7ab23,0x30247ee1,0xeb59a053,0x969b4aa7,0x8000f4d5,0xd78ef825,
-        0x46026b5b,0xe5db38eb,0x7d6856c4,0x06a43e5d,0x0000003b },
-      { 0xed2a0ee7,0xaa0ae838,0xf16e8813,0x04bbe528,0x4ea64137,0x8ab6df5c,
-        0x06e29867,0x5be80cb6,0xf459ed2b,0xf19b1b72,0x1761521a,0x7a9cce4d,
-        0xaa516f3b,0x39aff994,0xb3416925,0x97d92e86,0x00000007 } },
-    /* 168 */
-    { { 0x5af3a8ca,0x25aeede1,0xa5c351ec,0x33924782,0xf93ec080,0x41e7a3fb,
-        0xe6f425b4,0xb04f93c4,0x81e76009,0xe4ec12ec,0x5180ffc6,0x797366d4,
-        0x0e0aef3a,0xd293cbb5,0x68d71d91,0xa1496944,0x00000061 },
-      { 0x675a67a1,0xf52c541c,0x8f5fe906,0x67d38d30,0xf6be988e,0x2a70bccc,
-        0x18589886,0xae03ecbe,0x7067045b,0xecd02616,0x10ca8d96,0x1facdd99,
-        0x30c0735d,0x7aa10a82,0x3328f21c,0x2a27e554,0x00000015 } },
-    /* 169 */
-    { { 0xe6057e27,0x3dd609e0,0xc7a454da,0x87e8b6a7,0x1f32dd5b,0xff599145,
-        0xd0ef51e2,0xea397a88,0x25567546,0xc49866a1,0x3228b480,0xea45c8b1,
-        0xdd01997a,0x3dbe0e77,0xc51867d2,0x0e2ea28f,0x000001f8 },
-      { 0x69d0820b,0x6295412d,0x1ea65a18,0x03173127,0xeb06380d,0xc27c8221,
-        0x75fe9706,0x7ffd4efc,0x5a71d250,0x7b396a57,0xc7cb7543,0x61c80051,
-        0xad4dbee3,0xe07db4d7,0x9b192d45,0x1c7481f4,0x00000143 } },
-    /* 170 */
-    { { 0x08e1cc4d,0x5eab2d04,0xad2dc1ee,0xe93758d3,0x5c9c7393,0x0ceb7dfe,
-        0xd3379683,0x530d86a9,0xe24f86d7,0xef5283ca,0xf0b1bb0b,0xab5d1a64,
-        0x54db4e3c,0x96aabc1f,0x3bc00c59,0x3e3d87cc,0x00000144 },
-      { 0x1d60e7b0,0xe50a8213,0x5d33d018,0xfc9b629b,0xfd05338d,0xc54aee42,
-        0xe821c6ea,0x0678f2c0,0x06ac09cb,0xe5c9d75f,0x53018df6,0x83357513,
-        0x0bf8c667,0x81ca6fac,0x9d0ae2dd,0x7fc8020e,0x000000e1 } },
-    /* 171 */
-    { { 0x1baaa5eb,0x8add4741,0x79bd8036,0x02cbb759,0xcdffed22,0xd8680c40,
-        0x4e091141,0x1c23a8f0,0x20748b87,0x65d141ed,0x659e9289,0x586a1575,
-        0x5006dbfe,0x7c68d7cd,0x22569a74,0xda0ad0df,0x00000148 },
-      { 0x7f9069d7,0xc8fcc5db,0x5c0531a4,0x2487d245,0xe9a2db3a,0xc5ab4899,
-        0xb4fe9720,0x52bfd538,0xd27f35e4,0x73a04ca4,0xee2dac93,0x7cbbc549,
-        0xff3ee7e2,0x0287229d,0x28da9360,0x3179878d,0x000000d0 } },
-    /* 172 */
-    { { 0x3b66c047,0x89b7e9bb,0x602a3e1d,0x22e65869,0xc8db9c00,0x44f82297,
-        0xd08a74a3,0x0e76aca3,0xfcd398de,0xfbf1a71d,0x8320e66a,0x2fbb6eaa,
-        0x179c9fc5,0xa82d0ebc,0x4e7ab2b4,0x4e00cf6f,0x0000000f },
-      { 0x4890c439,0x424c0e9a,0xbc35a6b2,0x37564a2b,0xd9b7497d,0x95a4479d,
-        0x612de942,0xa1ff3f0d,0xe60d0033,0x358627fc,0x522417da,0x815da8c0,
-        0xef6b8385,0x506104d4,0xf16e96aa,0x800728d2,0x00000120 } },
-    /* 173 */
-    { { 0xab039042,0x976f2372,0x9fa084ed,0x10e6978c,0x58bec143,0xd03fdd2f,
-        0xfe2045c3,0x3200c101,0xb0a5a928,0xe6868f7a,0xe61faff8,0x26c95d1d,
-        0xb7b12265,0xa1e20127,0xc2a5ed17,0x8e63dd78,0x00000089 },
-      { 0x22bba4ee,0xbb6533da,0xf496a574,0x3eff6397,0x14f2a6b9,0x409329f7,
-        0x1dfdd73f,0xa08248bd,0x69bca1b1,0x62f33f2e,0xba2e0327,0x9a177e64,
-        0x75ddf741,0xbc50e993,0x4a56bd1c,0xb87a979f,0x00000095 } },
-    /* 174 */
-    { { 0x67c1f177,0xe83736a9,0x600133c9,0x1b6d3508,0x6eac9a5b,0x9424bb92,
-        0xc27ef31c,0x7a9c01a6,0x122b4870,0xad93bba5,0x9d1ac985,0x9eb94e2a,
-        0xd53f175b,0x511c0206,0x5102d914,0xd13eb252,0x000000b1 },
-      { 0x675a1171,0xcfe7dbeb,0x16c0d2b1,0xb228295c,0x057c88ca,0x8db25b5a,
-        0xd300e9cf,0x73ea9e96,0x269552eb,0xb0e0037f,0x9e0f98df,0xea9d035c,
-        0xd290480f,0x860e49b8,0xc036b319,0xa35e9512,0x00000037 } },
-    /* 175 */
-    { { 0x8f00df48,0xc56729ee,0x11ac8304,0xb89ca7b6,0x8b3a8123,0x497a57f9,
-        0xc21ca3ea,0xe0431b19,0xe2bb3ce7,0x45a73deb,0xadc77819,0x2f86cc2b,
-        0xe5eb3df1,0x5ff005e4,0xdd27dcf0,0xf955dd7a,0x0000005e },
-      { 0x00ee402f,0xe0c22ffa,0x3b30bb4c,0x5b335e2a,0x643cb101,0x542551d0,
-        0x3cd19688,0xc6183f45,0xf0be54b4,0xc6664f22,0x4c20cde4,0xa5f4cfee,
-        0x80a4c475,0xdcaa972f,0x59111ed9,0xde4af200,0x0000019c } },
-    /* 176 */
-    { { 0xd771f428,0x9e9d0bc8,0xe43ca382,0x3ac1ecd9,0xeb93acf0,0x8d5ee480,
-        0x065a2a3f,0x16232f81,0x2f0b8a73,0x1fc04faa,0x025474a2,0x4a8df7e7,
-        0x3bb15f6f,0x51ac4ff2,0xe0950e52,0x66e21b73,0x0000006b },
-      { 0x67a41dee,0x59c98480,0x7b3e2b3f,0x2cfa95ae,0x891454e1,0x54d98386,
-        0xeefca6a4,0xf0dddbdf,0x11e9cb75,0x5f691b24,0xfef208c3,0xa9b9e766,
-        0x18b33cf6,0xe8df1000,0xd1c174a9,0xb8a55ac9,0x000001c4 } },
-    /* 177 */
-    { { 0x5c4cccb8,0xa99f5862,0x2ef4d3ef,0x70bf5209,0x89efc878,0x28f4e576,
-        0xda14206e,0xa2366f96,0x7c52107d,0x90331a00,0xd4a0f0f0,0x478d4cea,
-        0x472a47b0,0xb2899ee2,0x64207549,0xae96534e,0x00000110 },
-      { 0xcced05b0,0x2cc1d655,0x01759543,0xabac3f09,0x8e577cd7,0xbaeb70a4,
-        0x40e98d6d,0x84b00893,0x603d24f1,0x26983653,0x2572173d,0x6e145883,
-        0x611141de,0x1d348b26,0xefa27f34,0xe52257dc,0x0000006b } },
-    /* 178 */
-    { { 0xc947e655,0x92678f33,0x08923795,0xff0fb76a,0x790239d1,0xb2dfe745,
-        0x3cdbb7ce,0xea087492,0x05f6d41c,0x21326db9,0x79dc5588,0x5b1ae9ae,
-        0xe9c31702,0xe145340c,0xa2c38a9c,0x07502c29,0x000000c3 },
-      { 0xc156ace2,0x0c124f11,0x79ff2529,0x2c170fe7,0x6e1171b2,0x60df9a81,
-        0x55de2797,0xa19bca83,0x7c6cc79d,0x1ad927ea,0x1d61f770,0x28590112,
-        0x261c06bb,0xfe80c826,0xaa2642bb,0x4050d338,0x0000015e } },
-    /* 179 */
-    { { 0xeaad87bc,0xc9397829,0x81e84cbd,0xe0ac9367,0x6ade4fde,0xb579c24d,
-        0x690d7f56,0x50b9aba5,0xd14fb0b9,0xf09b29d3,0x25a0e7b6,0xd0684f23,
-        0x606f4ff3,0x0514e9d3,0xe8ad733b,0xe63bdd26,0x00000077 },
-      { 0xe0d25c6d,0x0afd06ec,0x00ba2dcf,0xdd90021a,0x8c5bb398,0x1b025770,
-        0x198ff8fc,0x077f06d8,0xb7e2cd68,0x87d50ff1,0x263a3572,0xef75e057,
-        0xfa925a9a,0xbf257892,0x739d0e95,0x847d3df0,0x00000111 } },
-    /* 180 */
-    { { 0xfec82924,0x52ab9cc7,0xa7220d69,0x1c76dd69,0xa06ef0e2,0xa63527de,
-        0x27183904,0xab3e51c2,0x716807c8,0xf4db35ea,0x748f1246,0x8f3ede0a,
-        0x41156095,0xf1493644,0x874b38de,0x5f6583d1,0x000000f7 },
-      { 0x0b927eb7,0xa39189e1,0xc2e2f127,0xa87c6359,0x7fe966f4,0x0b72c233,
-        0x105e5585,0x102b8382,0xe58c39f9,0x63fee006,0x991b5329,0x3f052ee3,
-        0xcbaff97b,0x7f5b854c,0x5f805060,0x935e5f6c,0x0000016a } },
-    /* 181 */
-    { { 0xdfd88d38,0xf19a0355,0xc549df40,0x555cd8e3,0x04d006e1,0x322729e3,
-        0xfd0b0ce6,0xf16b706c,0x35f2ad31,0xf156dc09,0xf7a3df9f,0xb30c5213,
-        0xa55e5fb5,0x9f29cc92,0x2b858da2,0xa0ecfdd4,0x00000144 },
-      { 0x52658a92,0xb5c115df,0xc4281616,0xbce3ed17,0x7fd92a91,0xa5595f70,
-        0x9cd5d896,0x663c8bfd,0x5a9472b1,0x0776343f,0xb033e1bd,0x14e44ca8,
-        0x1e5c02fb,0x27a1c986,0xcc4ffb32,0xece0f2c4,0x000001b5 } },
-    /* 182 */
-    { { 0x31211943,0x17127bab,0x5684325c,0x44a8cac6,0xd855fc3e,0xd2fe0b88,
-        0xce91eea5,0x47abab0c,0x78ec7d12,0x5d23ddc4,0x0cd9fefa,0xa3986de7,
-        0x82655766,0x32c7b867,0xeeaec7fa,0x3e54018b,0x00000087 },
-      { 0xb38d17c1,0xc96e86f2,0x71fa040d,0x9cbfbd0c,0xf88499cb,0xe111ab79,
-        0xf71ec80b,0x1d47c5ce,0x46c89692,0xacaa3bc1,0x3d316331,0x5f921c0e,
-        0xe768765b,0x31fa081e,0x41eff270,0xd5dafd5f,0x000000fe } },
-    /* 183 */
-    { { 0x4cda1348,0x8af10b9d,0x25c3013a,0xb0769fd2,0x8957c22b,0x450aa5b1,
-        0xf5acf1c4,0x5cafd6c7,0x9fef8029,0xcf71a140,0xee089f5d,0xe12029f5,
-        0x0fbd2ba8,0x9752a8fb,0x6f70cb58,0x61e2275f,0x00000090 },
-      { 0x1fbda16a,0xb70a4ac5,0xf1dfa2a2,0x79910e79,0xd9945f6f,0xba2ce132,
-        0xeb4ba4ef,0x450d59ae,0x4bf2d53d,0x6a8e09b3,0xe620c7a8,0x76010204,
-        0x0a53c6f4,0x63f8943d,0x87eaf56a,0x14c91d19,0x00000132 } },
-    /* 184 */
-    { { 0x490d66c3,0xe54fb120,0xa0dc8204,0xeaed7328,0x04b4294d,0xba014c38,
-        0x31ddc467,0x3f2fa2ab,0x8342ed11,0x70ff55ea,0x23034e0e,0xb18da72f,
-        0xbd8ae3c1,0xadc30dbe,0x3e945a02,0x179bdf6f,0x0000009c },
-      { 0x7484c26f,0x46c928ef,0xef2adbb1,0x206b7db1,0x3f58dda7,0x0887f548,
-        0x4bc7edb6,0xfde4e20c,0x975cafdc,0x484d121d,0x86beec20,0xc5b59670,
-        0xa6d6db67,0xb579aa88,0x41187488,0x22c6d87e,0x00000015 } },
-    /* 185 */
-    { { 0xc471d4ae,0x0a890757,0x43a1da76,0xfef4b1a5,0x6aa701a1,0xb892b182,
-        0x59c65f93,0xbf4d4e52,0xd789df35,0x923af929,0x0b79c3f2,0x3ccb46c6,
-        0xcf4cf130,0x95582ce7,0x257f0ec4,0x7da081b4,0x0000011c },
-      { 0x9aeef274,0xf92c6ae5,0x1437c083,0xe6c5bf4f,0xe13c86af,0xaa74b023,
-        0x2a225360,0xd21dace6,0x22589fa5,0xb3d572b8,0xdfa74b0f,0x3d4a3916,
-        0xb12891a9,0xe76cd8dc,0x59f4cfbd,0xa0391a3f,0x0000019a } },
-    /* 186 */
-    { { 0x203fc3f1,0x054ba69e,0x62106a29,0x09168ccb,0xaad5fa9f,0xb0818540,
-        0xbff7ed6f,0xecb8f20e,0xbef94afd,0x2c80a618,0xb0abd1db,0xe25d8ca0,
-        0x028e0a7c,0x75e67a41,0xd6e95b9a,0xdd7662dd,0x000001b2 },
-      { 0xf289d7ee,0x87dff279,0xeea2205c,0x4d755d59,0xc18adac6,0xaeb0fd54,
-        0x7ec01019,0x3a8c46cf,0xb48d70a4,0x6fc90e7e,0x10b39ef8,0x965c53c1,
-        0x38545a20,0x455777cc,0x57dd023e,0xa33430f7,0x0000016e } },
-    /* 187 */
-    { { 0x0ff53d2c,0xfa9f3949,0xb00349b9,0x8dc91596,0xd5997967,0xf10a5014,
-        0xa8a6b78a,0x4dd72dab,0x8b517b10,0xef5de540,0xa6d39be0,0x142b90bc,
-        0xeda17f70,0xcaeaa3e9,0x06b31118,0xa01689d6,0x0000016d },
-      { 0xf46afff7,0xea6ca563,0x34a5e5f3,0x3945c7ba,0xaa998fd8,0xc1ffe4c8,
-        0xb63f535e,0x42a60146,0xd1f509e5,0x50816888,0x9f8cd0db,0xd1918daa,
-        0x78a36772,0x6505e6bb,0x9cc6dc66,0x4ab03a81,0x000001ef } },
-    /* 188 */
-    { { 0xd376d986,0x06089d14,0xa2dc35b0,0xd0f4e077,0x53ff2c86,0x1c11709a,
-        0x123c3fc8,0xfef4ba45,0x1b656fc2,0x852cd5a7,0x1fefa8bb,0xb57c7489,
-        0x48110b77,0x8f05383e,0x52c5a129,0x4b55d3ad,0x0000004c },
-      { 0xf3827633,0x5110cff3,0xe00afe96,0x086784d5,0x3ead32fa,0xcb387882,
-        0x2b91cd86,0x3dcf4d16,0xe6f3638a,0x078b6a58,0xe8b7fd42,0x33792112,
-        0xee5683e7,0x6964044d,0x28e28433,0x3b84210f,0x00000122 } },
-    /* 189 */
-    { { 0xc3ebeb27,0x6c28a9a9,0x3ef590f8,0xd7bcdcb5,0x4dae7f37,0xe88a2e11,
-        0x726ea7c9,0x033522e4,0x8c141388,0x99d50386,0x61621575,0x59b1aeca,
-        0xfcc564d8,0x719fcfeb,0x1aeb8e36,0x3a577af1,0x00000043 },
-      { 0x6feba922,0xc3f26ce0,0x475a5693,0x5f6c83ee,0x28bf378e,0x7f796740,
-        0xbdc3f6f1,0xd2a5e368,0xa6ed90ae,0x3d034a0a,0x4a47cbd5,0x3b1c3a4c,
-        0x4dce2bc8,0xa4f0aa6e,0x74ca00eb,0x97c7af43,0x000001c0 } },
-    /* 190 */
-    { { 0x79c28de7,0x00377178,0xab9c330c,0x617aa2aa,0x66bc61eb,0x43081826,
-        0x4d78b504,0xe0b5b5cf,0x9870fc72,0xd76a752d,0xd40b7bc5,0x3b4689f5,
-        0x87f2d03a,0xa97fd867,0xfd6060a9,0x6ab7b5ee,0x000001c0 },
-      { 0xffb71704,0xe99eadb1,0x390fe3b1,0x436e58bb,0xab4f19aa,0xeecab82c,
-        0xe0f3d9dc,0xda492dfa,0x6e20ad12,0x2a0f54bd,0x7dbbd262,0xaf89fa0f,
-        0xe8d2eb54,0xdcc50a1a,0xef7d0758,0x9799f816,0x000000b7 } },
-    /* 191 */
-    { { 0x104f98cc,0x9ec46462,0x72aedeae,0x45115922,0x7e62186f,0x7ae93dd0,
-        0x8d6d69b6,0xd17ce026,0xfd43a8f3,0xb5347608,0x7c0ab797,0xe87f1c13,
-        0x139f991d,0x3bf597a8,0xe547e0d6,0xe293a85b,0x0000008d },
-      { 0x8ef668b1,0x0982add3,0x611c9764,0xc54e6b2d,0x1c1d4263,0x3ce76b12,
-        0xeff64e73,0x3134b28e,0x2871612a,0xaf71a9ac,0xba093594,0x31c88af2,
-        0xba9108e8,0x0b649112,0x5cf437da,0x8febc5c5,0x00000113 } },
-    /* 192 */
-    { { 0xc4a2daa2,0x7e9ca589,0x400f608c,0x18ea703c,0xd5175103,0x6f8cd058,
-        0x4abb6f29,0x26493472,0x94296ab4,0x0be553e1,0xac51657d,0x9af9398f,
-        0x4f880ea8,0xe232deec,0x67b1e1b1,0x2f81761e,0x00000137 },
-      { 0x3a20f662,0x51014bc7,0x49ed9502,0x1fb7e77c,0xb62b9652,0x89f5096f,
-        0xa2e8d37e,0x3a659c67,0x5804170e,0x0f2b2a26,0x9ed50a34,0x1674fce6,
-        0xfdc3c00f,0xaaa4537e,0x4ce99d93,0xf3c3bfda,0x00000198 } },
-    /* 193 */
-    { { 0x81614189,0xbab1f5cd,0x24b259f7,0xc7d56c45,0x45fb415e,0xc7baa4b2,
-        0x7af6bef9,0x302bc8dc,0x74b48e82,0x91b770e0,0x9b6d1b1f,0x4a1336e0,
-        0xe6680c97,0x285c1357,0xc7ccb625,0x59bcb813,0x0000012d },
-      { 0x7c019927,0xddad83b4,0x630dfd5b,0xe10f2667,0x31e05d23,0x15dbec5a,
-        0x456ac460,0x2aa6e5fa,0x243cac82,0x46956529,0x4dc8c9e9,0xc69c9c7f,
-        0xe24a4065,0xadb27e09,0xae41301b,0xdfa7a34e,0x000001cc } },
-    /* 194 */
-    { { 0x59cb1a7d,0x176a864d,0x6aefb8ee,0x4d864ca3,0x1c22b0d8,0x0ee83acb,
-        0xd980df1d,0x7e80a6eb,0x7f94ced9,0xf582acc4,0x3a72c115,0xa29cd123,
-        0xc7107bb7,0xce12a2a8,0x4ed80a30,0x0229ca56,0x00000150 },
-      { 0x2f1c180b,0x9774bad5,0xd749aa10,0xd08be998,0x56dbd1ba,0x978c48ab,
-        0x0afbea9a,0x6ed3e3e4,0x153dc5fc,0x8a8be97b,0x9be93ed0,0xadc7f095,
-        0x2cee23bd,0x8d242908,0xdc2729de,0x417523c6,0x00000016 } },
-    /* 195 */
-    { { 0x6c14a31e,0x74eeccf1,0xb2de3c2d,0x488e2534,0x7cec43c3,0xf9bb3599,
-        0x916ac936,0x4210459d,0x9f7e4400,0x71d15c02,0x44553583,0x8c9c7c12,
-        0xec94a467,0xcc97548d,0x3167bad9,0x4ca67818,0x0000014e },
-      { 0x8d0312bf,0x033af055,0x54161e66,0xbd1bf4f5,0xfa41781d,0x259945a7,
-        0x00eef1d5,0x33494da8,0x79c3b8d0,0x6c505ec0,0x1c9f6e69,0x70ae1ade,
-        0x76830aaa,0x0288f0c1,0xa62a060c,0x7f4cfe3b,0x0000000c } },
-    /* 196 */
-    { { 0x057d6006,0x0d8b447d,0xfd71c8b0,0x38b976e6,0xabcf40f5,0x5e77e029,
-        0xf103a783,0x13bee386,0x5e472c4b,0x20a6ac20,0x31fcb194,0x43b045f6,
-        0xc00abf49,0xe5dc1d9f,0xa5556b79,0x28c0bc70,0x000001b5 },
-      { 0x8a8640b8,0xba9d07ee,0xd0e34012,0x25611023,0xbe24ae89,0xc7ce655b,
-        0xfa579dcd,0xe358e524,0x377bbfe5,0x57ce2715,0x3c0947e4,0x64651c6c,
-        0xf4a97826,0x5fbd8d50,0xe2e1c15a,0x6fcdd28f,0x0000008d } },
-    /* 197 */
-    { { 0x5c7202c8,0xb564a2f6,0x5a54b0d8,0x7d634052,0x1434fbf5,0x8414d672,
-        0x1d9830a3,0x8114215e,0x5ef0fbe1,0xc7a758d5,0xe6f57f9f,0x5705dcf8,
-        0xd92269d3,0x5dd49a56,0xbdb49f97,0x8f015d7a,0x000000f1 },
-      { 0xb4799ce6,0x07131110,0x2cbcb7db,0x35bbfb99,0xf7ba21e2,0xc1f00c9f,
-        0xb18f49fe,0x009d6913,0xabcf959b,0x8da61951,0x0d42146e,0x0e687213,
-        0xae5f23f1,0x55832817,0x9ae7386b,0xc9b5bb68,0x00000143 } },
-    /* 198 */
-    { { 0x48c74424,0x423328db,0xd19cb2eb,0x32616e11,0x40d6e217,0xe534192a,
-        0x0cbdc752,0xdd83a94c,0xd733bb01,0x5c623050,0x5b7a4520,0xcd0d631a,
-        0x9a4011c8,0xccdc0a25,0x646e7cd5,0x22f112cc,0x000001e6 },
-      { 0x3e1e4c4b,0x47d6e29a,0x9fb1548a,0xd5f82538,0x4fd3e319,0x7e3705b5,
-        0x0a08b966,0x8c4ce59a,0xd8cbe8db,0xbca749e7,0xaeec3d75,0xcc4496ea,
-        0x8a1a313d,0x17dc723a,0x8ceb9360,0x250ff77a,0x000001a5 } },
-    /* 199 */
-    { { 0xfe29bd79,0xa55a0726,0x4f990b34,0x6574a810,0xaad56983,0x6906946d,
-        0x50d41fef,0x0e580ab9,0x6e6f7f45,0xbc75b514,0xf0f3718a,0x508cc97b,
-        0xa5634087,0x51ba2ca4,0xe64d8910,0x75c39077,0x00000172 },
-      { 0xf77ca6bd,0xf37cccaf,0xbdb18df5,0xe0a0df41,0x019e01f7,0x9f46cff8,
-        0xaa65d72b,0xbe4f3d44,0x6e3663e9,0x7822d8ac,0x3ef9db6d,0x5f37f922,
-        0xabe4a9aa,0x7f0ad39d,0xf69cc8ba,0xa0a57c70,0x00000098 } },
-    /* 200 */
-    { { 0x00fd5286,0xd9c50cf4,0x72a4b03c,0x1ea5b9d5,0x051ae73e,0xf5e60f9e,
-        0x951b3824,0xfe9b5142,0x9fb4d667,0xb034b2d0,0xedc50856,0x4b537a80,
-        0x8cb0022e,0x69ee1012,0x6a548aee,0x7c8b9e5c,0x000000ed },
-      { 0xd933619b,0x746007bc,0x2b9dfe19,0x0ce7668e,0xcc6e2a2e,0xa9eed5d3,
-        0x7eebf32f,0x35a14f5f,0x67cc4f64,0x75cb898d,0x7850c16c,0xcb2185fc,
-        0x45f79c96,0x09874a76,0x27db4744,0x7468f8ae,0x00000139 } },
-    /* 201 */
-    { { 0xc88684f6,0xc5de68ad,0x619a7dbf,0x7c1edaab,0xb27a18f5,0x258d1735,
-        0x8ecd89eb,0xb27e7b65,0xd879f7ea,0x3d8889c6,0x67d5befb,0xa8fdc96d,
-        0x37bad73c,0xc84d86ae,0xce8e56d7,0xc7e91976,0x000001a4 },
-      { 0x6319ffa6,0x5001a540,0x134ec04c,0x0cae64ec,0xd541242c,0x1f69a96c,
-        0xbf2caeee,0x9da259ee,0x28bee805,0x88e7978c,0xb8e890e4,0xe9484beb,
-        0xfb227fd9,0x0e5246d0,0x625d6318,0x8be2a54a,0x000001b7 } },
-    /* 202 */
-    { { 0xf472f13a,0xa223554a,0x5733e91c,0xfac993b7,0x96c168a2,0x26afe9f0,
-        0x4b127535,0x7cfe761d,0xe77070ca,0x84301873,0xc7e7cdf6,0x66b6aaad,
-        0xa1562ed4,0xda2dd5ea,0x39faf8d8,0xa81a2e00,0x00000016 },
-      { 0x4e3de3bf,0xa880759c,0x52f3088a,0x0c1e2e11,0xaa7eba5b,0xcb2ded9a,
-        0x9f9c11ca,0x4c65d553,0xb0dc5c19,0x0ab9bd87,0xca3f4b61,0xd32f8c96,
-        0x28cb5f9f,0x49842fcc,0xb90e21df,0x31ae27cc,0x000000f4 } },
-    /* 203 */
-    { { 0x6a0ccd0a,0x3b2a0a0d,0x5993b555,0xa3eeec82,0x9de672a6,0xb13486fd,
-        0x0da05dcf,0x8d9c5148,0x6739874d,0xc4aa444d,0xe29a35c9,0xd9cf35b2,
-        0x89177ead,0xd6bd9b5f,0x2a0470a1,0x9af0f59d,0x000001d6 },
-      { 0xba7535fd,0xb2f844c7,0xa842ff39,0x45bd4c3d,0xe951974b,0x5fe149ed,
-        0xfd4453ec,0x6982e997,0xe6c37c0e,0xa63f705d,0xd2c3ef6a,0x09b0f6a9,
-        0x1776a8d6,0xbedd3586,0xede11b78,0x4048a46a,0x00000176 } },
-    /* 204 */
-    { { 0x51a251d1,0xa47c6ee5,0x0d279dfd,0xbef4bf12,0xec518a28,0x4c2d538c,
-        0x3880be6e,0x1b2b7887,0x1be9b20b,0xc69ccf8e,0x3796a19e,0xe41dfeae,
-        0xfb50bdea,0x25676fc9,0x03e180c0,0x8b815a05,0x0000016a },
-      { 0x53f5ef65,0x2ca085f6,0x77b25105,0x61dfbbf9,0xa3346fe6,0x88ea87e3,
-        0x1b95f7ef,0x25ddfdee,0x5b65eaec,0x22074e69,0x4c2e023b,0x11869a15,
-        0x42e83bb5,0x8601b577,0xfa877e7d,0x1464652c,0x00000015 } },
-    /* 205 */
-    { { 0x57fa58f1,0x250853c8,0x4ca4c670,0xb58a4e68,0x1b81f40d,0x07b96d0a,
-        0x558e8cbd,0xa4651e10,0x42e388cf,0x1a64046e,0x44436088,0x51b0d539,
-        0xe26b8fd0,0xc2bf35b3,0x5702cfce,0x4ae78709,0x000000fd },
-      { 0xdf53d498,0x3c79bc29,0x1137f624,0x4cf31c4e,0x17a3cedf,0x93b6856c,
-        0x6cd9115d,0x2461131c,0x9228cddb,0xab30a453,0x8d202bf1,0xe97757b6,
-        0xe6108612,0xa666de7c,0x4f6026b4,0xc200fe65,0x00000051 } },
-    /* 206 */
-    { { 0xb1a2b4b5,0xea96103c,0x843c0968,0x98dccbfe,0x986ffb5b,0x6a37072d,
-        0x169d3ac2,0x2fa07af2,0x771371f1,0x8bb85b9a,0xe7c299ef,0xeae10d34,
-        0xe2372efc,0x3d4bdc69,0x8dd856f1,0x378df75d,0x00000039 },
-      { 0xde7ff5d9,0x31e902ff,0x325a09ca,0x0e9a85d2,0xf4192fcd,0xd71b93a6,
-        0x15b076b3,0xf52a5737,0x6e711d1c,0xd726aa86,0x2c292819,0x0b61b1df,
-        0xc8015de6,0x224e575c,0x18b79e47,0x68e893e1,0x000001dc } },
-    /* 207 */
-    { { 0x6ffeda73,0xb7924ff9,0xa0da2018,0xe709f406,0xf89584df,0x368e20ea,
-        0x8355a040,0x0095112e,0xfd777d7c,0x259d4528,0x2bf8f2c8,0xb0c49565,
-        0x44c5311b,0x7f631928,0x8466d9d5,0x698d0e4f,0x000000d5 },
-      { 0x015d204d,0xe10d64fa,0x6dd10c53,0x7b626bfa,0xa7698c94,0x087f8e63,
-        0x05337a56,0x525a6547,0xdf5c782f,0x558e2244,0x855fbaff,0x48aa1e41,
-        0x47ee3830,0x48f2218e,0x138463d3,0xf2523959,0x0000004d } },
-    /* 208 */
-    { { 0xd8695310,0x76f4fd69,0x7e8768ea,0xe28eb09f,0xe0d532a8,0x039c1812,
-        0xc572ac79,0xdda67744,0x785d6293,0x1f9800e0,0x3da76bb2,0x2bfe2a5a,
-        0xa2bc7217,0x6ed15b90,0xd1788a8e,0xd80e61bf,0x0000004c },
-      { 0x16730056,0xb9f40370,0xdced3d43,0x46f45fef,0x1aa50742,0x0afd763c,
-        0xff92ae73,0x21e5c652,0x1bb2063f,0x6ef0830d,0x12d22540,0x18306ecc,
-        0x1f15001c,0x4edd9b3a,0xc0cc5424,0xe4eb25b8,0x000001f4 } },
-    /* 209 */
-    { { 0xa1db5c18,0xed61a714,0x7677074c,0x9454e61e,0x7bf685de,0xe970fbe5,
-        0xd2145be5,0x221b0c53,0xee49a5f2,0xb931881b,0x14b11d03,0x00b91afa,
-        0x3ec22137,0xc6aefe49,0x526200af,0x50554e94,0x0000013c },
-      { 0x7364c92e,0xd42c45e7,0x735218e8,0xe0500265,0x84d3f3c5,0xd281da02,
-        0xdbf7646b,0x312f8424,0x485f304f,0xe1a88f2a,0x1127a513,0x583f5631,
-        0x1a60e0bc,0xed7950c7,0x4b7b70a4,0x92855e10,0x000000c6 } },
-    /* 210 */
-    { { 0x644614e7,0x8d06185c,0x4749a424,0x2e906cae,0x2587e528,0x585412ea,
-        0xd12857cd,0x3763990a,0xba5593b5,0x770c7f70,0xdd5d2a46,0xc2cf6dc4,
-        0x3b69a1ba,0x564da456,0x187895da,0x639f7e14,0x000001c8 },
-      { 0xf8589620,0x05c96b02,0x41e44054,0x2fe468a3,0x096ad09c,0xbf22da11,
-        0x9c652aee,0xbc73c298,0x547e1b8f,0xcdef9f8b,0x977dbf73,0x7073785a,
-        0x7e13552d,0x0a92a1aa,0x3a393d3f,0x22761140,0x0000015b } },
-    /* 211 */
-    { { 0x1fbfaf32,0x89a5a7b0,0xbe661d21,0x5c5a62d0,0xf5e3b44d,0x47970f5e,
-        0xf43bbf62,0x3ea001ed,0x260ae5a0,0xa8e74285,0x2697c62c,0xeb899ebd,
-        0x751a7643,0x36a003e6,0xba0725a6,0xef178c51,0x000000ea },
-      { 0x9bd51f28,0xaacf8e9f,0xa8712044,0x39febbdb,0x5bfc8365,0x8780ad3a,
-        0x10e6f08f,0x408a34cd,0x8241ab0e,0x8104ca10,0x98a662a1,0x843e71ce,
-        0x232048d6,0x9dce8514,0x1cf3d187,0x5cba23be,0x000001fa } },
-    /* 212 */
-    { { 0x2973a15c,0x2fe8c9d2,0xd42979f3,0x66fec8dd,0x0b6afb3e,0x39af4a39,
-        0xab65ef22,0x0bb1e436,0x66c5fcdb,0x8f26201e,0x5af4870b,0x3cffe8a3,
-        0x2bb44e24,0x65ae286f,0x51dd1722,0xda2e283a,0x00000114 },
-      { 0xc1e3d708,0x4a9c9a56,0x1cb0efa6,0x4fe62d3f,0x97e87540,0xf0702984,
-        0x3cea46fa,0x138b7d6b,0x83886263,0x0780634e,0x71c30909,0x27e84280,
-        0xe5838647,0xf0af79d7,0xb236a267,0xc1b86582,0x00000104 } },
-    /* 213 */
-    { { 0xa526c894,0x32ff09ed,0x14ac7d23,0x95abf120,0x3cd92934,0xb6f94dcd,
-        0x92e6b556,0xffaaeb12,0x1036c31b,0x193796ea,0x707ff32e,0xa9d237e7,
-        0x829d67b8,0xd65a5b0d,0xdb29248b,0x48edb556,0x000001b3 },
-      { 0xded46575,0x6ee9f9b2,0xffa69acf,0x496ca08a,0xf16d37d1,0xd5aeb3a1,
-        0x789e5d01,0x4a507db1,0xc827cc45,0x05e2ce29,0x2964e677,0x29b6e4a5,
-        0x4c0e46f2,0x0563b0ba,0x4bc46485,0xe75c2448,0x000000a3 } },
-    /* 214 */
-    { { 0xd2f6615d,0x0fcb476f,0xd98da9a9,0x4b7f9b78,0xd2bdf107,0xe2fddf1c,
-        0x9b956f31,0x2bda3086,0xb596eadf,0xf3cca2f7,0x355b2538,0x91c09f8b,
-        0xc6c846db,0x46f3f6f3,0x2a14642e,0x9bb9398e,0x000001ff },
-      { 0xa17bd645,0x5118d4f5,0xdbd6d552,0x57033eab,0x734d0957,0x007e86fc,
-        0x5f53c435,0x98ca065f,0xfd27dd19,0x9949d9bf,0x6952d1ca,0xddc4e304,
-        0x81ac101c,0x84cab4fb,0x4a56b007,0x46d079f9,0x00000003 } },
-    /* 215 */
-    { { 0xa6bfdedd,0x95eb8e4f,0x7a74c6f9,0x993a285e,0x3d09a252,0x8bd5d4d1,
-        0x19a5f767,0xeaa10be6,0x0cebb340,0xd3db083e,0x1dbf7a83,0xc633a78b,
-        0xc30f23e1,0x2664bc3e,0x07a08379,0x6630f8f1,0x000001c9 },
-      { 0xdef86a80,0xbbf4cb4b,0x3f8259ab,0x1fa4ec78,0x609532c8,0xa4bf7604,
-        0x8b909e92,0x71bb7acc,0x17884160,0xca1d7317,0xca1ab928,0x7f7f14be,
-        0x5f8455a5,0xbfea016e,0xbf21e899,0x7b8c76b9,0x0000002d } },
-    /* 216 */
-    { { 0x4b9f8e7d,0x46860563,0x63fc58a8,0x201176b7,0x2feed68a,0xe7a5da7e,
-        0x65183190,0xcc67763e,0xe9377ad6,0x7d7d0102,0x77032321,0xccfc4720,
-        0x534bb505,0x573ee031,0x0f1a2769,0x1bf1ef8c,0x000000f3 },
-      { 0x0c935667,0x635f5c4b,0x060d2b8b,0x74152c39,0x37c3a574,0xeffaac2e,
-        0x0b72e0cd,0xfd5fcc4c,0xf4f60247,0xb743f9b9,0x79e16f33,0x05c2e354,
-        0x3074ef9c,0xa2234c47,0x495aace3,0x4092f279,0x00000124 } },
-    /* 217 */
-    { { 0xb30f9170,0x5bfd7851,0x37fce5b1,0x715aa1e9,0x928437b9,0xcffd55e0,
-        0xc32f1273,0x88acd259,0x48be1e34,0x5a145cf2,0x7a5bc62b,0x3a340860,
-        0x18156f46,0x6296eb15,0x2774e1c3,0x397fad19,0x000001e7 },
-      { 0x9c8225b5,0x362f99f4,0x46b77c4d,0x33efce49,0x8541e91b,0x451df530,
-        0x38f3d693,0x0bd2d934,0xe727b54e,0x0b5de2d6,0x7622d940,0x42d929c2,
-        0x56f6a94b,0x36ace723,0xfccaf205,0x64a18cd5,0x00000044 } },
-    /* 218 */
-    { { 0xaba95d63,0x8dbe0aab,0x7b4b346d,0x92780c61,0x0e0d8142,0x6430f863,
-        0xb56ef04c,0x875be02a,0x785e3633,0xc28feb95,0xc12c93e4,0xd5401795,
-        0xe36f82a3,0x89ff51c1,0x10eeafd6,0x3c48c895,0x0000016b },
-      { 0xd4f064be,0x79287eba,0x54ebda99,0x1a77d555,0x623727ea,0x46745ef2,
-        0x89f366c6,0xa911f591,0xc59d6ebd,0x7e5435cd,0x7524d213,0x3a84daea,
-        0x4395b38d,0xc7b1dd1c,0x1a823c49,0xca13e704,0x0000001c } },
-    /* 219 */
-    { { 0x874d64b0,0x6399860c,0x1653ce0c,0x3375b092,0xeaa11986,0x16700000,
-        0x621cd15d,0x62c67909,0x77d70dcd,0xbe1d7dd6,0x305bd4cd,0xeff0f270,
-        0x362f8f30,0x076ec621,0x7e445b78,0x81204816,0x000001d8 },
-      { 0x161f9758,0x81749a0e,0xa3c4fce2,0xe60915fe,0x911dd8af,0xf537ce41,
-        0x79a51a09,0xfe36a8ac,0x2ca5cf8e,0x67fb54b4,0xe49057f5,0x1bdcae07,
-        0xa4244b64,0xb71ff0c5,0x4b606583,0x4815a536,0x00000106 } },
-    /* 220 */
-    { { 0xef39cc39,0x78c69c3e,0xfa6356d1,0x98304564,0x412fb990,0xbd3c3542,
-        0x79dbb2a5,0xa1d531d3,0xe7e75e3d,0x4865f188,0x0b0147b1,0x2dac4e22,
-        0x33d29ab0,0xf59e51ca,0x37b074ef,0xc964f7fe,0x000000f1 },
-      { 0x0e301262,0x7080c0a6,0x5390a22d,0x9a458060,0xcc8a9029,0xda677f9a,
-        0x14c0f1c2,0xdfae9057,0x6e66d9f7,0x3665ff16,0x47846924,0xc866dd8c,
-        0xc4cc307c,0xc5afe98f,0xe0bf50e4,0x60e3ba63,0x00000039 } },
-    /* 221 */
-    { { 0x959ecdb3,0x1a785136,0xf9e959be,0x289af617,0xcde0dc88,0x5145b2b8,
-        0x7c079e15,0xfe9070b0,0x50e22415,0xf77f04d3,0x358d6d42,0xb3ab7372,
-        0xba7b629a,0x14fd41b9,0x7400fd25,0x7b32d80e,0x00000193 },
-      { 0x7147886f,0xe5d80d4d,0x576c81ca,0xe08ced61,0x642717bb,0xe14e8692,
-        0xabb4bd21,0x9dcdf198,0x6530308b,0x658be646,0xd99d19c7,0xfbf192da,
-        0x304ab126,0x55a3d1b3,0xfa24de31,0x943f4be5,0x0000000e } },
-    /* 222 */
-    { { 0x7fe9ea48,0xc5424058,0x61b57486,0xaf24f825,0x78719740,0x9d2c413c,
-        0x70eb874d,0x27a9be79,0xb62ba3aa,0x43fef8e0,0x2c1bf0ac,0x0a23f286,
-        0x4af130e1,0x51c276f3,0xae55cebf,0xf6cd1e9a,0x00000185 },
-      { 0x40369093,0x24defa7f,0x58581e0a,0x11f1d9d6,0xe512ed9e,0x9900bf33,
-        0xed120896,0xbf8a8459,0x8b73c399,0x8324555e,0x8f6f54fe,0x54a30569,
-        0x3c252355,0x2a9d6da5,0x2a093b31,0xe6a6f904,0x0000016a } },
-    /* 223 */
-    { { 0x152cdd35,0xb2e123c9,0x86402ef1,0xae6e43a8,0xb9ce5bd5,0x892bf0df,
-        0x75804914,0xb4acb84a,0xf502eec2,0x8c7f55ff,0xaa33ef4e,0x9c8a7b93,
-        0xfd9d2001,0x06b10357,0x0ba3bceb,0x3e319ff0,0x00000027 },
-      { 0xabe360a3,0x182c2f77,0xadfefca6,0x57ef5c84,0x650b6fcc,0x9a4f0ca6,
-        0xaaf0b202,0x3f4f8e56,0xa24ef156,0x5c8508a0,0x1ea45f13,0xd8f62fd9,
-        0x28036dbe,0xf2c923a0,0x1a4d103b,0x4a9ca4c0,0x0000018a } },
-    /* 224 */
-    { { 0x5448e339,0x2a3fb798,0x18a39976,0xde8770cf,0x7a69170c,0x1160574d,
-        0x2b6067ac,0x4bb05c59,0x848138ab,0xde0d2db0,0x4909e794,0x149dab92,
-        0x790315f7,0x83a336b6,0xa335a258,0xcd9074d9,0x0000013c },
-      { 0xac1b784d,0xe839c5e0,0xee527ae1,0xab65c8c6,0xa1c88ec0,0xd3c86146,
-        0x46c1bf58,0x2201f790,0x3fda502a,0x71cec627,0x225b9065,0xff3f88eb,
-        0xc556dfcd,0x6c1f0c98,0x484fa5cc,0xaa3222aa,0x000000ac } },
-    /* 225 */
-    { { 0xc9b4dfd6,0x17e74bc3,0xf8e76293,0x25ba8053,0x9d8c3520,0x0307dc05,
-        0xb85a20b4,0x1c9036cc,0x23871359,0xf2c63f0a,0xca95fb4e,0x1a99d9d8,
-        0x9850c6c6,0x3d7c4f39,0x68299668,0x162969c9,0x00000169 },
-      { 0xcb63ee53,0x7d13c267,0x75eac353,0x67b12e61,0x191abfca,0xb3369a11,
-        0xee1af69f,0x5ad0649d,0x11dc11e7,0x4d7a6f00,0xdb9f9765,0x80f030b8,
-        0xf0ab1332,0xa20001a3,0x39d8cc62,0xe17c98d2,0x00000194 } },
-    /* 226 */
-    { { 0x1d8fe898,0x720d80b4,0x32184534,0x8d7a28b7,0x04f21740,0xf1f3c385,
-        0x166aa6af,0x5d381cd5,0xcc560e35,0x9cde6084,0x5e61e2cd,0xcb041f0a,
-        0xd9b4951a,0x621116f5,0x7ee2ac2c,0x509e16d3,0x000000c4 },
-      { 0x2c6fd79e,0xb82a20c4,0x3af78b0e,0x95b7ee4e,0xbad819ca,0x3d9b63c1,
-        0x98552569,0x10d674de,0xf9c19d0f,0x17de64b2,0x47c5e6a9,0xa03fabaf,
-        0x2ce2db6f,0x858bc4ad,0x1fc9d18e,0x76c2380a,0x000000c9 } },
-    /* 227 */
-    { { 0xb064f114,0x91171ef8,0x4f2f0f4c,0x83cb1565,0x57b262b7,0x30525854,
-        0x0f34936c,0x468c6701,0x99a41fed,0xef26d2fe,0xa7f7f6a9,0xf6da2267,
-        0xa01bfc1b,0x2563b8db,0xc340ed40,0x14b36c85,0x0000000e },
-      { 0x25db67e6,0x5e57e264,0x7f2e905f,0x85df4e89,0x026c4268,0x7832e514,
-        0x3e875093,0x312be262,0x3c538691,0x856b5bd8,0x95734f9d,0x5b1cae55,
-        0xd5aa4861,0x5a07bfe2,0xce8abb58,0x7a4c96f0,0x000001d0 } },
-    /* 228 */
-    { { 0x523aa2e9,0x7bf54d05,0xed3d0860,0xc8841e0c,0x7f9bfb69,0x5683f6e2,
-        0x162bdf85,0xdcb07f44,0x07b0dcc9,0x62d17839,0x657a536e,0xa2cbb8ab,
-        0x7cf47d3c,0x98b9a0d2,0x5eea6370,0xff154d68,0x000001f2 },
-      { 0x56b232ac,0x568b768a,0x3f2a52ab,0x4e8d6e36,0x8837fc60,0xbae87a16,
-        0xd10a7691,0xebc58a83,0xf9455fbe,0xad5e4af0,0x7d654e2e,0x1a20d6c3,
-        0xda7c8255,0x8c40fcb9,0x60d9b931,0x6d7b3cd7,0x000000b2 } },
-    /* 229 */
-    { { 0xbb2eaf45,0x7b090c3e,0x62ffb92f,0xed24d91c,0xa736f23d,0xbf2a3ea4,
-        0x6ff0fde3,0xb5b99ebd,0xca1102f5,0xbca2b55d,0x07e032a8,0xf6203cd8,
-        0xa8bf17a8,0x5410b448,0xe1dc55b1,0xb86660a7,0x00000109 },
-      { 0x02a2fbd8,0xb148b1da,0x3b22e8a5,0xfed85e8b,0x8712b509,0x1378a0e4,
-        0xc6a3e516,0x68560148,0x1633b503,0x7100921c,0x25512711,0x93925143,
-        0x07d31047,0x7b4931d2,0x8542e0bb,0x623e722b,0x000000ea } },
-    /* 230 */
-    { { 0x24972688,0x084823d3,0x003f5762,0x58b83c12,0x6d0d4528,0x194d6690,
-        0x2c6f747e,0x84219584,0x0146d89a,0xc8f8a2e9,0x7451bbc2,0x29ec1de7,
-        0xf7f284fa,0xf622b6b8,0x7b71e44f,0x83f1dbe9,0x00000060 },
-      { 0x999dd56b,0x99649333,0x97a47de9,0x2cfac0ba,0xbbe8fb20,0x6660d8ae,
-        0xf61d7bca,0x47c29dd8,0x85adc14d,0x6f5fb51d,0x4f9fd41c,0xe65ac788,
-        0xff513e6c,0x1ce69dd4,0xffe59d3e,0x1ace591e,0x00000023 } },
-    /* 231 */
-    { { 0xa9fda771,0x2e67a438,0x8663100e,0x626f652c,0xe133f23b,0xdfb19e48,
-        0x035d2d1f,0x599f88f2,0x8d13e878,0x1723a112,0xfb51ce07,0x890aa292,
-        0xbbd9ba82,0xe5f3a70e,0x374514b4,0xdde82673,0x00000155 },
-      { 0xd6f59a95,0x08b2b77e,0x02020420,0x93f853e3,0xebac7797,0x52252ac1,
-        0xb56b6676,0x6ecdcb99,0x9722a500,0x4abdb9f9,0x04e2bad0,0x26210f3f,
-        0x3034dd4d,0x0ca5a0ff,0xdac0b80d,0x333d8080,0x00000041 } },
-    /* 232 */
-    { { 0x35a85a06,0xe8510709,0x42ef1b44,0x4e166e76,0xa07b3a6d,0x84a90b71,
-        0x30329e6a,0xd6dd6c00,0x3d555259,0x20c4ba65,0x6f8ad05e,0xee3b26af,
-        0x2ab4cccd,0x20e3d541,0xa9406424,0x79798934,0x000001bd },
-      { 0x8e0c7ff0,0xf2a1d184,0x9543b340,0xbae85efc,0xf51d318b,0xe96431ae,
-        0x75878fa6,0xe5d3ed4e,0xc2895f52,0x4d2a29db,0x1f11067c,0x3af27877,
-        0x9e7f4ee5,0x6ccde964,0xa56d74da,0x35188da1,0x00000192 } },
-    /* 233 */
-    { { 0x03d310ed,0xb0832120,0x987b0311,0xd20ee8cc,0x84c558a8,0x9e549d26,
-        0xb7167ec8,0x5e25f3ce,0x4bf55bb5,0xacf114f4,0x061c9017,0x819edc77,
-        0xdeb343c0,0x759a44e6,0x04c9b5ed,0x58df9f7e,0x00000078 },
-      { 0x3bf13222,0x4fa47ebb,0xea07da11,0x1e451dcd,0xc0d8242f,0x1be9fac3,
-        0x36eb871e,0x93257d4d,0xbea3190d,0xf49e775a,0x4ebe2b33,0x406d191f,
-        0x0c110096,0x67aac53c,0xd381ac78,0x5215cf8b,0x000001f4 } },
-    /* 234 */
-    { { 0xfa493b79,0x387e8a8e,0x4eb1c2ac,0xb20e270b,0x9ff22320,0x9f393fa0,
-        0xa91c393d,0x5ee1baae,0x138a8d96,0xdeda961a,0x97bd50e4,0x69ab238c,
-        0x2363c8e0,0xff68d48a,0xce4c4c16,0xaf8e00e5,0x00000158 },
-      { 0xcfc509a1,0x6ccdcf06,0xc26cc075,0x60f411ef,0x4d9c57f0,0x6d0cdfd6,
-        0x32e99cac,0xa9514853,0x8b8e9510,0x58f9ab3d,0xb10dc3fd,0xa7e98709,
-        0x75ef3509,0x8390843d,0x5a9312c7,0x28ccc9d0,0x000001b6 } },
-    /* 235 */
-    { { 0xe341463f,0x1d934f00,0x150da7a0,0x14c8a6ce,0x4109553f,0xdb4860fc,
-        0xa93f4a91,0xc23bde5a,0x2cd58067,0x9f47c787,0x8433dc80,0x1d330054,
-        0x75a32a7d,0x0c0be7f9,0x88c75da9,0x08b777d5,0x0000012e },
-      { 0x61a10d37,0xdfc12817,0x5c50f5a5,0xed7b6181,0x79477c60,0x28af95db,
-        0x33c5310b,0xa0aa2b77,0x53118267,0x905faab8,0x6b41959f,0xf40e9816,
-        0x16b37784,0x9ccb4252,0x69866acc,0x6835d77c,0x000000c5 } },
-    /* 236 */
-    { { 0x2b450a66,0xe9d714cb,0x7dbfdc14,0x1318885c,0xb466a0c0,0x655a8d85,
-        0x5bdfc1a6,0x02a21e99,0xe67792d1,0x7a0d7c98,0xb550a797,0x2a01bb57,
-        0x5d74d337,0x42c46233,0x88dad495,0x7be4e1c0,0x0000008b },
-      { 0x95812273,0x1873b03f,0xee3f757f,0x2e26ed32,0x6da6217a,0x2c710eae,
-        0x261d9f4f,0x9b50b574,0xb7c1da2d,0x43971fa9,0xc4a85de7,0x22c4fb87,
-        0xec22137b,0xf72c3451,0x77ba1926,0x1345668c,0x00000173 } },
-    /* 237 */
-    { { 0x8a3ba183,0x3e3e8c7a,0xfe389fa7,0x4e8cebbb,0x0f9ba60f,0x8ea44687,
-        0xcb601a83,0x55176e35,0x12e52db4,0xf90bdc26,0x8f712bf1,0x95f9e459,
-        0xbea054cd,0x9bd3200f,0xdd5fd40b,0x2cf19bf6,0x0000017a },
-      { 0x66736feb,0x71cf6ca2,0xde7cfe2f,0xbde86f49,0xfc290563,0xc60abce8,
-        0x726b6e4f,0xaae8a3ce,0x3f29235b,0xd2382445,0x650ffa5e,0xa4b557f5,
-        0x113ef744,0xa1453e54,0x3e426dd2,0x7c676a53,0x000001b0 } },
-    /* 238 */
-    { { 0x35d96872,0xf5e603f2,0x3fa5b8ca,0xab1a23cc,0xe988dc5f,0x5459871b,
-        0xd430c0bd,0xe32e8489,0x764d9cc3,0x7ec269e0,0xf2c0c40d,0xf7238212,
-        0x887b83b4,0x2d946183,0x2f18a411,0x281fa671,0x00000010 },
-      { 0x64858b37,0x8028048f,0x357de5d9,0xe0e149af,0x619ebb18,0xb2218791,
-        0x9f2b0ba0,0x210200b3,0x1039cbae,0x5a87eae6,0x39579d1d,0x4efdcddb,
-        0x2788515e,0x1b388eaa,0xc81878aa,0x1a552c3c,0x0000002c } },
-    /* 239 */
-    { { 0x0ea723dc,0x7ac7f500,0x42b15231,0x0a5f04f4,0xbe885c86,0x63d49445,
-        0xff119702,0x61f9993f,0xc4c58cea,0xc3fba45c,0xb9cd6036,0xe6d151e6,
-        0x57b923bb,0x75a3ab15,0xceb2fd46,0x4ec07c52,0x00000147 },
-      { 0xed88239d,0xc46a3d32,0x835ae694,0x0d1b8ae6,0x9feeb2e7,0xf4fde325,
-        0x43bc0bb5,0x223bf71c,0x8f62a705,0x3cd220b7,0x9fe799a5,0x2224860e,
-        0x24ab7f93,0xd8558703,0xb594958b,0x8e0f7330,0x0000010f } },
-    /* 240 */
-    { { 0x3c67d520,0xaf35c7bb,0x23fca9ec,0xd8f4958b,0x8bbaa808,0x0778f194,
-        0x2135e8ae,0x418c30ce,0xc888eff7,0xcdd8d9a9,0xf73144ab,0x72075df0,
-        0x4506a534,0xb549c895,0x5fbb7fc5,0x4ef38979,0x0000011c },
-      { 0x43f5e698,0x3fe2c9ac,0xe38a5e3a,0xce77fcbc,0x3089c2e1,0x6d05c90e,
-        0xac1d5801,0x5a74f3ff,0x381b9d2a,0xaeeda220,0xf5f3960b,0xd958b143,
-        0x0db7abbe,0x65ffd051,0x7a05b718,0x8e97e680,0x000000ce } },
-    /* 241 */
-    { { 0x8ce86a83,0x2251e61b,0xbf7e7160,0x8604159f,0x48f03377,0xfc127dd7,
-        0x45052242,0x87cb2c37,0x934ea09b,0xbd4950f4,0xc4679441,0x5146c403,
-        0x23ba416a,0xe8ad4710,0xaf638eb1,0x89b81a60,0x000001b3 },
-      { 0xe8150c69,0xe699934e,0xe27c14bc,0x74f75908,0x6a0194ff,0x5dc0a891,
-        0x1bd51b76,0x38f49d32,0x18779630,0x6bc3305e,0xfd3b4a68,0xfe2f3fbf,
-        0xd7caf189,0x1409b377,0x9b8f109b,0x029ea13b,0x000001b3 } },
-    /* 242 */
-    { { 0x25a2fd88,0xef7938d2,0xceba0603,0x890f2f7c,0xd7a6dff4,0x4c3e1c80,
-        0x2883f986,0x00c78f36,0x998e5305,0xed92b592,0x325ddc73,0x018a8f1b,
-        0xd5d3708a,0x6dffd987,0x0d1f28bb,0xdcd3554f,0x00000059 },
-      { 0x23a74e7d,0x17c6e41d,0x5db32df6,0x94b61ebe,0x9e7ffa0b,0x3c2fffa7,
-        0x2ebb7a0d,0x473662b7,0x01adf9c3,0xa86415ee,0x54679264,0x1502c326,
-        0x2fa09c57,0x16911349,0x24749086,0x897f34aa,0x00000195 } },
-    /* 243 */
-    { { 0xabadc253,0x4845d359,0xc797c95e,0xe054b92c,0x9a218212,0x22a9b5bd,
-        0xa52b8827,0x9bb80a5e,0x2e61c676,0xea38e78e,0x08b0f8b3,0xfb274b1a,
-        0xdb9d854c,0xb6aa42e3,0x56012d73,0x8ba22523,0x00000163 },
-      { 0x75c8c576,0x7cec0e6f,0xe4bc7dd2,0xabb20e7c,0x69d80726,0x0958a0c8,
-        0x8a023eb7,0xa908c66a,0x76110b15,0xca9f50ea,0x186f61a6,0x668c9994,
-        0x2a0a69d8,0x9ddf22ed,0xbbf8a10f,0xbfee1897,0x000001e0 } },
-    /* 244 */
-    { { 0x48319e4f,0x26d86818,0x5a586fa0,0x6be6f6b5,0x26713265,0xbef5d886,
-        0x98529cfa,0xac252ac5,0x62b29cfb,0xe7cc45f1,0xa2a6358d,0xee050609,
-        0x2940ac70,0xf7cb9ca4,0xa885b1f0,0xfb44aaec,0x000001ad },
-      { 0xe798678e,0x66b7a936,0x99540438,0xca01e103,0x816860b7,0xf2491e37,
-        0xb745d857,0xeeffd483,0xa4705ed6,0x5dbb3628,0xb2a5d0f7,0x57d68d49,
-        0x2389fee3,0xd1a8529a,0x1a7fd686,0xdbbc2549,0x000001ad } },
-    /* 245 */
-    { { 0x969686a3,0xe10cba20,0xe3c053f5,0x308b1c55,0x26f47102,0x1712b134,
-        0x49033038,0x1f9165b1,0x2d01527b,0x45b72017,0xaa9a34e2,0x6fcf6647,
-        0xb0be35c8,0x51f54b94,0x5a15e382,0xfccb22a5,0x000000e3 },
-      { 0x5b4dc0be,0xaa71e4ec,0xdb1cd5c4,0xbb136248,0x046e1007,0xf36bff43,
-        0xda9c99a3,0x5a6806d7,0x8349bc50,0x9cbfc6ee,0xe13e0850,0x26871e73,
-        0x67f448c1,0x5e6aa227,0x2da7baf9,0xba77787c,0x000001b9 } },
-    /* 246 */
-    { { 0xc5a73375,0x1abe58ee,0x7a8ac438,0x175df69d,0xceca835a,0x2cf3150a,
-        0xf507d30f,0xb87b0609,0xc60b0424,0x9ae53a2b,0x410f90ec,0x4931e182,
-        0xadd689bb,0x452c7d0f,0x47631a8e,0xab453491,0x00000013 },
-      { 0x8c84f3af,0xaf2dd856,0x1baae33e,0x829dc092,0x8b96b070,0x46542a85,
-        0xe8a82516,0x42260d40,0x5c35322b,0xb9e5edac,0x39eda0d2,0xbca79560,
-        0xb962b90a,0x86bd07c6,0xb1ec5302,0x2e22dac7,0x0000010a } },
-    /* 247 */
-    { { 0x239d8f0a,0x665fc09d,0xab8a1021,0x92b2e03c,0x0173477b,0xe4369768,
-        0x8e361604,0xab38ed9f,0x9eb061be,0x79b0091d,0x3e845670,0xcd422654,
-        0x2fe1a2e0,0xa0f77ec7,0x760a030f,0x1d242162,0x00000093 },
-      { 0xf8646bc3,0xfa9f834c,0x40ae96f9,0x7df94a52,0x379177d1,0x901c3890,
-        0xffeb66cd,0x9dfd0644,0x77b92465,0x81aec2ec,0xcd981d4f,0x2df3b7f2,
-        0xf377b093,0xc9bc3f69,0xdd859d8b,0xdaef34f3,0x00000125 } },
-    /* 248 */
-    { { 0xa2c123bc,0xac08451b,0x0818fa54,0xd1e83a68,0x98957b8a,0x56dd5702,
-        0xf0f12f16,0xcc7f2e34,0x0a9fa14d,0x1f6a9c33,0xb2fe782c,0xefc9a2bb,
-        0x709f54dd,0xd319c697,0xd6460a53,0x0b8238cb,0x000001dc },
-      { 0x44dfb6f6,0xf6492901,0x6e401d26,0x270d7cb4,0x48537ad8,0x1a70a40e,
-        0x70d8dbd9,0x84d661b5,0xf170d58b,0xca27223a,0x6344e1d2,0xeeb4cf14,
-        0xab9de1fa,0x2255fc95,0xdbdc5ea7,0xcd6e110a,0x000001f8 } },
-    /* 249 */
-    { { 0x78b8a0a7,0x2a57c6b9,0xe833edea,0x24b4aeb6,0x4bd13fe7,0x9e4617c1,
-        0xfc2e8ee4,0xc4186888,0xfb147eef,0x8d398a49,0x2e662cfb,0xe9f191f1,
-        0x958ba2ec,0x61872289,0x00b8d50d,0xbd6d0f1b,0x0000002d },
-      { 0x24c93cc9,0x895cfdfe,0xb9e718e7,0x29ed7780,0x38baf7eb,0x01c8ba58,
-        0x4ddcbf69,0x0225387e,0xa180d6bb,0x64b250bf,0xc947c7c2,0x6d68e548,
-        0x9923f3cd,0x82a7b632,0x2d103cd2,0xb8f03613,0x0000000f } },
-    /* 250 */
-    { { 0x8cd9d494,0x8198b3f0,0x94f4f9f3,0x9b2065b9,0x3c738fa9,0x7664a220,
-        0xd8d229cb,0x199f4c14,0xc51c54b3,0xddad75c4,0xd213a332,0x9a32ce0b,
-        0x888c7b2f,0xf3a21085,0x5b1ff20a,0x6defa362,0x000000d1 },
-      { 0x19a296eb,0x44e00548,0xd1a91313,0x1d94ff15,0xfeaa454f,0xd7dead2b,
-        0x4d40bd7f,0xae65a803,0x1801a4af,0x604f147e,0xa5e0de77,0x983048f9,
-        0xff572ca0,0xa3b19ca5,0x1821d117,0xa237dba7,0x000000e0 } },
-    /* 251 */
-    { { 0x91630ee8,0xedbabf84,0x05eb5301,0xde6589c2,0xa051f47b,0x9f7d2b2d,
-        0x212bbe81,0xaeaa9f96,0x94292124,0xdced3d5e,0xf4435e5b,0x691f5b89,
-        0x9411f66f,0x19604c33,0x4356f0da,0xb7fc09ca,0x000000e6 },
-      { 0xf74f811c,0x1294e413,0xdf8d8ddb,0x1a42d831,0x963418c9,0x27f57217,
-        0x88ebcdec,0x5fde5218,0xea305bc9,0xfdd5e06e,0xac668b61,0xed1e6088,
-        0xeb811861,0x333af016,0x15ddcebc,0x5ecb192d,0x000001c9 } },
-    /* 252 */
-    { { 0xe0bde442,0x927b37a3,0x66f7a73e,0xe0543fe8,0x8ed10c2e,0xd30d9d20,
-        0xa6617a32,0xaf79c341,0xd1d5cf8b,0xe7367870,0xe3abcf8b,0x02d0dce9,
-        0x772b5e7b,0xfe23d2dd,0x1ffc70c5,0x29fceea0,0x0000010b },
-      { 0x62d803ff,0x31bcae4d,0xdbc306a9,0x93ee913f,0xd8c10662,0xaf1de7ab,
-        0xe7a6d658,0xd485782a,0x102f4e06,0x9126592e,0x136fafe6,0x91a3127f,
-        0x88371213,0x46b93440,0xa31e1634,0x53bb4380,0x000000ba } },
-    /* 253 */
-    { { 0xca5636b0,0x62e517fc,0x6aba15c7,0x4296e021,0x212e7b2d,0x5aa8fd7c,
-        0x5717ad84,0x9517ce6d,0x98b2f357,0xe762b85b,0xdf59b07c,0x42f996b5,
-        0xf37ef6f0,0xf3732abb,0x4542b489,0xa5d145ea,0x0000015d },
-      { 0xaa7f6e3f,0x1e77c55e,0xaa4a05bc,0x3f4d99a7,0x45828227,0xa56d7d77,
-        0x77b748fb,0xdb0895fb,0x0629f5d1,0x1c484cce,0x359803fb,0xf5b1c90a,
-        0x1720b8d0,0x43ac4f29,0x72ac13f2,0x8c10bfe8,0x000000e9 } },
-    /* 254 */
-    { { 0xc06c4fd6,0x9d1c4785,0xd25c2b9d,0xbf4b9025,0xd4982f24,0x04135eb1,
-        0xba4fef2b,0x3ab3edc2,0x98de07ab,0x55a5239f,0x096f4b7d,0xd5fc49ab,
-        0x3844c815,0xc50a2960,0x15676b2b,0xdb1148d0,0x00000047 },
-      { 0x10f3bad9,0xc49f9cc5,0x022901d4,0x490888fc,0xc47b44df,0x917a55eb,
-        0xf39f2b68,0x20b2ebc6,0x04e9962a,0x0c58e3af,0x573dd5b7,0x52ab7c1b,
-        0xa329f76c,0x2b54add6,0x82f4ca3b,0x59dad1eb,0x00000108 } },
-    /* 255 */
-    { { 0xa182d1ad,0x662c4128,0x20916c45,0x7751796e,0xba681647,0xa7704272,
-        0xb92c85c1,0xfac8b0fa,0xaefb2e07,0x207ab2df,0x7861b32d,0xc73530a0,
-        0x88aed145,0x63dbed65,0x0a53a49d,0x547bcdca,0x000000bd },
-      { 0x87056b51,0xa7c1382f,0x130f9912,0xc3d91edb,0xd3805b42,0xf7c7de46,
-        0xfd31a995,0x456101eb,0xcd3fb8aa,0x1efd22b4,0x9eb17bce,0xfe391df7,
-        0x616c0c32,0xb4d4c0c6,0x711beef4,0x19f023be,0x00000112 } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_17(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, km);
-
-            err = sp_521_ecc_mulmod_base_17(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 17 + 17 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17 + 17 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 17;
-
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_17(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_17(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_17(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adds	r1, r1, #1\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1, r2, r3, r4}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldm	%[a], {r1}\n\t"
-        "adcs	r1, r1, #0\n\t"
-        "stm	%[a]!, {r1}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r4"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 17, buf, (int)sizeof(buf));
-            if (sp_521_cmp_17(k, p521_order2) <= 0) {
-                sp_521_add_one_17(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 17);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_17(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_17(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_17(point->x) || sp_521_iszero_17(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-    sp_digit k[17];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_17(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_17(ctx->point->x) ||
-                    sp_521_iszero_17(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_17(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_17(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    a[j++] = r[16] >> 8;
-    a[j++] = r[16] >> 0;
-    for (i = 15; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, priv);
-        sp_521_point_from_ecc_point_17(point, pub);
-            err = sp_521_ecc_mulmod_17(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_17(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-    };
-    sp_digit k[17];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 17, priv);
-            sp_521_point_from_ecc_point_17(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_17(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register byte n asm ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "rsb	r12, %[n], #32\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldm	r1, {r4, r5}\n\t"
-#else
-        "ldrd	r4, r5, [%[a]]\n\t"
-#endif
-        "lsr	r4, r4, %[n]\n\t"
-        "lsl	r3, r5, r12\n\t"
-        "lsr	r5, r5, %[n]\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "str	r4, [%[a]]\n\t"
-        "lsl	r3, r6, r12\n\t"
-        "lsr	r6, r6, %[n]\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "lsl	r3, r4, r12\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "lsl	r3, r5, r12\n\t"
-        "lsr	r5, r5, %[n]\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r6, [%[a], #20]\n\t"
-        "str	r4, [%[a], #12]\n\t"
-        "lsl	r3, r6, r12\n\t"
-        "lsr	r6, r6, %[n]\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r5, [%[a], #16]\n\t"
-        "lsl	r3, r4, r12\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r6, [%[a], #20]\n\t"
-        "lsl	r3, r5, r12\n\t"
-        "lsr	r5, r5, %[n]\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r6, [%[a], #32]\n\t"
-        "str	r4, [%[a], #24]\n\t"
-        "lsl	r3, r6, r12\n\t"
-        "lsr	r6, r6, %[n]\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r5, [%[a], #28]\n\t"
-        "lsl	r3, r4, r12\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r6, [%[a], #32]\n\t"
-        "lsl	r3, r5, r12\n\t"
-        "lsr	r5, r5, %[n]\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r6, [%[a], #44]\n\t"
-        "str	r4, [%[a], #36]\n\t"
-        "lsl	r3, r6, r12\n\t"
-        "lsr	r6, r6, %[n]\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r5, [%[a], #40]\n\t"
-        "lsl	r3, r4, r12\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r6, [%[a], #44]\n\t"
-        "lsl	r3, r5, r12\n\t"
-        "lsr	r5, r5, %[n]\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r6, [%[a], #56]\n\t"
-        "str	r4, [%[a], #48]\n\t"
-        "lsl	r3, r6, r12\n\t"
-        "lsr	r6, r6, %[n]\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r5, [%[a], #52]\n\t"
-        "lsl	r3, r4, r12\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r5, [%[a], #64]\n\t"
-        "str	r6, [%[a], #56]\n\t"
-        "lsl	r3, r5, r12\n\t"
-        "lsr	r5, r5, %[n]\n\t"
-        "orr	r4, r4, r3\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "str	r4, [%[r], #60]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#else
-        "strd	r4, r5, [%[r], #60]\n\t"
-#endif
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r12"
-    );
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register byte n asm ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "rsb	r12, %[n], #31\n\t"
-        "ldr	r5, [%[a], #64]\n\t"
-        "lsr	r6, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r6, r6, r12\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r6, [%[r], #68]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r6, [%[r], #56]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r6, [%[r], #44]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r6, [%[r], #32]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r6, [%[r], #20]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "str	r6, [%[r], #8]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r12"
-    );
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register byte n asm ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "rsb	r12, %[n], #31\n\t"
-        "ldr	r5, [%[a], #132]\n\t"
-        "lsr	r6, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r6, r6, r12\n\t"
-        "ldr	r4, [%[a], #128]\n\t"
-        "str	r6, [%[r], #136]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #124]\n\t"
-        "str	r5, [%[r], #132]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #120]\n\t"
-        "str	r4, [%[r], #128]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #116]\n\t"
-        "str	r6, [%[r], #124]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #112]\n\t"
-        "str	r5, [%[r], #120]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #108]\n\t"
-        "str	r4, [%[r], #116]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "str	r6, [%[r], #112]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #100]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #96]\n\t"
-        "str	r4, [%[r], #104]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #92]\n\t"
-        "str	r6, [%[r], #100]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #88]\n\t"
-        "str	r5, [%[r], #96]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "str	r6, [%[r], #88]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #76]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #72]\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #68]\n\t"
-        "str	r6, [%[r], #76]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #64]\n\t"
-        "str	r5, [%[r], #72]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r6, [%[r], #64]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r6, [%[r], #52]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r6, [%[r], #40]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r6, [%[r], #28]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r6, [%[r], #16]\n\t"
-        "lsr	r3, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r5, r5, r3\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "lsr	r3, r6, #1\n\t"
-        "lsl	r6, r6, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r4, r4, r3\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r3, r5, #1\n\t"
-        "lsl	r5, r5, %[n]\n\t"
-        "lsr	r3, r3, r12\n\t"
-        "orr	r6, r6, r3\n\t"
-        "str	r5, [%[r]]\n\t"
-        "str	r6, [%[r], #4]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x40\n\t"
-        "\n"
-    "L_sp_521_sub_in_pkace_17_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_521_sub_in_pkace_17_word_%=\n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2}\n\t"
-        "ldm	%[b]!, {r6}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "stm	%[a]!, {r2}\n\t"
-        "sbc	%[a], %[a], %[a]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2}\n\t"
-        "ldm	%[b]!, {r6}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "stm	%[a]!, {r2}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_521_mul_d_17_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0x44\n\t"
-        "blt	L_sp_521_mul_d_17_word_%=\n\t"
-        "str	r3, [%[r], #68]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "str	r5, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_521_word_17(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_521_word_17(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_521_word_17_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_521_word_17_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<17; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-    r[16] = a[16] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[35];
-    sp_digit t2[18];
-    sp_digit sd[18];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-    div = (d[16] << 23) | (d[15] >> 9);
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 17);
-    r1 = sp_521_cmp_17(&t1[17], d) >= 0;
-    sp_521_cond_sub_17(&t1[17], &t1[17], d, (sp_digit)0 - r1);
-    sp_521_lshift_17(sd, d, 23);
-    sp_521_lshift_34(t1, t1, 23);
-
-    for (i = 16; i >= 0; i--) {
-        sp_digit hi = t1[17 + i] - (t1[17 + i] == div);
-        r1 = div_521_word_17(hi, t1[17 + i - 1], div);
-
-        sp_521_mul_d_17(t2, sd, r1);
-        t1[17 + i] += sp_521_sub_in_place_17(&t1[i], t2);
-        t1[17 + i] -= t2[17];
-        sp_521_mask_17(t2, sd, t1[17 + i]);
-        t1[17 + i] += sp_521_add_17(&t1[i], &t1[i], t2);
-        sp_521_mask_17(t2, sd, t1[17 + i]);
-        t1[17 + i] += sp_521_add_17(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_521_cmp_17(t1, sd) >= 0;
-    sp_521_cond_sub_17(r, t1, sd, (sp_digit)0 - r1);
-    sp_521_rshift_17(r, r, 23);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_521_div_17(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_17(r, a, b);
-    sp_521_mont_reduce_order_17(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word32 p521_order_minus_2[17] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word32 p521_order_low[9] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_17(r, a);
-    sp_521_mont_reduce_order_17(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_17(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_17(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_17_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_17_ctx;
-static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_17_ctx* ctx = (sp_521_mont_inv_order_17_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 17);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_17(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 17U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 17);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_17(t, t);
-        if ((p521_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 17U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 17;
-    sp_digit* t3 = td + 4 * 17;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_17(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_17(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_17(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_17(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_17(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_17(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_17(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_17(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_17(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_17(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_17(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_17(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_17(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_17(t2, t2);
-        if ((p521_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_17(t2, t2);
-    sp_521_mont_mul_order_17(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_17(k, k, p521_norm_order);
-    err = sp_521_mod_17(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_17(k);
-
-        /* kInv = 1/k mod order */
-            sp_521_mont_inv_order_17(kInv, k, tmp);
-        sp_521_norm_17(kInv);
-
-        /* s = r * x + e */
-            sp_521_mul_17(x, x, r);
-        err = sp_521_mod_17(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_17(x);
-        carry = sp_521_add_17(s, e, x);
-        sp_521_cond_sub_17(s, s, p521_order, 0 - carry);
-        sp_521_norm_17(s);
-        c = sp_521_cmp_17(s, p521_order);
-        sp_521_cond_sub_17(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(s);
-
-        /* s = s * k^-1 mod order */
-            sp_521_mont_mul_order_17(s, s, kInv);
-        sp_521_norm_17(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 17);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 17;
-        k = e + 4 * 17;
-        r = e + 6 * 17;
-        tmp = e + 8 * 17;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_17(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 17, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_521_ecc_mulmod_base_17(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 17U);
-            sp_521_norm_17(r);
-            c = sp_521_cmp_17(r, p521_order);
-            sp_521_cond_sub_17(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_17(r);
-
-            if (!sp_521_iszero_17(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 17, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 17, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_17(e, e, 7);
-                }
-
-                err = sp_521_calc_s_17(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_17(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 17, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-        sp_521_mont_inv_order_17_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*17];
-    sp_digit x[2*17];
-    sp_digit k[2*17];
-    sp_digit r[2*17];
-    sp_digit tmp[3 * 2*17];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_17(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 17, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 17U);
-        sp_521_norm_17(ctx->r);
-        c = sp_521_cmp_17(ctx->r, p521_order);
-        sp_521_cond_sub_17(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 17, priv);
-        sp_521_from_bin(ctx->e, 17, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_17(ctx->e, ctx->e, 7);
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_17(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_17(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_17(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_17_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_17(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_17(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_17(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_521_norm_17(ctx->x);
-        carry = sp_521_add_17(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_17(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_17(ctx->s);
-        c = sp_521_cmp_17(ctx->s, p521_order);
-        sp_521_cond_sub_17(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_17(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_17(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_17(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 17U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x40\n\t"
-        "\n"
-    "L_sp_521_sub_17_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_521_sub_17_word_%=\n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "ldm	%[b]!, {r7}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "stm	%[r]!, {r3}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12", "lr"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "ldm	%[b]!, {r7}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "stm	%[r]!, {r3}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r4}\n\t"
-        "ands	r3, r4, #1\n\t"
-        "beq	L_sp_521_div2_mod_17_even_%=\n\t"
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "ldm	%[m]!, {r8}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "stm	%[r]!, {r4}\n\t"
-        "adc	r3, r12, r12\n\t"
-        "b	L_sp_521_div2_mod_17_div2_%=\n\t"
-        "\n"
-    "L_sp_521_div2_mod_17_even_%=: \n\t"
-        "ldm	%[a]!, {r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "stm	%[r]!, {r4}\n\t"
-        "\n"
-    "L_sp_521_div2_mod_17_div2_%=: \n\t"
-        "sub	%[r], %[r], #0x44\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "ldm	r0, {r8, r9}\n\t"
-#else
-        "ldrd	r8, r9, [%[r]]\n\t"
-#endif
-        "lsr	r8, r8, #1\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #8]\n\t"
-        "str	r8, [%[r]]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #12]\n\t"
-        "str	r9, [%[r], #4]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #16]\n\t"
-        "str	r10, [%[r], #8]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #20]\n\t"
-        "str	r8, [%[r], #12]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #24]\n\t"
-        "str	r9, [%[r], #16]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #28]\n\t"
-        "str	r10, [%[r], #20]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #32]\n\t"
-        "str	r8, [%[r], #24]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #36]\n\t"
-        "str	r9, [%[r], #28]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #40]\n\t"
-        "str	r10, [%[r], #32]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #44]\n\t"
-        "str	r8, [%[r], #36]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #48]\n\t"
-        "str	r9, [%[r], #40]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #52]\n\t"
-        "str	r10, [%[r], #44]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "ldr	r10, [%[r], #56]\n\t"
-        "str	r8, [%[r], #48]\n\t"
-        "orr	r9, r9, r10, lsl #31\n\t"
-        "lsr	r10, r10, #1\n\t"
-        "ldr	r8, [%[r], #60]\n\t"
-        "str	r9, [%[r], #52]\n\t"
-        "orr	r10, r10, r8, lsl #31\n\t"
-        "lsr	r8, r8, #1\n\t"
-        "ldr	r9, [%[r], #64]\n\t"
-        "str	r10, [%[r], #56]\n\t"
-        "orr	r8, r8, r9, lsl #31\n\t"
-        "lsr	r9, r9, #1\n\t"
-        "orr	r9, r9, r3, lsl #31\n\t"
-        "str	r8, [%[r], #60]\n\t"
-        "str	r9, [%[r], #64]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-static const byte L_sp_521_num_bits_17_table[] = {
-    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
-    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
-};
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register byte* L_sp_521_num_bits_17_table_c asm ("r1") =
-        (byte*)&L_sp_521_num_bits_17_table;
-#else
-    register byte* L_sp_521_num_bits_17_table_c =
-        (byte*)&L_sp_521_num_bits_17_table;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, %[L_sp_521_num_bits_17_table]\n\t"
-        "ldr	r1, [%[a], #64]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_16_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_16_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x18\n\t"
-        "orr	r2, r2, #0x200\n\t"
-#else
-        "mov	r2, #0x218\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_16_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_16_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x10\n\t"
-        "orr	r2, r2, #0x200\n\t"
-#else
-        "mov	r2, #0x210\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_16_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_16_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x8\n\t"
-        "orr	r2, r2, #0x200\n\t"
-#else
-        "mov	r2, #0x208\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_16_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x200\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_16_%=: \n\t"
-        "ldr	r1, [%[a], #60]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_15_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_15_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xf8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1f8\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_15_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_15_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xf0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1f0\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_15_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_15_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xe8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1e8\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_15_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xe0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1e0\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_15_%=: \n\t"
-        "ldr	r1, [%[a], #56]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_14_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_14_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xd8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1d8\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_14_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_14_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xd0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1d0\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_14_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_14_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xc8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1c8\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_14_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xc0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1c0\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_14_%=: \n\t"
-        "ldr	r1, [%[a], #52]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_13_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_13_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xb8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1b8\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_13_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_13_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xb0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1b0\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_13_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_13_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xa8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1a8\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_13_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xa0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1a0\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_13_%=: \n\t"
-        "ldr	r1, [%[a], #48]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_12_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_12_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x98\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x198\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_12_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_12_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x90\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x190\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_12_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_12_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x88\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x188\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_12_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x80\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x180\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_12_%=: \n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_11_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_11_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x78\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x178\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_11_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_11_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x70\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x170\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_11_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_11_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x68\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x168\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_11_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x60\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x160\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_11_%=: \n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_10_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_10_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x58\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x158\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_10_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_10_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x50\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x150\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_10_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_10_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x48\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x148\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_10_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x40\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x140\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_10_%=: \n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_9_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_9_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x38\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x138\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_9_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_9_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x30\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x130\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_9_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_9_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x28\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x128\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_9_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x20\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x120\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_9_%=: \n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_8_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_8_3_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x18\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x118\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_8_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_8_2_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x10\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x110\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_8_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_8_1_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x8\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x108\n\t"
-#endif
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_8_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x100\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_8_%=: \n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_7_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_7_3_%=\n\t"
-        "mov	r2, #0xf8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_7_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_7_2_%=\n\t"
-        "mov	r2, #0xf0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_7_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_7_1_%=\n\t"
-        "mov	r2, #0xe8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_7_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xe0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_7_%=: \n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_6_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_6_3_%=\n\t"
-        "mov	r2, #0xd8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_6_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_6_2_%=\n\t"
-        "mov	r2, #0xd0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_6_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_6_1_%=\n\t"
-        "mov	r2, #0xc8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_6_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xc0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_6_%=: \n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_5_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_5_3_%=\n\t"
-        "mov	r2, #0xb8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_5_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_5_2_%=\n\t"
-        "mov	r2, #0xb0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_5_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_5_1_%=\n\t"
-        "mov	r2, #0xa8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_5_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0xa0\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_5_%=: \n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_4_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_4_3_%=\n\t"
-        "mov	r2, #0x98\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_4_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_4_2_%=\n\t"
-        "mov	r2, #0x90\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_4_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_4_1_%=\n\t"
-        "mov	r2, #0x88\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_4_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x80\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_4_%=: \n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_3_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_3_3_%=\n\t"
-        "mov	r2, #0x78\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_3_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_3_2_%=\n\t"
-        "mov	r2, #0x70\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_3_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_3_1_%=\n\t"
-        "mov	r2, #0x68\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_3_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x60\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_3_%=: \n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_2_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_2_3_%=\n\t"
-        "mov	r2, #0x58\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_2_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_2_2_%=\n\t"
-        "mov	r2, #0x50\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_2_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_2_1_%=\n\t"
-        "mov	r2, #0x48\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_2_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #0x40\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_2_%=: \n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_1_%=\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_1_3_%=\n\t"
-        "mov	r2, #56\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_1_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_1_2_%=\n\t"
-        "mov	r2, #48\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_1_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_1_1_%=\n\t"
-        "mov	r2, #40\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_1_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "mov	r2, #32\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_1_%=: \n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "lsr	r3, r1, #24\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_0_3_%=\n\t"
-        "mov	r2, #24\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_0_3_%=: \n\t"
-        "lsr	r3, r1, #16\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_0_2_%=\n\t"
-        "mov	r2, #16\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_0_2_%=: \n\t"
-        "lsr	r3, r1, #8\n\t"
-        "and	r3, r3, #0xff\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_0_1_%=\n\t"
-        "mov	r2, #8\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "add	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_0_1_%=: \n\t"
-        "and	r3, r1, #0xff\n\t"
-        "ldrb	r12, [lr, r3]\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_18_%=: \n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a),
-          [L_sp_521_num_bits_17_table] "+r" (L_sp_521_num_bits_17_table_c)
-        :
-#else
-        :
-        : [a] "r" (a),
-          [L_sp_521_num_bits_17_table] "r" (L_sp_521_num_bits_17_table_c)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r1, [%[a], #64]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_16_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x20\n\t"
-        "orr	r2, r2, #0x200\n\t"
-#else
-        "mov	r2, #0x220\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_16_%=: \n\t"
-        "ldr	r1, [%[a], #60]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_15_%=\n\t"
-        "mov	r2, #0x200\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_15_%=: \n\t"
-        "ldr	r1, [%[a], #56]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_14_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xe0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1e0\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_14_%=: \n\t"
-        "ldr	r1, [%[a], #52]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_13_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xc0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1c0\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_13_%=: \n\t"
-        "ldr	r1, [%[a], #48]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_12_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0xa0\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x1a0\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_12_%=: \n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_11_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x80\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x180\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_11_%=: \n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_10_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x60\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x160\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_10_%=: \n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_9_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x40\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x140\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_9_%=: \n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_8_%=\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-        "mov	r2, #0x20\n\t"
-        "orr	r2, r2, #0x100\n\t"
-#else
-        "mov	r2, #0x120\n\t"
-#endif
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_8_%=: \n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_7_%=\n\t"
-        "mov	r2, #0x100\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_7_%=: \n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_6_%=\n\t"
-        "mov	r2, #0xe0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_6_%=: \n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_5_%=\n\t"
-        "mov	r2, #0xc0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_5_%=: \n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_4_%=\n\t"
-        "mov	r2, #0xa0\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_4_%=: \n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_3_%=\n\t"
-        "mov	r2, #0x80\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_3_%=: \n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_2_%=\n\t"
-        "mov	r2, #0x60\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_2_%=: \n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "cmp	r1, #0\n\t"
-        "beq	L_sp_521_num_bits_17_1_%=\n\t"
-        "mov	r2, #0x40\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_1_%=: \n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "mov	r2, #32\n\t"
-        "clz	r12, r1\n\t"
-        "sub	r12, r2, r12\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_18_%=: \n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a)
-        :
-#else
-        :
-        : [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r1", "r2", "r3", "r12", "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[17];
-    sp_digit v[17];
-    sp_digit b[17];
-    sp_digit d[17];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_521_num_bits_17(u);
-    vt = sp_521_num_bits_17(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_521_rshift1_17(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_521_rshift1_17(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_521_rshift1_17(v, v);
-            sp_521_div2_mod_17(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
-            sp_521_sub_17(u, u, v);
-            o = sp_521_sub_17(b, b, d);
-            if (o != 0)
-                sp_521_add_17(b, b, m);
-            ut = sp_521_num_bits_17(u);
-
-            do {
-                sp_521_rshift1_17(u, u);
-                sp_521_div2_mod_17(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_521_sub_17(v, v, u);
-            o = sp_521_sub_17(d, d, b);
-            if (o != 0)
-                sp_521_add_17(d, d, m);
-            vt = sp_521_num_bits_17(v);
-
-            do {
-                sp_521_rshift1_17(v, v);
-                sp_521_div2_mod_17(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-
-        sp_521_proj_point_add_17(p1, p1, p2, tmp);
-    if (sp_521_iszero_17(p1->z)) {
-        if (sp_521_iszero_17(p1->x) && sp_521_iszero_17(p1->y)) {
-                sp_521_proj_point_dbl_17(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            p1->x[12] = 0;
-            p1->x[13] = 0;
-            p1->x[14] = 0;
-            p1->x[15] = 0;
-            p1->x[16] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_17(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_521_mul_17(s, s, p521_norm_order);
-        err = sp_521_mod_17(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_17(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_521_mont_inv_order_17(s, s, tmp);
-            sp_521_mont_mul_order_17(u1, u1, s);
-            sp_521_mont_mul_order_17(u2, u2, s);
-        }
-#else
-        {
-            sp_521_mont_mul_order_17(u1, u1, s);
-            sp_521_mont_mul_order_17(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_521_ecc_mulmod_base_17(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_17(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_17(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_17(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 17);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 17;
-        s   = u1 + 4 * 17;
-        tmp = u1 + 6 * 17;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 17, hash, (int)hashLen);
-        sp_521_from_mp(u2, 17, rm);
-        sp_521_from_mp(s, 17, sm);
-        sp_521_from_mp(p2->x, 17, pX);
-        sp_521_from_mp(p2->y, 17, pY);
-        sp_521_from_mp(p2->z, 17, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_17(u1, u1, 7);
-        }
-
-        err = sp_521_calc_vfy_point_17(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 17, rm);
-        err = sp_521_mod_mul_norm_17(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_521_mont_sqr_17(p1->z, p1->z, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_17(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_17(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 17, rm);
-            carry = sp_521_add_17(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_17(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_17(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_17(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_521_mont_mul_17(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_17(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-        sp_521_mont_inv_order_17_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_17_ctx dbl_ctx;
-        sp_521_proj_point_add_17_ctx add_ctx;
-    };
-    sp_digit u1[2*17];
-    sp_digit u2[2*17];
-    sp_digit s[2*17];
-    sp_digit tmp[2*17 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 17, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 17, rm);
-        sp_521_from_mp(ctx->s, 17, sm);
-        sp_521_from_mp(ctx->p2.x, 17, pX);
-        sp_521_from_mp(ctx->p2.y, 17, pY);
-        sp_521_from_mp(ctx->p2.z, 17, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_17(ctx->u1, ctx->u1, 7);
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_17(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_17(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_17(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_17_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_17(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_17(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_17(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_17(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_17_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 17, rm);
-        err = sp_521_mod_mul_norm_17(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_17(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_17(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_17(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 17, rm);
-            carry = sp_521_add_17(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_17(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_17(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_17(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_17(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_17(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_17(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 17 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 17 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 17;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_17(t1, point->y);
-        (void)sp_521_mod_17(t1, t1, p521_mod);
-        sp_521_sqr_17(t2, point->x);
-        (void)sp_521_mod_17(t2, t2, p521_mod);
-        sp_521_mul_17(t2, t2, point->x);
-        (void)sp_521_mod_17(t2, t2, p521_mod);
-        sp_521_mont_sub_17(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_17(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 17, pX);
-        sp_521_from_mp(pub->y, 17, pY);
-        sp_521_from_bin(pub->z, 17, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_17(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 17);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 17, pX);
-        sp_521_from_mp(pub->y, 17, pY);
-        sp_521_from_bin(pub->z, 17, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 17, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_17(pub->x) != 0) &&
-            (sp_521_iszero_17(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_17(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_17(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_17(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_521_ecc_mulmod_17(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_17(p->x) == 0) ||
-                             (sp_521_iszero_17(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_521_ecc_mulmod_base_17(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_17(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_17(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        sp_521_from_mp(q->x, 17, qX);
-        sp_521_from_mp(q->y, 17, qY);
-        sp_521_from_mp(q->z, 17, qZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-        q->infinity = sp_521_iszero_17(q->x) &
-                      sp_521_iszero_17(q->y);
-
-            sp_521_proj_point_add_17(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-
-            sp_521_proj_point_dbl_17(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-
-            sp_521_map_17(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word32 p521_sqrt_power[17] = {
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_17(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 17);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32)))
-                    sp_521_mont_mul_17(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 17);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 17);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 17, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 17;
-
-        sp_521_from_mp(x, 17, xm);
-        err = sp_521_mod_mul_norm_17(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_521_mont_sqr_17(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_17(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_17(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_17(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_17(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 17, 0, 17U * sizeof(sp_digit));
-        sp_521_mont_reduce_17(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_17(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 32];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 32];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 32];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        /* A[0] * B[0] */
-        "ldr	r11, [%[a]]\n\t"
-        "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r3, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-#else
-        "umull	r3, r4, r11, r12\n\t"
-        "mov	r5, #0\n\t"
-#endif
-        "str	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[0] */
-        "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[1] */
-        "ldr	r11, [%[a], #4]\n\t"
-        "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[2] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[2] */
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[1] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[0] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[1] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[2] */
-        "ldr	r11, [%[a], #8]\n\t"
-        "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[3] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[4] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[4] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[2] */
-        "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[1] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[0] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[1] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[2] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[3] */
-        "ldr	r11, [%[a], #12]\n\t"
-        "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[4] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[5] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[0] * B[6] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[6] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[5] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[4] */
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[3] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[2] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[1] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[0] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[1] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[2] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[3] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[4] */
-        "ldr	r11, [%[a], #16]\n\t"
-        "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[5] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[6] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[7] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[8] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[8] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[7] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[6] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[4] */
-        "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[3] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[2] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[1] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[0] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[1] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[2] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[3] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[4] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[5] */
-        "ldr	r11, [%[a], #20]\n\t"
-        "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[6] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[7] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[8] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[9] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[0] * B[10] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[10] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[9] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[8] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[7] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[6] */
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[5] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[4] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[3] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[2] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[1] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[0] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #44]\n\t"
-        /* A[12] * B[0] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[1] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[2] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[3] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[4] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[5] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[6] */
-        "ldr	r11, [%[a], #24]\n\t"
-        "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[7] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[8] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[9] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[10] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[11] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[0] * B[12] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #48]\n\t"
-        /* A[0] * B[13] */
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[12] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[11] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[10] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[9] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[8] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[6] */
-        "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[5] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[4] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[3] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[2] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[1] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[0] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #52]\n\t"
-        /* A[14] * B[0] */
-        "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[1] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[2] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[3] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[4] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[5] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[6] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[7] */
-        "ldr	r11, [%[a], #28]\n\t"
-        "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[8] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[9] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[10] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[11] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[2] * B[12] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * B[13] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[0] * B[14] */
-        "ldr	r8, [%[a]]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [sp, #56]\n\t"
-        /* A[0] * B[15] */
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[1] * B[14] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[2] * B[13] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[12] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[11] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[10] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[9] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[8] */
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[7] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[6] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[5] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[4] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[3] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[2] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[1] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[0] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [sp, #60]\n\t"
-        /* A[15] * B[1] */
-        "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[2] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[3] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[4] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[5] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[6] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[7] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[8] */
-        "ldr	r11, [%[a], #32]\n\t"
-        "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[9] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[10] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[11] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[4] * B[12] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[3] * B[13] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[2] * B[14] */
-        "ldr	r8, [%[a], #8]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * B[15] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        /* A[2] * B[15] */
-        "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[3] * B[14] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[4] * B[13] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[12] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[11] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[10] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[8] */
-        "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[7] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[6] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[5] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[4] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[3] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[2] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #68]\n\t"
-        /* A[15] * B[3] */
-        "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[4] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[5] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[6] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[7] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[8] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[9] */
-        "ldr	r11, [%[a], #36]\n\t"
-        "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[10] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[11] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[6] * B[12] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[5] * B[13] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[4] * B[14] */
-        "ldr	r8, [%[a], #16]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[3] * B[15] */
-        "ldr	r8, [%[a], #12]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #72]\n\t"
-        /* A[4] * B[15] */
-        "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[5] * B[14] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[6] * B[13] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[12] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[11] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[10] */
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[9] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[8] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[7] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[6] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[5] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[4] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #76]\n\t"
-        /* A[15] * B[5] */
-        "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[6] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[7] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[8] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[9] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[10] */
-        "ldr	r11, [%[a], #40]\n\t"
-        "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[11] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[8] * B[12] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[7] * B[13] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[6] * B[14] */
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[5] * B[15] */
-        "ldr	r8, [%[a], #20]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #80]\n\t"
-        /* A[6] * B[15] */
-        "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[7] * B[14] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[8] * B[13] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[12] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[10] */
-        "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[9] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[8] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[7] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[6] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #84]\n\t"
-        /* A[15] * B[7] */
-        "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[8] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[9] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[10] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[11] */
-        "ldr	r11, [%[a], #44]\n\t"
-        "ldr	r12, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[10] * B[12] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[9] * B[13] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[8] * B[14] */
-        "ldr	r8, [%[a], #32]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[7] * B[15] */
-        "ldr	r8, [%[a], #28]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        /* A[8] * B[15] */
-        "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[9] * B[14] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[10] * B[13] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[12] */
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[11] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[10] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[9] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[8] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #92]\n\t"
-        /* A[15] * B[9] */
-        "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[10] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[11] */
-        "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[12] * B[12] */
-        "ldr	r11, [%[a], #48]\n\t"
-        "ldr	r12, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[11] * B[13] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[10] * B[14] */
-        "ldr	r8, [%[a], #40]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[9] * B[15] */
-        "ldr	r8, [%[a], #36]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #96]\n\t"
-        /* A[10] * B[15] */
-        "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[11] * B[14] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * B[13] */
-        "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[12] */
-        "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[11] */
-        "ldr	r8, [%[a], #56]\n\t"
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[15] * B[10] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #100]\n\t"
-        /* A[15] * B[11] */
-        "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[14] * B[12] */
-        "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * B[13] */
-        "ldr	r11, [%[a], #52]\n\t"
-        "ldr	r12, [%[b], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[12] * B[14] */
-        "ldr	r8, [%[a], #48]\n\t"
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[11] * B[15] */
-        "ldr	r8, [%[a], #44]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #104]\n\t"
-        /* A[12] * B[15] */
-        "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[13] * B[14] */
-        "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[14] * B[13] */
-        "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        /* A[15] * B[12] */
-        "ldr	r8, [%[a], #60]\n\t"
-        "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], #108]\n\t"
-        /* A[15] * B[13] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[14] * B[14] */
-        "ldr	r11, [%[a], #56]\n\t"
-        "ldr	r12, [%[b], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * B[15] */
-        "ldr	r8, [%[a], #52]\n\t"
-        "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        /* A[14] * B[15] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r11, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r11, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[15] * B[14] */
-        "ldr	r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r12, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r7, r12, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r5, [%[r], #116]\n\t"
-        /* A[15] * B[15] */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsr	r7, r9, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r9, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, r8, r9\n\t"
-#endif
-        "str	r3, [%[r], #120]\n\t"
-        "str	r4, [%[r], #124]\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	sp!, {r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        /* A[0] * A[0] */
-        "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r2, r10, #16\n\t"
-        "lsr	r2, r2, #16\n\t"
-        "mul	r8, r2, r2\n\t"
-        "mul	r3, r9, r9\n\t"
-        "mul	r2, r9, r2\n\t"
-        "lsr	r9, r2, #15\n\t"
-        "lsl	r2, r2, #17\n\t"
-        "adds	r8, r8, r2\n\t"
-        "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r3, r10, r10\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[1] * A[1] */
-        "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[1] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[1] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[2] * A[2] */
-        "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[3] */
-        "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[4] */
-        "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[5] */
-        "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #44]\n\t"
-        /* A[0] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[6] */
-        "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #48]\n\t"
-        /* A[0] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [sp, #52]\n\t"
-        /* A[0] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[7] */
-        "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [sp, #56]\n\t"
-        /* A[0] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[1] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[2] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [sp, #60]\n\t"
-        /* A[1] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[2] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[3] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[8] */
-        "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        /* A[2] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[3] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[4] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        /* A[3] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[4] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[5] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[9] */
-        "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #72]\n\t"
-        /* A[4] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[5] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[6] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #76]\n\t"
-        /* A[5] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[6] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[7] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[10] */
-        "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        /* A[6] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[7] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[8] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #84]\n\t"
-        /* A[7] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[8] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[9] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[11] */
-        "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #88]\n\t"
-        /* A[8] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[9] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[10] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r5\n\t"
-        "adcs	r2, r2, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        /* A[9] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[10] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[11] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[12] * A[12] */
-        "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "adds	r2, r2, r5\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "str	r2, [%[r], #96]\n\t"
-        /* A[10] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r5, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r8, r5\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "add	r6, r6, r9\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
-        "mov	r2, #0\n\t"
-        "mov	r7, #0\n\t"
-        /* A[11] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        /* A[12] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adc	r2, r2, r7\n\t"
-        "str	r3, [%[r], #100]\n\t"
-        /* A[11] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[12] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        /* A[13] * A[13] */
-        "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        /* A[12] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        /* A[13] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
-        "str	r2, [%[r], #108]\n\t"
-        /* A[13] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        /* A[14] * A[14] */
-        "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
-        "str	r3, [%[r], #112]\n\t"
-        /* A[14] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r2, r2, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r8, r10, #16\n\t"
-        "lsr	r9, r12, #16\n\t"
-        "mul	r9, r8, r9\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsl	r9, r12, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #16\n\t"
-        "lsl	r8, r8, #16\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
-        "str	r4, [%[r], #116]\n\t"
-        /* A[15] * A[15] */
-        "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mov	r12, r8\n\t"
-        "mul	r8, r12, r8\n\t"
-        "mov	r12, r9\n\t"
-        "mul	r9, r12, r9\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adc	r3, r3, r9\n\t"
-        "lsr	r9, r10, #16\n\t"
-        "lsl	r8, r10, #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r8, r9, r8\n\t"
-        "lsr	r9, r8, #15\n\t"
-        "lsl	r8, r8, #17\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adc	r3, r3, r9\n\t"
-#endif
-        "str	r2, [%[r], #120]\n\t"
-        "str	r3, [%[r], #124]\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-        "ldm	sp!, {r2, r3, r4, r8}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r8}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "subs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	%[a], r9, r9\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "mov	%[r], #0\n\t"
-        "adc	%[r], %[r], #0\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_1024_add_16(a1, a, &a[16]);
-    cb = sp_1024_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_1024_mul_16(z2, &a[16], &b[16]);
-    sp_1024_mul_16(z0, a, b);
-    sp_1024_mul_16(z1, a1, b1);
-
-    u += sp_1024_sub_in_place_32(z1, z0);
-    u += sp_1024_sub_in_place_32(z1, z2);
-    sp_1024_mask_16(a1, a1, 0 - cb);
-    u += sp_1024_add_16(z1 + 16, z1 + 16, a1);
-    sp_1024_mask_16(b1, b1, 0 - ca);
-    u += sp_1024_add_16(z1 + 16, z1 + 16, b1);
-
-    u += sp_1024_add_32(r + 16, r + 16, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (16 - 1));
-    a1[0] = u;
-    (void)sp_1024_add_16(r + 48, r + 48, a1);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit zero[16];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_1024_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_1024_sub_16(a1, p1, p2);
-
-    sp_1024_sqr_16(z2, &a[16]);
-    sp_1024_sqr_16(z0, a);
-    sp_1024_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_1024_sub_in_place_32(z1, z2);
-    u -= sp_1024_sub_in_place_32(z1, z0);
-    u += sp_1024_sub_in_place_32(r + 16, z1);
-    zero[0] = u;
-    (void)sp_1024_add_16(r + 48, r + 48, zero);
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x100\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "ldr	r11, [%[b]]\n\t"
-        "umull	r8, r6, lr, r11\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_1024_mul_32_outer_%=: \n\t"
-        "subs	r3, r5, #0x7c\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_1024_mul_32_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "ldr	lr, [%[a], r4]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_1024_mul_32_inner_done_%=\n\t"
-        "blt	L_sp_1024_mul_32_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[b], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_1024_mul_32_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf4\n\t"
-        "ble	L_sp_1024_mul_32_outer_%=\n\t"
-        "ldr	lr, [%[a], #124]\n\t"
-        "ldr	r11, [%[b], #124]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r7, r7, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "add	r7, r7, r10\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umlal	r6, r7, lr, r11\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_1024_mul_32_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_1024_mul_32_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x100\n\t"
-        "ldr	lr, [%[a]]\n\t"
-        "umull	r8, r6, lr, lr\n\t"
-        "str	r8, [sp]\n\t"
-        "mov	r7, #0\n\t"
-        "mov	r8, #0\n\t"
-        "mov	r5, #4\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_outer_%=: \n\t"
-        "subs	r3, r5, #0x7c\n\t"
-        "it	cc\n\t"
-        "movcc	r3, #0\n\t"
-        "sub	r4, r5, r3\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_inner_%=: \n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-        "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r9, lr, #16\n\t"
-        "lsr	r10, r11, #16\n\t"
-        "mul	r10, r9, r10\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsl	r10, r11, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #16\n\t"
-        "lsl	r9, r9, #16\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, r11\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_1024_sqr_32_inner_done_%=\n\t"
-        "blt	L_sp_1024_sqr_32_inner_%=\n\t"
-        "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adcs	r7, r7, r10\n\t"
-        "adc	r8, r8, #0\n\t"
-#endif
-        "\n"
-    "L_sp_1024_sqr_32_inner_done_%=: \n\t"
-        "str	r6, [sp, r5]\n\t"
-        "mov	r6, r7\n\t"
-        "mov	r7, r8\n\t"
-        "mov	r8, #0\n\t"
-        "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf4\n\t"
-        "ble	L_sp_1024_sqr_32_outer_%=\n\t"
-        "ldr	lr, [%[a], #124]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mov	r11, r9\n\t"
-        "mul	r9, r11, r9\n\t"
-        "mov	r11, r10\n\t"
-        "mul	r10, r11, r10\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-        "lsr	r10, lr, #16\n\t"
-        "lsl	r9, lr, #16\n\t"
-        "lsr	r9, r9, #16\n\t"
-        "mul	r9, r10, r9\n\t"
-        "lsr	r10, r9, #15\n\t"
-        "lsl	r9, r9, #17\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#else
-        "umull	r9, r10, lr, lr\n\t"
-        "adds	r6, r6, r9\n\t"
-        "adc	r7, r7, r10\n\t"
-#endif
-        "str	r6, [sp, r5]\n\t"
-        "add	r5, r5, #4\n\t"
-        "str	r7, [sp, r5]\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_store_%=: \n\t"
-        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "subs	r5, r5, #32\n\t"
-        "bgt	L_sp_1024_sqr_32_store_%=\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[32] = {
-    0xfea85feb,0x666d807a,0xac7ace87,0x80c5df10,0x89857db0,0xfce3e823,
-    0x56971f1f,0x9f94d6af,0x1c3c09aa,0xa7cf3c52,0x31852a82,0xb6aff4a8,
-    0x65681ce1,0x512ac5cd,0x326b4cd4,0xe26c6487,0xa666a6d0,0x356d27f4,
-    0xf7c88a19,0xe791b39f,0x31a59cb0,0x228730d5,0xe2fc0f1b,0xf40aab27,
-    0xb3e01a2e,0xbe9ae358,0x9cb48261,0x416c0ce1,0xdad0657a,0x65c61198,
-    0x0a563fda,0x997abb1f
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[32] = {
-    0x0157a015,0x99927f85,0x53853178,0x7f3a20ef,0x767a824f,0x031c17dc,
-    0xa968e0e0,0x606b2950,0xe3c3f655,0x5830c3ad,0xce7ad57d,0x49500b57,
-    0x9a97e31e,0xaed53a32,0xcd94b32b,0x1d939b78,0x5999592f,0xca92d80b,
-    0x083775e6,0x186e4c60,0xce5a634f,0xdd78cf2a,0x1d03f0e4,0x0bf554d8,
-    0x4c1fe5d1,0x41651ca7,0x634b7d9e,0xbe93f31e,0x252f9a85,0x9a39ee67,
-    0xf5a9c025,0x668544e0
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x7c8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[32] = {
-    0xbfaa17fb,0xd99b601e,0x2b1eb3a1,0x203177c4,0xe2615f6c,0xff38fa08,
-    0xd5a5c7c7,0xa7e535ab,0x870f026a,0xa9f3cf14,0x0c614aa0,0x6dabfd2a,
-    0x595a0738,0x144ab173,0xcc9ad335,0x389b1921,0x2999a9b4,0x4d5b49fd,
-    0xfdf22286,0x39e46ce7,0x4c69672c,0xc8a1cc35,0xf8bf03c6,0xbd02aac9,
-    0x2cf8068b,0x6fa6b8d6,0x672d2098,0x905b0338,0x36b4195e,0x99718466,
-    0xc2958ff6,0x265eaec7
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0xeae63895,0x880dc8ab,0x967e0979,0x80ec46c4,0xb63f73ec,0xee9163a5,
-        0x80728d87,0xd5cfb4cc,0xba66910d,0xa7c1514d,0x7a60de74,0xa702c339,
-        0x8b72f2e1,0x337c8654,0x5dd5bccb,0x9760af76,0x406ce890,0x718bd9e7,
-        0xdb9dfa55,0x43d5f22c,0x30b09e10,0xab10db90,0xf6ce2308,0xb5edb6c0,
-        0xb6ff7cbf,0x98b2f204,0x0aec69c6,0x2b1a2fd6,0x3ed9b52a,0x0a799005,
-        0x332c29ad,0x53fc09ee,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x1bef16d7,0x75573fd7,0x6a67dcde,0xadb9b570,0xd5bb4636,0x80bdad5a,
-        0xe9cb99a9,0x13515ad7,0xc5a4d5f2,0x492d979f,0x164aa989,0xac6f1e80,
-        0xb7652fe0,0xcad696b5,0xad547c6c,0x70dae117,0xa9e032b9,0x416cff0c,
-        0x9a140b2e,0x6b598ccf,0xf0de55f6,0xe7f7f5e5,0x654ec2b9,0xf5ea69f4,
-        0x1e141178,0x3d778d82,0x02990696,0xd3e82016,0x3634a135,0xf9f1f053,
-        0x3f6009f1,0x0a824906,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x80\n\t"
-        "\n"
-    "L_sp_1024_sub_in_pkace_32_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a], {r2, r3, r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
-        "sbcs	r2, r2, r6\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_1024_sub_in_pkace_32_word_%=\n\t"
-        "mov	%[a], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12",
-            "lr"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "\n"
-    "L_sp_1024_cond_sub_32_words_%=: \n\t"
-        "subs	r12, r6, r12\n\t"
-        "ldr	r4, [%[a], lr]\n\t"
-        "ldr	r5, [%[b], lr]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "sbc	r12, r6, r6\n\t"
-        "str	r4, [%[r], lr]\n\t"
-        "add	lr, lr, #4\n\t"
-        "cmp	lr, #0x80\n\t"
-        "blt	L_sp_1024_cond_sub_32_words_%=\n\t"
-        "mov	%[r], r12\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[r], lr, lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "add	r12, %[a], #0x80\n\t"
-        "\n"
-    "L_sp_1024_add_32_word_%=: \n\t"
-        "adds	r3, r3, #-1\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r3, r4, #0\n\t"
-        "cmp	%[a], r12\n\t"
-        "bne	L_sp_1024_add_32_word_%=\n\t"
-        "mov	%[r], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r5, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r5, r5, #16\n\t"
-        "mul	r5, r6, r5\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r3, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umull	r5, r3, %[b], r8\n\t"
-#endif
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]]\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, #4\n\t"
-        "\n"
-    "L_sp_1024_mul_d_32_word_%=: \n\t"
-        /* A[i] * B */
-        "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
-        "str	r3, [%[r], r9]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r9, r9, #4\n\t"
-        "cmp	r9, #0x80\n\t"
-        "blt	L_sp_1024_mul_d_32_word_%=\n\t"
-        "str	r3, [%[r], #128]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register sp_digit b asm ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r3, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r3, r3, #16\n\t"
-        "mul	r3, r6, r3\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r4, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umull	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[1] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[2] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[3] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[4] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[5] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[6] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[7] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[8] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[9] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[10] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[11] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[12] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[13] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[14] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[15] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[16] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[17] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[18] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[19] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[20] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[21] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[22] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[23] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[24] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[25] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[26] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[27] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[28] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "mov	r3, #0\n\t"
-        /* A[29] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r3, r3, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#else
-        "umlal	r5, r3, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-        "mov	r4, #0\n\t"
-        /* A[30] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r4, r4, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
-#else
-        "umlal	r3, r4, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-        "mov	r5, #0\n\t"
-        /* A[31] * B */
-        "ldm	%[a]!, {r8}\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r6, %[b], #16\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsr	r6, %[b], #16\n\t"
-        "lsr	r7, r8, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "add	r5, r5, r7\n\t"
-        "lsl	r7, r8, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-#else
-        "umlal	r4, r5, %[b], r8\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-        "str	r5, [%[r]]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_1024_word_32(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	lr, r6, #1\n\t"
-        "udiv	r4, %[d1], lr\n\t"
-        "lsl	r5, %[div], #16\n\t"
-        "lsl	r4, r4, #16\n\t"
-        "umull	r3, r12, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "subs	r3, %[d1], lr\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "add	r7, r7, #1\n\t"
-        "rsb	r8, r7, #0\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "and	r5, r5, r8\n\t"
-        "and	r6, r6, r8\n\t"
-        "subs	%[d0], %[d0], r5\n\t"
-        "add	r4, r4, r7\n\t"
-        "sbc	%[d1], %[d1], r6\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "umull	r3, r12, %[div], r3\n\t"
-        "subs	%[d0], %[d0], r3\n\t"
-        "sbc	%[d1], %[d1], r12\n\t"
-        "lsl	r12, %[d1], #16\n\t"
-        "lsr	r3, %[d0], #16\n\t"
-        "orr	r3, r3, r12\n\t"
-        "udiv	r3, r3, lr\n\t"
-        "add	r4, r4, r3\n\t"
-        "mul	r3, %[div], r3\n\t"
-        "sub	%[d0], %[d0], r3\n\t"
-        "udiv	r3, %[d0], %[div]\n\t"
-        "add	%[d1], r4, r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit div_1024_word_32(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
-    sp_digit div)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
-    register sp_digit div asm ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "lsr	lr, %[div], #1\n\t"
-        "add	lr, lr, #1\n\t"
-        "mov	r4, %[d0]\n\t"
-        "mov	r5, %[d1]\n\t"
-        /* Do top 32 */
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mov	r3, #0\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        /* Next 30 bits */
-        "mov	r12, #29\n\t"
-        "\n"
-    "L_div_1024_word_32_bit_%=: \n\t"
-        "lsls	r4, r4, #1\n\t"
-        "adc	r5, r5, r5\n\t"
-        "subs	r6, lr, r5\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "add	r3, r3, r3\n\t"
-        "sub	r3, r3, r6\n\t"
-        "and	r6, r6, lr\n\t"
-        "subs	r5, r5, r6\n\t"
-        "subs	r12, r12, #1\n\t"
-        "bpl	L_div_1024_word_32_bit_%=\n\t"
-        "add	r3, r3, r3\n\t"
-        "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "lsl	r7, r3, #16\n\t"
-        "lsl	r4, %[div], #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "lsr	r4, r4, #16\n\t"
-        "mul	r4, r7, r4\n\t"
-        "lsr	r8, %[div], #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r5, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r3, #16\n\t"
-        "mul	r8, r7, r8\n\t"
-        "add	r5, r5, r8\n\t"
-        "lsl	r8, %[div], #16\n\t"
-        "lsr	r8, r8, #16\n\t"
-        "mul	r7, r8, r7\n\t"
-        "lsr	r8, r7, #16\n\t"
-        "lsl	r7, r7, #16\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, r8\n\t"
-#else
-        "umull	r4, r5, r3, %[div]\n\t"
-#endif
-        "subs	r7, %[d0], r4\n\t"
-        "sbc	r8, %[d1], r5\n\t"
-        "add	r3, r3, r8\n\t"
-        "subs	r6, %[div], r7\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "sub	%[d1], r3, r6\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-#else
-        :
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a,
-    const sp_digit* b)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r2, #-1\n\t"
-        "mov	r6, #1\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r3, #-1\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "mov	r4, #0x7c\n\t"
-        "\n"
-    "L_sp_1024_cmp_32_words_%=: \n\t"
-        "ldr	r12, [%[a], r4]\n\t"
-        "ldr	lr, [%[b], r4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "subs	r4, r4, #4\n\t"
-        "bcs	L_sp_1024_cmp_32_words_%=\n\t"
-        "eor	r2, r2, r3\n\t"
-#else
-        "ldr	r12, [%[a], #124]\n\t"
-        "ldr	lr, [%[b], #124]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #120]\n\t"
-        "ldr	lr, [%[b], #120]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #116]\n\t"
-        "ldr	lr, [%[b], #116]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #112]\n\t"
-        "ldr	lr, [%[b], #112]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #108]\n\t"
-        "ldr	lr, [%[b], #108]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #104]\n\t"
-        "ldr	lr, [%[b], #104]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #100]\n\t"
-        "ldr	lr, [%[b], #100]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #96]\n\t"
-        "ldr	lr, [%[b], #96]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #92]\n\t"
-        "ldr	lr, [%[b], #92]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #88]\n\t"
-        "ldr	lr, [%[b], #88]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #84]\n\t"
-        "ldr	lr, [%[b], #84]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #80]\n\t"
-        "ldr	lr, [%[b], #80]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #76]\n\t"
-        "ldr	lr, [%[b], #76]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #72]\n\t"
-        "ldr	lr, [%[b], #72]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #68]\n\t"
-        "ldr	lr, [%[b], #68]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #64]\n\t"
-        "ldr	lr, [%[b], #64]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #60]\n\t"
-        "ldr	lr, [%[b], #60]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #56]\n\t"
-        "ldr	lr, [%[b], #56]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #52]\n\t"
-        "ldr	lr, [%[b], #52]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #48]\n\t"
-        "ldr	lr, [%[b], #48]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #44]\n\t"
-        "ldr	lr, [%[b], #44]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #40]\n\t"
-        "ldr	lr, [%[b], #40]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #36]\n\t"
-        "ldr	lr, [%[b], #36]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #32]\n\t"
-        "ldr	lr, [%[b], #32]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #28]\n\t"
-        "ldr	lr, [%[b], #28]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #24]\n\t"
-        "ldr	lr, [%[b], #24]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #20]\n\t"
-        "ldr	lr, [%[b], #20]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        "ldr	lr, [%[b], #16]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #12]\n\t"
-        "ldr	lr, [%[b], #12]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #8]\n\t"
-        "ldr	lr, [%[b], #8]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a], #4]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[b]]\n\t"
-        "and	r12, r12, r3\n\t"
-        "and	lr, lr, r3\n\t"
-        "subs	r12, r12, lr\n\t"
-        "it	hi\n\t"
-        "movhi	r2, r6\n\t"
-        "it	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "it	ne\n\t"
-        "movne	r3, r5\n\t"
-        "eor	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "mov	%[a], r2\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-#else
-        :
-        : [a] "r" (a), [b] "r" (b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_1024_cmp_32(&t1[32], d) >= 0;
-    sp_1024_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_1024_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_1024_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_1024_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_1024_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_1024_add_32(&t1[i], &t1[i], t2);
-        sp_1024_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_1024_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_1024_cmp_32(t1, d) >= 0;
-    sp_1024_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    return sp_1024_div_32(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_mul_32(r, a, p1024_norm_mod);
-    return sp_1024_mod_32(r, r, m);
-}
-
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_32(heap, sp, p) sp_1024_point_new_ex_32((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_32(heap, sp, p) sp_1024_point_new_ex_32((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_32(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 32, pm->x);
-    sp_1024_from_mp(p->y, 32, pm->y);
-    sp_1024_from_mp(p->z, 32, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 32);
-        r->used = 32;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_1024_mont_reduce_32_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m]]\n\t"
-#endif
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r12, r12, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r5, r7\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r4, r10\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r10\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r10, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r10, r10, #16\n\t"
-        "mul	r10, r6, r10\n\t"
-        "adds	lr, lr, r10\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r10, r7, #16\n\t"
-        "mul	r6, r10, r6\n\t"
-        "lsr	r10, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r5, r10\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r4, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r4, r4, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r4, r11\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "lsr	r6, r8, #16\n\t"
-        "mul	r5, r6, r11\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r11, r7, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r11, r11, #16\n\t"
-        "mul	r11, r6, r11\n\t"
-        "adds	r10, r10, r11\n\t"
-        "adc	r5, r5, #0\n\t"
-        "lsr	r11, r7, #16\n\t"
-        "mul	r6, r11, r6\n\t"
-        "lsr	r11, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r5, r11\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
-        "ldr	r11, [%[m], #124]\n\t"
-#else
-        "ldr	r7, [%[m], #124]\n\t"
-#endif
-        "ldr	r10, [%[a], #124]\n\t"
-        "lsl	r6, r8, #16\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adcs	r4, r3, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "mov	r6, r8\n\t"
-        "lsr	r7, r11, #16\n\t"
-        "lsr	r6, r6, #16\n\t"
-        "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "lsl	r7, r11, #16\n\t"
-        "adc	r3, r3, #0\n\t"
-        "lsr	r7, r7, #16\n\t"
-        "mul	r6, r7, r6\n\t"
-        "lsr	r7, r6, #16\n\t"
-        "lsl	r6, r6, #16\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x80\n\t"
-        "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "ldr	r6, [%[m], #124]\n\t"
-        "subs	r10, r6, r10\n\t"
-        "neg	r3, r3\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "orr	r3, r3, r10\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_1024_cond_sub_32(a - 32, a, m, mp);
-}
-
-#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldr	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "mov	r9, #0\n\t"
-        "mov	r3, #0\n\t"
-        "ldr	r12, [%[a]]\n\t"
-        "ldr	lr, [%[a], #4]\n\t"
-        "\n"
-    "L_sp_1024_mont_reduce_32_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r8, %[mp], r12\n\t"
-        /* a[i+0] += m[0] * mu */
-        "mov	r5, #0\n\t"
-        "umlal	r12, r5, r8, r11\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r7, [%[m], #4]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	lr, r4, r8, r7\n\t"
-        "mov	r12, lr\n\t"
-        "adds	r12, r12, r5\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r7, [%[m], #8]\n\t"
-        "ldr	lr, [%[a], #8]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	lr, r5, r8, r7\n\t"
-        "adds	lr, lr, r4\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r7, [%[m], #12]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #12]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r7, [%[m], #16]\n\t"
-        "ldr	r10, [%[a], #16]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #16]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r7, [%[m], #20]\n\t"
-        "ldr	r10, [%[a], #20]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #20]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r7, [%[m], #24]\n\t"
-        "ldr	r10, [%[a], #24]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #24]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r7, [%[m], #28]\n\t"
-        "ldr	r10, [%[a], #28]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #28]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r7, [%[m], #32]\n\t"
-        "ldr	r10, [%[a], #32]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #32]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r7, [%[m], #36]\n\t"
-        "ldr	r10, [%[a], #36]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #36]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r7, [%[m], #40]\n\t"
-        "ldr	r10, [%[a], #40]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #40]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r7, [%[m], #44]\n\t"
-        "ldr	r10, [%[a], #44]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #44]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r7, [%[m], #48]\n\t"
-        "ldr	r10, [%[a], #48]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #48]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r7, [%[m], #52]\n\t"
-        "ldr	r10, [%[a], #52]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #52]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r7, [%[m], #56]\n\t"
-        "ldr	r10, [%[a], #56]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #56]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r7, [%[m], #60]\n\t"
-        "ldr	r10, [%[a], #60]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #60]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r7, [%[m], #64]\n\t"
-        "ldr	r10, [%[a], #64]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #64]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r7, [%[m], #68]\n\t"
-        "ldr	r10, [%[a], #68]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #68]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r7, [%[m], #72]\n\t"
-        "ldr	r10, [%[a], #72]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #72]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r7, [%[m], #76]\n\t"
-        "ldr	r10, [%[a], #76]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #76]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r7, [%[m], #80]\n\t"
-        "ldr	r10, [%[a], #80]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #80]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r7, [%[m], #84]\n\t"
-        "ldr	r10, [%[a], #84]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #84]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r7, [%[m], #88]\n\t"
-        "ldr	r10, [%[a], #88]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #88]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r7, [%[m], #92]\n\t"
-        "ldr	r10, [%[a], #92]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #92]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r7, [%[m], #96]\n\t"
-        "ldr	r10, [%[a], #96]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #96]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r7, [%[m], #100]\n\t"
-        "ldr	r10, [%[a], #100]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #100]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r7, [%[m], #104]\n\t"
-        "ldr	r10, [%[a], #104]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #104]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r7, [%[m], #108]\n\t"
-        "ldr	r10, [%[a], #108]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #108]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r7, [%[m], #112]\n\t"
-        "ldr	r10, [%[a], #112]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #112]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r7, [%[m], #116]\n\t"
-        "ldr	r10, [%[a], #116]\n\t"
-        "mov	r4, #0\n\t"
-        "umlal	r10, r4, r8, r7\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #116]\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r7, [%[m], #120]\n\t"
-        "ldr	r10, [%[a], #120]\n\t"
-        "mov	r5, #0\n\t"
-        "umlal	r10, r5, r8, r7\n\t"
-        "adds	r10, r10, r4\n\t"
-        "str	r10, [%[a], #120]\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r7, [%[m], #124]\n\t"
-        "ldr	r10, [%[a], #124]\n\t"
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-        "adds	r10, r10, r5\n\t"
-        "str	r10, [%[a], #124]\n\t"
-        "ldr	r10, [%[a], #128]\n\t"
-        "adcs	r10, r10, r4\n\t"
-        "str	r10, [%[a], #128]\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* i += 1 */
-        "add	r9, r9, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r9, #0x80\n\t"
-        "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
-        /* Loop Done */
-        "str	r12, [%[a]]\n\t"
-        "str	lr, [%[a], #4]\n\t"
-        "ldr	r6, [%[m], #124]\n\t"
-        "subs	r10, r6, r10\n\t"
-        "neg	r3, r3\n\t"
-        "sbc	r10, r10, r10\n\t"
-        "orr	r3, r3, r10\n\t"
-        "mov	%[mp], r3\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_1024_cond_sub_32(a - 32, a, m, mp);
-}
-
-#else
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER static SP_NOINLINE void sp_1024_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "mov	r12, #0\n\t"
-        "mov	lr, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "\n"
-    "L_sp_1024_mont_reduce_32_word_%=: \n\t"
-        /* mu = a[i] * mp */
-        "mul	r11, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "ldr	r10, [%[m]]\n\t"
-        "mov	r3, #0\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+1] += m[1] * mu */
-        "ldr	r10, [%[m], #4]\n\t"
-        "mov	r4, r5\n\t"
-        "umaal	r4, r3, r11, r10\n\t"
-        /* a[i+2] += m[2] * mu */
-        "ldr	r10, [%[m], #8]\n\t"
-        "mov	r5, r6\n\t"
-        "umaal	r5, r3, r11, r10\n\t"
-        /* a[i+3] += m[3] * mu */
-        "ldr	r10, [%[m], #12]\n\t"
-        "mov	r6, r7\n\t"
-        "umaal	r6, r3, r11, r10\n\t"
-        /* a[i+4] += m[4] * mu */
-        "ldr	r10, [%[m], #16]\n\t"
-        "mov	r7, r8\n\t"
-        "umaal	r7, r3, r11, r10\n\t"
-        /* a[i+5] += m[5] * mu */
-        "ldr	r10, [%[m], #20]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umaal	r8, r3, r11, r10\n\t"
-        /* a[i+6] += m[6] * mu */
-        "ldr	r10, [%[m], #24]\n\t"
-        "ldr	r9, [%[a], #24]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "ldr	r10, [%[m], #28]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "ldr	r10, [%[m], #32]\n\t"
-        "ldr	r9, [%[a], #32]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "ldr	r10, [%[m], #36]\n\t"
-        "ldr	r9, [%[a], #36]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "ldr	r10, [%[m], #40]\n\t"
-        "ldr	r9, [%[a], #40]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "ldr	r10, [%[m], #44]\n\t"
-        "ldr	r9, [%[a], #44]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "ldr	r10, [%[m], #48]\n\t"
-        "ldr	r9, [%[a], #48]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "ldr	r10, [%[m], #52]\n\t"
-        "ldr	r9, [%[a], #52]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "ldr	r10, [%[m], #56]\n\t"
-        "ldr	r9, [%[a], #56]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "ldr	r10, [%[m], #60]\n\t"
-        "ldr	r9, [%[a], #60]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "ldr	r10, [%[m], #64]\n\t"
-        "ldr	r9, [%[a], #64]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "ldr	r10, [%[m], #68]\n\t"
-        "ldr	r9, [%[a], #68]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "ldr	r10, [%[m], #72]\n\t"
-        "ldr	r9, [%[a], #72]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "ldr	r10, [%[m], #76]\n\t"
-        "ldr	r9, [%[a], #76]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "ldr	r10, [%[m], #80]\n\t"
-        "ldr	r9, [%[a], #80]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "ldr	r10, [%[m], #84]\n\t"
-        "ldr	r9, [%[a], #84]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "ldr	r10, [%[m], #88]\n\t"
-        "ldr	r9, [%[a], #88]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "ldr	r10, [%[m], #92]\n\t"
-        "ldr	r9, [%[a], #92]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "ldr	r10, [%[m], #96]\n\t"
-        "ldr	r9, [%[a], #96]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "ldr	r10, [%[m], #100]\n\t"
-        "ldr	r9, [%[a], #100]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "ldr	r10, [%[m], #104]\n\t"
-        "ldr	r9, [%[a], #104]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "ldr	r10, [%[m], #108]\n\t"
-        "ldr	r9, [%[a], #108]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "ldr	r10, [%[m], #112]\n\t"
-        "ldr	r9, [%[a], #112]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "ldr	r10, [%[m], #116]\n\t"
-        "ldr	r9, [%[a], #116]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "ldr	r10, [%[m], #120]\n\t"
-        "ldr	r9, [%[a], #120]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "str	r9, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "ldr	r10, [%[m], #124]\n\t"
-        "ldr	r9, [%[a], #124]\n\t"
-        "umaal	r9, r3, r11, r10\n\t"
-        "ldr	r11, [%[a], #128]\n\t"
-        "mov	r10, #0\n\t"
-        "umaal	r3, r11, r10, r10\n\t"
-        "str	r9, [%[a], #124]\n\t"
-        "adds	r3, r3, lr\n\t"
-        "adc	lr, r11, #0\n\t"
-        "str	r3, [%[a], #128]\n\t"
-        /* i += 1 */
-        "add	r12, r12, #4\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "cmp	r12, #0x80\n\t"
-        "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
-        /* Loop Done */
-        "str	r4, [%[a]]\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "str	r8, [%[a], #16]\n\t"
-        "ldr	r10, [%[m], #124]\n\t"
-        "subs	r3, r10, r3\n\t"
-        "neg	lr, lr\n\t"
-        "sbc	r3, r3, r3\n\t"
-        "orr	lr, lr, r3\n\t"
-        "mov	%[mp], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-#else
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11"
-    );
-    sp_1024_cond_sub_32(a - 32, a, m, mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_32(r, a, b);
-    sp_1024_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_32(r, a);
-    sp_1024_mont_reduce_32(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 32];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 32 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 32);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_32(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_32(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 32);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_32(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_32(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_32(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_1024_norm_32(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_int32 n;
-
-    sp_1024_mont_inv_32(t1, p->z, t + 2*32);
-
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_32(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 32, 0, sizeof(sp_digit) * 32U);
-    sp_1024_mont_reduce_32(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_32(r->x, p1024_mod);
-    sp_1024_cond_sub_32(r->x, r->x, p1024_mod, (sp_digit)~(n >> 31));
-    sp_1024_norm_32(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_32(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 32, 0, sizeof(sp_digit) * 32U);
-    sp_1024_mont_reduce_32(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_32(r->y, p1024_mod);
-    sp_1024_cond_sub_32(r->y, r->y, p1024_mod, (sp_digit)~(n >> 31));
-    sp_1024_norm_32(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldr	r11, [%[m], #124]\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	r11, r11, r7\n\t"
-        "neg	r12, r12\n\t"
-        "sbc	r11, r11, r11\n\t"
-        "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r12, r11\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "subs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbc	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_dbl_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_dbl_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldr	r4, [%[m], #124]\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	r4, r4, r11\n\t"
-        "neg	r12, r12\n\t"
-        "sbc	r4, r4, r4\n\t"
-        "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r12, r4\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "subs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbc	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7",
-            "r12"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_tpl_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_tpl_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adcs	r11, r11, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ldr	r4, [%[m], #124]\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	r4, r4, r11\n\t"
-        "neg	r12, r12\n\t"
-        "sbc	r4, r4, r4\n\t"
-        "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r12, r4\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "subs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbc	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "sub	%[r], %[r], #0x80\n\t"
-        "sub	%[m], %[m], #0x80\n\t"
-        "sub	%[a], %[a], #0x80\n\t"
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r8, r9, r10, r11}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-        "adc	r12, r12, #0\n\t"
-        "subs	r7, r7, r11\n\t"
-        "neg	r12, r12\n\t"
-        "sbc	r7, r7, r7\n\t"
-        "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r12, r7\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "subs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbc	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7",
-            "r12"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mont_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "subs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[b]!, {r8, r9, r10, r11}\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "sbcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "sbc	r12, r12, r12\n\t"
-        "sub	%[r], %[r], #0x80\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adcs	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
-        "and	r8, r8, r12\n\t"
-        "and	r9, r9, r12\n\t"
-        "and	r10, r10, r12\n\t"
-        "and	r11, r11, r12\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adcs	r5, r5, r9\n\t"
-        "adcs	r6, r6, r10\n\t"
-        "adc	r7, r7, r11\n\t"
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	lr, #0\n\t"
-        "mov	r6, #0\n\t"
-        "mov	r12, #0\n\t"
-        "\n"
-    "L_sp_1024_cond_add_32_words_%=: \n\t"
-        "adds	lr, lr, #-1\n\t"
-        "ldr	r4, [%[a], r12]\n\t"
-        "ldr	r5, [%[b], r12]\n\t"
-        "and	r5, r5, %[m]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "adc	lr, r6, r6\n\t"
-        "str	r4, [%[r], r12]\n\t"
-        "add	r12, r12, #4\n\t"
-        "cmp	r12, #0x80\n\t"
-        "blt	L_sp_1024_cond_add_32_words_%=\n\t"
-        "mov	%[r], lr\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
-    register sp_digit m asm ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "mov	r8, #0\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "and	r7, r7, %[m]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "adc	%[r], r8, r8\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r,
-    const sp_digit* a)
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "ldm	%[a], {r2, r3}\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #68]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #72]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #76]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "str	r2, [%[r], #72]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #84]\n\t"
-        "str	r3, [%[r], #76]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #88]\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #92]\n\t"
-        "str	r2, [%[r], #84]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #96]\n\t"
-        "str	r3, [%[r], #88]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #100]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "str	r2, [%[r], #96]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #108]\n\t"
-        "str	r3, [%[r], #100]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #112]\n\t"
-        "str	r4, [%[r], #104]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #116]\n\t"
-        "str	r2, [%[r], #108]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #120]\n\t"
-        "str	r3, [%[r], #112]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #124]\n\t"
-        "str	r4, [%[r], #116]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "str	r2, [%[r], #120]\n\t"
-        "str	r3, [%[r], #124]\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-#else
-        :
-        : [r] "r" (r), [a] "r" (a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-        : "memory", "cc", "r2", "r3", "r4"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_1024_cond_add_32(r, a, m, 0 - (a[0] & 1));
-    sp_1024_rshift1_32(r, r);
-    r[31] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_32(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_32(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_32(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_32(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_32(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_32(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_32(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_32(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_32(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_32(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_32(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_32(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_32(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_32(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_32_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_32_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_32_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*32;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_32(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_32(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_32(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_32(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_32(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_32(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_32(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_32(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_32(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_32(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_32(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_32(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_32(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16]) | (a[17] ^ b[17]) |
-            (a[18] ^ b[18]) | (a[19] ^ b[19]) | (a[20] ^ b[20]) |
-            (a[21] ^ b[21]) | (a[22] ^ b[22]) | (a[23] ^ b[23]) |
-            (a[24] ^ b[24]) | (a[25] ^ b[25]) | (a[26] ^ b[26]) |
-            (a[27] ^ b[27]) | (a[28] ^ b[28]) | (a[29] ^ b[29]) |
-            (a[30] ^ b[30]) | (a[31] ^ b[31])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_32(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16] | a[17] | a[18] | a[19] | a[20] | a[21] | a[22] | a[23] |
-            a[24] | a[25] | a[26] | a[27] | a[28] | a[29] | a[30] | a[31]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_32(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*32;
-    sp_digit* t2 = t + 4*32;
-    sp_digit* t3 = t + 6*32;
-    sp_digit* t4 = t + 8*32;
-    sp_digit* t5 = t + 10*32;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_32(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_32(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_32(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_32(t2, t1) &
-            sp_1024_cmp_equal_32(t4, t3)) {
-        sp_1024_proj_point_dbl_32(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_32(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_32(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_32(t3, y, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_32(y, y, x, p1024_mod);
-        sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_32_ctx {
-    int state;
-    sp_1024_proj_point_dbl_32_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_32_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_32_ctx* ctx = (sp_1024_proj_point_add_32_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_32_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*32;
-        ctx->t2 = t + 4*32;
-        ctx->t3 = t + 6*32;
-        ctx->t4 = t + 8*32;
-        ctx->t5 = t + 10*32;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_32(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_32(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_32(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_32(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_32(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_32(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_32(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_32(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_32(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_32(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_32(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_32(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_32(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_32(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_32(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_32(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_32(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_32(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_32(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_32(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_32(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_32(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 1024 doubles.
- * 268 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 37);
-    sp_point_1024* rt = NULL;
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_1024_mod_mul_norm_32(t[1].x, g->x, p1024_mod);
-        (void)sp_1024_mod_mul_norm_32(t[1].y, g->y, p1024_mod);
-        (void)sp_1024_mod_mul_norm_32(t[1].z, g->z, p1024_mod);
-        t[1].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_1024_proj_point_add_32(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_1024_proj_point_add_32(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_1024_proj_point_add_32(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 30;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-        XMEMCPY(rt, &t[y], sizeof(sp_point_1024));
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_add_32(rt, rt, &t[y], tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 32 * 37, heap,
-        DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_1024, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*32;
-    sp_digit* b = t + 4*32;
-    sp_digit* t1 = t + 6*32;
-    sp_digit* t2 = t + 8*32;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_32(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_32(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_32(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_32(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_32(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_32(t2, b, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_32(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_32(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_32(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_32(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_32(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_32(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_32(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_32(t2, b, p1024_mod);
-    sp_1024_mont_sub_32(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_32(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_32(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_32(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_32(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_32(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_32(y, y, p1024_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_32(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-    sp_digit* tmp = t + 4 * 32;
-
-    sp_1024_mont_inv_32(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_32(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[32];
-    sp_digit y[32];
-} sp_table_entry_1024;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*32;
-    sp_digit* t6 = t + 4*32;
-    sp_digit* t1 = t + 6*32;
-    sp_digit* t4 = t + 8*32;
-    sp_digit* t5 = t + 10*32;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_32(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_32(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_32(p->x, t2) &
-            sp_1024_cmp_equal_32(p->y, t4)) {
-        sp_1024_proj_point_dbl_32(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_32(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_32(t5, t3, p1024_mod);
-        sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 256 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_32(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_32(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_32(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_1024_proj_point_dbl_n_32(t, 256, tmp);
-            sp_1024_proj_to_affine_32(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_32(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_32(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^256, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 32 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 255;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 256;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=254; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 256;
-            }
-
-            sp_1024_proj_point_dbl_32(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_32(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[32];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[32];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_32(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_32(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_32(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_32(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_32(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_32(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_32(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_32(t, 128, tmp);
-            sp_1024_proj_to_affine_32(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_32(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_32(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 32 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_32(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_32(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[32];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[32];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_32(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_32(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_32(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_32(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(point, gm);
-
-            err = sp_1024_ecc_mulmod_32(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 256 between points.
- */
-static const sp_table_entry_1024 p1024_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xe0162bc2,0xbf9c7ec6,0x10a89289,0xddecc6e3,0x9e499d81,0x5d599df0,
-        0x6d358218,0x9a96ea28,0x70c5f8db,0x01aec7d3,0x8cf5d066,0xe72e4995,
-        0x3e91d7f8,0xc2e7297d,0xda9f2f5a,0x8621db92,0x5a5679ed,0x4b26c867,
-        0x2c56aac1,0x233385df,0xc6a13f99,0xb88e74d4,0xffa8ec11,0x1214b173,
-        0x1f3f9fef,0xa0386a27,0xc0e7b44e,0xbd9b1b4e,0xeecd3496,0xafe528dc,
-        0x1c49f80b,0x8dfff96a },
-      { 0xc03c0c83,0xb4a4753a,0xabcdcd75,0x68e69d18,0xf775b649,0xe3839b88,
-        0xbf58f352,0x803f949a,0xbd0bc15c,0x5f702679,0x8ff298c2,0x85bf5d16,
-        0xc6c7976e,0x3f6ebd98,0x45e3e1b4,0x20618af4,0x54e64093,0x67d5598e,
-        0x504fed9e,0xb047283b,0x70d87517,0x450cabfd,0x3f5addbe,0x47d628bf,
-        0x78cb4cca,0x0037ef30,0x6b1c4908,0x4e148d3c,0x4fcfd837,0xe256d329,
-        0xde3c01f3,0x2aa1207b } },
-    /* 2 */
-    { { 0x755c2a27,0xcf3e0bb2,0x59585c44,0xd38e42f9,0x19285e60,0x46b13e0f,
-        0x76273d0f,0xc3ecd0c0,0x193c569a,0x7800f085,0x4351818a,0xf04e74ab,
-        0x8496363b,0x9258aa38,0xb8c894fe,0x8456617c,0x2af969a0,0x8bc62aaa,
-        0x5a4668d9,0x66c2280b,0xa992f4fa,0xbc9df58e,0x3f401e99,0x5db0b7d9,
-        0xc4c38c0e,0xe0614fe1,0x2ccdf6b3,0xd531151c,0xe143b618,0x1c7575ec,
-        0xdf9398a4,0x40247985 },
-      { 0x8f055746,0xfba25178,0x0ab1e6e0,0xc5ba0040,0xac292697,0xe1b194fb,
-        0x5b4f4740,0x77152119,0x9bb7ba54,0x250091d0,0xb9a139a4,0x7a674861,
-        0xf353aa7e,0xba8413b3,0x2443ceee,0xafe77192,0x3847bbd0,0x14468d36,
-        0x3da4942d,0x61f79ff6,0xd425b456,0x1563a1c1,0x75ff4630,0x3c270fcd,
-        0xeb2802c9,0x42072090,0xc85c7004,0x68f0cdcb,0xfa032e74,0xca4372fb,
-        0xc8b79d80,0x1a6fd1e6 } },
-    /* 3 */
-    { { 0x8d5116a3,0x967a901a,0xb2f5f47f,0x0b844394,0x60ebaf3b,0xe39ad452,
-        0x60ccfc0c,0x1e1be617,0xcc3f53f2,0xac07e3d2,0x1ed11bb6,0xdd838e0e,
-        0x1c15b0c2,0x45475307,0x920fe5b8,0x70dd4748,0xe471896d,0x1a20be2d,
-        0x59276c7c,0x3c3fad8a,0xc886ee07,0x026a1cc3,0x6e831ac4,0x9fdb6f37,
-        0xac501d65,0x26a35d1a,0x40da8574,0x0ae98905,0xabd734e5,0x65dde0a4,
-        0x15614750,0x29b7d4dc },
-      { 0xcbf4e20b,0x44b3c2cb,0x58cc44c5,0x1c3f548f,0x5b0cac1f,0x39809b54,
-        0x00f80621,0x0c0f02b5,0x066905e0,0xe612b890,0x8350188c,0x8f158ed7,
-        0x3f5576b2,0xc01dc458,0xa45492e0,0x29803272,0x0ff92443,0x77a5623a,
-        0x29d0dc41,0xd12a2b00,0x2780e87a,0xb4125459,0x0d53f272,0x1ebcf903,
-        0x24301e8d,0xbae6ea40,0xa37d0798,0x1e5f3f2f,0x22b4126c,0x9342c310,
-        0x5382497e,0x5d092802 } },
-    /* 4 */
-    { { 0x4b59213a,0xf5b495d0,0x8d70200e,0xca672039,0x2b6771c1,0x4bcb09a6,
-        0x2b9eb0cb,0x26adeed4,0x8cdba212,0xeb544754,0xf08890d1,0x0e1abfcd,
-        0x698e46b4,0x52509963,0x82e9c138,0xe1bff0b0,0x51099a71,0xa189e4cd,
-        0xc9b91cc7,0x2360c9bc,0x137ec4be,0x9bd4d7dc,0xd1519f6e,0xd0356521,
-        0xcf832503,0xbf5f6d78,0x8deea2b4,0xe4301031,0xef4c319c,0xc3132494,
-        0x0f1fa7d7,0x2ab3bd47 },
-      { 0x922c9fbb,0x5753b680,0x0f16c6d1,0x869e7dc8,0xbac16efc,0x83445135,
-        0x846d1d9b,0x4326a3b4,0xb2d62c21,0xb517fee3,0x0b292ad5,0x6905afa2,
-        0x2cadac13,0x2a57131a,0xebdbca8d,0xcd904d8f,0x3f365fb2,0xdfeda86f,
-        0xdc7eaa1c,0x7097b208,0xa45e77c0,0x89a35a84,0xcf5d118e,0x417a062c,
-        0x1f6e99e8,0x3c0c04a8,0xba7a087d,0xc44704b0,0x3ea22ad2,0x6f8a27d1,
-        0x4c27d229,0x93a4b416 } },
-    /* 5 */
-    { { 0x1f1efb7a,0xd4271bc1,0x33fccc0d,0xae4e68e6,0xb11f50a8,0x9d9bc8f1,
-        0xaf076089,0x5430398f,0x443d0e03,0x45e242fb,0xf6e3d4c1,0x73ec2519,
-        0xba9bad09,0xab70f790,0xf9add10f,0xde612ad5,0x14e942b4,0xb837e54e,
-        0xddb8b68a,0x175a56d3,0x1ac2a408,0xe85b233c,0xf0c80f94,0xf8ff6c30,
-        0x898db4f9,0x4b7f3fb7,0x45a7dcdd,0xa2c6044f,0xfe3d3895,0xf3abb2f6,
-        0x32ee7763,0x342ce0d7 },
-      { 0xcf491b1f,0xeb261394,0x1909e395,0xdcaaeed7,0x9fe4dbea,0xdcc4055a,
-        0x493d604d,0x17a6611d,0x1ce5ebef,0xba445a3a,0xe3989cb5,0xe82e2858,
-        0x83f58406,0xb96f4282,0xa156cf55,0x99877b99,0x4e166a0e,0xaf906a66,
-        0xb2976d13,0xcea1d353,0x36c61a01,0xefc16f27,0xb0f55d86,0xdb04c433,
-        0x8eb34c01,0x3cb4b269,0x2ae60280,0x38d07f78,0x43be3ec5,0x43ac3bcb,
-        0xe156fd20,0x455f4af3 } },
-    /* 6 */
-    { { 0x95532833,0x2e6fe0a6,0xd626d067,0xabca228e,0x649e73bd,0x22aef3d9,
-        0xf03c4c0c,0x2083a87a,0x35169b45,0xe954e75d,0x74506a89,0x577509ee,
-        0x2aeacf90,0x49cb276e,0xfa409f91,0x08275d77,0xf0bbd6b9,0x61eb6f3d,
-        0xe4132704,0x948202cb,0xb1c498b1,0x35f3fc21,0x361fee59,0x76c68ba8,
-        0x50e051f3,0xa18cbbd9,0x318e7042,0x2384a879,0x80dd1e8b,0x292abead,
-        0x5c37c334,0x65713c29 },
-      { 0xceb77b9a,0xdccca8e9,0x23b69469,0x2f97e727,0xa01d6b28,0xc76abee6,
-        0x5abecdfe,0x3925203d,0x29290d70,0x89448082,0xb0314438,0xf9931424,
-        0x7cd447c3,0x04209df1,0xc855c827,0x7c6f2059,0x56c0e069,0xd97d7862,
-        0x412d94c4,0x5a9db6fe,0x994c41dd,0x19a64591,0xc89e21a3,0x12348aa1,
-        0xc6a03f0e,0xd6904b50,0xa616feac,0x55c15156,0x7cc7693b,0x4e36d1b5,
-        0x3bae3c38,0x6b0e996c } },
-    /* 7 */
-    { { 0xcceced00,0x32789fab,0xe5b7aa66,0x3237e71a,0x2ddebcdf,0x87b2e269,
-        0xb61dad8f,0xb7245120,0xd35f803c,0xe11e5e48,0x98e50f0d,0xfb4df5d7,
-        0xbcd2ab92,0x60ee68b4,0x1ce3363d,0x98ab2f5c,0x7cd42647,0x15ba39da,
-        0x83f4fb3f,0x1a6572eb,0xe56f08db,0x0f77de88,0x172562c2,0x1743761e,
-        0x8a58f0f4,0xbe349ff8,0x84d1d6e2,0xe04da71b,0x9e9ff3b4,0x368f0342,
-        0x678223f8,0x4022a205 },
-      { 0x83847375,0x527bbd05,0x3f451af0,0x3ae56b62,0x4b2c7f18,0x6198f24d,
-        0x4525b98d,0xee323f5b,0x0e0884b5,0xa9d8d39a,0xfb12c776,0xd005d7f6,
-        0x708bc154,0xd71c483e,0x742541bc,0x8ca6fd28,0xf8397ddb,0x0af3dccd,
-        0x3eccf243,0xb80d3125,0x58d81b8d,0xc743a108,0x71391f68,0x3f48eb21,
-        0x33bb657f,0x493aff88,0x07e47e31,0x1d15ed66,0xe08279f6,0x10159b11,
-        0x24a6a956,0x312179cb } },
-    /* 8 */
-    { { 0xfb99cfe6,0x950323d3,0xc9334178,0x7b09bc26,0x7cbdfb6f,0x64111e41,
-        0x89a75760,0x91141744,0x10919cb0,0x4c633df9,0x396bfd2f,0x715fc7c7,
-        0x8cab62db,0x8ca19512,0x4db81aac,0x30672473,0xb4c4c54a,0xe67a246b,
-        0xbf229646,0xd77ea0fa,0xfa5b5d70,0x5bed15f1,0xc2f192f3,0xa5686da5,
-        0x7f6690ad,0xdecac72a,0xcaa50b7d,0x0c4af2a2,0x6049ad2f,0xf44631c1,
-        0x04ecf056,0x325d2796 },
-      { 0x4848c144,0xee11fb55,0xb6a7af32,0x4e062925,0x369e0f9a,0x125b68e1,
-        0xca53b21e,0xad9bdae6,0x2e98ea1b,0xf50d605c,0x9f2fa395,0xbdb9e153,
-        0xe91532f5,0x4570e32d,0x46a250d7,0x810698ae,0xad9d9145,0x7fd9546c,
-        0x11e97a5e,0xabf67721,0x249f82e9,0xca29f7d5,0x9851df63,0xa9c539a9,
-        0x71d0e3e5,0xfd84d54b,0x041d2b56,0xd1e0459c,0xfd80096a,0xceb3eb6e,
-        0xe32a79d3,0x19d48546 } },
-    /* 9 */
-    { { 0xb540f5e5,0xfe19ee8f,0x04e68d17,0x86d2a52f,0xadbdc871,0xd2320db0,
-        0xd03a7fc8,0xa83ad5a8,0x08bcb916,0x54bf83c7,0x2e51e840,0x092133ea,
-        0xcb52dddf,0xbce38424,0x31063583,0xd5c7be40,0x458e3176,0xc1ebb9df,
-        0xbc4dabbf,0xafb19639,0xc05725a8,0x36350fe4,0x84e1cd24,0xac4a0634,
-        0xc145b8de,0xadf73154,0xb3483237,0x0aa6dd9e,0xcbff2720,0xa3345c3d,
-        0xb4e453b0,0x1b3ace6c },
-      { 0x90a8bdc5,0x0343e5e9,0x6306a089,0xa203bf9d,0x8e48520e,0x98489a35,
-        0xde7d1d06,0xbd17debe,0x5f795d3f,0x8fafa6d7,0x387b0a3f,0xa4ceb630,
-        0xffddeafa,0xe0166b32,0x7e764e02,0xa2fe2054,0xe871f304,0x55ab9824,
-        0x952ec45e,0xa2bd36bb,0xa90d20ca,0x7b4c1484,0x75bcfb53,0x5319f387,
-        0x6982c4e5,0x34238a4a,0xa102921d,0xa2bb61c7,0xdb3ab17e,0x1e061b64,
-        0x192f0a14,0x538ec33e } },
-    /* 10 */
-    { { 0x576374c2,0xe53c7785,0x84727040,0xe60526d1,0x228ca044,0x8a066dc8,
-        0xf1ce1313,0x1fe1c1b2,0xcdeb0c5d,0x2aeec832,0x9cbf826f,0xa7596699,
-        0xde77a589,0xcd188e81,0x118d1254,0xe5ce0fe0,0x0790b86a,0xa142a984,
-        0x39ac28ce,0xe28f043f,0x87de5804,0x4eef8290,0xf639a8c5,0x83c31b32,
-        0x5887794f,0xd70454a7,0x18b1b391,0xca635d50,0x31d9c795,0xcefea076,
-        0xb6f8aa25,0x13cbee76 },
-      { 0x8d3f34f3,0x79cabe0f,0xa3617fe3,0xbda9c31c,0xdd9426a1,0xb26dee23,
-        0xf29c9104,0xe9dd9627,0xe2c6cd3b,0x033eb169,0xfcba2196,0x8a73f492,
-        0xb858c83c,0x92e37e0b,0x23b3fbb7,0xe4f2aca6,0x64be00a2,0x8101fb1e,
-        0x948f6448,0x91a7826a,0x907260e7,0x414067b4,0xe30bb835,0xf774aa50,
-        0xc999c06e,0xf922ca80,0x0ba08511,0x6b8635b9,0x25fa04f0,0xbf936b5c,
-        0xe02e8967,0x4e0a1ada } },
-    /* 11 */
-    { { 0x8ba29c4d,0x00ca6670,0x22988094,0xc08240ce,0x16dda752,0x21c5ca67,
-        0xabbbfa34,0x689c0e45,0x3ed28b72,0x1d7545fd,0xd7c56ab4,0x5f221198,
-        0x38759d65,0x4b3d8f74,0x8fe50b89,0x93490dfb,0xe80eba16,0xb641f5d7,
-        0x79acb537,0x7b0da5eb,0x0c1d5e5e,0xab6b1497,0xa5da429a,0x2338e68d,
-        0x2f6d2f25,0xe010c437,0x6530f3a7,0x226f16d2,0xcbef08bc,0xefb0f7b6,
-        0x9f99c999,0x733e30d9 },
-      { 0xa42a38f9,0xecfe1582,0x4730b500,0xaec2d58e,0xde976b2c,0x2ee2f2a7,
-        0xa969c1bb,0xf0539db5,0xfcecdb4a,0x31954168,0xe7a8e902,0xf2f7348a,
-        0x3121541f,0x1d58d7cc,0x2202ae52,0x5d25b75c,0xf40835a7,0xdea9965a,
-        0x529b4e46,0x3feb6a41,0xbd27ad9b,0x5c97fb6f,0x261f900b,0xd87554c0,
-        0x04d5b19e,0xb43031d9,0xcb219b9c,0x33d5e9b8,0x3ee00bcf,0x7a43d492,
-        0xb79a5c0c,0x56facb39 } },
-    /* 12 */
-    { { 0x7c834915,0x667eaed6,0xbc5eb64d,0x9f77aa6a,0x25d62011,0x729ebcb6,
-        0x699fd9c2,0x0aee24f2,0x2b8d4f6c,0xe1eb5874,0x14c976d6,0x7f12710c,
-        0xf6d9ea65,0x91390335,0x06b50064,0x668b7049,0x0876ee4f,0x65969a0e,
-        0x2f9d9360,0xf901bf3f,0xb499e3ce,0xfb1a8651,0xf2dbcaaa,0x80b953fb,
-        0x973b06b6,0x312cc566,0x3af36c64,0x3534d9c3,0x10ffd815,0xe4463a52,
-        0xf18c2b91,0x57ea2b4b },
-      { 0x8aa0f2f2,0x00f5e162,0x0e46bcaa,0x8c7e75c5,0xa4a2c42d,0x97ab479a,
-        0x14baa202,0xb4f308ea,0x6943cc2e,0xa901bd14,0xeed58804,0xbb125fee,
-        0x9d180f7c,0x6502c8f9,0x1580c61c,0xe5353919,0x27101ee3,0x7e278069,
-        0xfaa72717,0x7a0a40a1,0x4c75b153,0x32edce02,0x538f1c22,0xda23660b,
-        0xbe307d2e,0x4d511e98,0x9baee0b4,0x24276e40,0x7ff1f307,0xa78c3927,
-        0xea7935c9,0x60480b46 } },
-    /* 13 */
-    { { 0x3872ece3,0x31087d66,0x955b70f8,0x5f29be7d,0x9cf95bb8,0xb50b4fc7,
-        0xdbffa621,0xbae3b58d,0xe022ba5d,0x0e61d280,0x4181449c,0x78ae5117,
-        0xcf555485,0x0b132840,0xb8ce0b0e,0x800ed1b6,0x78d5de3d,0x35dffdd5,
-        0x69a56b47,0xf7e42374,0x8d910ae7,0xd5e32369,0x6313c7c7,0xb6ff52a0,
-        0xa92de9e5,0x5a2fe20d,0xd12110bb,0x41b347d3,0x40c16f23,0xc5905edb,
-        0x9a8f88cc,0x0774a0d3 },
-      { 0xe3b6c106,0x3ae181ab,0x8de150b7,0x4ebe163f,0x6f354836,0xcf75b82f,
-        0x3ac7ac16,0xaa0d2063,0x291722af,0x5c680668,0x11545553,0x73941e61,
-        0xbf5de3f7,0x17127e38,0x1afb41da,0x32cfdf03,0x87bc8663,0xc6893c91,
-        0xa62c9c99,0x75046744,0x962c1947,0x96866e2d,0x378cdf4c,0x489ec8df,
-        0x3407fa32,0x3a60709b,0x551290d1,0xd37d2159,0xbab92273,0x9623d303,
-        0x2432014b,0x08151954 } },
-    /* 14 */
-    { { 0xb05f2b26,0x569044f3,0x80b9f76c,0xb35a294a,0x4290f6ae,0x8839fe28,
-        0x026a5877,0x761cfb23,0x2e5ff9c3,0x768926b6,0x0b11c576,0xbae6cd20,
-        0x72a03efe,0xdc857756,0xe1bad63a,0x0cae074a,0xd709d99c,0x3fe491a1,
-        0x6501d9c1,0x76c5ded6,0xc32aeff7,0x1da6eca1,0xc57683e8,0x50849d55,
-        0xdf98d847,0x9e392e9c,0x64d9a564,0xfad7982f,0xa37b98b2,0xf7c3bdb7,
-        0xf0860497,0x1fe09f94 },
-      { 0x7648cc63,0x49a7eaae,0x67cfa714,0x13ea2511,0x653f4559,0xfc8b923c,
-        0x81a16e86,0xd957619b,0x3c864674,0x0c7e804b,0x1616599a,0xfc88134a,
-        0x0a652328,0x366ea969,0x4bc9029e,0x41532960,0xae2aad2b,0xef9e1994,
-        0x7f10bef5,0x9e2a8c52,0xc67bf860,0x73dcb586,0x844cc25d,0xf61a43fa,
-        0x74eb3653,0xd74e7eea,0xdd240f02,0xf3356706,0xfd83bcb4,0xeec7694c,
-        0xdb62526a,0x4de95786 } },
-    /* 15 */
-    { { 0x3deac2f7,0x4867d315,0xb61d9a8e,0xa084778a,0x0ab7b2d5,0xf3b76f96,
-        0xcfdf4f79,0x00b30056,0x31ab8f4b,0xd0701e15,0x9c779d01,0x07f948d5,
-        0x82675371,0x7c994ebc,0x48bad4c0,0x1104d4ee,0xbfc9d058,0x798ce0b5,
-        0x309fa80b,0xc7ca898d,0xacb33eaf,0x0244f225,0x5b2f3175,0xd51e8dfc,
-        0xa4d7be34,0x3e49ba6b,0xbda02b43,0x1760f4c7,0x4435275a,0x37e36a7e,
-        0xe636980c,0x1c94418b },
-      { 0x09dc1414,0x43a21313,0x43c93537,0x060765fc,0xdf5f79ce,0x6ff3207a,
-        0x85d4cfca,0x6f18b1fa,0x63e995ab,0xf5c4272e,0xa82b3002,0x121a09e4,
-        0x97147f16,0x82b65d1b,0x20a7fe26,0x4993c20c,0xe6716726,0x99c9cb98,
-        0xfeb440a0,0x5a02d673,0x251b4bc5,0x3f3fa9e1,0xa05338ea,0x75dbc474,
-        0x7b09f6cb,0x3cb4044b,0x80434609,0x6767da18,0x098ceac2,0x97851422,
-        0xb55235ba,0x611bfbb2 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^256, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_32(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xe0162bc2,0xbf9c7ec6,0x10a89289,0xddecc6e3,0x9e499d81,0x5d599df0,
-        0x6d358218,0x9a96ea28,0x70c5f8db,0x01aec7d3,0x8cf5d066,0xe72e4995,
-        0x3e91d7f8,0xc2e7297d,0xda9f2f5a,0x8621db92,0x5a5679ed,0x4b26c867,
-        0x2c56aac1,0x233385df,0xc6a13f99,0xb88e74d4,0xffa8ec11,0x1214b173,
-        0x1f3f9fef,0xa0386a27,0xc0e7b44e,0xbd9b1b4e,0xeecd3496,0xafe528dc,
-        0x1c49f80b,0x8dfff96a },
-      { 0xc03c0c83,0xb4a4753a,0xabcdcd75,0x68e69d18,0xf775b649,0xe3839b88,
-        0xbf58f352,0x803f949a,0xbd0bc15c,0x5f702679,0x8ff298c2,0x85bf5d16,
-        0xc6c7976e,0x3f6ebd98,0x45e3e1b4,0x20618af4,0x54e64093,0x67d5598e,
-        0x504fed9e,0xb047283b,0x70d87517,0x450cabfd,0x3f5addbe,0x47d628bf,
-        0x78cb4cca,0x0037ef30,0x6b1c4908,0x4e148d3c,0x4fcfd837,0xe256d329,
-        0xde3c01f3,0x2aa1207b } },
-    /* 2 */
-    { { 0x01900955,0xa95b6dae,0xceb4656d,0xa5dc9cc1,0xe72fe95b,0x50c78907,
-        0xa040c334,0xa1ae5447,0x7952ea6e,0x91191370,0x6d097305,0x54ff7343,
-        0xbda4d10f,0xa4db0074,0x91644070,0xfd5306f1,0x8b24522c,0x14b9fe73,
-        0x7849f762,0x1468dad6,0xb0dcd2e4,0x87b29a18,0x5e1ad492,0xadd7f1a1,
-        0xdbba2a1a,0x9ac63a81,0x81223379,0x01379c5b,0xb0e53bc8,0xf402b2f0,
-        0x0bf13b61,0x8c3eb27f },
-      { 0xe513696f,0x9a4ad3e1,0x18c81ffa,0x0350ba5c,0x3c033d13,0x1e2fc136,
-        0x17a531bc,0x53da6e71,0x1aed610d,0x42ec6490,0xe99ff567,0xd33e8df7,
-        0x3deed12a,0xe4aad73e,0x180f4deb,0xd983b465,0x502f30b4,0x99365269,
-        0xa8918d7f,0x7e2799ab,0x700fc79a,0x0ffe84b6,0x40bfd8c2,0x7b4400d6,
-        0x5d2641bd,0xc3a21d21,0xc32621cb,0x79839442,0xb1401e83,0xace6500b,
-        0x251c4310,0x7bf4163e } },
-    /* 3 */
-    { { 0xe3fd589e,0x1c174f88,0xdf974a03,0xdb501790,0x3e70549f,0xd09623e3,
-        0x15924f34,0x8d091eff,0xf9b65ac5,0xeef79cad,0x3f69c2cf,0xd2cc4262,
-        0x52cd82bc,0x817d9032,0xa5f1dddd,0xacf4f4d9,0x5011b6bd,0xd0612635,
-        0x2ed140c9,0x9f74490d,0x4db686d2,0x64092e8c,0x776b0fcc,0x225eef16,
-        0xdf16aeb6,0x0e8c01e9,0x84bbd82a,0x62836741,0x8956e337,0x757574e2,
-        0x705a7f07,0x9871edc6 },
-      { 0x776535f7,0xbd0b76d5,0x2635b3b8,0x5214d602,0x9d216f64,0xc0c25ad9,
-        0x5515bf75,0xfd4df3a7,0x5e9f1675,0x24a625bc,0x406873e7,0x3c35efb7,
-        0xbb2e5c4a,0xef5c9a33,0x806b198a,0xa971b35e,0xa3c690ed,0x9f5c0ca5,
-        0x8e1e2341,0xa8d5dd89,0x955ad9e4,0x4cecbcce,0x248d3416,0x2ecf4407,
-        0x45c0af6e,0x1abb3811,0x1c780fff,0x3f4bee82,0xc272ed57,0xd14df768,
-        0x371637ad,0x397ed10a } },
-    /* 4 */
-    { { 0x755c2a27,0xcf3e0bb2,0x59585c44,0xd38e42f9,0x19285e60,0x46b13e0f,
-        0x76273d0f,0xc3ecd0c0,0x193c569a,0x7800f085,0x4351818a,0xf04e74ab,
-        0x8496363b,0x9258aa38,0xb8c894fe,0x8456617c,0x2af969a0,0x8bc62aaa,
-        0x5a4668d9,0x66c2280b,0xa992f4fa,0xbc9df58e,0x3f401e99,0x5db0b7d9,
-        0xc4c38c0e,0xe0614fe1,0x2ccdf6b3,0xd531151c,0xe143b618,0x1c7575ec,
-        0xdf9398a4,0x40247985 },
-      { 0x8f055746,0xfba25178,0x0ab1e6e0,0xc5ba0040,0xac292697,0xe1b194fb,
-        0x5b4f4740,0x77152119,0x9bb7ba54,0x250091d0,0xb9a139a4,0x7a674861,
-        0xf353aa7e,0xba8413b3,0x2443ceee,0xafe77192,0x3847bbd0,0x14468d36,
-        0x3da4942d,0x61f79ff6,0xd425b456,0x1563a1c1,0x75ff4630,0x3c270fcd,
-        0xeb2802c9,0x42072090,0xc85c7004,0x68f0cdcb,0xfa032e74,0xca4372fb,
-        0xc8b79d80,0x1a6fd1e6 } },
-    /* 5 */
-    { { 0x8d5116a3,0x967a901a,0xb2f5f47f,0x0b844394,0x60ebaf3b,0xe39ad452,
-        0x60ccfc0c,0x1e1be617,0xcc3f53f2,0xac07e3d2,0x1ed11bb6,0xdd838e0e,
-        0x1c15b0c2,0x45475307,0x920fe5b8,0x70dd4748,0xe471896d,0x1a20be2d,
-        0x59276c7c,0x3c3fad8a,0xc886ee07,0x026a1cc3,0x6e831ac4,0x9fdb6f37,
-        0xac501d65,0x26a35d1a,0x40da8574,0x0ae98905,0xabd734e5,0x65dde0a4,
-        0x15614750,0x29b7d4dc },
-      { 0xcbf4e20b,0x44b3c2cb,0x58cc44c5,0x1c3f548f,0x5b0cac1f,0x39809b54,
-        0x00f80621,0x0c0f02b5,0x066905e0,0xe612b890,0x8350188c,0x8f158ed7,
-        0x3f5576b2,0xc01dc458,0xa45492e0,0x29803272,0x0ff92443,0x77a5623a,
-        0x29d0dc41,0xd12a2b00,0x2780e87a,0xb4125459,0x0d53f272,0x1ebcf903,
-        0x24301e8d,0xbae6ea40,0xa37d0798,0x1e5f3f2f,0x22b4126c,0x9342c310,
-        0x5382497e,0x5d092802 } },
-    /* 6 */
-    { { 0xff2f780d,0x583a2b7e,0xd7d76b1d,0x34d26820,0x86f74aec,0xe3c32847,
-        0x10823feb,0x0fd42212,0xfb5e7bf4,0x227e417e,0xa568f8cd,0x510d49b6,
-        0x1781bbec,0x53bce7d6,0x2f3718b7,0x9cfe3f22,0xd9de6c1f,0x7f44e89f,
-        0x3fac9b55,0xf1cc553f,0xe6f300bc,0x9d2d0846,0x9f0ae6b1,0x976c82a2,
-        0x24b8bbe0,0xe63dbf5e,0x973a5aa7,0x4cac7f45,0x84dd33c7,0xc6eb6237,
-        0x142fee5d,0x0a26e434 },
-      { 0xacaa9a08,0x8081339f,0x5246ece1,0x40f31105,0x61393747,0x892c8170,
-        0x242f02e1,0x8d8d4103,0x3b5de98a,0x482bfd20,0x5abbe952,0x89ef946b,
-        0x37698249,0xb8d218b9,0x66617c7a,0xd5268e89,0x8b7d2b91,0x962e7551,
-        0xfe8d67c3,0x2c5c7973,0x2b017c51,0x42e3150a,0xc1a29469,0x6f4e5ebc,
-        0x531c7083,0xa39910ce,0xb77b9e50,0xaf4f6eb4,0xda120ad0,0x68cbb175,
-        0xb92636ec,0x19497c61 } },
-    /* 7 */
-    { { 0x417659a8,0x6920b0c6,0x92cb28ff,0xc77ab9c7,0xb687797f,0x55b67180,
-        0xe7759363,0x4caf58c1,0x5561b186,0x5155bdb6,0x780f4946,0x2e64e355,
-        0x229a8b20,0xeb0ac9b7,0x2571bd60,0x88594d78,0xe3fa78f9,0x5dcc0939,
-        0x2ac2d379,0x7b8b4830,0xb90f1444,0x505fbf60,0x3ce4b3c1,0xac610e81,
-        0xd59b5c18,0x39a4f27a,0x7cea0222,0x5fa33973,0x8dff1c7b,0xe578730b,
-        0x517bf7a6,0x96b91b8b },
-      { 0x9aac087c,0xc1a991f4,0x6cfdb28d,0xce62f74e,0x5f7600d6,0x08d6ff9a,
-        0xf917f9c9,0xd781cd04,0x3de52dbf,0x7796f5f6,0x2ed72180,0xe7db64e0,
-        0x6fa4137d,0x0f0876f6,0x3ca1f716,0x3271ee64,0x7c4ab8a3,0xcb9b2058,
-        0x39481047,0xcba17107,0x598c5c37,0xdf9a190d,0x6f20e125,0x0cb6e72a,
-        0xf4f2902d,0xa3142204,0x7ce2dcfb,0x42d28cb9,0xa3d3c351,0xdf261b8a,
-        0xcffc249d,0x73f3d315 } },
-    /* 8 */
-    { { 0xe6fd3673,0x5d86855b,0x9d214b7b,0x309b70af,0xdcc46cd3,0x8d332f90,
-        0x595510de,0xe553c015,0x38c1251c,0x5746a096,0x85cc1bc9,0xcd7cea5b,
-        0x002eba8f,0x4ffa1468,0x22fcd77c,0x10a3cb70,0xc4ea05e3,0xb6999dfb,
-        0x4efa756e,0x3375a0d0,0xdced5fd8,0x4d90279e,0x251fd56e,0x48192403,
-        0x82a4c5f1,0xe87633a4,0x1b34105b,0x3170d130,0x7247e578,0x93998b0f,
-        0x436ba1fa,0x88934f64 },
-      { 0x4713eabc,0xf09f43b0,0xaccdc517,0x4ca7dd91,0xef13ca7c,0x27daa63b,
-        0x2588184b,0x8b2e5a7a,0xd95dc269,0x0a8cb612,0xe1f2f14c,0x346975a2,
-        0xe172935c,0x1f29b8ed,0xd40bc1e3,0xc3cbfd6e,0x132623da,0xd3f46b3f,
-        0xfb0b7681,0xc115be6d,0x56da4344,0x5e31c345,0xa8e43d98,0xa7c63f18,
-        0x4bddb4ea,0x55cb2083,0x4a54f58c,0xb16a0c38,0x46fd69d9,0x74eacca2,
-        0x153548e1,0x0d1898bb } },
-    /* 9 */
-    { { 0xe35ef043,0x4ea73461,0x3496b564,0x107b67d9,0xd0f83a3c,0xd62c173b,
-        0x51d29c35,0xfad4b038,0x71b1c1a4,0x3f42882a,0x54b43b9e,0x5d2bcf66,
-        0x2abdf543,0xc77b15aa,0xdabe3dc1,0x5cb38a80,0xa481673b,0x15fda0ae,
-        0xe7b90ebe,0x86996b4d,0x2bc8f3d8,0x84f87e25,0x37c4e424,0xaded03d6,
-        0xd7a7afd8,0xe5ede666,0xa1ccb93a,0x80dd95a2,0x46fba391,0xa55cfd25,
-        0x46f82e60,0x2bdab1dc },
-      { 0xfa6fed61,0x7a4de22b,0xcc8dd94e,0xca458aa5,0x071222f5,0x3e372df1,
-        0xe5aff377,0x06a4b44f,0x4a738e6d,0xbc2d0ba7,0x5f31f136,0x1a470e1d,
-        0xe102a911,0x77ff933a,0x310c7885,0x8b380a50,0x783fc5ac,0x9f3c0228,
-        0x44725d06,0xec668925,0x5ac84221,0x878f0e16,0xcfda6e8a,0x9a3af1af,
-        0x78cd2aba,0x0183ed37,0x826d0eae,0x32cdbd60,0xcbee6415,0xb3234661,
-        0xb9c10120,0x353eb892 } },
-    /* 10 */
-    { { 0x10b5521e,0xc8fdcad6,0x52e702f0,0x1a11b440,0x8ffda49c,0x6302680d,
-        0xcbf36bad,0xcdb9654a,0x4c10a2d7,0x7b58ce11,0xe630e7e0,0x1e5d1f7d,
-        0x6760a813,0x8cbe3d7d,0x6480d77f,0xeb35866b,0x7f036219,0x58728cf3,
-        0x42a8a757,0xdd5865ed,0x906a2870,0x283f1f1d,0xa51f906b,0x79e23fa4,
-        0x543b20a8,0xf2ac6e83,0xb81e7754,0x4f0b6379,0x840016ee,0x57fbc0d4,
-        0xe621b67d,0x8da20771 },
-      { 0xecce65ec,0x3c855004,0xb748185e,0x76d10d1f,0x78797ad2,0x64be7bca,
-        0x77e54aad,0x43444db0,0xbe0df0ff,0x17b6b0c9,0x055086a4,0x8fc4256c,
-        0xfd74d5a3,0xf952c43b,0x01c4edb8,0x501e005a,0x4a57e328,0xd5172dfc,
-        0x535d6ee3,0xdb40ce4e,0x0c650918,0xbaef1e5c,0x857561fc,0xe85145e7,
-        0x34a224c6,0xe468536a,0x0ec0e0a2,0x69a8e227,0x242b03fc,0xb3f52247,
-        0xc3bebd5f,0x862f55e2 } },
-    /* 11 */
-    { { 0x226049fe,0x2d6a390f,0xdcbbc9fb,0xcc92a578,0x97634fb7,0xa52feca4,
-        0x3dea5893,0x2b340cb6,0x2a49e916,0xa39f338a,0x949e41f3,0x26b2df3d,
-        0x065a7e40,0xc71c7cdb,0x468281a2,0x4a9b84a0,0x731eeeca,0x63eeb503,
-        0x76cbb725,0xe6d09134,0xb94a678c,0x0cf979a9,0x808fd9f1,0xb44d8c3b,
-        0xe0afc5b9,0xe60da613,0x3ea5be69,0x52dce7de,0xdc1ee74f,0x3a5d6864,
-        0x3bc80790,0x71ab2891 },
-      { 0x3b5b60ad,0xcf618fc4,0x4a0c3184,0x0afb5e30,0xbc403302,0xd22381cc,
-        0xdb1c0c66,0x33cf8953,0xa6112a8d,0x9c994e4d,0xd1967a86,0xd7aae2c3,
-        0x5b7acd29,0xc28d5493,0x6c9a57fb,0x8075bd13,0x9c8427f9,0xc9c0373e,
-        0x193225f5,0x2cbca18d,0x442c018c,0x73777d13,0xfbb3a727,0xebe5ed47,
-        0x1962dc18,0x70437d49,0x2dc08806,0xf39c1e09,0x15fff35c,0x03e9c6f7,
-        0x5e360a65,0x8d087bb6 } },
-    /* 12 */
-    { { 0x3fdc1844,0xbe212302,0x105eac56,0x6eca27ef,0xf168a348,0x2183a606,
-        0xe1d7a4cb,0x295f807d,0x7ef5d43e,0x7246a632,0xc77025c7,0xae143205,
-        0xf3484e3e,0x4bdfc7ca,0xdf52c075,0xec939895,0xd7a9cac0,0x82e655f6,
-        0x8baeddb0,0x985dfe20,0x527de731,0x79c817e4,0x313de1ea,0x30ce0fbc,
-        0xcc4f6cbb,0x9df95b89,0xf5bb20cd,0xf2aedf1e,0x1a8cfb01,0xfc1e0a89,
-        0x63edb7ec,0x225ed34a },
-      { 0xbabb1a85,0x3e13154d,0x1e6a565a,0xd3d8dae7,0xab4b100f,0xd3217d56,
-        0xebc78e1a,0xd44d934e,0x48e73d37,0x0215321b,0x201e43cb,0xbbc90bfa,
-        0x27500905,0x3c23f1d0,0xc86691a1,0x2a2e5000,0x6065841c,0x08b2bad2,
-        0x30026b60,0x15d41caf,0x5276ce61,0x1712c2f4,0x15932ffb,0x01c4c3e7,
-        0x6a74caf2,0x7894e13d,0x0c0537a4,0x02d6f5df,0xc2b1c97e,0xa8fb7602,
-        0xd0887c7b,0x612b60e5 } },
-    /* 13 */
-    { { 0xba245d6b,0xefd495cf,0xa2ce3ff6,0x5cf0cbb7,0xdff5feee,0x24da2ac0,
-        0xcf28c6a3,0x90c914f8,0x4308a56b,0x72fdb50d,0x13d72034,0x03dbf779,
-        0x822ac9e9,0xcfa5ec91,0x3aea3e81,0x0dde73c8,0x66289139,0x545ba962,
-        0xca6acbd3,0xa52f648b,0x98a0683a,0xff6f276e,0xa378ed52,0x2536d3ac,
-        0x885ac1d9,0x353c2c54,0x00bc84a7,0xcaff52da,0x37684167,0x3971f81c,
-        0xd2d7986e,0x0f7334e1 },
-      { 0x6596067e,0xafbb5c83,0x38c19806,0x33e54e19,0x39cb0dcc,0x8285d967,
-        0x424035f9,0x2b53f43d,0xdfef9095,0x38c531f8,0xdb0f571a,0x90fbe8e4,
-        0xa39ca787,0x9a0c1ed2,0x606f2620,0x2fecc1d6,0x72b7cb4a,0x9dc890b1,
-        0xccbb7868,0xc33ca6fb,0xfe73ee49,0xd1b11082,0xfcb66c48,0x590b7d17,
-        0x86e14573,0x9356b0a6,0x053ead85,0x75d682c4,0xc54d30fb,0xb2ae55fa,
-        0xf8aee949,0x67636a72 } },
-    /* 14 */
-    { { 0xb91d6bea,0x638063bc,0x923ecb96,0xae263a2e,0xc627aca6,0x9d7b0992,
-        0x77af9e7e,0xc6ed001a,0x24aafebb,0x9214accf,0x78055a90,0xa3564b96,
-        0xe027499d,0x00999b1c,0xe46a06a5,0xe413a4e1,0x2e51efe7,0xa05d13f6,
-        0x9ba843be,0x35e87d34,0x3183159e,0x0a633825,0x54601923,0x6023e8ba,
-        0xb7fd1cf2,0x9b107721,0xfdf2fd53,0x46b5542b,0x1c18af38,0xb314f4f8,
-        0x60ac8965,0x086f9876 },
-      { 0x8cbb9850,0x76701954,0xa20d2c8c,0x6210b730,0x5335670c,0x4084d057,
-        0x0324baea,0x3ecdc595,0xc76ee9b4,0x607fc5f2,0x440ffa64,0xf393d00f,
-        0x2dc1463c,0xe0111796,0x9c7725e7,0xf00b8251,0x5bd1d186,0x35e60736,
-        0x2cf72aac,0xf3d8554c,0xefa3497d,0xb4dd0fde,0xf646ad11,0xd712268c,
-        0x9f7b8ead,0x07c20afb,0xfc06dfe5,0x630969d4,0x7245549a,0x76b7df1c,
-        0xe61ae810,0x681f9403 } },
-    /* 15 */
-    { { 0xc9a0623b,0x7cad5163,0x67fab8d4,0xdbf82957,0x81af7c7c,0x2ccab0ec,
-        0xe966d5c2,0x469e38c8,0xf0d4e41c,0x34430d52,0xa52b359c,0x426075a2,
-        0x33bd0127,0x242dd3e3,0x9fed2341,0xcda3f635,0xd7d52ffa,0x4df33730,
-        0x7640c3ef,0x5fff56f0,0x1bbde57c,0x4783c21c,0xeb8bb336,0xd8784a2a,
-        0xead08405,0x1ec7c533,0xf9b62bd4,0x4b7f1423,0x7075d4af,0x5543145c,
-        0xba60590a,0x0c9de94a },
-      { 0x95d5682b,0x8ed72735,0x2ec276ed,0x711c4283,0x8b36a0d2,0xd1f4aed5,
-        0x8498a88f,0x62ab40c4,0x4480f451,0x58c8fc62,0xb79cffe2,0x8bc8ca4b,
-        0x701a359d,0x90ab583c,0x3fd5d15d,0xaee31a73,0xc912333c,0x02a5597b,
-        0xb6c3e3c2,0x1019cae4,0x29938088,0xe513042c,0xf47c8199,0x0e00283d,
-        0xf2a00e92,0x90d68e58,0xa775ae3b,0x69e2df41,0x871c30b2,0xb8d2eca5,
-        0xbb1de396,0x733dca0e } },
-    /* 16 */
-    { { 0x4b59213a,0xf5b495d0,0x8d70200e,0xca672039,0x2b6771c1,0x4bcb09a6,
-        0x2b9eb0cb,0x26adeed4,0x8cdba212,0xeb544754,0xf08890d1,0x0e1abfcd,
-        0x698e46b4,0x52509963,0x82e9c138,0xe1bff0b0,0x51099a71,0xa189e4cd,
-        0xc9b91cc7,0x2360c9bc,0x137ec4be,0x9bd4d7dc,0xd1519f6e,0xd0356521,
-        0xcf832503,0xbf5f6d78,0x8deea2b4,0xe4301031,0xef4c319c,0xc3132494,
-        0x0f1fa7d7,0x2ab3bd47 },
-      { 0x922c9fbb,0x5753b680,0x0f16c6d1,0x869e7dc8,0xbac16efc,0x83445135,
-        0x846d1d9b,0x4326a3b4,0xb2d62c21,0xb517fee3,0x0b292ad5,0x6905afa2,
-        0x2cadac13,0x2a57131a,0xebdbca8d,0xcd904d8f,0x3f365fb2,0xdfeda86f,
-        0xdc7eaa1c,0x7097b208,0xa45e77c0,0x89a35a84,0xcf5d118e,0x417a062c,
-        0x1f6e99e8,0x3c0c04a8,0xba7a087d,0xc44704b0,0x3ea22ad2,0x6f8a27d1,
-        0x4c27d229,0x93a4b416 } },
-    /* 17 */
-    { { 0x1f1efb7a,0xd4271bc1,0x33fccc0d,0xae4e68e6,0xb11f50a8,0x9d9bc8f1,
-        0xaf076089,0x5430398f,0x443d0e03,0x45e242fb,0xf6e3d4c1,0x73ec2519,
-        0xba9bad09,0xab70f790,0xf9add10f,0xde612ad5,0x14e942b4,0xb837e54e,
-        0xddb8b68a,0x175a56d3,0x1ac2a408,0xe85b233c,0xf0c80f94,0xf8ff6c30,
-        0x898db4f9,0x4b7f3fb7,0x45a7dcdd,0xa2c6044f,0xfe3d3895,0xf3abb2f6,
-        0x32ee7763,0x342ce0d7 },
-      { 0xcf491b1f,0xeb261394,0x1909e395,0xdcaaeed7,0x9fe4dbea,0xdcc4055a,
-        0x493d604d,0x17a6611d,0x1ce5ebef,0xba445a3a,0xe3989cb5,0xe82e2858,
-        0x83f58406,0xb96f4282,0xa156cf55,0x99877b99,0x4e166a0e,0xaf906a66,
-        0xb2976d13,0xcea1d353,0x36c61a01,0xefc16f27,0xb0f55d86,0xdb04c433,
-        0x8eb34c01,0x3cb4b269,0x2ae60280,0x38d07f78,0x43be3ec5,0x43ac3bcb,
-        0xe156fd20,0x455f4af3 } },
-    /* 18 */
-    { { 0x754ec21c,0xc057f262,0xe3a1ba38,0x3eacd4c9,0x116c1fe9,0x3a0210d1,
-        0xeacc8ab6,0xe4ea4e94,0xea6f32ca,0x31c00c9a,0x86b975ce,0x5cb6239d,
-        0xa14ea1e9,0x654d5d8c,0x5067fc8b,0x230d31f4,0x6355fecb,0x48bb90cb,
-        0xdc172e8e,0x78f81ece,0xcb006737,0x288380a8,0xe162d012,0x19b02e01,
-        0xc5af145c,0x0e087a06,0xb72dc354,0xf04dc8b7,0x8de3c066,0xf70ef214,
-        0x13009fb7,0x4f148243 },
-      { 0x6e2055e2,0x5e004fce,0x86c32067,0x89e247ea,0x5f9daaa2,0x4ebcbd95,
-        0xceb7f63b,0xd15f212f,0x863784a0,0x5ecc5c1f,0x75760251,0x53b3800b,
-        0x8a6a2954,0xeb9301c3,0xa13cdd19,0x0f16ba18,0x887c2d24,0x8313d251,
-        0x9a9413f6,0xf9923585,0xfe3fd7c5,0x423405e6,0x16e0ee05,0x678aeb34,
-        0x3fadaab0,0x1f3be7bb,0x82884471,0x7901fa2c,0x4d662ff6,0xc950db30,
-        0x3c01170b,0x74d5d2d4 } },
-    /* 19 */
-    { { 0x2b5bfe11,0xa3002dc0,0x52d321e7,0x0733410d,0x9679ba89,0x15920f65,
-        0x685b236e,0x0e248c14,0x346f6040,0x8cfab594,0x40c717f0,0x9f57afb7,
-        0x66044576,0x0dbab28c,0x9cdc3247,0x0fa09968,0xc230ed05,0x41e02ae2,
-        0xe45bef74,0x0d961554,0xce4d7b6f,0x9688a982,0x5e62d22e,0xfadefac7,
-        0xbd2cba28,0xaf1512a6,0xbe7c749f,0x78868e62,0xae9f5a6b,0x88048d81,
-        0xc5857a29,0x6b1a5442 },
-      { 0x43242066,0x9f5ab9ad,0x2ccca2ae,0x0afef1b5,0x988edc4e,0xb1b43ec7,
-        0x0341b0d5,0x0d0c00f1,0xb50aab37,0x4d68b8f7,0xf3a64a99,0x9a8e4e6f,
-        0x7f1a684e,0x198338fb,0x351a0f5c,0x8bc0e748,0xdac44515,0x2cacf2cd,
-        0x5e9ff76b,0xc14d3999,0x16393055,0x54a01b3f,0x888d8376,0x6ac3eea5,
-        0x723277b1,0xb84d9a9a,0xe11dbbbf,0x99132691,0xabb67178,0x597717ae,
-        0x8bb14ac8,0x4c213526 } },
-    /* 20 */
-    { { 0x95532833,0x2e6fe0a6,0xd626d067,0xabca228e,0x649e73bd,0x22aef3d9,
-        0xf03c4c0c,0x2083a87a,0x35169b45,0xe954e75d,0x74506a89,0x577509ee,
-        0x2aeacf90,0x49cb276e,0xfa409f91,0x08275d77,0xf0bbd6b9,0x61eb6f3d,
-        0xe4132704,0x948202cb,0xb1c498b1,0x35f3fc21,0x361fee59,0x76c68ba8,
-        0x50e051f3,0xa18cbbd9,0x318e7042,0x2384a879,0x80dd1e8b,0x292abead,
-        0x5c37c334,0x65713c29 },
-      { 0xceb77b9a,0xdccca8e9,0x23b69469,0x2f97e727,0xa01d6b28,0xc76abee6,
-        0x5abecdfe,0x3925203d,0x29290d70,0x89448082,0xb0314438,0xf9931424,
-        0x7cd447c3,0x04209df1,0xc855c827,0x7c6f2059,0x56c0e069,0xd97d7862,
-        0x412d94c4,0x5a9db6fe,0x994c41dd,0x19a64591,0xc89e21a3,0x12348aa1,
-        0xc6a03f0e,0xd6904b50,0xa616feac,0x55c15156,0x7cc7693b,0x4e36d1b5,
-        0x3bae3c38,0x6b0e996c } },
-    /* 21 */
-    { { 0xcceced00,0x32789fab,0xe5b7aa66,0x3237e71a,0x2ddebcdf,0x87b2e269,
-        0xb61dad8f,0xb7245120,0xd35f803c,0xe11e5e48,0x98e50f0d,0xfb4df5d7,
-        0xbcd2ab92,0x60ee68b4,0x1ce3363d,0x98ab2f5c,0x7cd42647,0x15ba39da,
-        0x83f4fb3f,0x1a6572eb,0xe56f08db,0x0f77de88,0x172562c2,0x1743761e,
-        0x8a58f0f4,0xbe349ff8,0x84d1d6e2,0xe04da71b,0x9e9ff3b4,0x368f0342,
-        0x678223f8,0x4022a205 },
-      { 0x83847375,0x527bbd05,0x3f451af0,0x3ae56b62,0x4b2c7f18,0x6198f24d,
-        0x4525b98d,0xee323f5b,0x0e0884b5,0xa9d8d39a,0xfb12c776,0xd005d7f6,
-        0x708bc154,0xd71c483e,0x742541bc,0x8ca6fd28,0xf8397ddb,0x0af3dccd,
-        0x3eccf243,0xb80d3125,0x58d81b8d,0xc743a108,0x71391f68,0x3f48eb21,
-        0x33bb657f,0x493aff88,0x07e47e31,0x1d15ed66,0xe08279f6,0x10159b11,
-        0x24a6a956,0x312179cb } },
-    /* 22 */
-    { { 0x07615ac2,0xa94cc3ca,0x121ad581,0x85865e64,0xa7986b79,0xae47616f,
-        0x9d5e0f1d,0x395a40eb,0x3d9457ea,0xa9143264,0xfa2865d9,0x8de6d6a3,
-        0x1014ae8c,0x0771db96,0x976a87cb,0x77a7cce6,0x143a0f60,0xa7de42e1,
-        0xd993d934,0xe203cc09,0x98ec4c3d,0x92018693,0x3a25df4b,0xd77546d8,
-        0x62b02d6b,0x0ad9eb47,0xd05a7189,0xfaaaf208,0x431221bb,0x5238181f,
-        0x733511ea,0x417d6c78 },
-      { 0x0e91e9a8,0x3cbd81b7,0xc370d6b3,0x73340418,0x8eaa2373,0x825db10a,
-        0x6c7d6756,0x8f2b09e4,0x94c33ded,0xe288ee9b,0x1695e3fb,0xcd8426bb,
-        0xdce9e888,0xa6176c86,0x6165e362,0x3f4c8922,0x6063fb09,0x514e411f,
-        0xc8f9e04c,0x6907ac20,0xdfd2ad61,0xcef7469c,0x8452199a,0xba30bae4,
-        0x12ac3462,0x30681293,0xc92d482d,0x011be873,0xe8330995,0xff4cbf89,
-        0xd1470a0a,0x02189d52 } },
-    /* 23 */
-    { { 0x92599c69,0x73e419dd,0x7fec32ca,0x5b94221b,0x09bbfbfd,0xb2bf9bd2,
-        0x63ed895b,0x61ea97a4,0x3f486f79,0x6609146b,0xfd141a39,0xbd1c7a05,
-        0x83d64135,0xc79ec8cf,0x9883507b,0x7f8fd42f,0x17b3d027,0xafcb53b7,
-        0x67ca5a21,0x86658dcd,0xcd149786,0xa6a6c0ac,0x34b95067,0x16f3d70e,
-        0xdf44958c,0x371208e3,0xec280212,0xd2dd64e6,0x30782c71,0x33b2c4ab,
-        0x521176fa,0x7bbf8abd },
-      { 0xa78b981a,0xbe9e4aaf,0x304ec828,0x788b4e36,0x3959dea3,0x0c45cf39,
-        0x240b39c7,0x70a9bdd3,0x28383b7d,0x499cd7dd,0x307a1026,0x30690b2e,
-        0xee92f1b3,0x2262d598,0xb4725a48,0xc62d77de,0x7bc3aa0e,0xa16f25bc,
-        0xd15ef7fa,0x62dd8b65,0x0b96d68f,0xd979221d,0xa00f1906,0xb92885c3,
-        0xeb74c740,0xfa476b9b,0xc7576222,0x217ddbb5,0x5788504f,0xc2782c30,
-        0xf812716b,0x860d096c } },
-    /* 24 */
-    { { 0x4d79bbf9,0xfebc337d,0x69f74f80,0x5d53eab8,0x33104d53,0xff36a095,
-        0x196f8b97,0x2ab820da,0x75ce6909,0x961d3d1f,0x04683754,0xb197ec04,
-        0x93a6cb9b,0xa68ce1bf,0xc5f021a3,0x503456ff,0x8940ffdb,0xb50a2db1,
-        0xef004209,0x77c50f8f,0x04965875,0xd635d177,0x8bb8770a,0x725766d9,
-        0xa078e53e,0x8e19b028,0xf9fc8378,0x364d4cca,0xf0dd39a0,0x1a3df411,
-        0x03adf920,0x7e80e442 },
-      { 0x539a1ddf,0x4b5f8a57,0xee486562,0xd248e7ae,0x816021e1,0x1c7b491d,
-        0xfd36d2c4,0x2e7b871b,0x0aec00d9,0xda38b504,0x6193f1b3,0xf2827612,
-        0xfb1f78d6,0x69c3fe86,0xe827ac33,0x56c8b786,0x3487c8f7,0x1687f6c7,
-        0x19dee5bc,0xab8f2217,0xff399418,0x04e8473f,0xa9027c80,0xf384c014,
-        0xaa1d2e28,0x9967be9a,0xe065eef1,0x869686d3,0xc7bd837c,0x737c6b08,
-        0x9e8bd863,0x5dcab5d1 } },
-    /* 25 */
-    { { 0x9a7d772b,0x0784283a,0xe540959b,0x6b49e525,0x86414ab5,0x546bb008,
-        0x9d74b2a9,0xd4448162,0x203b0b1b,0x267890ad,0xc8d3f86b,0x1e7a82bc,
-        0xd85a83c7,0x1352bfb5,0xfad07ccf,0xf29f16e3,0x41e0c43f,0xc02a63b8,
-        0x6b379fef,0x904f22c5,0xb1244f26,0x19d8a653,0x3a28bdea,0x6635b6df,
-        0xf6d455ce,0x18b68851,0x9cff3735,0x74ac2818,0x8b2cbdab,0xad40f9df,
-        0xadc9d498,0x08cc2d9e },
-      { 0xc170c84b,0x2e6a6866,0x5a49a484,0xbb989e8b,0xd04c8992,0x7b0e00e0,
-        0x61b3a423,0x55ad3478,0xb0d01899,0x3c952450,0xe3100cb3,0xe3922155,
-        0xf03276d0,0x19265b6e,0x76d42b53,0x0fe8595a,0xfc6353b6,0x0a96dee0,
-        0x246f893e,0x761e0dc8,0xf0a74cba,0x4ec902be,0x3fdfad9b,0x61008684,
-        0x4fdb6975,0x5d6a60e4,0x7ef7590a,0x3f53aac8,0x12870a37,0xd29e6be0,
-        0x55aa55b0,0x991fadc1 } },
-    /* 26 */
-    { { 0xb4844ffe,0x82bc4b0f,0x60f8b871,0x73922714,0x4ce3f1f3,0x8ac000e2,
-        0x163519ec,0xf0d548b4,0x88288b5f,0x7aaf842b,0x2bdc9a70,0x9e8b0c4c,
-        0x4ba5fd67,0xa06d5152,0xf93cdec3,0xd0b1afa0,0xdf89f8f0,0x280955ba,
-        0xeea32c92,0x86cbe92d,0x3fe05be4,0x0cae3f99,0xfa6919aa,0xf2607095,
-        0x6e0f1b8b,0x0f54741e,0x30ecf988,0x2aed1f74,0x734991d7,0x9296f76b,
-        0x259f0fe9,0x66cf8d28 },
-      { 0x226f5868,0x9b01905b,0x16909e9e,0xc102e88c,0x4a37eb54,0x2bd08916,
-        0xc9816323,0xf72253e8,0x86bac53c,0x37f84e9d,0xafeaaaf7,0x2e352454,
-        0x2ca0046e,0x67c86f77,0x6663372e,0x86bce50e,0xb6950a04,0xf6a3a960,
-        0xfc1aba93,0x61f994d7,0xc1326e6e,0x1957c12b,0x2e56b005,0x9b658fe4,
-        0x8592740c,0x9cd297fc,0x177f26a5,0x7654ce9b,0xa79d2ebb,0xaaa699db,
-        0x0ecb6448,0x5fca0c5a } },
-    /* 27 */
-    { { 0x569a6663,0xe26e25f3,0xe6aa4ca7,0x09597ee7,0x8d18b80c,0x25a4cda6,
-        0x22926730,0x450602b5,0x07387209,0x9af5f650,0x26733a53,0xfeeedb34,
-        0x86572951,0x0f5ce768,0x8398ae9a,0x872a360b,0x2b30f6c3,0x60347a80,
-        0x1a162158,0xd2113b23,0xee6c6dec,0x6fd9cf92,0x5cbcf9e6,0x85f0a5a8,
-        0x2ba3fe84,0xd7a5a6e4,0x51ecd727,0xaafe6720,0xa2081a10,0xe09c6bb2,
-        0xb973b0b4,0x657acbf0 },
-      { 0xc274c8d4,0x3130466f,0x30a994d1,0x42765176,0x7079435f,0x217258ca,
-        0xeb897a06,0x44850406,0x561ee130,0xf38dfeee,0xaa1778bb,0x11f4facf,
-        0xb9abb9e9,0x765c6617,0xd8f10932,0xb135499b,0xa73b9159,0xc0eb6337,
-        0x6f7e8b6a,0xf2c1ccf1,0x187def53,0x5b32c03a,0x830b9c62,0x89ad1d49,
-        0x2f10e538,0x1735eae3,0x9d5f55bc,0xb1cbd9c2,0xe539db0d,0x42428c47,
-        0xc852b3bb,0x3d2da412 } },
-    /* 28 */
-    { { 0x871f2865,0x97702b6e,0x142920d6,0x56cb639f,0x45b58611,0x328522a0,
-        0xf3b13812,0xf3943ad1,0x712206e8,0xe6c2200a,0xa34d59ea,0xc2890e5a,
-        0xf6b7f759,0xab52fd40,0x180bf567,0xf522c8de,0xaccee396,0x181e97b2,
-        0xc4ea5cbb,0xe0375819,0xab51d3ef,0x0d9985e8,0xbcb50fd8,0xe26c96ca,
-        0x97e1c80d,0xfb9d6b13,0xf796357d,0x582b1814,0x07f4c7fb,0x89a78221,
-        0xc0357e61,0x02aeef2d },
-      { 0x2c7ec9be,0x2ba7926f,0x7258b201,0x292f307e,0xc6fa6b4a,0x74e62a10,
-        0xe2bcc5ab,0x80c08549,0x7bb8c073,0xb4160db8,0x329f194d,0xd5ef0529,
-        0x6dda4a9c,0x0eb8da14,0x15ea23d1,0x0b5d43d2,0xfc34bfae,0x6cebef02,
-        0x848757a7,0xacd364d0,0x2d34cca3,0xc1401368,0x1d2d95e2,0x09ca6742,
-        0x786eaa28,0xc3fd1d6e,0xa2965fec,0x9eb1136d,0xc0779203,0x48871baa,
-        0x4b15aeb0,0x6b446c01 } },
-    /* 29 */
-    { { 0x25e8fe80,0xc819eb2e,0x98238a17,0x2b5f7906,0x81e41849,0xd6f1e996,
-        0x98ea6d45,0x58ad8ad6,0xbfd02e40,0x5bae5ad4,0xa812416d,0x016dc327,
-        0xa3347ca1,0x8b31a985,0x82a65391,0x0b4da610,0xb48c35fb,0x1cb91b2d,
-        0xd2aaf8c4,0x9e96817c,0xcdfdcdc0,0x1a630483,0x12b69254,0x70559361,
-        0xf8a2a097,0x5fdcd712,0x35cc5281,0x59ab623a,0x932b6095,0x30c8ebe0,
-        0xb08e052f,0x8613424b },
-      { 0xb2231d8a,0x28902063,0xd9a61667,0xb0f62329,0x071a9f27,0xaafa0fe7,
-        0x603f047e,0x6bcd8960,0xfd92a1c3,0x118cca76,0x71d483b6,0x3414e62b,
-        0xba705262,0xa123ccdd,0xfd9b5c5a,0x1a576437,0x4c8d0fa3,0xa5301bc2,
-        0x102427cd,0x96f0ad44,0xd3aa6c02,0x0e6fb5e0,0x072a3996,0xcd8c4880,
-        0x840d3fad,0x4dafca12,0xde91d541,0x29f4ca3d,0x8441734d,0x0037c598,
-        0x9ccfe57c,0x86333a99 } },
-    /* 30 */
-    { { 0xecf53b40,0xd213a751,0x2f78a542,0xcff2c6f2,0xf13ae56d,0x0f59f0e2,
-        0x0e61748e,0x91f8ccbf,0xd72c4145,0x0aadecb9,0x4c9cdcb7,0x6b2ed852,
-        0x1eaffc70,0x8e00b72c,0xaa728102,0x89b24285,0xb679cafa,0xaa7ea7e0,
-        0x4f0a6f6f,0x5d2b8c26,0x0e804397,0x7ed7b173,0xc8573049,0x5a93eb45,
-        0x0986e93e,0xc92bf5d4,0x6a20c0af,0x526b5a9c,0xb99dc3af,0x0adf47c9,
-        0xba202cc9,0x12b25fe2 },
-      { 0x33eea395,0x09b8d78a,0xf633fc5c,0xc7a93618,0x270eceef,0x7e821629,
-        0xc628ed0c,0x524779b8,0xa1d68939,0x91db5ca1,0x586edc90,0x8626e18e,
-        0xfeb3f3bf,0xfe023e8b,0x0250171c,0x6279fde1,0x55e172de,0xe52ec7dc,
-        0xc6d4ca45,0x445e8695,0xbdbc10f1,0x42de3878,0x6fc3835e,0x2b114de8,
-        0x7e10b652,0x9faba456,0x390e78fe,0x4111d82a,0xaedf0aca,0x576b61c2,
-        0x74accb74,0x216279a9 } },
-    /* 31 */
-    { { 0x4047f747,0xc14cdabf,0xc1315a1e,0x03ca233d,0x40e5d0a7,0x59e7cbd3,
-        0xbb413869,0x1fd0c4e9,0x0f01fbd8,0x189d08b1,0xa76b823d,0x50449c42,
-        0x398b00a1,0x81c224a1,0x8e8179e4,0x08084e4f,0x698e41e9,0xfd8af994,
-        0x5610bf2e,0x1e30e37c,0xa7d2790f,0x4e6a043f,0xb3195388,0x9d96e60c,
-        0x03799dfd,0xe75f986d,0xf8ff902f,0x3b4a8f11,0x7588416e,0xfa945378,
-        0x9827535e,0x20683e3f },
-      { 0xd0378878,0xcb582e26,0xa7945787,0x9e214c23,0x8f6688b3,0x13d000bf,
-        0x40515270,0x7548d4f5,0x40111f5d,0x7113c15d,0xa8bff902,0x3bf5a526,
-        0x9b4945cc,0xbda6b010,0xbc2f3a05,0x83dcc74e,0x43efdfa1,0x2aef6284,
-        0x565c5bf4,0xd2e60ee9,0x592f243a,0x4f0fa10d,0x1bc3bf51,0x6ae58b32,
-        0x60576a74,0x813b0868,0x4d73081a,0x0bc023f8,0x32dcee59,0x9fd03aa0,
-        0x27d6c795,0x5e416bf5 } },
-    /* 32 */
-    { { 0x026cc23c,0x24313760,0xb5b29058,0xf819aaee,0xc5d2ee17,0xa92272f8,
-        0xee5cc402,0x8048e7cb,0x77def07d,0xdbc7d6ee,0xf6af821e,0x61d69244,
-        0x996cbb89,0x5f7966ed,0x96a155a4,0xf81b17ea,0x03f3ed56,0xb2d9ef70,
-        0xe882a5b2,0x5e6e5906,0xae947180,0x86fa1072,0x658c76f4,0x34d9fc51,
-        0xcb035aa0,0x9f603dc0,0x75be6481,0xb7b39feb,0xcf04a9ef,0xca87554a,
-        0x87b4fde3,0x4ff682ec },
-      { 0xd0a10ad5,0x3125627f,0x968e6f45,0x7fd45c72,0x806a1163,0x2981bd6b,
-        0xde5033e3,0xb92de1cd,0xbf4f8988,0x3b44b45e,0xdae7e1dc,0xca1b9896,
-        0x0778d878,0x52166e5a,0xa5116847,0x82d472be,0xf2895445,0xfbdd382a,
-        0x5d6ec4c9,0x22ed1602,0xb6552b02,0x3614eb1c,0xa1e6210f,0x63c5df73,
-        0x021a74a7,0xe9160285,0xc65cbd4d,0xa44ca400,0x0f15e299,0x48cb187e,
-        0x3402507c,0x51eb818e } },
-    /* 33 */
-    { { 0xb92100ab,0x1fc1d178,0x9605b839,0xdf2e3d60,0xb71e59d0,0x12a7c255,
-        0x14fcbe04,0x3f8b6675,0x59fd06af,0x0e8a3935,0x12020d07,0x56326502,
-        0x528e7be5,0x6696fcd1,0x0c7b7654,0x6588514b,0x5912a5b5,0x0cd80f8c,
-        0xf324cb7f,0x8bafef04,0xc6da3d75,0x6b53eecf,0x31d1df2f,0xedef48d8,
-        0x73812b6d,0xf336b965,0xee626031,0xc82eae4a,0xd244f09b,0x300abd32,
-        0x31d9647f,0x8b0af955 },
-      { 0x2e603544,0xb770180a,0x221acd9e,0x2b573ac3,0x62407032,0x3a17f665,
-        0xb89abc3d,0xad3e74ad,0xd793225a,0x8a3d2e3a,0xef02564b,0x457bba04,
-        0xfc2dd2b5,0x8875652f,0xe67143e8,0xd2905d15,0x02e48d70,0x6d884b42,
-        0xc7636a57,0x06f99219,0x35e378df,0xa8dc3421,0x10c64a02,0x95c1d73d,
-        0xcc157a66,0xcd6a4ece,0x8e24a354,0xbadcc1c8,0x9839329d,0x8024f1b2,
-        0x4da48ad0,0x5363e549 } },
-    /* 34 */
-    { { 0xe23fc641,0x1f5523b7,0x86667063,0xfe54e72f,0x8e009d2f,0x294a15f5,
-        0x8c57f5e1,0xf203997f,0xb16d64dc,0xa229724c,0x4baa2ffb,0x697be4fd,
-        0x0a6e8ed6,0x3f507e46,0x78508536,0x0afe3a5d,0x95408208,0xeeef6cdd,
-        0xf2c4237c,0x701fd889,0x5c385253,0x496d883a,0x72a212f1,0xe25c67ed,
-        0x1ff78fcd,0x4b416783,0xc16f4146,0xe9967004,0xc45b0697,0xfa45c3a1,
-        0x3fbd30c3,0x63334018 },
-      { 0xa2fbbbce,0x39c9a0cc,0xaa0cb744,0x876f6e5c,0x3438ece3,0x9ce6010e,
-        0x13802d82,0x0aad148e,0x9cd45a1b,0x9c3e5c60,0x7bcfc1e0,0x875cb859,
-        0xd8584dd0,0xb19ff790,0xd81c2a2b,0x2598b81e,0x02be07e3,0x118bdf2f,
-        0xb9765ce9,0x074fc8ee,0xb24f95ae,0x125e9d88,0x0c98f09d,0x3bb12cdc,
-        0xa0b74b27,0x4a6aee07,0xc08077ce,0x4723d2f9,0xbea8026f,0x959447d6,
-        0x16280b73,0x93a7075c } },
-    /* 35 */
-    { { 0x715b27f9,0x26bbefe2,0x2a280923,0xa935a5e2,0xfd58a26a,0x5ddf23af,
-        0x7c138694,0x54c83e16,0x892a2153,0x44799bc9,0x9b8d09f5,0x4e6e4710,
-        0xd588ea68,0xc63af616,0x883ab1b6,0x5e896706,0x3d209336,0x3c1393a0,
-        0x92c23dda,0xd02f2921,0xdcf6ea43,0xab70cb7a,0x791559e1,0x12434ea8,
-        0x6d70ff0b,0x040680db,0x2832ba45,0x1a10fe52,0xe5f0cb8f,0xd69f9c08,
-        0x44b141fd,0x1a7422ac },
-      { 0x9f40b675,0xc3a9dd2e,0xfcc71f39,0x2a7c6603,0x1948e342,0x18939a61,
-        0xed0ab484,0x8f3b6158,0xee31ca6b,0xa3aa7d97,0xf7a8db63,0xbc1e865e,
-        0x2c7c62e4,0x315f8c09,0x9f5c6d0f,0xa260788f,0x4b6f3ec5,0xb1833129,
-        0x36b4d849,0x73adbcd6,0xbc699a9b,0x66e14890,0x2a1175e7,0xbf3790d8,
-        0xfc53ca4f,0x7f43605a,0x87ff6091,0x577f6c47,0x600c82b6,0x827c7552,
-        0x9d25599c,0x0944d630 } },
-    /* 36 */
-    { { 0xe6ab9620,0xcfdeb63e,0x786cd808,0xdff4fa6d,0x456320b3,0x145edd82,
-        0xc4943915,0x2ae5f862,0xb73b3f87,0x9508e813,0xe52f97a9,0x3bd805f3,
-        0xc9829b62,0xf71b5c28,0x86e0cefc,0xb394c70e,0x23bdb36e,0x534fb1a9,
-        0xdbe27e5a,0xd64f5862,0x83ab6169,0xbae23df3,0x27c828cb,0xdd6df1b1,
-        0x3a307a8a,0x1901899f,0x811ddf66,0x36cc8659,0x79943b77,0xa3cb7774,
-        0x6fd86576,0x7d89f383 },
-      { 0xc9f92b2b,0xf8564242,0xc46e32bd,0x700c6a75,0x7f99a5c5,0x93e768b7,
-        0x03149568,0xb6efe858,0xc2ce6709,0xbbfe8a19,0xee6ec493,0x721a3b1b,
-        0xc371c28d,0x26eeeea9,0x15177e1d,0xd798115e,0xb068a5a5,0xd7bf3bce,
-        0x46d2b4b2,0xdf8da220,0x59be9dfc,0x3df0995b,0x77640b79,0xc96897bc,
-        0x5a2bd3c5,0xce0cf4c2,0x89afe744,0x16f45d6e,0x3a8509bb,0xb53f3acb,
-        0x63f2a6e6,0x449af81f } },
-    /* 37 */
-    { { 0xa16d9377,0xc2fcf132,0x7e1a2f9e,0x9ab377b3,0x86d19ae5,0x72e1a12e,
-        0xd013bbb1,0xd2b12e66,0xcb5f66ba,0x0972e055,0x399eab50,0xd11de1c0,
-        0xc65f5ec2,0xc1f314fd,0x8a9ff593,0xfc311841,0xe05246e6,0xdf73c1ec,
-        0x1625056d,0xc28d1363,0x6fb25e19,0x30a9dbd7,0x845cd2d7,0x049ed244,
-        0xd36e852d,0xc779b83f,0xf68c8a83,0x85a35fc7,0xc95e8033,0x299bf1e1,
-        0x20891af5,0x0e8617c3 },
-      { 0x67c81b5c,0x53720602,0xe737873c,0x2fa89dcd,0xa8144fd0,0x2a7430b0,
-        0x26208c83,0x3006c5a7,0xd8ea40f5,0x4e066660,0x896413a4,0x9dd025f9,
-        0x46b9149f,0xbdf380cc,0x0a125cc2,0x80156619,0x52793c37,0x04d6a3b7,
-        0x6b7a62f2,0xb6001374,0x585d5978,0xa9cfe268,0x8395fe66,0xdcad0cb8,
-        0x46b261f6,0xbab468fc,0x9d9d9218,0xca0ef5ef,0x5e452402,0xc507d4a8,
-        0x326cf687,0x6f4404f1 } },
-    /* 38 */
-    { { 0x4febd3ff,0xa3e1920b,0xfdfd2bba,0xca6234d8,0xe19a9829,0xb7d1af2a,
-        0xc6f5bc20,0x23de1610,0xdaa39ca9,0xe204dbf3,0x6d8c70ab,0x2a2de9b8,
-        0x7c9d370b,0x272e0c37,0xe565510e,0x80914c06,0x57cbb6b0,0xb611e7a8,
-        0xd8266a6e,0x076fc6ef,0x3095801c,0xdfac34ee,0xb9e24063,0x69ff40a2,
-        0x787aa5c5,0xa7ba31a9,0x33c70cd2,0x0e4d1fdf,0x6895f074,0x903e3132,
-        0x7fb671e2,0x905771f8 },
-      { 0xa4062bee,0x5199ba0d,0x94d7d9f9,0x18e7238c,0x1e0922c0,0xf53f29bc,
-        0xb12d855f,0xde9b2a81,0x6d68ca29,0x649f3eed,0xc50c097f,0x64adfc34,
-        0x9db398a0,0x81964ab9,0x7a587224,0x00d59c47,0x74c5903a,0x09fea396,
-        0x15043dd0,0x6aafd8ee,0x5f1ecc20,0xc5721a6e,0x0db9b7b4,0xb6d6a483,
-        0x66c8d52a,0x06ffc617,0xacc82a27,0x3de241d6,0x27f2f7a8,0x0605f052,
-        0x6404decc,0x6a22953b } },
-    /* 39 */
-    { { 0x74fce389,0x92452d8f,0x2afa5564,0x059634c0,0xf0ed7825,0x9377ccbb,
-        0x37718e0d,0x89f4045b,0x9fa69a4d,0x11074e7d,0x7295b0ba,0x5d70bb07,
-        0xf107ede6,0xb22d54ad,0xa1a29c7b,0x5c39a3d8,0xd795e3ab,0x37236c02,
-        0x2b589951,0xf7282d00,0x5790bee2,0x5e2265be,0xa8e65ea2,0x91e0ea11,
-        0x6001cebd,0x0e71a708,0x2c1c5402,0x16900f5a,0x357f6981,0xc3b2d5c0,
-        0x619e3427,0x528c9ea0 },
-      { 0x5f26c577,0x1edc86b4,0x9438bd45,0xf8074708,0x792582a7,0x2dfe1013,
-        0xde1e569f,0xe08eaca0,0x9a55a356,0x5f952efa,0xe4976216,0xa4d80b53,
-        0xcd5d71f2,0xd2b65855,0x66cea3f0,0x246704bf,0x492323ca,0x193f641f,
-        0x9adb1325,0xa681855c,0x2d19d652,0x86d522ce,0x5b82ed7b,0x53609f10,
-        0x8e150d29,0x3b0f0094,0x0b13e891,0x23ad8bfb,0xf794b449,0xcbb1556c,
-        0x738bcf57,0x200f9093 } },
-    /* 40 */
-    { { 0x8388387f,0xf9b22fc5,0x28e883c5,0xcf26f170,0xd1b7973c,0x447cab90,
-        0xf6ec9171,0x8d5d4ea2,0xc30cdbc0,0x2e16f498,0x48623c2b,0xdc92910c,
-        0x30dbc545,0xeb1491b0,0x14de21b0,0x631deb2e,0x2fe830f4,0x04a21066,
-        0x379c1f3f,0xa4c6979c,0xfb06a795,0x8a732b68,0x1619dfa9,0x3a44327a,
-        0x8dbe2c9b,0x91a307d3,0x03989fea,0x939bc8d2,0x0f4a331f,0x3daabaf2,
-        0xdd0f55dc,0x5c307e98 },
-      { 0x35b233da,0xbbc4e0c4,0x22f6f985,0xe3d29085,0xa8b02468,0x99dd2d21,
-        0xa96916e7,0x978f40e9,0x614bcced,0x0327d86c,0xb290762c,0x95e95502,
-        0xa879f2ed,0x0ffd2197,0x50e0bd33,0xc4365137,0x0827c4c4,0x26c3148a,
-        0x3fcfc0b2,0xc79812a8,0x31928589,0xc3d8d17e,0x8830f42d,0x8b572cfe,
-        0x4b07f83f,0x7cd9ff92,0x0a51148f,0x331ca950,0x4c59f9ac,0xd0c53968,
-        0xc1434785,0x1df16dfa } },
-    /* 41 */
-    { { 0x68bcacc3,0xcc7bb4ac,0x430f58cf,0x06ded34f,0xd461855a,0xc59f9f4f,
-        0x45c9f0bc,0xf5491994,0x4375c892,0xdc5f7ec6,0x3c85983a,0x1b8708f1,
-        0x82fcd087,0xb32a5cc4,0x2d6b4c0f,0xefdcdc35,0x8ac6fb2d,0x4bb24f04,
-        0x33906471,0x5982d4f5,0xb83a3ac4,0x162eb52f,0x2337a223,0x7130df28,
-        0xcbc3dbd3,0xdce7b802,0x2467ac0e,0x8b395959,0x1b56717e,0x21d3d2e8,
-        0x46512617,0x729a7f50 },
-      { 0x8420f90a,0x874ed1aa,0x0fe4c855,0x6368e19e,0xb0be74af,0xb62d4aaa,
-        0x8ca60ca9,0x76fcc480,0x7645a867,0xf310b5a5,0xddb1b24c,0x131bac9b,
-        0x2dea5b44,0xef77d71d,0x72fcc64e,0x4706d210,0x673d77f0,0x29b92691,
-        0xe89e0663,0x22e00bf3,0x74077d40,0x472d0cd3,0x829232e2,0x3e21040d,
-        0x38dc8533,0x2f916dfb,0x14b8f667,0x48bbb59b,0xd44be19d,0x19de9f4a,
-        0x232d9d5c,0x7f6d3649 } },
-    /* 42 */
-    { { 0x6e794819,0x3bd064de,0xf82ebda1,0x5a6b694e,0xb91e2804,0x1f017fe0,
-        0x07a43cd2,0x190d31f3,0x630433e9,0x6c26f226,0x0abfdcb4,0xba488aa7,
-        0xa46411c0,0x418d9085,0xbffb5880,0x1b934fe6,0xe200f849,0x75d1e237,
-        0xa55413db,0xdf04d63f,0xe23b3f77,0xe216ed75,0x0f91bd30,0xa05866cb,
-        0x7729c509,0x84c395d9,0x452ab2d7,0xec97e188,0x0093d686,0x8cb7c1f9,
-        0x628f086c,0x2d032395 },
-      { 0x4a44b4c5,0xa81c9407,0xcc702c98,0xb9846879,0xceb0dc97,0xcb502287,
-        0x6e3aa321,0x30301126,0xe4c256c2,0xc0ac8763,0xe55b4845,0x65034d20,
-        0xf240f35b,0xaa96a040,0x7cf7eedc,0x046d26d3,0x3b810656,0x62a5a8e1,
-        0x83d70c2b,0x86044b97,0x59e4da8f,0x2fbaff88,0x5457f5d1,0x929d901a,
-        0xb531b757,0xd29e1eb2,0x9e4e9739,0x214dabdc,0x4eaa9bd9,0x5bd724fc,
-        0x1ef9bb9b,0x734c12b3 } },
-    /* 43 */
-    { { 0x92f9b086,0x98fe3c2e,0xb3fd4544,0x4641b93e,0x5c02c65c,0x47ce208b,
-        0xc4f03242,0x8a52dca1,0x679d29f6,0xb5ec17d9,0x9406f5f4,0x11d2fed0,
-        0x0d9ba811,0x260f63dc,0x15472a3f,0xde2b056f,0x007290e6,0x1b170d9f,
-        0xb6b5c8f9,0xa2e23e8d,0xcf34c3ee,0x345a2839,0x1b973ee2,0x9bdc5461,
-        0xbb24d1c5,0x65bda6c2,0x3c6141a1,0x97d52ba3,0x9d2eb201,0x47bb1612,
-        0x21fbe49f,0x7c558a87 },
-      { 0x3f350fec,0xb9485a52,0x6a38d4c0,0x016678c5,0x0d5aa64d,0x8ef346a2,
-        0xd96da2e4,0xb85daa02,0x4f647b3c,0x845ec4ea,0x0d5e946c,0xc0d1a6ca,
-        0x4fa9f4ab,0x41d8d1c1,0x9c8b1303,0x43972cc5,0x434ffbfb,0x67e1f48d,
-        0x819d2318,0x350ce93a,0x6ddef23f,0x49f53090,0x200cf12c,0x3c2e6cf9,
-        0x640432fc,0x42691cc1,0x72496b52,0xbfff74b4,0x020a97be,0x44527c9f,
-        0x7b3c4348,0x34cd7dca } },
-    /* 44 */
-    { { 0x59e7fe87,0xf031761a,0x0047cd72,0xb1eae31a,0xfae30f62,0x27902e68,
-        0xb71db143,0xa666f48d,0x0e0038f4,0x75ee6678,0x02bdd76d,0x3b45ac67,
-        0xa0d6cd5c,0x0d2fb828,0x9d8c5b11,0x27ce7f1d,0x120b5e96,0x141fe0e4,
-        0xb9267c37,0x95a1b984,0xd60312cd,0x5206e589,0xda549356,0x1867342e,
-        0x070c74ac,0x374520b9,0x9557b0b3,0x2703cbb5,0xa6ed8c14,0xf621f59c,
-        0xabf7b887,0x7ceb1cc2 },
-      { 0xdb7fd65b,0x0647a5bb,0x36c9457c,0xd8d45cc0,0x9e12718a,0xc6da99db,
-        0xe93a7fb1,0xed1dbbf4,0xbd1566a1,0x4512c95c,0xdbc0c919,0x4861ba00,
-        0x9e7f5269,0x3c6cc298,0x0941aaae,0x67196150,0xc8c538e3,0xbfcf5d0f,
-        0xa25a551f,0xad6e9929,0x17ca0f26,0x90710985,0xfa89ef7e,0x743b78ea,
-        0x71ab4549,0x39d5ea31,0xe6d1c36d,0x7442f3f3,0x059d568d,0x25a683e0,
-        0x227ced5c,0x1f629a99 } },
-    /* 45 */
-    { { 0xe45a1c3e,0x8925ddac,0x41f7545f,0x72d29365,0x37e7f828,0x45622fcb,
-        0x3e4c79d2,0x88234513,0x9c2645d6,0x5dffaf84,0x994802b9,0x3078f4dd,
-        0x9d339fa0,0x566927f0,0x9fd91dcc,0x9a500a1e,0x0ab0abd7,0xce008180,
-        0x8194e5df,0xd97135a3,0x98adf088,0x9e876307,0x9a45a2a7,0x3baf01b8,
-        0x788b4399,0x6fed6154,0xe77a997d,0x980e5722,0x2a378eed,0xaac90ffa,
-        0x8bd805a2,0x4a75fda2 },
-      { 0x55e74cbc,0xd09a8fbb,0xfab18f25,0x737738ce,0x9764ec3a,0x0fc23ad6,
-        0xe7e0ad31,0xc5a7d35b,0xe481cc9b,0xe75e068e,0x3d4aec34,0xf0c2ea99,
-        0x0d4a63c4,0xf1324fe8,0x99b0592c,0x5dbb7c16,0xa7e0f46b,0x442d674d,
-        0xa300faea,0x5a5d66c7,0x3333ac83,0xe83dc821,0x8c408496,0x70ef812e,
-        0x99ef5fc1,0x96e1dcb6,0x1734e862,0x6e2b771b,0x583507d8,0x04629cdc,
-        0x23d8179a,0x5819f9ae } },
-    /* 46 */
-    { { 0x6aa78811,0xd9969121,0x2103e7c3,0xf64ee8f4,0x22b9e698,0xddf01070,
-        0x4f582cde,0xe6001f9e,0x2ecfac1a,0x24a608af,0x06393009,0x6ef4c784,
-        0xebf72911,0x5262eae6,0x8c4ee5a0,0xddbd0af5,0xecd87bc7,0x875aff90,
-        0x6f24f114,0x2fddb34c,0xe865f172,0x48104281,0x886c1b9a,0x95692426,
-        0x9ef4231f,0x6f5f3208,0xd0a7e82e,0xaf587acf,0x9ac395c8,0xd6571917,
-        0x1364a750,0x7459603c },
-      { 0xf41ae519,0x1c2475bf,0x4af8f251,0x34401fb1,0xaefb2c3d,0x70ddfcd2,
-        0x51cdaf08,0x9b2d385b,0x8208bb19,0x8531c256,0x4c33f3f6,0x16c89df6,
-        0x24571769,0xc23cfa99,0x86d010ba,0x2339b51e,0x22638313,0x08db0e8d,
-        0x00fedeb7,0xf769e179,0xa3687ef1,0x3fd96dcb,0x91476475,0xcd046b23,
-        0x0c45c8dd,0xf3ff2064,0xb8343d78,0xefd167bd,0x4b77ee90,0x493ccb6d,
-        0xb3cf7b45,0x33025513 } },
-    /* 47 */
-    { { 0x35eaaca1,0x36f00469,0x89119102,0x0c384b75,0xe6d2954c,0xcb375665,
-        0xb1e9d6d7,0xcb9199b9,0xc29c2757,0x75852349,0xb8e738d0,0x89cbd1ba,
-        0x5923a427,0x9b8dbe90,0x18fe1889,0xa237793e,0xa742e083,0xa4271757,
-        0x4eebd613,0x8c4979d2,0xd4f2cf77,0x40325054,0x958705de,0xa3b8a091,
-        0x33d999ba,0x1b191bd9,0x3b0fee1e,0xbafefba4,0x3facdf14,0xb3bad184,
-        0x4387561c,0x9328adb0 },
-      { 0xf906b872,0xabe84e80,0x78262665,0x705523a0,0x3398ccf7,0xd89c6a7e,
-        0xf55b5323,0x2fab551d,0x0554dea8,0xa0578eca,0x375589cd,0xef26523d,
-        0x864ad750,0xd8fd6242,0x178fe1fe,0x93f27fc5,0x9df87422,0x7b3e6f30,
-        0x3750d054,0x2862e49e,0x5dc038a1,0x7d90c6b2,0x84db682b,0xc1a1ae22,
-        0x9881930a,0x47f3dab7,0xbaf3e0a4,0x30e6bd52,0xf62d25c5,0x0680025b,
-        0xadd0d5e7,0x0aa1f3cf } },
-    /* 48 */
-    { { 0x22a10453,0xa9822190,0x2a03a10b,0xdd1eb91c,0x96646f3b,0xafbb5d95,
-        0xf38b6fc6,0xa58de344,0xb8cfca1d,0xce47c3e5,0x0f70da04,0xfcd8e16d,
-        0xda262ed6,0xac44349b,0xc56e2f8e,0x9320d87b,0x19138e58,0x9ce3ea08,
-        0xa2b236c0,0xa5862dff,0x8e7efb0d,0x6b0f9a5c,0x16ac78eb,0x4b53432b,
-        0x709b51af,0x6ff43105,0x8f519628,0x08e236f8,0xeed403ad,0x1f93f176,
-        0x9636545e,0x559337e0 },
-      { 0xd8fd807a,0x30ddf738,0xab131222,0xf4e0ec9d,0x625afbc3,0x14a2f4db,
-        0x9f12f895,0xd5b70604,0xac3044fd,0xb46f3c23,0xf540148f,0x1b232d1f,
-        0x39b4e554,0x61b458f5,0x0dd70b75,0xf694b24a,0x289581d9,0x0fc64299,
-        0xee5fe22d,0xc05d49be,0x6a18bf63,0x7af3447f,0x7f1929d6,0xe96a1dc2,
-        0xc1551e8c,0x6afe6028,0x2b5d4fa2,0x27dacaf3,0x545c2cb4,0x4a1631bc,
-        0xb0c914d3,0x930070f9 } },
-    /* 49 */
-    { { 0x69a9bc05,0xd2f32c5e,0x589c4b73,0x0a5c19c6,0x94665f9c,0x095c9e5e,
-        0xbcfb4c39,0x8ab0f293,0x1ddb7c31,0xb9070877,0x66b38048,0x894e9658,
-        0x606bd9bd,0xf19a90cf,0xb6fd2d69,0xcc1d58df,0x461d8a69,0x886dcc4e,
-        0xf9ce4831,0xc455c277,0x765f8a82,0x749a5996,0xc3badc8d,0x2ffc668c,
-        0x9112cdab,0x38018396,0xb243c7cb,0xa98795c3,0x010a2224,0x8775f310,
-        0x587b5e14,0x043a2141 },
-      { 0x3a873752,0x7bbe9dbc,0x2f442fee,0xee1493f4,0xc18c2181,0x981ca2c8,
-        0xe29769e7,0x00ce3090,0xde768c5f,0xb4626ac8,0x34d7677e,0x33e9ce46,
-        0xe0fa94e6,0xf89c2cad,0x41f5b5bf,0x04f5cc11,0x2228c12c,0x2565f736,
-        0x0c05cce5,0xf1bf706a,0xbe487c4f,0x5d07ffff,0xa499f1a4,0x3ec43c09,
-        0x98d94800,0x4f4e79bb,0x073f12f8,0x8a335a16,0x0f970d6d,0x4bb5eaf7,
-        0xf24d0ae8,0x18d0747b } },
-    /* 50 */
-    { { 0x84601faf,0x58d3c77c,0xaf1c1f72,0xc9465be2,0xd116d806,0xff626798,
-        0xd5b0d93c,0x3996c0c6,0x5ec6723a,0x2fa1ad75,0x03ba5349,0x966a8144,
-        0x2ac34d8a,0xdc4c9422,0xed675865,0xddf471de,0x953d528f,0xd8aca597,
-        0x24ebf67d,0xb2e463b5,0x7e25b4d3,0x25824871,0x43159daa,0x23c5adba,
-        0x83357540,0x5458f9c6,0xf938b1a6,0xcf685da7,0xcefed231,0x981a4fda,
-        0x08bb5e59,0x711093ed },
-      { 0x401f161a,0x12aa3fc6,0x974c5e87,0xf7358560,0x17b5df82,0x4aa252fb,
-        0xa48e6299,0xb0b82b07,0x29dd847d,0x00234157,0x4529c5a6,0xf1e54d00,
-        0x6d98f538,0xcc1c539e,0x28d3abcb,0x36162b53,0x2a84f0cd,0x75a37938,
-        0x4dee7484,0xf717a81b,0x4c23bf1b,0x16cf35fb,0x787e8b3e,0x7fd1c29f,
-        0x59b79ab0,0xb7da7e68,0x85f6c60b,0x072100a0,0xe7ed48b5,0x31840159,
-        0x4d9c97d4,0x17898bda } },
-    /* 51 */
-    { { 0xae1b8cf8,0xcd8483d8,0xe9a28856,0x323d4b42,0x204a4bc2,0x7633584f,
-        0xca7a69fa,0x4e0b2228,0xf757bab2,0x8afbda8b,0x6cc5f9ca,0x85b24088,
-        0xd41a95c3,0x47fb4813,0xc2aabe6b,0x3f1bc53c,0x1ad1599d,0xf22cda3f,
-        0xc31ea9b1,0x1b2ec081,0x01614ac1,0x048f304b,0xc6afa7ab,0xce31cee9,
-        0x4140dc3d,0x55af7633,0xdce8abba,0x84b7ab37,0xc7cf3efe,0x50de7648,
-        0x15356ab2,0x73a88dcf },
-      { 0x06e83b39,0x3f868288,0x9f44037d,0x477a4413,0x17dbc841,0xf9058b0f,
-        0x54d17549,0x2db64f4f,0xf2307ffe,0xa23cea6a,0x4f126261,0x393efd55,
-        0x10f37f26,0x2f4e658a,0xf4ee1e35,0xa4437ce3,0xa93cde8b,0x64ef42a7,
-        0x939aa901,0x1debc9f4,0x3d7b5cd4,0x44223d6a,0xf88a3acc,0x789a6a11,
-        0x2c608a2d,0x56fb9df8,0xbbf56c06,0xe79db8e3,0x668fa300,0x73c56af2,
-        0xae396a1e,0x52f32b17 } },
-    /* 52 */
-    { { 0xe714f71a,0x56f524c1,0x9add8519,0xc1be1262,0x65cadbe3,0xad9189d8,
-        0x5a0fb649,0xd88bf5c8,0x21d192d9,0x9efa6a92,0x6f724b6f,0xe3fe8389,
-        0xb250119c,0xec3fae24,0x2ae0d3c0,0x4b6af9f6,0xd619624d,0x8fceba0b,
-        0x2fdb6e3a,0x7dc3092b,0x3263cd29,0xc91da376,0xf95c43bd,0x30c0761e,
-        0xcdeb44d9,0x89136400,0x43c0d31d,0xfd7dce84,0x9871899f,0x78fec3b1,
-        0xefdf58c1,0x79e14d28 },
-      { 0x9bb40c55,0xe3822235,0x0ed07a42,0x0a27202d,0x4838c1f4,0x48e6c1a9,
-        0xd864a78e,0x2b5f24a7,0x0c6c55c9,0x7e7f140a,0xce12d508,0xe62c104a,
-        0xc11b1e10,0x9b0a1a7e,0xafbb3dd5,0xfd8a275f,0x9a3b6b30,0xdff354fe,
-        0x46602a01,0x5a105d9e,0x93bb65f7,0x3d371b4d,0x0f82fdeb,0xda5cbf0b,
-        0xde468545,0x4601229b,0xc73d517e,0x505e10b9,0x672ff492,0x77cfa541,
-        0x99566ce2,0x0d8ec28a } },
-    /* 53 */
-    { { 0xcbeee995,0x014cf73e,0xd491e80c,0xb2eb88bc,0xd9aba5d4,0x615a6cad,
-        0x9304c84d,0x2f7d4633,0x8ab03c9a,0xba0501d2,0x91babb94,0xc8f723de,
-        0x50405772,0xc885f977,0xc7fcb094,0xb5e1d2b3,0xdf96c71a,0x61ee7995,
-        0x3464499e,0xb8c8daab,0x5f607932,0xdb425ddd,0xb1243587,0x70251ca1,
-        0x9fc74340,0x26d7d3be,0xc902ac89,0x8c179310,0x4559a74f,0x72522c15,
-        0xc3734afc,0x86001e27 },
-      { 0xe7693947,0x13b00ba5,0x012c062b,0x6478641e,0xe85490a8,0xe1a438e0,
-        0xd9574d5e,0x5173dbbf,0x9bd3ba61,0x9532eb8c,0x5f3ea075,0x1f41bcb8,
-        0x8cbb92b9,0xac1cc247,0x1ef901b4,0x0f34648e,0xd2b3b2ee,0xdd929d1e,
-        0xc3d75bfc,0x470f1eab,0x139cf4d2,0x5cdbc6f7,0xf0424953,0xcd86454d,
-        0x47fcb383,0x1e079812,0x17df930c,0xb9f209b4,0x114ebc00,0x4225fc31,
-        0x347946c1,0x020591cb } },
-    /* 54 */
-    { { 0x275e0af4,0xe3003721,0xe78a4a4b,0x721141ef,0xd1757485,0x666cfcf6,
-        0x168e659e,0x5fa1d737,0x0e2842ee,0x263e3e54,0x948bd5f6,0xadecc3d4,
-        0x246b104a,0x019de03d,0xf343d818,0xf8a9e903,0x5b0c0d31,0xcb57ba4a,
-        0x51e2765f,0x8246c506,0x6519bf67,0x80c5751f,0xf2119a01,0x5f05c200,
-        0x7821d4f4,0x7e6487b8,0x261c3a06,0x262f94aa,0x72146052,0x56cfe489,
-        0xa1df05ef,0x5119985f },
-      { 0xb18586c0,0x5819497d,0xc6eeaa62,0x004415d6,0x97cda28b,0x7c6a46b6,
-        0x7c194594,0x9a149b28,0x4ed3a506,0xb56369fa,0x43c94cb4,0x7092aa66,
-        0xa9e9eee2,0x55bce73a,0x77893509,0x34bb2870,0x06eb5326,0x8af95fb0,
-        0x9638f485,0x87cd0323,0x5ba75bf8,0x29376268,0x9d42d581,0xf32d6f3d,
-        0x65c6d64d,0xa4cad574,0xb2cded41,0x985f50fb,0x9006a067,0xcf34ce0e,
-        0x58a57f9a,0x59eaf265 } },
-    /* 55 */
-    { { 0x6ec3876f,0x7b407efb,0xf0f48648,0x780c6123,0xbf893039,0x2abb56ff,
-        0x45a91ab0,0x9592eaa0,0x78811b82,0xce5b84d7,0x1f9f3fc9,0x86a71a34,
-        0xf0e7e13b,0xc17fdd86,0x655a0880,0x88ed8297,0x81d5e666,0x75d6dc74,
-        0x1d171797,0xeffc9df6,0xe3f79e1f,0x36ad4c8d,0x2046192e,0xdb15317d,
-        0x274fda62,0x78c9fa7a,0x82dd9914,0x04ec924f,0x3a64971c,0x059d1e38,
-        0x2620bbfb,0x3b4450ea },
-      { 0xc776dcdb,0x3db7a955,0x81c8ba47,0x35c4a57c,0x505760fb,0xae285003,
-        0xb3aec353,0xe3e80691,0x47117be5,0x380335be,0x056ccf61,0xe1c47e3a,
-        0x33977916,0x253cfdeb,0xf5cb7ee1,0x3decdfba,0x7cf4b704,0xf3c9794f,
-        0x9ff81462,0x2401680c,0xbe3daa9f,0x4e440e11,0x69f91d8a,0xc5d04377,
-        0xcb5e9c5d,0x4106c7a8,0x33b7d24d,0x191909a1,0x3764b4a2,0xe893c838,
-        0xc429b614,0x4a7fe30c } },
-    /* 56 */
-    { { 0x2455c7c5,0xe78f3a70,0x70157754,0x5b7636e8,0x7623262c,0xf32c4524,
-        0x1bc780c7,0x2c98b11e,0x915ed877,0xd48eaeac,0x199265f4,0xbb04d3c0,
-        0xcfa5200f,0x6b52b19b,0x93ea3fe8,0xc46a0981,0xba758059,0xd82c733d,
-        0x1896aacc,0xd324bbd6,0xce8ecd51,0xac09a2fc,0x02fc44b3,0x529918fd,
-        0xaaa1784b,0xf0c45e4a,0xfe22085c,0x35626340,0xc50c7d61,0x53cbb676,
-        0x65126b23,0x83fa1ea3 },
-      { 0x10ccc646,0x60ac86da,0x7b0451e9,0x2ce0637f,0x8a088610,0xbbbcf630,
-        0x20349982,0x23c19019,0xfc0bcda0,0x707fc39c,0x1bd4fd7d,0x7f4d1f15,
-        0x44713bbb,0xd6a64e74,0xc5ac9e60,0x57bdc676,0x37b61169,0x456c5303,
-        0xdcf40a1d,0xd3451396,0x4997d2c7,0xf3edec25,0xc2c4a739,0x534ae9a4,
-        0x6a6ad2e2,0x1401397e,0x23e95f81,0x20769d4d,0xde98fabf,0xcee007c6,
-        0x931c51e0,0x61409779 } },
-    /* 57 */
-    { { 0x15156623,0x3ddb32db,0xab7a67c2,0x68137fbc,0x6f19e3c2,0x26011f50,
-        0x89924c61,0x34218b02,0xc6804c1c,0x492a0b0f,0xafaae6a7,0xd65be706,
-        0x0d01be61,0x3b13d23e,0xf87f4c69,0x44545b47,0x04dc1aa3,0xd42236e2,
-        0x3c5161ec,0x6135261d,0xbd88bc07,0x1eb46a63,0x1599d720,0x78c6d836,
-        0x69baf0f3,0xf6955fe1,0x17072820,0x467eebd6,0x3e3a340a,0x2f1b8a2a,
-        0x2d0b5f88,0x636dac76 },
-      { 0xb4c80af3,0x94280db9,0x4e3892ab,0x9a189cd1,0xd1477ddc,0x26e702e0,
-        0x68f9f14f,0xe91aee38,0x80baa0b2,0x2864f63a,0x8b714a29,0xacd81f73,
-        0xc5fe7cb6,0x30e1b870,0xb10837fd,0x883ea1c3,0x6b20489f,0x2da27953,
-        0x58a2da5f,0x3aeb2a68,0x03a8fa14,0xe2330bf2,0xdc70b1c4,0xb5c488b5,
-        0x299678f4,0x0a78c4d9,0x25df675c,0x233bd098,0x7b67d368,0x37b5c076,
-        0x4d0bef3f,0x2f6dbdfe } },
-    /* 58 */
-    { { 0x2e4da7c7,0x2f8472fd,0xae677932,0x708cfc91,0x3dc268e2,0x364af08a,
-        0x799a2424,0x0f10dfe0,0x71d58bff,0xef912d58,0x988962e6,0x6bf35dfc,
-        0x5f47ea0a,0x28b96fa9,0xaad308c1,0x734a79ea,0x9f437bba,0x95730337,
-        0x6cf54f75,0x002cbd8e,0xe7632eec,0x47606dcf,0x53193104,0x404b5ecb,
-        0x0acf729d,0x0ae0897c,0x3bddf1de,0x89628b86,0xf87d7448,0xeced154e,
-        0x458d5d4e,0x5cb6e197 },
-      { 0x008c75ed,0x98cef197,0xf6eeaaf8,0x7cf49d3e,0x1875e96d,0x1d6f9e02,
-        0xdd9b0d8a,0xfcec2cfe,0xb9576daa,0x38a61cfe,0x36a7dbb8,0x10003f39,
-        0x23b814f4,0xb37c3868,0xb80e3153,0x9fb66dcb,0x059847a8,0x9e7e2eba,
-        0x35a72770,0xa4ec63fd,0xfc9e0ed0,0x311f3d91,0xd515baa4,0x3c1dc094,
-        0xa08cd4e3,0x75a06ebc,0x2ed5eeaa,0xab617238,0xe1f52c1f,0x2e82bbb0,
-        0x5175d6e5,0x2149d630 } },
-    /* 59 */
-    { { 0x5f9311f6,0xee1a8e6f,0xbabc1f85,0xc97e3c9f,0xb494209a,0x4fa7c52e,
-        0x19774fe1,0x04c2f51c,0x8555844f,0x5cefd122,0xb5873ab3,0xb53862a3,
-        0xcbed19fc,0x768efdd6,0xee58469a,0xcdc12479,0x3d80c09c,0x11237e31,
-        0xc044c28c,0xdd74a290,0xbd47e287,0x9ee6517a,0xad0ffeef,0xc2421228,
-        0x818d281f,0x4273088f,0x43ec0de1,0xebc744bc,0xb415bd73,0x5b26eccf,
-        0xcb07c26c,0x14e2f350 },
-      { 0x4216946b,0x548d2a10,0x7a4bd92d,0x6e801f07,0x43695160,0x5996d0a3,
-        0x63a197c9,0x0f1b5c2f,0x061f77c9,0x79da3c4f,0x93ff7b22,0x1c1cd634,
-        0xa234123f,0x5e61b650,0xf284033c,0x826b34c5,0xc2f34214,0x718b90e8,
-        0xae806ec5,0xa5f35620,0xe324a9b4,0xa2fae345,0x8b53cb51,0x8c0bb95e,
-        0xf9965778,0xc94f6ac2,0x6b9def32,0x07ec607d,0xd0ed8f27,0x63bf1dba,
-        0xdcb61e4f,0x58537e02 } },
-    /* 60 */
-    { { 0x64f80ba2,0x1f64b064,0x0559a45b,0xe8e055e7,0xf1f4b634,0xc3262b34,
-        0xde8c8482,0xef4f7d5f,0xc30c780a,0x9d55dea0,0xcfa1e693,0x1740afb9,
-        0x7460c34b,0x2cfe6a66,0x1187c1ee,0xf6695941,0x5f974d94,0x1382f277,
-        0x004549eb,0x1ca0ace4,0xbabded02,0xf8244b3f,0x4e3653ea,0xc36f4d06,
-        0xc55c5f83,0xeab9f0dc,0xacebce90,0xd93b9cef,0x19061425,0x16658e72,
-        0x82d7970d,0x4857835f },
-      { 0xd2576210,0xdcd525bc,0xd51b5443,0x9f378aa7,0x1bd83994,0xfe97bf17,
-        0xf38ac621,0x930d0f63,0x818408cc,0xaf8f2c17,0x260f53f6,0x2692c87e,
-        0xdb0a75e4,0x0ee45407,0xffdb1b37,0x0ec47ae5,0x7aa6a44b,0x769129dc,
-        0x2e40b75d,0xb6f932b2,0x95ef3b77,0xe06764d0,0x68bc63e8,0x28fd47f5,
-        0x9c0014c0,0xd1810494,0xd7995d8e,0x90e2d3fd,0x6c2a85af,0xeb39a05d,
-        0xa21f3128,0x6c0277bd } },
-    /* 61 */
-    { { 0xb509e7ef,0xe41b7086,0x3d7f9f91,0x8842ec7b,0x5526b88b,0xcd285f94,
-        0x051dd0ab,0x6e44e064,0x774f1ceb,0x90198c10,0x123e661b,0x6ecabe98,
-        0x32f647d9,0x44811136,0x26c52aee,0x1dd82b45,0x939dc9d5,0xd650907f,
-        0xfcd455bf,0xbd5eeef2,0x8d2e5d7c,0x7815a4dd,0x88bc9f2a,0x5ad4ec92,
-        0x57a3b322,0xc6f10d0b,0x20b9cbdb,0xe8d0c1e7,0x9b774ee8,0x5a0b071a,
-        0xf22fcf8f,0x3067bc9a },
-      { 0xb7ca9326,0xe0e589f2,0xb1224f63,0x17a106fd,0x747a57bd,0xb2354521,
-        0x62b0882e,0x2614982d,0x4391ffcf,0x7f3af544,0xa84e440d,0x1aaa337b,
-        0x941bb071,0x28ea37b0,0x2e4a7f54,0xa957dcb4,0x1a6ad5fb,0xe7ab662c,
-        0xf7c36a20,0xd135e381,0x9baa0b6b,0x42e7980c,0x94e4671f,0x4237030c,
-        0x8b0922e3,0x24cc63ff,0x445a589f,0xd10d5279,0xa870ff6c,0xbb99d316,
-        0xa996c195,0x390c83ca } },
-    /* 62 */
-    { { 0xffc4a73f,0x50d3fa82,0x3bd53303,0x2665d635,0x264bb77d,0x80a06f8a,
-        0x22d73d84,0x81c04a6e,0x0323b8aa,0x2409cff5,0x8c4c4d5a,0x31dce217,
-        0x0c0f9c19,0x374aa80e,0x00186bb8,0x0b25a387,0xaaf1487f,0xd0b77a10,
-        0xab498de1,0x15f39ad5,0x1aa0c116,0x92e32da6,0x96e25ce8,0x228e3dbd,
-        0x5e8646d1,0xb57c88dc,0x267b1c68,0x672b1164,0x600bdec5,0x5d0d807f,
-        0x223e573a,0x3ea4007d },
-      { 0xa595d0a3,0xd76debd0,0xaff0b3b4,0xa6bd76cb,0x9b1bdb97,0xbf2c154f,
-        0x4c714c71,0x62b19ab4,0x221af663,0xc9bf33b9,0x8c941ef6,0x23d87c49,
-        0xd79f0f6d,0x255804c3,0x2a7acbc1,0x6f1a1005,0x550528af,0x5dab79d9,
-        0xc8d16213,0xfd77a6f0,0xde5e1029,0x40508b6d,0xf95da12b,0xd95ac0f2,
-        0x758a8ba1,0x8860af71,0x7160c8fb,0x0b194c83,0xce004d34,0xa40e6c80,
-        0x6b14aaa0,0x09f82a17 } },
-    /* 63 */
-    { { 0xc21366dc,0x60abe588,0xaf75daf9,0x729c0a4f,0xacb93ed4,0x70501fd9,
-        0x87a16d70,0xb97e744e,0x98e7361b,0xa42e0a7a,0x28b54cf3,0x1acdaff2,
-        0xb7bd9078,0xf087ccbb,0x663250e7,0xda6f3983,0xbaf07c09,0x66d693ee,
-        0x8cbaf157,0x79baf4c3,0xdfca99d0,0x5a984e07,0xf26d8dab,0xab4d3247,
-        0x7eba36f9,0x4d0be701,0x0e8dd216,0x37bb9e65,0x531c4f03,0x72aa4e24,
-        0xb753d85a,0x77d1e984 },
-      { 0xd8e62367,0xd9373239,0xb9820cf1,0x3361848b,0x5a9c97c4,0x00c7e344,
-        0x14f960fc,0x9a0ec9ae,0x740474b5,0xcf41f0cf,0xece065d5,0xa5eede8f,
-        0x9e808610,0xb1de5a4e,0xae0cf75d,0x17c44ae4,0x6b148d0b,0x2fa56323,
-        0xd29ff2dc,0x64fa740f,0x88cb212e,0xc605eb8a,0x6a863016,0xf2c771ad,
-        0x607b4c17,0x6d6112e7,0x40d49785,0xfe90ec07,0xe256e0e5,0x599be18b,
-        0xca54adb0,0x4e6eabec } },
-    /* 64 */
-    { { 0xfb99cfe6,0x950323d3,0xc9334178,0x7b09bc26,0x7cbdfb6f,0x64111e41,
-        0x89a75760,0x91141744,0x10919cb0,0x4c633df9,0x396bfd2f,0x715fc7c7,
-        0x8cab62db,0x8ca19512,0x4db81aac,0x30672473,0xb4c4c54a,0xe67a246b,
-        0xbf229646,0xd77ea0fa,0xfa5b5d70,0x5bed15f1,0xc2f192f3,0xa5686da5,
-        0x7f6690ad,0xdecac72a,0xcaa50b7d,0x0c4af2a2,0x6049ad2f,0xf44631c1,
-        0x04ecf056,0x325d2796 },
-      { 0x4848c144,0xee11fb55,0xb6a7af32,0x4e062925,0x369e0f9a,0x125b68e1,
-        0xca53b21e,0xad9bdae6,0x2e98ea1b,0xf50d605c,0x9f2fa395,0xbdb9e153,
-        0xe91532f5,0x4570e32d,0x46a250d7,0x810698ae,0xad9d9145,0x7fd9546c,
-        0x11e97a5e,0xabf67721,0x249f82e9,0xca29f7d5,0x9851df63,0xa9c539a9,
-        0x71d0e3e5,0xfd84d54b,0x041d2b56,0xd1e0459c,0xfd80096a,0xceb3eb6e,
-        0xe32a79d3,0x19d48546 } },
-    /* 65 */
-    { { 0xb540f5e5,0xfe19ee8f,0x04e68d17,0x86d2a52f,0xadbdc871,0xd2320db0,
-        0xd03a7fc8,0xa83ad5a8,0x08bcb916,0x54bf83c7,0x2e51e840,0x092133ea,
-        0xcb52dddf,0xbce38424,0x31063583,0xd5c7be40,0x458e3176,0xc1ebb9df,
-        0xbc4dabbf,0xafb19639,0xc05725a8,0x36350fe4,0x84e1cd24,0xac4a0634,
-        0xc145b8de,0xadf73154,0xb3483237,0x0aa6dd9e,0xcbff2720,0xa3345c3d,
-        0xb4e453b0,0x1b3ace6c },
-      { 0x90a8bdc5,0x0343e5e9,0x6306a089,0xa203bf9d,0x8e48520e,0x98489a35,
-        0xde7d1d06,0xbd17debe,0x5f795d3f,0x8fafa6d7,0x387b0a3f,0xa4ceb630,
-        0xffddeafa,0xe0166b32,0x7e764e02,0xa2fe2054,0xe871f304,0x55ab9824,
-        0x952ec45e,0xa2bd36bb,0xa90d20ca,0x7b4c1484,0x75bcfb53,0x5319f387,
-        0x6982c4e5,0x34238a4a,0xa102921d,0xa2bb61c7,0xdb3ab17e,0x1e061b64,
-        0x192f0a14,0x538ec33e } },
-    /* 66 */
-    { { 0xa19b56cf,0x193496fe,0x7bb99acd,0x663d77f4,0x57d0a881,0x8f04afa8,
-        0x082835fd,0xcced3da2,0x5d82cec7,0x7e21faed,0xf8009c85,0x6e175b99,
-        0x2d05a307,0xd9c6e31b,0x81487d82,0x96948d4a,0xd46f6655,0x86ebd3f2,
-        0x773ccc49,0x86851aa8,0x8b1640a6,0x3e220f22,0x41a20b75,0x9f06e3a8,
-        0x90ac0a6f,0x2cfffe5e,0x8ebeb3fb,0xf5a9b1da,0x6e08e2c9,0x2587d997,
-        0x03e9f401,0x6fd60298 },
-      { 0x8eb7516a,0x54709f8d,0xbdc598ab,0x83058a74,0x87e801ce,0xd234dd98,
-        0xd17b8a96,0xfd0f9d90,0x6e90f6ab,0xaa1e549f,0x5a7ed55b,0x2496ff80,
-        0x6c254c19,0x0d9f657a,0xb8962575,0x3cdea49c,0x2dff27de,0xb685a3f0,
-        0xdb8bc04b,0x3c50e7fd,0x987236b0,0x904ff0ff,0xbb0d5055,0x494298fd,
-        0xe14be8d0,0x34b3386d,0x7c3d30d6,0x7ad34e9c,0xe159fdd9,0x1f2b32bd,
-        0xc761e5c0,0x84cfa23c } },
-    /* 67 */
-    { { 0x8b99b964,0x13bc11eb,0x58e2fc47,0x8e280c0a,0xd4c9a54b,0x870fbc49,
-        0xbf6e20fa,0x37a334a2,0xd7c88cfa,0xee583d0d,0xef4af1da,0x05e029a8,
-        0x0c2ef8a6,0x6d55e234,0x209e9b62,0x61b6fdfe,0xbb8e080f,0x3b1dad26,
-        0x9392fc1a,0x5adbc162,0x0aae3f4e,0x02ac0fe6,0xc2bf4d5b,0x8d99801a,
-        0xc282fed2,0x2333f93f,0xb52db33f,0x16dcb10c,0xc55752e7,0x09f90f84,
-        0xc84a0d8e,0x287d4c51 },
-      { 0x0e9867da,0x5fa58201,0x1a874cda,0x614589b3,0xfbdee22e,0x005e27c5,
-        0xe612bda8,0xe357fef5,0x2d3635f9,0x4e0dbedf,0x6f125a86,0x62be70e4,
-        0x0d94a2e5,0xa09b9884,0x28b5e5d1,0x7eb99a15,0x751028b5,0x21b9416e,
-        0xe06d2cc4,0x1b137fd7,0xfea09845,0x6fa1f517,0xffcecbd7,0x3ba1e966,
-        0x832f453e,0xd4c89a4a,0xeca68fa1,0x07b1e2af,0x4bd395a3,0xd0fb4453,
-        0xd8ef9e13,0x0132a3dc } },
-    /* 68 */
-    { { 0x576374c2,0xe53c7785,0x84727040,0xe60526d1,0x228ca044,0x8a066dc8,
-        0xf1ce1313,0x1fe1c1b2,0xcdeb0c5d,0x2aeec832,0x9cbf826f,0xa7596699,
-        0xde77a589,0xcd188e81,0x118d1254,0xe5ce0fe0,0x0790b86a,0xa142a984,
-        0x39ac28ce,0xe28f043f,0x87de5804,0x4eef8290,0xf639a8c5,0x83c31b32,
-        0x5887794f,0xd70454a7,0x18b1b391,0xca635d50,0x31d9c795,0xcefea076,
-        0xb6f8aa25,0x13cbee76 },
-      { 0x8d3f34f3,0x79cabe0f,0xa3617fe3,0xbda9c31c,0xdd9426a1,0xb26dee23,
-        0xf29c9104,0xe9dd9627,0xe2c6cd3b,0x033eb169,0xfcba2196,0x8a73f492,
-        0xb858c83c,0x92e37e0b,0x23b3fbb7,0xe4f2aca6,0x64be00a2,0x8101fb1e,
-        0x948f6448,0x91a7826a,0x907260e7,0x414067b4,0xe30bb835,0xf774aa50,
-        0xc999c06e,0xf922ca80,0x0ba08511,0x6b8635b9,0x25fa04f0,0xbf936b5c,
-        0xe02e8967,0x4e0a1ada } },
-    /* 69 */
-    { { 0x8ba29c4d,0x00ca6670,0x22988094,0xc08240ce,0x16dda752,0x21c5ca67,
-        0xabbbfa34,0x689c0e45,0x3ed28b72,0x1d7545fd,0xd7c56ab4,0x5f221198,
-        0x38759d65,0x4b3d8f74,0x8fe50b89,0x93490dfb,0xe80eba16,0xb641f5d7,
-        0x79acb537,0x7b0da5eb,0x0c1d5e5e,0xab6b1497,0xa5da429a,0x2338e68d,
-        0x2f6d2f25,0xe010c437,0x6530f3a7,0x226f16d2,0xcbef08bc,0xefb0f7b6,
-        0x9f99c999,0x733e30d9 },
-      { 0xa42a38f9,0xecfe1582,0x4730b500,0xaec2d58e,0xde976b2c,0x2ee2f2a7,
-        0xa969c1bb,0xf0539db5,0xfcecdb4a,0x31954168,0xe7a8e902,0xf2f7348a,
-        0x3121541f,0x1d58d7cc,0x2202ae52,0x5d25b75c,0xf40835a7,0xdea9965a,
-        0x529b4e46,0x3feb6a41,0xbd27ad9b,0x5c97fb6f,0x261f900b,0xd87554c0,
-        0x04d5b19e,0xb43031d9,0xcb219b9c,0x33d5e9b8,0x3ee00bcf,0x7a43d492,
-        0xb79a5c0c,0x56facb39 } },
-    /* 70 */
-    { { 0xa3018bfa,0x019165a2,0x9ffad984,0x100c6b24,0x55341a9b,0xbbf1b1f6,
-        0x25dc4cc9,0xe6bd1d97,0x2bfffe60,0x52850ed5,0x7e5509ab,0x24e992cc,
-        0x4ceb59f1,0xff6c502e,0x1aa7d148,0x2f0b3573,0xe7e3aa46,0xe90c1ddd,
-        0xd1142880,0xbaec9f45,0x65be5dd5,0x475cfd26,0x1febce13,0x83abb14e,
-        0x80942d30,0x6aba4829,0x297e82c8,0x1e1b235d,0x50d8218d,0xb771cdbe,
-        0xd94d6cbb,0x88599266 },
-      { 0x155ccaf2,0x08847290,0x7c5b773e,0x8679ebc7,0xb2dd08ed,0xa88b2dd1,
-        0x87d475db,0x960a180e,0x6694d02a,0x80fdb6b7,0x3f3f9e96,0x3e8758c9,
-        0x4ad836c4,0xbda3f6fa,0x32fb387d,0x9400c581,0x2550200f,0x25a78542,
-        0x776ecf18,0x2a97c351,0x566db59a,0x03ebf46e,0x26545eda,0x4743a280,
-        0xcf74ab44,0xed169d84,0x88cb3f69,0xbaab931d,0xd8257196,0x70ae932c,
-        0xa0c09719,0x797224a6 } },
-    /* 71 */
-    { { 0x441f3567,0x632923f8,0x2e24bf1d,0xc11c3168,0xb7671fff,0x4b97726b,
-        0x7a5e1a22,0x601746a7,0x3addb417,0x53dddea0,0x7f59b846,0x57867a3c,
-        0x56cd7ff7,0xb012a987,0xf19ba9a8,0x1bd5fec9,0xf8306748,0x750379a2,
-        0xab8c05d1,0x7763445d,0x7903f42a,0x5d7f441b,0xa903e46d,0xc011674d,
-        0xadd126c1,0x1b1d3c4d,0x61455b40,0xa2752aac,0x555c356e,0x4da42a68,
-        0xd820852c,0x3ff09c15 },
-      { 0xf9cb7784,0x4c0a1bce,0x2422f305,0xaec539bc,0x0c414aa7,0x5f40f9fd,
-        0xffd42bc4,0xd3aa316c,0x2f358e15,0x42f5a4c3,0xd6e27682,0x00bdcd9e,
-        0xf8a5ecee,0x069f789f,0x05e14f5d,0x8078018e,0x8b40c741,0x2bb3e493,
-        0x7917f72d,0x5dbc8c1d,0xcc57150c,0xe0eea664,0xc3fa8920,0xa25ecc5a,
-        0x1c797164,0x3c21b0f5,0x634ad16b,0x8f09a2f2,0x58391d9a,0x8e730fc5,
-        0x4fdfae4c,0x47ef1805 } },
-    /* 72 */
-    { { 0x3da285e4,0x9965f3d1,0x3a01e3f4,0xba7d4dba,0x61214ad0,0x4738413a,
-        0x22397549,0xd3b7d535,0x5a730b92,0xa53dbdcf,0x332d165d,0x3130d92b,
-        0x82f97ef4,0x44a28541,0x44dce1b6,0xbf62221c,0x7e2a0ec9,0xbba13858,
-        0xcbfad998,0x33f32c8d,0xb5fed44b,0x409e5f3f,0xc66217bb,0x5c328c65,
-        0xfcdf71a9,0xb00db69f,0xb8920788,0xa23c2a21,0x3ae6464b,0xf8ab28e6,
-        0xb8de0861,0x1a6b6e9c },
-      { 0x06af77aa,0xaf6ec2b6,0xa887f065,0x2e60f5cd,0x9f498c56,0x87d21400,
-        0xfcbaaf4b,0xdb595b59,0x271ab855,0x0fb592a1,0xd4349b0c,0xa0ce10e5,
-        0x887d8c9c,0x9d6187d8,0x154bd6db,0x03ee95f9,0x5d06c999,0x8fe53213,
-        0xfb6a64d0,0xf4a7bc30,0x66a4cb60,0x3d22af0d,0x5d37367c,0x16952cef,
-        0x997d8e55,0x6f0ea734,0x731732d0,0xb447c70f,0xa9cb3942,0x00ab3034,
-        0x28510fd0,0x79dd0180 } },
-    /* 73 */
-    { { 0x3ac7424e,0x04e0033a,0x60fda4d0,0xdb06b688,0xbcb772fb,0x236a9766,
-        0xf297cda4,0x294a8e2b,0xdb013c6e,0x4b0aab85,0x8723a3ad,0x3d2aec98,
-        0x13c84a6b,0x0cae32cd,0x70ec169e,0x21888f5e,0x42a88262,0x739633bd,
-        0x7b60d9b8,0x68ac792e,0x10769fe1,0x89f2b722,0xd24bed34,0x8f3fcfe6,
-        0xa3eb24aa,0xd35efb88,0x484c706b,0xddecfa3f,0x929ece0d,0x7cc119a9,
-        0x8d405436,0x87e5ad45 },
-      { 0x7d1000a7,0xba99aa9d,0xae823833,0x8b94affc,0xdfb83dc5,0xc8229628,
-        0x845a418d,0x2f59fe11,0x5d417054,0xa8b970f8,0x72b71581,0x8918c265,
-        0xc0d1dd17,0xe4ef477d,0x3afad7c0,0xb50b4cf3,0x01870a5b,0x21baea79,
-        0xbb3a2868,0xc77087f9,0x124a59cd,0x7857531e,0x57f43239,0xed74c26f,
-        0x0164c94a,0xd5f5ae25,0xf094bf74,0x6608b7e2,0xfdceea32,0xf4cdb5ba,
-        0x990cc045,0x0b712519 } },
-    /* 74 */
-    { { 0x88d5c64d,0x5a290ca1,0xa7492534,0x0596d749,0x2a00e925,0xa04b0d3d,
-        0xcaf7b66b,0x082cd02c,0xecdded83,0x912b50c2,0xff31646e,0x813ce9de,
-        0xc75fff95,0x62ae70c7,0x7e2a4615,0x6f6852e0,0x03804fd1,0x320fd7d0,
-        0x8218e8d9,0xb1a2a4dd,0xafc645d7,0x4918a6fb,0xe8d9fdbe,0xfb080fa1,
-        0x4470b6ee,0x33d4d08a,0x6d974ef7,0xd2ba2077,0x69dae5d2,0x8ecb95a7,
-        0x7d69596d,0x7a3f423a },
-      { 0x9a929387,0x362d2ca6,0xcb1c1fff,0xabdb7581,0x7e51b6cb,0xd892ec9f,
-        0x3a4e131f,0xee8d8632,0x5bd87561,0x4680e3f1,0xd4e7e732,0xe3a597e1,
-        0x5581fefe,0x3cc72b7c,0xca8cae0b,0xf3e77f8a,0x5e2fd4af,0xfcc7d7dc,
-        0x21355b79,0xdd3a4552,0xa2c07177,0x546b24f2,0x0689621f,0x415b532d,
-        0x3f78163e,0x2be9af51,0x33d7ed21,0x27d63b9b,0x96802943,0xab019ef2,
-        0x1623faf4,0x2da5fc55 } },
-    /* 75 */
-    { { 0xc8a5c600,0x62429cf3,0x3fe33e7c,0xa7a80c22,0x0a57ddcb,0x9ffda740,
-        0x925b0c74,0xd1ae156d,0x6b100eb0,0x097a43f9,0xef943c81,0x169e945c,
-        0x1128cf24,0xa1f734e5,0x419f0133,0x04387c4a,0x01044024,0xc007868b,
-        0x90359cf2,0xe5416abf,0x478d54e3,0xf9c76fee,0x42a2173e,0x66219da6,
-        0x9fe30141,0x61e03156,0x93ef247e,0xa0ff5ce3,0x072b6592,0x811792ba,
-        0x70c854d3,0x855f0219 },
-      { 0x847314c4,0x61fbfb6c,0xeb45b96a,0x97906155,0x6ba2afac,0x7102e146,
-        0xab949781,0xed51f975,0xc110c4fe,0x9d2f5b17,0xaff57667,0x7ac8ce70,
-        0x6eb244e7,0xe7366a21,0x551c65c7,0xdd1bbcec,0xe1a859de,0xb525060a,
-        0x8ba7d2e7,0x7a048174,0xab8ea8c4,0xe1a2c541,0x6fdff078,0x6e7824c3,
-        0x14874b04,0x79b49fc7,0x06b1f733,0x22ae337f,0x6f8fe6cf,0x1c352192,
-        0x525d0797,0x292236cf } },
-    /* 76 */
-    { { 0x7d8b29dc,0xcdb8d80a,0x08ea648a,0xd17a2024,0xae92be91,0x7db12c5e,
-        0xfda72fbc,0x1f347d18,0x9e760c6f,0x11374b40,0xd8e38d91,0x7361e8f1,
-        0x739ac1f4,0x7714be9d,0xb4df5c4e,0xc1f9701c,0x6f72cae1,0xd9138ed8,
-        0x6ad180c4,0x1c7fe1f7,0x9e2dbf9c,0xf8c185be,0x7c70c44d,0x835db269,
-        0xb0d15b5f,0xf997cfea,0x61e6545e,0x5101445a,0x25184e5e,0x16b06884,
-        0x7521e7aa,0x7cfac359 },
-      { 0x3c0bc53a,0x81182167,0x7e751367,0x84b5ede3,0xa3657a18,0x3ca255fd,
-        0xba1fdd98,0x096abbf4,0xc5da77d8,0x9ce8369f,0xaab342c5,0xf27b9ae7,
-        0x972059f1,0x06c91bd6,0x914ecfe9,0xee0dab30,0x93f53f12,0xbb647fbb,
-        0xffa57e0e,0x30c38a7a,0x9f2ad607,0x517d06ef,0xbb99dcc9,0x49728d87,
-        0x446080a1,0xb0034af1,0x12b9c17d,0xcc810c3f,0x772a22a0,0x7225f14f,
-        0x1ddf82bd,0x6ce3dc7f } },
-    /* 77 */
-    { { 0xa4397830,0xc07cd835,0xf4733306,0x4dd9290c,0x29989e8c,0xdd35d3a8,
-        0x563d8152,0x79902559,0xe87de61b,0xf278d911,0x1024e35c,0x9c7340c7,
-        0x4a0d0e59,0x2d444461,0xf32626a1,0x63e7608f,0xc4c9baa9,0x627a37e9,
-        0x76fffd25,0x0c56dc51,0xcef2a1cd,0xcb6defc8,0xefc559d9,0xcbcc0d56,
-        0x041cb692,0xe45f3fc5,0xe5161e09,0xcd05c239,0x5c3b559c,0x2a731ee9,
-        0xa3d0a16d,0x85151122 },
-      { 0x86ff19e2,0x782d0335,0x1da28603,0xc2c60daa,0x557c7eed,0xb2e78cfe,
-        0x1bc4e8b0,0xa8f6f984,0x3df35c67,0xcc1f9b4b,0x4764462a,0x96e13603,
-        0x7c7ae0b0,0xbf910b97,0x51435956,0x27c7f305,0xf631eae5,0xc14db15c,
-        0x7e69b34c,0xa51d6142,0x5fc12ff2,0xdec82851,0xfb887162,0xfcceae13,
-        0xde1488bd,0xda332ac1,0x2ee3e74c,0xa20374e2,0xf0ae069c,0x597ea1a1,
-        0x77bdec04,0x8b1159f2 } },
-    /* 78 */
-    { { 0x2f961d30,0x4af71a44,0x7ac7248f,0xbdf968a8,0xb1a906cd,0xd32df87c,
-        0x04abf925,0x00c10e26,0xb9f04d4c,0xb8711759,0x939705da,0x00d54e60,
-        0xc9f80849,0xf7587433,0x6a7a2375,0x2e9abade,0x94ac17ac,0x5676d478,
-        0xc202d99c,0x4ca0525b,0xabfae73d,0x95b8bcad,0x3405991b,0x2371ed38,
-        0x458a99c3,0x2b69e47a,0x2b78c866,0x7cac0b18,0xe0232c7c,0x6ceaa79b,
-        0x588f7459,0x0bd86433 },
-      { 0x7e734189,0xdea1a8b4,0xcfe5fa17,0x52c5ac88,0x11437664,0x444a4d4e,
-        0xaf9e9750,0xc2522308,0xd30c6b3b,0x78b1d0c3,0x4c6df477,0x2edae5f0,
-        0x2ee88dd7,0x53131d9a,0xacc93e34,0xc4e380ee,0xa8db0e8e,0xd499b1ac,
-        0x7f5d49d7,0x77348c16,0x1556ccd7,0xc9663257,0x2611d13d,0x65ce0e8c,
-        0xb5a2fdcc,0x2c95fe66,0x8658faa1,0x26698832,0x31c32c98,0xda87d1f4,
-        0xfcd91907,0x46650598 } },
-    /* 79 */
-    { { 0x6b4a5efa,0x4c6c13cc,0x1d07b265,0xc481989b,0x8bdc69c0,0x10b966ce,
-        0x2c2531d4,0xf54cfaa2,0xcad0a100,0xcb5f1808,0xee5da449,0xbeb52538,
-        0xbedd83cc,0xa6240085,0xd6255c78,0xe792dacf,0x2062058f,0x88371906,
-        0xed1658c1,0x96615e83,0x7d28d542,0x4b549b27,0x83b75df3,0xeaf127db,
-        0x17fbb942,0x4f60df6d,0xf6f7c930,0xd08631db,0x6018789f,0x17c38f98,
-        0xb9a9280c,0x0c43574a },
-      { 0x1d20cad0,0x76eb324c,0x8c61108a,0x90decb09,0x6f06d36d,0xa6e9d39c,
-        0xbc0da197,0x6cd978ba,0x507ac5ce,0x5948b1c0,0xc5497eb5,0x2bd47164,
-        0x4d5914e3,0x2a9c4c0f,0xa759f03c,0x772c5046,0x69ac847e,0xe7d7328a,
-        0x3048b330,0xa8d57d0c,0x40f7bace,0xe60034e0,0xa85f1790,0x823d9193,
-        0x5c859736,0xa6e9b66c,0x679e1022,0x22ca2c7a,0x09023fa4,0x00e7a19c,
-        0x2726d5b9,0x324999f1 } },
-    /* 80 */
-    { { 0x7c834915,0x667eaed6,0xbc5eb64d,0x9f77aa6a,0x25d62011,0x729ebcb6,
-        0x699fd9c2,0x0aee24f2,0x2b8d4f6c,0xe1eb5874,0x14c976d6,0x7f12710c,
-        0xf6d9ea65,0x91390335,0x06b50064,0x668b7049,0x0876ee4f,0x65969a0e,
-        0x2f9d9360,0xf901bf3f,0xb499e3ce,0xfb1a8651,0xf2dbcaaa,0x80b953fb,
-        0x973b06b6,0x312cc566,0x3af36c64,0x3534d9c3,0x10ffd815,0xe4463a52,
-        0xf18c2b91,0x57ea2b4b },
-      { 0x8aa0f2f2,0x00f5e162,0x0e46bcaa,0x8c7e75c5,0xa4a2c42d,0x97ab479a,
-        0x14baa202,0xb4f308ea,0x6943cc2e,0xa901bd14,0xeed58804,0xbb125fee,
-        0x9d180f7c,0x6502c8f9,0x1580c61c,0xe5353919,0x27101ee3,0x7e278069,
-        0xfaa72717,0x7a0a40a1,0x4c75b153,0x32edce02,0x538f1c22,0xda23660b,
-        0xbe307d2e,0x4d511e98,0x9baee0b4,0x24276e40,0x7ff1f307,0xa78c3927,
-        0xea7935c9,0x60480b46 } },
-    /* 81 */
-    { { 0x3872ece3,0x31087d66,0x955b70f8,0x5f29be7d,0x9cf95bb8,0xb50b4fc7,
-        0xdbffa621,0xbae3b58d,0xe022ba5d,0x0e61d280,0x4181449c,0x78ae5117,
-        0xcf555485,0x0b132840,0xb8ce0b0e,0x800ed1b6,0x78d5de3d,0x35dffdd5,
-        0x69a56b47,0xf7e42374,0x8d910ae7,0xd5e32369,0x6313c7c7,0xb6ff52a0,
-        0xa92de9e5,0x5a2fe20d,0xd12110bb,0x41b347d3,0x40c16f23,0xc5905edb,
-        0x9a8f88cc,0x0774a0d3 },
-      { 0xe3b6c106,0x3ae181ab,0x8de150b7,0x4ebe163f,0x6f354836,0xcf75b82f,
-        0x3ac7ac16,0xaa0d2063,0x291722af,0x5c680668,0x11545553,0x73941e61,
-        0xbf5de3f7,0x17127e38,0x1afb41da,0x32cfdf03,0x87bc8663,0xc6893c91,
-        0xa62c9c99,0x75046744,0x962c1947,0x96866e2d,0x378cdf4c,0x489ec8df,
-        0x3407fa32,0x3a60709b,0x551290d1,0xd37d2159,0xbab92273,0x9623d303,
-        0x2432014b,0x08151954 } },
-    /* 82 */
-    { { 0xfb7b2108,0xf9236d89,0xad75f9aa,0x3ecc83cc,0xb4e1da11,0xf7c72b15,
-        0x0315c362,0x552aeaef,0xf272fe3f,0x11e140ed,0x87843ee8,0x99d79bf6,
-        0x1d9bb25b,0xce6b54fd,0x5b1bad74,0xb20b0e21,0x5b84c90d,0x54a0214f,
-        0xfca6cec9,0x459bbf52,0x9e4df76f,0xe363c48d,0xd64cf17e,0x3045f84e,
-        0xf62ada48,0x8402a167,0x6a74ca01,0x2c9e1bf3,0xf691c42d,0xe8cf9d41,
-        0xc2c4b874,0x5abf2178 },
-      { 0xf3b3bccd,0x4777966b,0xbe3e0caa,0x0047e0f0,0x8c7d5043,0xcb8383b3,
-        0x946fd5fc,0xe77e3baf,0xe9ec0e87,0x79baa785,0xc8a18d25,0xd83c557c,
-        0x25befcfe,0x9b96e5af,0x98c71b61,0x4f05d15e,0x77e62da1,0x081f991a,
-        0xcbaa3821,0x1c6ec781,0xe54d9bfb,0x7522f65d,0x44ed1430,0xf5d05573,
-        0x95cafdda,0x3035b31f,0x6378f5bf,0x47e67f43,0x5270b9d9,0x029f7cad,
-        0x4d916a48,0x15ad1587 } },
-    /* 83 */
-    { { 0xaa588ae4,0x00de2ece,0xa371a232,0x552ebc58,0x71230444,0xd00ea934,
-        0xe4b1832d,0xafbfa67d,0xb689e843,0x29216341,0x61f4e2e8,0x1f96bbbd,
-        0x04c29dc5,0x95420684,0x42317fd1,0xc7fe3827,0x63483162,0xe0a0aec6,
-        0x0700184f,0xfc2b94d1,0xfe1fbd85,0x07219973,0xfb074352,0x648b6ab1,
-        0xc46e5392,0x23bbdaad,0x00fa56ff,0x0db8dd1f,0x866725f6,0x104815eb,
-        0x52e81963,0x3f9c4cca },
-      { 0x32ce637e,0xff36b297,0xf5d25cdd,0x81a15f2d,0x8b02ad97,0x1a1d052d,
-        0xcfbab3e9,0x2e5f3bbc,0x614eeb75,0x60d2cbd7,0xcd5a793a,0xd4491843,
-        0xcdba2144,0x2242cf75,0x88b99766,0xa20705e7,0xec77e132,0x64e12cc0,
-        0xb61a9b05,0xb1c14df6,0x74825b5a,0x8fd97f04,0x3da31223,0x95604821,
-        0x4d30c70d,0xde486727,0x1c12ee69,0xbcab8f15,0x668d893d,0x5dc638b4,
-        0x223f574b,0x6479dad6 } },
-    /* 84 */
-    { { 0xb05f2b26,0x569044f3,0x80b9f76c,0xb35a294a,0x4290f6ae,0x8839fe28,
-        0x026a5877,0x761cfb23,0x2e5ff9c3,0x768926b6,0x0b11c576,0xbae6cd20,
-        0x72a03efe,0xdc857756,0xe1bad63a,0x0cae074a,0xd709d99c,0x3fe491a1,
-        0x6501d9c1,0x76c5ded6,0xc32aeff7,0x1da6eca1,0xc57683e8,0x50849d55,
-        0xdf98d847,0x9e392e9c,0x64d9a564,0xfad7982f,0xa37b98b2,0xf7c3bdb7,
-        0xf0860497,0x1fe09f94 },
-      { 0x7648cc63,0x49a7eaae,0x67cfa714,0x13ea2511,0x653f4559,0xfc8b923c,
-        0x81a16e86,0xd957619b,0x3c864674,0x0c7e804b,0x1616599a,0xfc88134a,
-        0x0a652328,0x366ea969,0x4bc9029e,0x41532960,0xae2aad2b,0xef9e1994,
-        0x7f10bef5,0x9e2a8c52,0xc67bf860,0x73dcb586,0x844cc25d,0xf61a43fa,
-        0x74eb3653,0xd74e7eea,0xdd240f02,0xf3356706,0xfd83bcb4,0xeec7694c,
-        0xdb62526a,0x4de95786 } },
-    /* 85 */
-    { { 0x3deac2f7,0x4867d315,0xb61d9a8e,0xa084778a,0x0ab7b2d5,0xf3b76f96,
-        0xcfdf4f79,0x00b30056,0x31ab8f4b,0xd0701e15,0x9c779d01,0x07f948d5,
-        0x82675371,0x7c994ebc,0x48bad4c0,0x1104d4ee,0xbfc9d058,0x798ce0b5,
-        0x309fa80b,0xc7ca898d,0xacb33eaf,0x0244f225,0x5b2f3175,0xd51e8dfc,
-        0xa4d7be34,0x3e49ba6b,0xbda02b43,0x1760f4c7,0x4435275a,0x37e36a7e,
-        0xe636980c,0x1c94418b },
-      { 0x09dc1414,0x43a21313,0x43c93537,0x060765fc,0xdf5f79ce,0x6ff3207a,
-        0x85d4cfca,0x6f18b1fa,0x63e995ab,0xf5c4272e,0xa82b3002,0x121a09e4,
-        0x97147f16,0x82b65d1b,0x20a7fe26,0x4993c20c,0xe6716726,0x99c9cb98,
-        0xfeb440a0,0x5a02d673,0x251b4bc5,0x3f3fa9e1,0xa05338ea,0x75dbc474,
-        0x7b09f6cb,0x3cb4044b,0x80434609,0x6767da18,0x098ceac2,0x97851422,
-        0xb55235ba,0x611bfbb2 } },
-    /* 86 */
-    { { 0xf00ad2a1,0xbdbaa55e,0x14a290d7,0x29efa85e,0xe92b1694,0x3b4a4768,
-        0x11ec8130,0x67111bcd,0x88bd27b2,0x0e425702,0xd9a03c06,0xf28cf2a3,
-        0xf318884a,0xbb7c8d2d,0xe3aaeb20,0xe2ea1462,0x43b85d77,0x33535804,
-        0x554ee9bd,0x81ee4482,0xe6aa198f,0xeb2eee9e,0xc26c5944,0x7a5aa804,
-        0x82ab167c,0xa0ef2da5,0x02fe21a5,0x5a2ab476,0x3370298e,0x169cb3b8,
-        0x0eb3aa8d,0x86e6c544 },
-      { 0x0b793d9b,0xede03321,0x1ddb5ece,0xf79fade1,0x68930b64,0xf73fda92,
-        0xfe4fd1b2,0x06aad97d,0x92a4dc88,0x073a5b1d,0xbc976d75,0x8af8cbd8,
-        0x63ce26c0,0x60b4abb1,0xdcb1fb06,0x9c8300a9,0xda95b3d3,0x335a594c,
-        0xb37eac87,0x1f97d7d4,0x20eefaab,0xa3d2eba2,0xf3e828c8,0x3258c906,
-        0x85ab7781,0xc832616f,0x8c28b617,0x72597192,0x3233b82d,0xcd7196bc,
-        0x19fa126d,0x83867eb9 } },
-    /* 87 */
-    { { 0x22474edb,0x774fe73e,0x1a84e1ae,0x2a766394,0x9c6dd6e3,0x270329ad,
-        0x14f8bf5d,0x00c4a415,0xd2267b90,0x3ce2ea37,0x11d24fae,0x12753015,
-        0x263a1b78,0x7c14d854,0x1ae0b206,0x20c8401b,0x081f49fc,0xf32a011b,
-        0x959c6df8,0x1e8123fb,0x800e1d06,0xa328dc7c,0x24259a9a,0x5876a378,
-        0xb7ef6c37,0x23ada8b5,0xa93d4c9f,0x023f6b6e,0xffb6389f,0x89f5414d,
-        0xe628b39e,0x4b26bba2 },
-      { 0x5d318454,0xd30b1cb4,0xd7436cb6,0x123b749f,0x568a7461,0x3110c726,
-        0x1c84fd1e,0xc85de123,0x08403d55,0xa5f8d6e6,0x9b1fabf8,0x395b6e13,
-        0x3cfedce0,0xfe6d68c3,0x94b91110,0x1d90381f,0x2dcc6eb7,0xf0a8ea81,
-        0x7e90ca2b,0x59e80413,0xc8a25c5a,0xbeb5fc07,0x5d84663c,0x009c253a,
-        0x910b6a7c,0x00b15073,0x4108f8d5,0x8607da4c,0xcb901e65,0x02c3d9c3,
-        0x2c9615c6,0x4d697bc5 } },
-    /* 88 */
-    { { 0xefa8fb40,0xe0db1ef0,0x5ba3989c,0x29021c5b,0x809d19df,0xa8d6fb15,
-        0x4c1219e1,0x6b787b73,0x14ef05e2,0x6417e168,0x8f9796e2,0x449342db,
-        0xbf84421b,0x2f878a5e,0xe94a4536,0xe71916d7,0xae119693,0x9818bba3,
-        0x5768804e,0xec674be9,0xf8424f8a,0x0a26074c,0x466ce6ab,0xdbc93b9d,
-        0xc920078b,0xb3f15a98,0x3870f1a3,0x9d10fd0d,0xe4e785a7,0xa61241d9,
-        0xe6c8cd80,0x76ca87a1 },
-      { 0xe02e48b7,0x4357fb56,0xcc09e9c6,0xfbd14b13,0x24069cf0,0xdb5f2435,
-        0x2c3b01a9,0xf878165c,0xe6956dad,0xe549e7c4,0xbbd60b68,0xf2fe9538,
-        0x059dc653,0x952f856b,0xb377fe9b,0xd3f60225,0xbfe908c4,0x6a0c7328,
-        0xbc8f5f2d,0xce6aa2d3,0x24425050,0xf7213443,0x3d3b3ce5,0x17e1266a,
-        0xc1677512,0x75b5e43f,0x37fb894a,0x15927062,0x2be3e375,0x15260753,
-        0x6da3b7be,0x27e7f2c6 } },
-    /* 89 */
-    { { 0xe6a15883,0x638f65ad,0x66afdb33,0xd4a7e68c,0xd3f12de5,0x6207b6ab,
-        0x37b87810,0x1c6ff950,0x64acf6d3,0xc0d44cb2,0xf2be78c2,0x163ac601,
-        0x1636980e,0x1c63cc5a,0x95c9349b,0x3e92cfe8,0x41ec7220,0x7738e0d8,
-        0x2d5fa961,0x6169d764,0xc3e028e9,0x2aa776c1,0xb16d5409,0x93dc5646,
-        0x706df4d9,0xa0b27fb5,0xce9c6b97,0x9e991170,0x53c85f40,0xea8e42be,
-        0x83246528,0x02e96437 },
-      { 0xae78ea1f,0x91540add,0x7b670e96,0x51a1b74d,0xf7006826,0xf9936441,
-        0x7d7520c7,0x8f97d6ea,0x69ce12e1,0x0faa6a02,0x79208342,0x2590aca8,
-        0x75614436,0x7a483863,0xf381408f,0x07c6149e,0xd7853406,0x733bf584,
-        0x9abbb6f7,0x8761b010,0xf528a09a,0xe4eb249f,0x2e00ae3c,0x08781ed8,
-        0x2178effa,0x864c1b25,0x9d513a7e,0xcc1e62a2,0x1919062f,0xedb8b94e,
-        0x4f16527d,0x739f53da } },
-    /* 90 */
-    { { 0x924adc5f,0x7a5f4a88,0xa818f56d,0x95646c16,0x7795f954,0x0ec49129,
-        0xd19c5400,0x2b48753d,0x205912b4,0x16fa236b,0xe87a4946,0x6b3d65f3,
-        0x045fd066,0xa7174a01,0x12a5e140,0xb6350313,0xa96b8623,0xa79c4b44,
-        0x9ab003d5,0x7a339d65,0x3826f31a,0xc72f30c6,0x6f7090cd,0xb4e7390c,
-        0x906ebe24,0x59ac6c36,0xbba4505a,0x39a7f06d,0xc58c413a,0x839991e1,
-        0xa20e0e84,0x020c23ff },
-      { 0xafc74661,0x120e4ada,0x277fc065,0x37bbcf63,0xb6dce799,0x41049cf6,
-        0x7b161ba1,0x5b8d6b53,0xa9610fb2,0x22218431,0xdfdde769,0xde9ec9d1,
-        0x42d80630,0xd32bfa4d,0x6244df4b,0x3885702a,0x45592dfb,0xcdedd1ed,
-        0xfb4e01b8,0x0e1df45b,0x86e215b0,0x8f4bded2,0x6a937e6a,0x80935487,
-        0x8130f723,0x415278ba,0x38a821f8,0xc6dc4692,0xfd8b4f8a,0x2207b119,
-        0xf9269cef,0x76e7bf53 } },
-    /* 91 */
-    { { 0x27ebd187,0x5f128428,0xb65aadbb,0x8d3320ab,0x72258695,0xb042765a,
-        0x8f0986ab,0xda3f33f9,0xaebff503,0x411807a7,0x825f71a5,0x25c776ca,
-        0xff7df24b,0xc0de7bed,0x165f1fb4,0xda8b0f42,0x731f3ae3,0x5f3ff737,
-        0x193e0a52,0x4cd1d7e7,0xb6b3ba46,0x8df84aa3,0xaa1f3782,0xba84b897,
-        0xe7733ac7,0x6e7960cc,0x50981a21,0x4d46d6ab,0x7cbb80ed,0x1ec12c25,
-        0x2b96ef09,0x79e7ad27 },
-      { 0x8f30caae,0x3cd970dc,0x0a6ebef4,0x85cabcf1,0xc714616d,0x63c1863e,
-        0x519e3a98,0x1c50db0b,0x64cb13d6,0xf39b8963,0x22547b69,0xdf67d81f,
-        0xd67db0cc,0x7157abb9,0x889491b7,0xccca25ba,0x7a27e0dc,0xf689207c,
-        0x0fd43281,0x34ae8fbe,0x5720ec09,0xa5d91f73,0xcdfd7bed,0xb2f61909,
-        0x4a039e32,0x1ec10232,0xdb0d8fdc,0xd3c3d65e,0x4fe5005d,0x32c916c8,
-        0x4c0bea94,0x7f8c37ac } },
-    /* 92 */
-    { { 0x43ac05e5,0x33ec1e54,0xcd8d3825,0xda4a4da4,0x88bf9e2b,0x86d88c0b,
-        0xb53811dc,0x34d71dd0,0xa3c3aba4,0x655040d2,0xb61611be,0x2bc40949,
-        0x279a4fa0,0x1c2d426e,0x3b065ac3,0x535a5aa2,0xc52ea890,0xdaa8a32f,
-        0x9fddad22,0x5a5deca7,0x2ab3b26f,0x911f05fd,0xf37cd81e,0x5dace7db,
-        0x90d16b8c,0x0e0e44e7,0xe4f5894e,0x15e68aed,0xfc92a74f,0xafe04999,
-        0x970e7c2f,0x1d7703aa },
-      { 0x3f0062a9,0xa8a4c81d,0xd96a20ba,0xe31eb2b8,0x864bd101,0x66dd98df,
-        0x4413b614,0xba05f592,0xe9a555f8,0x51a67a0d,0x2e4b52d1,0xacc2f097,
-        0x7184ab23,0xab5daaec,0x7c7f691b,0xce08b43e,0x76c427f4,0x520e530b,
-        0xe423ebdc,0x7d352069,0x34df14ce,0x6b5e39e8,0x446305ac,0x3dcbf295,
-        0xfe34cdc1,0x682cb2e1,0x111f5afb,0xd4ac45d1,0x47f296f9,0xc5ef63cd,
-        0x93c20871,0x0a2c40ec } },
-    /* 93 */
-    { { 0xaf5747db,0x09bc384f,0xc06ab86b,0x3bad6086,0x9e7c1547,0xa406882e,
-        0x55977abf,0x2d5326d1,0xda81deb0,0x063a9a05,0x524b6111,0x9a86e4a7,
-        0x4ab2eb90,0x1402f87a,0xd5c600ba,0x7d0721d4,0xf289fdbf,0x1a2fd9a9,
-        0xecde6f07,0xf5dce66d,0xdab9fa73,0x62171277,0x6c474bab,0x6d2dc49f,
-        0x76eed033,0xdc017e1f,0x4da825d3,0xb97175c0,0x54b05e43,0x6c297e3d,
-        0x56c9c87e,0x2efb4546 },
-      { 0x8b21c064,0xa4712b00,0x4a70629e,0xd186fe42,0x9b74f0af,0x6435b340,
-        0x7ec9e629,0x6965aa43,0xc4c60d08,0xdda14673,0xbf3057aa,0x0b656670,
-        0x3ce86f60,0x7f05e840,0x04401a16,0xc05073a9,0x294e607e,0x16b1e638,
-        0x69cf7046,0x20783252,0xe8ce7d3a,0x2941141b,0x7577053d,0xd38ad8d3,
-        0xcaa6630d,0xdba68fb3,0xe9504350,0xecbeaff1,0x1d2d760b,0x9f5166d5,
-        0x462891e4,0x337532ce } },
-    /* 94 */
-    { { 0x3a00bb9b,0x3f111853,0x45f66685,0x2d2ffbae,0xd4aee24d,0x9ae11a85,
-        0x0341856e,0x18ba1e1b,0x2731349f,0xa9ac8178,0x545715b5,0xc13dfd4a,
-        0x5daad2ea,0xa5f7423c,0x535b76a7,0x30a483b9,0xff873e9b,0x92e9ada4,
-        0x723a1055,0x15662d84,0x8edac4e0,0xb935497b,0x39d8fa70,0x61b6441a,
-        0x40d1589f,0x1541d756,0xf0a05f0a,0x62994237,0x6bb28908,0xfd8b0034,
-        0xd4cd32bf,0x192a2b5d },
-      { 0x365ced07,0x63576628,0x05de1d1f,0x029f32fb,0xbf40a7aa,0x6d17b9bc,
-        0x9bb50a47,0x1b1b2a08,0x795a6278,0x9389abbb,0xb34fc19b,0x52cff60f,
-        0x387d8739,0xf3ab9492,0x6920ccd6,0xa8f053e6,0x63a9b4f0,0x3ef2dd4b,
-        0x51e82129,0x9ab0ede1,0x0838bfa1,0xafba0c0b,0x9ffc11be,0x2bd5a7ac,
-        0x95cc0878,0x058bfd95,0xf8c2f0c6,0x686d48a3,0x1d9b31ba,0xc33abaaf,
-        0x3bc0c268,0x632e2289 } },
-    /* 95 */
-    { { 0x15a1ccca,0x1c851d20,0x7e522bc3,0x4efe290c,0x18eab053,0x0b741d55,
-        0xbc85e217,0xae656197,0x01cf8b29,0xae13141e,0x66948478,0x2e2cb593,
-        0xc31bd8ae,0xeb57bb0f,0xc264e788,0xdecef5d6,0x9cb96d86,0x6fa856cc,
-        0x279183da,0x2db16813,0x383d796a,0xf03f3820,0x1d0c6fed,0x58a456ff,
-        0x8a6abd9b,0x25589805,0x83f96f19,0x339f52c5,0xda7e9ea7,0xcf6ded8f,
-        0x5d1ccd45,0x68c3d9c1 },
-      { 0xe6b392b7,0x67e26265,0x775d9509,0xcec1d9bf,0xd76514f7,0xe16abcd4,
-        0x0de72e1c,0xd86f59b2,0x1adfb033,0xa66e43cd,0x05e457cc,0xdb344340,
-        0x5681daa2,0xb67a7916,0xf0114731,0xc32e7bab,0xd3b1e961,0x066fe16e,
-        0xf63d26e6,0x924e298e,0x541add6d,0x9bea0dd8,0x9982f971,0xef9500df,
-        0xc5f076ac,0x5c876e63,0xb23d396b,0x55e12ae5,0x2ec6747a,0x09efbb36,
-        0x233286a5,0x8f2055ee } },
-    /* 96 */
-    { { 0xb82c1af0,0x4a4ab9e3,0xf2cae264,0xfc65e9e7,0x60187d46,0x4feaac0a,
-        0xe393b363,0x27d3f335,0x819bacce,0x9c9f7c00,0xb8aa6611,0x3f7418b5,
-        0x372aae95,0xffa94557,0x8db38589,0x937d7804,0x6f1fbc1c,0xd10c86df,
-        0xa2f0a0ce,0x48aebd89,0x367439eb,0xae5d5fa2,0x3f17d2d8,0x103a6a0b,
-        0x411d9894,0xf233f68a,0x218b67a2,0x7fece8b3,0x2319bf06,0x0422540f,
-        0x340d322e,0x1292c8c9 },
-      { 0x0386463d,0xf5eb5587,0x0371d97f,0xd4bbc2b2,0x0b819c5a,0x1b364571,
-        0xcf04ad41,0x0cbb42d6,0x66939ec1,0x5d819c76,0xa01847e7,0x8745ac13,
-        0x1c7232e4,0x4f704b02,0xacb05780,0x2c9e58a0,0xb561e295,0x9523b8b3,
-        0x79f9ba35,0x3384df00,0x1eaa9628,0x78231fc2,0x8aea2b90,0xa2eac54f,
-        0x30d1c263,0x8075ed77,0xfb339000,0xacb44ed5,0xf011293a,0x92546ac2,
-        0xeb821764,0x7c78762b } },
-    /* 97 */
-    { { 0x067902b6,0xb8f7d6fb,0xd1735980,0xb2823a43,0x59741ddd,0x062cfb12,
-        0x4033f95c,0x6e391b07,0x68589b8c,0x3831d0a3,0x522290f2,0xe3474d49,
-        0x222e1f3a,0x4dab14d6,0x53f08d39,0x8f00fcde,0x707f28f5,0x559917ae,
-        0x068e607c,0x166aa0ba,0xd7e1f824,0x602713e7,0x4d6a328f,0x7c255540,
-        0x9890cd2a,0x0d2e3264,0xeca0b20a,0xf2207944,0x52f4e09c,0x5c98dc07,
-        0xd84de81d,0x69403504 },
-      { 0xe5407206,0xf8b7b366,0x0d88fa8c,0x1ecf54cf,0xf7272e6f,0x6fefe548,
-        0x81ab4468,0xd6531372,0x4e474408,0x52cb5f0e,0x6490737f,0x9e426b3a,
-        0x4980d071,0x2576c19b,0x0f272caf,0x91f34628,0x468f31c9,0x78e60a4f,
-        0x90844d89,0x8776a329,0xb951582b,0x8a55700c,0x14b1adbf,0xab1af365,
-        0xfbd343ef,0x22ebff92,0xb7d81f34,0x32f9fb01,0xba6b30e1,0xad850e06,
-        0xbc5f9546,0x6da9e027 } },
-    /* 98 */
-    { { 0x5c9490ce,0x21eee4c2,0x0df68381,0xa96ec4a3,0xa4a9368e,0xe6c607e0,
-        0x4bc262f3,0xd8b0492a,0x460c34ff,0x0846a210,0x28df33cd,0xf7ff7a64,
-        0x21827612,0x10c55044,0x149bcd01,0x9d25fce9,0xcfc613dc,0x725611cd,
-        0x97f51ce5,0x159f7e88,0x4e8c08b5,0x3fa3bf31,0x75e7538f,0xea156115,
-        0x91c84020,0xd1e0a951,0xcf02ad0a,0x0d2268ba,0x058b8e5f,0xa04c6ac4,
-        0xb3515912,0x773b40b9 },
-      { 0x3631cfd2,0x00ff2cdc,0x807737bc,0x14c4c2d3,0x338a5270,0xd600616a,
-        0xb32cabde,0xd0e3306d,0xa70b17ca,0x336738ea,0x79f353ee,0xf2f4aa8d,
-        0x576f3ad3,0x712f6ad9,0x89b2bce0,0xe4279852,0xda92ca30,0x05d8f94d,
-        0xd8492dd9,0x9891d475,0x4d15e4bd,0x3e06a5ca,0x254eabbd,0x4725d4eb,
-        0xc0ed513c,0x31394ace,0xbbfaae6c,0x7e0f9859,0x833fd137,0xdc125546,
-        0xc56c4f75,0x12b46385 } },
-    /* 99 */
-    { { 0x932951de,0x810dbebd,0x5aa69c94,0x96959d42,0xecb2f08d,0x5fc49c04,
-        0x2250b82c,0xac74f0cc,0x3aec4e1d,0x96a439a5,0x90499acd,0xc33cab9a,
-        0x54d9b3af,0x2fccde66,0x3863ae8b,0xf4af285c,0x46febf88,0x2373373e,
-        0x3c9ab7ed,0x751d672c,0xfe12020c,0xc1c51130,0x52f3e56e,0xad82402f,
-        0xa4a64a81,0x3489ab7a,0xd9f163f2,0x0a1fb661,0x0e553317,0x17c69be1,
-        0x7d88d417,0x61c1935e },
-      { 0x3492ae43,0x2e722d9b,0x0538f05a,0x1ef89d95,0x200aab63,0xae77e588,
-        0xeba4b117,0x2872c120,0x3a461cb8,0x5c2432c8,0xcb938f26,0x315b3434,
-        0x8c4c7dc0,0x05bf2ac5,0x596b378d,0xd2e501dd,0xcb890c30,0xa8506c9f,
-        0x7c361f0c,0x3d0af461,0x5a35cbae,0x21f7b718,0xf3fc0138,0xbd1035f1,
-        0x8b248edf,0x74628af5,0x48c9cae0,0x8d6421d0,0x2ca18773,0x75e3da39,
-        0x71d3db94,0x27ad0df2 } },
-    /* 100 */
-    { { 0x305b5aed,0x9e3bda79,0x5998d6a7,0x2c67d4a4,0x0f7eb700,0xc855e1d3,
-        0x147d1c44,0xc18a7e9e,0xc89540ed,0x3ea99618,0x7e6bfd20,0xa53be20a,
-        0xecc14437,0xc9487e64,0x34ef85c6,0x72979207,0xd5e1ebd5,0xfa0d4e71,
-        0x4d48d6b6,0xfda2b1e6,0x66e200d4,0x782a1e05,0x5a5366a1,0x2a3c70da,
-        0x1a473738,0xfe3fbd2b,0x7fe020e8,0xd7ef8c06,0xeacfb665,0xec686fde,
-        0x6dd1542f,0x5d9b5e27 },
-      { 0xcb3e472e,0x3637c5a5,0x30a1405e,0x2153d927,0xb4498558,0x009992e5,
-        0xf39a0851,0x18f00ccd,0xb5c6c560,0x26237c11,0x1343540e,0x418ed408,
-        0x7e7f3184,0xfef7cbf0,0xbf48576b,0xecd92366,0xbc94c91a,0x1b75be1a,
-        0x4a162276,0x8e1778de,0xc5c6bcb8,0xc52e57d3,0x5ab71858,0x5cc382c7,
-        0x3f6e39f9,0xe12c2c28,0xd62735fc,0x4c7e0ef2,0x835a5996,0xe071deb1,
-        0xcbb8c766,0x24f891cd } },
-    /* 101 */
-    { { 0x6778c1e2,0x24ef60bf,0x00d5be5c,0xff49c03d,0x2f01a09f,0xec11986e,
-        0xae096e58,0x59a728a4,0x7077984c,0xaabbcedb,0x870ca5a5,0xfb473bd2,
-        0x4de30e3d,0x8c928c61,0x4f67abca,0x3fae7f9a,0xec21a9cf,0x83c2b2eb,
-        0x9cd9b5de,0xafa70d62,0xc60b18df,0xadeaea59,0x4049b54c,0xd5fef7be,
-        0x6dd310e3,0xfceebc76,0x8f6321cc,0x7748efe3,0x18ee8af5,0xfe9c32b1,
-        0xd42df612,0x863ac3cf },
-      { 0xb85a2fe2,0x0a36fca7,0xee429dc6,0xf3e70d08,0x141c3944,0x8c9ba209,
-        0x67272a0a,0x306a8106,0xf968bd06,0xe69a1555,0x153c603d,0xb86f7e47,
-        0xef56e4fa,0x9706614a,0x98780b4c,0xc0dc36b8,0x3a1d3263,0x43657fe2,
-        0x435522c9,0x01f97a86,0xedfef679,0xd91897f6,0x6daa17a0,0xebbe31d4,
-        0x85accfbd,0x6f179100,0x8f9fc1de,0xe0da6e32,0xe1e7142c,0x1c9d53db,
-        0x8b86725a,0x3e3f1b1e } },
-    /* 102 */
-    { { 0x7b7fbf05,0xb7ea15c0,0x1f1a3882,0x992f11b6,0xd1dcd1bc,0xc9ddd95a,
-        0xad0f7e8b,0x31f5b7fa,0xfca7ab79,0x2936e5eb,0x19a55be6,0x30f417dc,
-        0x43cde554,0x1f6f4e43,0x82f044bf,0x971f5e65,0x4288c408,0x73c3b8e4,
-        0xb807f575,0x61aac59f,0x818b58f0,0xa64ee2dd,0x97a3b0d3,0x6f7a0a60,
-        0x0394b058,0x8b85ecc8,0xbfb3517d,0x9a059474,0xa79c3f06,0x89ad5977,
-        0x700a8025,0x81208ed8 },
-      { 0x14c4ce37,0x10935099,0xa1aa48a6,0xf34bb843,0x580d58e8,0x86007024,
-        0xb375b8ba,0x6db42c49,0xed3bde83,0xac365524,0x649233b6,0x5521e1b4,
-        0x64dd946f,0xbc7cc5d5,0xbfb5b6ae,0x9c14b035,0x0146c1a3,0x7f22ba18,
-        0x872214f5,0x0b62fbbc,0xb4921764,0x3acfd7f7,0xcb4d6df1,0x5ff10da1,
-        0x62600a91,0x660e2620,0x81d9167f,0x7ac7da9d,0xb6e7a199,0x6e8e260c,
-        0x80deb3c2,0x44383fb8 } },
-    /* 103 */
-    { { 0xe44f9af6,0xe107f01d,0x8cb1fa1c,0x36381a4d,0xfb7dd493,0xe65be3ec,
-        0x26a8839f,0xd0b8435a,0x3ec789d8,0xee60f915,0x2bcc5e1f,0xe25fea50,
-        0x7e44a81c,0x0477c0c5,0x230ba5b8,0x349e9f83,0xde180dd9,0xdd42f32f,
-        0x64a3d11c,0x8b039eaf,0xbeb7083a,0x80ef884e,0xf12742cb,0x288e60c4,
-        0x720a0262,0x44156cc5,0x7253b77f,0xcd547de6,0xa6013a59,0x9829a6ec,
-        0x0d548445,0x8aee708f },
-      { 0x32c54409,0x18f22d9c,0x75ebaac4,0xa9ebfa46,0x86284981,0x90e2e928,
-        0x6b3a8e0c,0xd0201f6f,0xbd77641e,0xc973016c,0x70170575,0xf926f2f0,
-        0xfec0ce01,0x4984048f,0xf319d304,0xbf696211,0xc91a88c4,0x74b5c844,
-        0xe0030a82,0x4c40fbce,0xe4f6d521,0xbed67525,0x29d67d1e,0xaf7e47cc,
-        0xc21d3536,0xfa307db8,0xbbb29405,0x56b6c46a,0x033e805f,0xf059a7e3,
-        0x6096a5a0,0x970f61fe } },
-    /* 104 */
-    { { 0x1bec8e4a,0x1bc53d23,0x35a6034c,0x8809ac14,0x509e464d,0x4ee081da,
-        0x8a488235,0x496ae1fd,0x325864b6,0xa1ae9863,0x74cd069f,0xbaca13e9,
-        0xb1d8a6b4,0x3738cc58,0xe76b9da4,0x5fa71f58,0xc7eb16fb,0xc919be88,
-        0xad4e429d,0xf5c8f13f,0x2499f9ed,0x4583b671,0xa10d8bd7,0xbce20115,
-        0x5790bb7e,0xf66d7605,0x482b78dd,0x9316aede,0x75f855fa,0xe0d8fb2d,
-        0x5a7dcca7,0x404b5b94 },
-      { 0x517a15c7,0xf9ee682a,0xef880202,0xaae4cfbc,0x5106a354,0xcee2c139,
-        0x170febe7,0x5de60192,0x73d0c54b,0x589e39fd,0x8c9092b7,0x195c7135,
-        0x0a7bfe5f,0xcb7ed53f,0xf61cc979,0x2bd9242a,0x5395f7d9,0x8d2ef16c,
-        0x70b32f09,0x0d4ac1ca,0x52d185c1,0xa587526d,0x942d6195,0x2932b04a,
-        0xa500b0ac,0xfe25a979,0x562fd230,0x5fa1f4ae,0x20da253c,0x60f55af2,
-        0x83146002,0x7faa11b5 } },
-    /* 105 */
-    { { 0x6e402149,0xb0ba4f0c,0x963cc119,0x3584cc1d,0xa6527476,0x7740dc1a,
-        0xc95715f2,0x3f77ff75,0x3f89fb0e,0xb2f234ad,0xef9be3ff,0x55159032,
-        0x04237e82,0xfc9fb21d,0xa153ed93,0xeb2eff38,0x10041d13,0x89d53ae0,
-        0x7f1bd828,0xcf2e545b,0x43953ea5,0xdd4a27ce,0xd85e75c8,0x00d2e5d4,
-        0x241be1c3,0xeb93ed62,0x0242032d,0x1e53f25f,0xc3a4e701,0xb9957636,
-        0xed98febf,0x14b63a52 },
-      { 0x71c43336,0x7610b553,0x23a4824b,0x19dfd4a6,0x0286051b,0x7b97a2e0,
-        0x8f5f1edb,0x86abbb9c,0x9b67daad,0x67a57d77,0xcd5ffafb,0x8ace506d,
-        0x89ac3c63,0x85da9f95,0x75a3d150,0x081cbaa8,0xe9346ed2,0x03353d8f,
-        0xa1f9a02d,0xb2ab61f1,0x3a659c71,0xb0cb0937,0x4f5df8a1,0xb7e0e30b,
-        0xeb7d5a1d,0x77c4c741,0x728e5cf0,0x8f046c9c,0xf7c171ac,0x32dd0bc7,
-        0x836d2655,0x02485873 } },
-    /* 106 */
-    { { 0x75a4cd8d,0xcd40dd23,0x97bcba78,0x132ca433,0x258d61f5,0x30c5cd84,
-        0xda1e8e68,0x0a7ec059,0x1d65d40a,0x07a8f171,0xf4350d76,0x869e655e,
-        0x5983ae42,0xb98ce6f0,0x9d8bebd0,0x7b61391d,0xb1ba5d49,0x3a529e25,
-        0x1f6b2cf6,0x46f732e9,0x3fa3b629,0xbd66ec6a,0xc3ef0ed2,0x397950ec,
-        0x5f08b476,0xee9008cb,0x965a0e2e,0xfd6be425,0x1177bc87,0x78ed513c,
-        0xfe512dae,0x6798cedf },
-      { 0x1b97c5c6,0x49e3f8fd,0x78c3b33f,0x39fbab3e,0x40f595ba,0x44274412,
-        0x5d7d4376,0x174225b9,0x79c44777,0x880b3fcc,0x3296b245,0xdc3aca83,
-        0x1734e184,0x55913df7,0x9c934472,0xa4db23d3,0xd1420a11,0xcebb3733,
-        0xf3608bdc,0xb9d20cf9,0x30cfe13f,0xa618acf6,0x5f30874c,0x75f06b31,
-        0x9f0005a5,0x506efe7f,0x01bfc9db,0x8aaea78c,0xf78e7c41,0xf9179255,
-        0x52e96395,0x3ea7aed2 } },
-    /* 107 */
-    { { 0x5b06ae25,0x98617e04,0xcb5750ef,0xbcac148d,0x604c2ba2,0x91ea2f0e,
-        0x76b78975,0x00c19f6b,0x651da181,0x79b9b6d0,0xc945705b,0xf3225beb,
-        0x5c005bf1,0x30b435f3,0xbc24d86d,0x440b4482,0xd6373777,0x2b8f0996,
-        0x1c44b4dc,0x65fd6c56,0x30906999,0xe9405ee6,0x08aa1ec1,0x19ff0924,
-        0x3d2f2895,0xeef3246a,0xbc746797,0x016c3765,0xd0705f7e,0x62d2569f,
-        0x05250044,0x6a8ad39c },
-      { 0x46be7282,0xe45f020d,0x21380f12,0x9405afed,0xd5da6ad0,0x4cdca5bd,
-        0x7f8be61e,0xc2d6f184,0x596b8178,0x20132953,0x7a8df954,0x8d3b1e7b,
-        0x39572b4d,0x757c61bb,0x80cc3b56,0xd749b57b,0x37b3ffec,0x9590ff93,
-        0x145dc94d,0x39bbb653,0x2335e573,0x70c1c606,0xf763feba,0x9c2e72d7,
-        0xcc61b732,0x4768e424,0xaa73f2ca,0x777d2fa6,0xc5cb58cd,0xdee4dbaa,
-        0x9cfae1aa,0x1a181179 } },
-    /* 108 */
-    { { 0x77575ed0,0x6f6ff62f,0x7d1da99b,0x18f14fa9,0x69efd7f6,0x2e72aefb,
-        0xddc28633,0xc45ab4cb,0x586c5834,0xb0e20d48,0x39775dd8,0xd397011a,
-        0xf4134498,0x0130c808,0xf5115ed8,0x2d408eba,0x0260ded9,0xc506a05c,
-        0x19cab911,0x9e5b7362,0xe8693a86,0x4cf508c6,0xcc773617,0x4e71245f,
-        0x95d89ca3,0x2f71aa1f,0x607bbc98,0x4bba7c6a,0x212b7fd2,0xf3a515e7,
-        0x9230f5a8,0x7d2ddc75 },
-      { 0x4ed2cae8,0x3d05816d,0xb9c00377,0x4cf6bc7d,0x646b08d4,0xc23e98e6,
-        0x4b9c0180,0xf9ee6c61,0xef9179c1,0xe11c9a13,0x8ed9688a,0xa5b6147e,
-        0xd06670a7,0x7afeb648,0x17685275,0xd670333c,0x75f9e8f2,0xa89dd969,
-        0x37a68ade,0xbb57228d,0x454cb186,0x21a05d5e,0x063dd550,0x4810158f,
-        0x4cb6caf3,0x92dd4f08,0x7854abe7,0x70c4d852,0x6e729d76,0x845969dc,
-        0xb1bf40ba,0x5a52f87a } },
-    /* 109 */
-    { { 0x09ecacbd,0xed019e91,0x7b89bdea,0x6544023d,0x5707371e,0x7cc51f0b,
-        0x16c8e217,0x14832b04,0x81259ab5,0xb1aa6682,0x23e361d4,0x6e100f92,
-        0xe3a95c2a,0xe593eee9,0x16c10e26,0x699b6bbd,0x9473a13f,0xad487873,
-        0xb274987c,0xf1c14dc5,0x2559e2e9,0x57dc0075,0xc3d47ad2,0x8449849d,
-        0xdd527793,0x83df278a,0xeefd5b99,0x770e3ec8,0x76bd02a0,0x2ae58446,
-        0x3e705ffe,0x17f02764 },
-      { 0x29abea1f,0xdda4010d,0x2407ac4c,0x636b9695,0x0433218b,0x96a60129,
-        0x163d534a,0xf221fc3b,0xccc20565,0x05ba15be,0x96285577,0x1238e54d,
-        0x878804d3,0x1b144257,0xa89a9fe4,0x96fbf304,0x4be642b1,0xc8a7f06c,
-        0x6e2b085e,0xdd1a20e8,0xff4a591d,0x8f7f27c2,0xa4a343b8,0xc17b0753,
-        0xbb173d4d,0x684b1e88,0x3dc07bbe,0x3accea44,0x4c441d77,0xdb15c88d,
-        0x53e5957e,0x0ef0309a } },
-    /* 110 */
-    { { 0xfa8e5b60,0x4fc25721,0x691c0bb2,0x646938ad,0x0b0a2248,0xe46d4b76,
-        0x7de16877,0x863f9ac2,0x2721c630,0x503bb6ef,0x0b67fb02,0xf8c199df,
-        0xe07abd39,0x78c1ed72,0xb32f0dda,0xcf9deb7b,0x6c3c89f3,0xaff726f0,
-        0x1972225a,0xb7008b2d,0x4f145f5c,0x8f5a6117,0x457c4f37,0x4e0e6f8c,
-        0x1c453c64,0x8bbdaa44,0xa6e92c80,0x57be326d,0x5d773561,0xa9bc3fd9,
-        0xbb37b72a,0x3d3b6cc6 },
-      { 0x9722c880,0x6e6f12cc,0x286b6889,0x3a1b6ae7,0xad2fafec,0xba1cc09b,
-        0x43bb8bef,0xad64ad7a,0x97c3f4c3,0xa5af6a00,0xc353a91b,0x2afcb0d9,
-        0x69ccbf6b,0xca13fcab,0xf2abc190,0x699a1391,0x23a247e5,0x2dbd5542,
-        0x95488d9a,0xe206180f,0x1244cc3c,0xba9e7bff,0x87d3a365,0x29297abe,
-        0xfa4ca5e2,0x4054fa38,0x67be1b6c,0xb390623d,0x78f41a44,0x1fa67c57,
-        0xc7b544e7,0x2e946e43 } },
-    /* 111 */
-    { { 0xc60934ae,0x2980fddf,0x164206d1,0x2c3e7eff,0x416ed75a,0xf75e7f96,
-        0x5cd0b2dc,0xfac60cf3,0x1faad87b,0xddc4bece,0x9849e5dd,0x753fa87c,
-        0x2c1bf1ae,0xc5d516a3,0x14732b4b,0x565dbea8,0xce48696b,0x007ebe3a,
-        0xcdb97694,0x40ca74d6,0x65e4e7be,0x3f5cd270,0x3aac4ebc,0x74847c01,
-        0x43d6c3a1,0x6762e034,0x467a076a,0x690d8c95,0x1eda677d,0x768d78d6,
-        0x0181d8c2,0x0997ce55 },
-      { 0x965a0b81,0x9297746c,0xe5e12dfa,0x48b58be6,0x715f437f,0x5573b3c4,
-        0xb565c459,0xe425e907,0x1582797c,0x4f43f512,0x8ea5474f,0xe5dafa6f,
-        0x13de04ac,0x2aeb8fbe,0xe8a07c83,0xed7f95f0,0x662c09fe,0x3e012a6e,
-        0xc742cf17,0xbf96e9b8,0xe28a1c45,0x8ea5759a,0x5cf4e2f3,0x475941b4,
-        0xf901a019,0x7dd3c02d,0x70916b2e,0xe7a4deea,0x2fa9b988,0x50b272b5,
-        0xd0917fe6,0x96f9f09f } },
-    /* 112 */
-    { { 0x2c310a96,0x78e8aac4,0xf7a2a734,0x32a98303,0x23962207,0xc46ca83d,
-        0xd9541280,0xad131e6e,0x2cabe911,0x5791fc5e,0x841b6c68,0x50cb77eb,
-        0x3d3c8878,0xaff93dea,0xf1007bce,0x06541f1d,0x55cdf1fd,0x4ee729c2,
-        0x323e3972,0xe0f71317,0xad4d08c1,0xa2de7a41,0xa35e22bf,0xa9912abf,
-        0x89b03325,0xa050122b,0x06514d4e,0x8b9e51f4,0x79d3e0ab,0x423c7aad,
-        0x40b8fea5,0x71998e26 },
-      { 0xceb6ed78,0x40140fcd,0x18534516,0x653cf377,0xe8d60dcc,0x0450b65a,
-        0x9dac55f8,0xce6c1a76,0xae05686c,0x8a96a92d,0x12712562,0x2fe44762,
-        0xa4f39425,0x747bcb50,0xfc531fc2,0xf0ec6ff2,0x10fe9ff0,0xc97c3447,
-        0x9c792cff,0xfb488783,0x026fb019,0x552c5248,0xd804c290,0x4001a29c,
-        0x35c8ca73,0x742b5ad8,0x6ee5dfa0,0xc3781f17,0x3dfa4ab1,0xca6b85f0,
-        0x0b0d32ac,0x8389941a } },
-    /* 113 */
-    { { 0xde067dff,0xc0f062a2,0xbcb80162,0xd4f32690,0x0707a2bd,0x98cd990d,
-        0xfae4a391,0x5afc63b8,0xb32ad814,0x684f1b7b,0xf199dfb1,0xb0a2dce2,
-        0x48f25848,0x2260e17f,0xc2d5e862,0x7393db00,0x338cf171,0x9e88f854,
-        0x02acf522,0x00679429,0x6835af3d,0x19157cb8,0xb8a2614c,0x2faa6f92,
-        0x134ec46c,0x04ff95f5,0xfb7a8135,0xcf00626e,0xb37a4704,0x454b3d05,
-        0x2694ec25,0x1fbfda31 },
-      { 0xc8f69c77,0xfdebb657,0xa3df88fa,0x92a8278b,0xc1fb78b4,0x463b5571,
-        0x11c71a33,0xd2066a1a,0x089958b0,0x10c88143,0xcf9d67a6,0xb975c7e0,
-        0x73037b8f,0xdaa5d208,0x40bf5861,0x5ee5005d,0x7dba69a9,0x300e6ce7,
-        0xc962cc74,0x893c3cb3,0x4cf84055,0x0ac98629,0x225c9d70,0x0a7ef63a,
-        0xb91e47e8,0xfe184869,0x8c2f84be,0x1b9d7deb,0xc0e278bf,0x67788915,
-        0xc426f19e,0x4f9488ca } },
-    /* 114 */
-    { { 0xdd51b8ce,0x610dfcd4,0x36230e80,0x08579278,0x36599562,0xedc7ff1c,
-        0xe2cae877,0x905ead4b,0xe7967608,0xa1c325d9,0xbd38926c,0x3e39eddd,
-        0x5f6f0a4e,0xda92c868,0xf47a0fa4,0xe16f800a,0xe5f60aab,0x50b4db5b,
-        0x983853d3,0x3665412f,0x9b79789c,0x64b62250,0x4e0e72b2,0xea560058,
-        0xe555c2bb,0xabbd4901,0x17292e11,0x378419a7,0xe174218f,0x6e0b5aaa,
-        0x8f796b92,0x688e0684 },
-      { 0x313b8f64,0xcdfef641,0x942c7462,0xaef11b7b,0x5c0d8abd,0x067cfb77,
-        0xaf4041a9,0x608ea5f0,0x6935210f,0x23d5bd82,0x27917a08,0x5ab904fc,
-        0x45d22d21,0x85dbb1fe,0x4d36159f,0xc3d5e509,0x1d39b8f2,0xaebb528e,
-        0xf44acef0,0xdd5ca828,0x20c57a54,0x24209adf,0x78f95f44,0x5742b433,
-        0xa9337d37,0xd11fa7d9,0xc64cfdb7,0xd66a0c09,0x9bb817ec,0x56e55b8f,
-        0xe4c41265,0x1723c7e3 } },
-    /* 115 */
-    { { 0xdc8b43f3,0x9a6486d8,0x26409e68,0xfc3e0e61,0xd9b46003,0x1889c437,
-        0x6284ec7b,0x3a850335,0x6a9dbaea,0x5a3665c4,0xe978933c,0x7bf6941d,
-        0x69341490,0x1ed5a510,0x8cb8002d,0x664a7b7a,0x60ed0a59,0x603f76e4,
-        0x1f4ebf27,0xc3e06ba3,0xf2c38a7f,0x296ced41,0xcf1db08a,0x2ac18f79,
-        0xcde7a3b6,0xc919e882,0xdbf68b06,0x15e77d29,0x4e947cb5,0x21978baa,
-        0x7630993a,0x84bf542b },
-      { 0xe364f21e,0xc1decda9,0x012e557e,0x0d6cf345,0x588f90e1,0xba246848,
-        0xe3b104b8,0x9f6dda4b,0xe3aef57a,0x6bf7a346,0xe8327ea9,0x210299fe,
-        0xda95e6c7,0xaa99f487,0xd2cdf645,0x24ff813e,0x8bd414b8,0xd1dbb2d2,
-        0xcafa1a61,0x065101af,0x9cdebda4,0x7d9f4b9a,0xe41039e4,0xaf41b395,
-        0xc50adf42,0xe3e9e6ba,0x341e9e49,0x4f2133ae,0xcb157f23,0x4968c0f3,
-        0xda068153,0x383f827b } },
-    /* 116 */
-    { { 0x6583ff4c,0x2ec46a21,0x4ad709e7,0x4e645a29,0xc04ca12a,0xdc66e9cf,
-        0x9160a7e5,0x82f128f4,0x569c762e,0xbfb227b1,0xc2edb8e7,0xf80c7963,
-        0x49a0f688,0xa7dafe06,0x2d14b8cc,0xb7e41754,0x86de40be,0x3a0c5c53,
-        0x1db79331,0xf0d05286,0xfbfe071b,0xb902ce69,0x210e9903,0x61e46956,
-        0xf703ebb8,0xfaef874e,0xdd5f78b6,0xf668947e,0x5af5ea3a,0x6fe86547,
-        0x43f94625,0x3b121f15 },
-      { 0x659275e9,0x5b26e847,0x6d0fce50,0x47581cfd,0x8aa3f1ef,0x55f5cbfd,
-        0xe484e60e,0x1e7be315,0xfe9698e4,0xd8f1a20f,0x7ab04784,0x25d46da9,
-        0x834cdb3e,0xa526db75,0x8d08a009,0x1fd408d9,0x5b5ca816,0xfc004b20,
-        0x65e4bbe8,0x5b3e3bb3,0x759bb6ef,0xf50cc125,0xc2fac737,0xf05fa817,
-        0xd273951a,0x9ee102d2,0xfecb3367,0x2a8e540b,0x2a6a515f,0x673446fb,
-        0x37290c83,0x5505e1d1 } },
-    /* 117 */
-    { { 0xd15e68a6,0x0c3014a1,0x64dd35e5,0x6f9f0b26,0x03ad67f9,0x18c3742d,
-        0xd2c14484,0x74818c0e,0x0d41a3cb,0xc5181169,0xc49f3e9e,0x65c8c83f,
-        0x2c279386,0x9b260c61,0xced04e9c,0xf6086fae,0xfd7c4758,0xa7b2cceb,
-        0x90297fd8,0x4b3c3133,0x09701ac8,0xca8264e8,0x508b3762,0x9f976a87,
-        0x983a8dfe,0x5d582714,0xd9d598e9,0x350d2669,0x0f6fd348,0x85cb89cb,
-        0xa574317c,0x617d80d4 },
-      { 0x70022b67,0x4cef267e,0x3768b94a,0x80536bb5,0xd2784462,0x3153a566,
-        0x38243919,0x49054d44,0x5df78c4a,0x8d11e172,0xd5a1e35a,0x9b252a71,
-        0x8171e31d,0x07866c80,0x1b38a00e,0x0a8501db,0xce770236,0x2ed932b8,
-        0x8edaf7d0,0xa2d77609,0xb93006e9,0x3aee5dab,0xbbfeb036,0xfaffc8c4,
-        0x4e21b38b,0x077b9678,0xdca8e069,0x491fc59f,0x0e938471,0x3f624f55,
-        0x7cd1780b,0x5156f508 } },
-    /* 118 */
-    { { 0x0206e8d0,0x58234e22,0x7f15af32,0xf5f6f5d4,0xd638950f,0xafab7289,
-        0x7d4495f4,0x66ec4d09,0x68da80a9,0xad890c5d,0x64f8a36b,0xe4aa0920,
-        0x0f4d5c5f,0x799e257e,0x24495e31,0x44c677ae,0xa5b8e352,0x720387b3,
-        0x75a287b9,0x703790f4,0xc3c1f2f7,0x54895cc5,0x41a7fa41,0xb8680f9b,
-        0xb00b008b,0xfcd47458,0xba6473cb,0x149cc838,0xac9be19a,0x78ed5f7a,
-        0xb33765ba,0x5254599c },
-      { 0xa21b54c4,0x08739679,0xb6497d9d,0x029ece2a,0xc8488640,0xf14f1a92,
-        0xe9fa79d9,0xae48dcff,0x46c208db,0x14b911c2,0xdae3f69e,0x5ab0fbf2,
-        0xd1edb838,0x180ac87e,0x188586bb,0x146fd718,0x5467cbd0,0x210eb654,
-        0x1667cfee,0xaa239408,0xb73d1a60,0xdb125c1a,0x881c1cbe,0xde685300,
-        0x37c30232,0xfe34c713,0x6f3c8d18,0xc6c6070e,0xb4af4e83,0x07e365ba,
-        0xdcf82b45,0x22f0a7ed } },
-    /* 119 */
-    { { 0xea7f1b7f,0xe262791f,0xdcff09d4,0x9c3d8c5d,0x39c7dc58,0x86c2a9c3,
-        0x4276e8c0,0x4dad4017,0xe9fe1d56,0x0a918f59,0x2aa810c9,0xb8d79670,
-        0x4aa5cdc4,0xeb7a8836,0xe7afa72e,0xfc4c23bb,0x4ac86908,0x4dbb5c9e,
-        0x6a0c7e6f,0x37e39013,0x49c218d2,0x855d7001,0x94b324a2,0xe475bc67,
-        0x6287a071,0xc98a8dc6,0x5fb4323c,0x395a299b,0x0c0389e9,0xe186c3ee,
-        0x16734c46,0x79f81e6f },
-      { 0x364f3c4e,0x83f2c1f3,0x1367e14b,0x536b2ac5,0x5933e43d,0x44a6dcfc,
-        0x10d961fe,0x34e59475,0x7e3f2aae,0x08234ece,0xbdea7f25,0xcb92e00a,
-        0xa791a124,0x1efba4f0,0x1192d53a,0xc2086fd2,0xb51c8af6,0xfec0d0fc,
-        0xdc0f1b5f,0x48d1b2ca,0x812dbe19,0xb07a388f,0xdedbdd45,0x40873a6a,
-        0xd702589a,0xbc2a1268,0x17e27b64,0xbbf6e3a8,0x6d386e85,0x73ee5663,
-        0x9de7c000,0x442ecd37 } },
-    /* 120 */
-    { { 0x8a2f90a6,0xb4cd1ae6,0x6f5ad0cc,0xf277d41d,0x401d4b8e,0x6a3828c4,
-        0xd8376631,0xe817a134,0xf5e1124b,0x142b758d,0xfd6b95e4,0x25fbc69d,
-        0xd74a9e3e,0xa30c9f5f,0xd89663ce,0x5ac0f163,0x0ce6386d,0x32a9eef7,
-        0xd8ed5544,0x7a690ea5,0x9889427a,0x5de23ff0,0xeaaced58,0x75ad36a5,
-        0xd3e18465,0x3514a6c1,0x7f093910,0x3d9162c3,0xe33d56e8,0x5c10add9,
-        0x06aa691e,0x85176b73 },
-      { 0x28a21e38,0xa32110fa,0x5773d538,0x97b6379d,0x2d020dc4,0xd3697bbf,
-        0x961833cd,0x59177593,0xe5fa8516,0x6d7045fa,0x786ab5d2,0x3390f29a,
-        0xdc4f5b70,0xac0bda30,0xdcc615c6,0xcca0240a,0xc5146d91,0x8e1f1702,
-        0xa72cef87,0xceb472d0,0x0b669ba1,0x84840708,0x7e61aa0a,0x79b08f9d,
-        0x4669560b,0x388160be,0x948eb71e,0x23935c2d,0x9431590c,0xd7fd83c0,
-        0x6e5768b3,0x8ab154bb } },
-    /* 121 */
-    { { 0x353c4a96,0x28686003,0x905cd835,0x4e5c60e8,0x8f66f8cc,0xbd591364,
-        0x9faccf9e,0xb6b80b98,0xe32639e5,0xbc1c1fae,0x278aadeb,0x2f6396d2,
-        0x1898202d,0x00a796d0,0x3a474835,0x18ab548f,0xb31b0e3e,0xacd056c3,
-        0x0164512d,0x15ba68dd,0x4b03f3bc,0x203836d9,0xd8f206c5,0xd64eca6b,
-        0x9f1779b6,0x931a361e,0x52ab34a8,0xd82690fc,0x92922e22,0x342bb8e0,
-        0xe00b02a9,0x1bfcdd84 },
-      { 0x75a365d9,0x310b9a43,0x08d8fb03,0xd4ade15e,0xd742df83,0x9c9753d7,
-        0xde318742,0xcf7309d4,0x3360ace0,0x1228e212,0xf7669643,0x1043d238,
-        0xf90f5a53,0xfc2adbed,0x7b5f9397,0x41d64cb7,0xc446d010,0x5200b30a,
-        0x231720fe,0xc3c8642d,0xb9aa2075,0xfcc0122d,0x041eae47,0x856e3b12,
-        0x68c876a4,0x45864455,0x233606b1,0x1a1c7842,0x227757bf,0x9b766d1f,
-        0xf7b9d4f1,0x25b78a3b } },
-    /* 122 */
-    { { 0x156707ce,0x90835718,0x4314f90a,0x9bdc2398,0x8be57dbd,0x017c885a,
-        0xad63a4b8,0xd4bba225,0x15aacffd,0x5ce71b86,0x72954722,0x5f266475,
-        0x4f0ad3dd,0x0a80f1f7,0xfc352ed7,0x010538a3,0x4203c6ca,0xf8a64045,
-        0x330c73b4,0x2b2c7a88,0x02dcac1b,0xb3433ee6,0xed2b17c7,0x2e0499cf,
-        0xbd6329c7,0x9f8681a4,0x36fadc37,0x38979946,0x92b7895b,0xdc5650c8,
-        0x65a51cf0,0x70ab9570 },
-      { 0x7b585d93,0x46778ec4,0xa633fe4e,0xca6d3610,0x4ea0311a,0x21da154e,
-        0xbd64002f,0xaf22190b,0xd91cb7a9,0x9e633ac7,0xee6837d7,0xed13c31f,
-        0x1616ee8a,0xda4a07d7,0x3afcd616,0xd78a2732,0xba14d694,0xc06696e5,
-        0x4df58420,0x733754d7,0x2778e3c9,0xe85e504e,0x55b5a5c2,0x3055aa0c,
-        0x8a3acb5c,0x313df538,0x2a088eda,0x5896acb5,0x84c85dde,0xfc8842a0,
-        0x51dde6be,0x5fec9f79 } },
-    /* 123 */
-    { { 0xfe519f99,0x5ebc2c7c,0xe5410353,0xe396bd80,0x8a3988f3,0xaded9402,
-        0xd601bda1,0x1c03b735,0x14ce64ac,0xfd302036,0x01240290,0x5837ebe9,
-        0xa554097d,0xcaaea1a3,0xb0b88139,0xdce73d25,0xecb090b9,0x35ed412b,
-        0xd63dab3c,0x99029ff7,0x062db071,0x555437d9,0x42a4c11d,0x277d2f56,
-        0x24fc9109,0x477fa645,0x2799254d,0x7b12e9b7,0xd84c618c,0x7ad2ae22,
-        0xce8ed195,0x0a8d5663 },
-      { 0x0a21fde1,0x43ac5163,0x6903d849,0xcfcf5dd6,0x5fdd6281,0x6d2499ee,
-        0x77a49a34,0x4dedc6f0,0x2875c06f,0x46bda2c0,0x347b8046,0xd0e0e0f6,
-        0x5e67836f,0x1058169b,0xde8a8042,0xc961912a,0xa93b3d32,0xdf3fea0a,
-        0x0c576bc5,0x9f138edb,0xd8d37e47,0x7971ad6e,0xcce5e7cb,0xeab85739,
-        0x1d202b40,0x88a4b434,0xe3a1fd26,0x5d842557,0xb3a86f91,0x872fabd5,
-        0x6aa4629f,0x95b93493 } },
-    /* 124 */
-    { { 0x99f951de,0x9998a701,0xf058db45,0x8fade596,0xf3d03dd3,0x4d479c1e,
-        0x33b141d3,0x6e928d5d,0xacfe8a40,0x9a465800,0xc1cefa3d,0xd108ad2f,
-        0xe013726e,0x64b96921,0x8e83bb9f,0xb9b6a6b6,0x1242e544,0x29f1e6dc,
-        0x2f65966b,0xd3f8f676,0x5e105b41,0xa34dd096,0x16011e1c,0xd4e9139a,
-        0x2515541b,0xeea4dc68,0xc822166d,0x6f8030ac,0x31d16124,0xbdc7ae1d,
-        0x621afa7d,0x2e25ef51 },
-      { 0xdd8e7357,0x2533cf8f,0xeaceddb8,0x333ba218,0x0784d2ac,0x68e3e31d,
-        0xf2804ae2,0x1c927f36,0x77e7ad7e,0x01433d22,0x587f78a0,0x0b401cf0,
-        0xaa0027ae,0x9dfcf036,0x1d9a46b5,0xc9e46c8b,0x1f288d32,0xaa6de486,
-        0x1b8a043d,0xdd56da2f,0xf2d0bb56,0x346230e5,0x19defb56,0x19f0b6e4,
-        0x21d2c874,0x55ec37cd,0xb70e45b3,0x3dbf0397,0xac7ce852,0xf0862a8d,
-        0xe141f3d6,0x87979ea7 } },
-    /* 125 */
-    { { 0x7f1c747f,0x9b7e7b3f,0xc6e63369,0x151a4c1d,0xb372dba0,0x4273ff70,
-        0xd3ee54fe,0xca6d2234,0xd33cae0f,0x12fc8e0c,0x5dd6f10c,0x27328538,
-        0xf01a9cf9,0xc86f3fbd,0xe36cae91,0x5322677f,0x2fefea44,0x39a70033,
-        0xce8af217,0x2c9ca328,0xf6a731f4,0xc0256776,0x66a96813,0xc687b3df,
-        0x8db2eda8,0x194aab12,0xeec4febd,0xde30dc5a,0x979241b2,0xc052236a,
-        0xc23d4c16,0x3ec98802 },
-      { 0x4072f74d,0x0f9e760c,0xab594059,0xe78eb0de,0xc9b009c2,0xdb3dea40,
-        0x38b59ae5,0x47e875f0,0x2b4daa06,0xf40eb436,0x090f3788,0x9a6a4f92,
-        0xedbfaf8b,0xefebe9af,0x9867e256,0xf87f96a5,0x75ab6aeb,0x1e6fed23,
-        0x3fdb13cb,0x17f2782a,0x70fa2621,0x5102c71e,0xfd4c0dbe,0x5d2b06ec,
-        0x30347297,0x537cc268,0x2b67e780,0x8dbf5e2b,0xba25da32,0x2f633f3a,
-        0xefaec914,0x3e9315e8 } },
-    /* 126 */
-    { { 0x239a9ea9,0x9255cfa5,0x0be33a62,0x20f3c690,0x9cb642bd,0x759eeb4b,
-        0x00bae718,0x3316c546,0xf3410f84,0x874a76d5,0x90f129b6,0x123b502e,
-        0x12851f1c,0xadc8f9a8,0x1b62408c,0xf57b764a,0x1a80777b,0x116ec01f,
-        0x1f0ddc5c,0x746ecef2,0xe5a6a5a7,0x3c49d47c,0x06e955ba,0x1e15dbe7,
-        0xb45d79b0,0x629c0c79,0x778d1087,0x11278308,0x8c6a22d7,0x22585dc7,
-        0x0a682791,0x2ed02a0d },
-      { 0x4daa2682,0x53043416,0x01359625,0x0e26d32b,0xbd867097,0x449c834a,
-        0xee77ae2e,0x11a19d2b,0x3af6c169,0x39bd529a,0x5cd61054,0x36cca5c0,
-        0xdc6c0fe1,0x6370a59b,0xb93d5135,0xca420d27,0x554c451a,0xd8730d45,
-        0x96cdebf2,0xebd258c9,0xa50f9a05,0x0cb1b990,0x7b0f0151,0x69a8c97a,
-        0x11d217e1,0x2cc36d34,0x752f75e8,0xf117688a,0xa09b2a61,0x1db01394,
-        0xa9efd7dd,0x14627844 } },
-    /* 127 */
-    { { 0x232803cf,0x6bca3aed,0x9a96ff34,0xc1e4398b,0x74ab788b,0xcaf6757f,
-        0x7e68c04d,0xc3a53e00,0x5cb7cd20,0x5f969c19,0xdc068bca,0xf28b65a6,
-        0x1d863032,0xe3ca01d3,0x87808e14,0x9b733b81,0xefe618be,0xb5d704d9,
-        0xb01b946d,0x276f3542,0xfbedddbf,0xe057e19e,0x903275ce,0x7d182f2b,
-        0x880f7bc6,0x3cdc5f77,0x78476c14,0xd6f03d3f,0xa9ba5072,0x035f5557,
-        0xb4029628,0x7acb57b6 },
-      { 0x44e6b07c,0xd2413569,0xe1c7345d,0x451c4cc9,0xe273b9fb,0x407444d8,
-        0xb88e34fc,0xfe496079,0xf152776d,0x77d184cf,0xc742299c,0x6d1033b9,
-        0x77bf2897,0x29a0a684,0xee8f0420,0x59ffdf10,0x44bb56d6,0x4e17146c,
-        0xfb9ae855,0x831d06c2,0xd93e7cd5,0xb2cb82db,0x3c96b607,0x83381c46,
-        0x7549e2a8,0x06aed251,0x774a21d4,0xef97891c,0x8675fbdd,0xae9807c7,
-        0x6363516c,0x6a5a05b9 } },
-    /* 128 */
-    { { 0x6a8f4f33,0x92e71ea6,0x4dea8f4a,0xf2fc6fc6,0xfee88461,0xd356252c,
-        0x08954d08,0x59b0a83e,0x468ab766,0x5bd68c23,0x900f8d04,0x40281357,
-        0x52b867ae,0x181c19c0,0x18764c41,0x986a5169,0x13575d24,0xcb01dfae,
-        0x593677b7,0x17269ae5,0x46dc9b19,0xf6d17025,0xc40097c8,0x8de68499,
-        0x259c407b,0x76df0032,0x17d29d8b,0x4091aad9,0x4a7ab5f6,0xa7f46d21,
-        0x70ece48c,0x688054b4 },
-      { 0x51a5b86c,0xf0d168aa,0x95777247,0x2437e4d8,0xf1720329,0xae844076,
-        0x9647a54e,0x0a7ac87d,0x0405622c,0x1e597a4b,0xf0a79f2f,0xedefe5c6,
-        0x4d55156d,0xaf3ef0c2,0xef047cf6,0x917fb04e,0x54b62137,0x3792799f,
-        0x314be0b8,0x875ea32f,0x0c466b0c,0xe157c65b,0x7e218978,0xd28c90ce,
-        0xcde587af,0xb90fc3ba,0x8b877bed,0xdd32d71c,0xca8e10cd,0x3b432200,
-        0xd94f6e53,0x0021f419 } },
-    /* 129 */
-    { { 0x43519d26,0x2191122c,0x40a51845,0xbdafac1d,0x548bb89f,0xcc6f71e9,
-        0x16844bf9,0x9ef3375c,0x178e8d55,0xe7789f79,0x1f8be1c5,0x04f599b6,
-        0x2cbbde40,0x8088c99a,0x893206c9,0x8939a260,0xfcd30851,0xa1ae4bff,
-        0xe08feafe,0x664cb3fe,0xff14aabc,0x61f38099,0x2a841ef9,0x0d8394cc,
-        0x17f01db6,0x75fad8ad,0x6debb773,0x6fc34576,0xa4252512,0x1e716b05,
-        0x29e1ed9f,0x79855880 },
-      { 0x95106473,0xa2cb3aaa,0x5a61da04,0x95fafa41,0x539563c0,0xfd3c9362,
-        0x95312b87,0xbaa48091,0xbf885c76,0x6c7e7582,0x230c78d5,0x70f6dab6,
-        0x7747440d,0x8ce3051c,0xffdb6186,0x6dbebd14,0x190e4096,0xb0e041fa,
-        0x6ee62e2a,0xba10c466,0x74f333d6,0x93d57e2a,0xfe7b9b66,0x006aadc4,
-        0x06d2837d,0xfaf72f6c,0x910741ea,0x318cc5e6,0x65692477,0x9c502609,
-        0x1d0fb08d,0x95d823c3 } },
-    /* 130 */
-    { { 0x140528a5,0x6aeebd86,0x53979bc8,0xf268c2ba,0x4ec144ab,0xb1bc9b8a,
-        0x82a7d7ed,0x1efabb0d,0x4e0118d8,0xf12c70d1,0xa1c1558e,0x31607168,
-        0xe4b7e73e,0x33e428b7,0x83aec9dd,0x63176637,0xe12ac35c,0x5172ffbe,
-        0xbc17b2a4,0x37df0bfb,0x741f812a,0x4212f870,0xe2888f9c,0x3dcecbdb,
-        0x756ca55d,0xa9dc15aa,0xb9028e41,0xf31918ec,0x6aeadb03,0x7ede0285,
-        0x78654f54,0x0e2708d5 },
-      { 0xcde20f88,0x2270cc53,0x5f5b1039,0x9338272c,0x5dcb1dbf,0x5042e19e,
-        0xb72d74c1,0x4b3de219,0x2aaaaa55,0x16c49a8b,0xbba86ba6,0x008443e5,
-        0x20cf1695,0xee6bcd72,0xa89abd11,0x59ffac6b,0xf115639d,0x2831217b,
-        0xf34cba52,0xe4d28af2,0x0727a906,0xf27f03e7,0x69017766,0x6842c79f,
-        0x7a81123e,0xcb3469bd,0xa42973b8,0x48c0f346,0x23990dbd,0xfc5784a6,
-        0xfb299678,0x0d3dab3b } },
-    /* 131 */
-    { { 0xce29c3cc,0x8f8376e6,0xf016cbc6,0xcb0507ec,0x5e394ce1,0xdebff996,
-        0x73c50d41,0x24fc526f,0x2d16ce3d,0x4edd5a54,0x91c13141,0xbb37bdd9,
-        0xe33a8606,0xe3442ef2,0xc0629da8,0x2ae90337,0x592ab331,0x57faec64,
-        0xd82b857b,0x1a938997,0xa3373176,0xad6c8cb9,0x9086751f,0x82595de2,
-        0x18c17196,0xa81e97fb,0xbf697357,0xe4f48a13,0x5cb89f69,0xa1387c2e,
-        0x5874b426,0x530b4eeb },
-      { 0xbab7b5ae,0xe9f275a1,0x03a57bf4,0xbb69dc4d,0xa45c505b,0xc974dc4a,
-        0x416ac402,0x726369f3,0xaed985dc,0x735e4e78,0xcdd446a1,0x0548d879,
-        0x9e16b02a,0x84ceb069,0x789b11a6,0xf73f6fa4,0xb2a4e784,0x6aa0c41f,
-        0x93a9b697,0xb1f76902,0xf03a8ab2,0x814cce00,0x844d66c1,0x64cb255b,
-        0x30952201,0xb794e7d6,0x3da32271,0xe052d4e4,0x08b6a4d9,0x5278b2e7,
-        0x80c6577f,0x90942552 } },
-    /* 132 */
-    { { 0x0d5b4c2f,0xd269a14d,0x5c8a649c,0x2b8fc59b,0xb0e37d4a,0x95becb3a,
-        0x9111037e,0xfda1a768,0x94e35322,0x5810e05a,0xa178fafc,0xa24dcc12,
-        0x8e3dce62,0x5c2c63b2,0x9452c444,0x995c3f17,0x42d45161,0x35330ec3,
-        0xb4ef8129,0xa025a60a,0x8bae9c13,0x85493252,0xe2e3caf8,0x25d1a606,
-        0x3649bf47,0xd44091ab,0x704ec5f1,0xc7d0afbf,0xbd8b3333,0x27bd1d62,
-        0xcfe616f5,0x50570111 },
-      { 0xf534356b,0xd0084ace,0x4b4b0fbc,0x9df1de05,0xcee04dc1,0x021afe05,
-        0x361b78e1,0x64bde688,0xef78d38b,0xa324fcc7,0xeb0a5e4e,0xfeb372ce,
-        0x65811996,0xef04fcb3,0x5eb0ab4e,0x7dce5d50,0x238c586e,0x1e29b588,
-        0xbcd80037,0xde5e3197,0x4806b9cf,0x8bf5e451,0xd18e67ab,0x4330968b,
-        0xf9f63fad,0x26a7d04e,0xb5c18bb4,0xa1c7f123,0x25dce22c,0x485b8482,
-        0xd540e79f,0x8ff0b36f } },
-    /* 133 */
-    { { 0x3ff42cff,0x99f2e2f4,0x1c35317c,0xa3c19f9d,0xaba1b545,0xdb749392,
-        0x4afa9a32,0x84232b05,0xd7dcd436,0x0b855d46,0x45cf9915,0x8ac35e20,
-        0xf001a218,0xd7cf22c7,0xed408305,0x057d35ae,0x553ccfcd,0x25a4a519,
-        0x93e2b939,0x5e565793,0x3422ec27,0xa20332b0,0x3ac53958,0x9b09005e,
-        0x79e9b163,0x628051a3,0xfc6618d6,0xb4a0dc09,0x6748e7af,0x9e0e857f,
-        0xc577d63e,0x71b28eee },
-      { 0x99726bf8,0x4942b0cd,0x1c208f3c,0x1290a3b9,0xb0598eaa,0xfd7290e7,
-        0xa25a9128,0xc6a7791f,0xc037d7da,0x2d33db24,0x70e2837b,0xc21efeb0,
-        0xe3dae2a0,0xbf70d96e,0x85076027,0x43ed8191,0x4d4ad7e3,0x4aeb0aa8,
-        0xe8c5b74c,0xbc75101f,0xad26ebdd,0xdbfb2a6e,0x6b78aa4e,0xba812068,
-        0xe1159848,0xc94aa8f2,0x3eba5c4e,0x0d10d9db,0x6318295a,0xce7fec47,
-        0x330d925a,0x7294711a } },
-    /* 134 */
-    { { 0x32bbd495,0xfce45904,0xbe54973f,0x330f4dd1,0x5d9c3f4e,0x006bee1d,
-        0x59ba7204,0x40ee6078,0x42c2c768,0xc194fd3f,0xe9fe88be,0xa0e76b12,
-        0xec2b0210,0x17cddddb,0x00811ec7,0x689d436b,0x284be9e4,0xa6a6ba37,
-        0x007d4114,0xabc395b2,0x0f11e744,0xf8cdf9f3,0xe9396402,0xc5febec8,
-        0xeeb46285,0x8a751743,0xc6e0d137,0x99bf8782,0xbeb292e3,0x3965e170,
-        0x5801fd5f,0x001c39d8 },
-      { 0xda4a0912,0xf4805cb9,0x4410bca4,0xd27cb76a,0xec71d65b,0xef3dcb8e,
-        0x4816849a,0x780fbb2b,0xa8b24635,0xef6a7026,0x12c44e68,0x15625c88,
-        0x4d7a74a8,0x624c232c,0x4b1631e4,0x81a77037,0xdb917c2e,0x04e4f7f1,
-        0x1f61ed95,0x1d0465fd,0xcbde6e3d,0xb1048049,0xd7131fcf,0x637ce0c1,
-        0x8ada4715,0x22e4dbc2,0xace99726,0xf7530c5c,0xee287450,0xa0160dcc,
-        0xbb91af13,0x9132e670 } },
-    /* 135 */
-    { { 0x7996099d,0x8057efe2,0xa06e608c,0xb72344db,0xd0958588,0xeb4a8740,
-        0x79e5aee9,0xe53daf06,0x908a2fad,0xc9560a9a,0x107e706a,0x7f4be131,
-        0x2830246a,0x6d5f3d9b,0x27cca3e6,0xa5f8e8da,0x4c28f292,0xeb51dca6,
-        0xf31dfd78,0x4cfa310e,0x2ca073e5,0x92e0c7c2,0xa40da683,0x102f1694,
-        0x750d38fc,0x16bb07cc,0xbadae035,0x703e83e2,0xb4d3c9dd,0xea93c066,
-        0x79940ed1,0x7d0b03e5 },
-      { 0x4dd94c63,0x5fe7ea30,0x738b0b3a,0x57ef01c5,0xa14e6b4b,0x9534a78c,
-        0xa5353276,0x07622cde,0x7c22d006,0xaf696a07,0x7d46b209,0x733c1886,
-        0x626c2b4a,0x9654ccbb,0xa84f3c4c,0xa098d3a1,0x2d734b74,0x3596f9ed,
-        0x5d551c90,0xdfd3021a,0x1ec5123f,0xe2ba7d2f,0xb2c1aa39,0xf9726925,
-        0xf8eb2927,0xd2e75d0e,0x19192a6f,0xfaba712e,0x9b83e50e,0xa606b43a,
-        0xdab5de60,0x31b1782f } },
-    /* 136 */
-    { { 0x4034db92,0x878dba45,0x8f34dc4d,0xa3977901,0xdf754c33,0x8d004f2e,
-        0xcd563a88,0xeaa5954a,0xbb5ffad1,0xa29d6c89,0xb0d8bdb8,0xa8adf655,
-        0x8cdbdb47,0xf7fb842d,0x80d3205b,0xb72e3a03,0x7cac7ca9,0xc335b0b2,
-        0xd8a5475d,0xffc60bcb,0xeba4d25f,0x736f7719,0x0c50fca6,0x3d901c38,
-        0x80c01900,0x1fdacf7b,0x5681f84d,0x75cf658f,0x5cefbbc1,0x57a7e634,
-        0x3e07ed1f,0x6fc0fbe5 },
-      { 0xb81b0e5f,0x496d116b,0x2ac853b8,0xd82dd2a5,0x327387f0,0x357e22d4,
-        0xba912c59,0x3e332a84,0x49d5dcc1,0x8b71c643,0x438d85d3,0x0c982ee9,
-        0xbf7fcd4e,0x90b9553c,0x38fed5e3,0x2cb39bbc,0x5ac42903,0xa2c67c9c,
-        0xbf07da55,0xebf21217,0xa0b9e4ee,0x55ac05ad,0x8ee9e0c6,0x10bb12c2,
-        0x48bb6e3f,0x5cf3aee5,0x8b046e91,0x4ae7269c,0xaa0e553f,0xcb266012,
-        0xa94c8fc8,0x701935a1 } },
-    /* 137 */
-    { { 0xa4626dea,0xde58d41d,0x15b9039f,0x25ef66ca,0x3164e65b,0x99a810a4,
-        0x748cfccf,0x9fe6daad,0x2f142fa9,0x7ab9a6bd,0x5d471796,0xa4cba168,
-        0x6bc3a39b,0x12d30b36,0x8bf45076,0x1f46a5dc,0x1421ac0e,0xb868e529,
-        0x59bba1c4,0x7a686206,0xda698b90,0x2b4b552e,0xe5453707,0x5039dcd4,
-        0x9e90165f,0x42a07a9e,0xd7d45dfc,0xa838fff3,0x3b5ceb30,0x41991e5a,
-        0x969ca600,0x6c961ec8 },
-      { 0xc4e7eb46,0x703bdc1b,0x596c7b48,0xd6bac557,0x66afd74d,0x4f9917cd,
-        0x656ce6f3,0x56355105,0x32497175,0x3d1fb50c,0x63effb2d,0xfda6783e,
-        0xeefaa2bd,0xbd79f1f3,0x17af9ef7,0xa4efbe54,0x5a55b7a4,0x6cef6462,
-        0x1a713304,0x116f3238,0xb95625a3,0xdb2a2a7f,0x0b027e96,0x6a0aa43a,
-        0x4832b3bc,0x458fe5d2,0x5adfaac0,0x523418df,0xc49e7f9a,0xc05a89cb,
-        0x69e24b53,0x830883d8 } },
-    /* 138 */
-    { { 0x02557389,0x959b1c62,0xadefc0bc,0x5fe5ce97,0x8330f383,0x893bbe7f,
-        0x16cfb81e,0x27e0c6af,0xd04428fd,0x6f64e65b,0xb79e6182,0x53de9245,
-        0x487e11ca,0x08a313c1,0x445bce93,0x65cec3b9,0xd67ed49e,0x33bc0314,
-        0x30782352,0x69f36b24,0x93ad31d2,0xd78e5daf,0xc780890c,0xf2682b70,
-        0x9e45efe9,0x7015c34f,0xe6cbafea,0x135d4ba4,0x7e3fcc6c,0x43a378a4,
-        0x96638f8c,0x2376f97f },
-      { 0xae575b99,0x0a6e1ec0,0x81b970dc,0x7e14cb4f,0xd3a73947,0xf00a3824,
-        0xfb235a9d,0x0b4b9c81,0x5bf62944,0x8d15115f,0x1e165d7a,0xcfd35b43,
-        0xb2ee3e3b,0x5d12fea2,0xf5182e7b,0x629984a6,0xc365d08e,0x4e43e2f3,
-        0x30f36e72,0x99327091,0xfd345401,0x698b4a00,0xbaf96dce,0x23c4fd0e,
-        0x23675554,0xa60ba0ae,0xb0325784,0x51bdac2d,0x215464a1,0x8ab4190a,
-        0x6bf10296,0x8c461661 } },
-    /* 139 */
-    { { 0x2d1f36a5,0xeffca258,0x894c5f2d,0x0eded2b2,0x43ced84f,0x35a5cdb8,
-        0xdb0e3b9b,0x290f8982,0x0719a112,0xcce0eaf0,0x39a362d6,0xd0e657e4,
-        0x62697e47,0x5516a55d,0x8e636514,0x269e1f77,0xd50269bc,0x5e3dedcb,
-        0x441c57c5,0xecec2300,0xc705578d,0xdb83f31c,0x1e489eab,0x1bdefb73,
-        0x395fcdb4,0x20b678cf,0xff9db001,0x908cf91c,0x55f52cc8,0xcbebc6f4,
-        0xb4c61162,0x155ea622 },
-      { 0x876fa42e,0x94be2f1f,0x7fadeee7,0xab5e8749,0x38c865af,0x692e70f5,
-        0xdf8059b0,0x16e99b84,0x8b5a7ac9,0x0ceb606e,0x2d463d2b,0xced23357,
-        0x2a9a09a0,0x2d0f2623,0x3861fbdf,0x2529998c,0xc1be310b,0x711888a7,
-        0x0d8aade3,0x9b1229c5,0x3b13533d,0xdbcf9b78,0xff029708,0x3ca746f8,
-        0xda83ef88,0xa5a013a1,0x4ab28444,0x8e904d18,0xbcbd4aba,0x2fe84b3d,
-        0x259058c3,0x8f570f24 } },
-    /* 140 */
-    { { 0x2ca9c508,0xdeb66c8a,0x69d6b780,0x2dc5bec2,0x88ead600,0x16d61266,
-        0x49d72614,0x61841b97,0xce472e6f,0x41e40e6c,0x1fa7a876,0xada24264,
-        0xcc3997a0,0x45b9fd33,0x7c15dcf4,0xb25e8fa9,0x12e9629d,0x0124ceb2,
-        0x7db3d956,0x3a8c72c6,0x7c1a7844,0x8e2ded2b,0x6dd027ff,0x94ab09c6,
-        0x7e7a2bc6,0xf89a057d,0xcf70c763,0xad8bf226,0xc8a26212,0x4cb268e7,
-        0xb2c44c1d,0x3d171e87 },
-      { 0x8ce49820,0x382ac16e,0xc0c44dc9,0x24ee45e2,0x73e858c4,0x0ec67912,
-        0x46327cf9,0x918cb25c,0xc6159c1f,0x43e3876b,0x37545cb3,0xb6b6e0e0,
-        0x5d12347e,0x64b839ab,0xa300d541,0x72e09274,0x881c1169,0x26ab28e6,
-        0xeb75a843,0x4a580fff,0x359120df,0x0a5802ca,0x3209f4a3,0x7fee82d0,
-        0x8e6a9380,0xb518016b,0xc2ee11ca,0xb99c6c70,0xab9d4ec7,0x16105af1,
-        0x34cd9004,0x234e98f8 } },
-    /* 141 */
-    { { 0x14db9cda,0xff435208,0x96adec90,0x99cfdc47,0xaf458b6d,0x843aaa6f,
-        0x743eaa31,0x3f1f7415,0x61735d81,0x915e192e,0x0ac595d5,0x3441a22d,
-        0xc044bc8d,0x704bbf67,0xbe23a236,0x2f960471,0x15d1d557,0xcc326388,
-        0x76b1dd94,0x9410230b,0x0c1c8a67,0xf2e5439f,0x833c910d,0x56b141ac,
-        0x865b84df,0x467c999f,0x21f02b7b,0x1b0251fa,0x96216950,0xde5b5260,
-        0xce3a1e93,0x6a2130e3 },
-      { 0x4b3ca1a7,0xd21b67a0,0x00c0ce80,0xaf42ed53,0x932cf07a,0x22ccd368,
-        0x5c25c35a,0x36523a81,0x8dd04d06,0xecdd3958,0xb2f93a3b,0x73da3502,
-        0xd5e5b530,0x4c5e0c3c,0x13268777,0xef9f5486,0x1e742292,0xed87fefc,
-        0xa24e5ede,0x6d9ac29e,0x33849f1a,0x08abc9f0,0x40f23905,0xb09b2292,
-        0x7f934353,0x6791072c,0xe6aeb550,0x102a6381,0x96feb870,0x3ee07409,
-        0x9c4d2830,0x34f06faa } },
-    /* 142 */
-    { { 0x2348f005,0x869dc79f,0xdf4920b1,0x9b5c5d71,0x6dee64a4,0xfd1b57ca,
-        0xe82a4fb4,0x21b7f734,0xb9578366,0x637cb834,0x7d287d96,0xc934101b,
-        0x0392ecab,0x1590f8ac,0x7f75f4e3,0x280dc373,0x6a61ac62,0x8b36f50f,
-        0xa65568da,0x74f58304,0xd930870a,0x80d792a9,0xfc8895cc,0x6d17b192,
-        0x4914939f,0x498392fa,0xd41d5b9e,0xaf36027d,0x5caa82b5,0x452d79e2,
-        0xf4115d1a,0x764d47b1 },
-      { 0xa2ee8b9c,0x5df22303,0x85dfcd48,0x1b9f72d3,0x10813a37,0x6b42b983,
-        0x3de741f5,0xe28c523b,0xf303bb5b,0x0857625a,0xac9bf9af,0x926f299a,
-        0x0d445b34,0x21beac08,0xd6ba2c0e,0x6a523a02,0x7fce2864,0xe302a1b1,
-        0xe300c1ea,0x4516a235,0x7b4a9311,0x4543736a,0xc0cc89f7,0xd3c0b9e8,
-        0x40ed88de,0x0481904f,0x3cb7fc70,0x4f269b56,0x321b9738,0x09a1d53a,
-        0x230a3810,0x1c0dd9c3 } },
-    /* 143 */
-    { { 0xc46a7d9a,0xffaa1f67,0xbedf91cc,0x64743334,0x47a42f2e,0x45833a74,
-        0x241ffaa9,0x67980051,0x335efe6b,0x70979a84,0xf08b2403,0x5f0613f5,
-        0x64f211dc,0x6bb22fcd,0xa0572cfc,0xe1b8b2a3,0x7950a14a,0x19e0eb41,
-        0x3eb6cd4c,0xe634bb29,0x470a25ff,0x31a04b25,0xa3d15a0a,0xa41f7ac9,
-        0xbf2fede9,0xefed85ec,0x81b94a00,0x1f581f5f,0x9ef4a15c,0xaa3996b0,
-        0xb06041bc,0x52d8be39 },
-      { 0xfd631a2f,0xbd1536f6,0xb351a8dc,0x91fae7f0,0x9b126212,0xd1a590c7,
-        0x2bd0f435,0x52d4875f,0x92b0ea70,0x9aedb6d3,0xb83ab89e,0x0bd0abdc,
-        0x89fe192c,0x827a1062,0x102a0bda,0x6566a960,0xce036814,0xda083037,
-        0x58639405,0x30bed79f,0xdbca8df9,0x972019b6,0xefdaa3f5,0x89201286,
-        0x5236b892,0xb337b996,0x28fc2e73,0x11d3e38e,0x880e8da3,0x70787f41,
-        0xdae4a45d,0x6cff6367 } },
-    /* 144 */
-    { { 0xf89a8bb4,0xbd3d0433,0x93b98f71,0x42144c33,0x03470a2d,0x82b616c8,
-        0xe5da089e,0x98fcc757,0x7bf5fda6,0x542354ef,0x9ebd34cc,0x1885c253,
-        0xbec5dd0d,0x2e20b285,0x782a1bca,0xe71bbbe1,0x9b854ef0,0x959ded30,
-        0x8997fa6a,0x17249979,0xd81f3c45,0x50cf8fa8,0x60c11152,0xa9a3b517,
-        0xecf845ea,0xc9b0ef7d,0xb9fed11b,0xc9339e23,0x28256080,0xc93e9c5c,
-        0x613ec1e7,0x1d2c8217 },
-      { 0x987cfc93,0x7381347d,0xf187f810,0x047603bb,0x1250ca31,0x3fa6bc9d,
-        0xbb055bf3,0x480091e0,0x3a3af87c,0xbdf95f1a,0x140540ab,0xe2687770,
-        0xd7fe045b,0x998df730,0xb723bc2d,0xb398135f,0x15ebec46,0xac230f8c,
-        0x5f5561c0,0xe08e1830,0xda60a47f,0x7c0fbf4c,0xe16d4bfc,0x06e95c24,
-        0x74617e92,0x74163495,0x4ae0c20e,0x39719869,0x2131e2b6,0xfe269312,
-        0x0a537722,0x25486e36 } },
-    /* 145 */
-    { { 0x53572806,0x618795ca,0x656968e1,0xb2c89449,0x3fb323ae,0x149c2c97,
-        0x409bc7d6,0xfb15de26,0xc79121b3,0xa90cda72,0x204cabbb,0x6d2fa14e,
-        0x91604125,0xcbcda6f7,0xb435f947,0x25086261,0xc282eb10,0xdb686c38,
-        0xf1a791cb,0x51016d62,0x61a2266c,0x6b1c7ed1,0x271d74a6,0x26780666,
-        0x824287a4,0xb5ffeda1,0xbbe4f0f3,0xcbe503ff,0xb9482a74,0xd7f7f0be,
-        0x088493f1,0x751b2358 },
-      { 0xe9c9be68,0xd597b9d6,0x67d10c6c,0x1794b5c4,0x7762b2f4,0xa88cdc3d,
-        0xa1b44e11,0x6d94a63a,0xaaa8eca8,0xfb0bbbb9,0xc963d87f,0xf4b0f2d0,
-        0x5dc7075d,0xb753062c,0x49933989,0xfed726ac,0x57f9ccde,0x5da60638,
-        0x75f8c766,0x221c392a,0x5dc672ca,0xcd264d95,0xb66ecc8d,0x7004ff22,
-        0x18a458ba,0xfb1aa9ae,0x8babd653,0xea9644df,0x2ba0de7c,0xa9378e80,
-        0xca2c6c75,0x144cc12d } },
-    /* 146 */
-    { { 0x2989aa3a,0x593a0a1d,0x59e6e64d,0xd83f2283,0xd32e732e,0xe938b0cb,
-        0x3c3cb249,0xf4c464c5,0xf89ea6ac,0x9750a5f8,0x346cfc32,0x467e5bbf,
-        0x37b2b809,0xc9bfab9d,0x3b339c6d,0xf8eb7453,0x3b766dee,0x3fe01fbe,
-        0xef6aea27,0xb3154254,0x7be61b10,0x555c3df2,0xdd818488,0x70fb6d81,
-        0xbbe714f9,0xda1af3a4,0x9d18f693,0x575f2017,0x2465b839,0xdc08fc6b,
-        0x6b84a951,0x874ecf33 },
-      { 0xbbb3f6be,0x624af83e,0x08bb423d,0xf578fbb9,0xd7873527,0x5623b0ba,
-        0xa62e0442,0xc3659bd8,0xfe236f79,0x2903b167,0xe53f26a6,0x55a430c6,
-        0x3ad712cf,0x222547ae,0x76eb272b,0xb73890d7,0x3d628df9,0x95b4f70b,
-        0x53eae4ac,0x9f0e13b0,0xe7f2174e,0x5b4f5138,0x98dbae17,0x75482cf9,
-        0x44518480,0x2b69bbde,0xcafef15c,0x4f279652,0xb6bcaf19,0xa0a3ef2b,
-        0xce4c634f,0x31fb8581 } },
-    /* 147 */
-    { { 0x615cd607,0x398306d1,0xaa32c3a6,0x680c9faa,0x7779131d,0xe87a705b,
-        0x36708b00,0x1031013a,0x9445297f,0x814fa0e1,0xa6a79b56,0x70c5583a,
-        0x4b16bed4,0x03039cbf,0xaaaaf8d3,0x18a7ca8d,0x5cdb68a5,0xf33159e7,
-        0xd23814fa,0xdea0e738,0x8d0f4f9f,0xeb352718,0xdcdff032,0xb0b76609,
-        0x3d48338b,0x65ba8ea9,0x55dd507a,0x18044d82,0x4a4a50b4,0x844a223e,
-        0x18e19e54,0x98323000 },
-      { 0x57f3d5a6,0x28a21027,0x6e8cadcd,0xffce5648,0x02551f3b,0x9590381b,
-        0x935ebdf1,0xb26cc64f,0xc083aa6e,0x60611291,0x88e4cf41,0xcd988a66,
-        0xdd53b1b5,0x581c3f73,0x77fc621d,0x78c804a9,0xfadca2fa,0x31874330,
-        0xc83ccf02,0xf7008da4,0xa79a4707,0xc4122a1d,0x4a915eb5,0x9a8e0d3f,
-        0xd0123660,0xa2de157d,0x65ead2a0,0x45ef43b2,0x188db285,0xd0a22ade,
-        0x922e0caa,0x8abbe39e } },
-    /* 148 */
-    { { 0x3a2d2f01,0xb4446905,0x5dc6685c,0xd27c3193,0x1d74a027,0x6a908bbf,
-        0x5b50ec1d,0x01da350f,0x3f3c2e26,0x1d3dd45e,0xb836ee92,0xf66e11d0,
-        0x474b979c,0x7e03908f,0x98b87834,0x19e7c5b9,0xbd3d1de9,0xa741d3fe,
-        0x1ef6059b,0x63c68e8d,0x3674e247,0x9b9ff939,0x3e7e67f6,0x1d7d53e7,
-        0xaee9e248,0x698dc326,0xb3bd984c,0x52f23eda,0x6f8fe8a7,0xf95e31b0,
-        0xc3d0ba95,0x0f15b4d0 },
-      { 0x790a8d85,0x8f2f6635,0xe2595af1,0x51bffbae,0x24b51287,0xd15b7ec6,
-        0x3234715d,0x7639b6ab,0x2bc5441d,0x0cdd5299,0xf6d05833,0x54800ea4,
-        0xf6d6e360,0x21efd752,0x19290613,0xc0b7ffe5,0xeea898cd,0xb68a5825,
-        0x22982266,0xecedba92,0xbbd06bb2,0x678a91b0,0x4bb6b0cb,0xb2436dc0,
-        0xcaf8ea98,0xcf7a99e7,0x71aa05bb,0xb92d0e6e,0xf5993eb1,0xbf8d0471,
-        0x20385ddb,0x515db378 } },
-    /* 149 */
-    { { 0x6f5bef22,0xee43eaaa,0x20348712,0x952d2698,0x7a3af6c6,0x1e4c484e,
-        0x9a8c9403,0x18d434c6,0x5001899a,0x63e5d741,0xfe8ea40c,0x5238dbbc,
-        0x96798721,0xca6cc8d2,0x04acbde8,0x73db6aee,0xb7f993ce,0xbf69328d,
-        0xad45e334,0xa3f79bbf,0x7c1f1630,0x8c51ec93,0x9b00a6de,0x4907325f,
-        0x12d82bc3,0x49e6acb4,0x0ec59fc9,0x5901b36d,0x9cf34e3b,0xcb09b710,
-        0x1abf4c02,0x2de0487e },
-      { 0x8dd9d484,0x18b722f3,0x7c77bacc,0x83349393,0x93d92b8a,0x58dbb8f1,
-        0x8e3fac25,0x80d78d50,0x745f4a7d,0xf0500981,0x877cc29d,0xd072bfed,
-        0xc30a89f8,0x67abf8f2,0x9a0820d7,0x92c567ea,0x8a3a5738,0x425ab12e,
-        0xf055521b,0xc162faeb,0xb94ea5e9,0xee1c4f26,0x3d71e546,0x1e414994,
-        0x43e8be1d,0x258183b8,0xef9eae0b,0x44917c82,0x73874a30,0x6813a457,
-        0xcc42f86e,0x6f6ac071 } },
-    /* 150 */
-    { { 0x4dd6e3b1,0xd38822ad,0xad620869,0xfc78e1cc,0x2cacde80,0xe7843845,
-        0xa8469fe3,0x121cc14a,0xe67e8ef2,0x8e8f3da7,0x4d347448,0xdb83d16e,
-        0x798631f4,0x3ba1dd98,0x0a4c4c17,0xdfab5977,0x3edc701f,0x1f0a1306,
-        0x6cd8ff28,0x4649d601,0xbcc55bc9,0x2267230b,0x5760412a,0x02a19c60,
-        0x328faef6,0xc719d5f1,0xf67eaad9,0x27cb969e,0x719bafb5,0xf342530e,
-        0xff5a82cb,0x6e2c24cc },
-      { 0xadaf8793,0x6313024b,0x035c948e,0x944bccf1,0x953500bf,0xe9a066b7,
-        0x1d116765,0x7991a946,0x9fd93c78,0x95addb2e,0xe92e5495,0x05d2c037,
-        0x9f03e5cf,0xcb145b18,0x95aa1f72,0x81ae48ca,0x135a6e4f,0x203f2702,
-        0x49b2a7d5,0x2bcef5a2,0x02d7f2a3,0x0687a900,0x6c6745b0,0x2f7d3228,
-        0x86507305,0x3da8a875,0x2e8dc58f,0xbe38b884,0xdbf11185,0x6b48bf34,
-        0x97c08f91,0x5af7fd0d } },
-    /* 151 */
-    { { 0xf4a224a5,0x55f9b950,0xcc50273a,0x41904574,0x643f1fd5,0x34f81330,
-        0x0e50f783,0x996801bb,0x89581712,0x866d7403,0xa4091d36,0xdb9a405d,
-        0x16a46fe7,0xf1e379df,0x83bf9168,0x8d04a93f,0x32b20bca,0xae4c8335,
-        0xf72a1c10,0x99d334b1,0xd8195db4,0x8fbc9977,0xfba14b5d,0xcaeb3dff,
-        0x76daf476,0x60fef022,0xdb5b72f4,0x4b948dfe,0xb6dfb062,0x5185c925,
-        0x9609d4ae,0x27a9c381 },
-      { 0xf12a93af,0x73c37346,0x5536634d,0x028b707c,0x498193d1,0x8efa58d5,
-        0xef21b69d,0x4f83a5cc,0xa788a0e2,0x05cbb0a3,0x65b13c98,0x01031781,
-        0x2b73784c,0xfea20e58,0xe50361f2,0xdf9713a0,0xd0cc22d9,0x31449a0f,
-        0x7c5e2e1b,0x183752e7,0xb67044cf,0x6e44d6bd,0x733e177a,0x012dde95,
-        0x08ee2c23,0x68b49669,0x1f5f1949,0xd9bb0541,0x6acd886f,0x95182c71,
-        0xfbde9244,0x1c690694 } },
-    /* 152 */
-    { { 0x3a880026,0x5db67d17,0x125d95f2,0x89c4f0a0,0x3f6cb7a4,0x29050551,
-        0x5cbbdca5,0x3eb231d1,0x972bcbd3,0xf8cffc99,0xad55a03a,0xcb4ef4d4,
-        0x22867c2f,0x944d47ca,0x0ead1aa5,0x96d88548,0xcbc8b045,0x76a57cf8,
-        0x005e55a0,0xdfe5844b,0x1d18a097,0x5e9e7e19,0x52923c74,0x957a26e8,
-        0x7f5db339,0xd0867b79,0x63bed0c8,0x2553408e,0x689ad23c,0x1596e5d5,
-        0xa504c339,0x7b8c13d6 },
-      { 0x52fb6901,0x2fc43aad,0x16ca253b,0x1c0313f9,0x515aadc6,0x1475830a,
-        0x7f577dc2,0xc93d1926,0xf723c0dd,0x26e52e8e,0x3eb9f6da,0x2f1e0eb8,
-        0xf180376d,0x9979de82,0xb0834939,0x43e28ecb,0xa39c38e7,0x9a2d51dc,
-        0xa8e3f6b5,0x6e6063a9,0x4b9b3270,0x4cf1da3a,0xd2f8915d,0x6e5348a2,
-        0x50507912,0x5e75e3e0,0x20d383fa,0xaeffce57,0x8fd2fb29,0x1d6d53cc,
-        0x696f4cd0,0x0e3c3ef6 } },
-    /* 153 */
-    { { 0x21ee1d83,0x3bc337c1,0x787b7788,0x97e08f6d,0x138fa4ce,0xbf709fcc,
-        0xa0348e58,0xbaf77647,0xa55e672d,0x04f8babc,0x7d5ec5dd,0x0ed2919d,
-        0x33e99218,0x8ce64bff,0x24b059af,0xac09fc57,0xdc5e32ba,0x506831f9,
-        0x465af6a9,0x26a22677,0xc97f1ff8,0x3c5efe66,0xbc6087fd,0x1515e0d6,
-        0xaa8edc6b,0xb1a39c5e,0x0e79ed29,0x3dd816bb,0xbc3788b8,0x6cc13769,
-        0xc092a51c,0x463098e3 },
-      { 0xc8bd0fa7,0x3a6408c7,0xce6bde49,0xd1764311,0x283ef7be,0xe315e108,
-        0x99b5d938,0x8213cc77,0x45a49a6b,0xaf7f1581,0xe529e4d1,0xd00fdb0f,
-        0xce66c9d6,0x55d38f77,0x1bd4b952,0xb4f7ccc0,0xaf71f986,0x8d975b49,
-        0xcd64d00a,0x12b59fcb,0xa5a3bad7,0x1860e504,0x2b5c89f1,0x6d976044,
-        0x7a3e231f,0xfed0c659,0x178cba92,0x58114c33,0x6698e11e,0xe2e74c06,
-        0xa348b85a,0x7f8fd093 } },
-    /* 154 */
-    { { 0xc19428af,0xf24592ca,0x3a308665,0x192a1c81,0xe30bbd7f,0x42589812,
-        0x836c6bb9,0x10db0723,0x598e4987,0x9c7a41e9,0x6ead6f4b,0x8aff179e,
-        0x75862c44,0x70f8f9b9,0x6f21983e,0x6b3b0237,0x98e65152,0x25d83e9b,
-        0xd751218a,0x3b2d26a8,0x9d6f1da6,0x9508281a,0xa5a81f74,0x8df78d05,
-        0xe4687471,0xd79ee559,0x6787d8cc,0x2060ca57,0xa8476c95,0x427a84ff,
-        0xe6435131,0x87b64c51 },
-      { 0x4b30d3c4,0x87f46f65,0x23b4ef14,0xcdec4c5c,0x63ca4d68,0xb3b74766,
-        0xcf3fb56d,0x1df34269,0x0fd7d46a,0xd4f139c4,0x6a69a8bd,0xa3b7c7c7,
-        0xcbadd7d2,0xee56b4c9,0xac942334,0xb28ff342,0x786f1da3,0x0046fdfa,
-        0xb700c82e,0xce5d149c,0x50966597,0xca30ef81,0xfcff4bdd,0x44a20609,
-        0x44925268,0x0f2f65e7,0xd4021f38,0xe5b6552c,0x042dbbd0,0x77ea9c2a,
-        0xd9c062f5,0x8c95267c } },
-    /* 155 */
-    { { 0x5fc1abb1,0x6655032e,0x12fe4743,0x2215af54,0x29f05ef5,0xfd657560,
-        0xdc191be9,0xb0e73325,0xc08639b0,0x7ab3c65e,0x1c3e6673,0x67507f51,
-        0xc8615555,0x638befc3,0x42f0c4ad,0x5d0188cf,0xd896186d,0x843a301c,
-        0xb2c6741e,0x045603f7,0xfa3cd1d0,0xf7545c0c,0x4a40672e,0xf612affd,
-        0x45b9e8dd,0x56197c9f,0x87922d74,0xb453237d,0x4b2d59bf,0xbf132e3a,
-        0xb84a6a16,0x8afa1b73 },
-      { 0xe793ac70,0x6b3596ea,0xeef6dd10,0x4c94ef8e,0x70422e40,0x926b4fa2,
-        0xe9e5d763,0xc8c71dce,0xf512aadf,0x352fcb70,0xa883975f,0x1b7ba138,
-        0x058c3b13,0x57991390,0x97740fd1,0x9692092a,0x160b0697,0x19ad945b,
-        0x10837ab2,0xbc634388,0xf174bb71,0x76ee11c4,0xab1b80eb,0x6111bfc1,
-        0x70ec458a,0xbc82bac8,0x312d3325,0xeee60127,0xb240adc8,0xb4118b1a,
-        0x2b5a093c,0x67211191 } },
-    /* 156 */
-    { { 0xf55cf9bf,0x91e99306,0xa46b96d9,0x9b045308,0x9e7a65df,0xae3c1e1d,
-        0xc731bcbb,0x453cb151,0xa4d58a61,0x14be5227,0x97c74cc2,0x39dac922,
-        0x822e00d6,0x4d0f7a45,0xc62b03df,0xafeb1d51,0xbaa18b2d,0xbb1dc3a4,
-        0xdf2b74f0,0x7f3c7178,0x896b6a33,0xfcd328a6,0x1dce055f,0xe95ed454,
-        0x6a4e2b87,0x97fbc76b,0xfa59dce9,0xe5ec67f1,0xcc0367c1,0x052368ac,
-        0x54e4a3fe,0x7c863916 },
-      { 0xca7388cf,0x55e94b5e,0xc0335d38,0x17cc0a60,0x616f85ba,0x9b69b78b,
-        0x10122980,0x705d02ef,0x1cfd0a79,0x565a6e80,0x7d1ee352,0xeb74a96d,
-        0x427b9dad,0x5c8832ed,0xe6d5330f,0x96ea8528,0x18d24ee8,0x30d8862b,
-        0x9ff939f7,0x9cd38ed5,0x01060252,0x690fc9a2,0x2303b3ff,0xc62d88b8,
-        0xdd52b469,0xfc42d7a4,0x8cad2d93,0x06f8dfa2,0x60920438,0x50236090,
-        0xfce855ad,0x32582758 } },
-    /* 157 */
-    { { 0x359e8c60,0xeb20e45f,0x364ca186,0xc71bb8a5,0xdff8e110,0x02b15071,
-        0x4c93e578,0x074e91d3,0xb829d0d8,0xc0326e00,0x626a83fa,0x3c192258,
-        0xfb29a09e,0x387a64d5,0xe5ac5c82,0xcaaa3d34,0xada2da29,0x8ed685e5,
-        0xeb29650e,0x92720267,0x763802f3,0xf7184b19,0xdf6b1aea,0x23f5dd0e,
-        0x25e6125d,0xbe1fa347,0x0c872a1a,0xd6287f9d,0xac57c3af,0x49aa93d2,
-        0x5bda7656,0x1a4e6a71 },
-      { 0x554d1267,0x1a126ede,0x1cd02b48,0x37f94533,0xce31fb1d,0xd70af04c,
-        0x097dc012,0xcf410b0b,0x36c7b6c5,0x930e1d17,0xc6891085,0x902fee41,
-        0x79fb638f,0x349ba4a7,0xacd6f8df,0xa16c5821,0x2e076ace,0xfb3b83c1,
-        0xe501d14d,0x6b8d033b,0x20f2d2da,0x0593d452,0x99df1880,0x3752526d,
-        0x9feb33a6,0xca32351c,0x1f6ef456,0xd91343bc,0x35b9dc8a,0xc74857db,
-        0x85b4e832,0x856a7c93 } },
-    /* 158 */
-    { { 0x0d0a5583,0xa007d002,0xeda4658a,0x2f1301dd,0x34d939be,0x91c07964,
-        0xa70c0836,0xa0cb6780,0xbe81e540,0xc0b4df95,0x5d4ac8b8,0x6cbbcd34,
-        0x54756239,0x57c52ed0,0x1805ceb6,0xcac2dca4,0x79344255,0x915ee6ab,
-        0x24c9a2a6,0x366def31,0x8c12c674,0xbd3b962f,0x7dbb7c3b,0xaab64f1b,
-        0xe22bb95b,0x3c0e4553,0xc4c63b74,0x2408feba,0x2a4da631,0x3ca77312,
-        0xc636da40,0x62889084 },
-      { 0x8cb8d208,0xa457fd53,0x543f06d4,0x7a8f8009,0xf2eff2ab,0xb66de154,
-        0xf72517e7,0xfddb28eb,0xf9389d2c,0x0149fe66,0xd85b88ce,0x79e8773f,
-        0x0ba543f7,0x452e090b,0xb0b03fc0,0xdeb9b5cf,0x6c5ed77b,0x3113448a,
-        0x8ffc0372,0x3609f3cf,0x5c1b4c4a,0x2bc9c46d,0x8fa59be9,0xe66f3bf3,
-        0xcdb02691,0x1396bf5f,0x009f88f9,0xf1ec59d4,0x2ad9dfe3,0xc2903456,
-        0x5ada4d58,0x79d8122c } },
-    /* 159 */
-    { { 0xaa529507,0x14d4e4ce,0x74655d00,0x056a0814,0x4f0fc474,0xc0d30a38,
-        0x3443cb8e,0x8a8203ea,0x97f1728d,0x33c62fb0,0xb520ef52,0x8a38dcfd,
-        0x7cac9d3e,0xa0f90d5d,0x873cea50,0x28a7b0bf,0x6c6c41cb,0xd115ae3a,
-        0xa13812c1,0xa35171da,0x624d507e,0x25d4bba5,0x7e98f42f,0x91dad289,
-        0x96a41371,0xffd6b1e9,0xb69e5b77,0xd46c2125,0x20c4f707,0xc7d2b424,
-        0x8142557a,0x2ab3af95 },
-      { 0x6a5372a6,0x86ca074c,0x56292ba7,0x728fb83e,0x77741cf5,0x745596dc,
-        0x520ef49d,0x70b4cea1,0x61e46472,0x1472fe34,0x3fb8ac5d,0xf4d6bd66,
-        0xc10bc071,0x46e52cc9,0x371a3461,0x28794efe,0x276fe877,0xa4850718,
-        0x9bef5ab4,0xedad5773,0x3f15c815,0x24c2d9ff,0x8f8395c3,0x188950e5,
-        0x80b6a855,0xbae40996,0x8a8803e1,0x4f53e22c,0x039d25ee,0xaf233f61,
-        0x250409ca,0x07db2c35 } },
-    /* 160 */
-    { { 0x037d4703,0xc7f3b8db,0xc5f488b9,0xe83708df,0x8471d402,0x1fba830f,
-        0x5a2faae9,0xa55ee8d2,0x5404fc1e,0xc2e5bf10,0xaa2d5651,0x647d5027,
-        0x7ebaf5f9,0x37a53c0c,0x95b30abf,0x7adf0bb2,0xd64c93ba,0x5a62e1fe,
-        0xe2ef4a78,0x7ffc18c0,0x4d2cd04f,0x139dd9d9,0x5ea0af02,0x253fbab7,
-        0x0fef9acf,0x7c8100ea,0xc8615aa7,0x74c5384d,0x9fe52069,0xcb28682d,
-        0xcf7dd759,0x08b6ca8f },
-      { 0x036c3b5a,0xe04e5bea,0x7f9f2b4b,0x38726102,0x29797c0f,0xa9fca570,
-        0x82879ea3,0x1656180b,0x607f0ddf,0x153389bb,0x67b0e087,0x99a1223c,
-        0x9d897fc7,0x0d1808ec,0x916edf19,0x9470711a,0x07217118,0xf8f52f2b,
-        0xd18888b6,0x5d8b29ff,0x4cc6f900,0xef1e22c5,0xeb24877f,0xc4036165,
-        0x35479525,0xfda95233,0x6861468a,0xd622a421,0x74faba08,0x5d043b07,
-        0x0d31a7d2,0x2c337b02 } },
-    /* 161 */
-    { { 0xea22fa65,0x7b2305bc,0xd159f63a,0xbe183ef4,0x3f35923f,0x3473d87d,
-        0xc11d7753,0xb27fb306,0x2a054cff,0x702e7e6b,0xaf185619,0x3ce9f97c,
-        0x4e7d51c5,0x83550243,0xf356ac5b,0xa63e3d82,0xd7645131,0x867b7caa,
-        0xa671fc9d,0xee85e6af,0x2b07cd77,0x3b985ede,0xffda5193,0x07d598b0,
-        0xa942dc36,0xb10eca39,0x506218a9,0x17f3dcee,0x06b7d5ca,0x3d94e8d1,
-        0xed8831c9,0x509b2634 },
-      { 0x48caed54,0xb1b9414e,0xcbf51e97,0x77a78c6c,0x4de9b258,0xa4688c8d,
-        0x91ee3d78,0x0024137c,0xe30ee64c,0xa68f9234,0x88190d78,0x573255bc,
-        0xba80690b,0x41e8e05f,0xec354f4c,0x50038d84,0xdfa52816,0xb18f02d6,
-        0xccb63fda,0xc47f9007,0xe98ae455,0x29d480fb,0x5d0e319d,0x4ac45d22,
-        0x026db719,0xd06f3575,0x2c3587b9,0x733b9e20,0x2c317727,0x22483992,
-        0x54bb8752,0x1592d5a7 } },
-    /* 162 */
-    { { 0xcf7453f0,0x5778d9a2,0xed83c1f0,0xaffb899a,0xe0a82ba7,0xae6506d3,
-        0xea3d5081,0x32c84e1a,0x810aa38b,0x9ad528c0,0xbd37d041,0xb1fdb020,
-        0xd06ce41f,0x78d6cbe1,0x2e74b7f6,0xd287f0f0,0xc43bb022,0xf5cd2575,
-        0xf81a71b3,0x6d28f2f3,0xc633e7f4,0xe65bb1f5,0xc4fc580e,0x32e5fc1c,
-        0xbb7b07a5,0xcd55539f,0xc3caaf3a,0xb5a94471,0x4cc22d2d,0xb958bdf4,
-        0x77a2777c,0x1614bdbd },
-      { 0xed0ab04d,0x4c1f0230,0x6e2082ea,0xae347b00,0xc42c5b5f,0x9f10bc63,
-        0xde019935,0xb0539e6f,0x65dd0825,0xd89bd4e7,0xbbceda16,0x92260fef,
-        0xe62aca32,0x8aaa755c,0x5ec82c5f,0xed762fa9,0x18650768,0x99e64c01,
-        0xc92e348c,0x57dd6245,0x31ea6d68,0x0db88a77,0x07b44736,0xef0012ab,
-        0x171d70fe,0xb9356b94,0x03f891b0,0xe68b0628,0xb79c20a2,0x3a54a53a,
-        0xb00b0728,0x489656c7 } },
-    /* 163 */
-    { { 0x71353c25,0xe43649ba,0x13f67e24,0x517f27a1,0x1c1eb9e3,0x10bd333a,
-        0x78e29bf9,0x94e1c05c,0x4743f15d,0x84fe7d97,0x90da2df0,0x9c874908,
-        0x53673be1,0x82403fa7,0x1baea1b1,0x7ebf5db4,0x24180ead,0xcfe0ae35,
-        0xc2f50c3f,0x1d15873f,0x70661cd9,0x16851ad6,0xa51e8c2c,0x802968d9,
-        0xe0161099,0xe7d1a9cd,0xa8a7ea56,0x2b153c89,0x06e3c498,0x6d41b789,
-        0xd6769dcb,0x082bb2e9 },
-      { 0xc4d6615f,0x6180ef46,0x01b9829c,0xfc629dc1,0x0fb264ca,0xde222ec0,
-        0x10ecc2c4,0xc5457e06,0x1eea2c4d,0x95ce599f,0x8f9c5b2c,0x0433fa72,
-        0xcd6310f9,0xee035462,0xce2e2253,0x84c57c3b,0x96d87e44,0x6c8ec31a,
-        0xa452c5a7,0x30bfe393,0xa047b235,0xc592b140,0xc018545e,0x7bd8be18,
-        0x5c178c46,0x794e0107,0x2e23005b,0x48471946,0x622a54f3,0x2665e237,
-        0x901c9042,0x36451a46 } },
-    /* 164 */
-    { { 0x19893e71,0x17802d18,0x539a2082,0xa1765d8b,0x2302ecfc,0xfc6aea01,
-        0x365bf59d,0x8d4cf51b,0x0d232a80,0x87741d72,0x18e80427,0xac343eb3,
-        0xe74739ec,0x553ecb2f,0x1a8b07ca,0xaeca79a8,0x56f4ab3a,0x089ff322,
-        0x3fa1d1f7,0x5e95d729,0xf62a9a16,0x260569ae,0xaa08ddc2,0x5e776232,
-        0x1b7bb54a,0x93fabec3,0x743d56e7,0x48a20956,0xeb0ebeff,0x749cdb12,
-        0x69b8fcf1,0x705307a4 },
-      { 0xe488310b,0x7a8e4c04,0x5325cd7b,0x12726e32,0x4983efac,0x5d0fd8b0,
-        0x02ddb913,0x796e552c,0x77b9685c,0x0eeca3f7,0xb15f24a3,0x9b766e89,
-        0x48efc979,0x7c2736d6,0xa8021c6c,0x3d619685,0xa0b2f1ea,0xfe33e278,
-        0xb676d6b0,0x95c69879,0x1af4e0be,0xa0747319,0x36c4ee55,0xa2fab5f1,
-        0x59e5f3b9,0x6938b8ff,0x39cafe6e,0x1e114da4,0x6a6ad120,0xc9595ec3,
-        0x57e62aec,0x80f79bd0 } },
-    /* 165 */
-    { { 0x60af09b3,0x3cef42a7,0x933dfe14,0x3c016ebd,0xed85eaa8,0x720cf1e0,
-        0xceaa3bc9,0xd4f5e99f,0xb7106f97,0x7216b9d2,0xc9668ad2,0x65f34c36,
-        0x5b0c651f,0xa8fb82bc,0xf2fda4de,0x20f42f1c,0xd21f659e,0xeb31ab2c,
-        0xa13d1618,0xb7a776c7,0x38662be5,0xec441022,0xcad08e0b,0xc825da70,
-        0x022c0180,0x99299079,0x2aef9ffd,0x7623bda0,0xf5c58b50,0xde84f4f3,
-        0xd824ff19,0x5f5a5da4 },
-      { 0x7e8311dc,0x5737257e,0x466cf136,0xdef94f51,0xb05ca21a,0xa73e1645,
-        0x02e4ab37,0x38ea9b3c,0x8579165b,0x7760eac9,0xc24b01a4,0xdffdd047,
-        0x3fb95584,0x188d4fd1,0x25548bda,0xfaac38b8,0x59e9dcac,0x1a79a6f0,
-        0x09a2700f,0x983f720f,0xfb8a7e48,0x8cbba554,0x47a1fad5,0x38a19968,
-        0x5abd6b5e,0x11856547,0xf3716ec2,0x75113d31,0x4212907b,0x1391e781,
-        0x0dc15889,0x5319c801 } },
-    /* 166 */
-    { { 0x6b61c3af,0x2320136e,0x07b4bb68,0x1d40f2de,0x380c97f0,0x651dee7f,
-        0x6a8c313a,0xa978ba70,0x2011ca10,0x22c587d6,0xab1f445b,0x48bba218,
-        0xe50444e6,0x8c5eaf07,0x442fccf9,0x5549f02a,0x3d80493d,0x2564746f,
-        0x79c04591,0x42d24f61,0xabdc8887,0x1600fa18,0xded38f8f,0x5cb8600a,
-        0x923aeb46,0xa4bf9b90,0x1e1c578a,0xd63fee35,0xebb9ea14,0xf3c9c5ac,
-        0xf11a4ff0,0x3d13314d },
-      { 0xb4513d1e,0xe5cc662d,0xd55952bd,0xde78a8c5,0xe7f86d0a,0xe8a37a3f,
-        0x7a04f0c5,0xca2d12a4,0x2e25d06c,0x4c6696e4,0xb2136071,0x52614698,
-        0x89f6e1cb,0xf4d2701b,0x80efd95e,0xaafd6177,0xc5bb6907,0xe6d73ac4,
-        0x420db35a,0x49e874ac,0xf2751fa0,0x11631de4,0xa1fa2edd,0xb29f7336,
-        0xb7fd794d,0x4c406864,0xe22f92a6,0x73cb21d3,0x2043cc76,0xeae904e6,
-        0xb322c6ad,0x67f28a9f } },
-    /* 167 */
-    { { 0xca148ab5,0x7c17b258,0xb3c60051,0xb9a1976f,0xc8f28df9,0xea260698,
-        0xe8d45017,0x87b2cc74,0x0578a422,0x37257329,0x17bec732,0x81d5ee25,
-        0x1d48bbc4,0xd7411fcf,0x487f5cfe,0x46217e6b,0x41eb8e1b,0xcb007ac5,
-        0xe05a00c8,0xc41c57a6,0xd2f9fa99,0x1f954d2b,0x40941cad,0x370bd5db,
-        0x3829509d,0xe487879c,0x5ceca5ee,0x4c137552,0xfd3efb9e,0xe8ef7fa4,
-        0x1bd1bdb2,0x5ff09174 },
-      { 0x579c6632,0x791912a4,0xb8a20815,0xbb19a44f,0x535639d3,0xf4f97b84,
-        0xbc3c9bce,0xe57e2bcb,0xf19e6410,0x122b3f2b,0x1357d9ad,0x1f0189da,
-        0x79e5ff66,0x675573bb,0xef2f3c4c,0x444e5c98,0x04d10731,0xd6f61e20,
-        0xac75d635,0x0dfa366f,0x2c854f23,0x9fc47c86,0x0ad0850b,0xc04ae43e,
-        0x2f720c32,0x5ce94f64,0xa753bc9d,0x67efae65,0xb0373a63,0xc27d30d3,
-        0x29721646,0x6681013a } },
-    /* 168 */
-    { { 0xe84509df,0x1385d913,0xcf339376,0xe978bedd,0x3423a148,0x2df425d3,
-        0xee8cb579,0x43fa0ae3,0x31c4553c,0xf015369d,0xdfbf1d48,0x05cf08bb,
-        0x9444244a,0xadff4be6,0xa35dda33,0x01635f81,0xe76fab7c,0x085c8949,
-        0x16737783,0x4bd7fcde,0xa254f8d2,0xfd8cb52c,0x413ec985,0x62168a66,
-        0x7a9026cc,0xf2db9741,0x50e1e1b7,0x3962ee56,0xd3beffde,0xbee0a346,
-        0x0bdfab1f,0x3b35b72f },
-      { 0x535c3749,0xbff8de9f,0x8add9c48,0x23c1f20f,0xc8f8f663,0xa975b37b,
-        0xe8f3ae49,0x2529e475,0x1d5e2628,0xc32f10d5,0x67862f1d,0x5ac0d297,
-        0x854cbe36,0x13c79338,0x4b67e462,0x48f004ef,0xe5d10ee1,0xfa37a150,
-        0xd28288a0,0x4974778d,0xcfb73f4d,0x96830a66,0x07804952,0x9f444013,
-        0x9760b694,0x8233c709,0x25b75c99,0x8340cca5,0xc771f99c,0x3f62e40b,
-        0xcd95c685,0x47d0a1eb } },
-    /* 169 */
-    { { 0x652811f1,0x266f4fff,0x62ef3002,0xeaacaa93,0x50cba0ca,0x6c387a55,
-        0x007f5467,0xa350142a,0x202f2673,0xc7fd102a,0x33dc6e65,0x5daee570,
-        0x064a63d9,0x60682ec3,0x462b251e,0x46cf0bb0,0x5da936e7,0x0e030ca5,
-        0x434265b5,0xc87a60f2,0x69b4e8f5,0x9637b2bb,0x7ad7770a,0x601fb58c,
-        0xed3a15a6,0x1f2147f6,0x2995e961,0x05b47d5e,0x83213a16,0xcb0ca9b3,
-        0x4995a85c,0x8f4b614a },
-      { 0x4b4eb3c1,0x5aa8ec19,0x20323a70,0x8c549ac4,0x4f6cc6aa,0x00d49322,
-        0x45f9a5a3,0x0e53b9bb,0x0897abbb,0xe46ef110,0xd7acd7d0,0xfe873e57,
-        0x0f7cb588,0x7cfccfe5,0xc85557d1,0x0ea53d65,0x7288f2e2,0xfdd9eb44,
-        0xc0eb68a8,0xab2dedfa,0x08603a0c,0x58221470,0x00feb06c,0x69464689,
-        0x25e5caac,0x804cf5bf,0x9fc91ae9,0xd8559858,0x73c45eae,0xed9378b1,
-        0x524c9801,0x8f942d02 } },
-    /* 170 */
-    { { 0x8e845808,0x1f1ec302,0xb77abfc5,0xc302bffa,0xf8d97dc7,0x26afd4b9,
-        0x3aac594b,0x3d3a83c4,0x674d94dc,0xe3b74bd1,0xcaa5911c,0x4464b737,
-        0x871c2cd2,0x62925773,0x3b4440fe,0x419f2485,0xe052ad7d,0xdda6a0f3,
-        0x846c86c0,0x645280d6,0xf8324f42,0xa25689fa,0x07cf117a,0xc74ad1e8,
-        0x8ddc9db7,0x5626dea0,0x966fc85d,0x52620373,0xf3b1eb53,0xe0ad57c3,
-        0x949c1acb,0x38300252 },
-      { 0x5e744723,0xa0ef5a40,0x1ae08481,0xdb5bcf75,0xfec1f76f,0xabfad8cc,
-        0xfab37fc6,0xfba5d831,0xc8fedb78,0xbe39e248,0xad93f310,0xa5cfad5f,
-        0x913d5c24,0x747fdb1e,0x4518b7f5,0x052a47c9,0x7cfb4327,0x9e208d6c,
-        0x70e538be,0xb135cb9c,0x5bb17916,0x36352759,0x5b3106c7,0xa2c07880,
-        0xc209bb06,0xd2d42a06,0xd3c504ad,0xb525b471,0x822ce034,0xc9f4b368,
-        0xeb4185a5,0x15f18796 } },
-    /* 171 */
-    { { 0x0aee4684,0x094dea06,0x7cdbdbc8,0x42b21f06,0xb1931319,0xa439e149,
-        0x81a7dba6,0xea4bdd41,0x3c2ae80f,0xc6213706,0x12823dc2,0xb58b0967,
-        0x832611b1,0x7443d515,0x13c20384,0x2e16f831,0x2bd992d2,0x0ce204d6,
-        0xf419388b,0x499dbcd6,0x1d3778c7,0x492ded1d,0xc5ddae73,0x9d5bd74f,
-        0x994b6259,0xd4813d52,0x0e86ca68,0x191d9cf6,0xf3e9c2ac,0x562179ea,
-        0x9fee1238,0x6146f1f3 },
-      { 0x078e2aa6,0xbd06d33e,0x9dee9265,0x693af7f7,0xdaa40e84,0xd56e0f81,
-        0x9b9a407e,0x05fbbb88,0xede99519,0xdcf44adc,0x092dba39,0x7f71f8d3,
-        0x4231774b,0x675b5da5,0xa5f605eb,0x7456a251,0x87a39a9e,0x9031d4af,
-        0x05b474bd,0xdb430006,0xb665aa91,0xbda5dbf2,0x6631eeb4,0x5d1a3df5,
-        0x62377c58,0x028149ef,0x685d0bff,0x2e1af4e9,0x82a465de,0xe0ea0875,
-        0x06bd0050,0x95543f9e } },
-    /* 172 */
-    { { 0x85d7c6ef,0xf7cbc6f4,0x63b1bc24,0xcad8084d,0xbf8cba62,0xdf90ce88,
-        0xb455c192,0x98e4b686,0x774fc6ed,0x6146b8d5,0x7ae20077,0x70e2389e,
-        0x61c22529,0x5241c479,0x3884e5f5,0x7d221510,0x17e28273,0xd6d20ce2,
-        0x4f2674f8,0xe3119f51,0x70c011db,0x85459055,0xfcfb760e,0xdfab75d9,
-        0x9e8c2a19,0x9546362a,0x4a7d4b27,0x4b6d3f8a,0xee5d698c,0xa5c87104,
-        0x2ba296ff,0x6db43478 },
-      { 0x5c3f0d95,0x06486493,0x4e748895,0x8917db82,0x6b2f3e44,0xf73fdf62,
-        0x2b7f574b,0xc60edc54,0xaf732723,0xbe1c09a2,0x7cad114c,0x7d34669d,
-        0x321aaff9,0x9646600a,0xed0cd61c,0xb94e2bba,0xdec4750e,0x866e1a41,
-        0xb1a89f58,0xa1be990d,0xf2759693,0xc39e4d6c,0xc0e0dddf,0x11cfb780,
-        0xd99c8a41,0xf0afcd7f,0x6e1c3050,0xcebffadb,0x96d2c6e4,0x4f3981b0,
-        0x2ae27a94,0x07a791e7 } },
-    /* 173 */
-    { { 0x1e9f0300,0xe70e9047,0xbccdf904,0xe0253ad9,0xff053078,0x51c0289d,
-        0xae893462,0xf1ef092e,0xa4846845,0x2c90a91a,0xf1dad4b4,0x1946eda0,
-        0x33df67b2,0xf07650f3,0x0b15a014,0xc6e988db,0xb542f0f9,0x72e0c66e,
-        0xe0c0378f,0x5d4b6311,0xae86950d,0x548badaa,0xb35f1c8f,0x6801638d,
-        0x944d1ad4,0x129e3216,0x40471d32,0x9951bac8,0x85e94dde,0x03cc29f3,
-        0x4543ecac,0x6d6acc2e },
-      { 0x57b2d299,0xeb999e95,0xe3d721cd,0x3a2bcd9b,0xbb4cb444,0x2e60384f,
-        0xdc060faa,0xae177709,0x8c987cde,0x74f0e6d3,0x1076fbed,0x9a237cf8,
-        0x7983fbff,0x69af1513,0x323f9584,0x6c3f7a1d,0x6db64398,0x3e21cacf,
-        0x96703d92,0x7cd8134f,0xb8393f76,0x0755898f,0x2e825222,0x1b5b28bc,
-        0x7924aa7c,0xb78799c1,0x81427a8a,0x1db378f2,0xff289492,0xd5a451b1,
-        0x3d3c46ee,0x79d18212 } },
-    /* 174 */
-    { { 0x109d5589,0x1a3edff9,0x029b4499,0xded52eb4,0xb4b54adf,0x13eb9d30,
-        0xa27bff67,0x4f9214c1,0x67f0f460,0x4c817ee7,0xc3a50e28,0xbadf8d83,
-        0x94026237,0xc5dc03c9,0x966647c1,0x5f29581b,0x8a0687f3,0x10b6a089,
-        0x31634517,0xae787cec,0x62e75188,0x2001dba5,0x45e2c3fb,0x55d4e1a7,
-        0xb67d3395,0xbfcacdeb,0xbc6842ee,0xa1a0af9c,0x3e88580b,0x50590a2b,
-        0xa784cdc8,0x73104491 },
-      { 0x2648d676,0x44ca2cdf,0x4f1b12b1,0x9a85eca5,0x2980e1eb,0x1b9dac94,
-        0x1ac8aa89,0xf30d3709,0xc719e195,0x73072ab7,0x2f703797,0xba518c82,
-        0xac0067f6,0xac090e14,0x8dcd2927,0x0e6cfc70,0x21e7da63,0x4f5889e2,
-        0x8371c7c6,0xb4aaa40b,0x8f7878c9,0x1f9dabe2,0xd84caf3f,0xf78aed6b,
-        0x9e0e1d92,0x3c39dd07,0x122424dc,0x680be5fb,0x0bdc0099,0xf41b214d,
-        0x5180c54f,0x6a8f8fc9 } },
-    /* 175 */
-    { { 0x53235132,0x62a1ed63,0x59dba88b,0x1db233f1,0x291efdd8,0x85625452,
-        0xb25111ae,0xc7505297,0x1d701bd8,0xb5921af9,0x9774f45d,0xb4d05d72,
-        0xf18e73ff,0x6e3d4c5e,0x899b3038,0x897d985f,0xc89b1558,0x8a9c30fb,
-        0x4d13181c,0x3c92d1a3,0x2223320e,0x292e86ba,0x01ceed02,0xcf2454c2,
-        0x583f309f,0x27a45f74,0xad0fd1a3,0x75a6102c,0xcb9c7538,0xdb4f45d2,
-        0xdb283fd7,0x4752d8c1 },
-      { 0xd5dff4d5,0x514d6cea,0x45a827f4,0x74cd5fdb,0x4fc7135e,0x1070a60c,
-        0x1be5778e,0xdec0bb78,0x58dc6b08,0x271e12cd,0x54bc2496,0xb765089b,
-        0x619098ac,0x6ddf2c63,0x67528832,0xfd6ebac6,0xc2508af1,0xeaa2d025,
-        0x4dcfc1f0,0x13c2cda8,0x45510be0,0x1c7836a8,0x1a886801,0x3904688d,
-        0xafaf2545,0x643132aa,0x2830a88d,0x49685577,0x8744b470,0x569491ca,
-        0x75fb8552,0x3a6518f3 } },
-    /* 176 */
-    { { 0x224042a0,0xaaa8ed50,0x2452f1e6,0x6cb4e3b0,0x768211d8,0xedca5f4c,
-        0xef4d5d3f,0x4e0fe3f9,0x522d46e5,0x33a8e2a4,0xf1446775,0x5998e21f,
-        0xf592d01b,0x1496c50e,0x83a67739,0x69104c2f,0x472bbf00,0x28670bcb,
-        0x503177bd,0x8ea883b2,0x7d2712a2,0xc5d8bc05,0xb439c994,0x41ef9317,
-        0xdcda1aff,0x9801d3a8,0x7038f6fb,0xd686eeb5,0xfbfbf820,0xe80c5cd0,
-        0xedc25817,0x540ac363 },
-      { 0xfe7f43df,0xa71969a9,0x2c1b9e4c,0xe6653808,0x859c2917,0xad9677d8,
-        0x96aa4404,0xbaca9545,0xff1297da,0x0e9d855f,0x22aea7de,0x1f61897b,
-        0x36f13f8e,0x96edccfd,0x16e200df,0x627d3070,0xc98988a4,0x729f0736,
-        0x97f231d2,0x95e25e60,0xf6048752,0xaf7f221b,0x4019b299,0xd6682609,
-        0x26b4b1d9,0x1d99de09,0x1acdd7a3,0xec47cf66,0x6ebe15e9,0x4de9f2b3,
-        0xfa16974f,0x17db32ec } },
-    /* 177 */
-    { { 0x6cf40599,0x75ef6919,0x00c020ea,0x7ea10dfb,0xfcaaf679,0x3da5ae7b,
-        0x88ddd678,0x0d663ca3,0x255bcfcd,0x5a21f8fe,0xe344bc7e,0xe9c3f538,
-        0x548e0632,0x35f62b1d,0x43c6e64d,0x654f2425,0x26993627,0xc755a7a6,
-        0xb0f41324,0xa3b7c5f7,0x3a2180f3,0x05697f79,0x1e81675b,0x6cf85fb1,
-        0xe53428f5,0x6d3cdb35,0x52d28b02,0xe3aa1591,0xf7a3fb78,0xa8470255,
-        0xa194445d,0x460bd01b },
-      { 0xc24d8077,0xbc34dc23,0x4c720d2c,0x82f4b580,0x6f5d1ffe,0xa29da911,
-        0x92783ce2,0x578af520,0xb5904af3,0xe29f51ab,0xf7aa1190,0x46c570d7,
-        0x571bddf0,0x4a522fba,0xae89bb51,0xbf4e2a06,0x59f3444d,0x799b35cc,
-        0x26cc2557,0xc3028367,0xafcec177,0x94a4e985,0x7c36cbd0,0xadaf7dcb,
-        0x75d39077,0xed31b787,0x2d3e24bc,0x52d6904f,0x1f95421b,0xc5ca2669,
-        0x1734878d,0x7d342c3c } },
-    /* 178 */
-    { { 0x11fd127f,0xe5cf2c0a,0x119e4c5e,0x66d36bb8,0x6ef56ac3,0x621ab252,
-        0xe5430675,0x30cfeaee,0xac3e9619,0x2ede27d2,0xf8fce671,0x6413513a,
-        0x075f4c3d,0x6159c61b,0x59069d98,0xd447efe9,0xea76aea9,0xaf8d6f68,
-        0x0f5bd164,0xac5dc61b,0x1e88bb98,0xdbab446e,0x1ba92320,0x618b8b16,
-        0x78989865,0xa0eafb3c,0xc08b7e82,0x0c7abcc2,0x20d160bb,0x10f09b6e,
-        0x8e4c63a7,0x5be0afa6 },
-      { 0x1bbbf49c,0x82ab6d38,0x8c0703fe,0x3e09ce49,0xe10f4263,0xeca58b5d,
-        0xda5a4532,0xd9cc6581,0xf618f7b7,0x07e18876,0x250f7fe7,0x0419a5e3,
-        0xde6b86be,0xbb1a9e90,0x37359169,0x584a7deb,0x5149db2c,0x38eb3489,
-        0xb0ebabb8,0x14546a33,0xc2f88a92,0x0067f0b0,0x0a2db019,0xbde0dfe7,
-        0xc63e6f3e,0xba51b06c,0xe9206fad,0xa19127b9,0xfe80dc0a,0xe4eb5e87,
-        0xd4de30ae,0x1e6fccf5 } },
-    /* 179 */
-    { { 0xaa8ac924,0xb57dff66,0xc298b3e8,0x06e9ad31,0x65fb080c,0xd140e329,
-        0x1d95c93f,0x7dab211d,0x8a180caa,0x6d68d842,0xa20ded69,0x1a929408,
-        0x38df461f,0xa8151753,0x60eae932,0xff5604ae,0x7dae4c0b,0x901b9e49,
-        0xde262e89,0x4573a97f,0xf1084983,0xed69d9a4,0x64724f1d,0x8ffa022f,
-        0xea85a15f,0xd5f1c2e4,0x01453794,0x4c626ce9,0xbf0907dd,0x80440cd6,
-        0x5ddaa837,0x4522d461 },
-      { 0xebfbe7c5,0x8895f079,0x84ef3446,0x30ea1ded,0xd4a1ab96,0x716a9eb6,
-        0x50a30c68,0x1a4a5d22,0x0043bbaa,0x5a16631c,0x5010e5f5,0xbd107502,
-        0x3d8c0556,0xbffe3e9d,0x07772419,0x31b30b18,0x84b82297,0x90ff7ef0,
-        0xf21a18c3,0x00c37d75,0x565bb8f8,0x18d0a635,0x45e3bceb,0xbac1da2a,
-        0x23f0b08d,0x1c38e90c,0x5fbc5ac5,0xf1ba1aa2,0xdda71fc6,0x09d5256b,
-        0x6d7e40ba,0x346501a9 } },
-    /* 180 */
-    { { 0xcc2b0f1d,0x86be448c,0xac4c3703,0xe3eb45c9,0x9fc96bbf,0x5387f65d,
-        0x5ae27fda,0xcef3c4e9,0x1bc18089,0xa008f776,0x22ca18a1,0xf374a084,
-        0x53b73371,0xee882842,0x7cc09354,0xcb6fc6d8,0x61496d6b,0x8489ec1b,
-        0x49e325c4,0xa92c29b9,0x7bdec166,0x15c6ca52,0xdcea2813,0x95444eee,
-        0x3a21154f,0x34683eb3,0xd39061cf,0x8fb26f98,0x06c940bb,0xc3b08aa8,
-        0xe554c96d,0x7c1d42cf },
-      { 0xdc110aa7,0x766e703f,0xf362e378,0xab7b79d7,0x5aadca3c,0xd259c75d,
-        0x60be3373,0x2a6eca79,0x06c4e8ff,0xf4744a4b,0xf3b705bf,0xb2842cce,
-        0xae304b53,0x1a3af5aa,0x1b2d31b8,0x7bbfa201,0x4bee88d9,0xc4ba6eba,
-        0x565cb839,0x2d3565ce,0xdaf7ece8,0x24808696,0xe6959745,0x2c7ccce7,
-        0xe94f9837,0xefd6eb3c,0x3811a326,0x0a33b4cf,0xfffa93a6,0x14203f43,
-        0x73c31d90,0x031e9828 } },
-    /* 181 */
-    { { 0x765a17ff,0x4fefecfc,0xd1290a65,0xa09f3888,0x938da038,0xbf265c46,
-        0xa169ad46,0x4bb6145d,0x23a62fe8,0x33cf8214,0xabc860a5,0x562df571,
-        0x815c38c4,0xbf2a90fa,0x17eda875,0x45ba1d6e,0x946fa5e1,0x799d881a,
-        0xb90f5a3b,0x6c1be784,0xb10ff52a,0x0910a37c,0xa4f4fd36,0xc38c1fe4,
-        0x8e2d3ba0,0xc3180fc5,0xb17a6187,0x3e2ff050,0x943a35c2,0x3a00059b,
-        0xa28cc51c,0x494d3645 },
-      { 0x4ba021f8,0x398426b6,0x796deb6c,0xd14c9083,0x7e36c762,0x6d2e5395,
-        0x751cf216,0x8f556eca,0x19b24a19,0xdaca1e00,0x4b20c2ae,0x47887da4,
-        0xff41a733,0x93ed4ccd,0x5c7c0cd7,0x8d717c44,0x91bf7009,0xcc48634a,
-        0x3b59bbaf,0xa1f146f9,0xe5624f15,0xdd38bb39,0x303f8443,0x96d41aad,
-        0x4bf104fc,0x6b670f03,0x29706582,0x0503f9ed,0xb34200f5,0x768e1f47,
-        0xbbd4c6f3,0x3cfdcc5e } },
-    /* 182 */
-    { { 0xb523e13d,0x536c2a86,0x2920d0a0,0x1014a458,0xe7571296,0x3d52b478,
-        0x7eb51bea,0x05746066,0x87b0e919,0x709f7861,0x686888e8,0x028aed88,
-        0xd94afcd4,0x79a809d7,0xe2129af3,0x50c6032f,0x983c4082,0x75e4be72,
-        0x7ab3be8e,0x98331bbb,0xb618c728,0xd31a032c,0x3f59c4a4,0x36dd85a1,
-        0xed4f61e2,0xdbece345,0x1e571715,0xba7aaccd,0x64a1ebd7,0x138c58da,
-        0x3d1aeea1,0x89296d0f },
-      { 0xcca82c97,0xb165288f,0x1427e8dc,0x26c6c12d,0x4c3edda9,0x66a94f07,
-        0xeaa01ebe,0x94600e1e,0x30f5e86d,0x14abce7c,0xcb456a31,0x741d7020,
-        0x279f42c2,0xab05aa13,0xd4238468,0x70b60faf,0x318d39e6,0xa18efec1,
-        0x8920b318,0xeb07f1ac,0xd8399e03,0x01e3cba8,0x3c81a301,0x65f8932e,
-        0xccc667d8,0xae8bca7d,0xa268607c,0xcee1ae79,0xcac0a12c,0x3182e64c,
-        0x2b1a4c54,0x9233a2f7 } },
-    /* 183 */
-    { { 0x0acbee17,0x717e8df6,0x5c24fcdc,0x0f0959c2,0xe54ffcb0,0x46f09887,
-        0xd285116b,0xb993deca,0xbba1fa51,0x0bfaa4f8,0xd0f2183e,0x9c9249ef,
-        0x96847779,0xf93cb358,0x2322d421,0x284bfb7f,0xd42af009,0x40cc709a,
-        0x9bb1d615,0xc69f2274,0x717c3c6a,0x76f50b3a,0xbb9c5eeb,0x8b21e985,
-        0xa4783b5f,0x58fb19ae,0x52e1c3e7,0x04c86b9b,0xf2971ac8,0xaca59092,
-        0x21ed8291,0x2bb26a69 },
-      { 0x15f81416,0x98a34435,0xaaff5bb4,0x086e72e7,0x0317261c,0x3d1f64de,
-        0x5c0a1cfe,0x31c0786c,0xb3683401,0x542ea4d8,0x1a39b4cd,0x2f77273a,
-        0xcbef27f1,0x14fe7ee1,0x16bb27dc,0xee7fc09e,0x410e5dc7,0xc0dccc17,
-        0x1943b3dd,0xa3466742,0x3f31c1b7,0x92934b60,0xc22c1070,0x0186ded9,
-        0x799f966b,0xa37ee8ba,0x249b0893,0x0f3bfcb4,0x2e92d4de,0xbae61447,
-        0xe196eb08,0x937cb3f8 } },
-    /* 184 */
-    { { 0x16fbfdce,0x57c0e77c,0xc98d4cc0,0xea034cc9,0x42572d20,0xe7606d72,
-        0x0019a83c,0x9861b55c,0xf1597162,0x80ba2803,0x05a0fd7b,0x0f4141dd,
-        0x4b0daaa2,0x8865913b,0xaa3848ec,0xe6685746,0x3e0485d2,0x16d15a5a,
-        0x3b6905dd,0x81c0c774,0x818af2ba,0xcec31b7d,0xd2b74b78,0x80d8f194,
-        0x543e2f28,0xca659db2,0x9fb07c1c,0x31b83a7d,0x1f1048c0,0x86537fdc,
-        0x78586a11,0x4d57bb07 },
-      { 0x53b396b6,0xbc4b768a,0x93b51dac,0xbc8b24c4,0xa30ae1b3,0x33e511eb,
-        0x945147c5,0x893bbd95,0x179fe3ce,0x6cc86031,0x3f920bd4,0x34b0a167,
-        0x6b256160,0xb32912eb,0x9d168d83,0xbc69a2a4,0xef0dd128,0xb4949e7a,
-        0x872699e1,0x2613419a,0xbf21376b,0x06c58477,0xa4f97147,0xe55b1909,
-        0x7b9b745f,0x63d6eb75,0x08df3c85,0xb5365b29,0x55fcfae3,0x0e257e43,
-        0x979f2aa8,0x1067c118 } },
-    /* 185 */
-    { { 0x32bf8883,0xc8455084,0x6fd06667,0x4755286a,0x77c2335d,0xd70b0f8f,
-        0x2f4a2c94,0x678e60da,0xd118acf5,0xa468d8ac,0xbf5b90d9,0xce93830b,
-        0xed4e9104,0xea4b1c74,0x27776ea4,0xac67316d,0x361bab12,0xb98ad75c,
-        0x99122451,0xc323d482,0x530a43ae,0x26440220,0x3292d5a5,0x3a44532e,
-        0x5fecf1bc,0xdb48694b,0xc667b8b8,0xe4e0516e,0xa4306ade,0xb3aa595f,
-        0xf34e9725,0x7e4f7091 },
-      { 0xb7f70919,0x3f3816e9,0x16b003f5,0x765216ed,0x778c99e5,0x46c6cff4,
-        0x30a51810,0xe6a5abe8,0x45e728db,0xef6f49e6,0xcaccefd6,0x6fdd73ea,
-        0x8c37f3f7,0xec394e6f,0xb6407fc3,0x73320802,0x96625cbd,0x988e8f7a,
-        0x7cabfb00,0x83292363,0x407f359a,0x258ba9df,0xccbfae50,0xff01aee5,
-        0xfe251813,0xfbeaeace,0x83f1cba1,0x9c69f161,0x9eadcdb5,0x512c58ad,
-        0x6ccce8bd,0x2ae49cd4 } },
-    /* 186 */
-    { { 0xc40849f2,0x1239b0e3,0xa441098c,0x5136a4cd,0xe547f649,0x61535a99,
-        0x7a9bbac6,0x92e4bdc4,0x53547af6,0x195a1646,0x8b47a74a,0x85ecb319,
-        0x9de6a2b2,0x278553fc,0x0e2ba52d,0x471c038a,0x35bcba93,0x12ba1b88,
-        0x6f31eca2,0xd4bf50da,0x802b32c6,0xd146e3f6,0x3c64c8c4,0x0c9c0131,
-        0xeed21297,0xad30f12d,0x9c68530f,0x9b75bffb,0x8918de51,0x23c0ad3e,
-        0xa73771b7,0x180e9d52 },
-      { 0x29ab77b0,0xc316542f,0xf7aee628,0xdd411d9c,0x353c2f40,0x044c0685,
-        0x4b0ae4cf,0x638dc7e4,0x95fc266f,0xa0924185,0xfd2feb7d,0x639da671,
-        0x5ea39798,0x56858ed5,0x58f3832a,0x7a694f31,0xd316d831,0xa94233c6,
-        0x30a35a7b,0x2fcacb26,0xf1ff713b,0xfef8f7dd,0x59eee2f3,0x8b9b4525,
-        0x156d064a,0xd1b4f91b,0x2f5cfcfc,0x177866c2,0x3777eb41,0x12bc2566,
-        0xd8ab85b4,0x21ca6f3c } },
-    /* 187 */
-    { { 0xa3e66635,0x0e162b13,0x2a9f76af,0x1ef20a2b,0x46db3356,0xab473a30,
-        0x7802bb8d,0x0840bd77,0xa699b44c,0x5b6baf5e,0x1b2207f1,0xc6e11900,
-        0x790b0105,0xe5de16a9,0xdb67f004,0x22b12f15,0x8a025d25,0x185fad45,
-        0xdf0a1142,0xbccf6953,0xf45034c0,0x4c42129b,0x1c277bff,0x0f740400,
-        0x280a9e18,0x6e440b4c,0x842aa2b4,0x767de8f5,0x05e8d94f,0x3de20ab8,
-        0x20227635,0x5aff5859 },
-      { 0xa8458e40,0x805acd20,0x149732bd,0x5a5557d8,0x5f1ca72d,0xc7074131,
-        0x952b5323,0x7f2e269c,0x6494fadf,0x5c592556,0x1a7d2666,0x153b7acd,
-        0x86fe2865,0xa6df063d,0x57d53b6b,0x1e91db13,0xe93ead01,0x9195bb89,
-        0x2963bfe6,0x3d71e1af,0x88278886,0xfab2b9c2,0x3b859b6f,0x77836692,
-        0xf7029dd1,0x6e695174,0x7b984561,0xc7987876,0x5907d849,0x64fb4f1d,
-        0x88d8a977,0x3eab7e1c } },
-    /* 188 */
-    { { 0x52e5718b,0xc73a94b6,0xf4cee1e9,0xe3aefa54,0x553eedea,0x654e9e63,
-        0x5f3aca1a,0xf2541e1b,0x0d083316,0xd7129489,0xfb7f950e,0x7965af63,
-        0xc74e3e4a,0xd8fc9e0d,0xeaf79ebc,0xb4ee48d2,0x8b7787e6,0xa458a86a,
-        0xf7cceaf0,0xd8c7621f,0xdf67980d,0x8228eeff,0xf9106727,0x210d4742,
-        0xb07e3629,0x91f63501,0x7971e29d,0x441761c6,0x03a3b8a5,0xc0ccc65f,
-        0x38e09544,0x3491da4f },
-      { 0xcb062eae,0x6706d046,0x5d08776d,0xee7db735,0x292315d2,0x80de8052,
-        0xc402bbdb,0x40785662,0x26ed3337,0x5f93525c,0x7d568ed3,0x6cea14d6,
-        0x66888b1e,0x916a1189,0x5dc71675,0x0fbd5205,0xe4575df2,0x833d1077,
-        0xec092335,0x4e93100a,0x6cd85389,0x2f9e1d01,0x43226368,0xeebd3725,
-        0x1ba4cfd7,0x401d172b,0x574c5838,0x377dab9d,0x80d517de,0xaeaa6958,
-        0x6ad15a18,0x0c843dfd } },
-    /* 189 */
-    { { 0xc9373300,0x455811ff,0x99fdc300,0x1c39332a,0x353cb655,0xe19bb81c,
-        0x96a83d27,0x774b924a,0xb2ee3f1a,0xcbfc8fcb,0x010d56c7,0xaf278ec4,
-        0xe0abaf79,0x6fde682f,0x7339aebf,0x7566d072,0x71205db6,0xbd35ad5d,
-        0x7051c9d0,0xb5bbe694,0xd3a3067c,0x577db480,0x572d7530,0x2c70ff54,
-        0xe06d853d,0xe8615aec,0x05abfb5d,0x71999ccb,0xea0a8ed7,0xeeefc96b,
-        0x35f6df69,0x2dcc469d },
-      { 0xc65f0e77,0xcca6cd06,0xbd71b14a,0xddcc7980,0x3c93cc00,0xb6221f8b,
-        0xae8cbf57,0xddfcd5b3,0x76f8e63f,0xbc92973f,0x06e132b7,0xe9848a34,
-        0xd51ec9e2,0x4cc59a03,0x3a33081a,0x9c9d32bb,0x80e8466b,0x00121052,
-        0x1bbe7295,0xc2b0032a,0x24938448,0xdbfc6572,0xb6bba0ff,0xe972a0ce,
-        0xc0a94802,0xf60c0a4f,0x599d8bc7,0xf62c41cc,0x312da0b8,0x820c96ee,
-        0xcdbdf9fc,0x5a1a65db } },
-    /* 190 */
-    { { 0x42485684,0xbfba691a,0x29c470c9,0x613116b9,0xe62a0519,0xb4b01971,
-        0x5ff499da,0xf3245aa6,0xa5238eff,0xc2ef87f4,0xcc9d5515,0xc16dc6ba,
-        0x2dbdacac,0x5a7f227e,0xa9bbaecb,0x8dedaac4,0x2e7c9885,0xff308a6d,
-        0xe6895593,0x4c6f2fc2,0x177e0611,0x3655f285,0x300b1bee,0xa63e8d06,
-        0x13c17b54,0xbed0ce79,0xc4974262,0xca4abe35,0xbc4e4037,0xf4b44a17,
-        0xefe5fbd9,0x5ae95099 },
-      { 0x804f7455,0x122e5ee7,0x22066682,0x341a4997,0x7795e333,0x97d24c31,
-        0xe48efced,0x12f4123c,0x19fbc21c,0xe8738d92,0x0663a3ae,0xbb3bdc61,
-        0x8593a6db,0x3603d8c2,0xe3c1ac75,0x926227f2,0x5eaae519,0xfea92ac0,
-        0xfd6812ac,0x5b596f0b,0xfc2a82dc,0x3ce7e844,0x63522b27,0x3840481a,
-        0x52867895,0x836088b1,0x26588688,0x21ffb7cc,0x2f4a7cac,0x0ca33161,
-        0xa3edd298,0x4110667e } },
-    /* 191 */
-    { { 0xc2d04b63,0x81830357,0xf4929a18,0x3fc5a34d,0x22d195df,0xc73bf6da,
-        0xcb432473,0x14df2f89,0xe997f138,0x345afe5c,0x8b9604f4,0xd8e3f5f9,
-        0x50c10ae5,0xad7942e9,0xeed25ff3,0xcefd5447,0x0e73c0cc,0xbf68e51e,
-        0xab54fa4c,0x5b1ad591,0x12b61c8c,0x8bbc1105,0xb5abf760,0xbb932913,
-        0x01e79649,0xdb1231be,0x040ccbe7,0xd0a83e91,0x90a96db9,0x3dde426f,
-        0x34df11ea,0x1cceb645 },
-      { 0x0c6d0f55,0x2d210c4f,0x9c673c9d,0x6cadf61b,0xa9ce3fbb,0xdd7f9919,
-        0x93b063e4,0x135f494c,0x145a93be,0x580bdb3c,0x0f52ef7c,0x4d872332,
-        0x8814bb6a,0x74d876e8,0xc7a97dee,0x4f6f723a,0x3e3cd833,0x7de2b8f0,
-        0xae720270,0x6162f082,0xddfa486e,0xe88ec2d4,0x8d3a17c6,0xd965c859,
-        0x3980171a,0x62e59e54,0xbbef6b22,0x0ab6285d,0x4d48b203,0x3cf45195,
-        0x4ea25ea3,0x1f175233 } },
-    /* 192 */
-    { { 0x3467ea91,0x808a765b,0xfd2d9c45,0x3f4632ee,0x9cf2bc6f,0x7b75dc6d,
-        0x359813ae,0xefc8d240,0xe44cbd8d,0x23ecb209,0x21525622,0x59ba10e3,
-        0x3f1ee19a,0xfa14d934,0xfb0c48f7,0xdf97c21b,0xea30d437,0xc4e62890,
-        0x651475c2,0xb286e2a4,0x126672a5,0x291f01e4,0x31aab3b8,0x9c6fda5c,
-        0xe17d22ec,0xb7277a5a,0x914f0bad,0xbd88ed83,0x6a2392e1,0xd0b05d1b,
-        0x65893c2b,0x4cb8af90 },
-      { 0xbb4b1953,0xa2b02057,0xf597f6ee,0x4ce08b44,0x5e6412c8,0x854f5d9b,
-        0xb3cd4919,0x1913262d,0x6e42bb5d,0x902762e4,0xd78e7f60,0x8355c8e6,
-        0x38b6c16c,0x8efaa824,0xe550f618,0xd0173790,0xe57d778e,0x118af462,
-        0x715b4714,0xa16ad5e8,0x41dea4f9,0x900596c3,0x280ca610,0x2a957c32,
-        0x374c65a1,0x2faee800,0x50080414,0xdb105127,0xff080fa1,0x8c1db931,
-        0xd79878fc,0x486a5c25 } },
-    /* 193 */
-    { { 0x941b4f36,0x0521e213,0xf803b4f9,0xbaacfb14,0x52a54ba8,0xfdf1e22e,
-        0x8fe4796c,0xacfabbba,0x58dbacb6,0xae0788db,0xc19dfa51,0xdf98d736,
-        0x35a716ee,0x155c286a,0x9c86461b,0xbe7d4676,0x63a64a5e,0x50b6380f,
-        0x9f609262,0x14b41914,0xa2dfc5b3,0x0919a7d0,0xcef466ac,0xc454da55,
-        0x6986aaec,0x93fa4a24,0x71a49ced,0x5090b171,0xc1fa75ad,0x602f1d6c,
-        0x78e4c054,0x5d269f89 },
-      { 0x14920419,0x3a74030c,0x90968739,0x0845d868,0xeeb70fa6,0x81b994c4,
-        0xd9fc5bcb,0xabcaa06d,0xf58f8f2d,0x06539427,0xb1dc52aa,0x35c85f67,
-        0x2c911baa,0x5a7d8d72,0xaec2d834,0x4041005c,0x7a8e5347,0xb5868a44,
-        0x8de512c3,0x04ee180b,0x211168eb,0x4daa66e5,0x2317cd8a,0xc0bd5dab,
-        0x61164df6,0xa1d4185d,0x1dbad7c9,0xacedca26,0x09b02683,0x0fe4b5ac,
-        0x26d9550f,0x8ac9995a } },
-    /* 194 */
-    { { 0x2640a39d,0xb2c8dc9b,0xede0c9f9,0x21ff0b38,0xa1ecba0a,0x74f469bd,
-        0x080d0417,0x8a902ccd,0xf4994604,0xe956fa32,0x9776ab15,0x348f85cf,
-        0x0066f492,0xc21fc6ee,0xfeeef367,0x35b1ebfe,0x4613e5ed,0x7804581c,
-        0xea6ba071,0xcbdfe8e6,0x950d73ed,0xddfcaa32,0x1da48889,0xc9747936,
-        0xdbaffbd1,0xce867c8c,0x1cbaeae7,0xd267431f,0x897912c8,0x68255045,
-        0xd7ea1e4d,0x0c7c1ddc },
-      { 0x1ce963a7,0x53aa30cc,0xc4c5fade,0x7352f64c,0x2828afbf,0x2b9aa2f8,
-        0xca212107,0x64273c56,0x85a576dc,0xaadd7654,0x90b5c77c,0x6196ac3e,
-        0xd1aaf39b,0x20d43e9f,0xcd05cbc4,0xfc392062,0x4c0ff2fd,0x14163872,
-        0x2ae821e6,0xcf32b8d8,0x3fa7a3f0,0x5f58f943,0xf644ca92,0xaebf1d2d,
-        0x1918a75f,0x0c061563,0x6b876118,0x7989b5ed,0xad412441,0xbf342445,
-        0x1df633ab,0x24ffc9ae } },
-    /* 195 */
-    { { 0x93c7cb2b,0x89fcdc05,0x590053fb,0xc1243b95,0x6182343c,0x601debcf,
-        0x66c18a63,0x364546ef,0xec913287,0xa5290701,0xf9788c31,0xc35b8026,
-        0x92d1f7d7,0x852b862a,0x0aa79728,0x1809cb05,0xa3cb2005,0x897d467c,
-        0x9ef5b946,0xf20c77c0,0xf2241984,0xc3372c42,0xf35bb206,0xda053e0d,
-        0xa9c140b5,0xbc26c6d0,0xcb56fb33,0x61cfcc0c,0x299b3968,0x1c3cf9ef,
-        0x40621ba4,0x89e4d3d1 },
-      { 0xa45a9be3,0xd35e80e7,0x07356fbd,0xc4daa578,0xb967bc2f,0x0186d62e,
-        0x47cd16e3,0xa702679e,0x5f30ce9b,0xca2f1c02,0x1f864f50,0xf1205b46,
-        0x85061d66,0x7fd6d797,0x8a08809e,0x47edc4f6,0x9a4d3ae2,0x5dac0449,
-        0x6d1f9da8,0xf844664a,0xd7a83a71,0x9f30ce84,0xeaac33f1,0xe9382bac,
-        0x948622ab,0x1f033831,0xf7681eb2,0xb037a4ba,0x99a1b5c7,0xd156a908,
-        0xe6f1d0fb,0x675d3e6f } },
-    /* 196 */
-    { { 0x707193e5,0xd9767ffd,0x810358e5,0xe478aa91,0x328d8ef7,0x5634f9ff,
-        0x6dbbd9a7,0x913a0ee8,0x7e215686,0x379b2968,0x89d9da38,0x903f410a,
-        0x1b1334d2,0xd9f8d7b9,0xbd82efb5,0x9fe74229,0x3803c778,0xdb568b62,
-        0xd3d25344,0x93e9a350,0x724497e8,0x559c35b0,0xa169e23b,0xc472d436,
-        0xcc5b4c69,0x09864632,0x83c7f531,0x9f6d759d,0x1e497888,0xa91cf1db,
-        0x60af1a4b,0x5f7f92fe },
-      { 0x0545167e,0xf18a1cc6,0xaffa88e0,0x55ee2e02,0x432a7bcf,0x24cdff51,
-        0xa7510866,0x7382da42,0x40511af7,0xe894c11f,0x2aaf1423,0xaa4e4e31,
-        0xf63dd2ae,0x8c3d36f0,0xd7660635,0xfc5c9550,0x37ea7eab,0x01253731,
-        0x39b950f6,0x2a5cd598,0x40e63442,0x95a0f601,0xf2ac7045,0x905e238e,
-        0x446b0f73,0x44bacc0e,0xc448578a,0x4cd4206e,0xa5bd7803,0x367b1aaa,
-        0x0a2b458d,0x25beced9 } },
-    /* 197 */
-    { { 0x0c33a8fb,0x079a7382,0x0f25dc1d,0xcfbf6cd1,0xc6d482b6,0x4ffc73f8,
-        0x07bf844a,0x3e51f18c,0x599162f0,0xa7651236,0x14013811,0xac59a74e,
-        0xe55018a0,0x957a6865,0xe3ca09b1,0xe1ec51bd,0xa960253f,0xbc0c7eb3,
-        0x7de03f84,0xe83bfd14,0x52fbdb09,0xc0540ed1,0xcea15ec1,0x6ba52edd,
-        0x4b261307,0xf3d30ed5,0xe8397206,0x9bd7bae8,0x096373aa,0xf20d8692,
-        0xc3b0bf63,0x0a616a4b },
-      { 0x6e1339c9,0x2075f3ed,0xbf8b00a6,0x7afaa072,0xbccd9b47,0xdfafec82,
-        0x00ca54c7,0x4713158f,0x38bc31ae,0x449102f1,0x310dfc8a,0xaf98f158,
-        0x59e954d4,0xc9ef2075,0xc527a0c4,0xe8021af9,0x7a192023,0x6e801277,
-        0x7fb02377,0x635f538c,0xe8c9e951,0x5df1974f,0x15cc9097,0x0287faed,
-        0xf7a5115c,0xfa0728f0,0x0fac623d,0x90dbfbe6,0x0311ba09,0xa8d40fd4,
-        0x07c6464c,0x876d154e } },
-    /* 198 */
-    { { 0xc2d3ea8a,0xd3a4d6d2,0xa842600e,0x36be681b,0xe4070672,0xc53f100d,
-        0x6a7d7a7b,0xe3e5b6fe,0x5d5e1a83,0x6e6994f9,0x76097c2a,0x07cacd22,
-        0xa6791011,0x12d98dba,0x102e0e24,0xddfc4461,0xd493272a,0x4815dbc2,
-        0xa9436696,0x7e38e64b,0x32b2bf90,0x4960eb1a,0xd928e28b,0xda457525,
-        0x2a077c9e,0x72f75b39,0x7fd61d00,0x27760cbb,0x0f4b1456,0xaf235d1b,
-        0xe76d1700,0x3040c23b },
-      { 0x4efa9a70,0xb10dc55b,0x53e86610,0xd4de414f,0x09f8a27f,0x3d95c113,
-        0x06661d3c,0x505109a5,0x60eb513e,0xcaa2994a,0x1e7d338b,0x3ee41537,
-        0x4651e71f,0x4fd145fc,0xcbc313b4,0x51bbf838,0x1eb92150,0xb039e078,
-        0x14bf5ac7,0xe8696b44,0x8be0d48c,0x2d667188,0xdd8f2b6f,0xbe93b2f5,
-        0xeb8a7f8a,0xc1dfd1e7,0x90f751c5,0x862b3dd9,0xa32a74be,0x1eb1ad58,
-        0x1ebbc9a2,0x5486d79a } },
-    /* 199 */
-    { { 0xa1359e13,0xcb2e34ff,0x28196051,0x202d8dbf,0x23564b5e,0xe95e023d,
-        0x42f6ac12,0xfb1340b6,0xb653725d,0x543ba852,0x8d2466ad,0x81aedcd6,
-        0x547c728b,0xbf780224,0x9569fb65,0x559f8a11,0xdfb22ec9,0x505b7a62,
-        0x9eed5e52,0x07107540,0x299f6f11,0x9c899288,0x3db6f8c7,0xa7d69261,
-        0xb3ca79a9,0x30eb7fb3,0xfb2160b0,0xcab99bb8,0xd28b409a,0xd2012568,
-        0x5ac45f8b,0x380f1b0f },
-      { 0xe6a0068f,0xc0b99e6b,0xc8a73753,0x4b67cf2a,0xb2faeb7c,0xa6c9a548,
-        0x340260c3,0x7f417f99,0xcc0f739e,0x8ee56855,0x780949da,0xf08b510f,
-        0x8d5c6eff,0xb1770fc2,0xfd96a7bb,0xb4f5abee,0xf2665a2a,0xa07b1136,
-        0xb601dcf9,0x2fb380a4,0x162becc6,0xcc803614,0xee6b83b3,0x3498fb96,
-        0xa8c17eeb,0xea9b0fd6,0xa177efc2,0x5834b5ba,0x5b110b3e,0x929044f5,
-        0xebd7285e,0x4abedded } },
-    /* 200 */
-    { { 0x700ef376,0x3355e1b9,0x66cdabff,0xd56e5d9a,0x47e87646,0xb3dc2575,
-        0x00f79369,0x28f44b8a,0xa0c52e29,0x08c32b1e,0x3729b392,0x5a78de12,
-        0xb26d239d,0x4184519a,0xe0ce4a6b,0x23f6b4b7,0xacb2a9f9,0x235f6f8a,
-        0xe2064a59,0xbb8bc454,0x1bf3062e,0x37efd034,0x94dff6f9,0x6bac683b,
-        0x8aa7fa06,0xc3364b1e,0xce0b3745,0x0616772a,0xd1e3fb0f,0x46f08d08,
-        0x18e132d3,0x6a20abb3 },
-      { 0x6a85cbc7,0xea831016,0x934f9aa7,0xd0990946,0xe778f1b3,0xc2211088,
-        0x2247b799,0x7ea4ff8f,0x454484ce,0xb3171d71,0x4f98c364,0x29403949,
-        0x97df1458,0x5da911f3,0x09439116,0xa6b58093,0x174238bc,0x75f9509a,
-        0x8209758d,0xfeb51821,0xa47925d0,0xae0c6021,0xaf8a315e,0x0e946694,
-        0x6bad04b7,0xae7af8a3,0xf072447d,0x44c15e7f,0xa5456ffe,0x5184668a,
-        0xbf36b977,0x45e353a7 } },
-    /* 201 */
-    { { 0x93092f71,0x76056764,0xf5b92d71,0xeb66b6c2,0xe2c8b6c5,0x9db3149b,
-        0x20c0363e,0xf62f583a,0x03cd7097,0x688acd33,0xebb916ac,0x85d0c0f8,
-        0x84c19b0e,0x1bf7462c,0x7c4a6ad1,0xc76ed5f9,0xd119f369,0xec8b88ba,
-        0xebe50b83,0x59b8371b,0x866706a6,0x0cc69508,0xf8373d2c,0x531c75a3,
-        0x2a5a02fb,0x4e1cd3a3,0xda39a1d0,0xe8274778,0x75da333e,0xedfc5bbb,
-        0xca79bd36,0x15941f24 },
-      { 0xa77dd512,0x42e8c0f8,0x1dc365f6,0xa91b59a7,0x08753862,0xe80d14cd,
-        0xd272faca,0x1624230d,0x4027cb5a,0xeea3ec16,0xc1ef9f03,0xc1700b59,
-        0x0da3148d,0xd411c127,0xc4181af1,0x801ee448,0x9e3a900b,0xedf28559,
-        0x0d09affd,0x5d67b0bd,0x8b370024,0xd839df96,0xe6f836b8,0x3b6307e0,
-        0xbd3201c9,0x5382e588,0x7a1d02bb,0x636d8a6b,0x968641e9,0x70b7db76,
-        0x118fad03,0x6d17c34a } },
-    /* 202 */
-    { { 0xc181c99b,0xcf608841,0xc87bdcaf,0xb65dc901,0x3720dabe,0xb460b447,
-        0x5377515b,0x4c79c396,0x0a96c277,0xd447f22e,0x2ac0f440,0x0d952130,
-        0xc90583ad,0x8330b26b,0x928904a0,0xe25e977a,0x85c50b18,0x1deaffd9,
-        0xa5ad5f6a,0xcf4dbcb7,0xc8a37ed5,0xcbcd0019,0x1e9850b6,0x7846dd90,
-        0xb0b8e605,0x1ac8194a,0x34132f90,0xb9728571,0xf56ee28b,0x4ce9f149,
-        0x3e9e1d4e,0x1ab9b5a4 },
-      { 0x314fa7a3,0x206dab92,0x478ff963,0xcc4af0f0,0x904d9fdb,0x4cce1713,
-        0x12c045fe,0xac20a2eb,0xfd8f6d7d,0x44fc5478,0xca7b6ffa,0x886e72c5,
-        0x6fd6f758,0x7fa4529b,0x92a820d5,0x4df1d1b1,0x2789f149,0x3d812f9f,
-        0xaabb53d2,0x9842f083,0x2a03ab32,0x2648539b,0xb1512502,0x631ce090,
-        0x731f6bd5,0xe1294d15,0x9436e634,0xb229361d,0x3ca966af,0x8c4281c4,
-        0xc21ab3ed,0x24b34956 } },
-    /* 203 */
-    { { 0x659824e2,0x49bdcb86,0x4e13e74c,0x6dc4ce48,0x6bbe1eea,0xa4c01a26,
-        0x1e3ec457,0x47b2b8e7,0x2f5a8e4b,0x7e8b15e0,0xe333530d,0xe81eb6e6,
-        0x17a45202,0xacba369e,0xd70e4c9f,0x81241431,0x3e12beb8,0xc190af4b,
-        0x11f486fd,0x53270523,0x29fb2bce,0x9f6c41e1,0xb70f6c08,0xbe6287eb,
-        0x3feb4477,0x1479850a,0x9bcf18bb,0xfcfdfb11,0xda80d040,0x925c292f,
-        0x7e3c5bf9,0x212d65e5 },
-      { 0xca15cf08,0x23adb386,0x81e172eb,0x4dfa4ac4,0x4d42d0c0,0x9d1dbf93,
-        0x74404dc7,0xd9cf6073,0xe932bfcd,0x60508441,0x1c682a98,0x9ae910ca,
-        0x41ac1cc0,0x9528fc18,0xdbbed630,0xe6a120ae,0x30ccf250,0x94e0e1ec,
-        0xe58bbf2f,0xfe84ba54,0x9faa4415,0xc66d0b4f,0xecee7ce5,0x0c58f1e7,
-        0x6fa6873a,0x7a1d43eb,0x399f1348,0x96c6c5a0,0xe6727ab7,0xe6ef9aaa,
-        0x9a5c2447,0x66afa554 } },
-    /* 204 */
-    { { 0xc980e91d,0xda5aaba8,0x6ac98efa,0xa93cf509,0x8da32662,0xb0990e0a,
-        0x0081453e,0x01d21530,0x3d71de84,0x2bb0d33e,0x3e19a012,0x465f6d80,
-        0x78a838e7,0x5902ff4c,0x1931348c,0x74e2afb7,0x9cfb057b,0xa4932757,
-        0x3ad03f8f,0x761ea642,0x58ffa40a,0xb7d4c245,0x77a87e30,0xb5e9c0d9,
-        0xc9c84d26,0xd1c5edba,0x3d1963a0,0xeca8839a,0xebf6bf0d,0xbc6f2f35,
-        0x0d58abdf,0x01ef0631 },
-      { 0x3ecdcbb0,0x2bf90316,0x27c1c955,0x19e2d728,0x9575c930,0x9e527030,
-        0x96983930,0x0dc1c5a9,0x7cd082df,0xef9f80ff,0xdf97e051,0xcd915075,
-        0x9cc61b55,0xf286fffe,0x80f24cc4,0x352db38f,0x36523ae3,0xed9b99ec,
-        0x10b104a9,0x109a8ca8,0x305203ad,0xc2700fe7,0x769400f5,0x2a2ee24e,
-        0xee0c452c,0xd595d399,0xf7f02a41,0x0ab75d6a,0x0db730b7,0x34108099,
-        0x5e8d1202,0x0e4f5ffd } },
-    /* 205 */
-    { { 0x0ff14c38,0xbd1c6444,0xaece11f2,0x9a5b59fa,0x22af6330,0xaa4605a7,
-        0x82af24ee,0xddc9f65a,0xeb9a1159,0xf4ee4bfe,0x74e84eaf,0x2463d076,
-        0x0e0baace,0x88cbe1e0,0xd5fabdcb,0x7ca568ea,0xc57eb99d,0xbd80d524,
-        0xe9be9873,0x9c46572c,0x7300b85e,0x918a1dcd,0x40f54176,0x49221312,
-        0xb5b14236,0xf7e324ff,0x2434f16a,0x40dda501,0xa133d97c,0x08833421,
-        0x0876f020,0x33d41161 },
-      { 0x9878e5ec,0x7531a36b,0x46918232,0x5de3e321,0xd0a30464,0xd15f9a33,
-        0xaa173659,0x734c1b87,0xf925d4fe,0xac2094a2,0xc262b0f4,0x43c965a1,
-        0x447d5cbc,0x759c903e,0x05239300,0x92af215e,0x1f593f34,0xfffb6d5f,
-        0xc3cddb5f,0x65943b4b,0xbfdd5408,0x9d03a29c,0x198d76c0,0x8f7cda6b,
-        0xc0f27b59,0xc0790a22,0x8cb58ccf,0xba557a84,0x76c54fdc,0x5922052d,
-        0x47b6b466,0x2d3de7aa } },
-    /* 206 */
-    { { 0x65add3b7,0xaade7462,0xabf24c2a,0xe5888f35,0xe1a57d93,0xd41549ca,
-        0x2c76f7bf,0x0e22e18e,0xbe3202b3,0x67f288ea,0x1d1d0f0a,0xb79a66ba,
-        0x2881ad18,0x0e0ab749,0xc7adb0e9,0x7d424086,0x2842132f,0x870c32c5,
-        0x58f9a09e,0x858477f1,0xec025589,0x422a9372,0xa5098777,0xbe428c5c,
-        0x57660058,0x45b79564,0x957f37cf,0x6c7fc631,0xd6316289,0x8b7023dd,
-        0x5b1c12a6,0x47003bb6 },
-      { 0xc91c1c96,0xd99401c1,0x27a12970,0xaa5dcdf9,0xc3c29107,0x3ab92e17,
-        0xa3fe4710,0x26fce8f7,0x4ee998ee,0xb0d09d5e,0x8e3a41f8,0xafa62204,
-        0xa26ca506,0xb1c012a5,0x99b57252,0x2c6f734c,0x512f7fe1,0x1093d79f,
-        0xacee19a6,0x2f30906e,0x056d1ea6,0x6bff8381,0xeff35f21,0x61c75856,
-        0xc1ad2224,0x6e07e978,0x6b20fde8,0x2cca6ca1,0x633fe81b,0xab4d6d2d,
-        0xb06a2ce6,0x73dff504 } },
-    /* 207 */
-    { { 0xd8e20fb8,0x8b615805,0x82b533f0,0x7c6873e4,0x56a854ca,0x5205f001,
-        0xcb369211,0x87fec6ac,0xc7f092b7,0x1fa3c0ec,0xe845fe4c,0x5b36647e,
-        0xf8b1f112,0xd4781e85,0x8b0f1a6f,0xc6526839,0xdcb8eb92,0xceeb8c6c,
-        0x8e5f6d52,0x133f0ead,0xc8d934dc,0x31883e23,0x428ac45a,0x214ed5bd,
-        0xdbbfca85,0xf77ca492,0x07e5ae13,0xdf4113fe,0x72ab05fb,0x63e4a0d2,
-        0x7148f535,0x7544d0b7 },
-      { 0x80797ace,0x4fe8d134,0xaf86d97e,0x216d6aa0,0xef5a68fc,0xdbf0a688,
-        0x9f9b2684,0x18b26f45,0x8999d2fc,0x52fefcfa,0x62423955,0xd5af8d82,
-        0xf63a3780,0x8f123469,0xdcd4feaf,0x2933454f,0xa73b5d09,0xba8018b7,
-        0xe5552c18,0x9af1f276,0xff26bb1c,0xc5d4773d,0x06dd4f44,0x9ef49410,
-        0x5f39ba49,0xad8f12f9,0xf66ca4f2,0x5767f6dc,0x7922f59a,0xba8773f1,
-        0xc1e42d49,0x220081ea } },
-    /* 208 */
-    { { 0xba37a0ba,0x3043d573,0xdd176df6,0x05a431bc,0xc42070f7,0x03322cfc,
-        0x67c2d109,0x5cabd30e,0xcbf8bcfa,0x362c95de,0x7787b10b,0xd767d277,
-        0x6ec05e64,0x612c915e,0xce69c30e,0x9e669631,0x682e2635,0x27c9dd8f,
-        0x95ffcc38,0x79021f12,0x8a2adca2,0x06a8ee79,0x4b5d500a,0x8e00e784,
-        0x8d80d6c5,0x87746fc7,0x915f10cc,0x246053be,0x219f6fd8,0x844e328b,
-        0x11bd3733,0x620541ac },
-      { 0x509e5a29,0x0f7fd382,0xb432531e,0x8748d7d0,0xcd3883b9,0x8f749354,
-        0x8bfbb17a,0xc6b8ac74,0x05f2d2c5,0xa4616a66,0x1bcb1b83,0xb3d96625,
-        0x2fee265a,0xcf753104,0xdb225058,0xc70d73fb,0xf0c2d556,0x1211d434,
-        0x54b259b3,0x862061d8,0xc42b3f7d,0xffe4606d,0xe86a4949,0x4c5c8585,
-        0x160eedac,0x04ddcc8b,0x568e2420,0x1804ce67,0x42141656,0x91f3855a,
-        0xf932be97,0x7f378198 } },
-    /* 209 */
-    { { 0xdfa6639a,0x9a374bda,0x02ab7391,0x0cbd48d4,0x47031e2d,0x5c5ef236,
-        0xd0599d1f,0xb49ee2bc,0xe0d38443,0xd285eb60,0x269392e8,0xdbbea92f,
-        0xb8bc538f,0x91455fbf,0xe469b768,0xae259ff1,0x41de5682,0xc1cecb1f,
-        0x9952d1ae,0xc876f071,0xe7bf7446,0x1ce25181,0x282ad2f1,0xcb93ad86,
-        0x6ba4ef67,0x8fa3cd31,0xe507aa3e,0xfce68a04,0xa61bb608,0xced74170,
-        0xf6ac10d0,0x6de716b3 },
-      { 0x172d6dc5,0xd4e58d04,0x6397c65c,0xbed2cde6,0x0c9eb4e8,0x7ae77e18,
-        0x75fa2edb,0x56275468,0xa91e6738,0x4b30324e,0x235c8b2e,0x6023a856,
-        0xa8f92887,0x9df6d6c2,0xf6f5e8b5,0xec2c185f,0x3ad5748a,0x7892e12b,
-        0xd54aefbc,0x7aebb4f2,0xee868821,0x14915448,0xb1d9bd5b,0xa26c5f71,
-        0x2ff00df7,0xe5ccd166,0xb95b1dee,0xebc99f17,0x3fe1f774,0x90983616,
-        0xbb3d25b0,0x51f90830 } },
-    /* 210 */
-    { { 0xf2922461,0x49376fa1,0x1650d0d1,0xdbb1b1c3,0x0dd8608d,0x92b91c33,
-        0x36b89906,0x3e612c4b,0xdf560052,0xe1977b0b,0x636a2545,0xf8afff70,
-        0x11723d8e,0xcda7d278,0x81bde7ba,0x0b0bc4bb,0xed2a578e,0x3cb080b2,
-        0x171b2e02,0x5bda0d0d,0x941bb9ae,0xf6df38cf,0xc14a65c5,0x85dd81db,
-        0xc19dd98e,0x7f98c82d,0x52206f93,0xc613747f,0x5f5bbe78,0x9e13a2c2,
-        0x0aa34be7,0x5eed218e },
-      { 0x01d4dc0b,0xe1565754,0xf566bb07,0xa1ae5f27,0xb82225d5,0xe985ebeb,
-        0x1189ec6b,0x5f3ad21c,0xecce4d9d,0x17da518c,0xd6b65b59,0xc84a2d3e,
-        0x8ffa771c,0x7f988175,0x2ac69a7a,0x50d6ae12,0xc6e6846d,0xcb7f30b1,
-        0x5bd0bb13,0x8c023a60,0xd73f2407,0x9a10fecd,0xe5f0a996,0x8c5158cc,
-        0xbd8f5806,0xd26bf615,0x915a46e1,0xaf32ea87,0x0287d308,0xeaf74e81,
-        0xa6264254,0x8c14ba06 } },
-    /* 211 */
-    { { 0xb17ee201,0x0c877895,0x88e57a77,0xc05aa471,0x97822456,0x19c3e763,
-        0xc9c3ba1d,0x0be6f8c0,0xb4389ebe,0xfe85f4ff,0x0ce7fbb6,0x538bccce,
-        0x65266c64,0x876eab2a,0xcf9a3842,0x5c9ac690,0xccc8f981,0x9f5cf3b1,
-        0x9cf687de,0xfa17be6a,0x83835c15,0xfcfc10fc,0x150ef2eb,0x086b0fdb,
-        0x884a52e6,0x9f97ecd9,0xb0cd1eb8,0x416e6fa2,0x3ecc03ba,0xe2bd1599,
-        0xeabb165e,0x645c0a5d },
-      { 0x50aa7e31,0xd94c4205,0x2f851da5,0xaec8df0c,0x3c726e6a,0x99646909,
-        0x2619bf9a,0x72dbdc36,0xe253fbd5,0x1b4260e0,0x8c709e06,0x97c259fb,
-        0xcddaec5b,0xfabf7cbb,0xe4b703e9,0xb4d5e8b1,0x0734efdd,0x1b06e56e,
-        0x1f55f8a5,0x02d4a4f9,0x3f565c8d,0x7f8608ba,0x816d1d94,0x822f47d2,
-        0x5ce7b136,0x0cc36156,0x31d04242,0xe46ee5ef,0x683567f6,0xb2a65f70,
-        0xd2fa6c91,0x27e9ff40 } },
-    /* 212 */
-    { { 0xd7e952e7,0x75251893,0xc735bf18,0x15b30583,0x96fe0491,0x732b5992,
-        0x806d2fca,0x27451858,0x1b885ed9,0x71ab76a0,0x6d9f55ec,0xbdce9d97,
-        0x48f2ba9c,0x3da60b20,0x592b132b,0x6977c086,0x099051d7,0xb6dca9cb,
-        0xd188ae25,0xd9c2ab23,0xe20aaf3d,0x9f469f3f,0x5aad74d0,0xdbd1f7cf,
-        0x22a9eb3b,0x3d5efe5c,0x137010c4,0x8c5edfa2,0x57870260,0xada2217b,
-        0x3dac9776,0x4feee567 },
-      { 0xb5d3d780,0x30e18d52,0x07166744,0x4dadb5d3,0x5a742156,0x320d386e,
-        0x8d6bbb86,0x5d8c290e,0x2d263dd1,0x981a4323,0x98984636,0x33d0e7ca,
-        0xa519acb1,0x5138784d,0xdddc81ff,0x832e3fab,0x3199a43a,0xfc278594,
-        0x32743163,0x5b4cabcf,0x74f94fa7,0x9fa010bd,0x5694a627,0xc28a743d,
-        0xcb657a24,0xc1d2a888,0xe86a25ea,0x7eef2503,0x04c561ff,0xed11a5d3,
-        0x9c9ede0e,0x4fe818e7 } },
-    /* 213 */
-    { { 0x7fc1c7ff,0x00252c9d,0x9fa89ad1,0xa9bd419d,0x4064e9cc,0xc93a124a,
-        0x43942ecc,0x384cbcb8,0x8749695b,0x004c21fd,0x421165bf,0x69c81d9f,
-        0xdde01102,0xe2325628,0x5a9b004d,0xec937457,0xf6dcfc21,0xfb3346bf,
-        0x4d372c7d,0xac4da64b,0xf20494e2,0xcecb7ad3,0xe867c150,0x562c41b5,
-        0xc2b723d8,0x299395ce,0x7ee53231,0xc91adfc5,0xf10b6597,0xe06f1161,
-        0xb74d3ffc,0x81915529 },
-      { 0x6ed9d4ee,0x8ec12431,0x689aff01,0x3dffa154,0x2a89a3f4,0x4aba349f,
-        0xd467efb2,0x2db1e8e2,0x039102e2,0x18dea354,0xe52f082b,0x422ab853,
-        0xed36dd47,0x7130a2c1,0x0295d1ee,0xca60e86d,0x7c7f5ad3,0xe6ac6808,
-        0xde864658,0x0f83cecf,0x461d1265,0x72e66c21,0xbd385099,0xfeef4150,
-        0xa6632289,0x0f183f3a,0x792dc795,0x275454be,0x11367702,0x2744c11b,
-        0xe8ea6ef3,0x7d06bcc7 } },
-    /* 214 */
-    { { 0x7090212f,0x89285942,0x5521e844,0x691b7d4c,0xbe2dbb92,0x4c038422,
-        0xbd81f880,0x317721ed,0xac89bc36,0xc136cbee,0x7b8f004d,0x4f71b60b,
-        0x4e218ab8,0x269132d0,0xe6cc814d,0xb0e2496e,0x75fadc15,0x0b2ce317,
-        0x66d223c5,0x82e3c084,0x4c612f8b,0x9721caa6,0xa4b65355,0x59a751eb,
-        0xc7d3d9d1,0x3433aad5,0xe80d4246,0x1e61b9d2,0xfc673caa,0x149f655f,
-        0xd0f9cb92,0x48b52b99 },
-      { 0xefdc05be,0xa3915399,0x13e095e9,0xde70db18,0xcddb3fda,0x447862e9,
-        0x1a009451,0xa2b03162,0x23920ea3,0x4b27980c,0xa23b8feb,0xac5394f1,
-        0x3e5616d4,0x163f7256,0xb714219a,0xaa0ff93f,0x93d62474,0xd26f96d2,
-        0x7dcfe276,0xdd212ea8,0x47038d15,0xab27bf2f,0xf418168e,0xe58c8325,
-        0xb32a989a,0xe3704222,0xbfc9f13b,0xa3694390,0x0d0684ad,0xf16e2606,
-        0x9d8c76ec,0x17c0de87 } },
-    /* 215 */
-    { { 0xdcc01958,0xbca5f453,0x1ce88393,0x7d945954,0x561f5b6d,0x5e6350a1,
-        0x7e2d36bc,0x291c3c86,0xa5ac3a6c,0xf6c7ed84,0xd98006cd,0x7913c40b,
-        0x5671ec3b,0xf78bb087,0xb43e89a9,0x1c928f6e,0xae1ea1ed,0xfdf28df3,
-        0xb924b2b5,0x62bba5b1,0x1a116e05,0x491d2705,0x167ed3e3,0x08ec02b7,
-        0x5bc0b046,0xe291cf7b,0x8c5d7f59,0x30e50169,0xf5c799b7,0x0c7c350d,
-        0x0ac6e1d7,0x6862b9e2 },
-      { 0x9ffa1f64,0x56c6f4e7,0xa1e24349,0xfed6a91a,0xcdb75232,0xe9a0ee0c,
-        0x0322d607,0xbfc90b37,0x462fef87,0x29480ad2,0xc2bfcf34,0xfc214969,
-        0xa539e38f,0x6e5211e0,0x12a5149c,0x2a59ec26,0xd706b532,0x195fe212,
-        0xe99c8429,0xf77fb108,0x5dc80482,0x74ceaea3,0xbd92d298,0xa5a6030b,
-        0xaaea15ee,0xad42dca5,0x4987109c,0xd6ac3bc7,0x290af649,0xc64e1c40,
-        0x51f8de6c,0x5093fa2d } },
-    /* 216 */
-    { { 0x4c2d553b,0xc4cf3280,0x3b966c29,0xdc1abe22,0x2296914a,0x556a549c,
-        0x999976c9,0xd8c9f8b5,0x776e83f3,0xc22c57bd,0x7c85ec57,0x4f2942ab,
-        0x6e2c61f5,0xef3407e5,0xf213db48,0xf005e8ca,0xf32698c7,0x470c853d,
-        0xcac0a54b,0xe6f488d7,0x60b7501e,0xb6bd6bed,0x714a4bd9,0xf0103106,
-        0x6e098894,0x5285bc3b,0xf5f92a00,0xec06741a,0xef7ef24a,0x32f16426,
-        0x6c77a438,0x12f9c44d },
-      { 0x83313a1c,0x1951e964,0x33c58b37,0x98edd3da,0xc7ac4044,0x4edbbf52,
-        0x0dcb5ee8,0x866ca6f7,0x6dd422f8,0xec0ae8f5,0x0661ec2e,0x1077bc54,
-        0xd422523c,0x6d39913a,0x58e7cb3e,0xd105e1e8,0xc979bb45,0x47c9397f,
-        0x0997b592,0x3221d4a9,0xe8952fe7,0x0ef628a3,0x4e946241,0xd08d5827,
-        0x59780f40,0x64cbed0f,0x08e110ec,0x13d7c227,0x7679b1a3,0xd186d866,
-        0x26ae1d18,0x02f75e4e } },
-    /* 217 */
-    { { 0x47f307d7,0x1b637ebf,0xd0141477,0x6b644a6a,0x2e05a80c,0x82a33d65,
-        0xfed07b31,0xc8f1a0f3,0x3696e597,0xc09ee7f9,0xc7ffc01e,0xcdaa7ec3,
-        0xf8f373b9,0x549f88fe,0xc3bb8989,0xc88d1961,0xdfcaa7b7,0xd92a4fe9,
-        0x3ae4ab20,0x12ff9ee2,0xf5ecb1a5,0xf5aea641,0xe32fb47d,0xe769237f,
-        0x25d085c0,0x96a5c420,0x26c755a2,0xdc912558,0x9bce9723,0x580b985f,
-        0x63961941,0x72b1b566 },
-      { 0x790e5558,0x9d708a08,0x0689af80,0x98536041,0x42313b5f,0xe85e7b8a,
-        0x55a49d1a,0xe6ba1292,0xac371b0b,0x5e76c4b0,0x938e6e19,0x58504f39,
-        0x60ae9a21,0x8dd41422,0x968485ce,0xd8b04e9b,0x887efe43,0xf94c4ba5,
-        0xf11c5e73,0x11268e67,0xcf6b99c4,0x92623e28,0x7a0a9662,0xf2d0aaa8,
-        0x4ca02ed3,0xb266772a,0x2d63b551,0x68ee8e4e,0x2e78b5b5,0xcdebb299,
-        0xe17225ad,0x5df19216 } },
-    /* 218 */
-    { { 0x8df2e7e3,0x20027e1e,0xd8da07de,0xb183cc68,0x4b4ae694,0xce35ba69,
-        0x3ca62e88,0x896d97df,0x52efed2c,0x3de4713b,0x26bd084f,0xd006c40e,
-        0xfc81923b,0x1e9b71bb,0x1aacc6b0,0x9991c7b6,0x8f656840,0x650c9364,
-        0x87f47524,0x138561d1,0xbffd3ca2,0x610f2b11,0xfa191418,0x96915faf,
-        0x955e5309,0x8f1236de,0xa1872d79,0x613cbeea,0x66a2a48b,0x7f7b44ea,
-        0xe0a89c32,0x452265c2 },
-      { 0x25430010,0x4ad5ec79,0xebd090c0,0xcac786ff,0x20a9d3f5,0xa5f9f4ff,
-        0xa3edc65f,0xfcbf4112,0x0cf3eb11,0x8824839c,0x8aa5b700,0xb8dd6d4e,
-        0xb7568ab8,0xe2271dfd,0xb744560e,0xe43ec373,0x1cf75296,0x78eaf926,
-        0x3fa96d9b,0x1809ae0e,0xdc25dfd5,0x0b312d2d,0x6bab7711,0x6b8f78b4,
-        0xb5ecf1e4,0x069efc8d,0x609fecaa,0xc1952bae,0x5f4dbde1,0x43e302ed,
-        0x1e078555,0x14b02bf9 } },
-    /* 219 */
-    { { 0xb87e5b57,0x2c71c768,0xf531a557,0x0bcc78f7,0xf7597dc8,0x4ff93f8b,
-        0x139e175f,0xb28e026d,0xcb94ca6c,0x6b83b727,0x0079f7fc,0x2eafe3b2,
-        0xcf3bd170,0x2aca54de,0x6af0dc6c,0x17c4133c,0xccf5e35e,0xbea1e665,
-        0x345505c6,0xa6691a48,0xe6100b89,0x2633abd0,0xc17d0388,0x966c6706,
-        0x1a0cf90c,0x7aefffbe,0xd0add64c,0x4d847be7,0xaea2aa46,0xd49bcdfb,
-        0x2cc7d0a5,0x85e07e74 },
-      { 0x0bc25bca,0x23aae0a6,0xe44f64ec,0x6e8e55f1,0xb607b773,0xe1e696d8,
-        0xd3005909,0xaa90a746,0x2cbc4990,0x072b1ccd,0xc68e2f5d,0x0d0fe6c6,
-        0x53e28ec9,0x920ec5f0,0xf0040cc1,0x79b21fb4,0xfcc4a2c7,0xa7375bd3,
-        0xe1bac7dd,0xf5f5def9,0x35c0f8d3,0xdc315d79,0x2cacd318,0x7117c170,
-        0xe926f71c,0x6f2823c4,0xed02f39a,0x38db58bb,0x7db69323,0xe5b49231,
-        0x8d49f430,0x0964039f } },
-    /* 220 */
-    { { 0x56999eba,0x21774f16,0xb1de6305,0x3d8ee287,0xde0b2669,0xd81af726,
-        0x3f8942a1,0x37446939,0xea03e13c,0xbcf6b615,0x94e273cf,0xd30c0c35,
-        0xc6725c56,0x4fd33a56,0xa8be97a2,0xa57534ad,0x7c22a251,0x799242a6,
-        0x9d0c5c49,0x4e51bdb5,0xc6a42768,0xd7cd76cc,0xd426bf59,0x914097ac,
-        0x66e9beb2,0x59404a2c,0x5c96e3e9,0x4738fe98,0xaad666d0,0xbcbb3e0e,
-        0x63bc5e56,0x626b0fd2 },
-      { 0xe1a1ec42,0x47217dba,0xab5acc50,0xaa6ae7db,0x865331d1,0xb7e1ab1e,
-        0x3d30126f,0xb8453070,0xdee61851,0x280649e0,0xea689544,0x8806f4a3,
-        0xcb56f632,0x4bbe43ad,0xbcaff94f,0x036b9bda,0xbd0637be,0x0d941e65,
-        0x686f3abb,0x82179d44,0xaad6afd6,0x1486912c,0xff7e1534,0x9a3b891e,
-        0xeb86fd96,0x88c426ce,0x117928c3,0xb56e6a81,0x96399e00,0x933e7135,
-        0xa17b6ac1,0x09bbddd9 } },
-    /* 221 */
-    { { 0xe4fd3673,0x75e39c1d,0xa65c8e07,0xf880d9d1,0x7289c7fe,0x4725c1dc,
-        0x3529d200,0x5b6735ee,0x3c747af3,0xc1f8f2ed,0x912efdf5,0x5cf3998f,
-        0x49859c39,0xed722618,0x0e69795d,0x23793a2f,0x86b1d2a7,0x8a6ab8d6,
-        0x22a882e4,0x00c815de,0xf9db8d7e,0xbe77d6fc,0x02267547,0x0886fb32,
-        0x49c10edc,0xb62687d4,0x7c83ed4c,0x9f1c3e17,0x5af366ea,0xe6d5d7f0,
-        0xd1efad24,0x2eaa01b8 },
-      { 0x1f357c74,0x5e47fb70,0xa9e3b794,0x93085c4a,0x6e85a905,0x4f098733,
-        0xbe0244c9,0xf53808ff,0xa3b5660d,0x91dddf93,0xf3b95ed6,0x8b76377b,
-        0xbb3920d4,0x91b911b7,0x86a13cf3,0x7ccf08bf,0xea018e58,0x53ed8f97,
-        0x78c55194,0xb1ea4343,0xe0d2d5a6,0x8e6adde9,0x9b96259a,0xfc2b248f,
-        0xeef17ddd,0x96ebceae,0x557f9c85,0xf694b443,0x07d5bba8,0x48cd150f,
-        0xb4c1986b,0x02d31de9 } },
-    /* 222 */
-    { { 0xde79499d,0xa6bb9e1e,0xfd0fc2ad,0xf6ca8ff8,0x1a7d9356,0xbec0f8e8,
-        0xe8f06327,0xbc3d1c9f,0x3b300beb,0x805c7217,0x413c181b,0x00420a08,
-        0xf0ca9d01,0x9e9a167e,0x1aeeddd6,0x076c909d,0x8e3a8a72,0x64a1997f,
-        0xa77b429e,0x3ce7f7a7,0x5c94d3e9,0xaac0fbf4,0xe6d48407,0xf37694a7,
-        0xa91921e7,0xf56679e2,0xee1dbbd6,0xf23fe0f3,0xcbf9fa99,0xc7917566,
-        0xe0f4d765,0x965860f2 },
-      { 0x7fa5f79c,0xe734702b,0x5af2d26d,0x930bd426,0x6c73e0ce,0x45bd8b98,
-        0x4ee44a2d,0x7dbe7bed,0x956c8a1a,0xc129e024,0x77cdf80e,0x6fdc05ac,
-        0x589ca59b,0x70a6ba2b,0x999825af,0xfc484021,0x7a23f0b6,0x1d284b54,
-        0x28a0a8af,0xb1da10a4,0x2b2af6d8,0xb1eb1b31,0x33935ee3,0xf051443a,
-        0x8effa6ec,0x7a07eb26,0xd662654c,0x16ee4086,0x4549ee4c,0x7a7bc501,
-        0x1fa98a52,0x65081032 } },
-    /* 223 */
-    { { 0xb67ed9b2,0x49f0e460,0xc36d93d2,0x0cda0fd0,0x88c75e1c,0xbb5963e9,
-        0x614bc0c9,0x757bbe93,0x9a768605,0x9a9b8801,0x48edc544,0xa8b7e2af,
-        0xb51a5985,0x9e77ed9e,0xebbf024c,0xdd025274,0x1545c636,0x598b6288,
-        0x4800dba0,0x39bdaed0,0x81e2a23a,0x7fc20139,0x550cb4f2,0xdc66fd5c,
-        0xb52068c7,0xad27032f,0x8169fa15,0xc9a0bcae,0x3a7ca8a2,0x60606f21,
-        0x9862652f,0x98295046 },
-      { 0x2e11c128,0x3e374600,0x0e6dca7e,0x80dfae5d,0xd9552264,0xe44016e2,
-        0x880b7143,0xf65f88f2,0x526b881c,0xca3d28d4,0xdfb86afe,0xf9c59dd1,
-        0x4c74f958,0x548860c2,0x9cb69f4f,0xd06ea43c,0x7334ecec,0x5343c9ae,
-        0x35329713,0x5cc2ccd6,0x5f3a6c0c,0xa95ff403,0xb372653b,0x2e01a1cc,
-        0xa250523d,0x31510fdf,0xa6227eb2,0xeee538e2,0xca23cd10,0xeadfc8a0,
-        0x3e78f54b,0x4b7e6e1b } },
-    /* 224 */
-    { { 0xdb5f928b,0x79c9076f,0xb7347cec,0xe6250bb6,0xac00ec41,0x54b67798,
-        0x9d9619c7,0x900d20ba,0x59e4343f,0xed42c0d0,0x451935d7,0x3df39e85,
-        0x64f701ce,0x26391182,0xe1f87aac,0xce8f2554,0x65f91aaa,0xfddd6789,
-        0xa324539f,0x96cd163f,0x4bace995,0x5c815f2c,0xa94f9ea5,0xd78c8c2a,
-        0xef24e455,0x7ab2aff4,0x1cddc26a,0xf0ed6409,0x00ca2822,0x954a420b,
-        0xd3297658,0x0611c4c5 },
-      { 0xa9e81829,0xf192001c,0x08a282cc,0xded33320,0x8f9ded9b,0x0bfd7de1,
-        0xb7889003,0x6793ac0d,0x3577a5dd,0xbb00d91d,0x802d3c2b,0xe17a23a7,
-        0xfb549014,0xff95f88c,0xc71b6e07,0x7cd1bf4b,0x23588c8b,0x2e3b24a0,
-        0xa4112076,0x9b5335b8,0xc4056d30,0x2481c05e,0xe916a1b5,0x55c7410c,
-        0x850179f4,0xbbe03271,0xb3cd1208,0x15e6c177,0x90cbfe50,0x509a24c0,
-        0x1c108566,0x82079529 } },
-    /* 225 */
-    { { 0x1c7d353e,0x5d2d3cff,0x7de0ce3b,0xd5e7eccd,0x6ca87635,0xb4b1075f,
-        0x25f9ad3e,0xda8404e0,0x205cb5ae,0x6b963e89,0x09f221a1,0x9e5ee0d8,
-        0xea41aca4,0xd64c85d9,0x34442a34,0x6a46c4e9,0x3cf655a4,0xac6ff97e,
-        0xe5417d7c,0x76565c1e,0xeebf9c4c,0x681009a9,0x88da6388,0x95b61d39,
-        0xf6b472c6,0x6402b46a,0x0b7f1171,0x1fde5165,0xbe0c05e3,0x94f8f273,
-        0xa88344a7,0x7487b036 },
-      { 0x9c3e2370,0xa860e575,0xf8048719,0x19d58193,0xa6e2f9aa,0x3a0dbf3c,
-        0x6144719b,0xb6c7e959,0xdeffec21,0xa9049c74,0x3f50cebf,0x8ba064b2,
-        0x49a1de15,0xb12822c0,0xb1d527f2,0xb654b7d9,0x0ffd0430,0xc470859d,
-        0x4f05446b,0x37c74a67,0xa3add995,0xe553251b,0xe33533b5,0x4a3ed6cb,
-        0x27e419ce,0x2f2f44d0,0xa5d1b979,0x2d84ee82,0xdb6fa69f,0xcc76b123,
-        0x21fa3bdd,0x834f85c5 } },
-    /* 226 */
-    { { 0x2ce9b31a,0x329347c1,0xfe3fb3b7,0x1d88522a,0x52ff90fd,0x4bcefb4d,
-        0x2b1a081d,0x53b17386,0x2a411f08,0x538c11ba,0x141b603a,0x7895b93c,
-        0xb10bd741,0x2993b9aa,0x09912986,0xccbbd046,0xeea0aba5,0x669fafb0,
-        0x35661897,0xd4844622,0x367ffa54,0x4a63b89c,0x1c3478da,0xcbad5d1d,
-        0xaa6034f7,0xc5339227,0xe61b1391,0x0e6d705f,0xf74ff515,0xdd14b660,
-        0x5332b54c,0x639d8b0a },
-      { 0x162217cd,0xfa423162,0x811c28e6,0x2e0e4a2a,0x21766dc0,0x68d9ce18,
-        0x046a06ef,0x51263739,0xdde92101,0x44eea231,0x114298d3,0x0607c8f2,
-        0x63d957e9,0x27f272ba,0xa5e8cae1,0xe7ce80cc,0x24f7a63f,0x5816ebe2,
-        0x89673e34,0x4dece5a7,0x536babd4,0x13756a22,0xe3bf77af,0x644d61ae,
-        0x2bcf98bc,0x60b2bf6e,0x29fa962c,0x3b0b59f3,0xabb50023,0xb0769a1a,
-        0x0c75402c,0x40903136 } },
-    /* 227 */
-    { { 0x1670433f,0x84d2873a,0x25493dfc,0xc9394df6,0x80fcf89e,0xeb05a19a,
-        0xdb297616,0xe39e4310,0xd9e63046,0x50742dc9,0x1de9ca9e,0xf31ad8c8,
-        0xfb7b1d0d,0x86aabf94,0x1b3c82d1,0x36cda27a,0x39702d84,0xfb1a2ef4,
-        0x46081299,0x280bfddc,0xd2396238,0xe4b2b48d,0x7b3c9353,0x2db2c2f3,
-        0x12fb8a69,0xd5b5b317,0x08180474,0xf9b87a3b,0x1e952578,0xd8590986,
-        0xf37a2bc8,0x80668eed },
-      { 0xb39a0249,0xe2edcd35,0xb2f8aeae,0xaf230cd4,0x7223df05,0x295b15e4,
-        0xe0e937f4,0xbb66982a,0x8cbc9162,0x019d2b72,0xcf49dca1,0x5c512ae9,
-        0x630f07b4,0x11b491a7,0xa03874e9,0x48d4f34c,0x44cb7433,0xc1fd0ea6,
-        0xf95b30c3,0x13f79ae1,0xed8b60ac,0x40362d4d,0x61ead81c,0x9e8314ff,
-        0x498c3d28,0xed600dd4,0xc2521702,0x5fcb1c19,0x3a9c1f33,0x592329fc,
-        0x1bde6ce9,0x04677548 } },
-    /* 228 */
-    { { 0x39233c96,0xee3de56e,0x80737eaf,0x868c409c,0x201abc68,0xacae11bd,
-        0x2b486205,0x0f2cea9b,0x6f19056c,0xe32387e1,0xa5dc2a41,0xea75365a,
-        0x12b4be86,0x76c29acc,0x8d63294d,0xa01fcab7,0x0cab9f24,0x81dbe88b,
-        0xf414c054,0x76646e5b,0xcb96b7aa,0xfe111893,0x7664e097,0xb649f5b1,
-        0x53fcf5a9,0xa196422e,0x0b7ff634,0x5978c9bd,0x3c229895,0xb5feb38e,
-        0x0833c456,0x038a49fb },
-      { 0x13e93257,0x35e3818c,0xa612741b,0x14cebc9d,0x7caac06b,0x4f6e9249,
-        0x3daa1116,0x82278e33,0x4de2034a,0xe7cc565e,0x0a1ba630,0xbb7dc95f,
-        0x66956fbd,0x81dd9f23,0xbb132dd6,0xc63e6319,0xfc241337,0x6e22b022,
-        0x7e8beb1c,0x23848193,0xd8c938ac,0x83b1994d,0xa6bb5644,0xb54cfaca,
-        0x06f91807,0x1a7cd44e,0xa8f8d9f3,0x1dd439bb,0x7f74a8e6,0x660c2a78,
-        0x121b5660,0x4bb76e22 } },
-    /* 229 */
-    { { 0xe6354817,0x7a151e8a,0xf038b438,0x33d494ea,0x85958986,0x4c86c688,
-        0x1dcbac12,0x72153827,0xc0edad06,0xf487af8c,0xe500e5d6,0xad33051f,
-        0xd6e47f55,0x0a711b1b,0x8c746ad5,0xa68709a7,0x6402f35e,0x27f17262,
-        0xfb30c130,0xc6d08efa,0xc06c7497,0x9ef1c041,0xdcc3e2da,0xd0c74ece,
-        0x092e1073,0x30c5f96e,0x2aa12b74,0x0f1393cf,0x2107eb02,0x24584016,
-        0x7b76f98b,0x8843d25f },
-      { 0xedb2a83e,0x4e1501dc,0x2bb8d724,0xbcfe8fb0,0xd925df62,0x09020659,
-        0x42ab6fc3,0x3c715dcf,0xa0f09dfd,0x73c05055,0xe3590aea,0x126745d8,
-        0x76ff749e,0x5382f4d8,0xa920c663,0xfc69feef,0x9fd711ca,0xde160211,
-        0x9075c4d5,0x4219c3bd,0x3ded6bf2,0x3800cbd1,0x6263a116,0x8c7ea0eb,
-        0x7d264c37,0x35bd7958,0x7159c98c,0x56e22e45,0xfa7373b5,0x71bf2a2d,
-        0x8935c949,0x0503f939 } },
-    /* 230 */
-    { { 0x71dad4f6,0x65addc66,0x024bea1b,0x238e4889,0xf605d3dd,0xfb76c8e2,
-        0xb0d96b89,0x13d5f5de,0x6601b2cb,0xe0b5ba35,0x83e3d254,0xe37d491d,
-        0x240c8ea7,0xe8860423,0xe91c99ba,0x374182f3,0xa87ad919,0x26c2caf9,
-        0xf574f295,0x4b13040a,0x944000a3,0x5b9bced1,0x06df42e7,0x4ccc57be,
-        0x4bd1089d,0x22e8ec50,0xdddbb500,0x0c53177a,0x9ecfeadb,0x690d31d2,
-        0x176668f9,0x735778fe },
-      { 0x843c1137,0x0f86ee3e,0x3f0b73cd,0x3c1c42fa,0x8ab20e3a,0x0e75679d,
-        0x16242fae,0x6f95f1f4,0x39b092e4,0x7b88e11c,0x4c236ac0,0x1629403e,
-        0x2dac02e6,0x66105f41,0x862e0632,0x74dc28a7,0xf3b23c8d,0x2118ffb2,
-        0x0745ffbf,0x1182417c,0x4c05711e,0x49b55a04,0xcefbe4de,0x2c665b74,
-        0x97bf7107,0x1cc4c01d,0xc54f0676,0xb2ca06da,0x7450d0f8,0xfc599daa,
-        0x1a3182a1,0x52e637a6 } },
-    /* 231 */
-    { { 0x6bebc6db,0x481700f1,0xf9503d92,0x4a6b45db,0x5d153919,0xc715cd3c,
-        0xe5ad2abc,0x942a1c05,0xab7b466f,0x36a82433,0xba13918b,0xba413bed,
-        0x90f4e6ce,0x698a5624,0xf3f1f3ca,0xbb720da6,0x63471ab3,0x2116d41d,
-        0x303d3609,0xe00d2227,0x463ba69e,0x7fd4cc00,0x62845fd1,0xac609e4d,
-        0x80adc9c7,0x63603b2c,0x45fafbca,0xbf16fc9a,0xc4bc94ab,0x41007f7f,
-        0xa74b1698,0x7c916b4f },
-      { 0x78bac2d4,0xc1026f91,0x2601a875,0x8a2e8098,0x0073d640,0xad2f276e,
-        0xfcc1fb88,0x443610c4,0xca6b291f,0x5727b822,0x88ec60fc,0x0645532c,
-        0xed9ad48b,0x51e48899,0xf543f103,0x841b48b5,0xd591ceeb,0xa6ccb1be,
-        0x9dcf5a8b,0xfc4adf0f,0xb347ddb4,0x3a7ca020,0xcb44c521,0xaa1accc2,
-        0x0527c0c4,0x773b6828,0x7023cf50,0xaa374c10,0x6b74c926,0x733d1000,
-        0x77a8d07c,0x1ff3916f } },
-    /* 232 */
-    { { 0xf997939d,0xaa218fe4,0x791583b3,0x3d4dfbbb,0x87f7560b,0xb3a7b5da,
-        0x5da92c98,0xa9c02801,0x46666f4a,0xe1eb4aad,0x14ce9dd7,0x2eb17a51,
-        0xef8f3076,0xf46a66a4,0x810e546e,0x900b45c6,0x4baf04dd,0xf7af2258,
-        0x5c84d42f,0x3cc1c872,0x8e4c83de,0x3093f225,0x170d88b2,0x62fade41,
-        0xac076e44,0xe19612e4,0x32dd141b,0xf48d7346,0x925e34da,0xc1b1f759,
-        0x072b90c9,0x19ed1a56 },
-      { 0x6c735473,0x9cf7fcde,0x6003bc3e,0xaab88e67,0xfb199bb8,0x12187cbc,
-        0x9accccbd,0xbb730441,0xb0f65459,0x214aff3c,0x6f926282,0x6aec81a3,
-        0x9f9d20b8,0xaa82cb32,0x5773cc90,0x82f3f90f,0xf62257e1,0x4af60e6b,
-        0xbd4762df,0xf18b44bf,0xdb970753,0x3948b129,0x7c22c18e,0xc6e920e9,
-        0x57be97ad,0x393d6208,0x46b637f9,0xe8d7382c,0xf1fed1d5,0xf6625ccb,
-        0x68681599,0x6f31e0f9 } },
-    /* 233 */
-    { { 0x82b8f204,0xc45afe55,0xd358b54a,0xac0441b6,0xacd5f5ed,0x7213e7bf,
-        0x139bcd93,0x1914c70b,0x96dbcbb0,0x714b4581,0x1ed35d21,0xe9297d35,
-        0x6a3e1f20,0x8f640837,0x2f3cd705,0x150a8a9d,0xdcdd9f6d,0xfb36e801,
-        0x5cf56d82,0x5a54eb65,0x92aa5a21,0x7610500c,0x3b089f03,0xd10d0ae2,
-        0xc42b66e8,0x491b2079,0x0eee8d48,0x4af1ae3d,0x41556f45,0x137e4c28,
-        0x63d8a7e6,0x875e3308 },
-      { 0xaf6c0acc,0xdc80fddc,0xbb1e7c08,0xd5ad1e66,0x828585ad,0xdc717ae1,
-        0x275c7da6,0xbdc54340,0xd26b9e15,0xf4b4c852,0x6a05fa50,0x5f0a1fbf,
-        0x817bcb32,0xc6f81e47,0x70ff2e1d,0x2cbd4328,0x67c7f7fc,0x8a249016,
-        0xb585a6c4,0xd045acb7,0x4666c057,0x2e972ad4,0xe6d7d63d,0xc74d87cf,
-        0x0e274144,0xf7067d87,0x8b2584ae,0xb2ca157a,0x75f0fdeb,0x495c5bfb,
-        0xf386e009,0x5abb0581 } },
-    /* 234 */
-    { { 0xf0c97f57,0x8be62d2b,0x962f28c7,0x0fe04871,0x47b50abb,0xc548a467,
-        0x44fa09ed,0xf6b26e03,0xab05a96e,0xfd44c6e3,0x70e6ae82,0xedb0032c,
-        0xd7e4899d,0x28bd402b,0x9b7c11c2,0x43f2e963,0xce913716,0x0ec3fc0e,
-        0x02fd0f8c,0x769b8bc9,0x7cabc3ac,0x9d9cb3aa,0x06924cc9,0xe88a8892,
-        0x42609014,0xa51461aa,0x962e79e0,0xc7f4aa8b,0x8b1b3e80,0x4ef0210a,
-        0x1bfee4bc,0x70544680 },
-      { 0x121901c1,0xfab3d713,0xfead54aa,0xe90a2627,0xbc08ba23,0x64f6d285,
-        0x36ec227e,0x8d993015,0x06c191ab,0x99a16ab9,0xf649ce2c,0x86b1cf5b,
-        0x66be3a80,0x59206759,0xccba2cf0,0x18836279,0xeff53486,0x2c157b87,
-        0x4b223af2,0xbfac9896,0x0aae7a57,0xcd0fd4f0,0x63218a80,0xdaddb940,
-        0xdf88f14e,0x3844bb79,0xb71ed9fd,0xc1b3e3d4,0xd6205036,0x6c634a13,
-        0xb8680a6b,0x6f56aecf } },
-    /* 235 */
-    { { 0xd9205c5d,0xb01dc803,0x67123929,0x68955f7d,0x9d9b6565,0x3debbffd,
-        0xd3b1acfe,0xb844395e,0x6094eeff,0x04328b21,0x22991feb,0x6631ffa8,
-        0x190dd075,0x0dde66e6,0xe8577c05,0x75b03c55,0x91722407,0x6c91ce5f,
-        0x8ebb3a3f,0x9a288a40,0x058a1396,0x1d376f8a,0x9a6e0676,0xf3a59457,
-        0x7b71d288,0x103029c5,0xb44c30c0,0x0843f428,0x730e0b9c,0xd8e6aff8,
-        0x4ed644ad,0x7b6be811 },
-      { 0x3d3aa54e,0x3ec38e4a,0xd83d509a,0x10233943,0x243955e2,0xf84aa621,
-        0xf51d3d44,0x29104717,0x7eca4e37,0x62d2442c,0x85fa55de,0x8c5a523d,
-        0x851da1b5,0xc6f5ccda,0x20001468,0x044bcaa8,0xe01702e0,0xf7501e68,
-        0xe6a0acec,0xf0819359,0xac0ef0b2,0x33dda6ad,0xfd964f01,0x97aeedc8,
-        0x530b90d8,0x48dacd0e,0xb84122eb,0x4c5fad6f,0xd700a1de,0x2284ec1e,
-        0xdbca5474,0x86f9a835 } },
-    /* 236 */
-    { { 0x450cc69f,0x0e1d9055,0xc9edf98f,0x50eb14bc,0xee7eba01,0x1bb94e77,
-        0x998f8e53,0x5f7a6737,0x1b16eef0,0x588384e3,0xd85c5e15,0xbb928723,
-        0xcbd952aa,0xfe51e345,0x7e241674,0xc5d0ee28,0x100182f0,0xfdc146ef,
-        0xe7f5be2c,0x0f739e92,0xb656bd3e,0x501ab3af,0x5168e289,0xb1552dde,
-        0xb8ee104a,0x940dfe31,0xc4304475,0x42923603,0xc460a913,0x9306f114,
-        0x03b51f86,0x5bfa9faf },
-      { 0x107b258e,0x2a23f52c,0xd66341dc,0x989e82bb,0x823cff1a,0x54a3ced8,
-        0x719b491f,0xf45b7794,0x2433dfb8,0x898c2218,0xc49250ee,0x0f9dd91c,
-        0x4fa17655,0x50c2a2ae,0x2c327f45,0xf7aa1ce4,0x583b1e41,0x13a15ad6,
-        0xa1bfad9e,0x9aa0d5a5,0x8e1fbdcd,0x9b1caa28,0x915f7f87,0xaf9283b6,
-        0x87e81a1e,0xc10e4e0c,0x1080d296,0x04fdca56,0x12755bd8,0x6acc9616,
-        0x828feeda,0x1b1266aa } },
-    /* 237 */
-    { { 0x774ee49c,0x4ebc0a00,0xcb6237d7,0x776f6852,0x5df938a3,0xfc0544ac,
-        0xb6fbfbbd,0xc3388ec8,0x745f2eae,0x84ac8bcd,0xb1ece937,0xa9c56609,
-        0x7de8fa13,0x656fb6ac,0xa532b871,0x5f8ded74,0xaa889f09,0xab0d428b,
-        0x10b7aec2,0x43b27f28,0xfeecb34c,0x26426e1e,0x9e89c2db,0x44431b6b,
-        0x39211090,0xaac4bc5d,0x4fd81058,0x926f7368,0x471ef60e,0x452fa691,
-        0x218d7a23,0x33517fdb },
-      { 0x593c4a36,0xa9c33f46,0x36b1a9ee,0xac69d718,0x4277beec,0x55a20c1d,
-        0x7e4f179c,0x3e8ca24e,0xd46d88a2,0x57373369,0x730702f8,0x71ceb1cc,
-        0x35eed574,0x8b184d97,0x0704cec2,0x7f4517a2,0xd7062a53,0x7f129d18,
-        0xb1d77e1c,0x07a4571b,0x8350d8b2,0x774ac309,0x61fab8ef,0x27b2919f,
-        0xb5dd801b,0xa7c4cc13,0x1434591f,0xe7e6255b,0x5a3592b3,0x349937b8,
-        0x30c77549,0x31fac63d } },
-    /* 238 */
-    { { 0x04913fb6,0x2ee8cf1b,0x1769a6b3,0x7e401350,0x783e61f0,0x790ebb71,
-        0xe27f2ffe,0x1e5107f9,0xedaf89bf,0x124ba67f,0xe58de68d,0x189200e1,
-        0x6df5abee,0x962732a3,0xacbeb4aa,0x72cc37cf,0xe93c5a76,0xb0c5fa96,
-        0xde63393b,0x4c2a317c,0x830b2d6c,0x97f65e67,0x1be5b96a,0x4afc3504,
-        0x730ce66d,0x0bf40a60,0x9340d84f,0x96a1ba79,0x07626b08,0x3ee18254,
-        0x7ab0cbf5,0x01db35db },
-      { 0xac0efee2,0x6e0fbc2d,0xd71dbb45,0x8406ebcd,0x19b69abe,0xe72bde3e,
-        0x37e01822,0x49cb7e61,0x11458b4c,0xcbb8c01c,0x687c5d63,0x420b4847,
-        0x454c6776,0x1847dfa1,0xd1839d18,0xbede911d,0x278df046,0x1b9dc9c9,
-        0x881a336c,0x294bd62b,0x93e77adc,0x7f096879,0x43ce3ba7,0x7ac90665,
-        0x7764eefc,0x148695fd,0x9ac465cf,0xe0c20f0b,0xa6e2cdb1,0x636e8d28,
-        0xd755341d,0x7b6ba98c } },
-    /* 239 */
-    { { 0xc1881ab4,0xcb1d9e03,0xb3168c88,0x19c25d55,0x282364ce,0xa82d3d47,
-        0xf161aa24,0x95994390,0xe1ebb2c9,0x7838bc00,0xbdec7a75,0x8fd5dfcc,
-        0x4ff7220a,0x4dd203c2,0x0efeff48,0x5ec173b3,0x16428b35,0x99f1d2b3,
-        0x056e813f,0xc06bd9e5,0xc0b319f1,0x929172ba,0xfd223b15,0x6ae0e384,
-        0x98d091ed,0xbd01059e,0xa654648e,0x6b3168e4,0x3375e798,0x2211447f,
-        0x71eb4508,0x47e81019 },
-      { 0xbc8c290d,0x7045d45a,0x810fb33a,0xa33d1355,0x46fbbf2f,0x2baf0092,
-        0x385c7cd9,0xacff3f1b,0xe161985c,0xc5b150ec,0x2a888748,0xc6ee0a7f,
-        0x5e88dcc8,0x9d888c8e,0xccb86443,0x4dd735f2,0x3c40f6f2,0xcc1e13b7,
-        0xf3fed691,0xfc3a25ff,0x257ee5c7,0x4cb43b17,0xf32db135,0xaa654f93,
-        0x02dff2d3,0x44f58d0a,0xa8ca6394,0x78e3f188,0xf3e86697,0x39646cce,
-        0xe0dce87b,0x785b1902 } },
-    /* 240 */
-    { { 0xa92f9a20,0xfcce2361,0x9d64540e,0xb7bdca87,0x1d00d7c5,0xd4739a85,
-        0x2e97c926,0x067ac8dc,0x78da6a8b,0x2aea3ffe,0x63c51b69,0x6828bf54,
-        0x7155141a,0x76f1c479,0x3977d810,0xf4bcbef6,0x541bce7a,0x75bc4949,
-        0xd17041a5,0xe01f4066,0x87755eaf,0xd282d5bd,0x59e7ae80,0x6e2107dd,
-        0x382ab36f,0xaa56e166,0xb9d1d634,0x65ee8ef6,0xce4ed844,0x99a2160a,
-        0xb7712c27,0x6557c367 },
-      { 0xd75b6e52,0x561b0268,0x118d0e89,0xb0813640,0x6a2eb1ae,0xcff53330,
-        0x6d090894,0x4e462226,0xb5fc1d48,0xbb351227,0x57a3062d,0x9365ea07,
-        0xd66e2dc5,0x4caca37b,0xb9095887,0x220d7d23,0x8c4473bf,0x9c0fd393,
-        0x6787da4f,0xadff370a,0xd057f4b8,0xef0aebcc,0x1173f33a,0x205e744c,
-        0x925a26b4,0xb8d1f0a5,0x722fbbfd,0xa9364f49,0x8227d284,0xc891ae77,
-        0xa0e08ab4,0x15c40d04 } },
-    /* 241 */
-    { { 0x2a0e18d1,0x9baf169a,0x4c0327c2,0x9971c017,0x7bc262ce,0xd81a323f,
-        0x818ff379,0x2099db8d,0x4cd3c330,0x663f663d,0x011a0553,0xef5325c3,
-        0xf980a470,0x9cd70bdc,0x1c9ed070,0xe64452d1,0xac676e13,0xafbf43f4,
-        0xae85c2a5,0x97bec0a6,0x470490c4,0x2faae550,0x491e6ba9,0x0ab97a87,
-        0xaafa9914,0x4055f537,0x36726557,0xfc95adbb,0xd119d6bf,0x646343b9,
-        0x9d341e37,0x788e94a0 },
-      { 0x9c53461a,0x053a6fe5,0x08e3b6ed,0x75ec897e,0x0768d939,0xa8f5d2f3,
-        0xcc213d4f,0x9bd6bff6,0x05b0147c,0x590c7b41,0x7c7b8169,0x20a3628b,
-        0x5bce78e9,0xc66a086e,0x4dec1d8f,0x3dd4d282,0xc19dcce9,0x890acf44,
-        0xd8435a7e,0x6632d875,0xea6381b2,0x590167c1,0xf0dcc128,0xb2259797,
-        0x46f8d463,0x91a612b4,0xc15efa39,0x42185d78,0x119f6788,0xdf55ec37,
-        0x780dea93,0x91b19cc6 } },
-    /* 242 */
-    { { 0xcb5d8b80,0xebf2709d,0xfc35660e,0x03b96182,0x055ef969,0xb873d991,
-        0xe47c4342,0xd1ea4b4d,0xd54f8867,0xcc4b9244,0xfd8d77ef,0x93b1a2ca,
-        0xe8c1f563,0x068d24e7,0x49973056,0x5f5fabb6,0x0542374f,0x83248c50,
-        0x3f38e913,0xc36de2b5,0x7bb680be,0xed07e8eb,0xd8f313b5,0x964813d7,
-        0xafd2d392,0x7bb6a069,0x0848a31a,0xc06d848e,0xe4f0c325,0x6867fb2f,
-        0x067343af,0x3c2ba834 },
-      { 0x9d3ad63b,0xab62d775,0x59e0eb1f,0x3f9cab97,0x3885e117,0x70332a63,
-        0xe20b2f9e,0xf22cafce,0x49eca947,0xb529ba7e,0x6228d88d,0x24954216,
-        0x39239561,0x80ea23ec,0xd4370644,0x1b8907e7,0x563e4e44,0x4b7fa455,
-        0xb2a4b0fa,0xcca9829e,0x48060792,0xd0a720a4,0x246991ce,0x8ccdda0c,
-        0x348d086b,0x37a2325b,0xf60aee13,0x566ed509,0x147f253f,0x3d30e091,
-        0xc1073bd8,0x1fa627a5 } },
-    /* 243 */
-    { { 0x42478fd4,0xa11222a2,0x670b2000,0xacf4c6f1,0x8359c6de,0xf71bb04f,
-        0x7b93cdbc,0x618e2829,0x230db60b,0x96e1bae3,0x965b3b29,0xf17fd3b4,
-        0xbc7055dd,0xa58639c6,0x4b817d7f,0xc3ea92ed,0xd23b08a4,0x9082b2a6,
-        0xdc17010e,0x8471228a,0x20e89d97,0x753b9e46,0x03ff77c9,0xcf7e4f97,
-        0x2bbe60e5,0x6c3f8245,0xb80e017d,0x9e432cbc,0xc0a45edb,0x150a5acd,
-        0x4798743e,0x67b8bd05 },
-      { 0xf4797cf7,0xe66079b4,0xd03fde02,0xe31c998a,0x54caaef1,0x5aa3763a,
-        0xf7649711,0x64d9a1fe,0xaf29b1a7,0x7ce0dc73,0xfb66ca93,0x6661b083,
-        0x32fb6a78,0xbf4d74fe,0xdf00a561,0x25f6ef09,0x831d1159,0x2bc4383f,
-        0x536bde37,0x6d5cc10c,0x882cc65b,0xd4945f9f,0x451a99b8,0x81f48f13,
-        0x6bac11a4,0x140161cd,0xf18a4a0a,0x9d94d4ed,0xa467a824,0x65363165,
-        0xa4c9aedf,0x74297aa9 } },
-    /* 244 */
-    { { 0xe21124ba,0xc49758a4,0xa87ffbd2,0x99bd8198,0x3d6638a8,0x45fbcdd1,
-        0x15f7bf76,0x94645ff8,0xc4e6d57e,0x5fa6736f,0x92e61db9,0x1eae6475,
-        0xcbdf944a,0x79575c0c,0x25b31d74,0xa3d13047,0x4cab5ae6,0x7881df22,
-        0x1a2887f2,0x8dbfd299,0xa26ac459,0x23d07590,0xd8661d4a,0x2e589852,
-        0x8a0140f7,0x37b5c13b,0x3fb3782a,0x0f94199e,0x1bc14e90,0x722aa059,
-        0xd55bbb12,0x89aab7ba },
-      { 0xd656bdc7,0x8b345a96,0xe176cd3b,0x43bdc8af,0x32d64c43,0xd69518b6,
-        0x79b82b41,0xfcf364a7,0xffb0cf82,0x907b344e,0x5101287b,0xf3d0c83c,
-        0x34cd90ef,0xe9f26a59,0x07082b5c,0xe5f5aaf2,0xece7c165,0x4eb72c75,
-        0xbe986cd6,0xe9590a81,0xff1536aa,0xfeef498f,0xa8263d5e,0x04560243,
-        0x54ae872b,0x940be14f,0xe3207686,0xbee7bcc9,0xc1bc4d7a,0xd496a27d,
-        0x5940ab46,0x002dc297 } },
-    /* 245 */
-    { { 0xb69d60c3,0xee533937,0xfe972755,0x260be552,0xc0c725a6,0xb11fb78d,
-        0xcab2e7c2,0x6982c27e,0xee2322cb,0x4bceedd9,0x122704f7,0x952b19ed,
-        0x854a6165,0x2df4c285,0x7b192485,0xba40b5bf,0x0119f52a,0xfcbca950,
-        0xe5add86f,0x7467d1cb,0xd9d0f2c1,0x9bf536fb,0xb8d4ebc9,0x3c296e34,
-        0x05a81317,0x0495f8f4,0x73335f76,0x8c59e8d6,0xe0542122,0x0b53d324,
-        0x3c3bda73,0x4d564535 },
-      { 0x7e5c0877,0x7322f800,0x0ca9a764,0x481b43e6,0xa2c12716,0x231f4f4b,
-        0xed3136c2,0x09596857,0x38db30de,0xae826322,0x99908ebc,0x652fad40,
-        0xaf0d231e,0x0b8d1814,0x09cbc349,0x2680c54b,0x4bf3bf8e,0xfd4562f3,
-        0x092b595f,0x2985090b,0x5e15fc34,0xe6f39ca4,0xbc378168,0x70175191,
-        0x845a4a87,0x906944b3,0x82a1541a,0xacc6d74a,0xb155c8b4,0xadc9bab3,
-        0x77306c62,0x1f2f89ce } },
-    /* 246 */
-    { { 0x9affefdf,0x8253ef41,0x4cf9256b,0x05d7ece5,0xb444e483,0x377002f2,
-        0xcba5471f,0xb189755f,0xd5cbe015,0xc88483cb,0x6a0b8429,0x254f7c69,
-        0x61f3f61d,0x18850bd4,0x0a247157,0x7ba21089,0xd92eeb0d,0x35abbc2e,
-        0x965dec89,0xfb56cabe,0xbc55684a,0x9da23724,0x6a7a7492,0xd8ba396f,
-        0x2ef4ba46,0xfcb90db7,0x9909b27a,0xdd234fe0,0x76f4366e,0xbdf3c164,
-        0x17e50d47,0x09c8097f },
-      { 0x60050c07,0x6a04b140,0x43a8e37e,0xc29e8318,0xbb55e41f,0xcb9429b2,
-        0x2ce60e3a,0xed2fea5a,0xdb9d82f4,0xdc7b1ff3,0x687d37fa,0x48ebecc3,
-        0xecb07539,0x79153e32,0x57075692,0x6a60054f,0x800759ba,0x3871cd0c,
-        0x30922df1,0x17a7386f,0x83357b7c,0x4e9fc59e,0x39415186,0x1d26b3a9,
-        0xd34db889,0x912a0222,0x59fcdb71,0x6672fcf4,0x44ff3036,0x5a3f268d,
-        0x6911e16c,0x6f113ed3 } },
-    /* 247 */
-    { { 0x1836f1c9,0x52a9df59,0x4232307d,0xfa6519f5,0x5ded285a,0x8406c701,
-        0xaf627f75,0x0a1545ca,0xace0417d,0xae1111ee,0xa6113443,0xfb28bdf6,
-        0x52dbcbcb,0xde9ef0ab,0x7813e658,0xe9dc181b,0x99127225,0x0b1dabdb,
-        0x22814c59,0x5f0598e3,0xd934ee7e,0x5c3b966e,0xb99ba4bf,0x4eb84eda,
-        0x3c1b55e7,0xb2919a34,0x94aa860f,0xa9addb49,0xf6811ff6,0x1b7220df,
-        0xd1a183e2,0x6636a23b },
-      { 0x20587283,0xdf5d5a2d,0xef07fc5d,0x0b3822c9,0x0ef6de38,0x1786bd55,
-        0x25d1671d,0x163cf907,0x1cdb1def,0x74bf971f,0x0842fc4a,0x5749e830,
-        0x27f854f7,0x0e2edbc7,0xbce24acb,0xbb27bbda,0x05bed08d,0xc1b19cec,
-        0xf7c904bc,0xaada123e,0xd89982db,0x02429f1b,0x65f6e632,0x49d3616e,
-        0xee59fd32,0xa3789fa8,0xfe9f29f5,0x160ba3ba,0xaf5378a0,0x0f2d3b61,
-        0x73c2a6f8,0x7aeecc76 } },
-    /* 248 */
-    { { 0xdc43b0db,0xf3a4757c,0x98119cad,0x3d8a4e85,0x4616c156,0xf8095bf6,
-        0x4f533e97,0x3e2a07bc,0x39cfc5ad,0xa9824367,0xcd68052c,0x18a6ba3a,
-        0x8a1cec66,0xbd60e590,0x02b1b695,0xae3841a5,0x190a195b,0x986dff12,
-        0xad31fd9b,0x2df2beac,0xcc728f7b,0x7d893224,0x0cf0a992,0xc38ea738,
-        0x586a44ea,0xa8439a80,0x1615f03c,0xede7f7f0,0x27a1f885,0x48249908,
-        0xb78a7645,0x28ec4006 },
-      { 0xa2fe0009,0xe1820c2e,0xf13874e9,0xe11ba5d2,0xc524db52,0x97522454,
-        0x7fede529,0x4d477426,0x9b2500d4,0x01d3419a,0x1869244b,0xce08a492,
-        0xdd1be1b9,0xba169023,0x32a301e0,0x242c3e54,0x70906788,0x9b56f7ba,
-        0xc74a8cc4,0xf0ad2a09,0xd76f9439,0x99cd1841,0x621fb60e,0xeddafe0b,
-        0xbc397634,0x056bee54,0xff7f0a84,0x4653f860,0x2011c0af,0x6bd4876f,
-        0x0c9525c3,0x134f4cc7 } },
-    /* 249 */
-    { { 0xe938dff4,0x9621a3ec,0x486a79a3,0x7d101a7b,0xde950537,0xf2c4ef97,
-        0xe65d87db,0xf3184099,0x373b8cfa,0xb89c7ffb,0xe842916e,0x68baa505,
-        0x4ebea764,0xa790fd09,0xe592892b,0x679df6d4,0xfcfed741,0x2023331c,
-        0x9880ff21,0x0bf4efd2,0xd0344501,0x7ca78ddd,0x342858c8,0x2cb09ecb,
-        0x2575487a,0x9e5eb6dc,0xebcb0491,0x50675a15,0x7381d471,0x09d2e74f,
-        0x83d3d6f4,0x6ea37829 },
-      { 0x4e5cc40a,0xc65c094b,0x1af37dfb,0x7a2e3f6a,0xf9026e44,0xef677e9d,
-        0x93880f53,0xb7878c95,0x7f644aa9,0x4aa30b07,0x2f208c3c,0xa0c51683,
-        0x658d663b,0x7c0277ae,0xae1d9130,0xef0b3c38,0x695c3ea4,0x302f37a7,
-        0x6a0c5e0d,0xe004c1c5,0x20cbcf9f,0x9fd495c4,0x568a0e7c,0x706d5b9d,
-        0x59286454,0x8b225dff,0x8d9a709c,0x527d4465,0x87c08d68,0x47c558da,
-        0xbb4ef07d,0x606ee6e6 } },
-    /* 250 */
-    { { 0x57c621f6,0x02d99fc7,0x7fe83d48,0x292e40c1,0x9ef199b0,0x1bdfc7a1,
-        0xe62c7666,0x78a04102,0xe6738753,0x16cda370,0x1e3a65af,0xbc81974d,
-        0xf78fe209,0x19742048,0xbf5981c6,0xc83a058a,0x9c89702d,0xf26b2434,
-        0x9d1a678a,0x988b2f1e,0xff29ae29,0x472bf9b0,0x1d7cf5ec,0xa143e398,
-        0xb268ddd8,0x9c9d7e45,0x5fc4ff76,0x166cda55,0xa4aa7673,0x6044cdf0,
-        0xe9148707,0x49dba6f7 },
-      { 0xa758e37a,0x20e47fb2,0x2d8eaf66,0xaf6b31d7,0x6f9c2210,0x352ad5f9,
-        0x90efc32b,0x0093f727,0x41e4b264,0x435c99dc,0x05b15795,0xbfa878e0,
-        0x0e673575,0x99c520a4,0x87eea759,0xca682594,0xf12a348b,0x029f7b81,
-        0x2aa2ce35,0xa547cc18,0xead5e2c5,0xa11d874b,0x55682cdf,0x9af0349b,
-        0x8bbe8e66,0xf86ebfea,0xf55394ab,0x3dab8782,0xebc8eb8f,0x458bf797,
-        0x9b7de78c,0x4890a7a4 } },
-    /* 251 */
-    { { 0x8da995f6,0xd7299689,0xec6156ef,0xd39eaae7,0x356a82d5,0x6959040c,
-        0xc135bcfe,0xb2046b21,0x0f595c78,0xea720b64,0xe7c5fb40,0x02824efa,
-        0x0edb3bfc,0x97d8fd4c,0x79f24ebe,0x12f02905,0x187ea6b9,0x16fc47cf,
-        0x789d5c23,0xc219fd27,0x89263ecc,0x233a6b6c,0x8b6d30a6,0x823634b2,
-        0xc9b33680,0xca352e25,0x40c77456,0x9388d6ca,0x3c92065b,0xf8e55b0b,
-        0x02439a76,0x5c17474b },
-      { 0x8aaccab5,0xd888e7c2,0xaaced05b,0x18027836,0xccec0f65,0x185b877d,
-        0x125c2882,0x93cadc1c,0x67fdc54c,0x45df540a,0xc2788a33,0x4f3c86e2,
-        0xe3a0fa2c,0x3e874469,0x273983cf,0xc59daa47,0x4a96d8a5,0x3063c48b,
-        0xc2e58915,0xc38d2bcf,0x84e428c3,0x90e78b87,0xf0c4fd53,0x900a292c,
-        0x941e6005,0xb7f92db7,0x6ca53a1c,0x95679241,0xb1ab0fa7,0x35f6f31d,
-        0x7b58408c,0x5d675eb4 } },
-    /* 252 */
-    { { 0x870c6025,0xaeee1a77,0x91a2dfca,0xfc4a23b7,0x386b64c4,0x7b0e60c4,
-        0xe5ae72b1,0xd5d5b17d,0x9eefa212,0x6dfc88ac,0xd4038b96,0x4feaefbe,
-        0x8e2d2ecc,0x099ac356,0x012af207,0x548ea612,0x89c31218,0x4ffed9db,
-        0xe0e67331,0x1c1e91c4,0xaf8300e0,0x009bb64f,0x6773c3be,0x8780501c,
-        0xc08219fa,0xe0cd6ede,0xf81b06ff,0x7c055e07,0xe080b36f,0x82b63f9c,
-        0x0a9feca3,0x02fccbaf },
-      { 0xb47cac61,0x9991d4d1,0xab86e12c,0x2e9d1687,0x2b94f042,0x8c6855ec,
-        0x48e648e5,0xca400519,0xef89ac57,0x9ba91fb2,0x1be792cd,0x4f419206,
-        0xbd0f1e15,0x82d221cb,0xfc444019,0x062eb13b,0x99790fdc,0xf3a97c32,
-        0x6067a64b,0x4e796d94,0x6d23775a,0xc46dd300,0xed7f0f23,0x8672c4d5,
-        0x3b4f63d7,0x821851dc,0xd26273f2,0x50a3ae0c,0xeac60f6f,0x800e58fc,
-        0x13845545,0x56f1e456 } },
-    /* 253 */
-    { { 0x32c24f3b,0x01ccb3f6,0x06d817e6,0x99eb1c7f,0x6aa26776,0x8dc640bb,
-        0x0845d5e0,0x7838affe,0xf81a79a8,0xf34fecb1,0x3e6819b0,0x6a2e282d,
-        0x8237a4b8,0xc4b977ce,0x87636439,0x0f46b3db,0x97970497,0xa465f540,
-        0x8791be43,0xd7e08762,0x34198ec6,0x00220b6c,0x093d94bb,0x57b38637,
-        0x29d690b2,0x84012e16,0x20aad1a4,0x02ec9db5,0x85dc34e3,0xafee2fc6,
-        0x25500cf8,0x911d1936 },
-      { 0xf5e5af5b,0x13b1bd58,0x7b6a22a7,0xa7ca263b,0xf3af2adc,0xab6bec4d,
-        0xa04420bd,0x16651e59,0x4ba36c11,0x3b448b3b,0xff424310,0x3c62bfcd,
-        0xf1a96cbb,0xde15c4a5,0xe4d1f980,0xbe0ad8a1,0x36673a3a,0x812bd14e,
-        0x9212acdd,0x40303af6,0x576095ce,0x8f6dab9c,0x107f5ca5,0x7df1882a,
-        0x8896a3b0,0xb903e63c,0xd863b3f0,0xf5048544,0xc09887de,0x5e5019b9,
-        0xa0f53865,0x2be744fe } },
-    /* 254 */
-    { { 0x5b50f324,0x054cd05f,0x1ea3c7a2,0xb9b1eb24,0x7ff8e6b7,0x4a858a5c,
-        0xec040882,0xd83902fe,0xd0cba9bd,0x72b26494,0xb29c9e1e,0xd0176f90,
-        0xcebadb81,0x05d4eb02,0x372b8bfc,0x874405b1,0x79ead190,0x5c412881,
-        0xec2b48cd,0xd44a3dd3,0x3f4d5033,0x84499a77,0x564c3a09,0xb37b38cd,
-        0xf42e803b,0x80e99497,0xb8f518b2,0xc07b47a0,0x3568fde4,0xc710e3c5,
-        0xcead0e7a,0x735f542f },
-      { 0x38380039,0xcaa9a171,0xf74d19c8,0xadfafe17,0xccbc1a8b,0x92d4393e,
-        0xfe029705,0x3c5dbf39,0x930e9b36,0x4552b5ab,0x2afd494a,0x7ee63032,
-        0x3f02ac43,0x826a9ad7,0x99356298,0x98c53562,0x7342bb39,0x0c869f87,
-        0xe4f9b79a,0xd7510020,0xd34789a9,0x6361d1a4,0xcfa85637,0xf0ded5ba,
-        0x88ac07e4,0x407ee73f,0x09ef1cbd,0xfac7d03f,0x4d475bad,0x25d697cb,
-        0x14bd399e,0x1e984c9d } },
-    /* 255 */
-    { { 0x4850c817,0xc76d0561,0x3489812d,0xb08a5b19,0x5e58cbbe,0x7273d154,
-        0x4be61e5a,0x8900b5fa,0xd7aeb8e1,0xaa088691,0xd35a3d4b,0xe66666af,
-        0x57ec7d3d,0x38a2c199,0x668d6f5c,0xa0648e8f,0x7adc1746,0x1f9fc92c,
-        0x843065c3,0x23a116c0,0x61e6ae69,0x36370a20,0x2aa47e73,0x626c3736,
-        0xdeff6d84,0x540c25f2,0xcdbed2d4,0x9804824c,0x039a9492,0x4b5bfce0,
-        0x76942e01,0x6c474a56 },
-      { 0x7d88e3a1,0x3aeb9a41,0xc484742a,0x105d3c88,0x3fe61131,0xe59de8d1,
-        0x1a869e8b,0x148f5b6b,0xaa75d90a,0x7a8abc59,0x62146013,0x2f0c9bc7,
-        0xc3824cd9,0x43faa747,0x6a5d0b92,0x81763a18,0x9bcbaebc,0xbbc341bc,
-        0xf745d1dd,0xe1813160,0xb75ce5f4,0xa53ce52d,0xd50de4c2,0x15eae66c,
-        0x75d7656d,0x5ed8996c,0xc4ca552a,0xe4ff5711,0x3c5305b4,0x215e985a,
-        0xfa1ba2ce,0x6b258954 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_32(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-
-            err = sp_1024_ecc_mulmod_base_32(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 32 + 32 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32 + 32 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 32;
-
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_1024_ecc_mulmod_base_32(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_1024_proj_point_add_32(point, point, addP, tmp);
-
-        if (map) {
-                sp_1024_map_32(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 32);
-    int err = MP_OKAY;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_32(point, gm);
-            err = sp_1024_gen_stripe_table_32(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-            err = sp_1024_ecc_mulmod_stripe_32(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_32(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_32(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_32(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_32(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_32(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_32(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_32(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_32(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_32(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_32(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit tx[2 * 32];
-    sp_digit ty[2 * 32];
-    sp_digit b[2 * 32];
-    sp_digit e[2 * 32];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 32 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 32 * 2;
-        ty = td + 37 * 32 * 2;
-        b  = td + 38 * 32 * 2;
-        e  = td + 39 * 32 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 32, base);
-        sp_1024_from_mp(e, 32, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 32);
-        sp_1024_mul_32(b, b, p1024_norm_mod);
-        err = sp_1024_mod_32(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 32);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_32(tx, ty, t);
-            if ((e[i / 32] >> (i % 32)) & 1) {
-                sp_1024_proj_mul_qx1_32(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_32(tx, tx, t);
-
-        XMEMSET(tx + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_32(r, tx, ty);
-        err = sp_1024_mod_32(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][32] = {
-    { 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000 },
-    { 0x335c1685, 0x170a46d2, 0xe1007a58, 0xeac9e971, 0x43ca4a73,
-      0x40e8f3df, 0x82642475, 0x2646f815, 0xb36576d1, 0x3af49bb4,
-      0x72bf1afb, 0xd89e2d14, 0x2fd151e6, 0x27be882c, 0x8f88717c,
-      0xaddedc85, 0x16ac6c6f, 0xd6d859bf, 0x2d8eae58, 0x0e741a1b,
-      0x61c1f30d, 0x6faf7a00, 0x9b67e096, 0x66dbd09a, 0x7d3b4f7d,
-      0x21f11c06, 0xc727c98e, 0x6152ba02, 0xe86cb221, 0xafd58891,
-      0x6bd3baf4, 0x59e93c6a },
-    { 0x71dd4594, 0xe54dd36f, 0x00aef1e6, 0xbbc9cc9f, 0xa19f6530,
-      0x9ea5a44e, 0x3f520928, 0x8588aa99, 0x8f5c1418, 0x9753794c,
-      0xc11399fa, 0x118bd792, 0xf5cb6ab5, 0xb9bd3afd, 0x2ecb9652,
-      0x813d1cb2, 0x40389813, 0xfd456267, 0x4ac8431c, 0x51f7119b,
-      0x0a180eb6, 0xdd9f6a91, 0x9f7bfa2e, 0x13946d17, 0x50a9d0d9,
-      0x16f18631, 0x6f8373d3, 0x5f19c20d, 0x9b6a52b9, 0xbe85ac6a,
-      0x74f62e03, 0x63ef187b },
-    { 0x016f45e7, 0x7c376b7f, 0x2bec82f8, 0x1c1bdb57, 0xce429b60,
-      0x7392f741, 0xc7afd81d, 0x6fdbf0a2, 0x7241098b, 0xbda41b1f,
-      0xbb60f8cf, 0x5b407474, 0xb330bc4d, 0x933e0d41, 0x733fa3be,
-      0xae182830, 0x0f5c6cd1, 0xa0ed299b, 0x3f9860c8, 0x7ff3354e,
-      0x15559c41, 0xb1360986, 0x129f85cb, 0xab0cb63c, 0x47685fbe,
-      0x682ecc49, 0xeb199633, 0x505e8ec2, 0xddac2cda, 0x90dcc794,
-      0xf192da23, 0x4fe6791c },
-    { 0x05e8733c, 0x94a423d5, 0x1d5717c1, 0xcc845e65, 0xe961b322,
-      0x237c7e88, 0xdb4181cc, 0x0c4471c6, 0x713bd721, 0x00c875e2,
-      0xb2c17b09, 0x9dfde9ed, 0xe88ceaf6, 0x430a6de5, 0x7b81cea6,
-      0xaaa7a61a, 0x233f98d5, 0xea52d026, 0x60689a9a, 0xb55efdd0,
-      0x5cac4aab, 0x30cfa7ce, 0x8e950761, 0xfa4db114, 0x4e9a1e52,
-      0x309570c4, 0x1a040170, 0x18c21f61, 0xbe78d9d2, 0x555d1ffe,
-      0x561db297, 0x04482a18 },
-    { 0x73d486d8, 0xe7758ac2, 0x61cdc1e7, 0x8169f946, 0x2188ab4f,
-      0x723c99fc, 0xf3373630, 0xa0e54f02, 0xbd8c2260, 0x560bee25,
-      0x4531bc60, 0x28fc307c, 0x7e44feb5, 0xd6f21f1a, 0x57128d37,
-      0xc8e4499c, 0xd7b2ea45, 0x963b053e, 0x32a3d222, 0x40c27a04,
-      0x35459668, 0x5b51854d, 0xd73557e9, 0x66e1a49f, 0x8692077a,
-      0x0d267fd9, 0xe7342702, 0xfa1350d3, 0x68ccdb44, 0x1a9c3f25,
-      0xdedbf89f, 0x833a0ff8 },
-    { 0xab376b76, 0xa8c419c7, 0x27d0f0cc, 0x3b7294f3, 0xa90c514d,
-      0xe56bb9e2, 0xa62575a6, 0x931ba51e, 0x098c0a88, 0x56fee07b,
-      0xb4c16a2a, 0x04be5aee, 0xe6eb260b, 0xe513350b, 0xa1d5c270,
-      0x339edad6, 0xe9dbadd1, 0xf366ed59, 0x2dd06ec0, 0x4213be88,
-      0xcb1187db, 0x22d639c8, 0xd8a1058a, 0x1fec95e1, 0xa2b744f1,
-      0x03f73ea6, 0xf4f05c0c, 0x741fd51a, 0x85f811a0, 0x2e2df95a,
-      0xeb24965f, 0x692b3ce3 },
-    { 0xd2a127b4, 0x0ce6cb72, 0x8f92816f, 0x66a46ea5, 0x47a37616,
-      0x43ecf463, 0xe0ab96ee, 0x163d9a01, 0xb2edbe8c, 0xc8145c6d,
-      0x4de4e665, 0x2f426cae, 0x74e252f9, 0x174d0b40, 0x7d2af831,
-      0x54c240d7, 0x3d652936, 0x581fa397, 0xa09d4695, 0x05b9491c,
-      0x5452643c, 0x8c4e8533, 0xd4128327, 0x32d64331, 0x70361f25,
-      0x64479038, 0x89ef09f2, 0x774191b1, 0x81de5fe0, 0xc0cf0aaf,
-      0xf40042d6, 0x333e430a },
-    { 0xcf26d3b7, 0x5df04de4, 0xb53f79be, 0x57a77306, 0x1808b664,
-      0xa4013c5f, 0x85037360, 0xef291ea4, 0x0b061037, 0x1ffc9d7d,
-      0x65c913bb, 0xd9d04dd9, 0xf13b8587, 0x948a37af, 0xfe3ee755,
-      0xb5443483, 0x04631386, 0x3fc21e74, 0xcddeb58c, 0xb3a104e5,
-      0x6572cd52, 0x94fe1862, 0x15aaa408, 0xeb9a71a1, 0x459ea462,
-      0x8adc6fe5, 0x4aeb02a3, 0xbb18d175, 0x2f7791d1, 0xae127636,
-      0xd6bbd708, 0x10e8b31d },
-    { 0x3ed9f1af, 0xb87f03e5, 0x56676166, 0x03ad2477, 0x74ce15b8,
-      0x38dcd630, 0x26b1e85b, 0x1877e2b0, 0x1af99c15, 0xb1654d17,
-      0x9382547a, 0x9782e9e4, 0x26d55ef5, 0x6dc7fc7c, 0x2fbeb54c,
-      0x9038f95d, 0x036c0357, 0xfe590dfe, 0x4fdc3f7f, 0xcfcb6eae,
-      0xf35e1a88, 0xcb1fbc54, 0xda0a5568, 0x3c8e1db2, 0x5b6f5557,
-      0x9a87393f, 0xe7ac0a06, 0x38646b32, 0x2a8495ab, 0xfd261c83,
-      0x0cdcc4bc, 0x6485524c },
-    { 0xc4a6ff2a, 0x1abfb3e2, 0x35a6428a, 0x2aa03fba, 0x89aff742,
-      0x884227f0, 0xba5dbd93, 0x2337883a, 0xd2a182cb, 0x38186ae9,
-      0x49a01f05, 0xb9f0764d, 0x917b1e7a, 0x92411feb, 0x570cbb5b,
-      0x700b1903, 0xb914be7c, 0x5d5181d5, 0x1981182d, 0x135c4437,
-      0x574b9997, 0x32758d24, 0x632d28b2, 0xa650a8f5, 0xfa383f09,
-      0x24078bac, 0x00a33d80, 0x6546a60c, 0x2df8b449, 0xa4061c7a,
-      0xf234563c, 0x1f76f3f2 },
-    { 0x44c436b0, 0x9aa2c143, 0x1f69c87a, 0x79070556, 0x5f6db2df,
-      0x35f3117b, 0xed56ba82, 0x85761f41, 0x7d0afa48, 0xf831464f,
-      0x3adce71e, 0xa99f2915, 0x116b7488, 0xb27bf693, 0x9bb9443a,
-      0xa98a5a8c, 0x2ee5fde8, 0x7f878026, 0x1812acb7, 0x3a6f93dd,
-      0xdc84bc92, 0xaf92a4cc, 0xf1d4995a, 0x3c2562af, 0x04ed899d,
-      0xfd9fc33c, 0x4ed2a538, 0xc028ca94, 0x049ea726, 0xd0f367bb,
-      0x3d108e05, 0x04924ffb },
-    { 0xc673562f, 0x06548e3d, 0xe2eae48c, 0xd3b33025, 0x5e1c6977,
-      0xe61fd32b, 0x6ebe557b, 0x424e2064, 0x41d6e18e, 0x767391c0,
-      0x14d7e95b, 0x4b8ebb8e, 0x20991b8c, 0x4ae8b7d4, 0xe01290d3,
-      0xf8a0df66, 0x925e5f4e, 0xc97e24a3, 0x1508272a, 0x79a7b2cb,
-      0x25072661, 0xb40b072e, 0x9062fa49, 0xdad9e182, 0xf3c53bce,
-      0x8780a784, 0x9f142799, 0x58a82b76, 0xc1468426, 0x08cd849c,
-      0xc380ae35, 0x4dfce809 },
-    { 0xd527b780, 0x45069cb2, 0x977930dd, 0xd52da015, 0xe27d0263,
-      0x10cc600b, 0xbb2d1b2b, 0x34102c26, 0x554adf3c, 0x4c652623,
-      0x45f0ff47, 0xd6891382, 0xca916e7c, 0x83fa8cc5, 0xd15c8d8a,
-      0x1e10f139, 0x81dc56b3, 0xf173dc2e, 0x5c4ed9ba, 0x7fcecb04,
-      0x47d01228, 0x307fd7d8, 0x9f3a532f, 0x24a57153, 0xe2153c22,
-      0x59e9e81d, 0xe428a408, 0xc562595d, 0x9339bd23, 0xdc7daff8,
-      0xb8a06802, 0x0d075908 },
-    { 0xde085f2a, 0x870af2a7, 0xbe99b2e5, 0x88fcd24f, 0x59ca413b,
-      0x88c0d261, 0x8559f851, 0x1f02a2e4, 0xf622da0d, 0x83b96021,
-      0x6dca3615, 0x5c05c2f5, 0x7910c682, 0x0148cf1c, 0x272695be,
-      0x392f2896, 0xa8d64ef6, 0x883d0bb5, 0x1cfcbc52, 0xef0d2244,
-      0x526117e5, 0xf5dafcec, 0xf04928e9, 0xb68612b9, 0x393f2e2a,
-      0x283f744d, 0x700c1151, 0xfbeed7ed, 0xa4360dfe, 0xf2cde215,
-      0x2f08535a, 0x24fa961c },
-    { 0x616df7f6, 0x0767db3f, 0xfbd90326, 0x643057d8, 0x6e82d544,
-      0x174daa90, 0x689643db, 0x2284f345, 0xcc89a060, 0x18b191df,
-      0xd6c27d12, 0xbab46af4, 0xc9895145, 0x5a57f486, 0xcc942f9e,
-      0xc03214e9, 0x41950158, 0x273e1c8f, 0x39ad43ab, 0x8ceb759f,
-      0xe50ee173, 0x5e1b8b7f, 0x8f4d7d4e, 0xf635b1fc, 0x755603f3,
-      0x8eff77e3, 0x7752fa60, 0x201f61d1, 0x4a6fb6e1, 0x94d7a03d,
-      0xfc4f0114, 0x371cc23d },
-    { 0xda90c351, 0x289b115d, 0x364d9c06, 0x6d196ebf, 0xf650b31b,
-      0x77a89202, 0x6f57642f, 0xcc28c164, 0x08100127, 0xdc4f7e36,
-      0xdc4c807b, 0x8836cd08, 0xe00240f2, 0x1280f156, 0x99cb3953,
-      0x3f9a6d78, 0x3a802038, 0x40a494d3, 0xe87d3474, 0x45697e91,
-      0x26dde24a, 0x70d97d07, 0x7640c30e, 0x06f6a58d, 0x5ba6e6c6,
-      0x03c2c0e8, 0xf1bc13e8, 0x330f6a7a, 0xc9f4d78f, 0x3e602e4f,
-      0x0c80fb7f, 0x92b6bca0 },
-    { 0x5f00822e, 0x2e3d5c83, 0xb8b16f12, 0x0e825712, 0x92b0a330,
-      0x81c329c4, 0xa7cc1954, 0x6b4e32ad, 0x1bb1413f, 0x0bee9cee,
-      0x4a92ca27, 0xedfb7baa, 0xea3b9153, 0xcd472afa, 0x00f0c0f9,
-      0xe8f09e7e, 0x5cdebb70, 0xa4e1d872, 0x4a9b63b6, 0xfe2bae08,
-      0x3fd58f65, 0xf40141b8, 0xa3b62759, 0xd7ec5eda, 0x790e3088,
-      0x9aaf6e67, 0x1f277e31, 0x215ad830, 0xcf33871c, 0xe7db4b98,
-      0x4f02f89d, 0x71ff62c9 },
-    { 0x2a4a84d9, 0xaa4c7102, 0x5ebc71e6, 0xe2ee4acd, 0xf1cd6578,
-      0x3b11a8a5, 0xfff120a5, 0x83f5ef9f, 0x09e65033, 0xa4c598e1,
-      0xca044180, 0xe1e9f990, 0xf59828c1, 0x8b832d46, 0x33af536b,
-      0x753f28a0, 0xb6d4f68a, 0x92edc4b1, 0x72ccd1f0, 0xedde692a,
-      0xd2226432, 0xd3aa0f7d, 0xa3d2661c, 0x38dbb63e, 0xfdc37dda,
-      0xf1e19fc6, 0x84ef6b4c, 0x6c18b350, 0xdf1bba69, 0xe6a83fe9,
-      0x5f958273, 0x40fd47e7 },
-    { 0x267140a4, 0x5b88b746, 0xeab6f2fb, 0x6dbbfc1e, 0x69862548,
-      0xdd9ec88e, 0x2eb6efc2, 0x69beeba1, 0x8ac8ff88, 0xcfc2214a,
-      0xb5a21950, 0x95d5c96e, 0x4171fb69, 0x93389c05, 0x1b468337,
-      0x2d85d452, 0x4113425c, 0x14d68a08, 0xec6c2174, 0xe52c0139,
-      0xf730084d, 0x20cf0b97, 0x1f578aa3, 0x1ac16a26, 0xf9b6ae43,
-      0x18b9fab3, 0xd854a695, 0x68d82111, 0xdffbe286, 0x0b334d98,
-      0xe639338c, 0x5b1c1157 },
-    { 0x72b6bb8f, 0x90edaab1, 0x02fc92c2, 0x8dc64ed2, 0xfe694c73,
-      0xf42ba3c5, 0xcb54dce4, 0x316dc65f, 0x632420dc, 0xcb2d66a3,
-      0x056dcf94, 0x16e706e7, 0xa4f32c9d, 0x2809c764, 0xea6edca8,
-      0xab18d830, 0x81c65f57, 0x4fd1ace6, 0x7da12c10, 0x1f91651c,
-      0xc7791a48, 0x0ac3bd66, 0x785e67a3, 0xb6ad1cf4, 0xda0fd591,
-      0xe4d3fc44, 0x6e1c6344, 0xce164801, 0x33e50ab3, 0x84de9cb8,
-      0xa756eef4, 0x963ab83a },
-    { 0xdf4ea5a3, 0x944b47d8, 0x5cfe45fe, 0x96568815, 0x8a3c3564,
-      0xd16e7d58, 0xe7c99e15, 0x84e55b3e, 0xf55071bc, 0x3fee204d,
-      0x04057dce, 0x71006f29, 0xbba75570, 0xfe8c390d, 0x3319adac,
-      0x3645bcb6, 0x7c20bfd8, 0x8189e8b0, 0x7d7d9578, 0x8e550969,
-      0xb99f4e3b, 0x037d1321, 0xa60cfb6a, 0x011b2521, 0x837382da,
-      0x66594aaa, 0x83c1dc07, 0xc89b91fd, 0x076b9884, 0x6b82b899,
-      0xbe45c558, 0x443480fc },
-    { 0x9114221a, 0xf8ffffb4, 0x3e857a7a, 0x4aec4f2e, 0x0fa54787,
-      0x42e2d0e4, 0xd6f96152, 0xef3e6b31, 0xfbfe9b77, 0xb2296537,
-      0xfb43a86a, 0xc2a9d0f2, 0x24572ac6, 0x241284ed, 0xe721ba7b,
-      0xa3868917, 0xc117a78d, 0xdbef7c00, 0xd31605ac, 0x38149071,
-      0x065a8ee9, 0xc2dada9e, 0xc442be82, 0xd5b138d8, 0xf6d72b58,
-      0x9b6c224b, 0x8eb03e6d, 0xb9d355cf, 0xa1700371, 0xab6d1eb0,
-      0xcffaa7eb, 0x97118a88 },
-    { 0xcdecb5d8, 0xbf9c59a2, 0xa93a6866, 0x8083c81b, 0x04774fbf,
-      0x24e0dd81, 0xa02070b4, 0xe779a3ca, 0x0fbfb781, 0x9d352fbb,
-      0x3ef2a1c4, 0xa8b0d820, 0x14b3e501, 0xb858637b, 0x8a882ff2,
-      0x5ba70a49, 0x3b06efa5, 0xa2730083, 0x102fee2a, 0xa42c02f4,
-      0x8a0223a5, 0xe4e76299, 0x85c3fc72, 0xdba2ba26, 0xfe52eae7,
-      0x554fe763, 0x270f45f6, 0x30b5405a, 0xa573387c, 0xd56a177a,
-      0x4b71fa82, 0x17c0778d },
-    { 0x2735e37b, 0x0e6dff1d, 0x656ec572, 0xc9884e56, 0x9ebba978,
-      0xa2f5ac9d, 0xba09f3c4, 0x40fa4518, 0xf5b04377, 0x8c3fa177,
-      0x967a2eca, 0xa1a1decd, 0x0528bd40, 0x768bca70, 0x18691c4a,
-      0xf224952b, 0xe86d5fd5, 0x16e12c45, 0x37859a6a, 0x7a0d9157,
-      0xa0ffce0e, 0x723f4309, 0xa96cc9a3, 0x5a8db79b, 0x1ad23a38,
-      0x6dd12ae0, 0xe2bf5d84, 0x9ffec3a1, 0xa452ed66, 0xd6ce84e1,
-      0x571fe4c6, 0x1219d5c8 },
-    { 0x262969eb, 0x43eaa67f, 0x2f03e773, 0x3a3ab39d, 0x57bb0909,
-      0xe6127e51, 0x8d150274, 0x0f82b0ed, 0xe580bdbd, 0xffffcad8,
-      0xa9743e6b, 0x51d3d075, 0x8bac11d6, 0x1484bdb1, 0xeb24c388,
-      0x95cd9990, 0x7fac67c6, 0x216a61d0, 0xa04e6b87, 0x4308f762,
-      0xcba57cc8, 0x2865dd61, 0xd234a07a, 0x3c296b0d, 0x3a0793f9,
-      0x76f92839, 0x0be29ece, 0x70b57e1f, 0x7e626f42, 0x1314a82f,
-      0xd657f230, 0x2c8d7ab2 },
-    { 0x0825e4d6, 0x67cf5892, 0x6ef83b44, 0xdf51eaa5, 0x1310108d,
-      0x63e665d8, 0x8dd0963f, 0x229f89f5, 0x9df6436a, 0x8c4b14dd,
-      0xd45ebba7, 0x99dae469, 0x5a4df381, 0x118aab77, 0x29e37feb,
-      0xda8978bd, 0xaca2d7ef, 0x69ced5aa, 0xc67d6a8a, 0x6c98d05d,
-      0x77f84a34, 0x7474bf0d, 0xed8cd59a, 0xd4428b2e, 0xd1d398fb,
-      0xb0fd1cd5, 0x94a20b11, 0x596013db, 0x1b404c44, 0x96eb705a,
-      0x4b09d958, 0x2299d277 },
-    { 0xc64397e6, 0x5b9cd58d, 0xbf6dd31e, 0xac198f1e, 0x3e9f1db2,
-      0x5866d8e1, 0x8fcdc68c, 0x405ae287, 0xe53c01fd, 0xa4b280cd,
-      0x411db5f6, 0xdc963f2d, 0xbec4f8a0, 0xed5d5189, 0x916ee98b,
-      0x336fd13d, 0x042df48e, 0x6925b1b3, 0xace0074e, 0x0cf56291,
-      0x25317e95, 0xe8d38b48, 0x821c446b, 0xc7ad1d2b, 0xf0b65934,
-      0x71c44135, 0x52ca0d50, 0x971b736f, 0x27b46c26, 0xaf9ffa57,
-      0x1936618e, 0x21ac6779 },
-    { 0x2d7fbcd2, 0xab420e3f, 0x97bdfc18, 0x12722473, 0x4df5d4b4,
-      0x492033f8, 0x3807b7d3, 0x6fcd4236, 0xb33c3625, 0xdfc19b09,
-      0xa0f22814, 0x13d6f375, 0x037c19b8, 0x70978a59, 0x0ff27b9c,
-      0x4f398997, 0x615a4389, 0xfc0e1a45, 0x3e602f74, 0xffa3496a,
-      0xb261ca1c, 0xc3f1c431, 0xee0164cd, 0x612211db, 0xe7f7be9f,
-      0x30463ee4, 0x92c2e1bb, 0x015f7e78, 0x24483a56, 0x663d88d6,
-      0x0e62d9d8, 0x0e8ec1e7 },
-    { 0x8a0878dd, 0xa88ccc29, 0x6640071a, 0x99ac175d, 0xa5173617,
-      0x90344820, 0xdd58a315, 0x316d023e, 0x88d221a1, 0x30785bd4,
-      0x959c48e3, 0xb74b3de7, 0x4c67a771, 0x42ee0382, 0xe0b91453,
-      0x59ef6cdd, 0x9b237e91, 0x7830ae28, 0x495d8325, 0xe1847a4c,
-      0xd0773666, 0x67b1217e, 0xa294a325, 0x58192c86, 0x864d8326,
-      0x76aa0f56, 0xf4b13e5b, 0xe2a2bd12, 0x1b6b73fd, 0xd850c1c0,
-      0x5d103635, 0x653a795f },
-    { 0x50dcb199, 0xcfe28985, 0x7fa02b60, 0xb35b8e5e, 0xc97603d0,
-      0xbca7d7c3, 0x27f131b5, 0xb0e5288d, 0xe2b12d52, 0x3aa704de,
-      0x1db725c7, 0xe206b1d8, 0xc5d1b113, 0x0b12839a, 0xdb45d763,
-      0x14f970cb, 0xb2125e8e, 0xc997f93e, 0xee7daa26, 0xbd75739c,
-      0x1fef20e9, 0x46ecbd3f, 0x7c6a42b1, 0xf994a114, 0x27fb0fd1,
-      0xd289eb4f, 0x9a40da4b, 0x11186d31, 0xfb9d7976, 0x083f65a5,
-      0xd444675e, 0x30dfc47b },
-    { 0x9eaadfe8, 0xbcfc5ae2, 0xb4d4e812, 0x25027e54, 0x8b533561,
-      0xab0702df, 0x56a6a214, 0xa2b9c204, 0x3059068e, 0xb1a3df7a,
-      0x9883110f, 0xa3514b21, 0xc4b78e1c, 0xb7be2336, 0x3e2f6984,
-      0x17073ce6, 0x2ddf7ac6, 0x86e114a6, 0x07d7c3c8, 0x276192bf,
-      0xeb1ae289, 0x5da69e0b, 0x25184939, 0x983af175, 0x407a3aa0,
-      0x9ac52a4d, 0xae0fe218, 0x1535c7da, 0x397f2501, 0xe16fe872,
-      0x54c212cf, 0x572a591f },
-    { 0x09a5553a, 0x49668419, 0x327733bc, 0x3f054318, 0x3eefd690,
-      0xf9ceb4b2, 0xf22126d4, 0xbd3cbf9b, 0x2fed9578, 0x6d9671c0,
-      0xca0306d8, 0xbba597ce, 0x3d674fe5, 0xb705ed61, 0x67f33f76,
-      0xf1d3622b, 0x11cb8c31, 0x15bcf3c6, 0xe53d1aa9, 0xa38467dc,
-      0xf908ab43, 0x902fe929, 0x8d15767a, 0x6e3e499d, 0x90afd07b,
-      0x8142db5c, 0x6c8b190e, 0x120c6fbc, 0x24919a4e, 0x80c86553,
-      0xd8c82c3c, 0x65c2cbe1 },
-    { 0xa660bb63, 0x684cda20, 0x86e86245, 0x27dc3b0a, 0x6ba0eed7,
-      0x76472cf6, 0x679dd158, 0x79c162e5, 0x08452d44, 0xb6884277,
-      0x413f579e, 0x829bc6b3, 0x95011770, 0x92ea15ec, 0x47738183,
-      0x5e34e300, 0x73e1d2f1, 0x8c3ca349, 0x229bd3de, 0xa5c4f1dc,
-      0x94ef7ed3, 0x783eff1b, 0xdfae7a1a, 0x46db738d, 0x1a099852,
-      0x4353d72e, 0xa0dcf4ab, 0x2533ad58, 0x0e7888b9, 0xd8055016,
-      0x3ba77f66, 0x831440d5 },
-    { 0xf611b2da, 0xf43e2e32, 0xd0fa46ac, 0x5d066e29, 0x820b3c0d,
-      0xe897f3e8, 0x1d3e44f0, 0xc45c28e6, 0xdfd27a66, 0x929d7f66,
-      0x101e8517, 0x735b860a, 0x3de078dd, 0xea3fce98, 0x638ce11a,
-      0xc9977db5, 0x48536b3b, 0x0488382f, 0x64cadfc6, 0x7e0c7a3c,
-      0x82147b71, 0x3cd17f7f, 0x1b411e3e, 0xe95663cc, 0x985fb46d,
-      0x5739ac8f, 0xbcf119ca, 0x385399cd, 0xe15a2815, 0x4a985a70,
-      0x6d5f4566, 0x504c3a8a },
-    { 0xb8fa53c7, 0x00b55283, 0x509474e3, 0x985cff38, 0x437ce25f,
-      0x234d241c, 0xe5a129ed, 0x29832430, 0xaabcc674, 0x6ad38956,
-      0x7ee81ee1, 0xa2dc001d, 0x670b2702, 0x4c23c6b6, 0xa6e8a3bb,
-      0xb35e567e, 0xa69673ea, 0xbc70b3ce, 0xe6e28eac, 0x85a7a9c3,
-      0x5537b7da, 0x2ae684de, 0x6de937dc, 0x5ecac3e5, 0xf8430422,
-      0xbf2ea6c9, 0x77fdc520, 0x38caf7d0, 0x69f56add, 0xc27af0b1,
-      0xc71d21d2, 0x496e4699 },
-    { 0x9fa93467, 0xba14fc82, 0x0eb2a614, 0xc2e37684, 0x4833e09b,
-      0x659bcfaf, 0x3686bdcc, 0xbc859752, 0x81f3216a, 0x40bfd080,
-      0x17c081b8, 0xc463bda6, 0xbb04793b, 0xbd01fa86, 0x2cd640c5,
-      0x5a21ece6, 0x2203d5c4, 0x97bf6a54, 0x951167b7, 0xceb40edc,
-      0x765ba268, 0xd67aacaf, 0xaeab51f9, 0x8ba0d9e9, 0xb0d6863a,
-      0xc14b215e, 0xe5f06952, 0x354cdcdb, 0xcb3744b5, 0x4f2b5ccf,
-      0x13037fe8, 0x13389173 },
-    { 0x45003cd1, 0xee680640, 0x44ae2ac6, 0xfdac17bc, 0xde8e5314,
-      0x4bcd419f, 0xc7cea95c, 0x81e34eb9, 0x38f37e01, 0xbb57762d,
-      0x260990c8, 0xecc4cfb0, 0x50a34a7b, 0x0bc493f9, 0x543304ef,
-      0x68074172, 0x6bc8aa2a, 0xaec0fcb2, 0x3b45fea5, 0x9e7a9b46,
-      0x55fbdbac, 0x4bb2952e, 0x0485dff4, 0x50f0c0a6, 0x4dea4796,
-      0x02c5104d, 0x695e3a02, 0xd2cefa09, 0x6da1f345, 0x4c8102b4,
-      0xf3833fbd, 0x422eb573 },
-    { 0xa6ad3f47, 0xac592eb6, 0x9714ba0e, 0xb0861f6d, 0x07281459,
-      0x57c1e919, 0x64ea5803, 0xcf7c94e2, 0x54b12723, 0x725376ac,
-      0xdafb736a, 0xf2a6ba41, 0xcba03cdc, 0xc89e8920, 0x5b0fd3ad,
-      0xf2e20cb4, 0xd66059fe, 0x26ea5a54, 0x889df8bc, 0xee63fa8b,
-      0x66a3f2bf, 0x40f1c7e1, 0x747312e1, 0x09febc9c, 0x727999ff,
-      0x7d19b9c2, 0xb7fd2b05, 0xa9fbbb4c, 0xa0da2dc6, 0xcfba27d7,
-      0x2c252582, 0x368541cf },
-    { 0x22799d37, 0x510d3c9e, 0xacfa333a, 0x1b677de5, 0x080f795b,
-      0x4e6ae18f, 0xafc8dfc2, 0x69b53c2a, 0x0e842dc2, 0x797541b6,
-      0xac067fe8, 0xd5a6f2af, 0xbd07d877, 0xd0208a03, 0x654be2f2,
-      0x34b473f0, 0xf515e23e, 0xe67c102a, 0x2ac1af48, 0xb00dbf9d,
-      0xb6a13d00, 0xe264fa41, 0x97e94c11, 0x1669786a, 0x86a586f4,
-      0x09d8cf2d, 0xc7f927e9, 0x073bf869, 0x2241a566, 0xb8977880,
-      0x22261334, 0x59a5bf59 },
-    { 0x81347191, 0xe9d1c91e, 0xeb969972, 0x186c1abc, 0xa9d46a7f,
-      0x07888767, 0xdaa7d397, 0xda93cfcc, 0xd91b9aa0, 0x08bee9f1,
-      0xf8dd3c6c, 0x8267fd78, 0x94228100, 0xf93860d0, 0xdadb47fb,
-      0x6a6a71aa, 0xa6156f8a, 0x9caa06b7, 0x39848bc9, 0xaa1b05e0,
-      0x2aaa9135, 0x36ddc237, 0xb13f3bd1, 0x77e7e079, 0x4acc5f4d,
-      0x8d0b5cbe, 0x984cfd36, 0x04da45f8, 0xd3d3e0f8, 0xf14ef618,
-      0x43eb799c, 0x467564c1 },
-    { 0xb6fff5d7, 0x8d725904, 0x92dc4752, 0x037f33af, 0x6d20b8aa,
-      0x9095d575, 0x43baec39, 0x32235fc1, 0x68a2b9b0, 0xa2feb4af,
-      0x94d35c61, 0x61c50318, 0xea877486, 0xac92b6a2, 0x011bc6f3,
-      0x8eb48b15, 0xc79edcb2, 0xa28fe128, 0xa5d2a006, 0x9f71bc0c,
-      0x2f15b850, 0xf3167732, 0x7a036218, 0xfe8d728c, 0x4f81e09e,
-      0x068f39cb, 0x7b7c50d9, 0x1773f016, 0xed6a1e03, 0x0d0f7adb,
-      0x4ee984d5, 0x8a0dee16 },
-    { 0x47366e6f, 0x504991bf, 0xe86c3005, 0xb8084d9f, 0xa40cce36,
-      0x14c4c751, 0x3f1961e2, 0xbbb46aa6, 0x40445e43, 0x56a785f9,
-      0xc91e215f, 0xdb8d1b57, 0xc7ee808d, 0x6a8e453e, 0xbbaa1e8c,
-      0xc0367ef8, 0xe3e18109, 0x310d91f1, 0x7e20a2c3, 0xf97cfd0e,
-      0x554cc277, 0xf1e80c84, 0x7b628403, 0xe89bbc1d, 0x3fe0a17c,
-      0x7778a966, 0xc1f00073, 0x9e9db19f, 0xb6f6bed2, 0x2ce7fe7d,
-      0xee97ce23, 0x7b04b5d2 },
-    { 0x82c5faf8, 0x5b546bc7, 0x8eb81097, 0x1a734c5e, 0xe77851e0,
-      0x3d566861, 0xe956d51f, 0x833a1013, 0xc3c3c37c, 0xc7351731,
-      0xe0c148ec, 0x607738fb, 0xe1bbef41, 0x2ec6f0bb, 0xcfa51857,
-      0x0aa2ac6e, 0x66e3adf0, 0x072902d7, 0xc622d6e3, 0xcd4d5089,
-      0xa6dd802f, 0x3ae21b23, 0x33886372, 0xe5465a55, 0xa8d81822,
-      0xd85119a0, 0x3786977a, 0x4f14d032, 0x9c7b272c, 0x515b081c,
-      0xc99be31c, 0x1c6a95a4 },
-    { 0xc2821363, 0xa6b14ad5, 0x4d17de1c, 0x829c1823, 0xccade848,
-      0xaef5d2c4, 0x82489e27, 0xf412ab39, 0xf081d927, 0x92c9c098,
-      0x75cbad1f, 0x6f87bdf4, 0x1a1d9fb1, 0xf4aadab8, 0xb75f3b76,
-      0x475a7923, 0xdbbba8fe, 0x99dd0ad6, 0x4b70ab45, 0x836f6164,
-      0x34bd9af1, 0x2a464881, 0xba9abda3, 0x5c91226e, 0xe65625fb,
-      0x4cec8709, 0x0818e4be, 0xd4b3919e, 0x14f6879c, 0xa5c09c84,
-      0x30a864c9, 0x72708a02 },
-    { 0xf34a466c, 0x4f33c0b1, 0x7f9d45ba, 0xa1bae09c, 0x0e28785c,
-      0xd70f0fee, 0x90880881, 0x824c7146, 0xbb043da3, 0xe2416c2a,
-      0xcec6f432, 0x733da713, 0xc9793e1c, 0x2b590649, 0xb35c9365,
-      0xdb62d5b0, 0x3e5c1b2a, 0x355eb6e2, 0xbb16b515, 0xcfe8b5ce,
-      0xf709691c, 0x9e081869, 0x61a85bd5, 0xc865f9fb, 0xfae103f7,
-      0xf169d3cc, 0x73467e9d, 0x9525c473, 0x43695113, 0x7db55c0b,
-      0x73265d21, 0x7491c74c },
-    { 0x80d2b94d, 0x312ed5bf, 0xba4b260b, 0x1b8ac633, 0xd62219a1,
-      0xac86c58c, 0xaeb82c8e, 0x317ccf6b, 0x59ef9ced, 0x2dfb29ee,
-      0xe42bcd5a, 0xdaa7d898, 0x5974b201, 0x93e295c8, 0xd9fc5adc,
-      0x69e75784, 0x012aa3ba, 0xd6c4709f, 0xc85d3cb9, 0x1fda9f37,
-      0xd3dd4abd, 0xe5487e25, 0x0b3ba22e, 0x00fd4b01, 0xc6e8dcbb,
-      0xcb591493, 0xbce68664, 0xb7329fab, 0x68906b76, 0x6829d1c2,
-      0x74176841, 0x8bcfd3e5 },
-    { 0xd3c8c314, 0x06882734, 0x11870833, 0x95f0b2f1, 0xc068ba16,
-      0xb937f7c3, 0x77924787, 0x5365e0d8, 0x1f992227, 0x15527e5e,
-      0x27dffd4f, 0x0a069648, 0x2f586389, 0xd58b3df2, 0x6af20ead,
-      0x83446b89, 0x50746257, 0x09d7970b, 0x4022a691, 0xd9e8d206,
-      0x671ec379, 0xd1e5f8af, 0x057fe91e, 0x6f542509, 0x52890418,
-      0xf14dda81, 0x1db932ad, 0xbd78010e, 0x905a9378, 0x3e18d1e4,
-      0xbd37ab49, 0x53cadcf7 },
-    { 0x5e53d0ff, 0x1bb5edf7, 0x888abf67, 0xd886606c, 0x12206d15,
-      0x6491b0f8, 0xe22b6a33, 0xb3018345, 0xb173b317, 0xaba6794b,
-      0x7dc9e595, 0x8c1e5867, 0x239624d1, 0x4e106482, 0xda55dd53,
-      0x61752e59, 0x9e42879c, 0x018b4eab, 0x491f2bed, 0xcaf6784b,
-      0x1e79429e, 0x3dcdb9d2, 0x10f26224, 0x36941485, 0xa650ec5c,
-      0x106f190a, 0xb69a9760, 0x7542a5ae, 0xc32d1046, 0x69bd75e9,
-      0xbf8c62b1, 0x90849964 },
-    { 0x5a93c661, 0xb1390cf6, 0x9db5f056, 0x18486264, 0xa51a1788,
-      0x92a93a9d, 0x6772de9a, 0x1b0cbb8f, 0x7c71487c, 0x6e67febd,
-      0x4e62423e, 0xf9b4382d, 0xbb5a42f8, 0x96fda50e, 0x6089a4f2,
-      0xc921b337, 0x875ec516, 0x49d32d7b, 0xc410124b, 0xbd86d2ca,
-      0xc421fb7a, 0xf6862209, 0xf6b7de33, 0x3e1949ab, 0xe93c9268,
-      0xcdee18f0, 0x08dc4cc0, 0xd4edbd5e, 0x73580d22, 0xc2b75be4,
-      0x468cd7e8, 0x3d7f6ffa },
-    { 0xdffbd5d1, 0xea7b290c, 0x970338df, 0x9d759da6, 0x90feedc9,
-      0x56680b08, 0x42dce68e, 0xbc690af5, 0xb2ae4d82, 0x8519df2b,
-      0x7f195b60, 0x5612467f, 0xd83c21f4, 0x659a342c, 0x55651633,
-      0x55771bf5, 0x548ba562, 0x5fc68935, 0x9492f23a, 0xb5419203,
-      0x9c9c6017, 0x567528e3, 0x511e6019, 0x3f064ed4, 0x1d16a555,
-      0x303f9eb9, 0x2254abee, 0x3e18c4fd, 0xfd434e7c, 0x40994d6f,
-      0x6dde74e6, 0x8fb12d3f },
-    { 0x293cb7a4, 0x6c6381a2, 0xb87b7e4d, 0x453e09f0, 0x078ac3ef,
-      0x4f212823, 0x578cae91, 0xe89ffad0, 0x716ba4dd, 0x4a2b696a,
-      0xf6f580a0, 0x14681a14, 0x4c2f1307, 0x1358f97b, 0x2932fb89,
-      0x87896996, 0x268a5af7, 0x29dd850a, 0xfe239f83, 0xaf771f6d,
-      0x4f47499d, 0x5f20fd2e, 0x867ca0e9, 0x9b643e77, 0x375981ec,
-      0xe7858ecd, 0x19ab1c97, 0xbe946a59, 0x06ff3453, 0x4f9303a2,
-      0x75d237b1, 0x3fcc6731 },
-    { 0xdf21f920, 0x509debd5, 0xc1401b90, 0xfaf70e1f, 0x95a64aaf,
-      0x2429cbfd, 0x2c37a122, 0xf2120855, 0x7deb926b, 0x1d4c93f4,
-      0x9fb3f1dc, 0x12f3e4c0, 0x5b51bc46, 0x56085a59, 0xf10fdbd2,
-      0x2a2f5d62, 0xdf0cb3c2, 0x60dd62cf, 0x6b0f254b, 0x154424a3,
-      0x564612b7, 0xc3a5a05d, 0xa1f5249c, 0xbebe30cf, 0x7e62a188,
-      0x24ec6903, 0xaf429939, 0x75f0fbac, 0xb3fa8685, 0xd41345dc,
-      0xc7151c34, 0x645146fd },
-    { 0xba1924f9, 0xecec633a, 0x006326e1, 0xbba6f136, 0x7e50fc17,
-      0x203757ac, 0xef3d8e00, 0xca531919, 0x51dc5a74, 0x9545a6aa,
-      0xd31412b8, 0x6e21d58f, 0x7bb1d000, 0x01bc3005, 0x6ed1a9c3,
-      0xf1789c69, 0x9858fa48, 0x7af2d35f, 0x8197be85, 0x434d09b9,
-      0x29aa265d, 0x1dc07755, 0xc058fa80, 0xcad03be7, 0x54ba14ce,
-      0x92d70a9f, 0x6c050a74, 0x6dc78505, 0x4d005dda, 0x2a7ca4a9,
-      0xabfb9f2e, 0x448d3d72 },
-    { 0x29b33989, 0xdc56f145, 0xa9ae815a, 0x868351bc, 0x4b074414,
-      0xb3f45613, 0x3cd9f33b, 0x955ce42a, 0x5ff6e4a3, 0x13ade4ec,
-      0xa50eaa91, 0xd3aac715, 0x5666efdf, 0x0c61ec99, 0xf6a4470a,
-      0x108a28b8, 0xe54844c9, 0x402ef584, 0xd0e2f337, 0xb825b162,
-      0xb46f7cbc, 0x3dcd131f, 0x96f2fd89, 0x208178ec, 0x25928c78,
-      0x4d8c5d67, 0x9963c459, 0x285a33df, 0xd92a309f, 0x72497175,
-      0xcb7019a5, 0x76881479 },
-    { 0x91767eed, 0xba43a114, 0x92bf65db, 0x5e11b9ad, 0x03a5e21a,
-      0xe8a22ce0, 0x2a335415, 0x63604421, 0x4a9ead62, 0xc2c563b4,
-      0xa0b2aee5, 0x4bc06264, 0x8bf2e1d7, 0x75b8d575, 0xd08a265d,
-      0x1cff0ee7, 0xb0b712a7, 0x17914e1d, 0x4b18692d, 0xc35925d0,
-      0x56cce815, 0xde253f4c, 0x9fff0e3a, 0xa479241c, 0xddabed19,
-      0x50b9d06e, 0x59fae506, 0x67135260, 0x532ce180, 0xf37600fb,
-      0x5e5a8626, 0x670eb01c },
-    { 0x73cdbb43, 0xdf73c0af, 0x7f2431ad, 0xcf08ecc5, 0x2a1a3845,
-      0x91780541, 0x9224ddf1, 0x69a104f2, 0xbeac7eff, 0x4352f38d,
-      0x7c2d1322, 0xfc3b3b4e, 0xb5e4b476, 0xa69e9430, 0x975a46f0,
-      0x7d932340, 0x5d64eece, 0x8093899e, 0xdb2345e9, 0x7b821250,
-      0x7f4b796b, 0x23552932, 0x4bb90b1f, 0x2ee9cc15, 0x9112f7d6,
-      0x1fa9c8f5, 0x1cbaae32, 0x2d0f2f98, 0x0075166a, 0xb77f0366,
-      0x635dff27, 0x504852e7 },
-    { 0xa2f392fa, 0x2f0f3ce5, 0xec6c9078, 0x326c076a, 0x84baaaf6,
-      0xad01de92, 0xcbe8e993, 0xb01b16d3, 0x2d950908, 0x71305c24,
-      0x3853af38, 0xc66fd617, 0xd3c429a0, 0x7735140e, 0x1fabf027,
-      0x8a31b12a, 0x058b3177, 0xa0530002, 0xa9c7deb9, 0xabffd9fc,
-      0xe8667d30, 0xd05ef69b, 0xe9a9e13f, 0x2f3a7308, 0xb91eae9c,
-      0x3f4c9a19, 0x618ce6c4, 0x50d0cee7, 0x5240f8b0, 0xfb24dc40,
-      0xf7e90cc4, 0x992fe151 },
-    { 0x38f197aa, 0x4454db31, 0x87872f98, 0xa4ded69d, 0x44f0a828,
-      0x97b427b0, 0xa31e48c6, 0x9821e1ae, 0xdd98efec, 0xe38cb09f,
-      0x480cb3ae, 0x20b84fa8, 0x47475573, 0xba5bb4a8, 0xcd50e96b,
-      0xa9be080a, 0xef103550, 0xc4451e9c, 0xc441325c, 0x626ee75f,
-      0x38a5e33d, 0x6eea5e98, 0xa2b0abd2, 0x7321beb9, 0x9b6082a9,
-      0xca92e484, 0x992bcc2a, 0x1dc8168a, 0x9c8eb9fb, 0x134ecf4b,
-      0x4c5b71e0, 0x5a68bfa8 },
-    { 0xff0a2bfb, 0xb4ff3b45, 0x5502f8b0, 0xd105fff9, 0x5b1c0c26,
-      0x14de5885, 0x0d3b9d04, 0xed16865b, 0x026d3917, 0x2f5a2453,
-      0xf4db3c0e, 0x6a22f493, 0xe2418f2e, 0x4871548a, 0x509bef61,
-      0x6ab363a8, 0xb8cbbbec, 0x91ca1e3a, 0x4011a396, 0x71e0dc98,
-      0x0d5ca577, 0xff982e0a, 0x81897bc1, 0xeb40b045, 0x085ad5e7,
-      0x4bc24a46, 0xa6337b7c, 0xd15c8fa0, 0xbef1628f, 0x56ce6ef7,
-      0x9f5ef439, 0x78acfdf9 },
-    { 0xf8520189, 0x45bf7f15, 0xc77f61c4, 0x954202a0, 0xdfa22e1b,
-      0x39edc6b9, 0x1f4a3487, 0xd2d60267, 0x4814cc52, 0xcd933929,
-      0x05e9f123, 0xde76a124, 0xae36b6f7, 0xe2306ea0, 0xb83a58e0,
-      0x53815218, 0xa041231a, 0x9862bb76, 0xbf31be71, 0xe8da253c,
-      0x37de861f, 0x2dfc5332, 0x90ae4890, 0xf25c93f6, 0x8baa6ed2,
-      0x66bcb8f0, 0x908b4a29, 0x6f10ae0f, 0xb061c949, 0x8cb4b48c,
-      0xd075a366, 0x0ad92d73 },
-    { 0xc2ca548a, 0xbfb95fed, 0x80cd89ab, 0x4778c620, 0x3466c280,
-      0xbe99154b, 0xd4be8902, 0xea3be093, 0x13e681ed, 0x847b7995,
-      0x02f40161, 0xf22a8f4b, 0x4aeb7fe8, 0x3ef2cb4d, 0xb3aed5f6,
-      0x9adc5151, 0x98c31163, 0xec1ccfd1, 0xa3d7d88f, 0xdc2ac17b,
-      0x46421097, 0x08fa64d3, 0x94b90bcf, 0x5ebf80b7, 0x0b50a9eb,
-      0x1b78b4ba, 0x279aa66b, 0x1a4fe934, 0x075b3ced, 0x8ef4dcaf,
-      0x70a6e9ae, 0x95bbd8a0 },
-    { 0xe614bbd0, 0x59f92495, 0xb823e363, 0x7567a887, 0xfc1bd6a7,
-      0xe247c9ec, 0x8e835c42, 0x2bfaaf47, 0xaade066a, 0x314ef4e0,
-      0x5c16d336, 0x072baa63, 0xe2f0e389, 0xfa429c71, 0xbd07d90f,
-      0xcac1e5d0, 0x514f5c04, 0x69ff35ea, 0xc0554ec1, 0x893053fc,
-      0x2a35947f, 0xab1d86b7, 0x2aebe487, 0xe29fb060, 0xdfb9cf21,
-      0xa0a10d6d, 0xf20dfcf5, 0xad147059, 0xb8867a2a, 0x480dc66f,
-      0xc125a919, 0x375a884f },
-    { 0x1217f7ea, 0x178cbe2e, 0x875c6dab, 0x1a161e2a, 0x1bdb1a54,
-      0xf7707ec0, 0xe4fd73ca, 0x678864a0, 0xd13a0d86, 0xbaebc664,
-      0xc8d30668, 0x40325f99, 0x2f1c5950, 0xb93ed9c9, 0x541e0667,
-      0xfdf36763, 0xb91a6763, 0xfd97fbb0, 0x6079c9a0, 0x26aa69ea,
-      0x1eaa8c47, 0xc7303c80, 0xafa63c55, 0xdec75c81, 0x4fd12adb,
-      0x01cdcde2, 0x1968838a, 0x9fe0dda7, 0x38415379, 0x66bb093b,
-      0x08cb84ec, 0x268d818b },
-    { 0x41580555, 0x73dae358, 0x473d103b, 0x4fc32e67, 0xbeccc1ab,
-      0x240c1013, 0xb24ee9de, 0xda4099f2, 0x9fa8e066, 0x37b0cb5b,
-      0x6438d7ee, 0xb5ae04e4, 0x2b720140, 0x7f7d3164, 0x339e4a78,
-      0x86ef4edb, 0x3a7d8375, 0xa5e77eed, 0xbd707c2e, 0x883fad37,
-      0x0f979189, 0x816b633a, 0x2e7a208e, 0xe24c028a, 0x4435516a,
-      0x1171fe3c, 0x4f5f2bf5, 0x3eb93b33, 0x01b53a56, 0x8419ed4b,
-      0x056ca44b, 0x8b02735c },
-    { 0xe1019195, 0xb89bb464, 0xf3fc28c1, 0x1de4c026, 0x2bfc3b21,
-      0xac120e6e, 0x91bdf92f, 0xec71bc5a, 0x0d995bc9, 0x485d7ab4,
-      0xe6491ffe, 0x97c6768e, 0xafbce265, 0xd9552d19, 0x8e1b76c2,
-      0xbae6c7fe, 0xd7e3ad1b, 0x167d8281, 0x5e989734, 0x3e149af9,
-      0x8a0c8182, 0xd1f0024c, 0xc3006c0d, 0xf571ffdb, 0x58773d4c,
-      0xb32ecf7e, 0xfd3540d8, 0x5822a782, 0x04365042, 0x5ab45c3f,
-      0x4b4d85fe, 0x400e3aa0 },
-    { 0x5e46e4a2, 0x47321649, 0x24136074, 0x37a2ed64, 0xc60ec77d,
-      0x659223b1, 0xe5e0ac2e, 0x5e13aac3, 0xc5107ab7, 0xda17c41b,
-      0x73c253db, 0x65b22ec9, 0xa5012296, 0xff3867b8, 0x0621a99b,
-      0xfed660d5, 0xc89fc3f5, 0xa3c28506, 0xf16451a7, 0x3ed350b9,
-      0x67cb586f, 0x27c3e032, 0x967185b1, 0xc807c779, 0x4a13009b,
-      0x09c157d4, 0xadaf1f4d, 0x362f7647, 0xf3a6a198, 0x4a42b9ac,
-      0x8da6e039, 0x131c3da2 },
-    { 0xa7da83ba, 0x4a785ff1, 0xd04f4436, 0xf415b425, 0xec03f812,
-      0x7c0899bd, 0x80f5f4a2, 0xc58d411a, 0xfda251b9, 0x3d32d610,
-      0xcd3b2f32, 0x99bb4504, 0xf4c2083c, 0x198c444b, 0x730e83fd,
-      0x60c261af, 0xcb02db90, 0x060ca4df, 0x9df1e7c8, 0x0ff7838b,
-      0xc4c690c9, 0x6b79cf97, 0x5d75f154, 0x131514d7, 0x1cb0e8ff,
-      0xa7c074f1, 0xb2c17615, 0xb920aac1, 0x44aa0ff0, 0xde8098ad,
-      0x34545ce9, 0x71d1a46a },
-    { 0xfa1b382e, 0x76178f76, 0x772dda0d, 0xa0d8ecc3, 0xc5d4d130,
-      0xaa5aab2a, 0x8d72622c, 0x27d38ba4, 0xca3bed06, 0xc5410db6,
-      0x793ceccf, 0xf637a588, 0x6e65e3d7, 0x1f65dafd, 0x60a45641,
-      0xc3b44a85, 0x4f78540b, 0x0f47b3a8, 0x5e4d60f6, 0x824fdadd,
-      0x17d3b6d5, 0xd8ccf90c, 0x325fc13a, 0x008eabdf, 0x3648fab9,
-      0x3e90d716, 0x24c52d4b, 0x3964ff3a, 0x533d0acb, 0xb95cc416,
-      0x1167f521, 0x6cd2699f },
-    { 0x12f4f3ac, 0x2d8c0b3b, 0x99d1bdfb, 0xb03dcfe2, 0x30f37326,
-      0x540034f8, 0x7c5a8c82, 0x22dd6893, 0xcd8f1442, 0xeb7093d0,
-      0x585742f2, 0x892795a7, 0x087adadd, 0xe15f282c, 0x16ab7b5e,
-      0x7bbdc749, 0xa58acbb4, 0xd30fe40b, 0xe2bac39b, 0x0de417eb,
-      0xc61a04bc, 0x4b4b19a6, 0xf2735569, 0x9338c34d, 0x30ab196f,
-      0xe8f03742, 0x6c88c965, 0xfa2efcb8, 0xc7eeb826, 0x19eee274,
-      0xda345dc2, 0x327c063f },
-    { 0x5b47cd53, 0xab399eff, 0x1943aefe, 0xbbe9869d, 0x1402a866,
-      0xe64ecc7b, 0xb1c25a16, 0xc3e7c2aa, 0x022de271, 0xc4216b79,
-      0x366d6a5f, 0xe58dfcc8, 0xda813336, 0xd159509e, 0x130bfb7c,
-      0x370400f2, 0x93b48780, 0x1be4e059, 0x39f3cd22, 0x0623a1fe,
-      0xeecb4f87, 0x72aa22b2, 0x6c27b83b, 0x1af4c496, 0xda5fa5bf,
-      0x7a42a94b, 0x48b01af2, 0x9afba822, 0x3670112c, 0xeb6b9d2a,
-      0xc0df6856, 0x020f19d1 },
-    { 0xa4dbba20, 0x37051a86, 0xdb1de5c5, 0xb618ebc6, 0xe6525840,
-      0x9a780a19, 0xd2bccc4d, 0x9440302d, 0x10285a24, 0xe9ff023d,
-      0x3a486268, 0x3b937ee3, 0x4cd61147, 0xe37ee2f2, 0xa3d057cf,
-      0x79fbbfd3, 0xccddefce, 0x5fba16d3, 0x5b231727, 0x916058ec,
-      0x720c3adb, 0x47699ebe, 0x8b4f6bba, 0x26274386, 0xf18a0770,
-      0x54b0092a, 0xacca1160, 0x99d090eb, 0x0c888f60, 0xf757e1ff,
-      0xb0050544, 0x79e72720 },
-    { 0x2820a239, 0x632acf25, 0xaae6b310, 0xb1a3974e, 0x48c0a1df,
-      0xd61fd6ba, 0x5a3ee7aa, 0xd2453c39, 0xb980446d, 0x548455a0,
-      0xde16676f, 0x9f29d97b, 0x789375a1, 0xf252ca0c, 0x7743a985,
-      0xe961af3e, 0x66cdbd8d, 0x70c79c56, 0xcbc538f9, 0x14a3854e,
-      0xa126851c, 0x58daa73a, 0x2a9f558c, 0xe9b5bb45, 0xfbd15e05,
-      0x37af7f83, 0x38a1939d, 0xa4487927, 0x9511a056, 0xe428b2b5,
-      0x7015846d, 0x001d3ce3 },
-    { 0xe145b1d7, 0xd6be36b9, 0x009c5664, 0xf3e3938a, 0xe7c0f6db,
-      0x2e562e7d, 0xc343f539, 0x951044e6, 0xd90897b1, 0xa5ab62b8,
-      0x512f797c, 0xb1a1f70b, 0x750f28e4, 0x91cdd754, 0xffb8165d,
-      0xb4c80e2f, 0x594d02b3, 0x65ed39c7, 0x56833edc, 0xcc12a49d,
-      0xf3693a18, 0xe73694bc, 0xfcd2c404, 0x34cc134a, 0x11d40194,
-      0x071bd5fc, 0xfc585e46, 0x05759047, 0x790b7a04, 0xb3280360,
-      0x40afc684, 0x4bb8c6fc },
-    { 0xfd0f8796, 0x3120e2dd, 0xb133c9de, 0x6968a40d, 0xa9369c6e,
-      0xfea366c0, 0x6007273b, 0x37e5b6d6, 0x8cb81439, 0x39e4ecf0,
-      0x9febc005, 0x487fe9cd, 0x0199b53c, 0xeb8af444, 0x293519eb,
-      0x2f124e3b, 0xc82c9c16, 0x860c218a, 0x709dc590, 0xacd1d6f2,
-      0x36d50529, 0x5696d545, 0x59120bfc, 0xc03f5df9, 0x10ffa690,
-      0x99a3e88d, 0x6c432827, 0xd4f9cfa5, 0x9a135d89, 0x2e8fea9e,
-      0xb6a77e78, 0x3699a881 },
-    { 0x1eb1c64d, 0x5bca3372, 0xf1d28154, 0xe9cf3a2d, 0x6537106f,
-      0xb7e2e9b3, 0x4f7cbf4d, 0x06c17151, 0x2058b37f, 0xcbde416e,
-      0x8834e9c5, 0x82c53a7e, 0xe9ac3a75, 0x94dbdfe2, 0xc5e67c02,
-      0x795ec6cb, 0x1426a80d, 0x8c23c25f, 0x6a8d4f9f, 0xee2cd20d,
-      0xd3b7c235, 0x838daa54, 0x3d7a4d52, 0xb9e08ec0, 0x781cb473,
-      0xca9475e9, 0x5ec31caa, 0x7271f39e, 0x82535187, 0x1df08e9f,
-      0x208aff8b, 0x4f3a4b03 },
-    { 0x1ed095f8, 0x0f7b8107, 0xda226d4e, 0x23e37fa6, 0xafb36d1d,
-      0x8b0f9852, 0x07d8e311, 0xb114634e, 0xe3e0f16e, 0xb9634a97,
-      0x421eec37, 0x2454bb9c, 0xd72b21c1, 0xb4ecd5db, 0x6df20d7c,
-      0xf9603868, 0xdf86e0a2, 0x9f5359fd, 0x5ac488aa, 0xc43d54fa,
-      0xd1049df4, 0x56d714ab, 0xb020607a, 0x13152b3e, 0x7a02325e,
-      0x49be1c18, 0x52ae84db, 0x44f24f4a, 0x0b5a7b80, 0x9e525c03,
-      0xa6d179fd, 0x6d874446 },
-    { 0xbe9a42f5, 0xd29d07aa, 0x3781ccc8, 0x1fd5316c, 0x9dc69ea1,
-      0x71a75a6d, 0x88fee91a, 0x4e19e0df, 0xf8d44f12, 0x99c2b4dc,
-      0x31ae94e4, 0x05f6df92, 0xcf28ccc2, 0x27fba876, 0xf57f7ceb,
-      0x6e1a0f01, 0xf3fd3b74, 0xe03f1f34, 0x42c1d213, 0xa0edc4a7,
-      0x7deb8580, 0x5caac270, 0xaf0848bc, 0x0f5d791f, 0x07ac759d,
-      0x17f514ad, 0x904fc531, 0x95a39734, 0x7bb70f3d, 0x95a4aca9,
-      0xff9c5609, 0x3cf384c9 },
-    { 0xce1fc9e3, 0x700506ba, 0x676b0399, 0x49721742, 0xe72bf7b3,
-      0x2b4a1b8d, 0x79b209f7, 0xca8602a8, 0xce26a8e1, 0x90580b90,
-      0xfe24f39a, 0x1ef339b7, 0x629362e1, 0xb6c5d991, 0x577b24f4,
-      0x51174e1a, 0x05e451e9, 0xf380fcb5, 0x148321bd, 0xf4d97afb,
-      0x747e5d2a, 0x099806bb, 0xbe99a608, 0x85525d65, 0xd455e820,
-      0x264828d9, 0xd8560a65, 0x8c8c5405, 0x71030770, 0x3c67e73c,
-      0xee73df26, 0x2b248850 },
-    { 0x8541159f, 0x2173cde6, 0x4fb410b2, 0x78224c18, 0x1f2ca1c7,
-      0x07a28619, 0xa8b23e40, 0x52c207d6, 0xa6b2344a, 0x071a0210,
-      0xb5ed2945, 0xdb0e587c, 0x810fcc6c, 0x6c56b8ef, 0x62d843b9,
-      0x1248c58f, 0x74c66975, 0x4b90363d, 0xe66c66f6, 0x6348f7f2,
-      0xc126bcbe, 0xb2f9d441, 0x73ce49e8, 0xac07f2a3, 0xe81b0df0,
-      0x52486758, 0x1d4621d1, 0xa108b54d, 0x74414a1c, 0x17261ece,
-      0x6a3ac215, 0x938b3bcc },
-    { 0xe4ded340, 0xa9e4a16b, 0x80e88036, 0x8e65fb2a, 0xdcd73acb,
-      0x97089606, 0xaaa657a9, 0x1c3a0434, 0x49101b06, 0xf304fc58,
-      0xda0bb64c, 0xe60fb61a, 0xf5542df5, 0x818c2aec, 0x56f76d5f,
-      0x74020576, 0x92533d97, 0xb566b790, 0x74d6eb5f, 0xae4655e5,
-      0xa55b44b7, 0x60f7a1b5, 0x93747ea5, 0x7970179b, 0xf2dace56,
-      0x8ae7e0e8, 0x84e83c06, 0x98474607, 0x15307341, 0x24e8c9ed,
-      0xd9e89d6b, 0x6cff58a5 },
-    { 0x03e51f68, 0x508c01b0, 0x1d2fe7d6, 0xe1d1f225, 0x09bd8805,
-      0xf7998d0b, 0x03e415b7, 0x255e907a, 0x607d9798, 0xd148467d,
-      0x9b453896, 0x055c3b1e, 0x809f50f4, 0x35001013, 0xd0233fdc,
-      0xfbbb2fa6, 0xff1820b8, 0x0b680b0a, 0x38d317e0, 0xb1d404dc,
-      0xccc8c7df, 0x133d5444, 0x6ec13f84, 0x7fa847e6, 0x046e2e48,
-      0xc33f83d8, 0x4863b3ac, 0x3c627fc5, 0xeb936af7, 0x5f67f8aa,
-      0x31b79327, 0x5fe4ac8f },
-    { 0x8b6f401e, 0x581aa4bf, 0xad5c7ed4, 0x05db12a3, 0x6fb07b4a,
-      0x7b018726, 0x9c22bcd4, 0xfdd11f04, 0x69371c95, 0x5454a7d4,
-      0x99a46eaf, 0x066c55fb, 0x7fef96d0, 0x18637c7c, 0x6b83e95c,
-      0xbafc1d34, 0x00bb42dc, 0x55c38593, 0x34e7e712, 0xdd8dec2b,
-      0xb184cee8, 0x69c9cfb0, 0x49a27864, 0x8dcc0c42, 0x2010f2e7,
-      0x290d95f2, 0x6977a420, 0x86e254c9, 0xeb2abdad, 0x20931c89,
-      0x121c0548, 0x81377164 },
-    { 0x9c5a8edf, 0x6266b25e, 0x1078a7ad, 0x6e1388c2, 0x4876eedf,
-      0x5f02737d, 0x62744617, 0x242fa7f9, 0xb385382a, 0x3e2cfbd9,
-      0x02f71bef, 0xbadad7b1, 0x677d0a92, 0x562abcfa, 0x51fdff34,
-      0x573ebd17, 0x7c250c78, 0xd7f65852, 0xc47ca896, 0xe0cf16ee,
-      0x67622c9e, 0x8ccd79b0, 0xf8f2c075, 0x31fc5882, 0xa6008515,
-      0x9232b37e, 0x82e8c5ba, 0x4d7bb361, 0xd2f146fe, 0xbf24735c,
-      0x9cd2db98, 0x79c280ee },
-    { 0xf2b48122, 0xbdcc8203, 0xb04ac48e, 0xa8c04916, 0x9fc4885e,
-      0xacf064dc, 0x82c1001c, 0xab838997, 0x676de250, 0x7339e721,
-      0x8e1ab820, 0x17aa5aea, 0x6bc14b2e, 0x24d28ca0, 0x816b6230,
-      0x570c5bb7, 0xcee6b606, 0x6c51235c, 0x183eae42, 0x1b2bf89f,
-      0x9c66274b, 0x3e3af3c6, 0xb51e38bc, 0xe0b04426, 0x73e40e3b,
-      0x26dbc58e, 0xb5be5be4, 0x3f9dd578, 0x52c8f408, 0x9fd9f791,
-      0xa9e3ff4f, 0x758073a4 },
-    { 0x8691ca22, 0x7d27b057, 0x13a2a1b6, 0xf206bfd6, 0xac795413,
-      0xe84bd385, 0x75536607, 0xc5d18a2a, 0xc8a0e24c, 0x2e166de7,
-      0x3c474dbd, 0x56d5750c, 0x1366843a, 0xdef444c1, 0xcf4b8432,
-      0x14646e53, 0xa9fd9783, 0x4bc0d030, 0x297ee203, 0xbda4c824,
-      0xfd7be6c7, 0x3d0b10bf, 0x08c7f3ff, 0x2d216476, 0xb4fd4c45,
-      0x06e52599, 0x49e9e104, 0xfbab9fa1, 0x8661d32d, 0x9342a7fa,
-      0xfaf66aa8, 0x3f3e3458 },
-    { 0x951597aa, 0x51ec35af, 0x49df64eb, 0xb677d4ac, 0x9bf4eff5,
-      0x0276cd9c, 0x515a2935, 0x423eca49, 0xfd9bb9c3, 0x8a696553,
-      0xede1f09c, 0xf99ee9df, 0x199e5f98, 0xb8fa2956, 0x35292c32,
-      0xb7638758, 0xfc40e81b, 0x8734eddc, 0x65457d95, 0xd82d5e9f,
-      0x30c78d2b, 0xc8ee323e, 0xc1433d67, 0xe77b2e4c, 0x3c8314ae,
-      0x56d9f807, 0x2a0e2f63, 0x441eede2, 0x6c48295e, 0x1e9e17ed,
-      0x34c294ef, 0x640d20c4 },
-    { 0x3284d513, 0x4e9a0b8e, 0xf315053a, 0x074c3545, 0x45acd52a,
-      0xb36e7407, 0x1de50db7, 0xd80bdcfc, 0x2549fc46, 0x8d9d47dc,
-      0x303f07a8, 0x29b6ef13, 0x6d4ad4c2, 0x4e461aca, 0xfc9f1b73,
-      0xca8e351d, 0x57460e65, 0x8bc4094d, 0x0f32d367, 0xb6302b33,
-      0x285742e8, 0x69a074b6, 0x876c29c3, 0xdfe52b11, 0x912bd17a,
-      0xf39e4609, 0x349aa639, 0x8ee40d66, 0xc72e05c1, 0xb968902a,
-      0xc0d92816, 0x0f9c1ca8 },
-    { 0x67433df3, 0x1ebbaab3, 0x15d3628c, 0xb6aa5347, 0x97f0c5cc,
-      0x13a320d8, 0x65e408f9, 0x72c918cb, 0xd5373451, 0x4b638854,
-      0x0b4dca09, 0x731399a3, 0x0a3b1326, 0xcf256730, 0x6608b388,
-      0x5ea60dfa, 0x7b290dfd, 0x58ad74b0, 0xd7694f9b, 0x83202789,
-      0xb6630fb1, 0x48593db8, 0xc65e3eaf, 0x3db47f70, 0x3e7263f8,
-      0x63949c91, 0xe6e6ff33, 0x9b9acec6, 0x098a8240, 0x34bd9ba7,
-      0x45d36ec5, 0x7e31c12f },
-    { 0x0dfd2dd7, 0xbe281d68, 0x24ab61d8, 0x1efacb00, 0x94431f97,
-      0xb9c3005f, 0x959cb3bc, 0x660c8dfa, 0xcffbb406, 0xfdd5fc30,
-      0x7969a10d, 0x7a4631be, 0xde13fd1b, 0x336e309e, 0xfc947076,
-      0x76b3bfad, 0xdcc72223, 0xfa91925d, 0x156c4ee1, 0x741f0d73,
-      0x0e2b3747, 0x4f64ee41, 0xefc4d93c, 0x86be92d3, 0xfc4fbb2e,
-      0xc53b7e03, 0x337ca1bb, 0xac196cf5, 0x7e23ba60, 0x4de41a30,
-      0x326d5357, 0x1a219c45 },
-    { 0xaa4db0bc, 0xfdcf7ef8, 0x7b6c9963, 0x2e231806, 0x3d8a192f,
-      0xc2639067, 0xffdc7771, 0xc0cec2e2, 0xa2fc0edb, 0x997c8e35,
-      0x82cc6043, 0x78e10ec1, 0x2b0c8120, 0xfd0de2cb, 0x69e57f8e,
-      0x4d6c457f, 0x5b53f1c3, 0x953e69b2, 0xc4f89cb8, 0x422a330a,
-      0x95566be6, 0x92ff2329, 0x437442d1, 0x73cd502d, 0xbea69403,
-      0xf04ce590, 0xf8030662, 0x6ac1537e, 0xb6d0bf93, 0xe02bcf77,
-      0xbc90192f, 0x17aaa999 },
-    { 0x8e55db2e, 0x0d3d5643, 0x3b946851, 0x835dee43, 0x5b88462f,
-      0x1a1440e5, 0xea17e27c, 0xa6ff3b35, 0xdd95f7a9, 0x23f99c36,
-      0xbdd672cf, 0x7217fdd9, 0xdd2045c0, 0xf400ac1e, 0x4ff06b25,
-      0x94b55c87, 0x0e4a49be, 0x0a44a0e5, 0xb43b6813, 0xe8925e91,
-      0x214f96c5, 0x78bedde1, 0x0f97fa97, 0x0f456a4c, 0xa5bfd267,
-      0xa28fd86b, 0xbe7608ef, 0x3b4b2d8f, 0x226474bc, 0xfbd5ff8c,
-      0xa5f3b24a, 0x6b282af0 },
-    { 0x6341a595, 0x78fc025f, 0xa445e28c, 0x591c38d6, 0xeb446842,
-      0x72bd6e3d, 0x75547833, 0x3f9466d3, 0x083e16c4, 0x911414d3,
-      0x95a7acb4, 0x145d9466, 0x8fd2fb64, 0x102ddf09, 0x0bfd87b1,
-      0x2a2b2d2d, 0x59455088, 0x69e9be5c, 0xa80245de, 0xee378bf4,
-      0xb2306b0e, 0x80b0bd68, 0xc2be9f3d, 0x76a545c6, 0x4802c245,
-      0x429d167b, 0x2b412dfb, 0x13e64427, 0xee8d9762, 0xb664f529,
-      0x54706ebf, 0x6d4f5d23 },
-    { 0x00ba9f88, 0x35c8f2b6, 0x7bb6d0bf, 0xfdc807e0, 0xb3b81e5b,
-      0x0a126d42, 0xa7ac781e, 0x335ce6ce, 0xf37dcba6, 0x3e308e6f,
-      0x63c96487, 0x028dca62, 0x8818434d, 0x72eba57e, 0x79b78a26,
-      0xa9e3d59f, 0x2f07aea3, 0xd2f0a7dd, 0x24d05f74, 0xe0fe4678,
-      0x0116deb6, 0xb2085170, 0x58f37580, 0x9c2a5e92, 0x74070bb3,
-      0xe78bd7a5, 0xb9977d90, 0x551fc872, 0x40db81b4, 0x6eda93c4,
-      0xd65d34ad, 0x4aaf0b4f },
-    { 0x3514c7af, 0x9bef2506, 0xbc181ead, 0xb09e7dad, 0x8fa3ec58,
-      0xef3cae87, 0x173b8685, 0xd8dbfab5, 0x921d32dd, 0xb2490fc0,
-      0x8bd9c466, 0x4eef386b, 0xa061dbdb, 0xc1cdd52f, 0x25bc04db,
-      0x64de989a, 0x85728636, 0x06f9836b, 0x8be44aa0, 0x11a5a804,
-      0x097018c7, 0x16dede4e, 0xb2c11fb1, 0x72aec577, 0xa721ecd9,
-      0x144dade1, 0xd6ebf3a9, 0xf99c526b, 0x1c2e14d7, 0xa1d4165b,
-      0x82bc6337, 0x8b2cbd39 },
-    { 0x8a52e991, 0x28ec1bf2, 0xcf9d42ec, 0x0ba202f6, 0xc634ea45,
-      0x8307d130, 0xc5762b9c, 0x3fc257b3, 0x487c2a2d, 0xbd3298d1,
-      0xa319488a, 0xca14f1a7, 0x06ba06d2, 0xc70ca93b, 0xee405e89,
-      0x9aa3f4b3, 0x35deeae7, 0xcc64eeb3, 0x03bf1d4c, 0xd155f578,
-      0x45616bfd, 0x041ec0b5, 0x086e33f6, 0x23df80e6, 0xf0243cf5,
-      0x399a79c8, 0x874ccd58, 0x86c2824e, 0x8fc5c831, 0x220eeaec,
-      0x7dbe3670, 0x57e28304 },
-    { 0xfbcdf666, 0x6e60b698, 0x8bebb1d2, 0xbdd06a99, 0x80498436,
-      0x4044adba, 0x522bc88d, 0xd76bf75e, 0x28423b20, 0x655c4b9b,
-      0x53398a72, 0x65c0f492, 0x0ca37601, 0x76d4f2b7, 0x2030fa5a,
-      0x46989925, 0xb6054705, 0x96b37e87, 0x53de1b2f, 0xef96f731,
-      0xad54ef05, 0x5ecbbc8c, 0xa93617b0, 0xeb289d0a, 0x7cba217d,
-      0x3ac0fbd5, 0x19d4a2d7, 0xd0d3cb56, 0xc91d6063, 0xe8bee9d4,
-      0x696ffda6, 0x4f12e037 },
-    { 0x15f1a610, 0x4ccfa422, 0x3786519a, 0x804a5c55, 0x73838134,
-      0x1246a454, 0x4b284e2a, 0xfa15b484, 0x146d1320, 0x36464c65,
-      0x70a8a0fa, 0xfb6ba88c, 0x93c4804e, 0x74e7cee7, 0xb95ae16a,
-      0x8c34d22c, 0xf9c1d4dd, 0x9d9ed89f, 0x32025371, 0x61a0866d,
-      0x9bd6444a, 0x45b232b2, 0xf277bab1, 0xf888e92c, 0xa9448b02,
-      0x73e69c6e, 0x5b521ecb, 0x1a496ea9, 0x5858afb2, 0xa8f78ea7,
-      0xb1266f91, 0x83d2333e },
-    { 0x67b478d7, 0x1c633288, 0x50a2fc9c, 0xa1ee1ae1, 0x18d2241b,
-      0x05b6ab30, 0x893cd696, 0x69f1f288, 0xa8117a87, 0x159d6660,
-      0x70e73d77, 0xe8120119, 0x93f55f0a, 0x528fef00, 0xd854dfb2,
-      0xb3978db8, 0xf45d9fbb, 0xd6b43ef6, 0xd5bee397, 0x17de4bfe,
-      0x6bf76dad, 0xa01e0f59, 0x3d40754c, 0x28b2280e, 0xf8e86ef3,
-      0x8edb6122, 0xb7d1e586, 0x8226b6af, 0x2f40a55b, 0x46353215,
-      0xc5a31621, 0x7362f13e },
-    { 0x73c0c430, 0x792eb27c, 0xa51c3657, 0x8cc0a65f, 0xd2194f1b,
-      0x50a5cece, 0x814b4947, 0x18945688, 0x4b6fbbf4, 0xbbf0a81a,
-      0xf0aa8608, 0x376f4f58, 0x3987795e, 0xd9361d68, 0xe3a8d0d5,
-      0xb6510cd8, 0xb6c1a455, 0x63e2fdbf, 0xaec891f9, 0x2c91154e,
-      0xff568f64, 0x0eb1e715, 0x2f2b399e, 0xe7af9cd7, 0x89f0bf0b,
-      0x1fc39bac, 0x90983695, 0xf0861d92, 0xda0a20a8, 0xd9b16f02,
-      0xa38c0ead, 0x2f10693f },
-    { 0x0c06ded2, 0x07a6ce91, 0x2fd9087b, 0xf974842f, 0xa9f635a6,
-      0xe468bfd6, 0x1ed60626, 0x04b61891, 0x369ee548, 0x1fb2f89f,
-      0xdc96a201, 0x9cbd1113, 0x10d633ac, 0x6759acfe, 0x8faa629e,
-      0x64ba66fc, 0x47f38283, 0xa686ae49, 0xd59cda99, 0x828c3a05,
-      0x08ea2f6e, 0x7c7afb14, 0xaf3953c8, 0x2551c8e4, 0x9daa9e4f,
-      0x5b53d279, 0xad6f1940, 0x1eff68d4, 0x96437cdb, 0x2775dbdd,
-      0x4fe7a043, 0x985f83e4 },
-    { 0xeaf45294, 0x89603c16, 0xc24b5751, 0x70131160, 0x39d6b52d,
-      0x4c112018, 0xed943340, 0x7079cf02, 0x74f41b68, 0x0c5b028b,
-      0x9c8ac1e1, 0x3dc3f076, 0xf8b24f0e, 0x5ac5eea3, 0xe34c5c22,
-      0xee6684ba, 0x9abc452a, 0xa5259e63, 0xe9df45cc, 0xb07d2cd1,
-      0x1a443cfa, 0x07019c93, 0x92c003b3, 0x68fddaa9, 0x0d8cbc2e,
-      0x2d9f179c, 0x1e781ca7, 0xbbf15a6f, 0x50dcc799, 0x54d779d5,
-      0x0fe962f1, 0x0c88e540 },
-    { 0xe8f44357, 0x84f71a6a, 0x3a3cab6a, 0xf75b4bf6, 0x5aebc680,
-      0x334c9d9e, 0x8a753ef2, 0xcecaf084, 0x075e3c8e, 0xe28014c1,
-      0xf74f8d3a, 0xbb9d5a38, 0xb80e32ae, 0x75988464, 0xf2bc3792,
-      0x7b328e6f, 0xeed0e197, 0xebbb1faf, 0x5a33065a, 0x674eac95,
-      0x922dbce8, 0x8c19fd8f, 0x987b907a, 0x8c17ae85, 0x3b3a2cd7,
-      0x89f33627, 0xfa87772f, 0xebaea019, 0x3a25ced6, 0x4e5de499,
-      0xaf110715, 0x8e2560b8 },
-    { 0x3141aba6, 0x56d3746c, 0xbab2cf9e, 0x45a1079f, 0x9cdd27c7,
-      0xb6382831, 0x9dfd950e, 0x22237632, 0x3a9408ff, 0x1e0b15cd,
-      0xb1160118, 0x49a80200, 0xa383bba7, 0x2719db5d, 0x651046d5,
-      0x6078340a, 0x97523b1f, 0x8929d4de, 0x8e0a28ab, 0x4040345c,
-      0x0adf09c7, 0x61275ac2, 0x2331d611, 0xb41ab265, 0x5391ca50,
-      0x230cc77c, 0x8f922315, 0x88be0c92, 0x92fd9a29, 0xfef3d92b,
-      0x8324f2e5, 0x59005f22 },
-    { 0x3c4c1c74, 0x6bb1750c, 0xe966fb79, 0xbe73aac0, 0x66c5973f,
-      0x85a75d92, 0x3a8656b6, 0x8c97f932, 0x50446cde, 0x2b7043b1,
-      0x3ff3897f, 0x548916f7, 0xb18b72b2, 0x913dd01c, 0x488c0de6,
-      0xd0a751f1, 0x8558ca58, 0x19175714, 0x44a663da, 0x97714301,
-      0xb0e08618, 0x2df190ac, 0xf39ead9c, 0x0080fc0c, 0x17382da1,
-      0x0085ac6e, 0x3262a338, 0xe9791851, 0xb43bae8d, 0xe4495936,
-      0xd783df6e, 0x57a78e26 },
-    { 0x40dbddd8, 0x161b346f, 0x9410c3ac, 0x2b49a927, 0x1886cf3b,
-      0x8c542783, 0x33b93deb, 0x72df3232, 0x40df579d, 0x9c8d59f5,
-      0xc20ef500, 0xe5d7a67d, 0x67f08643, 0xc46b3918, 0xad96adc3,
-      0xecfa2445, 0x0c4544d0, 0x658f589b, 0xe08417d7, 0xe6ec9301,
-      0xc454e288, 0x6ca5ef6a, 0xac0f462d, 0x4191048f, 0x08d8a036,
-      0x852407d8, 0xf6d35b7e, 0xb4c533a7, 0x8f6ada87, 0x3251e412,
-      0x81c472e8, 0x1ca370c5 },
-    { 0xa801b68a, 0x94bd5171, 0xfd1998b3, 0x7312879c, 0x41163202,
-      0x4905aabf, 0xf5b01fdb, 0xb5fe87f4, 0x9cda128b, 0x78de523a,
-      0xc7bd31f7, 0x0bf161a1, 0x23904c35, 0xb5decfd0, 0xe188f12d,
-      0x224b2882, 0xf99dae74, 0x0dd2801d, 0x08cd1cd2, 0xcad467b5,
-      0xc0867e39, 0x6c311c3d, 0x2b425072, 0x71a11720, 0x2efd9003,
-      0x83bf464e, 0x1dbd3b03, 0x53d0448a, 0xe6265baa, 0x32db52f4,
-      0x4c33ac79, 0x2584b34c },
-    { 0x2aeec688, 0x3cb86389, 0x45fbe523, 0xa5e740ba, 0xfd60b5f8,
-      0x422e71f7, 0x4874913d, 0x455d185c, 0xfa17d80d, 0x04c2bb36,
-      0xac054524, 0x3f271854, 0xa8b9a657, 0x76dd3045, 0x62ee7cc8,
-      0x2e42c3e1, 0x4df6c7d0, 0x00266706, 0xdc7cb488, 0x5927dd51,
-      0x187897e0, 0x6b3faabe, 0xf2d5737c, 0xfe6ad22e, 0xff51a9ff,
-      0xafb60269, 0x69807baa, 0xe1c83545, 0x951ca49a, 0xacddb6ff,
-      0x3f9ab085, 0x7e811374 },
-    { 0x830a88b1, 0xad722a8b, 0xce1117e1, 0x91918ea8, 0x0409b47d,
-      0x3e02d0b8, 0x6c46d1d3, 0xb53812d3, 0xe589669c, 0x2fd09db0,
-      0x15b0cd5e, 0x9845cd06, 0x2386c453, 0x0c1c155a, 0xf5ff43cb,
-      0xda774de5, 0xe391c0cd, 0xbb076b98, 0x5004f286, 0x97d71eff,
-      0xaeec0bfe, 0x23e0b46c, 0x32a1ad94, 0xe4538667, 0x396da422,
-      0xfe0c9f81, 0x63db2bfe, 0x6376c1a2, 0xba56fa91, 0x001c7918,
-      0xdf8485a6, 0x436b8c64 },
-    { 0x8ab764bc, 0x88117e9d, 0xa077df84, 0xdfa61e94, 0x0c18eebd,
-      0x5a7765d3, 0xfc9451dc, 0x548916af, 0x071a347a, 0x01a52e33,
-      0xb23b41df, 0x633b95de, 0x43c8c286, 0xdd7d68c9, 0x18d97068,
-      0xe4f9d41e, 0x8c92799d, 0x79908b90, 0xd47394a3, 0xe614148e,
-      0xcd51e53f, 0xe5018517, 0x0243dcb6, 0x5060075e, 0x17954405,
-      0xe5dcde62, 0x537da5ff, 0x6f7c90e1, 0x0768cb66, 0x1df7aae4,
-      0x6dbe95e1, 0x5266ca9e },
-    { 0x1386b3db, 0x84ddee6d, 0x7c38e540, 0xf9e4af5a, 0xeb04f49d,
-      0xb3418440, 0xfde5a4fd, 0x2138a1e8, 0x30257cfc, 0x3e6e6924,
-      0x19fd70c1, 0x3519c6e3, 0x86c31ff0, 0x8f34e174, 0x940ce1e8,
-      0xf1e298fd, 0x14960d7c, 0x6fb8cb1d, 0x2b2f3bff, 0x207c1347,
-      0x146ef8ff, 0x899a20b4, 0x7bd3e220, 0x7dec362b, 0x626bea27,
-      0xa975044e, 0x4fb4cb67, 0x0f32b449, 0x1fc6703a, 0xc17a0920,
-      0x9cd84a2b, 0x41f325b9 },
-    { 0xce2843a4, 0x312ed513, 0x00728afc, 0xe748498e, 0x4d864ce5,
-      0xa8ef2822, 0xa620083b, 0x34064704, 0x4bed338d, 0x5905e1d9,
-      0x063e7b38, 0x2a578cb5, 0x289e7bb9, 0x98276d96, 0xf17b7341,
-      0xdfe2dc47, 0x1dac8944, 0x5923521f, 0x23400aa7, 0x3db6d28d,
-      0xa761ba43, 0xc647705e, 0x9bfd07dd, 0x8947ba6d, 0x242ca8fd,
-      0x00f2e3ac, 0xeb8c3468, 0x49ef4670, 0xd9aa18fd, 0x7db3d37b,
-      0xe58cea9e, 0x56b30fb6 },
-    { 0xcd80a428, 0x07ecdcaa, 0x8732c891, 0x7af922dc, 0x3ada441f,
-      0x20d88798, 0x924b008a, 0x3bed9a44, 0xb2e81c3a, 0x2123533c,
-      0x65f807d3, 0xc34e4075, 0x1f2faecb, 0x0bfaefa5, 0xade8a88d,
-      0x78b634a5, 0x94392a91, 0xc4e0b7f8, 0x90bb1cd8, 0x30922377,
-      0xf87204ae, 0xdea9b4fa, 0x85d3cd83, 0x3edf81f5, 0xc6523a79,
-      0x58f88c51, 0x17c0d969, 0xe472fb8b, 0xdccf7f07, 0x899081e5,
-      0x58bdd146, 0x1353cc57 },
-    { 0x39bf6e18, 0x28a56497, 0x649b89c7, 0x59e8b5a2, 0xdce8b8e7,
-      0x8d9434a0, 0x2047040c, 0xd935bf51, 0x6a7b8e82, 0x2ab3a164,
-      0x27f81294, 0xf1583ed6, 0x72d67297, 0x8416a7e0, 0xcd39e42b,
-      0x49685d86, 0x958ddbad, 0x8a797fc7, 0x155ce6de, 0xa558f928,
-      0xf8a36235, 0x75f4e570, 0x52877ae5, 0xbc69cfc0, 0xa6b16ebd,
-      0x8f4193a9, 0xbb1cc1f1, 0x8d1df43c, 0x5a21e789, 0x723a830e,
-      0xf451df58, 0x3ec2185d },
-    { 0x1f0bc2d7, 0xb9d4c7d7, 0x6e51d412, 0x6982c6cc, 0xa09f80f6,
-      0x92e02d93, 0x047ae09c, 0xb7dd2d25, 0x37f351f9, 0x3503149f,
-      0xc77850be, 0x69d49ce1, 0x12f0d2c8, 0x60242acb, 0x7bc28b9d,
-      0xba188c56, 0x06bc0550, 0x8e406121, 0x8d7d4329, 0xb0d84b1f,
-      0xd38951e0, 0xb4a67ae7, 0x8bc97607, 0xb527c57b, 0x5497aa72,
-      0xbc93c5f3, 0x39bdd666, 0x5f1de8cc, 0xe9d447a3, 0x3087dc5c,
-      0xa211abe5, 0x89b356b6 },
-    { 0xdfdcc837, 0xed6db0af, 0xa871b7a9, 0x0fb80baa, 0x1c1d4b72,
-      0x413abfc9, 0xadac9e5c, 0xf5b56bf7, 0x8b8657a3, 0x5664a2da,
-      0x0e41d94e, 0x11b04f72, 0x37433658, 0x63e11d26, 0xf426daea,
-      0xee628ece, 0xcb162dc2, 0x011619c9, 0x87648643, 0x9cf5817f,
-      0x5584bc86, 0xe1bb9702, 0x00bf7928, 0x2cc27cef, 0xdc60eee5,
-      0x4ef3a80e, 0x87adc2f9, 0x7e1202be, 0x8a0d4f52, 0x656f18e0,
-      0x57c5d126, 0x39c4f10d },
-    { 0xe88aecd3, 0xb3a9b68c, 0xa518aa9d, 0x555b0918, 0x4bd4ee54,
-      0xedc1cdad, 0x02068d84, 0x79b68b67, 0x811ac72d, 0x7dac80d0,
-      0xa81a0a78, 0x6d1e6d35, 0x3bd16283, 0xc841e9ea, 0x894c4444,
-      0xa7bc1775, 0xf1aa1202, 0xf2b63725, 0xc7d4c556, 0xbec7767e,
-      0xd46ff51b, 0x2817ebb3, 0x73f7e339, 0xfde5be8d, 0x5aed24c4,
-      0x44c6c977, 0xb6e579cf, 0x0b9a1707, 0x9069fbcc, 0xcff16478,
-      0x49152b00, 0x414b542d },
-    { 0x606e173b, 0x33c31e58, 0x90e6713a, 0x5b7f4e1b, 0xdebb20af,
-      0x425fb512, 0x05120e70, 0xc788c617, 0x9013e4ec, 0x3ef05602,
-      0x81c6e6d7, 0x9f9d35ac, 0x9450690a, 0xe131e88f, 0x44af082e,
-      0x708f9b32, 0x1ba2aea9, 0xb2e4d66c, 0x740db29c, 0xaf1f4a6e,
-      0xd1843007, 0x74ab9248, 0xed556a6c, 0x13338ef8, 0x270d17a6,
-      0xf48e623e, 0x9608f5bf, 0x3c7362fa, 0x444e8515, 0x43977874,
-      0xe00b8b2a, 0x52678d6a },
-    { 0xdf36aeb4, 0x5dff1c59, 0xa92bc0ab, 0x52d6653c, 0x927a5f81,
-      0x0e03f496, 0x2dfd491f, 0x8509d414, 0xa571f89b, 0x258c2c52,
-      0x93334485, 0x2bd61804, 0x3f7d9e09, 0x1a33e94f, 0x2c1bf906,
-      0xfab418d3, 0x5aa5695c, 0xf39c490e, 0xf6d2d7ff, 0x0e41196e,
-      0x0f7948a9, 0x3ecd4075, 0xd3053b4f, 0x4b58f9b2, 0x5d9974c9,
-      0xb8ee842a, 0xbf22f682, 0x23a59c1d, 0xc8efcea6, 0x045ac614,
-      0xc10ceedd, 0x7040ba5b },
-    { 0x515a1a96, 0x2c364f81, 0x184327e0, 0x31a63503, 0x1ad93d4f,
-      0x0a096650, 0x273b6173, 0x9d7694f1, 0xd2cda9d2, 0x8886d876,
-      0x2814c177, 0x1e01a742, 0x8667696b, 0x3492276b, 0x5b25f006,
-      0x2fd4f0c6, 0xfb294c4a, 0x6527349f, 0xde1d336f, 0xc1fe0d8a,
-      0xe7e3860e, 0xaf9a23e8, 0xb774c31e, 0x97d2b721, 0x4365784a,
-      0xfac3e582, 0x70f4eaa3, 0xff2dff4e, 0xfe873248, 0x3d281e1a,
-      0x0bd1c9c1, 0x9043a6d6 },
-    { 0x766c7937, 0x1511a0fe, 0xabbc3be3, 0x1b2ded5c, 0xe00888ac,
-      0x2ac160cc, 0x616200f3, 0x928754bd, 0x34a2ea06, 0xb801c83d,
-      0x9cbe106f, 0x8ad7a03a, 0xcedfcd94, 0x996b0822, 0xe4069880,
-      0xc3c3463a, 0xf597f663, 0xfb12ea4d, 0x40c92af9, 0x2c8d3834,
-      0x4e8da154, 0x79bc85c6, 0xdb4e801a, 0x95771fa2, 0x1e3579b2,
-      0x7bd2c138, 0xffaad078, 0xe45c75df, 0xb73eac46, 0xb0760a3c,
-      0x3a125f35, 0x26362b48 },
-    { 0xeefc3e89, 0x25c68d28, 0x69e9ee71, 0x2d0ee877, 0xaf5e4b75,
-      0x8b07bb86, 0xcb86b333, 0xdb709072, 0xff552bac, 0xfd3d20ea,
-      0x4c0da1e9, 0xa5eeb2b1, 0x44f97145, 0x391f688a, 0x1e06d485,
-      0x21fbd310, 0xbea9cd49, 0x45e4f2a5, 0xa7bf21da, 0x7b60d464,
-      0x054d5471, 0x193f88c8, 0xbee0f2e9, 0x5ace53d1, 0xc1439273,
-      0x92c26563, 0x96c6b5ee, 0x9c86e0b2, 0x09ff59ba, 0x452fe231,
-      0x555c935e, 0x2e952b20 },
-    { 0xd75f886e, 0x2a846bca, 0xd43dfc58, 0xe68a5dbe, 0x007b1b86,
-      0x103e45b6, 0x355ff2b5, 0x580e2ec9, 0xa263ecc9, 0xbc702f26,
-      0x181e5e33, 0x2835b386, 0x6c122076, 0x025113ec, 0x7fbd856d,
-      0xa5c26e3a, 0x9d6ebcb1, 0x8ef83fb3, 0xa44d2fa8, 0x7aaa53f2,
-      0x53b1fa97, 0x7c14ef33, 0x17559a30, 0xff604a11, 0xb09377e0,
-      0x2bcd96b0, 0xdb2f0273, 0xa5c14896, 0xeb53ef06, 0x1c0a84c9,
-      0x30378e4b, 0x1236d017 },
-    { 0xc084373b, 0xd7481c8f, 0x646097ae, 0x29ae4768, 0x613bc34b,
-      0x1300dfa0, 0x934bc2b0, 0x3712714c, 0x0e2be7e2, 0x86524629,
-      0xed010800, 0x554fbb9f, 0x42314576, 0xf0ec0b38, 0x330a3282,
-      0x65baf594, 0x706ef817, 0x3bdde1a8, 0xba7530e9, 0x7d2c727d,
-      0x74cc95cb, 0xbb0c5d66, 0x2438906d, 0xb3fcd365, 0xd14658f3,
-      0x19881941, 0x6c97f0e9, 0xe616f555, 0x4b9ec7ea, 0x353c2d85,
-      0x620cb56e, 0x02a48014 },
-    { 0x506ccd38, 0x11d6d23d, 0x9059baa6, 0x229a1c54, 0x69d011c5,
-      0x717c9c27, 0xd828937d, 0xe87e1b46, 0x83835083, 0xf5d63bbb,
-      0xaadac258, 0xf0a7b427, 0x9f154d1f, 0x99ab26bd, 0x8ec955fd,
-      0xdec0ffbf, 0x49fcb880, 0xee957c67, 0x1e0114de, 0x32395dee,
-      0x369f46c7, 0x192a64b7, 0x91eb2599, 0x43044660, 0xa2e8c3da,
-      0xbe2da887, 0xc3556d18, 0xa44e2c25, 0xb55f75f3, 0x31390414,
-      0x8f217fe0, 0x1d8bde6f },
-    { 0xa2028924, 0x03cd39f8, 0xb06ecb9f, 0x6e54f19c, 0xd6f05846,
-      0x862bbcb7, 0x5a060776, 0xdbe06716, 0xb10fec10, 0x9397c97a,
-      0x6f1bb65c, 0xf4213826, 0xa672ba38, 0x414deccb, 0xf88b05e6,
-      0x594d4d43, 0xac94d4d1, 0x7993f57a, 0xbfb17638, 0x74fc2a6a,
-      0xb6fc655a, 0xd8196b5b, 0xee8d2139, 0xdc375c84, 0x360d3a26,
-      0xb9b00a02, 0xdeb93b87, 0xb36ed35c, 0xcc83209e, 0xf565b28b,
-      0xc61013c1, 0x349c6943 },
-    { 0x4de6c88a, 0xd1b39444, 0x4700207e, 0xd5c2c471, 0x21c2b780,
-      0xb6f458a2, 0x0850993e, 0x749f7564, 0xbaef0c18, 0x400ba579,
-      0x737c70f0, 0x2d742938, 0x21467ebf, 0xc5a8e2ec, 0x5337f453,
-      0x243a666e, 0xed0bd50a, 0xc991f1c7, 0xf4bd1f91, 0x3a7f3e90,
-      0x5f0e129b, 0x96089e8a, 0x07389635, 0xd0d3a177, 0x27182ac9,
-      0x9cf842d5, 0x0817c5c2, 0x21195299, 0x87255769, 0xa32f327e,
-      0x89c2d8fa, 0x056587ab },
-    { 0x1ce4733d, 0x008562ed, 0x98e51444, 0x5faff7cb, 0xa9ab46b9,
-      0x5f03021f, 0xb61a8c13, 0x89494c5e, 0x36b35976, 0x57c95036,
-      0x2ac2d2f6, 0x6be84c8f, 0x9bd2703e, 0x0e5b34d8, 0x7e872abb,
-      0xc4ad918f, 0xc4052ee1, 0xc2a89e9f, 0x3190b51e, 0xc2caee3f,
-      0x6fff254f, 0x58fd1437, 0x883e0972, 0x6f3c0d68, 0x0fb15438,
-      0x63d0a0e9, 0xf6caae00, 0xc438764b, 0x3f1d0f6c, 0x815f1565,
-      0xb86cdbde, 0x1b87f2ed },
-    { 0x2b0b15b1, 0x35792bbb, 0xce6ba779, 0xa3e4b5a7, 0xdd8f3779,
-      0xfbacffd9, 0xc298d1ef, 0x005450bd, 0xc47031c6, 0x0e3f5556,
-      0x95d68066, 0x0770f07a, 0x2d1052c2, 0xce3e84e0, 0x7aa8cc54,
-      0xb050791e, 0xba3223a3, 0x4d621e73, 0x39632990, 0x87b9b94d,
-      0x7eb8056d, 0x8df9cb47, 0xedfca0cc, 0xe2430de8, 0x9712a0ca,
-      0x374bf416, 0x88848a99, 0xbe3f3c77, 0xc4a3e59e, 0xb22b87b1,
-      0x3e95bc23, 0x8e0227c4 },
-    { 0x3210964d, 0x000e22a8, 0xff056eeb, 0xdccd5df5, 0xdaf1ead7,
-      0x02173a1f, 0x67cdcae3, 0xd02833e0, 0x8bdcc90c, 0x1cc574cb,
-      0x3224b4f5, 0x86eca714, 0xbb3f8298, 0xd00e603a, 0x0c1a8deb,
-      0xb98ece1b, 0x378c261d, 0x228a46e4, 0xa6165e5d, 0xc6f9dd0d,
-      0x4b7ef0e2, 0xb3ae3899, 0xbda9f306, 0x3a3c16b3, 0x38a084db,
-      0x5e9a26d3, 0x5394e950, 0x528e5993, 0x4ea206bc, 0x848ecb11,
-      0x40545d6e, 0x14b15ab5 },
-    { 0x664c59a2, 0x0f6d86c9, 0x60fd7aa5, 0x3dfe2be1, 0x9072cb8e,
-      0x33f9b569, 0x8176a7e0, 0x5f2325d9, 0x4587080b, 0x79a0d4e7,
-      0x0d5d4e05, 0xa4ee0def, 0xc87b28e1, 0xc0ad9ffa, 0x3f09b4ee,
-      0xd6f18d2f, 0x292e9d87, 0xcc896ae7, 0x6094763c, 0xca88953d,
-      0x18fbf9fa, 0xdbee97a8, 0x4b63d701, 0xdf20e0e9, 0x47ea722f,
-      0xcbba6e30, 0x612b571f, 0xce57e1ca, 0x009a55f5, 0x1e16ac76,
-      0xc4389e2e, 0x742bbed8 },
-    { 0xc1dc2c73, 0x23ea86dc, 0xc1643abf, 0x4bbbfd5b, 0x24d8ca1f,
-      0x07f8fa1f, 0x8cb5cac7, 0xde68a6e0, 0x54e66a7d, 0x7d54c64b,
-      0xa9b7ad78, 0x789dba22, 0xe364ab94, 0x4d88d540, 0x1f72e011,
-      0xc8c2e02d, 0x46e2a278, 0x4c826057, 0x4b187c7d, 0xe6c35bb3,
-      0xeb8fe0c9, 0xed8b3dfe, 0x7d11e415, 0xb6bc34e8, 0xb865c7f9,
-      0xb3908bbf, 0xe1ecc17c, 0x717d1ce6, 0xf7cdd69b, 0x151e3308,
-      0xb5c94124, 0x97bd5a14 },
-    { 0x81e82861, 0xe01c62fe, 0xdd42c40e, 0x703d4b6d, 0xe65e91e5,
-      0x7e52e55b, 0x5abbbfdd, 0xb8b49374, 0xc72a45f4, 0xb4f15f52,
-      0x550f29d8, 0xce8435a8, 0x582de75f, 0x9df76b9b, 0xa20c8b96,
-      0x52e84c5f, 0x0a8a0af4, 0xaf77d2d1, 0xca6013c3, 0x0389bbd8,
-      0x26f8305f, 0xb0d9b9ba, 0x0cec8b9a, 0xf053e848, 0xffabda18,
-      0x4d63367a, 0xa6424c2a, 0x50f53be4, 0x864fba2e, 0xf892c58c,
-      0x48cc5469, 0x317c6d31 },
-    { 0x2cb7d42b, 0x0c3525b0, 0x310facae, 0x55240bc9, 0xff20408f,
-      0x8d5d2022, 0xe0c10ea0, 0x6b01402f, 0x718eb23d, 0x7fbef68a,
-      0x41252a19, 0xa0146b5a, 0x110e0d6e, 0x59afce48, 0x022de181,
-      0xe9a1d27f, 0xdc3f49da, 0x6db96d16, 0xefbe4008, 0xfc1ae3f5,
-      0xeccbc11c, 0xf9d70641, 0x525f8636, 0x49022279, 0xc2763c30,
-      0x3769796a, 0x1d90630b, 0x9cc3483c, 0xee3d3f17, 0x451651f0,
-      0x9da0b8fd, 0x6ae59739 },
-    { 0xbff4d2ee, 0x57b13bc7, 0x30b173d8, 0x20754229, 0x0794936c,
-      0xb6254bd5, 0x5efd55be, 0x1d5f232a, 0x4e0c3389, 0xc06f4a85,
-      0x8e61f944, 0xcf2c5b59, 0xfd5f87b7, 0xc564861f, 0x5a2afa4c,
-      0xee261fb1, 0x2d97a774, 0xb0ff7226, 0xd6cf007a, 0x1a89ae22,
-      0xd346f214, 0x28880534, 0x97b6497e, 0x8fe73bff, 0xfa2afffc,
-      0x8a8595b2, 0xf151a726, 0x9ef9cf3e, 0xe744b82b, 0xa84ee5f1,
-      0xbc63fe72, 0x6649048d },
-    { 0x1e8b760d, 0x91b7bb78, 0x25aadaa0, 0xd47b0bd8, 0xfab5226f,
-      0x81493d9f, 0xbffc148e, 0x4a6dd226, 0xa29be3db, 0x5a032f8a,
-      0x34b0ab0b, 0x318dbc70, 0x7d654868, 0xdcccbfb5, 0x9c581e46,
-      0x8506ab37, 0x2830ece2, 0x09136a6e, 0xcf6c80c7, 0x48b79356,
-      0xef6b1e86, 0xfa176377, 0x83f0f1c9, 0x2c9c1cc1, 0x16abeddd,
-      0x96f0526d, 0xa93b0de4, 0x3e0e98e2, 0x0f13873a, 0x6f2d7ada,
-      0xf3fa49ec, 0x4eb93b5c },
-    { 0xe11fae32, 0xbd89f7e5, 0xc4023f51, 0xd13d74f5, 0x491c3f6f,
-      0x1b0014df, 0x555279b7, 0x1d849a57, 0x05ba0068, 0xbb9e8897,
-      0xc13ca2ca, 0x82222419, 0xfd33676f, 0xafbbb685, 0x75878a2a,
-      0x931c3f52, 0xef3d5173, 0x12aeefef, 0xbd8a6878, 0x189a5cc8,
-      0xd99f0c16, 0x82cffdb3, 0xa19d48b6, 0xbf565406, 0xe9c6c4e0,
-      0x5605e223, 0x86804172, 0x53e781de, 0xc7001cc8, 0xcdf5c90b,
-      0x7c043f68, 0x2b582d93 },
-    { 0x81abc2ae, 0xa1165c82, 0xe2b69eca, 0xa73380f5, 0x07fff66f,
-      0xc097b3d2, 0x54776506, 0x5d603826, 0xb57fa21c, 0xdcbac9f3,
-      0xc98dbdd5, 0x78750db4, 0xd9eff32a, 0x85e21103, 0x2f11c41c,
-      0xceed172c, 0x9e348c09, 0xa8e39264, 0x831eddfb, 0x71cb936b,
-      0xf50864a3, 0x915c3d06, 0xe93acfcd, 0xfe8e33cd, 0xb3f2f7aa,
-      0x4bee10d7, 0xeb7cee9a, 0xc1d8eb48, 0xfa574afd, 0x4fa49ce3,
-      0x862db4c0, 0x78615109 },
-    { 0x7ae72c21, 0x3fe3f480, 0xfd0f0da5, 0x631aa144, 0xf8c3a454,
-      0xc76ee1e8, 0x51b4f1ab, 0x379ae094, 0xd7cdbb24, 0x2a3a4397,
-      0x82bd5fcd, 0x7a14cffe, 0xf427ef5a, 0xbbe4ed12, 0x284d3ccf,
-      0x9b0a43ee, 0x8eec6e1e, 0x57b78b93, 0x67b8e87b, 0x18d404e4,
-      0x34374c20, 0x0c8adc05, 0x5428deb5, 0x64373605, 0xc3afa2cf,
-      0xb4d80ec0, 0x3aa956f9, 0x6d51f93c, 0x84161c68, 0x9f9a28ab,
-      0x6bc9c025, 0x540b6bb7 },
-    { 0x321d315d, 0x04e1734c, 0xd86e05d0, 0x4ef56612, 0xbba8cd81,
-      0xeafae145, 0xacdc789a, 0x1fb07a49, 0x5877570f, 0x6a21e9ad,
-      0xb9bc53de, 0x2e4a837e, 0x1d6298eb, 0x436db293, 0xea362f45,
-      0x43afbc78, 0xaabf6585, 0x2a973d97, 0x0c924d60, 0xdce7dabe,
-      0x7cadf0e9, 0xf69d98f0, 0x75020538, 0xe0b505a1, 0x4461cd29,
-      0x3db7d1a3, 0x5e20e818, 0xe1c28776, 0x52dd50f6, 0x2ca25867,
-      0x92e0388c, 0x897cab14 },
-    { 0x0d8bab8a, 0x59ed3813, 0xa438200a, 0xc11d364c, 0x40581415,
-      0x0687bf2c, 0x7ac89674, 0x86ad0d3a, 0xb97411a0, 0x44928105,
-      0xf383371c, 0x74984b11, 0x0d1a831e, 0x70d2ed84, 0x6c912fe0,
-      0xd883628b, 0x14fa88d2, 0x44f8f7fb, 0xcf0ac93e, 0x564f2a4d,
-      0xa6c24fa6, 0x82f629aa, 0xbf6cd949, 0xab906ba3, 0x20a5182d,
-      0x2c822e67, 0x30eb93a5, 0x2ff47dac, 0xfff673aa, 0xdc62c4a4,
-      0x476b0ec5, 0x64b00763 },
-    { 0xb3c9a404, 0x1e3f533e, 0xb7ef9952, 0xb1db7f73, 0x6c253693,
-      0xc7f13e29, 0x0738eed4, 0x7ce7f4c4, 0xce26cad0, 0xccfd3b33,
-      0x01ec5cf1, 0xd8784935, 0xdc084e01, 0x3f8fc09d, 0xc39b5acf,
-      0x217cab32, 0x9ef5551c, 0x42daf0bb, 0xe1217a95, 0xfbc76f56,
-      0xc237002a, 0x80178b12, 0xb070a293, 0x0b52c39f, 0x576ca964,
-      0xe3925153, 0x19d68e36, 0x25559424, 0x09e50e84, 0x291fb82c,
-      0x6618ed8c, 0x7dd22ea6 },
-    { 0x49cbb3bf, 0x7ffe844b, 0x5562fb25, 0xde0cc704, 0x9f5a845a,
-      0x1e6ee537, 0xe51277fc, 0x956d7f26, 0x30635718, 0x2c75d4b9,
-      0x96957f34, 0x39a14892, 0x82e5742b, 0x8cf4eb32, 0x83247b72,
-      0x6b0d3ddd, 0x201a4237, 0x67a9f633, 0x1414a485, 0x416403c1,
-      0xb6f6a916, 0x60afd447, 0xdac6f790, 0x95f94930, 0xbd3b9d82,
-      0x685ff94b, 0x51cadf0f, 0x5c8f98fc, 0xb13b7489, 0x9559c88a,
-      0x5f18fcc8, 0x31377c66 },
-    { 0x7dcfb35f, 0x35c5de09, 0x01cc36f8, 0x2dccca9f, 0x7576cb63,
-      0x7e93e85d, 0xf7b4b375, 0x0c2dd48a, 0xb09a19b5, 0x9d95cd4f,
-      0x71bfe607, 0x752ed159, 0x2596dad2, 0x439880cf, 0x69e90a6f,
-      0xe52efb53, 0x03d3e60a, 0x44097663, 0xa95070e0, 0xfcf364fa,
-      0x05624dd2, 0xd8f993b6, 0x00d5e467, 0xb35a9824, 0x0c8f4524,
-      0xe289d024, 0x648a0179, 0xef45423c, 0x587edabd, 0x3a5fd695,
-      0xa11e5271, 0x3dacc50c },
-    { 0x6499ae4c, 0xcb3e4f94, 0x7053c527, 0xa46dcbe1, 0xbe782e8a,
-      0x807f5ce9, 0xd8481e45, 0xb6c64d28, 0xaa286fd0, 0xf35e4518,
-      0xdf1cdb49, 0xf7b7b9ba, 0xaec23eaf, 0xf3fb6210, 0xb9bfd2fb,
-      0x0a9ba385, 0x8807f3a0, 0xe51a0d53, 0xb17b2842, 0x7ab24404,
-      0xf9dd9f0a, 0x6fd57687, 0xf3e9df64, 0xcd1efdb4, 0x60df194d,
-      0x5dd2df7a, 0xe069df05, 0xbed3f2c3, 0x23248a31, 0x469b7561,
-      0x694744f7, 0x866949e1 },
-    { 0x3f4ab07a, 0x3a9a0da5, 0xf54a6fbf, 0x2cd6f333, 0xb23cf290,
-      0x0c92e921, 0x848e3d58, 0xc9581c3e, 0xd3b218ab, 0x93af1fbd,
-      0x066cb4d7, 0x38598ea1, 0x990c03a0, 0x5001394e, 0x7d0877b5,
-      0x3b664b1e, 0xd74c7091, 0xd79db1bb, 0x4e2d5dd0, 0x852d4435,
-      0x3329db82, 0x0d2b841b, 0x7b96d480, 0xfa844eb0, 0xc295dc46,
-      0x37a50569, 0x94f7ec4e, 0xc2d38373, 0x5b083177, 0xdc3884ff,
-      0x8b1fa598, 0x574352b8 },
-    { 0x0d5d7ce9, 0xed2193f7, 0x0b487eaf, 0x3c19fd26, 0x7be65fd0,
-      0x7c44ab59, 0x78270d56, 0xdd9da860, 0xbaa70198, 0x8a84ec00,
-      0x285985df, 0x2ec27e49, 0xde2028d8, 0x996ccaf0, 0x61c2201d,
-      0x4e7648c7, 0x091c19eb, 0xa96335bc, 0xf0d6782b, 0x253a3a69,
-      0xd2946493, 0x3f204340, 0x099f6873, 0x444521a1, 0x6996011a,
-      0x5fcbcc09, 0xf853a94e, 0x3884d5d8, 0xd3b6a3a1, 0x2418c624,
-      0x06ae3c4f, 0x3e431af2 },
-    { 0x83d381f1, 0xf967d939, 0xd0c033c3, 0x36501aae, 0x54410768,
-      0xbf3af4d0, 0x5093a6d3, 0xa86d1598, 0xd92f2900, 0x43ae0741,
-      0x36f0b755, 0xfeb2afa6, 0xaa456d6f, 0xd090a6a3, 0xaefdb646,
-      0x336a4fda, 0x1a942f7d, 0xfd1bfe44, 0x851ee41e, 0x7fc2a3ed,
-      0x11e935c5, 0x4f1c9686, 0x53bbb343, 0xcd577666, 0xad896c2a,
-      0xf26931ba, 0x86bbfa41, 0x8a0fbbd1, 0xa203cef1, 0x1c3d7d82,
-      0xe2664d35, 0x6dad3f15 },
-    { 0x12ec35a1, 0xd1940b7d, 0xe7dfb128, 0x6219c5b6, 0xf13321d5,
-      0x2cc278c6, 0x33c58eb6, 0x5e76904a, 0xd9903c43, 0x15090f55,
-      0xc3d96a19, 0x061bc926, 0x8c0acba7, 0x974a9f03, 0x7198b21b,
-      0x7a414021, 0xf8958c6f, 0xb069599d, 0xbebd0129, 0x517f2f1d,
-      0xdf3a8dc3, 0x1109a613, 0x672375c5, 0x08e58448, 0x9383d2d3,
-      0x56590ba4, 0x0bff837c, 0xfc3ee7c6, 0x27d2d55f, 0xc87a5390,
-      0x5f517a3f, 0x2438e9d4 },
-    { 0x8815af3c, 0xc4a45308, 0xf3c9bed5, 0xe55f1a32, 0x97b65ddf,
-      0xaef1cdc9, 0x12e51eb5, 0x61c61d94, 0xe63f2490, 0xbd0dac54,
-      0xd0b3e231, 0x6f14429c, 0xf1da6010, 0xf737c3c2, 0x6bbc4fb1,
-      0x7150e04b, 0x1be281cb, 0x205b4c89, 0xd7701f5b, 0xf1b4633c,
-      0x2a513490, 0x8b33ef46, 0x68f1f7f2, 0xddb47c73, 0xbd416b67,
-      0xf4ada511, 0xff795bb3, 0x9d2a97cd, 0x96200e67, 0x00a8b7b2,
-      0xafe30e01, 0x13f39011 },
-    { 0x7bd0c827, 0x3dd296ef, 0x4a29ff46, 0x506110f3, 0x1c9a515a,
-      0xf8793068, 0x268bca77, 0xde8d8045, 0x998045df, 0xcbb83024,
-      0x68c0e584, 0x3f90d710, 0x263b6062, 0x2a838ca8, 0x535c5d0b,
-      0x293bb5e7, 0x56415110, 0xceea99d5, 0x1bbda005, 0xfe311ad0,
-      0xa4d8d018, 0x2497e0bf, 0x1cf2b866, 0x33dd77a0, 0xd8c4ba8b,
-      0xbc075b73, 0x722b7bc9, 0x298466d4, 0xcbda1b0b, 0x17a7ce24,
-      0x680703b6, 0x458d4b6b },
-    { 0x4d54d8b2, 0x8a26a20e, 0x4d320a0d, 0x05a5696e, 0xf994f700,
-      0x698b5858, 0x2f6549a8, 0x7a4adc3c, 0x3694d00d, 0x1812e819,
-      0x730402bd, 0x46b9b000, 0xa1b36410, 0xe10a1449, 0x99230220,
-      0xeae95ea5, 0x1b4820c3, 0x3efc2e9b, 0x85c9eb8a, 0xfe5b5cb5,
-      0x97847064, 0x21ae0319, 0x8f27d49f, 0x68ef0b70, 0x2f72556b,
-      0x3259ef18, 0x624db01a, 0x00ae0457, 0x5668f95c, 0x628e3b06,
-      0xb6fbbf91, 0x5f13f5fa },
-    { 0x3a9b0dc6, 0x7c6ed9ae, 0x6f883ec8, 0xaea1bde9, 0xea8b3677,
-      0xea66bf88, 0x9a66e3ab, 0xdefa6abc, 0x68217ffd, 0xc4d3317b,
-      0x290df05c, 0xf741c8f2, 0x7d11674e, 0x1f0fdf17, 0xc35989ca,
-      0xfdf0ece7, 0x6b9c482d, 0x0eed92df, 0x55bf1ca7, 0x73713e66,
-      0x25cec99c, 0x90acb290, 0xe803e69c, 0x37c9e3a2, 0x17713a1a,
-      0x7c0a3c53, 0x6f5a174d, 0x350dc565, 0x05f802f6, 0x11625a44,
-      0xa37ba4a2, 0x2196495d },
-    { 0x13142680, 0x00cb2fd3, 0x65d14cf4, 0xab9e91d7, 0xdfe2669e,
-      0xc6a0ceab, 0x0ae22bc5, 0xbeefce58, 0xcb6ec250, 0x3c2b7986,
-      0xd738f1ff, 0x84adb1a2, 0x516ec8ec, 0x9709bc28, 0x8e8f7db5,
-      0xf3693129, 0x95b197f9, 0xc48efc6b, 0x9aaaa404, 0x9ff10952,
-      0x144154b0, 0x2c3c8cbd, 0x427f3435, 0x33ef7bc3, 0xd21897c1,
-      0x04a17940, 0x6ce548a0, 0x5aa0c47d, 0x3d56fa62, 0x2971cea7,
-      0x04475f08, 0x93ad0eb0 },
-    { 0x988a9963, 0x7a0b6967, 0x6515e8dd, 0x61e477f7, 0x3b6b50f2,
-      0x6274e386, 0xd33922de, 0x63a9b8d5, 0x687a5b3d, 0x3c38d3fb,
-      0x1302e323, 0x18f6f09c, 0xe02fcccf, 0x254c05c3, 0x26e662f7,
-      0xc04ed0b7, 0x143fe079, 0x1d5646b8, 0xc9016c8c, 0xef8a9448,
-      0xf823d797, 0xe5674c4b, 0xbccde451, 0x0586f72f, 0x4417eade,
-      0xc5fc88d5, 0x576e588d, 0x2b952209, 0x5844d1f9, 0x4408dd42,
-      0xea41c034, 0x73f8c3f0 },
-    { 0x5df763dd, 0x89534fc8, 0x3ac71836, 0x3b1427f3, 0x6e8f15a0,
-      0x0db5be17, 0xcb20888e, 0x1d390944, 0x857caea6, 0x7804c9ad,
-      0x519f7bf3, 0xaa584428, 0x293aa8cf, 0x626eecf1, 0xea36a015,
-      0x749e0d98, 0x3321edcd, 0xefff6dae, 0x28b791cc, 0x963deea6,
-      0x2d16e361, 0xa14e0552, 0xb15ae206, 0xa2e058fc, 0xfca325e4,
-      0x0f268745, 0x21341a8a, 0x7cf9d407, 0x7caa51b8, 0xdfed25d9,
-      0xadbedd75, 0x0108ae39 },
-    { 0xa9e88f63, 0x54d178f3, 0xab0c7325, 0xaa05b11e, 0xe261d8a6,
-      0x773a53e6, 0x8d0b91c8, 0x24db7dae, 0xe9bb004d, 0xde10b073,
-      0x54e3090b, 0xfc8befe7, 0x0cc69c89, 0x16af0599, 0x9d59511a,
-      0xddc83803, 0x46c5dafc, 0xc3f65b99, 0x1ee0a599, 0xfbbe4be8,
-      0xfb3a9b17, 0x88891e36, 0x445dad00, 0x0c9aad75, 0xd5097e1f,
-      0xdffc46ab, 0xac85a4e1, 0x8848089b, 0xa0c45233, 0x348bb42f,
-      0xeb13c1df, 0x807c06d8 },
-    { 0x98ee0ef6, 0x00a969ec, 0x8bb7b7af, 0xba9d5483, 0xa02f8fdb,
-      0x24484c92, 0x8b70557c, 0x7bdb201a, 0x60ad1af2, 0xe59343e4,
-      0x998c95fb, 0x53a9a942, 0xda861d3b, 0x974db3de, 0xed399c0e,
-      0xce1525c9, 0xf72109bd, 0x89b56881, 0x998211a4, 0x08ff7d15,
-      0xef0f275a, 0x5df76b3a, 0xfa2f358b, 0x93f180f7, 0xc39b0634,
-      0xaac4ffcf, 0x17583b53, 0x2692c626, 0xb55399fc, 0xb2fdfa36,
-      0x99607a61, 0x16424c6c },
-    { 0xdd2744a9, 0x5dd65c55, 0xfe3af418, 0x2544c1c2, 0xefe8b089,
-      0x32c82e99, 0xa9df691a, 0x30b7ab25, 0x9be99674, 0x98384550,
-      0xcaf2d122, 0xbcecd258, 0xbcc77272, 0x88ae4098, 0x4b8efa0c,
-      0xd4396141, 0xed64d12c, 0x44ff67b9, 0x2e7f3404, 0xa9e655e4,
-      0x45b0e9eb, 0x3d16fc45, 0xf03ded28, 0x474a3e14, 0xacccb85c,
-      0xa3c9adff, 0x7253a51b, 0x3dfe6bc1, 0xfb5831b1, 0xdddaf4b9,
-      0xa4f4478a, 0x5544e602 },
-    { 0xbaa80b4f, 0x897c5313, 0x63bdc8ef, 0x0122716f, 0x7b42c5a8,
-      0xae2742db, 0x0883308c, 0xe9d9e1e9, 0x2d341ab1, 0x352c8c3f,
-      0xed945870, 0x163d0500, 0xc290d9d8, 0x8349dd73, 0x1f6c7d29,
-      0x2053c5e0, 0xcb42033c, 0x83107446, 0x09d09af1, 0x76c88bd2,
-      0xb2794681, 0xd0f70e6e, 0x19b1b540, 0x720b59de, 0x22994b43,
-      0x80b7ecdc, 0x2dec53cf, 0xc1a4cdce, 0x1ed60f42, 0xdd7d3edd,
-      0xe241d261, 0x5735995c },
-    { 0xa0237056, 0xdc4ba3fb, 0x33ab3388, 0x6856c164, 0x271ec612,
-      0xc01eebbd, 0xe3031bec, 0xabdeb033, 0x6118a1f5, 0x4eee4419,
-      0x5b600f33, 0xec497421, 0x08868773, 0x1b7185cf, 0x7c1b7dfd,
-      0x7b0c46cd, 0x4a4c5e89, 0xd143b2da, 0xbb1ff94d, 0xdb9a5984,
-      0xc9cf3465, 0xac3904e4, 0xeace64c9, 0xf8729bc0, 0x768ad99a,
-      0x5cc22821, 0x8a9540c2, 0xbbd3b081, 0x049a6917, 0xe468ed5f,
-      0x3ec45ef0, 0x885486df },
-    { 0x4bdff464, 0x6a942c93, 0x25a7b451, 0x3db2719f, 0x325be324,
-      0xccb0070b, 0x19fe3339, 0x2055a31b, 0x241ee8ff, 0xaca69ae8,
-      0x55ef8def, 0x7607dd08, 0x1a1b73c6, 0x9e24960f, 0x71d36810,
-      0xbcb0e8a2, 0x6885e6b9, 0x29e11aa2, 0x185eae19, 0x98b5d0ab,
-      0x0f81f91c, 0x1a0b96e4, 0x994fc503, 0x4d0e8bcf, 0xf119d6e0,
-      0x33d81697, 0xaaa4ce0c, 0x29083287, 0xc91ff9d7, 0xc5dd4d3e,
-      0xd4ab962d, 0x31cecfe8 },
-    { 0xfc8b21e8, 0x437bfd9a, 0xb19436df, 0xe5dd32b3, 0x921c36a0,
-      0xfe5902d4, 0xa3d0fa90, 0x8e9de84d, 0x5bb523bd, 0x9663e6ad,
-      0xaecd6975, 0x9800a23f, 0xb4fbb59c, 0x1009c0d9, 0xc9d20ff1,
-      0x839aa7bd, 0xecd6fa3d, 0xf502f66d, 0xc5516ca9, 0x480ed4fb,
-      0x6c742ac4, 0x65ffa5f6, 0xff3252f8, 0x2b7c7945, 0x75d9cb3d,
-      0x72fefc05, 0xd6d6f1d2, 0x11b0863b, 0x9a6a4ec3, 0x5d8f3cf0,
-      0xda2547b3, 0x6961b46a },
-    { 0xcb35e2ac, 0xd07b587e, 0x57af14d9, 0x1ed5546b, 0xdb28a04c,
-      0xeca17a5b, 0x709d54f0, 0xa1f91d44, 0x9c6f400e, 0xa6e719fd,
-      0xfb8ce190, 0x4e4b88ed, 0x246e3fd2, 0xf9781edd, 0xb655af5d,
-      0xd67120e6, 0x93413ca7, 0xda782d1d, 0x9707fa21, 0x697e20a2,
-      0x54e84123, 0x1eb51f32, 0x36051f9f, 0x2e254d9e, 0x73ce5be9,
-      0xddaec42b, 0xcd3f794f, 0x89a9a32e, 0x0781aad9, 0x1964e22f,
-      0x53755212, 0x6a63a90c },
-    { 0x3d7acbbb, 0x76554e00, 0xb74f6108, 0x2c01668a, 0x388c519b,
-      0xe4a29672, 0x3eb94d4f, 0x01667714, 0x0cd6d2f6, 0x086a3cdf,
-      0x7b370f7f, 0xf8658021, 0x5a4d3e7c, 0x658880c1, 0x5ba3f4a1,
-      0xd6ed5816, 0x5ca471dd, 0xabcc7813, 0xe844a576, 0x809bf074,
-      0x6ea502ea, 0xa53a81b3, 0x0e021ed3, 0xc20b9307, 0x8617f165,
-      0x8c27f892, 0x8235cd0b, 0xa5476446, 0x82552961, 0xffc89ffd,
-      0xd151d90e, 0x51ed4a22 },
-    { 0x449701b4, 0x37d6963a, 0xbb27caf2, 0xea8d91a3, 0xb572965f,
-      0x3ef9be15, 0xdb50bf7d, 0x75a7a055, 0xce643b9b, 0xfd67480e,
-      0x6ceb5d5e, 0xf2a60d2d, 0x5ed7c897, 0x68fc320c, 0x28ce685f,
-      0x41c53cf6, 0x7106615e, 0x0e29711f, 0x23500ecc, 0x7a872138,
-      0x6c29fe48, 0xaf0a9260, 0xe1ef9712, 0x93df3f2a, 0xd2d169bf,
-      0x0d5f6fb1, 0x74a9793c, 0xeb7afe26, 0xe9f49256, 0x4173d94a,
-      0x2b8b5ce5, 0x2d6951bc },
-    { 0x904e222e, 0xdd007d9f, 0x86f4e109, 0x333f248f, 0x8f429eee,
-      0xd4994e8b, 0xcfc77518, 0x29573415, 0x0b0f42f1, 0x6e7fea3a,
-      0xc2743519, 0xc795cb7d, 0x711e71a0, 0x820a8f66, 0x2b874f55,
-      0x83d95d9c, 0xe70e1627, 0xd4b64d78, 0x8b92a742, 0x924353f5,
-      0x447b5e6d, 0x322048b1, 0xbcf931a0, 0x0bad730c, 0xa7af2268,
-      0x75c4d089, 0xb83b93f9, 0x464904c1, 0x165b3aee, 0xa24eba02,
-      0xe08cc5f0, 0x65c48e78 },
-    { 0xde222c22, 0x1a1c73ce, 0xfcea23b4, 0x5683d8cd, 0xb2143b06,
-      0x0301cb14, 0x59fcec77, 0x284adf8f, 0x31204cef, 0xfb1c581c,
-      0x94735107, 0xf54d3eee, 0x4d3188c0, 0xdbf67f0b, 0x10f18d12,
-      0x76a3f2d1, 0x07d3e013, 0x3809fa28, 0x25e7ece0, 0xf06f0a46,
-      0xb2895d2e, 0xd82867ed, 0x08b0553a, 0xe106f489, 0xef245445,
-      0xe2280fa6, 0xa8d9a3cb, 0x402d5785, 0xd438ba2d, 0xf63dd9ff,
-      0x7a6b226f, 0x36b5cd2c },
-    { 0x545679a7, 0x87ff4e20, 0x4520c750, 0x64d80b41, 0x9b459cd8,
-      0x90a357fa, 0xc85af1a3, 0xa19eaf39, 0x8d935a5e, 0x0d475d79,
-      0x781a678a, 0x74501983, 0x0cc2e810, 0x74839779, 0x2f412244,
-      0xc6a21d11, 0x36a51a37, 0x8d0e85f9, 0xeaa74df8, 0xff50151e,
-      0x93cf99c4, 0x14e182a7, 0x376a9ab6, 0x45593df1, 0x522389ff,
-      0x18f73caf, 0xf7445e8a, 0xd27cc960, 0x39a51dc8, 0x0692f4c5,
-      0xdb39bfd8, 0x08d7c144 },
-    { 0x3ecca773, 0x809c0d96, 0xd48c2156, 0x87ea9192, 0xdb6bd641,
-      0xf0eccd74, 0x2a678cdf, 0x77312374, 0xd1587b7e, 0x7a966d8b,
-      0x6130a4c6, 0xf3c1a101, 0x5fce17bd, 0x7cc6e838, 0xa8de7aa4,
-      0x95e95bb8, 0x898308e3, 0x3fe1e8b5, 0xe347694a, 0x0197243e,
-      0xbb0cd2bf, 0xf3fe9c42, 0x0f9b2b49, 0xb5905264, 0xc7367d1f,
-      0x4c385e8b, 0xb5ee147b, 0x1d3050ae, 0x04004ad9, 0x8e2c3879,
-      0xbab70202, 0x5f2aa8ee },
-    { 0x1266524b, 0xe208d464, 0xd0a19f66, 0xb7bf3880, 0xda106ebf,
-      0xa5aa685e, 0xe642dd46, 0x0a69e8d3, 0xc682e4d6, 0xef349c61,
-      0x0fcb534c, 0x26f6ee3b, 0x05eb67b8, 0x7daba127, 0x18be05f6,
-      0x2babb27e, 0x8e2d85d1, 0x959afcba, 0xe2d9d386, 0xedcf2d1a,
-      0x1ea6f06e, 0x59dc52e6, 0x866e5ae8, 0xc28278b4, 0x02bcd3c7,
-      0xd9ff0340, 0x784be82f, 0xe884ac76, 0x83c9f224, 0xa3164980,
-      0xb46ff949, 0x62501a98 },
-    { 0xad264086, 0x563f7d9a, 0xa5e0e4bd, 0xca6a33db, 0x8c8d3d67,
-      0xe8253002, 0x46e64b19, 0xa288dac8, 0x20aa4536, 0xfa3c9197,
-      0xed553eac, 0x8130c9b0, 0x2ea8abd3, 0x622806e0, 0xceccfe77,
-      0x52fbf54d, 0x4f0d1b70, 0xbd9a8e31, 0xd59b1741, 0x519d2133,
-      0x9a6fea8a, 0xfd74101c, 0xb5c4eb10, 0xd1acf7a0, 0x91f9da5e,
-      0x78499b73, 0xc0dea586, 0xabaa4c49, 0xa1f3531a, 0xcc9c5f73,
-      0xfd3fc665, 0x497b15fe },
-    { 0xf45568e9, 0x8a56cbaa, 0xc7192a6f, 0xf491a0fe, 0x9ab2539a,
-      0xdbb03dd3, 0x4ac37da9, 0xc86522f8, 0x02a0f5b4, 0x8c8cdba2,
-      0xa29c539f, 0x8109fc75, 0xca90f02e, 0x9cd06d31, 0x3e216dbf,
-      0x8f31f044, 0xba3ebd91, 0x99aa68ac, 0x42c007f4, 0x2a80d0d2,
-      0x86a9b7ce, 0xdd8dffbf, 0xd6308edc, 0x405d3e84, 0x068012ca,
-      0xdafa33fe, 0xedea1071, 0xc2eebd13, 0x2ff637e6, 0xb7ae7e5c,
-      0x9e514cb7, 0x18d46a6c },
-    { 0xa78b7802, 0x868cbb22, 0x497cbaf4, 0x0745ddb2, 0x42ae8add,
-      0xc4eb2f3e, 0xb4ceb4e4, 0xac0abcda, 0xa325fd40, 0x2e0d8325,
-      0x13ac7345, 0x6cfe0571, 0xb14171b9, 0x7407a788, 0x6da7a52b,
-      0x70eb0603, 0xd85176ac, 0xab0b36f9, 0x7c2954f3, 0x14109d29,
-      0xdcd705ad, 0x370de9c8, 0x7bb5e751, 0x3f0db5cd, 0xa06e708c,
-      0x45f93d41, 0x7e93050d, 0x10d54f8a, 0x5a38fef9, 0x69e6f8e4,
-      0xd3f62e40, 0x55044601 },
-    { 0x06cb9cc9, 0xd1c5c910, 0x41d00014, 0x542074d7, 0x11236fb8,
-      0x7cd8663e, 0x29ad5f82, 0x39721ffe, 0x2951fc83, 0x1d21fbfa,
-      0x400d144f, 0x1cde06e7, 0x91792e6b, 0x9042596b, 0x29ad5166,
-      0x3365c8e5, 0x9aeefe98, 0xe2220e85, 0x70c2aee3, 0xbcb53189,
-      0x9ff100bc, 0x477ca3db, 0xf532973f, 0x27074176, 0x9a2bd01b,
-      0xa12118ac, 0x3dd79f93, 0xf3425209, 0xc6f5d7db, 0x563a8ff7,
-      0xd7b0ec4f, 0x0da313fc },
-    { 0x15aa2557, 0x37125a8c, 0x00893e9c, 0xca21d70c, 0x67b8a823,
-      0x48713994, 0x7cb0042a, 0x0d3e9a74, 0xc9e2ce18, 0x2d2bf4ff,
-      0x049aeac2, 0xd5531a0d, 0xf03d0660, 0x4d29a616, 0x1f1b7f00,
-      0x473d50d6, 0xca3de50c, 0x3af0ecbb, 0x09c28f27, 0xe2959bea,
-      0xf8704664, 0x6d7c2ea0, 0x731083ef, 0xadfae4e1, 0x941c2554,
-      0x50940c26, 0xa1162d03, 0x44167410, 0x1e82290e, 0x620230d8,
-      0xdb414acc, 0x63630be8 },
-    { 0x8a7d2e41, 0xbf8d5222, 0xeb62f879, 0x49e75823, 0x6c402d89,
-      0x1b4d33dd, 0xde2c59ad, 0x883e04d6, 0x49b9dc38, 0xbf3f38f4,
-      0xb4b70c4c, 0x9d997d18, 0x13cea045, 0x1f69b20c, 0x58e2606d,
-      0xca3d7025, 0x261d1b79, 0x3d4fd977, 0x5a1436fa, 0x56aeafa8,
-      0xbb443c07, 0x369b3e98, 0xe558f6be, 0xfce5186c, 0xf8ac8f89,
-      0xeb0cd478, 0xd5e5aa72, 0x68074f37, 0x68544eb0, 0x295845c0,
-      0xf16688ed, 0x306a9871 },
-    { 0x634ec136, 0xbc451e9d, 0x0e6f658f, 0x1edf27ca, 0xc0db4120,
-      0xa9be0152, 0xc5bfee67, 0x87b6ef20, 0x9a2d6023, 0x35283238,
-      0xc7afb899, 0x60e564d8, 0x0ac9c2de, 0x4af22bc0, 0x82a9d22b,
-      0x28e6f631, 0xf532701b, 0xc075c701, 0x82075f91, 0xf6d418f8,
-      0x1beaa511, 0xf9fa628d, 0x6e72a13d, 0x551e7a17, 0x77f4c01c,
-      0x9306215b, 0x93c9d588, 0x71aba731, 0x58e57cd4, 0x6443ebe0,
-      0xe8103e37, 0x2833ac41 },
-    { 0x8da5ec5c, 0x7e564b86, 0x1c08db24, 0xac3d9da8, 0x8c57a728,
-      0x9d7c1f0b, 0x9d343dc2, 0x3512afe7, 0xfdc60339, 0xb438e4cf,
-      0xdcfa1941, 0x7d5a2700, 0x27320449, 0xd5f323f8, 0x1393c6e6,
-      0x1b87a58e, 0x04baa431, 0xecb68bd1, 0x4722b4d7, 0xc09c1c5a,
-      0x206b5faa, 0xf42faa97, 0x9976327e, 0xe1dcbcd6, 0x087787d9,
-      0x655ba9e4, 0xde5c0191, 0xbd59c757, 0x0bcf3538, 0x673020ed,
-      0xa49d6303, 0x120cd454 },
-    { 0xcab0f9ee, 0xebfdb8f4, 0x2cce58ee, 0xbc003ef0, 0x5a8d0665,
-      0x9b6a6841, 0x9b957774, 0x642ed3a6, 0x4721ab5c, 0x3de487f0,
-      0x21a4f0d3, 0xef2ff380, 0x29dbddcd, 0xbd16f558, 0x0e93dff2,
-      0x2ef05b4b, 0x0bc9aec1, 0xde1faa12, 0xd467fa92, 0x66dae2c2,
-      0x5eb33e34, 0x758daf64, 0x8f0103cb, 0xa67ad9f6, 0x9be02430,
-      0x151f693a, 0xeb4054bc, 0xd5698496, 0x7019336e, 0x8ef1677e,
-      0x7fdeea3e, 0x021cfd16 },
-    { 0xdf5c36f3, 0x5c73715f, 0xd64ad254, 0x703bde37, 0xf2cf7713,
-      0x55368d10, 0x0f3993c8, 0x1e5ec7b7, 0x304ae4ca, 0xfdb16776,
-      0x3d3bb18b, 0x0d8f717e, 0x66343d5a, 0x5267073f, 0x156008b5,
-      0xfaeb52ef, 0x224a470f, 0xb97ad5f9, 0xed2ab51a, 0xaf86e391,
-      0x9974302c, 0xdc0c7e57, 0xfd0ae28a, 0xc88fa817, 0xbf8ed59c,
-      0x807c22df, 0xeb128bb6, 0x5dedc231, 0xa20595a3, 0x71edcd9c,
-      0xc73cf78e, 0x07265b46 },
-    { 0xbd66232f, 0x73dd99f0, 0xc4027716, 0xc59aaf89, 0x5b860fc4,
-      0xaf826dfa, 0x7a943f3b, 0x239ea8aa, 0x523c428d, 0x0e0e1b1a,
-      0x6973b95a, 0x55ea0e3a, 0x2557753b, 0xea399caa, 0x06957b1f,
-      0xf8adf72f, 0x3bd34302, 0x0389f341, 0xf8a43a97, 0x333f27d0,
-      0xadaf796f, 0xcd9c0c08, 0x49c12aa2, 0x6dcca49b, 0x7a0ac6e9,
-      0xdd88deee, 0x0644080e, 0x8f47575d, 0x0cc2f4bd, 0x6e9d667d,
-      0x31d1496c, 0x36c5754b },
-    { 0xf323d84b, 0x9120046e, 0x7e789c4f, 0xa6991122, 0x921b8055,
-      0x4b0eaf4e, 0x8079974e, 0x6339844a, 0x740f8c79, 0xc905466a,
-      0xcd6def49, 0x1c18d0f7, 0x4b23e4ba, 0x5297da6b, 0xc41800c5,
-      0x1c09dff3, 0x37ef6777, 0x6c49075b, 0x50513ded, 0xa94c3a40,
-      0x6b0b1705, 0x3d6742e9, 0xc48af5ae, 0xc0784494, 0xc95822de,
-      0x40c01532, 0xc164d94f, 0xa2ddade5, 0xa2975eb5, 0xfc8a8ac9,
-      0x1946944e, 0x06fbf861 },
-    { 0x3f45aa97, 0x2d65338e, 0x1d040feb, 0xd83b58c8, 0x0fdef8b9,
-      0x05fef59b, 0xe4d7417c, 0x7beb071a, 0xb30a1a23, 0x982b61f5,
-      0xfb65bd03, 0x4c5f2a2a, 0x5cbf6bf3, 0xe40abc9d, 0xf06612a5,
-      0x422c326d, 0x9571ae28, 0xc921e69d, 0x23d3434e, 0x7c88b10b,
-      0x9da07933, 0x96d2e957, 0x3619cf4d, 0x833d46a1, 0xd95eefa1,
-      0xd9d19653, 0xa03e8f0e, 0x2a7d8411, 0x04bb5ab1, 0x5e642953,
-      0x1f0fa9ea, 0x5e9ca0fd },
-    { 0x197c5dc4, 0x5bd54571, 0xe78a95a2, 0xe2da40bf, 0xffdb0eb2,
-      0x65fb9efc, 0x0d17467c, 0xe952dc2c, 0xc758c6a3, 0xc1fc9c7b,
-      0xd4034a9a, 0xfc79562c, 0x61f64b56, 0x26e36fbe, 0x1e84728b,
-      0x6adc4b9e, 0xa8f9ac8a, 0x7f165fd3, 0x03e3e013, 0x7bc93a45,
-      0x656478e3, 0xeacc5513, 0x064ddc77, 0xd3391717, 0x76936914,
-      0x75b318dc, 0x362424a6, 0x69b1f1c7, 0x49955f34, 0x8cc2045b,
-      0xc6836af8, 0x940622b3 },
-    { 0x0d997973, 0x4710ccb7, 0xd3f8f115, 0x3b29625d, 0x5b97abd5,
-      0x8cf0c4d5, 0x673e14a5, 0xc6321e0a, 0x3d262246, 0x0541af9d,
-      0x6fc83b11, 0xde6d8754, 0xf01652a4, 0x47e97da8, 0xad9802b6,
-      0x0f82b3a6, 0xae9c44b2, 0x69aa4075, 0xced2bf77, 0xaf3f5de2,
-      0x497a40da, 0x1ef1ea8a, 0x3c23ba9c, 0x2e0f8608, 0xf190a2c8,
-      0xd8a998a4, 0xcfde3368, 0xe2b49c8c, 0xbde6bd71, 0xb9f49824,
-      0x785bedb6, 0x80bb1664 },
-    { 0xfd145cb5, 0x05e575fe, 0xac5e6883, 0x155ee561, 0x8793b273,
-      0x461e70cf, 0x133b2338, 0x9f1553de, 0xa2a7ba07, 0x2fb9e0c3,
-      0x3e7086fa, 0xc3bfd6a8, 0x8bb4cb93, 0xb6ba8500, 0x76f82dbd,
-      0x0b66d789, 0x54eb49ff, 0x7d5a6ff6, 0x1f20b322, 0xcd65d237,
-      0x54e29cdc, 0x79ea49c2, 0xcb118ff9, 0x64975963, 0xcc58000b,
-      0x969598dd, 0x110c779c, 0x95107918, 0x63b85a35, 0xedfc1548,
-      0x41212350, 0x077ba5ea },
-    { 0xcdd86f61, 0x0b3a38d3, 0x0502a0ab, 0x43121445, 0x806d0272,
-      0x1912edc5, 0x8a32f10f, 0x01dc1f98, 0x0e80c760, 0xbb1d31d1,
-      0xf464e8b3, 0xd46ec7e5, 0x9abf49ee, 0xd569af36, 0x2cdade77,
-      0x9d286ea7, 0x45ad5920, 0x2be7020d, 0x6299ae7f, 0xabe5236e,
-      0xd3f55c07, 0xc93179bd, 0x52350e80, 0x8138995a, 0xaff07586,
-      0x0901265c, 0xf4739653, 0x5b3c81b2, 0x9bc77d21, 0xbaf7581d,
-      0x4591a2e2, 0x6b2006df },
-    { 0x965b1bc1, 0xb2fe50a8, 0x962bb4fd, 0x931f536a, 0x000e7f99,
-      0xd5718d33, 0x53d5125e, 0x84728f25, 0xd2125caf, 0x4f8a6184,
-      0x357f679e, 0x54f1a701, 0x1531c05a, 0x70a9f40c, 0x6fa8b775,
-      0x10d0cb97, 0x9dc12ce9, 0xb476f41e, 0x2755f894, 0x5c8d7a75,
-      0x625741a4, 0xd6c12e10, 0xc917b16c, 0x262a6fb8, 0x38d6b0a0,
-      0x24d116e6, 0x32c38e83, 0x849540c0, 0x66868afc, 0x855b911c,
-      0xbd26b550, 0x53217ea6 },
-    { 0x259f52b4, 0xfc840473, 0xe621146c, 0x968da9cb, 0xcacbd26e,
-      0x964eb85e, 0xe4a54344, 0xab7daa2d, 0x381a4ff7, 0x6dc3b848,
-      0x41c815ef, 0xa07a96b3, 0xc3d4b1e1, 0xc4fae9e8, 0x42ce9ea8,
-      0x0f938d1e, 0x35cc052f, 0xa727dacc, 0xe9a06f07, 0xc81e01c9,
-      0x4a6d65a1, 0xa9e08dcb, 0x6044a9a6, 0xf8e2d173, 0xf2bd295b,
-      0x99893dd0, 0xf9781b12, 0xa08d3379, 0x61830ac2, 0x64bd6001,
-      0xd9adbeef, 0x0386931e },
-    { 0xd09885a5, 0xd0d7abb3, 0xe355bb07, 0xed9d2b67, 0x536ebaed,
-      0x3bc238cf, 0x699ce4d6, 0x61ca2e78, 0x111594cd, 0x354ff447,
-      0x03316ad2, 0x55cbe709, 0x49fff5c4, 0x418679fd, 0x0f9c6c40,
-      0x75bacd75, 0x2972721a, 0x677edc88, 0xe5ef502f, 0x82596887,
-      0xbf320e0e, 0x459e9367, 0x8bbdccb2, 0x81ce36ef, 0xb766863d,
-      0x1ba097fc, 0xd58c6db8, 0xcd3a21d6, 0xb4a8748b, 0x0e4967cd,
-      0x15041c20, 0x2caaf749 },
-    { 0x6ed20424, 0x44f98006, 0x22471545, 0xb3e4ea23, 0x781a8c86,
-      0x268ed1a5, 0x7ae5b70b, 0x48d0ab75, 0x356d3982, 0x6ca8b320,
-      0x2df31fa4, 0x9ce8e681, 0xd925dcf2, 0xb909d232, 0xf56723de,
-      0x302c8f78, 0xabac96f9, 0x11725d69, 0x57d1a170, 0x656a47ca,
-      0xc18a2be7, 0x6bb5d511, 0xad50d9d9, 0xb56e45f1, 0x70b05518,
-      0x36e886e2, 0x09d8ff91, 0xc7c71f3d, 0x9350361e, 0x65a1bbe2,
-      0x45fe3bd8, 0x86d7f532 },
-    { 0xb0bf719a, 0x99f16eb6, 0x8bc3d913, 0xb6975098, 0x26cd01b4,
-      0xfae50e52, 0x90898d1c, 0xd3e3ac54, 0x887ec666, 0x4da3b9db,
-      0xfbea45b8, 0x58300644, 0x8355b058, 0x369f3bd9, 0x579bcc13,
-      0x0fb239a8, 0x6e2bd811, 0x4f5b4539, 0x24198fd2, 0x007f3baf,
-      0x8837d51d, 0x68a676db, 0xeae75b16, 0x68eeea62, 0x3db6083c,
-      0x5ffe5f94, 0x7d836c5a, 0x52c94d0f, 0xcbc1ff85, 0x5a4c3c6f,
-      0x86c0b4dd, 0x682a55e3 },
-    { 0x587495aa, 0xc8f235a4, 0x34c7245d, 0x2276026c, 0xb75a46e3,
-      0xd6ae0cc5, 0xecc3e5e7, 0x890d3965, 0x14296629, 0x1b13342f,
-      0x8a877227, 0xc89927e6, 0x2324a68b, 0x1543f27e, 0x49cdc21a,
-      0x6c447684, 0x1452d0ac, 0x9bc7fd4f, 0xff4b045c, 0x2cc30a31,
-      0x852f7611, 0x415d46a0, 0xc6fdd7a6, 0xad737052, 0x7b4c7c91,
-      0xdcecc3ab, 0x7688d70c, 0xd2cdf01b, 0xe40d3905, 0x054f2542,
-      0xfefe4dcd, 0x02227fa6 },
-    { 0xb751948b, 0x1805efd9, 0xfdfd225d, 0x8efeed46, 0x4f2c8b22,
-      0xcb128e09, 0x96f7c5e5, 0x9d1090bf, 0xb4cbeca0, 0x0959d044,
-      0x8e08cb04, 0x21c955f9, 0x68fa4fce, 0xbc1f279d, 0x0710ae9a,
-      0xb021e14e, 0x881167f4, 0x64d16e9f, 0xbbc9f1a5, 0xf5a5c22e,
-      0xe3420eea, 0x5f3716df, 0xd5c4e843, 0x971eb915, 0x28ffba81,
-      0x64fc55fc, 0x7dd37578, 0x3427e54d, 0x15ebc7d0, 0x446e6a62,
-      0x29269778, 0x547e249a },
-    { 0xa1ffda27, 0x4706868a, 0x7955cf50, 0xb4e6cdcc, 0x0a63f3d8,
-      0xf65151e1, 0x9de5e70a, 0x5b4127ea, 0xf9342823, 0x3d2c09ba,
-      0xaa2f7d51, 0x18c99d83, 0xddeec025, 0xa0c5bb1d, 0x03dcf1ce,
-      0x7ffddf84, 0x616fdeda, 0xe57e4d29, 0x7932a1f0, 0xd2456569,
-      0x3191d4e3, 0x7475e0e8, 0xc220218b, 0x3479bea1, 0x8bcb2505,
-      0xfceb5c90, 0x3c6132e6, 0x1c685cea, 0xbfe6c1eb, 0xc42dc745,
-      0xd2b08eea, 0x45a41cc0 },
-    { 0x4dbbf0e1, 0x3ea9b2c7, 0xa17cf70e, 0x41ff962f, 0x5eeb4c66,
-      0xdc1ea758, 0xa9beb17e, 0x4f5412d2, 0xa285741a, 0x2c9e4f52,
-      0x984fd11f, 0x93df7da4, 0x0df3184e, 0xb2afbddc, 0x2421e375,
-      0x96323d25, 0x49df781e, 0xc87be1e4, 0x3d589bea, 0x145601ed,
-      0x28fff6dd, 0x0f0bd9bd, 0x8a0f298c, 0x2d3259d4, 0xd88e6944,
-      0x362d7a77, 0xb6ac2af6, 0xa84c06b6, 0xd087da02, 0xba850ac9,
-      0x42ee40c8, 0x128763c9 },
-    { 0xacbac178, 0x29a80f07, 0x34b08f6e, 0x7cc20044, 0x70feded2,
-      0xe9631d14, 0x86615767, 0xb2115da3, 0xcb088548, 0x7c75f5c4,
-      0x9a2e8e03, 0x5b29d213, 0x8b881752, 0xfe9fda66, 0xc1de7ebc,
-      0x3f1d8d88, 0x03218123, 0xb476565e, 0xb1c995f3, 0x07365561,
-      0xb13eb71b, 0x2160cb18, 0x99b3a0eb, 0x7e8da513, 0xb20fcd74,
-      0x5e8ca1f9, 0xb4126d72, 0x6a7e0067, 0x68bb637f, 0x1e8204b7,
-      0xfc4f74d2, 0x75e96bcc },
-    { 0x0d19716e, 0x189d1fdc, 0x7c384525, 0xdf585058, 0xea987d2a,
-      0x64a846d1, 0x6c07150f, 0x12b6bf83, 0x4d6fd5b7, 0x91d85d46,
-      0x4f53f55f, 0xa9788836, 0x81509129, 0x60083bd8, 0xea876f48,
-      0xa7672683, 0xc15b2489, 0xe80b2e7a, 0x42d1d992, 0x985ef8d2,
-      0xcf3de492, 0x9c57b029, 0xb1487627, 0xfe02f83c, 0x8ae5b687,
-      0xaeba4fe4, 0x5d6b8196, 0x8a86f09b, 0xa16e523d, 0xd88f566b,
-      0xba268949, 0x309a6e9a },
-    { 0xbdfbe97a, 0xef27ee50, 0xb8c50c4d, 0x1a5fe70f, 0x7fe09f5c,
-      0xcc7beb01, 0xbed36cc5, 0x8fa15a85, 0x7550ed3a, 0xc0c3acdb,
-      0xeb908681, 0xc581ef87, 0xc49d5ccb, 0xa15b3362, 0x1fa264e8,
-      0x0fbb1714, 0x8e1eee88, 0x267f8d8f, 0x21c2b63d, 0xd31ccfd6,
-      0x53be7efd, 0x924dbe7d, 0xdb2a358a, 0xd42e877f, 0x75d68ac1,
-      0xcf9673c7, 0x714fea55, 0xe35978fd, 0x5769b202, 0xeeb36653,
-      0xd7593789, 0x0458258a },
-    { 0xa042dbdf, 0x5df71a74, 0x5779dfa2, 0x2d405857, 0x0d2e6657,
-      0x0e66cba7, 0xca2e892e, 0x285d6745, 0x0f0e6b5f, 0xf56a8def,
-      0xa30767c3, 0xe0ee851d, 0x43346b9c, 0x98c05658, 0xd6b3c742,
-      0xb35fce26, 0x39777e00, 0xc0895bff, 0xe7b6d886, 0x83c8f6a6,
-      0x4f02904b, 0xbee14843, 0x2e84ec34, 0x7f74915b, 0x96d10991,
-      0xbaaf663c, 0xe41facc0, 0x004b8757, 0x6f86c029, 0xa2b880e5,
-      0x95b77358, 0x53f4a3e0 },
-    { 0x89fc48e7, 0x11bb08ce, 0xafab5aeb, 0xba60c577, 0xa0c1cb5a,
-      0xf06bcbf8, 0x79757cb6, 0x7d2efaea, 0x76319160, 0xe26d90b1,
-      0x2b77b7a9, 0x42aa1ab6, 0x285df2bf, 0x38eec0cd, 0xf3a8f7f0,
-      0xd35947f5, 0xfc1cb5b5, 0x97c8dc0e, 0xc45845cf, 0xfeb8cca0,
-      0x249e26f2, 0x16e8d989, 0x483ed89a, 0x7c264e6d, 0x51d91073,
-      0x13a3f145, 0x305e99f0, 0x8501562e, 0x6908d563, 0xaaf98d74,
-      0xd723d236, 0x0a99e653 },
-    { 0xabbc0559, 0x23536f46, 0x9aa1a160, 0xc163067b, 0x0c1681b5,
-      0x229fd229, 0x1378e907, 0x61254be1, 0xab793a2d, 0xc60ff57a,
-      0x466552db, 0xa6f2df8b, 0x8c170a36, 0x9ad31893, 0x29b74d9a,
-      0xc5cd9abe, 0xf7848523, 0xcf747273, 0x0d0e3063, 0xc126a93a,
-      0x4248e3d8, 0xfe2021e3, 0x8323ddfa, 0xd97343ee, 0x332639e7,
-      0x9f768775, 0x75325548, 0x9650fc31, 0x3eebf7ea, 0xb595dbd1,
-      0x010fcbc0, 0x3a95cb45 },
-    { 0x39d7ff2e, 0x954e68cb, 0xc1d5c48f, 0x8dd1cb4b, 0x7169438a,
-      0x02a92c77, 0x91cad8ce, 0x7965c0b0, 0x32cd08d2, 0x0c5798ab,
-      0xa6902bda, 0x1a5bc3c3, 0x5186d218, 0x545d0925, 0xd27e64db,
-      0xf0077cdb, 0x8cd092da, 0x0157caa4, 0x24532ab3, 0x2a2fa3a0,
-      0x41ccaba3, 0xa5fb639b, 0x4744aee6, 0x01702dc1, 0xcdba93da,
-      0x485bb436, 0x329784f1, 0x93597f66, 0xdad672c3, 0x5d713c1d,
-      0x030b7245, 0x366d222e },
-    { 0x573ea5b2, 0xd50b4875, 0xa90da44d, 0x0fce401b, 0x7a1a0310,
-      0x7b53fa65, 0xcf114460, 0x722a80a5, 0xa538bf49, 0x0b8ebf05,
-      0xd32acd21, 0xae141147, 0x7b5ad07d, 0x6692712c, 0x3f48ca07,
-      0x6dc5fee7, 0x2b8a78d8, 0x98ed1499, 0xdd2f1759, 0x4e8b3145,
-      0x5f971b8e, 0x43408de1, 0xadf1b368, 0x055ea6dd, 0xe5932b7e,
-      0x4bb76e73, 0xd30893fd, 0x44287153, 0x0661bfda, 0x173dccd2,
-      0x79defd25, 0x9072ba99 },
-    { 0x9620ea39, 0x474de4dd, 0xc831cee8, 0xfbf1649f, 0xcd3a9c43,
-      0x0b0e8bb1, 0x3f3df1d5, 0x6a38286f, 0x8f0ec9b3, 0x4ed072b3,
-      0x729c09e3, 0xa6e4c987, 0x8ad12242, 0xea3e8ac6, 0xfbdfa5ba,
-      0x6ae0e22b, 0xb0a0f592, 0x56171ecf, 0x6b871f8d, 0x33b2886d,
-      0x35e11bda, 0x6b19bea9, 0x7f0f153f, 0x4d815a40, 0x7d6c02ee,
-      0x7e608d97, 0xb6a88f46, 0x7e8f23d9, 0x439d1654, 0x26ac9652,
-      0x35546c29, 0x8d92c6bd },
-    { 0xabeb0ff7, 0xb3e0d7ce, 0x3e0e42f8, 0xfbe35254, 0xde808499,
-      0x57d1b226, 0x1cd44bc3, 0x9ece2e1f, 0x435cfee1, 0x1245adbc,
-      0xf93f581c, 0x874ee840, 0xbda0b947, 0x916a779c, 0xfa57ae0a,
-      0xabcc815a, 0xf0a621b0, 0x97adec2d, 0x81f90bdc, 0xbe6a502b,
-      0x53bde63d, 0x54bf9de1, 0x78884c25, 0xa88fdabf, 0xcbbb5470,
-      0x30aa52b1, 0x29053ef5, 0xf805396c, 0x8dd827ea, 0x8d43d898,
-      0x5c1ae5c0, 0x4e4bec17 },
-    { 0xfcc09676, 0xbf8483a2, 0x19ea9a94, 0x457c4a3f, 0xd702a5dd,
-      0xa6852ef3, 0x843fe7d8, 0xe7915fd2, 0x16e35158, 0x644bba98,
-      0x9ed746f0, 0x8d1b95d0, 0xb90af0b5, 0x47704581, 0xd4fd135e,
-      0x0bd4bc6b, 0xb4e833a5, 0xa6dce067, 0xff56a9a1, 0x2c0e8f30,
-      0xec2c63fe, 0xa9c80800, 0x98f508a8, 0x449c20a5, 0x3292813a,
-      0x02b94cb3, 0xec7e81a2, 0x647e3d28, 0xb4877677, 0x72e67d1a,
-      0x6f9ded24, 0x7a4aa3f5 },
-    { 0xe27a0045, 0x559ef1ba, 0xb242cb50, 0xdc812d4f, 0x39cf8d24,
-      0x23a478e4, 0x9b3f9c54, 0x97544fc5, 0xaffa1fcf, 0x5ac68132,
-      0x34a2c83b, 0x74f8fee0, 0xcd3f4bb7, 0x96cc640f, 0xb0512ea6,
-      0x775dce9d, 0xcdce381e, 0x67dca19d, 0xa9d3fe55, 0xc1eeb3f3,
-      0x1a19274f, 0x38e0bf42, 0x28d69b12, 0x15992fb4, 0x9fd09df8,
-      0x48fcebde, 0xb41ab5df, 0xdc9dfa4f, 0xc0a269c5, 0x0cbd7dc8,
-      0xf7f0ade1, 0x60282a7b },
-    { 0xdceea2e7, 0x7c07e538, 0x3c42061d, 0x38a322c8, 0x4f1f6516,
-      0x676828f9, 0xc7776a10, 0xf21b69fb, 0xb5e6b405, 0xc63a3417,
-      0x91a7b642, 0x4c99f258, 0x2cad1440, 0x38692ca8, 0x00869bcd,
-      0xf1e82ffe, 0x16fe466a, 0xc30b714e, 0x19019138, 0x5fb742f9,
-      0x0fa516ae, 0xe90166d0, 0xd8c73a43, 0x5550f7ac, 0xfbc5c372,
-      0x2d6a407d, 0x68cc39ed, 0xe47a7539, 0x4a5fbe70, 0x3fd286d9,
-      0x23c6b942, 0x5f4ae9c7 },
-    { 0x53f4d561, 0xd96a2dda, 0x16da1992, 0x286d45d0, 0xfdd4b051,
-      0x449a01fb, 0x9f2195ea, 0x25488a0d, 0xa37661b3, 0xc4151b0a,
-      0xf9e5ee02, 0xb98c471e, 0xa8658817, 0xa4bca86e, 0x7a68fc0a,
-      0xbbcadb87, 0x6b7366a9, 0x88b34649, 0x15661c2d, 0x32ee98d4,
-      0xc901420c, 0xf5b3b4c6, 0x2f2752af, 0xa2352735, 0x510e4d9c,
-      0x2f64ce73, 0xaca4aa80, 0x939a7f26, 0x401aa503, 0x9cd3e291,
-      0xdc46afd2, 0x92a01423 },
-    { 0x1c2f7dbd, 0xe9f24be1, 0xb7d527fa, 0xda8c900f, 0x8648f128,
-      0x963e25bb, 0x48141941, 0x9ab713e2, 0x7a6756fb, 0xe87f7d01,
-      0x058d90bd, 0x274dd85e, 0x82566abd, 0x823fee7a, 0x74240195,
-      0x9f6230d7, 0xacb5e46e, 0x04579f2c, 0x16a4c87e, 0x2a226263,
-      0xd99b0857, 0x9ca19a43, 0xe488789e, 0x86dc2ba3, 0x9406c3bd,
-      0xf960b5b9, 0x8960957e, 0x6f2c428b, 0x161c515b, 0x90748706,
-      0xaa88cb9b, 0x0fc8fe1e },
-    { 0xfeb90f2d, 0x68ae1bed, 0xa48b1559, 0xf393bb3c, 0xf64e9635,
-      0x2be62f9c, 0xf8be75c2, 0x354c2410, 0x5e6f7529, 0xbd7ea703,
-      0x162cab31, 0xc264868e, 0xc860f3ff, 0xb1391e70, 0x1d89837e,
-      0xdf367c75, 0x2bf32941, 0xe150b6b4, 0x78c1318f, 0x95e8f46e,
-      0xa2c4b160, 0x2b3f1dab, 0x701afbf3, 0xc6ccf5ce, 0x5e8874c5,
-      0x3ad27530, 0x5dc6dcbe, 0x39285e51, 0xd99892dd, 0x3c954d86,
-      0xdfd3789f, 0x2d0ba862 },
-    { 0xb472e1af, 0xeacd8ee8, 0xb76abbcc, 0xeb354eae, 0xd0d93fbd,
-      0x9b520bf8, 0xfe6fc706, 0xfccd60d7, 0xa4ee2f39, 0xa9353dde,
-      0x9a81e51e, 0x5eb0925e, 0xd1366777, 0xee334da1, 0xd5354d69,
-      0xc1d28c9f, 0x92a5ed54, 0xb9771755, 0xb7f70d81, 0x5d3e367f,
-      0xa933ae7a, 0x7be7eeca, 0xe23cfbb7, 0x264cf1f9, 0x89497681,
-      0x0d129f4a, 0x09b6235b, 0x705375a4, 0x48a376da, 0xccf64c75,
-      0x4d41dbfc, 0x963c8712 },
-    { 0xde36a814, 0xbae290cb, 0x733b12b5, 0x9bdb0195, 0xf77fe0e1,
-      0x0ebad867, 0x29720cea, 0x0a7d19fd, 0x9029ec72, 0x434d7651,
-      0xbb51911e, 0x856aff17, 0xd80a7f60, 0xd0a25d9a, 0xf848c106,
-      0xffca86af, 0x43ad749c, 0x53e8bdf9, 0xe3e696bb, 0xfb9e0284,
-      0xeeee4215, 0x3eb6630a, 0x2ecf3c63, 0x9d8fbb9e, 0x4e00c0c0,
-      0x71da4ffa, 0x5d57beac, 0xb296be59, 0xa8cec7ef, 0x1751fbad,
-      0xff55d7bd, 0x2d03eb3c },
-    { 0x04f2ec1d, 0xeb16925f, 0x0d147ee2, 0xa878f276, 0xaad9d9e0,
-      0x442df604, 0x3f71035b, 0x891df44b, 0x8cb95d5b, 0xc28272b3,
-      0x5ee8ed23, 0x6f14efb5, 0x13b0f3e3, 0xf3c4460f, 0x6bd7335e,
-      0x889f9bd7, 0xf755ba6e, 0x889ee771, 0xed219b6c, 0x626984fe,
-      0xec2ee411, 0x2d44c737, 0x63efcd37, 0xb94385a2, 0x6637826b,
-      0xd909321b, 0x3ee6b7a7, 0xc24f8a79, 0xa7cf61b7, 0xa3ca8d24,
-      0xc54bacd9, 0x842e40c1 },
-    { 0xa661d843, 0x5a268ed6, 0x4f5b30cd, 0x02328cca, 0x1311e177,
-      0x16e6fed1, 0xc6695967, 0x690decb4, 0x57b2e280, 0xbdac5bf6,
-      0x1efe42d0, 0x827f82ca, 0xca5fca2f, 0xc554ec0a, 0xdde45506,
-      0xac5276c1, 0xe3077513, 0xb7f4cb08, 0xcc8797cc, 0x8caf6d9a,
-      0x0d9332d2, 0xd5964814, 0x285a409f, 0xcc6ae297, 0x6223d093,
-      0x7773c2a5, 0x5128fc09, 0x2d5266ac, 0xbc31fe6c, 0xa596b7cb,
-      0xcac91328, 0x0e63319a },
-    { 0xf0360ac2, 0xb5cd2fad, 0x285e605a, 0x86b660de, 0xe25b9b14,
-      0x82c6cf10, 0xaa9ac554, 0x9d5fa38d, 0x526c070e, 0x3dfcf1b8,
-      0x3fccc52d, 0x0379a96b, 0x0bfcc7f5, 0xe3659c29, 0x69d3e6a1,
-      0x5b1a3db5, 0x9b7b42d5, 0xb41528b5, 0x9c22a006, 0x934defa4,
-      0x9b4ce3b6, 0x90f38018, 0xb3abaf32, 0xb073bc04, 0xff8389e2,
-      0x27a5a222, 0xffa5a35b, 0x0b7a9d51, 0x28e1a7c2, 0x4939ecef,
-      0x1872705a, 0x88839da2 },
-    { 0x701ce29a, 0x56b66c30, 0x58981d50, 0x3acaf126, 0x105f9f21,
-      0xd4dafc0c, 0x373e3d13, 0xfee571e6, 0xfa2ee3ca, 0xe7269c86,
-      0xdd20385a, 0xf5cca64a, 0x3000e9ac, 0x217f2757, 0x0e7273ef,
-      0xc934db47, 0x355b6776, 0x4294f4f7, 0x6fc05180, 0x1faa36b9,
-      0xb052190b, 0x8f88b1db, 0xe9eaef52, 0x35791b90, 0xdb681b90,
-      0xf37fb2eb, 0x4415c369, 0x39d0a51d, 0x1d2e21c9, 0xfc59cca7,
-      0xa1f50c26, 0x64128cfe },
-    { 0xe8f5b0b5, 0xf03678a2, 0xd340f059, 0x5c7e249c, 0x93ca7cec,
-      0x41440441, 0xbc83af98, 0x075ca346, 0xfaa8bbb0, 0xf39f0033,
-      0xf38230f7, 0x3d18f0ed, 0xd448f345, 0x78dff00c, 0xd51aa475,
-      0x849228c0, 0x30c928d1, 0xdd4e2708, 0x8f12cfd3, 0xc66ba686,
-      0x88b3a206, 0x091049db, 0x016dae01, 0xd865d059, 0xe253e37d,
-      0x4599e905, 0x7ce9871b, 0x322cf0c2, 0x174a132e, 0x014f54da,
-      0xbdabcbda, 0x93634a09 },
-    { 0xa9a2e304, 0x62826b27, 0xc1a4c124, 0xc57e1866, 0x22381710,
-      0x913ab832, 0xa9847cfe, 0x7e9b6b85, 0x2b5f46fd, 0x29655cf1,
-      0x8038e66d, 0x7295572b, 0x6fa95eab, 0xe4cba601, 0xb9deda81,
-      0xbbc11071, 0x3f1cf61e, 0x97f0009a, 0x373e0cfb, 0x5372777b,
-      0xd139d63b, 0x302f909c, 0x4f87d78e, 0x1ed672da, 0xb4048763,
-      0x362077a3, 0x9dcc22b2, 0xc408c32d, 0x26deeee7, 0x4b4c5bf2,
-      0xbc06357e, 0x266cb467 },
-    { 0xb56363e8, 0x6faa4154, 0x3c1aa4db, 0x4b4fd078, 0x2b9e6597,
-      0x14358dde, 0xfa004b84, 0x5b34ae3e, 0xf19911a6, 0xcf44b2ec,
-      0xa536bf78, 0x55caa833, 0x8870dc95, 0x606e1eb9, 0x09f3511d,
-      0xe3c3287d, 0x9d5cf364, 0x68b2f4eb, 0x63ab8c9e, 0xc154e892,
-      0xc36ab611, 0x1548828e, 0xa1b7d120, 0x0932bfcb, 0x5315b8d7,
-      0x7ee7b5bc, 0xf7473ac1, 0x782fd0d1, 0x3c8f2af3, 0xbcb029a8,
-      0x52454ee1, 0x4b1d5a1b },
-    { 0x63d52c0c, 0x12fe5174, 0x188c099d, 0x3735525e, 0x360e3956,
-      0x5c621563, 0xacfa5a43, 0x88b3f1ca, 0x797e8107, 0x90123a0a,
-      0xb15e080a, 0xba31f6b5, 0xfca3dada, 0xd7de5e12, 0x0df511c8,
-      0x3287361b, 0x65757d4e, 0x7cc800d4, 0x5207ec91, 0x10810f3d,
-      0x30eea0e3, 0x0d4e56f1, 0x3ea5a2ec, 0xbbf7ee13, 0xbe6abbd0,
-      0x6fc07762, 0x120bf619, 0xc831fdce, 0xb622d42a, 0xe07439fa,
-      0x508e4b27, 0x8186b93f },
-    { 0x09312867, 0xc619d154, 0xbfaf7db4, 0x7e042c05, 0x1f5f5dda,
-      0xc1cf1668, 0xa4fc3d82, 0x50aa5057, 0xce68b8fe, 0xed30ed65,
-      0xbeb4d644, 0xecb01c0b, 0x831c0497, 0x7b5dc444, 0x9b7d9b1c,
-      0x351e6a00, 0xd9477c91, 0x4bb863b9, 0x05d4110a, 0xaba65891,
-      0x43580b7a, 0x30086cf4, 0x90be357e, 0xb139c076, 0x27b5214e,
-      0x12bfff1a, 0x22c3ab57, 0x79cfc6d7, 0xf34a9bfa, 0x4743de57,
-      0xc9ee2b2a, 0x0bf97e97 },
-    { 0xdda19e96, 0x96ec4ec8, 0x6c306e8b, 0x54ce18ea, 0x65f6918a,
-      0x7e83612b, 0x0d9a0d99, 0x1ac6f68b, 0x62fdcc09, 0x98a697a4,
-      0x95bc3e13, 0x65ce25f1, 0xb3939730, 0x1896ecda, 0x32f12806,
-      0x9eb81a0f, 0x1d2dc7df, 0xd3d7416e, 0xad473599, 0xe22c7976,
-      0x9f5ef439, 0x3de37a9a, 0x9e69d94e, 0x6b7ac0ab, 0x0a9d0bc8,
-      0xe6bfa9e0, 0x5676f120, 0x576a870d, 0xfeaac23f, 0x3bd91bb4,
-      0x3e40aabb, 0x8fe5482c },
-    { 0xce9a4d1e, 0x85ae67c2, 0x4f1d2038, 0x4c3eb803, 0x25d06192,
-      0x5c6c8f3a, 0x308fb41c, 0x803de0ad, 0xe71c294e, 0x9961f5bc,
-      0xf02eb0da, 0xdc62078d, 0xb64ae8b6, 0xc87ef515, 0x50b4d18f,
-      0x69679f1e, 0x52199f43, 0xc5c009a1, 0x0f640a5f, 0xa7d484be,
-      0x23dab566, 0x4c918bb1, 0x64275d2c, 0xa67c114c, 0xcad2ded6,
-      0x95a913b9, 0x6b4b5c8d, 0x189ed18b, 0xb42d3bf6, 0x4aeb6206,
-      0xbbc8bc3f, 0x3928c669 },
-    { 0xdacb4b64, 0xde4bea4a, 0xf26179a1, 0x03f62a44, 0x7a9112a4,
-      0xf3aac94e, 0xd36f331e, 0x90448fbd, 0x407b85c4, 0x426042bc,
-      0x2121b77b, 0x5ad8a596, 0x67cee984, 0x31674a4f, 0x4e3b2f0d,
-      0x7fae8bbe, 0xa7c930eb, 0x681df6dd, 0xc259d0d4, 0xadeefa98,
-      0xbea1c1fd, 0x1b14d9e6, 0x21d405d1, 0x3baadc8b, 0x73892754,
-      0xf01dff93, 0xf071cde4, 0x81c35b3e, 0x9150d0d9, 0x1704d2e1,
-      0x355134f6, 0x6ccc888f },
-    { 0x7ad7504c, 0xf8d36f0e, 0xf7959ddd, 0xbca3265f, 0xfede67aa,
-      0x0dcd1ede, 0xbaebf32f, 0x1276f4ce, 0x014edcfc, 0x6825a6e6,
-      0x99ad8eb7, 0x0b8c1a82, 0x09b8ce1e, 0x312024a9, 0x9cbd351a,
-      0xcb8fd98b, 0xfab1e8be, 0xa4841378, 0x3973cacf, 0x17ed0f5d,
-      0x259d5254, 0xa17e1484, 0x74b91393, 0x53d5b843, 0x1aca3ce9,
-      0x8f792b21, 0xc8c0f815, 0x035ff110, 0xad4ed7bd, 0x6afa6357,
-      0xb26faef9, 0x2f151980 },
-    { 0x29d2d439, 0x0c8631da, 0xbc039955, 0x121fbbc2, 0x6c05b75b,
-      0x3e5a9792, 0xb6ce47ec, 0x6d6cf4c0, 0x9d88c658, 0xbaaa1767,
-      0xf3355a17, 0x031db9e7, 0x0aef5a85, 0x8381e3d8, 0x15a31bdf,
-      0xc71db290, 0x9498fd7d, 0x638f6b74, 0x13beeef6, 0x44edf3f9,
-      0xf4ab67b3, 0xe6173271, 0xfd22df11, 0x3a202c70, 0x205c4e92,
-      0xf7be0389, 0xa8eb9920, 0x1c219085, 0xbeb54aaa, 0x6c805ce8,
-      0x0ac58d65, 0x354b05b7 },
-    { 0x7a9170e9, 0x7171e236, 0x4cad50cd, 0x01eec42d, 0x3cddccfb,
-      0xffbe824f, 0xa66cae1a, 0xa73e8ce3, 0x965c7d01, 0xb7138a7f,
-      0x5c3d971e, 0x00058e3f, 0x2ff0a72b, 0x52591ac3, 0xbbbce76f,
-      0xa32fb5bc, 0xa9f81a18, 0xf3241ab8, 0xeca68630, 0xf31d3332,
-      0x4482f13b, 0x847af9fc, 0xa4681be2, 0x6196e217, 0xe55efcf9,
-      0x9938f932, 0x70acc705, 0x3e7dacb8, 0xcf09fac2, 0xd41be893,
-      0xae3523a1, 0x48dc55c4 },
-    { 0xa5092193, 0x8e623826, 0x6898970c, 0xe46ec362, 0x25c9eb41,
-      0x2f1356af, 0x83c7d245, 0x41780640, 0x97d00e38, 0x982def67,
-      0xa512151c, 0x382eb6e7, 0x8af58869, 0x154e1077, 0x8a51cf02,
-      0x18707075, 0x71313c58, 0xcdeba9f7, 0xba155904, 0x5d67b973,
-      0x1d0d7b3a, 0x851c9f4b, 0x8b8af2cd, 0x19f29d71, 0x986b8d62,
-      0xcb94ccff, 0xb93b9c33, 0x8725e24b, 0x66e38c68, 0x405ce4c5,
-      0x0b6dc021, 0x5f6a8edd },
-    { 0x8f9a8690, 0x83704ca5, 0x2f76a407, 0x3f369766, 0x69201028,
-      0xfbc12d8c, 0xbce3a4cf, 0x4cd58f16, 0x04aab26d, 0x7804664a,
-      0x4ea457a8, 0x005cfbba, 0xb8a59794, 0x537951b3, 0x4fe1f739,
-      0x4ca2b9e4, 0xdf325797, 0xe4428acd, 0x0ea243db, 0x648da342,
-      0xf43ce01e, 0xcce6562b, 0xf27db490, 0x840f0421, 0x8bfb7cf0,
-      0x156ccb70, 0x5a8797d3, 0x9b33480d, 0x9eb814bb, 0x2e12e07a,
-      0xca7f87ac, 0x1ca65072 },
-    { 0x2b9d25a0, 0xfbb321cf, 0x40a746db, 0x66affdca, 0x59e368b5,
-      0xc1c1530e, 0x7d80068f, 0x56ed1ea4, 0x5647dd68, 0x9b74d8fe,
-      0x89b78da8, 0x1d96b507, 0x8bbe3391, 0x39b75243, 0x0d858c5f,
-      0xef8d443e, 0x9646aa34, 0x4dd2db49, 0xe667543c, 0x7fad3bd1,
-      0x68980985, 0xd0d710c0, 0x49facaba, 0x9f7aff32, 0x14f9a192,
-      0x055dec1c, 0x1fb307a1, 0xaca66399, 0x35ffff64, 0xac44fd91,
-      0xcbad3cee, 0x462cafb6 },
-    { 0xde3237dd, 0x1660a647, 0x82b87404, 0x95f735cc, 0xddfa55f8,
-      0xf7879f59, 0x726b914a, 0x15ef043e, 0x1c93e298, 0x1875393d,
-      0x6ef18331, 0xa1a2be74, 0x25a9a12b, 0x4e7e8dfc, 0xa9c3917f,
-      0xdfefc97d, 0x0a2ebe41, 0xbc875d03, 0xa732d1cc, 0x0f75d235,
-      0xd9baa6d3, 0x06fee7fe, 0x65f48576, 0xaa784fab, 0x513f83c0,
-      0x23155e22, 0x3e8f9d13, 0xd2fb7718, 0xb546eafd, 0x2a291503,
-      0x6cd93608, 0x1293c98c },
-    { 0x49d53b77, 0x72781251, 0x96eafac7, 0xa6ab403d, 0x4a36b711,
-      0xb7d7c7db, 0x87e771c1, 0x8238c708, 0x33b37522, 0x495f6abf,
-      0x8c87530d, 0xb0b0289c, 0xe77b111a, 0xca83cb86, 0xa1bd189e,
-      0xbe1c0fb8, 0x1ae9d7c7, 0x58cfb2fb, 0x4940c3e8, 0xd05c23c5,
-      0x74ad9107, 0x16e79e41, 0x064e7142, 0xa0a47f05, 0xfdfd614f,
-      0xc6929cd4, 0x3946988b, 0xedb2584c, 0xe46f8fb1, 0x73e4b5f3,
-      0x68ea94ba, 0x53b79aa1 },
-    { 0x44bbb6a1, 0x216fafce, 0x67821728, 0xd3a5bba0, 0xa9dd939a,
-      0xef1e4b30, 0xf19efafe, 0x022eaf3d, 0x7b4ec014, 0xfed5abce,
-      0x512c6738, 0x64968ee6, 0x29fe89a2, 0x23119869, 0x47397c05,
-      0x0d539d8d, 0x234596c4, 0x6400bc54, 0x5346611d, 0xb9287f58,
-      0xc9d5da0f, 0x04099903, 0xc83af2a8, 0xe5ef4997, 0x328151e1,
-      0xc89dc01b, 0x58401104, 0x150fb4a9, 0xf3872c9d, 0x40a6f7d5,
-      0x56c2e833, 0x8290d6d1 },
-    { 0xd8546946, 0xf84637c6, 0x69ec57fa, 0xda134a39, 0xd789007e,
-      0xd42359a4, 0x0dc7b809, 0xb42557fe, 0x2d6784a9, 0xe62ae52d,
-      0x0bcadb5f, 0xa2714ca6, 0x33aafca5, 0xcc208de6, 0xed967811,
-      0x2380ed5c, 0xdb321660, 0x6e6b55e9, 0xa675235a, 0x1bead02c,
-      0xb33fa0e1, 0x51cc6ef9, 0xf06a2a08, 0xfd223e26, 0xec47b3cf,
-      0x00f332e1, 0xa0aa984e, 0x459f297b, 0xee952e14, 0x6fa1d969,
-      0x304fabb0, 0x506ef1ab },
-    { 0x35bff163, 0x11b4eb27, 0xea9fa984, 0x7130b96f, 0x9deb27ce,
-      0x66aceb3f, 0x9dd1c3d5, 0xa2daf1a5, 0xa73075aa, 0xf5090a7e,
-      0xe3071b58, 0x36a6af39, 0xdf73ad9c, 0xa28d633d, 0xbdc89a16,
-      0xdd354cac, 0xd4dcbc3c, 0xdfea3423, 0x379d92d1, 0x6eec74d2,
-      0x8eed6765, 0xe14a456f, 0xfa8feb1f, 0xfabe7743, 0xb98fcbc7,
-      0x1404ccf8, 0xf71a706e, 0x6ccd2fbf, 0x4d85c678, 0xdaaf3fdb,
-      0x15200344, 0x415b7dbf },
-    { 0x7d8377a7, 0x97010586, 0xcb803272, 0x068a3d68, 0xf03a4c32,
-      0xfd67d289, 0x93c8f290, 0x4bc7095d, 0xe9e5a2b8, 0x712fa13c,
-      0x0feb9f3b, 0xfc6ac6c6, 0x6e0e54c2, 0x0cda36d9, 0x86320a01,
-      0x45499751, 0x97f00f11, 0xf9318c91, 0xe6936508, 0x01dc4c3f,
-      0x85f068aa, 0x769a2ef9, 0xa2b5511c, 0x3522cef0, 0xb4122e05,
-      0x006965ed, 0xc175d43f, 0xfce0fafc, 0xec831d59, 0x525dc9bd,
-      0xaf58879d, 0x1ec314f1 },
-    { 0x2c8310c2, 0x0663feef, 0x457e3f74, 0xaa7e14da, 0xe5346887,
-      0x392b10fc, 0x637ec2c5, 0xcde4a38f, 0xb542f8df, 0x50773320,
-      0xf7de1711, 0x341302f9, 0xae4b9bc6, 0x018b1c63, 0xdd2f9e6f,
-      0xf001c46e, 0x26eccfa0, 0xd3bb0a97, 0x7746e0c7, 0xa931b99d,
-      0xf5875aec, 0xe0c8b6f7, 0x96939c82, 0xbb32f17c, 0x3de5a664,
-      0x765135d2, 0x52abfa6b, 0x71936cb4, 0x2dc105de, 0xad5cc08f,
-      0x7fff5788, 0x17e91d12 },
-    { 0xb7e051ca, 0xbe92ced3, 0x19c776d4, 0xc644d4fd, 0x0086784b,
-      0xc8ab4b52, 0xce9d6b31, 0x3ea66227, 0xd289e9c7, 0x395249a3,
-      0xd12a19ee, 0x54509e65, 0x8c365aec, 0xa7bd4692, 0x77963e0e,
-      0x354997e4, 0xb599732d, 0x0d765957, 0x91d4a3b6, 0x99584aeb,
-      0x1deb3e28, 0x6e653ea4, 0x572571df, 0xca7c98ed, 0xb18ae1f9,
-      0xf301a38f, 0x63f7b97e, 0x1629f7c2, 0xafc4a0d5, 0xdf242282,
-      0x3ddd0c01, 0x118f3b4b },
-    { 0x7ad4762b, 0x74a0a0a8, 0x8c58d175, 0x1aef84da, 0x4cf76d86,
-      0x16ff4960, 0x7e60d98b, 0xc0be8786, 0x3ecc1dba, 0x83637ffb,
-      0x5dd6147a, 0xc244a609, 0x5b0846e5, 0xa3e17834, 0xe77a4c05,
-      0x735eb686, 0xdf758695, 0x5bc18b4f, 0x1bdfe52f, 0x15618d0b,
-      0x00715ba1, 0x878ecc0d, 0xc2dd617f, 0x1dbdbd1a, 0x21b61710,
-      0x21d2b631, 0x44f593c2, 0x22ce8a79, 0x44f17024, 0x3b9b536a,
-      0x8d03e727, 0x01d0a67c },
-    { 0x1e46533c, 0x7b964236, 0xfb88c2ae, 0xe9477990, 0xa42c4a18,
-      0x019b5d16, 0xd83c7a45, 0x7135e81d, 0x4cb663e3, 0x74a69bdd,
-      0xe76c0d63, 0x7b67ecdb, 0x11e68da6, 0x03d54521, 0xd2e8650a,
-      0x596cceb5, 0x2af03b37, 0xcd572dfd, 0xfabd5952, 0x52364ba1,
-      0xb4ed8569, 0x7f47d456, 0xc950d5d4, 0x5ad8b572, 0x486e2f84,
-      0xcadd2dfa, 0xc56bb044, 0xdd527b43, 0x997c08e6, 0xc9adba24,
-      0x7da6320f, 0x1b625b06 },
-    { 0x4fd8446d, 0x44dfaa7b, 0xaf6febeb, 0xc01b2f01, 0xfe8838b5,
-      0xbf444388, 0xbba9758b, 0xf33c434f, 0x87156bc9, 0x2b971cba,
-      0x1f49098b, 0x6b245e5c, 0x2b41c5dd, 0x87dcb534, 0x34d852d7,
-      0xdb1f80c6, 0x2433da34, 0x6d6e3258, 0x3f7df0c2, 0xf6682065,
-      0x360cb365, 0xc4ca567c, 0x9826656a, 0x321faac2, 0xbf069768,
-      0x13f5ca6f, 0xa7076639, 0x15397921, 0x8400736e, 0xbdf14328,
-      0x19fc948d, 0x333eca96 },
-    { 0xac775d81, 0x23337948, 0xd41dbbca, 0x38c2518f, 0xbcfce948,
-      0x623c7a4f, 0x54703fe7, 0xaad36236, 0x13fb3b5b, 0x2b3a13a4,
-      0x7f5c01f0, 0x5db3565a, 0x52359661, 0xd72408dc, 0x1d616e91,
-      0x5a17f8e5, 0xcb25b999, 0x90c16eeb, 0x3393743e, 0xf35e8cf1,
-      0xe54b64a7, 0x987da74a, 0x65cd449d, 0x557b322a, 0x37e7b15d,
-      0x765082a5, 0xf2cd134f, 0x4d25c742, 0x4ccf0746, 0xae9d9c07,
-      0x8728d135, 0x72fc2110 },
-    { 0xf96004c8, 0xa906b203, 0x458055ff, 0xd83f95cf, 0x55f35909,
-      0xd77d5867, 0xe550c8ee, 0x4a9ea6fb, 0x55a06081, 0x91c8cca9,
-      0xbce82062, 0x4a1fee78, 0x9a3df85e, 0xeb9ade06, 0x7d3de666,
-      0xfbbdcf0c, 0x5d336d51, 0x228a391b, 0x5c2ffc3c, 0x760f8d28,
-      0x2f7b165b, 0x1ee48de3, 0x56177040, 0x03803d84, 0x9deff9a0,
-      0xe573f648, 0xa17e35a4, 0xe1a2738e, 0x8840a6c6, 0x238ef17c,
-      0xb11ed92d, 0x480946f8 },
-    { 0xfd71f119, 0x84c747a8, 0x53eb3695, 0x19e65c5e, 0x6298587a,
-      0x0e2f6786, 0xab18d6f4, 0x48a48899, 0xc630b8c0, 0xa1a99024,
-      0x2caaf892, 0x84975096, 0xe20fd624, 0xc8869aba, 0x6c2b7dd4,
-      0x3b72b04d, 0x0992f7d0, 0xe2775eb6, 0x7d06e684, 0x0089c06e,
-      0xe4bbd007, 0xcb3b4361, 0x4ba846e4, 0xa1ae666b, 0x46464d9e,
-      0xc01c2eb2, 0xc1f8539f, 0xf86f2be6, 0xcf68afc7, 0x16e8e8ae,
-      0xc7386902, 0x8dab61fd },
-    { 0xd54d1d45, 0x42a5c903, 0xff4f9ba2, 0xacd4297e, 0x34d478b4,
-      0x2d88b520, 0x08c4621a, 0x35b2ba2b, 0x34865402, 0xd3d239bb,
-      0x911f32e6, 0x1de76aed, 0x3f06fdc2, 0x877f8bcf, 0x9ec51502,
-      0x802714c1, 0xa590700d, 0xa10444eb, 0x31dcc957, 0x8694229f,
-      0xb8169fed, 0x5ece77ab, 0x2caf080e, 0x55be8a15, 0xcbd7cef1,
-      0x3eb21b14, 0x67b97ee1, 0x9def7ad1, 0x118f690c, 0xe03ca879,
-      0xf99b29e7, 0x6f77e62d },
-    { 0xe40bbf59, 0xa271bded, 0x6401aad6, 0x177ba453, 0x73541cd1,
-      0x1755e035, 0x4b71b02f, 0x3465b466, 0xa813359f, 0x22eb7113,
-      0x6f38eac7, 0x9792a8fd, 0xff3bf3b5, 0x11aa012f, 0xf85c3fbf,
-      0x99aafabf, 0x06c0cc42, 0x91e0a2ef, 0x773b7b3a, 0x314d5d57,
-      0xd669840a, 0xae5e2e76, 0x2e5a8be6, 0x86136073, 0xc1cf5580,
-      0xee6d7578, 0x68bed102, 0x2344e00f, 0x8184f0eb, 0x799d7886,
-      0xc3d2cf80, 0x63819c91 },
-    { 0x7884b073, 0xca5392e1, 0xeb1267ea, 0x9ec3a1fc, 0x907038a7,
-      0x3d07f5f0, 0xe4c47b70, 0xcb2ac07c, 0x1bf96b91, 0xf96664ee,
-      0x2aea4fbf, 0xebf57589, 0xfade6500, 0x5aabf391, 0x171d1204,
-      0xc5b3376f, 0xa0d3d81a, 0x1ff60c51, 0x976a844b, 0x10b2cfe7,
-      0xbda6125a, 0xe131cc9a, 0x4ebd453e, 0xe0fc16d3, 0x504b6bc1,
-      0xc0d0319a, 0x0a2f8cab, 0xe43a0be7, 0x55e49b47, 0xc80afeec,
-      0x8265d7ee, 0x67d48d12 },
-    { 0xea2d56d6, 0x068d59a7, 0x27480a63, 0xd71abd0e, 0xae7366cd,
-      0x6bd11db0, 0x07204ebc, 0xfbb639ca, 0xf77e6293, 0x89a242e7,
-      0x75ba8c3d, 0xdee7ca2b, 0x64a2f9a8, 0x472ddc3d, 0x7561a010,
-      0x84229df4, 0xc5b649d4, 0x95f62c85, 0x4dc927cd, 0xfdd56b1b,
-      0x5ee60596, 0xfe8bb120, 0xabf29401, 0x3efcaa50, 0x10d1c184,
-      0xd4900d0f, 0x28b01df5, 0x2cf113a9, 0x1f0e43f5, 0xa3d7ebc3,
-      0xe8384dc7, 0x27950e38 },
-    { 0xe1d0fa79, 0xeab21ff0, 0x048b5de9, 0x4b9fd033, 0x2fe374cb,
-      0x4c934689, 0x4eb21f6b, 0xbb4827fa, 0xa925e7e7, 0x46716f79,
-      0x7dd4c531, 0x1442bf36, 0xd2e96ddf, 0x2073954c, 0x8502aa89,
-      0x4e0141ae, 0x8eef6cc9, 0x8ee00e1a, 0x5880cdaf, 0x55ce8491,
-      0x69628046, 0xff3aba5c, 0x5d15dfbf, 0x335cc4f8, 0x9f684f25,
-      0xa7f0440c, 0xbb1e5bd8, 0xae80453f, 0xff2225ab, 0xa1c99813,
-      0x79b25d71, 0x54ff7884 },
-    { 0xde40b068, 0x27c6ee30, 0xe6f3a51e, 0x9226465b, 0xfa3b21f6,
-      0xe24a4604, 0xc0418115, 0x50a5a5ad, 0x8df90d2b, 0xe3285441,
-      0xdcb0c00f, 0xbb74e58f, 0x4a2c08e3, 0xc68f1b3b, 0x0ccd9ec9,
-      0x339df081, 0xb786ea9f, 0x915362dc, 0xc955aead, 0x28945e31,
-      0x8b6a6c6b, 0xd6a2c01d, 0x3678a427, 0x069e82dc, 0x28c9302c,
-      0x17875500, 0x9fa101e6, 0x8acda965, 0xee30b286, 0x4e4e4573,
-      0x3f1830fe, 0x8adbad85 },
-    { 0x0969d524, 0x060ae11f, 0xf39bcc79, 0xf42fdaf7, 0x7cc1fcc2,
-      0x3cec6766, 0xe2336d4f, 0x456b9cf2, 0x8e1c0f7f, 0x6aa1f5de,
-      0x0984fb0e, 0xcdbc2ad2, 0x1b464b28, 0x4090cfa6, 0x1243f3ef,
-      0x40d86f30, 0xcd5e87e7, 0x95b16ccc, 0x3026cd41, 0x403f168c,
-      0x816c0730, 0xdbe386cb, 0x58407a1d, 0x14eb86f3, 0x1717e1af,
-      0xf588b4f8, 0x66cbc96c, 0xb75c41a6, 0x027e71c1, 0xf342c1aa,
-      0xc0945e5f, 0x73930036 },
-    { 0x22cdaf42, 0x954f757d, 0xf4181aab, 0x788b591d, 0xf5514f25,
-      0x8b986819, 0xf18fd5bc, 0x69642e08, 0x022ceb91, 0x92b305d1,
-      0x6a4f6985, 0x1715903e, 0x61179cae, 0x4bd7d69d, 0xd29c01aa,
-      0xdacdfd5d, 0xd91108cc, 0x705ddd5a, 0x64ac8f15, 0x434ac7b1,
-      0xb524632f, 0x61a514e1, 0x731fc447, 0x45b9e61b, 0xe0961b31,
-      0xcf561348, 0x73eaf223, 0x9c28a967, 0xaa7c99d3, 0x5bd10182,
-      0xe42965e2, 0x8bc6ec4a },
-    { 0xe7f2a32b, 0xd096e5c0, 0x09388a30, 0xff54800c, 0x401e360c,
-      0x06fe437c, 0xbb6054a6, 0x6655fc9c, 0x8457aa6e, 0x510e1860,
-      0x2b29b2b7, 0xa0acfca2, 0x51b7da61, 0x732483e3, 0x6be6c8ca,
-      0xe31471ee, 0x8b65c9a1, 0xe565431c, 0x48d65cbb, 0xfc9ac3b9,
-      0xae9b2aa8, 0xd308fc21, 0xaa60aa6a, 0xd6a7df0d, 0x982fc0d4,
-      0x2844d96a, 0x5847a4d7, 0xab012c2c, 0xdceb8955, 0x2b3c8f71,
-      0xbe9c7e15, 0x8e85437d },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit tx[2 * 32];
-    sp_digit ty[2 * 32];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 32 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 32 * 2;
-        ty = td + 37 * 32 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 32);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 32);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_32(tx, ty, t);
-            sp_1024_proj_mul_qx1_32(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_32(tx, tx, t);
-        sp_1024_mont_mul_32(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_32(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_32(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_32(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_32(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_32(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_32(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_32(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    sp_1024_mont_inv_32(t1, p->z, t2);
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 32);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 32;
-    sp_digit* pz2 = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* l   = t +  8 * 32;
-    sp_digit* ty  = t + 10 * 32;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_32(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_32(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_32(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_32(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_32(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_32(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_32(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_32(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_32(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_32(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_32(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_32(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_32(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_32(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_32(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_32(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_32(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* h   = t +  8 * 32;
-    sp_digit* r   = t + 10 * 32;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_32(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_32(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_32(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_32(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_32(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_32(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_32(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_32(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_32(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_32(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_32(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_32(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_32(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_32(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_32(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_32(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_32(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_32(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_32(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_32(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit qx_px[2 * 32];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_32(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 32 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 32 * 2;
-        vy    = td + 37 * 32 * 2;
-        qx_px = td + 38 * 32 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-
-        sp_1024_mont_add_32(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 32] >> (i % 32)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_32(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_32(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 32;
-    sp_digit* rx = t +  4 * 32;
-    sp_digit* ry = t +  6 * 32;
-    sp_digit* h  = t +  8 * 32;
-    sp_digit* r  = t + 10 * 32;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_32(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_32(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_32(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_32(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_32(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_32(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_32(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_32(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_32(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_32(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_32(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_32(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_32(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_32(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_32(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_32(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_32(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_32(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_32(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_32(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_32(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_32(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_32(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_32(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_32(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_32(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_32(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_32(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 32;
-    sp_digit* pz2 = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* l   = t +  8 * 32;
-    sp_digit* ty  = t + 10 * 32;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_32(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_32(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_32(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_32(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_32(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_32(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_32(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_32(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_32(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_32(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_32(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_32(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_32(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_32(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_32(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_32(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_32(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[64];
-    sp_digit (*pre_vy)[64];
-    sp_digit (*pre_nvy)[64];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit pre_vx[16][64];
-    sp_digit pre_vy[16][64];
-    sp_digit pre_nvy[16][64];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_32(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 32 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 32 * 2;
-        vy      = td + 37 * 32 * 2;
-        pre_vx  = (sp_digit(*)[64])(td + 38 * 32 * 2);
-        pre_vy  = (sp_digit(*)[64])(td + 54 * 32 * 2);
-        pre_nvy = (sp_digit(*)[64])(td + 70 * 32 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 32 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 32);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_mont_sub_32(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 32);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 32);
-            sp_1024_proj_mul_32(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_32(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_32(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 32);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 32);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_32(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_32(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_32(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_32(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 32;
-    sp_digit* t2 = t + 34 * 2 * 32;
-    sp_digit* l  = t + 35 * 2 * 32;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_32(l, py, p1024_mod);
-    sp_1024_mont_inv_32(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_32(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_32(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_32(t2, t1, p1024_mod);
-    sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_32(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_32(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_32(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 32);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 32);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 32;
-    sp_digit* c  = t + 34 * 2 * 32;
-    sp_digit* l  = t + 35 * 2 * 32;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_32(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_32(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_32(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_32(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_32(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_32(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_32(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_32(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 32);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 32);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_32(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 32;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_32(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_32(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_32(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_32(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 32 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 32 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_32(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_32(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_32(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_32(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_32(c, c, t);
-            sp_1024_mont_map_32(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_32(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_32(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_32(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_32(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_32(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_32(c, c, neg, t);
-                sp_1024_mont_map_32(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_32(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_32(c, c, t);
-                sp_1024_mont_map_32(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(neg, 1, NULL);
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[64];
-    sp_digit (*pre_vy)[64];
-    sp_digit (*pre_nvy)[64];
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit pre_vx[16][64];
-    sp_digit pre_vy[16][64];
-    sp_digit pre_nvy[16][64];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 32 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 32 * 2;
-        vy      = td + 37 * 32 * 2;
-        pre_vx  = (sp_digit(*)[64])(td + 38 * 32 * 2);
-        pre_vy  = (sp_digit(*)[64])(td + 54 * 32 * 2);
-        pre_nvy = (sp_digit(*)[64])(td + 70 * 32 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 32);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_mont_sub_32(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 32);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 32);
-            sp_1024_proj_mul_32(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_32(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_32(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 32);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 32);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 32);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 32 * 4);
-    sp_digit* t2 = NULL;
-    sp_int32 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 32 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 32;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_32(t1, point->y);
-        (void)sp_1024_mod_32(t1, t1, p1024_mod);
-        sp_1024_sqr_32(t2, point->x);
-        (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        sp_1024_mul_32(t2, t2, point->x);
-        (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_32(t1, p1024_mod);
-        sp_1024_cond_sub_32(t1, t1, p1024_mod, (sp_digit)~(n >> 31));
-        sp_1024_norm_32(t1);
-        if (!sp_1024_iszero_32(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 32, pX);
-        sp_1024_from_mp(pub->y, 32, pY);
-        sp_1024_from_bin(pub->z, 32, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_32(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 32);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 32, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 32, pX);
-        sp_1024_from_mp(pub->y, 32, pY);
-        sp_1024_from_bin(pub->z, 32, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 32, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_32(pub->x) != 0) &&
-            (sp_1024_iszero_32(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_32(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_32(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_32(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_1024_ecc_mulmod_32(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_32(p->x) == 0) ||
-                             (sp_1024_iszero_32(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_1024_ecc_mulmod_base_32(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_32(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_32(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_SP_ARM32_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_arm64.c b/src/ssl/wolfssl/wolfcrypt/sp_arm64.c
deleted file mode 100644
index 71a31716d..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_arm64.c
+++ /dev/null
@@ -1,123699 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifdef WOLFSSL_SP_ARM64_ASM
-#define SP_PRINT_NUM(var, name, total, words, bits)         \
-    do {                                                    \
-        int ii;                                             \
-        fprintf(stderr, name "=0x");                        \
-        for (ii = (((bits) + 63) / 64) - 1; ii >= 0; ii--)  \
-            fprintf(stderr, SP_PRINT_FMT, (var)[ii]);       \
-        fprintf(stderr, "\n");                              \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                             \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                             \
-    fprintf(stderr, name "=%d\n", var)
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_32(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 31; i >= 0; i--, j += 8) {
-        __asm__ __volatile__ (
-            "ldr	x4, [%[r]]\n\t"
-        #ifdef LITTLE_ENDIAN_ORDER
-            "rev	x4, x4\n\t"
-        #endif
-            "str	x4, [%[a]]\n\t"
-            :
-            : [r] "r" (r + i), [a] "r" (a + j)
-            : "memory", "x4"
-        );
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_32(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_32(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[a], 0]\n\t"
-        "ldp	x10, x11, [%[a], 16]\n\t"
-        "ldp	x12, x13, [%[a], 32]\n\t"
-        "ldp	x14, x15, [%[a], 48]\n\t"
-        "ldp	x16, x17, [%[b], 0]\n\t"
-        "ldp	x19, x20, [%[b], 16]\n\t"
-        "ldp	x21, x22, [%[b], 32]\n\t"
-        "ldp	x23, x24, [%[b], 48]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul	x3, x8, x16\n\t"
-        "umulh	x4, x8, x16\n\t"
-        "str	x3, [%[r]]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul	x6, x8, x17\n\t"
-        "umulh	x7, x8, x17\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul	x6, x9, x16\n\t"
-        "adc	x5, xzr, x7\n\t"
-        "umulh	x7, x9, x16\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul	x6, x8, x19\n\t"
-        "umulh	x7, x8, x19\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul	x6, x9, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x17\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul	x6, x10, x16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul	x6, x8, x20\n\t"
-        "umulh	x7, x8, x20\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul	x6, x9, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x19\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul	x6, x10, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul	x6, x11, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[4]\n\t"
-        "mul	x6, x8, x21\n\t"
-        "umulh	x7, x8, x21\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul	x6, x9, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x20\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul	x6, x10, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul	x6, x11, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[0]\n\t"
-        "mul	x6, x12, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[5]\n\t"
-        "mul	x6, x8, x22\n\t"
-        "umulh	x7, x8, x22\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[4]\n\t"
-        "mul	x6, x9, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x21\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul	x6, x10, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul	x6, x11, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[1]\n\t"
-        "mul	x6, x12, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[0]\n\t"
-        "mul	x6, x13, x16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[6]\n\t"
-        "mul	x6, x8, x23\n\t"
-        "umulh	x7, x8, x23\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[5]\n\t"
-        "mul	x6, x9, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x22\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[4]\n\t"
-        "mul	x6, x10, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul	x6, x11, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[2]\n\t"
-        "mul	x6, x12, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[1]\n\t"
-        "mul	x6, x13, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[0]\n\t"
-        "mul	x6, x14, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[7]\n\t"
-        "mul	x6, x8, x24\n\t"
-        "umulh	x7, x8, x24\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[6]\n\t"
-        "mul	x6, x9, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x23\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[5]\n\t"
-        "mul	x6, x10, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[4]\n\t"
-        "mul	x6, x11, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[3]\n\t"
-        "mul	x6, x12, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[2]\n\t"
-        "mul	x6, x13, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[1]\n\t"
-        "mul	x6, x14, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[0]\n\t"
-        "mul	x6, x15, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[1] * B[7]\n\t"
-        "mul	x6, x9, x24\n\t"
-        "umulh	x7, x9, x24\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[6]\n\t"
-        "mul	x6, x10, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x23\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[5]\n\t"
-        "mul	x6, x11, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[4]\n\t"
-        "mul	x6, x12, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[3]\n\t"
-        "mul	x6, x13, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[2]\n\t"
-        "mul	x6, x14, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[1]\n\t"
-        "mul	x6, x15, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[2] * B[7]\n\t"
-        "mul	x6, x10, x24\n\t"
-        "umulh	x7, x10, x24\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[6]\n\t"
-        "mul	x6, x11, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x23\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[5]\n\t"
-        "mul	x6, x12, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[4]\n\t"
-        "mul	x6, x13, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[3]\n\t"
-        "mul	x6, x14, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[2]\n\t"
-        "mul	x6, x15, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[3] * B[7]\n\t"
-        "mul	x6, x11, x24\n\t"
-        "umulh	x7, x11, x24\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[6]\n\t"
-        "mul	x6, x12, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x23\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[5]\n\t"
-        "mul	x6, x13, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[4]\n\t"
-        "mul	x6, x14, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[3]\n\t"
-        "mul	x6, x15, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[4] * B[7]\n\t"
-        "mul	x6, x12, x24\n\t"
-        "umulh	x7, x12, x24\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[6]\n\t"
-        "mul	x6, x13, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x23\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[5]\n\t"
-        "mul	x6, x14, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[4]\n\t"
-        "mul	x6, x15, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[5] * B[7]\n\t"
-        "mul	x6, x13, x24\n\t"
-        "umulh	x7, x13, x24\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[6]\n\t"
-        "mul	x6, x14, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x23\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[5]\n\t"
-        "mul	x6, x15, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[6] * B[7]\n\t"
-        "mul	x6, x14, x24\n\t"
-        "umulh	x7, x14, x24\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[6]\n\t"
-        "mul	x6, x15, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x23\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[7] * B[7]\n\t"
-        "mul	x6, x15, x24\n\t"
-        "umulh	x7, x15, x24\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "stp	x5, x3, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "cc"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_2048_add_word_8(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "ldp	x2, x3, [%[a], 96]\n\t"
-        "ldp	x6, x7, [%[b], 96]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 112]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 96]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 112]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_2048_cond_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[16];
-    sp_digit a1[8];
-    sp_digit b1[8];
-    sp_digit* z2 = r + 16;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_8(a1, a, &a[8]);
-    cb = sp_2048_add_8(b1, b, &b[8]);
-    u  = ca & cb;
-
-    sp_2048_mul_8(z2, &a[8], &b[8]);
-    sp_2048_mul_8(z0, a, b);
-    sp_2048_mul_8(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(z1, z2);
-    u += sp_2048_cond_add_8(z1 + 8, z1 + 8, a1, 0 - cb);
-    u += sp_2048_cond_add_8(z1 + 8, z1 + 8, b1, 0 - ca);
-
-    u += sp_2048_add_16(r + 8, r + 8, z1);
-    (void)sp_2048_add_word_8(r + 24, r + 24, u);
-}
-
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_2048_add_word_16(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "ldp	x2, x3, [%[a], 96]\n\t"
-        "ldp	x6, x7, [%[b], 96]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 112]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 96]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 112]\n\t"
-        "ldp	x2, x3, [%[a], 128]\n\t"
-        "ldp	x6, x7, [%[b], 128]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 144]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 128]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 144]\n\t"
-        "ldp	x2, x3, [%[a], 160]\n\t"
-        "ldp	x6, x7, [%[b], 160]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 176]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 160]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 176]\n\t"
-        "ldp	x2, x3, [%[a], 192]\n\t"
-        "ldp	x6, x7, [%[b], 192]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 208]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 208]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 192]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 208]\n\t"
-        "ldp	x2, x3, [%[a], 224]\n\t"
-        "ldp	x6, x7, [%[b], 224]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 240]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 240]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 224]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 240]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x7, x8, [%[b], 192]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 208]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x7, x8, [%[b], 224]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 240]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "ldp	x10, x11, [%[b], 80]\n\t"
-        "ldp	x4, x5, [%[a], 64]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 64]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 80]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "ldp	x10, x11, [%[b], 112]\n\t"
-        "ldp	x4, x5, [%[a], 96]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 96]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 112]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_16(a1, a, &a[16]);
-    cb = sp_2048_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_2048_mul_16(z2, &a[16], &b[16]);
-    sp_2048_mul_16(z0, a, b);
-    sp_2048_mul_16(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(z1, z2);
-    u += sp_2048_cond_add_16(z1 + 16, z1 + 16, a1, 0 - cb);
-    u += sp_2048_cond_add_16(z1 + 16, z1 + 16, b1, 0 - ca);
-
-    u += sp_2048_add_32(r + 16, r + 16, z1);
-    (void)sp_2048_add_word_16(r + 48, r + 48, u);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x10, x11, [%[a], 0]\n\t"
-        "ldp	x12, x13, [%[a], 16]\n\t"
-        "ldp	x14, x15, [%[a], 32]\n\t"
-        "ldp	x16, x17, [%[a], 48]\n\t"
-        "ldp	x19, x20, [%[a], 64]\n\t"
-        "ldp	x21, x22, [%[a], 80]\n\t"
-        "ldp	x23, x24, [%[a], 96]\n\t"
-        "ldp	x25, x26, [%[a], 112]\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul	x2, x10, x10\n\t"
-        "umulh	x3, x10, x10\n\t"
-        "str	x2, [%[r]]\n\t"
-        "mov	x4, xzr\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul	x8, x10, x11\n\t"
-        "umulh	x9, x10, x11\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [%[r], 8]\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul	x8, x10, x12\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x10, x12\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul	x8, x11, x11\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x11, x11\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [%[r], 16]\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul	x8, x10, x13\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x10, x13\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul	x8, x11, x12\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x11, x12\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [%[r], 24]\n\t"
-        "#  A[0] * A[4]\n\t"
-        "mul	x8, x10, x14\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x10, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul	x8, x11, x13\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x11, x13\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul	x8, x12, x12\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x12, x12\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "#  A[0] * A[5]\n\t"
-        "mul	x5, x10, x15\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x6, x10, x15\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[4]\n\t"
-        "mul	x8, x11, x14\n\t"
-        "umulh	x9, x11, x14\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul	x8, x12, x13\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x13\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "#  A[0] * A[6]\n\t"
-        "mul	x5, x10, x16\n\t"
-        "umulh	x6, x10, x16\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[5]\n\t"
-        "mul	x8, x11, x15\n\t"
-        "umulh	x9, x11, x15\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[4]\n\t"
-        "mul	x8, x12, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul	x8, x13, x13\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x13\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 48]\n\t"
-        "#  A[0] * A[7]\n\t"
-        "mul	x5, x10, x17\n\t"
-        "umulh	x6, x10, x17\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[6]\n\t"
-        "mul	x8, x11, x16\n\t"
-        "umulh	x9, x11, x16\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[5]\n\t"
-        "mul	x8, x12, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[4]\n\t"
-        "mul	x8, x13, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 56]\n\t"
-        "#  A[0] * A[8]\n\t"
-        "mul	x5, x10, x19\n\t"
-        "umulh	x6, x10, x19\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[7]\n\t"
-        "mul	x8, x11, x17\n\t"
-        "umulh	x9, x11, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[6]\n\t"
-        "mul	x8, x12, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[5]\n\t"
-        "mul	x8, x13, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[4]\n\t"
-        "mul	x8, x14, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 64]\n\t"
-        "#  A[0] * A[9]\n\t"
-        "mul	x5, x10, x20\n\t"
-        "umulh	x6, x10, x20\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[8]\n\t"
-        "mul	x8, x11, x19\n\t"
-        "umulh	x9, x11, x19\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[7]\n\t"
-        "mul	x8, x12, x17\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x17\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[6]\n\t"
-        "mul	x8, x13, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[5]\n\t"
-        "mul	x8, x14, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 72]\n\t"
-        "#  A[0] * A[10]\n\t"
-        "mul	x5, x10, x21\n\t"
-        "umulh	x6, x10, x21\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[9]\n\t"
-        "mul	x8, x11, x20\n\t"
-        "umulh	x9, x11, x20\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[8]\n\t"
-        "mul	x8, x12, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[7]\n\t"
-        "mul	x8, x13, x17\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x17\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[6]\n\t"
-        "mul	x8, x14, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[5]\n\t"
-        "mul	x8, x15, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 80]\n\t"
-        "#  A[0] * A[11]\n\t"
-        "mul	x5, x10, x22\n\t"
-        "umulh	x6, x10, x22\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[10]\n\t"
-        "mul	x8, x11, x21\n\t"
-        "umulh	x9, x11, x21\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[9]\n\t"
-        "mul	x8, x12, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[8]\n\t"
-        "mul	x8, x13, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[7]\n\t"
-        "mul	x8, x14, x17\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x17\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[6]\n\t"
-        "mul	x8, x15, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 88]\n\t"
-        "#  A[0] * A[12]\n\t"
-        "mul	x5, x10, x23\n\t"
-        "umulh	x6, x10, x23\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[11]\n\t"
-        "mul	x8, x11, x22\n\t"
-        "umulh	x9, x11, x22\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[10]\n\t"
-        "mul	x8, x12, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[9]\n\t"
-        "mul	x8, x13, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[8]\n\t"
-        "mul	x8, x14, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[7]\n\t"
-        "mul	x8, x15, x17\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x17\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[6]\n\t"
-        "mul	x8, x16, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 96]\n\t"
-        "#  A[0] * A[13]\n\t"
-        "mul	x5, x10, x24\n\t"
-        "umulh	x6, x10, x24\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[12]\n\t"
-        "mul	x8, x11, x23\n\t"
-        "umulh	x9, x11, x23\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[11]\n\t"
-        "mul	x8, x12, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[10]\n\t"
-        "mul	x8, x13, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[9]\n\t"
-        "mul	x8, x14, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[8]\n\t"
-        "mul	x8, x15, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[7]\n\t"
-        "mul	x8, x16, x17\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x17\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 104]\n\t"
-        "#  A[0] * A[14]\n\t"
-        "mul	x5, x10, x25\n\t"
-        "umulh	x6, x10, x25\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[13]\n\t"
-        "mul	x8, x11, x24\n\t"
-        "umulh	x9, x11, x24\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[12]\n\t"
-        "mul	x8, x12, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[11]\n\t"
-        "mul	x8, x13, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[10]\n\t"
-        "mul	x8, x14, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[9]\n\t"
-        "mul	x8, x15, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[8]\n\t"
-        "mul	x8, x16, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[7]\n\t"
-        "mul	x8, x17, x17\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x17\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 112]\n\t"
-        "#  A[0] * A[15]\n\t"
-        "mul	x5, x10, x26\n\t"
-        "umulh	x6, x10, x26\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[14]\n\t"
-        "mul	x8, x11, x25\n\t"
-        "umulh	x9, x11, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[13]\n\t"
-        "mul	x8, x12, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[12]\n\t"
-        "mul	x8, x13, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[11]\n\t"
-        "mul	x8, x14, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[10]\n\t"
-        "mul	x8, x15, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[9]\n\t"
-        "mul	x8, x16, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[8]\n\t"
-        "mul	x8, x17, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 120]\n\t"
-        "#  A[1] * A[15]\n\t"
-        "mul	x5, x11, x26\n\t"
-        "umulh	x6, x11, x26\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[2] * A[14]\n\t"
-        "mul	x8, x12, x25\n\t"
-        "umulh	x9, x12, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[13]\n\t"
-        "mul	x8, x13, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[12]\n\t"
-        "mul	x8, x14, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[11]\n\t"
-        "mul	x8, x15, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[10]\n\t"
-        "mul	x8, x16, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[9]\n\t"
-        "mul	x8, x17, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[8] * A[8]\n\t"
-        "mul	x8, x19, x19\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x19, x19\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 128]\n\t"
-        "#  A[2] * A[15]\n\t"
-        "mul	x5, x12, x26\n\t"
-        "umulh	x6, x12, x26\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[3] * A[14]\n\t"
-        "mul	x8, x13, x25\n\t"
-        "umulh	x9, x13, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[13]\n\t"
-        "mul	x8, x14, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[12]\n\t"
-        "mul	x8, x15, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[11]\n\t"
-        "mul	x8, x16, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[10]\n\t"
-        "mul	x8, x17, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[8] * A[9]\n\t"
-        "mul	x8, x19, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x19, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 136]\n\t"
-        "#  A[3] * A[15]\n\t"
-        "mul	x5, x13, x26\n\t"
-        "umulh	x6, x13, x26\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[4] * A[14]\n\t"
-        "mul	x8, x14, x25\n\t"
-        "umulh	x9, x14, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[13]\n\t"
-        "mul	x8, x15, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[12]\n\t"
-        "mul	x8, x16, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[11]\n\t"
-        "mul	x8, x17, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[8] * A[10]\n\t"
-        "mul	x8, x19, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x19, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[9] * A[9]\n\t"
-        "mul	x8, x20, x20\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x20, x20\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 144]\n\t"
-        "#  A[4] * A[15]\n\t"
-        "mul	x5, x14, x26\n\t"
-        "umulh	x6, x14, x26\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[5] * A[14]\n\t"
-        "mul	x8, x15, x25\n\t"
-        "umulh	x9, x15, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[6] * A[13]\n\t"
-        "mul	x8, x16, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x16, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[12]\n\t"
-        "mul	x8, x17, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[8] * A[11]\n\t"
-        "mul	x8, x19, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x19, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[9] * A[10]\n\t"
-        "mul	x8, x20, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x20, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 152]\n\t"
-        "#  A[5] * A[15]\n\t"
-        "mul	x5, x15, x26\n\t"
-        "umulh	x6, x15, x26\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[6] * A[14]\n\t"
-        "mul	x8, x16, x25\n\t"
-        "umulh	x9, x16, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[7] * A[13]\n\t"
-        "mul	x8, x17, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x17, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[8] * A[12]\n\t"
-        "mul	x8, x19, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x19, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[9] * A[11]\n\t"
-        "mul	x8, x20, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x20, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[10] * A[10]\n\t"
-        "mul	x8, x21, x21\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x21, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 160]\n\t"
-        "#  A[6] * A[15]\n\t"
-        "mul	x5, x16, x26\n\t"
-        "umulh	x6, x16, x26\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[7] * A[14]\n\t"
-        "mul	x8, x17, x25\n\t"
-        "umulh	x9, x17, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[8] * A[13]\n\t"
-        "mul	x8, x19, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x19, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[9] * A[12]\n\t"
-        "mul	x8, x20, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x20, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[10] * A[11]\n\t"
-        "mul	x8, x21, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x21, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 168]\n\t"
-        "#  A[7] * A[15]\n\t"
-        "mul	x5, x17, x26\n\t"
-        "umulh	x6, x17, x26\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[8] * A[14]\n\t"
-        "mul	x8, x19, x25\n\t"
-        "umulh	x9, x19, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[9] * A[13]\n\t"
-        "mul	x8, x20, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x20, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[10] * A[12]\n\t"
-        "mul	x8, x21, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x21, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[11] * A[11]\n\t"
-        "mul	x8, x22, x22\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x22, x22\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 176]\n\t"
-        "#  A[8] * A[15]\n\t"
-        "mul	x5, x19, x26\n\t"
-        "umulh	x6, x19, x26\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[9] * A[14]\n\t"
-        "mul	x8, x20, x25\n\t"
-        "umulh	x9, x20, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[10] * A[13]\n\t"
-        "mul	x8, x21, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x21, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[11] * A[12]\n\t"
-        "mul	x8, x22, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x22, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 184]\n\t"
-        "#  A[9] * A[15]\n\t"
-        "mul	x5, x20, x26\n\t"
-        "umulh	x6, x20, x26\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[10] * A[14]\n\t"
-        "mul	x8, x21, x25\n\t"
-        "umulh	x9, x21, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[11] * A[13]\n\t"
-        "mul	x8, x22, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x22, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[12] * A[12]\n\t"
-        "mul	x8, x23, x23\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x23, x23\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 192]\n\t"
-        "#  A[10] * A[15]\n\t"
-        "mul	x5, x21, x26\n\t"
-        "umulh	x6, x21, x26\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[11] * A[14]\n\t"
-        "mul	x8, x22, x25\n\t"
-        "umulh	x9, x22, x25\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[12] * A[13]\n\t"
-        "mul	x8, x23, x24\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x23, x24\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 200]\n\t"
-        "#  A[11] * A[15]\n\t"
-        "mul	x8, x22, x26\n\t"
-        "umulh	x9, x22, x26\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[12] * A[14]\n\t"
-        "mul	x8, x23, x25\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x23, x25\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[13] * A[13]\n\t"
-        "mul	x8, x24, x24\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x24, x24\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [%[r], 208]\n\t"
-        "#  A[12] * A[15]\n\t"
-        "mul	x8, x23, x26\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x23, x26\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[13] * A[14]\n\t"
-        "mul	x8, x24, x25\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x24, x25\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [%[r], 216]\n\t"
-        "#  A[13] * A[15]\n\t"
-        "mul	x8, x24, x26\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x24, x26\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[14] * A[14]\n\t"
-        "mul	x8, x25, x25\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x25, x25\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [%[r], 224]\n\t"
-        "#  A[14] * A[15]\n\t"
-        "mul	x8, x25, x26\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x25, x26\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [%[r], 232]\n\t"
-        "#  A[15] * A[15]\n\t"
-        "mul	x8, x26, x26\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x26, x26\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adc	x3, x3, x9\n\t"
-        "stp	x2, x3, [%[r], 240]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
-    );
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 16;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_2048_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_16(a1, p1, p2);
-
-    sp_2048_sqr_16(z2, &a[16]);
-    sp_2048_sqr_16(z0, a);
-    sp_2048_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_32(z1, z2);
-    u -= sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(r + 16, z1);
-    sp_2048_add_word_16(r + 48, r + 48, u);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 256\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 256\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[64];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 248\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 256\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 496\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[64];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 248\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 256\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 496\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 128\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 128\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[32];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 120\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 128\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 240\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[32];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 120\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 128\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 240\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 256\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 256]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "ldp	x9, x10, [%[a], 64]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[9] * B\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[10] * B\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[11] * B\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[12] * B\n\t"
-        "ldp	x9, x10, [%[a], 96]\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[13] * B\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[14] * B\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[15] * B\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[16] * B\n\t"
-        "ldp	x9, x10, [%[a], 128]\n\t"
-        "str	x3, [%[r], 120]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[17] * B\n\t"
-        "str	x4, [%[r], 128]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[18] * B\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "str	x5, [%[r], 136]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[19] * B\n\t"
-        "str	x3, [%[r], 144]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[20] * B\n\t"
-        "ldp	x9, x10, [%[a], 160]\n\t"
-        "str	x4, [%[r], 152]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[21] * B\n\t"
-        "str	x5, [%[r], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[22] * B\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "str	x3, [%[r], 168]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[23] * B\n\t"
-        "str	x4, [%[r], 176]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[24] * B\n\t"
-        "ldp	x9, x10, [%[a], 192]\n\t"
-        "str	x5, [%[r], 184]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[25] * B\n\t"
-        "str	x3, [%[r], 192]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[26] * B\n\t"
-        "ldp	x9, x10, [%[a], 208]\n\t"
-        "str	x4, [%[r], 200]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[27] * B\n\t"
-        "str	x5, [%[r], 208]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[28] * B\n\t"
-        "ldp	x9, x10, [%[a], 224]\n\t"
-        "str	x3, [%[r], 216]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[29] * B\n\t"
-        "str	x4, [%[r], 224]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[30] * B\n\t"
-        "ldp	x9, x10, [%[a], 240]\n\t"
-        "str	x5, [%[r], 232]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[31] * B\n\t"
-        "str	x3, [%[r], 240]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adc	x5, x5, x7\n\t"
-        "stp	x4, x5, [%[r], 248]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_16(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 16);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_16(r, m);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x16, x17, [%[a], 32]\n\t"
-        "ldp	x19, x20, [%[a], 48]\n\t"
-        "ldp	x21, x22, [%[a], 64]\n\t"
-        "ldp	x23, x24, [%[a], 80]\n\t"
-        "ldp	x25, x26, [%[a], 96]\n\t"
-        "ldp	x27, x28, [%[a], 112]\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..15\n\t"
-        "mov	x4, 16\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x9, %[mp], x12\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "ldp	x10, x11, [%[m], 0]\n\t"
-        "mul	x7, x10, x9\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x12, x12, x7\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "mul	x7, x11, x9\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x12, x13, x7\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "ldp	x11, x10, [%[m], 16]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x12, x12, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x13, x14, x7\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x13, x13, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x14, x15, x7\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "ldp	x11, x10, [%[m], 32]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x14, x14, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x15, x16, x7\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x15, x15, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x16, x17, x7\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "ldp	x11, x10, [%[m], 48]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x16, x16, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x17, x19, x7\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x17, x17, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x19, x20, x7\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "ldp	x11, x10, [%[m], 64]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x19, x19, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x20, x21, x7\n\t"
-        "# a[i+9] += m[9] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x20, x20, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x21, x22, x7\n\t"
-        "# a[i+10] += m[10] * mu\n\t"
-        "ldp	x11, x10, [%[m], 80]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x21, x21, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x22, x23, x7\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x22, x22, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x23, x24, x7\n\t"
-        "# a[i+12] += m[12] * mu\n\t"
-        "ldp	x11, x10, [%[m], 96]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x23, x23, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x24, x25, x7\n\t"
-        "# a[i+13] += m[13] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x24, x24, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x25, x26, x7\n\t"
-        "# a[i+14] += m[14] * mu\n\t"
-        "ldp	x11, x10, [%[m], 112]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x25, x25, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x26, x27, x7\n\t"
-        "# a[i+15] += m[15] * mu\n\t"
-        "ldr	x10, [%[m], 120]\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x26, x26, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x6, x6, x7\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x27, x28, x6\n\t"
-        "ldr	x28, [%[a], 128]\n\t"
-        "adcs	x28, x28, x8\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "neg	x3, x3\n\t"
-        "mov	x9, %[a]\n\t"
-        "sub	%[a], %[a], 128\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x12, x12, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x13, x13, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x14, x14, x6\n\t"
-        "stp	x12, x13, [%[a], 0]\n\t"
-        "sbcs	x15, x15, x7\n\t"
-        "stp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x16, x16, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x17, x17, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x19, x19, x6\n\t"
-        "stp	x16, x17, [%[a], 32]\n\t"
-        "sbcs	x20, x20, x7\n\t"
-        "stp	x19, x20, [%[a], 48]\n\t"
-        "ldp	x4, x5, [%[m], 64]\n\t"
-        "ldp	x6, x7, [%[m], 80]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x21, x21, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x22, x22, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x23, x23, x6\n\t"
-        "stp	x21, x22, [%[a], 64]\n\t"
-        "sbcs	x24, x24, x7\n\t"
-        "stp	x23, x24, [%[a], 80]\n\t"
-        "ldp	x4, x5, [%[m], 96]\n\t"
-        "ldp	x6, x7, [%[m], 112]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x25, x25, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x26, x26, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x27, x27, x6\n\t"
-        "stp	x25, x26, [%[a], 96]\n\t"
-        "sbcs	x28, x28, x7\n\t"
-        "stp	x27, x28, [%[a], 112]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_16(r, a, b);
-    sp_2048_mont_reduce_16(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_16(r, a);
-    sp_2048_mont_reduce_16(r, m, mp);
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_2048_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 128\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x5, x7, [%[b], 64]\n\t"
-        "ldp	x11, x12, [%[b], 80]\n\t"
-        "ldp	x4, x6, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 64]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x5, x7, [%[b], 96]\n\t"
-        "ldp	x11, x12, [%[b], 112]\n\t"
-        "ldp	x4, x6, [%[a], 96]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 96]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_2048_mul_d_16(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 128\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 128]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "ldp	x9, x10, [%[a], 64]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[9] * B\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[10] * B\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[11] * B\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[12] * B\n\t"
-        "ldp	x9, x10, [%[a], 96]\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[13] * B\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[14] * B\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[15] * B\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "stp	x3, x4, [%[r], 120]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_2048_word_16(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #16\n\t"
-        "add	%[a], %[a], #112\n\t"
-        "add	%[b], %[b], #112\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 96]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 64]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[32], t2[17];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[15];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 16);
-    r1 = sp_2048_cmp_16(&t1[16], d) >= 0;
-    sp_2048_cond_sub_16(&t1[16], &t1[16], d, (sp_digit)0 - r1);
-    for (i = 15; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[16 + i] == div);
-        sp_digit hi = t1[16 + i] + mask;
-        r1 = div_2048_word_16(hi, t1[16 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_16(t2, d, r1);
-        t1[16 + i] += sp_2048_sub_in_place_16(&t1[i], t2);
-        t1[16 + i] -= t2[16];
-        sp_2048_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_2048_add_16(&t1[i], &t1[i], t2);
-        sp_2048_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_2048_add_16(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_16(t1, d) >= 0;
-    sp_2048_cond_sub_16(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_16(a, m, NULL, r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 32);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 32;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_16(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 16U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_16(t[1] + 16, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_16(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 16, a, sizeof(sp_digit) * 16);
-            err = sp_2048_mod_16(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_16(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_16(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_16(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_16(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_16(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_16(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_16(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_16(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_16(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_16(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_16(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_16(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_16(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_16(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 4;
-        if (c == 64) {
-            c = 60;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 16);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-
-            sp_2048_mont_mul_16(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[16], 0, sizeof(sp_digit) * 16U);
-        sp_2048_mont_reduce_16(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_16(r, m) >= 0);
-        sp_2048_cond_sub_16(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 32);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 32;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_16(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 16U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_16(t[1] + 16, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_16(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 16, a, sizeof(sp_digit) * 16);
-            err = sp_2048_mod_16(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_16(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_16(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_16(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_16(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_16(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_16(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_16(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_16(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_16(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_16(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_16(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_16(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_16(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_16(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_16(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_16(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_16(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_16(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_16(t[20], t[10], m, mp);
-        sp_2048_mont_mul_16(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_16(t[22], t[11], m, mp);
-        sp_2048_mont_mul_16(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_16(t[24], t[12], m, mp);
-        sp_2048_mont_mul_16(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_16(t[26], t[13], m, mp);
-        sp_2048_mont_mul_16(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_16(t[28], t[14], m, mp);
-        sp_2048_mont_mul_16(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_16(t[30], t[15], m, mp);
-        sp_2048_mont_mul_16(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 5;
-        if (c == 64) {
-            c = 59;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 16);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-            sp_2048_mont_sqr_16(r, r, m, mp);
-
-            sp_2048_mont_mul_16(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[16], 0, sizeof(sp_digit) * 16U);
-        sp_2048_mont_reduce_16(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_16(r, m) >= 0);
-        sp_2048_cond_sub_16(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 32);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_32(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x11, x12, [%[a], 0]\n\t"
-        "ldp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x15, x16, [%[a], 32]\n\t"
-        "ldp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x20, x21, [%[a], 64]\n\t"
-        "ldp	x22, x23, [%[a], 80]\n\t"
-        "# No carry yet\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..31\n\t"
-        "mov	x4, 32\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x10, %[mp], x11\n\t"
-        "ldp	x24, x25, [%[m], 0]\n\t"
-        "ldp	x26, x27, [%[m], 16]\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "mul	x5, x24, x10\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adds	x11, x11, x5\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x11, x12, x5\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x11, x11, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x12, x13, x5\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x12, x12, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x13, x14, x5\n\t"
-        "ldp	x24, x25, [%[m], 32]\n\t"
-        "ldp	x26, x27, [%[m], 48]\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x13, x13, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x14, x15, x5\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x14, x14, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x15, x16, x5\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x15, x15, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x16, x17, x5\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x16, x16, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x17, x19, x5\n\t"
-        "ldp	x24, x25, [%[m], 64]\n\t"
-        "ldp	x26, x27, [%[m], 80]\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x17, x17, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x19, x20, x5\n\t"
-        "# a[i+9] += m[9] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x19, x19, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x20, x21, x5\n\t"
-        "# a[i+10] += m[10] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x20, x20, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x21, x22, x5\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x21, x21, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x22, x23, x5\n\t"
-        "ldp	x24, x25, [%[m], 96]\n\t"
-        "ldp	x26, x27, [%[m], 112]\n\t"
-        "# a[i+12] += m[12] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x22, x22, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "ldr	x23, [%[a], 96]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x23, x23, x5\n\t"
-        "# a[i+13] += m[13] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x23, x23, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "ldp	x8, x9, [%[a], 104]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+14] += m[14] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 104]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+15] += m[15] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[a], 120]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 128]\n\t"
-        "ldp	x26, x27, [%[m], 144]\n\t"
-        "# a[i+16] += m[16] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 120]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+17] += m[17] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[a], 136]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+18] += m[18] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 136]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+19] += m[19] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[a], 152]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 160]\n\t"
-        "ldp	x26, x27, [%[m], 176]\n\t"
-        "# a[i+20] += m[20] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 152]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+21] += m[21] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[a], 168]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+22] += m[22] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 168]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+23] += m[23] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[a], 184]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 192]\n\t"
-        "ldp	x26, x27, [%[m], 208]\n\t"
-        "# a[i+24] += m[24] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 184]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+25] += m[25] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 192]\n\t"
-        "ldp	x8, x9, [%[a], 200]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+26] += m[26] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 200]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+27] += m[27] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 208]\n\t"
-        "ldp	x8, x9, [%[a], 216]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 224]\n\t"
-        "ldp	x26, x27, [%[m], 240]\n\t"
-        "# a[i+28] += m[28] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 216]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+29] += m[29] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 224]\n\t"
-        "ldp	x8, x9, [%[a], 232]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+30] += m[30] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 232]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+31] += m[31] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 240]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "ldp	x8, x9, [%[a], 248]\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x8, x8, x5\n\t"
-        "str	x8, [%[a], 248]\n\t"
-        "adcs	x9, x9, x7\n\t"
-        "str	x9, [%[a], 256]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "neg	x3, x3\n\t"
-        "mov   %[mp], %[a]\n\t"
-        "sub	%[a], %[a], 256\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x11, x11, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x12, x12, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x13, x13, x6\n\t"
-        "stp	x11, x12, [%[a], 0]\n\t"
-        "sbcs	x14, x14, x7\n\t"
-        "stp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x15, x15, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x16, x16, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x17, x17, x6\n\t"
-        "stp	x15, x16, [%[a], 32]\n\t"
-        "sbcs	x19, x19, x7\n\t"
-        "stp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x4, x5, [%[m], 64]\n\t"
-        "ldp	x6, x7, [%[m], 80]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x20, x20, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x21, x21, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x22, x22, x6\n\t"
-        "stp	x20, x21, [%[a], 64]\n\t"
-        "sbcs	x23, x23, x7\n\t"
-        "stp	x22, x23, [%[a], 80]\n\t"
-        "ldp	x4, x5, [%[m], 96]\n\t"
-        "ldp	x6, x7, [%[m], 112]\n\t"
-        "ldp	x8, x9, [%[mp], 96]\n\t"
-        "ldp	x10, x11, [%[mp], 112]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 96]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 112]\n\t"
-        "ldp	x4, x5, [%[m], 128]\n\t"
-        "ldp	x6, x7, [%[m], 144]\n\t"
-        "ldp	x8, x9, [%[mp], 128]\n\t"
-        "ldp	x10, x11, [%[mp], 144]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 128]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 144]\n\t"
-        "ldp	x4, x5, [%[m], 160]\n\t"
-        "ldp	x6, x7, [%[m], 176]\n\t"
-        "ldp	x8, x9, [%[mp], 160]\n\t"
-        "ldp	x10, x11, [%[mp], 176]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 160]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 176]\n\t"
-        "ldp	x4, x5, [%[m], 192]\n\t"
-        "ldp	x6, x7, [%[m], 208]\n\t"
-        "ldp	x8, x9, [%[mp], 192]\n\t"
-        "ldp	x10, x11, [%[mp], 208]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 192]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 208]\n\t"
-        "ldp	x4, x5, [%[m], 224]\n\t"
-        "ldp	x6, x7, [%[m], 240]\n\t"
-        "ldp	x8, x9, [%[mp], 224]\n\t"
-        "ldp	x10, x11, [%[mp], 240]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 224]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 240]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x10", "x8", "x9", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_32(r, a, b);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_32(r, a);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 256\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x7, x8, [%[b], 192]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 208]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x7, x8, [%[b], 224]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 240]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_2048_word_32_cond(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "b.lt	1f\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-        "1:\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "cmp	x3, x5\n\t"
-        "b.lt	2f\n\t"
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-        "2:\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return d1;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    for (i = 31; i > 0; i--) {
-        if (t1[i + 32] != d[i])
-            break;
-    }
-    if (t1[i + 32] >= d[i]) {
-        sp_2048_sub_in_place_32(&t1[32], d);
-    }
-    for (i = 31; i >= 0; i--) {
-        if (t1[32 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_2048_word_32_cond(t1[32 + i], t1[32 + i - 1], div);
-        }
-
-        sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        if (t1[32 + i] != 0) {
-            t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], d);
-            if (t1[32 + i] != 0)
-                t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 31; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_2048_sub_32(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 32);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_32_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 256\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x5, x7, [%[b], 64]\n\t"
-        "ldp	x11, x12, [%[b], 80]\n\t"
-        "ldp	x4, x6, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 64]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x5, x7, [%[b], 96]\n\t"
-        "ldp	x11, x12, [%[b], 112]\n\t"
-        "ldp	x4, x6, [%[a], 96]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 96]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "ldp	x5, x7, [%[b], 128]\n\t"
-        "ldp	x11, x12, [%[b], 144]\n\t"
-        "ldp	x4, x6, [%[a], 128]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 128]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 144]\n\t"
-        "ldp	x5, x7, [%[b], 160]\n\t"
-        "ldp	x11, x12, [%[b], 176]\n\t"
-        "ldp	x4, x6, [%[a], 160]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 160]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 176]\n\t"
-        "ldp	x5, x7, [%[b], 192]\n\t"
-        "ldp	x11, x12, [%[b], 208]\n\t"
-        "ldp	x4, x6, [%[a], 192]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 208]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 192]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 208]\n\t"
-        "ldp	x5, x7, [%[b], 224]\n\t"
-        "ldp	x11, x12, [%[b], 240]\n\t"
-        "ldp	x4, x6, [%[a], 224]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 240]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 224]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 240]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #32\n\t"
-        "add	%[a], %[a], #240\n\t"
-        "add	%[b], %[b], #240\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 240]\n\t"
-        "ldp	x8, x9, [%[b], 240]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 224]\n\t"
-        "ldp	x8, x9, [%[b], 224]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 208]\n\t"
-        "ldp	x8, x9, [%[b], 208]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 192]\n\t"
-        "ldp	x8, x9, [%[b], 192]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[b], 160]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[b], 128]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 96]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 64]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_2048_cmp_32(&t1[32], d) >= 0;
-    sp_2048_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_2048_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_32(t1, d) >= 0;
-    sp_2048_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_32(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 64);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_32(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 5;
-        if (c == 64) {
-            c = 59;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 64 * 64);
-    sp_digit* t[64];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 64 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<64; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_32(t[31], t[16], t[15], m, mp);
-        sp_2048_mont_sqr_32(t[32], t[16], m, mp);
-        sp_2048_mont_mul_32(t[33], t[17], t[16], m, mp);
-        sp_2048_mont_sqr_32(t[34], t[17], m, mp);
-        sp_2048_mont_mul_32(t[35], t[18], t[17], m, mp);
-        sp_2048_mont_sqr_32(t[36], t[18], m, mp);
-        sp_2048_mont_mul_32(t[37], t[19], t[18], m, mp);
-        sp_2048_mont_sqr_32(t[38], t[19], m, mp);
-        sp_2048_mont_mul_32(t[39], t[20], t[19], m, mp);
-        sp_2048_mont_sqr_32(t[40], t[20], m, mp);
-        sp_2048_mont_mul_32(t[41], t[21], t[20], m, mp);
-        sp_2048_mont_sqr_32(t[42], t[21], m, mp);
-        sp_2048_mont_mul_32(t[43], t[22], t[21], m, mp);
-        sp_2048_mont_sqr_32(t[44], t[22], m, mp);
-        sp_2048_mont_mul_32(t[45], t[23], t[22], m, mp);
-        sp_2048_mont_sqr_32(t[46], t[23], m, mp);
-        sp_2048_mont_mul_32(t[47], t[24], t[23], m, mp);
-        sp_2048_mont_sqr_32(t[48], t[24], m, mp);
-        sp_2048_mont_mul_32(t[49], t[25], t[24], m, mp);
-        sp_2048_mont_sqr_32(t[50], t[25], m, mp);
-        sp_2048_mont_mul_32(t[51], t[26], t[25], m, mp);
-        sp_2048_mont_sqr_32(t[52], t[26], m, mp);
-        sp_2048_mont_mul_32(t[53], t[27], t[26], m, mp);
-        sp_2048_mont_sqr_32(t[54], t[27], m, mp);
-        sp_2048_mont_mul_32(t[55], t[28], t[27], m, mp);
-        sp_2048_mont_sqr_32(t[56], t[28], m, mp);
-        sp_2048_mont_mul_32(t[57], t[29], t[28], m, mp);
-        sp_2048_mont_sqr_32(t[58], t[29], m, mp);
-        sp_2048_mont_mul_32(t[59], t[30], t[29], m, mp);
-        sp_2048_mont_sqr_32(t[60], t[30], m, mp);
-        sp_2048_mont_mul_32(t[61], t[31], t[30], m, mp);
-        sp_2048_mont_sqr_32(t[62], t[31], m, mp);
-        sp_2048_mont_mul_32(t[63], t[32], t[31], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 6;
-        if (c == 64) {
-            c = 58;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=6; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 32 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 64 || inLen > 256 ||
-                                                     mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 32;
-        r = a + 32 * 2;
-        m = r + 32 * 2;
-
-        sp_2048_from_bin(ah, 32, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 32, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_2048_mont_sqr_32(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_2048_mont_mul_32(r, r, ah, m, mp);
-
-                for (i = 31; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_32(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_2048_sqr_32(r, ah);
-                err = sp_2048_mod_32_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_2048_mul_32(r, ah, r);
-                err = sp_2048_mod_32_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 63; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 32);
-                for (i--; i >= 0; i--) {
-                    sp_2048_mont_sqr_32(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_32(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-                sp_2048_mont_reduce_32(r, m, mp);
-
-                for (i = 31; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_32(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "adcs	x4, x4, x5\n\t"
-        "cset	%[c], cs\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 128\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 32 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 32 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 32;
-        m = a + 64;
-        r = a;
-
-        sp_2048_from_bin(a, 32, in, inLen);
-        sp_2048_from_mp(d, 32, dm);
-        sp_2048_from_mp(m, 32, mm);
-        err = sp_2048_mod_exp_32(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 32, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 16 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 256 || mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 16 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 32 * 2;
-        q = p + 16;
-        qi = dq = dp = q + 16;
-        tmpa = qi + 16;
-        tmpb = tmpa + 32;
-        r = a;
-
-        sp_2048_from_bin(a, 32, in, inLen);
-        sp_2048_from_mp(p, 16, pm);
-        sp_2048_from_mp(q, 16, qm);
-        sp_2048_from_mp(dp, 16, dpm);
-
-        err = sp_2048_mod_exp_16(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(dq, 16, dqm);
-        err = sp_2048_mod_exp_16(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_16(tmpa, tmpb);
-        c += sp_2048_cond_add_16(tmpa, tmpa, p, c);
-        sp_2048_cond_add_16(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 16, qim);
-        sp_2048_mul_16(tmpa, tmpa, qi);
-        err = sp_2048_mod_16(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_16(tmpa, q, tmpa);
-        XMEMSET(&tmpb[16], 0, sizeof(sp_digit) * 16);
-        sp_2048_add_32(r, tmpb, tmpa);
-
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 16 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 32);
-        r->used = 32;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[64];
-    sp_digit e[32];
-    sp_digit m[32];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_mp(e, 32, exp);
-        sp_2048_from_mp(m, 32, mod);
-
-        err = sp_2048_mod_exp_32(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-static void sp_2048_lshift_32(sp_digit* r, const sp_digit* a, byte n)
-{
-    word64 n64 = n;
-    __asm__ __volatile__ (
-        "mov	x6, 63\n\t"
-        "sub	x6, x6, %[n]\n\t"
-        "ldr	x3, [%[a], 248]\n\t"
-        "lsr	x4, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x4, x4, x6\n\t"
-        "ldr	x2, [%[a], 240]\n\t"
-        "str	x4, [%[r], 256]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 232]\n\t"
-        "str	x3, [%[r], 248]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 224]\n\t"
-        "str	x2, [%[r], 240]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 216]\n\t"
-        "str	x4, [%[r], 232]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 208]\n\t"
-        "str	x3, [%[r], 224]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 200]\n\t"
-        "str	x2, [%[r], 216]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 192]\n\t"
-        "str	x4, [%[r], 208]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 184]\n\t"
-        "str	x3, [%[r], 200]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 176]\n\t"
-        "str	x2, [%[r], 192]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 168]\n\t"
-        "str	x4, [%[r], 184]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 160]\n\t"
-        "str	x3, [%[r], 176]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 152]\n\t"
-        "str	x2, [%[r], 168]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 144]\n\t"
-        "str	x4, [%[r], 160]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 136]\n\t"
-        "str	x3, [%[r], 152]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 128]\n\t"
-        "str	x2, [%[r], 144]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 120]\n\t"
-        "str	x4, [%[r], 136]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 112]\n\t"
-        "str	x3, [%[r], 128]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 104]\n\t"
-        "str	x2, [%[r], 120]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 96]\n\t"
-        "str	x4, [%[r], 112]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 88]\n\t"
-        "str	x3, [%[r], 104]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 80]\n\t"
-        "str	x2, [%[r], 96]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 72]\n\t"
-        "str	x4, [%[r], 88]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 64]\n\t"
-        "str	x3, [%[r], 80]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 56]\n\t"
-        "str	x2, [%[r], 72]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 48]\n\t"
-        "str	x4, [%[r], 64]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "str	x3, [%[r], 56]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "str	x2, [%[r], 48]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 24]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 16]\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 8]\n\t"
-        "str	x2, [%[r], 24]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 0]\n\t"
-        "str	x4, [%[r], 16]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "stp	x2, x3, [%[r]]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n64)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 97);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 97, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 64;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 6;
-        if (c == 64) {
-            c = 58;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_2048_lshift_32(r, norm, y);
-        for (; i>=0 || c>=6; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_lshift_32(r, r, y);
-            sp_2048_mul_d_32(tmp, norm, r[32]);
-            r[32] = 0;
-            o = sp_2048_add_32(r, r, tmp);
-            sp_2048_cond_sub_32(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[64];
-    sp_digit e[32];
-    sp_digit m[32];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_bin(e, 32, exp, expLen);
-        sp_2048_from_mp(m, 32, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2 && m[31] == (sp_digit)-1)
-            err = sp_2048_mod_exp_2_32(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_2048_mod_exp_32(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-        for (i=0; i<256 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[32];
-    sp_digit e[16];
-    sp_digit m[16];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 16, base);
-        sp_2048_from_mp(e, 16, exp);
-        sp_2048_from_mp(m, 16, mod);
-
-        err = sp_2048_mod_exp_16(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 16, 0, sizeof(*r) * 16U);
-        err = sp_2048_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_48(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 47; i >= 0; i--, j += 8) {
-        __asm__ __volatile__ (
-            "ldr	x4, [%[r]]\n\t"
-        #ifdef LITTLE_ENDIAN_ORDER
-            "rev	x4, x4\n\t"
-        #endif
-            "str	x4, [%[a]]\n\t"
-            :
-            : [r] "r" (r + i), [a] "r" (a + j)
-            : "memory", "x4"
-        );
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_48(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_48(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_3072_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[a], 0]\n\t"
-        "ldp	x10, x11, [%[a], 16]\n\t"
-        "ldp	x12, x13, [%[a], 32]\n\t"
-        "ldp	x14, x15, [%[b], 0]\n\t"
-        "ldp	x16, x17, [%[b], 16]\n\t"
-        "ldp	x19, x20, [%[b], 32]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul	x3, x8, x14\n\t"
-        "umulh	x4, x8, x14\n\t"
-        "str	x3, [%[r]]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul	x6, x8, x15\n\t"
-        "umulh	x7, x8, x15\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul	x6, x9, x14\n\t"
-        "adc	x5, xzr, x7\n\t"
-        "umulh	x7, x9, x14\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul	x6, x8, x16\n\t"
-        "umulh	x7, x8, x16\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul	x6, x9, x15\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x15\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul	x6, x10, x14\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul	x6, x8, x17\n\t"
-        "umulh	x7, x8, x17\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul	x6, x9, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x16\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul	x6, x10, x15\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x15\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul	x6, x11, x14\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x14\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[4]\n\t"
-        "mul	x6, x8, x19\n\t"
-        "umulh	x7, x8, x19\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul	x6, x9, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x17\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul	x6, x10, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul	x6, x11, x15\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x15\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[0]\n\t"
-        "mul	x6, x12, x14\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x14\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[5]\n\t"
-        "mul	x6, x8, x20\n\t"
-        "umulh	x7, x8, x20\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[4]\n\t"
-        "mul	x6, x9, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x19\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul	x6, x10, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul	x6, x11, x16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[1]\n\t"
-        "mul	x6, x12, x15\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x15\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[0]\n\t"
-        "mul	x6, x13, x14\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[1] * B[5]\n\t"
-        "mul	x6, x9, x20\n\t"
-        "umulh	x7, x9, x20\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[4]\n\t"
-        "mul	x6, x10, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x19\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul	x6, x11, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[2]\n\t"
-        "mul	x6, x12, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[1]\n\t"
-        "mul	x6, x13, x15\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x15\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[2] * B[5]\n\t"
-        "mul	x6, x10, x20\n\t"
-        "umulh	x7, x10, x20\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[4]\n\t"
-        "mul	x6, x11, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x19\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[3]\n\t"
-        "mul	x6, x12, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[2]\n\t"
-        "mul	x6, x13, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[3] * B[5]\n\t"
-        "mul	x6, x11, x20\n\t"
-        "umulh	x7, x11, x20\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[4]\n\t"
-        "mul	x6, x12, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x19\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[3]\n\t"
-        "mul	x6, x13, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[4] * B[5]\n\t"
-        "mul	x6, x12, x20\n\t"
-        "umulh	x7, x12, x20\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[4]\n\t"
-        "mul	x6, x13, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x19\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[5] * B[5]\n\t"
-        "mul	x6, x13, x20\n\t"
-        "umulh	x7, x13, x20\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adc	x5, x5, x7\n\t"
-        "stp	x4, x5, [%[r], 80]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "cc"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_add_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "ldr	x7, [%[b], 32]\n\t"
-        "ldr	x8, [%[b], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_3072_add_word_6(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldr		x3, [%[a], 32]\n\t"
-        "ldr		x4, [%[a], 40]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "str		x3, [%[r], 32]\n\t"
-        "str		x4, [%[r], 40]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_in_place_12(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_3072_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[12];
-    sp_digit a1[6];
-    sp_digit b1[6];
-    sp_digit* z2 = r + 12;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_6(a1, a, &a[6]);
-    cb = sp_3072_add_6(b1, b, &b[6]);
-    u  = ca & cb;
-
-    sp_3072_mul_6(z2, &a[6], &b[6]);
-    sp_3072_mul_6(z0, a, b);
-    sp_3072_mul_6(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_12(z1, z0);
-    u += sp_3072_sub_in_place_12(z1, z2);
-    u += sp_3072_cond_add_6(z1 + 6, z1 + 6, a1, 0 - cb);
-    u += sp_3072_cond_add_6(z1 + 6, z1 + 6, b1, 0 - ca);
-
-    u += sp_3072_add_12(r + 6, r + 6, z1);
-    (void)sp_3072_add_word_6(r + 18, r + 18, u);
-}
-
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_3072_add_word_12(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "ldp	x2, x3, [%[a], 96]\n\t"
-        "ldp	x6, x7, [%[b], 96]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 112]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 96]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 112]\n\t"
-        "ldp	x2, x3, [%[a], 128]\n\t"
-        "ldp	x6, x7, [%[b], 128]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 144]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 128]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 144]\n\t"
-        "ldp	x2, x3, [%[a], 160]\n\t"
-        "ldp	x6, x7, [%[b], 160]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 176]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 160]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 176]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_3072_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "ldp	x10, x11, [%[b], 80]\n\t"
-        "ldp	x4, x5, [%[a], 64]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 64]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 80]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[24];
-    sp_digit a1[12];
-    sp_digit b1[12];
-    sp_digit* z2 = r + 24;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_12(a1, a, &a[12]);
-    cb = sp_3072_add_12(b1, b, &b[12]);
-    u  = ca & cb;
-
-    sp_3072_mul_12(z2, &a[12], &b[12]);
-    sp_3072_mul_12(z0, a, b);
-    sp_3072_mul_12(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(z1, z2);
-    u += sp_3072_cond_add_12(z1 + 12, z1 + 12, a1, 0 - cb);
-    u += sp_3072_cond_add_12(z1 + 12, z1 + 12, b1, 0 - ca);
-
-    u += sp_3072_add_24(r + 12, r + 12, z1);
-    (void)sp_3072_add_word_12(r + 36, r + 36, u);
-}
-
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_3072_add_word_24(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "ldp	x2, x3, [%[a], 96]\n\t"
-        "ldp	x6, x7, [%[b], 96]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 112]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 96]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 112]\n\t"
-        "ldp	x2, x3, [%[a], 128]\n\t"
-        "ldp	x6, x7, [%[b], 128]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 144]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 128]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 144]\n\t"
-        "ldp	x2, x3, [%[a], 160]\n\t"
-        "ldp	x6, x7, [%[b], 160]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 176]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 160]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 176]\n\t"
-        "ldp	x2, x3, [%[a], 192]\n\t"
-        "ldp	x6, x7, [%[b], 192]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 208]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 208]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 192]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 208]\n\t"
-        "ldp	x2, x3, [%[a], 224]\n\t"
-        "ldp	x6, x7, [%[b], 224]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 240]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 240]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 224]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 240]\n\t"
-        "ldp	x2, x3, [%[a], 256]\n\t"
-        "ldp	x6, x7, [%[b], 256]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 272]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 272]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 256]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 272]\n\t"
-        "ldp	x2, x3, [%[a], 288]\n\t"
-        "ldp	x6, x7, [%[b], 288]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 304]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 304]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 288]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 304]\n\t"
-        "ldp	x2, x3, [%[a], 320]\n\t"
-        "ldp	x6, x7, [%[b], 320]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 336]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 336]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 320]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 336]\n\t"
-        "ldp	x2, x3, [%[a], 352]\n\t"
-        "ldp	x6, x7, [%[b], 352]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 368]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 368]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 352]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 368]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x7, x8, [%[b], 192]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 208]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x7, x8, [%[b], 224]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 240]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        "ldp	x3, x4, [%[a], 256]\n\t"
-        "ldp	x7, x8, [%[b], 256]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 272]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 272]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 256]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 272]\n\t"
-        "ldp	x3, x4, [%[a], 288]\n\t"
-        "ldp	x7, x8, [%[b], 288]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 304]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 304]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 288]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 304]\n\t"
-        "ldp	x3, x4, [%[a], 320]\n\t"
-        "ldp	x7, x8, [%[b], 320]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 336]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 336]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 320]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 336]\n\t"
-        "ldp	x3, x4, [%[a], 352]\n\t"
-        "ldp	x7, x8, [%[b], 352]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 368]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 368]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 352]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 368]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "ldp	x10, x11, [%[b], 80]\n\t"
-        "ldp	x4, x5, [%[a], 64]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 64]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 80]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "ldp	x10, x11, [%[b], 112]\n\t"
-        "ldp	x4, x5, [%[a], 96]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 96]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 112]\n\t"
-        "ldp	x8, x9, [%[b], 128]\n\t"
-        "ldp	x10, x11, [%[b], 144]\n\t"
-        "ldp	x4, x5, [%[a], 128]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 144]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 128]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 144]\n\t"
-        "ldp	x8, x9, [%[b], 160]\n\t"
-        "ldp	x10, x11, [%[b], 176]\n\t"
-        "ldp	x4, x5, [%[a], 160]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 176]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 160]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 176]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[48];
-    sp_digit a1[24];
-    sp_digit b1[24];
-    sp_digit* z2 = r + 48;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_24(a1, a, &a[24]);
-    cb = sp_3072_add_24(b1, b, &b[24]);
-    u  = ca & cb;
-
-    sp_3072_mul_24(z2, &a[24], &b[24]);
-    sp_3072_mul_24(z0, a, b);
-    sp_3072_mul_24(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(z1, z2);
-    u += sp_3072_cond_add_24(z1 + 24, z1 + 24, a1, 0 - cb);
-    u += sp_3072_cond_add_24(z1 + 24, z1 + 24, b1, 0 - ca);
-
-    u += sp_3072_add_48(r + 24, r + 24, z1);
-    (void)sp_3072_add_word_24(r + 72, r + 72, u);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[24];
-
-    __asm__ __volatile__ (
-        "#  A[0] * A[0]\n\t"
-        "ldr	x9, [%[a], 0]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x3, x9, x9\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x8, [%[tmp]]\n\t"
-        "#  A[0] * A[1]\n\t"
-        "ldr	x9, [%[a], 8]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "str	x3, [%[tmp], 8]\n\t"
-        "#  A[0] * A[2]\n\t"
-        "ldr	x9, [%[a], 16]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[1] * A[1]\n\t"
-        "ldr	x9, [%[a], 8]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "str	x4, [%[tmp], 16]\n\t"
-        "#  A[0] * A[3]\n\t"
-        "ldr	x9, [%[a], 24]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[1] * A[2]\n\t"
-        "ldr	x9, [%[a], 16]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "str	x2, [%[tmp], 24]\n\t"
-        "#  A[0] * A[4]\n\t"
-        "ldr	x9, [%[a], 32]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "#  A[1] * A[3]\n\t"
-        "ldr	x9, [%[a], 24]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "#  A[2] * A[2]\n\t"
-        "ldr	x9, [%[a], 16]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "str	x3, [%[tmp], 32]\n\t"
-        "#  A[0] * A[5]\n\t"
-        "ldr	x9, [%[a], 40]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[4]\n\t"
-        "ldr	x9, [%[a], 32]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[3]\n\t"
-        "ldr	x9, [%[a], 24]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 40]\n\t"
-        "#  A[0] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[5]\n\t"
-        "ldr	x9, [%[a], 40]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[4]\n\t"
-        "ldr	x9, [%[a], 32]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[3]\n\t"
-        "ldr	x9, [%[a], 24]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[tmp], 48]\n\t"
-        "#  A[0] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[5]\n\t"
-        "ldr	x9, [%[a], 40]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[4]\n\t"
-        "ldr	x9, [%[a], 32]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[tmp], 56]\n\t"
-        "#  A[0] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[5]\n\t"
-        "ldr	x9, [%[a], 40]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[4]\n\t"
-        "ldr	x9, [%[a], 32]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 64]\n\t"
-        "#  A[0] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[5]\n\t"
-        "ldr	x9, [%[a], 40]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[tmp], 72]\n\t"
-        "#  A[0] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[5]\n\t"
-        "ldr	x9, [%[a], 40]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[tmp], 80]\n\t"
-        "#  A[0] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 88]\n\t"
-        "#  A[0] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[6]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[tmp], 96]\n\t"
-        "#  A[0] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[tmp], 104]\n\t"
-        "#  A[0] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[7]\n\t"
-        "ldr	x9, [%[a], 56]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 112]\n\t"
-        "#  A[0] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[tmp], 120]\n\t"
-        "#  A[0] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[8]\n\t"
-        "ldr	x9, [%[a], 64]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[tmp], 128]\n\t"
-        "#  A[0] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 136]\n\t"
-        "#  A[0] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[9]\n\t"
-        "ldr	x9, [%[a], 72]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[tmp], 144]\n\t"
-        "#  A[0] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[tmp], 152]\n\t"
-        "#  A[0] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[10]\n\t"
-        "ldr	x9, [%[a], 80]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 160]\n\t"
-        "#  A[0] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[tmp], 168]\n\t"
-        "#  A[0] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[11]\n\t"
-        "ldr	x9, [%[a], 88]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[tmp], 176]\n\t"
-        "#  A[0] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 0]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[2] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[tmp], 184]\n\t"
-        "#  A[1] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 8]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[2] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[3] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[12]\n\t"
-        "ldr	x9, [%[a], 96]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 192]\n\t"
-        "#  A[2] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 16]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[3] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[4] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 200]\n\t"
-        "#  A[3] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[4] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[5] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[13]\n\t"
-        "ldr	x9, [%[a], 104]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 208]\n\t"
-        "#  A[4] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 32]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[5] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[6] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 216]\n\t"
-        "#  A[5] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 40]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[6] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[7] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[14]\n\t"
-        "ldr	x9, [%[a], 112]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 224]\n\t"
-        "#  A[6] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 48]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[7] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[8] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 232]\n\t"
-        "#  A[7] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[8] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[9] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[15]\n\t"
-        "ldr	x9, [%[a], 120]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 240]\n\t"
-        "#  A[8] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 64]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[9] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[10] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 248]\n\t"
-        "#  A[9] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 72]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[10] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[11] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[16] * A[16]\n\t"
-        "ldr	x9, [%[a], 128]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 256]\n\t"
-        "#  A[10] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 80]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[11] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[12] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[16] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 264]\n\t"
-        "#  A[11] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 88]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[12] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[13] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[16] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[17] * A[17]\n\t"
-        "ldr	x9, [%[a], 136]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 272]\n\t"
-        "#  A[12] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 96]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[13] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[14] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[16] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[17] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "ldr	x10, [%[a], 136]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 280]\n\t"
-        "#  A[13] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 104]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[14] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[15] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[16] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[17] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 136]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[18] * A[18]\n\t"
-        "ldr	x9, [%[a], 144]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 288]\n\t"
-        "#  A[14] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 112]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[15] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[16] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[17] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 136]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[18] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "ldr	x10, [%[a], 144]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 296]\n\t"
-        "#  A[15] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 120]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[16] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[17] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 136]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[18] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 144]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[19] * A[19]\n\t"
-        "ldr	x9, [%[a], 152]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 304]\n\t"
-        "#  A[16] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 128]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[17] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 136]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[18] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 144]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[19] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "ldr	x10, [%[a], 152]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 312]\n\t"
-        "#  A[17] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 136]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[18] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 144]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[19] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 152]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[20] * A[20]\n\t"
-        "ldr	x9, [%[a], 160]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 320]\n\t"
-        "#  A[18] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 144]\n\t"
-        "mul	x5, x9, x10\n\t"
-        "umulh	x6, x9, x10\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[19] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 152]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "#  A[20] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "ldr	x10, [%[a], 160]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 328]\n\t"
-        "#  A[19] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 152]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[20] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 160]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[21] * A[21]\n\t"
-        "ldr	x9, [%[a], 168]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "str	x2, [%[r], 336]\n\t"
-        "#  A[20] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 160]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "#  A[21] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "ldr	x10, [%[a], 168]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "str	x3, [%[r], 344]\n\t"
-        "#  A[21] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 168]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[22] * A[22]\n\t"
-        "ldr	x9, [%[a], 176]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "str	x4, [%[r], 352]\n\t"
-        "#  A[22] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "ldr	x10, [%[a], 176]\n\t"
-        "mul	x8, x9, x10\n\t"
-        "umulh	x9, x9, x10\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "str	x2, [%[r], 360]\n\t"
-        "#  A[23] * A[23]\n\t"
-        "ldr	x9, [%[a], 184]\n\t"
-        "mul	x8, x9, x9\n\t"
-        "umulh	x9, x9, x9\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adc	x4, x4, x9\n\t"
-        "stp	x3, x4, [%[r], 368]\n\t"
-        "ldp	x9, x10, [%[tmp], 0]\n\t"
-        "stp	x9, x10, [%[r], 0]\n\t"
-        "ldp	x9, x10, [%[tmp], 16]\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x9, x10, [%[tmp], 32]\n\t"
-        "stp	x9, x10, [%[r], 32]\n\t"
-        "ldp	x9, x10, [%[tmp], 48]\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x9, x10, [%[tmp], 64]\n\t"
-        "stp	x9, x10, [%[r], 64]\n\t"
-        "ldp	x9, x10, [%[tmp], 80]\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x9, x10, [%[tmp], 96]\n\t"
-        "stp	x9, x10, [%[r], 96]\n\t"
-        "ldp	x9, x10, [%[tmp], 112]\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "ldp	x9, x10, [%[tmp], 128]\n\t"
-        "stp	x9, x10, [%[r], 128]\n\t"
-        "ldp	x9, x10, [%[tmp], 144]\n\t"
-        "stp	x9, x10, [%[r], 144]\n\t"
-        "ldp	x9, x10, [%[tmp], 160]\n\t"
-        "stp	x9, x10, [%[r], 160]\n\t"
-        "ldp	x9, x10, [%[tmp], 176]\n\t"
-        "stp	x9, x10, [%[r], 176]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [tmp] "r" (tmp)
-        : "memory", "x2", "x3", "x4", "x8", "x9", "x10", "x5", "x6", "x7", "cc"
-    );
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 48;
-    sp_digit z1[48];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 24;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 24);
-
-    mask = sp_3072_sub_24(a1, a, &a[24]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_24(a1, p1, p2);
-
-    sp_3072_sqr_24(z2, &a[24]);
-    sp_3072_sqr_24(z0, a);
-    sp_3072_sqr_24(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_48(z1, z2);
-    u -= sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(r + 24, z1);
-    sp_3072_add_word_24(r + 72, r + 72, u);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 384\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 384\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[96];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 376\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 384\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 752\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[96];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 376\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 384\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 752\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 192\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 192\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[48];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 184\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 192\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 368\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[48];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 184\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 192\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 368\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 384\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 384]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "ldp	x9, x10, [%[a], 64]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[9] * B\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[10] * B\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[11] * B\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[12] * B\n\t"
-        "ldp	x9, x10, [%[a], 96]\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[13] * B\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[14] * B\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[15] * B\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[16] * B\n\t"
-        "ldp	x9, x10, [%[a], 128]\n\t"
-        "str	x3, [%[r], 120]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[17] * B\n\t"
-        "str	x4, [%[r], 128]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[18] * B\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "str	x5, [%[r], 136]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[19] * B\n\t"
-        "str	x3, [%[r], 144]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[20] * B\n\t"
-        "ldp	x9, x10, [%[a], 160]\n\t"
-        "str	x4, [%[r], 152]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[21] * B\n\t"
-        "str	x5, [%[r], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[22] * B\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "str	x3, [%[r], 168]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[23] * B\n\t"
-        "str	x4, [%[r], 176]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[24] * B\n\t"
-        "ldp	x9, x10, [%[a], 192]\n\t"
-        "str	x5, [%[r], 184]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[25] * B\n\t"
-        "str	x3, [%[r], 192]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[26] * B\n\t"
-        "ldp	x9, x10, [%[a], 208]\n\t"
-        "str	x4, [%[r], 200]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[27] * B\n\t"
-        "str	x5, [%[r], 208]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[28] * B\n\t"
-        "ldp	x9, x10, [%[a], 224]\n\t"
-        "str	x3, [%[r], 216]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[29] * B\n\t"
-        "str	x4, [%[r], 224]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[30] * B\n\t"
-        "ldp	x9, x10, [%[a], 240]\n\t"
-        "str	x5, [%[r], 232]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[31] * B\n\t"
-        "str	x3, [%[r], 240]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[32] * B\n\t"
-        "ldp	x9, x10, [%[a], 256]\n\t"
-        "str	x4, [%[r], 248]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[33] * B\n\t"
-        "str	x5, [%[r], 256]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[34] * B\n\t"
-        "ldp	x9, x10, [%[a], 272]\n\t"
-        "str	x3, [%[r], 264]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[35] * B\n\t"
-        "str	x4, [%[r], 272]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[36] * B\n\t"
-        "ldp	x9, x10, [%[a], 288]\n\t"
-        "str	x5, [%[r], 280]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[37] * B\n\t"
-        "str	x3, [%[r], 288]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[38] * B\n\t"
-        "ldp	x9, x10, [%[a], 304]\n\t"
-        "str	x4, [%[r], 296]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[39] * B\n\t"
-        "str	x5, [%[r], 304]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[40] * B\n\t"
-        "ldp	x9, x10, [%[a], 320]\n\t"
-        "str	x3, [%[r], 312]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[41] * B\n\t"
-        "str	x4, [%[r], 320]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[42] * B\n\t"
-        "ldp	x9, x10, [%[a], 336]\n\t"
-        "str	x5, [%[r], 328]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[43] * B\n\t"
-        "str	x3, [%[r], 336]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[44] * B\n\t"
-        "ldp	x9, x10, [%[a], 352]\n\t"
-        "str	x4, [%[r], 344]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[45] * B\n\t"
-        "str	x5, [%[r], 352]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[46] * B\n\t"
-        "ldp	x9, x10, [%[a], 368]\n\t"
-        "str	x3, [%[r], 360]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[47] * B\n\t"
-        "str	x4, [%[r], 368]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x5, [%[r], 376]\n\t"
-        "str	x3, [%[r], 384]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_24(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 24);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_24(r, m);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x11, x12, [%[a], 0]\n\t"
-        "ldp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x15, x16, [%[a], 32]\n\t"
-        "ldp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x20, x21, [%[a], 64]\n\t"
-        "ldp	x22, x23, [%[a], 80]\n\t"
-        "# No carry yet\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..23\n\t"
-        "mov	x4, 24\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x10, %[mp], x11\n\t"
-        "ldp	x24, x25, [%[m], 0]\n\t"
-        "ldp	x26, x27, [%[m], 16]\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "mul	x5, x24, x10\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adds	x11, x11, x5\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x11, x12, x5\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x11, x11, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x12, x13, x5\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x12, x12, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x13, x14, x5\n\t"
-        "ldp	x24, x25, [%[m], 32]\n\t"
-        "ldp	x26, x27, [%[m], 48]\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x13, x13, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x14, x15, x5\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x14, x14, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x15, x16, x5\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x15, x15, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x16, x17, x5\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x16, x16, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x17, x19, x5\n\t"
-        "ldp	x24, x25, [%[m], 64]\n\t"
-        "ldp	x26, x27, [%[m], 80]\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x17, x17, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x19, x20, x5\n\t"
-        "# a[i+9] += m[9] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x19, x19, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x20, x21, x5\n\t"
-        "# a[i+10] += m[10] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x20, x20, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x21, x22, x5\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x21, x21, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x22, x23, x5\n\t"
-        "ldp	x24, x25, [%[m], 96]\n\t"
-        "ldp	x26, x27, [%[m], 112]\n\t"
-        "# a[i+12] += m[12] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x22, x22, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "ldr	x23, [%[a], 96]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x23, x23, x5\n\t"
-        "# a[i+13] += m[13] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x23, x23, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "ldp	x8, x9, [%[a], 104]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+14] += m[14] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 104]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+15] += m[15] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[a], 120]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 128]\n\t"
-        "ldp	x26, x27, [%[m], 144]\n\t"
-        "# a[i+16] += m[16] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 120]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+17] += m[17] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[a], 136]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+18] += m[18] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 136]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+19] += m[19] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[a], 152]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 160]\n\t"
-        "ldp	x26, x27, [%[m], 176]\n\t"
-        "# a[i+20] += m[20] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 152]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+21] += m[21] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[a], 168]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+22] += m[22] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 168]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+23] += m[23] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 176]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "ldp	x8, x9, [%[a], 184]\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x8, x8, x5\n\t"
-        "str	x8, [%[a], 184]\n\t"
-        "adcs	x9, x9, x7\n\t"
-        "str	x9, [%[a], 192]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "neg	x3, x3\n\t"
-        "mov   %[mp], %[a]\n\t"
-        "sub	%[a], %[a], 192\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x11, x11, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x12, x12, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x13, x13, x6\n\t"
-        "stp	x11, x12, [%[a], 0]\n\t"
-        "sbcs	x14, x14, x7\n\t"
-        "stp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x15, x15, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x16, x16, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x17, x17, x6\n\t"
-        "stp	x15, x16, [%[a], 32]\n\t"
-        "sbcs	x19, x19, x7\n\t"
-        "stp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x4, x5, [%[m], 64]\n\t"
-        "ldp	x6, x7, [%[m], 80]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x20, x20, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x21, x21, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x22, x22, x6\n\t"
-        "stp	x20, x21, [%[a], 64]\n\t"
-        "sbcs	x23, x23, x7\n\t"
-        "stp	x22, x23, [%[a], 80]\n\t"
-        "ldp	x4, x5, [%[m], 96]\n\t"
-        "ldp	x6, x7, [%[m], 112]\n\t"
-        "ldp	x8, x9, [%[mp], 96]\n\t"
-        "ldp	x10, x11, [%[mp], 112]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 96]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 112]\n\t"
-        "ldp	x4, x5, [%[m], 128]\n\t"
-        "ldp	x6, x7, [%[m], 144]\n\t"
-        "ldp	x8, x9, [%[mp], 128]\n\t"
-        "ldp	x10, x11, [%[mp], 144]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 128]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 144]\n\t"
-        "ldp	x4, x5, [%[m], 160]\n\t"
-        "ldp	x6, x7, [%[m], 176]\n\t"
-        "ldp	x8, x9, [%[mp], 160]\n\t"
-        "ldp	x10, x11, [%[mp], 176]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 160]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 176]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x10", "x8", "x9", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_24(r, a, b);
-    sp_3072_mont_reduce_24(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_24(r, a);
-    sp_3072_mont_reduce_24(r, m, mp);
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_3072_cond_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 192\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x5, x7, [%[b], 64]\n\t"
-        "ldp	x11, x12, [%[b], 80]\n\t"
-        "ldp	x4, x6, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 64]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x5, x7, [%[b], 96]\n\t"
-        "ldp	x11, x12, [%[b], 112]\n\t"
-        "ldp	x4, x6, [%[a], 96]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 96]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "ldp	x5, x7, [%[b], 128]\n\t"
-        "ldp	x11, x12, [%[b], 144]\n\t"
-        "ldp	x4, x6, [%[a], 128]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 128]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 144]\n\t"
-        "ldp	x5, x7, [%[b], 160]\n\t"
-        "ldp	x11, x12, [%[b], 176]\n\t"
-        "ldp	x4, x6, [%[a], 160]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 160]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 176]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_3072_mul_d_24(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 192\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 192]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "ldp	x9, x10, [%[a], 64]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[9] * B\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[10] * B\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[11] * B\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[12] * B\n\t"
-        "ldp	x9, x10, [%[a], 96]\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[13] * B\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[14] * B\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[15] * B\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[16] * B\n\t"
-        "ldp	x9, x10, [%[a], 128]\n\t"
-        "str	x3, [%[r], 120]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[17] * B\n\t"
-        "str	x4, [%[r], 128]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[18] * B\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "str	x5, [%[r], 136]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[19] * B\n\t"
-        "str	x3, [%[r], 144]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[20] * B\n\t"
-        "ldp	x9, x10, [%[a], 160]\n\t"
-        "str	x4, [%[r], 152]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[21] * B\n\t"
-        "str	x5, [%[r], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[22] * B\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "str	x3, [%[r], 168]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[23] * B\n\t"
-        "str	x4, [%[r], 176]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x5, [%[r], 184]\n\t"
-        "str	x3, [%[r], 192]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_3072_word_24(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<24; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #24\n\t"
-        "add	%[a], %[a], #176\n\t"
-        "add	%[b], %[b], #176\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[b], 160]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[b], 128]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 96]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 64]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[48], t2[25];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[23];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 24);
-    r1 = sp_3072_cmp_24(&t1[24], d) >= 0;
-    sp_3072_cond_sub_24(&t1[24], &t1[24], d, (sp_digit)0 - r1);
-    for (i = 23; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[24 + i] == div);
-        sp_digit hi = t1[24 + i] + mask;
-        r1 = div_3072_word_24(hi, t1[24 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_24(t2, d, r1);
-        t1[24 + i] += sp_3072_sub_in_place_24(&t1[i], t2);
-        t1[24 + i] -= t2[24];
-        sp_3072_mask_24(t2, d, t1[24 + i]);
-        t1[24 + i] += sp_3072_add_24(&t1[i], &t1[i], t2);
-        sp_3072_mask_24(t2, d, t1[24 + i]);
-        t1[24 + i] += sp_3072_add_24(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_24(t1, d) >= 0;
-    sp_3072_cond_sub_24(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_24(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_24(a, m, NULL, r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 48);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 48;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_24(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 24U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_24(t[1] + 24, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_24(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 24, a, sizeof(sp_digit) * 24);
-            err = sp_3072_mod_24(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_24(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_24(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_24(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_24(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_24(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_24(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_24(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_24(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_24(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_24(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_24(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_24(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_24(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_24(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 4;
-        if (c == 64) {
-            c = 60;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 24);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-
-            sp_3072_mont_mul_24(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[24], 0, sizeof(sp_digit) * 24U);
-        sp_3072_mont_reduce_24(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_24(r, m) >= 0);
-        sp_3072_cond_sub_24(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 48);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 48;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_24(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 24U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_24(t[1] + 24, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_24(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 24, a, sizeof(sp_digit) * 24);
-            err = sp_3072_mod_24(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_24(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_24(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_24(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_24(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_24(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_24(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_24(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_24(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_24(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_24(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_24(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_24(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_24(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_24(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_24(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_24(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_24(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_24(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_24(t[20], t[10], m, mp);
-        sp_3072_mont_mul_24(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_24(t[22], t[11], m, mp);
-        sp_3072_mont_mul_24(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_24(t[24], t[12], m, mp);
-        sp_3072_mont_mul_24(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_24(t[26], t[13], m, mp);
-        sp_3072_mont_mul_24(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_24(t[28], t[14], m, mp);
-        sp_3072_mont_mul_24(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_24(t[30], t[15], m, mp);
-        sp_3072_mont_mul_24(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 5;
-        if (c == 64) {
-            c = 59;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 24);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-            sp_3072_mont_sqr_24(r, r, m, mp);
-
-            sp_3072_mont_mul_24(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[24], 0, sizeof(sp_digit) * 24U);
-        sp_3072_mont_reduce_24(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_24(r, m) >= 0);
-        sp_3072_cond_sub_24(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 48);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_48(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x11, x12, [%[a], 0]\n\t"
-        "ldp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x15, x16, [%[a], 32]\n\t"
-        "ldp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x20, x21, [%[a], 64]\n\t"
-        "ldp	x22, x23, [%[a], 80]\n\t"
-        "# No carry yet\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..47\n\t"
-        "mov	x4, 48\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x10, %[mp], x11\n\t"
-        "ldp	x24, x25, [%[m], 0]\n\t"
-        "ldp	x26, x27, [%[m], 16]\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "mul	x5, x24, x10\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adds	x11, x11, x5\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x11, x12, x5\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x11, x11, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x12, x13, x5\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x12, x12, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x13, x14, x5\n\t"
-        "ldp	x24, x25, [%[m], 32]\n\t"
-        "ldp	x26, x27, [%[m], 48]\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x13, x13, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x14, x15, x5\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x14, x14, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x15, x16, x5\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x15, x15, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x16, x17, x5\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x16, x16, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x17, x19, x5\n\t"
-        "ldp	x24, x25, [%[m], 64]\n\t"
-        "ldp	x26, x27, [%[m], 80]\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x17, x17, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x19, x20, x5\n\t"
-        "# a[i+9] += m[9] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x19, x19, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x20, x21, x5\n\t"
-        "# a[i+10] += m[10] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x20, x20, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x21, x22, x5\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x21, x21, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x22, x23, x5\n\t"
-        "ldp	x24, x25, [%[m], 96]\n\t"
-        "ldp	x26, x27, [%[m], 112]\n\t"
-        "# a[i+12] += m[12] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x22, x22, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "ldr	x23, [%[a], 96]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x23, x23, x5\n\t"
-        "# a[i+13] += m[13] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x23, x23, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "ldp	x8, x9, [%[a], 104]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+14] += m[14] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 104]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+15] += m[15] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[a], 120]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 128]\n\t"
-        "ldp	x26, x27, [%[m], 144]\n\t"
-        "# a[i+16] += m[16] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 120]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+17] += m[17] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[a], 136]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+18] += m[18] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 136]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+19] += m[19] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[a], 152]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 160]\n\t"
-        "ldp	x26, x27, [%[m], 176]\n\t"
-        "# a[i+20] += m[20] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 152]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+21] += m[21] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[a], 168]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+22] += m[22] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 168]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+23] += m[23] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[a], 184]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 192]\n\t"
-        "ldp	x26, x27, [%[m], 208]\n\t"
-        "# a[i+24] += m[24] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 184]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+25] += m[25] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 192]\n\t"
-        "ldp	x8, x9, [%[a], 200]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+26] += m[26] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 200]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+27] += m[27] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 208]\n\t"
-        "ldp	x8, x9, [%[a], 216]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 224]\n\t"
-        "ldp	x26, x27, [%[m], 240]\n\t"
-        "# a[i+28] += m[28] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 216]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+29] += m[29] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 224]\n\t"
-        "ldp	x8, x9, [%[a], 232]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+30] += m[30] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 232]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+31] += m[31] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 240]\n\t"
-        "ldp	x8, x9, [%[a], 248]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 256]\n\t"
-        "ldp	x26, x27, [%[m], 272]\n\t"
-        "# a[i+32] += m[32] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 248]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+33] += m[33] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 256]\n\t"
-        "ldp	x8, x9, [%[a], 264]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+34] += m[34] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 264]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+35] += m[35] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 272]\n\t"
-        "ldp	x8, x9, [%[a], 280]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 288]\n\t"
-        "ldp	x26, x27, [%[m], 304]\n\t"
-        "# a[i+36] += m[36] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 280]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+37] += m[37] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 288]\n\t"
-        "ldp	x8, x9, [%[a], 296]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+38] += m[38] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 296]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+39] += m[39] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 304]\n\t"
-        "ldp	x8, x9, [%[a], 312]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 320]\n\t"
-        "ldp	x26, x27, [%[m], 336]\n\t"
-        "# a[i+40] += m[40] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 312]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+41] += m[41] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 320]\n\t"
-        "ldp	x8, x9, [%[a], 328]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+42] += m[42] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 328]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+43] += m[43] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 336]\n\t"
-        "ldp	x8, x9, [%[a], 344]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 352]\n\t"
-        "ldp	x26, x27, [%[m], 368]\n\t"
-        "# a[i+44] += m[44] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 344]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+45] += m[45] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 352]\n\t"
-        "ldp	x8, x9, [%[a], 360]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+46] += m[46] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 360]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+47] += m[47] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 368]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "ldp	x8, x9, [%[a], 376]\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x8, x8, x5\n\t"
-        "str	x8, [%[a], 376]\n\t"
-        "adcs	x9, x9, x7\n\t"
-        "str	x9, [%[a], 384]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "neg	x3, x3\n\t"
-        "mov   %[mp], %[a]\n\t"
-        "sub	%[a], %[a], 384\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x11, x11, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x12, x12, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x13, x13, x6\n\t"
-        "stp	x11, x12, [%[a], 0]\n\t"
-        "sbcs	x14, x14, x7\n\t"
-        "stp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x15, x15, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x16, x16, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x17, x17, x6\n\t"
-        "stp	x15, x16, [%[a], 32]\n\t"
-        "sbcs	x19, x19, x7\n\t"
-        "stp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x4, x5, [%[m], 64]\n\t"
-        "ldp	x6, x7, [%[m], 80]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x20, x20, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x21, x21, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x22, x22, x6\n\t"
-        "stp	x20, x21, [%[a], 64]\n\t"
-        "sbcs	x23, x23, x7\n\t"
-        "stp	x22, x23, [%[a], 80]\n\t"
-        "ldp	x4, x5, [%[m], 96]\n\t"
-        "ldp	x6, x7, [%[m], 112]\n\t"
-        "ldp	x8, x9, [%[mp], 96]\n\t"
-        "ldp	x10, x11, [%[mp], 112]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 96]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 112]\n\t"
-        "ldp	x4, x5, [%[m], 128]\n\t"
-        "ldp	x6, x7, [%[m], 144]\n\t"
-        "ldp	x8, x9, [%[mp], 128]\n\t"
-        "ldp	x10, x11, [%[mp], 144]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 128]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 144]\n\t"
-        "ldp	x4, x5, [%[m], 160]\n\t"
-        "ldp	x6, x7, [%[m], 176]\n\t"
-        "ldp	x8, x9, [%[mp], 160]\n\t"
-        "ldp	x10, x11, [%[mp], 176]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 160]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 176]\n\t"
-        "ldp	x4, x5, [%[m], 192]\n\t"
-        "ldp	x6, x7, [%[m], 208]\n\t"
-        "ldp	x8, x9, [%[mp], 192]\n\t"
-        "ldp	x10, x11, [%[mp], 208]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 192]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 208]\n\t"
-        "ldp	x4, x5, [%[m], 224]\n\t"
-        "ldp	x6, x7, [%[m], 240]\n\t"
-        "ldp	x8, x9, [%[mp], 224]\n\t"
-        "ldp	x10, x11, [%[mp], 240]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 224]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 240]\n\t"
-        "ldp	x4, x5, [%[m], 256]\n\t"
-        "ldp	x6, x7, [%[m], 272]\n\t"
-        "ldp	x8, x9, [%[mp], 256]\n\t"
-        "ldp	x10, x11, [%[mp], 272]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 256]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 272]\n\t"
-        "ldp	x4, x5, [%[m], 288]\n\t"
-        "ldp	x6, x7, [%[m], 304]\n\t"
-        "ldp	x8, x9, [%[mp], 288]\n\t"
-        "ldp	x10, x11, [%[mp], 304]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 288]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 304]\n\t"
-        "ldp	x4, x5, [%[m], 320]\n\t"
-        "ldp	x6, x7, [%[m], 336]\n\t"
-        "ldp	x8, x9, [%[mp], 320]\n\t"
-        "ldp	x10, x11, [%[mp], 336]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 320]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 336]\n\t"
-        "ldp	x4, x5, [%[m], 352]\n\t"
-        "ldp	x6, x7, [%[m], 368]\n\t"
-        "ldp	x8, x9, [%[mp], 352]\n\t"
-        "ldp	x10, x11, [%[mp], 368]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 352]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 368]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x10", "x8", "x9", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_48(r, a, b);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_48(r, a);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 384\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x7, x8, [%[b], 192]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 208]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x7, x8, [%[b], 224]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 240]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        "ldp	x3, x4, [%[a], 256]\n\t"
-        "ldp	x7, x8, [%[b], 256]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 272]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 272]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 256]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 272]\n\t"
-        "ldp	x3, x4, [%[a], 288]\n\t"
-        "ldp	x7, x8, [%[b], 288]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 304]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 304]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 288]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 304]\n\t"
-        "ldp	x3, x4, [%[a], 320]\n\t"
-        "ldp	x7, x8, [%[b], 320]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 336]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 336]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 320]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 336]\n\t"
-        "ldp	x3, x4, [%[a], 352]\n\t"
-        "ldp	x7, x8, [%[b], 352]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 368]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 368]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 352]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 368]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_3072_word_48_cond(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "b.lt	1f\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-        "1:\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "cmp	x3, x5\n\t"
-        "b.lt	2f\n\t"
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-        "2:\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return d1;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[96], t2[49];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    for (i = 47; i > 0; i--) {
-        if (t1[i + 48] != d[i])
-            break;
-    }
-    if (t1[i + 48] >= d[i]) {
-        sp_3072_sub_in_place_48(&t1[48], d);
-    }
-    for (i = 47; i >= 0; i--) {
-        if (t1[48 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_3072_word_48_cond(t1[48 + i], t1[48 + i - 1], div);
-        }
-
-        sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        if (t1[48 + i] != 0) {
-            t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], d);
-            if (t1[48 + i] != 0)
-                t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 47; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_3072_sub_48(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 48);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_48_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 384\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x5, x7, [%[b], 64]\n\t"
-        "ldp	x11, x12, [%[b], 80]\n\t"
-        "ldp	x4, x6, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 64]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x5, x7, [%[b], 96]\n\t"
-        "ldp	x11, x12, [%[b], 112]\n\t"
-        "ldp	x4, x6, [%[a], 96]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 96]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "ldp	x5, x7, [%[b], 128]\n\t"
-        "ldp	x11, x12, [%[b], 144]\n\t"
-        "ldp	x4, x6, [%[a], 128]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 128]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 144]\n\t"
-        "ldp	x5, x7, [%[b], 160]\n\t"
-        "ldp	x11, x12, [%[b], 176]\n\t"
-        "ldp	x4, x6, [%[a], 160]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 160]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 176]\n\t"
-        "ldp	x5, x7, [%[b], 192]\n\t"
-        "ldp	x11, x12, [%[b], 208]\n\t"
-        "ldp	x4, x6, [%[a], 192]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 208]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 192]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 208]\n\t"
-        "ldp	x5, x7, [%[b], 224]\n\t"
-        "ldp	x11, x12, [%[b], 240]\n\t"
-        "ldp	x4, x6, [%[a], 224]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 240]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 224]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 240]\n\t"
-        "ldp	x5, x7, [%[b], 256]\n\t"
-        "ldp	x11, x12, [%[b], 272]\n\t"
-        "ldp	x4, x6, [%[a], 256]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 272]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 256]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 272]\n\t"
-        "ldp	x5, x7, [%[b], 288]\n\t"
-        "ldp	x11, x12, [%[b], 304]\n\t"
-        "ldp	x4, x6, [%[a], 288]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 304]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 288]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 304]\n\t"
-        "ldp	x5, x7, [%[b], 320]\n\t"
-        "ldp	x11, x12, [%[b], 336]\n\t"
-        "ldp	x4, x6, [%[a], 320]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 336]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 320]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 336]\n\t"
-        "ldp	x5, x7, [%[b], 352]\n\t"
-        "ldp	x11, x12, [%[b], 368]\n\t"
-        "ldp	x4, x6, [%[a], 352]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 368]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 352]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 368]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #48\n\t"
-        "add	%[a], %[a], #368\n\t"
-        "add	%[b], %[b], #368\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 368]\n\t"
-        "ldp	x8, x9, [%[b], 368]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 352]\n\t"
-        "ldp	x8, x9, [%[b], 352]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 336]\n\t"
-        "ldp	x8, x9, [%[b], 336]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 320]\n\t"
-        "ldp	x8, x9, [%[b], 320]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 304]\n\t"
-        "ldp	x8, x9, [%[b], 304]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 288]\n\t"
-        "ldp	x8, x9, [%[b], 288]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 272]\n\t"
-        "ldp	x8, x9, [%[b], 272]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 256]\n\t"
-        "ldp	x8, x9, [%[b], 256]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 240]\n\t"
-        "ldp	x8, x9, [%[b], 240]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 224]\n\t"
-        "ldp	x8, x9, [%[b], 224]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 208]\n\t"
-        "ldp	x8, x9, [%[b], 208]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 192]\n\t"
-        "ldp	x8, x9, [%[b], 192]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[b], 160]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[b], 128]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 96]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 64]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[96], t2[49];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    r1 = sp_3072_cmp_48(&t1[48], d) >= 0;
-    sp_3072_cond_sub_48(&t1[48], &t1[48], d, (sp_digit)0 - r1);
-    for (i = 47; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[48 + i] == div);
-        sp_digit hi = t1[48 + i] + mask;
-        r1 = div_3072_word_48(hi, t1[48 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_48(t1, d) >= 0;
-    sp_3072_cond_sub_48(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_48(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 96);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 3;
-        if (c == 64) {
-            c = 61;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 61);
-                n <<= 3;
-                c = 61;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 61);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 61) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 96);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 4;
-        if (c == 64) {
-            c = 60;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 48 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 64 || inLen > 384 ||
-                                                     mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 48 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 48;
-        r = a + 48 * 2;
-        m = r + 48 * 2;
-
-        sp_3072_from_bin(ah, 48, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 48, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_3072_mont_sqr_48(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_3072_mont_mul_48(r, r, ah, m, mp);
-
-                for (i = 47; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_48(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_3072_sqr_48(r, ah);
-                err = sp_3072_mod_48_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_3072_mul_48(r, ah, r);
-                err = sp_3072_mod_48_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 63; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 48);
-                for (i--; i >= 0; i--) {
-                    sp_3072_mont_sqr_48(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_48(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-                sp_3072_mont_reduce_48(r, m, mp);
-
-                for (i = 47; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_48(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "adcs	x4, x4, x5\n\t"
-        "cset	%[c], cs\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 192\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 48 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 48 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 48;
-        m = a + 96;
-        r = a;
-
-        sp_3072_from_bin(a, 48, in, inLen);
-        sp_3072_from_mp(d, 48, dm);
-        sp_3072_from_mp(m, 48, mm);
-        err = sp_3072_mod_exp_48(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 48, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 24 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 384 || mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 24 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 48 * 2;
-        q = p + 24;
-        qi = dq = dp = q + 24;
-        tmpa = qi + 24;
-        tmpb = tmpa + 48;
-        r = a;
-
-        sp_3072_from_bin(a, 48, in, inLen);
-        sp_3072_from_mp(p, 24, pm);
-        sp_3072_from_mp(q, 24, qm);
-        sp_3072_from_mp(dp, 24, dpm);
-
-        err = sp_3072_mod_exp_24(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(dq, 24, dqm);
-        err = sp_3072_mod_exp_24(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_3072_sub_in_place_24(tmpa, tmpb);
-        c += sp_3072_cond_add_24(tmpa, tmpa, p, c);
-        sp_3072_cond_add_24(tmpa, tmpa, p, c);
-
-        sp_3072_from_mp(qi, 24, qim);
-        sp_3072_mul_24(tmpa, tmpa, qi);
-        err = sp_3072_mod_24(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_24(tmpa, q, tmpa);
-        XMEMSET(&tmpb[24], 0, sizeof(sp_digit) * 24);
-        sp_3072_add_48(r, tmpb, tmpa);
-
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 24 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 48);
-        r->used = 48;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 48; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 48; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[96];
-    sp_digit e[48];
-    sp_digit m[48];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_mp(e, 48, exp);
-        sp_3072_from_mp(m, 48, mod);
-
-        err = sp_3072_mod_exp_48(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-static void sp_3072_lshift_48(sp_digit* r, const sp_digit* a, byte n)
-{
-    word64 n64 = n;
-    __asm__ __volatile__ (
-        "mov	x6, 63\n\t"
-        "sub	x6, x6, %[n]\n\t"
-        "ldr	x3, [%[a], 376]\n\t"
-        "lsr	x4, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x4, x4, x6\n\t"
-        "ldr	x2, [%[a], 368]\n\t"
-        "str	x4, [%[r], 384]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 360]\n\t"
-        "str	x3, [%[r], 376]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 352]\n\t"
-        "str	x2, [%[r], 368]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 344]\n\t"
-        "str	x4, [%[r], 360]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 336]\n\t"
-        "str	x3, [%[r], 352]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 328]\n\t"
-        "str	x2, [%[r], 344]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 320]\n\t"
-        "str	x4, [%[r], 336]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 312]\n\t"
-        "str	x3, [%[r], 328]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 304]\n\t"
-        "str	x2, [%[r], 320]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 296]\n\t"
-        "str	x4, [%[r], 312]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 288]\n\t"
-        "str	x3, [%[r], 304]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 280]\n\t"
-        "str	x2, [%[r], 296]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 272]\n\t"
-        "str	x4, [%[r], 288]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 264]\n\t"
-        "str	x3, [%[r], 280]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 256]\n\t"
-        "str	x2, [%[r], 272]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 248]\n\t"
-        "str	x4, [%[r], 264]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 240]\n\t"
-        "str	x3, [%[r], 256]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 232]\n\t"
-        "str	x2, [%[r], 248]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 224]\n\t"
-        "str	x4, [%[r], 240]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 216]\n\t"
-        "str	x3, [%[r], 232]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 208]\n\t"
-        "str	x2, [%[r], 224]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 200]\n\t"
-        "str	x4, [%[r], 216]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 192]\n\t"
-        "str	x3, [%[r], 208]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 184]\n\t"
-        "str	x2, [%[r], 200]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 176]\n\t"
-        "str	x4, [%[r], 192]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 168]\n\t"
-        "str	x3, [%[r], 184]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 160]\n\t"
-        "str	x2, [%[r], 176]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 152]\n\t"
-        "str	x4, [%[r], 168]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 144]\n\t"
-        "str	x3, [%[r], 160]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 136]\n\t"
-        "str	x2, [%[r], 152]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 128]\n\t"
-        "str	x4, [%[r], 144]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 120]\n\t"
-        "str	x3, [%[r], 136]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 112]\n\t"
-        "str	x2, [%[r], 128]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 104]\n\t"
-        "str	x4, [%[r], 120]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 96]\n\t"
-        "str	x3, [%[r], 112]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 88]\n\t"
-        "str	x2, [%[r], 104]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 80]\n\t"
-        "str	x4, [%[r], 96]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 72]\n\t"
-        "str	x3, [%[r], 88]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 64]\n\t"
-        "str	x2, [%[r], 80]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 56]\n\t"
-        "str	x4, [%[r], 72]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 48]\n\t"
-        "str	x3, [%[r], 64]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 40]\n\t"
-        "str	x2, [%[r], 56]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 32]\n\t"
-        "str	x4, [%[r], 48]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 24]\n\t"
-        "str	x3, [%[r], 40]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 16]\n\t"
-        "str	x2, [%[r], 32]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 8]\n\t"
-        "str	x4, [%[r], 24]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 0]\n\t"
-        "str	x3, [%[r], 16]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "stp	x4, x2, [%[r]]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n64)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 145);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 145, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 96;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 6;
-        if (c == 64) {
-            c = 58;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_3072_lshift_48(r, norm, y);
-        for (; i>=0 || c>=6; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_lshift_48(r, r, y);
-            sp_3072_mul_d_48(tmp, norm, r[48]);
-            r[48] = 0;
-            o = sp_3072_add_48(r, r, tmp);
-            sp_3072_cond_sub_48(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[96];
-    sp_digit e[48];
-    sp_digit m[48];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_bin(e, 48, exp, expLen);
-        sp_3072_from_mp(m, 48, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2 && m[47] == (sp_digit)-1)
-            err = sp_3072_mod_exp_2_48(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_3072_mod_exp_48(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-        for (i=0; i<384 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[48];
-    sp_digit e[24];
-    sp_digit m[24];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 24, base);
-        sp_3072_from_mp(e, 24, exp);
-        sp_3072_from_mp(m, 24, mod);
-
-        err = sp_3072_mod_exp_24(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 24, 0, sizeof(*r) * 24U);
-        err = sp_3072_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_64(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 63; i >= 0; i--, j += 8) {
-        __asm__ __volatile__ (
-            "ldr	x4, [%[r]]\n\t"
-        #ifdef LITTLE_ENDIAN_ORDER
-            "rev	x4, x4\n\t"
-        #endif
-            "str	x4, [%[a]]\n\t"
-            :
-            : [r] "r" (r + i), [a] "r" (a + j)
-            : "memory", "x4"
-        );
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_64(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_64(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_4096_add_word_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "ldp	x2, x3, [%[a], 96]\n\t"
-        "ldp	x6, x7, [%[b], 96]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 112]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 96]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 112]\n\t"
-        "ldp	x2, x3, [%[a], 128]\n\t"
-        "ldp	x6, x7, [%[b], 128]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 144]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 128]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 144]\n\t"
-        "ldp	x2, x3, [%[a], 160]\n\t"
-        "ldp	x6, x7, [%[b], 160]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 176]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 160]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 176]\n\t"
-        "ldp	x2, x3, [%[a], 192]\n\t"
-        "ldp	x6, x7, [%[b], 192]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 208]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 208]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 192]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 208]\n\t"
-        "ldp	x2, x3, [%[a], 224]\n\t"
-        "ldp	x6, x7, [%[b], 224]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 240]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 240]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 224]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 240]\n\t"
-        "ldp	x2, x3, [%[a], 256]\n\t"
-        "ldp	x6, x7, [%[b], 256]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 272]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 272]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 256]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 272]\n\t"
-        "ldp	x2, x3, [%[a], 288]\n\t"
-        "ldp	x6, x7, [%[b], 288]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 304]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 304]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 288]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 304]\n\t"
-        "ldp	x2, x3, [%[a], 320]\n\t"
-        "ldp	x6, x7, [%[b], 320]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 336]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 336]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 320]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 336]\n\t"
-        "ldp	x2, x3, [%[a], 352]\n\t"
-        "ldp	x6, x7, [%[b], 352]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 368]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 368]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 352]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 368]\n\t"
-        "ldp	x2, x3, [%[a], 384]\n\t"
-        "ldp	x6, x7, [%[b], 384]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 400]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 400]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 384]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 400]\n\t"
-        "ldp	x2, x3, [%[a], 416]\n\t"
-        "ldp	x6, x7, [%[b], 416]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 432]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 432]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 416]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 432]\n\t"
-        "ldp	x2, x3, [%[a], 448]\n\t"
-        "ldp	x6, x7, [%[b], 448]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 464]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 464]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 448]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 464]\n\t"
-        "ldp	x2, x3, [%[a], 480]\n\t"
-        "ldp	x6, x7, [%[b], 480]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 496]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 496]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 480]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 496]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x7, x8, [%[b], 192]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 208]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x7, x8, [%[b], 224]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 240]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        "ldp	x3, x4, [%[a], 256]\n\t"
-        "ldp	x7, x8, [%[b], 256]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 272]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 272]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 256]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 272]\n\t"
-        "ldp	x3, x4, [%[a], 288]\n\t"
-        "ldp	x7, x8, [%[b], 288]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 304]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 304]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 288]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 304]\n\t"
-        "ldp	x3, x4, [%[a], 320]\n\t"
-        "ldp	x7, x8, [%[b], 320]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 336]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 336]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 320]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 336]\n\t"
-        "ldp	x3, x4, [%[a], 352]\n\t"
-        "ldp	x7, x8, [%[b], 352]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 368]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 368]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 352]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 368]\n\t"
-        "ldp	x3, x4, [%[a], 384]\n\t"
-        "ldp	x7, x8, [%[b], 384]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 400]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 400]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 384]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 400]\n\t"
-        "ldp	x3, x4, [%[a], 416]\n\t"
-        "ldp	x7, x8, [%[b], 416]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 432]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 432]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 416]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 432]\n\t"
-        "ldp	x3, x4, [%[a], 448]\n\t"
-        "ldp	x7, x8, [%[b], 448]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 464]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 464]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 448]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 464]\n\t"
-        "ldp	x3, x4, [%[a], 480]\n\t"
-        "ldp	x7, x8, [%[b], 480]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 496]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 496]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 480]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 496]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "ldp	x10, x11, [%[b], 80]\n\t"
-        "ldp	x4, x5, [%[a], 64]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 64]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 80]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "ldp	x10, x11, [%[b], 112]\n\t"
-        "ldp	x4, x5, [%[a], 96]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 96]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 112]\n\t"
-        "ldp	x8, x9, [%[b], 128]\n\t"
-        "ldp	x10, x11, [%[b], 144]\n\t"
-        "ldp	x4, x5, [%[a], 128]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 144]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 128]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 144]\n\t"
-        "ldp	x8, x9, [%[b], 160]\n\t"
-        "ldp	x10, x11, [%[b], 176]\n\t"
-        "ldp	x4, x5, [%[a], 160]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 176]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 160]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 176]\n\t"
-        "ldp	x8, x9, [%[b], 192]\n\t"
-        "ldp	x10, x11, [%[b], 208]\n\t"
-        "ldp	x4, x5, [%[a], 192]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 208]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 192]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 208]\n\t"
-        "ldp	x8, x9, [%[b], 224]\n\t"
-        "ldp	x10, x11, [%[b], 240]\n\t"
-        "ldp	x4, x5, [%[a], 224]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 240]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 224]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 240]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[64];
-    sp_digit a1[32];
-    sp_digit b1[32];
-    sp_digit* z2 = r + 64;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_32(a1, a, &a[32]);
-    cb = sp_2048_add_32(b1, b, &b[32]);
-    u  = ca & cb;
-
-    sp_2048_mul_32(z2, &a[32], &b[32]);
-    sp_2048_mul_32(z0, a, b);
-    sp_2048_mul_32(z1, a1, b1);
-
-    u += sp_4096_sub_in_place_64(z1, z0);
-    u += sp_4096_sub_in_place_64(z1, z2);
-    u += sp_4096_cond_add_32(z1 + 32, z1 + 32, a1, 0 - cb);
-    u += sp_4096_cond_add_32(z1 + 32, z1 + 32, b1, 0 - ca);
-
-    u += sp_4096_add_64(r + 32, r + 32, z1);
-    (void)sp_4096_add_word_32(r + 96, r + 96, u);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 64;
-    sp_digit z1[64];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 32;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 32);
-
-    mask = sp_2048_sub_32(a1, a, &a[32]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_32(a1, p1, p2);
-
-    sp_2048_sqr_32(z2, &a[32]);
-    sp_2048_sqr_32(z0, a);
-    sp_2048_sqr_32(z1, a1);
-
-    u = 0;
-    u -= sp_4096_sub_in_place_64(z1, z2);
-    u -= sp_4096_sub_in_place_64(z1, z0);
-    u += sp_4096_sub_in_place_64(r + 32, z1);
-    sp_4096_add_word_32(r + 96, r + 96, u);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 512\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 512\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_4096_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[128];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 504\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 512\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 1008\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[128];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 504\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 512\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 1008\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_4096_mul_d_64(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 512\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 512]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "ldp	x9, x10, [%[a], 64]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[9] * B\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[10] * B\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[11] * B\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[12] * B\n\t"
-        "ldp	x9, x10, [%[a], 96]\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[13] * B\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[14] * B\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[15] * B\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[16] * B\n\t"
-        "ldp	x9, x10, [%[a], 128]\n\t"
-        "str	x3, [%[r], 120]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[17] * B\n\t"
-        "str	x4, [%[r], 128]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[18] * B\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "str	x5, [%[r], 136]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[19] * B\n\t"
-        "str	x3, [%[r], 144]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[20] * B\n\t"
-        "ldp	x9, x10, [%[a], 160]\n\t"
-        "str	x4, [%[r], 152]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[21] * B\n\t"
-        "str	x5, [%[r], 160]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[22] * B\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "str	x3, [%[r], 168]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[23] * B\n\t"
-        "str	x4, [%[r], 176]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[24] * B\n\t"
-        "ldp	x9, x10, [%[a], 192]\n\t"
-        "str	x5, [%[r], 184]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[25] * B\n\t"
-        "str	x3, [%[r], 192]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[26] * B\n\t"
-        "ldp	x9, x10, [%[a], 208]\n\t"
-        "str	x4, [%[r], 200]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[27] * B\n\t"
-        "str	x5, [%[r], 208]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[28] * B\n\t"
-        "ldp	x9, x10, [%[a], 224]\n\t"
-        "str	x3, [%[r], 216]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[29] * B\n\t"
-        "str	x4, [%[r], 224]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[30] * B\n\t"
-        "ldp	x9, x10, [%[a], 240]\n\t"
-        "str	x5, [%[r], 232]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[31] * B\n\t"
-        "str	x3, [%[r], 240]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[32] * B\n\t"
-        "ldp	x9, x10, [%[a], 256]\n\t"
-        "str	x4, [%[r], 248]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[33] * B\n\t"
-        "str	x5, [%[r], 256]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[34] * B\n\t"
-        "ldp	x9, x10, [%[a], 272]\n\t"
-        "str	x3, [%[r], 264]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[35] * B\n\t"
-        "str	x4, [%[r], 272]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[36] * B\n\t"
-        "ldp	x9, x10, [%[a], 288]\n\t"
-        "str	x5, [%[r], 280]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[37] * B\n\t"
-        "str	x3, [%[r], 288]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[38] * B\n\t"
-        "ldp	x9, x10, [%[a], 304]\n\t"
-        "str	x4, [%[r], 296]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[39] * B\n\t"
-        "str	x5, [%[r], 304]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[40] * B\n\t"
-        "ldp	x9, x10, [%[a], 320]\n\t"
-        "str	x3, [%[r], 312]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[41] * B\n\t"
-        "str	x4, [%[r], 320]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[42] * B\n\t"
-        "ldp	x9, x10, [%[a], 336]\n\t"
-        "str	x5, [%[r], 328]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[43] * B\n\t"
-        "str	x3, [%[r], 336]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[44] * B\n\t"
-        "ldp	x9, x10, [%[a], 352]\n\t"
-        "str	x4, [%[r], 344]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[45] * B\n\t"
-        "str	x5, [%[r], 352]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[46] * B\n\t"
-        "ldp	x9, x10, [%[a], 368]\n\t"
-        "str	x3, [%[r], 360]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[47] * B\n\t"
-        "str	x4, [%[r], 368]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[48] * B\n\t"
-        "ldp	x9, x10, [%[a], 384]\n\t"
-        "str	x5, [%[r], 376]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[49] * B\n\t"
-        "str	x3, [%[r], 384]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[50] * B\n\t"
-        "ldp	x9, x10, [%[a], 400]\n\t"
-        "str	x4, [%[r], 392]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[51] * B\n\t"
-        "str	x5, [%[r], 400]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[52] * B\n\t"
-        "ldp	x9, x10, [%[a], 416]\n\t"
-        "str	x3, [%[r], 408]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[53] * B\n\t"
-        "str	x4, [%[r], 416]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[54] * B\n\t"
-        "ldp	x9, x10, [%[a], 432]\n\t"
-        "str	x5, [%[r], 424]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[55] * B\n\t"
-        "str	x3, [%[r], 432]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[56] * B\n\t"
-        "ldp	x9, x10, [%[a], 448]\n\t"
-        "str	x4, [%[r], 440]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[57] * B\n\t"
-        "str	x5, [%[r], 448]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[58] * B\n\t"
-        "ldp	x9, x10, [%[a], 464]\n\t"
-        "str	x3, [%[r], 456]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[59] * B\n\t"
-        "str	x4, [%[r], 464]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[60] * B\n\t"
-        "ldp	x9, x10, [%[a], 480]\n\t"
-        "str	x5, [%[r], 472]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[61] * B\n\t"
-        "str	x3, [%[r], 480]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[62] * B\n\t"
-        "ldp	x9, x10, [%[a], 496]\n\t"
-        "str	x4, [%[r], 488]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[63] * B\n\t"
-        "str	x5, [%[r], 496]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "stp	x3, x4, [%[r], 504]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_64(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 64);
-
-    /* r = 2^n mod m */
-    sp_4096_sub_in_place_64(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x11, x12, [%[a], 0]\n\t"
-        "ldp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x15, x16, [%[a], 32]\n\t"
-        "ldp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x20, x21, [%[a], 64]\n\t"
-        "ldp	x22, x23, [%[a], 80]\n\t"
-        "# No carry yet\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..63\n\t"
-        "mov	x4, 64\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x10, %[mp], x11\n\t"
-        "ldp	x24, x25, [%[m], 0]\n\t"
-        "ldp	x26, x27, [%[m], 16]\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "mul	x5, x24, x10\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adds	x11, x11, x5\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x11, x12, x5\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x11, x11, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x12, x13, x5\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x12, x12, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x13, x14, x5\n\t"
-        "ldp	x24, x25, [%[m], 32]\n\t"
-        "ldp	x26, x27, [%[m], 48]\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x13, x13, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x14, x15, x5\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x14, x14, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x15, x16, x5\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x15, x15, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x16, x17, x5\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x16, x16, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x17, x19, x5\n\t"
-        "ldp	x24, x25, [%[m], 64]\n\t"
-        "ldp	x26, x27, [%[m], 80]\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x17, x17, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x19, x20, x5\n\t"
-        "# a[i+9] += m[9] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x19, x19, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x20, x21, x5\n\t"
-        "# a[i+10] += m[10] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x20, x20, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x21, x22, x5\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x21, x21, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x22, x23, x5\n\t"
-        "ldp	x24, x25, [%[m], 96]\n\t"
-        "ldp	x26, x27, [%[m], 112]\n\t"
-        "# a[i+12] += m[12] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x22, x22, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "ldr	x23, [%[a], 96]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x23, x23, x5\n\t"
-        "# a[i+13] += m[13] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x23, x23, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "ldp	x8, x9, [%[a], 104]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+14] += m[14] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 104]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+15] += m[15] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[a], 120]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 128]\n\t"
-        "ldp	x26, x27, [%[m], 144]\n\t"
-        "# a[i+16] += m[16] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 120]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+17] += m[17] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[a], 136]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+18] += m[18] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 136]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+19] += m[19] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[a], 152]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 160]\n\t"
-        "ldp	x26, x27, [%[m], 176]\n\t"
-        "# a[i+20] += m[20] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 152]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+21] += m[21] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[a], 168]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+22] += m[22] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 168]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+23] += m[23] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[a], 184]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 192]\n\t"
-        "ldp	x26, x27, [%[m], 208]\n\t"
-        "# a[i+24] += m[24] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 184]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+25] += m[25] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 192]\n\t"
-        "ldp	x8, x9, [%[a], 200]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+26] += m[26] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 200]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+27] += m[27] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 208]\n\t"
-        "ldp	x8, x9, [%[a], 216]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 224]\n\t"
-        "ldp	x26, x27, [%[m], 240]\n\t"
-        "# a[i+28] += m[28] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 216]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+29] += m[29] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 224]\n\t"
-        "ldp	x8, x9, [%[a], 232]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+30] += m[30] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 232]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+31] += m[31] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 240]\n\t"
-        "ldp	x8, x9, [%[a], 248]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 256]\n\t"
-        "ldp	x26, x27, [%[m], 272]\n\t"
-        "# a[i+32] += m[32] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 248]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+33] += m[33] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 256]\n\t"
-        "ldp	x8, x9, [%[a], 264]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+34] += m[34] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 264]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+35] += m[35] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 272]\n\t"
-        "ldp	x8, x9, [%[a], 280]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 288]\n\t"
-        "ldp	x26, x27, [%[m], 304]\n\t"
-        "# a[i+36] += m[36] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 280]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+37] += m[37] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 288]\n\t"
-        "ldp	x8, x9, [%[a], 296]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+38] += m[38] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 296]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+39] += m[39] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 304]\n\t"
-        "ldp	x8, x9, [%[a], 312]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 320]\n\t"
-        "ldp	x26, x27, [%[m], 336]\n\t"
-        "# a[i+40] += m[40] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 312]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+41] += m[41] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 320]\n\t"
-        "ldp	x8, x9, [%[a], 328]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+42] += m[42] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 328]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+43] += m[43] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 336]\n\t"
-        "ldp	x8, x9, [%[a], 344]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 352]\n\t"
-        "ldp	x26, x27, [%[m], 368]\n\t"
-        "# a[i+44] += m[44] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 344]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+45] += m[45] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 352]\n\t"
-        "ldp	x8, x9, [%[a], 360]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+46] += m[46] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 360]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+47] += m[47] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 368]\n\t"
-        "ldp	x8, x9, [%[a], 376]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 384]\n\t"
-        "ldp	x26, x27, [%[m], 400]\n\t"
-        "# a[i+48] += m[48] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 376]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+49] += m[49] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 384]\n\t"
-        "ldp	x8, x9, [%[a], 392]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+50] += m[50] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 392]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+51] += m[51] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 400]\n\t"
-        "ldp	x8, x9, [%[a], 408]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 416]\n\t"
-        "ldp	x26, x27, [%[m], 432]\n\t"
-        "# a[i+52] += m[52] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 408]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+53] += m[53] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 416]\n\t"
-        "ldp	x8, x9, [%[a], 424]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+54] += m[54] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 424]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+55] += m[55] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 432]\n\t"
-        "ldp	x8, x9, [%[a], 440]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 448]\n\t"
-        "ldp	x26, x27, [%[m], 464]\n\t"
-        "# a[i+56] += m[56] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 440]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+57] += m[57] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 448]\n\t"
-        "ldp	x8, x9, [%[a], 456]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+58] += m[58] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 456]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+59] += m[59] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 464]\n\t"
-        "ldp	x8, x9, [%[a], 472]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "ldp	x24, x25, [%[m], 480]\n\t"
-        "ldp	x26, x27, [%[m], 496]\n\t"
-        "# a[i+60] += m[60] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x24, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 472]\n\t"
-        "umulh	x6, x24, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+61] += m[61] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x25, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 480]\n\t"
-        "ldp	x8, x9, [%[a], 488]\n\t"
-        "umulh	x7, x25, x10\n\t"
-        "adds	x8, x8, x5\n\t"
-        "# a[i+62] += m[62] * mu\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x8, x8, x6\n\t"
-        "mul	x5, x26, x10\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "str	x8, [%[a], 488]\n\t"
-        "umulh	x6, x26, x10\n\t"
-        "adds	x9, x9, x5\n\t"
-        "# a[i+63] += m[63] * mu\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x9, x9, x7\n\t"
-        "mul	x5, x27, x10\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "str	x9, [%[a], 496]\n\t"
-        "umulh	x7, x27, x10\n\t"
-        "ldp	x8, x9, [%[a], 504]\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x8, x8, x5\n\t"
-        "str	x8, [%[a], 504]\n\t"
-        "adcs	x9, x9, x7\n\t"
-        "str	x9, [%[a], 512]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "neg	x3, x3\n\t"
-        "mov   %[mp], %[a]\n\t"
-        "sub	%[a], %[a], 512\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x11, x11, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x12, x12, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x13, x13, x6\n\t"
-        "stp	x11, x12, [%[a], 0]\n\t"
-        "sbcs	x14, x14, x7\n\t"
-        "stp	x13, x14, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x15, x15, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x16, x16, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x17, x17, x6\n\t"
-        "stp	x15, x16, [%[a], 32]\n\t"
-        "sbcs	x19, x19, x7\n\t"
-        "stp	x17, x19, [%[a], 48]\n\t"
-        "ldp	x4, x5, [%[m], 64]\n\t"
-        "ldp	x6, x7, [%[m], 80]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x20, x20, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x21, x21, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x22, x22, x6\n\t"
-        "stp	x20, x21, [%[a], 64]\n\t"
-        "sbcs	x23, x23, x7\n\t"
-        "stp	x22, x23, [%[a], 80]\n\t"
-        "ldp	x4, x5, [%[m], 96]\n\t"
-        "ldp	x6, x7, [%[m], 112]\n\t"
-        "ldp	x8, x9, [%[mp], 96]\n\t"
-        "ldp	x10, x11, [%[mp], 112]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 96]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 112]\n\t"
-        "ldp	x4, x5, [%[m], 128]\n\t"
-        "ldp	x6, x7, [%[m], 144]\n\t"
-        "ldp	x8, x9, [%[mp], 128]\n\t"
-        "ldp	x10, x11, [%[mp], 144]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 128]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 144]\n\t"
-        "ldp	x4, x5, [%[m], 160]\n\t"
-        "ldp	x6, x7, [%[m], 176]\n\t"
-        "ldp	x8, x9, [%[mp], 160]\n\t"
-        "ldp	x10, x11, [%[mp], 176]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 160]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 176]\n\t"
-        "ldp	x4, x5, [%[m], 192]\n\t"
-        "ldp	x6, x7, [%[m], 208]\n\t"
-        "ldp	x8, x9, [%[mp], 192]\n\t"
-        "ldp	x10, x11, [%[mp], 208]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 192]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 208]\n\t"
-        "ldp	x4, x5, [%[m], 224]\n\t"
-        "ldp	x6, x7, [%[m], 240]\n\t"
-        "ldp	x8, x9, [%[mp], 224]\n\t"
-        "ldp	x10, x11, [%[mp], 240]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 224]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 240]\n\t"
-        "ldp	x4, x5, [%[m], 256]\n\t"
-        "ldp	x6, x7, [%[m], 272]\n\t"
-        "ldp	x8, x9, [%[mp], 256]\n\t"
-        "ldp	x10, x11, [%[mp], 272]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 256]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 272]\n\t"
-        "ldp	x4, x5, [%[m], 288]\n\t"
-        "ldp	x6, x7, [%[m], 304]\n\t"
-        "ldp	x8, x9, [%[mp], 288]\n\t"
-        "ldp	x10, x11, [%[mp], 304]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 288]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 304]\n\t"
-        "ldp	x4, x5, [%[m], 320]\n\t"
-        "ldp	x6, x7, [%[m], 336]\n\t"
-        "ldp	x8, x9, [%[mp], 320]\n\t"
-        "ldp	x10, x11, [%[mp], 336]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 320]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 336]\n\t"
-        "ldp	x4, x5, [%[m], 352]\n\t"
-        "ldp	x6, x7, [%[m], 368]\n\t"
-        "ldp	x8, x9, [%[mp], 352]\n\t"
-        "ldp	x10, x11, [%[mp], 368]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 352]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 368]\n\t"
-        "ldp	x4, x5, [%[m], 384]\n\t"
-        "ldp	x6, x7, [%[m], 400]\n\t"
-        "ldp	x8, x9, [%[mp], 384]\n\t"
-        "ldp	x10, x11, [%[mp], 400]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 384]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 400]\n\t"
-        "ldp	x4, x5, [%[m], 416]\n\t"
-        "ldp	x6, x7, [%[m], 432]\n\t"
-        "ldp	x8, x9, [%[mp], 416]\n\t"
-        "ldp	x10, x11, [%[mp], 432]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 416]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 432]\n\t"
-        "ldp	x4, x5, [%[m], 448]\n\t"
-        "ldp	x6, x7, [%[m], 464]\n\t"
-        "ldp	x8, x9, [%[mp], 448]\n\t"
-        "ldp	x10, x11, [%[mp], 464]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 448]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 464]\n\t"
-        "ldp	x4, x5, [%[m], 480]\n\t"
-        "ldp	x6, x7, [%[m], 496]\n\t"
-        "ldp	x8, x9, [%[mp], 480]\n\t"
-        "ldp	x10, x11, [%[mp], 496]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x10, x10, x6\n\t"
-        "stp	x8, x9, [%[a], 480]\n\t"
-        "sbcs	x11, x11, x7\n\t"
-        "stp	x10, x11, [%[a], 496]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x10", "x8", "x9", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_64(r, a, b);
-    sp_4096_mont_reduce_64(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_64(r, a);
-    sp_4096_mont_reduce_64(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 512\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "ldp	x3, x4, [%[a], 128]\n\t"
-        "ldp	x7, x8, [%[b], 128]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 144]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 144]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 144]\n\t"
-        "ldp	x3, x4, [%[a], 160]\n\t"
-        "ldp	x7, x8, [%[b], 160]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 176]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 176]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 160]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 176]\n\t"
-        "ldp	x3, x4, [%[a], 192]\n\t"
-        "ldp	x7, x8, [%[b], 192]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 208]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 208]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 192]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 208]\n\t"
-        "ldp	x3, x4, [%[a], 224]\n\t"
-        "ldp	x7, x8, [%[b], 224]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 240]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 240]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 224]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 240]\n\t"
-        "ldp	x3, x4, [%[a], 256]\n\t"
-        "ldp	x7, x8, [%[b], 256]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 272]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 272]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 256]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 272]\n\t"
-        "ldp	x3, x4, [%[a], 288]\n\t"
-        "ldp	x7, x8, [%[b], 288]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 304]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 304]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 288]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 304]\n\t"
-        "ldp	x3, x4, [%[a], 320]\n\t"
-        "ldp	x7, x8, [%[b], 320]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 336]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 336]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 320]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 336]\n\t"
-        "ldp	x3, x4, [%[a], 352]\n\t"
-        "ldp	x7, x8, [%[b], 352]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 368]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 368]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 352]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 368]\n\t"
-        "ldp	x3, x4, [%[a], 384]\n\t"
-        "ldp	x7, x8, [%[b], 384]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 400]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 400]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 384]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 400]\n\t"
-        "ldp	x3, x4, [%[a], 416]\n\t"
-        "ldp	x7, x8, [%[b], 416]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 432]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 432]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 416]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 432]\n\t"
-        "ldp	x3, x4, [%[a], 448]\n\t"
-        "ldp	x7, x8, [%[b], 448]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 464]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 464]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 448]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 464]\n\t"
-        "ldp	x3, x4, [%[a], 480]\n\t"
-        "ldp	x7, x8, [%[b], 480]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 496]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 496]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 480]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 496]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_4096_word_64_cond(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "b.lt	1f\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-        "1:\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "cmp	x3, x5\n\t"
-        "b.lt	2f\n\t"
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-        "2:\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return d1;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    for (i = 63; i > 0; i--) {
-        if (t1[i + 64] != d[i])
-            break;
-    }
-    if (t1[i + 64] >= d[i]) {
-        sp_4096_sub_in_place_64(&t1[64], d);
-    }
-    for (i = 63; i >= 0; i--) {
-        if (t1[64 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_4096_word_64_cond(t1[64 + i], t1[64 + i - 1], div);
-        }
-
-        sp_4096_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_4096_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        if (t1[64 + i] != 0) {
-            t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], d);
-            if (t1[64 + i] != 0)
-                t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 63; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_4096_sub_64(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 64);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_64_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_4096_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 512\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x5, x7, [%[b], 64]\n\t"
-        "ldp	x11, x12, [%[b], 80]\n\t"
-        "ldp	x4, x6, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 64]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x5, x7, [%[b], 96]\n\t"
-        "ldp	x11, x12, [%[b], 112]\n\t"
-        "ldp	x4, x6, [%[a], 96]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 96]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "ldp	x5, x7, [%[b], 128]\n\t"
-        "ldp	x11, x12, [%[b], 144]\n\t"
-        "ldp	x4, x6, [%[a], 128]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 144]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 128]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 144]\n\t"
-        "ldp	x5, x7, [%[b], 160]\n\t"
-        "ldp	x11, x12, [%[b], 176]\n\t"
-        "ldp	x4, x6, [%[a], 160]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 176]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 160]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 176]\n\t"
-        "ldp	x5, x7, [%[b], 192]\n\t"
-        "ldp	x11, x12, [%[b], 208]\n\t"
-        "ldp	x4, x6, [%[a], 192]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 208]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 192]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 208]\n\t"
-        "ldp	x5, x7, [%[b], 224]\n\t"
-        "ldp	x11, x12, [%[b], 240]\n\t"
-        "ldp	x4, x6, [%[a], 224]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 240]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 224]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 240]\n\t"
-        "ldp	x5, x7, [%[b], 256]\n\t"
-        "ldp	x11, x12, [%[b], 272]\n\t"
-        "ldp	x4, x6, [%[a], 256]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 272]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 256]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 272]\n\t"
-        "ldp	x5, x7, [%[b], 288]\n\t"
-        "ldp	x11, x12, [%[b], 304]\n\t"
-        "ldp	x4, x6, [%[a], 288]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 304]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 288]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 304]\n\t"
-        "ldp	x5, x7, [%[b], 320]\n\t"
-        "ldp	x11, x12, [%[b], 336]\n\t"
-        "ldp	x4, x6, [%[a], 320]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 336]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 320]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 336]\n\t"
-        "ldp	x5, x7, [%[b], 352]\n\t"
-        "ldp	x11, x12, [%[b], 368]\n\t"
-        "ldp	x4, x6, [%[a], 352]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 368]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 352]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 368]\n\t"
-        "ldp	x5, x7, [%[b], 384]\n\t"
-        "ldp	x11, x12, [%[b], 400]\n\t"
-        "ldp	x4, x6, [%[a], 384]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 400]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 384]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 400]\n\t"
-        "ldp	x5, x7, [%[b], 416]\n\t"
-        "ldp	x11, x12, [%[b], 432]\n\t"
-        "ldp	x4, x6, [%[a], 416]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 432]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 416]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 432]\n\t"
-        "ldp	x5, x7, [%[b], 448]\n\t"
-        "ldp	x11, x12, [%[b], 464]\n\t"
-        "ldp	x4, x6, [%[a], 448]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 464]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 448]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 464]\n\t"
-        "ldp	x5, x7, [%[b], 480]\n\t"
-        "ldp	x11, x12, [%[b], 496]\n\t"
-        "ldp	x4, x6, [%[a], 480]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 496]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 480]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 496]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_4096_word_64(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_4096_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<64; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 64; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #64\n\t"
-        "add	%[a], %[a], #496\n\t"
-        "add	%[b], %[b], #496\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 496]\n\t"
-        "ldp	x8, x9, [%[b], 496]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 480]\n\t"
-        "ldp	x8, x9, [%[b], 480]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 464]\n\t"
-        "ldp	x8, x9, [%[b], 464]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 448]\n\t"
-        "ldp	x8, x9, [%[b], 448]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 432]\n\t"
-        "ldp	x8, x9, [%[b], 432]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 416]\n\t"
-        "ldp	x8, x9, [%[b], 416]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 400]\n\t"
-        "ldp	x8, x9, [%[b], 400]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 384]\n\t"
-        "ldp	x8, x9, [%[b], 384]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 368]\n\t"
-        "ldp	x8, x9, [%[b], 368]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 352]\n\t"
-        "ldp	x8, x9, [%[b], 352]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 336]\n\t"
-        "ldp	x8, x9, [%[b], 336]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 320]\n\t"
-        "ldp	x8, x9, [%[b], 320]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 304]\n\t"
-        "ldp	x8, x9, [%[b], 304]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 288]\n\t"
-        "ldp	x8, x9, [%[b], 288]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 272]\n\t"
-        "ldp	x8, x9, [%[b], 272]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 256]\n\t"
-        "ldp	x8, x9, [%[b], 256]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 240]\n\t"
-        "ldp	x8, x9, [%[b], 240]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 224]\n\t"
-        "ldp	x8, x9, [%[b], 224]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 208]\n\t"
-        "ldp	x8, x9, [%[b], 208]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 192]\n\t"
-        "ldp	x8, x9, [%[b], 192]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 176]\n\t"
-        "ldp	x8, x9, [%[b], 176]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 160]\n\t"
-        "ldp	x8, x9, [%[b], 160]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 144]\n\t"
-        "ldp	x8, x9, [%[b], 144]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 128]\n\t"
-        "ldp	x8, x9, [%[b], 128]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 96]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 64]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    r1 = sp_4096_cmp_64(&t1[64], d) >= 0;
-    sp_4096_cond_sub_64(&t1[64], &t1[64], d, (sp_digit)0 - r1);
-    for (i = 63; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[64 + i] == div);
-        sp_digit hi = t1[64 + i] + mask;
-        r1 = div_4096_word_64(hi, t1[64 + i - 1], div);
-        r1 |= mask;
-
-        sp_4096_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_4096_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        sp_4096_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], t2);
-        sp_4096_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_4096_cmp_64(t1, d) >= 0;
-    sp_4096_cond_sub_64(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_64(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 128);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 3;
-        if (c == 64) {
-            c = 61;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 61);
-                n <<= 3;
-                c = 61;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 61);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 61) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-
-            sp_4096_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_4096_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 128);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_64(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_64(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_64(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_64(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_64(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_64(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_64(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_64(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 4;
-        if (c == 64) {
-            c = 60;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-
-            sp_4096_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_4096_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 64 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 64 || inLen > 512 ||
-                                                     mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 64;
-        r = a + 64 * 2;
-        m = r + 64 * 2;
-
-        sp_4096_from_bin(ah, 64, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 64, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_4096_mont_sqr_64(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_4096_mont_mul_64(r, r, ah, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_64(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_4096_sqr_64(r, ah);
-                err = sp_4096_mod_64_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_4096_mul_64(r, ah, r);
-                err = sp_4096_mod_64_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 63; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 64);
-                for (i--; i >= 0; i--) {
-                    sp_4096_mont_sqr_64(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_64(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-                sp_4096_mont_reduce_64(r, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_64(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "adcs	x4, x4, x5\n\t"
-        "cset	%[c], cs\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 256\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 64 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 64 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 64;
-        m = a + 128;
-        r = a;
-
-        sp_4096_from_bin(a, 64, in, inLen);
-        sp_4096_from_mp(d, 64, dm);
-        sp_4096_from_mp(m, 64, mm);
-        err = sp_4096_mod_exp_64(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 64, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 32 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 512 || mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 64 * 2;
-        q = p + 32;
-        qi = dq = dp = q + 32;
-        tmpa = qi + 32;
-        tmpb = tmpa + 64;
-        r = a;
-
-        sp_4096_from_bin(a, 64, in, inLen);
-        sp_4096_from_mp(p, 32, pm);
-        sp_4096_from_mp(q, 32, qm);
-        sp_4096_from_mp(dp, 32, dpm);
-
-        err = sp_2048_mod_exp_32(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(dq, 32, dqm);
-        err = sp_2048_mod_exp_32(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_32(tmpa, tmpb);
-        c += sp_4096_cond_add_32(tmpa, tmpa, p, c);
-        sp_4096_cond_add_32(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 32, qim);
-        sp_2048_mul_32(tmpa, tmpa, qi);
-        err = sp_2048_mod_32(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_32(tmpa, q, tmpa);
-        XMEMSET(&tmpb[32], 0, sizeof(sp_digit) * 32);
-        sp_4096_add_64(r, tmpb, tmpa);
-
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 64);
-        r->used = 64;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 64, base);
-        sp_4096_from_mp(e, 64, exp);
-        sp_4096_from_mp(m, 64, mod);
-
-        err = sp_4096_mod_exp_64(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-static void sp_4096_lshift_64(sp_digit* r, const sp_digit* a, byte n)
-{
-    word64 n64 = n;
-    __asm__ __volatile__ (
-        "mov	x6, 63\n\t"
-        "sub	x6, x6, %[n]\n\t"
-        "ldr	x3, [%[a], 504]\n\t"
-        "lsr	x4, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x4, x4, x6\n\t"
-        "ldr	x2, [%[a], 496]\n\t"
-        "str	x4, [%[r], 512]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 488]\n\t"
-        "str	x3, [%[r], 504]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 480]\n\t"
-        "str	x2, [%[r], 496]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 472]\n\t"
-        "str	x4, [%[r], 488]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 464]\n\t"
-        "str	x3, [%[r], 480]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 456]\n\t"
-        "str	x2, [%[r], 472]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 448]\n\t"
-        "str	x4, [%[r], 464]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 440]\n\t"
-        "str	x3, [%[r], 456]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 432]\n\t"
-        "str	x2, [%[r], 448]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 424]\n\t"
-        "str	x4, [%[r], 440]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 416]\n\t"
-        "str	x3, [%[r], 432]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 408]\n\t"
-        "str	x2, [%[r], 424]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 400]\n\t"
-        "str	x4, [%[r], 416]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 392]\n\t"
-        "str	x3, [%[r], 408]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 384]\n\t"
-        "str	x2, [%[r], 400]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 376]\n\t"
-        "str	x4, [%[r], 392]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 368]\n\t"
-        "str	x3, [%[r], 384]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 360]\n\t"
-        "str	x2, [%[r], 376]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 352]\n\t"
-        "str	x4, [%[r], 368]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 344]\n\t"
-        "str	x3, [%[r], 360]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 336]\n\t"
-        "str	x2, [%[r], 352]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 328]\n\t"
-        "str	x4, [%[r], 344]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 320]\n\t"
-        "str	x3, [%[r], 336]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 312]\n\t"
-        "str	x2, [%[r], 328]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 304]\n\t"
-        "str	x4, [%[r], 320]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 296]\n\t"
-        "str	x3, [%[r], 312]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 288]\n\t"
-        "str	x2, [%[r], 304]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 280]\n\t"
-        "str	x4, [%[r], 296]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 272]\n\t"
-        "str	x3, [%[r], 288]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 264]\n\t"
-        "str	x2, [%[r], 280]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 256]\n\t"
-        "str	x4, [%[r], 272]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 248]\n\t"
-        "str	x3, [%[r], 264]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 240]\n\t"
-        "str	x2, [%[r], 256]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 232]\n\t"
-        "str	x4, [%[r], 248]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 224]\n\t"
-        "str	x3, [%[r], 240]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 216]\n\t"
-        "str	x2, [%[r], 232]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 208]\n\t"
-        "str	x4, [%[r], 224]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 200]\n\t"
-        "str	x3, [%[r], 216]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 192]\n\t"
-        "str	x2, [%[r], 208]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 184]\n\t"
-        "str	x4, [%[r], 200]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 176]\n\t"
-        "str	x3, [%[r], 192]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 168]\n\t"
-        "str	x2, [%[r], 184]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 160]\n\t"
-        "str	x4, [%[r], 176]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 152]\n\t"
-        "str	x3, [%[r], 168]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 144]\n\t"
-        "str	x2, [%[r], 160]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 136]\n\t"
-        "str	x4, [%[r], 152]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 128]\n\t"
-        "str	x3, [%[r], 144]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 120]\n\t"
-        "str	x2, [%[r], 136]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 112]\n\t"
-        "str	x4, [%[r], 128]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 104]\n\t"
-        "str	x3, [%[r], 120]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 96]\n\t"
-        "str	x2, [%[r], 112]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 88]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 80]\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 72]\n\t"
-        "str	x2, [%[r], 88]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 64]\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 56]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 48]\n\t"
-        "str	x2, [%[r], 64]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 40]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 32]\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 24]\n\t"
-        "str	x2, [%[r], 40]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 16]\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 8]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 0]\n\t"
-        "str	x2, [%[r], 16]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "stp	x3, x4, [%[r]]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n64)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 193);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 193, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 128;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        c -= bits % 6;
-        if (c == 64) {
-            c = 58;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_4096_lshift_64(r, norm, y);
-        for (; i>=0 || c>=6; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-
-            sp_4096_lshift_64(r, r, y);
-            sp_4096_mul_d_64(tmp, norm, r[64]);
-            r[64] = 0;
-            o = sp_4096_add_64(r, r, tmp);
-            sp_4096_cond_sub_64(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_4096_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 64, base);
-        sp_4096_from_bin(e, 64, exp, expLen);
-        sp_4096_from_mp(m, 64, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2 && m[63] == (sp_digit)-1)
-            err = sp_4096_mod_exp_2_64(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_4096_mod_exp_64(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-        for (i=0; i<512 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 4];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 4];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 4];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[4] = {
-    0xffffffffffffffffL,0x00000000ffffffffL,0x0000000000000000L,
-    0xffffffff00000001L
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[4] = {
-    0x0000000000000001L,0xffffffff00000000L,0xffffffffffffffffL,
-    0x00000000fffffffeL
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x0000000000000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[4] = {
-    0xf3b9cac2fc632551L,0xbce6faada7179e84L,0xffffffffffffffffL,
-    0xffffffff00000000L
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[4] = {
-    0xf3b9cac2fc63254fL,0xbce6faada7179e84L,0xffffffffffffffffL,
-    0xffffffff00000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[4] = {
-    0x0c46353d039cdaafL,0x4319055258e8617bL,0x0000000000000000L,
-    0x00000000ffffffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0xccd1c8aaee00bc4fL;
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0xf4a13945d898c296L,0x77037d812deb33a0L,0xf8bce6e563a440f2L,
-        0x6b17d1f2e12c4247L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0xcbb6406837bf51f5L,0x2bce33576b315eceL,0x8ee7eb4a7c0f9e16L,
-        0x4fe342e2fe1a7f9bL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[4] = {
-    0x3bce3c3e27d2604bL,0x651d06b0cc53b0f6L,0xb3ebbd55769886bcL,
-    0x5ac635d8aa3a93e7L
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[8];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 24\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 32\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 48\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x13, x14, [%[a], 0]\n\t"
-        "ldp	x15, x16, [%[a], 16]\n\t"
-        "ldp	x17, x19, [%[b], 0]\n\t"
-        "ldp	x20, x21, [%[b], 16]\n\t"
-        "# A[0] * B[0]\n\t"
-        "umulh	x6, x13, x17\n\t"
-        "mul	x5, x13, x17\n\t"
-        "# A[2] * B[0]\n\t"
-        "umulh	x8, x15, x17\n\t"
-        "mul	x7, x15, x17\n\t"
-        "# A[1] * B[0]\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "# A[0] * B[2]\n\t"
-        "mul	x3, x13, x20\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x13, x20\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# A[1] * B[3]\n\t"
-        "mul	x9, x14, x21\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "umulh	x10, x14, x21\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# A[0] * B[1]\n\t"
-        "mul	x3, x13, x19\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x13, x19\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "# A[2] * B[1]\n\t"
-        "mul	x3, x15, x19\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "umulh	x4, x15, x19\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# A[1] * B[2]\n\t"
-        "mul	x3, x14, x20\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x14, x20\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[1] * B[1]\n\t"
-        "mul	x3, x14, x19\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x14, x19\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# A[3] * B[1]\n\t"
-        "mul	x3, x16, x19\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x4, x16, x19\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adc	x11, x11, xzr\n\t"
-        "# A[2] * B[2]\n\t"
-        "mul	x3, x15, x20\n\t"
-        "adds	x9, x9, x3\n\t"
-        "umulh	x4, x15, x20\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "# A[3] * B[3]\n\t"
-        "mul	x3, x16, x21\n\t"
-        "adcs	x11, x11, x3\n\t"
-        "umulh	x12, x16, x21\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# A[0] * B[3]\n\t"
-        "mul	x3, x13, x21\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x13, x21\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# A[2] * B[3]\n\t"
-        "mul	x3, x15, x21\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x15, x21\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# A[3] * B[0]\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# A[3] * B[2]\n\t"
-        "mul	x3, x16, x20\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x16, x20\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "stp	x5, x6, [%[r], 0]\n\t"
-        "stp	x7, x8, [%[r], 16]\n\t"
-        "stp	x9, x10, [%[r], 32]\n\t"
-        "stp	x11, x12, [%[r], 48]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_4(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "# A[0] * A[1]\n\t"
-        "umulh	x6, x12, x13\n\t"
-        "mul	x5, x12, x13\n\t"
-        "# A[0] * A[3]\n\t"
-        "umulh	x8, x12, x15\n\t"
-        "mul	x7, x12, x15\n\t"
-        "# A[0] * A[2]\n\t"
-        "mul	x2, x12, x14\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x12, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# A[1] * A[3]\n\t"
-        "mul	x2, x13, x15\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x9, x9, xzr\n\t"
-        "# A[1] * A[2]\n\t"
-        "mul	x2, x13, x14\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x13, x14\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# A[2] * A[3]\n\t"
-        "mul	x2, x14, x15\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x10, x14, x15\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# Double\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[0] * A[0]\n\t"
-        "umulh	x3, x12, x12\n\t"
-        "mul	x4, x12, x12\n\t"
-        "# A[1] * A[1]\n\t"
-        "mul	x2, x13, x13\n\t"
-        "adds	x5, x5, x3\n\t"
-        "umulh	x3, x13, x13\n\t"
-        "adcs	x6, x6, x2\n\t"
-        "# A[2] * A[2]\n\t"
-        "mul	x2, x14, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "umulh	x3, x14, x14\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "# A[3] * A[3]\n\t"
-        "mul	x2, x15, x15\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x3, x15, x15\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "adc	x11, x11, x3\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "stp	x8, x9, [%[r], 32]\n\t"
-        "stp	x10, x11, [%[r], 48]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_256_add_4(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_256_sub_4(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- */
-static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int64_t t[8];
-    int64_t a32[8];
-    int64_t o;
-
-    (void)m;
-
-    a32[0] = (int64_t)(a[0] & 0xffffffff);
-    a32[1] = (int64_t)(a[0] >> 32);
-    a32[2] = (int64_t)(a[1] & 0xffffffff);
-    a32[3] = (int64_t)(a[1] >> 32);
-    a32[4] = (int64_t)(a[2] & 0xffffffff);
-    a32[5] = (int64_t)(a[2] >> 32);
-    a32[6] = (int64_t)(a[3] & 0xffffffff);
-    a32[7] = (int64_t)(a[3] >> 32);
-
-    /*  1  1  0 -1 -1 -1 -1  0 */
-    t[0] = 0 + a32[0] + a32[1] - a32[3] - a32[4] - a32[5] - a32[6];
-    /*  0  1  1  0 -1 -1 -1 -1 */
-    t[1] = 0 + a32[1] + a32[2] - a32[4] - a32[5] - a32[6] - a32[7];
-    /*  0  0  1  1  0 -1 -1 -1 */
-    t[2] = 0 + a32[2] + a32[3] - a32[5] - a32[6] - a32[7];
-    /* -1 -1  0  2  2  1  0 -1 */
-    t[3] = 0 - a32[0] - a32[1] + 2 * a32[3] + 2 * a32[4] + a32[5] - a32[7];
-    /*  0 -1 -1  0  2  2  1  0 */
-    t[4] = 0 - a32[1] - a32[2] + 2 * a32[4] + 2 * a32[5] + a32[6];
-    /*  0  0 -1 -1  0  2  2  1 */
-    t[5] = 0 - a32[2] - a32[3] + 2 * a32[5] + 2 * a32[6] + a32[7];
-    /* -1 -1  0  0  0  1  3  2 */
-    t[6] = 0 - a32[0] - a32[1] + a32[5] + 3 * a32[6] + 2 * a32[7];
-    /*  1  0 -1 -1 -1 -1  0  3 */
-    t[7] = 0 + a32[0] - a32[2] - a32[3] - a32[4] - a32[5] + 3 * a32[7];
-
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    o     = t[7] >> 32; t[7] &= 0xffffffff;
-    t[0] += o;
-    t[3] -= o;
-    t[6] -= o;
-    t[7] += o;
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    o     = t[7] >> 32; t[7] &= 0xffffffff;
-    t[0] += o;
-    t[3] -= o;
-    t[6] -= o;
-    t[7] += o;
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    r[0] = (sp_digit)((t[1] << 32) | t[0]);
-    r[1] = (sp_digit)((t[3] << 32) | t[2]);
-    r[2] = (sp_digit)((t[5] << 32) | t[4]);
-    r[3] = (sp_digit)((t[7] << 32) | t[6]);
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_4(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 4, pm->x);
-    sp_256_from_mp(p->y, 4, pm->y);
-    sp_256_from_mp(p->z, 4, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 4);
-        r->used = 4;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 4; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 4; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_4(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_256_cond_copy_4(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[r], 0]\n\t"
-        "ldp	x7, x8, [%[a], 0]\n\t"
-        "eor	x7, x7, x3\n\t"
-        "ldp	x5, x6, [%[r], 16]\n\t"
-        "eor	x8, x8, x4\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "eor	x9, x9, x5\n\t"
-        "eor	x10, x10, x6\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "eor	x3, x3, x7\n\t"
-        "eor	x4, x4, x8\n\t"
-        "eor	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "eor	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    (void)m;
-    (void)mp;
-
-    __asm__ __volatile__ (
-        "ldp	x13, x14, [%[a], 0]\n\t"
-        "ldp	x15, x16, [%[a], 16]\n\t"
-        "ldp	x17, x19, [%[b], 0]\n\t"
-        "ldp	x20, x21, [%[b], 16]\n\t"
-        "# A[0] * B[0]\n\t"
-        "umulh	x6, x13, x17\n\t"
-        "mul	x5, x13, x17\n\t"
-        "# A[2] * B[0]\n\t"
-        "umulh	x8, x15, x17\n\t"
-        "mul	x7, x15, x17\n\t"
-        "# A[1] * B[0]\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "# A[0] * B[2]\n\t"
-        "mul	x3, x13, x20\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x13, x20\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# A[1] * B[3]\n\t"
-        "mul	x9, x14, x21\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "umulh	x10, x14, x21\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# A[0] * B[1]\n\t"
-        "mul	x3, x13, x19\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x13, x19\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "# A[2] * B[1]\n\t"
-        "mul	x3, x15, x19\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "umulh	x4, x15, x19\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# A[1] * B[2]\n\t"
-        "mul	x3, x14, x20\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x14, x20\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[1] * B[1]\n\t"
-        "mul	x3, x14, x19\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x14, x19\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# A[3] * B[1]\n\t"
-        "mul	x3, x16, x19\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x4, x16, x19\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adc	x11, x11, xzr\n\t"
-        "# A[2] * B[2]\n\t"
-        "mul	x3, x15, x20\n\t"
-        "adds	x9, x9, x3\n\t"
-        "umulh	x4, x15, x20\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "# A[3] * B[3]\n\t"
-        "mul	x3, x16, x21\n\t"
-        "adcs	x11, x11, x3\n\t"
-        "umulh	x12, x16, x21\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# A[0] * B[3]\n\t"
-        "mul	x3, x13, x21\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x13, x21\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# A[2] * B[3]\n\t"
-        "mul	x3, x15, x21\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x15, x21\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# A[3] * B[0]\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# A[3] * B[2]\n\t"
-        "mul	x3, x16, x20\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x16, x20\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "mov	x3, x5\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# Start Reduction\n\t"
-        "mov	x4, x6\n\t"
-        "mov	x13, x7\n\t"
-        "# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
-        "#    - a[0] << 32 << 192\n\t"
-        "#   + (a[0] * 2) << 192\n\t"
-        "#   a[0]-a[2] << 32\n\t"
-        "lsl	x15, x5, #32\n\t"
-        "extr	x17, x7, x6, 32\n\t"
-        "add	x14, x8, x5\n\t"
-        "extr	x16, x6, x5, 32\n\t"
-        "add	x14, x14, x5\n\t"
-        "#   + a[0]-a[2] << 32 << 64\n\t"
-        "#   - a[0] << 32 << 192\n\t"
-        "adds	x4, x4, x15\n\t"
-        "sub	x14, x14, x15\n\t"
-        "adcs	x13, x13, x16\n\t"
-        "adc	x14, x14, x17\n\t"
-        "# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
-        "#   a += mu << 256\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adcs	x11, x11, x13\n\t"
-        "adcs	x12, x12, x14\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "#   a += mu << 192\n\t"
-        "# mu <<= 32\n\t"
-        "#   a += (mu << 32) << 64\n\t"
-        "adds	x8, x8, x3\n\t"
-        "extr	x16, x14, x13, 32\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "extr	x15, x13, x4, 32\n\t"
-        "adcs	x10, x10, x13\n\t"
-        "extr	x4, x4, x3, 32\n\t"
-        "adcs	x11, x11, x14\n\t"
-        "lsl  x3, x3, 32\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        "adds	x6, x6, x3\n\t"
-        "lsr	x17, x14, 32\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "adcs	x8, x8, x15\n\t"
-        "adcs	x9, x9, x16\n\t"
-        "adcs	x10, x10, x17\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, x13\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#   a -= (mu << 32) << 192\n\t"
-        "subs	x8, x8, x3\n\t"
-        "sbcs	x9, x9, x4\n\t"
-        "sbcs	x10, x10, x15\n\t"
-        "sbcs	x11, x11, x16\n\t"
-        "sbcs	x12, x12, x17\n\t"
-        "sbc	x5, x5, xzr\n\t"
-        "neg	x5, x5\n\t"
-        "# mask m and sub from result if overflow\n\t"
-        "#  m[0] = -1 & mask = mask\n\t"
-        "subs	x9, x9, x5\n\t"
-        "#  m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
-        "lsr	x16, x5, 32\n\t"
-        "sbcs	x10, x10, x16\n\t"
-        "sub	x17, xzr, x16\n\t"
-        "#  m[2] =  0 & mask = 0\n\t"
-        "sbcs	x11, x11, xzr\n\t"
-        "stp	x9, x10, [%[r], 0]\n\t"
-        "#  m[3] =  0xffffffff00000001 & mask\n\t"
-        "sbc	x12, x12, x17\n\t"
-        "stp	x11, x12, [%[r], 16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-}
-
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-{
-    (void)m;
-    (void)mp;
-
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "# A[0] * A[1]\n\t"
-        "umulh	x6, x12, x13\n\t"
-        "mul	x5, x12, x13\n\t"
-        "# A[0] * A[3]\n\t"
-        "umulh	x8, x12, x15\n\t"
-        "mul	x7, x12, x15\n\t"
-        "# A[0] * A[2]\n\t"
-        "mul	x2, x12, x14\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x12, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# A[1] * A[3]\n\t"
-        "mul	x2, x13, x15\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x9, x9, xzr\n\t"
-        "# A[1] * A[2]\n\t"
-        "mul	x2, x13, x14\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x13, x14\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# A[2] * A[3]\n\t"
-        "mul	x2, x14, x15\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x10, x14, x15\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# Double\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[0] * A[0]\n\t"
-        "umulh	x3, x12, x12\n\t"
-        "mul	x4, x12, x12\n\t"
-        "# A[1] * A[1]\n\t"
-        "mul	x2, x13, x13\n\t"
-        "adds	x5, x5, x3\n\t"
-        "umulh	x3, x13, x13\n\t"
-        "adcs	x6, x6, x2\n\t"
-        "# A[2] * A[2]\n\t"
-        "mul	x2, x14, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "umulh	x3, x14, x14\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "# A[3] * A[3]\n\t"
-        "mul	x2, x15, x15\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x3, x15, x15\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "mov	x2, x4\n\t"
-        "adc	x11, x11, x3\n\t"
-        "# Start Reduction\n\t"
-        "mov	x3, x5\n\t"
-        "mov	x12, x6\n\t"
-        "# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
-        "#    - a[0] << 32 << 192\n\t"
-        "#   + (a[0] * 2) << 192\n\t"
-        "#   a[0]-a[2] << 32\n\t"
-        "lsl	x14, x4, #32\n\t"
-        "extr	x16, x6, x5, 32\n\t"
-        "add	x13, x7, x4\n\t"
-        "extr	x15, x5, x4, 32\n\t"
-        "add	x13, x13, x4\n\t"
-        "#   + a[0]-a[2] << 32 << 64\n\t"
-        "#   - a[0] << 32 << 192\n\t"
-        "adds	x3, x3, x14\n\t"
-        "sub	x13, x13, x14\n\t"
-        "adcs	x12, x12, x15\n\t"
-        "adc	x13, x13, x16\n\t"
-        "# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
-        "#   a += mu << 256\n\t"
-        "adds	x8, x8, x2\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "adcs	x10, x10, x12\n\t"
-        "adcs	x11, x11, x13\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "#   a += mu << 192\n\t"
-        "# mu <<= 32\n\t"
-        "#   a += (mu << 32) << 64\n\t"
-        "adds	x7, x7, x2\n\t"
-        "extr	x15, x13, x12, 32\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "extr	x14, x12, x3, 32\n\t"
-        "adcs	x9, x9, x12\n\t"
-        "extr	x3, x3, x2, 32\n\t"
-        "adcs	x10, x10, x13\n\t"
-        "lsl  x2, x2, 32\n\t"
-        "adc	x12, xzr, xzr\n\t"
-        "adds	x5, x5, x2\n\t"
-        "lsr	x16, x13, 32\n\t"
-        "adcs	x6, x6, x3\n\t"
-        "adcs	x7, x7, x14\n\t"
-        "adcs	x8, x8, x15\n\t"
-        "adcs	x9, x9, x16\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adcs	x11, x11, x12\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#   a -= (mu << 32) << 192\n\t"
-        "subs	x7, x7, x2\n\t"
-        "sbcs	x8, x8, x3\n\t"
-        "sbcs	x9, x9, x14\n\t"
-        "sbcs	x10, x10, x15\n\t"
-        "sbcs	x11, x11, x16\n\t"
-        "sbc	x4, x4, xzr\n\t"
-        "neg	x4, x4\n\t"
-        "# mask m and sub from result if overflow\n\t"
-        "#  m[0] = -1 & mask = mask\n\t"
-        "subs	x8, x8, x4\n\t"
-        "#  m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
-        "lsr	x15, x4, 32\n\t"
-        "sbcs	x9, x9, x15\n\t"
-        "sub	x16, xzr, x15\n\t"
-        "#  m[2] =  0 & mask = 0\n\t"
-        "sbcs	x10, x10, xzr\n\t"
-        "stp	x8, x9, [%[r], 0]\n\t"
-        "#  m[3] =  0xffffffff00000001 & mask\n\t"
-        "sbc	x11, x11, x16\n\t"
-        "stp	x10, x11, [%[r], 16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
-    );
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_4(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_4(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word64 p256_mod_minus_2[4] = {
-    0xfffffffffffffffdU,0x00000000ffffffffU,0x0000000000000000U,
-    0xffffffff00000001U
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 4);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_4(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_256_mont_mul_4(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 4);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 4;
-    sp_digit* t3 = td + 4 * 4;
-    /* 0x2 */
-    sp_256_mont_sqr_4(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_4(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_4(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_4(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_4(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_4(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_4(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_4(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_4(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_4(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_4(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_4(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_4(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_256_cmp_4(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #4\n\t"
-        "add	%[a], %[a], #16\n\t"
-        "add	%[b], %[b], #16\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_256_norm_4(a)
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_256_cond_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x10, x11, [%[a], 0]\n\t"
-        "ldp	x12, x13, [%[a], 16]\n\t"
-        "ldp	x14, x15, [%[a], 32]\n\t"
-        "ldp	x16, x17, [%[a], 48]\n\t"
-        "mov	x3, x10\n\t"
-        "# Start Reduction\n\t"
-        "mov	x4, x11\n\t"
-        "mov	x5, x12\n\t"
-        "# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
-        "#    - a[0] << 32 << 192\n\t"
-        "#   + (a[0] * 2) << 192\n\t"
-        "#   a[0]-a[2] << 32\n\t"
-        "lsl	x7, x10, #32\n\t"
-        "extr	x9, x12, x11, 32\n\t"
-        "add	x6, x13, x10\n\t"
-        "extr	x8, x11, x10, 32\n\t"
-        "add	x6, x6, x10\n\t"
-        "#   + a[0]-a[2] << 32 << 64\n\t"
-        "#   - a[0] << 32 << 192\n\t"
-        "adds	x4, x4, x7\n\t"
-        "sub	x6, x6, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adc	x6, x6, x9\n\t"
-        "# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
-        "#   a += mu << 256\n\t"
-        "adds	x14, x14, x3\n\t"
-        "adcs	x15, x15, x4\n\t"
-        "adcs	x16, x16, x5\n\t"
-        "adcs	x17, x17, x6\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        "#   a += mu << 192\n\t"
-        "# mu <<= 32\n\t"
-        "#   a += (mu << 32) << 64\n\t"
-        "adds	x13, x13, x3\n\t"
-        "extr	x8, x6, x5, 32\n\t"
-        "adcs	x14, x14, x4\n\t"
-        "extr	x7, x5, x4, 32\n\t"
-        "adcs	x15, x15, x5\n\t"
-        "extr	x4, x4, x3, 32\n\t"
-        "adcs	x16, x16, x6\n\t"
-        "lsl  x3, x3, 32\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x11, x11, x3\n\t"
-        "lsr	x9, x6, 32\n\t"
-        "adcs	x12, x12, x4\n\t"
-        "adcs	x13, x13, x7\n\t"
-        "adcs	x14, x14, x8\n\t"
-        "adcs	x15, x15, x9\n\t"
-        "adcs	x16, x16, xzr\n\t"
-        "adcs	x17, x17, x5\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "#   a -= (mu << 32) << 192\n\t"
-        "subs	x13, x13, x3\n\t"
-        "sbcs	x14, x14, x4\n\t"
-        "sbcs	x15, x15, x7\n\t"
-        "sbcs	x16, x16, x8\n\t"
-        "sbcs	x17, x17, x9\n\t"
-        "sbc	x10, x10, xzr\n\t"
-        "neg	x10, x10\n\t"
-        "# mask m and sub from result if overflow\n\t"
-        "#  m[0] = -1 & mask = mask\n\t"
-        "subs	x14, x14, x10\n\t"
-        "#  m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
-        "lsr	x8, x10, 32\n\t"
-        "sbcs	x15, x15, x8\n\t"
-        "sub	x9, xzr, x8\n\t"
-        "#  m[2] =  0 & mask = 0\n\t"
-        "sbcs	x16, x16, xzr\n\t"
-        "stp	x14, x15, [%[a], 0]\n\t"
-        "#  m[3] =  0xffffffff00000001 & mask\n\t"
-        "sbc	x17, x17, x9\n\t"
-        "stp	x16, x17, [%[a], 16]\n\t"
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x19", "x20", "cc"
-    );
-}
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_4(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_int64 n;
-
-    sp_256_mont_inv_4(t1, p->z, t + 2*4);
-
-    sp_256_mont_sqr_4(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_4(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 4, 0, sizeof(sp_digit) * 4U);
-    sp_256_mont_reduce_4(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_4(r->x, p256_mod);
-    sp_256_cond_sub_4(r->x, r->x, p256_mod, (sp_digit)~(n >> 63));
-    sp_256_norm_4(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_4(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 4, 0, sizeof(sp_digit) * 4U);
-    sp_256_mont_reduce_4(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_4(r->y, p256_mod);
-    sp_256_cond_sub_4(r->y, r->y, p256_mod, (sp_digit)~(n >> 63));
-    sp_256_norm_4(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a]]\n\t"
-        "ldp	x5, x6, [%[a],16]\n\t"
-        "lsl	x9, x3, #1\n\t"
-        "extr	x10, x4, x3, #63\n\t"
-        "extr	x11, x5, x4, #63\n\t"
-        "asr	x13, x6, #63\n\t"
-        "extr	x12, x6, x5, #63\n\t"
-        "subs	x9, x9, x13\n\t"
-        "lsr	x7, x13, 32\n\t"
-        "sbcs	x10, x10, x7\n\t"
-        "sub	x8, xzr, x7\n\t"
-        "sbcs	x11, x11, xzr\n\t"
-        "sbcs	x12, x12, x8\n\t"
-        "sbc	x8, xzr, xzr\n\t"
-        "sub	x13, x13, x8\n\t"
-        "subs	x9, x9, x13\n\t"
-        "lsr	x7, x13, 32\n\t"
-        "sbcs	x10, x10, x7\n\t"
-        "sub	x8, xzr, x7\n\t"
-        "sbcs	x11, x11, xzr\n\t"
-        "stp	x9, x10, [%[r],0]\n\t"
-        "sbc	x12, x12, x8\n\t"
-        "stp	x11, x12, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x13", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    (void)m;
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x9, x10, [%[a]]\n\t"
-        "ldp	x11, x12, [%[a], 16]\n\t"
-        "lsl	x3, x9, #1\n\t"
-        "extr	x4, x10, x9, #63\n\t"
-        "extr	x5, x11, x10, #63\n\t"
-        "asr	x13, x12, #63\n\t"
-        "extr	x6, x12, x11, #63\n\t"
-        "subs	x3, x3, x13\n\t"
-        "lsr	x7, x13, 32\n\t"
-        "sbcs	x4, x4, x7\n\t"
-        "sub	x8, xzr, x7\n\t"
-        "sbcs	x5, x5, xzr\n\t"
-        "sbcs	x6, x6, x8\n\t"
-        "neg	x13, x13\n\t"
-        "sbc	x13, x13, xzr\n\t"
-        "adds	x3, x3, x9\n\t"
-        "adcs	x4, x4, x10\n\t"
-        "adcs	x5, x5, x11\n\t"
-        "adcs	x6, x6, x12\n\t"
-        "adc	x13, x13, xzr\n\t"
-        "neg	x13, x13\n\t"
-        "subs	x3, x3, x13, asr #1\n\t"
-        "lsr	x7, x13, 32\n\t"
-        "sbcs	x4, x4, x7\n\t"
-        "sub	x8, xzr, x7\n\t"
-        "sbcs	x5, x5, xzr\n\t"
-        "sbcs	x6, x6, x8\n\t"
-        "sbc	x8, xzr, xzr\n\t"
-        "sub	x13, x13, x8\n\t"
-        "subs	x3, x3, x13\n\t"
-        "lsr	x7, x13, 32\n\t"
-        "sbcs	x4, x4, x7\n\t"
-        "sub	x8, xzr, x7\n\t"
-        "sbcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r],0]\n\t"
-        "sbc	x6, x6, x8\n\t"
-        "stp	x5, x6, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x9", "x10", "x11", "x12", "x3", "x4", "x5", "x6", "x7", "x8", "x13", "cc"
-    );
-
-    (void)m;
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "subs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "sbcs	x7, x7, x11\n\t"
-        "sbc	x14, xzr, xzr\n\t"
-        "adds	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adcs	x7, x7, x13\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x4, x5, [%[r],0]\n\t"
-        "adc	x7, x7, x13\n\t"
-        "stp	x6, x7, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-
-    (void)m;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp   x3, x4, [%[a], 0]\n\t"
-        "ldp   x5, x6, [%[a], 16]\n\t"
-        "sbfx  x8, x3, 0, 1\n\t"
-        "adds      x3, x3, x8\n\t"
-        "lsr       x7, x8, 32\n\t"
-        "adcs      x4, x4, x7\n\t"
-        "sub       x8, xzr, x7\n\t"
-        "adcs      x5, x5, xzr\n\t"
-        "extr      x3, x4, x3, 1\n\t"
-        "adcs      x6, x6, x8\n\t"
-        "extr  x4, x5, x4, 1\n\t"
-        "adc   x9, xzr, xzr\n\t"
-        "extr  x5, x6, x5, 1\n\t"
-        "extr  x6, x9, x6, 1\n\t"
-        "stp   x3, x4, [%[r], 0]\n\t"
-        "stp   x5, x6, [%[r], 16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x9", "x8", "cc"
-    );
-}
-
-/* Double number and subtract (r = (a - 2.b) % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_rsb_sub_dbl_4(sp_digit* r,
-    const sp_digit* a, sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[b]]\n\t"
-        "ldp	x10, x11, [%[b],16]\n\t"
-        "lsl	x15, x8, #1\n\t"
-        "extr	x16, x9, x8, #63\n\t"
-        "extr	x17, x10, x9, #63\n\t"
-        "asr	x14, x11, #63\n\t"
-        "extr	x19, x11, x10, #63\n\t"
-        "ldp	x4, x5, [%[a]]\n\t"
-        "ldp	x6, x7, [%[a],16]\n\t"
-        "subs	x15, x15, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "sbcs	x16, x16, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "sbcs	x17, x17, xzr\n\t"
-        "sbcs	x19, x19, x13\n\t"
-        "neg	x14, x14\n\t"
-        "sbc	x14, x14, xzr\n\t"
-        "subs	x15, x4, x15\n\t"
-        "sbcs	x16, x5, x16\n\t"
-        "sbcs	x17, x6, x17\n\t"
-        "sbcs	x19, x7, x19\n\t"
-        "sbc	x14, xzr, x14\n\t"
-        "adds	x15, x15, x14, asr #1\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x16, x16, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "adcs	x19, x19, x13\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x15, x15, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x16, x16, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "stp	x15, x16, [%[r],0]\n\t"
-        "adc	x19, x19, x13\n\t"
-        "stp	x17, x19, [%[r],16]\n\t"
-        "subs	x15, x8, x15\n\t"
-        "sbcs	x16, x9, x16\n\t"
-        "sbcs	x17, x10, x17\n\t"
-        "sbcs	x19, x11, x19\n\t"
-        "sbc	x14, xzr, xzr\n\t"
-        "adds	x15, x15, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x16, x16, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "adcs	x19, x19, x13\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x15, x15, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x16, x16, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "stp	x15, x16, [%[b],0]\n\t"
-        "adc	x19, x19, x13\n\t"
-        "stp	x17, x19, [%[b],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "cc"
-    );
-
-    (void)m;
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * ra  Result of addition.
- * rs  Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_add_sub_4(sp_digit* ra,
-    sp_digit* rs, const sp_digit* a, const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "adds	x14, x4, x8\n\t"
-        "adcs	x15, x5, x9\n\t"
-        "adcs	x16, x6, x10\n\t"
-        "adcs	x17, x7, x11\n\t"
-        "csetm	x19, cs\n\t"
-        "subs	x14, x14, x19\n\t"
-        "lsr	x12, x19, 32\n\t"
-        "sbcs	x15, x15, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "sbcs	x16, x16, xzr\n\t"
-        "sbcs	x17, x17, x13\n\t"
-        "sbc	x13, xzr, xzr\n\t"
-        "sub	x19, x19, x13\n\t"
-        "subs	x14, x14, x19\n\t"
-        "lsr	x12, x19, 32\n\t"
-        "sbcs	x15, x15, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "sbcs	x16, x16, xzr\n\t"
-        "stp	x14, x15, [%[ra],0]\n\t"
-        "sbc	x17, x17, x13\n\t"
-        "stp	x16, x17, [%[ra],16]\n\t"
-        "subs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "sbcs	x7, x7, x11\n\t"
-        "sbc	x19, xzr, xzr\n\t"
-        "adds	x4, x4, x19\n\t"
-        "lsr	x12, x19, 32\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adcs	x7, x7, x13\n\t"
-        "adc	x19, x19, xzr\n\t"
-        "adds	x4, x4, x19\n\t"
-        "lsr	x12, x19, 32\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x4, x5, [%[rs],0]\n\t"
-        "adc	x7, x7, x13\n\t"
-        "stp	x6, x7, [%[rs],16]\n\t"
-        :
-        : [ra] "r" (ra), [rs] "r" (rs), [a] "r" (a), [b] "r" (b)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x19", "x14", "x15", "x16", "x17", "cc"
-    );
-
-    (void)m;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_4(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_4(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_4(z, z, p256_mod);
-    /* T1/T2 = X +/- T1 */
-    sp_256_mont_add_sub_4(t1, t2, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_4(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_4(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_4(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_4(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_4(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_4(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_4(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - 2*Y */
-    /* Y = Y - X */
-    sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_4(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_4(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_4_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_4_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_4_ctx* ctx = (sp_256_proj_point_dbl_4_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*4;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_4(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_4(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_4(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T1/T2 = X +/- T1 */
-        sp_256_mont_add_sub_4(ctx->t1, ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_4(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_4(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_4(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_4(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_4(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_4(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_4(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_4(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - 2*Y */
-        /* Y = Y - X */
-        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        ctx->state = 16;
-        break;
-    case 16:
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_4(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_4(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*4;
-    sp_digit* b = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_4(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_4(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_4(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_dbl_4(b, b, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_4(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_4(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_4(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_dbl_4(b, b, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_4(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_4(y, y, p256_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_4(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_4(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_4(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*4;
-    sp_digit* t2 = t + 4*4;
-    sp_digit* t3 = t + 6*4;
-    sp_digit* t4 = t + 8*4;
-    sp_digit* t5 = t + 10*4;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_4(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_4(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_4(t2, t1) &
-            sp_256_cmp_equal_4(t4, t3)) {
-        sp_256_proj_point_dbl_4(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_4(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_4(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(x, x, t5, p256_mod);
-        sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
-        sp_256_mont_mul_4(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, y, t5, p256_mod);
-{
-    __asm__ __volatile__ (
-        "ldrsw	x10, [%[p], #192]\n\t"
-        "ldrsw	x11, [%[q], #192]\n\t"
-        "ldp	x12, x13, [%[x], #0]\n\t"
-        "ldp	x14, x15, [%[x], #16]\n\t"
-        "ldp	x16, x17, [%[y], #0]\n\t"
-        "ldp	x19, x20, [%[y], #16]\n\t"
-        "ldp	x21, x22, [%[z], #0]\n\t"
-        "ldp	x23, x24, [%[z], #16]\n\t"
-        "bics	xzr, x11, x10\n\t"
-        "ldp	x25, x26, [%[p], #0]\n\t"
-        "ldp	x27, x28, [%[p], #16]\n\t"
-        "csel	x12, x12, x25, eq\n\t"
-        "csel	x13, x13, x26, eq\n\t"
-        "csel	x14, x14, x27, eq\n\t"
-        "csel	x15, x15, x28, eq\n\t"
-        "ldp	x25, x26, [%[p], #64]\n\t"
-        "ldp	x27, x28, [%[p], #80]\n\t"
-        "csel	x16, x16, x25, eq\n\t"
-        "csel	x17, x17, x26, eq\n\t"
-        "csel	x19, x19, x27, eq\n\t"
-        "csel	x20, x20, x28, eq\n\t"
-        "ldp	x25, x26, [%[p], #128]\n\t"
-        "ldp	x27, x28, [%[p], #144]\n\t"
-        "csel	x21, x21, x25, eq\n\t"
-        "csel	x22, x22, x26, eq\n\t"
-        "csel	x23, x23, x27, eq\n\t"
-        "csel	x24, x24, x28, eq\n\t"
-        "bics	xzr, x10, x11\n\t"
-        "and	x10, x10, x11\n\t"
-        "ldp	x25, x26, [%[q], #0]\n\t"
-        "ldp	x27, x28, [%[q], #16]\n\t"
-        "csel	x12, x12, x25, eq\n\t"
-        "csel	x13, x13, x26, eq\n\t"
-        "csel	x14, x14, x27, eq\n\t"
-        "csel	x15, x15, x28, eq\n\t"
-        "ldp	x25, x26, [%[q], #64]\n\t"
-        "ldp	x27, x28, [%[q], #80]\n\t"
-        "csel	x16, x16, x25, eq\n\t"
-        "csel	x17, x17, x26, eq\n\t"
-        "csel	x19, x19, x27, eq\n\t"
-        "csel	x20, x20, x28, eq\n\t"
-        "ldp	x25, x26, [%[q], #128]\n\t"
-        "ldp	x27, x28, [%[q], #144]\n\t"
-        "csel	x21, x21, x25, eq\n\t"
-        "csel	x22, x22, x26, eq\n\t"
-        "csel	x23, x23, x27, eq\n\t"
-        "csel	x24, x24, x28, eq\n\t"
-        "orr	x21, x21, x10\n\t"
-        "stp	x12, x13, [%[r], #0]\n\t"
-        "stp	x14, x15, [%[r], #16]\n\t"
-        "stp	x16, x17, [%[r], #64]\n\t"
-        "stp	x19, x20, [%[r], #80]\n\t"
-        "stp	x21, x22, [%[r], #128]\n\t"
-        "stp	x23, x24, [%[r], #144]\n\t"
-        "str	w10, [%[r], #192]\n\t"
-        :
-        : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (x),
-          [y] "r" (y), [z] "r" (z)
-        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
-          "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
-          "cc"
-    );
-}
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_4_ctx {
-    int state;
-    sp_256_proj_point_dbl_4_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_4_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_4_ctx* ctx = (sp_256_proj_point_add_4_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*4;
-        ctx->t2 = t + 4*4;
-        ctx->t3 = t + 6*4;
-        ctx->t4 = t + 8*4;
-        ctx->t5 = t + 10*4;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_4(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_4(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_4(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_4(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_4(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_4(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_4(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_4(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_4(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_4(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_4(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_4(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_4(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_4(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_4(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_4(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_4(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_4(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_4(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_4(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_4(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_4(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_4(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-{
-    __asm__ __volatile__ (
-        "ldrsw	x10, [%[p], #192]\n\t"
-        "ldrsw	x11, [%[q], #192]\n\t"
-        "ldp	x12, x13, [%[x], #0]\n\t"
-        "ldp	x14, x15, [%[x], #16]\n\t"
-        "ldp	x16, x17, [%[y], #0]\n\t"
-        "ldp	x19, x20, [%[y], #16]\n\t"
-        "ldp	x21, x22, [%[z], #0]\n\t"
-        "ldp	x23, x24, [%[z], #16]\n\t"
-        "bics	xzr, x11, x10\n\t"
-        "ldp	x25, x26, [%[p], #0]\n\t"
-        "ldp	x27, x28, [%[p], #16]\n\t"
-        "csel	x12, x12, x25, eq\n\t"
-        "csel	x13, x13, x26, eq\n\t"
-        "csel	x14, x14, x27, eq\n\t"
-        "csel	x15, x15, x28, eq\n\t"
-        "ldp	x25, x26, [%[p], #64]\n\t"
-        "ldp	x27, x28, [%[p], #80]\n\t"
-        "csel	x16, x16, x25, eq\n\t"
-        "csel	x17, x17, x26, eq\n\t"
-        "csel	x19, x19, x27, eq\n\t"
-        "csel	x20, x20, x28, eq\n\t"
-        "ldp	x25, x26, [%[p], #128]\n\t"
-        "ldp	x27, x28, [%[p], #144]\n\t"
-        "csel	x21, x21, x25, eq\n\t"
-        "csel	x22, x22, x26, eq\n\t"
-        "csel	x23, x23, x27, eq\n\t"
-        "csel	x24, x24, x28, eq\n\t"
-        "bics	xzr, x10, x11\n\t"
-        "and	x10, x10, x11\n\t"
-        "ldp	x25, x26, [%[q], #0]\n\t"
-        "ldp	x27, x28, [%[q], #16]\n\t"
-        "csel	x12, x12, x25, eq\n\t"
-        "csel	x13, x13, x26, eq\n\t"
-        "csel	x14, x14, x27, eq\n\t"
-        "csel	x15, x15, x28, eq\n\t"
-        "ldp	x25, x26, [%[q], #64]\n\t"
-        "ldp	x27, x28, [%[q], #80]\n\t"
-        "csel	x16, x16, x25, eq\n\t"
-        "csel	x17, x17, x26, eq\n\t"
-        "csel	x19, x19, x27, eq\n\t"
-        "csel	x20, x20, x28, eq\n\t"
-        "ldp	x25, x26, [%[q], #128]\n\t"
-        "ldp	x27, x28, [%[q], #144]\n\t"
-        "csel	x21, x21, x25, eq\n\t"
-        "csel	x22, x22, x26, eq\n\t"
-        "csel	x23, x23, x27, eq\n\t"
-        "csel	x24, x24, x28, eq\n\t"
-        "orr	x21, x21, x10\n\t"
-        "stp	x12, x13, [%[r], #0]\n\t"
-        "stp	x14, x15, [%[r], #16]\n\t"
-        "stp	x16, x17, [%[r], #64]\n\t"
-        "stp	x19, x20, [%[r], #80]\n\t"
-        "stp	x21, x22, [%[r], #128]\n\t"
-        "stp	x23, x24, [%[r], #144]\n\t"
-        "str	w10, [%[r], #192]\n\t"
-        :
-        : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (ctx->x),
-          [y] "r" (ctx->y), [z] "r" (ctx->z)
-        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
-          "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
-          "cc"
-    );
-}
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
-        const sp_point_256* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*4;
-    sp_digit* b = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<4; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<4; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<4; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_4(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_4(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(w, w, p256_mod, p256_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_4(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_dbl_4(b, b, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_4(r[j].z, z, y, p256_mod, p256_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_4(t1, t1, p256_mod, p256_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_4(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, y, t1, p256_mod);
-        /* Y = Y/2 */
-        sp_256_mont_div2_4(r[j].y, y, p256_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
-        sp_point_256* rs, const sp_point_256* p, const sp_point_256* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t1, xa, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_4(t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t4, t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_4(t3, t3, ya, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-    /* H = U2 - U1 */
-    sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-    /* RS/R = S2 +/ S1 */
-    sp_256_mont_add_sub_4(t6, t4, t4, t3, p256_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_256_mont_mul_4(za, za, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(za, za, t2, p256_mod, p256_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_256_mont_sqr_4(xa, t4, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(xs, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(ya, t1, t5, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(xa, xa, t5, p256_mod);
-    sp_256_mont_sub_4(xs, xs, t5, p256_mod);
-    sp_256_mont_dbl_4(t1, ya, p256_mod);
-    sp_256_mont_sub_4(xa, xa, t1, p256_mod);
-    sp_256_mont_sub_4(xs, xs, t1, p256_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_4(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_4(ya, ya, xa, p256_mod);
-    sp_256_mont_mul_4(ya, ya, t4, p256_mod, p256_mp_mod);
-    sp_256_sub_4(t6, p256_mod, t6);
-    sp_256_mont_mul_4(ys, ys, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(ya, ya, t5, p256_mod);
-    sp_256_mont_sub_4(ys, ys, t5, p256_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_256 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_256;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_4_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_4_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<43; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 64) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 64) {
-            n >>= 6;
-            if (++j < 4)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 4) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x3f);
-            o -= 58;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_4_6[y];
-        v[i].neg = recode_neg_4_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-SP_NOINLINE static void sp_256_get_point_33_4(sp_point_256* r,
-    const sp_point_256* table, int idx)
-{
-    __asm__ __volatile__ (
-        "mov	w30, #1\n\t"
-        "add	%[table], %[table], #200\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x15, x16, [%[table], #0]\n\t"
-        "ldp	x17, x19, [%[table], #16]\n\t"
-        "csel	x3, xzr, x15, ne\n\t"
-        "csel	x4, xzr, x16, ne\n\t"
-        "csel	x5, xzr, x17, ne\n\t"
-        "csel	x6, xzr, x19, ne\n\t"
-        "ldp	x15, x16, [%[table], #64]\n\t"
-        "ldp	x17, x19, [%[table], #80]\n\t"
-        "csel	x7, xzr, x15, ne\n\t"
-        "csel	x8, xzr, x16, ne\n\t"
-        "csel	x9, xzr, x17, ne\n\t"
-        "csel	x10, xzr, x19, ne\n\t"
-        "ldp	x15, x16, [%[table], #128]\n\t"
-        "ldp	x17, x19, [%[table], #144]\n\t"
-        "csel	x11, xzr, x15, ne\n\t"
-        "csel	x12, xzr, x16, ne\n\t"
-        "csel	x13, xzr, x17, ne\n\t"
-        "csel	x14, xzr, x19, ne\n\t"
-        "1:\n\t"
-        "add	%[table], %[table], #200\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x15, x16, [%[table], #0]\n\t"
-        "ldp	x17, x19, [%[table], #16]\n\t"
-        "csel	x3, x3, x15, ne\n\t"
-        "csel	x4, x4, x16, ne\n\t"
-        "csel	x5, x5, x17, ne\n\t"
-        "csel	x6, x6, x19, ne\n\t"
-        "ldp	x15, x16, [%[table], #64]\n\t"
-        "ldp	x17, x19, [%[table], #80]\n\t"
-        "csel	x7, x7, x15, ne\n\t"
-        "csel	x8, x8, x16, ne\n\t"
-        "csel	x9, x9, x17, ne\n\t"
-        "csel	x10, x10, x19, ne\n\t"
-        "ldp	x15, x16, [%[table], #128]\n\t"
-        "ldp	x17, x19, [%[table], #144]\n\t"
-        "csel	x11, x11, x15, ne\n\t"
-        "csel	x12, x12, x16, ne\n\t"
-        "csel	x13, x13, x17, ne\n\t"
-        "csel	x14, x14, x19, ne\n\t"
-        "cmp	w30, #33\n\t"
-        "b.ne	1b\n\t"
-        "stp	x3, x4, [%[r], #0]\n\t"
-        "stp	x5, x6, [%[r], #16]\n\t"
-        "stp	x7, x8, [%[r], #64]\n\t"
-        "stp	x9, x10, [%[r], #80]\n\t"
-        "stp	x11, x12, [%[r], #128]\n\t"
-        "stp	x13, x14, [%[r], #144]\n\t"
-       : [table] "+r" (table)
-       : [r] "r" (r), [idx] "r" (idx)
-       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
-    );
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 6);
-    sp_point_256* rt = NULL;
-    sp_point_256* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_256 v[43];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_4(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t[1].y, g->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t[1].z, g->z, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_256_proj_point_dbl_n_store_4(t, &t[ 1], 5, 1, tmp);
-        sp_256_proj_point_add_4(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[ 6], &t[ 3], tmp);
-        sp_256_proj_point_add_sub_4(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[10], &t[ 5], tmp);
-        sp_256_proj_point_add_sub_4(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[12], &t[ 6], tmp);
-        sp_256_proj_point_dbl_4(&t[14], &t[ 7], tmp);
-        sp_256_proj_point_add_sub_4(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[18], &t[ 9], tmp);
-        sp_256_proj_point_add_sub_4(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[20], &t[10], tmp);
-        sp_256_proj_point_dbl_4(&t[22], &t[11], tmp);
-        sp_256_proj_point_add_sub_4(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[24], &t[12], tmp);
-        sp_256_proj_point_dbl_4(&t[26], &t[13], tmp);
-        sp_256_proj_point_add_sub_4(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[28], &t[14], tmp);
-        sp_256_proj_point_dbl_4(&t[30], &t[15], tmp);
-        sp_256_proj_point_add_sub_4(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_256_ecc_recode_6_4(k, v);
-
-        i = 42;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_33_4(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_256));
-        }
-        for (--i; i>=0; i--) {
-            sp_256_proj_point_dbl_n_4(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_33_4(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_256));
-            }
-            sp_256_sub_4(negy, p256_mod, p->y);
-            sp_256_norm_4(negy);
-            sp_256_cond_copy_4(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_256_proj_point_add_4(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_256_map_4(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[4];
-    sp_digit y[4];
-} sp_table_entry_256;
-
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*4;
-    sp_digit* t6 = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* t4 = t + 8*4;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_4(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_4(p->x, t2) &
-            sp_256_cmp_equal_4(p->y, t4)) {
-        sp_256_proj_point_dbl_4(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_4(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_4(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_4(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_4(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-        sp_256_mont_rsb_sub_dbl_4(x, t2, t3, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_mul_4(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, t3, t1, p256_mod);
-{
-    __asm__ __volatile__ (
-        "ldrsw	x10, [%[p], #192]\n\t"
-        "ldrsw	x11, [%[q], #192]\n\t"
-        "ldp	x12, x13, [%[x], #0]\n\t"
-        "ldp	x14, x15, [%[x], #16]\n\t"
-        "ldp	x16, x17, [%[y], #0]\n\t"
-        "ldp	x19, x20, [%[y], #16]\n\t"
-        "ldp	x21, x22, [%[z], #0]\n\t"
-        "ldp	x23, x24, [%[z], #16]\n\t"
-        "bics	xzr, x11, x10\n\t"
-        "ldp	x25, x26, [%[p], #0]\n\t"
-        "ldp	x27, x28, [%[p], #16]\n\t"
-        "csel	x12, x12, x25, eq\n\t"
-        "csel	x13, x13, x26, eq\n\t"
-        "csel	x14, x14, x27, eq\n\t"
-        "csel	x15, x15, x28, eq\n\t"
-        "ldp	x25, x26, [%[p], #64]\n\t"
-        "ldp	x27, x28, [%[p], #80]\n\t"
-        "csel	x16, x16, x25, eq\n\t"
-        "csel	x17, x17, x26, eq\n\t"
-        "csel	x19, x19, x27, eq\n\t"
-        "csel	x20, x20, x28, eq\n\t"
-        "ldp	x25, x26, [%[p], #128]\n\t"
-        "ldp	x27, x28, [%[p], #144]\n\t"
-        "csel	x21, x21, x25, eq\n\t"
-        "csel	x22, x22, x26, eq\n\t"
-        "csel	x23, x23, x27, eq\n\t"
-        "csel	x24, x24, x28, eq\n\t"
-        "bics	xzr, x10, x11\n\t"
-        "and	x10, x10, x11\n\t"
-        "ldp	x25, x26, [%[q], #0]\n\t"
-        "ldp	x27, x28, [%[q], #16]\n\t"
-        "csel	x12, x12, x25, eq\n\t"
-        "csel	x13, x13, x26, eq\n\t"
-        "csel	x14, x14, x27, eq\n\t"
-        "csel	x15, x15, x28, eq\n\t"
-        "ldp	x25, x26, [%[q], #64]\n\t"
-        "ldp	x27, x28, [%[q], #80]\n\t"
-        "csel	x16, x16, x25, eq\n\t"
-        "csel	x17, x17, x26, eq\n\t"
-        "csel	x19, x19, x27, eq\n\t"
-        "csel	x20, x20, x28, eq\n\t"
-        "ldp	x25, x26, [%[q], #128]\n\t"
-        "ldp	x27, x28, [%[q], #144]\n\t"
-        "csel	x21, x21, x25, eq\n\t"
-        "csel	x22, x22, x26, eq\n\t"
-        "csel	x23, x23, x27, eq\n\t"
-        "csel	x24, x24, x28, eq\n\t"
-        "orr	x21, x21, x10\n\t"
-        "stp	x12, x13, [%[r], #0]\n\t"
-        "stp	x14, x15, [%[r], #16]\n\t"
-        "stp	x16, x17, [%[r], #64]\n\t"
-        "stp	x19, x20, [%[r], #80]\n\t"
-        "stp	x21, x22, [%[r], #128]\n\t"
-        "stp	x23, x24, [%[r], #144]\n\t"
-        "str	w10, [%[r], #192]\n\t"
-        :
-        : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (x),
-          [y] "r" (y), [z] "r" (z)
-        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
-          "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
-          "cc"
-    );
-}
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_4(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 4;
-    sp_digit* tmp = t + 4 * 4;
-
-    sp_256_mont_inv_4(t1, a->z, tmp);
-
-    sp_256_mont_sqr_4(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_4(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 42 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_4(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_4(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_4(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_256_proj_point_dbl_n_4(t, 43, tmp);
-            sp_256_proj_to_affine_4(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_4(t, s1, s2, tmp);
-                sp_256_proj_to_affine_4(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-SP_NOINLINE static void sp_256_get_entry_64_4(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    __asm__ __volatile__ (
-        "mov	w30, #1\n\t"
-        "add	%[table], %[table], #64\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x11, x12, [%[table], #0]\n\t"
-        "ldp	x13, x14, [%[table], #16]\n\t"
-        "ldp	x15, x16, [%[table], #32]\n\t"
-        "ldp	x17, x19, [%[table], #48]\n\t"
-        "csel	x3, xzr, x11, ne\n\t"
-        "csel	x4, xzr, x12, ne\n\t"
-        "csel	x5, xzr, x13, ne\n\t"
-        "csel	x6, xzr, x14, ne\n\t"
-        "csel	x7, xzr, x15, ne\n\t"
-        "csel	x8, xzr, x16, ne\n\t"
-        "csel	x9, xzr, x17, ne\n\t"
-        "csel	x10, xzr, x19, ne\n\t"
-        "1:\n\t"
-        "add	%[table], %[table], #64\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x11, x12, [%[table], #0]\n\t"
-        "ldp	x13, x14, [%[table], #16]\n\t"
-        "ldp	x15, x16, [%[table], #32]\n\t"
-        "ldp	x17, x19, [%[table], #48]\n\t"
-        "csel	x3, x3, x11, ne\n\t"
-        "csel	x4, x4, x12, ne\n\t"
-        "csel	x5, x5, x13, ne\n\t"
-        "csel	x6, x6, x14, ne\n\t"
-        "csel	x7, x7, x15, ne\n\t"
-        "csel	x8, x8, x16, ne\n\t"
-        "csel	x9, x9, x17, ne\n\t"
-        "csel	x10, x10, x19, ne\n\t"
-        "cmp	w30, #64\n\t"
-        "b.ne	1b\n\t"
-        "stp	x3, x4, [%[r], #0]\n\t"
-        "stp	x5, x6, [%[r], #16]\n\t"
-        "stp	x7, x8, [%[r], #64]\n\t"
-        "stp	x9, x10, [%[r], #80]\n\t"
-       : [table] "+r" (table)
-       : [r] "r" (r), [idx] "r" (idx)
-       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
-    );
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^42, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 42;
-        for (j=0; j<6 && x<256; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 43;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_64_4(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=41; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6 && x<256; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 43;
-            }
-
-            sp_256_proj_point_dbl_4(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_64_4(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_4(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_4(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[4];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[4];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[64];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_4(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_4(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_4(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_4(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 32 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_4(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_4(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_4(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_4(t, 32, tmp);
-            sp_256_proj_to_affine_4(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_4(t, s1, s2, tmp);
-                sp_256_proj_to_affine_4(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-SP_NOINLINE static void sp_256_get_entry_256_4(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    __asm__ __volatile__ (
-        "mov	w30, #1\n\t"
-        "add	%[table], %[table], #64\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x11, x12, [%[table], #0]\n\t"
-        "ldp	x13, x14, [%[table], #16]\n\t"
-        "ldp	x15, x16, [%[table], #32]\n\t"
-        "ldp	x17, x19, [%[table], #48]\n\t"
-        "csel	x3, xzr, x11, ne\n\t"
-        "csel	x4, xzr, x12, ne\n\t"
-        "csel	x5, xzr, x13, ne\n\t"
-        "csel	x6, xzr, x14, ne\n\t"
-        "csel	x7, xzr, x15, ne\n\t"
-        "csel	x8, xzr, x16, ne\n\t"
-        "csel	x9, xzr, x17, ne\n\t"
-        "csel	x10, xzr, x19, ne\n\t"
-        "1:\n\t"
-        "add	%[table], %[table], #64\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x11, x12, [%[table], #0]\n\t"
-        "ldp	x13, x14, [%[table], #16]\n\t"
-        "ldp	x15, x16, [%[table], #32]\n\t"
-        "ldp	x17, x19, [%[table], #48]\n\t"
-        "csel	x3, x3, x11, ne\n\t"
-        "csel	x4, x4, x12, ne\n\t"
-        "csel	x5, x5, x13, ne\n\t"
-        "csel	x6, x6, x14, ne\n\t"
-        "csel	x7, x7, x15, ne\n\t"
-        "csel	x8, x8, x16, ne\n\t"
-        "csel	x9, x9, x17, ne\n\t"
-        "csel	x10, x10, x19, ne\n\t"
-        "cmp	w30, #256\n\t"
-        "b.ne	1b\n\t"
-        "stp	x3, x4, [%[r], #0]\n\t"
-        "stp	x5, x6, [%[r], #16]\n\t"
-        "stp	x7, x8, [%[r], #64]\n\t"
-        "stp	x9, x10, [%[r], #80]\n\t"
-       : [table] "+r" (table)
-       : [r] "r" (r), [idx] "r" (idx)
-       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
-    );
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 31;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 32;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_256_4(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 32;
-            }
-
-            sp_256_proj_point_dbl_4(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_256_4(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_4(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_4(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[4];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[4];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_4(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_4(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_4(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_4(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 4);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 4, km);
-        sp_256_point_from_ecc_point_4(point, gm);
-
-            err = sp_256_ecc_mulmod_4(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 4 + 4 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4 + 4 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 4;
-
-        sp_256_from_mp(k, 4, km);
-        sp_256_point_from_ecc_point_4(point, gm);
-        sp_256_point_from_ecc_point_4(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_4(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_4(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_4(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifndef WC_NO_CACHE_RESISTANT
-/* Striping precomputation table.
- * 6 points combined into a table of 64 points.
- * Distance of 43 between points.
- */
-static const sp_table_entry_256 p256_table[64] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x79e730d418a9143cL,0x75ba95fc5fedb601L,0x79fb732b77622510L,
-        0x18905f76a53755c6L },
-      { 0xddf25357ce95560aL,0x8b4ab8e4ba19e45cL,0xd2e88688dd21f325L,
-        0x8571ff1825885d85L } },
-    /* 2 */
-    { { 0x8910507903605c39L,0xf0843d9ea142c96cL,0xf374493416923684L,
-        0x732caa2ffa0a2893L },
-      { 0xb2e8c27061160170L,0xc32788cc437fbaa3L,0x39cd818ea6eda3acL,
-        0xe2e942399e2b2e07L } },
-    /* 3 */
-    { { 0xb9c0d276abc3e190L,0x610e3d4dcb55b9caL,0xd16dbd025720f50aL,
-        0xd0ed73dca607de84L },
-      { 0x3bbde5bf49219fb5L,0x698e12c057771843L,0xdb606a9763470a5eL,
-        0x61c71975853635d5L } },
-    /* 4 */
-    { { 0xeb5ddcb6ec7fae9fL,0x995f2714efb66e5aL,0xdee95d8e69445d52L,
-        0x1b6c2d4609e27620L },
-      { 0x32621c318129d716L,0xb03909f10958c1aaL,0x8c468ef91af4af63L,
-        0x162c429ffba5cdf6L } },
-    /* 5 */
-    { { 0x4615d912c1d85f12L,0x1f0880b0e1f4e302L,0x336bcc896f1fca13L,
-        0xda59ad0dc70dedbcL },
-      { 0x3897efaeb0f62eceL,0xbaed81cdf4990cfdL,0xa3b1c2f260321bbbL,
-        0x2aefd95addc84f79L } },
-    /* 6 */
-    { { 0x2d427e3cee9e92e6L,0x43d40da0437fe629L,0x0006e4e06ab72b31L,
-        0x21ccfbb46f5c8e02L },
-      { 0x53a2f1a753e821ecL,0x5d72d201e209d591L,0xfd84a26445e8ad41L,
-        0x86ee0e684059cc6eL } },
-    /* 7 */
-    { { 0x3d8242d09248fce2L,0x32d4bf827f49f33dL,0x78807beb29d41fd1L,
-        0xfce48b99f8f562cbL },
-      { 0x72a7d4849f38f097L,0x1b482c10a37059adL,0xc1aa8284472e5ed3L,
-        0xc5d6f3bbef23e9c9L } },
-    /* 8 */
-    { { 0x23f949feb8a24a20L,0x17ebfed1f52ca53fL,0x9b691bbebcfb4853L,
-        0x5617ff6b6278a05dL },
-      { 0x241b34c5e3c99ebdL,0xfc64242e1784156aL,0x4206482f695d67dfL,
-        0xb967ce0eee27c011L } },
-    /* 9 */
-    { { 0x569aacdf9fc3df19L,0x0c6782c7c34c6fb2L,0xbb5f98b2c4ec873dL,
-        0x5578433b9fe9e475L },
-      { 0xfa14f3869ca84821L,0xb8ef658d39589501L,0x4022c48e07127b8eL,
-        0xcbc4dfe35402ea12L } },
-    /* 10 */
-    { { 0x092ef96a2ad408a3L,0xf1e1a4c4cfbc45a3L,0x966b2676efeecdeeL,
-        0xa0e2c6713a6216c5L },
-      { 0xcd6e22a292c4bf61L,0x56d99a11d830dfc7L,0xb8c612bd259de547L,
-        0x3d8e9a72e91f8ff7L } },
-    /* 11 */
-    { { 0x0b885e962352b4ffL,0x6be320d2a6545766L,0xbd22a444b9a59e72L,
-        0x2f2d32d6ccc55d7dL },
-      { 0xd86e4c4cddcec70bL,0x19cdb0e97a25c934L,0x542ade069ca97e28L,
-        0x58c5927c746517f7L } },
-    /* 12 */
-    { { 0x24abb0f08d087091L,0x6aa2c2ef51add8deL,0xc3e1cb4ccc2a2134L,
-        0x3563112895589212L },
-      { 0x3bf17d2a7984344bL,0xbcb6f7b2f8a142ccL,0xd6057d8a08ec9266L,
-        0x75c150d22852405aL } },
-    /* 13 */
-    { { 0xa8f88eb5a9fee73eL,0x72a84174576ea39bL,0x671fa0ade2692e7dL,
-        0x2556288596769f9eL },
-      { 0x254323bce850a6b0L,0x74b61c18fff6c89aL,0x2e7c563fcfae2690L,
-        0x2cf454b7164afb0fL } },
-    /* 14 */
-    { { 0xe312a5618f10f423L,0x59a1f1fff2b85df4L,0x56c5991941c48122L,
-        0x74953c1eae3d175fL },
-      { 0x4d767fc78859244cL,0xc486bc00719a4cc1L,0xdd282985df1c1787L,
-        0x1143301aae93c719L } },
-    /* 15 */
-    { { 0x7201a1d61fab7d71L,0x65931f5432cbbee8L,0x202955d3dcb387eeL,
-        0xa5045ba5c4678432L },
-      { 0xcfb5ee87dca85ff6L,0xdd25a7c6dfec0f67L,0xfee47169356a87c6L,
-        0x20a8f159c3d7ece9L } },
-    /* 16 */
-    { { 0xe4ac8b33070d3aabL,0x2643672b9a2cd5e5L,0x52eff79b1cfc9173L,
-        0x665ca49b90a7c13fL },
-      { 0x5a8dda59b3efb998L,0x8a5b922d052f1341L,0xae9ebbab3cf9a530L,
-        0x35986e7bf56da4d7L } },
-    /* 17 */
-    { { 0x21e07f9abc0a70c0L,0xecfdb3a2989a0182L,0x360682c0e40e8125L,
-        0x73a637952f837f32L },
-      { 0xf4eb8cef9c0d326bL,0xefb97fecebf4c7a5L,0xf9352123af3d5d7eL,
-        0xb71ef4ef34e22ab1L } },
-    /* 18 */
-    { { 0xd6bd0d810d488032L,0x1676df9971f0b92eL,0xa7acdcfcb6d215acL,
-        0x82461a26cd0ff939L },
-      { 0x827189c0b635d2e5L,0x18f3b6dda92f1622L,0x10d738aa05cef325L,
-        0x12c2a13f39bb0aa6L } },
-    /* 19 */
-    { { 0x5f94d8deb50b4e82L,0xbcd9144e34bd93e9L,0x61c3392107c08623L,
-        0xedec947e7e3de8eeL },
-      { 0x9d2da51d2f21b202L,0xc0c885cd96692a89L,0x4a613462a5e7309cL,
-        0x227788550f28dee6L } },
-    /* 20 */
-    { { 0x1ff0bd527695447aL,0x63534a4a42ae2627L,0xd96af0dad0cc09f2L,
-        0xb59ea545412d3e1aL },
-      { 0xd10518cf6a759072L,0xffeec37c10475dfdL,0xacbc29ccb25089c4L,
-        0xbf3dfc8521b6d4eeL } },
-    /* 21 */
-    { { 0x8f2eacfe49388995L,0x000fc8d4841be9edL,0x2ed8085a6955c290L,
-        0x1929cf606d8e176fL },
-      { 0x2efd26a5fd1a09dbL,0x58d767ad6cb626cdL,0x13a81b95b26c6e05L,
-        0x68fe61078f61832bL } },
-    /* 22 */
-    { { 0x4ad7de2e2d85c2f6L,0xcd552fcb510101a1L,0x638d122b02acdabfL,
-        0x117221e850bfd921L },
-      { 0x08571ee199a99129L,0xebd046d1ba2f03a9L,0x035ed7baa6f8a181L,
-        0x8aabf98d3187c6f3L } },
-    /* 23 */
-    { { 0xaf8e65cae3ab5f4eL,0x8b0b8b897561a69cL,0x37e83aa0b17c1e66L,
-        0xe894d84cf8d80edcL },
-      { 0xf1e465e7ce514e22L,0xc7fa324ca72340efL,0x08297fcae7370673L,
-        0x4f799682b119ae5eL } },
-    /* 24 */
-    { { 0x014d6bd8f180f206L,0x56640c8b7ab44f55L,0x9a39660d93f9a5b8L,
-        0xcac069e9959b68f1L },
-      { 0x2bf6b65e208d9918L,0xb7e45dfb3f943291L,0xad5770f0d439c712L,
-        0xfec635e17654d805L } },
-    /* 25 */
-    { { 0x37221cd13f031a88L,0xe4d53d2f0b5558d4L,0x2ede8e8fdafc51cdL,
-        0xb587284ca8a883eaL },
-      { 0xfa37674044fa5251L,0x5e5e18f95c5e3528L,0x8af51fac6e10b958L,
-        0x09be79032c429b30L } },
-    /* 26 */
-    { { 0x7a468ba47f29936dL,0xacbbe3657cfb8176L,0xe892c10a4db9cd5dL,
-        0xcb2f29d7a1aade8bL },
-      { 0x3087eef4efffcb14L,0x92a7f3ec2afe8f2eL,0x199d89b8136f29d2L,
-        0x3131604eb4836623L } },
-    /* 27 */
-    { { 0xf5cca5da31b5df76L,0x9431318676a4abc0L,0x5db8e6f71877c7c7L,
-        0x3ce3f5f96031ac99L },
-      { 0x585961d07e7cef80L,0x5ed6e841d424f16aL,0x18289cd056b16a49L,
-        0x8008d03b2e5770faL } },
-    /* 28 */
-    { { 0xc8c2af64254e39deL,0x783cea738582571cL,0x2f2f55f1a6edd971L,
-        0x7e00cc92c86bf30aL },
-      { 0xa0db735447d7491fL,0xb3eb751ca5b12260L,0x3bc39a23297fb234L,
-        0xd1330c20b8b4bfe4L } },
-    /* 29 */
-    { { 0xfb776af07824d53aL,0x04709096422dea35L,0x6f480b6b5fec3ac7L,
-        0xdb2b1b62e27edda4L },
-      { 0x0bba904cda78b494L,0x37ef59b691a147f7L,0xf880517726a4730aL,
-        0xecc9d79aa8ab368eL } },
-    /* 30 */
-    { { 0x628e05c185a4bd0eL,0xebf7b67800e244e8L,0xf645947b8b176eebL,
-        0xc92bf8301641ab35L },
-      { 0x7a039c1a21be7a6fL,0x11e4354d2fd4bd92L,0x42552422886fd224L,
-        0xdbf3194cc44ced37L } },
-    /* 31 */
-    { { 0x832da983c56f6b04L,0x7aaa84eb8ef098aeL,0x602e3eefa6a616a2L,
-        0xc2824ddcb7b717a3L },
-      { 0x19f50324ddb0a2e9L,0x04553a285bedfbbdL,0x37ea8b12aa1aee0aL,
-        0xc1844e79945959a1L } },
-    /* 32 */
-    { { 0x5043dea7e0f222c2L,0x309d42ac72e65142L,0x94fe9ddd9216cd30L,
-        0xd6539c7d0f87feecL },
-      { 0x03c5a57c432ac7d7L,0x72692cf0327fda10L,0xec28c85f280698deL,
-        0x2331fb467ec283b1L } },
-    /* 33 */
-    { { 0x651cfdeb43248e67L,0x2c3d72ceee561de8L,0xa48b8f33443dac8bL,
-        0xe6b042fe7991f986L },
-      { 0xd091636de810bcd2L,0xfc1e96aea97416d7L,0x2b6087cb2892694dL,
-        0x0f8ac2459985a628L } },
-    /* 34 */
-    { { 0x54e908747f2326a2L,0xce43dd44fa9e1131L,0x4b2c740cd3d2d948L,
-        0x9b0b126aa86e8b07L },
-      { 0x228ef320b77f5af2L,0x14fc8a01ca07661cL,0x1d72509ed34f1a3aL,
-        0xd169031729d9086eL } },
-    /* 35 */
-    { { 0x13e44acc03c5fe33L,0x13f4374e0105bbc6L,0x0cba5018cb4451b8L,
-        0xa1a38e4afa29a4e1L },
-      { 0x063fb9a8f4403917L,0x7afe108f996ea7f2L,0xec252363f93a1f87L,
-        0xc029c8117e432609L } },
-    /* 36 */
-    { { 0x25080c29486e548eL,0xdaa411327868ab32L,0x46891511d61d1a3aL,
-        0xc87f3f533efc8facL },
-      { 0x984f613ff3e31393L,0x10bb15f67648f5d2L,0xe4990f2bdefaa440L,
-        0xce647f03dd51c31dL } },
-    /* 37 */
-    { { 0x3161ebdd9c2c0abfL,0x48b7ee7bf497cf35L,0x9233e31d94dd9c97L,
-        0x4aef9a62c5d2988fL },
-      { 0x89a54161a03e6456L,0x9d25e003c1f02b47L,0x8784cdbfc1857782L,
-        0x7928cafd0222b49cL } },
-    /* 38 */
-    { { 0x5a591abdecf4ea23L,0xb2725e8a80bd9b8aL,0xf569679f29ff348bL,
-        0xa28163d36f22536aL },
-      { 0x89e7a8f621c43971L,0x60cbe4a1c4a09567L,0x41046c8f5928b03dL,
-        0x646feda7ef74a95aL } },
-    /* 39 */
-    { { 0x3aef6bc05d75d310L,0xf3e7f03c82476e5cL,0x9dcf3d508419b8a0L,
-        0x221a3885eaf07f07L },
-      { 0x16d533f337bdcb7dL,0xd778066bbb49550dL,0xf6f4540936c2600cL,
-        0x7544396fc1c61709L } },
-    /* 40 */
-    { { 0xf79f556fde08cd42L,0x7d0aba1ee13cadc8L,0x841d9df6d4d81fefL,
-        0x8f7ae1f2602d2043L },
-      { 0x950c4de4b57ee181L,0xfe51e045c55cf490L,0xdb60b56a1efdd0a8L,
-        0x276bccb3bf0fa497L } },
-    /* 41 */
-    { { 0x7926625b19e5a603L,0xf1b98e93e1bf712bL,0x933ecb52e33abeccL,
-        0x9ebfc506f826619bL },
-      { 0xd2965f67a1692c52L,0x8ac4012dfc4f9564L,0xa8af57036739f003L,
-        0x7dd2282dbc715e13L } },
-    /* 42 */
-    { { 0x3ec01587cf2bb490L,0x5346082c3f1ea428L,0xf2c679e26739e506L,
-        0xeab710d6930c28e4L },
-      { 0xe9947ff8e043249aL,0x63640678ad54b0e6L,0x8cde42591854eaafL,
-        0xf1feeaec6b25bdceL } },
-    /* 43 */
-    { { 0x49f7e8991bdd2aa2L,0x88fd273534e3cae9L,0x5ac0510182cbfea2L,
-        0x324c9d414cf84578L },
-      { 0xa242311719f13061L,0x69d67cf15f3b9932L,0x32ecdb3cdde2dfadL,
-        0x2f74d995b916f7a6L } },
-    /* 44 */
-    { { 0x35f7ed423d14bc68L,0x32f63a0445574f91L,0xd04108335e8801e7L,
-        0x63b6f13c1c9c1462L },
-      { 0x180dcbcd9dc7201fL,0xa07b5b2c360350dfL,0x2582b2774236f5ccL,
-        0x90163924a7ab06b9L } },
-    /* 45 */
-    { { 0x35e751b50767cdf2L,0x808372e69d8e2838L,0xcbad6b30646914d7L,
-        0x4eeeb1de6c7b3cabL },
-      { 0x3ef3af968c965004L,0xd162290fd281920bL,0x4626c313181f811bL,
-        0x5fa42f4fbe61dd14L } },
-    /* 46 */
-    { { 0x1f5a9c53a185e98eL,0x13c28277ea9e83c3L,0xb566e4c0b693a226L,
-        0x2ea3f1c001533e9eL },
-      { 0xb4dbcc336215a21fL,0x7df608c3cb4e98f0L,0x677df928b4dd95ddL,
-        0x4c1d7142eeed2934L } },
-    /* 47 */
-    { { 0x30bf236c86a2ee12L,0x74d5a12705ecb4c0L,0x9ef43b0f1601cca9L,
-        0xbe1b1bf9ac4dd202L },
-      { 0x84943e4717b6f93bL,0x6f789757cd5214b3L,0x5e0db1a97f313dfaL,
-        0x0515efacece0b72bL } },
-    /* 48 */
-    { { 0x433a677ca78c3f8bL,0x204a9feaf376a9c1L,0xb6bfbea444baeadfL,
-        0x5a43cafd2b48a3f4L },
-      { 0xe25a7d0b67d1d226L,0xb2115844f6837985L,0x8c9cca3ed87c2b88L,
-        0xecd4bc73894772e1L } },
-    /* 49 */
-    { { 0x368abec6783490e7L,0xf26da8bdd925c359L,0xf9b643e5e8fb0679L,
-        0x7ab803d9b555d175L },
-      { 0x1b4059994ebae595L,0x07fbbf25ba417a49L,0x02d7cf1cc617957aL,
-        0x79070ea5565c1fbbL } },
-    /* 50 */
-    { { 0x70194602d9b028faL,0x9c49969d9ff06760L,0xbf4add816ad27b42L,
-        0x7d1f226d8651524eL },
-      { 0xb0779b40eecd7724L,0xd356077265938707L,0xe3a61fe5d054b903L,
-        0xd6f5a3433365136bL } },
-    /* 51 */
-    { { 0x25c87c76d2970fcfL,0x7c9f60a04d5546a8L,0x7dab072f8dd8bf8cL,
-        0x3d10907ce8ff9f28L },
-      { 0xb08d6d0e34bb2a29L,0x5dfd4907c3fcfdafL,0xe4a2d4b147123ba6L,
-        0x6e9eef0b42de6d8dL } },
-    /* 52 */
-    { { 0x81255af5cbb55f9dL,0x579f27055328d39eL,0xa7bfc9173e5ae663L,
-        0xe9b55d57a1246e42L },
-      { 0x240ecd9475629188L,0x8748d297457bd3c0L,0x50e215ef373c361cL,
-        0xaf9d8a8618c967b9L } },
-    /* 53 */
-    { { 0x79a041040a04143fL,0x03f7410fc700c616L,0xe8f2a3f291108ca6L,
-        0xa26d67e8f5ac679aL },
-      { 0xa15dbfebb83fbd9aL,0xf1aaebd23a0b5587L,0x639a97ddce0ead44L,
-        0xf253b00c71d12ee0L } },
-    /* 54 */
-    { { 0x7baecf4c9e35e57cL,0x522e26a16786e3a5L,0x600b538b8af829a2L,
-        0x19fa80b72c6de44aL },
-      { 0xb52364f0aaf0ff52L,0x2e4bc21a6714587fL,0x401377a3c245967dL,
-        0x65178766a23cf3ebL } },
-    /* 55 */
-    { { 0xc1c81838923ac000L,0x42021f02c4abc0eeL,0xcde3bc9a47132a20L,
-        0x6f52a864c69f55fbL },
-      { 0x0bdfd3e4df89ff6aL,0x244c943bc88bd74eL,0x649e0b532612998bL,
-        0xce61ebc3d3413d4aL } },
-    /* 56 */
-    { { 0xe31629042cba5a90L,0xa72710aedb6c224eL,0x51831390d87e44dbL,
-        0xa687dc9848fe2ef3L },
-      { 0x857e985516a21ca9L,0xe3428d8ec9a7bc12L,0x16d3bcd012b044a2L,
-        0xe6fa0c69e85f6704L } },
-    /* 57 */
-    { { 0xe4cca34b8fd42692L,0xc86d49a6e15f3acfL,0xbfe1f263a6b18392L,
-        0x0664c933dcd266f6L },
-      { 0x86738cf519399d88L,0x1cbcc8c3749ce6bcL,0x28171f7bc773b884L,
-        0x306fc95701acf19eL } },
-    /* 58 */
-    { { 0x0da7a737afb6a419L,0x637fc26a195fbc40L,0x0fc8f8769c64e8e7L,
-        0x2a68579b208c0626L },
-      { 0x82e823108628abc3L,0xe4e09313ab23ae94L,0x66bf9adbe5155cf1L,
-        0x17909f6ce8a2dd0cL } },
-    /* 59 */
-    { { 0x767c359643d7ad31L,0x7ba3a1aa49ccef62L,0x5261c3160242bf5aL,
-        0x85f452199eb82dfbL },
-      { 0x554cb38237b42e47L,0xc9771ec14cf66133L,0xde70617a153905a3L,
-        0x2cab26fcbc61316dL } },
-    /* 60 */
-    { { 0x7dababbd75c10315L,0x9a8fbe88a48df64eL,0x2b076fe5e1b8f912L,
-        0x1a530ce9ccbd50dcL },
-      { 0x47361ab76647d225L,0xf84e73be4d636a15L,0xd58fcaaf5904a2faL,
-        0x73747d4b38523a19L } },
-    /* 61 */
-    { { 0x6e6b0fb8b6864cc0L,0x5d8a0027ab3b623cL,0x5e6665389a1cfc9cL,
-        0x816b19de521e4ff3L },
-      { 0x56709ad00bc447f8L,0x1d46cb1c8f1464d7L,0x49cef820a949873dL,
-        0x02804692d9d3e65fL } },
-    /* 62 */
-    { { 0x1ae0ea28ad8b5976L,0x4e9ad48e869458fbL,0xe9437ec996cfedf8L,
-        0xa4f924a22afa74d9L },
-      { 0xcb5b1845aaf797c0L,0xe5d6dd0eba6f557fL,0xa1496fe691dc2e7cL,
-        0xad31edac8c179fc7L } },
-    /* 63 */
-    { { 0xf9c5e9de44b06ed7L,0x6ce7c4f74a597159L,0xd02ec441833accb5L,
-        0xf30205996296e8fcL },
-      { 0x7df6c5c6c2afbe06L,0xff429dda9c849b09L,0x42170166f5dd78d6L,
-        0x2403ea21830c388bL } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^42, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_4(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 32 between points.
- */
-static const sp_table_entry_256 p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x79e730d418a9143cL,0x75ba95fc5fedb601L,0x79fb732b77622510L,
-        0x18905f76a53755c6L },
-      { 0xddf25357ce95560aL,0x8b4ab8e4ba19e45cL,0xd2e88688dd21f325L,
-        0x8571ff1825885d85L } },
-    /* 2 */
-    { { 0x202886024147519aL,0xd0981eac26b372f0L,0xa9d4a7caa785ebc8L,
-        0xd953c50ddbdf58e9L },
-      { 0x9d6361ccfd590f8fL,0x72e9626b44e6c917L,0x7fd9611022eb64cfL,
-        0x863ebb7e9eb288f3L } },
-    /* 3 */
-    { { 0x7856b6235cdb6485L,0x808f0ea22f0a2f97L,0x3e68d9544f7e300bL,
-        0x00076055b5ff80a0L },
-      { 0x7634eb9b838d2010L,0x54014fbb3243708aL,0xe0e47d39842a6606L,
-        0x8308776134373ee0L } },
-    /* 4 */
-    { { 0x4f922fc516a0d2bbL,0x0d5cc16c1a623499L,0x9241cf3a57c62c8bL,
-        0x2f5e6961fd1b667fL },
-      { 0x5c15c70bf5a01797L,0x3d20b44d60956192L,0x04911b37071fdb52L,
-        0xf648f9168d6f0f7bL } },
-    /* 5 */
-    { { 0x9e566847e137bbbcL,0xe434469e8a6a0becL,0xb1c4276179d73463L,
-        0x5abe0285133d0015L },
-      { 0x92aa837cc04c7dabL,0x573d9f4c43260c07L,0x0c93156278e6cc37L,
-        0x94bb725b6b6f7383L } },
-    /* 6 */
-    { { 0xbbf9b48f720f141cL,0x6199b3cd2df5bc74L,0xdc3f6129411045c4L,
-        0xcdd6bbcb2f7dc4efL },
-      { 0xcca6700beaf436fdL,0x6f647f6db99326beL,0x0c0fa792014f2522L,
-        0xa361bebd4bdae5f6L } },
-    /* 7 */
-    { { 0x28aa2558597c13c7L,0xc38d635f50b7c3e1L,0x07039aecf3c09d1dL,
-        0xba12ca09c4b5292cL },
-      { 0x9e408fa459f91dfdL,0x3af43b66ceea07fbL,0x1eceb0899d780b29L,
-        0x53ebb99d701fef4bL } },
-    /* 8 */
-    { { 0x4fe7ee31b0e63d34L,0xf4600572a9e54fabL,0xc0493334d5e7b5a4L,
-        0x8589fb9206d54831L },
-      { 0xaa70f5cc6583553aL,0x0879094ae25649e5L,0xcc90450710044652L,
-        0xebb0696d02541c4fL } },
-    /* 9 */
-    { { 0x4616ca15ac1647c5L,0xb8127d47c4cf5799L,0xdc666aa3764dfbacL,
-        0xeb2820cbd1b27da3L },
-      { 0x9406f8d86a87e008L,0xd87dfa9d922378f3L,0x56ed2e4280ccecb2L,
-        0x1f28289b55a7da1dL } },
-    /* 10 */
-    { { 0xabbaa0c03b89da99L,0xa6f2d79eb8284022L,0x27847862b81c05e8L,
-        0x337a4b5905e54d63L },
-      { 0x3c67500d21f7794aL,0x207005b77d6d7f61L,0x0a5a378104cfd6e8L,
-        0x0d65e0d5f4c2fbd6L } },
-    /* 11 */
-    { { 0xd9d09bbeb5275d38L,0x4268a7450be0a358L,0xf0762ff4973eb265L,
-        0xc23da24252f4a232L },
-      { 0x5da1b84f0b94520cL,0x09666763b05bd78eL,0x3a4dcb8694d29ea1L,
-        0x19de3b8cc790cff1L } },
-    /* 12 */
-    { { 0x183a716c26c5fe04L,0x3b28de0b3bba1bdbL,0x7432c586a4cb712cL,
-        0xe34dcbd491fccbfdL },
-      { 0xb408d46baaa58403L,0x9a69748682e97a53L,0x9e39012736aaa8afL,
-        0xe7641f447b4e0f7fL } },
-    /* 13 */
-    { { 0x7d753941df64ba59L,0xd33f10ec0b0242fcL,0x4f06dfc6a1581859L,
-        0x4a12df57052a57bfL },
-      { 0xbfa6338f9439dbd0L,0xd3c24bd4bde53e1fL,0xfd5e4ffa21f1b314L,
-        0x6af5aa93bb5bea46L } },
-    /* 14 */
-    { { 0xda10b69910c91999L,0x0a24b4402a580491L,0x3e0094b4b8cc2090L,
-        0x5fe3475a66a44013L },
-      { 0xb0f8cabdf93e7b4bL,0x292b501a7c23f91aL,0x42e889aecd1e6263L,
-        0xb544e308ecfea916L } },
-    /* 15 */
-    { { 0x6478c6e916ddfdceL,0x2c329166f89179e6L,0x4e8d6e764d4e67e1L,
-        0xe0b6b2bda6b0c20bL },
-      { 0x0d312df2bb7efb57L,0x1aac0dde790c4007L,0xf90336ad679bc944L,
-        0x71c023de25a63774L } },
-    /* 16 */
-    { { 0x62a8c244bfe20925L,0x91c19ac38fdce867L,0x5a96a5d5dd387063L,
-        0x61d587d421d324f6L },
-      { 0xe87673a2a37173eaL,0x2384800853778b65L,0x10f8441e05bab43eL,
-        0xfa11fe124621efbeL } },
-    /* 17 */
-    { { 0x1c891f2b2cb19ffdL,0x01ba8d5bb1923c23L,0xb6d03d678ac5ca8eL,
-        0x586eb04c1f13bedcL },
-      { 0x0c35c6e527e8ed09L,0x1e81a33c1819ede2L,0x278fd6c056c652faL,
-        0x19d5ac0870864f11L } },
-    /* 18 */
-    { { 0x1e99f581309a4e1fL,0xab7de71be9270074L,0x26a5ef0befd28d20L,
-        0xe7c0073f7f9c563fL },
-      { 0x1f6d663a0ef59f76L,0x669b3b5420fcb050L,0xc08c1f7a7a6602d4L,
-        0xe08504fec65b3c0aL } },
-    /* 19 */
-    { { 0xf098f68da031b3caL,0x6d1cab9ee6da6d66L,0x5bfd81fa94f246e8L,
-        0x78f018825b0996b4L },
-      { 0xb7eefde43a25787fL,0x8016f80d1dccac9bL,0x0cea4877b35bfc36L,
-        0x43a773b87e94747aL } },
-    /* 20 */
-    { { 0x62577734d2b533d5L,0x673b8af6a1bdddc0L,0x577e7c9aa79ec293L,
-        0xbb6de651c3b266b1L },
-      { 0xe7e9303ab65259b3L,0xd6a0afd3d03a7480L,0xc5ac83d19b3cfc27L,
-        0x60b4619a5d18b99bL } },
-    /* 21 */
-    { { 0xbd6a38e11ae5aa1cL,0xb8b7652b49e73658L,0x0b130014ee5f87edL,
-        0x9d0f27b2aeebffcdL },
-      { 0xca9246317a730a55L,0x9c955b2fddbbc83aL,0x07c1dfe0ac019a71L,
-        0x244a566d356ec48dL } },
-    /* 22 */
-    { { 0x6db0394aeacf1f96L,0x9f2122a9024c271cL,0x2626ac1b82cbd3b9L,
-        0x45e58c873581ef69L },
-      { 0xd3ff479da38f9dbcL,0xa8aaf146e888a040L,0x945adfb246e0bed7L,
-        0xc040e21cc1e4b7a4L } },
-    /* 23 */
-    { { 0x847af0006f8117b6L,0x651969ff73a35433L,0x482b35761d9475ebL,
-        0x1cdf5c97682c6ec7L },
-      { 0x7db775b411f04839L,0x7dbeacf448de1698L,0xb2921dd1b70b3219L,
-        0x046755f8a92dff3dL } },
-    /* 24 */
-    { { 0xcc8ac5d2bce8ffcdL,0x0d53c48b2fe61a82L,0xf6f161727202d6c7L,
-        0x046e5e113b83a5f3L },
-      { 0xe7b8ff64d8007f01L,0x7fb1ef125af43183L,0x045c5ea635e1a03cL,
-        0x6e0106c3303d005bL } },
-    /* 25 */
-    { { 0x48c7358488dd73b1L,0x7670708f995ed0d9L,0x38385ea8c56a2ab7L,
-        0x442594ede901cf1fL },
-      { 0xf8faa2c912d4b65bL,0x94c2343b96c90c37L,0xd326e4a15e978d1fL,
-        0xa796fa514c2ee68eL } },
-    /* 26 */
-    { { 0x359fb604823addd7L,0x9e2a6183e56693b3L,0xf885b78e3cbf3c80L,
-        0xe4ad2da9c69766e9L },
-      { 0x357f7f428e048a61L,0x082d198cc092d9a0L,0xfc3a1af4c03ed8efL,
-        0xc5e94046c37b5143L } },
-    /* 27 */
-    { { 0x476a538c2be75f9eL,0x6fd1a9e8cb123a78L,0xd85e4df0b109c04bL,
-        0x63283dafdb464747L },
-      { 0xce728cf7baf2df15L,0xe592c4550ad9a7f4L,0xfab226ade834bcc3L,
-        0x68bd19ab1981a938L } },
-    /* 28 */
-    { { 0xc08ead511887d659L,0x3374d5f4b359305aL,0x96986981cfe74fe3L,
-        0x495292f53c6fdfd6L },
-      { 0x4a878c9e1acec896L,0xd964b210ec5b4484L,0x6696f7e2664d60a7L,
-        0x0ec7530d26036837L } },
-    /* 29 */
-    { { 0x2da13a05ad2687bbL,0xa1f83b6af32e21faL,0x390f5ef51dd4607bL,
-        0x0f6207a664863f0bL },
-      { 0xbd67e3bb0f138233L,0xdd66b96c272aa718L,0x8ed0040726ec88aeL,
-        0xff0db07208ed6dcfL } },
-    /* 30 */
-    { { 0x749fa1014c95d553L,0xa44052fd5d680a8aL,0x183b4317ff3b566fL,
-        0x313b513c88740ea3L },
-      { 0xb402e2ac08d11549L,0x071ee10bb4dee21cL,0x26b987dd47f2320eL,
-        0x2d3abcf986f19f81L } },
-    /* 31 */
-    { { 0x4c288501815581a2L,0x9a0a6d56632211afL,0x19ba7a0f0cab2e99L,
-        0xc036fa10ded98cdfL },
-      { 0x29ae08bac1fbd009L,0x0b68b19006d15816L,0xc2eb32779b9e0d8fL,
-        0xa6b2a2c4b6d40194L } },
-    /* 32 */
-    { { 0xd433e50f6d3549cfL,0x6f33696ffacd665eL,0x695bfdacce11fcb4L,
-        0x810ee252af7c9860L },
-      { 0x65450fe17159bb2cL,0xf7dfbebe758b357bL,0x2b057e74d69fea72L,
-        0xd485717a92731745L } },
-    /* 33 */
-    { { 0x11741a8af0cb5a98L,0xd3da8f931f3110bfL,0x1994e2cbab382adfL,
-        0x6a6045a72f9a604eL },
-      { 0x170c0d3fa2b2411dL,0xbe0eb83e510e96e0L,0x3bcc9f738865b3ccL,
-        0xd3e45cfaf9e15790L } },
-    /* 34 */
-    { { 0xce1f69bbe83f7669L,0x09f8ae8272877d6bL,0x9548ae543244278dL,
-        0x207755dee3c2c19cL },
-      { 0x87bd61d96fef1945L,0x18813cefb12d28c3L,0x9fbcd1d672df64aaL,
-        0x48dc5ee57154b00dL } },
-    /* 35 */
-    { { 0x123790bff7e5a199L,0xe0efb8cf989ccbb7L,0xc27a2bfe0a519c79L,
-        0xf2fb0aeddff6f445L },
-      { 0x41c09575f0b5025fL,0x550543d740fa9f22L,0x8fa3c8ad380bfbd0L,
-        0xa13e9015db28d525L } },
-    /* 36 */
-    { { 0xf9f7a350a2b65cbcL,0x0b04b9722a464226L,0x265ce241e23f07a1L,
-        0x2bf0d6b01497526fL },
-      { 0xd3d4dd3f4b216fb7L,0xf7d7b867fbdda26aL,0xaeb7b83f6708505cL,
-        0x42a94a5a162fe89fL } },
-    /* 37 */
-    { { 0x5846ad0beaadf191L,0x0f8a489025a268d7L,0xe8603050494dc1f6L,
-        0x2c2dd969c65ede3dL },
-      { 0x6d02171d93849c17L,0x460488ba1da250ddL,0x4810c7063c3a5485L,
-        0xf437fa1f42c56dbcL } },
-    /* 38 */
-    { { 0x6aa0d7144a0f7dabL,0x0f0497931776e9acL,0x52c0a050f5f39786L,
-        0xaaf45b3354707aa8L },
-      { 0x85e37c33c18d364aL,0xd40b9b063e497165L,0xf417168115ec5444L,
-        0xcdf6310df4f272bcL } },
-    /* 39 */
-    { { 0x7473c6238ea8b7efL,0x08e9351885bc2287L,0x419567722bda8e34L,
-        0xf0d008bada9e2ff2L },
-      { 0x2912671d2414d3b1L,0xb3754985b019ea76L,0x5c61b96d453bcbdbL,
-        0x5bd5c2f5ca887b8bL } },
-    /* 40 */
-    { { 0xef0f469ef49a3154L,0x3e85a5956e2b2e9aL,0x45aaec1eaa924a9cL,
-        0xaa12dfc8a09e4719L },
-      { 0x26f272274df69f1dL,0xe0e4c82ca2ff5e73L,0xb9d8ce73b7a9dd44L,
-        0x6c036e73e48ca901L } },
-    /* 41 */
-    { { 0x5cfae12a0f6e3138L,0x6966ef0025ad345aL,0x8993c64b45672bc5L,
-        0x292ff65896afbe24L },
-      { 0xd5250d445e213402L,0xf6580e274392c9feL,0x097b397fda1c72e8L,
-        0x644e0c90311b7276L } },
-    /* 42 */
-    { { 0xe1e421e1a47153f0L,0xb86c3b79920418c9L,0x93bdce87705d7672L,
-        0xf25ae793cab79a77L },
-      { 0x1f3194a36d869d0cL,0x9d55c8824986c264L,0x49fb5ea3096e945eL,
-        0x39b8e65313db0a3eL } },
-    /* 43 */
-    { { 0x37754200b6fd2e59L,0x35e2c0669255c98fL,0xd9dab21a0e2a5739L,
-        0x39122f2f0f19db06L },
-      { 0xcfbce1e003cad53cL,0x225b2c0fe65c17e3L,0x72baf1d29aa13877L,
-        0x8de80af8ce80ff8dL } },
-    /* 44 */
-    { { 0xafbea8d9207bbb76L,0x921c7e7c21782758L,0xdfa2b74b1c0436b1L,
-        0x871949062e368c04L },
-      { 0xb5f928bba3993df5L,0x639d75b5f3b3d26aL,0x011aa78a85b55050L,
-        0xfc315e6a5b74fde1L } },
-    /* 45 */
-    { { 0x561fd41ae8d6ecfaL,0x5f8c44f61aec7f86L,0x98452a7b4924741dL,
-        0xe6d4a7adee389088L },
-      { 0x60552ed14593c75dL,0x70a70da4dd271162L,0xd2aede937ba2c7dbL,
-        0x35dfaf9a9be2ae57L } },
-    /* 46 */
-    { { 0x6b956fcdaa736636L,0x09f51d97ae2cab7eL,0xfb10bf410f349966L,
-        0x1da5c7d71c830d2bL },
-      { 0x5c41e4833cce6825L,0x15ad118ff9573c3bL,0xa28552c7f23036b8L,
-        0x7077c0fddbf4b9d6L } },
-    /* 47 */
-    { { 0xbf63ff8d46b9661cL,0xa1dfd36b0d2cfd71L,0x0373e140a847f8f7L,
-        0x53a8632ee50efe44L },
-      { 0x0976ff68696d8051L,0xdaec0c95c74f468aL,0x62994dc35e4e26bdL,
-        0x028ca76d34e1fcc1L } },
-    /* 48 */
-    { { 0xd11d47dcfc9877eeL,0xc8b36210801d0002L,0xd002c11754c260b6L,
-        0x04c17cd86962f046L },
-      { 0x6d9bd094b0daddf5L,0xbea2357524ce55c0L,0x663356e672da03b5L,
-        0xf7ba4de9fed97474L } },
-    /* 49 */
-    { { 0xd0dbfa34ebe1263fL,0x5576373571ae7ce6L,0xd244055382a6f523L,
-        0xe31f960052131c41L },
-      { 0xd1bb9216ea6b6ec6L,0x37a1d12e73c2fc44L,0xc10e7eac89d0a294L,
-        0xaa3a6259ce34d47bL } },
-    /* 50 */
-    { { 0xfbcf9df536f3dcd3L,0x6ceded50d2bf7360L,0x491710fadf504f5bL,
-        0x2398dd627e79daeeL },
-      { 0xcf4705a36d09569eL,0xea0619bb5149f769L,0xff9c037735f6034cL,
-        0x5717f5b21c046210L } },
-    /* 51 */
-    { { 0x9fe229c921dd895eL,0x8e51850040c28451L,0xfa13d2391d637ecdL,
-        0x660a2c560e3c28deL },
-      { 0x9cca88aed67fcbd0L,0xc84724780ea9f096L,0x32b2f48172e92b4dL,
-        0x624ee54c4f522453L } },
-    /* 52 */
-    { { 0x09549ce4d897ecccL,0x4d49d1d93f9880aaL,0x723c2423043a7c20L,
-        0x4f392afb92bdfbc0L },
-      { 0x6969f8fa7de44fd9L,0xb66cfbe457b32156L,0xdb2fa803368ebc3cL,
-        0x8a3e7977ccdb399cL } },
-    /* 53 */
-    { { 0xdde1881f06c4b125L,0xae34e300f6e3ca8cL,0xef6999de5c7a13e9L,
-        0x3888d02370c24404L },
-      { 0x7628035644f91081L,0x3d9fcf615f015504L,0x1827edc8632cd36eL,
-        0xa5e62e4718102336L } },
-    /* 54 */
-    { { 0x1a825ee32facd6c8L,0x699c635454bcbc66L,0x0ce3edf798df9931L,
-        0x2c4768e6466a5adcL },
-      { 0xb346ff8c90a64bc9L,0x630a6020e4779f5cL,0xd949d064bc05e884L,
-        0x7b5e6441f9e652a0L } },
-    /* 55 */
-    { { 0x2169422c1d28444aL,0xe996c5d8be136a39L,0x2387afe5fb0c7fceL,
-        0xb8af73cb0c8d744aL },
-      { 0x5fde83aa338b86fdL,0xfee3f158a58a5cffL,0xc9ee8f6f20ac9433L,
-        0xa036395f7f3f0895L } },
-    /* 56 */
-    { { 0x8c73c6bba10f7770L,0xa6f16d81a12a0e24L,0x100df68251bc2b9fL,
-        0x4be36b01875fb533L },
-      { 0x9226086e9fb56dbbL,0x306fef8b07e7a4f8L,0xeeaccc0566d52f20L,
-        0x8cbc9a871bdc00c0L } },
-    /* 57 */
-    { { 0xe131895cc0dac4abL,0xa874a440712ff112L,0x6332ae7c6a1cee57L,
-        0x44e7553e0c0835f8L },
-      { 0x6d503fff7734002dL,0x9d35cb8b0b34425cL,0x95f702760e8738b5L,
-        0x470a683a5eb8fc18L } },
-    /* 58 */
-    { { 0x81b761dc90513482L,0x0287202a01e9276aL,0xcda441ee0ce73083L,
-        0x16410690c63dc6efL },
-      { 0xf5034a066d06a2edL,0xdd4d7745189b100bL,0xd914ae72ab8218c9L,
-        0xd73479fd7abcbb4fL } },
-    /* 59 */
-    { { 0x7edefb165ad4c6e5L,0x262cf08f5b06d04dL,0x12ed5bb18575cb14L,
-        0x816469e30771666bL },
-      { 0xd7ab9d79561e291eL,0xeb9daf22c1de1661L,0xf49827eb135e0513L,
-        0x0a36dd23f0dd3f9cL } },
-    /* 60 */
-    { { 0x098d32c741d5533cL,0x7c5f5a9e8684628fL,0x39a228ade349bd11L,
-        0xe331dfd6fdbab118L },
-      { 0x5100ab686bcc6ed8L,0x7160c3bdef7a260eL,0x9063d9a7bce850d7L,
-        0xd3b4782a492e3389L } },
-    /* 61 */
-    { { 0xa149b6e8f3821f90L,0x92edd9ed66eb7aadL,0x0bb669531a013116L,
-        0x7281275a4c86a5bdL },
-      { 0x503858f7d3ff47e5L,0x5e1616bc61016441L,0x62b0f11a7dfd9bb1L,
-        0x2c062e7ece145059L } },
-    /* 62 */
-    { { 0xa76f996f0159ac2eL,0x281e7736cbdb2713L,0x2ad6d28808e46047L,
-        0x282a35f92c4e7ef1L },
-      { 0x9c354b1ec0ce5cd2L,0xcf99efc91379c229L,0x992caf383e82c11eL,
-        0xc71cd513554d2abdL } },
-    /* 63 */
-    { { 0x4885de9c09b578f4L,0x1884e258e3affa7aL,0x8f76b1b759182f1fL,
-        0xc50f6740cf47f3a3L },
-      { 0xa9c4adf3374b68eaL,0xa406f32369965fe2L,0x2f86a22285a53050L,
-        0xb9ecb3a7212958dcL } },
-    /* 64 */
-    { { 0x56f8410ef4f8b16aL,0x97241afec47b266aL,0x0a406b8e6d9c87c1L,
-        0x803f3e02cd42ab1bL },
-      { 0x7f0309a804dbec69L,0xa83b85f73bbad05fL,0xc6097273ad8e197fL,
-        0xc097440e5067adc1L } },
-    /* 65 */
-    { { 0x846a56f2c379ab34L,0xa8ee068b841df8d1L,0x20314459176c68efL,
-        0xf1af32d5915f1f30L },
-      { 0x99c375315d75bd50L,0x837cffbaf72f67bcL,0x0613a41848d7723fL,
-        0x23d0f130e2d41c8bL } },
-    /* 66 */
-    { { 0x857ab6edf41500d9L,0x0d890ae5fcbeada8L,0x52fe864889725951L,
-        0xb0288dd6c0a3faddL },
-      { 0x85320f30650bcb08L,0x71af6313695d6e16L,0x31f520a7b989aa76L,
-        0xffd3724ff408c8d2L } },
-    /* 67 */
-    { { 0x53968e64b458e6cbL,0x992dad20317a5d28L,0x3814ae0b7aa75f56L,
-        0xf5590f4ad78c26dfL },
-      { 0x0fc24bd3cf0ba55aL,0x0fc4724a0c778baeL,0x1ce9864f683b674aL,
-        0x18d6da54f6f74a20L } },
-    /* 68 */
-    { { 0xed93e225d5be5a2bL,0x6fe799835934f3c6L,0x4314092622626ffcL,
-        0x50bbb4d97990216aL },
-      { 0x378191c6e57ec63eL,0x65422c40181dcdb2L,0x41a8099b0236e0f6L,
-        0x2b10011801fe49c3L } },
-    /* 69 */
-    { { 0xfc68b5c59b391593L,0xc385f5a2598270fcL,0x7144f3aad19adcbbL,
-        0xdd55899983fbae0cL },
-      { 0x93b88b8e74b82ff4L,0xd2e03c4071e734c9L,0x9a7a9eaf43c0322aL,
-        0xe6e4c551149d6041L } },
-    /* 70 */
-    { { 0x55f655bb1e9af288L,0x647e1a64f7ada931L,0x43697e4bcb2820e5L,
-        0x51e00db107ed56ffL },
-      { 0x43d169b8771c327eL,0x29cdb20b4a96c2adL,0xc07d51f53deb4779L,
-        0xe22f424149829177L } },
-    /* 71 */
-    { { 0xcd45e8f4635f1abbL,0x7edc0cb568538874L,0xc9472c1fb5a8034dL,
-        0xf709373d52dc48c9L },
-      { 0x401966bba8af30d6L,0x95bf5f4af137b69cL,0x3966162a9361c47eL,
-        0xbd52d288e7275b11L } },
-    /* 72 */
-    { { 0xab155c7a9c5fa877L,0x17dad6727d3a3d48L,0x43f43f9e73d189d8L,
-        0xa0d0f8e4c8aa77a6L },
-      { 0x0bbeafd8cc94f92dL,0xd818c8be0c4ddb3aL,0x22cc65f8b82eba14L,
-        0xa56c78c7946d6a00L } },
-    /* 73 */
-    { { 0x2962391b0dd09529L,0x803e0ea63daddfcfL,0x2c77351f5b5bf481L,
-        0xd8befdf8731a367aL },
-      { 0xab919d42fc0157f4L,0xf51caed7fec8e650L,0xcdf9cb4002d48b0aL,
-        0x854a68a5ce9f6478L } },
-    /* 74 */
-    { { 0xdc35f67b63506ea5L,0x9286c489a4fe0d66L,0x3f101d3bfe95cd4dL,
-        0x5cacea0b98846a95L },
-      { 0xa90df60c9ceac44dL,0x3db29af4354d1c3aL,0x08dd3de8ad5dbabeL,
-        0xe4982d1235e4efa9L } },
-    /* 75 */
-    { { 0x23104a22c34cd55eL,0x58695bb32680d132L,0xfb345afa1fa1d943L,
-        0x8046b7f616b20499L },
-      { 0xb533581e38e7d098L,0xd7f61e8df46f0b70L,0x30dea9ea44cb78c4L,
-        0xeb17ca7b9082af55L } },
-    /* 76 */
-    { { 0x1751b59876a145b9L,0xa5cf6b0fc1bc71ecL,0xd3e03565392715bbL,
-        0x097b00bafab5e131L },
-      { 0xaa66c8e9565f69e1L,0x77e8f75ab5be5199L,0x6033ba11da4fd984L,
-        0xf95c747bafdbcc9eL } },
-    /* 77 */
-    { { 0x558f01d3bebae45eL,0xa8ebe9f0c4bc6955L,0xaeb705b1dbc64fc6L,
-        0x3512601e566ed837L },
-      { 0x9336f1e1fa1161cdL,0x328ab8d54c65ef87L,0x4757eee2724f21e5L,
-        0x0ef971236068ab6bL } },
-    /* 78 */
-    { { 0x02598cf754ca4226L,0x5eede138f8642c8eL,0x48963f74468e1790L,
-        0xfc16d9333b4fbc95L },
-      { 0xbe96fb31e7c800caL,0x138063312678adaaL,0x3d6244976ff3e8b5L,
-        0x14ca4af1b95d7a17L } },
-    /* 79 */
-    { { 0x7a4771babd2f81d5L,0x1a5f9d6901f7d196L,0xd898bef7cad9c907L,
-        0x4057b063f59c231dL },
-      { 0xbffd82fe89c05c0aL,0xe4911c6f1dc0df85L,0x3befccaea35a16dbL,
-        0x1c3b5d64f1330b13L } },
-    /* 80 */
-    { { 0x5fe14bfe80ec21feL,0xf6ce116ac255be82L,0x98bc5a072f4a5d67L,
-        0xfad27148db7e63afL },
-      { 0x90c0b6ac29ab05b3L,0x37a9a83c4e251ae6L,0x0a7dc875c2aade7dL,
-        0x77387de39f0e1a84L } },
-    /* 81 */
-    { { 0x1e9ecc49a56c0dd7L,0xa5cffcd846086c74L,0x8f7a1408f505aeceL,
-        0xb37b85c0bef0c47eL },
-      { 0x3596b6e4cc0e6a8fL,0xfd6d4bbf6b388f23L,0xaba453fac39cef4eL,
-        0x9c135ac8f9f628d5L } },
-    /* 82 */
-    { { 0x32aa320284e35743L,0x320d6ab185a3cdefL,0xb821b1761df19819L,
-        0x5721361fc433851fL },
-      { 0x1f0db36a71fc9168L,0x5f98ba735e5c403cL,0xf64ca87e37bcd8f5L,
-        0xdcbac3c9e6bb11bdL } },
-    /* 83 */
-    { { 0xf01d99684518cbe2L,0xd242fc189c9eb04eL,0x727663c7e47feebfL,
-        0xb8c1c89e2d626862L },
-      { 0x51a58bddc8e1d569L,0x563809c8b7d88cd0L,0x26c27fd9f11f31ebL,
-        0x5d23bbda2f9422d4L } },
-    /* 84 */
-    { { 0x0a1c729495c8f8beL,0x2961c4803bf362bfL,0x9e418403df63d4acL,
-        0xc109f9cb91ece900L },
-      { 0xc2d095d058945705L,0xb9083d96ddeb85c0L,0x84692b8d7a40449bL,
-        0x9bc3344f2eee1ee1L } },
-    /* 85 */
-    { { 0x0d5ae35642913074L,0x55491b2748a542b1L,0x469ca665b310732aL,
-        0x29591d525f1a4cc1L },
-      { 0xe76f5b6bb84f983fL,0xbe7eef419f5f84e1L,0x1200d49680baa189L,
-        0x6376551f18ef332cL } },
-    /* 86 */
-    { { 0xbda5f14e562976ccL,0x22bca3e60ef12c38L,0xbbfa30646cca9852L,
-        0xbdb79dc808e2987aL },
-      { 0xfd2cb5c9cb06a772L,0x38f475aafe536dceL,0xc2a3e0227c2b5db8L,
-        0x8ee86001add3c14aL } },
-    /* 87 */
-    { { 0xcbe96981a4ade873L,0x7ee9aa4dc4fba48cL,0x2cee28995a054ba5L,
-        0x92e51d7a6f77aa4bL },
-      { 0x948bafa87190a34dL,0xd698f75bf6bd1ed1L,0xd00ee6e30caf1144L,
-        0x5182f86f0a56aaaaL } },
-    /* 88 */
-    { { 0xfba6212c7a4cc99cL,0xff609b683e6d9ca1L,0x5dbb27cb5ac98c5aL,
-        0x91dcab5d4073a6f2L },
-      { 0x01b6cc3d5f575a70L,0x0cb361396f8d87faL,0x165d4e8c89981736L,
-        0x17a0cedb97974f2bL } },
-    /* 89 */
-    { { 0x38861e2a076c8d3aL,0x701aad39210f924bL,0x94d0eae413a835d9L,
-        0x2e8ce36c7f4cdf41L },
-      { 0x91273dab037a862bL,0x01ba9bb760e4c8faL,0xf964538833baf2ddL,
-        0xf4ccc6cb34f668f3L } },
-    /* 90 */
-    { { 0x44ef525cf1f79687L,0x7c59549592efa815L,0xe1231741a5c78d29L,
-        0xac0db4889a0df3c9L },
-      { 0x86bfc711df01747fL,0x592b9358ef17df13L,0xe5880e4f5ccb6bb5L,
-        0x95a64a6194c974a2L } },
-    /* 91 */
-    { { 0x72c1efdac15a4c93L,0x40269b7382585141L,0x6a8dfb1c16cb0badL,
-        0x231e54ba29210677L },
-      { 0xa70df9178ae6d2dcL,0x4d6aa63f39112918L,0xf627726b5e5b7223L,
-        0xab0be032d8a731e1L } },
-    /* 92 */
-    { { 0x097ad0e98d131f2dL,0x637f09e33b04f101L,0x1ac86196d5e9a748L,
-        0xf1bcc8802cf6a679L },
-      { 0x25c69140e8daacb4L,0x3c4e405560f65009L,0x591cc8fc477937a6L,
-        0x851694695aebb271L } },
-    /* 93 */
-    { { 0xde35c143f1dcf593L,0x78202b29b018be3bL,0xe9cdadc29bdd9d3dL,
-        0x8f67d9d2daad55d8L },
-      { 0x841116567481ea5fL,0xe7d2dde9e34c590cL,0xffdd43f405053fa8L,
-        0xf84572b9c0728b5dL } },
-    /* 94 */
-    { { 0x5e1a7a7197af71c9L,0xa14494447a736565L,0xa1b4ae070e1d5063L,
-        0xedee2710616b2c19L },
-      { 0xb2f034f511734121L,0x1cac6e554a25e9f0L,0x8dc148f3a40c2ecfL,
-        0x9fd27e9b44ebd7f4L } },
-    /* 95 */
-    { { 0x3cc7658af6e2cb16L,0xe3eb7d2cfe5919b6L,0x5a8c5816168d5583L,
-        0xa40c2fb6958ff387L },
-      { 0x8c9ec560fedcc158L,0x7ad804c655f23056L,0xd93967049a307e12L,
-        0x99bc9bb87dc6decfL } },
-    /* 96 */
-    { { 0x84a9521d927dafc6L,0x52c1fb695c09cd19L,0x9d9581a0f9366ddeL,
-        0x9abe210ba16d7e64L },
-      { 0x480af84a48915220L,0xfa73176a4dd816c6L,0xc7d539871681ca5aL,
-        0x7881c25787f344b0L } },
-    /* 97 */
-    { { 0x93399b51e0bcf3ffL,0x0d02cbc5127f74f6L,0x8fb465a2dd01d968L,
-        0x15e6e319a30e8940L },
-      { 0x646d6e0d3e0e05f4L,0xfad7bddc43588404L,0xbe61c7d1c4f850d3L,
-        0x0e55facf191172ceL } },
-    /* 98 */
-    { { 0x7e9d9806f8787564L,0x1a33172131e85ce6L,0x6b0158cab819e8d6L,
-        0xd73d09766fe96577L },
-      { 0x424834251eb7206eL,0xa519290fc618bb42L,0x5dcbb8595e30a520L,
-        0x9250a3748f15a50bL } },
-    /* 99 */
-    { { 0xcaff08f8be577410L,0xfd408a035077a8c6L,0xf1f63289ec0a63a4L,
-        0x77414082c1cc8c0bL },
-      { 0x05a40fa6eb0991cdL,0xc1ca086649fdc296L,0x3a68a3c7b324fd40L,
-        0x8cb04f4d12eb20b9L } },
-    /* 100 */
-    { { 0xb1c2d0556906171cL,0x9073e9cdb0240c3fL,0xdb8e6b4fd8906841L,
-        0xe4e429ef47123b51L },
-      { 0x0b8dd53c38ec36f4L,0xf9d2dc01ff4b6a27L,0x5d066e07879a9a48L,
-        0x37bca2ff3c6e6552L } },
-    /* 101 */
-    { { 0x4cd2e3c7df562470L,0x44f272a2c0964ac9L,0x7c6d5df980c793beL,
-        0x59913edc3002b22aL },
-      { 0x7a139a835750592aL,0x99e01d80e783de02L,0xcf8c0375ea05d64fL,
-        0x43786e4ab013e226L } },
-    /* 102 */
-    { { 0xff32b0ed9e56b5a6L,0x0750d9a6d9fc68f9L,0xec15e845597846a7L,
-        0x8638ca98b7e79e7aL },
-      { 0x2f5ae0960afc24b2L,0x05398eaf4dace8f2L,0x3b765dd0aecba78fL,
-        0x1ecdd36a7b3aa6f0L } },
-    /* 103 */
-    { { 0x5d3acd626c5ff2f3L,0xa2d516c02873a978L,0xad94c9fad2110d54L,
-        0xd85d0f85d459f32dL },
-      { 0x9f700b8d10b11da3L,0xd2c22c30a78318c4L,0x556988f49208decdL,
-        0xa04f19c3b4ed3c62L } },
-    /* 104 */
-    { { 0x087924c8ed7f93bdL,0xcb64ac5d392f51f6L,0x7cae330a821b71afL,
-        0x92b2eeea5c0950b0L },
-      { 0x85ac4c9485b6e235L,0xab2ca4a92936c0f0L,0x80faa6b3e0508891L,
-        0x1ee782215834276cL } },
-    /* 105 */
-    { { 0xa60a2e00e63e79f7L,0xf590e7b2f399d906L,0x9021054a6607c09dL,
-        0xf3f2ced857a6e150L },
-      { 0x200510f3f10d9b55L,0x9d2fcfacd8642648L,0xe5631aa7e8bd0e7cL,
-        0x0f56a4543da3e210L } },
-    /* 106 */
-    { { 0x5b21bffa1043e0dfL,0x6c74b6cc9c007e6dL,0x1a656ec0d4a8517aL,
-        0xbd8f17411969e263L },
-      { 0x8a9bbb86beb7494aL,0x1567d46f45f3b838L,0xdf7a12a7a4e5a79aL,
-        0x2d1a1c3530ccfa09L } },
-    /* 107 */
-    { { 0x192e3813506508daL,0x336180c4a1d795a7L,0xcddb59497a9944b3L,
-        0xa107a65eb91fba46L },
-      { 0xe6d1d1c50f94d639L,0x8b4af3758a58b7d7L,0x1a7c5584bd37ca1cL,
-        0x183d760af87a9af2L } },
-    /* 108 */
-    { { 0x29d697110dde59a4L,0xf1ad8d070e8bef87L,0x229b49634f2ebe78L,
-        0x1d44179dc269d754L },
-      { 0xb32dc0cf8390d30eL,0x0a3b27530de8110cL,0x31af1dc52bc0339aL,
-        0x771f9cc29606d262L } },
-    /* 109 */
-    { { 0x99993e7785040739L,0x44539db98026a939L,0xcf40f6f2f5f8fc26L,
-        0x64427a310362718eL },
-      { 0x4f4f2d8785428aa8L,0x7b7adc3febfb49a8L,0x201b2c6df23d01acL,
-        0x49d9b7496ae90d6dL } },
-    /* 110 */
-    { { 0xcc78d8bc435d1099L,0x2adbcd4e8e8d1a08L,0x02c2e2a02cb68a41L,
-        0x9037d81b3f605445L },
-      { 0x7cdbac27074c7b61L,0xfe2031ab57bfd72eL,0x61ccec96596d5352L,
-        0x08c3de6a7cc0639cL } },
-    /* 111 */
-    { { 0x20fdd020f6d552abL,0x56baff9805cd81f1L,0x06fb7c3e91351291L,
-        0xc690944245796b2fL },
-      { 0x17b3ae9c41231bd1L,0x1eac6e875cc58205L,0x208837abf9d6a122L,
-        0x3fa3db02cafe3ac0L } },
-    /* 112 */
-    { { 0xd75a3e6505058880L,0x7da365ef643943f2L,0x4147861cfab24925L,
-        0xc5c4bdb0fdb808ffL },
-      { 0x73513e34b272b56bL,0xc8327e9511b9043aL,0xfd8ce37df8844969L,
-        0x2d56db9446c2b6b5L } },
-    /* 113 */
-    { { 0x2461782fff46ac6bL,0xd19f792607a2e425L,0xfafea3c409a48de1L,
-        0x0f56bd9de503ba42L },
-      { 0x137d4ed1345cda49L,0x821158fc816f299dL,0xe7c6a54aaeb43402L,
-        0x4003bb9d1173b5f1L } },
-    /* 114 */
-    { { 0x3b8e8189a0803387L,0xece115f539cbd404L,0x4297208dd2877f21L,
-        0x53765522a07f2f9eL },
-      { 0xa4980a21a8a4182dL,0xa2bbd07a3219df79L,0x674d0a2e1a19a2d4L,
-        0x7a056f586c5d4549L } },
-    /* 115 */
-    { { 0x646b25589d8a2a47L,0x5b582948c3df2773L,0x51ec000eabf0d539L,
-        0x77d482f17a1a2675L },
-      { 0xb8a1bd9587853948L,0xa6f817bd6cfbffeeL,0xab6ec05780681e47L,
-        0x4115012b2b38b0e4L } },
-    /* 116 */
-    { { 0x3c73f0f46de28cedL,0x1d5da7609b13ec47L,0x61b8ce9e6e5c6392L,
-        0xcdf04572fbea0946L },
-      { 0x1cb3c58b6c53c3b0L,0x97fe3c10447b843cL,0xfb2b8ae12cb9780eL,
-        0xee703dda97383109L } },
-    /* 117 */
-    { { 0x34515140ff57e43aL,0xd44660d3b1b811b8L,0x2b3b5dff8f42b986L,
-        0x2a0ad89da162ce21L },
-      { 0x64e4a6946bc277baL,0xc788c954c141c276L,0x141aa64ccabf6274L,
-        0xd62d0b67ac2b4659L } },
-    /* 118 */
-    { { 0x39c5d87b2c054ac4L,0x57005859f27df788L,0xedf7cbf3b18128d6L,
-        0xb39a23f2991c2426L },
-      { 0x95284a15f0b16ae5L,0x0c6a05b1a136f51bL,0x1d63c137f2700783L,
-        0x04ed0092c0674cc5L } },
-    /* 119 */
-    { { 0x1f4185d19ae90393L,0x3047b4294a3d64e6L,0xae0001a69854fc14L,
-        0xa0a91fc10177c387L },
-      { 0xff0a3f01ae2c831eL,0xbb76ae822b727e16L,0x8f12c8a15a3075b4L,
-        0x084cf9889ed20c41L } },
-    /* 120 */
-    { { 0xd98509defca6becfL,0x2fceae807dffb328L,0x5d8a15c44778e8b9L,
-        0xd57955b273abf77eL },
-      { 0x210da79e31b5d4f1L,0xaa52f04b3cfa7a1cL,0xd4d12089dc27c20bL,
-        0x8e14ea4202d141f1L } },
-    /* 121 */
-    { { 0xeed50345f2897042L,0x8d05331f43402c4aL,0xc8d9c194c8bdfb21L,
-        0x597e1a372aa4d158L },
-      { 0x0327ec1acf0bd68cL,0x6d4be0dcab024945L,0x5b9c8d7ac9fe3e84L,
-        0xca3f0236199b4deaL } },
-    /* 122 */
-    { { 0x592a10b56170bd20L,0x0ea897f16d3f5de7L,0xa3363ff144b2ade2L,
-        0xbde7fd7e309c07e4L },
-      { 0x516bb6d2b8f5432cL,0x210dc1cbe043444bL,0x3db01e6ff8f95b5aL,
-        0xb623ad0e0a7dd198L } },
-    /* 123 */
-    { { 0xa75bd67560c7b65bL,0xab8c559023a4a289L,0xf8220fd0d7b26795L,
-        0xd6aa2e4658ec137bL },
-      { 0x10abc00b5138bb85L,0x8c31d121d833a95cL,0xb24ff00b1702a32eL,
-        0x111662e02dcc513aL } },
-    /* 124 */
-    { { 0x78114015efb42b87L,0xbd9f5d701b6c4dffL,0x66ecccd7a7d7c129L,
-        0xdb3ee1cb94b750f8L },
-      { 0xb26f3db0f34837cfL,0xe7eed18bb9578d4fL,0x5d2cdf937c56657dL,
-        0x886a644252206a59L } },
-    /* 125 */
-    { { 0x3c234cfb65b569eaL,0x20011141f72119c1L,0x8badc85da15a619eL,
-        0xa70cf4eb018a17bcL },
-      { 0x224f97ae8c4a6a65L,0x36e5cf270134378fL,0xbe3a609e4f7e0960L,
-        0xaa4772abd1747b77L } },
-    /* 126 */
-    { { 0x676761317aa60cc0L,0xc79163610368115fL,0xded98bb4bbc1bb5aL,
-        0x611a6ddc30faf974L },
-      { 0x30e78cbcc15ee47aL,0x2e8962824e0d96a5L,0x36f35adf3dd9ed88L,
-        0x5cfffaf816429c88L } },
-    /* 127 */
-    { { 0xc0d54cff9b7a99cdL,0x7bf3b99d843c45a1L,0x038a908f62c739e1L,
-        0x6e5a6b237dc1994cL },
-      { 0xef8b454e0ba5db77L,0xb7b8807facf60d63L,0xe591c0c676608378L,
-        0x481a238d242dabccL } },
-    /* 128 */
-    { { 0xe3417bc035d0b34aL,0x440b386b8327c0a7L,0x8fb7262dac0362d1L,
-        0x2c41114ce0cdf943L },
-      { 0x2ba5cef1ad95a0b1L,0xc09b37a867d54362L,0x26d6cdd201e486c9L,
-        0x20477abf42ff9297L } },
-    /* 129 */
-    { { 0x2f75173c18d65dbfL,0x77bf940e339edad8L,0x7022d26bdcf1001cL,
-        0xac66409ac77396b6L },
-      { 0x8b0bb36fc6261cc3L,0x213f7bc9190e7e90L,0x6541cebaa45e6c10L,
-        0xce8e6975cc122f85L } },
-    /* 130 */
-    { { 0x0f121b41bc0a67d2L,0x62d4760a444d248aL,0x0e044f1d659b4737L,
-        0x08fde365250bb4a8L },
-      { 0xaceec3da848bf287L,0xc2a62182d3369d6eL,0x3582dfdc92449482L,
-        0x2f7e2fd2565d6cd7L } },
-    /* 131 */
-    { { 0xae4b92dbc3770fa7L,0x095e8d5c379043f9L,0x54f34e9d17761171L,
-        0xc65be92e907702aeL },
-      { 0x2758a303f6fd0a40L,0xe7d822e3bcce784bL,0x7ae4f5854f9767bfL,
-        0x4bff8e47d1193b3aL } },
-    /* 132 */
-    { { 0xcd41d21f00ff1480L,0x2ab8fb7d0754db16L,0xac81d2efbbe0f3eaL,
-        0x3e4e4ae65772967dL },
-      { 0x7e18f36d3c5303e6L,0x3bd9994b92262397L,0x9ed70e261324c3c0L,
-        0x5388aefd58ec6028L } },
-    /* 133 */
-    { { 0xad1317eb5e5d7713L,0x09b985ee75de49daL,0x32f5bc4fc74fb261L,
-        0x5cf908d14f75be0eL },
-      { 0x760435108e657b12L,0xbfd421a5b96ed9e6L,0x0e29f51f8970ccc2L,
-        0xa698ba4060f00ce2L } },
-    /* 134 */
-    { { 0x73db1686ef748fecL,0xe6e755a27e9d2cf9L,0x630b6544ce265effL,
-        0xb142ef8a7aebad8dL },
-      { 0xad31af9f17d5770aL,0x66af3b672cb3412fL,0x6bd60d1bdf3359deL,
-        0xd1896a9658515075L } },
-    /* 135 */
-    { { 0xec5957ab33c41c08L,0x87de94ac5468e2e1L,0x18816b73ac472f6cL,
-        0x267b0e0b7981da39L },
-      { 0x6e554e5d8e62b988L,0xd8ddc755116d21e7L,0x4610faf03d2a6f99L,
-        0xb54e287aa1119393L } },
-    /* 136 */
-    { { 0x0a0122b5178a876bL,0x51ff96ff085104b4L,0x050b31ab14f29f76L,
-        0x84abb28b5f87d4e6L },
-      { 0xd5ed439f8270790aL,0x2d6cb59d85e3f46bL,0x75f55c1b6c1e2212L,
-        0xe5436f6717655640L } },
-    /* 137 */
-    { { 0x53f9025e2286e8d5L,0x353c95b4864453beL,0xd832f5bde408e3a0L,
-        0x0404f68b5b9ce99eL },
-      { 0xcad33bdea781e8e5L,0x3cdf5018163c2f5bL,0x575769600119caa3L,
-        0x3a4263df0ac1c701L } },
-    /* 138 */
-    { { 0xc2965ecc9aeb596dL,0x01ea03e7023c92b4L,0x4704b4b62e013961L,
-        0x0ca8fd3f905ea367L },
-      { 0x92523a42551b2b61L,0x1eb7a89c390fcd06L,0xe7f1d2be0392a63eL,
-        0x96dca2644ddb0c33L } },
-    /* 139 */
-    { { 0x203bb43a387510afL,0x846feaa8a9a36a01L,0xd23a57702f950378L,
-        0x4363e2123aad59dcL },
-      { 0xca43a1c740246a47L,0xb362b8d2e55dd24dL,0xf9b086045d8faf96L,
-        0x840e115cd8bb98c4L } },
-    /* 140 */
-    { { 0xf12205e21023e8a7L,0xc808a8cdd8dc7a0bL,0xe292a272163a5ddfL,
-        0x5e0d6abd30ded6d4L },
-      { 0x07a721c27cfc0f64L,0x42eec01d0e55ed88L,0x26a7bef91d1f9db2L,
-        0x7dea48f42945a25aL } },
-    /* 141 */
-    { { 0xabdf6f1ce5060a81L,0xe79f9c72f8f95615L,0xcfd36c5406ac268bL,
-        0xabc2a2beebfd16d1L },
-      { 0x8ac66f91d3e2eac7L,0x6f10ba63d2dd0466L,0x6790e3770282d31bL,
-        0x4ea353946c7eefc1L } },
-    /* 142 */
-    { { 0xed8a2f8d5266309dL,0x0a51c6c081945a3eL,0xcecaf45a578c5dc1L,
-        0x3a76e6891c94ffc3L },
-      { 0x9aace8a47d7b0d0fL,0x963ace968f584a5fL,0x51a30c724e697fbeL,
-        0x8212a10a465e6464L } },
-    /* 143 */
-    { { 0xef7c61c3cfab8caaL,0x18eb8e840e142390L,0xcd1dff677e9733caL,
-        0xaa7cab71599cb164L },
-      { 0x02fc9273bc837bd1L,0xc06407d0c36af5d7L,0x17621292f423da49L,
-        0x40e38073fe0617c3L } },
-    /* 144 */
-    { { 0xf4f80824a7bf9b7cL,0x365d23203fbe30d0L,0xbfbe532097cf9ce3L,
-        0xe3604700b3055526L },
-      { 0x4dcb99116cc6c2c7L,0x72683708ba4cbee6L,0xdcded434637ad9ecL,
-        0x6542d677a3dee15fL } },
-    /* 145 */
-    { { 0x3f32b6d07b6c377aL,0x6cb03847903448beL,0xd6fdd3a820da8af7L,
-        0xa6534aee09bb6f21L },
-      { 0x30a1780d1035facfL,0x35e55a339dcb47e6L,0x6ea50fe1c447f393L,
-        0xf3cb672fdc9aef22L } },
-    /* 146 */
-    { { 0xeb3719fe3b55fd83L,0xe0d7a46c875ddd10L,0x33ac9fa905cea784L,
-        0x7cafaa2eaae870e7L },
-      { 0x9b814d041d53b338L,0xe0acc0a0ef87e6c6L,0xfb93d10811672b0fL,
-        0x0aab13c1b9bd522eL } },
-    /* 147 */
-    { { 0xddcce278d2681297L,0xcb350eb1b509546aL,0x2dc431737661aaf2L,
-        0x4b91a602847012e9L },
-      { 0xdcff109572f8ddcfL,0x08ebf61e9a911af4L,0x48f4360ac372430eL,
-        0x49534c5372321cabL } },
-    /* 148 */
-    { { 0x83df7d71f07b7e9dL,0xa478efa313cd516fL,0x78ef264b6c047ee3L,
-        0xcaf46c4fd65ac5eeL },
-      { 0xa04d0c7792aa8266L,0xedf45466913684bbL,0x56e65168ae4b16b0L,
-        0x14ce9e5704c6770fL } },
-    /* 149 */
-    { { 0x99445e3e965e8f91L,0xd3aca1bacb0f2492L,0xd31cc70f90c8a0a0L,
-        0x1bb708a53e4c9a71L },
-      { 0xd5ca9e69558bdd7aL,0x734a0508018a26b1L,0xb093aa714c9cf1ecL,
-        0xf9d126f2da300102L } },
-    /* 150 */
-    { { 0x749bca7aaff9563eL,0xdd077afeb49914a0L,0xe27a0311bf5f1671L,
-        0x807afcb9729ecc69L },
-      { 0x7f8a9337c9b08b77L,0x86c3a785443c7e38L,0x85fafa59476fd8baL,
-        0x751adcd16568cd8cL } },
-    /* 151 */
-    { { 0x8aea38b410715c0dL,0xd113ea718f7697f7L,0x665eab1493fbf06dL,
-        0x29ec44682537743fL },
-      { 0x3d94719cb50bebbcL,0x399ee5bfe4505422L,0x90cd5b3a8d2dedb1L,
-        0xff9370e392a4077dL } },
-    /* 152 */
-    { { 0x59a2d69bc6b75b65L,0x4188f8d5266651c5L,0x28a9f33e3de9d7d2L,
-        0x9776478ba2a9d01aL },
-      { 0x8852622d929af2c7L,0x334f5d6d4e690923L,0xce6cc7e5a89a51e9L,
-        0x74a6313fac2f82faL } },
-    /* 153 */
-    { { 0xb2f4dfddb75f079cL,0x85b07c9518e36fbbL,0x1b6cfcf0e7cd36ddL,
-        0xab75be150ff4863dL },
-      { 0x81b367c0173fc9b7L,0xb90a7420d2594fd0L,0x15fdbf03c4091236L,
-        0x4ebeac2e0b4459f6L } },
-    /* 154 */
-    { { 0xeb6c5fe75c9f2c53L,0xd25220118eae9411L,0xc8887633f95ac5d8L,
-        0xdf99887b2c1baffcL },
-      { 0xbb78eed2850aaecbL,0x9d49181b01d6a272L,0x978dd511b1cdbcacL,
-        0x27b040a7779f4058L } },
-    /* 155 */
-    { { 0x90405db7f73b2eb2L,0xe0df85088e1b2118L,0x501b71525962327eL,
-        0xb393dd37e4cfa3f5L },
-      { 0xa1230e7b3fd75165L,0xd66344c2bcd33554L,0x6c36f1be0f7b5022L,
-        0x09588c12d0463419L } },
-    /* 156 */
-    { { 0xe086093f02601c3bL,0xfb0252f8cf5c335fL,0x955cf280894aff28L,
-        0x81c879a9db9f648bL },
-      { 0x040e687cc6f56c51L,0xfed471693f17618cL,0x44f88a419059353bL,
-        0xfa0d48f55fc11bc4L } },
-    /* 157 */
-    { { 0xbc6e1c9de1608e4dL,0x010dda113582822cL,0xf6b7ddc1157ec2d7L,
-        0x8ea0e156b6a367d6L },
-      { 0xa354e02f2383b3b4L,0x69966b943f01f53cL,0x4ff6632b2de03ca5L,
-        0x3f5ab924fa00b5acL } },
-    /* 158 */
-    { { 0x337bb0d959739efbL,0xc751b0f4e7ebec0dL,0x2da52dd6411a67d1L,
-        0x8bc768872b74256eL },
-      { 0xa5be3b7282d3d253L,0xa9f679a1f58d779fL,0xa1cac168e16767bbL,
-        0xb386f19060fcf34fL } },
-    /* 159 */
-    { { 0x31f3c1352fedcfc2L,0x5396bf6262f8af0dL,0x9a02b4eae57288c2L,
-        0x4cb460f71b069c4dL },
-      { 0xae67b4d35b8095eaL,0x92bbf8596fc07603L,0xe1475f66b614a165L,
-        0x52c0d50895ef5223L } },
-    /* 160 */
-    { { 0x231c210e15339848L,0xe87a28e870778c8dL,0x9d1de6616956e170L,
-        0x4ac3c9382bb09c0bL },
-      { 0x19be05516998987dL,0x8b2376c4ae09f4d6L,0x1de0b7651a3f933dL,
-        0x380d94c7e39705f4L } },
-    /* 161 */
-    { { 0x01a355aa81542e75L,0x96c724a1ee01b9b7L,0x6b3a2977624d7087L,
-        0x2ce3e171de2637afL },
-      { 0xcfefeb49f5d5bc1aL,0xa655607e2777e2b5L,0x4feaac2f9513756cL,
-        0x2e6cd8520b624e4dL } },
-    /* 162 */
-    { { 0x3685954b8c31c31dL,0x68533d005bf21a0cL,0x0bd7626e75c79ec9L,
-        0xca17754742c69d54L },
-      { 0xcc6edafff6d2dbb2L,0xfd0d8cbd174a9d18L,0x875e8793aa4578e8L,
-        0xa976a7139cab2ce6L } },
-    /* 163 */
-    { { 0x0a651f1b93fb353dL,0xd75cab8b57fcfa72L,0xaa88cfa731b15281L,
-        0x8720a7170a1f4999L },
-      { 0x8c3e8d37693e1b90L,0xd345dc0b16f6dfc3L,0x8ea8d00ab52a8742L,
-        0x9719ef29c769893cL } },
-    /* 164 */
-    { { 0x820eed8d58e35909L,0x9366d8dc33ddc116L,0xd7f999d06e205026L,
-        0xa5072976e15704c1L },
-      { 0x002a37eac4e70b2eL,0x84dcf6576890aa8aL,0xcd71bf18645b2a5cL,
-        0x99389c9df7b77725L } },
-    /* 165 */
-    { { 0x238c08f27ada7a4bL,0x3abe9d03fd389366L,0x6b672e89766f512cL,
-        0xa88806aa202c82e4L },
-      { 0x6602044ad380184eL,0xa8cb78c4126a8b85L,0x79d670c0ad844f17L,
-        0x0043bffb4738dcfeL } },
-    /* 166 */
-    { { 0x8d59b5dc36d5192eL,0xacf885d34590b2afL,0x83566d0a11601781L,
-        0x52f3ef01ba6c4866L },
-      { 0x3986732a0edcb64dL,0x0a482c238068379fL,0x16cbe5fa7040f309L,
-        0x3296bd899ef27e75L } },
-    /* 167 */
-    { { 0x476aba89454d81d7L,0x9eade7ef51eb9b3cL,0x619a21cd81c57986L,
-        0x3b90febfaee571e9L },
-      { 0x9393023e5496f7cbL,0x55be41d87fb51bc4L,0x03f1dd4899beb5ceL,
-        0x6e88069d9f810b18L } },
-    /* 168 */
-    { { 0xce37ab11b43ea1dbL,0x0a7ff1a95259d292L,0x851b02218f84f186L,
-        0xa7222beadefaad13L },
-      { 0xa2ac78ec2b0a9144L,0x5a024051f2fa59c5L,0x91d1eca56147ce38L,
-        0xbe94d523bc2ac690L } },
-    /* 169 */
-    { { 0x72f4945e0b226ce7L,0xb8afd747967e8b70L,0xedea46f185a6c63eL,
-        0x7782defe9be8c766L },
-      { 0x760d2aa43db38626L,0x460ae78776f67ad1L,0x341b86fc54499cdbL,
-        0x03838567a2892e4bL } },
-    /* 170 */
-    { { 0x2d8daefd79ec1a0fL,0x3bbcd6fdceb39c97L,0xf5575ffc58f61a95L,
-        0xdbd986c4adf7b420L },
-      { 0x81aa881415f39eb7L,0x6ee2fcf5b98d976cL,0x5465475dcf2f717dL,
-        0x8e24d3c46860bbd0L } },
-    /* 171 */
-    { { 0x749d8e549a587390L,0x12bb194f0cbec588L,0x46e07da4b25983c6L,
-        0x541a99c4407bafc8L },
-      { 0xdb241692624c8842L,0x6044c12ad86c05ffL,0xc59d14b44f7fcf62L,
-        0xc0092c49f57d35d1L } },
-    /* 172 */
-    { { 0xd3cc75c3df2e61efL,0x7e8841c82e1b35caL,0xc62d30d1909f29f4L,
-        0x75e406347286944dL },
-      { 0xe7d41fc5bbc237d0L,0xc9537bf0ec4f01c9L,0x91c51a16282bd534L,
-        0x5b7cb658c7848586L } },
-    /* 173 */
-    { { 0x964a70848a28ead1L,0x802dc508fd3b47f6L,0x9ae4bfd1767e5b39L,
-        0x7ae13eba8df097a1L },
-      { 0xfd216ef8eadd384eL,0x0361a2d9b6b2ff06L,0x204b98784bcdb5f3L,
-        0x787d8074e2a8e3fdL } },
-    /* 174 */
-    { { 0xc5e25d6b757fbb1cL,0xe47bddb2ca201debL,0x4a55e9a36d2233ffL,
-        0x5c2228199ef28484L },
-      { 0x773d4a8588315250L,0x21b21a2b827097c1L,0xab7c4ea1def5d33fL,
-        0xe45d37abbaf0f2b0L } },
-    /* 175 */
-    { { 0xd2df1e3428511c8aL,0xebb229c8bdca6cd3L,0x578a71a7627c39a7L,
-        0xed7bc12284dfb9d3L },
-      { 0xcf22a6df93dea561L,0x5443f18dd48f0ed1L,0xd8b861405bad23e8L,
-        0xaac97cc945ca6d27L } },
-    /* 176 */
-    { { 0xeb54ea74a16bd00aL,0xd839e9adf5c0bcc1L,0x092bb7f11f9bfc06L,
-        0x318f97b31163dc4eL },
-      { 0xecc0c5bec30d7138L,0x44e8df23abc30220L,0x2bb7972fb0223606L,
-        0xfa41faa19a84ff4dL } },
-    /* 177 */
-    { { 0x4402d974a6642269L,0xc81814ce9bb783bdL,0x398d38e47941e60bL,
-        0x38bb6b2c1d26e9e2L },
-      { 0xc64e4a256a577f87L,0x8b52d253dc11fe1cL,0xff336abf62280728L,
-        0x94dd0905ce7601a5L } },
-    /* 178 */
-    { { 0x156cf7dcde93f92aL,0xa01333cb89b5f315L,0x02404df9c995e750L,
-        0x92077867d25c2ae9L },
-      { 0xe2471e010bf39d44L,0x5f2c902096bb53d7L,0x4c44b7b35c9c3d8fL,
-        0x81e8428bd29beb51L } },
-    /* 179 */
-    { { 0x6dd9c2bac477199fL,0x8cb8eeee6b5ecdd9L,0x8af7db3fee40fd0eL,
-        0x1b94ab62dbbfa4b1L },
-      { 0x44f0d8b3ce47f143L,0x51e623fc63f46163L,0xf18f270fcc599383L,
-        0x06a38e28055590eeL } },
-    /* 180 */
-    { { 0x2e5b0139b3355b49L,0x20e26560b4ebf99bL,0xc08ffa6bd269f3dcL,
-        0xa7b36c2083d9d4f8L },
-      { 0x64d15c3a1b3e8830L,0xd5fceae1a89f9c0bL,0xcfeee4a2e2d16930L,
-        0xbe54c6b4a2822a20L } },
-    /* 181 */
-    { { 0xd6cdb3df8d91167cL,0x517c3f79e7a6625eL,0x7105648f346ac7f4L,
-        0xbf30a5abeae022bbL },
-      { 0x8e7785be93828a68L,0x5161c3327f3ef036L,0xe11b5feb592146b2L,
-        0xd1c820de2732d13aL } },
-    /* 182 */
-    { { 0x043e13479038b363L,0x58c11f546b05e519L,0x4fe57abe6026cad1L,
-        0xb7d17bed68a18da3L },
-      { 0x44ca5891e29c2559L,0x4f7a03765bfffd84L,0x498de4af74e46948L,
-        0x3997fd5e6412cc64L } },
-    /* 183 */
-    { { 0xf20746828bd61507L,0x29e132d534a64d2aL,0xffeddfb08a8a15e3L,
-        0x0eeb89293c6c13e8L },
-      { 0xe9b69a3ea7e259f8L,0xce1db7e6d13e7e67L,0x277318f6ad1fa685L,
-        0x228916f8c922b6efL } },
-    /* 184 */
-    { { 0x959ae25b0a12ab5bL,0xcc11171f957bc136L,0x8058429ed16e2b0cL,
-        0xec05ad1d6e93097eL },
-      { 0x157ba5beac3f3708L,0x31baf93530b59d77L,0x47b55237118234e5L,
-        0x7d3141567ff11b37L } },
-    /* 185 */
-    { { 0x7bd9c05cf6dfefabL,0xbe2f2268dcb37707L,0xe53ead973a38bb95L,
-        0xe9ce66fc9bc1d7a3L },
-      { 0x75aa15766f6a02a1L,0x38c087df60e600edL,0xf8947f3468cdc1b9L,
-        0xd9650b0172280651L } },
-    /* 186 */
-    { { 0x504b4c4a5a057e60L,0xcbccc3be8def25e4L,0xa635320817c1ccbdL,
-        0x14d6699a804eb7a2L },
-      { 0x2c8a8415db1f411aL,0x09fbaf0bf80d769cL,0xb4deef901c2f77adL,
-        0x6f4c68410d43598aL } },
-    /* 187 */
-    { { 0x8726df4e96c24a96L,0x534dbc85fcbd99a3L,0x3c466ef28b2ae30aL,
-        0x4c4350fd61189abbL },
-      { 0x2967f716f855b8daL,0x41a42394463c38a1L,0xc37e1413eae93343L,
-        0xa726d2425a3118b5L } },
-    /* 188 */
-    { { 0xdae6b3ee948c1086L,0xf1de503dcbd3a2e1L,0x3f35ed3f03d022f3L,
-        0x13639e82cc6cf392L },
-      { 0x9ac938fbcdafaa86L,0xf45bc5fb2654a258L,0x1963b26e45051329L,
-        0xca9365e1c1a335a3L } },
-    /* 189 */
-    { { 0x3615ac754c3b2d20L,0x742a5417904e241bL,0xb08521c4cc9d071dL,
-        0x9ce29c34970b72a5L },
-      { 0x8cc81f736d3e0ad6L,0x8060da9ef2f8434cL,0x35ed1d1a6ce862d9L,
-        0x48c4abd7ab42af98L } },
-    /* 190 */
-    { { 0xd221b0cc40c7485aL,0xead455bbe5274dbfL,0x493c76989263d2e8L,
-        0x78017c32f67b33cbL },
-      { 0xb9d35769930cb5eeL,0xc0d14e940c408ed2L,0xf8b7bf55272f1a4dL,
-        0x53cd0454de5c1c04L } },
-    /* 191 */
-    { { 0xbcd585fa5d28ccacL,0x5f823e56005b746eL,0x7c79f0a1cd0123aaL,
-        0xeea465c1d3d7fa8fL },
-      { 0x7810659f0551803bL,0x6c0b599f7ce6af70L,0x4195a77029288e70L,
-        0x1b6e42a47ae69193L } },
-    /* 192 */
-    { { 0x2e80937cf67d04c3L,0x1e312be289eeb811L,0x56b5d88792594d60L,
-        0x0224da14187fbd3dL },
-      { 0x87abb8630c5fe36fL,0x580f3c604ef51f5fL,0x964fb1bfb3b429ecL,
-        0x60838ef042bfff33L } },
-    /* 193 */
-    { { 0x432cb2f27e0bbe99L,0x7bda44f304aa39eeL,0x5f497c7a9fa93903L,
-        0x636eb2022d331643L },
-      { 0xfcfd0e6193ae00aaL,0x875a00fe31ae6d2fL,0xf43658a29f93901cL,
-        0x8844eeb639218bacL } },
-    /* 194 */
-    { { 0x114171d26b3bae58L,0x7db3df7117e39f3eL,0xcd37bc7f81a8eadaL,
-        0x27ba83dc51fb789eL },
-      { 0xa7df439ffbf54de5L,0x7277030bb5fe1a71L,0x42ee8e35db297a48L,
-        0xadb62d3487f3a4abL } },
-    /* 195 */
-    { { 0x9b1168a2a175df2aL,0x082aa04f618c32e9L,0xc9e4f2e7146b0916L,
-        0xb990fd7675e7c8b2L },
-      { 0x0829d96b4df37313L,0x1c205579d0b40789L,0x66c9ae4a78087711L,
-        0x81707ef94d10d18dL } },
-    /* 196 */
-    { { 0x97d7cab203d6ff96L,0x5b851bfc0d843360L,0x268823c4d042db4bL,
-        0x3792daead5a8aa5cL },
-      { 0x52818865941afa0bL,0xf3e9e74142d83671L,0x17c825275be4e0a7L,
-        0x5abd635e94b001baL } },
-    /* 197 */
-    { { 0x727fa84e0ac4927cL,0xe3886035a7c8cf23L,0xa4bcd5ea4adca0dfL,
-        0x5995bf21846ab610L },
-      { 0xe90f860b829dfa33L,0xcaafe2ae958fc18bL,0x9b3baf4478630366L,
-        0x44c32ca2d483411eL } },
-    /* 198 */
-    { { 0xa74a97f1e40ed80cL,0x5f938cb131d2ca82L,0x53f2124b7c2d6ad9L,
-        0x1f2162fb8082a54cL },
-      { 0x7e467cc5720b173eL,0x40e8a666085f12f9L,0x8cebc20e4c9d65dcL,
-        0x8f1d402bc3e907c9L } },
-    /* 199 */
-    { { 0x4f592f9cfbc4058aL,0xb15e14b6292f5670L,0xc55cfe37bc1d8c57L,
-        0xb1980f43926edbf9L },
-      { 0x98c33e0932c76b09L,0x1df5279d33b07f78L,0x6f08ead4863bb461L,
-        0x2828ad9b37448e45L } },
-    /* 200 */
-    { { 0x696722c4c4cf4ac5L,0xf5ac1a3fdde64afbL,0x0551baa2e0890832L,
-        0x4973f1275a14b390L },
-      { 0xe59d8335322eac5dL,0x5e07eef50bd9b568L,0xab36720fa2588393L,
-        0x6dac8ed0db168ac7L } },
-    /* 201 */
-    { { 0xf7b545aeeda835efL,0x4aa113d21d10ed51L,0x035a65e013741b09L,
-        0x4b23ef5920b9de4cL },
-      { 0xe82bb6803c4c7341L,0xd457706d3f58bc37L,0x73527863a51e3ee8L,
-        0x4dd71534ddf49a4eL } },
-    /* 202 */
-    { { 0xbf94467295476cd9L,0x648d072fe31a725bL,0x1441c8b8fc4b67e0L,
-        0xfd3170002f4a4dbbL },
-      { 0x1cb43ff48995d0e1L,0x76e695d10ef729aaL,0xe0d5f97641798982L,
-        0x14fac58c9569f365L } },
-    /* 203 */
-    { { 0xad9a0065f312ae18L,0x51958dc0fcc93fc9L,0xd9a142408a7d2846L,
-        0xed7c765136abda50L },
-      { 0x46270f1a25d4abbcL,0x9b5dd8f3f1a113eaL,0xc609b0755b51952fL,
-        0xfefcb7f74d2e9f53L } },
-    /* 204 */
-    { { 0xbd09497aba119185L,0xd54e8c30aac45ba4L,0x492479deaa521179L,
-        0x1801a57e87e0d80bL },
-      { 0x073d3f8dfcafffb0L,0x6cf33c0bae255240L,0x781d763b5b5fdfbcL,
-        0x9f8fc11e1ead1064L } },
-    /* 205 */
-    { { 0x1583a1715e69544cL,0x0eaf8567f04b7813L,0x1e22a8fd278a4c32L,
-        0xa9d3809d3d3a69a9L },
-      { 0x936c2c2c59a2da3bL,0x38ccbcf61895c847L,0x5e65244e63d50869L,
-        0x3006b9aee1178ef7L } },
-    /* 206 */
-    { { 0x0bb1f2b0c9eead28L,0x7eef635d89f4dfbcL,0x074757fdb2ce8939L,
-        0x0ab85fd745f8f761L },
-      { 0xecda7c933e5b4549L,0x4be2bb5c97922f21L,0x261a1274b43b8040L,
-        0xb122d67511e942c2L } },
-    /* 207 */
-    { { 0x3be607be66a5ae7aL,0x01e703fa76adcbe3L,0xaf9043014eb6e5c5L,
-        0x9f599dc1097dbaecL },
-      { 0x6d75b7180ff250edL,0x8eb91574349a20dcL,0x425605a410b227a3L,
-        0x7d5528e08a294b78L } },
-    /* 208 */
-    { { 0xf0f58f6620c26defL,0x025585ea582b2d1eL,0xfbe7d79b01ce3881L,
-        0x28ccea01303f1730L },
-      { 0xd1dabcd179644ba5L,0x1fc643e806fff0b8L,0xa60a76fc66b3e17bL,
-        0xc18baf48a1d013bfL } },
-    /* 209 */
-    { { 0x34e638c85dc4216dL,0x00c01067206142acL,0xd453a17195f5064aL,
-        0x9def809db7a9596bL },
-      { 0x41e8642e67ab8d2cL,0xb42404336237a2b6L,0x7d506a6d64c4218bL,
-        0x0357f8b068808ce5L } },
-    /* 210 */
-    { { 0x8e9dbe644cd2cc88L,0xcc61c28df0b8f39dL,0x4a309874cd30a0c8L,
-        0xe4a01add1b489887L },
-      { 0x2ed1eeacf57cd8f9L,0x1b767d3ebd594c48L,0xa7295c717bd2f787L,
-        0x466d7d79ce10cc30L } },
-    /* 211 */
-    { { 0x47d318929dada2c7L,0x4fa0a6c38f9aa27dL,0x90e4fd28820a59e1L,
-        0xc672a522451ead1aL },
-      { 0x30607cc85d86b655L,0xf0235d3bf9ad4af1L,0x99a08680571172a6L,
-        0x5e3d64faf2a67513L } },
-    /* 212 */
-    { { 0xaa6410c79b3b4416L,0xcd8fcf85eab26d99L,0x5ebff74adb656a74L,
-        0x6c8a7a95eb8e42fcL },
-      { 0x10c60ba7b02a63bdL,0x6b2f23038b8f0047L,0x8c6c3738312d90b0L,
-        0x348ae422ad82ca91L } },
-    /* 213 */
-    { { 0x7f4746635ccda2fbL,0x22accaa18e0726d2L,0x85adf782492b1f20L,
-        0xc1074de0d9ef2d2eL },
-      { 0xfcf3ce44ae9a65b3L,0xfd71e4ac05d7151bL,0xd4711f50ce6a9788L,
-        0xfbadfbdbc9e54ffcL } },
-    /* 214 */
-    { { 0x1713f1cd20a99363L,0xb915658f6cf22775L,0x968175cd24d359b2L,
-        0xb7f976b483716fcdL },
-      { 0x5758e24d5d6dbf74L,0x8d23bafd71c3af36L,0x48f477600243dfe3L,
-        0xf4d41b2ecafcc805L } },
-    /* 215 */
-    { { 0x51f1cf28fdabd48dL,0xce81be3632c078a4L,0x6ace2974117146e9L,
-        0x180824eae0160f10L },
-      { 0x0387698b66e58358L,0x63568752ce6ca358L,0x82380e345e41e6c5L,
-        0x67e5f63983cf6d25L } },
-    /* 216 */
-    { { 0xf89ccb8dcf4899efL,0x949015f09ebb44c0L,0x546f9276b2598ec9L,
-        0x9fef789a04c11fc6L },
-      { 0x6d367ecf53d2a071L,0xb10e1a7fa4519b09L,0xca6b3fb0611e2eefL,
-        0xbc80c181a99c4e20L } },
-    /* 217 */
-    { { 0x972536f8e5eb82e6L,0x1a484fc7f56cb920L,0xc78e217150b5da5eL,
-        0x49270e629f8cdf10L },
-      { 0x1a39b7bbea6b50adL,0x9a0284c1a2388ffcL,0x5403eb178107197bL,
-        0xd2ee52f961372f7fL } },
-    /* 218 */
-    { { 0xd37cd28588e0362aL,0x442fa8a78fa5d94dL,0xaff836e5a434a526L,
-        0xdfb478bee5abb733L },
-      { 0xa91f1ce7673eede6L,0xa5390ad42b5b2f04L,0x5e66f7bf5530da2fL,
-        0xd9a140b408df473aL } },
-    /* 219 */
-    { { 0x0e0221b56e8ea498L,0x623478293563ee09L,0xe06b8391335d2adeL,
-        0x760c058d623f4b1aL },
-      { 0x0b89b58cc198aa79L,0xf74890d2f07aba7fL,0x4e204110fde2556aL,
-        0x7141982d8f190409L } },
-    /* 220 */
-    { { 0x6f0a0e334d4b0f45L,0xd9280b38392a94e1L,0x3af324c6b3c61d5eL,
-        0x3af9d1ce89d54e47L },
-      { 0xfd8f798120930371L,0xeda2664c21c17097L,0x0e9545dcdc42309bL,
-        0xb1f815c373957dd6L } },
-    /* 221 */
-    { { 0x84faa78e89fec44aL,0xc8c2ae473caa4cafL,0x691c807dc1b6a624L,
-        0xa41aed141543f052L },
-      { 0x424353997d5ffe04L,0x8bacb2df625b6e20L,0x85d660be87817775L,
-        0xd6e9c1dd86fb60efL } },
-    /* 222 */
-    { { 0x3aa2e97ec6853264L,0x771533b7e2304a0bL,0x1b912bb7b8eae9beL,
-        0x9c9c6e10ae9bf8c2L },
-      { 0xa2309a59e030b74cL,0x4ed7494d6a631e90L,0x89f44b23a49b79f2L,
-        0x566bd59640fa61b6L } },
-    /* 223 */
-    { { 0x066c0118c18061f3L,0x190b25d37c83fc70L,0xf05fc8e027273245L,
-        0xcf2c7390f525345eL },
-      { 0xa09bceb410eb30cfL,0xcfd2ebba0d77703aL,0xe842c43a150ff255L,
-        0x02f517558aa20979L } },
-    /* 224 */
-    { { 0x396ef794addb7d07L,0x0b4fc74224455500L,0xfaff8eacc78aa3ceL,
-        0x14e9ada5e8d4d97dL },
-      { 0xdaa480a12f7079e2L,0x45baa3cde4b0800eL,0x01765e2d7838157dL,
-        0xa0ad4fab8e9d9ae8L } },
-    /* 225 */
-    { { 0x0bfb76214a653618L,0x1872813c31eaaa5fL,0x1553e73744949d5eL,
-        0xbcd530b86e56ed1eL },
-      { 0x169be85332e9c47bL,0xdc2776feb50059abL,0xcdba9761192bfbb4L,
-        0x909283cf6979341dL } },
-    /* 226 */
-    { { 0x67b0032476e81a13L,0x9bee1a9962171239L,0x08ed361bd32e19d6L,
-        0x35eeb7c9ace1549aL },
-      { 0x1280ae5a7e4e5bdcL,0x2dcd2cd3b6ceec6eL,0x52e4224c6e266bc1L,
-        0x9a8b2cf4448ae864L } },
-    /* 227 */
-    { { 0xf6471bf209d03b59L,0xc90e62a3b65af2abL,0xff7ff168ebd5eec9L,
-        0x6bdb60f4d4491379L },
-      { 0xdadafebc8a55bc30L,0xc79ead1610097fe0L,0x42e197414c1e3bddL,
-        0x01ec3cfd94ba08a9L } },
-    /* 228 */
-    { { 0xba6277ebdc9485c2L,0x48cc9a7922fb10c7L,0x4f61d60f70a28d8aL,
-        0xd1acb1c0475464f6L },
-      { 0xd26902b126f36612L,0x59c3a44ee0618d8bL,0x4df8a813308357eeL,
-        0x7dcd079d405626c2L } },
-    /* 229 */
-    { { 0x5ce7d4d3f05a4b48L,0xadcd295237230772L,0xd18f7971812a915aL,
-        0x0bf53589377d19b8L },
-      { 0x35ecd95a6c68ea73L,0xc7f3bbca823a584dL,0x9fb674c6f473a723L,
-        0xd28be4d9e16686fcL } },
-    /* 230 */
-    { { 0x5d2b990638fa8e4bL,0x559f186e893fd8fcL,0x3a6de2aa436fb6fcL,
-        0xd76007aa510f88ceL },
-      { 0x2d10aab6523a4988L,0xb455cf4474dd0273L,0x7f467082a3407278L,
-        0xf2b52f68b303bb01L } },
-    /* 231 */
-    { { 0x0d57eafa9835b4caL,0x2d2232fcbb669cbcL,0x8eeeb680c6643198L,
-        0xd8dbe98ecc5aed3aL },
-      { 0xcba9be3fc5a02709L,0x30be68e5f5ba1fa8L,0xfebd43cdf10ea852L,
-        0xe01593a3ee559705L } },
-    /* 232 */
-    { { 0xd3e5af50ea75a0a6L,0x512226ac57858033L,0x6fe6d50fd0176406L,
-        0xafec07b1aeb8ef06L },
-      { 0x7fb9956780bb0a31L,0x6f1af3cc37309aaeL,0x9153a15a01abf389L,
-        0xa71b93546e2dbfddL } },
-    /* 233 */
-    { { 0xbf8e12e018f593d2L,0xd1a90428a078122bL,0x150505db0ba4f2adL,
-        0x53a2005c628523d9L },
-      { 0x07c8b639e7f2b935L,0x2bff975ac182961aL,0x86bceea77518ca2cL,
-        0xbf47d19b3d588e3dL } },
-    /* 234 */
-    { { 0x672967a7dd7665d5L,0x4e3030572f2f4de5L,0x144005ae80d4903fL,
-        0x001c2c7f39c9a1b6L },
-      { 0x143a801469efc6d6L,0xc810bdaa7bc7a724L,0x5f65670ba78150a4L,
-        0xfdadf8e786ffb99bL } },
-    /* 235 */
-    { { 0xfd38cb88ffc00785L,0x77fa75913b48eb67L,0x0454d055bf368fbcL,
-        0x3a838e4d5aa43c94L },
-      { 0x561663293e97bb9aL,0x9eb93363441d94d9L,0x515591a60adb2a83L,
-        0x3cdb8257873e1da3L } },
-    /* 236 */
-    { { 0x137140a97de77eabL,0xf7e1c50d41648109L,0x762dcad2ceb1d0dfL,
-        0x5a60cc89f1f57fbaL },
-      { 0x80b3638240d45673L,0x1b82be195913c655L,0x057284b8dd64b741L,
-        0x922ff56fdbfd8fc0L } },
-    /* 237 */
-    { { 0x1b265deec9a129a1L,0xa5b1ce57cc284e04L,0x04380c46cebfbe3cL,
-        0x72919a7df6c5cd62L },
-      { 0x298f453a8fb90f9aL,0xd719c00b88e4031bL,0xe32c0e77796f1856L,
-        0x5e7917803624089aL } },
-    /* 238 */
-    { { 0x5c16ec557f63cdfbL,0x8e6a3571f1cae4fdL,0xfce26bea560597caL,
-        0x4e0a5371e24c2fabL },
-      { 0x276a40d3a5765357L,0x3c89af440d73a2b4L,0xb8f370ae41d11a32L,
-        0xf5ff7818d56604eeL } },
-    /* 239 */
-    { { 0xfbf3e3fe1a09df21L,0x26d5d28ee66e8e47L,0x2096bd0a29c89015L,
-        0xe41df0e9533f5e64L },
-      { 0x305fda40b3ba9e3fL,0xf2340ceb2604d895L,0x0866e1927f0367c7L,
-        0x8edd7d6eac4f155fL } },
-    /* 240 */
-    { { 0xc9a1dc0e0bfc8ff3L,0x14efd82be936f42fL,0x67016f7ccca381efL,
-        0x1432c1caed8aee96L },
-      { 0xec68482970b23c26L,0xa64fe8730735b273L,0xe389f6e5eaef0f5aL,
-        0xcaef480b5ac8d2c6L } },
-    /* 241 */
-    { { 0x5245c97875315922L,0xd82951713063cca5L,0xf3ce60d0b64ef2cbL,
-        0xd0ba177e8efae236L },
-      { 0x53a9ae8fb1b3af60L,0x1a796ae53d2da20eL,0x01d63605df9eef28L,
-        0xf31c957c1c54ae16L } },
-    /* 242 */
-    { { 0xc0f58d5249cc4597L,0xdc5015b0bae0a028L,0xefc5fc55734a814aL,
-        0x013404cb96e17c3aL },
-      { 0xb29e2585c9a824bfL,0xd593185e001eaed7L,0x8d6ee68261ef68acL,
-        0x6f377c4b91933e6cL } },
-    /* 243 */
-    { { 0x9f93bad1a8333fd2L,0xa89302025a2a95b8L,0x211e5037eaf75aceL,
-        0x6dba3e4ed2d09506L },
-      { 0xa48ef98cd04399cdL,0x1811c66ee6b73adeL,0x72f60752c17ecaf3L,
-        0xf13cf3423becf4a7L } },
-    /* 244 */
-    { { 0xceeb9ec0a919e2ebL,0x83a9a195f62c0f68L,0xcfba3bb67aba2299L,
-        0xc83fa9a9274bbad3L },
-      { 0x0d7d1b0b62fa1ce0L,0xe58b60f53418efbfL,0xbfa8ef9e52706f04L,
-        0xb49d70f45d702683L } },
-    /* 245 */
-    { { 0x914c7510fad5513bL,0x05f32eecb1751e2dL,0x6d850418d9fb9d59L,
-        0x59cfadbb0c30f1cfL },
-      { 0xe167ac2355cb7fd6L,0x249367b8820426a3L,0xeaeec58c90a78864L,
-        0x5babf362354a4b67L } },
-    /* 246 */
-    { { 0x37c981d1ee424865L,0x8b002878f2e5577fL,0x702970f1b9e0c058L,
-        0x6188c6a79026c8f0L },
-      { 0x06f9a19bd0f244daL,0x1ecced5cfb080873L,0x35470f9b9f213637L,
-        0x993fe475df50b9d9L } },
-    /* 247 */
-    { { 0x68e31cdf9b2c3609L,0x84eb19c02c46d4eaL,0x7ac9ec1a9a775101L,
-        0x81f764664c80616bL },
-      { 0x1d7c2a5a75fbe978L,0x6743fed3f183b356L,0x838d1f04501dd2bfL,
-        0x564a812a5fe9060dL } },
-    /* 248 */
-    { { 0x7a5a64f4fa817d1dL,0x55f96844bea82e0fL,0xb5ff5a0fcd57f9aaL,
-        0x226bf3cf00e51d6cL },
-      { 0xd6d1a9f92f2833cfL,0x20a0a35a4f4f89a8L,0x11536c498f3f7f77L,
-        0x68779f47ff257836L } },
-    /* 249 */
-    { { 0x79b0c1c173043d08L,0xa54467741fc020faL,0xd3767e289a6d26d0L,
-        0x97bcb0d1eb092e0bL },
-      { 0x2ab6eaa8f32ed3c3L,0xc8a4f151b281bc48L,0x4d1bf4f3bfa178f3L,
-        0xa872ffe80a784655L } },
-    /* 250 */
-    { { 0xb1ab7935a32b2086L,0xe1eb710e8160f486L,0x9bd0cd913b6ae6beL,
-        0x02812bfcb732a36aL },
-      { 0xa63fd7cacf605318L,0x646e5d50fdfd6d1dL,0xa1d683982102d619L,
-        0x07391cc9fe5396afL } },
-    /* 251 */
-    { { 0xc50157f08b80d02bL,0x6b8333d162877f7fL,0x7aca1af878d542aeL,
-        0x355d2adc7e6d2a08L },
-      { 0xb41f335a287386e1L,0xfd272a94f8e43275L,0x286ca2cde79989eaL,
-        0x3dc2b1e37c2a3a79L } },
-    /* 252 */
-    { { 0xd689d21c04581352L,0x0a00c825376782beL,0x203bd5909fed701fL,
-        0xc47869103ccd846bL },
-      { 0x5dba770824c768edL,0x72feea026841f657L,0x73313ed56accce0eL,
-        0xccc42968d5bb4d32L } },
-    /* 253 */
-    { { 0x94e50de13d7620b9L,0xd89a5c8a5992a56aL,0xdc007640675487c9L,
-        0xe147eb42aa4871cfL },
-      { 0x274ab4eeacf3ae46L,0xfd4936fb50350fbeL,0xdf2afe4748c840eaL,
-        0x239ac047080e96e3L } },
-    /* 254 */
-    { { 0x481d1f352bfee8d4L,0xce80b5cffa7b0fecL,0x105c4c9e2ce9af3cL,
-        0xc55fa1a3f5f7e59dL },
-      { 0x3186f14e8257c227L,0xc5b1653f342be00bL,0x09afc998aa904fb2L,
-        0x094cd99cd4f4b699L } },
-    /* 255 */
-    { { 0x8a981c84d703bebaL,0x8631d15032ceb291L,0xa445f2c9e3bd49ecL,
-        0xb90a30b642abad33L },
-      { 0xb465404fb4a5abf9L,0x004750c375db7603L,0x6f9a42ccca35d89fL,
-        0x019f8b9a1b7924f7L } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_4(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* WC_NO_CACHE_RESISTANT */
-#else
-/* The index into pre-computation table to use. */
-static const word8 recode_index_4_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_4_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<37; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 4)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 4) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_4_7[y];
-        v[i].neg = recode_neg_4_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-SP_NOINLINE static void sp_256_get_entry_65_4(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    __asm__ __volatile__ (
-        "mov	w30, #1\n\t"
-        "add	%[table], %[table], #64\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x11, x12, [%[table], #0]\n\t"
-        "ldp	x13, x14, [%[table], #16]\n\t"
-        "ldp	x15, x16, [%[table], #32]\n\t"
-        "ldp	x17, x19, [%[table], #48]\n\t"
-        "csel	x3, xzr, x11, ne\n\t"
-        "csel	x4, xzr, x12, ne\n\t"
-        "csel	x5, xzr, x13, ne\n\t"
-        "csel	x6, xzr, x14, ne\n\t"
-        "csel	x7, xzr, x15, ne\n\t"
-        "csel	x8, xzr, x16, ne\n\t"
-        "csel	x9, xzr, x17, ne\n\t"
-        "csel	x10, xzr, x19, ne\n\t"
-        "1:\n\t"
-        "add	%[table], %[table], #64\n\t"
-        "cmp	%w[idx], w30\n\t"
-        "add	w30, w30, #1\n\t"
-        "ldp	x11, x12, [%[table], #0]\n\t"
-        "ldp	x13, x14, [%[table], #16]\n\t"
-        "ldp	x15, x16, [%[table], #32]\n\t"
-        "ldp	x17, x19, [%[table], #48]\n\t"
-        "csel	x3, x3, x11, ne\n\t"
-        "csel	x4, x4, x12, ne\n\t"
-        "csel	x5, x5, x13, ne\n\t"
-        "csel	x6, x6, x14, ne\n\t"
-        "csel	x7, x7, x15, ne\n\t"
-        "csel	x8, x8, x16, ne\n\t"
-        "csel	x9, x9, x17, ne\n\t"
-        "csel	x10, x10, x19, ne\n\t"
-        "cmp	w30, #65\n\t"
-        "b.ne	1b\n\t"
-        "stp	x3, x4, [%[r], #0]\n\t"
-        "stp	x5, x6, [%[r], #16]\n\t"
-        "stp	x7, x8, [%[r], #64]\n\t"
-        "stp	x9, x10, [%[r], #80]\n\t"
-       : [table] "+r" (table)
-       : [r] "r" (r), [idx] "r" (idx)
-       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
-    );
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-static const sp_table_entry_256 p256_table[2405] = {
-    /* 0 << 0 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 0 */
-    { { 0x79e730d418a9143cL,0x75ba95fc5fedb601L,0x79fb732b77622510L,
-        0x18905f76a53755c6L },
-      { 0xddf25357ce95560aL,0x8b4ab8e4ba19e45cL,0xd2e88688dd21f325L,
-        0x8571ff1825885d85L } },
-    /* 2 << 0 */
-    { { 0x850046d410ddd64dL,0xaa6ae3c1a433827dL,0x732205038d1490d9L,
-        0xf6bb32e43dcf3a3bL },
-      { 0x2f3648d361bee1a5L,0x152cd7cbeb236ff8L,0x19a8fb0e92042dbeL,
-        0x78c577510a5b8a3bL } },
-    /* 3 << 0 */
-    { { 0xffac3f904eebc127L,0xb027f84a087d81fbL,0x66ad77dd87cbbc98L,
-        0x26936a3fb6ff747eL },
-      { 0xb04c5c1fc983a7ebL,0x583e47ad0861fe1aL,0x788208311a2ee98eL,
-        0xd5f06a29e587cc07L } },
-    /* 4 << 0 */
-    { { 0x74b0b50d46918dccL,0x4650a6edc623c173L,0x0cdaacace8100af2L,
-        0x577362f541b0176bL },
-      { 0x2d96f24ce4cbaba6L,0x17628471fad6f447L,0x6b6c36dee5ddd22eL,
-        0x84b14c394c5ab863L } },
-    /* 5 << 0 */
-    { { 0xbe1b8aaec45c61f5L,0x90ec649a94b9537dL,0x941cb5aad076c20cL,
-        0xc9079605890523c8L },
-      { 0xeb309b4ae7ba4f10L,0x73c568efe5eb882bL,0x3540a9877e7a1f68L,
-        0x73a076bb2dd1e916L } },
-    /* 6 << 0 */
-    { { 0x403947373e77664aL,0x55ae744f346cee3eL,0xd50a961a5b17a3adL,
-        0x13074b5954213673L },
-      { 0x93d36220d377e44bL,0x299c2b53adff14b5L,0xf424d44cef639f11L,
-        0xa4c9916d4a07f75fL } },
-    /* 7 << 0 */
-    { { 0x0746354ea0173b4fL,0x2bd20213d23c00f7L,0xf43eaab50c23bb08L,
-        0x13ba5119c3123e03L },
-      { 0x2847d0303f5b9d4dL,0x6742f2f25da67bddL,0xef933bdc77c94195L,
-        0xeaedd9156e240867L } },
-    /* 8 << 0 */
-    { { 0x27f14cd19499a78fL,0x462ab5c56f9b3455L,0x8f90f02af02cfc6bL,
-        0xb763891eb265230dL },
-      { 0xf59da3a9532d4977L,0x21e3327dcf9eba15L,0x123c7b84be60bbf0L,
-        0x56ec12f27706df76L } },
-    /* 9 << 0 */
-    { { 0x75c96e8f264e20e8L,0xabe6bfed59a7a841L,0x2cc09c0444c8eb00L,
-        0xe05b3080f0c4e16bL },
-      { 0x1eb7777aa45f3314L,0x56af7bedce5d45e3L,0x2b6e019a88b12f1aL,
-        0x086659cdfd835f9bL } },
-    /* 10 << 0 */
-    { { 0x2c18dbd19dc21ec8L,0x98f9868a0fcf8139L,0x737d2cd648250b49L,
-        0xcc61c94724b3428fL },
-      { 0x0c2b407880dd9e76L,0xc43a8991383fbe08L,0x5f7d2d65779be5d2L,
-        0x78719a54eb3b4ab5L } },
-    /* 11 << 0 */
-    { { 0xea7d260a6245e404L,0x9de407956e7fdfe0L,0x1ff3a4158dac1ab5L,
-        0x3e7090f1649c9073L },
-      { 0x1a7685612b944e88L,0x250f939ee57f61c8L,0x0c0daa891ead643dL,
-        0x68930023e125b88eL } },
-    /* 12 << 0 */
-    { { 0x04b71aa7d2697768L,0xabdedef5ca345a33L,0x2409d29dee37385eL,
-        0x4ee1df77cb83e156L },
-      { 0x0cac12d91cbb5b43L,0x170ed2f6ca895637L,0x28228cfa8ade6d66L,
-        0x7ff57c9553238acaL } },
-    /* 13 << 0 */
-    { { 0xccc425634b2ed709L,0x0e356769856fd30dL,0xbcbcd43f559e9811L,
-        0x738477ac5395b759L },
-      { 0x35752b90c00ee17fL,0x68748390742ed2e3L,0x7cd06422bd1f5bc1L,
-        0xfbc08769c9e7b797L } },
-    /* 14 << 0 */
-    { { 0xa242a35bb0cf664aL,0x126e48f77f9707e3L,0x1717bf54c6832660L,
-        0xfaae7332fd12c72eL },
-      { 0x27b52db7995d586bL,0xbe29569e832237c2L,0xe8e4193e2a65e7dbL,
-        0x152706dc2eaa1bbbL } },
-    /* 15 << 0 */
-    { { 0x72bcd8b7bc60055bL,0x03cc23ee56e27e4bL,0xee337424e4819370L,
-        0xe2aa0e430ad3da09L },
-      { 0x40b8524f6383c45dL,0xd766355442a41b25L,0x64efa6de778a4797L,
-        0x2042170a7079adf4L } },
-    /* 16 << 0 */
-    { { 0x808b0b650bc6fb80L,0x5882e0753ffe2e6bL,0xd5ef2f7c2c83f549L,
-        0x54d63c809103b723L },
-      { 0xf2f11bd652a23f9bL,0x3670c3194b0b6587L,0x55c4623bb1580e9eL,
-        0x64edf7b201efe220L } },
-    /* 17 << 0 */
-    { { 0x97091dcbd53c5c9dL,0xf17624b6ac0a177bL,0xb0f139752cfe2dffL,
-        0xc1a35c0a6c7a574eL },
-      { 0x227d314693e79987L,0x0575bf30e89cb80eL,0x2f4e247f0d1883bbL,
-        0xebd512263274c3d0L } },
-    /* 18 << 0 */
-    { { 0x5f3e51c856ada97aL,0x4afc964d8f8b403eL,0xa6f247ab412e2979L,
-        0x675abd1b6f80ebdaL },
-      { 0x66a2bd725e485a1dL,0x4b2a5caf8f4f0b3cL,0x2626927f1b847bbaL,
-        0x6c6fc7d90502394dL } },
-    /* 19 << 0 */
-    { { 0xfea912baa5659ae8L,0x68363aba25e1a16eL,0xb8842277752c41acL,
-        0xfe545c282897c3fcL },
-      { 0x2d36e9e7dc4c696bL,0x5806244afba977c5L,0x85665e9be39508c1L,
-        0xf720ee256d12597bL } },
-    /* 20 << 0 */
-    { { 0x8a979129d2337a31L,0x5916868f0f862bdcL,0x048099d95dd283baL,
-        0xe2d1eeb6fe5bfb4eL },
-      { 0x82ef1c417884005dL,0xa2d4ec17ffffcbaeL,0x9161c53f8aa95e66L,
-        0x5ee104e1c5fee0d0L } },
-    /* 21 << 0 */
-    { { 0x562e4cecc135b208L,0x74e1b2654783f47dL,0x6d2a506c5a3f3b30L,
-        0xecead9f4c16762fcL },
-      { 0xf29dd4b2e286e5b9L,0x1b0fadc083bb3c61L,0x7a75023e7fac29a4L,
-        0xc086d5f1c9477fa3L } },
-    /* 22 << 0 */
-    { { 0x0fc611352f6f3076L,0xc99ffa23e3912a9aL,0x6a0b0685d2f8ba3dL,
-        0xfdc777e8e93358a4L },
-      { 0x94a787bb35415f04L,0x640c2d6a4d23fea4L,0x9de917da153a35b5L,
-        0x793e8d075d5cd074L } },
-    /* 23 << 0 */
-    { { 0xf4f876532de45068L,0x37c7a7e89e2e1f6eL,0xd0825fa2a3584069L,
-        0xaf2cea7c1727bf42L },
-      { 0x0360a4fb9e4785a9L,0xe5fda49c27299f4aL,0x48068e1371ac2f71L,
-        0x83d0687b9077666fL } },
-    /* 24 << 0 */
-    { { 0x6d3883b215d02819L,0x6d0d755040dd9a35L,0x61d7cbf91d2b469fL,
-        0xf97b232f2efc3115L },
-      { 0xa551d750b24bcbc7L,0x11ea494988a1e356L,0x7669f03193cb7501L,
-        0x595dc55eca737b8aL } },
-    /* 25 << 0 */
-    { { 0xa4a319acd837879fL,0x6fc1b49eed6b67b0L,0xe395993332f1f3afL,
-        0x966742eb65432a2eL },
-      { 0x4b8dc9feb4966228L,0x96cc631243f43950L,0x12068859c9b731eeL,
-        0x7b948dc356f79968L } },
-    /* 26 << 0 */
-    { { 0x61e4ad32ed1f8008L,0xe6c9267ad8b17538L,0x1ac7c5eb857ff6fbL,
-        0x994baaa855f2fb10L },
-      { 0x84cf14e11d248018L,0x5a39898b628ac508L,0x14fde97b5fa944f5L,
-        0xed178030d12e5ac7L } },
-    /* 27 << 0 */
-    { { 0x042c2af497e2feb4L,0xd36a42d7aebf7313L,0x49d2c9eb084ffdd7L,
-        0x9f8aa54b2ef7c76aL },
-      { 0x9200b7ba09895e70L,0x3bd0c66fddb7fb58L,0x2d97d10878eb4cbbL,
-        0x2d431068d84bde31L } },
-    /* 28 << 0 */
-    { { 0x4b523eb7172ccd1fL,0x7323cb2830a6a892L,0x97082ec0cfe153ebL,
-        0xe97f6b6af2aadb97L },
-      { 0x1d3d393ed1a83da1L,0xa6a7f9c7804b2a68L,0x4a688b482d0cb71eL,
-        0xa9b4cc5f40585278L } },
-    /* 29 << 0 */
-    { { 0x5e5db46acb66e132L,0xf1be963a0d925880L,0x944a70270317b9e2L,
-        0xe266f95948603d48L },
-      { 0x98db66735c208899L,0x90472447a2fb18a3L,0x8a966939777c619fL,
-        0x3798142a2a3be21bL } },
-    /* 30 << 0 */
-    { { 0xb4241cb13298b343L,0xa3a14e49b44f65a1L,0xc5f4d6cd3ac77acdL,
-        0xd0288cb552b6fc3cL },
-      { 0xd5cc8c2f1c040abcL,0xb675511e06bf9b4aL,0xd667da379b3aa441L,
-        0x460d45ce51601f72L } },
-    /* 31 << 0 */
-    { { 0xe2f73c696755ff89L,0xdd3cf7e7473017e6L,0x8ef5689d3cf7600dL,
-        0x948dc4f8b1fc87b4L },
-      { 0xd9e9fe814ea53299L,0x2d921ca298eb6028L,0xfaecedfd0c9803fcL,
-        0xf38ae8914d7b4745L } },
-    /* 32 << 0 */
-    { { 0xd8c5fccfc5e3a3d8L,0xbefd904c4079dfbfL,0xbc6d6a58fead0197L,
-        0x39227077695532a4L },
-      { 0x09e23e6ddbef42f5L,0x7e449b64480a9908L,0x7b969c1aad9a2e40L,
-        0x6231d7929591c2a4L } },
-    /* 33 << 0 */
-    { { 0x871514560f664534L,0x85ceae7c4b68f103L,0xac09c4ae65578ab9L,
-        0x33ec6868f044b10cL },
-      { 0x6ac4832b3a8ec1f1L,0x5509d1285847d5efL,0xf909604f763f1574L,
-        0xb16c4303c32f63c4L } },
-    /* 34 << 0 */
-    { { 0xb6ab20147ca23cd3L,0xcaa7a5c6a391849dL,0x5b0673a375678d94L,
-        0xc982ddd4dd303e64L },
-      { 0xfd7b000b5db6f971L,0xbba2cb1f6f876f92L,0xc77332a33c569426L,
-        0xa159100c570d74f8L } },
-    /* 35 << 0 */
-    { { 0xfd16847fdec67ef5L,0x742ee464233e76b7L,0x0b8e4134efc2b4c8L,
-        0xca640b8642a3e521L },
-      { 0x653a01908ceb6aa9L,0x313c300c547852d5L,0x24e4ab126b237af7L,
-        0x2ba901628bb47af8L } },
-    /* 36 << 0 */
-    { { 0x3d5e58d6a8219bb7L,0xc691d0bd1b06c57fL,0x0ae4cb10d257576eL,
-        0x3569656cd54a3dc3L },
-      { 0xe5ebaebd94cda03aL,0x934e82d3162bfe13L,0x450ac0bae251a0c6L,
-        0x480b9e11dd6da526L } },
-    /* 37 << 0 */
-    { { 0x00467bc58cce08b5L,0xb636458c7f178d55L,0xc5748baea677d806L,
-        0x2763a387dfa394ebL },
-      { 0xa12b448a7d3cebb6L,0xe7adda3e6f20d850L,0xf63ebce51558462cL,
-        0x58b36143620088a8L } },
-    /* 38 << 0 */
-    { { 0x8a2cc3ca4d63c0eeL,0x512331170fe948ceL,0x7463fd85222ef33bL,
-        0xadf0c7dc7c603d6cL },
-      { 0x0ec32d3bfe7765e5L,0xccaab359bf380409L,0xbdaa84d68e59319cL,
-        0xd9a4c2809c80c34dL } },
-    /* 39 << 0 */
-    { { 0xa9d89488a059c142L,0x6f5ae714ff0b9346L,0x068f237d16fb3664L,
-        0x5853e4c4363186acL },
-      { 0xe2d87d2363c52f98L,0x2ec4a76681828876L,0x47b864fae14e7b1cL,
-        0x0c0bc0e569192408L } },
-    /* 40 << 0 */
-    { { 0xe4d7681db82e9f3eL,0x83200f0bdf25e13cL,0x8909984c66f27280L,
-        0x462d7b0075f73227L },
-      { 0xd90ba188f2651798L,0x74c6e18c36ab1c34L,0xab256ea35ef54359L,
-        0x03466612d1aa702fL } },
-    /* 41 << 0 */
-    { { 0x624d60492ed22e91L,0x6fdfe0b56f072822L,0xeeca111539ce2271L,
-        0x98100a4fdb01614fL },
-      { 0xb6b0daa2a35c628fL,0xb6f94d2ec87e9a47L,0xc67732591d57d9ceL,
-        0xf70bfeec03884a7bL } },
-    /* 42 << 0 */
-    { { 0x5fb35ccfed2bad01L,0xa155cbe31da6a5c7L,0xc2e2594c30a92f8fL,
-        0x649c89ce5bfafe43L },
-      { 0xd158667de9ff257aL,0x9b359611f32c50aeL,0x4b00b20b906014cfL,
-        0xf3a8cfe389bc7d3dL } },
-    /* 43 << 0 */
-    { { 0x4ff23ffd248a7d06L,0x80c5bfb4878873faL,0xb7d9ad9005745981L,
-        0x179c85db3db01994L },
-      { 0xba41b06261a6966cL,0x4d82d052eadce5a8L,0x9e91cd3ba5e6a318L,
-        0x47795f4f95b2dda0L } },
-    /* 44 << 0 */
-    { { 0xecfd7c1fd55a897cL,0x009194abb29110fbL,0x5f0e2046e381d3b0L,
-        0x5f3425f6a98dd291L },
-      { 0xbfa06687730d50daL,0x0423446c4b083b7fL,0x397a247dd69d3417L,
-        0xeb629f90387ba42aL } },
-    /* 45 << 0 */
-    { { 0x1ee426ccd5cd79bfL,0x0032940b946c6e18L,0x1b1e8ae057477f58L,
-        0xe94f7d346d823278L },
-      { 0xc747cb96782ba21aL,0xc5254469f72b33a5L,0x772ef6dec7f80c81L,
-        0xd73acbfe2cd9e6b5L } },
-    /* 46 << 0 */
-    { { 0x4075b5b149ee90d9L,0x785c339aa06e9ebaL,0xa1030d5babf825e0L,
-        0xcec684c3a42931dcL },
-      { 0x42ab62c9c1586e63L,0x45431d665ab43f2bL,0x57c8b2c055f7835dL,
-        0x033da338c1b7f865L } },
-    /* 47 << 0 */
-    { { 0x283c7513caa76097L,0x0a624fa936c83906L,0x6b20afec715af2c7L,
-        0x4b969974eba78bfdL },
-      { 0x220755ccd921d60eL,0x9b944e107baeca13L,0x04819d515ded93d4L,
-        0x9bbff86e6dddfd27L } },
-    /* 48 << 0 */
-    { { 0x6b34413077adc612L,0xa7496529bbd803a0L,0x1a1baaa76d8805bdL,
-        0xc8403902470343adL },
-      { 0x39f59f66175adff1L,0x0b26d7fbb7d8c5b7L,0xa875f5ce529d75e3L,
-        0x85efc7e941325cc2L } },
-    /* 49 << 0 */
-    { { 0x21950b421ff6acd3L,0xffe7048453dc6909L,0xff4cd0b228766127L,
-        0xabdbe6084fb7db2bL },
-      { 0x837c92285e1109e8L,0x26147d27f4645b5aL,0x4d78f592f7818ed8L,
-        0xd394077ef247fa36L } },
-    /* 50 << 0 */
-    { { 0x0fb9c2d0488c171aL,0xa78bfbaa13685278L,0xedfbe268d5b1fa6aL,
-        0x0dceb8db2b7eaba7L },
-      { 0xbf9e80899ae2b710L,0xefde7ae6a4449c96L,0x43b7716bcc143a46L,
-        0xd7d34194c3628c13L } },
-    /* 51 << 0 */
-    { { 0x508cec1c3b3f64c9L,0xe20bc0ba1e5edf3fL,0xda1deb852f4318d4L,
-        0xd20ebe0d5c3fa443L },
-      { 0x370b4ea773241ea3L,0x61f1511c5e1a5f65L,0x99a5e23d82681c62L,
-        0xd731e383a2f54c2dL } },
-    /* 52 << 0 */
-    { { 0x2692f36e83445904L,0x2e0ec469af45f9c0L,0x905a3201c67528b7L,
-        0x88f77f34d0e5e542L },
-      { 0xf67a8d295864687cL,0x23b92eae22df3562L,0x5c27014b9bbec39eL,
-        0x7ef2f2269c0f0f8dL } },
-    /* 53 << 0 */
-    { { 0x97359638546c4d8dL,0x5f9c3fc492f24679L,0x912e8beda8c8acd9L,
-        0xec3a318d306634b0L },
-      { 0x80167f41c31cb264L,0x3db82f6f522113f2L,0xb155bcd2dcafe197L,
-        0xfba1da5943465283L } },
-    /* 54 << 0 */
-    { { 0xa0425b8eb212cf53L,0x4f2e512ef8557c5fL,0xc1286ff925c4d56cL,
-        0xbb8a0feaee26c851L },
-      { 0xc28f70d2e7d6107eL,0x7ee0c444e76265aaL,0x3df277a41d1936b1L,
-        0x1a556e3fea9595ebL } },
-    /* 55 << 0 */
-    { { 0x258bbbf9e7305683L,0x31eea5bf07ef5be6L,0x0deb0e4a46c814c1L,
-        0x5cee8449a7b730ddL },
-      { 0xeab495c5a0182bdeL,0xee759f879e27a6b4L,0xc2cf6a6880e518caL,
-        0x25e8013ff14cf3f4L } },
-    /* 56 << 0 */
-    { { 0x8fc441407e8d7a14L,0xbb1ff3ca9556f36aL,0x6a84438514600044L,
-        0xba3f0c4a7451ae63L },
-      { 0xdfcac25b1f9af32aL,0x01e0db86b1f2214bL,0x4e9a5bc2a4b596acL,
-        0x83927681026c2c08L } },
-    /* 57 << 0 */
-    { { 0x3ec832e77acaca28L,0x1bfeea57c7385b29L,0x068212e3fd1eaf38L,
-        0xc13298306acf8cccL },
-      { 0xb909f2db2aac9e59L,0x5748060db661782aL,0xc5ab2632c79b7a01L,
-        0xda44c6c600017626L } },
-    /* 58 << 0 */
-    { { 0xf26c00e8a7ea82f0L,0x99cac80de4299aafL,0xd66fe3b67ed78be1L,
-        0x305f725f648d02cdL },
-      { 0x33ed1bc4623fb21bL,0xfa70533e7a6319adL,0x17ab562dbe5ffb3eL,
-        0x0637499456674741L } },
-    /* 59 << 0 */
-    { { 0x69d44ed65c46aa8eL,0x2100d5d3a8d063d1L,0xcb9727eaa2d17c36L,
-        0x4c2bab1b8add53b7L },
-      { 0xa084e90c15426704L,0x778afcd3a837ebeaL,0x6651f7017ce477f8L,
-        0xa062499846fb7a8bL } },
-    /* 60 << 0 */
-    { { 0xdc1e6828ed8a6e19L,0x33fc23364189d9c7L,0x026f8fe2671c39bcL,
-        0xd40c4ccdbc6f9915L },
-      { 0xafa135bbf80e75caL,0x12c651a022adff2cL,0xc40a04bd4f51ad96L,
-        0x04820109bbe4e832L } },
-    /* 61 << 0 */
-    { { 0x3667eb1a7f4c04ccL,0x59556621a9404f84L,0x71cdf6537eceb50aL,
-        0x994a44a69b8335faL },
-      { 0xd7faf819dbeb9b69L,0x473c5680eed4350dL,0xb6658466da44bba2L,
-        0x0d1bc780872bdbf3L } },
-    /* 62 << 0 */
-    { { 0xe535f175a1962f91L,0x6ed7e061ed58f5a7L,0x177aa4c02089a233L,
-        0x0dbcb03ae539b413L },
-      { 0xe3dc424ebb32e38eL,0x6472e5ef6806701eL,0xdd47ff98814be9eeL,
-        0x6b60cfff35ace009L } },
-    /* 63 << 0 */
-    { { 0xb8d3d9319ff91fe5L,0x039c4800f0518eedL,0x95c376329182cb26L,
-        0x0763a43482fc568dL },
-      { 0x707c04d5383e76baL,0xac98b930824e8197L,0x92bf7c8f91230de0L,
-        0x90876a0140959b70L } },
-    /* 64 << 0 */
-    { { 0xdb6d96f305968b80L,0x380a0913089f73b9L,0x7da70b83c2c61e01L,
-        0x95fb8394569b38c7L },
-      { 0x9a3c651280edfe2fL,0x8f726bb98faeaf82L,0x8010a4a078424bf8L,
-        0x296720440e844970L } },
-    /* 0 << 7 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 7 */
-    { { 0x63c5cb817a2ad62aL,0x7ef2b6b9ac62ff54L,0x3749bba4b3ad9db5L,
-        0xad311f2c46d5a617L },
-      { 0xb77a8087c2ff3b6dL,0xb46feaf3367834ffL,0xf8aa266d75d6b138L,
-        0xfa38d320ec008188L } },
-    /* 2 << 7 */
-    { { 0x486d8ffa696946fcL,0x50fbc6d8b9cba56dL,0x7e3d423e90f35a15L,
-        0x7c3da195c0dd962cL },
-      { 0xe673fdb03cfd5d8bL,0x0704b7c2889dfca5L,0xf6ce581ff52305aaL,
-        0x399d49eb914d5e53L } },
-    /* 3 << 7 */
-    { { 0x380a496d6ec293cdL,0x733dbda78e7051f5L,0x037e388db849140aL,
-        0xee4b32b05946dbf6L },
-      { 0xb1c4fda9cae368d1L,0x5001a7b0fdb0b2f3L,0x6df593742e3ac46eL,
-        0x4af675f239b3e656L } },
-    /* 4 << 7 */
-    { { 0x44e3811039949296L,0x5b63827b361db1b5L,0x3e5323ed206eaff5L,
-        0x942370d2c21f4290L },
-      { 0xf2caaf2ee0d985a1L,0x192cc64b7239846dL,0x7c0b8f47ae6312f8L,
-        0x7dc61f9196620108L } },
-    /* 5 << 7 */
-    { { 0xb830fb5bc2da7de9L,0xd0e643df0ff8d3beL,0x31ee77ba188a9641L,
-        0x4e8aa3aabcf6d502L },
-      { 0xf9fb65329a49110fL,0xd18317f62dd6b220L,0x7e3ced4152c3ea5aL,
-        0x0d296a147d579c4aL } },
-    /* 6 << 7 */
-    { { 0x35d6a53eed4c3717L,0x9f8240cf3d0ed2a3L,0x8c0d4d05e5543aa5L,
-        0x45d5bbfbdd33b4b4L },
-      { 0xfa04cc73137fd28eL,0x862ac6efc73b3ffdL,0x403ff9f531f51ef2L,
-        0x34d5e0fcbc73f5a2L } },
-    /* 7 << 7 */
-    { { 0xf252682008913f4fL,0xea20ed61eac93d95L,0x51ed38b46ca6b26cL,
-        0x8662dcbcea4327b0L },
-      { 0x6daf295c725d2aaaL,0xbad2752f8e52dcdaL,0x2210e7210b17daccL,
-        0xa37f7912d51e8232L } },
-    /* 8 << 7 */
-    { { 0x4f7081e144cc3addL,0xd5ffa1d687be82cfL,0x89890b6c0edd6472L,
-        0xada26e1a3ed17863L },
-      { 0x276f271563483caaL,0xe6924cd92f6077fdL,0x05a7fe980a466e3cL,
-        0xf1c794b0b1902d1fL } },
-    /* 9 << 7 */
-    { { 0xe521368882a8042cL,0xd931cfafcd278298L,0x069a0ae0f597a740L,
-        0x0adbb3f3eb59107cL },
-      { 0x983e951e5eaa8eb8L,0xe663a8b511b48e78L,0x1631cc0d8a03f2c5L,
-        0x7577c11e11e271e2L } },
-    /* 10 << 7 */
-    { { 0x33b2385c08369a90L,0x2990c59b190eb4f8L,0x819a6145c68eac80L,
-        0x7a786d622ec4a014L },
-      { 0x33faadbe20ac3a8dL,0x31a217815aba2d30L,0x209d2742dba4f565L,
-        0xdb2ce9e355aa0fbbL } },
-    /* 11 << 7 */
-    { { 0x8cef334b168984dfL,0xe81dce1733879638L,0xf6e6949c263720f0L,
-        0x5c56feaff593cbecL },
-      { 0x8bff5601fde58c84L,0x74e241172eccb314L,0xbcf01b614c9a8a78L,
-        0xa233e35e544c9868L } },
-    /* 12 << 7 */
-    { { 0xb3156bf38bd7aff1L,0x1b5ee4cb1d81b146L,0x7ba1ac41d628a915L,
-        0x8f3a8f9cfd89699eL },
-      { 0x7329b9c9a0748be7L,0x1d391c95a92e621fL,0xe51e6b214d10a837L,
-        0xd255f53a4947b435L } },
-    /* 13 << 7 */
-    { { 0x07669e04f1788ee3L,0xc14f27afa86938a2L,0x8b47a334e93a01c0L,
-        0xff627438d9366808L },
-      { 0x7a0985d8ca2a5965L,0x3d9a5542d6e9b9b3L,0xc23eb80b4cf972e8L,
-        0x5c1c33bb4fdf72fdL } },
-    /* 14 << 7 */
-    { { 0x0c4a58d474a86108L,0xf8048a8fee4c5d90L,0xe3c7c924e86d4c80L,
-        0x28c889de056a1e60L },
-      { 0x57e2662eb214a040L,0xe8c48e9837e10347L,0x8774286280ac748aL,
-        0xf1c24022186b06f2L } },
-    /* 15 << 7 */
-    { { 0xac2dd4c35f74040aL,0x409aeb71fceac957L,0x4fbad78255c4ec23L,
-        0xb359ed618a7b76ecL },
-      { 0x12744926ed6f4a60L,0xe21e8d7f4b912de3L,0xe2575a59fc705a59L,
-        0x72f1d4deed2dbc0eL } },
-    /* 16 << 7 */
-    { { 0x3d2b24b9eb7926b8L,0xbff88cb3cdbe5509L,0xd0f399afe4dd640bL,
-        0x3c5fe1302f76ed45L },
-      { 0x6f3562f43764fb3dL,0x7b5af3183151b62dL,0xd5bd0bc7d79ce5f3L,
-        0xfdaf6b20ec66890fL } },
-    /* 17 << 7 */
-    { { 0x735c67ec6063540cL,0x50b259c2e5f9cb8fL,0xb8734f9a3f99c6abL,
-        0xf8cc13d5a3a7bc85L },
-      { 0x80c1b305c5217659L,0xfe5364d44ec12a54L,0xbd87045e681345feL,
-        0x7f8efeb1582f897fL } },
-    /* 18 << 7 */
-    { { 0xe8cbf1e5d5923359L,0xdb0cea9d539b9fb0L,0x0c5b34cf49859b98L,
-        0x5e583c56a4403cc6L },
-      { 0x11fc1a2dd48185b7L,0xc93fbc7e6e521787L,0x47e7a05805105b8bL,
-        0x7b4d4d58db8260c8L } },
-    /* 19 << 7 */
-    { { 0xe33930b046eb842aL,0x8e844a9a7bdae56dL,0x34ef3a9e13f7fdfcL,
-        0xb3768f82636ca176L },
-      { 0x2821f4e04e09e61cL,0x414dc3a1a0c7cddcL,0xd537943754945fcdL,
-        0x151b6eefb3555ff1L } },
-    /* 20 << 7 */
-    { { 0xb31bd6136339c083L,0x39ff8155dfb64701L,0x7c3388d2e29604abL,
-        0x1e19084ba6b10442L },
-      { 0x17cf54c0eccd47efL,0x896933854a5dfb30L,0x69d023fb47daf9f6L,
-        0x9222840b7d91d959L } },
-    /* 21 << 7 */
-    { { 0x439108f5803bac62L,0x0b7dd91d379bd45fL,0xd651e827ca63c581L,
-        0x5c5d75f6509c104fL },
-      { 0x7d5fc7381f2dc308L,0x20faa7bfd98454beL,0x95374beea517b031L,
-        0xf036b9b1642692acL } },
-    /* 22 << 7 */
-    { { 0xc510610939842194L,0xb7e2353e49d05295L,0xfc8c1d5cefb42ee0L,
-        0xe04884eb08ce811cL },
-      { 0xf1f75d817419f40eL,0x5b0ac162a995c241L,0x120921bbc4c55646L,
-        0x713520c28d33cf97L } },
-    /* 23 << 7 */
-    { { 0xb4a65a5ce98c5100L,0x6cec871d2ddd0f5aL,0x251f0b7f9ba2e78bL,
-        0x224a8434ce3a2a5fL },
-      { 0x26827f6125f5c46fL,0x6a22bedc48545ec0L,0x25ae5fa0b1bb5cdcL,
-        0xd693682ffcb9b98fL } },
-    /* 24 << 7 */
-    { { 0x32027fe891e5d7d3L,0xf14b7d1773a07678L,0xf88497b3c0dfdd61L,
-        0xf7c2eec02a8c4f48L },
-      { 0xaa5573f43756e621L,0xc013a2401825b948L,0x1c03b34563878572L,
-        0xa0472bea653a4184L } },
-    /* 25 << 7 */
-    { { 0xf4222e270ac69a80L,0x34096d25f51e54f6L,0x00a648cb8fffa591L,
-        0x4e87acdc69b6527fL },
-      { 0x0575e037e285ccb4L,0x188089e450ddcf52L,0xaa96c9a8870ff719L,
-        0x74a56cd81fc7e369L } },
-    /* 26 << 7 */
-    { { 0x41d04ee21726931aL,0x0bbbb2c83660ecfdL,0xa6ef6de524818e18L,
-        0xe421cc51e7d57887L },
-      { 0xf127d208bea87be6L,0x16a475d3b1cdd682L,0x9db1b684439b63f7L,
-        0x5359b3dbf0f113b6L } },
-    /* 27 << 7 */
-    { { 0xdfccf1de8bf06e31L,0x1fdf8f44dd383901L,0x10775cad5017e7d2L,
-        0xdfc3a59758d11eefL },
-      { 0x6ec9c8a0b1ecff10L,0xee6ed6cc28400549L,0xb5ad7bae1b4f8d73L,
-        0x61b4f11de00aaab9L } },
-    /* 28 << 7 */
-    { { 0x7b32d69bd4eff2d7L,0x88ae67714288b60fL,0x159461b437a1e723L,
-        0x1f3d4789570aae8cL },
-      { 0x869118c07f9871daL,0x35fbda78f635e278L,0x738f3641e1541dacL,
-        0x6794b13ac0dae45fL } },
-    /* 29 << 7 */
-    { { 0x065064ac09cc0917L,0x27c53729c68540fdL,0x0d2d4c8eef227671L,
-        0xd23a9f80a1785a04L },
-      { 0x98c5952852650359L,0xfa09ad0174a1acadL,0x082d5a290b55bf5cL,
-        0xa40f1c67419b8084L } },
-    /* 30 << 7 */
-    { { 0x3a5c752edcc18770L,0x4baf1f2f8825c3a5L,0xebd63f7421b153edL,
-        0xa2383e47b2f64723L },
-      { 0xe7bf620a2646d19aL,0x56cb44ec03c83ffdL,0xaf7267c94f6be9f1L,
-        0x8b2dfd7bc06bb5e9L } },
-    /* 31 << 7 */
-    { { 0xb87072f2a672c5c7L,0xeacb11c80d53c5e2L,0x22dac29dff435932L,
-        0x37bdb99d4408693cL },
-      { 0xf6e62fb62899c20fL,0x3535d512447ece24L,0xfbdc6b88ff577ce3L,
-        0x726693bd190575f2L } },
-    /* 32 << 7 */
-    { { 0x6772b0e5ab4b35a2L,0x1d8b6001f5eeaacfL,0x728f7ce4795b9580L,
-        0x4a20ed2a41fb81daL },
-      { 0x9f685cd44fec01e6L,0x3ed7ddcca7ff50adL,0x460fd2640c2d97fdL,
-        0x3a241426eb82f4f9L } },
-    /* 33 << 7 */
-    { { 0x17d1df2c6a8ea820L,0xb2b50d3bf22cc254L,0x03856cbab7291426L,
-        0x87fd26ae04f5ee39L },
-      { 0x9cb696cc02bee4baL,0x5312180406820fd6L,0xa5dfc2690212e985L,
-        0x666f7ffa160f9a09L } },
-    /* 34 << 7 */
-    { { 0xc503cd33bccd9617L,0x365dede4ba7730a3L,0x798c63555ddb0786L,
-        0xa6c3200efc9cd3bcL },
-      { 0x060ffb2ce5e35efdL,0x99a4e25b5555a1c1L,0x11d95375f70b3751L,
-        0x0a57354a160e1bf6L } },
-    /* 35 << 7 */
-    { { 0xecb3ae4bf8e4b065L,0x07a834c42e53022bL,0x1cd300b38692ed96L,
-        0x16a6f79261ee14ecL },
-      { 0x8f1063c66a8649edL,0xfbcdfcfe869f3e14L,0x2cfb97c100a7b3ecL,
-        0xcea49b3c7130c2f1L } },
-    /* 36 << 7 */
-    { { 0x462d044fe9d96488L,0x4b53d52e8182a0c1L,0x84b6ddd30391e9e9L,
-        0x80ab7b48b1741a09L },
-      { 0xec0e15d427d3317fL,0x8dfc1ddb1a64671eL,0x93cc5d5fd49c5b92L,
-        0xc995d53d3674a331L } },
-    /* 37 << 7 */
-    { { 0x302e41ec090090aeL,0x2278a0ccedb06830L,0x1d025932fbc99690L,
-        0x0c32fbd2b80d68daL },
-      { 0xd79146daf341a6c1L,0xae0ba1391bef68a0L,0xc6b8a5638d774b3aL,
-        0x1cf307bd880ba4d7L } },
-    /* 38 << 7 */
-    { { 0xc033bdc719803511L,0xa9f97b3b8888c3beL,0x3d68aebc85c6d05eL,
-        0xc3b88a9d193919ebL },
-      { 0x2d300748c48b0ee3L,0x7506bc7c07a746c1L,0xfc48437c6e6d57f3L,
-        0x5bd71587cfeaa91aL } },
-    /* 39 << 7 */
-    { { 0xa4ed0408c1bc5225L,0xd0b946db2719226dL,0x109ecd62758d2d43L,
-        0x75c8485a2751759bL },
-      { 0xb0b75f499ce4177aL,0x4fa61a1e79c10c3dL,0xc062d300a167fcd7L,
-        0x4df3874c750f0fa8L } },
-    /* 40 << 7 */
-    { { 0x29ae2cf983dfedc9L,0xf84371348d87631aL,0xaf5717117429c8d2L,
-        0x18d15867146d9272L },
-      { 0x83053ecf69769bb7L,0xc55eb856c479ab82L,0x5ef7791c21b0f4b2L,
-        0xaa5956ba3d491525L } },
-    /* 41 << 7 */
-    { { 0x407a96c29fe20ebaL,0xf27168bbe52a5ad3L,0x43b60ab3bf1d9d89L,
-        0xe45c51ef710e727aL },
-      { 0xdfca5276099b4221L,0x8dc6407c2557a159L,0x0ead833591035895L,
-        0x0a9db9579c55dc32L } },
-    /* 42 << 7 */
-    { { 0xe40736d3df61bc76L,0x13a619c03f778cdbL,0x6dd921a4c56ea28fL,
-        0x76a524332fa647b4L },
-      { 0x23591891ac5bdc5dL,0xff4a1a72bac7dc01L,0x9905e26162df8453L,
-        0x3ac045dfe63b265fL } },
-    /* 43 << 7 */
-    { { 0x8a3f341bad53dba7L,0x8ec269cc837b625aL,0xd71a27823ae31189L,
-        0x8fb4f9a355e96120L },
-      { 0x804af823ff9875cfL,0x23224f575d442a9bL,0x1c4d3b9eecc62679L,
-        0x91da22fba0e7ddb1L } },
-    /* 44 << 7 */
-    { { 0xa370324d6c04a661L,0x9710d3b65e376d17L,0xed8c98f03044e357L,
-        0xc364ebbe6422701cL },
-      { 0x347f5d517733d61cL,0xd55644b9cea826c3L,0x80c6e0ad55a25548L,
-        0x0aa7641d844220a7L } },
-    /* 45 << 7 */
-    { { 0x1438ec8131810660L,0x9dfa6507de4b4043L,0x10b515d8cc3e0273L,
-        0x1b6066dd28d8cfb2L },
-      { 0xd3b045919c9efebdL,0x425d4bdfa21c1ff4L,0x5fe5af19d57607d3L,
-        0xbbf773f754481084L } },
-    /* 46 << 7 */
-    { { 0x8435bd6994b03ed1L,0xd9ad1de3634cc546L,0x2cf423fc00e420caL,
-        0xeed26d80a03096ddL },
-      { 0xd7f60be7a4db09d2L,0xf47f569d960622f7L,0xe5925fd77296c729L,
-        0xeff2db2626ca2715L } },
-    /* 47 << 7 */
-    { { 0xa6fcd014b913e759L,0x53da47868ff4de93L,0x14616d79c32068e1L,
-        0xb187d664ccdf352eL },
-      { 0xf7afb6501dc90b59L,0x8170e9437daa1b26L,0xc8e3bdd8700c0a84L,
-        0x6e8d345f6482bdfaL } },
-    /* 48 << 7 */
-    { { 0x84cfbfa1c5c5ea50L,0xd3baf14c67960681L,0x263984030dd50942L,
-        0xe4b7839c4716a663L },
-      { 0xd5f1f794e7de6dc0L,0x5cd0f4d4622aa7ceL,0x5295f3f159acfeecL,
-        0x8d933552953e0607L } },
-    /* 49 << 7 */
-    { { 0xc7db8ec5776c5722L,0xdc467e622b5f290cL,0xd4297e704ff425a9L,
-        0x4be924c10cf7bb72L },
-      { 0x0d5dc5aea1892131L,0x8bf8a8e3a705c992L,0x73a0b0647a305ac5L,
-        0x00c9ca4e9a8c77a8L } },
-    /* 50 << 7 */
-    { { 0x5dfee80f83774bddL,0x6313160285734485L,0xa1b524ae914a69a9L,
-        0xebc2ffafd4e300d7L },
-      { 0x52c93db77cfa46a5L,0x71e6161f21653b50L,0x3574fc57a4bc580aL,
-        0xc09015dde1bc1253L } },
-    /* 51 << 7 */
-    { { 0x4b7b47b2d174d7aaL,0x4072d8e8f3a15d04L,0xeeb7d47fd6fa07edL,
-        0x6f2b9ff9edbdafb1L },
-      { 0x18c516153760fe8aL,0x7a96e6bff06c6c13L,0x4d7a04100ea2d071L,
-        0xa1914e9b0be2a5ceL } },
-    /* 52 << 7 */
-    { { 0x5726e357d8a3c5cfL,0x1197ecc32abb2b13L,0x6c0d7f7f31ae88ddL,
-        0x15b20d1afdbb3efeL },
-      { 0xcd06aa2670584039L,0x2277c969a7dc9747L,0xbca695877855d815L,
-        0x899ea2385188b32aL } },
-    /* 53 << 7 */
-    { { 0x37d9228b760c1c9dL,0xc7efbb119b5c18daL,0x7f0d1bc819f6dbc5L,
-        0x4875384b07e6905bL },
-      { 0xc7c50baa3ba8cd86L,0xb0ce40fbc2905de0L,0x708406737a231952L,
-        0xa912a262cf43de26L } },
-    /* 54 << 7 */
-    { { 0x9c38ddcceb5b76c1L,0x746f528526fc0ab4L,0x52a63a50d62c269fL,
-        0x60049c5599458621L },
-      { 0xe7f48f823c2f7c9eL,0x6bd99043917d5cf3L,0xeb1317a88701f469L,
-        0xbd3fe2ed9a449fe0L } },
-    /* 55 << 7 */
-    { { 0x421e79ca12ef3d36L,0x9ee3c36c3e7ea5deL,0xe48198b5cdff36f7L,
-        0xaff4f967c6b82228L },
-      { 0x15e19dd0c47adb7eL,0x45699b23032e7dfaL,0x40680c8b1fae026aL,
-        0x5a347a48550dbf4dL } },
-    /* 56 << 7 */
-    { { 0xe652533b3cef0d7dL,0xd94f7b182bbb4381L,0x838752be0e80f500L,
-        0x8e6e24889e9c9bfbL },
-      { 0xc975169716caca6aL,0x866c49d838531ad9L,0xc917e2397151ade1L,
-        0x2d016ec16037c407L } },
-    /* 57 << 7 */
-    { { 0xa407ccc900eac3f9L,0x835f6280e2ed4748L,0xcc54c3471cc98e0dL,
-        0x0e969937dcb572ebL },
-      { 0x1b16c8e88f30c9cbL,0xa606ae75373c4661L,0x47aa689b35502cabL,
-        0xf89014ae4d9bb64fL } },
-    /* 58 << 7 */
-    { { 0x202f6a9c31c71f7bL,0x01f95aa3296ffe5cL,0x5fc0601453cec3a3L,
-        0xeb9912375f498a45L },
-      { 0xae9a935e5d91ba87L,0xc6ac62810b564a19L,0x8a8fe81c3bd44e69L,
-        0x7c8b467f9dd11d45L } },
-    /* 59 << 7 */
-    { { 0xf772251fea5b8e69L,0xaeecb3bdc5b75fbcL,0x1aca3331887ff0e5L,
-        0xbe5d49ff19f0a131L },
-      { 0x582c13aae5c8646fL,0xdbaa12e820e19980L,0x8f40f31af7abbd94L,
-        0x1f13f5a81dfc7663L } },
-    /* 60 << 7 */
-    { { 0x5d81f1eeaceb4fc0L,0x362560025e6f0f42L,0x4b67d6d7751370c8L,
-        0x2608b69803e80589L },
-      { 0xcfc0d2fc05268301L,0xa6943d3940309212L,0x192a90c21fd0e1c2L,
-        0xb209f11337f1dc76L } },
-    /* 61 << 7 */
-    { { 0xefcc5e0697bf1298L,0xcbdb6730219d639eL,0xd009c116b81e8c6fL,
-        0xa3ffdde31a7ce2e5L },
-      { 0xc53fbaaaa914d3baL,0x836d500f88df85eeL,0xd98dc71b66ee0751L,
-        0x5a3d7005714516fdL } },
-    /* 62 << 7 */
-    { { 0x21d3634d39eedbbaL,0x35cd2e680455a46dL,0xc8cafe65f9d7eb0cL,
-        0xbda3ce9e00cefb3eL },
-      { 0xddc17a602c9cf7a4L,0x01572ee47bcb8773L,0xa92b2b018c7548dfL,
-        0x732fd309a84600e3L } },
-    /* 63 << 7 */
-    { { 0xe22109c716543a40L,0x9acafd36fede3c6cL,0xfb2068526824e614L,
-        0x2a4544a9da25dca0L },
-      { 0x2598526291d60b06L,0x281b7be928753545L,0xec667b1a90f13b27L,
-        0x33a83aff940e2eb4L } },
-    /* 64 << 7 */
-    { { 0x80009862d5d721d5L,0x0c3357a35bd3a182L,0x27f3a83b7aa2cda4L,
-        0xb58ae74ef6f83085L },
-      { 0x2a911a812e6dad6bL,0xde286051f43d6c5bL,0x4bdccc41f996c4d8L,
-        0xe7312ec00ae1e24eL } },
-    /* 0 << 14 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 14 */
-    { { 0xf8d112e76e6485b3L,0x4d3e24db771c52f8L,0x48e3ee41684a2f6dL,
-        0x7161957d21d95551L },
-      { 0x19631283cdb12a6cL,0xbf3fa8822e50e164L,0xf6254b633166cc73L,
-        0x3aefa7aeaee8cc38L } },
-    /* 2 << 14 */
-    { { 0x79b0fe623b36f9fdL,0x26543b23fde19fc0L,0x136e64a0958482efL,
-        0x23f637719b095825L },
-      { 0x14cfd596b6a1142eL,0x5ea6aac6335aac0bL,0x86a0e8bdf3081dd5L,
-        0x5fb89d79003dc12aL } },
-    /* 3 << 14 */
-    { { 0xf615c33af72e34d4L,0x0bd9ea40110eec35L,0x1c12bc5bc1dea34eL,
-        0x686584c949ae4699L },
-      { 0x13ad95d38c97b942L,0x4609561a4e5c7562L,0x9e94a4aef2737f89L,
-        0xf57594c6371c78b6L } },
-    /* 4 << 14 */
-    { { 0x0f0165fce3779ee3L,0xe00e7f9dbd495d9eL,0x1fa4efa220284e7aL,
-        0x4564bade47ac6219L },
-      { 0x90e6312ac4708e8eL,0x4f5725fba71e9adfL,0xe95f55ae3d684b9fL,
-        0x47f7ccb11e94b415L } },
-    /* 5 << 14 */
-    { { 0x7322851b8d946581L,0xf0d13133bdf4a012L,0xa3510f696584dae0L,
-        0x03a7c1713c9f6c6dL },
-      { 0x5be97f38e475381aL,0xca1ba42285823334L,0xf83cc5c70be17ddaL,
-        0x158b14940b918c0fL } },
-    /* 6 << 14 */
-    { { 0xda3a77e5522e6b69L,0x69c908c3bbcd6c18L,0x1f1b9e48d924fd56L,
-        0x37c64e36aa4bb3f7L },
-      { 0x5a4fdbdfee478d7dL,0xba75c8bc0193f7a0L,0x84bc1e8456cd16dfL,
-        0x1fb08f0846fad151L } },
-    /* 7 << 14 */
-    { { 0x8a7cabf9842e9f30L,0xa331d4bf5eab83afL,0xd272cfba017f2a6aL,
-        0x27560abc83aba0e3L },
-      { 0x94b833870e3a6b75L,0x25c6aea26b9f50f5L,0x803d691db5fdf6d0L,
-        0x03b77509e6333514L } },
-    /* 8 << 14 */
-    { { 0x3617890361a341c1L,0x3604dc600cfd6142L,0x022295eb8533316cL,
-        0x3dbde4ac44af2922L },
-      { 0x898afc5d1c7eef69L,0x58896805d14f4fa1L,0x05002160203c21caL,
-        0x6f0d1f3040ef730bL } },
-    /* 9 << 14 */
-    { { 0x8e8c44d4196224f8L,0x75a4ab95374d079dL,0x79085ecc7d48f123L,
-        0x56f04d311bf65ad8L },
-      { 0xe220bf1cbda602b2L,0x73ee1742f9612c69L,0x76008fc8084fd06bL,
-        0x4000ef9ff11380d1L } },
-    /* 10 << 14 */
-    { { 0x48201b4b12cfe297L,0x3eee129c292f74e5L,0xe1fe114ec9e874e8L,
-        0x899b055c92c5fc41L },
-      { 0x4e477a643a39c8cfL,0x82f09efe78963cc9L,0x6fd3fd8fd333f863L,
-        0x85132b2adc949c63L } },
-    /* 11 << 14 */
-    { { 0x7e06a3ab516eb17bL,0x73bec06fd2c7372bL,0xe4f74f55ba896da6L,
-        0xbb4afef88e9eb40fL },
-      { 0x2d75bec8e61d66b0L,0x02bda4b4ef29300bL,0x8bbaa8de026baa5aL,
-        0xff54befda07f4440L } },
-    /* 12 << 14 */
-    { { 0xbd9b8b1dbe7a2af3L,0xec51caa94fb74a72L,0xb9937a4b63879697L,
-        0x7c9a9d20ec2687d5L },
-      { 0x1773e44f6ef5f014L,0x8abcf412e90c6900L,0x387bd0228142161eL,
-        0x50393755fcb6ff2aL } },
-    /* 13 << 14 */
-    { { 0x9813fd56ed6def63L,0x53cf64827d53106cL,0x991a35bd431f7ac1L,
-        0xf1e274dd63e65fafL },
-      { 0xf63ffa3c44cc7880L,0x411a426b7c256981L,0xb698b9fd93a420e0L,
-        0x89fdddc0ae53f8feL } },
-    /* 14 << 14 */
-    { { 0x766e072232398baaL,0x205fee425cfca031L,0xa49f53417a029cf2L,
-        0xa88c68b84023890dL },
-      { 0xbc2750417337aaa8L,0x9ed364ad0eb384f4L,0xe0816f8529aba92fL,
-        0x2e9e194104e38a88L } },
-    /* 15 << 14 */
-    { { 0x57eef44a3dafd2d5L,0x35d1fae597ed98d8L,0x50628c092307f9b1L,
-        0x09d84aaed6cba5c6L },
-      { 0x67071bc788aaa691L,0x2dea57a9afe6cb03L,0xdfe11bb43d78ac01L,
-        0x7286418c7fd7aa51L } },
-    /* 16 << 14 */
-    { { 0xfabf770977f7195aL,0x8ec86167adeb838fL,0xea1285a8bb4f012dL,
-        0xd68835039a3eab3fL },
-      { 0xee5d24f8309004c2L,0xa96e4b7613ffe95eL,0x0cdffe12bd223ea4L,
-        0x8f5c2ee5b6739a53L } },
-    /* 17 << 14 */
-    { { 0x5cb4aaa5dd968198L,0xfa131c5272413a6cL,0x53d46a909536d903L,
-        0xb270f0d348606d8eL },
-      { 0x518c7564a053a3bcL,0x088254b71a86caefL,0xb3ba8cb40ab5efd0L,
-        0x5c59900e4605945dL } },
-    /* 18 << 14 */
-    { { 0xecace1dda1887395L,0x40960f36932a65deL,0x9611ff5c3aa95529L,
-        0xc58215b07c1e5a36L },
-      { 0xd48c9b58f0e1a524L,0xb406856bf590dfb8L,0xc7605e049cd95662L,
-        0x0dd036eea33ecf82L } },
-    /* 19 << 14 */
-    { { 0xa50171acc33156b3L,0xf09d24ea4a80172eL,0x4e1f72c676dc8eefL,
-        0xe60caadc5e3d44eeL },
-      { 0x006ef8a6979b1d8fL,0x60908a1c97788d26L,0x6e08f95b266feec0L,
-        0x618427c222e8c94eL } },
-    /* 20 << 14 */
-    { { 0x3d61333959145a65L,0xcd9bc368fa406337L,0x82d11be32d8a52a0L,
-        0xf6877b2797a1c590L },
-      { 0x837a819bf5cbdb25L,0x2a4fd1d8de090249L,0x622a7de774990e5fL,
-        0x840fa5a07945511bL } },
-    /* 21 << 14 */
-    { { 0x30b974be6558842dL,0x70df8c6417f3d0a6L,0x7c8035207542e46dL,
-        0x7251fe7fe4ecc823L },
-      { 0xe59134cb5e9aac9aL,0x11bb0934f0045d71L,0x53e5d9b5dbcb1d4eL,
-        0x8d97a90592defc91L } },
-    /* 22 << 14 */
-    { { 0xfe2893277946d3f9L,0xe132bd2407472273L,0xeeeb510c1eb6ae86L,
-        0x777708c5f0595067L },
-      { 0x18e2c8cd1297029eL,0x2c61095cbbf9305eL,0xe466c2586b85d6d9L,
-        0x8ac06c36da1ea530L } },
-    /* 23 << 14 */
-    { { 0xa365dc39a1304668L,0xe4a9c88507f89606L,0x65a4898facc7228dL,
-        0x3e2347ff84ca8303L },
-      { 0xa5f6fb77ea7d23a3L,0x2fac257d672a71cdL,0x6908bef87e6a44d3L,
-        0x8ff87566891d3d7aL } },
-    /* 24 << 14 */
-    { { 0xe58e90b36b0cf82eL,0x6438d2462615b5e7L,0x07b1f8fc669c145aL,
-        0xb0d8b2da36f1e1cbL },
-      { 0x54d5dadbd9184c4dL,0x3dbb18d5f93d9976L,0x0a3e0f56d1147d47L,
-        0x2afa8c8da0a48609L } },
-    /* 25 << 14 */
-    { { 0x275353e8bc36742cL,0x898f427eeea0ed90L,0x26f4947e3e477b00L,
-        0x8ad8848a308741e3L },
-      { 0x6c703c38d74a2a46L,0x5e3e05a99ba17ba2L,0xc1fa6f664ab9a9e4L,
-        0x474a2d9a3841d6ecL } },
-    /* 26 << 14 */
-    { { 0x871239ad653ae326L,0x14bcf72aa74cbb43L,0x8737650e20d4c083L,
-        0x3df86536110ed4afL },
-      { 0xd2d86fe7b53ca555L,0x688cb00dabd5d538L,0xcf81bda31ad38468L,
-        0x7ccfe3ccf01167b6L } },
-    /* 27 << 14 */
-    { { 0xcf4f47e06c4c1fe6L,0x557e1f1a298bbb79L,0xf93b974f30d45a14L,
-        0x174a1d2d0baf97c4L },
-      { 0x7a003b30c51fbf53L,0xd8940991ee68b225L,0x5b0aa7b71c0f4173L,
-        0x975797c9a20a7153L } },
-    /* 28 << 14 */
-    { { 0x26e08c07e3533d77L,0xd7222e6a2e341c99L,0x9d60ec3d8d2dc4edL,
-        0xbdfe0d8f7c476cf8L },
-      { 0x1fe59ab61d056605L,0xa9ea9df686a8551fL,0x8489941e47fb8d8cL,
-        0xfeb874eb4a7f1b10L } },
-    /* 29 << 14 */
-    { { 0xfe5fea867ee0d98fL,0x201ad34bdbf61864L,0x45d8fe4737c031d4L,
-        0xd5f49fae795f0822L },
-      { 0xdb0fb291c7f4a40cL,0x2e69d9c1730ddd92L,0x754e105449d76987L,
-        0x8a24911d7662db87L } },
-    /* 30 << 14 */
-    { { 0x61fc181060a71676L,0xe852d1a8f66a8ad1L,0x172bbd656417231eL,
-        0x0d6de7bd3babb11fL },
-      { 0x6fde6f88c8e347f8L,0x1c5875479bd99cc3L,0x78e54ed034076950L,
-        0x97f0f334796e83baL } },
-    /* 31 << 14 */
-    { { 0xe4dbe1ce4924867aL,0xbd5f51b060b84917L,0x375300403cb09a79L,
-        0xdb3fe0f8ff1743d8L },
-      { 0xed7894d8556fa9dbL,0xfa26216923412fbfL,0x563be0dbba7b9291L,
-        0x6ca8b8c00c9fb234L } },
-    /* 32 << 14 */
-    { { 0xed406aa9bd763802L,0xc21486a065303da1L,0x61ae291ec7e62ec4L,
-        0x622a0492df99333eL },
-      { 0x7fd80c9dbb7a8ee0L,0xdc2ed3bc6c01aedbL,0x35c35a1208be74ecL,
-        0xd540cb1a469f671fL } },
-    /* 33 << 14 */
-    { { 0xd16ced4ecf84f6c7L,0x8561fb9c2d090f43L,0x7e693d796f239db4L,
-        0xa736f92877bd0d94L },
-      { 0x07b4d9292c1950eeL,0xda17754356dc11b3L,0xa5dfbbaa7a6a878eL,
-        0x1c70cb294decb08aL } },
-    /* 34 << 14 */
-    { { 0xfba28c8b6f0f7c50L,0xa8eba2b8854dcc6dL,0x5ff8e89a36b78642L,
-        0x070c1c8ef6873adfL },
-      { 0xbbd3c3716484d2e4L,0xfb78318f0d414129L,0x2621a39c6ad93b0bL,
-        0x979d74c2a9e917f7L } },
-    /* 35 << 14 */
-    { { 0xfc19564761fb0428L,0x4d78954abee624d4L,0xb94896e0b8ae86fdL,
-        0x6667ac0cc91c8b13L },
-      { 0x9f18051243bcf832L,0xfbadf8b7a0010137L,0xc69b4089b3ba8aa7L,
-        0xfac4bacde687ce85L } },
-    /* 36 << 14 */
-    { { 0x9164088d977eab40L,0x51f4c5b62760b390L,0xd238238f340dd553L,
-        0x358566c3db1d31c9L },
-      { 0x3a5ad69e5068f5ffL,0xf31435fcdaff6b06L,0xae549a5bd6debff0L,
-        0x59e5f0b775e01331L } },
-    /* 37 << 14 */
-    { { 0x5d492fb898559acfL,0x96018c2e4db79b50L,0x55f4a48f609f66aaL,
-        0x1943b3af4900a14fL },
-      { 0xc22496df15a40d39L,0xb2a446844c20f7c5L,0x76a35afa3b98404cL,
-        0xbec75725ff5d1b77L } },
-    /* 38 << 14 */
-    { { 0xb67aa163bea06444L,0x27e95bb2f724b6f2L,0x3c20e3e9d238c8abL,
-        0x1213754eddd6ae17L },
-      { 0x8c431020716e0f74L,0x6679c82effc095c2L,0x2eb3adf4d0ac2932L,
-        0x2cc970d301bb7a76L } },
-    /* 39 << 14 */
-    { { 0x70c71f2f740f0e66L,0x545c616b2b6b23ccL,0x4528cfcbb40a8bd7L,
-        0xff8396332ab27722L },
-      { 0x049127d9025ac99aL,0xd314d4a02b63e33bL,0xc8c310e728d84519L,
-        0x0fcb8983b3bc84baL } },
-    /* 40 << 14 */
-    { { 0x2cc5226138634818L,0x501814f4b44c2e0bL,0xf7e181aa54dfdba3L,
-        0xcfd58ff0e759718cL },
-      { 0xf90cdb14d3b507a8L,0x57bd478ec50bdad8L,0x29c197e250e5f9aaL,
-        0x4db6eef8e40bc855L } },
-    /* 41 << 14 */
-    { { 0x2cc8f21ad1fc0654L,0xc71cc96381269d73L,0xecfbb204077f49f9L,
-        0xdde92571ca56b793L },
-      { 0x9abed6a3f97ad8f7L,0xe6c19d3f924de3bdL,0x8dce92f4a140a800L,
-        0x85f44d1e1337af07L } },
-    /* 42 << 14 */
-    { { 0x5953c08b09d64c52L,0xa1b5e49ff5df9749L,0x336a8fb852735f7dL,
-        0xb332b6db9add676bL },
-      { 0x558b88a0b4511aa4L,0x09788752dbd5cc55L,0x16b43b9cd8cd52bdL,
-        0x7f0bc5a0c2a2696bL } },
-    /* 43 << 14 */
-    { { 0x146e12d4c11f61efL,0x9ce107543a83e79eL,0x08ec73d96cbfca15L,
-        0x09ff29ad5b49653fL },
-      { 0xe31b72bde7da946eL,0xebf9eb3bee80a4f2L,0xd1aabd0817598ce4L,
-        0x18b5fef453f37e80L } },
-    /* 44 << 14 */
-    { { 0xd5d5cdd35958cd79L,0x3580a1b51d373114L,0xa36e4c91fa935726L,
-        0xa38c534def20d760L },
-      { 0x7088e40a2ff5845bL,0xe5bb40bdbd78177fL,0x4f06a7a8857f9920L,
-        0xe3cc3e50e968f05dL } },
-    /* 45 << 14 */
-    { { 0x1d68b7fee5682d26L,0x5206f76faec7f87cL,0x41110530041951abL,
-        0x58ec52c1d4b5a71aL },
-      { 0xf3488f990f75cf9aL,0xf411951fba82d0d5L,0x27ee75be618895abL,
-        0xeae060d46d8aab14L } },
-    /* 46 << 14 */
-    { { 0x9ae1df737fb54dc2L,0x1f3e391b25963649L,0x242ec32afe055081L,
-        0x5bd450ef8491c9bdL },
-      { 0x367efc67981eb389L,0xed7e19283a0550d5L,0x362e776bab3ce75cL,
-        0xe890e3081f24c523L } },
-    /* 47 << 14 */
-    { { 0xb961b682feccef76L,0x8b8e11f58bba6d92L,0x8f2ccc4c2b2375c4L,
-        0x0d7f7a52e2f86cfaL },
-      { 0xfd94d30a9efe5633L,0x2d8d246b5451f934L,0x2234c6e3244e6a00L,
-        0xde2b5b0dddec8c50L } },
-    /* 48 << 14 */
-    { { 0x2ce53c5abf776f5bL,0x6f72407160357b05L,0xb259371771bf3f7aL,
-        0x87d2501c440c4a9fL },
-      { 0x440552e187b05340L,0xb7bf7cc821624c32L,0x4155a6ce22facddbL,
-        0x5a4228cb889837efL } },
-    /* 49 << 14 */
-    { { 0xef87d6d6fd4fd671L,0xa233687ec2daa10eL,0x7562224403c0eb96L,
-        0x7632d1848bf19be6L },
-      { 0x05d0f8e940735ff4L,0x3a3e6e13c00931f1L,0x31ccde6adafe3f18L,
-        0xf381366acfe51207L } },
-    /* 50 << 14 */
-    { { 0x24c222a960167d92L,0x62f9d6f87529f18cL,0x412397c00353b114L,
-        0x334d89dcef808043L },
-      { 0xd9ec63ba2a4383ceL,0xcec8e9375cf92ba0L,0xfb8b4288c8be74c0L,
-        0x67d6912f105d4391L } },
-    /* 51 << 14 */
-    { { 0x7b996c461b913149L,0x36aae2ef3a4e02daL,0xb68aa003972de594L,
-        0x284ec70d4ec6d545L },
-      { 0xf3d2b2d061391d54L,0x69c5d5d6fe114e92L,0xbe0f00b5b4482dffL,
-        0xe1596fa5f5bf33c5L } },
-    /* 52 << 14 */
-    { { 0x10595b5696a71cbaL,0x944938b2fdcadeb7L,0xa282da4cfccd8471L,
-        0x98ec05f30d37bfe1L },
-      { 0xe171ce1b0698304aL,0x2d69144421bdf79bL,0xd0cd3b741b21dec1L,
-        0x712ecd8b16a15f71L } },
-    /* 53 << 14 */
-    { { 0x8d4c00a700fd56e1L,0x02ec9692f9527c18L,0x21c449374a3e42e1L,
-        0x9176fbab1392ae0aL },
-      { 0x8726f1ba44b7b618L,0xb4d7aae9f1de491cL,0xf91df7b907b582c0L,
-        0x7e116c30ef60aa3aL } },
-    /* 54 << 14 */
-    { { 0x99270f81466265d7L,0xb15b6fe24df7adf0L,0xfe33b2d3f9738f7fL,
-        0x48553ab9d6d70f95L },
-      { 0x2cc72ac8c21e94dbL,0x795ac38dbdc0bbeeL,0x0a1be4492e40478fL,
-        0x81bd3394052bde55L } },
-    /* 55 << 14 */
-    { { 0x63c8dbe956b3c4f2L,0x017a99cf904177ccL,0x947bbddb4d010fc1L,
-        0xacf9b00bbb2c9b21L },
-      { 0x2970bc8d47173611L,0x1a4cbe08ac7d756fL,0x06d9f4aa67d541a2L,
-        0xa3e8b68959c2cf44L } },
-    /* 56 << 14 */
-    { { 0xaad066da4d88f1ddL,0xc604f1657ad35deaL,0x7edc07204478ca67L,
-        0xa10dfae0ba02ce06L },
-      { 0xeceb1c76af36f4e4L,0x994b2292af3f8f48L,0xbf9ed77b77c8a68cL,
-        0x74f544ea51744c9dL } },
-    /* 57 << 14 */
-    { { 0x82d05bb98113a757L,0x4ef2d2b48a9885e4L,0x1e332be51aa7865fL,
-        0x22b76b18290d1a52L },
-      { 0x308a231044351683L,0x9d861896a3f22840L,0x5959ddcd841ed947L,
-        0x0def0c94154b73bfL } },
-    /* 58 << 14 */
-    { { 0xf01054174c7c15e0L,0x539bfb023a277c32L,0xe699268ef9dccf5fL,
-        0x9f5796a50247a3bdL },
-      { 0x8b839de84f157269L,0xc825c1e57a30196bL,0x6ef0aabcdc8a5a91L,
-        0xf4a8ce6c498b7fe6L } },
-    /* 59 << 14 */
-    { { 0x1cce35a770cbac78L,0x83488e9bf6b23958L,0x0341a070d76cb011L,
-        0xda6c9d06ae1b2658L },
-      { 0xb701fb30dd648c52L,0x994ca02c52fb9fd1L,0x069331176f563086L,
-        0x3d2b810017856babL } },
-    /* 60 << 14 */
-    { { 0xe89f48c85963a46eL,0x658ab875a99e61c7L,0x6e296f874b8517b4L,
-        0x36c4fcdcfc1bc656L },
-      { 0xde5227a1a3906defL,0x9fe95f5762418945L,0x20c91e81fdd96cdeL,
-        0x5adbe47eda4480deL } },
-    /* 61 << 14 */
-    { { 0xa009370f396de2b6L,0x98583d4bf0ecc7bdL,0xf44f6b57e51d0672L,
-        0x03d6b078556b1984L },
-      { 0x27dbdd93b0b64912L,0x9b3a343415687b09L,0x0dba646151ec20a9L,
-        0xec93db7fff28187cL } },
-    /* 62 << 14 */
-    { { 0x00ff8c2466e48bddL,0x2514f2f911ccd78eL,0xeba11f4fe1250603L,
-        0x8a22cd41243fa156L },
-      { 0xa4e58df4b283e4c6L,0x78c298598b39783fL,0x5235aee2a5259809L,
-        0xc16284b50e0227ddL } },
-    /* 63 << 14 */
-    { { 0xa5f579161338830dL,0x6d4b8a6bd2123fcaL,0x236ea68af9c546f8L,
-        0xc1d36873fa608d36L },
-      { 0xcd76e4958d436d13L,0xd4d9c2218fb080afL,0x665c1728e8ad3fb5L,
-        0xcf1ebe4db3d572e0L } },
-    /* 64 << 14 */
-    { { 0xa7a8746a584c5e20L,0x267e4ea1b9dc7035L,0x593a15cfb9548c9bL,
-        0x5e6e21354bd012f3L },
-      { 0xdf31cc6a8c8f936eL,0x8af84d04b5c241dcL,0x63990a6f345efb86L,
-        0x6fef4e61b9b962cbL } },
-    /* 0 << 21 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 21 */
-    { { 0xf6368f0925722608L,0x131260db131cf5c6L,0x40eb353bfab4f7acL,
-        0x85c7888037eee829L },
-      { 0x4c1581ffc3bdf24eL,0x5bff75cbf5c3c5a8L,0x35e8c83fa14e6f40L,
-        0xb81d1c0f0295e0caL } },
-    /* 2 << 21 */
-    { { 0xfcde7cc8f43a730fL,0xe89b6f3c33ab590eL,0xc823f529ad03240bL,
-        0x82b79afe98bea5dbL },
-      { 0x568f2856962fe5deL,0x0c590adb60c591f3L,0x1fc74a144a28a858L,
-        0x3b662498b3203f4cL } },
-    /* 3 << 21 */
-    { { 0x91e3cf0d6c39765aL,0xa2db3acdac3cca0bL,0x288f2f08cb953b50L,
-        0x2414582ccf43cf1aL },
-      { 0x8dec8bbc60eee9a8L,0x54c79f02729aa042L,0xd81cd5ec6532f5d5L,
-        0xa672303acf82e15fL } },
-    /* 4 << 21 */
-    { { 0x376aafa8719c0563L,0xcd8ad2dcbc5fc79fL,0x303fdb9fcb750cd3L,
-        0x14ff052f4418b08eL },
-      { 0xf75084cf3e2d6520L,0x7ebdf0f8144ed509L,0xf43bf0f2d3f25b98L,
-        0x86ad71cfa354d837L } },
-    /* 5 << 21 */
-    { { 0xb827fe9226f43572L,0xdfd3ab5b5d824758L,0x315dd23a539094c1L,
-        0x85c0e37a66623d68L },
-      { 0x575c79727be19ae0L,0x616a3396df0d36b5L,0xa1ebb3c826b1ff7eL,
-        0x635b9485140ad453L } },
-    /* 6 << 21 */
-    { { 0x92bf3cdada430c0bL,0x4702850e3a96dac6L,0xc91cf0a515ac326aL,
-        0x95de4f49ab8c25e4L },
-      { 0xb01bad09e265c17cL,0x24e45464087b3881L,0xd43e583ce1fac5caL,
-        0xe17cb3186ead97a6L } },
-    /* 7 << 21 */
-    { { 0x6cc3924374dcec46L,0x33cfc02d54c2b73fL,0x82917844f26cd99cL,
-        0x8819dd95d1773f89L },
-      { 0x09572aa60871f427L,0x8e0cf365f6f01c34L,0x7fa52988bff1f5afL,
-        0x4eb357eae75e8e50L } },
-    /* 8 << 21 */
-    { { 0xd9d0c8c4868af75dL,0xd7325cff45c8c7eaL,0xab471996cc81ecb0L,
-        0xff5d55f3611824edL },
-      { 0xbe3145411977a0eeL,0x5085c4c5722038c6L,0x2d5335bff94bb495L,
-        0x894ad8a6c8e2a082L } },
-    /* 9 << 21 */
-    { { 0x5c3e2341ada35438L,0xf4a9fc89049b8c4eL,0xbeeb355a9f17cf34L,
-        0x3f311e0e6c91fe10L },
-      { 0xc2d2003892ab9891L,0x257bdcc13e8ce9a9L,0x1b2d978988c53beeL,
-        0x927ce89acdba143aL } },
-    /* 10 << 21 */
-    { { 0xb0a32cca523db280L,0x5c889f8a50d43783L,0x503e04b34897d16fL,
-        0x8cdb6e7808f5f2e8L },
-      { 0x6ab91cf0179c8e74L,0xd8874e5248211d60L,0xf948d4d5ea851200L,
-        0x4076d41ee6f9840aL } },
-    /* 11 << 21 */
-    { { 0xc20e263c47b517eaL,0x79a448fd30685e5eL,0xe55f6f78f90631a0L,
-        0x88a790b1a79e6346L },
-      { 0x62160c7d80969fe8L,0x54f92fd441491bb9L,0xa6645c235c957526L,
-        0xf44cc5aebea3ce7bL } },
-    /* 12 << 21 */
-    { { 0xf76283278b1e68b7L,0xc731ad7a303f29d3L,0xfe5a9ca957d03ecbL,
-        0x96c0d50c41bc97a7L },
-      { 0xc4669fe79b4f7f24L,0xfdd781d83d9967efL,0x7892c7c35d2c208dL,
-        0x8bf64f7cae545cb3L } },
-    /* 13 << 21 */
-    { { 0xc01f862c467be912L,0xf4c85ee9c73d30ccL,0x1fa6f4be6ab83ec7L,
-        0xa07a3c1c4e3e3cf9L },
-      { 0x87f8ef450c00beb3L,0x30e2c2b3000d4c3eL,0x1aa00b94fe08bf5bL,
-        0x32c133aa9224ef52L } },
-    /* 14 << 21 */
-    { { 0x38df16bb32e5685dL,0x68a9e06958e6f544L,0x495aaff7cdc5ebc6L,
-        0xf894a645378b135fL },
-      { 0xf316350a09e27ecfL,0xeced201e58f7179dL,0x2eec273ce97861baL,
-        0x47ec2caed693be2eL } },
-    /* 15 << 21 */
-    { { 0xfa4c97c4f68367ceL,0xe4f47d0bbe5a5755L,0x17de815db298a979L,
-        0xd7eca659c177dc7dL },
-      { 0x20fdbb7149ded0a3L,0x4cb2aad4fb34d3c5L,0x2cf31d2860858a33L,
-        0x3b6873efa24aa40fL } },
-    /* 16 << 21 */
-    { { 0x540234b22c11bb37L,0x2d0366dded4c74a3L,0xf9a968daeec5f25dL,
-        0x3660106867b63142L },
-      { 0x07cd6d2c68d7b6d4L,0xa8f74f090c842942L,0xe27514047768b1eeL,
-        0x4b5f7e89fe62aee4L } },
-    /* 17 << 21 */
-    { { 0xc6a7717789070d26L,0xa1f28e4edd1c8bc7L,0xea5f4f06469e1f17L,
-        0x78fc242afbdb78e0L },
-      { 0xc9c7c5928b0588f1L,0xb6b7a0fd1535921eL,0xcc5bdb91bde5ae35L,
-        0xb42c485e12ff1864L } },
-    /* 18 << 21 */
-    { { 0xa1113e13dbab98aaL,0xde9d469ba17b1024L,0x23f48b37c0462d3aL,
-        0x3752e5377c5c078dL },
-      { 0xe3a86add15544eb9L,0xf013aea780fba279L,0x8b5bb76cf22001b5L,
-        0xe617ba14f02891abL } },
-    /* 19 << 21 */
-    { { 0xd39182a6936219d3L,0x5ce1f194ae51cb19L,0xc78f8598bf07a74cL,
-        0x6d7158f222cbf1bcL },
-      { 0x3b846b21e300ce18L,0x35fba6302d11275dL,0x5fe25c36a0239b9bL,
-        0xd8beb35ddf05d940L } },
-    /* 20 << 21 */
-    { { 0x4db02bb01f7e320dL,0x0641c3646da320eaL,0x6d95fa5d821389a3L,
-        0x926997488fcd8e3dL },
-      { 0x316fef17ceb6c143L,0x67fcb841d933762bL,0xbb837e35118b17f8L,
-        0x4b92552f9fd24821L } },
-    /* 21 << 21 */
-    { { 0xae6bc70e46aca793L,0x1cf0b0e4e579311bL,0x8dc631be5802f716L,
-        0x099bdc6fbddbee4dL },
-      { 0xcc352bb20caf8b05L,0xf74d505a72d63df2L,0xb9876d4b91c4f408L,
-        0x1ce184739e229b2dL } },
-    /* 22 << 21 */
-    { { 0x4950759783abdb4aL,0x850fbcb6dee84b18L,0x6325236e609e67dcL,
-        0x04d831d99336c6d8L },
-      { 0x8deaae3bfa12d45dL,0xe425f8ce4746e246L,0x8004c17524f5f31eL,
-        0xaca16d8fad62c3b7L } },
-    /* 23 << 21 */
-    { { 0x0dc15a6a9152f934L,0xf1235e5ded0e12c1L,0xc33c06ecda477dacL,
-        0x76be8732b2ea0006L },
-      { 0xcf3f78310c0cd313L,0x3c524553a614260dL,0x31a756f8cab22d15L,
-        0x03ee10d177827a20L } },
-    /* 24 << 21 */
-    { { 0xd1e059b21994ef20L,0x2a653b69638ae318L,0x70d5eb582f699010L,
-        0x279739f709f5f84aL },
-      { 0x5da4663c8b799336L,0xfdfdf14d203c37ebL,0x32d8a9dca1dbfb2dL,
-        0xab40cff077d48f9bL } },
-    /* 25 << 21 */
-    { { 0xc018b383d20b42d5L,0xf9a810ef9f78845fL,0x40af3753bdba9df0L,
-        0xb90bdcfc131dfdf9L },
-      { 0x18720591f01ab782L,0xc823f2116af12a88L,0xa51b80f30dc14401L,
-        0xde248f77fb2dfbe3L } },
-    /* 26 << 21 */
-    { { 0xef5a44e50cafe751L,0x73997c9cd4dcd221L,0x32fd86d1de854024L,
-        0xd5b53adca09b84bbL },
-      { 0x008d7a11dcedd8d1L,0x406bd1c874b32c84L,0x5d4472ff05dde8b1L,
-        0x2e25f2cdfce2b32fL } },
-    /* 27 << 21 */
-    { { 0xbec0dd5e29dfc254L,0x4455fcf62b98b267L,0x0b4d43a5c72df2adL,
-        0xea70e6be48a75397L },
-      { 0x2aad61695820f3bfL,0xf410d2dd9e37f68fL,0x70fb7dba7be5ac83L,
-        0x636bb64536ec3eecL } },
-    /* 28 << 21 */
-    { { 0x27104ea39754e21cL,0xbc87a3e68d63c373L,0x483351d74109db9aL,
-        0x0fa724e360134da7L },
-      { 0x9ff44c29b0720b16L,0x2dd0cf1306aceeadL,0x5942758ce26929a6L,
-        0x96c5db92b766a92bL } },
-    /* 29 << 21 */
-    { { 0xcec7d4c05f18395eL,0xd3f227441f80d032L,0x7a68b37acb86075bL,
-        0x074764ddafef92dbL },
-      { 0xded1e9507bc7f389L,0xc580c850b9756460L,0xaeeec2a47da48157L,
-        0x3f0b4e7f82c587b3L } },
-    /* 30 << 21 */
-    { { 0x231c6de8a9f19c53L,0x5717bd736974e34eL,0xd9e1d216f1508fa9L,
-        0x9f112361dadaa124L },
-      { 0x80145e31823b7348L,0x4dd8f0d5ac634069L,0xe3d82fc72297c258L,
-        0x276fcfee9cee7431L } },
-    /* 31 << 21 */
-    { { 0x8eb61b5e2bc0aea9L,0x4f668fd5de329431L,0x03a32ab138e4b87eL,
-        0xe137451773d0ef0bL },
-      { 0x1a46f7e6853ac983L,0xc3bdf42e68e78a57L,0xacf207852ea96dd1L,
-        0xa10649b9f1638460L } },
-    /* 32 << 21 */
-    { { 0xf2369f0b879fbbedL,0x0ff0ae86da9d1869L,0x5251d75956766f45L,
-        0x4984d8c02be8d0fcL },
-      { 0x7ecc95a6d21008f0L,0x29bd54a03a1a1c49L,0xab9828c5d26c50f3L,
-        0x32c0087c51d0d251L } },
-    /* 33 << 21 */
-    { { 0x9bac3ce60c1cdb26L,0xcd94d947557ca205L,0x1b1bd5989db1fdcdL,
-        0x0eda0108a3d8b149L },
-      { 0x9506661056152fccL,0xc2f037e6e7192b33L,0xdeffb41ac92e05a4L,
-        0x1105f6c2c2f6c62eL } },
-    /* 34 << 21 */
-    { { 0x68e735008733913cL,0xcce861633f3adc40L,0xf407a94238a278e9L,
-        0xd13c1b9d2ab21292L },
-      { 0x93ed7ec71c74cf5cL,0x8887dc48f1a4c1b4L,0x3830ff304b3a11f1L,
-        0x358c5a3c58937cb6L } },
-    /* 35 << 21 */
-    { { 0x027dc40489022829L,0x40e939773b798f79L,0x90ad333738be6eadL,
-        0x9c23f6bcf34c0a5dL },
-      { 0xd1711a35fbffd8bbL,0x60fcfb491949d3ddL,0x09c8ef4b7825d93aL,
-        0x24233cffa0a8c968L } },
-    /* 36 << 21 */
-    { { 0x67ade46ce6d982afL,0xebb6bf3ee7544d7cL,0xd6b9ba763d8bd087L,
-        0x46fe382d4dc61280L },
-      { 0xbd39a7e8b5bdbd75L,0xab381331b8f228feL,0x0709a77cce1c4300L,
-        0x6a247e56f337ceacL } },
-    /* 37 << 21 */
-    { { 0x8f34f21b636288beL,0x9dfdca74c8a7c305L,0x6decfd1bea919e04L,
-        0xcdf2688d8e1991f8L },
-      { 0xe607df44d0f8a67eL,0xd985df4b0b58d010L,0x57f834c50c24f8f4L,
-        0xe976ef56a0bf01aeL } },
-    /* 38 << 21 */
-    { { 0x536395aca1c32373L,0x351027aa734c0a13L,0xd2f1b5d65e6bd5bcL,
-        0x2b539e24223debedL },
-      { 0xd4994cec0eaa1d71L,0x2a83381d661dcf65L,0x5f1aed2f7b54c740L,
-        0x0bea3fa5d6dda5eeL } },
-    /* 39 << 21 */
-    { { 0x9d4fb68436cc6134L,0x8eb9bbf3c0a443ddL,0xfc500e2e383b7d2aL,
-        0x7aad621c5b775257L },
-      { 0x69284d740a8f7cc0L,0xe820c2ce07562d65L,0xbf9531b9499758eeL,
-        0x73e95ca56ee0cc2dL } },
-    /* 40 << 21 */
-    { { 0xf61790abfbaf50a5L,0xdf55e76b684e0750L,0xec516da7f176b005L,
-        0x575553bb7a2dddc7L },
-      { 0x37c87ca3553afa73L,0x315f3ffc4d55c251L,0xe846442aaf3e5d35L,
-        0x61b911496495ff28L } },
-    /* 41 << 21 */
-    { { 0x23cc95d3fa326dc3L,0x1df4da1f18fc2ceaL,0x24bf9adcd0a37d59L,
-        0xb6710053320d6e1eL },
-      { 0x96f9667e618344d1L,0xcc7ce042a06445afL,0xa02d8514d68dbc3aL,
-        0x4ea109e4280b5a5bL } },
-    /* 42 << 21 */
-    { { 0x5741a7acb40961bfL,0x4ada59376aa56bfaL,0x7feb914502b765d1L,
-        0x561e97bee6ad1582L },
-      { 0xbbc4a5b6da3982f5L,0x0c2659edb546f468L,0xb8e7e6aa59612d20L,
-        0xd83dfe20ac19e8e0L } },
-    /* 43 << 21 */
-    { { 0x8530c45fb835398cL,0x6106a8bfb38a41c2L,0x21e8f9a635f5dcdbL,
-        0x39707137cae498edL },
-      { 0x70c23834d8249f00L,0x9f14b58fab2537a0L,0xd043c3655f61c0c2L,
-        0xdc5926d609a194a7L } },
-    /* 44 << 21 */
-    { { 0xddec03398e77738aL,0xd07a63effba46426L,0x2e58e79cee7f6e86L,
-        0xe59b0459ff32d241L },
-      { 0xc5ec84e520fa0338L,0x97939ac8eaff5aceL,0x0310a4e3b4a38313L,
-        0x9115fba28f9d9885L } },
-    /* 45 << 21 */
-    { { 0x8dd710c25fadf8c3L,0x66be38a2ce19c0e2L,0xd42a279c4cfe5022L,
-        0x597bb5300e24e1b8L },
-      { 0x3cde86b7c153ca7fL,0xa8d30fb3707d63bdL,0xac905f92bd60d21eL,
-        0x98e7ffb67b9a54abL } },
-    /* 46 << 21 */
-    { { 0xd7147df8e9726a30L,0xb5e216ffafce3533L,0xb550b7992ff1ec40L,
-        0x6b613b87a1e953fdL },
-      { 0x87b88dba792d5610L,0x2ee1270aa190fbe1L,0x02f4e2dc2ef581daL,
-        0x016530e4eff82a95L } },
-    /* 47 << 21 */
-    { { 0xcbb93dfd8fd6ee89L,0x16d3d98646848fffL,0x600eff241da47adfL,
-        0x1b9754a00ad47a71L },
-      { 0x8f9266df70c33b98L,0xaadc87aedf34186eL,0x0d2ce8e14ad24132L,
-        0x8a47cbfc19946ebaL } },
-    /* 48 << 21 */
-    { { 0x47feeb6662b5f3afL,0xcefab5610abb3734L,0x449de60e19f35cb1L,
-        0x39f8db14157f0eb9L },
-      { 0xffaecc5b3c61bfd6L,0xa5a4d41d41216703L,0x7f8fabed224e1cc2L,
-        0x0d5a8186871ad953L } },
-    /* 49 << 21 */
-    { { 0xf10774f7d22da9a9L,0x45b8a678cc8a9b0dL,0xd9c2e722bdc32cffL,
-        0xbf71b5f5337202a5L },
-      { 0x95c57f2f69fc4db9L,0xb6dad34c765d01e1L,0x7e0bd13fcb904635L,
-        0x61751253763a588cL } },
-    /* 50 << 21 */
-    { { 0xd85c299781af2c2dL,0xc0f7d9c481b9d7daL,0x838a34ae08533e8dL,
-        0x15c4cb08311d8311L },
-      { 0x97f832858e121e14L,0xeea7dc1e85000a5fL,0x0c6059b65d256274L,
-        0xec9beaceb95075c0L } },
-    /* 51 << 21 */
-    { { 0x173daad71df97828L,0xbf851cb5a8937877L,0xb083c59401646f3cL,
-        0x3bad30cf50c6d352L },
-      { 0xfeb2b202496bbceaL,0x3cf9fd4f18a1e8baL,0xd26de7ff1c066029L,
-        0x39c81e9e4e9ed4f8L } },
-    /* 52 << 21 */
-    { { 0xd8be0cb97b390d35L,0x01df2bbd964aab27L,0x3e8c1a65c3ef64f8L,
-        0x567291d1716ed1ddL },
-      { 0x95499c6c5f5406d3L,0x71fdda395ba8e23fL,0xcfeb320ed5096eceL,
-        0xbe7ba92bca66dd16L } },
-    /* 53 << 21 */
-    { { 0x4608d36bc6fb5a7dL,0xe3eea15a6d2dd0e0L,0x75b0a3eb8f97a36aL,
-        0xf59814cc1c83de1eL },
-      { 0x56c9c5b01c33c23fL,0xa96c1da46faa4136L,0x46bf2074de316551L,
-        0x3b866e7b1f756c8fL } },
-    /* 54 << 21 */
-    { { 0x727727d81495ed6bL,0xb2394243b682dce7L,0x8ab8454e758610f3L,
-        0xc243ce84857d72a4L },
-      { 0x7b320d71dbbf370fL,0xff9afa3778e0f7caL,0x0119d1e0ea7b523fL,
-        0xb997f8cb058c7d42L } },
-    /* 55 << 21 */
-    { { 0x285bcd2a37bbb184L,0x51dcec49a45d1fa6L,0x6ade3b64e29634cbL,
-        0x080c94a726b86ef1L },
-      { 0xba583db12283fbe3L,0x902bddc85a9315edL,0x07c1ccb386964becL,
-        0x78f4eacfb6258301L } },
-    /* 56 << 21 */
-    { { 0x4bdf3a4956f90823L,0xba0f5080741d777bL,0x091d71c3f38bf760L,
-        0x9633d50f9b625b02L },
-      { 0x03ecb743b8c9de61L,0xb47512545de74720L,0x9f9defc974ce1cb2L,
-        0x774a4f6a00bd32efL } },
-    /* 57 << 21 */
-    { { 0xaca385f773848f22L,0x53dad716f3f8558eL,0xab7b34b093c471f9L,
-        0xf530e06919644bc7L },
-      { 0x3d9fb1ffdd59d31aL,0x4382e0df08daa795L,0x165c6f4bd5cc88d7L,
-        0xeaa392d54a18c900L } },
-    /* 58 << 21 */
-    { { 0x94203c67648024eeL,0x188763f28c2fabcdL,0xa80f87acbbaec835L,
-        0x632c96e0f29d8d54L },
-      { 0x29b0a60e4c00a95eL,0x2ef17f40e011e9faL,0xf6c0e1d115b77223L,
-        0xaaec2c6214b04e32L } },
-    /* 59 << 21 */
-    { { 0xd35688d83d84e58cL,0x2af5094c958571dbL,0x4fff7e19760682a6L,
-        0x4cb27077e39a407cL },
-      { 0x0f59c5474ff0e321L,0x169f34a61b34c8ffL,0x2bff109652bc1ba7L,
-        0xa25423b783583544L } },
-    /* 60 << 21 */
-    { { 0x5d55d5d50ac8b782L,0xff6622ec2db3c892L,0x48fce7416b8bb642L,
-        0x31d6998c69d7e3dcL },
-      { 0xdbaf8004cadcaed0L,0x801b0142d81d053cL,0x94b189fc59630ec6L,
-        0x120e9934af762c8eL } },
-    /* 61 << 21 */
-    { { 0x53a29aa4fdc6a404L,0x19d8e01ea1909948L,0x3cfcabf1d7e89681L,
-        0x3321a50d4e132d37L },
-      { 0xd0496863e9a86111L,0x8c0cde6106a3bc65L,0xaf866c49fc9f8eefL,
-        0x2066350eff7f5141L } },
-    /* 62 << 21 */
-    { { 0x4f8a4689e56ddfbdL,0xea1b0c07fe32983aL,0x2b317462873cb8cbL,
-        0x658deddc2d93229fL },
-      { 0x65efaf4d0f64ef58L,0xfe43287d730cc7a8L,0xaebc0c723d047d70L,
-        0x92efa539d92d26c9L } },
-    /* 63 << 21 */
-    { { 0x06e7845794b56526L,0x415cb80f0961002dL,0x89e5c56576dcb10fL,
-        0x8bbb6982ff9259feL },
-      { 0x4fe8795b9abc2668L,0xb5d4f5341e678fb1L,0x6601f3be7b7da2b9L,
-        0x98da59e2a13d6805L } },
-    /* 64 << 21 */
-    { { 0x190d8ea601799a52L,0xa20cec41b86d2952L,0x3062ffb27fff2a7cL,
-        0x741b32e579f19d37L },
-      { 0xf80d81814eb57d47L,0x7a2d0ed416aef06bL,0x09735fb01cecb588L,
-        0x1641caaac6061f5bL } },
-    /* 0 << 28 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 28 */
-    { { 0x7f99824f20151427L,0x206828b692430206L,0xaa9097d7e1112357L,
-        0xacf9a2f209e414ecL },
-      { 0xdbdac9da27915356L,0x7e0734b7001efee3L,0x54fab5bbd2b288e2L,
-        0x4c630fc4f62dd09cL } },
-    /* 2 << 28 */
-    { { 0x8537107a1ac2703bL,0xb49258d86bc857b5L,0x57df14debcdaccd1L,
-        0x24ab68d7c4ae8529L },
-      { 0x7ed8b5d4734e59d0L,0x5f8740c8c495cc80L,0x84aedd5a291db9b3L,
-        0x80b360f84fb995beL } },
-    /* 3 << 28 */
-    { { 0xae915f5d5fa067d1L,0x4134b57f9668960cL,0xbd3656d6a48edaacL,
-        0xdac1e3e4fc1d7436L },
-      { 0x674ff869d81fbb26L,0x449ed3ecb26c33d4L,0x85138705d94203e8L,
-        0xccde538bbeeb6f4aL } },
-    /* 4 << 28 */
-    { { 0x55d5c68da61a76faL,0x598b441dca1554dcL,0xd39923b9773b279cL,
-        0x33331d3c36bf9efcL },
-      { 0x2d4c848e298de399L,0xcfdb8e77a1a27f56L,0x94c855ea57b8ab70L,
-        0xdcdb9dae6f7879baL } },
-    /* 5 << 28 */
-    { { 0x7bdff8c2019f2a59L,0xb3ce5bb3cb4fbc74L,0xea907f688a9173ddL,
-        0x6cd3d0d395a75439L },
-      { 0x92ecc4d6efed021cL,0x09a9f9b06a77339aL,0x87ca6b157188c64aL,
-        0x10c2996844899158L } },
-    /* 6 << 28 */
-    { { 0x5859a229ed6e82efL,0x16f338e365ebaf4eL,0x0cd313875ead67aeL,
-        0x1c73d22854ef0bb4L },
-      { 0x4cb5513174a5c8c7L,0x01cd29707f69ad6aL,0xa04d00dde966f87eL,
-        0xd96fe4470b7b0321L } },
-    /* 7 << 28 */
-    { { 0x342ac06e88fbd381L,0x02cd4a845c35a493L,0xe8fa89de54f1bbcdL,
-        0x341d63672575ed4cL },
-      { 0xebe357fbd238202bL,0x600b4d1aa984ead9L,0xc35c9f4452436ea0L,
-        0x96fe0a39a370751bL } },
-    /* 8 << 28 */
-    { { 0x4c4f07367f636a38L,0x9f943fb70e76d5cbL,0xb03510baa8b68b8bL,
-        0xc246780a9ed07a1fL },
-      { 0x3c0514156d549fc2L,0xc2953f31607781caL,0x955e2c69d8d95413L,
-        0xb300fadc7bd282e3L } },
-    /* 9 << 28 */
-    { { 0x81fe7b5087e9189fL,0xdb17375cf42dda27L,0x22f7d896cf0a5904L,
-        0xa0e57c5aebe348e6L },
-      { 0xa61011d3f40e3c80L,0xb11893218db705c5L,0x4ed9309e50fedec3L,
-        0xdcf14a104d6d5c1dL } },
-    /* 10 << 28 */
-    { { 0x056c265b55691342L,0xe8e0850491049dc7L,0x131329f5c9bae20aL,
-        0x96c8b3e8d9dccdb4L },
-      { 0x8c5ff838fb4ee6b4L,0xfc5a9aeb41e8ccf0L,0x7417b764fae050c6L,
-        0x0953c3d700452080L } },
-    /* 11 << 28 */
-    { { 0x2137268238dfe7e8L,0xea417e152bb79d4bL,0x59641f1c76e7cf2dL,
-        0x271e3059ea0bcfccL },
-      { 0x624c7dfd7253ecbdL,0x2f552e254fca6186L,0xcbf84ecd4d866e9cL,
-        0x73967709f68d4610L } },
-    /* 12 << 28 */
-    { { 0xa14b1163c27901b4L,0xfd9236e0899b8bf3L,0x42b091eccbc6da0aL,
-        0xbb1dac6f5ad1d297L },
-      { 0x80e61d53a91cf76eL,0x4110a412d31f1ee7L,0x2d87c3ba13efcf77L,
-        0x1f374bb4df450d76L } },
-    /* 13 << 28 */
-    { { 0x5e78e2f20d188dabL,0xe3968ed0f4b885efL,0x46c0568e7314570fL,
-        0x3161633801170521L },
-      { 0x18e1e7e24f0c8afeL,0x4caa75ffdeea78daL,0x82db67f27c5d8a51L,
-        0x36a44d866f505370L } },
-    /* 14 << 28 */
-    { { 0xd72c5bda0333974fL,0x5db516ae27a70146L,0x34705281210ef921L,
-        0xbff17a8f0c9c38e5L },
-      { 0x78f4814e12476da1L,0xc1e1661333c16980L,0x9e5b386f424d4bcaL,
-        0x4c274e87c85740deL } },
-    /* 15 << 28 */
-    { { 0xb6a9b88d6c2f5226L,0x14d1b944550d7ca8L,0x580c85fc1fc41709L,
-        0xc1da368b54c6d519L },
-      { 0x2b0785ced5113cf7L,0x0670f6335a34708fL,0x46e2376715cc3f88L,
-        0x1b480cfa50c72c8fL } },
-    /* 16 << 28 */
-    { { 0x202886024147519aL,0xd0981eac26b372f0L,0xa9d4a7caa785ebc8L,
-        0xd953c50ddbdf58e9L },
-      { 0x9d6361ccfd590f8fL,0x72e9626b44e6c917L,0x7fd9611022eb64cfL,
-        0x863ebb7e9eb288f3L } },
-    /* 17 << 28 */
-    { { 0x6e6ab7616aca8ee7L,0x97d10b39d7b40358L,0x1687d3771e5feb0dL,
-        0xc83e50e48265a27aL },
-      { 0x8f75a9fec954b313L,0xcc2e8f47310d1f61L,0xf5ba81c56557d0e0L,
-        0x25f9680c3eaf6207L } },
-    /* 18 << 28 */
-    { { 0xf95c66094354080bL,0x5225bfa57bf2fe1cL,0xc5c004e25c7d98faL,
-        0x3561bf1c019aaf60L },
-      { 0x5e6f9f17ba151474L,0xdec2f934b04f6ecaL,0x64e368a1269acb1eL,
-        0x1332d9e40cdda493L } },
-    /* 19 << 28 */
-    { { 0x60d6cf69df23de05L,0x66d17da2009339a0L,0x9fcac9850a693923L,
-        0xbcf057fced7c6a6dL },
-      { 0xc3c5c8c5f0b5662cL,0x25318dd8dcba4f24L,0x60e8cb75082b69ffL,
-        0x7c23b3ee1e728c01L } },
-    /* 20 << 28 */
-    { { 0x15e10a0a097e4403L,0xcb3d0a8619854665L,0x88d8e211d67d4826L,
-        0xb39af66e0b9d2839L },
-      { 0xa5f94588bd475ca8L,0xe06b7966c077b80bL,0xfedb1485da27c26cL,
-        0xd290d33afe0fd5e0L } },
-    /* 21 << 28 */
-    { { 0xa40bcc47f34fb0faL,0xb4760cc81fb1ab09L,0x8fca0993a273bfe3L,
-        0x13e4fe07f70b213cL },
-      { 0x3bcdb992fdb05163L,0x8c484b110c2b19b6L,0x1acb815faaf2e3e2L,
-        0xc6905935b89ff1b4L } },
-    /* 22 << 28 */
-    { { 0xb2ad6f9d586e74e1L,0x488883ad67b80484L,0x758aa2c7369c3ddbL,
-        0x8ab74e699f9afd31L },
-      { 0x10fc2d285e21beb1L,0x3484518a318c42f9L,0x377427dc53cf40c3L,
-        0x9de0781a391bc1d9L } },
-    /* 23 << 28 */
-    { { 0x8faee858693807e1L,0xa38653274e81ccc7L,0x02c30ff26f835b84L,
-        0xb604437b0d3d38d4L },
-      { 0xb3fc8a985ca1823dL,0xb82f7ec903be0324L,0xee36d761cf684a33L,
-        0x5a01df0e9f29bf7dL } },
-    /* 24 << 28 */
-    { { 0x686202f31306583dL,0x05b10da0437c622eL,0xbf9aaa0f076a7bc8L,
-        0x25e94efb8f8f4e43L },
-      { 0x8a35c9b7fa3dc26dL,0xe0e5fb9396ff03c5L,0xa77e3843ebc394ceL,
-        0xcede65958361de60L } },
-    /* 25 << 28 */
-    { { 0xd27c22f6a1993545L,0xab01cc3624d671baL,0x63fa2877a169c28eL,
-        0x925ef9042eb08376L },
-      { 0x3b2fa3cf53aa0b32L,0xb27beb5b71c49d7aL,0xb60e1834d105e27fL,
-        0xd60897884f68570dL } },
-    /* 26 << 28 */
-    { { 0x23094ce0d6fbc2acL,0x738037a1815ff551L,0xda73b1bb6bef119cL,
-        0xdcf6c430eef506baL },
-      { 0x00e4fe7be3ef104aL,0xebdd9a2c0a065628L,0x853a81c38792043eL,
-        0x22ad6eceb3b59108L } },
-    /* 27 << 28 */
-    { { 0x9fb813c039cd297dL,0x8ec7e16e05bda5d9L,0x2834797c0d104b96L,
-        0xcc11a2e77c511510L },
-      { 0x96ca5a5396ee6380L,0x054c8655cea38742L,0xb5946852d54dfa7dL,
-        0x97c422e71f4ab207L } },
-    /* 28 << 28 */
-    { { 0xbf9075090c22b540L,0x2cde42aab7c267d4L,0xba18f9ed5ab0d693L,
-        0x3ba62aa66e4660d9L },
-      { 0xb24bf97bab9ea96aL,0x5d039642e3b60e32L,0x4e6a45067c4d9bd5L,
-        0x666c5b9e7ed4a6a4L } },
-    /* 29 << 28 */
-    { { 0xfa3fdcd98edbd7ccL,0x4660bb87c6ccd753L,0x9ae9082021e6b64fL,
-        0x8a56a713b36bfb3fL },
-      { 0xabfce0965726d47fL,0x9eed01b20b1a9a7fL,0x30e9cad44eb74a37L,
-        0x7b2524cc53e9666dL } },
-    /* 30 << 28 */
-    { { 0x6a29683b8f4b002fL,0xc2200d7a41f4fc20L,0xcf3af47a3a338accL,
-        0x6539a4fbe7128975L },
-      { 0xcec31c14c33c7fcfL,0x7eb6799bc7be322bL,0x119ef4e96646f623L,
-        0x7b7a26a554d7299bL } },
-    /* 31 << 28 */
-    { { 0xcb37f08d403f46f2L,0x94b8fc431a0ec0c7L,0xbb8514e3c332142fL,
-        0xf3ed2c33e80d2a7aL },
-      { 0x8d2080afb639126cL,0xf7b6be60e3553adeL,0x3950aa9f1c7e2b09L,
-        0x847ff9586410f02bL } },
-    /* 32 << 28 */
-    { { 0x877b7cf5678a31b0L,0xd50301ae3998b620L,0x734257c5c00fb396L,
-        0xf9fb18a004e672a6L },
-      { 0xff8bd8ebe8758851L,0x1e64e4c65d99ba44L,0x4b8eaedf7dfd93b7L,
-        0xba2f2a9804e76b8cL } },
-    /* 33 << 28 */
-    { { 0x7d790cbae8053433L,0xc8e725a03d2c9585L,0x58c5c476cdd8f5edL,
-        0xd106b952efa9fe1dL },
-      { 0x3c5c775b0eff13a9L,0x242442bae057b930L,0xe9f458d4c9b70cbdL,
-        0x69b71448a3cdb89aL } },
-    /* 34 << 28 */
-    { { 0x41ee46f60e2ed742L,0x573f104540067493L,0xb1e154ff9d54c304L,
-        0x2ad0436a8d3a7502L },
-      { 0xee4aaa2d431a8121L,0xcd38b3ab886f11edL,0x57d49ea6034a0eb7L,
-        0xd2b773bdf7e85e58L } },
-    /* 35 << 28 */
-    { { 0x4a559ac49b5c1f14L,0xc444be1a3e54df2bL,0x13aad704eda41891L,
-        0xcd927bec5eb5c788L },
-      { 0xeb3c8516e48c8a34L,0x1b7ac8124b546669L,0x1815f896594df8ecL,
-        0x87c6a79c79227865L } },
-    /* 36 << 28 */
-    { { 0xae02a2f09b56ddbdL,0x1339b5ac8a2f1cf3L,0xf2b569c7839dff0dL,
-        0xb0b9e864fee9a43dL },
-      { 0x4ff8ca4177bb064eL,0x145a2812fd249f63L,0x3ab7beacf86f689aL,
-        0x9bafec2701d35f5eL } },
-    /* 37 << 28 */
-    { { 0x28054c654265aa91L,0xa4b18304035efe42L,0x6887b0e69639dec7L,
-        0xf4b8f6ad3d52aea5L },
-      { 0xfb9293cc971a8a13L,0x3f159e5d4c934d07L,0x2c50e9b109acbc29L,
-        0x08eb65e67154d129L } },
-    /* 38 << 28 */
-    { { 0x4feff58930b75c3eL,0x0bb82fe294491c93L,0xd8ac377a89af62bbL,
-        0xd7b514909685e49fL },
-      { 0xabca9a7b04497f19L,0x1b35ed0a1a7ad13fL,0x6b601e213ec86ed6L,
-        0xda91fcb9ce0c76f1L } },
-    /* 39 << 28 */
-    { { 0x9e28507bd7ab27e1L,0x7c19a55563945b7bL,0x6b43f0a1aafc9827L,
-        0x443b4fbd3aa55b91L },
-      { 0x962b2e656962c88fL,0x139da8d4ce0db0caL,0xb93f05dd1b8d6c4fL,
-        0x779cdff7180b9824L } },
-    /* 40 << 28 */
-    { { 0xbba23fddae57c7b7L,0x345342f21b932522L,0xfd9c80fe556d4aa3L,
-        0xa03907ba6525bb61L },
-      { 0x38b010e1ff218933L,0xc066b654aa52117bL,0x8e14192094f2e6eaL,
-        0x66a27dca0d32f2b2L } },
-    /* 41 << 28 */
-    { { 0x69c7f993048b3717L,0xbf5a989ab178ae1cL,0x49fa9058564f1d6bL,
-        0x27ec6e15d31fde4eL },
-      { 0x4cce03737276e7fcL,0x64086d7989d6bf02L,0x5a72f0464ccdd979L,
-        0x909c356647775631L } },
-    /* 42 << 28 */
-    { { 0x1c07bc6b75dd7125L,0xb4c6bc9787a0428dL,0x507ece52fdeb6b9dL,
-        0xfca56512b2c95432L },
-      { 0x15d97181d0e8bd06L,0x384dd317c6bb46eaL,0x5441ea203952b624L,
-        0xbcf70dee4e7dc2fbL } },
-    /* 43 << 28 */
-    { { 0x372b016e6628e8c3L,0x07a0d667b60a7522L,0xcf05751b0a344ee2L,
-        0x0ec09a48118bdeecL },
-      { 0x6e4b3d4ed83dce46L,0x43a6316d99d2fc6eL,0xa99d898956cf044cL,
-        0x7c7f4454ae3e5fb7L } },
-    /* 44 << 28 */
-    { { 0xb2e6b121fbabbe92L,0x281850fbe1330076L,0x093581ec97890015L,
-        0x69b1dded75ff77f5L },
-      { 0x7cf0b18fab105105L,0x953ced31a89ccfefL,0x3151f85feb914009L,
-        0x3c9f1b8788ed48adL } },
-    /* 45 << 28 */
-    { { 0xc9aba1a14a7eadcbL,0x928e7501522e71cfL,0xeaede7273a2e4f83L,
-        0x467e10d11ce3bbd3L },
-      { 0xf3442ac3b955dcf0L,0xba96307dd3d5e527L,0xf763a10efd77f474L,
-        0x5d744bd06a6e1ff0L } },
-    /* 46 << 28 */
-    { { 0xd287282aa777899eL,0xe20eda8fd03f3cdeL,0x6a7e75bb50b07d31L,
-        0x0b7e2a946f379de4L },
-      { 0x31cb64ad19f593cfL,0x7b1a9e4f1e76ef1dL,0xe18c9c9db62d609cL,
-        0x439bad6de779a650L } },
-    /* 47 << 28 */
-    { { 0x219d9066e032f144L,0x1db632b8e8b2ec6aL,0xff0d0fd4fda12f78L,
-        0x56fb4c2d2a25d265L },
-      { 0x5f4e2ee1255a03f1L,0x61cd6af2e96af176L,0xe0317ba8d068bc97L,
-        0x927d6bab264b988eL } },
-    /* 48 << 28 */
-    { { 0xa18f07e0e90fb21eL,0x00fd2b80bba7fca1L,0x20387f2795cd67b5L,
-        0x5b89a4e7d39707f7L },
-      { 0x8f83ad3f894407ceL,0xa0025b946c226132L,0xc79563c7f906c13bL,
-        0x5f548f314e7bb025L } },
-    /* 49 << 28 */
-    { { 0x2b4c6b8feac6d113L,0xa67e3f9c0e813c76L,0x3982717c3fe1f4b9L,
-        0x5886581926d8050eL },
-      { 0x99f3640cf7f06f20L,0xdc6102162a66ebc2L,0x52f2c175767a1e08L,
-        0x05660e1a5999871bL } },
-    /* 50 << 28 */
-    { { 0x6b0f17626d3c4693L,0xf0e7d62737ed7beaL,0xc51758c7b75b226dL,
-        0x40a886281f91613bL },
-      { 0x889dbaa7bbb38ce0L,0xe0404b65bddcad81L,0xfebccd3a8bc9671fL,
-        0xfbf9a357ee1f5375L } },
-    /* 51 << 28 */
-    { { 0x5dc169b028f33398L,0xb07ec11d72e90f65L,0xae7f3b4afaab1eb1L,
-        0xd970195e5f17538aL },
-      { 0x52b05cbe0181e640L,0xf5debd622643313dL,0x761481545df31f82L,
-        0x23e03b333a9e13c5L } },
-    /* 52 << 28 */
-    { { 0xff7589494fde0c1fL,0xbf8a1abee5b6ec20L,0x702278fb87e1db6cL,
-        0xc447ad7a35ed658fL },
-      { 0x48d4aa3803d0ccf2L,0x80acb338819a7c03L,0x9bc7c89e6e17ceccL,
-        0x46736b8b03be1d82L } },
-    /* 53 << 28 */
-    { { 0xd65d7b60c0432f96L,0xddebe7a3deb5442fL,0x79a253077dff69a2L,
-        0x37a56d9402cf3122L },
-      { 0x8bab8aedf2350d0aL,0x13c3f276037b0d9aL,0xc664957c44c65caeL,
-        0x88b44089c2e71a88L } },
-    /* 54 << 28 */
-    { { 0xdb88e5a35cb02664L,0x5d4c0bf18686c72eL,0xea3d9b62a682d53eL,
-        0x9b605ef40b2ad431L },
-      { 0x71bac202c69645d0L,0xa115f03a6a1b66e7L,0xfe2c563a158f4dc4L,
-        0xf715b3a04d12a78cL } },
-    /* 55 << 28 */
-    { { 0x8f7f0a48d413213aL,0x2035806dc04becdbL,0xecd34a995d8587f5L,
-        0x4d8c30799f6d3a71L },
-      { 0x1b2a2a678d95a8f6L,0xc58c9d7df2110d0dL,0xdeee81d5cf8fba3fL,
-        0xa42be3c00c7cdf68L } },
-    /* 56 << 28 */
-    { { 0x2126f742d43b5eaaL,0x054a0766dfa59b85L,0x9d0d5e36126bfd45L,
-        0xa1f8fbd7384f8a8fL },
-      { 0x317680f5d563fcccL,0x48ca5055f280a928L,0xe00b81b227b578cfL,
-        0x10aad9182994a514L } },
-    /* 57 << 28 */
-    { { 0xd9e07b62b7bdc953L,0x9f0f6ff25bc086ddL,0x09d1ccff655eee77L,
-        0x45475f795bef7df1L },
-      { 0x3faa28fa86f702ccL,0x92e609050f021f07L,0xe9e629687f8fa8c6L,
-        0xbd71419af036ea2cL } },
-    /* 58 << 28 */
-    { { 0x171ee1cc6028da9aL,0x5352fe1ac251f573L,0xf8ff236e3fa997f4L,
-        0xd831b6c9a5749d5fL },
-      { 0x7c872e1de350e2c2L,0xc56240d91e0ce403L,0xf9deb0776974f5cbL,
-        0x7d50ba87961c3728L } },
-    /* 59 << 28 */
-    { { 0xd6f894265a3a2518L,0xcf817799c6303d43L,0x510a0471619e5696L,
-        0xab049ff63a5e307bL },
-      { 0xe4cdf9b0feb13ec7L,0xd5e971179d8ff90cL,0xf6f64d069afa96afL,
-        0x00d0bf5e9d2012a2L } },
-    /* 60 << 28 */
-    { { 0xe63f301f358bcdc0L,0x07689e990a9d47f8L,0x1f689e2f4f43d43aL,
-        0x4d542a1690920904L },
-      { 0xaea293d59ca0a707L,0xd061fe458ac68065L,0x1033bf1b0090008cL,
-        0x29749558c08a6db6L } },
-    /* 61 << 28 */
-    { { 0x74b5fc59c1d5d034L,0xf712e9f667e215e0L,0xfd520cbd860200e6L,
-        0x0229acb43ea22588L },
-      { 0x9cd1e14cfff0c82eL,0x87684b6259c69e73L,0xda85e61c96ccb989L,
-        0x2d5dbb02a3d06493L } },
-    /* 62 << 28 */
-    { { 0xf22ad33ae86b173cL,0xe8e41ea5a79ff0e3L,0x01d2d725dd0d0c10L,
-        0x31f39088032d28f9L },
-      { 0x7b3f71e17829839eL,0x0cf691b44502ae58L,0xef658dbdbefc6115L,
-        0xa5cd6ee5b3ab5314L } },
-    /* 63 << 28 */
-    { { 0x206c8d7b5f1d2347L,0x794645ba4cc2253aL,0xd517d8ff58389e08L,
-        0x4fa20dee9f847288L },
-      { 0xeba072d8d797770aL,0x7360c91dbf429e26L,0x7200a3b380af8279L,
-        0x6a1c915082dadce3L } },
-    /* 64 << 28 */
-    { { 0x0ee6d3a7c35d8794L,0x042e65580356bae5L,0x9f59698d643322fdL,
-        0x9379ae1550a61967L },
-      { 0x64b9ae62fcc9981eL,0xaed3d6316d2934c6L,0x2454b3025e4e65ebL,
-        0xab09f647f9950428L } },
-    /* 0 << 35 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 35 */
-    { { 0xb2083a1222248accL,0x1f6ec0ef3264e366L,0x5659b7045afdee28L,
-        0x7a823a40e6430bb5L },
-      { 0x24592a04e1900a79L,0xcde09d4ac9ee6576L,0x52b6463f4b5ea54aL,
-        0x1efe9ed3d3ca65a7L } },
-    /* 2 << 35 */
-    { { 0xe27a6dbe305406ddL,0x8eb7dc7fdd5d1957L,0xf54a6876387d4d8fL,
-        0x9c479409c7762de4L },
-      { 0xbe4d5b5d99b30778L,0x25380c566e793682L,0x602d37f3dac740e3L,
-        0x140deabe1566e4aeL } },
-    /* 3 << 35 */
-    { { 0x4481d067afd32acfL,0xd8f0fccae1f71ccfL,0xd208dd0cb596f2daL,
-        0xd049d7309aad93f9L },
-      { 0xc79f263d42ab580eL,0x09411bb123f707b4L,0x8cfde1ff835e0edaL,
-        0x7270749090f03402L } },
-    /* 4 << 35 */
-    { { 0xeaee6126c49a861eL,0x024f3b65e14f0d06L,0x51a3f1e8c69bfc17L,
-        0xc3c3a8e9a7686381L },
-      { 0x3400752cb103d4c8L,0x02bc46139218b36bL,0xc67f75eb7651504aL,
-        0xd6848b56d02aebfaL } },
-    /* 5 << 35 */
-    { { 0xbd9802e6c30fa92bL,0x5a70d96d9a552784L,0x9085c4ea3f83169bL,
-        0xfa9423bb06908228L },
-      { 0x2ffebe12fe97a5b9L,0x85da604971b99118L,0x9cbc2f7f63178846L,
-        0xfd96bc709153218eL } },
-    /* 6 << 35 */
-    { { 0x958381db1782269bL,0xae34bf792597e550L,0xbb5c60645f385153L,
-        0x6f0e96afe3088048L },
-      { 0xbf6a021577884456L,0xb3b5688c69310ea7L,0x17c9429504fad2deL,
-        0xe020f0e517896d4dL } },
-    /* 7 << 35 */
-    { { 0x730ba0ab0976505fL,0x567f6813095e2ec5L,0x470620106331ab71L,
-        0x72cfa97741d22b9fL },
-      { 0x33e55ead8a2373daL,0xa8d0d5f47ba45a68L,0xba1d8f9c03029d15L,
-        0x8f34f1ccfc55b9f3L } },
-    /* 8 << 35 */
-    { { 0xcca4428dbbe5a1a9L,0x8187fd5f3126bd67L,0x0036973a48105826L,
-        0xa39b6663b8bd61a0L },
-      { 0x6d42deef2d65a808L,0x4969044f94636b19L,0xf611ee47dd5d564cL,
-        0x7b2f3a49d2873077L } },
-    /* 9 << 35 */
-    { { 0x94157d45300eb294L,0x2b2a656e169c1494L,0xc000dd76d3a47aa9L,
-        0xa2864e4fa6243ea4L },
-      { 0x82716c47db89842eL,0x12dfd7d761479fb7L,0x3b9a2c56e0b2f6dcL,
-        0x46be862ad7f85d67L } },
-    /* 10 << 35 */
-    { { 0x03b0d8dd0f82b214L,0x460c34f9f103cbc6L,0xf32e5c0318d79e19L,
-        0x8b8888baa84117f8L },
-      { 0x8f3c37dcc0722677L,0x10d21be91c1c0f27L,0xd47c8468e0f7a0c6L,
-        0x9bf02213adecc0e0L } },
-    /* 11 << 35 */
-    { { 0x0baa7d1242b48b99L,0x1bcb665d48424096L,0x8b847cd6ebfb5cfbL,
-        0x87c2ae569ad4d10dL },
-      { 0xf1cbb1220de36726L,0xe7043c683fdfbd21L,0x4bd0826a4e79d460L,
-        0x11f5e5984bd1a2cbL } },
-    /* 12 << 35 */
-    { { 0x97554160b7fe7b6eL,0x7d16189a400a3fb2L,0xd73e9beae328ca1eL,
-        0x0dd04b97e793d8ccL },
-      { 0xa9c83c9b506db8ccL,0x5cd47aaecf38814cL,0x26fc430db64b45e6L,
-        0x079b5499d818ea84L } },
-    /* 13 << 35 */
-    { { 0xebb01102c1c24a3bL,0xca24e5681c161c1aL,0x103eea6936f00a4aL,
-        0x9ad76ee876176c7bL },
-      { 0x97451fc2538e0ff7L,0x94f898096604b3b0L,0x6311436e3249cfd7L,
-        0x27b4a7bd41224f69L } },
-    /* 14 << 35 */
-    { { 0x03b5d21ae0ac2941L,0x279b0254c2d31937L,0x3307c052cac992d0L,
-        0x6aa7cb92efa8b1f3L },
-      { 0x5a1825800d37c7a5L,0x13380c37342d5422L,0x92ac2d66d5d2ef92L,
-        0x035a70c9030c63c6L } },
-    /* 15 << 35 */
-    { { 0xc16025dd4ce4f152L,0x1f419a71f9df7c06L,0x6d5b221491e4bb14L,
-        0xfc43c6cc839fb4ceL },
-      { 0x49f06591925d6b2dL,0x4b37d9d362186598L,0x8c54a971d01b1629L,
-        0xe1a9c29f51d50e05L } },
-    /* 16 << 35 */
-    { { 0x5109b78571ba1861L,0x48b22d5cd0c8f93dL,0xe8fa84a78633bb93L,
-        0x53fba6ba5aebbd08L },
-      { 0x7ff27df3e5eea7d8L,0x521c879668ca7158L,0xb9d5133bce6f1a05L,
-        0x2d50cd53fd0ebee4L } },
-    /* 17 << 35 */
-    { { 0xc82115d6c5a3ef16L,0x993eff9dba079221L,0xe4da2c5e4b5da81cL,
-        0x9a89dbdb8033fd85L },
-      { 0x60819ebf2b892891L,0x53902b215d14a4d5L,0x6ac35051d7fda421L,
-        0xcc6ab88561c83284L } },
-    /* 18 << 35 */
-    { { 0x14eba133f74cff17L,0x240aaa03ecb813f2L,0xcfbb65406f665beeL,
-        0x084b1fe4a425ad73L },
-      { 0x009d5d16d081f6a6L,0x35304fe8eef82c90L,0xf20346d5aa9eaa22L,
-        0x0ada9f07ac1c91e3L } },
-    /* 19 << 35 */
-    { { 0xa6e21678968a6144L,0x54c1f77c07b31a1eL,0xd6bb787e5781fbe1L,
-        0x61bd2ee0e31f1c4aL },
-      { 0xf25aa1e9781105fcL,0x9cf2971f7b2f8e80L,0x26d15412cdff919bL,
-        0x01db4ebe34bc896eL } },
-    /* 20 << 35 */
-    { { 0x7d9b3e23b40df1cfL,0x5933737394e971b4L,0xbf57bd14669cf921L,
-        0x865daedf0c1a1064L },
-      { 0x3eb70bd383279125L,0xbc3d5b9f34ecdaabL,0x91e3ed7e5f755cafL,
-        0x49699f54d41e6f02L } },
-    /* 21 << 35 */
-    { { 0x185770e1d4a7a15bL,0x08f3587aeaac87e7L,0x352018db473133eaL,
-        0x674ce71904fd30fcL },
-      { 0x7b8d9835088b3e0eL,0x7a0356a95d0d47a1L,0x9d9e76596474a3c4L,
-        0x61ea48a7ff66966cL } },
-    /* 22 << 35 */
-    { { 0x304177580f3e4834L,0xfdbb21c217a9afcbL,0x756fa17f2f9a67b3L,
-        0x2a6b2421a245c1a8L },
-      { 0x64be27944af02291L,0xade465c62a5804feL,0x8dffbd39a6f08fd7L,
-        0xc4efa84caa14403bL } },
-    /* 23 << 35 */
-    { { 0xa1b91b2a442b0f5cL,0xb748e317cf997736L,0x8d1b62bfcee90e16L,
-        0x907ae2710b2078c0L },
-      { 0xdf31534b0c9bcdddL,0x043fb05439adce83L,0x99031043d826846aL,
-        0x61a9c0d6b144f393L } },
-    /* 24 << 35 */
-    { { 0xdab4804647718427L,0xdf17ff9b6e830f8bL,0x408d7ee8e49a1347L,
-        0x6ac71e2391c1d4aeL },
-      { 0xc8cbb9fd1defd73cL,0x19840657bbbbfec5L,0x39db1cb59e7ef8eaL,
-        0x78aa829664105f30L } },
-    /* 25 << 35 */
-    { { 0xa3d9b7f0a3738c29L,0x0a2f235abc3250a3L,0x55e506f6445e4cafL,
-        0x0974f73d33475f7aL },
-      { 0xd37dbba35ba2f5a8L,0x542c6e636af40066L,0x26d99b53c5d73e2cL,
-        0x06060d7d6c3ca33eL } },
-    /* 26 << 35 */
-    { { 0xcdbef1c2065fef4aL,0x77e60f7dfd5b92e3L,0xd7c549f026708350L,
-        0x201b3ad034f121bfL },
-      { 0x5fcac2a10334fc14L,0x8a9a9e09344552f6L,0x7dd8a1d397653082L,
-        0x5fc0738f79d4f289L } },
-    /* 27 << 35 */
-    { { 0x787d244d17d2d8c3L,0xeffc634570830684L,0x5ddb96dde4f73ae5L,
-        0x8efb14b1172549a5L },
-      { 0x6eb73eee2245ae7aL,0xbca4061eea11f13eL,0xb577421d30b01f5dL,
-        0xaa688b24782e152cL } },
-    /* 28 << 35 */
-    { { 0x67608e71bd3502baL,0x4ef41f24b4de75a0L,0xb08dde5efd6125e5L,
-        0xde484825a409543fL },
-      { 0x1f198d9865cc2295L,0x428a37716e0edfa2L,0x4f9697a2adf35fc7L,
-        0x01a43c79f7cac3c7L } },
-    /* 29 << 35 */
-    { { 0xb05d70590fd3659aL,0x8927f30cbb7f2d9aL,0x4023d1ac8cf984d3L,
-        0x32125ed302897a45L },
-      { 0xfb572dad3d414205L,0x73000ef2e3fa82a9L,0x4c0868e9f10a5581L,
-        0x5b61fc676b0b3ca5L } },
-    /* 30 << 35 */
-    { { 0xc1258d5b7cae440cL,0x21c08b41402b7531L,0xf61a8955de932321L,
-        0x3568faf82d1408afL },
-      { 0x71b15e999ecf965bL,0xf14ed248e917276fL,0xc6f4caa1820cf9e2L,
-        0x681b20b218d83c7eL } },
-    /* 31 << 35 */
-    { { 0x6cde738dc6c01120L,0x71db0813ae70e0dbL,0x95fc064474afe18cL,
-        0x34619053129e2be7L },
-      { 0x80615ceadb2a3b15L,0x0a49a19edb4c7073L,0x0e1b84c88fd2d367L,
-        0xd74bf462033fb8aaL } },
-    /* 32 << 35 */
-    { { 0x889f6d65533ef217L,0x7158c7e4c3ca2e87L,0xfb670dfbdc2b4167L,
-        0x75910a01844c257fL },
-      { 0xf336bf07cf88577dL,0x22245250e45e2aceL,0x2ed92e8d7ca23d85L,
-        0x29f8be4c2b812f58L } },
-    /* 33 << 35 */
-    { { 0xdd9ebaa7076fe12bL,0x3f2400cbae1537f9L,0x1aa9352817bdfb46L,
-        0xc0f9843067883b41L },
-      { 0x5590ede10170911dL,0x7562f5bb34d4b17fL,0xe1fa1df21826b8d2L,
-        0xb40b796a6bd80d59L } },
-    /* 34 << 35 */
-    { { 0xd65bf1973467ba92L,0x8c9b46dbf70954b0L,0x97c8a0f30e78f15dL,
-        0xa8f3a69a85a4c961L },
-      { 0x4242660f61e4ce9bL,0xbf06aab36ea6790cL,0xc6706f8eec986416L,
-        0x9e56dec19a9fc225L } },
-    /* 35 << 35 */
-    { { 0x527c46f49a9898d9L,0xd799e77b5633cdefL,0x24eacc167d9e4297L,
-        0xabb61cea6b1cb734L },
-      { 0xbee2e8a7f778443cL,0x3bb42bf129de2fe6L,0xcbed86a13003bb6fL,
-        0xd3918e6cd781cdf6L } },
-    /* 36 << 35 */
-    { { 0x4bee32719a5103f1L,0x5243efc6f50eac06L,0xb8e122cb6adcc119L,
-        0x1b7faa84c0b80a08L },
-      { 0x32c3d1bd6dfcd08cL,0x129dec4e0be427deL,0x98ab679c1d263c83L,
-        0xafc83cb7cef64effL } },
-    /* 37 << 35 */
-    { { 0x85eb60882fa6be76L,0x892585fb1328cbfeL,0xc154d3edcf618ddaL,
-        0xc44f601b3abaf26eL },
-      { 0x7bf57d0b2be1fdfdL,0xa833bd2d21137feeL,0x9353af362db591a8L,
-        0xc76f26dc5562a056L } },
-    /* 38 << 35 */
-    { { 0x1d87e47d3fdf5a51L,0x7afb5f9355c9cab0L,0x91bbf58f89e0586eL,
-        0x7c72c0180d843709L },
-      { 0xa9a5aafb99b5c3dcL,0xa48a0f1d3844aeb0L,0x7178b7ddb667e482L,
-        0x453985e96e23a59aL } },
-    /* 39 << 35 */
-    { { 0x4a54c86001b25dd8L,0x0dd37f48fb897c8aL,0x5f8aa6100ea90cd9L,
-        0xc8892c6816d5830dL },
-      { 0xeb4befc0ef514ca5L,0x478eb679e72c9ee6L,0x9bca20dadbc40d5fL,
-        0xf015de21dde4f64aL } },
-    /* 40 << 35 */
-    { { 0xaa6a4de0eaf4b8a5L,0x68cfd9ca4bc60e32L,0x668a4b017fd15e70L,
-        0xd9f0694af27dc09dL },
-      { 0xf6c3cad5ba708bcdL,0x5cd2ba695bb95c2aL,0xaa28c1d333c0a58fL,
-        0x23e274e3abc77870L } },
-    /* 41 << 35 */
-    { { 0x44c3692ddfd20a4aL,0x091c5fd381a66653L,0x6c0bb69109a0757dL,
-        0x9072e8b9667343eaL },
-      { 0x31d40eb080848becL,0x95bd480a79fd36ccL,0x01a77c6165ed43f5L,
-        0xafccd1272e0d40bfL } },
-    /* 42 << 35 */
-    { { 0xeccfc82d1cc1884bL,0xc85ac2015d4753b4L,0xc7a6caac658e099fL,
-        0xcf46369e04b27390L },
-      { 0xe2e7d049506467eaL,0x481b63a237cdecccL,0x4029abd8ed80143aL,
-        0x28bfe3c7bcb00b88L } },
-    /* 43 << 35 */
-    { { 0x3bec10090643d84aL,0x885f3668abd11041L,0xdb02432cf83a34d6L,
-        0x32f7b360719ceebeL },
-      { 0xf06c7837dad1fe7aL,0x60a157a95441a0b0L,0x704970e9e2d47550L,
-        0xcd2bd553271b9020L } },
-    /* 44 << 35 */
-    { { 0xff57f82f33e24a0bL,0x9cbee23ff2565079L,0x16353427eb5f5825L,
-        0x276feec4e948d662L },
-      { 0xd1b62bc6da10032bL,0x718351ddf0e72a53L,0x934520762420e7baL,
-        0x96368fff3a00118dL } },
-    /* 45 << 35 */
-    { { 0x00ce2d26150a49e4L,0x0c28b6363f04706bL,0xbad65a4658b196d0L,
-        0x6c8455fcec9f8b7cL },
-      { 0xe90c895f2d71867eL,0x5c0be31bedf9f38cL,0x2a37a15ed8f6ec04L,
-        0x239639e78cd85251L } },
-    /* 46 << 35 */
-    { { 0xd89753159c7c4c6bL,0x603aa3c0d7409af7L,0xb8d53d0c007132fbL,
-        0x68d12af7a6849238L },
-      { 0xbe0607e7bf5d9279L,0x9aa50055aada74ceL,0xe81079cbba7e8ccbL,
-        0x610c71d1a5f4ff5eL } },
-    /* 47 << 35 */
-    { { 0x9e2ee1a75aa07093L,0xca84004ba75da47cL,0x074d39513de75401L,
-        0xf938f756bb311592L },
-      { 0x9619761800a43421L,0x39a2536207bc78c8L,0x278f710a0a171276L,
-        0xb28446ea8d1a8f08L } },
-    /* 48 << 35 */
-    { { 0x184781bfe3b6a661L,0x7751cb1de6d279f7L,0xf8ff95d6c59eb662L,
-        0x186d90b758d3dea7L },
-      { 0x0e4bb6c1dfb4f754L,0x5c5cf56b2b2801dcL,0xc561e4521f54564dL,
-        0xb4fb8c60f0dd7f13L } },
-    /* 49 << 35 */
-    { { 0xf884963033ff98c7L,0x9619fffacf17769cL,0xf8090bf61bfdd80aL,
-        0x14d9a149422cfe63L },
-      { 0xb354c3606f6df9eaL,0xdbcf770d218f17eaL,0x207db7c879eb3480L,
-        0x213dbda8559b6a26L } },
-    /* 50 << 35 */
-    { { 0xac4c200b29fc81b3L,0xebc3e09f171d87c1L,0x917995301481aa9eL,
-        0x051b92e192e114faL },
-      { 0xdf8f92e9ecb5537fL,0x44b1b2cc290c7483L,0xa711455a2adeb016L,
-        0x964b685681a10c2cL } },
-    /* 51 << 35 */
-    { { 0x4f159d99cec03623L,0x05532225ef3271eaL,0xb231bea3c5ee4849L,
-        0x57a54f507094f103L },
-      { 0x3e2d421d9598b352L,0xe865a49c67412ab4L,0xd2998a251cc3a912L,
-        0x5d0928080c74d65dL } },
-    /* 52 << 35 */
-    { { 0x73f459084088567aL,0xeb6b280e1f214a61L,0x8c9adc34caf0c13dL,
-        0x39d12938f561fb80L },
-      { 0xb2dc3a5ebc6edfb4L,0x7485b1b1fe4d210eL,0x062e0400e186ae72L,
-        0x91e32d5c6eeb3b88L } },
-    /* 53 << 35 */
-    { { 0x6df574d74be59224L,0xebc88ccc716d55f3L,0x26c2e6d0cad6ed33L,
-        0xc6e21e7d0d3e8b10L },
-      { 0x2cc5840e5bcc36bbL,0x9292445e7da74f69L,0x8be8d3214e5193a8L,
-        0x3ec236298df06413L } },
-    /* 54 << 35 */
-    { { 0xc7e9ae85b134defaL,0x6073b1d01bb2d475L,0xb9ad615e2863c00dL,
-        0x9e29493d525f4ac4L },
-      { 0xc32b1dea4e9acf4fL,0x3e1f01c8a50db88dL,0xb05d70ea04da916cL,
-        0x714b0d0ad865803eL } },
-    /* 55 << 35 */
-    { { 0x4bd493fc9920cb5eL,0x5b44b1f792c7a3acL,0xa2a77293bcec9235L,
-        0x5ee06e87cd378553L },
-      { 0xceff8173da621607L,0x2bb03e4c99f5d290L,0x2945106aa6f734acL,
-        0xb5056604d25c4732L } },
-    /* 56 << 35 */
-    { { 0x5945920ce079afeeL,0x686e17a06789831fL,0x5966bee8b74a5ae5L,
-        0x38a673a21e258d46L },
-      { 0xbd1cc1f283141c95L,0x3b2ecf4f0e96e486L,0xcd3aa89674e5fc78L,
-        0x415ec10c2482fa7aL } },
-    /* 57 << 35 */
-    { { 0x1523441980503380L,0x513d917ad314b392L,0xb0b52f4e63caecaeL,
-        0x07bf22ad2dc7780bL },
-      { 0xe761e8a1e4306839L,0x1b3be9625dd7feaaL,0x4fe728de74c778f1L,
-        0xf1fa0bda5e0070f6L } },
-    /* 58 << 35 */
-    { { 0x85205a316ec3f510L,0x2c7e4a14d2980475L,0xde3c19c06f30ebfdL,
-        0xdb1c1f38d4b7e644L },
-      { 0xfe291a755dce364aL,0xb7b22a3c058f5be3L,0x2cd2c30237fea38cL,
-        0x2930967a2e17be17L } },
-    /* 59 << 35 */
-    { { 0x87f009de0c061c65L,0xcb014aacedc6ed44L,0x49bd1cb43bafb1ebL,
-        0x81bd8b5c282d3688L },
-      { 0x1cdab87ef01a17afL,0x21f37ac4e710063bL,0x5a6c567642fc8193L,
-        0xf4753e7056a6015cL } },
-    /* 60 << 35 */
-    { { 0x020f795ea15b0a44L,0x8f37c8d78958a958L,0x63b7e89ba4b675b5L,
-        0xb4fb0c0c0fc31aeaL },
-      { 0xed95e639a7ff1f2eL,0x9880f5a3619614fbL,0xdeb6ff02947151abL,
-        0x5bc5118ca868dcdbL } },
-    /* 61 << 35 */
-    { { 0xd8da20554c20cea5L,0xcac2776e14c4d69aL,0xcccb22c1622d599bL,
-        0xa4ddb65368a9bb50L },
-      { 0x2c4ff1511b4941b4L,0xe1ff19b46efba588L,0x35034363c48345e0L,
-        0x45542e3d1e29dfc4L } },
-    /* 62 << 35 */
-    { { 0xf197cb91349f7aedL,0x3b2b5a008fca8420L,0x7c175ee823aaf6d8L,
-        0x54dcf42135af32b6L },
-      { 0x0ba1430727d6561eL,0x879d5ee4d175b1e2L,0xc7c4367399807db5L,
-        0x77a544559cd55bcdL } },
-    /* 63 << 35 */
-    { { 0xe6c2ff130105c072L,0x18f7a99f8dda7da4L,0x4c3018200e2d35c1L,
-        0x06a53ca0d9cc6c82L },
-      { 0xaa21cc1ef1aa1d9eL,0x324143344a75b1e8L,0x2a6d13280ebe9fdcL,
-        0x16bd173f98a4755aL } },
-    /* 64 << 35 */
-    { { 0xfbb9b2452133ffd9L,0x39a8b2f1830f1a20L,0x484bc97dd5a1f52aL,
-        0xd6aebf56a40eddf8L },
-      { 0x32257acb76ccdac6L,0xaf4d36ec1586ff27L,0x8eaa8863f8de7dd1L,
-        0x0045d5cf88647c16L } },
-    /* 0 << 42 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 42 */
-    { { 0xa6f3d574c005979dL,0xc2072b426a40e350L,0xfca5c1568de2ecf9L,
-        0xa8c8bf5ba515344eL },
-      { 0x97aee555114df14aL,0xd4374a4dfdc5ec6bL,0x754cc28f2ca85418L,
-        0x71cb9e27d3c41f78L } },
-    /* 2 << 42 */
-    { { 0x8910507903605c39L,0xf0843d9ea142c96cL,0xf374493416923684L,
-        0x732caa2ffa0a2893L },
-      { 0xb2e8c27061160170L,0xc32788cc437fbaa3L,0x39cd818ea6eda3acL,
-        0xe2e942399e2b2e07L } },
-    /* 3 << 42 */
-    { { 0x6967d39b0260e52aL,0xd42585cc90653325L,0x0d9bd60521ca7954L,
-        0x4fa2087781ed57b3L },
-      { 0x60c1eff8e34a0bbeL,0x56b0040c84f6ef64L,0x28be2b24b1af8483L,
-        0xb2278163f5531614L } },
-    /* 4 << 42 */
-    { { 0x8df275455922ac1cL,0xa7b3ef5ca52b3f63L,0x8e77b21471de57c4L,
-        0x31682c10834c008bL },
-      { 0xc76824f04bd55d31L,0xb6d1c08617b61c71L,0x31db0903c2a5089dL,
-        0x9c092172184e5d3fL } },
-    /* 5 << 42 */
-    { { 0xdd7ced5bc00cc638L,0x1a2015eb61278fc2L,0x2e8e52886a37f8d6L,
-        0xc457786fe79933adL },
-      { 0xb3fe4cce2c51211aL,0xad9b10b224c20498L,0x90d87a4fd28db5e5L,
-        0x698cd1053aca2fc3L } },
-    /* 6 << 42 */
-    { { 0x4f112d07e91b536dL,0xceb982f29eba09d6L,0x3c157b2c197c396fL,
-        0xe23c2d417b66eb24L },
-      { 0x480c57d93f330d37L,0xb3a4c8a179108debL,0x702388decb199ce5L,
-        0x0b019211b944a8d4L } },
-    /* 7 << 42 */
-    { { 0x24f2a692840bb336L,0x7c353bdca669fa7bL,0xda20d6fcdec9c300L,
-        0x625fbe2fa13a4f17L },
-      { 0xa2b1b61adbc17328L,0x008965bfa9515621L,0x49690939c620ff46L,
-        0x182dd27d8717e91cL } },
-    /* 8 << 42 */
-    { { 0x5ace5035ea6c3997L,0x54259aaac2610befL,0xef18bb3f3c80dd39L,
-        0x6910b95b5fc3fa39L },
-      { 0xfce2f51043e09aeeL,0xced56c9fa7675665L,0x10e265acd872db61L,
-        0x6982812eae9fce69L } },
-    /* 9 << 42 */
-    { { 0x29be11c6ce800998L,0x72bb1752b90360d9L,0x2c1931975a4ad590L,
-        0x2ba2f5489fc1dbc0L },
-      { 0x7fe4eebbe490ebe0L,0x12a0a4cd7fae11c0L,0x7197cf81e903ba37L,
-        0xcf7d4aa8de1c6dd8L } },
-    /* 10 << 42 */
-    { { 0x92af6bf43fd5684cL,0x2b26eecf80360aa1L,0xbd960f3000546a82L,
-        0x407b3c43f59ad8feL },
-      { 0x86cae5fe249c82baL,0x9e0faec72463744cL,0x87f551e894916272L,
-        0x033f93446ceb0615L } },
-    /* 11 << 42 */
-    { { 0x1e5eb0d18be82e84L,0x89967f0e7a582fefL,0xbcf687d5a6e921faL,
-        0xdfee4cf3d37a09baL },
-      { 0x94f06965b493c465L,0x638b9a1c7635c030L,0x7666786466f05e9fL,
-        0xccaf6808c04da725L } },
-    /* 12 << 42 */
-    { { 0xca2eb690768fccfcL,0xf402d37db835b362L,0x0efac0d0e2fdfcceL,
-        0xefc9cdefb638d990L },
-      { 0x2af12b72d1669a8bL,0x33c536bc5774ccbdL,0x30b21909fb34870eL,
-        0xc38fa2f77df25acaL } },
-    /* 13 << 42 */
-    { { 0x74c5f02bbf81f3f5L,0x0525a5aeaf7e4581L,0x88d2aaba433c54aeL,
-        0xed9775db806a56c5L },
-      { 0xd320738ac0edb37dL,0x25fdb6ee66cc1f51L,0xac661d1710600d76L,
-        0x931ec1f3bdd1ed76L } },
-    /* 14 << 42 */
-    { { 0x65c11d6219ee43f1L,0x5cd57c3e60829d97L,0xd26c91a3984be6e8L,
-        0xf08d93098b0c53bdL },
-      { 0x94bc9e5bc016e4eaL,0xd391683911d43d2bL,0x886c5ad773701155L,
-        0xe037762620b00715L } },
-    /* 15 << 42 */
-    { { 0x7f01c9ecaa80ba59L,0x3083411a68538e51L,0x970370f1e88128afL,
-        0x625cc3db91dec14bL },
-      { 0xfef9666c01ac3107L,0xb2a8d577d5057ac3L,0xb0f2629992be5df7L,
-        0xf579c8e500353924L } },
-    /* 16 << 42 */
-    { { 0xb8fa3d931341ed7aL,0x4223272ca7b59d49L,0x3dcb194783b8c4a4L,
-        0x4e413c01ed1302e4L },
-      { 0x6d999127e17e44ceL,0xee86bf7533b3adfbL,0xf6902fe625aa96caL,
-        0xb73540e4e5aae47dL } },
-    /* 17 << 42 */
-    { { 0x32801d7b1b4a158cL,0xe571c99e27e2a369L,0x40cb76c010d9f197L,
-        0xc308c2893167c0aeL },
-      { 0xa6ef9dd3eb7958f2L,0xa7226dfc300879b1L,0x6cd0b3627edf0636L,
-        0x4efbce6c7bc37eedL } },
-    /* 18 << 42 */
-    { { 0x75f92a058d699021L,0x586d4c79772566e3L,0x378ca5f1761ad23aL,
-        0x650d86fc1465a8acL },
-      { 0x7a4ed457842ba251L,0x6b65e3e642234933L,0xaf1543b731aad657L,
-        0xa4cefe98cbfec369L } },
-    /* 19 << 42 */
-    { { 0xb587da909f47befbL,0x6562e9fb41312d13L,0xa691ea59eff1cefeL,
-        0xcc30477a05fc4cf6L },
-      { 0xa16324610b0ffd3dL,0xa1f16f3b5b355956L,0x5b148d534224ec24L,
-        0xdc834e7bf977012aL } },
-    /* 20 << 42 */
-    { { 0x7bfc5e75b2c69dbcL,0x3aa77a2903c3da6cL,0xde0df03cca910271L,
-        0xcbd5ca4a7806dc55L },
-      { 0xe1ca58076db476cbL,0xfde15d625f37a31eL,0xf49af520f41af416L,
-        0x96c5c5b17d342db5L } },
-    /* 21 << 42 */
-    { { 0x155c43b7eb4ceb9bL,0x2e9930104e77371aL,0x1d2987da675d43afL,
-        0xef2bc1c08599fd72L },
-      { 0x96894b7b9342f6b2L,0x201eadf27c8e71f0L,0xf3479d9f4a1f3efcL,
-        0xe0f8a742702a9704L } },
-    /* 22 << 42 */
-    { { 0xeafd44b6b3eba40cL,0xf9739f29c1c1e0d0L,0x0091471a619d505eL,
-        0xc15f9c969d7c263eL },
-      { 0x5be4728583afbe33L,0xa3b6d6af04f1e092L,0xe76526b9751a9d11L,
-        0x2ec5b26d9a4ae4d2L } },
-    /* 23 << 42 */
-    { { 0xeb66f4d902f6fb8dL,0x4063c56196912164L,0xeb7050c180ef3000L,
-        0x288d1c33eaa5b3f0L },
-      { 0xe87c68d607806fd8L,0xb2f7f9d54bbbf50fL,0x25972f3aac8d6627L,
-        0xf854777410e8c13bL } },
-    /* 24 << 42 */
-    { { 0xcc50ef6c872b4a60L,0xab2a34a44613521bL,0x39c5c190983e15d1L,
-        0x61dde5df59905512L },
-      { 0xe417f6219f2275f3L,0x0750c8b6451d894bL,0x75b04ab978b0bdaaL,
-        0x3bfd9fd4458589bdL } },
-    /* 25 << 42 */
-    { { 0xf1013e30ee9120b6L,0x2b51af9323a4743eL,0xea96ffae48d14d9eL,
-        0x71dc0dbe698a1d32L },
-      { 0x914962d20180cca4L,0x1ae60677c3568963L,0x8cf227b1437bc444L,
-        0xc650c83bc9962c7aL } },
-    /* 26 << 42 */
-    { { 0x23c2c7ddfe7ccfc4L,0xf925c89d1b929d48L,0x4460f74b06783c33L,
-        0xac2c8d49a590475aL },
-      { 0xfb40b407b807bba0L,0x9d1e362d69ff8f3aL,0xa33e9681cbef64a4L,
-        0x67ece5fa332fb4b2L } },
-    /* 27 << 42 */
-    { { 0x6900a99b739f10e3L,0xc3341ca9ff525925L,0xee18a626a9e2d041L,
-        0xa5a8368529580dddL },
-      { 0xf3470c819d7de3cdL,0xedf025862062cf9cL,0xf43522fac010edb0L,
-        0x3031413513a4b1aeL } },
-    /* 28 << 42 */
-    { { 0xc792e02adb22b94bL,0x993d8ae9a1eaa45bL,0x8aad6cd3cd1e1c63L,
-        0x89529ca7c5ce688aL },
-      { 0x2ccee3aae572a253L,0xe02b643802a21efbL,0xa7091b6ec9430358L,
-        0x06d1b1fa9d7db504L } },
-    /* 29 << 42 */
-    { { 0x58846d32c4744733L,0x40517c71379f9e34L,0x2f65655f130ef6caL,
-        0x526e4488f1f3503fL },
-      { 0x8467bd177ee4a976L,0x1d9dc913921363d1L,0xd8d24c33b069e041L,
-        0x5eb5da0a2cdf7f51L } },
-    /* 30 << 42 */
-    { { 0x1c0f3cb1197b994fL,0x3c95a6c52843eae9L,0x7766ffc9a6097ea5L,
-        0x7bea4093d723b867L },
-      { 0xb48e1f734db378f9L,0x70025b00e37b77acL,0x943dc8e7af24ad46L,
-        0xb98a15ac16d00a85L } },
-    /* 31 << 42 */
-    { { 0x3adc38ba2743b004L,0xb1c7f4f7334415eeL,0xea43df8f1e62d05aL,
-        0x326189059d76a3b6L },
-      { 0x2fbd0bb5a23a0f46L,0x5bc971db6a01918cL,0x7801d94ab4743f94L,
-        0xb94df65e676ae22bL } },
-    /* 32 << 42 */
-    { { 0xaafcbfabaf95894cL,0x7b9bdc07276b2241L,0xeaf983625bdda48bL,
-        0x5977faf2a3fcb4dfL },
-      { 0xbed042ef052c4b5bL,0x9fe87f71067591f0L,0xc89c73ca22f24ec7L,
-        0x7d37fa9ee64a9f1bL } },
-    /* 33 << 42 */
-    { { 0x2710841a15562627L,0x2c01a613c243b034L,0x1d135c562bc68609L,
-        0xc2ca17158b03f1f6L },
-      { 0xc9966c2d3eb81d82L,0xc02abf4a8f6df13eL,0x77b34bd78f72b43bL,
-        0xaff6218f360c82b0L } },
-    /* 34 << 42 */
-    { { 0x0aa5726c8d55b9d2L,0xdc0adbe999e9bffbL,0x9097549cefb9e72aL,
-        0x167557129dfb3111L },
-      { 0xdd8bf984f26847f9L,0xbcb8e387dfb30cb7L,0xc1fd32a75171ef9cL,
-        0x977f3fc7389b363fL } },
-    /* 35 << 42 */
-    { { 0x116eaf2bf4babda0L,0xfeab68bdf7113c8eL,0xd1e3f064b7def526L,
-        0x1ac30885e0b3fa02L },
-      { 0x1c5a6e7b40142d9dL,0x839b560330921c0bL,0x48f301fa36a116a3L,
-        0x380e1107cfd9ee6dL } },
-    /* 36 << 42 */
-    { { 0x7945ead858854be1L,0x4111c12ecbd4d49dL,0xece3b1ec3a29c2efL,
-        0x6356d4048d3616f5L },
-      { 0x9f0d6a8f594d320eL,0x0989316df651ccd2L,0x6c32117a0f8fdde4L,
-        0x9abe5cc5a26a9bbcL } },
-    /* 37 << 42 */
-    { { 0xcff560fb9723f671L,0x21b2a12d7f3d593cL,0xe4cb18da24ba0696L,
-        0x186e2220c3543384L },
-      { 0x722f64e088312c29L,0x94282a9917dc7752L,0x62467bbf5a85ee89L,
-        0xf435c650f10076a0L } },
-    /* 38 << 42 */
-    { { 0xc9ff153943b3a50bL,0x7132130c1a53efbcL,0x31bfe063f7b0c5b7L,
-        0xb0179a7d4ea994ccL },
-      { 0x12d064b3c85f455bL,0x472593288f6e0062L,0xf64e590bb875d6d9L,
-        0x22dd6225ad92bcc7L } },
-    /* 39 << 42 */
-    { { 0xb658038eb9c3bd6dL,0x00cdb0d6fbba27c8L,0x0c6813371062c45dL,
-        0xd8515b8c2d33407dL },
-      { 0xcb8f699e8cbb5ecfL,0x8c4347f8c608d7d8L,0x2c11850abb3e00dbL,
-        0x20a8dafdecb49d19L } },
-    /* 40 << 42 */
-    { { 0xbd78148045ee2f40L,0x75e354af416b60cfL,0xde0b58a18d49a8c4L,
-        0xe40e94e2fa359536L },
-      { 0xbd4fa59f62accd76L,0x05cf466a8c762837L,0xb5abda99448c277bL,
-        0x5a9e01bf48b13740L } },
-    /* 41 << 42 */
-    { { 0x9d457798326aad8dL,0xbdef4954c396f7e7L,0x6fb274a2c253e292L,
-        0x2800bf0a1cfe53e7L },
-      { 0x22426d3144438fd4L,0xef2339235e259f9aL,0x4188503c03f66264L,
-        0x9e5e7f137f9fdfabL } },
-    /* 42 << 42 */
-    { { 0x565eb76c5fcc1abaL,0xea63254859b5bff8L,0x5587c087aab6d3faL,
-        0x92b639ea6ce39c1bL },
-      { 0x0706e782953b135cL,0x7308912e425268efL,0x599e92c7090e7469L,
-        0x83b90f529bc35e75L } },
-    /* 43 << 42 */
-    { { 0x4750b3d0244975b3L,0xf3a4435811965d72L,0x179c67749c8dc751L,
-        0xff18cdfed23d9ff0L },
-      { 0xc40138332028e247L,0x96e280e2f3bfbc79L,0xf60417bdd0880a84L,
-        0x263c9f3d2a568151L } },
-    /* 44 << 42 */
-    { { 0x36be15b32d2ce811L,0x846dc0c2f8291d21L,0x5cfa0ecb789fcfdbL,
-        0x45a0beedd7535b9aL },
-      { 0xec8e9f0796d69af1L,0x31a7c5b8599ab6dcL,0xd36d45eff9e2e09fL,
-        0x3cf49ef1dcee954bL } },
-    /* 45 << 42 */
-    { { 0x6be34cf3086cff9bL,0x88dbd49139a3360fL,0x1e96b8cc0dbfbd1dL,
-        0xc1e5f7bfcb7e2552L },
-      { 0x0547b21428819d98L,0xc770dd9c7aea9dcbL,0xaef0d4c7041d68c8L,
-        0xcc2b981813cb9ba8L } },
-    /* 46 << 42 */
-    { { 0x7fc7bc76fe86c607L,0x6b7b9337502a9a95L,0x1948dc27d14dab63L,
-        0x249dd198dae047beL },
-      { 0xe8356584a981a202L,0x3531dd183a893387L,0x1be11f90c85c7209L,
-        0x93d2fe1ee2a52b5aL } },
-    /* 47 << 42 */
-    { { 0x8225bfe2ec6d6b97L,0x9cf6d6f4bd0aa5deL,0x911459cb54779f5fL,
-        0x5649cddb86aeb1f3L },
-      { 0x321335793f26ce5aL,0xc289a102550f431eL,0x559dcfda73b84c6fL,
-        0x84973819ee3ac4d7L } },
-    /* 48 << 42 */
-    { { 0xb51e55e6f2606a82L,0xe25f706190f2fb57L,0xacef6c2ab1a4e37cL,
-        0x864e359d5dcf2706L },
-      { 0x479e6b187ce57316L,0x2cab25003a96b23dL,0xed4898628ef16df7L,
-        0x2056538cef3758b5L } },
-    /* 49 << 42 */
-    { { 0xa7df865ef15d3101L,0x80c5533a61b553d7L,0x366e19974ed14294L,
-        0x6620741fb3c0bcd6L },
-      { 0x21d1d9c4edc45418L,0x005b859ec1cc4a9dL,0xdf01f630a1c462f0L,
-        0x15d06cf3f26820c7L } },
-    /* 50 << 42 */
-    { { 0x9f7f24ee3484be47L,0x2ff33e964a0c902fL,0x00bdf4575a0bc453L,
-        0x2378dfaf1aa238dbL },
-      { 0x272420ec856720f2L,0x2ad9d95b96797291L,0xd1242cc6768a1558L,
-        0x2e287f8b5cc86aa8L } },
-    /* 51 << 42 */
-    { { 0x796873d0990cecaaL,0xade55f81675d4080L,0x2645eea321f0cd84L,
-        0x7a1efa0fb4e17d02L },
-      { 0xf6858420037cc061L,0x682e05f0d5d43e12L,0x59c3699427218710L,
-        0x85cbba4d3f7cd2fcL } },
-    /* 52 << 42 */
-    { { 0x726f97297a3cd22aL,0x9f8cd5dc4a628397L,0x17b93ab9c23165edL,
-        0xff5f5dbf122823d4L },
-      { 0xc1e4e4b5654a446dL,0xd1a9496f677257baL,0x6387ba94de766a56L,
-        0x23608bc8521ec74aL } },
-    /* 53 << 42 */
-    { { 0x16a522d76688c4d4L,0x9d6b428207373abdL,0xa62f07acb42efaa3L,
-        0xf73e00f7e3b90180L },
-      { 0x36175fec49421c3eL,0xc4e44f9b3dcf2678L,0x76df436b7220f09fL,
-        0x172755fb3aa8b6cfL } },
-    /* 54 << 42 */
-    { { 0xbab89d57446139ccL,0x0a0a6e025fe0208fL,0xcdbb63e211e5d399L,
-        0x33ecaa12a8977f0bL },
-      { 0x59598b21f7c42664L,0xb3e91b32ab65d08aL,0x035822eef4502526L,
-        0x1dcf0176720a82a9L } },
-    /* 55 << 42 */
-    { { 0x50f8598f3d589e02L,0xdf0478ffb1d63d2cL,0x8b8068bd1571cd07L,
-        0x30c3aa4fd79670cdL },
-      { 0x25e8fd4b941ade7fL,0x3d1debdc32790011L,0x65b6dcbd3a3f9ff0L,
-        0x282736a4793de69cL } },
-    /* 56 << 42 */
-    { { 0xef69a0c3d41d3bd3L,0xb533b8c907a26bdeL,0xe2801d97db2edf9fL,
-        0xdc4a8269e1877af0L },
-      { 0x6c1c58513d590dbeL,0x84632f6bee4e9357L,0xd36d36b779b33374L,
-        0xb46833e39bbca2e6L } },
-    /* 57 << 42 */
-    { { 0x37893913f7fc0586L,0x385315f766bf4719L,0x72c56293b31855dcL,
-        0xd1416d4e849061feL },
-      { 0xbeb3ab7851047213L,0x447f6e61f040c996L,0xd06d310d638b1d0cL,
-        0xe28a413fbad1522eL } },
-    /* 58 << 42 */
-    { { 0x685a76cb82003f86L,0x610d07f70bcdbca3L,0x6ff660219ca4c455L,
-        0x7df39b87cea10eecL },
-      { 0xb9255f96e22db218L,0x8cc6d9eb08a34c44L,0xcd4ffb86859f9276L,
-        0x8fa15eb250d07335L } },
-    /* 59 << 42 */
-    { { 0xdf553845cf2c24b5L,0x89f66a9f52f9c3baL,0x8f22b5b9e4a7ceb3L,
-        0xaffef8090e134686L },
-      { 0x3e53e1c68eb8fac2L,0x93c1e4eb28aec98eL,0xb6b91ec532a43bcbL,
-        0x2dbfa947b2d74a51L } },
-    /* 60 << 42 */
-    { { 0xe065d190ca84bad7L,0xfb13919fad58e65cL,0x3c41718bf1cb6e31L,
-        0x688969f006d05c3fL },
-      { 0xd4f94ce721264d45L,0xfdfb65e97367532bL,0x5b1be8b10945a39dL,
-        0x229f789c2b8baf3bL } },
-    /* 61 << 42 */
-    { { 0xd8f41f3e6f49f15dL,0x678ce828907f0792L,0xc69ace82fca6e867L,
-        0x106451aed01dcc89L },
-      { 0x1bb4f7f019fc32d2L,0x64633dfcb00c52d2L,0x8f13549aad9ea445L,
-        0x99a3bf50fb323705L } },
-    /* 62 << 42 */
-    { { 0x0c9625a2534d4dbcL,0x45b8f1d1c2a2fea3L,0x76ec21a1a530fc1aL,
-        0x4bac9c2a9e5bd734L },
-      { 0x5996d76a7b4e3587L,0x0045cdee1182d9e3L,0x1aee24b91207f13dL,
-        0x66452e9797345a41L } },
-    /* 63 << 42 */
-    { { 0x16e5b0549f950cd0L,0x9cc72fb1d7fdd075L,0x6edd61e766249663L,
-        0xde4caa4df043cccbL },
-      { 0x11b1f57a55c7ac17L,0x779cbd441a85e24dL,0x78030f86e46081e7L,
-        0xfd4a60328e20f643L } },
-    /* 64 << 42 */
-    { { 0xcc7a64880a750c0fL,0x39bacfe34e548e83L,0x3d418c760c110f05L,
-        0x3e4daa4cb1f11588L },
-      { 0x2733e7b55ffc69ffL,0x46f147bc92053127L,0x885b2434d722df94L,
-        0x6a444f65e6fc6b7cL } },
-    /* 0 << 49 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 49 */
-    { { 0x7a1a465ac3f16ea8L,0x115a461db2f1d11cL,0x4767dd956c68a172L,
-        0x3392f2ebd13a4698L },
-      { 0xc7a99ccde526cdc7L,0x8e537fdc22292b81L,0x76d8cf69a6d39198L,
-        0xffc5ff432446852dL } },
-    /* 2 << 49 */
-    { { 0x97b14f7ea90567e6L,0x513257b7b6ae5cb7L,0x85454a3c9f10903dL,
-        0xd8d2c9ad69bc3724L },
-      { 0x38da93246b29cb44L,0xb540a21d77c8cbacL,0x9bbfe43501918e42L,
-        0xfffa707a56c3614eL } },
-    /* 3 << 49 */
-    { { 0x0ce4e3f1d4e353b7L,0x062d8a14ef46b0a0L,0x6408d5ab574b73fdL,
-        0xbc41d1c9d3273ffdL },
-      { 0x3538e1e76be77800L,0x71fe8b37c5655031L,0x1cd916216b9b331aL,
-        0xad825d0bbb388f73L } },
-    /* 4 << 49 */
-    { { 0x56c2e05b1cb76219L,0x0ec0bf9171567e7eL,0xe7076f8661c4c910L,
-        0xd67b085bbabc04d9L },
-      { 0x9fb904595e93a96aL,0x7526c1eafbdc249aL,0x0d44d367ecdd0bb7L,
-        0x953999179dc0d695L } },
-    /* 5 << 49 */
-    { { 0x61360ee99e240d18L,0x057cdcacb4b94466L,0xe7667cd12fe5325cL,
-        0x1fa297b521974e3bL },
-      { 0xfa4081e7db083d76L,0x31993be6f206bd15L,0x8949269b14c19f8cL,
-        0x21468d72a9d92357L } },
-    /* 6 << 49 */
-    { { 0x2ccbc583a4c506ecL,0x957ed188d1acfe97L,0x8baed83312f1aea2L,
-        0xef2a6cb48325362dL },
-      { 0x130dde428e195c43L,0xc842025a0e6050c6L,0x2da972a708686a5dL,
-        0xb52999a1e508b4a8L } },
-    /* 7 << 49 */
-    { { 0xd9f090b910a5a8bdL,0xca91d249096864daL,0x8e6a93be3f67dbc1L,
-        0xacae6fbaf5f4764cL },
-      { 0x1563c6e0d21411a0L,0x28fa787fda0a4ad8L,0xd524491c908c8030L,
-        0x1257ba0e4c795f07L } },
-    /* 8 << 49 */
-    { { 0x83f49167ceca9754L,0x426d2cf64b7939a0L,0x2555e355723fd0bfL,
-        0xa96e6d06c4f144e2L },
-      { 0x4768a8dd87880e61L,0x15543815e508e4d5L,0x09d7e772b1b65e15L,
-        0x63439dd6ac302fa0L } },
-    /* 9 << 49 */
-    { { 0xb93f802fc14e35c2L,0x71735b7c4341333cL,0x03a2510416d4f362L,
-        0x3f4d069bbf433c8eL },
-      { 0x0d83ae01f78f5a7cL,0x50a8ffbe7c4eed07L,0xc74f890676e10f83L,
-        0x7d0809669ddaf8e1L } },
-    /* 10 << 49 */
-    { { 0xb11df8e1698e04ccL,0x877be203169005c8L,0x32749e8c4f3c6179L,
-        0x2dbc9d0a7853fc05L },
-      { 0x187d4f939454d937L,0xe682ce9db4800e1bL,0xa9129ad8165e68e8L,
-        0x0fe29735be7f785bL } },
-    /* 11 << 49 */
-    { { 0x5303f40c5b9e02b7L,0xa37c969235ee04e8L,0x5f46cc2034d6632bL,
-        0x55ef72b296ac545bL },
-      { 0xabec5c1f7b91b062L,0x0a79e1c7bb33e821L,0xbb04b4283a9f4117L,
-        0x0de1f28ffd2a475aL } },
-    /* 12 << 49 */
-    { { 0x31019ccf3a4434b4L,0xa34581111a7954dcL,0xa9dac80de34972a7L,
-        0xb043d05474f6b8ddL },
-      { 0x021c319e11137b1aL,0x00a754ceed5cc03fL,0x0aa2c794cbea5ad4L,
-        0x093e67f470c015b6L } },
-    /* 13 << 49 */
-    { { 0x72cdfee9c97e3f6bL,0xc10bcab4b6da7461L,0x3b02d2fcb59806b9L,
-        0x85185e89a1de6f47L },
-      { 0x39e6931f0eb6c4d4L,0x4d4440bdd4fa5b04L,0x5418786e34be7eb8L,
-        0x6380e5219d7259bcL } },
-    /* 14 << 49 */
-    { { 0x20ac0351d598d710L,0x272c4166cb3a4da4L,0xdb82fe1aca71de1fL,
-        0x746e79f2d8f54b0fL },
-      { 0x6e7fc7364b573e9bL,0x75d03f46fd4b5040L,0x5c1cc36d0b98d87bL,
-        0x513ba3f11f472da1L } },
-    /* 15 << 49 */
-    { { 0x79d0af26abb177ddL,0xf82ab5687891d564L,0x2b6768a972232173L,
-        0xefbb3bb08c1f6619L },
-      { 0xb29c11dba6d18358L,0x519e2797b0916d3aL,0xd4dc18f09188e290L,
-        0x648e86e398b0ca7fL } },
-    /* 16 << 49 */
-    { { 0x859d3145983c38b5L,0xb14f176c637abc8bL,0x2793fb9dcaff7be6L,
-        0xebe5a55f35a66a5aL },
-      { 0x7cec1dcd9f87dc59L,0x7c595cd3fbdbf560L,0x5b543b2226eb3257L,
-        0x69080646c4c935fdL } },
-    /* 17 << 49 */
-    { { 0x7f2e440381e9ede3L,0x243c3894caf6df0aL,0x7c605bb11c073b11L,
-        0xcd06a541ba6a4a62L },
-      { 0x2916894949d4e2e5L,0x33649d074af66880L,0xbfc0c885e9a85035L,
-        0xb4e52113fc410f4bL } },
-    /* 18 << 49 */
-    { { 0xdca3b70678a6513bL,0x92ea4a2a9edb1943L,0x02642216db6e2dd8L,
-        0x9b45d0b49fd57894L },
-      { 0x114e70dbc69d11aeL,0x1477dd194c57595fL,0xbc2208b4ec77c272L,
-        0x95c5b4d7db68f59cL } },
-    /* 19 << 49 */
-    { { 0xb8c4fc6342e532b7L,0x386ba4229ae35290L,0xfb5dda42d201ecbcL,
-        0x2353dc8ba0e38fd6L },
-      { 0x9a0b85ea68f7e978L,0x96ec56822ad6d11fL,0x5e279d6ce5f6886dL,
-        0xd3fe03cd3cb1914dL } },
-    /* 20 << 49 */
-    { { 0xfe541fa47ea67c77L,0x952bd2afe3ea810cL,0x791fef568d01d374L,
-        0xa3a1c6210f11336eL },
-      { 0x5ad0d5a9c7ec6d79L,0xff7038af3225c342L,0x003c6689bc69601bL,
-        0x25059bc745e8747dL } },
-    /* 21 << 49 */
-    { { 0xfa4965b2f2086fbfL,0xf6840ea686916078L,0xd7ac762070081d6cL,
-        0xe600da31b5328645L },
-      { 0x01916f63529b8a80L,0xe80e48582d7d6f3eL,0x29eb0fe8d664ca7cL,
-        0xf017637be7b43b0cL } },
-    /* 22 << 49 */
-    { { 0x9a75c80676cb2566L,0x8f76acb1b24892d9L,0x7ae7b9cc1f08fe45L,
-        0x19ef73296a4907d8L },
-      { 0x2db4ab715f228bf0L,0xf3cdea39817032d7L,0x0b1f482edcabe3c0L,
-        0x3baf76b4bb86325cL } },
-    /* 23 << 49 */
-    { { 0xd49065e010089465L,0x3bab5d298e77c596L,0x7636c3a6193dbd95L,
-        0xdef5d294b246e499L },
-      { 0xb22c58b9286b2475L,0xa0b93939cd80862bL,0x3002c83af0992388L,
-        0x6de01f9beacbe14cL } },
-    /* 24 << 49 */
-    { { 0x6aac688eadd70482L,0x708de92a7b4a4e8aL,0x75b6dd73758a6eefL,
-        0xea4bf352725b3c43L },
-      { 0x10041f2c87912868L,0xb1b1be95ef09297aL,0x19ae23c5a9f3860aL,
-        0xc4f0f839515dcf4bL } },
-    /* 25 << 49 */
-    { { 0x3c7ecca397f6306aL,0x744c44ae68a3a4b0L,0x69cd13a0b3a1d8a2L,
-        0x7cad0a1e5256b578L },
-      { 0xea653fcd33791d9eL,0x9cc2a05d74b2e05fL,0x73b391dcfd7affa2L,
-        0xddb7091eb6b05442L } },
-    /* 26 << 49 */
-    { { 0xc71e27bf8538a5c6L,0x195c63dd89abff17L,0xfd3152851b71e3daL,
-        0x9cbdfda7fa680fa0L },
-      { 0x9db876ca849d7eabL,0xebe2764b3c273271L,0x663357e3f208dceaL,
-        0x8c5bd833565b1b70L } },
-    /* 27 << 49 */
-    { { 0xccc3b4f59837fc0dL,0x9b641ba8a79cf00fL,0x7428243ddfdf3990L,
-        0x83a594c4020786b1L },
-      { 0xb712451a526c4502L,0x9d39438e6adb3f93L,0xfdb261e3e9ff0ccdL,
-        0x80344e3ce07af4c3L } },
-    /* 28 << 49 */
-    { { 0x75900d7c2fa4f126L,0x08a3b8655c99a232L,0x2478b6bfdb25e0c3L,
-        0x482cc2c271db2edfL },
-      { 0x37df7e645f321bb8L,0x8a93821b9a8005b4L,0x3fa2f10ccc8c1958L,
-        0x0d3322182c269d0aL } },
-    /* 29 << 49 */
-    { { 0x20ab8119e246b0e6L,0xb39781e4d349fd17L,0xd293231eb31aa100L,
-        0x4b779c97bb032168L },
-      { 0x4b3f19e1c8470500L,0x45b7efe90c4c869dL,0xdb84f38aa1a6bbccL,
-        0x3b59cb15b2fddbc1L } },
-    /* 30 << 49 */
-    { { 0xba5514df3fd165e8L,0x499fd6a9061f8811L,0x72cd1fe0bfef9f00L,
-        0x120a4bb979ad7e8aL },
-      { 0xf2ffd0955f4a5ac5L,0xcfd174f195a7a2f0L,0xd42301ba9d17baf1L,
-        0xd2fa487a77f22089L } },
-    /* 31 << 49 */
-    { { 0x9cb09efeb1dc77e1L,0xe956693921c99682L,0x8c5469016c6067bbL,
-        0xfd37857461c24456L },
-      { 0x2b6a6cbe81796b33L,0x62d550f658e87f8bL,0x1b763e1c7f1b01b4L,
-        0x4b93cfea1b1b5e12L } },
-    /* 32 << 49 */
-    { { 0xb93452381d531696L,0x57201c0088cdde69L,0xdde922519a86afc7L,
-        0xe3043895bd35cea8L },
-      { 0x7608c1e18555970dL,0x8267dfa92535935eL,0xd4c60a57322ea38bL,
-        0xe0bf7977804ef8b5L } },
-    /* 33 << 49 */
-    { { 0x1a0dab28c06fece4L,0xd405991e94e7b49dL,0xc542b6d2706dab28L,
-        0xcb228da3a91618fbL },
-      { 0x224e4164107d1ceaL,0xeb9fdab3d0f5d8f1L,0xc02ba3860d6e41cdL,
-        0x676a72c59b1f7146L } },
-    /* 34 << 49 */
-    { { 0xffd6dd984d6cb00bL,0xcef9c5cade2e8d7cL,0xa1bbf5d7641c7936L,
-        0x1b95b230ee8f772eL },
-      { 0xf765a92ee8ac25b1L,0xceb04cfc3a18b7c6L,0x27944cef0acc8966L,
-        0xcbb3c957434c1004L } },
-    /* 35 << 49 */
-    { { 0x9c9971a1a43ff93cL,0x5bc2db17a1e358a9L,0x45b4862ea8d9bc82L,
-        0x70ebfbfb2201e052L },
-      { 0xafdf64c792871591L,0xea5bcae6b42d0219L,0xde536c552ad8f03cL,
-        0xcd6c3f4da76aa33cL } },
-    /* 36 << 49 */
-    { { 0xbeb5f6230bca6de3L,0xdd20dd99b1e706fdL,0x90b3ff9dac9059d4L,
-        0x2d7b29027ccccc4eL },
-      { 0x8a090a59ce98840fL,0xa5d947e08410680aL,0x49ae346a923379a5L,
-        0x7dbc84f9b28a3156L } },
-    /* 37 << 49 */
-    { { 0xfd40d91654a1aff2L,0xabf318ba3a78fb9bL,0x50152ed83029f95eL,
-        0x9fc1dd77c58ad7faL },
-      { 0x5fa5791513595c17L,0xb95046688f62b3a9L,0x907b5b24ff3055b0L,
-        0x2e995e359a84f125L } },
-    /* 38 << 49 */
-    { { 0x87dacf697e9bbcfbL,0x95d0c1d6e86d96e3L,0x65726e3c2d95a75cL,
-        0x2c3c9001acd27f21L },
-      { 0x1deab5616c973f57L,0x108b7e2ca5221643L,0x5fee9859c4ef79d4L,
-        0xbd62b88a40d4b8c6L } },
-    /* 39 << 49 */
-    { { 0xb4dd29c4197c75d6L,0x266a6df2b7076febL,0x9512d0ea4bf2df11L,
-        0x1320c24f6b0cc9ecL },
-      { 0x6bb1e0e101a59596L,0x8317c5bbeff9aaacL,0x65bb405e385aa6c9L,
-        0x613439c18f07988fL } },
-    /* 40 << 49 */
-    { { 0xd730049f16a66e91L,0xe97f2820fa1b0e0dL,0x4131e003304c28eaL,
-        0x820ab732526bac62L },
-      { 0xb2ac9ef928714423L,0x54ecfffaadb10cb2L,0x8781476ef886a4ccL,
-        0x4b2c87b5db2f8d49L } },
-    /* 41 << 49 */
-    { { 0xe857cd200a44295dL,0x707d7d2158c6b044L,0xae8521f9f596757cL,
-        0x87448f0367b2b714L },
-      { 0x13a9bc455ebcd58dL,0x79bcced99122d3c1L,0x3c6442479e076642L,
-        0x0cf227782df4767dL } },
-    /* 42 << 49 */
-    { { 0x5e61aee471d444b6L,0x211236bfc5084a1dL,0x7e15bc9a4fd3eaf6L,
-        0x68df2c34ab622bf5L },
-      { 0x9e674f0f59bf4f36L,0xf883669bd7f34d73L,0xc48ac1b831497b1dL,
-        0x323b925d5106703bL } },
-    /* 43 << 49 */
-    { { 0x22156f4274082008L,0xeffc521ac8482bcbL,0x5c6831bf12173479L,
-        0xcaa2528fc4739490L },
-      { 0x84d2102a8f1b3c4dL,0xcf64dfc12d9bec0dL,0x433febad78a546efL,
-        0x1f621ec37b73cef1L } },
-    /* 44 << 49 */
-    { { 0x6aecd62737338615L,0x162082ab01d8edf6L,0x833a811919e86b66L,
-        0x6023a251d299b5dbL },
-      { 0xf5bb0c3abbf04b89L,0x6735eb69ae749a44L,0xd0e058c54713de3bL,
-        0xfdf2593e2c3d4ccdL } },
-    /* 45 << 49 */
-    { { 0x1b8f414efdd23667L,0xdd52aacafa2015eeL,0x3e31b517bd9625ffL,
-        0x5ec9322d8db5918cL },
-      { 0xbc73ac85a96f5294L,0x82aa5bf361a0666aL,0x49755810bf08ac42L,
-        0xd21cdfd5891cedfcL } },
-    /* 46 << 49 */
-    { { 0x918cb57b67f8be10L,0x365d1a7c56ffa726L,0x2435c5046532de93L,
-        0xc0fc5e102674cd02L },
-      { 0x6e51fcf89cbbb142L,0x1d436e5aafc50692L,0x766bffff3fbcae22L,
-        0x3148c2fdfd55d3b8L } },
-    /* 47 << 49 */
-    { { 0x52c7fdc9233222faL,0x89ff1092e419fb6bL,0x3cd6db9925254977L,
-        0x2e85a1611cf12ca7L },
-      { 0xadd2547cdc810bc9L,0xea3f458f9d257c22L,0x642c1fbe27d6b19bL,
-        0xed07e6b5140481a6L } },
-    /* 48 << 49 */
-    { { 0x6ada1d4286d2e0f8L,0xe59201220e8a9fd5L,0x02c936af708c1b49L,
-        0x60f30fee2b4bfaffL },
-      { 0x6637ad06858e6a61L,0xce4c77673fd374d0L,0x39d54b2d7188defbL,
-        0xa8c9d250f56a6b66L } },
-    /* 49 << 49 */
-    { { 0x58fc0f5eb24fe1dcL,0x9eaf9dee6b73f24cL,0xa90d588b33650705L,
-        0xde5b62c5af2ec729L },
-      { 0x5c72cfaed3c2b36eL,0x868c19d5034435daL,0x88605f93e17ee145L,
-        0xaa60c4ee77a5d5b1L } },
-    /* 50 << 49 */
-    { { 0xbcf5bfd23b60c472L,0xaf4ef13ceb1d3049L,0x373f44fce13895c9L,
-        0xf29b382f0cbc9822L },
-      { 0x1bfcb85373efaef6L,0xcf56ac9ca8c96f40L,0xd7adf1097a191e24L,
-        0x98035f44bf8a8dc2L } },
-    /* 51 << 49 */
-    { { 0xf40a71b91e750c84L,0xc57f7b0c5dc6c469L,0x49a0e79c6fbc19c1L,
-        0x6b0f5889a48ebdb8L },
-      { 0x5d3fd084a07c4e9fL,0xc3830111ab27de14L,0x0e4929fe33e08dccL,
-        0xf4a5ad2440bb73a3L } },
-    /* 52 << 49 */
-    { { 0xde86c2bf490f97caL,0x288f09c667a1ce18L,0x364bb8861844478dL,
-        0x7840fa42ceedb040L },
-      { 0x1269fdd25a631b37L,0x94761f1ea47c8b7dL,0xfc0c2e17481c6266L,
-        0x85e16ea23daa5fa7L } },
-    /* 53 << 49 */
-    { { 0xccd8603392491048L,0x0c2f6963f4d402d7L,0x6336f7dfdf6a865cL,
-        0x0a2a463cb5c02a87L },
-      { 0xb0e29be7bf2f12eeL,0xf0a2200266bad988L,0x27f87e039123c1d7L,
-        0x21669c55328a8c98L } },
-    /* 54 << 49 */
-    { { 0x186b980392f14529L,0xd3d056cc63954df3L,0x2f03fd58175a46f6L,
-        0x63e34ebe11558558L },
-      { 0xe13fedee5b80cfa5L,0xe872a120d401dbd1L,0x52657616e8a9d667L,
-        0xbc8da4b6e08d6693L } },
-    /* 55 << 49 */
-    { { 0x370fb9bb1b703e75L,0x6773b186d4338363L,0x18dad378ecef7bffL,
-        0xaac787ed995677daL },
-      { 0x4801ea8b0437164bL,0xf430ad2073fe795eL,0xb164154d8ee5eb73L,
-        0x0884ecd8108f7c0eL } },
-    /* 56 << 49 */
-    { { 0x0e6ec0965f520698L,0x640631fe44f7b8d9L,0x92fd34fca35a68b9L,
-        0x9c5a4b664d40cf4eL },
-      { 0x949454bf80b6783dL,0x80e701fe3a320a10L,0x8d1a564a1a0a39b2L,
-        0x1436d53d320587dbL } },
-    /* 57 << 49 */
-    { { 0xf5096e6d6556c362L,0xbc23a3c0e2455d7eL,0x3a7aee54807230f9L,
-        0x9ba1cfa622ae82fdL },
-      { 0x833a057a99c5d706L,0x8be85f4b842315c9L,0xd083179a66a72f12L,
-        0x2fc77d5dcdcc73cdL } },
-    /* 58 << 49 */
-    { { 0x22b88a805616ee30L,0xfb09548fe7ab1083L,0x8ad6ab0d511270cdL,
-        0x61f6c57a6924d9abL },
-      { 0xa0f7bf7290aecb08L,0x849f87c90df784a4L,0x27c79c15cfaf1d03L,
-        0xbbf9f675c463faceL } },
-    /* 59 << 49 */
-    { { 0x91502c65765ba543L,0x18ce3cac42ea60ddL,0xe5cee6ac6e43ecb3L,
-        0x63e4e91068f2aeebL },
-      { 0x26234fa3c85932eeL,0x96883e8b4c90c44dL,0x29b9e738a18a50f6L,
-        0xbfc62b2a3f0420dfL } },
-    /* 60 << 49 */
-    { { 0xd22a7d906d3e1fa9L,0x17115618fe05b8a3L,0x2a0c9926bb2b9c01L,
-        0xc739fcc6e07e76a2L },
-      { 0x540e9157165e439aL,0x06353a626a9063d8L,0x84d9559461e927a3L,
-        0x013b9b26e2e0be7fL } },
-    /* 61 << 49 */
-    { { 0x4feaec3b973497f1L,0x15c0f94e093ebc2dL,0x6af5f22733af0583L,
-        0x0c2af206c61f3340L },
-      { 0xd25dbdf14457397cL,0x2e8ed017cabcbae0L,0xe3010938c2815306L,
-        0xbaa99337e8c6cd68L } },
-    /* 62 << 49 */
-    { { 0x085131823b0ec7deL,0x1e1b822b58df05dfL,0x5c14842fa5c3b683L,
-        0x98fe977e3eba34ceL },
-      { 0xfd2316c20d5e8873L,0xe48d839abd0d427dL,0x495b2218623fc961L,
-        0x24ee56e7b46fba5eL } },
-    /* 63 << 49 */
-    { { 0x9184a55b91e4de58L,0xa7488ca5dfdea288L,0xa723862ea8dcc943L,
-        0x92d762b2849dc0fcL },
-      { 0x3c444a12091ff4a9L,0x581113fa0cada274L,0xb9de0a4530d8eae2L,
-        0x5e0fcd85df6b41eaL } },
-    /* 64 << 49 */
-    { { 0x6233ea68c094dbb5L,0xb77d062ed968d410L,0x3e719bbc58b3002dL,
-        0x68e7dd3d3dc49d58L },
-      { 0x8d825740013a5e58L,0x213117473c9e3c1bL,0x0cb0a2a77c99b6abL,
-        0x5c48a3b3c2f888f2L } },
-    /* 0 << 56 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 56 */
-    { { 0xc7913e91991724f3L,0x5eda799c39cbd686L,0xddb595c763d4fc1eL,
-        0x6b63b80bac4fed54L },
-      { 0x6ea0fc697e5fb516L,0x737708bad0f1c964L,0x9628745f11a92ca5L,
-        0x61f379589a86967aL } },
-    /* 2 << 56 */
-    { { 0x9af39b2caa665072L,0x78322fa4efd324efL,0x3d153394c327bd31L,
-        0x81d5f2713129dab0L },
-      { 0xc72e0c42f48027f5L,0xaa40cdbc8536e717L,0xf45a657a2d369d0fL,
-        0xb03bbfc4ea7f74e6L } },
-    /* 3 << 56 */
-    { { 0x46a8c4180d738dedL,0x6f1a5bb0e0de5729L,0xf10230b98ba81675L,
-        0x32c6f30c112b33d4L },
-      { 0x7559129dd8fffb62L,0x6a281b47b459bf05L,0x77c1bd3afa3b6776L,
-        0x0709b3807829973aL } },
-    /* 4 << 56 */
-    { { 0x8c26b232a3326505L,0x38d69272ee1d41bfL,0x0459453effe32afaL,
-        0xce8143ad7cb3ea87L },
-      { 0x932ec1fa7e6ab666L,0x6cd2d23022286264L,0x459a46fe6736f8edL,
-        0x50bf0d009eca85bbL } },
-    /* 5 << 56 */
-    { { 0x0b825852877a21ecL,0x300414a70f537a94L,0x3f1cba4021a9a6a2L,
-        0x50824eee76943c00L },
-      { 0xa0dbfcecf83cba5dL,0xf953814893b4f3c0L,0x6174416248f24dd7L,
-        0x5322d64de4fb09ddL } },
-    /* 6 << 56 */
-    { { 0x574473843d9325f3L,0xa9bef2d0f371cb84L,0x77d2188ba61e36c5L,
-        0xbbd6a7d7c602df72L },
-      { 0xba3aa9028f61bc0bL,0xf49085ed6ed0b6a1L,0x8bc625d6ae6e8298L,
-        0x832b0b1da2e9c01dL } },
-    /* 7 << 56 */
-    { { 0xa337c447f1f0ced1L,0x800cc7939492dd2bL,0x4b93151dbea08efaL,
-        0x820cf3f8de0a741eL },
-      { 0xff1982dc1c0f7d13L,0xef92196084dde6caL,0x1ad7d97245f96ee3L,
-        0x319c8dbe29dea0c7L } },
-    /* 8 << 56 */
-    { { 0xd3ea38717b82b99bL,0x75922d4d470eb624L,0x8f66ec543b95d466L,
-        0x66e673ccbee1e346L },
-      { 0x6afe67c4b5f2b89aL,0x3de9c1e6290e5cd3L,0x8c278bb6310a2adaL,
-        0x420fa3840bdb323bL } },
-    /* 9 << 56 */
-    { { 0x0ae1d63b0eb919b0L,0xd74ee51da74b9620L,0x395458d0a674290cL,
-        0x324c930f4620a510L },
-      { 0x2d1f4d19fbac27d4L,0x4086e8ca9bedeeacL,0x0cdd211b9b679ab8L,
-        0x5970167d7090fec4L } },
-    /* 10 << 56 */
-    { { 0x3420f2c9faf1fc63L,0x616d333a328c8bb4L,0x7d65364c57f1fe4aL,
-        0x9343e87755e5c73aL },
-      { 0x5795176be970e78cL,0xa36ccebf60533627L,0xfc7c738009cdfc1bL,
-        0xb39a2afeb3fec326L } },
-    /* 11 << 56 */
-    { { 0xb7ff1ba16224408aL,0xcc856e92247cfc5eL,0x01f102e7c18bc493L,
-        0x4613ab742091c727L },
-      { 0xaa25e89cc420bf2bL,0x00a5317690337ec2L,0xd2be9f437d025fc7L,
-        0x3316fb856e6fe3dcL } },
-    /* 12 << 56 */
-    { { 0x27520af59ac50814L,0xfdf95e789a8e4223L,0xb7e7df2a56bec5a0L,
-        0xf7022f7ddf159e5dL },
-      { 0x93eeeab1cac1fe8fL,0x8040188c37451168L,0x7ee8aa8ad967dce6L,
-        0xfa0e79e73abc9299L } },
-    /* 13 << 56 */
-    { { 0x67332cfc2064cfd1L,0x339c31deb0651934L,0x719b28d52a3bcbeaL,
-        0xee74c82b9d6ae5c6L },
-      { 0x0927d05ebaf28ee6L,0x82cecf2c9d719028L,0x0b0d353eddb30289L,
-        0xfe4bb977fddb2e29L } },
-    /* 14 << 56 */
-    { { 0xbb5bb990640bfd9eL,0xd226e27782f62108L,0x4bf0098502ffdd56L,
-        0x7756758a2ca1b1b5L },
-      { 0xc32b62a35285fe91L,0xedbc546a8c9cd140L,0x1e47a013af5cb008L,
-        0xbca7e720073ce8f2L } },
-    /* 15 << 56 */
-    { { 0xe10b2ab817a91caeL,0xb89aab6508e27f63L,0x7b3074a7dba3ddf9L,
-        0x1c20ce09330c2972L },
-      { 0x6b9917b45fcf7e33L,0xe6793743945ceb42L,0x18fc22155c633d19L,
-        0xad1adb3cc7485474L } },
-    /* 16 << 56 */
-    { { 0x646f96796424c49bL,0xf888dfe867c241c9L,0xe12d4b9324f68b49L,
-        0x9a6b62d8a571df20L },
-      { 0x81b4b26d179483cbL,0x666f96329511fae2L,0xd281b3e4d53aa51fL,
-        0x7f96a7657f3dbd16L } },
-    /* 17 << 56 */
-    { { 0xa7f8b5bf074a30ceL,0xd7f52107005a32e6L,0x6f9e090750237ed4L,
-        0x2f21da478096fa2bL },
-      { 0xf3e19cb4eec863a0L,0xd18f77fd9527620aL,0x9505c81c407c1cf8L,
-        0x9998db4e1b6ec284L } },
-    /* 18 << 56 */
-    { { 0x7e3389e5c247d44dL,0x125071413f4f3d80L,0xd4ba01104a78a6c7L,
-        0x312874a0767720beL },
-      { 0xded059a675944370L,0xd6123d903b2c0bddL,0xa56b717b51c108e3L,
-        0x9bb7940e070623e9L } },
-    /* 19 << 56 */
-    { { 0x794e2d5984ac066cL,0xf5954a92e68c69a0L,0x28c524584fd99dccL,
-        0x60e639fcb1012517L },
-      { 0xc2e601257de79248L,0xe9ef6404f12fc6d7L,0x4c4f28082a3b5d32L,
-        0x865ad32ec768eb8aL } },
-    /* 20 << 56 */
-    { { 0xac02331b13fb70b6L,0x037b44c195599b27L,0x1a860fc460bd082cL,
-        0xa2e25745c980cd01L },
-      { 0xee3387a81da0263eL,0x931bfb952d10f3d6L,0x5b687270a1f24a32L,
-        0xf140e65dca494b86L } },
-    /* 21 << 56 */
-    { { 0x4f4ddf91b2f1ac7aL,0xf99eaabb760fee27L,0x57f4008a49c228e5L,
-        0x090be4401cf713bbL },
-      { 0xac91fbe45004f022L,0xd838c2c2569e1af6L,0xd6c7d20b0f1daaa5L,
-        0xaa063ac11bbb02c0L } },
-    /* 22 << 56 */
-    { { 0x0938a42259558a78L,0x5343c6698435da2fL,0x96f67b18034410dcL,
-        0x7cc1e42484510804L },
-      { 0x86a1543f16dfbb7dL,0x921fa9425b5bd592L,0x9dcccb6eb33dd03cL,
-        0x8581ddd9b843f51eL } },
-    /* 23 << 56 */
-    { { 0x54935fcb81d73c9eL,0x6d07e9790a5e97abL,0x4dc7b30acf3a6babL,
-        0x147ab1f3170bee11L },
-      { 0x0aaf8e3d9fafdee4L,0xfab3dbcb538a8b95L,0x405df4b36ef13871L,
-        0xf1f4e9cb088d5a49L } },
-    /* 24 << 56 */
-    { { 0x9bcd24d366b33f1dL,0x3b97b8205ce445c0L,0xe2926549ba93ff61L,
-        0xd9c341ce4dafe616L },
-      { 0xfb30a76e16efb6f3L,0xdf24b8ca605b953cL,0x8bd52afec2fffb9fL,
-        0xbbac5ff7e19d0b96L } },
-    /* 25 << 56 */
-    { { 0x43c01b87459afccdL,0x6bd45143b7432652L,0x8473453055b5d78eL,
-        0x81088fdb1554ba7dL },
-      { 0xada0a52c1e269375L,0xf9f037c42dc5ec10L,0xc066060794bfbc11L,
-        0xc0a630bbc9c40d2fL } },
-    /* 26 << 56 */
-    { { 0x5efc797eab64c31eL,0xffdb1dab74507144L,0xf61242871ca6790cL,
-        0xe9609d81e69bf1bfL },
-      { 0xdb89859500d24fc9L,0x9c750333e51fb417L,0x51830a91fef7bbdeL,
-        0x0ce67dc8945f585cL } },
-    /* 27 << 56 */
-    { { 0x9a730ed44763eb50L,0x24a0e221c1ab0d66L,0x643b6393648748f3L,
-        0x1982daa16d3c6291L },
-      { 0x6f00a9f78bbc5549L,0x7a1783e17f36384eL,0xe8346323de977f50L,
-        0x91ab688db245502aL } },
-    /* 28 << 56 */
-    { { 0x331ab6b56d0bdd66L,0x0a6ef32e64b71229L,0x1028150efe7c352fL,
-        0x27e04350ce7b39d3L },
-      { 0x2a3c8acdc1070c82L,0xfb2034d380c9feefL,0x2d729621709f3729L,
-        0x8df290bf62cb4549L } },
-    /* 29 << 56 */
-    { { 0x02f99f33fc2e4326L,0x3b30076d5eddf032L,0xbb21f8cf0c652fb5L,
-        0x314fb49eed91cf7bL },
-      { 0xa013eca52f700750L,0x2b9e3c23712a4575L,0xe5355557af30fbb0L,
-        0x1ada35167c77e771L } },
-    /* 30 << 56 */
-    { { 0x45f6ecb27b135670L,0xe85d19df7cfc202eL,0x0f1b50c758d1be9fL,
-        0x5ebf2c0aead2e344L },
-      { 0x1531fe4eabc199c9L,0xc703259256bab0aeL,0x16ab2e486c1fec54L,
-        0x0f87fda804280188L } },
-    /* 31 << 56 */
-    { { 0xdc9f46fc609e4a74L,0x2a44a143ba667f91L,0xbc3d8b95b4d83436L,
-        0xa01e4bd0c7bd2958L },
-      { 0x7b18293273483c90L,0xa79c6aa1a7c7b598L,0xbf3983c6eaaac07eL,
-        0x8f18181e96e0d4e6L } },
-    /* 32 << 56 */
-    { { 0x8553d37c051af62bL,0xe9a998eb0bf94496L,0xe0844f9fb0d59aa1L,
-        0x983fd558e6afb813L },
-      { 0x9670c0ca65d69804L,0x732b22de6ea5ff2dL,0xd7640ba95fd8623bL,
-        0x9f619163a6351782L } },
-    /* 33 << 56 */
-    { { 0x0bfc27eeacee5043L,0xae419e732eb10f02L,0x19c028d18943fb05L,
-        0x71f01cf7ff13aa2aL },
-      { 0x7790737e8887a132L,0x6751330966318410L,0x9819e8a37ddb795eL,
-        0xfecb8ef5dad100b2L } },
-    /* 34 << 56 */
-    { { 0x59f74a223021926aL,0xb7c28a496f9b4c1cL,0xed1a733f912ad0abL,
-        0x42a910af01a5659cL },
-      { 0x3842c6e07bd68cabL,0x2b57fa3876d70ac8L,0x8a6707a83c53aaebL,
-        0x62c1c51065b4db18L } },
-    /* 35 << 56 */
-    { { 0x8de2c1fbb2d09dc7L,0xc3dfed12266bd23bL,0x927d039bd5b27db6L,
-        0x2fb2f0f1103243daL },
-      { 0xf855a07b80be7399L,0xed9327ce1f9f27a8L,0xa0bd99c7729bdef7L,
-        0x2b67125e28250d88L } },
-    /* 36 << 56 */
-    { { 0x784b26e88670ced7L,0xe3dfe41fc31bd3b4L,0x9e353a06bcc85cbcL,
-        0x302e290960178a9dL },
-      { 0x860abf11a6eac16eL,0x76447000aa2b3aacL,0x46ff9d19850afdabL,
-        0x35bdd6a5fdb2d4c1L } },
-    /* 37 << 56 */
-    { { 0xe82594b07e5c9ce9L,0x0f379e5320af346eL,0x608b31e3bc65ad4aL,
-        0x710c6b12267c4826L },
-      { 0x51c966f971954cf1L,0xb1cec7930d0aa215L,0x1f15598986bd23a8L,
-        0xae2ff99cf9452e86L } },
-    /* 38 << 56 */
-    { { 0xd8dd953c340ceaa2L,0x263552752e2e9333L,0x15d4e5f98586f06dL,
-        0xd6bf94a8f7cab546L },
-      { 0x33c59a0ab76a9af0L,0x52740ab3ba095af7L,0xc444de8a24389ca0L,
-        0xcc6f9863706da0cbL } },
-    /* 39 << 56 */
-    { { 0xb5a741a76b2515cfL,0x71c416019585c749L,0x78350d4fe683de97L,
-        0x31d6152463d0b5f5L },
-      { 0x7a0cc5e1fbce090bL,0xaac927edfbcb2a5bL,0xe920de4920d84c35L,
-        0x8c06a0b622b4de26L } },
-    /* 40 << 56 */
-    { { 0xd34dd58bafe7ddf3L,0x55851fedc1e6e55bL,0xd1395616960696e7L,
-        0x940304b25f22705fL },
-      { 0x6f43f861b0a2a860L,0xcf1212820e7cc981L,0x121862120ab64a96L,
-        0x09215b9ab789383cL } },
-    /* 41 << 56 */
-    { { 0x311eb30537387c09L,0xc5832fcef03ee760L,0x30358f5832f7ea19L,
-        0xe01d3c3491d53551L },
-      { 0x1ca5ee41da48ea80L,0x34e71e8ecf4fa4c1L,0x312abd257af1e1c7L,
-        0xe3afcdeb2153f4a5L } },
-    /* 42 << 56 */
-    { { 0x9d5c84d700235e9aL,0x0308d3f48c4c836fL,0xc0a66b0489332de5L,
-        0x610dd39989e566efL },
-      { 0xf8eea460d1ac1635L,0x84cbb3fb20a2c0dfL,0x40afb488e74a48c5L,
-        0x29738198d326b150L } },
-    /* 43 << 56 */
-    { { 0x2a17747fa6d74081L,0x60ea4c0555a26214L,0x53514bb41f88c5feL,
-        0xedd645677e83426cL },
-      { 0xd5d6cbec96460b25L,0xa12fd0ce68dc115eL,0xc5bc3ed2697840eaL,
-        0x969876a8a6331e31L } },
-    /* 44 << 56 */
-    { { 0x60c36217472ff580L,0xf42297054ad41393L,0x4bd99ef0a03b8b92L,
-        0x501c7317c144f4f6L },
-      { 0x159009b318464945L,0x6d5e594c74c5c6beL,0x2d587011321a3660L,
-        0xd1e184b13898d022L } },
-    /* 45 << 56 */
-    { { 0x5ba047524c6a7e04L,0x47fa1e2b45550b65L,0x9419daf048c0a9a5L,
-        0x663629537c243236L },
-      { 0xcd0744b15cb12a88L,0x561b6f9a2b646188L,0x599415a566c2c0c0L,
-        0xbe3f08590f83f09aL } },
-    /* 46 << 56 */
-    { { 0x9141c5beb92041b8L,0x01ae38c726477d0dL,0xca8b71f3d12c7a94L,
-        0xfab5b31f765c70dbL },
-      { 0x76ae7492487443e9L,0x8595a310990d1349L,0xf8dbeda87d460a37L,
-        0x7f7ad0821e45a38fL } },
-    /* 47 << 56 */
-    { { 0xed1d4db61059705aL,0xa3dd492ae6b9c697L,0x4b92ee3a6eb38bd5L,
-        0xbab2609d67cc0bb7L },
-      { 0x7fc4fe896e70ee82L,0xeff2c56e13e6b7e3L,0x9b18959e34d26fcaL,
-        0x2517ab66889d6b45L } },
-    /* 48 << 56 */
-    { { 0xf167b4e0bdefdd4fL,0x69958465f366e401L,0x5aa368aba73bbec0L,
-        0x121487097b240c21L },
-      { 0x378c323318969006L,0xcb4d73cee1fe53d1L,0x5f50a80e130c4361L,
-        0xd67f59517ef5212bL } },
-    /* 49 << 56 */
-    { { 0xf145e21e9e70c72eL,0xb2e52e295566d2fbL,0x44eaba4a032397f5L,
-        0x5e56937b7e31a7deL },
-      { 0x68dcf517456c61e1L,0xbc2e954aa8b0a388L,0xe3552fa760a8b755L,
-        0x03442dae73ad0cdeL } },
-    /* 50 << 56 */
-    { { 0x37ffe747ceb26210L,0x983545e8787baef9L,0x8b8c853586a3de31L,
-        0xc621dbcbfacd46dbL },
-      { 0x82e442e959266fbbL,0xa3514c37339d471cL,0x3a11b77162cdad96L,
-        0xf0cb3b3cecf9bdf0L } },
-    /* 51 << 56 */
-    { { 0x3fcbdbce478e2135L,0x7547b5cfbda35342L,0xa97e81f18a677af6L,
-        0xc8c2bf8328817987L },
-      { 0xdf07eaaf45580985L,0xc68d1f05c93b45cbL,0x106aa2fec77b4cacL,
-        0x4c1d8afc04a7ae86L } },
-    /* 52 << 56 */
-    { { 0xdb41c3fd9eb45ab2L,0x5b234b5bd4b22e74L,0xda253decf215958aL,
-        0x67e0606ea04edfa0L },
-      { 0xabbbf070ef751b11L,0xf352f175f6f06dceL,0xdfc4b6af6839f6b4L,
-        0x53ddf9a89959848eL } },
-    /* 53 << 56 */
-    { { 0xda49c379c21520b0L,0x90864ff0dbd5d1b6L,0x2f055d235f49c7f7L,
-        0xe51e4e6aa796b2d8L },
-      { 0xc361a67f5c9dc340L,0x5ad53c37bca7c620L,0xda1d658832c756d0L,
-        0xad60d9118bb67e13L } },
-    /* 54 << 56 */
-    { { 0xd6c47bdf0eeec8c6L,0x4a27fec1078a1821L,0x081f7415c3099524L,
-        0x8effdf0b82cd8060L },
-      { 0xdb70ec1c65842df8L,0x8821b358d319a901L,0x72ee56eede42b529L,
-        0x5bb39592236e4286L } },
-    /* 55 << 56 */
-    { { 0xd1183316fd6f7140L,0xf9fadb5bbd8e81f7L,0x701d5e0c5a02d962L,
-        0xfdee4dbf1b601324L },
-      { 0xbed1740735d7620eL,0x04e3c2c3f48c0012L,0x9ee29da73455449aL,
-        0x562cdef491a836c4L } },
-    /* 56 << 56 */
-    { { 0x8f682a5f47701097L,0x617125d8ff88d0c2L,0x948fda2457bb86ddL,
-        0x348abb8f289f7286L },
-      { 0xeb10eab599d94bbdL,0xd51ba28e4684d160L,0xabe0e51c30c8f41aL,
-        0x66588b4513254f4aL } },
-    /* 57 << 56 */
-    { { 0x147ebf01fad097a5L,0x49883ea8610e815dL,0xe44d60ba8a11de56L,
-        0xa970de6e827a7a6dL },
-      { 0x2be414245e17fc19L,0xd833c65701214057L,0x1375813b363e723fL,
-        0x6820bb88e6a52e9bL } },
-    /* 58 << 56 */
-    { { 0x7e7f6970d875d56aL,0xd6a0a9ac51fbf6bfL,0x54ba8790a3083c12L,
-        0xebaeb23d6ae7eb64L },
-      { 0xa8685c3ab99a907aL,0xf1e74550026bf40bL,0x7b73a027c802cd9eL,
-        0x9a8a927c4fef4635L } },
-    /* 59 << 56 */
-    { { 0xe1b6f60c08191224L,0xc4126ebbde4ec091L,0xe1dff4dc4ae38d84L,
-        0xde3f57db4f2ef985L },
-      { 0x34964337d446a1ddL,0x7bf217a0859e77f6L,0x8ff105278e1d13f5L,
-        0xa304ef0374eeae27L } },
-    /* 60 << 56 */
-    { { 0xfc6f5e47d19dfa5aL,0xdb007de37fad982bL,0x28205ad1613715f5L,
-        0x251e67297889529eL },
-      { 0x727051841ae98e78L,0xf818537d271cac32L,0xc8a15b7eb7f410f5L,
-        0xc474356f81f62393L } },
-    /* 61 << 56 */
-    { { 0x92dbdc5ac242316bL,0xabe060acdbf4aff5L,0x6e8c38fe909a8ec6L,
-        0x43e514e56116cb94L },
-      { 0x2078fa3807d784f9L,0x1161a880f4b5b357L,0x5283ce7913adea3dL,
-        0x0756c3e6cc6a910bL } },
-    /* 62 << 56 */
-    { { 0x60bcfe01aaa79697L,0x04a73b2956391db1L,0xdd8dad47189b45a0L,
-        0xbfac0dd048d5b8d9L },
-      { 0x34ab3af57d3d2ec2L,0x6fa2fc2d207bd3afL,0x9ff4009266550dedL,
-        0x719b3e871fd5b913L } },
-    /* 63 << 56 */
-    { { 0xa573a4966d17fbc7L,0x0cd1a70a73d2b24eL,0x34e2c5cab2676937L,
-        0xe7050b06bf669f21L },
-      { 0xfbe948b61ede9046L,0xa053005197662659L,0x58cbd4edf10124c5L,
-        0xde2646e4dd6c06c8L } },
-    /* 64 << 56 */
-    { { 0x332f81088cad38c0L,0x471b7e906bd68ae2L,0x56ac3fb20d8e27a3L,
-        0xb54660db136b4b0dL },
-      { 0x123a1e11a6fd8de4L,0x44dbffeaa37799efL,0x4540b977ce6ac17cL,
-        0x495173a8af60acefL } },
-    /* 0 << 63 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 63 */
-    { { 0x9ebb284d391c2a82L,0xbcdd4863158308e8L,0x006f16ec83f1edcaL,
-        0xa13e2c37695dc6c8L },
-      { 0x2ab756f04a057a87L,0xa8765500a6b48f98L,0x4252face68651c44L,
-        0xa52b540be1765e02L } },
-    /* 2 << 63 */
-    { { 0x4f922fc516a0d2bbL,0x0d5cc16c1a623499L,0x9241cf3a57c62c8bL,
-        0x2f5e6961fd1b667fL },
-      { 0x5c15c70bf5a01797L,0x3d20b44d60956192L,0x04911b37071fdb52L,
-        0xf648f9168d6f0f7bL } },
-    /* 3 << 63 */
-    { { 0x6dc1acafe60b7cf7L,0x25860a5084a9d869L,0x56fc6f09e7ba8ac4L,
-        0x828c5bd06148d29eL },
-      { 0xac6b435edc55ae5fL,0xa527f56cc0117411L,0x94d5045efd24342cL,
-        0x2c4c0a3570b67c0dL } },
-    /* 4 << 63 */
-    { { 0x027cc8b8fac61d9aL,0x7d25e062e3c6fe8aL,0xe08805bfe5bff503L,
-        0x13271e6c6ff632f7L },
-      { 0x55dca6c0232f76a5L,0x8957c32d701ef426L,0xee728bcba10a5178L,
-        0x5ea60411b62c5173L } },
-    /* 5 << 63 */
-    { { 0xfc4e964ed0b8892bL,0x9ea176839301bb74L,0x6265c5aefcc48626L,
-        0xe60cf82ebb3e9102L },
-      { 0x57adf797d4df5531L,0x235b59a18deeefe2L,0x60adcf583f306eb1L,
-        0x105c27533d09492dL } },
-    /* 6 << 63 */
-    { { 0x4090914bb5def996L,0x1cb69c83233dd1e7L,0xc1e9c1d39b3d5e76L,
-        0x1f3338edfccf6012L },
-      { 0xb1e95d0d2f5378a8L,0xacf4c2c72f00cd21L,0x6e984240eb5fe290L,
-        0xd66c038d248088aeL } },
-    /* 7 << 63 */
-    { { 0x804d264af94d70cfL,0xbdb802ef7314bf7eL,0x8fb54de24333ed02L,
-        0x740461e0285635d9L },
-      { 0x4113b2c8365e9383L,0xea762c833fdef652L,0x4eec6e2e47b956c1L,
-        0xa3d814be65620fa4L } },
-    /* 8 << 63 */
-    { { 0x9ad5462bb4d8bc50L,0x181c0b16a9195770L,0xebd4fe1c78412a68L,
-        0xae0341bcc0dff48cL },
-      { 0xb6bc45cf7003e866L,0xf11a6dea8a24a41bL,0x5407151ad04c24c2L,
-        0x62c9d27dda5b7b68L } },
-    /* 9 << 63 */
-    { { 0x2e96423588cceff6L,0x8594c54f8b07ed69L,0x1578e73cc84d0d0dL,
-        0x7b4e1055ff532868L },
-      { 0xa348c0d5b5ec995aL,0xbf4b9d5514289a54L,0x9ba155a658fbd777L,
-        0x186ed7a81a84491dL } },
-    /* 10 << 63 */
-    { { 0xd4992b30614c0900L,0xda98d121bd00c24bL,0x7f534dc87ec4bfa1L,
-        0x4a5ff67437dc34bcL },
-      { 0x68c196b81d7ea1d7L,0x38cf289380a6d208L,0xfd56cd09e3cbbd6eL,
-        0xec72e27e4205a5b6L } },
-    /* 11 << 63 */
-    { { 0x15ea68f5a44f77f7L,0x7aa5f9fdb43c52bcL,0x86ff676f94f0e609L,
-        0xa4cde9632e2d432bL },
-      { 0x8cafa0c0eee470afL,0x84137d0e8a3f5ec8L,0xebb40411faa31231L,
-        0xa239c13f6f7f7ccfL } },
-    /* 12 << 63 */
-    { { 0x32865719a8afd30bL,0x867983288a826dceL,0xdf04e891c4a8fbe0L,
-        0xbb6b6e1bebf56ad3L },
-      { 0x0a695b11471f1ff0L,0xd76c3389be15baf0L,0x018edb95be96c43eL,
-        0xf2beaaf490794158L } },
-    /* 13 << 63 */
-    { { 0x152db09ec3076a27L,0x5e82908ee416545dL,0xa2c41272356d6f2eL,
-        0xdc9c964231fd74e1L },
-      { 0x66ceb88d519bf615L,0xe29ecd7605a2274eL,0x3a0473c4bf5e2fa0L,
-        0x6b6eb67164284e67L } },
-    /* 14 << 63 */
-    { { 0xe8b97932b88756ddL,0xed4e8652f17e3e61L,0xc2dd14993ee1c4a4L,
-        0xc0aaee17597f8c0eL },
-      { 0x15c4edb96c168af3L,0x6563c7bfb39ae875L,0xadfadb6f20adb436L,
-        0xad55e8c99a042ac0L } },
-    /* 15 << 63 */
-    { { 0x975a1ed8b76da1f5L,0x10dfa466a58acb94L,0x8dd7f7e3ac060282L,
-        0x6813e66a572a051eL },
-      { 0xb4ccae1e350cb901L,0xb653d65650cb7822L,0x42484710dfab3b87L,
-        0xcd7ee5379b670fd0L } },
-    /* 16 << 63 */
-    { { 0x0a50b12e523b8bf6L,0x8009eb5b8f910c1bL,0xf535af824a167588L,
-        0x0f835f9cfb2a2abdL },
-      { 0xf59b29312afceb62L,0xc797df2a169d383fL,0xeb3f5fb066ac02b0L,
-        0x029d4c6fdaa2d0caL } },
-    /* 17 << 63 */
-    { { 0xd4059bc1afab4bc5L,0x833f5c6f56783247L,0xb53466308d2d3605L,
-        0x83387891d34d8433L },
-      { 0xd973b30fadd9419aL,0xbcca1099afe3fce8L,0x081783150809aac6L,
-        0x01b7f21a540f0f11L } },
-    /* 18 << 63 */
-    { { 0x65c29219909523c8L,0xa62f648fa3a1c741L,0x88598d4f60c9e55aL,
-        0xbce9141b0e4f347aL },
-      { 0x9af97d8435f9b988L,0x0210da62320475b6L,0x3c076e229191476cL,
-        0x7520dbd944fc7834L } },
-    /* 19 << 63 */
-    { { 0x6a6b2cfec1ab1bbdL,0xef8a65bedc650938L,0x72855540805d7bc4L,
-        0xda389396ed11fdfdL },
-      { 0xa9d5bd3674660876L,0x11d67c54b45dff35L,0x6af7d148a4f5da94L,
-        0xbb8d4c3fc0bbeb31L } },
-    /* 20 << 63 */
-    { { 0x87a7ebd1e0a1b12aL,0x1e4ef88d770ba95fL,0x8c33345cdc2ae9cbL,
-        0xcecf127601cc8403L },
-      { 0x687c012e1b39b80fL,0xfd90d0ad35c33ba4L,0xa3ef5a675c9661c2L,
-        0x368fc88ee017429eL } },
-    /* 21 << 63 */
-    { { 0xd30c6761196a2fa2L,0x931b9817bd5b312eL,0xba01000c72f54a31L,
-        0xa203d2c866eaa541L },
-      { 0xf2abdee098939db3L,0xe37d6c2c3e606c02L,0xf2921574521ff643L,
-        0x2781b3c4d7e2fca3L } },
-    /* 22 << 63 */
-    { { 0x664300b07850ec06L,0xac5a38b97d3a10cfL,0x9233188de34ab39dL,
-        0xe77057e45072cbb9L },
-      { 0xbcf0c042b59e78dfL,0x4cfc91e81d97de52L,0x4661a26c3ee0ca4aL,
-        0x5620a4c1fb8507bcL } },
-    /* 23 << 63 */
-    { { 0x4b44d4aa049f842cL,0xceabc5d51540e82bL,0x306710fd15c6f156L,
-        0xbe5ae52b63db1d72L },
-      { 0x06f1e7e6334957f1L,0x57e388f031144a70L,0xfb69bb2fdf96447bL,
-        0x0f78ebd373e38a12L } },
-    /* 24 << 63 */
-    { { 0xb82226052b7ce542L,0xe6d4ce997472bde1L,0x53e16ebe09d2f4daL,
-        0x180ff42e53b92b2eL },
-      { 0xc59bcc022c34a1c6L,0x3803d6f9422c46c2L,0x18aff74f5c14a8a2L,
-        0x55aebf8010a08b28L } },
-    /* 25 << 63 */
-    { { 0x66097d587135593fL,0x32e6eff72be570cdL,0x584e6a102a8c860dL,
-        0xcd185890a2eb4163L },
-      { 0x7ceae99d6d97e134L,0xd42c6b70dd8447ceL,0x59ddbb4ab8c50273L,
-        0x03c612df3cf34e1eL } },
-    /* 26 << 63 */
-    { { 0x84b9ca1504b6c5a0L,0x35216f3918f0e3a3L,0x3ec2d2bcbd986c00L,
-        0x8bf546d9d19228feL },
-      { 0xd1c655a44cd623c3L,0x366ce718502b8e5aL,0x2cfc84b4eea0bfe7L,
-        0xe01d5ceecf443e8eL } },
-    /* 27 << 63 */
-    { { 0x8ec045d9036520f8L,0xdfb3c3d192d40e98L,0x0bac4ccecc559a04L,
-        0x35eccae5240ea6b1L },
-      { 0x180b32dbf8a5a0acL,0x547972a5eb699700L,0xa3765801ca26bca0L,
-        0x57e09d0ea647f25aL } },
-    /* 28 << 63 */
-    { { 0xb956970e2fdd23ccL,0xb80288bc5682e971L,0xe6e6d91e9ae86ebcL,
-        0x0564c83f8c9f1939L },
-      { 0x551932a239560368L,0xe893752b049c28e2L,0x0b03cee5a6a158c3L,
-        0xe12d656b04964263L } },
-    /* 29 << 63 */
-    { { 0x4b47554e63e3bc1dL,0xc719b6a245044ff7L,0x4f24d30ae48daa07L,
-        0xa3f37556c8c1edc3L },
-      { 0x9a47bf760700d360L,0xbb1a1824822ae4e2L,0x22e275a389f1fb4cL,
-        0x72b1aa239968c5f5L } },
-    /* 30 << 63 */
-    { { 0xa75feacabe063f64L,0x9b392f43bce47a09L,0xd42415091ad07acaL,
-        0x4b0c591b8d26cd0fL },
-      { 0x2d42ddfd92f1169aL,0x63aeb1ac4cbf2392L,0x1de9e8770691a2afL,
-        0xebe79af7d98021daL } },
-    /* 31 << 63 */
-    { { 0xcfdf2a4e40e50acfL,0xf0a98ad7af01d665L,0xefb640bf1831be1fL,
-        0x6fe8bd2f80e9ada0L },
-      { 0x94c103a16cafbc91L,0x170f87598308e08cL,0x5de2d2ab9780ff4fL,
-        0x666466bc45b201f2L } },
-    /* 32 << 63 */
-    { { 0x58af2010f5b343bcL,0x0f2e400af2f142feL,0x3483bfdea85f4bdfL,
-        0xf0b1d09303bfeaa9L },
-      { 0x2ea01b95c7081603L,0xe943e4c93dba1097L,0x47be92adb438f3a6L,
-        0x00bb7742e5bf6636L } },
-    /* 33 << 63 */
-    { { 0x136b7083824297b4L,0x9d0e55805584455fL,0xab48cedcf1c7d69eL,
-        0x53a9e4812a256e76L },
-      { 0x0402b0e065eb2413L,0xdadbbb848fc407a7L,0xa65cd5a48d7f5492L,
-        0x21d4429374bae294L } },
-    /* 34 << 63 */
-    { { 0x66917ce63b5f1cc4L,0x37ae52eace872e62L,0xbb087b722905f244L,
-        0x120770861e6af74fL },
-      { 0x4b644e491058edeaL,0x827510e3b638ca1dL,0x8cf2b7046038591cL,
-        0xffc8b47afe635063L } },
-    /* 35 << 63 */
-    { { 0x3ae220e61b4d5e63L,0xbd8647429d961b4bL,0x610c107e9bd16bedL,
-        0x4270352a1127147bL },
-      { 0x7d17ffe664cfc50eL,0x50dee01a1e36cb42L,0x068a762235dc5f9aL,
-        0x9a08d536df53f62cL } },
-    /* 36 << 63 */
-    { { 0x4ed714576be5f7deL,0xd93006f8c2263c9eL,0xe073694ccacacb36L,
-        0x2ff7a5b43ae118abL },
-      { 0x3cce53f1cd871236L,0xf156a39dc2aa6d52L,0x9cc5f271b198d76dL,
-        0xbc615b6f81383d39L } },
-    /* 37 << 63 */
-    { { 0xa54538e8de3eee6bL,0x58c77538ab910d91L,0x31e5bdbc58d278bdL,
-        0x3cde4adfb963acaeL },
-      { 0xb1881fd25302169cL,0x8ca60fa0a989ed8bL,0xa1999458ff96a0eeL,
-        0xc1141f03ac6c283dL } },
-    /* 38 << 63 */
-    { { 0x7677408d6dfafed3L,0x33a0165339661588L,0x3c9c15ec0b726fa0L,
-        0x090cfd936c9b56daL },
-      { 0xe34f4baea3c40af5L,0x3469eadbd21129f1L,0xcc51674a1e207ce8L,
-        0x1e293b24c83b1ef9L } },
-    /* 39 << 63 */
-    { { 0x17173d131e6c0bb4L,0x1900469590776d35L,0xe7980e346de6f922L,
-        0x873554cbf4dd9a22L },
-      { 0x0316c627cbf18a51L,0x4d93651b3032c081L,0x207f27713946834dL,
-        0x2c08d7b430cdbf80L } },
-    /* 40 << 63 */
-    { { 0x137a4fb486df2a61L,0xa1ed9c07ecf7b4a2L,0xb2e460e27bd042ffL,
-        0xb7f5e2fa5f62f5ecL },
-      { 0x7aa6ec6bcc2423b7L,0x75ce0a7fba63eea7L,0x67a45fb1f250a6e1L,
-        0x93bc919ce53cdc9fL } },
-    /* 41 << 63 */
-    { { 0x9271f56f871942dfL,0x2372ff6f7859ad66L,0x5f4c2b9633cb1a78L,
-        0xe3e291015838aa83L },
-      { 0xa7ed1611e4e8110cL,0x2a2d70d5330198ceL,0xbdf132e86720efe0L,
-        0xe61a896266a471bfL } },
-    /* 42 << 63 */
-    { { 0x796d3a85825808bdL,0x51dc3cb73fd6e902L,0x643c768a916219d1L,
-        0x36cd7685a2ad7d32L },
-      { 0xe3db9d05b22922a4L,0x6494c87edba29660L,0xf0ac91dfbcd2ebc7L,
-        0x4deb57a045107f8dL } },
-    /* 43 << 63 */
-    { { 0x42271f59c3d12a73L,0x5f71687ca5c2c51dL,0xcb1f50c605797bcbL,
-        0x29ed0ed9d6d34eb0L },
-      { 0xe5fe5b474683c2ebL,0x4956eeb597447c46L,0x5b163a4371207167L,
-        0x93fa2fed0248c5efL } },
-    /* 44 << 63 */
-    { { 0x67930af231f63950L,0xa77797c114caa2c9L,0x526e80ee27ac7e62L,
-        0xe1e6e62658b28aecL },
-      { 0x636178b0b3c9fef0L,0xaf7752e06d5f90beL,0x94ecaf18eece51cfL,
-        0x2864d0edca806e1fL } },
-    /* 45 << 63 */
-    { { 0x6de2e38397c69134L,0x5a42c316eb291293L,0xc77792196a60bae0L,
-        0xa24de3466b7599d1L },
-      { 0x49d374aab75d4941L,0x989005862d501ff0L,0x9f16d40eeb7974cfL,
-        0x1033860bcdd8c115L } },
-    /* 46 << 63 */
-    { { 0xb6c69ac82094cec3L,0x9976fb88403b770cL,0x1dea026c4859590dL,
-        0xb6acbb468562d1fdL },
-      { 0x7cd6c46144569d85L,0xc3190a3697f0891dL,0xc6f5319548d5a17dL,
-        0x7d919966d749abc8L } },
-    /* 47 << 63 */
-    { { 0x65104837dd1c8a20L,0x7e5410c82f683419L,0x958c3ca8be94022eL,
-        0x605c31976145dac2L },
-      { 0x3fc0750101683d54L,0x1d7127c5595b1234L,0x10b8f87c9481277fL,
-        0x677db2a8e65a1adbL } },
-    /* 48 << 63 */
-    { { 0xec2fccaaddce3345L,0x2a6811b7012a4350L,0x96760ff1ac598bdcL,
-        0x054d652ad1bf4128L },
-      { 0x0a1151d492a21005L,0xad7f397133110fdfL,0x8c95928c1960100fL,
-        0x6c91c8257bf03362L } },
-    /* 49 << 63 */
-    { { 0xc8c8b2a2ce309f06L,0xfdb27b59ca27204bL,0xd223eaa50848e32eL,
-        0xb93e4b2ee7bfaf1eL },
-      { 0xc5308ae644aa3dedL,0x317a666ac015d573L,0xc888ce231a979707L,
-        0xf141c1e60d5c4958L } },
-    /* 50 << 63 */
-    { { 0xb53b7de561906373L,0x858dbadeeb999595L,0x8cbb47b2a59e5c36L,
-        0x660318b3dcf4e842L },
-      { 0xbd161ccd12ba4b7aL,0xf399daabf8c8282aL,0x1587633aeeb2130dL,
-        0xa465311ada38dd7dL } },
-    /* 51 << 63 */
-    { { 0x5f75eec864d3779bL,0x3c5d0476ad64c171L,0x874103712a914428L,
-        0x8096a89190e2fc29L },
-      { 0xd3d2ae9d23b3ebc2L,0x90bdd6dba580cfd6L,0x52dbb7f3c5b01f6cL,
-        0xe68eded4e102a2dcL } },
-    /* 52 << 63 */
-    { { 0x17785b7799eb6df0L,0x26c3cc517386b779L,0x345ed9886417a48eL,
-        0xe990b4e407d6ef31L },
-      { 0x0f456b7e2586abbaL,0x239ca6a559c96e9aL,0xe327459ce2eb4206L,
-        0x3a4c3313a002b90aL } },
-    /* 53 << 63 */
-    { { 0x2a114806f6a3f6fbL,0xad5cad2f85c251ddL,0x92c1f613f5a784d3L,
-        0xec7bfacf349766d5L },
-      { 0x04b3cd333e23cb3bL,0x3979fe84c5a64b2dL,0x192e27207e589106L,
-        0xa60c43d1a15b527fL } },
-    /* 54 << 63 */
-    { { 0x2dae9082be7cf3a6L,0xcc86ba92bc967274L,0xf28a2ce8aea0a8a9L,
-        0x404ca6d96ee988b3L },
-      { 0xfd7e9c5d005921b8L,0xf56297f144e79bf9L,0xa163b4600d75ddc2L,
-        0x30b23616a1f2be87L } },
-    /* 55 << 63 */
-    { { 0x4b070d21bfe50e2bL,0x7ef8cfd0e1bfede1L,0xadba00112aac4ae0L,
-        0x2a3e7d01b9ebd033L },
-      { 0x995277ece38d9d1cL,0xb500249e9c5d2de3L,0x8912b820f13ca8c9L,
-        0xc8798114877793afL } },
-    /* 56 << 63 */
-    { { 0x19e6125dec3f1decL,0x07b1f040911178daL,0xd93ededa904a6738L,
-        0x55187a5a0bebedcdL },
-      { 0xf7d04722eb329d41L,0xf449099ef170b391L,0xfd317a69ca99f828L,
-        0x50c3db2b34a4976dL } },
-    /* 57 << 63 */
-    { { 0xe9ba77843757b392L,0x326caefdaa3ca05aL,0x78e5293bf1e593d4L,
-        0x7842a9370d98fd13L },
-      { 0xe694bf965f96b10dL,0x373a9df606a8cd05L,0x997d1e51e8f0c7fcL,
-        0x1d01979063fd972eL } },
-    /* 58 << 63 */
-    { { 0x0064d8585499fb32L,0x7b67bad977a8aeb7L,0x1d3eb9772d08eec5L,
-        0x5fc047a6cbabae1dL },
-      { 0x0577d159e54a64bbL,0x8862201bc43497e4L,0xad6b4e282ce0608dL,
-        0x8b687b7d0b167aacL } },
-    /* 59 << 63 */
-    { { 0x6ed4d3678b2ecfa9L,0x24dfe62da90c3c38L,0xa1862e103fe5c42bL,
-        0x1ca73dcad5732a9fL },
-      { 0x35f038b776bb87adL,0x674976abf242b81fL,0x4f2bde7eb0fd90cdL,
-        0x6efc172ea7fdf092L } },
-    /* 60 << 63 */
-    { { 0x3806b69b92222f1fL,0x5a2459ca6cf7ae70L,0x6789f69ca85217eeL,
-        0x5f232b5ee3dc85acL },
-      { 0x660e3ec548e9e516L,0x124b4e473197eb31L,0x10a0cb13aafcca23L,
-        0x7bd63ba48213224fL } },
-    /* 61 << 63 */
-    { { 0xaffad7cc290a7f4fL,0x6b409c9e0286b461L,0x58ab809fffa407afL,
-        0xc3122eedc68ac073L },
-      { 0x17bf9e504ef24d7eL,0x5d9297943e2a5811L,0x519bc86702902e01L,
-        0x76bba5da39c8a851L } },
-    /* 62 << 63 */
-    { { 0xe9f9669cda94951eL,0x4b6af58d66b8d418L,0xfa32107417d426a4L,
-        0xc78e66a99dde6027L },
-      { 0x0516c0834a53b964L,0xfc659d38ff602330L,0x0ab55e5c58c5c897L,
-        0x985099b2838bc5dfL } },
-    /* 63 << 63 */
-    { { 0x061d9efcc52fc238L,0x712b27286ac1da3fL,0xfb6581499283fe08L,
-        0x4954ac94b8aaa2f7L },
-      { 0x85c0ada47fb2e74fL,0xee8ba98eb89926b0L,0xe4f9d37d23d1af5bL,
-        0x14ccdbf9ba9b015eL } },
-    /* 64 << 63 */
-    { { 0xb674481b7bfe7178L,0x4e1debae65405868L,0x061b2821c48c867dL,
-        0x69c15b35513b30eaL },
-      { 0x3b4a166636871088L,0xe5e29f5d1220b1ffL,0x4b82bb35233d9f4dL,
-        0x4e07633318cdc675L } },
-    /* 0 << 70 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 70 */
-    { { 0x0d53f5c7a3e6fcedL,0xe8cbbdd5f45fbdebL,0xf85c01df13339a70L,
-        0x0ff71880142ceb81L },
-      { 0x4c4e8774bd70437aL,0x5fb32891ba0bda6aL,0x1cdbebd2f18bd26eL,
-        0x2f9526f103a9d522L } },
-    /* 2 << 70 */
-    { { 0x40ce305192c4d684L,0x8b04d7257612efcdL,0xb9dcda366f9cae20L,
-        0x0edc4d24f058856cL },
-      { 0x64f2e6bf85427900L,0x3de81295dc09dfeaL,0xd41b4487379bf26cL,
-        0x50b62c6d6df135a9L } },
-    /* 3 << 70 */
-    { { 0xd4f8e3b4c72dfe67L,0xc416b0f690e19fdfL,0x18b9098d4c13bd35L,
-        0xac11118a15b8cb9eL },
-      { 0xf598a318f0062841L,0xbfe0602f89f356f4L,0x7ae3637e30177a0cL,
-        0x3409774761136537L } },
-    /* 4 << 70 */
-    { { 0x0db2fb5ed005832aL,0x5f5efd3b91042e4fL,0x8c4ffdc6ed70f8caL,
-        0xe4645d0bb52da9ccL },
-      { 0x9596f58bc9001d1fL,0x52c8f0bc4e117205L,0xfd4aa0d2e398a084L,
-        0x815bfe3a104f49deL } },
-    /* 5 << 70 */
-    { { 0x97e5443f23885e5fL,0xf72f8f99e8433aabL,0xbd00b154e4d4e604L,
-        0xd0b35e6ae5e173ffL },
-      { 0x57b2a0489164722dL,0x3e3c665b88761ec8L,0x6bdd13973da83832L,
-        0x3c8b1a1e73dafe3bL } },
-    /* 6 << 70 */
-    { { 0x4497ace654317cacL,0xbe600ab9521771b3L,0xb42e409eb0dfe8b8L,
-        0x386a67d73942310fL },
-      { 0x25548d8d4431cc28L,0xa7cff142985dc524L,0x4d60f5a193c4be32L,
-        0x83ebd5c8d071c6e1L } },
-    /* 7 << 70 */
-    { { 0xba3a80a7b1fd2b0bL,0x9b3ad3965bec33e8L,0xb3868d6179743fb3L,
-        0xcfd169fcfdb462faL },
-      { 0xd3b499d79ce0a6afL,0x55dc1cf1e42d3ff8L,0x04fb9e6cc6c3e1b2L,
-        0x47e6961d6f69a474L } },
-    /* 8 << 70 */
-    { { 0x54eb3acce548b37bL,0xb38e754284d40549L,0x8c3daa517b341b4fL,
-        0x2f6928ec690bf7faL },
-      { 0x0496b32386ce6c41L,0x01be1c5510adadcdL,0xc04e67e74bb5faf9L,
-        0x3cbaf678e15c9985L } },
-    /* 9 << 70 */
-    { { 0x8cd1214550ca4247L,0xba1aa47ae7dd30aaL,0x2f81ddf1e58fee24L,
-        0x03452936eec9b0e8L },
-      { 0x8bdc3b81243aea96L,0x9a2919af15c3d0e5L,0x9ea640ec10948361L,
-        0x5ac86d5b6e0bcccfL } },
-    /* 10 << 70 */
-    { { 0xf892d918c36cf440L,0xaed3e837c939719cL,0xb07b08d2c0218b64L,
-        0x6f1bcbbace9790ddL },
-      { 0x4a84d6ed60919b8eL,0xd89007918ac1f9ebL,0xf84941aa0dd5daefL,
-        0xb22fe40a67fd62c5L } },
-    /* 11 << 70 */
-    { { 0x97e15ba2157f2db3L,0xbda2fc8f8e28ca9cL,0x5d050da437b9f454L,
-        0x3d57eb572379d72eL },
-      { 0xe9b5eba2fb5ee997L,0x01648ca2e11538caL,0x32bb76f6f6327974L,
-        0x338f14b8ff3f4bb7L } },
-    /* 12 << 70 */
-    { { 0x524d226ad7ab9a2dL,0x9c00090d7dfae958L,0x0ba5f5398751d8c2L,
-        0x8afcbcdd3ab8262dL },
-      { 0x57392729e99d043bL,0xef51263baebc943aL,0x9feace9320862935L,
-        0x639efc03b06c817bL } },
-    /* 13 << 70 */
-    { { 0x1fe054b366b4be7aL,0x3f25a9de84a37a1eL,0xf39ef1ad78d75cd9L,
-        0xd7b58f495062c1b5L },
-      { 0x6f74f9a9ff563436L,0xf718ff29e8af51e7L,0x5234d31315e97fecL,
-        0xb6a8e2b1292f1c0aL } },
-    /* 14 << 70 */
-    { { 0xa7f53aa8327720c1L,0x956ca322ba092cc8L,0x8f03d64a28746c4dL,
-        0x51fe178266d0d392L },
-      { 0xd19b34db3c832c80L,0x60dccc5c6da2e3b4L,0x245dd62e0a104cccL,
-        0xa7ab1de1620b21fdL } },
-    /* 15 << 70 */
-    { { 0xb293ae0b3893d123L,0xf7b75783b15ee71cL,0x5aa3c61442a9468bL,
-        0xd686123cdb15d744L },
-      { 0x8c616891a7ab4116L,0x6fcd72c8a4e6a459L,0xac21911077e5fad7L,
-        0xfb6a20e7704fa46bL } },
-    /* 16 << 70 */
-    { { 0xe839be7d341d81dcL,0xcddb688932148379L,0xda6211a1f7026eadL,
-        0xf3b2575ff4d1cc5eL },
-      { 0x40cfc8f6a7a73ae6L,0x83879a5e61d5b483L,0xc5acb1ed41a50ebcL,
-        0x59a60cc83c07d8faL } },
-    /* 17 << 70 */
-    { { 0x1b73bdceb1876262L,0x2b0d79f012af4ee9L,0x8bcf3b0bd46e1d07L,
-        0x17d6af9de45d152fL },
-      { 0x735204616d736451L,0x43cbbd9756b0bf5aL,0xb0833a5bd5999b9dL,
-        0x702614f0eb72e398L } },
-    /* 18 << 70 */
-    { { 0x0aadf01a59c3e9f8L,0x40200e77ce6b3d16L,0xda22bdd3deddafadL,
-        0x76dedaf4310d72e1L },
-      { 0x49ef807c4bc2e88fL,0x6ba81291146dd5a5L,0xa1a4077a7d8d59e9L,
-        0x87b6a2e7802db349L } },
-    /* 19 << 70 */
-    { { 0xd56799971b4e598eL,0xf499ef1f06fe4b1dL,0x3978d3aefcb267c5L,
-        0xb582b557235786d0L },
-      { 0x32b3b2ca1715cb07L,0x4c3de6a28480241dL,0x63b5ffedcb571ecdL,
-        0xeaf53900ed2fe9a9L } },
-    /* 20 << 70 */
-    { { 0xdec98d4ac3b81990L,0x1cb837229e0cc8feL,0xfe0b0491d2b427b9L,
-        0x0f2386ace983a66cL },
-      { 0x930c4d1eb3291213L,0xa2f82b2e59a62ae4L,0x77233853f93e89e3L,
-        0x7f8063ac11777c7fL } },
-    /* 21 << 70 */
-    { { 0xff0eb56759ad2877L,0x6f4546429865c754L,0xe6fe701a236e9a84L,
-        0xc586ef1606e40fc3L },
-      { 0x3f62b6e024bafad9L,0xc8b42bd264da906aL,0xc98e1eb4da3276a0L,
-        0x30d0e5fc06cbf852L } },
-    /* 22 << 70 */
-    { { 0x1b6b2ae1e8b4dfd4L,0xd754d5c78301cbacL,0x66097629112a39acL,
-        0xf86b599993ba4ab9L },
-      { 0x26c9dea799f9d581L,0x0473b1a8c2fafeaaL,0x1469af553b2505a5L,
-        0x227d16d7d6a43323L } },
-    /* 23 << 70 */
-    { { 0x3316f73cad3d97f9L,0x52bf3bb51f137455L,0x953eafeb09954e7cL,
-        0xa721dfeddd732411L },
-      { 0xb4929821141d4579L,0x3411321caa3bd435L,0xafb355aa17fa6015L,
-        0xb4e7ef4a18e42f0eL } },
-    /* 24 << 70 */
-    { { 0x604ac97c59371000L,0xe1c48c707f759c18L,0x3f62ecc5a5db6b65L,
-        0x0a78b17338a21495L },
-      { 0x6be1819dbcc8ad94L,0x70dc04f6d89c3400L,0x462557b4a6b4840aL,
-        0x544c6ade60bd21c0L } },
-    /* 25 << 70 */
-    { { 0x6a00f24e907a544bL,0xa7520dcb313da210L,0xfe939b7511e4994bL,
-        0x918b6ba6bc275d70L },
-      { 0xd3e5e0fc644be892L,0x707a9816fdaf6c42L,0x60145567f15c13feL,
-        0x4818ebaae130a54aL } },
-    /* 26 << 70 */
-    { { 0x28aad3ad58d2f767L,0xdc5267fdd7e7c773L,0x4919cc88c3afcc98L,
-        0xaa2e6ab02db8cd4bL },
-      { 0xd46fec04d0c63eaaL,0xa1cb92c519ffa832L,0x678dd178e43a631fL,
-        0xfb5ae1cd3dc788b3L } },
-    /* 27 << 70 */
-    { { 0x68b4fb906e77de04L,0x7992bcf0f06dbb97L,0x896e6a13c417c01dL,
-        0x8d96332cb956be01L },
-      { 0x902fc93a413aa2b9L,0x99a4d915fc98c8a5L,0x52c29407565f1137L,
-        0x4072690f21e4f281L } },
-    /* 28 << 70 */
-    { { 0x36e607cf02ff6072L,0xa47d2ca98ad98cdcL,0xbf471d1ef5f56609L,
-        0xbcf86623f264ada0L },
-      { 0xb70c0687aa9e5cb6L,0xc98124f217401c6cL,0x8189635fd4a61435L,
-        0xd28fb8afa9d98ea6L } },
-    /* 29 << 70 */
-    { { 0xb9a67c2a40c251f8L,0x88cd5d87a2da44beL,0x437deb96e09b5423L,
-        0x150467db64287dc1L },
-      { 0xe161debbcdabb839L,0xa79e9742f1839a3eL,0xbb8dd3c2652d202bL,
-        0x7b3e67f7e9f97d96L } },
-    /* 30 << 70 */
-    { { 0x5aa5d78fb1cb6ac9L,0xffa13e8eca1d0d45L,0x369295dd2ba5bf95L,
-        0xd68bd1f839aff05eL },
-      { 0xaf0d86f926d783f2L,0x543a59b3fc3aafc1L,0x3fcf81d27b7da97cL,
-        0xc990a056d25dee46L } },
-    /* 31 << 70 */
-    { { 0x3e6775b8519cce2cL,0xfc9af71fae13d863L,0x774a4a6f47c1605cL,
-        0x46ba42452fd205e8L },
-      { 0xa06feea4d3fd524dL,0x1e7246416de1acc2L,0xf53816f1334e2b42L,
-        0x49e5918e922f0024L } },
-    /* 32 << 70 */
-    { { 0x439530b665c7322dL,0xcf12cc01b3c1b3fbL,0xc70b01860172f685L,
-        0xb915ee221b58391dL },
-      { 0x9afdf03ba317db24L,0x87dec65917b8ffc4L,0x7f46597be4d3d050L,
-        0x80a1c1ed006500e7L } },
-    /* 33 << 70 */
-    { { 0x84902a9678bf030eL,0xfb5e9c9a50560148L,0x6dae0a9263362426L,
-        0xdcaeecf4a9e30c40L },
-      { 0xc0d887bb518d0c6bL,0x99181152cb985b9dL,0xad186898ef7bc381L,
-        0x18168ffb9ee46201L } },
-    /* 34 << 70 */
-    { { 0x9a04cdaa2502753cL,0xbb279e2651407c41L,0xeacb03aaf23564e5L,
-        0x1833658271e61016L },
-      { 0x8684b8c4eb809877L,0xb336e18dea0e672eL,0xefb601f034ee5867L,
-        0x2733edbe1341cfd1L } },
-    /* 35 << 70 */
-    { { 0xb15e809a26025c3cL,0xe6e981a69350df88L,0x923762378502fd8eL,
-        0x4791f2160c12be9bL },
-      { 0xb725678925f02425L,0xec8631947a974443L,0x7c0ce882fb41cc52L,
-        0xc266ff7ef25c07f2L } },
-    /* 36 << 70 */
-    { { 0x3d4da8c3017025f3L,0xefcf628cfb9579b4L,0x5c4d00161f3716ecL,
-        0x9c27ebc46801116eL },
-      { 0x5eba0ea11da1767eL,0xfe15145247004c57L,0x3ace6df68c2373b7L,
-        0x75c3dffe5dbc37acL } },
-    /* 37 << 70 */
-    { { 0x3dc32a73ddc925fcL,0xb679c8412f65ee0bL,0x715a3295451cbfebL,
-        0xd9889768f76e9a29L },
-      { 0xec20ce7fb28ad247L,0xe99146c400894d79L,0x71457d7c9f5e3ea7L,
-        0x097b266238030031L } },
-    /* 38 << 70 */
-    { { 0xdb7f6ae6cf9f82a8L,0x319decb9438f473aL,0xa63ab386283856c3L,
-        0x13e3172fb06a361bL },
-      { 0x2959f8dc7d5a006cL,0x2dbc27c675fba752L,0xc1227ab287c22c9eL,
-        0x06f61f7571a268b2L } },
-    /* 39 << 70 */
-    { { 0x1b6bb97104779ce2L,0xaca838120aadcb1dL,0x297ae0bcaeaab2d5L,
-        0xa5c14ee75bfb9f13L },
-      { 0xaa00c583f17a62c7L,0x39eb962c173759f6L,0x1eeba1d486c9a88fL,
-        0x0ab6c37adf016c5eL } },
-    /* 40 << 70 */
-    { { 0xa2a147dba28a0749L,0x246c20d6ee519165L,0x5068d1b1d3810715L,
-        0xb1e7018c748160b9L },
-      { 0x03f5b1faf380ff62L,0xef7fb1ddf3cb2c1eL,0xeab539a8fc91a7daL,
-        0x83ddb707f3f9b561L } },
-    /* 41 << 70 */
-    { { 0xc550e211fe7df7a4L,0xa7cd07f2063f6f40L,0xb0de36352976879cL,
-        0xb5f83f85e55741daL },
-      { 0x4ea9d25ef3d8ac3dL,0x6fe2066f62819f02L,0x4ab2b9c2cef4a564L,
-        0x1e155d965ffa2de3L } },
-    /* 42 << 70 */
-    { { 0x0eb0a19bc3a72d00L,0x4037665b8513c31bL,0x2fb2b6bf04c64637L,
-        0x45c34d6e08cdc639L },
-      { 0x56f1e10ff01fd796L,0x4dfb8101fe3667b8L,0xe0eda2539021d0c0L,
-        0x7a94e9ff8a06c6abL } },
-    /* 43 << 70 */
-    { { 0x2d3bb0d9bb9aa882L,0xea20e4e5ec05fd10L,0xed7eeb5f1a1ca64eL,
-        0x2fa6b43cc6327cbdL },
-      { 0xb577e3cf3aa91121L,0x8c6bd5ea3a34079bL,0xd7e5ba3960e02fc0L,
-        0xf16dd2c390141bf8L } },
-    /* 44 << 70 */
-    { { 0xb57276d980101b98L,0x760883fdb82f0f66L,0x89d7de754bc3eff3L,
-        0x03b606435dc2ab40L },
-      { 0xcd6e53dfe05beeacL,0xf2f1e862bc3325cdL,0xdd0f7921774f03c3L,
-        0x97ca72214552cc1bL } },
-    /* 45 << 70 */
-    { { 0x5a0d6afe1cd19f72L,0xa20915dcf183fbebL,0x9fda4b40832c403cL,
-        0x32738eddbe425442L },
-      { 0x469a1df6b5eccf1aL,0x4b5aff4228bbe1f0L,0x31359d7f570dfc93L,
-        0xa18be235f0088628L } },
-    /* 46 << 70 */
-    { { 0xa5b30fbab00ed3a9L,0x34c6137473cdf8beL,0x2c5c5f46abc56797L,
-        0x5cecf93db82a8ae2L },
-      { 0x7d3dbe41a968fbf0L,0xd23d45831a5c7f3dL,0xf28f69a0c087a9c7L,
-        0xc2d75471474471caL } },
-    /* 47 << 70 */
-    { { 0x36ec9f4a4eb732ecL,0x6c943bbdb1ca6bedL,0xd64535e1f2457892L,
-        0x8b84a8eaf7e2ac06L },
-      { 0xe0936cd32499dd5fL,0x12053d7e0ed04e57L,0x4bdd0076e4305d9dL,
-        0x34a527b91f67f0a2L } },
-    /* 48 << 70 */
-    { { 0xe79a4af09cec46eaL,0xb15347a1658b9bc7L,0x6bd2796f35af2f75L,
-        0xac9579904051c435L },
-      { 0x2669dda3c33a655dL,0x5d503c2e88514aa3L,0xdfa113373753dd41L,
-        0x3f0546730b754f78L } },
-    /* 49 << 70 */
-    { { 0xbf185677496125bdL,0xfb0023c83775006cL,0xfa0f072f3a037899L,
-        0x4222b6eb0e4aea57L },
-      { 0x3dde5e767866d25aL,0xb6eb04f84837aa6fL,0x5315591a2cf1cdb8L,
-        0x6dfb4f412d4e683cL } },
-    /* 50 << 70 */
-    { { 0x7e923ea448ee1f3aL,0x9604d9f705a2afd5L,0xbe1d4a3340ea4948L,
-        0x5b45f1f4b44cbd2fL },
-      { 0x5faf83764acc757eL,0xa7cf9ab863d68ff7L,0x8ad62f69df0e404bL,
-        0xd65f33c212bdafdfL } },
-    /* 51 << 70 */
-    { { 0xc365de15a377b14eL,0x6bf5463b8e39f60cL,0x62030d2d2ce68148L,
-        0xd95867efe6f843a8L },
-      { 0xd39a0244ef5ab017L,0x0bd2d8c14ab55d12L,0xc9503db341639169L,
-        0x2d4e25b0f7660c8aL } },
-    /* 52 << 70 */
-    { { 0x760cb3b5e224c5d7L,0xfa3baf8c68616919L,0x9fbca1138d142552L,
-        0x1ab18bf17669ebf5L },
-      { 0x55e6f53e9bdf25ddL,0x04cc0bf3cb6cd154L,0x595bef4995e89080L,
-        0xfe9459a8104a9ac1L } },
-    /* 53 << 70 */
-    { { 0xad2d89cacce9bb32L,0xddea65e1f7de8285L,0x62ed8c35b351bd4bL,
-        0x4150ff360c0e19a7L },
-      { 0x86e3c801345f4e47L,0x3bf21f71203a266cL,0x7ae110d4855b1f13L,
-        0x5d6aaf6a07262517L } },
-    /* 54 << 70 */
-    { { 0x1e0f12e1813d28f1L,0x6000e11d7ad7a523L,0xc7d8deefc744a17bL,
-        0x1e990b4814c05a00L },
-      { 0x68fddaee93e976d5L,0x696241d146610d63L,0xb204e7c3893dda88L,
-        0x8bccfa656a3a6946L } },
-    /* 55 << 70 */
-    { { 0xb59425b4c5cd1411L,0x701b4042ff3658b1L,0xe3e56bca4784cf93L,
-        0x27de5f158fe68d60L },
-      { 0x4ab9cfcef8d53f19L,0xddb10311a40a730dL,0x6fa73cd14eee0a8aL,
-        0xfd5487485249719dL } },
-    /* 56 << 70 */
-    { { 0x49d66316a8123ef0L,0x73c32db4e7f95438L,0x2e2ed2090d9e7854L,
-        0xf98a93299d9f0507L },
-      { 0xc5d33cf60c6aa20aL,0x9a32ba1475279bb2L,0x7e3202cb774a7307L,
-        0x64ed4bc4e8c42dbdL } },
-    /* 57 << 70 */
-    { { 0xc20f1a06d4caed0dL,0xb8021407171d22b3L,0xd426ca04d13268d7L,
-        0x9237700725f4d126L },
-      { 0x4204cbc371f21a85L,0x18461b7af82369baL,0xc0c07d313fc858f9L,
-        0x5deb5a50e2bab569L } },
-    /* 58 << 70 */
-    { { 0xd5959d46d5eea89eL,0xfdff842408437f4bL,0xf21071e43cfe254fL,
-        0x7241769695468321L },
-      { 0x5d8288b9102cae3eL,0x2d143e3df1965dffL,0x00c9a376a078d847L,
-        0x6fc0da3126028731L } },
-    /* 59 << 70 */
-    { { 0xa2baeadfe45083a2L,0x66bc72185e5b4bcdL,0x2c826442d04b8e7fL,
-        0xc19f54516c4b586bL },
-      { 0x60182c495b7eeed5L,0xd9954ecd7aa9dfa1L,0xa403a8ecc73884adL,
-        0x7fb17de29bb39041L } },
-    /* 60 << 70 */
-    { { 0x694b64c5abb020e8L,0x3d18c18419c4eec7L,0x9c4673ef1c4793e5L,
-        0xc7b8aeb5056092e6L },
-      { 0x3aa1ca43f0f8c16bL,0x224ed5ecd679b2f6L,0x0d56eeaf55a205c9L,
-        0xbfe115ba4b8e028bL } },
-    /* 61 << 70 */
-    { { 0x97e608493927f4feL,0xf91fbf94759aa7c5L,0x985af7696be90a51L,
-        0xc1277b7878ccb823L },
-      { 0x395b656ee7a75952L,0x00df7de0928da5f5L,0x09c231754ca4454fL,
-        0x4ec971f47aa2d3c1L } },
-    /* 62 << 70 */
-    { { 0x45c3c507e75d9cccL,0x63b7be8a3dc90306L,0x37e09c665db44bdcL,
-        0x50d60da16841c6a2L },
-      { 0x6f9b65ee08df1b12L,0x387348797ff089dfL,0x9c331a663fe8013dL,
-        0x017f5de95f42fcc8L } },
-    /* 63 << 70 */
-    { { 0x43077866e8e57567L,0xc9f781cef9fcdb18L,0x38131dda9b12e174L,
-        0x25d84aa38a03752aL },
-      { 0x45e09e094d0c0ce2L,0x1564008b92bebba5L,0xf7e8ad31a87284c7L,
-        0xb7c4b46c97e7bbaaL } },
-    /* 64 << 70 */
-    { { 0x3e22a7b397acf4ecL,0x0426c4005ea8b640L,0x5e3295a64e969285L,
-        0x22aabc59a6a45670L },
-      { 0xb929714c5f5942bcL,0x9a6168bdfa3182edL,0x2216a665104152baL,
-        0x46908d03b6926368L } },
-    /* 0 << 77 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 77 */
-    { { 0xa9f5d8745a1251fbL,0x967747a8c72725c7L,0x195c33e531ffe89eL,
-        0x609d210fe964935eL },
-      { 0xcafd6ca82fe12227L,0xaf9b5b960426469dL,0x2e9ee04c5693183cL,
-        0x1084a333c8146fefL } },
-    /* 2 << 77 */
-    { { 0x96649933aed1d1f7L,0x566eaff350563090L,0x345057f0ad2e39cfL,
-        0x148ff65b1f832124L },
-      { 0x042e89d4cf94cf0dL,0x319bec84520c58b3L,0x2a2676265361aa0dL,
-        0xc86fa3028fbc87adL } },
-    /* 3 << 77 */
-    { { 0xfc83d2ab5c8b06d5L,0xb1a785a2fe4eac46L,0xb99315bc846f7779L,
-        0xcf31d816ef9ea505L },
-      { 0x2391fe6a15d7dc85L,0x2f132b04b4016b33L,0x29547fe3181cb4c7L,
-        0xdb66d8a6650155a1L } },
-    /* 4 << 77 */
-    { { 0x6b66d7e1adc1696fL,0x98ebe5930acd72d0L,0x65f24550cc1b7435L,
-        0xce231393b4b9a5ecL },
-      { 0x234a22d4db067df9L,0x98dda095caff9b00L,0x1bbc75a06100c9c1L,
-        0x1560a9c8939cf695L } },
-    /* 5 << 77 */
-    { { 0xcf006d3e99e0925fL,0x2dd74a966322375aL,0xc58b446ab56af5baL,
-        0x50292683e0b9b4f1L },
-      { 0xe2c34cb41aeaffa3L,0x8b17203f9b9587c1L,0x6d559207ead1350cL,
-        0x2b66a215fb7f9604L } },
-    /* 6 << 77 */
-    { { 0x0850325efe51bf74L,0x9c4f579e5e460094L,0x5c87b92a76da2f25L,
-        0x889de4e06febef33L },
-      { 0x6900ec06646083ceL,0xbe2a0335bfe12773L,0xadd1da35c5344110L,
-        0x757568b7b802cd20L } },
-    /* 7 << 77 */
-    { { 0x7555977900f7e6c8L,0x38e8b94f0facd2f0L,0xfea1f3af03fde375L,
-        0x5e11a1d875881dfcL },
-      { 0xb3a6b02ec1e2f2efL,0x193d2bbbc605a6c5L,0x325ffeee339a0b2dL,
-        0x27b6a7249e0c8846L } },
-    /* 8 << 77 */
-    { { 0xe4050f1cf1c367caL,0x9bc85a9bc90fbc7dL,0xa373c4a2e1a11032L,
-        0xb64232b7ad0393a9L },
-      { 0xf5577eb0167dad29L,0x1604f30194b78ab2L,0x0baa94afe829348bL,
-        0x77fbd8dd41654342L } },
-    /* 9 << 77 */
-    { { 0xdab50ea5b964e39aL,0xd4c29e3cd0d3c76eL,0x80dae67c56d11964L,
-        0x7307a8bfe5ffcc2fL },
-      { 0x65bbc1aa91708c3bL,0xa151e62c28bf0eebL,0x6cb533816fa34db7L,
-        0x5139e05ca29403a8L } },
-    /* 10 << 77 */
-    { { 0x6ff651b494a7cd2eL,0x5671ffd10699336cL,0x6f5fd2cc979a896aL,
-        0x11e893a8d8148cefL },
-      { 0x988906a165cf7b10L,0x81b67178c50d8485L,0x7c0deb358a35b3deL,
-        0x423ac855c1d29799L } },
-    /* 11 << 77 */
-    { { 0xaf580d87dac50b74L,0x28b2b89f5869734cL,0x99a3b936874e28fbL,
-        0xbb2c919025f3f73aL },
-      { 0x199f691884a9d5b7L,0x7ebe23257e770374L,0xf442e1070738efe2L,
-        0xcf9f3f56cf9082d2L } },
-    /* 12 << 77 */
-    { { 0x719f69e109618708L,0xcc9e8364c183f9b1L,0xec203a95366a21afL,
-        0x6aec5d6d068b141fL },
-      { 0xee2df78a994f04e9L,0xb39ccae8271245b0L,0xb875a4a997e43f4fL,
-        0x507dfe11db2cea98L } },
-    /* 13 << 77 */
-    { { 0x4fbf81cb489b03e9L,0xdb86ec5b6ec414faL,0xfad444f9f51b3ae5L,
-        0xca7d33d61914e3feL },
-      { 0xa9c32f5c0ae6c4d0L,0xa9ca1d1e73969568L,0x98043c311aa7467eL,
-        0xe832e75ce21b5ac6L } },
-    /* 14 << 77 */
-    { { 0x314b7aea5232123dL,0x08307c8c65ae86dbL,0x06e7165caa4668edL,
-        0xb170458bb4d3ec39L },
-      { 0x4d2e3ec6c19bb986L,0xc5f34846ae0304edL,0x917695a06c9f9722L,
-        0x6c7f73174cab1c0aL } },
-    /* 15 << 77 */
-    { { 0x6295940e9d6d2e8bL,0xd318b8c1549f7c97L,0x2245320497713885L,
-        0x468d834ba8a440feL },
-      { 0xd81fe5b2bfba796eL,0x152364db6d71f116L,0xbb8c7c59b5b66e53L,
-        0x0b12c61b2641a192L } },
-    /* 16 << 77 */
-    { { 0x31f14802fcf0a7fdL,0x42fd07895488b01eL,0x71d78d6d9952b498L,
-        0x8eb572d907ac5201L },
-      { 0xe0a2a44c4d194a88L,0xd2b63fd9ba017e66L,0x78efc6c8f888aefcL,
-        0xb76f6bda4a881a11L } },
-    /* 17 << 77 */
-    { { 0x187f314bb46c2397L,0x004cf5665ded2819L,0xa9ea570438764d34L,
-        0xbba4521778084709L },
-      { 0x064745711171121eL,0xad7b7eb1e7c9b671L,0xdacfbc40730f7507L,
-        0x178cd8c6c7ad7bd1L } },
-    /* 18 << 77 */
-    { { 0xbf0be101b2a67238L,0x3556d367af9c14f2L,0x104b7831a5662075L,
-        0x58ca59bb79d9e60aL },
-      { 0x4bc45392a569a73bL,0x517a52e85698f6c9L,0x85643da5aeadd755L,
-        0x1aed0cd52a581b84L } },
-    /* 19 << 77 */
-    { { 0xb9b4ff8480af1372L,0x244c3113f1ba5d1fL,0x2a5dacbef5f98d31L,
-        0x2c3323e84375bc2aL },
-      { 0x17a3ab4a5594b1ddL,0xa1928bfbceb4797eL,0xe83af245e4886a19L,
-        0x8979d54672b5a74aL } },
-    /* 20 << 77 */
-    { { 0xa0f726bc19f9e967L,0xd9d03152e8fbbf4eL,0xcfd6f51db7707d40L,
-        0x633084d963f6e6e0L },
-      { 0xedcd9cdc55667eafL,0x73b7f92b2e44d56fL,0xfb2e39b64e962b14L,
-        0x7d408f6ef671fcbfL } },
-    /* 21 << 77 */
-    { { 0xcc634ddc164a89bbL,0x74a42bb23ef3bd05L,0x1280dbb2428decbbL,
-        0x6103f6bb402c8596L },
-      { 0xfa2bf581355a5752L,0x562f96a800946674L,0x4e4ca16d6da0223bL,
-        0xfe47819f28d3aa25L } },
-    /* 22 << 77 */
-    { { 0x9eea3075f8dfcf8aL,0xa284f0aa95669825L,0xb3fca250867d3fd8L,
-        0x20757b5f269d691eL },
-      { 0xf2c2402093b8a5deL,0xd3f93359ebc06da6L,0x1178293eb2739c33L,
-        0xd2a3e770bcd686e5L } },
-    /* 23 << 77 */
-    { { 0xa76f49f4cd941534L,0x0d37406be3c71c0eL,0x172d93973b97f7e3L,
-        0xec17e239bd7fd0deL },
-      { 0xe32905516f496ba2L,0x6a69317236ad50e7L,0xc4e539a283e7eff5L,
-        0x752737e718e1b4cfL } },
-    /* 24 << 77 */
-    { { 0xa2f7932c68af43eeL,0x5502468e703d00bdL,0xe5dc978f2fb061f5L,
-        0xc9a1904a28c815adL },
-      { 0xd3af538d470c56a4L,0x159abc5f193d8cedL,0x2a37245f20108ef3L,
-        0xfa17081e223f7178L } },
-    /* 25 << 77 */
-    { { 0x27b0fb2b10c8c0f5L,0x2102c3ea40650547L,0x594564df8ac3bfa7L,
-        0x98102033509dad96L },
-      { 0x6989643ff1d18a13L,0x35eebd91d7fc5af0L,0x078d096afaeaafd8L,
-        0xb7a89341def3de98L } },
-    /* 26 << 77 */
-    { { 0x2a206e8decf2a73aL,0x066a63978e551994L,0x3a6a088ab98d53a2L,
-        0x0ce7c67c2d1124aaL },
-      { 0x48cec671759a113cL,0xe3b373d34f6f67faL,0x5455d479fd36727bL,
-        0xe5a428eea13c0d81L } },
-    /* 27 << 77 */
-    { { 0xb853dbc81c86682bL,0xb78d2727b8d02b2aL,0xaaf69bed8ebc329aL,
-        0xdb6b40b3293b2148L },
-      { 0xe42ea77db8c4961fL,0xb1a12f7c20e5e0abL,0xa0ec527479e8b05eL,
-        0x68027391fab60a80L } },
-    /* 28 << 77 */
-    { { 0x6bfeea5f16b1bd5eL,0xf957e4204de30ad3L,0xcbaf664e6a353b9eL,
-        0x5c87331226d14febL },
-      { 0x4e87f98cb65f57cbL,0xdb60a6215e0cdd41L,0x67c16865a6881440L,
-        0x1093ef1a46ab52aaL } },
-    /* 29 << 77 */
-    { { 0xc095afb53f4ece64L,0x6a6bb02e7604551aL,0x55d44b4e0b26b8cdL,
-        0xe5f9a999f971268aL },
-      { 0xc08ec42511a7de84L,0x83568095fda469ddL,0x737bfba16c6c90a2L,
-        0x1cb9c4a0be229831L } },
-    /* 30 << 77 */
-    { { 0x93bccbbabb2eec64L,0xa0c23b64da03adbeL,0x5f7aa00ae0e86ac4L,
-        0x470b941efc1401e6L },
-      { 0x5ad8d6799df43574L,0x4ccfb8a90f65d810L,0x1bce80e3aa7fbd81L,
-        0x273291ad9508d20aL } },
-    /* 31 << 77 */
-    { { 0xf5c4b46b42a92806L,0x810684eca86ab44aL,0x4591640bca0bc9f8L,
-        0xb5efcdfc5c4b6054L },
-      { 0x16fc89076e9edd12L,0xe29d0b50d4d792f9L,0xa45fd01c9b03116dL,
-        0x85035235c81765a4L } },
-    /* 32 << 77 */
-    { { 0x1fe2a9b2b4b4b67cL,0xc1d10df0e8020604L,0x9d64abfcbc8058d8L,
-        0x8943b9b2712a0fbbL },
-      { 0x90eed9143b3def04L,0x85ab3aa24ce775ffL,0x605fd4ca7bbc9040L,
-        0x8b34a564e2c75dfbL } },
-    /* 33 << 77 */
-    { { 0x41ffc94a10358560L,0x2d8a50729e5c28aaL,0xe915a0fc4cc7eb15L,
-        0xe9efab058f6d0f5dL },
-      { 0xdbab47a9d19e9b91L,0x8cfed7450276154cL,0x154357ae2cfede0dL,
-        0x520630df19f5a4efL } },
-    /* 34 << 77 */
-    { { 0x25759f7ce382360fL,0xb6db05c988bf5857L,0x2917d61d6c58d46cL,
-        0x14f8e491fd20cb7aL },
-      { 0xb68a727a11c20340L,0x0386f86faf7ccbb6L,0x5c8bc6ccfee09a20L,
-        0x7d76ff4abb7eea35L } },
-    /* 35 << 77 */
-    { { 0xa7bdebe7db15be7aL,0x67a08054d89f0302L,0x56bf0ea9c1193364L,
-        0xc824446762837ebeL },
-      { 0x32bd8e8b20d841b8L,0x127a0548dbb8a54fL,0x83dd4ca663b20236L,
-        0x87714718203491faL } },
-    /* 36 << 77 */
-    { { 0x4dabcaaaaa8a5288L,0x91cc0c8aaf23a1c9L,0x34c72c6a3f220e0cL,
-        0xbcc20bdf1232144aL },
-      { 0x6e2f42daa20ede1bL,0xc441f00c74a00515L,0xbf46a5b6734b8c4bL,
-        0x574095037b56c9a4L } },
-    /* 37 << 77 */
-    { { 0x9f735261e4585d45L,0x9231faed6734e642L,0x1158a176be70ee6cL,
-        0x35f1068d7c3501bfL },
-      { 0x6beef900a2d26115L,0x649406f2ef0afee3L,0x3f43a60abc2420a1L,
-        0x509002a7d5aee4acL } },
-    /* 38 << 77 */
-    { { 0xb46836a53ff3571bL,0x24f98b78837927c1L,0x6254256a4533c716L,
-        0xf27abb0bd07ee196L },
-      { 0xd7cf64fc5c6d5bfdL,0x6915c751f0cd7a77L,0xd9f590128798f534L,
-        0x772b0da8f81d8b5fL } },
-    /* 39 << 77 */
-    { { 0x1244260c2e03fa69L,0x36cf0e3a3be1a374L,0x6e7c1633ef06b960L,
-        0xa71a4c55671f90f6L },
-      { 0x7a94125133c673dbL,0xc0bea51073e8c131L,0x61a8a699d4f6c734L,
-        0x25e78c88341ed001L } },
-    /* 40 << 77 */
-    { { 0x5c18acf88e2f7d90L,0xfdbf33d777be32cdL,0x0a085cd7d2eb5ee9L,
-        0x2d702cfbb3201115L },
-      { 0xb6e0ebdb85c88ce8L,0x23a3ce3c1e01d617L,0x3041618e567333acL,
-        0x9dd0fd8f157edb6bL } },
-    /* 41 << 77 */
-    { { 0x27f74702b57872b8L,0x2ef26b4f657d5fe1L,0x95426f0a57cf3d40L,
-        0x847e2ad165a6067aL },
-      { 0xd474d9a009996a74L,0x16a56acd2a26115cL,0x02a615c3d16f4d43L,
-        0xcc3fc965aadb85b7L } },
-    /* 42 << 77 */
-    { { 0x386bda73ce07d1b0L,0xd82910c258ad4178L,0x124f82cfcd2617f4L,
-        0xcc2f5e8def691770L },
-      { 0x82702550b8c30cccL,0x7b856aea1a8e575aL,0xbb822fefb1ab9459L,
-        0x085928bcec24e38eL } },
-    /* 43 << 77 */
-    { { 0x5d0402ecba8f4b4dL,0xc07cd4ba00b4d58bL,0x5d8dffd529227e7aL,
-        0x61d44d0c31bf386fL },
-      { 0xe486dc2b135e6f4dL,0x680962ebe79410efL,0xa61bd343f10088b5L,
-        0x6aa76076e2e28686L } },
-    /* 44 << 77 */
-    { { 0x80463d118fb98871L,0xcb26f5c3bbc76affL,0xd4ab8eddfbe03614L,
-        0xc8eb579bc0cf2deeL },
-      { 0xcc004c15c93bae41L,0x46fbae5d3aeca3b2L,0x671235cf0f1e9ab1L,
-        0xadfba9349ec285c1L } },
-    /* 45 << 77 */
-    { { 0x88ded013f216c980L,0xc8ac4fb8f79e0bc1L,0xa29b89c6fb97a237L,
-        0xb697b7809922d8e7L },
-      { 0x3142c639ddb945b5L,0x447b06c7e094c3a9L,0xcdcb364272266c90L,
-        0x633aad08a9385046L } },
-    /* 46 << 77 */
-    { { 0xa36c936bb57c6477L,0x871f8b64e94dbcc6L,0x28d0fb62a591a67bL,
-        0x9d40e081c1d926f5L },
-      { 0x3111eaf6f2d84b5aL,0x228993f9a565b644L,0x0ccbf5922c83188bL,
-        0xf87b30ab3df3e197L } },
-    /* 47 << 77 */
-    { { 0xb8658b317642bca8L,0x1a032d7f52800f17L,0x051dcae579bf9445L,
-        0xeba6b8ee54a2e253L },
-      { 0x5c8b9cadd4485692L,0x84bda40e8986e9beL,0xd16d16a42f0db448L,
-        0x8ec80050a14d4188L } },
-    /* 48 << 77 */
-    { { 0xb2b2610798fa7aaaL,0x41209ee4f073aa4eL,0xf1570359f2d6b19bL,
-        0xcbe6868cfc577cafL },
-      { 0x186c4bdc32c04dd3L,0xa6c35faecfeee397L,0xb4a1b312f086c0cfL,
-        0xe0a5ccc6d9461fe2L } },
-    /* 49 << 77 */
-    { { 0xc32278aa1536189fL,0x1126c55fba6df571L,0x0f71a602b194560eL,
-        0x8b2d7405324bd6e1L },
-      { 0x8481939e3738be71L,0xb5090b1a1a4d97a9L,0x116c65a3f05ba915L,
-        0x21863ad3aae448aaL } },
-    /* 50 << 77 */
-    { { 0xd24e2679a7aae5d3L,0x7076013d0de5c1c4L,0x2d50f8babb05b629L,
-        0x73c1abe26e66efbbL },
-      { 0xefd4b422f2488af7L,0xe4105d02663ba575L,0x7eb60a8b53a69457L,
-        0x62210008c945973bL } },
-    /* 51 << 77 */
-    { { 0xfb25547877a50ec6L,0xbf0392f70a37a72cL,0xa0a7a19c4be18e7aL,
-        0x90d8ea1625b1e0afL },
-      { 0x7582a293ef953f57L,0x90a64d05bdc5465aL,0xca79c497e2510717L,
-        0x560dbb7c18cb641fL } },
-    /* 52 << 77 */
-    { { 0x1d8e32864b66abfbL,0xd26f52e559030900L,0x1ee3f6435584941aL,
-        0x6d3b3730569f5958L },
-      { 0x9ff2a62f4789dba5L,0x91fcb81572b5c9b7L,0xf446cb7d6c8f9a0eL,
-        0x48f625c139b7ecb5L } },
-    /* 53 << 77 */
-    { { 0xbabae8011c6219b8L,0xe7a562d928ac2f23L,0xe1b4873226e20588L,
-        0x06ee1cad775af051L },
-      { 0xda29ae43faff79f7L,0xc141a412652ee9e0L,0x1e127f6f195f4bd0L,
-        0x29c6ab4f072f34f8L } },
-    /* 54 << 77 */
-    { { 0x7b7c147730448112L,0x82b51af1e4a38656L,0x2bf2028a2f315010L,
-        0xc9a4a01f6ea88cd4L },
-      { 0xf63e95d8257e5818L,0xdd8efa10b4519b16L,0xed8973e00da910bfL,
-        0xed49d0775c0fe4a9L } },
-    /* 55 << 77 */
-    { { 0xac3aac5eb7caee1eL,0x1033898da7f4da57L,0x42145c0e5c6669b9L,
-        0x42daa688c1aa2aa0L },
-      { 0x629cc15c1a1d885aL,0x25572ec0f4b76817L,0x8312e4359c8f8f28L,
-        0x8107f8cd81965490L } },
-    /* 56 << 77 */
-    { { 0x516ff3a36fa6110cL,0x74fb1eb1fb93561fL,0x6c0c90478457522bL,
-        0xcfd321046bb8bdc6L },
-      { 0x2d6884a2cc80ad57L,0x7c27fc3586a9b637L,0x3461baedadf4e8cdL,
-        0x1d56251a617242f0L } },
-    /* 57 << 77 */
-    { { 0x0b80d209c955bef4L,0xdf02cad206adb047L,0xf0d7cb915ec74feeL,
-        0xd25033751111ba44L },
-      { 0x9671755edf53cb36L,0x54dcb6123368551bL,0x66d69aacc8a025a4L,
-        0x6be946c6e77ef445L } },
-    /* 58 << 77 */
-    { { 0x719946d1a995e094L,0x65e848f6e51e04d8L,0xe62f33006a1e3113L,
-        0x1541c7c1501de503L },
-      { 0x4daac9faf4acfadeL,0x0e58589744cd0b71L,0x544fd8690a51cd77L,
-        0x60fc20ed0031016dL } },
-    /* 59 << 77 */
-    { { 0x58b404eca4276867L,0x46f6c3cc34f34993L,0x477ca007c636e5bdL,
-        0x8018f5e57c458b47L },
-      { 0xa1202270e47b668fL,0xcef48ccdee14f203L,0x23f98bae62ff9b4dL,
-        0x55acc035c589edddL } },
-    /* 60 << 77 */
-    { { 0x3fe712af64db4444L,0x19e9d634becdd480L,0xe08bc047a930978aL,
-        0x2dbf24eca1280733L },
-      { 0x3c0ae38c2cd706b2L,0x5b012a5b359017b9L,0x3943c38c72e0f5aeL,
-        0x786167ea57176fa3L } },
-    /* 61 << 77 */
-    { { 0xe5f9897d594881dcL,0x6b5efad8cfb820c1L,0xb2179093d55018deL,
-        0x39ad7d320bac56ceL },
-      { 0xb55122e02cfc0e81L,0x117c4661f6d89daaL,0x362d01e1cb64fa09L,
-        0x6a309b4e3e9c4dddL } },
-    /* 62 << 77 */
-    { { 0xfa979fb7abea49b1L,0xb4b1d27d10e2c6c5L,0xbd61c2c423afde7aL,
-        0xeb6614f89786d358L },
-      { 0x4a5d816b7f6f7459L,0xe431a44f09360e7bL,0x8c27a032c309914cL,
-        0xcea5d68acaede3d8L } },
-    /* 63 << 77 */
-    { { 0x3668f6653a0a3f95L,0x893694167ceba27bL,0x89981fade4728fe9L,
-        0x7102c8a08a093562L },
-      { 0xbb80310e235d21c8L,0x505e55d1befb7f7bL,0xa0a9081112958a67L,
-        0xd67e106a4d851fefL } },
-    /* 64 << 77 */
-    { { 0xb84011a9431dd80eL,0xeb7c7cca73306cd9L,0x20fadd29d1b3b730L,
-        0x83858b5bfe37b3d3L },
-      { 0xbf4cd193b6251d5cL,0x1cca1fd31352d952L,0xc66157a490fbc051L,
-        0x7990a63889b98636L } },
-    /* 0 << 84 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 84 */
-    { { 0xe5aa692a87dec0e1L,0x010ded8df7b39d00L,0x7b1b80c854cfa0b5L,
-        0x66beb876a0f8ea28L },
-      { 0x50d7f5313476cd0eL,0xa63d0e65b08d3949L,0x1a09eea953479fc6L,
-        0x82ae9891f499e742L } },
-    /* 2 << 84 */
-    { { 0xab58b9105ca7d866L,0x582967e23adb3b34L,0x89ae4447cceac0bcL,
-        0x919c667c7bf56af5L },
-      { 0x9aec17b160f5dcd7L,0xec697b9fddcaadbcL,0x0b98f341463467f5L,
-        0xb187f1f7a967132fL } },
-    /* 3 << 84 */
-    { { 0x90fe7a1d214aeb18L,0x1506af3c741432f7L,0xbb5565f9e591a0c4L,
-        0x10d41a77b44f1bc3L },
-      { 0xa09d65e4a84bde96L,0x42f060d8f20a6a1cL,0x652a3bfdf27f9ce7L,
-        0xb6bdb65c3b3d739fL } },
-    /* 4 << 84 */
-    { { 0xeb5ddcb6ec7fae9fL,0x995f2714efb66e5aL,0xdee95d8e69445d52L,
-        0x1b6c2d4609e27620L },
-      { 0x32621c318129d716L,0xb03909f10958c1aaL,0x8c468ef91af4af63L,
-        0x162c429ffba5cdf6L } },
-    /* 5 << 84 */
-    { { 0x2f682343753b9371L,0x29cab45a5f1f9cd7L,0x571623abb245db96L,
-        0xc507db093fd79999L },
-      { 0x4e2ef652af036c32L,0x86f0cc7805018e5cL,0xc10a73d4ab8be350L,
-        0x6519b3977e826327L } },
-    /* 6 << 84 */
-    { { 0xe8cb5eef9c053df7L,0x8de25b37b300ea6fL,0xdb03fa92c849cffbL,
-        0x242e43a7e84169bbL },
-      { 0xe4fa51f4dd6f958eL,0x6925a77ff4445a8dL,0xe6e72a50e90d8949L,
-        0xc66648e32b1f6390L } },
-    /* 7 << 84 */
-    { { 0xb2ab1957173e460cL,0x1bbbce7530704590L,0xc0a90dbddb1c7162L,
-        0x505e399e15cdd65dL },
-      { 0x68434dcb57797ab7L,0x60ad35ba6a2ca8e8L,0x4bfdb1e0de3336c1L,
-        0xbbef99ebd8b39015L } },
-    /* 8 << 84 */
-    { { 0x6c3b96f31711ebecL,0x2da40f1fce98fdc4L,0xb99774d357b4411fL,
-        0x87c8bdf415b65bb6L },
-      { 0xda3a89e3c2eef12dL,0xde95bb9b3c7471f3L,0x600f225bd812c594L,
-        0x54907c5d2b75a56bL } },
-    /* 9 << 84 */
-    { { 0xa93cc5f08db60e35L,0x743e3cd6fa833319L,0x7dad5c41f81683c9L,
-        0x70c1e7d99c34107eL },
-      { 0x0edc4a39a6be0907L,0x36d4703586d0b7d3L,0x8c76da03272bfa60L,
-        0x0b4a07ea0f08a414L } },
-    /* 10 << 84 */
-    { { 0x699e4d2945c1dd53L,0xcadc5898231debb5L,0xdf49fcc7a77f00e0L,
-        0x93057bbfa73e5a0eL },
-      { 0x2f8b7ecd027a4cd1L,0x114734b3c614011aL,0xe7a01db767677c68L,
-        0x89d9be5e7e273f4fL } },
-    /* 11 << 84 */
-    { { 0xd225cb2e089808efL,0xf1f7a27dd59e4107L,0x53afc7618211b9c9L,
-        0x0361bc67e6819159L },
-      { 0x2a865d0b7f071426L,0x6a3c1810e7072567L,0x3e3bca1e0d6bcabdL,
-        0xa1b02bc1408591bcL } },
-    /* 12 << 84 */
-    { { 0xe0deee5931fba239L,0xf47424d398bd91d1L,0x0f8886f4071a3c1dL,
-        0x3f7d41e8a819233bL },
-      { 0x708623c2cf6eb998L,0x86bb49af609a287fL,0x942bb24963c90762L,
-        0x0ef6eea555a9654bL } },
-    /* 13 << 84 */
-    { { 0x5f6d2d7236f5defeL,0xfa9922dc56f99176L,0x6c8c5ecef78ce0c7L,
-        0x7b44589dbe09b55eL },
-      { 0xe11b3bca9ea83770L,0xd7fa2c7f2ab71547L,0x2a3dd6fa2a1ddcc0L,
-        0x09acb4305a7b7707L } },
-    /* 14 << 84 */
-    { { 0x4add4a2e649d4e57L,0xcd53a2b01917526eL,0xc526233020b44ac4L,
-        0x4028746abaa2c31dL },
-      { 0x5131839064291d4cL,0xbf48f151ee5ad909L,0xcce57f597b185681L,
-        0x7c3ac1b04854d442L } },
-    /* 15 << 84 */
-    { { 0x65587dc3c093c171L,0xae7acb2424f42b65L,0x5a338adb955996cbL,
-        0xc8e656756051f91bL },
-      { 0x66711fba28b8d0b1L,0x15d74137b6c10a90L,0x70cdd7eb3a232a80L,
-        0xc9e2f07f6191ed24L } },
-    /* 16 << 84 */
-    { { 0xa80d1db6f79588c0L,0xfa52fc69b55768ccL,0x0b4df1ae7f54438aL,
-        0x0cadd1a7f9b46a4fL },
-      { 0xb40ea6b31803dd6fL,0x488e4fa555eaae35L,0x9f047d55382e4e16L,
-        0xc9b5b7e02f6e0c98L } },
-    /* 17 << 84 */
-    { { 0x6b1bd2d395762649L,0xa9604ee7c7aea3f6L,0x3646ff276dc6f896L,
-        0x9bf0e7f52860bad1L },
-      { 0x2d92c8217cb44b92L,0xa2f5ce63aea9c182L,0xd0a2afb19154a5fdL,
-        0x482e474c95801da6L } },
-    /* 18 << 84 */
-    { { 0xc19972d0b611c24bL,0x1d468e6560a8f351L,0xeb7580697bcf6421L,
-        0xec9dd0ee88fbc491L },
-      { 0x5b59d2bf956c2e32L,0x73dc6864dcddf94eL,0xfd5e2321bcee7665L,
-        0xa7b4f8ef5e9a06c4L } },
-    /* 19 << 84 */
-    { { 0xfba918dd7280f855L,0xbbaac2608baec688L,0xa3b3f00f33400f42L,
-        0x3d2dba2966f2e6e4L },
-      { 0xb6f71a9498509375L,0x8f33031fcea423ccL,0x009b8dd04807e6fbL,
-        0x5163cfe55cdb954cL } },
-    /* 20 << 84 */
-    { { 0x03cc8f17cf41c6e8L,0xf1f03c2a037b925cL,0xc39c19cc66d2427cL,
-        0x823d24ba7b6c18e4L },
-      { 0x32ef9013901f0b4fL,0x684360f1f8941c2eL,0x0ebaff522c28092eL,
-        0x7891e4e3256c932fL } },
-    /* 21 << 84 */
-    { { 0x51264319ac445e3dL,0x553432e78ea74381L,0xe6eeaa6967e9c50aL,
-        0x27ced28462e628c7L },
-      { 0x3f96d3757a4afa57L,0xde0a14c3e484c150L,0x364a24eb38bd9923L,
-        0x1df18da0e5177422L } },
-    /* 22 << 84 */
-    { { 0x174e8f82d8d38a9bL,0x2e97c600e7de1391L,0xc5709850a1c175ddL,
-        0x969041a032ae5035L },
-      { 0xcbfd533b76a2086bL,0xd6bba71bd7c2e8feL,0xb2d58ee6099dfb67L,
-        0x3a8b342d064a85d9L } },
-    /* 23 << 84 */
-    { { 0x3bc07649522f9be3L,0x690c075bdf1f49a8L,0x80e1aee83854ec42L,
-        0x2a7dbf4417689dc7L },
-      { 0xc004fc0e3faf4078L,0xb2f02e9edf11862cL,0xf10a5e0fa0a1b7b3L,
-        0x30aca6238936ec80L } },
-    /* 24 << 84 */
-    { { 0xf83cbf0502f40d9aL,0x4681c4682c318a4dL,0x985756180e9c2674L,
-        0xbe79d0461847092eL },
-      { 0xaf1e480a78bd01e0L,0x6dd359e472a51db9L,0x62ce3821e3afbab6L,
-        0xc5cee5b617733199L } },
-    /* 25 << 84 */
-    { { 0xe08b30d46ffd9fbbL,0x6e5bc69936c610b7L,0xf343cff29ce262cfL,
-        0xca2e4e3568b914c1L },
-      { 0x011d64c016de36c5L,0xe0b10fdd42e2b829L,0x789429816685aaf8L,
-        0xe7511708230ede97L } },
-    /* 26 << 84 */
-    { { 0x671ed8fc3b922bf8L,0xe4d8c0a04c29b133L,0x87eb12393b6e99c4L,
-        0xaff3974c8793bebaL },
-      { 0x037494052c18df9bL,0xc5c3a29391007139L,0x6a77234fe37a0b95L,
-        0x02c29a21b661c96bL } },
-    /* 27 << 84 */
-    { { 0xc3aaf1d6141ecf61L,0x9195509e3bb22f53L,0x2959740422d51357L,
-        0x1b083822537bed60L },
-      { 0xcd7d6e35e07289f0L,0x1f94c48c6dd86effL,0xc8bb1f82eb0f9cfaL,
-        0x9ee0b7e61b2eb97dL } },
-    /* 28 << 84 */
-    { { 0x5a52fe2e34d74e31L,0xa352c3103bf79ab6L,0x97ff6c5aabfeeb8fL,
-        0xbfbe8feff5c97305L },
-      { 0xd6081ce6a7904608L,0x1f812f3ac4fca249L,0x9b24bc9ab9e5e200L,
-        0x91022c6738012ee8L } },
-    /* 29 << 84 */
-    { { 0xe83d9c5d30a713a1L,0x4876e3f084ef0f93L,0xc9777029c1fbf928L,
-        0xef7a6bb3bce7d2a4L },
-      { 0xb8067228dfa2a659L,0xd5cd3398d877a48fL,0xbea4fd8f025d0f3fL,
-        0xd67d2e352eae7c2bL } },
-    /* 30 << 84 */
-    { { 0x184de7d7cc5f4394L,0xb5551b5c4536e142L,0x2e89b212d34aa60aL,
-        0x14a96feaf50051d5L },
-      { 0x4e21ef740d12bb0bL,0xc522f02060b9677eL,0x8b12e4672df7731dL,
-        0x39f803827b326d31L } },
-    /* 31 << 84 */
-    { { 0xdfb8630c39024a94L,0xaacb96a897319452L,0xd68a3961eda3867cL,
-        0x0c58e2b077c4ffcaL },
-      { 0x3d545d634da919faL,0xef79b69af15e2289L,0x54bc3d3d808bab10L,
-        0xc8ab300745f82c37L } },
-    /* 32 << 84 */
-    { { 0xc12738b67c4a658aL,0xb3c4763940e72182L,0x3b77be468798e44fL,
-        0xdc047df217a7f85fL },
-      { 0x2439d4c55e59d92dL,0xcedca475e8e64d8dL,0xa724cd0d87ca9b16L,
-        0x35e4fd59a5540dfeL } },
-    /* 33 << 84 */
-    { { 0xf8c1ff18e4bcf6b1L,0x856d6285295018faL,0x433f665c3263c949L,
-        0xa6a76dd6a1f21409L },
-      { 0x17d32334cc7b4f79L,0xa1d0312206720e4aL,0xadb6661d81d9bed5L,
-        0xf0d6fb0211db15d1L } },
-    /* 34 << 84 */
-    { { 0x7fd11ad51fb747d2L,0xab50f9593033762bL,0x2a7e711bfbefaf5aL,
-        0xc73932783fef2bbfL },
-      { 0xe29fa2440df6f9beL,0x9092757b71efd215L,0xee60e3114f3d6fd9L,
-        0x338542d40acfb78bL } },
-    /* 35 << 84 */
-    { { 0x44a23f0838961a0fL,0x1426eade986987caL,0x36e6ee2e4a863cc6L,
-        0x48059420628b8b79L },
-      { 0x30303ad87396e1deL,0x5c8bdc4838c5aad1L,0x3e40e11f5c8f5066L,
-        0xabd6e7688d246bbdL } },
-    /* 36 << 84 */
-    { { 0x68aa40bb23330a01L,0xd23f5ee4c34eafa0L,0x3bbee3155de02c21L,
-        0x18dd4397d1d8dd06L },
-      { 0x3ba1939a122d7b44L,0xe6d3b40aa33870d6L,0x8e620f701c4fe3f8L,
-        0xf6bba1a5d3a50cbfL } },
-    /* 37 << 84 */
-    { { 0x4a78bde5cfc0aee0L,0x847edc46c08c50bdL,0xbaa2439cad63c9b2L,
-        0xceb4a72810fc2acbL },
-      { 0xa419e40e26da033dL,0x6cc3889d03e02683L,0x1cd28559fdccf725L,
-        0x0fd7e0f18d13d208L } },
-    /* 38 << 84 */
-    { { 0x01b9733b1f0df9d4L,0x8cc2c5f3a2b5e4f3L,0x43053bfa3a304fd4L,
-        0x8e87665c0a9f1aa7L },
-      { 0x087f29ecd73dc965L,0x15ace4553e9023dbL,0x2370e3092bce28b4L,
-        0xf9723442b6b1e84aL } },
-    /* 39 << 84 */
-    { { 0xbeee662eb72d9f26L,0xb19396def0e47109L,0x85b1fa73e13289d0L,
-        0x436cf77e54e58e32L },
-      { 0x0ec833b3e990ef77L,0x7373e3ed1b11fc25L,0xbe0eda870fc332ceL,
-        0xced049708d7ea856L } },
-    /* 40 << 84 */
-    { { 0xf85ff7857e977ca0L,0xb66ee8dadfdd5d2bL,0xf5e37950905af461L,
-        0x587b9090966d487cL },
-      { 0x6a198a1b32ba0127L,0xa7720e07141615acL,0xa23f3499996ef2f2L,
-        0xef5f64b4470bcb3dL } },
-    /* 41 << 84 */
-    { { 0xa526a96292b8c559L,0x0c14aac069740a0fL,0x0d41a9e3a6bdc0a5L,
-        0x97d521069c48aef4L },
-      { 0xcf16bd303e7c253bL,0xcc834b1a47fdedc1L,0x7362c6e5373aab2eL,
-        0x264ed85ec5f590ffL } },
-    /* 42 << 84 */
-    { { 0x7a46d9c066d41870L,0xa50c20b14787ba09L,0x185e7e51e3d44635L,
-        0xb3b3e08031e2d8dcL },
-      { 0xbed1e558a179e9d9L,0x2daa3f7974a76781L,0x4372baf23a40864fL,
-        0x46900c544fe75cb5L } },
-    /* 43 << 84 */
-    { { 0xb95f171ef76765d0L,0x4ad726d295c87502L,0x2ec769da4d7c99bdL,
-        0x5e2ddd19c36cdfa8L },
-      { 0xc22117fca93e6deaL,0xe8a2583b93771123L,0xbe2f6089fa08a3a2L,
-        0x4809d5ed8f0e1112L } },
-    /* 44 << 84 */
-    { { 0x3b414aa3da7a095eL,0x9049acf126f5aaddL,0x78d46a4d6be8b84aL,
-        0xd66b1963b732b9b3L },
-      { 0x5c2ac2a0de6e9555L,0xcf52d098b5bd8770L,0x15a15fa60fd28921L,
-        0x56ccb81e8b27536dL } },
-    /* 45 << 84 */
-    { { 0x0f0d8ab89f4ccbb8L,0xed5f44d2db221729L,0x4314198800bed10cL,
-        0xc94348a41d735b8bL },
-      { 0x79f3e9c429ef8479L,0x4c13a4e3614c693fL,0x32c9af568e143a14L,
-        0xbc517799e29ac5c4L } },
-    /* 46 << 84 */
-    { { 0x05e179922774856fL,0x6e52fb056c1bf55fL,0xaeda4225e4f19e16L,
-        0x70f4728aaf5ccb26L },
-      { 0x5d2118d1b2947f22L,0xc827ea16281d6fb9L,0x8412328d8cf0eabdL,
-        0x45ee9fb203ef9dcfL } },
-    /* 47 << 84 */
-    { { 0x8e700421bb937d63L,0xdf8ff2d5cc4b37a6L,0xa4c0d5b25ced7b68L,
-        0x6537c1efc7308f59L },
-      { 0x25ce6a263b37f8e8L,0x170e9a9bdeebc6ceL,0xdd0379528728d72cL,
-        0x445b0e55850154bcL } },
-    /* 48 << 84 */
-    { { 0x4b7d0e0683a7337bL,0x1e3416d4ffecf249L,0x24840eff66a2b71fL,
-        0xd0d9a50ab37cc26dL },
-      { 0xe21981506fe28ef7L,0x3cc5ef1623324c7fL,0x220f3455769b5263L,
-        0xe2ade2f1a10bf475L } },
-    /* 49 << 84 */
-    { { 0x28cd20fa458d3671L,0x1549722c2dc4847bL,0x6dd01e55591941e3L,
-        0x0e6fbcea27128ccbL },
-      { 0xae1a1e6b3bef0262L,0xfa8c472c8f54e103L,0x7539c0a872c052ecL,
-        0xd7b273695a3490e9L } },
-    /* 50 << 84 */
-    { { 0x143fe1f171684349L,0x36b4722e32e19b97L,0xdc05922790980affL,
-        0x175c9c889e13d674L },
-      { 0xa7de5b226e6bfdb1L,0x5ea5b7b2bedb4b46L,0xd5570191d34a6e44L,
-        0xfcf60d2ea24ff7e6L } },
-    /* 51 << 84 */
-    { { 0x614a392d677819e1L,0x7be74c7eaa5a29e8L,0xab50fece63c85f3fL,
-        0xaca2e2a946cab337L },
-      { 0x7f700388122a6fe3L,0xdb69f703882a04a8L,0x9a77935dcf7aed57L,
-        0xdf16207c8d91c86fL } },
-    /* 52 << 84 */
-    { { 0x2fca49ab63ed9998L,0xa3125c44a77ddf96L,0x05dd8a8624344072L,
-        0xa023dda2fec3fb56L },
-      { 0x421b41fc0c743032L,0x4f2120c15e438639L,0xfb7cae51c83c1b07L,
-        0xb2370caacac2171aL } },
-    /* 53 << 84 */
-    { { 0x2eb2d9626cc820fbL,0x59feee5cb85a44bfL,0x94620fca5b6598f0L,
-        0x6b922cae7e314051L },
-      { 0xff8745ad106bed4eL,0x546e71f5dfa1e9abL,0x935c1e481ec29487L,
-        0x9509216c4d936530L } },
-    /* 54 << 84 */
-    { { 0xc7ca306785c9a2dbL,0xd6ae51526be8606fL,0x09dbcae6e14c651dL,
-        0xc9536e239bc32f96L },
-      { 0xa90535a934521b03L,0xf39c526c878756ffL,0x383172ec8aedf03cL,
-        0x20a8075eefe0c034L } },
-    /* 55 << 84 */
-    { { 0xf22f9c6264026422L,0x8dd1078024b9d076L,0x944c742a3bef2950L,
-        0x55b9502e88a2b00bL },
-      { 0xa59e14b486a09817L,0xa39dd3ac47bb4071L,0x55137f663be0592fL,
-        0x07fcafd4c9e63f5bL } },
-    /* 56 << 84 */
-    { { 0x963652ee346eb226L,0x7dfab085ec2facb7L,0x273bf2b8691add26L,
-        0x30d74540f2b46c44L },
-      { 0x05e8e73ef2c2d065L,0xff9b8a00d42eeac9L,0x2fcbd20597209d22L,
-        0xeb740ffade14ea2cL } },
-    /* 57 << 84 */
-    { { 0xc71ff913a8aef518L,0x7bfc74bbfff4cfa2L,0x1716680cb6b36048L,
-        0x121b2cce9ef79af1L },
-      { 0xbff3c836a01eb3d3L,0x50eb1c6a5f79077bL,0xa48c32d6a004bbcfL,
-        0x47a593167d64f61dL } },
-    /* 58 << 84 */
-    { { 0x6068147f93102016L,0x12c5f65494d12576L,0xefb071a7c9bc6b91L,
-        0x7c2da0c56e23ea95L },
-      { 0xf4fd45b6d4a1dd5dL,0x3e7ad9b69122b13cL,0x342ca118e6f57a48L,
-        0x1c2e94a706f8288fL } },
-    /* 59 << 84 */
-    { { 0x99e68f075a97d231L,0x7c80de974d838758L,0xbce0f5d005872727L,
-        0xbe5d95c219c4d016L },
-      { 0x921d5cb19c2492eeL,0x42192dc1404d6fb3L,0x4c84dcd132f988d3L,
-        0xde26d61fa17b8e85L } },
-    /* 60 << 84 */
-    { { 0xc466dcb6137c7408L,0x9a38d7b636a266daL,0x7ef5cb0683bebf1bL,
-        0xe5cdcbbf0fd014e3L },
-      { 0x30aa376df65965a0L,0x60fe88c2ebb3e95eL,0x33fd0b6166ee6f20L,
-        0x8827dcdb3f41f0a0L } },
-    /* 61 << 84 */
-    { { 0xbf8a9d240c56c690L,0x40265dadddb7641dL,0x522b05bf3a6b662bL,
-        0x466d1dfeb1478c9bL },
-      { 0xaa6169621484469bL,0x0db6054902df8f9fL,0xc37bca023cb8bf51L,
-        0x5effe34621371ce8L } },
-    /* 62 << 84 */
-    { { 0xe8f65264ff112c32L,0x8a9c736d7b971fb2L,0xa4f194707b75080dL,
-        0xfc3f2c5a8839c59bL },
-      { 0x1d6c777e5aeb49c2L,0xf3db034dda1addfeL,0xd76fee5a5535affcL,
-        0x0853ac70b92251fdL } },
-    /* 63 << 84 */
-    { { 0x37e3d5948b2a29d5L,0x28f1f4574de00ddbL,0x8083c1b5f42c328bL,
-        0xd8ef1d8fe493c73bL },
-      { 0x96fb626041dc61bdL,0xf74e8a9d27ee2f8aL,0x7c605a802c946a5dL,
-        0xeed48d653839ccfdL } },
-    /* 64 << 84 */
-    { { 0x9894344f3a29467aL,0xde81e949c51eba6dL,0xdaea066ba5e5c2f2L,
-        0x3fc8a61408c8c7b3L },
-      { 0x7adff88f06d0de9fL,0xbbc11cf53b75ce0aL,0x9fbb7accfbbc87d5L,
-        0xa1458e267badfde2L } },
-    /* 0 << 91 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 91 */
-    { { 0x1cb43668e039c256L,0x5f26fb8b7c17fd5dL,0xeee426af79aa062bL,
-        0x072002d0d78fbf04L },
-      { 0x4c9ca237e84fb7e3L,0xb401d8a10c82133dL,0xaaa525926d7e4181L,
-        0xe943083373dbb152L } },
-    /* 2 << 91 */
-    { { 0xf92dda31be24319aL,0x03f7d28be095a8e7L,0xa52fe84098782185L,
-        0x276ddafe29c24dbcL },
-      { 0x80cd54961d7a64ebL,0xe43608897f1dbe42L,0x2f81a8778438d2d5L,
-        0x7e4d52a885169036L } },
-    /* 3 << 91 */
-    { { 0x19e3d5b11d59715dL,0xc7eaa762d788983eL,0xe5a730b0abf1f248L,
-        0xfbab8084fae3fd83L },
-      { 0x65e50d2153765b2fL,0xbdd4e083fa127f3dL,0x9cf3c074397b1b10L,
-        0x59f8090cb1b59fd3L } },
-    /* 4 << 91 */
-    { { 0x7b15fd9d615faa8fL,0x8fa1eb40968554edL,0x7bb4447e7aa44882L,
-        0x2bb2d0d1029fff32L },
-      { 0x075e2a646caa6d2fL,0x8eb879de22e7351bL,0xbcd5624e9a506c62L,
-        0x218eaef0a87e24dcL } },
-    /* 5 << 91 */
-    { { 0x37e5684744ddfa35L,0x9ccfc5c5dab3f747L,0x9ac1df3f1ee96cf4L,
-        0x0c0571a13b480b8fL },
-      { 0x2fbeb3d54b3a7b3cL,0x35c036695dcdbb99L,0x52a0f5dcb2415b3aL,
-        0xd57759b44413ed9aL } },
-    /* 6 << 91 */
-    { { 0x1fe647d83d30a2c5L,0x0857f77ef78a81dcL,0x11d5a334131a4a9bL,
-        0xc0a94af929d393f5L },
-      { 0xbc3a5c0bdaa6ec1aL,0xba9fe49388d2d7edL,0xbb4335b4bb614797L,
-        0x991c4d6872f83533L } },
-    /* 7 << 91 */
-    { { 0x53258c28d2f01cb3L,0x93d6eaa3d75db0b1L,0x419a2b0de87d0db4L,
-        0xa1e48f03d8fe8493L },
-      { 0xf747faf6c508b23aL,0xf137571a35d53549L,0x9f5e58e2fcf9b838L,
-        0xc7186ceea7fd3cf5L } },
-    /* 8 << 91 */
-    { { 0x77b868cee978a1d3L,0xe3a68b337ab92d04L,0x5102979487a5b862L,
-        0x5f0606c33a61d41dL },
-      { 0x2814be276f9326f1L,0x2f521c14c6fe3c2eL,0x17464d7dacdf7351L,
-        0x10f5f9d3777f7e44L } },
-    /* 9 << 91 */
-    { { 0xce8e616b269fb37dL,0xaaf738047de62de5L,0xaba111754fdd4153L,
-        0x515759ba3770b49bL },
-      { 0x8b09ebf8aa423a61L,0x592245a1cd41fb92L,0x1cba8ec19b4c8936L,
-        0xa87e91e3af36710eL } },
-    /* 10 << 91 */
-    { { 0x1fd84ce43d34a2e3L,0xee3759ceb43b5d61L,0x895bc78c619186c7L,
-        0xf19c3809cbb9725aL },
-      { 0xc0be21aade744b1fL,0xa7d222b060f8056bL,0x74be6157b23efe11L,
-        0x6fab2b4f0cd68253L } },
-    /* 11 << 91 */
-    { { 0xad33ea5f4bf1d725L,0x9c1d8ee24f6c950fL,0x544ee78aa377af06L,
-        0x54f489bb94a113e1L },
-      { 0x8f11d634992fb7e8L,0x0169a7aaa2a44347L,0x1d49d4af95020e00L,
-        0x95945722e08e120bL } },
-    /* 12 << 91 */
-    { { 0xb6e33878a4d32282L,0xe36e029d48020ae7L,0xe05847fb37a9b750L,
-        0xf876812cb29e3819L },
-      { 0x84ad138ed23a17f0L,0x6d7b4480f0b3950eL,0xdfa8aef42fd67ae0L,
-        0x8d3eea2452333af6L } },
-    /* 13 << 91 */
-    { { 0x0d052075b15d5accL,0xc6d9c79fbd815bc4L,0x8dcafd88dfa36cf2L,
-        0x908ccbe238aa9070L },
-      { 0x638722c4ba35afceL,0x5a3da8b0fd6abf0bL,0x2dce252cc9c335c1L,
-        0x84e7f0de65aa799bL } },
-    /* 14 << 91 */
-    { { 0x2101a522b99a72cbL,0x06de6e6787618016L,0x5ff8c7cde6f3653eL,
-        0x0a821ab5c7a6754aL },
-      { 0x7e3fa52b7cb0b5a2L,0xa7fb121cc9048790L,0x1a72502006ce053aL,
-        0xb490a31f04e929b0L } },
-    /* 15 << 91 */
-    { { 0xe17be47d62dd61adL,0x781a961c6be01371L,0x1063bfd3dae3cbbaL,
-        0x356474067f73c9baL },
-      { 0xf50e957b2736a129L,0xa6313702ed13f256L,0x9436ee653a19fcc5L,
-        0xcf2bdb29e7a4c8b6L } },
-    /* 16 << 91 */
-    { { 0xb06b1244c5f95cd8L,0xda8c8af0f4ab95f4L,0x1bae59c2b9e5836dL,
-        0x07d51e7e3acffffcL },
-      { 0x01e15e6ac2ccbcdaL,0x3bc1923f8528c3e0L,0x43324577a49fead4L,
-        0x61a1b8842aa7a711L } },
-    /* 17 << 91 */
-    { { 0xf9a86e08700230efL,0x0af585a1bd19adf8L,0x7645f361f55ad8f2L,
-        0x6e67622346c3614cL },
-      { 0x23cb257c4e774d3fL,0x82a38513ac102d1bL,0x9bcddd887b126aa5L,
-        0xe716998beefd3ee4L } },
-    /* 18 << 91 */
-    { { 0x4239d571fb167583L,0xdd011c78d16c8f8aL,0x271c289569a27519L,
-        0x9ce0a3b7d2d64b6aL },
-      { 0x8c977289d5ec6738L,0xa3b49f9a8840ef6bL,0x808c14c99a453419L,
-        0x5c00295b0cf0a2d5L } },
-    /* 19 << 91 */
-    { { 0x524414fb1d4bcc76L,0xb07691d2459a88f1L,0x77f43263f70d110fL,
-        0x64ada5e0b7abf9f3L },
-      { 0xafd0f94e5b544cf5L,0xb4a13a15fd2713feL,0xb99b7d6e250c74f4L,
-        0x097f2f7320324e45L } },
-    /* 20 << 91 */
-    { { 0x994b37d8affa8208L,0xc3c31b0bdc29aafcL,0x3da746517a3a607fL,
-        0xd8e1b8c1fe6955d6L },
-      { 0x716e1815c8418682L,0x541d487f7dc91d97L,0x48a04669c6996982L,
-        0xf39cab1583a6502eL } },
-    /* 21 << 91 */
-    { { 0x025801a0e68db055L,0xf3569758ba3338d5L,0xb0c8c0aaee2afa84L,
-        0x4f6985d3fb6562d1L },
-      { 0x351f1f15132ed17aL,0x510ed0b4c04365feL,0xa3f98138e5b1f066L,
-        0xbc9d95d632df03dcL } },
-    /* 22 << 91 */
-    { { 0xa83ccf6e19abd09eL,0x0b4097c14ff17edbL,0x58a5c478d64a06ceL,
-        0x2ddcc3fd544a58fdL },
-      { 0xd449503d9e8153b8L,0x3324fd027774179bL,0xaf5d47c8dbd9120cL,
-        0xeb86016234fa94dbL } },
-    /* 23 << 91 */
-    { { 0x5817bdd1972f07f4L,0xe5579e2ed27bbcebL,0x86847a1f5f11e5a6L,
-        0xb39ed2557c3cf048L },
-      { 0xe1076417a2f62e55L,0x6b9ab38f1bcf82a2L,0x4bb7c3197aeb29f9L,
-        0xf6d17da317227a46L } },
-    /* 24 << 91 */
-    { { 0xab53ddbd0f968c00L,0xa03da7ec000c880bL,0x7b2396246a9ad24dL,
-        0x612c040101ec60d0L },
-      { 0x70d10493109f5df1L,0xfbda403080af7550L,0x30b93f95c6b9a9b3L,
-        0x0c74ec71007d9418L } },
-    /* 25 << 91 */
-    { { 0x941755646edb951fL,0x5f4a9d787f22c282L,0xb7870895b38d1196L,
-        0xbc593df3a228ce7cL },
-      { 0xc78c5bd46af3641aL,0x7802200b3d9b3dccL,0x0dc73f328be33304L,
-        0x847ed87d61ffb79aL } },
-    /* 26 << 91 */
-    { { 0xf85c974e6d671192L,0x1e14100ade16f60fL,0x45cb0d5a95c38797L,
-        0x18923bba9b022da4L },
-      { 0xef2be899bbe7e86eL,0x4a1510ee216067bfL,0xd98c815484d5ce3eL,
-        0x1af777f0f92a2b90L } },
-    /* 27 << 91 */
-    { { 0x9fbcb4004ef65724L,0x3e04a4c93c0ca6feL,0xfb3e2cb555002994L,
-        0x1f3a93c55363ecabL },
-      { 0x1fe00efe3923555bL,0x744bedd91e1751eaL,0x3fb2db596ab69357L,
-        0x8dbd7365f5e6618bL } },
-    /* 28 << 91 */
-    { { 0x99d53099df1ea40eL,0xb3f24a0b57d61e64L,0xd088a198596eb812L,
-        0x22c8361b5762940bL },
-      { 0x66f01f97f9c0d95cL,0x884611728e43cdaeL,0x11599a7fb72b15c3L,
-        0x135a7536420d95ccL } },
-    /* 29 << 91 */
-    { { 0x2dcdf0f75f7ae2f6L,0x15fc6e1dd7fa6da2L,0x81ca829ad1d441b6L,
-        0x84c10cf804a106b6L },
-      { 0xa9b26c95a73fbbd0L,0x7f24e0cb4d8f6ee8L,0x48b459371e25a043L,
-        0xf8a74fca036f3dfeL } },
-    /* 30 << 91 */
-    { { 0x1ed46585c9f84296L,0x7fbaa8fb3bc278b0L,0xa8e96cd46c4fcbd0L,
-        0x940a120273b60a5fL },
-      { 0x34aae12055a4aec8L,0x550e9a74dbd742f0L,0x794456d7228c68abL,
-        0x492f8868a4e25ec6L } },
-    /* 31 << 91 */
-    { { 0x682915adb2d8f398L,0xf13b51cc5b84c953L,0xcda90ab85bb917d6L,
-        0x4b6155604ea3dee1L },
-      { 0x578b4e850a52c1c8L,0xeab1a69520b75fc4L,0x60c14f3caa0bb3c6L,
-        0x220f448ab8216094L } },
-    /* 32 << 91 */
-    { { 0x4fe7ee31b0e63d34L,0xf4600572a9e54fabL,0xc0493334d5e7b5a4L,
-        0x8589fb9206d54831L },
-      { 0xaa70f5cc6583553aL,0x0879094ae25649e5L,0xcc90450710044652L,
-        0xebb0696d02541c4fL } },
-    /* 33 << 91 */
-    { { 0x5a171fdeb9718710L,0x38f1bed8f374a9f5L,0xc8c582e1ba39bdc1L,
-        0xfc457b0a908cc0ceL },
-      { 0x9a187fd4883841e2L,0x8ec25b3938725381L,0x2553ed0596f84395L,
-        0x095c76616f6c6897L } },
-    /* 34 << 91 */
-    { { 0x917ac85c4bdc5610L,0xb2885fe4179eb301L,0x5fc655478b78bdccL,
-        0x4a9fc893e59e4699L },
-      { 0xbb7ff0cd3ce299afL,0x195be9b3adf38b20L,0x6a929c87d38ddb8fL,
-        0x55fcc99cb21a51b9L } },
-    /* 35 << 91 */
-    { { 0x2b695b4c721a4593L,0xed1e9a15768eaac2L,0xfb63d71c7489f914L,
-        0xf98ba31c78118910L },
-      { 0x802913739b128eb4L,0x7801214ed448af4aL,0xdbd2e22b55418dd3L,
-        0xeffb3c0dd3998242L } },
-    /* 36 << 91 */
-    { { 0xdfa6077cc7bf3827L,0xf2165bcb47f8238fL,0xfe37cf688564d554L,
-        0xe5f825c40a81fb98L },
-      { 0x43cc4f67ffed4d6fL,0xbc609578b50a34b0L,0x8aa8fcf95041faf1L,
-        0x5659f053651773b6L } },
-    /* 37 << 91 */
-    { { 0xe87582c36044d63bL,0xa60894090cdb0ca0L,0x8c993e0fbfb2bcf6L,
-        0xfc64a71945985cfcL },
-      { 0x15c4da8083dbedbaL,0x804ae1122be67df7L,0xda4c9658a23defdeL,
-        0x12002ddd5156e0d3L } },
-    /* 38 << 91 */
-    { { 0xe68eae895dd21b96L,0x8b99f28bcf44624dL,0x0ae008081ec8897aL,
-        0xdd0a93036712f76eL },
-      { 0x962375224e233de4L,0x192445b12b36a8a5L,0xabf9ff74023993d9L,
-        0x21f37bf42aad4a8fL } },
-    /* 39 << 91 */
-    { { 0x340a4349f8bd2bbdL,0x1d902cd94868195dL,0x3d27bbf1e5fdb6f1L,
-        0x7a5ab088124f9f1cL },
-      { 0xc466ab06f7a09e03L,0x2f8a197731f2c123L,0xda355dc7041b6657L,
-        0xcb840d128ece2a7cL } },
-    /* 40 << 91 */
-    { { 0xb600ad9f7db32675L,0x78fea13307a06f1bL,0x5d032269b31f6094L,
-        0x07753ef583ec37aaL },
-      { 0x03485aed9c0bea78L,0x41bb3989bc3f4524L,0x09403761697f726dL,
-        0x6109beb3df394820L } },
-    /* 41 << 91 */
-    { { 0x804111ea3b6d1145L,0xb6271ea9a8582654L,0x619615e624e66562L,
-        0xa2554945d7b6ad9cL },
-      { 0xd9c4985e99bfe35fL,0x9770ccc07b51cdf6L,0x7c32701392881832L,
-        0x8777d45f286b26d1L } },
-    /* 42 << 91 */
-    { { 0x9bbeda22d847999dL,0x03aa33b6c3525d32L,0x4b7b96d428a959a1L,
-        0xbb3786e531e5d234L },
-      { 0xaeb5d3ce6961f247L,0x20aa85af02f93d3fL,0x9cd1ad3dd7a7ae4fL,
-        0xbf6688f0781adaa8L } },
-    /* 43 << 91 */
-    { { 0xb1b40e867469ceadL,0x1904c524309fca48L,0x9b7312af4b54bbc7L,
-        0xbe24bf8f593affa2L },
-      { 0xbe5e0790bd98764bL,0xa0f45f17a26e299eL,0x4af0d2c26b8fe4c7L,
-        0xef170db18ae8a3e6L } },
-    /* 44 << 91 */
-    { { 0x0e8d61a029e0ccc1L,0xcd53e87e60ad36caL,0x328c6623c8173822L,
-        0x7ee1767da496be55L },
-      { 0x89f13259648945afL,0x9e45a5fd25c8009cL,0xaf2febd91f61ab8cL,
-        0x43f6bc868a275385L } },
-    /* 45 << 91 */
-    { { 0x87792348f2142e79L,0x17d89259c6e6238aL,0x7536d2f64a839d9bL,
-        0x1f428fce76a1fbdcL },
-      { 0x1c1096010db06dfeL,0xbfc16bc150a3a3ccL,0xf9cbd9ec9b30f41bL,
-        0x5b5da0d600138cceL } },
-    /* 46 << 91 */
-    { { 0xec1d0a4856ef96a7L,0xb47eb848982bf842L,0x66deae32ec3f700dL,
-        0x4e43c42caa1181e0L },
-      { 0xa1d72a31d1a4aa2aL,0x440d4668c004f3ceL,0x0d6a2d3b45fe8a7aL,
-        0x820e52e2fb128365L } },
-    /* 47 << 91 */
-    { { 0x29ac5fcf25e51b09L,0x180cd2bf2023d159L,0xa9892171a1ebf90eL,
-        0xf97c4c877c132181L },
-      { 0x9f1dc724c03dbb7eL,0xae043765018cbbe4L,0xfb0b2a360767d153L,
-        0xa8e2f4d6249cbaebL } },
-    /* 48 << 91 */
-    { { 0x172a5247d95ea168L,0x1758fada2970764aL,0xac803a511d978169L,
-        0x299cfe2ede77e01bL },
-      { 0x652a1e17b0a98927L,0x2e26e1d120014495L,0x7ae0af9f7175b56aL,
-        0xc2e22a80d64b9f95L } },
-    /* 49 << 91 */
-    { { 0x4d0ff9fbd90a060aL,0x496a27dbbaf38085L,0x32305401da776bcfL,
-        0xb8cdcef6725f209eL },
-      { 0x61ba0f37436a0bbaL,0x263fa10876860049L,0x92beb98eda3542cfL,
-        0xa2d4d14ad5849538L } },
-    /* 50 << 91 */
-    { { 0x989b9d6812e9a1bcL,0x61d9075c5f6e3268L,0x352c6aa999ace638L,
-        0xde4e4a55920f43ffL },
-      { 0xe5e4144ad673c017L,0x667417ae6f6e05eaL,0x613416aedcd1bd56L,
-        0x5eb3620186693711L } },
-    /* 51 << 91 */
-    { { 0x2d7bc5043a1aa914L,0x175a129976dc5975L,0xe900e0f23fc8125cL,
-        0x569ef68c11198875L },
-      { 0x9012db6363a113b4L,0xe3bd3f5698835766L,0xa5c94a5276412deaL,
-        0xad9e2a09aa735e5cL } },
-    /* 52 << 91 */
-    { { 0x405a984c508b65e9L,0xbde4a1d16df1a0d1L,0x1a9433a1dfba80daL,
-        0xe9192ff99440ad2eL },
-      { 0x9f6496965099fe92L,0x25ddb65c0b27a54aL,0x178279ddc590da61L,
-        0x5479a999fbde681aL } },
-    /* 53 << 91 */
-    { { 0xd0e84e05013fe162L,0xbe11dc92632d471bL,0xdf0b0c45fc0e089fL,
-        0x04fb15b04c144025L },
-      { 0xa61d5fc213c99927L,0xa033e9e03de2eb35L,0xf8185d5cb8dacbb4L,
-        0x9a88e2658644549dL } },
-    /* 54 << 91 */
-    { { 0xf717af6254671ff6L,0x4bd4241b5fa58603L,0x06fba40be67773c0L,
-        0xc1d933d26a2847e9L },
-      { 0xf4f5acf3689e2c70L,0x92aab0e746bafd31L,0x798d76aa3473f6e5L,
-        0xcc6641db93141934L } },
-    /* 55 << 91 */
-    { { 0xcae27757d31e535eL,0x04cc43b687c2ee11L,0x8d1f96752e029ffaL,
-        0xc2150672e4cc7a2cL },
-      { 0x3b03c1e08d68b013L,0xa9d6816fedf298f3L,0x1bfbb529a2804464L,
-        0x95a52fae5db22125L } },
-    /* 56 << 91 */
-    { { 0x55b321600e1cb64eL,0x004828f67e7fc9feL,0x13394b821bb0fb93L,
-        0xb6293a2d35f1a920L },
-      { 0xde35ef21d145d2d9L,0xbe6225b3bb8fa603L,0x00fc8f6b32cf252dL,
-        0xa28e52e6117cf8c2L } },
-    /* 57 << 91 */
-    { { 0x9d1dc89b4c371e6dL,0xcebe067536ef0f28L,0x5de05d09a4292f81L,
-        0xa8303593353e3083L },
-      { 0xa1715b0a7e37a9bbL,0x8c56f61e2b8faec3L,0x5250743133c9b102L,
-        0x0130cefca44431f0L } },
-    /* 58 << 91 */
-    { { 0x56039fa0bd865cfbL,0x4b03e578bc5f1dd7L,0x40edf2e4babe7224L,
-        0xc752496d3a1988f6L },
-      { 0xd1572d3b564beb6bL,0x0db1d11039a1c608L,0x568d193416f60126L,
-        0x05ae9668f354af33L } },
-    /* 59 << 91 */
-    { { 0x19de6d37c92544f2L,0xcc084353a35837d5L,0xcbb6869c1a514eceL,
-        0xb633e7282e1d1066L },
-      { 0xf15dd69f936c581cL,0x96e7b8ce7439c4f9L,0x5e676f482e448a5bL,
-        0xb2ca7d5bfd916bbbL } },
-    /* 60 << 91 */
-    { { 0xd55a2541f5024025L,0x47bc5769e4c2d937L,0x7d31b92a0362189fL,
-        0x83f3086eef7816f9L },
-      { 0xf9f46d94b587579aL,0xec2d22d830e76c5fL,0x27d57461b000ffcfL,
-        0xbb7e65f9364ffc2cL } },
-    /* 61 << 91 */
-    { { 0x7c7c94776652a220L,0x61618f89d696c981L,0x5021701d89effff3L,
-        0xf2c8ff8e7c314163L },
-      { 0x2da413ad8efb4d3eL,0x937b5adfce176d95L,0x22867d342a67d51cL,
-        0x262b9b1018eb3ac9L } },
-    /* 62 << 91 */
-    { { 0x4e314fe4c43ff28bL,0x764766276a664e7aL,0x3e90e40bb7a565c2L,
-        0x8588993ac1acf831L },
-      { 0xd7b501d68f938829L,0x996627ee3edd7d4cL,0x37d44a6290cd34c7L,
-        0xa8327499f3833e8dL } },
-    /* 63 << 91 */
-    { { 0x2e18917d4bf50353L,0x85dd726b556765fbL,0x54fe65d693d5ab66L,
-        0x3ddbaced915c25feL },
-      { 0xa799d9a412f22e85L,0xe2a248676d06f6bcL,0xf4f1ee5643ca1637L,
-        0xfda2828b61ece30aL } },
-    /* 64 << 91 */
-    { { 0x758c1a3ea2dee7a6L,0xdcde2f3c734b2284L,0xaba445d24eaba6adL,
-        0x35aaf66876cee0a7L },
-      { 0x7e0b04a9e5aa049aL,0xe74083ad91103e84L,0xbeb183ce40afecc3L,
-        0x6b89de9fea043f7aL } },
-    /* 0 << 98 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 98 */
-    { { 0x0e299d23fe67ba66L,0x9145076093cf2f34L,0xf45b5ea997fcf913L,
-        0x5be008438bd7dddaL },
-      { 0x358c3e05d53ff04dL,0xbf7ccdc35de91ef7L,0xad684dbfb69ec1a0L,
-        0x367e7cf2801fd997L } },
-    /* 2 << 98 */
-    { { 0x0ca1f3b7b0dc8595L,0x27de46089f1d9f2eL,0x1af3bf39badd82a7L,
-        0x79356a7965862448L },
-      { 0xc0602345f5f9a052L,0x1a8b0f89139a42f9L,0xb53eee42844d40fcL,
-        0x93b0bfe54e5b6368L } },
-    /* 3 << 98 */
-    { { 0x5434dd02c024789cL,0x90dca9ea41b57bfcL,0x8aa898e2243398dfL,
-        0xf607c834894a94bbL },
-      { 0xbb07be97c2c99b76L,0x6576ba6718c29302L,0x3d79efcce703a88cL,
-        0xf259ced7b6a0d106L } },
-    /* 4 << 98 */
-    { { 0x0f893a5dc8de610bL,0xe8c515fb67e223ceL,0x7774bfa64ead6dc5L,
-        0x89d20f95925c728fL },
-      { 0x7a1e0966098583ceL,0xa2eedb9493f2a7d7L,0x1b2820974c304d4aL,
-        0x0842e3dac077282dL } },
-    /* 5 << 98 */
-    { { 0xe4d972a33b9e2d7bL,0x7cc60b27c48218ffL,0x8fc7083884149d91L,
-        0x5c04346f2f461eccL },
-      { 0xebe9fdf2614650a9L,0x5e35b537c1f666acL,0x645613d188babc83L,
-        0x88cace3ac5e1c93eL } },
-    /* 6 << 98 */
-    { { 0x209ca3753de92e23L,0xccb03cc85fbbb6e3L,0xccb90f03d7b1487eL,
-        0xfa9c2a38c710941fL },
-      { 0x756c38236724ceedL,0x3a902258192d0323L,0xb150e519ea5e038eL,
-        0xdcba2865c7427591L } },
-    /* 7 << 98 */
-    { { 0xe549237f78890732L,0xc443bef953fcb4d9L,0x9884d8a6eb3480d6L,
-        0x8a35b6a13048b186L },
-      { 0xb4e4471665e9a90aL,0x45bf380d653006c0L,0x8f3f820d4fe9ae3bL,
-        0x244a35a0979a3b71L } },
-    /* 8 << 98 */
-    { { 0xa1010e9d74cd06ffL,0x9c17c7dfaca3eeacL,0x74c86cd38063aa2bL,
-        0x8595c4b3734614ffL },
-      { 0xa3de00ca990f62ccL,0xd9bed213ca0c3be5L,0x7886078adf8ce9f5L,
-        0xddb27ce35cd44444L } },
-    /* 9 << 98 */
-    { { 0xed374a6658926dddL,0x138b2d49908015b8L,0x886c6579de1f7ab8L,
-        0x888b9aa0c3020b7aL },
-      { 0xd3ec034e3a96e355L,0xba65b0b8f30fbe9aL,0x064c8e50ff21367aL,
-        0x1f508ea40b04b46eL } },
-    /* 10 << 98 */
-    { { 0x98561a49747c866cL,0xbbb1e5fe0518a062L,0x20ff4e8becdc3608L,
-        0x7f55cded20184027L },
-      { 0x8d73ec95f38c85f0L,0x5b589fdf8bc3b8c3L,0xbe95dd980f12b66fL,
-        0xf5bd1a090e338e01L } },
-    /* 11 << 98 */
-    { { 0x65163ae55e915918L,0x6158d6d986f8a46bL,0x8466b538eeebf99cL,
-        0xca8761f6bca477efL },
-      { 0xaf3449c29ebbc601L,0xef3b0f41e0c3ae2fL,0xaa6c577d5de63752L,
-        0xe916660164682a51L } },
-    /* 12 << 98 */
-    { { 0x5a3097befc15aa1eL,0x40d12548b54b0745L,0x5bad4706519a5f12L,
-        0xed03f717a439dee6L },
-      { 0x0794bb6c4a02c499L,0xf725083dcffe71d2L,0x2cad75190f3adcafL,
-        0x7f68ea1c43729310L } },
-    /* 13 << 98 */
-    { { 0xe747c8c7b7ffd977L,0xec104c3580761a22L,0x8395ebaf5a3ffb83L,
-        0xfb3261f4e4b63db7L },
-      { 0x53544960d883e544L,0x13520d708cc2eeb8L,0x08f6337bd3d65f99L,
-        0x83997db2781cf95bL } },
-    /* 14 << 98 */
-    { { 0xce6ff1060dbd2c01L,0x4f8eea6b1f9ce934L,0x546f7c4b0e993921L,
-        0x6236a3245e753fc7L },
-      { 0x65a41f84a16022e9L,0x0c18d87843d1dbb2L,0x73c556402d4cef9cL,
-        0xa042810870444c74L } },
-    /* 15 << 98 */
-    { { 0x68e4f15e9afdfb3cL,0x49a561435bdfb6dfL,0xa9bc1bd45f823d97L,
-        0xbceb5970ea111c2aL },
-      { 0x366b455fb269bbc4L,0x7cd85e1ee9bc5d62L,0xc743c41c4f18b086L,
-        0xa4b4099095294fb9L } },
-    /* 16 << 98 */
-    { { 0x9c7c581d26ee8382L,0xcf17dcc5359d638eL,0xee8273abb728ae3dL,
-        0x1d112926f821f047L },
-      { 0x1149847750491a74L,0x687fa761fde0dfb9L,0x2c2580227ea435abL,
-        0x6b8bdb9491ce7e3fL } },
-    /* 17 << 98 */
-    { { 0x4c5b5dc93bf834aaL,0x043718194f6c7e4bL,0xc284e00a3736bcadL,
-        0x0d88111821ae8f8dL },
-      { 0xf9cf0f82f48c8e33L,0xa11fd075a1bf40dbL,0xdceab0dedc2733e5L,
-        0xc560a8b58e986bd7L } },
-    /* 18 << 98 */
-    { { 0x48dd1fe23929d097L,0x3885b29092f188f1L,0x0f2ae613da6fcdacL,
-        0x9054303eb662a46cL },
-      { 0xb6871e440738042aL,0x98e6a977bdaf6449L,0xd8bc0650d1c9df1bL,
-        0xef3d645136e098f9L } },
-    /* 19 << 98 */
-    { { 0x03fbae82b6d72d28L,0x77ca9db1f5d84080L,0x8a112cffa58efc1cL,
-        0x518d761cc564cb4aL },
-      { 0x69b5740ef0d1b5ceL,0x717039cce9eb1785L,0x3fe29f9022f53382L,
-        0x8e54ba566bc7c95cL } },
-    /* 20 << 98 */
-    { { 0x9c806d8af7f91d0fL,0x3b61b0f1a82a5728L,0x4640032d94d76754L,
-        0x273eb5de47d834c6L },
-      { 0x2988abf77b4e4d53L,0xb7ce66bfde401777L,0x9fba6b32715071b3L,
-        0x82413c24ad3a1a98L } },
-    /* 21 << 98 */
-    { { 0x5b7fc8c4e0e8ad93L,0xb5679aee5fab868dL,0xb1f9d2fa2b3946f3L,
-        0x458897dc5685b50aL },
-      { 0x1e98c93089d0caf3L,0x39564c5f78642e92L,0x1b77729a0dbdaf18L,
-        0xf9170722579e82e6L } },
-    /* 22 << 98 */
-    { { 0x680c0317e4515fa5L,0xf85cff84fb0c790fL,0xc7a82aab6d2e0765L,
-        0x7446bca935c82b32L },
-      { 0x5de607aa6d63184fL,0x7c1a46a8262803a6L,0xd218313daebe8035L,
-        0x92113ffdc73c51f8L } },
-    /* 23 << 98 */
-    { { 0x4b38e08312e7e46cL,0x69d0a37a56126bd5L,0xfb3f324b73c07e04L,
-        0xa0c22f678fda7267L },
-      { 0x8f2c00514d2c7d8fL,0xbc45ced3cbe2cae5L,0xe1c6cf07a8f0f277L,
-        0xbc3923121eb99a98L } },
-    /* 24 << 98 */
-    { { 0x75537b7e3cc8ac85L,0x8d725f57dd02753bL,0xfd05ff64b737df2fL,
-        0x55fe8712f6d2531dL },
-      { 0x57ce04a96ab6b01cL,0x69a02a897cd93724L,0x4f82ac35cf86699bL,
-        0x8242d3ad9cb4b232L } },
-    /* 25 << 98 */
-    { { 0x713d0f65d62105e5L,0xbb222bfa2d29be61L,0xf2f9a79e6cfbef09L,
-        0xfc24d8d3d5d6782fL },
-      { 0x5db77085d4129967L,0xdb81c3ccdc3c2a43L,0x9d655fc005d8d9a3L,
-        0x3f5d057a54298026L } },
-    /* 26 << 98 */
-    { { 0x1157f56d88c54694L,0xb26baba59b09573eL,0x2cab03b022adffd1L,
-        0x60a412c8dd69f383L },
-      { 0xed76e98b54b25039L,0xd4ee67d3687e714dL,0x877396487b00b594L,
-        0xce419775c9ef709bL } },
-    /* 27 << 98 */
-    { { 0x40f76f851c203a40L,0x30d352d6eafd8f91L,0xaf196d3d95578dd2L,
-        0xea4bb3d777cc3f3dL },
-      { 0x42a5bd03b98e782bL,0xac958c400624920dL,0xb838134cfc56fcc8L,
-        0x86ec4ccf89572e5eL } },
-    /* 28 << 98 */
-    { { 0x69c435269be47be0L,0x323b7dd8cb28fea1L,0xfa5538ba3a6c67e5L,
-        0xef921d701d378e46L },
-      { 0xf92961fc3c4b880eL,0x3f6f914e98940a67L,0xa990eb0afef0ff39L,
-        0xa6c2920ff0eeff9cL } },
-    /* 29 << 98 */
-    { { 0xca80416651b8d9a3L,0x42531bc90ffb0db1L,0x72ce4718aa82e7ceL,
-        0x6e199913df574741L },
-      { 0xd5f1b13dd5d36946L,0x8255dc65f68f0194L,0xdc9df4cd8710d230L,
-        0x3453c20f138c1988L } },
-    /* 30 << 98 */
-    { { 0x9af98dc089a6ef01L,0x4dbcc3f09857df85L,0x348056015c1ad924L,
-        0x40448da5d0493046L },
-      { 0xf629926d4ee343e2L,0x6343f1bd90e8a301L,0xefc9349140815b3fL,
-        0xf882a423de8f66fbL } },
-    /* 31 << 98 */
-    { { 0x3a12d5f4e7db9f57L,0x7dfba38a3c384c27L,0x7a904bfd6fc660b1L,
-        0xeb6c5db32773b21cL },
-      { 0xc350ee661cdfe049L,0x9baac0ce44540f29L,0xbc57b6aba5ec6aadL,
-        0x167ce8c30a7c1baaL } },
-    /* 32 << 98 */
-    { { 0xb23a03a553fb2b56L,0x6ce141e74e057f78L,0x796525c389e490d9L,
-        0x0bc95725a31a7e75L },
-      { 0x1ec567911220fd06L,0x716e3a3c408b0bd6L,0x31cd6bf7e8ebeba9L,
-        0xa7326ca6bee6b670L } },
-    /* 33 << 98 */
-    { { 0x3d9f851ccd090c43L,0x561e8f13f12c3988L,0x50490b6a904b7be4L,
-        0x61690ce10410737bL },
-      { 0x299e9a370f009052L,0x258758f0f026092eL,0x9fa255f3fdfcdc0fL,
-        0xdbc9fb1fc0e1bcd2L } },
-    /* 34 << 98 */
-    { { 0x35f9dd6e24651840L,0xdca45a84a5c59abcL,0x103d396fecca4938L,
-        0x4532da0ab97b3f29L },
-      { 0xc4135ea51999a6bfL,0x3aa9505a5e6bf2eeL,0xf77cef063f5be093L,
-        0x97d1a0f8a943152eL } },
-    /* 35 << 98 */
-    { { 0x2cb0ebba2e1c21ddL,0xf41b29fc2c6797c4L,0xc6e17321b300101fL,
-        0x4422b0e9d0d79a89L },
-      { 0x49e4901c92f1bfc4L,0x06ab1f8fe1e10ed9L,0x84d35577db2926b8L,
-        0xca349d39356e8ec2L } },
-    /* 36 << 98 */
-    { { 0x70b63d32343bf1a9L,0x8fd3bd2837d1a6b1L,0x0454879c316865b4L,
-        0xee959ff6c458efa2L },
-      { 0x0461dcf89706dc3fL,0x737db0e2164e4b2eL,0x092626802f8843c8L,
-        0x54498bbc7745e6f6L } },
-    /* 37 << 98 */
-    { { 0x359473faa29e24afL,0xfcc3c45470aa87a1L,0xfd2c4bf500573aceL,
-        0xb65b514e28dd1965L },
-      { 0xe46ae7cf2193e393L,0x60e9a4e1f5444d97L,0xe7594e9600ff38edL,
-        0x43d84d2f0a0e0f02L } },
-    /* 38 << 98 */
-    { { 0x8b6db141ee398a21L,0xb88a56aee3bcc5beL,0x0a1aa52f373460eaL,
-        0x20da1a56160bb19bL },
-      { 0xfb54999d65bf0384L,0x71a14d245d5a180eL,0xbc44db7b21737b04L,
-        0xd84fcb1801dd8e92L } },
-    /* 39 << 98 */
-    { { 0x80de937bfa44b479L,0x535054995c98fd4fL,0x1edb12ab28f08727L,
-        0x4c58b582a5f3ef53L },
-      { 0xbfb236d88327f246L,0xc3a3bfaa4d7df320L,0xecd96c59b96024f2L,
-        0xfc293a537f4e0433L } },
-    /* 40 << 98 */
-    { { 0x5341352b5acf6e10L,0xc50343fdafe652c3L,0x4af3792d18577a7fL,
-        0xe1a4c617af16823dL },
-      { 0x9b26d0cd33425d0aL,0x306399ed9b7bc47fL,0x2a792f33706bb20bL,
-        0x3121961498111055L } },
-    /* 41 << 98 */
-    { { 0x864ec06487f5d28bL,0x11392d91962277fdL,0xb5aa7942bb6aed5fL,
-        0x080094dc47e799d9L },
-      { 0x4afa588c208ba19bL,0xd3e7570f8512f284L,0xcbae64e602f5799aL,
-        0xdeebe7ef514b9492L } },
-    /* 42 << 98 */
-    { { 0x30300f98e5c298ffL,0x17f561be3678361fL,0xf52ff31298cb9a16L,
-        0x6233c3bc5562d490L },
-      { 0x7bfa15a192e3a2cbL,0x961bcfd1e6365119L,0x3bdd29bf2c8c53b1L,
-        0x739704df822844baL } },
-    /* 43 << 98 */
-    { { 0x7dacfb587e7b754bL,0x23360791a806c9b9L,0xe7eb88c923504452L,
-        0x2983e996852c1783L },
-      { 0xdd4ae529958d881dL,0x026bae03262c7b3cL,0x3a6f9193960b52d1L,
-        0xd0980f9092696cfbL } },
-    /* 44 << 98 */
-    { { 0x4c1f428cd5f30851L,0x94dfed272a4f6630L,0x4df53772fc5d48a4L,
-        0xdd2d5a2f933260ceL },
-      { 0x574115bdd44cc7a5L,0x4ba6b20dbd12533aL,0x30e93cb8243057c9L,
-        0x794c486a14de320eL } },
-    /* 45 << 98 */
-    { { 0xe925d4cef21496e4L,0xf951d198ec696331L,0x9810e2de3e8d812fL,
-        0xd0a47259389294abL },
-      { 0x513ba2b50e3bab66L,0x462caff5abad306fL,0xe2dc6d59af04c49eL,
-        0x1aeb8750e0b84b0bL } },
-    /* 46 << 98 */
-    { { 0xc034f12f2f7d0ca2L,0x6d2e8128e06acf2fL,0x801f4f8321facc2fL,
-        0xa1170c03f40ef607L },
-      { 0xfe0a1d4f7805a99cL,0xbde56a36cc26aba5L,0x5b1629d035531f40L,
-        0xac212c2b9afa6108L } },
-    /* 47 << 98 */
-    { { 0x30a06bf315697be5L,0x6f0545dc2c63c7c1L,0x5d8cb8427ccdadafL,
-        0xd52e379bac7015bbL },
-      { 0xc4f56147f462c23eL,0xd44a429846bc24b0L,0xbc73d23ae2856d4fL,
-        0x61cedd8c0832bcdfL } },
-    /* 48 << 98 */
-    { { 0x6095355699f241d7L,0xee4adbd7001a349dL,0x0b35bf6aaa89e491L,
-        0x7f0076f4136f7546L },
-      { 0xd19a18ba9264da3dL,0x6eb2d2cd62a7a28bL,0xcdba941f8761c971L,
-        0x1550518ba3be4a5dL } },
-    /* 49 << 98 */
-    { { 0xd0e8e2f057d0b70cL,0xeea8612ecd133ba3L,0x814670f044416aecL,
-        0x424db6c330775061L },
-      { 0xd96039d116213fd1L,0xc61e7fa518a3478fL,0xa805bdcccb0c5021L,
-        0xbdd6f3a80cc616ddL } },
-    /* 50 << 98 */
-    { { 0x060096675d97f7e2L,0x31db0fc1af0bf4b6L,0x23680ed45491627aL,
-        0xb99a3c667d741fb1L },
-      { 0xe9bb5f5536b1ff92L,0x29738577512b388dL,0xdb8a2ce750fcf263L,
-        0x385346d46c4f7b47L } },
-    /* 51 << 98 */
-    { { 0xbe86c5ef31631f9eL,0xbf91da2103a57a29L,0xc3b1f7967b23f821L,
-        0x0f7d00d2770db354L },
-      { 0x8ffc6c3bd8fe79daL,0xcc5e8c40d525c996L,0x4640991dcfff632aL,
-        0x64d97e8c67112528L } },
-    /* 52 << 98 */
-    { { 0xc232d97302f1cd1eL,0xce87eacb1dd212a4L,0x6e4c8c73e69802f7L,
-        0x12ef02901fffddbdL },
-      { 0x941ec74e1bcea6e2L,0xd0b540243cb92cbbL,0x809fb9d47e8f9d05L,
-        0x3bf16159f2992aaeL } },
-    /* 53 << 98 */
-    { { 0xad40f279f8a7a838L,0x11aea63105615660L,0xbf52e6f1a01f6fa1L,
-        0xef0469953dc2aec9L },
-      { 0x785dbec9d8080711L,0xe1aec60a9fdedf76L,0xece797b5fa21c126L,
-        0xc66e898f05e52732L } },
-    /* 54 << 98 */
-    { { 0x39bb69c408811fdbL,0x8bfe1ef82fc7f082L,0xc8e7a393174f4138L,
-        0xfba8ad1dd58d1f98L },
-      { 0xbc21d0cebfd2fd5bL,0x0b839a826ee60d61L,0xaacf7658afd22253L,
-        0xb526bed8aae396b3L } },
-    /* 55 << 98 */
-    { { 0xccc1bbc238564464L,0x9e3ff9478c45bc73L,0xcde9bca358188a78L,
-        0x138b8ee0d73bf8f7L },
-      { 0x5c7e234c4123c489L,0x66e69368fa643297L,0x0629eeee39a15fa3L,
-        0x95fab881a9e2a927L } },
-    /* 56 << 98 */
-    { { 0xb2497007eafbb1e1L,0xd75c9ce6e75b7a93L,0x3558352defb68d78L,
-        0xa2f26699223f6396L },
-      { 0xeb911ecfe469b17aL,0x62545779e72d3ec2L,0x8ea47de782cb113fL,
-        0xebe4b0864e1fa98dL } },
-    /* 57 << 98 */
-    { { 0xec2d5ed78cdfedb1L,0xa535c077fe211a74L,0x9678109b11d244c5L,
-        0xf17c8bfbbe299a76L },
-      { 0xb651412efb11fbc4L,0xea0b548294ab3f65L,0xd8dffd950cf78243L,
-        0x2e719e57ce0361d4L } },
-    /* 58 << 98 */
-    { { 0x9007f085304ddc5bL,0x095e8c6d4daba2eaL,0x5a33cdb43f9d28a9L,
-        0x85b95cd8e2283003L },
-      { 0xbcd6c819b9744733L,0x29c5f538fc7f5783L,0x6c49b2fad59038e4L,
-        0x68349cc13bbe1018L } },
-    /* 59 << 98 */
-    { { 0xcc490c1d21830ee5L,0x36f9c4eee9bfa297L,0x58fd729448de1a94L,
-        0xaadb13a84e8f2cdcL },
-      { 0x515eaaa081313dbaL,0xc76bb468c2152dd8L,0x357f8d75a653dbf8L,
-        0xe4d8c4d1b14ac143L } },
-    /* 60 << 98 */
-    { { 0xbdb8e675b055cb40L,0x898f8e7b977b5167L,0xecc65651b82fb863L,
-        0x565448146d88f01fL },
-      { 0xb0928e95263a75a9L,0xcfb6836f1a22fcdaL,0x651d14db3f3bd37cL,
-        0x1d3837fbb6ad4664L } },
-    /* 61 << 98 */
-    { { 0x7c5fb538ff4f94abL,0x7243c7126d7fb8f2L,0xef13d60ca85c5287L,
-        0x18cfb7c74bb8dd1bL },
-      { 0x82f9bfe672908219L,0x35c4592b9d5144abL,0x52734f379cf4b42fL,
-        0x6bac55e78c60ddc4L } },
-    /* 62 << 98 */
-    { { 0xb5cd811e94dea0f6L,0x259ecae4e18cc1a3L,0x6a0e836e15e660f8L,
-        0x6c639ea60e02bff2L },
-      { 0x8721b8cb7e1026fdL,0x9e73b50b63261942L,0xb8c7097477f01da3L,
-        0x1839e6a68268f57fL } },
-    /* 63 << 98 */
-    { { 0x571b94155150b805L,0x1892389ef92c7097L,0x8d69c18e4a084b95L,
-        0x7014c512be5b495cL },
-      { 0x4780db361b07523cL,0x2f6219ce2c1c64faL,0xc38b81b0602c105aL,
-        0xab4f4f205dc8e360L } },
-    /* 64 << 98 */
-    { { 0x20d3c982cf7d62d2L,0x1f36e29d23ba8150L,0x48ae0bf092763f9eL,
-        0x7a527e6b1d3a7007L },
-      { 0xb4a89097581a85e3L,0x1f1a520fdc158be5L,0xf98db37d167d726eL,
-        0x8802786e1113e862L } },
-    /* 0 << 105 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 105 */
-    { { 0xefb2149e36f09ab0L,0x03f163ca4a10bb5bL,0xd029704506e20998L,
-        0x56f0af001b5a3babL },
-      { 0x7af4cfec70880e0dL,0x7332a66fbe3d913fL,0x32e6c84a7eceb4bdL,
-        0xedc4a79a9c228f55L } },
-    /* 2 << 105 */
-    { { 0xc37c7dd0c55c4496L,0xa6a9635725bbabd2L,0x5b7e63f2add7f363L,
-        0x9dce37822e73f1dfL },
-      { 0xe1e5a16ab2b91f71L,0xe44898235ba0163cL,0xf2759c32f6e515adL,
-        0xa5e2f1f88615eecfL } },
-    /* 3 << 105 */
-    { { 0x74519be7abded551L,0x03d358b8c8b74410L,0x4d00b10b0e10d9a9L,
-        0x6392b0b128da52b7L },
-      { 0x6744a2980b75c904L,0xc305b0aea8f7f96cL,0x042e421d182cf932L,
-        0xf6fc5d509e4636caL } },
-    /* 4 << 105 */
-    { { 0x795847c9d64cc78cL,0x6c50621b9b6cb27bL,0x07099bf8df8022abL,
-        0x48f862ebc04eda1dL },
-      { 0xd12732ede1603c16L,0x19a80e0f5c9a9450L,0xe2257f54b429b4fcL,
-        0x66d3b2c645460515L } },
-    /* 5 << 105 */
-    { { 0x6ca4f87e822e37beL,0x73f237b4253bda4eL,0xf747f3a241190aebL,
-        0xf06fa36f804cf284L },
-      { 0x0a6bbb6efc621c12L,0x5d624b6440b80ec6L,0x4b0724257ba556f3L,
-        0x7fa0c3543e2d20a8L } },
-    /* 6 << 105 */
-    { { 0xe921fa31e3229d41L,0xa929c65294531bd4L,0x84156027a6d38209L,
-        0xf3d69f736bdb97bdL },
-      { 0x8906d19a16833631L,0x68a34c2e03d51be3L,0xcb59583b0e511cd8L,
-        0x99ce6bfdfdc132a8L } },
-    /* 7 << 105 */
-    { { 0x3facdaaaffcdb463L,0x658bbc1a34a38b08L,0x12a801f8f1a9078dL,
-        0x1567bcf96ab855deL },
-      { 0xe08498e03572359bL,0xcf0353e58659e68bL,0xbb86e9c87d23807cL,
-        0xbc08728d2198e8a2L } },
-    /* 8 << 105 */
-    { { 0x8de2b7bc453cadd6L,0x203900a7bc0bc1f8L,0xbcd86e47a6abd3afL,
-        0x911cac128502effbL },
-      { 0x2d550242ec965469L,0x0e9f769229e0017eL,0x633f078f65979885L,
-        0xfb87d4494cf751efL } },
-    /* 9 << 105 */
-    { { 0xe1790e4bfc25419aL,0x364672034bff3cfdL,0xc8db638625b6e83fL,
-        0x6cc69f236cad6fd2L },
-      { 0x0219e45a6bc68bb9L,0xe43d79b6297f7334L,0x7d445368465dc97cL,
-        0x4b9eea322a0b949aL } },
-    /* 10 << 105 */
-    { { 0x1b96c6ba6102d021L,0xeaafac782f4461eaL,0xd4b85c41c49f19a8L,
-        0x275c28e4cf538875L },
-      { 0x35451a9ddd2e54e0L,0x6991adb50605618bL,0x5b8b4bcd7b36cd24L,
-        0x372a4f8c56f37216L } },
-    /* 11 << 105 */
-    { { 0xc890bd73a6a5da60L,0x6f083da0dc4c9ff0L,0xf4e14d94f0536e57L,
-        0xf9ee1edaaaec8243L },
-      { 0x571241ec8bdcf8e7L,0xa5db82710b041e26L,0x9a0b9a99e3fff040L,
-        0xcaaf21dd7c271202L } },
-    /* 12 << 105 */
-    { { 0xb4e2b2e14f0dd2e8L,0xe77e7c4f0a377ac7L,0x69202c3f0d7a2198L,
-        0xf759b7ff28200eb8L },
-      { 0xc87526eddcfe314eL,0xeb84c52453d5cf99L,0xb1b52ace515138b6L,
-        0x5aa7ff8c23fca3f4L } },
-    /* 13 << 105 */
-    { { 0xff0b13c3b9791a26L,0x960022dacdd58b16L,0xdbd55c9257aad2deL,
-        0x3baaaaa3f30fe619L },
-      { 0x9a4b23460d881efdL,0x506416c046325e2aL,0x91381e76035c18d4L,
-        0xb3bb68bef27817b0L } },
-    /* 14 << 105 */
-    { { 0x15bfb8bf5116f937L,0x7c64a586c1268943L,0x71e25cc38419a2c8L,
-        0x9fd6b0c48335f463L },
-      { 0x4bf0ba3ce8ee0e0eL,0x6f6fba60298c21faL,0x57d57b39ae66bee0L,
-        0x292d513022672544L } },
-    /* 15 << 105 */
-    { { 0xf451105dbab093b3L,0x012f59b902839986L,0x8a9158023474a89cL,
-        0x048c919c2de03e97L },
-      { 0xc476a2b591071cd5L,0x791ed89a034970a5L,0x89bd9042e1b7994bL,
-        0x8eaf5179a1057ffdL } },
-    /* 16 << 105 */
-    { { 0x6066e2a2d551ee10L,0x87a8f1d8727e09a6L,0x00d08bab2c01148dL,
-        0x6da8e4f1424f33feL },
-      { 0x466d17f0cf9a4e71L,0xff5020103bf5cb19L,0xdccf97d8d062ecc0L,
-        0x80c0d9af81d80ac4L } },
-    /* 17 << 105 */
-    { { 0xe87771d8033f2876L,0xb0186ec67d5cc3dbL,0x58e8bb803bc9bc1dL,
-        0x4d1395cc6f6ef60eL },
-      { 0xa73c62d6186244a0L,0x918e5f23110a5b53L,0xed4878ca741b7eabL,
-        0x3038d71adbe03e51L } },
-    /* 18 << 105 */
-    { { 0x840204b7a93c3246L,0x21ab6069a0b9b4cdL,0xf5fa6e2bb1d64218L,
-        0x1de6ad0ef3d56191L },
-      { 0x570aaa88ff1929c7L,0xc6df4c6b640e87b5L,0xde8a74f2c65f0cccL,
-        0x8b972fd5e6f6cc01L } },
-    /* 19 << 105 */
-    { { 0x3fff36b60b846531L,0xba7e45e610a5e475L,0x84a1d10e4145b6c5L,
-        0xf1f7f91a5e046d9dL },
-      { 0x0317a69244de90d7L,0x951a1d4af199c15eL,0x91f78046c9d73debL,
-        0x74c82828fab8224fL } },
-    /* 20 << 105 */
-    { { 0xaa6778fce7560b90L,0xb4073e61a7e824ceL,0xff0d693cd642eba8L,
-        0x7ce2e57a5dccef38L },
-      { 0x89c2c7891df1ad46L,0x83a06922098346fdL,0x2d715d72da2fc177L,
-        0x7b6dd71d85b6cf1dL } },
-    /* 21 << 105 */
-    { { 0xc60a6d0a73fa9cb0L,0xedd3992e328bf5a9L,0xc380ddd0832c8c82L,
-        0xd182d410a2a0bf50L },
-      { 0x7d9d7438d9a528dbL,0xe8b1a0e9caf53994L,0xddd6e5fe0e19987cL,
-        0xacb8df03190b059dL } },
-    /* 22 << 105 */
-    { { 0x53703a328300129fL,0x1f63766268c43bfdL,0xbcbd191300e54051L,
-        0x812fcc627bf5a8c5L },
-      { 0x3f969d5f29fb85daL,0x72f4e00a694759e8L,0x426b6e52790726b7L,
-        0x617bbc873bdbb209L } },
-    /* 23 << 105 */
-    { { 0x511f8bb997aee317L,0x812a4096e81536a8L,0x137dfe593ac09b9bL,
-        0x0682238fba8c9a7aL },
-      { 0x7072ead6aeccb4bdL,0x6a34e9aa692ba633L,0xc82eaec26fff9d33L,
-        0xfb7535121d4d2b62L } },
-    /* 24 << 105 */
-    { { 0x1a0445ff1d7aadabL,0x65d38260d5f6a67cL,0x6e62fb0891cfb26fL,
-        0xef1e0fa55c7d91d6L },
-      { 0x47e7c7ba33db72cdL,0x017cbc09fa7c74b2L,0x3c931590f50a503cL,
-        0xcac54f60616baa42L } },
-    /* 25 << 105 */
-    { { 0x9b6cd380b2369f0fL,0x97d3a70d23c76151L,0x5f9dd6fc9862a9c6L,
-        0x044c4ab212312f51L },
-      { 0x035ea0fd834a2ddcL,0x49e6b862cc7b826dL,0xb03d688362fce490L,
-        0x62f2497ab37e36e9L } },
-    /* 26 << 105 */
-    { { 0x04b005b6c6458293L,0x36bb5276e8d10af7L,0xacf2dc138ee617b8L,
-        0x470d2d35b004b3d4L },
-      { 0x06790832feeb1b77L,0x2bb75c3985657f9cL,0xd70bd4edc0f60004L,
-        0xfe797ecc219b018bL } },
-    /* 27 << 105 */
-    { { 0x9b5bec2a753aebccL,0xdaf9f3dcc939eca5L,0xd6bc6833d095ad09L,
-        0x98abdd51daa4d2fcL },
-      { 0xd9840a318d168be5L,0xcf7c10e02325a23cL,0xa5c02aa07e6ecfafL,
-        0x2462e7e6b5bfdf18L } },
-    /* 28 << 105 */
-    { { 0xab2d8a8ba0cc3f12L,0x68dd485dbc672a29L,0x72039752596f2cd3L,
-        0x5d3eea67a0cf3d8dL },
-      { 0x810a1a81e6602671L,0x8f144a4014026c0cL,0xbc753a6d76b50f85L,
-        0xc4dc21e8645cd4a4L } },
-    /* 29 << 105 */
-    { { 0xc5262dea521d0378L,0x802b8e0e05011c6fL,0x1ba19cbb0b4c19eaL,
-        0x21db64b5ebf0aaecL },
-      { 0x1f394ee970342f9dL,0x93a10aee1bc44a14L,0xa7eed31b3efd0baaL,
-        0x6e7c824e1d154e65L } },
-    /* 30 << 105 */
-    { { 0xee23fa819966e7eeL,0x64ec4aa805b7920dL,0x2d44462d2d90aad4L,
-        0xf44dd195df277ad5L },
-      { 0x8d6471f1bb46b6a1L,0x1e65d313fd885090L,0x33a800f513a977b4L,
-        0xaca9d7210797e1efL } },
-    /* 31 << 105 */
-    { { 0x9a5a85a0fcff6a17L,0x9970a3f31eca7ceeL,0xbb9f0d6bc9504be3L,
-        0xe0c504beadd24ee2L },
-      { 0x7e09d95677fcc2f4L,0xef1a522765bb5fc4L,0x145d4fb18b9286aaL,
-        0x66fd0c5d6649028bL } },
-    /* 32 << 105 */
-    { { 0x98857ceb1bf4581cL,0xe635e186aca7b166L,0x278ddd22659722acL,
-        0xa0903c4c1db68007L },
-      { 0x366e458948f21402L,0x31b49c14b96abda2L,0x329c4b09e0403190L,
-        0x97197ca3d29f43feL } },
-    /* 33 << 105 */
-    { { 0x8073dd1e274983d8L,0xda1a3bde55717c8fL,0xfd3d4da20361f9d1L,
-        0x1332d0814c7de1ceL },
-      { 0x9b7ef7a3aa6d0e10L,0x17db2e73f54f1c4aL,0xaf3dffae4cd35567L,
-        0xaaa2f406e56f4e71L } },
-    /* 34 << 105 */
-    { { 0x8966759e7ace3fc7L,0x9594eacf45a8d8c6L,0x8de3bd8b91834e0eL,
-        0xafe4ca53548c0421L },
-      { 0xfdd7e856e6ee81c6L,0x8f671beb6b891a3aL,0xf7a58f2bfae63829L,
-        0x9ab186fb9c11ac9fL } },
-    /* 35 << 105 */
-    { { 0x8d6eb36910b5be76L,0x046b7739fb040bcdL,0xccb4529fcb73de88L,
-        0x1df0fefccf26be03L },
-      { 0xad7757a6bcfcd027L,0xa8786c75bb3165caL,0xe9db1e347e99a4d9L,
-        0x99ee86dfb06c504bL } },
-    /* 36 << 105 */
-    { { 0x5b7c2dddc15c9f0aL,0xdf87a7344295989eL,0x59ece47c03d08fdaL,
-        0xb074d3ddad5fc702L },
-      { 0x2040790351a03776L,0x2bb1f77b2a608007L,0x25c58f4fe1153185L,
-        0xe6df62f6766e6447L } },
-    /* 37 << 105 */
-    { { 0xefb3d1beed51275aL,0x5de47dc72f0f483fL,0x7932d98e97c2bedfL,
-        0xd5c119270219f8a1L },
-      { 0x9d751200a73a294eL,0x5f88434a9dc20172L,0xd28d9fd3a26f506aL,
-        0xa890cd319d1dcd48L } },
-    /* 38 << 105 */
-    { { 0x0aebaec170f4d3b4L,0xfd1a13690ffc8d00L,0xb9d9c24057d57838L,
-        0x45929d2668bac361L },
-      { 0x5a2cd06025b15ca6L,0x4b3c83e16e474446L,0x1aac7578ee1e5134L,
-        0xa418f5d6c91e2f41L } },
-    /* 39 << 105 */
-    { { 0x6936fc8a213ed68bL,0x860ae7ed510a5224L,0x63660335def09b53L,
-        0x641b2897cd79c98dL },
-      { 0x29bd38e101110f35L,0x79c26f42648b1937L,0x64dae5199d9164f4L,
-        0xd85a23100265c273L } },
-    /* 40 << 105 */
-    { { 0x7173dd5d4b07e2b1L,0xd144c4cb8d9ea221L,0xe8b04ea41105ab14L,
-        0x92dda542fe80d8f1L },
-      { 0xe9982fa8cf03dce6L,0x8b5ea9651a22cffcL,0xf7f4ea7f3fad88c4L,
-        0x62db773e6a5ba95cL } },
-    /* 41 << 105 */
-    { { 0xd20f02fb93f24567L,0xfd46c69a315257caL,0x0ac74cc78bcab987L,
-        0x46f31c015ceca2f5L },
-      { 0x40aedb59888b219eL,0xe50ecc37e1fccd02L,0x1bcd9dad911f816cL,
-        0x583cc1ec8db9b00cL } },
-    /* 42 << 105 */
-    { { 0xf3cd2e66a483bf11L,0xfa08a6f5b1b2c169L,0xf375e2454be9fa28L,
-        0x99a7ffec5b6d011fL },
-      { 0x6a3ebddbc4ae62daL,0x6cea00ae374aef5dL,0xab5fb98d9d4d05bcL,
-        0x7cba1423d560f252L } },
-    /* 43 << 105 */
-    { { 0x49b2cc21208490deL,0x1ca66ec3bcfb2879L,0x7f1166b71b6fb16fL,
-        0xfff63e0865fe5db3L },
-      { 0xb8345abe8b2610beL,0xb732ed8039de3df4L,0x0e24ed50211c32b4L,
-        0xd10d8a69848ff27dL } },
-    /* 44 << 105 */
-    { { 0xc1074398ed4de248L,0xd7cedace10488927L,0xa4aa6bf885673e13L,
-        0xb46bae916daf30afL },
-      { 0x07088472fcef7ad8L,0x61151608d4b35e97L,0xbcfe8f26dde29986L,
-        0xeb84c4c7d5a34c79L } },
-    /* 45 << 105 */
-    { { 0xc1eec55c164e1214L,0x891be86da147bb03L,0x9fab4d100ba96835L,
-        0xbf01e9b8a5c1ae9fL },
-      { 0x6b4de139b186ebc0L,0xd5c74c2685b91bcaL,0x5086a99cc2d93854L,
-        0xeed62a7ba7a9dfbcL } },
-    /* 46 << 105 */
-    { { 0x8778ed6f76b7618aL,0xbff750a503b66062L,0x4cb7be22b65186dbL,
-        0x369dfbf0cc3a6d13L },
-      { 0xc7dab26c7191a321L,0x9edac3f940ed718eL,0xbc142b36d0cfd183L,
-        0xc8af82f67c991693L } },
-    /* 47 << 105 */
-    { { 0xb3d1e4d897ce0b2aL,0xe6d7c87fc3a55cdfL,0x35846b9568b81afeL,
-        0x018d12afd3c239d8L },
-      { 0x2b2c620801206e15L,0xe0e42453a3b882c6L,0x854470a3a50162d5L,
-        0x081574787017a62aL } },
-    /* 48 << 105 */
-    { { 0x18bd3fb4820357c7L,0x992039ae6f1458adL,0x9a1df3c525b44aa1L,
-        0x2d780357ed3d5281L },
-      { 0x58cf7e4dc77ad4d4L,0xd49a7998f9df4fc4L,0x4465a8b51d71205eL,
-        0xa0ee0ea6649254aaL } },
-    /* 49 << 105 */
-    { { 0x4b5eeecfab7bd771L,0x6c87307335c262b9L,0xdc5bd6483c9d61e7L,
-        0x233d6d54321460d2L },
-      { 0xd20c5626fc195bccL,0x2544595804d78b63L,0xe03fcb3d17ec8ef3L,
-        0x54b690d146b8f781L } },
-    /* 50 << 105 */
-    { { 0x82fa2c8a21230646L,0xf51aabb9084f418cL,0xff4fbec11a30ba43L,
-        0x6a5acf73743c9df7L },
-      { 0x1da2b357d635b4d5L,0xc3de68ddecd5c1daL,0xa689080bd61af0ddL,
-        0xdea5938ad665bf99L } },
-    /* 51 << 105 */
-    { { 0x0231d71afe637294L,0x01968aa6a5a81cd8L,0x11252d50048e63b5L,
-        0xc446bc526ca007e9L },
-      { 0xef8c50a696d6134bL,0x9361fbf59e09a05cL,0xf17f85a6dca3291aL,
-        0xb178d548ff251a21L } },
-    /* 52 << 105 */
-    { { 0x87f6374ba4df3915L,0x566ce1bf2fd5d608L,0x425cba4d7de35102L,
-        0x6b745f8f58c5d5e2L },
-      { 0x88402af663122edfL,0x3190f9ed3b989a89L,0x4ad3d387ebba3156L,
-        0xef385ad9c7c469a5L } },
-    /* 53 << 105 */
-    { { 0xb08281de3f642c29L,0x20be0888910ffb88L,0xf353dd4ad5292546L,
-        0x3f1627de8377a262L },
-      { 0xa5faa013eefcd638L,0x8f3bf62674cc77c3L,0x32618f65a348f55eL,
-        0x5787c0dc9fefeb9eL } },
-    /* 54 << 105 */
-    { { 0xf1673aa2d9a23e44L,0x88dfa9934e10690dL,0x1ced1b362bf91108L,
-        0x9193ceca3af48649L },
-      { 0xfb34327d2d738fc5L,0x6697b037975fee6cL,0x2f485da0c04079a5L,
-        0x2cdf57352feaa1acL } },
-    /* 55 << 105 */
-    { { 0x76944420bd55659eL,0x7973e32b4376090cL,0x86bb4fe1163b591aL,
-        0x10441aedc196f0caL },
-      { 0x3b431f4a045ad915L,0x6c11b437a4afacb1L,0x30b0c7db71fdbbd8L,
-        0xb642931feda65acdL } },
-    /* 56 << 105 */
-    { { 0x4baae6e89c92b235L,0xa73bbd0e6b3993a1L,0xd06d60ec693dd031L,
-        0x03cab91b7156881cL },
-      { 0xd615862f1db3574bL,0x485b018564bb061aL,0x27434988a0181e06L,
-        0x2cd61ad4c1c0c757L } },
-    /* 57 << 105 */
-    { { 0x3effed5a2ff9f403L,0x8dc98d8b62239029L,0x2206021e1f17b70dL,
-        0xafbec0cabf510015L },
-      { 0x9fed716480130dfaL,0x306dc2b58a02dcf5L,0x48f06620feb10fc0L,
-        0x78d1e1d55a57cf51L } },
-    /* 58 << 105 */
-    { { 0xadef8c5a192ef710L,0x88afbd4b3b7431f9L,0x7e1f740764250c9eL,
-        0x6e31318db58bec07L },
-      { 0xfd4fc4b824f89b4eL,0x65a5dd8848c36a2aL,0x4f1eccfff024baa7L,
-        0x22a21cf2cba94650L } },
-    /* 59 << 105 */
-    { { 0x95d29dee42a554f7L,0x828983a5002ec4baL,0x8112a1f78badb73dL,
-        0x79ea8897a27c1839L },
-      { 0x8969a5a7d065fd83L,0xf49af791b262a0bcL,0xfcdea8b6af2b5127L,
-        0x10e913e1564c2dbcL } },
-    /* 60 << 105 */
-    { { 0x51239d14bc21ef51L,0xe51c3ceb4ce57292L,0x795ff06847bbcc3bL,
-        0x86b46e1ebd7e11e6L },
-      { 0x0ea6ba2380041ef4L,0xd72fe5056262342eL,0x8abc6dfd31d294d4L,
-        0xbbe017a21278c2c9L } },
-    /* 61 << 105 */
-    { { 0xb1fcfa09b389328aL,0x322fbc62d01771b5L,0x04c0d06360b045bfL,
-        0xdb652edc10e52d01L },
-      { 0x50ef932c03ec6627L,0xde1b3b2dc1ee50e3L,0x5ab7bdc5dc37a90dL,
-        0xfea6721331e33a96L } },
-    /* 62 << 105 */
-    { { 0x6482b5cb4f2999aaL,0x38476cc6b8cbf0ddL,0x93ebfacb173405bbL,
-        0x15cdafe7e52369ecL },
-      { 0xd42d5ba4d935b7dbL,0x648b60041c99a4cdL,0x785101bda3b5545bL,
-        0x4bf2c38a9dd67fafL } },
-    /* 63 << 105 */
-    { { 0xb1aadc634442449cL,0xe0e9921a33ad4fb8L,0x5c552313aa686d82L,
-        0xdee635fa465d866cL },
-      { 0xbc3c224a18ee6e8aL,0xeed748a6ed42e02fL,0xe70f930ad474cd08L,
-        0x774ea6ecfff24adfL } },
-    /* 64 << 105 */
-    { { 0x03e2de1cf3480d4aL,0xf0d8edc7bc8acf1aL,0xf23e330368295a9cL,
-        0xfadd5f68c546a97dL },
-      { 0x895597ad96f8acb1L,0xbddd49d5671bdae2L,0x16fcd52821dd43f4L,
-        0xa5a454126619141aL } },
-    /* 0 << 112 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 112 */
-    { { 0x8ce9b6bfc360e25aL,0xe6425195075a1a78L,0x9dc756a8481732f4L,
-        0x83c0440f5432b57aL },
-      { 0xc670b3f1d720281fL,0x2205910ed135e051L,0xded14b0edb052be7L,
-        0x697b3d27c568ea39L } },
-    /* 2 << 112 */
-    { { 0x2e599b9afb3ff9edL,0x28c2e0ab17f6515cL,0x1cbee4fd474da449L,
-        0x071279a44f364452L },
-      { 0x97abff6601fbe855L,0x3ee394e85fda51c4L,0x190385f667597c0bL,
-        0x6e9fccc6a27ee34bL } },
-    /* 3 << 112 */
-    { { 0x0b89de9314092ebbL,0xf17256bd428e240cL,0xcf89a7f393d2f064L,
-        0x4f57841ee1ed3b14L },
-      { 0x4ee14405e708d855L,0x856aae7203f1c3d0L,0xc8e5424fbdd7eed5L,
-        0x3333e4ef73ab4270L } },
-    /* 4 << 112 */
-    { { 0x3bc77adedda492f8L,0xc11a3aea78297205L,0x5e89a3e734931b4cL,
-        0x17512e2e9f5694bbL },
-      { 0x5dc349f3177bf8b6L,0x232ea4ba08c7ff3eL,0x9c4f9d16f511145dL,
-        0xccf109a333b379c3L } },
-    /* 5 << 112 */
-    { { 0xe75e7a88a1f25897L,0x7ac6961fa1b5d4d8L,0xe3e1077308f3ed5cL,
-        0x208a54ec0a892dfbL },
-      { 0xbe826e1978660710L,0x0cf70a97237df2c8L,0x418a7340ed704da5L,
-        0xa3eeb9a908ca33fdL } },
-    /* 6 << 112 */
-    { { 0x49d96233169bca96L,0x04d286d42da6aafbL,0xc09606eca0c2fa94L,
-        0x8869d0d523ff0fb3L },
-      { 0xa99937e5d0150d65L,0xa92e2503240c14c9L,0x656bf945108e2d49L,
-        0x152a733aa2f59e2bL } },
-    /* 7 << 112 */
-    { { 0xb4323d588434a920L,0xc0af8e93622103c5L,0x667518ef938dbf9aL,
-        0xa184307383a9cdf2L },
-      { 0x350a94aa5447ab80L,0xe5e5a325c75a3d61L,0x74ba507f68411a9eL,
-        0x10581fc1594f70c5L } },
-    /* 8 << 112 */
-    { { 0x60e2857080eb24a9L,0x7bedfb4d488e0cfdL,0x721ebbd7c259cdb8L,
-        0x0b0da855bc6390a9L },
-      { 0x2b4d04dbde314c70L,0xcdbf1fbc6c32e846L,0x33833eabb162fc9eL,
-        0x9939b48bb0dd3ab7L } },
-    /* 9 << 112 */
-    { { 0x5aaa98a7cb0c9c8cL,0x75105f3081c4375cL,0xceee50575ef1c90fL,
-        0xb31e065fc23a17bfL },
-      { 0x5364d275d4b6d45aL,0xd363f3ad62ec8996L,0xb5d212394391c65bL,
-        0x84564765ebb41b47L } },
-    /* 10 << 112 */
-    { { 0x20d18ecc37107c78L,0xacff3b6b570c2a66L,0x22f975d99bd0d845L,
-        0xef0a0c46ba178fa0L },
-      { 0x1a41965176b6028eL,0xc49ec674248612d4L,0x5b6ac4f27338af55L,
-        0x06145e627bee5a36L } },
-    /* 11 << 112 */
-    { { 0x33e95d07e75746b5L,0x1c1e1f6dc40c78beL,0x967833ef222ff8e2L,
-        0x4bedcf6ab49180adL },
-      { 0x6b37e9c13d7a4c8aL,0x2748887c6ddfe760L,0xf7055123aa3a5bbcL,
-        0x954ff2257bbb8e74L } },
-    /* 12 << 112 */
-    { { 0xc42b8ab197c3dfb9L,0x55a549b0cf168154L,0xad6748e7c1b50692L,
-        0x2775780f6fc5cbcbL },
-      { 0x4eab80b8e1c9d7c8L,0x8c69dae13fdbcd56L,0x47e6b4fb9969eaceL,
-        0x002f1085a705cb5aL } },
-    /* 13 << 112 */
-    { { 0x4e23ca446d3fea55L,0xb4ae9c86f4810568L,0x47bfb91b2a62f27dL,
-        0x60deb4c9d9bac28cL },
-      { 0xa892d8947de6c34cL,0x4ee682594494587dL,0x914ee14e1a3f8a5bL,
-        0xbb113eaa28700385L } },
-    /* 14 << 112 */
-    { { 0x81ca03b92115b4c9L,0x7c163d388908cad1L,0xc912a118aa18179aL,
-        0xe09ed750886e3081L },
-      { 0xa676e3fa26f516caL,0x753cacf78e732f91L,0x51592aea833da8b4L,
-        0xc626f42f4cbea8aaL } },
-    /* 15 << 112 */
-    { { 0xef9dc899a7b56eafL,0x00c0e52c34ef7316L,0x5b1e4e24fe818a86L,
-        0x9d31e20dc538be47L },
-      { 0x22eb932d3ed68974L,0xe44bbc087c4e87c4L,0x4121086e0dde9aefL,
-        0x8e6b9cff134f4345L } },
-    /* 16 << 112 */
-    { { 0x96892c1f711b0eb9L,0xb905f2c8780ab954L,0xace26309a20792dbL,
-        0xec8ac9b30684e126L },
-      { 0x486ad8b6b40a2447L,0x60121fc19fe3fb24L,0x5626fccf1a8e3b3fL,
-        0x4e5686226ad1f394L } },
-    /* 17 << 112 */
-    { { 0xda7aae0d196aa5a1L,0xe0df8c771041b5fbL,0x451465d926b318b7L,
-        0xc29b6e557ab136e9L },
-      { 0x2c2ab48b71148463L,0xb5738de364454a76L,0x54ccf9a05a03abe4L,
-        0x377c02960427d58eL } },
-    /* 18 << 112 */
-    { { 0x73f5f0b92bb39c1fL,0x14373f2ce608d8c5L,0xdcbfd31400fbb805L,
-        0xdf18fb2083afdcfbL },
-      { 0x81a57f4242b3523fL,0xe958532d87f650fbL,0xaa8dc8b68b0a7d7cL,
-        0x1b75dfb7150166beL } },
-    /* 19 << 112 */
-    { { 0x90e4f7c92d7d1413L,0x67e2d6b59834f597L,0x4fd4f4f9a808c3e8L,
-        0xaf8237e0d5281ec1L },
-      { 0x25ab5fdc84687ceeL,0xc5ded6b1a5b26c09L,0x8e4a5aecc8ea7650L,
-        0x23b73e5c14cc417fL } },
-    /* 20 << 112 */
-    { { 0x2bfb43183037bf52L,0xb61e6db578c725d7L,0x8efd4060bbb3e5d7L,
-        0x2e014701dbac488eL },
-      { 0xac75cf9a360aa449L,0xb70cfd0579634d08L,0xa591536dfffb15efL,
-        0xb2c37582d07c106cL } },
-    /* 21 << 112 */
-    { { 0xb4293fdcf50225f9L,0xc52e175cb0e12b03L,0xf649c3bad0a8bf64L,
-        0x745a8fefeb8ae3c6L },
-      { 0x30d7e5a358321bc3L,0xb1732be70bc4df48L,0x1f217993e9ea5058L,
-        0xf7a71cde3e4fd745L } },
-    /* 22 << 112 */
-    { { 0x86cc533e894c5bbbL,0x6915c7d969d83082L,0xa6aa2d055815c244L,
-        0xaeeee59249b22ce5L },
-      { 0x89e39d1378135486L,0x3a275c1f16b76f2fL,0xdb6bcc1be036e8f5L,
-        0x4df69b215e4709f5L } },
-    /* 23 << 112 */
-    { { 0xa188b2502d0f39aaL,0x622118bb15a85947L,0x2ebf520ffde0f4faL,
-        0xa40e9f294860e539L },
-      { 0x7b6a51eb22b57f0fL,0x849a33b97e80644aL,0x50e5d16f1cf095feL,
-        0xd754b54eec55f002L } },
-    /* 24 << 112 */
-    { { 0x5cfbbb22236f4a98L,0x0b0c59e9066800bbL,0x4ac69a8f5a9a7774L,
-        0x2b33f804d6bec948L },
-      { 0xb372929532e6c466L,0x68956d0f4e599c73L,0xa47a249f155c31ccL,
-        0x24d80f0de1ce284eL } },
-    /* 25 << 112 */
-    { { 0xcd821dfb988baf01L,0xe6331a7ddbb16647L,0x1eb8ad33094cb960L,
-        0x593cca38c91bbca5L },
-      { 0x384aac8d26567456L,0x40fa0309c04b6490L,0x97834cd6dab6c8f6L,
-        0x68a7318d3f91e55fL } },
-    /* 26 << 112 */
-    { { 0xa00fd04efc4d3157L,0xb56f8ab22bf3bdeaL,0x014f56484fa57172L,
-        0x948c5860450abdb3L },
-      { 0x342b5df00ebd4f08L,0x3e5168cd0e82938eL,0x7aedc1ceb0df5dd0L,
-        0x6bbbc6d9e5732516L } },
-    /* 27 << 112 */
-    { { 0xc7bfd486605daaa6L,0x46fd72b7bb9a6c9eL,0xe4847fb1a124fb89L,
-        0x75959cbda2d8ffbcL },
-      { 0x42579f65c8a588eeL,0x368c92e6b80b499dL,0xea4ef6cd999a5df1L,
-        0xaa73bb7f936fe604L } },
-    /* 28 << 112 */
-    { { 0xf347a70d6457d188L,0x86eda86b8b7a388bL,0xb7cdff060ccd6013L,
-        0xbeb1b6c7d0053fb2L },
-      { 0x0b02238799240a9fL,0x1bbb384f776189b2L,0x8695e71e9066193aL,
-        0x2eb5009706ffac7eL } },
-    /* 29 << 112 */
-    { { 0x0654a9c04a7d2caaL,0x6f3fb3d1a5aaa290L,0x835db041ff476e8fL,
-        0x540b8b0bc42295e4L },
-      { 0xa5c73ac905e214f5L,0x9a74075a56a0b638L,0x2e4b1090ce9e680bL,
-        0x57a5b4796b8d9afaL } },
-    /* 30 << 112 */
-    { { 0x0dca48e726bfe65cL,0x097e391c7290c307L,0x683c462e6669e72eL,
-        0xf505be1e062559acL },
-      { 0x5fbe3ea1e3a3035aL,0x6431ebf69cd50da8L,0xfd169d5c1f6407f2L,
-        0x8d838a9560fce6b8L } },
-    /* 31 << 112 */
-    { { 0x2a2bfa7f650006f0L,0xdfd7dad350c0fbb2L,0x92452495ccf9ad96L,
-        0x183bf494d95635f9L },
-      { 0x02d5df434a7bd989L,0x505385cca5431095L,0xdd98e67dfd43f53eL,
-        0xd61e1a6c500c34a9L } },
-    /* 32 << 112 */
-    { { 0x5a4b46c64a8a3d62L,0x8469c4d0247743d2L,0x2bb3a13d88f7e433L,
-        0x62b23a1001be5849L },
-      { 0xe83596b4a63d1a4cL,0x454e7fea7d183f3eL,0x643fce6117afb01cL,
-        0x4e65e5e61c4c3638L } },
-    /* 33 << 112 */
-    { { 0x41d85ea1ef74c45bL,0x2cfbfa66ae328506L,0x98b078f53ada7da9L,
-        0xd985fe37ec752fbbL },
-      { 0xeece68fe5a0148b4L,0x6f9a55c72d78136dL,0x232dccc4d2b729ceL,
-        0xa27e0dfd90aafbc4L } },
-    /* 34 << 112 */
-    { { 0x9647445212b4603eL,0xa876c5516b706d14L,0xdf145fcf69a9d412L,
-        0xe2ab75b72d479c34L },
-      { 0x12df9a761a23ff97L,0xc61389925d359d10L,0x6e51c7aefa835f22L,
-        0x69a79cb1c0fcc4d9L } },
-    /* 35 << 112 */
-    { { 0xf57f350d594cc7e1L,0x3079ca633350ab79L,0x226fb6149aff594aL,
-        0x35afec026d59a62bL },
-      { 0x9bee46f406ed2c6eL,0x58da17357d939a57L,0x44c504028fd1797eL,
-        0xd8853e7c5ccea6caL } },
-    /* 36 << 112 */
-    { { 0x4065508da35fcd5fL,0x8965df8c495ccaebL,0x0f2da85012e1a962L,
-        0xee471b94c1cf1cc4L },
-      { 0xcef19bc80a08fb75L,0x704958f581de3591L,0x2867f8b23aef4f88L,
-        0x8d749384ea9f9a5fL } },
-    /* 37 << 112 */
-    { { 0x1b3855378c9049f4L,0x5be948f37b92d8b6L,0xd96f725db6e2bd6bL,
-        0x37a222bc958c454dL },
-      { 0xe7c61abb8809bf61L,0x46f07fbc1346f18dL,0xfb567a7ae87c0d1cL,
-        0x84a461c87ef3d07aL } },
-    /* 38 << 112 */
-    { { 0x0a5adce6d9278d98L,0x24d948139dfc73e1L,0x4f3528b6054321c3L,
-        0x2e03fdde692ea706L },
-      { 0x10e6061947b533c0L,0x1a8bc73f2ca3c055L,0xae58d4b21bb62b8fL,
-        0xb2045a73584a24e3L } },
-    /* 39 << 112 */
-    { { 0x3ab3d5afbd76e195L,0x478dd1ad6938a810L,0x6ffab3936ee3d5cbL,
-        0xdfb693db22b361e4L },
-      { 0xf969449651dbf1a7L,0xcab4b4ef08a2e762L,0xe8c92f25d39bba9aL,
-        0x850e61bcf1464d96L } },
-    /* 40 << 112 */
-    { { 0xb7e830e3dc09508bL,0xfaf6d2cf74317655L,0x72606cebdf690355L,
-        0x48bb92b3d0c3ded6L },
-      { 0x65b754845c7cf892L,0xf6cd7ac9d5d5f01fL,0xc2c30a5996401d69L,
-        0x91268650ed921878L } },
-    /* 41 << 112 */
-    { { 0x380bf913b78c558fL,0x43c0baebc8afdaa9L,0x377f61d554f169d3L,
-        0xf8da07e3ae5ff20bL },
-      { 0xb676c49da8a90ea8L,0x81c1ff2b83a29b21L,0x383297ac2ad8d276L,
-        0x3001122fba89f982L } },
-    /* 42 << 112 */
-    { { 0xe1d794be6718e448L,0x246c14827c3e6e13L,0x56646ef85d26b5efL,
-        0x80f5091e88069cddL },
-      { 0xc5992e2f724bdd38L,0x02e915b48471e8c7L,0x96ff320a0d0ff2a9L,
-        0xbf8864874384d1a0L } },
-    /* 43 << 112 */
-    { { 0xbbe1e6a6c93f72d6L,0xd5f75d12cad800eaL,0xfa40a09fe7acf117L,
-        0x32c8cdd57581a355L },
-      { 0x742219927023c499L,0xa8afe5d738ec3901L,0x5691afcba90e83f0L,
-        0x41bcaa030b8f8eacL } },
-    /* 44 << 112 */
-    { { 0xe38b5ff98d2668d5L,0x0715281a7ad81965L,0x1bc8fc7c03c6ce11L,
-        0xcbbee6e28b650436L },
-      { 0x06b00fe80cdb9808L,0x17d6e066fe3ed315L,0x2e9d38c64d0b5018L,
-        0xab8bfd56844dcaefL } },
-    /* 45 << 112 */
-    { { 0x42894a59513aed8bL,0xf77f3b6d314bd07aL,0xbbdecb8f8e42b582L,
-        0xf10e2fa8d2390fe6L },
-      { 0xefb9502262a2f201L,0x4d59ea5050ee32b0L,0xd87f77286da789a8L,
-        0xcf98a2cff79492c4L } },
-    /* 46 << 112 */
-    { { 0xf9577239720943c2L,0xba044cf53990b9d0L,0x5aa8e82395f2884aL,
-        0x834de6ed0278a0afL },
-      { 0xc8e1ee9a5f25bd12L,0x9259ceaa6f7ab271L,0x7e6d97a277d00b76L,
-        0x5c0c6eeaa437832aL } },
-    /* 47 << 112 */
-    { { 0x5232c20f5606b81dL,0xabd7b3750d991ee5L,0x4d2bfe358632d951L,
-        0x78f8514698ed9364L },
-      { 0x951873f0f30c3282L,0x0da8ac80a789230bL,0x3ac7789c5398967fL,
-        0xa69b8f7fbdda0fb5L } },
-    /* 48 << 112 */
-    { { 0xe5db77176add8545L,0x1b71cb6672c49b66L,0xd856073968421d77L,
-        0x03840fe883e3afeaL },
-      { 0xb391dad51ec69977L,0xae243fb9307f6726L,0xc88ac87be8ca160cL,
-        0x5174cced4ce355f4L } },
-    /* 49 << 112 */
-    { { 0x98a35966e58ba37dL,0xfdcc8da27817335dL,0x5b75283083fbc7bfL,
-        0x68e419d4d9c96984L },
-      { 0x409a39f402a40380L,0x88940faf1fe977bcL,0xc640a94b8f8edea6L,
-        0x1e22cd17ed11547dL } },
-    /* 50 << 112 */
-    { { 0xe28568ce59ffc3e2L,0x60aa1b55c1dee4e7L,0xc67497c8837cb363L,
-        0x06fb438a105a2bf2L },
-      { 0x30357ec4500d8e20L,0x1ad9095d0670db10L,0x7f589a05c73b7cfdL,
-        0xf544607d880d6d28L } },
-    /* 51 << 112 */
-    { { 0x17ba93b1a20ef103L,0xad8591306ba6577bL,0x65c91cf66fa214a0L,
-        0xd7d49c6c27990da5L },
-      { 0xecd9ec8d20bb569dL,0xbd4b2502eeffbc33L,0x2056ca5a6bed0467L,
-        0x7916a1f75b63728cL } },
-    /* 52 << 112 */
-    { { 0xd4f9497d53a4f566L,0x8973466497b56810L,0xf8e1da740494a621L,
-        0x82546a938d011c68L },
-      { 0x1f3acb19c61ac162L,0x52f8fa9cabad0d3eL,0x15356523b4b7ea43L,
-        0x5a16ad61ae608125L } },
-    /* 53 << 112 */
-    { { 0xb0bcb87f4faed184L,0x5f236b1d5029f45fL,0xd42c76070bc6b1fcL,
-        0xc644324e68aefce3L },
-      { 0x8e191d595c5d8446L,0xc020807713ae1979L,0xadcaee553ba59cc7L,
-        0x20ed6d6ba2cb81baL } },
-    /* 54 << 112 */
-    { { 0x0952ba19b6efcffcL,0x60f12d6897c0b87cL,0x4ee2c7c49caa30bcL,
-        0x767238b797fbff4eL },
-      { 0xebc73921501b5d92L,0x3279e3dfc2a37737L,0x9fc12bc86d197543L,
-        0xfa94dc6f0a40db4eL } },
-    /* 55 << 112 */
-    { { 0x7392b41a530ccbbdL,0x87c82146ea823525L,0xa52f984c05d98d0cL,
-        0x2ae57d735ef6974cL },
-      { 0x9377f7bf3042a6ddL,0xb1a007c019647a64L,0xfaa9079a0cca9767L,
-        0x3d81a25bf68f72d5L } },
-    /* 56 << 112 */
-    { { 0x752067f8ff81578eL,0x786221509045447dL,0xc0c22fcf0505aa6fL,
-        0x1030f0a66bed1c77L },
-      { 0x31f29f151f0bd739L,0x2d7989c7e6debe85L,0x5c070e728e677e98L,
-        0x0a817bd306e81fd5L } },
-    /* 57 << 112 */
-    { { 0xc110d830b0f2ac95L,0x48d0995aab20e64eL,0x0f3e00e17729cd9aL,
-        0x2a570c20dd556946L },
-      { 0x912dbcfd4e86214dL,0x2d014ee2cf615498L,0x55e2b1e63530d76eL,
-        0xc5135ae4fd0fd6d1L } },
-    /* 58 << 112 */
-    { { 0x0066273ad4f3049fL,0xbb8e9893e7087477L,0x2dba1ddb14c6e5fdL,
-        0xdba3788651f57e6cL },
-      { 0x5aaee0a65a72f2cfL,0x1208bfbf7bea5642L,0xf5c6aa3b67872c37L,
-        0xd726e08343f93224L } },
-    /* 59 << 112 */
-    { { 0x1854daa5061f1658L,0xc0016df1df0cd2b3L,0xc2a3f23e833d50deL,
-        0x73b681d2bbbd3017L },
-      { 0x2f046dc43ac343c0L,0x9c847e7d85716421L,0xe1e13c910917eed4L,
-        0x3fc9eebd63a1b9c6L } },
-    /* 60 << 112 */
-    { { 0x0f816a727fe02299L,0x6335ccc2294f3319L,0x3820179f4745c5beL,
-        0xe647b782922f066eL },
-      { 0xc22e49de02cafb8aL,0x299bc2fffcc2ecccL,0x9a8feea26e0e8282L,
-        0xa627278bfe893205L } },
-    /* 61 << 112 */
-    { { 0xa7e197337933e47bL,0xf4ff6b132e766402L,0xa4d8be0a98440d9fL,
-        0x658f5c2f38938808L },
-      { 0x90b75677c95b3b3eL,0xfa0442693137b6ffL,0x077b039b43c47c29L,
-        0xcca95dd38a6445b2L } },
-    /* 62 << 112 */
-    { { 0x0b498ba42333fc4cL,0x274f8e68f736a1b1L,0x6ca348fd5f1d4b2eL,
-        0x24d3be78a8f10199L },
-      { 0x8535f858ca14f530L,0xa6e7f1635b982e51L,0x847c851236e1bf62L,
-        0xf6a7c58e03448418L } },
-    /* 63 << 112 */
-    { { 0x583f3703f9374ab6L,0x864f91956e564145L,0x33bc3f4822526d50L,
-        0x9f323c801262a496L },
-      { 0xaa97a7ae3f046a9aL,0x70da183edf8a039aL,0x5b68f71c52aa0ba6L,
-        0x9be0fe5121459c2dL } },
-    /* 64 << 112 */
-    { { 0xc1e17eb6cbc613e5L,0x33131d55497ea61cL,0x2f69d39eaf7eded5L,
-        0x73c2f434de6af11bL },
-      { 0x4ca52493a4a375faL,0x5f06787cb833c5c2L,0x814e091f3e6e71cfL,
-        0x76451f578b746666L } },
-    /* 0 << 119 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 119 */
-    { { 0x80f9bdef694db7e0L,0xedca8787b9fcddc6L,0x51981c3403b8dce1L,
-        0x4274dcf170e10ba1L },
-      { 0xf72743b86def6d1aL,0xd25b1670ebdb1866L,0xc4491e8c050c6f58L,
-        0x2be2b2ab87fbd7f5L } },
-    /* 2 << 119 */
-    { { 0x3e0e5c9dd111f8ecL,0xbcc33f8db7c4e760L,0x702f9a91bd392a51L,
-        0x7da4a795c132e92dL },
-      { 0x1a0b0ae30bb1151bL,0x54febac802e32251L,0xea3a5082694e9e78L,
-        0xe58ffec1e4fe40b8L } },
-    /* 3 << 119 */
-    { { 0xf85592fcd1e0cf9eL,0xdea75f0dc0e7b2e8L,0xc04215cfc135584eL,
-        0x174fc7272f57092aL },
-      { 0xe7277877eb930beaL,0x504caccb5eb02a5aL,0xf9fe08f7f5241b9bL,
-        0xe7fb62f48d5ca954L } },
-    /* 4 << 119 */
-    { { 0xfbb8349d29c4120bL,0x9f94391fc0d0d915L,0xc4074fa75410ba51L,
-        0xa66adbf6150a5911L },
-      { 0xc164543c34bfca38L,0xe0f27560b9e1ccfcL,0x99da0f53e820219cL,
-        0xe8234498c6b4997aL } },
-    /* 5 << 119 */
-    { { 0xcfb88b769d4c5423L,0x9e56eb10b0521c49L,0x418e0b5ebe8700a1L,
-        0x00cbaad6f93cb58aL },
-      { 0xe923fbded92a5e67L,0xca4979ac1f347f11L,0x89162d856bc0585bL,
-        0xdd6254afac3c70e3L } },
-    /* 6 << 119 */
-    { { 0x7b23c513516e19e4L,0x56e2e847c5c4d593L,0x9f727d735ce71ef6L,
-        0x5b6304a6f79a44c5L },
-      { 0x6638a7363ab7e433L,0x1adea470fe742f83L,0xe054b8545b7fc19fL,
-        0xf935381aba1d0698L } },
-    /* 7 << 119 */
-    { { 0x546eab2d799e9a74L,0x96239e0ea949f729L,0xca274c6b7090055aL,
-        0x835142c39020c9b0L },
-      { 0xa405667aa2e8807fL,0x29f2c0851aa3d39eL,0xcc555d6442fc72f5L,
-        0xe856e0e7fbeacb3cL } },
-    /* 8 << 119 */
-    { { 0xb5504f9d918e4936L,0x65035ef6b2513982L,0x0553a0c26f4d9cb9L,
-        0x6cb10d56bea85509L },
-      { 0x48d957b7a242da11L,0x16a4d3dd672b7268L,0x3d7e637c8502a96bL,
-        0x27c7032b730d463bL } },
-    /* 9 << 119 */
-    { { 0xbdc02b18e4136a14L,0xbacf969d678e32bfL,0xc98d89a3dd9c3c03L,
-        0x7b92420a23becc4fL },
-      { 0xd4b41f78c64d565cL,0x9f969d0010f28295L,0xec7f7f76b13d051aL,
-        0x08945e1ea92da585L } },
-    /* 10 << 119 */
-    { { 0x55366b7d5846426fL,0xe7d09e89247d441dL,0x510b404d736fbf48L,
-        0x7fa003d0e784bd7dL },
-      { 0x25f7614f17fd9596L,0x49e0e0a135cb98dbL,0x2c65957b2e83a76aL,
-        0x5d40da8dcddbe0f8L } },
-    /* 11 << 119 */
-    { { 0xf2b8c405050bad24L,0x8918426dc2aa4823L,0x2aeab3dda38365a7L,
-        0x720317177c91b690L },
-      { 0x8b00d69960a94120L,0x478a255de99eaeecL,0xbf656a5f6f60aafdL,
-        0xdfd7cb755dee77b3L } },
-    /* 12 << 119 */
-    { { 0x37f68bb4a595939dL,0x0355647928740217L,0x8e740e7c84ad7612L,
-        0xd89bc8439044695fL },
-      { 0xf7f3da5d85a9184dL,0x562563bb9fc0b074L,0x06d2e6aaf88a888eL,
-        0x612d8643161fbe7cL } },
-    /* 13 << 119 */
-    { { 0x465edba7f64085e7L,0xb230f30429aa8511L,0x53388426cda2d188L,
-        0x908857354b666649L },
-      { 0x6f02ff9a652f54f6L,0x65c822945fae2bf0L,0x7816ade062f5eee3L,
-        0xdcdbdf43fcc56d70L } },
-    /* 14 << 119 */
-    { { 0x9fb3bba354530bb2L,0xbde3ef77cb0869eaL,0x89bc90460b431163L,
-        0x4d03d7d2e4819a35L },
-      { 0x33ae4f9e43b6a782L,0x216db3079c88a686L,0x91dd88e000ffedd9L,
-        0xb280da9f12bd4840L } },
-    /* 15 << 119 */
-    { { 0x32a7cb8a1635e741L,0xfe14008a78be02a7L,0x3fafb3341b7ae030L,
-        0x7fd508e75add0ce9L },
-      { 0x72c83219d607ad51L,0x0f229c0a8d40964aL,0x1be2c3361c878da2L,
-        0xe0c96742eab2ab86L } },
-    /* 16 << 119 */
-    { { 0x458f86913e538cd7L,0xa7001f6c8e08ad53L,0x52b8c6e6bf5d15ffL,
-        0x548234a4011215ddL },
-      { 0xff5a9d2d3d5b4045L,0xb0ffeeb64a904190L,0x55a3aca448607f8bL,
-        0x8cbd665c30a0672aL } },
-    /* 17 << 119 */
-    { { 0x87f834e042583068L,0x02da2aebf3f6e683L,0x6b763e5d05c12248L,
-        0x7230378f65a8aefcL },
-      { 0x93bd80b571e8e5caL,0x53ab041cb3b62524L,0x1b8605136c9c552eL,
-        0xe84d402cd5524e66L } },
-    /* 18 << 119 */
-    { { 0xa37f3573f37f5937L,0xeb0f6c7dd1e4fca5L,0x2965a554ac8ab0fcL,
-        0x17fbf56c274676acL },
-      { 0x2e2f6bd9acf7d720L,0x41fc8f8810224766L,0x517a14b385d53befL,
-        0xdae327a57d76a7d1L } },
-    /* 19 << 119 */
-    { { 0x6ad0a065c4818267L,0x33aa189b37c1bbc1L,0x64970b5227392a92L,
-        0x21699a1c2d1535eaL },
-      { 0xcd20779cc2d7a7fdL,0xe318605999c83cf2L,0x9b69440b72c0b8c7L,
-        0xa81497d77b9e0e4dL } },
-    /* 20 << 119 */
-    { { 0x515d5c891f5f82dcL,0x9a7f67d76361079eL,0xa8da81e311a35330L,
-        0xe44990c44b18be1bL },
-      { 0xc7d5ed95af103e59L,0xece8aba78dac9261L,0xbe82b0999394b8d3L,
-        0x6830f09a16adfe83L } },
-    /* 21 << 119 */
-    { { 0x250a29b488172d01L,0x8b20bd65caff9e02L,0xb8a7661ee8a6329aL,
-        0x4520304dd3fce920L },
-      { 0xae45da1f2b47f7efL,0xe07f52885bffc540L,0xf79970093464f874L,
-        0x2244c2cda6fa1f38L } },
-    /* 22 << 119 */
-    { { 0x43c41ac194d7d9b1L,0x5bafdd82c82e7f17L,0xdf0614c15fda0fcaL,
-        0x74b043a7a8ae37adL },
-      { 0x3ba6afa19e71734cL,0x15d5437e9c450f2eL,0x4a5883fe67e242b1L,
-        0x5143bdc22c1953c2L } },
-    /* 23 << 119 */
-    { { 0x542b8b53fc5e8920L,0x363bf9a89a9cee08L,0x02375f10c3486e08L,
-        0x2037543b8c5e70d2L },
-      { 0x7109bccc625640b4L,0xcbc1051e8bc62c3bL,0xf8455fed803f26eaL,
-        0x6badceabeb372424L } },
-    /* 24 << 119 */
-    { { 0xa2a9ce7c6b53f5f9L,0x642465951b176d99L,0xb1298d36b95c081bL,
-        0x53505bb81d9a9ee6L },
-      { 0x3f6f9e61f2ba70b0L,0xd07e16c98afad453L,0x9f1694bbe7eb4a6aL,
-        0xdfebced93cb0bc8eL } },
-    /* 25 << 119 */
-    { { 0x92d3dcdc53868c8bL,0x174311a2386107a6L,0x4109e07c689b4e64L,
-        0x30e4587f2df3dcb6L },
-      { 0x841aea310811b3b2L,0x6144d41d0cce43eaL,0x464c45812a9a7803L,
-        0xd03d371f3e158930L } },
-    /* 26 << 119 */
-    { { 0xc676d7f2b1f3390bL,0x9f7a1b8ca5b61272L,0x4ebebfc9c2e127a9L,
-        0x4602500c5dd997bfL },
-      { 0x7f09771c4711230fL,0x058eb37c020f09c1L,0xab693d4bfee5e38bL,
-        0x9289eb1f4653cbc0L } },
-    /* 27 << 119 */
-    { { 0xbecf46abd51b9cf5L,0xd2aa9c029f0121afL,0x36aaf7d2e90dc274L,
-        0x909e4ea048b95a3cL },
-      { 0xe6b704966f32dbdbL,0x672188a08b030b3eL,0xeeffe5b3cfb617e2L,
-        0x87e947de7c82709eL } },
-    /* 28 << 119 */
-    { { 0xa44d2b391770f5a7L,0xe4d4d7910e44eb82L,0x42e69d1e3f69712aL,
-        0xbf11c4d6ac6a820eL },
-      { 0xb5e7f3e542c4224cL,0xd6b4e81c449d941cL,0x5d72bd165450e878L,
-        0x6a61e28aee25ac54L } },
-    /* 29 << 119 */
-    { { 0x33272094e6f1cd95L,0x7512f30d0d18673fL,0x32f7a4ca5afc1464L,
-        0x2f0956566bbb977bL },
-      { 0x586f47caa8226200L,0x02c868ad1ac07369L,0x4ef2b845c613acbeL,
-        0x43d7563e0386054cL } },
-    /* 30 << 119 */
-    { { 0x54da9dc7ab952578L,0xb5423df226e84d0bL,0xa8b64eeb9b872042L,
-        0xac2057825990f6dfL },
-      { 0x4ff696eb21f4c77aL,0x1a79c3e4aab273afL,0x29bc922e9436b3f1L,
-        0xff807ef8d6d9a27aL } },
-    /* 31 << 119 */
-    { { 0x82acea3d778f22a0L,0xfb10b2e85b5e7469L,0xc0b169802818ee7dL,
-        0x011afff4c91c1a2fL },
-      { 0x95a6d126ad124418L,0x31c081a5e72e295fL,0x36bb283af2f4db75L,
-        0xd115540f7acef462L } },
-    /* 32 << 119 */
-    { { 0xc7f3a8f833f6746cL,0x21e46f65fea990caL,0x915fd5c5caddb0a9L,
-        0xbd41f01678614555L },
-      { 0x346f4434426ffb58L,0x8055943614dbc204L,0xf3dd20fe5a969b7fL,
-        0x9d59e956e899a39aL } },
-    /* 33 << 119 */
-    { { 0xf1b0971c8ad4cf4bL,0x034488602ffb8fb8L,0xf071ac3c65340ba4L,
-        0x408d0596b27fd758L },
-      { 0xe7c78ea498c364b0L,0xa4aac4a5051e8ab5L,0xb9e1d560485d9002L,
-        0x9acd518a88844455L } },
-    /* 34 << 119 */
-    { { 0xe4ca688fd06f56c0L,0xa48af70ddf027972L,0x691f0f045e9a609dL,
-        0xa9dd82cdee61270eL },
-      { 0x8903ca63a0ef18d3L,0x9fb7ee353d6ca3bdL,0xa7b4a09cabf47d03L,
-        0x4cdada011c67de8eL } },
-    /* 35 << 119 */
-    { { 0x520037499355a244L,0xe77fd2b64f2151a9L,0x695d6cf666b4efcbL,
-        0xc5a0cacfda2cfe25L },
-      { 0x104efe5cef811865L,0xf52813e89ea5cc3dL,0x855683dc40b58dbcL,
-        0x0338ecde175fcb11L } },
-    /* 36 << 119 */
-    { { 0xf9a0563774921592L,0xb4f1261db9bb9d31L,0x551429b74e9c5459L,
-        0xbe182e6f6ea71f53L },
-      { 0xd3a3b07cdfc50573L,0x9ba1afda62be8d44L,0x9bcfd2cb52ab65d3L,
-        0xdf11d547a9571802L } },
-    /* 37 << 119 */
-    { { 0x099403ee02a2404aL,0x497406f421088a71L,0x994794095004ae71L,
-        0xbdb42078a812c362L },
-      { 0x2b72a30fd8828442L,0x283add27fcb5ed1cL,0xf7c0e20066a40015L,
-        0x3e3be64108b295efL } },
-    /* 38 << 119 */
-    { { 0xac127dc1e038a675L,0x729deff38c5c6320L,0xb7df8fd4a90d2c53L,
-        0x9b74b0ec681e7cd3L },
-      { 0x5cb5a623dab407e5L,0xcdbd361576b340c6L,0xa184415a7d28392cL,
-        0xc184c1d8e96f7830L } },
-    /* 39 << 119 */
-    { { 0xc3204f1981d3a80fL,0xfde0c841c8e02432L,0x78203b3e8149e0c1L,
-        0x5904bdbb08053a73L },
-      { 0x30fc1dd1101b6805L,0x43c223bc49aa6d49L,0x9ed671417a174087L,
-        0x311469a0d5997008L } },
-    /* 40 << 119 */
-    { { 0xb189b6845e43fc61L,0xf3282375e0d3ab57L,0x4fa34b67b1181da8L,
-        0x621ed0b299ee52b8L },
-      { 0x9b178de1ad990676L,0xd51de67b56d54065L,0x2a2c27c47538c201L,
-        0x33856ec838a40f5cL } },
-    /* 41 << 119 */
-    { { 0x2522fc15be6cdcdeL,0x1e603f339f0c6f89L,0x7994edc3103e30a6L,
-        0x033a00db220c853eL },
-      { 0xd3cfa409f7bb7fd7L,0x70f8781e462d18f6L,0xbbd82980687fe295L,
-        0x6eef4c32595669f3L } },
-    /* 42 << 119 */
-    { { 0x86a9303b2f7e85c3L,0x5fce462171988f9bL,0x5b935bf6c138acb5L,
-        0x30ea7d6725661212L },
-      { 0xef1eb5f4e51ab9a2L,0x0587c98aae067c78L,0xb3ce1b3c77ca9ca6L,
-        0x2a553d4d54b5f057L } },
-    /* 43 << 119 */
-    { { 0xc78982364da29ec2L,0xdbdd5d13b9c57316L,0xc57d6e6b2cd80d47L,
-        0x80b460cffe9e7391L },
-      { 0x98648cabf963c31eL,0x67f9f633cc4d32fdL,0x0af42a9dfdf7c687L,
-        0x55f292a30b015ea7L } },
-    /* 44 << 119 */
-    { { 0x89e468b2cd21ab3dL,0xe504f022c393d392L,0xab21e1d4a5013af9L,
-        0xe3283f78c2c28acbL },
-      { 0xf38b35f6226bf99fL,0xe83542740e291e69L,0x61673a15b20c162dL,
-        0xc101dc75b04fbdbeL } },
-    /* 45 << 119 */
-    { { 0x8323b4c2255bd617L,0x6c9696936c2a9154L,0xc6e6586062679387L,
-        0x8e01db0cb8c88e23L },
-      { 0x33c42873893a5559L,0x7630f04b47a3e149L,0xb5d80805ddcf35f8L,
-        0x582ca08077dfe732L } },
-    /* 46 << 119 */
-    { { 0x2c7156e10b1894a0L,0x92034001d81c68c0L,0xed225d00c8b115b5L,
-        0x237f9c2283b907f2L },
-      { 0x0ea2f32f4470e2c0L,0xb725f7c158be4e95L,0x0f1dcafab1ae5463L,
-        0x59ed51871ba2fc04L } },
-    /* 47 << 119 */
-    { { 0xf6e0f316d0115d4dL,0x5180b12fd3691599L,0x157e32c9527f0a41L,
-        0x7b0b081da8e0ecc0L },
-      { 0x6dbaaa8abf4f0dd0L,0x99b289c74d252696L,0x79b7755edbf864feL,
-        0x6974e2b176cad3abL } },
-    /* 48 << 119 */
-    { { 0x35dbbee206ddd657L,0xe7cbdd112ff3a96dL,0x88381968076be758L,
-        0x2d737e7208c91f5dL },
-      { 0x5f83ab6286ec3776L,0x98aa649d945fa7a1L,0xf477ec3772ef0933L,
-        0x66f52b1e098c17b1L } },
-    /* 49 << 119 */
-    { { 0x9eec58fbd803738bL,0x91aaade7e4e86aa4L,0x6b1ae617a5b51492L,
-        0x63272121bbc45974L },
-      { 0x7e0e28f0862c5129L,0x0a8f79a93321a4a0L,0xe26d16645041c88fL,
-        0x0571b80553233e3aL } },
-    /* 50 << 119 */
-    { { 0xd1b0ccdec9520711L,0x55a9e4ed3c8b84bfL,0x9426bd39a1fef314L,
-        0x4f5f638e6eb93f2bL },
-      { 0xba2a1ed32bf9341bL,0xd63c13214d42d5a9L,0xd2964a89316dc7c5L,
-        0xd1759606ca511851L } },
-    /* 51 << 119 */
-    { { 0xd8a9201ff9e6ed35L,0xb7b5ee456736925aL,0x0a83fbbc99581af7L,
-        0x3076bc4064eeb051L },
-      { 0x5511c98c02dec312L,0x270de898238dcb78L,0x2cf4cf9c539c08c9L,
-        0xa70cb65e38d3b06eL } },
-    /* 52 << 119 */
-    { { 0xb12ec10ecfe57bbdL,0x82c7b65635a0c2b5L,0xddc7d5cd161c67bdL,
-        0xe32e8985ae3a32ccL },
-      { 0x7aba9444d11a5529L,0xe964ed022427fa1aL,0x1528392d24a1770aL,
-        0xa152ce2c12c72fcdL } },
-    /* 53 << 119 */
-    { { 0x714553a48ec07649L,0x18b4c290459dd453L,0xea32b7147b64b110L,
-        0xb871bfa52e6f07a2L },
-      { 0xb67112e59e2e3c9bL,0xfbf250e544aa90f6L,0xf77aedb8bd539006L,
-        0x3b0cdf9ad172a66fL } },
-    /* 54 << 119 */
-    { { 0xedf69feaf8c51187L,0x05bb67ec741e4da7L,0x47df0f3208114345L,
-        0x56facb07bb9792b1L },
-      { 0xf3e007e98f6229e4L,0x62d103f4526fba0fL,0x4f33bef7b0339d79L,
-        0x9841357bb59bfec1L } },
-    /* 55 << 119 */
-    { { 0xfa8dbb59c34e6705L,0xc3c7180b7fdaa84cL,0xf95872fca4108537L,
-        0x8750cc3b932a3e5aL },
-      { 0xb61cc69db7275d7dL,0xffa0168b2e59b2e9L,0xca032abc6ecbb493L,
-        0x1d86dbd32c9082d8L } },
-    /* 56 << 119 */
-    { { 0xae1e0b67e28ef5baL,0x2c9a4699cb18e169L,0x0ecd0e331e6bbd20L,
-        0x571b360eaf5e81d2L },
-      { 0xcd9fea58101c1d45L,0x6651788e18880452L,0xa99726351f8dd446L,
-        0x44bed022e37281d0L } },
-    /* 57 << 119 */
-    { { 0x094b2b2d33da525dL,0xf193678e13144fd8L,0xb8ab5ba4f4c1061dL,
-        0x4343b5fadccbe0f4L },
-      { 0xa870237163812713L,0x47bf6d2df7611d93L,0x46729b8cbd21e1d7L,
-        0x7484d4e0d629e77dL } },
-    /* 58 << 119 */
-    { { 0x830e6eea60dbac1fL,0x23d8c484da06a2f7L,0x896714b050ca535bL,
-        0xdc8d3644ebd97a9bL },
-      { 0x106ef9fab12177b4L,0xf79bf464534d5d9cL,0x2537a349a6ab360bL,
-        0xc7c54253a00c744fL } },
-    /* 59 << 119 */
-    { { 0xb3c7a047e5911a76L,0x61ffa5c8647f1ee7L,0x15aed36f8f56ab42L,
-        0x6a0d41b0a3ff9ac9L },
-      { 0x68f469f5cc30d357L,0xbe9adf816b72be96L,0x1cd926fe903ad461L,
-        0x7e89e38fcaca441bL } },
-    /* 60 << 119 */
-    { { 0xf0f82de5facf69d4L,0x363b7e764775344cL,0x6894f312b2e36d04L,
-        0x3c6cb4fe11d1c9a5L },
-      { 0x85d9c3394008e1f2L,0x5e9a85ea249f326cL,0xdc35c60a678c5e06L,
-        0xc08b944f9f86fba9L } },
-    /* 61 << 119 */
-    { { 0xde40c02c89f71f0fL,0xad8f3e31ff3da3c0L,0x3ea5096b42125dedL,
-        0x13879cbfa7379183L },
-      { 0x6f4714a56b306a0bL,0x359c2ea667646c5eL,0xfacf894307726368L,
-        0x07a5893565ff431eL } },
-    /* 62 << 119 */
-    { { 0x24d661d168754ab0L,0x801fce1d6f429a76L,0xc068a85fa58ce769L,
-        0xedc35c545d5eca2bL },
-      { 0xea31276fa3f660d1L,0xa0184ebeb8fc7167L,0x0f20f21a1d8db0aeL,
-        0xd96d095f56c35e12L } },
-    /* 63 << 119 */
-    { { 0xedf402b5f8c2a25bL,0x1bb772b9059204b6L,0x50cbeae219b4e34cL,
-        0x93109d803fa0845aL },
-      { 0x54f7ccf78ef59fb5L,0x3b438fe288070963L,0x9e28c65931f3ba9bL,
-        0x9cc31b46ead9da92L } },
-    /* 64 << 119 */
-    { { 0x3c2f0ba9b733aa5fL,0xdece47cbf05af235L,0xf8e3f715a2ac82a5L,
-        0xc97ba6412203f18aL },
-      { 0xc3af550409c11060L,0x56ea2c0546af512dL,0xfac28daff3f28146L,
-        0x87fab43a959ef494L } },
-    /* 0 << 126 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 126 */
-    { { 0x09891641d4c5105fL,0x1ae80f8e6d7fbd65L,0x9d67225fbee6bdb0L,
-        0x3b433b597fc4d860L },
-      { 0x44e66db693e85638L,0xf7b59252e3e9862fL,0xdb785157665c32ecL,
-        0x702fefd7ae362f50L } },
-    /* 2 << 126 */
-    { { 0x3754475d0fefb0c3L,0xd48fb56b46d7c35dL,0xa070b633363798a4L,
-        0xae89f3d28fdb98e6L },
-      { 0x970b89c86363d14cL,0x8981752167abd27dL,0x9bf7d47444d5a021L,
-        0xb3083bafcac72aeeL } },
-    /* 3 << 126 */
-    { { 0x389741debe949a44L,0x638e9388546a4fa5L,0x3fe6419ca0047bdcL,
-        0x7047f648aaea57caL },
-      { 0x54e48a9041fbab17L,0xda8e0b28576bdba2L,0xe807eebcc72afddcL,
-        0x07d3336df42577bfL } },
-    /* 4 << 126 */
-    { { 0x62a8c244bfe20925L,0x91c19ac38fdce867L,0x5a96a5d5dd387063L,
-        0x61d587d421d324f6L },
-      { 0xe87673a2a37173eaL,0x2384800853778b65L,0x10f8441e05bab43eL,
-        0xfa11fe124621efbeL } },
-    /* 5 << 126 */
-    { { 0x047b772e81685d7bL,0x23f27d81bf34a976L,0xc27608e2915f48efL,
-        0x3b0b43faa521d5c3L },
-      { 0x7613fb2663ca7284L,0x7f5729b41d4db837L,0x87b14898583b526bL,
-        0x00b732a6bbadd3d1L } },
-    /* 6 << 126 */
-    { { 0x8e02f4262048e396L,0x436b50b6383d9de4L,0xf78d3481471e85adL,
-        0x8b01ea6ad005c8d6L },
-      { 0xd3c7afee97015c07L,0x46cdf1a94e3ba2aeL,0x7a42e50183d3a1d2L,
-        0xd54b5268b541dff4L } },
-    /* 7 << 126 */
-    { { 0x3f24cf304e23e9bcL,0x4387f816126e3624L,0x26a46a033b0b6d61L,
-        0xaf1bc8458b2d777cL },
-      { 0x25c401ba527de79cL,0x0e1346d44261bbb6L,0x4b96c44b287b4bc7L,
-        0x658493c75254562fL } },
-    /* 8 << 126 */
-    { { 0x23f949feb8a24a20L,0x17ebfed1f52ca53fL,0x9b691bbebcfb4853L,
-        0x5617ff6b6278a05dL },
-      { 0x241b34c5e3c99ebdL,0xfc64242e1784156aL,0x4206482f695d67dfL,
-        0xb967ce0eee27c011L } },
-    /* 9 << 126 */
-    { { 0x65db375121c80b5dL,0x2e7a563ca31ecca0L,0xe56ffc4e5238a07eL,
-        0x3d6c296632ced854L },
-      { 0xe99d7d1aaf70b885L,0xafc3bad92d686459L,0x9c78bf460cc8ba5bL,
-        0x5a43951918955aa3L } },
-    /* 10 << 126 */
-    { { 0xf8b517a85fe4e314L,0xe60234d0fcb8906fL,0xffe542acf2061b23L,
-        0x287e191f6b4cb59cL },
-      { 0x21857ddc09d877d8L,0x1c23478c14678941L,0xbbf0c056b6e05ea4L,
-        0x82da4b53b01594feL } },
-    /* 11 << 126 */
-    { { 0xf7526791fadb8608L,0x049e832d7b74cdf6L,0xa43581ccc2b90a34L,
-        0x73639eb89360b10cL },
-      { 0x4fba331fe1e4a71bL,0x6ffd6b938072f919L,0x6e53271c65679032L,
-        0x67206444f14272ceL } },
-    /* 12 << 126 */
-    { { 0xc0f734a3b2335834L,0x9526205a90ef6860L,0xcb8be71704e2bb0dL,
-        0x2418871e02f383faL },
-      { 0xd71776814082c157L,0xcc914ad029c20073L,0xf186c1ebe587e728L,
-        0x6fdb3c2261bcd5fdL } },
-    /* 13 << 126 */
-    { { 0x30d014a6f2f9f8e9L,0x963ece234fec49d2L,0x862025c59605a8d9L,
-        0x3987444519f8929aL },
-      { 0x01b6ff6512bf476aL,0x598a64d809cf7d91L,0xd7ec774993be56caL,
-        0x10899785cbb33615L } },
-    /* 14 << 126 */
-    { { 0xb8a092fd02eee3adL,0xa86b3d3530145270L,0x323d98c68512b675L,
-        0x4b8bc78562ebb40fL },
-      { 0x7d301f54413f9cdeL,0xa5e4fb4f2bab5664L,0x1d2b252d1cbfec23L,
-        0xfcd576bbe177120dL } },
-    /* 15 << 126 */
-    { { 0x04427d3e83731a34L,0x2bb9028eed836e8eL,0xb36acff8b612ca7cL,
-        0xb88fe5efd3d9c73aL },
-      { 0xbe2a6bc6edea4eb3L,0x43b93133488eec77L,0xf41ff566b17106e1L,
-        0x469e9172654efa32L } },
-    /* 16 << 126 */
-    { { 0xb4480f0441c23fa3L,0xb4712eb0c1989a2eL,0x3ccbba0f93a29ca7L,
-        0x6e205c14d619428cL },
-      { 0x90db7957b3641686L,0x0432691d45ac8b4eL,0x07a759acf64e0350L,
-        0x0514d89c9c972517L } },
-    /* 17 << 126 */
-    { { 0x1701147fa8e67fc3L,0x9e2e0b8bab2085beL,0xd5651824ac284e57L,
-        0x890d432574893664L },
-      { 0x8a7c5e6ec55e68a3L,0xbf12e90b4339c85aL,0x31846b85f922b655L,
-        0x9a54ce4d0bf4d700L } },
-    /* 18 << 126 */
-    { { 0xd7f4e83af1a14295L,0x916f955cb285d4f9L,0xe57bb0e099ffdabaL,
-        0x28a43034eab0d152L },
-      { 0x0a36ffa2b8a9cef8L,0x5517407eb9ec051aL,0x9c796096ea68e672L,
-        0x853db5fbfb3c77fbL } },
-    /* 19 << 126 */
-    { { 0x21474ba9e864a51aL,0x6c2676996e8a1b8bL,0x7c82362694120a28L,
-        0xe61e9a488383a5dbL },
-      { 0x7dd750039f84216dL,0xab020d07ad43cd85L,0x9437ae48da12c659L,
-        0x6449c2ebe65452adL } },
-    /* 20 << 126 */
-    { { 0xcc7c4c1c2cf9d7c1L,0x1320886aee95e5abL,0xbb7b9056beae170cL,
-        0xc8a5b250dbc0d662L },
-      { 0x4ed81432c11d2303L,0x7da669121f03769fL,0x3ac7a5fd84539828L,
-        0x14dada943bccdd02L } },
-    /* 21 << 126 */
-    { { 0x8b84c3217ef6b0d1L,0x52a9477a7c933f22L,0x5ef6728afd440b82L,
-        0x5c3bd8596ce4bd5eL },
-      { 0x918b80f5f22c2d3eL,0x368d5040b7bb6cc5L,0xb66142a12695a11cL,
-        0x60ac583aeb19ea70L } },
-    /* 22 << 126 */
-    { { 0x317cbb980eab2437L,0x8cc08c555e2654c8L,0xfe2d6520e6d8307fL,
-        0xe9f147f357428993L },
-      { 0x5f9c7d14d2fd6cf1L,0xa3ecd0642d4fcbb0L,0xad83fef08e7341f7L,
-        0x643f23a03a63115cL } },
-    /* 23 << 126 */
-    { { 0xd38a78abe65ab743L,0xbf7c75b135edc89cL,0x3dd8752e530df568L,
-        0xf85c4a76e308c682L },
-      { 0x4c9955b2e68acf37L,0xa544df3dab32af85L,0x4b8ec3f5a25cf493L,
-        0x4d8f27641a622febL } },
-    /* 24 << 126 */
-    { { 0x7bb4f7aaf0dcbc49L,0x7de551f970bbb45bL,0xcfd0f3e49f2ca2e5L,
-        0xece587091f5c76efL },
-      { 0x32920edd167d79aeL,0x039df8a2fa7d7ec1L,0xf46206c0bb30af91L,
-        0x1ff5e2f522676b59L } },
-    /* 25 << 126 */
-    { { 0x11f4a0396ea51d66L,0x506c1445807d7a26L,0x60da5705755a9b24L,
-        0x8fc8cc321f1a319eL },
-      { 0x83642d4d9433d67dL,0x7fa5cb8f6a7dd296L,0x576591db9b7bde07L,
-        0x13173d25419716fbL } },
-    /* 26 << 126 */
-    { { 0xea30599dd5b340ffL,0xfc6b5297b0fe76c5L,0x1c6968c8ab8f5adcL,
-        0xf723c7f5901c928dL },
-      { 0x4203c3219773d402L,0xdf7c6aa31b51dd47L,0x3d49e37a552be23cL,
-        0x57febee80b5a6e87L } },
-    /* 27 << 126 */
-    { { 0xc5ecbee47bd8e739L,0x79d44994ae63bf75L,0x168bd00f38fb8923L,
-        0x75d48ee4d0533130L },
-      { 0x554f77aadb5cdf33L,0x3396e8963c696769L,0x2fdddbf2d3fd674eL,
-        0xbbb8f6ee99d0e3e5L } },
-    /* 28 << 126 */
-    { { 0x51b90651cbae2f70L,0xefc4bc0593aaa8ebL,0x8ecd8689dd1df499L,
-        0x1aee99a822f367a5L },
-      { 0x95d485b9ae8274c5L,0x6c14d4457d30b39cL,0xbafea90bbcc1ef81L,
-        0x7c5f317aa459a2edL } },
-    /* 29 << 126 */
-    { { 0x012110754ef44227L,0xa17bed6edc20f496L,0x0cdfe424819853cdL,
-        0x13793298f71e2ce7L },
-      { 0x3c1f3078dbbe307bL,0x6dd1c20e76ee9936L,0x23ee4b57423caa20L,
-        0x4ac3793b8efb840eL } },
-    /* 30 << 126 */
-    { { 0x934438ebed1f8ca0L,0x3e5466584ebb25a2L,0xc415af0ec069896fL,
-        0xc13eddb09a5aa43dL },
-      { 0x7a04204fd49eb8f6L,0xd0d5bdfcd74f1670L,0x3697e28656fc0558L,
-        0x1020737101cebadeL } },
-    /* 31 << 126 */
-    { { 0x5f87e6900647a82bL,0x908e0ed48f40054fL,0xa9f633d479853803L,
-        0x8ed13c9a4a28b252L },
-      { 0x3e2ef6761f460f64L,0x53930b9b36d06336L,0x347073ac8fc4979bL,
-        0x84380e0e5ecd5597L } },
-    /* 32 << 126 */
-    { { 0xe3b22c6bc4fe3c39L,0xba4a81536c7bebdfL,0xf23ab6b725693459L,
-        0x53bc377014922b11L },
-      { 0x4645c8ab5afc60dbL,0xaa02235520b9f2a3L,0x52a2954cce0fc507L,
-        0x8c2731bb7ce1c2e7L } },
-    /* 33 << 126 */
-    { { 0xf39608ab18a0339dL,0xac7a658d3735436cL,0xb22c2b07cd992b4fL,
-        0x4e83daecf40dcfd4L },
-      { 0x8a34c7be2f39ea3eL,0xef0c005fb0a56d2eL,0x62731f6a6edd8038L,
-        0x5721d7404e3cb075L } },
-    /* 34 << 126 */
-    { { 0x1ea41511fbeeee1bL,0xd1ef5e73ef1d0c05L,0x42feefd173c07d35L,
-        0xe530a00a8a329493L },
-      { 0x5d55b7fef15ebfb0L,0x549de03cd322491aL,0xf7b5f602745b3237L,
-        0x3632a3a21ab6e2b6L } },
-    /* 35 << 126 */
-    { { 0x0d3bba890ef59f78L,0x0dfc6443c9e52b9aL,0x1dc7969972631447L,
-        0xef033917b3be20b1L },
-      { 0x0c92735db1383948L,0xc1fc29a2c0dd7d7dL,0x6485b697403ed068L,
-        0x13bfaab3aac93bdcL } },
-    /* 36 << 126 */
-    { { 0x410dc6a90deeaf52L,0xb003fb024c641c15L,0x1384978c5bc504c4L,
-        0x37640487864a6a77L },
-      { 0x05991bc6222a77daL,0x62260a575e47eb11L,0xc7af6613f21b432cL,
-        0x22f3acc9ab4953e9L } },
-    /* 37 << 126 */
-    { { 0x529349228e41d155L,0x4d0245683ac059efL,0xb02017554d884411L,
-        0xce8055cfa59a178fL },
-      { 0xcd77d1aff6204549L,0xa0a00a3ec7066759L,0x471071ef0272c229L,
-        0x009bcf6bd3c4b6b0L } },
-    /* 38 << 126 */
-    { { 0x2a2638a822305177L,0xd51d59df41645bbfL,0xa81142fdc0a7a3c0L,
-        0xa17eca6d4c7063eeL },
-      { 0x0bb887ed60d9dcecL,0xd6d28e5120ad2455L,0xebed6308a67102baL,
-        0x042c31148bffa408L } },
-    /* 39 << 126 */
-    { { 0xfd099ac58aa68e30L,0x7a6a3d7c1483513eL,0xffcc6b75ba2d8f0cL,
-        0x54dacf961e78b954L },
-      { 0xf645696fa4a9af89L,0x3a41194006ac98ecL,0x41b8b3f622a67a20L,
-        0x2d0b1e0f99dec626L } },
-    /* 40 << 126 */
-    { { 0x27c8919240be34e8L,0xc7162b3791907f35L,0x90188ec1a956702bL,
-        0xca132f7ddf93769cL },
-      { 0x3ece44f90e2025b4L,0x67aaec690c62f14cL,0xad74141822e3cc11L,
-        0xcf9b75c37ff9a50eL } },
-    /* 41 << 126 */
-    { { 0x02fa2b164d348272L,0xbd99d61a9959d56dL,0xbc4f19db18762916L,
-        0xcc7cce5049c1ac80L },
-      { 0x4d59ebaad846bd83L,0x8775a9dca9202849L,0x07ec4ae16e1f4ca9L,
-        0x27eb5875ba893f11L } },
-    /* 42 << 126 */
-    { { 0x00284d51662cc565L,0x82353a6b0db4138dL,0xd9c7aaaaaa32a594L,
-        0xf5528b5ea5669c47L },
-      { 0xf32202312f23c5ffL,0xe3e8147a6affa3a1L,0xfb423d5c202ddda0L,
-        0x3d6414ac6b871bd4L } },
-    /* 43 << 126 */
-    { { 0x586f82e1a51a168aL,0xb712c67148ae5448L,0x9a2e4bd176233eb8L,
-        0x0188223a78811ca9L },
-      { 0x553c5e21f7c18de1L,0x7682e451b27bb286L,0x3ed036b30e51e929L,
-        0xf487211bec9cb34fL } },
-    /* 44 << 126 */
-    { { 0x0d0942770c24efc8L,0x0349fd04bef737a4L,0x6d1c9dd2514cdd28L,
-        0x29c135ff30da9521L },
-      { 0xea6e4508f78b0b6fL,0x176f5dd2678c143cL,0x081484184be21e65L,
-        0x27f7525ce7df38c4L } },
-    /* 45 << 126 */
-    { { 0x1fb70e09748ab1a4L,0x9cba50a05efe4433L,0x7846c7a615f75af2L,
-        0x2a7c2c575ee73ea8L },
-      { 0x42e566a43f0a449aL,0x45474c3bad90fc3dL,0x7447be3d8b61d057L,
-        0x3e9d1cf13a4ec092L } },
-    /* 46 << 126 */
-    { { 0x1603e453f380a6e6L,0x0b86e4319b1437c2L,0x7a4173f2ef29610aL,
-        0x8fa729a7f03d57f7L },
-      { 0x3e186f6e6c9c217eL,0xbe1d307991919524L,0x92a62a70153d4fb1L,
-        0x32ed3e34d68c2f71L } },
-    /* 47 << 126 */
-    { { 0xd785027f9eb1a8b7L,0xbc37eb77c5b22fe8L,0x466b34f0b9d6a191L,
-        0x008a89af9a05f816L },
-      { 0x19b028fb7d42c10aL,0x7fe8c92f49b3f6b8L,0x58907cc0a5a0ade3L,
-        0xb3154f51559d1a7cL } },
-    /* 48 << 126 */
-    { { 0x5066efb6d9790ed6L,0xa77a0cbca6aa793bL,0x1a915f3c223e042eL,
-        0x1c5def0469c5874bL },
-      { 0x0e83007873b6c1daL,0x55cf85d2fcd8557aL,0x0f7c7c760460f3b1L,
-        0x87052acb46e58063L } },
-    /* 49 << 126 */
-    { { 0x09212b80907eae66L,0x3cb068e04d721c89L,0xa87941aedd45ac1cL,
-        0xde8d5c0d0daa0dbbL },
-      { 0xda421fdce3502e6eL,0xc89442014d89a084L,0x7307ba5ef0c24bfbL,
-        0xda212beb20bde0efL } },
-    /* 50 << 126 */
-    { { 0xea2da24bf82ce682L,0x058d381607f71fe4L,0x35a024625ffad8deL,
-        0xcd7b05dcaadcefabL },
-      { 0xd442f8ed1d9f54ecL,0x8be3d618b2d3b5caL,0xe2220ed0e06b2ce2L,
-        0x82699a5f1b0da4c0L } },
-    /* 51 << 126 */
-    { { 0x3ff106f571c0c3a7L,0x8f580f5a0d34180cL,0x4ebb120e22d7d375L,
-        0x5e5782cce9513675L },
-      { 0x2275580c99c82a70L,0xe8359fbf15ea8c4cL,0x53b48db87b415e70L,
-        0xaacf2240100c6014L } },
-    /* 52 << 126 */
-    { { 0x9faaccf5e4652f1dL,0xbd6fdd2ad56157b2L,0xa4f4fb1f6261ec50L,
-        0x244e55ad476bcd52L },
-      { 0x881c9305047d320bL,0x1ca983d56181263fL,0x354e9a44278fb8eeL,
-        0xad2dbc0f396e4964L } },
-    /* 53 << 126 */
-    { { 0x723f3aa29268b3deL,0x0d1ca29ae6e0609aL,0x794866aa6cf44252L,
-        0x0b59f3e301af87edL },
-      { 0xe234e5ff7f4a6c51L,0xa8768fd261dc2f7eL,0xdafc73320a94d81fL,
-        0xd7f8428206938ce1L } },
-    /* 54 << 126 */
-    { { 0xae0b3c0e0546063eL,0x7fbadcb25d61abc6L,0xd5d7a2c9369ac400L,
-        0xa5978d09ae67d10cL },
-      { 0x290f211e4f85eaacL,0xe61e2ad1facac681L,0xae125225388384cdL,
-        0xa7fb68e9ccfde30fL } },
-    /* 55 << 126 */
-    { { 0x7a59b9363daed4c2L,0x80a9aa402606f789L,0xb40c1ea5f6a6d90aL,
-        0x948364d3514d5885L },
-      { 0x062ebc6070985182L,0xa6db5b0e33310895L,0x64a12175e329c2f5L,
-        0xc5f25bd290ea237eL } },
-    /* 56 << 126 */
-    { { 0x7915c5242d0a4c23L,0xeb5d26e46bb3cc52L,0x369a9116c09e2c92L,
-        0x0c527f92cf182cf8L },
-      { 0x9e5919382aede0acL,0xb29222086cc34939L,0x3c9d896299a34361L,
-        0x3c81836dc1905fe6L } },
-    /* 57 << 126 */
-    { { 0x4bfeb57fa001ec5aL,0xe993f5bba0dc5dbaL,0x47884109724a1380L,
-        0x8a0369ab32fe9a04L },
-      { 0xea068d608c927db8L,0xbf5f37cf94655741L,0x47d402a204b6c7eaL,
-        0x4551c2956af259cbL } },
-    /* 58 << 126 */
-    { { 0x698b71e7ed77ee8bL,0xbddf7bd0f309d5c7L,0x6201c22c34e780caL,
-        0xab04f7d84c295ef4L },
-      { 0x1c9472944313a8ceL,0xe532e4ac92ca4cfeL,0x89738f80d0a7a97aL,
-        0xec088c88a580fd5bL } },
-    /* 59 << 126 */
-    { { 0x612b1ecc42ce9e51L,0x8f9840fdb25fdd2aL,0x3cda78c001e7f839L,
-        0x546b3d3aece05480L },
-      { 0x271719a980d30916L,0x45497107584c20c4L,0xaf8f94785bc78608L,
-        0x28c7d484277e2a4cL } },
-    /* 60 << 126 */
-    { { 0xfce0176788a2ffe4L,0xdc506a3528e169a5L,0x0ea108617af9c93aL,
-        0x1ed2436103fa0e08L },
-      { 0x96eaaa92a3d694e7L,0xc0f43b4def50bc74L,0xce6aa58c64114db4L,
-        0x8218e8ea7c000fd4L } },
-    /* 61 << 126 */
-    { { 0xac815dfb185f8844L,0xcd7e90cb1557abfbL,0x23d16655afbfecdfL,
-        0x80f3271f085cac4aL },
-      { 0x7fc39aa7d0e62f47L,0x88d519d1460a48e5L,0x59559ac4d28f101eL,
-        0x7981d9e9ca9ae816L } },
-    /* 62 << 126 */
-    { { 0x5c38652c9ac38203L,0x86eaf87f57657fe5L,0x568fc472e21f5416L,
-        0x2afff39ce7e597b5L },
-      { 0x3adbbb07256d4eabL,0x225986928285ab89L,0x35f8112a041caefeL,
-        0x95df02e3a5064c8bL } },
-    /* 63 << 126 */
-    { { 0x4d63356ec7004bf3L,0x230a08f4db83c7deL,0xca27b2708709a7b7L,
-        0x0d1c4cc4cb9abd2dL },
-      { 0x8a0bc66e7550fee8L,0x369cd4c79cf7247eL,0x75562e8492b5b7e7L,
-        0x8fed0da05802af7bL } },
-    /* 64 << 126 */
-    { { 0x6a7091c2e48fb889L,0x26882c137b8a9d06L,0xa24986631b82a0e2L,
-        0x844ed7363518152dL },
-      { 0x282f476fd86e27c7L,0xa04edaca04afefdcL,0x8b256ebc6119e34dL,
-        0x56a413e90787d78bL } },
-    /* 0 << 133 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 133 */
-    { { 0x82ee061d5a74be50L,0xe41781c4dea16ff5L,0xe0b0c81e99bfc8a2L,
-        0x624f4d690b547e2dL },
-      { 0x3a83545dbdcc9ae4L,0x2573dbb6409b1e8eL,0x482960c4a6c93539L,
-        0xf01059ad5ae18798L } },
-    /* 2 << 133 */
-    { { 0x715c9f973112795fL,0xe8244437984e6ee1L,0x55cb4858ecb66bcdL,
-        0x7c136735abaffbeeL },
-      { 0x546615955dbec38eL,0x51c0782c388ad153L,0x9ba4c53ac6e0952fL,
-        0x27e6782a1b21dfa8L } },
-    /* 3 << 133 */
-    { { 0x682f903d4ed2dbc2L,0x0eba59c87c3b2d83L,0x8e9dc84d9c7e9335L,
-        0x5f9b21b00eb226d7L },
-      { 0xe33bd394af267baeL,0xaa86cc25be2e15aeL,0x4f0bf67d6a8ec500L,
-        0x5846aa44f9630658L } },
-    /* 4 << 133 */
-    { { 0xfeb09740e2c2bf15L,0x627a2205a9e99704L,0xec8d73d0c2fbc565L,
-        0x223eed8fc20c8de8L },
-      { 0x1ee32583a8363b49L,0x1a0b6cb9c9c2b0a6L,0x49f7c3d290dbc85cL,
-        0xa8dfbb971ef4c1acL } },
-    /* 5 << 133 */
-    { { 0xafb34d4c65c7c2abL,0x1d4610e7e2c5ea84L,0x893f6d1b973c4ab5L,
-        0xa3cdd7e9945ba5c4L },
-      { 0x60514983064417eeL,0x1459b23cad6bdf2bL,0x23b2c3415cf726c3L,
-        0x3a82963532d6354aL } },
-    /* 6 << 133 */
-    { { 0x294f901fab192c18L,0xec5fcbfe7030164fL,0xe2e2fcb7e2246ba6L,
-        0x1e7c88b3221a1a0cL },
-      { 0x72c7dd93c92d88c5L,0x41c2148e1106fb59L,0x547dd4f5a0f60f14L,
-        0xed9b52b263960f31L } },
-    /* 7 << 133 */
-    { { 0x6c8349ebb0a5b358L,0xb154c5c29e7e2ed6L,0xcad5eccfeda462dbL,
-        0xf2d6dbe42de66b69L },
-      { 0x426aedf38665e5b2L,0x488a85137b7f5723L,0x15cc43b38bcbb386L,
-        0x27ad0af3d791d879L } },
-    /* 8 << 133 */
-    { { 0xc16c236e846e364fL,0x7f33527cdea50ca0L,0xc48107750926b86dL,
-        0x6c2a36090598e70cL },
-      { 0xa6755e52f024e924L,0xe0fa07a49db4afcaL,0x15c3ce7d66831790L,
-        0x5b4ef350a6cbb0d6L } },
-    /* 9 << 133 */
-    { { 0x2c4aafc4b6205969L,0x42563f02f6c7854fL,0x016aced51d983b48L,
-        0xfeb356d899949755L },
-      { 0x8c2a2c81d1a39bd7L,0x8f44340fe6934ae9L,0x148cf91c447904daL,
-        0x7340185f0f51a926L } },
-    /* 10 << 133 */
-    { { 0x2f8f00fb7409ab46L,0x057e78e680e289b2L,0x03e5022ca888e5d1L,
-        0x3c87111a9dede4e2L },
-      { 0x5b9b0e1c7809460bL,0xe751c85271c9abc7L,0x8b944e28c7cc1dc9L,
-        0x4f201ffa1d3cfa08L } },
-    /* 11 << 133 */
-    { { 0x02fc905c3e6721ceL,0xd52d70dad0b3674cL,0x5dc2e5ca18810da4L,
-        0xa984b2735c69dd99L },
-      { 0x63b9252784de5ca4L,0x2f1c9872c852dec4L,0x18b03593c2e3de09L,
-        0x19d70b019813dc2fL } },
-    /* 12 << 133 */
-    { { 0x42806b2da6dc1d29L,0xd3030009f871e144L,0xa1feb333aaf49276L,
-        0xb5583b9ec70bc04bL },
-      { 0x1db0be7895695f20L,0xfc84181189d012b5L,0x6409f27205f61643L,
-        0x40d34174d5883128L } },
-    /* 13 << 133 */
-    { { 0xd79196f567419833L,0x6059e252863b7b08L,0x84da18171c56700cL,
-        0x5758ee56b28d3ec4L },
-      { 0x7da2771d013b0ea6L,0xfddf524b54c5e9b9L,0x7df4faf824305d80L,
-        0x58f5c1bf3a97763fL } },
-    /* 14 << 133 */
-    { { 0xa5af37f17c696042L,0xd4cba22c4a2538deL,0x211cb9959ea42600L,
-        0xcd105f417b069889L },
-      { 0xb1e1cf19ddb81e74L,0x472f2d895157b8caL,0x086fb008ee9db885L,
-        0x365cd5700f26d131L } },
-    /* 15 << 133 */
-    { { 0x284b02bba2be7053L,0xdcbbf7c67ab9a6d6L,0x4425559c20f7a530L,
-        0x961f2dfa188767c8L },
-      { 0xe2fd943570dc80c4L,0x104d6b63f0784120L,0x7f592bc153567122L,
-        0xf6bc1246f688ad77L } },
-    /* 16 << 133 */
-    { { 0x05214c050f15dde9L,0xa47a76a80d5f2b82L,0xbb254d3062e82b62L,
-        0x11a05fe03ec955eeL },
-      { 0x7eaff46e9d529b36L,0x55ab13018f9e3df6L,0xc463e37199317698L,
-        0xfd251438ccda47adL } },
-    /* 17 << 133 */
-    { { 0xca9c354723d695eaL,0x48ce626e16e589b5L,0x6b5b64c7b187d086L,
-        0xd02e1794b2207948L },
-      { 0x8b58e98f7198111dL,0x90ca6305dcf9c3ccL,0x5691fe72f34089b0L,
-        0x60941af1fc7c80ffL } },
-    /* 18 << 133 */
-    { { 0xa09bc0a222eb51e5L,0xc0bb7244aa9cf09aL,0x36a8077f80159f06L,
-        0x8b5c989edddc560eL },
-      { 0x19d2f316512e1f43L,0x02eac554ad08ff62L,0x012ab84c07d20b4eL,
-        0x37d1e115d6d4e4e1L } },
-    /* 19 << 133 */
-    { { 0xb6443e1aab7b19a8L,0xf08d067edef8cd45L,0x63adf3e9685e03daL,
-        0xcf15a10e4792b916L },
-      { 0xf44bcce5b738a425L,0xebe131d59636b2fdL,0x940688417850d605L,
-        0x09684eaab40d749dL } },
-    /* 20 << 133 */
-    { { 0x8c3c669c72ba075bL,0x89f78b55ba469015L,0x5706aade3e9f8ba8L,
-        0x6d8bd565b32d7ed7L },
-      { 0x25f4e63b805f08d6L,0x7f48200dc3bcc1b5L,0x4e801968b025d847L,
-        0x74afac0487cbe0a8L } },
-    /* 21 << 133 */
-    { { 0x43ed2c2b7e63d690L,0xefb6bbf00223cdb8L,0x4fec3cae2884d3feL,
-        0x065ecce6d75e25a4L },
-      { 0x6c2294ce69f79071L,0x0d9a8e5f044b8666L,0x5009f23817b69d8fL,
-        0x3c29f8fec5dfdaf7L } },
-    /* 22 << 133 */
-    { { 0x9067528febae68c4L,0x5b38563230c5ba21L,0x540df1191fdd1aecL,
-        0xcf37825bcfba4c78L },
-      { 0x77eff980beb11454L,0x40a1a99160c1b066L,0xe8018980f889a1c7L,
-        0xb9c52ae976c24be0L } },
-    /* 23 << 133 */
-    { { 0x05fbbcce45650ef4L,0xae000f108aa29ac7L,0x884b71724f04c470L,
-        0x7cd4fde219bb5c25L },
-      { 0x6477b22ae8840869L,0xa88688595fbd0686L,0xf23cc02e1116dfbaL,
-        0x76cd563fd87d7776L } },
-    /* 24 << 133 */
-    { { 0xe2a37598a9d82abfL,0x5f188ccbe6c170f5L,0x816822005066b087L,
-        0xda22c212c7155adaL },
-      { 0x151e5d3afbddb479L,0x4b606b846d715b99L,0x4a73b54bf997cb2eL,
-        0x9a1bfe433ecd8b66L } },
-    /* 25 << 133 */
-    { { 0x1c3128092a67d48aL,0xcd6a671e031fa9e2L,0xbec3312a0e43a34aL,
-        0x1d93563955ef47d3L },
-      { 0x5ea024898fea73eaL,0x8247b364a035afb2L,0xb58300a65265b54cL,
-        0x3286662f722c7148L } },
-    /* 26 << 133 */
-    { { 0xb77fd76bb4ec4c20L,0xf0a12fa70f3fe3fdL,0xf845bbf541d8c7e8L,
-        0xe4d969ca5ec10aa8L },
-      { 0x4c0053b743e232a3L,0xdc7a3fac37f8a45aL,0x3c4261c520d81c8fL,
-        0xfd4b3453b00eab00L } },
-    /* 27 << 133 */
-    { { 0x76d48f86d36e3062L,0x626c5277a143ff02L,0x538174deaf76f42eL,
-        0x2267aa866407ceacL },
-      { 0xfad7635172e572d5L,0xab861af7ba7330ebL,0xa0a1c8c7418d8657L,
-        0x988821cb20289a52L } },
-    /* 28 << 133 */
-    { { 0x79732522cccc18adL,0xaadf3f8df1a6e027L,0xf7382c9317c2354dL,
-        0x5ce1680cd818b689L },
-      { 0x359ebbfcd9ecbee9L,0x4330689c1cae62acL,0xb55ce5b4c51ac38aL,
-        0x7921dfeafe238ee8L } },
-    /* 29 << 133 */
-    { { 0x3972bef8271d1ca5L,0x3e423bc7e8aabd18L,0x57b09f3f44a3e5e3L,
-        0x5da886ae7b444d66L },
-      { 0x68206634a9964375L,0x356a2fa3699cd0ffL,0xaf0faa24dba515e9L,
-        0x536e1f5cb321d79aL } },
-    /* 30 << 133 */
-    { { 0xd3b9913a5c04e4eaL,0xd549dcfed6f11513L,0xee227bf579fd1d94L,
-        0x9f35afeeb43f2c67L },
-      { 0xd2638d24f1314f53L,0x62baf948cabcd822L,0x5542de294ef48db0L,
-        0xb3eb6a04fc5f6bb2L } },
-    /* 31 << 133 */
-    { { 0x23c110ae1208e16aL,0x1a4d15b5f8363e24L,0x30716844164be00bL,
-        0xa8e24824f6f4690dL },
-      { 0x548773a290b170cfL,0xa1bef33142f191f4L,0x70f418d09247aa97L,
-        0xea06028e48be9147L } },
-    /* 32 << 133 */
-    { { 0xe13122f3dbfb894eL,0xbe9b79f6ce274b18L,0x85a49de5ca58aadfL,
-        0x2495775811487351L },
-      { 0x111def61bb939099L,0x1d6a974a26d13694L,0x4474b4ced3fc253bL,
-        0x3a1485e64c5db15eL } },
-    /* 33 << 133 */
-    { { 0xe79667b4147c15b4L,0xe34f553b7bc61301L,0x032b80f817094381L,
-        0x55d8bafd723eaa21L },
-      { 0x5a987995f1c0e74eL,0x5a9b292eebba289cL,0x413cd4b2eb4c8251L,
-        0x98b5d243d162db0aL } },
-    /* 34 << 133 */
-    { { 0xbb47bf6668342520L,0x08d68949baa862d1L,0x11f349c7e906abcdL,
-        0x454ce985ed7bf00eL },
-      { 0xacab5c9eb55b803bL,0xb03468ea31e3c16dL,0x5c24213dd273bf12L,
-        0x211538eb71587887L } },
-    /* 35 << 133 */
-    { { 0x198e4a2f731dea2dL,0xd5856cf274ed7b2aL,0x86a632eb13a664feL,
-        0x932cd909bda41291L },
-      { 0x850e95d4c0c4ddc0L,0xc0f422f8347fc2c9L,0xe68cbec486076bcbL,
-        0xf9e7c0c0cd6cd286L } },
-    /* 36 << 133 */
-    { { 0x65994ddb0f5f27caL,0xe85461fba80d59ffL,0xff05481a66601023L,
-        0xc665427afc9ebbfbL },
-      { 0xb0571a697587fd52L,0x935289f88d49efceL,0x61becc60ea420688L,
-        0xb22639d913a786afL } },
-    /* 37 << 133 */
-    { { 0x1a8e6220361ecf90L,0x001f23e025506463L,0xe4ae9b5d0a5c2b79L,
-        0xebc9cdadd8149db5L },
-      { 0xb33164a1934aa728L,0x750eb00eae9b60f3L,0x5a91615b9b9cfbfdL,
-        0x97015cbfef45f7f6L } },
-    /* 38 << 133 */
-    { { 0xb462c4a5bf5151dfL,0x21adcc41b07118f2L,0xd60c545b043fa42cL,
-        0xfc21aa54e96be1abL },
-      { 0xe84bc32f4e51ea80L,0x3dae45f0259b5d8dL,0xbb73c7ebc38f1b5eL,
-        0xe405a74ae8ae617dL } },
-    /* 39 << 133 */
-    { { 0xbb1ae9c69f1c56bdL,0x8c176b9849f196a4L,0xc448f3116875092bL,
-        0xb5afe3de9f976033L },
-      { 0xa8dafd49145813e5L,0x687fc4d9e2b34226L,0xf2dfc92d4c7ff57fL,
-        0x004e3fc1401f1b46L } },
-    /* 40 << 133 */
-    { { 0x5afddab61430c9abL,0x0bdd41d32238e997L,0xf0947430418042aeL,
-        0x71f9addacdddc4cbL },
-      { 0x7090c016c52dd907L,0xd9bdf44d29e2047fL,0xe6f1fe801b1011a6L,
-        0xb63accbcd9acdc78L } },
-    /* 41 << 133 */
-    { { 0xcfc7e2351272a95bL,0x0c667717a6276ac8L,0x3c0d3709e2d7eef7L,
-        0x5add2b069a685b3eL },
-      { 0x363ad32d14ea5d65L,0xf8e01f068d7dd506L,0xc9ea221375b4aac6L,
-        0xed2a2bf90d353466L } },
-    /* 42 << 133 */
-    { { 0x439d79b5e9d3a7c3L,0x8e0ee5a681b7f34bL,0xcf3dacf51dc4ba75L,
-        0x1d3d1773eb3310c7L },
-      { 0xa8e671127747ae83L,0x31f43160197d6b40L,0x0521cceecd961400L,
-        0x67246f11f6535768L } },
-    /* 43 << 133 */
-    { { 0x702fcc5aef0c3133L,0x247cc45d7e16693bL,0xfd484e49c729b749L,
-        0x522cef7db218320fL },
-      { 0xe56ef40559ab93b3L,0x225fba119f181071L,0x33bd659515330ed0L,
-        0xc4be69d51ddb32f7L } },
-    /* 44 << 133 */
-    { { 0x264c76680448087cL,0xac30903f71432daeL,0x3851b26600f9bf47L,
-        0x400ed3116cdd6d03L },
-      { 0x045e79fef8fd2424L,0xfdfd974afa6da98bL,0x45c9f6410c1e673aL,
-        0x76f2e7335b2c5168L } },
-    /* 45 << 133 */
-    { { 0x1adaebb52a601753L,0xb286514cc57c2d49L,0xd87696701e0bfd24L,
-        0x950c547e04478922L },
-      { 0xd1d41969e5d32bfeL,0x30bc1472750d6c3eL,0x8f3679fee0e27f3aL,
-        0x8f64a7dca4a6ee0cL } },
-    /* 46 << 133 */
-    { { 0x2fe59937633dfb1fL,0xea82c395977f2547L,0xcbdfdf1a661ea646L,
-        0xc7ccc591b9085451L },
-      { 0x8217796281761e13L,0xda57596f9196885cL,0xbc17e84928ffbd70L,
-        0x1e6e0a412671d36fL } },
-    /* 47 << 133 */
-    { { 0x61ae872c4152fcf5L,0x441c87b09e77e754L,0xd0799dd5a34dff09L,
-        0x766b4e4488a6b171L },
-      { 0xdc06a51211f1c792L,0xea02ae934be35c3eL,0xe5ca4d6de90c469eL,
-        0x4df4368e56e4ff5cL } },
-    /* 48 << 133 */
-    { { 0x7817acab4baef62eL,0x9f5a2202a85b91e8L,0x9666ebe66ce57610L,
-        0x32ad31f3f73bfe03L },
-      { 0x628330a425bcf4d6L,0xea950593515056e6L,0x59811c89e1332156L,
-        0xc89cf1fe8c11b2d7L } },
-    /* 49 << 133 */
-    { { 0x75b6391304e60cc0L,0xce811e8d4625d375L,0x030e43fc2d26e562L,
-        0xfbb30b4b608d36a0L },
-      { 0x634ff82c48528118L,0x7c6fe085cd285911L,0x7f2830c099358f28L,
-        0x2e60a95e665e6c09L } },
-    /* 50 << 133 */
-    { { 0x08407d3d9b785dbfL,0x530889aba759bce7L,0xf228e0e652f61239L,
-        0x2b6d14616879be3cL },
-      { 0xe6902c0451a7bbf7L,0x30ad99f076f24a64L,0x66d9317a98bc6da0L,
-        0xf4f877f3cb596ac0L } },
-    /* 51 << 133 */
-    { { 0xb05ff62d4c44f119L,0x4555f536e9b77416L,0xc7c0d0598caed63bL,
-        0x0cd2b7cec358b2a9L },
-      { 0x3f33287b46945fa3L,0xf8785b20d67c8791L,0xc54a7a619637bd08L,
-        0x54d4598c18be79d7L } },
-    /* 52 << 133 */
-    { { 0x889e5acbc46d7ce1L,0x9a515bb78b085877L,0xfac1a03d0b7a5050L,
-        0x7d3e738af2926035L },
-      { 0x861cc2ce2a6cb0ebL,0x6f2e29558f7adc79L,0x61c4d45133016376L,
-        0xd9fd2c805ad59090L } },
-    /* 53 << 133 */
-    { { 0xe5a83738b2b836a1L,0x855b41a07c0d6622L,0x186fe3177cc19af1L,
-        0x6465c1fffdd99acbL },
-      { 0x46e5c23f6974b99eL,0x75a7cf8ba2717cbeL,0x4d2ebc3f062be658L,
-        0x094b44475f209c98L } },
-    /* 54 << 133 */
-    { { 0x4af285edb940cb5aL,0x6706d7927cc82f10L,0xc8c8776c030526faL,
-        0xfa8e6f76a0da9140L },
-      { 0x77ea9d34591ee4f0L,0x5f46e33740274166L,0x1bdf98bbea671457L,
-        0xd7c08b46862a1fe2L } },
-    /* 55 << 133 */
-    { { 0x46cc303c1c08ad63L,0x995434404c845e7bL,0x1b8fbdb548f36bf7L,
-        0x5b82c3928c8273a7L },
-      { 0x08f712c4928435d5L,0x071cf0f179330380L,0xc74c2d24a8da054aL,
-        0xcb0e720143c46b5cL } },
-    /* 56 << 133 */
-    { { 0x0ad7337ac0b7eff3L,0x8552225ec5e48b3cL,0xe6f78b0c73f13a5fL,
-        0x5e70062e82349cbeL },
-      { 0x6b8d5048e7073969L,0x392d2a29c33cb3d2L,0xee4f727c4ecaa20fL,
-        0xa068c99e2ccde707L } },
-    /* 57 << 133 */
-    { { 0xfcd5651fb87a2913L,0xea3e3c153cc252f0L,0x777d92df3b6cd3e4L,
-        0x7a414143c5a732e7L },
-      { 0xa895951aa71ff493L,0xfe980c92bbd37cf6L,0x45bd5e64decfeeffL,
-        0x910dc2a9a44c43e9L } },
-    /* 58 << 133 */
-    { { 0xcb403f26cca9f54dL,0x928bbdfb9303f6dbL,0x3c37951ea9eee67cL,
-        0x3bd61a52f79961c3L },
-      { 0x09a238e6395c9a79L,0x6940ca2d61eb352dL,0x7d1e5c5ec1875631L,
-        0x1e19742c1e1b20d1L } },
-    /* 59 << 133 */
-    { { 0x4633d90823fc2e6eL,0xa76e29a908959149L,0x61069d9c84ed7da5L,
-        0x0baa11cf5dbcad51L },
-      { 0xd01eec64961849daL,0x93b75f1faf3d8c28L,0x57bc4f9f1ca2ee44L,
-        0x5a26322d00e00558L } },
-    /* 60 << 133 */
-    { { 0x1888d65861a023efL,0x1d72aab4b9e5246eL,0xa9a26348e5563ec0L,
-        0xa0971963c3439a43L },
-      { 0x567dd54badb9b5b7L,0x73fac1a1c45a524bL,0x8fe97ef7fe38e608L,
-        0x608748d23f384f48L } },
-    /* 61 << 133 */
-    { { 0xb0571794c486094fL,0x869254a38bf3a8d6L,0x148a8dd1310b0e25L,
-        0x99ab9f3f9aa3f7d8L },
-      { 0x0927c68a6706c02eL,0x22b5e76c69790e6cL,0x6c3252606c71376cL,
-        0x53a5769009ef6657L } },
-    /* 62 << 133 */
-    { { 0x8d63f852edffcf3aL,0xb4d2ed043c0a6f55L,0xdb3aa8de12519b9eL,
-        0x5d38e9c41e0a569aL },
-      { 0x871528bf303747e2L,0xa208e77cf5b5c18dL,0x9d129c88ca6bf923L,
-        0xbcbf197fbf02839fL } },
-    /* 63 << 133 */
-    { { 0x9b9bf03027323194L,0x3b055a8b339ca59dL,0xb46b23120f669520L,
-        0x19789f1f497e5f24L },
-      { 0x9c499468aaf01801L,0x72ee11908b69d59cL,0x8bd39595acf4c079L,
-        0x3ee11ece8e0cd048L } },
-    /* 64 << 133 */
-    { { 0xebde86ec1ed66f18L,0x225d906bd61fce43L,0x5cab07d6e8bed74dL,
-        0x16e4617f27855ab7L },
-      { 0x6568aaddb2fbc3ddL,0xedb5484f8aeddf5bL,0x878f20e86dcf2fadL,
-        0x3516497c615f5699L } },
-    /* 0 << 140 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 140 */
-    { { 0xef0a3fecfa181e69L,0x9ea02f8130d69a98L,0xb2e9cf8e66eab95dL,
-        0x520f2beb24720021L },
-      { 0x621c540a1df84361L,0x1203772171fa6d5dL,0x6e3c7b510ff5f6ffL,
-        0x817a069babb2bef3L } },
-    /* 2 << 140 */
-    { { 0x83572fb6b294cda6L,0x6ce9bf75b9039f34L,0x20e012f0095cbb21L,
-        0xa0aecc1bd063f0daL },
-      { 0x57c21c3af02909e5L,0xc7d59ecf48ce9cdcL,0x2732b8448ae336f8L,
-        0x056e37233f4f85f4L } },
-    /* 3 << 140 */
-    { { 0x8a10b53189e800caL,0x50fe0c17145208fdL,0x9e43c0d3b714ba37L,
-        0x427d200e34189accL },
-      { 0x05dee24fe616e2c0L,0x9c25f4c8ee1854c1L,0x4d3222a58f342a73L,
-        0x0807804fa027c952L } },
-    /* 4 << 140 */
-    { { 0xc222653a4f0d56f3L,0x961e4047ca28b805L,0x2c03f8b04a73434bL,
-        0x4c966787ab712a19L },
-      { 0xcc196c42864fee42L,0xc1be93da5b0ece5cL,0xa87d9f22c131c159L,
-        0x2bb6d593dce45655L } },
-    /* 5 << 140 */
-    { { 0x22c49ec9b809b7ceL,0x8a41486be2c72c2cL,0x813b9420fea0bf36L,
-        0xb3d36ee9a66dac69L },
-      { 0x6fddc08a328cc987L,0x0a3bcd2c3a326461L,0x7103c49dd810dbbaL,
-        0xf9d81a284b78a4c4L } },
-    /* 6 << 140 */
-    { { 0x3de865ade4d55941L,0xdedafa5e30384087L,0x6f414abb4ef18b9bL,
-        0x9ee9ea42faee5268L },
-      { 0x260faa1637a55a4aL,0xeb19a514015f93b9L,0x51d7ebd29e9c3598L,
-        0x523fc56d1932178eL } },
-    /* 7 << 140 */
-    { { 0x501d070cb98fe684L,0xd60fbe9a124a1458L,0xa45761c892bc6b3fL,
-        0xf5384858fe6f27cbL },
-      { 0x4b0271f7b59e763bL,0x3d4606a95b5a8e5eL,0x1eda5d9b05a48292L,
-        0xda7731d0e6fec446L } },
-    /* 8 << 140 */
-    { { 0xa3e3369390d45871L,0xe976404006166d8dL,0xb5c3368289a90403L,
-        0x4bd1798372f1d637L },
-      { 0xa616679ed5d2c53aL,0x5ec4bcd8fdcf3b87L,0xae6d7613b66a694eL,
-        0x7460fc76e3fc27e5L } },
-    /* 9 << 140 */
-    { { 0x70469b8295caabeeL,0xde024ca5889501e3L,0x6bdadc06076ed265L,
-        0x0cb1236b5a0ef8b2L },
-      { 0x4065ddbf0972ebf9L,0xf1dd387522aca432L,0xa88b97cf744aff76L,
-        0xd1359afdfe8e3d24L } },
-    /* 10 << 140 */
-    { { 0x52a3ba2b91502cf3L,0x2c3832a8084db75dL,0x04a12dddde30b1c9L,
-        0x7802eabce31fd60cL },
-      { 0x33707327a37fddabL,0x65d6f2abfaafa973L,0x3525c5b811e6f91aL,
-        0x76aeb0c95f46530bL } },
-    /* 11 << 140 */
-    { { 0xe8815ff62f93a675L,0xa6ec968405f48679L,0x6dcbb556358ae884L,
-        0x0af61472e19e3873L },
-      { 0x72334372a5f696beL,0xc65e57ea6f22fb70L,0x268da30c946cea90L,
-        0x136a8a8765681b2aL } },
-    /* 12 << 140 */
-    { { 0xad5e81dc0f9f44d4L,0xf09a69602c46585aL,0xd1649164c447d1b1L,
-        0x3b4b36c8879dc8b1L },
-      { 0x20d4177b3b6b234cL,0x096a25051730d9d0L,0x0611b9b8ef80531dL,
-        0xba904b3b64bb495dL } },
-    /* 13 << 140 */
-    { { 0x1192d9d493a3147aL,0x9f30a5dc9a565545L,0x90b1f9cb6ef07212L,
-        0x299585460d87fc13L },
-      { 0xd3323effc17db9baL,0xcb18548ccb1644a8L,0x18a306d44f49ffbcL,
-        0x28d658f14c2e8684L } },
-    /* 14 << 140 */
-    { { 0x44ba60cda99f8c71L,0x67b7abdb4bf742ffL,0x66310f9c914b3f99L,
-        0xae430a32f412c161L },
-      { 0x1e6776d388ace52fL,0x4bc0fa2452d7067dL,0x03c286aa8f07cd1bL,
-        0x4cb8f38ca985b2c1L } },
-    /* 15 << 140 */
-    { { 0x83ccbe808c3bff36L,0x005a0bd25263e575L,0x460d7dda259bdcd1L,
-        0x4a1c5642fa5cab6bL },
-      { 0x2b7bdbb99fe4fc88L,0x09418e28cc97bbb5L,0xd8274fb4a12321aeL,
-        0xb137007d5c87b64eL } },
-    /* 16 << 140 */
-    { { 0x80531fe1c63c4962L,0x50541e89981fdb25L,0xdc1291a1fd4c2b6bL,
-        0xc0693a17a6df4fcaL },
-      { 0xb2c4604e0117f203L,0x245f19630a99b8d0L,0xaedc20aac6212c44L,
-        0xb1ed4e56520f52a8L } },
-    /* 17 << 140 */
-    { { 0xfe48f575f8547be3L,0x0a7033cda9e45f98L,0x4b45d3a918c50100L,
-        0xb2a6cd6aa61d41daL },
-      { 0x60bbb4f557933c6bL,0xa7538ebd2b0d7ffcL,0x9ea3ab8d8cd626b6L,
-        0x8273a4843601625aL } },
-    /* 18 << 140 */
-    { { 0x888598450168e508L,0x8cbc9bb299a94abdL,0x713ac792fab0a671L,
-        0xa3995b196c9ebffcL },
-      { 0xe711668e1239e152L,0x56892558bbb8dff4L,0x8bfc7dabdbf17963L,
-        0x5b59fe5ab3de1253L } },
-    /* 19 << 140 */
-    { { 0x7e3320eb34a9f7aeL,0xe5e8cf72d751efe4L,0x7ea003bcd9be2f37L,
-        0xc0f551a0b6c08ef7L },
-      { 0x56606268038f6725L,0x1dd38e356d92d3b6L,0x07dfce7cc3cbd686L,
-        0x4e549e04651c5da8L } },
-    /* 20 << 140 */
-    { { 0x4058f93b08b19340L,0xc2fae6f4cac6d89dL,0x4bad8a8c8f159cc7L,
-        0x0ddba4b3cb0b601cL },
-      { 0xda4fc7b51dd95f8cL,0x1d163cd7cea5c255L,0x30707d06274a8c4cL,
-        0x79d9e0082802e9ceL } },
-    /* 21 << 140 */
-    { { 0x02a29ebfe6ddd505L,0x37064e74b50bed1aL,0x3f6bae65a7327d57L,
-        0x3846f5f1f83920bcL },
-      { 0x87c3749160df1b9bL,0x4cfb28952d1da29fL,0x10a478ca4ed1743cL,
-        0x390c60303edd47c6L } },
-    /* 22 << 140 */
-    { { 0x8f3e53128c0a78deL,0xccd02bda1e85df70L,0xd6c75c03a61b6582L,
-        0x0762921cfc0eebd1L },
-      { 0xd34d0823d85010c0L,0xd73aaacb0044cf1fL,0xfb4159bba3b5e78aL,
-        0x2287c7f7e5826f3fL } },
-    /* 23 << 140 */
-    { { 0x4aeaf742580b1a01L,0xf080415d60423b79L,0xe12622cda7dea144L,
-        0x49ea499659d62472L },
-      { 0xb42991ef571f3913L,0x0610f214f5b25a8aL,0x47adc58530b79e8fL,
-        0xf90e3df607a065a2L } },
-    /* 24 << 140 */
-    { { 0x5d0a5deb43e2e034L,0x53fb5a34444024aaL,0xa8628c686b0c9f7fL,
-        0x9c69c29cac563656L },
-      { 0x5a231febbace47b6L,0xbdce02899ea5a2ecL,0x05da1fac9463853eL,
-        0x96812c52509e78aaL } },
-    /* 25 << 140 */
-    { { 0xd3fb577157151692L,0xeb2721f8d98e1c44L,0xc050608732399be1L,
-        0xda5a5511d979d8b8L },
-      { 0x737ed55dc6f56780L,0xe20d30040dc7a7f4L,0x02ce7301f5941a03L,
-        0x91ef5215ed30f83aL } },
-    /* 26 << 140 */
-    { { 0x28727fc14092d85fL,0x72d223c65c49e41aL,0xa7cf30a2ba6a4d81L,
-        0x7c086209b030d87dL },
-      { 0x04844c7dfc588b09L,0x728cd4995874bbb0L,0xcc1281eee84c0495L,
-        0x0769b5baec31958fL } },
-    /* 27 << 140 */
-    { { 0x665c228bf99c2471L,0xf2d8a11b191eb110L,0x4594f494d36d7024L,
-        0x482ded8bcdcb25a1L },
-      { 0xc958a9d8dadd4885L,0x7004477ef1d2b547L,0x0a45f6ef2a0af550L,
-        0x4fc739d62f8d6351L } },
-    /* 28 << 140 */
-    { { 0x75cdaf27786f08a9L,0x8700bb2642c2737fL,0x855a71411c4e2670L,
-        0x810188c115076fefL },
-      { 0xc251d0c9abcd3297L,0xae4c8967f48108ebL,0xbd146de718ceed30L,
-        0xf9d4f07ac986bcedL } },
-    /* 29 << 140 */
-    { { 0x5ad98ed583fa1e08L,0x7780d33ebeabd1fbL,0xe330513c903b1196L,
-        0xba11de9ea47bc8c4L },
-      { 0x684334da02c2d064L,0x7ecf360da48de23bL,0x57a1b4740a9089d8L,
-        0xf28fa439ff36734cL } },
-    /* 30 << 140 */
-    { { 0xf2a482cbea4570b3L,0xee65d68ba5ebcee9L,0x988d0036b9694cd5L,
-        0x53edd0e937885d32L },
-      { 0xe37e3307beb9bc6dL,0xe9abb9079f5c6768L,0x4396ccd551f2160fL,
-        0x2500888c47336da6L } },
-    /* 31 << 140 */
-    { { 0x383f9ed9926fce43L,0x809dd1c704da2930L,0x30f6f5968a4cb227L,
-        0x0d700c7f73a56b38L },
-      { 0x1825ea33ab64a065L,0xaab9b7351338df80L,0x1516100d9b63f57fL,
-        0x2574395a27a6a634L } },
-    /* 32 << 140 */
-    { { 0xb5560fb6700a1acdL,0xe823fd73fd999681L,0xda915d1f6cb4e1baL,
-        0x0d0301186ebe00a3L },
-      { 0x744fb0c989fca8cdL,0x970d01dbf9da0e0bL,0x0ad8c5647931d76fL,
-        0xb15737bff659b96aL } },
-    /* 33 << 140 */
-    { { 0xdc9933e8a8b484e7L,0xb2fdbdf97a26dec7L,0x2349e9a49f1f0136L,
-        0x7860368e70fddddbL },
-      { 0xd93d2c1cf9ad3e18L,0x6d6c5f17689f4e79L,0x7a544d91b24ff1b6L,
-        0x3e12a5ebfe16cd8cL } },
-    /* 34 << 140 */
-    { { 0x543574e9a56b872fL,0xa1ad550cfcf68ea2L,0x689e37d23f560ef7L,
-        0x8c54b9cac9d47a8bL },
-      { 0x46d40a4a088ac342L,0xec450c7c1576c6d0L,0xb589e31c1f9689e9L,
-        0xdacf2602b8781718L } },
-    /* 35 << 140 */
-    { { 0xa89237c6c8cb6b42L,0x1326fc93b96ef381L,0x55d56c6db5f07825L,
-        0xacba2eea7449e22dL },
-      { 0x74e0887a633c3000L,0xcb6cd172d7cbcf71L,0x309e81dec36cf1beL,
-        0x07a18a6d60ae399bL } },
-    /* 36 << 140 */
-    { { 0xb36c26799edce57eL,0x52b892f4df001d41L,0xd884ae5d16a1f2c6L,
-        0x9b329424efcc370aL },
-      { 0x3120daf2bd2e21dfL,0x55298d2d02470a99L,0x0b78af6ca05db32eL,
-        0x5c76a331601f5636L } },
-    /* 37 << 140 */
-    { { 0xaae861fff8a4f29cL,0x70dc9240d68f8d49L,0x960e649f81b1321cL,
-        0x3d2c801b8792e4ceL },
-      { 0xf479f77242521876L,0x0bed93bc416c79b1L,0xa67fbc05263e5bc9L,
-        0x01e8e630521db049L } },
-    /* 38 << 140 */
-    { { 0x76f26738c6f3431eL,0xe609cb02e3267541L,0xb10cff2d818c877cL,
-        0x1f0e75ce786a13cbL },
-      { 0xf4fdca641158544dL,0x5d777e896cb71ed0L,0x3c233737a9aa4755L,
-        0x7b453192e527ab40L } },
-    /* 39 << 140 */
-    { { 0xdb59f68839f05ffeL,0x8f4f4be06d82574eL,0xcce3450cee292d1bL,
-        0xaa448a1261ccd086L },
-      { 0xabce91b3f7914967L,0x4537f09b1908a5edL,0xa812421ef51042e7L,
-        0xfaf5cebcec0b3a34L } },
-    /* 40 << 140 */
-    { { 0x730ffd874ca6b39aL,0x70fb72ed02efd342L,0xeb4735f9d75c8edbL,
-        0xc11f2157c278aa51L },
-      { 0xc459f635bf3bfebfL,0x3a1ff0b46bd9601fL,0xc9d12823c420cb73L,
-        0x3e9af3e23c2915a3L } },
-    /* 41 << 140 */
-    { { 0xe0c82c72b41c3440L,0x175239e5e3039a5fL,0xe1084b8a558795a3L,
-        0x328d0a1dd01e5c60L },
-      { 0x0a495f2ed3788a04L,0x25d8ff1666c11a9fL,0xf5155f059ed692d6L,
-        0x954fa1074f425fe4L } },
-    /* 42 << 140 */
-    { { 0xd16aabf2e98aaa99L,0x90cd8ba096b0f88aL,0x957f4782c154026aL,
-        0x54ee073452af56d2L },
-      { 0xbcf89e5445b4147aL,0x3d102f219a52816cL,0x6808517e39b62e77L,
-        0x92e2542169169ad8L } },
-    /* 43 << 140 */
-    { { 0xd721d871bb608558L,0x60e4ebaef6d4ff9bL,0x0ba1081941f2763eL,
-        0xca2e45be51ee3247L },
-      { 0x66d172ec2bfd7a5fL,0x528a8f2f74d0b12dL,0xe17f1e38dabe70dcL,
-        0x1d5d73169f93983cL } },
-    /* 44 << 140 */
-    { { 0x51b2184adf423e31L,0xcb417291aedb1a10L,0x2054ca93625bcab9L,
-        0x54396860a98998f0L },
-      { 0x4e53f6c4a54ae57eL,0x0ffeb590ee648e9dL,0xfbbdaadc6afaf6bcL,
-        0xf88ae796aa3bfb8aL } },
-    /* 45 << 140 */
-    { { 0x209f1d44d2359ed9L,0xac68dd03f3544ce2L,0xf378da47fd51e569L,
-        0xe1abd8602cc80097L },
-      { 0x23ca18d9343b6e3aL,0x480797e8b40a1baeL,0xd1f0c717533f3e67L,
-        0x4489697006e6cdfcL } },
-    /* 46 << 140 */
-    { { 0x8ca2105552a82e8dL,0xb2caf78578460cdcL,0x4c1b7b62e9037178L,
-        0xefc09d2cdb514b58L },
-      { 0x5f2df9ee9113be5cL,0x2fbda78fb3f9271cL,0xe09a81af8f83fc54L,
-        0x06b138668afb5141L } },
-    /* 47 << 140 */
-    { { 0x38f6480f43e3865dL,0x72dd77a81ddf47d9L,0xf2a8e9714c205ff7L,
-        0x46d449d89d088ad8L },
-      { 0x926619ea185d706fL,0xe47e02ebc7dd7f62L,0xe7f120a78cbc2031L,
-        0xc18bef00998d4ac9L } },
-    /* 48 << 140 */
-    { { 0x18f37a9c6bdf22daL,0xefbc432f90dc82dfL,0xc52cef8e5d703651L,
-        0x82887ba0d99881a5L },
-      { 0x7cec9ddab920ec1dL,0xd0d7e8c3ec3e8d3bL,0x445bc3954ca88747L,
-        0xedeaa2e09fd53535L } },
-    /* 49 << 140 */
-    { { 0x461b1d936cc87475L,0xd92a52e26d2383bdL,0xfabccb59d7903546L,
-        0x6111a7613d14b112L },
-      { 0x0ae584feb3d5f612L,0x5ea69b8d60e828ecL,0x6c07898554087030L,
-        0x649cab04ac4821feL } },
-    /* 50 << 140 */
-    { { 0x25ecedcf8bdce214L,0xb5622f7286af7361L,0x0e1227aa7038b9e2L,
-        0xd0efb273ac20fa77L },
-      { 0x817ff88b79df975bL,0x856bf2861999503eL,0xb4d5351f5038ec46L,
-        0x740a52c5fc42af6eL } },
-    /* 51 << 140 */
-    { { 0x2e38bb152cbb1a3fL,0xc3eb99fe17a83429L,0xca4fcbf1dd66bb74L,
-        0x880784d6cde5e8fcL },
-      { 0xddc84c1cb4e7a0beL,0x8780510dbd15a72fL,0x44bcf1af81ec30e1L,
-        0x141e50a80a61073eL } },
-    /* 52 << 140 */
-    { { 0x0d95571847be87aeL,0x68a61417f76a4372L,0xf57e7e87c607c3d3L,
-        0x043afaf85252f332L },
-      { 0xcc14e1211552a4d2L,0xb6dee692bb4d4ab4L,0xb6ab74c8a03816a4L,
-        0x84001ae46f394a29L } },
-    /* 53 << 140 */
-    { { 0x5bed8344d795fb45L,0x57326e7db79f55a5L,0xc9533ce04accdffcL,
-        0x53473caf3993fa04L },
-      { 0x7906eb93a13df4c8L,0xa73e51f697cbe46fL,0xd1ab3ae10ae4ccf8L,
-        0x256145088a5b3dbcL } },
-    /* 54 << 140 */
-    { { 0x61eff96211a71b27L,0xdf71412b6bb7fa39L,0xb31ba6b82bd7f3efL,
-        0xb0b9c41569180d29L },
-      { 0xeec14552014cdde5L,0x702c624b227b4bbbL,0x2b15e8c2d3e988f3L,
-        0xee3bcc6da4f7fd04L } },
-    /* 55 << 140 */
-    { { 0x9d00822a42ac6c85L,0x2db0cea61df9f2b7L,0xd7cad2ab42de1e58L,
-        0x346ed5262d6fbb61L },
-      { 0xb39629951a2faf09L,0x2fa8a5807c25612eL,0x30ae04da7cf56490L,
-        0x756629080eea3961L } },
-    /* 56 << 140 */
-    { { 0x3609f5c53d080847L,0xcb081d395241d4f6L,0xb4fb381077961a63L,
-        0xc20c59842abb66fcL },
-      { 0x3d40aa7cf902f245L,0x9cb127364e536b1eL,0x5eda24da99b3134fL,
-        0xafbd9c695cd011afL } },
-    /* 57 << 140 */
-    { { 0x9a16e30ac7088c7dL,0x5ab657103207389fL,0x1b09547fe7407a53L,
-        0x2322f9d74fdc6eabL },
-      { 0xc0f2f22d7430de4dL,0x19382696e68ca9a9L,0x17f1eff1918e5868L,
-        0xe3b5b635586f4204L } },
-    /* 58 << 140 */
-    { { 0x146ef9803fbc4341L,0x359f2c805b5eed4eL,0x9f35744e7482e41dL,
-        0x9a9ac3ecf3b224c2L },
-      { 0x9161a6fe91fc50aeL,0x89ccc66bc613fa7cL,0x89268b14c732f15aL,
-        0x7cd6f4e2b467ed03L } },
-    /* 59 << 140 */
-    { { 0xfbf79869ce56b40eL,0xf93e094cc02dde98L,0xefe0c3a8edee2cd7L,
-        0x90f3ffc0b268fd42L },
-      { 0x81a7fd5608241aedL,0x95ab7ad800b1afe8L,0x401270563e310d52L,
-        0xd3ffdeb109d9fc43L } },
-    /* 60 << 140 */
-    { { 0xc8f85c91d11a8594L,0x2e74d25831cf6db8L,0x829c7ca302b5dfd0L,
-        0xe389cfbe69143c86L },
-      { 0xd01b6405941768d8L,0x4510399503bf825dL,0xcc4ee16656cd17e2L,
-        0xbea3c283ba037e79L } },
-    /* 61 << 140 */
-    { { 0x4e1ac06ed9a47520L,0xfbfe18aaaf852404L,0x5615f8e28087648aL,
-        0x7301e47eb9d150d9L },
-      { 0x79f9f9ddb299b977L,0x76697a7ba5b78314L,0x10d674687d7c90e7L,
-        0x7afffe03937210b5L } },
-    /* 62 << 140 */
-    { { 0x5aef3e4b28c22ceeL,0xefb0ecd809fd55aeL,0x4cea71320d2a5d6aL,
-        0x9cfb5fa101db6357L },
-      { 0x395e0b57f36e1ac5L,0x008fa9ad36cafb7dL,0x8f6cdf705308c4dbL,
-        0x51527a3795ed2477L } },
-    /* 63 << 140 */
-    { { 0xba0dee305bd21311L,0x6ed41b22909c90d7L,0xc5f6b7587c8696d3L,
-        0x0db8eaa83ce83a80L },
-      { 0xd297fe37b24b4b6fL,0xfe58afe8522d1f0dL,0x973587368c98dbd9L,
-        0x6bc226ca9454a527L } },
-    /* 64 << 140 */
-    { { 0xa12b384ece53c2d0L,0x779d897d5e4606daL,0xa53e47b073ec12b0L,
-        0x462dbbba5756f1adL },
-      { 0x69fe09f2cafe37b6L,0x273d1ebfecce2e17L,0x8ac1d5383cf607fdL,
-        0x8035f7ff12e10c25L } },
-    /* 0 << 147 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 147 */
-    { { 0x854d34c77e6c5520L,0xc27df9efdcb9ea58L,0x405f2369d686666dL,
-        0x29d1febf0417aa85L },
-      { 0x9846819e93470afeL,0x3e6a9669e2a27f9eL,0x24d008a2e31e6504L,
-        0xdba7cecf9cb7680aL } },
-    /* 2 << 147 */
-    { { 0xecaff541338d6e43L,0x56f7dd734541d5ccL,0xb5d426de96bc88caL,
-        0x48d94f6b9ed3a2c3L },
-      { 0x6354a3bb2ef8279cL,0xd575465b0b1867f2L,0xef99b0ff95225151L,
-        0xf3e19d88f94500d8L } },
-    /* 3 << 147 */
-    { { 0x92a83268e32dd620L,0x913ec99f627849a2L,0xedd8fdfa2c378882L,
-        0xaf96f33eee6f8cfeL },
-      { 0xc06737e5dc3fa8a5L,0x236bb531b0b03a1dL,0x33e59f2989f037b0L,
-        0x13f9b5a7d9a12a53L } },
-    /* 4 << 147 */
-    { { 0x0d0df6ce51efb310L,0xcb5b2eb4958df5beL,0xd6459e2936158e59L,
-        0x82aae2b91466e336L },
-      { 0xfb658a39411aa636L,0x7152ecc5d4c0a933L,0xf10c758a49f026b7L,
-        0xf4837f97cb09311fL } },
-    /* 5 << 147 */
-    { { 0xddfb02c4c753c45fL,0x18ca81b6f9c840feL,0x846fd09ab0f8a3e6L,
-        0xb1162adde7733dbcL },
-      { 0x7070ad20236e3ab6L,0xf88cdaf5b2a56326L,0x05fc8719997cbc7aL,
-        0x442cd4524b665272L } },
-    /* 6 << 147 */
-    { { 0x7807f364b71698f5L,0x6ba418d29f7b605eL,0xfd20b00fa03b2cbbL,
-        0x883eca37da54386fL },
-      { 0xff0be43ff3437f24L,0xe910b432a48bb33cL,0x4963a128329df765L,
-        0xac1dd556be2fe6f7L } },
-    /* 7 << 147 */
-    { { 0x557610f924a0a3fcL,0x38e17bf4e881c3f9L,0x6ba84fafed0dac99L,
-        0xd4a222c359eeb918L },
-      { 0xc79c1dbe13f542b6L,0x1fc65e0de425d457L,0xeffb754f1debb779L,
-        0x638d8fd09e08af60L } },
-    /* 8 << 147 */
-    { { 0x994f523a626332d5L,0x7bc388335561bb44L,0x005ed4b03d845ea2L,
-        0xd39d3ee1c2a1f08aL },
-      { 0x6561fdd3e7676b0dL,0x620e35fffb706017L,0x36ce424ff264f9a8L,
-        0xc4c3419fda2681f7L } },
-    /* 9 << 147 */
-    { { 0xfb6afd2f69beb6e8L,0x3a50b9936d700d03L,0xc840b2ad0c83a14fL,
-        0x573207be54085befL },
-      { 0x5af882e309fe7e5bL,0x957678a43b40a7e1L,0x172d4bdd543056e2L,
-        0x9c1b26b40df13c0aL } },
-    /* 10 << 147 */
-    { { 0x1c30861cf405ff06L,0xebac86bd486e828bL,0xe791a971636933fcL,
-        0x50e7c2be7aeee947L },
-      { 0xc3d4a095fa90d767L,0xae60eb7be670ab7bL,0x17633a64397b056dL,
-        0x93a21f33105012aaL } },
-    /* 11 << 147 */
-    { { 0x663c370babb88643L,0x91df36d722e21599L,0x183ba8358b761671L,
-        0x381eea1d728f3bf1L },
-      { 0xb9b2f1ba39966e6cL,0x7c464a28e7295492L,0x0fd5f70a09b26b7fL,
-        0xa9aba1f9fbe009dfL } },
-    /* 12 << 147 */
-    { { 0x857c1f22369b87adL,0x3c00e5d932fca556L,0x1ad74cab90b06466L,
-        0xa7112386550faaf2L },
-      { 0x7435e1986d9bd5f5L,0x2dcc7e3859c3463fL,0xdc7df748ca7bd4b2L,
-        0x13cd4c089dec2f31L } },
-    /* 13 << 147 */
-    { { 0x0d3b5df8e3237710L,0x0dadb26ecbd2f7b0L,0x9f5966abe4aa082bL,
-        0x666ec8de350e966eL },
-      { 0x1bfd1ed5ee524216L,0xcd93c59b41dab0b6L,0x658a8435d186d6baL,
-        0x1b7d34d2159d1195L } },
-    /* 14 << 147 */
-    { { 0x5936e46022caf46bL,0x6a45dd8f9a96fe4fL,0xf7925434b98f474eL,
-        0x414104120053ef15L },
-      { 0x71cf8d1241de97bfL,0xb8547b61bd80bef4L,0xb47d3970c4db0037L,
-        0xf1bcd328fef20dffL } },
-    /* 15 << 147 */
-    { { 0x31a92e0910caad67L,0x1f5919605531a1e1L,0x3bb852e05f4fc840L,
-        0x63e297ca93a72c6cL },
-      { 0x3c2b0b2e49abad67L,0x6ec405fced3db0d9L,0xdc14a5307fef1d40L,
-        0xccd19846280896fcL } },
-    /* 16 << 147 */
-    { { 0x00f831769bb81648L,0xd69eb485653120d0L,0xd17d75f44ccabc62L,
-        0x34a07f82b749fcb1L },
-      { 0x2c3af787bbfb5554L,0xb06ed4d062e283f8L,0x5722889fa19213a0L,
-        0x162b085edcf3c7b4L } },
-    /* 17 << 147 */
-    { { 0xbcaecb31e0dd3ecaL,0xc6237fbce52f13a5L,0xcc2b6b0327bac297L,
-        0x2ae1cac5b917f54aL },
-      { 0x474807d47845ae4fL,0xfec7dd92ce5972e0L,0xc3bd25411d7915bbL,
-        0x66f85dc4d94907caL } },
-    /* 18 << 147 */
-    { { 0xd981b888bdbcf0caL,0xd75f5da6df279e9fL,0x128bbf247054e934L,
-        0x3c6ff6e581db134bL },
-      { 0x795b7cf4047d26e4L,0xf370f7b85049ec37L,0xc6712d4dced945afL,
-        0xdf30b5ec095642bcL } },
-    /* 19 << 147 */
-    { { 0x9b034c624896246eL,0x5652c016ee90bbd1L,0xeb38636f87fedb73L,
-        0x5e32f8470135a613L },
-      { 0x0703b312cf933c83L,0xd05bb76e1a7f47e6L,0x825e4f0c949c2415L,
-        0x569e56227250d6f8L } },
-    /* 20 << 147 */
-    { { 0xbbe9eb3a6568013eL,0x8dbd203f22f243fcL,0x9dbd7694b342734aL,
-        0x8f6d12f846afa984L },
-      { 0xb98610a2c9eade29L,0xbab4f32347dd0f18L,0x5779737b671c0d46L,
-        0x10b6a7c6d3e0a42aL } },
-    /* 21 << 147 */
-    { { 0xfb19ddf33035b41cL,0xd336343f99c45895L,0x61fe493854c857e5L,
-        0xc4d506beae4e57d5L },
-      { 0x3cd8c8cbbbc33f75L,0x7281f08a9262c77dL,0x083f4ea6f11a2823L,
-        0x8895041e9fba2e33L } },
-    /* 22 << 147 */
-    { { 0xfcdfea499c438edfL,0x7678dcc391edba44L,0xf07b3b87e2ba50f0L,
-        0xc13888ef43948c1bL },
-      { 0xc2135ad41140af42L,0x8e5104f3926ed1a7L,0xf24430cb88f6695fL,
-        0x0ce0637b6d73c120L } },
-    /* 23 << 147 */
-    { { 0xb2db01e6fe631e8fL,0x1c5563d7d7bdd24bL,0x8daea3ba369ad44fL,
-        0x000c81b68187a9f9L },
-      { 0x5f48a951aae1fd9aL,0xe35626c78d5aed8aL,0x209527630498c622L,
-        0x76d17634773aa504L } },
-    /* 24 << 147 */
-    { { 0x36d90ddaeb300f7aL,0x9dcf7dfcedb5e801L,0x645cb26874d5244cL,
-        0xa127ee79348e3aa2L },
-      { 0x488acc53575f1dbbL,0x95037e8580e6161eL,0x57e59283292650d0L,
-        0xabe67d9914938216L } },
-    /* 25 << 147 */
-    { { 0x3c7f944b3f8e1065L,0xed908cb6330e8924L,0x08ee8fd56f530136L,
-        0x2227b7d5d7ffc169L },
-      { 0x4f55c893b5cd6dd5L,0x82225e11a62796e8L,0x5c6cead1cb18e12cL,
-        0x4381ae0c84f5a51aL } },
-    /* 26 << 147 */
-    { { 0x345913d37fafa4c8L,0x3d9180820491aac0L,0x9347871f3e69264cL,
-        0xbea9dd3cb4f4f0cdL },
-      { 0xbda5d0673eadd3e7L,0x0033c1b80573bcd8L,0x255893795da2486cL,
-        0xcb89ee5b86abbee7L } },
-    /* 27 << 147 */
-    { { 0x8fe0a8f322532e5dL,0xb6410ff0727dfc4cL,0x619b9d58226726dbL,
-        0x5ec256697a2b2dc7L },
-      { 0xaf4d2e064c3beb01L,0x852123d07acea556L,0x0e9470faf783487aL,
-        0x75a7ea045664b3ebL } },
-    /* 28 << 147 */
-    { { 0x4ad78f356798e4baL,0x9214e6e5c7d0e091L,0xc420b488b1290403L,
-        0x64049e0afc295749L },
-      { 0x03ef5af13ae9841fL,0xdbe4ca19b0b662a6L,0x46845c5ffa453458L,
-        0xf8dabf1910b66722L } },
-    /* 29 << 147 */
-    { { 0xb650f0aacce2793bL,0x71db851ec5ec47c1L,0x3eb78f3e3b234fa9L,
-        0xb0c60f35fc0106ceL },
-      { 0x05427121774eadbdL,0x25367fafce323863L,0x7541b5c9cd086976L,
-        0x4ff069e2dc507ad1L } },
-    /* 30 << 147 */
-    { { 0x741452568776e667L,0x6e76142cb23c6bb5L,0xdbf307121b3a8a87L,
-        0x60e7363e98450836L },
-      { 0x5741450eb7366d80L,0xe4ee14ca4837dbdfL,0xa765eb9b69d4316fL,
-        0x04548dca8ef43825L } },
-    /* 31 << 147 */
-    { { 0x9c9f4e4c5ae888ebL,0x733abb5156e9ac99L,0xdaad3c20ba6ac029L,
-        0x9b8dd3d32ba3e38eL },
-      { 0xa9bb4c920bc5d11aL,0xf20127a79c5f88a3L,0x4f52b06e161d3cb8L,
-        0x26c1ff096afaf0a6L } },
-    /* 32 << 147 */
-    { { 0x32670d2f7189e71fL,0xc64387485ecf91e7L,0x15758e57db757a21L,
-        0x427d09f8290a9ce5L },
-      { 0x846a308f38384a7aL,0xaac3acb4b0732b99L,0x9e94100917845819L,
-        0x95cba111a7ce5e03L } },
-    /* 33 << 147 */
-    { { 0x6f3d4f7fb00009c4L,0xb8396c278ff28b5fL,0xb1a9ae431c97975dL,
-        0x9d7ba8afe5d9fed5L },
-      { 0x338cf09f34f485b6L,0xbc0ddacc64122516L,0xa450da1205d471feL,
-        0x4c3a6250628dd8c9L } },
-    /* 34 << 147 */
-    { { 0x69c7d103d1295837L,0xa2893e503807eb2fL,0xd6e1e1debdb41491L,
-        0xc630745b5e138235L },
-      { 0xc892109e48661ae1L,0x8d17e7ebea2b2674L,0x00ec0f87c328d6b5L,
-        0x6d858645f079ff9eL } },
-    /* 35 << 147 */
-    { { 0x6cdf243e19115eadL,0x1ce1393e4bac4fcfL,0x2c960ed09c29f25bL,
-        0x59be4d8e9d388a05L },
-      { 0x0d46e06cd0def72bL,0xb923db5de0342748L,0xf7d3aacd936d4a3dL,
-        0x558519cc0b0b099eL } },
-    /* 36 << 147 */
-    { { 0x3ea8ebf8827097efL,0x259353dbd054f55dL,0x84c89abc6d2ed089L,
-        0x5c548b698e096a7cL },
-      { 0xd587f616994b995dL,0x4d1531f6a5845601L,0x792ab31e451fd9f0L,
-        0xc8b57bb265adf6caL } },
-    /* 37 << 147 */
-    { { 0x68440fcb1cd5ad73L,0xb9c860e66144da4fL,0x2ab286aa8462beb8L,
-        0xcc6b8fffef46797fL },
-      { 0xac820da420c8a471L,0x69ae05a177ff7fafL,0xb9163f39bfb5da77L,
-        0xbd03e5902c73ab7aL } },
-    /* 38 << 147 */
-    { { 0x7e862b5eb2940d9eL,0x3c663d864b9af564L,0xd8309031bde3033dL,
-        0x298231b2d42c5bc6L },
-      { 0x42090d2c552ad093L,0xa4799d1cff854695L,0x0a88b5d6d31f0d00L,
-        0xf8b40825a2f26b46L } },
-    /* 39 << 147 */
-    { { 0xec29b1edf1bd7218L,0xd491c53b4b24c86eL,0xd2fe588f3395ea65L,
-        0x6f3764f74456ef15L },
-      { 0xdb43116dcdc34800L,0xcdbcd456c1e33955L,0xefdb554074ab286bL,
-        0x948c7a51d18c5d7cL } },
-    /* 40 << 147 */
-    { { 0xeb81aa377378058eL,0x41c746a104411154L,0xa10c73bcfb828ac7L,
-        0x6439be919d972b29L },
-      { 0x4bf3b4b043a2fbadL,0x39e6dadf82b5e840L,0x4f7164086397bd4cL,
-        0x0f7de5687f1eeccbL } },
-    /* 41 << 147 */
-    { { 0x5865c5a1d2ffbfc1L,0xf74211fa4ccb6451L,0x66368a88c0b32558L,
-        0x5b539dc29ad7812eL },
-      { 0x579483d02f3af6f6L,0x5213207899934eceL,0x50b9650fdcc9e983L,
-        0xca989ec9aee42b8aL } },
-    /* 42 << 147 */
-    { { 0x6a44c829d6f62f99L,0x8f06a3094c2a7c0cL,0x4ea2b3a098a0cb0aL,
-        0x5c547b70beee8364L },
-      { 0x461d40e1682afe11L,0x9e0fc77a7b41c0a8L,0x79e4aefde20d5d36L,
-        0x2916e52032dd9f63L } },
-    /* 43 << 147 */
-    { { 0xf59e52e83f883fafL,0x396f96392b868d35L,0xc902a9df4ca19881L,
-        0x0fc96822db2401a6L },
-      { 0x4123758766f1c68dL,0x10fc6de3fb476c0dL,0xf8b6b579841f5d90L,
-        0x2ba8446cfa24f44aL } },
-    /* 44 << 147 */
-    { { 0xa237b920ef4a9975L,0x60bb60042330435fL,0xd6f4ab5acfb7e7b5L,
-        0xb2ac509783435391L },
-      { 0xf036ee2fb0d1ea67L,0xae779a6a74c56230L,0x59bff8c8ab838ae6L,
-        0xcd83ca999b38e6f0L } },
-    /* 45 << 147 */
-    { { 0xbb27bef5e33deed3L,0xe6356f6f001892a8L,0xbf3be6cc7adfbd3eL,
-        0xaecbc81c33d1ac9dL },
-      { 0xe4feb909e6e861dcL,0x90a247a453f5f801L,0x01c50acb27346e57L,
-        0xce29242e461acc1bL } },
-    /* 46 << 147 */
-    { { 0x04dd214a2f998a91L,0x271ee9b1d4baf27bL,0x7e3027d1e8c26722L,
-        0x21d1645c1820dce5L },
-      { 0x086f242c7501779cL,0xf0061407fa0e8009L,0xf23ce47760187129L,
-        0x05bbdedb0fde9bd0L } },
-    /* 47 << 147 */
-    { { 0x682f483225d98473L,0xf207fe855c658427L,0xb6fdd7ba4166ffa1L,
-        0x0c3140569eed799dL },
-      { 0x0db8048f4107e28fL,0x74ed387141216840L,0x74489f8f56a3c06eL,
-        0x1e1c005b12777134L } },
-    /* 48 << 147 */
-    { { 0xdb332a73f37ec3c3L,0xc65259bddd59eba0L,0x2291709cdb4d3257L,
-        0x9a793b25bd389390L },
-      { 0xf39fe34be43756f0L,0x2f76bdce9afb56c9L,0x9f37867a61208b27L,
-        0xea1d4307089972c3L } },
-    /* 49 << 147 */
-    { { 0x8c5953308bdf623aL,0x5f5accda8441fb7dL,0xfafa941832ddfd95L,
-        0x6ad40c5a0fde9be7L },
-      { 0x43faba89aeca8709L,0xc64a7cf12c248a9dL,0x1662025272637a76L,
-        0xaee1c79122b8d1bbL } },
-    /* 50 << 147 */
-    { { 0xf0f798fd21a843b2L,0x56e4ed4d8d005cb1L,0x355f77801f0d8abeL,
-        0x197b04cf34522326L },
-      { 0x41f9b31ffd42c13fL,0x5ef7feb2b40f933dL,0x27326f425d60bad4L,
-        0x027ecdb28c92cf89L } },
-    /* 51 << 147 */
-    { { 0x04aae4d14e3352feL,0x08414d2f73591b90L,0x5ed6124eb7da7d60L,
-        0xb985b9314d13d4ecL },
-      { 0xa592d3ab96bf36f9L,0x012dbed5bbdf51dfL,0xa57963c0df6c177dL,
-        0x010ec86987ca29cfL } },
-    /* 52 << 147 */
-    { { 0xba1700f6bf926dffL,0x7c9fdbd1f4bf6bc2L,0xdc18dc8f64da11f5L,
-        0xa6074b7ad938ae75L },
-      { 0x14270066e84f44a4L,0x99998d38d27b954eL,0xc1be8ab2b4f38e9aL,
-        0x8bb55bbf15c01016L } },
-    /* 53 << 147 */
-    { { 0xf73472b40ea2ab30L,0xd365a340f73d68ddL,0xc01a716819c2e1ebL,
-        0x32f49e3734061719L },
-      { 0xb73c57f101d8b4d6L,0x03c8423c26b47700L,0x321d0bc8a4d8826aL,
-        0x6004213c4bc0e638L } },
-    /* 54 << 147 */
-    { { 0xf78c64a1c1c06681L,0x16e0a16fef018e50L,0x31cbdf91db42b2b3L,
-        0xf8f4ffcee0d36f58L },
-      { 0xcdcc71cd4cc5e3e0L,0xd55c7cfaa129e3e0L,0xccdb6ba00fb2cbf1L,
-        0x6aba0005c4bce3cbL } },
-    /* 55 << 147 */
-    { { 0x501cdb30d232cfc4L,0x9ddcf12ed58a3cefL,0x02d2cf9c87e09149L,
-        0xdc5d7ec72c976257L },
-      { 0x6447986e0b50d7ddL,0x88fdbaf7807f112aL,0x58c9822ab00ae9f6L,
-        0x6abfb9506d3d27e0L } },
-    /* 56 << 147 */
-    { { 0xd0a744878a429f4fL,0x0649712bdb516609L,0xb826ba57e769b5dfL,
-        0x82335df21fc7aaf2L },
-      { 0x2389f0675c93d995L,0x59ac367a68677be6L,0xa77985ff21d9951bL,
-        0x038956fb85011cceL } },
-    /* 57 << 147 */
-    { { 0x608e48cbbb734e37L,0xc08c0bf22be5b26fL,0x17bbdd3bf9b1a0d9L,
-        0xeac7d89810483319L },
-      { 0xc95c4bafbc1a6deaL,0xfdd0e2bf172aafdbL,0x40373cbc8235c41aL,
-        0x14303f21fb6f41d5L } },
-    /* 58 << 147 */
-    { { 0xba0636210408f237L,0xcad3b09aecd2d1edL,0x4667855a52abb6a2L,
-        0xba9157dcaa8b417bL },
-      { 0xfe7f35074f013efbL,0x1b112c4baa38c4a2L,0xa1406a609ba64345L,
-        0xe53cba336993c80bL } },
-    /* 59 << 147 */
-    { { 0x45466063ded40d23L,0x3d5f1f4d54908e25L,0x9ebefe62403c3c31L,
-        0x274ea0b50672a624L },
-      { 0xff818d99451d1b71L,0x80e826438f79cf79L,0xa165df1373ce37f5L,
-        0xa744ef4ffe3a21fdL } },
-    /* 60 << 147 */
-    { { 0x73f1e7f5cf551396L,0xc616898e868c676bL,0x671c28c78c442c36L,
-        0xcfe5e5585e0a317dL },
-      { 0x1242d8187051f476L,0x56fad2a614f03442L,0x262068bc0a44d0f6L,
-        0xdfa2cd6ece6edf4eL } },
-    /* 61 << 147 */
-    { { 0x0f43813ad15d1517L,0x61214cb2377d44f5L,0xd399aa29c639b35fL,
-        0x42136d7154c51c19L },
-      { 0x9774711b08417221L,0x0a5546b352545a57L,0x80624c411150582dL,
-        0x9ec5c418fbc555bcL } },
-    /* 62 << 147 */
-    { { 0x2c87dcad771849f1L,0xb0c932c501d7bf6fL,0x6aa5cd3e89116eb2L,
-        0xd378c25a51ca7bd3L },
-      { 0xc612a0da9e6e3e31L,0x0417a54db68ad5d0L,0x00451e4a22c6edb8L,
-        0x9fbfe019b42827ceL } },
-    /* 63 << 147 */
-    { { 0x2fa92505ba9384a2L,0x21b8596e64ad69c1L,0x8f4fcc49983b35a6L,
-        0xde09376072754672L },
-      { 0x2f14ccc8f7bffe6dL,0x27566bff5d94263dL,0xb5b4e9c62df3ec30L,
-        0x94f1d7d53e6ea6baL } },
-    /* 64 << 147 */
-    { { 0x97b7851aaaca5e9bL,0x518aa52156713b97L,0x3357e8c7150a61f6L,
-        0x7842e7e2ec2c2b69L },
-      { 0x8dffaf656868a548L,0xd963bd82e068fc81L,0x64da5c8b65917733L,
-        0x927090ff7b247328L } },
-    /* 0 << 154 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 154 */
-    { { 0x214bc9a7d298c241L,0xe3b697ba56807cfdL,0xef1c78024564eadbL,
-        0xdde8cdcfb48149c5L },
-      { 0x946bf0a75a4d2604L,0x27154d7f6c1538afL,0x95cc9230de5b1fccL,
-        0xd88519e966864f82L } },
-    /* 2 << 154 */
-    { { 0xb828dd1a7cb1282cL,0xa08d7626be46973aL,0x6baf8d40e708d6b2L,
-        0x72571fa14daeb3f3L },
-      { 0x85b1732ff22dfd98L,0x87ab01a70087108dL,0xaaaafea85988207aL,
-        0xccc832f869f00755L } },
-    /* 3 << 154 */
-    { { 0x964d950e36ff3bf0L,0x8ad20f6ff0b34638L,0x4d9177b3b5d7585fL,
-        0xcf839760ef3f019fL },
-      { 0x582fc5b38288c545L,0x2f8e4e9b13116bd1L,0xf91e1b2f332120efL,
-        0xcf5687242a17dd23L } },
-    /* 4 << 154 */
-    { { 0x488f1185ca8d9d1aL,0xadf2c77dd987ded2L,0x5f3039f060c46124L,
-        0xe5d70b7571e095f4L },
-      { 0x82d586506260e70fL,0x39d75ea7f750d105L,0x8cf3d0b175bac364L,
-        0xf3a7564d21d01329L } },
-    /* 5 << 154 */
-    { { 0x182f04cd2f52d2a7L,0x4fde149ae2df565aL,0xb80c5eeca79fb2f7L,
-        0xab491d7b22ddc897L },
-      { 0x99d76c18c6312c7fL,0xca0d5f3d6aa41a57L,0x71207325d15363a0L,
-        0xe82aa265beb252c2L } },
-    /* 6 << 154 */
-    { { 0x94ab4700ec3128c2L,0x6c76d8628e383f49L,0xdc36b150c03024ebL,
-        0xfb43947753daac69L },
-      { 0xfc68764a8dc79623L,0x5b86995db440fbb2L,0xd66879bfccc5ee0dL,
-        0x0522894295aa8bd3L } },
-    /* 7 << 154 */
-    { { 0xb51a40a51e6a75c1L,0x24327c760ea7d817L,0x0663018207774597L,
-        0xd6fdbec397fa7164L },
-      { 0x20c99dfb13c90f48L,0xd6ac5273686ef263L,0xc6a50bdcfef64eebL,
-        0xcd87b28186fdfc32L } },
-    /* 8 << 154 */
-    { { 0xb24aa43e3fcd3efcL,0xdd26c034b8088e9aL,0xa5ef4dc9bd3d46eaL,
-        0xa2f99d588a4c6a6fL },
-      { 0xddabd3552f1da46cL,0x72c3f8ce1afacdd1L,0xd90c4eee92d40578L,
-        0xd28bb41fca623b94L } },
-    /* 9 << 154 */
-    { { 0x50fc0711745edc11L,0x9dd9ad7d3dc87558L,0xce6931fbb49d1e64L,
-        0x6c77a0a2c98bd0f9L },
-      { 0x62b9a6296baf7cb1L,0xcf065f91ccf72d22L,0x7203cce979639071L,
-        0x09ae4885f9cb732fL } },
-    /* 10 << 154 */
-    { { 0x5e7c3becee8314f3L,0x1c068aeddbea298fL,0x08d381f17c80acecL,
-        0x03b56be8e330495bL },
-      { 0xaeffb8f29222882dL,0x95ff38f6c4af8bf7L,0x50e32d351fc57d8cL,
-        0x6635be5217b444f0L } },
-    /* 11 << 154 */
-    { { 0x04d15276a5177900L,0x4e1dbb47f6858752L,0x5b475622c615796cL,
-        0xa6fa0387691867bfL },
-      { 0xed7f5d562844c6d0L,0xc633cf9b03a2477dL,0xf6be5c402d3721d6L,
-        0xaf312eb7e9fd68e6L } },
-    /* 12 << 154 */
-    { { 0x242792d2e7417ce1L,0xff42bc71970ee7f5L,0x1ff4dc6d5c67a41eL,
-        0x77709b7b20882a58L },
-      { 0x3554731dbe217f2cL,0x2af2a8cd5bb72177L,0x58eee769591dd059L,
-        0xbb2930c94bba6477L } },
-    /* 13 << 154 */
-    { { 0x863ee0477d930cfcL,0x4c262ad1396fd1f4L,0xf4765bc8039af7e1L,
-        0x2519834b5ba104f6L },
-      { 0x7cd61b4cd105f961L,0xa5415da5d63bca54L,0x778280a088a1f17cL,
-        0xc49689492329512cL } },
-    /* 14 << 154 */
-    { { 0x174a9126cecdaa7aL,0xfc8c7e0e0b13247bL,0x29c110d23484c1c4L,
-        0xf8eb8757831dfc3bL },
-      { 0x022f0212c0067452L,0x3f6f69ee7b9b926cL,0x09032da0ef42daf4L,
-        0x79f00ade83f80de4L } },
-    /* 15 << 154 */
-    { { 0x6210db7181236c97L,0x74f7685b3ee0781fL,0x4df7da7ba3e41372L,
-        0x2aae38b1b1a1553eL },
-      { 0x1688e222f6dd9d1bL,0x576954485b8b6487L,0x478d21274b2edeaaL,
-        0xb2818fa51e85956aL } },
-    /* 16 << 154 */
-    { { 0x1e6adddaf176f2c0L,0x01ca4604e2572658L,0x0a404ded85342ffbL,
-        0x8cf60f96441838d6L },
-      { 0x9bbc691cc9071c4aL,0xfd58874434442803L,0x97101c85809c0d81L,
-        0xa7fb754c8c456f7fL } },
-    /* 17 << 154 */
-    { { 0xc95f3c5cd51805e1L,0xab4ccd39b299dca8L,0x3e03d20b47eaf500L,
-        0xfa3165c1d7b80893L },
-      { 0x005e8b54e160e552L,0xdc4972ba9019d11fL,0x21a6972e0c9a4a7aL,
-        0xa52c258f37840fd7L } },
-    /* 18 << 154 */
-    { { 0xf8559ff4c1e99d81L,0x08e1a7d6a3c617c0L,0xb398fd43248c6ba7L,
-        0x6ffedd91d1283794L },
-      { 0x8a6a59d2d629d208L,0xa9d141d53490530eL,0x42f6fc1838505989L,
-        0x09bf250d479d94eeL } },
-    /* 19 << 154 */
-    { { 0x223ad3b1b3822790L,0x6c5926c093b8971cL,0x609efc7e75f7fa62L,
-        0x45d66a6d1ec2d989L },
-      { 0x4422d663987d2792L,0x4a73caad3eb31d2bL,0xf06c2ac1a32cb9e6L,
-        0xd9445c5f91aeba84L } },
-    /* 20 << 154 */
-    { { 0x6af7a1d5af71013fL,0xe68216e50bedc946L,0xf4cba30bd27370a0L,
-        0x7981afbf870421ccL },
-      { 0x02496a679449f0e1L,0x86cfc4be0a47edaeL,0x3073c936b1feca22L,
-        0xf569461203f8f8fbL } },
-    /* 21 << 154 */
-    { { 0xd063b723901515eaL,0x4c6c77a5749cf038L,0x6361e360ab9e5059L,
-        0x596cf171a76a37c0L },
-      { 0x800f53fa6530ae7aL,0x0f5e631e0792a7a6L,0x5cc29c24efdb81c9L,
-        0xa269e8683f9c40baL } },
-    /* 22 << 154 */
-    { { 0xec14f9e12cb7191eL,0x78ea1bd8e5b08ea6L,0x3c65aa9b46332bb9L,
-        0x84cc22b3bf80ce25L },
-      { 0x0098e9e9d49d5bf1L,0xcd4ec1c619087da4L,0x3c9d07c5aef6e357L,
-        0x839a02689f8f64b8L } },
-    /* 23 << 154 */
-    { { 0xc5e9eb62c6d8607fL,0x759689f56aa995e4L,0x70464669bbb48317L,
-        0x921474bfe402417dL },
-      { 0xcabe135b2a354c8cL,0xd51e52d2812fa4b5L,0xec74109653311fe8L,
-        0x4f774535b864514bL } },
-    /* 24 << 154 */
-    { { 0xbcadd6715bde48f8L,0xc97038732189bc7dL,0x5d45299ec709ee8aL,
-        0xd1287ee2845aaff8L },
-      { 0x7d1f8874db1dbf1fL,0xea46588b990c88d6L,0x60ba649a84368313L,
-        0xd5fdcbce60d543aeL } },
-    /* 25 << 154 */
-    { { 0x90b46d43810d5ab0L,0x6739d8f904d7e5ccL,0x021c1a580d337c33L,
-        0x00a6116268e67c40L },
-      { 0x95ef413b379f0a1fL,0xfe126605e9e2ab95L,0x67578b852f5f199cL,
-        0xf5c003292cb84913L } },
-    /* 26 << 154 */
-    { { 0xf795643037577dd8L,0x83b82af429c5fe88L,0x9c1bea26cdbdc132L,
-        0x589fa0869c04339eL },
-      { 0x033e9538b13799dfL,0x85fa8b21d295d034L,0xdf17f73fbd9ddccaL,
-        0xf32bd122ddb66334L } },
-    /* 27 << 154 */
-    { { 0x55ef88a7858b044cL,0x1f0d69c25aa9e397L,0x55fd9cc340d85559L,
-        0xc774df727785ddb2L },
-      { 0x5dcce9f6d3bd2e1cL,0xeb30da20a85dfed0L,0x5ed7f5bbd3ed09c4L,
-        0x7d42a35c82a9c1bdL } },
-    /* 28 << 154 */
-    { { 0xcf3de9959890272dL,0x75f3432a3e713a10L,0x5e13479fe28227b8L,
-        0xb8561ea9fefacdc8L },
-      { 0xa6a297a08332aafdL,0x9b0d8bb573809b62L,0xd2fa1cfd0c63036fL,
-        0x7a16eb55bd64bda8L } },
-    /* 29 << 154 */
-    { { 0x3f5cf5f678e62ddcL,0x2267c45407fd752bL,0x5e361b6b5e437bbeL,
-        0x95c595018354e075L },
-      { 0xec725f85f2b254d9L,0x844b617d2cb52b4eL,0xed8554f5cf425fb5L,
-        0xab67703e2af9f312L } },
-    /* 30 << 154 */
-    { { 0x4cc34ec13cf48283L,0xb09daa259c8a705eL,0xd1e9d0d05b7d4f84L,
-        0x4df6ef64db38929dL },
-      { 0xe16b0763aa21ba46L,0xc6b1d178a293f8fbL,0x0ff5b602d520aabfL,
-        0x94d671bdc339397aL } },
-    /* 31 << 154 */
-    { { 0x7c7d98cf4f5792faL,0x7c5e0d6711215261L,0x9b19a631a7c5a6d4L,
-        0xc8511a627a45274dL },
-      { 0x0c16621ca5a60d99L,0xf7fbab88cf5e48cbL,0xab1e6ca2f7ddee08L,
-        0x83bd08cee7867f3cL } },
-    /* 32 << 154 */
-    { { 0xf7e48e8a2ac13e27L,0x4494f6df4eb1a9f5L,0xedbf84eb981f0a62L,
-        0x49badc32536438f0L },
-      { 0x50bea541004f7571L,0xbac67d10df1c94eeL,0x253d73a1b727bc31L,
-        0xb3d01cf230686e28L } },
-    /* 33 << 154 */
-    { { 0x51b77b1b55fd0b8bL,0xa099d183feec3173L,0x202b1fb7670e72b7L,
-        0xadc88b33a8e1635fL },
-      { 0x34e8216af989d905L,0xc2e68d2029b58d01L,0x11f81c926fe55a93L,
-        0x15f1462a8f296f40L } },
-    /* 34 << 154 */
-    { { 0x1915d375ea3d62f2L,0xa17765a301c8977dL,0x7559710ae47b26f6L,
-        0xe0bd29c8535077a5L },
-      { 0x615f976d08d84858L,0x370dfe8569ced5c1L,0xbbc7503ca734fa56L,
-        0xfbb9f1ec91ac4574L } },
-    /* 35 << 154 */
-    { { 0x95d7ec53060dd7efL,0xeef2dacd6e657979L,0x54511af3e2a08235L,
-        0x1e324aa41f4aea3dL },
-      { 0x550e7e71e6e67671L,0xbccd5190bf52faf7L,0xf880d316223cc62aL,
-        0x0d402c7e2b32eb5dL } },
-    /* 36 << 154 */
-    { { 0xa40bc039306a5a3bL,0x4e0a41fd96783a1bL,0xa1e8d39a0253cdd4L,
-        0x6480be26c7388638L },
-      { 0xee365e1d2285f382L,0x188d8d8fec0b5c36L,0x34ef1a481f0f4d82L,
-        0x1a8f43e1a487d29aL } },
-    /* 37 << 154 */
-    { { 0x8168226d77aefb3aL,0xf69a751e1e72c253L,0x8e04359ae9594df1L,
-        0x475ffd7dd14c0467L },
-      { 0xb5a2c2b13844e95cL,0x85caf647dd12ef94L,0x1ecd2a9ff1063d00L,
-        0x1dd2e22923843311L } },
-    /* 38 << 154 */
-    { { 0x38f0e09d73d17244L,0x3ede77468fc653f1L,0xae4459f5dc20e21cL,
-        0x00db2ffa6a8599eaL },
-      { 0x11682c3930cfd905L,0x4934d074a5c112a6L,0xbdf063c5568bfe95L,
-        0x779a440a016c441aL } },
-    /* 39 << 154 */
-    { { 0x0c23f21897d6fbdcL,0xd3a5cd87e0776aacL,0xcee37f72d712e8dbL,
-        0xfb28c70d26f74e8dL },
-      { 0xffe0c728b61301a0L,0xa6282168d3724354L,0x7ff4cb00768ffedcL,
-        0xc51b308803b02de9L } },
-    /* 40 << 154 */
-    { { 0xa5a8147c3902dda5L,0x35d2f706fe6973b4L,0x5ac2efcfc257457eL,
-        0x933f48d48700611bL },
-      { 0xc365af884912beb2L,0x7f5a4de6162edf94L,0xc646ba7c0c32f34bL,
-        0x632c6af3b2091074L } },
-    /* 41 << 154 */
-    { { 0x58d4f2e3753e43a9L,0x70e1d21724d4e23fL,0xb24bf729afede6a6L,
-        0x7f4a94d8710c8b60L },
-      { 0xaad90a968d4faa6aL,0xd9ed0b32b066b690L,0x52fcd37b78b6dbfdL,
-        0x0b64615e8bd2b431L } },
-    /* 42 << 154 */
-    { { 0x228e2048cfb9fad5L,0xbeaa386d240b76bdL,0x2d6681c890dad7bcL,
-        0x3e553fc306d38f5eL },
-      { 0xf27cdb9b9d5f9750L,0x3e85c52ad28c5b0eL,0x190795af5247c39bL,
-        0x547831ebbddd6828L } },
-    /* 43 << 154 */
-    { { 0xf327a2274a82f424L,0x36919c787e47f89dL,0xe478391943c7392cL,
-        0xf101b9aa2316fefeL },
-      { 0xbcdc9e9c1c5009d2L,0xfb55ea139cd18345L,0xf5b5e231a3ce77c7L,
-        0xde6b4527d2f2cb3dL } },
-    /* 44 << 154 */
-    { { 0x10f6a3339bb26f5fL,0x1e85db8e044d85b6L,0xc3697a0894197e54L,
-        0x65e18cc0a7cb4ea8L },
-      { 0xa38c4f50a471fe6eL,0xf031747a2f13439cL,0x53c4a6bac007318bL,
-        0xa8da3ee51deccb3dL } },
-    /* 45 << 154 */
-    { { 0x0555b31c558216b1L,0x90c7810c2f79e6c2L,0x9b669f4dfe8eed3cL,
-        0x70398ec8e0fac126L },
-      { 0xa96a449ef701b235L,0x0ceecdb3eb94f395L,0x285fc368d0cb7431L,
-        0x0d37bb5216a18c64L } },
-    /* 46 << 154 */
-    { { 0x05110d38b880d2ddL,0xa60f177b65930d57L,0x7da34a67f36235f5L,
-        0x47f5e17c183816b9L },
-      { 0xc7664b57db394af4L,0x39ba215d7036f789L,0x46d2ca0e2f27b472L,
-        0xc42647eef73a84b7L } },
-    /* 47 << 154 */
-    { { 0x44bc754564488f1dL,0xaa922708f4cf85d5L,0x721a01d553e4df63L,
-        0x649c0c515db46cedL },
-      { 0x6bf0d64e3cffcb6cL,0xe3bf93fe50f71d96L,0x75044558bcc194a0L,
-        0x16ae33726afdc554L } },
-    /* 48 << 154 */
-    { { 0xbfc01adf5ca48f3fL,0x64352f06e22a9b84L,0xcee54da1c1099e4aL,
-        0xbbda54e8fa1b89c0L },
-      { 0x166a3df56f6e55fbL,0x1ca44a2420176f88L,0x936afd88dfb7b5ffL,
-        0xe34c24378611d4a0L } },
-    /* 49 << 154 */
-    { { 0x7effbb7586142103L,0x6704ba1b1f34fc4dL,0x7c2a468f10c1b122L,
-        0x36b3a6108c6aace9L },
-      { 0xabfcc0a775a0d050L,0x066f91973ce33e32L,0xce905ef429fe09beL,
-        0x89ee25baa8376351L } },
-    /* 50 << 154 */
-    { { 0x2a3ede22fd29dc76L,0x7fd32ed936f17260L,0x0cadcf68284b4126L,
-        0x63422f08a7951fc8L },
-      { 0x562b24f40807e199L,0xfe9ce5d122ad4490L,0xc2f51b100db2b1b4L,
-        0xeb3613ffe4541d0dL } },
-    /* 51 << 154 */
-    { { 0xbd2c4a052680813bL,0x527aa55d561b08d6L,0xa9f8a40ea7205558L,
-        0xe3eea56f243d0becL },
-      { 0x7b853817a0ff58b3L,0xb67d3f651a69e627L,0x0b76bbb9a869b5d6L,
-        0xa3afeb82546723edL } },
-    /* 52 << 154 */
-    { { 0x5f24416d3e554892L,0x8413b53d430e2a45L,0x99c56aee9032a2a0L,
-        0x09432bf6eec367b1L },
-      { 0x552850c6daf0ecc1L,0x49ebce555bc92048L,0xdfb66ba654811307L,
-        0x1b84f7976f298597L } },
-    /* 53 << 154 */
-    { { 0x795904818d1d7a0dL,0xd9fabe033a6fa556L,0xa40f9c59ba9e5d35L,
-        0xcb1771c1f6247577L },
-      { 0x542a47cae9a6312bL,0xa34b3560552dd8c5L,0xfdf94de00d794716L,
-        0xd46124a99c623094L } },
-    /* 54 << 154 */
-    { { 0x56b7435d68afe8b4L,0x27f205406c0d8ea1L,0x12b77e1473186898L,
-        0xdbc3dd467479490fL },
-      { 0x951a9842c03b0c05L,0x8b1b3bb37921bc96L,0xa573b3462b202e0aL,
-        0x77e4665d47254d56L } },
-    /* 55 << 154 */
-    { { 0x08b70dfcd23e3984L,0xab86e8bcebd14236L,0xaa3e07f857114ba7L,
-        0x5ac71689ab0ef4f2L },
-      { 0x88fca3840139d9afL,0x72733f8876644af0L,0xf122f72a65d74f4aL,
-        0x13931577a5626c7aL } },
-    /* 56 << 154 */
-    { { 0xd5b5d9eb70f8d5a4L,0x375adde7d7bbb228L,0x31e88b860c1c0b32L,
-        0xd1f568c4173edbaaL },
-      { 0x1592fc835459df02L,0x2beac0fb0fcd9a7eL,0xb0a6fdb81b473b0aL,
-        0xe3224c6f0fe8fc48L } },
-    /* 57 << 154 */
-    { { 0x680bd00ee87edf5bL,0x30385f0220e77cf5L,0xe9ab98c04d42d1b2L,
-        0x72d191d2d3816d77L },
-      { 0x1564daca0917d9e5L,0x394eab591f8fed7fL,0xa209aa8d7fbb3896L,
-        0x5564f3b9be6ac98eL } },
-    /* 58 << 154 */
-    { { 0xead21d05d73654efL,0x68d1a9c413d78d74L,0x61e017086d4973a0L,
-        0x83da350046e6d32aL },
-      { 0x6a3dfca468ae0118L,0xa1b9a4c9d02da069L,0x0b2ff9c7ebab8302L,
-        0x98af07c3944ba436L } },
-    /* 59 << 154 */
-    { { 0x85997326995f0f9fL,0x467fade071b58bc6L,0x47e4495abd625a2bL,
-        0xfdd2d01d33c3b8cdL },
-      { 0x2c38ae28c693f9faL,0x48622329348f7999L,0x97bf738e2161f583L,
-        0x15ee2fa7565e8cc9L } },
-    /* 60 << 154 */
-    { { 0xa1a5c8455777e189L,0xcc10bee0456f2829L,0x8ad95c56da762bd5L,
-        0x152e2214e9d91da8L },
-      { 0x975b0e727cb23c74L,0xfd5d7670a90c66dfL,0xb5b5b8ad225ffc53L,
-        0xab6dff73faded2aeL } },
-    /* 61 << 154 */
-    { { 0xebd567816f4cbe9dL,0x0ed8b2496a574bd7L,0x41c246fe81a881faL,
-        0x91564805c3db9c70L },
-      { 0xd7c12b085b862809L,0x1facd1f155858d7bL,0x7693747caf09e92aL,
-        0x3b69dcba189a425fL } },
-    /* 62 << 154 */
-    { { 0x0be28e9f967365efL,0x57300eb2e801f5c9L,0x93b8ac6ad583352fL,
-        0xa2cf1f89cd05b2b7L },
-      { 0x7c0c9b744dcc40ccL,0xfee38c45ada523fbL,0xb49a4dec1099cc4dL,
-        0x325c377f69f069c6L } },
-    /* 63 << 154 */
-    { { 0xe12458ce476cc9ffL,0x580e0b6cc6d4cb63L,0xd561c8b79072289bL,
-        0x0377f264a619e6daL },
-      { 0x2668536288e591a5L,0xa453a7bd7523ca2bL,0x8a9536d2c1df4533L,
-        0xc8e50f2fbe972f79L } },
-    /* 64 << 154 */
-    { { 0xd433e50f6d3549cfL,0x6f33696ffacd665eL,0x695bfdacce11fcb4L,
-        0x810ee252af7c9860L },
-      { 0x65450fe17159bb2cL,0xf7dfbebe758b357bL,0x2b057e74d69fea72L,
-        0xd485717a92731745L } },
-    /* 0 << 161 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 161 */
-    { { 0x896c42e8ee36860cL,0xdaf04dfd4113c22dL,0x1adbb7b744104213L,
-        0xe5fd5fa11fd394eaL },
-      { 0x68235d941a4e0551L,0x6772cfbe18d10151L,0x276071e309984523L,
-        0xe4e879de5a56ba98L } },
-    /* 2 << 161 */
-    { { 0xaaafafb0285b9491L,0x01a0be881e4c705eL,0xff1d4f5d2ad9caabL,
-        0x6e349a4ac37a233fL },
-      { 0xcf1c12464a1c6a16L,0xd99e6b6629383260L,0xea3d43665f6d5471L,
-        0x36974d04ff8cc89bL } },
-    /* 3 << 161 */
-    { { 0xc26c49a1cfe89d80L,0xb42c026dda9c8371L,0xca6c013adad066d2L,
-        0xfb8f722856a4f3eeL },
-      { 0x08b579ecd850935bL,0x34c1a74cd631e1b3L,0xcb5fe596ac198534L,
-        0x39ff21f6e1f24f25L } },
-    /* 4 << 161 */
-    { { 0x27f29e148f929057L,0x7a64ae06c0c853dfL,0x256cd18358e9c5ceL,
-        0x9d9cce82ded092a5L },
-      { 0xcc6e59796e93b7c7L,0xe1e4709231bb9e27L,0xb70b3083aa9e29a0L,
-        0xbf181a753785e644L } },
-    /* 5 << 161 */
-    { { 0xf53f2c658ead09f7L,0x1335e1d59780d14dL,0x69cc20e0cd1b66bcL,
-        0x9b670a37bbe0bfc8L },
-      { 0xce53dc8128efbeedL,0x0c74e77c8326a6e5L,0x3604e0d2b88e9a63L,
-        0xbab38fca13dc2248L } },
-    /* 6 << 161 */
-    { { 0x8ed6e8c85c0a3f1eL,0xbcad24927c87c37fL,0xfdfb62bb9ee3b78dL,
-        0xeba8e477cbceba46L },
-      { 0x37d38cb0eeaede4bL,0x0bc498e87976deb6L,0xb2944c046b6147fbL,
-        0x8b123f35f71f9609L } },
-    /* 7 << 161 */
-    { { 0xa155dcc7de79dc24L,0xf1168a32558f69cdL,0xbac215950d1850dfL,
-        0x15c8295bb204c848L },
-      { 0xf661aa367d8184ffL,0xc396228e30447bdbL,0x11cd5143bde4a59eL,
-        0xe3a26e3b6beab5e6L } },
-    /* 8 << 161 */
-    { { 0xd3b3a13f1402b9d0L,0x573441c32c7bc863L,0x4b301ec4578c3e6eL,
-        0xc26fc9c40adaf57eL },
-      { 0x96e71bfd7493cea3L,0xd05d4b3f1af81456L,0xdaca2a8a6a8c608fL,
-        0x53ef07f60725b276L } },
-    /* 9 << 161 */
-    { { 0x07a5fbd27824fc56L,0x3467521813289077L,0x5bf69fd5e0c48349L,
-        0xa613ddd3b6aa7875L },
-      { 0x7f78c19c5450d866L,0x46f4409c8f84a481L,0x9f1d192890fce239L,
-        0x016c4168b2ce44b9L } },
-    /* 10 << 161 */
-    { { 0xbae023f0c7435978L,0xb152c88820e30e19L,0x9c241645e3fa6fafL,
-        0x735d95c184823e60L },
-      { 0x0319757303955317L,0x0b4b02a9f03b4995L,0x076bf55970274600L,
-        0x32c5cc53aaf57508L } },
-    /* 11 << 161 */
-    { { 0xe8af6d1f60624129L,0xb7bc5d649a5e2b5eL,0x3814b0485f082d72L,
-        0x76f267f2ce19677aL },
-      { 0x626c630fb36eed93L,0x55230cd73bf56803L,0x78837949ce2736a0L,
-        0x0d792d60aa6c55f1L } },
-    /* 12 << 161 */
-    { { 0x0318dbfdd5c7c5d2L,0xb38f8da7072b342dL,0x3569bddc7b8de38aL,
-        0xf25b5887a1c94842L },
-      { 0xb2d5b2842946ad60L,0x854f29ade9d1707eL,0xaa5159dc2c6a4509L,
-        0x899f94c057189837L } },
-    /* 13 << 161 */
-    { { 0xcf6adc51f4a55b03L,0x261762de35e3b2d5L,0x4cc4301204827b51L,
-        0xcd22a113c6021442L },
-      { 0xce2fd61a247c9569L,0x59a50973d152becaL,0x6c835a1163a716d4L,
-        0xc26455ed187dedcfL } },
-    /* 14 << 161 */
-    { { 0x27f536e049ce89e7L,0x18908539cc890cb5L,0x308909abd83c2aa1L,
-        0xecd3142b1ab73bd3L },
-      { 0x6a85bf59b3f5ab84L,0x3c320a68f2bea4c6L,0xad8dc5386da4541fL,
-        0xeaf34eb0b7c41186L } },
-    /* 15 << 161 */
-    { { 0x1c780129977c97c4L,0x5ff9beebc57eb9faL,0xa24d0524c822c478L,
-        0xfd8eec2a461cd415L },
-      { 0xfbde194ef027458cL,0xb4ff53191d1be115L,0x63f874d94866d6f4L,
-        0x35c75015b21ad0c9L } },
-    /* 16 << 161 */
-    { { 0xa6b5c9d646ac49d2L,0x42c77c0b83137aa9L,0x24d000fc68225a38L,
-        0x0f63cfc82fe1e907L },
-      { 0x22d1b01bc6441f95L,0x7d38f719ec8e448fL,0x9b33fa5f787fb1baL,
-        0x94dcfda1190158dfL } },
-    /* 17 << 161 */
-    { { 0xc47cb3395f6d4a09L,0x6b4f355cee52b826L,0x3d100f5df51b930aL,
-        0xf4512fac9f668f69L },
-      { 0x546781d5206c4c74L,0xd021d4d4cb4d2e48L,0x494a54c2ca085c2dL,
-        0xf1dbaca4520850a8L } },
-    /* 18 << 161 */
-    { { 0x63c79326490a1acaL,0xcb64dd9c41526b02L,0xbb772591a2979258L,
-        0x3f58297048d97846L },
-      { 0xd66b70d17c213ba7L,0xc28febb5e8a0ced4L,0x6b911831c10338c1L,
-        0x0d54e389bf0126f3L } },
-    /* 19 << 161 */
-    { { 0x7048d4604af206eeL,0x786c88f677e97cb9L,0xd4375ae1ac64802eL,
-        0x469bcfe1d53ec11cL },
-      { 0xfc9b340d47062230L,0xe743bb57c5b4a3acL,0xfe00b4aa59ef45acL,
-        0x29a4ef2359edf188L } },
-    /* 20 << 161 */
-    { { 0x40242efeb483689bL,0x2575d3f6513ac262L,0xf30037c80ca6db72L,
-        0xc9fcce8298864be2L },
-      { 0x84a112ff0149362dL,0x95e575821c4ae971L,0x1fa4b1a8945cf86cL,
-        0x4525a7340b024a2fL } },
-    /* 21 << 161 */
-    { { 0xe76c8b628f338360L,0x483ff59328edf32bL,0x67e8e90a298b1aecL,
-        0x9caab338736d9a21L },
-      { 0x5c09d2fd66892709L,0x2496b4dcb55a1d41L,0x93f5fb1ae24a4394L,
-        0x08c750496fa8f6c1L } },
-    /* 22 << 161 */
-    { { 0xcaead1c2c905d85fL,0xe9d7f7900733ae57L,0x24c9a65cf07cdd94L,
-        0x7389359ca4b55931L },
-      { 0xf58709b7367e45f7L,0x1f203067cb7e7adcL,0x82444bffc7b72818L,
-        0x07303b35baac8033L } },
-    /* 23 << 161 */
-    { { 0x1e1ee4e4d13b7ea1L,0xe6489b24e0e74180L,0xa5f2c6107e70ef70L,
-        0xa1655412bdd10894L },
-      { 0x555ebefb7af4194eL,0x533c1c3c8e89bd9cL,0x735b9b5789895856L,
-        0x15fb3cd2567f5c15L } },
-    /* 24 << 161 */
-    { { 0x057fed45526f09fdL,0xe8a4f10c8128240aL,0x9332efc4ff2bfd8dL,
-        0x214e77a0bd35aa31L },
-      { 0x32896d7314faa40eL,0x767867ec01e5f186L,0xc9adf8f117a1813eL,
-        0xcb6cda7854741795L } },
-    /* 25 << 161 */
-    { { 0xb7521b6d349d51aaL,0xf56b5a9ee3c7b8e9L,0xc6f1e5c932a096dfL,
-        0x083667c4a3635024L },
-      { 0x365ea13518087f2fL,0xf1b8eaacd136e45dL,0xc8a0e48473aec989L,
-        0xd75a324b142c9259L } },
-    /* 26 << 161 */
-    { { 0xb7b4d00101dae185L,0x45434e0b9b7a94bcL,0xf54339affbd8cb0bL,
-        0xdcc4569ee98ef49eL },
-      { 0x7789318a09a51299L,0x81b4d206b2b025d8L,0xf64aa418fae85792L,
-        0x3e50258facd7baf7L } },
-    /* 27 << 161 */
-    { { 0xdce84cdb2996864bL,0xa2e670891f485fa4L,0xb28b2bb6534c6a5aL,
-        0x31a7ec6bc94b9d39L },
-      { 0x1d217766d6bc20daL,0x4acdb5ec86761190L,0x6872632873701063L,
-        0x4d24ee7c2128c29bL } },
-    /* 28 << 161 */
-    { { 0xc072ebd3a19fd868L,0x612e481cdb8ddd3bL,0xb4e1d7541a64d852L,
-        0x00ef95acc4c6c4abL },
-      { 0x1536d2edaa0a6c46L,0x6129408643774790L,0x54af25e8343fda10L,
-        0x9ff9d98dfd25d6f2L } },
-    /* 29 << 161 */
-    { { 0x0746af7c468b8835L,0x977a31cb730ecea7L,0xa5096b80c2cf4a81L,
-        0xaa9868336458c37aL },
-      { 0x6af29bf3a6bd9d34L,0x6a62fe9b33c5d854L,0x50e6c304b7133b5eL,
-        0x04b601597d6e6848L } },
-    /* 30 << 161 */
-    { { 0x4cd296df5579bea4L,0x10e35ac85ceedaf1L,0x04c4c5fde3bcc5b1L,
-        0x95f9ee8a89412cf9L },
-      { 0x2c9459ee82b6eb0fL,0x2e84576595c2aaddL,0x774a84aed327fcfeL,
-        0xd8c937220368d476L } },
-    /* 31 << 161 */
-    { { 0x0dbd5748f83e8a3bL,0xa579aa968d2495f3L,0x535996a0ae496e9bL,
-        0x07afbfe9b7f9bcc2L },
-      { 0x3ac1dc6d5b7bd293L,0x3b592cff7022323dL,0xba0deb989c0a3e76L,
-        0x18e78e9f4b197acbL } },
-    /* 32 << 161 */
-    { { 0x211cde10296c36efL,0x7ee8967282c4da77L,0xb617d270a57836daL,
-        0xf0cd9c319cb7560bL },
-      { 0x01fdcbf7e455fe90L,0x3fb53cbb7e7334f3L,0x781e2ea44e7de4ecL,
-        0x8adab3ad0b384fd0L } },
-    /* 33 << 161 */
-    { { 0x129eee2f53d64829L,0x7a471e17a261492bL,0xe4f9adb9e4cb4a2cL,
-        0x3d359f6f97ba2c2dL },
-      { 0x346c67860aacd697L,0x92b444c375c2f8a8L,0xc79fa117d85df44eL,
-        0x56782372398ddf31L } },
-    /* 34 << 161 */
-    { { 0x60e690f2bbbab3b8L,0x4851f8ae8b04816bL,0xc72046ab9c92e4d2L,
-        0x518c74a17cf3136bL },
-      { 0xff4eb50af9877d4cL,0x14578d90a919cabbL,0x8218f8c4ac5eb2b6L,
-        0xa3ccc547542016e4L } },
-    /* 35 << 161 */
-    { { 0x025bf48e327f8349L,0xf3e97346f43cb641L,0xdc2bafdf500f1085L,
-        0x571678762f063055L },
-      { 0x5bd914b9411925a6L,0x7c078d48a1123de5L,0xee6bf835182b165dL,
-        0xb11b5e5bba519727L } },
-    /* 36 << 161 */
-    { { 0xe33ea76c1eea7b85L,0x2352b46192d4f85eL,0xf101d334afe115bbL,
-        0xfabc1294889175a3L },
-      { 0x7f6bcdc05233f925L,0xe0a802dbe77fec55L,0xbdb47b758069b659L,
-        0x1c5e12def98fbd74L } },
-    /* 37 << 161 */
-    { { 0x869c58c64b8457eeL,0xa5360f694f7ea9f7L,0xe576c09ff460b38fL,
-        0x6b70d54822b7fb36L },
-      { 0x3fd237f13bfae315L,0x33797852cbdff369L,0x97df25f525b516f9L,
-        0x46f388f2ba38ad2dL } },
-    /* 38 << 161 */
-    { { 0x656c465889d8ddbbL,0x8830b26e70f38ee8L,0x4320fd5cde1212b0L,
-        0xc34f30cfe4a2edb2L },
-      { 0xabb131a356ab64b8L,0x7f77f0ccd99c5d26L,0x66856a37bf981d94L,
-        0x19e76d09738bd76eL } },
-    /* 39 << 161 */
-    { { 0xe76c8ac396238f39L,0xc0a482bea830b366L,0xb7b8eaff0b4eb499L,
-        0x8ecd83bc4bfb4865L },
-      { 0x971b2cb7a2f3776fL,0xb42176a4f4b88adfL,0xb9617df5be1fa446L,
-        0x8b32d508cd031bd2L } },
-    /* 40 << 161 */
-    { { 0x1c6bd47d53b618c0L,0xc424f46c6a227923L,0x7303ffdedd92d964L,
-        0xe971287871b5abf2L },
-      { 0x8f48a632f815561dL,0x85f48ff5d3c055d1L,0x222a14277525684fL,
-        0xd0d841a067360cc3L } },
-    /* 41 << 161 */
-    { { 0x4245a9260b9267c6L,0xc78913f1cf07f863L,0xaa844c8e4d0d9e24L,
-        0xa42ad5223d5f9017L },
-      { 0xbd371749a2c989d5L,0x928292dfe1f5e78eL,0x493b383e0a1ea6daL,
-        0x5136fd8d13aee529L } },
-    /* 42 << 161 */
-    { { 0x860c44b1f2c34a99L,0x3b00aca4bf5855acL,0xabf6aaa0faaf37beL,
-        0x65f436822a53ec08L },
-      { 0x1d9a5801a11b12e1L,0x78a7ab2ce20ed475L,0x0de1067e9a41e0d5L,
-        0x30473f5f305023eaL } },
-    /* 43 << 161 */
-    { { 0xdd3ae09d169c7d97L,0x5cd5baa4cfaef9cdL,0x5cd7440b65a44803L,
-        0xdc13966a47f364deL },
-      { 0x077b2be82b8357c1L,0x0cb1b4c5e9d57c2aL,0x7a4ceb3205ff363eL,
-        0xf310fa4dca35a9efL } },
-    /* 44 << 161 */
-    { { 0xdbb7b352f97f68c6L,0x0c773b500b02cf58L,0xea2e48213c1f96d9L,
-        0xffb357b0eee01815L },
-      { 0xb9c924cde0f28039L,0x0b36c95a46a3fbe4L,0x1faaaea45e46db6cL,
-        0xcae575c31928aaffL } },
-    /* 45 << 161 */
-    { { 0x7f671302a70dab86L,0xfcbd12a971c58cfcL,0xcbef9acfbee0cb92L,
-        0x573da0b9f8c1b583L },
-      { 0x4752fcfe0d41d550L,0xe7eec0e32155cffeL,0x0fc39fcb545ae248L,
-        0x522cb8d18065f44eL } },
-    /* 46 << 161 */
-    { { 0x263c962a70cbb96cL,0xe034362abcd124a9L,0xf120db283c2ae58dL,
-        0xb9a38d49fef6d507L },
-      { 0xb1fd2a821ff140fdL,0xbd162f3020aee7e0L,0x4e17a5d4cb251949L,
-        0x2aebcb834f7e1c3dL } },
-    /* 47 << 161 */
-    { { 0x608eb25f937b0527L,0xf42e1e47eb7d9997L,0xeba699c4b8a53a29L,
-        0x1f921c71e091b536L },
-      { 0xcce29e7b5b26bbd5L,0x7a8ef5ed3b61a680L,0xe5ef8043ba1f1c7eL,
-        0x16ea821718158ddaL } },
-    /* 48 << 161 */
-    { { 0x01778a2b599ff0f9L,0x68a923d78104fc6bL,0x5bfa44dfda694ff3L,
-        0x4f7199dbf7667f12L },
-      { 0xc06d8ff6e46f2a79L,0x08b5deade9f8131dL,0x02519a59abb4ce7cL,
-        0xc4f710bcb42aec3eL } },
-    /* 49 << 161 */
-    { { 0x3d77b05778bde41aL,0x6474bf80b4186b5aL,0x048b3f6788c65741L,
-        0xc64519de03c7c154L },
-      { 0xdf0738460edfcc4fL,0x319aa73748f1aa6bL,0x8b9f8a02ca909f77L,
-        0x902581397580bfefL } },
-    /* 50 << 161 */
-    { { 0xd8bfd3cac0c22719L,0xc60209e4c9ca151eL,0x7a744ab5d9a1a69cL,
-        0x6de5048b14937f8fL },
-      { 0x171938d8e115ac04L,0x7df709401c6b16d2L,0xa6aeb6637f8e94e7L,
-        0xc130388e2a2cf094L } },
-    /* 51 << 161 */
-    { { 0x1850be8477f54e6eL,0x9f258a7265d60fe5L,0xff7ff0c06c9146d6L,
-        0x039aaf90e63a830bL },
-      { 0x38f27a739460342fL,0x4703148c3f795f8aL,0x1bb5467b9681a97eL,
-        0x00931ba5ecaeb594L } },
-    /* 52 << 161 */
-    { { 0xcdb6719d786f337cL,0xd9c01cd2e704397dL,0x0f4a3f20555c2fefL,
-        0x004525097c0af223L },
-      { 0x54a5804784db8e76L,0x3bacf1aa93c8aa06L,0x11ca957cf7919422L,
-        0x5064105378cdaa40L } },
-    /* 53 << 161 */
-    { { 0x7a3038749f7144aeL,0x170c963f43d4acfdL,0x5e14814958ddd3efL,
-        0xa7bde5829e72dba8L },
-      { 0x0769da8b6fa68750L,0xfa64e532572e0249L,0xfcaadf9d2619ad31L,
-        0x87882daaa7b349cdL } },
-    /* 54 << 161 */
-    { { 0x9f6eb7316c67a775L,0xcb10471aefc5d0b1L,0xb433750ce1b806b2L,
-        0x19c5714d57b1ae7eL },
-      { 0xc0dc8b7bed03fd3fL,0xdd03344f31bc194eL,0xa66c52a78c6320b5L,
-        0x8bc82ce3d0b6fd93L } },
-    /* 55 << 161 */
-    { { 0xf8e13501b35f1341L,0xe53156dd25a43e42L,0xd3adf27e4daeb85cL,
-        0xb81d8379bbeddeb5L },
-      { 0x1b0b546e2e435867L,0x9020eb94eba5dd60L,0x37d911618210cb9dL,
-        0x4c596b315c91f1cfL } },
-    /* 56 << 161 */
-    { { 0xb228a90f0e0b040dL,0xbaf02d8245ff897fL,0x2aac79e600fa6122L,
-        0x248288178e36f557L },
-      { 0xb9521d31113ec356L,0x9e48861e15eff1f8L,0x2aa1d412e0d41715L,
-        0x71f8620353f131b8L } },
-    /* 57 << 161 */
-    { { 0xf60da8da3fd19408L,0x4aa716dc278d9d99L,0x394531f7a8c51c90L,
-        0xb560b0e8f59db51cL },
-      { 0xa28fc992fa34bdadL,0xf024fa149cd4f8bdL,0x5cf530f723a9d0d3L,
-        0x615ca193e28c9b56L } },
-    /* 58 << 161 */
-    { { 0x6d2a483d6f73c51eL,0xa4cb2412ea0dc2ddL,0x50663c411eb917ffL,
-        0x3d3a74cfeade299eL },
-      { 0x29b3990f4a7a9202L,0xa9bccf59a7b15c3dL,0x66a3ccdca5df9208L,
-        0x48027c1443f2f929L } },
-    /* 59 << 161 */
-    { { 0xd385377c40b557f0L,0xe001c366cd684660L,0x1b18ed6be2183a27L,
-        0x879738d863210329L },
-      { 0xa687c74bbda94882L,0xd1bbcc48a684b299L,0xaf6f1112863b3724L,
-        0x6943d1b42c8ce9f8L } },
-    /* 60 << 161 */
-    { { 0xe044a3bb098cafb4L,0x27ed231060d48cafL,0x542b56753a31b84dL,
-        0xcbf3dd50fcddbed7L },
-      { 0x25031f1641b1d830L,0xa7ec851dcb0c1e27L,0xac1c8fe0b5ae75dbL,
-        0xb24c755708c52120L } },
-    /* 61 << 161 */
-    { { 0x57f811dc1d4636c3L,0xf8436526681a9939L,0x1f6bc6d99c81adb3L,
-        0x840f8ac35b7d80d4L },
-      { 0x731a9811f4387f1aL,0x7c501cd3b5156880L,0xa5ca4a07dfe68867L,
-        0xf123d8f05fcea120L } },
-    /* 62 << 161 */
-    { { 0x1fbb0e71d607039eL,0x2b70e215cd3a4546L,0x32d2f01d53324091L,
-        0xb796ff08180ab19bL },
-      { 0x32d87a863c57c4aaL,0x2aed9cafb7c49a27L,0x9fb35eac31630d98L,
-        0x338e8cdf5c3e20a3L } },
-    /* 63 << 161 */
-    { { 0x80f1618266cde8dbL,0x4e1599802d72fd36L,0xd7b8f13b9b6e5072L,
-        0xf52139073b7b5dc1L },
-      { 0x4d431f1d8ce4396eL,0x37a1a680a7ed2142L,0xbf375696d01aaf6bL,
-        0xaa1c0c54e63aab66L } },
-    /* 64 << 161 */
-    { { 0x3014368b4ed80940L,0x67e6d0567a6fceddL,0x7c208c49ca97579fL,
-        0xfe3d7a81a23597f6L },
-      { 0x5e2032027e096ae2L,0xb1f3e1e724b39366L,0x26da26f32fdcdffcL,
-        0x79422f1d6097be83L } },
-    /* 0 << 168 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 168 */
-    { { 0x263a2cfb9db3b381L,0x9c3a2deed4df0a4bL,0x728d06e97d04e61fL,
-        0x8b1adfbc42449325L },
-      { 0x6ec1d9397e053a1bL,0xee2be5c766daf707L,0x80ba1e14810ac7abL,
-        0xdd2ae778f530f174L } },
-    /* 2 << 168 */
-    { { 0x0435d97a205b9d8bL,0x6eb8f064056756d4L,0xd5e88a8bb6f8210eL,
-        0x070ef12dec9fd9eaL },
-      { 0x4d8495053bcc876aL,0x12a75338a7404ce3L,0xd22b49e1b8a1db5eL,
-        0xec1f205114bfa5adL } },
-    /* 3 << 168 */
-    { { 0xadbaeb79b6828f36L,0x9d7a025801bd5b9eL,0xeda01e0d1e844b0cL,
-        0x4b625175887edfc9L },
-      { 0x14109fdd9669b621L,0x88a2ca56f6f87b98L,0xfe2eb788170df6bcL,
-        0x0cea06f4ffa473f9L } },
-    /* 4 << 168 */
-    { { 0x43ed81b5c4e83d33L,0xd9f358795efd488bL,0x164a620f9deb4d0fL,
-        0xc6927bdbac6a7394L },
-      { 0x45c28df79f9e0f03L,0x2868661efcd7e1a9L,0x7cf4e8d0ffa348f1L,
-        0x6bd4c284398538e0L } },
-    /* 5 << 168 */
-    { { 0x2618a091289a8619L,0xef796e606671b173L,0x664e46e59090c632L,
-        0xa38062d41e66f8fbL },
-      { 0x6c744a200573274eL,0xd07b67e4a9271394L,0x391223b26bdc0e20L,
-        0xbe2d93f1eb0a05a7L } },
-    /* 6 << 168 */
-    { { 0xf23e2e533f36d141L,0xe84bb3d44dfca442L,0xb804a48d6b7c023aL,
-        0x1e16a8fa76431c3bL },
-      { 0x1b5452adddd472e0L,0x7d405ee70d1ee127L,0x50fc6f1dffa27599L,
-        0x351ac53cbf391b35L } },
-    /* 7 << 168 */
-    { { 0x7efa14b84444896bL,0x64974d2ff94027fbL,0xefdcd0e8de84487dL,
-        0x8c45b2602b48989bL },
-      { 0xa8fcbbc2d8463487L,0xd1b2b3f73fbc476cL,0x21d005b7c8f443c0L,
-        0x518f2e6740c0139cL } },
-    /* 8 << 168 */
-    { { 0x56036e8c06d75fc1L,0x2dcf7bb73249a89fL,0x81dd1d3de245e7ddL,
-        0xf578dc4bebd6e2a7L },
-      { 0x4c028903df2ce7a0L,0xaee362889c39afacL,0xdc847c31146404abL,
-        0x6304c0d8a4e97818L } },
-    /* 9 << 168 */
-    { { 0xae51dca2a91f6791L,0x2abe41909baa9efcL,0xd9d2e2f4559c7ac1L,
-        0xe82f4b51fc9f773aL },
-      { 0xa77130274073e81cL,0xc0276facfbb596fcL,0x1d819fc9a684f70cL,
-        0x29b47fddc9f7b1e0L } },
-    /* 10 << 168 */
-    { { 0x358de103459b1940L,0xec881c595b013e93L,0x51574c9349532ad3L,
-        0x2db1d445b37b46deL },
-      { 0xc6445b87df239fd8L,0xc718af75151d24eeL,0xaea1c4a4f43c6259L,
-        0x40c0e5d770be02f7L } },
-    /* 11 << 168 */
-    { { 0x6a4590f4721b33f2L,0x2124f1fbfedf04eaL,0xf8e53cde9745efe7L,
-        0xe7e1043265f046d9L },
-      { 0xc3fca28ee4d0c7e6L,0x847e339a87253b1bL,0x9b5953483743e643L,
-        0xcb6a0a0b4fd12fc5L } },
-    /* 12 << 168 */
-    { { 0xfb6836c327d02dccL,0x5ad009827a68bcc2L,0x1b24b44c005e912dL,
-        0xcc83d20f811fdcfeL },
-      { 0x36527ec1666fba0cL,0x6994819714754635L,0xfcdcb1a8556da9c2L,
-        0xa593426781a732b2L } },
-    /* 13 << 168 */
-    { { 0xec1214eda714181dL,0x609ac13b6067b341L,0xff4b4c97a545df1fL,
-        0xa124050134d2076bL },
-      { 0x6efa0c231409ca97L,0x254cc1a820638c43L,0xd4e363afdcfb46cdL,
-        0x62c2adc303942a27L } },
-    /* 14 << 168 */
-    { { 0xc67b9df056e46483L,0xa55abb2063736356L,0xab93c098c551bc52L,
-        0x382b49f9b15fe64bL },
-      { 0x9ec221ad4dff8d47L,0x79caf615437df4d6L,0x5f13dc64bb456509L,
-        0xe4c589d9191f0714L } },
-    /* 15 << 168 */
-    { { 0x27b6a8ab3fd40e09L,0xe455842e77313ea9L,0x8b51d1e21f55988bL,
-        0x5716dd73062bbbfcL },
-      { 0x633c11e54e8bf3deL,0x9a0e77b61b85be3bL,0x565107290911cca6L,
-        0x27e76495efa6590fL } },
-    /* 16 << 168 */
-    { { 0xe4ac8b33070d3aabL,0x2643672b9a2cd5e5L,0x52eff79b1cfc9173L,
-        0x665ca49b90a7c13fL },
-      { 0x5a8dda59b3efb998L,0x8a5b922d052f1341L,0xae9ebbab3cf9a530L,
-        0x35986e7bf56da4d7L } },
-    /* 17 << 168 */
-    { { 0x3a636b5cff3513ccL,0xbb0cf8ba3198f7ddL,0xb8d4052241f16f86L,
-        0x760575d8de13a7bfL },
-      { 0x36f74e169f7aa181L,0x163a3ecff509ed1cL,0x6aead61f3c40a491L,
-        0x158c95fcdfe8fcaaL } },
-    /* 18 << 168 */
-    { { 0xa3991b6e13cda46fL,0x79482415342faed0L,0xf3ba5bde666b5970L,
-        0x1d52e6bcb26ab6ddL },
-      { 0x768ba1e78608dd3dL,0x4930db2aea076586L,0xd9575714e7dc1afaL,
-        0x1fc7bf7df7c58817L } },
-    /* 19 << 168 */
-    { { 0x6b47accdd9eee96cL,0x0ca277fbe58cec37L,0x113fe413e702c42aL,
-        0xdd1764eec47cbe51L },
-      { 0x041e7cde7b3ed739L,0x50cb74595ce9e1c0L,0x355685132925b212L,
-        0x7cff95c4001b081cL } },
-    /* 20 << 168 */
-    { { 0x63ee4cbd8088b454L,0xdb7f32f79a9e0c8aL,0xb377d4186b2447cbL,
-        0xe3e982aad370219bL },
-      { 0x06ccc1e4c2a2a593L,0x72c368650773f24fL,0xa13b4da795859423L,
-        0x8bbf1d3375040c8fL } },
-    /* 21 << 168 */
-    { { 0x726f0973da50c991L,0x48afcd5b822d6ee2L,0xe5fc718b20fd7771L,
-        0xb9e8e77dfd0807a1L },
-      { 0x7f5e0f4499a7703dL,0x6972930e618e36f3L,0x2b7c77b823807bbeL,
-        0xe5b82405cb27ff50L } },
-    /* 22 << 168 */
-    { { 0xba8b8be3bd379062L,0xd64b7a1d2dce4a92L,0x040a73c5b2952e37L,
-        0x0a9e252ed438aecaL },
-      { 0xdd43956bc39d3bcbL,0x1a31ca00b32b2d63L,0xd67133b85c417a18L,
-        0xd08e47902ef442c8L } },
-    /* 23 << 168 */
-    { { 0x98cb1ae9255c0980L,0x4bd863812b4a739fL,0x5a5c31e11e4a45a1L,
-        0x1e5d55fe9cb0db2fL },
-      { 0x74661b068ff5cc29L,0x026b389f0eb8a4f4L,0x536b21a458848c24L,
-        0x2e5bf8ec81dc72b0L } },
-    /* 24 << 168 */
-    { { 0x03c187d0ad886aacL,0x5c16878ab771b645L,0xb07dfc6fc74045abL,
-        0x2c6360bf7800caedL },
-      { 0x24295bb5b9c972a3L,0xc9e6f88e7c9a6dbaL,0x90ffbf2492a79aa6L,
-        0xde29d50a41c26ac2L } },
-    /* 25 << 168 */
-    { { 0x9f0af483d309cbe6L,0x5b020d8ae0bced4fL,0x606e986db38023e3L,
-        0xad8f2c9d1abc6933L },
-      { 0x19292e1de7400e93L,0xfe3e18a952be5e4dL,0xe8e9771d2e0680bfL,
-        0x8c5bec98c54db063L } },
-    /* 26 << 168 */
-    { { 0x2af9662a74a55d1fL,0xe3fbf28f046f66d8L,0xa3a72ab4d4dc4794L,
-        0x09779f455c7c2dd8L },
-      { 0xd893bdafc3d19d8dL,0xd5a7509457d6a6dfL,0x8cf8fef9952e6255L,
-        0x3da67cfbda9a8affL } },
-    /* 27 << 168 */
-    { { 0x4c23f62a2c160dcdL,0x34e6c5e38f90eaefL,0x35865519a9a65d5aL,
-        0x07c48aae8fd38a3dL },
-      { 0xb7e7aeda50068527L,0x2c09ef231c90936aL,0x31ecfeb6e879324cL,
-        0xa0871f6bfb0ec938L } },
-    /* 28 << 168 */
-    { { 0xb1f0fb68d84d835dL,0xc90caf39861dc1e6L,0x12e5b0467594f8d7L,
-        0x26897ae265012b92L },
-      { 0xbcf68a08a4d6755dL,0x403ee41c0991fbdaL,0x733e343e3bbf17e8L,
-        0xd2c7980d679b3d65L } },
-    /* 29 << 168 */
-    { { 0x33056232d2e11305L,0x966be492f3c07a6fL,0x6a8878ffbb15509dL,
-        0xff2211010a9b59a4L },
-      { 0x6c9f564aabe30129L,0xc6f2c940336e64cfL,0x0fe752628b0c8022L,
-        0xbe0267e96ae8db87L } },
-    /* 30 << 168 */
-    { { 0x22e192f193bc042bL,0xf085b534b237c458L,0xa0d192bd832c4168L,
-        0x7a76e9e3bdf6271dL },
-      { 0x52a882fab88911b5L,0xc85345e4b4db0eb5L,0xa3be02a681a7c3ffL,
-        0x51889c8cf0ec0469L } },
-    /* 31 << 168 */
-    { { 0x9d031369a5e829e5L,0xcbb4c6fc1607aa41L,0x75ac59a6241d84c1L,
-        0xc043f2bf8829e0eeL },
-      { 0x82a38f758ea5e185L,0x8bda40b9d87cbd9fL,0x9e65e75e2d8fc601L,
-        0x3d515f74a35690b3L } },
-    /* 32 << 168 */
-    { { 0x534acf4fda79e5acL,0x68b83b3a8630215fL,0x5c748b2ed085756eL,
-        0xb0317258e5d37cb2L },
-      { 0x6735841ac5ccc2c4L,0x7d7dc96b3d9d5069L,0xa147e410fd1754bdL,
-        0x65296e94d399ddd5L } },
-    /* 33 << 168 */
-    { { 0xf6b5b2d0bc8fa5bcL,0x8a5ead67500c277bL,0x214625e6dfa08a5dL,
-        0x51fdfedc959cf047L },
-      { 0x6bc9430b289fca32L,0xe36ff0cf9d9bdc3fL,0x2fe187cb58ea0edeL,
-        0xed66af205a900b3fL } },
-    /* 34 << 168 */
-    { { 0x00e0968b5fa9f4d6L,0x2d4066ce37a362e7L,0xa99a9748bd07e772L,
-        0x710989c006a4f1d0L },
-      { 0xd5dedf35ce40cbd8L,0xab55c5f01743293dL,0x766f11448aa24e2cL,
-        0x94d874f8605fbcb4L } },
-    /* 35 << 168 */
-    { { 0xa365f0e8a518001bL,0xee605eb69d04ef0fL,0x5a3915cdba8d4d25L,
-        0x44c0e1b8b5113472L },
-      { 0xcbb024e88b6740dcL,0x89087a53ee1d4f0cL,0xa88fa05c1fc4e372L,
-        0x8bf395cbaf8b3af2L } },
-    /* 36 << 168 */
-    { { 0x1e71c9a1deb8568bL,0xa35daea080fb3d32L,0xe8b6f2662cf8fb81L,
-        0x6d51afe89490696aL },
-      { 0x81beac6e51803a19L,0xe3d24b7f86219080L,0x727cfd9ddf6f463cL,
-        0x8c6865ca72284ee8L } },
-    /* 37 << 168 */
-    { { 0x32c88b7db743f4efL,0x3793909be7d11dceL,0xd398f9222ff2ebe8L,
-        0x2c70ca44e5e49796L },
-      { 0xdf4d9929cb1131b1L,0x7826f29825888e79L,0x4d3a112cf1d8740aL,
-        0x00384cb6270afa8bL } },
-    /* 38 << 168 */
-    { { 0xcb64125b3ab48095L,0x3451c25662d05106L,0xd73d577da4955845L,
-        0x39570c16bf9f4433L },
-      { 0xd7dfaad3adecf263L,0xf1c3d8d1dc76e102L,0x5e774a5854c6a836L,
-        0xdad4b6723e92d47bL } },
-    /* 39 << 168 */
-    { { 0xbe7e990ff0d796a0L,0x5fc62478df0e8b02L,0x8aae8bf4030c00adL,
-        0x3d2db93b9004ba0fL },
-      { 0xe48c8a79d85d5ddcL,0xe907caa76bb07f34L,0x58db343aa39eaed5L,
-        0x0ea6e007adaf5724L } },
-    /* 40 << 168 */
-    { { 0xe00df169d23233f3L,0x3e32279677cb637fL,0x1f897c0e1da0cf6cL,
-        0xa651f5d831d6bbddL },
-      { 0xdd61af191a230c76L,0xbd527272cdaa5e4aL,0xca753636d0abcd7eL,
-        0x78bdd37c370bd8dcL } },
-    /* 41 << 168 */
-    { { 0xc23916c217cd93feL,0x65b97a4ddadce6e2L,0xe04ed4eb174e42f8L,
-        0x1491ccaabb21480aL },
-      { 0x145a828023196332L,0x3c3862d7587b479aL,0x9f4a88a301dcd0edL,
-        0x4da2b7ef3ea12f1fL } },
-    /* 42 << 168 */
-    { { 0xf8e7ae33b126e48eL,0x404a0b32f494e237L,0x9beac474c55acadbL,
-        0x4ee5cf3bcbec9fd9L },
-      { 0x336b33b97df3c8c3L,0xbd905fe3b76808fdL,0x8f436981aa45c16aL,
-        0x255c5bfa3dd27b62L } },
-    /* 43 << 168 */
-    { { 0x71965cbfc3dd9b4dL,0xce23edbffc068a87L,0xb78d4725745b029bL,
-        0x74610713cefdd9bdL },
-      { 0x7116f75f1266bf52L,0x0204672218e49bb6L,0xdf43df9f3d6f19e3L,
-        0xef1bc7d0e685cb2fL } },
-    /* 44 << 168 */
-    { { 0xcddb27c17078c432L,0xe1961b9cb77fedb7L,0x1edc2f5cc2290570L,
-        0x2c3fefca19cbd886L },
-      { 0xcf880a36c2af389aL,0x96c610fdbda71ceaL,0xf03977a932aa8463L,
-        0x8eb7763f8586d90aL } },
-    /* 45 << 168 */
-    { { 0x3f3424542a296e77L,0xc871868342837a35L,0x7dc710906a09c731L,
-        0x54778ffb51b816dbL },
-      { 0x6b33bfecaf06defdL,0xfe3c105f8592b70bL,0xf937fda461da6114L,
-        0x3c13e6514c266ad7L } },
-    /* 46 << 168 */
-    { { 0xe363a829855938e8L,0x2eeb5d9e9de54b72L,0xbeb93b0e20ccfab9L,
-        0x3dffbb5f25e61a25L },
-      { 0x7f655e431acc093dL,0x0cb6cc3d3964ce61L,0x6ab283a1e5e9b460L,
-        0x55d787c5a1c7e72dL } },
-    /* 47 << 168 */
-    { { 0x4d2efd47deadbf02L,0x11e80219ac459068L,0x810c762671f311f0L,
-        0xfa17ef8d4ab6ef53L },
-      { 0xaf47fd2593e43bffL,0x5cb5ff3f0be40632L,0x546871068ee61da3L,
-        0x7764196eb08afd0fL } },
-    /* 48 << 168 */
-    { { 0x831ab3edf0290a8fL,0xcae81966cb47c387L,0xaad7dece184efb4fL,
-        0xdcfc53b34749110eL },
-      { 0x6698f23c4cb632f9L,0xc42a1ad6b91f8067L,0xb116a81d6284180aL,
-        0xebedf5f8e901326fL } },
-    /* 49 << 168 */
-    { { 0xf2274c9f97e3e044L,0x4201852011d09fc9L,0x56a65f17d18e6e23L,
-        0x2ea61e2a352b683cL },
-      { 0x27d291bc575eaa94L,0x9e7bc721b8ff522dL,0x5f7268bfa7f04d6fL,
-        0x5868c73faba41748L } },
-    /* 50 << 168 */
-    { { 0x9f85c2db7be0eeadL,0x511e7842ff719135L,0x5a06b1e9c5ea90d7L,
-        0x0c19e28326fab631L },
-      { 0x8af8f0cfe9206c55L,0x89389cb43553c06aL,0x39dbed97f65f8004L,
-        0x0621b037c508991dL } },
-    /* 51 << 168 */
-    { { 0x1c52e63596e78cc4L,0x5385c8b20c06b4a8L,0xd84ddfdbb0e87d03L,
-        0xc49dfb66934bafadL },
-      { 0x7071e17059f70772L,0x3a073a843a1db56bL,0x034949033b8af190L,
-        0x7d882de3d32920f0L } },
-    /* 52 << 168 */
-    { { 0x91633f0ab2cf8940L,0x72b0b1786f948f51L,0x2d28dc30782653c8L,
-        0x88829849db903a05L },
-      { 0xb8095d0c6a19d2bbL,0x4b9e7f0c86f782cbL,0x7af739882d907064L,
-        0xd12be0fe8b32643cL } },
-    /* 53 << 168 */
-    { { 0x358ed23d0e165dc3L,0x3d47ce624e2378ceL,0x7e2bb0b9feb8a087L,
-        0x3246e8aee29e10b9L },
-      { 0x459f4ec703ce2b4dL,0xe9b4ca1bbbc077cfL,0x2613b4f20e9940c1L,
-        0xfc598bb9047d1eb1L } },
-    /* 54 << 168 */
-    { { 0x9744c62b45036099L,0xa9dee742167c65d8L,0x0c511525dabe1943L,
-        0xda11055493c6c624L },
-      { 0xae00a52c651a3be2L,0xcda5111d884449a6L,0x063c06f4ff33bed1L,
-        0x73baaf9a0d3d76b4L } },
-    /* 55 << 168 */
-    { { 0x52fb0c9d7fc63668L,0x6886c9dd0c039cdeL,0x602bd59955b22351L,
-        0xb00cab02360c7c13L },
-      { 0x8cb616bc81b69442L,0x41486700b55c3ceeL,0x71093281f49ba278L,
-        0xad956d9c64a50710L } },
-    /* 56 << 168 */
-    { { 0x9561f28b638a7e81L,0x54155cdf5980ddc3L,0xb2db4a96d26f247aL,
-        0x9d774e4e4787d100L },
-      { 0x1a9e6e2e078637d2L,0x1c363e2d5e0ae06aL,0x7493483ee9cfa354L,
-        0x76843cb37f74b98dL } },
-    /* 57 << 168 */
-    { { 0xbaca6591d4b66947L,0xb452ce9804460a8cL,0x6830d24643768f55L,
-        0xf4197ed87dff12dfL },
-      { 0x6521b472400dd0f7L,0x59f5ca8f4b1e7093L,0x6feff11b080338aeL,
-        0x0ada31f6a29ca3c6L } },
-    /* 58 << 168 */
-    { { 0x24794eb694a2c215L,0xd83a43ab05a57ab4L,0x264a543a2a6f89feL,
-        0x2c2a3868dd5ec7c2L },
-      { 0xd33739408439d9b2L,0x715ea6720acd1f11L,0x42c1d235e7e6cc19L,
-        0x81ce6e96b990585cL } },
-    /* 59 << 168 */
-    { { 0x04e5dfe0d809c7bdL,0xd7b2580c8f1050abL,0x6d91ad78d8a4176fL,
-        0x0af556ee4e2e897cL },
-      { 0x162a8b73921de0acL,0x52ac9c227ea78400L,0xee2a4eeaefce2174L,
-        0xbe61844e6d637f79L } },
-    /* 60 << 168 */
-    { { 0x0491f1bc789a283bL,0x72d3ac3d880836f4L,0xaa1c5ea388e5402dL,
-        0x1b192421d5cc473dL },
-      { 0x5c0b99989dc84cacL,0xb0a8482d9c6e75b8L,0x639961d03a191ce2L,
-        0xda3bc8656d837930L } },
-    /* 61 << 168 */
-    { { 0xca990653056e6f8fL,0x84861c4164d133a7L,0x8b403276746abe40L,
-        0xb7b4d51aebf8e303L },
-      { 0x05b43211220a255dL,0xc997152c02419e6eL,0x76ff47b6630c2feaL,
-        0x50518677281fdadeL } },
-    /* 62 << 168 */
-    { { 0x3283b8bacf902b0bL,0x8d4b4eb537db303bL,0xcc89f42d755011bcL,
-        0xb43d74bbdd09d19bL },
-      { 0x65746bc98adba350L,0x364eaf8cb51c1927L,0x13c7659610ad72ecL,
-        0x30045121f8d40c20L } },
-    /* 63 << 168 */
-    { { 0x6d2d99b7ea7b979bL,0xcd78cd74e6fb3bcdL,0x11e45a9e86cffbfeL,
-        0x78a61cf4637024f6L },
-      { 0xd06bc8723d502295L,0xf1376854458cb288L,0xb9db26a1342f8586L,
-        0xf33effcf4beee09eL } },
-    /* 64 << 168 */
-    { { 0xd7e0c4cdb30cfb3aL,0x6d09b8c16c9db4c8L,0x40ba1a4207c8d9dfL,
-        0x6fd495f71c52c66dL },
-      { 0xfb0e169f275264daL,0x80c2b746e57d8362L,0xedd987f749ad7222L,
-        0xfdc229af4398ec7bL } },
-    /* 0 << 175 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 175 */
-    { { 0xb0d1ed8452666a58L,0x4bcb6e00e6a9c3c2L,0x3c57411c26906408L,
-        0xcfc2075513556400L },
-      { 0xa08b1c505294dba3L,0xa30ba2868b7dd31eL,0xd70ba90e991eca74L,
-        0x094e142ce762c2b9L } },
-    /* 2 << 175 */
-    { { 0xb81d783e979f3925L,0x1efd130aaf4c89a7L,0x525c2144fd1bf7faL,
-        0x4b2969041b265a9eL },
-      { 0xed8e9634b9db65b6L,0x35c82e3203599d8aL,0xdaa7a54f403563f3L,
-        0x9df088ad022c38abL } },
-    /* 3 << 175 */
-    { { 0xe5cfb066bb3fd30aL,0x429169daeff0354eL,0x809cf8523524e36cL,
-        0x136f4fb30155be1dL },
-      { 0x4826af011fbba712L,0x6ef0f0b4506ba1a1L,0xd9928b3177aea73eL,
-        0xe2bf6af25eaa244eL } },
-    /* 4 << 175 */
-    { { 0x8d084f124237b64bL,0x688ebe99e3ecfd07L,0x57b8a70cf6845dd8L,
-        0x808fc59c5da4a325L },
-      { 0xa9032b2ba3585862L,0xb66825d5edf29386L,0xb5a5a8db431ec29bL,
-        0xbb143a983a1e8dc8L } },
-    /* 5 << 175 */
-    { { 0x35ee94ce12ae381bL,0x3a7f176c86ccda90L,0xc63a657e4606eacaL,
-        0x9ae5a38043cd04dfL },
-      { 0x9bec8d15ed251b46L,0x1f5d6d30caca5e64L,0x347b3b359ff20f07L,
-        0x4d65f034f7e4b286L } },
-    /* 6 << 175 */
-    { { 0x9e93ba24f111661eL,0xedced484b105eb04L,0x96dc9ba1f424b578L,
-        0xbf8f66b7e83e9069L },
-      { 0x872d4df4d7ed8216L,0xbf07f3778e2cbecfL,0x4281d89998e73754L,
-        0xfec85fbb8aab8708L } },
-    /* 7 << 175 */
-    { { 0x9a3c0deea5ba5b0bL,0xe6a116ce42d05299L,0xae9775fee9b02d42L,
-        0x72b05200a1545cb6L },
-      { 0xbc506f7d31a3b4eaL,0xe58930788bbd9b32L,0xc8bc5f37e4b12a97L,
-        0x6b000c064a73b671L } },
-    /* 8 << 175 */
-    { { 0x13b5bf22765fa7d0L,0x59805bf01d6a5370L,0x67a5e29d4280db98L,
-        0x4f53916f776b1ce3L },
-      { 0x714ff61f33ddf626L,0x4206238ea085d103L,0x1c50d4b7e5809ee3L,
-        0x999f450d85f8eb1dL } },
-    /* 9 << 175 */
-    { { 0x658a6051e4c79e9bL,0x1394cb73c66a9feaL,0x27f31ed5c6be7b23L,
-        0xf4c88f365aa6f8feL },
-      { 0x0fb0721f4aaa499eL,0x68b3a7d5e3fb2a6bL,0xa788097d3a92851dL,
-        0x060e7f8ae96f4913L } },
-    /* 10 << 175 */
-    { { 0x82eebe731a3a93bcL,0x42bbf465a21adc1aL,0xc10b6fa4ef030efdL,
-        0x247aa4c787b097bbL },
-      { 0x8b8dc632f60c77daL,0x6ffbc26ac223523eL,0xa4f6ff11344579cfL,
-        0x5825653c980250f6L } },
-    /* 11 << 175 */
-    { { 0xb2dd097ebc1aa2b9L,0x0788939337a0333aL,0x1cf55e7137a0db38L,
-        0x2648487f792c1613L },
-      { 0xdad013363fcef261L,0x6239c81d0eabf129L,0x8ee761de9d276be2L,
-        0x406a7a341eda6ad3L } },
-    /* 12 << 175 */
-    { { 0x4bf367ba4a493b31L,0x54f20a529bf7f026L,0xb696e0629795914bL,
-        0xcddab96d8bf236acL },
-      { 0x4ff2c70aed25ea13L,0xfa1d09eb81cbbbe7L,0x88fc8c87468544c5L,
-        0x847a670d696b3317L } },
-    /* 13 << 175 */
-    { { 0xf133421e64bcb626L,0xaea638c826dee0b5L,0xd6e7680bb310346cL,
-        0xe06f4097d5d4ced3L },
-      { 0x099614527512a30bL,0xf3d867fde589a59aL,0x2e73254f52d0c180L,
-        0x9063d8a3333c74acL } },
-    /* 14 << 175 */
-    { { 0xeda6c595d314e7bcL,0x2ee7464b467899edL,0x1cef423c0a1ed5d3L,
-        0x217e76ea69cc7613L },
-      { 0x27ccce1fe7cda917L,0x12d8016b8a893f16L,0xbcd6de849fc74f6bL,
-        0xfa5817e2f3144e61L } },
-    /* 15 << 175 */
-    { { 0x1f3541640821ee4cL,0x1583eab40bc61992L,0x7490caf61d72879fL,
-        0x998ad9f3f76ae7b2L },
-      { 0x1e181950a41157f7L,0xa9d7e1e6e8da3a7eL,0x963784eb8426b95fL,
-        0x0ee4ed6e542e2a10L } },
-    /* 16 << 175 */
-    { { 0xb79d4cc5ac751e7bL,0x93f96472fd4211bdL,0x8c72d3d2c8de4fc6L,
-        0x7b69cbf5df44f064L },
-      { 0x3da90ca2f4bf94e1L,0x1a5325f8f12894e2L,0x0a437f6c7917d60bL,
-        0x9be7048696c9cb5dL } },
-    /* 17 << 175 */
-    { { 0xb4d880bfe1dc5c05L,0xd738addaeebeeb57L,0x6f0119d3df0fe6a3L,
-        0x5c686e5566eaaf5aL },
-      { 0x9cb10b50dfd0b7ecL,0xbdd0264b6a497c21L,0xfc0935148c546c96L,
-        0x58a947fa79dbf42aL } },
-    /* 18 << 175 */
-    { { 0xc0b48d4e49ccd6d7L,0xff8fb02c88bd5580L,0xc75235e907d473b2L,
-        0x4fab1ac5a2188af3L },
-      { 0x030fa3bc97576ec0L,0xe8c946e80b7e7d2fL,0x40a5c9cc70305600L,
-        0x6d8260a9c8b013b4L } },
-    /* 19 << 175 */
-    { { 0x0368304f70bba85cL,0xad090da1a4a0d311L,0x7170e8702415eec1L,
-        0xbfba35fe8461ea47L },
-      { 0x6279019ac1e91938L,0xa47638f31afc415fL,0x36c65cbbbcba0e0fL,
-        0x02160efb034e2c48L } },
-    /* 20 << 175 */
-    { { 0xe6c51073615cd9e4L,0x498ec047f1243c06L,0x3e5a8809b17b3d8cL,
-        0x5cd99e610cc565f1L },
-      { 0x81e312df7851dafeL,0xf156f5baa79061e2L,0x80d62b71880c590eL,
-        0xbec9746f0a39faa1L } },
-    /* 21 << 175 */
-    { { 0x1d98a9c1c8ed1f7aL,0x09e43bb5a81d5ff2L,0xd5f00f680da0794aL,
-        0x412050d9661aa836L },
-      { 0xa89f7c4e90747e40L,0x6dc05ebbb62a3686L,0xdf4de847308e3353L,
-        0x53868fbb9fb53bb9L } },
-    /* 22 << 175 */
-    { { 0x2b09d2c3cfdcf7ddL,0x41a9fce3723fcab4L,0x73d905f707f57ca3L,
-        0x080f9fb1ac8e1555L },
-      { 0x7c088e849ba7a531L,0x07d35586ed9a147fL,0x602846abaf48c336L,
-        0x7320fd320ccf0e79L } },
-    /* 23 << 175 */
-    { { 0xaa780798b18bd1ffL,0x52c2e300afdd2905L,0xf27ea3d6434267cdL,
-        0x8b96d16d15605b5fL },
-      { 0x7bb310494b45706bL,0xe7f58b8e743d25f8L,0xe9b5e45b87f30076L,
-        0xd19448d65d053d5aL } },
-    /* 24 << 175 */
-    { { 0x1ecc8cb9d3210a04L,0x6bc7d463dafb5269L,0x3e59b10a67c3489fL,
-        0x1769788c65641e1bL },
-      { 0x8a53b82dbd6cb838L,0x7066d6e6236d5f22L,0x03aa1c616908536eL,
-        0xc971da0d66ae9809L } },
-    /* 25 << 175 */
-    { { 0x01b3a86bc49a2facL,0x3b8420c03092e77aL,0x020573007d6fb556L,
-        0x6941b2a1bff40a87L },
-      { 0x140b63080658ff2aL,0x878043633424ab36L,0x0253bd515751e299L,
-        0xc75bcd76449c3e3aL } },
-    /* 26 << 175 */
-    { { 0x92eb40907f8f875dL,0x9c9d754e56c26bbfL,0x158cea618110bbe7L,
-        0x62a6b802745f91eaL },
-      { 0xa79c41aac6e7394bL,0x445b6a83ad57ef10L,0x0c5277eb6ea6f40cL,
-        0x319fe96b88633365L } },
-    /* 27 << 175 */
-    { { 0x0b0fc61f385f63cbL,0x41250c8422bdd127L,0x67d153f109e942c2L,
-        0x60920d08c021ad5dL },
-      { 0x229f5746724d81a5L,0xb7ffb8925bba3299L,0x518c51a1de413032L,
-        0x2a9bfe773c2fd94cL } },
-    /* 28 << 175 */
-    { { 0xcbcde2393191f4fdL,0x43093e16d3d6ada1L,0x184579f358769606L,
-        0x2c94a8b3d236625cL },
-      { 0x6922b9c05c437d8eL,0x3d4ae423d8d9f3c8L,0xf72c31c12e7090a2L,
-        0x4ac3f5f3d76a55bdL } },
-    /* 29 << 175 */
-    { { 0x342508fc6b6af991L,0x0d5271001b5cebbdL,0xb84740d0dd440dd7L,
-        0x748ef841780162fdL },
-      { 0xa8dbfe0edfc6fafbL,0xeadfdf05f7300f27L,0x7d06555ffeba4ec9L,
-        0x12c56f839e25fa97L } },
-    /* 30 << 175 */
-    { { 0x77f84203d39b8c34L,0xed8b1be63125eddbL,0x5bbf2441f6e39dc5L,
-        0xb00f6ee66a5d678aL },
-      { 0xba456ecf57d0ea99L,0xdcae0f5817e06c43L,0x01643de40f5b4baaL,
-        0x2c324341d161b9beL } },
-    /* 31 << 175 */
-    { { 0x80177f55e126d468L,0xed325f1f76748e09L,0x6116004acfa9bdc2L,
-        0x2d8607e63a9fb468L },
-      { 0x0e573e276009d660L,0x3a525d2e8d10c5a1L,0xd26cb45c3b9009a0L,
-        0xb6b0cdc0de9d7448L } },
-    /* 32 << 175 */
-    { { 0x949c9976e1337c26L,0x6faadebdd73d68e5L,0x9e158614f1b768d9L,
-        0x22dfa5579cc4f069L },
-      { 0xccd6da17be93c6d6L,0x24866c61a504f5b9L,0x2121353c8d694da1L,
-        0x1c6ca5800140b8c6L } },
-    /* 33 << 175 */
-    { { 0xc245ad8ce964021eL,0xb83bffba032b82b3L,0xfaa220c647ef9898L,
-        0x7e8d3ac6982c948aL },
-      { 0x1faa2091bc2d124aL,0xbd54c3dd05b15ff4L,0x386bf3abc87c6fb7L,
-        0xfb2b0563fdeb6f66L } },
-    /* 34 << 175 */
-    { { 0x4e77c5575b45afb4L,0xe9ded649efb8912dL,0x7ec9bbf542f6e557L,
-        0x2570dfff62671f00L },
-      { 0x2b3bfb7888e084bdL,0xa024b238f37fe5b4L,0x44e7dc0495649aeeL,
-        0x498ca2555e7ec1d8L } },
-    /* 35 << 175 */
-    { { 0x3bc766eaaaa07e86L,0x0db6facbf3608586L,0xbadd2549bdc259c8L,
-        0x95af3c6e041c649fL },
-      { 0xb36a928c02e30afbL,0x9b5356ad008a88b8L,0x4b67a5f1cf1d9e9dL,
-        0xc6542e47a5d8d8ceL } },
-    /* 36 << 175 */
-    { { 0x73061fe87adfb6ccL,0xcc826fd398678141L,0x00e758b13c80515aL,
-        0x6afe324741485083L },
-      { 0x0fcb08b9b6ae8a75L,0xb8cf388d4acf51e1L,0x344a55606961b9d6L,
-        0x1a6778b86a97fd0cL } },
-    /* 37 << 175 */
-    { { 0xd840fdc1ecc4c7e3L,0xde9fe47d16db68ccL,0xe95f89dea3e216aaL,
-        0x84f1a6a49594a8beL },
-      { 0x7ddc7d725a7b162bL,0xc5cfda19adc817a3L,0x80a5d35078b58d46L,
-        0x93365b1382978f19L } },
-    /* 38 << 175 */
-    { { 0x2e44d22526a1fc90L,0x0d6d10d24d70705dL,0xd94b6b10d70c45f4L,
-        0x0f201022b216c079L },
-      { 0xcec966c5658fde41L,0xa8d2bc7d7e27601dL,0xbfcce3e1ff230be7L,
-        0x3394ff6b0033ffb5L } },
-    /* 39 << 175 */
-    { { 0xd890c5098132c9afL,0xaac4b0eb361e7868L,0x5194ded3e82d15aaL,
-        0x4550bd2e23ae6b7dL },
-      { 0x3fda318eea5399d4L,0xd989bffa91638b80L,0x5ea124d0a14aa12dL,
-        0x1fb1b8993667b944L } },
-    /* 40 << 175 */
-    { { 0x95ec796944c44d6aL,0x91df144a57e86137L,0x915fd62073adac44L,
-        0x8f01732d59a83801L },
-      { 0xec579d253aa0a633L,0x06de5e7cc9d6d59cL,0xc132f958b1ef8010L,
-        0x29476f96e65c1a02L } },
-    /* 41 << 175 */
-    { { 0x336a77c0d34c3565L,0xef1105b21b9f1e9eL,0x63e6d08bf9e08002L,
-        0x9aff2f21c613809eL },
-      { 0xb5754f853a80e75dL,0xde71853e6bbda681L,0x86f041df8197fd7aL,
-        0x8b332e08127817faL } },
-    /* 42 << 175 */
-    { { 0x05d99be8b9c20cdaL,0x89f7aad5d5cd0c98L,0x7ef936fe5bb94183L,
-        0x92ca0753b05cd7f2L },
-      { 0x9d65db1174a1e035L,0x02628cc813eaea92L,0xf2d9e24249e4fbf2L,
-        0x94fdfd9be384f8b7L } },
-    /* 43 << 175 */
-    { { 0x65f5605463428c6bL,0x2f7205b290b409a5L,0xf778bb78ff45ae11L,
-        0xa13045bec5ee53b2L },
-      { 0xe00a14ff03ef77feL,0x689cd59fffef8befL,0x3578f0ed1e9ade22L,
-        0xe99f3ec06268b6a8L } },
-    /* 44 << 175 */
-    { { 0xa2057d91ea1b3c3eL,0x2d1a7053b8823a4aL,0xabbb336a2cca451eL,
-        0xcd2466e32218bb5dL },
-      { 0x3ac1f42fc8cb762dL,0x7e312aae7690211fL,0xebb9bd7345d07450L,
-        0x207c4b8246c2213fL } },
-    /* 45 << 175 */
-    { { 0x99d425c1375913ecL,0x94e45e9667908220L,0xc08f3087cd67dbf6L,
-        0xa5670fbec0887056L },
-      { 0x6717b64a66f5b8fcL,0xd5a56aea786fec28L,0xa8c3f55fc0ff4952L,
-        0xa77fefae457ac49bL } },
-    /* 46 << 175 */
-    { { 0x29882d7c98379d44L,0xd000bdfb509edc8aL,0xc6f95979e66fe464L,
-        0x504a6115fa61bde0L },
-      { 0x56b3b871effea31aL,0x2d3de26df0c21a54L,0x21dbff31834753bfL,
-        0xe67ecf4969269d86L } },
-    /* 47 << 175 */
-    { { 0x7a176952151fe690L,0x035158047f2adb5fL,0xee794b15d1b62a8dL,
-        0xf004ceecaae454e6L },
-      { 0x0897ea7cf0386facL,0x3b62ff12d1fca751L,0x154181df1b7a04ecL,
-        0x2008e04afb5847ecL } },
-    /* 48 << 175 */
-    { { 0xd147148e41dbd772L,0x2b419f7322942654L,0x669f30d3e9c544f7L,
-        0x52a2c223c8540149L },
-      { 0x5da9ee14634dfb02L,0x5f074ff0f47869f3L,0x74ee878da3933accL,
-        0xe65106514fe35ed1L } },
-    /* 49 << 175 */
-    { { 0xb3eb9482f1012e7aL,0x51013cc0a8a566aeL,0xdd5e924347c00d3bL,
-        0x7fde089d946bb0e5L },
-      { 0x030754fec731b4b3L,0x12a136a499fda062L,0x7c1064b85a1a35bcL,
-        0xbf1f5763446c84efL } },
-    /* 50 << 175 */
-    { { 0xed29a56da16d4b34L,0x7fba9d09dca21c4fL,0x66d7ac006d8de486L,
-        0x6006198773a2a5e1L },
-      { 0x8b400f869da28ff0L,0x3133f70843c4599cL,0x9911c9b8ee28cb0dL,
-        0xcd7e28748e0af61dL } },
-    /* 51 << 175 */
-    { { 0x5a85f0f272ed91fcL,0x85214f319cd4a373L,0x881fe5be1925253cL,
-        0xd8dc98e091e8bc76L },
-      { 0x7120affe585cc3a2L,0x724952ed735bf97aL,0x5581e7dc3eb34581L,
-        0x5cbff4f2e52ee57dL } },
-    /* 52 << 175 */
-    { { 0x8d320a0e87d8cc7bL,0x9beaa7f3f1d280d0L,0x7a0b95719beec704L,
-        0x9126332e5b7f0057L },
-      { 0x01fbc1b48ed3bd6dL,0x35bb2c12d945eb24L,0x6404694e9a8ae255L,
-        0xb6092eec8d6abfb3L } },
-    /* 53 << 175 */
-    { { 0x4d76143fcc058865L,0x7b0a5af26e249922L,0x8aef94406a50d353L,
-        0xe11e4bcc64f0e07aL },
-      { 0x4472993aa14a90faL,0x7706e20cba0c51d4L,0xf403292f1532672dL,
-        0x52573bfa21829382L } },
-    /* 54 << 175 */
-    { { 0x6a7bb6a93b5bdb83L,0x08da65c0a4a72318L,0xc58d22aa63eb065fL,
-        0x1717596c1b15d685L },
-      { 0x112df0d0b266d88bL,0xf688ae975941945aL,0x487386e37c292cacL,
-        0x42f3b50d57d6985cL } },
-    /* 55 << 175 */
-    { { 0x6da4f9986a90fc34L,0xc8f257d365ca8a8dL,0xc2feabca6951f762L,
-        0xe1bc81d074c323acL },
-      { 0x1bc68f67251a2a12L,0x10d86587be8a70dcL,0xd648af7ff0f84d2eL,
-        0xf0aa9ebc6a43ac92L } },
-    /* 56 << 175 */
-    { { 0x69e3be0427596893L,0xb6bb02a645bf452bL,0x0875c11af4c698c8L,
-        0x6652b5c7bece3794L },
-      { 0x7b3755fd4f5c0499L,0x6ea16558b5532b38L,0xd1c69889a2e96ef7L,
-        0x9c773c3a61ed8f48L } },
-    /* 57 << 175 */
-    { { 0x2b653a409b323abcL,0xe26605e1f0e1d791L,0x45d410644a87157aL,
-        0x8f9a78b7cbbce616L },
-      { 0xcf1e44aac407edddL,0x81ddd1d8a35b964fL,0x473e339efd083999L,
-        0x6c94bdde8e796802L } },
-    /* 58 << 175 */
-    { { 0x5a304ada8545d185L,0x82ae44ea738bb8cbL,0x628a35e3df87e10eL,
-        0xd3624f3da15b9fe3L },
-      { 0xcc44209b14be4254L,0x7d0efcbcbdbc2ea5L,0x1f60336204c37bbeL,
-        0x21f363f556a5852cL } },
-    /* 59 << 175 */
-    { { 0xa1503d1ca8501550L,0x2251e0e1d8ab10bbL,0xde129c966961c51cL,
-        0x1f7246a481910f68L },
-      { 0x2eb744ee5f2591f2L,0x3c47d33f5e627157L,0x4d6d62c922f3bd68L,
-        0x6120a64bcb8df856L } },
-    /* 60 << 175 */
-    { { 0x3a9ac6c07b5d07dfL,0xa92b95587ef39783L,0xe128a134ab3a9b4fL,
-        0x41c18807b1252f05L },
-      { 0xfc7ed08980ba9b1cL,0xac8dc6dec532a9ddL,0xbf829cef55246809L,
-        0x101b784f5b4ee80fL } },
-    /* 61 << 175 */
-    { { 0xc09945bbb6f11603L,0x57b09dbe41d2801eL,0xfba5202fa97534a8L,
-        0x7fd8ae5fc17b9614L },
-      { 0xa50ba66678308435L,0x9572f77cd3868c4dL,0x0cef7bfd2dd7aab0L,
-        0xe7958e082c7c79ffL } },
-    /* 62 << 175 */
-    { { 0x81262e4225346689L,0x716da290b07c7004L,0x35f911eab7950ee3L,
-        0x6fd72969261d21b5L },
-      { 0x5238980308b640d3L,0x5b0026ee887f12a1L,0x20e21660742e9311L,
-        0x0ef6d5415ff77ff7L } },
-    /* 63 << 175 */
-    { { 0x969127f0f9c41135L,0xf21d60c968a64993L,0x656e5d0ce541875cL,
-        0xf1e0f84ea1d3c233L },
-      { 0x9bcca35906002d60L,0xbe2da60c06191552L,0x5da8bbae61181ec3L,
-        0x9f04b82365806f19L } },
-    /* 64 << 175 */
-    { { 0xf1604a7dd4b79bb8L,0xaee806fb52c878c8L,0x34144f118d47b8e8L,
-        0x72edf52b949f9054L },
-      { 0xebfca84e2127015aL,0x9051d0c09cb7cef3L,0x86e8fe58296deec8L,
-        0x33b2818841010d74L } },
-    /* 0 << 182 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 182 */
-    { { 0x01079383171b445fL,0x9bcf21e38131ad4cL,0x8cdfe205c93987e8L,
-        0xe63f4152c92e8c8fL },
-      { 0x729462a930add43dL,0x62ebb143c980f05aL,0x4f3954e53b06e968L,
-        0xfe1d75ad242cf6b1L } },
-    /* 2 << 182 */
-    { { 0x5f95c6c7af8685c8L,0xd4c1c8ce2f8f01aaL,0xc44bbe322574692aL,
-        0xb8003478d4a4a068L },
-      { 0x7c8fc6e52eca3cdbL,0xea1db16bec04d399L,0xb05bc82e8f2bc5cfL,
-        0x763d517ff44793d2L } },
-    /* 3 << 182 */
-    { { 0x4451c1b808bd98d0L,0x644b1cd46575f240L,0x6907eb337375d270L,
-        0x56c8bebdfa2286bdL },
-      { 0xc713d2acc4632b46L,0x17da427aafd60242L,0x313065b7c95c7546L,
-        0xf8239898bf17a3deL } },
-    /* 4 << 182 */
-    { { 0xf3b7963f4c830320L,0x842c7aa0903203e3L,0xaf22ca0ae7327afbL,
-        0x38e13092967609b6L },
-      { 0x73b8fb62757558f1L,0x3cc3e831f7eca8c1L,0xe4174474f6331627L,
-        0xa77989cac3c40234L } },
-    /* 5 << 182 */
-    { { 0xe5fd17a144a081e0L,0xd797fb7db70e296aL,0x2b472b30481f719cL,
-        0x0e632a98fe6f8c52L },
-      { 0x89ccd116c5f0c284L,0xf51088af2d987c62L,0x2a2bccda4c2de6cfL,
-        0x810f9efef679f0f9L } },
-    /* 6 << 182 */
-    { { 0xb0f394b97ffe4b3eL,0x0b691d21e5fa5d21L,0xb0bd77479dfbbc75L,
-        0xd2830fdafaf78b00L },
-      { 0xf78c249c52434f57L,0x4b1f754598096dabL,0x73bf6f948ff8c0b3L,
-        0x34aef03d454e134cL } },
-    /* 7 << 182 */
-    { { 0xf8d151f4b7ac7ec5L,0xd6ceb95ae50da7d5L,0xa1b492b0dc3a0eb8L,
-        0x75157b69b3dd2863L },
-      { 0xe2c4c74ec5413d62L,0xbe329ff7bc5fc4c7L,0x835a2aea60fa9ddaL,
-        0xf117f5ad7445cb87L } },
-    /* 8 << 182 */
-    { { 0xae8317f4b0166f7aL,0xfbd3e3f7ceec74e6L,0xfdb516ace0874bfdL,
-        0x3d846019c681f3a3L },
-      { 0x0b12ee5c7c1620b0L,0xba68b4dd2b63c501L,0xac03cd326668c51eL,
-        0x2a6279f74e0bcb5bL } },
-    /* 9 << 182 */
-    { { 0x17bd69b06ae85c10L,0x729469791dfdd3a6L,0xd9a032682c078becL,
-        0x41c6a658bfd68a52L },
-      { 0xcdea10240e023900L,0xbaeec121b10d144dL,0x5a600e74058ab8dcL,
-        0x1333af21bb89ccddL } },
-    /* 10 << 182 */
-    { { 0xdf25eae03aaba1f1L,0x2cada16e3b7144cfL,0x657ee27d71ab98bcL,
-        0x99088b4c7a6fc96eL },
-      { 0x05d5c0a03549dbd4L,0x42cbdf8ff158c3acL,0x3fb6b3b087edd685L,
-        0x22071cf686f064d0L } },
-    /* 11 << 182 */
-    { { 0xd2d6721fff2811e5L,0xdb81b703fe7fae8cL,0x3cfb74efd3f1f7bbL,
-        0x0cdbcd7616cdeb5dL },
-      { 0x4f39642a566a808cL,0x02b74454340064d6L,0xfabbadca0528fa6fL,
-        0xe4c3074cd3fc0bb6L } },
-    /* 12 << 182 */
-    { { 0xb32cb8b0b796d219L,0xc3e95f4f34741dd9L,0x8721212568edf6f5L,
-        0x7a03aee4a2b9cb8eL },
-      { 0x0cd3c376f53a89aaL,0x0d8af9b1948a28dcL,0xcf86a3f4902ab04fL,
-        0x8aacb62a7f42002dL } },
-    /* 13 << 182 */
-    { { 0x106985ebf62ffd52L,0xe670b54e5797bf10L,0x4b405209c5e30aefL,
-        0x12c97a204365b5e9L },
-      { 0x104646ce1fe32093L,0x13cb4ff63907a8c9L,0x8b9f30d1d46e726bL,
-        0xe1985e21aba0f499L } },
-    /* 14 << 182 */
-    { { 0xc573dea910a230cdL,0x24f46a93cd30f947L,0xf2623fcfabe2010aL,
-        0x3f278cb273f00e4fL },
-      { 0xed55c67d50b920ebL,0xf1cb9a2d8e760571L,0x7c50d1090895b709L,
-        0x4207cf07190d4369L } },
-    /* 15 << 182 */
-    { { 0x3b027e81c4127fe1L,0xa9f8b9ad3ae9c566L,0x5ab10851acbfbba5L,
-        0xa747d648569556f5L },
-      { 0xcc172b5c2ba97bf7L,0x15e0f77dbcfa3324L,0xa345b7977686279dL,
-        0x5a723480e38003d3L } },
-    /* 16 << 182 */
-    { { 0xfd8e139f8f5fcda8L,0xf3e558c4bdee5bfdL,0xd76cbaf4e33f9f77L,
-        0x3a4c97a471771969L },
-      { 0xda27e84bf6dce6a7L,0xff373d9613e6c2d1L,0xf115193cd759a6e9L,
-        0x3f9b702563d2262cL } },
-    /* 17 << 182 */
-    { { 0xd9764a31317cd062L,0x30779d8e199f8332L,0xd807410616b11b0bL,
-        0x7917ab9f78aeaed8L },
-      { 0xb67a9cbe28fb1d8eL,0x2e313563136eda33L,0x010b7069a371a86cL,
-        0x44d90fa26744e6b7L } },
-    /* 18 << 182 */
-    { { 0x68190867d6b3e243L,0x9fe6cd9d59048c48L,0xb900b02895731538L,
-        0xa012062f32cae04fL },
-      { 0x8107c8bc9399d082L,0x47e8c54a41df12e2L,0x14ba5117b6ef3f73L,
-        0x22260bea81362f0bL } },
-    /* 19 << 182 */
-    { { 0x90ea261e1a18cc20L,0x2192999f2321d636L,0xef64d314e311b6a0L,
-        0xd7401e4c3b54a1f5L },
-      { 0x190199836fbca2baL,0x46ad32938fbffc4bL,0xa142d3f63786bf40L,
-        0xeb5cbc26b67039fcL } },
-    /* 20 << 182 */
-    { { 0x9cb0ae6c252bd479L,0x05e0f88a12b5848fL,0x78f6d2b2a5c97663L,
-        0x6f6e149bc162225cL },
-      { 0xe602235cde601a89L,0xd17bbe98f373be1fL,0xcaf49a5ba8471827L,
-        0x7e1a0a8518aaa116L } },
-    /* 21 << 182 */
-    { { 0x6c833196270580c3L,0x1e233839f1c98a14L,0x67b2f7b4ae34e0a5L,
-        0x47ac8745d8ce7289L },
-      { 0x2b74779a100dd467L,0x274a43374ee50d09L,0x603dcf1383608bc9L,
-        0xcd9da6c3c89e8388L } },
-    /* 22 << 182 */
-    { { 0x2660199f355116acL,0xcc38bb59b6d18eedL,0x3075f31f2f4bc071L,
-        0x9774457f265dc57eL },
-      { 0x06a6a9c8c6db88bbL,0x6429d07f4ec98e04L,0x8d05e57b05ecaa8bL,
-        0x20f140b17872ea7bL } },
-    /* 23 << 182 */
-    { { 0xdf8c0f09ca494693L,0x48d3a020f252e909L,0x4c5c29af57b14b12L,
-        0x7e6fa37dbf47ad1cL },
-      { 0x66e7b50649a0c938L,0xb72c0d486be5f41fL,0x6a6242b8b2359412L,
-        0xcd35c7748e859480L } },
-    /* 24 << 182 */
-    { { 0x12536fea87baa627L,0x58c1fec1f72aa680L,0x6c29b637601e5dc9L,
-        0x9e3c3c1cde9e01b9L },
-      { 0xefc8127b2bcfe0b0L,0x351071022a12f50dL,0x6ccd6cb14879b397L,
-        0xf792f804f8a82f21L } },
-    /* 25 << 182 */
-    { { 0x509d4804a9b46402L,0xedddf85dc10f0850L,0x928410dc4b6208aaL,
-        0xf6229c46391012dcL },
-      { 0xc5a7c41e7727b9b6L,0x289e4e4baa444842L,0x049ba1d9e9a947eaL,
-        0x44f9e47f83c8debcL } },
-    /* 26 << 182 */
-    { { 0xfa77a1fe611f8b8eL,0xfd2e416af518f427L,0xc5fffa70114ebac3L,
-        0xfe57c4e95d89697bL },
-      { 0xfdd053acb1aaf613L,0x31df210fea585a45L,0x318cc10e24985034L,
-        0x1a38efd15f1d6130L } },
-    /* 27 << 182 */
-    { { 0xbf86f2370b1e9e21L,0xb258514d1dbe88aaL,0x1e38a58890c1baf9L,
-        0x2936a01ebdb9b692L },
-      { 0xd576de986dd5b20cL,0xb586bf7170f98ecfL,0xcccf0f12c42d2fd7L,
-        0x8717e61cfb35bd7bL } },
-    /* 28 << 182 */
-    { { 0x8b1e572235e6fc06L,0x3477728f0b3e13d5L,0x150c294daa8a7372L,
-        0xc0291d433bfa528aL },
-      { 0xc6c8bc67cec5a196L,0xdeeb31e45c2e8a7cL,0xba93e244fb6e1c51L,
-        0xb9f8b71b2e28e156L } },
-    /* 29 << 182 */
-    { { 0xce65a287968a2ab9L,0xe3c5ce6946bbcb1fL,0xf8c835b9e7ae3f30L,
-        0x16bbee26ff72b82bL },
-      { 0x665e2017fd42cd22L,0x1e139970f8b1d2a0L,0x125cda2979204932L,
-        0x7aee94a549c3bee5L } },
-    /* 30 << 182 */
-    { { 0x68c7016089821a66L,0xf7c376788f981669L,0xd90829fc48cc3645L,
-        0x346af049d70addfcL },
-      { 0x2057b232370bf29cL,0xf90c73ce42e650eeL,0xe03386eaa126ab90L,
-        0x0e266e7e975a087bL } },
-    /* 31 << 182 */
-    { { 0x80578eb90fca65d9L,0x7e2989ea16af45b8L,0x7438212dcac75a4eL,
-        0x38c7ca394fef36b8L },
-      { 0x8650c494d402676aL,0x26ab5a66f72c7c48L,0x4e6cb426ce3a464eL,
-        0xf8f998962b72f841L } },
-    /* 32 << 182 */
-    { { 0x8c3184911a335cc8L,0x563459ba6a5913e4L,0x1b920d61c7b32919L,
-        0x805ab8b6a02425adL },
-      { 0x2ac512da8d006086L,0x6ca4846abcf5c0fdL,0xafea51d8ac2138d7L,
-        0xcb647545344cd443L } },
-    /* 33 << 182 */
-    { { 0x0429ee8fbd7d9040L,0xee66a2de819b9c96L,0x54f9ec25dea7d744L,
-        0x2ffea642671721bbL },
-      { 0x4f19dbd1114344eaL,0x04304536fd0dbc8bL,0x014b50aa29ec7f91L,
-        0xb5fc22febb06014dL } },
-    /* 34 << 182 */
-    { { 0x60d963a91ee682e0L,0xdf48abc0fe85c727L,0x0cadba132e707c2dL,
-        0xde608d3aa645aeffL },
-      { 0x05f1c28bedafd883L,0x3c362edebd94de1fL,0x8dd0629d13593e41L,
-        0x0a5e736f766d6eafL } },
-    /* 35 << 182 */
-    { { 0xbfa92311f68cf9d1L,0xa4f9ef87c1797556L,0x10d75a1f5601c209L,
-        0x651c374c09b07361L },
-      { 0x49950b5888b5ceadL,0x0ef000586fa9dbaaL,0xf51ddc264e15f33aL,
-        0x1f8b5ca62ef46140L } },
-    /* 36 << 182 */
-    { { 0x343ac0a3ee9523f0L,0xbb75eab2975ea978L,0x1bccf332107387f4L,
-        0x790f92599ab0062eL },
-      { 0xf1a363ad1e4f6a5fL,0x06e08b8462519a50L,0x609151877265f1eeL,
-        0x6a80ca3493ae985eL } },
-    /* 37 << 182 */
-    { { 0x81b29768aaba4864L,0xb13cabf28d52a7d6L,0xb5c363488ead03f1L,
-        0xc932ad9581c7c1c0L },
-      { 0x5452708ecae1e27bL,0x9dac42691b0df648L,0x233e3f0cdfcdb8bcL,
-        0xe6ceccdfec540174L } },
-    /* 38 << 182 */
-    { { 0xbd0d845e95081181L,0xcc8a7920699355d5L,0x111c0f6dc3b375a8L,
-        0xfd95bc6bfd51e0dcL },
-      { 0x4a106a266888523aL,0x4d142bd6cb01a06dL,0x79bfd289adb9b397L,
-        0x0bdbfb94e9863914L } },
-    /* 39 << 182 */
-    { { 0x29d8a2291660f6a6L,0x7f6abcd6551c042dL,0x13039deb0ac3ffe8L,
-        0xa01be628ec8523fbL },
-      { 0x6ea341030ca1c328L,0xc74114bdb903928eL,0x8aa4ff4e9e9144b0L,
-        0x7064091f7f9a4b17L } },
-    /* 40 << 182 */
-    { { 0xa3f4f521e447f2c4L,0x81b8da7a604291f0L,0xd680bc467d5926deL,
-        0x84f21fd534a1202fL },
-      { 0x1d1e31814e9df3d8L,0x1ca4861a39ab8d34L,0x809ddeec5b19aa4aL,
-        0x59f72f7e4d329366L } },
-    /* 41 << 182 */
-    { { 0xa2f93f41386d5087L,0x40bf739cdd67d64fL,0xb449420566702158L,
-        0xc33c65be73b1e178L },
-      { 0xcdcd657c38ca6153L,0x97f4519adc791976L,0xcc7c7f29cd6e1f39L,
-        0x38de9cfb7e3c3932L } },
-    /* 42 << 182 */
-    { { 0xe448eba37b793f85L,0xe9f8dbf9f067e914L,0xc0390266f114ae87L,
-        0x39ed75a7cd6a8e2aL },
-      { 0xadb148487ffba390L,0x67f8cb8b6af9bc09L,0x322c38489c7476dbL,
-        0xa320fecf52a538d6L } },
-    /* 43 << 182 */
-    { { 0xe0493002b2aced2bL,0xdfba1809616bd430L,0x531c4644c331be70L,
-        0xbc04d32e90d2e450L },
-      { 0x1805a0d10f9f142dL,0x2c44a0c547ee5a23L,0x31875a433989b4e3L,
-        0x6b1949fd0c063481L } },
-    /* 44 << 182 */
-    { { 0x2dfb9e08be0f4492L,0x3ff0da03e9d5e517L,0x03dbe9a1f79466a8L,
-        0x0b87bcd015ea9932L },
-      { 0xeb64fc83ab1f58abL,0x6d9598da817edc8aL,0x699cff661d3b67e5L,
-        0x645c0f2992635853L } },
-    /* 45 << 182 */
-    { { 0x253cdd82eabaf21cL,0x82b9602a2241659eL,0x2cae07ec2d9f7091L,
-        0xbe4c720c8b48cd9bL },
-      { 0x6ce5bc036f08d6c9L,0x36e8a997af10bf40L,0x83422d213e10ff12L,
-        0x7b26d3ebbcc12494L } },
-    /* 46 << 182 */
-    { { 0xb240d2d0c9469ad6L,0xc4a11b4d30afa05bL,0x4b604acedd6ba286L,
-        0x184866003ee2864cL },
-      { 0x5869d6ba8d9ce5beL,0x0d8f68c5ff4bfb0dL,0xb69f210b5700cf73L,
-        0x61f6653a6d37c135L } },
-    /* 47 << 182 */
-    { { 0xff3d432b5aff5a48L,0x0d81c4b972ba3a69L,0xee879ae9fa1899efL,
-        0xbac7e2a02d6acafdL },
-      { 0xd6d93f6c1c664399L,0x4c288de15bcb135dL,0x83031dab9dab7cbfL,
-        0xfe23feb03abbf5f0L } },
-    /* 48 << 182 */
-    { { 0x9f1b2466cdedca85L,0x140bb7101a09538cL,0xac8ae8515e11115dL,
-        0x0d63ff676f03f59eL },
-      { 0x755e55517d234afbL,0x61c2db4e7e208fc1L,0xaa9859cef28a4b5dL,
-        0xbdd6d4fc34af030fL } },
-    /* 49 << 182 */
-    { { 0xd1c4a26d3be01cb1L,0x9ba14ffc243aa07cL,0xf95cd3a9b2503502L,
-        0xe379bc067d2a93abL },
-      { 0x3efc18e9d4ca8d68L,0x083558ec80bb412aL,0xd903b9409645a968L,
-        0xa499f0b69ba6054fL } },
-    /* 50 << 182 */
-    { { 0x208b573cb8349abeL,0x3baab3e530b4fc1cL,0x87e978bacb524990L,
-        0x3524194eccdf0e80L },
-      { 0x627117257d4bcc42L,0xe90a3d9bb90109baL,0x3b1bdd571323e1e0L,
-        0xb78e9bd55eae1599L } },
-    /* 51 << 182 */
-    { { 0x0794b7469e03d278L,0x80178605d70e6297L,0x171792f899c97855L,
-        0x11b393eef5a86b5cL },
-      { 0x48ef6582d8884f27L,0xbd44737abf19ba5fL,0x8698de4ca42062c6L,
-        0x8975eb8061ce9c54L } },
-    /* 52 << 182 */
-    { { 0xd50e57c7d7fe71f3L,0x15342190bc97ce38L,0x51bda2de4df07b63L,
-        0xba12aeae200eb87dL },
-      { 0xabe135d2a9b4f8f6L,0x04619d65fad6d99cL,0x4a6683a77994937cL,
-        0x7a778c8b6f94f09aL } },
-    /* 53 << 182 */
-    { { 0x8c50862320a71b89L,0x241a2aed1c229165L,0x352be595aaf83a99L,
-        0x9fbfee7f1562bac8L },
-      { 0xeaf658b95c4017e3L,0x1dc7f9e015120b86L,0xd84f13dd4c034d6fL,
-        0x283dd737eaea3038L } },
-    /* 54 << 182 */
-    { { 0x197f2609cd85d6a2L,0x6ebbc345fae60177L,0xb80f031b4e12fedeL,
-        0xde55d0c207a2186bL },
-      { 0x1fb3e37f24dcdd5aL,0x8d602da57ed191fbL,0x108fb05676023e0dL,
-        0x70178c71459c20c0L } },
-    /* 55 << 182 */
-    { { 0xfad5a3863fe54cf0L,0xa4a3ec4f02bbb475L,0x1aa5ec20919d94d7L,
-        0x5d3b63b5a81e4ab3L },
-      { 0x7fa733d85ad3d2afL,0xfbc586ddd1ac7a37L,0x282925de40779614L,
-        0xfe0ffffbe74a242aL } },
-    /* 56 << 182 */
-    { { 0x3f39e67f906151e5L,0xcea27f5f55e10649L,0xdca1d4e1c17cf7b7L,
-        0x0c326d122fe2362dL },
-      { 0x05f7ac337dd35df3L,0x0c3b7639c396dbdfL,0x0912f5ac03b7db1cL,
-        0x9dea4b705c9ed4a9L } },
-    /* 57 << 182 */
-    { { 0x475e6e53aae3f639L,0xfaba0e7cfc278bacL,0x16f9e2219490375fL,
-        0xaebf9746a5a7ed0aL },
-      { 0x45f9af3ff41ad5d6L,0x03c4623cb2e99224L,0x82c5bb5cb3cf56aaL,
-        0x6431181934567ed3L } },
-    /* 58 << 182 */
-    { { 0xec57f2118be489acL,0x2821895db9a1104bL,0x610dc8756064e007L,
-        0x8e526f3f5b20d0feL },
-      { 0x6e71ca775b645aeeL,0x3d1dcb9f800e10ffL,0x36b51162189cf6deL,
-        0x2c5a3e306bb17353L } },
-    /* 59 << 182 */
-    { { 0xc186cd3e2a6c6fbfL,0xa74516fa4bf97906L,0x5b4b8f4b279d6901L,
-        0x0c4e57b42b573743L },
-      { 0x75fdb229b6e386b6L,0xb46793fd99deac27L,0xeeec47eacf712629L,
-        0xe965f3c4cbc3b2ddL } },
-    /* 60 << 182 */
-    { { 0x8dd1fb83425c6559L,0x7fc00ee60af06fdaL,0xe98c922533d956dfL,
-        0x0f1ef3354fbdc8a2L },
-      { 0x2abb5145b79b8ea2L,0x40fd2945bdbff288L,0x6a814ac4d7185db7L,
-        0xc4329d6fc084609aL } },
-    /* 61 << 182 */
-    { { 0xc9ba7b52ed1be45dL,0x891dd20de4cd2c74L,0x5a4d4a7f824139b1L,
-        0x66c17716b873c710L },
-      { 0x5e5bc1412843c4e0L,0xd5ac4817b97eb5bfL,0xc0f8af54450c95c7L,
-        0xc91b3fa0318406c5L } },
-    /* 62 << 182 */
-    { { 0x360c340aab9d97f8L,0xfb57bd0790a2d611L,0x4339ae3ca6a6f7e5L,
-        0x9c1fcd2a2feb8a10L },
-      { 0x972bcca9c7ea7432L,0x1b0b924c308076f6L,0x80b2814a2a5b4ca5L,
-        0x2f78f55b61ef3b29L } },
-    /* 63 << 182 */
-    { { 0xf838744ac18a414fL,0xc611eaae903d0a86L,0x94dabc162a453f55L,
-        0xe6f2e3da14efb279L },
-      { 0x5b7a60179320dc3cL,0x692e382f8df6b5a4L,0x3f5e15e02d40fa90L,
-        0xc87883ae643dd318L } },
-    /* 64 << 182 */
-    { { 0x511053e453544774L,0x834d0ecc3adba2bcL,0x4215d7f7bae371f5L,
-        0xfcfd57bf6c8663bcL },
-      { 0xded2383dd6901b1dL,0x3b49fbb4b5587dc3L,0xfd44a08d07625f62L,
-        0x3ee4d65b9de9b762L } },
-    /* 0 << 189 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 189 */
-    { { 0x64e5137d0d63d1faL,0x658fc05202a9d89fL,0x4889487450436309L,
-        0xe9ae30f8d598da61L },
-      { 0x2ed710d1818baf91L,0xe27e9e068b6a0c20L,0x1e28dcfb1c1a6b44L,
-        0x883acb64d6ac57dcL } },
-    /* 2 << 189 */
-    { { 0x8735728dc2c6ff70L,0x79d6122fc5dc2235L,0x23f5d00319e277f9L,
-        0x7ee84e25dded8cc7L },
-      { 0x91a8afb063cd880aL,0x3f3ea7c63574af60L,0x0cfcdc8402de7f42L,
-        0x62d0792fb31aa152L } },
-    /* 3 << 189 */
-    { { 0x8e1b4e438a5807ceL,0xad283893e4109a7eL,0xc30cc9cbafd59ddaL,
-        0xf65f36c63d8d8093L },
-      { 0xdf31469ea60d32b2L,0xee93df4b3e8191c8L,0x9c1017c5355bdeb5L,
-        0xd26231858616aa28L } },
-    /* 4 << 189 */
-    { { 0xb02c83f9dec31a21L,0x988c8b236ad9d573L,0x53e983aea57be365L,
-        0xe968734d646f834eL },
-      { 0x9137ea8f5da6309bL,0x10f3a624c1f1ce16L,0x782a9ea2ca440921L,
-        0xdf94739e5b46f1b5L } },
-    /* 5 << 189 */
-    { { 0x9f9be006cce85c9bL,0x360e70d6a4c7c2d3L,0x2cd5beeaaefa1e60L,
-        0x64cf63c08c3d2b6dL },
-      { 0xfb107fa3e1cf6f90L,0xb7e937c6d5e044e6L,0x74e8ca78ce34db9fL,
-        0x4f8b36c13e210bd0L } },
-    /* 6 << 189 */
-    { { 0x1df165a434a35ea8L,0x3418e0f74d4412f6L,0x5af1f8af518836c3L,
-        0x42ceef4d130e1965L },
-      { 0x5560ca0b543a1957L,0xc33761e5886cb123L,0x66624b1ffe98ed30L,
-        0xf772f4bf1090997dL } },
-    /* 7 << 189 */
-    { { 0xf4e540bb4885d410L,0x7287f8109ba5f8d7L,0x22d0d865de98dfb1L,
-        0x49ff51a1bcfbb8a3L },
-      { 0xb6b6fa536bc3012eL,0x3d31fd72170d541dL,0x8018724f4b0f4966L,
-        0x79e7399f87dbde07L } },
-    /* 8 << 189 */
-    { { 0x56f8410ef4f8b16aL,0x97241afec47b266aL,0x0a406b8e6d9c87c1L,
-        0x803f3e02cd42ab1bL },
-      { 0x7f0309a804dbec69L,0xa83b85f73bbad05fL,0xc6097273ad8e197fL,
-        0xc097440e5067adc1L } },
-    /* 9 << 189 */
-    { { 0x730eafb63524ff16L,0xd7f9b51e823fc6ceL,0x27bd0d32443e4ac0L,
-        0x40c59ad94d66f217L },
-      { 0x6c33136f17c387a4L,0x5043b8d5eb86804dL,0x74970312675a73c9L,
-        0x838fdb31f16669b6L } },
-    /* 10 << 189 */
-    { { 0xc507b6dd418e7dddL,0x39888d93472f19d6L,0x7eae26be0c27eb4dL,
-        0x17b53ed3fbabb884L },
-      { 0xfc27021b2b01ae4fL,0x88462e87cf488682L,0xbee096ec215e2d87L,
-        0xeb2fea9ad242e29bL } },
-    /* 11 << 189 */
-    { { 0x5d985b5fb821fc28L,0x89d2e197dc1e2ad2L,0x55b566b89030ba62L,
-        0xe3fd41b54f41b1c6L },
-      { 0xb738ac2eb9a96d61L,0x7f8567ca369443f4L,0x8698622df803a440L,
-        0x2b5862368fe2f4dcL } },
-    /* 12 << 189 */
-    { { 0xbbcc00c756b95bceL,0x5ec03906616da680L,0x79162ee672214252L,
-        0x43132b6386a892d2L },
-      { 0x4bdd3ff22f3263bfL,0xd5b3733c9cd0a142L,0x592eaa8244415ccbL,
-        0x663e89248d5474eaL } },
-    /* 13 << 189 */
-    { { 0x8058a25e5236344eL,0x82e8df9dbda76ee6L,0xdcf6efd811cc3d22L,
-        0x00089cda3b4ab529L },
-      { 0x91d3a071bd38a3dbL,0x4ea97fc0ef72b925L,0x0c9fc15bea3edf75L,
-        0x5a6297cda4348ed3L } },
-    /* 14 << 189 */
-    { { 0x0d38ab35ce7c42d4L,0x9fd493ef82feab10L,0x46056b6d82111b45L,
-        0xda11dae173efc5c3L },
-      { 0xdc7402785545a7fbL,0xbdb2601c40d507e6L,0x121dfeeb7066fa58L,
-        0x214369a839ae8c2aL } },
-    /* 15 << 189 */
-    { { 0x195709cb06e0956cL,0x4c9d254f010cd34bL,0xf51e13f70471a532L,
-        0xe19d67911e73054dL },
-      { 0xf702a628db5c7be3L,0xc7141218b24dde05L,0xdc18233cf29b2e2eL,
-        0x3a6bd1e885342dbaL } },
-    /* 16 << 189 */
-    { { 0x3f747fa0b311898cL,0xe2a272e4cd0eac65L,0x4bba5851f914d0bcL,
-        0x7a1a9660c4a43ee3L },
-      { 0xe5a367cea1c8cde9L,0x9d958ba97271abe3L,0xf3ff7eb63d1615cdL,
-        0xa2280dcef5ae20b0L } },
-    /* 17 << 189 */
-    { { 0x56dba5c1cf640147L,0xea5a2e3d5e83d118L,0x04cd6b6dda24c511L,
-        0x1c0f4671e854d214L },
-      { 0x91a6b7a969565381L,0xdc966240decf1f5bL,0x1b22d21cfcf5d009L,
-        0x2a05f6419021dbd5L } },
-    /* 18 << 189 */
-    { { 0x8c0ed566d4312483L,0x5179a95d643e216fL,0xcc185fec17044493L,
-        0xb306333954991a21L },
-      { 0xd801ecdb0081a726L,0x0149b0c64fa89bbbL,0xafe9065a4391b6b9L,
-        0xedc92786d633f3a3L } },
-    /* 19 << 189 */
-    { { 0xe408c24aae6a8e13L,0x85833fde9f3897abL,0x43800e7ed81a0715L,
-        0xde08e346b44ffc5fL },
-      { 0x7094184ccdeff2e0L,0x49f9387b165eaed1L,0x635d6129777c468aL,
-        0x8c0dcfd1538c2dd8L } },
-    /* 20 << 189 */
-    { { 0xd6d9d9e37a6a308bL,0x623758304c2767d3L,0x874a8bc6f38cbeb6L,
-        0xd94d3f1accb6fd9eL },
-      { 0x92a9735bba21f248L,0x272ad0e56cd1efb0L,0x7437b69c05b03284L,
-        0xe7f047026948c225L } },
-    /* 21 << 189 */
-    { { 0x8a56c04acba2ececL,0x0c181270e3a73e41L,0x6cb34e9d03e93725L,
-        0xf77c8713496521a9L },
-      { 0x94569183fa7f9f90L,0xf2e7aa4c8c9707adL,0xced2c9ba26c1c9a3L,
-        0x9109fe9640197507L } },
-    /* 22 << 189 */
-    { { 0x9ae868a9e9adfe1cL,0x3984403d314e39bbL,0xb5875720f2fe378fL,
-        0x33f901e0ba44a628L },
-      { 0xea1125fe3652438cL,0xae9ec4e69dd1f20bL,0x1e740d9ebebf7fbdL,
-        0x6dbd3ddc42dbe79cL } },
-    /* 23 << 189 */
-    { { 0x62082aecedd36776L,0xf612c478e9859039L,0xa493b201032f7065L,
-        0xebd4d8f24ff9b211L },
-      { 0x3f23a0aaaac4cb32L,0xea3aadb715ed4005L,0xacf17ea4afa27e63L,
-        0x56125c1ac11fd66cL } },
-    /* 24 << 189 */
-    { { 0x266344a43794f8dcL,0xdcca923a483c5c36L,0x2d6b6bbf3f9d10a0L,
-        0xb320c5ca81d9bdf3L },
-      { 0x620e28ff47b50a95L,0x933e3b01cef03371L,0xf081bf8599100153L,
-        0x183be9a0c3a8c8d6L } },
-    /* 25 << 189 */
-    { { 0x4e3ddc5ad6bbe24dL,0xc6c7463053843795L,0x78193dd765ec2d4cL,
-        0xb8df26cccd3c89b2L },
-      { 0x98dbe3995a483f8dL,0x72d8a9577dd3313aL,0x65087294ab0bd375L,
-        0xfcd892487c259d16L } },
-    /* 26 << 189 */
-    { { 0x8a9443d77613aa81L,0x8010080085fe6584L,0x70fc4dbc7fb10288L,
-        0xf58280d3e86beee8L },
-      { 0x14fdd82f7c978c38L,0xdf1204c10de44d7bL,0xa08a1c844160252fL,
-        0x591554cac17646a5L } },
-    /* 27 << 189 */
-    { { 0x214a37d6a05bd525L,0x48d5f09b07957b3cL,0x0247cdcbd7109bc9L,
-        0x40f9e4bb30599ce7L },
-      { 0xc325fa03f46ad2ecL,0x00f766cfc3e3f9eeL,0xab556668d43a4577L,
-        0x68d30a613ee03b93L } },
-    /* 28 << 189 */
-    { { 0x7ddc81ea77b46a08L,0xcf5a6477c7480699L,0x43a8cb346633f683L,
-        0x1b867e6b92363c60L },
-      { 0x439211141f60558eL,0xcdbcdd632f41450eL,0x7fc04601cc630e8bL,
-        0xea7c66d597038b43L } },
-    /* 29 << 189 */
-    { { 0x7259b8a504e99fd8L,0x98a8dd124785549aL,0x0e459a7c840552e1L,
-        0xcdfcf4d04bb0909eL },
-      { 0x34a86db253758da7L,0xe643bb83eac997e1L,0x96400bd7530c5b7eL,
-        0x9f97af87b41c8b52L } },
-    /* 30 << 189 */
-    { { 0x34fc8820fbeee3f9L,0x93e5349049091afdL,0x764b9be59a31f35cL,
-        0x71f3786457e3d924L },
-      { 0x02fb34e0943aa75eL,0xa18c9c58ab8ff6e4L,0x080f31b133cf0d19L,
-        0x5c9682db083518a7L } },
-    /* 31 << 189 */
-    { { 0x873d4ca6b709c3deL,0x64a842623575b8f0L,0x6275da1f020154bbL,
-        0x97678caad17cf1abL },
-      { 0x8779795f951a95c3L,0xdd35b16350fccc08L,0x3270962733d8f031L,
-        0x3c5ab10a498dd85cL } },
-    /* 32 << 189 */
-    { { 0xb6c185c341dca566L,0x7de7fedad8622aa3L,0x99e84d92901b6dfbL,
-        0x30a02b0e7c4ad288L },
-      { 0xc7c81daa2fd3cf36L,0xd1319547df89e59fL,0xb2be8184cd496733L,
-        0xd5f449eb93d3412bL } },
-    /* 33 << 189 */
-    { { 0x7ea41b1b25fe531dL,0xf97974326a1d5646L,0x86067f722bde501aL,
-        0xf91481c00c85e89cL },
-      { 0xca8ee465f8b05bc6L,0x1844e1cf02e83cdaL,0xca82114ab4dbe33bL,
-        0x0f9f87694eabfde2L } },
-    /* 34 << 189 */
-    { { 0x4936b1c038b27fe2L,0x63b6359baba402dfL,0x40c0ea2f656bdbabL,
-        0x9c992a896580c39cL },
-      { 0x600e8f152a60aed1L,0xeb089ca4e0bf49dfL,0x9c233d7d2d42d99aL,
-        0x648d3f954c6bc2faL } },
-    /* 35 << 189 */
-    { { 0xdcc383a8e1add3f3L,0xf42c0c6a4f64a348L,0x2abd176f0030dbdbL,
-        0x4de501a37d6c215eL },
-      { 0x4a107c1f4b9a64bcL,0xa77f0ad32496cd59L,0xfb78ac627688dffbL,
-        0x7025a2ca67937d8eL } },
-    /* 36 << 189 */
-    { { 0xfde8b2d1d1a8f4e7L,0xf5b3da477354927cL,0xe48606a3d9205735L,
-        0xac477cc6e177b917L },
-      { 0xfb1f73d2a883239aL,0xe12572f6cc8b8357L,0x9d355e9cfb1f4f86L,
-        0x89b795f8d9f3ec6eL } },
-    /* 37 << 189 */
-    { { 0x27be56f1b54398dcL,0x1890efd73fedeed5L,0x62f77f1f9c6d0140L,
-        0x7ef0e314596f0ee4L },
-      { 0x50ca6631cc61dab3L,0x4a39801df4866e4fL,0x66c8d032ae363b39L,
-        0x22c591e52ead66aaL } },
-    /* 38 << 189 */
-    { { 0x954ba308de02a53eL,0x2a6c060fd389f357L,0xe6cfcde8fbf40b66L,
-        0x8e02fc56c6340ce1L },
-      { 0xe495779573adb4baL,0x7b86122ca7b03805L,0x63f835120c8e6fa6L,
-        0x83660ea0057d7804L } },
-    /* 39 << 189 */
-    { { 0xbad7910521ba473cL,0xb6c50beeded5389dL,0xee2caf4daa7c9bc0L,
-        0xd97b8de48c4e98a7L },
-      { 0xa9f63e70ab3bbddbL,0x3898aabf2597815aL,0x7659af89ac15b3d9L,
-        0xedf7725b703ce784L } },
-    /* 40 << 189 */
-    { { 0x25470fabe085116bL,0x04a4337587285310L,0x4e39187ee2bfd52fL,
-        0x36166b447d9ebc74L },
-      { 0x92ad433cfd4b322cL,0x726aa817ba79ab51L,0xf96eacd8c1db15ebL,
-        0xfaf71e910476be63L } },
-    /* 41 << 189 */
-    { { 0xdd69a640641fad98L,0xb799591829622559L,0x03c6daa5de4199dcL,
-        0x92cadc97ad545eb4L },
-      { 0x1028238b256534e4L,0x73e80ce68595409aL,0x690d4c66d05dc59bL,
-        0xc95f7b8f981dee80L } },
-    /* 42 << 189 */
-    { { 0xf4337014d856ac25L,0x441bd9ddac524dcaL,0x640b3d855f0499f5L,
-        0x39cf84a9d5fda182L },
-      { 0x04e7b055b2aa95a0L,0x29e33f0a0ddf1860L,0x082e74b5423f6b43L,
-        0x217edeb90aaa2b0fL } },
-    /* 43 << 189 */
-    { { 0x58b83f3583cbea55L,0xc485ee4dbc185d70L,0x833ff03b1e5f6992L,
-        0xb5b9b9cccf0c0dd5L },
-      { 0x7caaee8e4e9e8a50L,0x462e907b6269dafdL,0x6ed5cee9fbe791c6L,
-        0x68ca3259ed430790L } },
-    /* 44 << 189 */
-    { { 0x2b72bdf213b5ba88L,0x60294c8a35ef0ac4L,0x9c3230ed19b99b08L,
-        0x560fff176c2589aaL },
-      { 0x552b8487d6770374L,0xa373202d9a56f685L,0xd3e7f90745f175d9L,
-        0x3c2f315fd080d810L } },
-    /* 45 << 189 */
-    { { 0x1130e9dd7b9520e8L,0xc078f9e20af037b5L,0x38cd2ec71e9c104cL,
-        0x0f684368c472fe92L },
-      { 0xd3f1b5ed6247e7efL,0xb32d33a9396dfe21L,0x46f59cf44a9aa2c2L,
-        0x69cd5168ff0f7e41L } },
-    /* 46 << 189 */
-    { { 0x3f59da0f4b3234daL,0xcf0b0235b4579ebeL,0x6d1cbb256d2476c7L,
-        0x4f0837e69dc30f08L },
-      { 0x9a4075bb906f6e98L,0x253bb434c761e7d1L,0xde2e645f6e73af10L,
-        0xb89a40600c5f131cL } },
-    /* 47 << 189 */
-    { { 0xd12840c5b8cc037fL,0x3d093a5b7405bb47L,0x6202c253206348b8L,
-        0xbf5d57fcc55a3ca7L },
-      { 0x89f6c90c8c3bef48L,0x23ac76235a0a960aL,0xdfbd3d6b552b42abL,
-        0x3ef22458132061f6L } },
-    /* 48 << 189 */
-    { { 0xd74e9bdac97e6516L,0x88779360c230f49eL,0xa6ec1de31e74ea49L,
-        0x581dcee53fb645a2L },
-      { 0xbaef23918f483f14L,0x6d2dddfcd137d13bL,0x54cde50ed2743a42L,
-        0x89a34fc5e4d97e67L } },
-    /* 49 << 189 */
-    { { 0x13f1f5b312e08ce5L,0xa80540b8a7f0b2caL,0x854bcf7701982805L,
-        0xb8653ffd233bea04L },
-      { 0x8e7b878702b0b4c9L,0x2675261f9acb170aL,0x061a9d90930c14e5L,
-        0xb59b30e0def0abeaL } },
-    /* 50 << 189 */
-    { { 0x1dc19ea60200ec7dL,0xb6f4a3f90bce132bL,0xb8d5de90f13e27e0L,
-        0xbaee5ef01fade16fL },
-      { 0x6f406aaae4c6cf38L,0xab4cfe06d1369815L,0x0dcffe87efd550c6L,
-        0x9d4f59c775ff7d39L } },
-    /* 51 << 189 */
-    { { 0xb02553b151deb6adL,0x812399a4b1877749L,0xce90f71fca6006e1L,
-        0xc32363a6b02b6e77L },
-      { 0x02284fbedc36c64dL,0x86c81e31a7e1ae61L,0x2576c7e5b909d94aL,
-        0x8b6f7d02818b2bb0L } },
-    /* 52 << 189 */
-    { { 0xeca3ed0756faa38aL,0xa3790e6c9305bb54L,0xd784eeda7bc73061L,
-        0xbd56d3696dd50614L },
-      { 0xd6575949229a8aa9L,0xdcca8f474595ec28L,0x814305c106ab4fe6L,
-        0xc8c3976824f43f16L } },
-    /* 53 << 189 */
-    { { 0xe2a45f36523f2b36L,0x995c6493920d93bbL,0xf8afdab790f1632bL,
-        0x79ebbecd1c295954L },
-      { 0xc7bb3ddb79592f48L,0x67216a7b5f88e998L,0xd91f098bbc01193eL,
-        0xf7d928a5b1db83fcL } },
-    /* 54 << 189 */
-    { { 0x55e38417e991f600L,0x2a91113e2981a934L,0xcbc9d64806b13bdeL,
-        0xb011b6ac0755ff44L },
-      { 0x6f4cb518045ec613L,0x522d2d31c2f5930aL,0x5acae1af382e65deL,
-        0x5764306727bc966fL } },
-    /* 55 << 189 */
-    { { 0x5e12705d1c7193f0L,0xf0f32f473be8858eL,0x785c3d7d96c6dfc7L,
-        0xd75b4a20bf31795dL },
-      { 0x91acf17b342659d4L,0xe596ea3444f0378fL,0x4515708fce52129dL,
-        0x17387e1e79f2f585L } },
-    /* 56 << 189 */
-    { { 0x72cfd2e949dee168L,0x1ae052233e2af239L,0x009e75be1d94066aL,
-        0x6cca31c738abf413L },
-      { 0xb50bd61d9bc49908L,0x4a9b4a8cf5e2bc1eL,0xeb6cc5f7946f83acL,
-        0x27da93fcebffab28L } },
-    /* 57 << 189 */
-    { { 0xea314c964821c8c5L,0x8de49deda83c15f4L,0x7a64cf207af33004L,
-        0x45f1bfebc9627e10L },
-      { 0x878b062654b9df60L,0x5e4fdc3ca95c0b33L,0xe54a37cac2035d8eL,
-        0x9087cda980f20b8cL } },
-    /* 58 << 189 */
-    { { 0x36f61c238319ade4L,0x766f287ade8cfdf8L,0x48821948346f3705L,
-        0x49a7b85316e4f4a2L },
-      { 0xb9b3f8a75cedadfdL,0x8f5628158db2a815L,0xc0b7d55401f68f95L,
-        0x12971e27688a208eL } },
-    /* 59 << 189 */
-    { { 0xc9f8b696d0ff34fcL,0x20824de21222718cL,0x7213cf9f0c95284dL,
-        0xe2ad741bdc158240L },
-      { 0x0ee3a6df54043ccfL,0x16ff479bd84412b3L,0xf6c74ee0dfc98af0L,
-        0xa78a169f52fcd2fbL } },
-    /* 60 << 189 */
-    { { 0xd8ae874699c930e9L,0x1d33e85849e117a5L,0x7581fcb46624759fL,
-        0xde50644f5bedc01dL },
-      { 0xbeec5d00caf3155eL,0x672d66acbc73e75fL,0x86b9d8c6270b01dbL,
-        0xd249ef8350f55b79L } },
-    /* 61 << 189 */
-    { { 0x6131d6d473978fe3L,0xcc4e4542754b00a1L,0x4e05df0557dfcfe9L,
-        0x94b29cdd51ef6bf0L },
-      { 0xe4530cff9bc7edf2L,0x8ac236fdd3da65f3L,0x0faf7d5fc8eb0b48L,
-        0x4d2de14c660eb039L } },
-    /* 62 << 189 */
-    { { 0xc006bba760430e54L,0x10a2d0d6da3289abL,0x9c037a5dd7979c59L,
-        0x04d1f3d3a116d944L },
-      { 0x9ff224738a0983cdL,0x28e25b38c883cabbL,0xe968dba547a58995L,
-        0x2c80b505774eebdfL } },
-    /* 63 << 189 */
-    { { 0xee763b714a953bebL,0x502e223f1642e7f6L,0x6fe4b64161d5e722L,
-        0x9d37c5b0dbef5316L },
-      { 0x0115ed70f8330bc7L,0x139850e675a72789L,0x27d7faecffceccc2L,
-        0x3016a8604fd9f7f6L } },
-    /* 64 << 189 */
-    { { 0xc492ec644cd8f64cL,0x58a2d790279d7b51L,0x0ced1fc51fc75256L,
-        0x3e658aed8f433017L },
-      { 0x0b61942e05da59ebL,0xba3d60a30ddc3722L,0x7c311cd1742e7f87L,
-        0x6473ffeef6b01b6eL } },
-    /* 0 << 196 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 196 */
-    { { 0x8303604f692ac542L,0xf079ffe1227b91d3L,0x19f63e6315aaf9bdL,
-        0xf99ee565f1f344fbL },
-      { 0x8a1d661fd6219199L,0x8c883bc6d48ce41cL,0x1065118f3c74d904L,
-        0x713889ee0faf8b1bL } },
-    /* 2 << 196 */
-    { { 0x972b3f8f81a1b3beL,0x4f3ce145ce2764a0L,0xe2d0f1cc28c4f5f7L,
-        0xdeee0c0dc7f3985bL },
-      { 0x7df4adc0d39e25c3L,0x40619820c467a080L,0x440ebc9361cf5a58L,
-        0x527729a6422ad600L } },
-    /* 3 << 196 */
-    { { 0xca6c0937b1b76ba6L,0x1a2eab854d2026dcL,0xb1715e1519d9ae0aL,
-        0xf1ad9199bac4a026L },
-      { 0x35b3dfb807ea7b0eL,0xedf5496f3ed9eb89L,0x8932e5ff2d6d08abL,
-        0xf314874e25bd2731L } },
-    /* 4 << 196 */
-    { { 0xefb26a753f73f449L,0x1d1c94f88d44fc79L,0x49f0fbc53bc0dc4dL,
-        0xb747ea0b3698a0d0L },
-      { 0x5218c3fe228d291eL,0x35b804b543c129d6L,0xfac859b8d1acc516L,
-        0x6c10697d95d6e668L } },
-    /* 5 << 196 */
-    { { 0xc38e438f0876fd4eL,0x45f0c30783d2f383L,0x203cc2ecb10934cbL,
-        0x6a8f24392c9d46eeL },
-      { 0xf16b431b65ccde7bL,0x41e2cd1827e76a6fL,0xb9c8cf8f4e3484d7L,
-        0x64426efd8315244aL } },
-    /* 6 << 196 */
-    { { 0x1c0a8e44fc94dea3L,0x34c8cdbfdad6a0b0L,0x919c384004113cefL,
-        0xfd32fba415490ffaL },
-      { 0x58d190f6795dcfb7L,0xfef01b0383588bafL,0x9e6d1d63ca1fc1c0L,
-        0x53173f96f0a41ac9L } },
-    /* 7 << 196 */
-    { { 0x2b1d402aba16f73bL,0x2fb310148cf9b9fcL,0x2d51e60e446ef7bfL,
-        0xc731021bb91e1745L },
-      { 0x9d3b47244fee99d4L,0x4bca48b6fac5c1eaL,0x70f5f514bbea9af7L,
-        0x751f55a5974c283aL } },
-    /* 8 << 196 */
-    { { 0x6e30251acb452fdbL,0x31ee696550f30650L,0xb0b3e508933548d9L,
-        0xb8949a4ff4b0ef5bL },
-      { 0x208b83263c88f3bdL,0xab147c30db1d9989L,0xed6515fd44d4df03L,
-        0x17a12f75e72eb0c5L } },
-    /* 9 << 196 */
-    { { 0x3b59796d36cf69dbL,0x1219eee956670c18L,0xfe3341f77a070d8eL,
-        0x9b70130ba327f90cL },
-      { 0x36a324620ae18e0eL,0x2021a62346c0a638L,0x251b5817c62eb0d4L,
-        0x87bfbcdf4c762293L } },
-    /* 10 << 196 */
-    { { 0xf78ab505cdd61d64L,0x8c7a53fcc8c18857L,0xa653ce6f16147515L,
-        0x9c923aa5ea7d52d5L },
-      { 0xc24709cb5c18871fL,0x7d53bec873b3cc74L,0x59264afffdd1d4c4L,
-        0x5555917e240da582L } },
-    /* 11 << 196 */
-    { { 0xcae8bbda548f5a0eL,0x1910eaba3bbfbbe1L,0xae5796857677afc3L,
-        0x49ea61f173ff0b5cL },
-      { 0x786554784f7c3922L,0x95d337cd20c68eefL,0x68f1e1e5df779ab9L,
-        0x14b491b0b5cf69a8L } },
-    /* 12 << 196 */
-    { { 0x7a6cbbe028e3fe89L,0xe7e1fee4c5aac0ebL,0x7f47eda5697e5140L,
-        0x4f450137b454921fL },
-      { 0xdb625f8495cd8185L,0x74be0ba1cdb2e583L,0xaee4fd7cdd5e6de4L,
-        0x4251437de8101739L } },
-    /* 13 << 196 */
-    { { 0x686d72a0ac620366L,0x4be3fb9cb6d59344L,0x6e8b44e7a1eb75b9L,
-        0x84e39da391a5c10cL },
-      { 0x37cc1490b38f0409L,0x029519432c2ade82L,0x9b6887831190a2d8L,
-        0x25627d14231182baL } },
-    /* 14 << 196 */
-    { { 0x6eb550aa658a6d87L,0x1405aaa7cf9c7325L,0xd147142e5c8748c9L,
-        0x7f637e4f53ede0e0L },
-      { 0xf8ca277614ffad2cL,0xe58fb1bdbafb6791L,0x17158c23bf8f93fcL,
-        0x7f15b3730a4a4655L } },
-    /* 15 << 196 */
-    { { 0x39d4add2d842ca72L,0xa71e43913ed96305L,0x5bb09cbe6700be14L,
-        0x68d69d54d8befcf6L },
-      { 0xa45f536737183bcfL,0x7152b7bb3370dff7L,0xcf887baabf12525bL,
-        0xe7ac7bddd6d1e3cdL } },
-    /* 16 << 196 */
-    { { 0x25914f7881fdad90L,0xcf638f560d2cf6abL,0xb90bc03fcc054de5L,
-        0x932811a718b06350L },
-      { 0x2f00b3309bbd11ffL,0x76108a6fb4044974L,0x801bb9e0a851d266L,
-        0x0dd099bebf8990c1L } },
-    /* 17 << 196 */
-    { { 0x58c5aaaaabe32986L,0x0fe9dd2a50d59c27L,0x84951ff48d307305L,
-        0x6c23f82986529b78L },
-      { 0x50bb22180b136a79L,0x7e2174de77a20996L,0x6f00a4b9c0bb4da6L,
-        0x89a25a17efdde8daL } },
-    /* 18 << 196 */
-    { { 0xf728a27ec11ee01dL,0xf900553ae5f10dfbL,0x189a83c802ec893cL,
-        0x3ca5bdc123f66d77L },
-      { 0x9878153797eada9fL,0x59c50ab310256230L,0x346042d9323c69b3L,
-        0x1b715a6d2c460449L } },
-    /* 19 << 196 */
-    { { 0xa41dd4766ae06e0bL,0xcdd7888e9d42e25fL,0x0f395f7456b25a20L,
-        0xeadfe0ae8700e27eL },
-      { 0xb09d52a969950093L,0x3525d9cb327f8d40L,0xb8235a9467df886aL,
-        0x77e4b0dd035faec2L } },
-    /* 20 << 196 */
-    { { 0x115eb20a517d7061L,0x77fe34336c2df683L,0x6870ddc7cdc6fc67L,
-        0xb16105880b87de83L },
-      { 0x343584cad9c4ddbeL,0xb3164f1c3d754be2L,0x0731ed3ac1e6c894L,
-        0x26327dec4f6b904cL } },
-    /* 21 << 196 */
-    { { 0x9d49c6de97b5cd32L,0x40835daeb5eceecdL,0xc66350edd9ded7feL,
-        0x8aeebb5c7a678804L },
-      { 0x51d42fb75b8ee9ecL,0xd7a17bdd8e3ca118L,0x40d7511a2ef4400eL,
-        0xc48990ac875a66f4L } },
-    /* 22 << 196 */
-    { { 0x8de07d2a2199e347L,0xbee755562a39e051L,0x56918786916e51dcL,
-        0xeb1913134a2d89ecL },
-      { 0x6679610d37d341edL,0x434fbb4156d51c2bL,0xe54b7ee7d7492dbaL,
-        0xaa33a79a59021493L } },
-    /* 23 << 196 */
-    { { 0x49fc5054e4bd6d3dL,0x09540f045ab551d0L,0x8acc90854942d3a6L,
-        0x231af02f2d28323bL },
-      { 0x93458cac0992c163L,0x1fef8e71888e3bb4L,0x27578da5be8c268cL,
-        0xcc8be792e805ec00L } },
-    /* 24 << 196 */
-    { { 0x29267baec61c3855L,0xebff429d58c1fd3bL,0x22d886c08c0b93b8L,
-        0xca5e00b22ddb8953L },
-      { 0xcf330117c3fed8b7L,0xd49ac6fa819c01f6L,0x6ddaa6bd3c0fbd54L,
-        0x917430688049a2cfL } },
-    /* 25 << 196 */
-    { { 0xd67f981eaff2ef81L,0xc3654d352818ae80L,0x81d050441b2aa892L,
-        0x2db067bf3d099328L },
-      { 0xe7c79e86703dcc97L,0xe66f9b37e133e215L,0xcdf119a6e39a7a5cL,
-        0x47c60de3876f1b61L } },
-    /* 26 << 196 */
-    { { 0x6e405939d860f1b2L,0x3e9a1dbcf5ed4d4aL,0x3f23619ec9b6bcbdL,
-        0x5ee790cf734e4497L },
-      { 0xf0a834b15bdaf9bbL,0x02cedda74ca295f0L,0x4619aa2bcb8e378cL,
-        0xe5613244cc987ea4L } },
-    /* 27 << 196 */
-    { { 0x0bc022cc76b23a50L,0x4a2793ad0a6c21ceL,0x3832878089cac3f5L,
-        0x29176f1bcba26d56L },
-      { 0x062961874f6f59ebL,0x86e9bca98bdc658eL,0x2ca9c4d357e30402L,
-        0x5438b216516a09bbL } },
-    /* 28 << 196 */
-    { { 0x0a6a063c7672765aL,0x37a3ce640547b9bfL,0x42c099c898b1a633L,
-        0xb5ab800d05ee6961L },
-      { 0xf1963f5911a5acd6L,0xbaee615746201063L,0x36d9a649a596210aL,
-        0xaed043631ba7138cL } },
-    /* 29 << 196 */
-    { { 0xcf817d1ca4a82b76L,0x5586960ef3806be9L,0x7ab67c8909dc6bb5L,
-        0x52ace7a0114fe7ebL },
-      { 0xcd987618cbbc9b70L,0x4f06fd5a604ca5e1L,0x90af14ca6dbde133L,
-        0x1afe4322948a3264L } },
-    /* 30 << 196 */
-    { { 0xa70d2ca6c44b2c6cL,0xab7267990ef87dfeL,0x310f64dc2e696377L,
-        0x49b42e684c8126a0L },
-      { 0x0ea444c3cea0b176L,0x53a8ddf7cb269182L,0xf3e674ebbbba9dcbL,
-        0x0d2878a8d8669d33L } },
-    /* 31 << 196 */
-    { { 0x04b935d5d019b6a3L,0xbb5cf88e406f1e46L,0xa1912d165b57c111L,
-        0x9803fc2119ebfd78L },
-      { 0x4f231c9ec07764a9L,0xd93286eeb75bd055L,0x83a9457d8ee6c9deL,
-        0x046959156087ec90L } },
-    /* 32 << 196 */
-    { { 0x14c6dd8a58d6cd46L,0x9cb633b58e6634d2L,0xc1305047f81bc328L,
-        0x12ede0e226a177e5L },
-      { 0x332cca62065a6f4fL,0xc3a47ecd67be487bL,0x741eb1870f47ed1cL,
-        0x99e66e58e7598b14L } },
-    /* 33 << 196 */
-    { { 0x6f0544ca63d0ff12L,0xe5efc784b610a05fL,0xf72917b17cad7b47L,
-        0x3ff6ea20f2cac0c0L },
-      { 0xcc23791bf21db8b7L,0x7dac70b1d7d93565L,0x682cda1d694bdaadL,
-        0xeb88bb8c1023516dL } },
-    /* 34 << 196 */
-    { { 0xc4c634b4dfdbeb1bL,0x22f5ca72b4ee4deaL,0x1045a368e6524821L,
-        0xed9e8a3f052b18b2L },
-      { 0x9b7f2cb1b961f49aL,0x7fee2ec17b009670L,0x350d875422507a6dL,
-        0x561bd7114db55f1dL } },
-    /* 35 << 196 */
-    { { 0x4c189ccc320bbcafL,0x568434cfdf1de48cL,0x6af1b00e0fa8f128L,
-        0xf0ba9d028907583cL },
-      { 0x735a400432ff9f60L,0x3dd8e4b6c25dcf33L,0xf2230f1642c74cefL,
-        0xd8117623013fa8adL } },
-    /* 36 << 196 */
-    { { 0x36822876f51fe76eL,0x8a6811cc11d62589L,0xc3fc7e6546225718L,
-        0xb7df2c9fc82fdbcdL },
-      { 0x3b1d4e52dd7b205bL,0xb695947847a2e414L,0x05e4d793efa91148L,
-        0xb47ed446fd2e9675L } },
-    /* 37 << 196 */
-    { { 0x1a7098b904c9d9bfL,0x661e28811b793048L,0xb1a16966b01ee461L,
-        0xbc5213082954746fL },
-      { 0xc909a0fc2477de50L,0xd80bb41c7dbd51efL,0xa85be7ec53294905L,
-        0x6d465b1883958f97L } },
-    /* 38 << 196 */
-    { { 0x16f6f330fb6840fdL,0xfaaeb2143401e6c8L,0xaf83d30fccb5b4f8L,
-        0x22885739266dec4bL },
-      { 0x51b4367c7bc467dfL,0x926562e3d842d27aL,0xdfcb66140fea14a6L,
-        0xeb394daef2734cd9L } },
-    /* 39 << 196 */
-    { { 0x3eeae5d211c0be98L,0xb1e6ed11814e8165L,0x191086bce52bce1cL,
-        0x14b74cc6a75a04daL },
-      { 0x63cf11868c060985L,0x071047de2dbd7f7cL,0x4e433b8bce0942caL,
-        0xecbac447d8fec61dL } },
-    /* 40 << 196 */
-    { { 0x8f0ed0e2ebf3232fL,0xfff80f9ec52a2eddL,0xad9ab43375b55fdbL,
-        0x73ca7820e42e0c11L },
-      { 0x6dace0a0e6251b46L,0x89bc6b5c4c0d932dL,0x3438cd77095da19aL,
-        0x2f24a9398d48bdfbL } },
-    /* 41 << 196 */
-    { { 0x99b47e46766561b7L,0x736600e60ed0322aL,0x06a47cb1638e1865L,
-        0x927c1c2dcb136000L },
-      { 0x295423370cc5df69L,0x99b37c0209d649a9L,0xc5f0043c6aefdb27L,
-        0x6cdd99871be95c27L } },
-    /* 42 << 196 */
-    { { 0x69850931390420d2L,0x299c40ac0983efa4L,0x3a05e778af39aeadL,
-        0x8427440843a45193L },
-      { 0x6bcd0fb991a711a0L,0x461592c89f52ab17L,0xb49302b4da3c6ed6L,
-        0xc51fddc7330d7067L } },
-    /* 43 << 196 */
-    { { 0x94babeb6da50d531L,0x521b840da6a7b9daL,0x5305151e404bdc89L,
-        0x1bcde201d0d07449L },
-      { 0xf427a78b3b76a59aL,0xf84841ce07791a1bL,0xebd314bebf91ed1cL,
-        0x8e61d34cbf172943L } },
-    /* 44 << 196 */
-    { { 0x1d5dc4515541b892L,0xb186ee41fc9d9e54L,0x9d9f345ed5bf610dL,
-        0x3e7ba65df6acca9fL },
-      { 0x9dda787aa8369486L,0x09f9dab78eb5ba53L,0x5afb2033d6481bc3L,
-        0x76f4ce30afa62104L } },
-    /* 45 << 196 */
-    { { 0xa8fa00cff4f066b5L,0x89ab5143461dafc2L,0x44339ed7a3389998L,
-        0x2ff862f1bc214903L },
-      { 0x2c88f985b05556e3L,0xcd96058e3467081eL,0x7d6a4176edc637eaL,
-        0xe1743d0936a5acdcL } },
-    /* 46 << 196 */
-    { { 0x66fd72e27eb37726L,0xf7fa264e1481a037L,0x9fbd3bde45f4aa79L,
-        0xed1e0147767c3e22L },
-      { 0x7621f97982e7abe2L,0x19eedc7245f633f8L,0xe69b155e6137bf3aL,
-        0xa0ad13ce414ee94eL } },
-    /* 47 << 196 */
-    { { 0x93e3d5241c0e651aL,0xab1a6e2a02ce227eL,0xe7af17974ab27ecaL,
-        0x245446debd444f39L },
-      { 0x59e22a2156c07613L,0x43deafcef4275498L,0x10834ccb67fd0946L,
-        0xa75841e547406edfL } },
-    /* 48 << 196 */
-    { { 0xebd6a6777b0ac93dL,0xa6e37b0d78f5e0d7L,0x2516c09676f5492bL,
-        0x1e4bf8889ac05f3aL },
-      { 0xcdb42ce04df0ba2bL,0x935d5cfd5062341bL,0x8a30333382acac20L,
-        0x429438c45198b00eL } },
-    /* 49 << 196 */
-    { { 0x1d083bc9049d33faL,0x58b82dda946f67ffL,0xac3e2db867a1d6a3L,
-        0x62e6bead1798aac8L },
-      { 0xfc85980fde46c58cL,0xa7f6937969c8d7beL,0x23557927837b35ecL,
-        0x06a933d8e0790c0cL } },
-    /* 50 << 196 */
-    { { 0x827c0e9b077ff55dL,0x53977798bb26e680L,0x595308741d9cb54fL,
-        0xcca3f4494aac53efL },
-      { 0x11dc5c87a07eda0fL,0xc138bccffd6400c8L,0x549680d313e5da72L,
-        0xc93eed824540617eL } },
-    /* 51 << 196 */
-    { { 0xfd3db1574d0b75c0L,0x9716eb426386075bL,0x0639605c817b2c16L,
-        0x09915109f1e4f201L },
-      { 0x35c9a9285cca6c3bL,0xb25f7d1a3505c900L,0xeb9f7d20630480c4L,
-        0xc3c7b8c62a1a501cL } },
-    /* 52 << 196 */
-    { { 0x3f99183c5a1f8e24L,0xfdb118fa9dd255f0L,0xb9b18b90c27f62a6L,
-        0xe8f732f7396ec191L },
-      { 0x524a2d910be786abL,0x5d32adef0ac5a0f5L,0x9b53d4d69725f694L,
-        0x032a76c60510ba89L } },
-    /* 53 << 196 */
-    { { 0x840391a3ebeb1544L,0x44b7b88c3ed73ac3L,0xd24bae7a256cb8b3L,
-        0x7ceb151ae394cb12L },
-      { 0xbd6b66d05bc1e6a8L,0xec70cecb090f07bfL,0x270644ed7d937589L,
-        0xee9e1a3d5f1dccfeL } },
-    /* 54 << 196 */
-    { { 0xb0d40a84745b98d2L,0xda429a212556ed40L,0xf676eced85148cb9L,
-        0x5a22d40cded18936L },
-      { 0x3bc4b9e570e8a4ceL,0xbfd1445b9eae0379L,0xf23f2c0c1a0bd47eL,
-        0xa9c0bb31e1845531L } },
-    /* 55 << 196 */
-    { { 0x9ddc4d600a4c3f6bL,0xbdfaad792c15ef44L,0xce55a2367f484accL,
-        0x08653ca7055b1f15L },
-      { 0x2efa8724538873a3L,0x09299e5dace1c7e7L,0x07afab66ade332baL,
-        0x9be1fdf692dd71b7L } },
-    /* 56 << 196 */
-    { { 0xa49b5d595758b11cL,0x0b852893c8654f40L,0xb63ef6f452379447L,
-        0xd4957d29105e690cL },
-      { 0x7d484363646559b0L,0xf4a8273c49788a8eL,0xee406cb834ce54a9L,
-        0x1e1c260ff86fda9bL } },
-    /* 57 << 196 */
-    { { 0xe150e228cf6a4a81L,0x1fa3b6a31b488772L,0x1e6ff110c5a9c15bL,
-        0xc6133b918ad6aa47L },
-      { 0x8ac5d55c9dffa978L,0xba1d1c1d5f3965f2L,0xf969f4e07732b52fL,
-        0xfceecdb5a5172a07L } },
-    /* 58 << 196 */
-    { { 0xb0120a5f10f2b8f5L,0xc83a6cdf5c4c2f63L,0x4d47a491f8f9c213L,
-        0xd9e1cce5d3f1bbd5L },
-      { 0x0d91bc7caba7e372L,0xfcdc74c8dfd1a2dbL,0x05efa800374618e5L,
-        0x1121696915a7925eL } },
-    /* 59 << 196 */
-    { { 0xd4c89823f6021c5dL,0x880d5e84eff14423L,0x6523bc5a6dcd1396L,
-        0xd1acfdfc113c978bL },
-      { 0xb0c164e8bbb66840L,0xf7f4301e72b58459L,0xc29ad4a6a638e8ecL,
-        0xf5ab896146b78699L } },
-    /* 60 << 196 */
-    { { 0x9dbd79740e954750L,0x0121de8864f9d2c6L,0x2e597b42d985232eL,
-        0x55b6c3c553451777L },
-      { 0xbb53e547519cb9fbL,0xf134019f8428600dL,0x5a473176e081791aL,
-        0x2f3e226335fb0c08L } },
-    /* 61 << 196 */
-    { { 0xb28c301773d273b0L,0xccd210767721ef9aL,0x054cc292b650dc39L,
-        0x662246de6188045eL },
-      { 0x904b52fa6b83c0d1L,0xa72df26797e9cd46L,0x886b43cd899725e4L,
-        0x2b651688d849ff22L } },
-    /* 62 << 196 */
-    { { 0x60479b7902f34533L,0x5e354c140c77c148L,0xb4bb7581a8537c78L,
-        0x188043d7efe1495fL },
-      { 0x9ba12f428c1d5026L,0x2e0c8a2693d4aaabL,0xbdba7b8baa57c450L,
-        0x140c9ad69bbdafefL } },
-    /* 63 << 196 */
-    { { 0x2067aa4225ac0f18L,0xf7b1295b04d1fbf3L,0x14829111a4b04824L,
-        0x2ce3f19233bd5e91L },
-      { 0x9c7a1d558f2e1b72L,0xfe932286302aa243L,0x497ca7b4d4be9554L,
-        0xb8e821b8e0547a6eL } },
-    /* 64 << 196 */
-    { { 0xfb2838be67e573e0L,0x05891db94084c44bL,0x9131137396c1c2c5L,
-        0x6aebfa3fd958444bL },
-      { 0xac9cdce9e56e55c1L,0x7148ced32caa46d0L,0x2e10c7efb61fe8ebL,
-        0x9fd835daff97cf4dL } },
-    /* 0 << 203 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 203 */
-    { { 0xa36da109081e9387L,0xfb9780d78c935828L,0xd5940332e540b015L,
-        0xc9d7b51be0f466faL },
-      { 0xfaadcd41d6d9f671L,0xba6c1e28b1a2ac17L,0x066a7833ed201e5fL,
-        0x19d99719f90f462bL } },
-    /* 2 << 203 */
-    { { 0xf431f462060b5f61L,0xa56f46b47bd057c2L,0x348dca6c47e1bf65L,
-        0x9a38783e41bcf1ffL },
-      { 0x7a5d33a9da710718L,0x5a7799872e0aeaf6L,0xca87314d2d29d187L,
-        0xfa0edc3ec687d733L } },
-    /* 3 << 203 */
-    { { 0x9df336216a31e09bL,0xde89e44dc1350e35L,0x292148714ca0cf52L,
-        0xdf3796720b88a538L },
-      { 0xc92a510a2591d61bL,0x79aa87d7585b447bL,0xf67db604e5287f77L,
-        0x1697c8bf5efe7a80L } },
-    /* 4 << 203 */
-    { { 0x1c894849cb198ac7L,0xa884a93d0f264665L,0x2da964ef9b200678L,
-        0x3c351b87009834e6L },
-      { 0xafb2ef9fe2c4b44bL,0x580f6c473326790cL,0xb84805210b02264aL,
-        0x8ba6f9e242a194e2L } },
-    /* 5 << 203 */
-    { { 0xfc87975f8fb54738L,0x3516078827c3ead3L,0x834116d2b74a085aL,
-        0x53c99a73a62fe996L },
-      { 0x87585be05b81c51bL,0x925bafa8be0852b7L,0x76a4fafda84d19a7L,
-        0x39a45982585206d4L } },
-    /* 6 << 203 */
-    { { 0x499b6ab65eb03c0eL,0xf19b795472bc3fdeL,0xa86b5b9c6e3a80d2L,
-        0xe43775086d42819fL },
-      { 0xc1663650bb3ee8a3L,0x75eb14fcb132075fL,0xa8ccc9067ad834f6L,
-        0xea6a2474e6e92ffdL } },
-    /* 7 << 203 */
-    { { 0x9d72fd950f8d6758L,0xcb84e101408c07ddL,0xb9114bfda5e23221L,
-        0x358b5fe2e94e742cL },
-      { 0x1c0577ec95f40e75L,0xf01554513d73f3d6L,0x9d55cd67bd1b9b66L,
-        0x63e86e78af8d63c7L } },
-    /* 8 << 203 */
-    { { 0x39d934abd3c095f1L,0x04b261bee4b76d71L,0x1d2e6970e73e6984L,
-        0x879fb23b5e5fcb11L },
-      { 0x11506c72dfd75490L,0x3a97d08561bcf1c1L,0x43201d82bf5e7007L,
-        0x7f0ac52f798232a7L } },
-    /* 9 << 203 */
-    { { 0x2715cbc46eb564d4L,0x8d6c752c9e570e29L,0xf80247c89ef5fd5dL,
-        0xc3c66b46d53eb514L },
-      { 0x9666b4010f87de56L,0xce62c06fc6c603b5L,0xae7b4c607e4fc942L,
-        0x38ac0b77663a9c19L } },
-    /* 10 << 203 */
-    { { 0xcb4d20ee4b049136L,0x8b63bf12356a4613L,0x1221aef670e08128L,
-        0xe62d8c514acb6b16L },
-      { 0x71f64a67379e7896L,0xb25237a2cafd7fa5L,0xf077bd983841ba6aL,
-        0xc4ac02443cd16e7eL } },
-    /* 11 << 203 */
-    { { 0x548ba86921fea4caL,0xd36d0817f3dfdac1L,0x09d8d71ff4685fafL,
-        0x8eff66bec52c459aL },
-      { 0x182faee70b57235eL,0xee3c39b10106712bL,0x5107331fc0fcdcb0L,
-        0x669fb9dca51054baL } },
-    /* 12 << 203 */
-    { { 0xb25101fb319d7682L,0xb02931290a982feeL,0x51c1c9b90261b344L,
-        0x0e008c5bbfd371faL },
-      { 0xd866dd1c0278ca33L,0x666f76a6e5aa53b1L,0xe5cfb7796013a2cfL,
-        0x1d3a1aada3521836L } },
-    /* 13 << 203 */
-    { { 0xcedd253173faa485L,0xc8ee6c4fc0a76878L,0xddbccfc92a11667dL,
-        0x1a418ea91c2f695aL },
-      { 0xdb11bd9251f73971L,0x3e4b3c82da2ed89fL,0x9a44f3f4e73e0319L,
-        0xd1e3de0f303431afL } },
-    /* 14 << 203 */
-    { { 0x3c5604ff50f75f9cL,0x1d8eddf37e752b22L,0x0ef074dd3c9a1118L,
-        0xd0ffc172ccb86d7bL },
-      { 0xabd1ece3037d90f2L,0xe3f307d66055856cL,0x422f93287e4c6dafL,
-        0x902aac66334879a0L } },
-    /* 15 << 203 */
-    { { 0xb6a1e7bf94cdfadeL,0x6c97e1ed7fc6d634L,0x662ad24da2fb63f8L,
-        0xf81be1b9a5928405L },
-      { 0x86d765e4d14b4206L,0xbecc2e0e8fa0db65L,0xa28838e0b17fc76cL,
-        0xe49a602ae37cf24eL } },
-    /* 16 << 203 */
-    { { 0x76b4131a567193ecL,0xaf3c305ae5f6e70bL,0x9587bd39031eebddL,
-        0x5709def871bbe831L },
-      { 0x570599830eb2b669L,0x4d80ce1b875b7029L,0x838a7da80364ac16L,
-        0x2f431d23be1c83abL } },
-    /* 17 << 203 */
-    { { 0xe56812a6f9294dd3L,0xb448d01f9b4b0d77L,0xf3ae606104e8305cL,
-        0x2bead64594d8c63eL },
-      { 0x0a85434d84fd8b07L,0x537b983ff7a9dee5L,0xedcc5f18ef55bd85L,
-        0x2041af6221c6cf8bL } },
-    /* 18 << 203 */
-    { { 0x8e52874cb940c71eL,0x211935a9db5f4b3aL,0x94350492301b1dc3L,
-        0x33d2646d29958620L },
-      { 0x16b0d64bef911404L,0x9d1f25ea9a3c5ef4L,0x20f200eb4a352c78L,
-        0x43929f2c4bd0b428L } },
-    /* 19 << 203 */
-    { { 0xa5656667c7196e29L,0x7992c2f09391be48L,0xaaa97cbd9ee0cd6eL,
-        0x51b0310c3dc8c9bfL },
-      { 0x237f8acfdd9f22cbL,0xbb1d81a1b585d584L,0x8d5d85f58c416388L,
-        0x0d6e5a5a42fe474fL } },
-    /* 20 << 203 */
-    { { 0xe781276638235d4eL,0x1c62bd67496e3298L,0x8378660c3f175bc8L,
-        0x4d04e18917afdd4dL },
-      { 0x32a8160185a8068cL,0xdb58e4e192b29a85L,0xe8a65b86c70d8a3bL,
-        0x5f0e6f4e98a0403bL } },
-    /* 21 << 203 */
-    { { 0x0812968469ed2370L,0x34dc30bd0871ee26L,0x3a5ce9487c9c5b05L,
-        0x7d487b8043a90c87L },
-      { 0x4089ba37dd0e7179L,0x45f80191b4041811L,0x1c3e105898747ba5L,
-        0x98c4e13a6e1ae592L } },
-    /* 22 << 203 */
-    { { 0xd44636e6e82c9f9eL,0x711db87cc33a1043L,0x6f431263aa8aec05L,
-        0x43ff120d2744a4aaL },
-      { 0xd3bd892fae77779bL,0xf0fe0cc98cdc9f82L,0xca5f7fe6f1c5b1bcL,
-        0xcc63a68244929a72L } },
-    /* 23 << 203 */
-    { { 0xc7eaba0c09dbe19aL,0x2f3585ad6b5c73c2L,0x8ab8924b0ae50c30L,
-        0x17fcd27a638b30baL },
-      { 0xaf414d3410b3d5a5L,0x09c107d22a9accf1L,0x15dac49f946a6242L,
-        0xaec3df2ad707d642L } },
-    /* 24 << 203 */
-    { { 0x2c2492b73f894ae0L,0xf59df3e5b75f18ceL,0x7cb740d28f53cad0L,
-        0x3eb585fbc4f01294L },
-      { 0x17da0c8632c7f717L,0xeb8c795baf943f4cL,0x4ee23fb5f67c51d2L,
-        0xef18757568889949L } },
-    /* 25 << 203 */
-    { { 0xa6b4bdb20389168bL,0xc4ecd258ea577d03L,0x3a63782b55743082L,
-        0x6f678f4cc72f08cdL },
-      { 0x553511cf65e58dd8L,0xd53b4e3ed402c0cdL,0x37de3e29a037c14cL,
-        0x86b6c516c05712aaL } },
-    /* 26 << 203 */
-    { { 0x2834da3eb38dff6fL,0xbe012c52ea636be8L,0x292d238c61dd37f8L,
-        0x0e54523f8f8142dbL },
-      { 0xe31eb436036a05d8L,0x83e3cdff1e93c0ffL,0x3fd2fe0f50821ddfL,
-        0xc8e19b0dff9eb33bL } },
-    /* 27 << 203 */
-    { { 0xc8cc943fb569a5feL,0xad0090d4d4342d75L,0x82090b4bcaeca000L,
-        0xca39687f1bd410ebL },
-      { 0xe7bb0df765959d77L,0x39d782189c964999L,0xd87f62e8b2415451L,
-        0xe5efb774bed76108L } },
-    /* 28 << 203 */
-    { { 0x3ea011a4e822f0d0L,0xbc647ad15a8704f8L,0xbb315b3550c6820fL,
-        0x863dec3db7e76becL },
-      { 0x01ff5d3af017bfc7L,0x20054439976b8229L,0x067fca370bbd0d3bL,
-        0xf63dde647f5e3d0fL } },
-    /* 29 << 203 */
-    { { 0x22dbefb32a4c94e9L,0xafbff0fe96f8278aL,0x80aea0b13503793dL,
-        0xb22380295f06cd29L },
-      { 0x65703e578ec3fecaL,0x06c38314393e7053L,0xa0b751eb7c6734c4L,
-        0xd2e8a435c59f0f1eL } },
-    /* 30 << 203 */
-    { { 0x147d90525e9ca895L,0x2f4dd31e972072dfL,0xa16fda8ee6c6755cL,
-        0xc66826ffcf196558L },
-      { 0x1f1a76a30cf43895L,0xa9d604e083c3097bL,0xe190830966390e0eL,
-        0xa50bf753b3c85effL } },
-    /* 31 << 203 */
-    { { 0x0696bddef6a70251L,0x548b801b3c6ab16aL,0x37fcf704a4d08762L,
-        0x090b3defdff76c4eL },
-      { 0x87e8cb8969cb9158L,0x44a90744995ece43L,0xf85395f40ad9fbf5L,
-        0x49b0f6c54fb0c82dL } },
-    /* 32 << 203 */
-    { { 0x75d9bc15adf7cccfL,0x81a3e5d6dfa1e1b0L,0x8c39e444249bc17eL,
-        0xf37dccb28ea7fd43L },
-      { 0xda654873907fba12L,0x35daa6da4a372904L,0x0564cfc66283a6c5L,
-        0xd09fa4f64a9395bfL } },
-    /* 33 << 203 */
-    { { 0x688e9ec9aeb19a36L,0xd913f1cec7bfbfb4L,0x797b9a3c61c2faa6L,
-        0x2f979bec6a0a9c12L },
-      { 0xb5969d0f359679ecL,0xebcf523d079b0460L,0xfd6b000810fab870L,
-        0x3f2edcda9373a39cL } },
-    /* 34 << 203 */
-    { { 0x0d64f9a76f568431L,0xf848c27c02f8898cL,0xf418ade1260b5bd5L,
-        0xc1f3e3236973dee8L },
-      { 0x46e9319c26c185ddL,0x6d85b7d8546f0ac4L,0x427965f2247f9d57L,
-        0xb519b636b0035f48L } },
-    /* 35 << 203 */
-    { { 0x6b6163a9ab87d59cL,0xff9f58c339caaa11L,0x4ac39cde3177387bL,
-        0x5f6557c2873e77f9L },
-      { 0x6750400636a83041L,0x9b1c96ca75ef196cL,0xf34283deb08c7940L,
-        0x7ea096441128c316L } },
-    /* 36 << 203 */
-    { { 0xb510b3b56aa39dffL,0x59b43da29f8e4d8cL,0xa8ce31fd9e4c4b9fL,
-        0x0e20be26c1303c01L },
-      { 0x18187182e8ee47c9L,0xd9687cdb7db98101L,0x7a520e4da1e14ff6L,
-        0x429808ba8836d572L } },
-    /* 37 << 203 */
-    { { 0xa37ca60d4944b663L,0xf901f7a9a3f91ae5L,0xe4e3e76e9e36e3b1L,
-        0x9aa219cf29d93250L },
-      { 0x347fe275056a2512L,0xa4d643d9de65d95cL,0x9669d396699fc3edL,
-        0xb598dee2cf8c6bbeL } },
-    /* 38 << 203 */
-    { { 0x682ac1e5dda9e5c6L,0x4e0d3c72caa9fc95L,0x17faaade772bea44L,
-        0x5ef8428cab0009c8L },
-      { 0xcc4ce47a460ff016L,0xda6d12bf725281cbL,0x44c678480223aad2L,
-        0x6e342afa36256e28L } },
-    /* 39 << 203 */
-    { { 0x1400bb0b93a37c04L,0x62b1bc9bdd10bd96L,0x7251adeb0dac46b7L,
-        0x7d33b92e7be4ef51L },
-      { 0x28b2a94be61fa29aL,0x4b2be13f06422233L,0x36d6d062330d8d37L,
-        0x5ef80e1eb28ca005L } },
-    /* 40 << 203 */
-    { { 0x174d46996d16768eL,0x9fc4ff6a628bf217L,0x77705a94154e490dL,
-        0x9d96dd288d2d997aL },
-      { 0x77e2d9d8ce5d72c4L,0x9d06c5a4c11c714fL,0x02aa513679e4a03eL,
-        0x1386b3c2030ff28bL } },
-    /* 41 << 203 */
-    { { 0xfe82e8a6fb283f61L,0x7df203e5f3abc3fbL,0xeec7c3513a4d3622L,
-        0xf7d17dbfdf762761L },
-      { 0xc3956e44522055f0L,0xde3012db8fa748dbL,0xca9fcb63bf1dcc14L,
-        0xa56d9dcfbe4e2f3aL } },
-    /* 42 << 203 */
-    { { 0xb86186b68bcec9c2L,0x7cf24df9680b9f06L,0xc46b45eac0d29281L,
-        0xfff42bc507b10e12L },
-      { 0x12263c404d289427L,0x3d5f1899b4848ec4L,0x11f97010d040800cL,
-        0xb4c5f529300feb20L } },
-    /* 43 << 203 */
-    { { 0xcc543f8fde94fdcbL,0xe96af739c7c2f05eL,0xaa5e0036882692e1L,
-        0x09c75b68950d4ae9L },
-      { 0x62f63df2b5932a7aL,0x2658252ede0979adL,0x2a19343fb5e69631L,
-        0x718c7501525b666bL } },
-    /* 44 << 203 */
-    { { 0x26a42d69ea40dc3aL,0xdc84ad22aecc018fL,0x25c36c7b3270f04aL,
-        0x46ba6d4750fa72edL },
-      { 0x6c37d1c593e58a8eL,0xa2394731120c088cL,0xc3be4263cb6e86daL,
-        0x2c417d367126d038L } },
-    /* 45 << 203 */
-    { { 0x5b70f9c58b6f8efaL,0x671a2faa37718536L,0xd3ced3c6b539c92bL,
-        0xe56f1bd9a31203c2L },
-      { 0x8b096ec49ff3c8ebL,0x2deae43243491ceaL,0x2465c6eb17943794L,
-        0x5d267e6620586843L } },
-    /* 46 << 203 */
-    { { 0x9d3d116db07159d0L,0xae07a67fc1896210L,0x8fc84d87bb961579L,
-        0x30009e491c1f8dd6L },
-      { 0x8a8caf22e3132819L,0xcffa197cf23ab4ffL,0x58103a44205dd687L,
-        0x57b796c30ded67a2L } },
-    /* 47 << 203 */
-    { { 0x0b9c3a6ca1779ad7L,0xa33cfe2e357c09c5L,0x2ea293153db4a57eL,
-        0x919596958ebeb52eL },
-      { 0x118db9a6e546c879L,0x8e996df46295c8d6L,0xdd99048455ec806bL,
-        0x24f291ca165c1035L } },
-    /* 48 << 203 */
-    { { 0xcca523bb440e2229L,0x324673a273ef4d04L,0xaf3adf343e11ec39L,
-        0x6136d7f1dc5968d3L },
-      { 0x7a7b2899b053a927L,0x3eaa2661ae067ecdL,0x8549b9c802779cd9L,
-        0x061d7940c53385eaL } },
-    /* 49 << 203 */
-    { { 0x3e0ba883f06d18bdL,0x4ba6de53b2700843L,0xb966b668591a9e4dL,
-        0x93f675677f4fa0edL },
-      { 0x5a02711b4347237bL,0xbc041e2fe794608eL,0x55af10f570f73d8cL,
-        0xd2d4d4f7bb7564f7L } },
-    /* 50 << 203 */
-    { { 0xd7d27a89b3e93ce7L,0xf7b5a8755d3a2c1bL,0xb29e68a0255b218aL,
-        0xb533837e8af76754L },
-      { 0xd1b05a73579fab2eL,0xb41055a1ecd74385L,0xb2369274445e9115L,
-        0x2972a7c4f520274eL } },
-    /* 51 << 203 */
-    { { 0x6c08334ef678e68aL,0x4e4160f099b057edL,0x3cfe11b852ccb69aL,
-        0x2fd1823a21c8f772L },
-      { 0xdf7f072f3298f055L,0x8c0566f9fec74a6eL,0xe549e0195bb4d041L,
-        0x7c3930ba9208d850L } },
-    /* 52 << 203 */
-    { { 0xe07141fcaaa2902bL,0x539ad799e4f69ad3L,0xa6453f94813f9ffdL,
-        0xc58d3c48375bc2f7L },
-      { 0xb3326fad5dc64e96L,0x3aafcaa9b240e354L,0x1d1b0903aca1e7a9L,
-        0x4ceb97671211b8a0L } },
-    /* 53 << 203 */
-    { { 0xeca83e49e32a858eL,0x4c32892eae907badL,0xd5b42ab62eb9b494L,
-        0x7fde3ee21eabae1bL },
-      { 0x13b5ab09caf54957L,0xbfb028bee5f5d5d5L,0x928a06502003e2c0L,
-        0x90793aac67476843L } },
-    /* 54 << 203 */
-    { { 0x5e942e79c81710a0L,0x557e4a3627ccadd4L,0x72a2bc564bcf6d0cL,
-        0x09ee5f4326d7b80cL },
-      { 0x6b70dbe9d4292f19L,0x56f74c2663f16b18L,0xc23db0f735fbb42aL,
-        0xb606bdf66ae10040L } },
-    /* 55 << 203 */
-    { { 0x1eb15d4d044573acL,0x7dc3cf86556b0ba4L,0x97af9a33c60df6f7L,
-        0x0b1ef85ca716ce8cL },
-      { 0x2922f884c96958beL,0x7c32fa9435690963L,0x2d7f667ceaa00061L,
-        0xeaaf7c173547365cL } },
-    /* 56 << 203 */
-    { { 0x1eb4de4687032d58L,0xc54f3d835e2c79e0L,0x07818df45d04ef23L,
-        0x55faa9c8673d41b4L },
-      { 0xced64f6f89b95355L,0x4860d2eab7415c84L,0x5fdb9bd2050ebad3L,
-        0xdb53e0cc6685a5bfL } },
-    /* 57 << 203 */
-    { { 0xb830c0319feb6593L,0xdd87f3106accff17L,0x2303ebab9f555c10L,
-        0x94603695287e7065L },
-      { 0xf88311c32e83358cL,0x508dd9b4eefb0178L,0x7ca237062dba8652L,
-        0x62aac5a30047abe5L } },
-    /* 58 << 203 */
-    { { 0x9a61d2a08b1ea7b3L,0xd495ab63ae8b1485L,0x38740f8487052f99L,
-        0x178ebe5bb2974eeaL },
-      { 0x030bbcca5b36d17fL,0xb5e4cce3aaf86eeaL,0xb51a022068f8e9e0L,
-        0xa434879609eb3e75L } },
-    /* 59 << 203 */
-    { { 0xbe592309eef1a752L,0x5d7162d76f2aa1edL,0xaebfb5ed0f007dd2L,
-        0x255e14b2c89edd22L },
-      { 0xba85e0720303b697L,0xc5d17e25f05720ffL,0x02b58d6e5128ebb6L,
-        0x2c80242dd754e113L } },
-    /* 60 << 203 */
-    { { 0x919fca5fabfae1caL,0x937afaac1a21459bL,0x9e0ca91c1f66a4d2L,
-        0x194cc7f323ec1331L },
-      { 0xad25143a8aa11690L,0xbe40ad8d09b59e08L,0x37d60d9be750860aL,
-        0x6c53b008c6bf434cL } },
-    /* 61 << 203 */
-    { { 0xb572415d1356eb80L,0xb8bf9da39578ded8L,0x22658e365e8fb38bL,
-        0x9b70ce225af8cb22L },
-      { 0x7c00018a829a8180L,0x84329f93b81ed295L,0x7c343ea25f3cea83L,
-        0x38f8655f67586536L } },
-    /* 62 << 203 */
-    { { 0xa661a0d01d3ec517L,0x98744652512321aeL,0x084ca591eca92598L,
-        0xa9bb9dc91dcb3febL },
-      { 0x14c5435578b4c240L,0x5ed62a3b610cafdcL,0x07512f371b38846bL,
-        0x571bb70ab0e38161L } },
-    /* 63 << 203 */
-    { { 0xb556b95b2da705d2L,0x3ef8ada6b1a08f98L,0x85302ca7ddecfbe5L,
-        0x0e530573943105cdL },
-      { 0x60554d5521a9255dL,0x63a32fa1f2f3802aL,0x35c8c5b0cd477875L,
-        0x97f458ea6ad42da1L } },
-    /* 64 << 203 */
-    { { 0x832d7080eb6b242dL,0xd30bd0233b71e246L,0x7027991bbe31139dL,
-        0x68797e91462e4e53L },
-      { 0x423fe20a6b4e185aL,0x82f2c67e42d9b707L,0x25c817684cf7811bL,
-        0xbd53005e045bb95dL } },
-    /* 0 << 210 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 210 */
-    { { 0xe5f649be9d8e68fdL,0xdb0f05331b044320L,0xf6fde9b3e0c33398L,
-        0x92f4209b66c8cfaeL },
-      { 0xe9d1afcc1a739d4bL,0x09aea75fa28ab8deL,0x14375fb5eac6f1d0L,
-        0x6420b560708f7aa5L } },
-    /* 2 << 210 */
-    { { 0x9eae499c6254dc41L,0x7e2939247a837e7eL,0x74aec08c090524a7L,
-        0xf82b92198d6f55f2L },
-      { 0x493c962e1402cec5L,0x9f17ca17fa2f30e7L,0xbcd783e8e9b879cbL,
-        0xea3d8c145a6f145fL } },
-    /* 3 << 210 */
-    { { 0xdede15e75e0dee6eL,0x74f24872dc628aa2L,0xd3e9c4fe7861bb93L,
-        0x56d4822a6187b2e0L },
-      { 0xb66417cfc59826f9L,0xca2609692408169eL,0xedf69d06c79ef885L,
-        0x00031f8adc7d138fL } },
-    /* 4 << 210 */
-    { { 0x103c46e60ebcf726L,0x4482b8316231470eL,0x6f6dfaca487c2109L,
-        0x2e0ace9762e666efL },
-      { 0x3246a9d31f8d1f42L,0x1b1e83f1574944d2L,0x13dfa63aa57f334bL,
-        0x0cf8daed9f025d81L } },
-    /* 5 << 210 */
-    { { 0x30d78ea800ee11c1L,0xeb053cd4b5e3dd75L,0x9b65b13ed58c43c5L,
-        0xc3ad49bdbd151663L },
-      { 0x99fd8e41b6427990L,0x12cf15bd707eae1eL,0x29ad4f1b1aabb71eL,
-        0x5143e74d07545d0eL } },
-    /* 6 << 210 */
-    { { 0x30266336c88bdee1L,0x25f293065876767cL,0x9c078571c6731996L,
-        0xc88690b2ed552951L },
-      { 0x274f2c2d852705b4L,0xb0bf8d444e09552dL,0x7628beeb986575d1L,
-        0x407be2387f864651L } },
-    /* 7 << 210 */
-    { { 0x0e5e3049a639fc6bL,0xe75c35d986003625L,0x0cf35bd85dcc1646L,
-        0x8bcaced26c26273aL },
-      { 0xe22ecf1db5536742L,0x013dd8971a9e068bL,0x17f411cb8a7909c5L,
-        0x5757ac98861dd506L } },
-    /* 8 << 210 */
-    { { 0x85de1f0d1e935abbL,0xdefd10b4154de37aL,0xb8d9e392369cebb5L,
-        0x54d5ef9b761324beL },
-      { 0x4d6341ba74f17e26L,0xc0a0e3c878c1dde4L,0xa6d7758187d918fdL,
-        0x6687601502ca3a13L } },
-    /* 9 << 210 */
-    { { 0xc7313e9cf36658f0L,0xc433ef1c71f8057eL,0x853262461b6a835aL,
-        0xc8f053987c86394cL },
-      { 0xff398cdfe983c4a1L,0xbf5e816203b7b931L,0x93193c46b7b9045bL,
-        0x1e4ebf5da4a6e46bL } },
-    /* 10 << 210 */
-    { { 0xf9942a6043a24fe7L,0x29c1191effb3492bL,0x9f662449902fde05L,
-        0xc792a7ac6713c32dL },
-      { 0x2fd88ad8b737982cL,0x7e3a0319a21e60e3L,0x09b0de447383591aL,
-        0x6df141ee8310a456L } },
-    /* 11 << 210 */
-    { { 0xaec1a039e6d6f471L,0x14b2ba0f1198d12eL,0xebc1a1603aeee5acL,
-        0x401f4836e0b964ceL },
-      { 0x2ee437964fd03f66L,0x3fdb4e49dd8f3f12L,0x6ef267f629380f18L,
-        0x3e8e96708da64d16L } },
-    /* 12 << 210 */
-    { { 0xbc19180c207674f1L,0x112e09a733ae8fdbL,0x996675546aaeb71eL,
-        0x79432af1e101b1c7L },
-      { 0xd5eb558fde2ddec6L,0x81392d1f5357753fL,0xa7a76b973ae1158aL,
-        0x416fbbff4a899991L } },
-    /* 13 << 210 */
-    { { 0x9e65fdfd0d4a9dcfL,0x7bc29e48944ddf12L,0xbc1a92d93c856866L,
-        0x273c69056e98dfe2L },
-      { 0x69fce418cdfaa6b8L,0x606bd8235061c69fL,0x42d495a06af75e27L,
-        0x8ed3d5056d873a1fL } },
-    /* 14 << 210 */
-    { { 0xaf5528416ab25b6aL,0xc6c0ffc72b1a4523L,0xab18827b21c99e03L,
-        0x060e86489034691bL },
-      { 0x5207f90f93c7f398L,0x9f4a96cb82f8d10bL,0xdd71cd793ad0f9e3L,
-        0x84f435d2fc3a54f5L } },
-    /* 15 << 210 */
-    { { 0x4b03c55b8e33787fL,0xef42f975a6384673L,0xff7304f75051b9f0L,
-        0x18aca1dc741c87c2L },
-      { 0x56f120a72d4bfe80L,0xfd823b3d053e732cL,0x11bccfe47537ca16L,
-        0xdf6c9c741b5a996bL } },
-    /* 16 << 210 */
-    { { 0xee7332c7904fc3faL,0x14a23f45c7e3636aL,0xc38659c3f091d9aaL,
-        0x4a995e5db12d8540L },
-      { 0x20a53becf3a5598aL,0x56534b17b1eaa995L,0x9ed3dca4bf04e03cL,
-        0x716c563ad8d56268L } },
-    /* 17 << 210 */
-    { { 0x27ba77a41d6178e7L,0xe4c80c4068a1ff8eL,0x750110990a13f63dL,
-        0x7bf33521a61d46f3L },
-      { 0x0aff218e10b365bbL,0x810218040fd7ea75L,0x05a3fd8aa4b3a925L,
-        0xb829e75f9b3db4e6L } },
-    /* 18 << 210 */
-    { { 0x6bdc75a54d53e5fbL,0x04a5dc02d52717e3L,0x86af502fe9a42ec2L,
-        0x8867e8fb2630e382L },
-      { 0xbf845c6ebec9889bL,0x54f491f2cb47c98dL,0xa3091fba790c2a12L,
-        0xd7f6fd78c20f708bL } },
-    /* 19 << 210 */
-    { { 0xa569ac30acde5e17L,0xd0f996d06852b4d7L,0xe51d4bb54609ae54L,
-        0x3fa37d170daed061L },
-      { 0x62a8868434b8fb41L,0x99a2acbd9efb64f1L,0xb75c1a5e6448e1f2L,
-        0xfa99951a42b5a069L } },
-    /* 20 << 210 */
-    { { 0x6d956e892f3b26e7L,0xf4709860da875247L,0x3ad151792482dda3L,
-        0xd64110e3017d82f0L },
-      { 0x14928d2cfad414e4L,0x2b155f582ed02b24L,0x481a141bcb821bf1L,
-        0x12e3c7704f81f5daL } },
-    /* 21 << 210 */
-    { { 0xe49c5de59fff8381L,0x110532325bbec894L,0xa0d051cc454d88c4L,
-        0x4f6db89c1f8e531bL },
-      { 0x34fe3fd6ca563a44L,0x7f5c221558da8ab9L,0x8445016d9474f0a1L,
-        0x17d34d61cb7d8a0aL } },
-    /* 22 << 210 */
-    { { 0x8e9d39101c474019L,0xcaff2629d52ceefbL,0xf9cf3e32c1622c2bL,
-        0xd4b95e3ce9071a05L },
-      { 0xfbbca61f1594438cL,0x1eb6e6a604aadedfL,0x853027f468e14940L,
-        0x221d322adfabda9cL } },
-    /* 23 << 210 */
-    { { 0xed8ea9f6b7cb179aL,0xdc7b764db7934dccL,0xfcb139405e09180dL,
-        0x6629a6bfb47dc2ddL },
-      { 0xbfc55e4e9f5a915eL,0xb1db9d376204441eL,0xf82d68cf930c5f53L,
-        0x17d3a142cbb605b1L } },
-    /* 24 << 210 */
-    { { 0xdd5944ea308780f2L,0xdc8de7613845f5e4L,0x6beaba7d7624d7a3L,
-        0x1e709afd304df11eL },
-      { 0x9536437602170456L,0xbf204b3ac8f94b64L,0x4e53af7c5680ca68L,
-        0x0526074ae0c67574L } },
-    /* 25 << 210 */
-    { { 0x95d8cef8ecd92af6L,0xe6b9fa7a6cd1745aL,0x3d546d3da325c3e4L,
-        0x1f57691d9ae93aaeL },
-      { 0xe891f3fe9d2e1a33L,0xd430093fac063d35L,0xeda59b125513a327L,
-        0xdc2134f35536f18fL } },
-    /* 26 << 210 */
-    { { 0xaa51fe2c5c210286L,0x3f68aaee1cab658cL,0x5a23a00bf9357292L,
-        0x9a626f397efdabedL },
-      { 0xfe2b3bf3199d78e3L,0xb7a2af7771bbc345L,0x3d19827a1e59802cL,
-        0x823bbc15b487a51cL } },
-    /* 27 << 210 */
-    { { 0x856139f299d0a422L,0x9ac3df65f456c6fbL,0xaddf65c6701f8bd6L,
-        0x149f321e3758df87L },
-      { 0xb1ecf714721b7ebaL,0xe17df09831a3312aL,0xdb2fd6ecd5c4d581L,
-        0xfd02996f8fcea1b3L } },
-    /* 28 << 210 */
-    { { 0xe29fa63e7882f14fL,0xc9f6dc3507c6cadcL,0x46f22d6fb882bed0L,
-        0x1a45755bd118e52cL },
-      { 0x9f2c7c277c4608cfL,0x7ccbdf32568012c2L,0xfcb0aedd61729b0eL,
-        0x7ca2ca9ef7d75dbfL } },
-    /* 29 << 210 */
-    { { 0xf58fecb16f640f62L,0xe274b92b39f51946L,0x7f4dfc046288af44L,
-        0x0a91f32aeac329e5L },
-      { 0x43ad274bd6aaba31L,0x719a16400f6884f9L,0x685d29f6daf91e20L,
-        0x5ec1cc3327e49d52L } },
-    /* 30 << 210 */
-    { { 0x38f4de963b54a059L,0x0e0015e5efbcfdb3L,0x177d23d94dbb8da6L,
-        0x98724aa297a617adL },
-      { 0x30f0885bfdb6558eL,0xf9f7a28ac7899a96L,0xd2ae8ac8872dc112L,
-        0xfa0642ca73c3c459L } },
-    /* 31 << 210 */
-    { { 0x15296981e7dfc8d6L,0x67cd44501fb5b94aL,0x0ec71cf10eddfd37L,
-        0xc7e5eeb39a8eddc7L },
-      { 0x02ac8e3d81d95028L,0x0088f17270b0e35dL,0xec041fabe1881fe3L,
-        0x62cf71b8d99e7faaL } },
-    /* 32 << 210 */
-    { { 0x5043dea7e0f222c2L,0x309d42ac72e65142L,0x94fe9ddd9216cd30L,
-        0xd6539c7d0f87feecL },
-      { 0x03c5a57c432ac7d7L,0x72692cf0327fda10L,0xec28c85f280698deL,
-        0x2331fb467ec283b1L } },
-    /* 33 << 210 */
-    { { 0xd34bfa322867e633L,0x78709a820a9cc815L,0xb7fe6964875e2fa5L,
-        0x25cc064f9e98bfb5L },
-      { 0x9eb0151c493a65c5L,0x5fb5d94153182464L,0x69e6f130f04618e2L,
-        0xa8ecec22f89c8ab6L } },
-    /* 34 << 210 */
-    { { 0xcd6ac88bb96209bdL,0x65fa8cdbb3e1c9e0L,0xa47d22f54a8d8eacL,
-        0x83895cdf8d33f963L },
-      { 0xa8adca59b56cd3d1L,0x10c8350bdaf38232L,0x2b161fb3a5080a9fL,
-        0xbe7f5c643af65b3aL } },
-    /* 35 << 210 */
-    { { 0x2c75403997403a11L,0x94626cf7121b96afL,0x431de7c46a983ec2L,
-        0x3780dd3a52cc3df7L },
-      { 0xe28a0e462baf8e3bL,0xabe68aad51d299aeL,0x603eb8f9647a2408L,
-        0x14c61ed65c750981L } },
-    /* 36 << 210 */
-    { { 0x88b34414c53352e7L,0x5a34889c1337d46eL,0x612c1560f95f2bc8L,
-        0x8a3f8441d4807a3aL },
-      { 0x680d9e975224da68L,0x60cd6e88c3eb00e9L,0x3875a98e9a6bc375L,
-        0xdc80f9244fd554c2L } },
-    /* 37 << 210 */
-    { { 0x6c4b34156ac77407L,0xa1e5ea8f25420681L,0x541bfa144607a458L,
-        0x5dbc7e7a96d7fbf9L },
-      { 0x646a851b31590a47L,0x039e85ba15ee6df8L,0xd19fa231d7b43fc0L,
-        0x84bc8be8299a0e04L } },
-    /* 38 << 210 */
-    { { 0x2b9d2936f20df03aL,0x240543828608d472L,0x76b6ba049149202aL,
-        0xb21c38313670e7b7L },
-      { 0xddd93059d6fdee10L,0x9da47ad378488e71L,0x99cc1dfda0fcfb25L,
-        0x42abde1064696954L } },
-    /* 39 << 210 */
-    { { 0x14cc15fc17eab9feL,0xd6e863e4d3e70972L,0x29a7765c6432112cL,
-        0x886600015b0774d8L },
-      { 0x3729175a2c088eaeL,0x13afbcae8230b8d4L,0x44768151915f4379L,
-        0xf086431ad8d22812L } },
-    /* 40 << 210 */
-    { { 0x37461955c298b974L,0x905fb5f0f8711e04L,0x787abf3afe969d18L,
-        0x392167c26f6a494eL },
-      { 0xfc7a0d2d28c511daL,0xf127c7dcb66a262dL,0xf9c4bb95fd63fdf0L,
-        0x900165893913ef46L } },
-    /* 41 << 210 */
-    { { 0x74d2a73c11aa600dL,0x2f5379bd9fb5ab52L,0xe49e53a47fb70068L,
-        0x68dd39e5404aa9a7L },
-      { 0xb9b0cf572ecaa9c3L,0xba0e103be824826bL,0x60c2198b4631a3c4L,
-        0xc5ff84abfa8966a2L } },
-    /* 42 << 210 */
-    { { 0x2d6ebe22ac95aff8L,0x1c9bb6dbb5a46d09L,0x419062da53ee4f8dL,
-        0x7b9042d0bb97efefL },
-      { 0x0f87f080830cf6bdL,0x4861d19a6ec8a6c6L,0xd3a0daa1202f01aaL,
-        0xb0111674f25afbd5L } },
-    /* 43 << 210 */
-    { { 0x6d00d6cf1afb20d9L,0x1369500040671bc5L,0x913ab0dc2485ea9bL,
-        0x1f2bed069eef61acL },
-      { 0x850c82176d799e20L,0x93415f373271c2deL,0x5afb06e96c4f5910L,
-        0x688a52dfc4e9e421L } },
-    /* 44 << 210 */
-    { { 0x30495ba3e2a9a6dbL,0x4601303d58f9268bL,0xbe3b0dad7eb0f04fL,
-        0x4ea472504456936dL },
-      { 0x8caf8798d33fd3e7L,0x1ccd8a89eb433708L,0x9effe3e887fd50adL,
-        0xbe240a566b29c4dfL } },
-    /* 45 << 210 */
-    { { 0xec4ffd98ca0e7ebdL,0xf586783ae748616eL,0xa5b00d8fc77baa99L,
-        0x0acada29b4f34c9cL },
-      { 0x36dad67d0fe723acL,0x1d8e53a539c36c1eL,0xe4dd342d1f4bea41L,
-        0x64fd5e35ebc9e4e0L } },
-    /* 46 << 210 */
-    { { 0x96f01f9057908805L,0xb5b9ea3d5ed480ddL,0x366c5dc23efd2dd0L,
-        0xed2fe3056e9dfa27L },
-      { 0x4575e8926e9197e2L,0x11719c09ab502a5dL,0x264c7bece81f213fL,
-        0x741b924155f5c457L } },
-    /* 47 << 210 */
-    { { 0x78ac7b6849a5f4f4L,0xf91d70a29fc45b7dL,0x39b05544b0f5f355L,
-        0x11f06bceeef930d9L },
-      { 0xdb84d25d038d05e1L,0x04838ee5bacc1d51L,0x9da3ce869e8ee00bL,
-        0xc3412057c36eda1fL } },
-    /* 48 << 210 */
-    { { 0xae80b91364d9c2f4L,0x7468bac3a010a8ffL,0xdfd2003737359d41L,
-        0x1a0f5ab815efeaccL },
-      { 0x7c25ad2f659d0ce0L,0x4011bcbb6785cff1L,0x128b99127e2192c7L,
-        0xa549d8e113ccb0e8L } },
-    /* 49 << 210 */
-    { { 0x805588d8c85438b1L,0x5680332dbc25cb27L,0xdcd1bc961a4bfdf4L,
-        0x779ff428706f6566L },
-      { 0x8bbee998f059987aL,0xf6ce8cf2cc686de7L,0xf8ad3c4a953cfdb2L,
-        0xd1d426d92205da36L } },
-    /* 50 << 210 */
-    { { 0xb3c0f13fc781a241L,0x3e89360ed75362a8L,0xccd05863c8a91184L,
-        0x9bd0c9b7efa8a7f4L },
-      { 0x97ee4d538a912a4bL,0xde5e15f8bcf518fdL,0x6a055bf8c467e1e0L,
-        0x10be4b4b1587e256L } },
-    /* 51 << 210 */
-    { { 0xd90c14f2668621c9L,0xd5518f51ab9c92c1L,0x8e6a0100d6d47b3cL,
-        0xcbe980dd66716175L },
-      { 0x500d3f10ddd83683L,0x3b6cb35d99cac73cL,0x53730c8b6083d550L,
-        0xcf159767df0a1987L } },
-    /* 52 << 210 */
-    { { 0x84bfcf5343ad73b3L,0x1b528c204f035a94L,0x4294edf733eeac69L,
-        0xb6283e83817f3240L },
-      { 0xc3fdc9590a5f25b1L,0xefaf8aa55844ee22L,0xde269ba5dbdde4deL,
-        0xe3347160c56133bfL } },
-    /* 53 << 210 */
-    { { 0xc11842198d9ea9f8L,0x090de5dbf3fc1ab5L,0x404c37b10bf22cdaL,
-        0x7de20ec8f5618894L },
-      { 0x754c588eecdaecabL,0x6ca4b0ed88342743L,0x76f08bddf4a938ecL,
-        0xd182de8991493ccbL } },
-    /* 54 << 210 */
-    { { 0xd652c53ec8a4186aL,0xb3e878db946d8e33L,0x088453c05f37663cL,
-        0x5cd9daaab407748bL },
-      { 0xa1f5197f586d5e72L,0x47500be8c443ca59L,0x78ef35b2e2652424L,
-        0x09c5d26f6dd7767dL } },
-    /* 55 << 210 */
-    { { 0x7175a79aa74d3f7bL,0x0428fd8dcf5ea459L,0x511cb97ca5d1746dL,
-        0x36363939e71d1278L },
-      { 0xcf2df95510350bf4L,0xb381743960aae782L,0xa748c0e43e688809L,
-        0x98021fbfd7a5a006L } },
-    /* 56 << 210 */
-    { { 0x9076a70c0e367a98L,0xbea1bc150f62b7c2L,0x2645a68c30fe0343L,
-        0xacaffa78699dc14fL },
-      { 0xf4469964457bf9c4L,0x0db6407b0d2ead83L,0x68d56cadb2c6f3ebL,
-        0x3b512e73f376356cL } },
-    /* 57 << 210 */
-    { { 0xe43b0e1ffce10408L,0x89ddc0035a5e257dL,0xb0ae0d120362e5b3L,
-        0x07f983c7b0519161L },
-      { 0xc2e94d155d5231e7L,0xcff22aed0b4f9513L,0xb02588dd6ad0b0b5L,
-        0xb967d1ac11d0dcd5L } },
-    /* 58 << 210 */
-    { { 0x8dac6bc6cf777b6cL,0x0062bdbd4c6d1959L,0x53da71b50ef5cc85L,
-        0x07012c7d4006f14fL },
-      { 0x4617f962ac47800dL,0x53365f2bc102ed75L,0xb422efcb4ab8c9d3L,
-        0x195cb26b34af31c9L } },
-    /* 59 << 210 */
-    { { 0x3a926e2905f2c4ceL,0xbd2bdecb9856966cL,0x5d16ab3a85527015L,
-        0x9f81609e4486c231L },
-      { 0xd8b96b2cda350002L,0xbd054690fa1b7d36L,0xdc90ebf5e71d79bcL,
-        0xf241b6f908964e4eL } },
-    /* 60 << 210 */
-    { { 0x7c8386432fe3cd4cL,0xe0f33acbb4bc633cL,0xb4a9ecec3d139f1fL,
-        0x05ce69cddc4a1f49L },
-      { 0xa19d1b16f5f98aafL,0x45bb71d66f23e0efL,0x33789fcd46cdfdd3L,
-        0x9b8e2978cee040caL } },
-    /* 61 << 210 */
-    { { 0x9c69b246ae0a6828L,0xba533d247078d5aaL,0x7a2e42c07bb4fbdbL,
-        0xcfb4879a7035385cL },
-      { 0x8c3dd30b3281705bL,0x7e361c6c404fe081L,0x7b21649c3f604edfL,
-        0x5dbf6a3fe52ffe47L } },
-    /* 62 << 210 */
-    { { 0xc41b7c234b54d9bfL,0x1374e6813511c3d9L,0x1863bf16c1b2b758L,
-        0x90e785071e9e6a96L },
-      { 0xab4bf98d5d86f174L,0xd74e0bd385e96fe4L,0x8afde39fcac5d344L,
-        0x90946dbcbd91b847L } },
-    /* 63 << 210 */
-    { { 0xf5b42358fe1a838cL,0x05aae6c5620ac9d8L,0x8e193bd8a1ce5a0bL,
-        0x8f7105714dabfd72L },
-      { 0x8d8fdd48182caaacL,0x8c4aeefa040745cfL,0x73c6c30af3b93e6dL,
-        0x991241f316f42011L } },
-    /* 64 << 210 */
-    { { 0xa0158eeae457a477L,0xd19857dbee6ddc05L,0xb326522418c41671L,
-        0x3ffdfc7e3c2c0d58L },
-      { 0x3a3a525426ee7cdaL,0x341b0869df02c3a8L,0xa023bf42723bbfc8L,
-        0x3d15002a14452691L } },
-    /* 0 << 217 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 217 */
-    { { 0x5ef7324c85edfa30L,0x2597655487d4f3daL,0x352f5bc0dcb50c86L,
-        0x8f6927b04832a96cL },
-      { 0xd08ee1ba55f2f94cL,0x6a996f99344b45faL,0xe133cb8da8aa455dL,
-        0x5d0721ec758dc1f7L } },
-    /* 2 << 217 */
-    { { 0x6ba7a92079e5fb67L,0xe1331feb70aa725eL,0x5080ccf57df5d837L,
-        0xe4cae01d7ff72e21L },
-      { 0xd9243ee60412a77dL,0x06ff7cacdf449025L,0xbe75f7cd23ef5a31L,
-        0xbc9578220ddef7a8L } },
-    /* 3 << 217 */
-    { { 0x8cf7230cb0ce1c55L,0x5b534d050bbfb607L,0xee1ef1130e16363bL,
-        0x27e0aa7ab4999e82L },
-      { 0xce1dac2d79362c41L,0x67920c9091bb6cb0L,0x1e648d632223df24L,
-        0x0f7d9eefe32e8f28L } },
-    /* 4 << 217 */
-    { { 0x6943f39afa833834L,0x22951722a6328562L,0x81d63dd54170fc10L,
-        0x9f5fa58faecc2e6dL },
-      { 0xb66c8725e77d9a3bL,0x11235cea6384ebe0L,0x06a8c1185845e24aL,
-        0x0137b286ebd093b1L } },
-    /* 5 << 217 */
-    { { 0xc589e1ce44ace150L,0xe0f8d3d94381e97cL,0x59e99b1162c5a4b8L,
-        0x90d262f7fd0ec9f9L },
-      { 0xfbc854c9283e13c9L,0x2d04fde7aedc7085L,0x057d776547dcbecbL,
-        0x8dbdf5919a76fa5fL } },
-    /* 6 << 217 */
-    { { 0xd01506950de1e578L,0x2e1463e7e9f72bc6L,0xffa684411b39eca5L,
-        0x673c85307c037f2fL },
-      { 0xd0d6a600747f91daL,0xb08d43e1c9cb78e9L,0x0fc0c64427b5cef5L,
-        0x5c1d160aa60a2fd6L } },
-    /* 7 << 217 */
-    { { 0xf98cae5328c8e13bL,0x375f10c4b2eddcd1L,0xd4eb8b7f5cce06adL,
-        0xb4669f4580a2e1efL },
-      { 0xd593f9d05bbd8699L,0x5528a4c9e7976d13L,0x3923e0951c7e28d3L,
-        0xb92937903f6bb577L } },
-    /* 8 << 217 */
-    { { 0xdb567d6ac42bd6d2L,0x6df86468bb1f96aeL,0x0efe5b1a4843b28eL,
-        0x961bbb056379b240L },
-      { 0xb6caf5f070a6a26bL,0x70686c0d328e6e39L,0x80da06cf895fc8d3L,
-        0x804d8810b363fdc9L } },
-    /* 9 << 217 */
-    { { 0xbe22877b207f1670L,0x9b0dd1884e615291L,0x625ae8dc97a3c2bfL,
-        0x08584ef7439b86e8L },
-      { 0xde7190a5dcd898ffL,0x26286c402058ee3dL,0x3db0b2175f87b1c1L,
-        0xcc334771102a6db5L } },
-    /* 10 << 217 */
-    { { 0xd99de9542f770fb1L,0x97c1c6204cd7535eL,0xd3b6c4483f09cefcL,
-        0xd725af155a63b4f8L },
-      { 0x0c95d24fc01e20ecL,0xdfd374949ae7121fL,0x7d6ddb72ec77b7ecL,
-        0xfe079d3b0353a4aeL } },
-    /* 11 << 217 */
-    { { 0x3066e70a2e6ac8d2L,0x9c6b5a43106e5c05L,0x52d3c6f5ede59b8cL,
-        0x30d6a5c3fccec9aeL },
-      { 0xedec7c224fc0a9efL,0x190ff08395c16cedL,0xbe12ec8f94de0fdeL,
-        0x0d131ab8852d3433L } },
-    /* 12 << 217 */
-    { { 0x42ace07e85701291L,0x94793ed9194061a8L,0x30e83ed6d7f4a485L,
-        0x9eec7269f9eeff4dL },
-      { 0x90acba590c9d8005L,0x5feca4581e79b9d1L,0x8fbe54271d506a1eL,
-        0xa32b2c8e2439cfa7L } },
-    /* 13 << 217 */
-    { { 0x1671c17373dd0b4eL,0x37a2821444a054c6L,0x81760a1b4e8b53f1L,
-        0xa6c04224f9f93b9eL },
-      { 0x18784b34cf671e3cL,0x81bbecd2cda9b994L,0x38831979b2ab3848L,
-        0xef54feb7f2e03c2dL } },
-    /* 14 << 217 */
-    { { 0xcf197ca7fb8088faL,0x014272474ddc96c5L,0xa2d2550a30777176L,
-        0x534698984d0cf71dL },
-      { 0x6ce937b83a2aaac6L,0xe9f91dc35af38d9bL,0x2598ad83c8bf2899L,
-        0x8e706ac9b5536c16L } },
-    /* 15 << 217 */
-    { { 0x40dc7495f688dc98L,0x26490cd7124c4afcL,0xe651ec841f18775cL,
-        0x393ea6c3b4fdaf4aL },
-      { 0x1e1f33437f338e0dL,0x39fb832b6053e7b5L,0x46e702da619e14d5L,
-        0x859cacd1cdeef6e0L } },
-    /* 16 << 217 */
-    { { 0x63b99ce74462007dL,0xb8ab48a54cb5f5b7L,0x9ec673d2f55edde7L,
-        0xd1567f748cfaefdaL },
-      { 0x46381b6b0887bcecL,0x694497cee178f3c2L,0x5e6525e31e6266cbL,
-        0x5931de26697d6413L } },
-    /* 17 << 217 */
-    { { 0x87f8df7c0e58d493L,0xb1ae5ed058b73f12L,0xc368f784dea0c34dL,
-        0x9bd0a120859a91a0L },
-      { 0xb00d88b7cc863c68L,0x3a1cc11e3d1f4d65L,0xea38e0e70aa85593L,
-        0x37f13e987dc4aee8L } },
-    /* 18 << 217 */
-    { { 0x10d38667bc947badL,0x738e07ce2a36ee2eL,0xc93470cdc577fcacL,
-        0xdee1b6162782470dL },
-      { 0x36a25e672e793d12L,0xd6aa6caee0f186daL,0x474d0fd980e07af7L,
-        0xf7cdc47dba8a5cd4L } },
-    /* 19 << 217 */
-    { { 0x28af6d9dab15247fL,0x7c789c10493a537fL,0x7ac9b11023a334e7L,
-        0x0236ac0912c9c277L },
-      { 0xa7e5bd251d7a5144L,0x098b9c2af13ec4ecL,0x3639dacad3f0abcaL,
-        0x642da81aa23960f9L } },
-    /* 20 << 217 */
-    { { 0x7d2e5c054f7269b1L,0xfcf30777e287c385L,0x10edc84ff2a46f21L,
-        0x354417574f43fa36L },
-      { 0xf1327899fd703431L,0xa438d7a616dd587aL,0x65c34c57e9c8352dL,
-        0xa728edab5cc5a24eL } },
-    /* 21 << 217 */
-    { { 0xaed78abc42531689L,0x0a51a0e8010963efL,0x5776fa0ad717d9b3L,
-        0xf356c2397dd3428bL },
-      { 0x29903fff8d3a3dacL,0x409597fa3d94491fL,0x4cd7a5ffbf4a56a4L,
-        0xe50964748adab462L } },
-    /* 22 << 217 */
-    { { 0xa97b51265c3427b0L,0x6401405cd282c9bdL,0x3629f8d7222c5c45L,
-        0xb1c02c16e8d50aedL },
-      { 0xbea2ed75d9635bc9L,0x226790c76e24552fL,0x3c33f2a365f1d066L,
-        0x2a43463e6dfccc2eL } },
-    /* 23 << 217 */
-    { { 0x8cc3453adb483761L,0xe7cc608565d5672bL,0x277ed6cbde3efc87L,
-        0x19f2f36869234eafL },
-      { 0x9aaf43175c0b800bL,0x1f1e7c898b6da6e2L,0x6cfb4715b94ec75eL,
-        0xd590dd5f453118c2L } },
-    /* 24 << 217 */
-    { { 0x14e49da11f17a34cL,0x5420ab39235a1456L,0xb76372412f50363bL,
-        0x7b15d623c3fabb6eL },
-      { 0xa0ef40b1e274e49cL,0x5cf5074496b1860aL,0xd6583fbf66afe5a4L,
-        0x44240510f47e3e9aL } },
-    /* 25 << 217 */
-    { { 0x9925434311b2d595L,0xf1367499eec8df57L,0x3cb12c613e73dd05L,
-        0xd248c0337dac102aL },
-      { 0xcf154f13a77739f5L,0xbf4288cb23d2af42L,0xaa64c9b632e4a1cfL,
-        0xee8c07a8c8a208f3L } },
-    /* 26 << 217 */
-    { { 0xe10d49996fe8393fL,0x0f809a3fe91f3a32L,0x61096d1c802f63c8L,
-        0x289e146257750d3dL },
-      { 0xed06167e9889feeaL,0xd5c9c0e2e0993909L,0x46fca0d856508ac6L,
-        0x918260474f1b8e83L } },
-    /* 27 << 217 */
-    { { 0x4f2c877a9a4a2751L,0x71bd0072cae6feadL,0x38df8dcc06aa1941L,
-        0x5a074b4c63beeaa8L },
-      { 0xd6d65934c1cec8edL,0xa6ecb49eaabc03bdL,0xaade91c2de8a8415L,
-        0xcfb0efdf691136e0L } },
-    /* 28 << 217 */
-    { { 0x11af45ee23ab3495L,0xa132df880b77463dL,0x8923c15c815d06f4L,
-        0xc3ceb3f50d61a436L },
-      { 0xaf52291de88fb1daL,0xea0579741da12179L,0xb0d7218cd2fef720L,
-        0x6c0899c98e1d8845L } },
-    /* 29 << 217 */
-    { { 0x98157504752ddad7L,0xd60bd74fa1a68a97L,0x7047a3a9f658fb99L,
-        0x1f5d86d65f8511e4L },
-      { 0xb8a4bc424b5a6d88L,0x69eb2c331abefa7dL,0x95bf39e813c9c510L,
-        0xf571960ad48aab43L } },
-    /* 30 << 217 */
-    { { 0x7e8cfbcf704e23c6L,0xc71b7d2228aaa65bL,0xa041b2bd245e3c83L,
-        0x69b98834d21854ffL },
-      { 0x89d227a3963bfeecL,0x99947aaade7da7cbL,0x1d9ee9dbee68a9b1L,
-        0x0a08f003698ec368L } },
-    /* 31 << 217 */
-    { { 0xe9ea409478ef2487L,0xc8d2d41502cfec26L,0xc52f9a6eb7dcf328L,
-        0x0ed489e385b6a937L },
-      { 0x9b94986bbef3366eL,0x0de59c70edddddb8L,0xffdb748ceadddbe2L,
-        0x9b9784bb8266ea40L } },
-    /* 32 << 217 */
-    { { 0x142b55021a93507aL,0xb4cd11878d3c06cfL,0xdf70e76a91ec3f40L,
-        0x484e81ad4e7553c2L },
-      { 0x830f87b5272e9d6eL,0xea1c93e5c6ff514aL,0x67cc2adcc4192a8eL,
-        0xc77e27e242f4535aL } },
-    /* 33 << 217 */
-    { { 0x9cdbab36d2b713c5L,0x86274ea0cf7b0cd3L,0x784680f309af826bL,
-        0xbfcc837a0c72dea3L },
-      { 0xa8bdfe9dd6529b73L,0x708aa22863a88002L,0x6c7a9a54c91d45b9L,
-        0xdf1a38bbfd004f56L } },
-    /* 34 << 217 */
-    { { 0x2e8c9a26b8bad853L,0x2d52cea33723eae7L,0x054d6d8156ca2830L,
-        0xa3317d149a8dc411L },
-      { 0xa08662fefd4ddedaL,0xed2a153ab55d792bL,0x7035c16abfc6e944L,
-        0xb6bc583400171cf3L } },
-    /* 35 << 217 */
-    { { 0xe27152b383d102b6L,0xfe695a470646b848L,0xa5bb09d8916e6d37L,
-        0xb4269d640d17015eL },
-      { 0x8d8156a10a1d2285L,0xfeef6c5146d26d72L,0x9dac57c84c5434a7L,
-        0x0282e5be59d39e31L } },
-    /* 36 << 217 */
-    { { 0xedfff181721c486dL,0x301baf10bc58824eL,0x8136a6aa00570031L,
-        0x55aaf78c1cddde68L },
-      { 0x2682937159c63952L,0x3a3bd2748bc25bafL,0xecdf8657b7e52dc3L,
-        0x2dd8c087fd78e6c8L } },
-    /* 37 << 217 */
-    { { 0x20553274f5531461L,0x8b4a12815d95499bL,0xe2c8763a1a80f9d2L,
-        0xd1dbe32b4ddec758L },
-      { 0xaf12210d30c34169L,0xba74a95378baa533L,0x3d133c6ea438f254L,
-        0xa431531a201bef5bL } },
-    /* 38 << 217 */
-    { { 0x15295e22f669d7ecL,0xca374f64357fb515L,0x8a8406ffeaa3fdb3L,
-        0x106ae448df3f2da8L },
-      { 0x8f9b0a9033c8e9a1L,0x234645e271ad5885L,0x3d0832241c0aed14L,
-        0xf10a7d3e7a942d46L } },
-    /* 39 << 217 */
-    { { 0x7c11deee40d5c9beL,0xb2bae7ffba84ed98L,0x93e97139aad58dddL,
-        0x3d8727963f6d1fa3L },
-      { 0x483aca818569ff13L,0x8b89a5fb9a600f72L,0x4cbc27c3c06f2b86L,
-        0x2213071363ad9c0bL } },
-    /* 40 << 217 */
-    { { 0xb5358b1e48ac2840L,0x18311294ecba9477L,0xda58f990a6946b43L,
-        0x3098baf99ab41819L },
-      { 0x66c4c1584198da52L,0xab4fc17c146bfd1bL,0x2f0a4c3cbf36a908L,
-        0x2ae9e34b58cf7838L } },
-    /* 41 << 217 */
-    { { 0xf411529e3fa11b1fL,0x21e43677974af2b4L,0x7c20958ec230793bL,
-        0x710ea88516e840f3L },
-      { 0xfc0b21fcc5dc67cfL,0x08d5164788405718L,0xd955c21fcfe49eb7L,
-        0x9722a5d556dd4a1fL } },
-    /* 42 << 217 */
-    { { 0xc9ef50e2c861baa5L,0xc0c21a5d9505ac3eL,0xaf6b9a338b7c063fL,
-        0xc63703392f4779c1L },
-      { 0x22df99c7638167c3L,0xfe6ffe76795db30cL,0x2b822d33a4854989L,
-        0xfef031dd30563aa5L } },
-    /* 43 << 217 */
-    { { 0x16b09f82d57c667fL,0xc70312cecc0b76f1L,0xbf04a9e6c9118aecL,
-        0x82fcb4193409d133L },
-      { 0x1a8ab385ab45d44dL,0xfba07222617b83a3L,0xb05f50dd58e81b52L,
-        0x1d8db55321ce5affL } },
-    /* 44 << 217 */
-    { { 0x3097b8d4e344a873L,0x7d8d116dfe36d53eL,0x6db22f587875e750L,
-        0x2dc5e37343e144eaL },
-      { 0xc05f32e6e799eb95L,0xe9e5f4df6899e6ecL,0xbdc3bd681fab23d5L,
-        0xb72b8ab773af60e6L } },
-    /* 45 << 217 */
-    { { 0x8db27ae02cecc84aL,0x600016d87bdb871cL,0x42a44b13d7c46f58L,
-        0xb8919727c3a77d39L },
-      { 0xcfc6bbbddafd6088L,0x1a7401466bd20d39L,0x8c747abd98c41072L,
-        0x4c91e765bdf68ea1L } },
-    /* 46 << 217 */
-    { { 0x7c95e5ca08819a78L,0xcf48b729c9587921L,0x091c7c5fdebbcc7dL,
-        0x6f287404f0e05149L },
-      { 0xf83b5ac226cd44ecL,0x88ae32a6cfea250eL,0x6ac5047a1d06ebc5L,
-        0xc7e550b4d434f781L } },
-    /* 47 << 217 */
-    { { 0x61ab1cf25c727bd2L,0x2e4badb11cf915b0L,0x1b4dadecf69d3920L,
-        0xe61b1ca6f14c1dfeL },
-      { 0x90b479ccbd6bd51fL,0x8024e4018045ec30L,0xcab29ca325ef0e62L,
-        0x4f2e941649e4ebc0L } },
-    /* 48 << 217 */
-    { { 0x45eb40ec0ccced58L,0x25cd4b9c0da44f98L,0x43e06458871812c6L,
-        0x99f80d5516cef651L },
-      { 0x571340c9ce6dc153L,0x138d5117d8665521L,0xacdb45bc4e07014dL,
-        0x2f34bb3884b60b91L } },
-    /* 49 << 217 */
-    { { 0xf44a4fd22ae8921eL,0xb039288e892ba1e2L,0x9da50174b1c180b2L,
-        0x6b70ab661693dc87L },
-      { 0x7e9babc9e7057481L,0x4581ddef9c80dc41L,0x0c890da951294682L,
-        0x0b5629d33f4736e5L } },
-    /* 50 << 217 */
-    { { 0x2340c79eb06f5b41L,0xa42e84ce4e243469L,0xf9a20135045a71a9L,
-        0xefbfb415d27b6fb6L },
-      { 0x25ebea239d33cd6fL,0x9caedb88aa6c0af8L,0x53dc7e9ad9ce6f96L,
-        0x3897f9fd51e0b15aL } },
-    /* 51 << 217 */
-    { { 0xf51cb1f88e5d788eL,0x1aec7ba8e1d490eeL,0x265991e0cc58cb3cL,
-        0x9f306e8c9fc3ad31L },
-      { 0x5fed006e5040a0acL,0xca9d5043fb476f2eL,0xa19c06e8beea7a23L,
-        0xd28658010edabb63L } },
-    /* 52 << 217 */
-    { { 0xdb92293f6967469aL,0x2894d8398d8a8ed8L,0x87c9e406bbc77122L,
-        0x8671c6f12ea3a26aL },
-      { 0xe42df8d6d7de9853L,0x2e3ce346b1f2bcc7L,0xda601dfc899d50cfL,
-        0xbfc913defb1b598fL } },
-    /* 53 << 217 */
-    { { 0x81c4909fe61f7908L,0x192e304f9bbc7b29L,0xc3ed8738c104b338L,
-        0xedbe9e47783f5d61L },
-      { 0x0c06e9be2db30660L,0xda3e613fc0eb7d8eL,0xd8fa3e97322e096eL,
-        0xfebd91e8d336e247L } },
-    /* 54 << 217 */
-    { { 0x8f13ccc4df655a49L,0xa9e00dfc5eb20210L,0x84631d0fc656b6eaL,
-        0x93a058cdd8c0d947L },
-      { 0x6846904a67bd3448L,0x4a3d4e1af394fd5cL,0xc102c1a5db225f52L,
-        0xe3455bbafc4f5e9aL } },
-    /* 55 << 217 */
-    { { 0x6b36985b4b9ad1ceL,0xa98185365bb7f793L,0x6c25e1d048b1a416L,
-        0x1381dd533c81bee7L },
-      { 0xd2a30d617a4a7620L,0xc841292639b8944cL,0x3c1c6fbe7a97c33aL,
-        0x941e541d938664e7L } },
-    /* 56 << 217 */
-    { { 0x417499e84a34f239L,0x15fdb83cb90402d5L,0xb75f46bf433aa832L,
-        0xb61e15af63215db1L },
-      { 0xaabe59d4a127f89aL,0x5d541e0c07e816daL,0xaaba0659a618b692L,
-        0x5532773317266026L } },
-    /* 57 << 217 */
-    { { 0xaf53a0fc95f57552L,0x329476506cacb0c9L,0x253ff58dc821be01L,
-        0xb0309531a06f1146L },
-      { 0x59bbbdf505c2e54dL,0x158f27ad26e8dd22L,0xcc5b7ffb397e1e53L,
-        0xae03f65b7fc1e50dL } },
-    /* 58 << 217 */
-    { { 0xa9784ebd9c95f0f9L,0x5ed9deb224640771L,0x31244af7035561c4L,
-        0x87332f3a7ee857deL },
-      { 0x09e16e9e2b9e0d88L,0x52d910f456a06049L,0x507ed477a9592f48L,
-        0x85cb917b2365d678L } },
-    /* 59 << 217 */
-    { { 0xf8511c934c8998d1L,0x2186a3f1730ea58fL,0x50189626b2029db0L,
-        0x9137a6d902ceb75aL },
-      { 0x2fe17f37748bc82cL,0x87c2e93180469f8cL,0x850f71cdbf891aa2L,
-        0x0ca1b89b75ec3d8dL } },
-    /* 60 << 217 */
-    { { 0x516c43aa5e1cd3cdL,0x893978089a887c28L,0x0059c699ddea1f9fL,
-        0x7737d6fa8e6868f7L },
-      { 0x6d93746a60f1524bL,0x36985e55ba052aa7L,0x41b1d322ed923ea5L,
-        0x3429759f25852a11L } },
-    /* 61 << 217 */
-    { { 0xbeca6ec3092e9f41L,0x3a238c6662256bbdL,0xd82958ea70ad487dL,
-        0x4ac8aaf965610d93L },
-      { 0x3fa101b15e4ccab0L,0x9bf430f29de14bfbL,0xa10f5cc66531899dL,
-        0x590005fbea8ce17dL } },
-    /* 62 << 217 */
-    { { 0xc437912f24544cb6L,0x9987b71ad79ac2e3L,0x13e3d9ddc058a212L,
-        0x00075aacd2de9606L },
-      { 0x80ab508b6cac8369L,0x87842be7f54f6c89L,0xa7ad663d6bc532a4L,
-        0x67813de778a91bc8L } },
-    /* 63 << 217 */
-    { { 0x5dcb61cec3427239L,0x5f3c7cf0c56934d9L,0xc079e0fbe3191591L,
-        0xe40896bdb01aada7L },
-      { 0x8d4667910492d25fL,0x8aeb30c9e7408276L,0xe94374959287aaccL,
-        0x23d4708d79fe03d4L } },
-    /* 64 << 217 */
-    { { 0x8cda9cf2d0c05199L,0x502fbc22fae78454L,0xc0bda9dff572a182L,
-        0x5f9b71b86158b372L },
-      { 0xe0f33a592b82dd07L,0x763027359523032eL,0x7fe1a721c4505a32L,
-        0x7b6e3e82f796409fL } },
-    /* 0 << 224 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 224 */
-    { { 0xe3417bc035d0b34aL,0x440b386b8327c0a7L,0x8fb7262dac0362d1L,
-        0x2c41114ce0cdf943L },
-      { 0x2ba5cef1ad95a0b1L,0xc09b37a867d54362L,0x26d6cdd201e486c9L,
-        0x20477abf42ff9297L } },
-    /* 2 << 224 */
-    { { 0xa004dcb3292a9287L,0xddc15cf677b092c7L,0x083a8464806c0605L,
-        0x4a68df703db997b0L },
-      { 0x9c134e4505bf7dd0L,0xa4e63d398ccf7f8cL,0xa6e6517f41b5f8afL,
-        0xaa8b9342ad7bc1ccL } },
-    /* 3 << 224 */
-    { { 0x126f35b51e706ad9L,0xb99cebb4c3a9ebdfL,0xa75389afbf608d90L,
-        0x76113c4fc6c89858L },
-      { 0x80de8eb097e2b5aaL,0x7e1022cc63b91304L,0x3bdab6056ccc066cL,
-        0x33cbb144b2edf900L } },
-    /* 4 << 224 */
-    { { 0xc41764717af715d2L,0xe2f7f594d0134a96L,0x2c1873efa41ec956L,
-        0xe4e7b4f677821304L },
-      { 0xe5c8ff9788d5374aL,0x2b915e6380823d5bL,0xea6bc755b2ee8fe2L,
-        0x6657624ce7112651L } },
-    /* 5 << 224 */
-    { { 0x157af101dace5acaL,0xc4fdbcf211a6a267L,0xdaddf340c49c8609L,
-        0x97e49f52e9604a65L },
-      { 0x9be8e790937e2ad5L,0x846e2508326e17f1L,0x3f38007a0bbbc0dcL,
-        0xcf03603fb11e16d6L } },
-    /* 6 << 224 */
-    { { 0xd6f800e07442f1d5L,0x475607d166e0e3abL,0x82807f16b7c64047L,
-        0x8858e1e3a749883dL },
-      { 0x5859120b8231ee10L,0x1b80e7eb638a1eceL,0xcb72525ac6aa73a4L,
-        0xa7cdea3d844423acL } },
-    /* 7 << 224 */
-    { { 0x5ed0c007f8ae7c38L,0x6db07a5c3d740192L,0xbe5e9c2a5fe36db3L,
-        0xd5b9d57a76e95046L },
-      { 0x54ac32e78eba20f2L,0xef11ca8f71b9a352L,0x305e373eff98a658L,
-        0xffe5a100823eb667L } },
-    /* 8 << 224 */
-    { { 0x57477b11e51732d2L,0xdfd6eb282538fc0eL,0x5c43b0cc3b39eec5L,
-        0x6af12778cb36cc57L },
-      { 0x70b0852d06c425aeL,0x6df92f8c5c221b9bL,0x6c8d4f9ece826d9cL,
-        0xf59aba7bb49359c3L } },
-    /* 9 << 224 */
-    { { 0x5c8ed8d5da64309dL,0x61a6de5691b30704L,0xd6b52f6a2f9b5808L,
-        0x0eee419498c958a7L },
-      { 0xcddd9aab771e4caaL,0x83965dfd78bc21beL,0x02affce3b3b504f5L,
-        0x30847a21561c8291L } },
-    /* 10 << 224 */
-    { { 0xd2eb2cf152bfda05L,0xe0e4c4e96197b98cL,0x1d35076cf8a1726fL,
-        0x6c06085b2db11e3dL },
-      { 0x15c0c4d74463ba14L,0x9d292f830030238cL,0x1311ee8b3727536dL,
-        0xfeea86efbeaedc1eL } },
-    /* 11 << 224 */
-    { { 0xb9d18cd366131e2eL,0xf31d974f80fe2682L,0xb6e49e0fe4160289L,
-        0x7c48ec0b08e92799L },
-      { 0x818111d8d1989aa7L,0xb34fa0aaebf926f9L,0xdb5fe2f5a245474aL,
-        0xf80a6ebb3c7ca756L } },
-    /* 12 << 224 */
-    { { 0xa7f96054afa05dd8L,0x26dfcf21fcaf119eL,0xe20ef2e30564bb59L,
-        0xef4dca5061cb02b8L },
-      { 0xcda7838a65d30672L,0x8b08d534fd657e86L,0x4c5b439546d595c8L,
-        0x39b58725425cb836L } },
-    /* 13 << 224 */
-    { { 0x8ea610593de9abe3L,0x404348819cdc03beL,0x9b261245cfedce8cL,
-        0x78c318b4cf5234a1L },
-      { 0x510bcf16fde24c99L,0x2a77cb75a2c2ff5dL,0x9c895c2b27960fb4L,
-        0xd30ce975b0eda42bL } },
-    /* 14 << 224 */
-    { { 0xfda853931a62cc26L,0x23c69b9650c0e052L,0xa227df15bfc633f3L,
-        0x2ac788481bae7d48L },
-      { 0x487878f9187d073dL,0x6c2be919967f807dL,0x765861d8336e6d8fL,
-        0x88b8974cce528a43L } },
-    /* 15 << 224 */
-    { { 0x09521177ff57d051L,0x2ff38037fb6a1961L,0xfc0aba74a3d76ad4L,
-        0x7c76480325a7ec17L },
-      { 0x7532d75f48879bc8L,0xea7eacc058ce6bc1L,0xc82176b48e896c16L,
-        0x9a30e0b22c750fedL } },
-    /* 16 << 224 */
-    { { 0xc37e2c2e421d3aa4L,0xf926407ce84fa840L,0x18abc03d1454e41cL,
-        0x26605ecd3f7af644L },
-      { 0x242341a6d6a5eabfL,0x1edb84f4216b668eL,0xd836edb804010102L,
-        0x5b337ce7945e1d8cL } },
-    /* 17 << 224 */
-    { { 0xd2075c77c055dc14L,0x2a0ffa2581d89cdfL,0x8ce815ea6ffdcbafL,
-        0xa3428878fb648867L },
-      { 0x277699cf884655fbL,0xfa5b5bd6364d3e41L,0x01f680c6441e1cb7L,
-        0x3fd61e66b70a7d67L } },
-    /* 18 << 224 */
-    { { 0x666ba2dccc78cf66L,0xb30181746fdbff77L,0x8d4dd0db168d4668L,
-        0x259455d01dab3a2aL },
-      { 0xf58564c5cde3acecL,0x7714192513adb276L,0x527d725d8a303f65L,
-        0x55deb6c9e6f38f7bL } },
-    /* 19 << 224 */
-    { { 0xfd5bb657b1fa70fbL,0xfa07f50fd8073a00L,0xf72e3aa7bca02500L,
-        0xf68f895d9975740dL },
-      { 0x301120605cae2a6aL,0x01bd721802874842L,0x3d4238917ce47bd3L,
-        0xa66663c1789544f6L } },
-    /* 20 << 224 */
-    { { 0x864d05d73272d838L,0xe22924f9fa6295c5L,0x8189593f6c2fda32L,
-        0x330d7189b184b544L },
-      { 0x79efa62cbde1f714L,0x35771c94e5cb1a63L,0x2f4826b8641c8332L,
-        0x00a894fbc8cee854L } },
-    /* 21 << 224 */
-    { { 0xb4b9a39b36194d40L,0xe857a7c577612601L,0xf4209dd24ecf2f58L,
-        0x82b9e66d5a033487L },
-      { 0xc1e36934e4e8b9ddL,0xd2372c9da42377d7L,0x51dc94c70e3ae43bL,
-        0x4c57761e04474f6fL } },
-    /* 22 << 224 */
-    { { 0xdcdacd0a1058a318L,0x369cf3f578053a9aL,0xc6c3de5031c68de2L,
-        0x4653a5763c4b6d9fL },
-      { 0x1688dd5aaa4e5c97L,0x5be80aa1b7ab3c74L,0x70cefe7cbc65c283L,
-        0x57f95f1306867091L } },
-    /* 23 << 224 */
-    { { 0xa39114e24415503bL,0xc08ff7c64cbb17e9L,0x1eff674dd7dec966L,
-        0x6d4690af53376f63L },
-      { 0xff6fe32eea74237bL,0xc436d17ecd57508eL,0x15aa28e1edcc40feL,
-        0x0d769c04581bbb44L } },
-    /* 24 << 224 */
-    { { 0xc240b6de34eaacdaL,0xd9e116e82ba0f1deL,0xcbe45ec779438e55L,
-        0x91787c9d96f752d7L },
-      { 0x897f532bf129ac2fL,0xd307b7c85a36e22cL,0x91940675749fb8f3L,
-        0xd14f95d0157fdb28L } },
-    /* 25 << 224 */
-    { { 0xfe51d0296ae55043L,0x8931e98f44a87de1L,0xe57f1cc609e4fee2L,
-        0x0d063b674e072d92L },
-      { 0x70a998b9ed0e4316L,0xe74a736b306aca46L,0xecf0fbf24fda97c7L,
-        0xa40f65cb3e178d93L } },
-    /* 26 << 224 */
-    { { 0x1625360416df4285L,0xb0c9babbd0c56ae2L,0x73032b19cfc5cfc3L,
-        0xe497e5c309752056L },
-      { 0x12096bb4164bda96L,0x1ee42419a0b74da1L,0x8fc36243403826baL,
-        0x0c8f0069dc09e660L } },
-    /* 27 << 224 */
-    { { 0x8667e981c27253c9L,0x05a6aefb92b36a45L,0xa62c4b369cb7bb46L,
-        0x8394f37511f7027bL },
-      { 0x747bc79c5f109d0fL,0xcad88a765b8cc60aL,0x80c5a66b58f09e68L,
-        0xe753d451f6127eacL } },
-    /* 28 << 224 */
-    { { 0xc44b74a15b0ec6f5L,0x47989fe45289b2b8L,0x745f848458d6fc73L,
-        0xec362a6ff61c70abL },
-      { 0x070c98a7b3a8ad41L,0x73a20fc07b63db51L,0xed2c2173f44c35f4L,
-        0x8a56149d9acc9dcaL } },
-    /* 29 << 224 */
-    { { 0x98f178819ac6e0f4L,0x360fdeafa413b5edL,0x0625b8f4a300b0fdL,
-        0xf1f4d76a5b3222d3L },
-      { 0x9d6f5109587f76b8L,0x8b4ee08d2317fdb5L,0x88089bb78c68b095L,
-        0x95570e9a5808d9b9L } },
-    /* 30 << 224 */
-    { { 0xa395c36f35d33ae7L,0x200ea12350bb5a94L,0x20c789bd0bafe84bL,
-        0x243ef52d0919276aL },
-      { 0x3934c577e23ae233L,0xb93807afa460d1ecL,0xb72a53b1f8fa76a4L,
-        0xd8914cb0c3ca4491L } },
-    /* 31 << 224 */
-    { { 0x2e1284943fb42622L,0x3b2700ac500907d5L,0xf370fb091a95ec63L,
-        0xf8f30be231b6dfbdL },
-      { 0xf2b2f8d269e55f15L,0x1fead851cc1323e9L,0xfa366010d9e5eef6L,
-        0x64d487b0e316107eL } },
-    /* 32 << 224 */
-    { { 0x4c076b86d23ddc82L,0x03fd344c7e0143f0L,0xa95362ff317af2c5L,
-        0x0add3db7e18b7a4fL },
-      { 0x9c673e3f8260e01bL,0xfbeb49e554a1cc91L,0x91351bf292f2e433L,
-        0xc755e7ec851141ebL } },
-    /* 33 << 224 */
-    { { 0xc9a9513929607745L,0x0ca07420a26f2b28L,0xcb2790e74bc6f9ddL,
-        0x345bbb58adcaffc0L },
-      { 0xc65ea38cbe0f27a2L,0x67c24d7c641fcb56L,0x2c25f0a7a9e2c757L,
-        0x93f5cdb016f16c49L } },
-    /* 34 << 224 */
-    { { 0x2ca5a9d7c5ee30a1L,0xd1593635b909b729L,0x804ce9f3dadeff48L,
-        0xec464751b07c30c3L },
-      { 0x89d65ff39e49af6aL,0xf2d6238a6f3d01bcL,0x1095561e0bced843L,
-        0x51789e12c8a13fd8L } },
-    /* 35 << 224 */
-    { { 0xd633f929763231dfL,0x46df9f7de7cbddefL,0x01c889c0cb265da8L,
-        0xfce1ad10af4336d2L },
-      { 0x8d110df6fc6a0a7eL,0xdd431b986da425dcL,0xcdc4aeab1834aabeL,
-        0x84deb1248439b7fcL } },
-    /* 36 << 224 */
-    { { 0x8796f1693c2a5998L,0x9b9247b47947190dL,0x55b9d9a511597014L,
-        0x7e9dd70d7b1566eeL },
-      { 0x94ad78f7cbcd5e64L,0x0359ac179bd4c032L,0x3b11baaf7cc222aeL,
-        0xa6a6e284ba78e812L } },
-    /* 37 << 224 */
-    { { 0x8392053f24cea1a0L,0xc97bce4a33621491L,0x7eb1db3435399ee9L,
-        0x473f78efece81ad1L },
-      { 0x41d72fe0f63d3d0dL,0xe620b880afab62fcL,0x92096bc993158383L,
-        0x41a213578f896f6cL } },
-    /* 38 << 224 */
-    { { 0x1b5ee2fac7dcfcabL,0x650acfde9546e007L,0xc081b749b1b02e07L,
-        0xda9e41a0f9eca03dL },
-      { 0x013ba727175a54abL,0xca0cd190ea5d8d10L,0x85ea52c095fd96a9L,
-        0x2c591b9fbc5c3940L } },
-    /* 39 << 224 */
-    { { 0x6fb4d4e42bad4d5fL,0xfa4c3590fef0059bL,0x6a10218af5122294L,
-        0x9a78a81aa85751d1L },
-      { 0x04f20579a98e84e7L,0xfe1242c04997e5b5L,0xe77a273bca21e1e4L,
-        0xfcc8b1ef9411939dL } },
-    /* 40 << 224 */
-    { { 0xe20ea30292d0487aL,0x1442dbec294b91feL,0x1f7a4afebb6b0e8fL,
-        0x1700ef746889c318L },
-      { 0xf5bbffc370f1fc62L,0x3b31d4b669c79ccaL,0xe8bc2aaba7f6340dL,
-        0xb0b08ab4a725e10aL } },
-    /* 41 << 224 */
-    { { 0x44f05701ae340050L,0xba4b30161cf0c569L,0x5aa29f83fbe19a51L,
-        0x1b9ed428b71d752eL },
-      { 0x1666e54eeb4819f5L,0x616cdfed9e18b75bL,0x112ed5be3ee27b0bL,
-        0xfbf2831944c7de4dL } },
-    /* 42 << 224 */
-    { { 0xd685ec85e0e60d84L,0x68037e301db7ee78L,0x5b65bdcd003c4d6eL,
-        0x33e7363a93e29a6aL },
-      { 0x995b3a6108d0756cL,0xd727f85c2faf134bL,0xfac6edf71d337823L,
-        0x99b9aa500439b8b4L } },
-    /* 43 << 224 */
-    { { 0x722eb104e2b4e075L,0x49987295437c4926L,0xb1e4c0e446a9b82dL,
-        0xd0cb319757a006f5L },
-      { 0xf3de0f7dd7808c56L,0xb5c54d8f51f89772L,0x500a114aadbd31aaL,
-        0x9afaaaa6295f6cabL } },
-    /* 44 << 224 */
-    { { 0x94705e2104cf667aL,0xfc2a811b9d3935d7L,0x560b02806d09267cL,
-        0xf19ed119f780e53bL },
-      { 0xf0227c09067b6269L,0x967b85335caef599L,0x155b924368efeebcL,
-        0xcd6d34f5c497bae6L } },
-    /* 45 << 224 */
-    { { 0x1dd8d5d36cceb370L,0x2aeac579a78d7bf9L,0x5d65017d70b67a62L,
-        0x70c8e44f17c53f67L },
-      { 0xd1fc095086a34d09L,0xe0fca256e7134907L,0xe24fa29c80fdd315L,
-        0x2c4acd03d87499adL } },
-    /* 46 << 224 */
-    { { 0xbaaf75173b5a9ba6L,0xb9cbe1f612e51a51L,0xd88edae35e154897L,
-        0xe4309c3c77b66ca0L },
-      { 0xf5555805f67f3746L,0x85fc37baa36401ffL,0xdf86e2cad9499a53L,
-        0x6270b2a3ecbc955bL } },
-    /* 47 << 224 */
-    { { 0xafae64f5974ad33bL,0x04d85977fe7b2df1L,0x2a3db3ff4ab03f73L,
-        0x0b87878a8702740aL },
-      { 0x6d263f015a061732L,0xc25430cea32a1901L,0xf7ebab3ddb155018L,
-        0x3a86f69363a9b78eL } },
-    /* 48 << 224 */
-    { { 0x349ae368da9f3804L,0x470f07fea164349cL,0xd52f4cc98562baa5L,
-        0xc74a9e862b290df3L },
-      { 0xd3a1aa3543471a24L,0x239446beb8194511L,0xbec2dd0081dcd44dL,
-        0xca3d7f0fc42ac82dL } },
-    /* 49 << 224 */
-    { { 0x1f3db085fdaf4520L,0xbb6d3e804549daf2L,0xf5969d8a19ad5c42L,
-        0x7052b13ddbfd1511L },
-      { 0x11890d1b682b9060L,0xa71d3883ac34452cL,0xa438055b783805b4L,
-        0x432412774725b23eL } },
-    /* 50 << 224 */
-    { { 0xf20cf96e4901bbedL,0x6419c710f432a2bbL,0x57a0fbb9dfa9cd7dL,
-        0x589111e400daa249L },
-      { 0x19809a337b60554eL,0xea5f8887ede283a4L,0x2d713802503bfd35L,
-        0x151bb0af585d2a53L } },
-    /* 51 << 224 */
-    { { 0x40b08f7443b30ca8L,0xe10b5bbad9934583L,0xe8a546d6b51110adL,
-        0x1dd50e6628e0b6c5L },
-      { 0x292e9d54cff2b821L,0x3882555d47281760L,0x134838f83724d6e3L,
-        0xf2c679e022ddcda1L } },
-    /* 52 << 224 */
-    { { 0x40ee88156d2a5768L,0x7f227bd21c1e7e2dL,0x487ba134d04ff443L,
-        0x76e2ff3dc614e54bL },
-      { 0x36b88d6fa3177ec7L,0xbf731d512328fff5L,0x758caea249ba158eL,
-        0x5ab8ff4c02938188L } },
-    /* 53 << 224 */
-    { { 0x33e1605635edc56dL,0x5a69d3497e940d79L,0x6c4fd00103866dcbL,
-        0x20a38f574893cdefL },
-      { 0xfbf3e790fac3a15bL,0x6ed7ea2e7a4f8e6bL,0xa663eb4fbc3aca86L,
-        0x22061ea5080d53f7L } },
-    /* 54 << 224 */
-    { { 0x2480dfe6f546783fL,0xd38bc6da5a0a641eL,0xfb093cd12ede8965L,
-        0x89654db4acb455cfL },
-      { 0x413cbf9a26e1adeeL,0x291f3764373294d4L,0x00797257648083feL,
-        0x25f504d3208cc341L } },
-    /* 55 << 224 */
-    { { 0x635a8e5ec3a0ee43L,0x70aaebca679898ffL,0x9ee9f5475dc63d56L,
-        0xce987966ffb34d00L },
-      { 0xf9f86b195e26310aL,0x9e435484382a8ca8L,0x253bcb81c2352fe4L,
-        0xa4eac8b04474b571L } },
-    /* 56 << 224 */
-    { { 0xc1b97512c1ad8cf8L,0x193b4e9e99e0b697L,0x939d271601e85df0L,
-        0x4fb265b3cd44eafdL },
-      { 0x321e7dcde51e1ae2L,0x8e3a8ca6e3d8b096L,0x8de46cb052604998L,
-        0x91099ad839072aa7L } },
-    /* 57 << 224 */
-    { { 0x2617f91c93aa96b8L,0x0fc8716b7fca2e13L,0xa7106f5e95328723L,
-        0xd1c9c40b262e6522L },
-      { 0xb9bafe8642b7c094L,0x1873439d1543c021L,0xe1baa5de5cbefd5dL,
-        0xa363fc5e521e8affL } },
-    /* 58 << 224 */
-    { { 0xefe6320df862eaacL,0x14419c6322c647dcL,0x0e06707c4e46d428L,
-        0xcb6c834f4a178f8fL },
-      { 0x0f993a45d30f917cL,0xd4c4b0499879afeeL,0xb6142a1e70500063L,
-        0x7c9b41c3a5d9d605L } },
-    /* 59 << 224 */
-    { { 0xbc00fc2f2f8ba2c7L,0x0966eb2f7c67aa28L,0x13f7b5165a786972L,
-        0x3bfb75578a2fbba0L },
-      { 0x131c4f235a2b9620L,0xbff3ed276faf46beL,0x9b4473d17e172323L,
-        0x421e8878339f6246L } },
-    /* 60 << 224 */
-    { { 0x0fa8587a25a41632L,0xc0814124a35b6c93L,0x2b18a9f559ebb8dbL,
-        0x264e335776edb29cL },
-      { 0xaf245ccdc87c51e2L,0x16b3015b501e6214L,0xbb31c5600a3882ceL,
-        0x6961bb94fec11e04L } },
-    /* 61 << 224 */
-    { { 0x3b825b8deff7a3a0L,0xbec33738b1df7326L,0x68ad747c99604a1fL,
-        0xd154c9349a3bd499L },
-      { 0xac33506f1cc7a906L,0x73bb53926c560e8fL,0x6428fcbe263e3944L,
-        0xc11828d51c387434L } },
-    /* 62 << 224 */
-    { { 0x3cd04be13e4b12ffL,0xc3aad9f92d88667cL,0xc52ddcf8248120cfL,
-        0x985a892e2a389532L },
-      { 0xfbb4b21b3bb85fa0L,0xf95375e08dfc6269L,0xfb4fb06c7ee2aceaL,
-        0x6785426e309c4d1fL } },
-    /* 63 << 224 */
-    { { 0x659b17c8d8ceb147L,0x9b649eeeb70a5554L,0x6b7fa0b5ac6bc634L,
-        0xd99fe2c71d6e732fL },
-      { 0x30e6e7628d3abba2L,0x18fee6e7a797b799L,0x5c9d360dc696464dL,
-        0xe3baeb4827bfde12L } },
-    /* 64 << 224 */
-    { { 0x2bf5db47f23206d5L,0x2f6d34201d260152L,0x17b876533f8ff89aL,
-        0x5157c30c378fa458L },
-      { 0x7517c5c52d4fb936L,0xef22f7ace6518cdcL,0xdeb483e6bf847a64L,
-        0xf508455892e0fa89L } },
-    /* 0 << 231 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 231 */
-    { { 0xab9659d8df7304d4L,0xb71bcf1bff210e8eL,0xa9a2438bd73fbd60L,
-        0x4595cd1f5d11b4deL },
-      { 0x9c0d329a4835859dL,0x4a0f0d2d7dbb6e56L,0xc6038e5edf928a4eL,
-        0xc94296218f5ad154L } },
-    /* 2 << 231 */
-    { { 0x91213462f23f2d92L,0x6cab71bd60b94078L,0x6bdd0a63176cde20L,
-        0x54c9b20cee4d54bcL },
-      { 0x3cd2d8aa9f2ac02fL,0x03f8e617206eedb0L,0xc7f68e1693086434L,
-        0x831469c592dd3db9L } },
-    /* 3 << 231 */
-    { { 0x8521df248f981354L,0x587e23ec3588a259L,0xcbedf281d7a0992cL,
-        0x06930a5538961407L },
-      { 0x09320debbe5bbe21L,0xa7ffa5b52491817fL,0xe6c8b4d909065160L,
-        0xac4f3992fff6d2a9L } },
-    /* 4 << 231 */
-    { { 0x7aa7a1583ae9c1bdL,0xe0af6d98e37ce240L,0xe54342d928ab38b4L,
-        0xe8b750070a1c98caL },
-      { 0xefce86afe02358f2L,0x31b8b856ea921228L,0x052a19120a1c67fcL,
-        0xb4069ea4e3aead59L } },
-    /* 5 << 231 */
-    { { 0x3232d6e27fa03cb3L,0xdb938e5b0fdd7d88L,0x04c1d2cd2ccbfc5dL,
-        0xd2f45c12af3a580fL },
-      { 0x592620b57883e614L,0x5fd27e68be7c5f26L,0x139e45a91567e1e3L,
-        0x2cc71d2d44d8aaafL } },
-    /* 6 << 231 */
-    { { 0x4a9090cde36d0757L,0xf722d7b1d9a29382L,0xfb7fb04c04b48ddfL,
-        0x628ad2a7ebe16f43L },
-      { 0xcd3fbfb520226040L,0x6c34ecb15104b6c4L,0x30c0754ec903c188L,
-        0xec336b082d23cab0L } },
-    /* 7 << 231 */
-    { { 0x473d62a21e206ee5L,0xf1e274808c49a633L,0x87ab956ce9f6b2c3L,
-        0x61830b4862b606eaL },
-      { 0x67cd6846e78e815fL,0xfe40139f4c02082aL,0x52bbbfcb952ec365L,
-        0x74c116426b9836abL } },
-    /* 8 << 231 */
-    { { 0x9f51439e558df019L,0x230da4baac712b27L,0x518919e355185a24L,
-        0x4dcefcdd84b78f50L },
-      { 0xa7d90fb2a47d4c5aL,0x55ac9abfb30e009eL,0xfd2fc35974eed273L,
-        0xb72d824cdbea8fafL } },
-    /* 9 << 231 */
-    { { 0xce721a744513e2caL,0x0b41861238240b2cL,0x05199968d5baa450L,
-        0xeb1757ed2b0e8c25L },
-      { 0x6ebc3e283dfac6d5L,0xb2431e2e48a237f5L,0x2acb5e2352f61499L,
-        0x5558a2a7e06c936bL } },
-    /* 10 << 231 */
-    { { 0xd213f923cbb13d1bL,0x98799f425bfb9bfeL,0x1ae8ddc9701144a9L,
-        0x0b8b3bb64c5595eeL },
-      { 0x0ea9ef2e3ecebb21L,0x17cb6c4b3671f9a7L,0x47ef464f726f1d1fL,
-        0x171b94846943a276L } },
-    /* 11 << 231 */
-    { { 0x51a4ae2d7ef0329cL,0x0850922291c4402aL,0x64a61d35afd45bbcL,
-        0x38f096fe3035a851L },
-      { 0xc7468b74a1dec027L,0xe8cf10e74fc7dcbaL,0xea35ff40f4a06353L,
-        0x0b4c0dfa8b77dd66L } },
-    /* 12 << 231 */
-    { { 0x779b8552de7e5c19L,0xfab28609c1c0256cL,0x64f58eeeabd4743dL,
-        0x4e8ef8387b6cc93bL },
-      { 0xee650d264cb1bf3dL,0x4c1f9d0973dedf61L,0xaef7c9d7bfb70cedL,
-        0x1ec0507e1641de1eL } },
-    /* 13 << 231 */
-    { { 0xcd7e5cc7cde45079L,0xde173c9a516ac9e4L,0x517a8494c170315cL,
-        0x438fd90591d8e8fbL },
-      { 0x5145c506c7d9630bL,0x6457a87bf47d4d75L,0xd31646bf0d9a80e8L,
-        0x453add2bcef3aabeL } },
-    /* 14 << 231 */
-    { { 0xc9941109a607419dL,0xfaa71e62bb6bca80L,0x34158c1307c431f3L,
-        0x594abebc992bc47aL },
-      { 0x6dfea691eb78399fL,0x48aafb353f42cba4L,0xedcd65af077c04f0L,
-        0x1a29a366e884491aL } },
-    /* 15 << 231 */
-    { { 0x023a40e51c21f2bfL,0xf99a513ca5057aeeL,0xa3fe7e25bcab072eL,
-        0x8568d2e140e32bcfL },
-      { 0x904594ebd3f69d9fL,0x181a973307affab1L,0xe4d68d76b6e330f4L,
-        0x87a6dafbc75a7fc1L } },
-    /* 16 << 231 */
-    { { 0x549db2b5ef7d9289L,0x2480d4a8197f015aL,0x61d5590bc40493b6L,
-        0x3a55b52e6f780331L },
-      { 0x40eb8115309eadb0L,0xdea7de5a92e5c625L,0x64d631f0cc6a3d5aL,
-        0x9d5e9d7c93e8dd61L } },
-    /* 17 << 231 */
-    { { 0xf297bef5206d3ffcL,0x23d5e0337d808bd4L,0x4a4f6912d24cf5baL,
-        0xe4d8163b09cdaa8aL },
-      { 0x0e0de9efd3082e8eL,0x4fe1246c0192f360L,0x1f9001504b8eee0aL,
-        0x5219da81f1da391bL } },
-    /* 18 << 231 */
-    { { 0x7bf6a5c1f7ea25aaL,0xd165e6bffbb07d5fL,0xe353936189e78671L,
-        0xa3fcac892bac4219L },
-      { 0xdfab6fd4f0baa8abL,0x5a4adac1e2c1c2e5L,0x6cd75e3140d85849L,
-        0xce263fea19b39181L } },
-    /* 19 << 231 */
-    { { 0xcb6803d307032c72L,0x7f40d5ce790968c8L,0xa6de86bddce978f0L,
-        0x25547c4f368f751cL },
-      { 0xb1e685fd65fb2a9eL,0xce69336f1eb9179cL,0xb15d1c2712504442L,
-        0xb7df465cb911a06bL } },
-    /* 20 << 231 */
-    { { 0xb8d804a3315980cdL,0x693bc492fa3bebf7L,0x3578aeee2253c504L,
-        0x158de498cd2474a2L },
-      { 0x1331f5c7cfda8368L,0xd2d7bbb378d7177eL,0xdf61133af3c1e46eL,
-        0x5836ce7dd30e7be8L } },
-    /* 21 << 231 */
-    { { 0x83084f1994f834cbL,0xd35653d4429ed782L,0xa542f16f59e58243L,
-        0xc2b52f650470a22dL },
-      { 0xe3b6221b18f23d96L,0xcb05abac3f5252b4L,0xca00938b87d61402L,
-        0x2f186cdd411933e4L } },
-    /* 22 << 231 */
-    { { 0xe042ece59a29a5c5L,0xb19b3c073b6c8402L,0xc97667c719d92684L,
-        0xb5624622ebc66372L },
-      { 0x0cb96e653c04fa02L,0x83a7176c8eaa39aaL,0x2033561deaa1633fL,
-        0x45a9d0864533df73L } },
-    /* 23 << 231 */
-    { { 0xe0542c1d3dc090bcL,0x82c996efaa59c167L,0xe3f735e80ee7fc4dL,
-        0x7b1793937c35db79L },
-      { 0xb6419e25f8c5dbfdL,0x4d9d7a1e1f327b04L,0x979f6f9b298dfca8L,
-        0xc7c5dff18de9366aL } },
-    /* 24 << 231 */
-    { { 0x1b7a588d04c82bddL,0x68005534f8319dfdL,0xde8a55b5d8eb9580L,
-        0x5ea886da8d5bca81L },
-      { 0xe8530a01252a0b4dL,0x1bffb4fe35eaa0a1L,0x2ad828b1d8e99563L,
-        0x7de96ef595f9cd87L } },
-    /* 25 << 231 */
-    { { 0x4abb2d0cd77d970cL,0x03cfb933d33ef9cbL,0xb0547c018b211fe9L,
-        0x2fe64809a56ed1c6L },
-      { 0xcb7d5624c2ac98ccL,0x2a1372c01a393e33L,0xc8d1ec1c29660521L,
-        0xf3d31b04b37ac3e9L } },
-    /* 26 << 231 */
-    { { 0xa29ae9df5ece6e7cL,0x0603ac8f0facfb55L,0xcfe85b7adda233a5L,
-        0xe618919fbd75f0b8L },
-      { 0xf555a3d299bf1603L,0x1f43afc9f184255aL,0xdcdaf341319a3e02L,
-        0xd3b117ef03903a39L } },
-    /* 27 << 231 */
-    { { 0xe095da1365d1d131L,0x86f16367c37ad03eL,0x5f37389e462cd8ddL,
-        0xc103fa04d67a60e6L },
-      { 0x57c34344f4b478f0L,0xce91edd8e117c98dL,0x001777b0231fc12eL,
-        0x11ae47f2b207bccbL } },
-    /* 28 << 231 */
-    { { 0xd983cf8d20f8a242L,0x7aff5b1df22e1ad8L,0x68fd11d07fc4feb3L,
-        0x5d53ae90b0f1c3e1L },
-      { 0x50fb7905ec041803L,0x85e3c97714404888L,0x0e67faedac628d8fL,
-        0x2e8651506668532cL } },
-    /* 29 << 231 */
-    { { 0x15acaaa46a67a6b0L,0xf4cdee25b25cec41L,0x49ee565ae4c6701eL,
-        0x2a04ca66fc7d63d8L },
-      { 0xeb105018ef0543fbL,0xf709a4f5d1b0d81dL,0x5b906ee62915d333L,
-        0xf4a8741296f1f0abL } },
-    /* 30 << 231 */
-    { { 0xb6b82fa74d82f4c2L,0x90725a606804efb3L,0xbc82ec46adc3425eL,
-        0xb7b805812787843eL },
-      { 0xdf46d91cdd1fc74cL,0xdc1c62cbe783a6c4L,0x59d1b9f31a04cbbaL,
-        0xd87f6f7295e40764L } },
-    /* 31 << 231 */
-    { { 0x02b4cfc1317f4a76L,0x8d2703eb91036bceL,0x98206cc6a5e72a56L,
-        0x57be9ed1cf53fb0fL },
-      { 0x09374571ef0b17acL,0x74b2655ed9181b38L,0xc8f80ea889935d0eL,
-        0xc0d9e94291529936L } },
-    /* 32 << 231 */
-    { { 0x196860411e84e0e5L,0xa5db84d3aea34c93L,0xf9d5bb197073a732L,
-        0xb8d2fe566bcfd7c0L },
-      { 0x45775f36f3eb82faL,0x8cb20cccfdff8b58L,0x1659b65f8374c110L,
-        0xb8b4a422330c789aL } },
-    /* 33 << 231 */
-    { { 0x75e3c3ea6fe8208bL,0xbd74b9e4286e78feL,0x0be2e81bd7d93a1aL,
-        0x7ed06e27dd0a5aaeL },
-      { 0x721f5a586be8b800L,0x428299d1d846db28L,0x95cb8e6b5be88ed3L,
-        0xc3186b231c034e11L } },
-    /* 34 << 231 */
-    { { 0xa6312c9e8977d99bL,0xbe94433183f531e7L,0x8232c0c218d3b1d4L,
-        0x617aae8be1247b73L },
-      { 0x40153fc4282aec3bL,0xc6063d2ff7b8f823L,0x68f10e583304f94cL,
-        0x31efae74ee676346L } },
-    /* 35 << 231 */
-    { { 0xbadb6c6d40a9b97cL,0x14702c634f666256L,0xdeb954f15184b2e3L,
-        0x5184a52694b6ca40L },
-      { 0xfff05337003c32eaL,0x5aa374dd205974c7L,0x9a7638544b0dd71aL,
-        0x459cd27fdeb947ecL } },
-    /* 36 << 231 */
-    { { 0xa6e28161459c2b92L,0x2f020fa875ee8ef5L,0xb132ec2d30b06310L,
-        0xc3e15899bc6a4530L },
-      { 0xdc5f53feaa3f451aL,0x3a3c7f23c2d9acacL,0x2ec2f8926b27e58bL,
-        0x68466ee7d742799fL } },
-    /* 37 << 231 */
-    { { 0x98324dd41fa26613L,0xa2dc6dabbdc29d63L,0xf9675faad712d657L,
-        0x813994be21fd8d15L },
-      { 0x5ccbb722fd4f7553L,0x5135ff8bf3a36b20L,0x44be28af69559df5L,
-        0x40b65bed9d41bf30L } },
-    /* 38 << 231 */
-    { { 0xd98bf2a43734e520L,0x5e3abbe3209bdcbaL,0x77c76553bc945b35L,
-        0x5331c093c6ef14aaL },
-      { 0x518ffe2976b60c80L,0x2285593b7ace16f8L,0xab1f64ccbe2b9784L,
-        0xe8f2c0d9ab2421b6L } },
-    /* 39 << 231 */
-    { { 0x617d7174c1df065cL,0xafeeb5ab5f6578faL,0x16ff1329263b54a8L,
-        0x45c55808c990dce3L },
-      { 0x42eab6c0ecc8c177L,0x799ea9b55982ecaaL,0xf65da244b607ef8eL,
-        0x8ab226ce32a3fc2cL } },
-    /* 40 << 231 */
-    { { 0x745741e57ea973dcL,0x5c00ca7020888f2eL,0x7cdce3cf45fd9cf1L,
-        0x8a741ef15507f872L },
-      { 0x47c51c2f196b4cecL,0x70d08e43c97ea618L,0x930da15c15b18a2bL,
-        0x33b6c6782f610514L } },
-    /* 41 << 231 */
-    { { 0xc662e4f807ac9794L,0x1eccf050ba06cb79L,0x1ff08623e7d954e5L,
-        0x6ef2c5fb24cf71c3L },
-      { 0xb2c063d267978453L,0xa0cf37961d654af8L,0x7cb242ea7ebdaa37L,
-        0x206e0b10b86747e0L } },
-    /* 42 << 231 */
-    { { 0x481dae5fd5ecfefcL,0x07084fd8c2bff8fcL,0x8040a01aea324596L,
-        0x4c646980d4de4036L },
-      { 0x9eb8ab4ed65abfc3L,0xe01cb91f13541ec7L,0x8f029adbfd695012L,
-        0x9ae284833c7569ecL } },
-    /* 43 << 231 */
-    { { 0xa5614c9ea66d80a1L,0x680a3e4475f5f911L,0x0c07b14dceba4fc1L,
-        0x891c285ba13071c1L },
-      { 0xcac67ceb799ece3cL,0x29b910a941e07e27L,0x66bdb409f2e43123L,
-        0x06f8b1377ac9ecbeL } },
-    /* 44 << 231 */
-    { { 0x5981fafd38547090L,0x19ab8b9f85e3415dL,0xfc28c194c7e31b27L,
-        0x843be0aa6fbcbb42L },
-      { 0xf3b1ed43a6db836cL,0x2a1330e401a45c05L,0x4f19f3c595c1a377L,
-        0xa85f39d044b5ee33L } },
-    /* 45 << 231 */
-    { { 0x3da18e6d4ae52834L,0x5a403b397423dcb0L,0xbb555e0af2374aefL,
-        0x2ad599c41e8ca111L },
-      { 0x1b3a2fb9014b3bf8L,0x73092684f66d5007L,0x079f1426c4340102L,
-        0x1827cf818fddf4deL } },
-    /* 46 << 231 */
-    { { 0xc83605f6f10ff927L,0xd387145123739fc6L,0x6d163450cac1c2ccL,
-        0x6b521296a2ec1ac5L },
-      { 0x0606c4f96e3cb4a5L,0xe47d3f41778abff7L,0x425a8d5ebe8e3a45L,
-        0x53ea9e97a6102160L } },
-    /* 47 << 231 */
-    { { 0x477a106e39cbb688L,0x532401d2f3386d32L,0x8e564f64b1b9b421L,
-        0xca9b838881dad33fL },
-      { 0xb1422b4e2093913eL,0x533d2f9269bc8112L,0x3fa017beebe7b2c7L,
-        0xb2767c4acaf197c6L } },
-    /* 48 << 231 */
-    { { 0xc925ff87aedbae9fL,0x7daf0eb936880a54L,0x9284ddf59c4d0e71L,
-        0x1581cf93316f8cf5L },
-      { 0x3eeca8873ac1f452L,0xb417fce9fb6aeffeL,0xa5918046eefb8dc3L,
-        0x73d318ac02209400L } },
-    /* 49 << 231 */
-    { { 0xe800400f728693e5L,0xe87d814b339927edL,0x93e94d3b57ea9910L,
-        0xff8a35b62245fb69L },
-      { 0x043853d77f200d34L,0x470f1e680f653ce1L,0x81ac05bd59a06379L,
-        0xa14052c203930c29L } },
-    /* 50 << 231 */
-    { { 0x6b72fab526bc2797L,0x13670d1699f16771L,0x001700521e3e48d1L,
-        0x978fe401b7adf678L },
-      { 0x55ecfb92d41c5dd4L,0x5ff8e247c7b27da5L,0xe7518272013fb606L,
-        0x5768d7e52f547a3cL } },
-    /* 51 << 231 */
-    { { 0xbb24eaa360017a5fL,0x6b18e6e49c64ce9bL,0xc225c655103dde07L,
-        0xfc3672ae7592f7eaL },
-      { 0x9606ad77d06283a1L,0x542fc650e4d59d99L,0xabb57c492a40e7c2L,
-        0xac948f13a8db9f55L } },
-    /* 52 << 231 */
-    { { 0x6d4c9682b04465c3L,0xe3d062fa6468bd15L,0xa51729ac5f318d7eL,
-        0x1fc87df69eb6fc95L },
-      { 0x63d146a80591f652L,0xa861b8f7589621aaL,0x59f5f15ace31348cL,
-        0x8f663391440da6daL } },
-    /* 53 << 231 */
-    { { 0xcfa778acb591ffa3L,0x027ca9c54cdfebceL,0xbe8e05a5444ea6b3L,
-        0x8aab4e69a78d8254L },
-      { 0x2437f04fb474d6b8L,0x6597ffd4045b3855L,0xbb0aea4eca47ecaaL,
-        0x568aae8385c7ebfcL } },
-    /* 54 << 231 */
-    { { 0x0e966e64c73b2383L,0x49eb3447d17d8762L,0xde1078218da05dabL,
-        0x443d8baa016b7236L },
-      { 0x163b63a5ea7610d6L,0xe47e4185ce1ca979L,0xae648b6580baa132L,
-        0xebf53de20e0d5b64L } },
-    /* 55 << 231 */
-    { { 0x8d3bfcb4d3c8c1caL,0x0d914ef35d04b309L,0x55ef64153de7d395L,
-        0xbde1666f26b850e8L },
-      { 0xdbe1ca6ed449ab19L,0x8902b322e89a2672L,0xb1674b7edacb7a53L,
-        0x8e9faf6ef52523ffL } },
-    /* 56 << 231 */
-    { { 0x6ba535da9a85788bL,0xd21f03aebd0626d4L,0x099f8c47e873dc64L,
-        0xcda8564d018ec97eL },
-      { 0x3e8d7a5cde92c68cL,0x78e035a173323cc4L,0x3ef26275f880ff7cL,
-        0xa4ee3dff273eedaaL } },
-    /* 57 << 231 */
-    { { 0x58823507af4e18f8L,0x967ec9b50672f328L,0x9ded19d9559d3186L,
-        0x5e2ab3de6cdce39cL },
-      { 0xabad6e4d11c226dfL,0xf9783f4387723014L,0x9a49a0cf1a885719L,
-        0xfc0c1a5a90da9dbfL } },
-    /* 58 << 231 */
-    { { 0x8bbaec49571d92acL,0x569e85fe4692517fL,0x8333b014a14ea4afL,
-        0x32f2a62f12e5c5adL },
-      { 0x98c2ce3a06d89b85L,0xb90741aa2ff77a08L,0x2530defc01f795a2L,
-        0xd6e5ba0b84b3c199L } },
-    /* 59 << 231 */
-    { { 0x7d8e845112e4c936L,0xae419f7dbd0be17bL,0xa583fc8c22262bc9L,
-        0x6b842ac791bfe2bdL },
-      { 0x33cef4e9440d6827L,0x5f69f4deef81fb14L,0xf16cf6f6234fbb92L,
-        0x76ae3fc3d9e7e158L } },
-    /* 60 << 231 */
-    { { 0x4e89f6c2e9740b33L,0x677bc85d4962d6a1L,0x6c6d8a7f68d10d15L,
-        0x5f9a72240257b1cdL },
-      { 0x7096b9164ad85961L,0x5f8c47f7e657ab4aL,0xde57d7d0f7461d7eL,
-        0x7eb6094d80ce5ee2L } },
-    /* 61 << 231 */
-    { { 0x0b1e1dfd34190547L,0x8a394f43f05dd150L,0x0a9eb24d97df44e6L,
-        0x78ca06bf87675719L },
-      { 0x6f0b34626ffeec22L,0x9d91bcea36cdd8fbL,0xac83363ca105be47L,
-        0x81ba76c1069710e3L } },
-    /* 62 << 231 */
-    { { 0x3d1b24cb28c682c6L,0x27f252288612575bL,0xb587c779e8e66e98L,
-        0x7b0c03e9405eb1feL },
-      { 0xfdf0d03015b548e7L,0xa8be76e038b36af7L,0x4cdab04a4f310c40L,
-        0x6287223ef47ecaecL } },
-    /* 63 << 231 */
-    { { 0x678e60558b399320L,0x61fe3fa6c01e4646L,0xc482866b03261a5eL,
-        0xdfcf45b85c2f244aL },
-      { 0x8fab9a512f684b43L,0xf796c654c7220a66L,0x1d90707ef5afa58fL,
-        0x2c421d974fdbe0deL } },
-    /* 64 << 231 */
-    { { 0xc4f4cda3af2ebc2fL,0xa0af843dcb4efe24L,0x53b857c19ccd10b1L,
-        0xddc9d1eb914d3e04L },
-      { 0x7bdec8bb62771debL,0x829277aa91c5aa81L,0x7af18dd6832391aeL,
-        0x1740f316c71a84caL } },
-    /* 0 << 238 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 238 */
-    { { 0x8928e99aeeaf8c49L,0xee7aa73d6e24d728L,0x4c5007c2e72b156cL,
-        0x5fcf57c5ed408a1dL },
-      { 0x9f719e39b6057604L,0x7d343c01c2868bbfL,0x2cca254b7e103e2dL,
-        0xe6eb38a9f131bea2L } },
-    /* 2 << 238 */
-    { { 0xb33e624f8be762b4L,0x2a9ee4d1058e3413L,0x968e636967d805faL,
-        0x9848949b7db8bfd7L },
-      { 0x5308d7e5d23a8417L,0x892f3b1df3e29da5L,0xc95c139e3dee471fL,
-        0x8631594dd757e089L } },
-    /* 3 << 238 */
-    { { 0xe0c82a3cde918dccL,0x2e7b599426fdcf4bL,0x82c5024932cb1b2dL,
-        0xea613a9d7657ae07L },
-      { 0xc2eb5f6cf1fdc9f7L,0xb6eae8b8879fe682L,0x253dfee0591cbc7fL,
-        0x000da7133e1290e6L } },
-    /* 4 << 238 */
-    { { 0x1083e2ea1f095615L,0x0a28ad7714e68c33L,0x6bfc02523d8818beL,
-        0xb585113af35850cdL },
-      { 0x7d935f0b30df8aa1L,0xaddda07c4ab7e3acL,0x92c34299552f00cbL,
-        0xc33ed1de2909df6cL } },
-    /* 5 << 238 */
-    { { 0x22c2195d80e87766L,0x9e99e6d89ddf4ac0L,0x09642e4e65e74934L,
-        0x2610ffa2ff1ff241L },
-      { 0x4d1d47d4751c8159L,0x697b4985af3a9363L,0x0318ca4687477c33L,
-        0xa90cb5659441eff3L } },
-    /* 6 << 238 */
-    { { 0x58bb384836f024cbL,0x85be1f7736016168L,0x6c59587cdc7e07f1L,
-        0x191be071af1d8f02L },
-      { 0xbf169fa5cca5e55cL,0x3864ba3cf7d04eacL,0x915e367f8d7d05dbL,
-        0xb48a876da6549e5dL } },
-    /* 7 << 238 */
-    { { 0xef89c656580e40a2L,0xf194ed8c728068bcL,0x74528045a47990c9L,
-        0xf53fc7d75e1a4649L },
-      { 0xbec5ae9b78593e7dL,0x2cac4ee341db65d7L,0xa8c1eb2404a3d39bL,
-        0x53b7d63403f8f3efL } },
-    /* 8 << 238 */
-    { { 0x2dc40d483e07113cL,0x6e4a5d397d8b63aeL,0x5582a94b79684c2bL,
-        0x932b33d4622da26cL },
-      { 0xf534f6510dbbf08dL,0x211d07c964c23a52L,0x0eeece0fee5bdc9bL,
-        0xdf178168f7015558L } },
-    /* 9 << 238 */
-    { { 0xd42946350a712229L,0x93cbe44809273f8cL,0x00b095ef8f13bc83L,
-        0xbb7419728798978cL },
-      { 0x9d7309a256dbe6e7L,0xe578ec565a5d39ecL,0x3961151b851f9a31L,
-        0x2da7715de5709eb4L } },
-    /* 10 << 238 */
-    { { 0x867f301753dfabf0L,0x728d2078b8e39259L,0x5c75a0cd815d9958L,
-        0xf84867a616603be1L },
-      { 0xc865b13d70e35b1cL,0x0241446819b03e2cL,0xe46041daac1f3121L,
-        0x7c9017ad6f028a7cL } },
-    /* 11 << 238 */
-    { { 0xabc96de90a482873L,0x4265d6b1b77e54d4L,0x68c38e79a57d88e7L,
-        0xd461d7669ce82de3L },
-      { 0x817a9ec564a7e489L,0xcc5675cda0def5f2L,0x9a00e785985d494eL,
-        0xc626833f1b03514aL } },
-    /* 12 << 238 */
-    { { 0xabe7905a83cdd60eL,0x50602fb5a1170184L,0x689886cdb023642aL,
-        0xd568d090a6e1fb00L },
-      { 0x5b1922c70259217fL,0x93831cd9c43141e4L,0xdfca35870c95f86eL,
-        0xdec2057a568ae828L } },
-    /* 13 << 238 */
-    { { 0xc44ea599f98a759aL,0x55a0a7a2f7c23c1dL,0xd5ffb6e694c4f687L,
-        0x3563cce212848478L },
-      { 0x812b3517e7b1fbe1L,0x8a7dc9794f7338e0L,0x211ecee952d048dbL,
-        0x2eea4056c86ea3b8L } },
-    /* 14 << 238 */
-    { { 0xd8cb68a7ba772b34L,0xe16ed3415f4e2541L,0x9b32f6a60fec14dbL,
-        0xeee376f7391698beL },
-      { 0xe9a7aa1783674c02L,0x65832f975843022aL,0x29f3a8da5ba4990fL,
-        0x79a59c3afb8e3216L } },
-    /* 15 << 238 */
-    { { 0x9cdc4d2ebd19bb16L,0xc6c7cfd0b3262d86L,0xd4ce14d0969c0b47L,
-        0x1fa352b713e56128L },
-      { 0x383d55b8973db6d3L,0x71836850e8e5b7bfL,0xc7714596e6bb571fL,
-        0x259df31f2d5b2dd2L } },
-    /* 16 << 238 */
-    { { 0x568f8925913cc16dL,0x18bc5b6de1a26f5aL,0xdfa413bef5f499aeL,
-        0xf8835decc3f0ae84L },
-      { 0xb6e60bd865a40ab0L,0x65596439194b377eL,0xbcd8562592084a69L,
-        0x5ce433b94f23ede0L } },
-    /* 17 << 238 */
-    { { 0xe8e8f04f6ad65143L,0x11511827d6e14af6L,0x3d390a108295c0c7L,
-        0x71e29ee4621eba16L },
-      { 0xa588fc0963717b46L,0x02be02fee06ad4a2L,0x931558c604c22b22L,
-        0xbb4d4bd612f3c849L } },
-    /* 18 << 238 */
-    { { 0x54a4f49620efd662L,0x92ba6d20c5952d14L,0x2db8ea1ecc9784c2L,
-        0x81cc10ca4b353644L },
-      { 0x40b570ad4b4d7f6cL,0x5c9f1d9684a1dcd2L,0x01379f813147e797L,
-        0xe5c6097b2bd499f5L } },
-    /* 19 << 238 */
-    { { 0x40dcafa6328e5e20L,0xf7b5244a54815550L,0xb9a4f11847bfc978L,
-        0x0ea0e79fd25825b1L },
-      { 0xa50f96eb646c7ecfL,0xeb811493446dea9dL,0x2af04677dfabcf69L,
-        0xbe3a068fc713f6e8L } },
-    /* 20 << 238 */
-    { { 0x860d523d42e06189L,0xbf0779414e3aff13L,0x0b616dcac1b20650L,
-        0xe66dd6d12131300dL },
-      { 0xd4a0fd67ff99abdeL,0xc9903550c7aac50dL,0x022ecf8b7c46b2d7L,
-        0x3333b1e83abf92afL } },
-    /* 21 << 238 */
-    { { 0x11cc113c6c491c14L,0x0597668880dd3f88L,0xf5b4d9e729d932edL,
-        0xe982aad8a2c38b6dL },
-      { 0x6f9253478be0dcf0L,0x700080ae65ca53f2L,0xd8131156443ca77fL,
-        0xe92d6942ec51f984L } },
-    /* 22 << 238 */
-    { { 0xd2a08af885dfe9aeL,0xd825d9a54d2a86caL,0x2c53988d39dff020L,
-        0xf38b135a430cdc40L },
-      { 0x0c918ae062a7150bL,0xf31fd8de0c340e9bL,0xafa0e7ae4dbbf02eL,
-        0x5847fb2a5eba6239L } },
-    /* 23 << 238 */
-    { { 0x6b1647dcdccbac8bL,0xb642aa7806f485c8L,0x873f37657038ecdfL,
-        0x2ce5e865fa49d3feL },
-      { 0xea223788c98c4400L,0x8104a8cdf1fa5279L,0xbcf7cc7a06becfd7L,
-        0x49424316c8f974aeL } },
-    /* 24 << 238 */
-    { { 0xc0da65e784d6365dL,0xbcb7443f8f759fb8L,0x35c712b17ae81930L,
-        0x80428dff4c6e08abL },
-      { 0xf19dafefa4faf843L,0xced8538dffa9855fL,0x20ac409cbe3ac7ceL,
-        0x358c1fb6882da71eL } },
-    /* 25 << 238 */
-    { { 0xafa9c0e5fd349961L,0x2b2cfa518421c2fcL,0x2a80db17f3a28d38L,
-        0xa8aba5395d138e7eL },
-      { 0x52012d1d6e96eb8dL,0x65d8dea0cbaf9622L,0x57735447b264f56cL,
-        0xbeebef3f1b6c8da2L } },
-    /* 26 << 238 */
-    { { 0xfc346d98ce785254L,0xd50e8d72bb64a161L,0xc03567c749794addL,
-        0x15a76065752c7ef6L },
-      { 0x59f3a222961f23d6L,0x378e443873ecc0b0L,0xc74be4345a82fde4L,
-        0xae509af2d8b9cf34L } },
-    /* 27 << 238 */
-    { { 0x4a61ee46577f44a1L,0xe09b748cb611deebL,0xc0481b2cf5f7b884L,
-        0x3562667861acfa6bL },
-      { 0x37f4c518bf8d21e6L,0x22d96531b205a76dL,0x37fb85e1954073c0L,
-        0xbceafe4f65b3a567L } },
-    /* 28 << 238 */
-    { { 0xefecdef7be42a582L,0xd3fc608065046be6L,0xc9af13c809e8dba9L,
-        0x1e6c9847641491ffL },
-      { 0x3b574925d30c31f7L,0xb7eb72baac2a2122L,0x776a0dacef0859e7L,
-        0x06fec31421900942L } },
-    /* 29 << 238 */
-    { { 0x2464bc10f8c22049L,0x9bfbcce7875ebf69L,0xd7a88e2a4336326bL,
-        0xda05261c5bc2acfaL },
-      { 0xc29f5bdceba7efc8L,0x471237ca25dbbf2eL,0xa72773f22975f127L,
-        0xdc744e8e04d0b326L } },
-    /* 30 << 238 */
-    { { 0x38a7ed16a56edb73L,0x64357e372c007e70L,0xa167d15b5080b400L,
-        0x07b4116423de4be1L },
-      { 0xb2d91e3274c89883L,0x3c1628212882e7edL,0xad6b36ba7503e482L,
-        0x48434e8e0ea34331L } },
-    /* 31 << 238 */
-    { { 0x79f4f24f2c7ae0b9L,0xc46fbf811939b44aL,0x76fefae856595eb1L,
-        0x417b66abcd5f29c7L },
-      { 0x5f2332b2c5ceec20L,0xd69661ffe1a1cae2L,0x5ede7e529b0286e6L,
-        0x9d062529e276b993L } },
-    /* 32 << 238 */
-    { { 0x324794b07e50122bL,0xdd744f8b4af07ca5L,0x30a12f08d63fc97bL,
-        0x39650f1a76626d9dL },
-      { 0x101b47f71fa38477L,0x3d815f19d4dc124fL,0x1569ae95b26eb58aL,
-        0xc3cde18895fb1887L } },
-    /* 33 << 238 */
-    { { 0x54e9f37bf9539a48L,0xb0100e067408c1a5L,0x821d9811ea580cbbL,
-        0x8af52d3586e50c56L },
-      { 0xdfbd9d47dbbf698bL,0x2961a1ea03dc1c73L,0x203d38f8e76a5df8L,
-        0x08a53a686def707aL } },
-    /* 34 << 238 */
-    { { 0x26eefb481bee45d4L,0xb3cee3463c688036L,0x463c5315c42f2469L,
-        0x19d84d2e81378162L },
-      { 0x22d7c3c51c4d349fL,0x65965844163d59c5L,0xcf198c56b8abceaeL,
-        0x6fb1fb1b628559d5L } },
-    /* 35 << 238 */
-    { { 0x8bbffd0607bf8fe3L,0x46259c583467734bL,0xd8953cea35f7f0d3L,
-        0x1f0bece2d65b0ff1L },
-      { 0xf7d5b4b3f3c72914L,0x29e8ea953cb53389L,0x4a365626836b6d46L,
-        0xe849f910ea174fdeL } },
-    /* 36 << 238 */
-    { { 0x7ec62fbbf4737f21L,0xd8dba5ab6209f5acL,0x24b5d7a9a5f9adbeL,
-        0x707d28f7a61dc768L },
-      { 0x7711460bcaa999eaL,0xba7b174d1c92e4ccL,0x3c4bab6618d4bf2dL,
-        0xb8f0c980eb8bd279L } },
-    /* 37 << 238 */
-    { { 0x024bea9a324b4737L,0xfba9e42332a83bcaL,0x6e635643a232dcedL,
-        0x996193672571c8baL },
-      { 0xe8c9f35754b7032bL,0xf936b3ba2442d54aL,0x2263f0f08290c65aL,
-        0x48989780ee2c7fdbL } },
-    /* 38 << 238 */
-    { { 0xadc5d55a13d4f95eL,0x737cff85ad9b8500L,0x271c557b8a73f43dL,
-        0xbed617a4e18bc476L },
-      { 0x662454017dfd8ab2L,0xae7b89ae3a2870aaL,0x1b555f5323a7e545L,
-        0x6791e247be057e4cL } },
-    /* 39 << 238 */
-    { { 0x860136ad324fa34dL,0xea1114474cbeae28L,0x023a4270bedd3299L,
-        0x3d5c3a7fc1c35c34L },
-      { 0xb0f6db678d0412d2L,0xd92625e2fcdc6b9aL,0x92ae5ccc4e28a982L,
-        0xea251c3647a3ce7eL } },
-    /* 40 << 238 */
-    { { 0x9d658932790691bfL,0xed61058906b736aeL,0x712c2f04c0d63b6eL,
-        0x5cf06fd5c63d488fL },
-      { 0x97363facd9588e41L,0x1f9bf7622b93257eL,0xa9d1ffc4667acaceL,
-        0x1cf4a1aa0a061ecfL } },
-    /* 41 << 238 */
-    { { 0x40e48a49dc1818d0L,0x0643ff39a3621ab0L,0x5768640ce39ef639L,
-        0x1fc099ea04d86854L },
-      { 0x9130b9c3eccd28fdL,0xd743cbd27eec54abL,0x052b146fe5b475b6L,
-        0x058d9a82900a7d1fL } },
-    /* 42 << 238 */
-    { { 0x65e0229291262b72L,0x96f924f9bb0edf03L,0x5cfa59c8fe206842L,
-        0xf60370045eafa720L },
-      { 0x5f30699e18d7dd96L,0x381e8782cbab2495L,0x91669b46dd8be949L,
-        0xb40606f526aae8efL } },
-    /* 43 << 238 */
-    { { 0x2812b839fc6751a4L,0x16196214fba800efL,0x4398d5ca4c1a2875L,
-        0x720c00ee653d8349L },
-      { 0xc2699eb0d820007cL,0x880ee660a39b5825L,0x70694694471f6984L,
-        0xf7d16ea8e3dda99aL } },
-    /* 44 << 238 */
-    { { 0x28d675b2c0519a23L,0x9ebf94fe4f6952e3L,0xf28bb767a2294a8aL,
-        0x85512b4dfe0af3f5L },
-      { 0x18958ba899b16a0dL,0x95c2430cba7548a7L,0xb30d1b10a16be615L,
-        0xe3ebbb9785bfb74cL } },
-    /* 45 << 238 */
-    { { 0xa3273cfe18549fdbL,0xf6e200bf4fcdb792L,0x54a76e1883aba56cL,
-        0x73ec66f689ef6aa2L },
-      { 0x8d17add7d1b9a305L,0xa959c5b9b7ae1b9dL,0x886435226bcc094aL,
-        0xcc5616c4d7d429b9L } },
-    /* 46 << 238 */
-    { { 0xa6dada01e6a33f7cL,0xc6217a079d4e70adL,0xd619a81809c15b7cL,
-        0xea06b3290e80c854L },
-      { 0x174811cea5f5e7b9L,0x66dfc310787c65f4L,0x4ea7bd693316ab54L,
-        0xc12c4acb1dcc0f70L } },
-    /* 47 << 238 */
-    { { 0xe4308d1a1e407dd9L,0xe8a3587c91afa997L,0xea296c12ab77b7a5L,
-        0xb5ad49e4673c0d52L },
-      { 0x40f9b2b27006085aL,0xa88ff34087bf6ec2L,0x978603b14e3066a6L,
-        0xb3f99fc2b5e486e2L } },
-    /* 48 << 238 */
-    { { 0x07b53f5eb2e63645L,0xbe57e54784c84232L,0xd779c2167214d5cfL,
-        0x617969cd029a3acaL },
-      { 0xd17668cd8a7017a0L,0x77b4d19abe9b7ee8L,0x58fd0e939c161776L,
-        0xa8c4f4efd5968a72L } },
-    /* 49 << 238 */
-    { { 0x296071cc67b3de77L,0xae3c0b8e634f7905L,0x67e440c28a7100c9L,
-        0xbb8c3c1beb4b9b42L },
-      { 0x6d71e8eac51b3583L,0x7591f5af9525e642L,0xf73a2f7b13f509f3L,
-        0x618487aa5619ac9bL } },
-    /* 50 << 238 */
-    { { 0x3a72e5f79d61718aL,0x00413bcc7592d28cL,0x7d9b11d3963c35cfL,
-        0x77623bcfb90a46edL },
-      { 0xdeef273bdcdd2a50L,0x4a741f9b0601846eL,0x33b89e510ec6e929L,
-        0xcb02319f8b7f22cdL } },
-    /* 51 << 238 */
-    { { 0xbbe1500d084bae24L,0x2f0ae8d7343d2693L,0xacffb5f27cdef811L,
-        0xaa0c030a263fb94fL },
-      { 0x6eef0d61a0f442deL,0xf92e181727b139d3L,0x1ae6deb70ad8bc28L,
-        0xa89e38dcc0514130L } },
-    /* 52 << 238 */
-    { { 0x81eeb865d2fdca23L,0x5a15ee08cc8ef895L,0x768fa10a01905614L,
-        0xeff5b8ef880ee19bL },
-      { 0xf0c0cabbcb1c8a0eL,0x2e1ee9cdb8c838f9L,0x0587d8b88a4a14c0L,
-        0xf6f278962ff698e5L } },
-    /* 53 << 238 */
-    { { 0xed38ef1c89ee6256L,0xf44ee1fe6b353b45L,0x9115c0c770e903b3L,
-        0xc78ec0a1818f31dfL },
-      { 0x6c003324b7dccbc6L,0xd96dd1f3163bbc25L,0x33aa82dd5cedd805L,
-        0x123aae4f7f7eb2f1L } },
-    /* 54 << 238 */
-    { { 0x1723fcf5a26262cdL,0x1f7f4d5d0060ebd5L,0xf19c5c01b2eaa3afL,
-        0x2ccb9b149790accfL },
-      { 0x1f9c1cad52324aa6L,0x632005267247df54L,0x5732fe42bac96f82L,
-        0x52fe771f01a1c384L } },
-    /* 55 << 238 */
-    { { 0x546ca13db1001684L,0xb56b4eeea1709f75L,0x266545a9d5db8672L,
-        0xed971c901e8f3cfbL },
-      { 0x4e7d8691e3a07b29L,0x7570d9ece4b696b9L,0xdc5fa0677bc7e9aeL,
-        0x68b44cafc82c4844L } },
-    /* 56 << 238 */
-    { { 0x519d34b3bf44da80L,0x283834f95ab32e66L,0x6e6087976278a000L,
-        0x1e62960e627312f6L },
-      { 0x9b87b27be6901c55L,0x80e7853824fdbc1fL,0xbbbc09512facc27dL,
-        0x06394239ac143b5aL } },
-    /* 57 << 238 */
-    { { 0x35bb4a40376c1944L,0x7cb6269463da1511L,0xafd29161b7148a3bL,
-        0xa6f9d9ed4e2ea2eeL },
-      { 0x15dc2ca2880dd212L,0x903c3813a61139a9L,0x2aa7b46d6c0f8785L,
-        0x36ce2871901c60ffL } },
-    /* 58 << 238 */
-    { { 0xc683b028e10d9c12L,0x7573baa2032f33d3L,0x87a9b1f667a31b58L,
-        0xfd3ed11af4ffae12L },
-      { 0x83dcaa9a0cb2748eL,0x8239f0185d6fdf16L,0xba67b49c72753941L,
-        0x2beec455c321cb36L } },
-    /* 59 << 238 */
-    { { 0x880156063f8b84ceL,0x764170838d38c86fL,0x054f1ca7598953ddL,
-        0xc939e1104e8e7429L },
-      { 0x9b1ac2b35a914f2fL,0x39e35ed3e74b8f9cL,0xd0debdb2781b2fb0L,
-        0x1585638f2d997ba2L } },
-    /* 60 << 238 */
-    { { 0x9c4b646e9e2fce99L,0x68a210811e80857fL,0x06d54e443643b52aL,
-        0xde8d6d630d8eb843L },
-      { 0x7032156342146a0aL,0x8ba826f25eaa3622L,0x227a58bd86138787L,
-        0x43b6c03c10281d37L } },
-    /* 61 << 238 */
-    { { 0x6326afbbb54dde39L,0x744e5e8adb6f2d5fL,0x48b2a99acff158e1L,
-        0xa93c8fa0ef87918fL },
-      { 0x2182f956de058c5cL,0x216235d2936f9e7aL,0xace0c0dbd2e31e67L,
-        0xc96449bff23ac3e7L } },
-    /* 62 << 238 */
-    { { 0x7e9a2874170693bdL,0xa28e14fda45e6335L,0x5757f6b356427344L,
-        0x822e4556acf8edf9L },
-      { 0x2b7a6ee2e6a285cdL,0x5866f211a9df3af0L,0x40dde2ddf845b844L,
-        0x986c3726110e5e49L } },
-    /* 63 << 238 */
-    { { 0x73680c2af7172277L,0x57b94f0f0cccb244L,0xbdff72672d438ca7L,
-        0xbad1ce11cf4663fdL },
-      { 0x9813ed9dd8f71caeL,0xf43272a6961fdaa6L,0xbeff0119bd6d1637L,
-        0xfebc4f9130361978L } },
-    /* 64 << 238 */
-    { { 0x02b37a952f41deffL,0x0e44a59ae63b89b7L,0x673257dc143ff951L,
-        0x19c02205d752baf4L },
-      { 0x46c23069c4b7d692L,0x2e6392c3fd1502acL,0x6057b1a21b220846L,
-        0xe51ff9460c1b5b63L } },
-    /* 0 << 245 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 245 */
-    { { 0x6e85cb51566c5c43L,0xcff9c9193597f046L,0x9354e90c4994d94aL,
-        0xe0a393322147927dL },
-      { 0x8427fac10dc1eb2bL,0x88cfd8c22ff319faL,0xe2d4e68401965274L,
-        0xfa2e067d67aaa746L } },
-    /* 2 << 245 */
-    { { 0xb6d92a7f3e5f9f11L,0x9afe153ad6cb3b8eL,0x4d1a6dd7ddf800bdL,
-        0xf6c13cc0caf17e19L },
-      { 0x15f6c58e325fc3eeL,0x71095400a31dc3b2L,0x168e7c07afa3d3e7L,
-        0x3f8417a194c7ae2dL } },
-    /* 3 << 245 */
-    { { 0xec234772813b230dL,0x634d0f5f17344427L,0x11548ab1d77fc56aL,
-        0x7fab1750ce06af77L },
-      { 0xb62c10a74f7c4f83L,0xa7d2edc4220a67d9L,0x1c404170921209a0L,
-        0x0b9815a0face59f0L } },
-    /* 4 << 245 */
-    { { 0x2842589b319540c3L,0x18490f59a283d6f8L,0xa2731f84daae9fcbL,
-        0x3db6d960c3683ba0L },
-      { 0xc85c63bb14611069L,0xb19436af0788bf05L,0x905459df347460d2L,
-        0x73f6e094e11a7db1L } },
-    /* 5 << 245 */
-    { { 0xdc7f938eb6357f37L,0xc5d00f792bd8aa62L,0xc878dcb92ca979fcL,
-        0x37e83ed9eb023a99L },
-      { 0x6b23e2731560bf3dL,0x1086e4591d0fae61L,0x782483169a9414bdL,
-        0x1b956bc0f0ea9ea1L } },
-    /* 6 << 245 */
-    { { 0x7b85bb91c31b9c38L,0x0c5aa90b48ef57b5L,0xdedeb169af3bab6fL,
-        0xe610ad732d373685L },
-      { 0xf13870df02ba8e15L,0x0337edb68ca7f771L,0xe4acf747b62c036cL,
-        0xd921d576b6b94e81L } },
-    /* 7 << 245 */
-    { { 0xdbc864392c422f7aL,0xfb635362ed348898L,0x83084668c45bfcd1L,
-        0xc357c9e32b315e11L },
-      { 0xb173b5405b2e5b8cL,0x7e946931e102b9a4L,0x17c890eb7b0fb199L,
-        0xec225a83d61b662bL } },
-    /* 8 << 245 */
-    { { 0xf306a3c8ee3c76cbL,0x3cf11623d32a1f6eL,0xe6d5ab646863e956L,
-        0x3b8a4cbe5c005c26L },
-      { 0xdcd529a59ce6bb27L,0xc4afaa5204d4b16fL,0xb0624a267923798dL,
-        0x85e56df66b307fabL } },
-    /* 9 << 245 */
-    { { 0x0281893c2bf29698L,0x91fc19a4d7ce7603L,0x75a5dca3ad9a558fL,
-        0x40ceb3fa4d50bf77L },
-      { 0x1baf6060bc9ba369L,0x927e1037597888c2L,0xd936bf1986a34c07L,
-        0xd4cf10c1c34ae980L } },
-    /* 10 << 245 */
-    { { 0x3a3e5334859dd614L,0x9c475b5b18d0c8eeL,0x63080d1f07cd51d5L,
-        0xc9c0d0a6b88b4326L },
-      { 0x1ac98691c234296fL,0x2a0a83a494887fb6L,0x565114270cea9cf2L,
-        0x5230a6e8a24802f5L } },
-    /* 11 << 245 */
-    { { 0xf7a2bf0f72e3d5c1L,0x377174464f21439eL,0xfedcbf259ce30334L,
-        0xe0030a787ce202f9L },
-      { 0x6f2d9ebf1202e9caL,0xe79dde6c75e6e591L,0xf52072aff1dac4f8L,
-        0x6c8d087ebb9b404dL } },
-    /* 12 << 245 */
-    { { 0xad0fc73dbce913afL,0x909e587b458a07cbL,0x1300da84d4f00c8aL,
-        0x425cd048b54466acL },
-      { 0xb59cb9be90e9d8bfL,0x991616db3e431b0eL,0xd3aa117a531aecffL,
-        0x91af92d359f4dc3bL } },
-    /* 13 << 245 */
-    { { 0x9b1ec292e93fda29L,0x76bb6c17e97d91bcL,0x7509d95faface1e6L,
-        0x3653fe47be855ae3L },
-      { 0x73180b280f680e75L,0x75eefd1beeb6c26cL,0xa4cdf29fb66d4236L,
-        0x2d70a9976b5821d8L } },
-    /* 14 << 245 */
-    { { 0x7a3ee20720445c36L,0x71d1ac8259877174L,0x0fc539f7949f73e9L,
-        0xd05cf3d7982e3081L },
-      { 0x8758e20b7b1c7129L,0xffadcc20569e61f2L,0xb05d3a2f59544c2dL,
-        0xbe16f5c19fff5e53L } },
-    /* 15 << 245 */
-    { { 0x73cf65b8aad58135L,0x622c2119037aa5beL,0x79373b3f646fd6a0L,
-        0x0e029db50d3978cfL },
-      { 0x8bdfc43794fba037L,0xaefbd687620797a6L,0x3fa5382bbd30d38eL,
-        0x7627cfbf585d7464L } },
-    /* 16 << 245 */
-    { { 0xb2330fef4e4ca463L,0xbcef72873566cc63L,0xd161d2cacf780900L,
-        0x135dc5395b54827dL },
-      { 0x638f052e27bf1bc6L,0x10a224f007dfa06cL,0xe973586d6d3321daL,
-        0x8b0c573826152c8fL } },
-    /* 17 << 245 */
-    { { 0x07ef4f2a34606074L,0x80fe7fe8a0f7047aL,0x3d1a8152e1a0e306L,
-        0x32cf43d888da5222L },
-      { 0xbf89a95f5f02ffe6L,0x3d9eb9a4806ad3eaL,0x012c17bb79c8e55eL,
-        0xfdcd1a7499c81dacL } },
-    /* 18 << 245 */
-    { { 0x7043178bb9556098L,0x4090a1df801c3886L,0x759800ff9b67b912L,
-        0x3e5c0304232620c8L },
-      { 0x4b9d3c4b70dceecaL,0xbb2d3c15181f648eL,0xf981d8376e33345cL,
-        0xb626289b0cf2297aL } },
-    /* 19 << 245 */
-    { { 0x766ac6598baebdcfL,0x1a28ae0975df01e5L,0xb71283da375876d8L,
-        0x4865a96d607b9800L },
-      { 0x25dd1bcd237936b2L,0x332f4f4b60417494L,0xd0923d68370a2147L,
-        0x497f5dfbdc842203L } },
-    /* 20 << 245 */
-    { { 0x9dc74cbd32be5e0fL,0x7475bcb717a01375L,0x438477c950d872b1L,
-        0xcec67879ffe1d63dL },
-      { 0x9b006014d8578c70L,0xc9ad99a878bb6b8bL,0x6799008e11fb3806L,
-        0xcfe81435cd44cab3L } },
-    /* 21 << 245 */
-    { { 0xa2ee15822f4fb344L,0xb8823450483fa6ebL,0x622d323d652c7749L,
-        0xd8474a98beb0a15bL },
-      { 0xe43c154d5d1c00d0L,0x7fd581d90e3e7aacL,0x2b44c6192525ddf8L,
-        0x67a033ebb8ae9739L } },
-    /* 22 << 245 */
-    { { 0x113ffec19ef2d2e4L,0x1bf6767ed5a0ea7fL,0x57fff75e03714c0aL,
-        0xa23c422e0a23e9eeL },
-      { 0xdd5f6b2d540f83afL,0xc2c2c27e55ea46a7L,0xeb6b4246672a1208L,
-        0xd13599f7ae634f7aL } },
-    /* 23 << 245 */
-    { { 0xcf914b5cd7b32c6eL,0x61a5a640eaf61814L,0x8dc3df8b208a1bbbL,
-        0xef627fd6b6d79aa5L },
-      { 0x44232ffcc4c86bc8L,0xe6f9231b061539feL,0x1d04f25a958b9533L,
-        0x180cf93449e8c885L } },
-    /* 24 << 245 */
-    { { 0x896895959884aaf7L,0xb1959be307b348a6L,0x96250e573c147c87L,
-        0xae0efb3add0c61f8L },
-      { 0xed00745eca8c325eL,0x3c911696ecff3f70L,0x73acbc65319ad41dL,
-        0x7b01a020f0b1c7efL } },
-    /* 25 << 245 */
-    { { 0xea32b29363a1483fL,0x89eabe717a248f96L,0x9c6231d3343157e5L,
-        0x93a375e5df3c546dL },
-      { 0xe76e93436a2afe69L,0xc4f89100e166c88eL,0x248efd0d4f872093L,
-        0xae0eb3ea8fe0ea61L } },
-    /* 26 << 245 */
-    { { 0xaf89790d9d79046eL,0x4d650f2d6cee0976L,0xa3935d9a43071ecaL,
-        0x66fcd2c9283b0bfeL },
-      { 0x0e665eb5696605f1L,0xe77e5d07a54cd38dL,0x90ee050a43d950cfL,
-        0x86ddebdad32e69b5L } },
-    /* 27 << 245 */
-    { { 0x6ad94a3dfddf7415L,0xf7fa13093f6e8d5aL,0xc4831d1de9957f75L,
-        0x7de28501d5817447L },
-      { 0x6f1d70789e2aeb6bL,0xba2b9ff4f67a53c2L,0x36963767df9defc3L,
-        0x479deed30d38022cL } },
-    /* 28 << 245 */
-    { { 0xd2edb89b3a8631e8L,0x8de855de7a213746L,0xb2056cb7b00c5f11L,
-        0xdeaefbd02c9b85e4L },
-      { 0x03f39a8dd150892dL,0x37b84686218b7985L,0x36296dd8b7375f1aL,
-        0x472cd4b1b78e898eL } },
-    /* 29 << 245 */
-    { { 0x15dff651e9f05de9L,0xd40450692ce98ba9L,0x8466a7ae9b38024cL,
-        0xb910e700e5a6b5efL },
-      { 0xae1c56eab3aa8f0dL,0xbab2a5077eee74a6L,0x0dca11e24b4c4620L,
-        0xfd896e2e4c47d1f4L } },
-    /* 30 << 245 */
-    { { 0xeb45ae53308fbd93L,0x46cd5a2e02c36fdaL,0x6a3d4e90baa48385L,
-        0xdd55e62e9dbe9960L },
-      { 0xa1406aa02a81ede7L,0x6860dd14f9274ea7L,0xcfdcb0c280414f86L,
-        0xff410b1022f94327L } },
-    /* 31 << 245 */
-    { { 0x5a33cc3849ad467bL,0xefb48b6c0a7335f1L,0x14fb54a4b153a360L,
-        0x604aa9d2b52469ccL },
-      { 0x5e9dc486754e48e9L,0x693cb45537471e8eL,0xfb2fd7cd8d3b37b6L,
-        0x63345e16cf09ff07L } },
-    /* 32 << 245 */
-    { { 0x9910ba6b23a5d896L,0x1fe19e357fe4364eL,0x6e1da8c39a33c677L,
-        0x15b4488b29fd9fd0L },
-      { 0x1f4392541a1f22bfL,0x920a8a70ab8163e8L,0x3fd1b24907e5658eL,
-        0xf2c4f79cb6ec839bL } },
-    /* 33 << 245 */
-    { { 0x1abbc3d04aa38d1bL,0x3b0db35cb5d9510eL,0x1754ac783e60dec0L,
-        0x53272fd7ea099b33L },
-      { 0x5fb0494f07a8e107L,0x4a89e1376a8191faL,0xa113b7f63c4ad544L,
-        0x88a2e9096cb9897bL } },
-    /* 34 << 245 */
-    { { 0x17d55de3b44a3f84L,0xacb2f34417c6c690L,0x3208816810232390L,
-        0xf2e8a61f6c733bf7L },
-      { 0xa774aab69c2d7652L,0xfb5307e3ed95c5bcL,0xa05c73c24981f110L,
-        0x1baae31ca39458c9L } },
-    /* 35 << 245 */
-    { { 0x1def185bcbea62e7L,0xe8ac9eaeeaf63059L,0x098a8cfd9921851cL,
-        0xd959c3f13abe2f5bL },
-      { 0xa4f1952520e40ae5L,0x320789e307a24aa1L,0x259e69277392b2bcL,
-        0x58f6c6671918668bL } },
-    /* 36 << 245 */
-    { { 0xce1db2bbc55d2d8bL,0x41d58bb7f4f6ca56L,0x7650b6808f877614L,
-        0x905e16baf4c349edL },
-      { 0xed415140f661acacL,0x3b8784f0cb2270afL,0x3bc280ac8a402cbaL,
-        0xd53f71460937921aL } },
-    /* 37 << 245 */
-    { { 0xc03c8ee5e5681e83L,0x62126105f6ac9e4aL,0x9503a53f936b1a38L,
-        0x3d45e2d4782fecbdL },
-      { 0x69a5c43976e8ae98L,0xb53b2eebbfb4b00eL,0xf167471272386c89L,
-        0x30ca34a24268bce4L } },
-    /* 38 << 245 */
-    { { 0x7f1ed86c78341730L,0x8ef5beb8b525e248L,0xbbc489fdb74fbf38L,
-        0x38a92a0e91a0b382L },
-      { 0x7a77ba3f22433ccfL,0xde8362d6a29f05a9L,0x7f6a30ea61189afcL,
-        0x693b550559ef114fL } },
-    /* 39 << 245 */
-    { { 0x50266bc0cd1797a1L,0xea17b47ef4b7af2dL,0xd6c4025c3df9483eL,
-        0x8cbb9d9fa37b18c9L },
-      { 0x91cbfd9c4d8424cfL,0xdb7048f1ab1c3506L,0x9eaf641f028206a3L,
-        0xf986f3f925bdf6ceL } },
-    /* 40 << 245 */
-    { { 0x262143b5224c08dcL,0x2bbb09b481b50c91L,0xc16ed709aca8c84fL,
-        0xa6210d9db2850ca8L },
-      { 0x6d8df67a09cb54d6L,0x91eef6e0500919a4L,0x90f613810f132857L,
-        0x9acede47f8d5028bL } },
-    /* 41 << 245 */
-    { { 0x844d1b7190b771c3L,0x563b71e4ba6426beL,0x2efa2e83bdb802ffL,
-        0x3410cbabab5b4a41L },
-      { 0x555b2d2630da84ddL,0xd0711ae9ee1cc29aL,0xcf3e8c602f547792L,
-        0x03d7d5dedc678b35L } },
-    /* 42 << 245 */
-    { { 0x071a2fa8ced806b8L,0x222e6134697f1478L,0xdc16fd5dabfcdbbfL,
-        0x44912ebf121b53b8L },
-      { 0xac9436742496c27cL,0x8ea3176c1ffc26b0L,0xb6e224ac13debf2cL,
-        0x524cc235f372a832L } },
-    /* 43 << 245 */
-    { { 0xd706e1d89f6f1b18L,0x2552f00544cce35bL,0x8c8326c2a88e31fcL,
-        0xb5468b2cf9552047L },
-      { 0xce683e883ff90f2bL,0x77947bdf2f0a5423L,0xd0a1b28bed56e328L,
-        0xaee35253c20134acL } },
-    /* 44 << 245 */
-    { { 0x7e98367d3567962fL,0x379ed61f8188bffbL,0x73bba348faf130a1L,
-        0x6c1f75e1904ed734L },
-      { 0x189566423b4a79fcL,0xf20bc83d54ef4493L,0x836d425d9111eca1L,
-        0xe5b5c318009a8dcfL } },
-    /* 45 << 245 */
-    { { 0x3360b25d13221bc5L,0x707baad26b3eeaf7L,0xd7279ed8743a95a1L,
-        0x7450a875969e809fL },
-      { 0x32b6bd53e5d0338fL,0x1e77f7af2b883bbcL,0x90da12cc1063ecd0L,
-        0xe2697b58c315be47L } },
-    /* 46 << 245 */
-    { { 0x2771a5bdda85d534L,0x53e78c1fff980eeaL,0xadf1cf84900385e7L,
-        0x7d3b14f6c9387b62L },
-      { 0x170e74b0cb8f2bd2L,0x2d50b486827fa993L,0xcdbe8c9af6f32babL,
-        0x55e906b0c3b93ab8L } },
-    /* 47 << 245 */
-    { { 0x747f22fc8fe280d1L,0xcd8e0de5b2e114abL,0x5ab7dbebe10b68b0L,
-        0x9dc63a9ca480d4b2L },
-      { 0x78d4bc3b4be1495fL,0x25eb3db89359122dL,0x3f8ac05b0809cbdcL,
-        0xbf4187bbd37c702fL } },
-    /* 48 << 245 */
-    { { 0x84cea0691416a6a5L,0x8f860c7943ef881cL,0x41311f8a38038a5dL,
-        0xe78c2ec0fc612067L },
-      { 0x494d2e815ad73581L,0xb4cc9e0059604097L,0xff558aecf3612cbaL,
-        0x35beef7a9e36c39eL } },
-    /* 49 << 245 */
-    { { 0x1845c7cfdbcf41b9L,0x5703662aaea997c0L,0x8b925afee402f6d8L,
-        0xd0a1b1ae4dd72162L },
-      { 0x9f47b37503c41c4bL,0xa023829b0391d042L,0x5f5045c3503b8b0aL,
-        0x123c268898c010e5L } },
-    /* 50 << 245 */
-    { { 0x324ec0cc36ba06eeL,0xface31153dd2cc0cL,0xb364f3bef333e91fL,
-        0xef8aff7328e832b0L },
-      { 0x1e9bad042d05841bL,0x42f0e3df356a21e2L,0xa3270bcb4add627eL,
-        0xb09a8158d322e711L } },
-    /* 51 << 245 */
-    { { 0x86e326a10fee104aL,0xad7788f83703f65dL,0x7e76543047bc4833L,
-        0x6cee582b2b9b893aL },
-      { 0x9cd2a167e8f55a7bL,0xefbee3c6d9e4190dL,0x33ee7185d40c2e9dL,
-        0x844cc9c5a380b548L } },
-    /* 52 << 245 */
-    { { 0x323f8ecd66926e04L,0x0001e38f8110c1baL,0x8dbcac12fc6a7f07L,
-        0xd65e1d580cec0827L },
-      { 0xd2cd4141be76ca2dL,0x7895cf5ce892f33aL,0x956d230d367139d2L,
-        0xa91abd3ed012c4c1L } },
-    /* 53 << 245 */
-    { { 0x34fa488387eb36bfL,0xc5f07102914b8fb4L,0x90f0e579adb9c95fL,
-        0xfe6ea8cb28888195L },
-      { 0x7b9b5065edfa9284L,0x6c510bd22b8c8d65L,0xd7b8ebefcbe8aafdL,
-        0xedb3af9896b1da07L } },
-    /* 54 << 245 */
-    { { 0x28ff779d6295d426L,0x0c4f6ac73fa3ad7bL,0xec44d0548b8e2604L,
-        0x9b32a66d8b0050e1L },
-      { 0x1f943366f0476ce2L,0x7554d953a602c7b4L,0xbe35aca6524f2809L,
-        0xb6881229fd4edbeaL } },
-    /* 55 << 245 */
-    { { 0xe8cd0c8f508efb63L,0x9eb5b5c86abcefc7L,0xf5621f5fb441ab4fL,
-        0x79e6c046b76a2b22L },
-      { 0x74a4792ce37a1f69L,0xcbd252cb03542b60L,0x785f65d5b3c20bd3L,
-        0x8dea61434fabc60cL } },
-    /* 56 << 245 */
-    { { 0x45e21446de673629L,0x57f7aa1e703c2d21L,0xa0e99b7f98c868c7L,
-        0x4e42f66d8b641676L },
-      { 0x602884dc91077896L,0xa0d690cfc2c9885bL,0xfeb4da333b9a5187L,
-        0x5f789598153c87eeL } },
-    /* 57 << 245 */
-    { { 0x2192dd4752b16dbaL,0xdeefc0e63524c1b1L,0x465ea76ee4383693L,
-        0x79401711361b8d98L },
-      { 0xa5f9ace9f21a15cbL,0x73d26163efee9aebL,0xcca844b3e677016cL,
-        0x6c122b0757eaee06L } },
-    /* 58 << 245 */
-    { { 0xb782dce715f09690L,0x508b9b122dfc0fc9L,0x9015ab4b65d89fc6L,
-        0x5e79dab7d6d5bb0fL },
-      { 0x64f021f06c775aa2L,0xdf09d8cc37c7eca1L,0x9a761367ef2fa506L,
-        0xed4ca4765b81eec6L } },
-    /* 59 << 245 */
-    { { 0x262ede3610bbb8b5L,0x0737ce830641ada3L,0x4c94288ae9831cccL,
-        0x487fc1ce8065e635L },
-      { 0xb13d7ab3b8bb3659L,0xdea5df3e855e4120L,0xb9a1857385eb0244L,
-        0x1a1b8ea3a7cfe0a3L } },
-    /* 60 << 245 */
-    { { 0x3b83711967b0867cL,0x8d5e0d089d364520L,0x52dccc1ed930f0e3L,
-        0xefbbcec7bf20bbafL },
-      { 0x99cffcab0263ad10L,0xd8199e6dfcd18f8aL,0x64e2773fe9f10617L,
-        0x0079e8e108704848L } },
-    /* 61 << 245 */
-    { { 0x1169989f8a342283L,0x8097799ca83012e6L,0xece966cb8a6a9001L,
-        0x93b3afef072ac7fcL },
-      { 0xe6893a2a2db3d5baL,0x263dc46289bf4fdcL,0x8852dfc9e0396673L,
-        0x7ac708953af362b6L } },
-    /* 62 << 245 */
-    { { 0xbb9cce4d5c2f342bL,0xbf80907ab52d7aaeL,0x97f3d3cd2161bcd0L,
-        0xb25b08340962744dL },
-      { 0xc5b18ea56c3a1ddaL,0xfe4ec7eb06c92317L,0xb787b890ad1c4afeL,
-        0xdccd9a920ede801aL } },
-    /* 63 << 245 */
-    { { 0x9ac6dddadb58da1fL,0x22bbc12fb8cae6eeL,0xc6f8bced815c4a43L,
-        0x8105a92cf96480c7L },
-      { 0x0dc3dbf37a859d51L,0xe3ec7ce63041196bL,0xd9f64b250d1067c9L,
-        0xf23213213d1f8dd8L } },
-    /* 64 << 245 */
-    { { 0x8b5c619c76497ee8L,0x5d2b0ac6c717370eL,0x98204cb64fcf68e1L,
-        0x0bdec21162bc6792L },
-      { 0x6973ccefa63b1011L,0xf9e3fa97e0de1ac5L,0x5efb693e3d0e0c8bL,
-        0x037248e9d2d4fcb4L } },
-    /* 0 << 252 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 252 */
-    { { 0x80802dc91ec34f9eL,0xd8772d3533810603L,0x3f06d66c530cb4f3L,
-        0x7be5ed0dc475c129L },
-      { 0xcb9e3c1931e82b10L,0xc63d2857c9ff6b4cL,0xb92118c692a1b45eL,
-        0x0aec44147285bbcaL } },
-    /* 2 << 252 */
-    { { 0xfc189ae71e29a3efL,0xcbe906f04c93302eL,0xd0107914ceaae10eL,
-        0xb7a23f34b68e19f8L },
-      { 0xe9d875c2efd2119dL,0x03198c6efcadc9c8L,0x65591bf64da17113L,
-        0x3cf0bbf83d443038L } },
-    /* 3 << 252 */
-    { { 0xae485bb72b724759L,0x945353e1b2d4c63aL,0x82159d07de7d6f2cL,
-        0x389caef34ec5b109L },
-      { 0x4a8ebb53db65ef14L,0x2dc2cb7edd99de43L,0x816fa3ed83f2405fL,
-        0x73429bb9c14208a3L } },
-    /* 4 << 252 */
-    { { 0xb618d590b01e6e27L,0x047e2ccde180b2dcL,0xd1b299b504aea4a9L,
-        0x412c9e1e9fa403a4L },
-      { 0x88d28a3679407552L,0x49c50136f332b8e3L,0x3a1b6fcce668de19L,
-        0x178851bc75122b97L } },
-    /* 5 << 252 */
-    { { 0xb1e13752fb85fa4cL,0xd61257ce383c8ce9L,0xd43da670d2f74daeL,
-        0xa35aa23fbf846bbbL },
-      { 0x5e74235d4421fc83L,0xf6df8ee0c363473bL,0x34d7f52a3c4aa158L,
-        0x50d05aab9bc6d22eL } },
-    /* 6 << 252 */
-    { { 0x8c56e735a64785f4L,0xbc56637b5f29cd07L,0x53b2bb803ee35067L,
-        0x50235a0fdc919270L },
-      { 0x191ab6d8f2c4aa65L,0xc34758318396023bL,0x80400ba5f0f805baL,
-        0x8881065b5ec0f80fL } },
-    /* 7 << 252 */
-    { { 0xc370e522cc1b5e83L,0xde2d4ad1860b8bfbL,0xad364df067b256dfL,
-        0x8f12502ee0138997L },
-      { 0x503fa0dc7783920aL,0xe80014adc0bc866aL,0x3f89b744d3064ba6L,
-        0x03511dcdcba5dba5L } },
-    /* 8 << 252 */
-    { { 0x197dd46d95a7b1a2L,0x9c4e7ad63c6341fbL,0x426eca29484c2eceL,
-        0x9211e489de7f4f8aL },
-      { 0x14997f6ec78ef1f4L,0x2b2c091006574586L,0x17286a6e1c3eede8L,
-        0x25f92e470f60e018L } },
-    /* 9 << 252 */
-    { { 0x805c564631890a36L,0x703ef60057feea5bL,0x389f747caf3c3030L,
-        0xe0e5daeb54dd3739L },
-      { 0xfe24a4c3c9c9f155L,0x7e4bf176b5393962L,0x37183de2af20bf29L,
-        0x4a1bd7b5f95a8c3bL } },
-    /* 10 << 252 */
-    { { 0xa83b969946191d3dL,0x281fc8dd7b87f257L,0xb18e2c1354107588L,
-        0x6372def79b2bafe8L },
-      { 0xdaf4bb480d8972caL,0x3f2dd4b756167a3fL,0x1eace32d84310cf4L,
-        0xe3bcefafe42700aaL } },
-    /* 11 << 252 */
-    { { 0x5fe5691ed785e73dL,0xa5db5ab62ea60467L,0x02e23d41dfc6514aL,
-        0x35e8048ee03c3665L },
-      { 0x3f8b118f1adaa0f8L,0x28ec3b4584ce1a5aL,0xe8cacc6e2c6646b8L,
-        0x1343d185dbd0e40fL } },
-    /* 12 << 252 */
-    { { 0xe5d7f844caaa358cL,0x1a1db7e49924182aL,0xd64cd42d9c875d9aL,
-        0xb37b515f042eeec8L },
-      { 0x4d4dd4097b165fbeL,0xfc322ed9e206eff3L,0x7dee410259b7e17eL,
-        0x55a481c08236ca00L } },
-    /* 13 << 252 */
-    { { 0x8c885312c23fc975L,0x1571580605d6297bL,0xa078868ef78edd39L,
-        0x956b31e003c45e52L },
-      { 0x470275d5ff7b33a6L,0xc8d5dc3a0c7e673fL,0x419227b47e2f2598L,
-        0x8b37b6344c14a975L } },
-    /* 14 << 252 */
-    { { 0xd0667ed68b11888cL,0x5e0e8c3e803e25dcL,0x34e5d0dcb987a24aL,
-        0x9f40ac3bae920323L },
-      { 0x5463de9534e0f63aL,0xa128bf926b6328f9L,0x491ccd7cda64f1b7L,
-        0x7ef1ec27c47bde35L } },
-    /* 15 << 252 */
-    { { 0xa857240fa36a2737L,0x35dc136663621bc1L,0x7a3a6453d4fb6897L,
-        0x80f1a439c929319dL },
-      { 0xfc18274bf8cb0ba0L,0xb0b537668078c5ebL,0xfb0d49241e01d0efL,
-        0x50d7c67d372ab09cL } },
-    /* 16 << 252 */
-    { { 0xb4e370af3aeac968L,0xe4f7fee9c4b63266L,0xb4acd4c2e3ac5664L,
-        0xf8910bd2ceb38cbfL },
-      { 0x1c3ae50cc9c0726eL,0x15309569d97b40bfL,0x70884b7ffd5a5a1bL,
-        0x3890896aef8314cdL } },
-    /* 17 << 252 */
-    { { 0x58e1515ca5618c93L,0xe665432b77d942d1L,0xb32181bfb6f767a8L,
-        0x753794e83a604110L },
-      { 0x09afeb7ce8c0dbccL,0x31e02613598673a3L,0x5d98e5577d46db00L,
-        0xfc21fb8c9d985b28L } },
-    /* 18 << 252 */
-    { { 0xc9040116b0843e0bL,0x53b1b3a869b04531L,0xdd1649f085d7d830L,
-        0xbb3bcc87cb7427e8L },
-      { 0x77261100c93dce83L,0x7e79da61a1922a2aL,0x587a2b02f3149ce8L,
-        0x147e1384de92ec83L } },
-    /* 19 << 252 */
-    { { 0x484c83d3af077f30L,0xea78f8440658b53aL,0x912076c2027aec53L,
-        0xf34714e393c8177dL },
-      { 0x37ef5d15c2376c84L,0x8315b6593d1aa783L,0x3a75c484ef852a90L,
-        0x0ba0c58a16086bd4L } },
-    /* 20 << 252 */
-    { { 0x29688d7a529a6d48L,0x9c7f250dc2f19203L,0x123042fb682e2df9L,
-        0x2b7587e7ad8121bcL },
-      { 0x30fc0233e0182a65L,0xb82ecf87e3e1128aL,0x7168286193fb098fL,
-        0x043e21ae85e9e6a7L } },
-    /* 21 << 252 */
-    { { 0xab5b49d666c834eaL,0x3be43e1847414287L,0xf40fb859219a2a47L,
-        0x0e6559e9cc58df3cL },
-      { 0xfe1dfe8e0c6615b4L,0x14abc8fd56459d70L,0x7be0fa8e05de0386L,
-        0x8e63ef68e9035c7cL } },
-    /* 22 << 252 */
-    { { 0x116401b453b31e91L,0x0cba7ad44436b4d8L,0x9151f9a0107afd66L,
-        0xafaca8d01f0ee4c4L },
-      { 0x75fe5c1d9ee9761cL,0x3497a16bf0c0588fL,0x3ee2bebd0304804cL,
-        0xa8fb9a60c2c990b9L } },
-    /* 23 << 252 */
-    { { 0xd14d32fe39251114L,0x36bf25bccac73366L,0xc9562c66dba7495cL,
-        0x324d301b46ad348bL },
-      { 0x9f46620cd670407eL,0x0ea8d4f1e3733a01L,0xd396d532b0c324e0L,
-        0x5b211a0e03c317cdL } },
-    /* 24 << 252 */
-    { { 0x090d7d205ffe7b37L,0x3b7f3efb1747d2daL,0xa2cb525fb54fc519L,
-        0x6e220932f66a971eL },
-      { 0xddc160dfb486d440L,0x7fcfec463fe13465L,0x83da7e4e76e4c151L,
-        0xd6fa48a1d8d302b5L } },
-    /* 25 << 252 */
-    { { 0xc6304f265872cd88L,0x806c1d3c278b90a1L,0x3553e725caf0bc1cL,
-        0xff59e603bb9d8d5cL },
-      { 0xa4550f327a0b85ddL,0xdec5720a93ecc217L,0x0b88b74169d62213L,
-        0x7212f2455b365955L } },
-    /* 26 << 252 */
-    { { 0x20764111b5cae787L,0x13cb7f581dfd3124L,0x2dca77da1175aefbL,
-        0xeb75466bffaae775L },
-      { 0x74d76f3bdb6cff32L,0x7440f37a61fcda9aL,0x1bb3ac92b525028bL,
-        0x20fbf8f7a1975f29L } },
-    /* 27 << 252 */
-    { { 0x982692e1df83097fL,0x28738f6c554b0800L,0xdc703717a2ce2f2fL,
-        0x7913b93c40814194L },
-      { 0x049245931fe89636L,0x7b98443ff78834a6L,0x11c6ab015114a5a1L,
-        0x60deb383ffba5f4cL } },
-    /* 28 << 252 */
-    { { 0x4caa54c601a982e6L,0x1dd35e113491cd26L,0x973c315f7cbd6b05L,
-        0xcab0077552494724L },
-      { 0x04659b1f6565e15aL,0xbf30f5298c8fb026L,0xfc21641ba8a0de37L,
-        0xe9c7a366fa5e5114L } },
-    /* 29 << 252 */
-    { { 0xdb849ca552f03ad8L,0xc7e8dbe9024e35c0L,0xa1a2bbaccfc3c789L,
-        0xbf733e7d9c26f262L },
-      { 0x882ffbf5b8444823L,0xb7224e886bf8483bL,0x53023b8b65bef640L,
-        0xaabfec91d4d5f8cdL } },
-    /* 30 << 252 */
-    { { 0xa40e1510079ea1bdL,0x1ad9addcd05d5d26L,0xdb3f2eab13e68d4fL,
-        0x1cff1ae2640f803fL },
-      { 0xe0e7b749d4cee117L,0x8e9f275b4036d909L,0xce34e31d8f4d4c38L,
-        0x22b37f69d75130fcL } },
-    /* 31 << 252 */
-    { { 0x83e0f1fdb4014604L,0xa8ce991989415078L,0x82375b7541792efeL,
-        0x4f59bf5c97d4515bL },
-      { 0xac4f324f923a277dL,0xd9bc9b7d650f3406L,0xc6fa87d18a39bc51L,
-        0x825885305ccc108fL } },
-    /* 32 << 252 */
-    { { 0x5ced3c9f82e4c634L,0x8efb83143a4464f8L,0xe706381b7a1dca25L,
-        0x6cd15a3c5a2a412bL },
-      { 0x9347a8fdbfcd8fb5L,0x31db2eef6e54cd22L,0xc4aeb11ef8d8932fL,
-        0x11e7c1ed344411afL } },
-    /* 33 << 252 */
-    { { 0x2653050cdc9a151eL,0x9edbfc083bb0a859L,0x926c81c7fd5691e7L,
-        0x9c1b23426f39019aL },
-      { 0x64a81c8b7f8474b9L,0x90657c0701761819L,0x390b333155e0375aL,
-        0xc676c626b6ebc47dL } },
-    /* 34 << 252 */
-    { { 0x51623247b7d6dee8L,0x0948d92779659313L,0x99700161e9ab35edL,
-        0x06cc32b48ddde408L },
-      { 0x6f2fd664061ef338L,0x1606fa02c202e9edL,0x55388bc1929ba99bL,
-        0xc4428c5e1e81df69L } },
-    /* 35 << 252 */
-    { { 0xce2028aef91b0b2aL,0xce870a23f03dfd3fL,0x66ec2c870affe8edL,
-        0xb205fb46284d0c00L },
-      { 0xbf5dffe744cefa48L,0xb6fc37a8a19876d7L,0xbecfa84c08b72863L,
-        0xd7205ff52576374fL } },
-    /* 36 << 252 */
-    { { 0x80330d328887de41L,0x5de0df0c869ea534L,0x13f427533c56ea17L,
-        0xeb1f6069452b1a78L },
-      { 0x50474396e30ea15cL,0x575816a1c1494125L,0xbe1ce55bfe6bb38fL,
-        0xb901a94896ae30f7L } },
-    /* 37 << 252 */
-    { { 0xe5af0f08d8fc3548L,0x5010b5d0d73bfd08L,0x993d288053fe655aL,
-        0x99f2630b1c1309fdL },
-      { 0xd8677bafb4e3b76fL,0x14e51ddcb840784bL,0x326c750cbf0092ceL,
-        0xc83d306bf528320fL } },
-    /* 38 << 252 */
-    { { 0xc445671577d4715cL,0xd30019f96b703235L,0x207ccb2ed669e986L,
-        0x57c824aff6dbfc28L },
-      { 0xf0eb532fd8f92a23L,0x4a557fd49bb98fd2L,0xa57acea7c1e6199aL,
-        0x0c6638208b94b1edL } },
-    /* 39 << 252 */
-    { { 0x9b42be8ff83a9266L,0xc7741c970101bd45L,0x95770c1107bd9cebL,
-        0x1f50250a8b2e0744L },
-      { 0xf762eec81477b654L,0xc65b900e15efe59aL,0x88c961489546a897L,
-        0x7e8025b3c30b4d7cL } },
-    /* 40 << 252 */
-    { { 0xae4065ef12045cf9L,0x6fcb2caf9ccce8bdL,0x1fa0ba4ef2cf6525L,
-        0xf683125dcb72c312L },
-      { 0xa01da4eae312410eL,0x67e286776cd8e830L,0xabd9575298fb3f07L,
-        0x05f11e11eef649a5L } },
-    /* 41 << 252 */
-    { { 0xba47faef9d3472c2L,0x3adff697c77d1345L,0x4761fa04dd15afeeL,
-        0x64f1f61ab9e69462L },
-      { 0xfa691fab9bfb9093L,0x3df8ae8fa1133dfeL,0xcd5f896758cc710dL,
-        0xfbb88d5016c7fe79L } },
-    /* 42 << 252 */
-    { { 0x8e011b4ce88c50d1L,0x7532e807a8771c4fL,0x64c78a48e2278ee4L,
-        0x0b283e833845072aL },
-      { 0x98a6f29149e69274L,0xb96e96681868b21cL,0x38f0adc2b1a8908eL,
-        0x90afcff71feb829dL } },
-    /* 43 << 252 */
-    { { 0x9915a383210b0856L,0xa5a80602def04889L,0x800e9af97c64d509L,
-        0x81382d0bb8996f6fL },
-      { 0x490eba5381927e27L,0x46c63b324af50182L,0x784c5fd9d3ad62ceL,
-        0xe4fa1870f8ae8736L } },
-    /* 44 << 252 */
-    { { 0x4ec9d0bcd7466b25L,0x84ddbe1adb235c65L,0x5e2645ee163c1688L,
-        0x570bd00e00eba747L },
-      { 0xfa51b629128bfa0fL,0x92fce1bd6c1d3b68L,0x3e7361dcb66778b1L,
-        0x9c7d249d5561d2bbL } },
-    /* 45 << 252 */
-    { { 0xa40b28bf0bbc6229L,0x1c83c05edfd91497L,0x5f9f5154f083df05L,
-        0xbac38b3ceee66c9dL },
-      { 0xf71db7e3ec0dfcfdL,0xf2ecda8e8b0a8416L,0x52fddd867812aa66L,
-        0x2896ef104e6f4272L } },
-    /* 46 << 252 */
-    { { 0xff27186a0fe9a745L,0x08249fcd49ca70dbL,0x7425a2e6441cac49L,
-        0xf4a0885aece5ff57L },
-      { 0x6e2cb7317d7ead58L,0xf96cf7d61898d104L,0xafe67c9d4f2c9a89L,
-        0x89895a501c7bf5bcL } },
-    /* 47 << 252 */
-    { { 0xdc7cb8e5573cecfaL,0x66497eaed15f03e6L,0x6bc0de693f084420L,
-        0x323b9b36acd532b0L },
-      { 0xcfed390a0115a3c1L,0x9414c40b2d65ca0eL,0x641406bd2f530c78L,
-        0x29369a44833438f2L } },
-    /* 48 << 252 */
-    { { 0x996884f5903fa271L,0xe6da0fd2b9da921eL,0xa6f2f2695db01e54L,
-        0x1ee3e9bd6876214eL },
-      { 0xa26e181ce27a9497L,0x36d254e48e215e04L,0x42f32a6c252cabcaL,
-        0x9948148780b57614L } },
-    /* 49 << 252 */
-    { { 0x4c4dfe6940d9cae1L,0x0586958011a10f09L,0xca287b573491b64bL,
-        0x77862d5d3fd4a53bL },
-      { 0xbf94856e50349126L,0x2be30bd171c5268fL,0x10393f19cbb650a6L,
-        0x639531fe778cf9fdL } },
-    /* 50 << 252 */
-    { { 0x02556a11b2935359L,0xda38aa96af8c126eL,0x47dbe6c20960167fL,
-        0x37bbabb6501901cdL },
-      { 0xb6e979e02c947778L,0xd69a51757a1a1dc6L,0xc3ed50959d9faf0cL,
-        0x4dd9c0961d5fa5f0L } },
-    /* 51 << 252 */
-    { { 0xa0c4304d64f16ea8L,0x8b1cac167e718623L,0x0b5765467c67f03eL,
-        0x559cf5adcbd88c01L },
-      { 0x074877bb0e2af19aL,0x1f717ec1a1228c92L,0x70bcb800326e8920L,
-        0xec6e2c5c4f312804L } },
-    /* 52 << 252 */
-    { { 0x426aea7d3fca4752L,0xf12c09492211f62aL,0x24beecd87be7b6b5L,
-        0xb77eaf4c36d7a27dL },
-      { 0x154c2781fda78fd3L,0x848a83b0264eeabeL,0x81287ef04ffe2bc4L,
-        0x7b6d88c6b6b6fc2aL } },
-    /* 53 << 252 */
-    { { 0x805fb947ce417d99L,0x4b93dcc38b916cc4L,0x72e65bb321273323L,
-        0xbcc1badd6ea9886eL },
-      { 0x0e2230114bc5ee85L,0xa561be74c18ee1e4L,0x762fd2d4a6bcf1f1L,
-        0x50e6a5a495231489L } },
-    /* 54 << 252 */
-    { { 0xca96001fa00b500bL,0x5c098cfc5d7dcdf5L,0xa64e2d2e8c446a85L,
-        0xbae9bcf1971f3c62L },
-      { 0x4ec226838435a2c5L,0x8ceaed6c4bad4643L,0xe9f8fb47ccccf4e3L,
-        0xbd4f3fa41ce3b21eL } },
-    /* 55 << 252 */
-    { { 0xd79fb110a3db3292L,0xe28a37dab536c66aL,0x279ce87b8e49e6a9L,
-        0x70ccfe8dfdcec8e3L },
-      { 0x2193e4e03ba464b2L,0x0f39d60eaca9a398L,0x7d7932aff82c12abL,
-        0xd8ff50ed91e7e0f7L } },
-    /* 56 << 252 */
-    { { 0xea961058fa28a7e0L,0xc726cf250bf5ec74L,0xe74d55c8db229666L,
-        0x0bd9abbfa57f5799L },
-      { 0x7479ef074dfc47b3L,0xd9c65fc30c52f91dL,0x8e0283fe36a8bde2L,
-        0xa32a8b5e7d4b7280L } },
-    /* 57 << 252 */
-    { { 0x6a677c6112e83233L,0x0fbb3512dcc9bf28L,0x562e8ea50d780f61L,
-        0x0db8b22b1dc4e89cL },
-      { 0x0a6fd1fb89be0144L,0x8c77d246ca57113bL,0x4639075dff09c91cL,
-        0x5b47b17f5060824cL } },
-    /* 58 << 252 */
-    { { 0x58aea2b016287b52L,0xa1343520d0cd8eb0L,0x6148b4d0c5d58573L,
-        0xdd2b6170291c68aeL },
-      { 0xa61b39291da3b3b7L,0x5f946d7908c4ac10L,0x4105d4a57217d583L,
-        0x5061da3d25e6de5eL } },
-    /* 59 << 252 */
-    { { 0x3113940dec1b4991L,0xf12195e136f485aeL,0xa7507fb2731a2ee0L,
-        0x95057a8e6e9e196eL },
-      { 0xa3c2c9112e130136L,0x97dfbb3633c60d15L,0xcaf3c581b300ee2bL,
-        0x77f25d90f4bac8b8L } },
-    /* 60 << 252 */
-    { { 0xdb1c4f986d840cd6L,0x471d62c0e634288cL,0x8ec2f85ecec8a161L,
-        0x41f37cbcfa6f4ae2L },
-      { 0x6793a20f4b709985L,0x7a7bd33befa8985bL,0x2c6a3fbd938e6446L,
-        0x190426192a8d47c1L } },
-    /* 61 << 252 */
-    { { 0x16848667cc36975fL,0x02acf1689d5f1dfbL,0x62d41ad4613baa94L,
-        0xb56fbb929f684670L },
-      { 0xce610d0de9e40569L,0x7b99c65f35489fefL,0x0c88ad1b3df18b97L,
-        0x81b7d9be5d0e9edbL } },
-    /* 62 << 252 */
-    { { 0xd85218c0c716cc0aL,0xf4b5ff9085691c49L,0xa4fd666bce356ac6L,
-        0x17c728954b327a7aL },
-      { 0xf93d5085da6be7deL,0xff71530e3301d34eL,0x4cd96442d8f448e8L,
-        0x9283d3312ed18ffaL } },
-    /* 63 << 252 */
-    { { 0x4d33dd992a849870L,0xa716964b41576335L,0xff5e3a9b179be0e5L,
-        0x5b9d6b1b83b13632L },
-      { 0x3b8bd7d4a52f313bL,0xc9dd95a0637a4660L,0x300359620b3e218fL,
-        0xce1481a3c7b28a3cL } },
-    /* 64 << 252 */
-    { { 0xab41b43a43228d83L,0x24ae1c304ad63f99L,0x8e525f1a46a51229L,
-        0x14af860fcd26d2b4L },
-      { 0xd6baef613f714aa1L,0xf51865adeb78795eL,0xd3e21fcee6a9d694L,
-        0x82ceb1dd8a37b527L } },
-};
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_256 v[37];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_ecc_recode_7_4(k, v);
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        i = 36;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_65_4(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_65_4(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_256_sub_4(negy, p256_mod, p->y);
-            sp_256_norm_4(negy);
-            sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_256_proj_point_add_qz1_4(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_256_map_4(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_add_only_4(r, NULL, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 4);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 4, km);
-
-            err = sp_256_ecc_mulmod_base_4(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 4 + 4 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4 + 4 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 4;
-
-        sp_256_from_mp(k, 4, km);
-        sp_256_point_from_ecc_point_4(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_4(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_4(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_4(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-static void sp_256_add_one_4(sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x1, x2, [%[a], 0]\n\t"
-        "adds	x1, x1, #1\n\t"
-        "ldr	x3, [%[a], 16]\n\t"
-        "adcs	x2, x2, xzr\n\t"
-        "ldr	x4, [%[a], 24]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "stp	x1, x2, [%[a], 0]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "stp	x3, x4, [%[a], 16]\n\t"
-        :
-        : [a] "r" (a)
-        : "memory", "x1", "x2", "x3", "x4", "cc"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_4(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 4, buf, (int)sizeof(buf));
-            if (sp_256_cmp_4(k, p256_order2) <= 0) {
-                sp_256_add_one_4(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 4);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_4(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_4(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_4(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_4(point->x) || sp_256_iszero_4(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_4(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-    sp_digit k[4];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_4(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_4(ctx->point->x) ||
-                    sp_256_iszero_4(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_4(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_4(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 3; i >= 0; i--, j += 8) {
-        __asm__ __volatile__ (
-            "ldr	x4, [%[r]]\n\t"
-        #ifdef LITTLE_ENDIAN_ORDER
-            "rev	x4, x4\n\t"
-        #endif
-            "str	x4, [%[a]]\n\t"
-            :
-            : [r] "r" (r + i), [a] "r" (a + j)
-            : "memory", "x4"
-        );
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 4);
-    int err = MP_OKAY;
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 4, priv);
-        sp_256_point_from_ecc_point_4(point, pub);
-            err = sp_256_ecc_mulmod_4(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_4(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-    };
-    sp_digit k[4];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 4, priv);
-            sp_256_point_from_ecc_point_4(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_4(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_256_sub_in_place_4(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_256_mul_d_4(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "umulh	x7, %[b], x2\n\t"
-        "mul	x2, %[b], x2\n\t"
-        "# A[1] * B\n\t"
-        "mul	x8, %[b], x3\n\t"
-        "umulh	x9, %[b], x3\n\t"
-        "adds	x3, x7, x8\n\t"
-        "# A[2] * B\n\t"
-        "mul	x8, %[b], x4\n\t"
-        "adc	x7, xzr, x9\n\t"
-        "umulh	x9, %[b], x4\n\t"
-        "adds	x4, x7, x8\n\t"
-        "# A[3] * B\n\t"
-        "mul	x8, %[b], x5\n\t"
-        "adc	x7, xzr, x9\n\t"
-        "umulh	x9, %[b], x5\n\t"
-        "adds	x5, x7, x8\n\t"
-        "str	x2, [%[r]]\n\t"
-        "adc	x6, xzr, x9\n\t"
-        "stp	x3, x4, [%[r], 8]\n\t"
-        "stp	x5, x6, [%[r], 24]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_256_word_4(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<4; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[8], t2[5];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[3];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 4);
-    r1 = sp_256_cmp_4(&t1[4], d) >= 0;
-    sp_256_cond_sub_4(&t1[4], &t1[4], d, (sp_digit)0 - r1);
-    for (i = 3; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[4 + i] == div);
-        sp_digit hi = t1[4 + i] + mask;
-        r1 = div_256_word_4(hi, t1[4 + i - 1], div);
-        r1 |= mask;
-
-        sp_256_mul_d_4(t2, d, r1);
-        t1[4 + i] += sp_256_sub_in_place_4(&t1[i], t2);
-        t1[4 + i] -= t2[4];
-        sp_256_mask_4(t2, d, t1[4 + i]);
-        t1[4 + i] += sp_256_add_4(&t1[i], &t1[i], t2);
-        sp_256_mask_4(t2, d, t1[4 + i]);
-        t1[4 + i] += sp_256_add_4(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_256_cmp_4(t1, d) >= 0;
-    sp_256_cond_sub_4(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_256_div_4(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-SP_NOINLINE static void sp_256_mont_mul_order_4(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x13, x14, [%[a], 0]\n\t"
-        "ldp	x15, x16, [%[a], 16]\n\t"
-        "ldp	x17, x19, [%[b], 0]\n\t"
-        "ldp	x20, x21, [%[b], 16]\n\t"
-        "# A[0] * B[0]\n\t"
-        "umulh	x6, x13, x17\n\t"
-        "mul	x5, x13, x17\n\t"
-        "# A[2] * B[0]\n\t"
-        "umulh	x8, x15, x17\n\t"
-        "mul	x7, x15, x17\n\t"
-        "# A[1] * B[0]\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "# A[0] * B[2]\n\t"
-        "mul	x3, x13, x20\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x13, x20\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# A[1] * B[3]\n\t"
-        "mul	x9, x14, x21\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "umulh	x10, x14, x21\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# A[0] * B[1]\n\t"
-        "mul	x3, x13, x19\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x13, x19\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "# A[2] * B[1]\n\t"
-        "mul	x3, x15, x19\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "umulh	x4, x15, x19\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# A[1] * B[2]\n\t"
-        "mul	x3, x14, x20\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x14, x20\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[1] * B[1]\n\t"
-        "mul	x3, x14, x19\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x14, x19\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# A[3] * B[1]\n\t"
-        "mul	x3, x16, x19\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x4, x16, x19\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adc	x11, x11, xzr\n\t"
-        "# A[2] * B[2]\n\t"
-        "mul	x3, x15, x20\n\t"
-        "adds	x9, x9, x3\n\t"
-        "umulh	x4, x15, x20\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "# A[3] * B[3]\n\t"
-        "mul	x3, x16, x21\n\t"
-        "adcs	x11, x11, x3\n\t"
-        "umulh	x12, x16, x21\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# A[0] * B[3]\n\t"
-        "mul	x3, x13, x21\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x13, x21\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# A[2] * B[3]\n\t"
-        "mul	x3, x15, x21\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x15, x21\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "# A[3] * B[0]\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# A[3] * B[2]\n\t"
-        "mul	x3, x16, x20\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x16, x20\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "ldp   x13, x14, [%[m], 0]\n\t"
-        "mov	x15, 0xffffffffffffffff\n\t"
-        "mov	x16, 0xffffffff00000000\n\t"
-        "# mu = a[0] * mp\n\t"
-        "mul	x17, %[mp], x5\n\t"
-        "# a[0+0] += m[0] * mu\n\t"
-        "mul	x3, x13, x17\n\t"
-        "adds	x5, x5, x3\n\t"
-        "umulh	x4, x13, x17\n\t"
-        "adcs	x6, x6, x4\n\t"
-        "# a[0+2] += m[2] * mu\n\t"
-        "mul	x3, x15, x17\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "umulh	x4, x15, x17\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        "# a[0+1] += m[1] * mu\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "# a[0+3] += m[3] * mu\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# mu = a[1] * mp\n\t"
-        "mul	x17, %[mp], x6\n\t"
-        "adc	x19, x19, xzr\n\t"
-        "# a[1+0] += m[0] * mu\n\t"
-        "mul	x3, x13, x17\n\t"
-        "adds	x6, x6, x3\n\t"
-        "umulh	x4, x13, x17\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "# a[1+2] += m[2] * mu\n\t"
-        "mul	x3, x15, x17\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "umulh	x4, x15, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adcs	x10, x10, x19\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        "# a[1+1] += m[1] * mu\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# a[1+3] += m[3] * mu\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "# mu = a[2] * mp\n\t"
-        "mul	x17, %[mp], x7\n\t"
-        "adc	x19, x19, xzr\n\t"
-        "# a[2+0] += m[0] * mu\n\t"
-        "mul	x3, x13, x17\n\t"
-        "adds	x7, x7, x3\n\t"
-        "umulh	x4, x13, x17\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "# a[2+2] += m[2] * mu\n\t"
-        "mul	x3, x15, x17\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x4, x15, x17\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adcs	x11, x11, x19\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        "# a[2+1] += m[1] * mu\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# a[2+3] += m[3] * mu\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "# mu = a[3] * mp\n\t"
-        "mul	x17, %[mp], x8\n\t"
-        "adc	x19, x19, xzr\n\t"
-        "# a[3+0] += m[0] * mu\n\t"
-        "mul	x3, x13, x17\n\t"
-        "adds	x8, x8, x3\n\t"
-        "umulh	x4, x13, x17\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "# a[3+2] += m[2] * mu\n\t"
-        "mul	x3, x15, x17\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh	x4, x15, x17\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "adcs	x12, x12, x19\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        "# a[3+1] += m[1] * mu\n\t"
-        "mul	x3, x14, x17\n\t"
-        "adds	x9, x9, x3\n\t"
-        "umulh	x4, x14, x17\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "# a[3+3] += m[3] * mu\n\t"
-        "mul	x3, x16, x17\n\t"
-        "adcs	x11, x11, x3\n\t"
-        "umulh	x4, x16, x17\n\t"
-        "adcs	x12, x12, x4\n\t"
-        "# x15 == -1\n\t"
-        "adcs	x19, x19, x15\n\t"
-        "csel	x13, x13, xzr, cs\n\t"
-        "csel	x14, x14, xzr, cs\n\t"
-        "csel	x15, x15, xzr, cs\n\t"
-        "csel	x16, x16, xzr, cs\n\t"
-        "subs	x9, x9, x13\n\t"
-        "sbcs	x10, x10, x14\n\t"
-        "sbcs	x11, x11, x15\n\t"
-        "stp	x9, x10, [%[r], 0]\n\t"
-        "sbc	x12, x12, x16\n\t"
-        "stp	x11, x12, [%[r], 16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (p256_order),
-          [mp] "r" (p256_mp_order)
-        : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word64 p256_order_minus_2[4] = {
-    0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU,
-    0xffffffff00000000U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-SP_NOINLINE static void sp_256_mont_sqr_order_4(sp_digit* r,
-    const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "# A[0] * A[1]\n\t"
-        "umulh	x6, x12, x13\n\t"
-        "mul	x5, x12, x13\n\t"
-        "# A[0] * A[3]\n\t"
-        "umulh	x8, x12, x15\n\t"
-        "mul	x7, x12, x15\n\t"
-        "# A[0] * A[2]\n\t"
-        "mul	x2, x12, x14\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x12, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# A[1] * A[3]\n\t"
-        "mul	x2, x13, x15\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x9, x9, xzr\n\t"
-        "# A[1] * A[2]\n\t"
-        "mul	x2, x13, x14\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x13, x14\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# A[2] * A[3]\n\t"
-        "mul	x2, x14, x15\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x10, x14, x15\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# Double\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[0] * A[0]\n\t"
-        "umulh	x3, x12, x12\n\t"
-        "mul	x4, x12, x12\n\t"
-        "# A[1] * A[1]\n\t"
-        "mul	x2, x13, x13\n\t"
-        "adds	x5, x5, x3\n\t"
-        "umulh	x3, x13, x13\n\t"
-        "adcs	x6, x6, x2\n\t"
-        "# A[2] * A[2]\n\t"
-        "mul	x2, x14, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "umulh	x3, x14, x14\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "# A[3] * A[3]\n\t"
-        "mul	x2, x15, x15\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x3, x15, x15\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "adc	x11, x11, x3\n\t"
-        "ldp   x12, x13, [%[m], 0]\n\t"
-        "mov	x14, 0xffffffffffffffff\n\t"
-        "mov	x15, 0xffffffff00000000\n\t"
-        "# mu = a[0] * mp\n\t"
-        "mul	x16, %[mp], x4\n\t"
-        "# a[0+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x4, x4, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x5, x5, x3\n\t"
-        "# a[0+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x6, x6, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[0+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x5, x5, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x6, x6, x3\n\t"
-        "# a[0+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x7, x7, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# mu = a[1] * mp\n\t"
-        "mul	x16, %[mp], x5\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "# a[1+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x5, x5, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x6, x6, x3\n\t"
-        "# a[1+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x7, x7, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adcs	x9, x9, x17\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[1+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# a[1+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "# mu = a[2] * mp\n\t"
-        "mul	x16, %[mp], x6\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "# a[2+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# a[2+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "adcs	x10, x10, x17\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[2+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# a[2+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "# mu = a[3] * mp\n\t"
-        "mul	x16, %[mp], x7\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "# a[3+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# a[3+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "adcs	x11, x11, x17\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[3+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x8, x8, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "# a[3+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x11, x11, x3\n\t"
-        "# x14 == -1\n\t"
-        "adcs	x17, x17, x14\n\t"
-        "csel	x12, x12, xzr, cs\n\t"
-        "csel	x13, x13, xzr, cs\n\t"
-        "csel	x14, x14, xzr, cs\n\t"
-        "csel	x15, x15, xzr, cs\n\t"
-        "subs	x8, x8, x12\n\t"
-        "sbcs	x9, x9, x13\n\t"
-        "sbcs	x10, x10, x14\n\t"
-        "stp	x8, x9, [%[r], 0]\n\t"
-        "sbc	x11, x11, x15\n\t"
-        "stp	x10, x11, [%[r], 16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (p256_order),
-          [mp] "r" (p256_mp_order)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
-    );
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_order_4(sp_digit* r,
-    const sp_digit* a, int n)
-{
-
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "1:\n\t"
-        "# A[0] * A[1]\n\t"
-        "umulh	x6, x12, x13\n\t"
-        "mul	x5, x12, x13\n\t"
-        "# A[0] * A[3]\n\t"
-        "umulh	x8, x12, x15\n\t"
-        "mul	x7, x12, x15\n\t"
-        "# A[0] * A[2]\n\t"
-        "mul	x2, x12, x14\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x12, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# A[1] * A[3]\n\t"
-        "mul	x2, x13, x15\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x9, x9, xzr\n\t"
-        "# A[1] * A[2]\n\t"
-        "mul	x2, x13, x14\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x13, x14\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# A[2] * A[3]\n\t"
-        "mul	x2, x14, x15\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x10, x14, x15\n\t"
-        "adc	x10, x10, xzr\n\t"
-        "# Double\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "# A[0] * A[0]\n\t"
-        "umulh	x3, x12, x12\n\t"
-        "mul	x4, x12, x12\n\t"
-        "# A[1] * A[1]\n\t"
-        "mul	x2, x13, x13\n\t"
-        "adds	x5, x5, x3\n\t"
-        "umulh	x3, x13, x13\n\t"
-        "adcs	x6, x6, x2\n\t"
-        "# A[2] * A[2]\n\t"
-        "mul	x2, x14, x14\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "umulh	x3, x14, x14\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "# A[3] * A[3]\n\t"
-        "mul	x2, x15, x15\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "umulh	x3, x15, x15\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "adc	x11, x11, x3\n\t"
-        "ldp   x12, x13, [%[m], 0]\n\t"
-        "mov	x14, 0xffffffffffffffff\n\t"
-        "mov	x15, 0xffffffff00000000\n\t"
-        "# mu = a[0] * mp\n\t"
-        "mul	x16, %[mp], x4\n\t"
-        "# a[0+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x4, x4, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x5, x5, x3\n\t"
-        "# a[0+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x6, x6, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[0+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x5, x5, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x6, x6, x3\n\t"
-        "# a[0+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x7, x7, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# mu = a[1] * mp\n\t"
-        "mul	x16, %[mp], x5\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "# a[1+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x5, x5, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x6, x6, x3\n\t"
-        "# a[1+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x7, x7, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adcs	x9, x9, x17\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[1+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# a[1+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "# mu = a[2] * mp\n\t"
-        "mul	x16, %[mp], x6\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "# a[2+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "# a[2+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "adcs	x10, x10, x17\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[2+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# a[2+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "# mu = a[3] * mp\n\t"
-        "mul	x16, %[mp], x7\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "# a[3+0] += m[0] * mu\n\t"
-        "mul	x2, x12, x16\n\t"
-        "adds	x7, x7, x2\n\t"
-        "umulh	x3, x12, x16\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "# a[3+2] += m[2] * mu\n\t"
-        "mul	x2, x14, x16\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "adcs	x11, x11, x17\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "# a[3+1] += m[1] * mu\n\t"
-        "mul	x2, x13, x16\n\t"
-        "adds	x8, x8, x2\n\t"
-        "umulh	x3, x13, x16\n\t"
-        "adcs	x9, x9, x3\n\t"
-        "# a[3+3] += m[3] * mu\n\t"
-        "mul	x2, x15, x16\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "umulh	x3, x15, x16\n\t"
-        "adcs	x11, x11, x3\n\t"
-        "# x14 == -1\n\t"
-        "adcs	x17, x17, x14\n\t"
-        "csel	x12, x12, xzr, cs\n\t"
-        "csel	x13, x13, xzr, cs\n\t"
-        "csel	x14, x14, xzr, cs\n\t"
-        "csel	x15, x15, xzr, cs\n\t"
-        "subs	x12, x8, x12\n\t"
-        "sbcs	x13, x9, x13\n\t"
-        "sbcs	x14, x10, x14\n\t"
-        "sbc	x15, x11, x15\n\t"
-        "subs	%w[n], %w[n], #1\n\t"
-        "b.ne	1b\n\t"
-        "stp	x12, x13, [%[r], 0]\n\t"
-        "stp	x14, x15, [%[r], 16]\n\t"
-        : [n] "+r" (n)
-        : [r] "r" (r), [a] "r" (a), [m] "r" (p256_order),
-          [mp] "r" (p256_mp_order)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
-    );
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_mont_inv_order_4_ctx {
-    int state;
-    int i;
-} sp_256_mont_inv_order_4_ctx;
-static int sp_256_mont_inv_order_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_mont_inv_order_4_ctx* ctx = (sp_256_mont_inv_order_4_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 4);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_4(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 4U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 4);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_4(t, t);
-        if ((p256_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 4U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 4;
-    sp_digit* t3 = td + 4 * 4;
-    sp_digit* t5 = td + 6 * 4;
-    sp_digit* t7 = td + 8 * 4;
-    sp_digit* t15 = td + 10 * 4;
-
-    /* t2 = a^2 */
-    sp_256_mont_sqr_order_4(t2, a);
-    /* t3 = a^3 = t * a */
-    sp_256_mont_mul_order_4(t3, t2, a);
-    /* t5 = a^5 = t3 * t2 */
-    sp_256_mont_mul_order_4(t5, t3, t2);
-    /* t7 = a^6 = t3 ^ 2 */
-    sp_256_mont_sqr_order_4(t7, t3);
-    /* t7 = a^7 = t7 * a */
-    sp_256_mont_mul_order_4(t7, t7, a);
-    /* t2 = a^c = t3 ^ 2 */
-    sp_256_mont_sqr_order_4(t2, t7);
-    /* t15= a^f = t2 * t3 */
-    sp_256_mont_mul_order_4(t15, t2, a);
-    /* t2 = a^f0 = t15 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_4(t2, t15, 4);
-    /* t  = a^ff = t2 * t15 */
-    sp_256_mont_mul_order_4(t, t2, t15);
-    /* t15= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_4(t2, t, 8);
-    /* t  = a^ffff = t2 * t */
-    sp_256_mont_mul_order_4(t, t2, t);
-    /* t2 = a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_4(t2, t, 16);
-    /* t  = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_4(t, t2, t);
-    /* t2 = a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_4(t2, t, 64);
-    /* t2 = a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_4(t2, t2, t);
-    /* t2 = a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_4(t2, t2, 32);
-    /* t2 = a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_4(t2, t2, t);
-
-    /* ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_sqr_order_4(t2, t2);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t15);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t7);
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t15);
-    sp_256_mont_sqr_n_order_4(t2, t2, 3);
-    sp_256_mont_mul_order_4(t2, t2, t5);
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t5);
-    sp_256_mont_sqr_n_order_4(t2, t2, 3);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 3);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 2);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t7);
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t15);
-    sp_256_mont_sqr_n_order_4(t2, t2, 6);
-    sp_256_mont_mul_order_4(t2, t2, t15);
-    sp_256_mont_sqr_n_order_4(t2, t2, 2);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 6);
-    sp_256_mont_mul_order_4(t2, t2, t15);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t7);
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t7);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t7);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t5);
-    sp_256_mont_sqr_n_order_4(t2, t2, 3);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t15);
-    sp_256_mont_sqr_n_order_4(t2, t2, 2);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    sp_256_mont_sqr_n_order_4(t2, t2, 3);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 5);
-    sp_256_mont_mul_order_4(t2, t2, t5);
-    sp_256_mont_sqr_n_order_4(t2, t2, 2);
-    sp_256_mont_mul_order_4(t2, t2, a);
-    sp_256_mont_sqr_n_order_4(t2, t2, 6);
-    sp_256_mont_mul_order_4(r, t2, t15);
-    /* Multiplications: 31 */
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_4(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_4(k, k, p256_norm_order);
-    err = sp_256_mod_4(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_4(k);
-
-        /* kInv = 1/k mod order */
-            sp_256_mont_inv_order_4(kInv, k, tmp);
-        sp_256_norm_4(kInv);
-
-        /* s = r * x + e */
-            sp_256_mul_4(x, x, r);
-        err = sp_256_mod_4(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_4(x);
-        carry = sp_256_add_4(s, e, x);
-        sp_256_cond_sub_4(s, s, p256_order, 0 - carry);
-        sp_256_norm_4(s);
-        c = sp_256_cmp_4(s, p256_order);
-        sp_256_cond_sub_4(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_4(s);
-
-        /* s = s * k^-1 mod order */
-            sp_256_mont_mul_order_4(s, s, kInv);
-        sp_256_norm_4(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 10 * 2 * 4);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 10 * 2 * 4, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 4;
-        k = e + 4 * 4;
-        r = e + 6 * 4;
-        tmp = e + 8 * 4;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_4(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 4, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_256_ecc_mulmod_base_4(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 4U);
-            sp_256_norm_4(r);
-            c = sp_256_cmp_4(r, p256_order);
-            sp_256_cond_sub_4(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_4(r);
-
-            if (!sp_256_iszero_4(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 4, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 4, hash, (int)hashLen);
-
-                err = sp_256_calc_s_4(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_4(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 10 * 2 * 4, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-        sp_256_mont_inv_order_4_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*4];
-    sp_digit x[2*4];
-    sp_digit k[2*4];
-    sp_digit r[2*4];
-    sp_digit tmp[6 * 2*4];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_4(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 4, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 4U);
-        sp_256_norm_4(ctx->r);
-        c = sp_256_cmp_4(ctx->r, p256_order);
-        sp_256_cond_sub_4(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_4(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 4, priv);
-        sp_256_from_bin(ctx->e, 4, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_4(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_4(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_4(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_4_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_4(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_4(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_4(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_256_norm_4(ctx->x);
-        carry = sp_256_add_4(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_4(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_4(ctx->s);
-        c = sp_256_cmp_4(ctx->s, p256_order);
-        sp_256_cond_sub_4(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_4(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_4(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_4(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_4(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 6U * 2U * 4U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_256_mod_inv_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	x20, [%[m], 0]\n\t"
-        "ldr	x21, [%[m], 8]\n\t"
-        "ldr	x22, [%[m], 16]\n\t"
-        "ldr	%[m], [%[m], 24]\n\t"
-        "ldr	x7, [%[a], 0]\n\t"
-        "ldr	x8, [%[a], 8]\n\t"
-        "ldr	x9, [%[a], 16]\n\t"
-        "ldr	x10, [%[a], 24]\n\t"
-        "mov	x3, x20\n\t"
-        "mov	x4, x21\n\t"
-        "mov	x5, x22\n\t"
-        "mov	x6, %[m]\n\t"
-        "mov	x11, xzr\n\t"
-        "mov	x12, xzr\n\t"
-        "mov	x13, xzr\n\t"
-        "mov	x14, xzr\n\t"
-        "mov	x15, 1\n\t"
-        "mov	x16, xzr\n\t"
-        "mov	x17, xzr\n\t"
-        "mov	x19, xzr\n\t"
-        "cmp	x6, 0\n\t"
-        "b.eq	10f\n\t"
-        "mov	x25, 256\n\t"
-        "clz	x23, x6\n\t"
-        "sub	x23, x25, x23\n\t"
-        "b	13f\n\t"
-        "\n10:\n\t"
-        "cmp	x5, 0\n\t"
-        "b.eq	11f\n\t"
-        "mov	x25, 192\n\t"
-        "clz	x23, x5\n\t"
-        "sub	x23, x25, x23\n\t"
-        "b	13f\n\t"
-        "\n11:\n\t"
-        "cmp	x4, 0\n\t"
-        "b.eq	12f\n\t"
-        "mov	x25, 128\n\t"
-        "clz	x23, x4\n\t"
-        "sub	x23, x25, x23\n\t"
-        "b	13f\n\t"
-        "\n12:\n\t"
-        "mov	x25, 64\n\t"
-        "clz	x23, x3\n\t"
-        "sub	x23, x25, x23\n\t"
-        "\n13:\n\t"
-        "cmp	x10, 0\n\t"
-        "b.eq	20f\n\t"
-        "mov	x25, 256\n\t"
-        "clz	x24, x10\n\t"
-        "sub	x24, x25, x24\n\t"
-        "b	23f\n\t"
-        "\n20:\n\t"
-        "cmp	x9, 0\n\t"
-        "b.eq	21f\n\t"
-        "mov	x25, 192\n\t"
-        "clz	x24, x9\n\t"
-        "sub	x24, x25, x24\n\t"
-        "b	23f\n\t"
-        "\n21:\n\t"
-        "cmp	x8, 0\n\t"
-        "b.eq	22f\n\t"
-        "mov	x25, 128\n\t"
-        "clz	x24, x8\n\t"
-        "sub	x24, x25, x24\n\t"
-        "b	23f\n\t"
-        "\n22:\n\t"
-        "mov	x25, 64\n\t"
-        "clz	x24, x7\n\t"
-        "sub	x24, x25, x24\n\t"
-        "\n23:\n\t"
-        "tst	x7, 1\n\t"
-        "b.ne	90f\n\t"
-        "\n1:\n\t"
-        "extr	x7, x8, x7, 1\n\t"
-        "extr	x8, x9, x8, 1\n\t"
-        "extr	x9, x10, x9, 1\n\t"
-        "lsr	x10, x10, 1\n\t"
-        "sub	x24, x24, 1\n\t"
-        "ands	x25, x15, 1\n\t"
-        "b.eq	2f\n\t"
-        "adds	x15, x15, x20\n\t"
-        "adcs	x16, x16, x21\n\t"
-        "adcs	x17, x17, x22\n\t"
-        "adcs	x19, x19, %[m]\n\t"
-        "cset	x25, cs\n\t"
-        "\n2:\n\t"
-        "extr	x15, x16, x15, 1\n\t"
-        "extr	x16, x17, x16, 1\n\t"
-        "extr	x17, x19, x17, 1\n\t"
-        "extr	x19, x25, x19, 1\n\t"
-        "tst	x7, 1\n\t"
-        "b.eq	1b\n\t"
-        "\n90:\n\t"
-        "cmp	x23, 1\n\t"
-        "b.eq	100f\n\t"
-        "cmp	x24, 1\n\t"
-        "b.eq	101f\n\t"
-        "cmp	x23, x24\n\t"
-        "b.hi	91f\n\t"
-        "b.cc	92f\n\t"
-        "cmp	x6, x10\n\t"
-        "b.hi	91f\n\t"
-        "b.cc	92f\n\t"
-        "cmp	x5, x9\n\t"
-        "b.hi	91f\n\t"
-        "b.cc	92f\n\t"
-        "cmp	x4, x8\n\t"
-        "b.hi	91f\n\t"
-        "b.cc	92f\n\t"
-        "cmp	x3, x7\n\t"
-        "b.cc	92f\n\t"
-        "\n91:\n\t"
-        "subs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "sbc	x6, x6, x10\n\t"
-        "subs	x11, x11, x15\n\t"
-        "sbcs	x12, x12, x16\n\t"
-        "sbcs	x13, x13, x17\n\t"
-        "sbcs	x14, x14, x19\n\t"
-        "b.cs	30f\n\t"
-        "adds	x11, x11, x20\n\t"
-        "adcs	x12, x12, x21\n\t"
-        "adcs	x13, x13, x22\n\t"
-        "adc	x14, x14, %[m]\n\t"
-        "\n30:\n\t"
-        "cmp	x6, 0\n\t"
-        "b.eq	40f\n\t"
-        "mov	x25, 256\n\t"
-        "clz	x23, x6\n\t"
-        "sub	x23, x25, x23\n\t"
-        "b	43f\n\t"
-        "\n40:\n\t"
-        "cmp	x5, 0\n\t"
-        "b.eq	41f\n\t"
-        "mov	x25, 192\n\t"
-        "clz	x23, x5\n\t"
-        "sub	x23, x25, x23\n\t"
-        "b	43f\n\t"
-        "\n41:\n\t"
-        "cmp	x4, 0\n\t"
-        "b.eq	42f\n\t"
-        "mov	x25, 128\n\t"
-        "clz	x23, x4\n\t"
-        "sub	x23, x25, x23\n\t"
-        "b	43f\n\t"
-        "\n42:\n\t"
-        "mov	x25, 64\n\t"
-        "clz	x23, x3\n\t"
-        "sub	x23, x25, x23\n\t"
-        "\n43:\n\t"
-        "\n50:\n\t"
-        "extr	x3, x4, x3, 1\n\t"
-        "extr	x4, x5, x4, 1\n\t"
-        "extr	x5, x6, x5, 1\n\t"
-        "lsr	x6, x6, 1\n\t"
-        "sub	x23, x23, 1\n\t"
-        "ands	x25, x11, 1\n\t"
-        "b.eq	51f\n\t"
-        "adds	x11, x11, x20\n\t"
-        "adcs	x12, x12, x21\n\t"
-        "adcs	x13, x13, x22\n\t"
-        "adcs	x14, x14, %[m]\n\t"
-        "cset	x25, cs\n\t"
-        "\n51:\n\t"
-        "extr	x11, x12, x11, 1\n\t"
-        "extr	x12, x13, x12, 1\n\t"
-        "extr	x13, x14, x13, 1\n\t"
-        "extr	x14, x25, x14, 1\n\t"
-        "tst	x3, 1\n\t"
-        "b.eq	50b\n\t"
-        "b	90b\n\t"
-        "\n92:\n\t"
-        "subs	x7, x7, x3\n\t"
-        "sbcs	x8, x8, x4\n\t"
-        "sbcs	x9, x9, x5\n\t"
-        "sbc	x10, x10, x6\n\t"
-        "subs	x15, x15, x11\n\t"
-        "sbcs	x16, x16, x12\n\t"
-        "sbcs	x17, x17, x13\n\t"
-        "sbcs	x19, x19, x14\n\t"
-        "b.cs	60f\n\t"
-        "adds	x15, x15, x20\n\t"
-        "adcs	x16, x16, x21\n\t"
-        "adcs	x17, x17, x22\n\t"
-        "adc	x19, x19, %[m]\n\t"
-        "\n60:\n\t"
-        "cmp	x10, 0\n\t"
-        "b.eq	70f\n\t"
-        "mov	x25, 256\n\t"
-        "clz	x24, x10\n\t"
-        "sub	x24, x25, x24\n\t"
-        "b	73f\n\t"
-        "\n70:\n\t"
-        "cmp	x9, 0\n\t"
-        "b.eq	71f\n\t"
-        "mov	x25, 192\n\t"
-        "clz	x24, x9\n\t"
-        "sub	x24, x25, x24\n\t"
-        "b	73f\n\t"
-        "\n71:\n\t"
-        "cmp	x8, 0\n\t"
-        "b.eq	72f\n\t"
-        "mov	x25, 128\n\t"
-        "clz	x24, x8\n\t"
-        "sub	x24, x25, x24\n\t"
-        "b	73f\n\t"
-        "\n72:\n\t"
-        "mov	x25, 64\n\t"
-        "clz	x24, x7\n\t"
-        "sub	x24, x25, x24\n\t"
-        "\n73:\n\t"
-        "\n80:\n\t"
-        "extr	x7, x8, x7, 1\n\t"
-        "extr	x8, x9, x8, 1\n\t"
-        "extr	x9, x10, x9, 1\n\t"
-        "lsr	x10, x10, 1\n\t"
-        "sub	x24, x24, 1\n\t"
-        "ands	x25, x15, 1\n\t"
-        "b.eq	81f\n\t"
-        "adds	x15, x15, x20\n\t"
-        "adcs	x16, x16, x21\n\t"
-        "adcs	x17, x17, x22\n\t"
-        "adcs	x19, x19, %[m]\n\t"
-        "cset	x25, cs\n\t"
-        "\n81:\n\t"
-        "extr	x15, x16, x15, 1\n\t"
-        "extr	x16, x17, x16, 1\n\t"
-        "extr	x17, x19, x17, 1\n\t"
-        "extr	x19, x25, x19, 1\n\t"
-        "tst	x7, 1\n\t"
-        "b.eq	80b\n\t"
-        "b	90b\n\t"
-        "\n100:\n\t"
-        "str	x11, [%[r], 0]\n\t"
-        "str	x12, [%[r], 8]\n\t"
-        "str	x13, [%[r], 16]\n\t"
-        "str	x14, [%[r], 24]\n\t"
-        "b	102f\n\t"
-        "\n101:\n\t"
-        "str	x15, [%[r], 0]\n\t"
-        "str	x16, [%[r], 8]\n\t"
-        "str	x17, [%[r], 16]\n\t"
-        "str	x19, [%[r], 24]\n\t"
-        "\n102:\n\t"
-        : [m] "+r" (m)
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "cc"
-    );
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-
-        sp_256_proj_point_add_4(p1, p1, p2, tmp);
-    if (sp_256_iszero_4(p1->z)) {
-        if (sp_256_iszero_4(p1->x) && sp_256_iszero_4(p1->y)) {
-                sp_256_proj_point_dbl_4(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_4(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_256_mod_inv_4(s, s, p256_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_256_mul_4(s, s, p256_norm_order);
-        err = sp_256_mod_4(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_4(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_256_mont_inv_order_4(s, s, tmp);
-            sp_256_mont_mul_order_4(u1, u1, s);
-            sp_256_mont_mul_order_4(u2, u2, s);
-        }
-#else
-        {
-            sp_256_mont_mul_order_4(u1, u1, s);
-            sp_256_mont_mul_order_4(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_256_ecc_mulmod_base_4(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_4(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_4(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_4(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_4(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 4);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 4, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 4;
-        s   = u1 + 4 * 4;
-        tmp = u1 + 6 * 4;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 4, hash, (int)hashLen);
-        sp_256_from_mp(u2, 4, rm);
-        sp_256_from_mp(s, 4, sm);
-        sp_256_from_mp(p2->x, 4, pX);
-        sp_256_from_mp(p2->y, 4, pY);
-        sp_256_from_mp(p2->z, 4, pZ);
-
-        err = sp_256_calc_vfy_point_4(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 4, rm);
-        err = sp_256_mod_mul_norm_4(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_256_mont_sqr_4(p1->z, p1->z, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_4(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_4(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 4, rm);
-            carry = sp_256_add_4(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_4(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_4(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_4(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_256_mont_mul_4(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_4(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-        sp_256_mont_inv_order_4_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_4_ctx dbl_ctx;
-        sp_256_proj_point_add_4_ctx add_ctx;
-    };
-    sp_digit u1[2*4];
-    sp_digit u2[2*4];
-    sp_digit s[2*4];
-    sp_digit tmp[2*4 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 4, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 4, rm);
-        sp_256_from_mp(ctx->s, 4, sm);
-        sp_256_from_mp(ctx->p2.x, 4, pX);
-        sp_256_from_mp(ctx->p2.y, 4, pY);
-        sp_256_from_mp(ctx->p2.z, 4, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_4(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_4(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_4(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_4_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_4(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_4(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_4(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_4(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_4_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 4, rm);
-        err = sp_256_mod_mul_norm_4(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_4(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_4(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_4(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 4, rm);
-            carry = sp_256_add_4(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_4(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_4(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_4(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_4(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_4(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "csetm	x14, cs\n\t"
-        "subs	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "sbcs	x5, x5, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "sbcs	x6, x6, xzr\n\t"
-        "sbcs	x7, x7, x13\n\t"
-        "sbc	x13, xzr, xzr\n\t"
-        "sub	x14, x14, x13\n\t"
-        "subs	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "sbcs	x5, x5, x12\n\t"
-        "sub	x13, xzr, x12\n\t"
-        "sbcs	x6, x6, xzr\n\t"
-        "stp	x4, x5, [%[r],0]\n\t"
-        "sbc	x7, x7, x13\n\t"
-        "stp	x6, x7, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-
-    (void)m;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_4(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 4;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_4(t1, point->y);
-        (void)sp_256_mod_4(t1, t1, p256_mod);
-        sp_256_sqr_4(t2, point->x);
-        (void)sp_256_mod_4(t2, t2, p256_mod);
-        sp_256_mul_4(t2, t2, point->x);
-        (void)sp_256_mod_4(t2, t2, p256_mod);
-        sp_256_mont_sub_4(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_4(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_4(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_4(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_4(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 4, pX);
-        sp_256_from_mp(pub->y, 4, pY);
-        sp_256_from_bin(pub->z, 4, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_4(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 4);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 4, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 4, pX);
-        sp_256_from_mp(pub->y, 4, pY);
-        sp_256_from_bin(pub->z, 4, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 4, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_4(pub->x) != 0) &&
-            (sp_256_iszero_4(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_4(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_4(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_4(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_256_ecc_mulmod_4(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_4(p->x) == 0) ||
-                             (sp_256_iszero_4(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_256_ecc_mulmod_base_4(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_4(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_4(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 4, pX);
-        sp_256_from_mp(p->y, 4, pY);
-        sp_256_from_mp(p->z, 4, pZ);
-        sp_256_from_mp(q->x, 4, qX);
-        sp_256_from_mp(q->y, 4, qY);
-        sp_256_from_mp(q->z, 4, qZ);
-        p->infinity = sp_256_iszero_4(p->x) &
-                      sp_256_iszero_4(p->y);
-        q->infinity = sp_256_iszero_4(q->x) &
-                      sp_256_iszero_4(q->y);
-
-            sp_256_proj_point_add_4(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 4, pX);
-        sp_256_from_mp(p->y, 4, pY);
-        sp_256_from_mp(p->z, 4, pZ);
-        p->infinity = sp_256_iszero_4(p->x) &
-                      sp_256_iszero_4(p->y);
-
-            sp_256_proj_point_dbl_4(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 4, pX);
-        sp_256_from_mp(p->y, 4, pY);
-        sp_256_from_mp(p->z, 4, pZ);
-        p->infinity = sp_256_iszero_4(p->x) &
-                      sp_256_iszero_4(p->y);
-
-            sp_256_map_4(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_4(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 4;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_4(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_4(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_4(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_4(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_4(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_4(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_4(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_4(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_4(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_4(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 4);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 4;
-
-        sp_256_from_mp(x, 4, xm);
-        err = sp_256_mod_mul_norm_4(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_4(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_4(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_4(y, y, x, p256_mod);
-        sp_256_mont_sub_4(y, y, x, p256_mod);
-        sp_256_mont_sub_4(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_4(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_4(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_4(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 4, 0, 4U * sizeof(sp_digit));
-        sp_256_mont_reduce_4(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_4(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 6];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 6];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 6];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[6] = {
-    0x00000000ffffffffL,0xffffffff00000000L,0xfffffffffffffffeL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[6] = {
-    0xffffffff00000001L,0x00000000ffffffffL,0x0000000000000001L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x0000000100000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[6] = {
-    0xecec196accc52973L,0x581a0db248b0a77aL,0xc7634d81f4372ddfL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[6] = {
-    0xecec196accc52971L,0x581a0db248b0a77aL,0xc7634d81f4372ddfL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[6] = {
-    0x1313e695333ad68dL,0xa7e5f24db74f5885L,0x389cb27e0bc8d220L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0x6ed46089e88fdc45L;
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x3a545e3872760ab7L,0x5502f25dbf55296cL,0x59f741e082542a38L,
-        0x6e1d3b628ba79b98L,0x8eb1c71ef320ad74L,0xaa87ca22be8b0537L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x7a431d7c90ea0e5fL,0x0a60b1ce1d7e819dL,0xe9da3113b5f0b8c0L,
-        0xf8f41dbd289a147cL,0x5d9e98bf9292dc29L,0x3617de4a96262c6fL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[6] = {
-    0x2a85c8edd3ec2aefL,0xc656398d8a2ed19dL,0x0314088f5013875aL,
-    0x181d9c6efe814112L,0x988e056be3f82d19L,0xb3312fa7e23ee7e4L
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[12];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 40\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 48\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 80\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[a], 0]\n\t"
-        "ldp	x10, x11, [%[a], 16]\n\t"
-        "ldp	x12, x13, [%[a], 32]\n\t"
-        "ldp	x14, x15, [%[b], 0]\n\t"
-        "ldp	x16, x17, [%[b], 16]\n\t"
-        "ldp	x19, x20, [%[b], 32]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul	x3, x8, x14\n\t"
-        "umulh	x4, x8, x14\n\t"
-        "str	x3, [%[r]]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul	x6, x8, x15\n\t"
-        "umulh	x7, x8, x15\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul	x6, x9, x14\n\t"
-        "adc	x5, xzr, x7\n\t"
-        "umulh	x7, x9, x14\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul	x6, x8, x16\n\t"
-        "umulh	x7, x8, x16\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul	x6, x9, x15\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x15\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul	x6, x10, x14\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul	x6, x8, x17\n\t"
-        "umulh	x7, x8, x17\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul	x6, x9, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x16\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul	x6, x10, x15\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x15\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul	x6, x11, x14\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x14\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[4]\n\t"
-        "mul	x6, x8, x19\n\t"
-        "umulh	x7, x8, x19\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul	x6, x9, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x17\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul	x6, x10, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul	x6, x11, x15\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x15\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[0]\n\t"
-        "mul	x6, x12, x14\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x14\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[5]\n\t"
-        "mul	x6, x8, x20\n\t"
-        "umulh	x7, x8, x20\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[4]\n\t"
-        "mul	x6, x9, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x19\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul	x6, x10, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul	x6, x11, x16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[1]\n\t"
-        "mul	x6, x12, x15\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x15\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[0]\n\t"
-        "mul	x6, x13, x14\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[1] * B[5]\n\t"
-        "mul	x6, x9, x20\n\t"
-        "umulh	x7, x9, x20\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[4]\n\t"
-        "mul	x6, x10, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x19\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul	x6, x11, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[2]\n\t"
-        "mul	x6, x12, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[1]\n\t"
-        "mul	x6, x13, x15\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x15\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[2] * B[5]\n\t"
-        "mul	x6, x10, x20\n\t"
-        "umulh	x7, x10, x20\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[4]\n\t"
-        "mul	x6, x11, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x19\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[3]\n\t"
-        "mul	x6, x12, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[2]\n\t"
-        "mul	x6, x13, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[3] * B[5]\n\t"
-        "mul	x6, x11, x20\n\t"
-        "umulh	x7, x11, x20\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[4]\n\t"
-        "mul	x6, x12, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x19\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[3]\n\t"
-        "mul	x6, x13, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[4] * B[5]\n\t"
-        "mul	x6, x12, x20\n\t"
-        "umulh	x7, x12, x20\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[4]\n\t"
-        "mul	x6, x13, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x19\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[5] * B[5]\n\t"
-        "mul	x6, x13, x20\n\t"
-        "umulh	x7, x13, x20\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adc	x5, x5, x7\n\t"
-        "stp	x4, x5, [%[r], 80]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_384_sqr_6(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[12];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 40\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 48\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 80\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * All registers version.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_384_sqr_6(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp       x16, x17, [%[a], 0]\n\t"
-        "ldp       x19, x20, [%[a], 16]\n\t"
-        "ldp       x21, x22, [%[a], 32]\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul       x6, x16, x17\n\t"
-        "umulh     x7, x16, x17\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul       x4, x16, x19\n\t"
-        "umulh     x5, x16, x19\n\t"
-        "adds  x7, x7, x4\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul       x4, x16, x20\n\t"
-        "adc   x8, xzr, x5\n\t"
-        "umulh     x5, x16, x20\n\t"
-        "adds  x8, x8, x4\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul       x4, x17, x19\n\t"
-        "adc   x9, xzr, x5\n\t"
-        "umulh     x5, x17, x19\n\t"
-        "adds  x8, x8, x4\n\t"
-        "#  A[0] * A[4]\n\t"
-        "mul       x4, x16, x21\n\t"
-        "adcs   x9, x9, x5\n\t"
-        "umulh     x5, x16, x21\n\t"
-        "adc     x10, xzr, xzr\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul       x4, x17, x20\n\t"
-        "adc   x10, x10, x5\n\t"
-        "umulh     x5, x17, x20\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[0] * A[5]\n\t"
-        "mul       x4, x16, x22\n\t"
-        "adcs   x10, x10, x5\n\t"
-        "umulh     x5, x16, x22\n\t"
-        "adc     x11, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[1] * A[4]\n\t"
-        "mul       x4, x17, x21\n\t"
-        "adc   x11, x11, x5\n\t"
-        "umulh     x5, x17, x21\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul       x4, x19, x20\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x19, x20\n\t"
-        "adc     x12, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[1] * A[5]\n\t"
-        "mul       x4, x17, x22\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x17, x22\n\t"
-        "adc     x12, x12, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[2] * A[4]\n\t"
-        "mul       x4, x19, x21\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x19, x21\n\t"
-        "adc     x13, xzr, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[2] * A[5]\n\t"
-        "mul       x4, x19, x22\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x19, x22\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[3] * A[4]\n\t"
-        "mul       x4, x20, x21\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x20, x21\n\t"
-        "adc     x14, xzr, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[3] * A[5]\n\t"
-        "mul       x4, x20, x22\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x20, x22\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[4] * A[5]\n\t"
-        "mul       x4, x21, x22\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x21, x22\n\t"
-        "adc     x15, xzr, xzr\n\t"
-        "adds  x14, x14, x4\n\t"
-        "adc   x15, x15, x5\n\t"
-        "# Double\n\t"
-        "adds	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "adcs	x12, x12, x12\n\t"
-        "adcs	x13, x13, x13\n\t"
-        "adcs	x14, x14, x14\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul       x5, x16, x16\n\t"
-        "adcs	x15, x15, x15\n\t"
-        "umulh     x2, x16, x16\n\t"
-        "cset  x16, cs\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul       x3, x17, x17\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh     x4, x17, x17\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul       x2, x19, x19\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "umulh     x3, x19, x19\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul       x4, x20, x20\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh     x2, x20, x20\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "#  A[4] * A[4]\n\t"
-        "mul       x3, x21, x21\n\t"
-        "adcs	x12, x12, x2\n\t"
-        "umulh     x4, x21, x21\n\t"
-        "adcs	x13, x13, x3\n\t"
-        "#  A[5] * A[5]\n\t"
-        "mul       x2, x22, x22\n\t"
-        "adcs	x14, x14, x4\n\t"
-        "umulh     x3, x22, x22\n\t"
-        "adcs	x15, x15, x2\n\t"
-        "stp	x5, x6, [%[r], 0]\n\t"
-        "adc	x16, x16, x3\n\t"
-        "stp	x7, x8, [%[r], 16]\n\t"
-        "stp	x9, x10, [%[r], 32]\n\t"
-        "stp	x11, x12, [%[r], 48]\n\t"
-        "stp	x13, x14, [%[r], 64]\n\t"
-        "stp	x15, x16, [%[r], 80]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_384_add_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "ldr	x7, [%[b], 32]\n\t"
-        "ldr	x8, [%[b], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_384_sub_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "ldr	x7, [%[b], 32]\n\t"
-        "ldr	x8, [%[b], 40]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 2 * 12);
-    int64_t* a32 = NULL;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        a32 = t + 12;
-
-        a32[0] = (int64_t)(a[0] & 0xffffffff);
-        a32[1] = (int64_t)(a[0] >> 32);
-        a32[2] = (int64_t)(a[1] & 0xffffffff);
-        a32[3] = (int64_t)(a[1] >> 32);
-        a32[4] = (int64_t)(a[2] & 0xffffffff);
-        a32[5] = (int64_t)(a[2] >> 32);
-        a32[6] = (int64_t)(a[3] & 0xffffffff);
-        a32[7] = (int64_t)(a[3] >> 32);
-        a32[8] = (int64_t)(a[4] & 0xffffffff);
-        a32[9] = (int64_t)(a[4] >> 32);
-        a32[10] = (int64_t)(a[5] & 0xffffffff);
-        a32[11] = (int64_t)(a[5] >> 32);
-
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + a32[0] + a32[8] + a32[9] - a32[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - a32[0] + a32[1] - a32[8] + a32[10] + a32[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - a32[1] + a32[2] - a32[9] + a32[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + a32[0] - a32[2] + a32[3] + a32[8] + a32[9] - a32[10] - a32[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + a32[0] + a32[1] - a32[3] + a32[4] + a32[8] + 2 * a32[9] + a32[10] -  2 * a32[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + a32[1] + a32[2] - a32[4] + a32[5] + a32[9] + 2 * a32[10] + a32[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + a32[2] + a32[3] - a32[5] + a32[6] + a32[10] + 2 * a32[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + a32[3] + a32[4] - a32[6] + a32[7] + a32[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + a32[4] + a32[5] - a32[7] + a32[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + a32[5] + a32[6] - a32[8] + a32[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + a32[6] + a32[7] - a32[9] + a32[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + a32[7] + a32[8] - a32[10] + a32[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = (sp_digit)((t[1] << 32) | t[0]);
-        r[1] = (sp_digit)((t[3] << 32) | t[2]);
-        r[2] = (sp_digit)((t[5] << 32) | t[4]);
-        r[3] = (sp_digit)((t[7] << 32) | t[6]);
-        r[4] = (sp_digit)((t[9] << 32) | t[8]);
-        r[5] = (sp_digit)((t[11] << 32) | t[10]);
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_6(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 6, pm->x);
-    sp_384_from_mp(p->y, 6, pm->y);
-    sp_384_from_mp(p->z, 6, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 6);
-        r->used = 6;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 6; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 6; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_6(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_384_cond_copy_6(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[r], 0]\n\t"
-        "ldp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x7, x8, [%[r], 32]\n\t"
-        "ldp	x9, x10, [%[a], 0]\n\t"
-        "ldp	x11, x12, [%[a], 16]\n\t"
-        "ldp	x13, x14, [%[a], 32]\n\t"
-        "eor	x9, x9, x3\n\t"
-        "eor	x10, x10, x4\n\t"
-        "eor	x11, x11, x5\n\t"
-        "eor	x12, x12, x6\n\t"
-        "eor	x13, x13, x7\n\t"
-        "eor	x14, x14, x8\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "and	x13, x13, %[m]\n\t"
-        "and	x14, x14, %[m]\n\t"
-        "eor	x3, x3, x9\n\t"
-        "eor	x4, x4, x10\n\t"
-        "eor	x5, x5, x11\n\t"
-        "eor	x6, x6, x12\n\t"
-        "eor	x7, x7, x13\n\t"
-        "eor	x8, x8, x14\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "stp	x7, x8, [%[r], 32]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-}
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_384_mont_reduce_6(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x7, x8, [%[a], #0]\n\t"
-        "ldp	x9, x10, [%[a], #16]\n\t"
-        "ldp	x11, x12, [%[a], #32]\n\t"
-        "mov	x6, xzr\n\t"
-        "# a[0-7] += m[0-5] * mu[0..1] = m[0-5] * (a[0..1] * mp)\n\t"
-        "ldp	x13, x14, [%[a], #48]\n\t"
-        "extr	x2, x8, x7, 32\n\t"
-        "extr	x1, x7, xzr, 32\n\t"
-        "adds	x1, x1, x7\n\t"
-        "adc	x2, x2, x8\n\t"
-        "add	x2, x2, x7\n\t"
-        "extr	x5, xzr, x2, 32\n\t"
-        "extr	x4, x2, x1, 32\n\t"
-        "extr	x3, x1, xzr, 32\n\t"
-        "adds	x7, x7, x3\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "adcs	x9, x9, x5\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, xzr\n\t"
-        "adcs	x13, x13, x1\n\t"
-        "adcs	x14, x14, x2\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adds	x3, x3, x2\n\t"
-        "adcs	x4, x4, x1\n\t"
-        "adcs	x5, x5, x2\n\t"
-        "adcs	x2, xzr, xzr\n\t"
-        "subs	x9, x9, x4\n\t"
-        "sbcs	x10, x10, x5\n\t"
-        "sbcs	x11, x11, x2\n\t"
-        "sbcs	x12, x12, xzr\n\t"
-        "sbcs	x13, x13, xzr\n\t"
-        "sbcs	x14, x14, xzr\n\t"
-        "sbc	x6, x6, xzr\n\t"
-        "# a[2-9] += m[0-5] * mu[0..1] = m[0-5] * (a[2..3] * mp)\n\t"
-        "ldp	x7, x8, [%[a], #64]\n\t"
-        "extr	x2, x10, x9, 32\n\t"
-        "extr	x1, x9, xzr, 32\n\t"
-        "adds	x1, x1, x9\n\t"
-        "adc	x2, x2, x10\n\t"
-        "add	x2, x2, x9\n\t"
-        "extr	x5, xzr, x2, 32\n\t"
-        "extr	x4, x2, x1, 32\n\t"
-        "extr	x3, x1, xzr, 32\n\t"
-        "adds	x7, x7, x6\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "adcs	x12, x12, xzr\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adcs	x7, x7, x1\n\t"
-        "adcs	x8, x8, x2\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adds	x3, x3, x2\n\t"
-        "adcs	x4, x4, x1\n\t"
-        "adcs	x5, x5, x2\n\t"
-        "adcs	x2, xzr, xzr\n\t"
-        "subs	x11, x11, x4\n\t"
-        "sbcs	x12, x12, x5\n\t"
-        "sbcs	x13, x13, x2\n\t"
-        "sbcs	x14, x14, xzr\n\t"
-        "sbcs	x7, x7, xzr\n\t"
-        "sbcs	x8, x8, xzr\n\t"
-        "sbc	x6, x6, xzr\n\t"
-        "# a[4-11] += m[0-5] * mu[0..1] = m[0-5] * (a[4..5] * mp)\n\t"
-        "ldp	x9, x10, [%[a], #80]\n\t"
-        "extr	x2, x12, x11, 32\n\t"
-        "extr	x1, x11, xzr, 32\n\t"
-        "adds	x1, x1, x11\n\t"
-        "adc	x2, x2, x12\n\t"
-        "add	x2, x2, x11\n\t"
-        "extr	x5, xzr, x2, 32\n\t"
-        "extr	x4, x2, x1, 32\n\t"
-        "extr	x3, x1, xzr, 32\n\t"
-        "adds	x9, x9, x6\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        "adds	x11, x11, x3\n\t"
-        "adcs	x12, x12, x4\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adcs	x9, x9, x1\n\t"
-        "adcs	x10, x10, x2\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adds	x3, x3, x2\n\t"
-        "adcs	x4, x4, x1\n\t"
-        "adcs	x5, x5, x2\n\t"
-        "adcs	x2, xzr, xzr\n\t"
-        "subs	x13, x13, x4\n\t"
-        "sbcs	x14, x14, x5\n\t"
-        "sbcs	x7, x7, x2\n\t"
-        "sbcs	x8, x8, xzr\n\t"
-        "sbcs	x9, x9, xzr\n\t"
-        "sbcs	x10, x10, xzr\n\t"
-        "sbc	x6, x6, xzr\n\t"
-        "# Subtract mod if carry\n\t"
-        "neg	x6, x6\n\t"
-        "mov	x5, -2\n\t"
-        "lsr	x3, x6, 32\n\t"
-        "lsl	x4, x6, 32\n\t"
-        "and	x5, x5, x6\n\t"
-        "subs	x13, x13, x3\n\t"
-        "sbcs	x14, x14, x4\n\t"
-        "sbcs	x7, x7, x5\n\t"
-        "sbcs	x8, x8, x6\n\t"
-        "sbcs	x9, x9, x6\n\t"
-        "sbc	x10, x10, x6\n\t"
-        "stp	x13, x14, [%[a], #0]\n\t"
-        "stp	x7, x8, [%[a], #16]\n\t"
-        "stp	x9, x10, [%[a], #32]\n\t"
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-        : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-}
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x16, x17, [%[a], 32]\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..5\n\t"
-        "mov	x4, 6\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x9, %[mp], x12\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "ldp	x10, x11, [%[m], 0]\n\t"
-        "mul	x7, x10, x9\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x12, x12, x7\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "mul	x7, x11, x9\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x12, x13, x7\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "ldp	x11, x10, [%[m], 16]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x12, x12, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x13, x14, x7\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x13, x13, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x14, x15, x7\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "ldp	x11, x10, [%[m], 32]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x14, x14, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x15, x16, x7\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "ldr	x10, [%[m], 40]\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x15, x15, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x6, x6, x7\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x16, x17, x6\n\t"
-        "ldr	x17, [%[a], 48]\n\t"
-        "adcs	x17, x17, x8\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "neg	x3, x3\n\t"
-        "mov	x9, %[a]\n\t"
-        "sub	%[a], %[a], 48\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x12, x12, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x13, x13, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x14, x14, x6\n\t"
-        "stp	x12, x13, [%[a], 0]\n\t"
-        "sbcs	x15, x15, x7\n\t"
-        "stp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x16, x16, x4\n\t"
-        "sbcs	x17, x17, x5\n\t"
-        "stp	x16, x17, [%[a], 32]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_6(r, a, b);
-    sp_384_mont_reduce_6(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_6(r, a);
-    sp_384_mont_reduce_6(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_6(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_6(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word64 p384_mod_minus_2[6] = {
-    0x00000000fffffffdU,0xffffffff00000000U,0xfffffffffffffffeU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 6);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_6(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_384_mont_mul_6(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 6);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 6;
-    sp_digit* t3 = td + 4 * 6;
-    sp_digit* t4 = td + 6 * 6;
-    sp_digit* t5 = td + 8 * 6;
-
-    /* 0x2 */
-    sp_384_mont_sqr_6(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_6(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_6(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_6(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_6(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_6(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_6(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_6(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_6(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_6(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_6(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_6(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_6(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_6(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_6(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_384_cmp_6(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #6\n\t"
-        "add	%[a], %[a], #32\n\t"
-        "add	%[b], %[b], #32\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_384_norm_6(a)
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_384_cond_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_6(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_int64 n;
-
-    sp_384_mont_inv_6(t1, p->z, t + 2*6);
-
-    sp_384_mont_sqr_6(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_6(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 6, 0, sizeof(sp_digit) * 6U);
-    sp_384_mont_reduce_6(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_6(r->x, p384_mod);
-    sp_384_cond_sub_6(r->x, r->x, p384_mod, (sp_digit)~(n >> 63));
-    sp_384_norm_6(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_6(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 6, 0, sizeof(sp_digit) * 6U);
-    sp_384_mont_reduce_6(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_6(r->y, p384_mod);
-    sp_384_cond_sub_6(r->y, r->y, p384_mod, (sp_digit)~(n >> 63));
-    sp_384_norm_6(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_add_6(r, a, b);
-    sp_384_cond_sub_6(r, r, m, 0 - o);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_add_6(r, a, a);
-    sp_384_cond_sub_6(r, r, m, 0 - o);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_add_6(r, a, a);
-    sp_384_cond_sub_6(r, r, m, 0 - o);
-    o = sp_384_add_6(r, r, a);
-    sp_384_cond_sub_6(r, r, m, 0 - o);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "adcs	x4, x4, x5\n\t"
-        "cset	%[c], cs\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 48\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_sub_6(r, a, b);
-    sp_384_cond_add_6(r, r, m, o);
-}
-
-static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "extr	x4, x5, x4, #1\n\t"
-        "extr	x5, x6, x5, #1\n\t"
-        "extr	x6, x7, x6, #1\n\t"
-        "lsr	x7, x7, #1\n\t"
-        "stp	x2, x3, [%[r]]\n\t"
-        "stp	x4, x5, [%[r], 16]\n\t"
-        "stp	x6, x7, [%[r], 32]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_cond_add_6(r, a, m, 0 - (a[0] & 1));
-    sp_384_rshift1_6(r, r);
-    r[5] |= o << 63;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_6(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_6(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_6(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_6(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_6(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_6(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_6(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_6(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_6(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_6(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_6(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_6(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_6(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_6(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_6(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_6(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_6(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_6_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_6_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_6_ctx* ctx = (sp_384_proj_point_dbl_6_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*6;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_6(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_6(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_6(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_6(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_6(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_6(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_6(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_6(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_6(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_6(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_6(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_6(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_6(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_6(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*6;
-    sp_digit* b = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t2 = t + 8*6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_6(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_6(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_6(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_6(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_6(t2, b, p384_mod);
-        sp_384_mont_sub_6(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_6(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_6(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_6(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_6(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_6(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_6(t2, b, p384_mod);
-    sp_384_mont_sub_6(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_6(t2, b, x, p384_mod);
-    sp_384_mont_dbl_6(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_6(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_6(y, y, p384_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_6(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_6(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_6(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*6;
-    sp_digit* t2 = t + 4*6;
-    sp_digit* t3 = t + 6*6;
-    sp_digit* t4 = t + 8*6;
-    sp_digit* t5 = t + 10*6;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_6(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_6(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_6(t2, t1) &
-            sp_384_cmp_equal_6(t4, t3)) {
-        sp_384_proj_point_dbl_6(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_6(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_6(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_6(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(x, x, t5, p384_mod);
-        sp_384_mont_mul_6(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_6(t3, y, p384_mod);
-        sp_384_mont_sub_6(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        sp_384_mont_mul_6(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_6_ctx {
-    int state;
-    sp_384_proj_point_dbl_6_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_6_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_6_ctx* ctx = (sp_384_proj_point_add_6_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*6;
-        ctx->t2 = t + 4*6;
-        ctx->t3 = t + 6*6;
-        ctx->t4 = t + 8*6;
-        ctx->t5 = t + 10*6;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_6(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_6(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_6(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_6(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_6(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_6(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_6(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_6(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_6(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_6(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_6(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_6(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_6(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_6(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_6(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_6(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_6(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_6(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_6(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_6(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_6(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_6(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
-        const sp_point_384* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*6;
-    sp_digit* b = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t2 = t + 8*6;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<6; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<6; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<6; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_6(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_6(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(w, w, p384_mod, p384_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_6(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_6(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_6(t2, b, p384_mod);
-        sp_384_mont_sub_6(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_6(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_6(r[j].z, z, y, p384_mod, p384_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_6(t1, t1, p384_mod, p384_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_6(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, y, t1, p384_mod);
-        /* Y = Y/2 */
-        sp_384_mont_div2_6(r[j].y, y, p384_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_384_proj_point_add_sub_6(sp_point_384* ra,
-        sp_point_384* rs, const sp_point_384* p, const sp_point_384* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t1, xa, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_6(t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t4, t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_6(t3, t3, ya, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-    /* H = U2 - U1 */
-    sp_384_mont_sub_6(t2, t2, t1, p384_mod);
-    /* RS = S2 + S1 */
-    sp_384_mont_add_6(t6, t4, t3, p384_mod);
-    /* R = S2 - S1 */
-    sp_384_mont_sub_6(t4, t4, t3, p384_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_384_mont_mul_6(za, za, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(za, za, t2, p384_mod, p384_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_384_mont_sqr_6(xa, t4, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(xs, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(ya, t1, t5, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(xa, xa, t5, p384_mod);
-    sp_384_mont_sub_6(xs, xs, t5, p384_mod);
-    sp_384_mont_dbl_6(t1, ya, p384_mod);
-    sp_384_mont_sub_6(xa, xa, t1, p384_mod);
-    sp_384_mont_sub_6(xs, xs, t1, p384_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_6(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_6(ya, ya, xa, p384_mod);
-    sp_384_mont_mul_6(ya, ya, t4, p384_mod, p384_mp_mod);
-    sp_384_sub_6(t6, p384_mod, t6);
-    sp_384_mont_mul_6(ys, ys, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t5, t5, t3, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(ya, ya, t5, p384_mod);
-    sp_384_mont_sub_6(ys, ys, t5, p384_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_384 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_384;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_6_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_6_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<65; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 64) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 64) {
-            n >>= 6;
-            if (++j < 6)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 6) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x3f);
-            o -= 58;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_6_6[y];
-        v[i].neg = recode_neg_6_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-SP_NOINLINE static void sp_384_get_point_33_6(sp_point_384* r,
-    const sp_point_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-    sp_digit z0 = 0;
-    sp_digit z1 = 0;
-    sp_digit z2 = 0;
-    sp_digit z3 = 0;
-    sp_digit z4 = 0;
-    sp_digit z5 = 0;
-
-    for (i = 1; i < 33; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-        z0 |= mask & table[i].z[0];
-        z1 |= mask & table[i].z[1];
-        z2 |= mask & table[i].z[2];
-        z3 |= mask & table[i].z[3];
-        z4 |= mask & table[i].z[4];
-        z5 |= mask & table[i].z[5];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-    r->z[0] = z0;
-    r->z[1] = z1;
-    r->z[2] = z2;
-    r->z[3] = z3;
-    r->z[4] = z4;
-    r->z[5] = z5;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    sp_point_384* rt = NULL;
-    sp_point_384* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_384 v[65];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_6(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t[1].y, g->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t[1].z, g->z, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_384_proj_point_dbl_n_store_6(t, &t[ 1], 5, 1, tmp);
-        sp_384_proj_point_add_6(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[ 6], &t[ 3], tmp);
-        sp_384_proj_point_add_sub_6(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[10], &t[ 5], tmp);
-        sp_384_proj_point_add_sub_6(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[12], &t[ 6], tmp);
-        sp_384_proj_point_dbl_6(&t[14], &t[ 7], tmp);
-        sp_384_proj_point_add_sub_6(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[18], &t[ 9], tmp);
-        sp_384_proj_point_add_sub_6(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[20], &t[10], tmp);
-        sp_384_proj_point_dbl_6(&t[22], &t[11], tmp);
-        sp_384_proj_point_add_sub_6(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[24], &t[12], tmp);
-        sp_384_proj_point_dbl_6(&t[26], &t[13], tmp);
-        sp_384_proj_point_add_sub_6(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[28], &t[14], tmp);
-        sp_384_proj_point_dbl_6(&t[30], &t[15], tmp);
-        sp_384_proj_point_add_sub_6(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_384_ecc_recode_6_6(k, v);
-
-        i = 64;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_33_6(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_384));
-        }
-        for (--i; i>=0; i--) {
-            sp_384_proj_point_dbl_n_6(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_33_6(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_384));
-            }
-            sp_384_sub_6(negy, p384_mod, p->y);
-            sp_384_norm_6(negy);
-            sp_384_cond_copy_6(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_384_proj_point_add_6(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_384_map_6(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[6];
-    sp_digit y[6];
-} sp_table_entry_384;
-
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*6;
-    sp_digit* t6 = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t4 = t + 8*6;
-    sp_digit* t5 = t + 10*6;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_6(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_6(p->x, t2) &
-            sp_384_cmp_equal_6(p->y, t4)) {
-        sp_384_proj_point_dbl_6(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_6(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_6(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_6(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_6(t5, t3, p384_mod);
-        sp_384_mont_sub_6(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_6(t3, t3, x, p384_mod);
-        sp_384_mont_mul_6(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_6(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 6;
-    sp_digit* tmp = t + 4 * 6;
-
-    sp_384_mont_inv_6(t1, a->z, tmp);
-
-    sp_384_mont_sqr_6(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_6(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 64 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_6(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_6(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_6(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_384_proj_point_dbl_n_6(t, 64, tmp);
-            sp_384_proj_to_affine_6(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_6(t, s1, s2, tmp);
-                sp_384_proj_to_affine_6(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_64_6(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-
-    for (i = 1; i < 64; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 63;
-        for (j=0; j<6; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 64;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_64_6(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=62; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 64;
-            }
-
-            sp_384_proj_point_dbl_6(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_64_6(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_6(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_6(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[6];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[6];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[64];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_6(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_6(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_6(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_6(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 48 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_6(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_6(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_6(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_384_proj_point_dbl_n_6(t, 48, tmp);
-            sp_384_proj_to_affine_6(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_6(t, s1, s2, tmp);
-                sp_384_proj_to_affine_6(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_256_6(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-
-    for (i = 1; i < 256; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 47;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 48;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_256_6(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=46; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 48;
-            }
-
-            sp_384_proj_point_dbl_6(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_256_6(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_6(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_6(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[6];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[6];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_6(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_6(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_6(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_6(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 6);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 6, km);
-        sp_384_point_from_ecc_point_6(point, gm);
-
-            err = sp_384_ecc_mulmod_6(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 6 + 6 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6 + 6 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 6;
-
-        sp_384_from_mp(k, 6, km);
-        sp_384_point_from_ecc_point_6(point, gm);
-        sp_384_point_from_ecc_point_6(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_6(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_6(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_6(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifndef WC_NO_CACHE_RESISTANT
-/* Striping precomputation table.
- * 6 points combined into a table of 64 points.
- * Distance of 64 between points.
- */
-static const sp_table_entry_384 p384_table[64] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x3dd0756649c0b528L,0x20e378e2a0d6ce38L,0x879c3afc541b4d6eL,
-        0x6454868459a30effL,0x812ff723614ede2bL,0x4d3aadc2299e1513L },
-      { 0x23043dad4b03a4feL,0xa1bfa8bf7bb4a9acL,0x8bade7562e83b050L,
-        0xc6c3521968f4ffd9L,0xdd8002263969a840L,0x2b78abc25a15c5e9L } },
-    /* 2 */
-    { { 0xa54768dab1b43eefL,0x13e41f47e14fda22L,0x774df203faef6863L,
-        0xf795a034bd7471b3L,0xf0958718b47de2e9L,0xc92f7888e1160cffL },
-      { 0x86ded97b0146c790L,0x015918f5480a4b7bL,0x05588920424e8459L,
-        0x37455914eecf8b2bL,0xe7d3df1fb968a6faL,0x07a0ffd6bad0719fL } },
-    /* 3 */
-    { { 0xda37cd535c54db6fL,0x0e37890a91f06c5cL,0x1730ef7be7ae7db5L,
-        0x2b3dcd51ff045f54L,0xf5db3c3c72cc8451L,0x3165d6efcf0c185cL },
-      { 0x177c4f6bf5958d78L,0xcb29d22f8d676a9fL,0x3bcf0068792ac96dL,
-        0x60d1c6b719df5641L,0x426e412a68a099f8L,0xf9ca0c5c9f74d52bL } },
-    /* 4 */
-    { { 0xf186d6bcc88d568aL,0x872bc4c7528535ddL,0xc9e7432edfe64dc3L,
-        0xd9fc4832d795ea57L,0xf4ffdb81c845af2bL,0x66d7e7882b670517L },
-      { 0xa7c1be04d7b7a1c6L,0xbed88479d5b2a249L,0x62ff8aba03f2ef6dL,
-        0x60ecaac420dc701dL,0x9f4b559f4ff10119L,0x0582c9313cd54fd0L } },
-    /* 5 */
-    { { 0x394fb84de86e3f64L,0xfe4a36e7ff13314eL,0xa1e44b14dc261ec2L,
-        0x3924e50a7420408fL,0x637e330242ed7626L,0xeb657b10fd711ba4L },
-      { 0xc16d01c5340949bbL,0x30e043267f1f42c7L,0xe7465819b056d872L,
-        0x3386f1c6886fb3dbL,0x5be463a5be56f774L,0xa96fd3b74694e15aL } },
-    /* 6 */
-    { { 0x95dd5ee5a98b4254L,0xea328205aa845e67L,0x98640fb5a1e36348L,
-        0xd1bc5c251add5ee7L,0xc3158a423d11b799L,0x5feb68ed47c83d54L },
-      { 0x7c5a1204963a207bL,0x2f2b2c7eee4671f8L,0xb63d291cd42867a6L,
-        0x0b073620139530f4L,0xbe149492abb05b99L,0x21417da455accd2aL } },
-    /* 7 */
-    { { 0x9408555e9e5eba15L,0x416250137b7572c5L,0xfa53ee50bfff6ea7L,
-        0x3d682de1e7b178c3L,0xb3e8769dec329f53L,0x1ab8c82e9eb524f4L },
-      { 0x5bbd538dde2f1eb9L,0x1d1b0bea2b19c51eL,0xf785f9b98cb06eeeL,
-        0x5cff29c6f58f21d5L,0x44aaa52245cbaef3L,0xd60c19427de40246L } },
-    /* 8 */
-    { { 0x378205de2f9fbe67L,0xc4afcb837f728e44L,0xdbcec06c682e00f1L,
-        0xf2a145c3114d5423L,0xa01d98747a52463eL,0xfc0935b17d717b0aL },
-      { 0x9653bc4fd4d01f95L,0x9aa83ea89560ad34L,0xf77943dcaf8e3f3fL,
-        0x70774a10e86fe16eL,0x6b62e6f1bf9ffdcfL,0x8a72f39e588745c9L } },
-    /* 9 */
-    { { 0x73ade4da2341c342L,0xdd326e54ea704422L,0x336c7d983741cef3L,
-        0x1eafa00d59e61549L,0xcd3ed892bd9a3efdL,0x03faf26cc5c6c7e4L },
-      { 0x087e2fcf3045f8acL,0x14a65532174f1e73L,0x2cf84f28fe0af9a7L,
-        0xddfd7a842cdc935bL,0x4c0f117b6929c895L,0x356572d64c8bcfccL } },
-    /* 10 */
-    { { 0x984a6aed6420bc66L,0x6d90e0e0896a24a6L,0xe0adb93a18713003L,
-        0xf00d424c1a8369fcL,0x636ebf14712ae802L,0xee39ff8ebe9d739aL },
-      { 0xb330dd3e94f6d1dcL,0x6ba6780eb7731cf8L,0x4e569408198be5a2L,
-        0x6639523b0193a22cL,0x6978cc9d91aa1455L,0x62062d8f329f9763L } },
-    /* 11 */
-    { { 0x7159107d80efff78L,0xf8ed5f8e8e4c39d5L,0x64a2265cc15e679cL,
-        0xfc514e17a6d96c81L,0x59c86545f093e0a8L,0x804b0a588b5a336aL },
-      { 0x94c32118cb9dcbcaL,0x2deb0e385d45251dL,0xd1092b0986869572L,
-        0x073bf838fb2e9f97L,0x76b6d7d6de700fcbL,0xd2a6d110f2ddce5fL } },
-    /* 12 */
-    { { 0x6da7ccd0229de19eL,0x5050d45df0aa039dL,0xf9f01d68d9e7a861L,
-        0x6d8b9f2000aa05f2L,0xae3d9698742cd4d9L,0x43e477abd560c394L },
-      { 0x73d594991cb6dd81L,0x689162b2fac3f62eL,0xd6187ca864d1d0d5L,
-        0xe8421a0d2f067457L,0x9b266acbea7c3a8dL,0x707e0e6e44df5cb3L } },
-    /* 13 */
-    { { 0x604b2a1a026511a0L,0xd4f6cf16256f4076L,0x7d823347b315a642L,
-        0x8f805833786aa438L,0x9883df85f04bb4b3L,0x02bc10305bba6d84L },
-      { 0xfe39a024a72c03acL,0xa980db635f2dbfd0L,0xcd53149f4f259ec6L,
-        0xe969079b43f53f97L,0xd3849fdb42f9f27cL,0xd2cfd3f842653dc9L } },
-    /* 14 */
-    { { 0xbf69fe6a6abe7d80L,0x4932288192bb50e2L,0xc9e2f7fb61e8b18dL,
-        0x24c74788f6c82421L,0xe79e5e3011c0b244L,0xd6612c70e0484571L },
-      { 0x7863ff927ef82d17L,0x692790feb0a1b01cL,0xa2d6ffb5afe51546L,
-        0xacdb43f26cf550c6L,0x3b3243dfaecfaf8fL,0x9557335ac233bcd9L } },
-    /* 15 */
-    { { 0x25e08c8faff5b387L,0x112c11e2d06208ceL,0x61031c1765234214L,
-        0xba06f5550514764dL,0xfaacf6f39bd197d0L,0xe4b032321464a57fL },
-      { 0x00c19adfe35dcd69L,0x81b75730a1c2646cL,0x47baa4fee0c50e32L,
-        0xe9297832bcaddb3bL,0x1768d2f9d712c6cfL,0xfcef29fdb82e9eeaL } },
-    /* 16 */
-    { { 0xdbe04c3044ce3ad8L,0x995fbb1b4ce8aad5L,0xdbf8b54670911457L,
-        0x9e683b5b3f7a1757L,0x7b89a08a9c7bd62cL,0x448865a40b3fc97eL },
-      { 0x0ac9abfc3bb01e94L,0xa07760421e756124L,0x0aa6c335d9deed97L,
-        0xe270580f72603e08L,0x70857a946c783bb2L,0xa0047774caa929aeL } },
-    /* 17 */
-    { { 0x56211190a353e889L,0x052917c3190eb198L,0xadfd85b03eee3d12L,
-        0xde1d761779fd9c91L,0x05be51b7bf500159L,0x271f07178fcb87f1L },
-      { 0x02673e273a75ac71L,0xb1b7246eda12da8dL,0xb25647928f5fb8c0L,
-        0x0a22cbe1063b1d7fL,0xb0d7a7365649976eL,0x8f8e6e289e96b15dL } },
-    /* 18 */
-    { { 0x8fc113f98312351cL,0xe837b9e0c5eff002L,0x7cb9ef074dad72fcL,
-        0x18a8d43eb5eb7ee3L,0x2cf3ae844925efdbL,0x376e9e857756ec6aL },
-      { 0xf77a79c8a3e3705fL,0x2d590b7d6c5fbab3L,0xa59713e27a4766c3L,
-        0xb5da6a6861544174L,0xadb04a8adab1fe76L,0x03b6138d375143b4L } },
-    /* 19 */
-    { { 0x20d88a80c1bfa043L,0x88806999672583ceL,0x195a89eaaea9b605L,
-        0x0b9b4e8532bac07bL,0x8279965683868df6L,0x83c58afab52711a9L },
-      { 0xb895c13d1c869283L,0x00f98d046206dde6L,0x76caaa22884bf311L,
-        0x22b2137f995b29a5L,0x7f645809b098b07bL,0xa540c8a6050e2552L } },
-    /* 20 */
-    { { 0x47980509e562d904L,0xe736f89d031e112cL,0xbc6bfb0765d8ae25L,
-        0xe9ed4cc4ca459646L,0xf540e90e2fff67ffL,0x836280eb1a314e11L },
-      { 0xa710b25041610627L,0xefc22b1573a9f9a2L,0x60f20789456498c0L,
-        0x417920438052f4e7L,0x5c850903d5c0e80dL,0x52df5275bf1d8815L } },
-    /* 21 */
-    { { 0x25539de98ece218dL,0xb36574a8dca420baL,0x9d1812680e0d07feL,
-        0xea79a5f5ad3ed34fL,0x8b739ad57c9277cfL,0xd88659886ee9a930L },
-      { 0xaf07bfb621591a3eL,0xe0138c6508f3524fL,0xd3128f1297ee315eL,
-        0x67f8641e21045f63L,0x3e1a96b140c73a2dL,0x8976b70305f51122L } },
-    /* 22 */
-    { { 0xdeaf635731960db4L,0x680b054e5948d7f7L,0x0841e40fd272bb5cL,
-        0x94d37db26e36117dL,0xaf2d001547f63ec8L,0x82665cdc47493309L },
-      { 0xfe90e844abbe3851L,0x8357709afb79bc0cL,0x811a64d2b6bcc044L,
-        0x1937c988882b3415L,0xe8b28724e267b271L,0x84d1eed0af89ed33L } },
-    /* 23 */
-    { { 0x52b8234f54c894a7L,0xfe54146fa2d11b70L,0x6412b5eb0aab6097L,
-        0xa62499906a13a9daL,0xd2b1eb50adc448caL,0xe7ab51f9b115ab92L },
-      { 0x4638ee62e76551d8L,0x74c3c1e1afe9c98dL,0x59000ad060d77322L,
-        0x0a4b105ba06adc9aL,0xcdaeb4a496a6f616L,0x8c79c4a1864b49dcL } },
-    /* 24 */
-    { { 0xc09c32d1c0b1bf15L,0x005d510f88d74e44L,0x031f9a9afc2c089eL,
-        0x08aac7294ba183f0L,0xf227a7ceaf2245ebL,0xb4ec33cbb3a864ffL },
-      { 0xdb76decd570a24f3L,0xea59387a12283a9eL,0x81b7c569341ef9a4L,
-        0xad7c98bd8d77833aL,0x2182133b49ca80ffL,0x1de1d456085802b7L } },
-    /* 25 */
-    { { 0xeead25b2e1c02860L,0xb2ae43694ff42d2eL,0x4b39a2ddfd61c1b0L,
-        0x29c826ea968718a5L,0x877fdf15d9751a0aL,0x00b321dfb54affdfL },
-      { 0x3c7c0778d4d5dbf7L,0x858a0fdccfc47423L,0xbd8e6544185b3063L,
-        0xa22c3ef62da46a04L,0x5c2d84016a6c0ce1L,0x260246eddd6329aeL } },
-    /* 26 */
-    { { 0x71753fc00c6463f6L,0x7ec14c015c6c9e33L,0x28b9ab9441ce6153L,
-        0x3a1ac251a6702c8dL,0x2b124bc49ed6cb1fL,0x7a11c4be4fc7383fL },
-      { 0x1414913509fac991L,0xf7c188d3cb1ee336L,0x754bc47391c3f406L,
-        0x71d34587cad39500L,0x213dd1a7dd0399a1L,0x8457a8f671d05899L } },
-    /* 27 */
-    { { 0xa921ca662e9c06d3L,0x1d8974e89ba6521fL,0xbb465c775f79f791L,
-        0x8f983f083a3954c8L,0x8492f8398b3935dcL,0x2b87d9c290c04426L },
-      { 0xcec76ea403e60a28L,0x648e9830aa631308L,0x7b542f791eb86b73L,
-        0xfc8cc9a3150d854dL,0x2be86940bfcc83feL,0x2e58a13ac88c7585L } },
-    /* 28 */
-    { { 0x19249a8fd1bc237fL,0xdec1c6a563505555L,0xc8256977bad2a93bL,
-        0x78533659fc598170L,0x888a6578ee7e53cbL,0x28783b0e33766db3L },
-      { 0xcf791e56e42c28f2L,0xfbf8dde8f9c37f4cL,0xf0ffaf1712c05395L,
-        0xd27d21e9daf2f012L,0xf90432da9a7be009L,0xa459c036a8012f28L } },
-    /* 29 */
-    { { 0x4d99a7cac8b1c6d4L,0x8088818825c899c0L,0xbd27e9be2ebdeb3dL,
-        0x73c3e0aa054e77c1L,0x180c848498534ce5L,0x750d52f754ffa9cdL },
-      { 0x5f26eeb16f702f4cL,0x427fc6e4cc76d8f4L,0x93126b8d026b631dL,
-        0x5356b93917e145a7L,0xc79ca872c0be7c84L,0x3fca7cad4b615fb7L } },
-    /* 30 */
-    { { 0xed48fe78d0241021L,0x252b14a0142f7f8eL,0x19ab85c6db573a09L,
-        0x546c3960f3df906fL,0xc688f4b22c810ea8L,0xbccf0cca5ff9e108L },
-      { 0x34f4609e3f2cc69bL,0xf3b1efe414afe4f4L,0x5d809cef37a8ef74L,
-        0xa8d1978a176ba328L,0x75dde11fdf59ecb9L,0x34eeeaffa9916ee2L } },
-    /* 31 */
-    { { 0xe7f603f248e83c85L,0xa94a539cfa581815L,0x5a61a596dba360b7L,
-        0x6cc51dd16a77ef79L,0x4ff36ae0fdbceb9dL,0xfcff65323e8a9c07L },
-      { 0x0ba0ce5436d4d0b8L,0x98087a452464efc2L,0xd456843bcc1a2ba7L,
-        0x677384a53853e04cL,0x625d32d56c7971deL,0x86882509f724b331L } },
-    /* 32 */
-    { { 0xc20fb9111a42e5e7L,0x075a678b81d12863L,0x12bcbc6a5cc0aa89L,
-        0x5279c6ab4fb9f01eL,0xbc8e178911ae1b89L,0xae74a706c290003cL },
-      { 0x9949d6ec79df3f45L,0xba18e26296c8d37fL,0x68de6ee2dd2275bfL,
-        0xa9e4fff8c419f1d5L,0xbc759ca4a52b5a40L,0xff18cbd863b0996dL } },
-    /* 33 */
-    { { 0x684a681892a5eeeaL,0x1f5b193242a09264L,0x30bd8695d98a2f34L,
-        0x6e775e019a8601fcL,0x8126bdc24ca956f8L,0x149e73d9e5595daaL },
-      { 0x876428401f851e83L,0x4b8863dbd3a7c4a0L,0xe1e43b3d8c95d7d9L,
-        0x7f1e307ea60fd528L,0xbf2fa5d134341610L,0x11ad4a8181c502d3L } },
-    /* 34 */
-    { { 0xc7df022e782dd401L,0xd15aa9a9a7bcc543L,0x6aa42774b94df1d0L,
-        0xab2660c30592a13eL,0xaf4e40809ffc40c7L,0x01152c8d9cd52b10L },
-      { 0x649de1d99034a33aL,0x2b9d0ef0d758abfcL,0xdddd0bc2d458adddL,
-        0xe5366ac9c09837f8L,0xa003abbb7b1ae35fL,0x880062887ab1fddeL } },
-    /* 35 */
-    { { 0x6b6c8f055288f1b4L,0xba05407c033738b4L,0x26cac3a941a955e3L,
-        0x28f1692f8e0e0601L,0x2032cb36842c4887L,0x6adeba457d76b20fL },
-      { 0xd282c2ce654c6f5cL,0x30584ca5be9ba4f1L,0x45d766a01b2c528bL,
-        0xe918bad7c0c6f8ccL,0x1e050b2a0560f070L,0x4fc95de12d6dd010L } },
-    /* 36 */
-    { { 0x2bb26072150191d5L,0xea2617618108dcf6L,0x4dfa1303e6083c63L,
-        0xfa4e0709e2876fb8L,0xf901fed0b1668763L,0xf01c53aeb82c967aL },
-      { 0xb43e59d39ed827e8L,0xb58e157e57774eefL,0x57ee54e31b83dceeL,
-        0x3d896f32613aa922L,0x69d40667b5c7bfc5L,0xd402b5cb77a2c0d8L } },
-    /* 37 */
-    { { 0xabeb70127d3c9923L,0x412ada8dd7ecb93aL,0xeb64dc910b71ae2fL,
-        0x52ef537aa9ab061aL,0x0863970fc1b55faeL,0xfaff5fb9b1182dbdL },
-      { 0x5551d6fed0abaa17L,0x7bb3e02072d641f6L,0x939d7793aa9d288cL,
-        0x1450f8bf9078e2c2L,0x24ccd102a086b6aeL,0x57d1796f6a3f8a5fL } },
-    /* 38 */
-    { { 0x1023120683ce1f76L,0xd16d4b9f03ee406fL,0x9d39c39883caa4b7L,
-        0x875732f5ce299b93L,0x1e6a425d2f121f4aL,0x4b1f1d835d8c3279L },
-      { 0xe655f58856dd6a6cL,0x23f106475843fd34L,0x932b7d942bad6ce2L,
-        0x70a0580e6772a52eL,0x3240118ac88537afL,0x9ccb2ca9d2407224L } },
-    /* 39 */
-    { { 0xa6a40db8710f2324L,0xb3567518c2a8a09aL,0x8816442841b5650aL,
-        0x2a352ed27570ba50L,0x23ee46b94c85d77eL,0x643aceffd858a8c3L },
-      { 0xe067908de3f02e82L,0x8d5869f2ffb8cf81L,0x4713f0820bc8ad7eL,
-        0xe1ee44c780057c40L,0xb34395087d2cf34eL,0x4307b0e10336a207L } },
-    /* 40 */
-    { { 0xe9c1e45746e4d003L,0xa23978c394332057L,0x0e2f300829575db6L,
-        0x50a51ff490441e9eL,0x38ce3ed0508d4a07L,0x6a997411cfd7224eL },
-      { 0x4d147c31da6b1e1dL,0xedf604b2da8a3547L,0x7a1b8cf0d5e9ceedL,
-        0xd74e501213544e6aL,0xcc49f8da4ad968f9L,0xfb87e604cc69ada9L } },
-    /* 41 */
-    { { 0xde79409bdf166882L,0xd645b836d46cc527L,0xda4a02f3b6c3eb28L,
-        0x845e3c5900e7cf86L,0x733bdc9b604c6d80L,0xe3a1244b847acd97L },
-      { 0x421312d6d128842cL,0x81f71feaa1c598efL,0xc619465545eaf796L,
-        0x1ffb85121f338b6cL,0xe7aed7106632f064L,0xf8d1ffb7f5b6e510L } },
-    /* 42 */
-    { { 0x7d3f031f3eace851L,0xef43ab7025923624L,0xbae811881af6cdecL,
-        0xb7e93b49ea862112L,0xe35a4fc6af23aba2L,0xc52e1fc0aecc593eL },
-      { 0xbffa292428148b99L,0xd08040fc89e3d795L,0x7da320032db47b3aL,
-        0xe78b44e5a0eb7aa3L,0xd1648ec8f0ec090bL,0x4048dba7740fe871L } },
-    /* 43 */
-    { { 0x6fddb89fa00a14acL,0x844f991508aa06e7L,0x6d5ac4a9f76aca7dL,
-        0xfba1ba85e9fa4d51L,0x159633bbb2ea0fc7L,0xa2eb0e4b76ba2854L },
-      { 0x8a858155c11f5398L,0x30a96e535e8ea044L,0x696210c197e05a47L,
-        0x86e55f9415036f4bL,0x0c93ea9c6a96d9d7L,0xb7ba506179eba3daL } },
-    /* 44 */
-    { { 0xd305c733cd94d7b2L,0x9ea33e363e7955b2L,0x78a98855bc73812fL,
-        0xfb1b791d48a3a9a0L,0x6e5107ee04014aafL,0x0412b2c00ea07de0L },
-      { 0xdd3a2408ddcaca68L,0x5d18e69ae3344f29L,0x3ce65481f9017408L,
-        0x50abb4568cbd64fbL,0x442fa5098916a9ebL,0x16b3ddc7c538c410L } },
-    /* 45 */
-    { { 0x6757dbfd25e331abL,0x0efde50ba3eaafbcL,0x1cd46222d531d29cL,
-        0x1b713ca93561cb2bL,0x7d07334bfb5bc99dL,0x95dba43e885a417dL },
-      { 0x1c9c3f3f77823a59L,0x43533ba83220cb7fL,0x1b918bc182e3e401L,
-        0x66a039aacd3fec87L,0x1d39dbb02dad36d5L,0x554025959dc04be4L } },
-    /* 46 */
-    { { 0xdf39920847744933L,0x4264f7ea82524dd6L,0xdb57ec08e5182c6dL,
-        0x2d6778e705c5e7bfL,0x3f37793f96f53ea2L,0x6472cbae05c47e48L },
-      { 0x9e6dd60fbf78067cL,0xa2817ec2cef34088L,0xde4715b8168edde9L,
-        0x6c57105146bf31e1L,0x98113fbbc4272bc0L,0x03bb7922cc3b90c3L } },
-    /* 47 */
-    { { 0xe0f23be157d88fefL,0x4125c55b0ca27a01L,0xeadf527e14a71262L,
-        0x1f2e803ccc4e9a04L,0x32e07b47d68c4fcfL,0x1577fab79db5070bL },
-      { 0xd786d6e57831990aL,0xf64ff4b154fbde40L,0x4bac5b034f9450aeL,
-        0x06ae25e055116af9L,0x33d84ea2d7b4fcfcL,0x44a92e73569c3b9eL } },
-    /* 48 */
-    { { 0xf5bdccbabad0cb7fL,0x370f43ca958edd05L,0x3dd8232b04904a26L,
-        0x3f8106682f4458e8L,0xdfcb67b99b3ace7eL,0x54e42f2d3e1241fcL },
-      { 0xe30f3fb0db889300L,0x4ca0184b483e51fcL,0x5a32d097a638dac6L,
-        0x567a2b5ec62a1db0L,0x2a756ba3c446456cL,0x6919026dd9f8d5c0L } },
-    /* 49 */
-    { { 0x7f6493fc4fec874aL,0x8bb8a674d47a0770L,0x90bad2a652bd4f0cL,
-        0x16badbe2f5733b07L,0x93be07cf93a1f802L,0x1e37a01541c395f7L },
-      { 0xfe2c0fd6216582b3L,0xdcd98bc81627180dL,0x41e037268e8c9f1eL,
-        0x93dbc22cfe8f45afL,0x5728c8a6ff45e059L,0x4f2f15cfca4a98cdL } },
-    /* 50 */
-    { { 0xdbe2ec5d656e7d76L,0x84ad1b4bae2757bbL,0xc9297e7a0d4fec75L,
-        0xfcc673eecad3ba87L,0xb0f77621dfd1671aL,0x5c386e449704a8c7L },
-      { 0xce78f03f3e29256dL,0x0b185938c3a6ed2fL,0x7b1e2fae7824819bL,
-        0x5a85d7f1f2d9313cL,0x238bd27973595b0fL,0x5fbf6b675c1cd2dcL } },
-    /* 51 */
-    { { 0x84d1ffb88a3e2412L,0xf01605926515f2feL,0x0e26ea9889905340L,
-        0xbfd7a1b7203bd3d4L,0x5301273a88ea0bdaL,0x2f424475b28dd43eL },
-      { 0x31014a2b33c28afaL,0xffbdea0c01e220eaL,0x681c64e8460b81d5L,
-        0xdbe6f7286a91e1d5L,0x068bf36332619ad5L,0x4946291f27976c74L } },
-    /* 52 */
-    { { 0xa081a9462068e4b0L,0x1a8f5df609bfdad0L,0x5fbba5bcef28dd35L,
-        0xa3e60d4f031ff71eL,0x2d47689b702ca18eL,0xd283f247c9b8e66bL },
-      { 0x63e65dd7859ea140L,0x123da61f42aacdc3L,0xa8a9e893336f680cL,
-        0x1cc4e12ac23d43acL,0x421e80d586a1fff8L,0x833d60d543deecc9L } },
-    /* 53 */
-    { { 0x3c25b57c29014f8fL,0xa19fcb1e35d8e122L,0x916c0e3ceda32ac8L,
-        0x9a23d289f36b6096L,0x5099038439a39871L,0xdc5b77b661c64196L },
-      { 0x5a7d9917942bf2b6L,0xd21853934f41cf6dL,0x90ff1016fcc45c2fL,
-        0x9891093deb8938aaL,0xe3c49b1baac4e6e9L,0x0f21a1d1d7a8e91eL } },
-    /* 54 */
-    { { 0x3a808e336f364b7eL,0x6a96d1b8bfa17359L,0x3387ec8552b36545L,
-        0x2fde350af712180cL,0x9219d6f4703a2183L,0x8ba27e0086457946L },
-      { 0x7446bca0ed80a9afL,0xbaf78b6f7203637aL,0x0304129d497c9d0fL,
-        0x6df1e0356a883b68L,0x93ea2bb5e8018c47L,0xc86fd77cdb46443cL } },
-    /* 55 */
-    { { 0x8de865d255dc2427L,0x74f7f83d6f72d126L,0xee1111786c7e665aL,
-        0x272a8b3dddf44f12L,0xad3546449164eb4fL,0x2ffbdb586859d68fL },
-      { 0xbefd36c509701865L,0x63c256162c983d01L,0x15a7ba0b2eb68703L,
-        0x3318a82b5bb0fafcL,0x8e930fa9a0804f38L,0xb7459eb6be60ed1dL } },
-    /* 56 */
-    { { 0xace01c514260b948L,0x04a6080f49210f78L,0x0d1eef6b2241b00dL,
-        0x85a25069ef63912aL,0xcc96c4ec13dd8bc2L,0x90f14d1140d7e234L },
-      { 0xae33f18ca69c8dc3L,0x76921f2a9adfa431L,0x18158ccf048c9f49L,
-        0x90bcf7fbfb8fb345L,0x0d50b4dc38b3ff5dL,0x3914ea0b59ef84a8L } },
-    /* 57 */
-    { { 0x4929d3f9d4e37cf3L,0x622183d1b24c24c0L,0x65cec0675f904d34L,
-        0x65f9931a8a6f76faL,0xeed975b0e73282f2L,0xa045552a5e1625fdL },
-      { 0xfd6b3e02f8fe8e42L,0x5f9f40256203907cL,0x8307eedb42b2c264L,
-        0x2fb3ee719f757e92L,0x4502f2ecdc157ea8L,0xd976e7755d1cc0d5L } },
-    /* 58 */
-    { { 0xe46fb9a28fe1946eL,0xe91df3ed63bdde6eL,0x2e995306e9c28432L,
-        0x7b3a6fe10988235bL,0xc55199f077f92a71L,0x47dd034853cb7950L },
-      { 0xead52de2b727a6d1L,0xb87c9f75eea9c8daL,0xf3e2f3280d944f21L,
-        0xce82734edd751eddL,0xfb83225ce616cedcL,0x15850e4b4a31eb49L } },
-    /* 59 */
-    { { 0x92c4b6d50196ad3aL,0x0205ea484e1205e4L,0x8e08a97c0afc5affL,
-        0xda8687c6727827ebL,0x2eace83106e398aaL,0x3a086c0f6d69e4e8L },
-      { 0x5ff9b7aaf286e62aL,0xc428503962aae55eL,0x4ebd4258d9530a3fL,
-        0x57ea313a8afc7fcbL,0x6d30a67522c18879L,0xd3c00cc994afb659L } },
-    /* 60 */
-    { { 0x53ee47c5dee0d48bL,0xbd9e84ad9dfa2397L,0x2d581e12f81ba5e2L,
-        0x26269f4f132cd325L,0x9e6224df58860a5fL,0x9306c607ff55522aL },
-      { 0xb48af6d4146950e5L,0x09920ed00436805eL,0x3a1bc276cdce7eaeL,
-        0x55ba728ac39a425eL,0x6a04d4e6d961d03eL,0x13891c66736e684aL } },
-    /* 61 */
-    { { 0x7c75175a04cd04d6L,0xb76f9bd909c27a17L,0xa0cff6d408e5fe36L,
-        0xc9097695dcd5ef90L,0x26bea24585e28054L,0x658e03c61580f068L },
-      { 0x0da9f75e811eed27L,0x086e5e04aca0d2eeL,0xd4c157faa53a6787L,
-        0x2e9266d2b40a595cL,0x8f1cb52698fa0820L,0x32a74240a1aef514L } },
-    /* 62 */
-    { { 0xeb42e3d91ae86e7cL,0xd6956c8ce04a5026L,0x4c0b8b980f4302ebL,
-        0xde43c938b37211fdL,0x9fa6a158e7090f80L,0x5f3c9afc73c47fb6L },
-      { 0x2dc4f109f850a4d0L,0x56e63a4b6fd49d6aL,0x8e80a0694cbff048L,
-        0x18d8b8cf2284afb0L,0x61dd086dc89363a1L,0x034c2202c37342a4L } },
-    /* 63 */
-    { { 0x1ae0c4e11c718580L,0x303f48a6bf99a0bfL,0xa5551e4491ae219fL,
-        0xdc41d9bd55a05287L,0xd5aa73e36872b123L,0x6fd94b0ce6395bf6L },
-      { 0xbb95fdbac00afbc1L,0x9cd96208497cac10L,0x8adbd8c1ca51afeaL,
-        0x94fedafbf3bc5f5fL,0x29c0217bdf9f5371L,0x5c13eb4bd9024634L } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_6(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 48 between points.
- */
-static const sp_table_entry_384 p384_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x3dd0756649c0b528L,0x20e378e2a0d6ce38L,0x879c3afc541b4d6eL,
-        0x6454868459a30effL,0x812ff723614ede2bL,0x4d3aadc2299e1513L },
-      { 0x23043dad4b03a4feL,0xa1bfa8bf7bb4a9acL,0x8bade7562e83b050L,
-        0xc6c3521968f4ffd9L,0xdd8002263969a840L,0x2b78abc25a15c5e9L } },
-    /* 2 */
-    { { 0x298647532b0c535bL,0x90dd695370506296L,0x038cd6b4216ab9acL,
-        0x3df9b7b7be12d76aL,0x13f4d9785f347bdbL,0x222c5c9c13e94489L },
-      { 0x5f8e796f2680dc64L,0x120e7cb758352417L,0x254b5d8ad10740b8L,
-        0xc38b8efb5337dee6L,0xf688c2e194f02247L,0x7b5c75f36c25bc4cL } },
-    /* 3 */
-    { { 0xe26a3cc39edffea5L,0x35bbfd1c37d7e9fcL,0xf0e7700d9bde3ef6L,
-        0x0380eb471a538f5aL,0x2e9da8bb05bf9eb3L,0xdbb93c731a460c3eL },
-      { 0x37dba260f526b605L,0x95d4978efd785537L,0x24ed793aed72a04aL,
-        0x2694837776005b1aL,0x99f557b99e681f82L,0xae5f9557d64954efL } },
-    /* 4 */
-    { { 0x24480c57f26feef9L,0xc31a26943a0e1240L,0x735002c3273e2bc7L,
-        0x8c42e9c53ef1ed4cL,0x028babf67f4948e8L,0x6a502f438a978632L },
-      { 0xf5f13a46b74536feL,0x1d218babd8a9f0ebL,0x30f36bcc37232768L,
-        0xc5317b31576e8c18L,0xef1d57a69bbcb766L,0x917c4930b3e3d4dcL } },
-    /* 5 */
-    { { 0x11426e2ee349ddd0L,0x9f117ef99b2fc250L,0xff36b480ec0174a6L,
-        0x4f4bde7618458466L,0x2f2edb6d05806049L,0x8adc75d119dfca92L },
-      { 0xa619d097b7d5a7ceL,0x874275e5a34411e9L,0x5403e0470da4b4efL,
-        0x2ebaafd977901d8fL,0x5e63ebcea747170fL,0x12a369447f9d8036L } },
-    /* 6 */
-    { { 0x28f9c07a4fc52870L,0xce0b37481a53a961L,0xd550fa180e1828d9L,
-        0xa24abaf76adb225aL,0xd11ed0a56e58a348L,0xf3d811e6948acb62L },
-      { 0x8618dd774c61ed22L,0x0bb747f980b47c9dL,0x22bf796fde6b8559L,
-        0xfdfd1c6d680a21e9L,0xc0db15772af2c9ddL,0xa09379e6c1e90f3dL } },
-    /* 7 */
-    { { 0x386c66efe085c629L,0x5fc2a461095bc89aL,0x1353d631203f4b41L,
-        0x7ca1972b7e4bd8f5L,0xb077380aa7df8ce9L,0xd8a90389ee7e4ea3L },
-      { 0x1bc74dc7e7b14461L,0xdc2cb0140c9c4f78L,0x52b4b3a684ef0a10L,
-        0xbde6ea5d20327fe2L,0xb71ec435660f9615L,0xeede5a04b8ad8173L } },
-    /* 8 */
-    { { 0x5584cbb3893b9a2dL,0x820c660b00850c5dL,0x4126d8267df2d43dL,
-        0xdd5bbbf00109e801L,0x85b92ee338172f1cL,0x609d4f93f31430d9L },
-      { 0x1e059a07eadaf9d6L,0x70e6536c0f125fb0L,0xd6220751560f20e7L,
-        0xa59489ae7aaf3a9aL,0x7b70e2f664bae14eL,0x0dd0370176d08249L } },
-    /* 9 */
-    { { 0x4cc13be88510521fL,0x87315ba9f724cc17L,0xb49d83bb353dc263L,
-        0x8b677efe0c279257L,0x510a1c1cc93c9537L,0x33e30cd8a4702c99L },
-      { 0xf0ffc89d2208353fL,0x0170fa8dced42b2bL,0x090851ed26e2a5f5L,
-        0x81276455ecb52c96L,0x0646c4e17fe1adf4L,0x513f047eb0868eabL } },
-    /* 10 */
-    { { 0xc07611f4df5bdf53L,0x45d331a758b11a6dL,0x58965daf1c4ee394L,
-        0xba8bebe75a5878d1L,0xaecc0a1882dd3025L,0xcf2a3899a923eb8bL },
-      { 0xf98c9281d24fd048L,0x841bfb598bbb025dL,0xb8ddf8cec9ab9d53L,
-        0x538a4cb67fef044eL,0x092ac21f23236662L,0xa919d3850b66f065L } },
-    /* 11 */
-    { { 0x3db03b4085d480d8L,0x8cd9f4791b287a7dL,0x8f24dc754a8f3baeL,
-        0x482eb8003db41892L,0x38bf9eb39c56e0f5L,0x8b9773209a91dc6fL },
-      { 0xa31b05b27209cfc2L,0x4c49bf8505b2db70L,0x56462498d619527bL,
-        0x3fe510391fac51baL,0xfb04f55eab4b8342L,0xc07c10dc04c6eabfL } },
-    /* 12 */
-    { { 0xad22fe4cdb32f048L,0x5f23bf91475ed6dfL,0xa50ce0c0aa66b6cbL,
-        0xdf627a89f03405c0L,0x3674837df95e2d6aL,0x081c95b6ba42e64eL },
-      { 0xeba3e036e71d6cebL,0xb45bcccf6c6b0271L,0x67b47e630684701dL,
-        0x60f8f942e712523fL,0x824234725cd47adcL,0x83027d7987649cbbL } },
-    /* 13 */
-    { { 0xb3929ea63615b0b8L,0xb41441fda54dac41L,0x8995d556b5b6a368L,
-        0xa80d4529167ef05eL,0xf6bcb4a16d25a27fL,0x210d6a4c7bd55b68L },
-      { 0xf3804abb25351130L,0x1d2df699903e37ebL,0x5f201efc084c25c8L,
-        0x31a28c87a1c68e91L,0x81dad253563f62a5L,0x5dd6de70d6c415d4L } },
-    /* 14 */
-    { { 0x29f470fd846612ceL,0x986f3eecda18d997L,0x6b84c1612f34af86L,
-        0x5ef0a40846ddaf8bL,0x14405a00e49e795fL,0x5f491b16aa2f7a37L },
-      { 0xc7f07ae4db41b38dL,0xef7d119e18fbfcaaL,0x3a18e07614443b19L,
-        0x4356841a79a19926L,0x91f4a91ce2226fbeL,0xdc77248c3cc88721L } },
-    /* 15 */
-    { { 0xd570ff1ae4b1ec9dL,0x21d23e0ee7eef706L,0x3cde40f4ca19e086L,
-        0x7d6523c4cd4bb270L,0x16c1f06cbf13aa6cL,0x5aa7245ad14c4b60L },
-      { 0x37f8146744b74de8L,0x839e7a17620a934eL,0xf74d14e8de8b1aa1L,
-        0x8789fa51f30d75e2L,0x09b24052c81c261eL,0x654e267833c565eeL } },
-    /* 16 */
-    { { 0x378205de2f9fbe67L,0xc4afcb837f728e44L,0xdbcec06c682e00f1L,
-        0xf2a145c3114d5423L,0xa01d98747a52463eL,0xfc0935b17d717b0aL },
-      { 0x9653bc4fd4d01f95L,0x9aa83ea89560ad34L,0xf77943dcaf8e3f3fL,
-        0x70774a10e86fe16eL,0x6b62e6f1bf9ffdcfL,0x8a72f39e588745c9L } },
-    /* 17 */
-    { { 0x73ade4da2341c342L,0xdd326e54ea704422L,0x336c7d983741cef3L,
-        0x1eafa00d59e61549L,0xcd3ed892bd9a3efdL,0x03faf26cc5c6c7e4L },
-      { 0x087e2fcf3045f8acL,0x14a65532174f1e73L,0x2cf84f28fe0af9a7L,
-        0xddfd7a842cdc935bL,0x4c0f117b6929c895L,0x356572d64c8bcfccL } },
-    /* 18 */
-    { { 0x7ecbac017d8c1bbaL,0x6058f9c390b0f3d5L,0xaee116e3f6197d0fL,
-        0xc4dd70684033b128L,0xf084dba6c209b983L,0x97c7c2cf831dbc4aL },
-      { 0x2f4e61ddf96010e8L,0xd97e4e20529faa17L,0x4ee6666069d37f20L,
-        0xccc139ed3d366d72L,0x690b6ee213488e0fL,0x7cad1dc5f3a6d533L } },
-    /* 19 */
-    { { 0x660a9a81da57a41fL,0xe74a0412ec0039b6L,0x42343c6b5e1dad15L,
-        0x284f3ff546681d4cL,0xb51087f163749e89L,0x070f23cc6f9f2f13L },
-      { 0x542211da5d186e14L,0x84748f37fddb0dffL,0x41a3aab4db1f4180L,
-        0x25ed667ba6402d0eL,0x2f2924a902f58355L,0x5844ee7cfa44a689L } },
-    /* 20 */
-    { { 0xfab086073f3b236fL,0x19e9d41d81e221daL,0xf3f6571e3927b428L,
-        0x4348a9337550f1f6L,0x7167b996a85e62f0L,0x62d437597f5452bfL },
-      { 0xd85feb9ef2955926L,0x440a561f6df78353L,0x389668ec9ca36b59L,
-        0x052bf1a1a22da016L,0xbdfbff72f6093254L,0x94e50f28e22209f3L } },
-    /* 21 */
-    { { 0x90b2e5b33062e8afL,0xa8572375e8a3d369L,0x3fe1b00b201db7b1L,
-        0xe926def0ee651aa2L,0x6542c9beb9b10ad7L,0x098e309ba2fcbe74L },
-      { 0x779deeb3fff1d63fL,0x23d0e80a20bfd374L,0x8452bb3b8768f797L,
-        0xcf75bb4d1f952856L,0x8fe6b40029ea3faaL,0x12bd3e4081373a53L } },
-    /* 22 */
-    { { 0xc023780d104cbba5L,0x6207e747fa35dd4cL,0x35c239281ca9b6a3L,
-        0x4ff19be897987b10L,0xb8476bbf8022eee8L,0xaa0a4a14d3bbe74dL },
-      { 0x20f94331187d4543L,0x3215387079f6e066L,0x83b0f74eac7e82e1L,
-        0xa7748ba2828f06abL,0xc5f0298ac26ef35fL,0x0f0c50708e9a7dbdL } },
-    /* 23 */
-    { { 0x0c5c244cdef029ddL,0x3dabc687850661b8L,0x9992b865fe11d981L,
-        0xe9801b8f6274dbadL,0xe54e6319098da242L,0x9929a91a91a53d08L },
-      { 0x37bffd7235285887L,0xbc759425f1418102L,0x9280cc35fd2e6e20L,
-        0x735c600cfbc42ee5L,0xb7ad28648837619aL,0xa3627231a778c57bL } },
-    /* 24 */
-    { { 0xae799b5c91361ed8L,0x47d71b756c63366cL,0x54cdd5211b265a6aL,
-        0xe0215a5998d77b74L,0x4424d9b7bab29db0L,0x8b0ffacc7fd9e536L },
-      { 0x46d85d1237b5d9efL,0x5b106d62bfa91747L,0xed0479f85f99ba2dL,
-        0x0e6f39231d104de4L,0x83a84c8425e8983fL,0xa9507e0af8105a70L } },
-    /* 25 */
-    { { 0xf6c68a6e14cf381cL,0xaf9d27bdc22e31ccL,0x23568d4daa8a5ccbL,
-        0xe431eec0e338e4d2L,0xf1a828fe8f52ad1fL,0xdb6a0579e86acd80L },
-      { 0x2885672e4507832aL,0x73fc275f887e5289L,0x65f8027805610d08L,
-        0x8d9b4554075ff5b0L,0x3a8e8fb109f712b5L,0x39f0ac862ebe9cf2L } },
-    /* 26 */
-    { { 0xd8fabf784c52edf5L,0xdcd737e5a589ae53L,0x94918bf0d791ab17L,
-        0xb5fbd956bcff06c9L,0xf6d3032edca46d45L,0x2cdff7e141a3e486L },
-      { 0x6674b3ba61f47ec8L,0x8a882163eef84608L,0xa257c7054c687f90L,
-        0xe30cb2edf6cdf227L,0x2c4c64ca7f6ea846L,0x186fa17ccc6bcd3cL } },
-    /* 27 */
-    { { 0x48a3f5361dfcb91eL,0x83595e13646d358aL,0xbd15827b91128798L,
-        0x3ce612b82187757aL,0x873150a161bd7372L,0xf4684530b662f568L },
-      { 0x8833950b401896f6L,0xe11cb89a77f3e090L,0xb2f12cac48e7f4a5L,
-        0x313dd769f606677eL,0xfdcf08b316579f93L,0x6429cec946b8f22bL } },
-    /* 28 */
-    { { 0x4984dd54bb75f9a4L,0x4aef06b929d3b570L,0xb5f84ca23d6e4c1eL,
-        0x24c61c11b083ef35L,0xce4a7392392ca9ffL,0x865d65176730a800L },
-      { 0xca3dfe76722b4a2bL,0x12c04bf97b083e0eL,0x803ce5b51b86b8a5L,
-        0x3fc7632d6a7e3e0cL,0xc89970c2c81adbe4L,0x3cbcd3ad120e16b1L } },
-    /* 29 */
-    { { 0xfbfb4cc7ec30ce93L,0x10ed6c7db72720a2L,0xec675bf747b55500L,
-        0x90725903333ff7c3L,0xc7c3973e5075bfc0L,0xb049ecb007acf31bL },
-      { 0xb4076eaf4f58839cL,0x101896daa2b05e4fL,0x3f6033b0ab40c66eL,
-        0x19ee9eebc8d864baL,0xeb6cf15547bf6d2aL,0x8e5a9663f826477dL } },
-    /* 30 */
-    { { 0x69e62fddf7fbd5e1L,0x38ecfe5476912b1dL,0x845a3d56d1da3bfbL,
-        0x0494950e1c86f0d4L,0x83cadbf93bc36ce8L,0x41fce5724fccc8d1L },
-      { 0x05f939c28332c144L,0xb17f248b0871e46eL,0x3d8534e266e8aff6L,
-        0x1d06f1dc3b85c629L,0xdb06a32ea3131b73L,0xf295184d8b3f64e5L } },
-    /* 31 */
-    { { 0xd9653ff736ddc103L,0x25f43e3795ef606fL,0x09e301fcfe06dce8L,
-        0x85af234130b6eebfL,0x79b12b530ff56b20L,0x9b4fb499fe9a3c6bL },
-      { 0x0154f89251d27ac2L,0xd33167e356ca5389L,0x7828ec1fafc065a6L,
-        0x0959a2587f746c9bL,0xb18f1be30c44f837L,0xa7946117c4132fdbL } },
-    /* 32 */
-    { { 0xc0426b775e3c647bL,0xbfcbd9398cf05348L,0x31d312e3172c0d3dL,
-        0x5f49fde6ee754737L,0x895530f06da7ee61L,0xcf281b0ae8b3a5fbL },
-      { 0xfd14973541b8a543L,0x41a625a73080dd30L,0xe2baae07653908cfL,
-        0xc3d01436ba02a278L,0xa0d0222e7b21b8f8L,0xfdc270e9d7ec1297L } },
-    /* 33 */
-    { { 0x00873c0cbc7f41d6L,0xd976113e1b7ad641L,0x2a536ff4238443fbL,
-        0x030d00e241e62e45L,0x532e98675f545fc6L,0xcd0331088e91208cL },
-      { 0xd1a04c999797612cL,0xd4393e02eea674e2L,0xd56fa69ee19742a1L,
-        0xdd2ab48085f0590eL,0xa5cefc5248a2243dL,0x48cc67b654383f41L } },
-    /* 34 */
-    { { 0x4e50430efc14ab48L,0x195b7f4f26706a74L,0x2fe8a228cc881ff6L,
-        0xb1b968e2d945013dL,0x936aa5794b92162bL,0x4fb766b7364e754aL },
-      { 0x13f93bca31e1ff7fL,0x696eb5cace4f2691L,0xff754bf8a2b09e02L,
-        0x58f13c9ce58e3ff8L,0xb757346f1678c0b0L,0xd54200dba86692b3L } },
-    /* 35 */
-    { { 0x9a030bbd6dda1265L,0xf7b4f3fce89718ddL,0xa6a4931f936065b8L,
-        0xbce72d875f72241cL,0x6cbb51cb65775857L,0xc71618154e993675L },
-      { 0xe81a0f792ee32189L,0xef2fab26277dc0b2L,0x9e64f6feb71f469fL,
-        0xb448ce33dfdaf859L,0x3f5c1c4cbe6b5df1L,0xfb8dfb001de45f7bL } },
-    /* 36 */
-    { { 0xc7345fa74d5bb921L,0x5c7e04be4d2b667eL,0x47ed3a80282d7a3eL,
-        0x5c2777f87e47b2a4L,0x89b3b10008488e2eL,0x9aad77c2b2eb5b45L },
-      { 0xd681bca7daac34aeL,0x2452e4e526afb326L,0x0c88792441a1ee14L,
-        0x743b04d4c2407adeL,0xcb5e999bfc17a2acL,0x4dca2f824a701a06L } },
-    /* 37 */
-    { { 0x68e31ca61127bc1aL,0xa3edd59b17ead3beL,0x67b6b645e25f5a15L,
-        0x76221794a420e15eL,0x794fd83b4b1e872eL,0x7cab3f03b2dece1bL },
-      { 0x7119bf15ca9b3586L,0xa55459244d250bd7L,0x173633eacc6bcf24L,
-        0x9bd308c2b1b6f884L,0x3bae06f5447d38c3L,0x54dcc135f341fe1cL } },
-    /* 38 */
-    { { 0x56d3598d943caf0dL,0xce044ea9225ff133L,0x9edf6a7c563fadeaL,
-        0x632eb94473e8dc27L,0x814b467e3190dcabL,0x2d4f4f316dbb1e31L },
-      { 0x8d69811ca143b7caL,0x4ec1ac32de7cf950L,0x223ab5fd37b5fe82L,
-        0xe82616e49390f1d9L,0xabff4b2075804610L,0x11b9be15875b08f0L } },
-    /* 39 */
-    { { 0x4ae31a3d3bbe682cL,0xbc7c5d2674eef2ddL,0x92afd10a3c47dd40L,
-        0xec7e0a3bc14ab9e1L,0x6a6c3dd1b2e495e4L,0x085ee5e9309bcd85L },
-      { 0xf381a9088c2e67fdL,0x32083a80e261eaf2L,0x0fcd6a4996deee15L,
-        0xe3b8fb035e524c79L,0x8dc360d91d5b08b9L,0x3a06e2c87f26719fL } },
-    /* 40 */
-    { { 0x5cd9f5a87237cac0L,0x93f0b59d43586794L,0x4384a764e94f6c4eL,
-        0x8304ed2bb62782d3L,0x0b8db8b3cde06015L,0x4336dd535dbe190fL },
-      { 0x5744355392ab473aL,0x031c7275be5ed046L,0x3e78678c21909aa4L,
-        0x4ab7e04f99202ddbL,0x2648d2066977e635L,0xd427d184093198beL } },
-    /* 41 */
-    { { 0x822848f50f9b5a31L,0xbb003468baadb62aL,0x233a04723357559cL,
-        0x49ef688079aee843L,0xa89867a0aeb9e1e3L,0xc151931b1f6f9a55L },
-      { 0xd264eb0bad74251eL,0x37b9b2634abf295eL,0xb600921b04960d10L,
-        0x0de53dbc4da77dc0L,0x01d9bab3d2b18697L,0xad54ec7af7156ddfL } },
-    /* 42 */
-    { { 0x8e74dc3579efdc58L,0x456bd3694ff68ddbL,0x724e74ccd32096a5L,
-        0xe41cff42386783d0L,0xa04c7f217c70d8a4L,0x41199d2fe61a19a2L },
-      { 0xd389a3e029c05dd2L,0x535f2a6be7e3fda9L,0x26ecf72d7c2b4df8L,
-        0x678275f4fe745294L,0x6319c9cc9d23f519L,0x1e05a02d88048fc4L } },
-    /* 43 */
-    { { 0x75cc8e2ed4d5ffe8L,0xf8bb4896dbea17f2L,0x35059790cee3cb4aL,
-        0x4c06ee85a47c6165L,0xf98fff2592935d2fL,0x34c4a57232ffd7c7L },
-      { 0xc4b14806ea0376a2L,0x2ea5e7504f115e02L,0x532d76e21e55d7c0L,
-        0x68dc9411f31044daL,0x9272e46571b77993L,0xadaa38bb93a8cfd5L } },
-    /* 44 */
-    { { 0x4bf0c7127d4ed72aL,0xda0e9264ba1f79a3L,0x48c0258bf4c39ea4L,
-        0xa5394ed82a715138L,0x4af511cebf06c660L,0xfcebceefec5c37cdL },
-      { 0xf23b75aa779ae8c1L,0xdeff59ccad1e606eL,0xf3f526fd22755c82L,
-        0x64c5ab44bb32cefdL,0xa96e11a2915bdefdL,0xab19746a1143813eL } },
-    /* 45 */
-    { { 0x43c78585ec837d7dL,0xca5b6fbcb8ee0ba4L,0x34e924d9d5dbb5eeL,
-        0x3f4fa104bb4f1ca5L,0x15458b72398640f7L,0x4231faa9d7f407eaL },
-      { 0x53e0661ef96e6896L,0x554e4c69d03b0f9dL,0xd4fcb07b9c7858d1L,
-        0x7e95279352cb04faL,0x5f5f15748974e7f7L,0x2e3fa5586b6d57c8L } },
-    /* 46 */
-    { { 0x42cd48036a9951a8L,0xa8b15b8842792ad0L,0x18e8bcf9abb29a73L,
-        0xbfd9a092409933e8L,0x760a3594efb88dc4L,0x1441886340724458L },
-      { 0x162a56ee99caedc7L,0x8fb12ecd91d101c9L,0xea671967393202daL,
-        0x1aac8c4aa4ccd796L,0x7db050361cf185a8L,0x0c9f86cd8cfd095aL } },
-    /* 47 */
-    { { 0x9a72814710b2a556L,0x767ca964327b70b2L,0x04ed9e125e3799b7L,
-        0x6781d2dc22a3eb2aL,0x5bd116eb0d9450acL,0xeccac1fca7ebe08aL },
-      { 0xde68444fdc2d6e94L,0x3621f42935ecf21bL,0x14e2d54329e03a2cL,
-        0x53e42cd57d3e7f0aL,0xbba26c0973ed00b9L,0x00297c39c57d2272L } },
-    /* 48 */
-    { { 0x3aaaab10b8243a7dL,0x6eeef93e8fa58c5bL,0xf866fca39ae7f764L,
-        0x64105a2661ab04d3L,0xa3578d8a03945d66L,0xb08cd3e4791b848cL },
-      { 0x45edc5f8756d2411L,0xd4a790d9a755128cL,0xc2cf096349e5f6a0L,
-        0xc66d267df649beaaL,0x3ce6d9688467039eL,0x50046c6b42f7816fL } },
-    /* 49 */
-    { { 0x92ae160266425043L,0x1ff66afdf08db890L,0x386f5a7f8f162ce5L,
-        0x18d2dea0fcf5598fL,0x78372b3a1a8ca18eL,0xdf0d20eb8cd0e6f7L },
-      { 0x7edd5e1d75bb4045L,0x252a47ceb96d94b7L,0xbdb293582c626776L,
-        0x853c394340dd1031L,0x9dc9becf7d5f47fdL,0x27c2302fbae4044aL } },
-    /* 50 */
-    { { 0x2d1d208a8f2d49ceL,0x0d91aa02162df0a2L,0x9c5cce8709a07f65L,
-        0xdf07238b84339012L,0x5028e2c8419442cdL,0x2dcbd35872062abaL },
-      { 0xb5fbc3cbe4680967L,0x2a7bc6459f92d72cL,0x806c76e1116c369dL,
-        0x5c50677a3177e8d8L,0x753739eb4569df57L,0x2d481ef636c3f40bL } },
-    /* 51 */
-    { { 0x1a2d39fdfea1103eL,0xeaae559295f81b17L,0xdbd0aa18f59b264aL,
-        0x90c39c1acb592ee0L,0xdf62f80d9750cca3L,0xda4d8283df97cc6cL },
-      { 0x0a6dd3461e201067L,0x1531f85969fb1f6bL,0x4895e5521d60121fL,
-        0x0b21aab04c041c91L,0x9d896c46bcc1ccf8L,0xd24da3b33141bde7L } },
-    /* 52 */
-    { { 0x575a053753b0a354L,0x392ff2f40c6ddcd8L,0x0b8e8cff56157b94L,
-        0x073e57bd3b1b80d1L,0x2a75e0f03fedee15L,0x752380e4aa8e6f19L },
-      { 0x1f4e227c6558ffe9L,0x3a34861819ec5415L,0xab382d5ef7997085L,
-        0x5e6deaffddc46ac2L,0xe5144078fc8d094cL,0xf674fe51f60e37c6L } },
-    /* 53 */
-    { { 0x6fb87ae5af63408fL,0xa39c36a9cd75a737L,0x7833313fcf4c618dL,
-        0xfbcd4482f034c88dL,0x4469a76139b35288L,0x77a711c566b5d9c9L },
-      { 0x4a695dc7944f8d65L,0xe6da5f65161aaba8L,0x8654e9c324601669L,
-        0xbc8b93f528ae7491L,0x5f1d1e838f5580d8L,0x8ccf9a1acea32cc8L } },
-    /* 54 */
-    { { 0x28ab110c7196fee2L,0x75799d63874c8945L,0xa262934829aedaddL,
-        0x9714cc7b2be88ff4L,0xf71293cfd58d60d6L,0xda6b6cb332a564e9L },
-      { 0xf43fddb13dd821c2L,0xf2f2785f90dd323dL,0x91246419048489f8L,
-        0x61660f26d24c6749L,0x961d9e8cc803c15cL,0x631c6158faadc4c9L } },
-    /* 55 */
-    { { 0xacf2ebe0fd752366L,0xb93c340e139be88bL,0x98f664850f20179eL,
-        0x14820254ff1da785L,0x5278e2764f85c16eL,0xa246ee457aab1913L },
-      { 0x43861eb453763b33L,0xc49f03fc45c0bc0dL,0xafff16bcad6b1ea1L,
-        0xce33908b6fd49c99L,0x5c51e9bff7fde8c3L,0x076a7a39ff142c5eL } },
-    /* 56 */
-    { { 0x04639dfe9e338d10L,0x8ee6996ff42b411bL,0x960461d1a875cef2L,
-        0x1057b6d695b4d0baL,0x27639252a906e0bcL,0x2c19f09ae1c20f8aL },
-      { 0x5b8fc3f0eef4c43dL,0xe2e1b1a807a84aa9L,0x5f455528835d2bdbL,
-        0x0f4aee4d207132ddL,0xe9f8338c3907f675L,0x7a874dc90e0531f0L } },
-    /* 57 */
-    { { 0x84b22d4597c27050L,0xbd0b8df759e70bf8L,0xb4d6740579738b9bL,
-        0x47f4d5f5cd917c4fL,0x9099c4ce13ce6e33L,0x942bfd39521d0f8bL },
-      { 0x5028f0f6a43b566dL,0xaf6e866921bff7deL,0x83f6f856c44232cdL,
-        0x65680579f915069aL,0xd12095a2ecfecb85L,0xcf7f06aedb01ba16L } },
-    /* 58 */
-    { { 0x0f56e3c48ef96c80L,0xd521f2b33ddb609cL,0x2be941027dc1450dL,
-        0x2d21a07102a91fe2L,0x2e6f74fa1efa37deL,0x9a9a90b8156c28a1L },
-      { 0xc54ea9ea9dc7dfcbL,0xc74e66fc2c2c1d62L,0x9f23f96749d3e067L,
-        0x1c7c3a4654dd38adL,0xc70058845946cee3L,0x8985636845cc045dL } },
-    /* 59 */
-    { { 0x29da7cd4fce73946L,0x8f697db523168563L,0x8e235e9ccba92ec6L,
-        0x55d4655f9f91d3eaL,0xf3689f23aa50a6cdL,0xdcf21c2621e6a1a0L },
-      { 0xcffbc82e61b818bfL,0xc74a2f96da47a243L,0x234e980a8bc1a0cfL,
-        0xf35fd6b57929cb6dL,0x81468e12efe17d6cL,0xddea6ae558b2dafbL } },
-    /* 60 */
-    { { 0x294de8877e787b2eL,0x258acc1f39a9310dL,0x92d9714aac14265dL,
-        0x18b5591c708b48a0L,0x27cc6bb0e1abbf71L,0xc0581fa3568307b9L },
-      { 0x9e0f58a3f24d4d58L,0xfebe9bb8e0ce2327L,0x91fd6a419d1be702L,
-        0x9a7d8a45facac993L,0xabc0a08c9e50d66dL,0x02c342f706498201L } },
-    /* 61 */
-    { { 0xccd71407157bdbc2L,0x72fa89c6ad0e1605L,0xb1d3da2bb92a015fL,
-        0x8ad9e7cda0a3fe56L,0x160edcbd24f06737L,0x79d4db3361275be6L },
-      { 0xd3d31fd95f3497c4L,0x8cafeaee04192fb0L,0xe13ca74513a50af3L,
-        0x188261678c85aae5L,0xce06cea89eb556ffL,0x2eef1995bdb549f3L } },
-    /* 62 */
-    { { 0x8ed7d3eb50596edcL,0xaa359362905243a2L,0xa212c2c2a4b6d02bL,
-        0x611fd727c4fbec68L,0x8a0b8ff7b84f733dL,0xd85a6b905f0daf0eL },
-      { 0x60e899f5d4091cf7L,0x4fef2b672eff2768L,0xc1f195cb10c33964L,
-        0x8275d36993626a8fL,0xc77904f40d6c840aL,0x88d8b7fd7a868acdL } },
-    /* 63 */
-    { { 0x85f237237bd98425L,0xd4463992c70b154eL,0xcbb00ee296687a2eL,
-        0x905fdbf7c83214fdL,0x2019d29313593684L,0x0428c393ef51218eL },
-      { 0x40c7623f981e909aL,0x925133857be192daL,0x48fe480f4010907eL,
-        0xdd7a187c3120b459L,0xc9d7702da1fd8f3cL,0x66e4753be358efc5L } },
-    /* 64 */
-    { { 0x070d34e116973cf4L,0x20aee08b7e4f34f7L,0x269af9b95eb8ad29L,
-        0xdde0a036a6a45ddaL,0xa18b528e63df41e0L,0x03cc71b2a260df2aL },
-      { 0x24a6770aa06b1dd7L,0x5bfa9c119d2675d3L,0x73c1e2a196844432L,
-        0x3660558d131a6cf0L,0xb0289c832ee79454L,0xa6aefb01c6d8ddcdL } },
-    /* 65 */
-    { { 0xba1464b401ab5245L,0x9b8d0b6dc48d93ffL,0x939867dc93ad272cL,
-        0xbebe085eae9fdc77L,0x73ae5103894ea8bdL,0x740fc89a39ac22e1L },
-      { 0x5e28b0a328e23b23L,0x2352722ee13104d0L,0xf4667a18b0a2640dL,
-        0xac74a72e49bb37c3L,0x79f734f0e81e183aL,0xbffe5b6c3fd9c0ebL } },
-    /* 66 */
-    { { 0xb1a358f5c6a2123fL,0x927b2d95fe28df6dL,0x89702753f199d2f9L,
-        0x0a73754c1a3f82dcL,0x063d029d777affe1L,0x5439817edae6d34dL },
-      { 0xf7979eef6b8b83c4L,0x615cb2149d945682L,0x8f0e4facc5e57eaeL,
-        0x042b89b8113047ddL,0x888356dc93f36508L,0xbf008d185fd1f32fL } },
-    /* 67 */
-    { { 0x8012aa244e8068dbL,0xc72cc641a5729a47L,0x3c33df2c43f0691dL,
-        0xfa0573471d92145fL,0xaefc0f2fb97f7946L,0x813d75cb2f8121bfL },
-      { 0x05613c724383bba6L,0xa924ce70a4224b3fL,0xe59cecbe5f2179a6L,
-        0x78e2e8aa79f62b61L,0x3ac2cc3b53ad8079L,0x55518d71d8f4fa96L } },
-    /* 68 */
-    { { 0x03cf292200623f3bL,0x095c71115f29ebffL,0x42d7224780aa6823L,
-        0x044c7ba17458c0b0L,0xca62f7ef0959ec20L,0x40ae2ab7f8ca929fL },
-      { 0xb8c5377aa927b102L,0x398a86a0dc031771L,0x04908f9dc216a406L,
-        0xb423a73a918d3300L,0x634b0ff1e0b94739L,0xe29de7252d69f697L } },
-    /* 69 */
-    { { 0x744d14008435af04L,0x5f255b1dfec192daL,0x1f17dc12336dc542L,
-        0x5c90c2a7636a68a8L,0x960c9eb77704ca1eL,0x9de8cf1e6fb3d65aL },
-      { 0xc60fee0d511d3d06L,0x466e2313f9eb52c7L,0x743c0f5f206b0914L,
-        0x42f55bac2191aa4dL,0xcefc7c8fffebdbc2L,0xd4fa6081e6e8ed1cL } },
-    /* 70 */
-    { { 0xb5e405d3b0ab9645L,0xaeec7f98d5f1f711L,0x8ad42311585c2a6eL,
-        0x045acb9e512c6944L,0xae106c4ea90db1c6L,0xb89f33d5898e6563L },
-      { 0x43b07cd97fed2ce4L,0xf9934e17dd815b20L,0x6778d4d50a81a349L,
-        0x9e616ade52918061L,0xfa06db06d7e67112L,0x1da23cf188488091L } },
-    /* 71 */
-    { { 0x821c46b342f2c4b5L,0x931513ef66059e47L,0x7030ae4366f50cd1L,
-        0x43b536c943e7b127L,0x006258cf5fca5360L,0xe4e3ee796b557abfL },
-      { 0xbb6b390024c8b22fL,0x2eb5e2c1fcbf1054L,0x937b18c9567492afL,
-        0xf09432e4acf53957L,0x585f5a9d1dbf3a56L,0xf86751fdbe0887cfL } },
-    /* 72 */
-    { { 0x157399cb9d10e0b2L,0x1c0d595660dc51b7L,0x1d496b8a1f583090L,
-        0x6658bc2688590484L,0x88c08ab703213f28L,0x8d2e0f737ae58de4L },
-      { 0x9b79bc95486cfee6L,0x036a26c7e9e5bc57L,0x1ad03601cd8ae97aL,
-        0x06907f87ff3a0494L,0x078f4bbf2c7eb584L,0xe3731bf57e8d0a5aL } },
-    /* 73 */
-    { { 0x72f2282be1cd0abeL,0xd4f9015e87efefa2L,0x9d1898066c3834bdL,
-        0x9c8cdcc1b8a29cedL,0x0601b9f4fee82ebcL,0x371052bc7206a756L },
-      { 0x76fa109246f32562L,0xdaad534c17351bb4L,0xc3d64c37b3636bb5L,
-        0x038a8c5145d54e00L,0x301e618032c09e7cL,0x9764eae795735151L } },
-    /* 74 */
-    { { 0x8791b19fcbd5256aL,0x4007e0f26ca13a3bL,0x03b794604cf06904L,
-        0xb18a9c22b6c17589L,0xa1cb7d7d81d45908L,0x6e13fa9d21bb68f1L },
-      { 0x47183c62a71e6e16L,0x5cf0ef8ee18749edL,0x2c9c7f9b2e5ed409L,
-        0x042eeacce6e117e1L,0xb86d481613fb5a7fL,0xea1cf0edc9e5feb1L } },
-    /* 75 */
-    { { 0x6e6573c9cea4cc9bL,0x5417961dafcec8f3L,0x804bf02aa438b6f6L,
-        0xb894b03cdcd4ea88L,0xd0f807e93799571fL,0x3466a7f5862156e8L },
-      { 0x51e59acd56515664L,0x55b0f93ca3c5eb0bL,0x84a06b026a4279dbL,
-        0x5c850579c5fae08eL,0xcf07b8dba663a1a2L,0x49a36bbcf46ffc8dL } },
-    /* 76 */
-    { { 0xe47f5acc46d93106L,0x65b7ade0aa897c9cL,0x37cf4c9412d7e4beL,
-        0xa2ae9b80d4b2caa9L,0x5e7ce09ce60357a3L,0x29f77667c8ecd5f9L },
-      { 0xdf6868f5a8a0b1c5L,0x240858cf62978ad8L,0x0f7ac101dc0002a1L,
-        0x1d28a9d7ffe9aa05L,0x744984d65b962c97L,0xa8a7c00b3d28c8b2L } },
-    /* 77 */
-    { { 0x7c58a852ae11a338L,0xa78613f1d1af96e7L,0x7e9767d25355cc73L,
-        0x6ba37009792a2de6L,0x7d60f618124386b2L,0xab09b53111157674L },
-      { 0x95a0484198eb9dd0L,0xe6c17acc15070328L,0xafc6da45489c6e49L,
-        0xab45a60abb211530L,0xc58d65927d7ea933L,0xa3ef3c65095642c6L } },
-    /* 78 */
-    { { 0x89d420e9df010879L,0x9d25255d39576179L,0x9cdefd50e39513b6L,
-        0xe4efe45bd5d1c313L,0xc0149de73f7af771L,0x55a6b4f4340ab06bL },
-      { 0xf1325251ebeaf771L,0x2ab44128878d4288L,0xfcd5832e18e05afeL,
-        0xef52a348cc1fb62bL,0x2bd08274c1c4792aL,0x345c5846877c6dc7L } },
-    /* 79 */
-    { { 0xde15ceb0bea65e90L,0x0987f72b2416d99cL,0x44db578dfd863decL,
-        0xf617b74bac6a3578L,0x9e62bd7adb48e999L,0x877cae61eab1a1beL },
-      { 0x23adddaa3a358610L,0x2fc4d6d1325e2b07L,0x897198f51585754eL,
-        0xf741852cb392b584L,0x9927804cb55f7de1L,0xe9e6c4ed1aa8efaeL } },
-    /* 80 */
-    { { 0x867db63998683186L,0xfb5cf424ddcc4ea9L,0xcc9a7ffed4f0e7bdL,
-        0x7c57f71c7a779f7eL,0x90774079d6b25ef2L,0x90eae903b4081680L },
-      { 0xdf2aae5e0ee1fcebL,0x3ff1da24e86c1a1fL,0x80f587d6ca193edfL,
-        0xa5695523dc9b9d6aL,0x7b84090085920303L,0x1efa4dfcba6dbdefL } },
-    /* 81 */
-    { { 0xfbd838f9e0540015L,0x2c323946c39077dcL,0x8b1fb9e6ad619124L,
-        0x9612440c0ca62ea8L,0x9ad9b52c2dbe00ffL,0xf52abaa1ae197643L },
-      { 0xd0e898942cac32adL,0xdfb79e4262a98f91L,0x65452ecf276f55cbL,
-        0xdb1ac0d27ad23e12L,0xf68c5f6ade4986f0L,0x389ac37b82ce327dL } },
-    /* 82 */
-    { { 0x511188b4f8e60f5bL,0x7fe6701548aa2adaL,0xdb333cb8381abca2L,
-        0xb15e6d9ddaf3fc97L,0x4b24f6eb36aabc03L,0xc59789df72a748b4L },
-      { 0x26fcb8a529cf5279L,0x7a3c6bfc01ad9a6cL,0x866cf88d4b8bac9bL,
-        0xf4c899899c80d041L,0xf0a0424170add148L,0x5a02f47945d81a41L } },
-    /* 83 */
-    { { 0xfa5c877cc1c90202L,0xd099d440f8ac7570L,0x428a5b1bd17881f7L,
-        0x61e267db5b2501d7L,0xf889bf04f2e4465bL,0x4da3ae0876aa4cb8L },
-      { 0x3ef0fe26e3e66861L,0x5e7729533318b86dL,0xc3c35fbc747396dfL,
-        0x5115a29c439ffd37L,0xbfc4bd97b2d70374L,0x088630ea56246b9dL } },
-    /* 84 */
-    { { 0xcd96866db8a9e8c9L,0xa11963b85bb8091eL,0xc7f90d53045b3cd2L,
-        0x755a72b580f36504L,0x46f8b39921d3751cL,0x4bffdc9153c193deL },
-      { 0xcd15c049b89554e7L,0x353c6754f7a26be6L,0x79602370bd41d970L,
-        0xde16470b12b176c0L,0x56ba117540c8809dL,0xe2db35c3e435fb1eL } },
-    /* 85 */
-    { { 0xd71e4aab6328e33fL,0x5486782baf8136d1L,0x07a4995f86d57231L,
-        0xf1f0a5bd1651a968L,0xa5dc5b2476803b6dL,0x5c587cbc42dda935L },
-      { 0x2b6cdb32bae8b4c0L,0x66d1598bb1331138L,0x4a23b2d25d7e9614L,
-        0x93e402a674a8c05dL,0x45ac94e6da7ce82eL,0xeb9f8281e463d465L } },
-    /* 86 */
-    { { 0x34e0f9d1fecf5b9bL,0xa115b12bf206966aL,0x5591cf3b1eaa0534L,
-        0x5f0293cbfb1558f9L,0x1c8507a41bc703a5L,0x92e6b81c862c1f81L },
-      { 0xcc9ebc66cdaf24e3L,0x68917ecd72fcfc70L,0x6dc9a9308157ba48L,
-        0x5d425c08b06ab2b2L,0x362f8ce736e929c4L,0x09f6f57c62e89324L } },
-    /* 87 */
-    { { 0x1c7d6b78d29375fbL,0xfabd851ee35d1157L,0xf6f62dcd4243ea47L,
-        0x1dd924608fe30b0fL,0x08166dfaffc6e709L,0xc6c4c6930881e6a7L },
-      { 0x20368f87d6a53fb0L,0x38718e9f9eb4d1f9L,0x03f08acdafd7e790L,
-        0x0835eb4472fe2a1cL,0x7e05090388076e5dL,0x538f765ea638e731L } },
-    /* 88 */
-    { { 0x0e0249d9c2663b4bL,0xe700ab5b47cd38ddL,0xb192559d2c46559fL,
-        0x8f9f74a84bcde66dL,0xad1615233e2aced5L,0xc155c0473dd03a5bL },
-      { 0x346a87993be454ebL,0x66ee94db83b7dccdL,0x1f6d8378ab9d2abeL,
-        0x4a396dd27733f355L,0x419bd40af53553c2L,0xd0ead98d731dd943L } },
-    /* 89 */
-    { { 0x908e0b0eec142408L,0x98943cb94114b310L,0x03dbf7d81742b1d7L,
-        0xd270df6b693412f4L,0xc50654948f69e20cL,0xa76a90c3697e43a1L },
-      { 0xe0fa33844624825aL,0x82e48c0b8acc34c2L,0x7b24bd14e9a14f2bL,
-        0x4f5dd5e24db30803L,0x0c77a9e7932da0a3L,0x20db90f274c653dcL } },
-    /* 90 */
-    { { 0x261179b70e6c5fd9L,0xf8bec1236c982eeaL,0x47683338d4957b7eL,
-        0xcc47e6640a72f66aL,0xbd54bf6a1bad9350L,0xdfbf4c6af454e95aL },
-      { 0x3f7a7afa6907f4faL,0x7311fae0865ca735L,0x24737ab82a496adaL,
-        0x13e425f115feb79bL,0xe9e97c50a1b93c21L,0xb26b6eac4ddd3eb5L } },
-    /* 91 */
-    { { 0x81cab9f52a2e5f2bL,0xf93caf29bf385ac4L,0xf4bf35c3c909963aL,
-        0x081e730074c9143cL,0x3ea57fa8c281b4c5L,0xe497905c9b340741L },
-      { 0xf556dd8a55ab3cfbL,0xd444b96b518db6adL,0x34f5425a5ef4b955L,
-        0xdda7a3acecd26aa3L,0xb57da11bda655e97L,0x02da3effc2024c70L } },
-    /* 92 */
-    { { 0xe24b00366481d0d9L,0x3740dbe5818fdfe2L,0xc1fc1f45190fda00L,
-        0x329c92803cf27fdeL,0x7435cb536934f43eL,0x2b505a5d7884e8feL },
-      { 0x6cfcc6a6711adcc9L,0xf034325c531e21e1L,0xa2f4a9679b2a8a99L,
-        0x9d5f38423c21bdffL,0xb25c781131b57d66L,0xdb5344d80b8093b9L } },
-    /* 93 */
-    { { 0x0d72e667ae50a2f5L,0x9b7f8d8ae4a861d1L,0xa129f70f330df1cbL,
-        0xe90aa5d7e04fefc3L,0xff561ecbe72c3ae1L,0x0d8fb428cdb955faL },
-      { 0xd2235f73d7663784L,0xc05baec67e2c456aL,0xe5c292e42adbfcccL,
-        0x4fd17988efb110d5L,0x27e57734d19d49f3L,0x188ac4ce84f679feL } },
-    /* 94 */
-    { { 0x7ee344cfa796c53eL,0xbbf6074d0868009bL,0x1f1594f7474a1295L,
-        0x66776edcac11632dL,0x1862278b04e2fa5aL,0x52665cf2c854a89aL },
-      { 0x7e3764648104ab58L,0x167759137204fd6dL,0x86ca06a544ea1199L,
-        0xaa3f765b1c9240ddL,0x5f8501a924746149L,0x7b982e30dcd251d7L } },
-    /* 95 */
-    { { 0xe44e9efcc15f3060L,0x5ad62f2ea87ebbe6L,0x36499d41c79500d4L,
-        0xa66d6dc0336fa9d1L,0xf8afc4955afd3b1fL,0x1d8ccb24e5c9822bL },
-      { 0x4031422b79d7584bL,0xc54a0580ea3f20ddL,0x3f837c8f958468c5L,
-        0x3d82f110fbea7735L,0x679a87787dffe2fcL,0x48eba63b20704803L } },
-    /* 96 */
-    { { 0x89b10d41df46e2f6L,0x13ab57f819514367L,0x067372b91d469c87L,
-        0x0c195afa4f6c5798L,0xea43a12a272c9acfL,0x9dadd8cb678abdacL },
-      { 0xcce56c6be182579aL,0x86febadb2d26c2d8L,0x1c668ee12a44745cL,
-        0x580acd8698dc047aL,0x5a2b79cc51b9ec2dL,0x007da6084054f6a0L } },
-    /* 97 */
-    { { 0x9e3ca35217b00dd0L,0x046779cb0e81a7a6L,0xb999fef3d482d871L,
-        0xe6f38134d9233fbcL,0x112c3001f48cd0e0L,0x934e75763c6c66aeL },
-      { 0xb44d4fc3d73234dcL,0xfcae2062864eafc1L,0x843afe2526bef21aL,
-        0x61355107f3b75fdfL,0x8367a5aa794c2e6bL,0x3d2629b18548a372L } },
-    /* 98 */
-    { { 0x6230618f437cfaf8L,0x5b8742cb2032c299L,0x949f72472293643aL,
-        0xb8040f1a09464f79L,0x049462d24f254143L,0xabd6b522366c7e76L },
-      { 0x119b392bd5338f55L,0x1a80a9ce01495a0cL,0xf3118ca7f8d7537eL,
-        0xb715adc26bf4b762L,0x24506165a8482b6cL,0xd958d7c696a7c84dL } },
-    /* 99 */
-    { { 0x9ad8aa87bdc21f31L,0xadb3cab48063e58cL,0xefd86283b07dd7b8L,
-        0xc7b9b7621be7c6b4L,0x2ef58741015582deL,0xc970c52e299addf3L },
-      { 0x78f02e2a22f24d66L,0xefec1d1074cc100aL,0xaf2a6a3909316e1aL,
-        0xce7c22055849dd49L,0x9c1fe75c96bffc4cL,0xcad98fd27ba06ec0L } },
-    /* 100 */
-    { { 0xed76e2d0b648b73eL,0xa9f92ce51cfd285eL,0xa8c86c062ed13de1L,
-        0x1d3a574ea5191a93L,0x385cdf8b1ad1b8bfL,0xbbecc28a47d2cfe3L },
-      { 0x98d326c069cec548L,0x4f5bc1ddf240a0b2L,0x241a706229057236L,
-        0x0fc6e9c5c68294a4L,0x4d04838ba319f17aL,0x8b612cf19ffc1c6fL } },
-    /* 101 */
-    { { 0x9bb0b5014c3830ebL,0x3d08f83c8ee0d0c5L,0xa4a6264279ba9389L,
-        0x5d5d40449cbc2914L,0xae9eb83e074c46f0L,0x63bb758f74ead7d6L },
-      { 0x1c40d2eac6bb29e0L,0x95aa2d874b02f41eL,0x9298917553cb199aL,
-        0xdd91bafe51584f6dL,0x3715efb931a1aaecL,0xc1b6ae5b46780f9eL } },
-    /* 102 */
-    { { 0xcded3e4b42772f41L,0x3a700d5d3bcb79d1L,0x4430d50e80feee60L,
-        0x444ef1fcf5e5d4bbL,0xc660194fe6e358ffL,0xe68a2f326a91b43cL },
-      { 0x5842775c977fe4d2L,0x78fdef5c7e2a41ebL,0x5f3bec02ff8df00eL,
-        0xf4b840cd5852525dL,0x0870483a4e6988bdL,0x39499e39cc64b837L } },
-    /* 103 */
-    { { 0xfc05de80b08df5feL,0x0c12957c63ba0362L,0xea379414d5cf1428L,
-        0xc559132a54ef6216L,0x33d5f12fb9e65cf8L,0x09c602781695d663L },
-      { 0x3ac1ced461f7a2fbL,0xdd838444d4f5eeb8L,0x82a38c6c8318fcadL,
-        0x315be2e5e9f1a864L,0x317b5771442daf47L,0x81b5904a95aa5f9eL } },
-    /* 104 */
-    { { 0x6b6b1c508b21d232L,0x87f3dbc08c2cba75L,0xa7e74b46ae9f0fafL,
-        0x036a0985bb7b8079L,0x4f185b908d974a25L,0x5aa7cef0d9af5ec9L },
-      { 0xe0566a7057dcfffcL,0x6ea311dab8453225L,0x72ea1a8d23368aa9L,
-        0xed9b208348cd552dL,0xb987967cc80ea435L,0xad735c756c104173L } },
-    /* 105 */
-    { { 0xaea85ab3cee76ef4L,0x44997444af1d2b93L,0x0851929beacb923fL,
-        0xb080b59051e3bc0cL,0xc4ee1d8659be68a2L,0xf00de21964b26cdaL },
-      { 0x8d7fb5c0f2e90d4dL,0x00e219a777d9ec64L,0xc4e6febd5d1c491cL,
-        0x080e37541a8f4585L,0x4a9b86c848d2af9cL,0x2ed70db6b6679851L } },
-    /* 106 */
-    { { 0xaee44116586f25cbL,0xf7b6861fa0fcf70fL,0x55d2cd2018a350e8L,
-        0x861bf3e592dc286fL,0x9ab18ffa6226aba7L,0xd15827bea9857b03L },
-      { 0x26c1f54792e6acefL,0x422c63c8ac1fbac3L,0xa2d8760dfcbfd71dL,
-        0x35f6a539b2511224L,0xbaa88fa1048d1a21L,0x49f1abe9ebf999dbL } },
-    /* 107 */
-    { { 0x16f9f4f4f7492b73L,0xcf28ec1ecb392b1aL,0x45b130d469ca6ffcL,
-        0x28ba8d40b72efa58L,0xace987c75ca066f5L,0x3e3992464ad022ebL },
-      { 0x63a2d84e752555bbL,0xaaa93b4a9c2ae394L,0xcd80424ec89539caL,
-        0x6d6b5a6daa119a99L,0xbd50334c379f2629L,0x899e925eef3cc7d3L } },
-    /* 108 */
-    { { 0xb7ff3651bf825dc4L,0x0f741cc440b9c462L,0x771ff5a95cc4fb5bL,
-        0xcb9e9c9b47fd56feL,0xbdf053db5626c0d3L,0xa97ce675f7e14098L },
-      { 0x68afe5a36c934f5eL,0x6cd5e148ccefc46fL,0xc7758570d7a88586L,
-        0x49978f5edd558d40L,0xa1d5088a64ae00c1L,0x58f2a720f1d65bb2L } },
-    /* 109 */
-    { { 0x66fdda4a3e4daedbL,0x38318c1265d1b052L,0x28d910a24c4bbf5cL,
-        0x762fe5c478a9cd14L,0x08e5ebaad2cc0aeeL,0xd2cdf257ca0c654cL },
-      { 0x48f7c58b08b717d2L,0x3807184a386cd07aL,0x3240f626ae7d0112L,
-        0x03e9361bc43917b0L,0xf261a87620aea018L,0x53f556a47e1e6372L } },
-    /* 110 */
-    { { 0xc84cee562f512a90L,0x24b3c0041b0ea9f1L,0x0ee15d2de26cc1eaL,
-        0xd848762cf0c9ef7dL,0x1026e9c5d5341435L,0x8f5b73dcfdb16b31L },
-      { 0x1f69bef2d2c75d95L,0x8d33d581be064ddaL,0x8c024c1257ed35e6L,
-        0xf8d435f9c309c281L,0xfd295061d6960193L,0x66618d78e9e49541L } },
-    /* 111 */
-    { { 0x571cfd458ce382deL,0x175806eede900ddeL,0x6184996534aba3b5L,
-        0xe899778ade7aec95L,0xe8f00f6eff4aa97fL,0xae971cb5010b0c6dL },
-      { 0x1827eebc3af788f1L,0xd46229ffe413fe2dL,0x8a15455b4741c9b4L,
-        0x5f02e690f8e424ebL,0x40a1202edae87712L,0x49b3bda264944f6dL } },
-    /* 112 */
-    { { 0xd63c6067035b2d69L,0xb507150d6bed91b0L,0x1f35f82f7afb39b2L,
-        0xb9bd9c0116012b66L,0x00d97960ed0a5f50L,0xed7054512716f7c9L },
-      { 0x1576eff4127abdb4L,0x6850d698f01e701cL,0x9fa7d7493fc87e2fL,
-        0x0b6bcc6fb0ce3e48L,0xf4fbe1f5f7d8c1c0L,0xcf75230e02719cc6L } },
-    /* 113 */
-    { { 0x6761d6c2722d94edL,0xd1ec3f213718820eL,0x65a40b7025d0e7c6L,
-        0xd67f830ebaf3cf31L,0x633b3807b93ea430L,0x17faa0ea0bc96c69L },
-      { 0xe6bf3482df866b98L,0x205c1ee9a9db52d4L,0x51ef9bbdff9ab869L,
-        0x3863dad175eeb985L,0xef216c3bd3cf442aL,0x3fb228e3f9c8e321L } },
-    /* 114 */
-    { { 0x94f9b70c0760ac07L,0xf3c9ccae9d79bf4dL,0x73cea084c5ffc83dL,
-        0xef50f943dc49c38eL,0xf467a2aebc9e7330L,0x5ee534b644ea7fbaL },
-      { 0x20cb627203609e7fL,0x0984435562fdc9f0L,0xaf5c8e580f1457f7L,
-        0xd1f50a6cb4b25941L,0x77cb247c2ec82395L,0xa5f3e1e5da3dca33L } },
-    /* 115 */
-    { { 0x023489d67d85fa94L,0x0ba405372db9ce47L,0x0fdf7a1faed7aad1L,
-        0xa57b0d739a4ccb40L,0x48fcec995b18967cL,0xf30b5b6eb7274d24L },
-      { 0x7ccb4773c81c5338L,0xb85639e6a3ed6bd0L,0x7d9df95f1d56eadaL,
-        0xe256d57f0a1607adL,0x6da7ffdc957574d6L,0x65f8404601c7a8c4L } },
-    /* 116 */
-    { { 0x8d45d0cbcba1e7f1L,0xef0a08c002b55f64L,0x771ca31b17e19892L,
-        0xe1843ecb4885907eL,0x67797ebc364ce16aL,0x816d2b2d8df4b338L },
-      { 0xe870b0e539aa8671L,0x9f0db3e4c102b5f5L,0x342966591720c697L,
-        0x0ad4c89e613c0d2aL,0x1af900b2418ddd61L,0xe087ca72d336e20eL } },
-    /* 117 */
-    { { 0x222831ffaba10079L,0x0dc5f87b6d64fff2L,0x445479073e8cb330L,
-        0xe815aaa2702a33fbL,0x338d6b2e5fba3215L,0x0f7535cb79f549c8L },
-      { 0x471ecd972ee95923L,0x1e868b37c6d1c09fL,0x2bc7b8ecc666ef4eL,
-        0xf5416589808a4bfcL,0xf23e9ee23fbc4d2eL,0x4357236c2d75125bL } },
-    /* 118 */
-    { { 0xfe176d95ba9cdb1bL,0x45a1ca012f82791eL,0x97654af24de4cca2L,
-        0xbdbf9d0e5cc4bcb9L,0xf6a7df50ad97ac0aL,0xc52112b061359fd6L },
-      { 0x696d9ce34f05eae3L,0x903adc02e943ac2bL,0xa90753470848be17L,
-        0x1e20f1702a3973e5L,0xe1aacc1c6feb67e9L,0x2ca0ac32e16bc6b9L } },
-    /* 119 */
-    { { 0xffea12e4ef871eb5L,0x94c2f25da8bf0a7aL,0x4d1e4c2a78134eaaL,
-        0x11ed16fb0360fb10L,0x4029b6db85fc11beL,0x5e9f7ab7f4d390faL },
-      { 0x5076d72f30646612L,0xa0afed1ddda1d0d8L,0x2902225785a1d103L,
-        0xcb499e174e276bcdL,0x16d1da7151246c3dL,0xc72d56d3589a0443L } },
-    /* 120 */
-    { { 0xdf5ffc74dae5bb45L,0x99068c4a261bd6dcL,0xdc0afa7aaa98ec7bL,
-        0xedd2ee00f121e96dL,0x163cc7be1414045cL,0xb0b1bbce335af50eL },
-      { 0xd440d78501a06293L,0xcdebab7c6552e644L,0x48cb8dbc8c757e46L,
-        0x81f9cf783cabe3cbL,0xddd02611b123f59aL,0x3dc7b88eeeb3784dL } },
-    /* 121 */
-    { { 0xe1b8d398c4741456L,0xa9dfa9026032a121L,0x1cbfc86d1263245bL,
-        0xf411c7625244718cL,0x96521d5405b0fc54L,0x1afab46edbaa4985L },
-      { 0xa75902ba8674b4adL,0x486b43ad5ad87d12L,0x72b1c73636e0d099L,
-        0x39890e07bb6cd6d6L,0x8128999c59bace4eL,0xd8da430b7b535e33L } },
-    /* 122 */
-    { { 0x39f65642c6b75791L,0x050947a621806bfbL,0x0ca3e3701362ef84L,
-        0x9bc60aed8c3d2391L,0x9b488671732e1ddcL,0x12d10d9ea98ee077L },
-      { 0xb6f2822d3651b7dcL,0x6345a5ba80abd138L,0x62033262472d3c84L,
-        0xd54a1d40acc57527L,0x6ea46b3a424447cbL,0x5bc410572fb1a496L } },
-    /* 123 */
-    { { 0xe70c57a3a751cd0eL,0x190d8419eba3c7d6L,0xb1c3bee79d47d55aL,
-        0xda941266f912c6d8L,0x12e9aacc407a6ad6L,0xd6ce5f116e838911L },
-      { 0x063ca97b70e1f2ceL,0xa3e47c728213d434L,0xa016e24184df810aL,
-        0x688ad7b0dfd881a4L,0xa37d99fca89bf0adL,0xd8e3f339a23c2d23L } },
-    /* 124 */
-    { { 0xbdf53163750bed6fL,0x808abc3283e68b0aL,0x85a366275bb08a33L,
-        0xf72a3a0f6b0e4abeL,0xf7716d19faf0c6adL,0x22dcc0205379b25fL },
-      { 0x7400bf8df9a56e11L,0x6cb8bad756a47f21L,0x7c97176f7a6eb644L,
-        0xe8fd84f7d1f5b646L,0x98320a9444ddb054L,0x07071ba31dde86f5L } },
-    /* 125 */
-    { { 0x6fdfa0e598f8fcb9L,0x89cec8e094d0d70cL,0xa0899397106d20a8L,
-        0x915bfb9aba8acc9cL,0x1370c94b5507e01cL,0x83246a608a821ffbL },
-      { 0xa8273a9fbe3c378fL,0x7e54478935a25be9L,0x6cfa49724dd929d7L,
-        0x987fed9d365bd878L,0x4982ac945c29a7aeL,0x4589a5d75ddd7ec5L } },
-    /* 126 */
-    { { 0x9fabb174a95540a9L,0x7cfb886f0162c5b0L,0x17be766bea3dee18L,
-        0xff7da41fe88e624cL,0xad0b71eb8b919c38L,0x86a522e0f31ff9a9L },
-      { 0xbc8e6f72868bc259L,0x6130c6383ccef9e4L,0x09f1f4549a466555L,
-        0x8e6c0f0919b2bfb4L,0x945c46c90ca7bb22L,0xacd871684dafb67bL } },
-    /* 127 */
-    { { 0x090c72ca10c53841L,0xc20ae01b55a4fcedL,0x03f7ebd5e10234adL,
-        0xb3f42a6a85892064L,0xbdbc30c0b4a14722L,0x971bc4378ca124ccL },
-      { 0x6f79f46d517ff2ffL,0x6a9c96e2ecba947bL,0x5e79f2f462925122L,
-        0x30a96bb16a4e91f1L,0x1147c9232d4c72daL,0x65bc311f5811e4dfL } },
-    /* 128 */
-    { { 0x87c7dd7d139b3239L,0x8b57824e4d833baeL,0xbcbc48789fff0015L,
-        0x8ffcef8b909eaf1aL,0x9905f4eef1443a78L,0x020dd4a2e15cbfedL },
-      { 0xca2969eca306d695L,0xdf940cadb93caf60L,0x67f7fab787ea6e39L,
-        0x0d0ee10ff98c4fe5L,0xc646879ac19cb91eL,0x4b4ea50c7d1d7ab4L } },
-    /* 129 */
-    { { 0x19e409457a0db57eL,0xe6017cad9a8c9702L,0xdbf739e51be5cff9L,
-        0x3646b3cda7a938a2L,0x0451108568350dfcL,0xad3bd6f356e098b5L },
-      { 0x935ebabfee2e3e3eL,0xfbd01702473926cbL,0x7c735b029e9fb5aaL,
-        0xc52a1b852e3feff0L,0x9199abd3046b405aL,0xe306fcec39039971L } },
-    /* 130 */
-    { { 0xd6d9aec823e4712cL,0x7ca8376cc3c198eeL,0xe6d8318731bebd8aL,
-        0xed57aff3d88bfef3L,0x72a645eecf44edc7L,0xd4e63d0b5cbb1517L },
-      { 0x98ce7a1cceee0ecfL,0x8f0126335383ee8eL,0x3b879078a6b455e8L,
-        0xcbcd3d96c7658c06L,0x721d6fe70783336aL,0xf21a72635a677136L } },
-    /* 131 */
-    { { 0x19d8b3cd9586ba11L,0xd9e0aeb28a5c0480L,0xe4261dbf2230ef5cL,
-        0x095a9dee02e6bf09L,0x8963723c80dc7784L,0x5c97dbaf145157b1L },
-      { 0x97e744344bc4503eL,0x0fb1cb3185a6b370L,0x3e8df2becd205d4bL,
-        0x497dd1bcf8f765daL,0x92ef95c76c988a1aL,0x3f924baa64dc4cfaL } },
-    /* 132 */
-    { { 0x6bf1b8dd7268b448L,0xd4c28ba1efd79b94L,0x2fa1f8c8e4e3551fL,
-        0x769e3ad45c9187a9L,0x28843b4d40326c0dL,0xfefc809450d5d669L },
-      { 0x30c85bfd90339366L,0x4eeb56f15ccf6c3aL,0x0e72b14928ccd1dcL,
-        0x73ee85b5f2ce978eL,0xcdeb2bf33165bb23L,0x8106c9234e410abfL } },
-    /* 133 */
-    { { 0xc8df01617d02f4eeL,0x8a78154718e21225L,0x4ea895eb6acf9e40L,
-        0x8b000cb56e5a633dL,0xf31d86d57e981ffbL,0xf5c8029c4475bc32L },
-      { 0x764561ce1b568973L,0x2f809b81a62996ecL,0x9e513d64da085408L,
-        0xc27d815de61ce309L,0x0da6ff99272999e0L,0xbd284779fead73f7L } },
-    /* 134 */
-    { { 0x6033c2f99b1cdf2bL,0x2a99cf06bc5fa151L,0x7d27d25912177b3bL,
-        0xb1f15273c4485483L,0x5fd57d81102e2297L,0x3d43e017c7f6acb7L },
-      { 0x41a8bb0b3a70eb28L,0x67de2d8e3e80b06bL,0x09245a4170c28de5L,
-        0xad7dbcb1a7b26023L,0x70b08a352cbc6c1eL,0xb504fb669b33041fL } },
-    /* 135 */
-    { { 0xa8e85ab5f97a27c2L,0x6ac5ec8bc10a011bL,0x55745533ffbcf161L,
-        0x01780e8565790a60L,0xe451bf8599ee75b0L,0x8907a63b39c29881L },
-      { 0x76d46738260189edL,0x284a443647bd35cbL,0xd74e8c4020cab61eL,
-        0x6264bf8c416cf20aL,0xfa5a6c955fd820ceL,0xfa7154d0f24bb5fcL } },
-    /* 136 */
-    { { 0x18482cec9b3f5034L,0x962d445acd9e68fdL,0x266fb1d695746f23L,
-        0xc66ade5a58c94a4bL,0xdbbda826ed68a5b6L,0x05664a4d7ab0d6aeL },
-      { 0xbcd4fe51025e32fcL,0x61a5aebfa96df252L,0xd88a07e231592a31L,
-        0x5d9d94de98905517L,0x96bb40105fd440e7L,0x1b0c47a2e807db4cL } },
-    /* 137 */
-    { { 0x5c2a6ac808223878L,0xba08c269e65a5558L,0xd22b1b9b9bbc27fdL,
-        0x919171bf72b9607dL,0x9ab455f9e588dc58L,0x6d54916e23662d93L },
-      { 0x8da8e9383b1de0c1L,0xa84d186a804f278fL,0xbf4988ccd3461695L,
-        0xf5eae3bee10eb0cbL,0x1ff8b68fbf2a66edL,0xa68daf67c305b570L } },
-    /* 138 */
-    { { 0xc1004cff44b2e045L,0x91b5e1364b1c05d4L,0x53ae409088a48a07L,
-        0x73fb2995ea11bb1aL,0x320485703d93a4eaL,0xcce45de83bfc8a5fL },
-      { 0xaff4a97ec2b3106eL,0x9069c630b6848b4fL,0xeda837a6ed76241cL,
-        0x8a0daf136cc3f6cfL,0x199d049d3da018a8L,0xf867c6b1d9093ba3L } },
-    /* 139 */
-    { { 0xe4d42a5656527296L,0xae26c73dce71178dL,0x70a0adac6c251664L,
-        0x813483ae5dc0ae1dL,0x7574eacddaab2dafL,0xc56b52dcc2d55f4fL },
-      { 0x872bc16795f32923L,0x4be175815bdd2a89L,0x9b57f1e7a7699f00L,
-        0x5fcd9c723ac2de02L,0x83af3ba192377739L,0xa64d4e2bfc50b97fL } },
-    /* 140 */
-    { { 0x2172dae20e552b40L,0x62f49725d34d52e8L,0x7930ee4007958f98L,
-        0x56da2a90751fdd74L,0xf1192834f53e48c3L,0x34d2ac268e53c343L },
-      { 0x1073c21813111286L,0x201dac14da9d9827L,0xec2c29dbee95d378L,
-        0x9316f1191f3ee0b1L,0x7890c9f0544ce71cL,0xd77138af27612127L } },
-    /* 141 */
-    { { 0x78045e6d3b4ad1cdL,0xcd86b94e4aa49bc1L,0x57e51f1dfd677a16L,
-        0xd9290935fa613697L,0x7a3f959334f4d893L,0x8c9c248b5d5fcf9bL },
-      { 0x9f23a4826f70d4e9L,0x1727345463190ae9L,0x4bdd7c135b081a48L,
-        0x1e2de38928d65271L,0x0bbaaa25e5841d1fL,0xc4c18a79746772e5L } },
-    /* 142 */
-    { { 0x10ee2681593375acL,0x4f3288be7dd5e113L,0x9a97b2fb240f3538L,
-        0xfa11089f1de6b1e2L,0x516da5621351bc58L,0x573b61192dfa85b5L },
-      { 0x89e966836cba7df5L,0xf299be158c28ab40L,0xe91c9348ad43fcbfL,
-        0xe9bbc7cc9a1cefb3L,0xc8add876738b2775L,0x6e3b1f2e775eaa01L } },
-    /* 143 */
-    { { 0x0365a888b677788bL,0x634ae8c43fd6173cL,0x304987619e498dbeL,
-        0x08c43e6dc8f779abL,0x068ae3844c09aca9L,0x2380c70b2018d170L },
-      { 0xcf77fbc3a297c5ecL,0xdacbc853ca457948L,0x3690de04336bec7eL,
-        0x26bbac6414eec461L,0xd1c23c7e1f713abfL,0xf08bbfcde6fd569eL } },
-    /* 144 */
-    { { 0x5f8163f484770ee3L,0x0e0c7f94744a1706L,0x9c8f05f7e1b2d46dL,
-        0x417eafe7d01fd99aL,0x2ba15df511440e5bL,0xdc5c552a91a6fbcfL },
-      { 0x86271d74a270f721L,0x32c0a075a004485bL,0x9d1a87e38defa075L,
-        0xb590a7acbf0d20feL,0x430c41c28feda1f5L,0x454d287958f6ec24L } },
-    /* 145 */
-    { { 0x52b7a6357c525435L,0x3d9ef57f37c4bdbcL,0x2bb93e9edffcc475L,
-        0xf7b8ba987710f3beL,0x42ee86da21b727deL,0x55ac3f192e490d01L },
-      { 0x487e3a6ec0c1c390L,0x036fb345446cde7bL,0x089eb276496ae951L,
-        0xedfed4d971ed1234L,0x661b0dd5900f0b46L,0x11bd6f1b8582f0d3L } },
-    /* 146 */
-    { { 0x5cf9350f076bc9d1L,0x15d903becf3cd2c3L,0x21cfc8c225af031cL,
-        0xe0ad32488b1cc657L,0xdd9fb96370014e87L,0xf0f3a5a1297f1658L },
-      { 0xbb908fbaf1f703aaL,0x2f9cc4202f6760baL,0x00ceec6666a38b51L,
-        0x4deda33005d645daL,0xb9cf5c72f7de3394L,0xaeef65021ad4c906L } },
-    /* 147 */
-    { { 0x0583c8b17a19045dL,0xae7c3102d052824cL,0x2a234979ff6cfa58L,
-        0xfe9dffc962c733c0L,0x3a7fa2509c0c4b09L,0x516437bb4fe21805L },
-      { 0x9454e3d5c2a23ddbL,0x0726d887289c104eL,0x8977d9184fd15243L,
-        0xc559e73f6d7790baL,0x8fd3e87d465af85fL,0xa2615c745feee46bL } },
-    /* 148 */
-    { { 0xc8d607a84335167dL,0x8b42d804e0f5c887L,0x5f9f13df398d11f9L,
-        0x5aaa508720740c67L,0x83da9a6aa3d9234bL,0xbd3a5c4e2a54bad1L },
-      { 0xdd13914c2db0f658L,0x29dcb66e5a3f373aL,0xbfd62df55245a72bL,
-        0x19d1802391e40847L,0xd9df74dbb136b1aeL,0x72a06b6b3f93bc5bL } },
-    /* 149 */
-    { { 0x6da19ec3ad19d96fL,0xb342daa4fb2a4099L,0x0e61633a662271eaL,
-        0x3bcece81ce8c054bL,0x7cc8e0618bd62dc6L,0xae189e19ee578d8bL },
-      { 0x73e7a25ddced1eedL,0xc1257f0a7875d3abL,0x2cb2d5a21cfef026L,
-        0xd98ef39bb1fdf61cL,0xcd8e6f6924e83e6cL,0xd71e7076c7b7088bL } },
-    /* 150 */
-    { { 0x339368309d4245bfL,0x22d962172ac2953bL,0xb3bf5a8256c3c3cdL,
-        0x50c9be910d0699e8L,0xec0944638f366459L,0x6c056dba513b7c35L },
-      { 0x687a6a83045ab0e3L,0x8d40b57f445c9295L,0x0f345048a16f5954L,
-        0x64b5c6393d8f0a87L,0x106353a29f71c5e2L,0xdd58b475874f0dd4L } },
-    /* 151 */
-    { { 0x67ec084f62230c72L,0xf14f6cca481385e3L,0xf58bb4074cda7774L,
-        0xe15011b1aa2dbb6bL,0xd488369d0c035ab1L,0xef83c24a8245f2fdL },
-      { 0xfb57328f9fdc2538L,0x79808293191fe46aL,0xe28f5c4432ede548L,
-        0x1b3cda99ea1a022cL,0x39e639b73df2ec7fL,0x77b6272b760e9a18L } },
-    /* 152 */
-    { { 0x2b1d51bda65d56d5L,0x3a9b71f97ea696e0L,0x95250ecc9904f4c4L,
-        0x8bc4d6ebe75774b7L,0x0e343f8aeaeeb9aaL,0xc473c1d1930e04cbL },
-      { 0x282321b1064cd8aeL,0xf4b4371e5562221cL,0xc1cc81ecd1bf1221L,
-        0xa52a07a9e2c8082fL,0x350d8e59ba64a958L,0x29e4f3de6fb32c9aL } },
-    /* 153 */
-    { { 0x0aa9d56cba89aaa5L,0xf0208ac0c4c6059eL,0x7400d9c6bd6ddca4L,
-        0xb384e475f2c2f74aL,0x4c1061fcb1562dd3L,0x3924e2482e153b8dL },
-      { 0xf38b8d98849808abL,0x29bf3260a491aa36L,0x85159ada88220edeL,
-        0x8b47915bbe5bc422L,0xa934d72ed7300967L,0xc4f303982e515d0dL } },
-    /* 154 */
-    { { 0xe3e9ee421b1de38bL,0xa124e25a42636760L,0x90bf73c090165b1aL,
-        0x21802a34146434c5L,0x54aa83f22e1fa109L,0x1d4bd03ced9c51e9L },
-      { 0xc2d96a38798751e6L,0xed27235f8c3507f5L,0xb5fb80e2c8c24f88L,
-        0xf873eefad37f4f78L,0x7229fd74f224ba96L,0x9dcd91999edd7149L } },
-    /* 155 */
-    { { 0xee9f81a64e94f22aL,0xe5609892f71ec341L,0x6c818ddda998284eL,
-        0x9fd472953b54b098L,0x47a6ac030e8a7cc9L,0xde684e5eb207a382L },
-      { 0x4bdd1ecd2b6b956bL,0x09084414f01b3583L,0xe2f80b3255233b14L,
-        0x5a0fec54ef5ebc5eL,0x74cf25e6bf8b29a2L,0x1c757fa07f29e014L } },
-    /* 156 */
-    { { 0x1bcb5c4aeb0fdfe4L,0xd7c649b3f0899367L,0xaef68e3f05bc083bL,
-        0x57a06e46a78aa607L,0xa2136ecc21223a44L,0x89bd648452f5a50bL },
-      { 0x724411b94455f15aL,0x23dfa97008a9c0fdL,0x7b0da4d16db63befL,
-        0x6f8a7ec1fb162443L,0xc1ac9ceee98284fbL,0x085a582b33566022L } },
-    /* 157 */
-    { { 0x15cb61f9ec1f138aL,0x11c9a230668f0c28L,0xac829729df93f38fL,
-        0xcef256984048848dL,0x3f686da02bba8fbfL,0xed5fea78111c619aL },
-      { 0x9b4f73bcd6d1c833L,0x5095160686e7bf80L,0xa2a73508042b1d51L,
-        0x9ef6ea495fb89ec2L,0xf1008ce95ef8b892L,0x78a7e6849ae8568bL } },
-    /* 158 */
-    { { 0x3fe83a7c10470cd8L,0x92734682f86df000L,0xb5dac06bda9409b5L,
-        0x1e7a966094939c5fL,0xdec6c1505cc116dcL,0x1a52b40866bac8ccL },
-      { 0x5303a3656e864045L,0x45eae72a9139efc1L,0x83bec6466f31d54fL,
-        0x2fb4a86f6e958a6dL,0x6760718e4ff44030L,0x008117e3e91ae0dfL } },
-    /* 159 */
-    { { 0x5d5833ba384310a2L,0xbdfb4edc1fd6c9fcL,0xb9a4f102849c4fb8L,
-        0xe5fb239a581c1e1fL,0xba44b2e7d0a9746dL,0x78f7b7683bd942b9L },
-      { 0x076c8ca1c87607aeL,0x82b23c2ed5caaa7eL,0x6a581f392763e461L,
-        0xca8a5e4a3886df11L,0xc87e90cf264e7f22L,0x04f74870215cfcfcL } },
-    /* 160 */
-    { { 0x5285d116141d161cL,0x67cd2e0e93c4ed17L,0x12c62a647c36187eL,
-        0xf5329539ed2584caL,0xc4c777c442fbbd69L,0x107de7761bdfc50aL },
-      { 0x9976dcc5e96beebdL,0xbe2aff95a865a151L,0x0e0a9da19d8872afL,
-        0x5e357a3da63c17ccL,0xd31fdfd8e15cc67cL,0xc44bbefd7970c6d8L } },
-    /* 161 */
-    { { 0x703f83e24c0c62f1L,0x9b1e28ee4e195572L,0x6a82858bfe26ccedL,
-        0xd381c84bc43638faL,0x94f72867a5ba43d8L,0x3b4a783d10b82743L },
-      { 0xee1ad7b57576451eL,0xc3d0b59714b6b5c8L,0x3dc30954fcacc1b8L,
-        0x55df110e472c9d7bL,0x97c86ed702f8a328L,0xd043341388dc098fL } },
-    /* 162 */
-    { { 0x1a60d1522ca8f2feL,0x61640948491bd41fL,0x6dae29a558dfe035L,
-        0x9a615bea278e4863L,0xbbdb44779ad7c8e5L,0x1c7066302ceac2fcL },
-      { 0x5e2b54c699699b4bL,0xb509ca6d239e17e8L,0x728165feea063a82L,
-        0x6b5e609db6a22e02L,0x12813905b26ee1dfL,0x07b9f722439491faL } },
-    /* 163 */
-    { { 0x1592ec1448ff4e49L,0x3e4e9f176d644129L,0x7acf82881156acc0L,
-        0x5aa34ba8bb092b0bL,0xcd0f90227d38393dL,0x416724ddea4f8187L },
-      { 0x3c4e641cc0139e73L,0xe0fe46cf91e4d87dL,0xedb3c792cab61f8aL,
-        0x4cb46de4d3868753L,0xe449c21d20f1098aL,0x5e5fd059f5b8ea6eL } },
-    /* 164 */
-    { { 0x7fcadd4675856031L,0x89c7a4cdeaf2fbd0L,0x1af523ce7a87c480L,
-        0xe5fc109561d9ae90L,0x3fb5864fbcdb95f5L,0xbeb5188ebb5b2c7dL },
-      { 0x3d1563c33ae65825L,0x116854c40e57d641L,0x11f73d341942ebd3L,
-        0x24dc5904c06955b3L,0x8a0d4c83995a0a62L,0xfb26b86d5d577b7dL } },
-    /* 165 */
-    { { 0xc53108e7c686ae17L,0x9090d739d1c1da56L,0x4583b0139aec50aeL,
-        0xdd9a088ba49a6ab2L,0x28192eeaf382f850L,0xcc8df756f5fe910eL },
-      { 0x877823a39cab7630L,0x64984a9afb8e7fc1L,0x5448ef9c364bfc16L,
-        0xbbb4f871c44e2a9aL,0x901a41ab435c95e9L,0xc6c23e5faaa50a06L } },
-    /* 166 */
-    { { 0xb78016c19034d8ddL,0x856bb44b0b13e79bL,0x85c6409ab3241a05L,
-        0x8d2fe19a2d78ed21L,0xdcc7c26d726eddf2L,0x3ccaff5f25104f04L },
-      { 0x397d7edc6b21f843L,0xda88e4dde975de4cL,0x5273d3964f5ab69eL,
-        0x537680e39aae6cc0L,0xf749cce53e6f9461L,0x021ddbd9957bffd3L } },
-    /* 167 */
-    { { 0x7b64585f777233cfL,0xfe6771f60942a6f0L,0x636aba7adfe6eef0L,
-        0x63bbeb5686038029L,0xacee5842de8fcf36L,0x48d9aa99d4a20524L },
-      { 0xcff7a74c0da5e57aL,0xc232593ce549d6c9L,0x68504bccf0f2287bL,
-        0x6d7d098dbc8360b5L,0xeac5f1495b402f41L,0x61936f11b87d1bf1L } },
-    /* 168 */
-    { { 0xaa9da167b8153a9dL,0xa49fe3ac9e83ecf0L,0x14c18f8e1b661384L,
-        0x61c24dab38434de1L,0x3d973c3a283dae96L,0xc99baa0182754fc9L },
-      { 0x477d198f4c26b1e3L,0x12e8e186a7516202L,0x386e52f6362addfaL,
-        0x31e8f695c3962853L,0xdec2af136aaedb60L,0xfcfdb4c629cf74acL } },
-    /* 169 */
-    { { 0x6b3ee958cca40298L,0xc3878153f2f5d195L,0x0c565630ed2eae5bL,
-        0xd089b37e3a697cf2L,0xc2ed2ac7ad5029eaL,0x7e5cdfad0f0dda6aL },
-      { 0xf98426dfd9b86202L,0xed1960b14335e054L,0x1fdb02463f14639eL,
-        0x17f709c30db6c670L,0xbfc687ae773421e1L,0x13fefc4a26c1a8acL } },
-    /* 170 */
-    { { 0xe361a1987ffa0a5fL,0xf4b26102c63fe109L,0x264acbc56c74e111L,
-        0x4af445fa77abebafL,0x448c4fdd24cddb75L,0x0b13157d44506eeaL },
-      { 0x22a6b15972e9993dL,0x2c3c57e485e5ecbeL,0xa673560bfd83e1a1L,
-        0x6be23f82c3b8c83bL,0x40b13a9640bbe38eL,0x66eea033ad17399bL } },
-    /* 171 */
-    { { 0x49fc6e95b4c6c693L,0xefc735de36af7d38L,0xe053343d35fe42fcL,
-        0xf0aa427c6a9ab7c3L,0xc79f04364a0fcb24L,0x1628724393ebbc50L },
-      { 0x5c3d6bd016927e1eL,0x40158ed2673b984cL,0xa7f86fc84cd48b9aL,
-        0x1643eda660ea282dL,0x45b393eae2a1beedL,0x664c839e19571a94L } },
-    /* 172 */
-    { { 0x5774575027eeaf94L,0x2875c925ea99e1e7L,0xc127e7ba5086adeaL,
-        0x765252a086fe424fL,0x1143cc6c2b6c0281L,0xc9bb2989d671312dL },
-      { 0x880c337c51acb0a5L,0xa3710915d3c60f78L,0x496113c09262b6edL,
-        0x5d25d9f89ce48182L,0x53b6ad72b3813586L,0x0ea3bebc4c0e159cL } },
-    /* 173 */
-    { { 0xcaba450ac5e49beaL,0x684e54157c05da59L,0xa2e9cab9de7ac36cL,
-        0x4ca79b5f2e6f957bL,0xef7b024709b817b1L,0xeb3049907d89df0fL },
-      { 0x508f730746fe5096L,0x695810e82e04eaafL,0x88ef1bd93512f76cL,
-        0x776613513ebca06bL,0xf7d4863accf158b7L,0xb2a81e4494ee57daL } },
-    /* 174 */
-    { { 0xff288e5b6d53e6baL,0xa90de1a914484ea2L,0x2fadb60ced33c8ecL,
-        0x579d6ef328b66a40L,0x4f2dd6ddec24372dL,0xe9e33fc91d66ec7dL },
-      { 0x110899d2039eab6eL,0xa31a667a3e97bb5eL,0x6200166dcfdce68eL,
-        0xbe83ebae5137d54bL,0x085f7d874800acdfL,0xcf4ab1330c6f8c86L } },
-    /* 175 */
-    { { 0x03f65845931e08fbL,0x6438551e1506e2c0L,0x5791f0dc9c36961fL,
-        0x68107b29e3dcc916L,0x83242374f495d2caL,0xd8cfb6636ee5895bL },
-      { 0x525e0f16a0349b1bL,0x33cd2c6c4a0fab86L,0x46c12ee82af8dda9L,
-        0x7cc424ba71e97ad3L,0x69766ddf37621eb0L,0x95565f56a5f0d390L } },
-    /* 176 */
-    { { 0xe0e7bbf21a0f5e94L,0xf771e1151d82d327L,0x10033e3dceb111faL,
-        0xd269744dd3426638L,0xbdf2d9da00d01ef6L,0x1cb80c71a049ceafL },
-      { 0x17f183289e21c677L,0x6452af0519c8f98bL,0x35b9c5f780b67997L,
-        0x5c2e1cbe40f8f3d4L,0x43f9165666d667caL,0x9faaa059cf9d6e79L } },
-    /* 177 */
-    { { 0x8ad246180a078fe6L,0xf6cc73e6464fd1ddL,0x4d2ce34dc3e37448L,
-        0x624950c5e3271b5fL,0x62910f5eefc5af72L,0x8b585bf8aa132bc6L },
-      { 0x11723985a839327fL,0x34e2d27d4aac252fL,0x402f59ef6296cc4eL,
-        0x00ae055c47053de9L,0xfc22a97228b4f09bL,0xa9e86264fa0c180eL } },
-    /* 178 */
-    { { 0x0b7b6224bc310eccL,0x8a1a74f167fa14edL,0x87dd09607214395cL,
-        0xdf1b3d09f5c91128L,0x39ff23c686b264a8L,0xdc2d49d03e58d4c5L },
-      { 0x2152b7d3a9d6f501L,0xf4c32e24c04094f7L,0xc6366596d938990fL,
-        0x084d078f94fb207fL,0xfd99f1d7328594cbL,0x36defa64cb2d96b3L } },
-    /* 179 */
-    { { 0x4619b78113ed7cbeL,0x95e500159784bd0eL,0x2a32251c2c7705feL,
-        0xa376af995f0dd083L,0x55425c6c0361a45bL,0x812d2cef1f291e7bL },
-      { 0xccf581a05fd94972L,0x26e20e39e56dc383L,0x0093685d63dbfbf0L,
-        0x1fc164cc36b8c575L,0xb9c5ab81390ef5e7L,0x40086beb26908c66L } },
-    /* 180 */
-    { { 0xe5e54f7937e3c115L,0x69b8ee8cc1445a8aL,0x79aedff2b7659709L,
-        0xe288e1631b46fbe6L,0xdb4844f0d18d7bb7L,0xe0ea23d048aa6424L },
-      { 0x714c0e4ef3d80a73L,0x87a0aa9e3bd64f98L,0x8844b8a82ec63080L,
-        0xe0ac9c30255d81a3L,0x86151237455397fcL,0x0b9794642f820155L } },
-    /* 181 */
-    { { 0x127a255a4ae03080L,0x232306b4580a89fbL,0x04e8cd6a6416f539L,
-        0xaeb70dee13b02a0eL,0xa3038cf84c09684aL,0xa710ec3c28e433eeL },
-      { 0x77a72567681b1f7dL,0x86fbce952fc28170L,0xd3408683f5735ac8L,
-        0x3a324e2a6bd68e93L,0x7ec74353c027d155L,0xab60354cd4427177L } },
-    /* 182 */
-    { { 0x32a5342aef4c209dL,0x2ba7527408d62704L,0x4bb4af6fc825d5feL,
-        0x1c3919ced28e7ff1L,0x1dfc2fdcde0340f6L,0xc6580baf29f33ba9L },
-      { 0xae121e7541d442cbL,0x4c7727fd3a4724e4L,0xe556d6a4524f3474L,
-        0x87e13cc7785642a2L,0x182efbb1a17845fdL,0xdcec0cf14e144857L } },
-    /* 183 */
-    { { 0x1cb89541e9539819L,0xc8cb3b4f9d94dbf1L,0x1d353f63417da578L,
-        0xb7a697fb8053a09eL,0x8d841731c35d8b78L,0x85748d6fb656a7a9L },
-      { 0x1fd03947c1859c5dL,0x6ce965c1535d22a2L,0x1966a13e0ca3aadcL,
-        0x9802e41d4fb14effL,0xa9048cbb76dd3fcdL,0x89b182b5e9455bbaL } },
-    /* 184 */
-    { { 0xd777ad6a43360710L,0x841287ef55e9936bL,0xbaf5c67004a21b24L,
-        0xf2c0725f35ad86f1L,0x338fa650c707e72eL,0x2bf8ed2ed8883e52L },
-      { 0xb0212cf4b56e0d6aL,0x50537e126843290cL,0xd8b184a198b3dc6fL,
-        0xd2be9a350210b722L,0x407406db559781eeL,0x5a78d5910bc18534L } },
-    /* 185 */
-    { { 0x4d57aa2ad748b02cL,0xbe5b3451a12b3b95L,0xadca7a4564711258L,
-        0x597e091a322153dbL,0xf327100632eb1eabL,0xbd9adcba2873f301L },
-      { 0xd1dc79d138543f7fL,0x00022092921b1fefL,0x86db3ef51e5df8edL,
-        0x888cae049e6b944aL,0x71bd29ec791a32b4L,0xd3516206a6d1c13eL } },
-    /* 186 */
-    { { 0x2ef6b95255924f43L,0xd2f401ae4f9de8d5L,0xfc73e8d7adc68042L,
-        0x627ea70c0d9d1bb4L,0xc3bb3e3ebbf35679L,0x7e8a254ad882dee4L },
-      { 0x08906f50b5924407L,0xf14a0e61a1ad444aL,0xaa0efa2165f3738eL,
-        0xd60c7dd6ae71f161L,0x9e8390faf175894dL,0xd115cd20149f4c00L } },
-    /* 187 */
-    { { 0x2f2e2c1da52abf77L,0xc2a0dca554232568L,0xed423ea254966dccL,
-        0xe48c93c7cd0dd039L,0x1e54a225176405c7L,0x1efb5b1670d58f2eL },
-      { 0xa751f9d994fb1471L,0xfdb31e1f67d2941dL,0xa6c74eb253733698L,
-        0xd3155d1189a0f64aL,0x4414cfe4a4b8d2b6L,0x8d5a4be8f7a8e9e3L } },
-    /* 188 */
-    { { 0x5c96b4d452669e98L,0x4547f9228fd42a03L,0xcf5c1319d285174eL,
-        0x805cd1ae064bffa0L,0x50e8bc4f246d27e7L,0xf89ef98fd5781e11L },
-      { 0xb4ff95f6dee0b63fL,0xad850047222663a4L,0x026918604d23ce9cL,
-        0x3e5309ce50019f59L,0x27e6f72269a508aeL,0xe9376652267ba52cL } },
-    /* 189 */
-    { { 0xa04d289cc0368708L,0xc458872f5e306e1dL,0x76fa23de33112feaL,
-        0x718e39746efde42eL,0xf0c98cdc1d206091L,0x5fa3ca6214a71987L },
-      { 0xeee8188bdcaa9f2aL,0x312cc732589a860dL,0xf9808dd6c63aeb1fL,
-        0x70fd43db4ea62b53L,0x2c2bfe34890b6e97L,0x105f863cfa426aa6L } },
-    /* 190 */
-    { { 0x0b29795db38059adL,0x5686b77e90647ea0L,0xeff0470edb473a3eL,
-        0x278d2340f9b6d1e2L,0xebbff95bbd594ec7L,0xf4b72334d3a7f23dL },
-      { 0x2a285980a5a83f0bL,0x0786c41a9716a8b3L,0x138901bd22511812L,
-        0xd1b55221e2fede6eL,0x0806e264df4eb590L,0x6c4c897e762e462eL } },
-    /* 191 */
-    { { 0xd10b905fb4b41d9dL,0x826ca4664523a65bL,0x535bbd13b699fa37L,
-        0x5b9933d773bc8f90L,0x9332d61fcd2118adL,0x158c693ed4a65fd0L },
-      { 0x4ddfb2a8e6806e63L,0xe31ed3ecb5de651bL,0xf9460e51819bc69aL,
-        0x6229c0d62c76b1f8L,0xbb78f231901970a3L,0x31f3820f9cee72b8L } },
-    /* 192 */
-    { { 0xe931caf2c09e1c72L,0x0715f29812990cf4L,0x33aad81d943262d8L,
-        0x5d292b7a73048d3fL,0xb152aaa4dc7415f6L,0xc3d10fd90fd19587L },
-      { 0xf76b35c575ddadd0L,0x9f5f4a511e7b694cL,0x2f1ab7ebc0663025L,
-        0x01c9cc87920260b0L,0xc4b1f61a05d39da6L,0x6dcd76c4eb4a9c4eL } },
-    /* 193 */
-    { { 0x0ba0916ffdc83f01L,0x354c8b449553e4f9L,0xa6cc511affc5e622L,
-        0xb954726ae95be787L,0xcb04811575b41a62L,0xfa2ae6cdebfde989L },
-      { 0x6376bbc70f24659aL,0x13a999fd4c289c43L,0xc7134184ec9abd8bL,
-        0x28c02bf6a789ab04L,0xff841ebcd3e526ecL,0x442b191e640893a8L } },
-    /* 194 */
-    { { 0x4cac6c62fa2b6e20L,0x97f29e9bf6d69861L,0x228ab1dbbc96d12dL,
-        0x6eb913275e8e108dL,0xd4b3d4d140771245L,0x61b20623ca8a803aL },
-      { 0x2c2f3b41a6a560b1L,0x879e1d403859fcf4L,0x7cdb5145024dbfc3L,
-        0x55d08f153bfa5315L,0x2f57d773aa93823aL,0xa97f259cc6a2c9a2L } },
-    /* 195 */
-    { { 0xc306317be58edbbbL,0x25ade51c79dfdf13L,0x6b5beaf116d83dd6L,
-        0xe8038a441dd8f925L,0x7f00143cb2a87b6bL,0xa885d00df5b438deL },
-      { 0xe9f76790cf9e48bdL,0xf0bdf9f0a5162768L,0x0436709fad7b57cbL,
-        0x7e151c12f7c15db7L,0x3514f0225d90ee3bL,0x2e84e8032c361a8dL } },
-    /* 196 */
-    { { 0x2277607d563ec8d8L,0xa661811fe3934cb7L,0x3ca72e7af58fd5deL,
-        0x7989da0462294c6aL,0x88b3708bf6bbefe9L,0x0d524cf753ed7c82L },
-      { 0x69f699ca2f30c073L,0xf0fa264b9dc1dcf3L,0x44ca456805f0aaf6L,
-        0x0f5b23c7d19b9bafL,0x39193f41eabd1107L,0x9e3e10ad2a7c9b83L } },
-    /* 197 */
-    { { 0xa90824f0d4ae972fL,0x43eef02bc6e846e7L,0x7e46061229d2160aL,
-        0x29a178acfe604e91L,0x23056f044eb184b2L,0x4fcad55feb54cdf4L },
-      { 0xa0ff96f3ae728d15L,0x8a2680c6c6a00331L,0x5f84cae07ee52556L,
-        0x5e462c3ac5a65dadL,0x5d2b81dfe2d23f4fL,0x6e47301bc5b1eb07L } },
-    /* 198 */
-    { { 0x77411d68af8219b9L,0xcb883ce651b1907aL,0x25c87e57101383b5L,
-        0x9c7d9859982f970dL,0xaa6abca5118305d2L,0x725fed2f9013a5dbL },
-      { 0x487cdbafababd109L,0xc0f8cf5687586528L,0xa02591e68ad58254L,
-        0xc071b1d1debbd526L,0x927dfe8b961e7e31L,0x55f895f99263dfe1L } },
-    /* 199 */
-    { { 0xf899b00db175645bL,0x51f3a627b65b4b92L,0xa2f3ac8db67399efL,
-        0xe717867fe400bc20L,0x42cc90201967b952L,0x3d5967513ecd1de1L },
-      { 0xd41ebcdedb979775L,0x99ba61bc6a2e7e88L,0x039149a5321504f2L,
-        0xe7dc231427ba2fadL,0x9f556308b57d8368L,0x2b6d16c957da80a7L } },
-    /* 200 */
-    { { 0x84af5e76279ad982L,0x9bb4c92d9c8b81a6L,0xd79ad44e0e698e67L,
-        0xe8be9048265fc167L,0xf135f7e60c3a4cccL,0xa0a10d38b8863a33L },
-      { 0xe197247cd386efd9L,0x0eefd3f9b52346c2L,0xc22415f978607bc8L,
-        0xa2a8f862508674ceL,0xa72ad09ec8c9d607L,0xcd9f0ede50fa764fL } },
-    /* 201 */
-    { { 0x063391c7d1a46d4dL,0x2df51c119eb01693L,0xc5849800849e83deL,
-        0x48fd09aa8ad08382L,0xa405d873aa742736L,0xee49e61ee1f9600cL },
-      { 0xd76676be48c76f73L,0xd9c100f601274b2aL,0x110bb67c83f8718dL,
-        0xec85a42002fc0d73L,0xc0449e1e744656adL,0x28ce737637d9939bL } },
-    /* 202 */
-    { { 0x97e9af7244544ac7L,0xf2c658d5ba010426L,0x732dec39fb3adfbdL,
-        0xd12faf91a2df0b07L,0x8ac267252171e208L,0xf820cdc85b24fa54L },
-      { 0x307a6eea94f4cf77L,0x18c783d2944a33c6L,0x4b939d4c0b741ac5L,
-        0x1d7acd153ffbb6e4L,0x06a248587a255e44L,0x14fbc494ce336d50L } },
-    /* 203 */
-    { { 0x9b920c0c51584e3cL,0xc7733c59f7e54027L,0xe24ce13988422bbeL,
-        0x11ada812523bd6abL,0xde068800b88e6defL,0x7b872671fe8c582dL },
-      { 0x4e746f287de53510L,0x492f8b99f7971968L,0x1ec80bc77d928ac2L,
-        0xb3913e48432eb1b5L,0xad08486632028f6eL,0x122bb8358fc2f38bL } },
-    /* 204 */
-    { { 0x0a9f3b1e3b0b29c3L,0x837b64324fa44151L,0xb9905c9217b28ea7L,
-        0xf39bc93798451750L,0xcd383c24ce8b6da1L,0x299f57db010620b2L },
-      { 0x7b6ac39658afdce3L,0xa15206b33d05ef47L,0xa0ae37e2b9bb02ffL,
-        0x107760ab9db3964cL,0xe29de9a067954beaL,0x446a1ad8431c3f82L } },
-    /* 205 */
-    { { 0xc6fecea05c6b8195L,0xd744a7c5f49e71b9L,0xa8e96acc177a7ae7L,
-        0x1a05746c358773a7L,0xa416214637567369L,0xaa0217f787d1c971L },
-      { 0x61e9d15877fd3226L,0x0f6f2304e4f600beL,0xa9c4cebc7a6dff07L,
-        0xd15afa0109f12a24L,0x2bbadb228c863ee9L,0xa28290e4e5eb8c78L } },
-    /* 206 */
-    { { 0x55b87fa03e9de330L,0x12b26066195c145bL,0xe08536e0a920bef0L,
-        0x7bff6f2c4d195adcL,0x7f319e9d945f4187L,0xf9848863f892ce47L },
-      { 0xd0efc1d34fe37657L,0x3c58de825cf0e45aL,0x626ad21a8b0ccbbeL,
-        0xd2a31208af952fc5L,0x81791995eb437357L,0x5f19d30f98e95d4fL } },
-    /* 207 */
-    { { 0x72e83d9a0e6865bbL,0x22f5af3bf63456a6L,0x409e9c73463c8d9eL,
-        0x40e9e578dfe6970eL,0x876b6efa711b91caL,0x895512cf942625a3L },
-      { 0x84c8eda8cb4e462bL,0x84c0154a4412e7c8L,0x04325db1ceb7b71fL,
-        0x1537dde366f70877L,0xf3a093991992b9acL,0xa7316606d498ae77L } },
-    /* 208 */
-    { { 0x13990d2fcad260f5L,0x76c3be29eec0e8c0L,0x7dc5bee00f7bd7d5L,
-        0x9be167d2efebda4bL,0xcce3dde69122b87eL,0x75a28b0982b5415cL },
-      { 0xf6810bcde84607a6L,0xc6d581286f4dbf0dL,0xfead577d1b4dafebL,
-        0x9bc440b2066b28ebL,0x53f1da978b17e84bL,0x0459504bcda9a575L } },
-    /* 209 */
-    { { 0x13e39a02329e5836L,0x2c9e7d51f717269dL,0xc5ac58d6f26c963bL,
-        0x3b0c6c4379967bf5L,0x60bbea3f55908d9dL,0xd84811e7f07c9ad1L },
-      { 0xfe7609a75bd20e4aL,0xe4325dd20a70baa8L,0x3711f370b3600386L,
-        0x97f9562fd0924302L,0x040dc0c34acc4436L,0xfd6d725cde79cdd4L } },
-    /* 210 */
-    { { 0xb3efd0e3cf13eafbL,0x21009cbb5aa0ae5fL,0xe480c55379022279L,
-        0x755cf334b2fc9a6dL,0x8564a5bf07096ae7L,0xddd649d0bd238139L },
-      { 0xd0de10b18a045041L,0x6e05b413c957d572L,0x5c5ff8064e0fb25cL,
-        0xd933179b641162fbL,0x42d48485e57439f9L,0x70c5bd0a8a8d72aaL } },
-    /* 211 */
-    { { 0xa767173897bdf646L,0xaa1485b4ab329f7cL,0xce3e11d6f8f25fdfL,
-        0x76a3fc7ec6221824L,0x045f281ff3924740L,0x24557d4e96d13a9aL },
-      { 0x875c804bdd4c27cdL,0x11c5f0f40f5c7feaL,0xac8c880bdc55ff7eL,
-        0x2acddec51103f101L,0x38341a21f99faa89L,0xc7b67a2cce9d6b57L } },
-    /* 212 */
-    { { 0x9a0d724f8e357586L,0x1d7f4ff5df648da0L,0x9c3e6c9bfdee62a5L,
-        0x0499cef00389b372L,0xe904050d98eab879L,0xe8eef1b66c051617L },
-      { 0xebf5bfebc37e3ca9L,0x7c5e946da4e0b91dL,0x790973142c4bea28L,
-        0x81f6c109ee67b2b7L,0xaf237d9bdafc5edeL,0xd2e602012abb04c7L } },
-    /* 213 */
-    { { 0x6156060c8a4f57bfL,0xf9758696ff11182aL,0x8336773c6296ef00L,
-        0x9c054bceff666899L,0xd6a11611719cd11cL,0x9824a641dbe1acfaL },
-      { 0x0b7b7a5fba89fd01L,0xf8d3b809889f79d8L,0xc5e1ea08f578285cL,
-        0x7ac74536ae6d8288L,0x5d37a2007521ef5fL,0x5ecc4184b260a25dL } },
-    /* 214 */
-    { { 0xddcebb19a708c8d3L,0xe63ed04fc63f81ecL,0xd045f5a011873f95L,
-        0x3b5ad54479f276d5L,0x81272a3d425ae5b3L,0x8bfeb50110ce1605L },
-      { 0x4233809c888228bfL,0x4bd82acfb2aff7dfL,0x9c68f1800cbd4a7fL,
-        0xfcd771246b44323dL,0x60c0fcf6891db957L,0xcfbb4d8904da8f7fL } },
-    /* 215 */
-    { { 0x9a6a5df93b26139aL,0x3e076a83b2cc7eb8L,0x47a8e82d5a964bcdL,
-        0x8a4e2a39b9278d6bL,0x93506c98e4443549L,0x06497a8ff1e0d566L },
-      { 0x3dee8d992b1efa05L,0x2da63ca845393e33L,0xa4af7277cf0579adL,
-        0xaf4b46393236d8eaL,0x6ccad95b32b617f5L,0xce76d8b8b88bb124L } },
-    /* 216 */
-    { { 0x63d2537a083843dcL,0x89eb35141e4153b4L,0x5175ebc4ea9afc94L,
-        0x7a6525808ed1aed7L,0x67295611d85e8297L,0x8dd2d68bb584b73dL },
-      { 0x237139e60133c3a4L,0x9de838ab4bd278eaL,0xe829b072c062fcd9L,
-        0x70730d4f63ba8706L,0x6080483fd3cd05ecL,0x872ab5b80c85f84dL } },
-    /* 217 */
-    { { 0xfc0776d3999d4d49L,0xa3eb59deec3f45e7L,0xbc990e440dae1fc1L,
-        0x33596b1ea15371ffL,0xd447dcb29bc7ab25L,0xcd5b63e935979582L },
-      { 0xae3366fa77d1ff11L,0x59f28f05edee6903L,0x6f43fed1a4433bf2L,
-        0x15409c9bdf9ce00eL,0x21b5cdedaca9c5dcL,0xf9f3359582d7bdb4L } },
-    /* 218 */
-    { { 0x959443789422c792L,0x239ea923c958b8bfL,0x4b61a247df076541L,
-        0x4d29ce85bb9fc544L,0x9a692a670b424559L,0x6e0ca5a00e486900L },
-      { 0x6b79a78285b3beceL,0x41f35e39c61f9892L,0xff82099aae747f82L,
-        0x58c8ae3fd0ca59d6L,0x4ac930e299406b5fL,0x2ce04eb99df24243L } },
-    /* 219 */
-    { { 0x4366b9941ac37b82L,0xff0c728d25b04d83L,0x1f55136119c47b7cL,
-        0xdbf2d5edbeff13e7L,0xf78efd51e12a683dL,0x82cd85b9989cf9c4L },
-      { 0xe23c6db6e0cb5d37L,0x818aeebd72ee1a15L,0x8212aafd28771b14L,
-        0x7bc221d91def817dL,0xdac403a29445c51fL,0x711b051712c3746bL } },
-    /* 220 */
-    { { 0x0ed9ed485ea99eccL,0xf799500db8cab5e1L,0xa8ec87dcb570cbdcL,
-        0x52cfb2c2d35dfaecL,0x8d31fae26e4d80a4L,0xe6a37dc9dcdeabe5L },
-      { 0x5d365a341deca452L,0x09a5f8a50d68b44eL,0x59238ea5a60744b1L,
-        0xf2fedc0dbb4249e9L,0xe395c74ea909b2e3L,0xe156d1a539388250L } },
-    /* 221 */
-    { { 0xd796b3d047181ae9L,0xbaf44ba844197808L,0xe693309434cf3facL,
-        0x41aa6adec3bd5c46L,0x4fda75d8eed947c6L,0xacd9d4129ea5a525L },
-      { 0x65cc55a3d430301bL,0x3c9a5bcf7b52ea49L,0x22d319cf159507f0L,
-        0x2ee0b9b5de74a8ddL,0x20c26a1e877ac2b6L,0x387d73da92e7c314L } },
-    /* 222 */
-    { { 0x13c4833e8cd3fdacL,0x76fcd473332e5b8eL,0xff671b4be2fe1fd3L,
-        0x4d734e8b5d98d8ecL,0xb1ead3c6514bbc11L,0xd14ca8587b390494L },
-      { 0x95a443af5d2d37e9L,0x73c6ea7300464622L,0xa44aeb4b15755044L,
-        0xba3f8575fab58feeL,0x9779dbc9dc680a6fL,0xe1ee5f5a7b37ddfcL } },
-    /* 223 */
-    { { 0xcd0b464812d29f46L,0x93295b0b0ed53137L,0xbfe2609480bef6c9L,
-        0xa656578854248b00L,0x69c43fca80e7f9c4L,0x2190837bbe141ea1L },
-      { 0x875e159aa1b26cfbL,0x90ca9f877affe852L,0x15e6550d92ca598eL,
-        0xe3e0945d1938ad11L,0xef7636bb366ef937L,0xb6034d0bb39869e5L } },
-    /* 224 */
-    { { 0x4d255e3026d8356eL,0xf83666edd314626fL,0x421ddf61d0c8ed64L,
-        0x96e473c526677b61L,0xdad4af7e9e9b18b3L,0xfceffd4aa9393f75L },
-      { 0x843138a111c731d5L,0x05bcb3a1b2f141d9L,0x20e1fa95617b7671L,
-        0xbefce81288ccec7bL,0x582073dc90f1b568L,0xf572261a1f055cb7L } },
-    /* 225 */
-    { { 0xf314827736973088L,0xc008e70886a9f980L,0x1b795947e046c261L,
-        0xdf1e6a7dca76bca0L,0xabafd88671acddf0L,0xff7054d91364d8f4L },
-      { 0x2cf63547e2260594L,0x468a5372d73b277eL,0xc7419e24ef9bd35eL,
-        0x2b4a1c2024043cc3L,0xa28f047a890b39cdL,0xdca2cea146f9a2e3L } },
-    /* 226 */
-    { { 0xab78873653277538L,0xa734e225cf697738L,0x66ee1d1e6b22e2c1L,
-        0x2c615389ebe1d212L,0xf36cad4002bb0766L,0x120885c33e64f207L },
-      { 0x59e77d5690fbfec2L,0xf9e781aad7a574aeL,0x801410b05d045e53L,
-        0xd3b5f0aaa91b5f0eL,0xb3d1df007fbb3521L,0x11c4b33ec72bee9aL } },
-    /* 227 */
-    { { 0xd32b983283c3a7f3L,0x8083abcf88d8a354L,0xdeb1640450f4ec5aL,
-        0x18d747f0641e2907L,0x4e8978aef1bbf03eL,0x932447dc88a0cd89L },
-      { 0x561e0febcf3d5897L,0xfc3a682f13600e6dL,0xc78b9d73d16a6b73L,
-        0xe713feded29bf580L,0x0a22522308d69e5cL,0x3a924a571ff7fda4L } },
-    /* 228 */
-    { { 0xfb64554cb4093beeL,0xa6d65a25a58c6ec0L,0x4126994d43d0ed37L,
-        0xa5689a5155152d44L,0xb8e5ea8c284caa8dL,0x33f05d4fd1f25538L },
-      { 0xe0fdfe091b615d6eL,0x2ded7e8f705507daL,0xdd5631e517bbcc80L,
-        0x4f87453e267fd11fL,0xc6da723fff89d62dL,0x55cbcae2e3cda21dL } },
-    /* 229 */
-    { { 0x336bc94e6b4e84f3L,0x728630314ef72c35L,0x6d85fdeeeeb57f99L,
-        0x7f4e3272a42ece1bL,0x7f86cbb536f0320aL,0xf09b6a2b923331e6L },
-      { 0x21d3ecf156778435L,0x2977ba998323b2d2L,0x6a1b57fb1704bc0fL,
-        0xd777cf8b389f048aL,0x9ce2174fac6b42cdL,0x404e2bff09e6c55aL } },
-    /* 230 */
-    { { 0x9b9b135e204c5ddbL,0x9dbfe0443eff550eL,0x35eab4bfec3be0f6L,
-        0x8b4c3f0d0a43e56fL,0x4c1c66730e73f9b3L,0x92ed38bd2c78c905L },
-      { 0xc7003f6aa386e27cL,0xb9c4f46faced8507L,0xea024ec859df5464L,
-        0x4af96152429572eaL,0x279cd5e2e1fc1194L,0xaa376a03281e358cL } },
-    /* 231 */
-    { { 0x078592233cdbc95cL,0xaae1aa6aef2e337aL,0xc040108d472a8544L,
-        0x80c853e68d037b7dL,0xd221315c8c7eee24L,0x195d38568ee47752L },
-      { 0xd4b1ba03dacd7fbeL,0x4b5ac61ed3e0c52bL,0x68d3c0526aab7b52L,
-        0xf0d7248c660e3feaL,0xafdb3f893145efb4L,0xa73fd9a38f40936dL } },
-    /* 232 */
-    { { 0x891b9ef3bb1b17ceL,0x14023667c6127f31L,0x12b2e58d305521fdL,
-        0x3a47e449e3508088L,0xe49fc84bff751507L,0x4023f7225310d16eL },
-      { 0xa608e5edb73399faL,0xf12632d8d532aa3eL,0x13a2758e845e8415L,
-        0xae4b6f851fc2d861L,0x3879f5b1339d02f2L,0x446d22a680d99ebdL } },
-    /* 233 */
-    { { 0x0f5023024be164f1L,0x8d09d2d688b81920L,0x514056f1984aceffL,
-        0xa5c4ddf075e9e80dL,0x38cb47e6df496a93L,0x899e1d6b38df6bf7L },
-      { 0x69e87e88b59eb2a6L,0x280d9d639b47f38bL,0x599411ea3654e955L,
-        0xcf8dd4fd969aa581L,0xff5c2baf530742a7L,0xa43915361a373085L } },
-    /* 234 */
-    { { 0x6ace72a3a8a4bdd2L,0xc656cdd1b68ef702L,0xd4a33e7e90c4dad8L,
-        0x4aece08a9d951c50L,0xea8005ae085d68e6L,0xfdd7a7d76f7502b8L },
-      { 0xce6fb0a698d6fa45L,0x228f86721104eb8cL,0xd23d8787da09d7dcL,
-        0x5521428b2ae93065L,0x95faba3dea56c366L,0xedbe50390a88aca5L } },
-    /* 235 */
-    { { 0xd64da0adbfb26c82L,0xe5d70b3c952c2f9cL,0xf5e8f365f7e77f68L,
-        0x7234e00208f2d695L,0xfaf900eed12e7be6L,0x27dc69344acf734eL },
-      { 0x80e4ff5ec260a46aL,0x7da5ebce2dc31c28L,0x485c5d73ca69f552L,
-        0xcdfb6b2969cc84c2L,0x031c5afeed6d4ecaL,0xc7bbf4c822247637L } },
-    /* 236 */
-    { { 0x9d5b72c749fe01b2L,0x34785186793a91b8L,0xa3ba3c54cf460438L,
-        0x73e8e43d3ab21b6fL,0x50cde8e0be57b8abL,0x6488b3a7dd204264L },
-      { 0xa9e398b3dddc4582L,0x1698c1a95bec46feL,0x7f1446ef156d3843L,
-        0x3fd25dd8770329a2L,0x05b1221a2c710668L,0x65b2dc2aa72ee6cfL } },
-    /* 237 */
-    { { 0x21a885f7cd021d63L,0x3f344b15fea61f08L,0xad5ba6ddc5cf73e6L,
-        0x154d0d8f227a8b23L,0x9b74373cdc559311L,0x4feab71598620fa1L },
-      { 0x5098938e7d9ec924L,0x84d54a5e6d47e550L,0x1a2d1bdc1b617506L,
-        0x99fe1782615868a4L,0x171da7803005a924L,0xa70bf5ed7d8f79b6L } },
-    /* 238 */
-    { { 0x0bc1250dfe2216c5L,0x2c37e2507601b351L,0xb6300175d6f06b7eL,
-        0x4dde8ca18bfeb9b7L,0x4f210432b82f843dL,0x8d70e2f9b1ac0afdL },
-      { 0x25c73b78aae91abbL,0x0230dca3863028f2L,0x8b923ecfe5cf30b7L,
-        0xed754ec25506f265L,0x8e41b88c729a5e39L,0xee67cec2babf889bL } },
-    /* 239 */
-    { { 0xe183acf51be46c65L,0x9789538fe7565d7aL,0x87873391d9627b4eL,
-        0xbf4ac4c19f1d9187L,0x5db99f634691f5c8L,0xa68df80374a1fb98L },
-      { 0x3c448ed1bf92b5faL,0xa098c8413e0bdc32L,0x8e74cd5579bf016cL,
-        0x5df0d09c115e244dL,0x9418ad013410b66eL,0x8b6124cb17a02130L } },
-    /* 240 */
-    { { 0x425ec3afc26e3392L,0xc07f8470a1722e00L,0xdcc28190e2356b43L,
-        0x4ed97dffb1ef59a6L,0xc22b3ad1c63028c1L,0x070723c268c18988L },
-      { 0x70da302f4cf49e7dL,0xc5e87c933f12a522L,0x74acdd1d18594148L,
-        0xad5f73abca74124cL,0xe72e4a3ed69fd478L,0x615938687b117cc3L } },
-    /* 241 */
-    { { 0x7b7b9577a9aa0486L,0x6e41fb35a063d557L,0xb017d5c7da9047d7L,
-        0x8c74828068a87ba9L,0xab45fa5cdf08ad93L,0xcd9fb2174c288a28L },
-      { 0x595446425747843dL,0x34d64c6ca56111e3L,0x12e47ea14bfce8d5L,
-        0x17740e056169267fL,0x5c49438eeed03fb5L,0x9da30add4fc3f513L } },
-    /* 242 */
-    { { 0xc4e85282ccfa5200L,0x2707608f6a19b13dL,0xdcb9a53df5726e2fL,
-        0x612407c9e9427de5L,0x3e5a17e1d54d582aL,0xb99877de655ae118L },
-      { 0x6f0e972b015254deL,0x92a56db1f0a6f7c5L,0xd297e4e1a656f8b2L,
-        0x99fe0052ad981983L,0xd3652d2f07cfed84L,0xc784352e843c1738L } },
-    /* 243 */
-    { { 0x6ee90af07e9b2d8aL,0xac8d701857cf1964L,0xf6ed903171f28efcL,
-        0x7f70d5a96812b20eL,0x27b557f4f1c61eeeL,0xf1c9bd57c6263758L },
-      { 0x5cf7d0142a1a6194L,0xdd614e0b1890ab84L,0x3ef9de100e93c2a6L,
-        0xf98cf575e0cd91c5L,0x504ec0c614befc32L,0xd0513a666279d68cL } },
-    /* 244 */
-    { { 0xa8eadbada859fb6aL,0xcf8346e7db283666L,0x7b35e61a3e22e355L,
-        0x293ece2c99639c6bL,0xfa0162e256f241c8L,0xd2e6c7b9bf7a1ddaL },
-      { 0xd0de625340075e63L,0x2405aa61f9ec8286L,0x2237830a8fe45494L,
-        0x4fd01ac7364e9c8cL,0x4d9c3d21904ba750L,0xd589be14af1b520bL } },
-    /* 245 */
-    { { 0x13576a4f4662e53bL,0x35ec2f51f9077676L,0x66297d1397c0af97L,
-        0xed3201fe9e598b58L,0x49bc752a5e70f604L,0xb54af535bb12d951L },
-      { 0x36ea4c2b212c1c76L,0x18f5bbc7eb250dfdL,0xa0d466cc9a0a1a46L,
-        0x52564da4dac2d917L,0x206559f48e95fab5L,0x7487c1909ca67a33L } },
-    /* 246 */
-    { { 0x75abfe37dde98e9cL,0x99b90b262a411199L,0x1b410996dcdb1f7cL,
-        0xab346f118b3b5675L,0x04852193f1f8ae1eL,0x1ec4d2276b8b98c1L },
-      { 0xba3bc92645452baaL,0x387d1858acc4a572L,0x9478eff6e51f171eL,
-        0xf357077d931e1c00L,0xffee77cde54c8ca8L,0xfb4892ff551dc9a4L } },
-    /* 247 */
-    { { 0x5b1bdad02db8dff8L,0xd462f4fd5a2285a2L,0x1d6aad8eda00b461L,
-        0x43fbefcf41306d1bL,0x428e86f36a13fe19L,0xc8b2f11817f89404L },
-      { 0x762528aaf0d51afbL,0xa3e2fea4549b1d06L,0x86fad8f2ea3ddf66L,
-        0x0d9ccc4b4fbdd206L,0xcde97d4cc189ff5aL,0xc36793d6199f19a6L } },
-    /* 248 */
-    { { 0xea38909b51b85197L,0xffb17dd0b4c92895L,0x0eb0878b1ddb3f3fL,
-        0xb05d28ffc57cf0f2L,0xd8bde2e71abd57e2L,0x7f2be28dc40c1b20L },
-      { 0x6554dca2299a2d48L,0x5130ba2e8377982dL,0x8863205f1071971aL,
-        0x15ee62827cf2825dL,0xd4b6c57f03748f2bL,0xa9e3f4da430385a0L } },
-    /* 249 */
-    { { 0x33eb7cec83fbc9c6L,0x24a311c74541777eL,0xc81377f74f0767fcL,
-        0x12adae364ab702daL,0xb7fcb6db2a779696L,0x4a6fb28401cea6adL },
-      { 0x5e8b1d2acdfc73deL,0xd0efae8d1b02fd32L,0x3f99c190d81d8519L,
-        0x3c18f7fafc808971L,0x41f713e751b7ae7bL,0x0a4b3435f07fc3f8L } },
-    /* 250 */
-    { { 0x7dda3c4c019b7d2eL,0x631c8d1ad4dc4b89L,0x5489cd6e1cdb313cL,
-        0xd44aed104c07bb06L,0x8f97e13a75f000d1L,0x0e9ee64fdda5df4dL },
-      { 0xeaa99f3b3e346910L,0x622f6921fa294ad7L,0x22aaa20d0d0b2fe9L,
-        0x4fed2f991e5881baL,0x9af3b2d6c1571802L,0x919e67a8dc7ee17cL } },
-    /* 251 */
-    { { 0xc724fe4c76250533L,0x8a2080e57d817ef8L,0xa2afb0f4172c9751L,
-        0x9b10cdeb17c0702eL,0xbf3975e3c9b7e3e9L,0x206117df1cd0cdc5L },
-      { 0xfb049e61be05ebd5L,0xeb0bb55c16c782c0L,0x13a331b8ab7fed09L,
-        0xf6c58b1d632863f0L,0x6264ef6e4d3b6195L,0x92c51b639a53f116L } },
-    /* 252 */
-    { { 0xa57c7bc8288b364dL,0x4a562e087b41e5c4L,0x699d21c6698a9a11L,
-        0xa4ed9581f3f849b9L,0xa223eef39eb726baL,0x13159c23cc2884f9L },
-      { 0x73931e583a3f4963L,0x965003890ada6a81L,0x3ee8a1c65ab2950bL,
-        0xeedf4949775fab52L,0x63d652e14f2671b6L,0xfed4491c3c4e2f55L } },
-    /* 253 */
-    { { 0x335eadc3f4eb453eL,0x5ff74b63cadd1a5bL,0x6933d0d75d84a91aL,
-        0x9ca3eeb9b49ba337L,0x1f6faccec04c15b8L,0x4ef19326dc09a7e4L },
-      { 0x53d2d3243dca3233L,0x0ee40590a2259d4bL,0x18c22edb5546f002L,
-        0x9242980109ea6b71L,0xaada0addb0e91e61L,0x5fe53ef499963c50L } },
-    /* 254 */
-    { { 0x372dd06b90c28c65L,0x1765242c119ce47dL,0xc041fb806b22fc82L,
-        0x667edf07b0a7ccc1L,0xc79599e71261beceL,0xbc69d9ba19cff22aL },
-      { 0x009d77cd13c06819L,0x635a66aee282b79dL,0x4edac4a6225b1be8L,
-        0x57d4f4e4524008f9L,0xee299ac5b056af84L,0xcc38444c3a0bc386L } },
-    /* 255 */
-    { { 0x490643b1cd4c2356L,0x740a4851750547beL,0x643eaf29d4944c04L,
-        0xba572479299a98a0L,0x48b29f16ee05fdf9L,0x33fb4f61089b2d7bL },
-      { 0x86704902a950f955L,0x97e1034dfedc3ddfL,0x211320b605fbb6a2L,
-        0x23d7b93f432299bbL,0x1fe1a0578590e4a3L,0x8e1d0586f58c0ce6L } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_6(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* WC_NO_CACHE_RESISTANT */
-#else
-/* The index into pre-computation table to use. */
-static const word8 recode_index_6_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_6_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<55; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 6)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 6) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_6_7[y];
-        v[i].neg = recode_neg_6_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_65_6(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-
-    for (i = 1; i < 65; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-static const sp_table_entry_384 p384_table[3575] = {
-    /* 0 << 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 0 */
-    { { 0x3dd0756649c0b528L,0x20e378e2a0d6ce38L,0x879c3afc541b4d6eL,
-        0x6454868459a30effL,0x812ff723614ede2bL,0x4d3aadc2299e1513L },
-      { 0x23043dad4b03a4feL,0xa1bfa8bf7bb4a9acL,0x8bade7562e83b050L,
-        0xc6c3521968f4ffd9L,0xdd8002263969a840L,0x2b78abc25a15c5e9L } },
-    /* 2 << 0 */
-    { { 0xc8229e55783dde91L,0x8e6c8f2e022b53f0L,0x3504e6f0ff9d48a1L,
-        0xda821495f0687f50L,0x9c90a4fd2de4b506L,0xdb93b776427460c3L },
-      { 0x42ea84633140bfdaL,0xe8e8e4a8c2aaccd8L,0x15e4f18bdc588258L,
-        0x09f1fe415172bad9L,0x070d430900b0e684L,0xe34947f7123df0c2L } },
-    /* 3 << 0 */
-    { { 0x05e4dbe6c1dc4073L,0xc54ea9fff04f779cL,0x6b2034e9a170ccf0L,
-        0x3a48d732d51c6c3eL,0xe36f7e2d263aa470L,0xd283fe68e7c1c3acL },
-      { 0x7e284821c04ee157L,0x92d789a77ae0e36dL,0x132663c04ef67446L,
-        0x68012d5ad2e1d0b4L,0xf6db68b15102b339L,0x465465fc983292afL } },
-    /* 4 << 0 */
-    { { 0x0aae8477ebb68f2cL,0x30594ccbee0421e3L,0x2e4f153b0aecac46L,
-        0x078358d4736400adL,0xfb40f647d685d979L,0xcfeee6dd34179228L },
-      { 0x54f3e8e79b3a03b2L,0xe74bb7f17bfec97eL,0x8e3e61a34c542ad1L,
-        0x147162d30418c693L,0xe607b9e33820017dL,0x50946875303df319L } },
-    /* 5 << 0 */
-    { { 0xbb595eba68f1f0dfL,0xc185c0cbcc873466L,0x7f1eb1b5293c703bL,
-        0x60db2cf5aacc05e6L,0xc676b987e2e8e4c6L,0xe1bb26b11d178ffbL },
-      { 0x2b694ba07073fa21L,0x22c16e2e72f34566L,0x80b61b3101c35b99L,
-        0x4b237faf982c0411L,0xe6c5944024de236dL,0x4db1c9d6e209e4a3L } },
-    /* 6 << 0 */
-    { { 0x7eb5c9317d56dad8L,0xcb2454b339d3413aL,0xec52930f580d57f2L,
-        0x2a33f6661bdf6015L,0x4f0f6a962b02d33bL,0xc482e189f0430c40L },
-      { 0x3f62b16ea7b08203L,0x739ac69d5b3d4dceL,0x8bd4bffcb79e33b0L,
-        0x93c9e5f61b546f05L,0x586d8ededf21559aL,0xc9962152af2a9ebaL } },
-    /* 7 << 0 */
-    { { 0xdf13b9d17d69222bL,0x4ce6415f874774b1L,0x731edcf8211faa95L,
-        0x5f4215d1659753edL,0xf893db589db2df55L,0x932c9f811c89025bL },
-      { 0x0996b2207706a61eL,0x135349d5a8641c79L,0x65aad76f50130844L,
-        0x0ff37c0401fff780L,0xf57f238e693b0706L,0xd90a16b6af6c9b3eL } },
-    /* 8 << 0 */
-    { { 0x23f60a05dd9bcbbaL,0x9e336de5ae9b587aL,0x1c5c2e7193d7e30fL,
-        0x1d9aebd64f3ddb37L,0x1c7b5fe116b66423L,0x5db4f184349cd9b1L },
-      { 0x0d2cfe83e6655a44L,0x836dbb36b7e55e87L,0x701754bf7d8686e4L,
-        0xe9923263a42dbba2L,0x7008d943c48ecf0eL,0x3c0c6dd70d27ef61L } },
-    /* 9 << 0 */
-    { { 0x2f5d200e2353b92fL,0xe35d87293fd7e4f9L,0x26094833a96d745dL,
-        0xdc351dc13cbfff3fL,0x26d464c6dad54d6aL,0x5cab1d1d53636c6aL },
-      { 0xf2813072b18ec0b0L,0x3777e270d742aa2fL,0x27f061c7033ca7c2L,
-        0xa6ecaccc68ead0d8L,0x7d9429f4ee69a754L,0xe770633431e8f5c6L } },
-    /* 10 << 0 */
-    { { 0x845539d3c8d99c02L,0x2a15a9a6e58d6787L,0xe9f6368eab225fa3L,
-        0x54a612d7eb32cabeL,0xc2f646025c4845ecL,0xa91a5280db1c212eL },
-      { 0xbb971f78e67b5fceL,0x03a530eb13b9e85cL,0x592ac0ba794eabfdL,
-        0x81961b8ccfd7fd1dL,0x3e03370a47a9b8aaL,0x6eb995bec80174e8L } },
-    /* 11 << 0 */
-    { { 0xc7708b19b68b8c7dL,0x4532077c44377abaL,0x0dcc67706cdad64fL,
-        0x01b8bf56147b6602L,0xf8d89885f0561d79L,0x9c19e9fc7ba9c437L },
-      { 0x764eb146bdc4ba25L,0x604fe46bac144b83L,0x3ce813298a77e780L,
-        0x2e070f36fe9e682eL,0x41821d0c3a53287aL,0x9aa62f9f3533f918L } },
-    /* 12 << 0 */
-    { { 0x3db8477270313de0L,0xd4258cc55d970420L,0x03aced26c8edfee1L,
-        0xf67eb42235d77d83L,0x523c40dbcf9ab45cL,0x627b415f9c35b26dL },
-      { 0xfacc45e48be55ed8L,0x80d60af627aa651aL,0x8c79848fd0e102acL,
-        0x40c64a4e66bed5afL,0x0329eab1f7942f0eL,0x0c6e430ef9c4af3dL } },
-    /* 13 << 0 */
-    { { 0x9b7aeb7e75ccbdfbL,0xb25e28c5f6749a95L,0x8a7a8e4633b7d4aeL,
-        0xdb5203a8d9c1bd56L,0xd2657265ed22df97L,0xb51c56e18cf23c94L },
-      { 0xf4d394596c3d812dL,0xd8e88f1a87cae0c2L,0x789a2a48cf4d0fe3L,
-        0xb7feac2dfec38d60L,0x81fdbd1c3b490ec3L,0x4617adb7cc6979e1L } },
-    /* 14 << 0 */
-    { { 0x5865e5018f75244cL,0xd02225fb01ec909fL,0xca6b1af8b1f85c2aL,
-        0x44ce05ff88957166L,0x8058994c5710c0c9L,0x46d227c432f6b1baL },
-      { 0xbe4b4a9003cb68e5L,0x540b8b82730a99d1L,0x1ecc8585e11dbbbfL,
-        0x72445345d9c3b691L,0x647d24db13690a74L,0x4429839ddefbadf5L } },
-    /* 15 << 0 */
-    { { 0x446ad8884709f4a9L,0x2b7210e2ec3dabd8L,0x83ccf19550e07b34L,
-        0x59500917789b3075L,0x0fc01fd4eb085993L,0xfb62d26f4903026bL },
-      { 0x2309cc9d6fe989bbL,0x61609cbd144bd586L,0x4b23d3a0de06610cL,
-        0xdddc2866d898f470L,0x8733fc41400c5797L,0x5a68c6fed0bc2716L } },
-    /* 16 << 0 */
-    { { 0xda6e8a7f7c33ed91L,0x992afb5b0ecdd2d8L,0x37cf65517917652aL,
-        0x317b63ea2887d5ffL,0x37065f5313bdc3faL,0xa10896aa435abaa1L },
-      { 0x9b21615fefabca26L,0xeb07ddea230cf00dL,0x914871dc154d410fL,
-        0xb333bdfbc88ee148L,0x51c305c6a72d1967L,0x659db48181ef2513L } },
-    /* 17 << 0 */
-    { { 0x8903e1304b4a3cd0L,0x3ea4ea4c8ff1f43eL,0xe6fc3f2af655a10dL,
-        0x7be3737d524ffefcL,0x9f6928555330455eL,0x524f166ee475ce70L },
-      { 0x3fcc69cd6c12f055L,0x4e23b6ffd5b9c0daL,0x49ce6993336bf183L,
-        0xf87d6d854a54504aL,0x25eb5df1b3c2677aL,0xac37986f55b164c9L } },
-    /* 18 << 0 */
-    { { 0x5dfee73ce5b82700L,0x198fd3f0f38f6662L,0x3bd1c8f62edb0dbdL,
-        0x55a96a6879909f08L,0x68a2324355671693L,0x57505d8d67497030L },
-      { 0x8a60717f75c64513L,0x54b867b7f78aa7deL,0xc266eb8441129858L,
-        0x6ffcfc7ca4cfd9bbL,0x9bdd6a092945a757L,0x91700b247eb1be63L } },
-    /* 19 << 0 */
-    { { 0x82a2ed4abaa84c08L,0x22c4cc5f41a8c912L,0xca109c3b154aad5eL,
-        0x23891298fc38538eL,0xb3b6639c539802aeL,0xfa0f1f450390d706L },
-      { 0x46b78e5db0dc21d0L,0xa8c72d3cc3da2eacL,0x9170b3786ff2f643L,
-        0x3f5a799bb67f30c3L,0x15d1dc778264b672L,0xa1d47b23e9577764L } },
-    /* 20 << 0 */
-    { { 0xad610a2d94a70ec1L,0xcd96f20591e71d16L,0x713466708cbaffc7L,
-        0xf78cff0cd467f03aL,0x98ca8dd42d96c936L,0x1d1cdf7b5f223465L },
-      { 0xe27a189460d4db60L,0x25f546ab321828ffL,0x9933fb25dccd4df3L,
-        0x422da643ffe6132bL,0x5e01b72b4718bbc7L,0xab9dd81052ebfb01L } },
-    /* 21 << 0 */
-    { { 0x08265e510422ce2fL,0x88e0d496dd2f9e21L,0x30128aa06177f75dL,
-        0x2e59ab62bd9ebe69L,0x1b1a0f6c5df0e537L,0xab16c626dac012b5L },
-      { 0x8014214b008c5de7L,0xaa740a9e38f17beaL,0x262ebb498a149098L,
-        0xb454111e8527cd59L,0x266ad15aacea5817L,0x21824f411353ccbaL } },
-    /* 22 << 0 */
-    { { 0x4f595351262bb775L,0x981b788d16f325b8L,0xccd57831927ed783L,
-        0xc382472ebe0e1fdbL,0xfd7a8b13f0681fcaL,0xe082882d69059095L },
-      { 0x4d1c3049faa71fdcL,0xf9d62fd9c9576c69L,0x7b1ab489cbf837b7L,
-        0xc764edf840d0fcf7L,0x50fc847215809cddL,0x671d69c98fcd8418L } },
-    /* 23 << 0 */
-    { { 0xd1b4e74d12e3683bL,0x990ed20b569b8ef6L,0xb9d3dd25429c0a18L,
-        0x1c75b8ab2a351783L,0x61e4ca2b905432f0L,0x80826a69eea8f224L },
-      { 0x7fc33a6bec52abadL,0x0bcca3f0a65e4813L,0x7ad8a132a527cebeL,
-        0xf0138950eaf22c7eL,0x282d2437566718c1L,0x9dfccb0de2212559L } },
-    /* 24 << 0 */
-    { { 0x259f272cfab816a7L,0x20c1b8e0d809afcdL,0x540c045a409c930bL,
-        0x563361909bd5c2f7L,0x38076e8fca77d74fL,0x4f13f901fc55723fL },
-      { 0x890932d7bd3d10c3L,0x98d82ad1da247ec8L,0xdf5579fa4bea82ddL,
-        0xe8277439a0f9ad3aL,0x1395a87966a4e904L,0x150808e625a302c9L } },
-    /* 25 << 0 */
-    { { 0x1e93722758ce3b83L,0xbb280dfa3cb3fb36L,0x57d0f3d2e2be174aL,
-        0x9bd51b99208abe1eL,0x3809ab50de248024L,0xc29c6e2ca5bb7331L },
-      { 0x9944fd2e61124f05L,0x83ccbc4e9009e391L,0x01628f059424a3ccL,
-        0xd6a2f51dea8e4344L,0xda3e1a3d4cebc96eL,0x1fe6fb42e97809dcL } },
-    /* 26 << 0 */
-    { { 0x6423197d2afd473dL,0xb0391b37897b93f5L,0x6efedb8023bf0b90L,
-        0x808497b7b0bba4a7L,0xf14b309f03fa90f2L,0x37a45bdb091cbb80L },
-      { 0xedda4ae48a8f5dcbL,0xdb3f422d95e16d6eL,0x25c7b9146f5f24c7L,
-        0x5d512df99d42a727L,0xbf2c0862697c08fdL,0x47d98a9df092241cL } },
-    /* 27 << 0 */
-    { { 0xa04482d2467d66e4L,0xcf1912934d78291dL,0x8e0d4168482396f9L,
-        0x7228e2d5d18f14d0L,0x2f7e8d509c6a58feL,0xe8ca780e373e5aecL },
-      { 0x42aad1d61b68e9f8L,0x58a6d7f569e2f8f4L,0xd779adfe31da1beaL,
-        0x7d26540638c85a85L,0x67e67195d44d3cdfL,0x17820a0bc5134ed7L } },
-    /* 28 << 0 */
-    { { 0xc76afaa373b64643L,0x4169b4117b3c1220L,0x550e0bee8ff22c6fL,
-        0x8fb0c597a4da3e15L,0xd8232f8b4e492aa8L,0x55be5764d37da1a2L },
-      { 0xf1bc89b628e77f9eL,0x9ff769c4875fee0fL,0x184bd4733ad6983aL,
-        0xc48ee6f3b033c112L,0x792377fbf8eb8319L,0x05cdca3fe7988176L } },
-    /* 29 << 0 */
-    { { 0x019d6ac5d3021470L,0x25846b66780443d6L,0xce3c15ed55c97647L,
-        0x3dc22d490e3feb0fL,0x2065b7cba7df26e4L,0xc8b00ae8187cea1fL },
-      { 0x1a5284a0865dded3L,0x293c164920c83de2L,0xab178d26cce851b3L,
-        0x8e6db10b404505fbL,0xf6f57e7190c82033L,0x1d2a1c015977f16cL } },
-    /* 30 << 0 */
-    { { 0x6a7a3464d0cbcea0L,0x76aad8b813126388L,0x519b9fd50a183232L,
-        0x15f9abe1feb6b100L,0x7002990485ba4143L,0x92cea8f4c4360dd8L },
-      { 0xdc6c5d1dc12748a1L,0x1846eefcdd3eb156L,0x3117dd04d47a41dcL,
-        0x96c21b29f6a167f2L,0xf569446a27555692L,0x941292e500f88cb2L } },
-    /* 31 << 0 */
-    { { 0xa39c89317c8906a4L,0xb6e7ecdd9e821ee6L,0x2ecf8340f0df4fe6L,
-        0xd42f7dc953c14965L,0x1afb51a3e3ba8285L,0x6c07c4040a3305d1L },
-      { 0xdab83288127fc1daL,0xbc0a699b374c4b08L,0x402a9bab42eb20ddL,
-        0xd7dd464f045a7a1cL,0x5b3d0d6d36beecc4L,0x475a3e756398a19dL } },
-    /* 32 << 0 */
-    { { 0xad852b878c0a64a4L,0x0d784cf208f779d5L,0x1896b9fcc651b1ddL,
-        0xba8953d612e8dc87L,0x3a9865baa631cfb0L,0x5dd2a4a0626b3d79L },
-      { 0x1148bc72687c20bbL,0xa372dfc2f2a52bfdL,0x77315f9e9448fd08L,
-        0x4bcb06f00a2377b6L,0x73b42725b35b4ff0L,0xc510ad93aabca99fL } },
-    /* 33 << 0 */
-    { { 0x61333a382fb3ba63L,0xdf330d9d5b943c86L,0xbbc7c7ee955ef3afL,
-        0xda631fc160f09efbL,0x68af622641d5c400L,0xcc9e97a46c833e9dL },
-      { 0x7fd73e8e3a625e76L,0x13bf6124c209e55eL,0x08467cea48b90b91L,
-        0x8a416eb9bb6f0abaL,0x6fcc93a1b8c31072L,0xa7fd2b619057dad7L } },
-    /* 34 << 0 */
-    { { 0x80b309dd2ada5bf4L,0x0648c2cd2d668c41L,0x45700722abb9102fL,
-        0x9d6ac102b4e25201L,0x7ec2bc1cd50b3e6dL,0xcdb55e6ba07b7caeL },
-      { 0xebcbda0786da3943L,0x470ddc68f8a57f48L,0x9e1418a4554557c3L,
-        0x02d00cfb8a76b2d6L,0x03c050a061520726L,0xa964eefbfdadd24eL } },
-    /* 35 << 0 */
-    { { 0x58a5b5433720ec9bL,0xbb3800d52d7c2fb4L,0x4a508620dde6bd0aL,
-        0x65f16273a02583fdL,0x832bd8e34fc78523L,0xd6149f75e9417bc6L },
-      { 0xfeb026e93deeb52aL,0x0ce18088a55e0956L,0x50018998988092a2L,
-        0x22f19fab28f35eeeL,0xac8a877f52ccd35cL,0xb13a8ad830e23f26L } },
-    /* 36 << 0 */
-    { { 0xf216aa2531238ed0L,0x4a13260770b1b757L,0xa39180d45c2c7ce1L,
-        0x9f82b7fbab52606cL,0x6f01faee26946e78L,0x1608643883061d37L },
-      { 0x597edf370fb077bcL,0x1d11bc5ed6e28138L,0x10209418c167fd20L,
-        0x6a3258ec33f55675L,0xdf33eed7b73401b1L,0xf699887b806085b7L } },
-    /* 37 << 0 */
-    { { 0x0202d57de44f61a3L,0x4027704bb5630ef2L,0xa129e2dff5b54a5dL,
-        0xacb60a7597482b86L,0x9261ede87ef27114L,0x1eba28f3defc58b5L },
-      { 0x6c91c0c98be5589eL,0x2f1643d514594beeL,0x2ea912435d2ca034L,
-        0xb50649a894047d1fL,0x284fcbb5638ca337L,0xfa0e07b7fe85bf85L } },
-    /* 38 << 0 */
-    { { 0x4703cd85891f8ffeL,0x018843c01c0d7702L,0xf3d752f5ad6cbeacL,
-        0x479ecf018173fb32L,0x6b464412bc9a48c7L,0x47ba96091da7b147L },
-      { 0x91af26eaabc13488L,0x87c183c3e1a0e06cL,0xdae2479844956b93L,
-        0xf300e1c648347f9aL,0x129be314974320a4L,0x1f466694520618f2L } },
-    /* 39 << 0 */
-    { { 0x7d894f80506e0e42L,0xd984244a8e3d2c46L,0x6d7edf642b7f006fL,
-        0x36a1cd6dde9b6230L,0xc9985040b76c0665L,0x587df4d6b89b1fc2L },
-      { 0x4c0638476a71ae7aL,0x7b2b0ab3e8294747L,0x345c553ab53153b8L,
-        0xb646e453436d9fe2L,0x1a95355f1cd60340L,0x2d7bc128074968fbL } },
-    /* 40 << 0 */
-    { { 0x6048c6949399c38aL,0x43a53ff21beb359eL,0x86fcfe4760be3ebcL,
-        0xae78bc3a3134216cL,0x3b021cf316d7a9adL,0x51c4b1b36a4d6e81L },
-      { 0x54b9cd8db593d816L,0x1df8cc84a69ea3a3L,0x98ff87f7370eb744L,
-        0x63a00a0a60e0aa2aL,0xdbb22c9ddeb46e6cL,0xdfd92b6da914bb01L } },
-    /* 41 << 0 */
-    { { 0xad148e87bca6d14cL,0x41dfd24d456a201eL,0x73a82933a80d68f3L,
-        0x89746c8d852ca035L,0xe3bc778895fd71aeL,0x8764cd2cda92245dL },
-      { 0xa2fe2c4782eb23e2L,0x5ac762e00f3c9d6eL,0x57860ce121646f31L,
-        0xbdc9d6c34f9f589aL,0x679952c7d193272eL,0x82ea702eeb18f1c5L } },
-    /* 42 << 0 */
-    { { 0x18ef56cd5d76b881L,0x31b22efc5df46c66L,0x4b21c4f3eb6c7e62L,
-        0x3fd72a308f234c86L,0xe983e169ffff96c7L,0x7438b4933c1e593cL },
-      { 0x863a23a3a553e8e3L,0x0d959ba9796d9129L,0x25d0caaeda1eadf4L,
-        0xe739fb61eaa67763L,0x50029568472a7175L,0xdb6829c2f002bb6eL } },
-    /* 43 << 0 */
-    { { 0x37fa935500846d44L,0x09112fc50578bc8cL,0xdad9f5b239c4943dL,
-        0x7314f5f0416dbd86L,0x5cf095a901fefb56L,0x35178bad22dab393L },
-      { 0xcf79fc1b36baf1a7L,0x1b7ee42d749e5498L,0xbce78aa9ede314bbL,
-        0xaaf8e0f6bd0628dfL,0xa974b09415cbf948L,0x8f3f1f63c9632b78L } },
-    /* 44 << 0 */
-    { { 0x1c5f0e5b36a400d3L,0xae97af8bf240b30aL,0x767b4ad7f8f99b51L,
-        0xd50a288981ea36c2L,0x04ce2a21986c5ce6L,0x9c7e7754a320d352L },
-      { 0xc3336331bbad8346L,0x7cc82a4df1698fb2L,0xc680176505c7ad6cL,
-        0x47678afb27dda8e5L,0xade6096d02e543aeL,0x5fb28e322a1dd73bL } },
-    /* 45 << 0 */
-    { { 0xd4c411564fddda5bL,0xd4af65c673ad9112L,0xffe8e0bb39eb8f59L,
-        0xb0040c0e8d6fcf13L,0x99e1c0c61f2bb599L,0x9c94c858b2ac3405L },
-      { 0x8f8878d76eeed85dL,0x62b2f54351fcca3fL,0xeb3b44a9e5b56918L,
-        0x16f96676b7234e93L,0x17477722bd2af19eL,0x42eb2979db83a485L } },
-    /* 46 << 0 */
-    { { 0xa618d7479fc4f435L,0x9f24fba649ddd10eL,0x60976b01b472d789L,
-        0x9266634957719f54L,0xd9c79db800541257L,0x374aa9069481ed0dL },
-      { 0x60efb1147fdc2d7aL,0xa1590c30ecf58643L,0xd7a198a4185a849cL,
-        0x19ab802314eb4ab9L,0xc82d5998ec090d06L,0xfc539eb3e259c7dbL } },
-    /* 47 << 0 */
-    { { 0x6f888f7df0c668caL,0x65c788785f0dc66cL,0xbfb185125f5b07a0L,
-        0x780abff7d878acd0L,0x504f21b1570cf950L,0xea5b37c5da233371L },
-      { 0x487ae8bd22437ed1L,0x9c701758249cf9b7L,0xf86562a898fb34ffL,
-        0xdfeea1a265e0fc91L,0xeef006912e20fc23L,0xac9dfec7dfa72a8bL } },
-    /* 48 << 0 */
-    { { 0x3ccf806ab35bf6cfL,0x2d368d48e7f30c2bL,0x4f504e06ea52bef9L,
-        0x40d01ff53a7d2f3cL,0x62e5c5d3e73a1bc9L,0x66e4794bae7d7400L },
-      { 0x3d30625e5ffef312L,0x4580609da766ddf1L,0x5c3ca10d04bab985L,
-        0x2605ca009da2a2caL,0x48eab00eb5c9462cL,0x271e42a12624a583L } },
-    /* 49 << 0 */
-    { { 0xfa5c3aef697136c6L,0x8ea5af63a5ea6fb8L,0xa669156542e365a4L,
-        0x47c56c115b6e3386L,0x1197832bcea03f56L,0x0b470bb250e4ea9eL },
-      { 0x3113c74313b25712L,0x8d6c174ed2497d48L,0xfc4486ee49c9ebe8L,
-        0x2487edd57f82bdd3L,0x771e64415b57be2fL,0x2d1cc518e28b2bdbL } },
-    /* 50 << 0 */
-    { { 0xa96763d2fba32d1fL,0x172cfe4ecb5af900L,0x510bd675cb2ec3f1L,
-        0xbeabb91ac3c90051L,0x9cbf755b46f97ac7L,0xa820e8303a5d50d1L },
-      { 0x83a9f17e308c4545L,0xdf7dc7053048461aL,0x6124642f0f32b151L,
-        0xc1b444139333e405L,0x6f7bfa7e13a4f7d6L,0x6f58fa8b7181c2a1L } },
-    /* 51 << 0 */
-    { { 0x2c4ccac72070ac8dL,0x1947c0caec4a22b8L,0xa5e0fb598c5a78d9L,
-        0x464ae8d241a84de7L,0x3dba16e9daaabc27L,0x16634a504f35cb3cL },
-      { 0xadc18bf9b16ec84fL,0x324d067e7359dd35L,0xdaeac0c3570543f0L,
-        0x0b2240003c887d36L,0xc69489e2373f1a0dL,0x518b047dcbaa0d97L } },
-    /* 52 << 0 */
-    { { 0x8f6468656f9201b9L,0x8a944b316b326232L,0x5687d1dca6ccfd35L,
-        0x0bedaa85e5377c00L,0x252b48f5cd8d7d77L,0x4b820d9b31d83660L },
-      { 0xa9e5af3ccae07f15L,0x0a8930fc1208b9faL,0x6d0a166ced3c3b7aL,
-        0x90e2aead7f78aaf8L,0x222465866e5ede76L,0xc5cc339dcba1fd4bL } },
-    /* 53 << 0 */
-    { { 0x3b1bddc6fbde49efL,0xdaed7c268a0915ccL,0x0b0110610f0422a2L,
-        0xcf485c74a7c54b16L,0x642ec4e615c3aae2L,0xa8ba8f10e0f383eaL },
-      { 0x2a2054b495618501L,0xebec6442089efa8bL,0x5786a19a4e2fa83eL,
-        0xd2c71ad139069963L,0xadc93d9a481765e2L,0xedf2e3eb7ecc9485L } },
-    /* 54 << 0 */
-    { { 0x11853add834e6c54L,0xab2f15202175fbf4L,0xcff00bd23c9b5a41L,
-        0x075134ebabd64a6aL,0x48c075daaadd6150L,0x4576a6497cb89442L },
-      { 0x340a767034adeda3L,0x8dbb571c77fcd1f4L,0x0bf879d693b44ea6L,
-        0x1ae1dd97d13444bbL,0x6e9e86bb7b1eb77aL,0x420eb673906a2949L } },
-    /* 55 << 0 */
-    { { 0xbcab5f60069f3367L,0xfd6622bc1718ec3cL,0xa4fb7867e3a142d6L,
-        0x6078d8bf085faeb3L,0xfa5cbfda60f4554fL,0xb3fcd5d1690cd408L },
-      { 0x4ebdee7d281f7884L,0x82af23aa180a63a7L,0x8de3107c3d079f61L,
-        0x17c6b5cbbe2334f8L,0x6a91e73997d0fa06L,0x7460257314ceeed4L } },
-    /* 56 << 0 */
-    { { 0x483350a5ebb8cdadL,0xd4215b4fc7a8baa1L,0x8b6fc785e692fdd2L,
-        0x2629ba4fd1deca25L,0xe9981ea6820da79fL,0x7772a913e6436cc1L },
-      { 0xd141235c553fb41dL,0x28179e6cc852f64bL,0xb623a1aeeb8cc21cL,
-        0x05826192490bb572L,0x56fefff326f349ceL,0x31ff648e0f88b82dL } },
-    /* 57 << 0 */
-    { { 0xb14ba61cf97f865cL,0x73bae4c1694b8b0dL,0xa14967dfac4bbf62L,
-        0x1e9dd1509bf446e0L,0xc052f3eb1c99ceefL,0x814d7fa07a78c189L },
-      { 0xa101a483ab74b05dL,0x7788c258a1737b65L,0x0d60bab7e809a13cL,
-        0x8f427bc473c81d5bL,0xd2e130552952c1fcL,0x0a823b9a4b26df63L } },
-    /* 58 << 0 */
-    { { 0x941c5c257d0be180L,0x341cf9d9c46785afL,0xdab9dc0015b0fa13L,
-        0xa58db4ea4f96af4fL,0x9e9520bf57acc87aL,0x104cec0666ac72e0L },
-      { 0x9f3f7baa1929e675L,0xb8b4ac9ffa80380aL,0xb5f157aa569b57d8L,
-        0xe11699e909fa58a1L,0xc08595e35548fbeaL,0x2b51995f794da901L } },
-    /* 59 << 0 */
-    { { 0xaf467ce227bf64c9L,0xdfca6897f929974cL,0x64473b595c322738L,
-        0x96a917cf1ed0e315L,0x3703435b0de64db9L,0x9ba039679267b646L },
-      { 0xdf0c2aae3a522fbeL,0x41bdb741b335eff0L,0xaccf2edd7b059703L,
-        0x6fb34b3028463cceL,0x96d9ba0bd9e3ca19L,0xff336f12504655c1L } },
-    /* 60 << 0 */
-    { { 0xc711d5d1c425543eL,0xa61fada6fb4f60e8L,0x0402d5c4eb809f85L,
-        0x84b7c2fed74cccd4L,0x61bba736a55b5277L,0x95bb80cece47968cL },
-      { 0x09f92adc16eb7b95L,0xf0e0f4f7e682aa29L,0xacd70b86ad2a20fcL,
-        0xbb45a51f948a8375L,0x29fc3b284892e676L,0x8dd21bf0b4ea4f51L } },
-    /* 61 << 0 */
-    { { 0x48da1fd3fc60a6e0L,0x54fb5a34222241e8L,0x6035e34f772ae080L,
-        0x5ff77ff2332982d0L,0x2366467300fe51fdL,0xc93ea049ef6ba006L },
-      { 0x6640f1177d381266L,0x394d32cd6ae9f4acL,0xe6a7885370d303ebL,
-        0x0dda19ffe5275767L,0xb0a6c77201466d23L,0xc4cc11451fc69829L } },
-    /* 62 << 0 */
-    { { 0x49a04dc0f5acf772L,0x1e659730c1fb476eL,0x0c7d749907dbb9afL,
-        0x03b9f1cebfec21daL,0xd194b7054b14d117L,0xcb4c0a54561fedf2L },
-      { 0xaf623d3f21da4d42L,0x5f5e9b1fd630c145L,0x65609e59d9ff0abaL,
-        0x3d2508922ba9239bL,0xcac324ec82c4faa7L,0x0902cc23149446b8L } },
-    /* 63 << 0 */
-    { { 0xc5c0e6d7aaed89c0L,0x6ce8ead6149a1896L,0x7a50f7458c949f8fL,
-        0xcd7e35f76e2b71aaL,0xf6159e519a049f7aL,0x1c9bf0b0f1e52d1eL },
-      { 0x3bb6c1f518202c80L,0x8d3a5f621ecd7b1aL,0x3bb034e888d17f19L,
-        0xdc89bd4997d4048dL,0xf5af7b8e3735df22L,0x52bb3712a0a689e8L } },
-    /* 64 << 0 */
-    { { 0xed4de4f88e89b258L,0x957c980f297a9a37L,0xe04b3d30f8a0580dL,
-        0xa309199dca57b7bdL,0xfc8e87cf3be44d56L,0x4f5d5ab6d1b30e5cL },
-      { 0xb213c6a030a9325bL,0x0fd1c52df091bc01L,0xfe51bbbf1090fedeL,
-        0x6d97cabc301fe259L,0x3ee127895ecd3fe8L,0x888b708b9404ca51L } },
-    /* 0 << 7 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 7 */
-    { { 0xe484fd9f8258030fL,0x0f4fa5eff21af80aL,0xc0dd449e7c1c3984L,
-        0xf313389118eb5195L,0x0336aab8777a16d2L,0xa6661cc4c241720aL },
-      { 0x678db970a7efacd0L,0x228968656461e382L,0x5d85a0e4a022c7a4L,
-        0xb01f1e0434a02a6bL,0x2657eedda5791ce3L,0x239dcab2a277ac5bL } },
-    /* 2 << 7 */
-    { { 0x9a7a5b426ae54da1L,0xcfcadaab7040b022L,0x7539438e3d9f0e61L,
-        0x013c6719e328c2e2L,0x7f4a706ccccbf891L,0xa335ab82735a2d28L },
-      { 0x46694ef03d984124L,0x0e0bdfabc166b337L,0x9d54ed8b423d47e4L,
-        0x8075a8cbf44c9180L,0xd4f5b184abe9b384L,0x424dd00b41abdc75L } },
-    /* 3 << 7 */
-    { { 0x99a710b1400f1d87L,0xec3ca386ee47be8bL,0x3a00dcad37168feeL,
-        0x1a69d6741765a0dfL,0x85233afe917c4909L,0xa3aa97a4e9bd6210L },
-      { 0x01010526310885f3L,0x21c5de3fb5007b08L,0x5df0c6efee8ddabdL,
-        0x5d17d45a0f6dfdefL,0xb73d831a251c9f79L,0x397779e6cb1df19dL } },
-    /* 4 << 7 */
-    { { 0x5e2cb07fd7801edfL,0xf9fa2c0b3adc065aL,0xa296c53fd4de1f25L,
-        0xd408060c838f7169L,0x68e19d7b2e8a6ce7L,0x2cc6e06c94b58671L },
-      { 0x93d02a07c1cb6151L,0xa10fb4cf35003126L,0x6aa069f51aa3bc4eL,
-        0x0e44fbf0dd09b142L,0xe264f343832e5945L,0x5dca2adc1fc166acL } },
-    /* 5 << 7 */
-    { { 0x5f63e391d7afb4c6L,0x85208bcd2bcb4a76L,0x10022d53c3da8fd7L,
-        0x607538c007e50047L,0xdbdb0e7212793242L,0x8e6b9f6135eb668fL },
-      { 0xbe5632887e1da455L,0x5e73e1a06e544e82L,0x0c28a5d29a2da4deL,
-        0x62b30a8822326300L,0x470764f16013086eL,0xcbe2c34cd3ef5fbbL } },
-    /* 6 << 7 */
-    { { 0x9ee4f522b0f6c604L,0x5b8a689d52736e58L,0x0d5f396db7edb07cL,
-        0x09b3457c2e829063L,0xf1d28188f83495daL,0xba2511e6cce559b8L },
-      { 0x17cbaf57d8f90669L,0x3ba19a1c514eacf0L,0x298208995145b8fdL,
-        0x92cb5da81a33b1a7L,0xca49fe334c5149e9L,0x5c499b661772b4c0L } },
-    /* 7 << 7 */
-    { { 0xb98266b132508180L,0xf5008b926719d49dL,0x50c513f98069ffe6L,
-        0x99ceb828a7c6f38eL,0x375b8a8225e2a436L,0xb8197f6c416c073dL },
-      { 0x01663a25eadf09ddL,0xfa2ca1571d7ff230L,0xf3b65b2545284aa4L,
-        0x144dbefe648bd565L,0x6095ed8ab4c24e35L,0xe1f1fa3696ff2020L } },
-    /* 8 << 7 */
-    { { 0x56ad7582a0eb176aL,0x085b5a366e19aa00L,0x85f2c6ffe2c8b036L,
-        0x55c6d357fcd7336bL,0xb1ecc56d22a46acdL,0x8e0f976736277ac7L },
-      { 0xa4ed11e901878921L,0xd38355667f4fb650L,0x5fdaba45266158aaL,
-        0x6f0b27fd89e0dff0L,0x32ef7ae2eb6b02d0L,0x2f145871cc1b46e1L } },
-    /* 9 << 7 */
-    { { 0xc7698dfd4b449cfeL,0x78aacb7bd1517720L,0xaf0f6ef574cd5f32L,
-        0x026f1826f17954e3L,0x33ef67ab2453185bL,0x82f0fcc90a420c0fL },
-      { 0x5b444b3645f154b1L,0xb27c4ece70d17f90L,0x6417e0d039282194L,
-        0xebfb5fa001aa4f4fL,0x9cc5d0b573932754L,0xe8b56699704ffd85L } },
-    /* 10 << 7 */
-    { { 0xc112733b9d4075dcL,0x349281c187737549L,0xbb7d8e0181009785L,
-        0x7640a3e2bfe16c4fL,0x4e34813ec1d9f810L,0x61985fbc8d2605d7L },
-      { 0x2a544cd8e3f66442L,0x48879af56a7c9e94L,0x9e6157bacec18a7eL,
-        0xa555fc9511b882d6L,0x4305a4dd04f86563L,0xc58ed7631d0fd96eL } },
-    /* 11 << 7 */
-    { { 0xaaeec0f9b726e2edL,0x243ba6614493d146L,0xd799c3408980a9fbL,
-        0x886e4f44ed060f57L,0x52126b82c1f83f6eL,0x8b4978441df301ceL },
-      { 0xeb2a98abcdc4e434L,0x87dec119474e2c77L,0xcbbc613092eb1528L,
-        0xb0b0bcf7c454f37eL,0x404d97a7e1a919d3L,0x26d1baa825e62c30L } },
-    /* 12 << 7 */
-    { { 0xf04145e82d2696b3L,0xaffb66acf4fb2928L,0x9ffcba4e12aa299fL,
-        0xcc5ec24991b3b517L,0x9edcd4616f81c747L,0x0a96090a77a883ebL },
-      { 0x9b0bab58a2aa4badL,0x76359a5e8f9b84e7L,0xfe8cd81e438a9d43L,
-        0xf40e2b5e25ca8b3cL,0x4254030067bc720cL,0x883002a46b2446a3L } },
-    /* 13 << 7 */
-    { { 0x4b43bd3206c3aa7bL,0x83ca2db60a470b08L,0x07c1036c06f22f37L,
-        0x312e04d7bbb46ed2L,0x6a1d70a40193e5f6L,0xc69720e8ba8a3f38L },
-      { 0x2c003429468a04b1L,0x885c43bfbc83fe25L,0x65a65259393e00e8L,
-        0x7154c7ac2af17741L,0x682224d331dda744L,0x6183dd8bc80b57f5L } },
-    /* 14 << 7 */
-    { { 0x80e1cd16c496089aL,0x7a59f4c06ec2000fL,0x67a019d509ddce06L,
-        0x52573e3e70c4b032L,0x16d253e14d3ba57eL,0xa43c6d42162504f7L },
-      { 0xa237bbf952ff95e4L,0x81187e659acb7273L,0x4b13531a1f384daeL,
-        0x39067f3398125165L,0xe98fb141672dccc1L,0x594baca0a75e27b5L } },
-    /* 15 << 7 */
-    { { 0x85e12293c205465bL,0x57bbcfb1b71cbe44L,0x201ed45c1bc85881L,
-        0xccbc39d5ccbe7dacL,0xc509b77f9277f310L,0x171b603aca1b70efL },
-      { 0x9b99605504d2dbbeL,0x986d6323451c918dL,0x75ad922f63c6fb03L,
-        0x69e2cca49630182fL,0x1389a2b7f7b34d1fL,0xa66a80323d4f7c7fL } },
-    /* 16 << 7 */
-    { { 0xe65245cef6e9f82cL,0x9e234dfff6da7b5aL,0x5677c121bad2c806L,
-        0xc52dec32060fcf24L,0x78d070675d78cccaL,0x630002ea1bc8b6fbL },
-      { 0xc5cb86beeb2e99aeL,0xf13981e78551d16fL,0xfbb7cdf2c92a70d7L,
-        0x5a9ff1f1f53cd2a1L,0xfdbe6b7a984f1139L,0x4403d046a470a9f1L } },
-    /* 17 << 7 */
-    { { 0xdf8c9325efcc63faL,0xe0d35cd966563147L,0x140b9a8bc144d7b9L,
-        0x492bfbd70c17c75fL,0x3cbc2b644c5c4d8bL,0xfecfaf47ff8a3328L },
-      { 0xaf341aa179b8c3d5L,0x5e72713ff04f29e6L,0x652219fb9f5b6fb6L,
-        0x9deeba3f0764460fL,0xb8c2bfa5fa069d0fL,0x5d3e6fefe57be3e2L } },
-    /* 18 << 7 */
-    { { 0x52c9b94decd84cacL,0x34c2d0ad446dc59bL,0x5563701d951878ceL,
-        0x92e2fc1c843c9b1cL,0x2309a5f13dfc7a98L,0xdaf117dc0c57a156L },
-      { 0x5739190d359fb843L,0xd433e9bb4b88e3a8L,0x4d6bb0e2c47a1f45L,
-        0x511eaa33d7b59627L,0x42ef82c5e389e532L,0x641a0bdcd75f4c08L } },
-    /* 19 << 7 */
-    { { 0x3ae32dbdc7e30cc3L,0x0c970135af5d0ea3L,0x8fc38e50bd9a0528L,
-        0xdb0506791bfa634aL,0xf3514fbd245cb0dcL,0x3a3c8c6982319ddeL },
-      { 0x92136baf6426632fL,0xabc3e24aabdd5641L,0x8ccae1429cc004baL,
-        0x6c9834d8b3ee0d66L,0xa807ab63e1f7e8d7L,0xb4598e2a220aea7cL } },
-    /* 20 << 7 */
-    { { 0x19821469d678d1a3L,0xf9fa42e60df2f58dL,0x1177daf49f284ba0L,
-        0x6dd2ad3d2a201dafL,0x667b0e383d427075L,0x39b76d1d4212b65aL },
-      { 0xc6720ae0bf3612fcL,0x72559d98775f8137L,0x466e8e4476c48a09L,
-        0xa05f8eb07fb5428aL,0x7fa1fbce5e36b7d3L,0x13bab84f8d1fdcd1L } },
-    /* 21 << 7 */
-    { { 0xf1876140ed6f3524L,0x47171ee5cb94b2adL,0x56d836abcb8de844L,
-        0x346e80890d3b4271L,0x0110df1fdabf6a02L,0x6850fba1f571cb92L },
-      { 0x490cd9af6209f064L,0x41f32d5f1cf5636cL,0x558bb7ddc328f9dcL,
-        0x44abd0b9d32e3e4dL,0x2c42a5607fc2ff0eL,0x8b1dc5e12c9931f5L } },
-    /* 22 << 7 */
-    { { 0x6a35f6efdca1ce69L,0x04216d3184de3658L,0x3c3010df732f31b1L,
-        0xe4421a872c1444b8L,0x17c987a3c59c1ccbL,0xd67159dba297df1bL },
-      { 0xd13aa7a0bc96041dL,0x686d7b77f44c3d8fL,0x6c2e505f09b2b933L,
-        0x8c04eb8256161b34L,0x61785cb4b344bec6L,0x60b4d06cbf8b0b45L } },
-    /* 23 << 7 */
-    { { 0xe5b055481883c1bcL,0xd5bc37684597b8afL,0xa71ae49adb2fae11L,
-        0xc1ac1b3e050327f0L,0xd990b2a668f3cb1aL,0x566e5175b74a3228L },
-      { 0x348d382957909fe3L,0xe849dd8dd03c2374L,0x4f31a278150fb5b4L,
-        0xbfe265cf168c0798L,0x2737c156ce6a34beL,0x4478d6ae4aa6b73fL } },
-    /* 24 << 7 */
-    { { 0xb5b16cd48d040c69L,0xfdaba315f95a2dc4L,0xc9fef34961ce4704L,
-        0x5fe87a0ddbb53ed6L,0x3f0ccc7973d70f93L,0x4601d1bc46724a1aL },
-      { 0x5c4a15ae24f08565L,0x5eda1e8aaa577320L,0xe31ebb35bb32d307L,
-        0xcdc6f13bdc770a0eL,0xbe3ae514c434c2f8L,0x57c7fdf63a0ef0d1L } },
-    /* 25 << 7 */
-    { { 0x85165ea2d71c01a5L,0x3935171c99a29e59L,0x2aa1b5837d326190L,
-        0xb1d702f8e79f3959L,0x94100c65c6ddffd0L,0xd1d56d626a9c54c6L },
-      { 0x5c93b4cf7ce12b66L,0xfc28574bb32a90caL,0xcd654a96e755969cL,
-        0xa06f436cd1bec664L,0x9b27c110ffb6f3e6L,0x529b77d317b476c4L } },
-    /* 26 << 7 */
-    { { 0x04c3d9e162ccecd4L,0x6050bc1221cb59a1L,0xb33847543cbb7e07L,
-        0xef2201ac4cf1be50L,0x99c3dda42d2ac886L,0xad19cb0ab776eff3L },
-      { 0xd326dd7f5a3d9036L,0x9fe56af2e5b27667L,0x3d849fc072cea4d1L,
-        0x262a0cbcd6aa9e3cL,0x8286211885401b09L,0x8ec71d4b98fe8047L } },
-    /* 27 << 7 */
-    { { 0x9b769cc43c6b2de7L,0x433d4c26acb13b6dL,0x52878f517530ef4fL,
-        0xd0e7ce94b0c5354aL,0x5b094d461d92dbc1L,0x75f681449e4ffb31L },
-      { 0xb9b9e97351b9d1e1L,0xc147ba4698661569L,0x2a06f4cb7a239309L,
-        0xd5cb5ad420928958L,0xbde0283bd5bdf5c6L,0xb91664a082e43c18L } },
-    /* 28 << 7 */
-    { { 0x8fc0cfa6e51d078aL,0x431d9dd5744ca779L,0x37a4f3120e96e887L,
-        0x9c3624fa03ea5144L,0x47d5ecda0b1127f4L,0x018ad424807cf96dL },
-      { 0x58ba530f586b16b9L,0xec7271ed72f47883L,0x8d2918da0281ac88L,
-        0x6d0f14ef002330c9L,0x1a90a01591dc35caL,0xeb8e71e9c81607dcL } },
-    /* 29 << 7 */
-    { { 0x2eab9c5ee6d01fd3L,0xe030e6d23fa77f57L,0xff41311877edc0e9L,
-        0x7817766bb47ca351L,0x70c987e36cb15abaL,0xc3c867ace19c5aa4L },
-      { 0xc24ec23ea05c3810L,0x3965a165c4f0f350L,0x52af99cf7c0d8e5bL,
-        0x2d95d23c106e0b12L,0x27507b297f6d44d3L,0x33da846858b191f9L } },
-    /* 30 << 7 */
-    { { 0x8e5785629aa664e0L,0xf3a1cfc329a97c9bL,0x91ce3b404037bd09L,
-        0x34c447b07f9f2482L,0xebe360164010c2a6L,0x7b8b9b3afdc0a861L },
-      { 0x0e60c49199c4ff9fL,0xf1cf53b1053e703bL,0xabeae550dd974a16L,
-        0x28ac5a34994ea50eL,0x9384617d27329793L,0xd04db83ddad0aec7L } },
-    /* 31 << 7 */
-    { { 0xcb0ec2bd4b1537bcL,0xd0de683cbac6569bL,0x0688dbee5c96afb7L,
-        0x7c7d192f3324ab6fL,0x1455b1e6165fe655L,0x32d135a1ccfe9e1cL },
-      { 0x05a80a2af9e1a86fL,0xdc946c70479c71f1L,0xf8b9ad985aaa0ff3L,
-        0x78cf198ef195bbceL,0xadbc082dfcee6b59L,0xe6e1fa844cd19e25L } },
-    /* 32 << 7 */
-    { { 0xeb06571c0f547ebaL,0xf292c38d6246c0dcL,0xa185966726eed224L,
-        0x8d9e56e46100e387L,0x470506b9dc6298d1L,0xb19e084cf3350ad0L },
-      { 0x83eb62a812abd898L,0x70f152cc2222342cL,0xb089e880e1bd4a82L,
-        0xd4d1e70fcaf3b3fcL,0xd0b1ec6395ffd65cL,0x79f27f3a9b184ebbL } },
-    /* 33 << 7 */
-    { { 0xb4a7435231a3e816L,0xba8a0af2fd4ada3aL,0x1622289dd8fed2e4L,
-        0xb71e579e31d3745cL,0xb090650704a50576L,0xc98b5f20123f900fL },
-      { 0x3799ee82d3587b21L,0xafdd6dc79d9abe55L,0x4053ee2aba64b9d7L,
-        0xa816246657b3f258L,0xd9b5c4c4690b1169L,0x32c1d3afd091d158L } },
-    /* 34 << 7 */
-    { { 0xff5a9c58de97d0d7L,0xec086138feede4acL,0x55b14035ebf47cecL,
-        0xc0b3e061c619fe18L,0x5644c092ead4ebe9L,0xa1a4f7a41e5e0a61L },
-      { 0x8698da06d179219cL,0x86f560bc3f88f732L,0x6ad10b3f1e34a23dL,
-        0xd4326bb71307ede6L,0xc93cd2a19b3045adL,0x5a0b733dd8a5160aL } },
-    /* 35 << 7 */
-    { { 0x68ef87cdeaedf10dL,0x5ce97a07bed10cb6L,0x9b8dbd896ed762c1L,
-        0x1a72b05333c1dcd8L,0x6718eff90f97cfa6L,0x02f886e57dda698bL },
-      { 0x9db378a8c724f4c7L,0x5b55b8383fa6548aL,0x9935a70ecb24bdf9L,
-        0xf5da6936e9de8ae0L,0x3b3a10a79b0c4bcfL,0xe4e6a6e86361c492L } },
-    /* 36 << 7 */
-    { { 0xb37fc581c634a8f8L,0x06f06c93de1d01acL,0x0f2dac8452fed4ccL,
-        0x1673c81bda53f81fL,0x963e500e61e11c94L,0xe86ff87e2144d55fL },
-      { 0x343ddf389bbaec76L,0x16a13527806df1edL,0x1361b5ac0a9edd65L,
-        0xf20507fe33c0124fL,0xdf64ec1e4e8e0d18L,0x3f6a42e27860a8f2L } },
-    /* 37 << 7 */
-    { { 0xe6db1c43d38266a7L,0x55bee1a3adec0d4dL,0xe41c403ed56d2f9dL,
-        0x5fb703f24d3cd93cL,0x4d7ae8c53d2a7ccaL,0x65c8ac50ffa5fff2L },
-      { 0x128814ec264dfa80L,0x08d1372ea642513fL,0xfc5ea1615343a57bL,
-        0xc70a6f2f9a2f3f3cL,0xfe61c499df4963f1L,0x2b711eee5cea1508L } },
-    /* 38 << 7 */
-    { { 0xfc3e9fb252f9a4f3L,0x8bbeeff32180cd36L,0x274312dbd6438c99L,
-        0xbd30984a55612a57L,0x344006d609381db3L,0xd9b696f62bcac509L },
-      { 0x481e4ea3bef646d0L,0x213033d430561b68L,0xf46bf9a05453f623L,
-        0x2af3c4a46d848d97L,0xc35e55a543efa02eL,0x8da254342462874dL } },
-    /* 39 << 7 */
-    { { 0x1f7fda656a12b927L,0xf628cfac876b9303L,0x1904a0b5d0d0d0b2L,
-        0x46d486f6f2894b1dL,0xd35cb5610d243bfeL,0xe759579b851a568eL },
-      { 0xb99572e2c1aeda5cL,0x872e16fb1c54cd1eL,0xf5ec9e42a60fdc40L,
-        0x59b03a6201a4b019L,0x9c5e7f87e272e064L,0x6240282f24c918a2L } },
-    /* 40 << 7 */
-    { { 0xc2467f9ab92a9a13L,0x0c3ee8eb6add349aL,0x59250eda45e99644L,
-        0x22ce0635c8a2df27L,0xec7b643e312e8698L,0x334ccf2eaebd1587L },
-      { 0x0c1c68736bca2900L,0x00beb4c209826cb1L,0x12dbb586cde6b725L,
-        0x8d7cee6c66dfed41L,0xc38deba2014de4c8L,0xa3ba6ec76248442dL } },
-    /* 41 << 7 */
-    { { 0x870be3ebef38abf3L,0x6e0cf541f74dc605L,0x499976bcda4bc168L,
-        0x5513c6122548b3b8L,0x5b9a054c3f647360L,0xa47f9f8bde929154L },
-      { 0xa2ae9ccbb8ec35b4L,0x934c5c0a4d9857e3L,0xc9dd66cc4b4f01ffL,
-        0x42a1afa2e5b5e147L,0xc284e464f3d9b380L,0x67845404e21bbe63L } },
-    /* 42 << 7 */
-    { { 0x9ec1ed3342ec772dL,0xa77e1ecf5501609bL,0xb059e214a02906f8L,
-        0x35b2ebceb28e4d14L,0xb8453ec22cf036eaL,0xe621234b2518fe75L },
-      { 0x079d7d11f03cd158L,0x357492f91b2f011aL,0x3c2186da0661992aL,
-        0x7adc1c0fe5df978aL,0x88d329db5300cdccL,0xd915c2444c0d644dL } },
-    /* 43 << 7 */
-    { { 0x1b9797a8f0ff03f6L,0x00dafe43f41c9284L,0x1e565c33f2bdc817L,
-        0x63b77ad9784b1a5dL,0x3304540e74aa6079L,0x630524f3d7181d2bL },
-      { 0xb4fe5fcca2804658L,0x1e48e50b9e393a6eL,0xb5bccd49397a94a5L,
-        0x95394743eef17accL,0x4d67ba5226dd1687L,0x80965c3432349d9fL } },
-    /* 44 << 7 */
-    { { 0x1d70669e49f1216eL,0x8645472fa5fca474L,0x9242e8ddfc400357L,
-        0xe7ac31548623996fL,0x37b9e68ce61aecb5L,0x7d2e10fdb997e4c9L },
-      { 0xc0cb59a6c2086dc9L,0xb38e2032d7952172L,0x78eaecf6eebac939L,
-        0xece490b42f5dbaaeL,0xdb17501dcdc32565L,0x59bd392ab133bf99L } },
-    /* 45 << 7 */
-    { { 0x71554fae07de21a7L,0x3dd66b8bcc42db25L,0x9da85c0f0636e9a4L,
-        0x61fef273904930d8L,0xcc8f527b73369e81L,0x4207dfab7caeacd8L },
-      { 0x99e5d1404fc763d7L,0x5cc6a3739f4e8947L,0x9ef14ec1cde33eaeL,
-        0x25eb3aa8095872d2L,0x0db8268d7d9e6dd9L,0x38846510c2ccfe92L } },
-    /* 46 << 7 */
-    { { 0xce6197e822d0a502L,0x69df7f8e09d45970L,0x0274f48b7eb4718dL,
-        0x47461334a8c22b75L,0x89cebf17bf25b9abL,0x57c042f6fdfea412L },
-      { 0xb19c338644346b96L,0xdba17de06ba014c4L,0x6697687a5f844d69L,
-        0xf16dee4c1a66c6faL,0x7f916e47fdafd0d7L,0x1c3842d2340f158cL } },
-    /* 47 << 7 */
-    { { 0x417c9ab760efab2aL,0x1745d5c2f0065f75L,0x1a7d86f2ed71b350L,
-        0x6d4d504feee5c850L,0x4ae7ee0da657b859L,0x1f72ded53c302a3fL },
-      { 0x08779fdae7b22e51L,0xb04c1c0446d90bfdL,0x4dc97219712f96d0L,
-        0xb15e8c0041a6be82L,0x384a02cca3804090L,0xcea45861babd1ee5L } },
-    /* 48 << 7 */
-    { { 0x3c686079d42aeb95L,0xc162e5e985e3ea0fL,0x34cf58611bbb2455L,
-        0x7650de1d8773b064L,0x3b7562c6d2bab35dL,0x83191b4433d0741bL },
-      { 0x4b604db03a6bd9cfL,0x87cd84db074aed21L,0x02a042d2d4f91f9cL,
-        0x5a5d52e5e42c2a67L,0x31291acd1d5f216aL,0x9c3971bccd6203c8L } },
-    /* 49 << 7 */
-    { { 0xec931d6599e9ec3fL,0xe9d780c64bd554d9L,0xa580534502eca45cL,
-        0x84701f1ac1276ca3L,0xcb7ba786d5f9438bL,0xf3a27508c85f663aL },
-      { 0x044df512118c9421L,0x1109fd431039871bL,0x7865443de2378386L,
-        0x7a5e2d49e70297abL,0x112763ca6824d2b3L,0x8a05f2c90e84bba5L } },
-    /* 50 << 7 */
-    { { 0xde3bfdebff044924L,0xd7f2a5181a0458f9L,0xc03df0c00139d557L,
-        0x7a958c60cd3ad0d4L,0xec9f2f9759a43584L,0x5e0fbba950d8b4b6L },
-      { 0x5fbc5e3888245837L,0x17235805a267a54aL,0xdc24a508db55d65bL,
-        0x431e4d5623c704d1L,0xb1f85b2277585f9cL,0xb288f25ed0b1c374L } },
-    /* 51 << 7 */
-    { { 0xd8fd5b405a37c029L,0x5c9d827fe4d37effL,0xe024d7952e046275L,
-        0x0661277f913c55c6L,0x21ee10eb904b3679L,0x32c582e066778adfL },
-      { 0xc353ab1fba8d17daL,0x1d4ab06b5658ea17L,0xb908cb88a2d70bb4L,
-        0xfc215909a98daaebL,0x7aea6c8777000e24L,0x19e0acbe38446e20L } },
-    /* 52 << 7 */
-    { { 0x1bc3803e2f98532bL,0x39d0c3258754d142L,0xa7b035c5d739eaefL,
-        0xd36ddeb8fbfdea2dL,0x7df72a94bdf64f2aL,0xab4ad6b880bc3c47L },
-      { 0xdf386df3877fa482L,0x4b94260470519bc3L,0xa3399d91d20e1e04L,
-        0x7f5208b797cf58ccL,0x528f6a2814424c00L,0x83d74730bd900d10L } },
-    /* 53 << 7 */
-    { { 0x501c657f34ded7f1L,0x9071027e12fa53bbL,0x395e16aedff079ccL,
-        0xea95dc84770ac4b2L,0x4d2aa60a41355974L,0xe04effa507f12473L },
-      { 0x38ca98385cd1c738L,0x3c067a0b683c0dbaL,0x55ad2dec67589842L,
-        0xe51550f7dfdae3c8L,0x21a56717214d51aeL,0x75b6a4a012a0fdcdL } },
-    /* 54 << 7 */
-    { { 0xd63605266a4ea95bL,0x180f72d403e67090L,0x7faf4529751c8c9fL,
-        0x1ab7b50d00e4252aL,0xc0e69adf34811274L,0x5c4c83495e99c6ccL },
-      { 0xcc9467f29a9e02a9L,0x5402c2da5c4fc719L,0x1dff8c5d3f6d5bddL,
-        0x88a7d27a2c653c3cL,0x067f31183a050dc7L,0xca0f7dafc4f0236eL } },
-    /* 55 << 7 */
-    { { 0xa09306e9ca177c3bL,0xea84f03ed0552a4dL,0x7ae9024f3c00d359L,
-        0xe189ebc33aa619faL,0x4adeefac8354579bL,0x90168ef9699db1ebL },
-      { 0x75319141ad87490aL,0x7b48fe7629c1bf84L,0x00ae82c7a2235f2aL,
-        0x6292c9cf68562b59L,0x0b6500943935ca20L,0x39f22cb027f33addL } },
-    /* 56 << 7 */
-    { { 0x92e4c851aa1ef488L,0x4f91fc22846528a9L,0xaa2f5d2d5dc13a84L,
-        0xba06aa68f1072d4dL,0xf4f3b17c5e3a2ba9L,0xff36a5355e4dde77L },
-      { 0xe8ef143aae17dddcL,0xcc82631ba1fcd4ecL,0x97db807ec7d3963bL,
-        0xe4aff04521d85ce2L,0x2d6480e674667392L,0xc8ce97f3a55d0b3fL } },
-    /* 57 << 7 */
-    { { 0x1a32b8457962a675L,0xd78efd71723d217dL,0x9b03d6573b41a2c5L,
-        0x1116f33589a380b1L,0x2c0359af931ee15bL,0x8a53744f239ba4c4L },
-      { 0x4801397dc78cdc83L,0xc43b9f0434ae4453L,0x9cc8f6cec356a35bL,
-        0xd5a74c2a648b39e6L,0xa54d668c0d5e78fbL,0x36257047cfcb8f6aL } },
-    /* 58 << 7 */
-    { { 0xabeef3461549c215L,0xfec59db2ce4aee45L,0xa1743a0f5305df83L,
-        0x9d598abdf211bacfL,0xd14609dd52a513fdL,0xd3dc446be00d4ad0L },
-      { 0xbd8883e9b272211aL,0xe991e57757879fd6L,0x5a093d372b732171L,
-        0xdd901071f55f18dbL,0x87f04c0034fecfd1L,0x2c07df27c94f6a5bL } },
-    /* 59 << 7 */
-    { { 0x518e3ced1c17df0cL,0xf8971149ff5dbc4eL,0x5fec8bfe0ac9d27cL,
-        0x41d68852489eed7dL,0xf48ef4bf3c3c4725L,0x3b8d9eee7681eceaL },
-      { 0x7743ededdaae4bdcL,0xb9665ef5d1bcf697L,0x9d77f535471bb958L,
-        0xb5db5b96d752b2ddL,0x2cd3c919c368982dL,0xf8297660e9cff6d7L } },
-    /* 60 << 7 */
-    { { 0x39e7da1028946a2eL,0x4e628a96c3a76f7cL,0x43b8b808e9f6000aL,
-        0x86cbd25ca48bbb79L,0x5ce825e273092951L,0x43a6031df0cbee32L },
-      { 0x6d685a594923485dL,0x8d4483ed81a17f47L,0xf61d329bbc379719L,
-        0x9deef7d0f6596ee8L,0x0314a572541b1222L,0xe2b34d387ea7d376L } },
-    /* 61 << 7 */
-    { { 0x05ff6faa31f43d37L,0xfb83f23211b801f6L,0x238792d519b223a4L,
-        0x28edadcce004f601L,0xf77747b3bdeb7597L,0x2178dbe21e6575d4L },
-      { 0xd48ec49842870ba2L,0x7733661d15dca6dfL,0x08212e2f83393416L,
-        0xffa1bfe2614c545cL,0xfaf4ab8494254145L,0xd8f9eb48000d250cL } },
-    /* 62 << 7 */
-    { { 0x9ff4f289a66132a2L,0xc54fb8001e098994L,0x09d3cd6624cc2471L,
-        0x6d0f74167838e14bL,0x7438cd2dc540cbdaL,0x193b16817d6fa8b4L },
-      { 0x487a7dedab33c6f3L,0x625eb8cf02f5aa09L,0xd8039682501323bdL,
-        0x9de122e38e216951L,0x40a8fbde0711c51aL,0xf192b5c283a474c3L } },
-    /* 63 << 7 */
-    { { 0x3782cbda57e04e9cL,0xec639886e41b30dfL,0x4cd14afd12d2f686L,
-        0x0aa093ee8b768113L,0x6cfc12cdad598f9dL,0xe4a62f1194bcce0fL },
-      { 0xd5035fab150ad4f2L,0xb3cd4871ae2e8da4L,0x49c9e78271ad9c3dL,
-        0xdcafeb34825690cdL,0xc05fb7a38c246f85L,0xefe16be3a82cc013L } },
-    /* 64 << 7 */
-    { { 0xd42777314c14ee0eL,0xda8146d15e881c3fL,0x6b0746b099f1867cL,
-        0x1ec73d72602dd4ccL,0x27fae51538081120L,0x6a677bdc2f8b2f2dL },
-      { 0xb924af64d60544e9L,0x1439e183dcfc6b16L,0x4e88e9ae068565acL,
-        0x8a3dbd25a9a4f146L,0xdb4a3e483f93f734L,0xb1971c058f1d33bcL } },
-    /* 0 << 14 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 14 */
-    { { 0x721bb8363a7f43c3L,0xab5b3108c12dca0fL,0x9cc9a78934853870L,
-        0x78b604a7af598c4fL,0xd370375e476f27c8L,0x9f0415b80b15cba5L },
-      { 0x2bcfd9a4d400dc1fL,0x2a6fe03b4bc62dddL,0xb05a6464a211b19fL,
-        0xce059d419990b504L,0x011c5f87d94951d3L,0x13cec08900d9c7b0L } },
-    /* 2 << 14 */
-    { { 0xf365419f9b280fd9L,0x13e3b12746365672L,0x8a91c165c41880aaL,
-        0x3eb27a97f9712fbdL,0xa6587aec76c55678L,0x7c3a04b702cd79cfL },
-      { 0xfc878f9cda712eb8L,0x076e61170fca3e02L,0x09a184d8caf6df5eL,
-        0xd32bf232aabcde75L,0xf601d0de03de597aL,0x85d2b5fcc5da2858L } },
-    /* 3 << 14 */
-    { { 0x3075a7636c888df8L,0x6305c20472e21527L,0x6b1d683e8798aad9L,
-        0x0d09624680706369L,0x91db5e7f7b854739L,0x0e63cc6e02d72332L },
-      { 0xe929e3ea1f7ff6ccL,0xd53a18a145595925L,0x867916cb93af8be1L,
-        0x757e9f56c5c305eeL,0x3f9071c75c83063cL,0xccc0f92d7f6d5bb7L } },
-    /* 4 << 14 */
-    { { 0xb6029961ae899afaL,0x8eedd66e681b6e1bL,0x82db693b4df3e5b1L,
-        0xb5131488a0c3e357L,0xbfb01ff3ccb2f577L,0x28ea947027a72cc3L },
-      { 0x26170928e39e325eL,0x42d4876b84f80188L,0x0bec6a634c872d76L,
-        0xa0a7cc90b14d9c9fL,0x8a32d2c44f6c7778L,0xe7cd346e3b889a4cL } },
-    /* 5 << 14 */
-    { { 0xab35a14f5a4a3753L,0x1d0d5a142bbbd563L,0x54cfffc5998d4514L,
-        0x1c02f381a77ed59bL,0xe4a7a6ab21c9c190L,0x50059df54a9adb60L },
-      { 0x2d0383ba34bd7008L,0x894889bedf1a4f41L,0xe541c62612ac407dL,
-        0xcc0e417964c3b62bL,0xdb8ca1f33a0978b2L,0x4ef45a2d287e8c6cL } },
-    /* 6 << 14 */
-    { { 0xea95b5c9437f2efbL,0x67d3e9b58e52ce8eL,0xfb33102488ff5455L,
-        0x883ec9fcc3101dedL,0x056218e20ca5f1f9L,0x4c9b2483bccc65d8L },
-      { 0x13199b26123db2ecL,0xbc1d82479aff90dbL,0xc4a9311d367516f6L,
-        0x3b40c867cb6e90d6L,0xff674ff84034415cL,0x2787db45a1821e7eL } },
-    /* 7 << 14 */
-    { { 0xacc263fcadeb8508L,0xb52ebcd719854c90L,0x3d54e7805f2ce0aaL,
-        0x2fc056a97e02e760L,0x47e7173e32da5f93L,0x1d468de3fa893134L },
-      { 0x9adc877dd73396b5L,0x430826afeeb00c82L,0xfde2c3da96a673caL,
-        0x467575ad33e43f9cL,0xc3b2c3a1ec1df2f0L,0xf0348e6f2252a8a6L } },
-    /* 8 << 14 */
-    { { 0x860ef794609683acL,0xf0631ad39af1c522L,0x322c83662ee7f522L,
-        0x58ccd95f54122af0L,0x7454880c2bbb2d80L,0xea173d8286d8d577L },
-      { 0xd5a3057cea1cc801L,0xfd08d482bbb2a189L,0x26aac99ec3c512f8L,
-        0xc3eac036556d891eL,0x866c3aa7bf9f6112L,0x7c4c8fb9c144f7e9L } },
-    /* 9 << 14 */
-    { { 0x989eef73a9109d83L,0xbe43bd378edd17dfL,0x14a63abd1b17029bL,
-        0xfd14ae365ff76860L,0x689dd0a6b8730632L,0x01eb37f147342f9aL },
-      { 0x619bab45e6c446a3L,0x93d26fc97abddba4L,0xda6c120486ffa4cdL,
-        0xc608937548758279L,0xaf074ea3034a7230L,0xf220244b82ce176dL } },
-    /* 10 << 14 */
-    { { 0xc0c1eb0f8343f5ddL,0xa205e66a0126fa2dL,0x37530a3244fd8be4L,
-        0x3c7af6f696ab64cfL,0x1f04305076657202L,0x2c59d31c828f3fb1L },
-      { 0xa61cba51e7f5926eL,0xb2de427391ebeb81L,0x976f2c34bb855476L,
-        0x0c6c02c3269e4f86L,0xc69bed8fe2e01fffL,0x19aa421c480bf7b4L } },
-    /* 11 << 14 */
-    { { 0xb32e8e229affa929L,0x69ebb533bb7db327L,0x10ac3360a8a8d088L,
-        0x066cffa7c485517fL,0x2393e74c12b8eebaL,0xb3a8825a596c8412L },
-      { 0xe2b99fc3bc8b6b92L,0xd7716da085ca802dL,0x92f6693f4de5101fL,
-        0xe8b0442304be34eaL,0x05b44ef648324966L,0xa89d9499413df57fL } },
-    /* 12 << 14 */
-    { { 0xad0d24c7b617206bL,0xb8be483f9dd13f59L,0xa55134ff7655aa29L,
-        0xa3d103857a5e217eL,0xfbb9eeb53a21b295L,0x1de71555c84a136dL },
-      { 0x7579398e0b7487b3L,0xc6ca9575a14dce87L,0x99b32e1e46452257L,
-        0x99d54955479d8f2cL,0xc2a8a6a1930b80efL,0x58d9db81656c850bL } },
-    /* 13 << 14 */
-    { { 0x0c8fe2e04d89b43aL,0xe4d923e77a04e492L,0x49ecb701617df01cL,
-        0x6d80f249bff9a819L,0xf01e604acb7f86c1L,0xd6d3a6664b7f1455L },
-      { 0x657801c19188fb17L,0x339d79450dc92875L,0xca798cf57ec0b757L,
-        0xc0808852a62301c2L,0x2dda13558266c908L,0x22bcde8f5e55da21L } },
-    /* 14 << 14 */
-    { { 0x6c85a0eda682508cL,0x8350b515edcce6c8L,0xa84a67656f95898dL,
-        0x55b0ae971e419847L,0x11115c6edd6a885dL,0x6f0beaf64fb174a4L },
-      { 0xaaae44b2815af3afL,0xcf0697b9927a2c1cL,0x37639d62d7d645eeL,
-        0x157b7eda2effec37L,0xb55e50759b9c66e6L,0x33a66a1f85f597ecL } },
-    /* 15 << 14 */
-    { { 0x8260c5339b49bb46L,0x3f3df9d6437cac27L,0xd0723229d972d2a8L,
-        0xe544a216d0dd92abL,0xeea4a0f5a03588f6L,0x54006166b218dec0L },
-      { 0x0fae2be85778113bL,0xbb9618d68d570227L,0x3ba87360297a47aaL,
-        0x9483a8399a76dd6eL,0xa803edaf6eb061b7L,0x6790050cf8067cf4L } },
-    /* 16 << 14 */
-    { { 0x171898aa8f7782b6L,0x8b7a706b499b3a81L,0xbc0e835ffdb2c1baL,
-        0x4ee30281591f5aafL,0xfd71de3bcc272c6aL,0x532800c46e93f68aL },
-      { 0x35ee08048365c576L,0x6c2bcc94cd4c0221L,0x49f37ff5957b2ff6L,
-        0x315d8e7e5ec029c0L,0x33230602ef324c12L,0xf5847f9b966b2578L } },
-    /* 17 << 14 */
-    { { 0xed88aa550bf098d0L,0xbc9888fd75f90180L,0x9040919207713428L,
-        0x38922bbc1a1f71ddL,0xa430fb65bfbf0f55L,0xa258b9ba867c1998L },
-      { 0xa7f69b03b7294c58L,0x2ec0c5de84dbc1e5L,0x41c9e5207dba8d62L,
-        0x545573f1795d8285L,0x1c24a375d3075041L,0x687e1cc8fb6b88dcL } },
-    /* 18 << 14 */
-    { { 0xc29b123e1453b1e1L,0xefb0778820059b44L,0x15554ade9291671eL,
-        0xeb5a1980429dea37L,0xf96dacbb6c4b867dL,0x4f5563d6abab4d68L },
-      { 0xb5b0ecffcbe76297L,0x5a22996a51d6bd43L,0x0088ec95b7e5cfc6L,
-        0x4863a5a1fe373e05L,0x42b7925bc244d93dL,0x85bad13540117113L } },
-    /* 19 << 14 */
-    { { 0x01725fbe8201fae2L,0xee4d7d382dc34bbbL,0xaddf878afd7c35bdL,
-        0x56522d5865536719L,0x595c3dd8f772d4cfL,0xd87c5b6045af30b9L },
-      { 0x9cc20b9de7992d5dL,0xdfd53d58d56f1964L,0xaf2947bdc7d42a68L,
-        0x9322b73dd19e8ad3L,0xa73a9e843243a6d7L,0x9c7dc57992c203d3L } },
-    /* 20 << 14 */
-    { { 0x86283e21f9daa551L,0x47fd23f81f696f1bL,0x7d029b1bb9784a9aL,
-        0x7c7798bea0c0acb5L,0x41241c716d7c682bL,0x11c6c1131d33c2b0L },
-      { 0x5d469ca23565cf32L,0xa949f022bad4bdbfL,0x3d054cc2a13cf4cdL,
-        0x13bd21669e3ce279L,0x01bc70e68a4beafcL,0xb39e351d8aba087eL } },
-    /* 21 << 14 */
-    { { 0x92efa2ebfa6cb068L,0x934209b29235050bL,0xc446ee28d5000c05L,
-        0xd4e51912862fb7ecL,0xa53940f111193db0L,0x5f2ef2aa82a7fc57L },
-      { 0x1a6b30ecb0210f49L,0x4ab1dac73899548aL,0xb116cc3186737a03L,
-        0x56cb33809ebfa5b6L,0x8ac3b61fdfd918b2L,0x65867e3ca102e1feL } },
-    /* 22 << 14 */
-    { { 0x26072a5d82357232L,0x3762764e9f0fd2f1L,0x9c5813f60c16733eL,
-        0xea2e0e03718951d4L,0xae195bd469e63818L,0x241a4afcfa2f9a6eL },
-      { 0x0e97519f9165d59aL,0x416bd37358e5af1bL,0xc4e811288197b7ecL,
-        0x4145be2c9c6ba0d0L,0xc82cb2a17d40b98aL,0xc3c28487bccfa8b8L } },
-    /* 23 << 14 */
-    { { 0x920949a810476d2fL,0x5b387bbe2502c026L,0xd1d61a9acd7f026bL,
-        0x81003d7ceea9a3f8L,0x6191c15fba5b78aaL,0xacbed41e30ad7befL },
-      { 0x1427f1fd6740f72cL,0xb4b5e7c93c475735L,0x6a374d1773029d5dL,
-        0xc1e4bfdacd622400L,0x670b9e36c2686dccL,0x1bb236e08dd4085dL } },
-    /* 24 << 14 */
-    { { 0x84aa863ea4ee10a1L,0x24d805a687919ccdL,0x553f3206b5c399b2L,
-        0x775b92173cc109bdL,0x25c01263fe384088L,0xa3c4418bd5f743cfL },
-      { 0x3d69705ddf91f1f0L,0x547d46269ebddad1L,0x0198ab1a2626cebdL,
-        0xaf8320f285b1afe8L,0xb9c0968ce17e6efdL,0xfedc75c290215bb6L } },
-    /* 25 << 14 */
-    { { 0x1d375f7dcee34c76L,0x2295f8dbaa486096L,0xd18577928285cb84L,
-        0x53fe6bd5e8c46c3bL,0x6f6cb6c068ba071dL,0x654ab4e8964e0f1bL },
-      { 0xc70857a9edf6aa40L,0xc313c7852fd26360L,0xd705a86a995998d9L,
-        0x413d35efd6989c8dL,0xddc0b2070df131bbL,0x21f64be59c7d70f8L } },
-    /* 26 << 14 */
-    { { 0x8061d340143ff74dL,0x59e94fc6a23aa7b3L,0xf7c79a0b914c3b81L,
-        0x5a836211702c6ae7L,0x2570d63c718123c3L,0x7e86d11ec9f5ce3cL },
-      { 0x80f03f9717bcce3bL,0x073975b1465a7446L,0x29f66de7cb357aceL,
-        0xe87bd12c04894fb0L,0xfc501a2651a0b5aeL,0x20a3170c02207a3bL } },
-    /* 27 << 14 */
-    { { 0xaab1f0fa2785a18eL,0xa50192fdb37c657aL,0xe7073b27f0c8a908L,
-        0xf3e0451b2c82fce1L,0x8237e128c290240fL,0xc1c631621bbf66cdL },
-      { 0x9bbcc2afb6639b7cL,0x07643d299bf0e0c6L,0xf7f070c7671c5be5L,
-        0xb09a423a9870ac6aL,0x324503506656cda2L,0x4f404be80584abc2L } },
-    /* 28 << 14 */
-    { { 0x3ee52d8f5fe63bd4L,0x09f8405c7a7da77cL,0x35ce95c61881a757L,
-        0x0a8cf9d9c13e3707L,0xe71258d548d2d3f6L,0xcf4fd6910bbe7c0dL },
-      { 0xbd6496e1fb9479f1L,0x711c669aab8cb3a2L,0xcbe8501358cfdfb4L,
-        0x655c902b59275b4aL,0x7e0ff05b20f722baL,0xcb00031d42b17aadL } },
-    /* 29 << 14 */
-    { { 0xc568cee0cef0ae1dL,0x1b3422ca7a55aae0L,0x8dcce5058bb536b8L,
-        0x12df74bee92759c9L,0x029abaf02ef962c4L,0x5d30b4359bb1240fL },
-      { 0xc62fe8e7d03a850eL,0x67da35b5b08dcab6L,0x6f4d4e75e8ca1131L,
-        0x53d6fbf81bd5bf97L,0x596d850ceaa0b2c6L,0x32e918240e8d39b5L } },
-    /* 30 << 14 */
-    { { 0x3360ff11d54bf1a4L,0xbab994cb5c79494bL,0x953ad553757d7771L,
-        0xf17f14f068b58ed5L,0x223615317523c422L,0xf0f05f965ebf0d49L },
-      { 0x3386676549182267L,0xf87eccc1ad71c3ebL,0xd7708e18913d8dcaL,
-        0x27fe27e1b193eef9L,0x33376365cc45e65dL,0x599b4778d700ac20L } },
-    /* 31 << 14 */
-    { { 0xb118f73509ebb3c5L,0x7299c7844d0d36efL,0x409ef9cde10b249fL,
-        0x040f91d0156401b9L,0x6b9fa5b107467a49L,0x2ede334334415300L },
-      { 0x0b3abc9c0edc8055L,0x58f850958ca04aa2L,0xeb0d3202e568b6a6L,
-        0x5e57bb1a159dce4cL,0x8d3780e03b68641eL,0x78eb21a0d9f50517L } },
-    /* 32 << 14 */
-    { { 0xda643272ed068028L,0x86b52135a91fb87fL,0x23865a7c35b43943L,
-        0x6ac015884606bbf2L,0x9660ab721559fb9aL,0x1fcb09e73ce2f1a5L },
-      { 0x62af29ab793d2f0cL,0xad5aaef53aee7efcL,0xee9f29b744c11037L,
-        0xb2a19cf1d36c2571L,0xb87d88e265b552b7L,0xd8b4f172beb253d4L } },
-    /* 33 << 14 */
-    { { 0x6776241470c50124L,0x157c591f57d0eb9bL,0x99e1e2d769b4bcc2L,
-        0x81c2b923a9d94ed3L,0xbdd9294fecbf3becL,0x3825c29a4c4fb135L },
-      { 0x431d9f26e915cc2eL,0xc4fb48afec1a4835L,0x97f426c09ada831dL,
-        0x0be0cf81d5c48eddL,0x166ee4243d02771fL,0x810bb518b09de508L } },
-    /* 34 << 14 */
-    { { 0x9f4dd8185038ba67L,0x5ff1572801111ed1L,0x900d44f163de4d57L,
-        0xa36c1a67d5db5e67L,0x2f01142e2bf5cea7L,0x1519ae1f59aefbf4L },
-      { 0x7b963d1f6d989fcaL,0xa5bb3cb85fce44e1L,0x61087c9672fd3285L,
-        0xfb2fc6c1c597ef26L,0x5548e25c81e70a6aL,0xa6c53d67a229d7bbL } },
-    /* 35 << 14 */
-    { { 0x9d11a26ab9678e36L,0x8142106fbe07b082L,0x3c31548b322fda75L,
-        0xa87215ceb7299565L,0xb5229b119ea80113L,0x7221a40f43ae700eL },
-      { 0x1ad48de8cc00aef7L,0xc4573660d266daa8L,0x1cb020a65761657bL,
-        0x9e799be24588c895L,0x3d209df968561484L,0xa0fb323295fec6d8L } },
-    /* 36 << 14 */
-    { { 0x9292138a3acde05fL,0x7b23f51a50f9e7f0L,0x6ad891a1af59b585L,
-        0xbd394db79654da39L,0xcb8c47315f7c6edbL,0x367bbb5d6d2d6e5aL },
-      { 0x8df2c759f51dd55eL,0xce0924d8e6c3517dL,0x49c46188097a8072L,
-        0x47169f40980170a7L,0x56198937b96df7ebL,0x09572534531fb3b6L } },
-    /* 37 << 14 */
-    { { 0x04c18873d2eef240L,0x5752cce75106879cL,0x4b7fbe6bd9736e37L,
-        0x7c7f1de4c85990afL,0x0cda6f07a2324ca7L,0x0894eafa4d80c28eL },
-      { 0x24bd95890ae7e6d9L,0x050d526aaba494a3L,0x4b05455ee583fb5dL,
-        0x3b5fb27c6049bb23L,0xc7c9da6ecb5b411eL,0xc1f2528ebc38336dL } },
-    /* 38 << 14 */
-    { { 0x8b177119d62ff4b1L,0xb0c02e2783150269L,0xdbeee1f8428f9e51L,
-        0x2a55661225ff00dbL,0xb4ebcf98cd0d526aL,0xc69f721fc0efa6abL },
-      { 0x0ceeceb516e29d31L,0x0bf4510127d1c530L,0xad942f1f42a7383dL,
-        0x2cf389eb03b8fa98L,0x1aa647651ec6acf0L,0xf7ac647c202433b9L } },
-    /* 39 << 14 */
-    { { 0x880bfb2caa7fcbf4L,0x18c2b739731cd693L,0xd093ada3ae39b46eL,
-        0xd48a288796c6fb7cL,0xed7c405daf96bbfcL,0x6b63b9ee256335e4L },
-      { 0xfd4795ec7ee8e89cL,0x4f3fa1ccb07320d6L,0xe16c594206b0078dL,
-        0xb8c95b563a0b2914L,0x2b5b5ab42b337970L,0xcf612b4cb9f75ea9L } },
-    /* 40 << 14 */
-    { { 0xbfe63081596eecd6L,0x20eb6fb0a3a194fbL,0x4497ec2b8751a73eL,
-        0xf90e9e4cf88ba0e5L,0xd5a9c5d55974eca2L,0x9fc120ade4f3e171L },
-      { 0x9ae058a633330640L,0xbda3227855bc8aaaL,0x7851cdbc1c9688a9L,
-        0xf68d7d9e1d950edfL,0xc89c645074e06425L,0x62406f3b6116d386L } },
-    /* 41 << 14 */
-    { { 0x1094390070e509fdL,0x0a8e3db09af61ad1L,0xa487a61538d7aa57L,
-        0xa9d56bc5ed020b3bL,0x7ed2294f638b35f8L,0x53d6870dc95fb42eL },
-      { 0x85e828494c2207d7L,0xf88831baf0556be9L,0x64a547979fe416c3L,
-        0xd61b652e779bebaeL,0xd3f43e2f2c0ccce6L,0xd5119f341f680ab7L } },
-    /* 42 << 14 */
-    { { 0x466f42a1191938bdL,0x95ec31c036f1dae5L,0xa7f350d2feaa8b55L,
-        0x66434577555c505cL,0x0c668e73f55d1ca4L,0xd6af5ba4a7bd7449L },
-      { 0x581e14ac1a79d8c9L,0x9761d9763054e915L,0x928e7415d69220a6L,
-        0xc5bf4bb405bc4a22L,0xad033b7c45d52313L,0x4e67962c75d66dc7L } },
-    /* 43 << 14 */
-    { { 0xc60e17b2e2300049L,0x731c2fa54107f308L,0x848f6db7cc2982b3L,
-        0xf251c21085275d38L,0xf5cac5b2128c8a96L,0x3c012933405b27f0L },
-      { 0x9b0a61520b8b15b7L,0xb1c32dc691fa4548L,0xbe7b7654f366d677L,
-        0x7e1f33277147a660L,0x11e31a0eeae310bcL,0x3edef63c1b86b525L } },
-    /* 44 << 14 */
-    { { 0x6f7e7259c6334c8cL,0xe34cba49b4f2333bL,0x157bf099211d08c5L,
-        0x9e39c5442988a4daL,0x796ed9f17a998311L,0x3f4da896d8d349e6L },
-      { 0x8ab75656fab28acaL,0x3e215d5342d14b21L,0x50008fd7bec23301L,
-        0xd6ee4853446e2c56L,0x203ff1c880da14bcL,0x27a4bfbbc333ba74L } },
-    /* 45 << 14 */
-    { { 0x745e69dfb3d54e52L,0x1ab2a03e7c405cbfL,0xda71141e0bc431b5L,
-        0xb3a47e71aafa7c19L,0x5329594fa88a4905L,0x489b5928973aba07L },
-      { 0xbe31a4d37350ad6dL,0x177e5285478a42a4L,0x45a101bf848eba6aL,
-        0x4287dfd949936d31L,0xbc4c491dc82823c9L,0x87c816aaeb8b8055L } },
-    /* 46 << 14 */
-    { { 0x66f5337cf309ced6L,0x897cbcb9eb5ed3cbL,0xeffb601762c35fd5L,
-        0xb4b702f081fd31f3L,0xd5203833f66f6120L,0x1d2d5ef318a84d91L },
-      { 0x22f9fae70edb3857L,0x034197b3cef00765L,0x16d8c6b493643908L,
-        0x90ac59e16c51708bL,0xbed18da32edffd9dL,0xc90ac893e750df1eL } },
-    /* 47 << 14 */
-    { { 0x4a0af827bdb07e48L,0x5588631e131f46ebL,0xda550ce1e503169dL,
-        0x0e16b540f2cf2f14L,0xea19a70dc79930abL,0x5654aa5fa8925651L },
-      { 0x2f1a14906104f9c7L,0x98420d6c654cf319L,0xf967467f3ca96df3L,
-        0x6abe4e32dee1fc07L,0x913bdf2bbd07d17cL,0xf96f70eda8ef9068L } },
-    /* 48 << 14 */
-    { { 0xa0096d10b7f8286aL,0x493e88563015be8dL,0xa221d57c17f70125L,
-        0x4f932f4fe425eb77L,0xf0fa00df78ddfe95L,0x68165f257866f01fL },
-      { 0x01345af4b1693425L,0x3fc8d3a6bad5603fL,0x4269006f0bf46cf5L,
-        0x96e3b6b77e340ce9L,0x2a4bda69df7c68b7L,0x9649d8b91b6574c2L } },
-    /* 49 << 14 */
-    { { 0x98f55e59112ef290L,0xa5516c3568909cdaL,0x40407393235165f1L,
-        0x6eeeae510991970cL,0xae79ce1faaa6d26fL,0x8bc719b441d43f67L },
-      { 0x4a7af92a39cc89a3L,0xf6d14f9a85c8ab12L,0xb9bfca97eb8d4851L,
-        0x926b8155cd52b2f3L,0xdd17dbd48fa94f9fL,0xaf68726447cac5cbL } },
-    /* 50 << 14 */
-    { { 0x39d7c1729517c2c0L,0x6f795181166e2f50L,0x9f6ecb5dc0ad8b54L,
-        0xb480afac8e75ce4bL,0xf51569203dd5ad07L,0x87c855e73799b80dL },
-      { 0xea8c34d9538ebc9eL,0x67bebb6a957b303aL,0xc6511b7b4dfc6d7bL,
-        0x9a40cf5885b02ee1L,0xf4fffbbdecc59a6fL,0xe85a7c115cebfbcaL } },
-    /* 51 << 14 */
-    { { 0xffa0118c4a33265cL,0x4c4051d583e0bb83L,0xcde22f8d7007d078L,
-        0xae9ebbc2932cba29L,0x297c2252f7a82223L,0x662814f41a09fbdaL },
-      { 0x3bfd965640be805aL,0xe49901e592acce09L,0x4e201930bbb6bb43L,
-        0xfe94eb4dcc018aa2L,0x454d8c611dcf97a5L,0x11d8e3a230f1011dL } },
-    /* 52 << 14 */
-    { { 0xe745ee2c36cc8b1bL,0xb40c94e6e328c813L,0x4144aecd8bd107b9L,
-        0xc35567890ea88fd2L,0x017460e30492a810L,0x0c63cd4410b8bea1L },
-      { 0x9123e9a3c890f74cL,0x940fe6590cea499cL,0xbe306232c82e1bdeL,
-        0x40544f6bc041d7ecL,0x46de1f3b477a7dafL,0x336551f6951f1295L } },
-    /* 53 << 14 */
-    { { 0x2a61217a09b3b9a1L,0x0736704635b71125L,0xfddbf1933df24d57L,
-        0x33ddabcb4592d748L,0x2fa9ff8a25309e3aL,0xdca2dd2892a0e76aL },
-      { 0x706350255dfbd02cL,0xe01c2553b6306b8dL,0xb14132905e91ddecL,
-        0xf45221866f6de6fbL,0x2d48d001b440319aL,0x926e9b64fe67f843L } },
-    /* 54 << 14 */
-    { { 0x5580401264e2c160L,0xe154925a9a6c256bL,0xce2df32922260b79L,
-        0x74824410c546d756L,0x2a1d0a5f79887083L,0xa2c040c5da3f7d48L },
-      { 0x74058ecbc14f96b8L,0xe69c09d73415e476L,0xe5a93bb47a443fc0L,
-        0xe1bb24800c31d7b0L,0x4701d669f4ab0610L,0x0ad815841eeb23e9L } },
-    /* 55 << 14 */
-    { { 0x823cd737d72b5925L,0xee09efb9fa38cb06L,0x6828dced4a21e81eL,
-        0xab67b37bf365e481L,0x3995edd2b5a7c630L,0x4c24ac8806930b7cL },
-      { 0xfd7264d36dedce0eL,0xdcab1e333e76fe1aL,0x6b40889a89a94f97L,
-        0x7a1fd432b2a3b0e3L,0x121efaea3ffe933eL,0xa81f6c6f843c3553L } },
-    /* 56 << 14 */
-    { { 0x26301455e5488aceL,0xdf39099881a20dc7L,0xac7d6049ee06c7f3L,
-        0x547e8df33f248fe7L,0x5fc4b74213743dceL,0xa97721bc4c398630L },
-      { 0x6b7877cc258aea47L,0x1cedce562d5c28d6L,0x7e930e419428d66eL,
-        0x42c80757b97faf54L,0x091fe5ab3812e632L,0x2c29fd42e2e359bbL } },
-    /* 57 << 14 */
-    { { 0x2d9e65a61d7b990aL,0x8a9ab4bee2a8a6a9L,0x8658c36985e3eea6L,
-        0xf352787df0de0b23L,0x872db1de1161aa92L,0xf2648c972190acbfL },
-      { 0x9a34f1d09de72e41L,0x13860f846c086516L,0x2e9211b824127c21L,
-        0x4e1623bba3697c37L,0x41d71f1df579c733L,0x33f0ebf7ca9f68aeL } },
-    /* 58 << 14 */
-    { { 0x9b51f4ca9f5a40c2L,0x38b59573682e2132L,0x5765e89dc556998cL,
-        0x102fe894698a4a8cL,0x0bbcae977c6964d6L,0x8548f2c6dd7bb12cL },
-      { 0x32c11ed9e49848d9L,0x1ee1b525135aefc2L,0xade5d14e812a5e4bL,
-        0x0e122e7e15bb167bL,0x321594d4ec5c3594L,0xbcea8723a7c02afeL } },
-    /* 59 << 14 */
-    { { 0xdbf91edcaf87c75aL,0x9710003266582706L,0xb10cb32b1133a7b3L,
-        0x70f5d71767e068daL,0x8d937e56b8e0c9a2L,0xd8a2652ee2a9afd7L },
-      { 0x94d6cae9cc90c6ccL,0x3512f3abe94f68ffL,0x931ea6f09331ad40L,
-        0x71621013daa3d4f1L,0x591c40bfb668a992L,0x5494cc174c6868e5L } },
-    /* 60 << 14 */
-    { { 0x7981826070ececc7L,0x8cc0b6e071cfc0e1L,0x998df6590276a6bcL,
-        0xffb5bec11a43be05L,0xb93b1543f2beb640L,0x337703d456f3719bL },
-      { 0xce74c17cd40a7375L,0x6aef79cab1aece94L,0xc5bdfb388876d218L,
-        0xf71ce9cccea91445L,0x471cdbd1ed6e5f5dL,0xe0cc79cf10e56c08L } },
-    /* 61 << 14 */
-    { { 0x2b17e181794ebe48L,0x6111c897f28cdd32L,0x4d59199062dfeee5L,
-        0x7b9d070241b14904L,0xa1ad534d5fea4804L,0xc08915d953b16c22L },
-      { 0xa57c883e8ac9ddedL,0x589474dcda1d1bf0L,0x31cbf32ce9aa8e7dL,
-        0x2abe9b60f0930d84L,0x604731b0cbdd031aL,0xbc35b1e4e9e1b3c1L } },
-    /* 62 << 14 */
-    { { 0x39300d55efeff954L,0xa9cf57f34fe9cffdL,0xe3315321b15aebbdL,
-        0x26354c57b840b080L,0x2c690488476abf35L,0xa7303fe6d480cf33L },
-      { 0xa50865295706c3b1L,0x4c26034eed0b2342L,0xf08d67be9ae9c452L,
-        0xd4dbb9f5046c7d0dL,0x4435f1a3f9e5393bL,0xf47aae68cd4d5de8L } },
-    /* 63 << 14 */
-    { { 0xce9e5ddc06d5f48bL,0x22c1cd3e0ef642baL,0x2ad48eb9e9b8a960L,
-        0x330074883ce26679L,0x495e62428d2de642L,0xcba5bf37e03b1a77L },
-      { 0x9382c92de716624dL,0x410d212350a33e4fL,0xe55ee116e953e7edL,
-        0x27e9a0584b840616L,0x560a5e4939473bd8L,0xbc1e795b382f3a95L } },
-    /* 64 << 14 */
-    { { 0x31bdb48372876ae8L,0xe3325d98961ed1bfL,0x18c042469b6fc64dL,
-        0x0dcc15fa15786b8cL,0x81acdb068e63da4aL,0xd3a4b643dada70fbL },
-      { 0x46361afedea424ebL,0xdc2d2cae89b92970L,0xf389b61b615694e6L,
-        0x7036def1872951d2L,0x40fd3bdad93badc7L,0x45ab6321380a68d3L } },
-    /* 0 << 21 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 21 */
-    { { 0xc5cf8997ce0b5b72L,0x350adde19d7154baL,0x8139681e307b254aL,
-        0xcc87fb5775cd94d7L,0x90e7027478684954L,0xc4fdf4c095ceb991L },
-      { 0x91bbc0ab8762c84cL,0x5e09e226ce09e8adL,0x1cb83d704b93d45fL,
-        0xe2299024f541da1fL,0x3eef7ce14b7ffd10L,0x53ee63bbb3fc1b9aL } },
-    /* 2 << 21 */
-    { { 0xe5004e8003682f59L,0xccdb9cb7f642ac0fL,0x405f50d1bd869f77L,
-        0xecffa54de7ebea2cL,0x3354dc22d87620baL,0x01bb2988b1c01ff4L },
-      { 0xd9370076e16477fdL,0x45303d2a2e71ba4bL,0xc0de76273291e5c5L,
-        0x5cfebd87f0a7ca55L,0xde1162809e592a30L,0xdd26e577a78ebce4L } },
-    /* 3 << 21 */
-    { { 0x1e9b23b9ff1735a8L,0xc3bf3d5b2b0e4b7bL,0xd4cc00fe59b7721cL,
-        0xd5c36f9c9e2f4cebL,0xdeca06bac90af70eL,0x42676f12416ee799L },
-      { 0x0d7afe1b6f748c6fL,0x0b7a6de539c39d55L,0x11e43d6ee6eaed18L,
-        0x5baf8602496087e0L,0xf833634fb1a3a66eL,0x25098c8a79398677L } },
-    /* 4 << 21 */
-    { { 0xe141e763d4720770L,0xb9739e70ddb3b450L,0x46e6cde496131446L,
-        0x0458a5d5cb6c2ef7L,0xb7747634532f9fd8L,0xf62d372116544457L },
-      { 0xbfacb4ded3100854L,0x70788a31b39d3f62L,0x9b543220f22d92e4L,
-        0xaa4590f655723258L,0xc7b6730e01ddb8bcL,0xae252cf869e1e7bdL } },
-    /* 5 << 21 */
-    { { 0xc618cf0ddd4b8d8dL,0x471cda8640dcfbfbL,0xba0dd7ac08882ce6L,
-        0x58e5d2f56cd336e7L,0xcdda8301af096540L,0xf6d268463cf31600L },
-      { 0x6150cd982197efd5L,0x4440fbfa55fb0877L,0xca31871c90757f1dL,
-        0xc4a1faacbdd756c8L,0xc9d4ac1bcbb8421eL,0x3c0c2914b17c43beL } },
-    /* 6 << 21 */
-    { { 0x46fdb65caa6fe9eaL,0xe0d48e5e05494cd9L,0x5adef5704afbf837L,
-        0xc96ba4b91c9e2cadL,0x1e8158f7054a158cL,0x47be73209e38b88dL },
-      { 0x9b99971e6d2993ecL,0xac9b0bfadf980eccL,0x9da09642d96ca391L,
-        0xd67105369bf4305cL,0x40cc1adfa0dfafaeL,0xe27e32f8a209699bL } },
-    /* 7 << 21 */
-    { { 0xeaaddeb836e87d82L,0xc12587a71ffd7210L,0xf93d2f5c731f6838L,
-        0xb96594e8f7097a65L,0x08d6717ab016e8d3L,0x9c378de81984d825L },
-      { 0x627d41e7cb2a0c26L,0x1f447501c697ceb1L,0x8dc40831c760550bL,
-        0x70ad48707fac97b0L,0x5ac7f22e7021c170L,0xa6f730e4929d5931L } },
-    /* 8 << 21 */
-    { { 0x7d27d71fd186cb09L,0x67cb7f4e3bc213c7L,0x418cafeb6075b2cfL,
-        0xc0d691e6d93a06f7L,0xc16a95259dd001b9L,0xa0583230026f17b9L },
-      { 0x4c1041b07845900bL,0x2874079147a22aaeL,0x8d08efd62c1758e9L,
-        0x9cc6f207e6c3229aL,0xec69e902082d8924L,0x9cfa1deaf331dfe7L } },
-    /* 9 << 21 */
-    { { 0x7b5ab2afbce81cd9L,0xd25fa34b12028b49L,0xf9d65e6b63a659beL,
-        0x6f88f1ddfffb943cL,0x38eb0d02b871cd5fL,0x732afedc558ad949L },
-      { 0x4093ab05367d424eL,0xf73b23ad29de1be7L,0xce1c0093e7a50181L,
-        0x6d05cbbe1e412cb9L,0xd3c1148b773a394cL,0xe04b5fdd38e50316L } },
-    /* 10 << 21 */
-    { { 0x1793535b8d0ce0f4L,0xe9b054b1ab73f7daL,0xd82a3ac1ee7bc6e2L,
-        0xb28ad846b847f39eL,0x40975fa2fc10c012L,0x8de998619aafe68eL },
-      { 0xa73f442584878534L,0xbe3118cb7a36a0d7L,0x3763a49e8fa37fc9L,
-        0xf3f8ef82361f32b9L,0xea66f9978c1aebc4L,0x88600d648d9d024cL } },
-    /* 11 << 21 */
-    { { 0x11f842ca150a3325L,0xbae115c3185a385fL,0xddf9643637561bb0L,
-        0xecea0cd9a4115fe4L,0x297720665893a694L,0x837e6880df408cfbL },
-      { 0xfeb8f511e0a7fb68L,0xd21869dfa062b60fL,0xe2b60f46ca6a5e72L,
-        0x64bbec184931d188L,0xfb09c90fe3ef3378L,0x67cbeffacd767337L } },
-    /* 12 << 21 */
-    { { 0xd35832381b289f6eL,0x10dac54a0aeb3bcaL,0x4df1c08d6692339aL,
-        0x2968edec20054647L,0x34072618d74235a4L,0x00b4a7ae71d6064aL },
-      { 0x23a8900e25c23f8fL,0xda0cb7fad7d0f1b5L,0x266211c56c8ecdbbL,
-        0x0a4351b97bc27e4dL,0x98d54c97fc234258L,0x5ba534071e1a4dfaL } },
-    /* 13 << 21 */
-    { { 0xf07cfcdd77f083bdL,0x89bcae29d46712c6L,0x2089c3ab0f09bb8bL,
-        0x3ede5a2a6b9a4028L,0x27ee18fe013066deL,0xc2bebbb416fcdda3L },
-      { 0x6b3926af3a87cd68L,0xf52f0ef9f9a7b831L,0x4a39660a1ffc01b2L,
-        0xe98f718d91aa6719L,0x8b0626f111d48e8dL,0x4a6a2e5b2bd93db3L } },
-    /* 14 << 21 */
-    { { 0xc3ddb6123ef24470L,0x98b66569bb3f99edL,0xccc537153a97a015L,
-        0x0d9a6b4d04937b8cL,0x854d081ad9a575f7L,0x347bf0c0127fbd90L },
-      { 0x6baa47a5c30987f1L,0x164b390dbfd0b503L,0x6672d1afe6a1f565L,
-        0x9a50ee5828d5bb14L,0x2e23ab480d0226fcL,0x33eb052365cdbdbaL } },
-    /* 15 << 21 */
-    { { 0xa32d1a27d904eb73L,0x6fcad8d0c43c978dL,0x8cf1e7a19c0842f5L,
-        0x2a6fa6d800328ae2L,0xa5905f67a1e3b06dL,0x458c8badaa8df96aL },
-      { 0xee5b20c0b0d4b89bL,0x352ae0c4815c1af8L,0x546a7d7e6dd73b70L,
-        0xa99882225f753229L,0xa38eb5d7efde47e2L,0x8290aaed92635ab1L } },
-    /* 16 << 21 */
-    { { 0x8ec4335fabe7c60eL,0x01f198c10a6a9fb5L,0x3ff96de001141ab6L,
-        0xb21acc2c2eca98a1L,0x6154849010fdf648L,0x2c01a99cd1403e8bL },
-      { 0xf1a35f306fa509d7L,0xf7715fe3e3f08e9fL,0x89c26c077fc9a752L,
-        0x8d2535fe420d48a0L,0x80ec5ddd52fe2e73L,0x041b8df071704f39L } },
-    /* 17 << 21 */
-    { { 0x96882074659a0a12L,0xdb0d63032a6bb752L,0x2a1fb2d740c2194dL,
-        0xeb6b45ba2c184444L,0x10ee44368c179d33L,0x906d0e509391917fL },
-      { 0x11bead88ca3bcba2L,0x25914dae4253fb99L,0x0445b31013c25404L,
-        0x2a2eac6d515f53baL,0xa746a1d662bf0a11L,0xc7576a4c6573c4f1L } },
-    /* 18 << 21 */
-    { { 0xec159ed060c5bee9L,0x80282ff007746414L,0x8d53f05f40a97a54L,
-        0xc92d8789f5d4eedeL,0x1edd798132344c09L,0x3bb9a444a92c7b36L },
-      { 0xbf130f5cdd6c8903L,0xd270e7cf676fcab9L,0xac49744bdc5ae6f9L,
-        0xbd0ccfcb40e39281L,0x222efa16a981b3f7L,0x92bcd2d700aeeadfL } },
-    /* 19 << 21 */
-    { { 0xecfdb91489c73e10L,0x83a5168becffe79cL,0x6a0d57c123e97ffbL,
-        0x774121ca4b130cc3L,0x8556fdc5486967a6L,0x1249448d5fe4a7f5L },
-      { 0x8c2c14440e93c114L,0xcde258573bc68985L,0x697ba7b0952758a2L,
-        0x0d962b377aee19e3L,0xdb31fe8582c4c640L,0x6ecfaf36c89b4b85L } },
-    /* 20 << 21 */
-    { { 0xf1e8c5a0e06b40eeL,0xa55909fe59836af3L,0x77a13be8a3a4ed95L,
-        0x47408650bbbcde0aL,0x95b455c2b4fba7b7L,0x4983f5ca4321117aL },
-      { 0x37bab5d1e18d304fL,0x0edf3733f1d29206L,0xe23e4db4dab91670L,
-        0x602a5265923ab7c4L,0x53ee98c6eb920a03L,0x1b592b626f25489cL } },
-    /* 21 << 21 */
-    { { 0x66c981d9d3543689L,0x20500cd7bb8f53bdL,0x807d43605179af77L,
-        0x7280a7b27c286404L,0x75a74e630976a65fL,0x2ba9ad9df11c3bdfL },
-      { 0x23f38f950ec6c760L,0xcad599102b858cc1L,0x4d9adb7efec23c19L,
-        0xbabb6e45095e85c5L,0xfab66a97e5dac2e4L,0xcde4b15a08baf1f4L } },
-    /* 22 << 21 */
-    { { 0x148aad3207089d6aL,0x3ab5b0790303c267L,0x7d13995bc3153026L,
-        0xeba27c192287f305L,0x5faa453367ae45bdL,0xbbb561db2f4e9488L },
-      { 0x254d8977c8493163L,0x60d468fc5c544164L,0x0b6309a3a2758037L,
-        0x8480e16b1f9add24L,0xf1d99fd2902ec661L,0xd32df254cb6dd6f4L } },
-    /* 23 << 21 */
-    { { 0x9a17f5c3610178b9L,0x75dded80bada5aadL,0x158249c23dbeb289L,
-        0x1d0671cac300cf49L,0xa1649bd0886902f2L,0x79b0d6ed7d13be62L },
-      { 0x78253e7549e2327aL,0x5629cc509af110ecL,0x4373a20059f8765cL,
-        0x739f33289d9c5f3aL,0x3c7d5cfe9a5f997eL,0xf044d90d0559357eL } },
-    /* 24 << 21 */
-    { { 0x20aa15d97ab838e6L,0x6cefdd5a0c827ed1L,0xe2f205caef579e8fL,
-        0xad27e38b325981bfL,0x087b8284c3438be8L,0x2095dfcf422360d9L },
-      { 0x87cdf5ad76d096bfL,0xf1b97ce1e022adc3L,0xa71240c189104665L,
-        0xeb5a175c9c1578e8L,0xbd66910ad150ffa2L,0xac277af811459a28L } },
-    /* 25 << 21 */
-    { { 0x7db4df62417fb54dL,0xf6c1e7f04dfb7c05L,0xfdcbd3777aa8ceb5L,
-        0x0364b3bd89c24333L,0x8a721718fdd3dcafL,0x9a6015dcec2848f1L },
-      { 0xd6571930d35ad1a9L,0x154a929199369196L,0xf3be7e228e514732L,
-        0xfa3eef28b7fd3aacL,0x0bc3b2a69f60d298L,0xf6327920febfca58L } },
-    /* 26 << 21 */
-    { { 0x3b9de1baf8dc6030L,0xacc4224a2107fd1eL,0xa7d32fe86dcef0d2L,
-        0x353d5e88dd83fb28L,0xd552c3ce50bfb0b2L,0x69bc0e686cc8ee7dL },
-      { 0x965c0ca21d9c74d9L,0x5cd163a406ac3ecdL,0x57910a828e98b581L,
-        0x1d0fa7523d992afbL,0x862d3184e7d12701L,0xab6a288c6c7d161aL } },
-    /* 27 << 21 */
-    { { 0x04caa9caf4f2b3e9L,0xcdb896141af43dd4L,0xb09444fd4e74ee8bL,
-        0x9428849fec05d35cL,0xe29bb0e94765c0e5L,0x138c45f176d25d2eL },
-      { 0xbf041131a0184d83L,0xaf321573991ddc4cL,0x058760a8ef31df7dL,
-        0xe0b94b57f80dcf5fL,0x75572221850a4a6eL,0xc735580c104a4a1fL } },
-    /* 28 << 21 */
-    { { 0x9ba102f1a6b735daL,0xe073232edfbe7d06L,0xa8ac24ba57266a16L,
-        0x07458ea42d5c4bb0L,0xfbdd0f0574868e1bL,0x73fa612a3921fe7aL },
-      { 0x26f6714b0b32d8e2L,0x7a3cb2b48bceb95eL,0x756a68c6290f204aL,
-        0x148fbb787fdf2b7eL,0x639ece6c57fe0da0L,0x315aee1e9a92b7e7L } },
-    /* 29 << 21 */
-    { { 0x22dc170769d10661L,0x8d89cd1c71fd40f7L,0xa22f11bfa2545040L,
-        0x1247d019d44c2446L,0x8d17daaba08235c7L,0x7e6863b9fae7874dL },
-      { 0x6d57431c0490d338L,0xc1459e61809d1f9aL,0x4eb14dce95b64852L,
-        0x8d3a04e6a7b5a861L,0xfed631ee7bfa24a7L,0xf8f86f27af11723bL } },
-    /* 30 << 21 */
-    { { 0xb43b14146e63c833L,0x497a5f98c1ec160aL,0x112223de83eb3709L,
-        0x293964a88d100b9bL,0x6db1d1931e3b2db3L,0x264bc83d71eced39L },
-      { 0x8418eb43aa89c967L,0x51d41bff76f8620aL,0xa4017ee5cc416467L,
-        0x1cc527231e216e36L,0x76ba536ce8069a6fL,0xa239b54acb77b981L } },
-    /* 31 << 21 */
-    { { 0xa05f2dbc37544476L,0xf18dbcd71b797f65L,0xc78131376d50cd5eL,
-        0x2b509a4d6dee11daL,0xfc0f0584beba1b6aL,0x3282624a9d53bd6bL },
-      { 0xa0944e5c16b7187bL,0x468a79b8aa2f99e9L,0x32e4644b38bc4ed9L,
-        0x5bc375d7e7cf71feL,0xe18e3c0956617861L,0xbce9ccbce69255bfL } },
-    /* 32 << 21 */
-    { { 0x498808edc65fafceL,0x3676a7cc4e806bc3L,0x796e25f176c6b964L,
-        0x1aced64bac474261L,0xa62470fc29a460c1L,0x77501dce5e751e48L },
-      { 0xcc00053b6d9e3641L,0x2b5bc4ae9a3f5a0bL,0xddaccc2e3f9ca178L,
-        0xad33f34a0b80d1b0L,0x6a76df9364642225L,0xc145f36f778e761bL } },
-    /* 33 << 21 */
-    { { 0x377fc5ac575e74f6L,0xfefeb2327736739fL,0x62ba076a9fc2d5c5L,
-        0x6f3c6084baf0269aL,0xce2917688fa7c145L,0xa60bb8905b3f2333L },
-      { 0xa811055dd900095aL,0x92d95e7b385bd4f2L,0xba54f444d33c2a43L,
-        0xc1b131327d12754fL,0xdcdb54821556f5e3L,0x55377fc539ca4b94L } },
-    /* 34 << 21 */
-    { { 0x455f65d1a0cbee78L,0x554eccb566225edbL,0x306400b47a4e014fL,
-        0xef3e02eb7b67025aL,0x7d4efbaa997a633aL,0xd43c6eb8672c90b2L },
-      { 0x0ed2d88d7519da07L,0x864377854b9d51e8L,0xd5900a2e2e3ab57cL,
-        0xc02f046b69bb0a39L,0x06d825a6bff12faaL,0xa12e5b0d5d3ac267L } },
-    /* 35 << 21 */
-    { { 0x1716be5ba10508b4L,0x8706acbe7e37fbebL,0x3881f54e44e3d127L,
-        0x54e20622a864d77dL,0x26a194616b83325eL,0x0d57be814c15a8f4L },
-      { 0xb10c0cd07b53b476L,0x3d016ea097d39c64L,0x4d7df7c15315bdadL,
-        0x6fe5a1acf060cf4dL,0xd5e3d05396846b79L,0xebc878f79e3c8028L } },
-    /* 36 << 21 */
-    { { 0x5b849ed8d0d193acL,0xe983abf773950501L,0x5ca162770854a569L,
-        0xb0b284d26904bdceL,0x9c769d269d4fadecL,0x98e5e9b912677284L },
-      { 0xd9246836b557f2cfL,0xbd47433069d46374L,0xbce8b27b9b063a22L,
-        0x08da2eca37c5ba26L,0x9e742de8d4b26479L,0x643b752c102aa36cL } },
-    /* 37 << 21 */
-    { { 0xb72fae566fad22d5L,0x1e921426cf2fd62bL,0x9f31293d4c225102L,
-        0x78d43a621975afbbL,0xce2787303cfee30eL,0xb88590d77a82613eL },
-      { 0x42f86567560b932aL,0xc2d98915a7c9ed68L,0xe70e41fb349a9750L,
-        0x7e7fdd2c79f9582bL,0xf3d6ab07da737c0bL,0xba247c0b9f3cf823L } },
-    /* 38 << 21 */
-    { { 0x4bebaf153dffdbd3L,0xc37d4a04fcc967a6L,0xeabab9aca0435a65L,
-        0xf23d1d58f9ae9c52L,0xce229a798cc8f7b6L,0x4a61e6ebf5e11e61L },
-      { 0x770e1dc6b20f2d8bL,0x199d20e8cfb9e820L,0x9fd709c4c381a22bL,
-        0x6f53a358b1d52a98L,0x4b1a018c66f511faL,0xc7d2d49375d3a666L } },
-    /* 39 << 21 */
-    { { 0x3b2db5e5550791d3L,0x034ed5665bbb686eL,0xf019f161e033e3eeL,
-        0x33198653acd2f0b5L,0x368d89e41ee8273cL,0xa7ac3b507f26daffL },
-      { 0x73d8d7df006c0037L,0x98b5937de73cf271L,0xc3bc340be917247dL,
-        0x799ea890e45f37afL,0x27be0f5a25e8dd2fL,0xd70ec41c3bb16923L } },
-    /* 40 << 21 */
-    { { 0xd30302352679072fL,0x73dfdc0f95dad4c8L,0x53649b575c4630f1L,
-        0x60197fc08d098d74L,0x9c295d54647f5cbcL,0xfa5f1bc6c0813efcL },
-      { 0xf6e08007d2e49417L,0x4f7d4b3dab579569L,0x7af3e08e11d9b388L,
-        0x073ec38a5db61c65L,0x9b480cb89db4dc4dL,0x9be2ce7e372fa82aL } },
-    /* 41 << 21 */
-    { { 0xd87c0b55ed1b6d83L,0x3b47443adfae29cdL,0x16c5b0e52147bfdeL,
-        0x98812fd0663cbdbcL,0xe3cea04955ffe911L,0xfc1e9d9cc5df31caL },
-      { 0x7ffa90f9902c4ab1L,0x2cf973c3669a857fL,0x89243cfc94b109adL,
-        0x222d6fdb536ee544L,0xa48b1b15fd488c22L,0x7120e3f0f318ba27L } },
-    /* 42 << 21 */
-    { { 0xfbb8a3cd47813054L,0xa2d7255d462ac3f3L,0x341bc10babdfa7adL,
-        0x01efa884ceb9ea50L,0x30fa0f903f5bd09cL,0x8aa309453abd108aL },
-      { 0x0ab7fe23f9ecab6fL,0x0585f72a5ec032bcL,0x686a7d71cf9f4fcdL,
-        0x096bbf04f769be8dL,0xa309931250b64584L,0x67be53402e216060L } },
-    /* 43 << 21 */
-    { { 0x4e14fa6eef252e90L,0x2ca968579b7db6f2L,0xf80772e3653f1662L,
-        0x4f89e666cd28bb05L,0x7fa800cc77eef62eL,0xa3f6ef5963b2f3e2L },
-      { 0x438d564bc81e600aL,0x8978912de14c1434L,0x33732892ea695891L,
-        0xaf6aef0b1dc8caceL,0xcbf9580b7c509cb1L,0x2db9fbc11ed6fbdfL } },
-    /* 44 << 21 */
-    { { 0x408805a1fa7052bdL,0xe4eb27f75f825c13L,0x0a0cc8fa37ee34a7L,
-        0x737b99a40c59156fL,0x78c2a5d8e1b55c30L,0x89d70b62bcbb2196L },
-      { 0x07ad36911e862a0fL,0xaa1c9118c41cc693L,0x7e6f544c4e1f7359L,
-        0xa5f4f5891bf9474fL,0xa711efd9ef56df82L,0x0428edb7e3de91fcL } },
-    /* 45 << 21 */
-    { { 0x67f403610905be0fL,0xffe68b80c12178bcL,0x41bef79ec6a673aeL,
-        0x347e8ba81bc77376L,0xd49956d60e589da2L,0xadd54508fed84dabL },
-      { 0x18868a4a462749f4L,0x2048cd88ed323e71L,0x7b27932aa28d1f02L,
-        0x3cf6107412e4ddccL,0x0f6198631360ecc5L,0x40e5e08b1330d33bL } },
-    /* 46 << 21 */
-    { { 0x79b68071e3ad573bL,0xcb070412723966f5L,0xf4610fd1964b453fL,
-        0xfdc9dbbc8bcee838L,0x3e191f3bb5ca4f20L,0x90d85084c02e0af0L },
-      { 0x4e3f57a70ee64025L,0x63f339acdea07a5cL,0xf255b5045eb4081aL,
-        0xe42bd241b4cbb0bbL,0xafa58985ff68c5c3L,0xd36cf7175b55e6e5L } },
-    /* 47 << 21 */
-    { { 0xf2b06f4b95d37e50L,0x7da1d2af3747c79eL,0x18a37dad6ad0092cL,
-        0x9f4a6f081a8f207bL,0xeb1fd3f2cf0fed15L,0xfb9911e4384eb46bL },
-      { 0x5f07c680b87cb035L,0xc49935d189e1531aL,0x718f6bd09ea02056L,
-        0xadafb67b18a4ca31L,0x26cb0f368477f396L,0xec7775df62ec2172L } },
-    /* 48 << 21 */
-    { { 0xdffb03aec10b43aeL,0x39b1266e9433a54bL,0x4c262521b19fe0dbL,
-        0x0ec1e54f3d5c7feeL,0x2856510b05e68e1eL,0x49382c1edc80b8a6L },
-      { 0x80a509312471bdd5L,0xe8cde18581974aa9L,0xca6112ee28235c52L,
-        0xd28a0eb8301f9653L,0x22b11e26e11fcdf8L,0x97e6fc5de4d735f3L } },
-    /* 49 << 21 */
-    { { 0x7fc264d35b253506L,0x1a11dd9cdfe2be8fL,0x2cbcf79c711185a3L,
-        0x2208200a46806ddcL,0xf2764b6524e75d8aL,0x71a71bcdfcb43c25L },
-      { 0xddd0cd3586a895caL,0x5ec28b469e2caf5dL,0xeb749df9f6614957L,
-        0xdae1dd77eddd371fL,0x7ce493b556dde554L,0xc1627c06d6e5653cL } },
-    /* 50 << 21 */
-    { { 0x7926553cdea7472aL,0xe1e9480d3ba7f351L,0x242a641b1b6a2fe5L,
-        0xf4af10091f790122L,0x5a2e2f95967810a0L,0xf1eaec6e2ed57598L },
-      { 0x34a32da96b9f2421L,0xdc32daa8dd820372L,0x8b2539fc37a067ecL,
-        0x2a495112820969ffL,0xea7c1829a699c283L,0xb4a1083dc2c58cbbL } },
-    /* 51 << 21 */
-    { { 0x1bcc30812e59d7a4L,0x557be0b2fac34690L,0x5b2868db673254faL,
-        0x62e150a49e1302c3L,0xe29e9b445772138eL,0xc76bf4fd7ccb31daL },
-      { 0x8d687bbb34c905c9L,0xf4f207030786eeb2L,0xe56a494c38deb469L,
-        0x759e75e2cc6bbfa8L,0xb11903aaa59eb766L,0x3f6928c5c68b3bf8L } },
-    /* 52 << 21 */
-    { { 0x27fa09ebcdded185L,0x763b655c36d090e3L,0xbc586674dd864c93L,
-        0xa1f84ff34c7074b8L,0xdf5261d17cf08435L,0xc57860f6fbdaff3fL },
-      { 0xfa49af22252d7f08L,0x2367bf8c8db5f89fL,0xad6443ce6dade92dL,
-        0xdc5265138d1af3f1L,0x62a282ecc720ce46L,0x1769b74c9808b416L } },
-    /* 53 << 21 */
-    { { 0x4ee11333ec598f02L,0x4613ba038c7eaad5L,0x48e0bfe61b1ccd1dL,
-        0x6e115b6b507b705aL,0xc4d38e4992874d89L,0x30460a066dc59fc4L },
-      { 0x75de8dcba0f7ea87L,0xba96718125101367L,0x9d7b03314a742660L,
-        0xb4ca381d8c304133L,0xb87b896d65846055L,0x8dd96f0513d381dfL } },
-    /* 54 << 21 */
-    { { 0x43716f0c3e25b7b3L,0x00caad210aeb5d75L,0xbfee232559a6cb66L,
-        0x06c1d812ad059aaaL,0x42d0af57c8bcc046L,0x37968ef70e409a85L },
-      { 0xc5c3812ee3be328eL,0xaaa74bf166547ad7L,0xb292af92a15a0db1L,
-        0xc0645385e5d5cdbcL,0x2dcf4ca937ec2c28L,0x3f75d089f0cb1694L } },
-    /* 55 << 21 */
-    { { 0x7e71fba26c0204d3L,0x6191ad249a40b4aeL,0xe2c7ab6bdda24cecL,
-        0x5a8fc77e95b26a2dL,0xa6d8b2e43f1c7e44L,0x42d485e4e0a0e08bL },
-      { 0x8697386ed7e3b896L,0x5b960d76ee7e58caL,0xda950e9a3fce610cL,
-        0xb85c7842803c67dbL,0xed8a53535e62ff2aL,0xfe6b0e2c4d674e7fL } },
-    /* 56 << 21 */
-    { { 0x46a2a08be26d822eL,0x63537bc689d6d6deL,0x28c556a2b3df9fbcL,
-        0x81d3161eb121d512L,0x4e27ce0b123bc86cL,0x1ebadb85bfb240d1L },
-      { 0x86edb71a1156314dL,0xf8ac56fd113961bdL,0x2f6bc6d8067f586fL,
-        0xf558b8833fe8e532L,0xe9433e2321a7997fL,0xb86f039c87e53b9bL } },
-    /* 57 << 21 */
-    { { 0xc022a16d78329681L,0xc3da7bf76b1226d5L,0x47ef18daa85c69e3L,
-        0x4614f0ee45cecdbaL,0x9126fc2640f19d1eL,0xcdecb2693f5ca09aL },
-      { 0xb62a831257a020e3L,0x5f9a8ddc8330d472L,0x37e58ab3eb208a24L,
-        0xe64ed285ee4b8687L,0x752fa22a74a82625L,0xa67e24609b25fbafL } },
-    /* 58 << 21 */
-    { { 0x89e3d770e6b94044L,0x50f50d1675a1a8c9L,0xe73c51d95344c139L,
-        0x97a8dd8411723e9bL,0xba0663c57de5dcf2L,0xf26eee6c3a6b588fL },
-      { 0x6275b2a9211b989eL,0x32ab4b311608f16eL,0x9e47b2943fdde5b5L,
-        0x63c50a50614bae9eL,0xffe4ef05e31c05e7L,0x2fea9142b7db4ba7L } },
-    /* 59 << 21 */
-    { { 0x27f286db0874c6f6L,0x26de6376e6ec0054L,0x56458a082ca84fc7L,
-        0x07bcd4011fccf1b2L,0xb8548e74bae6f486L,0x0ea5857a0de2964fL },
-      { 0x8e8df866e50fd2a4L,0x3b07d1a8710fc74aL,0x3e4cc4f5a1fe92b9L,
-        0x7380d0836e52d244L,0x4d75e1c12796278bL,0x9eb279258d33f4d5L } },
-    /* 60 << 21 */
-    { { 0xce7abd1ba225f084L,0x696e1eaff803ee75L,0x66f2789989415775L,
-        0x14df21a29eb4991eL,0x012a6413fe2a0769L,0x022cf1c8626f421cL },
-      { 0xd4644d0460ab4299L,0xa43cc1732a8d453fL,0x7c4ab8c20ed14031L,
-        0xd5854b98e14605f7L,0xd9a98c51fa7ff2cdL,0x7dbe8cbc46baf2c0L } },
-    /* 61 << 21 */
-    { { 0xf26574593c42ae9eL,0x7c3e5c13bbc289fcL,0xb815fe3fe096e7bfL,
-        0x3eb67095da54264eL,0xbf5ca7c4ff3f8128L,0x8fc4a3f865db4dd4L },
-      { 0x3af47b17ee382cfdL,0x8854132fd95520f4L,0x3387b11d33c5588eL,
-        0x5d7eb66c0c662f93L,0xcad581933b18885eL,0x8d1c069a6f23c209L } },
-    /* 62 << 21 */
-    { { 0xa9498fb5212ee678L,0xa8824b696ade4a39L,0x422c074e0a406cc2L,
-        0x7d38de650a2beef0L,0x482d16f81eed5bbfL,0x1c882006f18380a1L },
-      { 0xf90f6c2bb98445e2L,0x36aa980b2c738d70L,0x4caff65b6785ad58L,
-        0x1c282becf95863f8L,0x59ad267c5350b79fL,0x53ea042721cedec9L } },
-    /* 63 << 21 */
-    { { 0x5cc362909fa3481cL,0x1321acdd7292ac86L,0xcc30550378f4d6abL,
-        0xf7917237e7d9154eL,0x591e5ba81fb39377L,0x0a387e4f7c541c76L },
-      { 0x99685212a38570cfL,0x5cce35c8624cd61bL,0x375c68133aed79d0L,
-        0xf72d4b068197e487L,0xcd672f7d129775c5L,0x944ef37f1cd768f6L } },
-    /* 64 << 21 */
-    { { 0x9c66a32becc5f6daL,0xe4ff40431719ba2cL,0x8c6cfab721e716efL,
-        0x32c8fccb96ed74e6L,0x475890dd0b110c83L,0xdfada95f5cb4eefeL },
-      { 0x9d7b89a693240fe1L,0x6afdb2d0210b776fL,0xc3f0b55bca7a7d52L,
-        0xa6e56a0655d04585L,0x818e221c4257acc5L,0x05207b63fcb8d39eL } },
-    /* 0 << 28 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 28 */
-    { { 0x0a74da82d8ada6ccL,0xc6b98a3cbea55457L,0x896c26bb57c2f5acL,
-        0x981e2f72845d45e4L,0xca152b877e9a7d36L,0x49666d457b582e8fL },
-      { 0xea3b9bda49fc20b9L,0x5bcbc84a7c71f153L,0xd346fc5d5748a654L,
-        0x7ac2f217622665eeL,0xbb5efe7fb6f16e27L,0xb1810a70644c9dc8L } },
-    /* 2 << 28 */
-    { { 0x98d089819bc5917bL,0x9f90885d187fac5dL,0x651b18287cfc13dbL,
-        0x2d606e4c8655a658L,0xba64d3c563c91b71L,0x36c7d7d8b82a5090L },
-      { 0x2d1dff02cab1d598L,0xa95788d7be78f90dL,0x1ac2ee6b0ea1fe01L,
-        0xc100b60cd5c1273cL,0x4496084ceae603e7L,0x7fcaaf5f77c2fdfbL } },
-    /* 3 << 28 */
-    { { 0xa93fec0861b06e05L,0x0bebc26b7dfe6802L,0xc00b45a5cce5662fL,
-        0x2e8a0a7f83a9a4a9L,0x6e0cdebbc0bbeb63L,0xc56a20fe63ccd80fL },
-      { 0xfc10fa08b51f1f89L,0x4848392020ad9243L,0xfda69cc66bf53af8L,
-        0x474b7440f10bb6c9L,0xcda9db3b1e7625e1L,0xe2f62c1e1dc7f3cbL } },
-    /* 4 << 28 */
-    { { 0xe8e3225a6abdd842L,0x8c85f18f3b367b02L,0xf147a4219f42edb9L,
-        0x6d4bc00d0d411d4dL,0xa1a13a2770014bb4L,0xb896d97bfa10166fL },
-      { 0xb2a1dfa70c302c6dL,0x0a24bd5d808a63a4L,0x8409a3a2f88c7359L,
-        0x071f3838347726a0L,0xd18a551c27507bb9L,0xe0c4cc34b359b167L } },
-    /* 5 << 28 */
-    { { 0xeaaaf4602a44610fL,0x94d330b10392ac47L,0x989b9b673fe123f1L,
-        0xe2ca56ddd8fd0129L,0x77d6d0cd624982a4L,0x55d4b2c371e1fec7L },
-      { 0x3e9a04a0360e013cL,0x1d227ea9c9cde585L,0xac2b08e24fed8f86L,
-        0xa1d1357ce199e8dbL,0x7cf06ec8e99cc964L,0xd9bc3a7fd85ec63bL } },
-    /* 6 << 28 */
-    { { 0x7d111c67017c633cL,0xadd9e9bd7d128a9cL,0x4cd8730c6db857e9L,
-        0x3c9c03e9f4b46d12L,0xd42f0242a78472dcL,0x3fc0bcb2260841bbL },
-      { 0x6332b11a8783f828L,0x65229d2af7be37ddL,0x402f28eee7e8944aL,
-        0x3d1bab505ab28372L,0x6944e82cad5e1ff3L,0x65a94c0de8c75729L } },
-    /* 7 << 28 */
-    { { 0xa151dcbc2f7f3633L,0x4305312a98969226L,0x947afc00604d46e1L,
-        0xc3c9d57572f3e28cL,0xce4c1cbd14b1cd1dL,0x8fe9a81df80dea45L },
-      { 0x50920f3a9685f603L,0x51d380f00b80d89eL,0x19978ba13f798e32L,
-        0x1294aaa6c5edde47L,0x280002c2be714a1eL,0xd998669ef212603cL } },
-    /* 8 << 28 */
-    { { 0xa44f6ef880e9d9f3L,0xaa7621e91d14d618L,0xcb0e4ed80eaf6671L,
-        0x2bf485f8181514a2L,0x74670e180a2927eaL,0xe1b5461612c14645L },
-      { 0x4068c0742a67ed61L,0xd10c7a57739063caL,0x391b651d698b2816L,
-        0xf310d1696da14fa8L,0xa089be6bd8a578b1L,0xa314b3a844389ad7L } },
-    /* 9 << 28 */
-    { { 0x688ce85068fd73ecL,0x2cfb41040db1f500L,0x5d943b8d5b9bbc41L,
-        0x861867f5403f3973L,0xc331110a2c766363L,0xb28a6bc153aaceeeL },
-      { 0x2ab6e7aaadbee7a4L,0x316ca45c2f2b9569L,0xcac646e561d2428aL,
-        0x6fd28dadc7cb6291L,0x2e28f68741e20ff4L,0x8cfe90eebd189d34L } },
-    /* 10 << 28 */
-    { { 0x09b8ed53339da6adL,0xe40727af26f54b8eL,0xc4a105979990fdb2L,
-        0xb808656b5108236aL,0xb4411363aa4bd584L,0x19e90149288a0328L },
-      { 0x5795d8a8fb0592f8L,0x313c68833213c929L,0x62eecb5b48f79d47L,
-        0x3afcfdbab29ca224L,0x0072847d40075b08L,0x078eef3dd1fe0c8fL } },
-    /* 11 << 28 */
-    { { 0x719b51f20ca20aaeL,0x01ad630824b47b92L,0xd32460c2d3c807deL,
-        0x8497786b0a1785f5L,0x8bd521355d714ee5L,0xc267724ed00f741eL },
-      { 0xe5578dca9c266820L,0x97ff60085b62d484L,0x84c70e92e3bd1869L,
-        0x412759e34dfa679fL,0x6bccc33fce497e18L,0xfb92405669056198L } },
-    /* 12 << 28 */
-    { { 0x664ff05368ed0760L,0xc3cdc99138fae9feL,0x3fe057aaf1f30a86L,
-        0xbae990222d08c72aL,0x4f5faf3f6f09e13fL,0x44461a4413d26b29L },
-      { 0xc2504c1bf95418edL,0x12766ea7db3ff26cL,0x2f956e9507a22399L,
-        0x2716e70f5a00cdd3L,0x80c020140e9fba99L,0xbe587ac30519875dL } },
-    /* 13 << 28 */
-    { { 0x5e4bb6b83b23d2a1L,0x819a7c7705c9888cL,0x59e4c48ad0fec7f7L,
-        0x4b212b21d6bb71abL,0x370cb90bcbf213f2L,0xf1ea07e0817549b0L },
-      { 0x20e3115351a37b92L,0x30f9e70158d444c0L,0x7ac3a37b0b791ab7L,
-        0xe456fd475265e4cfL,0x3e3f27ca29580ae8L,0x5d68a40daa2a1654L } },
-    /* 14 << 28 */
-    { { 0x14203d8720cbb917L,0x284e0c9db2a7424eL,0x99eb2911cefe7139L,
-        0xa709c50f42925411L,0xa5a7543e5c79a13aL,0xe262025c6f45f023L },
-      { 0x3966fd18828b9f40L,0xc660846913693115L,0xd7dfbcf644373027L,
-        0x8e73fe6bbade7645L,0x88267c7b1de0dbd8L,0x1231ac99ce4e8c9eL } },
-    /* 15 << 28 */
-    { { 0xfd928bd90ba99806L,0x799ac97d1a864172L,0x5436a8cd129682b9L,
-        0x4bcacda54e96fecbL,0x453af995c5db1451L,0x8fd382e07073b98fL },
-      { 0x17165b8a644a7bbdL,0xd17d2d80b6118620L,0x2a4bf1b2c8cd1bcfL,
-        0xdc7aad959ccc119aL,0x6d34084c3bcdbeadL,0xcbc5c5557e0663c8L } },
-    /* 16 << 28 */
-    { { 0xba86aec170128295L,0x83a09b65c12f35ceL,0x8978ff0789df2f80L,
-        0x85750cfd97a773d5L,0x806bb730fc3f35f6L,0x04503422fed868c9L },
-      { 0xdc0fcde086ffdbaeL,0x8f4297e11860f43bL,0xfefb7d028d3ad6cdL,
-        0x5c652b5997293550L,0x32e12942ed5cfbbaL,0x06192aaf98800d22L } },
-    /* 17 << 28 */
-    { { 0x9bb8cf660002f389L,0x217219af51505913L,0xfea1388999ef8797L,
-        0xad1b2383235597c4L,0x85ffabb70a3e3536L,0xd8235d9da00c725aL },
-      { 0xfa9b0f4ba704dac0L,0x99d76ddc2f57fb9aL,0x5ed3683b18428507L,
-        0x9e42bc54435307f2L,0x3167de67b4f36896L,0x8a0f99a0d539d713L } },
-    /* 18 << 28 */
-    { { 0xf0b92b8a4642d9b2L,0xce97828a3f50c883L,0xa33d62936f0b1194L,
-        0x23417e0f3692f5b5L,0xc79b9491fb0b95bdL,0x5410e8c95e836b2aL },
-      { 0x2b84078d29798fc7L,0xa8732e78d6628695L,0x39da93f898c766aaL,
-        0x0797832d305e464bL,0x246069ab163f9f4bL,0xb867dcef53fb6170L } },
-    /* 19 << 28 */
-    { { 0x949c63730ced5c37L,0x6f8cd6e4fdb6464eL,0xbea902ae2e056dd4L,
-        0x43871371fa0d560cL,0x162128e9e9ec2208L,0x84deda5c25060c6aL },
-      { 0xa8a8a27c14160ed1L,0xf24bf3dda33b53cdL,0xd12038a976a6d272L,
-        0xe64d6384ee8f2b15L,0xc404d580d3e91d69L,0x62cdb886a4888d17L } },
-    /* 20 << 28 */
-    { { 0xccf0fb423c9eb0caL,0x8703c6694aa03b40L,0x44c735a74001af07L,
-        0x9616dd932e874ed1L,0x5c2e8520474ba621L,0xddf13cd3fa93d8b4L },
-      { 0xd68c9b4575df1b67L,0x4cd242288f80d389L,0x0f1a16bcc09f47fcL,
-        0xc414dc6a9cd4842aL,0xbb0fa94f1f353c6dL,0x405124551950d073L } },
-    /* 21 << 28 */
-    { { 0xbfe176f2dfb520a6L,0xf51917bced96d0abL,0x8131985078b11135L,
-        0x6397f1288f006a55L,0x9877f30e576b5132L,0xe0cd103bec781571L },
-      { 0xb4bf74e5bcfd5046L,0x04333aa4be9cc561L,0xc6dd1dbc1e066ca1L,
-        0x03c926e1d3718e62L,0x13bf83d404309072L,0x79649ba0ba28ac51L } },
-    /* 22 << 28 */
-    { { 0xcb1a73c55abfe8a1L,0xe9e2e220deae1d92L,0x2d953d00514befaeL,
-        0x74024df9b7940bcaL,0x9a2cad0cd13f4a3aL,0x8790b699360795fcL },
-      { 0x63957f3b5e9982eaL,0x491bf3155b7d256eL,0x5708bd4dd23324e7L,
-        0x9f11ddd397c4c8c2L,0x1823762f5b7f5162L,0xc45a3976cbfc9dd2L } },
-    /* 23 << 28 */
-    { { 0x806134cd30731f5cL,0x04522c23487c778cL,0x99b6e6a1651640a5L,
-        0xe2d20ed87e9898d1L,0xcad25762069e56d9L,0xd4184f6e29ddfc7bL },
-      { 0x1017badcc1aeaa34L,0x7d3700e7f3c62e08L,0x203dcf8d5e42399bL,
-        0x05986c66b72795c7L,0x0b56ad9cc0925f02L,0x1f0e895bfe0e3bd3L } },
-    /* 24 << 28 */
-    { { 0x935b9e244d2edd5fL,0xfeb46fb5efb287b8L,0xa51700a3f5018b92L,
-        0xc328beba23864e2aL,0x113b5c9a995f70c1L,0xc0b11c22da1b5d51L },
-      { 0x9b99b907f4a360cbL,0xf4ee9995adf0b094L,0xf67c7cf2f94b3f0eL,
-        0x664a51a1dcaf10ccL,0xa3709ccce937a669L,0xea97bace4862f098L } },
-    /* 25 << 28 */
-    { { 0x62c7dd9ed537ed6bL,0x8a82ae7ccc168feeL,0x96fcf8d19d00a4a9L,
-        0xfeef6ec205096874L,0xc828c68969f4485fL,0xdc4903a6322563f0L },
-      { 0x5339cad7d3280a32L,0x42ae434909ff15cfL,0x94cdb7790bbb6af4L,
-        0x480f8a5515721529L,0xc2f9c4dc0ff28eb2L,0x9d2a405e1ff6e3d5L } },
-    /* 26 << 28 */
-    { { 0xfeebe7d29309e729L,0xd322c38aa30a4eb9L,0x18cb0ce12f4f5c8eL,
-        0x08a073a04262105eL,0x6ca92585933f888aL,0xf4a080c903ca1489L },
-      { 0x5e678c7949c8daf0L,0xcd6ef6ba5abfcf82L,0x61faba612a4fc564L,
-        0x7cacb3dcee0b306eL,0x9fcfafadb5aae2a9L,0x193e841c4b8fb04bL } },
-    /* 27 << 28 */
-    { { 0x4db6f5f07ed99ce4L,0x1257bd9c2456059bL,0x546c764b43d3590eL,
-        0x6d5062adebba72d6L,0x6858f04e2e8d99fcL,0x46554047b4eeee5fL },
-      { 0xff433f63535f2da3L,0xd76777542b76d2e8L,0xeb6be9c88e838a3fL,
-        0xb7a2d2c1145f8bf4L,0xf3ba128703bb278aL,0xd88cd51530c4a1a4L } },
-    /* 28 << 28 */
-    { { 0x51758334c942a3f5L,0x7cc01e8832182ba6L,0x772af25774de4fe6L,
-        0xb1b3c448e9667bf8L,0x71cb27388079caf6L,0x48890c641d823a40L },
-      { 0x47a5887b0e9edbdaL,0x916dfb0cbe089e5aL,0x3185090e1eb42ddfL,
-        0x3c7eaa13b7f3af26L,0x940ed8c79e9963b2L,0xd85e77db3426ac10L } },
-    /* 29 << 28 */
-    { { 0xf21b47bfd7bbbfa1L,0xf757cb309ea0ea77L,0x6df7f53783b2a6dbL,
-        0xb0808cf99eb8ed81L,0xc526bb6b64edb3b6L,0x24f1612068f72d82L },
-      { 0x3e2e6af8f01cee94L,0xd2e01f947847ca60L,0x079dac3539e68ac2L,
-        0xc30720b270cedeaaL,0x2f97f968fa6bf057L,0x2dba403babf6a743L } },
-    /* 30 << 28 */
-    { { 0xed99932452c802f1L,0x99f6864c5cb78b2eL,0x8f8a0a709b9c3693L,
-        0x0b931016e2f598bbL,0x7edbb1b3a614fc15L,0xa0321b50e79f74c2L },
-      { 0x834f3ee994bfa457L,0x5ffa9613006907b4L,0xa37e9b83d779b46cL,
-        0x7a21743cf33b791eL,0x6646b89dcc28a011L,0x9b975ef8e2ba76f8L } },
-    /* 31 << 28 */
-    { { 0x166c7151ec72cbfcL,0x3d1f2450c9e519ceL,0xfdcc648e7efc0fa1L,
-        0x3f5f90cf6db6d516L,0x8a5dd3df145830f8L,0x4d9938da4e5858e6L },
-      { 0xe598f9d4dede1584L,0x2de5a26cf5c8f4e4L,0x495b750f364e20f6L,
-        0x29291c445b718188L,0xe560d9ee3733ce27L,0x99b9d27d5b9d206cL } },
-    /* 32 << 28 */
-    { { 0x162cdf342efffd95L,0x92111fdad59086e8L,0x4478d114454eb977L,
-        0x8ce403d8dea38a67L,0xd459633b7435728aL,0x3a7be4e3a63b0504L },
-      { 0x0c74066b335dba3eL,0x4e8fb1d7c6ea6ee5L,0x3398b588a99690edL,
-        0x4949517c3ad77562L,0xf9824f09cbbb60eeL,0x9fdcafdf85660becL } },
-    /* 33 << 28 */
-    { { 0x368bea127aa62889L,0x6096730506e1046fL,0xe69be05e564f219cL,
-        0x064b9d7c01eab75cL,0xf16ccc9e0152981dL,0x708827acb178a3deL },
-      { 0x320f6a8a93248b89L,0x532acc568084908eL,0xe494cd1f6ab586d3L,
-        0x59c74cacabbdcde3L,0x3ccf84a62259abeeL,0x6657d1fad96bd141L } },
-    /* 34 << 28 */
-    { { 0x5d3a8252aa0a9dcdL,0x540e037af97fe26aL,0x4cbb768ca3f68f56L,
-        0xf9608732652d7058L,0x5fae0f9f72cea8b9L,0x1a7edfd97d980da5L },
-      { 0x9f00ee611791c34dL,0x6c95404c2bc25810L,0xabb1089e043a9faeL,
-        0xe36fe9e1a7881ae0L,0xf163dc460fc04e9dL,0xb6955f2f129c7940L } },
-    /* 35 << 28 */
-    { { 0xa22ebfc7c23bcd94L,0xa653b119684fe9f2L,0xe469e28646b59d70L,
-        0x0720daf3dad96b47L,0x5066df7871288c07L,0x7648d7d82905b5a2L },
-      { 0xc6ab9c5c0a30a65aL,0xa00539f34930712aL,0x6a64738c7e894bdeL,
-        0xd7f3a7459e8eafdfL,0x652a58ff8ce9f7b2L,0x7c9d02e4cb3782bdL } },
-    /* 36 << 28 */
-    { { 0xf26bd8618875d9e8L,0x22e2380dbea9c273L,0x5f15183791995508L,
-        0xb97f40a6648aa1c6L,0x7478f5f83977d848L,0x21e876ae35b57de6L },
-      { 0xf620b180a93fc7f6L,0xf49bd07e1b148996L,0xfb0857261c4f60e1L,
-        0x6a6653af7ad6b84dL,0x913a2d022e05b686L,0x94746629407dda9aL } },
-    /* 37 << 28 */
-    { { 0xc662b0f68a97c714L,0x69fbf7d1b8fbbb02L,0xf3bb5a9c5cdff85dL,
-        0xfade6eb036ee44f3L,0x6eb4b8266d0905c8L,0x6ab3e4a4391a34d6L },
-      { 0xf490046478e7bdb1L,0x8bcd4bf23272c400L,0xdf9a81b78d2c9573L,
-        0xb9a0ea166af43695L,0x3298a5d071fe768aL,0x53eeeb4333e87bd2L } },
-    /* 38 << 28 */
-    { { 0x87cdbfe6bb531d08L,0x384bcd0357957992L,0xc654e2c942008cffL,
-        0xd12b50285002e06aL,0x41a34286a67db410L,0x31a109d99d6b2c01L },
-      { 0x14d642da2ed35f38L,0xa06a846048ffd04fL,0x8291190cbdbeef68L,
-        0xc8106239e43bb0c9L,0x4d7aa992c4bea448L,0x107b86efba3dd9b5L } },
-    /* 39 << 28 */
-    { { 0x3d870c3144fc1cd3L,0x34409eec0085e7b3L,0x67d5c1340d0395e6L,
-        0x9c30dedae3f36689L,0x988ac951d268cc91L,0xdb05825bd2c9dfdfL },
-      { 0x30ccc3b75d349fd5L,0x63383c0f60c3a79bL,0x4f45c81732c71964L,
-        0x456679642fef028cL,0x82454c12cf4053f0L,0x7c1310fbed8077f0L } },
-    /* 40 << 28 */
-    { { 0xb8465d16da684157L,0xdadde1abb238faaeL,0xe2cd45e7c6b9bea8L,
-        0x7251d4a15cf413d5L,0x615cea8baae1765bL,0x75aa831813f36885L },
-      { 0x7d5b0bf7b8767cc1L,0xec38a8ff8022968cL,0x034805b62a07faebL,
-        0x916f9eb033b7321eL,0x34963633c0c577ceL,0x8ee07efdabb8d3ceL } },
-    /* 41 << 28 */
-    { { 0x498606fc2d15a409L,0x2398e109d5fdcb60L,0x8ed8fcbc36540c3cL,
-        0x94404e2bc1db3193L,0xe62b808b28db1c38L,0x545b60871ad1d686L },
-      { 0xe8bf6489740f4264L,0x7ee76fe71809505cL,0xaa95b8c86f45a011L,
-        0x9bd6111b55c715c3L,0xc5c736bc33165913L,0xf1e8cdf282f6c7a9L } },
-    /* 42 << 28 */
-    { { 0xeb09e7fa949d05b5L,0x49394c1b8d014014L,0x644874d73eb7abd7L,
-        0x89c666e5679d2a01L,0x6ea98cbbd315bc8eL,0xd919142a37fa5a26L },
-      { 0x042fbac56d0239b6L,0xbff2b086837c510fL,0x21e4d279d9883ed7L,
-        0x6416e0239713c2b2L,0x3742c6d14ea05144L,0xff591d8fd5b00fb2L } },
-    /* 43 << 28 */
-    { { 0x0ae21b83c138ed42L,0xf1b0895a2ff30df8L,0x4d5d634d9559c6e1L,
-        0xfd02f3a3098e5c4aL,0x7bc6b63152bb211dL,0x498a68fffb69f0ecL },
-      { 0xd6fd5f443e69b479L,0x5ea1877d8c740d2eL,0xfaaff5f0ca605f02L,
-        0xb3022f9839a03f5bL,0x3feb7c13aa253725L,0x119097a89dc33a73L } },
-    /* 44 << 28 */
-    { { 0xa0bd6c0da8a29345L,0xc676b6c55d7f5ef9L,0x303b6d7c20ad7259L,
-        0x06542a19d8fe09a7L,0x5a06653ca959014aL,0xf45fd79a5bcfe0cbL },
-      { 0x29058d984e583468L,0xf1bd25e60cd7afc0L,0x2a88246ef7dbe54cL,
-        0x680eaff835e0ef3dL,0x5942c97f726e59b9L,0x43e971398d5c0825L } },
-    /* 45 << 28 */
-    { { 0x6656b318f7378bf8L,0xf9a838df182f1a29L,0x0d62dc5ede475756L,
-        0x97564544585bcab5L,0x3e99f44c857a13cfL,0x8c3a0a940cbdde00L },
-      { 0xa7be375833dd2d24L,0x629040f1bbb1c7eeL,0x0bb2ced27f0eab7aL,
-        0xb86f1e1e9f474277L,0x60539a544a14ac4eL,0x9860f986aa90977fL } },
-    /* 46 << 28 */
-    { { 0x143fdef1fe944aacL,0xfd6700fdd24f606cL,0x5dad2e41737404a9L,
-        0xb16c5d42953abdccL,0x132b5cd995be01c9L,0x2bf605d86fd01c6bL },
-      { 0xed62526c8803881dL,0x3429579201788c26L,0x553f8e0f8d62ab25L,
-        0x3b2df9cf9850ff9bL,0xb320ec40acb513b3L,0x86d61c988875dfe7L } },
-    /* 47 << 28 */
-    { { 0xe5fbda4daab3cc32L,0x556fcd2535d469a0L,0x414673d91c02fb7bL,
-        0xc14ee9fd8bfe6a4cL,0x8ba0959d1133d9f3L,0x086a7c94e94338ddL },
-      { 0x92c2f484cdd5a1b9L,0x97bb21f6ea0e0f9eL,0x99756b285411da59L,
-        0x4b79c4663be739b3L,0x73502d3e706078fdL,0x6bb794100da7aea4L } },
-    /* 48 << 28 */
-    { { 0x2daddb11a406d4d7L,0xb02b5da5a2a33d81L,0xb73ce82721a6aa89L,
-        0x10919587467506deL,0x0927724c428d8daaL,0x0ede991f7c17adfdL },
-      { 0x8518dab1bf7ddb3dL,0x04b091c42a54e1b8L,0x5943c37f89e7a398L,
-        0x8e63f5e8e273f6f3L,0xc6d0352b83143d22L,0x30e43182ebd1628eL } },
-    /* 49 << 28 */
-    { { 0x9bc5af5aedf58e50L,0x31a3beeeb0d51722L,0x5789fcf98cd467aaL,
-        0x85d974897793faafL,0xcf09224ecc18f367L,0x4f293783ec7957b4L },
-      { 0xb044c854c0be350cL,0x027caaf72a63996cL,0x5341b3f3cb85de2fL,
-        0x0d261d80b106359aL,0xf63bfe7a8456af12L,0xa954c4400174c82cL } },
-    /* 50 << 28 */
-    { { 0xaf752854b02aceb3L,0x000c5c4222c194b3L,0x7e953b78ebd2e61aL,
-        0x44dd61b4b9d68960L,0x282ef4216d454ed1L,0xffed862aa402ca61L },
-      { 0x5fffddeed3e189e2L,0xf36379990daffe3dL,0x1b09a625857a8a00L,
-        0x3e64ff63c1ced62aL,0x9acc484d10b63647L,0x5a470aef3afc8675L } },
-    /* 51 << 28 */
-    { { 0xe21acfec09ebdbaeL,0x512c66a729b064faL,0x15c08e1191835db7L,
-        0x78fff5d665203a4aL,0x99259d961c73615cL,0x85b444b9f36024bbL },
-      { 0x4909772df16932deL,0xcc4a526899a3863bL,0xe54557bd2ebff8faL,
-        0x1a9b05b709bee4c1L,0x0d2ce396bdb2b785L,0xbd15bcec8ce7ef40L } },
-    /* 52 << 28 */
-    { { 0x606658a99991167eL,0xb8773e1572c4b43dL,0x6cb364cde025abceL,
-        0xafa58e9b0c5a653eL,0xa7e35a54134a68bfL,0xcb831d42ba4d9db6L },
-      { 0xae37348ede83ef97L,0x4ac64a6a62ddd553L,0x5feb5e0d715bb6b4L,
-        0xf876efae043424b2L,0x7b56a291ad91a9efL,0x817c7053356f3adeL } },
-    /* 53 << 28 */
-    { { 0x0dbd99249e88115fL,0xecb57472bc568c61L,0xfa4f4a47c1058746L,
-        0xb19006014d92c079L,0xe693577091026a8cL,0xebde8e65eefe8740L },
-      { 0xe8bc6b3480a93b35L,0xc1c8fc0635518beeL,0xf7f4b448a47cdd36L,
-        0xe4d040e0db4f3e42L,0x025fbdfb88345042L,0xfe6cc10f3fbe045dL } },
-    /* 54 << 28 */
-    { { 0x63ba344a1c20cb4fL,0x55f11c207e8cccf6L,0xe66e1641b5b1046cL,
-        0x51cf6dbe758a460bL,0xe786a81e91bb5101L,0x6f4a976209cd4365L },
-      { 0xe88b4d03fc565022L,0x46006d0ebfdf8ec6L,0x10a3e85781f4e635L,
-        0x28ea91360a4a2e82L,0xf890ea9e757b38dcL,0x89c6789261312e2aL } },
-    /* 55 << 28 */
-    { { 0x8ce54e2a65d9fc54L,0x4776c1f13bfc0c09L,0x5d15fced99476b22L,
-        0x2c5399bc1142dc7bL,0x6faef9d96c6ad87bL,0x4f238e48ca5126cbL },
-      { 0xbc7136d607849dc2L,0xc840ccb1e30377a8L,0x30e0f0373a371bafL,
-        0x5b8eef9bdfce4735L,0x1662184e514bb217L,0x010ebb8579e0918dL } },
-    /* 56 << 28 */
-    { { 0x3d6e8d6d8dff7dffL,0x6b6c194ad5be4ad1L,0x57b93f2db6fcd08bL,
-        0x99f09948f3761f23L,0x4062f3d6ac8b018fL,0x4b58ac05a27af72cL },
-      { 0x4abcc81504d0cdfdL,0xa50043e0bda4b02fL,0xe11297e527a9c083L,
-        0x2b2d8d529779c5b3L,0x3de3d330dfdecfedL,0xfe2487caae7fc522L } },
-    /* 57 << 28 */
-    { { 0xc510bb0b7e7a66ceL,0x54a3e0111332f2c3L,0x6331badedc885f5cL,
-        0x1a73c8aedc47d8b2L,0xc657edbb95d4e933L,0x30994aa335dc3ccdL },
-      { 0x832d586fafe5be42L,0x3392b07ad44de522L,0x1bcea9a62982450cL,
-        0x8237bf2b3709f75bL,0xfa4f2501ea9d03f0L,0xcf492df7bdacd276L } },
-    /* 58 << 28 */
-    { { 0x2d0f7f28af4ecf83L,0xc2863ae4d48229efL,0xc989ff3d7001268dL,
-        0x7f07adb6ba225adeL,0x1564c1db450a15ddL,0x3bfea98c6524d417L },
-      { 0xee3cd3ef2cc20833L,0x055c569dba767b1aL,0xef2eaf51351b1279L,
-        0x4e02b1d163b809d2L,0xf0e943d00a14c115L,0x2bb3bc3f32f55210L } },
-    /* 59 << 28 */
-    { { 0x8f577dd79ed385ffL,0xdbcf0548a1fdcac6L,0x38555497c2352ff2L,
-        0x33e2ed85eb9edab2L,0xbe4bd6db9e649ecbL,0xea3668f72c6e7488L },
-      { 0x841627b8f4b91b7bL,0x2d61a0f7d487c7a7L,0x1932b198142d1dc2L,
-        0x06dbb39a1a792783L,0x5be16e570bede1faL,0x4d3b197bdffceb55L } },
-    /* 60 << 28 */
-    { { 0x1c2fc5088f7a83e5L,0xa7c56233b9970c92L,0x949c71738bafa66fL,
-        0x1e299b2d5bbb0490L,0xb9a79e7c18fcb9e8L,0xe6372ce69cb5cc50L },
-      { 0x114fc628f465c6aaL,0xc55395208cb797f6L,0x7df94ed7a73ad211L,
-        0x41eb8e1f8e0cd008L,0xb028725a004cbb0dL,0x1340186d372c1656L } },
-    /* 61 << 28 */
-    { { 0x5162886c203a829aL,0x60dbd8d464416392L,0x60589a51b5a10685L,
-        0xa79ca259113476a8L,0xbf4f71100d7b37dcL,0x1a1b3fdf78bbb029L },
-      { 0x2954d3454799a0bdL,0x7459eac788c256efL,0x61ac72653800707cL,
-        0xd861f7764cc84f7dL,0x29f4e5bf84faae3aL,0x7975c9555aa1236cL } },
-    /* 62 << 28 */
-    { { 0x65f28419238c3c84L,0xf07d83ed90f1ecd1L,0x10307e1bf6567704L,
-        0xa94dddb389d17845L,0xaa56f72788f39175L,0x01cf57e2a7aa55f7L },
-      { 0x98f4340e77f21e8cL,0x8cd3e0a2adb036c0L,0x5c49ebf4af6b46ddL,
-        0x312a2c32455f6897L,0x52fb4f488b517f06L,0xb0f373d442beff4bL } },
-    /* 63 << 28 */
-    { { 0xd9694bd9af44f9ceL,0xaf2cfbbc1ee29f43L,0xaf352b1c880f80ddL,
-        0x3fdabd2142297787L,0xf5a2acc21c7916b3L,0x6154b3f2cc0d85f0L },
-      { 0xb9ff2bea0bc58e86L,0x359eb0750561c3d1L,0xbb5a318fb93be593L,
-        0x34af9320bff0b3b3L,0x3cbe89341d967c37L,0xd08e5f46a8e9a750L } },
-    /* 64 << 28 */
-    { { 0x4074ee27978029bbL,0xa9394bdabae0d0c0L,0xaa01d53972cecb4bL,
-        0x4b0cf1279a7dd9c4L,0x3e3e3f165bc787cfL,0xdf48f7e1942de53fL },
-      { 0x0cc69719567b9d0eL,0x631e33158d0d2750L,0x9fedc1e292314a09L,
-        0x7547d22614a1adcbL,0x405561a48662b86aL,0x149fa2b1f5480b7dL } },
-    /* 0 << 35 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 35 */
-    { { 0x923d0b44bda4aaa7L,0xced14ce4fee29f7bL,0x1656be009cf5b87dL,
-        0x13a37d0d1d61103dL,0x1d705880fb652393L,0x870a31bbed712ed8L },
-      { 0x15ad02e6ad7c21e3L,0xf004e447c36c2831L,0x56aa376cba2b3ffdL,
-        0xc3be2b2f9745443cL,0x47c8a870eb903660L,0x976c303e6c6c192dL } },
-    /* 2 << 35 */
-    { { 0x148bd39cf4fb80d4L,0x469b208cfff04e65L,0xf397fbe2ce548415L,
-        0x441e5c2c87fdde9fL,0x6366b49ffee9c179L,0x38d02bd32938dc71L },
-      { 0x26d450fac49c5444L,0x4569f95d2b23d3d7L,0x5f68bf4d298fd876L,
-        0xe86df047544768b6L,0x40b69a32f8491267L,0xcbf3adf9f917c71aL } },
-    /* 3 << 35 */
-    { { 0x32498d4d8125489cL,0x965e8d07a5a46ae0L,0x6cea5e47e96a7e29L,
-        0xf78293a4668039ffL,0x62548a96f63edd32L,0xe8e6af95a83e8256L },
-      { 0x76e60c3b0db6263bL,0xa1ee4b0621b3d668L,0xa17dbf8b9e49b0b5L,
-        0x4b29ba127eb366fdL,0x5e0ed781d29b565fL,0x8cb50d53199b36f9L } },
-    /* 4 << 35 */
-    { { 0xa66c703529aa3150L,0xd038a5ab479e61fcL,0xdee33e96b5ab5410L,
-        0xd068929c7c57d123L,0x0839a208f1d6ad37L,0x8f523dab123f8178L },
-      { 0xb3e5e524a67d3840L,0x88bda75e52eb59dfL,0x513a0ab7389f2dd3L,
-        0x3197a145890bba6fL,0x61add75b6f66bf09L,0x5c9dfc154eef1722L } },
-    /* 5 << 35 */
-    { { 0x66dc285007769b1bL,0xe07fb7414d71fac4L,0x5ae688a6c2abbe60L,
-        0x08ae92fadcbfd296L,0xbc291256b43044d1L,0x0e1d71ed9fcdf213L },
-      { 0xf0c5b28102485685L,0x5d3f9302e3f68f42L,0xbbbfac50ffe4f036L,
-        0xb5b5f26174fdba44L,0x4ebe1d070d746760L,0xbb0f7812c37f04b7L } },
-    /* 6 << 35 */
-    { { 0x810b6ab36df1199dL,0xc229308bb4f293b7L,0x3cf838dd89897750L,
-        0x3e391e4e7a336c9aL,0x70148337176f89c0L,0x54b15bacbc4f1e22L },
-      { 0x32b104f92c0f2885L,0x2c39cefa67034f2aL,0xb8310437bf178ac1L,
-        0x722299f5c99370d5L,0x0a493cf0332b93a8L,0x00e0ab41a420f719L } },
-    /* 7 << 35 */
-    { { 0xf25925434cab24daL,0x52be9bbce7c3b9c5L,0xaab7a8b64660d1a0L,
-        0x09738b819a9600f4L,0x58f0c86637de9e3cL,0x0aea5cc15db31f4fL },
-      { 0xe480406f499868beL,0x0d8fc7f0f6913a44L,0x7282364435f2e14eL,
-        0xb147b31045e37a93L,0xb1e7aa5bf15c1af7L,0xa8685068b03e7713L } },
-    /* 8 << 35 */
-    { { 0x21feb7fc21c34c2bL,0xab6a553addb0140eL,0x03a6557624b04e6fL,
-        0x2531f186342cb0adL,0x088c4d54a24f6426L,0x9a0ee15c06a873eaL },
-      { 0xdbe0253fd33bc748L,0xdad3339f5db8ac9eL,0xeaaf368173e65901L,
-        0x71f1fab2ccbfa504L,0xb7b845224b0e163eL,0xe0fca8373c779f3bL } },
-    /* 9 << 35 */
-    { { 0x710988eb46baf373L,0x8cceb935b57d5018L,0x1864603fa45fdf17L,
-        0x3dcaae73ef48e6d0L,0xadd9420b590322c5L,0x947783e39b135f67L },
-      { 0xfde763688bf5049fL,0xf00e4c182caa4023L,0x4d3b0f23d355b3d6L,
-        0x181fabcc20d5799dL,0x29499b40ab2ad0afL,0xf6e66328f9a938aaL } },
-    /* 10 << 35 */
-    { { 0xcd7b3c42bcbe922dL,0x2fe02b3b95dd1a5cL,0xeb66bcbd24ef5c38L,
-        0x7edcc21ce579c309L,0x7b19d49116f6c900L,0x36019ecdb6317c2cL },
-      { 0x554ba55391d9001cL,0xa5e30b9814f31e44L,0x3d1fe33bffda4032L,
-        0x5dfec4782306675cL,0xbe59305e000c91e7L,0x3c4e52a325a6b879L } },
-    /* 11 << 35 */
-    { { 0x02fcc14ec5ea88acL,0xca29bb6d56d093b6L,0x876aeda90e6fe94dL,
-        0xfa11a142d7225a9dL,0xfea3ca053d03fed8L,0x435854c6c54d5962L },
-      { 0xd770737454a6dfd5L,0xb8960017a3e55d02L,0xd4015a0c04d65c3eL,
-        0x397f93d1e98a1204L,0xb0efa2e55f3ed850L,0x18f244698a3ec67bL } },
-    /* 12 << 35 */
-    { { 0xa35802f5d62cd9f9L,0x0ca9c15d4148436eL,0x261a991d472b9d21L,
-        0xd81a1ed6a2f8e875L,0x942f213a699b6d63L,0x041a12fc0ae57758L },
-      { 0x61191c82bd70aabbL,0x3776eb8bee4c23b3L,0xabe23e8652511222L,
-        0x66dd967d30dabb91L,0x77650c597ed27424L,0x08ea2ebdab25a050L } },
-    /* 13 << 35 */
-    { { 0xa410ba3ab6cb5a02L,0x6eb40d15d07c5c6bL,0x0de81e9107dcc811L,
-        0x996f46eb2631b7afL,0x5a350ba75b7a22f3L,0xf42b24e7634159afL },
-      { 0x07bae0abc30952fdL,0x3488cda2d644e0b0L,0x23ae40d0e2111e12L,
-        0x650af54ec80cdb56L,0x0f33a30b7d4aa2a8L,0x4e8d3e98442a00e8L } },
-    /* 14 << 35 */
-    { { 0xa624ab3759a8bc95L,0x4b7e3fa61c971228L,0xe8229c4273aa694bL,
-        0x0cc31029779288abL,0xf8eff30f57575e0eL,0xee5e01947d52803eL },
-      { 0x32d87e558a78f632L,0x48a06031e454904eL,0xaa2cb8dd16c6e626L,
-        0xadd098ac2c140452L,0xd25f285d2d3031b1L,0xfb5fbbe175b59543L } },
-    /* 15 << 35 */
-    { { 0x2297041fd7a21503L,0xfe7738c2657f03f0L,0x994a8deb168fa34aL,
-        0x0c772e02a53c4fdbL,0x67f835d150124cd3L,0x0e0d26356993cbbeL },
-      { 0x9857ed845257f11dL,0xdc23a728ac556942L,0xf0e1bb29deb32a7fL,
-        0xb8c3c43fee0d70f4L,0xc294b0efc60ad214L,0xa4d438dc679067caL } },
-    /* 16 << 35 */
-    { { 0x520b0bb905c755e4L,0xa2c2c59bf89f0048L,0x85c1c73a73c23975L,
-        0x6e4dec49783aabbaL,0x69f0c69bb0463155L,0x61a42b949c97b17bL },
-      { 0x55af24a945d331a3L,0x4b0e63f8f5fe81fdL,0x4034283d708671c4L,
-        0x200ddab35fd9001aL,0xe45f28e4342eaf3bL,0x3e8375b41ba936c4L } },
-    /* 17 << 35 */
-    { { 0xcde014bbc613b1faL,0x5ad97babcdf992c2L,0x9fe05b9fea13e2d8L,
-        0x93b553e290c4031fL,0xd62bc0818c727bebL,0x284fb61f888306caL },
-      { 0xa63f8dcd1101abd6L,0xfe02dc120e962b27L,0xab169958115301e7L,
-        0x8822f954462209baL,0xb3ba3e721198428aL,0x9a73ed38d74c88f8L } },
-    /* 18 << 35 */
-    { { 0x7db497e17da2f887L,0x0995648b683f3507L,0x50e3ff74f5935bd2L,
-        0xdec083e2708c88dcL,0xbcc3bc3125129bccL,0x7a3fd7a80a407b41L },
-      { 0x46ab826c25e0ab93L,0x28e891ec54944cfcL,0x637be168f55c6cbfL,
-        0xfa34e9942a65216eL,0xd23e99afe3a43c84L,0x6d09d189e6fd958bL } },
-    /* 19 << 35 */
-    { { 0x8aa6ca1381bbd283L,0x3a0633f4ee167a15L,0x7f297c8b9e3b18e6L,
-        0xbead8a50c71fea64L,0xa11b2fdd457aebbfL,0xd7fc286f85bc7bd2L },
-      { 0x2922ae5bad1c9d9dL,0xa07741c2ef9ac174L,0x24dab2d457fa8f9fL,
-        0xd7078d946116a870L,0x4b45107834117a37L,0x19a4dd21c73c857dL } },
-    /* 20 << 35 */
-    { { 0xa2f9b4e4bac5d14bL,0x9f904a3eb8699164L,0x63585978fec79b4fL,
-        0xbcc9b60ebff45cd8L,0x2e515592a5d63de5L,0xc47a048c3bcc637aL },
-      { 0x0523810643aba777L,0xf6818e4c77e67aacL,0x9d5827d238f962b3L,
-        0x28a904c6a003988dL,0xc06bc833551f4575L,0x61f6bcc2221cffefL } },
-    /* 21 << 35 */
-    { { 0xf7cfbbe5055a5623L,0x1f8af775e66d2a5bL,0x0cac440268831d8cL,
-        0xd25185890d0e6f2fL,0xf17838a3182f90f1L,0xefdf6f20737f163dL },
-      { 0xc3198af0542242e9L,0xf77c3d28209efb0bL,0x1df6d0da8de7be08L,
-        0x22ef7367901a6590L,0xfa9b4af44b776d27L,0xdc49102c88ace4f6L } },
-    /* 22 << 35 */
-    { { 0x60c7d148bafa9cc9L,0x0afc5fe2516b87fbL,0x02e20acff795ff60L,
-        0xd1ba069151f32975L,0x8547e7f757be2399L,0x4bdf6abfa0d1b33eL },
-      { 0xc793832fa06077f9L,0xad55cccb2d874993L,0x5e217b27314387d8L,
-        0x744d7b06e7f2ec4cL,0x761aa86d24fa58b1L,0x41400d9657dd313dL } },
-    /* 23 << 35 */
-    { { 0xd17f68da759d20f0L,0xc141ca6827b7eaa7L,0x3796db8bdaff5c66L,
-        0x067119dca1e5220bL,0x174f11777158ddbbL,0xa80365d8cf8bf75eL },
-      { 0x0a79f74933567f05L,0x8c2826123c99bb4fL,0xe448c2bdcd6ae726L,
-        0x1ae05aac2ad4b0e0L,0xf90dddcb16442420L,0x37465a1ea75c28e3L } },
-    /* 24 << 35 */
-    { { 0xf58e05c53178468fL,0xa17c8b868328a2efL,0x1bb22cb44ce0c2f8L,
-        0x1ab807b51aab9089L,0x2aafa8c91e76fafdL,0x58cdf95fb4801546L },
-      { 0x2c1e4ef8d5d699f1L,0x1583a2aa4cd433bdL,0x571dcaec7f4f9b10L,
-        0xf62b696b27156c5eL,0x77d2443448820bb9L,0x94e4cfcc11dd3e55L } },
-    /* 25 << 35 */
-    { { 0xc3fd1feac00e6c7fL,0xf4e42ddabd322507L,0x1ce3e0da023469ebL,
-        0xf81769d2d788b1c2L,0x505cec4c62353342L,0xd4049907ba759922L },
-      { 0x9ff98f06618ee939L,0xfa63b3606bd55f31L,0x3fcce488cc4d2515L,
-        0xeb6e92e91d629e19L,0xcae4190bff892af7L,0x3e7b780dca80cb44L } },
-    /* 26 << 35 */
-    { { 0xbc923fdfaf54b58bL,0x2aef31d88767acdeL,0xfbebb8f07f28a3d4L,
-        0xce5feafe694fe977L,0x606afb0ac9da1ee5L,0x559866a0b74f7c42L },
-      { 0xd935191fdc85f22cL,0x5c3002d7c8ce3240L,0xecd278c198452214L,
-        0x665b3176821a3606L,0xce05a914baf26fb7L,0xa178860b60e4e8b8L } },
-    /* 27 << 35 */
-    { { 0x135c82b55000cc19L,0x34537edf8b2c55b4L,0xfcb6aac2b37acc8cL,
-        0xa882e25e8ce8d7f5L,0x531756e98c7ff1eeL,0xdcdaced9ad6312b0L },
-      { 0x309a469b7f3aef9dL,0xf306e32588d8772fL,0xe7e6f3abd4dc0d90L,
-        0x816b01ae49878940L,0x1cb084e84ba5e2c8L,0x395af25b005d08b3L } },
-    /* 28 << 35 */
-    { { 0x3832cfd59093efcaL,0x3fda8380ed8b34d7L,0x874ec122e2bd4004L,
-        0x3761e9c44270b9ccL,0x6eb2fb1166e640d5L,0x2a45ad23e6dfd0fdL },
-      { 0xdcb3272bf8dd082cL,0x7d84341f17486485L,0x0f46b1fda4ca2644L,
-        0x81a1ab1e82baf37dL,0xbb1d72713b322f65L,0x1571e326f4038252L } },
-    /* 29 << 35 */
-    { { 0x4e00aa41d9acdec7L,0xb2b701bf9f80dff4L,0xc366ce97d5e71e0eL,
-        0x28c2b4e9ed09255bL,0xef54a1a535086ba6L,0xee2e43f2a1c8b39eL },
-      { 0x346f22f5d9143a78L,0x71fc5c06f1053377L,0x1789f7644737b5bfL,
-        0xc9f83ee8b0df2648L,0xf91a29e9073ee793L,0x18eb801e3ab450a1L } },
-    /* 30 << 35 */
-    { { 0x1c3df0914085f0b6L,0xc60c47f5cede211bL,0x7bdead8650b6e857L,
-        0xc68645be2cf9aad6L,0x8d970a94d01540f6L,0x9346f253782ec6a1L },
-      { 0x3da31263c1b23981L,0x53076158dbabfb68L,0x22947b9f743dfba4L,
-        0x872e60061c56f47aL,0xe973d81c2b3b8417L,0xb98216184b1fed56L } },
-    /* 31 << 35 */
-    { { 0x29fa699b8873de48L,0x64f9e1124932447fL,0x4fb0e009e4c20d43L,
-        0x748a0cdf78016262L,0x4891badb7bd23ea8L,0xf1300a437f56368cL },
-      { 0x178efa9de8f1f8bbL,0xc31cdb4098a31dd6L,0xc2d5bfbad2c43f9cL,
-        0xf377e2cc8678d990L,0xd42d274808d19833L,0x2d72fd4de5ad5e63L } },
-    /* 32 << 35 */
-    { { 0xb083ba6aec074aeaL,0x46fac5ef7f0b505bL,0x95367a21fc82dc03L,
-        0x227be26a9d3679d8L,0xc70f6d6c7e9724c0L,0xcd68c757f9ebec0fL },
-      { 0x29dde03e8ff321b2L,0xf84ad7bb031939dcL,0xdaf590c90f602f4bL,
-        0x17c5288849722bc4L,0xa8df99f0089b22b6L,0xc21bc5d4e59b9b90L } },
-    /* 33 << 35 */
-    { { 0x44e6089f006e422dL,0xb4a99bc45b029c6eL,0xd14bd00e6f289edcL,
-        0x8ebbedfa25c50773L,0x5bdad80851d3ade5L,0xe4e70c3094727960L },
-      { 0x29b759e863ab2622L,0xe20ad36b134d5982L,0x27c8387f4070e06eL,
-        0x9fae222556593896L,0x299a0f0c3b199172L,0x476fe70977a39ca4L } },
-    /* 34 << 35 */
-    { { 0xc91a3d2ef4d0d8a4L,0x450193a819e05a78L,0x0e59e0b89eec69eeL,
-        0x2ba20f00138fbf46L,0x5c9fea780e8ae694L,0x62c81c8cc6b73372L },
-      { 0x2a1df446ff0997a2L,0x929364ab692bb930L,0x4c4a956436cb618cL,
-        0xc55020a0526be5dbL,0x151f18a02c64c026L,0x2ec5becd61724143L } },
-    /* 35 << 35 */
-    { { 0x139c7d788713439bL,0x46f7bd4b1e19b1caL,0x74259a28b47977d7L,
-        0x89a912cb8ab1817aL,0x4428e45f06419142L,0x11b9c4836b34a2d5L },
-      { 0xb613563a29487118L,0x81f4502ab6249a60L,0xe28685843d4ddecfL,
-        0x138c97297bd250dfL,0x733f2201aaac4593L,0xee6b85ad5d061887L } },
-    /* 36 << 35 */
-    { { 0xbff288ed74006fd8L,0x388c5a34ded657eeL,0x47d400a2d61a2995L,
-        0x54c684af1eba1f65L,0xd1ba6975b1b4452bL,0xb23dda26f2f8283aL },
-      { 0x6bff7acf86803147L,0x839571e5e8ea5923L,0xc89e1048dbc4ccc5L,
-        0x1fa0221120102232L,0xbf7b8f902d4e4406L,0x14c5de43576aba0eL } },
-    /* 37 << 35 */
-    { { 0x6c55807bfd2f9b11L,0xb01d9f7239e338efL,0x94f6531135628879L,
-        0xae51cf0b0ec6f5b4L,0x387223cfd36b9719L,0xeeb02cc6f2fb192cL },
-      { 0x867611ec43c9e89cL,0x5b15785f97930887L,0xb792b88b57ab078bL,
-        0x0c54de110bdc03cdL,0x5785811a30d0eee3L,0xb73bb98436b88b00L } },
-    /* 38 << 35 */
-    { { 0x0d0ba3c06fba6f94L,0x7f7e0f5cf29713c2L,0xa8cce53ba6b94d6cL,
-        0xbea99382df40fd27L,0xb3ff1c56bcd4f8b2L,0x19124644418f108fL },
-      { 0x6fc5260727c26f18L,0xbc5e23d682c7c8f9L,0x12aa5e8e099b8cb3L,
-        0x9d94d88614c579f9L,0x5c629d7a47395f32L,0x9cd280633efbbea0L } },
-    /* 39 << 35 */
-    { { 0xf0bbf8e88edb7b56L,0x9a76ad71adeb43ccL,0xd99a92528643e982L,
-        0x6468ff05cf17f5b5L,0xe6589476d56b985eL,0xdca4273cbe446b3dL },
-      { 0xd430e3a47b9dbac1L,0xe075c00f4cfe735dL,0x3ba43fef12395845L,
-        0x6895f0c3dcb49ce9L,0xd868006aa92843dbL,0x968a8ceec0d5bc9eL } },
-    /* 40 << 35 */
-    { { 0xc0387b57f440fe92L,0xce8bad38e291c443L,0x022052e5f9e88be0L,
-        0x6f949fe261615c9cL,0xf4874e2d84725fc1L,0x06fb244b73a394ebL },
-      { 0xb70553c678208bd8L,0xab1829c028704d28L,0x1453ee1a807b160bL,
-        0xa1da80c34649d33aL,0x072e02e056c32ee1L,0x79baa98f3f590646L } },
-    /* 41 << 35 */
-    { { 0x1613a710b0fef3f2L,0x9ae438012edeec54L,0x07824d08579c3130L,
-        0xc2beaf806ba2b1fbL,0x7df3c459fc9e85e5L,0x8debf613dbd63acbL },
-      { 0x2774ab78f04f3526L,0x36e7ff55a5285219L,0xf2adccaf4ab04c77L,
-        0x14add3d8aa43fbfeL,0x387e4965e3026ac4L,0x154801a1c77391ddL } },
-    /* 42 << 35 */
-    { { 0x28687291933bc404L,0x6a13b0cc9ba35fa8L,0xd3d1746931c5d126L,
-        0x1c81ce5df9727cfbL,0x14f66be860b464eaL,0x0bbdefb8c10ea9f6L },
-      { 0x5679a0e5e8d06c95L,0x380161d83dbfd6e3L,0x6cdd31f20523e6d1L,
-        0x2ff419e0c4b4c439L,0xc7439153e217782cL,0xb1b74383f6dc5d95L } },
-    /* 43 << 35 */
-    { { 0xcf0d1d2d03746e38L,0x8476c982916e077eL,0x93de41516dfdc6d3L,
-        0x15010d26b78cf13fL,0xbab5a5de97cb08c0L,0x37f0673014a31939L },
-      { 0x777c709f6819b0f4L,0xe3c2d2f7114a32e7L,0xf0227e19ec047092L,
-        0xe1416f34b817e1e1L,0x4d7db41419c6c3f6L,0xf12a13a9d01aecb1L } },
-    /* 44 << 35 */
-    { { 0xa09e68e61f023abeL,0xbc432449aae2d6c8L,0x61e22f727cb683dfL,
-        0x0b5bbc0fd81a0e89L,0x18ea4e774581f128L,0x28df9961cd70a12aL },
-      { 0xb0d3b19f8b8bc10bL,0x0805d1439844e7f8L,0xe3ed3d40675ab6a9L,
-        0x026d1200f75e2859L,0x1802457b8bb10969L,0xf94c62b3eadab8caL } },
-    /* 45 << 35 */
-    { { 0x518e9c4220d03ce7L,0x6c44676187811010L,0x07ff38f99d9be611L,
-        0x5c2bac105cf0cfd2L,0x4e5cc677d5881c2dL,0x02dc395f08e39281L },
-      { 0xc3ef99142044f4e9L,0x0203508c20c8c831L,0xd1276c030e0524c9L,
-        0x5525c0af5402f999L,0x5c9a43aa49c2371bL,0x6d7b6700d28cbb59L } },
-    /* 46 << 35 */
-    { { 0xdec3ab0f7bae55e1L,0x6bae4baf56152625L,0x1d597c0c839b5d6aL,
-        0x243692a966b3b169L,0x37f2ca8eb01c6d34L,0x5baa355aae5c05baL },
-      { 0xe0b84c28af384b13L,0x6a2c9386667cd513L,0xc361a75d78319608L,
-        0x0c317ac596ca528dL,0xe243aa8672f0a5e0L,0xedcf9f5fa1d1677eL } },
-    /* 47 << 35 */
-    { { 0x88e5cf3f74a0a7d2L,0xa25a3883cac23d4fL,0x7be2fc2ba6eb3d72L,
-        0x188be28d391326cdL,0xeca6aa726f3db24fL,0x237cd6f70b9a11a1L },
-      { 0xafeca5436fecffeaL,0xa32291510e6d18f3L,0x46699e2500dd8b76L,
-        0x5edb4b1a331eaa12L,0xecf6d8a472ce0658L,0xd91af8da6b80e9e2L } },
-    /* 48 << 35 */
-    { { 0x7af5da7b63ec62d4L,0x74dc387261dbdee2L,0x7d08dbd360b519a4L,
-        0x4e785f79459ef257L,0xe3e7d5a485fa9e7fL,0xea60c815e9b5665fL },
-      { 0x2e570d18c209caf9L,0x7bae108371818d1eL,0x5db42a0a398d749aL,
-        0x149740ff4f555604L,0x72e4f06bbcee0abdL,0x0ecc0cb581ad0830L } },
-    /* 49 << 35 */
-    { { 0x43550eea0a34451dL,0x8b0b97e9c3aa33e3L,0xdd974528da22dbdeL,
-        0x0337c64dabff3ed2L,0xb50da9e9230cc211L,0x931f891c004d17d0L },
-      { 0x8b7f9ccbff366019L,0x5483938033d76a4bL,0x52fceec1950ef740L,
-        0x5b19b50cd18125d1L,0xbbb661f55b9011c7L,0xfbf0ec747beda7fdL } },
-    /* 50 << 35 */
-    { { 0xebca6bbec047276bL,0xcda078e05c3018c5L,0x4620dedda223af10L,
-        0x962f389ad02fd60cL,0x901fab93baab3894L,0x5ecbbd7506eab11eL },
-      { 0x865dc95e62203b9cL,0x04a599844acf85edL,0x877e94647607236eL,
-        0x09592a5684609563L,0x6535176ace76d699L,0x44f2d997ce8812e9L } },
-    /* 51 << 35 */
-    { { 0xa09c9ab62285b330L,0x6058d94a9b145627L,0x7b4b4141da3c3571L,
-        0xc9347a16033b665cL,0x95e9b4f01a33d052L,0x35520f3cd46c67b1L },
-      { 0x24938cb136042a9aL,0x5eeaec9de73b7354L,0xed47914931f08616L,
-        0xb0187b2b713a2114L,0x03c49947e3b76d73L,0x79b5778a2e94fc7eL } },
-    /* 52 << 35 */
-    { { 0x6bb19d2162de1ccfL,0x3810bdb3339162c2L,0xeb56c72b6aa09df6L,
-        0xac66c58d1d415050L,0x922cd7e74ad9cc85L,0x09e3585f91168090L },
-      { 0xffc9a98d31b918a6L,0xc273e186c73c7513L,0xd506753f12a77342L,
-        0xe288a471e5edd613L,0x0f358d310cacf05eL,0xfbadfa2d9a63fcfcL } },
-    /* 53 << 35 */
-    { { 0x020e282989cf155bL,0xa1fa6eaac7f481edL,0xba422e09c5c89724L,
-        0x43da4df7cad8186eL,0x1bea459cba3ca738L,0xe9f0afdd0c64bc9bL },
-      { 0x4c3b3b8e3592686eL,0x7e6938a7b43ea3f7L,0x8e01a54e7ba7dad8L,
-        0x33ecd36ea9c68839L,0x1abd6e125e7e993bL,0x29947e126531feb6L } },
-    /* 54 << 35 */
-    { { 0xb0fe9b7912a193a0L,0xfa19ad4be4bbd264L,0xd5bf0e5409918851L,
-        0xd07d8e5729cf45b0L,0x228e67cc7744259dL,0x786ea24843ed0fc4L },
-      { 0x7f700231873cd08dL,0x394db4a70ef49109L,0x699047c06a8197f7L,
-        0xf5b168443021ff8fL,0x4c8bb55026621cabL,0x6f28b013065208f1L } },
-    /* 55 << 35 */
-    { { 0x2fb3a7601f809545L,0x8006902ae93849c6L,0x37cc848c9bd9e1bcL,
-        0xf4cd31559d0f6340L,0x357772ac4baef442L,0x0f46d0f77d533f1bL },
-      { 0x4121411fd9c12bd0L,0x304083dedb70e364L,0xff6b7a1ccecbeb3dL,
-        0xb444b5972aadc899L,0x29ec79bfdb8b3731L,0x864d8d917fbd8982L } },
-    /* 56 << 35 */
-    { { 0xa79feacac241c5bfL,0xc86df4c017861e6dL,0xaecd1722a699282eL,
-        0xcce5e345a0464190L,0x0a79c23deca4f6d4L,0x64603ff16a6e7967L },
-      { 0x02e24234aa7312c2L,0xa9e1fc7791a1b587L,0x1daef29f94526a4bL,
-        0xa7db710a62ead861L,0xb387fec78869446bL,0xee2171015db19f08L } },
-    /* 57 << 35 */
-    { { 0x79a0feabe64fb245L,0x5799eea096a4e94cL,0x2592e7a333b063a6L,
-        0x2cac3c2ef1063574L,0xb9cea04a7f4755d4L,0xb8e40abaa0bf858dL },
-      { 0xe1723d963ffa32a3L,0x6547b4402701eb1eL,0x16ec552a4da9b337L,
-        0x75f7f4a8fe0555eeL,0xf97e465014f1c2b2L,0x5495fce3d9ccf8a2L } },
-    /* 58 << 35 */
-    { { 0xffd160fb62c1b457L,0x62efe01fc4d91f7fL,0xc54f75b5208dd413L,
-        0x089514d3e78124d0L,0x752a9ae8c2945054L,0x466636fbdbffa78bL },
-      { 0x32936281a265949eL,0xd657c0f084b4d11fL,0x199d8641af455a47L,
-        0x1eb24cc7dbd9852aL,0xd2ce80f856bfbbafL,0x1b31b23ceb862890L } },
-    /* 59 << 35 */
-    { { 0xc866d2a5fcd5aaf4L,0x4ac2b7f57e21250eL,0xa78cd3cbc50b4a92L,
-        0x2485c3435a5c541bL,0x555db4dc7ef371eeL,0xcd9d6d9c1304f782L },
-      { 0xae86a22974b4d57aL,0x68c93bc8dd4cdd8fL,0x7b95411098b9fd49L,
-        0x0dd480b9399d8d4bL,0x0e27be29f2665c52L,0xce8a1ef9d920a5c8L } },
-    /* 60 << 35 */
-    { { 0x10a6bd0cfc0395b9L,0xe30bf6d06a5e8107L,0xc8aa2483167930d4L,
-        0xee75885006e7e1c2L,0x4ee64cfcedcb7788L,0x9498e9bbf2f1d7ecL },
-      { 0x084d2350ae0fcdb4L,0x4398ee677f4d25ccL,0xc1ddca395db85bfaL,
-        0xefd4819747961197L,0xbd16037f2265195cL,0x1c61a6fc56daae6dL } },
-    /* 61 << 35 */
-    { { 0x640cf6b17f7c8c50L,0xdffddf2209d44051L,0x837275314e3c038eL,
-        0x3164d1875aa8d8a1L,0xb37590bcfceb1066L,0x5e4fab4200d489f6L },
-      { 0xc1e5dca3f8105ea2L,0xfdd1b0751c7f8679L,0x571d7dd14f14ac54L,
-        0x84cc453155cfb741L,0x49d0b1be48823448L,0x8365f1f3f798b5d9L } },
-    /* 62 << 35 */
-    { { 0x9f2409cb6a564a3cL,0x9266799ae5134e54L,0x39aa3697fac47921L,
-        0xdf3db1f32c0b4dbdL,0xfa37a085f096ec03L,0xb99cfe05afaa0f3fL },
-      { 0xc9e00e43df458860L,0xbeb7e60ace2bb0b0L,0xdfe2be57cac8d7e0L,
-        0x6ec03d799162b2ffL,0xdfe3a6225d1122dcL,0x9f04dcc8b6014310L } },
-    /* 63 << 35 */
-    { { 0x30471bf9b42ba5c0L,0x19073fd0c9d26763L,0x92817e8059c1017cL,
-        0x29248f743da195b3L,0x029d7e7be928767bL,0xf1a3a08a049a0080L },
-      { 0x8ec4f3e6e20c1d68L,0xae815a11f3ad30feL,0xdd0a6083f76f43afL,
-        0x197d29fe49465bebL,0xf1a40ae996316f4bL,0xec47d65e59bafbc0L } },
-    /* 64 << 35 */
-    { { 0x6f57752951c2bb65L,0x4a0c1c284b874bdbL,0x19a1842778b96c6dL,
-        0xa674f9922f593505L,0x5abeeec46b7209d6L,0x42d15d0147cf5fffL },
-      { 0xe24509b7b49e3b4eL,0x81be939c639ee6e8L,0x7f7daf595761e8e3L,
-        0xed5cfcb8d420a288L,0x365b29eb7a0ff696L,0x7d14680599a1ac8fL } },
-    /* 0 << 42 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 42 */
-    { { 0x9ee1ec3aadcdaa68L,0xd98c498fdcbb6548L,0x32b9737588102ac0L,
-        0xdd296cf9c08527f4L,0xb74f8145fae3dfbeL,0x84131eb96cd7cc4fL },
-      { 0xa0f2fe7a927ff15bL,0x6b0ade4deee1a4b4L,0x6e7df2d40eeb90a7L,
-        0xe2f46e20be4de684L,0xcd28feba3fdd06bcL,0x8e4205aee6d6d9f6L } },
-    /* 2 << 42 */
-    { { 0x35d47426f78d33efL,0x4af25db28440c42cL,0xbd6a15e22e91bf5eL,
-        0xe366a84cc08b6b1aL,0x759c122f55b97de8L,0xecec558f08a03f29L },
-      { 0xdcc9fca2ea9d2060L,0xb3e49b8e9f361fe1L,0xdeae39029b59cd04L,
-        0xf532ede06f5e5bd4L,0x84fbeeb936099f4dL,0x73576b1f088d2052L } },
-    /* 3 << 42 */
-    { { 0xee43828c6b512bc6L,0xf73dc9f550b91e60L,0x68f23f30f5dbde6bL,
-        0xaf2fe9e3ddd15e00L,0xfbf34dae86578d49L,0x689796556c130010L },
-      { 0x137a5fc309942897L,0xff1f0bfe9959f06dL,0x2dd0a04abd7ee14bL,
-        0x59c46072e54e2161L,0xf470bdaeea7518adL,0xce556e4340c471cdL } },
-    /* 4 << 42 */
-    { { 0x2ba8c79022b25f2eL,0xf4670a511af0f4a8L,0x6842f36a2fc2451eL,
-        0xfc5c9558bb91e1e3L,0x035d1dfcc3ead762L,0x3d0721cb031e5556L },
-      { 0x3af0cc813af18a2eL,0x7888cee2bd11a363L,0x80c3de0a6ade1d12L,
-        0xe8c3a5bd93b2dcb5L,0xe3adbd7c90a2214dL,0xfe8646d51192948dL } },
-    /* 5 << 42 */
-    { { 0x9214cd4bf1c7ed94L,0x4887c7c63738f386L,0xa72ba72bf623e542L,
-        0x3c52a464f67d6004L,0xcdb6171d09b9a4ffL,0xe5eb77d160aba627L },
-      { 0x7aa9836f39d6afdcL,0xa3fa3a520e0a1e18L,0xe90bd925dee3a4c4L,
-        0x47e8eeafd9a94dcfL,0x34302a4921e16feaL,0xe32a62eb8ae23949L } },
-    /* 6 << 42 */
-    { { 0xd1d70db31df1d1f2L,0x22ebc9bd9fec1f42L,0xde5ac585d11d3205L,
-        0x0e4584ab282d4d6eL,0xc87607928f78b85bL,0x48a85682af1fbb6dL },
-      { 0x64d012ceae0947bfL,0xab792bbf25e22366L,0x250d40d4a3a030deL,
-        0xe9b49f0877e26b9cL,0xe7d30c828c0f2249L,0x2b77b40b97c676a2L } },
-    /* 7 << 42 */
-    { { 0xa89144b89efc8fe2L,0x23625c36e13b79c9L,0x4fdea1d3a047ad35L,
-        0xd0b0ee0d4ae78e01L,0xc224b3f3eac4e606L,0x4360e8acfa41bd81L },
-      { 0xb2c69238062437e7L,0x86ce8de0decd1245L,0x2ce4be3dfa9d07bdL,
-        0xfd09aa853d268d06L,0x4cd874264a162aafL,0x1b28f72e9d45e849L } },
-    /* 8 << 42 */
-    { { 0x65026297ba958101L,0xbeb4adf98eef151dL,0x623763a460c8bbf7L,
-        0xfa8f5ad78b2a7120L,0xfd744bdf085497e7L,0xf9b6f97e2ba35618L },
-      { 0x0cebfe9df8a15e86L,0x47a6d01329576088L,0x655817a3fcf19627L,
-        0x30ab44f7c2f11261L,0xbb001c9dddf2c850L,0xb45c7eff073260c3L } },
-    /* 9 << 42 */
-    { { 0x609a02d031716f88L,0xdff6246c45421ce4L,0x544f3162142838d9L,
-        0x8842dcbe36b57d38L,0x2818919c57f561e2L,0x87f5acca318373aeL },
-      { 0x42773fb72edf1501L,0xff92c38648e9d8a3L,0x21a81668ccd5a860L,
-        0xbac5cf837328cee1L,0x7441f749ddc53a05L,0x987d3a1cb5abe243L } },
-    /* 10 << 42 */
-    { { 0x3b7c44f8fb90e50fL,0xeafeda047cc384fbL,0x9a33e377de65e34eL,
-        0x303f568095094a58L,0x4c0f2e932292809cL,0x920c9c12160b30f2L },
-      { 0x31d14e1414b268d4L,0x9964173f1eadb1dcL,0x8e22b362eccb0f39L,
-        0x81dccdf83bf9ece1L,0x8e2fda43a40503b1L,0xdb647ac13e112199L } },
-    /* 11 << 42 */
-    { { 0x9c23216f096c21adL,0xae259a6d41fa37f2L,0xefe0a8c9efe96f6aL,
-        0x5631701dd6a27744L,0xed8d0219b3017563L,0xbe2723bca0867a0cL },
-      { 0xe02bcb56687b62cfL,0xf26c0f77b96f66a9L,0x43e46251fd16fa3bL,
-        0x206a180a44033302L,0xcfa96b556121888eL,0x50567a7789dabe7fL } },
-    /* 12 << 42 */
-    { { 0xb08fb1175cf3e702L,0x7379b1978023df0aL,0x73aefc7b6f954966L,
-        0xc0fb886f76bd243cL,0x871eacc5ce09d5a8L,0x9f55b0a4e773f049L },
-      { 0x92945c84415d725dL,0xcd57391f0112ad84L,0x4762bc1d0509d73fL,
-        0x15cf97f10f1af175L,0x1f855695328c160fL,0x32cb87263b439f0cL } },
-    /* 13 << 42 */
-    { { 0xb27e344ae6361abdL,0xa53690eb474027a8L,0x500db02d683a8ef4L,
-        0x547ecd17819df66cL,0xc35cd4cc91360e21L,0x6ea003a16026dfedL },
-      { 0x45e77cda22395207L,0x1e8e103f91264683L,0x130f2d2b3bd6328eL,
-        0x6ae25c819af8973dL,0x6b0f90a0d32d7134L,0x0280a95755c62195L } },
-    /* 14 << 42 */
-    { { 0x23781958cd8bb5aeL,0xe3d30c5417dd827aL,0xf974e0076bedf762L,
-        0xd8154b6273264accL,0xf10fd9bb167b9396L,0x967c5acbe9652a0cL },
-      { 0x46775025a28fa76cL,0x17ac7cb32ece9d3cL,0x5fd8968ce04a833eL,
-        0x96ed5b49fcd20a43L,0x1d209e85289f9c68L,0x4d7473518ce51950L } },
-    /* 15 << 42 */
-    { { 0x6f5c8f3475214c1eL,0x3d5560bae192d11eL,0xd8a63ff0d7af2e6fL,
-        0x5fb858be9069fe09L,0x83956dcd8cc663f9L,0x52d30c3b838bce30L },
-      { 0xf354f6d75569122aL,0xfcef54d1fa68f566L,0xc75b01e79020dfe9L,
-        0xaac66895774b952bL,0xb2a58a299468cebeL,0xa994a3b487c81a42L } },
-    /* 16 << 42 */
-    { { 0xfa7d1236e2319f38L,0x9ba1a1c0a551d3feL,0x9ea27288beb1282bL,
-        0x1c069efa07fee8a9L,0x5749c7b55870fee9L,0xbedca76fafcec6faL },
-      { 0xa3f8f1b14c63c5e2L,0xaa1bb15694758ac3L,0x753329a9b59dc06eL,
-        0xfa8e5f5b98a92c38L,0x6b6f46fd3c2b4662L,0x716f41a1ec04c6c6L } },
-    /* 17 << 42 */
-    { { 0xa882aa6389201dffL,0x3441fde55bfcde3fL,0x220cca60cb543f54L,
-        0x2af1cb29d764d74bL,0x47ae56d0517617c6L,0x05b98dee0342bf55L },
-      { 0x214f4b11b4e28cfaL,0xa6ebcdf5093691ffL,0xe49ca185f61d29acL,
-        0xd304ac40fd8c9018L,0x196161a0f889b7c7L,0x3b704d52dcfc6c91L } },
-    /* 18 << 42 */
-    { { 0xb405aff88886500aL,0xd88008bebeeabe24L,0x9457cdf30bc931b2L,
-        0x8e5fd378f4c5aac1L,0xdec408107bc2bb98L,0xf86424c598b16f6eL },
-      { 0xb6af27b634df75d8L,0x1bd3082125943a31L,0x51176cfcec993c24L,
-        0xcfc1433accbd192dL,0x324a5e1e2993be83L,0x34169fc1d06215adL } },
-    /* 19 << 42 */
-    { { 0x41aa181ad260133aL,0x627dbe0346e236d2L,0x717fba9cfb8cc72bL,
-        0x6e21d03d69bbc9e7L,0xd903e845241abdecL,0xd17879fa3c20cb6eL },
-      { 0xe6141bd463a360b8L,0xa784a651e86cdcb9L,0x80fe8dd11f9147fdL,
-        0x641241c6de155420L,0x1caef32ba71f3546L,0x28c3a51a79fdf82aL } },
-    /* 20 << 42 */
-    { { 0xaa16c27a84a3d033L,0xc207a4990c11c9caL,0x7ae2d193aae87c9cL,
-        0x125ab459916d634eL,0x02ded714cfa65b4bL,0x6efe84944e212e22L },
-      { 0x97c48a1888766168L,0x663ccc9dd9c85b9aL,0x6fe8b77b2652f501L,
-        0x1daa602d078efd38L,0x35885364dbcb8299L,0x25bd1826b8240626L } },
-    /* 21 << 42 */
-    { { 0x6621d504af748cb6L,0x3940e5e08dacbf89L,0x9fdd8eeaf546daffL,
-        0x18fc70d4b42f9507L,0x09bc4af9a3fcc42cL,0x9199b08f4165304cL },
-      { 0x039d45bed3d0e9eaL,0x0963ede2a6464c2bL,0x77f47a62b5215830L,
-        0x3a0ce54c3e540cdeL,0x34cf6031b2be8f77L,0xeb143e60201083efL } },
-    /* 22 << 42 */
-    { { 0x21404da5442467a1L,0xe73047597f7023e0L,0x836439a8213ff492L,
-        0x105fe0e37ca0fc37L,0x73835ac85b303c34L,0xe29d830e0057ac8cL },
-      { 0x457d083e3b5f41bdL,0x228b26c357341890L,0x8e8f194c4109bf9dL,
-        0xd032cf2b6e4a39e3L,0x012e9515d88f9292L,0xd1a4cd32e957e163L } },
-    /* 23 << 42 */
-    { { 0xec56b72f4ab23680L,0x7cb58e727f22217eL,0x6e98647bd045d18dL,
-        0x2b7c9caa9a73b956L,0xc414eabef120122aL,0x45d9036bb6e1b134L },
-      { 0xe963c88388abd93fL,0x257f3b619180cb9aL,0x915fee5cb6ca7abdL,
-        0x2166402cdb7b1bb1L,0x636f85f6541614e4L,0x81f91a1849d9e527L } },
-    /* 24 << 42 */
-    { { 0x0430af7759b11c7aL,0xf71cc5b1d4f47acaL,0xe1a7905f12e9190fL,
-        0x1c689b7012db9e14L,0x6bdd3dc90abaeeacL,0x97f1c244504f0319L },
-      { 0x874afd61a7a54b51L,0xd4604ecbe3d979b8L,0x0d33eee1ebf4aab1L,
-        0xa3631cac1aa49fe6L,0x0d8340fbf2217cfdL,0xf6373284423b7e77L } },
-    /* 25 << 42 */
-    { { 0xc6cdb5ba6f7972d7L,0x7ac7d438907d281eL,0x9160a8f5c01044ddL,
-        0x3d74d7eac19ba8f9L,0xf7c7f93f112433e5L,0x2ab355a2012236d3L },
-      { 0x1168ce913009447eL,0xbefde8dba26e3458L,0x6f9837db49ec8169L,
-        0xb4d1e35c86782931L,0x41440a76d711e5f4L,0x8fc7a5aeacb5cd89L } },
-    /* 26 << 42 */
-    { { 0x73719fe8286e8aa5L,0xff8663419982a4a4L,0x684511702fb2db95L,
-        0x4f1c0eab01d80ea1L,0x2bc50da5530af14eL,0x00d1d5b506071a95L },
-      { 0xdb618990a6b374b1L,0x06ad90084e79ebe5L,0x281d01a424a63b70L,
-        0x87dbd6d5348625fbL,0xdc90f0bef576b1a9L,0x1a9ef270987747a3L } },
-    /* 27 << 42 */
-    { { 0x135e416ed651b9b0L,0xe55f7f104a5e7979L,0xe55df2550f0729d2L,
-        0x666f2744e33ada22L,0x4968bb982cbcb4a8L,0x7ad4e7811028dd81L },
-      { 0x0e59f0dcd7ca8b60L,0xd71628cdd2a600b2L,0x7eaf6d308b0af99cL,
-        0x6224b6452900105cL,0xe0513f4388650f12L,0x2a63822a6f6c5234L } },
-    /* 28 << 42 */
-    { { 0xf8c07373078a045eL,0x998b2d52a81724d2L,0x2b97faf1a6305a28L,
-        0x5bc61f67f3e0f93dL,0x7238583cd7aeb8c1L,0x851ecc4b39f5f24bL },
-      { 0x1cc8b4689992c20cL,0x73168a863c8553dbL,0x1b9a5f95ba2641adL,
-        0x87a0c362ce9d565bL,0x07fb51b2e1eedc62L,0xdb300ac6a973903dL } },
-    /* 29 << 42 */
-    { { 0x789ca390f33e8516L,0x6a7f594cdee7f1caL,0xb4b6b9ca988005a6L,
-        0x14f7b4806cad024bL,0x682a86285a576b68L,0xf188c74e40e1984dL },
-      { 0x3584b5e6bf6f19c6L,0xa350b1d2b7467bf3L,0x3b3bb966aa3d1266L,
-        0xebbd2c782804d8a3L,0x91a272d36a9caf4eL,0x553ada4158fa7041L } },
-    /* 30 << 42 */
-    { { 0xb564a0d9807e30a8L,0xaba07b1534a637ccL,0x010e76c5840d8e37L,
-        0xb6dcb9ac95f6765eL,0x2f5f8fe103b3ec08L,0x10c5a24fb48363efL },
-      { 0x5ddacb2709c4dc1eL,0x8e2884b1e03bafc5L,0x84d56df3cfc2d599L,
-        0xc8e2da84ab78ec0dL,0xace4663f900084c6L,0x98d9a1df5d49f42eL } },
-    /* 31 << 42 */
-    { { 0xb10ca6eea690d9c8L,0x0b8b39efd5e0d490L,0x2685d320e63807d4L,
-        0xca40d0ee83116ce2L,0xe1e1434fca51b48dL,0x178a91afeddde4a9L },
-      { 0x64f59e3fd0dace59L,0x57b33c26278b1820L,0x2ca13b041550875aL,
-        0xb21f675a4e0db4aaL,0x2bbb3edb0216d3c8L,0x7f39955b96ec8017L } },
-    /* 32 << 42 */
-    { { 0x78a53b5a9563e3bbL,0x19c75eb286af355cL,0x3520f427019a6f8eL,
-        0xde6fcad6dc3ad0baL,0xfec96e4f79745b7cL,0x5e566bbdb133f2dcL },
-      { 0x50088a2b26561be7L,0x16275b4cc5fddfc7L,0xf21332ff23ae4b9dL,
-        0x8cbc659e85246712L,0x27fa9c8df50b515eL,0x25ecf745494ac8b7L } },
-    /* 33 << 42 */
-    { { 0x7cb130e0837ab43fL,0x8a1f00127b9f6c17L,0xbf827f6d17fa5e12L,
-        0xc181b1264914a231L,0x8ce70fb6986288a8L,0x9832863fcd1c276eL },
-      { 0x738e99819622ecd1L,0xdfc1b43cb73807abL,0x7254b4cf1b673290L,
-        0x2d689f38fb20f902L,0x86460de83c34960eL,0x8453896aed8f62e0L } },
-    /* 34 << 42 */
-    { { 0x9f74efc606f4904cL,0xa280e4c26d3bc556L,0x974f9bdb75975ee2L,
-        0x1bc0e7fb6dacde9fL,0x2a110d4c49649375L,0x045432c09090d834L },
-      { 0x84295a20195083cbL,0x92ea17cac7dcf71bL,0x3acced0be70be8c7L,
-        0x3703dfc007e28816L,0x37fbf2d1e869fb8eL,0x8c6b0bbef9c35ff8L } },
-    /* 35 << 42 */
-    { { 0x04a991812f1d2778L,0x0d78573685b91ae0L,0x8c32d6046a5252a0L,
-        0x12b043131a0df85eL,0x40c4db631ee669b6L,0x0f499408f18f5f9cL },
-      { 0x0dcdefabbfe9a187L,0xbd371c45ca650d7dL,0x33819eb00a36748bL,
-        0x82d1af1f29034844L,0x301f906d96257b2fL,0x862728ea9395c666L } },
-    /* 36 << 42 */
-    { { 0x33a2194f40175152L,0x0f7ddc1dbb13f08bL,0x7c08860850b54274L,
-        0x7ebb2c11e41f0795L,0xf915683fbe20d37fL,0xcbcc14889daacec5L },
-      { 0xfb02c20fea459050L,0xe964d76ad5815aa3L,0x0e009be9496bbf2dL,
-        0x8233690eb42d0f7fL,0x98ee83d49168eb0eL,0x34c3b6f3621fa292L } },
-    /* 37 << 42 */
-    { { 0x29555d79b0221994L,0x1dd689dd4c9e8f29L,0xcb83ed2c853f5261L,
-        0x04b1475e0d9b0670L,0xa28b15e7df2ec34eL,0x094409b5e60a168eL },
-      { 0xe4b9fd0e16ed42fdL,0x02f97e84a138f2f6L,0x91dc216ce13520dfL,
-        0x59564eda7a245e5dL,0x825278be8478befaL,0x69daadd20328c4d1L } },
-    /* 38 << 42 */
-    { { 0x6ffade389995db43L,0x88974055790f4b92L,0x082e5add525d19e1L,
-        0x002c414897bd9931L,0x3f093b3b5461cff7L,0xafc95b0042b8d3f2L },
-      { 0x0a8f7687a993155dL,0x1edfdf616c2bb58aL,0xb5be2d4fc44049e4L,
-        0x6fd505bb8dfdf4e7L,0x5386f02a41af5871L,0x8178817569121027L } },
-    /* 39 << 42 */
-    { { 0x1deada722706171eL,0x1baf4c9aee773c6cL,0x458efac06977d673L,
-        0x1f2c2f38646e29b5L,0x36ece91a53323300L,0xab51a49bc4d598e8L },
-      { 0x7802760ed8e41d8aL,0x2996f790587425a5L,0x227165b73ca21bedL,
-        0x0d9e5c5283536ec3L,0x6232f2e089701806L,0xc55e80a2894e2577L } },
-    /* 40 << 42 */
-    { { 0x437b7224641e3bd1L,0x84e39f7980a58460L,0x68e5292709759523L,
-        0x0176a3ace77f5904L,0xde92fb15e151e242L,0x79965c9aeb1438d4L },
-      { 0x318a810a596700b9L,0xa8a6ec57c2198cbeL,0xd7709aaabf030fd2L,
-        0xb432023472f5d326L,0xc9945214b03bce50L,0x0bc06d9bd4ecba09L } },
-    /* 41 << 42 */
-    { { 0x30630eefaadf21b4L,0x94896f68042fb57aL,0xe678fc3eb312e7daL,
-        0x325cd2bc5c94c991L,0xd4eece20bea4e518L,0x9d9d65e925eab2abL },
-      { 0x5439c348676454e8L,0x9eb68953be1e48ccL,0xbeea9da27b625a31L,
-        0xbd82c6ee48cc200eL,0xba9fc94444b9dc77L,0xb31bdebe1eb9283aL } },
-    /* 42 << 42 */
-    { { 0x1ac1a09d07abf58bL,0x7372e532b5770f9dL,0xe1716687c12fe180L,
-        0xd91f4d36c715009eL,0x5d8885cfd6fe1cd3L,0xc0ab5a13aea65e52L },
-      { 0xa5fe05a0838e5e05L,0x590cc325971fb33fL,0x3bd8234a4653bf57L,
-        0xb83300373708c1aaL,0x27453d3b0e84e8fdL,0x9dd3f05399cf918fL } },
-    /* 43 << 42 */
-    { { 0xaf6f26c3a36468a3L,0xcab875f28d9fc8deL,0x0209b1ad52f4479dL,
-        0xc9941cb5459542cdL,0x91603260a0212b68L,0x98018317345673edL },
-      { 0x2b02a35ef98b810fL,0x15953f78b714fb32L,0xf9f9c61eb71a4b4aL,
-        0x959b1473a8505b7aL,0x331d32cb4c6ec97cL,0xb1d2dd44e49f189aL } },
-    /* 44 << 42 */
-    { { 0xdfb0508345c0a2acL,0xd13790035eacfb2fL,0xe9872d766a2e126cL,
-        0xd2a89cbd39a02d27L,0xf45baf72d754b7c2L,0x37985ef8c6c61bafL },
-      { 0xbbcd3ef2da1c46b1L,0x5af5dda43a355d83L,0x9f7ce4281d67a984L,
-        0xf19526926fa33654L,0x2abccb55567b3b71L,0x1b3704f3300cf29fL } },
-    /* 45 << 42 */
-    { { 0x9dcfaf21712af69cL,0x26de8fb05291cd70L,0xc778294742072171L,
-        0x889b9fbc8c617e24L,0x5971e60cc2926862L,0xdd8e70bddc022533L },
-      { 0xc783e1e30a369db0L,0x37f562ab07b2bb92L,0x5043f3d40c060f44L,
-        0xa9650f47a3e17ac4L,0x3b8cd7ad18010ceaL,0xeed5de39969849e7L } },
-    /* 46 << 42 */
-    { { 0xf93c3ccb6044ade6L,0xd14a13f8fd376746L,0x1fc20e6fd718a98eL,
-        0x9f63c6673e31573eL,0xe99b7693a8e0c66cL,0xdad4615c1e5b5f5dL },
-      { 0xcbdb7200ac98f5a3L,0x31414469668ab045L,0x82e92df9bacf0ac7L,
-        0xa61f4e8371bfdf94L,0xce8cb699d1bc5deeL,0x42da8ac72f2f837cL } },
-    /* 47 << 42 */
-    { { 0x0b6252fc32a4e8a0L,0xac1e457dd7170402L,0x76faaffeb121e40fL,
-        0xd2dc3cb84ddebd9aL,0x303e47cf362348a1L,0xe37e824a829d9806L },
-      { 0x419cc2cc7c2ec135L,0x3eab37024cecfdceL,0xf0c9f19088403d18L,
-        0x73c8984daf61b6a3L,0xa2d44d9e00c232a1L,0x61fdf4883cf1cecdL } },
-    /* 48 << 42 */
-    { { 0xa1972c2196fffb94L,0xbe04093099d7633bL,0xb116ff407e23d66eL,
-        0xcb12b2bb949a19f1L,0x75df10ee79e49e91L,0xa3bf90764890bcf4L },
-      { 0xcbaa76a609a30252L,0x17c224a90ee5728eL,0xcbc56e5cf4f3f4cbL,
-        0x8a07110f4fe868a5L,0x23289f2125e110a2L,0x0289c12bd7693c45L } },
-    /* 49 << 42 */
-    { { 0x4a9c6f8bea96a0f4L,0x78262a3499e3aaa3L,0x513a8e2028b2634bL,
-        0x5ba40287d85d74b0L,0x5702d11d440fcbbfL,0x1933c88a0df91fbdL },
-      { 0x642247909a0aff2aL,0x85dc2ca13734398cL,0x1009884fd7aa787aL,
-        0xc666a62a0e73f4f5L,0x491bb941cce66210L,0xda8e896bcd173443L } },
-    /* 50 << 42 */
-    { { 0xdc9b37a7c6e32022L,0x158cd4bb342a148aL,0xd62d371cf06287a0L,
-        0xba027eb6e9fe0a01L,0x8e7c6f5372017d09L,0x13c5d6ce9381d9c7L },
-      { 0xbd0bc2d46e32f045L,0x52cf0f2554ab7f2aL,0x2e674e50085643f2L,
-        0x77bc15aef1662819L,0x57f9e3c4f2ebe66eL,0x839aaebadd284956L } },
-    /* 51 << 42 */
-    { { 0x752bc171ed9d735cL,0x76d96d3419ad5c26L,0x9549ad3e25c1d83aL,
-        0x8f6fed53cd460d20L,0x04504f7c7b619b69L,0x68265559c566f393L },
-      { 0x5e39e108804598edL,0xace859b01f4538edL,0x4b8503070c85e5daL,
-        0x9f087821abcd4ecaL,0x126d3850c8d0def4L,0x66971fe5263457b2L } },
-    /* 52 << 42 */
-    { { 0xa82ac9983a4bc15bL,0x28697435c930e4f1L,0x191ebdb6b0c9cef3L,
-        0xff05f8e875748872L,0x5b86940237343b20L,0xa7bce94beedfe44fL },
-      { 0xfc271e2778f4e1fdL,0x652c5a187734db66L,0x108f61c87efc9a9cL,
-        0x01db328970ed1dc1L,0x2bc509afd249f61cL,0x0d2e6b4cfeed393dL } },
-    /* 53 << 42 */
-    { { 0x691199d77a477295L,0x1f0679a661746b75L,0xf3a51493c9f936d7L,
-        0x1fcb336a445af5f6L,0x9880cdebb94ce08fL,0x784fa04a22a6b57aL },
-      { 0xc85fe18caa97c3bbL,0x27294a3baabe9b50L,0x9418a5b7b673c915L,
-        0x686cd97a15dceed5L,0x6d1c9dc70f22ae6aL,0xed88e02dc02212d3L } },
-    /* 54 << 42 */
-    { { 0xa62c358dcf616234L,0x85402ffad40aae7cL,0x315ce9f151a7614aL,
-        0x6f7e796f5d0c7d7dL,0x73bf57faf3444d22L,0xb5e71e7a224b77c0L },
-      { 0x94c40681541ee741L,0x40c97253d6837e1bL,0x1058fe7bb1f1c742L,
-        0x3206256f9b24d65cL,0x0abb12a78169ba8dL,0x01fcdb7beae85db9L } },
-    /* 55 << 42 */
-    { { 0x868f294309fdbd8aL,0xd9c11e7ebdd6c274L,0x3be4d8e7fdcb4fb7L,
-        0xcd8c40ad17305d10L,0xf12c97642abde5eaL,0xc9e16d8256776e80L },
-      { 0x279c0248df05235cL,0x4bdd8b136d8e4b89L,0xab8bbe8d7c47d2c5L,
-        0x12ba8b9e255c665cL,0xd585ce64d140a518L,0x55947e69eb4d353dL } },
-    /* 56 << 42 */
-    { { 0x06ba6db1f184c91fL,0x3c0a348a45fd0382L,0x0d535b6e4434b527L,
-        0x7bbfa2c8692bae0bL,0x5c59a08ebe7fe51cL,0xbaa7d2be36e80cb8L },
-      { 0x8a42d8d1bed3cae8L,0xd9e0bc0d15ff4962L,0xe51fce93644c75ffL,
-        0x40222561b9392d63L,0x8ab1d286023b4787L,0xfa85c220a1b3190dL } },
-    /* 57 << 42 */
-    { { 0x294845c28ed1d81eL,0xc0402af2dbe7fdbaL,0xbb56d86d67abe6a1L,
-        0x2e61f65b2ed330e4L,0x2893eaebffdf0fd1L,0x06cff97a75fb77dcL },
-      { 0x2911ebac1c90fe64L,0xd9c40d77e5ee3458L,0xf5b8b1d4b355f191L,
-        0x5be71a4ef365bc6bL,0xe2db432f5277b244L,0x3272a28327235b87L } },
-    /* 58 << 42 */
-    { { 0xe5105755e6b16cbfL,0xba9fb47b536a49f0L,0x03ac0c10c75ad751L,
-        0x9090bc328a2d65a0L,0xcecc7202852b3d23L,0xd214f70128f67958L },
-      { 0x379899b1f3695cabL,0x8f3d02e9bd3342c2L,0x9870a7f9e24e7bc1L,
-        0x7277e115f723893eL,0x6932ceef0f6f1936L,0xd0bf06dde171306dL } },
-    /* 59 << 42 */
-    { { 0x815cabeb17832ce7L,0x65afc856a2a4864cL,0x9fe4ae1aa4939a4dL,
-        0x7005cbd90729a3c0L,0x887f0cca791e8ad6L,0x55cad97a85aca45aL },
-      { 0x3e89d294493c7dcfL,0xf4ae5277ae8ed154L,0x507a3fd0a08fbcdbL,
-        0x4df3c552f86677fdL,0x6529f9ace3a82131L,0x09efe1fba53a7c67L } },
-    /* 60 << 42 */
-    { { 0xbbcfa42d21fe8f67L,0x82983012de2be980L,0x88bb9704aa8e17a0L,
-        0x100ad5e784772203L,0x2867168965479d29L,0x0334f9c5c2d9d5d3L },
-      { 0x49032c1a83a6cf83L,0xc257b0901dad479aL,0xf64177dea7e3636cL,
-        0xb2b5747874a315abL,0x210b11cda170ccbcL,0x80509b7480d80177L } },
-    /* 61 << 42 */
-    { { 0xe98ad30696993a74L,0xa7dc8330f0484940L,0xc30319fdd61b83d0L,
-        0x76e2755809873771L,0x33f4f43ecaedda98L,0x68d5ffe3639c8d3eL },
-      { 0xe3cf3b850059b2d9L,0x7f3ecb2f6a3d057eL,0xb569c24b9b8b7466L,
-        0xeed92f2ac38ccd58L,0xc16a4e8ce765a2f7L,0xa3a7b6552de9cb38L } },
-    /* 62 << 42 */
-    { { 0x496de6fa0640df83L,0xa4e500a36c77c97dL,0x45609036947aed3cL,
-        0x0edb9422423fc5d8L,0xd0c01b2e68f70746L,0xae44ae0e6d77f3a3L },
-      { 0x7cc7e90635adba9cL,0x107a3b46a8413303L,0x9e3eeab98916817eL,
-        0x1a99dab86fb74601L,0xb4e8466c1064b039L,0x249149146fcbadeeL } },
-    /* 63 << 42 */
-    { { 0x89643fa624798452L,0x179b3bd76ee52833L,0x343096e54430c6b3L,
-        0x589dba3323461536L,0x59073225c3433575L,0x540f9ce317d80d42L },
-      { 0xcd04b14d3aea6c82L,0x9be179b0efc9f455L,0x0ad6fb0791e57cbaL,
-        0x33894fa262706b10L,0x2cbc270886bf6926L,0x2cf067e64ea48c6bL } },
-    /* 64 << 42 */
-    { { 0x298647532b0c535bL,0x90dd695370506296L,0x038cd6b4216ab9acL,
-        0x3df9b7b7be12d76aL,0x13f4d9785f347bdbL,0x222c5c9c13e94489L },
-      { 0x5f8e796f2680dc64L,0x120e7cb758352417L,0x254b5d8ad10740b8L,
-        0xc38b8efb5337dee6L,0xf688c2e194f02247L,0x7b5c75f36c25bc4cL } },
-    /* 0 << 49 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 49 */
-    { { 0x36c9dbbefda8520eL,0x573507ce6ae3ea98L,0x1ab38db696a8f9f1L,
-        0xe031d2356b01e6bcL,0x10466ae68afc4adaL,0x3b35df41ed9c44e4L },
-      { 0x61272c12c7bd99e8L,0x6a4ae7b4805afd79L,0xf4c47a910ecc49ebL,
-        0xeb95dfeccbe84d5cL,0x43f3b71c8ee497d7L,0x2547af524c6fece4L } },
-    /* 2 << 49 */
-    { { 0xe323ed0cced45039L,0x04ce0b67a90aa713L,0x9c092f06e8d68e4eL,
-        0xd8f5555ad0742e5dL,0xe2d175bf00d3df92L,0x8ca55f154f71aeabL },
-      { 0xd1762d72642d391dL,0x0dfdd3c2aec466bdL,0x2caacb4c6281f2a7L,
-        0x635ba4703603e53aL,0x94a9811d49fecf29L,0x3a42cf09466bf361L } },
-    /* 3 << 49 */
-    { { 0xe63fbb10b5356889L,0x5995a0a92e73aba2L,0x5cea30677afd4bf7L,
-        0x4494e39dfd37120dL,0x8c572c7249d718a7L,0xfe159c275fa305fbL },
-      { 0x751c217fc276c40fL,0x44d0643c45e40857L,0x9a996e6efe7a6486L,
-        0x1a4f6d10f53b0e47L,0x651390ecd15fd593L,0xe0c1181d739ee9eeL } },
-    /* 4 << 49 */
-    { { 0x0f05710b11bccf2fL,0x7113085a7aec1bc6L,0x137da67a46b8d0e2L,
-        0x454b89fc698b78ccL,0xf2a6e1de258a9393L,0x5f1804e716488e69L },
-      { 0x7c6c550215b3bf35L,0x3b0e09a5b05c2ec1L,0x4b9de30e92f15247L,
-        0x09d4ca9327e70a0aL,0x9c8b16340d149363L,0x54a8287cce642137L } },
-    /* 5 << 49 */
-    { { 0x3a05e7d5ca2af43fL,0x068953f975009801L,0xd6c8a76c06740141L,
-        0x7e1df1038a831fa9L,0xfe06e2bae39046f3L,0xda5264a0e1807c29L },
-      { 0x1be4ffedff5d4808L,0x299d6537c52be83cL,0x1b38adba11834a9cL,
-        0x6074a60b1248fd42L,0xd9a0bd2e041b5430L,0xf222ba84a7b76b03L } },
-    /* 6 << 49 */
-    { { 0x49ecd6f3346a764eL,0xe46847f14105e657L,0xce9cb2b57550f608L,
-        0x45f1a1f7f4cf062eL,0xcdb19a112c27d38aL,0x36d375b284e50b19L },
-      { 0xf43691540dba6405L,0x4c9dc863040354dcL,0x7229e70ea24d09cfL,
-        0xe72aa86c7cf6831bL,0x487fb68425392838L,0xe88bed04430b9b47L } },
-    /* 7 << 49 */
-    { { 0x9f77b8c5d1164788L,0x45bcd4c1d7b5c5dcL,0xed22ecf3d88c2357L,
-        0x330272ad07de1cf8L,0xd9749f7f4ca13a48L,0x4964ce5d1383ce08L },
-      { 0xc033d516b0d0dbb3L,0x056ae73bf51943c3L,0x495cf7e057105e88L,
-        0x08ced52e56462560L,0xe9578aa713ca1a7dL,0xe9b045c5a9717f7eL } },
-    /* 8 << 49 */
-    { { 0xf8a8499b666fa8a8L,0xd0f9401571bba84aL,0xb85e1b1d515e1328L,
-        0x88a2636ba941e788L,0xa045241d2b5dd8d8L,0x161be476332f0350L },
-      { 0x96c4b205a18fac6bL,0x5cbe8d5e73fc5337L,0x6fc33fc6d00b6029L,
-        0x07a914ee89aa3b79L,0x35353eb7a4d4dd00L,0xc026bdc0673e8956L } },
-    /* 9 << 49 */
-    { { 0x1e551f9bce0b6f8cL,0x1fe7ea4618495e1dL,0x3f6f28742dc0e878L,
-        0xb778c12844c43f20L,0xbddc28eb8a250230L,0xd8571a4aac6c3d17L },
-      { 0xb9dcaec9730c8a1eL,0x512cee9993fbcf87L,0x0df3a1379bafe001L,
-        0x8530e501e2a2b9bbL,0x6d38ba8995ebf91fL,0x704b81a7792cef7aL } },
-    /* 10 << 49 */
-    { { 0xccda372167103852L,0xf78d22470c54de53L,0xebd16036afa44aa5L,
-        0x7b88024864a24ab9L,0x86b38e961c2bc78eL,0xd0aa0d058d63b295L },
-      { 0x24912955c62fcbf1L,0x77a68156b9ac435cL,0x432401c71b360b26L,
-        0x091f19f34c58ef8cL,0x3a4a61f483d46c9dL,0xad0e5c72e8d616cdL } },
-    /* 11 << 49 */
-    { { 0x668d598ad1666826L,0x6ffed334fba0ba63L,0xe71e3359d7cddc30L,
-        0xa9c15c2d9fb9998eL,0x6966d350612230b9L,0xbca3ed23ae4fe0edL },
-      { 0x537cac1b3caa3edfL,0x4f4a737ef33c180cL,0xf8d8f796f8807a7bL,
-        0x5c7cf072d1aab3e2L,0x7f0ccb9dfff736e4L,0x71bf0732ef11266aL } },
-    /* 12 << 49 */
-    { { 0x33b029bccdaa6831L,0x2548552d4c1f9cedL,0x35f1a002dece1c8cL,
-        0xc6b87fd7acc23aa5L,0x0b8bb275bab029a4L,0xf07bc06730bfb42dL },
-      { 0x1688ff5d1f69ce9dL,0xeedb7b5edb10585eL,0xb7a88cf0d432c197L,
-        0x20731bdd015a350aL,0x5fa1835463223f5cL,0xe392e1318024693fL } },
-    /* 13 << 49 */
-    { { 0x61ada737c3449cb3L,0x071062504ca876ffL,0xcd98a39001d1403eL,
-        0x197c845096ded881L,0xd060160568cacebbL,0x7e1b37d1dc3ddff4L },
-      { 0xfdc1bcb5d1725e92L,0x11cbe941bf0856d2L,0x63fd35d050199657L,
-        0x208a1047b9790d10L,0x52790ce61af4301dL,0x75e6d83beff28b69L } },
-    /* 14 << 49 */
-    { { 0xdfaeea0a0154731eL,0x9e53419de15a0388L,0x2ad6a83c25a992c8L,
-        0xa2ba020fe125501aL,0x894ebaf8d4dd04dcL,0xd48cb95850765559L },
-      { 0xf9b58d0980dec92bL,0x2a0e11659da299d7L,0x3c081853efe9cb11L,
-        0xb9f3b702a511c5e0L,0xa8f7a25f70486180L,0xc0358b25591b3e2fL } },
-    /* 15 << 49 */
-    { { 0x00333fa6fa806947L,0x7e4dcfb3504b3e19L,0x8326b0acad4a5dfdL,
-        0x9ffc65eac7b12e49L,0xed3b7c0258d16eeeL,0x79fccfb434a4222eL },
-      { 0x4a8070a0e556357fL,0x554fe2c9ec97769eL,0xcc405a57da691714L,
-        0x12927897856f590eL,0xd4805b93ba198dcbL,0x2649be2e4b18444bL } },
-    /* 16 << 49 */
-    { { 0xf36e8398eaddf274L,0xe41553a16a5e4ddbL,0x36ab07464efc5b0cL,
-        0xb211e59ad316c434L,0x2515ec9f16ccf839L,0x6ecb746503dc6a07L },
-      { 0x842b7275c65c1b07L,0xf7ceeec535750ab6L,0x967d711ccef5255dL,
-        0xcd3bfb075108cb92L,0xe50c0d8aec1b9740L,0x9e8d56611a9e6308L } },
-    /* 17 << 49 */
-    { { 0xfcb12ba3aae18c46L,0xb55e959c6e21d463L,0xf720d19f4a4f6f21L,
-        0x1c2ff60ed4320c5fL,0x4ce5e1ac1a1b40b8L,0xfdebfb81ff6fb9a0L },
-      { 0xd6c37d8a9c67c07eL,0x55167952012fc09fL,0x5dc722b52c306c4dL,
-        0x1efad8d2bc1f65e1L,0xa1478f3da52556ecL,0x54cbfb884a795dd5L } },
-    /* 18 << 49 */
-    { { 0x84f8ea13ccb8a36aL,0x5f7aeeffa05709a2L,0x4942d04e60574f37L,
-        0x855b13e9e048b400L,0x747e4067a6b59c09L,0xc349fb05074d3990L },
-      { 0x398e6afaec2c7e03L,0xce361865ec2d5a4cL,0xfc04bf8eb6f57d22L,
-        0xf0e0b84c759ce6c6L,0xb65141235ee7e528L,0x8ca144bdf5c0f9b9L } },
-    /* 19 << 49 */
-    { { 0x5868449bc6e0124eL,0xdd65ffc1e68ad5eaL,0xe126665f4f577466L,
-        0x8ade5cee2defe8deL,0x7c1cf7f07beddf87L,0x0e0e066a362c5956L },
-      { 0xac2aff4e15563b47L,0xa28ab875620d1299L,0x91f67b3fd8caa497L,
-        0x91bef53394fc08a3L,0x0fa27d9cd99918f5L,0x205b6c1f60b67bd9L } },
-    /* 20 << 49 */
-    { { 0xc1370daef6a58536L,0x6f2e5b37c56b0ae9L,0x5511d68292f6b6a3L,
-        0x2e9e5034ae575249L,0x3e5a32f81d14bed7L,0xa346a86f75efd17aL },
-      { 0x4f2510a60309fd7aL,0x689ecd74d0b1425eL,0x9e9bebe19f771e24L,
-        0x20188045adc5b48cL,0xe49811b6b845230bL,0x420855ec5a8687f8L } },
-    /* 21 << 49 */
-    { { 0x705a9ab30aa1a423L,0xcb01466fb49830c4L,0x1db1768581a75897L,
-        0xcaacb855e341f157L,0x9b13cd497a0d3c38L,0x119b4d47e177fcb3L },
-      { 0x0d8f7c2639788712L,0xbda0f3180642bd4aL,0xdd4bd88bd4616239L,
-        0x9a3ecf978df1b895L,0xd0d54caf4a6dc07fL,0xa7ed6bfb31810203L } },
-    /* 22 << 49 */
-    { { 0xe650e49abae1b94dL,0xb6b162e6e3199794L,0xdc706859b4ec0480L,
-        0x28b618c24b1a06caL,0x0929a001403acdc2L,0x796dfd972da3aefdL },
-      { 0x16389072ef4c1673L,0x600d8bd7fc94a4f5L,0xf003214de5f386a9L,
-        0xa7af0499e62cbb48L,0x750a3b00de82bad5L,0x6c615b838e7dc8eeL } },
-    /* 23 << 49 */
-    { { 0xe1916cb4eae432e5L,0x81f3e48acc193889L,0x54d58685ba922a4fL,
-        0xeffcc528bf11b76bL,0x2f70d38f8171c971L,0x547ce8ccb3a5669aL },
-      { 0x3acd91b878e6d0beL,0x372dbf2c689c2913L,0x9fceb5bbd0aae543L,
-        0xc601f9622830a977L,0xd55e74509f874dffL,0x77ff8ab4822878caL } },
-    /* 24 << 49 */
-    { { 0x283eec26d71543a6L,0x98fa08bea7627841L,0x269a83b827ad302dL,
-        0x225f2f12bde3fdd0L,0x046fcf380130b3a6L,0xea733c1ac3ed9043L },
-      { 0xf870f14d70aa08d1L,0x643d18b834391e0bL,0xf3e1d5f4847be772L,
-        0xa9498223d0ed73a0L,0x6933ccf014b3babbL,0xc2439ae437f08f70L } },
-    /* 25 << 49 */
-    { { 0x503414d0f2cb5475L,0x51b9497cb24cbf9eL,0x57359dee2f4c7746L,
-        0xee7125c3f3118a94L,0x2f0db706e4ea33d6L,0x885e8c3eddff7f63L },
-      { 0x752f594b628432f0L,0xcfadea7779852e2bL,0x4f733b8ba2ba4b7fL,
-        0x163c8c2e530f763eL,0xf95a7b57ff05a7e9L,0xd4768d242d7be01fL } },
-    /* 26 << 49 */
-    { { 0xb643f4e0f88d049bL,0x5e0ac1fb12682fcfL,0xeaf7874d9f981c8fL,
-        0x9c2adfd2b1af779dL,0x9a7abeaddaa8c275L,0x09ad552124cacec4L },
-      { 0x069cd5c40ead1646L,0x5186bf190a6157d1L,0xcc222a9396503506L,
-        0xfeaa7bdebd29686eL,0xb0d65b0da7257c8dL,0xc31c0a8898aa227fL } },
-    /* 27 << 49 */
-    { { 0x5495f21c9fe88a48L,0x01f580ac590c1966L,0x1ad433ba39810166L,
-        0xecbc67003a5187f6L,0x38d36c3bd4216887L,0x49653585e27b615cL },
-      { 0x2a70a1d9e773db7eL,0xe36d967a63c1c048L,0x51cba60d26d15862L,
-        0xb633839fd5a6b746L,0xa6a756a2ec1fc364L,0x37fef8d24cfccb6fL } },
-    /* 28 << 49 */
-    { { 0xb4b7651f5be1d45bL,0x0425200a7f0cf680L,0x200d12b48960be95L,
-        0x02fdd1a14945b193L,0xedd70e3e27d046d8L,0xc1cc086a83f14e12L },
-      { 0x1580e72b2629396eL,0xc87439dbf9ed73c1L,0x5debdf30a90c5128L,
-        0x0b6c020e9fbe14efL,0x168da56a0149a0b0L,0xc66a4dbd79c58ac6L } },
-    /* 29 << 49 */
-    { { 0x6ecd9c41596b8890L,0xd25172fe210d9613L,0x1ce8abf872b97aa5L,
-        0x355899d610faa675L,0x003b69adf4ddf011L,0x6736cd40ec2d1af9L },
-      { 0x8069a0ad4f85ac72L,0x5c31d68b5836cfd3L,0x8e9486eaa5ec1473L,
-        0x8e175c4a1468cebdL,0x58b3d2b1ffaf2f77L,0x4fd21681a17a3e00L } },
-    /* 30 << 49 */
-    { { 0x800aec84330b8e2eL,0x1a2c033e335837bfL,0xf1a91551fe6f6dd9L,
-        0x326c42b21de7360aL,0x300e740b7b66f9d5L,0x53bcc70068ce95d4L },
-      { 0xc9e225ac3d80f228L,0x64b2ad4e6977dfdbL,0xac863b0801f23221L,
-        0x0517a648df11e5f7L,0xbf7aedcb68d11050L,0x2607e33777b3029cL } },
-    /* 31 << 49 */
-    { { 0xcb1955e44f4706b2L,0x0821d4663acaed1fL,0xbe822db07f8b43deL,
-        0x3d11573f9b1c83a1L,0x6c052118201eab83L,0x294c5060dfe340d7L },
-      { 0x994a4bde0644005bL,0xf1519f3258fa0552L,0x9077bf5bd4d0d39bL,
-        0xebde1ff0e6204ea0L,0x58a68e09829130a7L,0xda64eb8596961bb6L } },
-    /* 32 << 49 */
-    { { 0x1afa6aa6206add5dL,0x66cfbbae150ea4c9L,0x07fb920b5d36da4fL,
-        0x144d51f9291e774fL,0x26c2c134f40d87a8L,0xc8cf3524a932f1a0L },
-      { 0x35bb2a425aeb0bdeL,0x5cfcc1dac4be960aL,0x5c40cabfaa1838edL,
-        0xea0c05ffe2855f1fL,0x931ebb02fd525934L,0x31a7b78f16246fd4L } },
-    /* 33 << 49 */
-    { { 0xbe055fead42b36aeL,0x733a05ed819ddf8eL,0xa00fa0a15c9a6102L,
-        0x0ed363273c0af634L,0x5b5a62b4d5970a32L,0x9d7557dfca954cd8L },
-      { 0x30314f0c6daf871bL,0xaa7c42a96267b2abL,0xc5d1f0d6132bc62dL,
-        0x77ac94df7ed26084L,0x0d256fdada34e1f6L,0xf0259d1caa4b4dd6L } },
-    /* 34 << 49 */
-    { { 0xf576c69e86ccb00bL,0xc870c07f5781803eL,0x91d4c0c6b1869e56L,
-        0x9c2729397d940416L,0xdad33f73c4d0269bL,0xe2baf5b8838c9198L },
-      { 0xd8bb9613218414e4L,0x5e9f7b67c980ca07L,0x1e2d4e63165079fbL,
-        0x6ae5b17f983b3fadL,0x1e66b8380c24e22dL,0x80cdaec2136e0be8L } },
-    /* 35 << 49 */
-    { { 0x98cb12d93fc277f4L,0x81def3ee160b8743L,0xa1f07ebb11711fb6L,
-        0xba17dd15a95b3ba0L,0xb25f1c78bc158f33L,0x1bb83cf27841e8bcL },
-      { 0x57ad928abf49233cL,0xc94fd746bdad3f2aL,0xf7c716ae4a4c6600L,
-        0xdd0e3117060a78b4L,0x85e8851a860764b0L,0x3342d974bce0d787L } },
-    /* 36 << 49 */
-    { { 0x2bc4e37a719793feL,0x1543af2aa68ceea3L,0xc99cb391aabdea45L,
-        0xc890e546f0b8eea7L,0x8b75b91feb4173d7L,0x9d52d04bef46f637L },
-      { 0x0929f25d878ff734L,0x7377235fb6c43342L,0x657835cf6eca900cL,
-        0x7b752665098bb5e2L,0x320d09b6b8a61442L,0xec4f8182cf5b8023L } },
-    /* 37 << 49 */
-    { { 0xfc5f8feffc788160L,0x7d552625f73f48a3L,0x4eea435145c02498L,
-        0xb5f5de5bf8f8af26L,0x78f1c499067b1610L,0x6e0d1b14eac18a29L },
-      { 0xf8be2f6c052af916L,0xd8cee5668876af81L,0x99a27ec31577bd90L,
-        0x3ac529d242919f4fL,0x1215428c7fc05dd4L,0x99ef01e450f67e87L } },
-    /* 38 << 49 */
-    { { 0x145902629d671094L,0x7fef49c166ce858bL,0x2a7ea540c2f21eadL,
-        0x1226b04fc1d5a636L,0x4fb54e4e535efb9bL,0x6c51cdb91d72bed3L },
-      { 0x94162e44938efaf6L,0x166013cfaf6f5697L,0xfa9495bddf95f9c6L,
-        0xc05441cb0d7f8406L,0x7e5c89763a233ca6L,0xbc75dc6493fe8e42L } },
-    /* 39 << 49 */
-    { { 0xe1885cf128ed669eL,0x6e9f40dfb428b3cdL,0x412388a61626f8d0L,
-        0xb8201f047cbcd192L,0x642ecfad70ba644bL,0xd43be1cb43c76bb7L },
-      { 0xafafffc388f4bd51L,0x8c40e2787052eea6L,0xc1a84e866a4c8776L,
-        0xf0201f292fe7075dL,0x132f80e4576af421L,0xe0831b7f4731dddbL } },
-    /* 40 << 49 */
-    { { 0xecfabd2742dbb68aL,0xad43a2c43eb546d1L,0xcf4e64ccfe2691c9L,
-        0xe3889e258347566aL,0x48da354885b8c733L,0xcb7fe0679d9c9f57L },
-      { 0x8c26a8d668223280L,0xc1e8ff623065705aL,0x181ca70a3f8db9f8L,
-        0x25aa6450e758213eL,0xa4898f9169b2653eL,0x5e5c9fb4ccd8303aL } },
-    /* 41 << 49 */
-    { { 0x640b6946b03aa213L,0x6b99e84d00c068f7L,0xed4f1d2d99c5c461L,
-        0xcec88724b20eaffaL,0xdf2b79a95dbbc32cL,0x2f7397054f3a1c5bL },
-      { 0x1594a54946eb52edL,0x55f11aad39c4c43eL,0x0fcdb331f46500f2L,
-        0x0d66be885ceb8dbfL,0x4d977349886dbbf1L,0x238f4617797d1b41L } },
-    /* 42 << 49 */
-    { { 0xfc8c7320721034d4L,0x48b389db60264280L,0xac246988649cbd88L,
-        0xb7f52891a50bb658L,0xc0a812e50a7f279dL,0x6593175967fb2cffL },
-      { 0xd31a77c6661ab439L,0xabadcea00ceb4aceL,0x201d98f6a3702dddL,
-        0xcec1e83e7c9463aeL,0xc64e44fbc55e6856L,0x421f3e3148aa0d81L } },
-    /* 43 << 49 */
-    { { 0x4f0b251871a07c6dL,0xbfe652edaf3a2fbdL,0x5f68dc667bc2053fL,
-        0x445df84f6040a7cdL,0xbdda2132180dc0a9L,0xd8627401d6c7a92fL },
-      { 0xba350cb190cd2c73L,0xaf4c1e5929886ab4L,0xee8fdff2d677399cL,
-        0x3ce35c6edaecf83fL,0x44df0a300f114062L,0x1b633b4647f29868L } },
-    /* 44 << 49 */
-    { { 0x48483f6af58ae2c1L,0x70ba34635e1cce49L,0x5f7a1c6d33907532L,
-        0xa0fab701875a5f3fL,0xf2e8b0ff85d387e1L,0x0076aa68ff349689L },
-      { 0x6e392b02747e2fffL,0x5e1ea320e788d577L,0xba705bd7713a0b03L,
-        0x04ef192f2dc2cbc5L,0xa5a14eed38aef8a2L,0xf9682bbe30a268faL } },
-    /* 45 << 49 */
-    { { 0xc04f2cf540244a00L,0x00c90c3bb8dc0ad2L,0xac5b1060601d76f6L,
-        0xad97c5c1a7ff84ecL,0x7919a06dd2328101L,0x62d5b7a4ca8a69c5L },
-      { 0x75607148de5a2cc9L,0x1afff7f79a75fd24L,0xe62efc8083a22367L,
-        0xad08258a10e05e36L,0x22666e06c0e4b549L,0x15f62c613f4c48c2L } },
-    /* 46 << 49 */
-    { { 0x751affadc7b8da09L,0xc052109dbd8e45d5L,0x7d11aaad87c14560L,
-        0xa0410b2a6b690121L,0xcabad9853e10a103L,0x4d19bd3e785f1bfeL },
-      { 0x8f32c6b84b6167a4L,0xb21d4ec297b4f546L,0x2e26df99c008f7c7L,
-        0x63825597eb347720L,0x6a05b375afe39fc8L,0x19790b92131201a3L } },
-    /* 47 << 49 */
-    { { 0x149347ff7780729eL,0x076b4edc62e2dd48L,0xbf0de9d7cdcec866L,
-        0x9d75deab8fa1e18cL,0x10931716eecb1f4fL,0xa8765dd3a385eb7fL },
-      { 0xfd26f39c4d70651cL,0xc501caf48834c723L,0x1d263a83a65e5093L,
-        0x57ee2fb96f709deaL,0xdae3dcc645091321L,0xba0665a906a60a48L } },
-    /* 48 << 49 */
-    { { 0x517d13b1784d0621L,0x2db4ef27d77b84beL,0x6e2e26866d752aaaL,
-        0x95da9fa1cab02667L,0xbe8d91ad423163c3L,0x8f3d59dba69953c9L },
-      { 0xf728b1d2d6e635aeL,0x5c4c177deeea663eL,0x97a900a82e75d9c2L,
-        0x136c6b1e3ad09defL,0x4bab14a6dd8a2be8L,0xa4ee903025cf1447L } },
-    /* 49 << 49 */
-    { { 0x05f93697a5235c12L,0x434f91026943a0d0L,0x92696b701a4d3169L,
-        0x0a9da44b8c3b1ee5L,0x327f9f79d295521bL,0xf605cb83afd8aa40L },
-      { 0xe3bd4ab5d365fb37L,0x6c6a470ce984ea2dL,0x7ad01e6b392af60dL,
-        0xbef2dffd5ff8ee6bL,0x4e56deb722efc2ebL,0x1b90570ae14ff270L } },
-    /* 50 << 49 */
-    { { 0x70718d8e333cd9e2L,0x858c880c6b03a371L,0x5b7f69a5926a3dd4L,
-        0xedbed135572f420fL,0x740a21e6332aaa09L,0x665aff63fecf1e3dL },
-      { 0xd884a3c1214490e9L,0xed70c29a63cdab1fL,0xc92dfa58786e274bL,
-        0xa5395591d7fd529dL,0xacdf81ac3b95b61fL,0x07f801df40cb45a0L } },
-    /* 51 << 49 */
-    { { 0x4f863ad59230d44fL,0xd176d2764a099825L,0x4a6868745a43a7d8L,
-        0xbcab3548fff3e8dfL,0x15028cfccab2c7e6L,0xad077a8874a91fb2L },
-      { 0x015700d39eee3e32L,0x524ef9c7386e489aL,0x3be1771b60285f8bL,
-        0xe4a5353cf9c33beeL,0x0aa0f2ab244ad683L,0x04e846f98a4c0ed6L } },
-    /* 52 << 49 */
-    { { 0x326a204790f55f13L,0x194d24db53017b29L,0xa26db785cd4368c3L,
-        0xd58943e8238d7518L,0x8e06f8cc3527387eL,0xebc6dc9e071846d4L },
-      { 0xbfc08dccc541e098L,0x3dcf0713e4fbc9a4L,0x44e9ba7869fedb43L,
-        0xd867cf784fa012a0L,0xc618b2b88733ddf2L,0x4149fd48a737fd5cL } },
-    /* 53 << 49 */
-    { { 0x5c4c2183179b1928L,0xc54d315d0439876cL,0x07d22792f7495bceL,
-        0xd378185e3bc32c4aL,0x8539aab65b31c5c9L,0xc72b1ac640dffb35L },
-      { 0x46bb918a2e8d6ae2L,0x102c49f9e8a1d7a1L,0x7c622793cd2764d3L,
-        0x5bbc6f023c7aafcaL,0xa41f383bcff71b4dL,0xc8a0e1a9aa99bf83L } },
-    /* 54 << 49 */
-    { { 0x323aad4991d6b8f3L,0x91b678c0f3d9154eL,0xc141e2424ce74f67L,
-        0xb7c38aef65659ca0L,0x5b5f89b174a937e1L,0x739fad71abc55012L },
-      { 0x315ed44ccee5f4fbL,0xb0731455360a61eaL,0x39235ff0ee93ce5aL,
-        0x6352556fd203baf9L,0x3c22dc6a0ea06b93L,0x195638cb591bbfa0L } },
-    /* 55 << 49 */
-    { { 0x8bd5a15359ad0688L,0x827e82d8a7323070L,0x9ea55b3af70686e5L,
-        0x511c8c3f34c2d054L,0x9364d28aa14a3c61L,0xc4dff9c461374139L },
-      { 0x947c3ec9a39c01c0L,0xead11d42108440bbL,0xcc6d893569677f79L,
-        0xb1d632710b9b4823L,0x2cec325e63b154e0L,0x45e97c3814a85b9cL } },
-    /* 56 << 49 */
-    { { 0x11b59f3e92acd14cL,0x188c1bb1d7aea098L,0x5cadf0a19365958fL,
-        0x8fef04fcca0b1b0eL,0xbcb4d9fb0c274a5eL,0xe97eb41cba78427eL },
-      { 0xc49f0bc55cf06378L,0x2681f12a281b669dL,0x200e9e583f796b81L,
-        0x5bbea92b17964262L,0x86b3c15756db0039L,0xe4477c5eead482baL } },
-    /* 57 << 49 */
-    { { 0x1340e22c050fc1faL,0xd5cc5445bd062615L,0x03ad31601f494b03L,
-        0x612919142af1b95eL,0xdb31a06d53705ac5L,0xf590433ad07ae464L },
-      { 0xed52363421bbbd72L,0x1f032ad2f1cc7842L,0x212b1d5536a7164aL,
-        0xc2cedab7dd973183L,0x29aeeee05e74ada3L,0x579984d8bb666836L } },
-    /* 58 << 49 */
-    { { 0xbbe5db83e13d34d3L,0xbae5ae959a8a3344L,0x55d2f0ac797d6e35L,
-        0x75e78c017cd0abb0L,0xb757f72cbad96294L,0xe52493895d556f25L },
-      { 0xc02293538e7675dbL,0xc363c5255c8beec5L,0x7ac23c0b7c87ee00L,
-        0x9c5f22b4a7de93f8L,0xc6f0ea64d9644b5fL,0x3fa718d4d161f87eL } },
-    /* 59 << 49 */
-    { { 0xe8496c463f356cf8L,0x25b5b8742da1b81cL,0xa35ec06330efa9c9L,
-        0x7497d85ffdaeb348L,0x312ad677e83f49d7L,0xcb5c346cfe8aece3L },
-      { 0x19d7332d61cd4ebcL,0xb03dece0d0967141L,0x47dcb81af5455addL,
-        0xbef0e70389ca68d4L,0xf7abbeb9c987400fL,0xbda81c65a1521da1L } },
-    /* 60 << 49 */
-    { { 0x535f3e4b86882341L,0x5af1c6322e22600fL,0x0403b6e0584a13abL,
-        0xa64de86661f59ce9L,0xd22106f738501b92L,0x2932f808ab6ffd04L },
-      { 0x8da4cc6e232967f2L,0x4b8fdd9ef3644670L,0xe8cb6ef31e0c51bcL,
-        0x20b7b734230c6897L,0x5009176453d9339aL,0x5f5c8c67ca637277L } },
-    /* 61 << 49 */
-    { { 0x23e333d467232358L,0x3c2807bdea037380L,0x9439cc4626f1dc2fL,
-        0x8c87dde53ac29173L,0x601b7245766897a1L,0x9e0b1a4559350e3cL },
-      { 0x0818b6cb301db407L,0xbdc4584676b6fbf3L,0xeeca553431bdd954L,
-        0x1dfabc033f9be3bfL,0xdf0415dc68851bd8L,0x33be32a67aa9dfa8L } },
-    /* 62 << 49 */
-    { { 0x8c9017dd4b4e4b5eL,0x02f435dd7b892b2eL,0xe9af9efd292e0f2dL,
-        0xa32124c75c4d315dL,0x5c6fde76b31a390dL,0xf1fdcefaa6e46d3eL },
-      { 0x5f39dbfe9e9e84b6L,0x574d647d19aab6b7L,0xd5a234cdad1a2987L,
-        0xeab841c7dab59c81L,0x5155898db3137b90L,0xc52e9ddd06db2fd0L } },
-    /* 63 << 49 */
-    { { 0x8617f0d490660ff7L,0x00d73d108b35743eL,0x433e42d68a6ca67eL,
-        0x575ecb9beab5cff6L,0x4c64bcddf258960aL,0xb8ffb7f32c23405dL },
-      { 0xa98c06691261b0c7L,0xf2701f4a6b9bf7c6L,0x3abe44c41c68efc3L,
-        0xdb5ac9cbf12c7a25L,0xf5b4616651120981L,0xf8058f7074d518f3L } },
-    /* 64 << 49 */
-    { { 0xcd92906c6d6ae962L,0x628356159807d881L,0x0d6929781fdc1915L,
-        0x45d01a8c269d611eL,0xe7bd1e709665b00aL,0x086385349bcaa388L },
-      { 0x8f189e882dd24299L,0x5f643392b82fb270L,0xca65bf16c633b111L,
-        0xc6adc9c9d6f1dac8L,0x0df2c293a3c3381dL,0xdd6ae97d8388cd12L } },
-    /* 0 << 56 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 56 */
-    { { 0xffdbd0eb3863db02L,0x8b8256832f57e10fL,0xc11acead35e7a3a2L,
-        0x4998cf8c67833028L,0x8f3a346b844c7976L,0x0a9d872cdb9b1a1cL },
-      { 0x8735dabcb98d445dL,0x93790d80305fa0a9L,0x7c0add49d267a01aL,
-        0x2b46c913ffa20d11L,0xf2acef26d8ab2d4aL,0x71b701b93d926080L } },
-    /* 2 << 56 */
-    { { 0xe9d2a98a5133de8eL,0x37083b60b81b8b00L,0xf399325dceaf86aeL,
-        0x03b17c888f161525L,0xd8ac35c984211b9dL,0x220837849050ca48L },
-      { 0xa818c44bc9fab832L,0x8882bccee5aea7daL,0x633aaf35f8715b04L,
-        0x5463e1b99d8829a9L,0xb18df52d84a820f1L,0x9d5ef891d096675dL } },
-    /* 3 << 56 */
-    { { 0xd54e2c7cac60496dL,0xc06d5e5d04cd50a4L,0xcb4105e8e60f7f59L,
-        0x705db308427483adL,0xf73ba98bf2bff383L,0xa945611a0220e6e9L },
-      { 0xc01c46b8d957e12bL,0x458897b7acb1f371L,0xf738dc0bfa3403e6L,
-        0x098bc687d2202896L,0xec0c217a5f882e5eL,0x8f25af77a1f4eb13L } },
-    /* 4 << 56 */
-    { { 0x2615c78259ee4124L,0x4dc2824c76532b4bL,0x9c3b1d771c84a04bL,
-        0xb6fc203fcb9f9e34L,0xbed65464c64f7846L,0x04f520a2eb004248L },
-      { 0x5c0177274a58fd22L,0x25958482c10d9472L,0xb78c6666aceb0e3aL,
-        0x18d3c188fc046f0aL,0x7f3e2f301baa9595L,0xa574f8cd8a2844e8L } },
-    /* 5 << 56 */
-    { { 0xc899eba381c2d81fL,0xb27267d6f3f0a431L,0x607c8629da55568eL,
-        0x6b5472282b1dc1d9L,0x23232311c9c001ffL,0x207a2eb2488f8b85L },
-      { 0x3867ac9adac37a28L,0xa36d14d32584a5f0L,0x7398c647a74488ffL,
-        0xf6ed920fbe087640L,0x72beddc76319a571L,0x55c2cd826a244aebL } },
-    /* 6 << 56 */
-    { { 0xb7da79c625f8a53bL,0x6b950bdfd331ad8eL,0x3481b7b54aa36d18L,
-        0x6efeaf88ed0e3091L,0xeb017bddc993074cL,0x8431a6d6529dd654L },
-      { 0xf5177231bd069585L,0x6d753b103ce85096L,0x194d82d34ca26741L,
-        0xeaeffe15adcd1650L,0x4dcec3d9af7758b7L,0xf5fdf6664cc2c819L } },
-    /* 7 << 56 */
-    { { 0x94bdc7f4a9810744L,0x464195daf045d859L,0x27e2dab0d654cb57L,
-        0x1d4e1e537a491956L,0xa1ef570c31d5d099L,0x01cd21ee295f3de7L },
-      { 0x8681b00db8249038L,0x17c31bce93781b71L,0x4324e90c6a1b5748L,
-        0x44f9324c1222e554L,0xe30ba10fffd53dd0L,0x2e5817a8b48eeef0L } },
-    /* 8 << 56 */
-    { { 0xa349bb66c8fccaa9L,0x7888755f31a53ee7L,0xa6e1d891c18d3750L,
-        0x9985aa4dae8d2bfbL,0x8baec9ae31b33078L,0xee68295a98750e94L },
-      { 0x0d834bf8d6ddf305L,0xab33dff39762126cL,0x0c22faaa0c51d098L,
-        0x32404042b887a10fL,0x31f6a614248bed32L,0x311f86301ce0d662L } },
-    /* 9 << 56 */
-    { { 0x5c95cf080d844b0dL,0xe09a8352c98650c9L,0xc1b106c5d089058eL,
-        0x2b3cf101eb0c6107L,0x1993fdba3ce6ee18L,0x7234eb6425fc4d24L },
-      { 0x8345acfe05f46dfeL,0x07fccf68a2d87d38L,0x14494cea85da7852L,
-        0x8737500acecdd9f1L,0x72b1490ca39068ffL,0xce28271acfa4469aL } },
-    /* 10 << 56 */
-    { { 0xc872326f55c6c00aL,0x6a5f0fa3f912decaL,0xf4ef0ca5a7d1bdb1L,
-        0x1dee685b37dc6bebL,0xdad4cf52f1b09b88L,0xc7199f0277f1db84L },
-      { 0x7099ef00a3f00491L,0xd8fbbbfa6d8804e3L,0x2a00b8e50ae1e360L,
-        0x8a8c9d03fe9be5dfL,0x06e0585b8b1faf6fL,0x19542ee7ae29c502L } },
-    /* 11 << 56 */
-    { { 0x36cad867e2aa1c5eL,0x7ef21e51317f9078L,0x68efbb84c82e925fL,
-        0x973b36769fe751e0L,0x09c4e0c1177d36a7L,0x9c0b7e048a753c5eL },
-      { 0x8414cdab15ccad5cL,0xeea2134ed50c1678L,0xd9c1dae8f6585d5fL,
-        0x82fd04ab4e5c3d96L,0x868cddf7da3812d3L,0x32a65aeafda07e68L } },
-    /* 12 << 56 */
-    { { 0x73292e6a60720858L,0xe046a79953160855L,0xf74d56c9ed3b94c1L,
-        0x0e371167c67863e1L,0x19b3a9f43f6636cfL,0xe624798d898a25b0L },
-      { 0x2ed1fc4dfde2cd6eL,0xd9a7ab519fd15ee5L,0xb6b8d551c487b1cdL,
-        0x9fec705ae8936c54L,0x4b779dde1a50e094L,0xfb5100c2c3a4ef5bL } },
-    /* 13 << 56 */
-    { { 0xb35a7b102704c525L,0x8a77fa5b44276cbcL,0xb4a9cd235ff1a12cL,
-        0xc74a017c88a37997L,0x84e26eea9af37476L,0x8a6b8c0e7bbf737bL },
-      { 0x90ab7c948f05bd3eL,0x31749075464f3a2cL,0x32f7873c1dcfbd25L,
-        0xc0af73d343bc2054L,0x556c4798171d825eL,0x2c84b5b6081542f8L } },
-    /* 14 << 56 */
-    { { 0xa5907e5c59ab2507L,0x12b86e04cf7df60eL,0x0a14bed18af4bc50L,
-        0x462863b20c11bac5L,0x98dde284126958dcL,0x8877e7695625eb29L },
-      { 0x869f7214f4fe19e5L,0x29867e51ec0f8c1aL,0xbf498bc078b85f03L,
-        0x9dda400e8973a94eL,0x8d8b998ae6e51b1aL,0xedb0957c557ac00eL } },
-    /* 15 << 56 */
-    { { 0x84b6d5143b7d43f2L,0xcb84c823afb7a2b9L,0x892e8c4c56d2b161L,
-        0x52ea7426214fdc0aL,0x07f3d57679763557L,0x9f95fd585a828bb3L },
-      { 0x2c7f03d550e14019L,0xab723de7d7eae7b3L,0x4c08189317f4ea6eL,
-        0x64cc5bc0ec367246L,0x73077b5ddf11c3b7L,0xfa34b540e08eb4bbL } },
-    /* 16 << 56 */
-    { { 0xac6dbdf6edc9ce62L,0xa58f5b440f9c006eL,0x16694de3dc28e1b0L,
-        0x2d039cf2a6647711L,0xa13bbe6fc5b08b4bL,0xe44da93010ebd8ceL },
-      { 0xcd47208719649a16L,0xe18f4e44683e5df1L,0xb3f66303929bfa28L,
-        0x7c378e43818249bfL,0x76068c80847f7cd9L,0xee3db6d1987eba16L } },
-    /* 17 << 56 */
-    { { 0x254ed267050f46f1L,0x36786ff864daa83cL,0xb4a89efc802a3ae6L,
-        0xe0027b3486b77d59L,0xb7147905f48d0de6L,0x00733ca710cf7c60L },
-      { 0x87efbe387b3ab776L,0x3db10898de9730f4L,0x61f21e1386b7a40dL,
-        0x5541873648455b6aL,0x0de378f9a88587deL,0x42dead7a766d18f1L } },
-    /* 18 << 56 */
-    { { 0x42b8ef51e15ad876L,0x498886e5082e110aL,0x3144e8c964edbd73L,
-        0x4b08cf86f79e6724L,0x42d06d53ddfdb6a5L,0x4c9dce336d8b1f33L },
-      { 0xbb8913ae4be29e97L,0xe944c922166fdcc4L,0x83913b963c494e9bL,
-        0x529d57ac633a0018L,0x632a7cfd242e7d9cL,0xf0e2434dd9b51d08L } },
-    /* 19 << 56 */
-    { { 0x74768ab044ff52cdL,0xa590ac7eead09902L,0xdc408c53f52c0f5fL,
-        0x614a22d6f853efbfL,0x61f391c425126427L,0xb61adcfcbf462fbbL },
-      { 0x7b753aaaaffdbe78L,0xce12b2247bea939dL,0xca21f73e95baf09bL,
-        0x2a82915e43ca9ebeL,0x67ba04f57936a38cL,0x1c1964f1616b0b87L } },
-    /* 20 << 56 */
-    { { 0x4dc628c67cb2ec48L,0xc896f99c0cb1e9d2L,0x399ac2e85cc6134bL,
-        0x5ac36de184ba73d0L,0x66a334a3e1803832L,0x394af7ea59b770c1L },
-      { 0x3df19e55b46f793eL,0x97aaec84bf770a95L,0xf52068b8f8c54408L,
-        0xb6f7649f49e05f0fL,0x54d8db0583360826L,0x24748fdf71af722fL } },
-    /* 21 << 56 */
-    { { 0x68f4dd4956c29111L,0x391ac9910dac9352L,0xb0a8a54206dc9d58L,
-        0xb5058ed8fbe70330L,0x8b5e9d4076b593bfL,0x769fb99cd7f2b261L },
-      { 0xcdcbb60ec67cce8aL,0xe01a5d5d75da36dfL,0x7e831d0ef7c6e5cbL,
-        0x0f6bf54bccdeef00L,0xed49ad3998ba4d8dL,0x8d512c83614d70c2L } },
-    /* 22 << 56 */
-    { { 0xc1910b2545b4f6e5L,0x54c6ee8489fb712dL,0x80b6fd47f5747ba2L,
-        0x3d81e7efd6d4f856L,0x8b9e87418031f1bdL,0xc591d451f2327316L },
-      { 0x4830d9971e0f1c1fL,0xeabe29bd86e92024L,0x2f2053a1b8c68d7eL,
-        0xff4eb9e879d00ad6L,0xa0c93249f4b4cd89L,0xe127d9d3cb9e0761L } },
-    /* 23 << 56 */
-    { { 0xeb947df3492d73ebL,0x5474817b0d32c2ddL,0xeb01bef7a9440e93L,
-        0xf604581d8085d1f8L,0xf69daa189f69ec8aL,0xc79ac48e71748716L },
-      { 0x5141c75ad4beef28L,0xf7dfaf89901c44a6L,0x7bcbe4812e81ed85L,
-        0x57ed0e6f0c5a4423L,0x7cf189651cec85a5L,0x8ddfe8a5beef12b0L } },
-    /* 24 << 56 */
-    { { 0x60ee08b46bc0b979L,0xa31cfd961aba7f4eL,0x66c05a6358bedf51L,
-        0x2ae6ec3854df9266L,0xe7dbda332771b08aL,0x44455d312a09fb28L },
-      { 0xaaba39171cec98a5L,0x9b2b12258cb543d0L,0xf47a9cd16af6495aL,
-        0xe207f3aac6cd8a16L,0xf98952878ae828b6L,0x37e2475725844053L } },
-    /* 25 << 56 */
-    { { 0x7c8137d8f93723a2L,0x78fa2e03cf552846L,0x3becd2627d11977eL,
-        0xdbc8e9b34e9a700eL,0xb2c7798d20decdccL,0xecae57179523bb6dL },
-      { 0xc0fec0677fa2f633L,0xe270b10702aab6a8L,0xda280b374dcc797bL,
-        0x50a163b86c42945dL,0x4a3fd6bd363e44ceL,0x0aa7e33d38bca4e6L } },
-    /* 26 << 56 */
-    { { 0x19c7f098a693d0aaL,0xb79d84244bd22a29L,0x19d91d12a9b3c2ebL,
-        0x2ae96bfdde735665L,0x2f9c9a773d8a85bcL,0xa74bdd46cbab80f5L },
-      { 0x25a2486cdd9f70f0L,0xada155c9754513d5L,0x8aecd7db4c3e9494L,
-        0x9c3951ad2cf6665eL,0xd35780d44a9ec29eL,0x064983964cfd7821L } },
-    /* 27 << 56 */
-    { { 0x23407aac0834f890L,0xad7b7b5599bb065fL,0x3254aa7e4ba2b4ccL,
-        0x37f37fd1663f9213L,0x0c72c3111c5a51d4L,0x6e6df84b9989820bL },
-      { 0x576a320e1ae2f321L,0xa5fc617c3c62888eL,0xc4f1be4df6c40362L,
-        0x01b21892dbfaa5b3L,0x6fc0442390b9a5e3L,0x22a70c8791495c30L } },
-    /* 28 << 56 */
-    { { 0x365e1382183aee81L,0xe9f2245275d289c8L,0x543cb5c7b70962e2L,
-        0x853971711cea2e37L,0x8b31cf530adfc82cL,0xf9a458bf3b67c705L },
-      { 0x13b1cb3334a9b3a8L,0xa4325b403732f6b5L,0x39e997ba04e9df8eL,
-        0x24c0d6ebf1d542f8L,0x9cb3f1abd82901bbL,0xbbaef37a4cb34763L } },
-    /* 29 << 56 */
-    { { 0xc4881080b08dd648L,0x21869be8f1fe4e15L,0x63e158b112501ea3L,
-        0x48a909ce32408693L,0x77fd2cf062b24495L,0xf7d1e134db9322a5L },
-      { 0x4c02c8bcbdb19eedL,0xe03cd00e8a20b335L,0xe04271c530632562L,
-        0x549e5dba603e1681L,0xf01b38f95503b61fL,0x244c81920b3fb785L } },
-    /* 30 << 56 */
-    { { 0xb423030c4b0c7247L,0x242d409f149f8cbcL,0x6094885e9c1f518eL,
-        0x6d299dffe04d97ebL,0x152d05bb09903069L,0xf5656895fe235dddL },
-      { 0x801e7f736b22ac0eL,0x73aa6df46ba6dc97L,0xba498bc0d66e5d8cL,
-        0x8054e17d36b8c78eL,0x241bd2e21137fdf1L,0x8e79a943b97dec15L } },
-    /* 31 << 56 */
-    { { 0x94e617abeb64269eL,0x39aef936b410ae02L,0xdbb744c325fcc976L,
-        0x5072bfab38a5b366L,0x3998aefea3f5d715L,0x0bdbf555a74e281dL },
-      { 0x50d2feece24dd239L,0x835925ef46324c5cL,0x53c4eece7a4dad08L,
-        0x340fef207c358d83L,0x9e2189da30f04396L,0x2bc748d727e322cfL } },
-    /* 32 << 56 */
-    { { 0x1238e097ae658422L,0xb4631ddb568df55fL,0x451254e7f74c5c50L,
-        0x238b16d28805813bL,0x23987b28925e7a6eL,0x93b72e2d2a1a10bcL },
-      { 0x944c784d05e44b7fL,0x7d70fd098c8e3120L,0x6bf1ab2aead45716L,
-        0xd5f8f0e631c04205L,0xac062526a10b8881L,0xa1a83cf0fe5505a8L } },
-    /* 33 << 56 */
-    { { 0xe1e05ff89ea47326L,0x88219a1ffbfc7f61L,0x9cbd0b387dcd3008L,
-        0x751d03847671a68eL,0xd73ed70d28e0387fL,0xf66f9cfea9485256L },
-      { 0xac68aae1ae153e0cL,0x92eb6542e81b1282L,0x9617d45464541adfL,
-        0x81b4d94a9d489e95L,0xafd5cd4620f31ba0L,0x35700392e5a38941L } },
-    /* 34 << 56 */
-    { { 0x52296be3b71ea9c4L,0x82b05a43424cadf9L,0xb6d329e8842699e3L,
-        0x9dfb91bf9370f2c1L,0x0188b738994ecc71L,0xa9a7b03b5ce8b100L },
-      { 0x99198b2a25c33035L,0x772795a7e21895d5L,0x37dafa4c42173e01L,
-        0xd37f03933ab27d91L,0xf3500a7d2afad1f3L,0xa433b5fd87eac06eL } },
-    /* 35 << 56 */
-    { { 0xdc193cb5243a97bfL,0xe367f27ff5715184L,0xc4bb95c6fd9120c6L,
-        0xd2bd176bbc5f7ba2L,0xf2c0f86de966c1deL,0xc69ab26e811e70cfL },
-      { 0x95756460e87c55f0L,0x6b62ab136a59c832L,0x6e971c6c128448a0L,
-        0xca72482e91ea44a3L,0x2602d4795dca0f8bL,0x8dadd3e25519433bL } },
-    /* 36 << 56 */
-    { { 0xfe0553be23246f68L,0xccc1d774d8ad4128L,0xbec668d8cc155edaL,
-        0x7a80e9b44231506cL,0x579cb5f42aa1740aL,0x3a61b84fd8b35a2bL },
-      { 0x0478c05ba3b519f8L,0xf518ac09acfe39aeL,0xabc15e9076c956e6L,
-        0xff35db67dd55d268L,0xbe066679bdbba89fL,0xf7385df12062b845L } },
-    /* 37 << 56 */
-    { { 0x279d7ffdfc12078dL,0xeb14155eb8f302e9L,0x5f1b11e165b3c14dL,
-        0x08510b461bd36b3fL,0xa7f5b2ffc9d73b4fL,0xe5e831557aa09e40L },
-      { 0xbed67135cc3d88d8L,0x7b2775f7017a43d2L,0x9ce22ff24c58cb64L,
-        0xab88d04849ede1eeL,0xcac13762da63daa8L,0x70662331b1dbfc4eL } },
-    /* 38 << 56 */
-    { { 0xe4f7022200a8a9adL,0x8d1bbab7d42fffcbL,0xe024970e368ad5edL,
-        0x231ef631b4c0c9f8L,0xb47ca0386760b411L,0xe1f297ff179e6d44L },
-      { 0x2e5ec77d3e071736L,0x90e20be915b29c93L,0x33961b6dbb7e7237L,
-        0xa854df5b42176851L,0x67d223e4a8f4bac8L,0x5464a46f0dee39fcL } },
-    /* 39 << 56 */
-    { { 0x525a553b32230b65L,0x7bbde6b816bb6a4eL,0x2f5bc6d229f12292L,
-        0x5d86858045fbcff9L,0x6ce4fb249f932964L,0xd7cd175098e05ef6L },
-      { 0x794b0248e1366d8eL,0xa37afa66332098a0L,0x2dcc1888d9aac70cL,
-        0xa01ba83ec15b9fb8L,0xd34ddf851df4b59cL,0x92289e954f829510L } },
-    /* 40 << 56 */
-    { { 0xdec879d51c9d09f1L,0xdfa9e7d61b371576L,0x8c705c7937fb3410L,
-        0xd770153e1f2a02bfL,0x208fc8f18043ba69L,0x58aebe6e25aa3453L },
-      { 0x191b69e512941f03L,0x27dbb050d7966e0eL,0xa5196bb7d16bc20bL,
-        0x5b6bae47f22b30b2L,0xbddcabda8ce7b419L,0x6e3cfd373b9f5a39L } },
-    /* 41 << 56 */
-    { { 0x605d4b83330c07f8L,0x4dbe47646a0ed45fL,0x1e715823d7e4163dL,
-        0xe337a67dcea3306dL,0x55abf0684f18a604L,0xaaf69d5ea9f57370L },
-      { 0xddd09e8129784840L,0x17fd42b9a4fff5e9L,0xe99859e55acee616L,
-        0x41d691203b927ed5L,0x35cc99675168f505L,0xfc311c24431d7d60L } },
-    /* 42 << 56 */
-    { { 0x415f7f0da581c54dL,0x67c678244509f31fL,0x36fb92eb988f449dL,
-        0x22d41b1a94181fe4L,0xacc68410df896026L,0x4a10e46f9ccc4df6L },
-      { 0xf805a1191969cf2dL,0x7230a26b32ad355cL,0x9d200562e9abd845L,
-        0x2db90c3b5cb55349L,0x80b59daa29bcc42cL,0x81272ebc53d32149L } },
-    /* 43 << 56 */
-    { { 0x6aaf15f27756bcffL,0x5391bc009b645589L,0x46cc4480a6fc61a0L,
-        0x6fde9d53293d676dL,0xd6c35628d7618399L,0xdda13a0853daac23L },
-      { 0xb6e6c20c0fe7995dL,0x32eb3468d8d41d55L,0x8927d508c19c5995L,
-        0x3907eeed3c229e66L,0x509af79f27972057L,0x8a7f44f750e2f170L } },
-    /* 44 << 56 */
-    { { 0xb91ffd21c87b3fe1L,0x0fe8389b34fe2825L,0xe22d45d74bf4c8cdL,
-        0xb575ae4cd6d8308aL,0xa7fa552e82994ba8L,0xfb67a86fecb08870L },
-      { 0xc3bebdf8e6dabcb1L,0xef18b357b5bcf114L,0xed518499a4b8eca5L,
-        0x0fec83c5df16ed99L,0x5d353a5856b5649eL,0xc858c1d1cec900e0L } },
-    /* 45 << 56 */
-    { { 0x7a65d2660d85e627L,0x96170bb90bc010a3L,0xaa6e0055da030ad9L,
-        0xa75ab280ff4e4a8fL,0xec14e68c0be864a3L,0x05424b9cc17723b6L },
-      { 0x9ed54bb218ca85d6L,0x035edc14b78b34bbL,0xc116914929617416L,
-        0x0a00e0086cb0d801L,0xba40f1207d4a638fL,0x54b1e8cc9d8bd0e9L } },
-    /* 46 << 56 */
-    { { 0xbbab4ab54c88db57L,0x68dbee6f9ee9558aL,0x31b988e140da802fL,
-        0x9d117c37e90b2221L,0x443ae099025b66c7L,0x8568bd6f2538a654L },
-      { 0xf806d8636720df01L,0xe390adf2b649ad8fL,0x7851f8e039d1c315L,
-        0x8185ae1a5e650f1bL,0x3dccfc4c9b562532L,0xae99ae835f427c40L } },
-    /* 47 << 56 */
-    { { 0x99542ca7564c7ad5L,0x682eace49a96f25dL,0x2d01b2488d933a6cL,
-        0xf96916ddb8604277L,0xad3259d12e4d7419L,0x9085251fc26981e5L },
-      { 0x848219363d2ec970L,0x723ea6a5392351c7L,0x3fae69a55e5448c8L,
-        0xf6eee650dfb03d49L,0xe2e1df1ef8c58715L,0xc603b61f1a369206L } },
-    /* 48 << 56 */
-    { { 0xcbbd8576c42a2f52L,0x9acc6f709d2b06bbL,0xe5cb56202e6b72a4L,
-        0x5738ea0e7c024443L,0x8ed06170b55368f3L,0xe54c99bb1aeed44fL },
-      { 0x3d90a6b2e2e0d8b2L,0x21718977cf7b2856L,0x089093dcc5612aecL,
-        0xc272ef6f99c1baccL,0x47db3b43dc43eaadL,0x730f30e40832d891L } },
-    /* 49 << 56 */
-    { { 0x7f3a3e5f4447ed08L,0xa6302f7bf94d49d0L,0x94fd2ad33b2abc46L,
-        0x98ffc01fe4249c1dL,0x6f3a53bf8db4549fL,0xfbae12df25566cceL },
-      { 0x63fc92d3c2e84d15L,0xc355b46c4f5abdebL,0xb50b43a05678d0cfL,
-        0xf4d4b0b15681d628L,0xc9f11d63fb3bac7dL,0x444b748cda461eb1L } },
-    /* 50 << 56 */
-    { { 0xafe9adafc9845a07L,0x484a9eb9df6a1305L,0xec32f0bdb0f111dbL,
-        0x742b41cddc7b100cL,0x5a7ea89d23c5f849L,0x1ea8801fa298aa82L },
-      { 0x183e1750cb001f26L,0x66ec5daa49da5bbbL,0x8071ff322d05ab57L,
-        0xaea9e694e1944e0eL,0xc993754437b85438L,0x2c2467b4faaf4f22L } },
-    /* 51 << 56 */
-    { { 0x38f87acce602c278L,0x72c79590515854dfL,0x9d466a765e7e2f6dL,
-        0xe5f6704772081935L,0xb4b56288ad958812L,0x7f4d9e1395b08242L },
-      { 0xb38d0ddb962f0f6bL,0x969d4327e5f76463L,0xf7c7c799f6ac01f8L,
-        0x494066673e6ff230L,0xa81fa10dc7e9c1b6L,0x2fcf26bf8093c2d3L } },
-    /* 52 << 56 */
-    { { 0xcca6e9cfa754256bL,0xfdd79280347723f7L,0x8179d6f52d69c6bdL,
-        0x156a53fa94cc8567L,0xb819d70324655f28L,0xf86872e2ebfb198bL },
-      { 0xb158e73939ccd668L,0x655db8248de67826L,0x54399a79c621cf3aL,
-        0xc55900d498a09c9dL,0x5423edbf20278b3aL,0x06a625b280ba89cbL } },
-    /* 53 << 56 */
-    { { 0x0f152d69869c4f68L,0x0ed4205a9f0068fcL,0xda68af4f25d4490eL,
-        0x715fcc60745c00afL,0x70ab559aad63dff1L,0x7d0a7b6a9b8a37ebL },
-      { 0x82ab7a068bca8498L,0x4f012fb4297d954aL,0x8b139e6ed5f6a4b7L,
-        0x597316e4b856ac26L,0xeb64b5894387367aL,0xcc92eeabbacb7e74L } },
-    /* 54 << 56 */
-    { { 0xb53560e968fdcf87L,0x4ed638bd3cbd0887L,0x57f3f38f6080d1cdL,
-        0x50370e0c1e4e3ae8L,0x14c87fad184a1ecfL,0x3d06f78d0af7b2ceL },
-      { 0xd9370e24fd595621L,0x1e462483c9fbb559L,0x1ee5d81ca0aa5c0aL,
-        0xdb2524557419564dL,0x782ba91b57585be7L,0xb2d14bcc5c431c72L } },
-    /* 55 << 56 */
-    { { 0x9cb9de6fd62ebed6L,0xb7f23b1916c6d571L,0x69b4a8dfa8b307b5L,
-        0x78a7f74e19dc7e39L,0x423405152f47c94bL,0xf1c2a5bc31ff2d82L },
-      { 0x98c1c3f7b145387eL,0xdd9d24d885e635ccL,0xeaaececa07397bc4L,
-        0x6bf6a8469b0cd4c6L,0x68052950680dbd05L,0x81a071b60ce07df9L } },
-    /* 56 << 56 */
-    { { 0xf3fa8bec0c61d5a5L,0x98f772fc0dedaa77L,0x45a382161146d42bL,
-        0xebef5d4a58821ebdL,0x21498af30c1f0e6aL,0x3d8699144758014aL },
-      { 0x6f2276ecb625c7e0L,0x68d6a144fb55d708L,0x0bc836e0ad56b494L,
-        0x72b6d8850f58ef70L,0x0e0be2887bd7c1d1L,0x70549a879c277d39L } },
-    /* 57 << 56 */
-    { { 0x39a445d2dbb2bb75L,0xda2a211b1ac42cd1L,0x934bee9a8e4cf8f9L,
-        0x5d0dde6a24801bc1L,0xb2d4261d23da4ea7L,0x5fa9059a7187cde8L },
-      { 0x49298bb651f05f9aL,0xff0c4a0422a7bee4L,0xf466232da6a29be3L,
-        0xff2e157a995c1904L,0x3a4ee4537b31bdffL,0xb4a736d7e41f6eeaL } },
-    /* 58 << 56 */
-    { { 0xaed55c123fa96c0eL,0x8f90803f6e08adf2L,0x349e5807015b7cb4L,
-        0xdb3f05e314656b3cL,0x9289bbecde8b2d9aL,0x3cad12e0c7f28356L },
-      { 0x7a68fa54959fe89aL,0x2e7135d0a77f956fL,0xa0285cbabbe35884L,
-        0xc547ffe7131ab269L,0x82a902bebe33b425L,0x5a793a790c71b02aL } },
-    /* 59 << 56 */
-    { { 0x2bb2a929c645c6eeL,0xfc6cbd471e651728L,0x4ec3f630c07af98fL,
-        0x118231588e4a8ad5L,0x99a2b5de1303f68aL,0xcc280b182ec9b8f7L },
-      { 0x3d7b406ad7298d55L,0x63941bceb9f83957L,0xfeeb132c463a64c6L,
-        0x243a2e2bf76a6c8bL,0xae72bf2fdad18d64L,0x774423431987a4caL } },
-    /* 60 << 56 */
-    { { 0x06de549d78dc1526L,0xa27fc0c1f52c5766L,0xee5ff3d8e9485b1eL,
-        0x7af2fbc64bc530dbL,0xa266d6c810f9dc58L,0x866abeed8bfa4d74L },
-      { 0x50356d7fcb7c7018L,0x4ae502e07c962af2L,0xb98b449cf011990cL,
-        0xfcc8446b59e8535fL,0x25964ab0088776ebL,0x3848aba2ab6cfe8eL } },
-    /* 61 << 56 */
-    { { 0x9f2c62cbe14a2c5dL,0xcd182e386b113f03L,0x2275ad4f525a15aaL,
-        0xd5b7d1d9eb373133L,0xd3c47b9b07929822L,0x60b043cd8fa8e8e0L },
-      { 0x603a3403d3958f57L,0xefa36ad67b79c263L,0xfe33dd9f3742ac39L,
-        0x30f40b3bb249f9bbL,0x9d2902d20a3b2e7fL,0x173f7d1a899684f0L } },
-    /* 62 << 56 */
-    { { 0xdcbeff5bf33bdff0L,0x963ae65ee9684a3bL,0xe03586882bcd272bL,
-        0x756695068942f107L,0x14319d19262e422fL,0x5c0ef45a2265b294L },
-      { 0xeb897bd8a9f64203L,0xa3b259d742b1640bL,0xdc34ee2dce66355cL,
-        0x2fab125eb4e13438L,0x1b93a820443420b7L,0x79c46f97b4ba8382L } },
-    /* 63 << 56 */
-    { { 0xafd8cb2006e55b9cL,0xc88f38ea2530a11aL,0x628d10bfe4efe221L,
-        0x00df0da42a8d983fL,0xed45860508a2fce0L,0xcd7882b86a01efecL },
-      { 0x93ebd86c7efcbf7bL,0x578f9fe7e3db504aL,0x3c584008aa5e83e8L,
-        0x5bf38b4ca8368754L,0xcb4a9cf905c05ca7L,0xf77ab684c634f28fL } },
-    /* 64 << 56 */
-    { { 0xac92ee1537d83369L,0xc968c187fecec65cL,0x29a7ca876e7a3265L,
-        0x0f2b7e7a8456c9afL,0x7471824e9754326fL,0x498687bf364d2ec8L },
-      { 0x86d8aacd3c6ee351L,0x01ee6823f6f41e85L,0x9805fc881d79f7ebL,
-        0x377ac3a40040547dL,0xd39215d461b4e90bL,0x2547416e4c5fd81bL } },
-    /* 0 << 63 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 63 */
-    { { 0xa10292b907a6fbf8L,0x292c1a203fa6235bL,0x7a36f18f73ad7a1fL,
-        0x8b2c7b0c5897b11fL,0xf7b9a272cb664c61L,0xb6d366af8f81e22cL },
-      { 0x3b99b2118e342bbaL,0x03ce158bb06ced2bL,0x3af1175d001db74bL,
-        0x526f08467159cb8aL,0x6a3c6e1febde4601L,0xfad5963b8c232eacL } },
-    /* 2 << 63 */
-    { { 0xa54768dab1b43eefL,0x13e41f47e14fda22L,0x774df203faef6863L,
-        0xf795a034bd7471b3L,0xf0958718b47de2e9L,0xc92f7888e1160cffL },
-      { 0x86ded97b0146c790L,0x015918f5480a4b7bL,0x05588920424e8459L,
-        0x37455914eecf8b2bL,0xe7d3df1fb968a6faL,0x07a0ffd6bad0719fL } },
-    /* 3 << 63 */
-    { { 0xf13f55e619f6ebccL,0x63720df2a266b368L,0xdbcc937f3bf1a890L,
-        0xd3faff625f326fa4L,0x8b33bae9019730d0L,0x7879782af9961795L },
-      { 0xec7e75bc93735e44L,0xfbbf6d225d5702d0L,0x26b6e1d53bc2ddc5L,
-        0x00345bf714941d10L,0xdd719676a745c77cL,0x2869b11881c523dbL } },
-    /* 4 << 63 */
-    { { 0x2566021f98d23f6fL,0xfb883e1234ca97caL,0x34e047a5d9f51b69L,
-        0x0b50d91df8efa646L,0xc2bbcbb2971f584fL,0x4136f0e40907c91cL },
-      { 0xa7ebeb0de735cc48L,0xa7d1bedce113c8faL,0xc04d9a073f5c962aL,
-        0x95c155e53ff74a2fL,0x923c65a53df0749dL,0x10d5f81227ae35d0L } },
-    /* 5 << 63 */
-    { { 0xc08cf7a1a128747dL,0xeb34a1c02eca6776L,0xff6e7cdfb596491aL,
-        0x17024305eddd8bbcL,0xab92b54cf3c46414L,0x2a995b7759134eb8L },
-      { 0x97525904e48cb259L,0xeac065ed1e1da01aL,0x16cab74a14c5bf38L,
-        0xcd3e2516c14eda8fL,0x3ff38094a8de7a9eL,0xb7340214359d653eL } },
-    /* 6 << 63 */
-    { { 0x4d37c2663e7a369aL,0x092dc32c3ae62c55L,0x566da2e928ca9d67L,
-        0xa9771c1a79beb236L,0xaf6b97a976f801e7L,0x3afd62e771259358L },
-      { 0xc23a5e32cd541e77L,0xae4c90a301660ff9L,0x3f3a233b1911ccf2L,
-        0x93e4664cfa3b3aceL,0x4bdc14832d4c5f5cL,0xfe03d3c36abf13c0L } },
-    /* 7 << 63 */
-    { { 0x9649468631b26990L,0x55222e9fe3fd62f4L,0xc8eaba742ee74b8eL,
-        0xfa43617834d198efL,0x475b688e892748f5L,0xc6eb426541b9822dL },
-      { 0x535695bebdae951fL,0x45e69033e909cce4L,0x40354e72b1829154L,
-        0x1005ee6d5c56c3cfL,0x61b36a754a3fec51L,0xae644f3872f2f56eL } },
-    /* 8 << 63 */
-    { { 0xd5469c7becee6e87L,0x056180bc33a4c917L,0xf881ca21a16caa7aL,
-        0x221de182e6cc7f39L,0x10d61ab531378723L,0xfb763bd9520c9660L },
-      { 0x145214cd0d6b1541L,0xd9f7ff2dd70223e7L,0x9fce59e30cb1fe69L,
-        0x2e6e77fa3e299fe7L,0x3a0cf652d5af78cfL,0x50cc42c53e852159L } },
-    /* 9 << 63 */
-    { { 0xd2536452b8da85a2L,0x5c15dabe331197daL,0xf5a89366aecccec9L,
-        0x8f998baf2d8352fdL,0xb10e6c80f56159d2L,0xf61ceff379eb9affL },
-      { 0x05bcb93d1c4283a2L,0x4e1abc521d8cd941L,0x898c9a49b46b343dL,
-        0xcf352f3c6e423ae6L,0xb1db207f6fd42c89L,0x08f36a1edab295b4L } },
-    /* 10 << 63 */
-    { { 0xebbe18b7ed31fabaL,0x046e248dd74971d3L,0x3ddf5a2a0b24f97bL,
-        0xf9a400c262fc6124L,0x9ad9b0bc6b03b73aL,0x9fa97c56153c8fdeL },
-      { 0x1b6477da00b73ea7L,0xec59f64a21b2f3f3L,0x4428712895306955L,
-        0x4b5db01db9e77579L,0x237edf0bde05e0d1L,0xac904b01855332f5L } },
-    /* 11 << 63 */
-    { { 0x6a37fc505cf708c5L,0x8de4dd7c30497ceaL,0x6978648161b8bf39L,
-        0x3cb303375d7362eeL,0x0e24d09237ed25e6L,0xd474f3dc2f69ce20L },
-      { 0xe15d98a0edb40541L,0x5e4a87c91466f464L,0xc3cefc9eb68923cbL,
-        0x66f10920f22c9de2L,0x3c18f9ea9a51b3f2L,0x706237bef40e6204L } },
-    /* 12 << 63 */
-    { { 0x0791dfa1df764716L,0x31bf68768c66da07L,0x49f25b77ccedf4f3L,
-        0x05170ccd5d965c05L,0x37d9521bd49e6727L,0x1548251286a00176L },
-      { 0xdab444936c00eb48L,0x102c6b95e00c5c5dL,0x43660c3e4c2506baL,
-        0xb2fb26165ec6f132L,0xccc4221a99ac7691L,0x05b29758a576deb5L } },
-    /* 13 << 63 */
-    { { 0xee84fe05a5731e27L,0x3251ded005713149L,0xbfeeaf3c7c5e7260L,
-        0x3db0b6b2f048907aL,0x38728debb4a6b923L,0x853997d9d1142e10L },
-      { 0xc636e3874b641cd1L,0x69b10f43c629f4f7L,0x6f10a95c7deddd0fL,
-        0x85b5a7a317f56374L,0x28cd59435c329333L,0xb37621f7d1e476a1L } },
-    /* 14 << 63 */
-    { { 0x3a17f86d48341ba2L,0x558ef6e8ba6375bcL,0xa86ea3f0927935e2L,
-        0x2f43742ac04d4fb0L,0x32a30bce38769421L,0x5a6d6a62d8d3912fL },
-      { 0x34154b19c20e3fd9L,0xe95d3843fc85f907L,0x26cfbe0f9f7a13c0L,
-        0x50d50b3a531736e5L,0x81849773b2cfa2c2L,0xc81523e63ba8ae5fL } },
-    /* 15 << 63 */
-    { { 0xac9b0573c2f899caL,0xd9c4fc1ff747ef78L,0xbc205571c7714e62L,
-        0x726bbf311919f8c8L,0xfff68adaaedc0450L,0x9f4bc0b9f4001089L },
-      { 0x5d10a660fc5dcfeeL,0x1ea644fbaa9f25adL,0x4f5cf102e5a144d4L,
-        0x4275b6021521f249L,0x9c62750522d8bcdeL,0x3ebbfc5bb7df57afL } },
-    /* 16 << 63 */
-    { { 0x4a873076ad8c49b7L,0x891598ce7146575fL,0xc1d3042f427ea198L,
-        0xdc592111ed259219L,0x0abdbd16234850caL,0x26b9412643b6fe8dL },
-      { 0xd3c79d1736a1cfe9L,0x576386219a2b3bafL,0xa736535d5a98bf65L,
-        0xacb3b7ddab2cdb2bL,0x37d3743adaaf89eeL,0xf19d9aba0b348532L } },
-    /* 17 << 63 */
-    { { 0x013b49753e09dc4bL,0xe548f7bc2d034deaL,0x65ffcd710b861c72L,
-        0x80f4d7a2e07dac01L,0xd1889dcf56c1a8b1L,0x14ad62d4789b133bL },
-      { 0x082e3c082e80532bL,0x0562a7d80b9d17e2L,0x4f8613095d57e2a7L,
-        0x79f21d7255f93514L,0x22c4f68c595c0f33L,0x91d9bd5ba22c0c33L } },
-    /* 18 << 63 */
-    { { 0x30539655b29eff74L,0x7ba206ebe723167cL,0xe20c3ce488110a02L,
-        0x52b406b97c124481L,0x050111c68c74a728L,0x3d594a6bc57cd9feL },
-      { 0xd4b2a271e5f952d9L,0x7e52d63b080da0c9L,0xa6463d65f53a6cffL,
-        0x9ebcffcfcc678e26L,0xa657f27b2f2b9424L,0x850bd2b871da5c9aL } },
-    /* 19 << 63 */
-    { { 0x9f3c395b7d4e1a14L,0x2f99aa23bd7301efL,0x50eee34e3017f166L,
-        0x88c951ff4c9cbb4dL,0x90c0422ad8dda2f4L,0xe8361775d49cae19L },
-      { 0x654db0d250da6138L,0xe4ada30ee03c34a3L,0xde0d3787832ccf4bL,
-        0xd1bf435641b94c86L,0x347531c37db87eb5L,0x6942e7e30fb51863L } },
-    /* 20 << 63 */
-    { { 0xafad01a0d93c54b2L,0x659bff9695536c49L,0x7b91aac2b9734c15L,
-        0x55c7f08224e02f59L,0xebcb71e73a26e551L,0x5b7225f76c6343ebL },
-      { 0x021c48fb17d5e775L,0x57536a42bd859c87L,0x24852cc0ae2b63e9L,
-        0x21515020c0ce0ef1L,0x2ac7336c8fed825eL,0x4bc87feea0152819L } },
-    /* 21 << 63 */
-    { { 0x7f9813e94b82bbd5L,0xc01f14624e697d08L,0xf02d9eb293de010eL,
-        0x290c503c50db5ea8L,0x339341f033edb639L,0x962abf5f7cd7f6c1L },
-      { 0xbb1041ae95fb9e8cL,0xb8c9f9d6dbd8525fL,0x8658a54f0f5244b2L,
-        0xe9326e455b84eea8L,0x9ebdfe4f54f11de8L,0x3c90b0cedc740440L } },
-    /* 22 << 63 */
-    { { 0xde6973e22683ad60L,0x35fe4650eebceb58L,0xbcdbbabf7c719a33L,
-        0x8bce8111c076ca95L,0x8f7176deeb6bd711L,0xd04e9769d240a56fL },
-      { 0xdef7d8fac8e218daL,0x04cff5976df28152L,0x2a1af6e24bd1cca2L,
-        0x9397014edcb911e2L,0xa251339038677b96L,0x0dc48a8fb61b462dL } },
-    /* 23 << 63 */
-    { { 0x42eab6610197a8d2L,0xdc4a557ade082468L,0x4cf68d6090495f66L,
-        0x6dba8de79032929eL,0x304b38cc827b5d7bL,0x8e57275cf32f5063L },
-      { 0x4b555a0337280c95L,0x49c1e532ef8ddd18L,0xa2d8eed45459adc1L,
-        0x2b353217bba3cf41L,0x11f3c90cefe8f005L,0xb3367fa0d55916c4L } },
-    /* 24 << 63 */
-    { { 0xe7c396d64654712cL,0x1fa5ea507a26e994L,0xaa98768709012b83L,
-        0xf1ef9792e9b17e98L,0x2c22bcb06dc2db10L,0xae42ddf6ed4be80eL },
-      { 0x672080f62e743405L,0xa15a7f975b7821d1L,0x0cd912f247adbf07L,
-        0x6919c0dcb6c4ae8fL,0x62b13edd14c6253cL,0x66f35919f8032287L } },
-    /* 25 << 63 */
-    { { 0xc992f6fe05f3b31fL,0xcdcf59b56a3d4522L,0x69901b3815df24b8L,
-        0x4b9874029f6153b3L,0xeb09cbc1bca86176L,0xbe78cd7d446289c4L },
-      { 0xd4aced42b933fd58L,0xe0dc6f306a326de3L,0x4bef32960542a5f8L,
-        0x3eb8d14106f537c3L,0xbb45a994b6f0d0a9L,0x340c025d3f4a01b8L } },
-    /* 26 << 63 */
-    { { 0xdfcb3255fa371ffbL,0x3fb4a22c92bb6b01L,0xd96efc1605396353L,
-        0x2ce2228ce5d2bc25L,0x59483843212c7eecL,0xdca7173882996047L },
-      { 0x44dad56d8de87b1dL,0x622f88910b6222d5L,0x1abbc501d5d3a9ccL,
-        0xdbed73a5ebe52e80L,0xa7f785b1c98c56efL,0xa32471d3d343aeacL } },
-    /* 27 << 63 */
-    { { 0x65d39f8ae510cee9L,0xcc60cd118dc5e825L,0x3b6ac6627ed7198aL,
-        0x5d7fc001f33edc87L,0x0218ffc453e978eaL,0xecb762e57bdfcf16L },
-      { 0x8e7122047966b202L,0x1c502404e6b99602L,0x0acb73f1131cc36dL,
-        0x81d1132ed4369a1eL,0xbca89fe8377271a4L,0x1353a883262a2e18L } },
-    /* 28 << 63 */
-    { { 0x2713b58c9d628e1dL,0x3729960afaa8ba1eL,0xc3438130ab53bc93L,
-        0xcef9eda5e9c165e7L,0x9bacd1c3fd02650bL,0xbb300334540ece72L },
-      { 0x21f5a5d3d9c4f0edL,0x1ba32e4ff7c19269L,0x8f073beb2cf320fbL,
-        0xb49766c45599646fL,0x68180d6649e4f200L,0x8203d8aeeaeddb36L } },
-    /* 29 << 63 */
-    { { 0x7b19780fdbbbf57eL,0xc094d6d9c2207635L,0x241898ac6bb652d6L,
-        0xb61b25724923ce29L,0x26ecd97508000048L,0xd08c54e5f5f96b8fL },
-      { 0x19019968c1604cc5L,0xa9940e9edc3f31b9L,0xbad2d245c3614a9aL,
-        0x7d3cdb2d411e63b3L,0x88d842c3223638ffL,0xbc5427d0cfba2b48L } },
-    /* 30 << 63 */
-    { { 0xe6d78b7f60085b20L,0x0aa1d62bf318d226L,0xaaa4391df6461e64L,
-        0xb15ee4a7213c949bL,0x183f043be4bd3dbbL,0xa1a87996ca49f456L },
-      { 0x6030ed2ef6ed22bbL,0xa2002784fab7f7a2L,0xfc40914dd850cdbaL,
-        0xe63edc4c7df80ba3L,0x8fa35ab57b27ddfbL,0x3bdaec795096ea04L } },
-    /* 31 << 63 */
-    { { 0xf33cc5ee452881ddL,0x89c144a38966d47fL,0xbfa8395149156a93L,
-        0x0069bff358707b05L,0x2caf814cca12a0b5L,0x1ea71ce71794450aL },
-      { 0x08fd2b1c63d22a26L,0xdb08594eb3876737L,0xf459049a57b3669bL,
-        0xf64ecaeefee0d4ccL,0x9da2177c63f233a4L,0x042fcca84e54f053L } },
-    /* 32 << 63 */
-    { { 0xa68295da2caf088bL,0x23d6439a5c8709feL,0x8deba0cffe0c3df0L,
-        0x5b4d037b3cd00a1aL,0xe9edc429aa0f9088L,0x6f5827e35847def7L },
-      { 0x9739d03d306ad966L,0x7c6b18afaed51d04L,0xdc3d34ff1759060aL,
-        0x029e9aa9a7e94dbbL,0x2a3cdfa0f7e8b7f3L,0x42f87bf0bbd8f6f4L } },
-    /* 33 << 63 */
-    { { 0xe36941004ef8cf5dL,0xcb4dbddf4d8bb768L,0x0610858e828c717eL,
-        0xb4cf22cb2bf53239L,0x938e49f16a3e7a71L,0x1dbbb837e73c7a10L },
-      { 0x26ea3108db1b58d0L,0x1ca340abad2929faL,0x1d4601938ecb1f6aL,
-        0x060543510424fd93L,0xdbfc403f0303dc50L,0x142ad48dfc0f4007L } },
-    /* 34 << 63 */
-    { { 0x8a8258eee6a52970L,0xf2d13a33a3882954L,0xd312768c38d48e32L,
-        0x78a70e03e9369eb8L,0x02ba8d2b69228d48L,0x7f957a33b3bfeb28L },
-      { 0xafb22cd20ab2d0bfL,0x335304ccf8cd44d9L,0x0587a6f256009a3dL,
-        0xc0bc7278023b2530L,0xe85f2ec5f37c6727L,0x045f156003f5a081L } },
-    /* 35 << 63 */
-    { { 0x6d71a45274ec55c2L,0x0d064bdfed33da75L,0x1aa4d77ab503afc6L,
-        0xec08340c5cb136e7L,0xf096fed6ed11d9faL,0xf232d1b82f81e148L },
-      { 0x71cc9b78ae9b3374L,0xd80ce28668bcc1baL,0xe8f4bd170274926cL,
-        0xa7ac120f100da329L,0x9f071c6352a482f2L,0x76d85a8e842d6ef1L } },
-    /* 36 << 63 */
-    { { 0x516f138bed210253L,0x5ec2fa324433461aL,0x0dbe2c66cdaf1280L,
-        0x086b91e59fbf3318L,0xfb0223ee399a1ca6L,0xd6f86d9b0db5b20fL },
-      { 0xec02bca25752d618L,0x952fafcaaf69f3f1L,0xf304cb7533c4d294L,
-        0x78085727dac65608L,0x22f302ef840a4466L,0x33fb889dc371c31fL } },
-    /* 37 << 63 */
-    { { 0x4aa2f1c36abdcdf4L,0x80963f8251da8d8cL,0x5647a356ac008cf0L,
-        0x40a78c45fc10452fL,0x2a3b9da1ca2d6a31L,0xa4d177760f0db94fL },
-      { 0xcfd600d9939941acL,0x256e44c142c3fd25L,0x85bccd42ab3f9d41L,
-        0x83e93e44d018298cL,0x569f54d474a5fb37L,0xad2c613af2ffcf8dL } },
-    /* 38 << 63 */
-    { { 0xc63e6f7c22d515abL,0x3fabfef42ad30174L,0xf13a0126b1c65411L,
-        0xe269e956dce87183L,0x44136834a83e0249L,0x554e731831958850L },
-      { 0xd287755696569aeeL,0x5af275e9274bf4dfL,0x7056f958197dbfdfL,
-        0x699f5a672169811cL,0xd9a857d92c1c7c3aL,0x62cf7431843bdac1L } },
-    /* 39 << 63 */
-    { { 0x974fcf5529d0c948L,0x104d7df0693c5379L,0x4f851c397dadfb28L,
-        0xcd5bc87c233c02c8L,0xf7fa16e82c8c1c04L,0xed42de484dc18a19L },
-      { 0x213db3a5b4366736L,0xf6eb5c9517da3d1dL,0x4d04ef1213b304ecL,
-        0xba7bd9afaf74e164L,0x956a5f7bab319f50L,0xe733891ce2a4932dL } },
-    /* 40 << 63 */
-    { { 0xaa4711f54f890542L,0x862421d9eba822c4L,0x2f667179848280fcL,
-        0x4de16d87c201ed75L,0xd20e1399c5e61b5dL,0x3f7114b49ed67ec7L },
-      { 0x561fd4979b5a88f9L,0xb202eb86d84db2c1L,0x67d8fb90c8637d3dL,
-        0x3d1d78a1032b1853L,0xe07bf775ef1af9acL,0x691e1deea57d6adaL } },
-    /* 41 << 63 */
-    { { 0xe236e42b2a6045fcL,0x4a6b7be7613f1c5eL,0x14136ccbf57b1aefL,
-        0xc3a8a6b9c7b34813L,0x63b0998c5f5cee69L,0x311bfe2c3481a229L },
-      { 0x4dd2325ff0aba408L,0x1b8a3f739a2fdff6L,0x4845cde0dbafe0d2L,
-        0xd092bb22cd37b02dL,0x35436f9d600fe0efL,0x63c580cb065f379eL } },
-    /* 42 << 63 */
-    { { 0x38f98360f48948b5L,0x1a1d67a97ae3ad67L,0x79966318ab91b44aL,
-        0xb69a75b8dfea0b1eL,0xbb18e5fa05d4d71dL,0x80a14dfe03b1280aL },
-      { 0xe549c8f14c17cf7fL,0x91da31098969b5c4L,0x1e3e8f08ccfc1732L,
-        0xf1cfb3ad0c85444eL,0x6854b52a628bebbeL,0x8a5e2d85075f04d3L } },
-    /* 43 << 63 */
-    { { 0xd428f75c5aaa1da4L,0xf192162dd224691bL,0xc30f5ccfd3a50718L,
-        0x82e2b585e9e0f738L,0xc7fb4dc15cf3fd23L,0x8a52eb37e4e2b37dL },
-      { 0xd5bb892bf1702cd4L,0x64b8ccd056b92a51L,0x98ab053f8988e2e6L,
-        0xd56b34022f104643L,0xf09017be073886d7L,0x0283e9eebf6eaea0L } },
-    /* 44 << 63 */
-    { { 0x834701da3801c65dL,0x5bb35c48955aa27dL,0x0ef0f375db7ad387L,
-        0xd25e337f06cd1d53L,0x757a1f9d90cd91deL,0x1604f153d61bbd60L },
-      { 0x6a01e8cf8bb95dc4L,0x34b7be6275bbdb13L,0x0a96b3a121e9b029L,
-        0x25615c3b2946df44L,0x5eda7d1919d04842L,0x08317975fba84668L } },
-    /* 45 << 63 */
-    { { 0x4a4dd7bf2bb5fba0L,0x0ebc07f3c84c2304L,0x054f2e448daa5099L,
-        0xbf8949da3ec362f1L,0x2e4a677c1d7d73f5L,0x405e3ad24dc70fbeL },
-      { 0x2958e956c7e46fb3L,0x34e0d7f1b2522e5dL,0xc44b95e25e371e3dL,
-        0x62e348a4d91baea4L,0x8d9e89e24c09e110L,0x8cb886f6b1c1e356L } },
-    /* 46 << 63 */
-    { { 0x66b16f6033e8683dL,0x3435ab2560b41c5eL,0xd5b89f51d452e049L,
-        0x4b5253a73aac0092L,0x01cae436f9d2e2c2L,0x789de14637e8ce97L },
-      { 0x8f50541701a1c2e8L,0x8c77dbdd798a8404L,0x5a264906b6e91e68L,
-        0x36761ccc3c6aafe2L,0x5809baa37e50f9e7L,0x0b50904e28fac969L } },
-    /* 47 << 63 */
-    { { 0xb6360372308785eeL,0x0c9913a68cf10e55L,0xe82b0f470e67c99aL,
-        0x0bf2d24825399082L,0x7aa3edfca86fe16eL,0xf534ec4e731a4956L },
-      { 0xb71d5d4eff26e993L,0x320eb7ac7bd58ef3L,0xe5e4c5f30cafd658L,
-        0xeb6b8e0a21a06cedL,0x037d0faf6f76acb1L,0x39c76a6ed6f13f81L } },
-    /* 48 << 63 */
-    { { 0x12474bd8a55a3a4dL,0xe326aaf19e471af4L,0xf201a9308caadaa6L,
-        0x546821f835304341L,0x7fe452c3088353e1L,0x8f1ff628fc82566aL },
-      { 0x49526f46d99f8967L,0xb19c80c0a4009690L,0xeccf97591cbc0716L,
-        0x2e13ae2caf4cbc8bL,0x12b0df13f32e29adL,0xa2005d6e0b1565f0L } },
-    /* 49 << 63 */
-    { { 0x9260321bde788968L,0x4aaf1752886ccc74L,0xf94ae636c06b1d9bL,
-        0xf0c858854954ae43L,0xaaa735866c42a104L,0xcab59d914e782db7L },
-      { 0xfd12f9ee01ff3a1fL,0x35eb6104b546d3c5L,0x97d839e075ca1425L,
-        0xa77712f452428003L,0xf5dda4e8bd9f30e2L,0x0c3ab97091d6f540L } },
-    /* 50 << 63 */
-    { { 0x58734b3ca68716ccL,0xacdcfdd2acfb5719L,0x97074bac7084cf23L,
-        0xf8d4f285d0c81b66L,0x5ea926e2ef541e44L,0x65a8e25da2c04e0fL },
-      { 0x67e2380f06258485L,0xdc00f2ed9691a57dL,0xd37b23fd6b80274eL,
-        0x57f1604f2fe10aecL,0xcc21a4aeffb33ceaL,0xf33a344bf75eaa02L } },
-    /* 51 << 63 */
-    { { 0x24ca6fc56969f55cL,0x6fe18be29a7a9753L,0x5e9a7ed36af8da90L,
-        0xf6c261b7ed493388L,0xbe9ac24beef2b77fL,0x0357ab559f244e49L },
-      { 0x5f7953375f1b5b9bL,0x27dfdecaa9bc503dL,0x0b2091b55c0e3ee9L,
-        0x1f4f7866d68cb87fL,0x336c2c127a442a9cL,0x88267fd1d3f2ab78L } },
-    /* 52 << 63 */
-    { { 0xdb891eedd06014e0L,0x69685d6103e9970aL,0x3a612db402838113L,
-        0xc1cd7b3adcdef0b0L,0x612b299da41d6c1eL,0x982161ed0ed386a0L },
-      { 0xb36bbe2f3ea1bf1eL,0x0d8c3752ceb2a5ecL,0xc02cd7f6ec03bdddL,
-        0xa87977c152631d9eL,0x7b546cc37e398d7eL,0x5b1218a804845671L } },
-    /* 53 << 63 */
-    { { 0x52cd86c68a62f0a0L,0xc437c2af4d29c896L,0x722a337a45aebfe3L,
-        0x03b13844d8a9de8bL,0x41a005bb8510aae9L,0xf42399ffc63af92cL },
-      { 0x004d29cfcd93390eL,0x472de98741dcfa34L,0x2c71ae744e7cdcc4L,
-        0x11a5c2f8409816ccL,0x320ca246a96cef60L,0x72de4287f3d57621L } },
-    /* 54 << 63 */
-    { { 0xe3e7a3eb3771a0aeL,0x781156e9b6dd5304L,0xbaee3a8323e31e6aL,
-        0x66d1569a08985bf0L,0x56161e202d75cba3L,0xf9c23c102a944de4L },
-      { 0x27ac8f454e129ea5L,0x8b991ba788050aaaL,0x600c96ffa5d052f6L,
-        0x0fbe944df244984bL,0x3801026fa204c36aL,0xc4bfa1994d55a584L } },
-    /* 55 << 63 */
-    { { 0x11b200c6a32f5c81L,0xc4ab4cf43eabe341L,0xa21468f06f339f5aL,
-        0xf20c2c5a729438aeL,0x3e68031e3a067c3dL,0x3962a92f062c8371L },
-      { 0x389b22835b000f3dL,0x98f3b679250b8666L,0xe283c2b4eea91464L,
-        0xd35b14de1e1f4c08L,0x9ae72567d79d8683L,0x2c37b162a3b2a840L } },
-    /* 56 << 63 */
-    { { 0xfa3e43e56cb173d1L,0x2502258d4591b5a5L,0xae8c4b558ca9682aL,
-        0x8cb1ffb4ec81a288L,0xd11ae888bfc84fd1L,0xa3b083a0d774577cL },
-      { 0x119b41c11da9afc5L,0x44bc77622934e22bL,0xa04694f37c639d6cL,
-        0xd5e1ce5732c5b8eaL,0xd507c39b9749e8b6L,0x16cc0b5755255b63L } },
-    /* 57 << 63 */
-    { { 0x66fe7a39c4955e7aL,0x25b0b3e5bb11a1baL,0xb82c2cdefc573bf3L,
-        0xed33c0e8281a3927L,0xd068c8901ad799d4L,0x052801ec9cbc73edL },
-      { 0x614e4aba0faf5c5dL,0x50d7b0a89f66d391L,0x7bdfbf5fc18e88a8L,
-        0x1fc93e1f4380d2a2L,0x8241dd5f27d952d0L,0x44944d9c3a3f79d5L } },
-    /* 58 << 63 */
-    { { 0x808e2693c0edcf36L,0x4725b5aa87c254c0L,0xd1e464644d317973L,
-        0x3e59efc2393049d2L,0xa4c9f340d3e0d17dL,0x69b40727abdf3022L },
-      { 0xa1d85395317058c8L,0x2cec2a040cfa7c13L,0xe3c16f7634236cd1L,
-        0x566b403a3e52fe3eL,0xfd6065bdd6923cb6L,0xe769a89a5019f94eL } },
-    /* 59 << 63 */
-    { { 0x9b1f6e9042a1cce9L,0xc6c870270511f865L,0xc924caa72a3c29f6L,
-        0xcb674fb068e604f8L,0xe997b0b8330c2dedL,0xf5b315a04ddab219L },
-      { 0x6fa1dde6575d3ac3L,0x32ad27f735e65e56L,0xfe723ec2e81b1ce4L,
-        0x149983f8985d7286L,0xa1d350a0492ecc9aL,0x12a51f8c36a0707aL } },
-    /* 60 << 63 */
-    { { 0x71e5df78614f6f37L,0x5cf0e08da0b80beeL,0x1f8dae171e32051fL,
-        0x54ae365d83bc233bL,0x97ea005b1b84aaa6L,0xf4766d9264c75139L },
-      { 0x9b93bbf241215701L,0xb18f042d8cf8a865L,0x5dfb96dd0867556fL,
-        0xe9fafbb8597fd6a1L,0x729b2f50fe48bbc6L,0x2cf85f6b7f37ff9bL } },
-    /* 61 << 63 */
-    { { 0x3e7c871024d197f2L,0xb635595bafe9c29cL,0x302f4fff194e084cL,
-        0xd497ce7c18edf332L,0x4081c7aa062672a4L,0xe886a5b28afa97daL },
-      { 0xa7e922b5786e1bfeL,0xabd9a18bbd7ffb7aL,0x1f4f5b9356341b58L,
-        0x1726484344969ab1L,0xc4a0b557e668a479L,0x5ad1c062bf4f3343L } },
-    /* 62 << 63 */
-    { { 0x4ff86eb693d2b958L,0x4513fe1b784f628bL,0x45f4712573b5bb80L,
-        0x25aa3d36c987bb15L,0x12b1e65bb48163f0L,0x9d0cb4aa9801592bL },
-      { 0x02c0c2aa3718bc98L,0x79b03df99c306353L,0x097d8d8daee5144cL,
-        0xebed60774621d7abL,0xa8edf06e4b52e72cL,0x40c86f181dbca7d2L } },
-    /* 63 << 63 */
-    { { 0x65c7144a5e84482aL,0xba6f92644d4f7553L,0xf4dfe807d9c2524eL,
-        0x1333dd7c054403b1L,0x44557e880156451fL,0x5dbda4d80824c813L },
-      { 0x59e204959857fec6L,0x42f4068f1b1eeb99L,0x067c3aa21d59bde9L,
-        0xa9c4c3eeef27419aL,0x99fc994b2ec87652L,0x4f1607581578a996L } },
-    /* 64 << 63 */
-    { { 0xcd8c2ec9378ef62bL,0x7f4a3c5491a7c4b9L,0xe12386d4db83e1abL,
-        0x9a792032bb549bb5L,0xaf81cba62807c0f1L,0xd4ad7d87abf2008eL },
-      { 0x9d7a72307e9ad6cdL,0xb30636b08b517b2aL,0x47c324daec900516L,
-        0x408cd0d37193eb30L,0x8f0bcce2d315c655L,0x540ad4e0869d6c22L } },
-    /* 0 << 70 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 70 */
-    { { 0x4b5e753ddae0ff8bL,0xe55c83e4da3d97b5L,0x4034d75f42fa905bL,
-        0x89b85edac33e462bL,0x31f413c3058de3bbL,0x66c01c806ba75391L },
-      { 0x3f500202373e28deL,0x5090b33b4b9be739L,0x7297aa10efa2adddL,
-        0x3e8ccdbe1a6566aaL,0x4dfda07fd7b4f214L,0xa659bd1e7cb1cae7L } },
-    /* 2 << 70 */
-    { { 0x31796c2387d11691L,0x02991ea2a9de506cL,0x4ff0cb716cb0c301L,
-        0xdd0cdbd7d1702ca9L,0x470a26c8e1a02a90L,0xb705b7bad7054625L },
-      { 0xfadc2e86d4a1a268L,0x0fd9764668e9f923L,0x042b5ebb2951a8feL,
-        0xe4af9d0364197a76L,0xdd2c6bb3249c1b5dL,0x60af89bdf01932b1L } },
-    /* 3 << 70 */
-    { { 0x4374145d41afcd64L,0x98b72d6049d21198L,0xc0ff394bdfde8a41L,
-        0xed1112e5ee1ff7a5L,0x87a920e8cb5036fcL,0x437123f62deb225eL },
-      { 0x37e527afb9ad8c58L,0x3e3c9998abfaef38L,0xb656bcc550b2b4e2L,
-        0xfacc8a193bf5699dL,0x98cec74fe616307aL,0x34af333dd3ef8babL } },
-    /* 4 << 70 */
-    { { 0x9ded9b0d744ec273L,0x5bdfe5472e79e4d5L,0x94f3aaf539393728L,
-        0x22136862a438413eL,0x449286da373c7de3L,0xa709d85d29aa1540L },
-      { 0x1bd13e410284a4f6L,0x37b54d69f0799c8bL,0xd43b558f6bcd0cb2L,
-        0xf5757c0e9e610369L,0x15c80b23c16e0651L,0xacb2cf64001820aaL } },
-    /* 5 << 70 */
-    { { 0x0629e4ddeec37f48L,0x3f7556a2da7de716L,0xcacd8f27661662bcL,
-        0x65d8bc2ceaf01690L,0x83ac66477c39c893L,0x353f60dbf59440e1L },
-      { 0x2597b0d6852c575aL,0x410885f73a40c2b3L,0x953ab3472fcc2488L,
-        0x9f753e5eef4cc6d8L,0xfc32bb4d97f69e63L,0x461c1b0c87e8c264L } },
-    /* 6 << 70 */
-    { { 0x2bea7e75ac4b62f5L,0xcf255dcdc6297871L,0xdd88db8781b25c72L,
-        0x77ad90b3b617dc04L,0x65ee13820ed4a7d6L,0x4c08df9cd9644c8fL },
-      { 0x072d3784525a023fL,0x1aef69cefce399fbL,0xb07fd78ed7f29044L,
-        0xa3754e1443043fa7L,0x97bdae92ff9fe4d9L,0xad63ba6a700fe6b8L } },
-    /* 7 << 70 */
-    { { 0xa571929ba1ca17dbL,0xce7a12f545e146b8L,0x39df1446d9eb426dL,
-        0x1e48b3f8dc27f268L,0xa2d7dfa1ff548455L,0x750068b86ef1cc82L },
-      { 0x4d699306667fce62L,0x98540b9d131c5412L,0xf8a62cd347c580b0L,
-        0x2b55460f73795005L,0x3206c0257b8db337L,0x2280934bd0dda5a2L } },
-    /* 8 << 70 */
-    { { 0x10a8aabd2352478cL,0x599d9dfa1364c40fL,0xa009df1a076945a2L,
-        0xf869152c03861f02L,0xc405226e9f866a3cL,0x93bd737d8b41ecbbL },
-      { 0xb5c9ed1033901eedL,0x90e4ce8f99312b80L,0x1a9ef22e57589279L,
-        0x83ef607d7fe2d6aaL,0xf2da84543473dbfaL,0x14f36d3a57879066L } },
-    /* 9 << 70 */
-    { { 0x2c780f220ea3ce34L,0x240a211e4b8aac72L,0x7a266e5dc2625a99L,
-        0x1cb15d3e3b30c878L,0x8cd8ccab0e1b21d3L,0x53c64279adc1a6b3L },
-      { 0xe60d15b960bf708dL,0x6e431c1b0cb5ad4bL,0xec874c3e82033111L,
-        0x88054a1d9141eae5L,0x98438a5addf53a28L,0x168f0b0ffa12c657L } },
-    /* 10 << 70 */
-    { { 0xd621ce26629d7a57L,0xbf571de7cc1f8af1L,0x2c5cfaf9304adaa3L,
-        0x950addbd3f283b49L,0x622dc27cee6d1cd1L,0x26d920041f0863fbL },
-      { 0xe243b2a2a41ec585L,0x0dbd9adf2bea6235L,0xcb083c4d6f0820f5L,
-        0x809ecbafd5493931L,0x9647067414b7ffa8L,0x2cdfe22e53fc2224L } },
-    /* 11 << 70 */
-    { { 0xc8b1333c7cd74a06L,0x7d5ac4dc271006bfL,0xe9377d9fc14e0e56L,
-        0xaa8651db7a92ab1fL,0x77cee8145fc11fb5L,0x1e7c5ca027870b14L },
-      { 0xdeef4b3f6f959698L,0x7c59f26e5daa9bdaL,0x4d0d5aecfd312368L,
-        0x5247a6f3b738de68L,0x1c4e8ba990c04807L,0x0554b41bcce126caL } },
-    /* 12 << 70 */
-    { { 0x3df98ea9a81cc26aL,0x982ed56883b2c6f3L,0xc9cbd1b5ea6d6976L,
-        0x3f9f23197e25ffbcL,0xbca8e0567da6280eL,0x7abd316635cda713L },
-      { 0x46ef321d740ae011L,0xb17f6c75db214a33L,0x37b73b4b51de4044L,
-        0x5bccf3ccccd9ba8dL,0xa2ca080dd0f7045bL,0x79caf90668cf4dccL } },
-    /* 13 << 70 */
-    { { 0xcc3605a9a7b07d22L,0x4370eb18b4ebe4e7L,0xbe393039248867c1L,
-        0xc8e4851ecb1a75ffL,0x215f3fbe39cb6da4L,0x6f2102eee41f9a34L },
-      { 0x61d484abdfae7c27L,0xf5143bd26f1260fcL,0xa70b6c067514bcccL,
-        0xe71ca833d23506f5L,0xe2f50ba8eae03a8eL,0x2ac3b50883c33359L } },
-    /* 14 << 70 */
-    { { 0xe94b930f3655cabdL,0x6ef6aac4a342443cL,0x2feb8005bae255daL,
-        0x4625a15cac6e2095L,0x75c6311d0ec76c1eL,0x896a07409b81c6f2L },
-      { 0xbad3e2f9073378bbL,0x2984a10629266ec0L,0xa68a5351a788010aL,
-        0x321aa113017cd052L,0xecfb61752f34db5cL,0xfe080cedca2b51dfL } },
-    /* 15 << 70 */
-    { { 0xba29690803360c88L,0x3fb087c036311812L,0xec5fb10ad9ff6a48L,
-        0x52f7077f207dd8e1L,0x8e65cfb844c02fbcL,0x4f4fcde2fbf4bfd5L },
-      { 0xd1ff54156cc74320L,0xf989d544f68b036aL,0xafedc2db973bd9beL,
-        0x7bdc35694785e26aL,0x0df36796751ae9baL,0xfebde691ccdabd95L } },
-    /* 16 << 70 */
-    { { 0x3499b44bc77488ccL,0xde000e01aa8f3c10L,0x30140406c1f517d7L,
-        0xd4b3c8eb82a174e8L,0xc8835b13af2c9b3aL,0x2cd7626e443716f4L },
-      { 0x336c4f4b9c22de71L,0x9dd2b277f2529f60L,0x6ffba2dc828c34d3L,
-        0x257a345c34d0d1f7L,0xbc1eff056ca4fbceL,0x05b335620768349fL } },
-    /* 17 << 70 */
-    { { 0xb142febb692e076aL,0x10cfaa6b9a654721L,0x5b7ba30c8d4917c1L,
-        0x44be3089dfe4056bL,0xb7530ae6ae6307f4L,0x47c519c45b5f381fL },
-      { 0xa80648d8c3078009L,0xfde72e30dcb021b4L,0x8a89a51bdc2659e8L,
-        0xb9e0efa6306adefcL,0xc671c060c754a7bfL,0x703c698e18f14248L } },
-    /* 18 << 70 */
-    { { 0x25c86ad43c47783aL,0xb1f94a9650f85a4dL,0xb9472e3ac023a02fL,
-        0x91033d1b26f0fcdfL,0x95d775c1ab7b4ee3L,0xbe17daffdf3a5cb7L },
-      { 0xaeaecd2ce78395f6L,0x0e3abb0953b5da8cL,0x5f729f858ee774afL,
-        0x1acccfb3aeca7a6eL,0xd066fccb37e4af11L,0x24c832ab84fc3259L } },
-    /* 19 << 70 */
-    { { 0xca547b680ca4864eL,0xea40fe17c7d49f27L,0xb5e68bab87227475L,
-        0x6ba2bfaf8ce485f7L,0x4d2747acb72684f4L,0x5fabffc670aa6087L },
-      { 0x2d4ded5679c67c9dL,0xaf3b4eedc8a4f22fL,0xbef6128ebfa6ca86L,
-        0x7ce412bbd4381632L,0x518e6ecfe670d99fL,0xaba6518dfa5f426bL } },
-    /* 20 << 70 */
-    { { 0x5ebdc79cd41b2401L,0xf0cd8598c498e0f1L,0x93f6efe79c8b7f7dL,
-        0xb2f1e40ac469aa57L,0x882f0e943433c455L,0x0add72adaea0712aL },
-      { 0xb13578c399af96d0L,0x43c28dc621177663L,0x83aca2d854e09133L,
-        0xae03943cc6ad8532L,0xce0a61917104f75cL,0x7dec8786f9838c37L } },
-    /* 21 << 70 */
-    { { 0xb0b41b8ec5abaef9L,0x43f59aee8ff5d1f2L,0xe58f78c9234d3d34L,
-        0x0e1948d029a7f49eL,0x722f8e54c6cd8941L,0x75a4ebcfbaf24424L },
-      { 0xec8954982d7dc6d9L,0x8df2feee5261e4e2L,0xdf2820b825dfb96eL,
-        0x4b89c4dcff651949L,0x27c871a527bacbe1L,0xfdc70cf7329a52bcL } },
-    /* 22 << 70 */
-    { { 0x37d58766fdb3f3fbL,0x49d9a762ad64fa66L,0xf80423918cfdbbc2L,
-        0x22e60ca36400f7eeL,0xfab8ea7568210629L,0x91267753963e5b6fL },
-      { 0x5988d7f56b8e7ec9L,0xe43e762a5899e718L,0x842dbdcc40ae8b99L,
-        0xa7ced3f19869739fL,0x1ccc1e8a6d54b9f5L,0xaa3a91adbd32e710L } },
-    /* 23 << 70 */
-    { { 0x306d662c6d4c255fL,0xf32aa48101fa367cL,0x29a71e02f16b3197L,
-        0x653f7d88513a6079L,0xde93d6e74541b4adL,0x4d284acd8c54d3b1L },
-      { 0xfc9d462be106ed07L,0x6e3818d07e355468L,0x2ad523859400c515L,
-        0x287af41d5ecd3b52L,0x1162162351e1fb02L,0xd696d01f17bd4584L } },
-    /* 24 << 70 */
-    { { 0x9db114e3715aa8daL,0x596c2dc25c2fee22L,0x04df016bd2f3080eL,
-        0x0cb3f7cfb9b72037L,0xadb877c7814fe2abL,0xb2d5ec5c37761ec1L },
-      { 0xb5d6068e55d45831L,0x5fab1dffb7c52c04L,0x39b4aa5457d36d41L,
-        0xec1de467423cc8cbL,0x280e02dafda6566dL,0xc70c3c383ca55f55L } },
-    /* 25 << 70 */
-    { { 0x27a866e7c6b03391L,0x980b0a42bfa32fc0L,0xd27856910c105df7L,
-        0xf3def8c77103a2b3L,0x6c4ff04bdffea913L,0x57b1003e121140ddL },
-      { 0xf47bb2826d0e3170L,0xa44d6ab1e6abdfedL,0x67114b8a2a4b69d1L,
-        0x7605714d52d7c65cL,0x3734795ef60b81deL,0x277f9816ebf91959L } },
-    /* 26 << 70 */
-    { { 0xe57c2ed902b3b70bL,0xcec67da99dbc076aL,0xcaf66725b0644881L,
-        0xdea4f6608a3a3f96L,0x5215f097609df5ceL,0x6d828267010193e3L },
-      { 0x5971ff31a156565bL,0x44f7e4037b64e465L,0x2145ea9ab5486d75L,
-        0x47b04066758e7ec5L,0xc181833a9c93cbe9L,0xcac07a9fe8443292L } },
-    /* 27 << 70 */
-    { { 0xead7cd3d041326e8L,0x721785f26092e605L,0x760864024ba91a6fL,
-        0xb7b9b9fa335e8522L,0x6ba9c85387bb3ea9L,0x9c9f1f6f89b2ae0fL },
-      { 0x952bb995aae2014dL,0xf8e74d80c538cfa1L,0xb21ca840b55b7e72L,
-        0x22565ec4ad982191L,0xf9547aa1f569c537L,0x8d3cb14648596bcaL } },
-    /* 28 << 70 */
-    { { 0x340d77c2f3b6cbc6L,0xe09ae22c80f4f690L,0x3e915b028b74d32cL,
-        0xae7101ca3cc1117eL,0x3c36152b526c5939L,0xdad8aedbd3ec0caaL },
-      { 0x34de058e351bde13L,0x2fa75fd4582726d1L,0x27c030efc214ac0eL,
-        0x2a216d1cc7100acbL,0x3b730043309097b7L,0x162ada747afd8aafL } },
-    /* 29 << 70 */
-    { { 0x43893d328c216eacL,0x475a3466349d7334L,0xf9f259866114fbc4L,
-        0x96a22d2f0410b54eL,0xc60b69a53f3d951aL,0x152416e7fb400ddeL },
-      { 0x3904dd2e8f682dbfL,0x5459272368383eeaL,0x0092554ee8c998faL,
-        0xc80f28512c602ce9L,0xab2f8533b197386fL,0x8c302dbc91094b32L } },
-    /* 30 << 70 */
-    { { 0x853d994eea2026d9L,0x18734b04a1b927d7L,0xd4815747ce88d009L,
-        0x0265742f01b856bfL,0x05fd8b1e205d4e15L,0x0f4c8be0f1da4808L },
-      { 0x2652b76c456d62abL,0x0d3d1a29cbb8d818L,0xf350487453048509L,
-        0xe393ef54e89ae4a5L,0x19ed8f0cc4b1306cL,0xfd72388da1aabd6dL } },
-    /* 31 << 70 */
-    { { 0x8a7e1494289e6aa7L,0xc69223e65c955385L,0x2bcbad5c087b8c7aL,
-        0xc08008a531fed020L,0x9d38f5b2dc117c3bL,0xd84158bee4ad6b36L },
-      { 0x2c2583eb92fe5b21L,0xebc847bf557ce949L,0x4c1b54ff4fc0fd57L,
-        0xe437eba325ff2f8cL,0x79a4c3cb383caa3dL,0x38a34856e08356edL } },
-    /* 32 << 70 */
-    { { 0x5d7afe9a10fa53ceL,0xe2415b501ff49021L,0xe39a067dc6523492L,
-        0x3458527527557f5dL,0x756b8d86930e9f9dL,0x88df6219040d52d8L },
-      { 0x606eb60b5362b045L,0xd179818c9e383cbeL,0xa6215748e068d293L,
-        0x73fbdca22fce158dL,0x9cfee07dcb183c8fL,0xc0bf2beba5e03c98L } },
-    /* 33 << 70 */
-    { { 0x36702d091bf9acc2L,0x1efceaebc9c9dddfL,0x31f9f5599b9afc1aL,
-        0x359d4ff33e61a0e4L,0x33b3a707f3772327L,0xd990af318ac1c7ceL },
-      { 0x5ee060b7e736ad45L,0x83dbe8b2f653ac2aL,0x30a1e38b407f054bL,
-        0x0ec6c70bd9326ac9L,0xeb37ad09d7358ab4L,0xaf36143030551ef3L } },
-    /* 34 << 70 */
-    { { 0x7b05d8e56edd5c74L,0x268edfac5443acbdL,0x73e0d693ce1ee52cL,
-        0x67c67914120a1270L,0x54a897cb6f1c5007L,0xe817914a8d540dbaL },
-      { 0x85c1fa1958fc091bL,0x4f4989f4cf2698feL,0xbb2d5091168c08b4L,
-        0xa6143388768cdd46L,0x69ec7a265e62ddc5L,0xc08749ae2654f4b2L } },
-    /* 35 << 70 */
-    { { 0x0a9882b37409bdbeL,0xfad3899cf8b6543eL,0x01c183f9f7e9893fL,
-        0xe6438cf708ac9a25L,0xec22dc81aa0f2794L,0x3b641c02aa277a09L },
-      { 0x686b1fbd0975c891L,0x4f7e1b680070ce2bL,0xdc343dd7487e3f1dL,
-        0x8825d9c230f35abaL,0xda5a77a413b91384L,0xf09d958459e405faL } },
-    /* 36 << 70 */
-    { { 0x76b242b31cf2ab8eL,0xceb190e697edb12bL,0xd39b41b7089fc439L,
-        0x6ee54e750892be51L,0x128fbcfcde414849L,0x4462539007fce5faL },
-      { 0x9d12e04513709b9bL,0xc2c49737d95b22a3L,0x0bcd670be4b34d6cL,
-        0x78d7b8cd768d7c8aL,0x7cf9382e16a0f402L,0x9b84311d17238fa2L } },
-    /* 37 << 70 */
-    { { 0x6b7faaf8c19b849bL,0x24aa5d54a5bec317L,0x991aeb14e7c06172L,
-        0x52dc7da883e65aebL,0xda8998497696dd56L,0x3844a54e94cea131L },
-      { 0xc9fb72ac55f69169L,0xe2f7bfc821893ab6L,0x44220c2edc4057f9L,
-        0x9f4f0c3812d5fedeL,0x5725b2b05c913be6L,0xfa08c56c02d8668fL } },
-    /* 38 << 70 */
-    { { 0x9aff9f0c009b3e1dL,0xed7936d97a3c8c8fL,0x0bc8e46fdefbd340L,
-        0x7b508ef231540ba4L,0x9bcd9108005388f2L,0xa25cfa07c089f35dL },
-      { 0x9ec7cf81733bccfcL,0xf8a1993a249006d6L,0x1e68981a96d81923L,
-        0x27b6199adce834d6L,0x2ddccfcfacffb035L,0xf62d7a534fe0126cL } },
-    /* 39 << 70 */
-    { { 0xc800c1d5af76895bL,0xc86db45c43f2a94eL,0xf77322fbdbb144cbL,
-        0xb2607dc8f7da8df6L,0xaf666055b6cc1047L,0xf1db6416375619d4L },
-      { 0xf6103c8c4b0fbd9eL,0xea8e979fb4f5b85aL,0xb0307d41fd16f61eL,
-        0x26bf96c58cadf61eL,0xb56c53a3bd348a61L,0xd1a5aa4f8a01388dL } },
-    /* 40 << 70 */
-    { { 0xa29d231edda802baL,0xde8d0d510ec3c1e2L,0x0ee56eae117033bdL,
-        0x4dc9491998bf860cL,0xa08919cd775cd56fL,0x609a30dc1332bfc2L },
-      { 0x2c337f181a41db0dL,0x27fb0072c974824bL,0x34292c1bfaf28976L,
-        0x242fcd73ef8c4fccL,0x553723b27473c603L,0xb2191ee9a06a0bc1L } },
-    /* 41 << 70 */
-    { { 0xd10b7b7c10bf3427L,0x16f9ebc505321572L,0x057692f6db5fde44L,
-        0xf45d4d268f047704L,0xe3f8784e25584db0L,0x753764cb9f548980L },
-      { 0x4239bd4858f5360dL,0x9dc993da98296063L,0x0fbb0c419ffd05b9L,
-        0xa6a87d50610c3493L,0x99f5669df10f18abL,0x5a03f02ba4224a18L } },
-    /* 42 << 70 */
-    { { 0x3c6839e5bf733207L,0xc2f380899c6d106bL,0x43155630e39a7559L,
-        0x28d6cb546f2b8d34L,0x19738cdf09183c75L,0xa71ec595dcee5a08L },
-      { 0x8e9c1cc3c70db659L,0x1333d7b38beff6a6L,0xb263d91e036a5aa8L,
-        0x72728714ee4f858bL,0xd65fcffbb885ceecL,0x08193f585aaaac96L } },
-    /* 43 << 70 */
-    { { 0x264006e1b53b4c8dL,0xd3748c0bdea2f9ceL,0x019408d34e580011L,
-        0x381bcc70b1342807L,0xb904a17191eb1a0aL,0x13ddf3af6151a1cdL },
-      { 0x13827129bc228909L,0x3378b4834cdbebd9L,0x25806f7ed56635c1L,
-        0xd1a3fb1c54327e55L,0xb2b8895c69d94817L,0x0779752d7150c16cL } },
-    /* 44 << 70 */
-    { { 0x228437506ce71a1fL,0x39c6fd9abf0956a5L,0xd34a4be8c8d29ce5L,
-        0x41dc15356fbf8fb0L,0xdce277034c950de0L,0x1ad7192f90c75c28L },
-      { 0x5b3df71e27766767L,0xba85ec629ca80b5fL,0xfadae6e5095938d8L,
-        0x5ce3ffc24d286159L,0x60f771fdc7b977e5L,0x7a764991b38c0c70L } },
-    /* 45 << 70 */
-    { { 0x3e4440b7469f6406L,0xdba02dea247657bcL,0xa551a570a46227e5L,
-        0x278bd5a06e58b15cL,0xbbc5f8edc53eb694L,0x50e6bf5b855a2c7cL },
-      { 0xa80af271d231f3b9L,0x6c22008bc139b010L,0x04e9a337ba1e27e1L,
-        0xcfb75909677a28ccL,0x95c59b55f967af35L,0x70d24fe88d3c6ddbL } },
-    /* 46 << 70 */
-    { { 0x0117cabbaedcb5a3L,0xb70a95d52e7bc67aL,0xdc2e07d1ad7e7cffL,
-        0xf507941825b9a6b4L,0xf953a962bc8b2f61L,0x390a630d181fda94L },
-      { 0xc833598d1fbdd233L,0x0213e633ac4763dfL,0xe822febbcabd2713L,
-        0x522864e71d2a409eL,0x49d778a81f904f3aL,0x0dd980e15912be0aL } },
-    /* 47 << 70 */
-    { { 0x97f993f46621ff1cL,0x3bdcc1ea7d30ef87L,0x931c624585386384L,
-        0xd17a7b6a8cb593e3L,0x1b25176da0912f55L,0x323cf7ac2faa4d72L },
-      { 0xababa6c58683a7f8L,0xa99ebbda4a71606cL,0xb5375f6b0cd8fd0cL,
-        0xce43e2e08ae372b7L,0x957af3cb9e69c105L,0x167c4fca772d0c74L } },
-    /* 48 << 70 */
-    { { 0x0934812574503f05L,0xcd6a64b217bf8ab4L,0x791e72fa1fd4057dL,
-        0x033abed8f0697964L,0x1085ac930d58690cL,0x8acd49d69c8874cfL },
-      { 0x929e4c39ff1a5286L,0x9704e80ff28395abL,0xfa69fce54c3d9f8dL,
-        0xdeb56555fc83a6c4L,0xd375fa037dc04c5eL,0xab2f12f156a58cdcL } },
-    /* 49 << 70 */
-    { { 0x381d144f8119fa7dL,0xda3aa4a73c6cf64eL,0x3db4cf0a74cc1520L,
-        0xe8148941c1cf3514L,0xbc6c7398a22977daL,0x75e26d4982bbdc63L },
-      { 0x17a626a4c9594c3cL,0x766fc21a60d71273L,0x547331241c7653a3L,
-        0xdbe3a9f1502617a8L,0xe41acd19a33d622dL,0x4d24cbd5e15d69d6L } },
-    /* 50 << 70 */
-    { { 0xdde0a062dbbb9d08L,0xb5676d14153211e7L,0x747247f6f97b1468L,
-        0x93a6de79b2ada501L,0xf9d4e652518ce913L,0xefb0de76702b82fcL },
-      { 0x2c54ffd9d68961fbL,0xa6a2d1a384f04f81L,0x88167488d74b91adL,
-        0xf20bba56a7d73a78L,0x9af1df5ae1afc672L,0xd79ded4543c26afeL } },
-    /* 51 << 70 */
-    { { 0x24011535a223c19bL,0x38b55f0a19c719f3L,0x369f86b4d343ce98L,
-        0x6516fca318288db7L,0xad32d4699e4aa0a4L,0xb6c80dd50480429cL },
-      { 0x890d73f3b659b787L,0x2d1f888be15362aeL,0xd26a84bf7a9d8c3bL,
-        0xd79b764460bc6435L,0xecd0272f07b0abadL,0x3ab2390382d7c63cL } },
-    /* 52 << 70 */
-    { { 0x3ec1874496d87afbL,0xb02425b5aeea74b1L,0x47cfacea954bb89eL,
-        0xd8d6ff40cd26918aL,0xf2dbcbb19fd4dea6L,0xc481a4fe370fea30L },
-      { 0x60df9f99a334a5a1L,0xeacebd61e6fbc823L,0x21932e6ba0140a5cL,
-        0x6504deb051206cceL,0xaa4b43a350560eecL,0xaf965e7b6535123bL } },
-    /* 53 << 70 */
-    { { 0x25ce17e7be01690fL,0x82bd07fc216f7549L,0x26f98cddac6e021cL,
-        0x815367ff3403972eL,0x01b1cf87cd89d71dL,0xe777db14ae24f544L },
-      { 0x8081a692f628a076L,0x663adf4498b98423L,0x4a31e0bfbfb25b73L,
-        0x5b42f193427be5b2L,0x24b1369118ae7408L,0xf13654a6e9998e84L } },
-    /* 54 << 70 */
-    { { 0xf8ec0a9e1b64a70aL,0xa1042bbb45fc54dcL,0x3ac4a936b7cbec0bL,
-        0x0c2db54708eb7d93L,0x3f16e7c961ae36d2L,0xde25381b4611083aL },
-      { 0xc1680ae3cf5edeb7L,0x7c86d74ce2b3398eL,0xa3ec4cde9945710dL,
-        0x303d28ce864e3b4fL,0xd5b9730012956ac7L,0x9ad973be3c0763b2L } },
-    /* 55 << 70 */
-    { { 0x526c03ba1979515aL,0xe6492299cde06e58L,0x2215e3fb93ec91d0L,
-        0xa086161bf783b7caL,0x89e39ff44ef0015eL,0x42c6ccc595e90587L },
-      { 0x7577d689a81ec775L,0x272e4578daf4d896L,0x6d43c717cf01d7aaL,
-        0x583814cffd5253d6L,0xee692f0666f7a3b9L,0x54048fe4e99bc633L } },
-    /* 56 << 70 */
-    { { 0x2afba531c0b9171aL,0x687dbe4cf2d75c55L,0x7c1c73f7fa17ba3dL,
-        0x7886dd45063787eaL,0x14f59a18abd0a109L,0x1819df3c873bb66cL },
-      { 0x76c969dfe01183f5L,0x486a120b1a78b6bcL,0xdfd702fac5686aa4L,
-        0x2f74157bf3457569L,0x66c8c73e01964800L,0x0a2f6114def25ca0L } },
-    /* 57 << 70 */
-    { { 0x841838a8227220dfL,0x39eb77e2cd45ff3bL,0x7140aa47f5a060cdL,
-        0x9fae5937b55bc3a6L,0x243390ea09b711c4L,0x69db2ace867a3eedL },
-      { 0x14ee853a152860b0L,0xe3389c4edae0dae9L,0x4fa55ed1248a496aL,
-        0xda6803e00ef304bbL,0xd19f48bcd04c2823L,0xe76b8d82a61773d1L } },
-    /* 58 << 70 */
-    { { 0x2e3a6332f7ae9a8aL,0x89f1576f78a12a00L,0x9597b2b245ab254dL,
-        0x2017d6306309a625L,0x0385c02719adbe9fL,0x26c84f2014606336L },
-      { 0x3808a31a3584dd47L,0x0fd2bd1b4e1da791L,0x70c2827fb894be27L,
-        0xac97e84547d1faecL,0xa63c56fe9b01c835L,0x19c3b18067ca7507L } },
-    /* 59 << 70 */
-    { { 0x975dbe423a07930bL,0xf03fc9da8f7975f3L,0x94209a2522662e65L,
-        0xf5b20e6b9619dcdbL,0xa95e2188ed5ee020L,0x2301e35abe7fb828L },
-      { 0x4216b05b9caa0bceL,0x0534eef625cdec7bL,0x81f5c5f8613aa24bL,
-        0x8705662951451a5fL,0xffafb623df15645dL,0xe19276fe79c497c5L } },
-    /* 60 << 70 */
-    { { 0x461bb6e1d118ef5cL,0x277e378d1f4bf653L,0x3b4138849ccaab1cL,
-        0xa5979a3ecea9c61fL,0xdc2a23c09dbfe67dL,0x5f7e32f5335cb2d7L },
-      { 0xeefe71a87accbd69L,0x65d961341df58e12L,0x17bafa56538145d8L,
-        0x2a723472695df807L,0x132b5320394ec082L,0x96219e617d0ed426L } },
-    /* 61 << 70 */
-    { { 0xf08ee7071ec12e08L,0xb9a51fc40c4917aaL,0x1aa9b778aa085b77L,
-        0x3b3e40d72e62193aL,0x3700217fdc211bb4L,0xed03eaf4fbea2fdcL },
-      { 0x82e00364c55111e0L,0x3be15019e3cbc07cL,0xf142d230055b597bL,
-        0xf68837b1a063deb9L,0xf1368df622e72e40L,0xfc712c67ab522f37L } },
-    /* 62 << 70 */
-    { { 0x02ca4c0dc3c8ee2fL,0x1962366a0d75f552L,0x6354ab90a43c43e7L,
-        0x9f46429f7668d14eL,0x70ffaa6d0ca59472L,0x231fdb485a95ad7eL },
-      { 0x82ae5f0acb2ebd5dL,0x2dc8417ce51b1d3bL,0x5052133a2fb456dfL,
-        0xad3b4cf2bad61a16L,0x59f283a48d76344dL,0x5f15465772b18fdcL } },
-    /* 63 << 70 */
-    { { 0xe0ef0c3cc73a7131L,0x8a4e0cdd43ea81fdL,0xceb5fcb8d6d6ce6eL,
-        0x941179893535781dL,0x20f5e952b37d4531L,0x5e77f33364c25699L },
-      { 0xb6645e8fa6d3ff57L,0x6dac30cb5b9bfdc0L,0xb29648e73ebb655aL,
-        0xe1bf3f4005ebc1d1L,0x1b12288514025fdcL,0xe15fab026c5adaabL } },
-    /* 64 << 70 */
-    { { 0x86230934f14a99d9L,0x1cf9c66e97c1c092L,0x01e186ba6f595ed3L,
-        0xd3291c3de2284a58L,0x03dee2311b9e5e25L,0xf2e9b4ad15cc9f53L },
-      { 0x4fba15679770c29dL,0xbf7d673650c4ae2fL,0x86901eb92532d015L,
-        0x4396fd784e7455deL,0x2fbcea8fbcf811c9L,0x3981ad15ae952b37L } },
-    /* 0 << 77 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 77 */
-    { { 0x6bd2c54d4cb89afaL,0xe78c8bfa36527751L,0x27f52654e3eee747L,
-        0x56f205839598d907L,0x5f91c2d027cb3712L,0xc501819fa3e33c5bL },
-      { 0x248490aa4eded738L,0xde7ac94427789065L,0x20138b3d74f7d38bL,
-        0xae791f602fb60214L,0x6b4fb300bd033d4eL,0xc69c25d9bdfd1f17L } },
-    /* 2 << 77 */
-    { { 0x0c3d2056be21a890L,0x1c1ffbfb8fcfba99L,0x1b68a98b1fbf56caL,
-        0x56fd85ff396e31cdL,0xd2ca58444382c03bL,0xc442030a7d3ef917L },
-      { 0x4129a731426afafaL,0xacff17ff5eaae9c6L,0x9e854180653f3b23L,
-        0xe65a1a149ee066bdL,0x3420084e362ea5feL,0x6fe58801c7911e2eL } },
-    /* 3 << 77 */
-    { { 0x43f0ae676c4be6a0L,0xabc6a17a504bffebL,0xd5be6c25dbb4492eL,
-        0x7efc9ee884bff97fL,0x54fbd9d7062da2e2L,0x1befeb61c6d2ac32L },
-      { 0x14cf6dc0cbafef5bL,0x8e640e4771d12192L,0xd0566543d9a16800L,
-        0x9cc2ade9beb1e28dL,0xcbfeb45038e65833L,0x3852eaacd0f5acb2L } },
-    /* 4 << 77 */
-    { { 0x5e930d65c4650b85L,0xbe96b2ae6350da54L,0xcfac4f7efa08bd49L,
-        0x277e8456a6e10f64L,0x41be3067407ac162L,0xcfd1d03252a9b68bL },
-      { 0x8d8d216a9c337e0bL,0xace044dc4e1b9cf5L,0xad9a4102c60d54c3L,
-        0xb09420f028815187L,0x881179c60b3b8e59L,0x872685ed5b09aba1L } },
-    /* 5 << 77 */
-    { { 0x26d43085ee64924eL,0x5eb54d1c4bd6a77fL,0x69a69ccfd1ca022fL,
-        0xaad92723a3342720L,0x51e27b54421d836cL,0x15e83917fc72a1adL },
-      { 0x183e75d14ddea73eL,0x73fe3b9fbafcecfeL,0x0197e0925daefd64L,
-        0x2fa89f60f85b8249L,0x95411aafd23cd465L,0xb7dbe7485d9a459eL } },
-    /* 6 << 77 */
-    { { 0xab146c207dfc66eeL,0xa7250dcebb6869efL,0xaeba44439d7ad5f8L,
-        0x919f877ec48059f0L,0x780ecd232c6b5c11L,0x586daa8e38625f8dL },
-      { 0x46a46c789911c031L,0xf56f74fc65303d34L,0x825bb06d4f384eabL,
-        0xd147719ad6aa2bc2L,0x745fd7460750e1acL,0x2ef411494b3ec757L } },
-    /* 7 << 77 */
-    { { 0xdb24cd1af10ea702L,0xf393de57461f8ebdL,0xf56f414e5cfaefecL,
-        0x758c8d854690230cL,0x6740c974433d2594L,0x69d92a620aa6bb20L },
-      { 0x17be342e9b0bb191L,0xc1cd309fdbf5c97bL,0x089134df8998140aL,
-        0x33809a7e82afcb85L,0x409d2a481db47b21L,0x1d54e86ccdb1bccfL } },
-    /* 8 << 77 */
-    { { 0x22313dee5852b59bL,0x6f56c8e8b6a0b37fL,0x43d6eeaea76ec380L,
-        0xa16551360275ad36L,0xe5c1b65adf095bdaL,0xbd1ffa8d367c44b0L },
-      { 0xe2b419c26b48af2bL,0x57bbbd973da194c8L,0xb5fbe51fa2baff05L,
-        0xa0594d706269b5d0L,0x0b07b70523e8d667L,0xae1976b563e016e7L } },
-    /* 9 << 77 */
-    { { 0x47de66da62a200a6L,0x67b0ce0d65186fb7L,0x8e8f0248238d23a2L,
-        0x5a44a886c1114a6eL,0x36383e5be8ec166bL,0xd36077d8ca7d2e43L },
-      { 0x332f98267c45e8c6L,0xcec2ba1355d968faL,0xdca664a84a56f7abL,
-        0x954652467b03621aL,0x471f66259b6e55d4L,0x401a6a5efb0714e4L } },
-    /* 10 << 77 */
-    { { 0x2fee0c6d6046896eL,0xde64c4e0466a90efL,0xb0c9755a55395f3aL,
-        0xdfe2dfd6ae3879d6L,0x979853c2d656c53dL,0x58bb6121757f381fL },
-      { 0xdfae5707980db8b8L,0x6d4c7cd7d7752f7fL,0xdfb77382c5dacfccL,
-        0xd0fca93104177fbbL,0x9ef6d3e4b67891ffL,0xb599dfcb26024609L } },
-    /* 11 << 77 */
-    { { 0x79bf86761cc06935L,0x6bbc2d3fd44fe6bdL,0x092678c486f9f728L,
-        0x05631aaf54c3fe18L,0x217adbbe95eec92fL,0xdcdbfdfb955bcba3L },
-      { 0xf938779c01bafb04L,0x67f599e73ab755e0L,0x793b591fb00c1315L,
-        0x7ea2dbae3f2d0909L,0x05436dce46614955L,0x02b988888060d145L } },
-    /* 12 << 77 */
-    { { 0x795df21ba1ebf7c0L,0xa98f2466681b5da4L,0xea18a2ab413b507dL,
-        0x9243326688324aa8L,0x2b91dcc2f74d83edL,0x95054b471f411a13L },
-      { 0x50869778e3c621f2L,0xb950f3a9427faf54L,0x8949bf7dae29f080L,
-        0x7c16cd020ef3a3c8L,0x7883c719b122cd0aL,0xa2cad71fc03bd749L } },
-    /* 13 << 77 */
-    { { 0x60c794125b3ad53bL,0x91c62ac783981a98L,0xa6f30f473dcd7196L,
-        0x55417e7598b4c589L,0x2ce067cb345b89bbL,0x4787f0db71936e38L },
-      { 0x208cb360331d7de3L,0x4b0347aa15022254L,0xc66e58865e8af235L,
-        0xdefed4c591a68080L,0x0b8dbd336eeb47a1L,0xb6d44d36f732c8d2L } },
-    /* 14 << 77 */
-    { { 0xce0b1700d3aa7741L,0x13cc58a90df0cefcL,0xa96149c7da3a1816L,
-        0xd387d361561277fbL,0x2294f77cf2c363c6L,0xc8d19d51355a8a93L },
-      { 0x926dd80092affccbL,0x70c59253686afd1eL,0xe4826f2370c4d8b5L,
-        0x948d43dba2226c34L,0x6ffed99e2a097aaeL,0x80e7a99a2ce18037L } },
-    /* 15 << 77 */
-    { { 0x070c3f39b7f01551L,0x21b249434512844eL,0x46e33e16e2e2a68cL,
-        0xd79daf0ca549dcb0L,0x634fa53966a7b9bfL,0xe856d0a8702990f4L },
-      { 0x246e5858e466abdbL,0x3f3ad441edfc851eL,0x9ab3db2c2e397554L,
-        0x6c5b1a39b5cabd32L,0x695649b2427c5cefL,0x6179fa0f82ab4f68L } },
-    /* 16 << 77 */
-    { { 0x022aa09d236b71dcL,0xb1ce6a0ea65a7640L,0x317344c5b38b417aL,
-        0x29a74cdb436451ecL,0xd898eb6ca8b1c876L,0xf0134f99b74eeffdL },
-      { 0x0d9eab64225d71f7L,0x9679b453ceb3cc2dL,0x37c894ce14dbff2fL,
-        0x3704d34927065280L,0x9ee435d8ba29a0cdL,0x675bea1409c11c4fL } },
-    /* 17 << 77 */
-    { { 0xa8454e2b63263ee1L,0xf4c8a384cc42ffc3L,0xb260754916bf086cL,
-        0x610d299cfa46a481L,0x21777897ce41a4d1L,0xdfc04bb321573cdeL },
-      { 0xac7d9433ced06177L,0xfdce0356a281b9ceL,0x22abd67970d48fc7L,
-        0x1e4ebf7750514178L,0x7f0869ef21a255c8L,0x80ae565c29bf477cL } },
-    /* 18 << 77 */
-    { { 0x607cfaa1a38a18a2L,0xb29ae9c760bd3f91L,0x4991432d76a4c22dL,
-        0x4fe8dcd380e75452L,0x7aeea8150925ed79L,0xa0cc6823b7abca08L },
-      { 0x647b164fb0a555dbL,0x60545cd3d6076f3bL,0x7e801133807a2045L,
-        0x74b2200743ac7e22L,0xdfb58fd1716d3e5dL,0x369ad09947772c45L } },
-    /* 19 << 77 */
-    { { 0xb6c5dc0635ba2007L,0x6543c6307921115fL,0xa7e5a662eb6c493cL,
-        0x728159f54a0b8d6dL,0x8cb07ef1b943fa72L,0x4a2c5cc923c46a98L },
-      { 0xea078b478c26221eL,0x68ef5015ce2be601L,0x3048b5de5239f8d2L,
-        0x00a98cd419bbe0e5L,0x0a34161caa94a375L,0x879a9a7aac8a411aL } },
-    /* 20 << 77 */
-    { { 0x2d968968e3f6217fL,0x60b781ad1fb91fc9L,0x44ce23514a84e6ecL,
-        0xe8f5627d00a3d089L,0x45211a094a980480L,0x11029b7263274860L },
-      { 0x44601cfcae0477aaL,0xa05a67df269ca043L,0x9dc3938fb758fbd0L,
-        0x43d5d89abaa35f8cL,0xa38dfa1f2ab3436aL,0xa29653bc529b7061L } },
-    /* 21 << 77 */
-    { { 0x6ab2e32b982cd162L,0xdd690ed7794d6da0L,0x8fee0b461862f33eL,
-        0xbf9aeee210d244fdL,0xe485aac27dbb57d7L,0x7f7ee4bc0ff23849L },
-      { 0xfb3c6255171ba49eL,0x089b9986133e45deL,0xb6c033106d04b924L,
-        0x216af9223ea88efcL,0xe646a49b5fd52347L,0xbb495d2ee404b86bL } },
-    /* 22 << 77 */
-    { { 0xe24934ba07fd5fcfL,0x4840e1a6a1027598L,0x4c2294d245eead89L,
-        0x7717bb604fda652dL,0xe809c21878370655L,0x417853499151e578L },
-      { 0x8bfe121cede554c7L,0x96037a33952c153cL,0x80458ed86a5b30f0L,
-        0xba331cf9ca28472aL,0x31b5f463e6c177aaL,0x68c5dc9183ec14fcL } },
-    /* 23 << 77 */
-    { { 0x8b78d2bff13dc6a5L,0xacd7e0902285c2a2L,0x6aa7866cb47e9427L,
-        0x7c2483474d9fa3f2L,0x2e668396f0661aafL,0xf491cd6d08cacae4L },
-      { 0x772a131158f9a617L,0xf372dcd6b2011823L,0x790a5ae54e6bd2a9L,
-        0x035ff238fee0c8c9L,0xcbbe828cb0b8c53dL,0x9edba1a40af83ca1L } },
-    /* 24 << 77 */
-    { { 0x2fde4893fbecaaaeL,0x444346de30332229L,0x157b8a5b09456ed5L,
-        0x73606a7925797c6cL,0xa9d0f47c33c14c06L,0x7bc8962cfaf971caL },
-      { 0x6e763c5165909dfdL,0x1bbbe41b14a9bf42L,0xd95b7ecbc49e9efcL,
-        0x0c317927b38f2b59L,0x97912b53b3c397dbL,0xcb3879aa45c7abc7L } },
-    /* 25 << 77 */
-    { { 0x62ecc0cc429bdc1fL,0x6a8000add447c01bL,0xc2dd42354f23e5d2L,
-        0xe6c1790a01b4a0dcL,0x2497e53c24393079L,0x0a113afeb2a00faaL },
-      { 0x96c1bd5011151480L,0xded805425aad86dbL,0x639f24cb76720e92L,
-        0xf17703b7d825eb92L,0x10f8924e82d2657eL,0x6edc843c627c5236L } },
-    /* 26 << 77 */
-    { { 0x472226adf80911c2L,0xfb50c3a5e087a3d8L,0xb194551441848a6fL,
-        0x61f4fbba9f17504bL,0x8c59b2c48e33924bL,0xa7641127ac7a8608L },
-      { 0x79feb7fc164a2330L,0x9e0fd67253a44e7aL,0x9c5c973081953c30L,
-        0x25d6932c3f6342f8L,0x29e8b7664b574a69L,0x02f90a46a5de3639L } },
-    /* 27 << 77 */
-    { { 0xe2d1e2a3465ab77bL,0x2ca0f6a3cf45823cL,0xa1b12306dbdce9d8L,
-        0x820470e7b4b39ca0L,0xe48956c76e847681L,0xc8ed8fc8fbf6970dL },
-      { 0x52cb109419ba40aaL,0x08136d091efbaaa2L,0x99dd1ad27d71e1c4L,
-        0x10001f97a3a59a3bL,0x79d229e460e4cad9L,0x6d443d8756732312L } },
-    /* 28 << 77 */
-    { { 0x8d6b28b4d7cfe9f0L,0x6ee5407a4dce4904L,0x7acee5e7ba0b67f6L,
-        0xd4cf6bd2abf447aeL,0xc085e8e2e7330268L,0x23edbd5a145689d8L },
-      { 0xd2ae9bd21d7b0e7bL,0x3196410ec4fe6ecbL,0x964bef26ec2cd59dL,
-        0x09c6d07dd5e0bf03L,0x379f131ea65b646bL,0x0439c37964849830L } },
-    /* 29 << 77 */
-    { { 0x8afc9a5eae562537L,0xde81bbaab2d4172aL,0xa272c6d53db07247L,
-        0x08b903ffd86ec6f8L,0x3373041f835aa84aL,0x02e8ecfdc8f18f48L },
-      { 0xed6b2784ccc11e64L,0x03e45e15842a8292L,0xfcfcc54b653b86efL,
-        0x9678fe7ed9ea2f91L,0xee5bf4584efceafdL,0x188e49d59fcc4be9L } },
-    /* 30 << 77 */
-    { { 0xeb0098cf67a224f8L,0x14e486c90991108dL,0x0dad68314b397687L,
-        0xf2a4f6cb9d089000L,0x3fcc8803509f7376L,0xdbdf06dddb5d6f8fL },
-      { 0x2cbf342806ef3e46L,0x4a4bd5eee432ca41L,0xdcb8bdb70e2d391dL,
-        0x941b9a4ec1710ac3L,0x25cea4333d62c34aL,0x9136e5cd881a70b7L } },
-    /* 31 << 77 */
-    { { 0x9bfdb9b310c3ed1eL,0xc9a225ec0cd146c3L,0x1fec4316573c4414L,
-        0xe11a408f2fa8323cL,0x198c760ac3e988bcL,0x3f8a5a1caf0fda3cL },
-      { 0x91e89f11f6e78264L,0x3cee0165264eebfdL,0xf9412b049898eaa0L,
-        0x3c67991a382e46e3L,0x8d833d7a80acd219L,0x746a696c9d233f20L } },
-    /* 32 << 77 */
-    { { 0x8b3269a2714a10e8L,0x64cef040a4a2727eL,0xbc5ac714e428865cL,
-        0x531dd17ffdaba094L,0x86d2405718d657f2L,0xe807b0d92f99dbbfL },
-      { 0xc428a80f6848ef88L,0xb3ef0709d0b73ce5L,0xa752691922a5d255L,
-        0xbfe6392318a18586L,0x28a0c772fcf633b3L,0xad22b4ec3f3c5298L } },
-    /* 33 << 77 */
-    { { 0x8b6a2f1ae6c40f85L,0xf0f44c54f44cf3f0L,0xda635b687b25d4b6L,
-        0xee59c00f8cdc9d5dL,0x36509f58cc4876afL,0xe37564484e2c550cL },
-      { 0x20f965b565974809L,0x26481694e3fe3a63L,0x6778b20becd272eeL,
-        0x9b6bbf39c9072853L,0x4f61f192b0436bdeL,0x98bf7dafd0221263L } },
-    /* 34 << 77 */
-    { { 0xa06a4b56e0442513L,0x6537e117dd513547L,0x89e38ccd2a654224L,
-        0x2fe734bd005ee292L,0x54d6933498cfece0L,0x85de5c9d85a79bf2L },
-      { 0x21e072bdcd3da6a9L,0x7a5d707b8c16b8a1L,0x43654d0142d04cd4L,
-        0x07d589b94a88c151L,0x5bfe9ea2df726b52L,0x877c46ffcf728e4eL } },
-    /* 35 << 77 */
-    { { 0xe338f606fa009c33L,0xce596aafa351fe32L,0x8ae0e06123968387L,
-        0xcdaaaa9465c98e2dL,0xec6b8a818acb9355L,0xc2c67e7facbee162L },
-      { 0x7068df85517df4beL,0xc34a6ecb7c5c076aL,0xf4193aab6250f0baL,
-        0xe0cd2f3fa6c9ea47L,0x23a57ccc6488135aL,0x044d73e6c12b842eL } },
-    /* 36 << 77 */
-    { { 0x9d8a78808078c8bdL,0x6ea07982076d44f1L,0xc58fc94eeb3bfda0L,
-        0x0b9e72200dd11b13L,0x8bd58e3aa74a005dL,0x7a30aeda115b7d33L },
-      { 0xeb0037e6ef2491ffL,0x0fa2d1a7fb39ecbcL,0xb75aac645ac598f7L,
-        0x2c3c103341f61b42L,0x5a330bf01f7eb885L,0x1c96124d33d5e27bL } },
-    /* 37 << 77 */
-    { { 0x3f157ea1b28d1640L,0xa41c98f2c96806ecL,0xef261c3bb099566bL,
-        0x11d88be30aa23f1eL,0x9a721a2c47ed1540L,0x214cb5b0e4431563L },
-      { 0x36a95c20250f6b19L,0x6b44f01d30eb0249L,0x141777dc5c67e2beL,
-        0x6926b32ebbe7bb63L,0xb72fd3bf756cbae7L,0x226661a279dfb835L } },
-    /* 38 << 77 */
-    { { 0xc25a44e3300b8f91L,0x08aa9d5691ad1a78L,0x130c561ffdd2a064L,
-        0x36f0b4608c05f94eL,0x748166e158a351b3L,0xe408976147d40ed6L },
-      { 0xa0ba5e5d1b2e3400L,0x94aea3b6687f6492L,0xf4975167ea262235L,
-        0x8014e81143e800d6L,0x635a3c516e5df6dcL,0x71207caf2eb20366L } },
-    /* 39 << 77 */
-    { { 0xc00364013638e940L,0x24baf83bbb70e3cfL,0xc08a99b865dca079L,
-        0xc070152e0d40622bL,0x44880b191697468aL,0xcf95519bfebc1644L },
-      { 0x7bdc41d7911a74efL,0xb88180314ad83219L,0x53c523185ad49f95L,
-        0x4e59a29f6d112b66L,0xb2707b9c7515de9eL,0x8322492c150c9bdbL } },
-    /* 40 << 77 */
-    { { 0xcd81bdcf24359b81L,0x6fd326e2db4c321cL,0x4cb0228bf8ebe39cL,
-        0x496a9dceb2cdd852L,0x0f115a1ad0e9b3afL,0xaa08bf36d8eeef8aL },
-      { 0x5232a51506e5e739L,0x21fae9d58407a551L,0x289d18b08994b4e8L,
-        0xb4e346a809097a52L,0xc641510f324621d0L,0xc567fd4a95a41ab8L } },
-    /* 41 << 77 */
-    { { 0x966f961d46ff607bL,0x7e52ad9bb29278c3L,0x5b9b84b9bc6835b8L,
-        0x00e4a35ad834701fL,0x53aa139866b8f484L,0xc397f087de063112L },
-      { 0xb811a9a24e81b980L,0x8d9c38ef8d680c4eL,0x0a7e66ef1c8db33aL,
-        0x1c7e636bf4e17483L,0x25c0a690ae9acf11L,0x5b0a435985966d63L } },
-    /* 42 << 77 */
-    { { 0x3d4a4ee0a3bb186fL,0x84de7765082c283bL,0x499bf10a8fc8baddL,
-        0x85191faa2db59e7bL,0xc5964c20ccc587a2L,0xfa59313b9cf52cfeL },
-      { 0xe614ce878da8cf4eL,0x7d8aa381d60e91b6L,0x054dfc4a0d5c0a8dL,
-        0xbcd89aef28a15c79L,0x2af1121efecbc916L,0x6aa49bcb44f30755L } },
-    /* 43 << 77 */
-    { { 0x7953c7ec7b7dc4cdL,0xb709542edbdd99baL,0x7a2afc3eb30b5c70L,
-        0x7669020fcd0cc804L,0xb57c1d949fade8f7L,0x5ae7d78cb2eef81bL },
-      { 0xdd5457edca354c1bL,0xa531d85c8f5ac058L,0x5fdca829009e0aabL,
-        0x8df732f6f2bced0fL,0x3ee658627faf57d5L,0xf7a265735c2f3bc2L } },
-    /* 44 << 77 */
-    { { 0xe1ce7f3725a64849L,0x760847744da790f0L,0x4638f287cf5f319fL,
-        0xe36f3c5308c3786fL,0x07042ce1985513cbL,0xfb955cbf73d9cf3aL },
-      { 0x3e68a2cacde0774bL,0x321f49b76dc2c816L,0x9bfed81fd76c4d3bL,
-        0x985b34fefd49fa62L,0x2a3de945ebb8fa9fL,0xcaa616f0405da5afL } },
-    /* 45 << 77 */
-    { { 0xf3fa1924bc6d86f1L,0xbcf9d3cbb41dde67L,0xf96431168057ef19L,
-        0x09315fc52177ef64L,0x1ae99958fcf594a7L,0x7c4baeefaa4dd788L },
-      { 0xff1ed168a2bb1bf3L,0x9c697d19b4a651c5L,0x5fe29bcc0df8c999L,
-        0x16446aa446c45428L,0x3a51398061700e83L,0xf34133593f034bc9L } },
-    /* 46 << 77 */
-    { { 0x9cc126b8cbf28cbfL,0xf3f8aa7c1e6d63ffL,0x533e48d2b7f80225L,
-        0x8fea0d204749d781L,0xd8ea614b326f8185L,0x9cf3e07753c541abL },
-      { 0x09040b60d95c9367L,0xc1b19940f5eabd9dL,0x80b0793cd8f8bd1eL,
-        0x95fafd6fadff120cL,0x071b1841ce155f8bL,0xa85dfc8cd29d9d9aL } },
-    /* 47 << 77 */
-    { { 0xf38e0fdea761048aL,0xd9d5a22c88a93773L,0xbd58470841a99bddL,
-        0xa31ef1edebb412e0L,0xd5c4fd5a0274ea16L,0xaaf215f380c1f0f8L },
-      { 0xe842a4537d3dfd08L,0xb5c877ae5a904548L,0x3dadd2eb9c6ddbebL,
-        0x7f97c541e84e54d9L,0x6183b6ce1b8d8829L,0x2a20c212f50534a5L } },
-    /* 48 << 77 */
-    { { 0xc8c9b0ae7176dd90L,0xa95604542917d487L,0xb03b7946e62c508eL,
-        0x60425926e9fe2321L,0x73b10bba80c1d136L,0xc30a847d9d218c9cL },
-      { 0x6ed0c8ef2073859fL,0xa176eabf432dd97fL,0x3078096ab9e96167L,
-        0xb28f0e6cc473e377L,0xb44e4995683a3bc8L,0x483512eed3523796L } },
-    /* 49 << 77 */
-    { { 0x7ff5827f22adab31L,0xa7e859ad43ee005aL,0xfc2387f402c9629eL,
-        0x6f39e84add12b107L,0xd1378037c097d3daL,0xc677b554d70d107fL },
-      { 0xec15469fe4943084L,0x1f0b13b19d412b76L,0x3b3b49b48a265a31L,
-        0x45f28cc7dbe97ff2L,0x33f0e31f4efa0f0aL,0x6b22b99e37a5591bL } },
-    /* 50 << 77 */
-    { { 0x0a751d3eae0538e1L,0xd51b039af14135e9L,0x92eae0f6e8bdf562L,
-        0xf253bd5c66557b17L,0xc1ff9054ef26b81bL,0x9d586d39eafd711eL },
-      { 0xd2b05d3d4f431502L,0x847d727f5823cfe5L,0x2c4e236a8e99840dL,
-        0xa407e2d87c5981c6L,0x989dd28c69ca34b5L,0x2e8ec6b09fe586e7L } },
-    /* 51 << 77 */
-    { { 0x43161b5c40bda312L,0x8fd476b8a10fbb2fL,0x84cbf7579e5d9a4bL,
-        0x19bb5926a9a31956L,0x66ed993aea9db48aL,0xd7897780ffb0361eL },
-      { 0xb031e035adfa3661L,0x1be83caf2296b4d8L,0x8802c98b0024cc48L,
-        0x73adb0c0bac1aa5eL,0x17df92e1bef75b41L,0xd753e99903d800bbL } },
-    /* 52 << 77 */
-    { { 0x24940b868733c1c1L,0xf5dd77ce2ac072e1L,0xc248ad6bf7bdb8d2L,
-        0x423e0cc9d9a8b926L,0x4318d600e6da05dcL,0x3e557e08ca27dfc9L },
-      { 0x8dc551cdc5dc822bL,0x160da94cbc8fb392L,0x4ffebd2aa6d4d363L,
-        0x8190c17db1ce15a6L,0x1abcd1361e9dc500L,0xae3a477c9ee52a47L } },
-    /* 53 << 77 */
-    { { 0x67ab01575ed80bdfL,0xc77067b69aeb4a86L,0xe6e26abdf7880a93L,
-        0x782248db1e43049cL,0xa902c41016d78616L,0xc6fa899fbf309f15L },
-      { 0x81e1532d672d951bL,0x84280ba386556a0dL,0x83190bfb55199078L,
-        0xbc11e8c25a1c4691L,0x8ac60c7f21152509L,0x4211923ec775dcd0L } },
-    /* 54 << 77 */
-    { { 0xa63b33f6746418acL,0x62085e0eb7359443L,0x3b43ea7b5fb598dbL,
-        0xf4a0f4442b365528L,0x7f4d2ff3eb55a5ddL,0x012cd591f189eadeL },
-      { 0x3fbdad99f58c8f84L,0x71dc1b0093bf34dfL,0xfb63f09ce062a588L,
-        0xd5f0f0ad6f24b66fL,0x940e23c91813cd9dL,0xeff8580b55f241dcL } },
-    /* 55 << 77 */
-    { { 0xb30719d8b7fb5f3aL,0x8f74305b43275030L,0x2fdb613bf23628bbL,
-        0x75d9868ad945ccdcL,0xbfae46f4f0b73348L,0x48ad8bafe26679b3L },
-      { 0x3aeb4743d0b389bdL,0xd2463ca37916297eL,0x3a6f37c820f52fd1L,
-        0x7bfade4495ffa348L,0x1e3f6282a25cb79cL,0xac3320d5229bd2a3L } },
-    /* 56 << 77 */
-    { { 0x261578c7d57c8de9L,0xb9bc491f3836c5c8L,0x993266b414c8038fL,
-        0xbacad755faa7cc39L,0x418c4defd69b7e27L,0x53fdc5cdae751533L },
-      { 0x6f3bd329c3eea63aL,0xa7a22091e53dd29eL,0xb7164f73dc4c54ecL,
-        0xca66290d44d3d74eL,0xf77c62424c9ea511L,0x34337f551f714c49L } },
-    /* 57 << 77 */
-    { { 0xd1f879197700d61cL,0x21728fe49a89dc22L,0xdd3a475be6d93642L,
-        0x3f8554d6e095363fL,0x4b8b712463e1bb11L,0x75db57e6c6da541dL },
-      { 0xfdeb9e46ac8342fdL,0x8ab4875114905993L,0x48150a06b2efd023L,
-        0x9f5f513df415bff5L,0x39b1234eee9d7915L,0x735570a7dda66da5L } },
-    /* 58 << 77 */
-    { { 0x3a79a1756e3d4ec1L,0xde0ee6c79936b689L,0x37a7d9ec7fb84ee0L,
-        0xe82810d38fe1f44fL,0xbe433c7253049e9eL,0xe72ef4f5fb49e274L },
-      { 0x525b72094b4ad28dL,0x37bfb857164f5f0cL,0x60327e31ac68d566L,
-        0xdb027619bb71f137L,0x8abc8026abb6e829L,0x99702ff15e838117L } },
-    /* 59 << 77 */
-    { { 0x974be1d30696f1a5L,0xf884616dd3832430L,0x6997c37ce9dce1acL,
-        0xf4bad00e2e5cfbc4L,0x7727adf8e327a9a4L,0x15315bf16aeeb305L },
-      { 0xe697c0af09fbffceL,0xe4291f7589f86a5fL,0x765f1904487b12f9L,
-        0x752c58a5b7f8ca88L,0x9f9563d473716bf7L,0x48803cdbfd032783L } },
-    /* 60 << 77 */
-    { { 0xa0d935ce9050c5cdL,0xc1e062d03e9b902aL,0x212d0e5dc3054c00L,
-        0xdc9c3f2de70ad96bL,0xa2182ffbc2742144L,0x4680d472a716993fL },
-      { 0x9852bb00677f3756L,0x2bb3d78435e6213fL,0xadfdbfe07377fdc7L,
-        0x41db795d708afddfL,0x6848cef57727ed86L,0xb24e416aa6c1dd1aL } },
-    /* 61 << 77 */
-    { { 0x36d76f2f2edc95c2L,0xbdf2a67810b0670fL,0x49fc8c43b63877a1L,
-        0x23182ed3a87c8615L,0x94c21da96c011a44L,0x3bc0b86860d3c162L },
-      { 0xca6a158244815192L,0x4bd1ce04fd97b78bL,0x1d0074cddc750023L,
-        0x40cf8233cdfb0c7cL,0xe4e28aa8bbbfbf3dL,0x72656155b6eec7d2L } },
-    /* 62 << 77 */
-    { { 0x5b1be65b912b364dL,0xe6369ca1e0335426L,0x249740d58420e7daL,
-        0xff13a26f1ac1acf4L,0x0ecee744b9634fb2L,0xbaa77d57d664ceb1L },
-      { 0xadfa7625914f3f7eL,0x17c75e99bbcffe16L,0xcf557911d64aedb0L,
-        0x8a4b7b49c3644ba0L,0x115240401eb7bb97L,0xb823c21a70fc7b5eL } },
-    /* 63 << 77 */
-    { { 0x45db2c038727c0fcL,0xf5aeeb7bbae2c896L,0xfad1cc32eed15b82L,
-        0x65d4440a8609b00eL,0x35698d956b4dbd25L,0x861615bd0f6cda68L },
-      { 0x578efdaa8aec1e99L,0x87ddae76fcf67480L,0x5ff5a1304669ccb0L,
-        0x5fd2f31a0b98ee60L,0xccad491a3cc4c003L,0x6dcf25bbccbc46e0L } },
-    /* 64 << 77 */
-    { { 0x93a62e7cfa43699cL,0xdad738901bc422d9L,0x265e3cbb10cc9544L,
-        0x28cceb062f37154cL,0x6b79b0713bf2e08bL,0x88e025df3ab39091L },
-      { 0x50a8d04d126522bdL,0xeabbc1b7b779bacfL,0x3db4336ac21cc62eL,
-        0x4747f0a36fc00450L,0x067cbf1c544b2d95L,0x2480b7d8fd2be7a7L } },
-    /* 0 << 84 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 84 */
-    { { 0x0233e423d52eb122L,0xc28483521154b0c9L,0x2ca09cef6349e35bL,
-        0x3b70afc3ded2ec54L,0xc813474d52dded3dL,0x2d3f21bf12f00ee0L },
-      { 0xa0908f7692f215c6L,0xb97d60e94e9c0440L,0x84ad10c134b6a8e0L,
-        0x6f37fd956e7c163eL,0x7caae8c8d057e0c3L,0x534f52c2553721a2L } },
-    /* 2 << 84 */
-    { { 0xa354c1de72a041b2L,0xe83df25929d1330aL,0x676610999d532bbdL,
-        0xb7c2f4cf52011751L,0x6945d34ff659e35eL,0x6217d20ba1303b7bL },
-      { 0xa200ddba25751badL,0xa74a729001d3566dL,0x3018445faa82b46fL,
-        0xc3e6a3acfccedc1bL,0xe86ae8703353e29fL,0x1c8085bbfd7e8547L } },
-    /* 3 << 84 */
-    { { 0x728c8e145d1a678fL,0xf944da572ac89a2dL,0x3016c2da4796df72L,
-        0xf6d79e4e00a55efcL,0x4fced269526b1cb8L,0x4a93e47791f165a9L },
-      { 0x528b8572f84f90d3L,0x3b30376e5e725561L,0x4f903520e07bb990L,
-        0x07ddb97f4ea8ae6bL,0x29c01e70b3b735bbL,0x825c7f6e5000dd4aL } },
-    /* 4 << 84 */
-    { { 0x306b63e3b4dcea78L,0x4b10209213636935L,0x36bb68898bdeddeaL,
-        0x9331655d67a329acL,0x14c7fe26ba92ccceL,0x4e7d6929be0519b4L },
-      { 0x0dc39dbd164d50e2L,0xd4c430a0b1679cc5L,0xc7f78818fa8682baL,
-        0x43396eadb60aad97L,0x751784d7ff2c64ccL,0xd37928be866af43eL } },
-    /* 5 << 84 */
-    { { 0x3742b61e0475f547L,0x48b2a2c2477722acL,0xf52c6787abce3401L,
-        0x4749711ea4cb41b4L,0x7ce0dfb03fca817eL,0x1c1e3bf996e85048L },
-      { 0xcd65250e40faa8e9L,0xa8edce7017d9b93aL,0x73523cb2b4dd5619L,
-        0x15ba773abb5379f5L,0xcc5e62d6c0a847baL,0x7efe5c7c04d852deL } },
-    /* 6 << 84 */
-    { { 0xf0a69e685a91c9aaL,0x0304d20105c13197L,0x773a3ab7cd14af1dL,
-        0xc0b88edd558d555dL,0xeb12d197d2e63dd6L,0x4a8e849fbcd9cdb3L },
-      { 0x06432985965eaa14L,0x453d93861a5a6f43L,0xbd28f6164171b9bcL,
-        0x37781639bbfcf90aL,0x1f93898f3a36084dL,0x1fefd8b7dd00ca75L } },
-    /* 7 << 84 */
-    { { 0x3b8d8e495e456124L,0x967ed511967c17b7L,0x1d72430c2aad8c67L,
-        0xe8c5d506b82c1673L,0x989978868a0fb41dL,0xa9d478f70f81234fL },
-      { 0xa0c941cf44cc0614L,0xc033c99024ad30f5L,0xaa7de296101f89aeL,
-        0x4cadd8e3ca6a3227L,0x3b4db51f2764ec0cL,0xcbfe70fc09256db4L } },
-    /* 8 << 84 */
-    { { 0xb9207dbc2b2f1bccL,0x6afd6871a3e83ef7L,0x49924e5534ba150bL,
-        0x2935ebf1dfec9972L,0x34bf5e94b76f870dL,0x22d0f32b4c20385cL },
-      { 0xc78ac1728ccc8e72L,0x7b45b8220ccecb0aL,0x76c67ee4cfb4b8baL,
-        0xecfaefb2cd8724b6L,0xe9bc3d67340bc1efL,0xed40b2b9ca5541b5L } },
-    /* 9 << 84 */
-    { { 0x5d1bd16518f8e17dL,0x754986b7405f822bL,0x420b1b24d8753fafL,
-        0xab038e0608ff680cL,0x33621a0fa3649f49L,0xe24b84db78918eb6L },
-      { 0x0e669672c8bf4168L,0xcb7fab33171eab20L,0xa097d2cc4808be42L,
-        0x4f4e395f5842b80bL,0xddcb1e51a579145cL,0xa635d0cdf330ae0cL } },
-    /* 10 << 84 */
-    { { 0x9b8a3eb3069e6432L,0x43aaa7fc721397f7L,0x46e23c6ca7e83a71L,
-        0x71b261d593fa3c25L,0x4a47a1050f523a72L,0x31919e898dcad752L },
-      { 0x4c8b06e70c5dd2adL,0x677ec5f38bdc55e7L,0x4372d55dcb1b5828L,
-        0x7bf054c1f04dd321L,0x4e8c1a992e44584eL,0x6807803751d35d78L } },
-    /* 11 << 84 */
-    { { 0xa6d78a3d754377feL,0xcc17c26ac72ae5e6L,0x2f0ab93b1c05fc24L,
-        0x1645c369d64c9d40L,0x7c37b12c563e7e9bL,0xb70d292d58b477cbL },
-      { 0xc283aca993a2d5a6L,0x759e9118354c183fL,0x8a031f6fdd8f4125L,
-        0xfa8b17ad56edbe3aL,0x6e0f96eb63c651ffL,0x40361942b5085541L } },
-    /* 12 << 84 */
-    { { 0x25ae349981d311b3L,0x8640f52a3b16037bL,0xac0839941d947065L,
-        0x3723c75ee2e693d2L,0x65040a51b66f429eL,0x7f582b0b035a3a53L },
-      { 0x20eca9e10a166da6L,0x45b37e202c4cc565L,0xeab882957a8a96e3L,
-        0x99e771dab60a1a1bL,0x2cdd778c23b03965L,0x8d4d7a7291052478L } },
-    /* 13 << 84 */
-    { { 0xb57b345e4ff33506L,0xc1a3092a31d23fc3L,0xc16b501e905e1f58L,
-        0xa36a3b1f29067b85L,0x7cfabd23c214dd5aL,0xbd5f7ab726ad949eL },
-      { 0x8f64595987363816L,0x49c1a3e679d12d59L,0xcc8f3e2c32d771abL,
-        0x008d900e6bde16d1L,0x60428a0f60165966L,0xd4f8d9eda7383ab9L } },
-    /* 14 << 84 */
-    { { 0xa52d3c2d7e8f73b5L,0x86d8063351842657L,0x58f01253b3949ebaL,
-        0x97689f15e79367d0L,0x918bf9a30d820328L,0x2d4bc99441c959dfL },
-      { 0x37392f6e8c16ee54L,0x9f726d58e6f0849bL,0x497de1e4b8208f08L,
-        0x60c51233d51a29b3L,0x0f61fb03c9e1d465L,0x09494bd0fbe2613cL } },
-    /* 15 << 84 */
-    { { 0x100ef5d0a2bd7bd4L,0x89efecf5f45e2a66L,0x63bc210b653786bbL,
-        0xc7748dba0a0e47c4L,0xaf8122ae110d1ba0L,0x6695bfbf797c78bfL },
-      { 0x9b0e6fb1d7dbff69L,0x106799703f53040eL,0x22d9ed52fcaf4ed1L,
-        0x1e27bafdcc1b2d4cL,0x839f9c019f1c88e6L,0x1112fe541321ad66L } },
-    /* 16 << 84 */
-    { { 0x4f293478154d0f99L,0x1b82320dd07a24b3L,0x1bf7c94f64d55f6fL,
-        0x4489b57d725c5125L,0x3aa4d43ab1b6a091L,0x054842bdcf7a60faL },
-      { 0xaa918a4d2aeb4cb6L,0xcbdaff99ac7d317bL,0xed0e00a16812a03cL,
-        0xb09acf270b0a1e4bL,0xc73a41f7ac28386bL,0x43134dbdf4cd1321L } },
-    /* 17 << 84 */
-    { { 0xe5f746af6e001a20L,0xdc975b02d6a9925fL,0x6d13e266e57f9100L,
-        0xe013661396a9c4c9L,0xb483162850a66d45L,0xe3b0f96d4ee8439aL },
-      { 0xf2a2c08d3e074501L,0x987b2b6b2be498e4L,0x605aad24a15b815aL,
-        0x5bf2186f8529ad68L,0x1413b3d7885ad25dL,0x3de23959807efaabL } },
-    /* 18 << 84 */
-    { { 0x08336ffed8c33924L,0x15b56cbf5140b253L,0x38dcd310306caedbL,
-        0x04ecd49647944afdL,0x1280d23f68a48f95L,0xf414220434363c6eL },
-      { 0xd0a397eacaa8717fL,0xb51a1669c3994b80L,0xa02eed916c56808bL,
-        0xc3ab55c583545c3cL,0x8b835820fd26114aL,0xe0cfa4a6ffff324cL } },
-    /* 19 << 84 */
-    { { 0x4db4bfb788b45f19L,0x130252bbe0d5fd16L,0xe44c97b22808bff6L,
-        0x885e4555b03405caL,0x3b7ce036be9af81eL,0xebe17cf58c552276L },
-      { 0x6eb946c977f4158fL,0x36c23a9c74a5e642L,0x466ff55f2e70a453L,
-        0x327fd5fd28ea7af7L,0xc96bfbec6e658256L,0xaf194fe8c0a3b932L } },
-    /* 20 << 84 */
-    { { 0xcf63d27951c0d95eL,0x3b170a0bac86a014L,0xc21eaaa9881095e1L,
-        0xed2fda116069a3ebL,0x536264b9bd2f1c5aL,0x819e1cffde312c2cL },
-      { 0x6c30f983dfd6ce38L,0x2f32cc4c980b439eL,0x9fab10b63b9c03b2L,
-        0xdfebe34e011ab74aL,0x587360e3b80963f6L,0x3db1f6108692e352L } },
-    /* 21 << 84 */
-    { { 0xf262f2379765908aL,0x76f8d0017d03cdcbL,0xdbcadfb22f35de21L,
-        0x88d5bf592a73815aL,0xc4f4e3b02b1bab82L,0xf5cce885b9635dcbL },
-      { 0x110a785875a416dbL,0xfe7e6c360adb01feL,0xa02642c01374d779L,
-        0x9010758753bb5898L,0x0c764ed2a363fcf2L,0x24a2a5541700e551L } },
-    /* 22 << 84 */
-    { { 0x63a094c5fe3d070bL,0xf769b91988515eb1L,0xafe86e1450d1131dL,
-        0x6bf277886774d3d4L,0x7231d699ffd805d0L,0x05132e5b6304116eL },
-      { 0x3d5e255be34ce5bcL,0xfd9c3bd0c95e3089L,0x22a24023b83cbac9L,
-        0xfb6d2b6fb0b3b98aL,0x74af1115f7e36fcdL,0xcfe15eaff9da3bf0L } },
-    /* 23 << 84 */
-    { { 0xb242ffd61da39f60L,0xd0ed946320cac1b3L,0x9ebd5e46e25f809fL,
-        0xc7df7e5a07f5aa4eL,0x5eea38d791a5f85dL,0x6240f01d6080442fL },
-      { 0x72ec0a5e251d866fL,0xd3e4acbebf2c0037L,0x0d4f47c90fd962d7L,
-        0xece7c047b8de2dfbL,0x841050b96df17f0fL,0x567c3df7e933a4d5L } },
-    /* 24 << 84 */
-    { { 0x266d2c1cbb2fcdaeL,0xb538d4a252be93f2L,0x774c88ba73bd0094L,
-        0x65283a9b81a7e042L,0xe1438bbfd0381625L,0x450e1f644d0db206L },
-      { 0xb38ae9ef4e60fc4aL,0x14ce87e112719817L,0x831d41ec570303f0L,
-        0x7172917028850444L,0x2077ea32ccd609f5L,0x091d1166cd273fdcL } },
-    /* 25 << 84 */
-    { { 0xaf5916f49412edcbL,0x9ccc0dc08f01b2d9L,0xbed1fdd42dd737c8L,
-        0x29d26cab95a21501L,0xff38bf18c70f1364L,0x0bdb055876879b06L },
-      { 0x706031e2a14164d8L,0xe229fce1fc39648bL,0x5ebc640878e97c8bL,
-        0x26039bda822de18fL,0xab992da4b9f090d7L,0xf409432d53eb438eL } },
-    /* 26 << 84 */
-    { { 0xdf216dd84b2ca517L,0xb3eec4b9c6b74c4dL,0xf564e6c81c14e77bL,
-        0xcde25f1c2c2c9395L,0x7e31f7a5049fcc83L,0x6913707b9284c753L },
-      { 0xb92a6f2458e6eb5fL,0x85b0cab595148292L,0xeaad036d7449be92L,
-        0x2f6a2888eb94a702L,0xd7d8773d47d59fb0L,0x612d257303c0bf25L } },
-    /* 27 << 84 */
-    { { 0x805ece910ea742f6L,0x54486a6ffb5dba94L,0xaceb0eebbae52f76L,
-        0x2200fd85e98794f0L,0x44bd993ef305af19L,0x28f256738eb8baceL },
-      { 0x5d3fabbadc5f9c18L,0x4338f79c1b003ed1L,0xaf4b0566bc20c65aL,
-        0xded9407c3045d1bbL,0xe8713d7506391eb2L,0x557d62c971307365L } },
-    /* 28 << 84 */
-    { { 0xb872a10584d2c3bbL,0x44bca57139196026L,0x857327d84e352e5dL,
-        0xa6c6004ad925f99fL,0x48aaf266bab79eadL,0x213ad923adab2a3fL },
-      { 0x3be29b6df371cc48L,0xe732b9062385c9f4L,0x562e0be123f0a84eL,
-        0xbb6b017228c4b0dbL,0x71a93ae5f4c6d8beL,0x76b8bb16551f1fe9L } },
-    /* 29 << 84 */
-    { { 0xd028d9b5242002c2L,0xea105054823783caL,0x01cf8a491d45c34fL,
-        0x1035835e42457869L,0x0a95049661cc1e05L,0x9dce5bd3b439afc2L },
-      { 0x8552f02003b18e4fL,0x4973e3bde6144805L,0x29fb98d8d8514c4eL,
-        0x0ce0e8d83ca27b39L,0x7aaf3f5284bbc6caL,0x0572bf40d78c7c5bL } },
-    /* 30 << 84 */
-    { { 0xbbfaaa94c39926a8L,0xb9a59fdb60a138aaL,0x217a1aa2947e30e9L,
-        0xcac988c9c52c9fffL,0x5676473a3bae3c39L,0x7d84b353857f04c9L },
-      { 0xdeded30cdd324e24L,0xf07c678a9c242899L,0x956d05538cb64f3bL,
-        0x9d34e2f5502cb2b0L,0x99e1054a51dd03b3L,0x86b8bfa54d60a593L } },
-    /* 31 << 84 */
-    { { 0x3dcd2df9c8870c4eL,0x7cfdd05f1699cd0fL,0x19e9ccf027e79e0fL,
-        0x56e997027b85d75eL,0x407b5b74ccadcf9cL,0xc961a336297dda7aL },
-      { 0x350c34d56d12d17bL,0xe37de9a93bc6afe9L,0xd2c7339e0d641d3fL,
-        0x2700f39cf7dfa063L,0x2916f9ad8ddef077L,0xffec6230547cdbebL } },
-    /* 32 << 84 */
-    { { 0x10a53b90754d15e9L,0x6cde9a0c5f4c7218L,0x740d513fabef2b96L,
-        0xff6cc47cd3f802fdL,0x1be6825beb0627afL,0xdb21ede55886c2dcL },
-      { 0xb6cfb2c6f5daaed7L,0x68b61aa8fae29a9cL,0x7a1e16f53a5a485bL,
-        0x16b60b92e7b2223eL,0x332f33d836a13a9bL,0x4567c313876cd1a2L } },
-    /* 33 << 84 */
-    { { 0x7663402de62014a2L,0xbffe1e7fc4efd224L,0x2080eb02c38f766dL,
-        0x6c95529ba9641db9L,0x24dc13a5c68de8e5L,0xca219b3fbbc3016bL },
-      { 0xb83450e310b634e0L,0x8cd26d775b097a34L,0xb912c34564c9884fL,
-        0x3d1f28be5bd75f1eL,0xdcba2b479466ea59L,0x4077e017ca9948e3L } },
-    /* 34 << 84 */
-    { { 0xb4b2c65df91c7972L,0xabe915496b689013L,0x4eb7afa8d506333bL,
-        0xc2f2ac1d648e7c0aL,0xc6bc96b1213cc243L,0x0b827c2189e44025L },
-      { 0x2e866601cadee87dL,0x8ee85356b4719ce3L,0xefda7427b4fc0081L,
-        0x0d5c33c4c802c92dL,0x4c8635ab58515f01L,0x9d7ed87edd0ab04fL } },
-    /* 35 << 84 */
-    { { 0x9a660794cda4cadfL,0x70784fff2484a3b3L,0x8ed664ad2de7de13L,
-        0xbaff5937030d906eL,0x884407034ab43a4fL,0x86dfdd53ee09795bL },
-      { 0xcffa6852fb0e889cL,0xd94373e1e8c9fb95L,0xecc0ea249b0e3ac1L,
-        0xe88eda6eaa89e492L,0xbb049803da19207cL,0xfbb0c3874bbb5be6L } },
-    /* 36 << 84 */
-    { { 0x3e2bdd9b5a5f6b4dL,0x30cf4762ab005a55L,0x8736f5188bacd78cL,
-        0x8a5a647b09dc21fdL,0xfba40c38ca06c1fcL,0x63d53fb64a4e1524L },
-      { 0xe77d07a19a2bd706L,0x54144ea7bbe30e86L,0x8eb606220bd955a4L,
-        0xf689cc80b3c26cafL,0xc70fe95c9fefcbbfL,0x67f9e8e2495b5bdeL } },
-    /* 37 << 84 */
-    { { 0x04361e6b2e4d2cf9L,0xdbd3cc13ade11ba7L,0x93dc1d1df47d8ae0L,
-        0x7d46bba6fbb2d65dL,0x797ea0df92e97abdL,0x09eb3975a712e8cdL },
-      { 0x9ab3a54e0380cf8fL,0xcd1a9574c96710b1L,0x6abcd1a1dc13dbfaL,
-        0x1be0db71c2ee67f9L,0xee8ec8d0c2ac89a5L,0xbc363f407da201f5L } },
-    /* 38 << 84 */
-    { { 0xc86c049bbbef377cL,0x43df6f3703de56a7L,0x01eced2b558e516fL,
-        0x18fca0bdb43c1cc0L,0xd8c6f7ff62121c68L,0xb2f1f1ac36f90713L },
-      { 0x5f876328ea1bbd95L,0x9f22dd535ac4ce8cL,0x7e052acc7df88002L,
-        0xedf21fb7068d46a4L,0x349130a21d7d0220L,0xcccc79beaaa68eebL } },
-    /* 39 << 84 */
-    { { 0x9c955b5eb4100632L,0x8d6dd2d3ccd99a0eL,0x700f827c265dd397L,
-        0x5540bc0cfc85a2c1L,0x6d4b8e7adfb81661L,0xfbfe1ebe1d5c1485L },
-      { 0x322c2883c9dc1b6cL,0xc7c897cdfd7e0f34L,0xe70b0586030e41aeL,
-        0x4263e06e26a728b7L,0x0ee2b93392387542L,0xae708ccaf6220511L } },
-    /* 40 << 84 */
-    { { 0x05ff8b9cbc15ae37L,0x94dc2e85d06d62edL,0xea1d1c8b4b02607dL,
-        0x1fc202a224da757cL,0xbd5180bb35440e69L,0x0263dd51698ee7a5L },
-      { 0xbe93f27654013d74L,0xa7c041c464e81695L,0xbb170ac13ba5336fL,
-        0x1aadf302af84dfa1L,0xeda58747c960788fL,0xb456070e5eefc35eL } },
-    /* 41 << 84 */
-    { { 0xa905d421800ed69aL,0xdb8a643813622898L,0xd003affbdaab0769L,
-        0x467bc051f0aed9d3L,0xed1e6951b11085d3L,0x7a1d1152d3f54fc5L },
-      { 0x8cb243b6dc8dd008L,0xf9c690d1f409210dL,0x9a3195399461aee0L,
-        0xf580724dbc2e4de0L,0x52f648e4e759556fL,0x235a79f2697885d6L } },
-    /* 42 << 84 */
-    { { 0xb293d3fe8220ceb2L,0xace20e7e049a33a9L,0xa584ad52af4198d6L,
-        0x49c5cde64aa0a5c6L,0xc4f7877ecee2e664L,0xe1557968bb98ed87L },
-      { 0x69b0cd713066000dL,0x1af188cbc7399f29L,0x5b88b85c306188a3L,
-        0xcffa28eb4097182dL,0xdb01149ec80d0aa9L,0x9f8e6d59402bc397L } },
-    /* 43 << 84 */
-    { { 0xa646077bd5b97d37L,0x618df84461cfbd95L,0x3a9fe2f447c62894L,
-        0x7f2760eb4e0f1612L,0x50c08fdb36e5acf1L,0xac799584675d2aabL },
-      { 0x3eba6f54917dd606L,0xf585fa5075119ed9L,0xb047abfca32016bcL,
-        0x61c03e51aca118f0L,0xef9fcc526dc13766L,0xd849eca5e8a3fb72L } },
-    /* 44 << 84 */
-    { { 0x11ac1ff4147faf46L,0x5dd8913882b818f4L,0xe439f66fb15fe5a2L,
-        0xadf913a5fe8fb45aL,0x3dc708404a6bbdb0L,0xe8e1204da4af4ac5L },
-      { 0x4be549318ba70502L,0x945d9a765883b39bL,0x99cb1c721a76198bL,
-        0x96fbed479a7949e2L,0x30ee96ebf0299bc4L,0xb7dc5e76d3dd160cL } },
-    /* 45 << 84 */
-    { { 0x85eca39b0c88d5feL,0x96000863af9e0158L,0xbb13f99c4509590eL,
-        0x50033c18034e2499L,0x1e9346f87b86cb33L,0x917d88b4aca548e0L },
-      { 0x0c422c2e9e2a7e15L,0x6751c95c5e37fb06L,0x631361b8c40d21b7L,
-        0xe231858ec9958deeL,0xae86abc54d9936e3L,0x60c78d1137bf9213L } },
-    /* 46 << 84 */
-    { { 0xa0bcb7c6283190a9L,0x36c884ffc53fe76eL,0x071d4acab23f0865L,
-        0xd44e3c20e14a82f5L,0x704dadd8968d28bbL,0xb40d2b948e88ad61L },
-      { 0x4a29142ff3de62f8L,0xdd071910bd7292a8L,0x5b12c32d5b3571c9L,
-        0xe9886262943c6aecL,0xc49b7506cb1e0a33L,0x87f6c2d3de95886cL } },
-    /* 47 << 84 */
-    { { 0x44ba232e010f465cL,0xb82486c69ac91d38L,0xcd1a6bf75de743f5L,
-        0xe050232838acbc4bL,0x8de9c29631fb87b5L,0x9c8029250450c4efL },
-      { 0x19ee1607635e64a6L,0xeff5478c69ed7f8eL,0x311201a027001c21L,
-        0xfc0382a78beb55ecL,0x494b623ce9dea7f8L,0x926a3f756767f769L } },
-    /* 48 << 84 */
-    { { 0x802f495cee46f99bL,0x0f3ad0ee43b91cbbL,0xeaf3b294e9b3f0f6L,
-        0x82cc760033cbdcd1L,0x1a5642278e83fce5L,0xcf1b2edaffa0e4ccL },
-      { 0x7d93e9769b1f5706L,0xe4eb843cf873d68eL,0xcb53dd79eafe5f35L,
-        0xcbbed8f0fcaafabbL,0x570472705f053efeL,0x2c71a95f1ebfeb7aL } },
-    /* 49 << 84 */
-    { { 0x02d4717ddd7a5499L,0x3bc8bdcb9966236bL,0x13f08015fd27be15L,
-        0xe05236f6baaff392L,0xf73bab3f7b4cc522L,0x8ad26d4552ccc027L },
-      { 0x79f8e79e9e9ccd7fL,0x8011b92aab2f22d9L,0x6aef576e729662e5L,
-        0x7d5194d05e568f55L,0x2947d63a1a40860bL,0xe9890f1440305b54L } },
-    /* 50 << 84 */
-    { { 0x8085614c0fa9602eL,0x9ee1b9b26651c4ffL,0x65dd9c94ec048f1bL,
-        0x10b4a62f6d6c0fd7L,0x61469fb7d391dcd2L,0xdf751399edc3d431L },
-      { 0xe3901315c913acbbL,0x31581d7a90976644L,0xf20809634aee5cecL,
-        0xaa716eafe5408c5dL,0x9e356989b9a60ad7L,0x2d6e7733a6a3c977L } },
-    /* 51 << 84 */
-    { { 0xd6d99f54f19b8464L,0x3322a0b8a0be5c3bL,0x6cff730557e98725L,
-        0x786709c7953a357dL,0x3864d278a1013652L,0xf7471f111738f6e6L },
-      { 0x0377a923984c465aL,0x4a24b9e14ba970e2L,0xe53dd9f21c01d248L,
-        0xf422b754fbffc0d5L,0xae25dc0ec6a956b0L,0x3c3fef96ce806445L } },
-    /* 52 << 84 */
-    { { 0x6a69d207b5906d71L,0xf3c757ed8964e1b1L,0xdae255af5f98821fL,
-        0x6c801ed4db1af96aL,0xd12430343d109b86L,0x4b2aa65fa091f98dL },
-      { 0xd9bb4c2132dcb5f9L,0xe5a5979bf190a1e0L,0x0861e5de40117a91L,
-        0x8753c9adc39120e4L,0xfdcb09f4aeb4a18fL,0xdbda38746bd1fd08L } },
-    /* 53 << 84 */
-    { { 0x1bd8e8c0304f7045L,0x8ffcf24eedbd2dd0L,0x13c9441de6ae4dadL,
-        0x5efb70aab418c02dL,0x9d0fede1b8cf6949L,0x613545cf41f5aec0L },
-      { 0x4e3342244b98bddeL,0x7d0c11110fd8aaf9L,0x30c2bedcdfb8643cL,
-        0x875d386aa83e493fL,0x85b32632d6cd0825L,0x9f1ef3a01445507dL } },
-    /* 54 << 84 */
-    { { 0x2b70440e54f6b8d9L,0x355e692430eddda5L,0x354e7cfbc9199910L,
-        0x7e8933bfdc7de946L,0xc5692fa981b9eaabL,0x2eb58fff98cf5f21L },
-      { 0xd0d8f9bb96b19d59L,0x779aad414d1a6285L,0x0cee1a9b5eb87c49L,
-        0x676e36ff786c4c81L,0x6618c8f112d34964L,0x2061186dd03e9562L } },
-    /* 55 << 84 */
-    { { 0xa5ae40977da39b54L,0x98e4d1d9f1d40635L,0x40d97af126154fc6L,
-        0xf18041d4e9ae28c3L,0xdca9487555978c61L,0x4aaddec43638b9b6L },
-      { 0x1e615a2eab925f91L,0x5cfbbe9ded8a50faL,0x0f26d3ffb2034aa1L,
-        0xb2f9cee2c4813646L,0x2195af47957b6709L,0xa55dac537e7fc45fL } },
-    /* 56 << 84 */
-    { { 0xe44a8ed7630816b2L,0x5fb9b643cca34310L,0x07826148a3b5d2e2L,
-        0x0f890db16e65c2efL,0xe9feebe288283844L,0x8e56c6760368a9f4L },
-      { 0x8f0cc9c93e4ce874L,0x646ede9b09f1beffL,0xe92d6bda014e3d19L,
-        0x27e620c5520c921fL,0xfd9b2ae1eed78555L,0x68684615816a603eL } },
-    /* 57 << 84 */
-    { { 0xcf54e9e89ded00c7L,0x8dff0130abbf7765L,0xf12773fb10c5f8d0L,
-        0x7435ac767382e4eaL,0x93092b16f61d443fL,0xc1554fa846eb45cdL },
-      { 0x0896852c30957ca5L,0xc0d91e3effe60944L,0xce8aee57a1b7c75eL,
-        0x4d24f07007cd1a9eL,0x3d8e381094456b11L,0xed6fba6b9dbc9d0dL } },
-    /* 58 << 84 */
-    { { 0x1b1de3ed8b5b8f82L,0xf542399d64252363L,0x23f34cccd206f26fL,
-        0x54c48d9fbd941d6fL,0x3859eb56202e757bL,0xedcb4729ae0eaf7aL },
-      { 0xf08753c512360fceL,0xf37ece765f697cd4L,0x073cae01c98a7c8bL,
-        0x6e298559df664bdaL,0xe8cefd27194b103cL,0x56301e2a811f6a71L } },
-    /* 59 << 84 */
-    { { 0x8103c6053d3fe586L,0x472885b3999bb4caL,0x3759d2d492a2834aL,
-        0xaa4eb3acd46cca1bL,0xcb99aaba633e579dL,0xf9369b033d6dc569L },
-      { 0x55fdb1fe8398c067L,0xd7aab8b47e6826ceL,0x7f5497bd8b525561L,
-        0x2e0e1e9c2cd0e3beL,0x3142a6e2c47caf5aL,0xe78cb1840f4b802fL } },
-    /* 60 << 84 */
-    { { 0x0a1577baf455f6bcL,0xaeeea79094df32b3L,0x1af3ba0f6bbb15ceL,
-        0xaab92a74e8522659L,0x84087a8f7efa0a4fL,0x83c6991b84596065L },
-      { 0x11f7829d29fbb626L,0x32b04b2f86031974L,0xf3a5b8722c1291deL,
-        0x2ffcc97e8bd2be43L,0x575400d10a206f7cL,0xbb4583de0befbce6L } },
-    /* 61 << 84 */
-    { { 0xd448eafaab983fd7L,0x2622336c7a18a7e0L,0x36632e221c274b3cL,
-        0xe64e8f89bf086fcfL,0x1dced08fef72ebd9L,0x61249c25ea295d31L },
-      { 0x7433743d3755632aL,0x9d766243ff32ed08L,0xc36e816a977b1d9aL,
-        0x1069fc0820ccec81L,0xbd4af7bef65a0cd8L,0xd04127fc92e31836L } },
-    /* 62 << 84 */
-    { { 0x39560937ea57ca46L,0xe1f2b7198229d346L,0x462b28d4dd02dcbfL,
-        0x510fce98a333d609L,0x795fbd38fefa05beL,0xd6e34c231bcb029dL },
-      { 0xf33291fc838f7ec3L,0x2a01a1f5f16e7247L,0xf9737722c0bcb3cdL,
-        0xc53ef57ecc8a6c77L,0x219372afc750f1a7L,0x3e6a97c3d14e60bcL } },
-    /* 63 << 84 */
-    { { 0x87278f062db3d752L,0x64c65f5cd106b7a8L,0x04ccc14d41ee7aebL,
-        0x72d1189e71952b60L,0x2e88f851080e9ea8L,0x625a6d32913e8df4L },
-      { 0xd943de73900ee95dL,0x6c12b3b3ecb8b3a0L,0x6209daf2c9b141e8L,
-        0x81c02f71412da959L,0x222d17b747278f65L,0xaa338805789138e1L } },
-    /* 64 << 84 */
-    { { 0xa896d28e4aea3fa2L,0xc6137a456db06ee9L,0x1bbafe8c06fb15ccL,
-        0x2daab2961cdffdadL,0x984defc8e1119b3aL,0x9cd44c3cde2a25a3L },
-      { 0xa7f54ece54ed6d73L,0xd283017f50907054L,0x69130efc6a3b9442L,
-        0x5d17f1276785163bL,0xc019911b172b1d0aL,0xa19c745f7e3e093cL } },
-    /* 0 << 91 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 91 */
-    { { 0xe185bdc2ab83d932L,0x0a75845dd7c4e754L,0x1f6f3397c3fe5695L,
-        0x6c9f3a5f61f6a04fL,0x3c0f9d4bb390a92bL,0x9e3336b74793b454L },
-      { 0x91ad0c341472f06bL,0x4110047a892cbdd7L,0xfa24d90565d53c83L,
-        0xd63e58334176007dL,0x741089fd2cd1623cL,0x6b3d92022685d345L } },
-    /* 2 << 91 */
-    { { 0x1d510157c9cb7f6dL,0x532a077346ab7372L,0x2ea07e2fc6dde9e2L,
-        0xceed9ad937d5bb1fL,0x3121994b98cc6e28L,0x67d2fbb567ad8fc4L },
-      { 0x34707fb3dc9f195dL,0x6a601f481fd5a013L,0xfe939b8d81ef6cb5L,
-        0x5c51e8ab1223a9a1L,0x8f6d7993db74cf37L,0x0b81c5b7972808e1L } },
-    /* 3 << 91 */
-    { { 0xcb4e85123bf921afL,0x28fc6332532e81d3L,0x682d8637f69f907dL,
-        0xbd9fa8f45f759a16L,0x091ea9fa51f03716L,0xd685a14132c630e9L },
-      { 0x7600c9ac3d249cf4L,0x687e2022002cd2b5L,0x7ec205ab55334058L,
-        0x9d0d86b13ecf1368L,0xb3fc17a7fc7baf6dL,0x57939961361c91cdL } },
-    /* 4 << 91 */
-    { { 0x0db33228010c0754L,0x10635ffa8eca7c59L,0x6efd85380e8a38faL,
-        0xc1812ea5769360d8L,0x505723dc76f27ef5L,0xd0358e02f35af2e8L },
-      { 0x9f7bb7fed99419eeL,0x87c66e83430a0e2dL,0x01187549773eaf7fL,
-        0x05bbbba489d51bdaL,0x52cabb06640ccde6L,0x0d5cb557e7ff387dL } },
-    /* 5 << 91 */
-    { { 0x709d61ca10e06f1aL,0xaa1e9fc578eba75cL,0xf85d062f914b2cfcL,
-        0xe73b3baf9089d85cL,0x4ac05feac4a284b9L,0x92c78a433acb7268L },
-      { 0x7b5586f8ee45bb4dL,0xc39a0d0e6ac0a9e7L,0xe4bbe3d54d6f9ab8L,
-        0x1489463f1fd46a08L,0x3ba3182529dba364L,0x94f000d68138511bL } },
-    /* 6 << 91 */
-    { { 0x70187dfbc39c1cefL,0xa785216e0c50c71eL,0x30188b816a6c0d60L,
-        0xeaeda67d6a27e97bL,0x4a5192826ba389aaL,0xb96c7c7ea2bf1273L },
-      { 0x8ff10657267fe714L,0xdff4a271996d91b7L,0xe34ba3e11dc7aed4L,
-        0xc457048b38853d61L,0xe89825db1ccbf658L,0x68c7b4556b255eddL } },
-    /* 7 << 91 */
-    { { 0xdc14cb2a74871e18L,0x017b1340fcb8974aL,0xea5cb0546e93c20fL,
-        0xa7c078ada9e2ad1fL,0xa37207d4beb26838L,0xcd8b3b25de7ee8eeL },
-      { 0xdca6606a2801a7ffL,0xad2fedcf0f8af3faL,0xf27d30b49b530c05L,
-        0x071fc1c36b2a4613L,0x363aaa99b72cea9fL,0x7a33ed8f3d350374L } },
-    /* 8 << 91 */
-    { { 0xc377b373bb20fabfL,0x68d3aa52f986b847L,0xd9c2f2adf39b6894L,
-        0x1bbff106bd6da22eL,0x3f7e5b8e7e09678eL,0xad6a87897ed3ee78L },
-      { 0x689e6b31af9807b9L,0xeca87778bd1f6ef2L,0x17d3277edda78c54L,
-        0xe686caccefb65cb7L,0x758aa1ab19a30f0cL,0xb40df97fb11f071eL } },
-    /* 9 << 91 */
-    { { 0x43b379f71a54cd32L,0xd61fe6c948817fa8L,0x6d7b0acc49ab7a6cL,
-        0xee23b4a0eb6bb45fL,0x340da1f1a2bda931L,0xfdff68411750ea8dL },
-      { 0x890346b8a96c7df8L,0x551993aed4fafc31L,0x2830b98890de711fL,
-        0x4d23863cfb5b5286L,0x327161a0d636d67cL,0xf99dded9733e1725L } },
-    /* 10 << 91 */
-    { { 0x0bef2d2517da64c9L,0xb94dfc85470bbc15L,0x2c2417cedd4af7aeL,
-        0x52b5b3bbc8e88ca4L,0xc00328c44f20d154L,0x024290f730af5d4bL },
-      { 0xe8bacbebeefc7350L,0x89eed6ebb72abd15L,0xb67d1da61d9e7030L,
-        0x2ddefcbc0e70a331L,0x7d09bc6d61e32577L,0xc2073cc95b52e979L } },
-    /* 11 << 91 */
-    { { 0x585939298b806bfaL,0x608ddfbfbce6a08aL,0x674545a08eb27b54L,
-        0x4b57a947c8fba762L,0xcf960113cbd8c683L,0x7b5a479a4fef1937L },
-      { 0xe26eb960450e97f1L,0xf04b36b9d8605a37L,0xb208c832ee5af2b3L,
-        0x3578d3a71fa337e3L,0x22547fca93509939L,0xd93dcb50e848508aL } },
-    /* 12 << 91 */
-    { { 0xd40f36e6276f2576L,0xd37455c46405cfe4L,0xe34094d7cc51dbaeL,
-        0x20f93f0f0edf8bf9L,0x534b75aa23b5e165L,0x438e4dd1dc1b73a8L },
-      { 0x9dd48c413bddb435L,0xc49867a0996b4932L,0x4212f8a2a9ffa0daL,
-        0x8d5236c4d94ed9bdL,0x81bec489f169cb19L,0x71cc1d7e6104edfcL } },
-    /* 13 << 91 */
-    { { 0x31a94a7f22771941L,0xa277284b39867dc3L,0xc66bd88b1a52f0f1L,
-        0xd2e2707b1aa21ee8L,0x78e4f280248d61e2L,0x33df48c7596a31f9L },
-      { 0xb9bf2baab1bb1e89L,0xe1bbcdb4038f10e2L,0x81f674a877b89305L,
-        0x8b2ec6ee16f08a86L,0xa07239c29db97ceaL,0x9f4ae6647ef8ecbcL } },
-    /* 14 << 91 */
-    { { 0x9cb21b57012eaba3L,0xcfce54821347a83aL,0xe3f3a67100d7b34bL,
-        0xd4bcb3d1a6c1b0c3L,0x6ebd26fb9f3c3e31L,0xd01746532dc79be8L },
-      { 0xe7cf9a0ad4156cfdL,0x2757cb0416face21L,0x8b0e320e69e1f08bL,
-        0x2a8caf9b946f83d7L,0x6daff0ba98a399adL,0xb4dfea0938ed6086L } },
-    /* 15 << 91 */
-    { { 0x90ed8b41e2bcf8ceL,0xa464972be8dcc1a6L,0x5a3d0b80ba496081L,
-        0xb636435569f85ac8L,0x0a2765b1a25bdd8aL,0x87a6c18f0d1516bcL },
-      { 0x9344081ae3b01522L,0xcef8e12e608f0145L,0x6f3566a52155e7deL,
-        0xcfc1be9c4d033a3eL,0xfc836eeaab97bf98L,0xbdf53718ba7dd059L } },
-    /* 16 << 91 */
-    { { 0x16f3708b953b9223L,0x0d3780f8770e7cf3L,0x97a615b227bb71a8L,
-        0xa8b9a864162f8b55L,0x80ee8362d91e3fb9L,0xb2009a09f83a4ff6L },
-      { 0x07a7873ac1696281L,0x17ff00c223095ddcL,0x427f683d860d60baL,
-        0xea9959271f87d32aL,0xb2ac69faa050319dL,0x30c362b9d2d0b9ceL } },
-    /* 17 << 91 */
-    { { 0xe05c6a88783508b6L,0xa5569c8ee1779a78L,0xa1e0ca30cc1e84ceL,
-        0x12ecb540337cca76L,0xafb5e2fb344d729fL,0x558db4e132c8f80bL },
-      { 0x5aa3c39523128383L,0x9f04757cee1ee2fbL,0x41132bd215356deaL,
-        0x4e9af313ae07ca78L,0xdfc14c0100c6b589L,0x54fdb4f3dc16a1f1L } },
-    /* 18 << 91 */
-    { { 0x71e663c234938279L,0x9a8f5ccdb05630f4L,0xd91ead12aad70096L,
-        0x2b19b27e9e46cf72L,0x93348c7038e3932dL,0xeab6c03a5c7617b4L },
-      { 0x57c13a97538eab27L,0x2624d17b2f5872f7L,0x77b63d9104b00f8eL,
-        0x2e0582473c89db0fL,0x5d367277937d0d8aL,0x28c19068df60c252L } },
-    /* 19 << 91 */
-    { { 0x9867bc3d38cd6020L,0x5f341d8c5986f76cL,0x108a3c0d0dab2e32L,
-        0xd127a7f989ab3654L,0x9d5018f468505cecL,0x51204da0a8fc94a4L },
-      { 0x1751f30cf6da9840L,0xafe6a8d955ed1f74L,0x270a5d1180165ac5L,
-        0x739f63e05de1e17bL,0xaa95f30735d2b566L,0xf20dd093650236a9L } },
-    /* 20 << 91 */
-    { { 0xd648dd79ee45d4b1L,0x0ceeaa64c2bc2f0aL,0x695f3a3f491a2862L,
-        0x4c07e2e0ce497e3dL,0x5c53879969c766c2L,0x3f856a2e4c4a7c14L },
-      { 0xbf8a6d81038032a9L,0xbeaadd7f45b7c960L,0x78b22e85d50b9d26L,
-        0xac1c56fa7eaefe26L,0x21fbce54fc69f13dL,0x37be1b47512a3708L } },
-    /* 21 << 91 */
-    { { 0x12845d55689429afL,0x7e20f0f9082c8ac8L,0xe1615340249773b6L,
-        0xf66c39638d0f35afL,0x4a20ce6d67d27093L,0x1d462f08e55802caL },
-      { 0x66f209849ff4dd67L,0x6b86f8d8271c57b3L,0x8701a5cde766b85bL,
-        0x50737ac2eea5fbfaL,0xb46ebb42a702f3d6L,0xf853091d999258bcL } },
-    /* 22 << 91 */
-    { { 0x0ce992198c9e7869L,0x653006be525c4adaL,0x783620e4330c402dL,
-        0x185a6ac833b728b5L,0xa297c4a99d390886L,0x547d1db5db4b8123L },
-      { 0xccf12f071acdb039L,0xe89c5866078ddc28L,0x3460cbb1e52c383fL,
-        0x7a4d1beaad25b82cL,0x21e243fdb429be1bL,0x5aa85c25bdc0d798L } },
-    /* 23 << 91 */
-    { { 0x76cf73b9c0db9d16L,0x45e57cdc1970ace6L,0x3c6f5314c54a109aL,
-        0xe32306f7da47cbfbL,0xb3787bdf93e76516L,0x68aa80084c6d4e22L },
-      { 0xd9246ddcb3d37be7L,0x6de2bb4d7000f1abL,0xda02568b67e4751dL,
-        0x3ed7a5615c7f88f4L,0x5f05c828ca5116caL,0x139cc5772a2ebb9aL } },
-    /* 24 << 91 */
-    { { 0xc983afb64cb8d897L,0x7f05e954b14cc152L,0x587fe71e0f4d02f5L,
-        0xaaa43167531b0cd8L,0xf69452727a26def9L,0x7ecf1e563bab50e2L },
-      { 0x04b6f5c94c6f20abL,0xbc6cec2b893b497bL,0x79e89567c9dc548aL,
-        0xa39a0a567a40b749L,0xf1531e2644bd4efaL,0x14cdd759057c7c70L } },
-    /* 25 << 91 */
-    { { 0x30c49847d6d51bbbL,0x70b744feecdc6aeaL,0x38cdf36fe8671744L,
-        0x5834286b8cf6461fL,0xf3414f7b2c09d632L,0x58425e4d5debb923L },
-      { 0x8bd79117a6b96c6bL,0xecf9802680f56fa8L,0x5ae917d7e6dcbbf8L,
-        0xf2d80fb169240a4bL,0x005ac47596e3aa3aL,0xe5196a3463536aa9L } },
-    /* 26 << 91 */
-    { { 0x5fb02929811d42bdL,0xd7d1b956289929b4L,0xfd3546947e531627L,
-        0xa37c9b1e58c2b2e2L,0xf30ed0f902bf499bL,0x3fe80d240eb6df36L },
-      { 0xf96270e57b148672L,0x47362483647f48d8L,0xc279ece6c29bc59cL,
-        0xc05c1d9ffdd7e628L,0xef8fc92e17568a7eL,0xd65fe5a9ec0e7f00L } },
-    /* 27 << 91 */
-    { { 0x0ad31de68c93f010L,0x151b1405945ec54cL,0x325d132c3db6997cL,
-        0xbed9cb3a335531e7L,0xa83932c34a578610L,0xd905abbf6f721147L },
-      { 0x6dd45af086d1d919L,0x2b2ee3090195e91bL,0x3dc30d5edb70d257L,
-        0xfb04b014481bde1aL,0xc2ac3ec82de2debeL,0xc9f161e090db691eL } },
-    /* 28 << 91 */
-    { { 0x8041f112afefdee1L,0x8cab3c86b891f668L,0x1f18774e2b61e754L,
-        0xf0d81b2459df567cL,0x2cc25da41c95e1ecL,0x315b1b1ac735d39eL },
-      { 0xd0a9b9fb010734cfL,0xeefc0398c79386daL,0x49ce859b11fb1917L,
-        0x3d66fd6baf167239L,0x2522b0ef1fea6175L,0x1a27657d3ec4a52dL } },
-    /* 29 << 91 */
-    { { 0x89ec003abb2ca05dL,0x2290b5f403195ec6L,0x9989bd925f6b95b5L,
-        0x1d6e6b2fad409cd9L,0x41f9b9ce3bfe7364L,0xb240f89570ec096cL },
-      { 0xf8725a58b8d5a5d6L,0x3bfec6f1c581930dL,0xc93e290356235c98L,
-        0x82af4269c7cdcb5cL,0xeb13fa40eea6fe91L,0x9247050097c80acdL } },
-    /* 30 << 91 */
-    { { 0x48dc23534ded5b58L,0x1b69590756e707caL,0xbbcb73927ec7794fL,
-        0x3714dfa6e50dbcc8L,0x4f8083c8f27ec5d7L,0x6358d2273bc8c3e4L },
-      { 0xe0c2a0e7656cf184L,0x3996e0a24244d801L,0xa46767b54e543c01L,
-        0xbf55776d965f1e2fL,0xeb66845e6bc872eeL,0x6a73fef1b441895cL } },
-    /* 31 << 91 */
-    { { 0x21602e432b26bbf2L,0x6092d570d1bfd7e2L,0x2b48d74a30b38d1fL,
-        0x4aab113c67c53791L,0xa6acbd3df57be611L,0x53b6509ebd3aae7eL },
-      { 0x047e5ab4d8751f49L,0x978ed11b0cf25652L,0x763553d2153619c7L,
-        0xc7e85e93d824d943L,0xb82cc9781048a7ebL,0x7beb9166e39cc777L } },
-    /* 32 << 91 */
-    { { 0x24480c57f26feef9L,0xc31a26943a0e1240L,0x735002c3273e2bc7L,
-        0x8c42e9c53ef1ed4cL,0x028babf67f4948e8L,0x6a502f438a978632L },
-      { 0xf5f13a46b74536feL,0x1d218babd8a9f0ebL,0x30f36bcc37232768L,
-        0xc5317b31576e8c18L,0xef1d57a69bbcb766L,0x917c4930b3e3d4dcL } },
-    /* 33 << 91 */
-    { { 0xf6625ac0b9a038e8L,0x954056eb2a921e56L,0x7135295aeac07bc6L,
-        0xedde9c39f1ba0ea8L,0x628324026b592655L,0x4603177aefb8aa66L },
-      { 0x63e5ea16406a6c28L,0x5897fdee1c758382L,0x515e49fd415533c9L,
-        0x0a0dd627d6701b21L,0xd7c06db1c93a312eL,0x4fe95e3da33d8df7L } },
-    /* 34 << 91 */
-    { { 0xf113d92c3336edc5L,0x0a201f3e8ce47278L,0x57492feb5c52562fL,
-        0x18b73800f29da837L,0x2262089f649a1ee8L,0x076b07657c99bf48L },
-      { 0xa95050bc09bfad20L,0x5aeaa9088c7e713cL,0x264283ed3cda06ccL,
-        0x5d574b116079b43dL,0x0071495cced10a84L,0x97441fb0570d3063L } },
-    /* 35 << 91 */
-    { { 0x340831072b228335L,0x84ea0aba50fbd43dL,0xafde6098b3ec91e4L,
-        0x4fd293ca1091ad93L,0xee085e23552a785bL,0x437d799ed7057200L },
-      { 0x41f735628a611ff4L,0x707a7cb5d2ef6254L,0xa9a8f00092a30686L,
-        0x901cc8e60cea8d1dL,0x1fbc9ca6d6da2ddcL,0x61bcee2176489604L } },
-    /* 36 << 91 */
-    { { 0x5f6ef134781a7f53L,0xbac4cf47b10a9d16L,0x48148ba110e69f4eL,
-        0x40594360a9c615f0L,0x3141817ddfb3fc58L,0xb9579a9263c38d83L },
-      { 0x0544b1bb6373b9aeL,0x718a5fb7007c8185L,0x48d4a4f77cfa392aL,
-        0x9c16cb825d44ba38L,0xc83d2df42a8fa83fL,0x835aacccc08fef0cL } },
-    /* 37 << 91 */
-    { { 0x09ce1818af09fefdL,0xd1d2f95f5dd9d687L,0x94ed08b5495c4eaaL,
-        0xd1afff464a0b95d2L,0xd51ba2b455347a75L,0x413126295e3866edL },
-      { 0xeef2d7e3cdd37660L,0x50e6fbdfec2fe50dL,0x9d071e18a664e2eeL,
-        0xe70e1d9ed6a8f467L,0x576d0cc4e13afc19L,0x67ced86da0efc220L } },
-    /* 38 << 91 */
-    { { 0xa26968cb26a963daL,0x461d1ab5cecbd96bL,0x8eaa1834b3e38516L,
-        0x1e92730f05d2cd2bL,0x91112026b07cbf92L,0x26eb815062374314L },
-      { 0xa904f1d08ab1b9d1L,0x52006594692b1905L,0xc9cc90ca6ba4717dL,
-        0x4bd7300aaad1c74fL,0x67ba07a4c21c5832L,0xdebfd810fa56a1a8L } },
-    /* 39 << 91 */
-    { { 0x3bc5aaf484539b6bL,0x6ca9ac0c0d1249aeL,0xb59da22db4ee30c8L,
-        0x6e62553e57149c9cL,0x46db0089786333cdL,0xe1e2ae523e4c12ceL },
-      { 0xf828d2b537b3fd82L,0x31844a9d03af654cL,0x85dd8daaea5a4677L,
-        0x0db99b8f3432e82fL,0x99383b874866e1b6L,0x52310054e325b0c2L } },
-    /* 40 << 91 */
-    { { 0x737cd387044854f9L,0x488b2fd667eb29c2L,0xe71d9bb7258c5a80L,
-        0x21afb486ac71048eL,0x0252b540d4d39296L,0xe3e52cb87839d8fdL },
-      { 0x5cb1100667ea0afbL,0x207637d1de82b12bL,0x77920933e93bcfcdL,
-        0x65197f5df32f636dL,0x82179527b6c41411L,0x7696a479f410c989L } },
-    /* 41 << 91 */
-    { { 0x78307cd80e8d576cL,0x10d3b950fd9d6044L,0x2c2f9e2bf4b20445L,
-        0x961343c72c5c7ea7L,0x931c52a0af640e61L,0x45557391470d420bL },
-      { 0x4096a997317f4d26L,0x15210801cceb9be5L,0x228102195ff0759dL,
-        0xc388a2d21d265932L,0xceb79d01e86dd99bL,0x23e8fc7b3311dcb3L } },
-    /* 42 << 91 */
-    { { 0x1a7d0e091d7743eeL,0x18720797d53e4a8dL,0x78465f1ea04dbaa1L,
-        0xd4f064da9ce65723L,0xc0e7c035b496e8d4L,0x25657d2e6bb2f9ebL },
-      { 0x45576ab49f4b6cb5L,0x83983c70ba33d6dfL,0xf699e84d1eca62a4L,
-        0x35528636a13f5c31L,0x6a1b56b01f6b1739L,0x7906eccc6ea87942L } },
-    /* 43 << 91 */
-    { { 0x4e584a4fec1204a5L,0xd96b00e845a5b311L,0xea11fb03030badccL,
-        0x9b2141b2a825a89aL,0x18bbc30bf8b2450dL,0x87bd93916513b2cdL },
-      { 0xb3dbde552f0b304dL,0x762f3dd7c3c4817bL,0xe51e1733edd3fdd8L,
-        0xddad4c515d8219a2L,0xf5a8c0b8796b6877L,0x34563a8989bf65c8L } },
-    /* 44 << 91 */
-    { { 0x93e2e3a2881c106eL,0xa227cc49fe82afd8L,0x6fee74a4748e81f3L,
-        0xb212e8eaa5dd966cL,0x68d270efdc7d8883L,0xef2f3966fe757e9eL },
-      { 0x0340098b7466881eL,0x7ab98a0575884bbfL,0x24783467a472f62fL,
-        0xc73cb49f988637d9L,0x2b5e9d27dfb710c9L,0x503f9a2f788fcb18L } },
-    /* 45 << 91 */
-    { { 0xcba6f4631a52b729L,0x8874582cc8be34cfL,0x98a08e246a9a1eaaL,
-        0x77094319d5693f71L,0x575a0938a8504e5cL,0x3f59910c226f888eL },
-      { 0x5c3587990aeeb1f1L,0x7c32821d3613bbc5L,0x66f288e7cc17db95L,
-        0x6f3221998724ac94L,0x4e3fa38981db3751L,0xa6e798c8420403baL } },
-    /* 46 << 91 */
-    { { 0x56672f2e2cbea2e8L,0xd1a02df9128bd636L,0xff6a3bc6d47a0025L,
-        0x24124f30d38d0b42L,0x89ac3b8dda63df29L,0xf26d72994d0b6458L },
-      { 0xfff0445f7d6880bcL,0xface90f52be76351L,0xbf10c6b8ebffb74fL,
-        0x0e53c533a1fba003L,0x037baf09112f4980L,0xb8ae6312be960954L } },
-    /* 47 << 91 */
-    { { 0x8397b60917270d4aL,0xb4d0c38700e4caeaL,0x69c52bb3f4c58f86L,
-        0x06e0e01157b1fd41L,0xc5dc2f25627873a2L,0x9af848ca0ae53974L },
-      { 0xb5c957c06ad18335L,0x93b564154ef09e7bL,0xb5ba282450e2c5ccL,
-        0x63f003a567d7b68bL,0x0bcb0dc820bcbca3L,0x8803b1ffe3d4296aL } },
-    /* 48 << 91 */
-    { { 0xff41d51faae4bfd4L,0xcf50b14117c44facL,0x078b808e657a1ea4L,
-        0xc5aac1a893c00c55L,0xcb99cfd0cc4d1c0fL,0x1d1048933fa123a6L },
-      { 0x49646059023ca92fL,0x5833e326f3982134L,0x2e0d4bc9c5781cddL,
-        0x5f7f84ed8d5e75f5L,0xb6655f1fe1e8a383L,0xcc18514c296e4943L } },
-    /* 49 << 91 */
-    { { 0x5d3e5f8d8a407ff0L,0x9c713c8c7b42b11cL,0x7433a9921e387806L,
-        0x5272b92a98cb43acL,0x6261dfc1b1018149L,0x229d2ba5d3b4adf4L },
-      { 0x1f52e72989f0905fL,0x965e062925d4c79cL,0x42edaeeb33e6c016L,
-        0x5ec492e8af1709adL,0xaad39616c5763619L,0x85a659098c666860L } },
-    /* 50 << 91 */
-    { { 0xec8fe7dc86009df6L,0x42dd3c37871b20a6L,0xe4388c920db643e4L,
-        0xcc5dfdd481e06dbdL,0x3f1a3c6458ca7500L,0x987d7caa22c04e9dL },
-      { 0xd0c91072bc5717e2L,0x3f605fd2e77e5509L,0xa1cc1404c0c3e95eL,
-        0x4afaa9fdc6d0edd0L,0x2f3aba4e0d7d882dL,0x3f1f0349796c5ac0L } },
-    /* 51 << 91 */
-    { { 0x5dac93982eeb82e8L,0x2fe5ffb57536ce1eL,0x2bb120ac6926cfceL,
-        0xe54ff20f2236dbf0L,0xaaf0d31edf8c5a87L,0x5262fb9fc8f5df7aL },
-      { 0x0f833760467092bcL,0x50fa223d0a8dc0afL,0xd6a4847d35406966L,
-        0xd17d6ce003b7f56bL,0x8067d8e2ee2d64bdL,0xe33e51bb9fa4fe9bL } },
-    /* 52 << 91 */
-    { { 0x52aa210770248e4eL,0x30cf7e773b6bf709L,0x36961c7b788e1836L,
-        0xbe49de5f7595af2bL,0x86b49b619cbcba78L,0x1947db3790cf1117L },
-      { 0x7d3f599de14b4287L,0x14546993f0ca62ebL,0x0f6c8872d0abde7aL,
-        0x1531ceeaafe2260fL,0x36449624ae5ecf96L,0x6cfa12a5840bdc19L } },
-    /* 53 << 91 */
-    { { 0xb092ad68c1d612b5L,0x9f6052507af5c37dL,0xf48aa7c6c702b673L,
-        0x380144215cd29c3bL,0x7b09e407121867ecL,0xf71443d391e59047L },
-      { 0xea51e1a6b6d16a51L,0x041fa7650f33e2ccL,0x3a6d50c73750dce3L,
-        0xeebf5c2e97cb7a7dL,0x2530de228f39e771L,0x9af217c18f37f863L } },
-    /* 54 << 91 */
-    { { 0x38793fd0c683085cL,0x49cc5934dc436d16L,0x94c708e4175e770eL,
-        0x41bfb65d059c2682L,0xf6b83eb75f004ddeL,0xe1881929f6864410L },
-      { 0xfaa77fe0b438f937L,0x97a856069997e90dL,0x78366a9108de889aL,
-        0x6c28ef64553229cdL,0xfce82c2fe9381854L,0xae98117146f70bb1L } },
-    /* 55 << 91 */
-    { { 0x3f77410e9aacedd8L,0x0e34bd7d453813e4L,0xc5818436825d6b0dL,
-        0x0e30f037b4d0ac73L,0x70f6bc9b69b559c5L,0x68d3d71eaed15484L },
-      { 0xd0254e5414fbae1eL,0x6ddaad42ae0d3df6L,0xefb91a545a6e98d0L,
-        0xde3fcefc854ee5fdL,0xb2f0f3a1dfa2a8a0L,0xb656f97ad00ded3aL } },
-    /* 56 << 91 */
-    { { 0x01acfa7e0a90e37fL,0xf47e5946366d0ba0L,0x8e37db7b54c11845L,
-        0x5742d8bd50a62064L,0x27dc9a33ed6d096cL,0x2246d73016deb724L },
-      { 0x203c08da2c8f1a85L,0x210cda3a56fea379L,0xea6b1bbf2bf9ed67L,
-        0xe5a1e5552395cc4bL,0x458a7e19de2d6b2fL,0xa7199a86734942a3L } },
-    /* 57 << 91 */
-    { { 0x53684c23d44cad85L,0xd23613f8940779a5L,0xf485c7a3940bd34cL,
-        0x64c66a1f3f673b5eL,0xec29c76f1d6dd63cL,0xe10f56272f191435L },
-      { 0xc054f9a7325d5759L,0xe6740d3f974edaf5L,0x2723ac6103f3b640L,
-        0x0a2315a4576e0bbeL,0xf8156e1e4a3ec903L,0xa307bc249bbc8c52L } },
-    /* 58 << 91 */
-    { { 0x78579ca212a1687aL,0x208b7494268a02a2L,0x61708a002c1c5243L,
-        0xca366915a760461eL,0x0e9038fe3ca1e167L,0x2cfd6fe3a58e2c57L },
-      { 0x97c16e34fe79a49cL,0x1575244ef08e4037L,0xc1407fa08e2283edL,
-        0x38ae77621b057919L,0xcec574a5e68a366dL,0xafdfdce03eff00d4L } },
-    /* 59 << 91 */
-    { { 0xdad0dca9162d80c6L,0x554141f8b888ea0fL,0x1e471b24d4036218L,
-        0xafca22cfb36102d0L,0x437c51bff280dfa8L,0xc2c8bc8b50c9c30cL },
-      { 0xe7bacc372a9fdf6dL,0xd01dc65cf0472f2dL,0xaca59cf983d7be3eL,
-        0xf7c935425d9ec484L,0xc22046c6015a08a1L,0xa71b3c64cecdf816L } },
-    /* 60 << 91 */
-    { { 0x4b7d0b277abe7856L,0xe566f4567acdb39cL,0x70c6cdf20047ae7dL,
-        0xd27f831233ed0392L,0x498f0ad0358a429dL,0xed97c4668e6ee95dL },
-      { 0x3d11cd69f3018515L,0xedd460344c1b367bL,0xd75660e3b3ac8ec6L,
-        0xc80dfc0fa541e6e1L,0x80026f005c091a6eL,0x62b86784c426f2bbL } },
-    /* 61 << 91 */
-    { { 0x417408e529ee8eb4L,0xe92f18c2917f9951L,0x1f471f0eb38b6210L,
-        0x53cb14264df240f3L,0xeaf7fc0067c29b25L,0xbbf46fd3d99cb613L },
-      { 0x05cd552eb465b50dL,0x136b8e675e136733L,0xd7d50f61ccf61776L,
-        0x90187ec5a32b01f4L,0x21548ec523ba232aL,0x6c8266c0748e558aL } },
-    /* 62 << 91 */
-    { { 0x762f413d7650470dL,0x9b4af5d018c9ad5dL,0x85fe90460ea625a0L,
-        0x4af4511b2200cadbL,0x4c16980defec2921L,0x42ae5d5d60dbe1a0L },
-      { 0x0785260bbb2ceb1bL,0xd181ea3242f1fb7bL,0xc34f02b13a47672bL,
-        0xb0bc79f770e58634L,0x6e7967098a8509aaL,0x05870e6f3c3e6d44L } },
-    /* 63 << 91 */
-    { { 0x46d4fef752f7c595L,0x5f35083a8a07819cL,0xbba477ca591233ddL,
-        0x4e66309358e307deL,0x65c3e2b9ef827537L,0xcf7b7adb09ee9adaL },
-      { 0x00a82d4b5f5e1434L,0xd6aecb8032e50afcL,0xffdce7ce6b034271L,
-        0xa95d96ae036d5058L,0x61582ae24cb7d60bL,0x6a10577474139c1bL } },
-    /* 64 << 91 */
-    { { 0x53ebbaaeb475d8f3L,0x3d6ea31cff76bedaL,0x3c15f25d340986b4L,
-        0xc5925d2e3365312aL,0xc35d3ee251641f96L,0x11eb2f75984128e4L },
-      { 0xb41a21a83d04bc99L,0xf2d286006436c3d0L,0x4ffcf4c0faf5663cL,
-        0x889d285a0a62c9dcL,0x0908665acb2d60c5L,0xe2f19c590a131be5L } },
-    /* 0 << 98 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 98 */
-    { { 0xc0de60f5091354ffL,0xd7cc38bba1bd1975L,0xf4122aa8e734e2dfL,
-        0x08f40f63ef773db6L,0x0a7e9484ce2d71c5L,0xcc79173378a3f825L },
-      { 0x0cac7a5bb47beec9L,0x1cbea0e4a3f7b5b6L,0xecf19a90d3e18145L,
-        0x0d1b062a0aadf689L,0x42299f1ff3f0acf7L,0x63a645395ac252b9L } },
-    /* 2 << 98 */
-    { { 0x44bfd1665c1d4586L,0x46434e198d1d86d6L,0xe50fcf81c3936683L,
-        0xc9b4eb068b08680fL,0xf90882c52832aab0L,0x42823cefecbf5ddaL },
-      { 0xfd4d51c744ae08f0L,0xb54a08f1bbd21c1cL,0xb72953dbfb187c34L,
-        0x166f7f26f8ed037fL,0xd2b1077a097bad45L,0x47794cdc790dd808L } },
-    /* 3 << 98 */
-    { { 0xfadb2ac4bac8b691L,0xf0c5a0361579c4d1L,0xa192474f79019224L,
-        0x8c7a64574117a323L,0xe58122dd84d970a9L,0xc475893c0bf77208L },
-      { 0x9518412f1bd45c95L,0x75bd0a72283f7a3bL,0xa9e871605fb7e6f1L,
-        0x14d3c944df67acedL,0xbceea947d0348c22L,0x5331c192d021aba4L } },
-    /* 4 << 98 */
-    { { 0xa05c751cd1d1b007L,0x016c213b0213e478L,0x9c56e26cf4c98feeL,
-        0x6084f8b9e7b3a7c7L,0xa0b042f6decc1646L,0x4a6f3c1afbf3a0bcL },
-      { 0x94524c2c51c9f909L,0xf3b3ad403a6d3748L,0x18792d6e7ce1f9f5L,
-        0x8ebc2fd7fc0c34faL,0x032a9f41780a1693L,0x34f9801e56a60019L } },
-    /* 5 << 98 */
-    { { 0x35df68ae1a504405L,0xe41d69508fc755b9L,0x420dc1cda6297243L,
-        0x3011646b913fb68fL,0xc4b630465e141a27L,0x943b3b3bbd91fe5fL },
-      { 0x3ca17d6b50c31708L,0xce88b5e74ffa8c71L,0x8b60038f4dacd2bcL,
-        0xdf654d723c13cf9bL,0xb5353e281d871b40L,0xc2d27919226663d3L } },
-    /* 6 << 98 */
-    { { 0xa028d2fa9b87715fL,0x7cdd9b4a453625bdL,0xc8afb1890be3dacfL,
-        0x40289a3a274c4e2eL,0x7f5f9f7677c6bbadL,0x577c0935bdfeaccaL },
-      { 0x5f838f0404281989L,0x8650a974ebfa410dL,0x414fab6dcd56dea6L,
-        0x6995cae292eed440L,0x3b474d27ab146e15L,0xe24262b2e9938f84L } },
-    /* 7 << 98 */
-    { { 0x649e18fba34fb18bL,0xa4883af898cc69d3L,0xff46285f3fd56e37L,
-        0x2e28ccc4557c0c04L,0x8388dee821a9b46bL,0x0fd4fb807ba3a6deL },
-      { 0x1d8e9da7c62bb315L,0xfa7bd70d06e44230L,0x2840122063320438L,
-        0xeefabd47d06c0654L,0xf4387b08d4c8c10fL,0x8f2694624ff2142cL } },
-    /* 8 << 98 */
-    { { 0xa4b957d262c36887L,0xaf15a485fc24cff8L,0x11575e80a271d9e0L,
-        0x0fff68d44b9367e5L,0xf55ba6732279779fL,0x9d72cca6d4d68f68L },
-      { 0x01474ab1590ffe4cL,0xd20f44e1074d634bL,0x63903a8336111d25L,
-        0x37342a5fab531cefL,0xd3c93fe7702ed867L,0x05d143696279f7e1L } },
-    /* 9 << 98 */
-    { { 0xcddf64873e942b27L,0x9e29835a2bc21472L,0x924c2bfb2d2195e3L,
-        0xdf4a3cd38eca6d9bL,0x7fe6acd1c5be60c3L,0xa3abee9cfc38025fL },
-      { 0x014f0d992f449934L,0x8d72657a78860127L,0x92514cb948d84cfcL,
-        0x8bd4ac503aadd70cL,0x3c96ee00136620d7L,0xa0caeeb54efc5e57L } },
-    /* 10 << 98 */
-    { { 0x7a65cdf5bd200ed6L,0x72dc1b5f0e4b1c68L,0x9c09576a6ddf540bL,
-        0x358dcd122b169da2L,0x6466f0e81639b734L,0xa1429a6ef14c6eb6L },
-      { 0x4b3d781943221168L,0xfe3d2fdaf3b74fceL,0xb22bcec2ae26014bL,
-        0xa8900e7ace7e789cL,0x9db9af67220bce88L,0x1f86d2e4fb8ee34dL } },
-    /* 11 << 98 */
-    { { 0x6f8e1c0bf8c65293L,0x66f44ea04d7a5dfbL,0x2c3cacac741fdc1fL,
-        0x72e58aae239f5f16L,0x50dbaf192f72d8c8L,0x24ee526628c97b95L },
-      { 0xdb5f7827ab3ecb17L,0x2c567337669b05c5L,0x78c97eb8ff76ccdcL,
-        0x1de1b4a3f8d2c990L,0x5b183974e6138df5L,0x61b74177aa1a1019L } },
-    /* 12 << 98 */
-    { { 0xb398290cf0db3751L,0x01170580ba42c976L,0x3e71aa2956560b89L,
-        0x80817aac50e6647bL,0x35c833ada0be42daL,0xfa3c6148f1baba4eL },
-      { 0xc57be645cd8f6253L,0x77cee46bc657ad0dL,0x830077310defd908L,
-        0x92fe9bce899cba56L,0x48450ec4bceffb5aL,0xe615148df2f5f4bfL } },
-    /* 13 << 98 */
-    { { 0xcc14267f6be1860dL,0x3de7f48b4ffedea1L,0x8252694e5b776b87L,
-        0x478c877890dd427fL,0x913e19a675a21357L,0x882f2d5ac078bd79L },
-      { 0xf442752184c565dcL,0xd772147e3ac3ed26L,0xf21abc752fa216b6L,
-        0xab1804ad305ff0dfL,0x10d89a07920c977bL,0x0a2240dc4fda6075L } },
-    /* 14 << 98 */
-    { { 0x7068e6b98653bfadL,0x16b0da9b8f4397e8L,0x77b953b4946bb9c6L,
-        0x08366ad749b036f5L,0xd219117b26a3913dL,0xbe3607949a5460d2L },
-      { 0x1a4acf6dfadd462eL,0x1f7de879c32f3550L,0x11117132669c9b2eL,
-        0x1deea7d1c87ca216L,0xa88c90c748a058d2L,0x0d8e6afff403ef36L } },
-    /* 15 << 98 */
-    { { 0x21f6c96c1ad77f33L,0xb5da9d34992e7807L,0x17fc994ba7192adfL,
-        0x59f204fcbcc3f8b2L,0x3f4a970f10bd22f5L,0x42936bfcbaa1188dL },
-      { 0x6239fea5eb985837L,0x5fde15e0b33d1158L,0xe0bbe9b800cf90b2L,
-        0xf2c6d8b16b2b68a8L,0x58c331cd0f3a2341L,0xe951c48910dab1a4L } },
-    /* 16 << 98 */
-    { { 0xdccf68bccbaf4685L,0xb333e464270a2bccL,0xe43ae199254dd3e3L,
-        0xe8526e26ddce5c84L,0x52bad815ea0b4258L,0x67c12c1b094574c4L },
-      { 0xa5362fcb861545b7L,0x3e904c35c2b2eb62L,0x0f9312b5eeffc2cdL,
-        0x5475657b14de4e5bL,0x746e67d4f0233fa5L,0xb5157d7f35471ec2L } },
-    /* 17 << 98 */
-    { { 0xcbaf92265315e83aL,0xcc6e9a972f15ff37L,0xcac446dde8c87fb1L,
-        0x5fa37a5c672d7f92L,0xe66efc07b1380425L,0x2d8ed2e32c8e59ebL },
-      { 0x8e3ab80461743725L,0xe59a87f825493349L,0xf6995fe16062fe7eL,
-        0x5d7f8a646e8de27cL,0x4a5ecbbbebe084f2L,0x99fc5ea93f863156L } },
-    /* 18 << 98 */
-    { { 0x1ddede1b495fdc2eL,0x3dfcf56b039d6339L,0x54c423806a56c492L,
-        0xe6bfd184def6446fL,0xfaa2fa123ac841beL,0x503e319a4f9330a4L },
-      { 0xd9305d4654ad427eL,0x68d23497d95dfcc8L,0x2d935aad1e9602f5L,
-        0xd7e74bf2e33174a9L,0xc8e4a0b17225e2b5L,0x5db7187cbcda5221L } },
-    /* 19 << 98 */
-    { { 0x9a0e0908b0ec0b27L,0x28894b2edd759131L,0x0107bb592b9d6f02L,
-        0x318921deeea022f7L,0xa1a00f5882c73390L,0x877833129551b381L },
-      { 0xff866039a3a9dd22L,0xa59235ffdf0fc09eL,0x530c2fe61ca647f4L,
-        0x77b1ea2860f9428bL,0xeef2a9e6bba4bbabL,0xdbdbe037204f5ea3L } },
-    /* 20 << 98 */
-    { { 0xf55edabb90b86166L,0x27f7d784075430a2L,0xf53e822b9bf17161L,
-        0x4a5b3b93afe808dcL,0x590bbbded7272f55L,0x233d63faeaea79a1L },
-      { 0xd7042beafe1eba07L,0xd2b9aea010750d7eL,0xd8d1e69031078aa5L,
-        0x9e837f187e37bc8bL,0x9558ff4f85008975L,0x93edb837421fe867L } },
-    /* 21 << 98 */
-    { { 0xf87a92375b2e5fa6L,0x88571e4452a3a605L,0xf85e9a330c8f5f55L,
-        0xf99886c599dc2c97L,0x5866329d065261daL,0x9011f13912dd434cL },
-      { 0x0cc67d535284c555L,0xf8f715274a4032caL,0x4b002683a9524bcaL,
-        0x3c3c12910f63a7baL,0xd19e173e9124eb8cL,0x3431c51c54b7d85aL } },
-    /* 22 << 98 */
-    { { 0x7103ab4ae11cc85bL,0x2064ca41789cf87eL,0x592850ead5f13a08L,
-        0x56b9ff066212e096L,0xa106455d6efa7445L,0x3e62aac92343c5efL },
-      { 0x7edbf70dcb8ddf7dL,0x27f00a4a5f2687e4L,0x7d4ce32e44a08d11L,
-        0xe97f0910890a57f1L,0x792597fb912cb027L,0x1fa7a1d2ad3492dfL } },
-    /* 23 << 98 */
-    { { 0xbf4e161c3cfad317L,0xda4e6bffa1998bc8L,0x6534ef622e890b99L,
-        0xd10a3b24d272cc42L,0x3f81b0e5f1194dabL,0x8919caefec549c5cL },
-      { 0x847ef47f68f5633dL,0x01cd59975468f4afL,0xc38bce29b6727408L,
-        0x56a1cd1ea4c84268L,0x31a493f406b81088L,0x4461ce8531b37e73L } },
-    /* 24 << 98 */
-    { { 0x3503d9371f23a0d8L,0x64c598a8c321dde0L,0x67f101ef5b52e0f0L,
-        0xb6b5b4c2f955b5faL,0xb5f03d53880e0569L,0x121c3ac1c99393efL },
-      { 0x90755bd657330666L,0x70ae5793d4d71d3dL,0x326ffd519e9ce792L,
-        0x1b772d7396ccfa14L,0x652710f4874a22deL,0x72768469db210342L } },
-    /* 25 << 98 */
-    { { 0xb2d85722b3413d7fL,0x4e41362092e55ea5L,0xad1a20c7ff7b3409L,
-        0x743b31c0c6f98cbeL,0x1b5b0b5adab3810aL,0x628d9b212cea0428L },
-      { 0xa3e24294b0335ba0L,0xa9c0e139487530a7L,0x54199640072e70eeL,
-        0x0977586e64c0d563L,0x393878451c5cce35L,0x57acd85631ce1eeeL } },
-    /* 26 << 98 */
-    { { 0x63081bcf9b8d9f3aL,0xb09fe52b6f94e3e9L,0xc232e5d1e39c092bL,
-        0xd61ddcccf5f072e4L,0xcdb3b4189a26a93cL,0x0c010c048de6f5c9L },
-      { 0xad2473a5d238e823L,0x4120ab3632029ca0L,0xd6632edb639bb8ddL,
-        0x3383f077a8b32fe4L,0x8afcbce5eacfbe80L,0xe28236212d2fff74L } },
-    /* 27 << 98 */
-    { { 0xccf2a24a0eb3829bL,0xdd8fe4421eae0751L,0xb685b073c9598d91L,
-        0x025214ce8b308785L,0x11c3fb11d6433acdL,0xe40cf39c81794024L },
-      { 0xa167651b1c0b1f54L,0x350cf3eb0bbde983L,0x69c93dd0b2a88c48L,
-        0xf13afc37bee80b26L,0x0be7d05d776345e2L,0x1ccbc8ba7645b02bL } },
-    /* 28 << 98 */
-    { { 0xaa6489df83d55b5aL,0xea092e4986bf27f7L,0x4d8943a95fa2efecL,
-        0xc9baae53720e1a8cL,0xc055444b95a4f8a3L,0x93bd01e8a7c1206bL },
-      { 0xd97765b6714a27dfL,0xd622d954193f1b16L,0x115cc35af1503b15L,
-        0x1dd5359fa9fa21f8L,0x197c32996dfed1f1L,0xdee8b7c9f77f2679L } },
-    /* 29 << 98 */
-    { { 0x2aa349975442c668L,0x4c5137130cd74444L,0x4f87be0f449300ecL,
-        0x13e07b552bae04fdL,0x6aa575d11f75acf6L,0x4502e9e9852848a9L },
-      { 0x3c246d38889666fcL,0xb6c0292b7c100867L,0x618f234aa2a280e0L,
-        0xf983c834669afe62L,0xc51a15105d900a1fL,0x7d7ce31bc952f419L } },
-    /* 30 << 98 */
-    { { 0xe3dbb7483c3388dfL,0xc26a7d042c32f139L,0xc1b48180ed938dcdL,
-        0x785b964d42e4c01cL,0x507cd16aa1f75e28L,0xfaabff8d1f323caaL },
-      { 0xc6bc47ceadd5b649L,0x997dc0ee3c0aed28L,0xcef0c89bf3666cfeL,
-        0xd8d7dfb426482ea7L,0x5f00e432d2348484L,0x09549b5a1dc66aa6L } },
-    /* 31 << 98 */
-    { { 0x702e450ef8464b1eL,0x52d20765a061c4c6L,0xe1c930b26519bfc6L,
-        0xa9c0c8c6d17ea02dL,0x52bfc60ddac62461L,0xc325568f7c5f9a55L },
-      { 0xe7413df9eb44b9d7L,0x461682265837e0d1L,0xfcb9628c15aa0c89L,
-        0x83d6d0eebb57c6a3L,0x17bb82a56829c9fbL,0x342fe91c496861e0L } },
-    /* 32 << 98 */
-    { { 0x58d6998e171c1439L,0xfd4a98f401feedecL,0x420b2a0165739fceL,
-        0x5c5db30822f7a073L,0x016c547805042f00L,0x5fc73ce2a12413d9L },
-      { 0x8ceb2d70e932aa17L,0xb4d66b670537afafL,0x2638d012339c146bL,
-        0x02fbb7b628ac0555L,0x7fcb0c8162d46e63L,0xeaa9ff4f066d088eL } },
-    /* 33 << 98 */
-    { { 0x45f53090b8b22c29L,0x155b8f8111e70d5aL,0x5ec118b25d3a7d83L,
-        0xfe4c7eb39c4ddd1aL,0x8cdfb753f226d869L,0x20bb870779fc646bL },
-      { 0x3c8c1d7a25d1308cL,0x5a976ae47116f347L,0x6af949a60faf9690L,
-        0x7e6718fc07f3472fL,0x16ec7b45267b17cbL,0x80744641cebe1bd7L } },
-    /* 34 << 98 */
-    { { 0x45eded7ab2a5c8e3L,0x4308485969a0681bL,0x89b7510d90910e8bL,
-        0x1c622d04d2066d92L,0xdc3b434bcd2f0d7cL,0x98bcb83b476ea5a3L },
-      { 0x9195431d3dbf2be5L,0xfec7efd969275ac5L,0x6a4364f556a7da4dL,
-        0xaf701bc579c177ccL,0xb77ef33e9ffc2a47L,0x2bc59331cc23c4e4L } },
-    /* 35 << 98 */
-    { { 0xedf4a85b9d43c51fL,0xc0afbcb6b59a7244L,0x3ede2f25626e0ca8L,
-        0x45836582270f674dL,0x83c47048bf06d267L,0xbb1e994f3c68314eL },
-      { 0x50d79cb4f2fe6c8fL,0x1a1d8aecdf7600f5L,0x216f5d2bef4e4857L,
-        0x41361a90bdffb9e9L,0x8040f5c173d2f9caL,0xe6665f0dd1e9be4dL } },
-    /* 36 << 98 */
-    { { 0x5405179f394fd855L,0xc9d6e24449fdfb33L,0x70ebcab4bd903393L,
-        0x0d3a3899a2c56780L,0x012c7256683d1a0aL,0xc688fc8880a48f3bL },
-      { 0x180957546f7df527L,0x9e339b4b71315d16L,0x90560c28a956bb12L,
-        0x2becea60d42eee8dL,0x82aeb9a750632653L,0xed34353edfa5cd6aL } },
-    /* 37 << 98 */
-    { { 0xb112fd7b36386e2dL,0x358e974a6a634bd7L,0x509814737faf640aL,
-        0x1036bdacef39b3aeL,0x410c6448db5aceb0L,0x914671305bbebe92L },
-      { 0x83fabd54e9e009e4L,0xb2da8eea9994d16cL,0x9d73da6356997acdL,
-        0xea9158b97ec1b844L,0x8e6a6e3129714795L,0x23e98f57131243f9L } },
-    /* 38 << 98 */
-    { { 0x7105f727552664dcL,0x97cbfb6c5c589c8cL,0x1a7b110a70fc59b3L,
-        0x46c39f2cc754c69dL,0xcda0e2c067b1f17cL,0x35fe45fab7ede210L },
-      { 0x6b3ecb7d82e78b40L,0xa90eed4fdbc07241L,0xa73797895aacd533L,
-        0x28120ba5f4fa89a2L,0x9c1fc09ee3055006L,0x71e665efc51653a4L } },
-    /* 39 << 98 */
-    { { 0xcf782247d28b5059L,0x15bef4cb1b89eb06L,0xbc182ed6bcb4afeaL,
-        0xcf5b6dfde0e32b77L,0xeb61aff9d9446052L,0x5846f171c4bfc0abL },
-      { 0x61d5ae1c6fc68422L,0xa282c56846e870afL,0xdb4859d16bca8fbdL,
-        0xd4cd416e97caf135L,0x11217fa9c3debd59L,0x27702da6370758ddL } },
-    /* 40 << 98 */
-    { { 0x8273db992d189057L,0x4d1b05fce1b5f8ccL,0x5fec7c830a7c32d1L,
-        0x28ddaf28ea9b4d45L,0xb6bb62aca2fc58beL,0xfc65b7aa4a41852dL },
-      { 0x6e7651941c9e6045L,0x3acabf28fc116257L,0xc9d5e8054b5a4ba8L,
-        0x9a072259cbdcf1ebL,0xc67cf643439fc8fcL,0x917ef6f8b4333aa8L } },
-    /* 41 << 98 */
-    { { 0xee6123cca6411227L,0x91372d080ee882bcL,0x2c30a840a638a4faL,
-        0x1867421321e83d4fL,0xc6afa4cfc3fb9925L,0x19aec276e4fdc73fL },
-      { 0x1ffec4510cf4e610L,0xac57292ede22d429L,0x62844d78e6cacbc1L,
-        0x0eafcc554d2e497cL,0x39f1acc8e780f600L,0xfcf8d914fcff8c6aL } },
-    /* 42 << 98 */
-    { { 0x0734ab43ff2152d0L,0xe52c5dee930fea54L,0x9cac7efe940bddbfL,
-        0x30d2610ddbd43391L,0x4beeb865921c124dL,0xa19fe6a4fca219fcL },
-      { 0x588395628755cc47L,0xa7f301241324f2d1L,0x4fe38ee3b1ec5aacL,
-        0x3583542eb16413ceL,0xfa92e2191733b7eeL,0xc0f30ba32b2001a4L } },
-    /* 43 << 98 */
-    { { 0x706b02c3febc7968L,0x6e45dc90c96a6b64L,0x34e5f890f95aa4c7L,
-        0x8ae64d487683b855L,0x0fbb9c4a62e03ebaL,0xb32a965ce2cab115L },
-      { 0x4a7084a8b33102b4L,0xe7fd9db3ebd1bd6aL,0x2fcb233cc7f32b61L,
-        0x365896d5f2549734L,0xa3f18bfd25c7a1c4L,0x382950ef212b8daeL } },
-    /* 44 << 98 */
-    { { 0x82154d2c91aecce4L,0x312c60705041887fL,0xecf589f3fb9fbd71L,
-        0x67660a7db524bde4L,0xe99b029d724acf23L,0xdf06e4af6d1cd891L },
-      { 0x07806cb580ee304dL,0x0c70bb9f7443a8f8L,0x01ec341408b0830aL,
-        0xfd7b63c35a81510bL,0xe90a0a39453b5f93L,0xab700f8f9bc71725L } },
-    /* 45 << 98 */
-    { { 0xee2b773e4ed17990L,0x499e83623faab7feL,0xa3925e2f71abb9efL,
-        0xfee50406ce3b4a69L,0x71a15070bc10f803L,0x5b01e4a2c7bab10aL },
-      { 0x806c590d99e51e36L,0x34adbaf6a7f88d5aL,0xd4a93ce9f6b30ac3L,
-        0x39d2cf40dc33fdfbL,0x13e676f1d5e4e7ddL,0xbaa72ab9199690fbL } },
-    /* 46 << 98 */
-    { { 0x85017690e51b47daL,0x25919b58a2b476ceL,0x6f692de103ec5d55L,
-        0xd6cf8ee5d022dcebL,0xaf3225238ba7076eL,0x917b373728c902d5L },
-      { 0xac75fddc3fdf8590L,0xe83d9bbb64fc304cL,0x13550de2971f659aL,
-        0x70bee07ee12b7bebL,0x9989d2fa0a855646L,0x8b6043aca576b3a1L } },
-    /* 47 << 98 */
-    { { 0x1bfd4f92fadf9017L,0x1e4509aa737bc67cL,0x88278c3699af1ffaL,
-        0xbc47536f4678e22bL,0x69914cdb1b07c823L,0x56fc28ab97277358L },
-      { 0x092d28efe752d2f7L,0x6a8286a691da62c5L,0x86b702778033c632L,
-        0x57ef284e7672f41fL,0x9101ed302e54007bL,0x53e94cfed25d8d19L } },
-    /* 48 << 98 */
-    { { 0x311ebba2fc37efedL,0x8a6a42d660cfd6bcL,0xb4051b3af2a4871eL,
-        0x66ce77b8c2f0ebf0L,0x84abc9480ad28477L,0xc82e5c6263d9d11aL },
-      { 0x99ffc70c007dcf93L,0x5e974edfd964c822L,0x0fee3572513085e3L,
-        0xbe67a88046ce8444L,0x136ceeb806d17129L,0x0da512ae662d86fdL } },
-    /* 49 << 98 */
-    { { 0xeae827d989e687ddL,0xb025f0723bdbdd9dL,0xfbddcecec3a575aaL,
-        0x3fab33c1f80d12cbL,0xd0232142b32f0381L,0xf00e74bd3b6c3132L },
-      { 0xb7c1311e0e44deffL,0xf3d790ae29b04d6bL,0x3d3744b846f72957L,
-        0xc0890fb6ab2f13e6L,0xa669a34324461f0cL,0x35c9677ddd72fcb7L } },
-    /* 50 << 98 */
-    { { 0xc257ed518060a28fL,0x3a9d7e1cc72fafebL,0xa304a5e8332f435aL,
-        0x96969bc234ccf343L,0x2aae4d8e7702ba84L,0x37f15631f203a7eaL },
-      { 0xc0000f24c9666405L,0xa98eb834a537fb89L,0x8c0564cf7e36dd1aL,
-        0xb5ca507b4e89615cL,0x9bfa209a9d80ef92L,0xe2ec1879a83f02e8L } },
-    /* 51 << 98 */
-    { { 0x73b4573c11dfdea9L,0xe5f208ee5c8cc81fL,0x5c240d3c769adf12L,
-        0xbd3f8f33550c53acL,0x98171d16bb4f43acL,0xaf19d5fe84db9e13L },
-      { 0xc589be0d2e53345eL,0x3184b540f114f6f3L,0xa35ed77e4946090fL,
-        0x427b860afd3108fcL,0x7d0848c3867df76bL,0x353539e2a32ec485L } },
-    /* 52 << 98 */
-    { { 0x9401aec2b9f00793L,0x064ec4f4b997f0bfL,0xdc0cc1fd849240c8L,
-        0x39a75f37b6e92d72L,0xaa43ca5d0224a4abL,0x9c4d632554614c47L },
-      { 0x1767366fc6709da3L,0xa6b482d123479232L,0x54dc6ddc84d63e85L,
-        0x0accb5adc99d3b9eL,0x211716bbe8aa3abfL,0xd0fe25ad69ec6406L } },
-    /* 53 << 98 */
-    { { 0xee174af2df740edcL,0x1bd8382c09233f0aL,0x34a7450e7d343006L,
-        0x92259ddd3d463e61L,0xcd0bfe6fedbc3af2L,0x39627c4cfc8770f4L },
-      { 0x7b7c688ddbabdf2bL,0xf459f0e64bef3558L,0xfa0e87becc88f7c8L,
-        0x67beabac5fcc80feL,0xbdae52bfadeba16fL,0x4751724c5af5c9bbL } },
-    /* 54 << 98 */
-    { { 0x5627e0d016332364L,0x33839376fc57f01bL,0xe7fc2c489528e434L,
-        0xa0ee39acb52b3757L,0xe49e383ee42e4832L,0xabfefdbb31359afbL },
-      { 0x5dedb6f3b99ee196L,0x38abe58bc16aac17L,0xa300a1333ec06a07L,
-        0x00e68eadc90d4659L,0x60412e8a8000a773L,0x6099b6a6a5830c94L } },
-    /* 55 << 98 */
-    { { 0x85364bd10d340c80L,0x14b89462be64bc9fL,0x16429134b542faa0L,
-        0x0d4cf3ce73683e2bL,0xf9a3e443cb73ab7bL,0xa4c2d0afbb156b0dL },
-      { 0x826123921bc77675L,0xaf2aad4a5f26c238L,0x6f6f5d9aef4656bdL,
-        0x0e20425f90901f3eL,0x0e30bfef9943a673L,0x6cefc62847415a28L } },
-    /* 56 << 98 */
-    { { 0xe7acaa8457e0105dL,0x3c06d3bd3851fd57L,0x23cf3c612a9c631bL,
-        0x13888aaa33863bf8L,0xf2396355717783eeL,0xf21e1a4836b300e1L },
-      { 0xa734cb3b9d27b4cbL,0x0a7effed796e34b6L,0xfc5864773615cc7aL,
-        0x1f98ed7788844a21L,0xd6e289407ad4c7bdL,0xa00d64ebe9331c7eL } },
-    /* 57 << 98 */
-    { { 0xcc6ce7dee1c1e159L,0x77982e4f03df6b56L,0xbd8307d1b82b5ebfL,
-        0x43e25358ed881b82L,0xddba4f418e0eb034L,0xbe326c36f919800cL },
-      { 0x97d03da7af52dfaeL,0x153bb17af4bf81c5L,0x29bbb9bed7ff322cL,
-        0x7a7bd8c7232cca47L,0x7474c199c2830f03L,0x9f464a06f0065fc4L } },
-    /* 58 << 98 */
-    { { 0xca505cb553b876bfL,0x6fc27f553662cb5fL,0x891cbef432cb1636L,
-        0x339743f16e27e2d9L,0xde76538f21dc4837L,0x9cea05020efe241cL },
-      { 0x97b8deb65888d9acL,0x4d3c28cba4b6cc56L,0x88ca828f840910b3L,
-        0x2e5727cfbfde6793L,0x05a4138302bbae6cL,0x2e72fd653fa8e23bL } },
-    /* 59 << 98 */
-    { { 0x5b88c5ae6d17fe02L,0xc9b14810d6dbe104L,0x170b8659873be863L,
-        0xdc5946a6ae9111b4L,0x4cfa5f022819a4cdL,0x7653d06ae213bb7dL },
-      { 0x324c41baabd7ee74L,0x4219968cdd1608f1L,0xa5e104704adc1561L,
-        0x964a53ea5e16d818L,0x00ebd1d4980f4bd2L,0x23cbb80d3518144dL } },
-    /* 60 << 98 */
-    { { 0x0d5c1769df85c705L,0x7086c93da409dcd1L,0x9710839d0e8d75d8L,
-        0x17b7db75ebdd4177L,0xaf69eb58f649a809L,0x6ef19ea28a84e220L },
-      { 0x36eb5c6665c278b2L,0xd2a1512881ea9d65L,0x4fcba840769300adL,
-        0xc2052ccdc8e536e5L,0x9caee014ac263b8fL,0x56f7ed7af9239663L } },
-    /* 61 << 98 */
-    { { 0xe6ece4b5dae76820L,0xd428354e95feec03L,0x43517722f8871f7bL,
-        0x313fde11e84d0b7cL,0x7f02824b1cae0a45L,0xf9f560c1d6646bc4L },
-      { 0x124d88bc903a0608L,0x950e8320370c7ff2L,0x29e6da714090a72dL,
-        0xbc5a108c54547d89L,0x809330cd3e484deaL,0x1b04a8088bb00f0cL } },
-    /* 62 << 98 */
-    { { 0x2425c59c03e0a528L,0x49de96f425c2be3aL,0x30b52686fff4b610L,
-        0x2ce573b0f2e5f7b1L,0x4ec05f07b606f0e6L,0xf2040886366ecbf4L },
-      { 0xc7fd993460d404d3L,0x8a064992fc12227dL,0x9c6d64ec215492b1L,
-        0x2793bd0903463ec1L,0x49523ebab7376e80L,0xb138dfbd35b14fd6L } },
-    /* 63 << 98 */
-    { { 0x5ed097b0df7363adL,0x21319edba5696d91L,0x17c46519c5d5313dL,
-        0x341d46576c6cccedL,0x60d80713692bc704L,0x9477b6e907fb8e13L },
-      { 0x2965720b532e0c6dL,0x2767b4ee87831d79L,0x3e2e67abd4b5ef14L,
-        0x45ee89b5d2598521L,0xfc8f1e3ee6441648L,0x75c4db57567ed090L } },
-    /* 64 << 98 */
-    { { 0x17e3d0b8713b8541L,0xf372b048c6b5e839L,0xf8ef0261d0bb1848L,
-        0x9b804ceec71a3bbeL,0x00b7d171542a88aeL,0xf2b8ed10e9097b9eL },
-      { 0xdbad9f122c0a009aL,0x245fc1e9205fb1bfL,0xa8a4834fb83debf5L,
-        0xc3ee226d637e449bL,0xe3070d93cab82664L,0x24b8094db37320e8L } },
-    /* 0 << 105 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 105 */
-    { { 0xb506b7b925059699L,0x349fd83f01ab02e5L,0x64b729ad3789281eL,
-        0x69ae8f81f9af4561L,0x007befe156f91860L,0xb578c566edc250fbL },
-      { 0x1c16d75a67ae4801L,0x04c35a7ea1d3f592L,0x5dc97da936881f89L,
-        0xaddb603103a5b1eaL,0x7eb515b13e153a0fL,0xdc3a92192b4a1ee2L } },
-    /* 2 << 105 */
-    { { 0xe7365f9e512cc92aL,0x9efdcf8b5172a654L,0xbfb389ac8e611fc3L,
-        0xce778fd5699c227dL,0xdc1f47b63ff2ef17L,0x2ae0f68302672ed4L },
-      { 0x51c63806a8e879cbL,0xd3dfecf03909f526L,0x375b3d13e00e12a2L,
-        0x91f9f750bf8df325L,0xf1ea0e421df5f21aL,0xaed73e7f32c60584L } },
-    /* 3 << 105 */
-    { { 0x03b07fb5e0728e6dL,0x9e0469201012234eL,0x272e644935637644L,
-        0x2b6ad1c2a55bcadfL,0x86c527765c71c6afL,0xa25bd60bc1678806L },
-      { 0x0cae829476bb32f8L,0x389ce4e633e03cb2L,0x504df8337513dfb6L,
-        0x4260ee8e1b351ddaL,0xa473c5d9dbaf7cd0L,0x22cb7cb471e390fdL } },
-    /* 4 << 105 */
-    { { 0x1d9aa9fa26caebd8L,0x6b64686926b7a673L,0x7ebed6a17f167b47L,
-        0x324c13f85bd9153dL,0xe9ea5b734c682ba6L,0x2961da7d7e3ff6e2L },
-      { 0x1ed2b05001a83dadL,0xb232951dc4a2f60aL,0xafcea5d3d68b8ec6L,
-        0x21dc058d1c6ce0d2L,0x0043de75e719410cL,0x4edd792ce15cf534L } },
-    /* 5 << 105 */
-    { { 0x0f45245f3babe09eL,0x0959326fa9f2fac5L,0x7629e7fb5cc136e5L,
-        0x208bd5a6e48b7eb0L,0x637891d6b75a85cbL,0xf0ad9d8d9f27b57eL },
-      { 0x437b6944e0454b05L,0x022c51d702ed3592L,0x0f79e2bd0dc0a769L,
-        0x54ace1fdd9b81f9bL,0x38611d66f95ea8dcL,0x52443ca8f0e6147bL } },
-    /* 6 << 105 */
-    { { 0x857d68558bc272d0L,0x4583eeeeb5be2485L,0xb83586dafe0152ecL,
-        0x8b0eb223e830294aL,0x757582b6a5b0e880L,0x5140c0169cca7fffL },
-      { 0x07a00782e9228f12L,0xb96e2b5dd4973080L,0x3cceb9a6e88efbe6L,
-        0x9955b63073fcdd25L,0x04f26ab02805d470L,0x90b38299424da086L } },
-    /* 7 << 105 */
-    { { 0x73f1ae48f4f6c5b4L,0xee5af13d4a477f01L,0x274614a2ddb93d52L,
-        0x90b0c563c320aaf5L,0xee2303c8ef990b0bL,0x00d028e73061f140L },
-      { 0xff705011cb3d8eafL,0xae1d990862594f4cL,0x22a27cecdafea438L,
-        0xa78e12d5c5962ea9L,0x5bbe9d878e65f9cfL,0xa222580cf47cefa6L } },
-    /* 8 << 105 */
-    { { 0xf7aaa732959abb9eL,0x1222ad0a2ebf80b9L,0xa1a417372e0c286eL,
-        0x3b6685025da3472dL,0xbc0d116b7576f2a2L,0xfdbcad95a36a27d4L },
-      { 0xcdb3f4749d54f7eeL,0xe2e0f5f98a5643a3L,0xc70d11b969d4f171L,
-        0xdf96d1366cca4ef7L,0x570693db2fc6afdfL,0x5059e67b567504daL } },
-    /* 9 << 105 */
-    { { 0x2c8107d47fe632a2L,0xfc46c745ede7bff8L,0x2d3b12864650025bL,
-        0x815ef3cbe74cd65fL,0x5431b01ba256f01cL,0xe832ff1139915cfaL },
-      { 0x2c106de607d7af84L,0x67303b786d4753e7L,0x5f886ffa6d75c8deL,
-        0x932a6c20967131cfL,0x5bc94a9170aebbb0L,0xa85b3044fd56e06dL } },
-    /* 10 << 105 */
-    { { 0xc904558ae7eba799L,0x46b6031bb2fa7331L,0x6620e2b50653675cL,
-        0xd1373a357d2218f7L,0x0f4b3ca3af55a5e7L,0x50774160714e70c2L },
-      { 0xacc63d1469188455L,0x89a795fe043b8b30L,0xac2fd66ce1e4b9cfL,
-        0xac7927021bf67f26L,0xb9513f0d1143d437L,0x02198050811f2931L } },
-    /* 11 << 105 */
-    { { 0x6d4acdba7b480776L,0x8b518cd466dffeb5L,0x8826c99451918859L,
-        0xd2b6a7a038fad835L,0xd315417a6929a870L,0x05d85252c5a769e1L },
-      { 0x2fa06335ec0d091eL,0xb0cc337287768c88L,0xacbda5ba58a2eb9dL,
-        0x2a404fc976b7b057L,0x073abb71838c6135L,0xbdf89b135cfc4f3cL } },
-    /* 12 << 105 */
-    { { 0xd00eb9c53508675fL,0x92ec76a4a117dc95L,0xf58d6f85334ca15cL,
-        0xeeb522169cee0544L,0x3eb9847ff21457c2L,0x547908bc5524c60dL },
-      { 0xb5b49d225198709bL,0x718abce6324abc67L,0xdab8ff2f4abd54baL,
-        0x98be59e67184d444L,0x45b74b54babeb4b0L,0xd8d8bb30ff71a5acL } },
-    /* 13 << 105 */
-    { { 0x8aedf7e28ec13e6fL,0x8b952620d950792dL,0x36e9dac204918f59L,
-        0x5e49a5a2d3dd47edL,0xb17455bee863c2bdL,0x8caac6a9326a0d66L },
-      { 0xb6c3f5e427bb72e1L,0x17566c9dee5fe09bL,0xfd6bbcc25e3db64dL,
-        0xd437d07a3189319cL,0xad00dfc4cd3166a5L,0xab75927b0bd63003L } },
-    /* 14 << 105 */
-    { { 0xa7672a39afc43be8L,0xefc49015c72f97aaL,0x81c63c050e48f2edL,
-        0x62f39f32833a22ccL,0xf7a3480172c0c0c4L,0x4711cd41a4158538L },
-      { 0xa3c99a4d1d15f2f3L,0x4b82c1c17bee1b47L,0xc7d60b489d199f10L,
-        0xd1d1f03d5f16fa95L,0x96c780c932fbeaf2L,0x0662e250376ff106L } },
-    /* 15 << 105 */
-    { { 0x728e334678571c8fL,0xd0a886b56cb339d3L,0xf4ea33380a5671baL,
-        0x43823401a64850a4L,0xa7729cd533117b9dL,0x4dd457602b78cffbL },
-      { 0xbe0571115a67d812L,0x7ec6cf925105a3fcL,0x5dbcb4bc0ccafeecL,
-        0xa7587f15803092f8L,0x67ee61d5a884efadL,0xd4ced554ca47d9caL } },
-    /* 16 << 105 */
-    { { 0x02c6b6083b03dcbcL,0x2b20149e3b9d868aL,0xaf5ab01d4f57eb0cL,
-        0x59935b94d750e515L,0x32721b408f89ad68L,0x673bd755a7e3ceffL },
-      { 0xbd462fd8ef3b3393L,0x991422640e59a120L,0x4162da619263fa61L,
-        0x2ed1f2deb6488eb3L,0xb0bd37a8725680c4L,0x17218bf029ec27b0L } },
-    /* 17 << 105 */
-    { { 0x444071ff84ff1ebcL,0x4b4171e87f789cbdL,0x4a832cca2db4e8daL,
-        0xe229ffb6dc209c05L,0x9efbfd7eb5f0b3f4L,0x65e07fe774fbbe6bL },
-      { 0x2892c8ac627b9d41L,0x01a20eb94297e7a9L,0x2f54e88646f29860L,
-        0xc425accc188798ecL,0x6137251c85c80580L,0x6cc0f9c4f386581eL } },
-    /* 18 << 105 */
-    { { 0xf677bdd11cb61a7bL,0xfca1faf8932d6113L,0x1d5bbf97a531bbe2L,
-        0x3d5e4860c849fc47L,0x388943cd95fe4da2L,0xffb7d5e073add43fL },
-      { 0xc3166ae828fcc058L,0x89dc7faae0d6f6e4L,0xe6daf1a6f527ca01L,
-        0x500a703a56ef1d8dL,0x3573d0a3fc914df4L,0xd780e745ef8dc2a4L } },
-    /* 19 << 105 */
-    { { 0x90a8f3380500afbcL,0x8c303270838ccf6fL,0x82cbdc98458254c6L,
-        0xc2f24d03b367ddbcL,0x5d3daa0d6c882354L,0x824d313d376599d0L },
-      { 0x6e5075df7b9dd1b6L,0x6871a3d4d69c9828L,0x8b3762f59cffa148L,
-        0xf2184f67eef8c656L,0x437630c296a1537eL,0x92a0667c4cbf8249L } },
-    /* 20 << 105 */
-    { { 0x6e929912ef619478L,0xe7ddaf255ffc5939L,0xb71133cf96dbbca5L,
-        0xee8bd53f17da5104L,0x7601ce6adc49be68L,0xa1ca3b3cc63f2a87L },
-      { 0xebf388c2a0de1668L,0xa0f6c38dd0ec6bd7L,0xc8e0875ddac451ddL,
-        0x179fbbe5a5afce85L,0x0727095673bfb06bL,0x992afcd047622925L } },
-    /* 21 << 105 */
-    { { 0xe3b0122624f262c3L,0xaa7a0925dae30b22L,0x36104c95a96a18f9L,
-        0xdc6090f5539b6740L,0xd70270ba11040a88L,0x53997b57ea3342feL },
-      { 0xaaf1d47d63393e4fL,0x9db8aa3fe8a99625L,0xed571a32c3926e1cL,
-        0xd6e898526e565346L,0xb3984bbd873b2589L,0xaeb7bf3f3f5f68e1L } },
-    /* 22 << 105 */
-    { { 0x75a4a19a79ded4a8L,0x1368e269f688177dL,0xa24d67118581e23aL,
-        0xae63d5a6746b3830L,0x0c68d3e314017304L,0x521a5e7de4d45dc9L },
-      { 0x69d9adfaf77ca616L,0x1f8d37f4bfda67f3L,0xa2833ba1027e771dL,
-        0xae49b00367141a63L,0x04e6f282ed6f1968L,0x65d7d88f060f9157L } },
-    /* 23 << 105 */
-    { { 0x5dc3137b512e4026L,0x43e189595d6ac980L,0xdb7dfef39eac06a4L,
-        0xa8f3e2aea09b0650L,0x80a8594c575e047aL,0x9eba41bcf0c58bf3L },
-      { 0xdc04cc7679812341L,0x716050eaeed1be66L,0xe559782099b77be8L,
-        0xe543aef055183ad5L,0xbbddfb814c08a959L,0x6e54d86eb5368e8bL } },
-    /* 24 << 105 */
-    { { 0x170f8a74e7aba263L,0x6b4e1d7b986b151aL,0x5f65bd224b08921aL,
-        0x1017ae3de6caca3aL,0x613f36b626cb9d5bL,0x8a1e2f2ded19d99bL },
-      { 0x52c915a5c3c519c2L,0x3c9a33305902fa08L,0x2cd7f7c206a51a12L,
-        0xfed60db66e0197ceL,0x4e5b2bb7d971b04cL,0xebebeebf2f45ab13L } },
-    /* 25 << 105 */
-    { { 0x43b10a0673220e06L,0xdf93af67777cf022L,0x830195efbeea9ed4L,
-        0x0a36b71812353c9bL,0x520e2e8d1ec8c488L,0xdc985ffaadac5e16L },
-      { 0x0ebac566f3f58ed7L,0xc7747562a2cd13a2L,0x6a5b4cbce3901864L,
-        0x66634acaa374b634L,0x45e000877f4680dcL,0xb783d01f9fdbe92aL } },
-    /* 26 << 105 */
-    { { 0xcf6d51be36e1c05bL,0xf59b6665e1da0ad8L,0xaa8bfb9d727a701bL,
-        0xb1680942e26e268bL,0x09d41407e518661bL,0x8b0dfbfb3757a993L },
-      { 0x34ecb09f6cb33380L,0xfcd77efede342bf6L,0x9f8fa6c6e476c5eaL,
-        0xde30410fb6257416L,0x416ea101bbd47b91L,0x86ebd19e4aeede80L } },
-    /* 27 << 105 */
-    { { 0xfe7562e00818226bL,0x922d8fe662b46275L,0x6216698b491adc2eL,
-        0x5bdf7a59f6a38f2eL,0xc0640bf937710dfcL,0x06ad30a9df687f48L },
-      { 0xc561dc7d3eb66e6dL,0x7444ac83d08616c3L,0xebfcccee84984618L,
-        0x35a03bafbb15eb51L,0x7c907f9fc17a5de2L,0x2e48ddb5814634dfL } },
-    /* 28 << 105 */
-    { { 0xe466d7a7ea51a37aL,0x5203e990cdf97186L,0xf700953096c84ba0L,
-        0x4e32fbe65f89d1adL,0xe530349aa9be221eL,0x0f7f9c2e50b31508L },
-      { 0xa6796f5c3af5a574L,0xe220f6daa2a2df89L,0x99ec4811d8b65510L,
-        0x4dfdac69ed373b27L,0x663f46b1bb55114cL,0x44236350d167e032L } },
-    /* 29 << 105 */
-    { { 0x1382e90ba65f6a57L,0x3557ab88e5c903e1L,0xcc0cc77f032067beL,
-        0xdd8da09f67797328L,0xeb2979d45114c09bL,0xaaca95bcc4eb598eL },
-      { 0x651a7ce5a2b776fbL,0xc20fe9315312ffc1L,0x842957357dcf479fL,
-        0x022ba6e2ee5cc0a7L,0x6d27e37185b0ba5cL,0xe6f212bdbcd5f2c1L } },
-    /* 30 << 105 */
-    { { 0xb0c2ce87a9088f95L,0x47ec07e0acb11d2fL,0xfe84fba0d30ad231L,
-        0xaa98e35f18a08eb1L,0x36adc3f2f6a27510L,0x622d202751fac4fcL },
-      { 0x4be765cabb9b6ffcL,0x934193571cbfcbeaL,0x83542d9cbef14402L,
-        0xf27504954612b4b4L,0x91aff597bb988ba6L,0x229031e51d61f6f9L } },
-    /* 31 << 105 */
-    { { 0x6b04a446ea29e65cL,0x9b6247a696c48a99L,0x95aa162f60c83930L,
-        0xe387f544e30821eaL,0xbe1cdab306c51b7eL,0x40175d151fc7b8f8L },
-      { 0x89df5ff36384d331L,0x02eb9aa4fe1aaf5eL,0xf24155f789675704L,
-        0xbd2e8cdd87f72f4cL,0x2856b3c46de30f01L,0x2356f0a3ecf8af25L } },
-    /* 32 << 105 */
-    { { 0xfb09e7564bd044efL,0xdbc9fcdfbb964fb3L,0x451c5b01cdb1f4f5L,
-        0xb02f9068f1dd1cf0L,0xd4765e7c0c687e41L,0x89b64981d1967bd3L },
-      { 0x06a0e4ecf0439d65L,0x564c387da5abbcecL,0xc1e9d01ac651d806L,
-        0x5e6ebd830618a96cL,0x9ce1aacec54ad8ceL,0xe5248a089953f90fL } },
-    /* 33 << 105 */
-    { { 0xd65f3b909b6ab239L,0xbc259a6d9ea8bf80L,0xc10d5c235944f964L,
-        0xbd6b3f6f61eeac6fL,0xc4ef2d8383e92858L,0xb80d5ab0a3736bfeL },
-      { 0x27bebd1176695c40L,0x4de92348ea4f5720L,0xd70d93e6070b892aL,
-        0xfce03d0be626d5abL,0x2525e8ea81014bedL,0x6fa3df16a70e2799L } },
-    /* 34 << 105 */
-    { { 0x42b8350a7bbc41caL,0xd7861ad49af59bc9L,0x2453d07c5644d328L,
-        0x2b92643ad7c8ec43L,0x7c14d3c7cd5f1fd2L,0xcee050463d373c7fL },
-      { 0x17ff60bd0ab2b35bL,0x473925e0dbb7f655L,0xdbaa015aff3ee023L,
-        0xbc1ff6d6087ecfbfL,0xc44e1c8c5fc66ca2L,0xc60a193850d6b257L } },
-    /* 35 << 105 */
-    { { 0x5ff44f3ed8f0983cL,0x9de50da0bb82cc15L,0x504f82ec94757c44L,
-        0x72a4fc9dc8a07028L,0xd4d6e4cec3d5e64cL,0xc6148fe780008568L },
-      { 0x71ba3fc525ef66d6L,0x969cc8694f6589f6L,0x5016c8c2d934ab25L,
-        0xa78382f6959e8881L,0x28bcb8bea20eee18L,0x055ba80b37edd7c8L } },
-    /* 36 << 105 */
-    { { 0xbe389fef9c98ca3cL,0xdc3ab23b910370e5L,0x866cb37d5e8eb20dL,
-        0x2f951ca9c1e32fc8L,0x54ef6ab15fe24e6cL,0x6038b5efcfcb8cfbL },
-      { 0x362e076b6eec196dL,0x47bb3aefd398b505L,0x9f3128eb343711ccL,
-        0x8dda2fa8d28e3269L,0x908c52c7eda48846L,0x65fb3a05d53b0917L } },
-    /* 37 << 105 */
-    { { 0xeae35c02ed711239L,0x16ab943fa97db2d7L,0x9770bb578f3b0599L,
-        0xa88ffb95956d04f3L,0x3b937af5f4dcf6ffL,0x311ef2cc0bc41f56L },
-      { 0x00e9214a2860ea2aL,0x2a64b18a7bd12d8fL,0x20a5b9da6a2b9dbcL,
-        0x5c16a412fe1b8edaL,0x6fc306af7b9db98bL,0x964c35de25dc9363L } },
-    /* 38 << 105 */
-    { { 0x81f4739e6df16589L,0x2ea2fff11f8b8ac4L,0x3baff03d33e02c36L,
-        0x7f07526874d77660L,0xa442d7fa758eed7dL,0x584cbe9866625864L },
-      { 0xeed35d579d167ff6L,0x56627c2e3c7bf84fL,0x908df5aedd011153L,
-        0x2694e54d242fc055L,0x25beed9a2f2d60c3L,0x29d3f22fe2ee5293L } },
-    /* 39 << 105 */
-    { { 0x14940dbc178f9859L,0x6e6e35b7329ec4a2L,0xd1f198096707db4aL,
-        0x6eb310b79fe4233aL,0x8f92556eb41e1d8cL,0x2ab28e231d7ce522L },
-      { 0xc5d0f5dfdd5c4d68L,0x3f5146d825101083L,0x3a04aa53de9ee4cfL,
-        0xcf36f1e3d9357f64L,0x05a1896444889f68L,0x1096c87aa96a4137L } },
-    /* 40 << 105 */
-    { { 0xfa4b6697a8352657L,0xf5696452cad6ec30L,0x10aaba60986c84ffL,
-        0x49bdfff4dae014e1L,0xe2a810bd0abc0e46L,0x1dc5b81462d1dd5fL },
-      { 0x15d2f2c723bb4561L,0x5ac7b6421818e30cL,0x40c6b6f94c545f5bL,
-        0x5875b6b2f99241e8L,0xfa3e88a9d6708293L,0x1c936920ad6d9344L } },
-    /* 41 << 105 */
-    { { 0x6516f6210e18ec42L,0xb967eb43df8c26bdL,0x624ee27e69addc2aL,
-        0x34019d6339063252L,0xb317fdd3dcd99d7aL,0xc3d566825d314caaL },
-      { 0x04992df3367506b8L,0x13e4ab2e547262b7L,0x35f130352e287d3eL,
-        0x92e0a276211304d9L,0x94e7129417133d22L,0xb35302275fd71a28L } },
-    /* 42 << 105 */
-    { { 0xe1d9273c9ae60111L,0xe86aeac3d01243ecL,0xc7257b27fa5989f5L,
-        0x57737dc89807d3ccL,0xe1ef78526937551aL,0x74ab9edb15dd2d58L },
-      { 0xbc47b23cc59962fbL,0x376ff30fd3bba76dL,0xaf0035872788ab98L,
-        0x1e475c68619b472cL,0xd79984c89c6a9835L,0x5ceafba510219a94L } },
-    /* 43 << 105 */
-    { { 0xc25ae81155d238d9L,0xf2a21fce4ba4456fL,0x4ebe44d0bd1a440cL,
-        0xe821687f83d958beL,0xb4ce63423ba09f9dL,0xf271435d139048bcL },
-      { 0x2a3db37c99c6412eL,0x50cba09ccb36dbd0L,0x9e5231aef6e65cf8L,
-        0x48e9105d90118a6bL,0x2d58d372368144cbL,0x48702d59928575baL } },
-    /* 44 << 105 */
-    { { 0xc71ce040d1c9204cL,0x8ad09d7373f7686eL,0xbcc6d88dc6fcf31dL,
-        0x22a0b71aaf428ad3L,0x7767944847721255L,0x2b720c7e316b808fL },
-      { 0x3128a7cc5ed45b8bL,0x9744c6c0f79fa1c7L,0x738e94efd22728d7L,
-        0x8a652496fff8f874L,0x0e4a5ade566c9751L,0xfcde62db64e3199bL } },
-    /* 45 << 105 */
-    { { 0xb068ec91aa63f5fcL,0x547e7e471a29ddfbL,0xe3e5de42b17b8e5dL,
-        0xb5c84f27264d1361L,0xa68d10a426432715L,0x4f31e81c23e48e1dL },
-      { 0xe32bea6116dbe185L,0xfaeab7256d1d34feL,0x0ee437cef3a8ca7bL,
-        0x2b8657a2f458446bL,0x8779a3d4c52e3dcaL,0x243d7d0e71654165L } },
-    /* 46 << 105 */
-    { { 0xc4a346b2de23afe2L,0xf8e00f790fac7ba4L,0x22393604ab76b7d8L,
-        0x109233d7a06efba8L,0x5bf89334c7bf56a4L,0x27ed4a28135d4cabL },
-      { 0x07851ad2e32ca02fL,0x41b7ffa630c97f29L,0x383b3716e4457ccdL,
-        0x6ce8645b0b43a50fL,0x73c82018fc5b907bL,0x79a1467381bbcf0dL } },
-    /* 47 << 105 */
-    { { 0xcf5331d35e092e41L,0x7e0b9fdeb43e3c15L,0x842a971182841f82L,
-        0x2d837c810cb9d1ecL,0x6aff6d6873095ddeL,0x2a7f6f40c9478ef3L },
-      { 0xb6e8ac80a9976e39L,0x3853fa5474e40024L,0x664b159a6d87c1d9L,
-        0xaaedf4b4b20b5d11L,0x8a1ac277c5819de1L,0xf10276dc6450b97eL } },
-    /* 48 << 105 */
-    { { 0xa8d7901c7c16c09bL,0x628ff3be42e1948bL,0xb905d7c504e4bce1L,
-        0xdfbf9c4e5ab0696fL,0x0f4e6e2ab6db9cd5L,0x4857e570482e40feL },
-      { 0x5ccd9b421c3beed4L,0x171b085fae51a947L,0xcebe0dbe59065754L,
-        0x4d052d3a461c1620L,0x396bac422fe541a7L,0x8e714cdb70bf32d8L } },
-    /* 49 << 105 */
-    { { 0xed82f15e6ca1cdcbL,0xc5ae5cde51b9a9cbL,0x3b2f78cec70c475eL,
-        0x0f22d10b4243c675L,0x1db96885facac4c6L,0x2fb7884817df2f2cL },
-      { 0x25fb9f4e990f3104L,0x1416733ecefa14f7L,0x3a33828384a5dc24L,
-        0x6d75d3d02564288cL,0xf7bea8b69b93e62aL,0xa5ea8695349f1740L } },
-    /* 50 << 105 */
-    { { 0x38feea7115e711b8L,0x129aea564accd3eaL,0xc53e54c412b23539L,
-        0xb15bf11a2b280c59L,0x5ea76f5782d44df5L,0xea79f833d4ac1af8L },
-      { 0xe547deba08330c6dL,0xbaa89422663ef402L,0x17263762d215a5f5L,
-        0xb9509a19c02b5f9eL,0x9bb99fcb025caaccL,0x43f4494b25f24089L } },
-    /* 51 << 105 */
-    { { 0xe55e592c98563c70L,0x4e62ace5d013c82aL,0xb6025ac16fcf7380L,
-        0xac4a8157cfdff8b9L,0x1fa181344497acf6L,0xdcdf05c0ef09d3e9L },
-      { 0x7a65490d83d8e716L,0x2aee0b35e98c46feL,0xe62381dc7d6d4035L,
-        0xc7162b78203975c0L,0x1079d8b6aad2c021L,0xe3e1cb4370c98838L } },
-    /* 52 << 105 */
-    { { 0x3ca01799f04dd97aL,0xd6d1d41d3f9e03f3L,0xac2713eda55fa375L,
-        0x2bd440556a89a5e5L,0x8582d98458f5c269L,0x7f9b3527fb31fc27L },
-      { 0x23f91951d810580dL,0x99303919360a3debL,0xfaf10326b5e1eea8L,
-        0xf96feb4838ba5ac8L,0x1508b1002a639622L,0x0766a1019dc93c78L } },
-    /* 53 << 105 */
-    { { 0x0c79d40679a0290cL,0xc09bca0c57eb7a00L,0xf7274ffc163c1dcdL,
-        0xd64ec461bb2c83c4L,0xff3b83efe9ee350bL,0xa490157d01882c72L },
-      { 0x626e1f3d3312310bL,0xd2097e03cdd5d62cL,0x705c3fcadbf659c5L,
-        0x2dc1d7cc810fa413L,0x6313192ad67d58a8L,0x6e1e5bc3597f63a6L } },
-    /* 54 << 105 */
-    { { 0x6100535ea0d42639L,0xb126e939d921369dL,0x2d4c826e4999e42cL,
-        0x159063c6f62f77e7L,0x063c42914e632555L,0x8d3ee387b35d8220L },
-      { 0xbd951cff9b2bac3eL,0xd9b943f1bc248755L,0xeee7017ad3a6074cL,
-        0xbcb9e0e6b0872a21L,0x26d80e0949dff656L,0x2ad7d4e335fbf620L } },
-    /* 55 << 105 */
-    { { 0x6ce5840df7f9503fL,0xb96f82996abf4f6bL,0xf71f33853ab55fcdL,
-        0xe347e891e83a8109L,0x12c5dcdeeb48f0faL,0xb0f02553cd7183a9L },
-      { 0xa7d74862c414f01fL,0xbea40c5cae369360L,0xbe9785e5022d5192L,
-        0x1a3224a50d318251L,0x4d7200093fcbceebL,0x1fd71167c2976f6dL } },
-    /* 56 << 105 */
-    { { 0x03c88a8566d2ee47L,0xee8e5c34455ee428L,0xd90a3d393870d90eL,
-        0x2fd78d14f2fdb976L,0x9472a6066a312a30L,0xea68e2283484af2fL },
-      { 0x7cf25951ac9e5cf2L,0x024f07ee37a28e95L,0x5d479379e563a2bdL,
-        0xe87b50a4b46e93d8L,0x9128fc11f137285cL,0xe46efdf77c67d7e6L } },
-    /* 57 << 105 */
-    { { 0x4050036c7cb0b9a1L,0x8560750c1161d7fdL,0x4d293a521b247ba9L,
-        0x4b25e54c8f1b9d31L,0x91c89139c5baa0aaL,0xa2f75f9f2202b7e2L },
-      { 0x6c0915dd4d2d1388L,0x575d90f703717fd7L,0xd90c059b03e0626dL,
-        0x7004305ba4239e8cL,0x39fb4e2e989775e6L,0x20c31fc8d8a239c6L } },
-    /* 58 << 105 */
-    { { 0x4de318054ab51b84L,0x4a68443c6aa00707L,0x2c3637f05b317f3bL,
-        0xb8ea6f87c0fc14a7L,0xcd0cb4fca2cc6af8L,0x6b5fc899317083fbL },
-      { 0x1b8f160956e6dfa1L,0x698299ed92b77d20L,0xdb84ab7f14fc3fc1L,
-        0x944666a35d5fe625L,0xe9a3448d7e064ab0L,0x53f62fa01abe1440L } },
-    /* 59 << 105 */
-    { { 0x04bc8a2bc8c676b8L,0x502a73144a577562L,0x494d01f11ff01f9dL,
-        0xfe648df164d98f70L,0x80bed0d849719dd3L,0xb77a8f09c231e190L },
-      { 0xc8aa8daecc011818L,0xf313be4f5918814eL,0xf28fcb74488b5bfeL,
-        0x71e23b19b3345c98L,0x1cfb7c0596eba9beL,0xa88e73b941c61971L } },
-    /* 60 << 105 */
-    { { 0xdc7050459cfd4295L,0x1cc9648eedeea59eL,0x88f4af1c0e9ca92dL,
-        0x45d0b53f69689317L,0xa122a6dd41c04186L,0x9df54c3a277fba1aL },
-      { 0x1efc55a5017eb9ccL,0xb253f7b661d1ecd4L,0xd03f8ec6acfb7854L,
-        0xf641e5f49f338dbaL,0x6b6a680a3a3addbcL,0xe80babb5b5cd058eL } },
-    /* 61 << 105 */
-    { { 0xb48da67307873319L,0x53309cdf3bf5db9bL,0x1bc510e64ee9dd11L,
-        0xbb8e529a7388950aL,0xc9c0ce3c7f6e6175L,0xd75753f88a290784L },
-      { 0xfebdd94ba80acc08L,0x942cdfebdc846b30L,0xbb64799f6ca7099fL,
-        0x40f03362d1326fa8L,0x95b2d9db97b62e9eL,0x5ad9ce165301d9aaL } },
-    /* 62 << 105 */
-    { { 0xaa5fead9dfc59ef1L,0xc1348e98b2cc1e9aL,0x83dd617e77bda968L,
-        0x0fdcc0837c8997dfL,0x9206ae234cc62b01L,0x88aec92f417678dfL },
-      { 0x9d399af791fb8920L,0x399eebd13e8a22a0L,0x32f3bba735bebdf3L,
-        0x354c1c5004c2f32aL,0xc2d6b5514052c926L,0x16a1f71f656a7eebL } },
-    /* 63 << 105 */
-    { { 0xd7a755bc14a8c57bL,0xa97b901341ebec55L,0x88b88459143a1a9bL,
-        0x7aa178cc7e19e3e0L,0xb8359634635dfb65L,0x63fd26c7c169e28aL },
-      { 0x89d9090d953272f5L,0x63e571196383845aL,0x0e26c0cf886a1f1fL,
-        0xda56332db7057a29L,0x6b5d303f7a459c6fL,0x3c351b771bb704c3L } },
-    /* 64 << 105 */
-    { { 0xda2b0725bb296c27L,0x1f22ffa4d341171bL,0xc721e35a5b132756L,
-        0xe5695e84fadb6907L,0xbc5a3bf4c283f546L,0x9182cb3edde128aeL },
-      { 0x179c7fa66592e05eL,0x1e604790f38e8586L,0xaf7e83bea16bad55L,
-        0x6f41231e9137ecd8L,0xac87543d8f30d1abL,0x630a9d87b1ee0ee8L } },
-    /* 0 << 112 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 112 */
-    { { 0x359cbfa05e4f1914L,0x6992cd48d922176aL,0x2fd5e90f630cbcb5L,
-        0x2b0f61306ddbf238L,0x5070970a3af753e6L,0x433d009441727016L },
-      { 0x2eb15b3b9dca97e2L,0x3a7379cd00d96875L,0x0d4374aee930a75cL,
-        0x3cd36046849e7727L,0x9ac3117e336a19ffL,0x2d1373c9433ddc04L } },
-    /* 2 << 112 */
-    { { 0x985dcb43e4362d67L,0xecb860c2a939bea4L,0x40597f3055fbf1d5L,
-        0xb6d166bf43fcd98aL,0x5932570915ec99caL,0xe05ae3b9c5bdd370L },
-      { 0xc18f78270c7b943bL,0x84bde9c64dd572ccL,0x5d50a89df478e56bL,
-        0x242c2f4864d29053L,0xcda12c6161cf7e0eL,0xf8b6890eac8d1d40L } },
-    /* 3 << 112 */
-    { { 0x7a9a9dd7b6b11af8L,0xac4c50dd16a42f8fL,0x1550267b6726c324L,
-        0x12cfb2fd7f841afbL,0xa41b19052f046430L,0x8f5f5373b7d786cbL },
-      { 0x7b61b39c729e09fbL,0x07a5415f2626da4cL,0x65d6efb84a348905L,
-        0xf377862cf2e864b9L,0x3c94000dab96cdb2L,0x2176321a8efef0f6L } },
-    /* 4 << 112 */
-    { { 0x8c558000c1c1bc68L,0x9e48a67a83fd6ca6L,0xacf0d75ceb7a35cbL,
-        0x0fbdce4cf0a93110L,0x82b2d13a9cc50c85L,0x696fd259cef70d6fL },
-      { 0x1cc9be2e457b88c2L,0x0d58b34b1f04c0bcL,0x52bd479f195a532bL,
-        0x769fe6ca1ab3605cL,0xba6a63e48a24c1e0L,0x86dea46299da5d7aL } },
-    /* 5 << 112 */
-    { { 0xdf2a6cecd24790f3L,0x37bfbba7b87ca06dL,0x7c8a7e4c0de8a6aaL,
-        0x5c806b94be7b8f5dL,0xccca1c714fda3e7eL,0x3c1cbaf9cff788e5L },
-      { 0x17a081a9565d0464L,0xc4eb995713ed1b82L,0x0d7c90549e4cfac7L,
-        0x6fb74c629d53a200L,0x65b9ed6d5f977a8bL,0xe2279cec0ba2e7c4L } },
-    /* 6 << 112 */
-    { { 0x8435e2962d4412dcL,0xa36cbfef972350d8L,0xe2fe6e6fece5cb15L,
-        0x6f249b095336f7ffL,0x5801feb9908ee267L,0x7649a837fc8f217bL },
-      { 0xfc1adc3ea0ebc808L,0x1ef06bec94f08075L,0x4afb5404cc1d9b72L,
-        0x75cabd61a1f2c5a4L,0x2bd797e1cd08f195L,0x4f1b5cdecbea0f49L } },
-    /* 7 << 112 */
-    { { 0xe9759aa9e7aa87e2L,0x2d54a5fbe5909f55L,0xe49a59aa2c80bb61L,
-        0xdb89e21230c9b328L,0xf42b9adb004ebffcL,0x4471b983479678e4L },
-      { 0x0dde5b0e97709e2dL,0x2f35c653a12bdb85L,0x9f8d7a5cd8c8285cL,
-        0xd7cde5971d156206L,0xdbe765d7a8e126bcL,0x2e645b6de3f4e60bL } },
-    /* 8 << 112 */
-    { { 0x509abccb65682820L,0xfbfa1d094ff86137L,0x1ae371bd640bc2f6L,
-        0xa155c2978f546c68L,0x8858cadcc08b8cbfL,0xafac5b0a1d96948bL },
-      { 0x919cb22682e25016L,0xd147df4ab064ffc3L,0x25dd0f1ab4abe560L,
-        0xc6bbe6369cb75bd1L,0xbb367cf947a778e4L,0x5714aa4dbde524b3L } },
-    /* 9 << 112 */
-    { { 0xce3c8218e61b1439L,0x8be5a9cb67f79d28L,0xb1bd1386d5164b35L,
-        0x0bc24d96b9adbac7L,0xbcee4f0ec7482414L,0xac15b5b66ca5d49dL },
-      { 0x79caa999f20f9a50L,0x89bfd652a911308cL,0x972fe26d15245a7dL,
-        0xd44d0f6e1d0d2939L,0x6749beaedd439057L,0x02627a6ad4b6f416L } },
-    /* 10 << 112 */
-    { { 0x7e882e8cb437b791L,0x9afde25afbe334cfL,0x60184381da52f9fbL,
-        0x935d33a1001df73cL,0x38f303df080682e5L,0xd9cf2c1f4e9a29b2L },
-      { 0x889d265e00d9208eL,0xfc1cc2221fd8e817L,0xdd14f1a2ec71428aL,
-        0xe81cc4f9d9e973aaL,0x26a154963696468cL,0x0620fe6409d546acL } },
-    /* 11 << 112 */
-    { { 0x06ed3e64166be92fL,0xe1da6e27c51ea53eL,0x784f2514acb2b245L,
-        0xc544e50f8e24077fL,0xad449938c5c01787L,0x5d9ef8d527d41dd7L },
-      { 0x37114064e15d4a96L,0x7f0c92aa1dd45321L,0xc1f11d56b9c72ee5L,
-        0x91f3b3f7a78e6d3aL,0x0cf440b0c9488cf7L,0x14d3defd93df403aL } },
-    /* 12 << 112 */
-    { { 0x3fa4ea0225aa1d44L,0x22c68e17f74a6a3aL,0x351bcb80f489e72dL,
-        0xdabdf118be0268edL,0xa3bf9e1984d2cd16L,0x318506a2d67393a4L },
-      { 0xb0c6b2d8615ed517L,0x42ac507c3dcba0f9L,0x60570dfb51235e30L,
-        0xc677628dedb033e4L,0x0290c22766e61f76L,0x1d8450d09888943fL } },
-    /* 13 << 112 */
-    { { 0x1b8f5ed7155a3daeL,0xc9d2433aa46ed72bL,0xe99c7fe38ca361fbL,
-        0x606b08c19626fe7bL,0xe6447257c0ea792aL,0x5839e2c62e1156f3L },
-      { 0xb73135dd5eab6d41L,0x200f2e488ef63584L,0x4c73885ddda1c49eL,
-        0x8d606a75b5428ee9L,0x2a73cc7aa62699dcL,0x484a58941c6c8de5L } },
-    /* 14 << 112 */
-    { { 0x2365b4150decae0cL,0x9c8567ece8583741L,0x35d6cfae6d8842a7L,
-        0x4e6c98e6dd0db8e4L,0x584524e767b34d02L,0x786ea52f554c6117L },
-      { 0x8952ce169320725fL,0x8eb7f91854c4c8f2L,0xdd34f77afc799251L,
-        0x76b8c3173e05d37fL,0x664cbddcebb4d365L,0x31ba98b90dfa1a98L } },
-    /* 15 << 112 */
-    { { 0xf113a7bd651c186fL,0x417bd7373737a50aL,0xddb40d201b858249L,
-        0x62a60745345f5b45L,0xf0a03f5c2d4e221eL,0xcafde67cc64621a2L },
-      { 0xbbbfaebcbc3c06c3L,0xadaf9a16b8383dc0L,0xcd21aa308f343ea2L,
-        0x64cefec0d890128dL,0x2ed9b8f763b44054L,0xc0a49e2917c0ffcfL } },
-    /* 16 << 112 */
-    { { 0xc6307399166915dfL,0xb35545bc5da8a26eL,0x8e0126aae3a99321L,
-        0x0fbfdf76da9308d1L,0x2163ed6b6168e505L,0x71f3d0087500d8bdL },
-      { 0xf57159605ac13f65L,0xc1cd9a6755172d5bL,0x6b225f7e53d84c65L,
-        0x9c031269025029daL,0x54c1edfa17d89aedL,0x5b0238786b435150L } },
-    /* 17 << 112 */
-    { { 0x96d69db1146abf28L,0xc924454924d221dbL,0x7881951c137bdfe1L,
-        0xde2d490dda51f789L,0x6033c2c34b0a1e0aL,0xbe214d8c08dac13eL },
-      { 0x3d5abfa9a5a1d055L,0x3433060f6fe02a62L,0x88608c7ba37f2833L,
-        0xfd2da6f0e74dd6c1L,0x27c22c17fe000000L,0x04a1f15bcfbde005L } },
-    /* 18 << 112 */
-    { { 0x01204485f340b522L,0x588a9e1c9367a099L,0xb3d1a4b466005913L,
-        0x522ac504d55cc36fL,0xa6c80e511b72eabaL,0x15025a7acaaa89b5L },
-      { 0xc9166912bec1a986L,0xe78e9642f19044cfL,0x230d51ab4756908aL,
-        0x6795942aac04cb90L,0xcd2cc9eca2a92818L,0xfccead967cf52961L } },
-    /* 19 << 112 */
-    { { 0x32fa291d52ccf481L,0xbb137ef901ac0eafL,0x13ce2183011746abL,
-        0x7e64248677bfea0aL,0x67cbba0e5e7e5032L,0xc900998a1f2b69fbL },
-      { 0x62ddd91aab3256afL,0x1f0f216911d7996fL,0xab2f2d540e4dd4feL,
-        0x05b577a92ec64ec3L,0x8071e88708ef233aL,0x9be1f8d60e649a5cL } },
-    /* 20 << 112 */
-    { { 0x5f78334137732664L,0x625b85dc840b6f8eL,0x7dcb3d256cdf0959L,
-        0x87a5ae19d4ce1845L,0x43bf0721b0dc016aL,0x6569ad52f6a5f6f3L },
-      { 0xa2697f15560ab87aL,0x4c6fd1a0060dcd57L,0x652a7732c3167f56L,
-        0xe355fef05294a5e0L,0xf7b3177dcc59c562L,0x511c96dddccf4b1fL } },
-    /* 21 << 112 */
-    { { 0xec768f587622c0b9L,0x7c9eb5490416afe7L,0x3c3d87f55795433eL,
-        0x74eff3cba4611446L,0xb2c79249dc7037d3L,0x70062ebd8bb1fc42L },
-      { 0xbd0d3532a4ad91c8L,0x42411c139f5ee0c3L,0x11c4ee91132470cbL,
-        0x496438979fb2a135L,0x4c1df7e0ce2ec891L,0x689cda57e16f7413L } },
-    /* 22 << 112 */
-    { { 0x3b42838a2a0030a1L,0x3f37587ae05ba56eL,0x6382a86f44c16650L,
-        0x6c1bc67da6f9f136L,0x7d152d907ada0f41L,0x9115319d5c40c0f5L },
-      { 0x1143028632f58e3aL,0x5dcf7ec7eda5c5a2L,0xf04404a9f334a0b2L,
-        0x75e0b4a84ec2cbd5L,0x86e89728d079dbf0L,0x796700799a99c605L } },
-    /* 23 << 112 */
-    { { 0x98456a79b1d2a3fdL,0x4e8ba91e6dd789e9L,0x8e0bfa33a435226eL,
-        0x42bea2f48cfea5ccL,0x5ca5fb0321b14602L,0x73faac5826877b13L },
-      { 0x0ddb6ea203905ebbL,0x67bc35f1698cd7abL,0x24da47d85d9af735L,
-        0x1a2a7c1dd786000eL,0xb35fb29e23ccaceaL,0x1c063466bf1f51a7L } },
-    /* 24 << 112 */
-    { { 0x1e7ae1601e94d949L,0x177dc53ee78e6221L,0x8af29d8f7aeb9882L,
-        0x2d9a60fd9e3f3906L,0x6979fcd6df962156L,0xdd2fe5887e1e54b8L },
-      { 0x9cccf31076643453L,0x94ece1a84e0643d0L,0x745449cbc111d8cfL,
-        0x872afa4ae6cfbd97L,0x5c27b7ca10dfb34eL,0x505e62bc533480feL } },
-    /* 25 << 112 */
-    { { 0x6dd2007363141676L,0xdb099810c5c4c657L,0x2bbbcbaf8c369f32L,
-        0x339e3ded08794178L,0xcc362a32315c4cd7L,0x5d288ff37dbce794L },
-      { 0xafd05d104d0cb6c6L,0x3a6dcee9d386c7dfL,0xa207dc17e311ee74L,
-        0xc5794286abdc751cL,0xf45136e5d889b985L,0xb25e84638d8f32a3L } },
-    /* 26 << 112 */
-    { { 0x8711ebfd1dc32f77L,0xfc0e851f3933d758L,0x90b679fd64a859f3L,
-        0x0914a975ef37a81eL,0xcef80495d675c502L,0x862d3b65be18c403L },
-      { 0x0d53f957305b4aa2L,0xe404f2570e5bcb47L,0x833a8644854b6b63L,
-        0x5709f53b99f8d3d9L,0xc400dc1f13893effL,0x75ca01714c65086eL } },
-    /* 27 << 112 */
-    { { 0xdaaf8e76eeceb904L,0xbce9ca54b9e31f92L,0x4442d0c88d06a58fL,
-        0x5966e1e5eda0ee34L,0x043125f058edc555L,0x44d0311749cf0931L },
-      { 0x292aea12a99ae5c2L,0x1e9be1702a2bade4L,0x003ec2826b21b444L,
-        0xc158f3cffc41d601L,0x25a839f4c4b3f4c7L,0x4a36bec399e64264L } },
-    /* 28 << 112 */
-    { { 0x829bbe7e04e6bda7L,0xc52b64ded3e667dbL,0x98aa40ecaa2fc128L,
-        0x2c6997d011fbef94L,0x70ca76aa97c8167eL,0x558f8ce7b1083886L },
-      { 0x5c621e35d250f064L,0x757710f8f535b2c7L,0x5d118d8faa69ee95L,
-        0x02ffe667b27cd9deL,0x65711ac7d13e51fcL,0xdbbf16278cb1a1c7L } },
-    /* 29 << 112 */
-    { { 0x3c2fcbceeab0bb77L,0x569d6c7e4e1b17adL,0x22e06899b0518730L,
-        0xf8466d9d19f809e9L,0x372e254288359d10L,0x8074483532d5bb82L },
-      { 0xc88727d566060945L,0x08e9246572a0d38fL,0x84ca145c9f84a861L,
-        0x8363463c1c004212L,0x9debab72bd3ad87eL,0xce68c150a988e65dL } },
-    /* 30 << 112 */
-    { { 0x1c172e5ea71dbae0L,0xf7794eb19b80bf40L,0x3007c5705d7d2829L,
-        0xa8d44d6fcc97cf00L,0x093a9784f6abea6bL,0x2ac4a67564cca46fL },
-      { 0x14fcc56350d8fc8bL,0x53133983a11ccd07L,0x7cf09bf68e6b8f26L,
-        0x49f864d57b06e3adL,0xd526a765c373fc6dL,0x7af297c6151305d5L } },
-    /* 31 << 112 */
-    { { 0x18f941bfcf7c1eb5L,0xda10720a130163b7L,0x3c4894f46bd9bb34L,
-        0x7575087bc8ca64f1L,0x68c424852c8f3798L,0x986214eecf0e5839L },
-      { 0x3723b713df2b0b90L,0xd81560d5d229bf8aL,0x0204ae5ff993078eL,
-        0x55206d9186a14833L,0x8c7d09181557fc96L,0xe2cd5dcdddba9705L } },
-    /* 32 << 112 */
-    { { 0x009ef80aae238fa1L,0xb41d9b24486af6b5L,0xab4455ed685add95L,
-        0x18f323f672c7dac8L,0xe7009790e372f168L,0x4d5bcba6067bea99L },
-      { 0xf15bdbcc51a2a9a9L,0xde7e4f742fac9169L,0x2fd62c304bdbec36L,
-        0x8b3ea93d1b3ac6c7L,0xce1c8e5c9c293889L,0x19664dda11564f8bL } },
-    /* 33 << 112 */
-    { { 0x207a738245406afaL,0x7c1c398d1675bc91L,0x2ae99d8ba1bb7a43L,
-        0x63f134e8c5e176e5L,0x4a624a1c48364268L,0x471974f1de65c5deL },
-      { 0x44932063ea90b0cfL,0x13ba5019d8fd7e30L,0x6281f71348510422L,
-        0xdaba3f14bc1a523aL,0x333e5eff924cc5cdL,0x861ab150e9113d1dL } },
-    /* 34 << 112 */
-    { { 0x332d308dd9b9461cL,0x3e9b4a95b7014261L,0xc557f608c2beeb5cL,
-        0x9ee927187c8531d6L,0x55ff3dfcc0002ff0L,0xed96119eccd9b325L },
-      { 0xd779ba03fb92416bL,0x63b75d351416be79L,0x793cb1fbfc9ad27fL,
-        0xcc762a5b87f1bc59L,0x6e7a23389bbb07d8L,0x99b6e278aa7bfa44L } },
-    /* 35 << 112 */
-    { { 0xeb142de02bcce03eL,0xcac04711577565e2L,0xa949c7350ab07328L,
-        0x8f15874cd7d347ebL,0xade8c67a696dc9f3L,0x039e6b7c66a7bcadL },
-      { 0x1260bd4acb8cb9d2L,0xdbf05496d4801bcfL,0x6b37a4d30ffb845eL,
-        0xc3968fe150b50889L,0x261e82f4525c6a7dL,0x539f634912aad50bL } },
-    /* 36 << 112 */
-    { { 0xcb1a9d2ceae4d774L,0xfdec2ca998a0775cL,0xa538acbd0eab9e25L,
-        0x6901ebfd04dd34b0L,0x998ab679ed4c6409L,0x69b1d7ee0235b865L },
-      { 0x4f2e6e5723ac3be6L,0x2b2072aed4a00479L,0x5c12fcdc2ce2f059L,
-        0xfc688c45ac329db8L,0x16d377a51f539427L,0xebe4e2cfa08ed9aeL } },
-    /* 37 << 112 */
-    { { 0xb394214715d60238L,0x60d8909bbe9d4febL,0x013827b78654e16cL,
-        0x465b3078824fc55aL,0x361e6523e3fcd6c0L,0x2ef44d80ef88b307L },
-      { 0xdca7809fbeb2db77L,0xe649d591da97468aL,0xad6079b77c28ff0aL,
-        0x6a21ce1ac4897775L,0xde876f7b5a592fd5L,0xced421a585a1dd36L } },
-    /* 38 << 112 */
-    { { 0x9793bdf6a045a442L,0xdb3c60472713ed37L,0x9929d32261344a0bL,
-        0xfb48c2dc831af45cL,0x730226df53a8a077L,0x3a5baf8a18876559L },
-      { 0x99736e7d8e11f9edL,0x3e7663dd0c09dddfL,0x368a29ed89b8a23dL,
-        0x5443d7f5d3a68663L,0x0b84b464c6302455L,0x235c6eb5cf088847L } },
-    /* 39 << 112 */
-    { { 0x13307013b8de0a3aL,0xfb10e919f592fd9eL,0xd09e5b2571401ec7L,
-        0x6e8091c11d94cf0aL,0xb7d79fc74193b129L,0xb842a3695f2c05e5L },
-      { 0xcf6fc6cbccdc7614L,0x77d6408180102a3aL,0xde4b9304f30c3488L,
-        0x4fd9f8d89bd08e48L,0x58ac01245963b063L,0x1f11335c747fac66L } },
-    /* 40 << 112 */
-    { { 0x5f266f13175418b2L,0x6bd7a86903a626f9L,0xc7b532304a6f11caL,
-        0xa216b056bfc8ccedL,0xa274d5d8b288cb7cL,0x6fc4a35d924897adL },
-      { 0x1ea532eb81fc6940L,0x2fcd817e2acbbc45L,0x45eee93f67814fa3L,
-        0x3b3da48c1229e035L,0xd049a976efd8e3d7L,0x8087dff7bf81f314L } },
-    /* 41 << 112 */
-    { { 0x9ccd802fbddea807L,0x08a64e86d93b97f6L,0x422c0f5602f04e3cL,
-        0x25aecab133900990L,0xcdb2c5c15d4b4d2fL,0x849a6b1f5f43e42eL },
-      { 0x4689b815446e7361L,0x49abaf6ca681fba0L,0x304d84b18289a564L,
-        0xa6529d430b779df3L,0xca926da67b51b195L,0x3640dde5c829ae84L } },
-    /* 42 << 112 */
-    { { 0x747235495424e1d0L,0x3861ae65c85af64fL,0xc56ff12baab902c2L,
-        0x9aeb9e154fbf264eL,0x14e3c13942ca40d2L,0x6c26da41c1ba0250L },
-      { 0x97a6031df51a0967L,0x88fea7710e623393L,0xcafae4c778574eefL,
-        0x2c4c281198119f28L,0xd190fc749276d971L,0x843f4baf9273f01cL } },
-    /* 43 << 112 */
-    { { 0x1b2d643de50ad79dL,0x1ceaee7ed3075486L,0x13a003f3ec287aabL,
-        0x09a4a825e8c7aeddL,0x93babe5ad1d4c05cL,0x8115bfec95ab084cL },
-      { 0x629e8e0a289ebb8aL,0x923167a9bd992f77L,0x440edf75ae16ce72L,
-        0xa67dd37b0a0019d4L,0x174b341978b0df8dL,0x010746a5ad6e4c60L } },
-    /* 44 << 112 */
-    { { 0xed05e4bf8342da4aL,0x36d881f3b565f0f2L,0x3fbd04e1411e627fL,
-        0x40ac13cb0411889aL,0x9f6006cab5b25fd6L,0x0e79d377e31404ccL },
-      { 0x9fd6474a5af3ea01L,0x89d7ddcb2a27d905L,0x2c1beebada12e71dL,
-        0x3ecb11e1833eb7deL,0xa348b2f6600eb1faL,0xc227192183f2657fL } },
-    /* 45 << 112 */
-    { { 0x2cfaf519e32ba792L,0xa99113d7f929b512L,0xd347f7d18f554e19L,
-        0x18f0374f098a2ad8L,0x073855acc174e0b9L,0xf155c6c009324c23L },
-      { 0x3388c39605d1e427L,0x144356a9d39221d1L,0xe3d4ffed492a84adL,
-        0x519c65e6d1e53c29L,0x334f470a2813c717L,0x69aa0a1de0a400e7L } },
-    /* 46 << 112 */
-    { { 0xd8689c9c39e70b62L,0x2b87157e6cd86fe6L,0x53d55de887c0f35dL,
-        0xb2d7141de09aa44bL,0x3499553084fe7c21L,0x4550096c16b19be0L },
-      { 0xb0a8ce05b856dac0L,0x570223450e211887L,0x8d4a7431aca17401L,
-        0x96bf439857400a0eL,0x1e849d365ffd5f34L,0x7e70f6253a6d23acL } },
-    /* 47 << 112 */
-    { { 0x511ad0024b4ecd64L,0xd2287a28f37bf796L,0x801d2c2dcbc1f22dL,
-        0xf0d3a6944df568c8L,0xa7fec550af6836b0L,0xa27dd6e887a426c7L },
-      { 0x2f730e5b59c6b695L,0x9df438ee93ee2b36L,0xc4def9eaf2cfc4c6L,
-        0x82ddcca0a209814bL,0xb2e1de4f6dc916d3L,0xc6798e7453f81a55L } },
-    /* 48 << 112 */
-    { { 0x77faac22bd366155L,0x13cc4038282f11b5L,0x31ad1dd45fbd35abL,
-        0x7e0de9da45d6d40eL,0xa16c5f1939749ef6L,0x761cd6cf85691cf2L },
-      { 0x156536ad4d59b802L,0xee98dc4187c4b11dL,0x165a1eacd35088fcL,
-        0xce8a733538fb995cL,0x34d0d3313293b3a5L,0xfcf548ca8b570e79L } },
-    /* 49 << 112 */
-    { { 0x4c4bddca99e8cb05L,0x2b900ed017c5be91L,0x0ba0201b40adbfc1L,
-        0xb5098cf8534595ecL,0x356e23ff80f56f69L,0x8b3fa12e748555a0L },
-      { 0x9063437677b8ebdbL,0xe3eb33fdf040b6a8L,0xcc5b699539b611ceL,
-        0x20171523c693be7eL,0x5c4364d760849cf0L,0x30f3376372c4d303L } },
-    /* 50 << 112 */
-    { { 0x0757295022a8c8e0L,0x6e05715866ca81ecL,0x7e8e36890f804bc9L,
-        0xcba813a191b99207L,0x3f11f7abe50ab65fL,0xaefe5479b6d05954L },
-      { 0x48dd59a1eff5cf18L,0xa623b738bda11ecdL,0x586e755818870f08L,
-        0xb2c471a50e38ba1aL,0x5b21c42c69ce8032L,0xaf040e6c7943d78eL } },
-    /* 51 << 112 */
-    { { 0x6364714c4852f979L,0x7ed7aa310700cd35L,0x9021e46d9376733cL,
-        0xf2b65ed3b6de8d03L,0x0e3d00c16652346cL,0x6630fcb75d27e2d0L },
-      { 0x69cc20ded79a1c20L,0xa6d77163be3745e6L,0xab36946379aacf14L,
-        0x8bdffbf1b935a1daL,0xda8eb343b63096f6L,0xf61988f13c966345L } },
-    /* 52 << 112 */
-    { { 0x06f684ffd31f390eL,0xa1467be560ec98a8L,0x7cbdd03eaa80fddeL,
-        0x0ae4d114e204ded1L,0xb8ebeb29a004c3e2L,0xd93cd70726009581L },
-      { 0x3ff2ee49f1b9d3ccL,0x0e69e5ac753526ccL,0x8cb2243e8b13f47bL,
-        0xe2c5ae8d7fbfc5aeL,0x8e9af723394a45d8L,0x0b1114dbd92ab8d0L } },
-    /* 53 << 112 */
-    { { 0x937d9d2a73f9ff5bL,0x07c8c147de0fd740L,0x3880ead73639b680L,
-        0x879d6f836558cc89L,0xf32e14b975bc8c84L,0x278ea5e4bcf6f8cdL },
-      { 0xd9f25ea94baca6cbL,0x676e4bdd44d0ceb2L,0x98042ac190868974L,
-        0xdf227f370711b658L,0xcd6d29b46ef0e4f8L,0xd04f5bf88f817e92L } },
-    /* 54 << 112 */
-    { { 0xc7d62be78354f4ffL,0xd6fd9d590ac4d9b6L,0x13fbed772b50ab82L,
-        0xc4c5be374362b766L,0x5d67bfdd6c59d059L,0x10c93cceac02f34cL },
-      { 0x3bec1f3b72e35ca4L,0xb1cfade159f4820bL,0x679edbcf80fae051L,
-        0x6762f5ba6671737cL,0x28b425db3fe77970L,0x4bd6d2ebe778aaaeL } },
-    /* 55 << 112 */
-    { { 0xdcbe0018aecd5ae8L,0x7f178b7aedb2a7b0L,0xedb5c805b427179cL,
-        0x25fb6a084ba080fbL,0xeb6365165f1b263dL,0x814c520092acb04aL },
-      { 0x936f97a988d94b88L,0x6d54f1768b45e4b7L,0x6321e3bdb0cc515cL,
-        0x9118d0318eb5be13L,0x5be9188a8c574e96L,0xcdad43f3f281f19dL } },
-    /* 56 << 112 */
-    { { 0x7be5946ea85af34aL,0x420593c9da6fb0e0L,0x40b83c00987f9246L,
-        0xac35f4e9a15d192bL,0x1979bd33776a678cL,0x0a7d973e8f6068d3L },
-      { 0x71d322e87e6298feL,0xbb23a29936af9b65L,0x14e2b9706644c50cL,
-        0x5f7f207373570bd3L,0x40215c569055538bL,0x91372e64365500c9L } },
-    /* 57 << 112 */
-    { { 0x2763961a303ef488L,0xc357c32fbf865ec3L,0x32ca1a943663e409L,
-        0x9d9040217de506a9L,0x1f56e144249028bcL,0xd76402e61c5c7cecL },
-      { 0x98dcac65b0dd9d4fL,0x887f6e97532facf6L,0xc0d5d2a123c2cfbeL,
-        0x0566bd59d18d8b1aL,0x67404eb1297a071eL,0x10f24d9b26529285L } },
-    /* 58 << 112 */
-    { { 0x34808f5ca479ef4eL,0x60effdea9ff10abfL,0x471a077cdae34e0eL,
-        0xf34df9562f9d1408L,0x4f8bbffbe46961b7L,0x6a80b0276336a6f4L },
-      { 0x28e57309ca92e5dbL,0x27fbb139ce31cb10L,0xcea87ae28d24334bL,
-        0x3781f438de6db765L,0x3328fc09edaf054bL,0xa8acdbcfa94396f8L } },
-    /* 59 << 112 */
-    { { 0xa05b72aa83a79820L,0x3210863ccdeeaedcL,0x192d5fdcb76fdabbL,
-        0x25ec4568f10c17a7L,0xbd51e31fca556920L,0x8ab534f26a7e40f7L },
-      { 0x2ecb28c041145d5bL,0x4e95843df9038557L,0x65605d17d783699cL,
-        0xf728cb1178bddf7aL,0x2d823ae8bee2a60cL,0x02030edb8eb48325L } },
-    /* 60 << 112 */
-    { { 0xfe517758aa04facfL,0xa5216df44c421615L,0x4d87767d4f133b52L,
-        0xdae81b7699757264L,0x53c1a0e3e3ad4323L,0x2c565bbd53b401bcL },
-      { 0x94d2354fcd54a0e1L,0xf43d0f053f1a02a7L,0x52e7ee4af660b949L,
-        0x563ec009bc208df4L,0x58c0b975bf21c4b1L,0x29a8e5adeb029e52L } },
-    /* 61 << 112 */
-    { { 0x4c07b3e4283bdd75L,0xcd94d2a385dd6177L,0xc1ab8a5cab097530L,
-        0x90301468a5fd9ff7L,0x2a3e5b4064d0932dL,0x77e3b67e435e1c0fL },
-      { 0x3b5d261c14f7bb4dL,0x1d67a760bab7bfc9L,0x507aad46d799621bL,
-        0xf44567b5f4f3c3b9L,0xfaa97a3eae2bb6b2L,0x7d373b163594e2c9L } },
-    /* 62 << 112 */
-    { { 0x29ef2da9a15e6ea0L,0xf411e20dcd168689L,0x34944975049a4b24L,
-        0x0effc2dfe035cd24L,0x5d77178b0a954cf7L,0x3504bc357ab2d8c0L },
-      { 0xc3405000ec32219cL,0x00442630421a5a3cL,0x0548505c7f49819aL,
-        0x6bdb281fc805d0e8L,0x03cb57ac97484e09L,0xcf0926da58a14cc1L } },
-    /* 63 << 112 */
-    { { 0x0715055cc85610a7L,0xd2642935fa6ca505L,0x87ef95128c361749L,
-        0x89cd669a8c8156d2L,0x5cdcd266ed60d7ceL,0x99ccc96df59fb53fL },
-      { 0x82400f4655df7f73L,0x2b6aa1d9af34f742L,0xa6cbca79c398aa8eL,
-        0x7697bdea02b7325eL,0x1cb036b94fde4a79L,0xfe11ff96307fb964L } },
-    /* 64 << 112 */
-    { { 0x6a3a23279af0a75cL,0xf832a8159f1f250dL,0x17030c3322a82d3fL,
-        0x24bf18ea14cbc835L,0x319dc4cab2da2727L,0x481df3606d020d4aL },
-      { 0xaeebdd8a7fc22ba5L,0xbd0515c6a91e28abL,0xfc8a2978595f361dL,
-        0xe60dd96c1ae8fa3cL,0x19c2109aa5341575L,0xfd6e92bb06a0ee48L } },
-    /* 0 << 119 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 119 */
-    { { 0x2e32f896cde5e785L,0xcd55ae7ab9db8f31L,0x278db1ad8f832885L,
-        0x271d9078adcbd933L,0x2208fae34a64f863L,0x974046e039c89365L },
-      { 0xcb46f272b3cd0cd3L,0x31f34e1a74e59edcL,0x3421d316edd50418L,
-        0xb1d8a064cabe36edL,0xdb13e560362efcdaL,0x567c2b6cc71eb3eeL } },
-    /* 2 << 119 */
-    { { 0x2af8ed8170d4d7bcL,0xabc3e15fb632435cL,0x4c0e726f78219356L,
-        0x8c1962a1b87254c4L,0x30796a71c9e7691aL,0xd453ef19a75a12eeL },
-      { 0x535f42c213ae4964L,0x86831c3c0da9586aL,0xb7f1ef35e39a7a58L,
-        0xa2789ae2d459b91aL,0xeadbca7f02fd429dL,0x94f215d465290f57L } },
-    /* 3 << 119 */
-    { { 0x94c3938b4c9324feL,0x0dea07003fe78a0eL,0x57ab9daa019e7dc6L,
-        0xb0d7b14a9925b79fL,0x3c9a638b937a5daaL,0x3b14fd0de62943adL },
-      { 0xbaafb635ed3ae4b5L,0x3060a090b2bcfaa2L,0x389d9e7f7aa8f217L,
-        0xd7f987c6e9310a65L,0xec0927f993b69c0aL,0x9335e9102381a247L } },
-    /* 4 << 119 */
-    { { 0xc08550024b950889L,0xee99dbfe8ce24da0L,0xdda71d964318e860L,
-        0x01d3d39604fe9b85L,0xda4bc065e25e7e20L,0xd3a50b87e076c81cL },
-      { 0x5b9f821931e5f494L,0x6a140527a6a1b821L,0xf52683e4d8dd159bL,
-        0xca9c888720b18043L,0x73c040fa08a0d8f5L,0x92e482e8179525c4L } },
-    /* 5 << 119 */
-    { { 0x8b9f650f3e776590L,0x41ba807f47703a5dL,0x8cc1a550fe907078L,
-        0xd70cb76c8f00b84bL,0xcaee21566f3e6780L,0xfd6a51f595c2d03eL },
-      { 0x2c897c5556ffa08fL,0x08589a6563d13d54L,0x6a1eed4287bbacf7L,
-        0x66aed4f5ee709d78L,0x67c925bf1178ecabL,0x6870f4c8a29cf747L } },
-    /* 6 << 119 */
-    { { 0x37ed2be51cfb79acL,0x801946f3e7af84c3L,0xb061ad8ae77c2f00L,
-        0xe87e1a9a44de16a8L,0xdf4f57c87ee490ffL,0x4e793b49005993edL },
-      { 0xe1036387bccb593fL,0xf174941195e09b80L,0x59cb20d15ab42f91L,
-        0xa738a18dac0ff033L,0xda501a2e2ac1e7f4L,0x1b67eda084d8a6e0L } },
-    /* 7 << 119 */
-    { { 0xe3a67b2d5e12e708L,0x3a4772e2ce48f234L,0x78f9dbc334794271L,
-        0x9880053a3e6a61e7L,0x031c30b87c0f6e59L,0x8113df6cf7b972f8L },
-      { 0x3625bdce18ee148cL,0x72c2b8efdb885158L,0x4c73c80c9a7f0df3L,
-        0xbc2dd8a507b92470L,0x5a33e4dfdb005677L,0xc699cf5ea5ca9dd3L } },
-    /* 8 << 119 */
-    { { 0x3a828904a4d2313eL,0xbf4946b192e66888L,0xc574898ae5fa19d2L,
-        0x0b13dbb65e1c5fa4L,0xf11343ba7c390fc2L,0x35b1418fd7d32187L },
-      { 0xc92cb1bb83e7fe7bL,0x0b969455d78365c4L,0xda69dfe5672f2af7L,
-        0x9c62d7b430932441L,0x165672ad94af02d6L,0xd2cc734dcde81c22L } },
-    /* 9 << 119 */
-    { { 0x6353420218d07dd6L,0xc7c0c8f128a3cb4eL,0xa41d4c55d7929131L,
-        0xf1aaab3445d21f63L,0xd69a59545ec3e9feL,0x209732c1b8ddea2fL },
-      { 0x368b9c59e1936916L,0xb011c662ab1f8585L,0xcce30a25474e57b4L,
-        0xb79c76df7049c61dL,0x984739950ccf165bL,0x7c6f4ab40ce897baL } },
-    /* 10 << 119 */
-    { { 0x1d27efce1080e90bL,0xa28152463fd01dc6L,0x99a3fb83caa26d18L,
-        0xd27e6133b82babbeL,0x61030dfdd783dd60L,0x295a291373c78cb8L },
-      { 0x8707a2cf68be6a92L,0xc9c2fb98eeb3474aL,0x7c3fd412a2b176b8L,
-        0xd5b52e2fc7202101L,0x24a63030f0a6d536L,0x05842de304648ec0L } },
-    /* 11 << 119 */
-    { { 0x907d88035a8432bdL,0x89232a5a2638fe30L,0xa120eecbe2089014L,
-        0x3a5208cb5a2c9e97L,0xe163d29a3449eb4eL,0x3df984530eaba88fL },
-      { 0x55d3b9afa1547443L,0x316aae18f2a60ceeL,0x64d0fd30d6e11a5aL,
-        0x65de345808ef6002L,0xcede56fab4a3d1deL,0xa5bfa8d9a4bc1588L } },
-    /* 12 << 119 */
-    { { 0xd45e350133f4d416L,0xbb40233a4bf9131eL,0x1532a088e302483aL,
-        0x3475e8b82c2485c0L,0x08f9ea56969cdbe6L,0x31928645253cd738L },
-      { 0x1cf323a4ac9836beL,0xdf647ccf02b6e4deL,0x9a31e84fc06f3d09L,
-        0xd326b86e39efe6d9L,0x77e3e1df14ac4decL,0xf2d5917af3e0c582L } },
-    /* 13 << 119 */
-    { { 0xf88238f1376216b2L,0x8c7522db7d15f653L,0x50aa7a74a21f74d8L,
-        0xf7a964c8bc9e1a0cL,0x33ea64251387ca6bL,0xda84fe74e7be16a6L },
-      { 0xdf0462d727867aaaL,0xeb7f0ab8ae6be1b3L,0x21abe5a5d9bdec8bL,
-        0xdbb99199ac4bed1bL,0xf65c19d935d13c0dL,0xf966e22e4df74056L } },
-    /* 14 << 119 */
-    { { 0x67477cdc30577ac9L,0x51dd9775244f92a8L,0x31fd60b9917eec66L,
-        0xacd95bd4d66c5c1dL,0x2e0551f3bf9508baL,0x121168e1688cb243L },
-      { 0x8c0397404540d230L,0xc4ed3cf6009ecdf9L,0x191825e144db62afL,
-        0x3ee8acabc4a030daL,0x8ab154a894081504L,0x1fe09e4b486c9cd0L } },
-    /* 15 << 119 */
-    { { 0x7b4e65ebae4219adL,0x2e424c441184a0d3L,0x10eeb898d32e179bL,
-        0xadf05e2d8afa9a6dL,0xecd6c18bbeccd5f1L,0xe592115c39ac53e8L },
-      { 0x9ccf231ac8c7b9b6L,0x1848b4fe678774bcL,0x2050856386782b91L,
-        0xb7caf7cc74dc6018L,0xe80805485cf9273aL,0x9609897b246b4851L } },
-    /* 16 << 119 */
-    { { 0xe92b56c002cf37fdL,0xa75bbcb0f71b34deL,0x7754d0ef50f5c482L,
-        0x850a9ef611fa89feL,0x97d74b1bba4ea7d8L,0xfc757c25aab7ba2eL },
-      { 0x06f30ab0f2a67fddL,0xb10aba1412e72af8L,0x47580bca7a2e053dL,
-        0x85795598dcf0e14cL,0xc3596781d6f55310L,0x8ab251b74c9b7e18L } },
-    /* 17 << 119 */
-    { { 0xdc56cff85279e5cfL,0xa33a6765fdbdf1adL,0xc122c0eee5077a4bL,
-        0x44c3b190a98ab643L,0x334a6868b991d197L,0x598bbf185d6a0488L },
-      { 0xd028bfdc5a0e6f96L,0xfd1a37f5e11c57b6L,0xe1240a3003f82183L,
-        0x6afae98c390d8536L,0x554a42dcc244b181L,0xa3d422d75f4cb4b6L } },
-    /* 18 << 119 */
-    { { 0x512f82f9d113450bL,0x5878c9012dbc9197L,0xdb87412be13f355bL,
-        0x0a0a4a9b935b8a5eL,0x818587bdf25a5351L,0xe807931031e3d9c7L },
-      { 0x8b1d47c7611bc1b1L,0x51722b5872a823f2L,0x6f97ee8a53b36b3eL,
-        0x6e085aac946dd453L,0x2ec5057de65e6533L,0xf82d9d714bb18801L } },
-    /* 19 << 119 */
-    { { 0xf113abe17d48bfe7L,0x51d77fa5213facecL,0x27bb373f21269089L,
-        0x31e9850e7b188989L,0xd20a15f41d50a1c6L,0xb4887ed9d9746367L },
-      { 0x8920a7e2325f19c5L,0x691352358ad74492L,0x713d1471d19a76a2L,
-        0x952cb9e5873ab310L,0x5b359d1ffa8eb8cfL,0x55aab5ad8b9c9e7cL } },
-    /* 20 << 119 */
-    { { 0x4ab138504dbb8798L,0x0e7980d772d04cd2L,0x1755c5660b3271c6L,
-        0x8414efb09d9d1468L,0x61a586301795ce66L,0xb6a8b393232924a1L },
-      { 0xa992f0ceae031bd6L,0x6747fb5f2915acc1L,0x03daa26693e9c0d2L,
-        0xc18fa3645400d554L,0xaf04ff8d9497e895L,0x86c3cfc250b6b339L } },
-    /* 21 << 119 */
-    { { 0xdf26f6605b26122cL,0xeb6c188c4d6b80ccL,0xae2efe59ccec172bL,
-        0x5cdcd958f3f7d693L,0xa2ac2594c5f993f0L,0xb96ad8cf3f7cb591L },
-      { 0x7e2f88f8446abbabL,0x3d1a5eb6f6051f2bL,0x7d882e82ad6f49daL,
-        0xe32918e3c4e7bbffL,0x442a32789be81150L,0xa1d34da1bd14557eL } },
-    /* 22 << 119 */
-    { { 0xad81fa938ba5aa8eL,0x723e628e8f7aa69eL,0x0ba7c2deef35937cL,
-        0x83a43ec56decfb40L,0xf520f849e60c4f2dL,0x8260e8ae457e3b5eL },
-      { 0x7ce874f0bf1d9ed7L,0x5fde35537f1a5466L,0x5a63777c0c162dbbL,
-        0x0fd04f8cdad87289L,0xca2d9e0e640761d5L,0x4615cff838501adbL } },
-    /* 23 << 119 */
-    { { 0x60c7e16cdf66a95cL,0x25b1078d5d0bd644L,0x77f8d872bd933e31L,
-        0x5c4c382de2e1536cL,0x5b3b37c09295ee0dL,0xf94698d4ecce42b6L },
-      { 0x947ef80c4db8f2c7L,0x34661f7dc70dd82fL,0x17b288a7f2311006L,
-        0x1f1171a66815e1caL,0x0f71f66ce80d6235L,0x858c665a87fa5a59L } },
-    /* 24 << 119 */
-    { { 0x376b2a7f04e1e6e3L,0xea0dcb70a31774b4L,0xfc7fe4cc5cbdec2eL,
-        0x8568499df03f459eL,0xe9fd8fb28b78900eL,0xd33c6e30e431bf97L },
-      { 0xd904b8f5c896e766L,0xa8f577cf82748cefL,0x93dd921b87e044b3L,
-        0x23d79837f76eebe9L,0x5e0a7493e569feebL,0xd0797549414dddb6L } },
-    /* 25 << 119 */
-    { { 0x9bf04f567781556aL,0x30be1e8953ebf7c6L,0x6f4899cf713fe432L,
-        0x4f641fb7c9ef741fL,0x03560819002cc010L,0xfa51f8f7b4bbd339L },
-      { 0xe09c5ef77f1dea5cL,0x39cb20d97255fec5L,0x407746862ea38859L,
-        0x68ca598ecd7a29f3L,0xb8025dd67a9db4d9L,0x4feaeeaed9dfe491L } },
-    /* 26 << 119 */
-    { { 0x9422789b110b4a25L,0x5c26779f70ad8cc1L,0x4ee6a748ec4f1e14L,
-        0xfb584a0d5c7ab5e0L,0xed1dcb0bfb21ee66L,0xdbed1f0011c6863cL },
-      { 0xd2969269b1b1d187L,0xf7d0c3f2afe964e6L,0xe05ee93f12bb865eL,
-        0x1afb7beeed79118eL,0x220af1380f0fe453L,0x1463aa1a52782ab9L } },
-    /* 27 << 119 */
-    { { 0x8cf42aa26b99ca6aL,0x696850242f091dbaL,0x9d887e6ad7d3270aL,
-        0x627754fd5c9b735eL,0x3b8735a811d95df6L,0x74debd8b52443251L },
-      { 0x1f8dd5b66181583eL,0xbd0ca92c8b570a9cL,0xc373a61a71ae3274L,
-        0xf4b2c88d1c4c16cdL,0xd3e6ec3baf33efabL,0x8c54d2721bf6f0d0L } },
-    /* 28 << 119 */
-    { { 0xfd9e3542bfe5b1a7L,0xb42d2a4175938ceaL,0x74688a153befb760L,
-        0x8daeeaa22e33dbe7L,0xc9c1ea083e677801L,0x68ecf4e434effe1eL },
-      { 0x927700ccd294c321L,0x9e2e723de940afc5L,0xbcfac07a7cf6cd43L,
-        0xa009ef94d1006bc3L,0xa02016b0373d13e3L,0x4e097adbabae5822L } },
-    /* 29 << 119 */
-    { { 0x7535175d48752720L,0xf51086ee850bdf07L,0xce322c33cb4c3f4dL,
-        0xd863f7edb28965fbL,0xfe46a4e9885e4afaL,0x58b5c871136d7ddaL },
-      { 0x126eddaf6ed07824L,0x084ce962844fcbb8L,0x9ac0787157dfb4c5L,
-        0x97451fcc4d6b5910L,0x9f14b1ce0843c9c6L,0xf737f6c0a0e18596L } },
-    /* 30 << 119 */
-    { { 0x7c139d56d7dbe5f9L,0xfc16e6110b83685bL,0xfa723c029018463cL,
-        0xc472458c840bf5d7L,0x4d8093590af07591L,0x418d88303308dfd9L },
-      { 0x9b381e040c365ae3L,0x3780bf33f8190fd1L,0x45397418dd03e854L,
-        0xa95d030f4e51e491L,0x87c8c686e3286ceaL,0x01c773bf900b5f83L } },
-    /* 31 << 119 */
-    { { 0x0028dcae855a0b90L,0x74c1e36026f0d718L,0x34f80e3ca059f144L,
-        0x85b5d8e3f2bfe1b4L,0xe124601f453de099L,0x8b164ad6221b3efdL },
-      { 0x636f45ebbe004ab0L,0xa23093e99f231a8aL,0x48e05e8e2287b992L,
-        0xefec5e5b4477cb8bL,0x45a65afa8ba0231bL,0x92d38bd88b1af6baL } },
-    /* 32 << 119 */
-    { { 0x8db8b78cc898b8bcL,0x686896da502940cdL,0x67e50f022dde2e3cL,
-        0x2e2461f38cbf406cL,0x32182781e1f7ff60L,0x26934b05e30e2688L },
-      { 0x95adc204fc4494f6L,0x4c7f30c5161b7499L,0xd5caf060b7341737L,
-        0xed93187fd128d46cL,0x3f2819cb20fc1e04L,0x48c4086f2b7f70a1L } },
-    /* 33 << 119 */
-    { { 0x45693c00a92ca9faL,0x046b218d63bd525dL,0x40f1d6cc6b1d6a68L,
-        0xfc5807c5c54dc1f0L,0x2875d4d98b5690f6L,0x7a753543d0f72a83L },
-      { 0x01f2c35ae28b5309L,0x38fb5f121bcef323L,0xd6ea6896256a9bffL,
-        0x4380fb2c44d65badL,0xb587d641c3556fb6L,0x74c5ec1905167f32L } },
-    /* 34 << 119 */
-    { { 0xdabe347578673b02L,0x4f0f25cef6e7395eL,0x3117abb9d181ad45L,
-        0x4b559f88aa13de0bL,0xfd8efe78ea7c9745L,0x080600475dd21682L },
-      { 0xc0f5de4bd4c86ffcL,0x4bb14b1ef21ab6a2L,0xacb53a6cf50c1d12L,
-        0x46aac4505cc9162eL,0x049c51e02de240b6L,0xbb2dc016e383c3b0L } },
-    /* 35 << 119 */
-    { { 0xa1e3cb2255b7f121L,0xc9183b13dd01db7dL,0xfe26aa801469dae6L,
-        0x7318df7fd9ecfe2bL,0xade0a24d56dd4acfL,0x6e521c2222d1ba14L },
-      { 0xa039800a40afa1deL,0x9c7da49d5c6af72aL,0xf7ae921cd3fcc7c6L,
-        0x76af2407dcab63e2L,0xdc1618dbb6dd49ceL,0xebc65c4d362cc88bL } },
-    /* 36 << 119 */
-    { { 0xd847939132202bd3L,0x1dacde87d6631ac1L,0x99d2e71f905a94f4L,
-        0xd3c21f5a7e67dd7fL,0x3605c28e3c43cf23L,0xb6cd5ac74d3b3070L },
-      { 0x8bf748ba246298d7L,0x9e939fbd0f053664L,0x3bb3e7b8cc303783L,
-        0x359bd3e56189c417L,0x299d0ce1f609ae34L,0xd7221cc7b9ca801dL } },
-    /* 37 << 119 */
-    { { 0xb7c823506b73c5a6L,0x7fea0d95fefee640L,0x6d5dd775f68b6be6L,
-        0x4a5576147cbfa333L,0x6cad79c2fcd9b17dL,0x49aec3d405c4dd35L },
-      { 0x3b1f3754c3792470L,0x351ef2ccbe00cffcL,0x44a248916a71f45eL,
-        0x1e7a6013b8640d08L,0xf0f476154efcd556L,0xc82171444fe15dd3L } },
-    /* 38 << 119 */
-    { { 0xa3c56ad28e438c92L,0x7c43f98fb2ceaf1aL,0x397c44f7e2150778L,
-        0x48d17ab771a24131L,0xcc5138631e2acda9L,0x2c76a55ef0c9bac9L },
-      { 0x4d74cdce7ea4bb7bL,0x834bd5bfb1b3c2baL,0x46e2911eccc310a4L,
-        0xd3de84aa0fc1bf13L,0x27f2892f80a03ad3L,0x85b476203bd2f08bL } },
-    /* 39 << 119 */
-    { { 0x85f9b301218642acL,0xb3f3b36f8728ef66L,0x4a833bea2ebb8181L,
-        0x7d3bca9d8541a662L,0xd3be6d0ac5a0ecffL,0xaf52a2a9528da950L },
-      { 0x4b431910131f72caL,0xe2708d36933d5550L,0x195340a469abf146L,
-        0x84ca66e4e4e2e131L,0xd9402ca7e16c39bfL,0x5beedce343ca6041L } },
-    /* 40 << 119 */
-    { { 0x87c5915395523a22L,0x56686f525ac5146eL,0x9ec69ec718ccf766L,
-        0x13f36d4ff6e21a4aL,0xa0841e94098691f4L,0xbd9d52d2bd91dd2eL },
-      { 0xa8765981b3fa43eaL,0xb0cd17cd600b9761L,0x02dd9d71b5abe842L,
-        0x63df33a63689a53bL,0xab4b85bb9d9baad7L,0xce2d31c1eb74e549L } },
-    /* 41 << 119 */
-    { { 0x8d69a654f2472426L,0x91a4b6a3ff7aeff0L,0x51dd8e76fdcc7cb4L,
-        0x5f7d42a273731cd7L,0xc127401aa99c9d9aL,0x8ede9330c92561d7L },
-      { 0x86057a56784c3cf2L,0x8afcf32cb5a7755eL,0xa0a5b561c71cd3d9L,
-        0x0a5d805e36d3f5a4L,0x25a39acd7432a384L,0xd574a6b7b226e9ecL } },
-    /* 42 << 119 */
-    { { 0xab1cb818567af533L,0x273b4537bac2705aL,0x133066c422c84ab6L,
-        0xc3590de64830bfc1L,0xea2978695e4742d0L,0xf6d8c6944f3164c0L },
-      { 0x09e85f3dc1249588L,0x6c2bb05d4ec64df7L,0xd267115e8b78000fL,
-        0x07c5d7aec7e4a316L,0xcb1187ba4619e5bdL,0x57b1d4efa43f7eeeL } },
-    /* 43 << 119 */
-    { { 0x886e3f30b29f5916L,0xa419d2c6625f29a0L,0xb4f89fc49bf07dc4L,
-        0x86c137a1a165ed88L,0x6fa241a9e5d6280dL,0x08be9b0cd11576f2L },
-      { 0x5735aeb7e376b03dL,0xf4639e6d182ce9b9L,0xb6948499cc688f57L,
-        0xfde146636552009eL,0x3eeeae350a2e8553L,0x50447f1b659dfe2eL } },
-    /* 44 << 119 */
-    { { 0xefccd67ed15c33c0L,0x33393846146d5e96L,0x015e97da9ca7354eL,
-        0x729b69bac143e795L,0xd4440ecfd4c5d0e2L,0x78c042bb697a80e7L },
-      { 0x9361ad1d08602f75L,0xaa354166af489794L,0xe60e5a274966d3cdL,
-        0x8346995e2394f9f3L,0x2de33256590f6a15L,0xb14427bb43298ac1L } },
-    /* 45 << 119 */
-    { { 0x38fee83a74680d2cL,0xd8019e5c0e700c8dL,0xcfaf5614475da1b8L,
-        0x11893fc58f0159e3L,0x4c101127553813c2L,0xd273055208f82a6aL },
-      { 0x8728834c74a3ce9aL,0x66b939a891906488L,0x42ac7c07b88d36bcL,
-        0x663d7411d989bb72L,0x650e5d6eb284c066L,0x052b7f6710d8f124L } },
-    /* 46 << 119 */
-    { { 0x3618891fc8176a96L,0x62c4b084e5808b97L,0xde5585464dd95d6eL,
-        0x27a8133e730b2ea4L,0xe07ceec36af318a0L,0x0acc1286ce24fd2cL },
-      { 0x8a48fe4add4d307cL,0x71a9ba9c18cde0daL,0x655e2b66d5d79747L,
-        0x409fe856a79aedc7L,0xc5a9f244d287e5cfL,0xcce103844e82ec39L } },
-    /* 47 << 119 */
-    { { 0x2a8cb0a56ad833c5L,0xe8fab8b844962dd6L,0x31166fd63ee1dfefL,
-        0x3aba85a1e1230449L,0xf9f8da66bd1f502eL,0xe4a72d82e3c17ccaL },
-      { 0xfa3d661d6070d587L,0x51d10b73c33ed08aL,0x3b0f515cb29f2d0bL,
-        0xd82a11d7e1986e91L,0xcf24f81a2201f05bL,0xa94ec1e0d25f8417L } },
-    /* 48 << 119 */
-    { { 0xc7807daa081ed51dL,0xb7dfabf0e5d2d963L,0x3f78ae2e80d386d0L,
-        0xd66275254bbfd04bL,0x238c8eb76d074f92L,0xfe51ec8a5bc5f9b5L },
-      { 0x6ba47430cc03177bL,0xe72efda6400b29e0L,0xb905701becbffe88L,
-        0x5c61bdb47cf89933L,0xf1eb3084c914aa6aL,0xa3ead71e8245998bL } },
-    /* 49 << 119 */
-    { { 0xc58ee3013c7eb5a9L,0x02c177220a1172baL,0x8620118394c7c5b3L,
-        0x66292bc4e1668debL,0xf51b48f4caf39937L,0x9cca60f43eaea578L },
-      { 0xf8e8004a5c2adccaL,0xce7ceeb1ebf49ac7L,0x36346357371d1c54L,
-        0x8799e408d99ff07dL,0x3226181d8c3b2cbfL,0x3b4ff42ba437c2c6L } },
-    /* 50 << 119 */
-    { { 0x00675ba7f25d364cL,0x7a7f162968d36bdfL,0x35ec468aa9e23f29L,
-        0xf797ac502d926e6cL,0x639ba4534b4f4376L,0xd71b430f51ff9519L },
-      { 0xb8c439ec2cf5635cL,0x0ce4c8d181980393L,0x4c5362a964123b15L,
-        0x6e0421e0ffdcf096L,0x624a855f10d1f914L,0x7d8f3ab7614dcd29L } },
-    /* 51 << 119 */
-    { { 0x235ba8b565868390L,0x853c9346ea936e81L,0x967ff132700bb25aL,
-        0xb26d9778561a136cL,0x8b775c4fe3f7e41dL,0xae8f6b2ebd390b2cL },
-      { 0x80959adc4fc7224dL,0xd9c913c12eaccf8cL,0xa9a278c79e96f769L,
-        0xbc6be3038f26856dL,0xb039caf295d04cdeL,0x42ba0510a91bf5dcL } },
-    /* 52 << 119 */
-    { { 0x77870665cfbe0653L,0xab84c4b3523d814dL,0x72839d8897cd2bc0L,
-        0xb966e521d25b1476L,0x4255d18451fd86a0L,0xadaf9b76dd54be7aL },
-      { 0xada6ff627f285e0bL,0xb76e26f46d42400bL,0x1d9fe676958bee25L,
-        0xfcd7be9edb59965cL,0x897a90834bcf6e75L,0x64b26f02aabd21e8L } },
-    /* 53 << 119 */
-    { { 0xee46626beb1a8ce6L,0x2de20371b672fc49L,0xa0fb11b8bd2d9256L,
-        0x5b49f70ac2a8dcd4L,0x98935fc9e5dc0ee3L,0xaddbae423bc00993L },
-      { 0xbd0bd9e19207f0e9L,0xe86c5365b393bcdcL,0x32184c832d0a9282L,
-        0x8fe996d1df34532eL,0x3b33f151c6f45172L,0xd9def9a7b84545e4L } },
-    /* 54 << 119 */
-    { { 0xd9219adab3493ce0L,0x971b243a52f09ae5L,0xc16c9bf8e24e3674L,
-        0x026d408dce68c7cdL,0xf9b33dd9358209e3L,0x02d0595df3b2a206L },
-      { 0xbf99427160d15640L,0x6da7a04e15b5466aL,0x03aa4ed81cadb50dL,
-        0x1548f029129a4253L,0x41741f7eb842865aL,0x859fe0a4a3f88c98L } },
-    /* 55 << 119 */
-    { { 0x66bb66f5f56b17ccL,0xdce0bf2cba8958f8L,0xd814318f9ff85781L,
-        0x41dce823edd1ad96L,0x71bb754bb59c6580L,0x9c5efb70de594c3bL },
-      { 0xf7b4ce5eb0053788L,0x9c26b0342770b6deL,0xe6967b1c8d131e8fL,
-        0xfda0efdccf21bf28L,0x2366d47e09cbeeacL,0x62e9ee556629680eL } },
-    /* 56 << 119 */
-    { { 0xdaff980ff8e06359L,0xb4e0c9e2ead8a883L,0xe3e262023da6e94fL,
-        0x37410ed03303c9d6L,0xc044d77b91fb5d82L,0x3559d9ac9ea34d26L },
-      { 0xf51a120be21beda5L,0xdd2eef8a3f7befa4L,0x46a26ccd8c79fca1L,
-        0x3fb21a682a046572L,0x3624a47adad7c7c9L,0xb9b77ffd4b4174f5L } },
-    /* 57 << 119 */
-    { { 0xae19a097c9f8c462L,0x477be49917a9d8a9L,0x4a0c41c9d2154c45L,
-        0x39313aba1b0d985bL,0x3a70f65cc051b643L,0x0725dabf2d0be160L },
-      { 0x29eefc94a69867d4L,0x6acc4cd49d02bce2L,0x0606ab725d4dca50L,
-        0xcce81133bfecdcbaL,0x604df3def23b2239L,0xa644b430d20a7529L } },
-    /* 58 << 119 */
-    { { 0x80de085a05fd7553L,0x4a4ab91eb897566bL,0x33bcd4752f1c173fL,
-        0x4e238896c100c013L,0x1c88500dd614b34bL,0x0401c5f6c3ba9e23L },
-      { 0x8e8003c4d0af0de5L,0x19b1dfb59d0dcbb9L,0x4a3640a9ebef7ab6L,
-        0xedafd65b959b15f6L,0x8092ef7f7fb95821L,0xab8dd52ece2e45d1L } },
-    /* 59 << 119 */
-    { { 0x43f9a415259ac609L,0xcd6c7aaa0ff5722cL,0xb4689e75b29973caL,
-        0x78a43571b690c0acL,0x90dc4ac0a6d3ba1fL,0x38af00a2b773932aL },
-      { 0xc13aebdda5e2c9edL,0xfab3a128cf3fed2dL,0xb3b7d29d32eb8ccfL,
-        0x9ae1430b6986db5cL,0x35d18edf5365c21eL,0x88f8356e038471ccL } },
-    /* 60 << 119 */
-    { { 0x45587a7c0794dad2L,0x660833899e9c1cdcL,0x60e7ae4ad242a6b9L,
-        0xb5f96b521009df3cL,0xc2d405092e30445aL,0xfa53ba4ec250a29eL },
-      { 0xf6a247855d98c6ceL,0xf873653c207dd110L,0x2aebc3c6c634cbd0L,
-        0x84b8016ce5cdbafeL,0xbda81fcace00b206L,0x837dc69484b55f2cL } },
-    /* 61 << 119 */
-    { { 0x61bdc5cab308f1f0L,0x7763c97d8898d3c2L,0xc02324e60434de23L,
-        0x7f5c565e4ba696e9L,0x06f27a3e66914b66L,0x64a975ee05052cf5L },
-      { 0x98b2f703bb38b14eL,0xbacbd113371e495cL,0xe54451acdd14cc9dL,
-        0x8575cfdf87d141b3L,0xbd183a03d0996091L,0x947555579360264cL } },
-    /* 62 << 119 */
-    { { 0xd1f2d6b8b9cfe6bfL,0x6358810b00073f6fL,0x5fce5993d712106eL,
-        0x5ee6b2711c024c91L,0xd0248ff5453db663L,0xd6d81cb2adb835e8L },
-      { 0x8696cfecfdfcb4c7L,0x696b7fcb53bc9045L,0xab4d3807dda56981L,
-        0x2f9980521e4b943bL,0x8aa76adb166b7f18L,0x6393430152a2d7edL } },
-    /* 63 << 119 */
-    { { 0xc89db4eb4595ca55L,0x48921c735f1a73a2L,0xfc513c904afe7cbaL,
-        0x6d3f988bff8322eeL,0x17d0d4f0e59b7cdcL,0x292f4757f4bb5588L },
-      { 0x3037e11151c14623L,0x3e113343dce98277L,0x0be229341e20dc8fL,
-        0x0ebd1fbfcd6ff82aL,0x304bd69ed01fa90fL,0x402a457577f1862fL } },
-    /* 64 << 119 */
-    { { 0xd74d09c10ece13aeL,0x5e59d9e057a6bd95L,0xdb1ccfdce132b940L,
-        0xa0e5309c843d3c66L,0x1fbd03a5f9cb3ef4L,0xcdc9ef0a00ea5177L },
-      { 0x1ebf5a15cb784a6bL,0xa67382af8a0d109aL,0x3256c37aa0d34d15L,
-        0xee40efa50fca43afL,0xc299bbd4b9841bdeL,0x6df68f603bef4a0bL } },
-    /* 0 << 126 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 126 */
-    { { 0xe01295fdd9d7c50aL,0xaf31b4ea67f8ef0dL,0x2ec9689f9eaf8eb7L,
-        0x327b96c5c622acc5L,0xae918f81b2757f2aL,0x74927d684fd6606eL },
-      { 0x09bb7fce18574215L,0xfea383bce8e68b72L,0xdf2a6f125fb47511L,
-        0xbe88faa18e399520L,0x0166d57e3fb1c3a2L,0x5907ef2fe525f81fL } },
-    /* 2 << 126 */
-    { { 0xdefe3a7b8a37f660L,0x7898db8c858f5765L,0x7366c26a73d1f9b4L,
-        0x35d5d718237ae8b7L,0x3efb20feb4478259L,0xccd0fed7aa545ee3L },
-      { 0x750edd05ed22d152L,0x4f8020f9ee20d4c6L,0x16e60f370a9e29dcL,
-        0x9cf0a136bfbec7f6L,0xb430a34b2e47e143L,0x2e2560bbc6cdd1a9L } },
-    /* 3 << 126 */
-    { { 0x799352dae4161a65L,0xe5cf7ad856253ce6L,0xf606bf796de32775L,
-        0xddc0f3a357fce8dbL,0x1075fc2316cf4a47L,0x078f0e04b27c5ad8L },
-      { 0x9fc477953f7100aaL,0x3ac489254673ffa2L,0xb8263f42f9cd8348L,
-        0x5bdfde3068cc92d5L,0x2250927b1ac37f9cL,0x26ec8328b33da359L } },
-    /* 4 << 126 */
-    { { 0xf186d6bcc88d568aL,0x872bc4c7528535ddL,0xc9e7432edfe64dc3L,
-        0xd9fc4832d795ea57L,0xf4ffdb81c845af2bL,0x66d7e7882b670517L },
-      { 0xa7c1be04d7b7a1c6L,0xbed88479d5b2a249L,0x62ff8aba03f2ef6dL,
-        0x60ecaac420dc701dL,0x9f4b559f4ff10119L,0x0582c9313cd54fd0L } },
-    /* 5 << 126 */
-    { { 0xea9da8f012bbaeb6L,0x3fba06b18c9f8360L,0xc11bd7abb28c0ac3L,
-        0x1e05af2faa8a01bdL,0xae1e99c5f000b1c3L,0x93ee806453d79930L },
-      { 0x5728089e4c4f5513L,0x755351f3b1f70b76L,0x187ac651675f77efL,
-        0x5cf7bfb553067d84L,0x629290838174b5c0L,0x720e20798d5be74dL } },
-    /* 6 << 126 */
-    { { 0xab8cc09ff5eb9ad1L,0x97a4de76132edbfeL,0xa2e11c548baf6347L,
-        0xcee54229683cfcf6L,0xe1e993b8dcfc6555L,0x333bf16abe9df066L },
-      { 0x5207e093060d62dfL,0xfa32324d69b0f5faL,0xef16fbcfd3243d2dL,
-        0x540a2e59f04f8e45L,0xb5e70f9c48317bbaL,0x00dbe9b25b35baa1L } },
-    /* 7 << 126 */
-    { { 0x0eaed675ebb512eeL,0x347e0756058efbd5L,0xadf792ca296d3d47L,
-        0x57f00c0a4654d012L,0xa1e08a04bccc5803L,0x610677f05b2f11d1L },
-      { 0x0d9393d7b81acfd2L,0xb258e1570587c219L,0x372a1857b4ceba47L,
-        0xe1ce8bb53ecc1c5dL,0x7efdf301922cecd0L,0xcab8cb170d8aa653L } },
-    /* 8 << 126 */
-    { { 0x31954a5679d05497L,0xc12520b6fe76d4d8L,0x8c433ec5e37ef1d2L,
-        0xcd0f203575bc3b66L,0x3723f145249cd98bL,0x1356e0d2ea3b42a3L },
-      { 0xf607fee0f174c7b5L,0x318afc5e0127be39L,0xd47b5d74cea5417fL,
-        0x6891940a10fca22bL,0x5cea41332b635e8bL,0x93db2ed6b5934fefL } },
-    /* 9 << 126 */
-    { { 0xf87cfaaac8972b7dL,0x2b8f9874e090800fL,0xdb88cd4f52efde36L,
-        0x7b977f6e80776de8L,0xd047fc8ffb4b19c4L,0x33f3e43578b8135fL },
-      { 0xb4cdb352da33eff8L,0x217f9e2deb89d325L,0x1bb5a004c99feec5L,
-        0x98ce5a7fdb45c845L,0x458904681d87e964L,0xb9253873d151ad80L } },
-    /* 10 << 126 */
-    { { 0x5d7c767de39edca9L,0xe4a700e7a7f8de0cL,0x5816e1f93c9eec33L,
-        0xa975c933d32fe465L,0x979beff968466a5eL,0xe308c135cc067721L },
-      { 0xe0e733b41839b88dL,0xda3e3e6c298dc2ebL,0x414c3f0e8fb70e3eL,
-        0x5ebaefa7ed7ca91cL,0x5c283310ae3b0f3eL,0x20353d5df3b1d44eL } },
-    /* 11 << 126 */
-    { { 0xd50767a9790325feL,0xe2ceddb9358c50eeL,0x60be64bdbbf03ae5L,
-        0xe70c7e90f053328fL,0x6ba6af9e51543f0aL,0x470941f3b413e069L },
-      { 0x0b569fd4ddf63d13L,0xf94b22634a2125d6L,0xaa45ab62a5c1acedL,
-        0x2b797175defa5a30L,0x3eb30067ead1d440L,0xcadb54e90b691af2L } },
-    /* 12 << 126 */
-    { { 0x365a4a431630b133L,0x9ecef631068d7863L,0xa330c8b4b7205a6fL,
-        0x4858eab357df815cL,0x6e522afaf1a92674L,0xa7cff3d9f41365d7L },
-      { 0x00dd34615a0e4626L,0xa695feff48f9d094L,0xf427103f7c082301L,
-        0x14a2a1876b092b71L,0x210f632130037a33L,0x21cca09639340e14L } },
-    /* 13 << 126 */
-    { { 0x58355ba0f60ad6c1L,0xc63fbcff56022afaL,0xa6a770d54e7ef19fL,
-        0xf42b2024a09e9378L,0x153aa3200330f774L,0x268aaee55dc02c97L },
-      { 0xa7e13b42828f7ab7L,0xc0ccce09c303bfcaL,0x23169daae3ccb6ddL,
-        0xf7f763fd786774e9L,0xb15a5ef150021488L,0x52f408fd5f3ea885L } },
-    /* 14 << 126 */
-    { { 0x53e84021177346c2L,0x4ee451dde20af475L,0xd7642453c14f393eL,
-        0x7eaa215331662516L,0x1217a1b4c1d486c9L,0x7d32427569860f20L },
-      { 0x3813c95f14c2837eL,0xb8f0713d4e0c056aL,0x398c218cf6dec37bL,
-        0x5bfa2eefa4ad1eedL,0x53cb0fd29f97a05dL,0x59fa132f6a9f492bL } },
-    /* 15 << 126 */
-    { { 0x6d5dff381fc2c16aL,0x5dec7ae2b1fe149eL,0xa9eed62c85088ceaL,
-        0x5878fdf7996174baL,0x2cf65bb935517a73L,0x80844bcacff96d13L },
-      { 0x0f55c8bfed53f49dL,0x35815fb0fbd8cec6L,0x23e7d5c53b6fa7d9L,
-        0x3ee04c0146ce1733L,0x180e25553f5c4a27L,0x61263ea7280e6363L } },
-    /* 16 << 126 */
-    { { 0xb1f4fead41b959b5L,0x6edb53a9e71890c0L,0x48b47efe2e28aa2aL,
-        0x70dad2e9b3151d67L,0x87a8178b436a3460L,0x0f86f9f5801f7af7L },
-      { 0xfab462e3a982fc14L,0xe29126bacb03e978L,0xb4696b3fe6681282L,
-        0x3bd9910a6a3fdc1dL,0x4409128449e37dacL,0x3b4bfabccf605fb3L } },
-    /* 17 << 126 */
-    { { 0x605fae7ece9d1372L,0xb2623a79f9b7e06eL,0xfab9b2742d37357eL,
-        0xffdf9246461417f3L,0xc04b15d7bdd0e922L,0x767bcee54b2dbc0eL },
-      { 0x74c4ea4ed45efc88L,0x32d3d85491a534a8L,0x88967078554b2691L,
-        0xe8256015e336a410L,0x166469624b9f978bL,0xb433f06ca104f01fL } },
-    /* 18 << 126 */
-    { { 0x8906d815457e1e82L,0x96abb1aa4c8a2c68L,0x2e63f37927ab2fb1L,
-        0xe092e15f5446dfaaL,0xa3a3f0926615c65cL,0x8b31116747c3f259L },
-      { 0xfe2038782e5c658cL,0x38903cf526215773L,0x0039fca7237f1bd4L,
-        0x75dbcc016058ff17L,0x67ee6226a65aeb9eL,0x96999fa75cedcba5L } },
-    /* 19 << 126 */
-    { { 0x04c6fd475ac4d191L,0x0067e474c825a897L,0x4a37c931404810c5L,
-        0x072d30e5c4a56380L,0xbaf3428dc897ba23L,0x9899935b53724382L },
-      { 0xda5cc13ff4d41a62L,0x063047a0c6271baaL,0x49790bdc5cf48302L,
-        0xd8c34e5384c5a9abL,0x6cf28e83db5bc36aL,0x430dbb1497da9d42L } },
-    /* 20 << 126 */
-    { { 0x59470e49c37acc2eL,0xc9e0f73611b85596L,0x47613c1e0fb30eccL,
-        0x1fbeffa3b62892f1L,0xddfeef49f8eefa16L,0x6f82acd9daeff719L },
-      { 0xff1872cdacb41007L,0x06fe556c82d64c6dL,0x52a63a387695218aL,
-        0xa0d413a720802b88L,0x233f1f3118f4a473L,0x22ef7d6fc9d7da4aL } },
-    /* 21 << 126 */
-    { { 0xeba1db6910dad9abL,0xddb62dacde3a5a42L,0x209c472cfdf5ad86L,
-        0x14a7ee4b37214540L,0xcaf70ce08339c9dfL,0xa95744554eb9189bL },
-      { 0x90d7f241e9b39189L,0xf5edfd09af7f3eddL,0xc9a3444deb7ed52aL,
-        0x30d9e2f80085d9d1L,0xeb412daa4dc24fefL,0x55c0000b27786649L } },
-    /* 22 << 126 */
-    { { 0xa9f34fa9518118e5L,0x430db0a51a22e790L,0x64b443a5d5a16ca1L,
-        0xaa3b64f4d8adbe45L,0xb49435fae0f0873aL,0xb8d67ce4a635d1e3L },
-      { 0xad843f8a8a612b29L,0xa416ec7fd84a210aL,0x8b4dc6930984b23fL,
-        0x29a1b71b24640dcfL,0x8f2d7507911892adL,0x0ce384105bd4d518L } },
-    /* 23 << 126 */
-    { { 0x1e1bef926c42e1bcL,0x91259dd60e04d449L,0xc029961e8875d346L,
-        0xfde51012a9e38f43L,0xdeaa1dc18892643aL,0x67e3b913217e08d8L },
-      { 0x889a28c269b92b7eL,0x004c0f87b7446c21L,0xea812f67a2f98e77L,
-        0x42fc7bbe22c40b8cL,0x5e7f5f5a8722e381L,0xf8f209d932099e41L } },
-    /* 24 << 126 */
-    { { 0x867379134a2965f5L,0x34724dcde67b3546L,0x2efe185ee92c712dL,
-        0x8b908f86c201e327L,0x3ab5528894f6b078L,0xb9b2b784ce0a5bf3L },
-      { 0x5eab37ac879f6a41L,0x74271f672f2360f3L,0xf3a3edff304f1cf9L,
-        0x8992ecd8f6fd3e90L,0xff24d7c69f16e5edL,0x0844ab25def9a5c4L } },
-    /* 25 << 126 */
-    { { 0x35cbf2191e14f235L,0x9ef33f3c4cdc1b46L,0xfd5cedd0299f7f13L,
-        0xf57b9bbf99379e17L,0xae25d3e3cd3d59a8L,0x72f9fc84f58cb31eL },
-      { 0x87950fd84c94b63bL,0x15b52b4f7a4560a8L,0x382d36ec943e44baL,
-        0x567ce2e9337b0f11L,0x8136e9ce2fa44901L,0x7e43a7289b15eeaeL } },
-    /* 26 << 126 */
-    { { 0xd1c8ed8814fb95f4L,0xc302e0aa29602659L,0x67abcce005cd67baL,
-        0x7a234cc022f8ae25L,0x7074face39f44e4fL,0x84a08afc7a9d3fb2L },
-      { 0xfd149c88f56c1f32L,0x5b12cc15219e494aL,0x242fc50c9ea3c0e3L,
-        0x196cdba555b23034L,0xfd8cfa5e87b75206L,0x915e706488d55f47L } },
-    /* 27 << 126 */
-    { { 0xb59480ba876145beL,0xd8f8fbbe8e1075ddL,0x0ba10292b5d9baf0L,
-        0x3a4b7f65e39a8754L,0x1b3a044c0f3c6520L,0x6b8b3397b1dff4f8L },
-      { 0x40cef2285c182eb3L,0xbef82aec1b1cb92fL,0x5c4d2bfc2a97c5dfL,
-        0x41d2a046536ad077L,0x94ef34a8c497505dL,0x14e9aef48e0b35ffL } },
-    /* 28 << 126 */
-    { { 0x2edaaaaaacaf1f3fL,0x9e3af72c80ebcc10L,0x3542fc42bcb1618fL,
-        0x6c04ec246709d851L,0x5fe9768ea9af4ce0L,0xe739d50eeb6ebe2eL },
-      { 0x7b7da4ac876586e0L,0xb0869f1d64f5f956L,0x7f691c51fd563c80L,
-        0xea990d6926c775e1L,0x2cd96f1321b58889L,0xbc8074720f1aac2cL } },
-    /* 29 << 126 */
-    { { 0x8e1fa5f8eb3283cdL,0x0107a3ba20e69342L,0xf99a511cb045b8dfL,
-        0x172d0c8933b51876L,0xb11efc2b9636d0f9L,0x16b2197c41570483L },
-      { 0x49df27edacfdfd1aL,0xd9d2cedc366b9b28L,0x0289a75cab028c0fL,
-        0x522f567a4879464fL,0x3313728225f64030L,0xfa28cb1558d6753fL } },
-    /* 30 << 126 */
-    { { 0xe5252210c6cd33f0L,0x6ba7f51f3f085202L,0xd2a87fb38f52e312L,
-        0xa5e082cff25f35efL,0x786a93c2b9df2f20L,0x68c7e1299a19bf27L },
-      { 0x13a971ab8d710915L,0x3ca4f8c6939443c6L,0x8554699c70522446L,
-        0xdf42b7768e14e6bcL,0xc7969fa5f7f3dadeL,0x135b6b77350ded88L } },
-    /* 31 << 126 */
-    { { 0x39e54aa472546076L,0xc0003f7f13e312beL,0x71106a4ffea91274L,
-        0x3868f957819851cfL,0x713b96e75c85bbc6L,0xfda8c2df610403a8L },
-      { 0x0ea806c3a008cf78L,0x0ef9708353c0d1bdL,0x536950211e592838L,
-        0xea3773d5e9023982L,0x6eee3c0d4195754cL,0x95df7b568c4bead3L } },
-    /* 32 << 126 */
-    { { 0x57edf71edf9a9f18L,0xbf834240627a0b79L,0xb37aba1aa6934160L,
-        0xd45b3d2c5e639a54L,0x62c6b9ad70bce957L,0x16bc35a75d7e87f3L },
-      { 0xb021698266b4a982L,0xb56050dd0e51c9bcL,0x15aa692b478e4b91L,
-        0xdd67cf29be3fe25aL,0xf1ef75b006bdd4a8L,0xf71a285b41df627aL } },
-    /* 33 << 126 */
-    { { 0xba6be58993032120L,0xea6dd691db99740eL,0xad8679463154648dL,
-        0xd1a36f4c28c0668cL,0x09a28c234dd76e88L,0x93fef0c7dc665bb7L },
-      { 0xa78dfeb4860a0016L,0x06d2f868e21a9e02L,0x333a25a38486ade7L,
-        0x12aa13130e398a80L,0x04a44a5848d5b3e3L,0xe59293d47a7ec12eL } },
-    /* 34 << 126 */
-    { { 0x6cdfb5faea2c1632L,0x6799cfcd7865f931L,0x4e1e5d25bf420a7cL,
-        0x7d4597db05d22ddaL,0x7548db12fceda1e1L,0xb4523ccdcb473578L },
-      { 0x3d8dbad0ff889f03L,0xc591bb1118a9a222L,0xfac2b914a2cfcc57L,
-        0xbb67601abec9d9bfL,0x18dff42ceb55218dL,0xb36ef9ba7d2b6320L } },
-    /* 35 << 126 */
-    { { 0x5b007ad1f3edf67dL,0xfaee9cada25fcfafL,0x18fc784a4d62e5c2L,
-        0x98deda878acb5f8eL,0xe9cfd10a6f888d8fL,0xbb0d729b053db2efL },
-      { 0x7b09fa4f2aecece4L,0x3f72187cd4c44cc3L,0xf646aba05b8175a5L,
-        0xf213caeba5686ca7L,0xf5ce777badc5d40dL,0x15ff85d660eb9357L } },
-    /* 36 << 126 */
-    { { 0xcdd18aee24e6df19L,0xa08ab968bbb3303eL,0xd5eb039cbab4f1a3L,
-        0x040d03a8fa7a48d1L,0x767c0ed23d66628bL,0x0c6bd388b1a6809aL },
-      { 0x793aff3f029eeb91L,0x6db32d13bca798a8L,0x6aef5c1cc3816cf7L,
-        0xcfb25ea45fd2cd2aL,0x0715a7899f8e3312L,0x4a9ad4782a6b1a6bL } },
-    /* 37 << 126 */
-    { { 0xa9f360a5d134c919L,0x10dba223dcfd0715L,0x7444b191dc9b4394L,
-        0x9a16a971e2f288e0L,0x0d05c511f6a49999L,0xca34eae26b65e956L },
-      { 0x692febc418a83b76L,0xf3468c7b0b5f3511L,0xd8d3ce48b8e1ed80L,
-        0xbe8c5c302a6de231L,0x9c0468b74e680d8bL,0x773ebb63f57b88d3L } },
-    /* 38 << 126 */
-    { { 0x9c2c33a5b726729dL,0xa86ab4ea5db2af56L,0xe987c5e3b0a36ffeL,
-        0xa6dba84da5fe8bdaL,0xe1fefa4b8ff617a5L,0x561cdb88a91ad714L },
-      { 0xeb58f7fce145ddc0L,0x7b0e560a29c5ad50L,0xf8d6626593da0e76L,
-        0x7769b479db39fb92L,0x9149f1e3a3c49033L,0xb706057f3ac49c35L } },
-    /* 39 << 126 */
-    { { 0xa678ba3fa527d157L,0x922aab268856a8b2L,0x936d3e85690b4771L,
-        0xed78dccee114e472L,0x9694ccb1d315fbc1L,0x8b1cf4482822d968L },
-      { 0x336e670c4aca5441L,0xece24fb58f0e2824L,0x28d1578d05b758adL,
-        0x0a1be96a40c3f019L,0xed1586e30b659cd6L,0xdef180009f860dd6L } },
-    /* 40 << 126 */
-    { { 0xc2885af90fe0f372L,0x2c756bef5fa6b808L,0x52b7f7b6068926bfL,
-        0xc9399c1ddb143b68L,0x0e77c689e4c61211L,0x7d01e37f15ad7fa0L },
-      { 0x712fc61f188b2a01L,0x103685ec55a4100eL,0x721f9c02e5fdce96L,
-        0x61c8a0c5e784397bL,0x34d478351c686ed2L,0xc697c89cd155bbe9L } },
-    /* 41 << 126 */
-    { { 0xc26dbc34f06a2cffL,0x4f10297631a80712L,0x758e33eda7c54effL,
-        0x44b5e4ff3682d103L,0xef05034722a05e6cL,0x9170365c48ff372fL },
-      { 0xee49b61d66a15a71L,0xb5fd487995c2045dL,0x5940487160ad67caL,
-        0xdcd2d5f586388c40L,0x0b41a8e54cbd1f71L,0x8152c17040236ae0L } },
-    /* 42 << 126 */
-    { { 0xf05b99d0995e9809L,0x036248a70295fceaL,0x7b70cf8f558e6ec4L,
-        0xe882639c7c48ce34L,0x4cc86feaf4f47d38L,0x976799cf6d81aef1L },
-      { 0xdb202bfe8043cb43L,0x4c761cc5cef4f017L,0xe124bbc161f0c89eL,
-        0x77d1cbf55b5a3d20L,0x26e549fcff346940L,0xc6040a4c2325466bL } },
-    /* 43 << 126 */
-    { { 0x1ed4d238e940e32aL,0x29d99c20139efcd6L,0x4cb7ef50c172b412L,
-        0x8a9c438931957225L,0x5d8872af60be4612L,0x7bffbb1be7e79e0eL },
-      { 0x75bd89c1fc7d4e66L,0x723f9ae86bcc0379L,0x88f673b599c1b827L,
-        0x8d45d139ecf5148fL,0xf12e605ff97ad1e0L,0x567dec052f09c370L } },
-    /* 44 << 126 */
-    { { 0xfb33b987b0be5055L,0x9864f903bcce94dbL,0x99b8da36aea9d09bL,
-        0x19e326113b622d3dL,0x6abde501dc38f903L,0xb1fe3f1867cb2161L },
-      { 0xb053ec831e08cd7cL,0xba503b563298d32fL,0x220e98c8c2a79e86L,
-        0x66ac99511e1cba68L,0xf9520e1e644ab527L,0x3f222b9b4eb8abf3L } },
-    /* 45 << 126 */
-    { { 0xae0cf2ff705cfc45L,0xf9d5dfb65a0449b1L,0xd0300b2cd4697fe0L,
-        0x4ac80d7e4dc665b0L,0x84fbd38d72c1677cL,0xea8306f08e683a0cL },
-      { 0xe2381e65a469e337L,0x36b565d0b3ec173fL,0xc67689c700f3007aL,
-        0x9f0108992abcc81fL,0x867a5f8dbb9bf584L,0xef789cdd5a436b38L } },
-    /* 46 << 126 */
-    { { 0xf8cdc9ecee11fa1bL,0xa78c73ed4c90edb9L,0xf6703453bbbddb82L,
-        0xd268b4e23020e294L,0x214cdd54958eb8cdL,0x2acbd31d4d7214e5L },
-      { 0xf7c60c89cc733351L,0xb8c5cc642fa201fdL,0xaae1ca7f4c2acb10L,
-        0xf7e33be56d7f598fL,0x982c012fd920c3c8L,0xaa98a69b86751ef1L } },
-    /* 47 << 126 */
-    { { 0xf5f548eb915ed5cdL,0x657ca09ce30f448bL,0x8750c4a44a30850dL,
-        0x1b329c4108edb075L,0x8c261df8ccbcdaeeL,0xa81720bbedd44638L },
-      { 0x602fc21f0b91ee05L,0x6241265db7e8bc28L,0x1daefe5b106ac444L,
-        0x93fe5bd42c9deae2L,0xedc229e17f1ba35cL,0xd99244977e0da1f9L } },
-    /* 48 << 126 */
-    { { 0x3176a43ab7a3ce87L,0x9fa09e975f130e73L,0x971cc37b9368e156L,
-        0x2cabf535b8981792L,0xaec2862e4d0f0bc0L,0xa1a48c183ce8c100L },
-      { 0x288f4e694af2eae9L,0x778845f21f9339bdL,0x1ef5fdfd17dfaa6aL,
-        0xc784117e3483a6fcL,0xe8c82f05f3c5c19eL,0xf39b3c1d1da87ab6L } },
-    /* 49 << 126 */
-    { { 0xa2539d4cc4ac73e9L,0x0308f91891488ba1L,0xa3e72f4459fae934L,
-        0xb6bbcc37f8c9c402L,0x345a2debc6edee3eL,0x0352f023b0df87b5L },
-      { 0x67c9e7b8818c4f8dL,0x3a8714cc70f44977L,0x37b96e1295066bfaL,
-        0x617d9737c95d7f70L,0x60bb06ef759a360aL,0x97689b3f34f59fe1L } },
-    /* 50 << 126 */
-    { { 0x17d0667fb2dd1febL,0xbfb92fe48862b2ccL,0xcfa0c8e9d5438a69L,
-        0x7bdbd4b1d9cf9ef5L,0x7616acddf373c87eL,0x0603d2b0cf8fd5b6L },
-      { 0x6a80f25d46e31aacL,0xea8c0ad0fd424755L,0x9e2e5a5b3ffd5a2fL,
-        0x8882d271f3b143caL,0xe6fc9ad7904e1740L,0x98d1620af428ad20L } },
-    /* 51 << 126 */
-    { { 0xc8c991a63292054aL,0xc90b11618ce93455L,0xdfa32238e200d1c6L,
-        0xa9c578d5303004b3L,0x9dd2c3881609e5f8L,0x068ec35d24b69108L },
-      { 0x47e8183b2d1a3b7fL,0x6200d70efe3db580L,0x76012f3fafc089b0L,
-        0xba06dbf4bddea8a2L,0xd83b4af5da01a49bL,0xa3d4334ce16e87e6L } },
-    /* 52 << 126 */
-    { { 0xb2fff4035b43e58fL,0xe80bd5740727be41L,0x048a59cbf9b52541L,
-        0xb79084e7f38d0b47L,0x763b0c95938935d7L,0x7cfc6180336b8735L },
-      { 0x118d2a6f929b0200L,0x7e5789775a31948cL,0x9085999326009509L,
-        0x330533a33ad633c6L,0x28bdb910733f4c3eL,0x82c88f148fdca27cL } },
-    /* 53 << 126 */
-    { { 0x1c346bb04ef444e7L,0x40a50060e6c22e57L,0x5eb02aa6c7a773b4L,
-        0xd748a0a0d23b190eL,0xb6ff7f02cfedb7dfL,0x3f8fb35b30f8bb4aL },
-      { 0x245b1c232dc31174L,0xa1e156579af25f59L,0x1ad1a2315e2393daL,
-        0x9430ed2dfd7c7073L,0xc4161d4f580fbc0fL,0xa2bebd3fa0f1dadcL } },
-    /* 54 << 126 */
-    { { 0xace743b6baff35ebL,0x84ac3ce8ac6f38f8L,0x81d41297106b44f5L,
-        0x33f6bbbbaed20aa3L,0xae4dd66ceb420ee5L,0x87553aac994f0777L },
-      { 0x26275ebff1e3647dL,0x3b574c4fd9eeb474L,0x58fe2a16929721c5L,
-        0x748480df932030d0L,0x3a30032641bb5f68L,0x0797fad92c06d1adL } },
-    /* 55 << 126 */
-    { { 0x65356242c7caa811L,0x780fe23f4506bbd7L,0xa741a51042407c02L,
-        0xb8ccd27f5ef9eac3L,0x137f4a573ecf5766L,0xd495be0d15936fdbL },
-      { 0x5a419656109c93f3L,0xd2f7b65dcb12affdL,0x2305a070ff830421L,
-        0x6d00f1e9684d5a6fL,0x3de9d1de91aa391fL,0x0b5148c10acb6de9L } },
-    /* 56 << 126 */
-    { { 0x209fa6e68ca7ec95L,0x17808b0c107a1047L,0x99bbeb5edfd270cbL,
-        0xe3d57c1dc25e2d6eL,0xb90b0c107ba1237aL,0xa7e1b8dc4a0d6856L },
-      { 0x97d5b46136a9a07eL,0x931251e9125ea29cL,0x4177fd10fc8868a8L,
-        0x1d3538b7b7cdcdf4L,0x889008c8ed3ff9dfL,0x30573ad2229b9413L } },
-    /* 57 << 126 */
-    { { 0x11596662924d413fL,0xe797d0a70e5d7bf1L,0xaa05dcd28452ee62L,
-        0x6e10e77f5d5ddf1cL,0x46b72cda5fbd184aL,0x3adc1edb5b25c0c6L },
-      { 0x640de5b05c732e3aL,0xa7d4f0f5c6739747L,0xbc11978d1426527cL,
-        0x979276eccbee0053L,0xc44347a7304e8811L,0x016c01e11f5ececdL } },
-    /* 58 << 126 */
-    { { 0x78b2f1a15ee57666L,0x28060d1576a2c09eL,0xaf0cb38df632a5deL,
-        0x93ce93eea284cd43L,0xe3670d0af35dc1f5L,0x3b8deea527971072L },
-      { 0x3b88b1158eea4303L,0x43ff3b22aabde038L,0x8d69e180c813d623L,
-        0x218f5b853aa7a08eL,0x6ee1544adf74f239L,0x0d7abf20fb8772f7L } },
-    /* 59 << 126 */
-    { { 0x1d881d4eb7716840L,0xdf83a03b86bdef07L,0xd534c4e4dc7ee69bL,
-        0x1169f1cc6e264c79L,0x85c812d1b7690d17L,0xcc3164adec5f2ed1L },
-      { 0xb91a14180674e87eL,0x5dfaa279969188fbL,0x434acad5e242b969L,
-        0xa51b5c63751c4e51L,0xaa9089b7874f9aa2L,0x8758f9e51b8397e5L } },
-    /* 60 << 126 */
-    { { 0x422ad88e57fd35feL,0xd4564b96b99a11cbL,0x78939992238baebbL,
-        0xe66ddcaf4b30a709L,0x00873d5f7812ea50L,0x7317f9dc6784aabcL },
-      { 0xf94afbdbe0608ba4L,0xfff893618896d745L,0xa3348af5cad62808L,
-        0x13ed4507f349f51bL,0xa73d4bec1186324eL,0xf0b48189a20022d2L } },
-    /* 61 << 126 */
-    { { 0x87d117858b8efa4cL,0x724439d6e9c2ee6aL,0x33ab2a03606fa0c8L,
-        0x6ede5b55f9779d87L,0x858b7dd0759445cdL,0x33683c817a5ef23aL },
-      { 0x0f093175221c3443L,0xedcf2aaf889195a5L,0x9f189ebc814abec7L,
-        0x6a64999c40235b9eL,0xf98dc212984438ebL,0x97e2d102ba86e7caL } },
-    /* 62 << 126 */
-    { { 0x337b9cbce3db0718L,0x1f2f55833d1796feL,0xa522b76f68c2a69dL,
-        0x4c1da7cf5375cb22L,0x690a2e7f50bb0d7fL,0xa734d4756689b6eaL },
-      { 0x918592d5867ca0a3L,0x64d1c147c4d15e28L,0x4d8c3e22656f8219L,
-        0x5e028bb2170f59c3L,0x41e8b84449875858L,0x1d928cc90c599178L } },
-    /* 63 << 126 */
-    { { 0x736dee2cf44db09cL,0xfb5035c07257b4e5L,0x3e3a7bf6bf0b702aL,
-        0x4910a0165f257c0fL,0xd80b891d98437b4eL,0xf9e55d55076d8587L },
-      { 0x4e4ed7a79b4fcf4cL,0xaaf417f5581acfe3L,0xb1ae2a7ca3b3f920L,
-        0xa666bb6263ee4781L,0x2fba297e63684f04L,0xd6e662658d83bd6bL } },
-    /* 64 << 126 */
-    { { 0xa58a27c58a541be6L,0xaf66949954fd7683L,0x2431826600079a25L,
-        0x113f6fcf2606caf5L,0xf6ff2be316cb28c8L,0x8f7fc60e3c17caa6L },
-      { 0x8ea577e07d35e26cL,0xc3e744c0f0628903L,0x4b28eff4592a57eeL,
-        0x76e1f87c5e3f67b2L,0x40d7a676fb008902L,0x68a9dc764b6e6b7eL } },
-    /* 0 << 133 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 133 */
-    { { 0x76e2751a12575913L,0x2c6059914a5f8c4aL,0x58322dfb71fba662L,
-        0x228aec085e0886afL,0x8d83b6276aee544cL,0x338f5fb6e29f9639L },
-      { 0x1ba4cfe0bf5e19faL,0x2eea84c5b9e4f8f6L,0x7e0eed58cee95d92L,
-        0x2d29282abe535540L,0x866638b607a9a1f4L,0x915999776ab8dc82L } },
-    /* 2 << 133 */
-    { { 0xa16c79cfaf4d260bL,0xfe853f6cfab3c3c8L,0xb8bd6aa0c2f47e68L,
-        0x277d590f2c9b4914L,0xb6d1c810097242a8L,0xcf2f3d8e45f75512L },
-      { 0x2176162b74a20c3bL,0xeee8bcb82b2bcddaL,0xfcf8c0d1a503aee7L,
-        0x5d1f94a57af4dd78L,0x8f0bc1a62ab43be4L,0xd22dbf16ba9e071bL } },
-    /* 3 << 133 */
-    { { 0xbf87f30e3790b47cL,0xd3d3f1e25ab52ae8L,0xd5fd32bd50ec0ba3L,
-        0x7de8fe0ae60d1e72L,0x52d77fe0e14ff2d3L,0x9b6937db55ca47e4L },
-      { 0x39e3d19f53e94fa3L,0x8d962a4fbd7827e4L,0x3bd70c7afe92c6cfL,
-        0xa3fbc06869a82904L,0xe263f00ed96d1d9eL,0xe6c9781f75c0c24bL } },
-    /* 4 << 133 */
-    { { 0x705bfe37b4e814b3L,0x22f0de61702013c6L,0x811e77a9bc456797L,
-        0x4f52c4e617081a2fL,0x87405d819fe1640eL,0x53fa82b7707711d7L },
-      { 0xdc6fff830ee4aea6L,0x8413e22ffd60373dL,0x0ecb66bea9cf3eadL,
-        0x7418372e87139b8bL,0x6aaccf295e42b4d7L,0xb6dc592531fc932eL } },
-    /* 5 << 133 */
-    { { 0xf1c8d00de460fe00L,0x5692bfee528da7c6L,0x9e4dd700ac8620dfL,
-        0xcc43e73d9d6fe740L,0xc94060d3e76dcba2L,0xfcdf8ba6d398914fL },
-      { 0x540942e7502f8587L,0x5def85040de058fbL,0x63e0c7855292b0c8L,
-        0xe90405282e558983L,0xe25727a16baf4a31L,0xb9bf28f0acf64d7cL } },
-    /* 6 << 133 */
-    { { 0xc7c8364f09d26382L,0xe16988737bf32d9fL,0x97bac2feb726391cL,
-        0x521426364a7c0b57L,0xe3e596482cdec222L,0x4ee7238cf44e0a98L },
-      { 0xa6d05a21f61cfea8L,0xa1059fb7efe6a26fL,0x482a65b342416fa4L,
-        0xdc5727e1c71e7a94L,0xe6b0fb6ec4767f1eL,0x3d0d626d6510599eL } },
-    /* 7 << 133 */
-    { { 0x59f5df1b2a8f9f78L,0x6bb161d992257e60L,0x2cf060beb7b2eb14L,
-        0x98e72799aec169b0L,0xdde683927045fdb9L,0xee5e0aaf461b27e8L },
-      { 0x80250c744c0ee047L,0xdd3881f597f0677bL,0x0ea56921a4459b6cL,
-        0xf7793cee26df8d7dL,0x33bfa09be42d1913L,0x9f0636f74ccf5139L } },
-    /* 8 << 133 */
-    { { 0xfa3b4c8eb88ee8f9L,0x1f288e60b521ab57L,0x06aa39562e8c4d8cL,
-        0x4981c3e5cf89935bL,0xbdbd0c4745fa071eL,0xa78f831c496073beL },
-      { 0x09a72986a4e5c001L,0xac527731709cb728L,0x9a64b5b3988f2781L,
-        0x6ac9440d73b1719dL,0x58ad54c7e3d2e807L,0x1c1574488f06742bL } },
-    /* 9 << 133 */
-    { { 0x3220a099a5e437e6L,0x11a1b1734dc5bdaeL,0x1ad9e736b64c9b8bL,
-        0x82b6a3d4ce40acadL,0x54e1eef8915aaa8aL,0xff19be481f3a1f54L },
-      { 0xadc4c5250b64a2b6L,0x6637bc8e12caf63dL,0x970d08b01206a661L,
-        0x97c9b9bde57cf6c2L,0x228ee4712b89b7b7L,0xfeed19ca837cb79fL } },
-    /* 10 << 133 */
-    { { 0xcd36c981a816f4d4L,0xc99316c27712a72bL,0xd32cb20339e671aeL,
-        0x79ff1889f67f6215L,0xf9fe7448cd08e91eL,0xdc9b277776f3e605L },
-      { 0x8af30c2e7c1609a6L,0xed3224a3e54cdd0bL,0xe73f56ded1dea6acL,
-        0xb836eb783e37a390L,0x9f0dcdb2c78a0510L,0xc37e67a39e6109f0L } },
-    /* 11 << 133 */
-    { { 0xab419eb852e0d552L,0x86c76ef8ae3d06ebL,0x219662b4f7c6342fL,
-        0x2820299e548f6717L,0xc4d0d47a8a2aeebaL,0x4c98069895536593L },
-      { 0x3644e55ff42cd505L,0xe109b64ae47e0b0bL,0x91f520a6c89788aeL,
-        0x35f6dc577699087aL,0x3484f5b6b77deb8dL,0xc22a63a47f3c09e6L } },
-    /* 12 << 133 */
-    { { 0x6b5b7b2a75c953b2L,0x927ed77ca7f1cd5bL,0x2e8c53994cba0e5eL,
-        0x03aeb14a3f4a941bL,0xedbad9a0a1385c8aL,0x925a49c167fd2258L },
-      { 0xe7e368ee3365ffedL,0xcc4aad2dd106eb87L,0x4ce908daa980b53bL,
-        0xd3f4954016929ac8L,0x613c804dd5c05c32L,0xa42290ccd7973344L } },
-    /* 13 << 133 */
-    { { 0xe7437974c464c24fL,0x70c04156d36bdfecL,0xd94c80fcb2d5d96fL,
-        0x4a1fcf19d2cfea9cL,0x443478592f6df796L,0x0c908d0159743bd2L },
-      { 0x78949087d165a62bL,0x6c3f9021632f4e1cL,0x3917b925a94bb004L,
-        0xe153ef092b3f87e3L,0x6aee1027ea706338L,0x953ab2959733bd02L } },
-    /* 14 << 133 */
-    { { 0xad49cad49855d008L,0x23442cf94b273d85L,0x3a3c8752e3dd8f65L,
-        0x0ca5d24bedf84ed0L,0x3d0580938b4f8f96L,0x1cea59acf9b9ae03L },
-      { 0xf17cbbe23a06567eL,0x49cf5294f090338fL,0xcf8cbe0da93562c1L,
-        0x66683f21b986b71cL,0x3c96750cc87c9e10L,0x38e62db63dcf2f32L } },
-    /* 15 << 133 */
-    { { 0x807a519047f99946L,0x49e03dcf01615a37L,0xe813287c99590bf6L,
-        0xc9caf30ddb62835cL,0x0733c49d4df78781L,0x4fde30fd4815d3adL },
-      { 0x2809b853f9a2610dL,0xf2b139b9dc050142L,0x52a40a413c23a4edL,
-        0x9333086b0a104df2L,0x04a90c11e2a65950L,0x4c6a15c4dc24341aL } },
-    /* 16 << 133 */
-    { { 0x33952177a98cf218L,0x841d9e1f579ee53aL,0x1084d61e0a285bd5L,
-        0x3935a84e71171b1cL,0x8ac2433cf29b29f9L,0x5dd868b56dd1e9bdL },
-      { 0x88da04788d102390L,0x1140735a657400d1L,0xa792a25f9d5b19e1L,
-        0x9ee015cb6a27fa79L,0xea3bf8b57ba16a8eL,0xc5f0cc26c15fde67L } },
-    /* 17 << 133 */
-    { { 0x033708d2e02e9feaL,0x2b588d1e222f437dL,0x998442d6c6b47013L,
-        0x4033d62fb8ac1fc6L,0x9b8fd348877c726cL,0x1a2125fa5bea5a49L },
-      { 0x04a2c1d680b8afd9L,0x3d52c9d2a40195c1L,0x56b204e6655c0b30L,
-        0x55ee14ef520b3464L,0x23fc52e6b5bdd96bL,0x445cfd7a56f4b269L } },
-    /* 18 << 133 */
-    { { 0xc8985c2c5fee6426L,0x8be749496bb7bb8dL,0x12967576659363b4L,
-        0xd1b6ded9b969b221L,0x586f28929819fc04L,0xec6b03e5addd6307L },
-      { 0x3f0e96cad4da6627L,0xc866c95c14860d00L,0xb038867c9725f9a8L,
-        0x60cd3afa1caf2547L,0x6f2cc04411dddfafL,0x49551f249d0af0faL } },
-    /* 19 << 133 */
-    { { 0x04a68337177e2e7cL,0xe20b21c0adb79464L,0x9b30d3437e42ae4dL,
-        0xac7a01d7f86c5767L,0x3ea34e385381db5cL,0x3005a0c39235f5bcL },
-      { 0x853eb43167b4a5c5L,0x92f26a35584e4b8aL,0xa3d25e5879bb470fL,
-        0x7963d90a5eacbb13L,0x08ca7969212e3aefL,0xb5ec6582df92bfffL } },
-    /* 20 << 133 */
-    { { 0x2e152d95ee2c3290L,0x8437df2e4a9ceda4L,0x4151754e3c7ebfd1L,
-        0x556c59a888f80aeaL,0x8d099c5d8de44dbcL,0x9ecce7fc77abeeccL },
-      { 0x5e0a0f383aa311cfL,0x99ff1eecb8f2bff5L,0x5ae0b483b5dcf488L,
-        0x11212c4591483a02L,0x99fe0738312134a1L,0x3b855db0a72745efL } },
-    /* 21 << 133 */
-    { { 0xb70bf73230261470L,0x8c9b7c4bc74a180fL,0x4c648aef88a9d9acL,
-        0x3d9f7540a10f98bfL,0x8ec2a3a3120d55f5L,0x1707c1b0baa5a600L },
-      { 0xacba8da9103f2f0bL,0x96926dc0c7194236L,0x00358df7584499dcL,
-        0x74c27d0e538c0a15L,0xc675d079de960a77L,0x575b042e89f41f6bL } },
-    /* 22 << 133 */
-    { { 0xd17d99529703d919L,0xb25ecc411477faebL,0xa5c66a58a9aea2fcL,
-        0x83754d683accb00cL,0x6a9ae76a25901044L,0xe437981b2565e035L },
-      { 0x441ec0d96f45fa01L,0x35e40d126a697636L,0xba2fbab59bb3c2fcL,
-        0xc038be03e94b245fL,0x366b4bcc0c1672eeL,0xa14a2c10f1ce6d55L } },
-    /* 23 << 133 */
-    { { 0xef32d94febe1dfe2L,0xdbf53d4271494ea6L,0x72dc5fad24cf0c2dL,
-        0xa9247adc66dbc21bL,0xe31ff66ab130da59L,0x8cb97c09e86ab63aL },
-      { 0x204020e2f59ebb80L,0x56f6d8b7cfd0f965L,0x7522a692b1518dadL,
-        0x8e7c999f5f231e2eL,0x2eff5904b4406177L,0x8440cee87bfe2363L } },
-    /* 24 << 133 */
-    { { 0x37f50e43892c8eecL,0xf06a2f047d85a7e2L,0x3916af85e1d11150L,
-        0xf56e852f6785ae1cL,0xbf8c72adae6ada8cL,0x1fcd53e3e13285b2L },
-      { 0x5327920cbd56d348L,0x82a394fb445658a8L,0xa71328573caf3792L,
-        0xb15ab34b550ffe1cL,0x818980666a5d4e4fL,0x0bda153b2f854f9dL } },
-    /* 25 << 133 */
-    { { 0xf664f44407aa3d00L,0xcf8901664704e2d6L,0x1802f662f8c2fc8dL,
-        0xd52496b8a47f0da6L,0x37f71d8c75001c8eL,0x7ad8e8c29cad3ba7L },
-      { 0x666afc25825515f7L,0x3a871c76a729e498L,0x5dc21f1108479e3eL,
-        0x78ff145966c4331eL,0x8d01e2352dd3deb2L,0xc68445e9dbc91fc3L } },
-    /* 26 << 133 */
-    { { 0x8f2d9aae98ea13f6L,0x3e75ba40ab97bfb0L,0x14dd24e635e1fe35L,
-        0x14abb0735f88d9b9L,0x74b2c6a801d4fcd6L,0x4905dfe7744a09bbL },
-      { 0x349348c077cd538aL,0xdec247f5f7b6d035L,0x737e248dc455d417L,
-        0x608a5529b6fe5d92L,0xce0ba0bccd7dca64L,0x022bcb18c21175c6L } },
-    /* 27 << 133 */
-    { { 0x79fe5372881b120aL,0x4878428aae98aeeaL,0x5c6a7f7d09511acbL,
-        0xb7be08de3b046481L,0xfb91990b8b35f13bL,0xab734f604ebdd374L },
-      { 0x3d4955f1197690e1L,0xfc82767c7b376dc4L,0x7cf3db85b8c659c7L,
-        0x4cfb6f4b03202723L,0x8b79311746141d27L,0x94c6ee67867292c4L } },
-    /* 28 << 133 */
-    { { 0x77a31009722730feL,0x93707ac4d5cdd297L,0xa290be39d3811e8cL,
-        0x831a9b9592a5cdb7L,0xc74cda84e7342270L,0x964661903f48affcL },
-      { 0xb0496cca5520b0f0L,0xc8742cd9bae930ffL,0x3a30737aeaea703aL,
-        0x0a8e6fb7fb758854L,0x9ab9523e6796f4d1L,0x36e6c05dfdf7140fL } },
-    /* 29 << 133 */
-    { { 0x4c8ec1a3ccedff1fL,0x8fc58987ca74bd5fL,0x70a6b71cf768abcdL,
-        0xb9971cf5ed60a02dL,0xbb2aedc8af2f9a41L,0x4ebf90c76032c98aL },
-      { 0x8e69b4c4d3752262L,0x350f201474ba8e8aL,0x7a164f6724d0052dL,
-        0x5aeb80db61d7eee0L,0x626a6c9da63583bdL,0x6246637fc3f2196dL } },
-    /* 30 << 133 */
-    { { 0x2077dfa1817d444bL,0xdda9c7fcdf855b15L,0x577603be04b31d38L,
-        0xc6beacae7a140cabL,0x8cd9dc019ecbed91L,0x6ea8591295ae114eL },
-      { 0x6fb29a33fd47f1b5L,0x6203bca6223cb96aL,0x2459d85a7c1a3580L,
-        0xbab5922d6410a3c0L,0x543be274cc7750f8L,0x1a653e1c42baea3aL } },
-    /* 31 << 133 */
-    { { 0x616abd271dbeeea7L,0x0684c14fe2189d8aL,0x0d2bf3687354d862L,
-        0x8b0cfc06a8bdcb0bL,0x187147b49661e548L,0x07509bc358edde6dL },
-      { 0x7b2a33bca78c2782L,0x5f41b8379ec5fa24L,0xa6df5de574539201L,
-        0x3510f650093f8f7eL,0xe4d1c06ed14aaa71L,0x4d1b1ca2b0470581L } },
-    /* 32 << 133 */
-    { { 0x3b62315064ef6a95L,0x97645381aaa5b792L,0x4bc2c31c56471100L,
-        0x4a0e73bb1bae8d2aL,0xbfc0770a8df1f76aL,0x5089916fa7bb16caL },
-      { 0x2afe5b1cf31fe82eL,0x0b06831df0119977L,0x97caa333a1af2a82L,
-        0x93cb92c5dafed6cdL,0x09553e7e92c3b2e3L,0x3d9c4b7d61af2956L } },
-    /* 33 << 133 */
-    { { 0xe56c89b06910185fL,0x1cd06d19ac47667cL,0xb35e6ae5fe41a4ffL,
-        0xdc2fbaf959e8be08L,0xa9e6df08f8cec40bL,0xcab91f8ffe63ad2cL },
-      { 0x1e3bd193ca2cc678L,0xe1830cae06bb40f2L,0x3b8b33d6d69985abL,
-        0xb6b7e8433895d8a8L,0xec3882909fbf6b31L,0x012bec2ac37d64cfL } },
-    /* 34 << 133 */
-    { { 0xff2e88fd33941b4bL,0xa2d9730a8d85cccaL,0xa23f8cfa16f7d7a1L,
-        0x82013193d39a250eL,0x3b119882ca0fd8a8L,0xcff642ac1a438706L },
-      { 0xe4a3a95f65e5688cL,0xb2a6c836c31243d2L,0x1b7ec5d2194d1f42L,
-        0x51ab34f814e4f7a2L,0xa3e3f135d3583ca0L,0xbca6ecbade9b91f2L } },
-    /* 35 << 133 */
-    { { 0xc85820c3002f07caL,0x090365320e00dca7L,0x0f3b3166f4e4d8c2L,
-        0xe694eb4479460f00L,0x50d0ed14c15e04ecL,0x8c9998abcc86e3bcL },
-      { 0xb82581624aefa561L,0x6351aca610050c0eL,0x4e60399acc8d2342L,
-        0x96da3af7f633dc88L,0x1af763ec09202348L,0x76b0e49d3f0d5f76L } },
-    /* 36 << 133 */
-    { { 0xd83f574a08f84746L,0x48fc9715ca07f5f8L,0xb3d5d0d2dcc51638L,
-        0xc2a5e3356153bdcdL,0x8242cd9a8aa4ef74L,0xe71ba25b0bdaa0d0L },
-      { 0x4342d4bba4ff172dL,0x81db10dffc1341a2L,0xdd93dd877dacb140L,
-        0x6f8a4e81d12d347fL,0x0d4e7e461bc369beL,0x3ce10a771fafd0c5L } },
-    /* 37 << 133 */
-    { { 0x2fdaa3bb8cb896a3L,0x2fb82dfd913bb303L,0x5d814a50ba9ca09aL,
-        0xc3de6aa426112215L,0xd0d5c98b25a0c9fdL,0x54004b3e0eaae4a8L },
-      { 0x410e2cc209358663L,0xf7e3d08a501c4ef5L,0x3d86434dd334aa19L,
-        0xf70ea577772fc0cdL,0xa0eded5aa607c4f2L,0xba0bf1bc36222b2dL } },
-    /* 38 << 133 */
-    { { 0x8d901e759632c4d6L,0x0ed9a7ebbbd94698L,0xfd2169dbbf7bcbc1L,
-        0x2b4d168d5b302c66L,0xd42f9dd73e65f24dL,0x73e0c22c0eed0022L },
-      { 0xf9091588f5d2dcfbL,0x81c7c01eb8715b78L,0x2be06165dde6a9d6L,
-        0x64b5902dcacd6ca2L,0xdcd510d70159d3bcL,0x5b71995b42b5e30aL } },
-    /* 39 << 133 */
-    { { 0xa9c474eae7a211edL,0xc7bcdd20d8170f76L,0xd9aa8d9734a15487L,
-        0x26235292933c16b6L,0x289d47d5d8238fc0L,0x39f10fb3ae27ca16L },
-      { 0x822e187f1c016ae1L,0x8e93b15f2be46859L,0xe2ba61a60b0a055bL,
-        0xd8f33ddecb8de893L,0x016652d6379657efL,0xf4eb08f9e7d9eab8L } },
-    /* 40 << 133 */
-    { { 0x5559dd31e67145b6L,0xf2d905b45b2427e7L,0x0d840fabcaf57d0cL,
-        0x9625866578742ab6L,0xc85482ad409c1c8eL,0xdca2a058adaa6167L },
-      { 0xec26ad9a0c8885fdL,0x1b93b8a22a600cb2L,0x340aa7fc2539986bL,
-        0xd7674876a23dee41L,0xa948a9292e1a9837L,0x9ae67d2a71438da9L } },
-    /* 41 << 133 */
-    { { 0xe753114a8d6a98f5L,0xb2d7d1e1f6ad93e4L,0xfbcfe0cf1935714dL,
-        0x9dc2d293e859e729L,0x674c170889a703f2L,0x87744b0252063099L },
-      { 0xa1721de04b25966bL,0x059292573a285fcaL,0x5b02ca39e8ce75e0L,
-        0xbfdf0fb939e57da4L,0x554378cd6388a964L,0xc53fc5c8f853d7faL } },
-    /* 42 << 133 */
-    { { 0xcd3b60e352f51554L,0x6292fafab44ad7eeL,0x670561c79513741fL,
-        0x95defdf3b9ba16a7L,0x6c0beac1adae36cdL,0xef05c24a3e8aabd6L },
-      { 0x74208a02b23efc25L,0x71930e02c22172d1L,0xbdb1f1c6f5ccbffbL,
-        0x358b483c504d9cb3L,0x48b5887a9a48a4baL,0x289256b4e48f09e7L } },
-    /* 43 << 133 */
-    { { 0x671bf1eebc2f256aL,0x530faa653984ca7eL,0x0a6d18955c05da6eL,
-        0x219de918118fe96cL,0x289b9645bb7eded4L,0xe905c4729588f006L },
-      { 0x56d0cd9ac9d61133L,0x8879550079a4f743L,0xd05e910199c2aff3L,
-        0x7e91f7c985e52c8bL,0x7fd02f83b5c5d473L,0x4b43b6453c59330aL } },
-    /* 44 << 133 */
-    { { 0xeac6f447d56bdf1fL,0xb22e8425c2b502ffL,0xe1cc9d3dfca5a501L,
-        0x8192bc29b64baf39L,0xeb2c901a52ce849eL,0x7f5f38b11dd506f1L },
-      { 0xfb3684b10f0a1d68L,0x16c4aacde9240ff8L,0xffa682435a4d8995L,
-        0x27264ab554e4c95dL,0x9aa40cdc4f34ffaaL,0xcb8a30a35fd818eeL } },
-    /* 45 << 133 */
-    { { 0x912f0a7dfa88792fL,0x2ad9249f5090716eL,0x4b828a6fb96e6e31L,
-        0xe805f0588d7f2095L,0x72e95cb956e00978L,0xc95354667651815fL },
-      { 0xc877181a08df5b53L,0xae055dd8779c3302L,0x3f9e6dd90b4e68d2L,
-        0xdeb15f1308fbb2f8L,0x5f129c1cc5802a96L,0x7482e4af3cc51022L } },
-    /* 46 << 133 */
-    { { 0x98904777ab695f56L,0x6dc472c18989e518L,0x6749d25c82031d40L,
-        0x5c465922c36202f1L,0xb3b5b9aff31fe542L,0x855263bdf98bc09dL },
-      { 0x40ee01747eb4789fL,0xd64ae0d4de4e92bcL,0xbaea76a38995e69fL,
-        0x3f22b2e3d972751eL,0x5a197daa2461f1b4L,0xbd15682a5097b93eL } },
-    /* 47 << 133 */
-    { { 0x7f251143534f8547L,0x213baf14222a161aL,0xae993737ad1e6005L,
-        0xdc70867ff8b1cc7eL,0x41e880f3bb22e11bL,0xe36f54cbd2d6bc45L },
-      { 0xa42e819d4d65ae97L,0xdc57be4de8592604L,0x8a89777fabe73b50L,
-        0x435fedec72e26f5bL,0xe8d3cd8251ec79f0L,0x9574d6ea67f407b0L } },
-    /* 48 << 133 */
-    { { 0x39038863f7f35053L,0x421a17f3328787d2L,0x38aa682ef3d8310fL,
-        0xb52d41e8f4123153L,0x4fbef3dd7026310bL,0x0c6bd7adf6ff5692L },
-      { 0x3831c6b2a9be5d0cL,0xb5c9ae85e8d328b8L,0x76d26abc6516bba4L,
-        0xc237f9a5446d35a8L,0xb2b16c0ff012a8d0L,0xddf2b7fe0ee0315bL } },
-    /* 49 << 133 */
-    { { 0xf401366a7dd4243fL,0x7db92881f434ba76L,0x5b5bacd737ffc502L,
-        0xa53fe0e802cb994eL,0xf6db539ffb00cb96L,0x0bb288b379878966L },
-      { 0x275c108c0c3d4b7fL,0xe57222d267236ba2L,0xc754d31890683aa1L,
-        0x883a41ef2345460fL,0x8e6b7ce8b572fd14L,0x7649c29237d21925L } },
-    /* 50 << 133 */
-    { { 0x46302515c4af281fL,0xe2a9633c3513ea87L,0x1175276fb3e96864L,
-        0xda377e32f4ed1228L,0xacf223a1fa6be904L,0xf442c41abc01057bL },
-      { 0x83d766c38a69db33L,0x933dd0974cef397cL,0x094b21b575fe43cdL,
-        0xf16ee57ab3141dd5L,0x4a8d0d6cb981d196L,0x6bd246c3730075deL } },
-    /* 51 << 133 */
-    { { 0xd9ae9faa91eab3f7L,0x8520bebba2bcdfc1L,0xc681d5a0ee94353aL,
-        0x980871dd316ee7acL,0x7d70b82bcb401c4eL,0x150706c1bc6885efL },
-      { 0x11709bbed3d8663aL,0xad69df943ace1806L,0xf889daef1a36f12cL,
-        0x6ba376b2560bb749L,0x5342cd7a0d95f8b9L,0x5d14201273b4554aL } },
-    /* 52 << 133 */
-    { { 0xbb85b640056ad6c2L,0x7c51ef96ac074372L,0x1c7ce31cf10b43fcL,
-        0x08e4101b26f4d3a4L,0xd18511c43968459fL,0x00e20c3fd6d07839L },
-      { 0xd5bcd598e4fcdc11L,0x99e9a4d0c877f6a2L,0x9c5dd9d0bd491646L,
-        0x83918f609bfd7a1aL,0x4bc130cd7e2b95a3L,0x668825fbfbc31c83L } },
-    /* 53 << 133 */
-    { { 0x7e8947bd5568b75cL,0x43419ecbdab8f822L,0xeb52a83a7b8fa996L,
-        0xbc674ff32d1a32c6L,0xdc086f84ce405eeaL,0xebe3e087f8918ddfL },
-      { 0x476099ecdb152bc4L,0x0cb491c52d3718c3L,0xa7c49cd69da8517fL,
-        0xc736fcf51ab8fbadL,0xa00b403ba24fe115L,0x01f6e5bfd976f549L } },
-    /* 54 << 133 */
-    { { 0xef8e12edf15ad86eL,0x216be9828c20441dL,0x10ccd4f85c45e821L,
-        0x8a12f6037c9745e9L,0x56212b09da6f1b2fL,0x5a81d69338115f05L },
-      { 0x5aead3330a4405a8L,0x7024a76c03221eddL,0x9c101d0250e6a610L,
-        0x6bcb22ffc1b6d54aL,0xf96cef62cf787e89L,0x9c9bde7b79341d83L } },
-    /* 55 << 133 */
-    { { 0xe9c61fa744058dc9L,0x59efcc8f1581d690L,0x1ea73467513aba4bL,
-        0xf0fda8a69d03d72aL,0xcc1f3f22c6f30a01L,0xb632daa3ddf8dea8L },
-      { 0x58563188fe8e2f89L,0xf053b9f67b45cf5eL,0x1ab51b07f9bda4b1L,
-        0x37850e9789dc0050L,0x1bf5e41e8f6a1daaL,0x4abb4f82d94c0fd8L } },
-    /* 56 << 133 */
-    { { 0x817d77b106a9ad54L,0x3a999d7d89a25ecaL,0xd3ac4107da68b768L,
-        0x6904bcddbebc4c4dL,0xb0d2103ca53d39e9L,0xdba86bd230a5e950L },
-      { 0xb09256804f52208eL,0x37c3156a28495b2cL,0x2389ab34c15855aeL,
-        0xc14dfd963017194fL,0x420e07191146b838L,0x1a9f909b8fb4b6fcL } },
-    /* 57 << 133 */
-    { { 0x73af3d1fa24985f4L,0x4fa27db444a1f9a8L,0x6deb02455cfbfa45L,
-        0x4803e0342813c996L,0x24715fe80e4116ddL,0xa2e8258d38d8e902L },
-      { 0x3321e112dd7d8ebfL,0xab8d5b2b272ee6a4L,0x2994fac34eb10fd9L,
-        0xe007d0a4a9c611ccL,0x29db5aa974d194e3L,0x9e76e3ddcf7409b9L } },
-    /* 58 << 133 */
-    { { 0xf12a3eeab577f6b9L,0xe666e002b6db2206L,0x95aa0d03375229b4L,
-        0xebd05140ef0772beL,0x9d5b5e9e48580b17L,0x960906b3a77ceceeL },
-      { 0xca869663e50422f8L,0x150e844199d481b2L,0xadd97d7c3418b00dL,
-        0x9908a23e68244f02L,0x5357ea61d3eac131L,0x0af5423d9778902dL } },
-    /* 59 << 133 */
-    { { 0x11aa3582d8e62251L,0x108ec170aa1560a5L,0x8423663e2b5b6ea9L,
-        0x3f4ad292d8718329L,0xf8e3e7bd04f8daadL,0xed310c3a11b81211L },
-      { 0x718db302edac9282L,0x7866f1c1e434544bL,0x1052133c568b195aL,
-        0x8ca61965c0e37cbbL,0xdd28fbd32cfac1c2L,0xf4062b33dce29660L } },
-    /* 60 << 133 */
-    { { 0x2926ef17dd63404dL,0x0e89c4d41399cc68L,0x6507fedef7ec20b8L,
-        0x1ac084ff88c751d6L,0x31bc08bedefe29e6L,0xd42199714f0692c5L },
-      { 0x4d6ee74236069bc0L,0x3868ef6aff80f3d7L,0x6df02d7c5a9c6f4bL,
-        0x2c3096bb101abf69L,0x0c2b01ec8eaacaebL,0x65914c20eb2e687aL } },
-    /* 61 << 133 */
-    { { 0x78d5ab7b34a8173eL,0xa34b72ac9230c3b2L,0x379453e13538b39dL,
-        0x1764c4420f3789b0L,0x5b4bbe77a3f2ba4eL,0x3bd35b796f86338dL },
-      { 0xf2fcdf04f02fa7e3L,0x6b4522f420d23feaL,0x966fb8fa01be16a5L,
-        0xf2a56e96e0d705feL,0x494aa4553872e429L,0x68432d9181921587L } },
-    /* 62 << 133 */
-    { { 0x0ae47d1e3dba277aL,0x54607ac99832d90cL,0xd4cec32eecbcdeacL,
-        0xe54b3033b9ccdfa9L,0x5b3a8a56fb920449L,0x831ec8f955eefd3aL },
-      { 0x59ba32a3a02dca96L,0xb421e4b01decf837L,0x52e70a88a88636d2L,
-        0x3b75ed073086667eL,0x7a4a46b3b877cd6bL,0x3825c80b59c99207L } },
-    /* 63 << 133 */
-    { { 0x3bc3f0e069bdc53fL,0x7e0bd730d9d7def4L,0x71a577e6844ede6bL,
-        0x06d47f4981705712L,0x83bdb1a6ef108ea6L,0x853a3ce0c8a8ff41L },
-      { 0xa6f114b8f408ec44L,0xe0ce4267e2d72d33L,0x405f6ddda2a0b613L,
-        0x22ce3daa8d253ad3L,0x2fd738094aa1de25L,0x28a2001b27363597L } },
-    /* 64 << 133 */
-    { { 0x13722ab079ed523aL,0x33b29bec249d5624L,0xd3d0f467f76fdaf7L,
-        0x7ce072f912ddfd9aL,0xce918a5747bdefd3L,0x14d38ab4750e5315L },
-      { 0x08bbb20e3346f647L,0x428b917f05b26894L,0xc8fb5c21ca865ba6L,
-        0xee6e41e02e6e8e6fL,0xd00ae6214c608b60L,0x659756396ff685cdL } },
-    /* 0 << 140 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 140 */
-    { { 0xbbccce39a368eff6L,0xd8caabdf8ceb5c43L,0x9eae35a5d2252fdaL,
-        0xa8f4f20954e7dd49L,0xa56d72a6295100fdL,0x20fc1fe856767727L },
-      { 0xbf60b2480bbaa5abL,0xa4f3ce5a313911f2L,0xc2a67ad4b93dab9cL,
-        0x18cd0ed022d71f39L,0x04380c425f304db2L,0x26420cbb6729c821L } },
-    /* 2 << 140 */
-    { { 0xca07923c0eb008c8L,0xab79402d9985912eL,0x41e379e83cb02510L,
-        0xfabac005beb383efL,0x24d12d9a1076dd0dL,0x95afd46fb208f127L },
-      { 0x9cc38a60b1031e46L,0x93e21e977009f6bcL,0x6f6360d98ac219efL,
-        0x1edaab3faf284c80L,0x9c3b5281019e366aL,0x6475c579bc9e9726L } },
-    /* 3 << 140 */
-    { { 0x26bd07d6bdfbcae8L,0x10b5173fdf01a80aL,0xd831c5466798b96cL,
-        0x1d6b41081d3f3859L,0x501d38ec991b9ec7L,0x26319283d78431a9L },
-      { 0x8b85baf7118b343cL,0x4696cddd58def7d0L,0xefc7c1107acdcf58L,
-        0xd9af415c848d5842L,0x6b5a06bc0ac7fdacL,0x7d623e0da344319bL } },
-    /* 4 << 140 */
-    { { 0x8410d8298d85a25aL,0x48ee01354af81a14L,0xae460d0d18c25348L,
-        0x5d0279a07eb035a3L,0x87e7c1289a114414L,0x17c08a8ec0744f79L },
-      { 0xb7b2b4f1025cdbe3L,0x9a74f15d82d1af60L,0x124a7395b51ee685L,
-        0xf2937c4bf6122422L,0xb4ec133207f1a7ffL,0xad801112f886032eL } },
-    /* 5 << 140 */
-    { { 0x4c0d78060c9d3547L,0x993f048dcf2aed47L,0x5217c453e4b57e22L,
-        0xb4669e35f4172b28L,0x509a3cd049f999f8L,0xd19f863287c69d41L },
-      { 0xe14d01e84c8fded0L,0x342880fdeafd9e1cL,0x0e17bff270dc2bf0L,
-        0x46560b7bc0186400L,0xe28c7b9c49a4dd34L,0x182119160f325d06L } },
-    /* 6 << 140 */
-    { { 0xdd4eb3d07bb5346eL,0x9a46ad01382e7db7L,0x1200285ddc1973c7L,
-        0xfd342beaa0046b98L,0xd19173491219a7fcL,0x5383d319b7caffe5L },
-      { 0xea5a0c4e2e0fa118L,0x1cc2de3ca5457b28L,0x5b2a16dc6046eeeaL,
-        0x1755e1fecc8e64b1L,0x51e4946e9e7faddaL,0xf805422ffcbf4ec2L } },
-    /* 7 << 140 */
-    { { 0x46d70888d7e02e18L,0x7c806954d9f11fd9L,0xe4948fca4fbea271L,
-        0x7d6c7765bd80a9dfL,0x1b470ea6f3871c71L,0xd62de2448330a570L },
-      { 0xdaecddc1c659c3a7L,0x8621e513077f7afcL,0x56c7cd84caeeef13L,
-        0xc60c910fc685a356L,0xe68bc5c59dd93ddcL,0xd904e89ffeb64895L } },
-    /* 8 << 140 */
-    { { 0xf877e8c6bd08ffafL,0x24718fefaf23012fL,0x19ff269f2b004cfeL,
-        0x8adc5d7795450f8bL,0x688ce8bce2a7d458L,0x74d7445b97bd7fdcL },
-      { 0x1b9f4ad641e6abadL,0x6652ed05f00e4bf5L,0xabee1f7e71d83d86L,
-        0xe693c76d25ffc219L,0x1c9a84afc873f553L,0x84d2718766d77a55L } },
-    /* 9 << 140 */
-    { { 0x75d874fb8ba7917aL,0x18fa7f53fd043bd4L,0x212a0ad71fc3979eL,
-        0x5703a7d95d6eac0eL,0x222f7188017dead5L,0x1ec687b70f6c1817L },
-      { 0x23412fc3238bacb6L,0xb85d70e954ced154L,0xd4e06722bda674d0L,
-        0x3ea5f17836f5a0c2L,0x7e7d79cff5c6d2caL,0x1fff94643dbb3c73L } },
-    /* 10 << 140 */
-    { { 0xe566dc057e5f7121L,0xccac74e22ed07bc3L,0xaabfdfcdc70401b4L,
-        0xac9fc4496254e0dbL,0x358d885f11c7de05L,0xb8e6a4a9d60772b4L },
-      { 0x884272a5cfe917ceL,0xdfbe98689a3d347aL,0x06b90848c9d1baccL,
-        0xc4ccedb6db8c6288L,0x892878b979e5683eL,0x1b521829243273e3L } },
-    /* 11 << 140 */
-    { { 0x916e19d0f163e4a8L,0x1e6740e71489df17L,0x1eaf9723339f3a47L,
-        0x22f0ed1a124b8dadL,0x39c9166c49c3dd04L,0x628e7fd4ce1e9accL },
-      { 0x124ddf2740031676L,0x002569391eddb9beL,0xd39e25e7d360b0daL,
-        0x6e3015a84aa6c4c9L,0xc6a2f643623eda09L,0xbeff2d1250aa99fbL } },
-    /* 12 << 140 */
-    { { 0x099369c4bf0c6fbeL,0x976f78b2fe7d5727L,0x32feb503d18267a9L,
-        0x162c41501a7dd0feL,0x3141e37726b8e969L,0x50497a643b53a94aL },
-      { 0x96159f41607b4cfcL,0x1999b7042f111babL,0x3254987c760f2eaeL,
-        0x5308075b841014faL,0xc634127e4e7adad8L,0x32a70a6059ffbfe6L } },
-    /* 13 << 140 */
-    { { 0x1feef7ce93ee8089L,0xc6b180bc252dd7bdL,0xa16fb20b1788f051L,
-        0xd86fd392e046ed39L,0xda0a36119378ce1dL,0x121ef3e7a5f7a61dL },
-      { 0x94d2206192d13caeL,0x5076046a77c72e08L,0xf18bc2337d2308b9L,
-        0x004db3c517f977b1L,0xd05ae3990471c11dL,0x86a2a55785cd1726L } },
-    /* 14 << 140 */
-    { { 0x7279c369a1f857e6L,0x029d30ef27fb373aL,0xe82cbc806827358bL,
-        0x2bfe09aaa18f57abL,0x63bf3145e5503492L,0x7ea15beafb28ee43L },
-      { 0x8e6d428f5eec91b8L,0x215e03e9611b1799L,0xb995737161d476deL,
-        0x2320c764e76726a5L,0xc5de88178e5e26f5L,0x24aae0699161e0b7L } },
-    /* 15 << 140 */
-    { { 0xb8d9b28672107804L,0xb5a7c4133303b79bL,0x927eef785fa37dedL,
-        0xa1c5cf1ead67dabaL,0xaa5e3fb27360e7c7L,0x8354e61a0a0c0993L },
-      { 0x2ec73af97f5458ccL,0xde4cb48848474325L,0x2dd134c77209bc69L,
-        0xb70c5567451a2abeL,0x2cd1b2008e293018L,0x15f8da7ad33c0d72L } },
-    /* 16 << 140 */
-    { { 0x5584cbb3893b9a2dL,0x820c660b00850c5dL,0x4126d8267df2d43dL,
-        0xdd5bbbf00109e801L,0x85b92ee338172f1cL,0x609d4f93f31430d9L },
-      { 0x1e059a07eadaf9d6L,0x70e6536c0f125fb0L,0xd6220751560f20e7L,
-        0xa59489ae7aaf3a9aL,0x7b70e2f664bae14eL,0x0dd0370176d08249L } },
-    /* 17 << 140 */
-    { { 0x5dc386d0a8790657L,0xa4fdf676bc4d88bbL,0x1b21f38f48bc6c49L,
-        0xcdcc7faa543a7003L,0xea97e7aa8c9cf72cL,0xa6b883f450d938a8L },
-      { 0x51936f3aa3a10f27L,0x0170785fdecc76bfL,0x7539ece1908c578aL,
-        0x5d9c8a8e0f3e8c25L,0x8681b43b9e4717a7L,0x94f42507a9d83e39L } },
-    /* 18 << 140 */
-    { { 0xaeac64c96f089b59L,0xecfdc92b65f9d762L,0xddde5024f750daffL,
-        0x82c01c1c0f707e73L,0xc70aa9d4ee20adb5L,0x27f6799dbeb0e60fL },
-      { 0x918ad262520aa514L,0x2bb1362f8d13eae0L,0x21b60b46a9d1d43bL,
-        0xf449e2d4767ab86eL,0xf42b09948a5a496eL,0x3b26006b853f2a3bL } },
-    /* 19 << 140 */
-    { { 0xbbe11ca8a55adde7L,0x39e6f5cf3bc0896bL,0x1447314e1d2d8d94L,
-        0x45b481255b012f8aL,0x41ad23fa08ad5283L,0x837243e241d13774L },
-      { 0x1fc0bd9dbadcaa46L,0x8df164ed26e84caeL,0x8ff70ec041017176L,
-        0x23ad4bce5c848ba7L,0x89246fde97a19cbbL,0xa5ef987b78397991L } },
-    /* 20 << 140 */
-    { { 0x364d5dfda6140b89L,0x30e4a48efdc9105dL,0x13f6276018a47151L,
-        0x18ad84cfa17a2853L,0x5f315c93988cb37bL,0x90f9cb701af64ce3L },
-      { 0x020c67db029b6ffdL,0x8989ccc62ce3528dL,0x9bb4f9844d00ee63L,
-        0x0b052413a70b4ca9L,0x7dee36dcc96b4a07L,0x226db70ea7888508L } },
-    /* 21 << 140 */
-    { { 0x111af1b74757964dL,0x1d25d351ddbbf258L,0x4161e7767d2b06d6L,
-        0x6efd26911cac0c5bL,0x633b95db211bfaebL,0x9bedfa5ae2bdf701L },
-      { 0xadac2b0b73e099c8L,0x436f0023bfb16bffL,0xb91b100230f55854L,
-        0xaf6a2097f4c6c8b7L,0x3ff65ced3ad7b3d9L,0x6fa2626f330e56dfL } },
-    /* 22 << 140 */
-    { { 0xcd9b76b6a92f4e61L,0xa464f5225a00d902L,0xb64774e68a583f92L,
-        0xc7dc2030bee842a8L,0x594743ea5d2f27ddL,0x4c0ed28ef3c54609L },
-      { 0xd763346d4b1dfb93L,0x8ea291dde1bed2eeL,0xf26d4adbd6d34ae1L,
-        0x74b8d24e54ea3529L,0xe20490e150062077L,0xf67b7a9092d6c19cL } },
-    /* 23 << 140 */
-    { { 0x3d28bf2dffccfd07L,0x0514f6ffd989603bL,0xb95196295514787aL,
-        0xa1848121c3db4e9cL,0x47fe2e392a3d4595L,0x506f5d8211b73ed4L },
-      { 0xa2257ae7a600d8bbL,0xd659dbd10f9f122cL,0xdb0fdc6764df160fL,
-        0xff3793397cb19690L,0xdf4366b898e72ec1L,0x97e72becdf437eb8L } },
-    /* 24 << 140 */
-    { { 0x67bf4c98e11df408L,0x8e105c66d299b156L,0xfde3922e901b63c7L,
-        0x7fd57218c184ac91L,0x6dd2ea5cebcdc105L,0x1c4956c0aef7653fL },
-      { 0xd6fac6429c1c11a1L,0xeda44f663d230d5dL,0xecca2241e6902ccbL,
-        0x85962a1f2700870fL,0xc5ca32c97864a291L,0xe55e974af6c8d3d9L } },
-    /* 25 << 140 */
-    { { 0x81dcea271c81e5d9L,0x7e1b6cda6717fc49L,0xaa36b3b511eae80dL,
-        0x1306687c3cd7cbb3L,0xed670235c4e89064L,0x9d3b000958a94760L },
-      { 0x5a64e158e6a6333cL,0x1a8b4a3649453203L,0xf1cad7241f77cc21L,
-        0x693ebb4b70518ef7L,0xfb47bd810f39c91aL,0xcfe63da2fa4bc64bL } },
-    /* 26 << 140 */
-    { { 0x0af51a2025f7b355L,0x35fc45d58d8081bfL,0x0cf3036d0ab30d16L,
-        0x2bd47f919109cf76L,0x8be09360ec7f12beL,0x99fc291be8dcdca9L },
-      { 0x385b89868135b12fL,0x272ac288f4ec52dcL,0xe7ca370cce09b043L,
-        0x94655816251f4c4eL,0x5c1dea972d40a755L,0xe8977234a4b10406L } },
-    /* 27 << 140 */
-    { { 0x82c1c684eaa66108L,0xe32262184cfe79fcL,0x3f28b72b849c720eL,
-        0x137fb3558fee1ca8L,0x4d18a9cde4f90c4eL,0xc0344227cc3e46faL },
-      { 0x4fd5c08e79cda392L,0x65db20db8adc87b5L,0x86f95d5b916c1b84L,
-        0x7eda387117bb2b7cL,0x18ccf7e7669a533bL,0x5e92421cecad0e06L } },
-    /* 28 << 140 */
-    { { 0x240fde37b21b2632L,0x6b878ae68ca0f16fL,0x072d9ded0bc32ebeL,
-        0x8c2552bc29840743L,0xb58327b003b34f8aL,0xa51598ea71dabbfdL },
-      { 0x337361f7d4f461c6L,0xae88972dda1de4b2L,0x9ec86d7ade7e8c2eL,
-        0x607de383f23f19e0L,0x0cb144c27d234103L,0x00878a228f0c3411L } },
-    /* 29 << 140 */
-    { { 0x26063e124174b08bL,0xe621d9be70de8e4dL,0xaea0fd0f5ecdf350L,
-        0x0d9f69e49c20e5c9L,0xd3dadeb90bbe2918L,0xd7b9b5db58aa2f71L },
-      { 0x7a971dd73364caf8L,0x702616a3c25d4be4L,0xa30f0fa1a9e30071L,
-        0x98ab24385573bc69L,0xcbc63cdf6fec2e22L,0x965f90edcc901b9bL } },
-    /* 30 << 140 */
-    { { 0x265f7236e22b29caL,0xe36c3c3daa62691aL,0x73410e6ed2e1bad1L,
-        0xa182a579a5743cecL,0x2ca67274c22b0453L,0xc698fe35546e52e6L },
-      { 0x60b3a519890e9155L,0x24312c3c2b91dbc3L,0xa6d45050282911d9L,
-        0x3781933efd249e1eL,0x2e0cbb93e26d023aL,0xfb479267bf27687aL } },
-    /* 31 << 140 */
-    { { 0xd53b592d71e15bb3L,0x1f03c0e98820e0d0L,0xce93947d3cccb726L,
-        0x2790fee01d547590L,0x4401d847c59cdd7aL,0x72d69120a926dd9dL },
-      { 0x38b8f21d4229f289L,0x9f412e407fe978afL,0xae07901bcdb59af1L,
-        0x1e6be5ebd1d4715eL,0x3715bd8b18c96befL,0x4b71f6e6e11b3798L } },
-    /* 32 << 140 */
-    { { 0xaff4782231cb94c9L,0xf1b5a0b7803c1af4L,0xbeb85f8d2ef696a9L,
-        0x8ce5baab4fa94fcaL,0x0a32f96200d41a43L,0x0f69ad5774f6e772L },
-      { 0xbe0221af6ccb5157L,0xcb83969a2a4f91ffL,0x78ff85d6a7e49f39L,
-        0x63006589cb5d3c63L,0xe8e4383596eb65f5L,0x79f59da9ff8adbdfL } },
-    /* 33 << 140 */
-    { { 0x3cc0df125df9b6ecL,0x3c18f44e286d6ef1L,0x55a3939e517d0f7dL,
-        0x42626a32607e97bbL,0x6168e7b2e26ad78aL,0xdcf8e74b9145583aL },
-      { 0xa7c541a52db84a71L,0x680532c7119210a6L,0x3252035d0a3315e5L,
-        0x06dc2d5befe7c8b6L,0x940175894e720570L,0xb16e635f2f6a3ec6L } },
-    /* 34 << 140 */
-    { { 0x0bd0ed3803e13ce1L,0x44a148bb5868069cL,0x2a79ab57aa5095e6L,
-        0x943416faffffcf22L,0x98434e8756a1365cL,0x2493315d196dc354L },
-      { 0x1f89d911b79a3a1eL,0x937140a841dfdd23L,0x05ad36e43b220b8bL,
-        0xff5e810333594e3aL,0x3119775f893edb80L,0x1fad811627eee584L } },
-    /* 35 << 140 */
-    { { 0x55c4377e204f30b9L,0x63550549a1ebd2bdL,0xdd86ee0c5e44f5f1L,
-        0x8b9d1d9b5d84d999L,0x9ea95a58dda7a075L,0xa465b4a50977e81fL },
-      { 0xcb491e5558421fadL,0x4617f31c280709d6L,0x5e2751c382e0195dL,
-        0x698155856f8eefd1L,0x6702166cd16dc160L,0xfc14545c84c85b2fL } },
-    /* 36 << 140 */
-    { { 0x27c961f6e8fc35abL,0x1e0c26923a596fe7L,0xc75c7cb804351be8L,
-        0xfb92bfeb1c425d80L,0xb01d1c909f0bde61L,0x273d1f0c512f7817L },
-      { 0x4375000df0d71796L,0xc1655874cf53d529L,0xe157b358abddc21cL,
-        0xb0f91e3e40cedc30L,0x48e26c7272260452L,0x9794a6bf0713f667L } },
-    /* 37 << 140 */
-    { { 0x78befaede72c6f0dL,0xc80584210bb2a3ceL,0xcee67a5d52748e21L,
-        0x08d4a9e8de8ed124L,0xc0393271b5fb9514L,0x39b1df6b20942000L },
-      { 0x831fd8cfc3d961afL,0x1bb097e3e752daceL,0x279b3924cf2c8143L,
-        0xa9f8a939b8f5cad9L,0x2b566813bfb8009cL,0xab37ee1df58f0927L } },
-    /* 38 << 140 */
-    { { 0xc17f21f5134d8bd8L,0xc75fc638a90a9a1aL,0x032a6f382a22527bL,
-        0x3c77a72bd20fefb2L,0x559d8a52196e2921L,0x760a3a2c9afcb6caL },
-      { 0xa3bf5802f162d871L,0xb6b367a5c594d2adL,0x4d440c523daa48dbL,
-        0xb2a8acafd5b2c18aL,0x50d85d6adc349ddaL,0x3c2e67718a707475L } },
-    /* 39 << 140 */
-    { { 0x8254a39d5e1656cdL,0xff457dcaa595e153L,0xf0ddc1936bf62398L,
-        0x45e1f91a558f9337L,0x8a424d9d91480b33L,0x019f0a412bf61189L },
-      { 0x66badaa6d49e7b98L,0xb0674512dad636faL,0xc767eceff4c49695L,
-        0xbe16e6b5ddc80ea0L,0x2bd0bb87febd1ba6L,0x69c9f485fe60eb32L } },
-    /* 40 << 140 */
-    { { 0x08cf7d82bff4b684L,0x6abbf429ac4a9329L,0x2454c15ab0c8e0ffL,
-        0x4782035a70bdb03dL,0x89ff6a41448199cdL,0x07969c9ffd0bf1e5L },
-      { 0x19d1cc6a83406dc9L,0x4054cab9b4980267L,0xf0f5594e1887d258L,
-        0x039249e4e09dd987L,0x2b0cd4f9857ddb1eL,0x54ceb29fd8418075L } },
-    /* 41 << 140 */
-    { { 0x562693d30843729fL,0xd703202122648488L,0xd7c40e82ec6d0799L,
-        0x8eacb2496eb6fb6bL,0xddf7074885a5ec47L,0xd70524bf891d5de5L },
-      { 0x4d17c237c4d01055L,0x4793c6e4b4203cc0L,0xf247d0df1d1bf37aL,
-        0x406994fa93b007feL,0x4062c29902940092L,0xedc0d949f558c1e8L } },
-    /* 42 << 140 */
-    { { 0x9fb3630606ab1fc5L,0x2726c1acc0de4e26L,0x8b2fb5130ec7b070L,
-        0xf3581a6907bacd4aL,0x97db622c164bf5a5L,0x8103517962327e3eL },
-      { 0xad3637b0b1d635c2L,0xb894adf949832ec3L,0x0ab5381725685b12L,
-        0x73ceb46069720ce8L,0xdbd1b68ef5e445dfL,0x57659059c8961eb8L } },
-    /* 43 << 140 */
-    { { 0xbd1272a5f73a7cfcL,0x30d3c078de0828e1L,0x5dc0244e1a8f36a1L,
-        0x87c80cdf585ec2acL,0x46c88d277944584cL,0x588d14d8b2dbe1a9L },
-      { 0xb42327a7afe7d55aL,0x58add8f98775409eL,0xa45db2fd10590c68L,
-        0xb98e10bca972b84dL,0xbf5c0ee0a737aeb6L,0x26424f3def199fa1L } },
-    /* 44 << 140 */
-    { { 0xb7bb774603c4cd27L,0x5bfe638ad9723678L,0x47d8b4c24a04d064L,
-        0xdba309383faa45d7L,0xb0fb4308b39dd043L,0x5eeaa33f23ebfa1dL },
-      { 0xaa5a0ce0ba100837L,0xae025cf6d7667d17L,0x610baf5df480cf99L,
-        0x8ba0039ead025771L,0x0ff4f75174785f24L,0x910736ef8b7c30b7L } },
-    /* 45 << 140 */
-    { { 0x0496b77ac04b7e7fL,0x6f7ea5bbdf8163a1L,0x87a8e8f18f415876L,
-        0x6e5b6f2e3ee22085L,0x5ae860ca6f529471L,0xc54c8667eb624447L },
-      { 0xdd06be3de1c7766aL,0x8a8e48ecd2189d23L,0xa4076d3564245444L,
-        0xc4973a5deb651a4bL,0x3b3e2fd52c4f2747L,0xe9a16a24abde2ecbL } },
-    /* 46 << 140 */
-    { { 0xb7f146b890973714L,0x2277873f288ed67fL,0xe6da9d9ee5182317L,
-        0xa446f9d3562475b3L,0xc5291f9756755d91L,0xe762c5f3c104c2b6L },
-      { 0x542f90b3dde83d53L,0x758aaddddace5f42L,0x1c8b9775e673f002L,
-        0x8899c11f74ec42bdL,0xfd9e300a2dbc0dedL,0x6de1c8e4d281f6adL } },
-    /* 47 << 140 */
-    { { 0x5ddafb1b2a2f98cbL,0x8dc2bdc429ec504fL,0x27c51b3cc9f43826L,
-        0xcfd609fccacf5becL,0x642ff85c30dd9f71L,0xcab498e5b6b00ffdL },
-      { 0x9c7ef286652ca743L,0xda291ae0ab95d7aeL,0xe6f4d2badfbff466L,
-        0x34afffef9835d482L,0x41a2cfc050db295cL,0x51a08859e6ee400eL } },
-    /* 48 << 140 */
-    { { 0xf6fd26cc487925bdL,0xd9b751eef5ef44e9L,0x694a788be372817eL,
-        0x85f3dc1ae8c90c31L,0x8c90c6bf15aa0ce5L,0xb52a5d83f01bb223L },
-      { 0xbdae01dddf9c3315L,0x941fa6b663ddfc56L,0x50ddff4ec2548f24L,
-        0x54a49868d12802a7L,0xcd922fb6404d9240L,0x88d7f41f957f6d1aL } },
-    /* 49 << 140 */
-    { { 0xbfd0a17e4c4c87cdL,0xc6c76ebb10b614bfL,0x721d8b4fd1c594a9L,
-        0x1ff70b2daff65d09L,0x2698f57ce50ad026L,0xf4ac3f5627a92e38L },
-      { 0x1114d3392c143ba0L,0x7fafa6b97f8e9b0bL,0x506f11edd82a2500L,
-        0x4df1087fe0ad9ca2L,0x85509ad9fdfecaa2L,0x733c4f8293bd022dL } },
-    /* 50 << 140 */
-    { { 0x3b9de3494233d6cdL,0x9a360917a8f55d63L,0xbe79cdfd90662136L,
-        0xbb3d8fd7cbf3f02aL,0x5d0d4eb81d61e485L,0x85b485215484cd65L },
-      { 0x77580c810fc5cbb1L,0x4b36441bd8e70ff2L,0x50ccdec1b2107a8bL,
-        0x6b7f97c945a45893L,0xb818859b9572a173L,0x864dc632d94bd9beL } },
-    /* 51 << 140 */
-    { { 0x13bb6b113fee0074L,0x4c02520ed1059617L,0x5beb793ccf71f07aL,
-        0x15a8d28d46d4c54bL,0x9889a8948b89fab6L,0xd00fdcb492623b75L },
-      { 0x1c7963572939a84cL,0x4b85d94d6221a244L,0xcc66b5bad1fd506dL,
-        0x866271042a06ca91L,0x4295fc6a49bb18c1L,0x05a81eea341d93e4L } },
-    /* 52 << 140 */
-    { { 0x895dbf20df8111ccL,0xec8297be2906fb2aL,0x4ddd6f22b94c3f53L,
-        0xec55cc738ecbd552L,0x549d3145ef343a0bL,0x9b19220c3b4858d8L },
-      { 0xd5bbf954bd0c2f11L,0x9cacae0cce8c221fL,0x87e6cbc1f6a3dbc5L,
-        0x7ce5c9b6e37ebcb2L,0x654339ef50eb3c8fL,0xeac7f343f3674f55L } },
-    /* 53 << 140 */
-    { { 0x723969a3dd8d5580L,0x4f6dd5c4a30edd79L,0x5b29f3f5a4d7ed53L,
-        0xe17a12bd11869af9L,0x63d01e02dc4c4c1cL,0xb43b904466a691e9L },
-      { 0xab58d45ad1bbbcbeL,0x1e9b166322e8a57bL,0x88b6d3bb6684cdd9L,
-        0xb944dee1ddaf3976L,0x70a4a121c347c41fL,0x7e93fa26fd1c217fL } },
-    /* 54 << 140 */
-    { { 0x5df68a1b584da350L,0xf378c367d72cd093L,0x5908ac0033dc31a6L,
-        0x89bb976b7ca65b9cL,0xefdadfe237dcf670L,0xce22b5ba0011f3e7L },
-      { 0x94d2c115b7d27bc7L,0x2e6763498761afbfL,0x3c0477829eb8185fL,
-        0x634c8c5531f7635fL,0xf8fb5494d4d0fc53L,0x5a905615530ee2c3L } },
-    /* 55 << 140 */
-    { { 0xd28e59a0940c9809L,0xc208ae4f01b9f39fL,0xae1cb420b3630002L,
-        0x739950501289d72bL,0xec24392805fcbd8eL,0x5b592df51f843891L },
-      { 0x0d7602303f59f374L,0x32b6e643cae9f3ecL,0x94a25696e3dcc436L,
-        0x657ae6aa8a059dadL,0x0df91017edd1505eL,0xfb1ae06f7b518d81L } },
-    /* 56 << 140 */
-    { { 0xf5bd119ad84c8a53L,0x36c5410f26928a6dL,0xf340f2bc0eb42b83L,
-        0x8d93a66cffeffe84L,0xff59141d64310b9eL,0x2d509d7aaf69e00fL },
-      { 0xf0f034ae1390628dL,0xf9089c720c38b563L,0x7462988e4e8df0daL,
-        0xe6041dcaa7985905L,0x86295326d3b7274cL,0x5c8bf249075aa31aL } },
-    /* 57 << 140 */
-    { { 0xb08d098b9e423b93L,0x8ae94622029d192bL,0x05335f68fd67f1c4L,
-        0xf3cb831f6e8c1e57L,0xf84a7a54a50a776bL,0x99930a48dc49c28bL },
-      { 0xdac2ef8f1b833418L,0x87a4ca7829fda2f2L,0xf47f23079c0e9e7bL,
-        0xebc1c2de46aeb3c7L,0x544f76836408bfc4L,0xa01b094b86c6cd44L } },
-    /* 58 << 140 */
-    { { 0x8e81bd1c06841f10L,0x3fc24a346c045063L,0xbb2be2dc85bc7ebfL,
-        0x32523efbc341fe12L,0x1ac9f6b116508a41L,0xb6b7fa1df6ac4426L },
-      { 0x2614c995fb685157L,0xe452b94dace46bbcL,0xccda1adabc453b4aL,
-        0x32d32574fb4fac48L,0x7e43920c9d7d90fdL,0x9d6e959417a08456L } },
-    /* 59 << 140 */
-    { { 0x2c90f95bdb1f005dL,0x801089a2e16444a3L,0x2f2944ed7a724ad8L,
-        0x0dfdd065de135e95L,0x510ab3eaafed3817L,0xdba075380855fbb5L },
-      { 0x905f78bda10dde49L,0x63786348956a4057L,0x3d420ff0441530aeL,
-        0x7a9968bfd1488ff0L,0x97479bfbca4dce2eL,0xf371985356f76255L } },
-    /* 60 << 140 */
-    { { 0x8102fa85bbda55a7L,0x6cbafe0de96c5eb3L,0x517720eb26aa52c7L,
-        0x0ee110a98c030e47L,0x5a058569d4afe2c1L,0x29965b44262bbc0dL },
-      { 0xda017ec04996daf5L,0x1781e7b84dfb810cL,0xdbe148350c8a5cf6L,
-        0xd151055dd92ff62eL,0x5e4f48ba2932a708L,0x77e163d95f28bb43L } },
-    /* 61 << 140 */
-    { { 0xf6c5998c48bc9bc9L,0xb25ae99e2db132d7L,0x17f29131fb934e7dL,
-        0x31b96a79d7fb5430L,0x3fad00391971cabaL,0x7f809e56cf3d5e33L },
-      { 0x1a4f705a9ede6055L,0x3cab6c6149c2d054L,0xb616adc47945b589L,
-        0x842b8652f342ee03L,0xa22fc6a67bc36a4eL,0xffdfee262c89a4fbL } },
-    /* 62 << 140 */
-    { { 0xac6b2727dab13b10L,0x8b4fa7807351ac35L,0x48243c245692808aL,
-        0x724897f01fbc5d24L,0xb635fe5e2c69bd93L,0xab26453338d5d5b2L },
-      { 0x368b2c07bc578c97L,0x94e02c9226fecf25L,0x768de4d41f473908L,
-        0x58feaadee445d405L,0x1f1380d6e42a2218L,0x2904b4542154dd5eL } },
-    /* 63 << 140 */
-    { { 0x4e28b938ca2ec0f3L,0xd4af48d795b1c113L,0x33ffb9c222f2275aL,
-        0x2a734af97b57b2e0L,0x1555ba38d08a45d3L,0xd0cae6c57a05837cL },
-      { 0xed04c869c4e78884L,0xa7ba74726f3d56d3L,0xdb7b831ef6d68485L,
-        0x225798677e7d0a4dL,0xd2d702a94c3eef8cL,0xdaba503869a83e29L } },
-    /* 64 << 140 */
-    { { 0x082ea61d10eeed24L,0x7c9d5ade143fd59dL,0x7d33df962e54f5cfL,
-        0x340b0d36e39dc6abL,0xd97a8b848d179b13L,0x88184bb0288d388cL },
-      { 0x2237e507e116ae6dL,0x3e97b063211b2cf0L,0x645f8bcb42be7459L,
-        0xce2b0f54de2176b6L,0xaf570a09d1e2f09cL,0x110adf5657fdc001L } },
-    /* 0 << 147 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 147 */
-    { { 0x158bfe27bcb6db29L,0x967212410054d963L,0xf07b153b8e71aca1L,
-        0x5e67698171b11643L,0x77b7dd7dd04e2f90L,0x07814aa6f0dcf109L },
-      { 0xd3bab2a4fe1d0b1eL,0x50abba31be69e691L,0x54fe99afc6f53cd9L,
-        0x071f2a4f628039e4L,0xf1f44181b183aa16L,0xdf0138e05010f6f9L } },
-    /* 2 << 147 */
-    { { 0xb1e365019c77ca60L,0xfe084a2301018e14L,0xbf451d2ca4bfdcecL,
-        0xd210892fb29cdcfeL,0x5b12bcd894514871L,0xd03ca18c1809b1e3L },
-      { 0x09b243115858e4eaL,0x37b30d50e57524b4L,0xcef0a16b5de334b5L,
-        0xfe0bd1e20b116076L,0x54e4b48289ae2bf4L,0xfbcc5e1a68c8a937L } },
-    /* 3 << 147 */
-    { { 0xa5023e1364be0f56L,0x6a7310e00046f45cL,0xe0af09aeec8700d3L,
-        0xdea5fb7ceb2d38f0L,0xc038eae6859852e6L,0xd515fb4c8c34f04cL },
-      { 0x546b778e1488c207L,0x8cf4f1146258d8baL,0x474e60d85182c96cL,
-        0xcd0387303dbde757L,0x387232f876ab01ffL,0x277614f628231392L } },
-    /* 4 << 147 */
-    { { 0x309b1eb33ef5a413L,0xa7607981a81f43fbL,0x87c2b81ebf8a894cL,
-        0x27a40bce0d293293L,0x7f4c315be4bf3714L,0x03fdc14e01236895L },
-      { 0x319c88f8dff053feL,0x146bb448ea3fa121L,0xfcc2a05df0dd1380L,
-        0xc8d55b024acba9faL,0x871358de5927313eL,0xfd1d81d317ce294aL } },
-    /* 5 << 147 */
-    { { 0xa135970c7361138aL,0xd67eddb5b7d50260L,0x313c6e9bc4d5311bL,
-        0x4f503bf28423e5b4L,0x17dc4b6f44f3fe83L,0x15b7bdb9ccf1bbcdL },
-      { 0x0ce4d64ea11b9896L,0x050b0edebbb6b0eaL,0x85531293bf5db990L,
-        0x9db3b964520d095eL,0xb45ec235bd2d4e88L,0xf88a9e6215ee5ba1L } },
-    /* 6 << 147 */
-    { { 0x10777189c1a21254L,0x7d8d3966ca593a6cL,0x261ab515120380e6L,
-        0x453c858fe13577d1L,0xb1f6bb58f3862db1L,0xf8ff48b8b9529e1cL },
-      { 0x03f63a417b60b400L,0xdc248d96bba66b3bL,0x8423048b756e5af2L,
-        0x4d978ed31c984befL,0xa06242995ba00f3eL,0x0bed7b454f4d19e7L } },
-    /* 7 << 147 */
-    { { 0x9ef52e3d6524f389L,0xc5b157c5f6ac19eeL,0xdca7a72ab5d42f7aL,
-        0x2d2e8d72fa0051dbL,0x3a6ff9243f4a4f60L,0x0ae997af340e7977L },
-      { 0x33dd395e269db4e9L,0xf95c3683616b9dc3L,0xb86a066122d516a7L,
-        0xd50c582cad913df8L,0xac8b8efef550afbfL,0xf34fcab01d88728cL } },
-    /* 8 << 147 */
-    { { 0xd3797831ff63ae69L,0xa753de02ce4c7eafL,0x2ff7a6a611a4e339L,
-        0x904f86f05328043aL,0xe29d31c012e9f7ddL,0x8825a639c0a51904L },
-      { 0x070c2696ebfc2cc7L,0xc03ce643c5f7a943L,0x5b970d0c12c8a1f5L,
-        0x572aaaa1ab352a83L,0x63df45a90c5eb0c7L,0x95c951e1d4977599L } },
-    /* 9 << 147 */
-    { { 0xf5aefd5572ba3741L,0x7ab81965f5fe816dL,0x597d15d546752cefL,
-        0xaa79a0822a3c142bL,0x038ddfdd3af5dfe9L,0x9f4dc166755c9e07L },
-      { 0xf34224dfb9165297L,0x96e7ff6e4e3fd907L,0x5d7f3c821727beb6L,
-        0x7098493dd6af73ceL,0x6b9358fbe00dfa4dL,0xefb2634a96e74870L } },
-    /* 10 << 147 */
-    { { 0xe35daffe2e4c6299L,0x1f9e33935915cd16L,0x93f05a40f009a48aL,
-        0xa4a801fd308a81c6L,0x75e5dc467e885426L,0xf0bc7d5d4629ff05L },
-      { 0x356b879bdbd812c2L,0xdb5eb60001629849L,0x11c9856eec2dd55aL,
-        0x20f0443880f0c804L,0xc0b5e3e21801b217L,0x7ceba67d6ea097b8L } },
-    /* 11 << 147 */
-    { { 0x7a1bc5d85d08d3f0L,0x9ecce2a8385ef3a8L,0xae93d42b3c1b2927L,
-        0x81a3a60719ce9447L,0x8d6b2d3d0eda597cL,0x5baabad60eea6dc5L },
-      { 0x2cb372642741608aL,0x3b1148d6f0202a01L,0x6e85272f52931f5dL,
-        0x49bf47596a2e601aL,0x5ec0418443279ddcL,0x7d052cac6ec080ddL } },
-    /* 12 << 147 */
-    { { 0x01c2df8d3bb02d0eL,0x874e43afe26f388dL,0xe198341c8360fa6aL,
-        0xe67f8092c52bb2d6L,0xf944dc63a02efba5L,0x9a9c02d92c12332aL },
-      { 0x39684f6ca8cb6bd5L,0xbcc1828e26bc9535L,0xb7fb8eb646594725L,
-        0xbb4f5f05793c32ddL,0x3ef3c33845f94b55L,0x228e0e7d09eac277L } },
-    /* 13 << 147 */
-    { { 0x80d9bd388aeae732L,0x2be676dccbeb6443L,0xef4d056bded9ad31L,
-        0xc4fea44f349e5d0eL,0xb66c35d28d95db86L,0x210c3d4aae9f5d3aL },
-      { 0x5c0c5b9c1582982bL,0x50a529be93aed9a4L,0x88f769a384c77818L,
-        0xc0970b4269776a3eL,0xbf3e5ee022a1cad4L,0x705c0b29b80187eeL } },
-    /* 14 << 147 */
-    { { 0xefd26dca727cacdeL,0x6290fedb5fcdb147L,0x9f108a89e1830a96L,
-        0x7e8e36813e039a02L,0x1747b3e9256fbb3bL,0x5aa0ebffabb3b2f1L },
-      { 0xcac5818c9fbb9b49L,0x037d66114a94b74eL,0x4081fd4d7a548536L,
-        0xfe2d8e79aa364507L,0xe86ce00ea81a5f81L,0x77b95e9477a9bdb4L } },
-    /* 15 << 147 */
-    { { 0x3eadfde5bf06a49eL,0xca88828b33787c62L,0xde6f765022070f63L,
-        0xcb4e54dc438f649aL,0x24957c77169727d0L,0xa2e7781cdd2a92a3L },
-      { 0x17a1d7ddc38885f4L,0xb75716717605c408L,0xfdbbcffc8a2323f5L,
-        0x11666bd2c955456cL,0xf8b94fa2517f27f5L,0xe101927fee002499L } },
-    /* 16 << 147 */
-    { { 0x2c5b0e42bca07a42L,0xbe57f3597a0dffa1L,0xace485959aa90727L,
-        0x32be886af658699bL,0xce75d6c6da3b18e6L,0x9d563e4f69caf667L },
-      { 0xc17c66cf065eb772L,0xfbe123814df9f6efL,0xceb80041623db4efL,
-        0xe75615b2c74762e1L,0xade8a5438671c52fL,0xb713c401cacaf2ecL } },
-    /* 17 << 147 */
-    { { 0xc740669ab01b20dcL,0xd873f3f1abecc3f3L,0x0d8290402db73d1cL,
-        0x147aaafb99198d33L,0xca66e755d4e7d7e4L,0x8747298cb2cb752bL },
-      { 0xd9d58d29c43762aaL,0xa3801a4a15e45d57L,0xa747fa3f454eaf2aL,
-        0x26c79cdd0c067c77L,0xf15404cea24fe6b4L,0xe2add5ec77fec1c9L } },
-    /* 18 << 147 */
-    { { 0xc45064dbd71a7744L,0x1900bb8f04a6f3cbL,0xd592585a76c2dd6cL,
-        0xabbbd6d862b95d26L,0xb0db482b1d2e180aL,0xf459430184c9dea5L },
-      { 0xd30b162a6e5ec460L,0x90838e57e4b35476L,0xab4b7c80f9356687L,
-        0x72c2c009719f347aL,0xd5d01fcf920d187dL,0x47426f1e0afe06abL } },
-    /* 19 << 147 */
-    { { 0xe6473aeaafb2f584L,0xd5395475c44ab7a2L,0xcba2c240bc27e864L,
-        0x201735cc742c1c9bL,0x8cb4886951263febL,0xb52706ba4fd2cd5bL },
-      { 0x028445755a2dec94L,0x978e79d6a4be7b6dL,0x5a68d8103c4742f8L,
-        0x9c917f48b301ad64L,0xa6a7d5bd684a6ea6L,0x251d61327c978749L } },
-    /* 20 << 147 */
-    { { 0xdc7e39ee0ae2a7caL,0xcdd3c235e6b7dee9L,0xf9624c299368c8a3L,
-        0x2086bc904b21951fL,0xf7990a1f57e0e6a3L,0xf170dd75e686da8cL },
-      { 0x4a82719a06da9714L,0x3a78e35e24274685L,0x1c3965e1c67712f8L,
-        0xc6c26eb62f164e3aL,0x1129a467381fb91fL,0x896022108443ffddL } },
-    /* 21 << 147 */
-    { { 0x25e561bd808c4ff9L,0x08c9f2758c0cf1c7L,0x9af6165b59599115L,
-        0x59f06a4bb4b415f7L,0x3a9d8ca5236e2650L,0xc8fa3bc61b48ebdfL },
-      { 0x5e1896193404846eL,0x6d1d803b378a5a46L,0x672fe2bab812d5dfL,
-        0x3ec27a7f04c6ddc1L,0x9c5ff08c0cee3357L,0x9f465babae8d37d3L } },
-    /* 22 << 147 */
-    { { 0x0057f60756a0b6bbL,0x46a6e9949c1e24daL,0x1c283f859baaf618L,
-        0xd75e731be878a354L,0xf9db13388bf2ca71L,0x0f14adeea9022f59L },
-      { 0x309f04aa6c14666fL,0xe6cec2aa552d2da7L,0x9f27eaba218d8659L,
-        0x9b3165d3c268561eL,0xc7e3afcb90ae19efL,0xb840170bcb329e68L } },
-    /* 23 << 147 */
-    { { 0xf6b9a32fab95aa95L,0x1a1e06c387e1c3c5L,0xcfb7ecc5317f1c2bL,
-        0x12953ce7999d2bcdL,0xcaf5f0229e3c5a01L,0x0c9db571305ac94cL },
-      { 0xa423d26cafbc860aL,0x82fbbd3dfe98409dL,0x455aa9926652ac17L,
-        0x6916e7d6f9428029L,0xdcfbd65099822714L,0x5de152a13f3c72d2L } },
-    /* 24 << 147 */
-    { { 0xe6d039ef467eb167L,0xa7e0959d74696cf9L,0xf3a19b9d7078d8a0L,
-        0x5d4ec99c07cdc6f6L,0x4842d0f98386eed8L,0x48f5ab80545fc0d5L },
-      { 0x8906fc626d39c2f7L,0x1c050d691bf5366aL,0xac506c579f54d0d6L,
-        0x9a356a6ef9e4b94cL,0x62632c5108a75e61L,0xfc1b9fa5c6951dc2L } },
-    /* 25 << 147 */
-    { { 0x84ba4069d034ec62L,0xd55b42f6f169349eL,0x78dce88d17de2b22L,
-        0xdadae679204ec730L,0xfad5ec6b5357f5e5L,0x330bba18ccc0d0afL },
-      { 0x8419755c4a566c71L,0x29c56c5fbfe57083L,0xe42a7c52598cad77L,
-        0x9d81623f5fcf1dc0L,0x978eb12864615869L,0xc837262a9c2a6f35L } },
-    /* 26 << 147 */
-    { { 0x917747f99ee0628bL,0x5d711303566cf048L,0x206d53f15b77f58dL,
-        0xe104bc12667a86ddL,0x158f8d253505380fL,0xf5b32ad4616e821eL },
-      { 0xdb67191a3cdfe797L,0x61b58589147e1756L,0xb7927e12625d0efcL,
-        0x48d999d008bca937L,0x335c6f5b7b02689bL,0x4f0994a9d8149b7eL } },
-    /* 27 << 147 */
-    { { 0xe7ba0870df6ae3beL,0x661373f0166cd7d9L,0x369d361d8627f3fcL,
-        0xca06d544cf6ceb36L,0xc819e0ea34b5d425L,0x80c1ab716ffd2827L },
-      { 0x3fb8c0b520b4161cL,0x3647e67b3734b87eL,0x9c3a14b203e6c9cbL,
-        0x320ed1c1c3620486L,0x6d77d46b5286a22fL,0xbd6036c1bc74a266L } },
-    /* 28 << 147 */
-    { { 0x125951a52e6d5433L,0x7d672aee6a6013d4L,0x6ed23f2560831997L,
-        0xb0e219ae438c75c3L,0x6851dd4bace91d00L,0x84704f7d30f19991L },
-      { 0xd744cb32d0107170L,0x15f51a63b0cb6796L,0xe14712cf5a5807d8L,
-        0xff89f0c5dbfd612cL,0x0c314718bd021483L,0xf9ccd3b11b4b76d5L } },
-    /* 29 << 147 */
-    { { 0x36121d0909b6398fL,0xd9ad591369069016L,0xd3a08c8469cdcfebL,
-        0xd92ae9b2b03e1e4cL,0x1620c549e9b6284bL,0x5860431227ab9432L },
-      { 0x4e1d3134aa314da8L,0x89207aad70910cbcL,0xacee236badff9190L,
-        0xe6390f7cf6eb6df2L,0x0dfc5a5cffa91d75L,0x3474104aa0e7f48dL } },
-    /* 30 << 147 */
-    { { 0x00b75b851871749cL,0x063b748ea00faa20L,0xa516e09f90257503L,
-        0x9ffc43981c800098L,0x49f011f871b00fa1L,0x6fc80517443268bfL },
-      { 0x2802e2bf24a24acaL,0x96fdc71edde88ab9L,0xe3eff1f997e661a4L,
-        0xae5c34e13cb321f8L,0xf863263e301c8ba0L,0x3c3eeb7b093e186cL } },
-    /* 31 << 147 */
-    { { 0xc0f51229e7aa3325L,0x3abde561fa93ec80L,0xd7e5317f4e6df2b2L,
-        0x4eefcc76bc832652L,0x9dce52905d054a1dL,0xee2939da2a6f52e2L },
-      { 0x8faa1d3e092b5422L,0x77f55f7f9ca6338cL,0x6dadad8f6546d37aL,
-        0x0ef4922ef3bf7cb1L,0xfcf41c23200ccc57L,0x591e208362aa0372L } },
-    /* 32 << 147 */
-    { { 0xa933aaf7a4886619L,0x9ec1915f4af13c7fL,0x25a9dff8854de496L,
-        0xa8b31d9b247bec15L,0x468a25c84661e58dL,0x8989c046786a0707L },
-      { 0x282db8cabb66922eL,0x73bf240d45ca29ffL,0xa2c40faaeaeda06eL,
-        0x69632929add94b47L,0xc72354f6b0069076L,0x8d197fbf7878e92cL } },
-    /* 33 << 147 */
-    { { 0x7bd8195662267b63L,0x9352be73894a4ed8L,0x62568211d0bfdfdbL,
-        0x7974999285698b05L,0x897ccd584412ea21L,0xe4cc4ddcb2f25225L },
-      { 0x808539bdb4a1d924L,0x619fee34bdebf750L,0x47ed5b3473aea42aL,
-        0x91e07a9b94ba376aL,0x218f6885edb27e08L,0x4feb09e6c4214344L } },
-    /* 34 << 147 */
-    { { 0x24bf9fbbf3e4bc93L,0x8973b72471151bfcL,0x8e33b753a85eb707L,
-        0x13eba76e50adc461L,0xe445e8e144dd9d2fL,0x8729ec22b1592a0fL },
-      { 0x9a13bf315ec24808L,0xe6ae840c2e95cabbL,0x634f3416e28cdf4aL,
-        0x34d3349b9278cd7bL,0xd74990c542b912b5L,0xaf94b104b2430c71L } },
-    /* 35 << 147 */
-    { { 0x6d26cd01580b15a5L,0x5af25c06dcd849aaL,0x05b00800ffef39f8L,
-        0x8cc59e06f9e0208bL,0x920f69540bc19bf9L,0xc06c4df97faa5ddeL },
-      { 0x9a26a3f4770351d4L,0xda015bd3443f40d9L,0x1afd829c740f1942L,
-        0xb108a8a6566e6158L,0x118e50a9a35e5d37L,0x94cac90eab72a3b3L } },
-    /* 36 << 147 */
-    { { 0x01f7968e60cb465cL,0x4efeffb796e0af3aL,0x6f9016e7066ad6aaL,
-        0xa8ae30e88743aa97L,0x7b77d3e0b7d55766L,0xe1773661c6b3fadeL },
-      { 0xa52fa7bc88f5270bL,0x4de08cb39f7f811cL,0x6021536f9bc34254L,
-        0x47bd18cf4068e3d2L,0xc91bc312ce16889dL,0x468659ea929b71f5L } },
-    /* 37 << 147 */
-    { { 0xa5a2a3b3225b532aL,0x5ed77864167f7874L,0x2b5d475037ae42d7L,
-        0x9bd62f14433b243fL,0xe8dca1b2eea90992L,0x1ce44e53ef5e0624L },
-      { 0xd92c7bf61d3d7173L,0x83c1e65424c19a94L,0x59dce036eafe8941L,
-        0x23478c50d81014b0L,0xb89214bbe65a18e9L,0xf9fd325ea05d9fb6L } },
-    /* 38 << 147 */
-    { { 0x2c4bbee73965ed81L,0x58b6a8766c1a47beL,0x7c8d94f71a67dfabL,
-        0x865c9e42ac6ae9e4L,0xa63a0e42a3114c18L,0x7432c6c92bcf8169L },
-      { 0x1927723c7532bd7aL,0x20b75c7201e5781eL,0x1963e16919d57f9cL,
-        0x05427a3cb10e3798L,0x31bbc661cebc82a9L,0xdd88383ac3862997L } },
-    /* 39 << 147 */
-    { { 0xa0ef513d4adce457L,0x942aea7df9f906d8L,0xe52a2bb5fe22c5a3L,
-        0xfd9fff1f8dec9ca1L,0x19b0e7a27913f99aL,0x58c45dd205660e97L },
-      { 0x6722c47ff06d3c2dL,0xe4927a002a4d127fL,0xdc647c1ef40f46a1L,
-        0x538c8cda7ab7a21bL,0x90227d6cc8015ae8L,0xe62f52dc2d4ec8a5L } },
-    /* 40 << 147 */
-    { { 0x69a9ebd8a83bbb88L,0xcbab0b5a29f98875L,0x325e487e4e7611f0L,
-        0x90aa24b1d955cc3bL,0x840e70a13c264d53L,0x15bcf88bad7f4f81L },
-      { 0xe47552cc2cf0df0aL,0xcb99973379205ea9L,0x25dc58bd10d5ca45L,
-        0x0947d7151228b978L,0x9a0204da4f2c7c4aL,0x4377ea4a4690052cL } },
-    /* 41 << 147 */
-    { { 0x35da16d16bc7d7afL,0x098c4b0271de4ac2L,0xdaa2407c3655dd94L,
-        0x5136884c90380d70L,0x3f47052e762f61abL,0xf715107a8dcd6ddfL },
-      { 0x862a4a6e5d76615aL,0x2b546e1b2128a6f9L,0x5297a3cf40490672L,
-        0xef2cbdf1b9c765a6L,0x52e71cb4426562baL,0x34d0e3237a84f9b1L } },
-    /* 42 << 147 */
-    { { 0x6cd4098d74e7c67bL,0x3bf4193123d2b418L,0x598710ad682135ccL,
-        0x26ccbfe0172d648cL,0x0c4918c5d84dc9afL,0x346e8b6385065417L },
-      { 0xcbc7f2efd353219fL,0x93637eea3c4e4863L,0xb18fc69c2dbbd39bL,
-        0x20614dd45a4b5b0cL,0xcdac0383547adce3L,0xedcdd64842ac8be3L } },
-    /* 43 << 147 */
-    { { 0x76ac6c94b4559439L,0x09090af620319667L,0xef433d73a742e3beL,
-        0xb7ec99eb7cbd7090L,0xcde2579dcb782be1L,0x2a2fb807e75552fcL },
-      { 0x083f9e982f1eee15L,0xe20f65c167779c98L,0x73c044ff5f23e998L,
-        0x5fce594269488208L,0x3e4ca86ccace7ba3L,0x5e3f43b8f32c1acaL } },
-    /* 44 << 147 */
-    { { 0x3ab171a237b42b60L,0x6501afcc4f20e50dL,0x4f9e22413e3a4298L,
-        0x3c5834d9be3b3d3cL,0x9607b8cb9be25af0L,0xcc5f6b6f81c723a5L },
-      { 0x11b9b5d199227bacL,0x2bc5dd9f322cc499L,0x0c3884a0cdbc3a55L,
-        0x018a8ebefd4f004aL,0xa858ee7ce08741d9L,0xb5bbfa2b5d69b3ffL } },
-    /* 45 << 147 */
-    { { 0x57069b4a1b0611b3L,0x24b5421c89da55d7L,0x6433c29dcf9b2fb2L,
-        0xda9382c67869a1cdL,0x67fbb7a343514903L,0xb3429e35e8b224f8L },
-      { 0x4058ef1e7ac51191L,0x56283b0cfd4e6114L,0x4eff0caca16fadd1L,
-        0xe6088db7b6ee634eL,0x94e68bd0ca7bd1b7L,0x0e98796b965ff86eL } },
-    /* 46 << 147 */
-    { { 0xf3176014bbd74a95L,0x5dfe36b51bc6c763L,0x4c463aa27d3d0366L,
-        0xcbd7106cff3b113bL,0x2d660f5a0b6edee3L,0x92d79c864db04c30L },
-      { 0xfd1067cfd2236e55L,0x1ae21f2d90925a83L,0x8419072ca952c451L,
-        0x2f268b473d946980L,0x04831991b709ab5aL,0x0d622a70bf72efd6L } },
-    /* 47 << 147 */
-    { { 0xec468aecf0440b85L,0xaae6041369cea78eL,0x5a88145d12a30f40L,
-        0x438c6e3f37a52bfcL,0x41bf603894749b6eL,0x3d38b86267edc2d1L },
-      { 0xe379125a020a32abL,0x68a6b13a198c3944L,0xed1fb3258be252d2L,
-        0x76dc8df6e15c37cfL,0x5a6592cb6453b542L,0x372b1998b3347c65L } },
-    /* 48 << 147 */
-    { { 0x015c325eb8e79179L,0xf4fc61335b57dce6L,0x27a51e5d78d6858fL,
-        0x13babcab4dd5f180L,0xfaa19cb1847e499eL,0xe2688ae608aaea61L },
-      { 0xe20d7edce86100d5L,0xa9b0d46bed2fedacL,0x5e99cc0c1d357dedL,
-        0x4c1263ab723cac89L,0xad5f3e6ff15e22f4L,0xf25f3950d77dae65L } },
-    /* 49 << 147 */
-    { { 0xf3814fdba1c6fb06L,0xbfde395d8d71559aL,0x6e4b2b1c07e00f72L,
-        0xac0d1aef1e12b111L,0xa4041ea0387dc52cL,0x8004ef4893c80d7dL },
-      { 0xb311b5c29a770d6eL,0xd4a340bbaf41a540L,0xe96d1dbd9a5391ccL,
-        0xcd4b19fb45ebf6ffL,0x142556a5dcb6dbe8L,0xf68968ff092f898aL } },
-    /* 50 << 147 */
-    { { 0x540a2e35c854356eL,0x6d0eab45f5002153L,0xb8f542bd9a6c488cL,
-        0xd572d282c6201f12L,0x260bc62781a3eedaL,0x508621af06eaa5beL },
-      { 0x754eeb205eadc8d5L,0xfe33248f42d4b0dbL,0xf44a1c7ac5529222L,
-        0x9079ccb574396eeeL,0x6c4bc87db9cbdc41L,0x1ee8982431ee3f18L } },
-    /* 51 << 147 */
-    { { 0xb64fc90ed811f25aL,0x310214a2c82c8f68L,0xee559209b5052420L,
-        0x6055c5b45c1bf95eL,0x414f7c8dedce3bc7L,0xd3438b8a66d3cfb4L },
-      { 0x687b9f70d3935eeeL,0x553b15ddd3e179f1L,0xccc9961e21ff232bL,
-        0x3729ac207d322041L,0xf1537630094907c9L,0x3e87f4f903153dccL } },
-    /* 52 << 147 */
-    { { 0x2c21e48c7dae4b17L,0xe842930a07ca1575L,0x3a3d6d361cc47ab4L,
-        0x749dba405fcd07bcL,0x55a538a6f306a498L,0xe85c60be633d42bcL },
-      { 0x777595f2dafa94a7L,0x1c690529a0400ef6L,0x41485f886bfa23bbL,
-        0xdead14a1256d9204L,0x74f1a820bbda2f9fL,0xc86554f65fe54284L } },
-    /* 53 << 147 */
-    { { 0x03ee764b978ad2dbL,0xec253b0f01c9282dL,0x028e7873fb26c425L,
-        0x3e1da0436504ba10L,0x68369881531961f1L,0x0365ea56ee435146L },
-      { 0xf5505ae80c00a6b4L,0xc1ac097403f34fe3L,0x7327b391b5922f68L,
-        0xe561cedd1845ef9bL,0xaa82258c6a44b29dL,0x23e39cedc4d56159L } },
-    /* 54 << 147 */
-    { { 0xf5a07dedd14a3ce3L,0xeda454ec9c47615fL,0x01d6b1562775730fL,
-        0x3ec02f95fe4d93f4L,0x335806e4dcbd0ceaL,0x3f498d1b51a19d96L },
-      { 0x9949c853374b7210L,0xb255d34b25980320L,0x3b681db4307b513eL,
-        0x4137053add10a78aL,0xd9c0f2728dcaae0cL,0xcbeb6b7216031955L } },
-    /* 55 << 147 */
-    { { 0xd1b13e72c709af4cL,0xb4b99796c12f27fcL,0x9e56569a05e2c06eL,
-        0xd8c880631212ba12L,0x8da1a6704e7f8fe4L,0x3bbb314f875bb39eL },
-      { 0xc56ef7088fbc8a3fL,0x39b3cef2300d21bbL,0x5e755398458e347eL,
-        0x9f7b84b16c1b2162L,0x278ffd26b08d0c52L,0x7c8a442a9ec7febfL } },
-    /* 56 << 147 */
-    { { 0x3c0e2b9737e8e6b2L,0xa2037913575da8b7L,0xeedf0a75b925cbb2L,
-        0x4f28ec1bc561b405L,0x368fb2742901931cL,0x52b54eee2f26221fL },
-      { 0x381845b6247812a9L,0xf9bcc9619115a0dfL,0xef127dfecb84d25bL,
-        0x4256afe5fa10e0a7L,0x0c08a532353a15ebL,0xbbd15b176a91e61eL } },
-    /* 57 << 147 */
-    { { 0x3c573b2655574ae4L,0xd3f12e8f2c0be823L,0x5954b69fde9ce60eL,
-        0xc433991bcedfd1eaL,0x35696716718e950bL,0xce4318664e9cc107L },
-      { 0xee16b6347359991cL,0x8f05851b1818a113L,0x257a228c3b494b59L,
-        0x4239f98e156f91f6L,0x2382157c72efdcc4L,0xc82b652cff7b7ac1L } },
-    /* 58 << 147 */
-    { { 0x072eee036b7a9a38L,0x42a680cbaef9b327L,0x67311eb8b56fb35eL,
-        0xf320acf3c7de3776L,0x09c89cc3ed15e895L,0x368501713232345cL },
-      { 0x5a5fe1104822f90eL,0x64f7ef18c6077b89L,0xbbc5748c8bdfb971L,
-        0xdf5488334b6209deL,0x02268bf676e7f595L,0x1c7971b447779e75L } },
-    /* 59 << 147 */
-    { { 0x90d308b495c9497fL,0x277535b782c903f6L,0x443cd37fc5d7b4c3L,
-        0x48ebf0acfcaff8a7L,0x8ee8c79e579f25f6L,0xb825ccd8360ffd90L },
-      { 0x6327be1599fe4be2L,0xc94c68cf59ec2909L,0x0dbf8d4456660ce7L,
-        0xbb31989b5d510edaL,0x43c8c365c4a2e601L,0x100de78314dcf793L } },
-    /* 60 << 147 */
-    { { 0x635ee0f3d33ac52aL,0x609c328dd1970e1aL,0xf28ddf0a09426902L,
-        0x2a94d4decbbcbbe8L,0x15890cf4ab7ecf5cL,0xb14a405df2dd4135L },
-      { 0x64659a4fa6d01554L,0x1d1b2c43cc966f9bL,0xb02ee871df0e48b3L,
-        0x0bd13e47f4dc3ebaL,0xb4763547bb4fc529L,0x868650044068ab72L } },
-    /* 61 << 147 */
-    { { 0xe3d60dfac22bda56L,0x021411ba6be2f502L,0xc1dd4d55b35e750fL,
-        0x708b62cd4d5e1648L,0x234a80c6347b8b8dL,0x53b6fa80f3ba912dL },
-      { 0x4041b8007b92c92bL,0x636c12524b6dbceaL,0x4ea250d08a1aa141L,
-        0x9ffa7e35a2ae7be0L,0x765c809cd2844e61L,0x5bcabd922d56de12L } },
-    /* 62 << 147 */
-    { { 0x48d594e522205fbdL,0x79c78f1c0862eb11L,0x02a3becdf7798099L,
-        0xbfe574a8b1ef2ae5L,0x1bfb7779c4781f34L,0x7211dfcf044da23cL },
-      { 0xe4c3fd7dc3686ef9L,0x14c6e5b5e74210f7L,0xc40a0a0275ab746fL,
-        0xd2033594621f6369L,0x6bdbbe3d66241d44L,0x014b089ee47f00e9L } },
-    /* 63 << 147 */
-    { { 0x93e3a89108e65849L,0xf90a376ba1a712fcL,0x6555d6dff1a48fcdL,
-        0x984ec5c86a763e90L,0x7a7fe565e55d6b14L,0x12550fe809b2e8b7L },
-      { 0x21736c048e41210eL,0x72ae44d448ce08f6L,0x02755a2871fecc50L,
-        0x379da24beb485ee5L,0x394cb7ba66d7b659L,0x49fc9d60ab638c33L } },
-    /* 64 << 147 */
-    { { 0x854b05846150771aL,0x35fdd9b4d9ca9868L,0xec8293894c32fc71L,
-        0x882fad4c9ec8f90dL,0x2d39990dc6c7b9c0L,0x7fbc201bd71a25e5L },
-      { 0x6b852e655166da7dL,0xc6bde23a3d8c6e36L,0x370011545857f048L,
-        0x746621fc1ccb9bc8L,0x97e44e63612bb853L,0xabc3b450758da4edL } },
-    /* 0 << 154 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 154 */
-    { { 0xd25f650804926a41L,0x7236b475514045daL,0x0b36031108b9b08bL,
-        0x16477aff3fe92e91L,0x6e5f6cb103189ddcL,0x81ff008ec698a38fL },
-      { 0x02a09218c93adb23L,0x71fcecd3445d8faeL,0x55a15eac8fd6b76cL,
-        0x1e37ec3611ef96b4L,0xd1b3b3fc30e433b5L,0x4951873351d174c3L } },
-    /* 2 << 154 */
-    { { 0x7914213db8c9f82eL,0x7a3e4e38fc038e90L,0x6edae5a126a34238L,
-        0xe566bf50701ce8c7L,0x3562e87555656e02L,0x48325ebfb4e8efbfL },
-      { 0x5f10a50466505ec3L,0xd8b9834b8da78aecL,0x49d1fc25cc2f2e40L,
-        0xe973bb1caf5718c1L,0x9b8825dad2d6b890L,0x7de7885ee2f00f12L } },
-    /* 3 << 154 */
-    { { 0xfb0fa0e6494fe64fL,0x4ea468b59a907f37L,0x9bb6d672cbabb7ccL,
-        0x523c7c6ea5be2b38L,0x4065adbb361c2e41L,0xffa1299925c13172L },
-      { 0x0eb29793f80d5e2dL,0x862fe1ae8e4efeffL,0xd485483e948895c4L,
-        0x513977300d80d5bfL,0xb4731ffc348782f2L,0x42543c76e1a7f6aaL } },
-    /* 4 << 154 */
-    { { 0xe37211be7ef79898L,0xa810387721344d16L,0xfdcd7e26a1b9f8b4L,
-        0x5641e45d7d7f72d5L,0x5377c1bec449c920L,0xd3edcb0cefc7b2a1L },
-      { 0xc657a9ffe14b42fcL,0xc8f858c800831b07L,0x6bfcd1bcd020eaa8L,
-        0x17534b0a3f6860c7L,0x8ce5722284c7c806L,0xa1d40eaf2bd7456bL } },
-    /* 5 << 154 */
-    { { 0x28b88cbb1a7093caL,0x09275152080a85ebL,0x0bee7d979c1dcc32L,
-        0x43698f5f5ed033a5L,0x4f142867b0f0acc1L,0x6e6202ecf62960deL },
-      { 0xe95a607ff005b671L,0xfeee8ea060cae478L,0x456bb6e90e8ec6e5L,
-        0xc1c0319a9d088a59L,0x29c6898bbe3d2379L,0xd7049b2af8a8628fL } },
-    /* 6 << 154 */
-    { { 0xe0c93007c9aa57eeL,0xebb2d47b8895a604L,0xb8aebc49c4fd6ffeL,
-        0x2c06e1e573f300b6L,0xa019070d81628b8bL,0x2db1690bbaf8c1eaL },
-      { 0xb3fce6c8cc94ccd2L,0xf301463885bcdf4fL,0xb1e62616e2f82c32L,
-        0x85581e2468295a54L,0x0f2e2ff5bf51f8faL,0x940716f1155c1f6fL } },
-    /* 7 << 154 */
-    { { 0x15b2dd270c6bd5f1L,0x07b5bd91eb086d0eL,0xe701742e97c5f5caL,
-        0x3ce5f3f6eea06ea6L,0x51a81a6aa9cee784L,0x2bd404c1c7182fa7L },
-      { 0x27deca74d5b8bde4L,0x2c1931c595385e4aL,0x04fcb34e3a79d65fL,
-        0xdf3357edad1babceL,0x8bc628ffa31af476L,0x42ce1d91e5cc9e78L } },
-    /* 8 << 154 */
-    { { 0xaed02b6b4e623856L,0x7a6d2bef3e1d74cbL,0x82226ec4654e7c30L,
-        0x008ac003e7034bfdL,0xe343c5407fd6b555L,0xca1b29071b429d44L },
-      { 0xe0702a339c3ceea2L,0x48079aa9732694c3L,0x7e6d72f6d4652401L,
-        0xd92655ed35f60043L,0xa0dbaac6273e8cc4L,0x0bb8f0f93c3ffb40L } },
-    /* 9 << 154 */
-    { { 0xc3134781a91940b2L,0x37579fc9e9b90620L,0xa506227a08acd6f1L,
-        0x603ecce0270da73cL,0x8a53b67d7fdd70cfL,0xe29b7df299640bd6L },
-      { 0x7bb4fa877569105dL,0x6ee80ae8567bb5e9L,0xf394bd02baccabefL,
-        0xe854b3a6309c944fL,0x1271a131f06246e9L,0xbc1c205531580147L } },
-    /* 10 << 154 */
-    { { 0xb41b87b6c95cd23bL,0xb99714ba55e371a4L,0xb138ee8f6f571cebL,
-        0x09c42be480146ec7L,0x275ee21eee9aa125L,0x0cef4d6f3a878b59L },
-      { 0xd436eb1ca801068dL,0xe2c5448c762b8a80L,0x243beee1f3640ecaL,
-        0xf979458b32bbba7aL,0x6bc26cfea63407d3L,0xd3b6e132392dd1d3L } },
-    /* 11 << 154 */
-    { { 0x123ae65005d0072fL,0x9f101624f0656bbeL,0x762bd4f4344e283fL,
-        0xd1f70d5161b6863bL,0xcd99382592ef9a38L,0x53aaa0c3ac2bf9bbL },
-      { 0x13904fb521ef9a43L,0x0470a8ba2beb8f44L,0xf3733943fcfe9ecdL,
-        0x10b8881a79d776dcL,0x89b94c67b82b7139L,0x7af5147aeb962922L } },
-    /* 12 << 154 */
-    { { 0xbc06ecab3de4ba2eL,0xf51ca0639e491bcdL,0xa6fc6fa0453c94beL,
-        0x5460f943ed1a6731L,0xeb11656a4ec3f1fbL,0x2fcb2cabff1e7d4eL },
-      { 0x595264678fea2286L,0x838117a34e0bee38L,0x7bdf588824fd2ce5L,
-        0x13df0c839f2c2925L,0x1bf621e6dee97f30L,0xb43b2558ebea6641L } },
-    /* 13 << 154 */
-    { { 0xf49a97d80a33b97cL,0x4e68d71512ab9bcaL,0xc0d361c04bdb65a3L,
-        0x5fba9fb86cfb0cafL,0x222e12ca2a716589L,0xaea01502731f5099L },
-      { 0xf322ddf7e97b37f1L,0x050e82a5e55c844dL,0x01ef972ba11d664bL,
-        0xab30502882c737b6L,0x43aa811185e39769L,0x766a9350937c1456L } },
-    /* 14 << 154 */
-    { { 0x246c86608e729329L,0x39fcc41dd693dac8L,0x48a65b54c062a6c0L,
-        0x368a57706a5a3101L,0xd143600f47ed1988L,0x48466d92a764ce3dL },
-      { 0xb05006135a22cb6bL,0xf1d77247edea070cL,0xb1ddd151617f2464L,
-        0x7905069828b83fd9L,0x021abb26d70bf93eL,0x590b3c42ab5a5e1eL } },
-    /* 15 << 154 */
-    { { 0xe86c737b728b8438L,0x21f45a22acf1dd66L,0x6f29f2d7abd4de3cL,
-        0xa223154576d4435eL,0xad902927f5fcafadL,0x272cceeb04f30557L },
-      { 0xc2e4e0017ebbb2d6L,0x73954580bb873ec3L,0xadf5ec7ac7fa9088L,
-        0xc036da0464006dd7L,0x9c3545b5e8274f69L,0x6e153c2552325f50L } },
-    /* 16 << 154 */
-    { { 0x5906a35c1cfb991fL,0xb62a4f80740a7744L,0x65c8ac9136f84763L,
-        0xf73b3debbe0f1dd3L,0x40358868a2d26c21L,0xd907e90a76792ae7L },
-      { 0x3ecea167668c3d5fL,0x731068f26754b49cL,0x6db891090e006243L,
-        0xd29106e6dd94681bL,0xb40b8694a85a3de2L,0xc80c7bf1936b86ccL } },
-    /* 17 << 154 */
-    { { 0xd735de6b91f7c76aL,0xd89aa1d4b054837aL,0x47c1a397271e94c4L,
-        0x8d91f3f9dcb7c071L,0x4cf9be2db4cc209dL,0x4fb6842ec08190d4L },
-      { 0x926423a1d7b2aaedL,0x5bbfc08957a1cb44L,0x44438c56021defb3L,
-        0x8b9a2b1ba09863cfL,0xc9d5c170e37e339fL,0xa8994d5dabb18c7aL } },
-    /* 18 << 154 */
-    { { 0x003d45d011913575L,0x866cb2dd87e1186bL,0x692f630146b69a22L,
-        0xd296a55c8174c1d1L,0x77ef6fbe9f17af00L,0x6b588be93aa922e1L },
-      { 0x99ecb44f033e6dd7L,0x32edea2c1d22b7cdL,0x3122b027ba7006f3L,
-        0x8950054bbb6ebc5cL,0x4f6d606182dab805L,0xc12055181bae5f1bL } },
-    /* 19 << 154 */
-    { { 0xeca71515ad7edd2dL,0x3f9c330e9bf56567L,0xd0b62d6749104bb1L,
-        0xde92596410cc8d89L,0xc7a083f4287fc898L,0x8ba176e712d15d2bL },
-      { 0x2cee62f7b4c8c4c1L,0xc15966c2ef79aeb2L,0x9b449522427c11a6L,
-        0xcc850028eb49b2fcL,0x0966a06d3a22720dL,0xfd511944a1e78c8dL } },
-    /* 20 << 154 */
-    { { 0x28d33e79e08c180fL,0x768c7794f6aec9ceL,0x5a749f3bce683c5bL,
-        0x717629d98371fe75L,0x5e828fc057712c1dL,0xb46c6ed17e4c61aaL },
-      { 0x5d927bad5bccf95cL,0x55d6fc80d72f68ecL,0x560a99a398591dc2L,
-        0xc885fe8a4836664cL,0xd18acd4226d79298L,0x05e4cd17185df1d7L } },
-    /* 21 << 154 */
-    { { 0x9c1e5db3ab34fbbeL,0x0d4b1e742f7eaa94L,0x106b0b5c86de1289L,
-        0xd2c6c1aab691a830L,0x2e55cff9b9717593L,0x4522b37d075e5e95L },
-      { 0xc6ee67ea3abfeb96L,0x35844bbd890b04eaL,0x0246545a55d6f65bL,
-        0xc66bad2b13594e25L,0xaff4c6b35d6aa7d1L,0xebb7d2b5a3f42a84L } },
-    /* 22 << 154 */
-    { { 0xebc60e21fcc83355L,0xc94dbc02d9119b77L,0xceb05a312f18ae9aL,
-        0xa8462962b8f69016L,0x58dde5a48f67b5f4L,0xb8bdf9c9af3c234dL },
-      { 0xe95c069f80e85df8L,0x9d525e1bab3aa0e5L,0x73c8a92f76276d8bL,
-        0x7feb4abd163530efL,0x8ca949b35ef5ad73L,0xe129431e2e3d057bL } },
-    /* 23 << 154 */
-    { { 0xa263d726c129d188L,0x89da948e9d526adbL,0xc7319a5a6b8a9149L,
-        0xd85d382d8816f421L,0xfad69eb1844032eaL,0xf668901a4233122fL },
-      { 0x246cc0de210ddea0L,0x26d8ccb70bc07dbaL,0xfc1b558470e6708cL,
-        0x853802b775fa0b44L,0x215ccb88bb75a5b2L,0xff50f0cf24e60054L } },
-    /* 24 << 154 */
-    { { 0x9d8a925b60dec308L,0xb72e3efa6b3ea363L,0x4f53ca6ddfb534b8L,
-        0x4e64874c6dd78a32L,0x336e5b46c2a146d5L,0x07c76d6398395201L },
-      { 0xa4c095228fe3e815L,0x887e659d3221cc26L,0x0ff92f64c36286ecL,
-        0x57b1b903c3ebb08cL,0xc6bdc9b665f00c30L,0x826242269a46d36eL } },
-    /* 25 << 154 */
-    { { 0xe054597768bbf4f6L,0x17bb77edb6e2cc19L,0x0cc551d89ae950f7L,
-        0x3490778d761763a4L,0x1c36044a32647ceeL,0xa6e083223f9d2938L },
-      { 0xea392a153a656a51L,0x4d51161ba083cb54L,0x15c01e792c690757L,
-        0xc7bf5d7c5cc62636L,0x1b00cddab2ccd76aL,0x68f49fa995313f8cL } },
-    /* 26 << 154 */
-    { { 0xc782c16c1a0b619aL,0x8643d42bbe316086L,0x49d2966bc0daa421L,
-        0x080b1cafb7b487e0L,0x1d33bb53144de273L,0x8bafce2d6faf7ed9L },
-      { 0xdafbe3cf408d4636L,0xf10527df7ee8835bL,0xe1123f3ee2e75522L,
-        0xb388c64bebe27d60L,0x2cb38dc1e3f1f55eL,0x57ff8e43e34524d8L } },
-    /* 27 << 154 */
-    { { 0x557dc1cbea28398bL,0x34d5709a208996b9L,0x94470993e97a3306L,
-        0x0343320772b117f3L,0x66c4e442f056525fL,0x27753c526d11dd35L },
-      { 0xf0aa7658b26a70d7L,0x95608b19543cd7ebL,0x618b2e17bac19156L,
-        0xe7e42948cae64ba1L,0x2016a9d59657ec93L,0xa38f67e03d7ea46cL } },
-    /* 28 << 154 */
-    { { 0xd67dc92b85653dc8L,0x8e0970af0bc93ab9L,0xb6f09baa8b87c0afL,
-        0x5a8a903052760ef4L,0x2e2ae7561047bf85L,0xd049078f85bd4e74L },
-      { 0xced11ff83729f708L,0xdd21cbebd91068a6L,0x83d488ff24b3e911L,
-        0x6e166fda1afd2196L,0x66a912114f0d2128L,0xd11078ed05c9f39cL } },
-    /* 29 << 154 */
-    { { 0x69aef6f919c64bddL,0xe7d4f909598ab592L,0x48952e280e55124fL,
-        0x637693f6290b558bL,0x3afb2e7b421e60e9L,0x00d1dbac79aac8a9L },
-      { 0x45156c5cc08563d5L,0x8cc201be4519c881L,0x2e36c0d7bd616581L,
-        0x595fe0164ee16dffL,0xeebec40ae4889c65L,0x23b6dfd7d35b94e7L } },
-    /* 30 << 154 */
-    { { 0xd87003d3bdbdf0cfL,0xe9750b5b56c298f1L,0xc256c3a2b73ad05dL,
-        0xe0779a192ee94279L,0x31d8b3c6279626a3L,0x469056bb90163bc8L },
-      { 0xe6aeabc623755853L,0x9fffdfe2896a6f4cL,0x15c1ce78a36cf41bL,
-        0xd4c8c025eee41941L,0xf7a917ee7653be9dL,0xfa3cba9659d52222L } },
-    /* 31 << 154 */
-    { { 0xa02f08586d8c610fL,0x9819c563ad4af3cfL,0x085d4439b95d17eaL,
-        0x9df256ea616f532aL,0x5e9c5419cebd249cL,0xdd5ffbf451062a22L },
-      { 0xb8910ea5c8b33577L,0x5e8b7ff7ff8e63d7L,0x5e4f3926b24e230dL,
-        0x163eb51eacd851d7L,0x9bda95f2ea2aef8eL,0x3d6887755aefa290L } },
-    /* 32 << 154 */
-    { { 0x913f92075f8ab132L,0xd5b6792c5c14080fL,0xefab4e2c787c3594L,
-        0xa55d465fe7b7b7ddL,0x921aaad834e28e6aL,0xc4f3a35e12d6a7bcL },
-      { 0x109803c46115a5aeL,0xc023098ce709f9a1L,0x1a8c8bdb99c5bb66L,
-        0x1cd1c2b6bc7c2da7L,0x50189c975f927eefL,0x493823d1229f9410L } },
-    /* 33 << 154 */
-    { { 0x34ec4dc840dedfb0L,0x1109ddb93aa89063L,0x93d9db278c218bb9L,
-        0x07131b6e0b6007ddL,0xf90570ddcc4690f0L,0xa6a9a634afa26a59L },
-      { 0xbd0c25194292e2b7L,0x92b99706a6d44b7eL,0x89481adf4942c03bL,
-        0xff5e56b98a0c30d5L,0xdfd8939591c80fafL,0xed9d140840663594L } },
-    /* 34 << 154 */
-    { { 0xcc22db55c41e42fcL,0xc90ec77e4c9f2411L,0x419b9f46e4c02557L,
-        0x156ed30ccee45c60L,0xf2c1340a72e4a938L,0x4a9cda8a204775a8L },
-      { 0x900fd58713952b75L,0xa82ec2b812461145L,0x9f1875d41db68028L,
-        0xaaa6af31308475acL,0xa11f379442d4b884L,0x1f1fcbe3d087882aL } },
-    /* 35 << 154 */
-    { { 0xa32d5a80a292fbecL,0xe0b10099d7091eabL,0xcb99bf7b4bfe6956L,
-        0xfd806d4c61955461L,0x7124b1bf931066fdL,0x29fad019649ccbf7L },
-      { 0xd1fe7911049609e7L,0xb568e167592f93c1L,0xabe7d10398ba066cL,
-        0x0cd22c9668d7ac2cL,0x0ccd0c21427522d3L,0x97ba199ba503b4a4L } },
-    /* 36 << 154 */
-    { { 0xa0f2da0c78a2cbf7L,0xd1611acbd163d80dL,0x1af6ee1bf2cd3795L,
-        0xc4993e08307d6105L,0x84c3b8f8560b5f12L,0x4f52c56347869733L },
-      { 0x8fd9e3f728d28bc6L,0xdbf34576e5d44bd9L,0xf7e3a6da10d14cb5L,
-        0xb93870990fe051ffL,0xf6363a48f15d43d5L,0x4bc358fcf434d1acL } },
-    /* 37 << 154 */
-    { { 0x35bac9471eae6dacL,0x4244697e39d6fe97L,0x16ec7f64fe017230L,
-        0x393856d10493823cL,0x0782fbb55b7cbbfeL,0x4c399e3f5820f9f9L },
-      { 0x86311cd9c08fe816L,0x057d4cbbc3ac958bL,0x63f09d484bdb0531L,
-        0xab0b582b0b89ea02L,0x19c52243beb30331L,0xafa64f25ca87ff6dL } },
-    /* 38 << 154 */
-    { { 0x0d28a67859b1f4aaL,0x79b04589c52d40f4L,0x443b7fa5219303d9L,
-        0x5be78d9663972eceL,0x0ccb969e7d984869L,0x7d8738077f81916fL },
-      { 0x3502b3e426d9f292L,0xda1de7a82c90b612L,0x5605f5dc434f27c0L,
-        0xa50d3328df89c616L,0x5a80cf84e7082731L,0x2c89e4b6f7ce953aL } },
-    /* 39 << 154 */
-    { { 0x7a46cd0d01fdf1e6L,0x86868e74e8690fbeL,0xf038771d8a8fc3b2L,
-        0x30135b3084303d90L,0xa7ecb9ded562d20bL,0x7a6d1f37884cd233L },
-      { 0xa30ca0bb07dfad3bL,0x1690d6018e09fa7fL,0xe582449f6c744551L,
-        0x0b0030a21b935d17L,0x6b46681272bdb78cL,0xe40d4e5f56d4f328L } },
-    /* 40 << 154 */
-    { { 0xa29978fc62a8b8b4L,0x4cc216310fa130a9L,0xe4b51c6bf15e04c8L,
-        0x453cf4d23f815420L,0x1257c751c6282b9dL,0xcd15b03c8af1af36L },
-      { 0xe3596240514ef6e8L,0x72a6691708ab83d9L,0xca0a62d710e44b2dL,
-        0xcde068128a9b8a8dL,0xd492b261ba470875L,0x5c7ea67cc6d7aeb8L } },
-    /* 41 << 154 */
-    { { 0x6acd945fc0995487L,0x06d5b2e47abac4fbL,0x42cddd75aaf3d12bL,
-        0xca7d2363de1b9632L,0xbb1a1990dfbbb30fL,0xb0beb43139fd7bd4L },
-      { 0x9ceb36884fa796e7L,0xb4d2bc4ba3266ab8L,0x79bda9d6e02df012L,
-        0x414636bbf6faf7c4L,0x0a6603b9d1ab23f9L,0x2bc60c848db14f7bL } },
-    /* 42 << 154 */
-    { { 0x1b36ef27007ff90fL,0x394fe8095111399dL,0xaf4f246cb758e748L,
-        0x794e4b151a7139a2L,0x40869a49eb527db3L,0xf2e15106f46d1b34L },
-      { 0x46619f0352ac96e6L,0x40f556de49caf0c4L,0xa36b11d693072befL,
-        0x871919b4ab2dad50L,0xf44b8084792dcefdL,0xe051823dbc31b021L } },
-    /* 43 << 154 */
-    { { 0x56293d8dcfd7432bL,0xdedf8dfd1d5f72c4L,0x743f4a71ae604fb4L,
-        0xfb35ab43730caf7fL,0xcaacce6b20fc2167L,0x21ec3a0daa8ac71aL },
-      { 0x4fdf5890c21ac9baL,0xbdc41ecfd6149328L,0xb1ac4d519b381c55L,
-        0xc4cc08fd63f10a98L,0x2b9f0d3a4913a671L,0x9ce9949cbc36a952L } },
-    /* 44 << 154 */
-    { { 0x5049a7d3f758b1b2L,0x60beb74f14ab97b8L,0xdfc47828a9ff8ad3L,
-        0x303a0cde8bb99766L,0x53f4b45a43b9a7a6L,0xe467aec8ca6e8c43L },
-      { 0xb8e7db7b3f573855L,0x5fee5a5481e760f1L,0xe928b23385b0fed4L,
-        0x72f02728ebae0b7cL,0xe32abf70bb5897d3L,0x103e8b859c572995L } },
-    /* 45 << 154 */
-    { { 0xf321278c2dc1a02cL,0x06ca03865dd09f91L,0x3c28640b7bac9e7aL,
-        0xe3a7f9b527b1a011L,0x9137ad0407ccedd3L,0x3a2976a8cb6b447aL },
-      { 0xab1c39248225c1ecL,0x30703f108f9022a8L,0x212f0f1bb0b2a64bL,
-        0x76ad924b3e73862fL,0x47253a5c84842ac8L,0x33a03a17755af95eL } },
-    /* 46 << 154 */
-    { { 0x97c371fc5a274b61L,0xc7362cdbb14c680bL,0xa8cdd929efbd49afL,
-        0xdfb2d5f075325f06L,0xf62d10e2b905531bL,0xbdfbfd8462ed0c3aL },
-      { 0x252061599d07d2daL,0x1376775152491224L,0x165637057413313cL,
-        0x642a7911a2b88eb1L,0x42d9dc6806ffe363L,0xe81d3403017bcc9fL } },
-    /* 47 << 154 */
-    { { 0xa68ce9db93d57f06L,0x4d1fa86a31dba07dL,0xf11603178c4822abL,
-        0xc2243680633c26f5L,0x6b4e91cd10f1da80L,0x4358155734827d78L },
-      { 0xbf54e87400c19817L,0xf52b94c4f2bad957L,0xcc85de8144e71756L,
-        0x4f7d8ca365b7a8c2L,0xff76efa579d7c36eL,0x50a444025952932aL } },
-    /* 48 << 154 */
-    { { 0x87c0ef84172784bdL,0x023128267a5f2d07L,0xeae5c0cec9901fa3L,
-        0x6ea74133a11144e5L,0x740c3d2ed8e89beeL,0x88e06131f9bb1801L },
-      { 0x47f253754356fd51L,0x8e2ca6ce38e45ea1L,0xf0afe990c2ef8066L,
-        0x91b7263d8ea03d0fL,0x37b01664880ca591L,0x61306f09790c8ed7L } },
-    /* 49 << 154 */
-    { { 0x084c4f92b24a5736L,0xf3d01da90a3c3859L,0xd37c47ed7468b812L,
-        0xeb539a939567c798L,0xd852f502acfdc072L,0xd8e5454996245975L },
-      { 0x42ec3948db5e323dL,0xdbebd1c7002d3fadL,0x9cc5db55d7c62d0aL,
-        0x22af02388afa4c07L,0xbdcb68fc6979eb74L,0x33763dd544dc11baL } },
-    /* 50 << 154 */
-    { { 0x4734465f87c2e496L,0xbafe4fb4eb7d82c4L,0x940b168521837f17L,
-        0x790d7041345a66c3L,0xe9973cfd65ea596cL,0x45fc95df058b3350L },
-      { 0xc63bf91405d08638L,0x36e6af6476465a92L,0x7fe09193f1eb3701L,
-        0x364f64f06468e2aaL,0x83108431f7129cc9L,0x3ac117205606bf94L } },
-    /* 51 << 154 */
-    { { 0xe6a85c7d34dcecd9L,0xc14437fe338cdc1aL,0xa5eeb471b3a9233eL,
-        0xf230947c71349a62L,0xe704a95686308ebbL,0x0ef4d4da4a362a8dL },
-      { 0xae9be4394b634c67L,0xf736c07c569f0039L,0x7356f3010f5f07d9L,
-        0xc86c4000823c9cecL,0xc43b3489951ab5faL,0xa7a3b3a6b46bb659L } },
-    /* 52 << 154 */
-    { { 0xb1d6cb737337af87L,0x09a59a6908638c3cL,0x4ecc3fd25d94c727L,
-        0xa7b57269e274ba87L,0x909cd824a61a0590L,0xcbe63cfe3c11751dL },
-      { 0x9574de8347c46efaL,0xee334cda539b7e03L,0x245bc6a2e3ef3599L,
-        0x13a570fee88d0da7L,0x88ede26d90ef4a21L,0xa0c5953b01fccebcL } },
-    /* 53 << 154 */
-    { { 0x855ff0f7657121c2L,0x18754814f94c7402L,0x720f1e3c32ce8340L,
-        0x7ecd080ee8e49d3dL,0x2838e642f0bee412L,0x69cad618209f8e60L },
-      { 0x5730f2dba983a4cbL,0x74957697f43896a1L,0x68de04373dc55d4aL,
-        0xa2fbb915628698bbL,0xc8279c975cace19dL,0x7df557465fd52bc0L } },
-    /* 54 << 154 */
-    { { 0x1cb1c2f378c3f521L,0xa425f99b63116c7dL,0xc86b48c36f7c0e71L,
-        0x9e92e82dc76a73ddL,0x8c0414657e7d6df8L,0x99e7884d38c02d8eL },
-      { 0x6c53c0cfb78a7e50L,0xcbcb5114481d60ebL,0x1eed68ed035b4441L,
-        0xdc95269f755f18efL,0x3ad7f32a3fe51f12L,0x981782d017296245L } },
-    /* 55 << 154 */
-    { { 0x7743ef2655fcd15eL,0xa73944a4d07f3cc0L,0x3161d6a32438cf14L,
-        0xad193a9b14e8938aL,0xe1de190e872dac01L,0xb165da2fc4795b10L },
-      { 0x1eb89d519e155bfeL,0xc8b97d94c9c552d5L,0xea7d3edb108c4c82L,
-        0xafb60b29c10acbb5L,0x331b316b82c7b642L,0xa53c4b3d719fa342L } },
-    /* 56 << 154 */
-    { { 0xc8dc34f36b3bcbdfL,0x952d337b24d72806L,0x28b8ec817e56e8c8L,
-        0x98e78abdbe861aebL,0x521773ddcf3bd040L,0x582ffcb2b7ca45d2L },
-      { 0x70962c0a04202ac8L,0x31b6ac909f29381fL,0x3b4cd403355715a7L,
-        0xffbbd1a7399a071cL,0xac669b08e50f02d7L,0x0f568c89b2cf0565L } },
-    /* 57 << 154 */
-    { { 0x2d2afc2daae7e637L,0x840e47c782a818efL,0xfe26a67c879f2451L,
-        0xd41d289810f54247L,0x36040f4877119f14L,0x741859a983f240ccL },
-      { 0x15f9607a8fa720c8L,0x8eb70f6df7b8e32dL,0x755394229b98d670L,
-        0x80a4a127750c4e62L,0xbe88d03195ca3a50L,0xfadeb53dc6411eb6L } },
-    /* 58 << 154 */
-    { { 0x19f29da06b824028L,0xa5cfd12b7bd354a7L,0x1cb5d74caeb59b3aL,
-        0xec9a8ccc47211999L,0xd7f2a1c17852f167L,0x134629209a1859cdL },
-      { 0xdd65f7ac9e3a339fL,0xccaa968075437831L,0x25772f9b7f502bb0L,
-        0xa64cd12f6fa0aa66L,0xd2f46ac62af2c3d4L,0x58433d963f262a2fL } },
-    /* 59 << 154 */
-    { { 0x747757c6715ba7e6L,0xc01b73c1f9cbefd2L,0xf1d96de501bbc017L,
-        0xad554e91a1087f55L,0xd9b74be65a6cc716L,0xad2f2c0320317019L },
-      { 0x42ef19c207893532L,0x7f3624c40858fdc1L,0xc104bde7078936c6L,
-        0x99af706682b5f95eL,0xa40e02625a13a9a0L,0x6c0251c40a318574L } },
-    /* 60 << 154 */
-    { { 0xedb3abb1fe36eed2L,0xbb2cc1e6a038298aL,0xfa0ac06fe5adc3beL,
-        0x7cbcef3eae73ebe1L,0x41596590cd676b87L,0x6cc8c0ae214391d7L },
-      { 0x826e2e16fcb3f244L,0x1ed7837e1be22058L,0x83052d0d1a9912b3L,
-        0xa2cb410c8ac3dbf5L,0x279d555a7faa6bc7L,0x870e7132f52b439cL } },
-    /* 61 << 154 */
-    { { 0x5957428e385308d3L,0x49ba20b3bfdae187L,0x4e1281c3adb44defL,
-        0xebe93dc4e75c6cf9L,0x81d1d1cff675fc6eL,0xbe01bcecfe0e371cL },
-      { 0x713f294d336bc7caL,0x1beb1508e26a1903L,0xbb5feab4b6819961L,
-        0x28bede2741bfc7efL,0xb0a5108bb3365719L,0x81a8c9255ccd21a3L } },
-    /* 62 << 154 */
-    { { 0x4f3d90af2bea6870L,0xfebb0de2ca26ca46L,0x109d96e5d58bd9d2L,
-        0x4b42928cd9882c8aL,0x5238cb7a8c73adcaL,0x9d79d72a4adfc913L },
-      { 0xba58929d1f0bf201L,0x0b7790a505f52baeL,0x361949aae45fda0bL,
-        0x21b2d006af3f732cL,0x1ed05dc33aa84bf8L,0x2322b7f72405980cL } },
-    /* 63 << 154 */
-    { { 0x4a38b5b2c7151e42L,0x1d5dd94894550168L,0xf2adeb5b7b3d1d93L,
-        0xe15c42fa36661a89L,0x7d55a3f27a3aee90L,0xbe1b5c39d9d350a4L },
-      { 0x9c4d6fa2610f16b8L,0x7b96051da60fb18eL,0x539762fa496c018bL,
-        0x048ffa39168a8f22L,0x33486ccada1c0a58L,0xe216d6be9fd687a1L } },
-    /* 64 << 154 */
-    { { 0x11a8fde5f0ce2df4L,0xbc70ca3efa8d26dfL,0x6818c275c74dfe82L,
-        0x2b0294ac38373a50L,0x584c4061e8e5f88fL,0x1c05c1ca7342383aL },
-      { 0x263895b3911430ecL,0xef9b0032a5171453L,0x144359da84da7f0cL,
-        0x76e3095a924a09f2L,0x612986e3d69ad835L,0x70e03ada392122afL } },
-    /* 0 << 161 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 161 */
-    { { 0x3ee0a31c6754f492L,0x02636c6b96769ff5L,0x90a64f4ff0fbfa96L,
-        0x513f054efafea65aL,0x796ba7479cf4b9f9L,0x3198c068932a9590L },
-      { 0x93af8a65549ee095L,0xb8b6f72ca212760fL,0x23bc71e9c1a46c8fL,
-        0x000643af4c9bca72L,0xb6d967c7848cea30L,0xe06b6b4e73312ec2L } },
-    /* 2 << 161 */
-    { { 0x52ec99561d85a725L,0x0f9be000f3208012L,0xe881337c6dcc7816L,
-        0xe4e7b6d9791f7cf1L,0xfaa717aa59885a42L,0xb1bbb5c7f9c01e41L },
-      { 0xcf208d58a0361880L,0x24426e4020afa350L,0x7261871b264ce04aL,
-        0x66be4a86cd42026aL,0xc5397b77829f99feL,0xffe4a6bc24578e2bL } },
-    /* 3 << 161 */
-    { { 0x0733667af822d5f9L,0xd7f81b9e18339700L,0x7ca29b27a7bc265fL,
-        0x9fefa698eb4f0c7aL,0x7b6f351301f27630L,0x72f0f152fcfb1133L },
-      { 0x9928d9d05c81eb14L,0xa16ac36bed8ff6cbL,0x7fbd1acbe041bef3L,
-        0x7d25159af8d99854L,0x2ec3a7d8db5a0dc5L,0xd86fc4cc87e3e933L } },
-    /* 4 << 161 */
-    { { 0xba8418f34c20e15fL,0x7eed2494fb54404eL,0x4e6438d7bce1e82dL,
-        0x9e489b3eb397915bL,0xa9baea9ffb4cf659L,0x8bc5b2ba42ef4affL },
-      { 0xae3fb5337e62a188L,0xcd648493496e8e35L,0x89728e28defe047bL,
-        0x63a8c679d24e60feL,0xadacbf92470f710cL,0xd470aeb95e198d3cL } },
-    /* 5 << 161 */
-    { { 0x8e3807dd7a3e874aL,0xc4edb45b89ac3a99L,0x9ba9cdaf4bfd77d2L,
-        0x31d33f59b540fffcL,0x404c87790c60028bL,0x7f89da7189688c81L },
-      { 0xdd3390e5504b862bL,0xdf1e721be937efe3L,0x5833d0df63e6036fL,
-        0x7712527a385fbab4L,0x6347236bd210c0d4L,0x12d7733c8d238e2dL } },
-    /* 6 << 161 */
-    { { 0x0ecb0723302e943fL,0xd180ca1e4a443e78L,0x39e7891123dd2c9eL,
-        0xfa2a440401fe50bbL,0x4678e7ed154d39d1L,0x64ddaee1af513e01L },
-      { 0x6d4c615a634904daL,0x937c6326ba5c900cL,0x70658f5feb6c8582L,
-        0x2a04fd51f3d65166L,0xcefe7472b676eb47L,0xd3565a71f597d887L } },
-    /* 7 << 161 */
-    { { 0x299520f4e5dcba80L,0x522ad4b52b758045L,0x54eabe27193b36d4L,
-        0xda4d3bff45e9e442L,0x44cb9252637311f3L,0x4cd620a971338ebfL },
-      { 0xec908157cc9524fbL,0x2731a11ba8c955d7L,0x72a5e0545cb94009L,
-        0x7eee8f3b9126cfe8L,0xc71e29203dd5d5ceL,0xe886f91a22069494L } },
-    /* 8 << 161 */
-    { { 0x294d29550db962c0L,0xd6994ef46d523ab0L,0xfa1a7f9158f95037L,
-        0xb137981164420c94L,0x2b686e1e093caea8L,0xdef10944f9e1c340L },
-      { 0xcd1beecf611d9bf5L,0x34696c50a1b5267bL,0xcecbc7192dfc2b16L,
-        0x2cdb955dcee7e854L,0x9fefc321f2635cc8L,0x276d2e4f2936f7d3L } },
-    /* 9 << 161 */
-    { { 0xa9de8b87d38e86b2L,0xe0c2f232780d2fb9L,0x742d7fe9449e78b1L,
-        0xc6946b7ef29efe3bL,0xbd59bcf985de7456L,0xb070ebfadb492e64L },
-      { 0x5cda7ac8a0ff7c15L,0x6e0c0062c4f435c9L,0x4d8e5395974d4be8L,
-        0xa0a0c5984e6d1681L,0x5debadbea14cbda0L,0xe176a772ae30b167L } },
-    /* 10 << 161 */
-    { { 0x25df81bce7b19019L,0x3058081aa6f45519L,0xccafbccabb3de1d7L,
-        0x2b794710c515b1b0L,0x74b81bf87168d9ddL,0x92d5e462ec00571eL },
-      { 0x865e29efdc670943L,0x2350537c7f6299c0L,0x9fdf787ea947c6f8L,
-        0x9601cb21cabe0f8bL,0x2899d5f49313b000L,0x4873bc9f66a9e8e2L } },
-    /* 11 << 161 */
-    { { 0x2829add72f163a26L,0xf96dd91156909488L,0xc16d185f769ccb59L,
-        0x13c4b566e9c6da4fL,0xfd68110bc423ac34L,0x64911819cfaa9fb6L },
-      { 0xad7c7d2b12dd07e5L,0xbf7eea90abc19a50L,0x1db70ed108d6c57aL,
-        0x01da2b41446deeabL,0x163a5a5fa4f6a367L,0xca9f4bcca10c8a53L } },
-    /* 12 << 161 */
-    { { 0x2132c32e68206a00L,0x20bc1bb483bab6d9L,0x99fa3be2bc4ef156L,
-        0xe515cd05ebbd6c33L,0x9c06d7670d2c8ebcL,0x2fa7f3b68a79c884L },
-      { 0xa4dad16a9137df25L,0xc4da20f833598c21L,0x32f5d9e3867cb117L,
-        0x8f00fb54da7cf533L,0x428cf9e3870ef3b4L,0xa8b6c754521b8428L } },
-    /* 13 << 161 */
-    { { 0xe9b297be7be5e610L,0xd09f63c304b49303L,0x9110a9b381ebb814L,
-        0xc32af8986bf19586L,0x5c4939571da2280fL,0x89e85cb41becc5f5L },
-      { 0x1068cb528f1a396eL,0x49dde483440a6144L,0x51280400b5d6aaf0L,
-        0x0e8ac4a53e8ea21aL,0x32f4a91d92582420L,0x5eb09649bc35e408L } },
-    /* 14 << 161 */
-    { { 0xea3a2f0c32f235f8L,0x8281bfe5bf4a8256L,0xf44e1319577b9e1fL,
-        0x31732d1bab2d9ac7L,0x6e7682eff375c5cdL,0x7069fbaf0913ed09L },
-      { 0x693257dcf690cb94L,0x576a85b2dfa6e07bL,0x72e00515447fe4e4L,
-        0x00af617509a2cd8bL,0x05a61365902ae75fL,0x8310b16db5ecb690L } },
-    /* 15 << 161 */
-    { { 0x4d22c79cb00fd8f5L,0x432b09844c9ed8b2L,0x43da93b2a85b3f0aL,
-        0x0522df2ac4163655L,0x2ea7210b77214019L,0x8280099b7051a9a3L },
-      { 0xcd0a829bb11b9e80L,0x9bda76c7246ee656L,0x1ece801bad70a0faL,
-        0x4f8162f096721d79L,0x341faae58e7c3b0aL,0x6914420b12e57cf4L } },
-    /* 16 << 161 */
-    { { 0x4962c02167141724L,0x5f81eabeabe7762fL,0x78549a79dd189c3fL,
-        0x47675cdd6ce517a7L,0x5102294e32d6bb97L,0xb19500c66ed1a029L },
-      { 0x3efb54e8b16a206cL,0x7dbdcc250dc135b8L,0x955bc2948967fb04L,
-        0x373615c9be04e909L,0xf1fcf820111efad6L,0x8530f97d6fd2e97aL } },
-    /* 17 << 161 */
-    { { 0xdfff3aceb3b513d3L,0x569f9d42fdaed4c5L,0x8615a9cf71cdec34L,
-        0x2e700c34ceeedc56L,0x9047d770a48d0682L,0x3fc845780ee5893fL },
-      { 0xaaaf3d90ab5b432bL,0xc846365184cb412cL,0xd215030d928ec9bdL,
-        0x237a710045b97accL,0x0f533045ff791353L,0x093a0d21a1899bf6L } },
-    /* 18 << 161 */
-    { { 0x5da20568b4bcee44L,0x878025840f5bd27dL,0xc76b965c1c06dbccL,
-        0x89ea2cceb1492616L,0xaefc8746b460c4bdL,0x679e6edb994d1756L },
-      { 0x4ff93a4a271f3218L,0xae496faf3b970a74L,0x062df3a7ba6c44f2L,
-        0x1ede93021990ede1L,0xa797899af9a1e2adL,0x9b1bcf6d82599120L } },
-    /* 19 << 161 */
-    { { 0x63a38a51bd04f6ffL,0x2ddc958bffafb91aL,0x198895cdb19b2b08L,
-        0x1bb494246f65b797L,0xf75df140f157b79eL,0xa188dc873d599990L },
-      { 0x8b926eecaeac83c2L,0x55fe56f03b82900fL,0x10eb6dd33b11d061L,
-        0x8b44c14c3aec5877L,0x294b83e8b486e651L,0x469e552f79524b3fL } },
-    /* 20 << 161 */
-    { { 0x69386f451a746ed1L,0x4319649bcc14bac3L,0x006292b3b647cefcL,
-        0xc771b7cda20e2a37L,0x838714d2396bf329L,0xf263e66759c0823dL },
-      { 0x7ee258f0725e3ecbL,0x37638f9934218254L,0x4d57db246fc6d0f6L,
-        0x8c85ad7322c2dd47L,0x2300a9129c59cf13L,0x63971b0bee08c1bcL } },
-    /* 21 << 161 */
-    { { 0x180032d98c2e7698L,0x07d4d364a851f2faL,0x0070bbdeb50b5986L,
-        0xba05ee28274eee7dL,0x28843675b0f482e5L,0xdcc9c09ff82b2229L },
-      { 0xae0273e7f061df73L,0xa3856b6644e3a740L,0x4b13b141527b80ceL,
-        0xfd83b7f0e1b7dabdL,0xa3b5a2f1536c04c3L,0xfd09c77bb29e2bf3L } },
-    /* 22 << 161 */
-    { { 0x05fe64c5436e7c2dL,0x5b9f0b83ebb1ee26L,0x13dcbfed2977d6f5L,
-        0xbd16c6b7db552375L,0xaaeacc2342da342dL,0xe427d2ee0cfec89dL },
-      { 0x3097ac7b038b280cL,0xa2b79d623aab3c43L,0x9771fff4a40f585aL,
-        0xf50974e0b15aa16cL,0x114e51137a847284L,0x574ba8efb4fbe083L } },
-    /* 23 << 161 */
-    { { 0x3c8dfa3b05e37e4aL,0xeaf691b47408352aL,0x2e1ce9863c9a8610L,
-        0x8d024a814acfb35fL,0x3766aa2184ba6baaL,0xc336f82eb91f5a27L },
-      { 0xe2d46985412ab7b4L,0x397f0411ded6de53L,0x067241c3544768fdL,
-        0x9206d3839b71e023L,0x8571fe1e3f51c3c9L,0x0abdb52e3ba345abL } },
-    /* 24 << 161 */
-    { { 0x85e1e4abd5281f9bL,0xc7e517ddc653b0c8L,0xc0b84da1a717e034L,
-        0xf1a63b280f1bf3dfL,0x47b74201aba6fd41L,0x9cf3da633518fcabL },
-      { 0xe12511fb23bb6e77L,0x13b2cb4438679d79L,0x20e0fb10db5665c0L,
-        0xb5448a33b99f4d5aL,0xcb1847ad46b7dbceL,0x41f156b8fdcadb87L } },
-    /* 25 << 161 */
-    { { 0xd09b746793c8b2a8L,0x36c760204357f251L,0xa965d1771ac04cf1L,
-        0xca49d59427740f18L,0xbba973ed76c53b33L,0x7f8c2d264c17d867L },
-      { 0x389afbbb00966b80L,0x92f2097a55988387L,0x316a85393a47c746L,
-        0x259ae094ac3a3a30L,0x337f1d3f0d61ee3cL,0x02d5a60ca9d928ebL } },
-    /* 26 << 161 */
-    { { 0xd9f370e42af77d78L,0xf9cb8d588bfa692fL,0xdc8a4c24fc9203d5L,
-        0x499b6fda3b8138f4L,0x051a61f19118d3b8L,0x89207fa2cb251fb6L },
-      { 0x32247676bbb0e12dL,0xaa1c59822900bce2L,0xe7beff9c7df4f6c1L,
-        0x595fd551757c1449L,0x2fe91299650e8961L,0x2db30033f480bf30L } },
-    /* 27 << 161 */
-    { { 0xe796c05d110c4d7fL,0x12f87395d4af6817L,0x849cd9e6b5512cb8L,
-        0x23b8d0a4adb71290L,0x28cc808bee64339fL,0x3072d46fcc27fd1cL },
-      { 0x8d9183af47f675d2L,0x9959aa9102c84561L,0xdff7591708216e03L,
-        0x868c237abd01b2f0L,0x4c00c229a53e639fL,0x2c0667fb07d69862L } },
-    /* 28 << 161 */
-    { { 0xb4d2324f9470e571L,0x3af515979ca353e5L,0x479a3a796ae5778bL,
-        0x387958a7fb1d9c91L,0x4e606558cf91edc6L,0x428384ca495a3b00L },
-      { 0xa49f67da10f7146fL,0xbda553e08e25f80fL,0x21b034c4cb919bc6L,
-        0x1fb454bfa7930462L,0x1fb2ac9b255d7fd8L,0x491cceff8b197e6aL } },
-    /* 29 << 161 */
-    { { 0x0a0e0cd91f5a179fL,0x699d872713841e78L,0xfa93f774fc47f9cfL,
-        0x8fd0019c02933131L,0x128efed95aa46834L,0xe20226fdf080cb8dL },
-      { 0xf7b05fc3000445dcL,0xcc818da1f52f5ddbL,0x0fa803d07299267aL,
-        0x99cf0ab4f9f172a0L,0xb5dd3c36b08d03a3L,0xfafa550ea1c2f73dL } },
-    /* 30 << 161 */
-    { { 0xdda52c89d2da4e36L,0x0348948d5c333386L,0xe3a5be8b37917590L,
-        0x42488ae238e4aaacL,0xa6ecb5be7a44eb6aL,0x3bfd640ea9b27b56L },
-      { 0x23b8d107bd05946aL,0x01018c45bb8034bdL,0x1ffc958cd2e058fbL,
-        0xeadc93953fd43516L,0x0659b83ea0491dbcL,0xc36115008cdee521L } },
-    /* 31 << 161 */
-    { { 0xc0f3761c034b0a6eL,0x2c4ce5481fb66b85L,0x7a5d3143410698abL,
-        0x4bc07a795d59e8c5L,0x176a10eb4d19ba85L,0xa8a68c5526dae045L },
-      { 0x7eed57fb21625985L,0x33ef04ae16c62e63L,0x78d0acd4562454bcL,
-        0x5878d7f2a44a1608L,0xa51a423a0cf11971L,0x1934e3f2f21fd6ecL } },
-    /* 32 << 161 */
-    { { 0x3f2b5bd4b4805410L,0x201ca7a9f96c5ee7L,0x532ef2db94256fe1L,
-        0xacbfc459318ddb03L,0x2375f9fd5f24c8e1L,0xd27c479b370783dbL },
-      { 0x1bd461e856541ae6L,0x78f054a77f7ea49aL,0xc9f8777d8845f315L,
-        0x81aed29697fc92c7L,0x9f2f8d7949929540L,0x7531e78bff5ebfe0L } },
-    /* 33 << 161 */
-    { { 0xd4710d5a16ba6a11L,0xb172d8a0e056d27aL,0x01879d2b8301e5c0L,
-        0x100c3e706f6a3396L,0x4a33d4a4e4e1cab1L,0x48016f0f08017d74L },
-      { 0xbde9e0f18cec4fb8L,0xd8604899eb15c26dL,0x17ac5d884a21f615L,
-        0xb8f1e7060cb0cddfL,0x0ead85644a0d51c2L,0x7bff69bdfd6bafa5L } },
-    /* 34 << 161 */
-    { { 0x028acd1cb6b73820L,0xc931f4bc815047a8L,0x22c6159f1ede2c60L,
-        0x571dd40c99a4820fL,0xbaf08be0b450f472L,0x6475536aeb5bb639L },
-      { 0x033568e4d984d0c7L,0x2ab7dd4885e910d4L,0xb0d76698d0c632ebL,
-        0x954d00f3e3c34a46L,0x53e8772de651bc5eL,0x4910b07b6e3564f6L } },
-    /* 35 << 161 */
-    { { 0xe1550b37e758fcf6L,0xfea2446f763120abL,0x5db50b38124f80e6L,
-        0x5cc28a7830c3301aL,0xa935846fd950d5b9L,0xae3e87f2ce43ebe3L },
-      { 0xf033b25b7d0776a5L,0x941d186e882c5916L,0x0430c4503d6d4f7dL,
-        0x4e0641c0726f30ccL,0xdfcdbd1626c66c27L,0x43c4590ceb00e495L } },
-    /* 36 << 161 */
-    { { 0xd8cbdd8b70435ca2L,0xede7fb3675af3a63L,0x6c1fa971090b36bcL,
-        0xdd2292eb85455ed2L,0xf9c3889c7fbe5041L,0x2ec87c15506d605fL },
-      { 0x2691b0a28b099c25L,0x27961c8b89944e21L,0x8e9e18a5147f5304L,
-        0x6a82e35baf7dce25L,0x6745339c32a4bbc4L,0xe0bf0e0ee026676aL } },
-    /* 37 << 161 */
-    { { 0x3c6fd1ab352a43fbL,0xe57e7f8cbd68dbffL,0xa4a5b74e9ea30f41L,
-        0xacea695d2d5a3a34L,0x183be19adc8fe4d3L,0x22fce6281b9f9d1cL },
-      { 0x8b1ae75da5d35bc9L,0x213face52c673f82L,0xa879851d6568d549L,
-        0x327c59937f8d8112L,0x56b982e2a7869b71L,0xc77afa6110bb8086L } },
-    /* 38 << 161 */
-    { { 0x1dcd57541ccadbe8L,0xd2d8c36512b37773L,0xc1a7a5b7d50e8680L,
-        0xab1a00b3e19d155eL,0x58f4bcce7a9776b8L,0x1c02df3320d9d7aaL },
-      { 0x24f00d31db8cea6fL,0x2680b029d4aa0785L,0xf3db2889c48587f5L,
-        0x1811dd2521a7fabaL,0x5836964bbf820746L,0x3b118bab97aca83eL } },
-    /* 39 << 161 */
-    { { 0x14babe6321d76845L,0xf7b4c662c60f5934L,0xbf212c4434de5b23L,
-        0x57c478a35bdf0a35L,0xddecc21535dc8714L,0x1609b7401571e91aL },
-      { 0x41998697ba45b40aL,0x6ef382d468cf383aL,0x77a24c1488c0ec9cL,
-        0x0a5e245297b377a4L,0x2b9d72bf18f9804bL,0xa4c21326f51ddaacL } },
-    /* 40 << 161 */
-    { { 0x397049f4c785c7baL,0xa87db27da1decf9dL,0xce6d5ec1e7862c0cL,
-        0x17a98db834350bf1L,0x6ceccd8030ec8d74L,0x4790cc07bcab4aa8L },
-      { 0x4378b1feb4f771a8L,0x3c54588b404dfcbbL,0xbddf0faa8d60f86dL,
-        0x987583da3573271aL,0xb0afe4ec4b8f8032L,0xb5c44605b69d03f6L } },
-    /* 41 << 161 */
-    { { 0x7f69e8bfed7d4230L,0xfe54dca7d8ee8cbeL,0x6ec2b75f71b72d99L,
-        0x97e2b30f8dd8338fL,0x9916dcdbbc75bf05L,0x22f4291aad5c114cL },
-      { 0xb6af2e86f9ba5c98L,0xdd7d738dfd6fc5d8L,0xce7af7d544649034L,
-        0x2979be5cd163b098L,0x5acd51858db8d84cL,0x82b0e4a5ca64d1c0L } },
-    /* 42 << 161 */
-    { { 0xf27f5f4f480ef46dL,0x2f49f44fcba811f7L,0xef40508d43961b6cL,
-        0x0f6778e8df9fb37fL,0x97aff7e8446864b5L,0x29aeb86d4d264e1eL },
-      { 0x48baa1984901daacL,0x91ade9db02b483cdL,0x00952a61cdb6abc4L,
-        0xa1a51250de7f22c9L,0xe6adfaacc19ec8d5L,0xa7d2f066fc39838dL } },
-    /* 43 << 161 */
-    { { 0xfbe20a8e270bcf2fL,0x9882e7a0c35c60f9L,0x74d8e63f560e716aL,
-        0xdc689649bae281e2L,0xd454571036d9b680L,0x0a0f1c681740ca0bL },
-      { 0x228dd692dadf3782L,0x6ab0bede632d6e56L,0xae2f5535e1b7add3L,
-        0x2ce1c6fece308fa6L,0x7a11b255db881355L,0x903007107bee5bb7L } },
-    /* 44 << 161 */
-    { { 0xdd55c21a9f1a57d6L,0xc9e1dcf9f6043ee3L,0x0385e3f36747e2baL,
-        0x6511555a932e55b5L,0x7f4053b3700e73f6L,0x23adf65d992916a2L },
-      { 0x4664bf231bfc40a3L,0x8400e8f27974d63fL,0xb70f104dcff08198L,
-        0x4c44382f4d1710afL,0x5593a751374ec807L,0x6af17e84462c6112L } },
-    /* 45 << 161 */
-    { { 0xc1ad3eb7b8f1f38dL,0x74bb37c88d462e67L,0xd127b6e6246b0388L,
-        0x3054aaf0824defffL,0x4e981d2e487809aeL,0xba76b7b805ead528L },
-      { 0x0a167834a7a32c6dL,0x3451ee930268c370L,0xab4da0971b625d09L,
-        0xdb94f9aa304e60b4L,0xf3bea685ab50c663L,0x8d929a0142d4c11eL } },
-    /* 46 << 161 */
-    { { 0xfce03e6eaa911497L,0x32cba5cf546ab5ecL,0x631123d0b1a71e10L,
-        0x49f3a80906bcdeafL,0x783373bcfc538ca5L,0x3590890ee4b47edaL },
-      { 0xb5c84fff39ab2df0L,0xf681be9ac737b24fL,0xf37bbc68b2b0052cL,
-        0xd9f03cf6fde04d93L,0x23171bc2e43803e3L,0xeda51460040de801L } },
-    /* 47 << 161 */
-    { { 0x0e09a74d0bccf0d7L,0xfb429a675b58037aL,0x1f2660d2200b89ccL,
-        0x489b332e04efc617L,0xb53d4f65f38ceeb4L,0xeaaf759546c4aa4aL },
-      { 0xc6cff1fa714b9f97L,0x6a647072ec0dd5b7L,0xcbf59eb1637384bcL,
-        0x043003cd2240993cL,0x134cab640497f9afL,0xcdb44a4ca9fcc655L } },
-    /* 48 << 161 */
-    { { 0xbd9a66d6543b3e41L,0x2948c0a62ae73774L,0xa75151dfef38e9b3L,
-        0xa3348ae5754fb3fbL,0x1218fa8f13069b72L,0x532bb0510835dfafL },
-      { 0x2121a98edf2be3c6L,0x85980de69e5199bcL,0x1b23a4be1a1eb6eeL,
-        0xb5c48b92adeb3ae5L,0xeebd305dedea2b45L,0x20543f04c37198eaL } },
-    /* 49 << 161 */
-    { { 0x9eb2d599fa727a5dL,0x27cce415105643ccL,0x2face9e8c06035deL,
-        0x967f70e4c5d916cfL,0x477224ece7cdc451L,0x70a3de4ea9a34198L },
-      { 0x84ebd23a62628f21L,0x517cbb6097f55e75L,0xa4dc8d8ccbfaa795L,
-        0x821d53c1a9c17b12L,0x04e94aea5124d5a4L,0xc72432c083efbc58L } },
-    /* 50 << 161 */
-    { { 0xb7a2090999f73a42L,0x019bf3a630db0901L,0xcf0c2a7281cfde4fL,
-        0xf656a2117b0b04f8L,0x88cedc1896043e90L,0x4482c3786ae4c551L },
-      { 0x169f25d3dc70c774L,0x0f8cc86cb552fbe4L,0x17d0556b88d2f3eeL,
-        0xf5af9d6ff864ba64L,0xcd509d82f93dbf7fL,0xf00c76f51b98df35L } },
-    /* 51 << 161 */
-    { { 0x19fbeb37856e35a3L,0x1788055c88f36390L,0x9da657f165361c9fL,
-        0xc9f327b7e35a36b1L,0xdc388bcb04b9174fL,0xa79bf7d3349a87c8L },
-      { 0x865958b202289b24L,0x4096845ecebc4686L,0x1127085b42ce096dL,
-        0x56f31d12735241bfL,0xe2239ab543b89a15L,0x477cc5b3a6a1f0f2L } },
-    /* 52 << 161 */
-    { { 0xc44c81525d54607fL,0xe742a6f35c9ab491L,0x50df96d9be8c2ed5L,
-        0x3aa8c9b4e7f5cc4fL,0x577d534c3f12e8b5L,0x03f9573da33a57b1L },
-      { 0x9172e1aec5c0c895L,0x64fa9822a2e19442L,0x17db2388178a10d5L,
-        0xe75a6bdc2755ed55L,0x6a6d9dc3f9188333L,0xdd93a3b83eda0c41L } },
-    /* 53 << 161 */
-    { { 0x353d1f4bad0d960fL,0x6fbf4355846e07dcL,0x2156ae3c3a1bb429L,
-        0xfa95a260442e6e21L,0x659a856ac2b31d7dL,0x9b56cd6563ecb2d0L },
-      { 0xac9ec96823a787b7L,0x4102d82e320742deL,0x470ee0ea50a422a2L,
-        0xd3ca8414af386491L,0x28d8994b1a0d8192L,0xe601e4e2b3f117dfL } },
-    /* 54 << 161 */
-    { { 0x906c071c4e9ab844L,0xeb1a5806f085a058L,0x2f14c3ac176e2f59L,
-        0xfc1a3020bd19f909L,0x5e67d789ac060e45L,0x75dd23a7b707084eL },
-      { 0xb9dec51a07e89974L,0x50c9cd0b38f97f3dL,0x368b0f53e14cd6fcL,
-        0xea4c7f8b81ab93b2L,0x774ca31d1b7aeb66L,0x94c14607288f51a9L } },
-    /* 55 << 161 */
-    { { 0x18c41b62fe32b90aL,0x2e11c7e6be96e1aaL,0x72832e8c428b9d81L,
-        0x93f63cc0058ca451L,0x603f18af7cc827f1L,0x31c8b8fee038eb26L },
-      { 0x21158b24411cb335L,0x48dbbed70d9e953dL,0x445e244e4d62615cL,
-        0x2f5309ac28ef4922L,0x12ee44c60d4dc305L,0x7dc0363f56f7677aL } },
-    /* 56 << 161 */
-    { { 0xf73471b5ef349ec5L,0x014dae75565aa6c7L,0x57cb497dae082cefL,
-        0xdfcbf2b5c3e563bcL,0x22149c0fd1125f95L,0x529f419b425bc019L },
-      { 0x049476deaee2094cL,0x3490c0490cbbb583L,0x56c5c62d1256424fL,
-        0x0a118ee541bc66faL,0x0d8e9ff8296ada14L,0x34356e8b0134f8c5L } },
-    /* 57 << 161 */
-    { { 0x5e41ebd6eb28f97cL,0xe054a055d6a393f8L,0xc0a19e38db6555e3L,
-        0x1b40c80fbabf4f9bL,0xfca17ae2780d5107L,0x89ae096f379701feL },
-      { 0xd79be295b53ebb0cL,0x3112d3a5942b2247L,0x6c1f44d30de10f30L,
-        0x2a17fffb0041f800L,0x13082de044552d55L,0x319aa9c0cd11c85aL } },
-    /* 58 << 161 */
-    { { 0x63ea1a6ae760373bL,0x00f2addd11742d8cL,0x46b17c9cafdd38eaL,
-        0xf4121c5a4c7e78d7L,0xbeb70ef90048e4f0L,0x0b60c2b6bf7f7348L },
-      { 0x4bbadf7632969689L,0xcb6a8a20e12708e4L,0xc43ad55b5638eb7aL,
-        0x4a72b02b3d27bf7aL,0xecc95d92e5a54c30L,0xae52514bacc45d53L } },
-    /* 59 << 161 */
-    { { 0xbf5a2b5132d1f651L,0x6a2a74116e438838L,0xfa6353dd6c067d61L,
-        0xf6918622b96ba12fL,0xf0fa254d45f595f3L,0xa0f0cb4b92f680a0L },
-      { 0xf13ba734463e3f27L,0x7e3d4eb1a32d7f9aL,0x348baaf26f6502dfL,
-        0x8021a9977b830e5eL,0x503f38ca55caf601L,0x27dde9e8f4bb74b6L } },
-    /* 60 << 161 */
-    { { 0xfd5a49310eb63b3cL,0xdb9f1a1510175713L,0x044d42c23e11c321L,
-        0x5561f2e9b7961e8fL,0x70b3f7557ec7c597L,0x5dd9671235aed561L },
-      { 0xc6cdc78ee1bcc2b1L,0xebcf6f87f1117aa5L,0xef470e0ae3669f78L,
-        0x87b13e0fd38e0fe8L,0x01bff01439c755c7L,0xa66f2521c37529f8L } },
-    /* 61 << 161 */
-    { { 0xac56a8b223f78e49L,0x908c4be58708f0b5L,0xa63aa4191536f6b0L,
-        0x8c08578fe5a95771L,0x5d2d1d6b9c2ae8daL,0xf3e4ef12f1527cc4L },
-      { 0x46c1ac13920a90bcL,0xc0bc661d28ba758fL,0x9114e016585ef450L,
-        0x8ab6a1f6e899a032L,0x57d4089606b658baL,0x2ef87621eb83235fL } },
-    /* 62 << 161 */
-    { { 0x033a4d4c4ebdc925L,0xff239a3efe1b346cL,0xd7ab2fb388d03949L,
-        0x56ce2e41bd6e8e4dL,0x3826aff0e55da68dL,0xc9c7ba7451267f98L },
-      { 0x5264a48ae6710c7cL,0x3635f1d4e7605975L,0x53a1849a94be903cL,
-        0xe4fc3617128d5859L,0x7686804d7e4dd785L,0x6f04942d2dbcfe4fL } },
-    /* 63 << 161 */
-    { { 0xe80b7f5562927d6eL,0x92b98c350c0cc89fL,0x9522896d15117facL,
-        0x7a224db5fdd3ffcdL,0x9502ecd8fbfc8908L,0x4e1dc71ac593105eL },
-      { 0x052aade62f0536dfL,0x0c7cc371f324268aL,0xe7c62f2ccd843bb4L,
-        0x77d48fa36df2c231L,0xb2c29803cb8f68c4L,0xad7ccf519bb9fddeL } },
-    /* 64 << 161 */
-    { { 0xd0960bd80fab968cL,0x6899e4faae028db0L,0x975ccc77a9850916L,
-        0xb41bd531e5f81554L,0xbdf8ab57c8cff2c8L,0xea306a01f5822be3L },
-      { 0x1f0ac0e7befbdbbeL,0x72f4b0e960519f87L,0x22bd8b82e3cc86abL,
-        0xc43bde8d2b2beaeeL,0x8168781e412617ffL,0xc5610627b7ee7096L } },
-    /* 0 << 168 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 168 */
-    { { 0x0869457a01a8eb44L,0x522239857a7bedd7L,0x2c04b0c600057505L,
-        0x468be6e80b09adebL,0x2f3bf32b6f81474fL,0xf54f949da712ccceL },
-      { 0x292cee424cdd8f2aL,0x3d9fdf6b9c221be1L,0xe54da66156f47b2aL,
-        0x2ca76835840b5d1bL,0xb52adb6a8a6e8cf6L,0x8b416a6bdade153eL } },
-    /* 2 << 168 */
-    { { 0x65f7d2c18565afc9L,0x764c897170fa7b82L,0xe268634c986436f2L,
-        0x6334d8d133356165L,0xf17164269ec7957dL,0xae834331b8093983L },
-      { 0xedb1fe5cd2dfcce7L,0x6195b86368463e5cL,0x746e5f4da691b665L,
-        0x61171291e1e2727eL,0xbb4aa8f16f27b029L,0x1037657d7f42c197L } },
-    /* 3 << 168 */
-    { { 0x2af8bdfa970f96adL,0x19d09a6dd0c86e6dL,0xd57fd5ced7046d2eL,
-        0x5ea025f7d545fd33L,0xe2ccb6f43161ffd7L,0x3ca5286209406242L },
-      { 0xf3536d60b5c90905L,0xd086e3b9d5b290f6L,0xfd15b06a5cc55444L,
-        0x61b0febf9a9e2a66L,0xdc3c0576653dfd02L,0x357774230a8ab51fL } },
-    /* 4 << 168 */
-    { { 0xfe19901b0d5b855aL,0x5facb9552f745022L,0x92fd012556c4ce5cL,
-        0x23172d65938c89abL,0xa71f8a33aaa587b1L,0x511a3745b55c9c50L },
-      { 0xec005f6a7185086eL,0x6dfc2761f894c6abL,0x98a4d67f9e26361fL,
-        0x7f0a2b2321389c25L,0xd158820795ffbceeL,0x4d6b29ab9f36a888L } },
-    /* 5 << 168 */
-    { { 0x5ffec1d78c04bc6eL,0x35f052d16ca0dde2L,0xfbe3844c649c850bL,
-        0x450263e610fa337dL,0x44f7c8f40280773dL,0x27de5d3ce896966cL },
-      { 0x2587f47598d0378dL,0xbd49c97f4e4f6e49L,0x9e902f667071543aL,
-        0x03398aae06577b74L,0x030926d6910bee13L,0x5576575bffa92cecL } },
-    /* 6 << 168 */
-    { { 0xe4ee33460562cd7eL,0xd1d385a3f01ba45eL,0xd817ca667ce11848L,
-        0xda222cddcb69c7eaL,0x74ac74709d680afeL,0x3770357cd9596ca8L },
-      { 0xdff57da7f7759bd6L,0x090426be20d5c726L,0x71c0ba28b7fbc1b0L,
-        0x60faab1c13d4ed0fL,0x6fbe3567ea3a2ef2L,0x0dd3835c4e577dffL } },
-    /* 7 << 168 */
-    { { 0x9b758b512ce27e38L,0xe4148475a39855e3L,0x4669b3c39ee88a77L,
-        0x3f36a671105e1ec0L,0xd0f30e5d9e88ea13L,0x6346df15baecbaadL },
-      { 0xec65be65cf4c6510L,0x843efca194e1989fL,0xf7195d29942ce52bL,
-        0x12201877d3ce28d4L,0x9c962aa1a97fc904L,0xc4fedb3465c5a55eL } },
-    /* 8 << 168 */
-    { { 0xeccb421ed0a701a5L,0xad4cb9a5b60cd286L,0xd344da9e05a53972L,
-        0x3a8035e07bc99feaL,0xe0214485c0f77bf5L,0x50ada30ee54df78aL },
-      { 0xdef45af64ec2d576L,0xa05d61845f9a8678L,0xa9b17db1c337e017L,
-        0x026a4f66b84671d5L,0x606142343b7d696dL,0x71ed9aaf81cfd22aL } },
-    /* 9 << 168 */
-    { { 0x62805305695a3f30L,0x6ce27626e28e8fe0L,0x507386af6a54f410L,
-        0xf8c5f738cd5c7effL,0x3ab2db9e347e85d7L,0xf5b635b0b2161b68L },
-      { 0x99009791be2e80caL,0x6dff3030c13910ddL,0x2beeca057ee8700aL,
-        0x12616fb11ac7e09dL,0x38c9ef9f9037c2e4L,0x39181fbf9c140344L } },
-    /* 10 << 168 */
-    { { 0xcdd6aee47aa54433L,0xf5ecb432b80336f5L,0x690bb949a1380829L,
-        0x219d659ca9c9d720L,0x74abf2dd7e5a3260L,0x405ee136025c55d1L },
-      { 0xc5c592cb1cc878a8L,0x119a38be88b31ecfL,0x4fb00f82e94e39e7L,
-        0x66bf72e59412c068L,0x9337c8f30821142aL,0x477216340c24ab67L } },
-    /* 11 << 168 */
-    { { 0xa6c7953457fe953eL,0xd70d3d2f3c76ae58L,0xe1e047b52c531c84L,
-        0xc71f3a9973735602L,0xd70bdb0f7ba0628eL,0x280fdd4e0e3e3c0cL },
-      { 0xb5a3f5823e414e26L,0x55b2eda8f44dee7eL,0x8e1d024b2f5dd828L,
-        0x21f054eb3b1bfdf9L,0x3d3ae74cc554e1cfL,0xa0a5863ffc42ec16L } },
-    /* 12 << 168 */
-    { { 0x1b76a3c5439ada39L,0x818829cf89236ae5L,0x2277cb7a750f8129L,
-        0x44aa462a4d46502bL,0x7a12e1e164f06dc8L,0xb9a3300dba5630cfL },
-      { 0xd2cc8d9c55b05f4bL,0x6d0b0b88a700be7aL,0xa7be99699617500cL,
-        0x2b5b8deac03f8a50L,0x712f703e785b3dfdL,0x96a5a60accf93950L } },
-    /* 13 << 168 */
-    { { 0x9838155fbf9f72c6L,0x3ab3cb602c10e57dL,0x7ac228ef14bcd75eL,
-        0x2c167e15027923fcL,0x678869d1267471c7L,0xeba35e857ec3582cL },
-      { 0x22d290a9a3478eb3L,0x542092ca1309aa14L,0x8bb5c69be2e5d3acL,
-        0xf83c5a0a81652736L,0x9cc576227280cd6dL,0x6653436f3b0f49a1L } },
-    /* 14 << 168 */
-    { { 0x7ad1f1bab497d900L,0x9d0512236c9dd5d7L,0x0ed27e5bffed3df8L,
-        0x659028a775d2fa72L,0x69bd68154581f377L,0x142c2088e2faf671L },
-      { 0xf9c1b8a499b000ffL,0xf31d01b18f408d3aL,0xa7aa142f42b9d35bL,
-        0xeb8aa74ba0495da2L,0x824cc32a59a1da45L,0x3f1fbe0ff5173374L } },
-    /* 15 << 168 */
-    { { 0xec9071a634238c30L,0x6dd6c38b88a0f423L,0x3adace72992e7977L,
-        0xc90b941b1ae5166eL,0x052aa3e9e3e43a68L,0xe9b1976da733a950L },
-      { 0x0e1ca28e5ff6c9dbL,0xd1bd4350387409a2L,0x5943cc7089155117L,
-        0x8e85794f5feae20cL,0x0d118fd669768ccbL,0xc647179d53120895L } },
-    /* 16 << 168 */
-    { { 0xfeb984b3ee828fbaL,0x8273f830e2bd188cL,0x177ef97e3ca0a99fL,
-        0x76d4796dacc000acL,0xbad0fa6eb140f51aL,0xb275656706ebc810L },
-      { 0xf89eb78fa18cb32fL,0xcfc37eaea65285b0L,0xe2b29cfbb25e9d1bL,
-        0x9388ea8fb4e7aef3L,0xee606c12e267e845L,0x6b103c549f5806d7L } },
-    /* 17 << 168 */
-    { { 0xb9a40e78e31fd643L,0x648cc34a97950a34L,0x85c5ca405900be55L,
-        0x2e519cf12abb843bL,0x6f9d0a7f27436edcL,0x2f569c9d6694f363L },
-      { 0xf6d1b325f6f1bd24L,0x01103c0d4044b353L,0x2d3ce56f3138b549L,
-        0x5379bcf71c28bc5bL,0x6768220d08ac00d1L,0x973f92ff0152746cL } },
-    /* 18 << 168 */
-    { { 0x5e992944b37b0486L,0x0a334b92001fa124L,0x6653cded9c9ab466L,
-        0xd512612fabac4da9L,0x636bf431c502b860L,0xfca1c0c2c3d20db2L },
-      { 0x7073f293f85c40c3L,0xfaabc77acfba9eddL,0x58842eb97f9b570dL,
-        0xe8cd4f53702aec24L,0x8975f4e6e08113a1L,0xcc0d7f17767bedd6L } },
-    /* 19 << 168 */
-    { { 0x5163bb51ae315a65L,0xf82ec4cdbe405348L,0xffd381a46b1801a4L,
-        0x33f9b8ad2f6ba570L,0xd88c58a58ecc0000L,0xc0b9a639cfdad25eL },
-      { 0xc78cb70fe3bd808aL,0xf54b86e573ce5eadL,0x111208ed5610a761L,
-        0xba3579b0e3c8e27aL,0xbadd918c63b85bb7L,0x9e10da0b71bcd972L } },
-    /* 20 << 168 */
-    { { 0xf418e3f63766f2aeL,0x4a3ad3c8053ef1c1L,0xd01e5b5b560db262L,
-        0xa583edc7c02bf4c3L,0x7c9f706052f318d3L,0x0852556f1f5e1ffeL },
-      { 0xe1c70aa7feb0e63cL,0x59f0a3f989a8c058L,0x4aa4cf021ffc0adeL,
-        0xbb880e4138a78632L,0x35b0f7596f28f096L,0xf9c4fe17d5757d7dL } },
-    /* 21 << 168 */
-    { { 0x160303ded896adf7L,0x19a46b6c6beb8930L,0x33dfd962f010f74bL,
-        0x03b699cc00e5610fL,0x17487b7595078dfeL,0x63bc614253f3479cL },
-      { 0x43f3d994858d5b8bL,0x383349349483c0ffL,0x47c917a67977142bL,
-        0xdc50fb80df7eead4L,0x4e3a1d3fb5b82be1L,0x091af8796d7317b7L } },
-    /* 22 << 168 */
-    { { 0x783e5066af151a9aL,0xec0a9c175466df17L,0xdecd12310174b0adL,
-        0x654af66a3b2aaa45L,0x849d64e5b1fcdd11L,0x7e8e2ae6d05af56cL },
-      { 0x12e887b7318a6184L,0x42d1445554ed59d8L,0x2eafeb48ee54ddc5L,
-        0xd1f9e6b980c94a8eL,0x5ea691e3263696c0L,0x7f42f3796e03eed3L } },
-    /* 23 << 168 */
-    { { 0xeeb8accfd69b82b9L,0xb4c4988ae0b61d73L,0xb78becf19df9b59eL,
-        0x13274f6236440c93L,0x33d287f5697d5a77L,0x391fe6129af4053eL },
-      { 0x986c42b21c16e858L,0x23f5d1dffe04125aL,0x2f57ccb3af9541ffL,
-        0xe5b4eec70f1a8bafL,0xaad23ce7646c1b6fL,0x69495ee5a6ff96abL } },
-    /* 24 << 168 */
-    { { 0x78b8879cfd6376ebL,0x22a76461c01e1edbL,0x6a44be39369cf0c4L,
-        0x6653670d5ae54539L,0x257bd7516fb43ad0L,0xb3ac371512baffddL },
-      { 0x48659d617548eabbL,0xd8f931f80cd468cbL,0x98f0241549e3b531L,
-        0x90b0d71670df011fL,0x26d73c54ab98f066L,0x06591ec988475d5eL } },
-    /* 25 << 168 */
-    { { 0x6fa72e3518f18e71L,0x6c04fe2d8123ff14L,0xc48cb53a197481a9L,
-        0xf059db349860e48cL,0x35e8341ace46ca7dL,0x880f4ea4b0400f7dL },
-      { 0xb4c5ea9acc9cc40aL,0x6522c768e2555fa3L,0x95207f39ea2c32e6L,
-        0x7b6fc09fa8be60e1L,0x772b829f29902652L,0xb7936b90af6a48dcL } },
-    /* 26 << 168 */
-    { { 0x409e3b1109758457L,0x59dd0a8c1dea73d9L,0x528906a58fb18a01L,
-        0x6fa55967a17ffb33L,0x9523cc3d50edbcb2L,0x35600b3e44d43541L },
-      { 0xc3a7d22c8f87dbc0L,0x5514c967c1b225abL,0x78e5701988304a74L,
-        0xe9b417ba35f3b54dL,0xb72a243c48eea230L,0x4e173eaf291ee52dL } },
-    /* 27 << 168 */
-    { { 0x79b854ca2127c795L,0xd9457d8f86657844L,0xf8c9e6ef186668e8L,
-        0x84c8855df913c2f6L,0xf207d36ad641cc12L,0x7be9b5736105ce0aL },
-      { 0xe72cce1974ec078dL,0xc4f47413d09950c3L,0x640bf6eb3974554eL,
-        0xf880dcfb844497baL,0x3744626999bbcfacL,0xcf1712f4316f4d64L } },
-    /* 28 << 168 */
-    { { 0x627f6328412b84c3L,0xd427e977a04545d2L,0x5b0145bc104f25c2L,
-        0xa6931c4f2ac7ad62L,0x407611431f8d42f5L,0xfda5a76be7f8a0b3L },
-      { 0x4f1ca5cffe0946b9L,0x6def7b9fbeb2d427L,0x984bd4bbc9a0d136L,
-        0xb9a778235b3af1c1L,0x04ee66ae38ac2087L,0x63374ed926d9dbb9L } },
-    /* 29 << 168 */
-    { { 0x68088e9c3983deb9L,0x2c95ecaa2ed99988L,0x371af002917f200dL,
-        0xff33aa5dbb4ff0dcL,0x1dd5fcf2e47bbd6eL,0x1624b973e75f73ecL },
-      { 0xf6ce0e9db9722af3L,0x8bde5b8818226fcbL,0x243753fc5b5da478L,
-        0x3b53e0e3bdf88daeL,0x59f8c86f325cedb2L,0xabd4076d70fb9681L } },
-    /* 30 << 168 */
-    { { 0x1996761db8759af1L,0xfb85cdd8e4a705f5L,0x2ea7aa0b35111725L,
-        0x23245d4157a17f4bL,0xcbdb650e0d00eb9dL,0xb40823d9e23a4a3cL },
-      { 0x041bfb67229163f8L,0x020ad3c16d47b83dL,0x3bc8975d344c8ebfL,
-        0x287efd06d91ff408L,0x1ca5d75a2059106bL,0x4ff27af3b90c5d66L } },
-    /* 31 << 168 */
-    { { 0x416b7c61ded914e8L,0x1aeee7d007ad4237L,0x59d5852476c2b7a4L,
-        0x427a102c98665f29L,0x8504aa8d2a1aefe4L,0xef2dbeadc183a736L },
-      { 0x5cb5f222f533358cL,0xf2ebb47d36b0d678L,0x1de4a0e7f2c2cf99L,
-        0x62613994ea95a161L,0x68a86f4012d66ed4L,0xeb12fe75b2af52f3L } },
-    /* 32 << 168 */
-    { { 0xcf947c0644ba39e6L,0xf5d5216cedfe78d7L,0xd00115c05f1835c9L,
-        0xdf084152d8c79d90L,0xc0c3a6846db5f791L,0x40514451749b18cdL },
-      { 0xd314b7d5734df3f1L,0xbccdd3f07f541415L,0x97ed5af06855a942L,
-        0xea84ae9ee9d02ab9L,0xb87e90343238a5d0L,0xd12d25c3650a0eabL } },
-    /* 33 << 168 */
-    { { 0xc3747c584f9d2c34L,0x493a0adc95429c92L,0xf9b5916238a679ebL,
-        0x04d500a16bac07f7L,0x8938f4f96a809676L,0x44ecbbf0c5b25a4dL },
-      { 0x3b68705504768400L,0x6a432e14b4db3907L,0xff82fb56ad375d2bL,
-        0x87f59f97944210c2L,0x2b680b2051445242L,0x1e0986466cd75962L } },
-    /* 34 << 168 */
-    { { 0xdd2eea82672e5a4cL,0xb05ef9ebccc68d94L,0x626ce368a3fa4215L,
-        0x6e376f67fe46bd46L,0xaed7a0bc33c4f169L,0x4a92c6093af5c4fdL },
-      { 0x6615245fa690fb49L,0x571d2d870d64f04dL,0x6a45df34641ce79bL,
-        0x045ddbd02655d316L,0x2b6c574db4fbc42aL,0x41545fbc5b2dbbb8L } },
-    /* 35 << 168 */
-    { { 0x484996b97d8f1eb7L,0xf72f3a8110bd1585L,0x418e00e7b67eb27fL,
-        0x354e56c97877c18fL,0x7f11f5040a8b37f9L,0x66591146ff58764dL },
-      { 0x816ac849ed0bfc38L,0x85eaa6350a50a99eL,0x7fa62d9c5bf4995aL,
-        0x77840d5003413385L,0xe4f023bde83f9fa1L,0x2c5f8e1d9cfa7578L } },
-    /* 36 << 168 */
-    { { 0x1473b55b86a515a9L,0xa9e3230a3b337c64L,0x7e8bf9049db668f1L,
-        0x1db2c25ef27f9fc9L,0x0c1086072d9e467eL,0x4505579aa3f00d52L },
-      { 0xe2ad661b240400a7L,0x8022294c11af4874L,0x29e9037078bba8e8L,
-        0xbf0fbf08f6baca04L,0x2e46d2b74101fab0L,0x66065490c61089e6L } },
-    /* 37 << 168 */
-    { { 0x18b01aa935dde51dL,0xa7496997a7d044b8L,0xcd9c467f44c23d2dL,
-        0x96211b86659e4a5bL,0xa2a9000f3e17b717L,0x7af9c312dd90459aL },
-      { 0xf0d6c24394547203L,0xa76a23dbd77cc691L,0xe1b7fce10ef364deL,
-        0xe08c1d0bb689c810L,0xb75bfacb0a43ca02L,0x1b7afea5408ac99aL } },
-    /* 38 << 168 */
-    { { 0x3b1abdb85a4a8a23L,0x8f52060c4d68bcf2L,0x7408306a00ab3146L,
-        0x652ae3064b86b775L,0x276a14a0b0695b00L,0xcf8af11f1b771254L },
-      { 0x3fafcc63b91118b3L,0x6c49000a73bacebcL,0x53852d084e3f3d6eL,
-        0x78977e91fdfccca1L,0xe843cbca6ae9ea5eL,0xa99831896bb8271bL } },
-    /* 39 << 168 */
-    { { 0xf77b0a7387534a6cL,0xfff419f2f5b0c6dfL,0xde3c3b33357205eeL,
-        0x867eb3a23c8ec9d6L,0xd28bed3263a99b18L,0xf5fc17e4c1573146L },
-      { 0x30cf41e5821641feL,0x84b1970e225ab57fL,0x6bf707325a1e8ba0L,
-        0x7bfb3bbce3cf38d6L,0x9f362787a661e876L,0x6d9137c86c0a16fdL } },
-    /* 40 << 168 */
-    { { 0x2131ce5b09f8a1cbL,0x7b373ed28ab129e2L,0x463cc8d677c1292aL,
-        0xa9b7cf6594ffe9c5L,0x129125ceb99bfc4fL,0x819b42849820d323L },
-      { 0x3f70976376541a41L,0xfd679ae5e32c7a7bL,0xc39a208df65b6b3cL,
-        0x1c22ebc050002745L,0x268f19dde2bcd202L,0xfeac809c9c3d4266L } },
-    /* 41 << 168 */
-    { { 0xc5ad8903af14f8a1L,0xdfcd207c3993c99cL,0xf65f8260c7c1fd57L,
-        0xa1573b3d41be66fdL,0xeeeb9ea476690f79L,0x6a6338437129849dL },
-      { 0x22eeb38623a7bfcfL,0x258fc0743393e894L,0x008efb477ce9602aL,
-        0x4bf127b699c7b279L,0x150da482fa1bfd7fL,0x7b84744d293754dbL } },
-    /* 42 << 168 */
-    { { 0x3af9919db2183277L,0x7f5990fb4f6182ccL,0x17603db034f716d2L,
-        0x6b79f6538f135ad5L,0xad9189e68092d128L,0xa5f3ab8efc6628c1L },
-      { 0xa36b978e84b6d30fL,0xf2a7e1c64c001f26L,0x2acbdfd676e79beeL,
-        0x71b5faec86f6d6c6L,0x23d9b7c849b0e5d7L,0x36ea518212fd4cccL } },
-    /* 43 << 168 */
-    { { 0x14a4af0f59df1cf9L,0x37f8641dfd7cd2b4L,0xfb6aa5d0244434b2L,
-        0xb85f8c8b5d5bbd63L,0x833e76baedb92f97L,0xbcd9d7b50d7a2dc2L },
-      { 0xb233f07ff0e0f06cL,0x453f10c4fcc06efcL,0xa4e8f306128a167dL,
-        0xbd6df4690d0c09cbL,0x2b5db66b7168ecc6L,0x7ec02c77f29bcecfL } },
-    /* 44 << 168 */
-    { { 0x0746783787dcdbdbL,0x4cce33be320493d8L,0x9ab08cbe713c7746L,
-        0xd6f0c1de9c6dc5cbL,0x194005382ac03761L,0x3fc11f38d0547be5L },
-      { 0x66b378ce819fe3fdL,0x6a590acc3700fe7eL,0x4c976a728924b396L,
-        0xa5006d8d70b9b250L,0x2fdce1b212b85f9cL,0x5858f7ce495f8f1cL } },
-    /* 45 << 168 */
-    { { 0x3f2b5e295de2948eL,0x84554eaae1a4a962L,0xb4e55f1293db9addL,
-        0x9260e3eb61b22484L,0x22a898997b1a6d10L,0x571bcd3af58d1ce3L },
-      { 0xd62db0edecc88a76L,0x88352f634af2cf53L,0x8d279316b61c73adL,
-        0x7f898e09ec74d6abL,0x39b2b0c05412a81bL,0x623a5ea30644b6a4L } },
-    /* 46 << 168 */
-    { { 0xe876b53bdb0f6565L,0xd0dc323c4650204bL,0x0e4af31b0201643fL,
-        0x486173207e8a0e6cL,0xe09183d457643a1cL,0x3c55bcb5ae8359b1L },
-      { 0xa06078cb7b467835L,0x4d3a35d901b6bb3cL,0xd4f1d8233963fd31L,
-        0x9c1b06093d4cce05L,0x55e368d5da550340L,0x50c3feee12c4b7b3L } },
-    /* 47 << 168 */
-    { { 0x6de0fcdaf0f97e84L,0x1f225d818dfbc0ebL,0xe27a42efcd2c51d9L,
-        0xeff56879c0cb033cL,0xe700cb87c82e38d4L,0xc89a02d589d244caL },
-      { 0x0b464846ad9c718bL,0xf8d5ee1f8de96d61L,0x2cc33c3dfbfd0960L,
-        0x3ef549f0e199b6fbL,0x29f83f686c1597b3L,0x54ca37a3731712ffL } },
-    /* 48 << 168 */
-    { { 0x357540ab903ff177L,0x225280b8276af514L,0x33d273ac14d7fed3L,
-        0xfef6b9ffd186ee3dL,0xa94c207101a7b1d9L,0x4ea3627450bc8bc2L },
-      { 0xc68959c9fa98a918L,0x8f5ecceec7bdc262L,0x7a73a4fce6861310L,
-        0x19bcac90c828330fL,0x73e3b66f7ef74fdbL,0x60f7698352d8f2f4L } },
-    /* 49 << 168 */
-    { { 0xda57f1a65645cb9bL,0x3d5d3190f0840240L,0x6a0c6ab101bce275L,
-        0x38993676ad23128aL,0x54f7b5d7ea0da248L,0xfee930b38b04ccb8L },
-      { 0xadb9034e2cf3bf1aL,0x0488b71ae9b608daL,0xa3e51e303bd1172cL,
-        0x56dffa5844993c1bL,0x6b3211fa4cdcaf10L,0x223b2a43834d4e17L } },
-    /* 50 << 168 */
-    { { 0xb31f934134e43ed1L,0x895c99973c6b7f58L,0x360021084c465126L,
-        0x7eb0bf6b095df89fL,0xde3b2fa3ac534af6L,0xd9dd9f55c22477caL },
-      { 0xf52cfffc2092e355L,0x4ba071ac8d8bffc6L,0xafb61137abefe750L,
-        0x2887d0e4cb62210bL,0x0eb2be515f4fc157L,0x8c993039438fa2f7L } },
-    /* 51 << 168 */
-    { { 0xfd2a61093efae008L,0x60fa269552f57cafL,0x3591e64f481c36c1L,
-        0xdc2b9993c908a87aL,0x76bd4dea5bffb50dL,0x913a0458f70fb0f5L },
-      { 0x45ea6c4c097bbfc3L,0x3ebe29d3fa9e90c1L,0xc69532426479c087L,
-        0xdd1d24509abc7a4eL,0xa497b072d0fc7791L,0x477d71f9388ab90cL } },
-    /* 52 << 168 */
-    { { 0xab3578047e03a14eL,0x0f4f28688caf673fL,0x919e661e66530425L,
-        0x28da445c91ba47c5L,0xd6d0537566c394feL,0xfe1864a302e8ae91L },
-      { 0xd34baca2a753aec4L,0x43b7ffe7a2c8d292L,0x496659eb04efb8f1L,
-        0x310ec2a9e0252dfdL,0x98173d2f9168a80eL,0xa3e018d631497255L } },
-    /* 53 << 168 */
-    { { 0x39ee6439ddfa0ffcL,0xaea6f882c1d1d54dL,0x688feff654a65059L,
-        0x17ee5aaa37f25ebaL,0x6c9b4f2932b345f2L,0xb883c0c75b4d62ebL },
-      { 0xaf33e4ae3135aa7eL,0x28a7572c924146a2L,0x67dc5dd37e77ae8bL,
-        0xe11cd9c5ff39b601L,0xa86f090b5e6f364aL,0x76f7517500b84247L } },
-    /* 54 << 168 */
-    { { 0x26d3a3e3fbae20ddL,0x5e9b73cee1dd2b25L,0x7008aefb0235d5b0L,
-        0xa92af4ed2aaf208dL,0xab786c9bb1132040L,0x43250e6c9a91269dL },
-      { 0x00a15294c9be00ceL,0x2d5782df1698dd42L,0x3f980bbe76e3d6e3L,
-        0x5b602647496650fbL,0x461edc3271aca61bL,0x2516ab6c9805a01bL } },
-    /* 55 << 168 */
-    { { 0xb468fcf2967e2216L,0x97b840679ae47d05L,0xfcafaebc5cc15209L,
-        0xaf7f6c8ccc83c3d4L,0xa74d4cd5cfa47e0fL,0xd8a51615474cb8b1L },
-      { 0x4815ef52591462a6L,0x9c5b2cf74deb41ddL,0x39cb450b7e99d620L,
-        0xfe8cacbaa7772019L,0x98b98210577dc69dL,0x5e02b90072423a96L } },
-    /* 56 << 168 */
-    { { 0x3266c887d9d9284aL,0x690f818b73646ab7L,0x67315ec6af7fc33bL,
-        0x181e61abc30b1ccbL,0x1b81e6cd105a9e1cL,0x62a15daf5078b9bbL },
-      { 0x74f9840f6fa8cc65L,0x356b777443388573L,0xba0f7d0506b3fd46L,
-        0xb0ac864c92b4fdadL,0xcdeac253ef192cdeL,0x0c24810bc313b4a7L } },
-    /* 57 << 168 */
-    { { 0xfbcd4f77e748de9bL,0xb7d28cdfc25dcc94L,0x32f937a92e033c43L,
-        0xb6289636d9da1f7aL,0xd774e97dd287865fL,0x8d013739e6243bf8L },
-      { 0xee7ec1f856b9601dL,0x429017666afc90caL,0xc42d960ad2bef9afL,
-        0x654ece7f5b430bf6L,0x02878c7f221440f4L,0xe575aa6474a4e1a5L } },
-    /* 58 << 168 */
-    { { 0xc96e763e71a449f9L,0xdeda66311a349fb0L,0x6f896aef3c4e8f44L,
-        0x71ffe2d2e9eb36a3L,0xcbee21ab8f908a29L,0xaeb695f85be98708L },
-      { 0xb6023803de61e1a9L,0x59f1ec96065ecca3L,0x2a1229f3637d0741L,
-        0x5a9bca2c69441afeL,0xfc6daedbbbeaeed6L,0x950034954e2e31e0L } },
-    /* 59 << 168 */
-    { { 0xe59a827339859da4L,0x8720429fa7431a84L,0xfcab26e17ee3457cL,
-        0xc13c1125da3b7833L,0x0bb1043fbc0b0da1L,0xdc2726ea84b526e8L },
-      { 0x34049278a213a188L,0x400bb4a00a1a2553L,0x00e3eb25c92df398L,
-        0xc0b7113f9c36a6ddL,0x719d185001e274bdL,0x86f08f2dcde338aaL } },
-    /* 60 << 168 */
-    { { 0xef8c40bf1adb09b7L,0x2efeb49c0b74992aL,0x3f0f8a412b79957fL,
-        0x08927bfe87a06873L,0x1f63a4109288cb9aL,0x8c66fb70df2b373aL },
-      { 0x98da4712980facaeL,0x15ce5b17d819d026L,0x097571a5749a671aL,
-        0x85a40804894dd269L,0x3e89c13c34cb6797L,0x2d19d5e4d07119a4L } },
-    /* 61 << 168 */
-    { { 0x903eee85d90da9a7L,0x67723582de5ddbf9L,0xacf6898ad394eeeeL,
-        0xa700fb8fabdb94f3L,0x1bcc4f947ac5624fL,0xee5cccff7e3b8ec5L },
-      { 0x87d64d4d98e5a1baL,0x78727fc1ad9c4409L,0x55b4159b82310db7L,
-        0xaff4eecea58d10efL,0x6d2ec94c11c958afL,0xf129bd1043db33faL } },
-    /* 62 << 168 */
-    { { 0xe1f6d71ed42eebf8L,0x46f825b9541ac0b2L,0xb01031b693ae2ab1L,
-        0xfa4e1c357c589556L,0x65fb2504d273d1bbL,0x589d735447642bddL },
-      { 0x7a5776adcf5e2d53L,0xab5c3544e5feda7eL,0x48e8442d32dea96cL,
-        0x5f3e9c9e64d293daL,0x3f2df6a16b972a00L,0xfba58f5fa273832fL } },
-    /* 63 << 168 */
-    { { 0x5c9fe89240e9ce34L,0xfd9fb296633495d7L,0x0ae3c18a8c76cd7aL,
-        0xb5ede1e3a6b77012L,0x5ac7a9d5a285822dL,0xe41de7da71ffe07bL },
-      { 0x585f7e101b1bb4c5L,0x482794be74153077L,0x66f1c9d5a3e2a34bL,
-        0x491d48f7c749830fL,0x3c0f3bcd5416d2bdL,0xaa3baada90b04986L } },
-    /* 64 << 168 */
-    { { 0x58225208ecbafb80L,0x4f212035aa73d6deL,0x1224e45562fe86dbL,
-        0xa8c8a4782dc5b2f1L,0x8a957b8dc3096555L,0x6a3248b0b1591452L },
-      { 0x1e563c58cb604c18L,0x32808cb59bf1045eL,0xf8f62de99462e7a2L,
-        0x6b3dfe91c2489214L,0x6c1d8fc42174639cL,0xdfca11b8ef88d4b5L } },
-    /* 0 << 175 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 175 */
-    { { 0x5a4a5ce418690ad0L,0xd0f788e0fe27f51aL,0xd459388e4efe9a30L,
-        0x3a45c11aef9d074bL,0xf68ab50b93ab9cb0L,0x62fbc397ecd9a566L },
-      { 0xbfb79b7fcc587a7eL,0xfcf4d66f92870baeL,0x4f31aa21877390f0L,
-        0x2de0c645e314cfb5L,0x56d904f6238eab12L,0x4d104a42ccb4d4f6L } },
-    /* 2 << 175 */
-    { { 0x3eb83a8729358cd3L,0xad741295b9c6d430L,0x57b8c77a53abe4e9L,
-        0x0a14673ebb9feb82L,0xc0a6cbf7f26f922eL,0x213de299a32e526cL },
-      { 0xca417e677b6ca858L,0x8d6ae0f7fc2e0900L,0x2bae0e7a62e135ddL,
-        0x962bdcaea7ee82c7L,0x573d7f6ae5776c74L,0x9c4de6496ffbefebL } },
-    /* 3 << 175 */
-    { { 0x8c962fc809335d38L,0x26d1bc81eb38d176L,0xe1aeb295c47711edL,
-        0x0812b9926cbe3e4eL,0xeecacaf90ab9805dL,0x82fefbaa3521a0adL },
-      { 0x3a6948c0e2c31b9dL,0xb7d3905be82daf2bL,0xbd3ac90e25a34c37L,
-        0x55afd99b61453063L,0x56d87cd190b99303L,0xc9bf82dd97ddb0a3L } },
-    /* 4 << 175 */
-    { { 0xcbc0bb1968916917L,0x0bbb9f921094bf88L,0xf62cb350d3806442L,
-        0xe4d2f1cc397a7602L,0xa54bd48e43987d82L,0x77b6f8314f0a19faL },
-      { 0xfa0c9a456e766443L,0x995ae0fff51ba70bL,0x8e242c5b9cbd8d33L,
-        0x1671eb0813d97956L,0xccae388f40da55faL,0x97cc48faf376dce5L } },
-    /* 5 << 175 */
-    { { 0x1c2919bbe8c91718L,0x9dbb727a5097bde3L,0x23f87ae7f8ea2fb2L,
-        0xe1bfffdcba310121L,0x5938c50c75329669L,0x716c63e00549855cL },
-      { 0xe091b0c9654814f0L,0xa20535d10e43daeeL,0x16ce68b2593ddd04L,
-        0x7813a49af59900bdL,0xef0d3eecd3e5d232L,0xe7d12cc40ee3fd4dL } },
-    /* 6 << 175 */
-    { { 0xe54d92cdef01fc5fL,0xc46c2ab8dda2e25aL,0x7c907fd2849f6142L,
-        0xbb11dd2dacd0202dL,0xa4913a701d92d19aL,0xe9a26ae0cf610677L },
-      { 0xfff1e1d5538943c5L,0x5943dcc4a47b2204L,0xcafcf33a92cabf71L,
-        0xd571e13ce329d1adL,0x7626ad237a9a0e4cL,0xf0aa0d9f130d7f86L } },
-    /* 7 << 175 */
-    { { 0x09df3a4419e6aa7eL,0xe27ad0475841b1cdL,0x02d2a69fbde75934L,
-        0xb0e05e53fd9ba435L,0x4732d88ae008c16eL,0xdebc4777ea72110dL },
-      { 0xccb7d9932e3143adL,0x674f3753ea8cd06aL,0x56012a7a051562cfL,
-        0x961df68425f74cd6L,0x26630e71214d8a95L,0x584e8d6365d92f84L } },
-    /* 8 << 175 */
-    { { 0x8a89daefebc5557cL,0x7ca71403275e1649L,0x48d923775b80bb4aL,
-        0x0a587c52a45b3626L,0xdaff503cc75bfe91L,0xd845d3e6116d07d7L },
-      { 0x6b5a4715a51eeca2L,0x34ac02bd74481991L,0x8f076cfc595abf8dL,
-        0xc9de4ce9ed0391ceL,0xaaaad03ae1fcabd3L,0x8d48ec0087b199edL } },
-    /* 9 << 175 */
-    { { 0xbd0f2653ae5dd482L,0x59f968dd060032dcL,0x6bea33e067283310L,
-        0xccce88cc012aa50cL,0xbb6d7f2f66838f46L,0xb764c95f05ec9bcbL },
-      { 0xd097b60451477ccaL,0xc2fbda7b82b20a85L,0x75fe07a424e9ca8dL,
-        0xfc4fa8240cc40d01L,0x0b17d5f90c0e95f7L,0x285e6e8a6e1e46dcL } },
-    /* 10 << 175 */
-    { { 0xb0641d09bc9b2654L,0xf9fcc2e68aa8fa35L,0xd12a5b4b00d5ec6eL,
-        0x9be1a1115569d89aL,0x9c0566deffac7208L,0x7a9fd4ff7034edf1L },
-      { 0x636aeb6b9571c375L,0x60d05aec55cdf187L,0xf4e2f898734e9d2fL,
-        0xdaf742195ccdc6bcL,0x9d39249f608a4f28L,0xb5f1bb5e8820e2c3L } },
-    /* 11 << 175 */
-    { { 0xd02e9936d9589548L,0x8f1bf5755341402fL,0x1535a443057300aaL,
-        0x3062478e65d29324L,0x4203351fc656a3f3L,0xbeb21b516569c4ffL },
-      { 0x8113ce70e1f0f263L,0x59d1293903f9320cL,0x95061255d08f8936L,
-        0x8be3c0f997d4b705L,0x0259742e827837c2L,0xf55ea28d95c65cdaL } },
-    /* 12 << 175 */
-    { { 0x62024812603dc3dcL,0x25dc5337efd67b57L,0x86b3eb38d7f033fdL,
-        0xee3226b232646d6fL,0x8c4825f6f1dae596L,0xd2303055a5bcb8e5L },
-      { 0x904a53493c0baa76L,0xe60f6125e08646a7L,0xaf6a329f21d45f89L,
-        0xf20ad88a06605546L,0xcf7a0e9619a93d14L,0xf1eabcc891c97174L } },
-    /* 13 << 175 */
-    { { 0x72b76e9e8f02af51L,0xac94cbf1d580f95aL,0x2e9cd74801d854a4L,
-        0x4ed4e9061f08a1bcL,0x0a2b28419d2bd936L,0xbf86350051c89ddaL },
-      { 0x9407b0e7e3f00bf5L,0x6b1f71ff28b57ac1L,0xc1dfe03fcd28801fL,
-        0xf3d83d64afa55309L,0x47aafba28af8f76fL,0x54eed45f6604b2e9L } },
-    /* 14 << 175 */
-    { { 0x59edd2640f3e541fL,0x318674b582b76ba8L,0xbf4a0d304e7f0716L,
-        0x36fc0e4119b88200L,0x91db560240da801eL,0x638371ad2c72c2c7L },
-      { 0xfe960c25d5822da7L,0x7a7571d14a7415e1L,0x5a6480febccc1576L,
-        0x72f4e5e5c3c88f47L,0x224e7e749a7bd8ecL,0x3ebbf52c7631455eL } },
-    /* 15 << 175 */
-    { { 0xae3c2bc08608ab37L,0x35e3da8c39f336b6L,0x7413664281f44511L,
-        0x21ce7c511d8506e7L,0x9b6718b3846165f1L,0x9e455007f5cabf6aL },
-      { 0xec582a0e02611073L,0x269aa18d83bf042eL,0x7c54fb7c86306757L,
-        0x453336021b948fafL,0xd3a5c508b7025d73L,0xcd6e555b428471e4L } },
-    /* 16 << 175 */
-    { { 0x42c9fad511a224e6L,0x6b6aeb8b69b2ac26L,0x0cf4c7fdb149854bL,
-        0x4a7d90002fc359ebL,0x9ff0c3ea29ec8603L,0x157ae7859b24ee14L },
-      { 0x638c809a8979e9bbL,0x347dfb2e7869d8c5L,0x2fb1e0f8a07ea547L,
-        0x1e580d32aecdec3fL,0xbbf895730f74025bL,0xeb94d71bdd529164L } },
-    /* 17 << 175 */
-    { { 0x8670812a35d03250L,0x2f68343f1984cd59L,0x5fe890caf1ff97ecL,
-        0xd47fff536f764b2aL,0x70fa44a4f8f7077bL,0x7b287efcb2c7fe02L },
-      { 0x0718e70806dedcdeL,0x37193c827172c0f6L,0x47ad55f67b7f28a5L,
-        0xaf83c4fe9c71a96fL,0x2d6075587c490626L,0xe647de1b933e9033L } },
-    /* 18 << 175 */
-    { { 0xdc5909e3f1687d4cL,0x4fe3be46d431c5a7L,0x28c41a035f9807beL,
-        0x2c4203fd12f1f8daL,0x13f12da450a19620L,0xc32f881eae2e9835L },
-      { 0x56328ef7622587d0L,0xcf785f038f209f66L,0xb562ea70a2697748L,
-        0xa762289055598769L,0x9842bfa8fbf41fd3L,0x304c3057fa401ba0L } },
-    /* 19 << 175 */
-    { { 0xb8d685d1c56bc716L,0x1eceb18f1fccc358L,0xf94bedc82034cabdL,
-        0xa9acaf11ad003472L,0x6fea0a55ad0786c6L,0x60f7f9a9581f6f52L },
-      { 0xc4736494400bcca5L,0x221d8f8a3606b047L,0x533756fb6339c7fdL,
-        0x1e068e987510c1a4L,0x9bf9abb6ededfa09L,0x96895ce548d54775L } },
-    /* 20 << 175 */
-    { { 0xc995b0171552c477L,0x6f92a95252351781L,0xa9d4bb6c4da25dafL,
-        0x2b02828e3cf6aab7L,0x5f4febed11fa4d0bL,0x42f0e61ea12d9d37L },
-      { 0x1ceef875d24610d0L,0xa7c85c485d4eeceeL,0x33fcfa3b79340a49L,
-        0x3671e563b00b3491L,0x871f74e493eade0fL,0x1ed095182c546f3eL } },
-    /* 21 << 175 */
-    { { 0xc003b709a9a5c68eL,0x9441e7b26c84310aL,0x7ec3b652dd90f7c5L,
-        0x17e601685b526324L,0xc5f77fee479573aeL,0xe89beed18453fe7eL },
-      { 0x259a2b0364540cadL,0x8c2f13322b9a8053L,0x1db53ab7304940edL,
-        0xcf780c5d1612763dL,0x2edd7285e19b62f9L,0x20ddc9874abdd7a5L } },
-    /* 22 << 175 */
-    { { 0xa70aa6781250954bL,0xe4a2f7cf2930f3edL,0x3e3dd26666fd719aL,
-        0x500166cf792ff463L,0xeccd32cd75cf00a6L,0xb65f46a5c4526e56L },
-      { 0xfc3a99c360aa8cd7L,0xe04a18b31290b20fL,0x957139a218cb9326L,
-        0xf6b352ce11fc04a5L,0x9314b80778534e64L,0xd4a265c52d8f5015L } },
-    /* 23 << 175 */
-    { { 0x7078b4820dca1fd5L,0xec3192daeed504baL,0x144183332d06a63eL,
-        0xaff9f7bd69c01ac1L,0xc5fb50475b74308fL,0x37846eeaa67e7ef4L },
-      { 0x0fcea663976b931bL,0xd3407d42bb345b71L,0x925afc36a2deb11bL,
-        0x12c271092207db49L,0x237500002e1c8fbeL,0x41427e0763f771cfL } },
-    /* 24 << 175 */
-    { { 0x9dafbe96491ddae9L,0x92c60b897741da5fL,0x1185b001b866ab14L,
-        0x7a43b9cfca7f2f81L,0xaaeb5efc6ee8fdfcL,0x1f7cc70022beba9dL },
-      { 0xa212724722e3e7cfL,0xb98dde1e9e723477L,0x87832183ac89706bL,
-        0xdfb92ac1ff72f1d5L,0x5877fe6daade3804L,0x7ddde4a79170b9acL } },
-    /* 25 << 175 */
-    { { 0xdb147da0b7df600fL,0xbef5374660a8b100L,0xb4c7e404a1330d14L,
-        0x152c6ae754f96693L,0x08884fecb25fd94dL,0x8ec186048ba59001L },
-      { 0xdc245c0c9f8e77fcL,0x2be5aaebc0f0a83dL,0xd15bdecd1fd13525L,
-        0x46b603f0821c9224L,0x6b335a7daf6dc128L,0x4cead4f94dc6b5bbL } },
-    /* 26 << 175 */
-    { { 0x239cccd8179fac91L,0xffa076063829d42eL,0x75b8589cbd42a0ecL,
-        0x012f5e80d7f2292cL,0xdcee7efd99c14665L,0x4925256d23650737L },
-      { 0x847c86ecf3cc64afL,0xdd34a75feabc04fcL,0xc2f73b3ac6a1f710L,
-        0xe16e317565cbf6fcL,0x9cccffee351461d9L,0xe3d635543b4fe4b9L } },
-    /* 27 << 175 */
-    { { 0x6e27de1176ece8f1L,0x3ca873a79d5a3cb7L,0x7d65cdff7e424482L,
-        0x023e5bcf69372216L,0xae601c2f2ffeb5a6L,0x8c8888cbde130b33L },
-      { 0xcb8309485700ecc4L,0x5a1902ef9dfe1891L,0xe01f5fc558198380L,
-        0x9d5d1c476c59f973L,0xacc64c98e34cc41fL,0x057d81f03065d870L } },
-    /* 28 << 175 */
-    { { 0xf3a1a9797aeefd73L,0x3fb166a09537abf7L,0x39e8c469d4c37607L,
-        0x3efc85650e3f034eL,0xc955c2dff9c25655L,0xd6ce96ec260fa449L },
-      { 0x5383a8b831d8e6d4L,0x3aed2e761a3595dbL,0xbd269c39e22a0f45L,
-        0x4c82238694a7a83cL,0x362f08055731bd0cL,0x7dc1e7ee0527be95L } },
-    /* 29 << 175 */
-    { { 0x606ffedfd41ce228L,0xb87608d0ceb21740L,0x6fa23c0794a4354aL,
-        0x587a7c54d5061d84L,0x75678bdb16b823ccL,0x2d2163c94ec818afL },
-      { 0xa80b1e4e22c6fcaeL,0xc07cebee4d2a4b65L,0x64f303c7a895e2c9L,
-        0x750079f5a768a2e6L,0x0665502c2d423133L,0xaf33176715135cdcL } },
-    /* 30 << 175 */
-    { { 0xda8f7878c715abf4L,0xc62292a5a5830c4dL,0xfcd30f7e4b46acb9L,
-        0xb931f1ee39a73db2L,0xf838a5c84ee1afb0L,0x15609b57c202a921L },
-      { 0x2e21871620bbba58L,0xe1d2fa14ae2615cdL,0x0a4dcf3543946185L,
-        0x2e80d804730d2490L,0x5e43dc17794246b6L,0x7b3588c8dcb3be9bL } },
-    /* 31 << 175 */
-    { { 0x3e74f09c1bb8e6e2L,0xac587847584dba0dL,0x926415593f843324L,
-        0x0033257729f3ed18L,0x4b7164e5d0089537L,0xc50542793e54c9a0L },
-      { 0xbae7ff9808e58162L,0xc0707d03c1aa2fd9L,0x43524f717714dca8L,
-        0xa202a0707255b169L,0x0a7867ab4249b2e0L,0x03f748656d6ec5e9L } },
-    /* 32 << 175 */
-    { { 0xfa2db51a8d688e31L,0x225b696ca09c88d4L,0x9f88af1d6059171fL,
-        0x1c5fea5e782a0993L,0xe0fb15884ec710d3L,0xfaf372e5d32ce365L },
-      { 0xd9f896ab26506f45L,0x8d3503388373c724L,0x1b76992dca6e7342L,
-        0x76338fca6fd0c08bL,0xc3ea4c65a00f5c23L,0xdfab29b3b316b35bL } },
-    /* 33 << 175 */
-    { { 0xd2437a52eddd4b72L,0xe2cec2abf051b831L,0x845af98e482a4ea4L,
-        0x75758ccfa43cae82L,0xa76733429260ea35L,0x77845b02b1dd602aL },
-      { 0xb78bc4c047d5c450L,0xcb1f444550ad371bL,0x6bc01293d71cc417L,
-        0x8538f638c1fcb367L,0x5d01d35919b313f3L,0xcd6b55bfcf67f6acL } },
-    /* 34 << 175 */
-    { { 0xc28000d6e3b03290L,0x4dd5064a5f2ddbcdL,0x4916f830338a1414L,
-        0x3ffb8381aca74c22L,0xec073ee8e680f548L,0xa34e0693a0430cc3L },
-      { 0xc6baf20dca03e6e7L,0x2a30df6e835fb88dL,0xbf3c9e9cc2092d6bL,
-        0x391cb25c17bc2433L,0x9b7de7126c205c0aL,0xf25e1494cd2a5e62L } },
-    /* 35 << 175 */
-    { { 0x05ae44e9d21fdc9aL,0xc520657fce40ebbaL,0x6b8e25431270cb59L,
-        0x24e6f9bff7f096d0L,0xc6ded76a3ed81f52L,0x729d05e75f7df798L },
-      { 0x99e2636fe5468eb1L,0x6f3abd4c00419facL,0xfc61117a9cc41e09L,
-        0xb16f106baa399a51L,0x05603bc845e52713L,0x612658aca5c36107L } },
-    /* 36 << 175 */
-    { { 0x107573b96defe8f4L,0x9a9edf0570545313L,0x5df43df0e54e8272L,
-        0xac91bae8eeb4ae90L,0x241d54bd26006ab1L,0x0ba118a6c031de7dL },
-      { 0x376214671f500d4fL,0xbbd6b318bc3596e4L,0x4b5532c85992277aL,
-        0xb15165da16a4728bL,0xbd7986d45140abdfL,0xf4fe16df7386f38aL } },
-    /* 37 << 175 */
-    { { 0x8c5d305696aeee65L,0xe52e500ea79991dcL,0x3af4a3ef343fdde9L,
-        0xc6d0389b248ad10cL,0xc3dbdb3f5014de53L,0x606b1352310a0cd8L },
-      { 0x65af3f8479bde08fL,0xa6c7d968d82ab682L,0x7262c07d202a6508L,
-        0xd0231bb64cd75fe0L,0x58a34ca5dcb1f7fbL,0xcc8b21b21b8cf7a1L } },
-    /* 38 << 175 */
-    { { 0x4cd6e61be824653dL,0xfa02c0c9f253dd65L,0xab198e41b1e84cedL,
-        0x89ce6aff1928be7cL,0xf2a83f4895afb956L,0x5b5f195ddc73f3a5L },
-      { 0x44220ff79328317bL,0x03d62cb7f5239616L,0x0e908d34b5d49415L,
-        0x050b7651c1f7e665L,0x3610167089e1a98bL,0x564abb3418eb7644L } },
-    /* 39 << 175 */
-    { { 0x400b363b2eecacf6L,0xe2ae5bee1ed9fb9aL,0x23374b11831e99c6L,
-        0x0a8382d82cb9de95L,0xf95b8e052dc02291L,0x63b05a0d2f752257L },
-      { 0x9ec16f84b60d9df4L,0x6ed683ac3bda5171L,0x7206450813acca39L,
-        0x6024af3cf8871ba1L,0xbf88040e2f9a4d56L,0x001054149fb100e5L } },
-    /* 40 << 175 */
-    { { 0xd52c606375ccd2e3L,0x4fa8e4df56ce654aL,0xcd905c9bce581d23L,
-        0x51ce0eab24ff75eaL,0x1c1c0831432c6e5fL,0xb83307aec02f0e86L },
-      { 0x0b7a0274fe2ee821L,0xae7dd7729c3d69faL,0x54745da5931ed75fL,
-        0xc276d96f18caba13L,0x142571dd26dd9792L,0xc522dac16c0e3167L } },
-    /* 41 << 175 */
-    { { 0xa86fa630197b5b97L,0x749ea479fa21c176L,0x520c0e4871ce7101L,
-        0x5c53d9ebe30a0b0aL,0xdc71b629ceb570feL,0xa30fc3d11fa3699eL },
-      { 0x741321b579cbbfa4L,0x205ea0aae8d18119L,0x94556e92fc62e0eeL,
-        0x5ba78d4e042b9c3cL,0x14de84103fa24a56L,0x6e57a9fbd6557bceL } },
-    /* 42 << 175 */
-    { { 0x2a5e716ff103d9c9L,0xda2f7e5cb9cd27ecL,0x317f74b8e047e5cbL,
-        0xf1f496d33a4413feL,0x1a480a9cb8cc9fdeL,0x502b52d7575208d4L },
-      { 0xf14fe00cd19c49a3L,0xf5c2367b269be5a9L,0x966a524f12d42690L,
-        0x2786ff714dd03b95L,0x6fa1f891d69bf68dL,0x0f3d77579f67b3bfL } },
-    /* 43 << 175 */
-    { { 0x230c8d00c966c638L,0xde5c9e8e54673305L,0x618b0dd561bc99faL,
-        0x669618048f3cb5c0L,0x7c653ca507141ba5L,0x454d54ff32ba155aL },
-      { 0x82665a307df3e39fL,0x15eb1a65ca19cbb7L,0x4e7632a617330ab3L,
-        0xc69235295a3221b4L,0xe23ee9382eb58e9dL,0xb320aa8e23bcf88cL } },
-    /* 44 << 175 */
-    { { 0x6ba15fe607a7ecf8L,0x93127926f831cc91L,0xfde2dbf41ff6264fL,
-        0xdf7f22018413fdb2L,0xdd81d11487f66260L,0x87907f0e4a87133dL },
-      { 0xeac1032cb1d47e23L,0xe2603119125a0918L,0xba680392f2259208L,
-        0xb7c7f8ebf9bf06b7L,0x875a380fa56ba57cL,0x05a88a97460c939cL } },
-    /* 45 << 175 */
-    { { 0xfb2871b7d0dc771eL,0xd12b21fcbaf358c9L,0x30dbd412df616c16L,
-        0x291bd90f9345e16bL,0x92f7534b8ee6bb6dL,0x7ebc5b0eb1c901a0L },
-      { 0xc9e9c76151e1881aL,0x5ca52152756bfecbL,0xb0a9f5cb6affd506L,
-        0x4c12f965669feb3eL,0x01d84b9ea6f1c529L,0x3870fa27e8433c92L } },
-    /* 46 << 175 */
-    { { 0xe4e9e72495bb5db0L,0x86babe3ffd616958L,0xc1520c280f93c1cbL,
-        0xe393ded539cab777L,0x031a2af3e86a6ca3L,0xb26a19101e8466eeL },
-      { 0xb16b746dbb64fd81L,0x4e96f0b65a97d50eL,0x7a12a611a793fac2L,
-        0x8d729847db6482aeL,0xdd050ce812e72ce5L,0x915041366c54299aL } },
-    /* 47 << 175 */
-    { { 0x9e8018c06b63c4beL,0x49dde0c8fce47904L,0x1668de9c9bae36cdL,
-        0x8dfb0d5f80ed18aeL,0xfd6739a791e1949dL,0x80353c9f8053d7d6L },
-      { 0xa611699bdea54710L,0x5eacf16e6c6c1f5bL,0x5212fbd3c920323eL,
-        0xaf75db75848d085fL,0xb58564b1babb45b8L,0xefa1958938bc491dL } },
-    /* 48 << 175 */
-    { { 0x0a43a76c2f95a081L,0x27eaf2bc38b1c395L,0x6ba3222c63da1d80L,
-        0xd95ae17e6a78ce09L,0xa72d9812508f03b3L,0x9f36d02efa8ed359L },
-      { 0x1716d1dcd5118f96L,0xd116339f489bbc53L,0x272153ef6f7e1d3dL,
-        0xcb4a9e739e308d22L,0xcfa9d88b615a3646L,0x8b69bd6cde454569L } },
-    /* 49 << 175 */
-    { { 0x33ae0fec2b8f41feL,0xc45aac500762c46bL,0xa03bc6ddf228ec44L,
-        0x82cb78cfea3d48c2L,0xbe7a02ed27126795L,0x1a44d1f830b3e3ddL },
-      { 0xb414edc73be7b58cL,0xb3e6c7ce331bcbc9L,0x9f6fd0f2903b3508L,
-        0x260c8b5736cc2930L,0x8581a05d0d59278dL,0xfac1817b189b3005L } },
-    /* 50 << 175 */
-    { { 0xbf4d4640cc9a69c3L,0x07b39b5d67d262dfL,0xcd4a6a4579526d6cL,
-        0x4a04c430538143caL,0x6c3341b86639e3b0L,0xd490cab5ab7216d4L },
-      { 0xedda2b64a2a93161L,0x04e309de644a06f3L,0x7cad728a8c4495fbL,
-        0xe1744f3871dd61f4L,0x39cbd782e3201618L,0xbd66e1850ca18ab4L } },
-    /* 51 << 175 */
-    { { 0x69d8237f87dcb8beL,0x3f9a485b090e0237L,0x535371e1f117a1c5L,
-        0x0d5ef52675430c29L,0xcb9c150898fdd18dL,0xc7c1a7b4108d9383L },
-      { 0x6ba9fb4d98064eedL,0x07d205a9a3df31c8L,0x7a0be62e9be5da37L,
-        0x03b21b1255a9e2c2L,0x3f4792263de80449L,0xb0160ee1ae3bf31cL } },
-    /* 52 << 175 */
-    { { 0xa22c084a7a3f8c5eL,0xeb7fe23f3ef30511L,0x161ca862819fa38aL,
-        0xe5f014156d45762aL,0x37da6bb95718b789L,0xfcb682bbd837f453L },
-      { 0xc49c7397275e5974L,0xbe908df5a1ed0925L,0x3dcd694615a13ea0L,
-        0xdbe652e32596fa76L,0x6a3bcc93c55d376cL,0xa2f7611933a0f02bL } },
-    /* 53 << 175 */
-    { { 0xdfff9b9c6ed061ffL,0xa36aef2dec32b16cL,0x9f3b7ab6da61572dL,
-        0x96e72a027ac2dac9L,0xb0e36e023aaf4fcdL,0x5f32a620503004cfL },
-      { 0x6c91dacbadcd649aL,0xb25deea21ac02a32L,0x211a421ffb914c2cL,
-        0x1ddbd60e149fde1dL,0x91c4cc0d7ce86ad3L,0x8be6f031b9ed909cL } },
-    /* 54 << 175 */
-    { { 0x62e773c4a0cb50ffL,0xe54fdbdd2e903681L,0xed2bce9e21c12ca9L,
-        0x13aa4748c072bae6L,0xb290c0ad475f290eL,0xcbbc3f9b56698a85L },
-      { 0xfb37611b1b7fff76L,0xe62a842260bc2e36L,0xb6a36c783bb20fd4L,
-        0xdec045418dd69509L,0x67648b7798a1ad2aL,0x4fa2005d078fdea3L } },
-    /* 55 << 175 */
-    { { 0x757f249416307553L,0x865af9d0de6bcb49L,0x3943031a07b0104cL,
-        0xe5fdb46168da2d33L,0x4937d614b5432b48L,0xb3fbbf2c0a29a5e5L },
-      { 0xe7d3b12b8de89887L,0xc1a43c24e41258c3L,0x91ac7eabf7d9efe4L,
-        0xfd90de0088385cb3L,0xead102e37674c39fL,0x7b9a2cc4fff118c5L } },
-    /* 56 << 175 */
-    { { 0x11f92678a1e598f5L,0xde8052491fbb882aL,0x3730b3261154d0aaL,
-        0x0e279827da521670L,0xa03c8c702336f8c0L,0xae50e64ff0bd66d6L },
-      { 0xfbfd665f7af4f681L,0x237a4f4e5c8d5680L,0x6527611ba409064fL,
-        0x1f4eff6a99db9a94L,0x4a55d96ae53ba177L,0xd9dec234f002368aL } },
-    /* 57 << 175 */
-    { { 0xbb837d0ad193ebc0L,0xab1e3eccd09b24caL,0x229f36d81d848777L,
-        0xee895edf0ab68c98L,0x67fc65f4dce31b92L,0x777ebe585db96c26L },
-      { 0xca0893ae6047d0d6L,0x71a2ca0b550d6905L,0x35426866eac4c2e3L,
-        0xb4d7e78e0c1b8eb0L,0x03cb0a9a84b384e4L,0xd8a99a5c7f7115b6L } },
-    /* 58 << 175 */
-    { { 0x07db8bfa5f25a74eL,0x97dd568a3dd8e706L,0xcf4c02a32fb59efaL,
-        0xe2ae502616b291e4L,0x5499f3b20f9c10cfL,0x59abdcf5a7297ec7L },
-      { 0xcec282671f4a3646L,0xc10ae0971e065cb1L,0x172f886319dbbaebL,
-        0xb0c27f7d73dd068aL,0x764d185495086ceaL,0xb89923c732de9a97L } },
-    /* 59 << 175 */
-    { { 0xacd499ca093345e2L,0xfbdb3895f3c23800L,0x2584f8ca02f0fadbL,
-        0x9f5dc96ec2f35eddL,0x4dd102ca1ba0266dL,0x13ee9c8aa9f26fabL },
-      { 0x9e7467fa2a1e61daL,0x999764b6850191c5L,0xd053a575b70dd8dcL,
-        0x697b856fd7065eb7L,0x9d5bb6aa695b4914L,0xc5cdd170e65001f1L } },
-    /* 60 << 175 */
-    { { 0xe87cf622e93495f0L,0x347b09c6bb43a802L,0x2a38f3b7a4e3ac34L,
-        0x13353b959751c1c4L,0x753ec3ecb3947985L,0x3bf856dc12d3fa90L },
-      { 0xbf4f6fa5ec35dbe0L,0xd099a15bf3b4fcf2L,0xb348462fbfe7245bL,
-        0x508324b352a2d4f4L,0xec4bae05feee1315L,0x468fa9e404496618L } },
-    /* 61 << 175 */
-    { { 0xc57673257d5e7a94L,0x40c05da604cefc01L,0xba1fd6c6b921c681L,
-        0x0d3e09f9c104cedfL,0x4b7cd83cc6586416L,0xb747d7f9adfa7bfaL },
-      { 0x833f8e24a42be782L,0xd5f0421d06b2471fL,0xac87b17c22e4b84eL,
-        0x85af6b063a10c7bbL,0x4e557cbf66e88e2aL,0xaff21b66d3751e40L } },
-    /* 62 << 175 */
-    { { 0xdbab25f4c4464538L,0x3c36560ba93d7f74L,0x8b9b15d39f86f410L,
-        0x1237e35b0a1db237L,0xc9dad97994f49677L,0x390a3d8f15dff99eL },
-      { 0x0a74dfaef82c19edL,0x3f8e958589c2dc55L,0x763448ce94a8e729L,
-        0xc6349398625f0517L,0x1ca5f9e7523dd700L,0x45aa25317fe638dbL } },
-    /* 63 << 175 */
-    { { 0xe91af601aad04ed7L,0x6f86f323e897df2eL,0xf8c259564c7a0ab8L,
-        0x6e793f3633845d15L,0x08937ef5e583d043L,0x92dafa5824d1fd96L },
-      { 0x6458ae2a86c9aedbL,0x271823a026a4252fL,0xb119fe4c5a57ef16L,
-        0xf41e13943a507289L,0x0cbf1da6bd1aa499L,0xa177ac9dc2465a51L } },
-    /* 64 << 175 */
-    { { 0x14f962e404a8313dL,0xc6e3e7c45f1f5a26L,0x2c0e11c079e777beL,
-        0xa1705efb4657c31bL,0x02688fd23c494de3L,0x75664a84412a8718L },
-      { 0x878fc7ad7a422f8aL,0xe5d581df7419bd0aL,0x7c813c4c704b70c0L,
-        0x98553da87323c008L,0x4f63cec663089f1aL,0x9626d6fa9655d291L } },
-    /* 0 << 182 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 182 */
-    { { 0x10586ea7507f8b27L,0x1510deb9a261f7d7L,0xa42fc4d7dfbfa352L,
-        0xbf38c3821e1c2291L,0x46e40ef60e11760aL,0xc24f6061dcb974d7L },
-      { 0x755b105ba7619027L,0x8004bf09b8ffa759L,0xa630d0b00945db60L,
-        0xa160ac9cf2809e1cL,0x38fc1113dc6c95c5L,0x01f540985d52574fL } },
-    /* 2 << 182 */
-    { { 0xcda68a7e698ee21cL,0xc7414d196a5e725eL,0x483be2dadce20b91L,
-        0x7de1601cfc69dca6L,0x4bec17aaac4f9891L,0xe8741dd18d479a56L },
-      { 0xc623cb8dac23a286L,0xe20a96b5166133f0L,0xda9bb7c030dcde61L,
-        0xf84ea3273a1733fdL,0xd7afb6c3e82fac31L,0x37ea7d35d3897449L } },
-    /* 3 << 182 */
-    { { 0x120649b20370327bL,0x0e76555acd48cdc6L,0x4ed54decca01db03L,
-        0x7be21319ac601d22L,0xf711661901b6576eL,0x7839fa064e73537fL },
-      { 0x169d43ace46e860aL,0xde6d658c3078eed9L,0x8df731395032142bL,
-        0x6be199b09b3c76c7L,0xc2f385f6f8bbffe5L,0x848df7f3d5ffd28cL } },
-    /* 4 << 182 */
-    { { 0xa189f30fc6a6d6d1L,0xdd674d3669665ab8L,0x307c9ec37d8da76dL,
-        0xb3e1d006c1ea7c10L,0xc15e20b3b88c62d4L,0xb0000ec50bff3b3aL },
-      { 0x9e330eb19ff9aa5cL,0x8663f9fddf578877L,0x157d3cb002e1eb2aL,
-        0x638f297bf525e4d4L,0xa20f833234a3dff1L,0x748ea86b45a9c051L } },
-    /* 5 << 182 */
-    { { 0x978ed3abe664c066L,0x3f4a8e0d668361eaL,0x0ba610c753a25231L,
-        0xa8b5b864189143c6L,0x0d7ccefca2841fc2L,0xa80dd8f3f8fea1e1L },
-      { 0x2c24af232e19028cL,0x0e332b77919decaeL,0x44eae977f6089c76L,
-        0x25e04dae53722e9aL,0xdd6f8b1f71ac4db0L,0x7c5b6ffd075e7bc4L } },
-    /* 6 << 182 */
-    { { 0x4c6299a7a1de1cc7L,0x362d293c02d9445bL,0x08f24df0399a9494L,
-        0x33307792e37a1851L,0x1cc5e448760f680dL,0x70a6a8164a2efbefL },
-      { 0xee939681246fc671L,0xfa7a26d1f70a9c14L,0xfae5ca89b826aab5L,
-        0x6b8932c7e48176f9L,0x379f89bd9841c8e1L,0x46141d2fdb674190L } },
-    /* 7 << 182 */
-    { { 0xf4408485b4619d3aL,0x34b4f18160b4f44eL,0x369edc1b3532caf0L,
-        0x2d0471ec6771abc2L,0xca4129311013266dL,0x02e636af617e2024L },
-      { 0x1f93d60d3c69696cL,0x6aba7f2a1b99a172L,0x896873e1bf435ce6L,
-        0x9649f08215b71e40L,0x730bedcfa02b024fL,0xb17e9cbd8df60bfbL } },
-    /* 8 << 182 */
-    { { 0xfe9fdde8bc266ee3L,0x91668688ba18e6c7L,0xa65349acddde6f6eL,
-        0xc53c29c97e54356cL,0xee15ad945709f73cL,0x033b3940e5429277L },
-      { 0xf52035cdd0c3475aL,0x9c5bef4d93f1f1f0L,0x26e0b0ceca319bd4L,
-        0x4e7eb67b6951fd8dL,0xac3a6f4395c34d6fL,0x1f2769e600f60b59L } },
-    /* 9 << 182 */
-    { { 0x95188c136c4d0bedL,0x377a04901b5271e7L,0x60db30226a540165L,
-        0x4be61fda3310c5b9L,0xbbb4fbe93f8bbf16L,0x5232fb46ac12f77fL },
-      { 0x8d6f75ab255b569cL,0x09cc854d3bd39650L,0xec17a6e74b557c3eL,
-        0xd6949f9d5c3d149fL,0x9a17a440494b18b2L,0xc10cb9d5d4a024acL } },
-    /* 10 << 182 */
-    { { 0x4520be6b8eddc97bL,0xeb8f2c317391f948L,0x18fcbbd772369418L,
-        0xb8950ee217246882L,0x6b1e4b7a382e82c2L,0x9e2bb1eb7ea4c447L },
-      { 0x5202d913c3c5bc54L,0x53ea78cd21352716L,0x7bd53ffb36e6b4ecL,
-        0x8325bdf817387196L,0x33b2cd8af94d6a73L,0x206bdec5e13db4bcL } },
-    /* 11 << 182 */
-    { { 0x6e27ce2609c98c86L,0x8f87ec4c958002c2L,0x00b6897064ab26edL,
-        0xd2b4037282e5e129L,0xbeae654c78c48327L,0xc0632b4341a54107L },
-      { 0x7b1fc7f001562313L,0x01cd1b5c1fd6a56cL,0xa199a69835e71626L,
-        0xb02b2692635fbcffL,0x1c0c4200a0632386L,0x637164f8d6c670e7L } },
-    /* 12 << 182 */
-    { { 0x2c47010d18e30ee3L,0xb7d4b1dbfdd5f040L,0x5c8abe509d930f6dL,
-        0x6bcf875d5f56cf04L,0x1f6456c0062f1fc1L,0xc79597805304d710L },
-      { 0xd76452e4db85dcecL,0xd531f73fa0cbf90cL,0xb5ae9fc89021bde6L,
-        0x505c6b9f4babfae0L,0x99d943c17ea61fd6L,0x6ef4766159bf125aL } },
-    /* 13 << 182 */
-    { { 0x3a48020daa0b0a5dL,0x4a32d4d658bad0dfL,0xe013dbde2e4340ecL,
-        0x99efac69a5fc51f3L,0x26acf7a669ee64c6L,0x36672d6566fdc9f2L },
-      { 0x77426caedcb879feL,0x0166194676e3be96L,0xb6fe4709b2dac331L,
-        0x1f3d8a63678ff3ebL,0x711c0ea447bd5865L,0x5fbe38e87c080adeL } },
-    /* 14 << 182 */
-    { { 0xd0891b2df4e61379L,0xea2c7ceb9941c391L,0x1441a2d099677e8aL,
-        0xc29d88c8abcb3669L,0xecb1a21a06ce9bd9L,0x0663fa7cf5b11fc6L },
-      { 0x440a5a1c0c44c2c8L,0x08d71bc39fdded3cL,0x62b53ca512d33d2eL,
-        0x3fb8640e005e8adfL,0x2a9acaefaa2673a5L,0x356ae6f6695f8448L } },
-    /* 15 << 182 */
-    { { 0xcf3c9b318496d935L,0x7e849aff8ceefc78L,0xfc06a46e7a5d692dL,
-        0x87248699e89463afL,0x4dc55e5e8e17af3cL,0x3378832fe41ec54cL },
-      { 0x7578d6192816f87dL,0x505845612806d3cdL,0x7354f1022754c3d7L,
-        0x61ca6cac08d64863L,0xecde4969eb9954ecL,0xe0c211b4a1a5dae0L } },
-    /* 16 << 182 */
-    { { 0xbd10b8bffb787270L,0x4f0b1566e43aaab6L,0x9a18be5ec0c90781L,
-        0x3677f4c71ad167ceL,0xccb254e2a68c1c56L,0x392493e6e2c4d275L },
-      { 0x44958cb1d5b63617L,0x178f141a4caa4e7cL,0x7445a767a2ffdbd5L,
-        0x0e789c99b0b6c22dL,0x3ff8b6565dc92b2eL,0x1623e5c3eca98782L } },
-    /* 17 << 182 */
-    { { 0xcb013ff62c5c50daL,0x5e5550b70b256dd6L,0x38249ee1bfd47036L,
-        0x984daee275379fbfL,0xfb35304588c6bc7fL,0x32379c955f9683aeL },
-      { 0xbcb4ac531b5a8626L,0x1057d2a3bbaa0deaL,0x114ef8a7ffa8efb7L,
-        0x553a34566da90cbaL,0xa2ced0b21a365fe6L,0xcec4d64bb1ccdb57L } },
-    /* 18 << 182 */
-    { { 0xe0312b66b81fe0eeL,0x11e0493b892c7b21L,0xb6a1d76e624ce73bL,
-        0x38768ec0cd75cb6aL,0x425b091f2032c271L,0xa88d39f55b5d8338L },
-      { 0x1496b9ed1916be43L,0x14468e3054549f3cL,0xd429c2c47248e206L,
-        0x21a1c212fc9e892aL,0x0feb5822640c984dL,0x0cabfb472b7c0c66L } },
-    /* 19 << 182 */
-    { { 0xcda1c4cd1cc5a20fL,0x33d66a893f67814bL,0xbba50d5360ce82edL,
-        0x9d34dc4d70553a53L,0xc926f498a8a1442fL,0x9dfe3cbccbb43feaL },
-      { 0xd25887434fd3e4efL,0x7443a9a9a371d894L,0xb53e6afaa22bb4f9L,
-        0xcef3fa347dfc9da4L,0xd079ded047403836L,0xc6c97c36d39aa93bL } },
-    /* 20 << 182 */
-    { { 0x6618fcae534f6370L,0x1635580da1a864a2L,0x90ad39947d7ce552L,
-        0xbf8c45895257f24bL,0x5a9499202098768cL,0xec1eb621bb6d8830L },
-      { 0xfae8f161f1f9ac16L,0xfc9184ca35704c99L,0xa72b1ea9139ea04fL,
-        0x82229a912e39e1d8L,0x4153bf3e479c7bc2L,0x83325be4c5541825L } },
-    /* 21 << 182 */
-    { { 0x358a91badbea81d1L,0x4d1947d7c669c7a9L,0x4ca6d8f18eedbfcaL,
-        0xf9eda237069b3b93L,0x9e1217e5a35ea963L,0xb7e16f08ab960c77L },
-      { 0xf440d825fb313db7L,0x804c5262101c5424L,0xd236a0edab3c4f7aL,
-        0xf8bdb2b1c2682459L,0xfaa7aacaf46c4d70L,0xcf6ce4adae83dd7cL } },
-    /* 22 << 182 */
-    { { 0x2c7756bcbd452842L,0x2c47593cd1783fd8L,0xa4f41583a7527697L,
-        0x2fddafbbd1049934L,0xc087f3db6c71063fL,0x8f5a85c4c9b3ef6cL },
-      { 0xbe178bc966a975d0L,0x2e2d825b94066514L,0x061dd919e0d42ba4L,
-        0x964fdcfb227ca011L,0xcb915b2973d7ba7aL,0xaa7f2fa72af8338aL } },
-    /* 23 << 182 */
-    { { 0xbdbb3440734e8984L,0x8b9b7acb3d6f547aL,0xfc4f48ea0e76a07cL,
-        0x49758a9f97da0c23L,0x13f4254a26958261L,0xdf1fdca2adb3ef57L },
-      { 0xfafba40d699460e6L,0x71b2de39cd5c94c4L,0x52d76b76c21cdf0eL,
-        0xbe75960760f3dfa3L,0x519d4fcb7078f5e0L,0x4bd8ca7f5191e1b3L } },
-    /* 24 << 182 */
-    { { 0xfadf9be978207cefL,0x97d5ba569cb5718eL,0xcbad24ec2f995393L,
-        0x6236a26861203303L,0xe4bafc336589a4beL,0x6cba77185e23fa82L },
-      { 0x8ccbc5774583e65aL,0xe5d88bca4bc2f415L,0xe6bc2d5841df8dd1L,
-        0xec24e1d914d31fcdL,0xacaaf13efc26010bL,0x7e1da447e01b92f3L } },
-    /* 25 << 182 */
-    { { 0x2b3477ec1a29de39L,0x30a5c2190a8720eaL,0xf593ec729775bad0L,
-        0xaaf607792af7dbbeL,0xaace90d4c7cc7b59L,0x6eadf21d40509cf4L },
-      { 0xb9a5f138096d00fcL,0x3896d42625b206a0L,0x0f28f0f09dcaa5dcL,
-        0x2ef6f9f9a8186106L,0xd212710fe25b4d04L,0x0cc6d2878b9847b2L } },
-    /* 26 << 182 */
-    { { 0xe7407327cdfb2baeL,0x06745198510c3039L,0x8a913ba74da758e9L,
-        0xc882e7bb1a4797abL,0x0f0d8eb5dd7b375dL,0x90ac5223dcff3f3fL },
-      { 0x8443b7cabbe341a3L,0xa7cba7f22f173bbcL,0x04669ff830e5c327L,
-        0x0edd0eac09b777fcL,0x2a70898bd71e0cb2L,0x881c48929bd983bfL } },
-    /* 27 << 182 */
-    { { 0xe4847c654e7603f4L,0x826cd33c0bbea366L,0x95727caf2c4ced28L,
-        0x580313dedb8ac1e8L,0x6745673701363cb0L,0x540c35ec0ff13cc9L },
-      { 0x878c86fe3c4fc263L,0x4d81f8aed14e7c78L,0x6f7cf97e8355ef22L,
-        0xa2aadbc848a0aef8L,0xe0200ecf4fc3c61bL,0x7e58e6e0c8094ab1L } },
-    /* 28 << 182 */
-    { { 0xc52789bbf2d3bdc6L,0xd38673fc3b23d7a0L,0x8b6df95aacafbbfaL,
-        0x37afdcbdc7f6eb6dL,0x57775bdd6cb4c9d7L,0xc34e5a2711007453L },
-      { 0x903e5ba1b5faf98eL,0x811e142a9d4a8a45L,0x046d18932d7ac9e4L,
-        0xe2fe9d1543ce66a8L,0x44b5beb4d4956410L,0x7c5f1b9ebb147f72L } },
-    /* 29 << 182 */
-    { { 0xd51033f48312b074L,0xc98fe29456f898d7L,0xa8d6433be8eeebbaL,
-        0x50bf170976fdbb84L,0xdd95f89d43c14baeL,0x13f9c7366307bca5L },
-      { 0x3cd12e2855e7bc8fL,0xe2d7482c3a52581cL,0x12a2c6c7b59eeb8cL,
-        0xf98f79124ae87ffcL,0x41eb808e80d7bf65L,0x589970f2015e20adL } },
-    /* 30 << 182 */
-    { { 0x200a764a6333b070L,0xa0acd8ecdf0d20d7L,0xbc1c589953269941L,
-        0xed7c9192b439eca8L,0x057c50eeb789f0cdL,0x31dc2d36a9c794a3L },
-      { 0xe3f2d38dd58ef984L,0xdb250da69235b084L,0xc2ff1b49da05b500L,
-        0xf2ea6cc50387c539L,0x8250353a3d1004cfL,0x69103201aed0bf97L } },
-    /* 31 << 182 */
-    { { 0x495cd7fc878e97f8L,0x6397fa8b61120b1dL,0x20b9afddc8708907L,
-        0x84f55bb97be2ee80L,0x996fcb9d8d075b5dL,0x2e94d95ead858627L },
-      { 0xf786143e77113ebaL,0x6fec684f7b3fdb28L,0x4be44fb211d10d07L,
-        0x4b3478e2372f16b6L,0xec8d61614697ca58L,0x097d241c3a45f335L } },
-    /* 32 << 182 */
-    { { 0x6f6a6104899ef333L,0x95496f6d39067165L,0x42fd9a6ab51989e5L,
-        0x1b60ce0f68f5b168L,0x97324d8756f7fe67L,0x443812f7676815a8L },
-      { 0x265ee994685a7260L,0x342c7b2f6c6515f0L,0xe909232334b4adb0L,
-        0xddcd233e1e5a8d18L,0x3dc5b27c5f4f6456L,0x9664533a7f421d9bL } },
-    /* 33 << 182 */
-    { { 0xa55e8ab09a35f4aeL,0xf908fb35ebbadf5dL,0xf885d61b35fee31aL,
-        0xb8047f4f82728fdbL,0xa6fe454d33c5bc34L,0xdc5266332ef52e54L },
-      { 0xb2f524a931581251L,0xb9eeec91aba760f4L,0xa95d396624a9b423L,
-        0xfd52f4d29d3d75acL,0x82719e78834d4c33L,0xeeca71fb3840ca62L } },
-    /* 34 << 182 */
-    { { 0x984658940f4c60e0L,0x3929d4c645ce7c0cL,0x7846d6c19c4f9b89L,
-        0x2c38a9b20fbc695bL,0xeeb4799ad73d4bb2L,0x7c16e5ba4e3b5520L },
-      { 0x11ce92e51cf310d2L,0x0910dcc91e037725L,0x159fcef85fc5af9fL,
-        0x4944f8ee1dcb3ca5L,0xf5d9f8c0b9a4516fL,0x452f0fa2f1cfa6e0L } },
-    /* 35 << 182 */
-    { { 0x59b15b61c634aab2L,0xcca0742a620df0b6L,0x791d95720d345276L,
-        0xb775b790cd3854baL,0x944e591a256c26fbL,0xc5fda2d0b8fe17d9L },
-      { 0x7dba5830c0aff69dL,0x46f7164b0f7c6d60L,0xd767cd58549eeb83L,
-        0x4498b4f51ff2da7cL,0xeef2caf8fc594b0eL,0x88dc39ec5f0a95b1L } },
-    /* 36 << 182 */
-    { { 0x1a57d3e1b3fe597eL,0x1a3ad06d18d1b6f0L,0xf70f27b32e4a4617L,
-        0x55e8a0479a75b4adL,0x0b24d5beede15d86L,0x2b3c41d0fb2f56b5L },
-      { 0xf6cf36aab1d36456L,0x418a72fe1d8ff434L,0x64149a0d156746bbL,
-        0xae65897c4e3a26d6L,0xb75e87d21e68eefdL,0x5b81e0b01cb27c91L } },
-    /* 37 << 182 */
-    { { 0x2c3fa19b34b90671L,0x369c9e9aa7c9aae3L,0xd89dc03f3d236ad0L,
-        0x280c47b9588ace95L,0x0ad071be57f25a96L,0x36ce641d8296279cL },
-      { 0x321778128595511dL,0x51878842b52cb227L,0x720df7ab4156b413L,
-        0xccc71e10fed25819L,0xc878554e3fde679bL,0x9c50ecbe3b565d48L } },
-    /* 38 << 182 */
-    { { 0xb2d66f1ffe23ba35L,0x82339e2914b273a4L,0x454a5f0b58c2be97L,
-        0x0ebadaa68488ac1fL,0x3c635442517e9af1L,0xa87044c3a5b9fe2bL },
-      { 0xb8214dbdb505ae0bL,0x05a9bfad60bf4393L,0xb7b64b42428a49ceL,
-        0xcad71866bd2283f1L,0x5bcfe7fce33a3a22L,0x018a2121fd6c73c3L } },
-    /* 39 << 182 */
-    { { 0xc4471fb02510a1c7L,0x542e73bd2c1c35c1L,0x0bc8bcc4f028a46aL,
-        0xdf87cd2bb5610f25L,0x0845e4d1df42b41fL,0xc0523e3593aba84dL },
-      { 0xc9161e8ed14887b0L,0xa96f9b3aa68c235dL,0xba1427a46f94d5b5L,
-        0x6a5fdbbc858e00f3L,0x8170bad6abfaf661L,0xb4b9dc0ec9f4abedL } },
-    /* 40 << 182 */
-    { { 0xc48bc829ff7543c0L,0xc0bda14c4d72bfaaL,0x2f470ec703be0af1L,
-        0xc70f1e8e92d37eb4L,0x08abdd98418f410fL,0xe38c74ab35386176L },
-      { 0x9c07cfdd8c00426cL,0xba74c310a998f1adL,0x76b45140b7d2dda8L,
-        0xa52b5e584948330eL,0x9b7332348d8efb26L,0x5d1763735d19a312L } },
-    /* 41 << 182 */
-    { { 0x46950a441d38ade1L,0x377fdf593058c7a2L,0x5e2fa1681aa129f6L,
-        0x2eae63dbc5fe1745L,0x9616fee275545475L,0x4073a79c8627b2cbL },
-      { 0xf1ec69ea9a5198e4L,0xe9a906aebd2821d5L,0x193a9387bc22625bL,
-        0xca468d717b6c67ccL,0xb4d11cb360f17a73L,0xcd801a0e3df1cabbL } },
-    /* 42 << 182 */
-    { { 0x1b80b9c386cf5a12L,0xa5bcd3a016349cfdL,0xcee36e8f00d1edb5L,
-        0x9566e10a5b7bf29bL,0xd0db98cfd4ff0a0cL,0xb516605e7fe427d0L },
-      { 0x099066c18e614e25L,0x63537fbbabe78647L,0x5601a8b420117e1aL,
-        0xfd125e2f06df05acL,0xa7fcbd420948daeaL,0x55ad4ee28ff03220L } },
-    /* 43 << 182 */
-    { { 0x18d71671da2c6332L,0xb38bf94f98ee4e23L,0x9b90bf72ecc579e8L,
-        0x5af93aab1bf6b8c5L,0xdad6e7909342613eL,0x5a1d49dc710ad0ccL },
-      { 0x2013ed8801468036L,0xb8bd31cf2f0f6f9fL,0xf025eb2aaac961a6L,
-        0x1e201f659e1adb43L,0x2755f3aeac7e5132L,0x72d8e1d0f5205d31L } },
-    /* 44 << 182 */
-    { { 0x80bba9170319fec4L,0x4ba44600aaef6debL,0x83285b613594f325L,
-        0x8879183753b5765aL,0x651b4c6adaf1b02dL,0xccc17578825f609aL },
-      { 0x0b4076b39fddc6ffL,0x286e2daddf2fa874L,0x46c45233c413b648L,
-        0x4fa46969b7cfe0abL,0x835786f3e04f5e5bL,0x526292a90ce3f707L } },
-    /* 45 << 182 */
-    { { 0x9928e9eb83f17723L,0xc38d5de26c2306aaL,0x3dd3f371558b3989L,
-        0xfa4b194877154d39L,0x89f437e4b89f5448L,0xd5531444a6437c9bL },
-      { 0x65a6874092537cd4L,0x5f6d72281246fb09L,0x0db0b3be58539e37L,
-        0x1f0dd43df50f4143L,0x1aa12daec215aab3L,0xf82820fb7fe7b225L } },
-    /* 46 << 182 */
-    { { 0x32c6bf5e56cb520dL,0x74dc46c41569fa1aL,0xcbee46391ba52541L,
-        0x5e2f511a50ec4575L,0x90165e35032b6f53L,0x2b8f1f8a5544c780L },
-      { 0x95baef65c6b50147L,0x4e9db41946b7fde6L,0xe2463226f7afa6feL,
-        0x4d70932235409eb4L,0x8faad8937c20aa0aL,0xc8c95a85abc1ab65L } },
-    /* 47 << 182 */
-    { { 0xd5f54ce676d1f996L,0x55957500e595a0eaL,0x9b62e1fd92c72af4L,
-        0xb4803bc3069bf052L,0xb7cdf59c686ebd16L,0x2d1fa780655ac6d2L },
-      { 0x6c306d3edca404f5L,0x24e9d7a9a7b5fa9aL,0xe4c080ddc533c701L,
-        0x71d16b63425e29e3L,0x81c00db32d993e49L,0xb59f87f577902ecaL } },
-    /* 48 << 182 */
-    { { 0x43b58def987cf64aL,0xc95b16c63d4bcd4eL,0x5d1b1373bcd9b923L,
-        0xaf560542522e052bL,0xc2ff8f7583800352L,0x11723aa17fe2a4eaL },
-      { 0x28de7668e94bd9bdL,0x0ce80e0f874018a5L,0x0fe3755d8d43e726L,
-        0xa78296acf9b075c5L,0x76d58d9882207423L,0x5c5bc6971db99205L } },
-    /* 49 << 182 */
-    { { 0x9cbecc969e2aea70L,0x1a3fd38d7e4f2a84L,0xdc35e3c84b95e560L,
-        0xd5e912a5aa21d2e2L,0x037866628d8cd601L,0x4b726855f2bb35e6L },
-      { 0xa45a827a0d763ea2L,0x17d6e5ea057bceecL,0xdab2381d09a2a2a0L,
-        0xf1880617e9aa76dbL,0xb86444dbb184c5ecL,0x23a0e4b767da7c23L } },
-    /* 50 << 182 */
-    { { 0x2d94a6f030df736bL,0xd1ce20050b3be2bdL,0x201352b55e288cc1L,
-        0xdbd3dc57779644a7L,0x9f258b16d191db2bL,0xd83c827fd1c123efL },
-      { 0x74c5126e17f04f0aL,0x06008f14966e620fL,0xa4406ba80aaa9e37L,
-        0x27323f797faf87eeL,0x43380a672b1206a1L,0xab1ed1cfaf15ebedL } },
-    /* 51 << 182 */
-    { { 0xa3d2bad9bb22cc74L,0xfe6591a80e2b9221L,0x8c94c974d3cb4eefL,
-        0x772694266beb6451L,0x2942737a010986e4L,0x920c9dda59c1ace3L },
-      { 0xd31af336da61e1d3L,0x973997a118021018L,0x50a6c8425710575dL,
-        0xd61d47c9ade9d8a0L,0x90abe8f8a85f458fL,0x23cc28a3ac4d474bL } },
-    /* 52 << 182 */
-    { { 0x283d5bb63e052e69L,0x149ac3d01bd300e4L,0xb4c7b96ce0582ccaL,
-        0x66102883428cb7d7L,0xd3eea16b500958dfL,0xe1b6a74f74674893L },
-      { 0xe3b284be3fb0522bL,0x74b0fe2dea983a60L,0xd4328e5c81e465d8L,
-        0xecb534c7403173b3L,0x1721e22774144d34L,0xb7273c6aa88a5141L } },
-    /* 53 << 182 */
-    { { 0x0ea24ac64018877dL,0x265cbfe42acf249aL,0x811c17e61837d63aL,
-        0xff453f5d6b3adf1aL,0x7add0621a3031529L,0x62105dc838af1d27L },
-      { 0x2cd31a899b56ec62L,0x5f524be5ede7bbceL,0xc485b2ff66a044f5L,
-        0xae28f5dc87a7b274L,0xd41989a93415b6c5L,0x3051ca44c9c43ad1L } },
-    /* 54 << 182 */
-    { { 0xc22046bcfb50bf2eL,0xee22fb7b78f7c548L,0x5c41c6bc2b5b4563L,
-        0x56da674a8bf9259cL,0x3732f77433d8d4c7L,0xa90bf0472741046aL },
-      { 0x5ee7f4396288c2e0L,0xa7a1fec99ae621c6L,0x523c0569b76e955cL,
-        0xda0c2b378d1e8601L,0x9010bc349559b56dL,0x8d2fab0917b8d9b8L } },
-    /* 55 << 182 */
-    { { 0xb2caf938281b021cL,0xc61f3abf1404b0abL,0x24203e1cea26d902L,
-        0xc84f07e10d34906fL,0x8ba3d589f0cf7520L,0x86b54f6d9a2a90caL },
-      { 0x9f87234f3d77a667L,0x328941966e3fa8d0L,0x0921b4a6e994d49aL,
-        0xe77e9f8b8b3495cbL,0x9e5b74798da1fe56L,0xcbc09ce7b070591eL } },
-    /* 56 << 182 */
-    { { 0x583ee7dfe3b7e746L,0x0b6659e4a4fab3a8L,0x34ee02751946db5dL,
-        0x5ae3c0ba1a12eecaL,0x36756ed44ccb83e7L,0x973b0861a80eaf3aL },
-      { 0x969e38f46982ca90L,0x9a9bcd10018d01fcL,0xb540e9533272476aL,
-        0xcf91dd0a75ab7002L,0x2c7d363f39ceb983L,0x4369c221974747c7L } },
-    /* 57 << 182 */
-    { { 0x32c5b289642be172L,0xe5cc452e697e6a30L,0x344935e10aa6841fL,
-        0x9eb2dc4faad907a7L,0xaf77d029e121d0c0L,0x2bcddeb08bb073b8L },
-      { 0x3584dee5e40653fdL,0xe853b6337605f214L,0x4723f0add4bab900L,
-        0x16dddd27fbf91322L,0x1f96d7e610c525b2L,0xdfba535200c998abL } },
-    /* 58 << 182 */
-    { { 0x701e8ab819df9ed7L,0x1a6d74c13e2159d1L,0xe82127e0fc61a470L,
-        0xaa2e5f33dd15316fL,0x92b6ea927c42c081L,0xfd470a298522aef4L },
-      { 0x0c54a067e5ccf152L,0x60c113eda1a079b5L,0xdd501a8389d6e6b9L,
-        0x3dbf20d219792456L,0x633cd2b710bf70edL,0xace5327a0aa8e5e8L } },
-    /* 59 << 182 */
-    { { 0xed79a2de3b2a8a4aL,0x02851125cbf095c4L,0x6817ecd1880fd3bbL,
-        0x72acb6ff066adfe0L,0x04fd696d66ce8257L,0xb644f098dc81958fL },
-      { 0xcab55d1525218005L,0x1184b0a64de70465L,0x6248e1157aa96b53L,
-        0xe30958630516ac32L,0x19f80cc0d07084ceL,0xfdf7ca2efde86c28L } },
-    /* 60 << 182 */
-    { { 0x9a8857568bc1783eL,0xb373e5a0a7cf2ee3L,0xdeb162fde46cc503L,
-        0xd5d334601074ef35L,0x0030f98eea159a90L,0xc5ffbdde64e50d98L },
-      { 0x85a6486a48195b26L,0xdbf56597b1b9f2d6L,0x5df2352ab8613aebL,
-        0xc425807ebd0189a9L,0xcf5a34d4fa1f4f7bL,0x233e26c7628fd2ceL } },
-    /* 61 << 182 */
-    { { 0x6c4dd28313a1e482L,0x24bfc23bf803f1ceL,0xb8e795b2f426832fL,
-        0x636d2d63b13fcb5fL,0x2dbca0b214a508ecL,0x1948c957c1ff2b70L },
-      { 0xc9d7cd4ae3135c7aL,0x1bf41de75d7cfe18L,0xfff9428f2f6cd5fbL,
-        0xa25d3e8294d640edL,0xecdea1583e4fec66L,0xff3b2b1555530798L } },
-    /* 62 << 182 */
-    { { 0x483565313178cbc6L,0x085a31143f3a1ff0L,0xee2a58b11dc7054eL,
-        0xa9ce7c113287d5e6L,0xd283d22c8fa263a1L,0x9160bb8be77ff147L },
-      { 0x21dabddf918caf34L,0x6921e987ad1a9f13L,0x47e45c7d3ba0ad41L,
-        0xeaac63192bd18585L,0xb88881060818034aL,0x2d8e9c1b60be0a45L } },
-    /* 63 << 182 */
-    { { 0xad3e46af32f4625aL,0x5c2f95dd88371d5fL,0xfc7a9adef2415ac6L,
-        0x77a23c424ad85440L,0xce7c63712f4dd730L,0xd65bdc45a5c9f380L },
-      { 0x763d3990cf11ee6eL,0x7b2a927a9ffc522aL,0x65ccf351deead5c5L,
-        0xef1fa99cce4d076bL,0xdb6f5cca6708ba8fL,0x361525a0f3bac7ffL } },
-    /* 64 << 182 */
-    { { 0xbfc40c30f893a2caL,0xdf96980e0623bad1L,0x4fd7b54dc027511cL,
-        0xf4799284cf3484ceL,0x655ab811069beea5L,0x52588bc87392e280L },
-      { 0x522e7b404f0c17cbL,0xc0d88acac705e9b2L,0x9cf1b95877f3913fL,
-        0x3e06b9267dd52514L,0x992e920e2908cbcaL,0x13baced26d6ed529L } },
-    /* 0 << 189 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 189 */
-    { { 0x8a46c911bfc6c637L,0x8dc3d699e4fa4fe6L,0xd4ba64f15cf8e4c9L,
-        0x01b3908a01cb3488L,0x69b1fa5d38bd7dedL,0x92ad483818b2eae1L },
-      { 0x619324beb33955b6L,0xc7f373355c8a6df7L,0xa397f42e925b3f69L,
-        0x32169a495f7e4d11L,0xc0fa9a548d0d9f01L,0xf52a1f2289d8f2e5L } },
-    /* 2 << 189 */
-    { { 0x9c0d5231ba8e0a52L,0x94d0509e93e465d7L,0x67df90dd98515454L,
-        0x223e8b9c8dbfb46aL,0xf39529a36d757ce3L,0xffec9175b4648296L },
-      { 0x330749e8f78aae7bL,0x19e5549645f93cc3L,0x8c320b3494083aa8L,
-        0x1161f5a321e321c6L,0x0980deedde3e7892L,0x605aa9196ad76cccL } },
-    /* 3 << 189 */
-    { { 0x71191262062312e3L,0x84c82a94691f46faL,0xad4b344bdda57f44L,
-        0x674b758ac4f0cfd2L,0x3bc058a077543efdL,0x3d7c765756618d06L },
-      { 0x95107c744dba9e44L,0xe59c3180cfdf1923L,0x5dbeaf35e3f1d63cL,
-        0x012029c643ab8726L,0x4f588a4ea256c6fdL,0x14a01b7a3e5d2e30L } },
-    /* 4 << 189 */
-    { { 0x73fa3508180660f7L,0x4cae013e2d24936fL,0xf64a549f58493d98L,
-        0xd9ceae0adc79f602L,0x6569e37bd1512b84L,0x11e4c022151c9151L },
-      { 0x075678c2b55c5813L,0xb26cdb5809d3cb16L,0x6334dca3a57fb969L,
-        0x0ed90820223dc3ceL,0x74f9c3aebd11e277L,0xaeefed3679c0b8e2L } },
-    /* 5 << 189 */
-    { { 0x22195e48e57ac6a0L,0xba77c58214bd1913L,0x265f96b4323349b5L,
-        0xc183196ea124d497L,0x99f1f78d2466d82eL,0x185a18bfc6263afcL },
-      { 0x29a3d5b686cf8908L,0x81f3bc00f680511dL,0x5f6ffc81661d015aL,
-        0x31c2ff64cd5eb082L,0xc3c37ad672776042L,0x49438769d9c6ac75L } },
-    /* 6 << 189 */
-    { { 0x0e2fc74c2a24c385L,0x836a474034679278L,0x25518f16817e2c41L,
-        0x8b573a8eb4b7d3c1L,0x012797f94ab56adfL,0x9e0e56d0fa2ab690L },
-      { 0x009ba1ee1c9f6f08L,0x8ebf4aac2f412e9eL,0xb143122a1cfb4e02L,
-        0x988cf0eccbf2b783L,0x44a7ed9657f5be97L,0xbdcad87251804147L } },
-    /* 7 << 189 */
-    { { 0x969fcd982f60d1a0L,0xf0f4c9b2ef06b3ebL,0x8c6438cb49ec8f92L,
-        0x746107773f1653daL,0xf7cbc899b574576aL,0x758de9008494795cL },
-      { 0x73045065ab22cf9fL,0x9893653c9ff13e98L,0x6e8860264a58d64dL,
-        0x387d6cc34e3bf554L,0x82a49da4a42b0008L,0xb28bd9b71b0b1c47L } },
-    /* 8 << 189 */
-    { { 0x378205de2f9fbe67L,0xc4afcb837f728e44L,0xdbcec06c682e00f1L,
-        0xf2a145c3114d5423L,0xa01d98747a52463eL,0xfc0935b17d717b0aL },
-      { 0x9653bc4fd4d01f95L,0x9aa83ea89560ad34L,0xf77943dcaf8e3f3fL,
-        0x70774a10e86fe16eL,0x6b62e6f1bf9ffdcfL,0x8a72f39e588745c9L } },
-    /* 9 << 189 */
-    { { 0x97e6400574103b65L,0xdad518d6db50ac66L,0xaf96065961077d1bL,
-        0x1335de0a5baab1f5L,0xd404db749e444a1cL,0xd3124c5027d5fe2fL },
-      { 0x1f20c68a0bd49e9dL,0x44405e6aad6a1654L,0x287d565193c362a9L,
-        0x301ec6a2e76661bfL,0x4900f9b54c6f9927L,0xca3dbc3464bf3909L } },
-    /* 10 << 189 */
-    { { 0xa96955b9b1bafbc4L,0x8dcb55a7646ece39L,0x2b62784feb00e541L,
-        0x462f9d7d2693249bL,0x8b264697794c189dL,0xded6ff5563354e69L },
-      { 0x7c8ea441eed1089fL,0xe355f75c1462f461L,0x87b691f61210fd5bL,
-        0x7291bffb6983cb27L,0x9ed83afc92800095L,0x307a3dc81f24d923L } },
-    /* 11 << 189 */
-    { { 0x9f79814a45faaa0cL,0xc64a7ac93bb1b07eL,0xaad6ff897f2ad506L,
-        0x43da948300b83699L,0x6a702b8d6617956dL,0xfcb1035a7981052bL },
-      { 0x094acd48cb230926L,0x3c3249d05da96800L,0x934088079d7208c8L,
-        0xe4f04014d738a48dL,0x49bc5f0bf18b06c2L,0xf854285f596b9befL } },
-    /* 12 << 189 */
-    { { 0x7cec60ead7804b2fL,0x0064464345c11441L,0x3c6de88b769cd685L,
-        0x34709186c7f01232L,0xd9eef41eedd2bd0dL,0x3bafcccde427faa9L },
-      { 0x33e5350ec07e701aL,0x9cb2eb47a87c1fd1L,0x9fa9a7790d5f5b28L,
-        0xa2e7076b07ea2e53L,0x72f4da325c169cf4L,0xb7f192947e751588L } },
-    /* 13 << 189 */
-    { { 0x1a3b217d2f6d700dL,0xcbbe9349ed335d55L,0x428adbfb53ff169aL,
-        0xbd74385214793b47L,0x2224e2569d9460a2L,0x8408600809982ac0L },
-      { 0xae6c6f9934447242L,0x63c78b2b9b51fb67L,0x381c948a389593d4L,
-        0xf4cdd09f6e79ee72L,0xc658428ba185a0b6L,0xcd7562a786fe4c6fL } },
-    /* 14 << 189 */
-    { { 0x47eb133532dd7a30L,0x9d058169a9db654dL,0x375c59df6e7a2b1aL,
-        0x55d37c677a35f29fL,0xc78a3678493c4cdeL,0xe5f0e2d68d83e31bL },
-      { 0xf7927002e9777bf9L,0xdd559324a5afdfc7L,0x077c6c48b81c08ccL,
-        0xba1c98ccaa2ef694L,0x06c6c9544c02dd46L,0x211e50f37dd3145eL } },
-    /* 15 << 189 */
-    { { 0x7f985fa8a96aea53L,0x811f94dc480b38d4L,0x91fdd510f3d40c68L,
-        0xc156312ccd763693L,0x24b544c3640057dbL,0xd7d5d4f5ad3b5a1bL },
-      { 0x5e235a1e26cda8a4L,0x0cf7b7cd1d2c6f17L,0x17b1ccf0908d3107L,
-        0xf32f2a06f555eb5cL,0x274f7c2cb3c278c6L,0xcf1eaf296af1b44dL } },
-    /* 16 << 189 */
-    { { 0x2a5f8ecf06616d0dL,0xca9b1cb8c7deb373L,0x9de31cedc59c4301L,
-        0x1e0f40b10111d998L,0xd29d229f960d5b95L,0x10563249d1dabab8L },
-      { 0x7b225cc9a05ecac9L,0xb02e689678f3b8a0L,0x009b52a1f5fb06b2L,
-        0x8a575d3f842b9081L,0xfddb48afe9272512L,0xd39b8f1d0b452cb7L } },
-    /* 17 << 189 */
-    { { 0xb6efc7e167ba9cd3L,0x5a642c288e4f62a6L,0x214a63da364378edL,
-        0x582c59944121c53cL,0x840277facc9a728fL,0xc6db3529f8f72d39L },
-      { 0x9c5cc2760aca9955L,0x8558a58db8b6dcd6L,0x709226acf0701f24L,
-        0x6ce95b21ed248b40L,0x32ea565b5487934aL,0xa75a688496f9ddd1L } },
-    /* 18 << 189 */
-    { { 0x0d6b9c7c67e09987L,0x261a564d0761ad52L,0xec4621749f60925bL,
-        0x83ee0c1218529b03L,0x72972467fbcfff74L,0x37fc074c6abc4bfbL },
-      { 0x8b6015bd54e65e89L,0xde8583eb991583cbL,0x379548e1b4d2c62aL,
-        0x88024a9a9b24a5e5L,0x633aa869fc03abfcL,0xa27657b98fa35283L } },
-    /* 19 << 189 */
-    { { 0xb340993c5727e344L,0x2379f51d4f3295d5L,0xa5de3efce2929734L,
-        0x7d2e2c82d8717e3eL,0x8f24abb67180db1fL,0xa5060d648a4ed876L },
-      { 0x8d39e3a2761110d6L,0x38d30c93a3bb5b66L,0x07774ac3c12fb741L,
-        0x7d4ae5a55f4425beL,0xb9848a2afa704922L,0xed9ab68c4cd00812L } },
-    /* 20 << 189 */
-    { { 0xde9703b461d9e770L,0x02d4091def4653efL,0xefd229aa576eb5e1L,
-        0xc0b0b243f77eb987L,0xb11309b2eefe8f71L,0xfeeacf2f68478044L },
-      { 0x8dfd8e8643ac3dd7L,0xc0a24181b07f95c3L,0x551ca09624be161cL,
-        0x6cb2c1d4b098cdc3L,0xbfc74e9be74f84f8L,0xe58e14d9067e3388L } },
-    /* 21 << 189 */
-    { { 0xda121aae0ef98506L,0x435f28c6328e636eL,0x64b2170a720d40a3L,
-        0x3ddb0e61cd24a844L,0x111442478797c7adL,0x624e7f73d589dd37L },
-      { 0x3e7e0ed0a8efdd25L,0x8de031f116509a5aL,0x1330cff5873488c2L,
-        0xa80c60b3342ecf75L,0x9d3742c8e62550ceL,0x8ec9b229e46475f9L } },
-    /* 22 << 189 */
-    { { 0x9eca6f94f025baa6L,0xb2db0741bcf9c741L,0xf8e2aab590bb8f56L,
-        0x4772903208762829L,0x067a0c5ae2a266c8L,0x22b104c771b7d7d0L },
-      { 0x4a48cd6953e406dbL,0xb85e44d524f0070bL,0x6168262fe10133ffL,
-        0xdfc02315e4874e8fL,0x20dba2d7ca317e3bL,0x441c56d2e1d2c0c3L } },
-    /* 23 << 189 */
-    { { 0x9ebd10d6c444a2fcL,0xda7683e3f18ac11aL,0xdd42ed990fe8e59fL,
-        0x9c867debee068909L,0x32df043fccc77aa3L,0x377423ce4aaa45acL },
-      { 0x960940524a90c535L,0x48bfe83347d1799cL,0xe8cd1a55ccabd174L,
-        0x2ee0a276682145c3L,0x4249297e8d606c00L,0x22021ce2fd7af6d3L } },
-    /* 24 << 189 */
-    { { 0xae10069e808dc4b1L,0x64df30e18fb3ba73L,0xbbe4caf27ebaad0bL,
-        0x5907bf373dd6119cL,0x0a723dff9dfceefeL,0x59bff4ddf7cffc7eL },
-      { 0x7bc95fa26a6f43c2L,0x9001d1d53ca0e2b3L,0x316a7ecd27b3335bL,
-        0xbf08e6727b8d7d49L,0x4b209f93c619058fL,0x4c0ca01e59d8f9eaL } },
-    /* 25 << 189 */
-    { { 0x3c1e7f45bad772b1L,0x20f6f1732544af67L,0x14f491f9a7d6544dL,
-        0x1451cc8e6acea162L,0x20c8ffa5d234ab89L,0x4b59bce1f5cd1002L },
-      { 0x99da4c0ee63027acL,0x6290cb963fc1f75eL,0x3a51774524c4d85cL,
-        0x3bf9929c1fd144e7L,0x9bcb97467068294bL,0xcb0b3e5d2e61a022L } },
-    /* 26 << 189 */
-    { { 0x18c452c4cae69c3bL,0xf45690acef0f00faL,0x3b363aa04f66a5ccL,
-        0x9dd41c0a47718c52L,0xfa219d7e7e5cd370L,0x5d384db7b2196dfbL },
-      { 0x5e14749b90b4d46bL,0x55796656d9db9481L,0x3bf13d0ac8cf353eL,
-        0xb89a28a6a95c485aL,0x568fa3d05da29783L,0x4aa008eed182b1a4L } },
-    /* 27 << 189 */
-    { { 0x4f38667a179639e1L,0xca492d50ba7c7a16L,0x191e4a3478fe9dcdL,
-        0xa3cddb2f03fc70b8L,0x57d90a90a751ec9fL,0xcf88357457a50cd6L },
-      { 0x69abd86d7cc58687L,0xc73a00408466bc6cL,0xfbb99c755c495208L,
-        0xdd5f1ab9c13347b8L,0x9ae6fb92060b93efL,0xd6bb56a3588e5369L } },
-    /* 28 << 189 */
-    { { 0xf7e1ed3bb09fa8f3L,0xbb4fe6f71da5be9eL,0xcbab0e01f4d1ba21L,
-        0xb732741076a5f326L,0xd94d2349206092afL,0x739f3cd0728e0e4dL },
-      { 0x568644aaf81fd823L,0x510cff6b6110e2f6L,0xef4cf1ac566c3598L,
-        0x2c26f17162aae69bL,0x1e4360468964a2a5L,0x83c0bbf63e472c50L } },
-    /* 29 << 189 */
-    { { 0xc198c07064b2955aL,0xc32d41e1d8d43284L,0xfb6f0e2c9f4fc13eL,
-        0xf4d5b60b41c61889L,0x5c79f500beb36946L,0x328b22408ca4beabL },
-      { 0x64058e916697617eL,0x6bdf7409f43f7390L,0xf2afd208f5bd8512L,
-        0xc0000aa0bd1ad6d6L,0x38b8e03bd9f6c1c2L,0x0a34680d665a2d06L } },
-    /* 30 << 189 */
-    { { 0x79c04804aabd965aL,0x9581aab443d0b660L,0x59bff0035ba71d23L,
-        0x212ecd58b6a0cd80L,0x29bdcd33bf1ea5d6L,0x59fd2ff477a002e1L },
-      { 0x3c9d21308d9cd247L,0x790e9dbcb1786da3L,0x967ee5e714464d04L,
-        0xd6f7ebbd2b5373afL,0x1c0b22d539768d40L,0xdfb54983913f6cc3L } },
-    /* 31 << 189 */
-    { { 0x5c9808b78a42e002L,0x5cdb2b070f732854L,0xdc92b1676d6d4579L,
-        0x789dbb8ebcc22c54L,0xd76b2d40716eb28fL,0x5cbaadea004affd8L },
-      { 0x5d4d84dd08fcfe12L,0xd0f1d7ee20d4b893L,0xc98d77dfbbb90db6L,
-        0xbce9a5a2b1e29a22L,0x71a6835d0b54e100L,0x0199594a55b1ac68L } },
-    /* 32 << 189 */
-    { { 0x167ec88a51b3f1ceL,0x19756ee0420024c8L,0x10f2e2443877e634L,
-        0x6321bf2603462cb3L,0x1dbd10ee9d3afceeL,0x0726f5f22ca17dcdL },
-      { 0x094652660bacf018L,0xc92a9f2de1feb969L,0x0043b0f95e1c5912L,
-        0xa09b94d1757d3a63L,0x533956529fdef1e0L,0x9826886cd4fedd41L } },
-    /* 33 << 189 */
-    { { 0xd22bcbee51964ceeL,0x3ed80af3b0eea46eL,0x263cfa026b854aafL,
-        0xfa4ad481b9ca3b51L,0xf8c569a0b4451297L,0xeafb78f8f48059a3L },
-      { 0x86a9e3c037093acbL,0xcfb3bb63275ef52eL,0xc4672d3c7c924f03L,
-        0xa87350871691be3bL,0xf124f3a52be289b7L,0xf45052dc6b80b6c1L } },
-    /* 34 << 189 */
-    { { 0x79c99f99a010db6dL,0xe83088a74ee93fc2L,0x76e8376d836b1a7dL,
-        0x8cab091c4e24e127L,0x5c98a00f7283cd21L,0x1beaf4a084997647L },
-      { 0x2cfb55b8d934088dL,0xca24052cee724d5fL,0x5d6e9db5bba84289L,
-        0x133414b26fb26d72L,0x3e844eb9cb12a503L,0x5eac12dab53d6496L } },
-    /* 35 << 189 */
-    { { 0x79a098812cc6698bL,0x6d44e7577f383e02L,0x1969f93785b5f732L,
-        0x3061f62792acecccL,0xa9428d60cc2a4752L,0x69a472af2cf58626L },
-      { 0x63fde53cabd347d7L,0x138b5b6a1aed4fd3L,0xd93fce1f2bd48519L,
-        0x957fe302e49cc436L,0x9b51657a2e21ad5fL,0x3b5c4cb6acbd3af6L } },
-    /* 36 << 189 */
-    { { 0xdcfa78b096dda000L,0x5b60dfe5be2303bdL,0x7a6bbd34c7c6ad6fL,
-        0xd45c9cb57012b97dL,0x9a049e36812e1662L,0x723bc0b66a5483aeL },
-      { 0x7fc03b6ad1c82e81L,0x02ddd6d2b23f6818L,0xe8914b2d30dae39aL,
-        0xf4f0ae392f692056L,0x198a31bd45f1390eL,0x917ce4f4f542565eL } },
-    /* 37 << 189 */
-    { { 0xde39a4e6ca447864L,0x95a028f9f0b131ccL,0xba77ac314a39c4f7L,
-        0x0c24d09614857939L,0xdeea56edfbfaa0fbL,0x79aa342f4c920bf1L },
-      { 0x50228f48c7e9dc62L,0x0fd9d1dee0f0fba3L,0x3fc03993cd703f6bL,
-        0x229a3bf4c5ff39fcL,0xa7456aa484f9cb20L,0xb01bb5a7d12fd7d9L } },
-    /* 38 << 189 */
-    { { 0xfb390be4539519d7L,0xbaa98a2a6ad44d22L,0xafd19a75ef89de1fL,
-        0x1afaef2971e27781L,0x18b297d79887739fL,0x8fcff6048e6da42eL },
-      { 0x17bfc1717e861a36L,0x1467800537a8843bL,0x2bc47afdeb16065dL,
-        0xcc038e2fbab7b4fdL,0x9d8fc42a3eb9be7cL,0xfc2f0b295928da63L } },
-    /* 39 << 189 */
-    { { 0xa4e33ca261c14fbdL,0xebafe73fc0a87f99L,0x22fdf1d1f5abf7f4L,
-        0xfc1da26549a6b956L,0xfd8c48e5be25dd72L,0x9fd6520ad31a25aaL },
-      { 0xe0167d4ffd14dbbaL,0x8838d2ba7370153cL,0xe5f7d69b133fdda1L,
-        0x31acbf8de1749b60L,0xc14ec9e2107558dbL,0xb06d0252b99553acL } },
-    /* 40 << 189 */
-    { { 0x34590975ed424438L,0x7c03ce744d11a200L,0xcc939a286ec406eeL,
-        0x8d214276fee5454dL,0x66a0e1a56b257f70L,0x93761a8a006fb85eL },
-      { 0xc44f9df2aa70b65aL,0x1dac524f91d9e2e8L,0x5894a8224fca1a81L,
-        0x8586e418f3ed85bfL,0xd494dfb202899b5bL,0x7ea9f222ecb8e371L } },
-    /* 41 << 189 */
-    { { 0xd93ee716b0958516L,0xa91f39db3eb86888L,0xb472c1e2ac92105eL,
-        0x4d88a307429ca094L,0xd3fd88027a8e87e1L,0x40c4cd50126a2cf2L },
-      { 0x046ce3bf11cf2046L,0x412678ee05691999L,0xea0c78168d3a2921L,
-        0xd24ae89924f3c66eL,0x2c4457f00bd144e9L,0x82005b4fd7a52270L } },
-    /* 42 << 189 */
-    { { 0xf1b3ec32924340e0L,0xe5430ea3b33a05abL,0xbf43b031807629b7L,
-        0x53c9407d57014039L,0x6e67b52f2f195ce2L,0xc8cc645f1e48d8c1L },
-      { 0xf2234275c08f2122L,0x9cfe3c74c2f233e0L,0x235e6b349c4e0af9L,
-        0xb4e8ef5770de39d8L,0xba573a727f73d0a9L,0xe12c506a18587ed2L } },
-    /* 43 << 189 */
-    { { 0x6b9669c59cf3e4f6L,0xa472d5dbff677559L,0xde845b0c877e5590L,
-        0x9f7ef5802d0e2350L,0x87ea99d4e78c1096L,0x213243e9abb68028L },
-      { 0x0172c81595e71abaL,0xc2592a762ca34c65L,0x50749aee9dc286dcL,
-        0xe37d10884055de3eL,0x3e5a93bb90d652baL,0x0cbb7a08c32aa3e6L } },
-    /* 44 << 189 */
-    { { 0xe0bf3d8a026c43cfL,0x091956cfeb702508L,0xfcd486c9a6b3203aL,
-        0x94a6d52f365460ceL,0xefeb5400563bec77L,0xbe6baa9619b2659cL },
-      { 0x116f71c34bf21a00L,0x83d1c99a86d21871L,0xff1ba96aca0bd547L,
-        0x5eb0acf741b94afbL,0x1be5d66fb1aaad14L,0xb8ececc5e6cd6d4fL } },
-    /* 45 << 189 */
-    { { 0x65f6e29dec7d4de8L,0x082fa0560e938c79L,0x4cda3fc925a02f04L,
-        0x77dbcf0d3bac5cadL,0x625f9bd859145bdbL,0x98b7fd64553a11f3L },
-      { 0x621bfbe387dd8a45L,0x6519421d1c35176bL,0x89eabac6d5ead4c7L,
-        0x45c68bfe54acfbd5L,0x87cd244a84f30b68L,0x83b5f6b27b39275cL } },
-    /* 46 << 189 */
-    { { 0xd43b1d3c0ed0ade8L,0xd60b1ae7640e7d37L,0x965489e6f88e06e5L,
-        0x35398ac89653417dL,0xed1e89ac02cfcfc5L,0xd127f68dbb6f2bfeL },
-      { 0xa569c59fe22bb079L,0x7933f14e4ca8e9deL,0x68b4964a30033c3eL,
-        0xab438cf88f069045L,0xa64f3a1516163059L,0xf40499c14576fe42L } },
-    /* 47 << 189 */
-    { { 0x361c28da052567f7L,0x8a2c6aafe0db84b6L,0xa79eb10cabbc87d3L,
-        0xeaf7bfff4141b3acL,0x90bba4a953aacaf8L,0xda577661c35f9564L },
-      { 0xb2550d0dd4487a5fL,0x69d43c5199638269L,0x6d16973f7a1f8ac6L,
-        0x3dfb2253c71e4a4aL,0xafd836aefa36168cL,0xba72fd1faae6dacdL } },
-    /* 48 << 189 */
-    { { 0x690c0cfeb449d1e2L,0x4a5e150b1b8e1577L,0x22508042204d98a6L,
-        0xc87a97f5bad2eb08L,0xd307c59ed25823eeL,0x6ed083580df8b3f6L },
-      { 0x280ae344314e7016L,0x6a55be876ef4e889L,0xea930e5a24d04e38L,
-        0x0269d9a7309830fcL,0x41dc8f0ae4afeebcL,0xfd1bc660f14ee02dL } },
-    /* 49 << 189 */
-    { { 0xf81cc943631da366L,0x2e821eb85ab1a2caL,0x339e9e4765433883L,
-        0x3dc14370e1f60c71L,0xbd6c79bebc25b506L,0x2bd3ad51a8a639f0L },
-      { 0x7c168f13c700a293L,0x64fef4fc28b4ce88L,0x3ccdc3080c329c6aL,
-        0xbfd78932b76a9452L,0xf0c123fbc684f4b5L,0x8bfad06432305ed6L } },
-    /* 50 << 189 */
-    { { 0x208a668feea1a9ddL,0x8af75caeab903f09L,0x356208b449265292L,
-        0x57b24ebe53faced4L,0x9c8aaa7303694920L,0x1c06ef5ad2f90179L },
-      { 0x794ead99df92de87L,0xad900c4e7a73fe9aL,0xdb66b9ae715d9f66L,
-        0xd19dc46db1bc2950L,0xb0a5af5c24c82c0aL,0x7d83f950371d0ec7L } },
-    /* 51 << 189 */
-    { { 0x716071e3abd37656L,0xaa22858be6cab564L,0x6793a66f5aec00ccL,
-        0xe2ea5401e025da6dL,0x3998ea5d2eb0059cL,0x4ff6f442e39abb77L },
-      { 0x703eabdabdb6e0f9L,0xa33e6deb38522433L,0xe23c13f6ca83c2acL,
-        0xcfb8e57c0cac836fL,0xd0f84bde7692714cL,0xb4fc3b01f3f41d29L } },
-    /* 52 << 189 */
-    { { 0x67842ab4d8f358a5L,0x70cab57540e2fb69L,0xdebc3046e5c458e4L,
-        0xc3574cf47eb004d5L,0xbac261a1c86f20f9L,0xc1bcb661deccf7fcL },
-      { 0x5b3b96dec5574e9dL,0x07b878b3e151fb0fL,0x2f2d126cd38bd5f2L,
-        0x06c951e8319597c9L,0x5529be4424ed0027L,0x82dcacc2ba8d7acbL } },
-    /* 53 << 189 */
-    { { 0xc37eef0149311e82L,0x3d07aaad401d010cL,0x934e039e53417831L,
-        0x70775653da895ec3L,0x206b80af625cbe49L,0x9e2a4ee1e53ccb36L },
-      { 0xebeace45c8ca6ff7L,0xadb19bd9925302deL,0x951bfcc497dee154L,
-        0xd09882da79b60e1fL,0xb1e9cf0cda5f2516L,0xc2b697295e4def97L } },
-    /* 54 << 189 */
-    { { 0x74ce542d04f860e6L,0xdc8adf8fa3c48075L,0xe19852232063f76fL,
-        0xf651c9fd5cd9ff61L,0xd4cbea69bab39ea0L,0xb6d4749b28fe3443L },
-      { 0xaa7747ec65e960ebL,0x1a1b7b65e132a213L,0xfa52901f402a50d4L,
-        0x3e4d2da68d43700fL,0xbfc7322937d45181L,0x68a812f9008bb845L } },
-    /* 55 << 189 */
-    { { 0x226d4d233e4cbf5dL,0x36359f52576243e8L,0x032af38a39a1999eL,
-        0x9b59120a687eb228L,0x85c56b78e68e1498L,0xa7a14bd4849d03d1L },
-      { 0x9e7177b345c4c3f1L,0xad7e4975183bd846L,0x42418d9a42f69dc2L,
-        0x218e8f8e4f52cac6L,0xafafa7649f1f3214L,0x32f6f72b747f7592L } },
-    /* 56 << 189 */
-    { { 0xefca7f7ba6c53c1bL,0xcb4bb33c524457a0L,0xc9eab87fe57d08dfL,
-        0x48c01c2a7d9a1967L,0x11c97ed97dc27492L,0xd8c644861cf1f639L },
-      { 0x541f8c0d8156576cL,0xdf5c8dff2384e299L,0x9806935ba6be190dL,
-        0xec6c5de764494b4eL,0xf04e2d4cb83c00b6L,0x379af438c0b84f15L } },
-    /* 57 << 189 */
-    { { 0x64e6289d92bbc1f8L,0xe88b78c5a0620121L,0xd01bac79a0fbc373L,
-        0xa2e7986af098f07cL,0xfcac4dbcc5911218L,0x2e2bf56db337ed26L },
-      { 0x878d9819e89a73c6L,0xa7df4f5768df46d2L,0x74bf7e2f4b3c9568L,
-        0x2f2b187aebcce535L,0x544f18139a4c2be3L,0x3a5fe300a5938f0eL } },
-    /* 58 << 189 */
-    { { 0x901a14cd70aa91aaL,0xf0b6e1ec7f0b0a70L,0x6fd1ee0156a8bf9cL,
-        0xe7e53c6693fbdadbL,0x18ebae68e17de706L,0xf4107457ebecf636L },
-      { 0x77a85ea4a9f6c696L,0x3ea193e17dd9e3adL,0x9497e0a9f151c8abL,
-        0xcc9237497a1dbf14L,0x2e36740e8f9be59fL,0x1b1c7d7c4a249e51L } },
-    /* 59 << 189 */
-    { { 0x7a45af2242cdcc53L,0x3061d91b8682832dL,0x85e080f6c375030fL,
-        0x3ea6dcd1418440c7L,0xe0559870d14b6537L,0x36619215d178b45eL },
-      { 0x48a4b452dcb85a34L,0x79cf4529bd5504bdL,0x506215e9e9c34c8eL,
-        0x961f74b6dbd00e2fL,0x473d1397cbc84ddbL,0x6c64f870a8d67cb5L } },
-    /* 60 << 189 */
-    { { 0x519a6edb91a9b99eL,0xc0ea29e0f19221eeL,0xde83e0f77dc193b2L,
-        0xa7b33b6044be16f6L,0x7edcb49406c8e8d7L,0x9f9dbb86392c0ef6L },
-      { 0x09aefe035726bd5eL,0x782d8350c4e80b7cL,0x14e41a49186b80e9L,
-        0x9af13703499ef97fL,0x5752877f2cbcc336L,0xdd0f8583d2df624dL } },
-    /* 61 << 189 */
-    { { 0x1cd2be3f32f6b0a4L,0xfd5da4a90114bca5L,0xc322a6a198a39a66L,
-        0xca411eeb10d64384L,0x7c5d3ed0c72d8b6eL,0xf20c76697481309fL },
-      { 0xaa4e45dca155872dL,0x66e41d54b87c1e51L,0xbe2fe5e6a6bfe6b6L,
-        0xf60ca33a08a4d3e7L,0x45c1ec8c7211b48cL,0xdf44d3b573b78f7bL } },
-    /* 62 << 189 */
-    { { 0x21eda67429a1e6acL,0x33118990422ce5aaL,0x236aa9ec27326810L,
-        0xc42dff9e3be7b318L,0xbe4601281690755fL,0xa395509d8c1c60c6L },
-      { 0xa36de79d05b991d2L,0x55f516a3632882d4L,0x4c8c5a4296d1d493L,
-        0x56199648533cda6dL,0xf9c6897a603bbfeeL,0xae835160f9857cc4L } },
-    /* 63 << 189 */
-    { { 0x700bad58d6aa9618L,0x2ad7069c05d54c73L,0x7f3ff5992f6a8495L,
-        0x39de751ee26e6720L,0x39126d97d4cecf54L,0x353e00e21523aca4L },
-      { 0xee905af017a33178L,0xa30173d31daf2642L,0x24cbbcc728f9169dL,
-        0x4e65bb13a7039e69L,0x004a11859121e44eL,0xd4efa5b91c1e60beL } },
-    /* 64 << 189 */
-    { { 0x2e75a26eec65b53eL,0xfeb630b270552fb3L,0x53dfd057ee7d8e4aL,
-        0xb959110d8994f449L,0xb4a16596bb538367L,0xa70917bdef82f29cL },
-      { 0x5a76430043bba6aeL,0xee207476cfbc194aL,0xc7eab23803a4184bL,
-        0x60c67ef20f7fcd62L,0x41e05799dfa8a0c6L,0x5d7d05e604d352b0L } },
-    /* 0 << 196 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 196 */
-    { { 0xc97c01eb436b59f5L,0x1d15aca7ef1848abL,0xdba1ce807fa7d3c2L,
-        0x69e6f96e81060874L,0x6e3e0df74d7eeeadL,0x8a3b5e85b0c87f3dL },
-      { 0xc55ae3dbc8a23914L,0x5cdc2a92bf6d27d9L,0xa6008c591de7860aL,
-        0x8202f8b66e546731L,0x652f2d07aa1e45d4L,0x146f214f6df5415aL } },
-    /* 2 << 196 */
-    { { 0x041c706cce5fb4d9L,0xddc78cb3b22a79a7L,0x7dc4cd27839e9d5aL,
-        0xdfc9db83bf3c4c06L,0x85b8094138b7bd22L,0x1007dea2d0f4c2daL },
-      { 0xd7b34006c633fba0L,0xa8880acf4476e55fL,0xa340b2c275236685L,
-        0x5ddd05510113a85fL,0x7dfc7ab29cb32704L,0x9a334a33dabf22ffL } },
-    /* 3 << 196 */
-    { { 0x2fbce9bed7d1146bL,0xcec9e5d8b3980bd2L,0x48ea45939f4cbaf0L,
-        0x56c540092574a3bdL,0x84a39630e792c39aL,0xe5c690f8eef81343L },
-      { 0xf996760f17655bc9L,0x6009c2156c0c191cL,0xa0ca12e6966d7027L,
-        0x92a6d5d52e6f7c63L,0x46809d269bd13eadL,0x3c11fa7967aac681L } },
-    /* 4 << 196 */
-    { { 0x3fc9b3cfabe2cc87L,0xfd8d64e3514e77feL,0x2003a58afe1ad535L,
-        0xcec4be38cb39149fL,0x4d578c99bdedf470L,0xcd35d7a33a356519L },
-      { 0x7a762f278b078d6bL,0x3b6891ed31ae2701L,0xdc0e817f270c508eL,
-        0x5a7be2049fdb29c8L,0xfa1a0be3cb2711d3L,0x5865f55f3786a0c2L } },
-    /* 5 << 196 */
-    { { 0x1d0af6b52f641cffL,0xa932adeb3648c4a0L,0x67641951b1ea8fc4L,
-        0xc0b90064b1fae482L,0x7012642f6623477bL,0x1cddc0245bf019ceL },
-      { 0xca1f4675c2c32737L,0x11525a5e97d6b18cL,0x9c034ef2d3868de9L,
-        0x0533d921044e0c18L,0xba6cf14ecb5e38c3L,0x438309f3509d7053L } },
-    /* 6 << 196 */
-    { { 0xe164268ec4ff9f0bL,0x6c8e9349e6c36e63L,0x734f979478ab17f3L,
-        0x46d468de0179ed0eL,0x7e68f006dfa26867L,0xe4d4a85de3d0485dL },
-      { 0x0913a1d7f84c0f8fL,0x4095c8c025a9c9cdL,0xeeb1a79e49eadd08L,
-        0x433f5e417dd8f954L,0x70a6281430bb26d0L,0xad94d8f6ff5e8e29L } },
-    /* 7 << 196 */
-    { { 0x6a352b579e32c0a4L,0x5274a08277ec7a40L,0xee1f7c7a240e6dc5L,
-        0x85d5be62d313b4a9L,0x1522c5d25c01a405L,0xcfa08aab960afd5aL },
-      { 0xa3cb77f38e8a93dcL,0xaacb16766d1c98c7L,0x84090c7d3b93fa9dL,
-        0xc77f1ee13c0383adL,0x461c93b776f7a220L,0x66d63a1d04ac0bfcL } },
-    /* 8 << 196 */
-    { { 0x3c7d6b644751207fL,0x65e1f96ae440c1a2L,0x8ed15d20aa0eaa1eL,
-        0xe944ad2fc0eab490L,0x71525aa1f6d9f260L,0x5cd14c8816146ba3L },
-      { 0xf940190814a41275L,0x3bb7ea742288618dL,0x6a4e1c37cab1060aL,
-        0x357fe4d0c8cac96fL,0x97a8b8ab6a2466ecL,0xb6e83fdb9c01be70L } },
-    /* 9 << 196 */
-    { { 0xa55a7142cb09a69cL,0x0a39fa12896a9c24L,0xa7131a001f6c9c82L,
-        0xdacbfae97509c912L,0x3793d4ef4232eb57L,0xb63d9fc0da02ac15L },
-      { 0xf1ce48a09ab37492L,0xa388dbb5cf9ddedbL,0x7224ef47fd7b2aa4L,
-        0xdfe18be82fd35ae0L,0x2286ae7b90a2e98dL,0xd06cfd71e0d3c2daL } },
-    /* 10 << 196 */
-    { { 0x7825df5c948663a4L,0xc8c093adeb4ec9ddL,0x677c51ebc1505989L,
-        0x8c28421524041f43L,0x0f63f15ac9ef610bL,0xcb98841d257678c5L },
-      { 0xc0560066c52c64acL,0xaf7417db954180e4L,0x935c08876fe1f0e7L,
-        0x8fe556ba46d03a88L,0xec44271484a0c4a7L,0x431f8e8395be9544L } },
-    /* 11 << 196 */
-    { { 0xc1fc18cb3101ce6cL,0xff753902048e52fcL,0x768299554e58e21eL,
-        0xac990acc32856d44L,0xaac4d5dc9f8a9da8L,0xca1740fdd4be9e8aL },
-      { 0x59250846892d8bdaL,0x45f45cad19c97c71L,0xf29e2724e6ba5c87L,
-        0xe441134473f6a778L,0x9f4f9027a0f278faL,0x11bb7ce02bdcef71L } },
-    /* 12 << 196 */
-    { { 0x0cc553bb9b3fd7ceL,0x2e0ff43ce103b562L,0x96c01f0328222a3fL,
-        0x7dcc5593c10171c0L,0xc677366a4b3e5858L,0x872d4396bde4eebdL },
-      { 0x5d0c5f3a7f83c0b6L,0xbf4274dcf7ba33d9L,0x1df6e4811a635f83L,
-        0x24e2e8347d807292L,0x792203a8eee1e676L,0x20475f907ef4e8a4L } },
-    /* 13 << 196 */
-    { { 0x1b4db0579e37cd0dL,0x61b95bc9ebccdf79L,0x7d98d8537a57d7adL,
-        0x58a3d639709b0194L,0x45fbd4417ce5bc31L,0x7684b71b5b3c856aL },
-      { 0xb311f8f85bb6bd1aL,0xaeb8e44711eda59bL,0x1ad5b35fbf269cffL,
-        0xc69651b4a0e2a640L,0x3713803bd83ad8b2L,0x613ca3af0e4b353cL } },
-    /* 14 << 196 */
-    { { 0x3ac59b1fff8cf495L,0x3f3726866b04c4dcL,0x2cdddf90da325f0cL,
-        0x3ae79666444cabe5L,0x8222f6d6c7484b1fL,0x61fb08929ae328b9L },
-      { 0x279aae392c575c0eL,0xac694019948508bfL,0x4931cc55b84056f1L,
-        0x75927a688b50ad1dL,0x47ba72e945584371L,0xbea7e62ea79fe5e5L } },
-    /* 15 << 196 */
-    { { 0x990a6767faddc25dL,0xcd7650eb114eaf17L,0xf9d1d6409a44cda3L,
-        0x70996b6871fb091aL,0x630ae9754ff80816L,0x59a9dc2f987b20e7L },
-      { 0x9a39588ef65fbbc7L,0x71f4c8e598e7c78cL,0xad2f5a0138cd40acL,
-        0x3c68fe575a837332L,0x7af44087155e6b4aL,0xd66f4cf8e99e31f2L } },
-    /* 16 << 196 */
-    { { 0x5b0b5d692a7aecedL,0x4c03450c01dc545fL,0x72ad0a4a404a3458L,
-        0x1de8e2559f467b60L,0xa4b3570590634809L,0x76f30205706f0178L },
-      { 0x588d21ab4454f0e5L,0xd22df54964134928L,0xf4e7e73d241bcd90L,
-        0xb8d8a1d22facc7ccL,0x483c35a71d25d2a0L,0x7f8d25451ef9f608L } },
-    /* 17 << 196 */
-    { { 0x81e304c903b37e31L,0x21781e57925a6491L,0x4ecbad144b9250d9L,
-        0xb395914345cae8feL,0xb894a39dbf775d4fL,0x8a2c1090d307e272L },
-      { 0x49dfcee9408bf3cdL,0x08f0f33195b573dfL,0x23eb8a0b214bcd3bL,
-        0x425e1cde7ccc4d82L,0x53f64095ac113d2bL,0x377a6cb3d88e0761L } },
-    /* 18 << 196 */
-    { { 0x9cd08431d360ae16L,0xbf5a73d211281e82L,0xfe25aadfcc34ff33L,
-        0x8874984b84e3af16L,0x8dd38b596a65a2a7L,0x6c91112c68a26926L },
-      { 0xb765168637554f46L,0x79558f04c78bf29bL,0x8bb14b1f03012b9dL,
-        0xed7d03f9a0886ba3L,0x9a436ec3c2a93baaL,0x601babb740db0c78L } },
-    /* 19 << 196 */
-    { { 0xa7395eef391821d0L,0xb299378fc8b7b1e2L,0x53a37e3b7f3a58d4L,
-        0x7d06fa4e3188c5adL,0xe65a94c063dd7462L,0x4daf74f39cfde2b0L },
-      { 0x98f986b4fbe7198dL,0x8e96b1ee88176bffL,0x5f309f64eb91641eL,
-        0x46bfe3352ffdca19L,0x1ea1bbe7ac8fbc08L,0xde8ca618b00f88eeL } },
-    /* 20 << 196 */
-    { { 0x0757ee852005631fL,0x60f484ea9d70cc3bL,0xaf131d246b011041L,
-        0xe40711a1062e2e17L,0x05ccf1b94c27e2c2L,0x29e9910e43d43758L },
-      { 0x54daa550ed000e45L,0xf00a312295d3674cL,0xdb006fe743ec424eL,
-        0xbddf5473536162d2L,0x7b8a24b579d433bdL,0x3127a46f282297d3L } },
-    /* 21 << 196 */
-    { { 0xcd964573cd0585a7L,0x9c2fd35605b684aeL,0x7f600f4de4a47ec5L,
-        0xcb4bcdf085fdd4feL,0x5b292292b4dcf5d1L,0x923c4331df33a2b8L },
-      { 0x0fe13edfd6c1e73aL,0x0b35adc6c370821bL,0xa70061b08d405282L,
-        0x98efb3fc6457af81L,0x8806ee7136e1041dL,0x8b56657faaaf0731L } },
-    /* 22 << 196 */
-    { { 0xe68b669189cb38d1L,0x250f59233456ed5dL,0x8928f1fe16188290L,
-        0x8b24b1f734a837d4L,0x268c8c57d945d0b1L,0xa4190ceae002b3abL },
-      { 0x4596e76e56dd74b1L,0x647c17871c307789L,0x0b945c7243b13a6cL,
-        0x4904669552a58ee2L,0x7547a6b46e25b7e4L,0x8bc26f49e2b1b140L } },
-    /* 23 << 196 */
-    { { 0x95b3f4e75196d614L,0xc075bcfd5ea18aadL,0x15dc9dd41ae71f42L,
-        0x75a769f289543f86L,0x06032d9ec392b4c4L,0xd6cc5c717d4df83bL },
-      { 0x111fc63427ad6680L,0x770dfe7f781bda48L,0xabacb082fc0afb5cL,
-        0xe3a463e771dca197L,0x390f21a89635b275L,0x3d3474b24ae094a6L } },
-    /* 24 << 196 */
-    { { 0x48f5588853666241L,0xb9fee3d39e6a068dL,0x8c50e3af0275e82dL,
-        0xd490cf2dcab34005L,0x20b11f86bf0584c8L,0xd49714c18179e559L },
-      { 0x89647b178ded6686L,0x6c4bac8cf16c93d4L,0x5401e4f8076ff71bL,
-        0x577e73acb1ef9b0cL,0xa1b87e0ea46e7880L,0xab8d8bbb54fd28a7L } },
-    /* 25 << 196 */
-    { { 0x220161f0741396fcL,0xae14ce5817da16ecL,0x766e415bb828b19aL,
-        0x1b3b239e610c7aabL,0xf1c7df4992d53419L,0x57e4cee59442c6cbL },
-      { 0x546f73b5f85d33d3L,0x195116c74e041703L,0x5a71a96a5d668df5L,
-        0x0adb7b16fe56c658L,0xf6be923deb563532L,0xa65ed113f2d45f4dL } },
-    /* 26 << 196 */
-    { { 0x8c6742e5bccd3be6L,0x5f0f7fdd378de702L,0x41236fec334aabb8L,
-        0x4b15815b7e9d8aa9L,0xbb816e46e1c235bbL,0x8591cc45176c2fe0L },
-      { 0xef00e3981d7104b1L,0x761d2c244012398bL,0xe4984f4ae81af247L,
-        0xf923bb80c144dc64L,0xd51f27dd83988de3L,0x0ad5438d995dbbddL } },
-    /* 27 << 196 */
-    { { 0x0532790bd148314dL,0xb4862d9d5b6b4ad1L,0xab65bfc45beb3ac6L,
-        0x72eac92d99331822L,0x2e09a69a6127632cL,0xaa1eaf0791ef9141L },
-      { 0x79b923fe754ff12aL,0x19395a97f9a467ffL,0x7dcc91d49ef5cc4eL,
-        0xb9019ff198a84090L,0x62616ed6d5bfd083L,0x95cbf9442b328615L } },
-    /* 28 << 196 */
-    { { 0x22ef6f606374afbeL,0x70e19fad26348f5cL,0x8bcd51a845f98ac6L,
-        0xeeef7f7026b7ba04L,0x33aa0644544edcb9L,0x22d89a1244974c71L },
-      { 0xecd08f5d0f8d90a5L,0x495a0403cf03513bL,0xe924feea27953ba9L,
-        0xdfbe1f93eb5e7975L,0xd3c105a1285865dfL,0x87b8b6360886fc87L } },
-    /* 29 << 196 */
-    { { 0xc2da6d7a219d44f8L,0xe66364c555a9d970L,0xfb0936258611738aL,
-        0x916fbfa844f7f35dL,0x7a4e0451774b1e2bL,0x7adaab9e80375e65L },
-      { 0x2272b95c8ffdfda9L,0x41644b619ad42b25L,0x157026817f0c98fdL,
-        0x25d4a00fffba1d85L,0x52e684c6c6c5545aL,0xba85bf2adabb7df5L } },
-    /* 30 << 196 */
-    { { 0x89a5b69dd282b12fL,0x63864e7ba7d28277L,0x36ac74d08c21f920L,
-        0x7cfd291713a2f8d3L,0x50b63122c2ef5022L,0x23d454328ed33339L },
-      { 0xf8696b2dc4880048L,0xb9605bd5792dcb6cL,0x4cdb5fc26fdeeb9bL,
-        0x58ee2837f1a7f35eL,0x8956359ae2985ccfL,0x0cc6c4ab2c94cb32L } },
-    /* 31 << 196 */
-    { { 0x2fcac7d161a8254aL,0xc396583a05389aceL,0xc6f069cc3872ee52L,
-        0x76f0e5b407180f5fL,0xc8b23b7a2dee0d6fL,0xc77b242613bf8fb2L },
-      { 0xa8c625e66d5ae411L,0xc0c40a75b0723adfL,0xdee0ba8f380d9c67L,
-        0x38b86a3b19920f24L,0xff2191b7d910e9cdL,0x8d01786734181894L } },
-    /* 32 << 196 */
-    { { 0xa704016022ec7eddL,0x19124972cc9c8ee8L,0x697f301f2ccb9417L,
-        0x3ee877646f00d8aaL,0x2b5afaf88138a017L,0xf152b14c832d7543L },
-      { 0x27c27ce2383052f9L,0x4746c5b5e1dae11bL,0x92dc5ac75b752008L,
-        0xcf382e01e84fe5f1L,0x90e034197d5929ceL,0xafee3abb15ca3ffaL } },
-    /* 33 << 196 */
-    { { 0x299e0c5507f0e3a7L,0x75dac5c46cdebb44L,0x340b5479183c7e42L,
-        0xfb1b03dd702672d4L,0x68f7222ec07cf89dL,0x67a471e422e7a8a4L },
-      { 0x79dd4627b9ada93aL,0x774c53771c8ecca5L,0x95191e1a59db2e65L,
-        0x3f6947f270abeeceL,0xb4934fe0885e4e00L,0xd082e49901728c2aL } },
-    /* 34 << 196 */
-    { { 0x86cd8083aaa82329L,0x74f0c5786e579dfcL,0xc2b68c4e3b436545L,
-        0x8e66c648469d4a81L,0x4c5b05c5bef62bb0L,0xe558ff020bb6f865L },
-      { 0x9f8ccb16f356a124L,0x1bb28d7c1279f8f4L,0x9b885f0ca8fc4e08L,
-        0x2ec4cf69859d90eeL,0x9bef3c4d86d3b9d1L,0x5a98ce73eaad8d53L } },
-    /* 35 << 196 */
-    { { 0x6c716b179711b5d2L,0x396a4a4cb386c1d0L,0x5845f6861c157c12L,
-        0xdcad516262c15d4eL,0xb6e0a6a02dadb218L,0xe4f6d5e5a342e785L },
-      { 0x1eeea548c78980e9L,0x363c31be00a32adaL,0x01481fb7e660b445L,
-        0xcbb61552999c1f5cL,0x20a73942f361d12aL,0x67fb89a11b8b4b3eL } },
-    /* 36 << 196 */
-    { { 0x1d57d639eb00e26fL,0xbeb198906985c10bL,0x38cd95a337b9b76aL,
-        0x3b1d12e30304c87dL,0xdf42dc6f4734e191L,0x1ed1d9e397841989L },
-      { 0xfb60e333859b577bL,0xfb026d16ed3db987L,0xa216b0e46f7855c8L,
-        0x9501bae3539ebdf6L,0xd95a4a32dc8a1f6fL,0x76cb0b6b45307deaL } },
-    /* 37 << 196 */
-    { { 0x5607ab62a844b579L,0x8d3ed3db94f67d9fL,0x95390de8a9929b04L,
-        0x4a6f6f7cc85397f3L,0xec5b73eff26eab04L,0x2543190b045699f9L },
-      { 0x9a4896138cdbb723L,0x0e081e5b7a1c638bL,0x20f292c6596a7b1dL,
-        0xa14d849794477dd3L,0xeeeca98064b0de1dL,0x75fdbae92c5135dcL } },
-    /* 38 << 196 */
-    { { 0x1202b5752b076f5bL,0x5ca1247edbd6c420L,0xb45ff9bfd8ccc5c6L,
-        0x680fcfb28e061baaL,0x5a6e6342122a4212L,0x0ad12abc312fea8aL },
-      { 0xd1dd8ae5665dc7b1L,0x30494dfdd9a22454L,0xc8aa9bc9da55ed09L,
-        0x6ec643031b74b119L,0xf54574716b604639L,0xe2a214e59f8d83ceL } },
-    /* 39 << 196 */
-    { { 0xca698de5f5c96e8aL,0x352c89a3fd941919L,0x0e3de0a909812f23L,
-        0xa74ba91667702fefL,0x6acfaa5a3863d479L,0x28d8932bb6bb15cbL },
-      { 0xc62155704ba9718dL,0xc67a3eafa1edd692L,0xc86eeedaab31aa74L,
-        0x2064ea632deb79c3L,0x813b84f51ff01adbL,0x994b9437458a1835L } },
-    /* 40 << 196 */
-    { { 0x1013c4f4fde3f7ccL,0xbad5415a838699b6L,0x2a8b4eac64cacc78L,
-        0x3d10f949bf75d233L,0x5a9f7782fc84e55eL,0x209a18345ea7b274L },
-      { 0xa66cb6d4f9e8d374L,0xf898d9479a20080eL,0xe7e4b91b1272df4cL,
-        0x5b8507cc5dd136bbL,0xbe4b5262372a8e05L,0xa0cb170c2aa4a47bL } },
-    /* 41 << 196 */
-    { { 0x469180a38378217fL,0xd960bdde85ef6d61L,0xcc4e737d6654aa84L,
-        0x28d440016ae51d69L,0xf13a0d9ac6187196L,0xe60851b392160f65L },
-      { 0x41d98cf61cac48d1L,0xf37f003d1b57f2cbL,0x4829c60bce272603L,
-        0x45991d4adcbdddc1L,0x17e591fe74601bf3L,0xf8a36b4fb3fe856cL } },
-    /* 42 << 196 */
-    { { 0x4410b773fe480323L,0x42ae32e3ea2f8b57L,0x6578a64b2886b9d9L,
-        0xafcfa5fe4241ec91L,0xa7fa5afc16b4ef24L,0x4a6594bbbc16b610L },
-      { 0xcb5845515e264fb6L,0x4b89955e2b9c3c70L,0x530426be21e11c1eL,
-        0xb707abe9c9dab34dL,0xb5aab0bf5931cd78L,0xab6a2585f0ccfcdaL } },
-    /* 43 << 196 */
-    { { 0xe75761f716afd216L,0x8ff1cea3b8a4f008L,0x04b8b65e69889d77L,
-        0x679bf7a586ad9fb5L,0xbe49be0b4c22b86bL,0xcc8905a16c026c1dL },
-      { 0x17464e7e59ec1983L,0x50cb62832a03afe0L,0x8dadaf456ce4df91L,
-        0x26cf59d1e0df6fddL,0x6ecc66119adaec45L,0x1be42e744ef67dacL } },
-    /* 44 << 196 */
-    { { 0xa01cb3bacb1957b9L,0x053693ccf50694c9L,0xf8a887ad527f3aedL,
-        0x2f1a80ece9bf06f0L,0x74baeaa57d0eec9fL,0xce8e8b9ab0641cabL },
-      { 0x91d1e84d128a1804L,0xbdcfcaec2d5fa43cL,0xfc5cff124106fa6dL,
-        0x2ae3ffab01588ac1L,0xe9dcc9b44c067052L,0xd8e3d74bafa7d4c3L } },
-    /* 45 << 196 */
-    { { 0x64a134296d7b277bL,0x487080d8e9a50637L,0x02e5fe901c6c061bL,
-        0x8fdaafc8ecabeb11L,0xb1e3960110720b13L,0xe7304bf77081f41eL },
-      { 0x78a10af8c26f5cf8L,0xf52cbc155c032c15L,0x95a3c4558c0c2091L,
-        0x1797b407abba6f79L,0x87c0cd05a96a3062L,0xdf75e2805f04a7e2L } },
-    /* 46 << 196 */
-    { { 0x47161e1f82779cd6L,0xa95afa08c8158458L,0x2cbefdbc40a80742L,
-        0xd86e0bfaca420c9fL,0x08f5f8c29c79427eL,0xe8f88361da4d0d9eL },
-      { 0x2195174d3eb78d14L,0x889b32c9ed6caecfL,0x1e679749c3c83ed3L,
-        0xc27a8c84eddf8a29L,0x4a21af3af8e09f40L,0xf4b9797f1eb3b9b3L } },
-    /* 47 << 196 */
-    { { 0x58c2405baa44f11dL,0x86ffaa37ac0f7257L,0x373623cc4070f6e3L,
-        0x142e62f9a36c73b3L,0x43bab2dd36a143fbL,0x4fbeb0b7aa50375cL },
-      { 0xf9cc2e7b1f862294L,0x95a9be3c0abdcaa8L,0x70f050225cda074eL,
-        0x152659db43e6bc89L,0x1790148727c6e01aL,0x544069354e083c21L } },
-    /* 48 << 196 */
-    { { 0xcb51f03954ebc926L,0xe235d356b8d4a7bbL,0x93c8fafab41fe1a6L,
-        0x6297701da719f254L,0x6e9165bc644f5cdeL,0x6506329d0c11c542L },
-      { 0xa2564809a92b4250L,0x0e9ac173889c2e3eL,0x286a592622b1d1beL,
-        0x86a3d7526ecdd041L,0x4b867e0a649f9524L,0x1fe7d95a0629cb0fL } },
-    /* 49 << 196 */
-    { { 0x028bc25096c54946L,0xace5e7ad0f5fb7eeL,0xc820d7513350ab02L,
-        0x4ae1f6d99c8d7635L,0x03d1f83a98e1ed80L,0xf014d45d5ad14550L },
-      { 0xeb8f2c328cd6d0b6L,0x090a8f71770f586fL,0x1a8219f93eb7d3b7L,
-        0x0d610d9febfc26dcL,0xfdb49980aa330297L,0x6396f218d81b3fbbL } },
-    /* 50 << 196 */
-    { { 0xb4ea3102eacb7b9bL,0x4aefb43d72af1d6eL,0x9a1a912d249a51d6L,
-        0xddd0a5744d5e3a1fL,0xe252114708aa1f69L,0x4b235efe9de89d5dL },
-      { 0x6fae47420d7f1aa7L,0x0434ae2ff200e13aL,0x75143dc192508b57L,
-        0xc441a768055e177aL,0x84cd7adf2f142b2dL,0x56484f4161d9ad5aL } },
-    /* 51 << 196 */
-    { { 0xe3e9d0881beecd14L,0x4bd12b179093ab18L,0xa6908ddbc925d5dbL,
-        0xfdc5f740832d1474L,0x1a35623696f831afL,0x0e39086808cde8c9L },
-      { 0xab1c7cbda2206b32L,0x84d299c8b93ccf1fL,0x380fa432dabb6542L,
-        0x59f01b5177c2cb3dL,0x9785c47b6e56c4bbL,0x047acc813a3f2b1aL } },
-    /* 52 << 196 */
-    { { 0x724210e61e42b4a7L,0xa8d536afe2dd968cL,0xc69936e683582c60L,
-        0xd031f1abdd5d7f68L,0x7d31dcae8c4180d4L,0x117985f622bca188L },
-      { 0x3b0a982537e38dc2L,0x1663fdc5896fe4b4L,0x55d18cc7fd707372L,
-        0xfac2d7a40d2d8470L,0x994763391b04b1f6L,0x87cfbb5ee0bd72e4L } },
-    /* 53 << 196 */
-    { { 0xeac6a72ad5dd2841L,0xf1aa32524277e152L,0xe6c44e9b6ef7e947L,
-        0xd03309fc54095378L,0x6fc5fb9ccdd06947L,0x10ed0e76d1e9a968L },
-      { 0x42d5ab02dfb77b17L,0x4c54c381a53de8ccL,0x5fb4c256f2b1b5d8L,
-        0x17d5ab28e12ed054L,0xd7c96ce1139da42aL,0xb32f63859919f459L } },
-    /* 54 << 196 */
-    { { 0x4bf5788312f4b0b3L,0xcd69d82ef46735faL,0xc397c8f9a1baa0efL,
-        0xfce184c0fd1be398L,0x15021775fa54580eL,0x10bc85468f54397cL },
-      { 0x6009a691eaa9d711L,0xc9c6a42fb7846417L,0xe9c305685627817dL,
-        0xa1be66ff92abd5daL,0x9317838fcdea11c0L,0xace94ddcc85e7aa5L } },
-    /* 55 << 196 */
-    { { 0x3ef37821d4079bf4L,0xff78abebfcbdc3d0L,0x117414bc4733ea34L,
-        0x7f181a3b9f50d0feL,0x9ea5f94eda897ea7L,0x01a996ceee8314ceL },
-      { 0x0cac3c8b420e988dL,0x7ad66ac4bed3294aL,0x6bbf6dd800b62445L,
-        0x590a57017a2fb4fdL,0xbf3b4e529ac11d81L,0x1bd453020d60c710L } },
-    /* 56 << 196 */
-    { { 0x8a43bba0902c32d8L,0xd8c69b74a3955e42L,0x413bf25d79c64afbL,
-        0x3c39837584ac94cdL,0xfbfa9c53a08ccf5aL,0x9d8ac945e9d791d4L },
-      { 0xfb9bb89e5e7a2553L,0x1442612bb039dd24L,0x8250ffe0a2e2344aL,
-        0x5eae8b396426b985L,0xa1657768484741deL,0x05e52d4ac73cdf8cL } },
-    /* 57 << 196 */
-    { { 0x61c2417995c5e767L,0x7456380c3bdfef62L,0x62763f43d206cbb1L,
-        0x1996e2c657871e44L,0xd0dbd290f220c06dL,0x6778e1e5d87743eaL },
-      { 0x40e54caf16b8f046L,0xe834a1cb6bed77daL,0x7240befa3e9457c4L,
-        0xd1b638dbac96cedcL,0xd1d7e814c9c0cd8cL,0xc73beaf14d38258eL } },
-    /* 58 << 196 */
-    { { 0xf1a6d776c05f40feL,0xb98c19b1c21ce471L,0x700b0bab7f9689eaL,
-        0x861513a56f1d2e6eL,0xb7558b2292fe4456L,0x2d8f860704c66a25L },
-      { 0x10ba7d6a7998347dL,0x72bf56093983b98dL,0x8d873c4f89238292L,
-        0x5db0dca9a5e3c944L,0xf81fe37e0925aef0L,0xed6a13a4e4daae25L } },
-    /* 59 << 196 */
-    { { 0x49e2372711c3a930L,0xbf2ede34f5293b8eL,0x0abeeb3ca8e1cc9aL,
-        0xb1db299440205cbcL,0x3252d29e52fb01d4L,0xa0b080c57dc91095L },
-      { 0xb56fdae622a9ceb9L,0x6c3c3463b31f6f27L,0xcb510ec2ae3bd22aL,
-        0x1efcd77b0b3db475L,0x1094bcc5ca766f9cL,0x688e940dfea48297L } },
-    /* 60 << 196 */
-    { { 0x3d95d26a99cde27aL,0xed608a89b99344f4L,0x7a70a8f09c0ab25cL,
-        0x7740953c496552d8L,0x4da4ca0f4a366adcL,0xbf475c1b33274d4fL },
-      { 0x5ac1d8288811b869L,0xed62e7b4d23446d4L,0x67d78571a0eab287L,
-        0xa74ae3e98b0acc4dL,0xa63f91d64077c236L,0xe2c3f82a818a6889L } },
-    /* 61 << 196 */
-    { { 0x2bde7037b1d5fbeeL,0x477a4b51a80b92f2L,0x195ae0e06606b504L,
-        0x7aaf3de57497785aL,0xb5581ee9290c5ef9L,0xcb303c30360c8ec2L },
-      { 0xfb056f901b1fb602L,0xa38bc9f59931b7ceL,0xb0b74aeab2f453a8L,
-        0x9a0e2ebf668cd68aL,0x8b7e0d73d7db7842L,0x21f29b74d1fa5433L } },
-    /* 62 << 196 */
-    { { 0x38321d7c4e11f824L,0x04dcd3a3e4a816e9L,0x382968ed07e09612L,
-        0x6f7b2dbfa370e1d1L,0x5a8472348675d730L,0x88d974b0e59e984fL },
-      { 0x89f7e2bce3f9e429L,0xd478eacfe3aebac2L,0x8df9f281ebef3488L,
-        0xcbcb9fbeab5543b3L,0x2c8d19b0203f59e2L,0xbb98e4495287b0fcL } },
-    /* 63 << 196 */
-    { { 0x16c45f709aab81d7L,0x0f1310851795a4b7L,0x3c63d43af0ecd732L,
-        0x22e2d1988628b683L,0x7d7482bab641d6d4L,0x6baef4a2ab69891aL },
-      { 0x10989097e63c00d2L,0xbfd42ab0d93794ccL,0x9a1935f3e4165a41L,
-        0x359701b35b600ca7L,0xbe7d69f983d1b54bL,0x99b0f35e3729bd4aL } },
-    /* 64 << 196 */
-    { { 0x11dd860e1c6d03b0L,0x30c1700809eec660L,0xd4f8aff635c0192fL,
-        0x96a727b1e3a4a900L,0x1426daffde78c8baL,0xfacaa9bd8d1527c4L },
-      { 0x0c0d5234cd072989L,0x1936c20d918550b5L,0x4828bee43d914fb3L,
-        0x8324ea38f3ba26a6L,0x027590f3a94eb26fL,0xfd354295acd957bfL } },
-    /* 0 << 203 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 203 */
-    { { 0x3ede2484da756624L,0xb22da2ab73b13062L,0x56069e93962a667bL,
-        0xc931266b130f2ceaL,0x4bd6a6fca7366a66L,0x23f30563aa5ac3b1L },
-      { 0xa025d0efd7c2b26fL,0x597ce7d862129bc7L,0x4809927f2b3057f2L,
-        0xb001c10a1499f884L,0x309d141c30b9a653L,0xadddce7dbf659d05L } },
-    /* 2 << 203 */
-    { { 0xa6c32900af2825c1L,0xb37c46c1d223a04eL,0x691e7d39063de7eaL,
-        0x998df4e710daf9bdL,0xc7085b9e718b5d7aL,0xd41abcc816b3d4b8L },
-      { 0x4dfce693f9bc4041L,0x383677ed659ec7a8L,0x2c1904bf4491fb34L,
-        0x7c1bf1114552451cL,0x6562cc2c3c5e5e40L,0x1ecaa2a1fe0e4372L } },
-    /* 3 << 203 */
-    { { 0x9657d08ca9cb9ecbL,0xf69662363b75be69L,0x396a9344a31c2b8cL,
-        0x1c50b1269767bc1fL,0x597223d0d1417e03L,0xe165ed5a12137153L },
-      { 0x8bce29f926a24098L,0xc428a1fbe99e7bf8L,0x6fd4c906eea7f1d9L,
-        0x94275713fceb2e05L,0x3555448b741dbd94L,0xc50e85459faffd4dL } },
-    /* 4 << 203 */
-    { { 0x84c3630bf3087bc8L,0x152691e674be6e26L,0x5abd125ff61af001L,
-        0x69bca56fbfea3525L,0x384af19900e0cb6eL,0xb0b13cfed00475a6L },
-      { 0xedafde495e394049L,0xd988b558daf2add6L,0xf14cf97a6c8ffcc9L,
-        0x4d6cec23e5a9cc5cL,0xb0d678f88a104e05L,0x80a7fcba9fb527c1L } },
-    /* 5 << 203 */
-    { { 0x9ae12b902af1ffceL,0x082f30b95a30521dL,0x974099bdc304014bL,
-        0xab1e27e444ccb6e5L,0x72db8f42290387a1L,0x3d1a461040f3ce18L },
-      { 0xe939a3f2634ba10fL,0xe70a9cf517254c56L,0xd0f8692fa08ec3c5L,
-        0x77edefcc7a7cbdf8L,0x04c4b18ebdf90f0bL,0xa890436a8aa36a59L } },
-    /* 6 << 203 */
-    { { 0x8618ffa79e30f8a0L,0x9961390cd12699bbL,0x5b1b0d744f61edfeL,
-        0x33df67d9eb7a476fL,0x7f1a767ea92ee99bL,0xfab400e32223a2ccL },
-      { 0x16f376f2f534dc3dL,0x6f36eaefcec17905L,0x8dc1516ca58765deL,
-        0x893408262260ed6bL,0x060eb0afcf4b29baL,0x9cd0a9f11d252bbaL } },
-    /* 7 << 203 */
-    { { 0xd3c2a6a8ca413693L,0xcc56a8e932d5714cL,0xc72b73683c0da165L,
-        0x5d236660db44e616L,0xa83b2ecce5c73667L,0x9d292f298aea900cL },
-      { 0x67121215aaa2a7eaL,0x57dae96abf889191L,0x63bf7a81d296ae68L,
-        0x9bf518758fd496c4L,0x5b4382fbc2f7308cL,0xf1215dfc9632aad7L } },
-    /* 8 << 203 */
-    { { 0x0d6cadbfc22137d2L,0xb5db59d3628a3298L,0x3b433c734ab19507L,
-        0x4fc53405660086b3L,0x770ae903a1eb0f43L,0x31b5857ef6b5b58dL },
-      { 0xe206e141d392868eL,0x8be6956f4b31de04L,0xcfbfca2f47449e07L,
-        0xebaef25639fef8e1L,0x959e37b8c16fc80cL,0x8bb4bdd2e911d61bL } },
-    /* 9 << 203 */
-    { { 0xecfb851380fc41f3L,0xb0dc8823931843c4L,0x59decd6c1b93df03L,
-        0x954103b72511e252L,0xe372f86a0f759de1L,0x04f5afd38f6f9ef3L },
-      { 0xbd8e60affcba2e7cL,0x9b1cb1ed092315b0L,0x5f9e20a03fd05e36L,
-        0xfcdcc44ded95f25eL,0x6baf401b6ac79cb5L,0xfe1a5a856894f651L } },
-    /* 10 << 203 */
-    { { 0x014a0907e51c6673L,0x28118ccd3e6e6a91L,0xdbbb7c4dc999acc0L,
-        0x01b771075e7ab1e3L,0xa33fefbfcd8fb11eL,0x1df5b61fc0b8a5c2L },
-      { 0x774dc2674478c5c6L,0xbfe1add422fb91a1L,0x5ac4dc694d9c8461L,
-        0xbf6e002a1e772c5fL,0x4922120e0b83fe91L,0xa7747f4b3efbadceL } },
-    /* 11 << 203 */
-    { { 0x4b955beaddaf2e82L,0x3775ecde90fdc68aL,0x579c34f91713e763L,
-        0x6c27f504fa509d74L,0xef6df04a3f8dbf4bL,0xc39f2e28b3ad7104L },
-      { 0xe54042b3a5973cffL,0x4e594427f111f3d9L,0x53c7a2ba155fce57L,
-        0x7b3c1c60e6e1d21fL,0x5e12db8d308ddf4dL,0x2c3c5e77a00e8976L } },
-    /* 12 << 203 */
-    { { 0xc483d4b24343bbf8L,0x42aca2e18a0fc95eL,0x5165df6fcbab1fb0L,
-        0xeb284370f6cdfc0cL,0xab565c00994320fcL,0xc0d157fd62133e80L },
-      { 0x7850cda55b69644aL,0xe37ae76a806ec8b8L,0xd14b805cc2c82eddL,
-        0xcb5468b6cf244539L,0x97d43ee825dbe92dL,0x1442243689fb8f1eL } },
-    /* 13 << 203 */
-    { { 0xcfc8a945f361dc08L,0x383a5336491dc3abL,0x77580587c35cd376L,
-        0x6604248ae2426904L,0x47c56025ffeb9d26L,0xc301edd8bae5d983L },
-      { 0x7c6511a9e2e5cf33L,0xdc52c1dd221d41acL,0xdbdc8acada47503bL,
-        0x01b406864bcedbbaL,0xca9cb9fd2d5496d5L,0x5768e0edb17e8400L } },
-    /* 14 << 203 */
-    { { 0x421afbe0431cb760L,0x9ae9ff985203e69bL,0x56cacf4db1a2705aL,
-        0x6a3a4136d128bcd5L,0x2411c4b866191ad8L,0x39f26e1a15b45d24L },
-      { 0x4cc82459c64ed153L,0x5c7a0dd58195b452L,0x9c88bb1c69f6298dL,
-        0xfe567b031933fdb5L,0x8a6aea71881308c3L,0xc1268b55a2f0adfaL } },
-    /* 15 << 203 */
-    { { 0x312b777c1231c557L,0x3984f71be9971115L,0x0266b58294cc2d4bL,
-        0xc3058419cdf5e5c1L,0xab3a1ae477bbf0d8L,0x7c2173a6d21603daL },
-      { 0x61cca8cc747b092bL,0x70f77a53e376506aL,0x742c20692f1ccc85L,
-        0xb1f2ceca2dc8844bL,0x5a73cff83a096c10L,0x28acb67d5c19cd11L } },
-    /* 16 << 203 */
-    { { 0xd7bf2ac6a0a85236L,0x2921b55c7194c46dL,0x162fabaa9afa9762L,
-        0x7b7f1664b62b36abL,0x77b9f797296a84e9L,0xfcc1ad657dbd843dL },
-      { 0xc6e9c1e1cd77b7f6L,0x9cf0e272917067c9L,0xfa7fa93d3bfa90bfL,
-        0x55846fe9d050e46aL,0x473b9a0d35c56256L,0xadd29e332b656a65L } },
-    /* 17 << 203 */
-    { { 0x4698137f46fb8ae3L,0xb11a595f7b1c062dL,0x4a043b99ff023ef7L,
-        0x2836d64d8ef0fa4dL,0x4067dbee8ea44a98L,0x9d1739c9f00ff4e1L },
-      { 0xcbcf12fe133d2703L,0xd2923424016037cfL,0xda7543d68be5f666L,
-        0x587d1920ac5e1847L,0x14662476f79e3462L,0x0120a1d8c810a1f3L } },
-    /* 18 << 203 */
-    { { 0xa4fc828ab18f9bb1L,0x06de4c9da27a787aL,0xfbb7c7d7b1b3a12bL,
-        0xa7052b94b8583128L,0x173ec2d2e7b02fd8L,0x4b724682c776c664L },
-      { 0x46ed9be5673183e5L,0x312191e83bd17c60L,0xe3ed6326efd56a9eL,
-        0xb3ebc44c943a2278L,0x7ef62ba9ec9cf589L,0x754be6d389832cd7L } },
-    /* 19 << 203 */
-    { { 0xccb4b369dc992b32L,0x0ef84cc0922cee22L,0xda0058f1fc56e9e1L,
-        0x208c57943f23632bL,0x3589a7338f77a82bL,0xee6cfa2c76ee99bdL },
-      { 0x88cffafc418f7993L,0x0dde3f05f4be56d6L,0x5d088382a0472bf5L,
-        0x872ca5aabd58d05dL,0x9c467c62e8f91f17L,0x38ab1b348c6b91ffL } },
-    /* 20 << 203 */
-    { { 0x926c2552ebc69b0bL,0x953a850fd4c7432eL,0x0ee85e14b9359035L,
-        0x8b10b01abde090a5L,0xb2878dcaec423943L,0x2571a178f70bde20L },
-      { 0x24ed159af5ebeee5L,0x60c202af043f6539L,0xdaaa76f4c8d4ffc3L,
-        0x2fc1f1ba06eda10fL,0xddf159ee88ded556L,0xcfa71782e67b1ec4L } },
-    /* 21 << 203 */
-    { { 0x2596ee7409d3ed60L,0xd42551f474a46e37L,0x2e46a92e21061c90L,
-        0x236299fa73ad22eaL,0xacdccd5214393ac2L,0x9a572130b56b4d5bL },
-      { 0xddfc31781835e70bL,0x5dac0671d542048dL,0x2b0768d7a6dce17cL,
-        0x6d447d4206c55342L,0x6b55b21525548478L,0x24e6483518d5310dL } },
-    /* 22 << 203 */
-    { { 0x3c58c5ea9b037c66L,0x08d0648e0d5c6ec5L,0x1bf90c53a4fa3f5aL,
-        0x660cf61740381205L,0x63fd03081d44af3fL,0xe22b9c1a77175de7L },
-      { 0x0b6044fc3556fc9dL,0xaefb6804fb55318eL,0x77045bce5c46e1ebL,
-        0x29c4a3bc76e8f93aL,0xdf8aec699d697f5dL,0x5bd9552845a89080L } },
-    /* 23 << 203 */
-    { { 0x1bd61fbdc5756910L,0xcfcc6d5adeaca40dL,0x292867885dd80ac1L,
-        0x7effe328d621c0a6L,0xc64ebb91ab22a2b5L,0x8954ab330c44a456L },
-      { 0x7552a0b460e26218L,0x2e81d3a94136adbaL,0x96dc2451610d665eL,
-        0x30859c62ab04e03fL,0xdb3726fd4c31fa3fL,0xbf4954d1d962a7c4L } },
-    /* 24 << 203 */
-    { { 0x31521f66d5d826b0L,0x0a63695240787844L,0xc0a3bd059c8f934eL,
-        0x12c57dd42f0ce835L,0x847f6a9967064213L,0x1c9e1a7aa88bd71aL },
-      { 0xc4060eb2171e8407L,0xdf78d8dfed106780L,0xa3d28ceb0d704729L,
-        0x4f8e523246ca3912L,0x09e9f852017791f4L,0x594006631e6ea97dL } },
-    /* 25 << 203 */
-    { { 0xdd26fb79444827feL,0xbf78e076d3f5fa6bL,0x46d486e81a5475b5L,
-        0x43e325a5faabc3f8L,0x1fef6b6ba6795d0cL,0x40e040666644d631L },
-      { 0x16207bb9676c3322L,0x677c1c235811706bL,0xb686252e994e2a95L,
-        0xa359e2a51b6f6a3eL,0x6d8f06cfb124f019L,0x3bcf778246266c42L } },
-    /* 26 << 203 */
-    { { 0xeaa3426b8eb929aaL,0x090924f2327bb35dL,0x4d23ba1276da394fL,
-        0x05d98e56adecd43fL,0x83c7169f6b4af795L,0xc22560a7c8f26ae8L },
-      { 0xb43aecc2d01ab5d8L,0xe7bcdc1f7257d7d1L,0x6f32d77650de3318L,
-        0x6d736b279bf02c0aL,0x9534fa5865319235L,0x5a6a38493cfbeb3cL } },
-    /* 27 << 203 */
-    { { 0x3ddcb65828c50956L,0xb335f336bf1bdb4cL,0x7c18d2d0ac3b6194L,
-        0x8748654bca324d11L,0x7c9c58dac2e85f94L,0xf1930a56d4f4f957L },
-      { 0x9cacbdbbe410fee8L,0x0e292c2178e1312aL,0x6845b293906a6270L,
-        0x842ded0f00c5401eL,0x747cd08f35e3ff9bL,0x8405540af48227feL } },
-    /* 28 << 203 */
-    { { 0x547b0d9583939224L,0x3a0823ff1e026769L,0x6016671525bd43acL,
-        0xb6cf475e18ba5f64L,0xa22f9c92c8b6d09dL,0x730553683ccf50abL },
-      { 0xa6de248eee6deefeL,0x32aaf8b2acc3ca20L,0x0e254c5bad44e674L,
-        0x8aa73e6535f95f98L,0xe622600160a2dc1eL,0xdf9482109109020aL } },
-    /* 29 << 203 */
-    { { 0x7b24d7b056190aafL,0x0115cbdd0563b377L,0x5688526ca7ba4975L,
-        0xd2971e28aee3100dL,0x57a6ff8a6fa24f61L,0x9cb571c4d8603be7L },
-      { 0x09c01564a2cce6d5L,0x14f0902b89884939L,0xd71a5ff8a072ffecL,
-        0xee7848b8fefeab69L,0x7b52a9577e40895aL,0xd1576be7e8c61be2L } },
-    /* 30 << 203 */
-    { { 0x4c4d454849d77b8eL,0x431f942f6a4c982dL,0xc8633d051cb39ce8L,
-        0x23421f8caf516f9bL,0xc9db25d2aac876fbL,0x9f2669c5d882760eL },
-      { 0x59dc4bf4c47d4bfaL,0x99ed0024c475f93cL,0x269d1ca4ebe07d37L,
-        0x49ce3bdbbf88b1faL,0x515044053361e4ccL,0x207f0048735b3c96L } },
-    /* 31 << 203 */
-    { { 0x835fe90b5a516e82L,0x26f1f2a7abfcb383L,0x3dae65a8609c4ac0L,
-        0x70b01d6e91f4054eL,0x22da015b581e3159L,0x2ad34f99329d1ebfL },
-      { 0x7385aad60d09b845L,0x4cbafb0b0adf42f7L,0xd8727d26c02398cdL,
-        0x58c261f590549db5L,0xd49b12e48ea70310L,0xb31eea047ef89773L } },
-    /* 32 << 203 */
-    { { 0x372798f02893f2f7L,0x4f62bfac9e5030caL,0x5e64f9a98a1e2567L,
-        0x5870254ce70391c8L,0x2def81a341f02458L,0x25d4e4dc1d087bedL },
-      { 0x3557d07d4fe24a13L,0x6da49186dc3112bcL,0x08c8c5675f73ba50L,
-        0x5309050b9c7c6706L,0x2ab67da3bd985072L,0x9bafa8b1e5df4e96L } },
-    /* 33 << 203 */
-    { { 0x5acdcd216f77738eL,0x340710746cb67a3eL,0xd68c55cf4bf76bf7L,
-        0x64c159200b4deda8L,0x1021d38ae242b1e0L,0x615f1f033bd3d95bL },
-      { 0x2ae0245cc300c9c5L,0x3549605ba88d63e2L,0xfe0dd65ad5038849L,
-        0xe67abfec63c6e4aeL,0xccd08ba528153bdfL,0x9be9f5bced4d76bbL } },
-    /* 34 << 203 */
-    { { 0x30fe00bb6e8423deL,0xe16ce94784e4d005L,0xaf0f8c283fed764cL,
-        0x05ef9bf67d92b1efL,0xbf6570d4eb481da7L,0x39349e30468494ebL },
-      { 0xe32b99a63fb36907L,0xd92386da2d35e71bL,0x74af8b79166a973dL,
-        0xa0a177f94f72de6bL,0xfff3e19d5dd6c660L,0x15310d4d4b0d54f0L } },
-    /* 35 << 203 */
-    { { 0x692a561f15c15a11L,0x25abe85f26ca3ddbL,0x50fef4444caffa5fL,
-        0x58472cfbed3f4aadL,0x7e9178f0092d2b83L,0x3afd364ff8dfaaa7L },
-      { 0x4686ee5cbbf813a8L,0x6a62687d937cbae4L,0x56f22558a9b7b6c9L,
-        0x9af1beae9c189e25L,0xfac4ad9f4d41f79eL,0xdecb57431f9c7a40L } },
-    /* 36 << 203 */
-    { { 0x3ac662895c02f173L,0x6a110e3876d566e5L,0xd9cc14e2b9577e26L,
-        0x6f3d5df9fdfe617eL,0x8fac740f352bb2caL,0x50bc8a0cc28e6310L },
-      { 0x6e572fc477ac93f7L,0x56277377605bb8e9L,0xad6d0637402b8c55L,
-        0xdab377914509eda7L,0xae770abc0854e91bL,0x523bd278742b3de8L } },
-    /* 37 << 203 */
-    { { 0x8ede0eea2aa0da2eL,0x7015ee6e90cfeb90L,0xef33f3efd6b3227aL,
-        0x6e332f1712ef9f4bL,0xcaa089898e7f9fe9L,0x001482ef8fa71529L },
-      { 0x2522637907a5019aL,0x807faf01bed40fc9L,0x426002ab56710e12L,
-        0xcdfffbc18d3949e6L,0xcc03f27861284379L,0xcd7dc2026d5edc82L } },
-    /* 38 << 203 */
-    { { 0x94f84d57cff31148L,0x9c567c7f6bf2a313L,0xc82e62353149ad8fL,
-        0x81f69703c2a5d513L,0xb54e6fc756eea9acL,0x6799c7957c3aae62L },
-      { 0x78e89c1edb280515L,0x3c5693066ac42925L,0xd984c86dab063cc4L,
-        0x61754b5151d44ae3L,0x23af8ec0cebeef0fL,0xff67170bc618fe8aL } },
-    /* 39 << 203 */
-    { { 0x123b567195b58447L,0x7397316ad43aabd2L,0xcb65d69d9ddc7979L,
-        0xf98be7bd91150e08L,0xa5388c79fc0ae5c7L,0xb115690215ed9074L },
-      { 0xc2d01b9227e9afdeL,0x80d705ec2095a6ebL,0xbea901c7fab23079L,
-        0xced8b2772346d712L,0xad5c45a92542a0ffL,0x87b2e4ac0455e90fL } },
-    /* 40 << 203 */
-    { { 0xc2cbd64417fecb90L,0x61616eb3b32dffdbL,0xdc4485a29f5d2095L,
-        0xf78911246553371bL,0x4f06ba18bf9b20afL,0x136d4f291a2c4df1L },
-      { 0xc04aca34fb8b685fL,0xeec83c20f2b657bbL,0x4da5d70a5925a36aL,
-        0x8060874172ff2965L,0x2e0dd9ff9f352620L,0x5f0afa6746d1a7a8L } },
-    /* 41 << 203 */
-    { { 0xb76c722762c1e582L,0xbce1eb164ffefd05L,0xa574a9fe169e53fbL,
-        0x77bf92b0c001628eL,0xd998172c04d60440L,0x62f35199ceae6bf7L },
-      { 0xd81a563e93f1ff84L,0x5a7a0b4211598ad0L,0x884f2ca5ff11f3f8L,
-        0x99f5aac2f3ac66cbL,0x58497c01f489c5afL,0x11277bc39566521cL } },
-    /* 42 << 203 */
-    { { 0xfb9670c26a770385L,0x5da887e1e9682174L,0x31fa9d6bedf922f3L,
-        0x8de8814cf7a98d1eL,0x3935b9b27a019f08L,0x1f59d6f3ea6173caL },
-      { 0x8732f39d5c638a66L,0x981a1b7a3d48d3e5L,0xea451b381ee0ab37L,
-        0x31a8e9abf2708356L,0xa491944ee86cbfc1L,0xd747a885a97ddfcaL } },
-    /* 43 << 203 */
-    { { 0xa3460236aefd304aL,0xaac80f43c58719a0L,0x7d635c17d3ca5b1aL,
-        0x986ac0a62119976aL,0x0d8a6e39f2538d36L,0x6a02af2f31849d5dL },
-      { 0xecb6ef8f6719d4deL,0x6dd71ab674ff8880L,0x0d40ec0e9d225d93L,
-        0x304cd88adf381d24L,0x2d6787380c5571fbL,0x03c23f547c03af94L } },
-    /* 44 << 203 */
-    { { 0xa995a95bf46aace5L,0x44ede5379eaa630aL,0x421f3b3500336e3bL,
-        0xbf897478cf47c9edL,0xf360ae32259e0827L,0x04e0e3e82e6a9f6bL },
-      { 0xb26eae5fa9136702L,0xd6cb15a1853674b4L,0xf81276e2748bcbc9L,
-        0x7fc02e220a4ca1d7L,0xf650f48ecd82f330L,0xf4ea7c1dabaa8859L } },
-    /* 45 << 203 */
-    { { 0xe9f090b935caae35L,0xe04dff188dcf1e6bL,0x81b7de5eb8032e04L,
-        0xba0d0b4e4b1e8070L,0xaa82dc8ad1a2aeb3L,0x5855ed1ded26f229L },
-      { 0x8bce967ed1955233L,0xe6ed07f356ac7532L,0x4227c7fdbf0eff2dL,
-        0xb1f4785fa5e213e4L,0xeedad0733ac30f4bL,0x503619889cf1e686L } },
-    /* 46 << 203 */
-    { { 0xeb252116ba5da79eL,0x51cc937edb691345L,0x1d5fec14077458c1L,
-        0xaa304f7ba0808e6fL,0x4bed89f5abec4c09L,0xc67293cbd1a3b798L },
-      { 0x0905f7d342122672L,0x83675b2da0d3a277L,0x7f422b7024bf5bcaL,
-        0xe2144c6910495acfL,0xdac1c357a6a6ab5eL,0xd1a3b951c8b1d472L } },
-    /* 47 << 203 */
-    { { 0x0821017d60c0c248L,0xa17ce97a8540bdc8L,0xe0576ea986e6f45eL,
-        0x1453268bf152c6eeL,0x1ea1937138edbed5L,0x970ad9c002343c23L },
-      { 0x3a08a859af8a97afL,0x20caf7cab570d738L,0x6d82d863e2a89455L,
-        0x30eb8d0724c76844L,0xb31d58c8d32b79f1L,0xe5df7cb9fe63e93cL } },
-    /* 48 << 203 */
-    { { 0x1ccd44ff95c746ecL,0xe18914b510405763L,0x50ed644321a3a927L,
-        0x4f96a1b143ef8e8fL,0x7f5645e577952bf8L,0x4bc5c7ab66dbdf15L },
-      { 0xacc1612623930a08L,0xbf5ed482504cf9b6L,0xdeb7a798d71ecbd7L,
-        0xf62e63b14a4dd859L,0x668809a7daf714d9L,0xdd836382f3a4329eL } },
-    /* 49 << 203 */
-    { { 0xac0ef2cf383e038bL,0x848e3c1f91135098L,0x19e5a3ee3f15b241L,
-        0x2d01f1a2dbea2ad2L,0x44ec32a799cb0bdfL,0x3e66fed4eab4d856L },
-      { 0x3162a75af45c8656L,0x53ab74245a37ca4fL,0x1b81f1dc360bb395L,
-        0xa7eb222e2b8a5267L,0x163bb0c804b0bcaaL,0x1cac5bc0ef5c417dL } },
-    /* 50 << 203 */
-    { { 0xb95e2d85e81d9e43L,0x8a92acdd1418f6d8L,0x5429140110ee43d7L,
-        0x32a2933c625838dfL,0x801d57dd3d485868L,0x33bba67258af765dL },
-      { 0x545fe2583f520eecL,0x900ed51a32d71974L,0xf21fefe6df3ed77cL,
-        0x2f0df28c9deb2d81L,0x90898dd780856fb7L,0xeba82159bbba4771L } },
-    /* 51 << 203 */
-    { { 0x83ecc8f374df3780L,0x432e9807d3a89728L,0x3461c5297b5cb6e0L,
-        0xee307c19030c25cbL,0xd72b60c7391ee616L,0x0c07bf462e9b4384L },
-      { 0x9d791b0bd44acd49L,0xf3b3411c9f3b33caL,0x1bf55cb97f9b455fL,
-        0x77e01607600f0a91L,0xdab95bf26bb7e977L,0x30d0f591fe4633e5L } },
-    /* 52 << 203 */
-    { { 0x894bdbd9c48f3ad5L,0x687ff8de09e167f6L,0xf06104a930371c43L,
-        0x82fd34b7ce84dd10L,0xae122deb66ce5abdL,0x31f041d2fc4a90b2L },
-      { 0x2589535c9a01c607L,0x231bcc85695bd7abL,0xc67c306262e3a31dL,
-        0x31be44757af3e186L,0x1a2077a388efa7f1L,0xffe53e22815fad1aL } },
-    /* 53 << 203 */
-    { { 0x4ce41f69a3ee310bL,0x38fb07d09bf311ddL,0x5fd284d660985bd4L,
-        0x2fe99a19e04d3dffL,0x21a352520b3ad853L,0xb0808a89012aa69cL },
-      { 0x98219cf718c7c301L,0x429e08fc91254db8L,0xface2e53c41d54d0L,
-        0x180651242decb2d7L,0xa9f65e3f26a9191cL,0x1dadd3deed42831cL } },
-    /* 54 << 203 */
-    { { 0x81ce91dd6327460aL,0x4cc880a0e2f22af0L,0x81aa9bb46a6d36f3L,
-        0x8ad516741dd10657L,0x212267854253b30aL,0x530d1f6a8f161dd6L },
-      { 0xe7eeb4c7e9ab63aeL,0x84f225bfb72d250eL,0xc81cb984458a8dc7L,
-        0x39fbbe3bda68c1afL,0x8c6c99b3083cafd9L,0x4700ba37eb07d40bL } },
-    /* 55 << 203 */
-    { { 0x8980dd7cd8dcc7b4L,0x0179e9bc7ad18f8dL,0xa9e4fa6a08c60f0aL,
-        0x4f0d76fa3cc7dd36L,0x53339e4c51a0e67eL,0x1acdaf24cebd80cbL },
-      { 0x5aaebffcb5264b96L,0x3ebebb22858df87aL,0xb2f4c1cb092a95a1L,
-        0x34932d51841b1a63L,0xe0631aab49074a2fL,0x71525c4fe3b7fd61L } },
-    /* 56 << 203 */
-    { { 0xdd15591366229776L,0x84093730f7882064L,0x6dddcb14e50ee337L,
-        0xa8e6ec597a1f7e81L,0x8467f998f3738a6aL,0x70fcc6bcad3f1840L },
-      { 0xf82eb4be723b3f4bL,0xf0f3935406beec1bL,0x1b181ea37ddcb539L,
-        0x9c82c4faad6a81b9L,0xcc5ea5435c612c2bL,0x63ce7571bb258d6fL } },
-    /* 57 << 203 */
-    { { 0xc6c110ecd3b9416aL,0x254403ea024f63e5L,0x92d2965b68aa4a66L,
-        0xa08bfaafbaed92aaL,0xe2194cd701ad3eb4L,0x7ba66e1da7552847L },
-      { 0xf68c90ee44eb9bbbL,0xabe38c5c5f6438daL,0xe16d4aa68c38a6a1L,
-        0xc2f8691bf6294db4L,0x9248492fba64da6fL,0x850c6a6865a3d6b7L } },
-    /* 58 << 203 */
-    { { 0xa794308d2599a1f7L,0x06bbefce3e72b328L,0x24f2c6f5420f6ae1L,
-        0xedf67defaae894c0L,0xf66396eb2e8e9821L,0x21fbf5f7a701c8ceL },
-      { 0x7fbb192401732f26L,0x3d0063a944f57696L,0xd6bcb1c3513dd8f7L,
-        0x1fbb11b2c9f8c033L,0x122f94b17b57b3eaL,0x08edce19d24626c0L } },
-    /* 59 << 203 */
-    { { 0x06aa75398c3a1e9cL,0x3512ec3c1a08c7caL,0xfad0dddac5a92e6aL,
-        0xa98059ee3b9022fdL,0xd67b6723103fbda5L,0xc1df32904762c170L },
-      { 0xfd99ee58c734f81dL,0xa8de2a4b478b8a4fL,0x9e3ed58fb4b557c6L,
-        0x14d353c571abd10cL,0x10ea798fe3fd4475L,0x157e16f97627f4d5L } },
-    /* 60 << 203 */
-    { { 0x1b5888550b96547fL,0x4539c9c065d1a59dL,0xd6c95fea26e15084L,
-        0xf84ad9e286b96242L,0x92f57d6d451a5486L,0x0215cfcb06a9e87eL },
-      { 0xe05b10eaf66e46f3L,0xe7b0e72f655a0642L,0x035032677b117f43L,
-        0xf5b78105779ea4a1L,0x28ee00faa4adac77L,0x1ea67d716a93a2b1L } },
-    /* 61 << 203 */
-    { { 0x4b68a01cd6b3387eL,0xc79582a9e7c4c99aL,0xa4ad6429029fc3bcL,
-        0xf260ad946b83c7adL,0x81360618b09c3b8eL,0xf66e00ccc661ba2bL },
-      { 0xd064537de29a69e7L,0xe2764d389bb4095bL,0xa3f57eb0f2efdea7L,
-        0x72c214f27ed3ac00L,0xf8cfa59de392e32bL,0xa5d995124ad99928L } },
-    /* 62 << 203 */
-    { { 0xd069a9971dec038dL,0x64401a3fd0b59bf0L,0x33eff74ce7ec5e85L,
-        0xfef5a1c50d35b207L,0x731cfc17e766bc43L,0xf994c0d01328b6cbL },
-      { 0x4f2a5eaa2d3cc024L,0x7f83c57036a6fa14L,0x915a126d65f71dbdL,
-        0x588fdd68acfb54ebL,0x7de9d37b7f57b2afL,0xca52d27170e071ebL } },
-    /* 63 << 203 */
-    { { 0x9b9211ada283322cL,0x30c6fa27b7124c9fL,0xda8f88a7474cbf5fL,
-        0xc2414ee338203749L,0xe5c65cc26b767731L,0x8bdb52952753781cL },
-      { 0xc8fe770be051cd30L,0x6370ecc4f046aa97L,0x03c83c1cfa287e66L,
-        0x935bd2052bccef4dL,0x87b2a49646012036L,0xbce6a91de3e6d6aeL } },
-    /* 64 << 203 */
-    { { 0x7be81fb126882c6cL,0xe2d5a251ecd25498L,0xbb3d40e27a8d1678L,
-        0x1806c67ad520811eL,0xadd4bb6686f65d23L,0x3a62b1b3e20e23d7L },
-      { 0x208b47006548b3ebL,0x0497f09ab7ec2809L,0xbd3964f8121c37e2L,
-        0xd35ef301a598efbbL,0xbd76a276c5eef966L,0x64700a7f0af64e46L } },
-    /* 0 << 210 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 210 */
-    { { 0x169474a2d3812087L,0x9de300da6698ca7aL,0x8589de922ede425bL,
-        0x50e03fea6df8a890L,0x0d8a5c1c4ba8b8e3L,0xf273aa673fffb91aL },
-      { 0x21cf054475fc8236L,0x6ceafacf9799c242L,0xc3237eaed0962c81L,
-        0x43d6ac34213f6004L,0x45e619b2d4148b6bL,0xfafa18b5ea5fb80aL } },
-    /* 2 << 210 */
-    { { 0x9a8580aa2f063b51L,0xa83c8ff71c216613L,0xb4da0970be07f781L,
-        0x0ac2a260712f7b7cL,0xc9b8ee84436a7b97L,0xd758c20d11fb2f62L },
-      { 0x5daabed9f170b799L,0x018d2fddc46bc387L,0x82d6b5b7d96cfb8eL,
-        0x4d7d0d9344d9e843L,0xfa2a9ea991e7da3cL,0x8230c1a3d531b253L } },
-    /* 3 << 210 */
-    { { 0x82412f525ec31754L,0x42f462c89d32e890L,0x1e7b58cece897ff2L,
-        0xcfef785241164628L,0x34ee0422d8bb22efL,0x6e0d44ac7d32f01bL },
-      { 0x968251655a3cc196L,0xa26724dc99eb23d3L,0xdb575fafa75f7252L,
-        0x778e333062a3e5b1L,0x8689884e84cccc80L,0x9883cd19b645502dL } },
-    /* 4 << 210 */
-    { { 0x4cc41f2834220e26L,0xb5937c6da49749c4L,0x705366640fa1ca24L,
-        0xeeb40f3b91e5edafL,0xcdf98235f1d3de14L,0xa65e5b7eff018c43L },
-      { 0xaa3228e7acee3a6eL,0xb63a6289e08f4ff1L,0x90e90425650b2daaL,
-        0xe4a8cad26d875f17L,0xc212029c9ce8a46eL,0xce0512835ed7cfb5L } },
-    /* 5 << 210 */
-    { { 0xb0df226159b79436L,0x82bd0dafa195be26L,0xbc99a94b3398c317L,
-        0xbeb44c903c96ee31L,0x3c39ad81664d2e46L,0x081787520a3e0585L },
-      { 0x9a054b6b413e269aL,0xbe58891d98c3b62eL,0xe7fa4c4de5734974L,
-        0x8ac535f4d0a846a8L,0xea0f95f1a651339cL,0xa255274fd96aa239L } },
-    /* 6 << 210 */
-    { { 0xe23b7b229534047eL,0xbd70aea83a3bd625L,0xf44b05fe238db60bL,
-        0x9c46fb140293abcfL,0x12cab5d3bfd8875bL,0x1f38d4aa12dd0c65L },
-      { 0x4bed41572adf9805L,0x3f87da928a56609dL,0x10b93363da02c903L,
-        0x7ecc726621ce4786L,0x8ae366851e3da5bfL,0x196040ffd3edee12L } },
-    /* 7 << 210 */
-    { { 0x4805841fe81508e8L,0xe2a578d3a4808642L,0x6bbf10accd0b2555L,
-        0xc5071effaf5cde28L,0x665e75439a7124a9L,0x157c11edc1437981L },
-      { 0x2019367d7aeddd8bL,0x74a1e104386e3b8aL,0xe72d429bfbe09a42L,
-        0xaca96fd9061b862eL,0xbb2d2bc8122595f8L,0xc90c6503c509d644L } },
-    /* 8 << 210 */
-    { { 0xadb5966fcff05adaL,0x8ed26c025c57284eL,0xa76e73e244693a95L,
-        0x14da74355982bbd3L,0x46e982cd5d2ca132L,0x8f39074024938e76L },
-      { 0x749206b30a89b09aL,0x429653c793b4a1e5L,0xbee3d1567025bb7cL,
-        0xe23f0e1e19555c9eL,0x0dec3837751639baL,0xb36cb84405d43bd0L } },
-    /* 9 << 210 */
-    { { 0xae76a96e74f90b6eL,0x5fa8e94824c6789cL,0x2b3584bb03abbb81L,
-        0xe19ce47c5c451f72L,0x35792fbad619ac7aL,0xfa0282a250059bf4L },
-      { 0x562bfd14dabe692fL,0x1aaf542c47eeb6c2L,0x392d5bba045d0360L,
-        0x4e7bb31bd80fe998L,0x08f62ef31111e14dL,0x4de917b04e9ee1b8L } },
-    /* 10 << 210 */
-    { { 0x8b9d2d5867166271L,0x658db4ea142bab7cL,0xdf84932fa4ad2849L,
-        0x04b113355f6f86a7L,0x2de6b29c50cfcea7L,0x46d8f68a9be6a3a3L },
-      { 0xfb88cda7af0204afL,0x3ece449126029d72L,0x69fef1e23f946dfdL,
-        0x708532fb01ef7bb5L,0x78d5053deb3795a2L,0x819a63206b36d57bL } },
-    /* 11 << 210 */
-    { { 0xca07e0c1e509d19eL,0x6c7e42c39f6281b1L,0x0e2ff43977b66728L,
-        0x1d740e7880e76251L,0x6bfae4c631a0eb23L,0xd78ca917aa9b0b3bL },
-      { 0xe140c662991e1781L,0x6e396b5f0dd3cfeeL,0xf0a1d1976ce7f6c7L,
-        0xbe10f8efd5b01564L,0x865cbd54101a5194L,0xf665885266861dedL } },
-    /* 12 << 210 */
-    { { 0xe4e52e865b28f7daL,0xeb43a6809a58683fL,0x73b951bfb49f2b38L,
-        0x7b6cb7db3f8097cfL,0x9dfb8d0b328fbf05L,0x491635a5ebce6211L },
-      { 0xa31a152390fdd577L,0x334120df1cd2f39cL,0x1d22834e6b563876L,
-        0xfd91b30d10ee5a28L,0x3d7a282d59aee4eaL,0x36814c6b73300a76L } },
-    /* 13 << 210 */
-    { { 0x7b584add6621c251L,0x98da669d4233aba3L,0x4d652b7933aa2065L,
-        0x901bcfb8df7b4ed4L,0xb2ce587948012f81L,0xc18e2cd63cb71b88L },
-      { 0xadb0f2bdff86279dL,0x46d9e5d65bd15866L,0x11b1fb3ec635a4c0L,
-        0x8bcd0ad201b1006aL,0x0f6f7502cbab210bL,0xd6cc3e560d6b3995L } },
-    /* 14 << 210 */
-    { { 0xa54a6420137264c5L,0xa6ef0e78f9c2e45eL,0xba8b5a73d58d850cL,
-        0xc0209ed86ef6fc3eL,0xe39dd0f391f7518aL,0x74697b8942b3eda6L },
-      { 0x2dccac36abfc9150L,0x80e4fba298b2f5a5L,0xe0e56fd2771018d5L,
-        0xa31fd1684c22bb94L,0x8b0998f71a66ef21L,0xed483e55b5a53ddbL } },
-    /* 15 << 210 */
-    { { 0x95db1c0ef23978ebL,0x80ad1612f04011f4L,0xe76bd1824d7ae83dL,
-        0x841d6e668fc3bd60L,0xb68e80796875e2d0L,0xe3965efcd5d9dee7L },
-      { 0xc488bb7e58930931L,0x52f4de19a907aa24L,0x39aebbdd321cc197L,
-        0xd2f5b1f967de5c66L,0x60f1a8c28efe3e76L,0xf40604a0af988831L } },
-    /* 16 << 210 */
-    { { 0x78b5c14c0acb5935L,0xd9ec715c4311d3beL,0xffa22ab209e1759eL,
-        0x5a86263db4b2f68cL,0x71e77c516b5be7f4L,0xfb5bea3a19844f6dL },
-      { 0x2519d0060890ffabL,0x426a03f0f0329ef0L,0x2c6d74a685b3c2a9L,
-        0x9306f68fc294f449L,0x552e77c22c69fb46L,0x7c7337ad10bb9886L } },
-    /* 17 << 210 */
-    { { 0x61f8a505d2b9f25bL,0x1d33aafe4c8645ffL,0x26f3fab7bcd333e5L,
-        0x8ff4fc51be95e40fL,0x11cd52c6b55bdd5aL,0xf2b4782a22d43de8L },
-      { 0xfe66e399a4c0e1c4L,0x26c6d7fc17954032L,0x44c700f97f20d2caL,
-        0xdf67c3927187cdc7L,0xe11a98f9da36414cL,0x0bc5763a04052276L } },
-    /* 18 << 210 */
-    { { 0xe75b564bcf95451bL,0xd5ed760cc01aac32L,0xccf14dc5980d2c06L,
-        0x235b5034ce2a5c0cL,0x64dc86aa05fa6780L,0x1d2ea4877385590dL },
-      { 0xb18696f636c3174eL,0xf530487b608215b4L,0xa073d0750a123172L,
-        0x8ca24b5afde8666aL,0xd6dd589a9b716dc1L,0xcab7ea504a721d4aL } },
-    /* 19 << 210 */
-    { { 0x34dee42c1592ebceL,0x5b0eba2e417636d3L,0xba178703a97d7356L,
-        0x16f6119f4123e8cfL,0xd2906a53ef179fa6L,0xac5530606b7ed572L },
-      { 0x82a25857b600f5c8L,0xb1dc1309973d516aL,0x6d53a967245c6e34L,
-        0x7ce90bf4f670b879L,0x727ad4129732b6ebL,0xf00fb0054411dfd5L } },
-    /* 20 << 210 */
-    { { 0xeba7daad2b14da6fL,0x8274d1a8cee90515L,0x985c18f885bdbc82L,
-        0x86555ff094d43909L,0xb0b1b2b6539e108bL,0xa4f32c66c0bf1313L },
-      { 0xbd4777c162080e0bL,0x73039da8dadfb23dL,0x85bc57374a27f1ddL,
-        0x9a8ae24eeaaa58abL,0x161cb2f5e876fac2L,0x54d457e46636e377L } },
-    /* 21 << 210 */
-    { { 0x409b17487bece8c3L,0xee36a1d3b49f5c90L,0x8ed9eb2a619ecefcL,
-        0xc50a917798ab7bb1L,0x1eb247cceee2ccffL,0x07a9566f084a0f69L },
-      { 0x59bda805a7cbee61L,0xf588124ca4e7ecd7L,0x0f7d8c3dde5eed54L,
-        0xd98894ddefcb791fL,0x2fd80439ab309d7dL,0x0c8bf15d3e6cf756L } },
-    /* 22 << 210 */
-    { { 0x076a19c70e68a69dL,0x4d01c94b24b3854fL,0x9f38c5eeea8a85b8L,
-        0xea80422d9a56f9c3L,0x10d9ceec9ad36735L,0x42194df742261173L },
-      { 0xc7332e70c285d22dL,0xf3a3d4be592ff9b0L,0x2fe712f7f59846abL,
-        0xd6de5201e4362677L,0x16ce8f1d4f30006bL,0x1f3c324d11dba5edL } },
-    /* 23 << 210 */
-    { { 0xa5af9e1c0cb4335cL,0x00a46bc0f3d0dbe5L,0x852a18c99d734817L,
-        0xc12d54a9986c0102L,0x184b407063ffe60dL,0xe05182437d99d723L },
-      { 0x8d3886cb20ef7647L,0x7e9c618017b1ce8fL,0x194baf260f176141L,
-        0x978015d3b4694945L,0x2603be2f1c135e8eL,0xbc0f5e72ba074e0aL } },
-    /* 24 << 210 */
-    { { 0x1674b959cfe7bcebL,0x62e1279fe7b66a28L,0x3962a32dc67c3648L,
-        0x4949617368d720a6L,0x4e81df85a957a5b2L,0x28b5c45753123c0fL },
-      { 0x5091dd347e239c67L,0x10b9c3f6160ef925L,0x5e7720f52c119dbeL,
-        0xd584ae76c94d609aL,0x476c63ba86dccd1fL,0x70103a1a32508c6eL } },
-    /* 25 << 210 */
-    { { 0x64f4f4ee90a17a16L,0x31165bee7cb22fb7L,0x31da800b924825b0L,
-        0xc2c169db0551e47cL,0xf9ca5e0e0d583789L,0x5e4fbdb53cd42f2cL },
-      { 0x6ade1fce1d81000bL,0xa105df391d6603e5L,0xd659094da3139f95L,
-        0x363a882851d01444L,0x13cd7cbb2dece086L,0xaeea2aa96ab9020aL } },
-    /* 26 << 210 */
-    { { 0xdcb31a931081405fL,0x200090dcf1326ecbL,0x773fe49cde99f0ddL,
-        0xf6a7cb67fac2c511L,0x95c93429b40b014dL,0x967708d4198dd723L },
-      { 0x74591cc184b90062L,0x2539ef20691d2550L,0x7d7290765a5d86c7L,
-        0xa81f085475c6fdacL,0x103186d1c0f0d5cfL,0x5ae582e07eb3b8d9L } },
-    /* 27 << 210 */
-    { { 0x7df39eb2f9f3456cL,0x1e7ad4587be12020L,0xaee54df11fedfb79L,
-        0x98f3a0879bf1dfe6L,0xdf958d371d13fb71L,0xa745249717dc809dL },
-      { 0x9f2ec9dd02d4eb90L,0x9db5686e48b0c7a0L,0x7d064cbf72532eb0L,
-        0xe204d56593a71a9cL,0x0c912346f1aecdecL,0x894224a3d25d243dL } },
-    /* 28 << 210 */
-    { { 0x6bbf77cb5a508291L,0x2af81442d35db82cL,0x357feb1a2b9febf8L,
-        0x74240a81a25330ceL,0x7a9ab575b4917998L,0xa60288d5eda3ef5cL },
-      { 0x360410d30aea9569L,0xef66acb5b9bf8c16L,0x7baeb466cc381b57L,
-        0x024a98b8247a4904L,0x6e70b4c3e3c58130L,0x276e2420ae8a56d2L } },
-    /* 29 << 210 */
-    { { 0x3b4a25222c57f1f3L,0xf43d352ba8d1f53bL,0x169fb3cce198b03cL,
-        0x92172ca923235a6eL,0x90b5953683f996e5L,0x32b1a34cb5ab11a0L },
-      { 0xb944e4b7b9001351L,0x1084de3d28ab5cb2L,0x60f1dc93c70ec63dL,
-        0x790e1d496cfa10f9L,0x79bcc2277c3cd865L,0x95007ac24fd31fd0L } },
-    /* 30 << 210 */
-    { { 0x6b5d8db5f75e17b5L,0xc5ab42961b45a230L,0x586f097b7486832aL,
-        0x1ec456c14f289757L,0xd11773bb57b04a20L,0xc84dfacd0821d3dfL },
-      { 0x580da8cd586e399cL,0x58c1355ae3bbec57L,0x0a476934d594a2e5L,
-        0x0490ffd537e99427L,0xd41348386a4d8c4eL,0xd62cccb3c83d6e28L } },
-    /* 31 << 210 */
-    { { 0xe6071a3d57c9e219L,0x88728c47a93f38dbL,0x0426848b50eb1a01L,
-        0x9df36972cada9a09L,0xf2ad4a2d4f494ec4L,0xae26577de1f34993L },
-      { 0x72ec08cde3618d7aL,0xd1fb89013ea90c46L,0x915936173b94f996L,
-        0x8703357705387745L,0xf1961ff818fd5199L,0x7f0b58d34c2aeed1L } },
-    /* 32 << 210 */
-    { { 0x3313a9d544b133d9L,0xdb85c25d2da910ddL,0xc0fdef915e4dd5cdL,
-        0x902a2a93c565dd67L,0xd8eba4dc7fed05acL,0xd453995ce157dae9L },
-      { 0xd655d0b3f250cb55L,0x4194a09e86119222L,0x5b7e525a0652872bL,
-        0xaf7968efe68c0ddbL,0x2ec02930f51cb31cL,0x237f3ae4f2be071eL } },
-    /* 33 << 210 */
-    { { 0x696d84910dc943a1L,0x1f24fd7d9fe1d7d5L,0xea38c9e349413ad7L,
-        0xe223996607c1cecaL,0x62094496ea7bd8dcL,0x9aba5bc7236dd525L },
-      { 0xa138ed5851631b6fL,0xed724f20902f109aL,0x3ab594cccb28f1e8L,
-        0x3424213b5916dae7L,0x07e5a6df18479651L,0x4c51f2e1c5b48e29L } },
-    /* 34 << 210 */
-    { { 0x6306564b6591a811L,0x734b2619fd463a13L,0xa795d0569d8019d8L,
-        0x103d85004ffe5858L,0xe1962c31adab8484L,0x326b3351b2015dccL },
-      { 0x2ad52b852ff36c73L,0x5874652308682fcaL,0xf544e162ea37824eL,
-        0xd4a6b45ec208ce7cL,0x52d09045d2559ef2L,0xde1dfbbe57ebca65L } },
-    /* 35 << 210 */
-    { { 0x3a94aec3bb793f9aL,0xd0af44d4b5352511L,0x1d3f1c130b8930cdL,
-        0x016cab225a729e0cL,0x092a7c11e31b549aL,0x80c462ed90ebfea4L },
-      { 0x3dcb9606e5e4ae09L,0xad150903ab59a450L,0x1b58210c6c944727L,
-        0x26599f6024572a80L,0xfce0ad40c0445075L,0xedca1ada54c4037dL } },
-    /* 36 << 210 */
-    { { 0x794593303801b021L,0xb19bb405c9a4cde4L,0xe20091667f9cdee9L,
-        0x762c684f7636d30eL,0xbf2b29f20c215831L,0x4c0d1b651853fe90L },
-      { 0x196ccb3157defc94L,0x9f3d66b7f6b9cc44L,0xb2328a0eea439deeL,
-        0x82b3808d7b140e5bL,0x986210dd88e4a35cL,0x9b171fc838a2b7a7L } },
-    /* 37 << 210 */
-    { { 0xdc80e3ae91517233L,0xa219f65dc6f20d29L,0xd348a3d8be093f56L,
-        0x63c233774d33113bL,0x587fd56257f2ce9bL,0x82cf3e3a4e9061c0L },
-      { 0x0e41f59bee8dd928L,0x7a5641be8aaef52dL,0xa852a171984ff476L,
-        0x3c37fd1c047457b6L,0x7f00d665972d4793L,0x29dab0fd97b27966L } },
-    /* 38 << 210 */
-    { { 0xb1d119c91e9d07c0L,0x2f973a09432c86afL,0x3505b6f05ded5546L,
-        0x21814b958687f973L,0xc104d7fad3794ae9L,0x81614d707ea91311L },
-      { 0xb7f3e6b600677961L,0x53fceb8bc0e6a90dL,0xa3a7485699ed4fb6L,
-        0x07ad488421d4807bL,0x527b1ae6004e0c03L,0x437f306215146393L } },
-    /* 39 << 210 */
-    { { 0x917b4cf463e12603L,0x79e0b7363f838ecdL,0x57de4b3328b4f37eL,
-        0x3085e4887f58fcfaL,0xb9301c4e958a3bc6L,0xef8d10578b044eddL },
-      { 0x2123d284d6391459L,0xdfcc2be5e196d765L,0xb58216268184b993L,
-        0x13e21d03937c6048L,0x39eb3d38460d11fdL,0xf8ef123e5bb23c30L } },
-    /* 40 << 210 */
-    { { 0xa6f8b354666eb2f0L,0x7fbf6d91f9c7b16eL,0x9b360814161b5e0bL,
-        0x13726fbd921511a4L,0x37aa1b8013833a11L,0x53f01183407b9889L },
-      { 0x8a83ea3fd147da9fL,0x25279241db0ad0b1L,0x78353bccd1a8d9aeL,
-        0x1e33c10e271f7f0eL,0x136d9e7e9e67adc5L,0x11dcef95cc56ff8dL } },
-    /* 41 << 210 */
-    { { 0xae530580d84ba919L,0xac2e43ceb6d3ecd5L,0xf97b1afda4bc6a2dL,
-        0x180d66d5bdfa96a0L,0x935b8a7d1ca12bf5L,0x1d4409a79e678225L },
-      { 0xdd85bf4b19a2163cL,0xe34197bcddeeb22bL,0x1e33fc3e1210cde9L,
-        0xc96212a98b9b5d0aL,0xa3ae81f303e4a12bL,0x531a7148ea262807L } },
-    /* 42 << 210 */
-    { { 0xf11ac5fd4ace8006L,0x898a388133c499a5L,0xcf27ab9f1d3368ffL,
-        0xfb6019606cbd6e54L,0x5373c2a901fb58b6L,0x1489f5037cd1b888L },
-      { 0xb3f0e0b85a238131L,0xd0e11e6e670858bdL,0x897f1584b65768f8L,
-        0x9252aa72013b1f2dL,0x185842af0a1a5f8bL,0x49a978373d681a70L } },
-    /* 43 << 210 */
-    { { 0x8b65c6d23396eaf3L,0x2191764e50b9392fL,0x7a2363b72dcf6d0aL,
-        0xa6a52402f0591553L,0xfaba81cd5ff7a071L,0xd6be926ae43e37aeL },
-      { 0x7b34c578ccaacef2L,0x2bc5d248d5eec9b1L,0x9447aab3014c0048L,
-        0x767309a3c02d54d0L,0x408c6eee1f92297dL,0xf7ad95f40072a2d4L } },
-    /* 44 << 210 */
-    { { 0xd0051ab940ee5098L,0x4861b2461d8311deL,0x6b7796e0f31e860fL,
-        0xde8b243acfd543e3L,0xef9d0957a0161843L,0x70fd43ecefefcbaeL },
-      { 0xd47392541931a5a6L,0x42e253300342623aL,0x90b33edd52ffbf5fL,
-        0x0affda4ca015a550L,0x8716376b77e59672L,0x39d84b33fc0e9448L } },
-    /* 45 << 210 */
-    { { 0x71b55e7ea0415173L,0x5d0b5e01b10f3cd5L,0x0c35a1b63e3f9d84L,
-        0x3c68cb5db794ba37L,0xa73356f0dfd6c999L,0xc59ed0650e5e221aL },
-      { 0xc59443a90cd7d577L,0xa354296e283015a8L,0x202aee3ba7477107L,
-        0x59f361392ee80330L,0xc52bdfaae875a886L,0x8ca39d9d07637e97L } },
-    /* 46 << 210 */
-    { { 0x95be10b8f3a1611dL,0x6db370f0d1f992c1L,0xb964029de8124b40L,
-        0x618b26aadfc90473L,0xac65c9916f6d5553L,0x10d5b0f0a0a6fde8L },
-      { 0x4bff23122d164911L,0x876db39d1f7293b1L,0xa2d3cd549de47789L,
-        0xd8ca4f6eabc9a28eL,0x0bb3145fca7b5467L,0x4dce66338b37bf62L } },
-    /* 47 << 210 */
-    { { 0xcdd8ec4dec1b8d36L,0xf76258d888003e0cL,0x35a114e7262723f9L,
-        0x12933142abb34bcaL,0xf55b84514c188a3bL,0xa0cfdb2c0ada78b6L },
-      { 0xaf0b62f6ed36781cL,0x0c619486ea7e1ca1L,0x11fae38689162fc3L,
-        0xe9bd7ae694828e92L,0x081c3acda84cedb9L,0xb34ceca8787a67e0L } },
-    /* 48 << 210 */
-    { { 0xd1b2af2f2bca651bL,0x2211e4f97404bc78L,0x787b1cc8fc5068f2L,
-        0x73d6da299fcbb3f5L,0x6867fb7707d2142fL,0x36f277ae116ad6bdL },
-      { 0x81c86073a7534943L,0x67188488c4033c7aL,0x13a8415ccc568123L,
-        0xbc01db07f3f475deL,0x90b8af2e3aaeee1aL,0x320c4880175fa55bL } },
-    /* 49 << 210 */
-    { { 0x263afd7d2fcafc9aL,0x9b0c30ebcc9405d6L,0x713fdd27d6720896L,
-        0xb07f8ec5f7df4a02L,0x05d62e5147ddd4e1L,0x6278227b8ae3b80aL },
-      { 0x2ef5c81b0d4ab658L,0xe6ad5925016a434bL,0x6c0e30a2b85d8037L,
-        0x254830037a9cd869L,0x78da543b2cc48c8aL,0x3a65b54e3edca4dbL } },
-    /* 50 << 210 */
-    { { 0xaf2a06c3d54b0072L,0x81621ebfaf0310c5L,0x6bd1fe41a8a7a9ecL,
-        0x942cf6ba03e74289L,0x2a25f0f59f9822e8L,0x16654b13062edd3eL },
-      { 0x2345a0b19de373cdL,0x425a59f80c0744acL,0xc6738fe96f0d620aL,
-        0xaa479ef8ed67c1a9L,0x52540af87765b194L,0x17a3bd3bf2b96455L } },
-    /* 51 << 210 */
-    { { 0x5b1a1f075f01e608L,0x3c696f4e87b821c5L,0x4358a5243129700fL,
-        0xfc9816a14be9d001L,0x905de48166744b96L,0x2ca5f8d8eeda3945L },
-      { 0xb30eeb1aad207f4eL,0xbd113b2dbc66e6f7L,0x1b6c5c6cebaef81dL,
-        0x6b3863998bfaf32bL,0x5f9f2a2432a83dffL,0xe8cc190e26ea39d1L } },
-    /* 52 << 210 */
-    { { 0x51e05f7d450535fbL,0xa5f5181effbe389fL,0xdf178fffaa2d5514L,
-        0x89358810e51da035L,0x206e324f664d399cL,0xc148ae74c4477d4eL },
-      { 0xe0c8d4377d6f38d5L,0x327aad6d8c8133e9L,0xa685a889d21cac4dL,
-        0x1217c68d0ceb5770L,0xa4a09612d21f1d50L,0xab64b4dd889676afL } },
-    /* 53 << 210 */
-    { { 0xf263062aee202007L,0x95e90bbda2359019L,0x57740eb39f34e691L,
-        0xa5f4fd0f355bef37L,0x484b97fb439f091dL,0x642776fe53ac871dL },
-      { 0x5c8f9b1e494e0eddL,0xbc62c971ae25a6d7L,0x01981994a7d90290L,
-        0x3cec43524602cdc1L,0x4bd29f5a14403ae2L,0xafaef08b921328d2L } },
-    /* 54 << 210 */
-    { { 0xd33e754a53ef149dL,0x82243def548034e6L,0x99c29a9b23ea2dcfL,
-        0x724e4b5d214848afL,0xe43d4438dcf85b9aL,0xaf7241ea9d7b20dfL },
-      { 0x60a10c30069edb1bL,0x1aaddd5e9874f484L,0xfc784ac073085538L,
-        0xc998afe54d69703aL,0xb71f6fd7bf52139fL,0x28f994c46a45b089L } },
-    /* 55 << 210 */
-    { { 0x85084ec2eebd9e0bL,0x73e489c6cb9f1929L,0x91e47fd7ebe10e55L,
-        0xeed6a3a1486a2704L,0xf63deae7e124d6e2L,0xca958204b48b3834L },
-      { 0xe69cb5bb13185b44L,0x56be0e05868d97d0L,0xc48cb1e50181e64dL,
-        0xfaa012ddfc7827cdL,0xf535b1c83488352fL,0xd1cce04e9fbf42d4L } },
-    /* 56 << 210 */
-    { { 0xa54436b6ba3403ffL,0x1fe4b1ecdcbc4822L,0xb3b351004c6846e2L,
-        0x360278048d1cac7cL,0x9eff87327e86d5d1L,0x7f435326ba21993aL },
-      { 0xb51a9da5adc24224L,0x111c19fcc8c14a71L,0x05aa2c86ab77e011L,
-        0x81edc338ce72744dL,0x20fa8f528d882bc3L,0xc61c3e639d1696f3L } },
-    /* 57 << 210 */
-    { { 0xa66674ca0f41637cL,0xa01d08ac418487daL,0x2ce4258b6b593194L,
-        0xd755220645024db4L,0xffb3366f626732ceL,0x802878f370ba2f1aL },
-      { 0x80a3f41659b77372L,0xfbb411631a04b19cL,0x7d575112a346d265L,
-        0x6c30421ffff87d4fL,0x1b62b93fdcb05f02L,0x98ba4397b72649e3L } },
-    /* 58 << 210 */
-    { { 0xcca45c1d135a7eb5L,0x2623e629b048126bL,0xada7326e926980f0L,
-        0x64f334c276bf796eL,0xf0751596b4a562a8L,0x0baa14486f9d0079L },
-      { 0x6c394aa32205ea70L,0x635b9d2d556172e9L,0xf418fe0cfd37b53bL,
-        0xcf5fe2ac56b9791cL,0x9d855e67911c68ddL,0x9e40f75f734b57d8L } },
-    /* 59 << 210 */
-    { { 0x32c42482b5b8f846L,0xdefec599b61cc3cfL,0x4c3460996506a9b5L,
-        0x0d9475a0263a6142L,0x1753cd92c80a6713L,0xc015412f420cf67eL },
-      { 0x1c33f01b6a88d12bL,0xa49f038ef522f7d0L,0x232343decd25f260L,
-        0x479bc742d6a833c3L,0x2f2ab294cee07b83L,0x02e69a143dec38b3L } },
-    /* 60 << 210 */
-    { { 0xbf7fea3aee1fee16L,0x31fb342ce0cde85bL,0x9a232ea51575924bL,
-        0xc3132e6cbcc4cf26L,0xbc5b7a7102499a58L,0x3064a3b904d99836L },
-      { 0x6f17475ff8b3bad1L,0xaeeb90c429271790L,0x7f442a13f8eca53dL,
-        0x6d641eea08882274L,0x8dff43bf88ffaebaL,0xaa92827f5840b198L } },
-    /* 61 << 210 */
-    { { 0xf5ce3fca26d803acL,0x6927ddd9d4e1b6b5L,0xb509b5c609f48bc0L,
-        0x2bc5d1749e35975aL,0xfba3024af570c98bL,0xeba15980aa27d6b0L },
-      { 0x95abc07290abd2daL,0xd0e30e99232035cfL,0x3dc4e1bcd3f0ecb1L,
-        0xa5a8c6e556de9d17L,0x878c7403ab73bd18L,0x5cce39260c474b0aL } },
-    /* 62 << 210 */
-    { { 0x86a3f001e93b6ee6L,0xa28984474fb3203aL,0xbca0d71e9b3550adL,
-        0xc225759d0396d796L,0x208b9a02cbd949d8L,0x15b21ec9a550d2ddL },
-      { 0x64aaed6a2a7dcffaL,0xb8cc7575ed5b6b47L,0x2b4a3aff022dbce3L,
-        0xe85d690b86f51861L,0xe26a6c3d578f4d5fL,0x706d770a70e7ae76L } },
-    /* 63 << 210 */
-    { { 0x822467eb579c91a6L,0xe98a471531599272L,0x7baf0e9f1078d497L,
-        0xd13f270e25fe439cL,0xae9d58adc0d95395L,0xc3beb60827693037L },
-      { 0x4d9c4cf397f797e5L,0x4e26167db26d2e9dL,0x06092d5e86a167efL,
-        0x9827a21128dceb29L,0x30423344552a55ccL,0xae07b37f3fa437afL } },
-    /* 64 << 210 */
-    { { 0x9b23ab4e94d0864fL,0x46356266009c9fc1L,0xdbe99e51e798edf9L,
-        0x38547449307675c7L,0x23ffaf55628c0fb6L,0x56ccd2a31698c372L },
-      { 0x39f45a578347ce95L,0xe0aaec744f2c6118L,0x2a89079e4af138fcL,
-        0xb86371ea2ee4ecc0L,0x076d256a06bbf92fL,0x9073adb8ae3c4c51L } },
-    /* 0 << 217 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 217 */
-    { { 0xba2e9543743c15d9L,0x7d5812db1c99c984L,0xf94db95145bdc19eL,
-        0x951d00ae382e77bdL,0x9940a5fbb220b29aL,0x6908d50e58fc91f1L },
-      { 0x682e42eadd0940feL,0x2124e23aa1d32009L,0xbe15810016294d05L,
-        0xaea13fe32e326d68L,0xc0dfe1ef15e64fceL,0x32dbc0b5b8237a8aL } },
-    /* 2 << 217 */
-    { { 0x6ee65a08c36d3f25L,0x7b6c811fe393e4d4L,0xc4a2cc382876e523L,
-        0xab7aba26d3bf53aaL,0x5bf00871db7f290cL,0x3cb1cd131ee6d5bdL },
-      { 0x4cafb218de998adaL,0xa1ecf36af6319101L,0xa1fe785520b281ccL,
-        0xe457198e64d9c65eL,0xa3d1a6d0c5a0e67bL,0x69ddbc3290cc468aL } },
-    /* 3 << 217 */
-    { { 0xd4ee3f7f6dadc46fL,0xa1f3dc925d7febd6L,0x4c0bee1363ebab5bL,
-        0x70e32d77005ec237L,0x302fc73dc52fb006L,0x1af84c0a8f159899L },
-      { 0x42a5478f0686232aL,0xb4fc56348a308687L,0x042c4970c8378f0dL,
-        0x70c195758e2c86c5L,0x61a95e6884c7c767L,0xd96a8216d6fb43a8L } },
-    /* 4 << 217 */
-    { { 0x0c62fd2d543c1255L,0x71ea9c6fef361a27L,0x76b0933dcef3f9e3L,
-        0x51b1ec2d9889ffa2L,0x9e84b2ba9a3c88d2L,0xc8996b961913e52fL },
-      { 0xbafc5e94cee43e36L,0xd9898d2470c658b7L,0x4e9bcc41bed17108L,
-        0x0db5b7336c7a41c8L,0xd4be07a7795369cdL,0xb899f92f7bd3a934L } },
-    /* 5 << 217 */
-    { { 0x1fffcbc010e15fafL,0x8447bdb8910245acL,0x857d521e86476901L,
-        0xcd1d5f87369ccfe9L,0x560b3277b3f1dbf1L,0x4ac02a1a47ea4266L },
-      { 0x29ac98b6a8a929eeL,0x020ec6db5e5e70c0L,0xb0be38ba21291be6L,
-        0xcbe9d362bdba40deL,0xc585450571535a89L,0xc21839de3d7a3235L } },
-    /* 6 << 217 */
-    { { 0x831541b39805497aL,0x2ceb5ac879c414cbL,0x86601fa616d2eb82L,
-        0x373d19079338ce8eL,0x98151a90c1f5c87aL,0x966ebde6048a538cL },
-      { 0x5c4a8c5ae180ff7cL,0x6d9065dff996d994L,0x4e0dd86e2460ab91L,
-        0xfbe8b3ff309a8f5eL,0x33d7cb35856f7218L,0x62b2200a1ac59f2aL } },
-    /* 7 << 217 */
-    { { 0xb36ad750a460e53fL,0x727006d60df0f7b0L,0x6ca3ac348ee96a11L,
-        0xb04f6ae930e75d1bL,0x9957738a3a24e9eeL,0xc0117a7d16521e18L },
-      { 0x79fcea8872ad7e27L,0xcbe2c2d37281e3b5L,0x31915f1cc391fc60L,
-        0x1c1c0082a13a92e1L,0x362663cc7ddca7acL,0x8021aad689689d35L } },
-    /* 8 << 217 */
-    { { 0x3f2eff53de1e4e55L,0x6b749943e4d3ecc4L,0xaf10b18a0dde190dL,
-        0xf491b98da26b0409L,0x66080782a2b1d944L,0x59277dc697e8c541L },
-      { 0xfdbfc5f6006f18aaL,0x435d165bfadd8be1L,0x8e5d263857645ef4L,
-        0x31bcfda6a0258363L,0xf5330ab8d35d2503L,0xb71369f0c7cab285L } },
-    /* 9 << 217 */
-    { { 0xc19db6f05890e1cbL,0xc21587edfcac8d05L,0xa9e88798d86730edL,
-        0xee3e6ee2c27441cfL,0xadb2c63ea23af57fL,0xb524b7da29ff5977L },
-      { 0xab1ed847d3e4739dL,0x6592a0131cbfb581L,0x1f519c6ea1798195L,
-        0xfe837a814c324a4dL,0x74fec4a85c813abcL,0x7b3b5351dce539b0L } },
-    /* 10 << 217 */
-    { { 0xb886a0c50c99e321L,0x4063d19576e924e9L,0xc03cca041a659dcbL,
-        0x1e01abbc1bd3dab0L,0x9d7cf04fe9141cd8L,0x5f87dfa73ef58d85L },
-      { 0xa579e76388d764b8L,0x381dec6a74b9e5b3L,0x354221f99a4c9a67L,
-        0x8c2556d33f529346L,0xced3642bb4349eb7L,0x1527cec7fef5c92cL } },
-    /* 11 << 217 */
-    { { 0xf2e42ef7785ecd51L,0xca3438cf33d9c0d2L,0xeef9ec08c1c097f3L,
-        0x9e438fa746682aa7L,0x53d0144531a7eefbL,0x04431241e6998a0bL },
-      { 0x2c1bb2bd55bc7febL,0xed99e7afb44d4943L,0x7f37bc4a3c77d21eL,
-        0x866c0978398e3997L,0xed7462305bde12b8L,0x24796f7c7194fd1fL } },
-    /* 12 << 217 */
-    { { 0x7e4450cd5e83d570L,0x0113cab242b394e7L,0xdf4062a08ee24413L,
-        0xf8a0fd4931227510L,0x06b798f4b80f0d23L,0x33f17673b72bffa8L },
-      { 0x4638602b5de9f490L,0xbe3a65834d905654L,0x446e0afaf406772cL,
-        0xef68dfd7b4ec908aL,0xa6be004966ab5ebfL,0x56049360ff376531L } },
-    /* 13 << 217 */
-    { { 0xb47202b760b6ce82L,0x8129c1befe05e9faL,0xcb70cbdde861de07L,
-        0xcf35fbc5af16b6d9L,0x60071beec9916116L,0x3aaa496ed057e63cL },
-      { 0x1cb0bb12c356f065L,0x12dccccef4de0d26L,0xe3f59cf67ccc0d48L,
-        0xd66f10b3d9569e26L,0x95f4d7e79d1853ccL,0x10313dfdbf651d5aL } },
-    /* 14 << 217 */
-    { { 0x779b55062a3d9774L,0x3785db08e0554291L,0x9b3a4eb8546c69dcL,
-        0xfe36824dd22d8fc8L,0x037d9ac9471132a1L,0xc895e332a01e1c28L },
-      { 0xe535ede71b5e2845L,0xdc90cd7c568743deL,0x3292b40b4691d367L,
-        0x911fad21b4f16a4bL,0xb3c5f0eb455d018dL,0x2eb2def669033748L } },
-    /* 15 << 217 */
-    { { 0xfd1297a4307aa8fbL,0x021f242177952146L,0x17cc2d6f0ba72feeL,
-        0xa265095d01a3a733L,0x2e12c2e7a07d5f8bL,0x27bb60341202224cL },
-      { 0xb58b3fab8185dc12L,0x83467b977700f166L,0x98242e227ff9e1ccL,
-        0x96b2a4d9f4b28f1dL,0x64113c3865ed82eaL,0x7dc9ab732ee160e8L } },
-    /* 16 << 217 */
-    { { 0xf16938f514c5969bL,0xde2e3cf0944b2271L,0x2d5095530b6490d6L,
-        0x8432fef1a28a296aL,0x6f254dd08d26415cL,0x3780eeadd50c2865L },
-      { 0x4f5bc455665b8794L,0xef31fb9e56cb7018L,0xbab8dd6e65e59340L,
-        0x676baca2a56dc2eaL,0x38eea06beaa90e05L,0x26e64224174bada0L } },
-    /* 17 << 217 */
-    { { 0x309e9fbe109cdb79L,0xc2ed3566977d0e4eL,0x2891f30be6b944aeL,
-        0x514bd4cf5022e070L,0xae9a22a98726a661L,0x1114a0c8c1916b06L },
-      { 0xe1b4f8339795adecL,0xcc0f3824ed4dbf8cL,0x432c93c878096a66L,
-        0xb9450e9da7d2ad83L,0x294b0c192c1e35ebL,0x791427038be5a953L } },
-    /* 18 << 217 */
-    { { 0x4d215132881faf35L,0x52171a5ceec736a8L,0x4788813e1ba561d5L,
-        0x9ca022a7d35e399cL,0xbfcaab926c4b8d7eL,0xde62b2c007c7ec40L },
-      { 0x7b46c2d96bb54e10L,0x2ce02e5a7d31e85aL,0xb757b699cd776c12L,
-        0x08f122552c81b71bL,0xaca91e058aa6b02aL,0x35cf7bd37209279dL } },
-    /* 19 << 217 */
-    { { 0x24b5bc7086a04b9aL,0xd4d4c640612e0fbcL,0xb19ea7fcf732589aL,
-        0xa18b6f4081fc63cbL,0xddd7211d84d88fe2L,0x7e8db6f72963130cL },
-      { 0x8772908c500c491fL,0xa3bf747783fd8a41L,0xca54d0d34e3e9fe9L,
-        0x9969471866b030d5L,0xc2f5fb98b1fd6736L,0x58d5a851d103fa45L } },
-    /* 20 << 217 */
-    { { 0xe4c16fcda97a5decL,0xcc4333092f1dd4b8L,0x8cac9da985d334dcL,
-        0xb4deff204cda5a0cL,0x59eea4c9be70b1b9L,0x161e73a2ec5b7b58L },
-      { 0x584c5e098b7fb4a6L,0x697fb795a3f7dd08L,0xc9e15f754bd4ba2cL,
-        0x66d04f47c83df783L,0x0c03c2452efedf63L,0xa76a08c94a87dbb4L } },
-    /* 21 << 217 */
-    { { 0xde4e18c2da669a50L,0x0629350a480fb520L,0x84b3e68b7cac0748L,
-        0xab718a12da3e1e9eL,0x3f5c5489cc26aed3L,0x81c6b6d42a57ab3bL },
-      { 0xc4ded8ce15d23825L,0x2d753e6a20c6eb43L,0xbaa120ec555f3a83L,
-        0xc72f9d3877e93abaL,0x4ce297d0373317cfL,0xf42b3e954845bc1fL } },
-    /* 22 << 217 */
-    { { 0xbf162c19d7480e46L,0xa7f45ea76403bf0fL,0x250e936c6c51cef8L,
-        0x97ba086f1cd24b64L,0x271a22364cfb2889L,0x2685c98804dc4b48L },
-      { 0x843bb75ac877f6a1L,0xe10cd5c799d5c7bcL,0xbe65eea1db60606aL,
-        0x9019a9a7a10d0d74L,0x5614c0b987c62e5eL,0xaab2308d38240d05L } },
-    /* 23 << 217 */
-    { { 0xc908c6929a772e03L,0x73441df703928ce9L,0x36141b5bcf111c12L,
-        0xf6b9e2f16c7c3e5dL,0x1f245a77722c5b57L,0x07e3f364635f65e0L },
-      { 0x1aab7abf272597d8L,0x03954428d4fe8e71L,0x7dd58036ecae1b5cL,
-        0x9b97c2f28c85b0f0L,0x68ed3dc6ace011e9L,0x8e4ab5ca1744a774L } },
-    /* 24 << 217 */
-    { { 0xe6a19dcc40acc5a8L,0x1c3a1ff1dbc6dbf8L,0xb4d89b9fc6455613L,
-        0x6cb0fe44a7390d0eL,0xade197a459ea135aL,0xda6aa86520680982L },
-      { 0x03db9be95a442c1bL,0x221a2d732bfb93f2L,0x44dee8d4753c196cL,
-        0x59adcc700b7c6ff5L,0xc6260ec24ca1b142L,0x4c3cb5c646cbd4f2L } },
-    /* 25 << 217 */
-    { { 0x37daf7fd5a96d915L,0x1bba82e6d16a1332L,0x7558b642ce1135d0L,
-        0xc9fcd6ce3abc5915L,0xc3762a20b93ad4d3L,0xef0cdb45e4e74f82L },
-      { 0x809b91dcd26fbab6L,0x1264f72ea9b53697L,0x264699ffd7c827f1L,
-        0x16d4f094d8c4976fL,0x244c90cd997df2caL,0x58eb3b1c76f77b3cL } },
-    /* 26 << 217 */
-    { { 0xb99e2dde1ed04268L,0x94247d202497b83fL,0x0c6c21d1fb833507L,
-        0xa01e682fafab9c39L,0x4938108f4d84c3d5L,0x70b68c75347652d1L },
-      { 0x458e814740e17747L,0xca752a14c3f8bb03L,0xaa537b4d8598d044L,
-        0xeec3febb7ff102e0L,0x10ef3cad247fe4baL,0xe4de5b1b5673ac39L } },
-    /* 27 << 217 */
-    { { 0xbca2931378d0bb1aL,0xfcc237068e5c3fe4L,0x0f9d6b11dd0d67a3L,
-        0x9aec22faae14bbd8L,0x75f8d86e5bda7184L,0x6bcad95759aeb4c1L },
-      { 0xbb1224a5990a9309L,0x00edc04ef7193f45L,0x870c1647c17cbff7L,
-        0x9855513c65031caeL,0xe5a2e2ded852b607L,0x540a4141e5671e25L } },
-    /* 28 << 217 */
-    { { 0xfb0e2f2e4d5efff4L,0xbf3b96e73a143fd6L,0xa18a037f18579946L,
-        0xae02fd4ce48c8a51L,0x1cb139288745c177L,0x4991594a28c47832L },
-      { 0xdce3b1d2fd51c1a2L,0x4e707213314cb09dL,0x5312de95ee323449L,
-        0x4925c4e789389866L,0x2438fd9e28ca17acL,0x58fd2aad872dc0acL } },
-    /* 29 << 217 */
-    { { 0x75bcf0ef54ddedaeL,0x3cc75fc6f9077493L,0xc91b78df60f6b874L,
-        0x7687a1d0622634c1L,0x57fdef4f82cabf32L,0x544819218e2671e5L },
-      { 0x526cbb27a3c37afbL,0xe0db88340d1aec76L,0xa034badb73cdef1cL,
-        0x165cdfad6281f26bL,0x5c90d4d1ce24a71aL,0xc404af1125f297a7L } },
-    /* 30 << 217 */
-    { { 0x6b21a0ea2fd5df44L,0x2da8dc6cb36e5b1dL,0xa683e08ac3688655L,
-        0xfc5fbad3454bf878L,0x9d2fb9f12f73b749L,0x4612cf42f920b37dL },
-      { 0x23da6b697035794dL,0x2763828adff7c198L,0xd320660522dd7eedL,
-        0x6829994cd1316e68L,0xd732bc8f62831ed9L,0x69c6972c9303d789L } },
-    /* 31 << 217 */
-    { { 0xf5901854b0dcc28aL,0x81c92c1fcd18e579L,0x91a412ebc4b8e1cdL,
-        0x35f00725891d6ab8L,0x10d6bad8ad7aa63dL,0x8cda809d09df2b47L },
-      { 0xe856cfbfa489c233L,0x7ea921addf1ecf5aL,0x884cc717fd724c37L,
-        0xe278f2457377136bL,0x240b142d9f3dc9ecL,0x80a384961139a645L } },
-    /* 32 << 217 */
-    { { 0xa35e411c2cb40964L,0xdd7d4f4cc331a3d6L,0x7c7c859e89a66f2bL,
-        0x9908c37e0def8ecdL,0x8274124e344947b7L,0x0d279f7b568b0ce8L },
-      { 0xe5291961866091ecL,0xb056e3bf3a08acc7L,0x60fb39e156bd3a7dL,
-        0xe56a34d6268f8562L,0xb3a1fe1613fd8293L,0x6a41e1a967537fcbL } },
-    /* 33 << 217 */
-    { { 0x95c2bbfe021fc932L,0xc7e3399db2af7e0cL,0x1224bf06122670f7L,
-        0xc9e4513ffcc1fe85L,0x8c82371ddb50fa7eL,0x017c5498bb76e4b5L },
-      { 0x5467926c7fa89f61L,0xa4a65606f3a1204cL,0x22133acfa64b2e59L,
-        0xab7896bce1247662L,0x75d35fb661780c9eL,0x99199644a91b33faL } },
-    /* 34 << 217 */
-    { { 0xf799c4638471104eL,0x43c122dd8b91c351L,0x9db6498616dc06f7L,
-        0xf7e534410ebcf250L,0xa702c0f18373f9bbL,0x6ed8d39a1024e14eL },
-      { 0x92913e436cabd9c4L,0xba906ef40dde6283L,0x06835e914a3972d8L,
-        0xfbba3c7dfd99c4feL,0xf843e6f1b950909aL,0x7ec9866df5160b4eL } },
-    /* 35 << 217 */
-    { { 0x68f75bab06722bd4L,0xdeca718813066eeeL,0x4d658fa11152b8c6L,
-        0xfae01e657257c9e2L,0x999445f923e4189cL,0x2cbe272cef6f0b1aL },
-      { 0x5f60d9d735fff303L,0x4ca7a54696235360L,0xf506201598758f1fL,
-        0xba81e7ad1dbaecbfL,0xd326e063c687425dL,0x8c46fa4b193484c5L } },
-    /* 36 << 217 */
-    { { 0xa97149cf3c1f5f12L,0x17b04a3d143d72b6L,0x174195ff17449a22L,
-        0x851803960b136adfL,0x8d87d21f9a7adb22L,0xf9c9fc85a8f46d49L },
-      { 0x7839f453a7ed1b7dL,0xe19d80ace9067ba5L,0xc387a6a0e41b8d6eL,
-        0xd11611e1241d287aL,0x2561ed02636240beL,0x3bd8c57df0fba033L } },
-    /* 37 << 217 */
-    { { 0x7b5caacd3ea8ec1cL,0x221770e944624802L,0xafb1a4df5a32468aL,
-        0xdec20eb62e295525L,0xe1cd4fb9e309c92dL,0x0331b9c0e7256005L },
-      { 0x987d4c55246f2fddL,0xa392d27367f70f8fL,0xccba11994e214e5fL,
-        0x789f0e4c9943562cL,0xf502ec237235c86bL,0x67403523987746d6L } },
-    /* 38 << 217 */
-    { { 0xdd02ced216c97e7cL,0x578d6912dc3347baL,0x760260da2134e993L,
-        0xf96643dff34fb26aL,0xec214b767ea3285dL,0x19b135d4117733d1L },
-      { 0x29a0e0636b037168L,0xb5df2bb95d1285eaL,0x5a2d3297796f0cc4L,
-        0xfcee639f2090e0b9L,0xba11e8a4d93c091dL,0x5b6fc501492250e5L } },
-    /* 39 << 217 */
-    { { 0x6019d207263929d8L,0x9821d6e81f164aa2L,0x8f1b33f8d4924236L,
-        0x389e482fb72de1b1L,0x398785a862554c10L,0xed31cf8408469265L },
-      { 0xf9b99e158a09f334L,0x9ddfd4eba83df391L,0x28a5cdf4caa4f7d5L,
-        0x32b9e3c68f68fd49L,0xbce64b93b6f52209L,0x72649c6fea7c4bdfL } },
-    /* 40 << 217 */
-    { { 0x8a15d6fea417111fL,0xfe4a16bd71d93fccL,0x7a7ee38c55bbe732L,
-        0xeff146a51ff94a9dL,0xe572d13edd585ab5L,0xd879790e06491a5dL },
-      { 0x9c84e1c52a58cb2eL,0xd79d13746c938630L,0xdb12cd9b385f06c7L,
-        0x0c93eb977a7759c3L,0xf1f5b0fe683bd706L,0x541e4f7285ec3d50L } },
-    /* 41 << 217 */
-    { { 0x73bc200cfdd5504eL,0x73322fbf3825b0c3L,0xbf8bf1edd35c24d2L,
-        0x54eba9f52e2bc29eL,0x80ffb5fff3aa841bL,0xbc676f62cc188be9L },
-      { 0x2e2f79290383f0dcL,0x886c647e0d42059bL,0x673f0ea113eb7019L,
-        0x630da63f3f9cd771L,0x2597592b3a0a42b2L,0xfd21fb21b83b8673L } },
-    /* 42 << 217 */
-    { { 0xd39ebb9fd2b34df5L,0x622bd0c3db873666L,0x546cc7f77b52738fL,
-        0x0323cdd1c156c52eL,0x78b00818b5950f19L,0x8065a86a562bec17L },
-      { 0x0b42eb1427ca5a49L,0x1791eaf1a457ac04L,0x3a2c93a6b2631402L,
-        0x28b9cd6fcacec5dcL,0x6a0a8826d4535a3dL,0xeb08a884a83fcdcbL } },
-    /* 43 << 217 */
-    { { 0x16bae8925a940b6dL,0xfec394c1789562f0L,0x54349605ea412ea1L,
-        0xccd57783cd18e2cbL,0x394bea1a1c813e61L,0xf11c566ff249dd67L },
-      { 0x2cd679c112207f37L,0x7780918e83d16012L,0xe8bdbef4646c9987L,
-        0x6e1882e5082dbbffL,0x811dd74777abe4acL,0x5bbbb740668380adL } },
-    /* 44 << 217 */
-    { { 0x0969263a7321c39dL,0xbd13b28bab7aefcaL,0x10e431f205377165L,
-        0xbbb2a7d009442c57L,0xf935bc2d9cd156b7L,0x66c3d55e42406686L },
-      { 0x4c529b76d20bdc50L,0x112e0f004d1c9f24L,0x414f1c65ed38dbc3L,
-        0x63ade49c4eea65caL,0xbefd8af5fab697e8L,0x727bd3b45cc3b209L } },
-    /* 45 << 217 */
-    { { 0xb89d450a957925f4L,0xcb39b69c6e1e60f3L,0x55396e61ae3fffa3L,
-        0xe89d97962986fdceL,0x5521d6b787fcd037L,0x6c20b2b0ec718024L },
-      { 0xb1e0964bad6529c9L,0xe1bdaba3bc38493bL,0x6a9cf9d6f19b4690L,
-        0xa2d035f7054466dcL,0x37df7fc07fa65c9fL,0x045b0b36106ef822L } },
-    /* 46 << 217 */
-    { { 0xe4fc833eda5c9577L,0x22afb5addfbbca7cL,0x215de02eb902e8d9L,
-        0x215e4c900f1a6cb5L,0xf6d7e4a9d59e146cL,0xcd0c6c6e4912eb8cL },
-      { 0xe0616976eae22897L,0xe2279d9f5d809d19L,0x2da1b7b3e282b2e5L,
-        0x19327068ebf058b7L,0x9b23df0f5934492eL,0xabeb464fb1752d68L } },
-    /* 47 << 217 */
-    { { 0x6e754efc00d03f9bL,0x64aed0bd38b94393L,0x9d084ba16df2f6dfL,
-        0xfe383a56c6abe8f3L,0xd23c6ca2bc7bac13L,0xde8ef161e326b691L },
-      { 0xbb4e853342f96925L,0x1391974f6601dc73L,0x3a545ffb700480cdL,
-        0x4d379c538884e214L,0x0fe40f66f713e900L,0xc7f202cbfff783ffL } },
-    /* 48 << 217 */
-    { { 0x89e48d8bc6bb5e5fL,0x0880ede01ea95a10L,0x60f033d7302c0daaL,
-        0x15e4578a048eefe3L,0xfd6dec89b0a72244L,0x1f7cd75e309489cdL },
-      { 0x7cdcc2a0e9aba7fdL,0xd18dc5c7f28ba00fL,0xa6300a455812b55fL,
-        0x8fa5c4152ca31d8cL,0x36aa3c234f3a5b5aL,0xd128739ec86cf4e0L } },
-    /* 49 << 217 */
-    { { 0x7ac4712f660598aaL,0xe3f00c28aaba6261L,0xb71ac42e1a9b639bL,
-        0x19674c28f69958d0L,0x3983abfec4e5c60fL,0x67f4583a5de58f9fL },
-      { 0x83e0bbbaf7278c06L,0xd1883aaa19c5f96bL,0x8ec0f2848b3128afL,
-        0xc88e07f49166e04cL,0xa515a9e44e3995c9L,0x0680a306b757ec2bL } },
-    /* 50 << 217 */
-    { { 0x5673b61e6d6f3aedL,0xcd1275e29524fd2dL,0xa8844f08cde12134L,
-        0xeca3eb27b8366e0cL,0x5ce49d498bbe04b4L,0x0b7ab7a02882b056L },
-      { 0x12fddcb840fee142L,0x99b7920b2895df5fL,0x35dd8d5a5829bb19L,
-        0x271c6a4c46ee8dfbL,0xae09ba7536b594e4L,0x45502d0e1ae12c22L } },
-    /* 51 << 217 */
-    { { 0xa9e1b19ad95e0110L,0x6a419f8b2383280dL,0x6c35e8e16eb602a6L,
-        0x966e0f44d71beeeeL,0xfc5cbdc0c8915585L,0xdce1c36583133b89L },
-      { 0x3fbdd24289e6a35cL,0x8cd24d1760ff9dc3L,0xb9708c2729dd493fL,
-        0xabbf39803cf807caL,0x62689ffe5410c80aL,0xf133928be8b31d13L } },
-    /* 52 << 217 */
-    { { 0x3645a1910d4bfc83L,0xa564ac85f2114b63L,0xf0647034cc6d9314L,
-        0xb58e96d331d80285L,0x8b8222d9e269c964L,0xdee12adcd204b214L },
-      { 0x82d2bfbae1d0a6e6L,0x4fd69d2e9da964eaL,0x1605d9e3200b3ac0L,
-        0x5ab2886266d133eeL,0x938411c9f72f5353L,0x9fcdcb3a7d40dee7L } },
-    /* 53 << 217 */
-    { { 0xd65c1d6c501eb835L,0x37374dd14a0e5861L,0xa13f1070505f1fdeL,
-        0xedd76943d1351805L,0x0f9501953673091dL,0x0dec24e308aa62f2L },
-      { 0xec4962e7f50efefeL,0x0acccbdc9d227293L,0xc6c95d29d84fd828L,
-        0xa4b214c540578ca4L,0x06963d3ba4d41991L,0xeb8c14c2fde0034cL } },
-    /* 54 << 217 */
-    { { 0x3d46a2317460e00fL,0xedce1c7dacce513cL,0x3d7b6f388cfdce74L,
-        0x870082baacfa61deL,0xa86efef862ff847dL,0xc146218368c11d11L },
-      { 0xb296eede9d21be2aL,0x9dc54e9e761451cfL,0xed1bb1fd53107f7bL,
-        0x41f9efdb676bfbe4L,0xcdf43b904feb9a1eL,0xe81fcb6409d98782L } },
-    /* 55 << 217 */
-    { { 0x00639fa8642789c3L,0xf8e893a03c101e43L,0xc55439302730e33bL,
-        0xe2967d30460970e2L,0xb33f1976ceacc128L,0x9bb0f896235e8c4cL },
-      { 0x523f7bbb2fbbbc97L,0x127728a5dab215c1L,0x95dd23ca7ed6ab74L,
-        0x69f1219feacf4ba8L,0x5ed12355e875dd6fL,0x7aa732dc95565bdeL } },
-    /* 56 << 217 */
-    { { 0x9a0e153581833608L,0x5cce871e6e2833acL,0xc17059eafb29777cL,
-        0x7e40e5fae354cafdL,0x9cf594054d07c371L,0x64ce36b2a71c3945L },
-      { 0x69309e9656caf487L,0x3d719e9f1ae3454bL,0xf2164070e25823b6L,
-        0xead851bd0bc27359L,0x3d21bfe8b0925094L,0xa783b1e934a97f4eL } },
-    /* 57 << 217 */
-    { { 0x0a700190a5e41f7bL,0x2173e68dae9045b6L,0x28e9ac53f1669974L,
-        0xcb00ff99d4b9fd98L,0x09c7b907ebe90d1bL,0xbf401f20385744c1L },
-      { 0x0bb7ea7ae1292c18L,0x82aa43120b58f171L,0x5aa97bb2e3102d77L,
-        0x1a71e7c570178b35L,0x9bbb9ade6ab76f59L,0x32da60c9dea7bcacL } },
-    /* 58 << 217 */
-    { { 0x3c3f113ab3726680L,0x27be1c406f5b5ab2L,0x5f51f684f6864a39L,
-        0xfaf84229a60c4f39L,0xa788612d01df18c9L,0x65c9fd14951d5ea3L },
-      { 0x4b2153cdaeeaf44fL,0x6b9e977ba567781fL,0x4dbca3609dbf3e39L,
-        0x1ad43ad4fc65d7ddL,0x70a7a5e13d8dcf0cL,0xc11b1f4688b91e4dL } },
-    /* 59 << 217 */
-    { { 0x1ef5695b0868ad28L,0x09c9c06c2e3a9176L,0x2f2c19672c358e86L,
-        0x4ff1af54da22d7e7L,0x5ea6716840fa2270L,0xd164b6874d31a3e9L },
-      { 0xec036bb4345103d9L,0x6c6a130f26e17156L,0x2c491063d872b0d6L,
-        0xa66be18c4123d04cL,0x8593de34a33fa919L,0x620d2970f025b880L } },
-    /* 60 << 217 */
-    { { 0xc194cc1664baf040L,0x8038f31fcc01f35cL,0xfcc82fa0ed2079c7L,
-        0x1eb7571190d39b9cL,0xf1a89043c108e069L,0x10633334c020880fL },
-      { 0x492a494086e262f8L,0xaa0208173383f1a7L,0xfbb4e5ba6d99cc07L,
-        0xd6ccdc5cbde40478L,0x9e0b9d5867ee92c7L,0x5204bab7653eb14bL } },
-    /* 61 << 217 */
-    { { 0x721f44f0ef90c9bcL,0x6ebbecd8d55e653bL,0x9af325df6ccc5d5dL,
-        0x265f0f6d827bd1aaL,0xb82453213487ea4bL,0x1642be42af6ba8d0L },
-      { 0xb8c4168d4140e5f8L,0xdf5e32c13545d107L,0xf1301b9c2db68318L,
-        0xb22e20472bf3c067L,0xf40af49ee56ba514L,0xf4090e795575f363L } },
-    /* 62 << 217 */
-    { { 0x980de58b1746f6bdL,0xa9e1f0089eb9511cL,0x8f53c6fd1bbdba34L,
-        0xe6a867a6a1a41706L,0xd4cc48a5d2e48256L,0xd580559e05cb19d6L },
-      { 0xc8983311e6466ae0L,0xeab62080174df01dL,0x710ebd184a0441d1L,
-        0x0af69d9a9f653d0eL,0xef3a2510d789c932L,0xb5959cb992fbd39aL } },
-    /* 63 << 217 */
-    { { 0xdbbdd5fdccb1cc9bL,0x660110b98a26d874L,0xfa80d8b60fb9ff2cL,
-        0xfeb5cd6b95040da7L,0xb526ae0c7366cf25L,0xf49d85fce3566146L },
-      { 0x3b4107e699f505e5L,0x3c2d618f4302bbaeL,0xdaa09d150b199866L,
-        0x3b65cb88c395abf5L,0xd2af1dedbd5ac4eaL,0x0586f5a5276533d1L } },
-    /* 64 << 217 */
-    { { 0xd927283013575004L,0x01a330d620b2275eL,0x58b9207f450db713L,
-        0xae95338423e16d95L,0x4f10c6d4e60e349cL,0x541d03ecfeb122bcL },
-      { 0x22548cd22c648211L,0x5c2dc84cd01354f5L,0xa1c6f912b6167b3cL,
-        0x6967bab27902d2baL,0xebbe0b0836de34baL,0x6985b33a4b79625eL } },
-    /* 0 << 224 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 224 */
-    { { 0x9e857f33771560abL,0x4ae1ba22250f109dL,0xf8538d68ff4f6566L,
-        0x35380f15ac339148L,0xfef0bfdd5ddfc12fL,0xf706c6bf1387d93eL },
-      { 0x618ce77d5357e131L,0xf0921744236478c4L,0x24eaf06e00dc0da5L,
-        0x049113be07603cc7L,0x5cf489088f6963c7L,0xbe5eb9e6ede4a300L } },
-    /* 2 << 224 */
-    { { 0x77e486f85d066c15L,0x0c05b6c24ed5307dL,0x322b28ab7df36628L,
-        0x2d14d1316704dcd6L,0xd359977af29a3567L,0xc29bb132ec96d3b6L },
-      { 0xfd6e400ae6bfa701L,0x03db99244c7e5101L,0x62d81c7d9b8533afL,
-        0xefa638c28de66eb8L,0x7405a9d7e86784eeL,0xafaa74efa6c22223L } },
-    /* 3 << 224 */
-    { { 0x6909994f0572e536L,0x9d22f9157fed8954L,0x1505ca05884aaca9L,
-        0xe4b6530996995a98L,0x30e00a5ed02c000eL,0xb9032350236e7b09L },
-      { 0xe696f09e14f6c7bfL,0x2126b6277dc18d06L,0xa9ada7b401e1e2a4L,
-        0x9630acb69d2d025aL,0x9fab2c6ed84ffeb1L,0xc1d0db26ab7584f6L } },
-    /* 4 << 224 */
-    { { 0xf9b2dba4b9d36e91L,0x5fb4f6cefda9b2c4L,0x7692a4f33b8104eeL,
-        0x5da885b0e4e1896eL,0xc2a30fec73d2aa36L,0x7d06e6af86f60bcaL },
-      { 0xbc8bf16d87287887L,0x6c3dd86a3d701becL,0x8e79e2f37e35610aL,
-        0x981139f482f9d71cL,0xf8997ec424e62733L,0x330d989aa3518061L } },
-    /* 5 << 224 */
-    { { 0x6cf0e6ef9b7e3cc9L,0xb465be6b0320acbdL,0x02777783856111dcL,
-        0x3a1d36f0c0e9f2b0L,0xfcf4f6365e7fe507L,0x36bf41827fa7c8f1L },
-      { 0x09a02de8b0f4ce56L,0xa0bbf65ca9cdb353L,0x7211a9654b7f4e35L,
-        0xa6b2ba79805b58bdL,0x418302c20957860cL,0x3c17ec02f99f9d58L } },
-    /* 6 << 224 */
-    { { 0x4e6ef410ca89fbadL,0xe0fc53ba53933b78L,0xa4f03403fd41d143L,
-        0x3a507177e0774c37L,0x078e8c568ec7484aL,0xfb73c6b6fbb3f66bL },
-      { 0x169c94753bfbdff6L,0x44d286060a232243L,0x3e8e968508303114L,
-        0x7a9797b8fad0def2L,0x0ad14404efc1c8daL,0x6daae4e921ced721L } },
-    /* 7 << 224 */
-    { { 0xfde0d1b4cbfd18abL,0xa3c9917595850f83L,0x16d3ad79c9eb9de3L,
-        0x2707ec8b0ffbcdacL,0xd7e6750fa220287cL,0xe51baf059c2e155aL },
-      { 0x3018c309871e10faL,0x074f08e3f23221c2L,0x1aa323aecf15a4afL,
-        0xf085d69cc1b8cca0L,0x47a3eaccb143a969L,0x56a04522f3a98430L } },
-    /* 8 << 224 */
-    { { 0xc7e9ddef88dd2dc2L,0x2c21a99819a0c0b5L,0x6bc0746db239bb82L,
-        0xc811a8eb28ea1341L,0x5f714ca71d1309b0L,0x79eabd20d4eb9b34L },
-      { 0xe0e5afdcdf0fb30fL,0x1b01a16d8c0814c6L,0x670e1e7b84334366L,
-        0xc8c38f9a0eed1116L,0xf914fae2619bbd50L,0x1ed062cb51c1995aL } },
-    /* 9 << 224 */
-    { { 0xce64d065b711b4e9L,0x32760c2eefc4d25eL,0x9e5916caa6292c7bL,
-        0xa90d40bff2a47deeL,0x90dc6681604933d2L,0x707270c60115cf42L },
-      { 0x55b601ff6fe583abL,0xdd2fe842a039dafeL,0x602d8de34c2d3357L,
-        0x7cc979bca7ab9014L,0x4b8dcf7e60118797L,0x7f1f2a04cbfaad32L } },
-    /* 10 << 224 */
-    { { 0xd4e60e15cb583422L,0xc6b1ef90320f296fL,0x0714bad0d9bfc834L,
-        0x5ee2ca8c9050e2c2L,0x074a8ca824f7cf1dL,0xb975024910df8516L },
-      { 0xecee8ab7c2636d2cL,0x308e5af13b4b7bbdL,0xfed4f27eee2ae021L,
-        0x7cd4bb192065253bL,0x6b21a3f84de525b4L,0x0f10e7bdac27fddbL } },
-    /* 11 << 224 */
-    { { 0xb4f02d9dbb3bf37aL,0x69590395978aacc1L,0xdf99b1309c3def3fL,
-        0x5c66391e12be0bceL,0x30ab382cb5eaf100L,0x9b84b2b4e0352249L },
-      { 0x0c22e4e1af14e85aL,0xc29d3c592286ea0cL,0x6c7f8b6a40758aebL,
-        0x7a91adccde68fd0bL,0x4d8554fec8e8fd4aL,0x9fa863d5bb5621e5L } },
-    /* 12 << 224 */
-    { { 0xd5068487870e29cbL,0xf9420b85fc52d5cbL,0x50c3265a496d000dL,
-        0xe605414a166bd6b4L,0x4de8d724c62b2a6cL,0x16af06f2a1a11048L },
-      { 0x5406bde945f43c4cL,0x5e15bf6c751ad18eL,0xa846e665b6a59587L,
-        0xcdb28a7d1816ac55L,0x899b3551819b73f8L,0x2d46297bbc848d08L } },
-    /* 13 << 224 */
-    { { 0x76f5aedd44af60a1L,0xf7bd3b4651d1efd8L,0xdfbf3c6439a9721eL,
-        0xf927fbf0ee9d2ab3L,0x628e9258c7e0779dL,0x062cb2fe4cf1dccfL },
-      { 0xb2ff57dde2278f00L,0x3f0e140a2d199ca3L,0xe7161304342c0a9cL,
-        0xe7ca734f0bdbe131L,0x7d070270870057d8L,0xf6f1a65daaa55860L } },
-    /* 14 << 224 */
-    { { 0xdc4cc720299127beL,0x5b34e762faab8165L,0x2289b2f7b39c120dL,
-        0x687a78d06e52b913L,0xd2a091dd2a3ea6a5L,0xc61eced638eab329L },
-      { 0x652231ea7887ff2bL,0x77a568750479db4eL,0x1ef471c8d43c5722L,
-        0xf82bf436f3764c34L,0x962af4050445cafeL,0xed8b227f5ff47259L } },
-    /* 15 << 224 */
-    { { 0x30e045f4a73c3da0L,0x13d2527df36c6346L,0x3dffe56d3836fb9bL,
-        0x9518276617c5d2bfL,0xa0ef38724dd0b240L,0xb45e19ebc39c675aL },
-      { 0x65202bc603e95445L,0x41e2f0d19a2ec9dcL,0x51c719cf2a0d762bL,
-        0x3bfb9729ecc6b9f8L,0xda8271705a261640L,0x65c2bbbcaeee5f3fL } },
-    /* 16 << 224 */
-    { { 0xde849cd1d89594abL,0x00e2d2b10ec4fb3aL,0x3fbd9e3dabe92fbaL,
-        0x785414d43324900aL,0xdaead1abde20904eL,0xb493e121aa5f1ba8L },
-      { 0xd60a4f2d6eaea0dcL,0x394746b56fca8596L,0x163dc78934efa243L,
-        0x3067dccf216a8d8cL,0x116b6534a901617bL,0x8c4bd099bbabe51eL } },
-    /* 17 << 224 */
-    { { 0xbb9eb22a97ebad53L,0x791d4f90666f1428L,0xa3a896e06c5d5569L,
-        0x322d566fdefbc26cL,0xaa581a083c039c26L,0x82d899be62790f0bL },
-      { 0xeff4bb9a43a0c2f7L,0x60515c10a01df2c4L,0xdd1455a849312160L,
-        0xc8a15052c4292265L,0xdb2970f97f68d081L,0x29c825b892594c4dL } },
-    /* 18 << 224 */
-    { { 0xc8c2df45ac3a082cL,0xc353d074c8d4c40eL,0xb214f9c05a3c2de7L,
-        0x504bc42cf86b0214L,0xc82df5cbd1922a58L,0x40887948a5bc3267L },
-      { 0x04bcd21788ba8bb2L,0xe21b3e7f046fd401L,0x8419c338616af5cfL,
-        0x7f24760baedfce9dL,0xded8035bddbd519aL,0x1f1fb0d71693faabL } },
-    /* 19 << 224 */
-    { { 0x7a88376766117f71L,0x8d4e37815d261599L,0xc900e6dff770b193L,
-        0xb7d1c06b12e9dda7L,0xa86d173a717cb0faL,0xa138b7ba51dfbeacL },
-      { 0xe84468c57360a27cL,0x4acf8b412e9b82a2L,0x85fa386cb121d6faL,
-        0xc794d9f283e6169cL,0x7b4cd3fc8c9293acL,0x3096ad868d082719L } },
-    /* 20 << 224 */
-    { { 0xbb067b49d02ffcf6L,0x7cedf8f93e657299L,0xc3829961406bbfe3L,
-        0xefe4b5aa37c12472L,0x7dc01cf9fec7dee8L,0x70a9db2389472f50L },
-      { 0x29c269f8b31bf737L,0xa26deac3ae3fa7dbL,0x0046e91233caca41L,
-        0x3bf4bc8ab6e78b55L,0xca83bc6cd9eb5ef1L,0x73f25c62c0c5deffL } },
-    /* 21 << 224 */
-    { { 0x117bb83d3ff7d803L,0xe91098c539c56c0aL,0x7bf72fe91e347fa0L,
-        0xa66201a31e174941L,0x1d069d4d6846a06bL,0x721cdbbdcda59bcfL },
-      { 0x17d6683a17652893L,0xee1b28f505be2530L,0x2e70558697a69062L,
-        0xd4b5798682b56c36L,0x1ccc5be09082e781L,0x42e0e429d6b05e30L } },
-    /* 22 << 224 */
-    { { 0x697dc47d44b4aae8L,0xb3525cc0782c331cL,0xff71cca40bd7c78cL,
-        0x5f3d776610c0ab69L,0xbdc10267e2ba07e3L,0xc656f75ce6373f6eL },
-      { 0x9e2938b4b5607b62L,0xa65017d410b0a0f7L,0x8dad31195cc6ac25L,
-        0x00f8f2d18ba5d1e6L,0x608137bc43305aefL,0xddad34bbdcb81cb1L } },
-    /* 23 << 224 */
-    { { 0x9e46b17c20c78a64L,0x28db365d5c48e678L,0xbe4c3b8eac6ba470L,
-        0xee737236b6617b28L,0x81c5b94a4f3422bcL,0x4d44c33076faa922L },
-      { 0xd7a09a719be38835L,0x99d024e1410b382dL,0x103b67c36b15012eL,
-        0x02b6e094d9808da4L,0x4f5d938a0a7f2fcdL,0xa43058b7e4c5073bL } },
-    /* 24 << 224 */
-    { { 0xe133d941b1f82ca5L,0x2af8b98bfdf115bfL,0xdc6179c857aaa6f3L,
-        0xabaa83e9130ade06L,0x7836b6fb0e8bffd1L,0xc479751ffa103703L },
-      { 0x0ff3c1299c89963bL,0xe64072560b84c24fL,0xa92a4ea2f34f6bc9L,
-        0xba45b3053197989bL,0xd12b5a0199243aabL,0x3015772c442af625L } },
-    /* 25 << 224 */
-    { { 0x5362ac737e0a5c36L,0xc731132a8c4fbc07L,0x0ef7468d7ca0d4d0L,
-        0xc43afef835d25de0L,0x096bde6a3fa1209bL,0x21f57eb566846236L },
-      { 0x878b585cf04d23d7L,0x737f7e527315ed56L,0xb716462c811afdd1L,
-        0x4d223734a571a3cbL,0x56460e2fa7db2c60L,0x0684d72c61f97485L } },
-    /* 26 << 224 */
-    { { 0xd95fca81e6f065c5L,0x45e886d5fc8655deL,0x3580957727cff79eL,
-        0x92a39a34625877d9L,0xdda02684dfee17eeL,0x6354f871986f635bL },
-      { 0xb3a6e9edd409c182L,0xf0b1c8d9c4fbbb3aL,0x28721c019b77adedL,
-        0x3c356df1bf94f028L,0xff221bd229a81f1aL,0x20edf2e856b20b0dL } },
-    /* 27 << 224 */
-    { { 0xb8c636db31ac60c2L,0xf3830e72bd987402L,0xfe63957c30e6b969L,
-        0x3508e67989eb2bc4L,0xc0837f8c9a987e3bL,0xd1d0ce7b3f9b2ef4L },
-      { 0x08d8f99441fe62baL,0xe73f79d7e17669d4L,0x8801fabaee6d68feL,
-        0x4ef814891a508a88L,0xcc851bb71fbc4512L,0x69f728704680b88aL } },
-    /* 28 << 224 */
-    { { 0x97fff124835fda9eL,0xa79ceb2f0bc68512L,0x70ba93d1a2fc3995L,
-        0x62bd28ab9e51c5eeL,0xb95fa624d5bbbaa9L,0x0654dc458c1f571eL },
-      { 0xb9a4edc665a45ed6L,0xbf5ed1bc21ad0612L,0x74adc1a1b1a3551bL,
-        0x3dfa3dc8dbbd6cefL,0xce5dd40b2fa3afd2L,0x14894e0f30a746caL } },
-    /* 29 << 224 */
-    { { 0xe4544006ada9bf7dL,0x9e123b709b75770dL,0x903628d557cea95aL,
-        0x6429e00c9e8cef6bL,0xafa2cce77b1adaa2L,0xf2f5771e15e488daL },
-      { 0xda44962269820874L,0x5b20ef1b6e0fef81L,0x3150a8699507b4faL,
-        0x901897add191de20L,0xf459da31c41dbb2dL,0xc2516dd077146754L } },
-    /* 30 << 224 */
-    { { 0x7e729c58b8ca2a2cL,0x0f32ea1ecaac04afL,0x47267f13bdd549e3L,
-        0x35b9440690be3b50L,0xad0f2bb14b27f670L,0xd7e5874e92341803L },
-      { 0x7dc841cf1f9ec462L,0xebeff994512b2a42L,0x22998a7f320dc858L,
-        0xf08eb5c719946f59L,0x228c8dcda68ea75eL,0x40dc6dc37b20dee5L } },
-    /* 31 << 224 */
-    { { 0x23f40e331dd722adL,0x0a441bf4c54fc48fL,0xed6c026548b75f84L,
-        0xc2d3972f3e0fff2bL,0x889b44c4db09b7d9L,0xeb6ccc6541a6a562L },
-      { 0x5ef1162e8f04e03aL,0x25e2ea895d8102c5L,0x37b71631154644d5L,
-        0xa9a1a8320446b1bbL,0xe3f58daefb342b20L,0xc6d19decb6d292c3L } },
-    /* 32 << 224 */
-    { { 0x929454f6b3952db4L,0x412142ec4d3f69f5L,0xf5b0a7c5ee25c0b0L,
-        0x7d3372ff2e752295L,0xd6dadc7d6eacac68L,0x5f0076cca96a8e3cL },
-      { 0xea831db671725b3aL,0x4a286c89c29ab454L,0x5ff817e572e3c00cL,
-        0xb022e25d2a5fb6baL,0xb611c5bcbb392476L,0x062c14dc190485a0L } },
-    /* 33 << 224 */
-    { { 0x44730047ffdc9a7eL,0x44949bdcf078d5bbL,0x8c1a3e4bc486e2b1L,
-        0x53088ba20801402cL,0x6e20a7cfeac83daeL,0x4407ea8436ec5443L },
-      { 0x564fb733853f79d8L,0x59ea819afe809670L,0x1ac62174f1ec7e91L,
-        0x0d7e065566a0b8c9L,0x0c4d072482958221L,0x80db0297a60f984eL } },
-    /* 34 << 224 */
-    { { 0x380823e7f3359d47L,0x8a60fb05f5efd39cL,0x78a940669425487dL,
-        0x1da6abc3f199c67cL,0x7df00b2165f0a6b1L,0xdc0dea58017b1231L },
-      { 0x9c529db079f4f22fL,0xc7043be3e5dd92b5L,0x10153ffb43661331L,
-        0x51c459bf6ff02e8fL,0x451483bfa43aa005L,0x3313f903199cd1baL } },
-    /* 35 << 224 */
-    { { 0x2f66587e62e1ef1bL,0x942d4c739e3ae33fL,0x4a27ead5c0ab9c1eL,
-        0x368d8dd89ca91b06L,0xb3f0cf92c4b6ed34L,0x28cc332673e62557L },
-      { 0x2649e5527910986bL,0x635dcf9cdda049abL,0xbbde12f625d3f201L,
-        0x5200c3d0a9384443L,0xd996573d51eb3c10L,0xb093c1792b8cd7e5L } },
-    /* 36 << 224 */
-    { { 0x15cd1d1cc3fe6fa4L,0xf260a739e2c3c686L,0xf7c2270eb08c65dbL,
-        0x9ada2cb6ff69d971L,0x65fbbcac212bff0cL,0x40157d075646a735L },
-      { 0x101d2b7d55de9e45L,0x0db580e83118b763L,0x3203baca8322a9cdL,
-        0x2a3137ef22cac14dL,0xcc9092e291a14128L,0xbb269f6d98cc368fL } },
-    /* 37 << 224 */
-    { { 0x7c8946002ad7f66fL,0x6a8328bb99b438a7L,0x86d06fbbdb440d86L,
-        0xb74ffe2d20ac5a42L,0xc3a6f01d91b1c82bL,0x606f8ce71d5efbddL },
-      { 0x8c49c43a6338c99fL,0x50657f7216da7cb7L,0x7f204c8b84f22d9bL,
-        0xa2612d80ca76978dL,0x80080d868a3e8e96L,0xd8841a1ac0bff9afL } },
-    /* 38 << 224 */
-    { { 0xc2a734cb962fa060L,0x2baa26c580a17874L,0xe27b21110b44efe6L,
-        0xdc1244e531d2154cL,0xfcd86d4116c7742bL,0xf45230df32503138L },
-      { 0x94a790f4812cf0afL,0x0ab2df23da3f24d7L,0x0c764df181571d54L,
-        0x989ff71c68d68f74L,0x9896fe62cda535b3L,0xfe0502e05f4fa41bL } },
-    /* 39 << 224 */
-    { { 0xf1ffe852c2f58cf6L,0x2ec46d2546d64576L,0x95bfec93d602c51aL,
-        0x349c58bf3907b766L,0x59cb12bb9b94bdfbL,0xfa95da9515dfcd87L },
-      { 0x731a8535e1543bfbL,0x14844aeeca14187cL,0x0d73e58aba1f4928L,
-        0xbb71009fc6bb67f2L,0x5e7c0e988b4142b9L,0x4866b5095f08f58bL } },
-    /* 40 << 224 */
-    { { 0xc8295c2fa234de87L,0x1cd7f3fd878e77dbL,0x309c1fefa2155b6cL,
-        0x2a9bcfd9484afddeL,0x87ef7a56cc999775L,0x34336cb1970aa188L },
-      { 0xd45eb83cc3e16ba1L,0xf9d72c72b9c1695bL,0xff117458cb980742L,
-        0x438a7fcb67af836aL,0x5ffad086eb9a6c40L,0xdbd3e518513922a3L } },
-    /* 41 << 224 */
-    { { 0xde241983e42021b7L,0xaa70e834542873c1L,0x99c9d35f9daf2b99L,
-        0x0bf712d549b40780L,0x202d9969d9ab6e97L,0x7f3382dac4932106L },
-      { 0x1eb5f5d40849e319L,0xc1bdd1179f659546L,0x628ddd3d2329f977L,
-        0x5944611d363ee601L,0x7b7a631463d5bd4dL,0xaf6c51a5631d21ecL } },
-    /* 42 << 224 */
-    { { 0x2d8f9e1db4100182L,0xa08ae2fe4f3d2c03L,0x7548c430589e99f8L,
-        0x0f5ccee2aede8af9L,0xa21ace3343b34b25L,0xb120c569dee102e6L },
-      { 0x1cb103ed36f13699L,0xf71ff0dfc91e8cb4L,0x88f141079b22460dL,
-        0x050af75af509366aL,0xeec8a310fb179bc6L,0x069e7331c26efef6L } },
-    /* 43 << 224 */
-    { { 0x3e2a9c713be9cdabL,0x8f235d6f73ac08e6L,0x3de28a6b28832dabL,
-        0x7d08b9f31ee82d6dL,0x67c3b88f915ddda9L,0xba8f18cc0f7c81a3L },
-      { 0x38cebc31ca3c0936L,0x745f71aa7816a6e3L,0x00cb85a91a95fcd3L,
-        0xb92742c6577dc22cL,0x1afdaab592029cbeL,0x0bb43c91278d3f7cL } },
-    /* 44 << 224 */
-    { { 0x3d77059d3ba02d27L,0x58e28671440b2d3dL,0xe2d4235726636fbcL,
-        0xcc448a52c54605d5L,0x73c2902efc0269a6L,0x28a15ed57ea8c26bL },
-      { 0xf666587a0cfc1a34L,0x8374f2cc1ae0377cL,0x5dca6ae828417437L,
-        0x15a6d54c94bc87ffL,0x5bf187bbb344796cL,0xc629c14889574b2dL } },
-    /* 45 << 224 */
-    { { 0x06d43c6d87748b63L,0x2489a957a7f232edL,0x7aa9174afa407c3fL,
-        0x8c8b8fd933a762e0L,0xe2e8f1e7adbe94a3L,0xd1e0c8c2bb723045L },
-      { 0xcafd8f483df092d8L,0xbc89caebb174025cL,0x97595c5649f20c98L,
-        0x6e520a968a77acefL,0xc3dbd3107a52a4e6L,0xf51db5a91284ff27L } },
-    /* 46 << 224 */
-    { { 0x406465742c74cb2cL,0x44eeb9e546c33df0L,0xd2a9f16ecb4c50b2L,
-        0x68f912a01906a6ccL,0x2b81296d95211e94L,0xddb2988ec8575839L },
-      { 0xb74d990d33b180c0L,0x290185567d319c48L,0xd3d2e40dac8de56fL,
-        0x9ad42a60461f30e6L,0x265e4715292a0faaL,0x56c2626c8ac3b2a5L } },
-    /* 47 << 224 */
-    { { 0xb7580f2fd468adb8L,0x8e1fbf0388a6a587L,0x1b8c40ed8f4f6cddL,
-        0x337414f56817b2b1L,0xd877ebafb744d563L,0x59eed3c6df5e18b2L },
-      { 0x365e148dd33afa01L,0x82e70adc665702cdL,0xccd77955a5e390ebL,
-        0xd86c343accc90cb2L,0x23bd948d6cd8a33bL,0xb1fc140cdc43a8cbL } },
-    /* 48 << 224 */
-    { { 0xefda99d9ce11b02eL,0x9017bd4a3f820083L,0x8b9e6cd1ad14ac6fL,
-        0x1239ee331f413880L,0xd98e93d993dd7fb9L,0xc280d252894fcb12L },
-      { 0x33a9201a5230b5eeL,0xc6aeee256e41de26L,0x845051280d0a320aL,
-        0xc20551db4b607b53L,0x6e63c766ea228c2eL,0x883321aeac48f25cL } },
-    /* 49 << 224 */
-    { { 0xa5173910e15a530aL,0xaa2c88b83ac38ab2L,0xcbfbd31ec6a6ba9eL,
-        0x0fa126cb49ed182dL,0xd6b38897cfc53c85L,0x98d5f6bacb9c2f41L },
-      { 0x6694e8e5cbd150e9L,0xd470ef226a1fc551L,0x57a63765d5ea1c0aL,
-        0x95f5eb4318078139L,0xbeaba00585d3e0dbL,0x6bbf010fd314dec7L } },
-    /* 50 << 224 */
-    { { 0x5941229729ee46d3L,0x39e5aaa0e66bdfabL,0x9ff1575001c815e1L,
-        0x709706211f2de195L,0xaac904a968aa571aL,0x9cbefacd8f7625f9L },
-      { 0xadfd215dfce3a501L,0xc04d09ddf20651b4L,0x688c1421d17b25f2L,
-        0x3efde5d40073247cL,0x999b7f3a7432c699L,0x33c76487703fea50L } },
-    /* 51 << 224 */
-    { { 0xc720aeb10af6e1faL,0x1564b8d8e8771dc6L,0x5983eb44673d8ef2L,
-        0x5dabb2070679ac65L,0x51a854cdbcdb681eL,0xe2b186a9364a3cb1L },
-      { 0xfa189eff7222208bL,0xf7161d86477666f9L,0x0ffcc3e6192d1df5L,
-        0x1523508e39cf5a4cL,0xf5e98687c43ecce8L,0xbf17b63261450309L } },
-    /* 52 << 224 */
-    { { 0x63293cb8adfbde28L,0x5df78fb3c6b18ec4L,0xad10da4ffd27e50dL,
-        0x60202b357ade5c9aL,0x67b9d253c6c8c8b5L,0xdbacffefbc2b30bdL },
-      { 0x508ff8a67494b1edL,0x87ef48be3769728fL,0x74d4f180ef98d036L,
-        0xc5d9ef531799e8a9L,0x726d22206e850162L,0xd86d3414239f6b38L } },
-    /* 53 << 224 */
-    { { 0xfdde327b3e1f1b96L,0xb6272e94bb58615dL,0x2881350cfc2d8a47L,
-        0xfcbe87031142ab9bL,0xaa5fccd0f48c7f97L,0x606be6ed29a74ba0L },
-      { 0x545409ba3afc598bL,0x4779f54aa7d23f5dL,0x2811c0829d68e38eL,
-        0x5b4646bd3f9c5842L,0xbcd3aa492586219aL,0x7345799313642e3fL } },
-    /* 54 << 224 */
-    { { 0x9a61f240ab638788L,0x519742162b0a8449L,0x9a5ec31d43b2abfbL,
-        0x6f3075740563c9c9L,0xe465f7793ffa198fL,0x8876c5772957418eL },
-      { 0x10e3d09c976e5875L,0xd66d334e592c2409L,0x3f0d5727b39b7897L,
-        0x17ca7ad1e37fd300L,0x221d8436da530871L,0x4df38e4179d6b350L } },
-    /* 55 << 224 */
-    { { 0xe805096338b7a2cdL,0x9874cc734b8f05cdL,0xfc0821791b74a790L,
-        0xe18a92f3293049a6L,0xabd525694dfdc13aL,0xb928cc300d843466L },
-      { 0x12750aec348dc7c0L,0x3c8e205d87f12dbcL,0xa2c71091e0bdbd81L,
-        0x895b56a0c1c1871cL,0x68dd7414b4c850f9L,0x45a948ecbe806596L } },
-    /* 56 << 224 */
-    { { 0xa88dbfe0f4fe35f4L,0x32de3a1c84283011L,0x8a3777bc39caea33L,
-        0x673630dee4d49959L,0xf3ef842c59070317L,0x33e4bb031fab88a9L },
-      { 0x88e4538e98ce8bc2L,0x870c2eb81a235c6bL,0x71f62c5640df0e92L,
-        0xdb43b853f9627486L,0xfde9fcaa95cc473bL,0xe4c5b4bb4b677b11L } },
-    /* 57 << 224 */
-    { { 0xa6ebd946dd4091f8L,0xf0e11886dcf0741bL,0xd6267674d9533601L,
-        0x571926506f74e49cL,0x18269c2f891d6717L,0x350a7869b45ddb53L },
-      { 0x79ea6a4ac8f62777L,0xbad33c4cae7edec9L,0x14bed149ad7e5578L,
-        0xb2f4190ba91af4fcL,0xbbd6f68be71dfd3bL,0x23fd3dc8f2fb7a21L } },
-    /* 58 << 224 */
-    { { 0x5e0f89e598fd044dL,0xb77180d97cc30e97L,0x64fbfb747f82a12dL,
-        0xbeebb9ca77629636L,0xe164549feba83845L,0xe65a964a7079519dL },
-      { 0x8b1bcc08ca88157cL,0x466399c3f7483338L,0x6e2726414b9efdc6L,
-        0xff8c7027be922e96L,0x9baebf7d48374f59L,0x2a84a23ac18ee18bL } },
-    /* 59 << 224 */
-    { { 0x337484e0dca4b3b3L,0x82137cb9f5b27d3fL,0x12ae1d11bbf4c806L,
-        0xa1e2873f2880c078L,0x9e6bd909058b9a0fL,0xacc5656d2dba5fb9L },
-      { 0x7fe5467853fd2ce3L,0x2aa4af35452439efL,0x329989a5904ffc67L,
-        0x007ea4c8520fd31bL,0x58988e2551816b44L,0x644f2469d8f186eaL } },
-    /* 60 << 224 */
-    { { 0xcd4d1a9e8890722fL,0xfa0b826b74142916L,0xa494dfa817ba8041L,
-        0x3fb73e736de2b6c2L,0x156a6cf4344b57a7L,0xb197c8621e205448L },
-      { 0xf453e348c214acf7L,0x665d7083e9061a73L,0x5ed59ec5ce9868a3L,
-        0x9bab305f6ad777faL,0x752c490b35315de8L,0xabcfa35b5d5aaf26L } },
-    /* 61 << 224 */
-    { { 0x4059fc2f914d618dL,0x88e55ce6108380fdL,0x0c22b21bee61a4c1L,
-        0x435ecbdb04788627L,0x3f8a5ec7a9f72788L,0xa31eff8a732d5d97L },
-      { 0x119b6bf9d48d0af9L,0xde6d1de5af70a043L,0xac075ffd3368db4aL,
-        0x23a33ec94a58603dL,0xd43ad120fe181a89L,0x386b90ed42f0b006L } },
-    /* 62 << 224 */
-    { { 0x8096824bf9bf1a24L,0xcdf69abc8260ebd7L,0xaf93b34de9ab190bL,
-        0x676351ff841cbba0L,0x3db704d3eb6d6c60L,0x3b1b893fc09aebfdL },
-      { 0xc06b9bfdbfc69f15L,0x28b1ffb8e9c688c6L,0x1607bc68d3c16455L,
-        0x07d56bcc6d16d937L,0xac28e69f318afd9aL,0x7f4afeb7e77263b6L } },
-    /* 63 << 224 */
-    { { 0x796a530ab935875aL,0xd6700ec89dd1e51cL,0xc30301df4d9320e4L,
-        0xe23090f357157f87L,0xdd3f68a74029113eL,0x566afc6de2709936L },
-      { 0x830f952edbff8926L,0xe207eae5c7a39d27L,0x9210b3dfd9494592L,
-        0x3be25582d8460831L,0xec2496575d58edd9L,0xebe8426fefd24738L } },
-    /* 64 << 224 */
-    { { 0x0372678dc419b0aaL,0xf95031d8c13fdf17L,0xebaebca4b79594c3L,
-        0xe587850baf3b75cfL,0x534183ac2c1e09c6L,0x3f5b0bfdc08204cdL },
-      { 0xdac2cf06e297cc77L,0x5e47d9c6d0487084L,0xf6f509f490b0f6c2L,
-        0x3ffc3cd6c2c62207L,0xbb21eb1132ff1887L,0x2116a023e62ccc6fL } },
-    /* 0 << 231 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 231 */
-    { { 0x406a7e2116960728L,0xd03923f85597d8c4L,0xd4402eff020748eeL,
-        0x7827442af39b58dbL,0x77e3f2768d8cfb04L,0xf6eb49c8e45a978fL },
-      { 0x9db0829949247f6aL,0xce71a74706669fe5L,0xe434ce47b82775f5L,
-        0xe84995ef63910016L,0xa35e8b971e47792fL,0xc779cb3d7c6aaeb9L } },
-    /* 2 << 231 */
-    { { 0x1fa064cfaf31ea1dL,0x2a9547a848e8d974L,0xda8102a1fa9d9453L,
-        0x786aecabdc6bd7eaL,0xcaf91e3bca2f6044L,0x67d86ea78573f208L },
-      { 0xd309fce9c505ae24L,0x67ddc5b17f86eb8eL,0x57791ae0f3d53056L,
-        0x26b053f00d1fd61eL,0x91c962c0045ebfa6L,0xe95246de076ed979L } },
-    /* 3 << 231 */
-    { { 0x156eaf570746d174L,0xa2d4a83dcda35250L,0x60a9f48c0290fa02L,
-        0x9855d26d5c33b4acL,0x06e379c697eb1c30L,0x4f2e2dbe6e219664L },
-      { 0x6b7448f829006065L,0x237a1f31115062a9L,0x5c635a90ad92cb24L,
-        0x2e857f8c2eed977eL,0x3d512df7856dc88aL,0xbde85263e597a27bL } },
-    /* 4 << 231 */
-    { { 0x49f24994e7c03ce4L,0x274a8c132aed9ba3L,0x897b9103d5e91bc0L,
-        0x63db1efbcb404f68L,0x70efd9d842f7fc02L,0xd6e02921c6a230afL },
-      { 0x8d5b199f11ae0a56L,0xc98287dece33da6aL,0xde583d34504dd889L,
-        0x03756001f823686fL,0xf19ab86f95fc73dcL,0x300406c693f12f42L } },
-    /* 5 << 231 */
-    { { 0x2f73595f7759701cL,0x8dc2069a6fe0e0d9L,0xb7de7114c286a65dL,
-        0xfecc429e84c0e487L,0x51061a2c14344c07L,0x4d70972596869e37L },
-      { 0x8b02781f2be9403bL,0x6cb6aa02de3ab5d9L,0xb013508eff6bdc9aL,
-        0x568d2e84e5438c58L,0x7b35a979e4206c3bL,0x0bb793c0b17a8bc7L } },
-    /* 6 << 231 */
-    { { 0x3f896ca9fa4dd561L,0x4b9a98abd2de2ecbL,0xd0741632600e4e2aL,
-        0x87c7db5f69e702d5L,0x1f5a3b8053e0df2bL,0xe1e24b49f443dfbaL },
-      { 0xeb90e2305eef3a1dL,0x8f3fc8a6d38f73fcL,0xfb1e8299a5aa335aL,
-        0xd78504cd4197b32aL,0x0e7a79cc6755918eL,0xc7c98ae2883b1c72L } },
-    /* 7 << 231 */
-    { { 0x1a12727c03d2beccL,0x810a37dfc6741372L,0x44ac483fb7049f39L,
-        0xab73e5e7a36fc614L,0x298d453feeff8aebL,0x2127dd167e1b586bL },
-      { 0xeadc5c54e07bd60cL,0x67cdae00f5e2d2e2L,0x03fe0446c9d2f10aL,
-        0x0784098795e38ed2L,0x5d348a7ce1a6306eL,0x4903f1b6562f5463L } },
-    /* 8 << 231 */
-    { { 0xbf66baa5b44b1d0cL,0xbbed18eda44f8edaL,0x80bc32abeaaa466cL,
-        0x605b7897e5f2733bL,0xe9e7e3a1a2531afaL,0x25d66db33deb8369L },
-      { 0x36212ea3b2f25d10L,0x52d6b3f4a08d303eL,0xefa54b31444e9e9fL,
-        0x9c2229a169530c1bL,0x68feb9854b79bdd1L,0xd570e84f8b984cc3L } },
-    /* 9 << 231 */
-    { { 0xe141b86bde0560a3L,0x858bf4cdb2264bd1L,0x526fb104fabe5359L,
-        0x95f9c43f185b8a70L,0xf8e3a3eb2d1f75e9L,0x71826067d93bc6b9L },
-      { 0xf360e01799692f49L,0x00f4fd16c2dc3dd5L,0xeb7f40498b9454d3L,
-        0x5cb0f3c426c3b393L,0xe8ab4e4357bdc4d7L,0x9abe36b00c123d67L } },
-    /* 10 << 231 */
-    { { 0x1df8d98c57b168fdL,0x042fd731b45da94eL,0xa54d64f91703e143L,
-        0xa12198be9de0ab4cL,0x160e06241ddc4e0fL,0x15cae64a6695891fL },
-      { 0x808565e70c2b2081L,0x6de4a393cc65040cL,0x6682cd934bac1768L,
-        0x62e7ac2ca5be965fL,0xd33f6f8ad7a38e90L,0x9cafc4635b8b516eL } },
-    /* 11 << 231 */
-    { { 0x0541a391b685c547L,0xe86d35e091765999L,0x65aa03c51db4a2ecL,
-        0xba53470e6b1c4784L,0x4f848cc8cceca1faL,0x89d0db0b8b18e350L },
-      { 0xd03e452a7840d734L,0x6cebfa790ca24215L,0x288b4569e8f1d9e8L,
-        0x18e405af8927ce0cL,0x5aad57e51abfb4c8L,0xbbd99091a197ed1eL } },
-    /* 12 << 231 */
-    { { 0xf041e421aa44f3e2L,0x47ed9e8eae6fd2b7L,0x4fea93751128ed62L,
-        0x041a1c1acec6eae6L,0x1f32359415a65daeL,0x741fea0a0154e8e8L },
-      { 0x309e9f289c32e224L,0x457d4ffa902ce57bL,0x7bb54dd5692420c2L,
-        0x193a41aec4fa1a6aL,0x35f5f3b43d779e77L,0x31e84371046ebb8cL } },
-    /* 13 << 231 */
-    { { 0xe75a7c1d9d7e5551L,0xb73c987611635e3bL,0x3b07a071e09d29b3L,
-        0x0a3cc0acc623023cL,0x15ec4a7a1e2ceb33L,0x09a01968c70eb27fL },
-      { 0x2e5bb53c369d145aL,0x4c93330d9b7fb506L,0xbb10a2f358013308L,
-        0x3d9da0c4e0b85fd4L,0x8b39c992ce0dc79bL,0x7e6d18b0bec905faL } },
-    /* 14 << 231 */
-    { { 0x3a5a366ea1554376L,0x0e1687c052a6ed9dL,0x3e16e4aafe5355beL,
-        0x6d8bac03ced67666L,0x403eb33ed9344003L,0xd7b9ec0d333ab20cL },
-      { 0x9fce1986d64c272cL,0x9d52d64bb1e23843L,0x8e689611921a58e5L,
-        0x8f5f115620d5c61aL,0xb17f612fadc81b4eL,0x36e2db30e562f779L } },
-    /* 15 << 231 */
-    { { 0x98d0bcead01f8634L,0x6e9ba675bc5f825eL,0xfac2d3aa05e938c1L,
-        0x434b712fb9c66adfL,0x81c29163a9a61d36L,0x80eade933be8eea9L },
-      { 0x10fc6d75c04c45a8L,0xa2c9aa58fb9e8702L,0x9142afaeb200428bL,
-        0x4fa28c8520eccf38L,0x3b5f63308209b3e7L,0xf74206ca8cd74accL } },
-    /* 16 << 231 */
-    { { 0xd6a4d25c845f26e4L,0x71e554ce1b039dffL,0x942059731cdedfc0L,
-        0x0c4e385603d6502fL,0x981a4fc5e15ce8c8L,0x85d1b0f17aca30b7L },
-      { 0xf2037ef777bb9e43L,0xc52804f4e87ae187L,0x9c98a23c71f3e4e3L,
-        0xa73c8b89f47b504bL,0xb9e33f54023233aaL,0xf2bcfc17f92c9f68L } },
-    /* 17 << 231 */
-    { { 0xb3c1bc26707fc6ebL,0x0bb585b75ef6dac6L,0x70af297f5f707063L,
-        0x3d86a8fa967a0ad8L,0x510dae4d4f956cc6L,0x1dbcb2e883c01ad0L },
-      { 0x0e480cd28bfbb5edL,0x76498f813025fca2L,0xc015064ec5446cadL,
-        0x4ddfe2af3616f51aL,0x76b0d690e6750b31L,0xc4502c050073f263L } },
-    /* 18 << 231 */
-    { { 0x9120912bb3081e59L,0x6c73c4a2f908b364L,0x408af8c94de763d6L,
-        0x3d9e83084000add2L,0x65d197fddcb5a5a2L,0xbfd29f0b2bd82bb0L },
-      { 0xa1243e63bdfe09e7L,0x91d90b54d556188cL,0x977dd4a18bc872fcL,
-        0xa8e6e7bef4ea7805L,0x12c53bd80a467365L,0x9d7abca493b7f0a4L } },
-    /* 19 << 231 */
-    { { 0x5faf453a40eeb93eL,0x6801e0d1f1fe9307L,0xe92505d39ea9b800L,
-        0x7e911f8108eb58c8L,0x5da7ffcc098143eeL,0xe023262056876057L },
-      { 0x5354045bbfa99a91L,0xee660bbebb346841L,0x1dbf5c7cecb3099fL,
-        0xe79c78d6a125d753L,0x2a356f10706fc013L,0xe50c50b725f88ebdL } },
-    /* 20 << 231 */
-    { { 0x663ca92723ca903aL,0x8a64a4dec7681937L,0xe3ec0966a2baa42fL,
-        0x688328d7a2906226L,0xc2821e9c94790fd8L,0x7a295b62157501cdL },
-      { 0x032cd57d3675c2f3L,0x91d66a57f42e6f95L,0xd75056961e97dcd0L,
-        0x7e8ba3ed7d8b6f52L,0x8ddb72c420b0dccaL,0xe09e53bb6aea2d55L } },
-    /* 21 << 231 */
-    { { 0x3815b1028a009f19L,0x4f76d609f5418c34L,0x7a35cb332a9eabd9L,
-        0x018d6c54ce89e886L,0xe00b99e859c9fab6L,0x4f10a0d9aaf6e7b8L },
-      { 0xee51f8f0e722fce1L,0x03e8b63179bccac0L,0x66e540c26f327d2fL,
-        0x31df4a35d22377e4L,0xba5b0029d5c71cedL,0x6a3e20553ed6aeeaL } },
-    /* 22 << 231 */
-    { { 0xe932d1aaaffc47ebL,0x75c9d4d8513f85a3L,0x50886fcdf9419cb0L,
-        0x756a7d7d49081e9eL,0xe45fff1fe14aff77L,0x022b4ac339846230L },
-      { 0xefc3e8dbe89adc78L,0x921bb1538c09ccecL,0xe4dc6aa17826d461L,
-        0xa53aa6cefac8f0f4L,0x5d4e4d53954192c5L,0xda721828c722780fL } },
-    /* 23 << 231 */
-    { { 0x978609c67e4933daL,0x49fd5c5d2539c807L,0x072a911c6330373fL,
-        0x40cfa61838177579L,0xf9a7aa4c81c51596L,0x7ba8e7a5b346724dL },
-      { 0x79298c06d26ee66dL,0x243323702a9c2792L,0x585e8b9eb6aab53eL,
-        0xa39596c6e14bee4eL,0x89b2758828a76dbfL,0x889fba0aa00dc1adL } },
-    /* 24 << 231 */
-    { { 0xd55a3eaf0a9a8ba4L,0x13b1406b2a8cd215L,0xcb44589a93943e1aL,
-        0x91b5e3493a671a47L,0x488654f8efbe0256L,0x448bee4b392ba5e8L },
-      { 0x228f478137e762caL,0xe21a2ca7e71b6c47L,0x0e809fe94900fcefL,
-        0xb05e1db2815f6c76L,0x8cdf28815fa6fa0cL,0x2ed55c1c586fec8fL } },
-    /* 25 << 231 */
-    { { 0x7c3842eba210d4d9L,0xd656154e5f69a69bL,0x9e11c6db1f3a0483L,
-        0xb0314a5e5a217444L,0xe17a274e34f4e54fL,0x6e41c20a9f79d6abL },
-      { 0xd010d789dffef6dfL,0x704937f17e8915f0L,0x5072bf063d3460fbL,
-        0xa30814ed5f08429dL,0xe5faf476207d2708L,0x46e56e14af448339L } },
-    /* 26 << 231 */
-    { { 0x5a049c8f94af3a35L,0x9ae89160d8b75bbcL,0x8b026d867ff40c5eL,
-        0x90e54aa4fbddfd06L,0xc85349e7ee418640L,0xbf71e454beb7801bL },
-      { 0x63f5e068ad912e83L,0x6252a4a4ada5341bL,0x25114b87b44529abL,
-        0x9b80bea9eadb4f13L,0x7f071c0cfe050052L,0x4c9cd33418612061L } },
-    /* 27 << 231 */
-    { { 0xc6f50ed03c768ff6L,0x5b994b58b6de126aL,0x807ad19e2a1ac05aL,
-        0x012fcb9ddfc66ad7L,0xf8706d5fefeb7d07L,0x132aa6697bfc5337L },
-      { 0x56bd874310e28d18L,0x33bc53d96e9f8e26L,0x5885b63b152758edL,
-        0xb8b1bd5e757e1471L,0xdbc689458c0d406cL,0xa664de3bfc605a11L } },
-    /* 28 << 231 */
-    { { 0x04df415ea6d4b6c2L,0xb8e33e71d254d2d4L,0x179df4f48b84c588L,
-        0x8a2a0683d435793aL,0x6147a5a911eecec0L,0x0b8389793a0196ccL },
-      { 0x855059ce81805693L,0x37babf9f3b27872fL,0xa2ac78b1769be5c3L,
-        0x16260f0c0a8d267bL,0x31f48c42388266c1L,0x58fee495ead1f238L } },
-    /* 29 << 231 */
-    { { 0x5753ee0fc048300dL,0x307dfd57e048abc4L,0xc18bdfeca3ba6c56L,
-        0xfb2d8daf10495489L,0xd93aebd4e0fd2d13L,0x4736efaf0518a5faL },
-      { 0xa8ee4995eaa9fc77L,0x2620f08e008adc03L,0xf03981839f06991aL,
-        0xd47b1eabe25a4f4cL,0x669cf09c79f95484L,0xf30191584a0f8b96L } },
-    /* 30 << 231 */
-    { { 0x047b0f0124b240a1L,0x959915dd46cecf58L,0xedf2e74b72980ca1L,
-        0x6b7b7b4ef2cad32aL,0xf9f01c9d0b9ded1cL,0x009d3a5825e77e0aL },
-      { 0x62314ab411a39c1cL,0xb3b0c5b2ad557b74L,0x6dbb75dd961619fcL,
-        0xb8f2d198c934e1e0L,0x4401507542eb7fd5L,0x3a8552efea1be435L } },
-    /* 31 << 231 */
-    { { 0x08e3f0e2217de9abL,0x6bdec27bb6b4f789L,0x5b160334685af8e0L,
-        0x31e651cc61738f6fL,0x37224bc4631989c0L,0x2dc8006ad39f9c4dL },
-      { 0x2a5d585056c3d84eL,0xb2ef06cc5cc79193L,0x246d92869eaa50e7L,
-        0x8cacbf7cea6a7cadL,0x109bddc629465ce6L,0xad2f492fb5744947L } },
-    /* 32 << 231 */
-    { { 0xba03ba3b7b3b336dL,0xe57ce50928c9c55dL,0xf96b8cfe4f0f60b2L,
-        0xb908d77e6fcccd96L,0x7208ef7de79dd17aL,0x739095333ec3d048L },
-      { 0x9c5ad2da1163fe78L,0x4e2a8685cd4a15c2L,0xac999449470eb938L,
-        0xfaaf27fbee7d772fL,0xfbe402abd0b7ad09L,0x704d4f0e57db00a9L } },
-    /* 33 << 231 */
-    { { 0x8f2f736c6330607fL,0xaf4acf66c975432bL,0x838fd8cabd1dec99L,
-        0x347088aa7c3d0499L,0x28008757e835ea86L,0x43e2fb30c03e1aa1L },
-      { 0x06c66dabf0d10da1L,0x25d7aa1867321158L,0x215e483811dc063fL,
-        0xd52dee1e288362f2L,0x790989a1fe300a0aL,0xe0452fa5f163e1ccL } },
-    /* 34 << 231 */
-    { { 0xd3eab3ae25e7c044L,0xa3712d11b6d22325L,0x5e3835999e8237ddL,
-        0x2549047c9dc93a5fL,0x24b07617b546a113L,0xa50359ed2e7b82fdL },
-      { 0xbbc3eb5889964effL,0x93d490b60d7ae172L,0x68cd6b3f774ac0e6L,
-        0xf98f1df035e02fc6L,0xfd2625c560857c16L,0xd68f25e845dd06f6L } },
-    /* 35 << 231 */
-    { { 0x40dcb41018c1b3d8L,0x8af9a0bf954cc170L,0x9c40a17d5af27d6dL,
-        0x6b20fa7d7137d35aL,0x7c46f6aaf07f5adfL,0x7caa6e3cafc2f780L },
-      { 0xef03332694dfb637L,0xd8f330b38d0ac73cL,0xacbf571255d40a9fL,
-        0x1b4ffafa3f4fde0eL,0xa17488e09fe6b04fL,0xd27808a103957cfcL } },
-    /* 36 << 231 */
-    { { 0x85e1de1e96569e6dL,0xc9545920d7ae52f9L,0x04ebc797bcd62008L,
-        0xe142d0bc04a24db0L,0x5ed44b0d40e9fa80L,0x39fd679a48ddaba3L },
-      { 0x91aba967ce7ee095L,0x76de8d3a0e97d0f4L,0x92e7a107a221785fL,
-        0xb028f67e734283ffL,0x987f644168af2f42L,0x0ad882369d7f7102L } },
-    /* 37 << 231 */
-    { { 0xc5289301642f7d3cL,0x53ea584de508c45aL,0x86eb66e949337336L,
-        0xa56d59d668fbc13aL,0x44c464ffe9e51562L,0xe5280ecd8200a27fL },
-      { 0x92e2a9334cc73f23L,0xf59780325e7b858cL,0x399bd41e90d4b2efL,
-        0x4faecb8bd0ead86aL,0x6ead9c530ce48b14L,0x941b4807ef74700cL } },
-    /* 38 << 231 */
-    { { 0xea281be94d522b69L,0xb6855d45694a08bcL,0x7c47ddc7aa7f4d28L,
-        0x2028e22b6c36bba5L,0x206b63430c2dee0aL,0xfeb0b3dae68fdcd8L },
-      { 0x6dda02a44603db5cL,0xa705d0defd786a39L,0xd356f6a426aadd38L,
-        0xd34acb7d95ef6a00L,0x073ea16e14846402L,0x2cf7a82ab2df8bc5L } },
-    /* 39 << 231 */
-    { { 0x8fdcd309bffd7240L,0x6843dd76386e459bL,0x222fa67c0dee5740L,
-        0xa3801343620d7d83L,0x96dfdbffe21b4af3L,0x017bd3d3dadd04beL },
-      { 0x1b6adba2bca18337L,0x191b86f1300ed35aL,0x103a380cd73bbadaL,
-        0xc2f3172f36f95dacL,0xa01a10e220767bf4L,0xda882ca6989ad766L } },
-    /* 40 << 231 */
-    { { 0x5bbc748b9cc47708L,0x16d796054026c772L,0xefc3ce3ea053df6bL,
-        0x30ea7eab0713752fL,0x15b491b9dfd524b7L,0xa751d82010bcd34cL },
-      { 0xf30c708abbd5da72L,0xf0c55aa86d16bd51L,0x1754060ba6215d84L,
-        0x3a48d2cbb863542bL,0x992e8340261d8c45L,0x4096f65be8fd2113L } },
-    /* 41 << 231 */
-    { { 0x5532411e1045d8cfL,0x2d2f8d6b52bea60fL,0xa850b61825c556c2L,
-        0x6547892fe8965d13L,0xa7bd4527184d0cffL,0x0e7f7daec25ba558L },
-      { 0xfcfaf7b234343889L,0x9d6a23aeb82ba1d7L,0x2859023b60514faeL,
-        0x4d51aeddc82da6b7L,0x6a060dc38273cd00L,0xf2f8923d78478c29L } },
-    /* 42 << 231 */
-    { { 0x0baa35154f08b278L,0x26baf331e57297c8L,0x3fef65cc04e27c13L,
-        0x0f910ee0ca8430b6L,0xa27c5f5c2c445251L,0xc780142dccf3c637L },
-      { 0x47dc4192e0f3fbbbL,0xf4d12bd6f2a91a33L,0xc1eb18b206352685L,
-        0x111cc07f5b3db096L,0xbce0cddbcb95c815L,0x6b0bae7e14d28563L } },
-    /* 43 << 231 */
-    { { 0x40d16b7705897177L,0x4772a643953915adL,0xc6cfc1d23cabc7a9L,
-        0x0641e96df80536c3L,0x6c297cd6be4c5454L,0x509a837c9c00216aL },
-      { 0x17455153c01ce9a5L,0xee76da8a40b825e8L,0x1757a59cd23a37acL,
-        0x5adcfbd10958248aL,0x043314525d01549bL,0x831f725ab0c42176L } },
-    /* 44 << 231 */
-    { { 0x28704bdcdf7d537bL,0xbcae2c15fa88f42cL,0xab32eecd3866ac4fL,
-        0x446754a2128c4a7fL,0xc69309c1739ef781L,0x216e9f43bd160d81L },
-      { 0xe0efa3ec6fefc0aeL,0xd179225086a604f5L,0xe43e13e260418c0fL,
-        0x6f605146f100b9b7L,0x6c39828a6e994093L,0x99558f4706c019e9L } },
-    /* 45 << 231 */
-    { { 0xf541b3cd28df49eeL,0x0be75ef5cec2660fL,0xe73d18bb620c81f1L,
-        0x42e81fef3c775c53L,0xd0a9dcdcbc012ed7L,0x570f5a1b8f292a58L },
-      { 0x51f302e74c030819L,0x42e1903f50bb8a5bL,0x6d8105a98536e7d0L,
-        0x66e2fdf1c1ca766dL,0xecaf4a316c5927fdL,0x347803cf96a14565L } },
-    /* 46 << 231 */
-    { { 0x794d90ab425d3a7fL,0xcae9008d93ecbe48L,0x211e38c3bd5f11b3L,
-        0x6020ed2a6db1c1d7L,0xaa5695064437f020L,0xb2b93424235f4d6fL },
-      { 0xa84a3c1d66ab2a3eL,0x171f9325712a14e0L,0x4a43cd6744d958d0L,
-        0x53bea85ee95dc3cbL,0x1fba008769f2009dL,0xf0fbc48f31c13eb4L } },
-    /* 47 << 231 */
-    { { 0xefa3dea85fb2227aL,0x0160b031e098a97bL,0x92a554e3553377b1L,
-        0x7b58c26258ccaac8L,0x666400171c3e0a47L,0x40e45f90ae2d7d8aL },
-      { 0x660df3441ee18103L,0x5515cd66e9b64e55L,0xede93c59de059b3aL,
-        0x874a0c90ca0e7acaL,0x840188abc8b1daa0L,0x9d49a02601e148a7L } },
-    /* 48 << 231 */
-    { { 0xe93ee31ae12b4e64L,0x2ab8e378662d17f4L,0x2544bd9969516582L,
-        0x7bf80e4b2e1e5485L,0xf30f0b14729d9361L,0xb3ffb5d18268d40fL },
-      { 0x34605055ac193a63L,0x9e5ca9a9f8e04d69L,0xcbbeebc1085ecbb2L,
-        0xda03b75bf340eac4L,0x3bf9468a84436462L,0xdfa8b4c80f26f20cL } },
-    /* 49 << 231 */
-    { { 0x2e6520714aa497e2L,0x2b9358fd7ecd223cL,0x96efcbdc4f828e86L,
-        0xa0f76679d2f096c9L,0x3887bef70690b78aL,0x2e7d9cae1a01b10dL },
-      { 0x8b0cdf0e5656e5d0L,0x0a6ca92d48d3ec2cL,0xdcacbdd3b49e2ab8L,
-        0x4d087ee0d7485e87L,0x4987078292cc57a7L,0xa1776bd47bb38b8aL } },
-    /* 50 << 231 */
-    { { 0x60c113bdb711e087L,0x28694ff4e257e115L,0xf81d5e054c18d716L,
-        0xd1c04b67eb0af843L,0x16e6e46e40d8907dL,0xb73c3de91dd34d22L },
-      { 0x9d7f282519825f92L,0xdf5d33edba486ce6L,0x288fafac21c223d3L,
-        0x21c4df016d05007fL,0xccd9626b197c5badL,0x3a91743902c91b36L } },
-    /* 51 << 231 */
-    { { 0x6f950922340ebed2L,0x9e796894beddf06bL,0x5a8ea337cd9d7a07L,
-        0x1c5dee115bd182ddL,0xba87dd1ae0c79b9dL,0xb16169f3b9002931L },
-      { 0x68098da138c62518L,0xea7bf413417fdc6fL,0xa500a320b6fdf768L,
-        0x7870c71c4550c202L,0x0874fd9f6121afb2L,0x49f0fd0cab7d0b6fL } },
-    /* 52 << 231 */
-    { { 0x7af3de47f6b7fedaL,0x19b8a51ba30b2296L,0x16886446150a0af8L,
-        0xdada5aeeb2a4ecbbL,0x77105de8e8de3888L,0xc54d352c7d763f77L },
-      { 0x754984ae72ff499aL,0x3de4b2785a5a25f4L,0x5df75ece818512a4L,
-        0xd4fc8093ca7ccf3dL,0xff9bdf544a49f4fdL,0x45d23e77de0a5840L } },
-    /* 53 << 231 */
-    { { 0x8ef88682ca85a586L,0x12038785bff64885L,0x99670d8ac98cf695L,
-        0xf7dc3dca6c3d5832L,0x1e836a59fd3e64d1L,0x8dbb13addd426c1aL },
-      { 0x21867f0690f59314L,0x7adb6f707da5ce5dL,0x662422ae0da28987L,
-        0x75a1486466766a41L,0x2d42bede6c8937b6L,0x559e168dff0c474cL } },
-    /* 54 << 231 */
-    { { 0xa07fdaa25af635feL,0x01d67fb36a0c8fd9L,0xa226f8dac9eb8d8aL,
-        0x0795c27ce7fcfd0dL,0x84556c0553578294L,0x92b30a84b3e57574L },
-      { 0xc8eb6ac0ca5dc890L,0x061a0a195c8b7d8aL,0x60f3351923177c06L,
-        0x780755917d01bf6cL,0x63ec8a4421f48422L,0xddfcb2c0d804c7b0L } },
-    /* 55 << 231 */
-    { { 0xb186daffdb2e385aL,0x7589c9cd43aac848L,0x9b474a411fb053d7L,
-        0x2f79556be1ada6c8L,0x694badc54d7d9ce8L,0x31ac06a84921f546L },
-      { 0xacaf91c165666233L,0x6ea97c8ee45b62b3L,0x9c8f3fa66f0096c6L,
-        0x2db7da39ac68f8baL,0x0ad2da0f19a3d1b2L,0x08c96b0ff80d426eL } },
-    /* 56 << 231 */
-    { { 0x07d63f07257d20b5L,0x25475a304e8c62caL,0x2469d661789ac15cL,
-        0xd0d2ba1b3aae86a4L,0xc716202a4458dab6L,0xa011ca5ec4d5f90cL },
-      { 0x53ce0273ca2430c9L,0x61040ecf96da6946L,0x6847dd034247c99cL,
-        0x0c500b4519defda5L,0x263316db365796d4L,0xff9b99e7b982d89cL } },
-    /* 57 << 231 */
-    { { 0x725fc8f911591738L,0xe6c16db3f4030f65L,0x66c7622d441b6b17L,
-        0xad8e4b9c69d93786L,0x732d597473093a4dL,0xa2136d85228f103bL },
-      { 0x84f1d9397bcf76e0L,0x971a4c55e2531411L,0x9816371d15920fa7L,
-        0x5515cbc594bbc17cL,0x8b8c76e859d52722L,0x3bfe618e9a240652L } },
-    /* 58 << 231 */
-    { { 0x18981da25cd1f7c3L,0x198a91bb09b22c3eL,0x48d11aafb23d71ebL,
-        0xddaa6e071d31782aL,0xca7b812a39125babL,0xd89dcd825d963539L },
-      { 0xc7012ed9e5a89eafL,0xbcf0d4c4af0ce61fL,0x6f65a246e6a9f404L,
-        0xae6a489d51c1302bL,0xab43a2bcfc5ea651L,0xfdb73470293b1e58L } },
-    /* 59 << 231 */
-    { { 0x8e860629f5c9d835L,0xf91a0b5d04efe37dL,0xaa2acb55b1956d3dL,
-        0xe295b30fb5bb48ddL,0xdfad64a7e8275e6fL,0x1e203bb7d41beeaaL },
-      { 0x4aa2fd5836e64f60L,0xfb0b92a706e01818L,0x68e386d60d29ff89L,
-        0x617981bc1802840aL,0x6d68ccf7ceb124f5L,0x19193c483b120ddaL } },
-    /* 60 << 231 */
-    { { 0x4d02098b8b5d9d67L,0xecb580503148dc75L,0x561545107d898600L,
-        0x0213ef782d8be728L,0x4123671b1f11d90bL,0x8b9ff1b654c291beL },
-      { 0x139ba95e52db185bL,0x83be41d0997b3eb4L,0x4a950c9a41e2e288L,
-        0xdca0290c48916145L,0xf1eb9327cd073e77L,0x384ec5ddbd4f4ccbL } },
-    /* 61 << 231 */
-    { { 0x7e538f9036f4b7b0L,0xeb54e9e4ca25008eL,0x0054a07bf8af6eb2L,
-        0xd96b712f5e3f61e9L,0xf01da03e29aa496dL,0xedbbc2d7d00faf95L },
-      { 0x178c5bbd104f4dd3L,0x5cbd4783aa11b0d0L,0x4433fe6156eecea2L,
-        0xdcc01bdcada7991aL,0x89ca41ba1addfa5bL,0xad64ee097a65ee64L } },
-    /* 62 << 231 */
-    { { 0x05a8a58d7e276915L,0xee28f77bf1582bf6L,0x6f308349285bd210L,
-        0xb8b8ec47ab877186L,0x0436930e0ddb857fL,0x20a9973e5346b800L },
-      { 0x756ab9b5848dd5b9L,0x33a220cfa12370ebL,0xdbd87c391f3d0386L,
-        0x90c6879075429844L,0x5cc1a9736193f021L,0xf0b80f6543d46e24L } },
-    /* 63 << 231 */
-    { { 0x45e5f57bf79f5116L,0x14f02b229bcd30ecL,0xd989ee5426a39a1dL,
-        0x497ad3c3d5854b85L,0xb61c15e50154364fL,0x5979941f502107d5L },
-      { 0x0b99f087195934f6L,0x1f852baa605fbf71L,0x68ec80e47206f65bL,
-        0x0392af1cea5bc3c0L,0xcebe56f81cb1d6bdL,0xdc6279d90f80b6b9L } },
-    /* 64 << 231 */
-    { { 0x10c082a63fc14a85L,0x59389ebc1c0b14c4L,0x785d935b4cb291a7L,
-        0xfc2ae15313e9ce08L,0x3146fabf4df6f1c4L,0xa2a4a457c87dd24cL },
-      { 0x85fdd8771deb49bbL,0x2b7843709b055934L,0xc81d05013e7e0297L,
-        0xb56ddd1fb92df904L,0x4612df9f295ddccbL,0xc24bd4cf0e27cf1dL } },
-    /* 0 << 238 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 238 */
-    { { 0x7830460fd1944d1bL,0xc56f08e784350af2L,0x73bee2aa307d9c78L,
-        0x1b02af1b5aad8b6cL,0x5e31882703848db5L,0x4785958bf230f476L },
-      { 0x4ea6535d4f80e25dL,0x9958c9c7d23c7f72L,0x4c197b332fd33cabL,
-        0x24c7b0b1c566914fL,0x956ce3c371952d3bL,0x8735694bfabae5f2L } },
-    /* 2 << 238 */
-    { { 0xca9872e1597bd10eL,0x6725cc9a4aed951fL,0x96b17cb84e05b280L,
-        0x97987146fa234d45L,0xba78949ebb35a7d8L,0xb82e9b9f6fc59384L },
-      { 0xa303e54a70f165c7L,0xfd6bb0dcb9c2cad9L,0xe57e2de8ee722045L,
-        0xa05c106563e27035L,0xaa38e86602d2fe6fL,0x78e02fa8ee2f6aadL } },
-    /* 3 << 238 */
-    { { 0xd6256e7c62c627c2L,0x5571edfc3cbb10dfL,0xfedec45771cca8f4L,
-        0x2e26ac5f8483eed6L,0x8e8c0671173508c2L,0xfd9f25d50f39bf76L },
-      { 0x1cb080c3094cc1b1L,0xd367ca8c113e6552L,0x4ae2ca36bedb511cL,
-        0x0de0c3e34707eeb6L,0x204cc610239d3097L,0xb235dbf0adb00383L } },
-    /* 4 << 238 */
-    { { 0xc0426b775e3c647bL,0xbfcbd9398cf05348L,0x31d312e3172c0d3dL,
-        0x5f49fde6ee754737L,0x895530f06da7ee61L,0xcf281b0ae8b3a5fbL },
-      { 0xfd14973541b8a543L,0x41a625a73080dd30L,0xe2baae07653908cfL,
-        0xc3d01436ba02a278L,0xa0d0222e7b21b8f8L,0xfdc270e9d7ec1297L } },
-    /* 5 << 238 */
-    { { 0x9704cdc6a9c26f4fL,0x96808107908a6756L,0x73be47d40f1def2bL,
-        0xd32c11d619215394L,0x1a59b9541842c2f2L,0xd64a70bb52c94807L },
-      { 0x32b08c3e9dd262b3L,0x54d2cdc4440315a0L,0x671b3139425ace14L,
-        0xd418542f2c7518e4L,0xce5e1712cc1bbdaaL,0xb3268403131f98adL } },
-    /* 6 << 238 */
-    { { 0xce4b39874e39e87dL,0x8e60a901966f4603L,0x1b95e4fd73c4a679L,
-        0xae87f845b004310eL,0xcd50aedf815684c5L,0xa56805d343c77e38L },
-      { 0x9a429abcf0588403L,0x77dd1a02009e699dL,0x27ad38fb52a417d6L,
-        0x62591579fd8f6d00L,0xccb12126ea58f822L,0x3a009e76760a3ccfL } },
-    /* 7 << 238 */
-    { { 0x17688d3410023b42L,0x9bc8bd6f7cfadb6eL,0xe4cdf89f460aa255L,
-        0xf709740a99eb21f8L,0x1ea8115cbd460bacL,0xbf7bafe8ac7e6629L },
-      { 0xf8dc02bb096de741L,0x982f7becd2f6a583L,0xd971589a0f92bfeaL,
-        0x662793afc02acbaaL,0x1b0f7d5eb771574eL,0xd9f71c4c66985cdaL } },
-    /* 8 << 238 */
-    { { 0x4f120aa7e2a07891L,0x9158bab3a25d3225L,0xc96bac5ecfe5f7a8L,
-        0xd4e73d59bbf3cec6L,0xed8d233560361cd5L,0x9b1a252c562f444cL },
-      { 0xbd37d3cfc70f23c2L,0xf13b3b6ea52ea19eL,0x7e35535a3d2f41edL,
-        0x0353b52ee8b1743eL,0x31d89dfd7b5a2765L,0x2b7ac6848d9ea8b8L } },
-    /* 9 << 238 */
-    { { 0x3613afb361bd36b3L,0x85171aef3e0339eaL,0xdaf0c280c833abe6L,
-        0xde566372e4500f09L,0x487dbef84a5bda73L,0x5cc00564e6e3f324L },
-      { 0xbdf148cfb96abd01L,0xf8dbeda5ba9306ffL,0x05774d1a5ac0b828L,
-        0x73ddc3248cf4a56dL,0xabc5af5232dc6125L,0x15ad6d2573294d7bL } },
-    /* 10 << 238 */
-    { { 0x7b5bbe51bd6086deL,0x7fbc95303816cee6L,0x60ac14fab3354bf6L,
-        0x2b2abe43c9a6e793L,0x6ffae7342e19664bL,0x1d0e38b90064bd95L },
-      { 0xc1303ba3fa9f23beL,0x6d5f4ea5d8f0a46cL,0xf8f472517a270649L,
-        0x126c13ae723a5a0dL,0xe4d0a19e5e21273eL,0x18076170e83abb8cL } },
-    /* 11 << 238 */
-    { { 0xc21dc6946b771809L,0x2501f25600f85b8aL,0xb3a21dc347382df8L,
-        0x25ede3c239dee18dL,0x39709b9db29b770cL,0x6eb314d510fa9c5aL },
-      { 0x79140b1f508f5e59L,0xcce9f7cedeff2816L,0xa153c050400bc8a1L,
-        0x052e03c4ff2c127fL,0xf8ffff1f841a03adL,0xc0c2626345896fb5L } },
-    /* 12 << 238 */
-    { { 0x06a67bd29f101e64L,0xcb6e0ac7e1733a4aL,0xee0b5d5197bc62d2L,
-        0x52b1703924c51874L,0xfed1f42382a1a0d5L,0x55d90569db6270acL },
-      { 0x36be4a9c5d73d533L,0xbe9266d6976ed4d5L,0xc17436d3b8f8074bL,
-        0x3bb4d399718545c6L,0x8e1ea3555c757d21L,0xf7edbc978c474366L } },
-    /* 13 << 238 */
-    { { 0x905ad4bf3023ec1eL,0x8cc101ca16081c1eL,0xe0d47ec79cb74127L,
-        0x1be5f86725da2dd4L,0xcba2ee4507ebac2eL,0xcee26667e22d87d1L },
-      { 0xfc339af1c7c409ecL,0x112af9b47b7ef32fL,0xcc3e07898b821999L,
-        0x4234433c222b3478L,0x55bcc87ddbce50c0L,0xcb6141cd7816f642L } },
-    /* 14 << 238 */
-    { { 0x8ae24e6b67f38eecL,0x61adae20ea14bc0dL,0x32737584c480c3fcL,
-        0x44f61b79812ee744L,0xc8f607d5fe06d5d2L,0xfeaeb2bcea45267eL },
-      { 0xe004522bb92c909eL,0x5171fe360ab3e854L,0x659936fe63ebc481L,
-        0xdde6dbbff76649d4L,0xb38c160fe2295d0eL,0xba608b7e1e8f5c1bL } },
-    /* 15 << 238 */
-    { { 0x55616c4c86c2cb9cL,0xcfa8b484173526faL,0x096a09d90039a4c9L,
-        0x6ccb4964f300a73bL,0x42dd78ac66819855L,0xa7c532c10941599cL },
-      { 0xd15905f0b630220bL,0x9f4893ca5637e103L,0x768c09bf8a2115abL,
-        0x5091f4399c52755bL,0x4ad1c0f6d38e7c50L,0xf6e6b2d054eb4439L } },
-    /* 16 << 238 */
-    { { 0x73457010c46db855L,0xccb68c43dd579fb8L,0x705b0e8c9c25fe5bL,
-        0x40f36ea182dd0485L,0x3d55bc8527ac2805L,0x15177c6fad921b92L },
-      { 0x51586cd55ab18cabL,0xf51b5296cbb4488cL,0xbb4e605e84f0abcaL,
-        0x354ef8e3772dd0daL,0x7f1a8f795e4e1d41L,0x93461f09de5d8491L } },
-    /* 17 << 238 */
-    { { 0xe186b0b09cd7d54aL,0x0451cb0dd4303760L,0x90a8b0f84b38f082L,
-        0x2357f03700b04fffL,0x8a4669f86d81dbd3L,0x2a5cb6f6bd94842aL },
-      { 0xa13d19c4c498a572L,0xb7b8fe10cd937a76L,0xf8df355ed9842244L,
-        0x64fc9d62b077c8feL,0xd4b2c3cce9dd337eL,0x7c63799ad3784edaL } },
-    /* 18 << 238 */
-    { { 0x39fe6673a780fd38L,0x8bc8d026a4b4cfa8L,0xcc339850801c44bcL,
-        0xb5d80c4bc2dca07dL,0x745ffb5d91f1408bL,0xb55588f89017d1e7L },
-      { 0xafef3cf1c3d76a1eL,0xe3a6e8058e1367ebL,0xd09ea1e2a642d2bbL,
-        0xf303c613216e63e5L,0xe699e51cc98908e6L,0x835d4cefafeac3c2L } },
-    /* 19 << 238 */
-    { { 0xd1cbe55ee5000eceL,0xc1a074b01ff0f474L,0xc6681f48d7ffb89bL,
-        0x7c68011d48d0bb4dL,0xf305627bdcef5e07L,0x0f0e0c36323ee3fbL },
-      { 0xc5c6b61355f5f185L,0x6e4de5af52d6cc84L,0xa64ea548889fe8bfL,
-        0xc4c5e4104d28350eL,0xef944a8f7dd3072dL,0x7ed579fa13356185L } },
-    /* 20 << 238 */
-    { { 0xec72c6506ea83242L,0xf7de7be51b2d237fL,0x3c5e22001819efb0L,
-        0xdf5ab6d68cdde870L,0x75a44e9d92a87aeeL,0xbddc46f4bcf77f19L },
-      { 0x8191efbd669b674dL,0x52884df9ed71768fL,0xe62be58265cf242cL,
-        0xae99a3b180b1d17bL,0x48cbb44692de59a9L,0xd3c226cf2dcb3ce2L } },
-    /* 21 << 238 */
-    { { 0xe646281876ba99afL,0x1d53bd27818b5992L,0xc55e135d67e1d81bL,
-        0x32b9e37023e211feL,0x91ea63dc130b1176L,0xd7e1cc51a34fbb3cL },
-      { 0x5363fd962fee934dL,0xd19c50ba0b8fd289L,0x21257825a11c27b6L,
-        0x19159a966792c1ccL,0x0ccc3cac39a08fbaL,0x841cb58a45512d8eL } },
-    /* 22 << 238 */
-    { { 0xae8532c3224ab492L,0x8bc92c85f6acd0ddL,0xc071ba92b796d21dL,
-        0x1290162943797a3bL,0x8f4c5fb5ec950329L,0xfab6f950cf0578e3L },
-      { 0xb7b8d211bb6aa75cL,0xb06279dc3d1147f9L,0x060db1a7591820cdL,
-        0x0e691a412830f356L,0xac00664224b8bc33L,0x579f9c052f17441eL } },
-    /* 23 << 238 */
-    { { 0xd8b9dcd50c4cb7edL,0x2f59d64c7619cdf4L,0x7e83d18e284bc6f9L,
-        0x49af25123e415166L,0x90388976ccd64d11L,0x4708fffdfe2580b6L },
-      { 0x7a8d25ff17dd4d8bL,0xba7785fefd71355bL,0x7cceb111b9789cc6L,
-        0xa8fd782ee98d6b78L,0x8d1b7fb66135d4a2L,0x78c2267d35e382beL } },
-    /* 24 << 238 */
-    { { 0xf38995589311182cL,0x1bee4c4bb657a7b7L,0x0b1c4fd32df8d1a7L,
-        0xf16bcc2376d3fbbfL,0xd5888916f4fd52bcL,0x3de6cfb4d5cde1f0L },
-      { 0x764ffffdd4a07dfdL,0x5e674426e2642182L,0x34f64762ccd57b85L,
-        0x2233a4c329351062L,0xdf076095d9c642f3L,0xac917a2c59f0df34L } },
-    /* 25 << 238 */
-    { { 0xe588d5a8cf2f7d4dL,0xb45923ee86798c14L,0xffefd323f0623572L,
-        0x24dd7019005f605aL,0xb9e833053a6edaecL,0x039ed04949923a44L },
-      { 0x0f83a74360789fd2L,0xb4f91a8e9b001515L,0x37b856664261ad9eL,
-        0xc291caa68b92b7afL,0xfa0f8a5e67ba28e0L,0x362a6808c5eefb98L } },
-    /* 26 << 238 */
-    { { 0x8aee939cc64e4ab3L,0x3baac0a844621bb2L,0x9094a09629da9bc3L,
-        0xa92dc70806d2314fL,0x45c1cd0e34235918L,0x51aeb007c34021a4L },
-      { 0x58267735a3492237L,0xe8d494bd375eb21bL,0x664dacf5a395bf8bL,
-        0x2ef1feb612cec40eL,0x90c5f43fa7141e5bL,0x93e80dd03855169fL } },
-    /* 27 << 238 */
-    { { 0x2e550006211b2fb3L,0x8c82e59d6cab73baL,0x011bb2fb2bd326b9L,
-        0xfbd519ff1e0efd69L,0x0fb2f266320cec7fL,0x879e28c03518fac3L },
-      { 0xd0887775e01294eaL,0xf6e60efd1df5bb0aL,0xb2a5d3a404d04a96L,
-        0x915eaa29a4f3500fL,0xcb6c03f70db6bde4L,0xfee081a405f30cc1L } },
-    /* 28 << 238 */
-    { { 0x9580cdfb9fd94ec4L,0xed273a6c28631ad9L,0x5d3d5f77c327f3e7L,
-        0x05d5339c35353c5fL,0xc56fb5fe5c258eb1L,0xeff8425eedce1f79L },
-      { 0xab7aa141cf83cf9cL,0xbd2a690a207d6d4fL,0xe1241491458d9e52L,
-        0xdd2448ccaa7f0f31L,0xec58d3c7f0fda7abL,0x7b6e122dc91bba4dL } },
-    /* 29 << 238 */
-    { { 0x24e2801364ca563dL,0x6f06fde270f8f91eL,0x9abcca1bd2a65c0fL,
-        0xc5728ffca5aa1e40L,0x654f0f56eb9d3e45L,0xe04ada2394161a0cL },
-      { 0x001b25626ddbc960L,0x253b447aef93504dL,0x895ce21e2d6dc894L,
-        0xefb987381c1b63deL,0x6adb6eecde8b806aL,0x9ea3884e0240e7bfL } },
-    /* 30 << 238 */
-    { { 0xe8387f68411ad563L,0x98a962eacc5f157bL,0x8093a8d296090321L,
-        0x240a73083790052dL,0x6cb4a7382e7dcedfL,0xda65bf8481a60e8cL },
-      { 0x420ce478c66c70aaL,0x0e7959ec42da3021L,0x44bc9d3c7e35aa20L,
-        0x36e49d764e9df39bL,0x7281073a9b286287L,0xd9a068422524b62dL } },
-    /* 31 << 238 */
-    { { 0x00d6e0312546247eL,0xcc2851020fdaebdaL,0xb8a453f15601006fL,
-        0x0afaa3f138be7068L,0xc87acb442c6cd9f1L,0x10dd5d031ffd5fbcL },
-      { 0xbae0b62fddacbbd0L,0x1daadc18446bf2e2L,0xaeaf15317ef0facdL,
-        0xe7b92b76c941808fL,0xda59af2ae6d0dffeL,0x1c09b783e612b888L } },
-    /* 32 << 238 */
-    { { 0x3bd258d8775f516fL,0x4bedebd5c715927fL,0x5b432512e3f966a0L,
-        0x338bfca7709d0c2dL,0xd142cc1049658259L,0xfabc6138636b8023L },
-      { 0xa9ef94014d4ef14dL,0xd5917ac1c54c570cL,0xfd2f63c55cb64487L,
-        0xbae949b11cea475bL,0xa45446031e67a25fL,0xa547abc1dc6a7a6aL } },
-    /* 33 << 238 */
-    { { 0x6c7b4cf344b880b0L,0x29da87760a388eaeL,0xf434d173fe9617c9L,
-        0xaf67cc2ea47abf28L,0xe211ad37249d0eb4L,0x88d156e538bce76fL },
-      { 0x60320c6dd58fa585L,0x7b352c39ebf09a7bL,0x9305dae8a31ce734L,
-        0x70c35be89361cc3bL,0x6b8b71f8bcd14255L,0xd1b7963572a457a7L } },
-    /* 34 << 238 */
-    { { 0xd8d04787ef8849e1L,0x58adf044148375e5L,0x5b613ac476623232L,
-        0xbd274d2f95d7e359L,0xd97acbd271576bb6L,0xd20bb2c34c7fc4b7L },
-      { 0xe15465315f837664L,0xddac59b5fb4ce79aL,0x33fef5214fb36e08L,
-        0x0467811045108b22L,0x0de6c7766dbe57bfL,0x456d765a25fea77bL } },
-    /* 35 << 238 */
-    { { 0x4d9838a32922b715L,0x3cd9fc0a6a7bb3a7L,0xb1bf28fc2247e916L,
-        0x92dd22006f206a16L,0x8ea87d67b51256caL,0x2c535730b5a4bf17L },
-      { 0x34da42505f584954L,0x72326fb8fefca748L,0x40fd9d09da2844a2L,
-        0xaadaf71c412da037L,0xa62329a9aa6f884aL,0x1b6165e6726a8f8cL } },
-    /* 36 << 238 */
-    { { 0x2a2dedafb1b48156L,0xa0a2c63abb93db87L,0xc655907808acd99eL,
-        0x03ea42affe4ac331L,0x43d2c14aeb180ed6L,0xc2f293ddb1156a1aL },
-      { 0x1fafabf5a9d81249L,0x39addead9a8eee87L,0x21e206f2119e2e92L,
-        0xbc5dcc2ed74dceb6L,0x86647fa30a73a358L,0xead8bea42f53f642L } },
-    /* 37 << 238 */
-    { { 0x39de72e225e62213L,0xd885c406a03a58adL,0xa63964b527e76458L,
-        0x93f83239637c0becL,0x8c9e29b4ba556e65L,0x7d746448a6183182L },
-      { 0x6dee01aa09a8eb37L,0x97289f2e757ffa96L,0x367ec50fb4785102L,
-        0x200f77cdb3d07cd8L,0xadc7c000a581946eL,0xa2dba5e52c0b32aeL } },
-    /* 38 << 238 */
-    { { 0x95a5a7f0b203f75fL,0x9b574cfcb5df11f0L,0xbf5fe3f2dba4b4e6L,
-        0x347a7bd7d0987125L,0x858dea6b09377a2aL,0x87cb1e66eea85d5fL },
-      { 0xe7619b666146a0c6L,0x0012585a8a0bc101L,0x738e6589ea0ce92aL,
-        0xf23547979a39b3f0L,0x666f3f5d6dc81167L,0xe569cc82fb06b0b3L } },
-    /* 39 << 238 */
-    { { 0xef0e64399c7677d5L,0x052bf027efc398c2L,0xa5d253cc515e4198L,
-        0x7b915f07a71ce047L,0x56880ea2e177dbf6L,0x735dc74f0b5741d9L },
-      { 0xa108632f0161a0acL,0x0c68765705e7e09eL,0x694e651e211709e0L,
-        0x334e15e51d879a41L,0x6191d34260c2a603L,0x3a8ce0e6224234d7L } },
-    /* 40 << 238 */
-    { { 0x158d814db12c4bb1L,0xe52f75d22f0cf4faL,0xf106023e6141b59cL,
-        0x5eb8b8ebbeb9d941L,0x1dd3972990cf579cL,0xb273252e69ee6efaL },
-      { 0xe43a3c593e9947a0L,0xd605124f6c19dd01L,0x8090fdbd05c578b0L,
-        0x8e6c535a622ff18cL,0x3600b0c257d12071L,0x6d026e5c78d001d7L } },
-    /* 41 << 238 */
-    { { 0x6e515f3608e33ad5L,0x3e320c5283512d9bL,0x171ab26a5ca1c452L,
-        0xfb3061e874c97139L,0x7944644c9cacf3aaL,0xedc724f03687cfceL },
-      { 0x7252d7590db9b5beL,0x625f17ed0eeaf1d4L,0x6b0b4e5e82e3c58bL,
-        0xf03d7bcef0f2ecc3L,0x4cbaa878139a7580L,0x982e471672203e07L } },
-    /* 42 << 238 */
-    { { 0xa533f574e335d60dL,0x102b66fb2aa6855fL,0x7a57420c49946287L,
-        0xe3bb702286f393c2L,0x1892642d04a41c49L,0x2c47ba38d44969feL },
-      { 0x9068650444388ef1L,0xd94f6f131eaf6b54L,0xf81d8782f0b872e8L,
-        0x7ced5924d013f6eaL,0x76ef63d307cd721cL,0x888646b36cba783fL } },
-    /* 43 << 238 */
-    { { 0xd2c858157ec1660cL,0x6c8988a3ee73763cL,0xd6cc562d5e80aaeaL,
-        0x48f399d975768c58L,0x3189bf68af50c1c3L,0xa3f8d2df27dc372fL },
-      { 0x99d6b416b8c7c529L,0x531707944406b1e6L,0xafb57933e3ac044fL,
-        0x530ad3bab2548505L,0x791a290a977590caL,0xb0d07228646fd1fbL } },
-    /* 44 << 238 */
-    { { 0x636225f591c09091L,0xccf5070a71bdcfdfL,0x0ef8d625b9668ee2L,
-        0x57bdf6cdb5e04e4fL,0xfc6ab0a67c75ea43L,0xeb6b8afbf7fd6ef3L },
-      { 0x5b2aeef02a3df404L,0x31fd3b48b9823197L,0x56226db683a7eb23L,
-        0x3772c21e5bb1ed2fL,0x3e833624cd1aba6aL,0xbae58ffaac672dadL } },
-    /* 45 << 238 */
-    { { 0x86d2f71530cf85afL,0x8e1b053cf7e634e0L,0xe79592f43a4e466dL,
-        0x26752e8506985331L,0xfd098e83dff73363L,0xaa158e2c505ffbc0L },
-      { 0xe45fa1cba0fe759cL,0x6e2f5989bc0d1491L,0x4a804eacae7210a9L,
-        0x0e252f758a63f67bL,0x0d7600cf362a7df7L,0x795069bf6d5b2b18L } },
-    /* 46 << 238 */
-    { { 0x25f9f0fc0649613bL,0x109521f05d3005d9L,0xcce1c5b41feba4c2L,
-        0x6a27cfafacda6021L,0x37ff83303ab6382eL,0x53c7ccb715ca79f3L },
-      { 0xdffa6c9633611dd4L,0x7555cfd4352d3916L,0x2354bec62cbd44f7L,
-        0xaf0044c54b0b500cL,0xe4835df7ce9aade1L,0x14e57f6bcb218644L } },
-    /* 47 << 238 */
-    { { 0xb5e26899b1c22bd8L,0xde12b0b51aaf3460L,0xc269595c31ee049fL,
-        0x8c7513c88a73ed74L,0x8273018450cd009eL,0xb2cd2dec4d130b5fL },
-      { 0x1a9015521971a189L,0x6ce23544c6f39bc3L,0xd76133aa9467badeL,
-        0xf91173cc071ee7a4L,0xe54d8f44b8267c73L,0x5725e0676dc9aee6L } },
-    /* 48 << 238 */
-    { { 0x00e0a003daff1807L,0xcb9d155992c94fd0L,0x3c2b5c3dcebbf905L,
-        0x9c799ec7d338afa9L,0x60b9908c4e2cfcccL,0x4bfe1a57ae3c6f92L },
-      { 0x480d310efb116150L,0xa1ed6c31e3e7888eL,0x841a11d9720b5196L,
-        0xcc337d178adff37dL,0x08c668265faa86c5L,0x945c90d49dfcc7adL } },
-    /* 49 << 238 */
-    { { 0x0fcc0854f2b3622fL,0x3a9e218ab6833f04L,0x209125d4ee8fc062L,
-        0x98b2c628a3c3bf2eL,0x7e051fda83ca6a6eL,0x81afd3933d87981cL },
-      { 0x8f3beaff4baf556eL,0x0f1b27fdcc7e66c7L,0xbf0b08f59f4a4461L,
-        0x8eb739fa141985e5L,0xdb5b46112da43947L,0x63bf81cbe5cabfddL } },
-    /* 50 << 238 */
-    { { 0x355e40d398ff85afL,0x19f2f3c2b08f836bL,0x0a62d254737cb5f7L,
-        0x5d0ef7d9f8c50d82L,0x773a399ebbd70eb7L,0xac357974a70bea8bL },
-      { 0x1de5a45cb3b5d794L,0x67c58b52a48b55b7L,0x724f56f4b02ebc8bL,
-        0x03dc71e3154ad508L,0x9bcd3939cc84428aL,0x7fdba978158c4a0eL } },
-    /* 51 << 238 */
-    { { 0xac08e06e65b93d44L,0x2397625a5358c691L,0xfbc9285a8516e31aL,
-        0x38ce0d3544ffe25eL,0x13381dd16414072bL,0xf782fddc170ecb4eL },
-      { 0x78c71a716f815259L,0xb725870573659a85L,0xd37678008712d968L,
-        0x153d8aee3eda5006L,0xda4fd94818f1439eL,0x6384135352dbfdf8L } },
-    /* 52 << 238 */
-    { { 0xce92224d31ba1705L,0x022c6ed2f0197f63L,0x21f18d99a4dc1113L,
-        0x5cd04de803616bf1L,0x6f9006799ff12e08L,0xf59a331548e61ddfL },
-      { 0x9474d42cb51bd024L,0x11a0a4139051e49dL,0x79c92705dce70edbL,
-        0x113ce27834198426L,0x8978396fea8616d2L,0x9a2a14d0ea894c36L } },
-    /* 53 << 238 */
-    { { 0x06d57f2920514206L,0x61394b863a2cc1ebL,0x0ffdf49a86c7b2c1L,
-        0x65334e9349f58f13L,0x180b10b8c08dfb05L,0xec352adef6c95b7aL },
-      { 0xf9801dc0c4bde0faL,0x428c77f0dabf0c66L,0x2a7d1bb0c2eb80d4L,
-        0x81774172fdb56fabL,0x7507481f1d965515L,0xee0693bb8ebfadebL } },
-    /* 54 << 238 */
-    { { 0xf4589418ac56a031L,0x21f3dec6f2718a10L,0x0ed08d9690f28b6fL,
-        0x2624bd7a35c3a6a3L,0x1b3f02e8bba795f2L,0xe629b5aa3977fd17L },
-      { 0x66c8cd7691e8df1aL,0xf36c4e2c1b2b5542L,0x7f6b742f7dff66a7L,
-        0x00bc68b8242e0fc2L,0xdff5c73360119d9bL,0xe726260fb5c4dddfL } },
-    /* 55 << 238 */
-    { { 0x0242fa358eeaa549L,0x2d081bcf8abc93c6L,0xaa31813c55551d40L,
-        0x1cf21c1271db3aecL,0x5a6dede7203880d9L,0x389c63cabe4aaa9aL },
-      { 0xff4db7d4bf28086fL,0xd89c039b33146844L,0xc2b32bf06df6f790L,
-        0x7f4e836b9f22fecaL,0x3f64d0fa0af51572L,0x681a1f5bc67aa565L } },
-    /* 56 << 238 */
-    { { 0x9f9ac9608e2941a6L,0x43e7ff902fc4fe1eL,0x5ec413596033e041L,
-        0x5ce791c46f6ff0f3L,0x8d134b899d907343L,0x7bd15c7786304df2L },
-      { 0x2cd2ebc777c4a913L,0xcd86a39d45f07153L,0xe7e12d2e88bc423bL,
-        0x478e814b0b3163f4L,0x78bd9c8abe8ec766L,0x6a5763e87709ce48L } },
-    /* 57 << 238 */
-    { { 0xb503ac624329d7f4L,0x3a900374488e3ce4L,0x8a11addab0d8dc97L,
-        0xbea3ea2c0873bdf8L,0x0f57130115bc7adeL,0xbc98d2070b2b69a0L },
-      { 0xaefc4047639d182dL,0x0e6db26feb3c44eeL,0xaf0f8b392a68a48dL,
-        0xde65a6b36bf1e593L,0xe48f8fc989dbd38aL,0xad18a43bd8d285b3L } },
-    /* 58 << 238 */
-    { { 0x249d86007e9d48c8L,0xec6109ba109a54bbL,0x64f688af5ac65ad4L,
-        0xb12c85b4be1796baL,0xcc258d31c9940da0L,0x59590853ff2f151bL },
-      { 0x9e9edc4d401c5d1dL,0xdd9ad117f230b458L,0xc2c752ac962334b6L,
-        0x3fab66ce27327e6cL,0xa363d3643816a47eL,0xa6fc57bec180bbdeL } },
-    /* 59 << 238 */
-    { { 0xd72dd5893ff345d5L,0xf87c17ae41e1d287L,0xadadbf525964d55fL,
-        0xecc7f27af8b07db1L,0xa2dacfce6f2aa320L,0xc7936da72aa3f228L },
-      { 0x2e9e6058fa504b87L,0xf2df43279d0f0634L,0x90d5ee22a4b768c5L,
-        0x1ea9bf0b5b46ea84L,0x792370f45cc41770L,0xfd17823176c1a3f5L } },
-    /* 60 << 238 */
-    { { 0x4f1e1254604f6e4aL,0x4513b0880187d585L,0x9022f25719e0f482L,
-        0x51fb2a80e2239dbfL,0x49940d9e998ed9d5L,0x0583d2416c932c5dL },
-      { 0x1188cec8f25b73f7L,0xa28788cb3b3d06cdL,0xdea194eca083db5aL,
-        0xd93a4f7e22df4272L,0x8d84e4bf6a009c49L,0x893d8dd93e3e4a9eL } },
-    /* 61 << 238 */
-    { { 0x4c124a904190257aL,0x09002f52347e517bL,0x2e9b69a1e5760993L,
-        0xbaa49e53e26672bcL,0x9468fc3bf7820190L,0x637bccfe1f955328L },
-      { 0x16fd33f26e0aa088L,0x9391550757b2b2adL,0x85e98842e9a0ace2L,
-        0x8e2bd52b4fa787afL,0x8a86bd85644aeeacL,0x63490956c2814734L } },
-    /* 62 << 238 */
-    { { 0x5e902fb3063b3517L,0x0cd006cae5a65212L,0x597bd7804591c4bcL,
-        0xd853d81be17c1d3dL,0xbc4bf68156e5d24fL,0xbc801615d26b5ce5L },
-      { 0x1ffa5cd5caeecbe7L,0x16ec32a4b0203156L,0xaaad43269a857672L,
-        0x0606ebf9189c6f6dL,0xb90730bd57e476f2L,0xed8d82b1d492fb05L } },
-    /* 63 << 238 */
-    { { 0x69a2a9b6ff824814L,0xe7b716e7c35c5da3L,0xb6781a5e9a5fde1aL,
-        0x08bf695dc072e1b5L,0xaadf71462590a817L,0x490297f9c755c83aL },
-      { 0xbd9fad6191c29990L,0x87b3abc226b6cb9dL,0x6975d59865fd0b64L,
-        0x0fdc5267f4257158L,0x9f3e10585877bbdeL,0xb7f4cfb04297a2d1L } },
-    /* 64 << 238 */
-    { { 0xd699ea2d8d095606L,0x3cd080c51e0ddd3aL,0x46604bad66a8b35bL,
-        0x0c779b624233fccbL,0x578458acbfd3cf0cL,0x6820f66596bf57afL },
-      { 0xa9724245bf1f302cL,0xbbde24da277a6c3eL,0x0980a5b8c6be8c14L,
-        0x6230e3ec774d62c4L,0xda1467d84fbde24bL,0xd9d68d07cc862204L } },
-    /* 0 << 245 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 245 */
-    { { 0x67c516347378f90dL,0xbc201a7966647082L,0x77fcc8dc9ee450cfL,
-        0x8dd2b318b41a3e2fL,0xdf6a935e93bf0689L,0x75edabf3a92e5464L },
-      { 0x49afcd9f604d208aL,0x372f0ea7d465ca48L,0xcdbd8ad2c7ea7810L,
-        0xfe61571e550822b2L,0x744a4f9386606adcL,0x6beb3c9cd9d4e110L } },
-    /* 2 << 245 */
-    { { 0x1fef389ce700b9f2L,0x63029466425bc8abL,0xbd770a1437f04a33L,
-        0xc7438e29d0169369L,0x6b265742e2377cc3L,0xdf24bf96c369fa4fL },
-      { 0xdfdbcf470ad94e08L,0xd101b8617f75a7dcL,0x5574a0b82a9c483cL,
-        0x0563fe942de43228L,0x58ca0e8aead1fabeL,0xdc3d9a8466023966L } },
-    /* 3 << 245 */
-    { { 0x383bda07c3fd20e5L,0x9619b1df5c29449bL,0x6f3c717d369f39bfL,
-        0x1bb593d11a5a3900L,0xd0f07ecc2aec6c2bL,0x9d72eb2a4240b202L },
-      { 0x35342f6cc50e4a0cL,0x701b46626b93bf61L,0xfcd6eb09ccb6a888L,
-        0xabb7a6f785aa42c5L,0x952f8824aa4e5895L,0x49860db85c406582L } },
-    /* 4 << 245 */
-    { { 0x3667a7203955812bL,0x0d73483b284d1dacL,0xe084535efc62f791L,
-        0x5bc1652b389faf7fL,0x40cf51683a71b7f6L,0x8a4b19fad4f39703L },
-      { 0x823e754a2a8eff13L,0xf01b2021bffa5afcL,0x5639ee027225b319L,
-        0x7533bc86fc282f16L,0x710009d2c69f61aeL,0xe30c499dbf65e803L } },
-    /* 5 << 245 */
-    { { 0x0da7ac1b734b4ec3L,0xf47fc1d012a2afbeL,0xbbbc99be87dce4a2L,
-        0xf7264b4edd5c6378L,0xe9409305f618ffdcL,0xafadda9bd1846ac1L },
-      { 0xe734f9d0a21850d4L,0x199cb44f8722a316L,0xcfe8704b38cae89fL,
-        0x2db1e56b6b151b57L,0x116ca5cf69ce7b2cL,0xe9b8625f57de97c8L } },
-    /* 6 << 245 */
-    { { 0x18811bd5af247c49L,0xbc180793e124dbdaL,0xed978d3a21234fc4L,
-        0x516dd9a70616ae15L,0x8f80677774e430b8L,0x9094256906e8fc49L },
-      { 0x4ca03fb5a4e61235L,0xb91de709b617f361L,0x0898d82d0ed08bc3L,
-        0x2bd712368cb08146L,0x45b92d45e213176dL,0x05894791f2bf5b9cL } },
-    /* 7 << 245 */
-    { { 0x0d79cb892695ea2bL,0x2cb0f8dfc88e538aL,0xc1b8dc3da80f36feL,
-        0xd756fa6684f00cc2L,0xa6f1cdec9cb9efb2L,0x5c3f15a8a6a21818L },
-      { 0x9a7ee3516995d09fL,0x88885463d70434bfL,0x18cecc6d4f7d5d33L,
-        0x3f0138866b353bd1L,0x53bf798b0d9ad368L,0xeffd465a28dbc3eeL } },
-    /* 8 << 245 */
-    { { 0xeb29e44cb5d98ac1L,0xe47e57f80e227a4fL,0xd09c04943d2bf688L,
-        0x3ab7799a47428dd2L,0xdc558d6be9aafac8L,0xc042c4cd87f9f6e0L },
-      { 0x93842bcd89fb4693L,0x62dbc82f7068fbf7L,0x164552687e6d47b5L,
-        0xab304b7a4c37eeeeL,0xdbb3d4e13fc412ceL,0x4f65dad0a726a2c8L } },
-    /* 9 << 245 */
-    { { 0xb25e01b2605cdaeeL,0x74abec55bc57969dL,0x9c57bfabcdd9d41aL,
-        0xa3330e3f4a9e32a3L,0x5929a0d8e5792fd8L,0x830b4ea271ea2cdeL },
-      { 0x80065ac1fd06d246L,0xa2b416e632e64a25L,0x3950bde7c0c927a9L,
-        0x9951f3bd679d9b8cL,0xc235a274651b6855L,0xbfe5e08e5ad97bc1L } },
-    /* 10 << 245 */
-    { { 0x4409a5b6744ae145L,0x5e83fa0b7f620908L,0xfc489bec2e140aa0L,
-        0x5805a462e3cae337L,0xe56e9ff7c2211c21L,0xb722f2b40c955362L },
-      { 0xb098a32f41371f33L,0xe6cceceabb4923d6L,0x1cfbe2b3d82a311cL,
-        0xcf9428936b98f917L,0xd60dc62492ef848cL,0x34af446e5adb5228L } },
-    /* 11 << 245 */
-    { { 0x0eb7e743796ce1caL,0x138653e5d851377cL,0x69c7c86f2b11c8e0L,
-        0x878ec1decdf2b205L,0x03e6688aae0e8562L,0x20810666935a36a8L },
-      { 0xc8ab7c7f26635c50L,0xe75cdb06744a21dbL,0x4e26f32fd720e198L,
-        0xa1c6395ad8cded81L,0xb75dc6ea6ce4fc04L,0x71750b33004623b5L } },
-    /* 12 << 245 */
-    { { 0xbdef84077e60c447L,0x88570f712a65accaL,0xef3d4a400bb6aa79L,
-        0x5c9d189060212976L,0x80179ea21d96c43cL,0x3f002e6d53d2948eL },
-      { 0x14b2cc9149d78183L,0x7a549c71b496c279L,0xf4beac3f44995f6dL,
-        0x5a34239800bc78feL,0xa874dc1b60e42da0L,0x3a984010cf5824d5L } },
-    /* 13 << 245 */
-    { { 0xe514ee06dfb9760cL,0xb8862d7577b8951fL,0x0144676ef8ee1141L,
-        0x49561a3002eb3e82L,0xb3541c154ff9f897L,0x1670edf0a7a99791L },
-      { 0xd41d603564aea7f9L,0xf66ffd092b3463b4L,0x0784e015c3b26fb6L,
-        0x88edce33ec46f8c8L,0x1b1e25a3b6381011L,0xbfaadc03ff95ab97L } },
-    /* 14 << 245 */
-    { { 0x727a59fe0c7be4e1L,0x75a7d5e3f58ced15L,0x146fc0d990f569e7L,
-        0x94dbccd2b7f1dc54L,0x0df1ef90b75bf232L,0x2943a082a2568190L },
-      { 0x75f2f80d67837b06L,0x07e3506f24b44b6eL,0x7c30829ad0d2231bL,
-        0x9ce577ca93277abfL,0xa19d1868b17549ecL,0x0ad6ff5525e8c4d7L } },
-    /* 15 << 245 */
-    { { 0x16b38dfe1c24d075L,0x3acd4c36992959f6L,0xdaf2fe88ac2da7abL,
-        0x76e8ff0e89644935L,0xb8547c26e85f7076L,0x9f149faa1cdea7ceL },
-      { 0x181a60729e125d84L,0xc4aef9fa18751ce6L,0x451c84660e00f00aL,
-        0x662b3e7ac4e3e6b8L,0x57b7114ec6b64507L,0x07aeb1980b37fb70L } },
-    /* 16 << 245 */
-    { { 0x79d88e004516234aL,0x98dd3cb931f9cedaL,0xb528000fce7d606eL,
-        0xc773557e2fa27fd3L,0x55b53dd3e19436afL,0x675084b3e10b64c7L },
-      { 0xe583266556d56374L,0xf8f7fd2a307e2e60L,0x7b93bf537af3e3dcL,
-        0x94fafa2cf47d298cL,0x94c2ff9a21121369L,0xa41de95f33468ff6L } },
-    /* 17 << 245 */
-    { { 0xebbafd4720f25aa7L,0xe2becad71ac444bfL,0x323356a092a944b8L,
-        0x32feccc0c9a3cec9L,0x15ec3aaf5f9e96c1L,0x852142b5c12c8e62L },
-      { 0x098ffcbf2b6865f1L,0xcca470e8733d7741L,0x0f8c0f5271945bf5L,
-        0xfb654f6a08068827L,0x3a9e7d742a0e2829L,0xb90742b04b687763L } },
-    /* 18 << 245 */
-    { { 0x145afb651fdb2a7bL,0x93315b684eff5eadL,0x0cad1d20e40ca999L,
-        0xda9b517a379a8173L,0xacb665780ca018cdL,0x1e9d919f481969b4L },
-      { 0x5c9a058d68130364L,0x872e26620a62ce5dL,0xca598848acaabe54L,
-        0xdabfcee18aa048a0L,0x16198d034ac52a57L,0x72eb5ec632b6d102L } },
-    /* 19 << 245 */
-    { { 0x13f2e1726a0c96e0L,0x55aed9e02d6b6f05L,0x3c919ba3bdce76c0L,
-        0x647a525ffdda39aaL,0x5c0dbecc01a9011fL,0xa537ba8d9fd9dcefL },
-      { 0x8472e375cff62467L,0x57672311ed5adf05L,0xd1e178dc6a423de3L,
-        0x3ebcfe18d3ad3ca4L,0xb8f341d7ae802c11L,0x3f14c424ecdfdb7bL } },
-    /* 20 << 245 */
-    { { 0x381e0a136e4d2e42L,0x2f2a4ee183c0d752L,0x50d4647fc8e6532eL,
-        0x7e210aeeb4e7495dL,0xfd147710bcd142a6L,0xddddb07b06429213L },
-      { 0x63e06fc64548a6b8L,0x05d9b825904f92a6L,0x4b63fdbf9988ee79L,
-        0x6cfa412f9b3366bdL,0x0dd5fe3dc8c61f51L,0x3ec77027be8e047eL } },
-    /* 21 << 245 */
-    { { 0xea7d01cfc7d81791L,0xfa6c0fe6e2264afdL,0x53c7eea363651291L,
-        0xe58f8411f2d90f92L,0x4919b4c61faf0e14L,0x0c7dcd07148e98a0L },
-      { 0xf9ef44cebc8bd43dL,0x3acfb6686f83cfb4L,0x34130e18f883693cL,
-        0xda9ed2ae2d236c3eL,0xf54da64cc75cabdfL,0x1c3df906cc01722bL } },
-    /* 22 << 245 */
-    { { 0x686796c68d8f2286L,0xe0efaf9334d7cd1aL,0x84f9237c93b23708L,
-        0xcb50cc8ee47f5161L,0x498b81e71f597821L,0x3c3f33e1a491079fL },
-      { 0xee300c6dc69d1bc8L,0x279760e734778389L,0xe00ac0eb2bb8ed78L,
-        0x9bf9a10e765c8b5dL,0xc7e95c0cf8c1e909L,0x3721300ae6e63ea5L } },
-    /* 23 << 245 */
-    { { 0xc03ad784d8dfd7aaL,0x671384a64b065a2eL,0x9b21e9e7bed74e87L,
-        0x153b606cf889f75bL,0x7345c62a2aab6562L,0x270e4f445960cb4cL },
-      { 0x515909fb885f0f88L,0xe43ee4f7067a7928L,0x5f906fc8fc182e56L,
-        0x297ad5770641d0d1L,0xdcc45aa1d1b188b4L,0x8c817fb2ef062a39L } },
-    /* 24 << 245 */
-    { { 0x91e8c992044637f0L,0x01f7838827ee8e8fL,0x7c5e3f6dd095f5b9L,
-        0xed7522fcddf3cad2L,0x80bb87056c57aacfL,0x495480b00cc5ff51L },
-      { 0x964def7f04da2565L,0x8b0d0fe3afa72140L,0xcc75192584de66a1L,
-        0x9acaf7fe075f07c5L,0x6505c2f81eeade93L,0xa2f35aa00e3cf58fL } },
-    /* 25 << 245 */
-    { { 0x1ad38a2d80548b22L,0x4d6120df47a37b3aL,0x6d64ef8c23e33cb7L,
-        0xa1b5f51723c14ca6L,0xd2cdd425039a8e83L,0xa0a359ae229dd2dbL },
-      { 0xde0788166c2779afL,0xd960453362d2abc2L,0xc5c48b20707c0e4dL,
-        0xe452debd691c5407L,0x35c37ca882b0a299L,0x5b263014da3cde7bL } },
-    /* 26 << 245 */
-    { { 0xde34fa4586330487L,0x8391248153f61e6bL,0xd3f8fe742d04958dL,
-        0xdade250f6df77d09L,0x3a3a16175649d9ebL,0xf9b77847a23abc74L },
-      { 0x31d45db63b2e2c8aL,0x311ecc24f61a7bf4L,0x206029f9c56eab17L,
-        0xb9d9ff35878c672eL,0x0d268c160fbf2d91L,0x2474b527a45f58d0L } },
-    /* 27 << 245 */
-    { { 0xad8e84be8436beaaL,0x8f07eee4209eb5d3L,0x47cba1d83ee61bddL,
-        0xa081f21f72018544L,0x5dffddf493d88d16L,0x539a79efcac3952aL },
-      { 0x990af57791bc452eL,0xb139d7d5012f5c6aL,0xf818c9f3fb180417L,
-        0xeeb2d08475566152L,0x287571253f5d4ec9L,0x5a26505daa959798L } },
-    /* 28 << 245 */
-    { { 0x6536834e11b0f7b6L,0xcaa5271aad46c10cL,0xb5b6ead1fab43763L,
-        0x25bf402ff7f7d8fdL,0xf33fb223e19374b4L,0x183ae9b75f348172L },
-      { 0x1783c235078862a0L,0x9981a6c33cd368fcL,0xf58d2274fd627f9fL,
-        0x37ac9c265c5e71cfL,0x167c8d047b0f157eL,0x24f522f8eefc7d85L } },
-    /* 29 << 245 */
-    { { 0xd25aeab3926cc973L,0xb3e2cffbdfc2cfbeL,0xdd259ed1de742b6cL,
-        0x9d77c94e7b98bf81L,0x90f9067cb0ead3d1L,0x148f2a192a93fec1L },
-      { 0xbae3c543c2850153L,0x0d330d758910422eL,0x06f80a9efa670474L,
-        0xac6cee9f038431a3L,0x4900d17f5c22ee99L,0x62de04aa275a9774L } },
-    /* 30 << 245 */
-    { { 0xb6eefcc55f87fb35L,0x9766873b4371415aL,0x308337bd16b058bbL,
-        0x6d5b1ddae1ac3884L,0x9307aa0835c4630aL,0x22cfcc0c23e91988L },
-      { 0xbeb3814c37db0207L,0x19ab212fc4bbaf5bL,0x0801a1cf21abf22dL,
-        0x9e6862cb3bd07332L,0xaa12ba0e4319929aL,0x0da45831f540f97dL } },
-    /* 31 << 245 */
-    { { 0x67d8ac9484bbf927L,0x7dd04e4e4ea01d33L,0x24ea6386f13def66L,
-        0xa8a1acbe28f7f5f0L,0x5f578ffecc84c93bL,0xda8fe295f4ad116aL },
-      { 0x4b610ae48483347dL,0xcac5c5596255f9e4L,0x19a0e043abcfe47bL,
-        0xcd0cc9493966784eL,0xcc59a36743279291L,0xaa504087802961b6L } },
-    /* 32 << 245 */
-    { { 0xbe45d81a1b270599L,0x50696e7d97d6c603L,0x63c5a516b078ea89L,
-        0x9f3efe41b4464764L,0x84580e24101e5232L,0x00850a1ac8ae8220L },
-      { 0xbff4077ded55c404L,0xd74de734f2e7bf50L,0x4df4eef207e1c03dL,
-        0x4ab3d0396e654d58L,0xb20056cd086f1596L,0xe4d08a278acd7cd5L } },
-    /* 33 << 245 */
-    { { 0x5510cebfe354510aL,0x48925b9349998c9bL,0xa05fc961e6d707a0L,
-        0x85bf38f866ebc93bL,0xea637045254e615dL,0xae25e2e740d8459aL },
-      { 0xa98583176efafd1dL,0x863931fd5a51c4b6L,0x3810d732d4221708L,
-        0x959a2f70762a30f3L,0x7bdbaff9420ad3acL,0xba41b20bebdfe90eL } },
-    /* 34 << 245 */
-    { { 0x5e4d3280d3171eb9L,0x3fb715851bc65c5bL,0x6558962a901a899cL,
-        0x78b7cd3e7851462bL,0x21228419ca8f6495L,0xfd8d8f9b2d8be765L },
-      { 0xe5e90b92bc562144L,0x4f1f7ca1ae3243edL,0xd20178cd0985f4e4L,
-        0xe5be263304253cbdL,0x1e34141c0d348fadL,0x0073fa0dad0eef45L } },
-    /* 35 << 245 */
-    { { 0x922ddb84d403f20fL,0xf7bccbb54681def7L,0x81a1200f6b580442L,
-        0x64901025dc2f9884L,0x3746675aabe78edaL,0x3e750369aa6f005aL },
-      { 0x140477ceeb00658fL,0xc76a320ccf89be62L,0x00761f21658c127fL,
-        0x669186dfb8b6b03cL,0xbcdf1c36dcb26a2aL,0x94a7aba5da876a56L } },
-    /* 36 << 245 */
-    { { 0x1872f65c26163265L,0x9fbaf44fda52ad9cL,0xbec7addeeda47d38L,
-        0x6a04dc3078094f9cL,0x2c73b8f15f4498e1L,0x504909efd4fcfcb4L },
-      { 0x747efbc6b6b3a63bL,0x856e276de0dadd96L,0xa22459aaae3be3a4L,
-        0x9ef59e732294a854L,0x0717d4e5d0e36205L,0x5a6afa3eb734cdf4L } },
-    /* 37 << 245 */
-    { { 0x6bd8fd330e938950L,0x8b26d7fa0f20c4f3L,0xd29a1121e0604d4eL,
-        0x23d1cae60711c191L,0x460af39d51914cb2L,0x9cd04208547463c1L },
-      { 0xeb80d70e493b7a0bL,0x182568869171652bL,0x9f3007ad76ca8b21L,
-        0xf9bdeb4664ac10c4L,0xdaddd584284ae80cL,0x5c7ea28a0022abfbL } },
-    /* 38 << 245 */
-    { { 0xaef75aa7dc3c897eL,0x98bab5852e6432a8L,0x522b383d83fb0ee5L,
-        0xe0d8620f056a8589L,0xd63525dd39352633L,0x74362bbfaeb985dbL },
-      { 0x11419f4e8c0f17feL,0x3ca918b0494ba972L,0x39f2bc3c6e074e25L,
-        0x3bb66618fbbf0d60L,0xee60c8f88579fecbL,0x916f3fe92a9b905fL } },
-    /* 39 << 245 */
-    { { 0x14ed31b6482b668dL,0x8e3e10db5b65978bL,0x72ff92eee8011bafL,
-        0x5183d0bde1143531L,0xdb628188f9c740d1L,0xd23cb9c57570e3d2L },
-      { 0x9e893cacd2745832L,0x49762940ef4a2b31L,0x02f6f892324361bfL,
-        0x332e089dd7a881bfL,0xe9303153f788f52dL,0xcd6d15564e7f1bd7L } },
-    /* 40 << 245 */
-    { { 0x8caa623d408b62b7L,0xa58aa0b0c0272b41L,0x089af856ee285bfdL,
-        0x77b461f6d0674ecdL,0xbaa9d9b38d6f6612L,0xa8f26e12590669f8L },
-      { 0xb164340c5ebb5e28L,0xfdc11f7401ea89a8L,0x73c03b9176e4346eL,
-        0x6a678eb17caad5fcL,0x103ff0790a87803dL,0x25d6fd2af7430a94L } },
-    /* 41 << 245 */
-    { { 0x72cc0aba66116d84L,0x642c88681039c0fcL,0xaeded9e6d96a7423L,
-        0x4ff4163ccc5fea03L,0x180e4d3616483ec5L,0xefde910a7f6332c1L },
-      { 0x8042696283367060L,0x4edce3e8c28af356L,0x2452e4de965139daL,
-        0x15129fd9547477a1L,0x7f628b5ed80998cdL,0x7c56d44541054b54L } },
-    /* 42 << 245 */
-    { { 0x4c3f81184d3d9da9L,0x332072f9e1e71487L,0x8cbf7284759ef371L,
-        0x3d13d85cb98ce007L,0x507b467f980f4fd5L,0x9853b98bc74fdfdaL },
-      { 0x94b81534993f5e19L,0x316b761beeca71adL,0x09820a2331c04080L,
-        0xc71a9bd4420e3114L,0x569f813822ea67ddL,0xe3ec5d2b3a41b079L } },
-    /* 43 << 245 */
-    { { 0x6085b24a19bb6f27L,0xc2f18e8f64dcb82dL,0x8ff89ed91fd3888dL,
-        0x9fbe31db0e525a5bL,0xd52dfb5df0527573L,0x90288a3f703193c3L },
-      { 0x87bb5d30bb1ce380L,0xb6c9a4c9f0dcf59aL,0xcbc52966aeb86e7aL,
-        0xd151178a9a1636eeL,0x48342994e4b48c74L,0xe5bced925af80bc2L } },
-    /* 44 << 245 */
-    { { 0x106882534918179cL,0xdeb69dde08143b36L,0xfb3c527b992363faL,
-        0x11d05e93e9393832L,0xe3249558383a0f59L,0x2d0f3e11c234ab5dL },
-      { 0xd50a30d95c599ae7L,0x6d7abc6ce9f98316L,0x3d190629060ab6ddL,
-        0xfd58473c81d69afcL,0x841193d24b782d62L,0x4f72696da771226bL } },
-    /* 45 << 245 */
-    { { 0x288895d056e467a5L,0x78166a95e025a5b3L,0x89df640e895835dfL,
-        0xdc2b61f483dcbc50L,0xbeaa7363110dd6a0L,0x2346a2a5e7fdbe3fL },
-      { 0x379ae5fb6947a9c4L,0x9dcf01956370a372L,0x34c3c6c3d70d9a24L,
-        0x98ee14b7fe6a3d0aL,0xdd37708bba8ce5baL,0x785adb86a15c3672L } },
-    /* 46 << 245 */
-    { { 0x4c93de89c5ff194aL,0x56aef366fdc94109L,0xc8cb2a0c5b0b23d4L,
-        0xd73f1cef587ada16L,0x7138315a364b1463L,0x43940ef59f6bd411L },
-      { 0xad068e490f4a533fL,0xe8a772a33c7dac91L,0x74b815fc107998b8L,
-        0x4b8fa9db92699ee7L,0xfb2de4bf4cbb023dL,0xe5833a390f67c29cL } },
-    /* 47 << 245 */
-    { { 0xe985acae7fc4fa91L,0x7730e38ec66c4282L,0x4b971449f4bda67dL,
-        0x55261be02b001f47L,0xccde0c7126d0d8e6L,0xa7ac56fd701f6febL },
-      { 0x2488b28552642a53L,0xeada397c58fcfabbL,0xa3fc0452b679b0e3L,
-        0xd0ef09ffec2e921aL,0x9fcfd991575fb70aL,0xf4adcbbb366cb10dL } },
-    /* 48 << 245 */
-    { { 0x517075af5faa0cb7L,0x400a22c1efaf68f4L,0x320ce9493b86f639L,
-        0x511565717f296bf4L,0x0919607a96108276L,0x4fcc39a02f035900L },
-      { 0x5d13de7cefb73f3fL,0x19d725c5081c38e3L,0xf1b28089c0f58697L,
-        0x2adcd1a30ca7ca20L,0x96c07f42c21e1be5L,0x94d28cacbaa0aba0L } },
-    /* 49 << 245 */
-    { { 0x0ff4983fd64cfa4bL,0x2c49c4918c55942cL,0x6093eb7f98eb20baL,
-        0x1b33296a060497baL,0x32776a53c92d7b47L,0xf367e6b25241de3dL },
-      { 0x711119813b65228eL,0x2e5dc541e1394451L,0x940a4a0f98ef33e5L,
-        0x1a395be32cd4315dL,0x4d49469f3c2e20e1L,0x5384f4b95c314f95L } },
-    /* 50 << 245 */
-    { { 0xdda2f3a0a256813fL,0x4363d190ee6cbae0L,0x61f4d607930d0094L,
-        0x6767ff4817021739L,0x8450091bd2c5fadbL,0x144d02fe870710a8L },
-      { 0x73f45d9035524b7bL,0xccc7856b04615373L,0x0eb5cd436f081dfcL,
-        0x9c433cbfe3a70d59L,0x9ee70f509818349aL,0x16de27347241c634L } },
-    /* 51 << 245 */
-    { { 0x02a24c5cc47f7db6L,0x519242cd33d60e1cL,0x543f39cf7244a636L,
-        0x4ae15d698deb181eL,0xbaec81ef44261806L,0xe5cb18bb5fbf13abL },
-      { 0x7534787a032158e7L,0x770e1e34da0d9a6aL,0x251bfa7158f9baccL,
-        0x12663214c8d39905L,0xb7bfa81b39c3d64aL,0xd6d439ffe3ee296cL } },
-    /* 52 << 245 */
-    { { 0x192ecf72d0aa048fL,0x23af774063e40c0fL,0xe4d98e41d804d367L,
-        0xd868cc885405bfc3L,0x96909a5b6f6ece88L,0x16b05ad2bae60dabL },
-      { 0x7382a1dbde621949L,0x569bb6c9c47cf6dcL,0x892da43e1f2d098bL,
-        0x6bd959b9bfa25649L,0x90617c419cb48f9eL,0x36059b73f110b22dL } },
-    /* 53 << 245 */
-    { { 0x1817b140791af82aL,0xf4a44cde042870c5L,0x60b8414ab5c0405aL,
-        0x3b00f5ddf4dc4a9cL,0xa61aa0cfea81dd5bL,0xd43c37422554907dL },
-      { 0x3fa264a620569ecdL,0x2cc69c2ba5a46190L,0xecd4f6d3dddd072eL,
-        0x41083b72dda8de01L,0x4bc047f110d6f156L,0x7164b432cac3203aL } },
-    /* 54 << 245 */
-    { { 0x7e7e08f401d45bfeL,0x04f9c9ed0e2d17e2L,0x3213556fa55bc148L,
-        0xc58983c734449f0eL,0x463217afaf2bb219L,0xe08a51a2f8fba72dL },
-      { 0x2f44991e974d51f0L,0x15f2171f3f12af56L,0xbcc919de24cf01f3L,
-        0x9ea371f269399bd0L,0xae8a8eca3ccf4574L,0xf0535b83ae499429L } },
-    /* 55 << 245 */
-    { { 0xe9ad8928f72305e3L,0x4144b6b9fce1295cL,0x672732a0c3487eb9L,
-        0xf19d09a6147f70b8L,0xf45f6a11362a7684L,0x84ce4f25adfbbdadL },
-      { 0x31e4bb0ac3403b48L,0xefc861b9b478ab38L,0x3323df44a8320c49L,
-        0xa2838aa1ed4f14abL,0xc80e30cc63bf7df7L,0xdd2d5ef9f15ec5ffL } },
-    /* 56 << 245 */
-    { { 0x3027c1698d6f8572L,0x89326850111e64d7L,0xe6eb6cd31b8b0179L,
-        0x0d2d27ea6dd5a4a7L,0x41682c0007c82f11L,0x5a01c54c81075022L },
-      { 0xf3903f51fe7220d0L,0x75daeaba1f8e66b2L,0x1b625eed470bd3b2L,
-        0xa46398a7e85a6293L,0x8ff6ef8c805ad640L,0xb3430f6795bfa3a5L } },
-    /* 57 << 245 */
-    { { 0x55d31765bc9341b7L,0x6530526ba312d125L,0x57ad29c02e9eb238L,
-        0x31658a8282292155L,0x4d3417b169301639L,0xb38d6199e48c3d1bL },
-      { 0x4399d5ddcc5202eeL,0x4b1c293a5076cc08L,0xa46e87f5824171b0L,
-        0x16f75919e4cb40e9L,0xd086562dac35d85bL,0xc2b41ad532713f5dL } },
-    /* 58 << 245 */
-    { { 0x2da6d2ca3248f02aL,0xae49d2fc675de73dL,0x4abb1a65cfbfee63L,
-        0xc6cea22cf1246350L,0xdd510cf82d3faec5L,0x8b7d1b0865e7460bL },
-      { 0xc5b39c802737b182L,0xeee61e0d8963c709L,0x9cf9da61793e7179L,
-        0x630637e52a295ba6L,0x18b85c9fa3881ba2L,0xca091a9464a94fe2L } },
-    /* 59 << 245 */
-    { { 0xcb68739f0bdec121L,0xf4907b3cd3811dabL,0xcf1b079b8c5d7707L,
-        0x9ef9002d2fc6a56bL,0xc4c9d069809e8b64L,0xaf86a3db90d0eef4L },
-      { 0x30a52f994b24a04aL,0x03bcd7a958574ed0L,0x330ce8a1a5b52b8bL,
-        0x632b3c2d5e6a8ed9L,0x7b080a2c18369382L,0x12173e5f65187ce1L } },
-    /* 60 << 245 */
-    { { 0x027f654feabe8ef1L,0xd9d327e481a51834L,0x9215df61980faa43L,
-        0x76b4f8003ba045c1L,0x8f3ce587f400732cL,0x0abe1f34f133a3caL },
-      { 0x2ec690526de4f504L,0xa297cee4cb7ff026L,0xa31a76e3cadaefe1L,
-        0xb701391e1173a958L,0x0a4279b08c8768f1L,0xd58927c12f8ede03L } },
-    /* 61 << 245 */
-    { { 0x71ea38454e630b0aL,0x4f696b59119263abL,0x9e7cb293f9cbab69L,
-        0xa448d591c60ea8d2L,0x5021d4ef7d89eb52L,0x1a1ea5e3787663b1L },
-      { 0xa95af4eb05bedc8eL,0xfe72effcc2fba411L,0xa88b79bb19a2c6bdL,
-        0xbed948fac84c78eeL,0x022dcf3d5ee7455eL,0x0c39c3689f56accbL } },
-    /* 62 << 245 */
-    { { 0xe0e818a8b77c9de2L,0x0dbaea885e07f77fL,0x6ece83b97b1f96f0L,
-        0x3c02e59631733a5dL,0x44bcdfcdd14828ffL,0x2791ca54b66f6107L },
-      { 0x1a051c5a6198f24dL,0x9cd5f09a17627301L,0x64323392004a0cb1L,
-        0x75d6819b3cc13e05L,0xf5cab2874a58768cL,0xbe090e83e3ca9332L } },
-    /* 63 << 245 */
-    { { 0xd639e0f3ab9b278dL,0x57f3f8cafa2407b4L,0x6720549f6c11f6abL,
-        0x6ad1c608e784308bL,0x62c31e4a196babbbL,0x764b4deed1d36447L },
-      { 0xf44efcefaf4407bcL,0x7c1f45dbb3ca82a3L,0xf43e4a8773b952b3L,
-        0x145cd2d6ff478bbeL,0x11ef2df450c8e708L,0xa2af06f044491734L } },
-    /* 64 << 245 */
-    { { 0x8cd6c9f7c90b13f5L,0xec0c187d52a9d469L,0x9c0db0f589b8ad2bL,
-        0x692a8db70d9c999dL,0xa407fd03c9f84ab4L,0xa5742fd1cc9a906cL },
-      { 0x4813a765c8e72867L,0x9c65943de2e9a10fL,0xca6bf2934fa0a23eL,
-        0x1dfa3af7cb1f8d7aL,0x28036f5498d10c53L,0x7bfbcaf20e012c13L } },
-    /* 0 << 252 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 252 */
-    { { 0xa53f1a104ec177f6L,0x4a2ef9aa3faa5ca8L,0x30efed8532976d13L,
-        0xcf5ada165ee692d1L,0x3ceda69d259e7cc1L,0x2aae29e99baab472L },
-      { 0x7ee5baef737cc8bcL,0x1717af747fe68dedL,0x9e5c8ddacfdaff63L,
-        0x575c8db9cec07693L,0x9afc8ae0fdfb509dL,0x27836d3685651697L } },
-    /* 2 << 252 */
-    { { 0xa7342f9517eb9264L,0x9264a6a00a8a6eefL,0x50e48bf07471c384L,
-        0x729e5ab130827f34L,0x17199191ea779c23L,0xd13ab8539fa9fd58L },
-      { 0x7d5799373b1d773eL,0x65f8e7c6d196c3dfL,0x253f7d51e8541725L,
-        0x107a793dec720355L,0x1c14d0566aa16268L,0x9dc5fca38bbb231bL } },
-    /* 3 << 252 */
-    { { 0xf5689c5e12b09f53L,0xc1da32e19e87ff7dL,0x1af879d012eaa533L,
-        0xdba775e6d9271e94L,0x60f8507310e63c34L,0x445f3e21a686a24bL },
-      { 0xed5ca8fa15bc277eL,0x9839198a364ab7abL,0xe2ee39426d90a7d4L,
-        0xe5b3e4cbccd37e76L,0x9013bd08f1412e0fL,0x82f5c532ce999048L } },
-    /* 4 << 252 */
-    { { 0x61d0e01bf3fe3441L,0x674e52332af47609L,0xd4a4e224b362902dL,
-        0x45923c129e0a5d16L,0x4fc2bdd495e580e9L,0x6d1d974ca8c3d954L },
-      { 0xaeff1135d0bbeaaaL,0x013ab5b31baafc9eL,0x80907d3eab8f9f31L,
-        0xaf2c12166d566c15L,0x0082daba952e6fa7L,0xa46710032df9e03aL } },
-    /* 5 << 252 */
-    { { 0x91b379c63223d561L,0x8cb7b8cce203417cL,0xd0f44208176b3b81L,
-        0xd18c2118aaba5cd3L,0x4aed5c9770794f9fL,0xfc540dc4f4c33894L },
-      { 0xb8e6798a0153a8a8L,0x6537dcdf43c4b0c0L,0x1b7eef39ab557397L,
-        0x175e3934b7103105L,0x943abf4a82ac89e4L,0xeb1a61f957ffcdb8L } },
-    /* 6 << 252 */
-    { { 0x99c2b4cd66476227L,0x576a4b0662850cd3L,0x067bb66b5a352b7aL,
-        0x3c7d6fc43ec757edL,0x2f69291cb9d36adcL,0xc7c0f3257c9143a4L },
-      { 0x768c3c400627fee2L,0xc214d81da8fde577L,0xd86e4b025299ea1aL,
-        0xbe46b7e91a2d4005L,0xaf865a169317fa60L,0xfbc3268fcdce2fbeL } },
-    /* 7 << 252 */
-    { { 0x66fcba52d8fbe900L,0x9f16434c861b3e33L,0xa371b97241b4305fL,
-        0xb2d858ce25b6af89L,0xbab07d53275f9e8cL,0x3b5951f8d525bef8L },
-      { 0xebf79e3ca1755b0aL,0x4e6256e7b467b1c2L,0x7dbd8b66cba1a659L,
-        0x88ea40138b1eb8b6L,0x210ac1b38fa6436aL,0xe93e22c23df40e33L } },
-    /* 8 << 252 */
-    { { 0x5f79f0df1fd64063L,0xd2d39dd381e118ecL,0xd631a68e11571c5bL,
-        0x6d072b4e2474faf7L,0x5e043a6d862a924aL,0xcae58bd8b0fc8d7aL },
-      { 0xf54bb7f3b1351f28L,0x4588b6280413275eL,0x81459f4c5909ec04L,
-        0xd28cda25abd16460L,0xbb676d018db1c69eL,0xc0056e2dac5036f4L } },
-    /* 9 << 252 */
-    { { 0x1ce187bf323169baL,0x1dfaef8661ab5073L,0x1893dc7b2ae468b5L,
-        0x0748ec86123848d4L,0x0d2877b46a96eb12L,0xb6063e75e9322495L },
-      { 0x1cb17189d7d1828fL,0xde41f11944d1b318L,0x7ce0f87610f0b74dL,
-        0x2c7c91ee7a98f86bL,0xb641418e750f3ea1L,0xae2cd2e280094054L } },
-    /* 10 << 252 */
-    { { 0x9f6c6ed598d8e086L,0xa9ad63ca2d3fad85L,0x055b8323fe016926L,
-        0x039fbe287b3a8d68L,0x544a8bf5fb6b315aL,0x04b122fb647fed85L },
-      { 0x1e9807fa98085b1aL,0xb78a36a771c12696L,0x4ccc1a2cdc22f95bL,
-        0x6ff4997d54d1e818L,0xecb5bdc2f08c22dcL,0x6e07e2c146a27762L } },
-    /* 11 << 252 */
-    { { 0x602077aceaaec565L,0x9dacf68224568aeeL,0xa490fc1e9cfcce26L,
-        0xb2ac94b3303218baL,0xc0208604ab33f9aeL,0x801663b6e39a6668L },
-      { 0x1defbb42961b0927L,0x688b445e83e318b3L,0x34fe2830c11648e8L,
-        0xed56e99360066dfaL,0xa5f30f9a07671eccL,0x02c40260a3222e8dL } },
-    /* 12 << 252 */
-    { { 0xfb2a11b4ea347db9L,0x2360667e03350681L,0x1aa6e720a02a1261L,
-        0xac2bd2eba110bb21L,0x8ab2f9063c9b4568L,0x5f46263d5ace1f17L },
-      { 0x97067801eae704c8L,0x35d2637ea715d313L,0x24cdc3d0c77573daL,
-        0x6f97cd07e2562b2aL,0x27bcd62d5afb29e4L,0xc38ac1c55d29f5d3L } },
-    /* 13 << 252 */
-    { { 0xd9c38ba47c88f46aL,0xdd07c4d79946ebe4L,0x908731dcce0e5417L,
-        0x43088d11e145839bL,0x9d37419d07b61543L,0x440cdbcd2c3c7c4cL },
-      { 0xa6a6fed673216db4L,0x15ce171a198cd32bL,0x198c256974e6a085L,
-        0x5fec853f3dc2a714L,0x329250bdd5923068L,0x1d82373c9f6195caL } },
-    /* 14 << 252 */
-    { { 0xa8e17be53777b2aeL,0x534e3a3bcc284224L,0x7f34ce458192cfa1L,
-        0x0009a72966d0e03aL,0xc42053ba524ce1fcL,0x834e98fe6d092e58L },
-      { 0x400c65a1c8b0f751L,0x268bfe6f107965ebL,0x0f141c0332e0bc69L,
-        0x33bc6e64597a2264L,0x039a4ae9454a0d6bL,0x2cb0bf550b07ddaaL } },
-    /* 15 << 252 */
-    { { 0x69056cbe63769bb3L,0x710a67d385044d35L,0x971ccbdeea855332L,
-        0xd655163a0fd0d210L,0x619c3f9adbb8a8b9L,0xd156f73d49a014e2L },
-      { 0xd04ea0a5a129a598L,0xc9c04da6fa2f12eaL,0xc0ed654ae98b3187L,
-        0xa254eef6a82f9ec4L,0xe537695fa386a72fL,0x170f1ed4a74eb453L } },
-    /* 16 << 252 */
-    { { 0xdbe04c3044ce3ad8L,0x995fbb1b4ce8aad5L,0xdbf8b54670911457L,
-        0x9e683b5b3f7a1757L,0x7b89a08a9c7bd62cL,0x448865a40b3fc97eL },
-      { 0x0ac9abfc3bb01e94L,0xa07760421e756124L,0x0aa6c335d9deed97L,
-        0xe270580f72603e08L,0x70857a946c783bb2L,0xa0047774caa929aeL } },
-    /* 17 << 252 */
-    { { 0xf99a63c5e8c4a440L,0xc7fd1d1419d65168L,0xfb6c21d696d5e80bL,
-        0xa4a7304944b833beL,0x093728d5127b1599L,0x9046cbe2c89e7195L },
-      { 0x21e2863c146a80d3L,0xb1ac7e1bdd559c13L,0xbe5ba65c72c39063L,
-        0x7da5feb87722cbc7L,0x122615d0f17c02c5L,0xd44f477179e5fcb6L } },
-    /* 18 << 252 */
-    { { 0x0d913830e2d28da9L,0x0465920a8a164385L,0x79959ce1b0ad65d5L,
-        0x6c94690759a966d6L,0x4ccb0e5e832c24feL,0xa8c5bee5d6af2a10L },
-      { 0x264dcc118c5791fdL,0x719f23ac5b58ce85L,0xfbff8a2f8e54b029L,
-        0x0c9240be864e959cL,0x8f7c21733c37c665L,0xfda848d9f164d354L } },
-    /* 19 << 252 */
-    { { 0x203ea731f35d11f6L,0x90610383f9f9001bL,0xb9d3c302ed97e6f2L,
-        0x4c529736c9a67e6cL,0x2e440b1781f6597dL,0xcc798f5616aabf20L },
-      { 0x490f50642832ffc5L,0x585e462a7a19b125L,0x99d73e391b06d98bL,
-        0xb817e97aab696d7bL,0x9df2f65ac28dffeaL,0xa48dad47045fddd7L } },
-    /* 20 << 252 */
-    { { 0x2878c20d62e5fc09L,0x419ed2ece7f012abL,0x3bbc853fbaa21e7eL,
-        0x412bc3c54844c009L,0xc4b150508b012199L,0x9d160f4c310d5fbfL },
-      { 0xcb61b69214f60becL,0x436348c064092943L,0xce8c136e3185cde0L,
-        0x97b034f68be5dd85L,0x7697adf92701631aL,0x2ddd86361fa6e8a0L } },
-    /* 21 << 252 */
-    { { 0xde8c2c963e9ff7faL,0xfdf1e25d8b75bbeaL,0x28ba3be59c146264L,
-        0xfc1df52e81fcb0c9L,0xf9341c43af3ba66aL,0xe81c22470d72188eL },
-      { 0x2ff00f1069c62b9dL,0x1077962e71498d24L,0xdf35b17ecc34ece7L,
-        0x3516c33687eab2daL,0xe71cf7ddc72b7911L,0x6c9233d92c286c56L } },
-    /* 22 << 252 */
-    { { 0x7ce6389d162754d7L,0x8f03eff514e0d8e5L,0x9fd2c896ef402e31L,
-        0x4a4bf70a2195b0e6L,0xe6043a383c8d82dcL,0xd86b647e8bed7c65L },
-      { 0x21bc56f4a4c87660L,0x8c99d6270c05564cL,0xd6b82e9014050ee2L,
-        0x09bf6a3eb6b11f0bL,0x9704b36731dcd6b1L,0x871c85c85e3d44caL } },
-    /* 23 << 252 */
-    { { 0x93024430e5236badL,0x4c5872728b883d1aL,0xc265b94bba68d3bbL,
-        0x7d8fc82a648d9b7eL,0x57086e6e75ac264cL,0x4b8a157102fc9ec8L },
-      { 0x83ae238e86849a9bL,0x2eaad9b8a69acccfL,0x2d82c029d44eaa39L,
-        0x8f5b9ed833d7a556L,0x05c83328eea8b609L,0x537069efc3c96005L } },
-    /* 24 << 252 */
-    { { 0x292f8874b25c4d4aL,0x54961fd87e79f526L,0x949a1fae008c6ec9L,
-        0x6ae82f0d525524fdL,0xd1f6f4ef2edbcb1aL,0x41617a6d977ddffbL },
-      { 0x6ae38fb71baf0668L,0xa79ea228d538ab3cL,0x70babb05fc44e273L,
-        0x247384fbbca85910L,0xdc0e069b6a564959L,0x37a9c5521a7438adL } },
-    /* 25 << 252 */
-    { { 0xaf2c87828a4b7251L,0xcb5ebfd3c1bc7f72L,0x160b77e560579615L,
-        0x297412e3c10f067cL,0x5ad0681ef7df86c8L,0x2e8c63529b3e3afbL },
-      { 0x32372cc74cfd3266L,0xb7abc8baa820f8b5L,0x857d545519f34baeL,
-        0x5c055ce920ed65beL,0x1d8a59ca537ad6b7L,0x1135adcf7ad88633L } },
-    /* 26 << 252 */
-    { { 0x47e6ed9530034df1L,0x1839f488321bed8dL,0xb6b67d452ac8a9f9L,
-        0x2fe1efc6182e4a63L,0x2da34bde0c1185c7L,0x6e5d1621edfdf9aeL },
-      { 0x3bae9db77120804cL,0xf094b0676d986ef3L,0x029c9246853e24ceL,
-        0x3abacb1b25a82463L,0x58777e1389c5616aL,0xaedd003b5aeed714L } },
-    /* 27 << 252 */
-    { { 0x7494e4319da5fb0dL,0xc684d74bee3fd6f3L,0x12fc899403a87d91L,
-        0xc4c55e692d6e3931L,0x63e1255896336788L,0x36c297a5f78371fdL },
-      { 0x4cd3f9c4a63b313eL,0xd2825e17c543e507L,0xd37e36d06a4e64d0L,
-        0xab9559ec11872774L,0xaf168b34880a5d00L,0xb0c916a10c0c3f42L } },
-    /* 28 << 252 */
-    { { 0xd389397c834eaa9fL,0x2271ea0d2a5532aeL,0x5e59a23ae1f92e9eL,
-        0x9f179b8c1f7b91f5L,0x2a1c10028de2dc8bL,0x6ac83e58787a276dL },
-      { 0x0facd4756d9d1571L,0xcceaae5e4bf118e2L,0x4e8008b7620fbecbL,
-        0xff633fef7a1474cbL,0xfbefea80ce377357L,0xebb9a9460feb7724L } },
-    /* 29 << 252 */
-    { { 0x0bab441ae9803b71L,0x309ef14684e2e21eL,0x17ccd5b6851b6519L,
-        0x8b5e7e300126f470L,0x0560cb9d847eca03L,0xc45850bf11ade256L },
-      { 0x08603f5c3c33dbbdL,0x21887bc9708ae545L,0x3bd25ad480014ffcL,
-        0x5eb0f89fd3a64409L,0xbca2726b4c3dd83dL,0x611afd2fe4259797L } },
-    /* 30 << 252 */
-    { { 0xd9cb4233c4f4e0e5L,0xcfc0576818e49029L,0x8e9c8360526f05a1L,
-        0x8e83037aa56d6c3dL,0x33507065c47e6742L,0x5ca2c8d8788b5da3L },
-      { 0xf355cee9cfb0b6feL,0x0e86fd73973ddafdL,0x27fc6c56d44fd889L,
-        0xc9ab416ff7d93f3cL,0x778c3f160d063d62L,0x175e5d920b5085ddL } },
-    /* 31 << 252 */
-    { { 0xd62406873be63d8cL,0xe8c93b93b80059a6L,0x33bba7dfe065854fL,
-        0xcb26543f36b34e45L,0xc17ee58dd2d0c3d5L,0x69752f49bae1bcadL },
-      { 0x87e31b429b20106aL,0xc520424b06734eb5L,0x993240afa896d17eL,
-        0x5238851bc2762a62L,0xce399f9d506d7dbfL,0xa4822d23040cc7d4L } },
-    /* 32 << 252 */
-    { { 0xf071c9878fa06859L,0x0083e5311a52390bL,0x845eb12a61483bc2L,
-        0x17471d801caf6dd6L,0x7b603616ddc21b92L,0xd38fe0f6b992536dL },
-      { 0x433f0652297c25a4L,0x03d4d8fcb1c4bf41L,0xdf617386a9adf49bL,
-        0x4bfeb3992cb2944fL,0xbf288427b3d9c076L,0x17818c3e965b4576L } },
-    /* 33 << 252 */
-    { { 0xfbcff79f6df360c9L,0x342f9ded2bd94c22L,0x2dc5f999283f2300L,
-        0xbea18d9893cc3330L,0xc197176269a7da4eL,0x72de17ee93ce69a3L },
-      { 0x6c354a6184170a91L,0x031ce0debe47ef92L,0xbf256fd418658739L,
-        0x0395088a0d037d9aL,0x61179c42c5a05970L,0x0d5a9f7db8b6ab64L } },
-    /* 34 << 252 */
-    { { 0x18be1d605a44a8dcL,0xb512d945f1d18ee0L,0xd2e1f6623af39ec0L,
-        0x440469136c223676L,0xe7a860836a60a4d8L,0xaefcfc2dc7e09d3bL },
-      { 0x175817fad685c9b7L,0xe20b6c9e4b9d0557L,0x9212e7bb51fe560dL,
-        0x748aafb7608b53c4L,0x86186d4fd9b06850L,0x4cc6041376512c08L } },
-    /* 35 << 252 */
-    { { 0x2d5be3b00c127e46L,0x8c6f38fad9b04e47L,0x49c444098736f31bL,
-        0x5469ae47f53aa908L,0xd84856f3492fd120L,0xd04b1fa20725e199L },
-      { 0x50c2e80a8e7056f2L,0x415db04c9ba2e259L,0x8e4c56ae2eb201e0L,
-        0x449e4d9e5082ce94L,0xb5ff077a7345459dL,0x96d10f1e07330e72L } },
-    /* 36 << 252 */
-    { { 0xac77126e3b3094b7L,0x7c1e7673bdcb616fL,0x90491f8176993114L,
-        0xf17c08a8cc8da63bL,0x972a3bffaa050364L,0xdef45b7f65a9cd57L },
-      { 0x105ec5ba2b9b889eL,0x7066821150f7a61eL,0x11daa9dbb1d63a40L,
-        0x6065451007790568L,0xfaa219cebc2b6d2aL,0xb1b8ace93e5163dcL } },
-    /* 37 << 252 */
-    { { 0xf8042ae2859b0f22L,0xd8a5d3a200d8bb8cL,0xe85c596189faae14L,
-        0xb7d636f906611c0aL,0x35b68bbdd2bc8957L,0xc86f5be5b7cf558cL },
-      { 0xb602a00369c17e74L,0xc39479cfd8a1fc01L,0x6dca5c81f733237eL,
-        0x9c8cefd41b2e2cccL,0x2e32a323caacb4b8L,0xf7406874ad639090L } },
-    /* 38 << 252 */
-    { { 0xea3a358e24c1bbfdL,0xfd32af33571400aaL,0x2ec3d44da413949aL,
-        0xa0d8594a7bd121f8L,0xb32997a1d6b6153fL,0xa0f48d98b9469c6eL },
-      { 0x236b7a18fba15481L,0x49dee3bd98ff970fL,0xbc27ac7a7ee97875L,
-        0xd1acf2be28ac6279L,0x92e7ef02514c8328L,0xb2d7a8304f48b497L } },
-    /* 39 << 252 */
-    { { 0xcaad0554d95946a9L,0x992268c973ed1281L,0x6c0b1edf7b1b25e1L,
-        0x4de2d9f81d6e73dbL,0xe12a4f1c5a2950a9L,0xe0cdf7af36ac18fdL },
-      { 0x16e7332d1abcc9f5L,0x4dccc1505bac1c75L,0x1b48bbc141f8c231L,
-        0x3702cc2693692a4aL,0x9e9e53dd311c5dabL,0x27bc006cfe5d9fd3L } },
-    /* 40 << 252 */
-    { { 0x2bb798ff689f43efL,0x5813e4415f26ec54L,0x51f64c495005c929L,
-        0x60e213a54b42e417L,0xc152844262cc3734L,0x6ecd6c3b09d994e1L },
-      { 0xa6e72f7183dd047fL,0x3836f663b0019803L,0xbcf1265b257493cbL,
-        0x59b15ff09e62d78bL,0xaac5ed5b6cb92ecfL,0x37e6ad7d9662651cL } },
-    /* 41 << 252 */
-    { { 0x04743bf8b224f6c9L,0xec04b641ae33b1caL,0x6301f51623a76fccL,
-        0xf1aa954675e15fe9L,0x878c64ecd95c1972L,0x033df5ee3ba7578aL },
-      { 0xe5e9ff7c47f4721fL,0x9b3d93fa03eef7e9L,0xcd0be6ad573deaa6L,
-        0xf377570f3bbc8a16L,0xffdc04c161c37393L,0xd9eee46dd26d659dL } },
-    /* 42 << 252 */
-    { { 0x33f933604d4b7317L,0xee44b3e02fe482ebL,0x5a96870480f1fde5L,
-        0xdfd6293b5510952fL,0x2abdc1989cc0af6aL,0xe608e2769ff45aedL },
-      { 0xf408670e3247e796L,0x3144153535fe07c4L,0xa941f96e2870053dL,
-        0xbe908795ef6383adL,0x82b620a63560fdf0L,0x2c1cc1ae135de5c8L } },
-    /* 43 << 252 */
-    { { 0xa829397c727e5988L,0x305659bac6239b1bL,0x9b13701200392cb0L,
-        0x4eb1ddf376091862L,0x68b64b19202bdd8aL,0x56c427c5228071e4L },
-      { 0x354b1beac3375accL,0x94a45b4e54e1194bL,0xf528df0178095edbL,
-        0x6fb0867146fb9ec8L,0x977efc84c555bd48L,0x8230d6f7c268a20dL } },
-    /* 44 << 252 */
-    { { 0x003d4004b8d81c0bL,0xd3d5048f4168a407L,0x7748ecacc6675bd9L,
-        0x9dba4539e2612cf4L,0xa5ebbccfd8770b8fL,0x206b4a9aadd90558L },
-      { 0xe446ed9c81b5c103L,0xcd2434184d2199dcL,0x0840f6eacb0d70d5L,
-        0x6fbbf1b43107367bL,0xde9444f7d29335c8L,0x33ef004c66252eb6L } },
-    /* 45 << 252 */
-    { { 0x10eac97aa5a6546aL,0x6129392fe231f95cL,0xfd41bda100e2aae3L,
-        0x5b1f93299d8c6288L,0xf1d2fc9246b7df40L,0xbc6fbacfc5df62bbL },
-      { 0x64885d924b5af011L,0xe4f3ade883461896L,0x644ce7a7a4a62e43L,
-        0x74c9d145337b2730L,0x69d714840f83222aL,0xbfbc594ec27c0fdbL } },
-    /* 46 << 252 */
-    { { 0x3263c0517ed92916L,0xc039b94884e3f519L,0x54aa433ede89de6dL,
-        0x92f76292c0971a03L,0x8457b2312550a2e8L,0x46ab1f0f11cfcd9aL },
-      { 0xd97b95c1c6d53077L,0xe8db11d159550599L,0x2092c81385ea4b32L,
-        0x149b6b2cb7ced408L,0x2ada6fa482b9b22fL,0x53a5576a25877963L } },
-    /* 47 << 252 */
-    { { 0xa1e2c2a8195ad455L,0x65e90a3de7f61038L,0xb01eaa52ec623680L,
-        0xfad0f9f110302efaL,0x9e544b5449274409L,0xfc9037de8c3a0925L },
-      { 0xbcf196fcfd139cdaL,0x0a1f747c4f6a2cdcL,0x580a9abab879fe3eL,
-        0x08a20f1c5ee74778L,0x7c9be7de464c5271L,0xa4a1972918e85a09L } },
-    /* 48 << 252 */
-    { { 0xce23a19aa17e560cL,0x6491b95f62550e2bL,0xc72000121d15a005L,
-        0x15fde735f4355a1fL,0x3849761f607f7807L,0xcbe322d018204691L },
-      { 0x75756e4ea95e8e91L,0x365959fe817a9b8eL,0x631232763d4ce3dcL,
-        0xa769d2fef1d66e00L,0x8624ddbac28829e6L,0x03274297d2df06efL } },
-    /* 49 << 252 */
-    { { 0x2ad21bdadf3b1368L,0xf4f9d5270b3001abL,0x10182c5557ecb528L,
-        0xe00db71565372a5bL,0x2018e0ed74f2bd83L,0xa11b47066175efb4L },
-      { 0x3172264722d565cfL,0xb20c27ab2f0faac9L,0x4ca2982a6260f995L,
-        0x3850ef89b7085c6fL,0x5b4a6e235f0d45a3L,0xde562df9b7523682L } },
-    /* 50 << 252 */
-    { { 0xb34ecab233bb63f6L,0xe6cd56a202944c4cL,0x2690cc39489a8d88L,
-        0xcdfe368a4fe612dbL,0x23069ca5e9e9f7adL,0x7b87105cc07d742bL },
-      { 0x5114645a8b58ea8eL,0xd31fb4821829e8aeL,0x5e235d95c4b28520L,
-        0x2a1cda885c2292d2L,0x95d77447ee925b6aL,0xeec419a3df18845dL } },
-    /* 51 << 252 */
-    { { 0xb8903f10be9ffa75L,0x8bf7fc786432dcc3L,0xcf3f7cf15d028549L,
-        0x7684baf29846f2d9L,0x4c580edbe9e063deL,0x0ac5c3edf2d70321L },
-      { 0xb9ba10e184c5d96dL,0xbb854b39d7aaabafL,0xe29d66964793c87aL,
-        0x7b0fe1d448285ae5L,0xa143454df0121733L,0xa286eb043aa5ddc8L } },
-    /* 52 << 252 */
-    { { 0x8e4dcfc88c93bc5fL,0x9f96d60a1b233295L,0xae5262e91d447dcbL,
-        0xafe58396541d46c4L,0x3e733c2636ff8f80L,0xcb36a37748b81037L },
-      { 0x9bcbfa9fc406ef17L,0x57a6e28006fb128aL,0xd86b44db9a771eb1L,
-        0xc7ce106e62545a4dL,0xec6818a6b254c908L,0x4b8d3fc550feb342L } },
-    /* 53 << 252 */
-    { { 0x8faa39c8b609ef4cL,0x0209b3a7d8225cceL,0x11254c211feffc0fL,
-        0x64930dcdc1e42ad3L,0xf5b058eb1cbb39fcL,0x2f870e3341cb5065L },
-      { 0x61b3611cf7663f95L,0x981890b637941996L,0x00c42b0908dd6854L,
-        0xac42af5de17da075L,0xaf3a394c282b8d53L,0xb53b3b245d8bab96L } },
-    /* 54 << 252 */
-    { { 0xe17c9d98d90f0c83L,0xdd4aa8ac6d984408L,0x94b6fc50f71aef46L,
-        0x2e6b5d24f0a2009eL,0xcb9d9cd17d8d75e4L,0x5e732a5b962a1708L },
-      { 0x9d774f1c7fd01089L,0x56bc35aded95094bL,0x6844220bb9c797d4L,
-        0x40021d8e90ace48fL,0xddc769c5701baad0L,0xe23e8f9e333ac2deL } },
-    /* 55 << 252 */
-    { { 0x6cf6faf6e92e42bdL,0x759dc78b0d1e6a0eL,0x18fd55ff11532759L,
-        0x04a306d7e9af0c07L,0xd7febf615ef7f82eL,0xaa04f1dca65cae01L },
-      { 0xb084407c16442bc2L,0x17ab4f74f874f10aL,0x236368d40fb6cea7L,
-        0x451ea8206f66813dL,0x4a61097b1760e6ecL,0xa8655cfba01bdd2aL } },
-    /* 56 << 252 */
-    { { 0x52fced3116f01d7bL,0x88c6b172daf046aaL,0x1a189403fe7a338eL,
-        0x39741ecd61798b1eL,0x6a47b0712934b879L,0x3b1a5dd1828d1e9dL },
-      { 0xd4bd48487f35a7efL,0x71774b5bc1eebaf8L,0xa86471e5d55344baL,
-        0xfbf145f17b8a483aL,0x70f9b214aa53802cL,0x995af93010b066e1L } },
-    /* 57 << 252 */
-    { { 0xd2714b97aadf25ceL,0xb95c54162a7643f1L,0xae7dc619ba2f1939L,
-        0x30e5d013b0db537eL,0xfcd1a456753f0813L,0x19f7117cef62925cL },
-      { 0x40a22e35423d3c56L,0xb0271e9926a5534dL,0xc19f703cc76c9a1eL,
-        0x9b8fe585560bee08L,0x48c7797d3cc772aeL,0xabd2148e10bd6393L } },
-    /* 58 << 252 */
-    { { 0x046fb36cc34a7ba2L,0xd42e56d42a61a8a6L,0x16b8fd2d3d4b1184L,
-        0x6f9e85a26da29888L,0x1ff7324bdd683c49L,0xdb3746db27bb8e2aL },
-      { 0xa7e586e684be7f99L,0xfbd0c0ee61740d6bL,0xb80509bab2071320L,
-        0xb5bf09fea3f03641L,0xe872cd854971e39fL,0x9bed91c0ce2b2db2L } },
-    /* 59 << 252 */
-    { { 0x85177e7ca6bad7b2L,0xd5b1f0901425b611L,0x6b5f16223c4bfa24L,
-        0xde34a692def66d8aL,0x96c0663ee8a1b7a0L,0x43eb91ed459c8bbbL },
-      { 0x6cc7e78b7d3d8b92L,0x3c9da7efe0338ba8L,0x18d7ab00e21360b4L,
-        0x0785ca897f9df01aL,0x5bcfb8302220f1efL,0x8c61a3bfa52bbf42L } },
-    /* 60 << 252 */
-    { { 0x4dcc3b82196c21d2L,0xef0e0e1e61071fd8L,0xa2a28c3b35a013f7L,
-        0x7550d3d7f6b58f80L,0x0f1fc9d58101742bL,0x027874f055982d5dL },
-      { 0x5a10b98c629bc409L,0xa28a1b2baf494679L,0x84afdbe1b96578d8L,
-        0x201a8062d427238bL,0xe321ee2d89fffdb0L,0x0b304de4fb89f171L } },
-    /* 61 << 252 */
-    { { 0x5d8e16c0d7700dfdL,0x336e30fa24260211L,0x7ba72067ad557ce2L,
-        0xcb388c3169621e0dL,0xcf6b7d813dbf7ba3L,0x7bfe43a91cbd216aL },
-      { 0x6c40516adcffe0b5L,0xe77507f083b7ea33L,0x5b5cda074ba1fc8eL,
-        0x46860dd296c6d2c6L,0x4716114f0eb5013cL,0x05bd136898c3642cL } },
-    /* 62 << 252 */
-    { { 0x7fac263852ca5d3bL,0x35e5d8d0f5a2a596L,0x4c7129210011a394L,
-        0x400168f7a9c417e0L,0x220994b447b77b44L,0x01a7580af548c0adL },
-      { 0x59870c2afe292ad7L,0xdda35a1a2abf8e7cL,0xa3082dc4f16d0c7cL,
-        0xd4dcd5f38557c9e8L,0x38d45cc6ba7f0f99L,0xdefc0b1da7c18157L } },
-    /* 63 << 252 */
-    { { 0x5db2ed891c43e426L,0xeed247709adf4a50L,0x0b5e19765c8b90e1L,
-        0xe9db695ffa18542dL,0xc16d3bfb8d043dc5L,0x5c5feb44f11d3430L },
-      { 0xd44e3d57365593c0L,0x1338f26c8796edb5L,0x789b325e051ca644L,
-        0xaa93b75d1579c2bbL,0xa39a8ec57842c0b2L,0x84225134550ddf11L } },
-    /* 64 << 252 */
-    { { 0x9ec1159727a28f9dL,0x96f2c44bb847cd83L,0xacf794e131fca111L,
-        0x438b917896076f45L,0xad71035b51732588L,0x2db32f32a5d910daL },
-      { 0xefaad0e8fe1cc184L,0x6f0360b52e00bbedL,0x99402426474ce326L,
-        0xd53b687a2aa270daL,0x96c8bb78d78fa6ebL,0xd07f3bba6e699411L } },
-    /* 0 << 259 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 259 */
-    { { 0xfe1f11ad389283baL,0xc87e20b60cd91b22L,0x99d0015a3c5babf8L,
-        0x7e795b4d5929ea0aL,0xc9cf68331dfb7b7eL,0xc1c07346a64992e8L },
-      { 0x0b7e0dd89889746dL,0xa89d7b461c43ea4aL,0x64023cf034f02b96L,
-        0xf7dd410a5662f0c8L,0xa3bb6088a1058ccaL,0xedb25dc34e7801edL } },
-    /* 2 << 259 */
-    { { 0x140a0f9fdd93d50aL,0x4799ffde83b7abacL,0x78ff7c2304a1f742L,
-        0xc0568f51195ba34eL,0xe97183603b7f78b4L,0x9cfd1ff1f9efaa53L },
-      { 0xe924d2c5bb06022eL,0x9987fa86faa2af6dL,0x4b12e73f6ee37e0fL,
-        0x1836fdfa5e5a1ddeL,0x7f1b92259dcd6416L,0xcb2c1b4d677544d8L } },
-    /* 3 << 259 */
-    { { 0xb6f8d615a033cccdL,0x6aabb87cad75e31fL,0x30a03029a4646d1bL,
-        0xfad497e6e6547805L,0x4b9d45c3ba291f12L,0x0f74909bca059918L },
-      { 0xdece1fb0b5a181b7L,0x973f74413be1f21bL,0xcc919af36b06839aL,
-        0x14427886ad57101fL,0xc63a79882bbc8022L,0x04cf807426742ccaL } },
-    /* 4 << 259 */
-    { { 0x279fd119da1c29abL,0xbd0688022b30d40cL,0xd8f57da4da44105dL,
-        0xb1814b7a28223fe1L,0xcf2fd241e06f2d2eL,0x99003a0201dfde06L },
-      { 0x876a31affded7e4bL,0x1efaf8272f725094L,0x5117d608493a6a0aL,
-        0xdcec8088a88c03e7L,0xeae1d352ea916897L,0x8cdc28106e8b2c57L } },
-    /* 5 << 259 */
-    { { 0x52fb8e6f7041b903L,0xd7fc4b5b2ad368a3L,0xf16c61d2f890136fL,
-        0xeee859dfbb52a90bL,0x1651b16b3f8396cdL,0xfbced93eb6462918L },
-      { 0x1cb3126c4b6bfaa0L,0x65dfc76cc7c8fd16L,0x225b9c21bb46a3c9L,
-        0x6c3457577f64f9ffL,0x6f65fadd57c297ecL,0x72a630eae5c5bbbdL } },
-    /* 6 << 259 */
-    { { 0x0254486d9c213d95L,0x68a9db56cb2f6e94L,0xfb5858ba000f5491L,
-        0x1315bdd934009fb6L,0xb18a8e0ac42bde30L,0xfdcf93d1f1070358L },
-      { 0xbeb1db753022937eL,0x9b9eca7acac20db4L,0x152214d4e4122b20L,
-        0xd3e673f2aabccc7bL,0x94c50f64aed07571L,0xd767059ae66b4f17L } },
-    /* 7 << 259 */
-    { { 0x25cb1f44f4fefeeeL,0xe1a6b6c8bce660c7L,0xd25459a00d2118e4L,
-        0x716532dafedf8f98L,0xaeff37d492cfb480L,0x45919f7da1453c41L },
-      { 0x5100afe08d8836a6L,0x2ec20fd7b35d4fe0L,0xce8eefd1c00b7d66L,
-        0x922d535d6b82c7ccL,0x5eb38f3fddd8d80aL,0x7eae5305213ae465L } },
-    /* 8 << 259 */
-    { { 0x09f8bb0654e93c1eL,0xb0045884ad81e27cL,0x26ebc7b6076e13ebL,
-        0xbda0b5535d5ac07fL,0xbcb8132248ab69e6L,0xd3847d2e1c0f21faL },
-      { 0x7a466528c834d740L,0x6c67a79ae0823ff2L,0x85dd11864c1d7cb8L,
-        0x096f849f2d081301L,0xb4f503dd8a5ea0f0L,0x71ee0889d1bf69b2L } },
-    /* 9 << 259 */
-    { { 0xd7a5f9feaa074b9eL,0xbeda44032fd2468bL,0xca3956309c35ffcaL,
-        0xb02a1f592de68348L,0x946b0250903b35c7L,0xe9984f24634e9c91L },
-      { 0x4f70d22fe7303041L,0xf8a05d7fb68b0051L,0x0ce7af4fab5006afL,
-        0x1011d1644a6bb502L,0xdf959199da4ad1a6L,0xc468cddf1e146f24L } },
-    /* 10 << 259 */
-    { { 0x40336b12dcd6d14bL,0xf6bcff5de3b4919cL,0xc337048d9c841f0cL,
-        0x4ce6d0251d617f50L,0x00fef2198117d379L,0x18b7c4e9f95be243L },
-      { 0x98de119e38df08ffL,0xdfd803bd8d772d20L,0x94125b720f9678bdL,
-        0xfc5b57cd334ace30L,0x09486527b7e86e04L,0xfe9f8bcc6e552039L } },
-    /* 11 << 259 */
-    { { 0xffd4fd775b5c7501L,0xc43e409ee0600e93L,0xd2a18cba7d522993L,
-        0xbc2e14dc17c84d1cL,0xe84deb43c1eee29dL,0xe65326f08d691cbfL },
-      { 0x89760cdd77b726afL,0xb91c302a577b30acL,0xc6a742906e145891L,
-        0x95bf3e913be85cc7L,0x2ec0285b9815e0edL,0x5b4be6da8aa3ec95L } },
-    /* 12 << 259 */
-    { { 0x4ab7a22c02a2d1e6L,0x967e19a31371d5a4L,0x20f59f95078de336L,
-        0xfd28fa36f7869245L,0x1de42581cbf1d96fL,0x2e0127d7366e1f0fL },
-      { 0xbc65fa9d2258c741L,0x1f2f3356dd6d65f8L,0x06384f3a4a0822a9L,
-        0x1c81332bfd05a0aaL,0xbfb12361d95ee3ceL,0x180aaf0642016d00L } },
-    /* 13 << 259 */
-    { { 0x329ff57bf08c171eL,0x6cd8122a543af2a9L,0x5209a3d65b2f8d96L,
-        0x0285b128ba90c881L,0xeb5971ef61b43c8fL,0xf1ec473ccfd759b8L },
-      { 0xd2a79fb712d58e1eL,0x695f4877fdb6497bL,0x8bf5a4251f1a0f24L,
-        0x3e79a0dea5c8a189L,0x9c8ada35908b7ae3L,0xd8b8622c5000f772L } },
-    /* 14 << 259 */
-    { { 0x3b75c45bd6f5a10eL,0xfd4680f4c1c35f38L,0x5450227df8e0a113L,
-        0x5e69f1ae73ddba24L,0x2007b80e57f24645L,0xc63695dc3d159741L },
-      { 0xcbe54d294530f623L,0x986ad5732869586bL,0xe19f70594cc39f73L,
-        0x80f00ab32b1b8da9L,0xb765aaf973f68d26L,0xbc79a394e993f829L } },
-    /* 15 << 259 */
-    { { 0xdd01a72b6024f09fL,0x192c8254378d12e1L,0x03ec536bf5d8b8d0L,
-        0xb0c4c01873806514L,0x7d3c5f5614d202b6L,0x7c2a7c5c6febb3e2L },
-      { 0xf2fa07d4f9f2b562L,0x6f717b003ba2a4faL,0x1ff95d598f452226L,
-        0xe4b3f6ba867c1cf1L,0x907a648a5d0944ecL,0x1ed480007f64f9b9L } },
-    /* 16 << 259 */
-    { { 0x0a159f6295b3287dL,0xb18f875948cecad0L,0x6d1ab8ee1661a23fL,
-        0xcae7f40ec95c41b3L,0xbc3d20407c51eb56L,0xa7527283e8754250L },
-      { 0x815610561f9e668aL,0xb8aa7296900f5912L,0xabdbc1bf6af2a00cL,
-        0xe9a942542d0a56c0L,0x4774a7b77bc8959eL,0x0a837ff019cef2f3L } },
-    /* 17 << 259 */
-    { { 0xd9c3f4ea3c696c76L,0x3aff88caea5878bbL,0x2b01171b09dda122L,
-        0xa61d5ca0f599cad4L,0xba0c19bef49772c7L,0x8ee9acc25001f977L },
-      { 0x15fd3a172549a25aL,0x8f1a25d82263bc97L,0x372b88434db4af00L,
-        0xa613b31f4f912925L,0x7d83041a0b64efd9L,0x897c521ca7d5f6a8L } },
-    /* 18 << 259 */
-    { { 0x9c441043f310d2a0L,0x2865ee58dc5eb106L,0x71a959229cb8065cL,
-        0x8eb3a733a052af0fL,0x56009f42b09d716eL,0xa7f923c5abcbe6adL },
-      { 0x263b7669fa375c01L,0x641c47e521ef27a2L,0xa89b474eb08ffd25L,
-        0x5be8ec3ff0a239f3L,0x0e79957a242a6c5aL,0x1dfb26d00c6c75f5L } },
-    /* 19 << 259 */
-    { { 0x04c6a90ae75c82afL,0xe9183100f2488abdL,0xef4b378b111a46baL,
-        0x77ad9ef502eaa62eL,0x61229a6205e81570L,0x06e26a2db474c367L },
-      { 0x0bb2ea7e7113f2d4L,0x8ddc6f887f101386L,0x93fe2d7ef4de63abL,
-        0xc3d038278f44e271L,0xe9f9f48ea94e641aL,0xb84b817b4962467dL } },
-    /* 20 << 259 */
-    { { 0x36f3a3d8a084fae6L,0x759835899a9b0d95L,0x70722186cc80fcb6L,
-        0xf28ed0c796d84c04L,0x95a32263ffb63f90L,0xdd7d60a098766034L },
-      { 0xe193a31f1d5c387cL,0x6c5eca7eb8310f8bL,0xfe61d523c083ff47L,
-        0x90c832dbcb2944e9L,0xa9f3f293593334b7L,0xe6cde2e12d7d1c33L } },
-    /* 21 << 259 */
-    { { 0x5637d16b065096b9L,0xee3a2ad04770d39eL,0xae605cb56aa94587L,
-        0xc2d71dae9b600c6eL,0x672ef30d76a87e0aL,0x74d5bebe567e0817L },
-      { 0x38f591310eb8ca48L,0x92b74866031e099fL,0x654858ca785f77eeL,
-        0x264b6b7b830be443L,0xb167203d57103903L,0xa73d5d545ce2b21aL } },
-    /* 22 << 259 */
-    { { 0x2fd97b9b9dfbf22aL,0xdec16cc85643532dL,0xdf0e6e3960fee7c3L,
-        0xd09ad7b6545860c8L,0xcc16e98473fc3b7cL,0x6ce734c10d4e1555L },
-      { 0xc6efe68b4b5f6032L,0x3a64f34c14f54073L,0x25da689cac44dc95L,
-        0x990c477e5358ad8aL,0x00e958a5f36da7deL,0x902b7360c9b6f161L } },
-    /* 23 << 259 */
-    { { 0x5e8eb8f0636a77efL,0xe14290f8970c3a7fL,0xfe6f6acdfa1784c0L,
-        0x98671d33de6a46b3L,0xe7fd88722ae5a76eL,0xed971ecbae4f7d60L },
-      { 0x1d90dbd88461b895L,0x3f979ab4bfaaac13L,0xe06ccba1dbd3379aL,
-        0xb53b04ba108c4487L,0xe42609dd38d2730dL,0x0638fe82e81c4594L } },
-    /* 24 << 259 */
-    { { 0xbd079cf1f144b6ccL,0x7f86e29bb4f4a764L,0x5b08b290f21f9cbfL,
-        0xada0c85b75e3aeb9L,0xd0789f8b6666c2dfL,0xcf5d8a8cd71ec2ecL },
-      { 0x6f7780c3e7e4364bL,0xdd9a652985d2eb75L,0x8222f66bd952a38eL,
-        0x9dd5f7eb27260a29L,0xce49b34457947178L,0xaa215f82cdda7e39L } },
-    /* 25 << 259 */
-    { { 0xcb91619d1419a50fL,0x44a22eac65dc4c84L,0xc199f93701a92405L,
-        0x3749a33198045324L,0xf1676e8abc57764dL,0x922f9460a00c33eeL },
-      { 0xfde98e63d3766db4L,0xae08a82efd5ffb6aL,0x6a9834537c0c6ae7L,
-        0x0e9a919a54f34cdbL,0xf37a95e8fd88d765L,0x927427d4228a1affL } },
-    /* 26 << 259 */
-    { { 0x454ab42c9347b90aL,0xcaebe64aa698b02bL,0x119cdc69fb86fa40L,
-        0x2e5cb7adc3109281L,0x67bb1ec5cd0c3d00L,0x5d430bc783f25bbfL },
-      { 0x69fd84a85cde0abbL,0x69da263e9816b688L,0xe52d93df0e53cbb8L,
-        0x42cf6f25add2d5a7L,0x227ba59dc87ca88fL,0x7a1ca876da738554L } },
-    /* 27 << 259 */
-    { { 0x277c833f57c7bf99L,0xbbb84d1d0b301f02L,0x11435cb20713a92bL,
-        0x8ae509702d02862bL,0x4edc66bdaa7b0660L,0x5bc0d893d6382c91L },
-      { 0x7992c5d3b94a6343L,0x1cfee04147b19345L,0x57963034964ed646L,
-        0xd7af0cac3de7b0e9L,0x5123dd8d481b940aL,0xe1d23ad8ad7d3567L } },
-    /* 28 << 259 */
-    { { 0xaa44b2863004db31L,0x86f43d7ad43e4430L,0xdc4874cdb0b0240dL,
-        0x79986a23adc45a06L,0xbb275b443cee4631L,0x21daee8a63a217aaL },
-      { 0x1e7c5397d7b25c02L,0xe677d3cbc5e668faL,0xc7c84e28ed51b4bfL,
-        0x7ca19e99923e5408L,0xc6f8a595c3f832e7L,0x2d0a789c5fb049a3L } },
-    /* 29 << 259 */
-    { { 0x49702e622b82b466L,0x365d4f6afb8fe508L,0x2f5234e044884733L,
-        0xcd527f345dd0a3d5L,0x371b02544bf4033eL,0x7d84ad677e3212e0L },
-      { 0xaf48fd79e69d6b81L,0xd126f83a7a44bfc6L,0xbb8d2b57b2cc4e93L,
-        0x5f62a3d5eb60ec5fL,0x7b37da33aa76c824L,0x7593d06b89a682dbL } },
-    /* 30 << 259 */
-    { { 0x3fa5c1051cac82c4L,0x23c760878a78c9beL,0xe98cdad61c5cfa42L,
-        0x09c302520a6c0421L,0x149bac7c42fc61b9L,0x3a1c22ac3004a3e2L },
-      { 0xde6b0d6e202c7fedL,0xb2457377e7e63052L,0x31725fd43706b3efL,
-        0xe16a347d2b1afdbfL,0xbe4850c48c29cf66L,0x8f51cc4d2939f23cL } },
-    /* 31 << 259 */
-    { { 0xc342ed50dd305573L,0xe3055013de86c6c8L,0x0ae84d9776deedc4L,
-        0xe8e70cbfd1274b52L,0x4bb51dce32e87f7fL,0x32de3672f3748177L },
-      { 0x528af91681722d55L,0x459af071a5f2ce91L,0xf6883bbdc685a670L,
-        0x398657f9eeb836b8L,0xa08a793eb9278bd7L,0xe786426bcc09e408L } },
-    /* 32 << 259 */
-    { { 0x114a25c844922386L,0xdd084d446d4e8b57L,0xc49b68411e7bd7deL,
-        0x5b0359fad6da54dbL,0xa6e6e5f93f0da321L,0xb65ec55cd640a87eL },
-      { 0xc1a4f6ceae64020eL,0x91e29cd2088e1337L,0xf44ceb8e3c0a631cL,
-        0x0205b11db756445fL,0x04844e845bc8880eL,0xb630ddc0b85e00d3L } },
-    /* 33 << 259 */
-    { { 0xac512659c6ee46b6L,0x0c92e402ca82b384L,0x81d79049194fba3aL,
-        0x9b68376c36b42b32L,0x6dc1c80cf6b410b0L,0x509fbe9196b2b328L },
-      { 0x988fedd6fdc783b1L,0x9f34cd87436ed055L,0x29f243648bb8809fL,
-        0x6962ca24b8dc8b68L,0x076cb7b931963ff9L,0xb609ad792b915093L } },
-    /* 34 << 259 */
-    { { 0x169e025b219ae6c1L,0x55ff526f116e1ca1L,0x01b810a3b191f55dL,
-        0x2d98127229588a69L,0x53c9377048b92199L,0x8c7dd84e8a85236fL },
-      { 0x293d48b6caacf958L,0x1f084acb43572b30L,0x628bfa2dfad91f28L,
-        0x8d627b11829386afL,0x3ec1dd00d44a77beL,0x8d3b0d08649ac7f0L } },
-    /* 35 << 259 */
-    { { 0x4aeb3f870af947c6L,0x9ac9ff2791d090c1L,0xeaaa7e0fcf698277L,
-        0x737ccc2ff09d6155L,0xd5d4bde86753cc31L,0x3b9063477146d4a3L },
-      { 0x75106d8959e32369L,0x7a8ee281645999b3L,0x9184fb5cfc3f675aL,
-        0xaeebd0423ad4e239L,0xcff8f73e12f449d1L,0x2771bec17339eb4bL } },
-    /* 36 << 259 */
-    { { 0xf783db44e6674091L,0x57d0eed31e12a3b7L,0x62d2762af3474f91L,
-        0x3d122edf0562af71L,0xaf78dbf77f4bbcbbL,0x8fbbbd97e55f0654L },
-      { 0x77e117b004bac36eL,0xbbf6bd463ec582aeL,0x553acd10017eb463L,
-        0xfc521187fdfd820bL,0x73211103089b6829L,0x9d3fe7ad7e01e5c0L } },
-    /* 37 << 259 */
-    { { 0x12a8b7ac04c6babfL,0x7b23210557d2cf63L,0xe03831868f21ad0dL,
-        0xd14c2b95acdc2184L,0xe7bd19fcadc9bae1L,0xe2dbabf2edea5c71L },
-      { 0x009a3ab78f3f4266L,0x159691e17f8ff74fL,0x5ae666aa22f40f41L,
-        0x72fcdc88512387bbL,0xa74e8fb841516c92L,0xd9cee7833b15bf07L } },
-    /* 38 << 259 */
-    { { 0x00a93daa177513bfL,0x2ef0b96f42ad79e1L,0x81f5aaf1a07129d9L,
-        0xfc04b7ef923f2449L,0x855da79560cdb1b7L,0xb1eb5dabad5d61d4L },
-      { 0xd2cef1ae353fd028L,0xc21d54399ee94847L,0x9ed552bb0380c1a8L,
-        0xb156fe7a2bac328fL,0xbb7e01967213c6a4L,0x36002a331701ed5bL } },
-    /* 39 << 259 */
-    { { 0xd76b43661c8bd222L,0x041c2b87b97e5b19L,0x7b80f8d7b47c4282L,
-        0xfec3d476d0dbc7d3L,0x84aa69712753a830L,0xe5f336079ec85e26L },
-      { 0xa425d60cfe2374b3L,0xf88b90f14d953af2L,0x80370e7857ca6c43L,
-        0xe07d07176f4d6d7eL,0xe60639401e61ab85L,0x171a2bf632a4c829L } },
-    /* 40 << 259 */
-    { { 0x38e4168d4f8b5073L,0xf1ddc53fc521849cL,0xd2bf515bab917df1L,
-        0xab76b71a697d45c1L,0x20fdc6c7cb566a9dL,0x3843bf838a031cf4L },
-      { 0x9a2d89a58a028b04L,0x52f3cb1922a908cdL,0xb5df9c2b7b8723baL,
-        0x5142f51060374a3dL,0x949b719800bd9f30L,0x4b7cda16c9b86959L } },
-    /* 41 << 259 */
-    { { 0x22a32c50d154fc49L,0xe12242de66357eb7L,0x67571eb89f19ef9fL,
-        0x2ed01f28b92b20e1L,0xd4fd6efb6cd439c0L,0xc4036cfc03b057fbL },
-      { 0x605fab271cc48da5L,0x3cbd7a071416a3e7L,0x9cfe7161714bf173L,
-        0xbd03d786a77eb0f8L,0x1423516678b8f5ccL,0xecc56e02f0523f3fL } },
-    /* 42 << 259 */
-    { { 0x20b1632addc9ef4dL,0x2a35ff4c272d082bL,0x30d39923f6cc9bd3L,
-        0x6d879bc2e65c9d08L,0xce8274e16fa9983cL,0x652371e80eb7424fL },
-      { 0x32b77503c5c35282L,0xd7306333c885a931L,0x8a16d71972955aa8L,
-        0x5548f1637d51f882L,0xb311dc66baba59efL,0x773d54480db8f627L } },
-    /* 43 << 259 */
-    { { 0x2be2f1d67d64ddbbL,0x3afc2fad6edd7e04L,0x9a57c16d9e797442L,
-        0x1efecfde9c16769bL,0x86523c3571b2940aL,0x1a9b30035825d17cL },
-      { 0xa25e99beeefc4d7cL,0x8521b49fb50df9eaL,0x10bd2309bd8f3b06L,
-        0x1f892e95ea82e80cL,0xf741621c93585741L,0x95687594f5e5087aL } },
-    /* 44 << 259 */
-    { { 0xbcdd3a3146f684c5L,0xbc8be436f700b0cdL,0x33005e370de75b7dL,
-        0x527a8a2c3bd820caL,0x5e44854446997e4cL,0x40921fd93c3dafb0L },
-      { 0xf3873a8ab7390d9bL,0x30999855495ba2fbL,0x005164f0813c8c76L,
-        0x05bb04d7fe8da60cL,0xee7c38d503224ad1L,0x172018d615785ce5L } },
-    /* 45 << 259 */
-    { { 0xaaf786c0f6442534L,0x3f1344c1e56b44a5L,0x31199702ed073a36L,
-        0x1f8ba0ec3df17e33L,0xf3e7b63493ceee0aL,0x568bdf39490fc4beL },
-      { 0x364bdd11b1e1c439L,0xa1aa317ae5a63c82L,0xb12697034c02ee46L,
-        0x0bc6d92e7eb64374L,0x87538fe740ed83f1L,0x862450abda74892aL } },
-    /* 46 << 259 */
-    { { 0x59b1b1347a62eb3bL,0x0f8ce157cceefb34L,0x3fe842a8a798cb2bL,
-        0xd01bc6260bf4161dL,0x55ef6e554d016fdbL,0xcb561503b242b201L },
-      { 0x076ebc73af4199c1L,0x39dedcbb697244f7L,0x9d184733040162bcL,
-        0x902992c17f6b5fa6L,0xad1de754bb4952b5L,0x7acf1b93a121f6c8L } },
-    /* 47 << 259 */
-    { { 0x293ff71acc51318fL,0x69437a2e614149cfL,0xb12ea4613b48b348L,
-        0x2f58020321f6cf90L,0x2e865f77178b53fbL,0xf4774d29231909a8L },
-      { 0x0433e66bc4d8b703L,0x4fb6256b907097cfL,0x44a2a7fe004470f7L,
-        0x7d3ebbb46dc5f10aL,0xe9b3af288f5526b4L,0x4bc0d9db1107bd75L } },
-    /* 48 << 259 */
-    { { 0x4865c0ffc0391d0bL,0x70d31470176740ffL,0xf44ca9a1ed506d00L,
-        0xfaac86f6c981153aL,0x713ddaf4e3f86940L,0x64ec27093fc39de9L },
-      { 0x04d413acac9a26b5L,0xde2052eebb21664bL,0xa6e04de8957b4f20L,
-        0xd185b640d5487618L,0x1668b6a46fed1707L,0xeed37894c435ac3dL } },
-    /* 49 << 259 */
-    { { 0x1fa08a16f69cdfbbL,0xabba54dd0bf735a1L,0x37848c6a68a5cc20L,
-        0x08e23c52a969298bL,0x48240306f965bddeL,0x48492deaf90bcff5L },
-      { 0x416b9005bd994e22L,0xa6ce214ce6429f16L,0x5aaeec21f43f86d4L,
-        0x202db9b7a0b1979fL,0xb2d97b4fdd7ae6d5L,0x4fedb6b9e12f04a1L } },
-    /* 50 << 259 */
-    { { 0x7a56867c325c9b9aL,0x1a143999f3dc3d6aL,0xce10959003f5bcb8L,
-        0x034e9035d6eee5b7L,0x2afa81c8495df1bcL,0x5eab52dc08924d02L },
-      { 0xee6aa014aa181904L,0xe62def09310ad621L,0x6c9792fcc7538a03L,
-        0xa89d3e883e41d789L,0xd60fa11c9f94ae83L,0x5e16a8c2e0d6234aL } },
-    /* 51 << 259 */
-    { { 0x9c8e64869c85df60L,0xa84692a681e26100L,0x0350e1209c739462L,
-        0xb6da4ebf99fa1f63L,0x857b534055e2bcd4L,0x7f4001dbdb209cf7L },
-      { 0xbfa320378757800cL,0x2d56821fa6a562b5L,0xe56d810b6c3e775cL,
-        0xeba244a6ba757f86L,0xb7ca8dbf80a17cb3L,0x8cbff4a22b7db57cL } },
-    /* 52 << 259 */
-    { { 0x650c31da9dff967dL,0xecd1e0f77ed949dbL,0xa7ff9becb20196fdL,
-        0x5085c68d1e6259aaL,0x5759a166871a71e9L,0xba15e24c2b4d3bd2L },
-      { 0x22c4f75912c51998L,0x6038fb0a7c8a9400L,0x64827d9c09625dacL,
-        0xd8ce10c96ec4fb64L,0xe417ac30095686ccL,0x1e624aa88c723f44L } },
-    /* 53 << 259 */
-    { { 0x872d3dc953387fbaL,0xaaa0e1b4317ec17bL,0xa12b45519efb728cL,
-        0x0b43907d45a3491eL,0xb7fa83befa4a239dL,0xbecdae00b59a4f3cL },
-      { 0xe4e4c7c393407d23L,0x8278f336cf1d3cd8L,0x73dc9356610570a3L,
-        0x5579653d688d933fL,0x208b96be5881d760L,0x4752a645d12f57bbL } },
-    /* 54 << 259 */
-    { { 0x87ec053da9242f3bL,0x99544637f0e03545L,0xea0633ff6b7019e9L,
-        0x8cb8ae0768dddb5bL,0x892e7c841a811ac7L,0xc7ef19eb73664249L },
-      { 0xd1b5819acd1489e3L,0xf9c80fb0de45d24aL,0x045c21a683bb7491L,
-        0xa65325be73f7a47dL,0x08d09f0e9c394f0cL,0xe7fb21c6268d4f08L } },
-    /* 55 << 259 */
-    { { 0xe02aca87d4bba3cbL,0xd40ac486652fb181L,0xa1dcfe7ffaa3f999L,
-        0x116323e0e9eded09L,0xaa3a0f0f07629d4fL,0x9f8e49f5e0dc53adL },
-      { 0xbae96096742af22bL,0x6d7e24dd518862dbL,0x5c91ba30bb333cd7L,
-        0xda8df051e65319b0L,0x2b9305ce9b3e43dbL,0xbf1d0e98fe783571L } },
-    /* 56 << 259 */
-    { { 0xf629fb233809aa31L,0xb3b66d77650bd2b8L,0xcb643126bd325d57L,
-        0x29f46272ed41fa03L,0x374e734f406ef56cL,0xbb9ecd36da7428eeL },
-      { 0x069694a61c06325aL,0x852b2912e40b9e8cL,0x6504bc90cc3d9695L,
-        0xf1af43587e38707aL,0x552127dc239a0781L,0x0d1b3a6e8fe76173L } },
-    /* 57 << 259 */
-    { { 0x207e41f31d681018L,0x8883a6e417a7d540L,0xffc48332bc983c31L,
-        0x729c4110c6b3de67L,0x5ef4680ad69a2499L,0x4544b58fe7afb2e7L },
-      { 0xf5a2fb13480e063dL,0x8797357382054197L,0x5dd38cf7131d2df7L,
-        0x635e91b8a9366742L,0xbd87a407e0d703c5L,0x6cc37be247251f16L } },
-    /* 58 << 259 */
-    { { 0xc4ccab956ca95c18L,0x563ffd56bc42e040L,0xfa3c64d8e701c604L,
-        0xc88d4426b0abafeeL,0x1a353e5e8542e4c3L,0x9a2d8b7ced726186L },
-      { 0xd61ce19042d097faL,0x6a63e280799a748bL,0x0f48d0633225486bL,
-        0x848f8fe142a3c443L,0x2ccde2508493cef4L,0x5450a50845e77e7cL } },
-    /* 59 << 259 */
-    { { 0xaa129c0ddc428c57L,0xfe619b75aea19047L,0xd6287ecf12ea77aeL,
-        0x4e6d070fdf7ce104L,0xd0df6788f097c79cL,0xd1c1f8a6ad8b1d07L },
-      { 0x53eceba296519e66L,0x71670de3d6274109L,0xd2f21ea03f7a82b8L,
-        0x41efbe939c8e45a5L,0xb5b153436ada3edfL,0x32ba22aca90038f8L } },
-    /* 60 << 259 */
-    { { 0xe1d195fad0cbe947L,0xd1fe0c4ef2ef1b72L,0x1451a0b206003fffL,
-        0xda653fa08239341cL,0x5f834372f2508d75L,0xaeb245f507faeac3L },
-      { 0x3eb3285b65fdf4ddL,0xfb335c0e84085970L,0x600ad6cae5efc0deL,
-        0xc9c9f8910cf83e82L,0xf880ff84ad8cc14cL,0x54816725a016aae6L } },
-    /* 61 << 259 */
-    { { 0x22ce565ce1124375L,0x30ff1dc5edd968c9L,0x62d74c54e9148534L,
-        0xf003f0d35de42774L,0xaf9448e6e57f8842L,0x55d5c9a3c5ff761bL },
-      { 0x7da9398cc4c5edd8L,0x9643424e4ea0e099L,0x497eed480634fcb4L,
-        0x09ffe2d07dea57cfL,0x30673ba73530a094L,0xfdbf8f24a251cff3L } },
-    /* 62 << 259 */
-    { { 0xd0f4e24803112816L,0xfcad9ddbccbe9e16L,0x177999bf5ae01ea0L,
-        0xd20c78b9ce832dceL,0x3cc694fb50c8c646L,0x24d75968c93d4887L },
-      { 0x9f06366a87bc08afL,0x59fab50e7fd0df2aL,0x5ffcc7f76c4cc234L,
-        0x87198dd765f52d86L,0x5b9c94b0a855df04L,0xd8ba6c738a067ad7L } },
-    /* 63 << 259 */
-    { { 0xf9ae5fcedb877020L,0xd84ad42f703e5d09L,0xa6a5cc1fbfaed17eL,
-        0x2099409829362fe9L,0x9f863bb0dd299c2dL,0x82bd3f61fa632197L },
-      { 0xd3b14097ebe7ff51L,0x7c9e6ec4c719a6bcL,0xd3b46f3d70a51db6L,
-        0xc8fa2f0692eb8243L,0x68e1f56e02155139L,0x0c35d135fd3b893dL } },
-    /* 64 << 259 */
-    { { 0xe76894c3ae7ce296L,0x87737ee2a6cafc34L,0x566dfcfbe55cd1e6L,
-        0x5421a9f23a7ad5b9L,0xa005838a4687a4efL,0x3837219a23a2c423L },
-      { 0x4b7800128a82cd1bL,0x401c07bec728b588L,0x2b5f69e937ced8f3L,
-        0x306b621d8c1e1eaaL,0x8acbbe71d389cc4dL,0x922fa665f4ab7774L } },
-    /* 0 << 266 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 266 */
-    { { 0x2df6f242d35c2d80L,0xf65a99a93493ce97L,0x9e80232b372bcc87L,
-        0x26ba13b86e428cc5L,0x2526ef1f13a1b763L,0xcef3edcddc97c5f3L },
-      { 0x4954867fbde16b73L,0x9817813d368ff6cbL,0x7e39fa69be143027L,
-        0x12329463cf54f28bL,0xcf0991dc7597c2daL,0x0cda396952e07099L } },
-    /* 2 << 266 */
-    { { 0x412f64a3f303955dL,0xe92bdca9bd692593L,0xfbe6cdc2c2e964e0L,
-        0xe9a3b1fd0011cb01L,0x6c30762dcf228f23L,0x1270b84abe9199a1L },
-      { 0x732711dfe3c9cbb1L,0xa3aabe37d91d9513L,0x8ee08ba0c6eceba7L,
-        0xb1711531f3c3d31dL,0x65060b633c716948L,0x046b4ea12ff2caddL } },
-    /* 3 << 266 */
-    { { 0x25d1124fbab220c6L,0xcd1423c861524e3eL,0x75e4f45f0434fb51L,
-        0xb5180a8f5180ab2bL,0x144e214e5b22e388L,0x6b16dad192263054L },
-      { 0x3ea7590740863566L,0x372d5abddada3b46L,0xb3ff5a3a893d210fL,
-        0x39f8d1ce5e29f3dcL,0x559186ce68200e82L,0xf48764541202cb66L } },
-    /* 4 << 266 */
-    { { 0x6f178dbf8b540904L,0x0264bccd8720472aL,0xa6e8b4b459b46611L,
-        0xafce8267c72b4a58L,0x21142175a45985adL,0xd23401dfe649d733L },
-      { 0x6bf42fe085dc7720L,0xc5c8ab9440e3f2f5L,0xb0c8a58acd029197L,
-        0xa73ff329215492e1L,0x895c545eb1b5a5f0L,0x6dbc24456fcaf49bL } },
-    /* 5 << 266 */
-    { { 0x25ef32d60f2d76a3L,0x540650b9af4a7d46L,0x8979a4b8d991d7f4L,
-        0xdaa706c299202400L,0x8a729680f19d281dL,0xde25bdc44ec44de2L },
-      { 0x0fc50832c2054496L,0xfee72fb60aaf2941L,0xc8263e64b82ed4f0L,
-        0x91a8cb736f49055cL,0xb7585458f2bb515cL,0x03d2b23ab855e6c6L } },
-    /* 6 << 266 */
-    { { 0x09ec1e3dcfd3f182L,0x1f1c30b5adae7af9L,0xf3a33f7c6b454164L,
-        0x0318926f94647c4fL,0x8e37bdd787db14ecL,0x811cbd342ab364d3L },
-      { 0x1dd1e5077c2b369dL,0x7a57bc46a28056bdL,0xfca5be4b089efe44L,
-        0xb3bd84d76dc1290eL,0x40d7af098793e6aeL,0x4e08e11fa3723942L } },
-    /* 7 << 266 */
-    { { 0xca3709ad899ffebbL,0x1a87377877c00602L,0x5ff40c2aa99b4af0L,
-        0x680464e5a80e870cL,0xd2f7f04494e10b1dL,0xee9b206c4e9aa1a7L },
-      { 0xb536d67596cbe950L,0x841856899e8305f3L,0xae1b669c369fa255L,
-        0x62e260267233e1eaL,0xac05c5136aa60c24L,0xdfc6814fd2691677L } },
-    /* 8 << 266 */
-    { { 0x8baef5df0a02b0fbL,0x58a2b06bc2b92b02L,0x268558d754c8267aL,
-        0xf924f795ccf70393L,0xe3763f30f68ee021L,0xc1e856f05c01ba4bL },
-      { 0xcc01a3e9722b6bffL,0xd2be4623ed5b3b02L,0x1ab3512e6c45e33fL,
-        0xa978fe484ef433f6L,0x23e2ea018e21f5afL,0x49647d8811524a40L } },
-    /* 9 << 266 */
-    { { 0xd50abc94f5d3f437L,0xbf2ffcc546b7b738L,0x0bf53571f80edda5L,
-        0x167908d4ab90ba5fL,0xad445b102303cf00L,0x9b537d4fb9e59406L },
-      { 0xfac5e27cf43049a8L,0x05ccb32ebf9db100L,0xe662eeac4d1b535fL,
-        0xbf21d6d78d27ca90L,0xb960bf652a684981L,0xe16bdaee49236475L } },
-    /* 10 << 266 */
-    { { 0x47a5958f92ad4720L,0x12c33193da3bf809L,0xf16493147da6d32cL,
-        0x42eb4e687102deebL,0x0f8c4ce283088c86L,0xedf91c3bd693c9a2L },
-      { 0x8a18a4761e8c310cL,0x5e8757c5dc3db0e8L,0xc48b820ef76a0affL,
-        0x690d788d5c71e596L,0x2b0a00857cfe770dL,0x440ba06bd46505f0L } },
-    /* 11 << 266 */
-    { { 0x503f77906087d4d0L,0xc7243aeda1ebfb04L,0x203f0563ad8f14bdL,
-        0xc20013b7cad73fcaL,0xbace8b323741a708L,0x0b376ff731bdeb56L },
-      { 0x820b7f1282c22e57L,0x0c08133117830562L,0x306d178a8d0d30c2L,
-        0x36a6efd1467a1510L,0x558fea1af55b7b97L,0x1e9152b784e546eeL } },
-    /* 12 << 266 */
-    { { 0x92a7fbcdac3ce531L,0xeb85f7f059498d99L,0x8e45db2d02a8feb5L,
-        0x176c0cb2728cecbeL,0x33fcfbb0d1837662L,0x426e192dd6f2882cL },
-      { 0x75a0f3450a2c9899L,0xd815dc6066148f9dL,0xf4ea90cefa0453afL,
-        0x5108858ff54c96fbL,0x86b46b5731f77afcL,0x59df021f6bf7e2fcL } },
-    /* 13 << 266 */
-    { { 0x48d67f73dab6c0f4L,0x70cfc26cf0d49ef3L,0x25c95a68a65cce7bL,
-        0x29a05632cf6ad228L,0xbcc2fb5a1a8128f5L,0x360d82a48c9defe0L },
-      { 0x1c5c5d628d1531d8L,0x58fc4b9a149f6b4cL,0x8097cf56a3b625adL,
-        0x8821ead7fd8e0e35L,0xb96c2b880d9e1df0L,0xfbf55ba72a243accL } },
-    /* 14 << 266 */
-    { { 0xef32e94d70e0d8fcL,0x33ec93dc6d63e65fL,0x134532fb1dc7156fL,
-        0x98fb5b0c0e8d85b4L,0x05c28df9b64f7861L,0xa7e73afa4160e1a2L },
-      { 0xbfe60a9b785f6e4bL,0xfcf998f12fec9ec5L,0xf673b8d15c12a44aL,
-        0x85df3bc736d189a5L,0x4480a189dd83f6e0L,0x3216317ef3d3ab44L } },
-    /* 15 << 266 */
-    { { 0x221c1b7ffd3d7532L,0x40939c318bb4e719L,0x75182ce602f8f74eL,
-        0xf508d6415395f9d8L,0x88fc89ea1fc81977L,0x861d8d0bcc8dc7d3L },
-      { 0xd76e4f0cec07b0e2L,0xb0a4e2aa5819b99bL,0xa67bed0366a9c935L,
-        0xce7c8241d2781f91L,0xe7c5c22512af0abdL,0xd1067dbcfde7de16L } },
-    /* 16 << 266 */
-    { { 0xe1d42d94d087b788L,0xfbfb221aba0e176aL,0x5f6698e783686966L,
-        0xbb5e159474a30dbfL,0xef86bb5bcfd20230L,0xf055a1c5403b8f8bL },
-      { 0xf249aac8d9d85ea7L,0x7318f7bc3d200198L,0x3b80960cefca9a90L,
-        0xf28e33888f449c4bL,0x0cdfc61bf0cfe09eL,0x3b169c638b22cd26L } },
-    /* 17 << 266 */
-    { { 0xf4f13a49b81b45b0L,0xb77a67be3003fe1bL,0x70e648a318d52c97L,
-        0x701ba8a1ee17ce93L,0x58a0ce0cf672226aL,0x2fcad147cebc3294L },
-      { 0xf5cd118a104e8f68L,0x0015bc0bd15358e6L,0x75f0d28f1c662df4L,
-        0xcd54f443a3e038f4L,0xa83507610804c717L,0x5fce0ce3f03bad08L } },
-    /* 18 << 266 */
-    { { 0x4c2e2bffa180a71cL,0x067f3e3baff551b9L,0x007610f1afa43e12L,
-        0xe8a9ae79ef7b9a1cL,0xa558ef6cf9d3b397L,0x8d5229884f172f34L },
-      { 0xafa906332d425e05L,0xc62c3914207b0bd8L,0xc84d197c059f7d66L,
-        0x6cc1d8ce421a9172L,0x1d44a46929a7ebe3L,0x96ca4d0171c3c8b1L } },
-    /* 19 << 266 */
-    { { 0x31302e094d369fd6L,0x62fe210cf1b62d27L,0x496ac173bb37578cL,
-        0xb4d3d065aa0907e0L,0x02317db27c822875L,0x60a01580f241ebc7L },
-      { 0x81a5d5244e4f37d0L,0x5286f7289c3f2555L,0x14c8c7549a73ff08L,
-        0xd8236689ff478877L,0xf62d426b08e09f00L,0x2ba1833c67a96517L } },
-    /* 20 << 266 */
-    { { 0x7013d596831f464aL,0xe57185fdd3cf6ca2L,0xbba7898e35915f51L,
-        0x9fbe5f139fd967d4L,0x0aba8344d173558fL,0x4c0dd30dffeb6beaL },
-      { 0x928f68cc5110e40fL,0x1589a327a58b6d60L,0x09b5c4e06abb0ac9L,
-        0x01ef3f8a68957627L,0x55dbe9f79f4045a4L,0x91976aeeef178ac3L } },
-    /* 21 << 266 */
-    { { 0xd9c20a69b85e46d9L,0x1bda1163cdbda686L,0x5c0717f6c02427a9L,
-        0x2a976c104d2a48afL,0xea276b15921a02e5L,0xf055b980ddb6315cL },
-      { 0x0ab85663825f00efL,0x95377fd42053a392L,0xc51c245e23f463e8L,
-        0xe1ae1e5da24c981fL,0xd6a0b44d9f5cfdbaL,0x1205754023c16002L } },
-    /* 22 << 266 */
-    { { 0xfe464ce116ac9150L,0xfd629551173ee9e8L,0xd0623ab1781696cfL,
-        0x7a07cedd58529fa9L,0x831b4a9d449c33a0L,0xb7b7b72417b171a8L },
-      { 0x0e1ff931f5a9aa41L,0xd43f33dfe356ba47L,0xd2abfc77f003b5d2L,
-        0xc2909150882c0313L,0x83823f6c7ee111a6L,0x9d7a2d82f59cb72dL } },
-    /* 23 << 266 */
-    { { 0x52e712549b33f6fdL,0xd4d9b73f5c414babL,0x9834943177e93a9bL,
-        0x848b53c99f283fc9L,0x86e48b6234c787efL,0x8b498e1cb3166045L },
-      { 0xb2259559e5e456ddL,0x0316069fa2c2ca8cL,0x9a70e29ef6524ecfL,
-        0x2477ffc9bfff600dL,0x80a9a5e081869e1cL,0x84f887e70a78f6a0L } },
-    /* 24 << 266 */
-    { { 0x7f89c2c40c9f23eaL,0x8fb025d4d6ec2b2aL,0xbe70e48b12d9f811L,
-        0x703ac1bdc7a43dd0L,0xa4309a2c2118ca3aL,0x5a95d7b301943012L },
-      { 0xd9597d87811f6c73L,0xf82e801596079992L,0xfcf8760df1561aa9L,
-        0xe1e0306e2d91ee39L,0x99979031e0bbcb6dL,0x49259e54cfcc8746L } },
-    /* 25 << 266 */
-    { { 0x0de49373a38fb6dbL,0xda9e9036d6bf0a7dL,0xc99fe05fcba221c4L,
-        0x45b51edd4cb730f8L,0x312670a3b064e142L,0x60dd1edecddb9ddeL },
-      { 0x94be613b9291d75dL,0xbc49861ca00b9831L,0xccec7a08230320bdL,
-        0xd1de7bd80ff967b1L,0x5a1164f105fda7e3L,0x864cfc4ce3004538L } },
-    /* 26 << 266 */
-    { { 0x06f76165385095a7L,0x3c73ac918514b2e0L,0x8ac1120a04b2dac0L,
-        0xed6a74174382d5b3L,0x852a5a7864a32d50L,0x7ef5b84bbdc721acL },
-      { 0x73dd18980480d271L,0x755b23e04ab0b11dL,0x2e78238982391e5aL,
-        0x4957b5c948923446L,0x4ab9318f6921c1fdL,0x8e455abd3e46607bL } },
-    /* 27 << 266 */
-    { { 0x5c41aafbaf25d6b6L,0xe351f1df916b63f6L,0xe28e9ba98a6efd65L,
-        0xcbca736356afe7b0L,0xa77d6077f7384e6aL,0xcc9ad74a738a90abL },
-      { 0xe1071caa2333dc2cL,0x4415691000dfc2cbL,0x0ce43c16afd89eefL,
-        0x0cfbb8767b812045L,0xe6da40fa6d916fc7L,0xe404b3436302af21L } },
-    /* 28 << 266 */
-    { { 0x4073f246d9915433L,0xc0149d5672e06203L,0x0abb06c18fcec6a1L,
-        0x3a7d1295d75a73f1L,0x65fd8700f18c9488L,0xc3cc0b27732f7741L },
-      { 0xd15d8c8025a261caL,0x518233510dc1fee5L,0x981607c7120e1266L,
-        0x0e486b11f42cc9fdL,0xe606c16c01a888cfL,0x079dd0b31ea23249L } },
-    /* 29 << 266 */
-    { { 0x19c62d3c58624305L,0x44974c41b73eae15L,0x2df48b6dd023231aL,
-        0x6a82c197c6fad2d0L,0x55758764c623fdceL,0x29f533fbadcebd90L },
-      { 0xcfbe4155cfff7336L,0xb18415c7bfb609fcL,0xc23395ad8d411a6cL,
-        0x25aebbcf0c92de60L,0xf4d3b1ebc5ccf268L,0x9646b4a79ac85de3L } },
-    /* 30 << 266 */
-    { { 0x0f423f3013d6cb61L,0x239b2baa66674aceL,0xa6f2ba39eda69340L,
-        0xdbbd20eb43e6918cL,0xe6ce84a3e5e7248cL,0xd9184bb5e04c580cL },
-      { 0xe4b76d96a0738aedL,0x98662b6090d480a8L,0xfb14bec72610b6c5L,
-        0xdfcb01f6bb65837cL,0xd7f0b6ad4a97fb21L,0xe6d84f4bad59b2ceL } },
-    /* 31 << 266 */
-    { { 0xa79085eb1f7e921aL,0xe2737a08d0aeb41fL,0xa96d7e8169ead959L,
-        0xbed1731b733b7c6aL,0x7768e32df508a48aL,0x6f73a08651ccc97aL },
-      { 0xb7f94a4b9122db73L,0x1cd17ca257ec947eL,0x7c83fe278f8445f1L,
-        0x661f5d82b520fe34L,0x495354942233d364L,0x0bf7abe663925ca2L } },
-    /* 32 << 266 */
-    { { 0x923e948c203bb368L,0x58e37a2b231a80e0L,0x345a011a6df27debL,
-        0xba6784c1d57f4ca2L,0xf01b3703114196e9L,0x981a63eb1aab426dL },
-      { 0x2ffdc97851770c1cL,0xddd19da6efa722fcL,0x5ca1c01216f09c1eL,
-        0x612021de5b9cc0b6L,0x910e10e95e150569L,0xacace9dce2ab93eaL } },
-    /* 33 << 266 */
-    { { 0xf66601a7aae13423L,0x940bcd2882cf3308L,0x55de590974f632bdL,
-        0xf677d9d4f183faeaL,0x54026b2828ab364cL,0x2a5353dc743469edL },
-      { 0x15f02aadd46871d5L,0x4b3ec89b5a2100d1L,0xca85c3681eb9c381L,
-        0x145cc7fd50e78466L,0x75fdac98c4b4cdf3L,0xb7cb9170796136f4L } },
-    /* 34 << 266 */
-    { { 0x6e89c0df54827957L,0xafb26b6d05805250L,0x0c0dc4ea37343465L,
-        0x2d3c8b873daca876L,0x733b23d9554a2cd8L,0xd4f2936a6a04d38dL },
-      { 0x0937611686f90d9aL,0xcd854d3211425591L,0xbaf9d4cab55b4bf3L,
-        0x47259b95144676c2L,0x765cc4b55d7d2835L,0x36e47a8882b2cbafL } },
-    /* 35 << 266 */
-    { { 0x2070db373af8c96dL,0x4c2db2623b70e976L,0x7ed4d1e9c01f404aL,
-        0x04a52764b39d2e07L,0x06e4a7984ebe3ac3L,0x35c9c1f68d7645a7L },
-      { 0x2e0b48c75e9c295dL,0x5d44fafaf78e0717L,0x2fc27eba04213067L,
-        0x9f3fb2ff2ab0f0e6L,0x374b32fd0c730af6L,0x06ec846129583945L } },
-    /* 36 << 266 */
-    { { 0x583a3272230be37eL,0x4d3298951c55f593L,0x3b3a2d8a350f0334L,
-        0xec830170b25498abL,0xd65847d9b3a01571L,0x4605e739663f86fcL },
-      { 0x971b8e115c4bf502L,0x651d179571a892b0L,0x57930832d2d1a4f9L,
-        0xf97010745b09a4c4L,0x76b023e55ec2d1a6L,0x8648b8bcf49e1329L } },
-    /* 37 << 266 */
-    { { 0xc5a8884d6d5c7411L,0xad32aa97d098e2f2L,0xf99569e945d8ad00L,
-        0x35801c1c0a232776L,0xe426fd65fb1a2cb2L,0x874b559ecb26ae10L },
-      { 0xfa67c2ddf44461b8L,0xc58f8d229418e17cL,0x5998197169908eddL,
-        0x8a4a14b8a1f78300L,0x4814c36e61f7fbc5L,0x0389dcc716a1c7adL } },
-    /* 38 << 266 */
-    { { 0x777e308fc072cf71L,0x4a2d66928c807ed5L,0xa4fe074124842689L,
-        0xa3c2a867151ed7b1L,0x52ef24f24d22ee35L,0xe684ac76499053ddL },
-      { 0x0b7c223b0582cb86L,0xa6c18539bb81f713L,0xb472da7f66d2aab9L,
-        0x3592ab7b7916d4e5L,0xed651a05770c49a1L,0x7b879da1c0256420L } },
-    /* 39 << 266 */
-    { { 0x82eeaa1496f83e29L,0x586f3e8de5cae8eaL,0xb671eddbb298eb5aL,
-        0x41efea86dd0da080L,0xfe9af019564a382eL,0xb2f370463027693bL },
-      { 0x65466e5018789c0fL,0x5b0870ac2ebfe89eL,0x9093f416a59f3a53L,
-        0xab0cd17251864c77L,0x8e3aa9864481457bL,0x46cfd207896346a5L } },
-    /* 40 << 266 */
-    { { 0x473bdac887cb6ae0L,0xbd3001b3f155c32bL,0x109643c20026e8a5L,
-        0xc4f5f6cc188a568eL,0x630aecf64d2758e0L,0x4549949955b91872L },
-      { 0xb10f19d4b6a09df6L,0xc537a4bb37f26d01L,0xd29f505c4d19a293L,
-        0xf388a5d2cbb09b17L,0x462efffc6811a49bL,0x8a1cbc40b2f3aef2L } },
-    /* 41 << 266 */
-    { { 0xf7d94342b7b42998L,0xcdfd6e43629089abL,0x622e8d3cf7932661L,
-        0x4818adca0b14b257L,0xcc1dcd1ccdb486bbL,0x58b6cb7ecce8b358L },
-      { 0xca36c0b4e640cebeL,0xcc5598942d25f742L,0xdf4f2a9ed754d3eaL,
-        0x072eb5e5f44a8604L,0xfa7b1a03cd5ca1c5L,0x6b6b4967d4779eceL } },
-    /* 42 << 266 */
-    { { 0x0f0233df8665f6f2L,0x8cd887463bd40f39L,0x23a41596eedf8d3aL,
-        0x3f50e3f0b5ef5455L,0x935b24e0a50cd358L,0xfdd0e940d362a9a7L },
-      { 0x6b00a6d154371aabL,0x2e707c4e1204bcf8L,0xb4d2d2dc30233f88L,
-        0x470c3201783e58efL,0xf53987865ac21a16L,0x278487d626c3513eL } },
-    /* 43 << 266 */
-    { { 0xab5ac4df7d40427aL,0x0c4fb23b66ebdcedL,0xb02f8632b87df612L,
-        0xebbd2e7f1801700cL,0xdd11de725b675e5bL,0x2adfb20662d7210fL },
-      { 0xe3ba7c0e28667b70L,0x3e190a438fe31c22L,0x57908f2bc3390733L,
-        0xe9e8714ccb6fefbbL,0xabba506dfd51c513L,0xd50f979f6b798860L } },
-    /* 44 << 266 */
-    { { 0xdf224cea1eed2b0bL,0x10205f438814572bL,0x8b99d85c02eb9b6cL,
-        0x7a8a3d146c63a672L,0xc8822c6c96f45695L,0x0530f619c7f532f5L },
-      { 0xb981e182310f8355L,0x49318290f201444cL,0xeaa4c406f9b76d19L,
-        0x960fa2c7534a91c1L,0xf98966d1522b7d9dL,0x66912542c757dbd6L } },
-    /* 45 << 266 */
-    { { 0xe265972e1fe73a1aL,0x77e234c2987a1a34L,0x1814bdfe8c5789c0L,
-        0x908f55c7df2ca0d7L,0xec207eb2a6a50ceeL,0x63cfeaffee916760L },
-      { 0x808a758bf466a1b8L,0x2a48112d8383b0afL,0x5238922ef1a4ca6aL,
-        0x5c422786778de666L,0xf5a8c6b5d2f549ecL,0xcac5d0c5242bbc9bL } },
-    /* 46 << 266 */
-    { { 0x33e0e005b34dbf06L,0x7bbdbe1e1fb341dbL,0x443fde882bab5425L,
-        0x9db5bf1a86b57cdfL,0x72c535c309a93848L,0xf7aa9432b5f216ceL },
-      { 0xc17dc7ae0242308dL,0xf1cb5dc5db0e4c0cL,0xb9d16d58a2b7112eL,
-        0x486cda07ee4494b5L,0xeb46ab545d431adbL,0x3261dc5181ab565aL } },
-    /* 47 << 266 */
-    { { 0x476a4bfaa2a8a081L,0x43c5f841394f851bL,0x659baa591f5b22ddL,
-        0x49a786aa65f680efL,0x091bd21608fcb9d8L,0x13f6953d984fe1f1L },
-      { 0x7b5d9f4b6d6d40a3L,0x2f135dcf0d458d54L,0x2da18c3d3a71204aL,
-        0x3d93edb97a3486d6L,0x026fec7261846af9L,0xa62197bcd5200dcdL } },
-    /* 48 << 266 */
-    { { 0x0cdd83725070e0a9L,0x7c5ad562ec550783L,0x9652b8474f3b8d2bL,
-        0xfdd60d93e6e98d73L,0xd51cae2ca3479d0bL,0x11b93b6dee05c006L },
-      { 0x9d72b82d8a3b40d5L,0xc6e996fea7d24855L,0x420672f7398603deL,
-        0xd551b34a9a1af2ceL,0xdeb8c1d913bdce0cL,0x56ca926debbeba7aL } },
-    /* 49 << 266 */
-    { { 0xf63ec096bb85ca8aL,0xc149664173bc52f2L,0xba792560c02fc808L,
-        0x9a6043e3533c6523L,0xa9d78f0aa8564390L,0x7fef67e494614bc7L },
-      { 0xb4091b8fd389234dL,0x5913368e82db1d08L,0x178f7df0981cc6caL,
-        0x19b1f2be725ec048L,0x852aad85012f9c44L,0xb07cac0dc894e777L } },
-    /* 50 << 266 */
-    { { 0x1c1709d02c7e0767L,0xec1013234d70b117L,0x95c57e678beb8e05L,
-        0xdbf29e2e1133fa4aL,0x917f4a6c5139e020L,0xcf0be5098399735dL },
-      { 0x83014c169c878b4aL,0xe0c14d2cf789b84fL,0x222aba39165a4aafL,
-        0xe135f2b384441391L,0xb6f1cf7e19c3ee07L,0x2f918da9f810499eL } },
-    /* 51 << 266 */
-    { { 0x026ee35816bb2bddL,0x8c8953f8566d8470L,0xf0cd746d0fc63932L,
-        0xddf3e54f060a07a3L,0x8da877a643b4e92dL,0x7ffd839dfdc9e34aL },
-      { 0x5c3527445df04d9aL,0x3c5eb576b69f84e0L,0xf73cae300848d993L,
-        0x3438f2bea0fe7fdbL,0xd4e7511f0eaf0168L,0xa7ffd167c768386aL } },
-    /* 52 << 266 */
-    { { 0xbb91877acfc74bb0L,0xbe742182a060a71eL,0x116e5a626ed7786cL,
-        0x0a496b1bea669e56L,0x3a012174b8f02e6eL,0x6add760c106174f4L },
-      { 0xaf2606e05e0292cbL,0x7800a495c7b7bad0L,0xca02c9320a1c5954L,
-        0x904f23c6b245ad57L,0x28d6cc2172934de5L,0xbb7ed903283752cdL } },
-    /* 53 << 266 */
-    { { 0xc80288125e58122dL,0x7a5c65f1c4b089caL,0x4ddfd3663b980faaL,
-        0xe8129f7f96a909a0L,0xc177aa042221ffacL,0xaf444ef78ff46e81L },
-      { 0xa627f3d76b154996L,0x0f06fa7b115e2a5dL,0x2532b85d43fdb775L,
-        0xb6d96b32eaacfb58L,0x898766304f834382L,0xfd2ffde9d5636b92L } },
-    /* 54 << 266 */
-    { { 0x318cf974973757d0L,0x12882d0a94ac73a2L,0x1fb74a53bc250843L,
-        0xc612569eccd8d47dL,0x74cff8789d5f7c8cL,0x54e0e475375a7366L },
-      { 0xe8322d23d0f57cd4L,0xb6ec5666d95a6e0fL,0xc8374b254a4bd084L,
-        0x9459181b349d93ebL,0x7011f0a61368b9a8L,0xed57a19137eb2833L } },
-    /* 55 << 266 */
-    { { 0xd245d180fa5f79acL,0x44c331f35b41fcb3L,0x13188b6e27ee6c0eL,
-        0x54ce984b23fdc742L,0x66d4e1303c81c213L,0x432174030ecb6fd8L },
-      { 0xbbeb09fe111ae08bL,0xb22ca6b42e2df05cL,0x0e9d01dd0fec9be9L,
-        0x9ac4523dfd2fc4abL,0x3d9e98c8fdc059f5L,0xd52e6dfb2d2cbde7L } },
-    /* 56 << 266 */
-    { { 0x80d7ef8598100f17L,0xb9795c7112db3f3aL,0x44473659296a7c44L,
-        0xa46810f21e5bf539L,0x5621241814ee1e3bL,0xea8284e209931822L },
-      { 0x424c613e42ac1e42L,0xe84a80afbccf9466L,0x21a8cdcc45132204L,
-        0x9505a4148d58da62L,0x773e09837b3f47aaL,0x0ad0cc91e109bc6dL } },
-    /* 57 << 266 */
-    { { 0x98e2509bb527b250L,0x2dd30c824a9c762bL,0x54025da4cb2a00a2L,
-        0x88ed00ff04d8e0e9L,0x5699890219ab1fadL,0x92fffc41697b0226L },
-      { 0xb481d1ee7d08a39bL,0xea773f7f82be0803L,0x967e848a6de8ec6dL,
-        0x6ea1e46380293472L,0x941cded72e988de3L,0x85f96b23399da6b5L } },
-    /* 58 << 266 */
-    { { 0xabd86572f1a62473L,0x9ec25d0bec274738L,0xd27d1a8c2052d4ccL,
-        0x1f2a2a9ba95de3f0L,0xe3b8652ea2c91bcaL,0x1a4f6900822175deL },
-      { 0xd9405d4662475a44L,0x4ecbe06cfe55c587L,0x30f8d199a4ac2f35L,
-        0x2a5defd8d3c12844L,0x6d0fd9d673fe9b7eL,0xb0ae1019adf1a196L } },
-    /* 59 << 266 */
-    { { 0x6c9a378c30734f5eL,0xdf04359f6aaf7b42L,0x244422fc16f87409L,
-        0x81dfb15b08bcd67cL,0x24b7d083a5e4a8e0L,0x557183410431786fL },
-      { 0xc8feeb8c33f3ec2eL,0x360098cb2be371a0L,0xf4f3d992bdb874ceL,
-        0x47b432ed87af8471L,0x5c4b1dbdf87535deL,0x6bb6d6dd8301f660L } },
-    /* 60 << 266 */
-    { { 0xafa9338759769f77L,0xe6c710cb49e502b3L,0xe6fd7b8d1514da98L,
-        0xb5924c63aedf93caL,0x4cc36795c112b37bL,0x0ee30ce3231def42L },
-      { 0xe1f436e7daf8a37eL,0xed54b7f56efa184aL,0x09ad65752c0dfe63L,
-        0x5ed9da43ca530b38L,0xea2fa192ae156274L,0xbf096c54a4429edaL } },
-    /* 61 << 266 */
-    { { 0x41401b98f54490cfL,0x361a24a143b21183L,0xf0176431b6570f0cL,
-        0x851bfe9d05c8bd3aL,0xe44f4ba74611e1b9L,0x587677dc28bf2c27L },
-      { 0x3e3b67886d85341fL,0xad65a69468aa381bL,0xd269dc711aecf19bL,
-        0xb94b64a2d98e6a2cL,0x6004b569a94661a0L,0x81713a8e689181d5L } },
-    /* 62 << 266 */
-    { { 0x55b1901d3649638eL,0x2e9929c416abaf64L,0x2d2b160ee9cd0090L,
-        0xb5ef6525f55f13ccL,0x447aacbe11c3e8a5L,0x2c54e602630cf4c4L },
-      { 0x3f6d99fc641d8eb3L,0x35386c1384877912L,0x7195db8973f31b6fL,
-        0x63297cb2d3a22085L,0xa627593833fe97cbL,0x2f9a6f0da1eaef0aL } },
-    /* 63 << 266 */
-    { { 0xb70d7683c63d6dd3L,0x60ea781084acedf1L,0x7646260c40d62cd0L,
-        0x687000b456142a6aL,0xce3c4728ccb9177bL,0x45377d059928c509L },
-      { 0x75cc40bb1a78af0dL,0x43a1661cc69e59fdL,0xf9bbcbf8044a943cL,
-        0x934fd40d7c372080L,0xb6edae96cb2eb940L,0xa02bb5fd6e063cc9L } },
-    /* 64 << 266 */
-    { { 0xac58c9e09db9ca19L,0xd308ea5d390054d0L,0x32ef4afc2cc42529L,
-        0x08bd48b397c2bdf9L,0xac8a7803a849e19aL,0xcd51c0da75c31496L },
-      { 0x733dc7def0e2d49fL,0x7c9caad1b44b8cc5L,0x6d9c5b0847be21a8L,
-        0xfab0fdc55ebf426fL,0xd60748caf94e9e5bL,0x3072e59269366089L } },
-    /* 0 << 273 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 273 */
-    { { 0xb06c17a3f0ef77c5L,0xc144e7846df6bf59L,0x2440ae990038aeb2L,
-        0x83bf711b58b402caL,0xb8763e00b577732aL,0x509e91eff651a932L },
-      { 0xbe02ab9d00ac109eL,0xfbcb426c8dfd78f1L,0x7ed272f64283f80fL,
-        0x098cf0572365da5eL,0xd90e6f1805dc6bebL,0x09ef177fcf7b9d72L } },
-    /* 2 << 273 */
-    { { 0x6f101762eeb791c4L,0x0d942184df261effL,0x2c58e2aaac1dc827L,
-        0x51410e89f835a1b6L,0x981333a7629915a4L,0x371891b60c14148dL },
-      { 0x4d20b3d3c0904446L,0xdda7ecc8949776d8L,0xa664b68c2a2645f7L,
-        0x7a6bc857add082eaL,0xe7467dc63e5ff206L,0x40a6c34004e2dfccL } },
-    /* 3 << 273 */
-    { { 0x3d0efae3106ba1a1L,0x9c717ca192d7be5aL,0xa5cb5a253f00eeeeL,
-        0xc2f9258cd86161ceL,0xd2b0865f5c4a389aL,0x8c06d7689b1f2159L },
-      { 0x5a758a612753107fL,0x5ab6449d0a539c19L,0x88655a4949d301c8L,
-        0x129647e61c4bb89bL,0x06f0665ec360259cL,0xcdba2f0b066197d1L } },
-    /* 4 << 273 */
-    { { 0xa235456903744726L,0xd2169e6dd8d275acL,0xab0c247b132c5689L,
-        0x129a5c9dcc4760bbL,0x03eba46726ae821bL,0x67a33fda3df1cf83L },
-      { 0x010813cfb8421b7aL,0x7b0f507098cd6d76L,0x907320b31fe4b600L,
-        0xda3bfeb398dd3239L,0x23f1ed1641abb34cL,0x01b30f29946f85f1L } },
-    /* 5 << 273 */
-    { { 0x97c5f1c7d3970d9fL,0xd051c518ac8e6227L,0x3f67b3958e87edacL,
-        0x3a5cbd287b9e4c17L,0x58c009e65671841dL,0x7bc5bddb518b3b39L },
-      { 0xe7a8a6335e74a614L,0xf92e4c226ed89a92L,0xd0d6e80a118e663dL,
-        0x33dba4f9dcbb4aecL,0x1d4cb3141f917417L,0xd8b17bfa3b0c5859L } },
-    /* 6 << 273 */
-    { { 0xc0fa0d21a093c3e0L,0xad34c41439e902a2L,0x81c8cd7599bc928bL,
-        0xf7f8be14cdbbe4d8L,0xe46268b5c2339529L,0xcdc54e348283ba7dL },
-      { 0x4c5cf62778904fe1L,0x056678c11b45e4d2L,0xb555ad6ad265abc2L,
-        0xb8f8ca3f830306efL,0x48c8764681c20e1dL,0x5bb0a529737a7944L } },
-    /* 7 << 273 */
-    { { 0xbd4c2bfc9cf6fc5fL,0x888885140577af66L,0xb5aa2f05f9e3f7c5L,
-        0xbd477bae64de6007L,0x1da5dcc9747e1224L,0xc2293d1732a15f5dL },
-      { 0x4dd9daed029d6cbaL,0xf51362d62cf299c7L,0xe1a4b5c4279cd1e1L,
-        0x4b129a5ea89acfffL,0x8292228ece1c8744L,0x5a440fa04fd12c86L } },
-    /* 8 << 273 */
-    { { 0x285248309666f8eaL,0xd579b3dfeff6502bL,0x3a66fa9900e4f78aL,
-        0xfd8a65bb54a3f7a3L,0x505d3f631965a79aL,0x9524972c1891469aL },
-      { 0x78367cbc3354da3aL,0xbfe1fe3de4941c6eL,0xe41bb3f6f5af173eL,
-        0x57cb03ca5ca36597L,0x27f86cb87b99f795L,0x5cae6514ad4dcef1L } },
-    /* 9 << 273 */
-    { { 0x4b43f0aef1743346L,0x1700581944324c46L,0x86c77197e3603fcaL,
-        0x230d516f4a6858aaL,0xee965b4ee7c56f7fL,0x4f4ed301dcefb75aL },
-      { 0x610b138c4a740b23L,0xda3996a83ffc3599L,0x930698fcb2d1c304L,
-        0xd55bdcd3702bf80dL,0xdf767c419e334726L,0x975352a9d0e819b6L } },
-    /* 10 << 273 */
-    { { 0xc117353b5e816653L,0x0c87bebe820641d5L,0xee588c6d9ecd29a1L,
-        0xacdfe622c70edf9bL,0xe8b8024cebae414bL,0xd0c426dc9bd7ceccL },
-      { 0x715cbc2efe735ce7L,0x8376edebc5e7017aL,0xe9b37efc07990dd5L,
-        0xc89e384ed8d75238L,0xbc594d218438ffb3L,0xbe77e4d4d3628473L } },
-    /* 11 << 273 */
-    { { 0xc53720cdd1b4f3baL,0xb8ac3b4fadf2a330L,0xcef037f5fe179e70L,
-        0x2743b382589d9147L,0x77a094d624423d58L,0x9e34c2e62a23d372L },
-      { 0x641ea760983a5893L,0x2211e6a49a81548eL,0x56578a1a48735310L,
-        0xedb91e03a57faa83L,0x4e14d5649b133629L,0x341f3ef957e82ff7L } },
-    /* 12 << 273 */
-    { { 0x4952a350d87a86c9L,0x08ed7da7034f45f9L,0x1e9ff8272bd716d0L,
-        0x2471fd15f1d9331fL,0x0c708362d7370b75L,0xaddedde6fc1a1051L },
-      { 0xf4475288db27b186L,0x5be4d46b3760bc11L,0xe44435d906d47ee1L,
-        0x865cf7c8d0b7c8a2L,0xdb412be08d31a252L,0x4b90a9322f24d71cL } },
-    /* 13 << 273 */
-    { { 0x71b84eed8f7a3ab9L,0xf41d7edb2dc18004L,0xe408156dcc4a02cfL,
-        0x0be155a25cd906caL,0xbf4b0f6991516399L,0x2ea85d434a7ff94dL },
-      { 0xf199b31da26e9974L,0xc584df250b805ae3L,0xd4e7e8597a3634daL,
-        0xf553f07770db4be9L,0x1cb1056fbf0dafa3L,0x235281b2a817d6edL } },
-    /* 14 << 273 */
-    { { 0xc3304e9260d2b80bL,0xab24dac9a38753bdL,0x40373d04cc1ebbf8L,
-        0xa5a162d3437e68d2L,0xc8018b1257e8db12L,0x0c99c6de9bb52643L },
-      { 0xafef0ff6ee24e63bL,0x329c46264bea9a14L,0x1b17d2e6effae4f9L,
-        0xd25b93aaee300afdL,0xe83bfdcba0d62da4L,0x5e919538fd787740L } },
-    /* 15 << 273 */
-    { { 0xf5bbb4fe196c38e7L,0xe0011deca5c75baaL,0x2e29fe59b835aa49L,
-        0xee22e2864230f17fL,0x8774214ff94c1060L,0x35bcca38e6d4c126L },
-      { 0x18d984dbb7c9d255L,0xb1d5515c9b63dc4fL,0x425360f12a0cb854L,
-        0x038c7f2317a1e286L,0x5e6b12ce951f18b2L,0xabfbde5ea65b1de3L } },
-    /* 16 << 273 */
-    { { 0x38a49bf555f0ad9fL,0x1a84c6b8f3618639L,0x5f709eca01b2f7c2L,
-        0xc479a6505be8359fL,0x6b6a22bfd6646b3fL,0xcce78878cc5b711bL },
-      { 0x8e7dbc63b446cc63L,0x231bd027218f800fL,0x2d3a7e04030271ebL,
-        0xb08b5978e22fb3c7L,0x860d62789be0d46cL,0x253a31c21d49a915L } },
-    /* 17 << 273 */
-    { { 0xab4dbdf36ebc28e5L,0x56d5fec527be58b5L,0x6e9375d3cf3fd509L,
-        0xfffea897ca4ddf48L,0x0a9542ae6a3757c5L,0xb9069a2e7d93911dL },
-      { 0x3e74ac5f3dc967b8L,0x99c38796ea8f5a21L,0x27797b97a6ddea53L,
-        0x9501e1c561dfcc1bL,0x568d3abe448e95c5L,0x021f8f4c0e7c186bL } },
-    /* 18 << 273 */
-    { { 0x98aa1f7a6e44f63dL,0x6451b170cb597ec9L,0xc0f6ee8721e13b78L,
-        0x36c3b9c751cfd003L,0xc31718ed2f610040L,0xdddabc6688c48009L },
-      { 0x5626f090a8369e4fL,0x0eccb1c06004a968L,0x2f0448035da2f1a4L,
-        0x5390b6dd3846a726L,0x5c4caffea24f3083L,0x3c9baac8c4842995L } },
-    /* 19 << 273 */
-    { { 0x58c5fd1205c7a75dL,0xa98007fd10866935L,0x91369e874acd567eL,
-        0xb7e05dc322c6145aL,0x24c949b4d949d8b2L,0xc5c574a590a6a437L },
-      { 0x4306f0334798d1d5L,0x82af09f4520e01b3L,0x53fab41b81247f00L,
-        0x3096ccf44ea93cbfL,0x9665e039f13ff09eL,0xb623f8b158e036d9L } },
-    /* 20 << 273 */
-    { { 0xbad6b669376bdc3fL,0xc4a8e7bc23a9ff38L,0x3f54d8c4555fb0a3L,
-        0xfb3d5e1d2b23db1bL,0x6379f78af0d7eba9L,0x36004febfa0beffaL },
-      { 0xdf0a373c334ff01aL,0x10314749dff12a1cL,0x1d52ddc7f184c1b3L,
-        0x79431663ab02d404L,0x1a6488c17f4d3795L,0x3363660f7cca9102L } },
-    /* 21 << 273 */
-    { { 0x1e4595c6db3e57d9L,0x49e3d3d9bfb94ec5L,0x4c720de1a4f12881L,
-        0x91a08340b06c64e6L,0x8e5c72f0ef0857deL,0x2c9b4cbc09bb76fcL },
-      { 0xd4262fe4b0bba8bfL,0x64c5fa1439fcd07bL,0x518da4de62904ceeL,
-        0x626182ebae4c9717L,0x900fe9f806351622L,0xf74aaa2241f9e4d7L } },
-    /* 22 << 273 */
-    { { 0x9d2c02839fabb29bL,0xb27ac46e172348cfL,0xddc6fb63de1f64b2L,
-        0x532dc953bb097c87L,0xc7f5180cdaa34e27L,0xf96e4ad755438893L },
-      { 0xc0b2eba324f54a0bL,0xeba396ce5b50d12eL,0x80b3a7f699772783L,
-        0xe2fa82ff3ff7df4aL,0x55375369a2359baaL,0xa28388ed856c05bbL } },
-    /* 23 << 273 */
-    { { 0x4432fe8495a2d064L,0x4c6380747fec6057L,0xc33705bb33cfb533L,
-        0x5e7fb7c976991cfeL,0x73d249bdb3ac1b6eL,0x963964c896aeddccL },
-      { 0x8c1abe0e56b71636L,0x6ebb841f38693cd1L,0x00ef6a7b60e7cf67L,
-        0x29ecded2c258bcb9L,0xb2d566a5e40fd26aL,0xa2910f4ed512abffL } },
-    /* 24 << 273 */
-    { { 0x56d6515604dc109cL,0xcd740cc809c1d307L,0xef9e049f10dfaeadL,
-        0x19750b3ae30b70b8L,0x11ed860015c6a562L,0x53bdf97e12097026L },
-      { 0x79559d056c0d908fL,0x8f1d75bab506d527L,0xd6fd7323ae8fb3c4L,
-        0x834639c9a4111f88L,0xfc69a029a310a683L,0xa4467bbb255f2e9aL } },
-    /* 25 << 273 */
-    { { 0xa809a063e9e3953fL,0x09242dc960dc53fdL,0xa48f52d00080c436L,
-        0x762a585dad2eb70dL,0xc6d52f047a3c6aa2L,0x1b6979dcbe60899cL },
-      { 0x7a07af246d760794L,0xa5b1f912ef5c1118L,0x36367e4375bb329eL,
-        0x594f349029e6bddbL,0x13cdc4aaa4a4f1edL,0xa7c3ff97b687a69dL } },
-    /* 26 << 273 */
-    { { 0x1e79881146f7c4c0L,0x25730855946abf8eL,0x1741fdeeaac2031eL,
-        0xef34715b72ea60b6L,0x378eb680350ddcfbL,0xe72ac880ec237141L },
-      { 0xb173251fff125bf8L,0x37ffb0cf4999b6daL,0x9eeb91a8817779f6L,
-        0xa9edff0ae93ed1f3L,0x31f2ca241d7772d6L,0xd25c3f3b97f67b92L } },
-    /* 27 << 273 */
-    { { 0xb6c4144381478e46L,0x7b53d46350cf8795L,0xe96e7cb9ca5bf2d2L,
-        0xc8fa39c695ac9ba6L,0x8ab037d12efc83d1L,0x0ccacbcc94bc2536L },
-      { 0x45e7c7c774038e13L,0x47d5b7292f5e344eL,0x2e0ffb2cb1eed282L,
-        0xfe88d3a88d5d0b37L,0x804b612e2487d971L,0x6f316d66c95d08faL } },
-    /* 28 << 273 */
-    { { 0x5f0a58a8a3526fecL,0x849c171b02f028c1L,0x34d77ce856a5d3b5L,
-        0x9701621754d5a92bL,0x0cce35c12cc5b70bL,0xd9d5a00ae83f1f4aL },
-      { 0x064223f826a0368bL,0x328a9f6940e16452L,0x3a6ac093d305ad2cL,
-        0x759d9a16beba7c44L,0x86021de7637ce7c8L,0x276bed61cc80c1ccL } },
-    /* 29 << 273 */
-    { { 0x5d4a529ef9822e60L,0xc6f2702006edd801L,0xb2511d84efa3d8d6L,
-        0x38cfba656a4c6598L,0x31a5779765c067a9L,0xcee558f387d2ca0aL },
-      { 0xf22345cff844260aL,0x29b6352a63d2ae75L,0x59dad0ab6cc9f2bdL,
-        0x615ad3599ae1bcb3L,0x3a29a237f692f42bL,0x543771c40f26163aL } },
-    /* 30 << 273 */
-    { { 0x427437e7d722576cL,0xc9d7ac7abb548ef5L,0x72f00f28c331a9e0L,
-        0x5d9327b564949b48L,0xea75f3b54e2bb808L,0x28acdea068678f8bL },
-      { 0xe9e787b20878223fL,0x213f47ff7e7b0a11L,0x5e967d39f277a3f7L,
-        0xe6651015d2006de4L,0x49b87e4bc44eb1e0L,0xf461bb76222cd3a2L } },
-    /* 31 << 273 */
-    { { 0xd6b9341fde60d963L,0xb1a8dd0d5319a930L,0xc4f18dc0aa6b20b5L,
-        0x787de2e7f23f4401L,0xc15b38eb28047029L,0x0bffc0b55c99d51aL },
-      { 0xf0310f39740b5798L,0xf69ea1064ed8d3bfL,0x545a54d79f6722aaL,
-        0xe5a9dee3af4017c2L,0x45efa2ec4a659592L,0xc5d64bedbed4e245L } },
-    /* 32 << 273 */
-    { { 0x66797f56bbe4bddaL,0xb92a369eda51b1a2L,0x18eef4a531adb034L,
-        0xcf1cb5ee5d185cfcL,0xf596a59bbd53c27bL,0x1e1dd6f569002569L },
-      { 0xd9433e797687e48aL,0x7d8d24c20cbcb9ceL,0x233cd7ed65d68ecdL,
-        0x201bbe09fb2aded8L,0x987f4975ac9b750eL,0x949da385337f7f25L } },
-    /* 33 << 273 */
-    { { 0x31439e35b95fd11dL,0xf97e8fa4b691fb77L,0xcfdc02956d4ac378L,
-        0xd31bc3b0d1a617c8L,0xd857098204bd015bL,0x30cca6efd6198f0dL },
-      { 0x6a52650a805964edL,0xb656d7abd060eeb3L,0x5267f37ed38a9218L,
-        0x5f28a2ecd3d6a193L,0xb7dc6e916d0d9c9eL,0xa7f84e4b219d45c6L } },
-    /* 34 << 273 */
-    { { 0x550ef2713398c3dfL,0xfe184954307631a8L,0x02cef50606e5cde4L,
-        0x9687a39c10f11703L,0x02c35937acb10b97L,0x835b00fd13e3d219L },
-      { 0x5828678b584d1abaL,0xbe55fb9cc9b40568L,0xe5a4a90e8fe19e84L,
-        0x91e24c9248989b77L,0x094f9e7ae3d5f4fcL,0xfe9bdfb9759029b5L } },
-    /* 35 << 273 */
-    { { 0x43b1f8b9c1de72e9L,0xcbc8e0d4a3bdb164L,0x5c45d3dfbcc2e5bdL,
-        0xb5137b69247bef53L,0x6d889f5673794e3cL,0x43e2fc9b1e2dfdc1L },
-      { 0xda15dc5da995d3adL,0xa0db9f5ec43d86e0L,0xc42a144bcaac3bbfL,
-        0x3c855fb174c43eddL,0x0731f33152688272L,0xc1f23e5643d7762aL } },
-    /* 36 << 273 */
-    { { 0x00c2ee1c9c7de99fL,0x28a7461d15e50391L,0x1bdc0e32a1c77952L,
-        0xe98242c4d53d640dL,0x1a4724d2cf153c7dL,0x194e5dccba477d46L },
-      { 0x871c8cfe3a0d4ccdL,0x62010af09af451fbL,0x9b354f9e6ddec75cL,
-        0xe5db0a5d680e3511L,0x183d1270d247745bL,0x9910867aeecf52dcL } },
-    /* 37 << 273 */
-    { { 0xa970903e8bc2003aL,0x0f8bcfa4a3cf29bcL,0x7054f69e683a7ddaL,
-        0x53928bf1ece30167L,0x2588bdf1ffffea87L,0x01683b5ed7172ad4L },
-      { 0xa0ac85379de7e713L,0x217bcdfe9b0442bcL,0xba46b8f64d4adb3eL,
-        0x320580990a9f8ecdL,0x0173b7bea504bdc5L,0x15321aeb82b1606fL } },
-    /* 38 << 273 */
-    { { 0x4f349e5f6e39d625L,0x37cbd935b80760d6L,0xb8657ee14b1e84c2L,
-        0x502954064cb84bdeL,0x66d678cce8d23ef5L,0xcba173713ec3b79cL },
-      { 0xed7ab3e526e3cee5L,0x34c68c516c44ef0cL,0xd704e724f8fdd226L,
-        0x2fa0d2dd3a9b40a7L,0x373c5c70a23be590L,0x0beb611bda9f7f7dL } },
-    /* 39 << 273 */
-    { { 0xef506531913bc31bL,0x31210c5f8c320074L,0xb42faf19b861acc1L,
-        0x26f09b89e041e774L,0x23fec89822f84c93L,0x9f8b9d708ec590bfL },
-      { 0x604d7d2952644790L,0xb77e3136a2339c53L,0x17f1d7a920f2fc09L,
-        0x8c6435d9e6bb96eaL,0x5cafeb5f3711b8a7L,0x1ec6c4edfa23ca24L } },
-    /* 40 << 273 */
-    { { 0x6fb6b7bc0410ca0bL,0x0e16eed2b3c13935L,0x98ad89d8316ff531L,
-        0x4800ee179894d65fL,0x034ea3c448280170L,0x8126d12dc30be537L },
-      { 0x43c2d27e5120e525L,0x96a5d498ee65df90L,0x654540105eaef29aL,
-        0x1d8f07a17b678fc7L,0x54bc6f737b301270L,0xe58a8102e9473365L } },
-    /* 41 << 273 */
-    { { 0x1fa3a458aaaf79f6L,0x1d14ff613a1b7c64L,0x32c7da68f22ddb3cL,
-        0x7b2345ac58cff63fL,0x214e6d9dce3c3af9L,0x36fba0b78b6691deL },
-      { 0x69fd813cee1a30abL,0x50daffe91adf6215L,0x55b34de692871a84L,
-        0x437f1b4b7ff3ea1aL,0xc3258ca580ff1c23L,0xdc220ffbc6d0b822L } },
-    /* 42 << 273 */
-    { { 0x93e56b47ad910b37L,0x8cbce4815d20d236L,0x25b50cac5872d763L,
-        0xb50aa752d8505696L,0x02075e6d6f42b533L,0xf0b34a178f8d8352L },
-      { 0x59f2feda5234531bL,0xb23e1da1751127c8L,0xe1f65e08b6759ccdL,
-        0x47d8631c352e9500L,0xab10d299c13feb16L,0xf9e916a3e5c6a220L } },
-    /* 43 << 273 */
-    { { 0x55899ffdc06f1b65L,0x4f9ec6e011899630L,0x0df97edc50a29319L,
-        0x5c4a10ea5e66f0adL,0xea7b4497aa3d14e9L,0x484d8f64d22cc470L },
-      { 0xd7fd252240a61a0bL,0xebd9f49d42d04a79L,0xf18ba2ec312ddb99L,
-        0x687273ec2dce1351L,0x68d8b052d0220e57L,0x2c0ecd6b05a7e3dcL } },
-    /* 44 << 273 */
-    { { 0x460c29904ac6cf02L,0x01482cfa420a35b7L,0xf793933a34680972L,
-        0x2cd1f50017e2367bL,0x2411c3523944f060L,0x3d58b97411c06b05L },
-      { 0x4552e369cddebb3bL,0xe1c38aec009aeab9L,0x9d34737c353b6e4fL,
-        0xf2c99e2cb16d7b0cL,0x57029fa47bbba6a2L,0x0565d1bcd13ef64dL } },
-    /* 45 << 273 */
-    { { 0x93a50cc7eb0112a9L,0xa0d4419984a59bdbL,0x04b9538c82d01160L,
-        0xdb1d33e163a8d5a3L,0xa710beff08d3effeL,0xc2f37326f9bf02f4L },
-      { 0x606b6b5555d26856L,0xf528d22a427fe3d7L,0x31b20fac84fb5086L,
-        0x27129aa592f7e7bcL,0xd88f0d4f44171b33L,0x9b045c897915ede1L } },
-    /* 46 << 273 */
-    { { 0x0b15ebebcbe014d6L,0xa4f1504e68d24086L,0xbcf475c979d7c8b6L,
-        0xd61b92a8d00a6890L,0x78e096742ee24533L,0x6fe9fe6099656101L },
-      { 0xc9542f53e5e63e28L,0x59ec39e12edf3a80L,0x8fe57ffe24ad9280L,
-        0xbae0671bf4b9b024L,0x76e36c14d5816ae9L,0xe53256d4805f8688L } },
-    /* 47 << 273 */
-    { { 0x006956bfcf9e545bL,0x7829ed13e8fa2ee4L,0x1b108d77d4dd6f85L,
-        0xf51217bb17045f1aL,0x48c4802986141bd6L,0x8d59b995f8820213L },
-      { 0x8439949ffc298a9eL,0x967fdcb278188d77L,0x5bbdfd296f35c711L,
-        0x25b37e5df8e62607L,0x18f5c4251795cccaL,0x260f075af0e35ff5L } },
-    /* 48 << 273 */
-    { { 0x3561b3fea329deb1L,0xfdca0e34f1c3c3e4L,0x4374831347fb79d6L,
-        0xa7f497e1c48002edL,0x86221cce2c44dcb0L,0x65e3f04643785e06L },
-      { 0x9ee9061fdf4cf461L,0xc7479e8cf022d27aL,0x1d8de85b76f7f52bL,
-        0x39a713c90fd6c65fL,0xf74ca067711f8a39L,0xad1119ad8ebc640aL } },
-    /* 49 << 273 */
-    { { 0x43d9bcba57ec124eL,0xbce6aed98cc29801L,0x1dbb88c72632e757L,
-        0xe88f49e891f550e5L,0x056f67da7b6e1b05L,0xa503271082a027bbL },
-      { 0x8471fa55c91844a9L,0x882f25b628479daaL,0x96f606dfa9c23504L,
-        0x6a42d307fb7fa83dL,0x531c8a5cea310e34L,0x7e2d20565b2e42f0L } },
-    /* 50 << 273 */
-    { { 0x547047862e8c467eL,0x26f5efc690e52377L,0x762d8f767f6e71afL,
-        0x5fc1bd13917ff587L,0x487f6c63fb696a60L,0x889a1dcc3afd2aebL },
-      { 0x7407d0a0adcf4b35L,0x8f6c9aef91024ecfL,0x3384f1c03e5d9da0L,
-        0xf87acb00b846d122L,0x6d86aebddceb383aL,0x6a5a90cda8f2d076L } },
-    /* 51 << 273 */
-    { { 0xddff7aa3feb71de1L,0x431e106be44644a9L,0xafe96f8ed5190b4bL,
-        0x31a4dfe40ab42a27L,0x0e2d0cc435762eccL,0x7c928cd91fefb256L },
-      { 0x5f33c775daeb94f9L,0xa7a91f8894c239b7L,0x6bf418fb4deda3c9L,
-        0x91ad6e99eefd4f99L,0x7aae05559c25448fL,0xfb7ed9df487b4deaL } },
-    /* 52 << 273 */
-    { { 0x59753bf68ba85dffL,0xec8b82efd1c89bceL,0xd7f1a651b8b6a683L,
-        0x9c329bf36f84416dL,0xaecbf4b9e68db225L,0x94ec3b0f5a614d23L },
-      { 0xbcb6672593a9543dL,0x90c46c46f19132edL,0x4767c73c950b080fL,
-        0x0b9b143e971fd9e5L,0xbce6886f8ec8c68dL,0x167b0f8ad47f512eL } },
-    /* 53 << 273 */
-    { { 0x51517f9481819dd9L,0x2c2640a0fdd7cef9L,0x59283faabf98b8ffL,
-        0x39713768a46ad877L,0x13d9c0e6834dcf0cL,0x38c85473cc7acaddL },
-      { 0x7b58c7666971a512L,0xbe46a58c2a38e57eL,0x3d26d0a06972e213L,
-        0x2341769b63cd0aabL,0x4a293dd0e86307eeL,0x8d1e338d264c81a1L } },
-    /* 54 << 273 */
-    { { 0x66eb8beab2d5b430L,0x50b4af4382136220L,0x6644e673e79d0b5bL,
-        0xe64cdf10f9fa7610L,0xf1dea591132ff33dL,0x07791ab6b926c725L },
-      { 0x6c41b4f383f60e02L,0x54bc9049977519c3L,0x618a6f3c2aef73a4L,
-        0x42cfc9d26fa4ca2bL,0x2784db71a39a215dL,0x378071655cc85253L } },
-    /* 55 << 273 */
-    { { 0x9cc3ada3554a7f23L,0xa822f9f21c3d0003L,0xb1654da7303123f7L,
-        0xbe33e388f0d8c4a1L,0xd8919c79be4366e8L,0x5a41c92cfe292117L },
-      { 0xc4b02d0678c325c2L,0x89eaf4356d511c4aL,0x726fb6d65fda70a0L,
-        0xaf7949a0183abdf1L,0x3410915d26f8f929L,0x36b3aeb281f0f83dL } },
-    /* 56 << 273 */
-    { { 0x1942c2ffcd74009dL,0x71c4d5f5e9c286a4L,0xf3c152b5771a5972L,
-        0x4cfb1e74363c2048L,0xcd2ce8249ddb8da2L,0x5d97c8e0a5ee443dL },
-      { 0x6fa84b3d68d7b3d5L,0x97eaa76d9ce14ec3L,0x2e4571368e13869dL,
-        0x39ac6a0c96f0f8a1L,0xe24458ac42d93dc0L,0x7eb3689d5f60bec9L } },
-    /* 57 << 273 */
-    { { 0x75592736bce6ebe3L,0x84001a886777bd90L,0xe82739774a31ca6bL,
-        0x6906baf0a8e0dd38L,0x92af56d0848d0c92L,0x7ae700c6501326d0L },
-      { 0xce418817470339a9L,0x4354d7928e448dfeL,0xc8f593afa48e3148L,
-        0xdd5fee34db1a96b2L,0x5974e81e357960c2L,0x7326bf016306fdabL } },
-    /* 58 << 273 */
-    { { 0x74183618de017cd9L,0x939c7975dcfe6dbfL,0xcad9f8a108ec41e5L,
-        0xd9edb91d391afcddL,0xadf1f18c7c4a3f03L,0x0566d3e8ab477304L },
-      { 0x32ae20464c19c62cL,0xfa15fdcb252c8c4eL,0x2ed4767e91de2794L,
-        0x622e4f38507f8067L,0xd647242bc68ac330L,0x0650e0a9fc1ccf29L } },
-    /* 59 << 273 */
-    { { 0x6ecd68a086085cc3L,0xb463f4c165c0cc54L,0x3182cc5c480bc57dL,
-        0x8f16f2038e6d9267L,0x8c92e446df0d0ee9L,0x7da6001ba4d09789L },
-      { 0x596390ff976ee9d0L,0x12b8f9dee4c0fd5fL,0xad08673f297b10f2L,
-        0xc8e9097c7b524a51L,0xd494f0d3009cf47cL,0xf535c07abcdd1b68L } },
-    /* 60 << 273 */
-    { { 0x29544fe8588360ecL,0xa1aa9b9fffb550eaL,0xe1f6cf994af4d28dL,
-        0x723d48b00c6fd477L,0xf51f1b2f5c81b252L,0x88ec11c04f5a33eeL },
-      { 0x7747f0432cd72de4L,0xcca69b0ad71c92c1L,0x9455d86e4e8cc763L,
-        0xc9e0aa1bc08444e0L,0x93803b68e8fffa63L,0xc296af292d781b7dL } },
-    /* 61 << 273 */
-    { { 0xb1891a2b17329e31L,0x87c2a49056e36717L,0x8c2a50fafd26d8b3L,
-        0x017e4e417e3c5a5fL,0xbeb4fad0506c382eL,0x5d3e8b16fc281ec9L },
-      { 0x407f7598890e57a0L,0xda855e8b340cd6d6L,0xb9393129ff388d54L,
-        0x41113ffdcf355d9eL,0x31d3bb09b357c28dL,0x975bdf00fd39e481L } },
-    /* 62 << 273 */
-    { { 0xbfb0c87e10a1b4f2L,0xfaf51153dc2fcc04L,0xd2588e39d6b98d81L,
-        0x5de5b0eb4953133dL,0x6b65d8135b959ed6L,0x864511dc02eb45bdL },
-      { 0xb1dcb4d3d7ce20bdL,0x917bcd0987587230L,0x0935790f83a79453L,
-        0xdc65862e54b35d76L,0x4cd2332ba6d1eeeaL,0x0706fcd030d315b5L } },
-    /* 63 << 273 */
-    { { 0x7c91adb3adf2d8d1L,0xfe1549c24a212fd3L,0x8a7cc285c33213b3L,
-        0x26643cfd3e56d17bL,0xcc007c15684c872fL,0x485643e009e554f3L },
-      { 0x7f5e9a6ec6569206L,0x252b5393c2f596d6L,0xf7eef1dbbf9cdea5L,
-        0x611ee7334dffab46L,0x8d93802a805e976cL,0xd07c0ac6f85c939cL } },
-    /* 64 << 273 */
-    { { 0x514cc1dcb08d2d0eL,0x4e6b379e30e93536L,0xf0e422ac2fc9230fL,
-        0xaa50a1ad92e23e21L,0x70ac46d8676d1ac0L,0x698b9991f9f54493L },
-      { 0x59a6b86a8649519fL,0xc1f11ad6e3511da4L,0xd3d9cff13192968cL,
-        0x13e700b40b342dd8L,0xfd5dc7bb3b1da441L,0x02426e7c2c883760L } },
-    /* 0 << 280 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 280 */
-    { { 0x9e9af3151c4c9d90L,0x8665c5a9d12e0a89L,0x204abd9258286493L,
-        0x79959889b2e09205L,0x0c727a3dfe56b101L,0xf366244c8b657f26L },
-      { 0xde35d954cca65be2L,0x52ee1230b0fd41ceL,0xfa03261f36019feeL,
-        0xafda42d966511d8fL,0xf63211dd821148b9L,0x7b56af7e6f13a3e1L } },
-    /* 2 << 280 */
-    { { 0x3997900ecc8998d6L,0x8fa564b7baa60da1L,0x71bf5b0a661f3c57L,
-        0x44b13388aab1292bL,0xcbe80cb9d4d993f2L,0x0b19b4c92203f966L },
-      { 0xbc82a6520080f259L,0x870ebc08ad96dea3L,0xa388c7e7502f0003L,
-        0x9c704ef056a38f73L,0x93cde8a73487d9b0L,0x5e9148b0ec11a1f3L } },
-    /* 3 << 280 */
-    { { 0x47fe47995913e184L,0x5bbe584c82145900L,0xb76cfa8b9a867173L,
-        0x9bc87bf0514bf471L,0x37392dce71dcf1fcL,0xec3efae03ad1efa8L },
-      { 0xbbea5a3414876451L,0x96e5f5436217090fL,0x5b3d4ecd9b1665a9L,
-        0xe7b0df26e329df22L,0x18fb438e0baa808dL,0x90757ebfdd516fafL } },
-    /* 4 << 280 */
-    { { 0x63f27a25a748b8f5L,0x68c8f3ec2cd246c4L,0x5d317cd965f9ce38L,
-        0x162c92e0635ba300L,0x5259f64ffe343662L,0x4a6b2b668e614ac8L },
-      { 0x97fb55bb01177c3bL,0xfb586c21a705cb01L,0xa57e732578061824L,
-        0x892f6b386c1e6306L,0xf12e4c072367b14cL,0x580d5fe2c83a48c5L } },
-    /* 5 << 280 */
-    { { 0x1e6f9a95d5a98d68L,0x759ea7df849da828L,0x365d56256e8b4198L,
-        0xe1b9c53b7a4a53f9L,0x55dc1d50e32b9b16L,0xa4657ebbbb6d5701L },
-      { 0x4c270249eacc76e2L,0xbe49ec75162b1cc7L,0x19a95b610689902bL,
-        0xdd5706bfa4cfc5a8L,0xd33bdb7314e5b424L,0x21311bd1e69eba87L } },
-    /* 6 << 280 */
-    { { 0x6897401cea2bafb3L,0x7b96ecc215c56fe4L,0xe511b32939e2b43bL,
-        0x39522861bf809331L,0x815f6c1dc958f8f4L,0x2abbdf6bc213e727L },
-      { 0xeb09ae59c39bc01fL,0xffe3b831676b56a5L,0x8f4815a2a20f86c6L,
-        0x748a17669aa30807L,0xf1f46a211b758878L,0xbd421fe76f6fc3d7L } },
-    /* 7 << 280 */
-    { { 0x75ba2f9b72a21accL,0x356688d4a28edb4cL,0x3c339e0b610d080fL,
-        0x614ac29333a99c2fL,0xa5e23af2aa580affL,0xa6bcb860e1fdba3aL },
-      { 0xaa603365b43f9425L,0xae8d7126f7ee4635L,0xa2b2524456330a32L,
-        0xc396b5bb9e025aa3L,0xabbf77faf8a0d5cfL,0xb322ee30ea31c83bL } },
-    /* 8 << 280 */
-    { { 0x300b04840d6ded89L,0x0b1092cbc3ab55edL,0x17d9c5420cc10a74L,
-        0x7f637e84eff9d010L,0xd732aa1e27aa1285L,0xedb97340e2a77114L },
-      { 0x62acf1585ef4dfb0L,0x1e94fc6eba1d7b81L,0x88bec5d22e6eb2dbL,
-        0xaec272028d18263dL,0x4b687353e4bbd6acL,0x031be3510ff7e4c0L } },
-    /* 9 << 280 */
-    { { 0x048813847890e234L,0x387f1159672e70c6L,0x1468a6147b307f75L,
-        0x56335b52ed85ec96L,0xda1bb60fd45bcae9L,0x4d94f3f0f9faeaddL },
-      { 0x6c6a7183fc78d86bL,0xa425b5c73018dec6L,0xb1549c332d877399L,
-        0x6c41c50c92b2bc37L,0x3a9f380c83ee0ddbL,0xded5feb6c4599e73L } },
-    /* 10 << 280 */
-    { { 0x6c00f388f086d06cL,0x17ee45035add0cf4L,0xf96984c707caf89cL,
-        0x9d49d667648ed5e9L,0x3ef95015a0164881L,0x39e28e447d9c651fL },
-      { 0xb13ad24059f37780L,0x08cee349b9522225L,0x9245ee6f2ba1b214L,
-        0x12bedaa9a886d8d2L,0xe139ae08fcb8186fL,0x99203fb6fc2ef864L } },
-    /* 11 << 280 */
-    { { 0x14d34c210b7f8354L,0x1475a1cd9177ce45L,0x9f5f764a9b926e4bL,
-        0x77260d1e05dd21feL,0x3c882480c4b937f7L,0xc92dcd39722372f2L },
-      { 0xf636a1beec6f657eL,0xb0e6c3121d30dd35L,0xfe4b0528e4654efeL,
-        0x1c4a682021d230d2L,0x615d2e4898fa45abL,0x1f35d6d801fdbabfL } },
-    /* 12 << 280 */
-    { { 0x3c29284764c9323dL,0x40115a890491f77dL,0xec141ade2d7a05f5L,
-        0x0c35e4d9222a5f9fL,0x5ea51791442a3e9bL,0x17e68ecee51b841eL },
-      { 0x415c0f6cd6ae9174L,0xe6df85f89ffd7595L,0x65fc694f8dedf59cL,
-        0xc609503efee92718L,0x57d2592e97d565aeL,0xb761bf157e20862bL } },
-    /* 13 << 280 */
-    { { 0xa636eeb83a7b10d1L,0x4e1ae352f4a29e73L,0x01704f5fe6bb1ec7L,
-        0x75c04f720ef020aeL,0x448d8cee5a31e6a6L,0xe40a9c29208f994bL },
-      { 0x69e09a30fd8f9d5dL,0xe6a5f7eb449bab7eL,0xf25bc18a2aa1768bL,
-        0x9449e4043c841234L,0x7a3bf43e016a7befL,0xf25803e82a150b60L } },
-    /* 14 << 280 */
-    { { 0xd443b26582376117L,0xb91087c11a1beb0dL,0x3fe62a6545cc5951L,
-        0x49c754bce6e472d5L,0x7e60bb8177c424ebL,0xbcd4088e830cbb97L },
-      { 0x3da5c94eba26df7bL,0x508b4f55f72b4338L,0x409c5c7469ad7784L,
-        0x82e5f1b0fdf44d6aL,0x10654a1ceed2766fL,0xef1e65faa6e83f4aL } },
-    /* 15 << 280 */
-    { { 0xe44a2a57b215f9e0L,0x38b34dce19066f0aL,0x8bb91dad40bb1bfbL,
-        0x64c9f775e67735fcL,0xde14241788d613cdL,0xc5014ff51901d88dL },
-      { 0xa250341df38116b0L,0xf96b9dd49d6cbcb2L,0x15ec6c7276b3fac2L,
-        0x88f1952f8124c1e9L,0x6b72f8ea975be4f5L,0x23d288ff061f7530L } },
-    /* 16 << 280 */
-    { { 0xa6e19d0a5f56dc3cL,0xe387e2690b88326aL,0xef7380950ee527a4L,
-        0x78b7174b7c4278a6L,0xc133d867e70798ffL,0x9d0fef759e9230caL },
-      { 0x7431eef01a955ab9L,0x3772e7038868d922L,0xf7a4306a8d6af3f7L,
-        0x633bb5a0bbec076aL,0x6d07623e7a257ca3L,0xffb5e16521c00663L } },
-    /* 17 << 280 */
-    { { 0xebfe3e5fafb96ce3L,0x2275edfbb1979537L,0xc37ab9e8c97ba741L,
-        0x446e4b1063d7c626L,0xb73e2dced025eb02L,0x1f952b517669eea7L },
-      { 0xabdd00f66069a424L,0x1c0f9d9bdc298bfbL,0x831b1fd3eb757b33L,
-        0xd7dbe18359d60b32L,0x663d1f369ef094b3L,0x1bd5732e67f7f11aL } },
-    /* 18 << 280 */
-    { { 0xfab0ce2bee1ae33dL,0x7bf9f90b4c5692e3L,0x131a4374d776d6caL,
-        0x6ba40908a2b135afL,0x5c4ab997e1334bf8L,0x9eb442d07af584e9L },
-      { 0xd764c506786391c1L,0x07f24c6bbcf6ab3aL,0xf73c7924fad8e1bbL,
-        0x79f624acb7583623L,0x2b032021b44c14d3L,0x7cc0ae8dbf58ff99L } },
-    /* 19 << 280 */
-    { { 0x3c7fb3f5c75d8892L,0x2cff9a0cba68da69L,0x76455e8b60ec740bL,
-        0x4b8d67ff167b88f0L,0xedec0c025a4186b1L,0x127c462dbebf35abL },
-      { 0x9159c67e049430fcL,0x86b21dd2e7747320L,0x0e0e01520cf27b89L,
-        0x705f28f5cd1316b6L,0x76751691beaea8a8L,0x4c73e282360c5b69L } },
-    /* 20 << 280 */
-    { { 0xe4d7c8b88929c133L,0xe5f96bef92a813c7L,0xdb8ab0af71c18e09L,
-        0x0db6ff287dae63b4L,0x54d1fac49a1eaa73L,0xadbcfdf59180c980L },
-      { 0xd3220f300b584314L,0xa24e4d1cca3697c7L,0x4ade8c7fa44f8067L,
-        0xbd8bc81aca21ac17L,0x303a2f9fc1d361cfL,0x55648b65c71cf031L } },
-    /* 21 << 280 */
-    { { 0x46bcc0d5fd7b3d74L,0x6f13c20e0dc4f410L,0x98a1af7d72f11cdfL,
-        0x6099fd837928881cL,0x66976356371bb94bL,0x673fba7219b945abL },
-      { 0xe4d8fa6eaed00700L,0xea2313ec5c71a9f7L,0xf9ed8268f99d4aeaL,
-        0xadd8916442ab59c7L,0xb37eb26f3f3a2d45L,0x0b39bd7aa924841eL } },
-    /* 22 << 280 */
-    { { 0x6f8135c7ce89e8daL,0x21ac20d9d6b5948eL,0x1dc4d48b31cefd7eL,
-        0x3d34bc2a4a347926L,0xadcd11be8f614fd6L,0x77148b08a8ea116aL },
-      { 0x7afc75fcfce1d3f5L,0xa9e0557d7d9a8ea3L,0x640cb5850cc864ecL,
-        0x5811ba842eb332c7L,0xb6c10b6efdb668c4L,0x24d8b10f99f5f6c7L } },
-    /* 23 << 280 */
-    { { 0xd811eb32e03cdbbbL,0x12055f1d7cc3610eL,0x6b23a1a0a9046e3fL,
-        0x4d7121229dd4a749L,0xb0c2aca1b1bf0ac3L,0x71eff575c1b0432fL },
-      { 0x6cd814922b44e285L,0x3088bd9cd87e8d20L,0xace218e5f567e8faL,
-        0xb3fa0424cf90cbbbL,0xadbda751770734d3L,0xbcd78bad5ad6569aL } },
-    /* 24 << 280 */
-    { { 0x391fa3cd8d075ec5L,0x54d45020c84c81e5L,0xdead561a79fad87cL,
-        0x0ab3c8544e7ffc48L,0x5967f8ebff02706cL,0x8860de795d31ec98L },
-      { 0x7476459c6c8a1c25L,0x8d9c484082f16117L,0x5c1b13b33b413429L,
-        0x1962a435601b5906L,0x78b9d382e006929dL,0x1924e979e5897b16L } },
-    /* 25 << 280 */
-    { { 0xcadb31fa7f39641fL,0x3ef3e295825e5562L,0x4893c633f4094c64L,
-        0x52f685f18addf432L,0x9fd887ab7fdc9373L,0x47a9ada0e8680e8bL },
-      { 0x579313b7f0cd44f6L,0xac4b8668e188ae2eL,0x648f43698fb145bdL,
-        0xe0460ab374629e31L,0xc25f28758ff2b05fL,0x4720c2b62d31eaeaL } },
-    /* 26 << 280 */
-    { { 0xef1001dfbdb22e61L,0x1626bd9af384bbf5L,0x33f42d385fe8ae07L,
-        0x59646c42b7218d21L,0x5e27210e6a016f5dL,0x3e9ecf07094481c3L },
-      { 0xf91609c1f50cc2dcL,0x8bf8c05ad0d43633L,0x9d508972e74ab746L,
-        0xb625887a33f628b7L,0x557bd493e733952fL,0xd35f450b8981dcfbL } },
-    /* 27 << 280 */
-    { { 0x4603cdf413d48f80L,0x9adb50e2a49725daL,0x8cd3305065df63f0L,
-        0x58d8b3bbcd643003L,0x170a4f4ab739826bL,0x857772b51ead0e17L },
-      { 0x01b78152e65320f1L,0xa6b4d845b7503fc0L,0x0f5089b93dd50798L,
-        0x488f200f5690b6beL,0x220b4adf9e096f36L,0x474d7c9f8ce5bc7cL } },
-    /* 28 << 280 */
-    { { 0x531c43cdb63f3d28L,0x01289772429708dfL,0xb0ee772ccdb60078L,
-        0x4131f5cd5f1a6e72L,0xd9d0f8c6a0da0112L,0x58efddd204e957b1L },
-      { 0x18857c0c32840c31L,0x00825340c4068b2cL,0x0a9217a771ff8800L,
-        0x69b19e6415530b80L,0xa28e274ee125e3f2L,0xb471a91bc9bfc846L } },
-    /* 29 << 280 */
-    { { 0xfed8c058c745f8c9L,0xb683179e291262d1L,0x26abd367d15ee88cL,
-        0x29e8eed3f60a6249L,0xed6008bb1e02d6e1L,0xd82ecf4ca6b12b8dL },
-      { 0x9929d021aae4fa22L,0xbe4def14336a1ab3L,0x529b7e098c80a312L,
-        0xb059188dee0eb0ceL,0x1e42979a16deab7fL,0x2411034984ee9477L } },
-    /* 30 << 280 */
-    { { 0x01d04fe04ce2d199L,0xf434bcfd0517c7ebL,0x82f3aca4a7659a94L,
-        0xf436a7781ff015c9L,0xf5143391d6223e5cL,0xba66c6a2ecb5c340L },
-      { 0x080f158a4b23a041L,0xb401094cb699acafL,0x1c57626c677491dbL,
-        0xfb39e317d42d86dbL,0x19e2ca804f6b3354L,0xe919c4c3c1d41ef3L } },
-    /* 31 << 280 */
-    { { 0xd65246852be579ccL,0x849316f1c456fdedL,0xc51b7da42d1b67daL,
-        0xc25b539e41bc6d6aL,0xe3b7cca3a9bf8bedL,0x813ef18c045c15e4L },
-      { 0x5f3789a1697982c4L,0x4c1253698c435566L,0x00a7ae6edc0a92c6L,
-        0x1abc929b2f64a053L,0xf4925c4c38666b44L,0xa81044b00f3de7f6L } },
-    /* 32 << 280 */
-    { { 0x35ae891bbb71e9b0L,0x1f6ce6ca522b77f0L,0xc2dab3cae63745c4L,
-        0x55b8c185f218d139L,0x6ab039c889f3b0e2L,0xd9e25bfdc644c3faL },
-      { 0xc8496f203e2ed47bL,0xc395ec028d67e17cL,0x5c67839292114918L,
-        0xe962e52fef73f345L,0x3818baf354fcfb22L,0x4d75d65d9d4bc911L } },
-    /* 33 << 280 */
-    { { 0x10078824eb7ff5fdL,0x50c65328735ef75fL,0xdfc04d53ec980ba2L,
-        0x4bfb260f2d519cf5L,0x1f03dff15c854667L,0xd1ad2231badb625cL },
-      { 0x986064d0be9f7f03L,0xe5ff93e5c13f7d0dL,0x02682a1896e26a17L,
-        0xc421567c817ec3cdL,0xb740652352615c25L,0x6800a8335d135eebL } },
-    /* 34 << 280 */
-    { { 0xde57575b17d8ec5cL,0x72e2257578aeb9bbL,0xce73fa7731605c27L,
-        0x2f286b79ae77436cL,0x5e78fbb77f4e6997L,0xb03c888e474f23a7L },
-      { 0x4bb302a3e38927ceL,0x39c6de5f6e1514ceL,0x9daa0ad349b2ddbdL,
-        0x98fd2377d683dffdL,0xbefa4ae5933476edL,0x4ad53d01173f49edL } },
-    /* 35 << 280 */
-    { { 0xdfafc70e44b89837L,0xe0104b9c4935fa88L,0x7625d9d92fd702e2L,
-        0x27461e6549af2219L,0x4a279383ad3f36edL,0xd87e246b9204e857L },
-      { 0x8d832190ab1727d9L,0x59205cd82182e291L,0xb96a1d15a6513613L,
-        0x1c7de3cc49cc8ddcL,0x637ea26af17ab785L,0xc098bb7a09a3ba58L } },
-    /* 36 << 280 */
-    { { 0xfb5383cc31bd4f68L,0x6fd5aee3d96a1899L,0x4e39d6eb01d5430eL,
-        0x12679565ca5a2848L,0xa399e83f062b44fbL,0x3ee2432f3c166682L },
-      { 0x57229c841de47708L,0x40a5d0cbba528a61L,0x4bae36be8239e7baL,
-        0xddac65a2f8087427L,0xfd516d1a3cc61266L,0xc89542b5bcef98b1L } },
-    /* 37 << 280 */
-    { { 0x3fc8d1b2d49cc0eaL,0xfc591f7f7bca4d23L,0x5f48e27c41fefdf3L,
-        0x5ca1d08a1039419dL,0xd450c1bddc8042ceL,0x6760e23fb436fc4bL },
-      { 0xc5642797c06bb34bL,0xb787cd53fde06d4dL,0x2926360ccbf144b0L,
-        0xb63756f4dce32421L,0x0878deab774abc4aL,0x2d97c7919a4e142aL } },
-    /* 38 << 280 */
-    { { 0xf58389ff105c818eL,0xfa29f1eb585fa7f0L,0xb6da09b5917e8924L,
-        0x1375c3047e7a3f49L,0x9b4792b289cfa1c0L,0x92094a8535571cc7L },
-      { 0xf986ccf6051e5e50L,0x55ea34d601df6babL,0xe65989eed1363333L,
-        0xd94bbd918c84e20aL,0x9a4f71dc49e39b8aL,0x6d9fe495927d633eL } },
-    /* 39 << 280 */
-    { { 0x30b295f01fdc29e2L,0x71415daae2c2fab4L,0x205e957683c312beL,
-        0x893c69fefab48afcL,0x8108f3f994ca2fdbL,0x37c860c314f99296L },
-      { 0x1009a6d2e990ed34L,0xd5350c36ac26b611L,0xd03161102ce23d91L,
-        0x82bb476e62189343L,0xe255965160ef0cbdL,0x6bab3f53cf5d2311L } },
-    /* 40 << 280 */
-    { { 0xcaa3b7a592fa460fL,0x92bb46b804dff174L,0xcd6949b3cf926a1fL,
-        0x01f95e5559d1bb18L,0x21f90c08d4518f3cL,0x325dbfe920ee8bf5L },
-      { 0xd0136f3feafb919eL,0x941190cc8e0ebcabL,0x599e91a287b557aaL,
-        0x7fac4887dcbde1c7L,0x1dad481905a07040L,0x640493978b03d593L } },
-    /* 41 << 280 */
-    { { 0x65521bb85ebd3685L,0x16c68e79665d1619L,0xd6ab56bbc52b14c8L,
-        0x312f1fb4c6d3067dL,0x5afef4f3d50587c0L,0xa3e79e94ace6e2feL },
-      { 0x52c7fa0825f12a1eL,0x9c1c1ea20dec9f3dL,0xc418d4232e87a036L,
-        0xa0a19fbb0283752fL,0x52e0a8830b804506L,0xc67fc71b3f7de2a1L } },
-    /* 42 << 280 */
-    { { 0x4d062d3d7dad8ca9L,0xb78c81581cf59756L,0xaccb38f8c6b5d9fcL,
-        0x83436d3f7ddc66eaL,0x37115b6033adcb87L,0x49b74bd45a8b09abL },
-      { 0x7b8bdb81675ae43bL,0x5284f5b3f0476428L,0x8f1521e7db38b0c7L,
-        0x792ef9dea0c4b2f6L,0xa15880a162159fc6L,0x70b999e372b09b63L } },
-    /* 43 << 280 */
-    { { 0x6f47787d4e8ffde7L,0x19e9434574495a10L,0x8da6d55784f5be33L,
-        0x110844811884e325L,0x621734c5a9f030baL,0x25cd0544d0e63f63L },
-      { 0xea6729687e936833L,0x08297af784a34442L,0xb77dc3a342f9ed3eL,
-        0x9f8908c8258e8d4fL,0xb8281bfc3299ba4bL,0x1f6412920a09849cL } },
-    /* 44 << 280 */
-    { { 0xd5d51e60ee9a7708L,0x2e8ab3effd2cfe78L,0x0af5c3bac8e71273L,
-        0xbfd1b94091041652L,0x4c7c86ab52ce4582L,0x3ab72feff1d9bc29L },
-      { 0xae89c3d51e1974b3L,0xd859c7ef70433caeL,0x762064c77edd1398L,
-        0xc0b6a6b6072064a4L,0x3ba43b059bb1b3d0L,0x20f9aa85e47d79bbL } },
-    /* 45 << 280 */
-    { { 0xd1a45415c2d001cfL,0x40f3f05d848a480fL,0x03708da0ce554d5bL,
-        0xd7090557c80f4254L,0x7e57d29907743393L,0x7db8a5e10f2f5903L },
-      { 0xd0466a0b14e8ff8bL,0xa3c38f49e0cf88b0L,0xde47262e329f71adL,
-        0x56b2a7935da6d0a1L,0x22e1f9b880ef44b0L,0xb9b96c617b2b6d4bL } },
-    /* 46 << 280 */
-    { { 0x3235bc494c500ee1L,0xce0f0b54da4a4f35L,0x628cb91c337ac7b7L,
-        0xd8a6d4cd88a26e9dL,0xdcf40cba96e44349L,0x073a0f75b54e3fa9L },
-      { 0xc9b95d29ca44e6e8L,0x42ad9afa2315f4beL,0xdf13a5ddf78617c7L,
-        0x40aeb346d196504bL,0x9317d6f33d1fef90L,0xf94d308fe1708a79L } },
-    /* 47 << 280 */
-    { { 0x45bc768608835815L,0x700d93bc5798c507L,0xae3415b85362a822L,
-        0xdbce01b33883d21dL,0xb9df7efbe56fb2aeL,0x5ed57d9427d341c0L },
-      { 0xdc26916e7ee4dfa0L,0xcdb06a17147c075fL,0x0198b6a7fa9e7a63L,
-        0xc9876c786355b62bL,0x9f4b8f12f565279dL,0xa03aeb619cb6ddb6L } },
-    /* 48 << 280 */
-    { { 0x3a35938779493f3dL,0x128301a91f06a9c0L,0xfcce0f82899d204cL,
-        0x4ca41589158780b5L,0xc28f1bb73c4edd4fL,0xe08e48a87a6aec34L },
-      { 0x6d4783dfd447c55eL,0xe7c2ecc857803027L,0xb7b8c2bcdf6d7f91L,
-        0xf0a8d4700f356ca3L,0x229894bfdeb8e964L,0x555c9d40d3aa70e1L } },
-    /* 49 << 280 */
-    { { 0xa899a252e0ace851L,0x74b716c9bb9d8476L,0x2ba0bb00571bb175L,
-        0xee01a9bf7ac2b619L,0x74f0b6d3502ee575L,0x7fdd7856cc45f810L },
-      { 0x68c0beb1c0ae384dL,0x21955de8fe63d58fL,0x1b98e3951c08bbd2L,
-        0x5ddaf7e9638701b3L,0xefc264f1b1242d62L,0xa9b8de5c81292443L } },
-    /* 50 << 280 */
-    { { 0xf0d713b7131a3bf1L,0x690ae8c147e9f09fL,0x1dc92a5f8cd8bf1eL,
-        0xdf98927ad61f5445L,0x729b5469ae795eabL,0x939b391c5265675aL },
-      { 0x5d916c6c7bd7e97aL,0x7c2a3de5d514e72bL,0x0660758379e9915fL,
-        0x0554d5e543a4d2c7L,0x37eb7f82ca5bca41L,0x90e41b71b640109dL } },
-    /* 51 << 280 */
-    { { 0xfdd403b0e6f769aeL,0xa67f97f6906a7981L,0xc86c49be6aa83c6dL,
-        0x6177820677ab6d8fL,0x60f77c49916933b2L,0xfa33c528fcb3fe39L },
-      { 0x102ffca0783cb589L,0x6a37a394a96ce10eL,0xd17bf1f89eb4695fL,
-        0x2a7623af2a53116eL,0x10601afe83af2e60L,0xceebada2582a1704L } },
-    /* 52 << 280 */
-    { { 0xcbfb50fa57004c05L,0x0d545f0ea7bea436L,0xb7e30eb77071e269L,
-        0x435b3df73b845896L,0x48ba27f0b246365eL,0x9fbe883341344f12L },
-      { 0xb763df280a87ef33L,0x4f9339d70b5288beL,0xc02770d6e722e3beL,
-        0x6c69bfd918e32f03L,0x20c5c05e74c2845cL,0x09fa0928d6f9279dL } },
-    /* 53 << 280 */
-    { { 0x82f43866962fccc1L,0x92bc5f82278c9762L,0xc979a68b39a39a08L,
-        0xfcae204b97c5a298L,0x78f55c7908676082L,0x210e036447c7b09dL },
-      { 0x24512cef47d87769L,0xb4b0fdd7e4b53f4fL,0xc2a263fff6818efdL,
-        0xfa160dc1985bc93fL,0x7b7f82961bf44affL,0xd6c75fb2a6407cdfL } },
-    /* 54 << 280 */
-    { { 0xea0b6ec35741c57bL,0x9b148c2668ba5fd0L,0x6206025166461969L,
-        0x0726919f8cfc618eL,0xf66ac684c1954bcbL,0x160ad0260273adb4L },
-      { 0x0ec10cffe6f6aac3L,0x232fc7adb4f64d98L,0x0707cb6e73564063L,
-        0x76daa2c5487a29acL,0xe4ffd6e335768176L,0x4ab87262464d126eL } },
-    /* 55 << 280 */
-    { { 0xdbc1d21c553f05efL,0x16e950d0dc115e4cL,0xa727059a354480a5L,
-        0x32df221efd6711f1L,0x06f9bc2e5c8aa9fcL,0x9f2449a67b15522cL },
-      { 0xac14774bf498ee00L,0x02b5979f3ec7e0a2L,0xdce96e06e1e00abdL,
-        0xd7a1bf5a1e00e8a9L,0x19b30fd3a8f42042L,0x29b08eb7e7c507ebL } },
-    /* 56 << 280 */
-    { { 0xe91477d3a66b2f3aL,0xf50d3bdfc4deb7f5L,0x19bf2857a1e45e44L,
-        0x1c104e3270a2126aL,0x4636b4894357b9f5L,0xf65e5aa0962d684aL },
-      { 0xfcc83a5fb7b52893L,0x8451d02b08adbd4dL,0xf0fb410c19f7a896L,
-        0x6b90b0faff36caeeL,0x111710d0f5af8966L,0x00a4cfafbd2b8c59L } },
-    /* 57 << 280 */
-    { { 0xad9f11cb817bd227L,0xe4733a1465d27b5fL,0xeda46e8dbcf76526L,
-        0x8db309ecad57a5a9L,0x4a863ec07f1487a8L,0xb0453ed210f1c4c1L },
-      { 0x9b4df78af2dbfd76L,0x62af38b21525e18cL,0xe6bd0b0ade2c7f65L,
-        0xad62bfb70b27fad4L,0xd21fd4346d6a8a5fL,0x07b606703e401a5eL } },
-    /* 58 << 280 */
-    { { 0xdd14c891e34b192cL,0x6ddfcc793aed3e36L,0xc89c3e6dc49a92e2L,
-        0xa61954fd6fcf1ce9L,0x420c39a9bd297157L,0x57c20a8a406d3f2fL },
-      { 0x7ccda02263faf545L,0xb01814a96cca4388L,0x88baf1dce5fb1fd0L,
-        0x9e1183cfa0bae755L,0x3fe540badbc243c2L,0xe50d52305aeb26a3L } },
-    /* 59 << 280 */
-    { { 0x10145b3d52726a98L,0x7236036869e333fcL,0xce9a409323a6f608L,
-        0x61c121dcddd11095L,0x3349b30a0d39f1daL,0xd07df9d4e3485e93L },
-      { 0xb4c500a561159e84L,0xbc74918100561c03L,0x8f27e9f3904ad807L,
-        0x7272786a0108ed01L,0xcf36a5d9c9365dd8L,0xe052fc9d7f859d87L } },
-    /* 60 << 280 */
-    { { 0x0e6cd863da97e11eL,0x5b058c6852a818a1L,0x7768c5e73de760b3L,
-        0x898b7f608dfb4142L,0xd48130977efec180L,0xd7196cd758279538L },
-      { 0x67c451fb816858a1L,0xbf0e88912ac699b2L,0x21fa74effcb126a5L,
-        0x1f9dc10123b8df5aL,0x38aefff921136ffcL,0x3408874c47cb395aL } },
-    /* 61 << 280 */
-    { { 0xded9035213054567L,0xc61d0628c58c633dL,0x73ff2589f31143c3L,
-        0xc43594ff0871b05cL,0xcf662dd64db0edf2L,0x6bac019d8d1f33b0L },
-      { 0xcaa37cd8bb379461L,0x9b077a6934fc0269L,0x421e716788ecedf2L,
-        0x2d422f95073284cdL,0x9a353114bbb2409cL,0x99e8c7a0dcbb79e7L } },
-    /* 62 << 280 */
-    { { 0xfca254cba21c40f0L,0x4945c838e0f4a032L,0x99318ff3fd6cb7fdL,
-        0xc631e0644a85e726L,0x2e3ca11d9359e8cfL,0x433a0e5c06acf935L },
-      { 0x665c54c996b37ea9L,0xe78865c4c2d52b81L,0x68596f6ffb27850aL,
-        0x7e7272221277995eL,0x602b0f5c197344c2L,0x81ff2ad620a9ec11L } },
-    /* 63 << 280 */
-    { { 0xb2ce6cbe7c4c464fL,0xd7c11ef5741a4b1fL,0xf3f987f621a7eb17L,
-        0x6b2812ef79f4e274L,0x3a0117ae38a7d5ddL,0x5d8c75a9cfab6bb5L },
-      { 0x3827c04052394166L,0x897eb181e00e621dL,0x6693817f8aa19361L,
-        0x67cac329959d81a8L,0x21e7133869a7ca51L,0xa02fd11269a46a87L } },
-    /* 64 << 280 */
-    { { 0x7f1f985c022ea83aL,0x90a22662a7584e7fL,0xb40a930a5188fcf6L,
-        0x3fad79aba3a82904L,0x7bee8d22f3151027L,0x79a1a838c2c3e17bL },
-      { 0x1fbe06e933cc3509L,0x629c56aa9abd5ccaL,0xfff290ec2d9cf7a5L,
-        0x5d0dedaa9bd062c5L,0x080344abd7d35381L,0x0848373af5cf9edaL } },
-    /* 0 << 287 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 287 */
-    { { 0x31d31f7a7a0c0bc0L,0x7a37a84ab251d2bfL,0x1793362e52f04d67L,
-        0x5808e70921c7b651L,0x33fe9123ed6f47f6L,0xdeb1dde958f71405L },
-      { 0x821d3045ae56b472L,0x9f61f761e02043adL,0x932ddb145b2048a9L,
-        0x17d989fed7811330L,0x032ae4cb128fd85fL,0x8f1956b47d1ef434L } },
-    /* 2 << 287 */
-    { { 0x070d34e116973cf4L,0x20aee08b7e4f34f7L,0x269af9b95eb8ad29L,
-        0xdde0a036a6a45ddaL,0xa18b528e63df41e0L,0x03cc71b2a260df2aL },
-      { 0x24a6770aa06b1dd7L,0x5bfa9c119d2675d3L,0x73c1e2a196844432L,
-        0x3660558d131a6cf0L,0xb0289c832ee79454L,0xa6aefb01c6d8ddcdL } },
-    /* 3 << 287 */
-    { { 0xe5d473dc7521f457L,0xe9ef09bda00be577L,0xf6d0965fb6eaa640L,
-        0xeb49486875726560L,0x452116d528817302L,0xf0424fdbfbde3597L },
-      { 0xd6096da3bb454915L,0xde48280841422141L,0x7a1351972d19fac0L,
-        0xdc9a5ec421393f6fL,0xcabcc1e3eb2c8adaL,0xd436643142d8c4f2L } },
-    /* 4 << 287 */
-    { { 0x0ed1082f89e4e449L,0xdb1fb471833f2378L,0xa35fef0eece77352L,
-        0x76adaa464bf0c426L,0xfbab929aa011b2fbL,0x6f475d5b9d8cc4d3L },
-      { 0xbe6d7f2174351480L,0x2d1362d193e4a7aeL,0xc7e2cba5106ceaabL,
-        0xfe94528a45258697L,0x7109b17d075945b0L,0xfd395b2ccae17f7aL } },
-    /* 5 << 287 */
-    { { 0xdf534b80dece6d4dL,0xcfaa60a28737af46L,0x7d76a921b9ba3d56L,
-        0x61490bd199338721L,0xc514e950ed25cfbdL,0x5041fbb2dc09b8b1L },
-      { 0x2410310d46fbcbf0L,0x2c46bcd14f7e8aa4L,0x08ce31f5d0d5fe1dL,
-        0xb11efdbebeac3c97L,0x406e1d05b01633e9L,0xde48cdba766391adL } },
-    /* 6 << 287 */
-    { { 0x68550299845e12c9L,0x979b5406361d027fL,0xf601d2b4a8e92e70L,
-        0xfd02799f0cc9fca9L,0x89f99ca013bc2e96L,0x22a12c0bff9db9b8L },
-      { 0x6ae7084a32efcea8L,0x5ddd3ee9a24b9376L,0x394d92a4e0945e8fL,
-        0xddab6752ecea36f6L,0x650b74d60d18a069L,0x37f91cebad650860L } },
-    /* 7 << 287 */
-    { { 0xe3e559bd9d839b3aL,0x50e8d4e9719de3c7L,0xf7bb377cea70b986L,
-        0x63753cace1b2707dL,0xeb239a870e585c4aL,0xec40a379b0e32380L },
-      { 0x836ebcefc86d6685L,0x703c296a70d18b76L,0x47e2c004b94aa268L,
-        0x33ef7d0cbaf14d61L,0x74aa00fcd315c72cL,0xf23c789eccf5d75aL } },
-    /* 8 << 287 */
-    { { 0xfc1faedc310404a8L,0xea339148d3bcb128L,0xf00485456416defdL,
-        0x75de7770c58653e7L,0xdd2dcbebe2f6f99eL,0xa4380ef4d159ac07L },
-      { 0x45dd713ce4173608L,0x44919b61446a6789L,0x3f73756b6b962b38L,
-        0x3cb9f53bbffd3f0cL,0xd723c40b7f08ebaeL,0x998a9b170c3cddbaL } },
-    /* 9 << 287 */
-    { { 0x261c9fe6f21ae889L,0xa589147edf3cb243L,0xd09452f71976deecL,
-        0xf80ee8bf2497f6b2L,0x0b5f1b19eee697d4L,0xce9b6b680de48ab7L },
-      { 0x3ad3bbc4bbf29546L,0x544406a697f51becL,0x51d44dfac2e2e75cL,
-        0xcfc8625d3da3f634L,0x0845ace6a1f5995dL,0x11850d8bf3b65c55L } },
-    /* 10 << 287 */
-    { { 0xa804b2f089ef2489L,0x06a2a805fb22f7d6L,0x31baf4fd353970beL,
-        0x3481c8b712854a91L,0xb0424eecf3971398L,0x748ef3820f4ed94aL },
-      { 0x92b74ad026722164L,0x23f71d5831b1302fL,0x6741b28070a5f0c9L,
-        0x46c12cfb9f5101caL,0xe7014d7901d0f81eL,0x129bd87ad758c288L } },
-    /* 11 << 287 */
-    { { 0x6c43d8307b00cd09L,0xb794cb012141eb00L,0x95fe13a75cf23ec5L,
-        0x3de5ad7b8f2c799eL,0xa378434a025de83bL,0x07f681bba3a14a3cL },
-      { 0x8fa0b5d2983ba419L,0xe477bf361781bf08L,0x5b8162845e8ce6bdL,
-        0xb36a78ee199ec8eeL,0x444fc01a6062d5d1L,0xc026ab4586ee9ac2L } },
-    /* 12 << 287 */
-    { { 0x6a565269a3e0c5b3L,0xaab7ec7104c6ae54L,0x0bda11a7d8c6ddb8L,
-        0xb7ebfafb2332347bL,0xcf791881e99dff48L,0x81600214dc357c83L },
-      { 0x2a264f8931d7495bL,0x8ca430004ec885a7L,0x6d478260bb47d417L,
-        0x544de4ec3d817032L,0xac7150a9dc05f901L,0xffef225775c0963cL } },
-    /* 13 << 287 */
-    { { 0xacb83aadb65296f8L,0x04c96c3e18151422L,0x8913311e7a9f126aL,
-        0x3baeaf8010b74e8aL,0x253c9dcbb7410105L,0x30a13e42da2d5437L },
-      { 0xde31fd5533a2065eL,0xde2caf1ffe099595L,0x54c762fe795076b5L,
-        0x8beb51fe635ed402L,0x369603c1e5c3d2a6L,0xc5083f0700a472b5L } },
-    /* 14 << 287 */
-    { { 0x58805ca8d2eaf294L,0x910d085ed7d5abb8L,0xf9cbc9a1349cfecfL,
-        0x67bc7b417800a980L,0xe7e6dbc0f6847e9dL,0x7a0f22c4af379c48L },
-      { 0x80b6fc04b1d2822fL,0xa1cae656d8517a70L,0xd2d11ed14e9dc24bL,
-        0x48d74f173fab87e6L,0x1feca5af50c630aeL,0x263e04cc62d0620aL } },
-    /* 15 << 287 */
-    { { 0x7dd330ca16b2a52aL,0x25133c614157ae5bL,0xe6ee0e4edd606b2fL,
-        0x700840423f2b59a7L,0x58d27587d03f54eaL,0x62ebc668d34605e9L },
-      { 0xa764392ab3155e07L,0xf0810f3e3c6ae6c8L,0x1b32e5ae94614cd4L,
-        0x45b49262b9cbf481L,0x0034db795b3d1184L,0x463237825b1b9ab9L } },
-    /* 16 << 287 */
-    { { 0xf6377e3bf6ba1469L,0xc334fb6c09c832d3L,0x7f85ac42c21c0cf1L,
-        0x7a3e31c9857d8edbL,0x2eb1076327b77ed6L,0x2bfbbdbc38dae10bL },
-      { 0xed7c6fb17bae3b4fL,0xc5911d9f36d04e6fL,0x4dc435504569e72fL,
-        0xaa82fb97bedae3abL,0x06d37bef4f27e463L,0xd0dbce6df0c35a11L } },
-    /* 17 << 287 */
-    { { 0x4482c7b704414726L,0x72c9cb5b26d23eabL,0x3747b8cefd5cb171L,
-        0xe4ecabc300312ffaL,0x5909f29b9cf10a38L,0x209bc3f4b8d0e5acL },
-      { 0xd34c84db60fac147L,0xd64dea89f8938c89L,0xb18285f8b815267cL,
-        0x719a7e355a2437d1L,0x45f8d9dab769c5a2L,0x2d0e4281a412cfccL } },
-    /* 18 << 287 */
-    { { 0x23c14c43d8f6e236L,0xb14be0d28ee39386L,0xd3c55814262dd390L,
-        0xa1b40401e1f23d0bL,0x1377b07c61534375L,0xfe4e3eb116f6d95eL },
-      { 0x17b1af0040b4386cL,0x2dc657a837ca3851L,0x6862ca92ef976731L,
-        0x9f0c380ba4118d3bL,0x23bf793977c1aa94L,0xaadee0612bc27d4bL } },
-    /* 19 << 287 */
-    { { 0xfa5e4cb6f1847a9aL,0x0e13a60cba6f07f1L,0x68d9db450ac86498L,
-        0x44b02de3920ff013L,0x43724c2d84b46078L,0xb3686ee81f951b93L },
-      { 0x019b3e77d712fe85L,0x313e7b7497dfb295L,0x7d883ed826d50e37L,
-        0x64815565d32562ddL,0x2f9e48bed7b3e2f2L,0xc97cf156dcb93450L } },
-    /* 20 << 287 */
-    { { 0x0573d9963ab4c707L,0xee5d87691420fdf1L,0x41873aa55e2b9c12L,
-        0xe09290456810bf08L,0x4ff4143fccbe4bbfL,0xd0e5a74969328301L },
-      { 0xab5912621c4b73beL,0x550ea0633f3edf99L,0x8a77633734c93db1L,
-        0x5c51d3f832b21521L,0xcee9f604713feea0L,0x0d6f8a5a7bf4268eL } },
-    /* 21 << 287 */
-    { { 0xc415d467009a0cffL,0x32dd46ef55960242L,0x4ccc6f676d6a81b0L,
-        0xa860bcb6b2571d81L,0x7e74150991f9b6c9L,0x9a96b2f9d3a0592aL },
-      { 0xcc3d821071248929L,0x586062daf1cb0f52L,0x18d993483d48b6c1L,
-        0x667f17949f4e612aL,0xf1d7a77ffb3a12e9L,0xf7586397f5753220L } },
-    /* 22 << 287 */
-    { { 0xb87d5ce2722f405fL,0x24d1f993d7c6a322L,0x09d837291e0d8113L,
-        0x70b5cdbf89a6cbc3L,0xdfb3ee16fb2c9607L,0xf0acc1163465c7c6L },
-      { 0x10cef4b707e6659bL,0xc280c4331fde9940L,0xc8b5e9819a2d3f25L,
-        0xc36faa763f7f68c1L,0x17878bfa8d54e281L,0x8fda8b359c42c5a2L } },
-    /* 23 << 287 */
-    { { 0x2aa1366305d22d7dL,0xee77da6eb0c62a12L,0xff8f99c5bacad876L,
-        0xcbe33479f8a0f0baL,0x4c69bd7f4a232c8aL,0x760ce3fd485d3f48L },
-      { 0x0b286a59268d7411L,0x2dd746b6589819b9L,0xe017a53060ce76f2L,
-        0xe4407828d642a7f0L,0x12761e51b6badaecL,0x4f4f286b78d07257L } },
-    /* 24 << 287 */
-    { { 0x43c78835661019ecL,0x68e916b124e66d29L,0x02c0f3a224094671L,
-        0xab6f1c05d0f17d86L,0x6d3bac72a22d4264L,0xd7b8f152f6e5fafeL },
-      { 0x95627c6339447eb3L,0xfd15901879e1ff93L,0x39277c835ad80806L,
-        0x758aafc90d7c7b74L,0x605ad8ca4cb8bec9L,0x6a90085c5741828aL } },
-    /* 25 << 287 */
-    { { 0xbc11d3d559cdebfeL,0x75c31b4531b2796eL,0x8d11e18a07b1055eL,
-        0xcf522c1fb2d2986dL,0xc994c377eafcbec6L,0x840d27ebc0c0e2f0L },
-      { 0xd4124d17859550d3L,0xeea6047aba21b2b6L,0xbd2a036e335a2854L,
-        0xd8703d6b207ac2e5L,0x09d2244a94a34bbbL,0xd6b9481417ec6f44L } },
-    /* 26 << 287 */
-    { { 0x7d8ddca252aa7ff2L,0x0985e47d6953b9a2L,0xed328993dfff63ccL,
-        0xbfeca5327cfa6ee5L,0x7535a871b1e6a010L,0xb0052764303c2ec5L },
-      { 0xd39c72102fedb0daL,0x7ee2b384e1001505L,0xb638a1b1c82a7e1cL,
-        0x1b94a47b4573fd7dL,0xef2bca7792cb2b88L,0x49ad6e97a75b21efL } },
-    /* 27 << 287 */
-    { { 0x591bdd0d8f4093abL,0xa2c63f1ba1322343L,0x5e548f71b32a4331L,
-        0x9930891c5e7f3c14L,0xb2b2406e54c27043L,0x7ffe3e5ef1281af8L },
-      { 0xc31ba363900742d1L,0xf24c8ae1e61ee209L,0x687c56b7beed46f4L,
-        0x0b63e47895682562L,0x9117cf4c0c8a45a8L,0x0744a86824c20748L } },
-    /* 28 << 287 */
-    { { 0x9ac777993acb39ddL,0xd1d3ecddbb7c6a8aL,0xa5271c9e7a75159cL,
-        0xa6ffb41f2c276e4dL,0xc526556e0bb9a955L,0xa32e1352233b7774L },
-      { 0x103f124bc2cf09aaL,0x1816d1eff10bae5aL,0xc5f9197ee8837629L,
-        0x064d5dcb13b1b76bL,0x109c70748d0fe0b1L,0xbb4e9743fce5f6e1L } },
-    /* 29 << 287 */
-    { { 0x4636f36d3ef05af6L,0x3695267b3e498920L,0xd59830285d773fc8L,
-        0x939591245d3cc515L,0xc3f52a9569134370L,0xc9d0db7af8848992L },
-      { 0xcd1be9bf15906eeeL,0xa95d25fb916d576fL,0x08de893be152fb62L,
-        0x65d743658ab1e35cL,0xd6d97057fef14ac1L,0x67ad47b9574508c7L } },
-    /* 30 << 287 */
-    { { 0x1b403c4f1470433eL,0x6f8cb19257e53eecL,0x87b5b93df0cce4f5L,
-        0xfefaa5008c566f77L,0xf6aa8066db71517bL,0x9f01b036d67f5952L },
-      { 0x9524306faaeb40dfL,0x5cb2e8e1421350a6L,0xa57d05ea3d69040cL,
-        0xd0ff12a1b9bbdcd8L,0xed64d3259e3e19bbL,0x29509c0fed0a490dL } },
-    /* 31 << 287 */
-    { { 0xc94191e7a607c050L,0xb918a096b98d3d4eL,0x97413dbce3f253f3L,
-        0x8476c03cdc6d8418L,0x50247d1d2402202dL,0x077476225f8097c5L },
-      { 0x1457ab609b71c6d6L,0x9ff312c447cf0c94L,0x954dce23ee79d2bcL,
-        0x3ba2b1a4a0da6e48L,0x363df36f532be9f6L,0x816642ddc742c7d4L } },
-    /* 32 << 287 */
-    { { 0x6edf5561ff8b1fbeL,0x614b788ef6eac0c0L,0x7699ae56d8d66d29L,
-        0x5f81602ae9d58eb2L,0xd0c04874faf9176dL,0x4b3a0046523153b1L },
-      { 0x9690930ff6315883L,0xa81c0b44a60ca92dL,0x2d0e725873bcba90L,
-        0x57efe72de902e329L,0x3fcd598676bc27b9L,0x492adf0393940c09L } },
-    /* 33 << 287 */
-    { { 0xf2ab8e22973a4b6bL,0x6a96f2ef6ad73ce7L,0xad5e22547235e929L,
-        0xfab3e4a9bc6c3b76L,0xf69fb2062dc950d0L,0xd863ca9049478ff2L },
-      { 0xec669f122749fabbL,0xe1d28bdc71a6d279L,0x766ee6458372942dL,
-        0xd118b90480ade5ccL,0xedcfb0a72293740bL,0xa3ee3a67f16b29cbL } },
-    /* 34 << 287 */
-    { { 0xc29fb53e118a0c7dL,0xea7a1017193b834cL,0x678072a2cec93ecbL,
-        0x9054d6b72475dedfL,0x4a7d477342ee616cL,0x05cec7f8680f8a43L },
-      { 0x39c491d496915870L,0xe07a2b1d8746edeeL,0x1d8ed3c83566e7fcL,
-        0xc7d744e5e002298bL,0x8a0acec99c0e6388L,0xb2daac39ebf48fe3L } },
-    /* 35 << 287 */
-    { { 0x773ad1cb8e133d97L,0x1e29f5a2872523d3L,0xa2a742293a09c1ffL,
-        0x809e6d284369ca06L,0xf22e521a7fe148caL,0xbaaf90c383ef9578L },
-      { 0x65aa9b54d633b2d5L,0xe55f2ce29a2994a8L,0x8a0af446e67e0b85L,
-        0xb9714de9c1f062c8L,0x1f4047dd2a3aa1d7L,0x39658ea965179222L } },
-    /* 36 << 287 */
-    { { 0x0322b29a57fbc5cfL,0xf55af7863078be9cL,0xd4b186e6ecb59f79L,
-        0x50f5fe746d950733L,0xaf8a1898a9f90d02L,0x483801a742d6d9bfL },
-      { 0xf0a0af145ec09c0eL,0x85af0e6188383360L,0x404b295e42592235L,
-        0xb3199d63c596493cL,0x7aadacdb194abb80L,0xac84563ec1c845c6L } },
-    /* 37 << 287 */
-    { { 0xd78d1dae5336e58dL,0xa3f36e0bc5ff354fL,0x8421f95e5d1ed78cL,
-        0xff4c16019f360c43L,0xd5efa09f8bb582a1L,0x0ece005aefb39652L },
-      { 0xce8bb58036c2c940L,0x11f8f74bcd1ae8ccL,0x923c350b57a2f2b3L,
-        0x2438e3213c86faacL,0xe76129503e230776L,0x35c73d415e6158e2L } },
-    /* 38 << 287 */
-    { { 0x8ffda4643672507aL,0x76301be7dd91327aL,0x42720bb0958860bfL,
-        0xedc0b8945ad4f455L,0x2fb553201bfbeb4dL,0x22a425bda1c6494dL },
-      { 0xfb927a85de0e7f52L,0xb84a82cf49a4b6a1L,0x8afd0546b640fe0fL,
-        0x23b78fbed2fc15cbL,0xeab469c26742a49fL,0x308e453fe277c7cdL } },
-    /* 39 << 287 */
-    { { 0x60ce0f55af7b14aaL,0xf2577fbe5cf5a2caL,0x7bb9521fabf3bb41L,
-        0x68b6409def00287aL,0x700bf423bfaf9391L,0x98e6c3017d637300L },
-      { 0x342ed4870ce28aeeL,0xad8b8dc383b059dbL,0x1b8a892b85d0a485L,
-        0x553c4fad6b7a7d3aL,0xf5692acc198d0379L,0x6004ebb3ce932f00L } },
-    /* 40 << 287 */
-    { { 0x6895dbe2f820c195L,0x3787a5003f6c7b40L,0xdc718243ac1e90f3L,
-        0x352f8c91ba5d0870L,0xf3d1c53eec0112b5L,0x08a0782f6b84f64aL },
-      { 0xd659e6358eedd5d4L,0xfc30df6c29537276L,0xbfb09978a1755ce0L,
-        0x227f7b12aa2b4187L,0x828730b9226539d2L,0x9051a37cb2472c95L } },
-    /* 41 << 287 */
-    { { 0x430c2a45d0a0ddabL,0x916aa68926a6291fL,0x9db5510268dff24fL,
-        0xa22121c1850a7aabL,0xd43416194e2d9670L,0x7ef2cb9415cf7636L },
-      { 0x2cd6ddf6bf97b27dL,0xac5676b625aba9c0L,0x3ca96f7ec4ee110fL,
-        0xc6900abd08e7ebb4L,0xcd3942fbdcb91135L,0x62d6b6f6a8ad56e2L } },
-    /* 42 << 287 */
-    { { 0x1ec7f2410828d35fL,0xd94c2a926ccae554L,0xdf4227273c36ecedL,
-        0x2facd6d89fa6582bL,0xed43247ed349d3beL,0x1d59d55d1db6fcc6L },
-      { 0x2b5074b1ee1bea38L,0x025496aac9c21a8fL,0x57dd7fa1d1d817edL,
-        0x57b5572aead03124L,0xdc024be87314616dL,0x5bb5b23c10f6e38eL } },
-    /* 43 << 287 */
-    { { 0x643cb9cd53812134L,0x016a11e8092ff9b5L,0x227f3dfbfcde37bfL,
-        0x01b9bcebe8a8fc6dL,0x7009ae45e1da0dd6L,0x193b6f519e2908f3L },
-      { 0x28656302230db5feL,0xb0a730c41aaeee73L,0x028320ab387addc8L,
-        0x92165d909a92488cL,0xb0b2f8f09066c95cL,0x0fa55db564007634L } },
-    /* 44 << 287 */
-    { { 0xbff4fe0844284b10L,0xc7e3f8da19c2f775L,0xdcd97e54a45ab746L,
-        0xf53158a9540ee8a5L,0xfd19068728c4aa74L,0xa3447e30648fa2e1L },
-      { 0xa6794670c374cedcL,0x605629c258204248L,0x1b86f8e6f7d8db3dL,
-        0x1e8ffe8bff0f38c9L,0xe4a556b8e274c82bL,0xb31406c94c0076d6L } },
-    /* 45 << 287 */
-    { { 0x198999821e555a0cL,0x831e923fbc196442L,0x8b294623f682e135L,
-        0x79ba90c01743c6e1L,0x74f8dbafeff5ed22L,0xe4c3257d5c010835L },
-      { 0x9cf94a208f9ec66bL,0x9fe9da3ddc303c43L,0xa53870be0cb716daL,
-        0xc322ffaa2aef881dL,0xb9ff76ff0fcd5580L,0xdcc125d49ebb1d7dL } },
-    /* 46 << 287 */
-    { { 0x747b6b6ddecaf88eL,0x1a32f8ba368cc7caL,0x52a3a00f60d84fd7L,
-        0x60052af507adacf7L,0x8b7bf25650b8de16L,0xb8b2acf8194926baL },
-      { 0x4bda72c81d1ef524L,0xe350f73288993f96L,0x63fee4e2e08c5d39L,
-        0x1f2cd9cd5db46904L,0xbf11ac311668d3bcL,0x8eaa064371d721aeL } },
-    /* 47 << 287 */
-    { { 0x33cfdcb3e14210feL,0x4abad5ec4946aa01L,0x14b42417a8cb53b3L,
-        0xeebb0d70238d4edfL,0x8c9d87fdb5bdb30bL,0x3cc680f17c928b33L },
-      { 0x4b2b2358757c2607L,0x51a70a33c1c8dedfL,0x62a26d776b22d113L,
-        0x2f4acd62ef3b4f5eL,0x403e91bf6ed00636L,0x219ba3577bf74d3cL } },
-    /* 48 << 287 */
-    { { 0x7de743e2b39317b8L,0x9205d4472d372acfL,0x8226fc303eeb0012L,
-        0xab2a3e052af74be6L,0xbe4767804af91ac0L,0x98497c710ca36bf4L },
-      { 0x74fdf7cd8d6dedb4L,0xb50778eea0fc5919L,0x5d5ec33f2fcd7c63L,
-        0x667b81937f33cde0L,0xce48ae4b38364d44L,0xb8578963223ed67eL } },
-    /* 49 << 287 */
-    { { 0x3e5688e46bfd7adeL,0xb3f1eb051b80bd4bL,0x8626c4cafe3de456L,
-        0x8846bc714b7e5444L,0xa54c7cff689e8a67L,0x8c3ea61f43eadcf6L },
-      { 0x924f17d6fde15178L,0x45319eb705c08d2dL,0x6d55775d9f85dcbcL,
-        0x2aaf9f7405278280L,0x574a13e77b617153L,0xe7fa921ae8b15bebL } },
-    /* 50 << 287 */
-    { { 0x9dd54056514e343aL,0x8d9116dff12aa25fL,0x5322ec38e3397844L,
-        0xe1843921571036a1L,0x2cde0a48650beb19L,0x41ad4a7e4f259728L },
-      { 0xf314fceeee6448b2L,0x80006b2aff0e81f5L,0xb5ee5524d51d229aL,
-        0xeba6d733128e900bL,0x79278cb8030f391aL,0xb24bcd63a9a5f9fbL } },
-    /* 51 << 287 */
-    { { 0xed867a7b37d10743L,0xd57d2d8df510023eL,0x4d500e4c737e0a50L,
-        0xcfa119900ecbf795L,0x3ac126b89373bdaaL,0xb06324fb735449a1L },
-      { 0xfe321df5cd79de70L,0x52d625dbfd07c6d4L,0x88ff505a3d628e51L,
-        0x120350fab044d725L,0xf718b20ad02f9515L,0x766698630bbea1b2L } },
-    /* 52 << 287 */
-    { { 0x6293e0ff50d9bda1L,0xe7259ada433b4dd3L,0x39aee63e821cee67L,
-        0x4d707c7144b10739L,0x42b9e0f69bd6efc3L,0x7d71edcc0717a61dL },
-      { 0xe7df9e56d1e5a5bcL,0x7895b638ddde509bL,0x6fc597b3d2a6a822L,
-        0x022da65d96d2a8abL,0x95541ce7cff45c72L,0xa5bb7799e649800fL } },
-    /* 53 << 287 */
-    { { 0x7472e4c963676cd5L,0x2836b1d52687f376L,0x1460b664f732a51aL,
-        0x7c4541f22a214ae1L,0x743a524d107d6622L,0x9c64e3ff082fc015L },
-      { 0x9341f3fc8e0d13bdL,0x9946043e529554edL,0x6fbbbcda5798d6ccL,
-        0x3bfad5fb242115c5L,0x1f46bd1945ab793cL,0xd9383bcf3b42f81aL } },
-    /* 54 << 287 */
-    { { 0xe4ff888f820a13b5L,0x7cd18b3eaf1bfbbbL,0x3fb7f681bd4e4dd5L,
-        0xaba364c287d46c40L,0x44e209ab659b3498L,0x5e071a272dde85c1L },
-      { 0x8a029b1fb969c790L,0x51bab9f0c6fd1c22L,0x9ee9b047b83eb0c1L,
-        0xda0b39439e5b2c35L,0x0cb30625f20ca425L,0x8e4dbd013d25c2c9L } },
-    /* 55 << 287 */
-    { { 0xe7aa41a96b8f7599L,0xe97ff24a3f556ad5L,0x10e07713dd6a9329L,
-        0xaf464b18c4d06a93L,0x9b8e5145a1ccc85fL,0xa256680bd0487ca6L },
-      { 0x420b60bf815652f1L,0xeaf09eff5bb45b6fL,0xa31e875f8845a557L,
-        0xb035ee09eebe0911L,0x1402d1d86531c356L,0x24aeeaf0b630f75aL } },
-    /* 56 << 287 */
-    { { 0x4b20d1829567f5f4L,0xde7e814918f02b34L,0xc9a4be7becff9dd7L,
-        0xe2f70bbe9812fd3fL,0x471bf90c9c889263L,0xb60d01b53e61f5bfL },
-      { 0x258c7f89d22d855bL,0x35ef5c15b75a7d4fL,0x26d8e1dab247f27dL,
-        0xcf1361998d0f7757L,0x312447803f8e894dL,0x8d2a20bae1a3d47dL } },
-    /* 57 << 287 */
-    { { 0x6447cc97f08a0417L,0xd98ea6837afee809L,0x81426d20bf7990aaL,
-        0x848bd6223526ad26L,0xb6cdc5b4fe1f3381L,0xe7e10bc7a26189ecL },
-      { 0x25a9f7cf57464e6bL,0xf90c1aa12c86ddf0L,0x2126ed530124705fL,
-        0xf384e7e5b58e6341L,0xb2dfeb0a12207e57L,0x72875c55e0e23287L } },
-    /* 58 << 287 */
-    { { 0x37579c3eb954b7a4L,0xf0291f8f3f2ea608L,0xde68104f90a85ed2L,
-        0x6a35fea9e1088788L,0xe8d5517470d15d00L,0x0bc72de552467f90L },
-      { 0x2ded3293297be2b8L,0x76c53e5761ddc65bL,0xae4b2b5015562d6aL,
-        0xfe7cdd329e0aeb79L,0x98ef4c518dd474ecL,0xfca56ffb0076b23aL } },
-    /* 59 << 287 */
-    { { 0x120adcba6f60309aL,0x41e46edeca8ab2c7L,0xd68aa4c529b79ce0L,
-        0x21a21f8d7a3b11fdL,0xea68dc4739d0809fL,0xd4faa71a27973044L },
-      { 0x65b42172810be134L,0xb2dafa6c793aee92L,0x951e9f6f1f78f7dcL,
-        0x2affc70a17fdba97L,0x4f0f4c51dcaa2789L,0xfde1951c9e703980L } },
-    /* 60 << 287 */
-    { { 0x80826a196488d9d8L,0xfa452795f3ad867aL,0xdd9bf8f5bd4e6674L,
-        0x324386227e8e3ee5L,0x7af4c605dff05c96L,0x79efb6f9541cbbd2L },
-      { 0xeb5ff62675e78961L,0x5318c4c30be43d7aL,0x02df456daa4a0562L,
-        0x4d6002d88a916a81L,0xf0dbc349f68eced2L,0xfd75d4d5ec8c3fddL } },
-    /* 61 << 287 */
-    { { 0x6c15d903544378f3L,0x0a9bc9d735ea3c77L,0x9d9066408caa4acbL,
-        0x9ba27502402be833L,0x1ed4123f8773fd7bL,0x236364ba190eac92L },
-      { 0xd6287f17f8383ee1L,0x75b7b0b5d9739582L,0xeb6cd50d0292806eL,
-        0x216f36dc43448409L,0xec136f8cb6c4958aL,0xfa805ab49ef7810eL } },
-    /* 62 << 287 */
-    { { 0x5c6448f70d00b29aL,0xaa134b87124cd55dL,0xc2c6b269d94b72d9L,
-        0x0f0dd472412f76d8L,0xb4cf3c1873f6571aL,0x6aed00218b9218ffL },
-      { 0xa55b74eaa0c9dde9L,0x59b952125b4c8fccL,0xbc9873ea4ddc367bL,
-        0x26b369ba0fd30421L,0x71763a45e446f4fcL,0x67e800edaff54707L } },
-    /* 63 << 287 */
-    { { 0x4de97de1126b4919L,0xd631d908883ea109L,0x37c77d729f6ec50cL,
-        0x910932e6df718c7dL,0xa798406855028d0fL,0x21b09540a6119a26L },
-      { 0xb837cceced4b4962L,0x3c83f4bdba66002aL,0xa067aa3d2ac41124L,
-        0xa64bff30d08dc360L,0xa22778a5c108d3abL,0x7f732064aac4dee4L } },
-    /* 64 << 287 */
-    { { 0xc68b641ec795a2c7L,0x4fe559b15a4d6647L,0xeda98cbad89ce668L,
-        0x15f84dc06c269d8eL,0xf0eb685ecbf34023L,0x3668c530c032634aL },
-      { 0x2e3d7fffe4531f59L,0xe627030685494d06L,0xf02cabcfa3e050dfL,
-        0xccd2da67c001dcd9L,0x50aa3723066d2d52L,0xdb0756507224a41fL } },
-    /* 0 << 294 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 294 */
-    { { 0x04418b5965b55050L,0xa8a797c3d324aa67L,0x5f87e22c7c65a6d9L,
-        0xaac710651dbeffe4L,0xff619d64bd3cc05cL,0x9a29c966e65c92c4L },
-      { 0x23af2b21dad7fcbdL,0x4950a767153b817fL,0xc34a7efac6478c55L,
-        0x57cde95af6cd140eL,0x64b74575f5a0db2eL,0xd4b5ea5275d7fb76L } },
-    /* 2 << 294 */
-    { { 0x284050628e72aafbL,0x655bf3538ea8bf00L,0x789d944405547f7bL,
-        0x7fa445ed3441e472L,0xfeb198254a44ce87L,0xccb5f12c129aed14L },
-      { 0x22b05de3af94fb34L,0x7422a040d3f03199L,0xfba252caa83f7f08L,
-        0x0f6ad6e6cefaa757L,0xe1ad18716517d806L,0xd16dc8ed8e9d97adL } },
-    /* 3 << 294 */
-    { { 0x0208092a0e3dca68L,0x9a49bdccd1a09971L,0xe5194181aefab9c1L,
-        0xc1c9690a0076f47cL,0xd7499e95b486c2fbL,0x83a69e43d4b72e00L },
-      { 0x75f2838a2d1a6c2bL,0x57a24c69751f6366L,0xd956ee08626cc684L,
-        0x434cadd7e6ce3249L,0x3d4eaececfe289bfL,0xbbd53b961b8aafddL } },
-    /* 4 << 294 */
-    { { 0xcbb99194a3736eb6L,0xdd5161cd36dcf470L,0xd50b24aab6ab6c03L,
-        0x419d2810bc41f4b7L,0xe2e88d7a295496cfL,0x350713f2f2457ac0L },
-      { 0x838e4a360427e2aeL,0x7631472a4d974e5aL,0x9fa3ab1c7a5c5fdcL,
-        0x324798cdde34cb8dL,0xbfa5a9d0889105feL,0xd05dad34fd0df249L } },
-    /* 5 << 294 */
-    { { 0xb47c1d47d6a3a1baL,0x99bb7e6572f65bd5L,0xf251794578abfda2L,
-        0x827f2aba3e3e3420L,0x436ee73250e2de70L,0x5c9ac6dc10eca926L },
-      { 0x2ec67465181f5e18L,0x1e8f32fcc6c83d02L,0x9dd3aeaf3953bd81L,
-        0xca955f4b07086daaL,0x7b4b6f3fd14eaa88L,0x562e75f1148d826fL } },
-    /* 6 << 294 */
-    { { 0x536e5657cb419fc3L,0xe8c208bc1d271dd1L,0x6a3713bd22d2b9adL,
-        0xa4c761a7471d808dL,0xd93aafb67e6dca35L,0xc46c0ae38f55ca32L },
-      { 0x55dc0de7a78bfca0L,0xe9cfb3013407d0caL,0x777e2a60b3256c14L,
-        0x32b2238c6d8fee02L,0xe8b3539646e43ee8L,0x310bc1ba247985ddL } },
-    /* 7 << 294 */
-    { { 0xbb9bce6810168f49L,0x32edc368717445e3L,0xb0b5a04426aa3ff2L,
-        0xc671f1fcd166542bL,0x3142864df61d2523L,0x11b2dfc7b0c67410L },
-      { 0x2e031a05c99690a5L,0x4782fb749fb7bae8L,0xeac2cd506b7175acL,
-        0x2e116782bef2313aL,0x67992027241c4d2dL,0xf8aa0e09a6952d9fL } },
-    /* 8 << 294 */
-    { { 0x9974759c581f9d3cL,0x9e76a970e5cb1973L,0x8afec58ec64941caL,
-        0x2d7c57fa01d05575L,0xc07c74cc5c448db5L,0xa52474ce01bb1440L },
-      { 0x93162d9700115bbbL,0x483b6147fd7480f9L,0x4f28c57e6af18dedL,
-        0x36faed8f174a3089L,0x702dbd64a3dd6265L,0x86a9c43f6adc0d7bL } },
-    /* 9 << 294 */
-    { { 0x9d4d4b3c795eb646L,0x727e2aa17485839cL,0xb50018a5aa9250baL,
-        0x5a15808d1ba716adL,0xb1748d580ff91cebL,0x0131bcff76144b6dL },
-      { 0x23fea4a58dcccffaL,0xe8eddb5ceb64caaeL,0x011a65971c3c5e66L,
-        0x7723dfba377a8f6cL,0x00167c71dee2f651L,0x3e89ddf5ee0e4325L } },
-    /* 10 << 294 */
-    { { 0xa3510710b9de7b63L,0x9f364ad14019c9dfL,0x5b66a5d79b5bdce3L,
-        0x2b2f695178b1b385L,0x3e4783d33cfa9f99L,0x1af517506bd6bcf4L },
-      { 0xf9c0686a81d8d7efL,0xdc0f22ec37c068d3L,0xe1b8665393545fafL,
-        0x37ca8501a8a52881L,0x07ac5c8a5603e359L,0x98fb2bab542cc937L } },
-    /* 11 << 294 */
-    { { 0x96326ec323da6b81L,0xdb48a5e1f90a6f83L,0xbb141660f640a0fdL,
-        0xb51609375b92f5c2L,0xaaabd54c997244e4L,0xbeb8ab2f859bb92cL },
-      { 0xcac7c5dda4be476bL,0x7093faea7f58c1b2L,0x3167a2c45c6ad412L,
-        0xabd86bc9544fb9a7L,0x571296a72448c363L,0x4da64cd9c6cd4621L } },
-    /* 12 << 294 */
-    { { 0x4981be690c5bbd3eL,0xb047df0a185fdb55L,0x3168e05074cff00cL,
-        0x111150a1b52c7f9cL,0x0db2ed84a51c7986L,0x7d991630e61272adL },
-      { 0x7443d93628de14ddL,0xfdf31f41a5daed5fL,0x71e0ef4e866b5e40L,
-        0x05c57a45b965a670L,0x85bdb58c70e1aa77L,0xe4d1fe2a9df3ce32L } },
-    /* 13 << 294 */
-    { { 0x6ff2b1a1772c3796L,0x9b88c1178e186fe8L,0x342ba11f4312af31L,
-        0x9a93a4d1a86ae2b6L,0x496d5f219d59e3feL,0xce519a7d6924acdcL },
-      { 0x6fdef82327c46e44L,0xab5504c34d31c9bdL,0x6fa52bca71693677L,
-        0x31221119033c80f7L,0xdb2cb49dc0a22f91L,0x4962d58f9b4aeb5eL } },
-    /* 14 << 294 */
-    { { 0x5d4618982f722563L,0x11d22b39567db14cL,0x9a8f004e6779cd40L,
-        0x0812ae3d5473ecd5L,0x4ed828624e6c296aL,0x2d9ce40c064ee61fL },
-      { 0x4856d586d8a9eb1eL,0x2ddd6b125d1b5e3aL,0x0ab5eec0382fba3cL,
-        0x302018dffcf4a9c8L,0x7b4e6fd2ab3cdedbL,0x266c246a8f64cb1dL } },
-    /* 15 << 294 */
-    { { 0x55bad54bd6dc35e8L,0xa43d72ff38642612L,0xe39a191609bc85ddL,
-        0xc9d4bc9b0f85d3baL,0x84cd12b61367a70cL,0xf4ebc0e04937bb2dL },
-      { 0xd083145949dc027bL,0x110751601cf29970L,0xa443a29c0b76b4c0L,
-        0xee5b8d0ca0de3249L,0x368aa3259002e7d6L,0xeb48afdc6182e2e4L } },
-    /* 16 << 294 */
-    { { 0xc41e4aedf5c3af59L,0xa0284ad06de9a78aL,0xf5eaab7b8ed812d2L,
-        0x7801fbb81afb58b8L,0xbe5cdba671efcc3aL,0xe31a0e3ccd10cb91L },
-      { 0x882e821e85dc0bc6L,0xd3ad070fbb32e506L,0x3afede2bd8a0f038L,
-        0xe20a117c857fd3a0L,0xebaa2aa43060f767L,0x6524aa0d2b9d1da1L } },
-    /* 17 << 294 */
-    { { 0x86aeca0ffd81174dL,0x19bc6ee60c6eefc8L,0xc85f7f2ea91f0e19L,
-        0x09b9276ad2354dc8L,0xb62adee0542a669aL,0x8354ad1a88097445L },
-      { 0xe67d2834df9984a1L,0x2330c8cfa64b2864L,0x309dcdeb39e7b54aL,
-        0xbbba4737a18cf5eaL,0x47511b1d92861a8eL,0x99d4bd673286d404L } },
-    /* 18 << 294 */
-    { { 0x9cc5847c88cffe33L,0xff726b0f6e8eb6c1L,0x9bb2ca161bc45d8eL,
-        0xe7903009a6d8a5a6L,0x4f089cc047db2201L,0x4135884de6b5928aL },
-      { 0xb1a86a0ae5c017cfL,0xb1d9bf6db0a393dfL,0x33d9c1c628bb3277L,
-        0xcb05b67b45b582ceL,0xa72585fcf33792c5L,0x78b7c5e8a7d1ed84L } },
-    /* 19 << 294 */
-    { { 0xbb83b446b1b4a091L,0x66440b3d9603d875L,0xd1931f33c2b45d1aL,
-        0xb8b67f20098d4cccL,0xa3583818790f208aL,0xe01194bec4a3e88fL },
-      { 0x29301bb192e8b150L,0x1795cabe9448ee60L,0x377d8f9752500c48L,
-        0x474e73d65a457e79L,0xce0a50ef30159027L,0xfe69abaafbb2c214L } },
-    /* 20 << 294 */
-    { { 0x70e478fb9346df25L,0x01dc0c2eb4a4ada5L,0xaec82b005be36ea7L,
-        0x82618b8f6717e06aL,0x2db1f6d4008f1977L,0x4e493f3b16b390d1L },
-      { 0xfe86fd4d990a75ebL,0xa1cf7f99783f6076L,0x6cbb23e70c049158L,
-        0xd05be7e5ed456235L,0x601374069bd836efL,0x94ec964432e5f604L } },
-    /* 21 << 294 */
-    { { 0xd96e4d920fc48c7bL,0xa2e29660f66e491cL,0xb92d850601146906L,
-        0xa43f4803afe346d6L,0x27885d98700b6bccL,0x90662e9f595d8de2L },
-      { 0xefa7f261f70d1007L,0xfe8a8be3fc72531aL,0x3b3f7541f1aa8d93L,
-        0xb31bea258215966bL,0x15faa4acf35d2be8L,0x0a5f95e786c9a45fL } },
-    /* 22 << 294 */
-    { { 0x3361e1ce3d87bfa8L,0x92f235e78dcca4f0L,0xc8084cb4be323fd1L,
-        0x3fd481a5c24c6d16L,0x9b1bd9402cea81baL,0xf50911910c5aa59fL },
-      { 0x4cd8c9eff81d5e2aL,0x5ad000131550bff4L,0x29d47b9f8cc32e55L,
-        0x66e3e6f111694eceL,0xd5edf7017950dd7eL,0x9ccb10960f6350c6L } },
-    /* 23 << 294 */
-    { { 0xc31e47ff95e784e4L,0x7ad0dfd63fa14241L,0xc91482092dab896eL,
-        0xe9a114cccb9bb463L,0xedce9e6f16cb16afL,0x0ee2ce0607508893L },
-      { 0x1aedb80ce31c0f54L,0x235d4591512658ccL,0x9029fad2a38583f1L,
-        0x95b1e1ddebef898eL,0xeb2f21809efabef3L,0x458c4338b10e9cbbL } },
-    /* 24 << 294 */
-    { { 0x09db138d18f2470cL,0x63bd2290f613658fL,0x0bb647794feebab9L,
-        0xfce4aee17fdb1e71L,0x7d5c0c61a7f1f65dL,0x46405b618d02d6cdL },
-      { 0x7cac04856fdcb0d0L,0x85224c4b2f8ec5afL,0xb5879a59db0aa864L,
-        0x75f391b8ff94f8b5L,0xa6c994ae49c97f8eL,0x4d968fadd690b232L } },
-    /* 25 << 294 */
-    { { 0x1e436df6e11a616aL,0x9eb49c76bdb932a8L,0x207d2fe90e6591aeL,
-        0x6e05acc8233ac034L,0x464dd321f3d04d32L,0xd4ba4889af43c171L },
-      { 0x0808e5207120fab9L,0xb9e4726c3fbac672L,0x5dd1c13b9d7d883bL,
-        0x1c091808771f1edbL,0x76988d1c75eac1a5L,0xb0fcd3a893a67be8L } },
-    /* 26 << 294 */
-    { { 0xf5cd290a67e0b4e7L,0xaa6fa6807c1594b6L,0xebedfbd7b63270beL,
-        0x574b410ba369bfeeL,0x431cba5a020ea888L,0xd3a3102f56c71d47L },
-      { 0x4894bfe0a90a853aL,0xd78bd98b5f9c4b6bL,0x9b1324f6d900c5c1L,
-        0xc65c944d718c2147L,0xf661de6ba987f634L,0x0315e69f172628d8L } },
-    /* 27 << 294 */
-    { { 0xb12e0ab8aac7ab64L,0x8ce877abb06cf9cfL,0x39b694b40bb11fb4L,
-        0x0c2428369b0d8850L,0x6bc9a033ccd50c6eL,0xaa2e77739a1e8fb3L },
-      { 0xa7d8be09608e2e9cL,0xeb4cef0542b9f458L,0xa7268c9b985f66fdL,
-        0xd60eeab27acf4968L,0x02eb2db3b6e5621eL,0x82fb4abfad8236c4L } },
-    /* 28 << 294 */
-    { { 0x07c60c7522ea5f1cL,0x35beae34a36bee4fL,0xa8b00a09dcba8997L,
-        0xa77f1f3a802ce50cL,0x6c4050df2a2144b0L,0xf79bfa96ab1b10dbL },
-      { 0x9025d470433a9b1cL,0xaf3e391790d9eec8L,0xbcad2d629ae2d535L,
-        0x7a152829eff0f6a9L,0xe87345cd925fa5a0L,0x6ce007200e84039cL } },
-    /* 29 << 294 */
-    { { 0xc65acf36c3d095d2L,0x9192c5fe72427e6cL,0xcb84c43c3fa8b90dL,
-        0x2f458fe965e15b23L,0xd8bf193731469f11L,0x1ccd8bb93638cc3eL },
-      { 0xa067022f78e35577L,0x382e6af730ee676dL,0xf197adc2f6d135bfL,
-        0x06360834c9a1cf58L,0x413813f7930371beL,0xf7461d04f5dcaccaL } },
-    /* 30 << 294 */
-    { { 0xdae449c007f6a05aL,0xbc1b84f55bf26c9eL,0xe3b3f9edb1c13820L,
-        0x5442ad5b4090598bL,0x794ef65613749e4dL,0xde809180948b71c5L },
-      { 0x4c72dc7de203c5b5L,0x8902b0971b349fc4L,0xa899bedb225a1569L,
-        0xeb7da73de6ff3f53L,0x6ee8e1607c0be37bL,0x9ee667d2a31bf943L } },
-    /* 31 << 294 */
-    { { 0xbc91031108b6fb2bL,0xa5e0ab3e25e06a55L,0x16ff0705360f1698L,
-        0x71c0aa7487e72a67L,0xa1f1497b355c75e8L,0x179b67bffa6bbcd7L },
-      { 0xc9db6590b6738583L,0xf77660c4d87e72bdL,0x0ee2e7b3f13abc2dL,
-        0x0cdf5a37a4d922b6L,0xaa8af2d596c853a4L,0xdc452af4e0092356L } },
-    /* 32 << 294 */
-    { { 0x5017e145db81146dL,0xc7d2086d45c54db8L,0x2541059dfa98234aL,
-        0x4bf344d99985af98L,0x39737ed67b5b7b1cL,0x8e24691987c411adL },
-      { 0x2fad8cedb877a75fL,0xe42352df17e60ee2L,0x1a53d856404043f7L,
-        0x6c1f07a5863927a1L,0x38d3a4f4b6892121L,0xf4c1092001976c8fL } },
-    /* 33 << 294 */
-    { { 0x541732a70224214aL,0x61617b515cb2d019L,0xc560c24bcb4fc6b2L,
-        0xd0ad737943670d99L,0x08cdd32eb83112a8L,0xbe57493d7e29810fL },
-      { 0x7834124899d4523fL,0xae1a5857cc8e5fb7L,0xf8b62a59b8454efaL,
-        0x7c63c900ab0f4729L,0xeef9243d72dd0f5fL,0x6b865dfbad766386L } },
-    /* 34 << 294 */
-    { { 0xd11536eefee626b8L,0x1d2471dd8077b5d4L,0x7db062debdb9a4dbL,
-        0xfcc62c0ab9f808ebL,0x619b54c6ef392bc7L,0x81e146fc51b9f5c9L },
-      { 0x0343807c7bbd52b3L,0xe024a9f1572125c5L,0xf8b886d86c57cb31L,
-        0xcb92aa7d5398a318L,0x4ce0870d2410ef34L,0x1a40c103f8366683L } },
-    /* 35 << 294 */
-    { { 0x46485baa7bb78552L,0xc0f685f23e6a3f0fL,0xd24970b5fb3cc0ecL,
-        0x0d1f380e7bf91feeL,0xf0f7fcafe7624351L,0x27cb99bc697a8055L },
-      { 0x55be14685cdc7560L,0xf006927927ba7f93L,0xb0c25c759fdd0e70L,
-        0xda82e73785818253L,0x7d40d86946304c51L,0xe06ea6fdcc18ba58L } },
-    /* 36 << 294 */
-    { { 0x99d37ade6b65e17aL,0x61ca538e38ce217cL,0xd3ea83f68ebb89edL,
-        0xce6611eb4b02964eL,0x0ec7cc2f5c0a8e44L,0xa985b0c2974240a4L },
-      { 0x7a3abb6c42ee5b0fL,0x55f049a0cb2eddadL,0x69348b027c44a60cL,
-        0xcabc65191974a8c7L,0xd9def4bc07b91a35L,0x684a2d71b93b34c3L } },
-    /* 37 << 294 */
-    { { 0x21c37d21f48f274cL,0x2de96b4da082a098L,0x82520e0ca606b6a6L,
-        0xf76c9ec6e1050b81L,0x248c5efbd1ce149dL,0x5a36ae1e9a909790L },
-      { 0x8790b09bec8b43afL,0xd592dce560ff709cL,0x726d699724cc8e21L,
-        0x61e37bef5e2cb745L,0xd55a68c26eff3ba0L,0xd47f02659ad265c0L } },
-    /* 38 << 294 */
-    { { 0x3e6351ef3932ef94L,0x65625878db5d64e6L,0x118a688e091ec7b7L,
-        0x2a95072abdf60b88L,0x5200703540dc0afeL,0x59c3d90b6fc1cbffL },
-      { 0x5622b1b21dfb1a7fL,0xdcb0344834d92243L,0x18fccfa86d7d36c4L,
-        0x5d43a14181341761L,0xef375542eaaee79dL,0x4e4667216999d399L } },
-    /* 39 << 294 */
-    { { 0x1bca97aa9d3c6b9eL,0xb4bb4f95095cb250L,0x4f2c216a996fb52aL,
-        0xc4d01916f379790cL,0x510882a4359df53dL,0x6457d76a671d6a8fL },
-      { 0x0ded2623061f7d64L,0x3cb4f38f1ce7dcf2L,0x0d86313a224ffa88L,
-        0xba8a15012b99aeb3L,0x2fb92183d69f72b5L,0xd3b9d6daf1fdb8f0L } },
-    /* 40 << 294 */
-    { { 0x5d573a3a0b6320aaL,0xf9ac8ccf289b6700L,0x8bad05cd8f28dd72L,
-        0xe2eabd446b62c306L,0x60f70353906ef302L,0x147cdd0c367a768eL },
-      { 0xea9d871635a9e846L,0xdd71e80aa8684430L,0xa56a5ccd530768a8L,
-        0x59d241270a3e42f6L,0x707cbaf0faa367d1L,0x5419b14f52a0cbd0L } },
-    /* 41 << 294 */
-    { { 0x625bf4e6d991d842L,0x56b95a56a81daaaeL,0x2101137c9911bdadL,
-        0x1141b0a1bbded1c2L,0x85deb889d1df8d43L,0x51e3e17edac3e376L },
-      { 0x5d31639381fb19f8L,0xd1cb634b92eed2c4L,0x72a6ed7b943746dfL,
-        0xd55f55fb22b85e00L,0x255b025804193aabL,0xd0b94c5d86a78c96L } },
-    /* 42 << 294 */
-    { { 0x121c15d859c3556aL,0xabe25c21864380dfL,0x2de101832627f78cL,
-        0x19988e4b4bcf4a0cL,0x4ed3aad8a2f9cb52L,0x50f8cef5b2b257e1L },
-      { 0xab0b000c49f7f596L,0x6cb997471fb9c471L,0x331974b95fefb8f4L,
-        0x57cf97578e2e0e5cL,0xa82a8d06174a626cL,0x40ef371b03e80567L } },
-    /* 43 << 294 */
-    { { 0xfea713e1324cbab8L,0x738885e61897e7baL,0x8234ed08126aaa13L,
-        0x4f66467661ed1548L,0x61fdc2aa172c432bL,0x78eade7c9ebf0a29L },
-      { 0xd50ae7156aa104a9L,0x977d7a605536df98L,0x024014bdc9eb983cL,
-        0x75d53c0585e21649L,0xc181d67098404cffL,0xe00f5f5dfdb3f05aL } },
-    /* 44 << 294 */
-    { { 0x3cfe2987d10542b1L,0x5935e0dc29f5b006L,0xce5932d6d83344f2L,
-        0x67aab7ad9800a6d5L,0x3ef2b0e765073619L,0xc381a99454aa9ccaL },
-      { 0xbf069577d4011571L,0x33b70c5d4d1ce997L,0x801ba41c758c9b1bL,
-        0x6c2dd5ec36968958L,0x31820ca087921665L,0x0b7f0d337ca55668L } },
-    /* 45 << 294 */
-    { { 0x0b099a5afce6c55fL,0x91d1caca408dd628L,0x42a5181165449db1L,
-        0x540935b040715d49L,0x8feabc5433b00823L,0x7107c06240c2485fL },
-      { 0x13f307ac4fea64e4L,0xae4ec4a713a04327L,0x8297be380eff71f5L,
-        0x3434286f1ecd0b2eL,0x4d7a5456a3e9d625L,0x657f950b6a0d04e2L } },
-    /* 46 << 294 */
-    { { 0x2237f78ecebadb15L,0xa1184339da01f9e2L,0x542c3354ef37abd1L,
-        0xbec90883de982d70L,0xbacdbb9c457d3024L,0xf1d167c19840ea52L },
-      { 0x9ed827d8433bd3cdL,0xf4e5b4231102fdf3L,0x2038c92fb63d6056L,
-        0x490cb0188eb9ae35L,0x776331b87c75ffc8L,0xafbe7c6a3fe2e400L } },
-    /* 47 << 294 */
-    { { 0xf668460c9176a02dL,0xa843a70011d322a2L,0x6424f0e8a8c5d1c8L,
-        0x0b45a1ab1bc440e5L,0x3b740cb11c3e391cL,0x5aaa89c4d5850e1bL },
-      { 0x77739ee6d632c592L,0x171fd350fffe373cL,0x6a648fcdbd7e83beL,
-        0xd98650c6b619f4d5L,0xa4e4ae5438dea07cL,0x10001f5afe0bf5c1L } },
-    /* 48 << 294 */
-    { { 0x31cb896b57dfc732L,0xc6b74a1edc323e91L,0xd24a41d0f11b04f6L,
-        0xb609a26dab8f7159L,0x96d84b372adbec34L,0x154f5307d24ae7f6L },
-      { 0x36dd3243e10eb34cL,0x055d3b714f6dbbd3L,0x30b1efde36d0c561L,
-        0x3846925ce9bffd15L,0xaf401286aa99ba07L,0x3a191267fd48b839L } },
-    /* 49 << 294 */
-    { { 0x67145f18e42a26cfL,0x580857fa491122d7L,0xa4e2db8dd03b5071L,
-        0x47a39a0d3e379882L,0xb6bfe4b35970766dL,0xe40f4daea8bce767L },
-      { 0x38f199a7e812a217L,0x1407f98d97eec7caL,0x25d6f750236a41a0L,
-        0x644327340e811ee6L,0x84d5d9c9dddd6e5cL,0xc1b6ef13c44cae4eL } },
-    /* 50 << 294 */
-    { { 0x79879d4f6714e8daL,0xce409617a17abd07L,0x6f2b14d008a6e685L,
-        0x817d467409b5e150L,0xa1181873eb51b966L,0x573ba855da6b9544L },
-      { 0x836ec3e5c4a37013L,0xb8da1bbe93fded69L,0xdb5bb6f16edff4c1L,
-        0xff30b837f1657d36L,0xa20cf000223270b9L,0x29d60562d44a57cfL } },
-    /* 51 << 294 */
-    { { 0x0d6f36b9b98b029dL,0xc4cd72d07a371233L,0x23bd419e4f95cd4cL,
-        0x2c95b0a2b80d1e13L,0x0f76e62f7edfbef1L,0xd077194dd303a470L },
-      { 0xd6e20e7cd1b50934L,0xf4201fca2dfeb806L,0xa57dc150bced28faL,
-        0xa84d621be3172301L,0x119768fe9aa14d6dL,0x34f1ae864b363253L } },
-    /* 52 << 294 */
-    { { 0x2fc83aa3afabd13dL,0x521b745f53c45a27L,0xc6f345a660c18225L,
-        0x9609076eb5faa47aL,0x8bdd97fd535388fbL,0x8f5f3bd6e7fd7e87L },
-      { 0x6de4454c1c8e1d5aL,0x8d61ca3b2b35e823L,0x93b66fce4672d30eL,
-        0xcb9d601721d09ec5L,0xef98137fb1de06eaL,0x45e212758b051877L } },
-    /* 53 << 294 */
-    { { 0x117b89e9ee6e35f7L,0x2ad205aadd203ed9L,0x3f6c950c0689bd4dL,
-        0xaba1e4b342f20742L,0x67464b793e22f0d1L,0x74436dfdbe0ad6c1L },
-      { 0xc4a6e964c1470ac7L,0x853ad39b361da35bL,0x261c6fd6a187a6abL,
-        0x08d7e89d59fb860eL,0x158e2697e8f88299L,0xf3f1f6f34b04a8ecL } },
-    /* 54 << 294 */
-    { { 0xbdfb8d006b562705L,0x76dbc217ed9f2aaeL,0x62f713778cfd02ddL,
-        0xa05eed177a5d27e1L,0x60082379a006983aL,0x312af914bf7c2c05L },
-      { 0x7d163fe76c8500fdL,0x722a35299d4d0dbcL,0x9b4c5c3539f93a78L,
-        0xb193734c34c7ec06L,0x457db178cda87a84L,0x088dae087f816e0cL } },
-    /* 55 << 294 */
-    { { 0x746e73055896ac5dL,0x1d8326c21a7b69f1L,0x695197743132a40dL,
-        0x3899f8a03f58720fL,0x2c3070a5df0b7fb2L,0x49bc59f2acb839e3L },
-      { 0xf7d5d3f66b8f5a9aL,0x704ed893a4c3b570L,0xbafde26cab591c03L,
-        0xc447dac83388a62bL,0xda80991d4416acfeL,0x1625c9151e729d69L } },
-    /* 56 << 294 */
-    { { 0x3104e59e6b843647L,0x4eccb42720bad138L,0xa575b8e150efd6a9L,
-        0x68a6b7055a6e4729L,0x670306798f5b2a22L,0xb2cfcf81df9253bfL },
-      { 0x9c3eeb19b8f81c39L,0x082ca86c986b4dfeL,0x1f64eca250250d8eL,
-        0xbf26bcfb67f0c713L,0xbc5d0e2a49b609cdL,0x175acb34e6aa3c76L } },
-    /* 57 << 294 */
-    { { 0x5237d7368c53aae2L,0x2a88098bbdbc0b10L,0x18f1af11cec6db6bL,
-        0x12c23392c4e08b3bL,0x23b652bf3eab43f3L,0xb79feb949f3dca0dL },
-      { 0xb71e311d2b24e0d9L,0x85e48aede37a0f90L,0x93e8a0e753200b6dL,
-        0x5d44b87226bf3a30L,0x466c31d1d0496b98L,0xabec12f7dd39874fL } },
-    /* 58 << 294 */
-    { { 0x58bc23928ca41326L,0x0744ba8524aa5067L,0x900e7e9baaf80bb2L,
-        0x510bd122aff38fe1L,0xf90dd6a1002b277bL,0x829379dc81bf7df2L },
-      { 0x5443b8736372d502L,0x124c2abab5b6f9a2L,0x88b237a4d6020c14L,
-        0x3542215108f7a498L,0x39e84240e6234eb1L,0x43d721dfcc5827eaL } },
-    /* 59 << 294 */
-    { { 0x43e7597234658dcbL,0xed936b96bdf3a7caL,0x74acb7f60f1923abL,
-        0x6a52b28cc007995bL,0x5abf2909a560fbf4L,0x79d571dd256bf1a8L },
-      { 0xa8d51082e4c3281dL,0xc0d6f8aa0b9fdd38L,0xd589f2c57ac30640L,
-        0x6abb8faf07635c58L,0x2af1b083d7520b0dL,0x18b9f6c893b951fdL } },
-    /* 60 << 294 */
-    { { 0x32e678b4c1ba956bL,0x9e8b137248f32982L,0x9b380a118a8f262aL,
-        0x5c2d6ce0807f6d1aL,0xe99c2e909f1b3fa2L,0x6a0c9e4a7c4bb836L },
-      { 0x30d80329ee8dac83L,0xabcf7b76b60bd5fbL,0xc589a0c8c14d56d4L,
-        0x9e40af665de24d43L,0x932f4070230f8331L,0x96bba1c19b87948dL } },
-    /* 61 << 294 */
-    { { 0x8b83af0c4efaae9aL,0x25e55686770c85cdL,0x0beda54fede0c999L,
-        0x6c5749398d249a2eL,0x520ac2ba2f476146L,0x162e482de95b05acL },
-      { 0x2d3d19b6c73a32daL,0x945e5e3c33fd2c48L,0x361d9770a36b4ee8L,
-        0x8aed760d014cacb3L,0xae66e5de5ae302c7L,0xb5fd5959b5d4d6a4L } },
-    /* 62 << 294 */
-    { { 0x25df58ff147da470L,0x1b3941ec3f4e3e98L,0x7543b1227aee3587L,
-        0xb7bc2b31b4a28218L,0x8628b5400bb3224fL,0xe3e7644d373222e6L },
-      { 0xb4e3269299244dc9L,0xe72c679d49781bcdL,0x894d9eb0bb6f0700L,
-        0x4a08cdbc443c3639L,0x52c4d04e5baeb02cL,0x53f550ffb5f93552L } },
-    /* 63 << 294 */
-    { { 0x2b908f693c1f524fL,0x59fd6ae7090970ceL,0x595e15721eb9ec29L,
-        0xa55adbd6fbc4f04cL,0x575a2344bcc38bf8L,0x89397944f2b659b7L },
-      { 0xc77532a18c87fe8bL,0xa5a75677de4c9eefL,0x2e3d873a0e4a1704L,
-        0xe18ff4fcc4d02aa1L,0xd842074275573a79L,0x0fcb532115296dcbL } },
-    /* 64 << 294 */
-    { { 0xbcc88422c2ec3731L,0x78a3e4d410dc4ec2L,0x745da1ef2571d6b1L,
-        0xf01c2921739a956eL,0xeffd8065e4bffc16L,0x6efe62a1f36fe72cL },
-      { 0xf49e90d20f4629a4L,0xadd1dcc78ce646f4L,0xcb78b583b7240d91L,
-        0x2e1a7c3c03f8387fL,0x16566c223200f2d9L,0x2361b14baaf80a84L } },
-    /* 0 << 301 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 301 */
-    { { 0x7a1a522b246dc690L,0xb563cbe14b61ab70L,0x41bb4abe3d4ac4abL,
-        0xc52950b337f996e8L,0x01d991e679727761L,0x35de93bd978fd7d2L },
-      { 0x86bad5e65706d336L,0x10844155e7f26c20L,0x58ffeb7705757453L,
-        0xbb1861293939df77L,0xbfdd394a6a78ea0fL,0x907ff0546e33e1d3L } },
-    /* 2 << 301 */
-    { { 0xa7f295320df93b34L,0x855934f25c14df30L,0xd2f54ce9efae348cL,
-        0x5acb931cac52758dL,0x287b3e18d22961a4L,0x42a5516d748f8fe1L },
-      { 0x1b62b341877224caL,0xaff58db3d30a4aa7L,0xbad78dadbe8da847L,
-        0x85fa710954f18276L,0xe2cc9d287c4bfdadL,0xbb131f762c75f237L } },
-    /* 3 << 301 */
-    { { 0xcdcdd7d703844670L,0x79ec59afb4a23f91L,0x5923c569c00ce5c3L,
-        0x099c17ffc589d0c7L,0x0335eeea89fa6fe6L,0x916bcacaa4e868c4L },
-      { 0xb7037325fb687bd5L,0x57d6bca79853b564L,0xdf3132efd5e26d28L,
-        0x7ed994b8de919cbeL,0x12df67cd6fbbb18dL,0x516e07c06baff508L } },
-    /* 4 << 301 */
-    { { 0xf2ec9ef597e833e4L,0x97bdef9734ec7e41L,0x90e2b2387d2ac6e3L,
-        0xcf682b120318a3b7L,0x7fe76089ea84a7a0L,0x85c489f916546d05L },
-      { 0xf987118f6abdda05L,0x675cf998aa4b95fcL,0x544c7774888a7e8cL,
-        0xbd2647ba63ec5831L,0xb479cea3fd2fe985L,0xa042134528d163e8L } },
-    /* 5 << 301 */
-    { { 0xd93506a4e5947c6fL,0x4340d76a39b81d08L,0x741aee5917930d30L,
-        0xfea3d99a18fdb81cL,0x1088ff6b289bcb07L,0xc6b45602b7c082c6L },
-      { 0x50e2baab453d8d69L,0xda9bf561e893e183L,0x0af25f86b29a284dL,
-        0x0e92e67473e01380L,0xe173a0e32be00e59L,0x402d2f3dada8954aL } },
-    /* 6 << 301 */
-    { { 0xca9cb3890399721dL,0x03ad9f4aa3291479L,0xd85b5df56dee003dL,
-        0xe1fa7b0264a4f83aL,0x01c4cbfdb73f7324L,0x707010d45cf2ddf4L },
-      { 0x3c6df430b12e02f8L,0x921a290185531489L,0x302fc77c91d1022cL,
-        0xc3733ec0342d8f3fL,0xb83bc75f6195a665L,0x4a14b9e7a79f8027L } },
-    /* 7 << 301 */
-    { { 0x9f0e5428e2a57359L,0xc690a3c714998c16L,0xd73c3ca2de37e07eL,
-        0x2ddf91b8dba0bc0dL,0x69d834b27570ae71L,0x2ac8bed4735195a6L },
-      { 0xcd8c51ff3b1fcc5cL,0x7aa8cf4e1ba6863fL,0xebb69e72ae70f428L,
-        0xa29409dfaa9e936dL,0x43f6ee805a332b9bL,0x0de49efac2eab0a9L } },
-    /* 8 << 301 */
-    { { 0x04baa1762310333eL,0xdc75e35f7b9bad46L,0xc4a6031dc6cd6108L,
-        0xba2534d030bf87a5L,0x7ebc6e2131e497ccL,0x8a2a82b4851fd665L },
-      { 0x9ecae0116d5faf40L,0xfa3a6d7f96956ecbL,0x39e8a9c22fa52782L,
-        0x74c93801236d442eL,0x8b21ba23b1c289ceL,0x7f3e221b25c769cfL } },
-    /* 9 << 301 */
-    { { 0xed800e4d08aa4dfdL,0xf524b107d8105bc7L,0x8c4addc9ab07fc03L,
-        0x2b0f038d26a71b4cL,0x5055c471a83d19a7L,0xc6c5ecba27e20a5bL },
-      { 0xdbad26b7aaeaa017L,0x4e3abc20d2493554L,0x626310143a0c15bfL,
-        0xbafcc06798cec55cL,0x9204e17ce6f87607L,0x8f1c10eed9302c05L } },
-    /* 10 << 301 */
-    { { 0x53680ce08afe59b9L,0x36a3cec75665022dL,0xb3a5091654490b50L,
-        0x803d383f0838f0aeL,0x65531a008005ba2eL,0xb7fa6b4a1241a17dL },
-      { 0x9aaec449b17e07bcL,0x19b7d9113d190dd0L,0x79da42457fa5e7feL,
-        0x725bd045598ad850L,0x49f96cc45f94ee82L,0x114bbcbf03850eefL } },
-    /* 11 << 301 */
-    { { 0xf566a287d43a6db8L,0xffb8944b2aeb120cL,0x3e7099427e294c1aL,
-        0xce122b126c31214eL,0xe59b280c2a21282dL,0x03916e2ba01a4fc6L },
-      { 0x56e65da29f5e409cL,0x374d3dfe7f5c3e11L,0x150684fc13967e2cL,
-        0xfbed4f5bdf4bc38eL,0x5973c67182e54b82L,0xcd36c873363f307bL } },
-    /* 12 << 301 */
-    { { 0xcb42c5617c3805d4L,0x0e74e75c3b43a8b3L,0xfd58f864369f579dL,
-        0xf471aa774a3dfe97L,0x2e0dbb51ab37bd2fL,0xc4704487729c887bL },
-      { 0xcb7958a9cff32948L,0x3e36de368505e71fL,0x2232fd2dd38ccfbfL,
-        0x6f3c502042005175L,0xd1280a3e306fb63bL,0xef7abd792e368ee9L } },
-    /* 13 << 301 */
-    { { 0x29c5712d56ffcac3L,0x20307670e1a8e0eeL,0x676a23c26356aea0L,
-        0xb9c17e3f432f15d5L,0x0008512e287c5705L,0x6ae2704bc5f7ccfeL },
-      { 0x6a200db709a13b60L,0x24fb1e9241043271L,0x2e455e9741b766a2L,
-        0xa11ff26fbe056684L,0x3cfb8a64ad9178ceL,0x5786978d5d675b79L } },
-    /* 14 << 301 */
-    { { 0xf4cf2c8e6070a72cL,0x0bd73aecabc3251cL,0x1af44eff17539f67L,
-        0xec3ee99e44e8d8f7L,0xba698f6a279afdf7L,0xe871accfb771d4a1L },
-      { 0xbf92963d8bb0f264L,0x817b1fcfb10716bdL,0xf57580786b23076dL,
-        0x994ff3c535a994cdL,0x05d984e82604847eL,0xd728e292fc9f2e43L } },
-    /* 15 << 301 */
-    { { 0xa44bf023b900b696L,0x1f82fe54037bb770L,0xa6d12f820717e747L,
-        0xf154ac51e3b83029L,0xfbd343128cf3984dL,0x7f734beaa76c72c2L },
-      { 0x05c5b443114548b9L,0x4ce414f396af4132L,0x1474c0b79d080a7aL,
-        0x865827c6497366a3L,0x34760c457816a0a8L,0x6da2474c15d2a176L } },
-    /* 16 << 301 */
-    { { 0x761e10e2ca114c4aL,0xe39d121d894301b3L,0xa0870ff43dbc6fcaL,
-        0x97651286cbe0ba8aL,0x47d46075c0f1ff6aL,0x18669c843abeb5b6L },
-      { 0x1234c80ead8d9309L,0x1ccbe4d51f6f97ffL,0x399a2d41d82ab780L,
-        0x8a03afafde426e50L,0xa2bcb109ca6dde77L,0x840e13b00618f5ecL } },
-    /* 17 << 301 */
-    { { 0x9552a8184929f7eaL,0x514e9ce9acc61766L,0x03159a525a219015L,
-        0x5efeebfa14eace54L,0xe8a3736f853da94dL,0x3a0f334ff45e8a32L },
-      { 0x71ebab39c9dc65c9L,0x6ef37f49d7c24f39L,0xde3d45f8b24a9383L,
-        0x7193bbb80c218869L,0xa1bdfd30c0f7b6beL,0x82b2c4c5c1d9206aL } },
-    /* 18 << 301 */
-    { { 0xf9d9b678b197099fL,0xfa8548c4c15b2bbeL,0xa36f17fbdd2817beL,
-        0xb35597021732d1edL,0xba145100744f3955L,0x7c274633344b43a3L },
-      { 0x9b0ee7c8686b65a5L,0x438eaf4823f0e973L,0x79a658a7288c5019L,
-        0xf6d938c546d04413L,0xe39bf9a6a6cb9853L,0x880d5b83801b70ddL } },
-    /* 19 << 301 */
-    { { 0x8f23f00303825482L,0xc4a9f214a6b35023L,0xf0905573794e7de0L,
-        0x7ff790144dd68979L,0x8d9c14942959beffL,0xdb34474f82282e48L },
-      { 0x423bdfa281fde794L,0xfc31e3e792a8810bL,0x19d316ba8bae4eceL,
-        0xddcf30b7159c1386L,0x997968a38e7d69dfL,0xcf67ae9aa6b21be0L } },
-    /* 20 << 301 */
-    { { 0x877866a3697b4dd0L,0x32a872f4e76481aeL,0x300387bad609cc04L,
-        0xc761ae79d74566d4L,0x9fd3e5bff22e2d24L,0x363ef5bf1c46bc0dL },
-      { 0x121b25bce299a690L,0x7932471dc2d32b7eL,0x7f89692e94bb4272L,
-        0xaf9cc4111a3ce076L,0xaf02ea22ea02e452L,0x43154e581d19dc60L } },
-    /* 21 << 301 */
-    { { 0xd9389e05e25dbe97L,0x3a8689b162b3afe3L,0x4d5556467014953bL,
-        0xd6894c42af5ba9bcL,0x4b233690b3bacaa6L,0x0fc8ad07fc191181L },
-      { 0xcd3a1e4df0764f39L,0x18a47233d79567f1L,0xf0f9eb765f921f79L,
-        0x7f3d814d19d12a7fL,0x5e48cc36ff33a995L,0x9589679b8960331eL } },
-    /* 22 << 301 */
-    { { 0xa2ff78bb477d7226L,0x3216fcc085e04a8bL,0x7c594f81e4c3c24aL,
-        0x075eefaa029d6ef6L,0x5ae51000493ab006L,0xcdfcc6939ab165efL },
-      { 0x50b7eee276073bfaL,0xee52d55b3b60cdb4L,0xc7f7b3af45027275L,
-        0x01d5444ac15b2ecbL,0xdf56f8c12a61d1e1L,0xcf032e7e4992e1bcL } },
-    /* 23 << 301 */
-    { { 0xc8a4dfbf15b6d8d5L,0xcb34e0e4e87ff88dL,0x6dc95befa6ebbff6L,
-        0x2a55ca1372ff2cc0L,0x3c4c0f3c6a62588fL,0xa8de444ece156917L },
-      { 0xced7c4523e55eba1L,0xa109b7949f05820eL,0xa021717e0e6c318dL,
-        0xa0156b8d0b308f5bL,0x3c65ab9daa6634baL,0x1666e650e2839e0eL } },
-    /* 24 << 301 */
-    { { 0x0d27500f9ebe3c40L,0xeb9ac1022b700fcfL,0xee7578f8610763e3L,
-        0x6e56078f47ef08feL,0xa8d03a7f047d04c0L,0x2143606f27cc8aa3L },
-      { 0x6b08eb383b004721L,0x1f505c0dc4e36bb6L,0x6f9b869ae3f10ba9L,
-        0x3bfb9833e500e846L,0x6d975557b9171b1aL,0x7af9cf4f18fa0045L } },
-    /* 25 << 301 */
-    { { 0x35bfb51b3b35836dL,0xc834e59003b0fba6L,0xbe6e17d378937ce0L,
-        0x2f796f7c4daa9aa8L,0xd7896a0ad310eba9L,0xda258ab05ea4056aL },
-      { 0x2d872d2170626628L,0xc9b26d7c2ee433f0L,0xb176220ee72f7491L,
-        0x4869adcd895e9b52L,0xd37540e4d3a6d786L,0x024aff303a86b44bL } },
-    /* 26 << 301 */
-    { { 0x5e78606bd8424b90L,0xc83a5af9ebc9c9fdL,0x8d5b63740b65ada7L,
-        0x4d01d6a221fca70fL,0x8ed7787ba1838061L,0x29901318f4a1716eL },
-      { 0xc4d260527f25fd2dL,0xa66dc0a98b5147e0L,0x4355e26c269d726fL,
-        0x1284fecce3a27644L,0xc9aa6cf7f98e1d0aL,0xa25ac1be3ff560c9L } },
-    /* 27 << 301 */
-    { { 0x5bbb87ded64d103eL,0xcb53a2f24d20fb37L,0xf8a9c2993a46b892L,
-        0xb552910ca793aa9dL,0xd09e5bea51ef0806L,0xb57a0568e0c3817fL },
-      { 0x9ca67c5f4e85598fL,0x04f6361fb0336008L,0xf028231b580afa5aL,
-        0x8d938c0ef2bba03cL,0xa5984c1f894f37d3L,0x62ead7f4af695ac5L } },
-    /* 28 << 301 */
-    { { 0xf897de9213a48775L,0x505e21681b0041bbL,0x9f5533aad598ebb7L,
-        0xd552ae1e1e87b2fbL,0xbb35a6319b736f5aL,0x391ce7dcc3a4c54aL },
-      { 0x4c677d87f90124d6L,0x2ceebe51a9292210L,0x8882ae3133c63951L,
-        0x8222c6482d44c9d0L,0xb97511420d607658L,0x3a999028b85f5997L } },
-    /* 29 << 301 */
-    { { 0x7b23f424eabb3f68L,0xa622a3ba4294750eL,0xb382b118e535b446L,
-        0x7dbab9ee5fab292cL,0xcfabbfb037fe2f8eL,0x2283d7606670925bL },
-      { 0xd18e90715be9d07fL,0xe191daa7d257745dL,0x86d59808df915e35L,
-        0x87f68d5987370b6bL,0x76b9d255f945ac1eL,0xdcf9e8f2dc94ddbdL } },
-    /* 30 << 301 */
-    { { 0x004f1db65b986506L,0x5da683c32b0d22acL,0xf2afd1d85ee0c71aL,
-        0x3b99a78a8f2ad25bL,0x8145d2ffd1c0cb69L,0x4511dc4e4009a536L },
-      { 0x5539e8b8a5cb0c13L,0x4f8fd0186aae4603L,0x15dde4476d2365f3L,
-        0x7cb887f7380df270L,0x815343a6a741b88aL,0x81a085e4bf99e7e1L } },
-    /* 31 << 301 */
-    { { 0x37d0460fd647fbd6L,0x2ccc7b01b9541f89L,0xec0e8826877a1b2fL,
-        0x54d9e611cd462979L,0x016e8458453dcce6L,0x99b5dbed20ea6a24L },
-      { 0x64072ec778550386L,0x279fbd9959d02307L,0x7f2ca27e9183bfebL,
-        0xa191d6e8bb5132f5L,0x2b9f6163ba49ee68L,0x5a58a11fa3ee1672L } },
-    /* 32 << 301 */
-    { { 0x15d47e52ec645a62L,0xabe0ddb38d6d4423L,0x51226a3070cddb11L,
-        0x63a253d32b5a8db7L,0xe8be4d1fbef37d65L,0x41e625d9c0920b91L },
-      { 0x08b713a8d9d040ecL,0x467fb08dc450cdbaL,0xa8975877917ee393L,
-        0x294792e91528cd12L,0x4512dc8c37daf6aaL,0xa83becc9197a99b9L } },
-    /* 33 << 301 */
-    { { 0x1b7bfdb118815b20L,0x1aa602e8629b81b9L,0x11e6df9d199aa5abL,
-        0x1a521728bef9296aL,0xeba3e03b89e127e7L,0x6e69893553dffcf2L },
-      { 0x24355785101615e1L,0x126b4c5282e42593L,0xe344ddd85c23144bL,
-        0xc73a49b3746c0ca2L,0x1ec2432be6f63f9bL,0x6080ba870243120bL } },
-    /* 34 << 301 */
-    { { 0x6ab2936a4c3e946aL,0x8de2e0ae3ab052f0L,0xcaf8c35eea109739L,
-        0x21d69383032418c8L,0xefab535ae7ee60faL,0x1a3a1be794b44fabL },
-      { 0x0842aaa5eb911cbbL,0x789c2b7e0286862dL,0x8bff708715c0b148L,
-        0x71100d79d8d7faf7L,0x47caa89a6dfa0c8fL,0x82385cf44b546332L } },
-    /* 35 << 301 */
-    { { 0x4f5d8c35e4b814fbL,0xe534b7be6a427f92L,0x468fb2819ca1d37aL,
-        0x8c1c86347949961cL,0xf9d00305db0f7f19L,0x77534b3a976f7102L },
-      { 0x94ecb7933f530710L,0x072f6fc7a916827aL,0x9247acdecc926f8eL,
-        0x0d4a8997281d0a50L,0x659712669f353507L,0xd4730a15fde80a6bL } },
-    /* 36 << 301 */
-    { { 0xde68ca25bd37b630L,0xcfa9d32ca899d623L,0xaaeab905937c9ba8L,
-        0xcb261334348ed39dL,0x8d12531fc77e1512L,0xfb7934b6213b63d1L },
-      { 0xc6a6fb0096a13f19L,0xe940f3aac8f88d6aL,0x014c7f95c3d2829dL,
-        0xc33d87e9fff01f41L,0xbf9c3c23c5cdcb4bL,0x8b8c0afe5d5be5c1L } },
-    /* 37 << 301 */
-    { { 0xe4f84bf12aac2c23L,0x5bde1744f823f90fL,0x65ffefbc02d5bbe2L,
-        0x385aff9332a3b756L,0x3813f2b362abfdacL,0xbbb444cb0a144325L },
-      { 0x0cf9d137ec625be1L,0x86b8fcd4c143816bL,0x03f7a9d060ac32d8L,
-        0x0428daf9366165b6L,0x6ef94260d2a806d0L,0x94a100a598134bb5L } },
-    /* 38 << 301 */
-    { { 0x4b68325ca4a34cb5L,0x74f41f7639fada89L,0x34bf397236e593e7L,
-        0x0cc75d461c6179c4L,0xe62d5ba577d711e5L,0x7bec1be7876964c7L },
-      { 0x768f35d13809fc73L,0xfe55a9a57dcf1703L,0x86405336e69d3390L,
-        0x68f5ea2d00bfc544L,0xd4cf822b4834b2d8L,0x77dc1ac22b0d3ad6L } },
-    /* 39 << 301 */
-    { { 0x45603dfa0337f57aL,0x50623184344b6968L,0x3fb9957ef160d9aaL,
-        0x40eef1697c8db44fL,0xa8f394e98bf71121L,0xa55ecf3b86a920f5L },
-      { 0x1f3c1f22bb0822e6L,0xb3c2f21357747a3eL,0xfbdb4465bef56f08L,
-        0xa9844890a46ac73fL,0x3fd564a5bde3652aL,0x008cc1a97c653c82L } },
-    /* 40 << 301 */
-    { { 0xcfebe027ca0a98d5L,0x946b0d9aa8914697L,0x00f89d16725ebd08L,
-        0x94c6f2b07a584e8dL,0x095ac9cc911cab58L,0xfc9c3b499c4073c8L },
-      { 0x265919b0c7233aa8L,0xe6c0c7f474be5217L,0x6db597f1815a70a9L,
-        0xdd9e4a101c5fd35aL,0x38b8e35112d52a8bL,0x5d0ed83f2ef20fabL } },
-    /* 41 << 301 */
-    { { 0x4f47e10a6c96b43eL,0xe406ab39f3d744deL,0x1caf45d83c893b01L,
-        0x4f089452a7582ea6L,0xc02f58cd62b5a868L,0xf6532017c2a9aa7bL },
-      { 0xf0d8bf6f32b01bf2L,0xfeec5f68a97246f3L,0xb2ead70a1aa7c238L,
-        0x1a1d6f77ad83e05aL,0x4b7110533dca7e9aL,0x44a89fb85f96e5adL } },
-    /* 42 << 301 */
-    { { 0x86a7ebe0f02461f3L,0x6a7a9cc6862282c9L,0x7f8857944a97e48bL,
-        0x191244cd20662db2L,0x8d85175183489311L,0xfbcb17b0f934c1fdL },
-      { 0x33b4d86e032a7bb3L,0xa99864cb573f5c28L,0x49fe8e799c4f12cbL,
-        0xe34c32e32c8bb49cL,0x5888421e962d6d9bL,0xa317c2d1bf1be44dL } },
-    /* 43 << 301 */
-    { { 0x3454c424cc1dcbbfL,0x67e61434aac98717L,0xfecd8125cc2d3044L,
-        0x2032be70df7f8891L,0x04c5a0c81028059cL,0x6563dc8c76ade6b7L },
-      { 0x9ff3815192f460aeL,0x8c2c3c632d54785dL,0x1fa99d8e43eabf60L,
-        0xd75d9559383be317L,0xc9ef068e3dfc908eL,0x2217c8c1959d3e6cL } },
-    /* 44 << 301 */
-    { { 0x5828d71bf2e5f345L,0x8b756075929fe375L,0xca625ec12c43a6d1L,
-        0x08cd01f53b31e127L,0x56c622619cfc1be2L,0x093ea207b3a6caeaL },
-      { 0xdf53b20970b42dc9L,0x2d2dfdf2235f4aa0L,0xcaac3b3598786c94L,
-        0x1ce1f893b4998150L,0x40341c41526a98bdL,0xef39e97eedce5288L } },
-    /* 45 << 301 */
-    { { 0x08cd60d461ea4256L,0x8031748b9461f861L,0x9c96e1f9019c7908L,
-        0x7e6e08f4e46bcf7dL,0x8e8408f123ffa986L,0x0bee857ed467288bL },
-      { 0x702fa8536e36fcceL,0x3bb25fa905a89edeL,0x642105f4e96866ceL,
-        0x6a5207cc16e37536L,0xcb6a96d1372a3e06L,0xb1c7c85a1da6bc6dL } },
-    /* 46 << 301 */
-    { { 0x0bb97497a97a3316L,0x9416659ce402a800L,0x79656970503a2314L,
-        0x0070a7eef8007c50L,0x8093cd4372624892L,0x4c0ee444f9b96830L },
-      { 0xc7c10b9fe300c49bL,0x97f5f90a5f7baf99L,0xf04a5a7cfaa064deL,
-        0xd5b01fa6b0c111fcL,0x4d12d6fb65d8a2b7L,0x807a381c27770e2fL } },
-    /* 47 << 301 */
-    { { 0xcd1aeeb43b6a9c22L,0x7fbdc6c19d71dcd0L,0x9bb43b6e6221669eL,
-        0x1b76f2bf526f8a00L,0xaeba54302efdf661L,0xe1f623e745537bbdL },
-      { 0x340966ae067c5f4aL,0xe2cdb27e4799b2aeL,0x9aeec5989b8458e0L,
-        0x1d0588487655b632L,0xa5ffe5897abd70b1L,0x84db43db6721054eL } },
-    /* 48 << 301 */
-    { { 0x3b21dc1f538d92d8L,0xc80b22b3c005aa86L,0xf536e5d30da87d65L,
-        0x4ce10edf0cd999a0L,0x8949181450e08f5dL,0x77fd8f2e526647e6L },
-      { 0xcb207ee9250099fdL,0x03c7d1abfd6aa078L,0x7d4940d225e0cf15L,
-        0xb688b311067fa052L,0x89308326a98b2e21L,0x3ee4cc2b72311eabL } },
-    /* 49 << 301 */
-    { { 0xec49fc4e06d255b2L,0xabd0c002fb309d28L,0x97490ff08c601c3cL,
-        0xe17102fd58042cd6L,0x861411f11416ebc3L,0xfb31ce455c6c630cL },
-      { 0x0a24d561c6cc5e9bL,0x80bec25c9a7c1524L,0x8003494fbe53e50dL,
-        0xe89b75e28633c559L,0xafb1f6d6763b3360L,0x0e7e58c52bf70cd3L } },
-    /* 50 << 301 */
-    { { 0x72322d26aab6c9b5L,0x953e43d0070d7d08L,0xe2dd5444954645c3L,
-        0xc5de051cb276ca86L,0x195d454439158c74L,0x26e2cf9fb90a8f97L },
-      { 0x774baec15b217a76L,0xdba4bc63f94172baL,0x96ddaa4022e20037L,
-        0xfe1ce4aac111af69L,0x6f6d3c428ad6dacaL,0xe59257d8376cdefeL } },
-    /* 51 << 301 */
-    { { 0xf2cabe73184d44ecL,0x4bf744d60bb08687L,0x10cb9e9209865d58L,
-        0x3a63fe414ea221e0L,0x8f595e5892961becL,0x1b8ad036855d186cL },
-      { 0x75dd5f70086542abL,0x8b357e087bddbb6bL,0x22de89f06e829a06L,
-        0x44ca8b64ecc6cc26L,0xd02fa871a5ddebb6L,0x6adf1d0c6a60a0e3L } },
-    /* 52 << 301 */
-    { { 0x0102775982e4f5c3L,0xac8eac172c014fc4L,0xa0cd26e85bd843eaL,
-        0x9b0431ec056d4b1fL,0x89df7db58eb9c55bL,0xf17f917298fc9b9eL },
-      { 0x2cf1e4a78e6b770fL,0x0d6ef9e2b842fe52L,0x40b4ddb76c578172L,
-        0x6630657627533b9eL,0xf8d8661eb50ce390L,0x6ceba0aa16577df7L } },
-    /* 53 << 301 */
-    { { 0x6dff66c19ec8ac93L,0x6261295bfdf6fe7dL,0x9ad1536fcf9fbbb2L,
-        0x5cfa30a92a6d6d31L,0xb3bcf1b0296224dcL,0x42e4b410608371daL },
-      { 0xd6bad6dac32945fdL,0x0fab7d1dc0c031a1L,0x054df9599b192d32L,
-        0x29830094ea78052fL,0x8d73ffce03f2ce45L,0xc14c7012f9d840ebL } },
-    /* 54 << 301 */
-    { { 0xdf74522e74ce5c21L,0xf864cbac930c4b92L,0xfe0d2358eb0fbe9cL,
-        0x10b31736a5cf765aL,0x185bbbe96a9c95c6L,0xcb14d694e5362993L },
-      { 0x3f5c921da5332e61L,0x0820b32bd244cc98L,0xdaf09f24d7c32062L,
-        0xb2241c9ad5959a1cL,0x16bb89a3226127ddL,0x0b46e3f03723d04dL } },
-    /* 55 << 301 */
-    { { 0xa38b1a796975230aL,0x25c6db8c3991b5ceL,0x0d89c3fe9c1bf52aL,
-        0xe186e293cd8f9f8cL,0x777bb327e6ec37afL,0xa974132a0ae31c7eL },
-      { 0xfb9918305c50f089L,0x4a653d6999497954L,0x5055c690774e8a26L,
-        0xf94ffbae3815d67aL,0x99d74f5e74ea4481L,0x3b352a327d477151L } },
-    /* 56 << 301 */
-    { { 0x2a62804172fb61e9L,0xa9bfa73ab13d053fL,0x4a2cdaa3c647fcb9L,
-        0xe1a9e91f4952d3a4L,0xbc1b3d8011e2e2c3L,0xe58ef59c18e4340eL },
-      { 0xeb8696ff1cf859b8L,0x5b0f5cc4ee918cf4L,0xa471d6ce6c1e905cL,
-        0x4e13d6091ed2e8cbL,0x52951509c77c8c91L,0x0926dad8e234884eL } },
-    /* 57 << 301 */
-    { { 0xb168a6c36e3aa3d7L,0xbd0086ea5ad9142fL,0xbc4da0293c24fe23L,
-        0x7ed3b34808b90de6L,0x7a7a2259e33b0df9L,0x483b389c9c3a173dL },
-      { 0x02080c626334a061L,0x61944965b020cfbeL,0xece528e9ede88ecfL,
-        0xcdf3e2fc99389758L,0xb21470cb7a3fb92fL,0x717cfbe083937e21L } },
-    /* 58 << 301 */
-    { { 0xfac97f2910e3e93fL,0x1505c7d2f1101b88L,0x7cea978823bc0d11L,
-        0x27ead95d45045667L,0x711bc4dcd17ea199L,0xe3f93fb522f3142dL },
-      { 0x31b05e6ad7233d64L,0xac28e6c154e7c9d5L,0x892b6366716d273cL,
-        0x1622230470da8a48L,0xc85bbe6070d560b3L,0x555e6de987fd38a0L } },
-    /* 59 << 301 */
-    { { 0xac593f746ed50680L,0x89bdeabbcb01cfd3L,0xfa43158ead35524dL,
-        0xb2393726e8d66ca0L,0x248c67c2c36bb495L,0x27d4b0b85c933625L },
-      { 0xdbb1364a78c8bb4bL,0xdcf4b1e13486ef0eL,0x554f95cec498b2c9L,
-        0x2b76da29811a2329L,0x750c10271a10d941L,0x07045eae375b01b6L } },
-    /* 60 << 301 */
-    { { 0xd3fb9bef82621500L,0x09b18748f0f647a6L,0x186bed054c357e73L,
-        0xd58281f0a85f3174L,0xdcf2e0bb91ded0e9L,0xe77faad126894faaL },
-      { 0x6843c160bc3a3c4bL,0x7f8058944c76592dL,0xc53be0883ec05e95L,
-        0x318d8ce7cce0c822L,0x6d615f1b4c761dbaL,0x0115824c46ff47e0L } },
-    /* 61 << 301 */
-    { { 0x1815391cf8d0b74bL,0x903ad8fd797625dfL,0xad1ca24d3983100eL,
-        0x0883fd415572ff15L,0x0e9e572cadeb4e56L,0x800bad6f7d0e25c4L },
-      { 0x52a394b44c7e2f03L,0x5150c01398f2c416L,0xf4ab35c68ce503c4L,
-        0xa0ad209a41b4beeeL,0x050c52c80189706fL,0x86780a924049e913L } },
-    /* 62 << 301 */
-    { { 0xa398529c74ded2a1L,0x5e7248f52d7ea6e5L,0xbeb250bc28c2225aL,
-        0xf7068fc0b40f4843L,0x62098aed839b7290L,0x947087e293ddfec4L },
-      { 0x81ba8c8824d71004L,0xa877f443bf4813c2L,0x3cf5f473ca4751bcL,
-        0x2533890e633cc635L,0xb358f7781e6d9465L,0x50693deaa7801dc7L } },
-    /* 63 << 301 */
-    { { 0xaf306f56cbebedf6L,0xdd733be7837acb84L,0xc767237afcff0b9bL,
-        0xdf948f12e555bee9L,0x86b85657826dc76dL,0xa4bac032e702b1c0L },
-      { 0xdf3544bba81bb117L,0x69c20dff34f4f0aaL,0x846b78577050d98dL,
-        0xde0ef0403c70120cL,0x4483872c12c3bd64L,0x870b758550acebacL } },
-    /* 64 << 301 */
-    { { 0x37be5d3f68d7dfcfL,0x97bdbd49b945e6f2L,0x165a24b59d1569e7L,
-        0x254aaf59b4e293abL,0x3c751fbd6fb7c0a4L,0x14eda4ba5018cb18L },
-      { 0xacb3b8971b5f6aedL,0x6d10be441e4b6b78L,0x245d7258621df6d7L,
-        0x2af0e283185f0e2aL,0x1e7edc818fddbd81L,0xbd1e6c72c538d02aL } },
-    /* 0 << 308 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 308 */
-    { { 0x6858b674844626a2L,0x610cd40f0cbba6a6L,0x324e674e29d9194dL,
-        0x2dc6fdf6dcb30a51L,0x3f3ecb77528aa549L,0x0721f8f923ffaa92L },
-      { 0xd8efcbd627a77538L,0xf4e642bfd6162c9cL,0x04f2b0b74cf4a16fL,
-        0xbc0bb49fbbf335fdL,0xc6b6e5bd5a928c36L,0x981b01f4d893dd45L } },
-    /* 2 << 308 */
-    { { 0xfb083c2af810465bL,0xb66a8de902ce0deeL,0x6e4130e747a81b95L,
-        0xcd704dc658a98737L,0x842ae329592829c9L,0x99bedc34be20dd63L },
-      { 0xabee8e55d53b2df4L,0x6ce657586010b37cL,0x781f39b2467112b9L,
-        0x6f06058fbe341038L,0x5effdca512a2f8beL,0xaa9bdad7af34466eL } },
-    /* 3 << 308 */
-    { { 0x3933b4c1575782aaL,0x610d3ba25c66e501L,0x52fd3c0f0b7e019dL,
-        0x7f8e5ddfa48715d6L,0x0879c5defa39be53L,0xe32c886c56f01cdcL },
-      { 0x71b2dcbb1726779cL,0x6caaff052c6aa84cL,0x6af94846640b2d74L,
-        0x78a10710049a2cbeL,0x41a1ce67ac2ab0f1L,0xd160b7faa76d8438L } },
-    /* 4 << 308 */
-    { { 0xab86639e9c216137L,0x45a12fb882b18d64L,0xb5734418d763f0bbL,
-        0xd2cc332211a9802cL,0xe41d7db881269b8aL,0x91072fc12ecfa355L },
-      { 0x59d6912504ce306fL,0x916d9d4da131b86dL,0x84478b6b8a739738L,
-        0xe86ad7d91cc83ae3L,0xbc9b2084797ccd97L,0xc1e94af4694944c6L } },
-    /* 5 << 308 */
-    { { 0xbbb6725b5c82c857L,0x72c66c3f140b561eL,0xab65dd0664bcb2d5L,
-        0x755e848a780d5c1bL,0x84e6f686a3a61e6eL,0xd84bf486bd100b4bL },
-      { 0xb34fdf846354e899L,0xcbc312da55ec5654L,0x3c2cc881f9a125f0L,
-        0xb1fcce564aeadf8eL,0xbdfc54c0c46bf0c2L,0x11d7ea4f09d281beL } },
-    /* 6 << 308 */
-    { { 0xe1aa844b1601940eL,0xd22221821797e84fL,0x3025aba65ddcb5d1L,
-        0xac8cdaba38009c6aL,0xb9ee07b46e261ee5L,0x84069bc106ab8430L },
-      { 0x7a36b46278b9b112L,0x2d91ed2c08e77879L,0xae4ef469341275a1L,
-        0xf7cb393f1c7cf858L,0x83c00eafd192af3dL,0xa81697a7a1e15176L } },
-    /* 7 << 308 */
-    { { 0x687d0980f9bfd795L,0x9a7539377ad882bcL,0x641407fabbcde5b3L,
-        0x12ec9d216ed103a5L,0xf858c7851fa6ee22L,0x329b61bc818f2c11L },
-      { 0x4720d42ad9d48b30L,0x3f61c66082a66766L,0x99aff25533723e4eL,
-        0xd6c67ce3d3260b62L,0x63a6fc9d86391c33L,0xc002433a31de2381L } },
-    /* 8 << 308 */
-    { { 0x585edee3895c0318L,0x775e142f45e8205bL,0x3bd7924fd85ad31fL,
-        0x2e7d8f919124bffaL,0x885397c044c62868L,0xc0c2dff47fda9f5dL },
-      { 0xd302582ec14e693dL,0x53d6e33a6cec31baL,0xb0216b5b63653c06L,
-        0x8f08a1ad9c70dad4L,0xccf014aaffbba93dL,0x900b0d2ca33f12b7L } },
-    /* 9 << 308 */
-    { { 0x4960ccb6e9824c45L,0x3c5a9b74c7e4cd06L,0x1e78cdfe37cfec62L,
-        0x8cd49ca80da56a05L,0x5ba51217dca05707L,0x0d1f6e459d66c960L },
-      { 0x7178089467f9c82bL,0x342e4a5b18974c55L,0x16263f18f9b32fdaL,
-        0x844b5a02935b3636L,0x9c5abd51c139ea58L,0xf54c69428beef953L } },
-    /* 10 << 308 */
-    { { 0xbe51552d6d2dedd1L,0x6bc86dc1cd997093L,0xc9b600c4418f03b8L,
-        0x4ea4e857e7a9208aL,0x7aac3d96883b639bL,0x4127ed0735d2f4bfL },
-      { 0xf5f6310d76bd792aL,0x3da9b6a5fa223d0cL,0xd75f88075a041b79L,
-        0xf3261457e4dd58f6L,0x4f0f5b18b0d9a51bL,0xf5aeedc1b8c84f9fL } },
-    /* 11 << 308 */
-    { { 0x1e08d6a81375620eL,0xed9a4fbae1f62c24L,0x0d3bb90381ab5de2L,
-        0x885781f0df1b6a13L,0xc3fb9f97e1c7de7eL,0xf12e4bcf9372b033L },
-      { 0x9bc3cf4dd5868448L,0x89465649552016adL,0xeea40cf92a8b2c23L,
-        0x57d720ee3af98886L,0x97b14c0b72db853dL,0x65d10f42f23504deL } },
-    /* 12 << 308 */
-    { { 0x0dd2395e9b8cfa41L,0x50e203abd4f92a44L,0x7280aff16630023bL,
-        0xfcce59dc07de820eL,0xa686be05bc8189adL,0xac4b59bfaac70b7eL },
-      { 0xd2c0070e7a3c71acL,0x1d550add35ac1c47L,0xd42b6389fb881c1bL,
-        0x57ca3fccd0dafd42L,0x909e8284be26ccc9L,0x1abe7595a002235cL } },
-    /* 13 << 308 */
-    { { 0x02562f1c6b1878daL,0x52a2cd069fce0ee6L,0xf25b35bdeb16199aL,
-        0x0320c326a75fb01eL,0x2006d7587de2d46aL,0x6f9d0e256842b459L },
-      { 0x70a89562a68b5482L,0x9653726e1ab35865L,0xbda3cebbd8f849adL,
-        0xe2f8d9e60b6fc51dL,0x9c3fd51246104400L,0xbbd260c9bab5d34eL } },
-    /* 14 << 308 */
-    { { 0x1f5094703cbc1df1L,0x9f752a663f962634L,0x98089d2ca2435048L,
-        0x05256acb0e755318L,0x91a21f707f3845f4L,0x473ac1e0d68c8fcfL },
-      { 0x57ee51417f2ff0c9L,0x959a84f32013c48bL,0xe701f13c4c111ee5L,
-        0x70219eee86db5763L,0x385f890cdb0782e5L,0x81fb64b2fea04d2eL } },
-    /* 15 << 308 */
-    { { 0x61b4bf7eeaa07bd9L,0x49832879afe544c0L,0xf788e97f54eb4d80L,
-        0x78351b41338af327L,0x3a631bba77cb8057L,0xeb9a6f23f218e4ceL },
-      { 0xbd4a0dcf025b6453L,0x2aad6a467b876222L,0xaee94361215c42cfL,
-        0xf8d1fd5de496cddeL,0x3c3af08022d0fe06L,0xb3d5dde0d09cc3f7L } },
-    /* 16 << 308 */
-    { { 0x1e34781aa6a1913dL,0x9a8f32287d0adc38L,0xfc185ccc28af85baL,
-        0xc923d78b3ae9ba11L,0x7d494d7ea7bdb313L,0xf774dfa5af8f8b87L },
-      { 0xc178ccc116e863b8L,0x2d472f2aa8899691L,0x608747cc80a50372L,
-        0x8147aa90e6f90197L,0x4683d4c978c2f216L,0x8323652c552f3b51L } },
-    /* 17 << 308 */
-    { { 0x7d6bff984dc9149fL,0x79879e1f499b443dL,0xf4ec65232aff2a1dL,
-        0x6cf3c97f27253aa1L,0x95b9471eefe6f72cL,0x3959bd816c8457daL },
-      { 0xe2870635cf112073L,0x84e44933ec12174fL,0x67a592deedf434edL,
-        0x0c93cdae2897d0e0L,0xe344ecf463c89730L,0x28098b7567a1133fL } },
-    /* 18 << 308 */
-    { { 0x62e96dc7a12a0cd8L,0x09d7c6f0f02a3d87L,0x9d9fd51233f8929dL,
-        0x1231952dab376555L,0x6ef6823c8e3d2d63L,0x7ad2e5405a01c12fL },
-      { 0xd1bfaec479af6fc8L,0x4555fedfdad97daeL,0x0e6d3f0155750bdeL,
-        0xd37ed9f0056f6128L,0xf1fdf91c65fe6ff7L,0x3ece19ae92d05e43L } },
-    /* 19 << 308 */
-    { { 0x07d2075e750fc5d0L,0xdc2b03f6a07ca45cL,0x0248d87552efef7fL,
-        0x2dfdaf3f744e727eL,0xbef861b8d9b2bcacL,0x5e6363f0baf394c7L },
-      { 0xe8f23bbec973934cL,0xb43d619a50ea324dL,0x2bd5e0075842d6cfL,
-        0x5c5af62217646e90L,0x5d95d8fd222ec05eL,0xc9adabb45bd67c31L } },
-    /* 20 << 308 */
-    { { 0xa5c08e8bcc2c9a2aL,0x70e1b4058baaf0fcL,0xf29e1e5c9e36e50cL,
-        0xa3d9080080f258c5L,0xc9ceac25ecad4498L,0xcb73130fca32f3feL },
-      { 0x2dbe620c48b3863dL,0x8c52727f14ff53bfL,0xb60b22a86b45e9b8L,
-        0x81e05bc0f6483c5dL,0x217caa6bcd542972L,0xffab716afa780778L } },
-    /* 21 << 308 */
-    { { 0xaef1278b0ba5a344L,0x253be7ad2d0c3947L,0xce58bf0fe5408f09L,
-        0x867b0d6fe21228f4L,0x815abb5dca61e691L,0x0da28f58f3e94434L },
-      { 0x5b0fd178ca4cee2bL,0x8989604240b13224L,0x8e2fe19616c251a7L,
-        0x7b3381cb11b17162L,0xc73d96a427ef2c0dL,0x76b7fcf36899c135L } },
-    /* 22 << 308 */
-    { { 0xcaee3387cad8b585L,0x58446c1ad59d8777L,0xb8755fa540888d8cL,
-        0x7868510654428813L,0x7bd21629136e2b59L,0x249903a6998254a3L },
-      { 0x2cc73a751f8fd813L,0x4b1a64576d4f3a70L,0xea2aa620b2e7a0fbL,
-        0x77c8cb98202f6ddcL,0x68ba9d261e3851cfL,0x936fe8cbfe02e6efL } },
-    /* 23 << 308 */
-    { { 0x8b84121bda75aba3L,0x4440272d74602c33L,0xb8110b2a1e8a8ab0L,
-        0x4de462e9391cf47dL,0x9173d756519b9ab4L,0x3df52d13ba8d5dc7L },
-      { 0xd7a822eaa418b01fL,0x58be2b076585f7d8L,0xaa814fde00fb449fL,
-        0x6b8260fc7da43c5dL,0xaecbfb442351ba9cL,0x9cbe3d199f8db60aL } },
-    /* 24 << 308 */
-    { { 0xe5d3e0d80d7410d6L,0xcfa9ed742be432c9L,0x60044434a85a0686L,
-        0x93b357166ad6918aL,0x1a3c3e6d051762beL,0x80813589b0ab32d6L },
-      { 0x64214b92aad403fdL,0x684befc14d3fb746L,0xaca5a51479515046L,
-        0xacdba03472e84485L,0x61aa2834287d9e97L,0x07a515a5cad222e7L } },
-    /* 25 << 308 */
-    { { 0x8f631b17bc04e9c5L,0x017527212c515161L,0x4358d8e9ee7769a5L,
-        0x18f0aed0b59dba1bL,0x035c6bb644973218L,0xa49a4cbcfb3897e6L },
-      { 0xd2a0b7505841ab18L,0x8fe952dca6d2d43dL,0x2d30add69a71d0ecL,
-        0x0cb84c402c5d440aL,0x33f3cf7c7c47846bL,0x88703c65bc8e8b3dL } },
-    /* 26 << 308 */
-    { { 0x3c3db9419474059cL,0xcfbf13ad72820ae8L,0x3f84300c51c37d62L,
-        0x0f78adc45529d333L,0xa19be46482e34cfcL,0x9ed07ee011c98376L },
-      { 0x5113e660b5b6f6beL,0x56f2d2b37a5bc818L,0xd99290c61c2c822cL,
-        0x39c026b8b27aafceL,0x8692150b12ef7c76L,0xa55426d1c6de9e16L } },
-    /* 27 << 308 */
-    { { 0x889aa8ee3465358fL,0x5885ee29afbefa70L,0x05f9dbd290b6ff58L,
-        0xc74be0d09b5e02afL,0x4b7da27ea6b29d44L,0x2ad60aefcf68eeddL },
-      { 0x2ba942b3388c81c5L,0xda8badcc368e2e62L,0x33e95ac87a9e8511L,
-        0x37453bbae72008b3L,0x3e1f181195eceea0L,0x719f550c7b19a417L } },
-    /* 28 << 308 */
-    { { 0xb03093068af19670L,0xd784125a34c6bf0fL,0x0b425ee0255a8396L,
-        0x91076433fb541162L,0xc4d8188586f47a0eL,0x3b767d54fd7bc7c1L },
-      { 0x98b405d3bee196e9L,0x4ef9c511edaccf4aL,0x5a6deb6503f4f1a6L,
-        0x4a22ca641b4c5104L,0x2cce36679145ce41L,0xd05187523206810dL } },
-    /* 29 << 308 */
-    { { 0xa5746e07f7e11342L,0xb50e390f2e2ddca0L,0x3847749bcb288bc2L,
-        0x6ff43ec646ee679bL,0x343b3fe2c5257b02L,0xc0f57f509b823eb7L },
-      { 0x5ce3d2c8aff42c7dL,0x984c9b99c3c76f3fL,0xc8559f58b8823b92L,
-        0x883ac8064ce4338cL,0xecf8aac3389d8ebbL,0x9edaec10b40bfb16L } },
-    /* 30 << 308 */
-    { { 0x0ed8a07cafb04e5eL,0x7e95ed898f6bc911L,0x6a4ed37113dcc222L,
-        0x9aa3a43296f07c7dL,0xe819a80b9b338e4dL,0x65fc2778278f53b5L },
-      { 0x788408e9024163b3L,0x159de8bb7de54f06L,0xc953e21281239dccL,
-        0xacb5ea2c6dd62ce9L,0xf56ac93b753f4ab3L,0x2a1a09b5eacc39a6L } },
-    /* 31 << 308 */
-    { { 0x89dcbf021c5f4cb9L,0xc0fbe7ce210f98ffL,0x3dc3c743b897cdf2L,
-        0x931f9dbb5d02c43fL,0x0ea9f164f74db981L,0x504938874af9f53aL },
-      { 0x86bd3ed62531b8aaL,0xcc1fb6dddcfca2a3L,0x24b0cbf2b97abaa9L,
-        0xd81ad35c9073f19eL,0x4dde5dc05db7fd5cL,0xce410880e3ac9b63L } },
-    /* 32 << 308 */
-    { { 0x29d81538037bebadL,0x76e52c73d9e0b78cL,0xaa4ace6e8783d1fdL,
-        0x9c14ebddf0e3c126L,0x0eb1c08d6eca4b71L,0xd10c6b961c91df35L },
-      { 0xdb8119bbe81bb84aL,0xf784d3c117e3ceefL,0x053c916835436f81L,
-        0xeb41ccbb9b18d212L,0x93b3fb43b1bc3497L,0xd85a7c758c1ced81L } },
-    /* 33 << 308 */
-    { { 0x90b606b2fc9958e6L,0xd39965b6f94234b9L,0xf4a86f1676f4dd03L,
-        0xd6a7ba54470f0f7aL,0xa1b85c0ca86fce7fL,0x2b50f14e574c4cfdL },
-      { 0x4aff867d80e783bcL,0x031092eb61f78fc4L,0x8ad0d7486fe0af1fL,
-        0xb56b1a1a0cdfa574L,0x586c916a56466e12L,0x427e5946d09a9d1bL } },
-    /* 34 << 308 */
-    { { 0xdd0e3ca276d1b2e5L,0x07dea7e48b4cb3a6L,0x62a63cc7fc4a0f0aL,
-        0x048478ef5ea2eccfL,0xa77eae472e34c1a9L,0x7a2120751bfa5dc6L },
-      { 0x0c1fbbecabc233ffL,0x6255fd91dee18d7fL,0xd6da39aec38462ebL,
-        0xd86bc3194be435f9L,0x23567d64291c606fL,0x6b85038af67051adL } },
-    /* 35 << 308 */
-    { { 0xbe79e1b1eef4ae7cL,0xa45668dc42fb7357L,0xcdb3b3ee2d497a36L,
-        0x6ef724e6c5f8d861L,0x7e8834523802a324L,0x641b3a81aba90442L },
-      { 0x13bec555ae4c2544L,0x340d34f927d172ceL,0xfcfd933bd92f558cL,
-        0x57d8e300d5a669bdL,0x9f745ce71883049bL,0x19690a31e261f9ceL } },
-    /* 36 << 308 */
-    { { 0x004105c3811af84aL,0x01307934a7934a0fL,0x179fd49b9b3226a1L,
-        0x195d9e5cde6834b4L,0xfbb79dc00e6051bdL,0x354273ed367f4487L },
-      { 0x4afa9d4574fb892dL,0x03ae905ea1b7f3bbL,0xea32cd5d592f6122L,
-        0xa758eed2f1103301L,0x9dde4238c59d1cc8L,0xe2760bcc51022a42L } },
-    /* 37 << 308 */
-    { { 0xfed7077b7a7134a8L,0xe65b4eaefe0cf05aL,0x130de76be626841bL,
-        0x499934ca300117fcL,0xce74885d4e186b5cL,0xd352d0d2029bee7bL },
-      { 0xd86c448c857a38ecL,0x8139eb50a956da9eL,0xa036de4a93ce7131L,
-        0x3f9eba375041c9d4L,0x8c24408e548f74fbL,0xa74053fde942bf8fL } },
-    /* 38 << 308 */
-    { { 0x64cb00f586ff10acL,0xd1eebc4c9cbba8d8L,0x427fad8af3157125L,
-        0x9f8eb84cf7523b0bL,0xbdd082bf2e6dc29cL,0xfe40623823d3c315L },
-      { 0xad5df7fb546d9dd4L,0x83cadc4b8e42f3c7L,0x7c90502c36876485L,
-        0x4f33eccda35bb6d2L,0xdf7571383a79b9baL,0xd250b7d2e6ddafaaL } },
-    /* 39 << 308 */
-    { { 0xa52a7595504417a1L,0x540f70b014683af9L,0x5f0d1560f27a9620L,
-        0xccad06444b2147c9L,0x92223275e52c8eccL,0x30d6b52b7cfedb7bL },
-      { 0x2161f8bb9bb5b844L,0x075b9db87033586cL,0x5748d512c8c5189aL,
-        0x95d76a950f0aab91L,0x91f85aaed0ce9c56L,0xeab8cd9b8434e695L } },
-    /* 40 << 308 */
-    { { 0x54f84d70d377d7b0L,0xb745d1903344bc4eL,0x1c693ed08f33aa53L,
-        0x990ed45f8bfbee7fL,0xad620c9fe9b258fbL,0x465ccb101a54bf46L },
-      { 0x5330a0d3ebc40951L,0x34423e8ca405da61L,0xeef1ce78b83043b6L,
-        0x99678f22ac06d182L,0x9213f57d1802f14cL,0xf8549616adf11fdaL } },
-    /* 41 << 308 */
-    { { 0xc6ca95476c66fa6eL,0xcae41345bdd5b16dL,0xd72a41a4ef022783L,
-        0x810f4615b2d5154aL,0xfddc469e6d333af9L,0x3154ccbb02d2bf38L },
-      { 0xb33d5c59fc1a0bdfL,0xd8c3f8743c971fb3L,0x5e47ec01114e68b2L,
-        0xa440a83fe9baa164L,0x353d01c397c26b35L,0xfaabf5dff03b7672L } },
-    /* 42 << 308 */
-    { { 0xdc2a97651e22de2eL,0x91eef436b6cd3b6dL,0xff099200f99ac721L,
-        0x20faacfed4f89e8aL,0x91bb24373fcfe45cL,0xb7a152897b6d3ff6L },
-      { 0xfee966c0ef94332aL,0x944728473c81b942L,0x831d36dfab1a553fL,
-        0x244bc8393023cca1L,0x3f4a49d57e7be940L,0x4159aa9d7b71c0e0L } },
-    /* 43 << 308 */
-    { { 0xfc25fcab5b16ee64L,0x44f807e06841acd2L,0x5f43cfedf59c3f06L,
-        0x9279c8110c5b59a7L,0x825df117194b80beL,0xe2c18880d27d6fa7L },
-      { 0xc9aab2e66a333721L,0x1665b6f55b034c1cL,0xf28fffd13df9796cL,
-        0x23caca87bbefb8a2L,0xfc556d575f7510f0L,0x41990ce8552dafd0L } },
-    /* 44 << 308 */
-    { { 0xf31796d2b6e392e1L,0x199d624893b3395eL,0xef14c7c212f9b763L,
-        0x721ebf2143edb7a5L,0xa40b88945e96f3baL,0x8770608c4cff8394L },
-      { 0x990c99ae8d0def0eL,0x292b26dfa15a5649L,0xa98fda2c91ca89d7L,
-        0x916cb1b4973e5f5fL,0xa2823f13a72de0bbL,0x415f7bd28cd3219dL } },
-    /* 45 << 308 */
-    { { 0x5cfde16a9fc0e90fL,0x61bda4caac6c15d3L,0x5935e48e2a79d928L,
-        0x31213c7c82f986eaL,0x170dc539bcc4c0dfL,0x2e0d29406f11823cL },
-      { 0xd2dbecac80fe659eL,0x98b7f46b8399d8b8L,0x259f975abb204589L,
-        0x65f3073cd5c52a46L,0x0f4c007805dc7fc4L,0x16c49d403031a8ffL } },
-    /* 46 << 308 */
-    { { 0x95705b15359816d5L,0xce0c4379d0641ed7L,0xb3f0d8321e8a448eL,
-        0x8bea060873e2d711L,0x5a85fb2f6a040c03L,0x7c19a2185bcebd4aL },
-      { 0x2b10a87aa31cffddL,0x4fc728fa9a5814a2L,0xedabb0dc63bdd2ceL,
-        0xdb90173f96bdaa40L,0x543c4f01527ff659L,0x5dbff7ad0a33b251L } },
-    /* 47 << 308 */
-    { { 0xeef30ea55e636f5dL,0x8df2d4040bccc4ddL,0x8b0d6f35ef1afe9fL,
-        0xbd288e6ef8f86f6aL,0xbc68817ebda45411L,0x8a6f50070faf9e7bL },
-      { 0x6158c57a53d4050cL,0x6d5a3af165b2252cL,0x10f62839f450886aL,
-        0x8b9ac19b1df85080L,0xc160c1567553ed58L,0x2195ab29cb449cd9L } },
-    /* 48 << 308 */
-    { { 0x521f4af73ed03d5fL,0xe3461f66eaf9064cL,0xad099ab7ae03777fL,
-        0x541cadcdb65f73ffL,0x53430463a86059b9L,0x8ff88fe5043e9f82L },
-      { 0xd515f4c7e42cde45L,0xf7f3dec3f41c3269L,0x7bed53567ef1b8ffL,
-        0x8782b45f1295b5feL,0xab54ebaa03917627L,0x8516beb28787ed9fL } },
-    /* 49 << 308 */
-    { { 0x24b2b95b113940daL,0x8c24d8d3f9c6e6d1L,0x7c584170eddaaf29L,
-        0x249267171efd01aeL,0x692cf8f40cd0f2d5L,0x0bf82e142f960244L },
-      { 0x6dbcb6162dabe927L,0x76d826d20aa1eed3L,0xe4492fb3be98af99L,
-        0xd4f27cbea50dd711L,0xb7796efe2d8085daL,0xf2d42519ec4e8ec2L } },
-    /* 50 << 308 */
-    { { 0x3fbaf46dccc3c261L,0x773c240c1b646e80L,0x151a711f363b6a5bL,
-        0x3c8680b1c53b5b59L,0x8ee6795f9fb234b6L,0xab7840aa2f673211L },
-      { 0x0a1a0ff3224a8184L,0xcab87319c71bb575L,0x7a9e9daa8125668fL,
-        0xdc607b016c4cff5bL,0xa54cb4c792e5c760L,0x977e4c93d99e4655L } },
-    /* 51 << 308 */
-    { { 0x87d4ff71ebe95680L,0xa2093915e5adaac7L,0xd5bbbdade32f5d9aL,
-        0x5d61056cf328a4e1L,0x61fcdb0f353f565bL,0xb7b8ba004efab5caL },
-      { 0xb5bbcfa410f05eabL,0x483ae9221f09a105L,0x17d94ca44bbf4753L,
-        0xf734a8cdbbdc9a94L,0xc7f01a4244e81e2dL,0x60c3e777b3ba8033L } },
-    /* 52 << 308 */
-    { { 0xba7df5a965b68624L,0x30b4d6ed6e7d58bbL,0x67e52341dbb81762L,
-        0xd697ab1b0deeac1dL,0x01d15e8e5577ea92L,0xbb12d72498fb38daL },
-      { 0x302faa6d4e04908dL,0x66cf6cb909b90a9cL,0xcd665dbd98d96736L,
-        0xf7d3c528b86f3af4L,0x4844c7541d8b07f4L,0x2a77d7b91eaf7dc0L } },
-    /* 53 << 308 */
-    { { 0x8a36c9b57fceaa87L,0x5110912b553c7ad3L,0x4aa51166d5eca67cL,
-        0x05740dcf07a5eb58L,0xeaafb3e3396857a4L,0x1ae9571bba8d62d9L },
-      { 0x2736975500272434L,0x2c74325c59872fbbL,0xd1d8291709dda11aL,
-        0x2a5334eb4683e8a1L,0x22cdd088e3481df0L,0xab1c5f5b4fddc546L } },
-    /* 54 << 308 */
-    { { 0x1966aa0515f46174L,0x495901bd2a074050L,0xda5b0cdebba902baL,
-        0xc47c518a684325bfL,0xa5df133ec4d9d6d9L,0x3771f465fbf7d31aL },
-      { 0x0a73718c02b05d1aL,0x1107cd45534237a2L,0x582cfd2980f5d897L,
-        0xf51a0a88dab0269eL,0xfdea51cfea1a22faL,0x3c9a0d247a13a324L } },
-    /* 55 << 308 */
-    { { 0xcc330f58c42f1ce6L,0x8e1fb7df534efc38L,0x2a37208f5fa5a01fL,
-        0xc06d8447369bdbb6L,0x0b1ea5161a3e36e7L,0xfb4a48366ff9abbeL },
-      { 0x5989c2d524419909L,0xdeaa6136f1d5b1caL,0xac6003b04ba760f1L,
-        0x3a6d5422059081beL,0x96c7fa9df797e22dL,0x67c2f77fa9f3addcL } },
-    /* 56 << 308 */
-    { { 0x53e59f251d70eb73L,0x8aed17afe69d0525L,0x26ddc17864413768L,
-        0xa7c8d40f5e48c349L,0x29ad92d187ff01fbL,0x8f4e1b3b965b2de1L },
-      { 0xb83cfadf1446eca2L,0x7432bda4e609d416L,0xcf97e8a3f1c7de69L,
-        0x45899bd832f55f07L,0x41a6811751175738L,0x89eeb115b8efff21L } },
-    /* 57 << 308 */
-    { { 0x9dcda4f3723fc25eL,0x710de79fb5d954deL,0x095ffbf1f0b7d129L,
-        0x419a2a5e32651179L,0x7b249135827d4268L,0x9dccc98d909fbfb4L },
-      { 0xcb4b0cb016554ab5L,0xb2fc635f6d84b255L,0xa7f8f3f553512b87L,
-        0xc72633f300ec778bL,0x4e07d91a4f1841a9L,0x2a1adbbdcb4f478cL } },
-    /* 58 << 308 */
-    { { 0xe31333093bb794fdL,0x34c68bac33b3be44L,0x953fa2c412172b7aL,
-        0xa9afc12d4fdde6ffL,0x30b5302ae9c7804cL,0x4a1746c702119e68L },
-      { 0xc4d0c7d323e2ec51L,0xbc821f217143d613L,0x8f41251a673e203dL,
-        0xfa32c06aac2ca4c3L,0xf4343f2799a7c431L,0x8f7d489e6b96d959L } },
-    /* 59 << 308 */
-    { { 0x183311763f6278f9L,0x4fcc5b653593cdd5L,0xb09b5880e643f83dL,
-        0x0f130a3d2c78466eL,0x926d7c3d2b1c1ebcL,0x7217f875662ed4ecL },
-      { 0x2d3be028d81cdad3L,0xb2a04e3507a38019L,0x8da8cddfc9a3097eL,
-        0xbaa67f60ddb20228L,0x698fc1c407f04de8L,0x6f0e1d6d7e86db6dL } },
-    /* 60 << 308 */
-    { { 0x54a01e60936c3ebaL,0xf326fe96ec01b12cL,0xcdfaf00366e4de2eL,
-        0xc53dba07392fd0a8L,0x00d9b80f6ec46004L,0x84d59be83ba63f8dL },
-      { 0xbac4ea439dea6062L,0xb4b4845badd568caL,0xa6ca3d34d225e2d0L,
-        0xce72955db50070a2L,0x56e5c91321c78b68L,0x888eb198999488a3L } },
-    /* 61 << 308 */
-    { { 0x65bead3c1c2de335L,0x0ecdc057b18a6778L,0x821b836983e57ea8L,
-        0x84c80b574a5c11dcL,0x0b6432822ac9ad27L,0x8e09a7f344fe943fL },
-      { 0xe510f47daa92dc94L,0x8bb0b5cc6a1666a3L,0x55315bcc24645380L,
-        0xe3acbed113dcf7a1L,0xff99c90e3c9a1610L,0xfbe9aa1bc326e1f5L } },
-    /* 62 << 308 */
-    { { 0x5040bea56827b6e3L,0x1049e004d935eb24L,0xa15f9a07ba9bde68L,
-        0xda430c55e6087e70L,0x30ed69af8e84b7c8L,0x8498514eac9d6a72L },
-      { 0x69c783d64cb27e79L,0xe55d31a09647a572L,0x0479e8b2fbfb82e8L,
-        0x3e845922b52f08c0L,0x252f755f0dbca622L,0x6219778389ddfee8L } },
-    /* 63 << 308 */
-    { { 0x175264893ca1461fL,0x54c432f92b6476bfL,0x0e0be36a530795f9L,
-        0xb9896dacca583429L,0xe4af98239d4e6085L,0xa38b7c4b4a7422ddL },
-      { 0x74643ef47163e421L,0x74c28314895ee61aL,0x637c79c20d62b657L,
-        0xb232ec619bf2b3afL,0x27bdbfb4b2d5992eL,0xcc6e424c49afb181L } },
-    /* 64 << 308 */
-    { { 0x5255508c11c92f34L,0x9a346cf3a294d382L,0xd9765eea3095205bL,
-        0xfea2ed702c470ef7L,0xf5e8a0fc9c40bf0aL,0xb572390ee4137a16L },
-      { 0xb91753712bf2f545L,0x2c2d0f4c58cd9cc7L,0xbea6bce902385486L,
-        0x46208408a8bc3a94L,0x64a87a2a3ac45044L,0xe40da33c7df70151L } },
-    /* 0 << 315 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 315 */
-    { { 0xee9e25d939161b8aL,0x8763f2a2e2eead91L,0xd2fc1157d2d91300L,
-        0xe7597e2fffcbe50fL,0x4be3814fe11d376eL,0x1eab3d7edbf14562L },
-      { 0x38a107c0c0ad183aL,0x829766267c753bbfL,0x18014e09caebd481L,
-        0xb28c331bf9ace60dL,0xe8fba04f211cb8e7L,0x41c4b797e42dc65eL } },
-    /* 2 << 315 */
-    { { 0x009dc2f4c3e88580L,0x4a405be899db1fb5L,0xc89bfaa2ec5d91feL,
-        0x461be9a0f160afcbL,0xfdd084bb7d7566b5L,0x795275e8e48099a2L },
-      { 0x1b461fc9fe9815dbL,0x576214cd73627bbcL,0x3246332d9f09a206L,
-        0xbde4c0c36941d6efL,0x44ef03fdf387f5f6L,0x99c8ac0157b63400L } },
-    /* 3 << 315 */
-    { { 0xaa512f202f6e4301L,0xef668a5fbf94a1ccL,0x08713c3015861b88L,
-        0x49d47551c99bb2b6L,0x6db5f812e2f0258eL,0x70c9b299998d7435L },
-      { 0x46168e1c5d176ae0L,0xec3306e4f730ec30L,0x49439df3ab69c15dL,
-        0x1040408bea0143e4L,0xb48ab8eabc549b0aL,0x4aa38bbf10f89223L } },
-    /* 4 << 315 */
-    { { 0x7e4851599598f49aL,0xbdac3d5e9629305bL,0x20de0dafa6fbabfbL,
-        0x04f015838f09fff7L,0x5a0562976a06994fL,0xf51dac8f6e3ccd33L },
-      { 0xc087ef9c3af507b8L,0x525ab76e6a5c6663L,0x4fc04814d916ee93L,
-        0x3369c978d23d140bL,0xb0fcd70f1662028fL,0x2ca77de2e1e28adbL } },
-    /* 5 << 315 */
-    { { 0x838acd1bc512bc71L,0xac06d6bddc18afd0L,0xc991c1e39ec45f4bL,
-        0x667c5e89cc27c68eL,0x0e059b04ed07f829L,0xceccf1d4cec4b3a7L },
-      { 0x3d9c2dc9b953f9a1L,0x4be2f7e72d599b16L,0x1a2054b197256c26L,
-        0xcf66fa478b4fdfebL,0x896cc1b38134d7efL,0xa17264cad41dadbcL } },
-    /* 6 << 315 */
-    { { 0xe3ccfe8e37627e56L,0x00733a867b6b21a6L,0x3f13e2cbb605c427L,
-        0x5ee12395b0d80992L,0x4dcaea94b9991381L,0x4cfed7ee8c4c4b6eL },
-      { 0xd7aad54b7f7f45dfL,0x2229407fb3809bf8L,0x6eb31eee68048fd9L,
-        0x693842dfd57225fcL,0x3e62cd85a88dfd3fL,0xc6307d53d5462cf1L } },
-    /* 7 << 315 */
-    { { 0x2d15615ef344f5fdL,0xe0ba6a8aa7f23989L,0xbbfc58041c84e3f2L,
-        0x22ffeaae6f4ba826L,0x1e9bf27494292682L,0xc768f89146c02af9L },
-      { 0x894127d6177cdafaL,0x8d0523da2acdc791L,0x71ada9aedc78c3c4L,
-        0xf21dbbb92c532a01L,0x0c797d5eacb20fdaL,0x1ff99d7616cf57b0L } },
-    /* 8 << 315 */
-    { { 0x99b5f150493c1d64L,0x3422b656fb74075eL,0xe7493900ff19bf24L,
-        0xc82e5b80260925edL,0x3398d340c0ea1eafL,0xe7de2ba11287121eL },
-      { 0xea6dfb0b87847031L,0x73bed0a1566af2f2L,0xe26678bf12012999L,
-        0xb5369e4d32e5cebcL,0x2304eac86d181e32L,0xafdbd9543d364addL } },
-    /* 9 << 315 */
-    { { 0x5b1a53ca75da4189L,0xa90485802eb4862bL,0x319424092783ad6aL,
-        0x15a4c5e11a9e025eL,0x841bc53313837199L,0x6e9d3e14e642954aL },
-      { 0xf4a02bbdd436ec5cL,0x62fe177bc6d6ad53L,0xedbf1e4eac86425aL,
-        0xff9359c8d9f752f5L,0x79c685d92d7ad656L,0x8d82c0c4fdde9052L } },
-    /* 10 << 315 */
-    { { 0xf55f868e702f640dL,0xe459aa9b1dedda11L,0xbec0ff9bbb5ba193L,
-        0xf7325c4957724703L,0x5ab8f06323e0e4fbL,0xfbf02e91ecb0fd7cL },
-      { 0xcc72e8daa2e5fa31L,0x47de252832cb53cfL,0xbfa646e64252763cL,
-        0x7a769efeb8d81de3L,0xf5ec70031e772f00L,0x049bea9a2729aa5eL } },
-    /* 11 << 315 */
-    { { 0xe987ba54759090d6L,0x904d6901619ef08bL,0x9e16d1382024a6fcL,
-        0xb6f0459ba9f3b7e4L,0x1f2a530817ee069aL,0x99403b2e2be31049L },
-      { 0xba1663c6bfb2f288L,0xf829195cc7a92b41L,0x89b915ee8ae621b1L,
-        0x3fbbb1e150f8ea92L,0xb1fe7f978c901ddcL,0x16d1f62cbbc69ca4L } },
-    /* 12 << 315 */
-    { { 0x51f19bb3fda072dbL,0xa815459fe3f7e0a2L,0x5f7cde2f987112caL,
-        0xdc51d948759de2cbL,0x9d05c410ed49bd98L,0xf063ab99364341fdL },
-      { 0xd7869d68d1aa0a11L,0xc20291065d862d01L,0x7f258180c2591073L,
-        0x7b90fc7a6ebc4ebcL,0x5565390f3dda1d68L,0xae77fca8a44e4493L } },
-    /* 13 << 315 */
-    { { 0x97564e4847c49ee8L,0xc56bb5a9ab4ebef5L,0x80d969417b4f86bcL,
-        0xa594b4e541026cf0L,0xd56c89965a89ece9L,0xbcf609316a0f922bL },
-      { 0x702596161103475cL,0xb1224fb58a2a2abbL,0x0a437a03715cd61bL,
-        0xcbe2d2b2739921edL,0xf3b1b5e9385541c4L,0x5d0984f4ae010520L } },
-    /* 14 << 315 */
-    { { 0xb4a2742dcfd9295eL,0x9cd36774ae929cd0L,0xb15fadccdd7fcf4fL,
-        0x0b1fa2b337d4fcc6L,0x242c7b26f01c7ab7L,0x2be8131b50574cc9L },
-      { 0x6ee50f42bd89a03cL,0xc7f6ff8f005e7765L,0x04d13af18420501bL,
-        0xc22e092b1b6e7d2aL,0xa393be7ee9516f80L,0xa2593652b80bb5b5L } },
-    /* 15 << 315 */
-    { { 0x5caa5da68b23bebbL,0xa1ad33e81fdbbdf4L,0x18dc93cf4e5c1de0L,
-        0xc3e6addb5bd9e178L,0xf30d517e7cb8cd03L,0xbb84ce54f1abc417L },
-      { 0x0774b64c67699659L,0x228005b9b7d4a401L,0xd8c2ec5b80b2d3d2L,
-        0x419c4cd93450ba7fL,0x520ae681789286a6L,0x24b67ea9aa8bcfbbL } },
-    /* 16 << 315 */
-    { { 0x9e41b9b70f74808fL,0x2d835dae0c061bdbL,0x67e50c8cf272346cL,
-        0xc98a5ef5def57493L,0xc2dea8afa02676fcL,0x59508de26ace4659L },
-      { 0xc2b707aada6cd733L,0x6c1f226a4be7bfb9L,0x5b580fa2a778c20bL,
-        0x272c3a1d57af166bL,0xe47a64a9ca78ce62L,0xd12db7d771d35087L } },
-    /* 17 << 315 */
-    { { 0x6a37ac5a2ada7e64L,0x664594de04e35dbdL,0x3a82f748ffdbf300L,
-        0x4525ddf155975f5dL,0xcfe5a76bbdf2035fL,0x1693a99f0fcbda84L },
-      { 0x5bdb76856a297cdeL,0xdb9ad0cef1d1009aL,0x9e9dae1caf902a00L,
-        0x7e36f79f271a0a50L,0x688a0f41a2a2f652L,0x33d2178613722e40L } },
-    /* 18 << 315 */
-    { { 0x2f4abaff356f4ca1L,0xa2e419422d13be2bL,0x58d72e2f3d7db731L,
-        0xafc2f505cd455649L,0x8a0794cd1583705cL,0x4a43066288ffe8e7L },
-      { 0x2c0c031d135c8e7cL,0x8ecd9ed76b371b41L,0x17cc1ad9563843eaL,
-        0x9603987cfc6b810fL,0x6e291ed7f0d9498dL,0x8c69ae62e1a4058dL } },
-    /* 19 << 315 */
-    { { 0x934666dd40680b5aL,0x37a9c6ac91e762f6L,0xa0a10533e4d26e7eL,
-        0xd811d558ade18237L,0x6e2918ed411b121fL,0xbd9352b93c24a52eL },
-      { 0xe31569ccb811ec4fL,0x3b5b977553f7d097L,0xa0d9ebfd7198e959L,
-        0x63e10ab13f0a942cL,0x65b8b87f8ea55897L,0x935ea3c129aa0212L } },
-    /* 20 << 315 */
-    { { 0xe14dd3708ba8a3dfL,0x49c1fc3750a645b6L,0x3f0db6a32252ff87L,
-        0xea2ac3c4a34ad040L,0x97a37936decf9f0fL,0x810f02326f7f92ffL },
-      { 0xd96c2641184e9c88L,0x08c4cd333d5ab12eL,0xa938d8c3eda80fdfL,
-        0xf2dded68bfccc054L,0x4b3da61ede36ac9cL,0x2c266df8347ef904L } },
-    /* 21 << 315 */
-    { { 0x4653cbfbe3443739L,0x53ea14dd8dd85382L,0x2f6d0513f26ba2fbL,
-        0x374d9bee51269be1L,0xf976cdb243f1f612L,0x68b47bf7b5f171b8L },
-      { 0x726e93dc7095f377L,0xe6f18c57b59fcfb8L,0xffb56a4023d9eb60L,
-        0x678c9508447caf79L,0x4cec83e459740ce0L,0x820ab7eff4d7d58cL } },
-    /* 22 << 315 */
-    { { 0x88eac51c8e376fe4L,0x096e70c49ef465b6L,0xb35265852004969eL,
-        0xbd581669d29cc63dL,0x88094298745b6919L,0x317e386c12e7d67fL },
-      { 0x33848bb2e3d6f4daL,0xbace887f2a0ca785L,0x83b32feb197e67a7L,
-        0x2b58535ade9c851bL,0x3e428b19c38beaa9L,0x784aa3d174f26de1L } },
-    /* 23 << 315 */
-    { { 0x10c5f1e5b292efd6L,0x47d92b88ddc96103L,0xc8743717e5e802e0L,
-        0x47781ba8008dbb2dL,0x7abcd3acf02360fdL,0x673e2b05e9142308L },
-      { 0x501db7c76db93818L,0x285ced71f33dbda3L,0x30aa5fb5cdba4b44L,
-        0x93d536c2df0445b0L,0x28a77bfa10196091L,0x26b9f668e38c4c7fL } },
-    /* 24 << 315 */
-    { { 0x98c3a697c0909659L,0x35c3b0f297d847aeL,0x67d9f71273a7a5a8L,
-        0x28e83651b47bed08L,0xfca9e849567b3410L,0x5fa9a6ded291fe1fL },
-      { 0xd79682421976a995L,0xcff5bb36a0261383L,0x34166ef962e9922bL,
-        0xd816b0342d433139L,0x3b62d3589c4b99c3L,0x8521f917104f7cc4L } },
-    /* 25 << 315 */
-    { { 0xc35a5c7874e09962L,0x1c340269e1690418L,0x2ed61ab4dca0de49L,
-        0x2570d29ede2534ffL,0x9077691bc5143c88L,0xaa249a4a346f3ec1L },
-      { 0x57e4f1e104de76b3L,0x206859c3f415b99dL,0xdac6f415f9a15eb1L,
-        0x2bf456d00a9501bcL,0x1ceb7dc41ef91323L,0x19c1fa8c3cb8afb0L } },
-    /* 26 << 315 */
-    { { 0x7761d8fc6f7b6eafL,0xdc439bfdcc0575e5L,0x33853d91f1ff4383L,
-        0x6da20e4b75dc1254L,0x25a53b581969a1d3L,0xb40df56723311968L },
-      { 0xac150a297dd6aaebL,0xfe6865ce2a3ba337L,0xea05d97cf71013feL,
-        0x0ab3cf008053c65aL,0x7cd38b647bab4869L,0x788cb867204cc6a5L } },
-    /* 27 << 315 */
-    { { 0x253a041e36e88e48L,0x1610f836b86297fdL,0x379d3da109334bb9L,
-        0x62de4308777fa7a9L,0x604a46bd6dfefd1dL,0x9e4740ae314eed76L },
-      { 0x40ec32e12efde5ccL,0xa5b841bdd92c1faeL,0x01852e23dec68e16L,
-        0xc76173b88b55b2c2L,0x4609f350377d5e77L,0xe9c4167ffd67c6b2L } },
-    /* 28 << 315 */
-    { { 0x52732a0a4b0fc112L,0xe654744e9d125dddL,0x9f76cf7e269beee7L,
-        0x2fb8bf32ff80a2f0L,0x1bcef16262b7153bL,0xdedc255a43a4201eL },
-      { 0xb1b30b91acbd8a37L,0x147fae6f240adc8fL,0x5558702cb39bf39bL,
-        0x171e58803e1eb997L,0x095bf301ed7c79b4L,0x29f1dbffeef752f4L } },
-    /* 29 << 315 */
-    { { 0xcbb2506e7535c370L,0x40ee37ec7ab20106L,0x74f502d4caca3675L,
-        0x167e778db57c0364L,0x7726715b13fa3dccL,0x76097791f42e0c3aL },
-      { 0xe1d990c3379dd41aL,0x432454d785c8f5e2L,0x1f90c59562ac45e4L,
-        0x63e156998ffe0c09L,0xc3bb8c29d42bf0a6L,0x027d5a86ecca4cfcL } },
-    /* 30 << 315 */
-    { { 0xaf8ca08b20492da0L,0x37b1fa1547508667L,0xc9fc925b96077958L,
-        0xb78c83c19ecac8b4L,0xd9d953a17c05a67fL,0x970ee229b9ebcaaaL },
-      { 0x689cad7f55dc989eL,0xf02f05bc66c941fcL,0x8d00516281e23d8bL,
-        0xfe603ffc8caebcc3L,0x592860bff303153bL,0x9ec1d5ab3344e524L } },
-    /* 31 << 315 */
-    { { 0x7e374b7b0f922941L,0x44b3f00174466c92L,0xcb3eb28c3c2fe678L,
-        0x91079467bb9bf05bL,0x0d268749de2dcbe3L,0xb6383ba4c5204680L },
-      { 0xd50269f4951d3c71L,0x9209a2d53ffbf2e0L,0x2f6496258110f811L,
-        0x08fc9fbb0b31e275L,0x697960ea1faec287L,0xae95e4a8c5420ad4L } },
-    /* 32 << 315 */
-    { { 0xc20fb9111a42e5e7L,0x075a678b81d12863L,0x12bcbc6a5cc0aa89L,
-        0x5279c6ab4fb9f01eL,0xbc8e178911ae1b89L,0xae74a706c290003cL },
-      { 0x9949d6ec79df3f45L,0xba18e26296c8d37fL,0x68de6ee2dd2275bfL,
-        0xa9e4fff8c419f1d5L,0xbc759ca4a52b5a40L,0xff18cbd863b0996dL } },
-    /* 33 << 315 */
-    { { 0x1304bd65ff0e8fbfL,0xa249adb53343deecL,0x20635fa9826e1293L,
-        0x6283f098b7bddaadL,0x0d0a7820bc96fed6L,0xcd7605d47de0b9bdL },
-      { 0x4f0a9751586f9eb6L,0x2f6dde5556b2521bL,0xb7efccbd76264c6fL,
-        0x7df9cd35b2613621L,0xc334c8f924a2ff4fL,0x914f472a0b13b604L } },
-    /* 34 << 315 */
-    { { 0x89092cbc5f6bb241L,0x8b4dadacca123b83L,0x9ba420eecd2dbaa2L,
-        0xf269d1982dd6ef2fL,0x29f68d03809b338dL,0x18cf8675958ae927L },
-      { 0xc179d4b2bffac33aL,0x5356ffc1522695e1L,0x453474986d039c90L,
-        0xcba0e0fc5a675530L,0xf369b7ab98a0c70cL,0x51f82173d508c254L } },
-    /* 35 << 315 */
-    { { 0x5f98e5aae8490374L,0xdd84a7506ca52a68L,0xb6904ff8a9244f56L,
-        0x4c908c0362a5502fL,0x70ff1e01a8df73b3L,0x573a37f20df382caL },
-      { 0x5df73cf8c7dd1209L,0x965ad402abfbcd79L,0x61a633a59e67af24L,
-        0x0953c83cc64203f7L,0xe14f58f9a1fd8dcdL,0xb5ea722887a5fadeL } },
-    /* 36 << 315 */
-    { { 0x55466aa1d896c2f9L,0xd03ade059831fb31L,0xc46711547d968dfbL,
-        0x8ade0c97bce2fdb9L,0xb408c7457f6d843eL,0xb1bbe028a709cf63L },
-      { 0x1dbd25383ba4fe36L,0x1438d322dc1f2720L,0x1c3c46b9c37694deL,
-        0xe57133dc3997e650L,0x754c171e422b95bcL,0x29c47f0da209c7bbL } },
-    /* 37 << 315 */
-    { { 0xe520480823822d0dL,0x745fe7aae3eab177L,0x6f0f4a7e808500edL,
-        0x9383c632200c2bf0L,0x6f3130d7be22d432L,0xed7713d465511061L },
-      { 0xff84bc04049067acL,0x33c2be61d56210e1L,0x57d63f885ac04f01L,
-        0xc2fbb773284fb49dL,0x46422426e1f349adL,0x3cb627c465863455L } },
-    /* 38 << 315 */
-    { { 0xea06cbe9a1edcfccL,0xb0438e198aff46ecL,0xa93fb88ba450240dL,
-        0xfc4a370021b6b45dL,0x2503aa5d82a21241L,0x7533f1d7f540d3b7L },
-      { 0xd7a58a679277538aL,0x466d981a539c347dL,0x46f1682bf26488c2L,
-        0xee2b4976318282e4L,0x8fe5e5b85a94409dL,0x40ca43a7b1a4fc28L } },
-    /* 39 << 315 */
-    { { 0x0ed4414c901e48d7L,0xdcabb46418340890L,0xd50bf12f20998781L,
-        0x498a90232a596ffdL,0xcc877212b43f456cL,0x98d9d531f796c4fcL },
-      { 0x061e3b31977c11b9L,0xe56bc6f00a00c822L,0x756e62c96887ea43L,
-        0x29129d53859ec944L,0x42342589146c1fbeL,0x2f2cd4bdd1884196L } },
-    /* 40 << 315 */
-    { { 0x3d3815d645d94a24L,0x4cd9fe1139f3e6e2L,0x8c7b8dae8e7eb572L,
-        0x7e69faf40f7deecdL,0x0e54b3c0387e97ddL,0xd12e473175a1b6b1L },
-      { 0xb7163632c664f92aL,0x86ab4ea88d94e55bL,0x37212aef1133dcbdL,
-        0x0c6c7fc6dfc0d47aL,0xacbcb077aa9e1ccaL,0x43cf50a726ef7fb6L } },
-    /* 41 << 315 */
-    { { 0xc0eb003c54d7bac5L,0x89780aea2b770baeL,0x13a194e8076bb29cL,
-        0xb863585046f8aa90L,0x79ebc6066df515f0L,0x25ea422dd1ead000L },
-      { 0x16b03b8106c89b71L,0xa964da878ad9fff7L,0x2c96dc6b2e7b9072L,
-        0xf71788978c93f6bfL,0x4c7ecef912688648L,0xed7b4a577c663be0L } },
-    /* 42 << 315 */
-    { { 0x5b7cdd0ad74a20d2L,0x273184f48bcdd2f5L,0x4d8d3b4ce3ac03f7L,
-        0x0e2ff518a02cc60cL,0x9c006ad8b6fa606fL,0x401606caccf627a0L },
-      { 0xe7429a6f7b967844L,0xe4e5d1c1bc8ac8beL,0xc050f89ff4f46638L,
-        0xd23a3eb452f918c9L,0x4528e4e202944b49L,0xeb345a689268719dL } },
-    /* 43 << 315 */
-    { { 0xf4fbd190ccec4c27L,0x7e042c8722674e8fL,0xbc79835ae8b33439L,
-        0xc7923b8fad2124d1L,0x0ece42272c72542aL,0x02d638e2b9264875L },
-      { 0xbdf9fba1904e7683L,0xcbbc0e0aac934377L,0xea154d99459ec213L,
-        0x87db3f66c3023e2eL,0x7f9262d518de83a8L,0x432fef4f3524400aL } },
-    /* 44 << 315 */
-    { { 0x3b5566d7938a395bL,0x920dc1111f256c82L,0xcee7f231a059c8f8L,
-        0xdc3da434d48b3179L,0xb1e819e913f78de6L,0x94a21bb01f9819deL },
-      { 0x8ef14a96f302a94dL,0x9f897e1a079fff9eL,0xff9a4e0e54122af0L,
-        0xac6a6cbef0b7f1c7L,0xfd15d9756401df3dL,0x500531a323a0b7b6L } },
-    /* 45 << 315 */
-    { { 0x12e22a012da0c724L,0xa0a837f3b80cba90L,0x89df9a3e2a9b5434L,
-        0xf3299f64925840acL,0x0cc78a3a125b3dc1L,0xa4ea6203c723d647L },
-      { 0x5cee8068d369522cL,0x3e479803432d5e87L,0x86e809363ad8126bL,
-        0x93e871c9cf89d85dL,0x892e4710286c9010L,0xa075a6d3ec3a1792L } },
-    /* 46 << 315 */
-    { { 0x095768bc7dfddf6eL,0xc4e331b4e63c4e60L,0x1179808104f28a2aL,
-        0x415e33e1bee48983L,0x7fe8050144af7eb7L,0xdf6c423b2f28fbfdL },
-      { 0xd10886db007a2b56L,0xea578b286613f26dL,0xd18a9d1c2b90a815L,
-        0xd4c6e8b2675c2c8dL,0xff973df5788bf2d6L,0x4fbeb6210d7e611bL } },
-    /* 47 << 315 */
-    { { 0xcfab317671674fa8L,0x78038a1afef7089eL,0x3109736aa27b5b55L,
-        0x1b31325fc0193518L,0x3afd21a8be19b5f0L,0x548196a2d8028eabL },
-      { 0x15b0d6d2a94e6be0L,0x1552ffb67afd5dd6L,0x49b1150d89bed9eeL,
-        0x2c59b0bfb0d1444cL,0xab265d7eb695a900L,0xa24d0788a1dd1ef4L } },
-    /* 48 << 315 */
-    { { 0x4e913e1131e325ccL,0xe92f7c8f2a65fe01L,0x8e61a80d5857aae9L,
-        0x2c36923d53104397L,0x5b0911d6b36d5379L,0x76eb9b56b1207ae0L },
-      { 0xb5cd11646723c4aaL,0xa6bec13b98891a11L,0x09af8be29d806056L,
-        0x7da8d29ecc1fc0e6L,0x231cc00e2aa8791dL,0x2ded362c042171c2L } },
-    /* 49 << 315 */
-    { { 0x26eb2ac96afa51d2L,0x83485eff13c04ce8L,0xdedb48718072d8dcL,
-        0x4da1771d8ac3d411L,0x2d8f99ef849c6c0bL,0xea65f6bc2b5882e4L },
-      { 0x60a90f58fd671216L,0xb9f3e2058af33bedL,0x29c41ec92bf02916L,
-        0xcdf15b1de5ddeae8L,0x67f9ad163109e99dL,0xb9b5585f517d25e1L } },
-    /* 50 << 315 */
-    { { 0xae016b4811b3e20bL,0x5ccf3cf1e5164179L,0x1281ff8efe9fd47cL,
-        0xb85438038e61bdf2L,0x694e42feba5856a0L,0x53f7e09759b32aa1L },
-      { 0x5b9848e9c341a531L,0x9a5fb85025952b73L,0x9d5fe0dea6f82c5eL,
-        0x9216a8ca44090933L,0x3e986d4bc3272875L,0xc20534f8f3512e42L } },
-    /* 51 << 315 */
-    { { 0x718124a1033495a6L,0xc4f28a746834851fL,0x91186d80e1baaa77L,
-        0xca4e13222a761e95L,0x7b6b8322582ddee2L,0x75d396c6c3c70c6bL },
-      { 0x075dcd6b54c75102L,0x3669b97c0b92622cL,0x621154e6f0cd45adL,
-        0x7ff0029ff381a6d3L,0x3d37e750a726f84bL,0xc4f79202874de604L } },
-    /* 52 << 315 */
-    { { 0x215018fdec26297dL,0xaa06fd0bbf35d225L,0xe5fb438cab40bc17L,
-        0x6a0ab335acb7f4c5L,0xbe1f4de4187a8e6cL,0x651deba961f7e842L },
-      { 0x2b30b0046f629aedL,0x63bdbf8e2218f107L,0x21a21aa5f9ca8bbdL,
-        0xa88cd9138304f7e1L,0x23594fc6c5e6f9d4L,0x4d4db41a6682fc06L } },
-    /* 53 << 315 */
-    { { 0xca2317b0428dcb40L,0x9a7bd387288b5eeeL,0xd62da6d0a060584bL,
-        0x601a3d6ce8f10251L,0x65718f0584885319L,0x5a87b1c2a1bc252dL },
-      { 0x27ae8015a37b05d5L,0xa624af9c98394605L,0x988220050ba4565dL,
-        0xb93395c9da2613deL,0xcef9a880edcaa74eL,0x7b2ef0fe0976687eL } },
-    /* 54 << 315 */
-    { { 0x094f20588e5c6b80L,0x6e5a5f52846eabebL,0x9eaef2d7370a9345L,
-        0x12d6f20687c19719L,0x0d2494ab9c44076cL,0x15ccc737de9309a6L },
-      { 0x8eeb8faf94ca6587L,0x7dc9a4fe3fe363f5L,0xf02f6e03b3b08270L,
-        0x31adbe77daf15507L,0xc0fb2814343bb4efL,0x724007519bdc1d91L } },
-    /* 55 << 315 */
-    { { 0xd301525c1677fcb7L,0x11b7141bfb6b0dc1L,0x01f4950eb2163b70L,
-        0x34c758c6ed3c0025L,0xd1b1c7573a5196cbL,0x7926f0a42fa19c66L },
-      { 0x107e5d32b1c47233L,0x0fe50b00cacbdaa0L,0xf45dd7e8e213397aL,
-        0xca6b2de9eaa1db7dL,0xbf234b55dd09c2eeL,0x10db87d1a1db37f3L } },
-    /* 56 << 315 */
-    { { 0xaff57c87de0572ecL,0xc0745250826246c4L,0x523910fc700ef250L,
-        0x8c23aa5793faa067L,0x87f7c7198e7dcf75L,0x45ef4adb46695227L },
-      { 0x0ffe09d196ceb1e0L,0xfb72a05790f3383aL,0x62d26e5e07c220d9L,
-        0x03e19605766b1e64L,0xa774669458c17fb7L,0x9a851d828e7acfa9L } },
-    /* 57 << 315 */
-    { { 0x150e936f4baea8efL,0xeb5328d68239dfe4L,0xe064fd95b5f987adL,
-        0x13d3803d52e7313dL,0x0e9738f5b215317dL,0xb6dd60a7974be106L },
-      { 0x00fa92bd6bac81d0L,0xdee050f9e7cb2338L,0xd7943d4f9075745eL,
-        0x07cc4170819cfd9aL,0x21b7e0b04aef1468L,0xd7520b77aef07b1dL } },
-    /* 58 << 315 */
-    { { 0x126c012681097c49L,0x95339f9475c02669L,0xec3fc15b100115ecL,
-        0xea5c8e9c49fb787eL,0x63168108bd3fbc19L,0xdbf2430541573590L },
-      { 0xcaa3a69686dbc847L,0x2c464fcb70d76739L,0xdd9e0bcd69e2fd74L,
-        0x4ae92cc01652728dL,0xafe3e24812b060cdL,0xf3776c6ff951a38dL } },
-    /* 59 << 315 */
-    { { 0xe4ab1c417af22e76L,0x35a8addf038840dbL,0x95ba3e3dafd0d7b2L,
-        0x2a7bf827f84417a3L,0x0bc177c729bf5a83L,0x29ef7f8bd09905a3L },
-      { 0x1df34fb1385e6c69L,0x079bc0fcf99e0d19L,0xcd2dbbc4f30eb5c7L,
-        0x2d364701afa7447bL,0x3c7bfa087a791ef9L,0xe21508c8e71166d0L } },
-    /* 60 << 315 */
-    { { 0x0b204c9ac746ec60L,0xdd5efe2718b93b24L,0x484474e0ce15332eL,
-        0x690be23d05a308b7L,0xeea3abfcb0f7081aL,0xaff69f36cd8e8720L },
-      { 0x5dadd080d951329cL,0x060c379c8cae67c2L,0x8e284705b20851baL,
-        0xacc8d8a0e5df0e85L,0x8c024e789463544dL,0x15a9a3f08003076cL } },
-    /* 61 << 315 */
-    { { 0x095e284899e0ecb5L,0x61e9d5893415c1bfL,0xb1207d3017f5c585L,
-        0x75f73f1d04e97243L,0x868551aa77bd50d8L,0xd530e0cc197f7d84L },
-      { 0xdd6ab731ea9fb71bL,0x26e5b52e2cf9510cL,0x4fba03ff11a88911L,
-        0x6608b634e921e323L,0x4baf22f836d46a1fL,0xb8bced501bc7ace0L } },
-    /* 62 << 315 */
-    { { 0xaee397fa327d9bbaL,0x9a45e7a2d832e3dbL,0xccb43a730582ae33L,
-        0x457b3271d4093b12L,0x409caea6370bd663L,0xa5019f25657f693aL },
-      { 0x5851c78a16478fe7L,0x5e09ace7ddf17dd5L,0x89ca68da0763656cL,
-        0xb92d3321e2bad2d0L,0xdd5642098422f6bcL,0x4a6ea69946c04923L } },
-    /* 63 << 315 */
-    { { 0x7ba1f48579120405L,0x6c136597898be69cL,0x1e75e1586dcacc38L,
-        0x3d3cb58b65ee4cbeL,0xbccee7a308db0caeL,0xee8bff34e77edfb7L },
-      { 0x123bc3f036f60cf7L,0x3b1dc9e779bb4c78L,0x036a8049fe5f0d85L,
-        0xc4de23d318f66f39L,0x593cf51e3c436c16L,0xd4d40e906769584eL } },
-    /* 64 << 315 */
-    { { 0xf6827150844eefc5L,0x002e82c44515ef68L,0xa46c8f55c51916c4L,
-        0x98c3524b61ee081fL,0x5ab7f2c2ad64872aL,0x0b503ff07e555faaL },
-      { 0x802e0d23b4c58d29L,0x122890402fd917feL,0xb56d19087af20d26L,
-        0x8d619e216be50784L,0x10fdbb721372b851L,0xf2c1673e4935576eL } },
-    /* 0 << 322 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 322 */
-    { { 0xd97a9b1451a135f6L,0x6d16aaf597b4df14L,0xc57160c254818818L,
-        0x4dbdeab61d59be44L,0xb93a9dad81f2b247L,0xe2868cf5ecbcab33L },
-      { 0x5e1ce82883a86711L,0x29a9ca2f29c55428L,0xe716273a2d82b0dfL,
-        0xb017f5f6ac8ff52fL,0x7563e79970ea7ccdL,0x5fedf0a63f0e674bL } },
-    /* 2 << 322 */
-    { { 0xa7f8501488d7b3fbL,0x3b5ec513ec78386eL,0xc6586b8a2ad5053dL,
-        0x88c09a43fbcebe43L,0xde7f2a4a20054f16L,0x63daba80bbbb147fL },
-      { 0x087e48f37d352b55L,0x997e32a08317ab79L,0x8ae802ff7f27cac7L,
-        0xb01a131c37b1f6e1L,0x3f0d4c2e9a6d1deaL,0xe06114fce7ceef80L } },
-    /* 3 << 322 */
-    { { 0x311df84c359590bfL,0xf907d69ddf6ca4b4L,0x876fd36782f22c64L,
-        0x64c4d14d9713e68cL,0xd431858d6b07f539L,0x39dfea3384990283L },
-      { 0x6afb8cf080cf6498L,0x327056bcde060e9eL,0x5103ce4a49a71086L,
-        0xfc94be75cdf853abL,0x2bfb105f8ca579cdL,0x02d19c3a50454b41L } },
-    /* 4 << 322 */
-    { { 0xaa03b474cde121c7L,0x74a648cb55e52c76L,0xb286ef86f37b57bcL,
-        0x95b797eb2a6371d2L,0xa489ef894077ccbdL,0xf46ade048e99ca6dL },
-      { 0x5cf9e23723242d03L,0x33c7d32acb708390L,0x329523b6ba7ba477L,
-        0xd406ab8757de30bfL,0xaa10e4a21536ca01L,0xdcec94f4dfa7aac5L } },
-    /* 5 << 322 */
-    { { 0xb5839fa424700097L,0x82fe2251759eb8beL,0xec5f34bd5f104a39L,
-        0x7f3da509ed1cf49eL,0x62fe425244621c76L,0x2118b68dc7bba926L },
-      { 0xb0ac18009ea4b7e7L,0x33b21ca1fcc83f56L,0x1856161208458096L,
-        0xba0e6aa95650f3feL,0x918d427231006f05L,0x955f3951b1066473L } },
-    /* 6 << 322 */
-    { { 0x0cb41ada3c59ee1fL,0x38b2465861d1633dL,0xde863b47d03e9452L,
-        0x2bfab5b41548d45bL,0x580af6272ccb7528L,0x6744c7cb13c04327L },
-      { 0x5eca3ab339cc5075L,0x51dbfc7b6d243f62L,0xd64d84b7981ee3ceL,
-        0xf639a03db4f2bc63L,0x8a411c36a317a1b6L,0x51edc4c0ed34eb3aL } },
-    /* 7 << 322 */
-    { { 0x01511b8a9d6fce5eL,0xb5c7b33f89a2875cL,0xa88e720e2fd79b67L,
-        0x5337034404229e94L,0x40bb7e7ec94af25cL,0xc11501b99183a7b3L },
-      { 0x29a4d81fcec3cc7bL,0x143976fdd75b8febL,0xac8dad2cfa261ad0L,
-        0xb14793006a2db8a8L,0xd4981293929c4a12L,0x5703506fb6eef856L } },
-    /* 8 << 322 */
-    { { 0x762a5eec1f5a9609L,0xfe4f5f6a765b337fL,0x0fd534aeaa4f964aL,
-        0xcf46648ed6526f01L,0xbc62a54a18d71d72L,0x48d94f2a4f8488eaL },
-      { 0x62c40de7a0c72a86L,0xd73ac51a725dd2efL,0x3a51d7466ab19096L,
-        0xf07bea4b2dd1ad3dL,0x2a0ec4672ef88078L,0x92598cb3664e435dL } },
-    /* 9 << 322 */
-    { { 0xd49f753012fbc44aL,0x769a4fc941c51d91L,0xeb1ed485981fd6a9L,
-        0x90a4b3cad7daf430L,0x4bbffd5c75d07405L,0xd998a096da671888L },
-      { 0x0514ad4b6e10976cL,0x5d40328aab11d9ecL,0x86de976bfa180702L,
-        0x259ca429f6f8a4b7L,0xe08970f05772eb4fL,0xca428fa1b5feb7a7L } },
-    /* 10 << 322 */
-    { { 0x9f3d76ae35af4a88L,0x0b92f48a242af3e6L,0xd4f8a37b7165d261L,
-        0x30e1fa8b2b917832L,0xd26f821f8fdfc06aL,0x75359bcf3669d1a2L },
-      { 0x0ba3bcebb638331aL,0x8d02c0996c73b62bL,0x2a8c078d8c4f63a5L,
-        0x55458ccaa312c282L,0x901ea0ea5eaaad9dL,0x03665da20e39eba1L } },
-    /* 11 << 322 */
-    { { 0x79a30b82da9affceL,0xafb188567204a29dL,0x2e64e6105a8ed24aL,
-        0x6bf3695a9e44aa24L,0xc22320690c77fa6cL,0x20b3c69531524429L },
-      { 0x91e60caad6e0f847L,0xf0fa30c4542d6b57L,0x56a3a66bff98ceffL,
-        0xec44f0b72c9507a2L,0x4ef13008c37e17e4L,0xc819ae81cda21355L } },
-    /* 12 << 322 */
-    { { 0x17c563be1cac0b58L,0x889cfcecb8491347L,0x591d49ac4cd1bfc0L,
-        0xd4465510d4e53d3bL,0xca95ccf6ad079a6eL,0xce391389b5ea6eb4L },
-      { 0x600ccc9ca48b6447L,0x20d0c7dbc20d56a8L,0x5f27edc569c6c6e7L,
-        0xb3fc0f4a586abcdcL,0xdbfdf3f985dbc5b6L,0xfba1cf254ea80fe0L } },
-    /* 13 << 322 */
-    { { 0x38d6267e427a9075L,0xd1df12006d63ea4cL,0x9887a99881407b57L,
-        0x41accae4688e9f0eL,0x33c63c9e10886dc3L,0xf8332ac57574a033L },
-      { 0x7d77d41f4c636d00L,0xf6f4ca28add70d4bL,0xbe496330c0ee111dL,
-        0xa4de7670b74bc69dL,0x683a93d369e5eabdL,0x4c5461c710963bd5L } },
-    /* 14 << 322 */
-    { { 0x9bbc99b59310424cL,0x6f4bce534568e290L,0x21373f5bc1572fd6L,
-        0xe5ecd5b6a28b4394L,0xd56968f646ef7bacL,0xcbce8614726cc043L },
-      { 0xb2fa6101d0a49bd8L,0x65eaa7725a7b41c3L,0x10d7515296e5ae18L,
-        0xec8f4639af389838L,0xac660d81bccaff25L,0x3c546ba931734025L } },
-    /* 15 << 322 */
-    { { 0x81b13d3ee098c584L,0xf8eb4e41fa3460caL,0x1bb889d1f0b905e3L,
-        0xd158ebe939a3faafL,0x7ad0f829cf09735eL,0xc89611963aa8b3beL },
-      { 0x522327781be516cbL,0x9118d851ee88d911L,0x35ad130f0bf2a62cL,
-        0xf35bcf1b39c05087L,0x73b992c3bce42949L,0x93ce50b95b42744dL } },
-    /* 16 << 322 */
-    { { 0xee6e7006b515fff5L,0xaedf6e3913258ed5L,0x373adf7dfc45111bL,
-        0x0c7535b1875c23c8L,0x2a7e04f897039d49L,0xd76787ae9afd1a06L },
-      { 0x049dd38591b6dc89L,0x8f0c8ad0932dab78L,0xdce057b9925498c2L,
-        0x7b9c9bd2da25daa3L,0x6d0b70a3d4decb7dL,0x099a218303df76efL } },
-    /* 17 << 322 */
-    { { 0xbfaf4b848c5520a2L,0x36fa343fc6741e50L,0xadcc36dcbd5211c4L,
-        0x2cae5a8514bf0578L,0x8fee4d403fe4171eL,0x2acd2756624d0daeL },
-      { 0xaf99a323623aa9cbL,0x120cd2038c8191e2L,0x2073e8884068d993L,
-        0x144851ac579bbf88L,0x54d458a4ee29fa34L,0xb7704255e5e5d676L } },
-    /* 18 << 322 */
-    { { 0x02f6e396617dc4bdL,0xbc48c42961497feeL,0xb27487fe0b4d22d7L,
-        0x33d6b1161d0b0aabL,0x5e21cebad31278e5L,0xf7119a50dacd8f27L },
-      { 0xe47eff2cc8ab54acL,0x7c7ccd3bbbe16c9cL,0xc056d817c584bafcL,
-        0x868ead2b97790d9cL,0x8fea6eea1a58126aL,0x67d323640fab2640L } },
-    /* 19 << 322 */
-    { { 0xee1a958ffa14b58eL,0x900644f9760b54e3L,0x97fa6fa451579d09L,
-        0xa7351c3b26e7f95aL,0xc3546595aadfd139L,0x07b7ef48f14f1e6dL },
-      { 0xc8d100ec4d139608L,0xf98609b2d8741228L,0xf0890d9d33030d3eL,
-        0x893b874fe28ed106L,0x5439b7aff7bb558aL,0xe68a3adba71a2261L } },
-    /* 20 << 322 */
-    { { 0xff54e8bc8acd597bL,0xdae781e94682b8c6L,0xb2265bc4ed1fae2dL,
-        0xa5e23c29ea983db1L,0x4af5f55909851454L,0xffe9538836eb4506L },
-      { 0x4c72b2d1c2247b8fL,0xb179573331a67505L,0xb1aa8ad4e19c9c25L,
-        0xb9cfea953e8b8004L,0x07782d788ac747fdL,0xe23e547fce9d9e41L } },
-    /* 21 << 322 */
-    { { 0xbc6b0088fd9e8e72L,0x7e51aa5dc6453462L,0xe8615fb9c8b1725bL,
-        0x031f0d2a5a371c9bL,0xb9db0a647441d8aeL,0x0dd0446e9d5783c5L },
-      { 0xb3b7be2381720779L,0x49a8ecbb6cc5a610L,0x165c626152cd016cL,
-        0x5fcd657da3f6ae6aL,0x30497fbc9f6988dbL,0xd734927936a73fe7L } },
-    /* 22 << 322 */
-    { { 0xb30ddd0e388562b4L,0xc485506b1f61067fL,0xf0da517684947c84L,
-        0x04830cedeb067f33L,0x05084c8262404b76L,0xe7e7efad7996707cL },
-      { 0xc2a6a57fc78b9a7eL,0x4e55fd8c7bfbf308L,0x204e7c44d1386117L,
-        0x979ecd5a4e56595eL,0x3bfc790853707b85L,0x2c3a41c59fcc5b7aL } },
-    /* 23 << 322 */
-    { { 0xcdbfd951ed6e2671L,0xb72c42ee135f6b96L,0x38c8d1ca40bbb789L,
-        0xf6fa984cda03f270L,0x76dc5a19ed88deb9L,0xa8c88f2a9985bcd7L },
-      { 0x2b0d3b66c6628a44L,0xdf679b6a2b311954L,0x30a363c25f851b07L,
-        0x78a5d242aecdb9cdL,0x42d7ca82a968b4e6L,0xb188e99af2efb94fL } },
-    /* 24 << 322 */
-    { { 0x779905b6d8948f95L,0x3c7085b591cd0206L,0xce9af0aa679096dbL,
-        0xfdf04f10f558913cL,0x05300cb06f24a2e2L,0xf9d9a2f25d581b35L },
-      { 0x855c8de96a713751L,0xc9ac24bc0e0c0dfbL,0x67612a4197740d65L,
-        0x7588a52744c9360dL,0x928ac910325cc880L,0xa74abdafacdd3188L } },
-    /* 25 << 322 */
-    { { 0x98d80359e7c5fbc7L,0x6abc82b7047c61d5L,0x8d8f5fbd58f2fd49L,
-        0x321f2426ccb0a4dfL,0x379f10e2e96cac24L,0x34c0444130666763L },
-      { 0x8dd3972043632c61L,0xb2bbe2eec19f98eeL,0x00d5a467c464dfa3L,
-        0xa44ceb19a85b6fecL,0x88bf80ddc9b1fa77L,0x7e5123c8e6dda98fL } },
-    /* 26 << 322 */
-    { { 0xf73ad540b75a6b88L,0x57bcf1cc08487cc1L,0x00358de735cd0c27L,
-        0x86d469a2573df808L,0x4884cd5684716abfL,0x0157687fa7da61d7L },
-      { 0x8efd8acda732c2cfL,0xb6c9bf7198677236L,0x3d1f01826d46c473L,
-        0xafa65fd82f497476L,0x535ee757e54f17daL,0x432b5878fe7aaef6L } },
-    /* 27 << 322 */
-    { { 0xf091c4ff3370e118L,0xabf011ee118d4b8eL,0xb489c4b7a13c7279L,
-        0xc2dd44e93bfb19feL,0x10b68e92c5d859dcL,0x57935fc39249205eL },
-      { 0xb97e63b06c929bf4L,0x98cb08a739a25097L,0xb13f17c15eeedf15L,
-        0x1e27a85c240884feL,0xda1515ad9b601298L,0xe01251fd4ce36c3eL } },
-    /* 28 << 322 */
-    { { 0x3774af36ba6aca8aL,0x562fcfb1340e6a03L,0xde45205ec1187539L,
-        0xf3b114418799c22eL,0xfd53f681e8b0842eL,0x45a0039066d36d64L },
-      { 0xa2c3391d353eb1e7L,0xf9d9fcc55840eddaL,0x4df1fa4a6ab8ab4aL,
-        0x2b0cd34bd841a623L,0x52441d79b10b189aL,0xfd86d3c2fa025da7L } },
-    /* 29 << 322 */
-    { { 0xe28f3bab5872204bL,0x6f87cbaf0ba35c66L,0x783e85c03d877c60L,
-        0x376e5e2df132df52L,0x213d53a9bc2cd6faL,0x2e2a573008a13174L },
-      { 0xc0988fa9ba15290fL,0x51d81b9485456f81L,0xfe371f32a0ef5b80L,
-        0x9aca060ff129171bL,0x0b02b39e0e402e65L,0x8e6bce1eae9c209cL } },
-    /* 30 << 322 */
-    { { 0xb0cb0f0c532f78c8L,0x83113e752d133635L,0x3f64aad5123dc64bL,
-        0x4d3201c85aee8c59L,0x265905dbe75e8642L,0x9d1d277805f9a759L },
-      { 0x84778aead9e2a07eL,0xc747cc3a9c0aed31L,0x10d1b4e87af2dc61L,
-        0xf58a6bd8af0bf23cL,0x83836c2352e1ee75L,0x88c4d1c6d899062dL } },
-    /* 31 << 322 */
-    { { 0x27eb26a3f3842d98L,0x90f712b69da68159L,0xd11177052676f05bL,
-        0xdf603446073bf994L,0x28ad2b498bfcbb7cL,0x6916c6e2e5e1266cL },
-      { 0x37d516996e98d62bL,0x155d8ef749634968L,0x0676ea286a1b2222L,
-        0x1dc3f8d71566cb3bL,0x95fb3f177dc6aecbL,0x092f4c8120807b13L } },
-    /* 32 << 322 */
-    { { 0x3c6c5618b9d926c2L,0x7e14c3ae4a9099f9L,0xb3259c90ae2fb830L,
-        0xf7cc6e43ec31a504L,0x83bb13c6126230bdL,0x5a1f4313ff1dae3aL },
-      { 0x0cc6c1a549b0b65bL,0x67fa836a274a84c2L,0xd454c75fe604a58dL,
-        0xceadfd912491f872L,0x6c5575da9ce116a5L,0xfaa4903fb24a4481L } },
-    /* 33 << 322 */
-    { { 0xc9ade1497c4579f8L,0xdad7eff3be316db0L,0x4ff3abc613fce23dL,
-        0x09103a75da708e56L,0x4cf139fa8ab52827L,0x0f82219b8f251a68L },
-      { 0xd19719c7dea33388L,0xa482548423085413L,0xbb63cb43f8eb4b18L,
-        0xeec33735f3b88079L,0xee79d331de3ddb97L,0x56fc93090e5acf8aL } },
-    /* 34 << 322 */
-    { { 0x951a780bcef9c5bbL,0xc37d442ddb35bf11L,0x8e2a0e7d64a776b0L,
-        0xbf461becc652cf34L,0x3970eb603194f918L,0x2768daedb3bda869L },
-      { 0x8e81257557b24bf2L,0xae05e2db38dd69cbL,0x0adab288cee2f522L,
-        0xc7a0e1f148234f13L,0x285f6ee36728c9e9L,0xb9ae7b9fc4541e19L } },
-    /* 35 << 322 */
-    { { 0xfd90c5c1f6422b56L,0xd9fc8cce4dfdb947L,0xf3566dc4d088588eL,
-        0x25dd9e27f22682e6L,0xb077392119b0a532L,0x54da228c0d05a9f9L },
-      { 0x0f7fda40986f60d4L,0xb6dafff6c9b112feL,0x7eb99e1a4abfdfcaL,
-        0xed499eb9389611caL,0xf230d6d6f251477bL,0xc09d328c227ecc92L } },
-    /* 36 << 322 */
-    { { 0x9b21ef6c16cdcfeaL,0x233be0c3694edecfL,0x110243df7c49c931L,
-        0x03a59a2ea3113ed1L,0x6470f721023c9a77L,0x7d1640c88e9ff099L },
-      { 0xc21488316f2c7b37L,0x9e1c9e1dac6eebc7L,0x6af65a671109ca9cL,
-        0x8379fdd9cc6f80d9L,0x33f74ade7e666a4fL,0x07ac728b7be081a5L } },
-    /* 37 << 322 */
-    { { 0xa3df31a312354705L,0xffc8fdfc1aec1bd7L,0xd9dd39c112cc342cL,
-        0x8077a57e37bf43fcL,0x0f037ce49cb8751eL,0x5740f6b5b805b530L },
-      { 0xd26422704e2b5b93L,0x114bb1f02dc158efL,0x71881767a9bec3d1L,
-        0x1174386d266d95cfL,0xa373d7ea7cdd4461L,0xaf4f7b40d814a33eL } },
-    /* 38 << 322 */
-    { { 0x0db94a18f79761beL,0x263e2acb5717b98cL,0x78c28d8182567b0eL,
-        0xce1b366b893c35b4L,0x1e20b1bc0d6907a7L,0xd6f123474b973588L },
-      { 0xfb945471f717e91bL,0xef85653cb027bd4dL,0x048e9e1df07dc0e1L,
-        0xc494aa9cc163b83dL,0xfaec72d3021b4fa5L,0x5c63c30fc9869fe6L } },
-    /* 39 << 322 */
-    { { 0x2dfa058d510d8d86L,0x772fad416a89aa0cL,0xdf55d15cd586f23dL,
-        0x7d96b7a989b604f6L,0x352fe049a38d821bL,0xfc56b8df4fbb5795L },
-      { 0x264122b4b3d5dd0bL,0x89317f4a980177d9L,0xc060ab4a13e2aeecL,
-        0xc2676725e2cafc87L,0x78863cf45eb1df3cL,0x2e1572dc0ab1a715L } },
-    /* 40 << 322 */
-    { { 0x7a8a898d5a4703aaL,0xc59933ea1cd6f9d6L,0x703265f5d28124cdL,
-        0xe1c1bee10178d1feL,0x9ff31cd4241262e9L,0x9174a939a3c9f80fL },
-      { 0x0f7a3d2dbc2a62eeL,0x0454051c62f1b3acL,0x83502c9ea2421254L,
-        0xb4fa51fcb684199bL,0x257e9e2bc5e36a44L,0x14efeed597d8647fL } },
-    /* 41 << 322 */
-    { { 0x09bddbc28f2b12baL,0x8af83a779b7f1c14L,0x88f9b4d3bcc934bbL,
-        0x8d8312df8d072340L,0x2ee105bc615989dcL,0x6044fa00de3bab08L },
-      { 0x98c499d603cc86ffL,0xf0b48aa7c5068033L,0xdaa536d2c96606d8L,
-        0xef905aa2bc6a843eL,0xb6f108ee8ac620ecL,0x0dec7dfbb6dd66f9L } },
-    /* 42 << 322 */
-    { { 0xb9157d4ab0fe18a8L,0x139bbcbc68cc7a70L,0xd546a06d7dea2914L,
-        0x8db142d4a01cc59aL,0x127ce2d9aa09fcdfL,0x3950a5a63bfef8deL },
-      { 0xf41ef6d42527522aL,0x4b4e6f107e6fb19cL,0x2a2735d1345788c5L,
-        0x87963e1ee72a7ae3L,0xb58d8934fc443360L,0x93552692b16b6f2eL } },
-    /* 43 << 322 */
-    { { 0x70591a849518f0c7L,0x5c282b6fc67c438fL,0xdbf61b6b100facc1L,
-        0x3c5d969f2bf2a5beL,0xe1a0c6cbab980c70L,0x70f4981c680619fdL },
-      { 0xc6905d7cc65be256L,0xde3340fbb5c27acdL,0x17be9d182c1b3fbcL,
-        0xd584e4f96fb00b1dL,0xac5dc14eb819646fL,0xf5c3279a3242935bL } },
-    /* 44 << 322 */
-    { { 0xfdb13b31be970ebaL,0x119b1c08b0bfadc2L,0xed62f35e21875542L,
-        0x73c8f9b0349a6d12L,0x8c35d8f8bd1622c0L,0x501b9d288b6521a0L },
-      { 0x377f8fa1c918b2d5L,0xe2a9580cd0239ef9L,0xee24f4f0371d7bebL,
-        0x4cc697a669231b47L,0xa55193c8dc4c5a07L,0xd4e51e1db0ab8507L } },
-    /* 45 << 322 */
-    { { 0xcb811c27265f267fL,0xb85593aa9e2688f4L,0x57a1969dd76bf364L,
-        0xc29946c9014483a2L,0x5bdd72490915bddeL,0xba6d13ff22746ae4L },
-      { 0x524121e0d25f6b7bL,0x9011309e0d68a3f9L,0xf25e89ccdb91c66cL,
-        0xae79cad781df593aL,0xef8c6bec4f103231L,0x832659c3e038f02eL } },
-    /* 46 << 322 */
-    { { 0xd58eeece37761959L,0xba6d8ab5b328f084L,0x3911e6ae324a6706L,
-        0x299921c8ad139296L,0xb81a3fe4f6b8d9e1L,0x2680c46f5ef06a6cL },
-      { 0xab9cdf368611d63cL,0x6c9fa5b3cc0a5da8L,0x712356a3da4d4412L,
-        0xc1707a10cd3f550dL,0x5c25b2f3ce468303L,0xe4be20bffa546b6aL } },
-    /* 47 << 322 */
-    { { 0x797a2919515ee1dfL,0x65dd5991119dc9d3L,0x82e8201b41e4c5ffL,
-        0xd27b35130d3dd45aL,0x9ba590c5b13b2dd7L,0x0f15b35282992935L },
-      { 0xef39971e227e4e46L,0xb74c524b2786fd6dL,0xe09c28ec71b1579eL,
-        0x0d1418e285f6a935L,0x173265448719fbe7L,0xfe3b1d831200b35dL } },
-    /* 48 << 322 */
-    { { 0x6e96a8195cecb21fL,0x3a58d8b2d8beecaeL,0x93c3cbb0c0c715a8L,
-        0xfb06f977541759b7L,0xf25ba095771c3d2cL,0x7560446ea3bfd322L },
-      { 0x7cd99f35a015cb4fL,0xa0e541960786f235L,0x0f868f768b8e291aL,
-        0xc8260b0b2f95050bL,0xaf38376ef4c0a462L,0x2b3c0f3b98a3395dL } },
-    /* 49 << 322 */
-    { { 0x99d4529efed6a724L,0xc6f1b084071d8d31L,0x6c48062ba097da1fL,
-        0x1dd10493301c1d74L,0x5288f194f554cbccL,0x77b1b81f39dd42c7L },
-      { 0xeb1f2d53a007a6d8L,0x43bed54e05648d75L,0x1a85326f29801a1eL,
-        0xcb9a91a4f564d78aL,0x4f38fc7893f071deL,0x920117d8aeeeb5adL } },
-    /* 50 << 322 */
-    { { 0x709b5904b35cba78L,0xef0c321021b11d3dL,0x38f07eec46844b18L,
-        0x2e79f99934870a55L,0x9e9df80400d7b924L,0x857a95625cafba4bL },
-      { 0xef8ab68f4adfea6fL,0x4a83bfc16ea764e1L,0x21f4c75475e8d874L,
-        0xa3597f526ecdf5d1L,0x9d3a4766eff2e1e6L,0x9872db39e5e6ae81L } },
-    /* 51 << 322 */
-    { { 0x42d9f39e99bb9a10L,0xe617263ce35e4852L,0xb3f8ace1a06b71d0L,
-        0x861520de6419d9d1L,0xc2c521cf37b1fe38L,0xd537001b9edf9936L },
-      { 0x92614b9f39af94e7L,0xd2003f2e25286664L,0x249d04aeb836d4b1L,
-        0x3c6c192ab26df88cL,0x6e0b25442c72ec0eL,0x69d7f6d7497f03dcL } },
-    /* 52 << 322 */
-    { { 0xbb5a95f6293cc00fL,0xb202a82a65fb729eL,0x819c26aa12e35774L,
-        0x70cd5237c2b3f0b2L,0xa752224a89b2c5ccL,0x71c09cbd0ec89df5L },
-      { 0xb849e352bab45d24L,0x290f0307d313f461L,0xf083031cee885e9dL,
-        0xdf42a973a60bf2faL,0xe39f2118d4842999L,0x8b54cf1d0508febeL } },
-    /* 53 << 322 */
-    { { 0x8942b4df0d846a3cL,0x18db708662b6605cL,0x6549e019fafa6508L,
-        0x85d97fce43ef9443L,0xe9f13da373485de4L,0x5743297bb0f46e8dL },
-      { 0xc52781bb70908255L,0xcd88a48a6bc6e666L,0xf857caa5eb4f54d1L,
-        0x32dc925320974dfaL,0x6dc79fad965146e6L,0x24e3a8d2edc1f747L } },
-    /* 54 << 322 */
-    { { 0x1993fa650e81671fL,0xc6acd9f3dd1a1e4fL,0x227edd1a7bf36f1cL,
-        0x4ad2478370867ca3L,0xed0254f758b9a7c2L,0x63fe279a7013a5a4L },
-      { 0xa65787ee232e6a88L,0x5faceda487161d5cL,0x36e351b603d64c37L,
-        0xaa265f1de9e30871L,0xbf3432f521e6f66bL,0x69d68c068621289dL } },
-    /* 55 << 322 */
-    { { 0xd2bd143ea0807eeaL,0x474ad99582568efeL,0x0fcd6bba7d482c5fL,
-        0xf83e6f15e2628f4eL,0x314508252210e41cL,0x8f0a9402f47de776L },
-      { 0x7f20bc562ee4d1e0L,0xed4157de791aa7a7L,0xbe443399be2dee9aL,
-        0xb461643371625f13L,0x1be21ba8771f55c6L,0x04b3035a300fc187L } },
-    /* 56 << 322 */
-    { { 0x0952b888b9d0bdf0L,0x3973763c8ce32fb7L,0x221f0ba56dd860c7L,
-        0xbb7a27feb16ac501L,0xf113b194bc8fe58fL,0x18f3297a65839ffbL },
-      { 0xa2d4eb7c8dc30003L,0x3fb4b4878e334479L,0xa4f32c651a8310e3L,
-        0x944cd644f78f46acL,0x14e40c4af96fb91fL,0xc31402bd4ddf6e72L } },
-    /* 57 << 322 */
-    { { 0x9eb2c9e51ff0ab88L,0x0a29fc0695cc3436L,0x3f4b4ebdbd298127L,
-        0xeb8ad8b52ef56848L,0x6159700f5b211ff6L,0x8fb98f2fc3a67bc0L },
-      { 0x5c5998ffbd195b66L,0xea99d6767e44a64bL,0x314316e4bafd1471L,
-        0xb5f48757cc8c0e77L,0x922a91d15b259ac8L,0x2458279cf9fc4e4eL } },
-    /* 58 << 322 */
-    { { 0x945c5a3c6aac3e97L,0x5cbdfad9a266ad50L,0xa3e38114fe59f5ceL,
-        0x1ca1cfdace3ae206L,0xbe1f15e12a84cfdcL,0x682514726a12ec3fL },
-      { 0x48409f871f57341aL,0x632c369e8461bf7fL,0x1c96fc87d8865ed4L,
-        0x1727934ae1ffc51aL,0xa60f0ebb6d71f51dL,0xb6c354052e411888L } },
-    /* 59 << 322 */
-    { { 0xc7b3d3bb72a77726L,0x04b9bdfbbdb03d78L,0xdbdbaa7e2fe88db4L,
-        0xc5848e58564710b6L,0x7bbd84863ec55713L,0x1b5aea5670183191L },
-      { 0x95d91bb25340d9b7L,0x9a1462e4187a3252L,0x5cee9b8cec352fedL,
-        0x7db8350137049284L,0xa1d2822cd3b714f3L,0xe4cf6d53c2e51da6L } },
-    /* 60 << 322 */
-    { { 0xdb2a2ac9a63f6f62L,0x4c0d2da695f20639L,0xa485a6adb475e177L,
-        0xf6dad8b5aa93055fL,0xafcc1e954974bc52L,0x6686940224fcf32fL },
-      { 0x10c138bfc103b013L,0xe74ea82bc6faba1bL,0xddb399c581824de5L,
-        0xae797b70cdaad079L,0xc648e7ad6ea955e2L,0xd07c5c919be79db6L } },
-    /* 61 << 322 */
-    { { 0xf4b7a33b39d93befL,0x4be176f9659da9f0L,0xbf57d975f36642cdL,
-        0xe10b452d16d5528cL,0x7c062421a6bdd74bL,0xc093e346e7aa1d9eL },
-      { 0xb7cc38cc2f5c19ddL,0x9fc7f69b230c8790L,0x9b667acd5e3c5282L,
-        0x1cade31144cd22ebL,0x53a0d702bb43a1e4L,0xb25868777906519eL } },
-    /* 62 << 322 */
-    { { 0x46e2415deb5003acL,0x05aee8855e8a6a0aL,0xbda9f162bbaf343dL,
-        0x658b350b21853341L,0xaf6b4948ced47246L,0x1d454740723cd3bfL },
-      { 0xc4b7ce3fe1aaef54L,0x619420daa35c9e24L,0x65d455b14eb7a52cL,
-        0x2f9b700a4c961515L,0xa5b7b962d3aed448L,0x4e32a6d937851d3fL } },
-    /* 63 << 322 */
-    { { 0x2c4c1b2ed00f8cb9L,0xbf83ba500fd305aeL,0xb75bcf9f801a8e64L,
-        0xd8ab465ccba76b29L,0xf5a2bcd74ea718f4L,0x81501d563b592ae0L },
-      { 0x9734e4e26ae6bac5L,0xc4860b0eee304e5eL,0x8bd59b7b1d59f1acL,
-        0x7c9497e8e799594dL,0x4bc6634c08292918L,0xc45583aa92619229L } },
-    /* 64 << 322 */
-    { { 0xc5ad791eb45a8002L,0x4a23fd68ba2d7a40L,0x673b9e4998544bc4L,
-        0x934d8f55d273c360L,0x7fb48d0768a75a8cL,0x2e6201055e0fac97L },
-      { 0xbe01655ff10ed580L,0xd21d52ae9e96731fL,0x74f830de53325138L,
-        0xa7240331de9f3fc5L,0x96b25206a7e01fa5L,0x3fcfedee07eda4b4L } },
-    /* 0 << 329 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 329 */
-    { { 0x3e6e93818d5c039fL,0x809494228a8d2cc9L,0xf2d7c8b4b843ec06L,
-        0x0055d882af8a23f1L,0xe848010ed3792335L,0x9b41a55f55e08e74L },
-      { 0x956ea8e95de83059L,0xf159a9973263678eL,0x5f7b9271cca1b548L,
-        0xd41d2281f1d0b7f1L,0xb187047b5c9963fbL,0x213ff6af02536cd8L } },
-    /* 2 << 329 */
-    { { 0xe51a95700d0fa76cL,0x67c7890e4d2e9c8eL,0xc6160fa2f974d2cbL,
-        0xe00474f74c6a78deL,0xee916e510ac89d11L,0x1adad97af826f133L },
-      { 0x3fc65d3f8d2d77f3L,0xda9420750ba6c300L,0x5237a82e0b9196b1L,
-        0x4975e680a572b6f5L,0x41ea8b92b9bed2bcL,0xbe0ad7109826825eL } },
-    /* 3 << 329 */
-    { { 0x06f721d30a9ec81fL,0xf0359222034f3e78L,0xc5ca6b7a5a44ffd9L,
-        0xc53e328915764390L,0x7f16917459747d7dL,0xc3a9981461f79122L },
-      { 0x099f4e3a97aa46f7L,0xcb0570c9d70458a6L,0x270a43576b72f327L,
-        0x9d6bb26cc33695bdL,0x60f9202126224902L,0x8eb0e108e1b0a51fL } },
-    /* 4 << 329 */
-    { { 0x8a390dca9fcaba39L,0x3879f0b4278d22b3L,0x77bbea69bc5e82f1L,
-        0x71f02e2d4628d6f1L,0x6260790cf968e240L,0x1c7f3df5665270eeL },
-      { 0x336395451a87b1c8L,0x2011fd214ffd9fb8L,0x69060f867807ed55L,
-        0x1b0ac0119dfa452cL,0xbbdb25fe06d27c0dL,0x5c25d23aa60ef90cL } },
-    /* 5 << 329 */
-    { { 0xc08dc153d9f75d6bL,0x5c1f07e7a0330237L,0xb3e6fb677d67a5c9L,
-        0xca949ed098f9faddL,0x48b16b2dd7720835L,0xfdb1b735fee4d341L },
-      { 0x1a6b37b1debf3207L,0x5b3eeb1e3218c63aL,0xc19b57b504c23b30L,
-        0x178bd3bb40669e2dL,0x74e57b26fb6b162cL,0xc3626931a0932b58L } },
-    /* 6 << 329 */
-    { { 0xd3eb69e4734b2e9cL,0x1c2754e2c35ff1b3L,0xa26681e69f3e8c51L,
-        0x7892ad11a2cae737L,0x88b1da43cbd8bda6L,0x8a576942419d21c4L },
-      { 0x7c124343c90f4545L,0xa5a8d93b26453baeL,0x9a4c08fd76ae72e8L,
-        0xa08b82d97b064e94L,0x4f803ba083725330L,0x33672455865235f3L } },
-    /* 7 << 329 */
-    { { 0xf7a5e2f0a51e695fL,0x3099bf9484adf10bL,0xb2a03c0f22a3ff04L,
-        0x30303a910acec674L,0xaccb2f3ca59522f8L,0x00ff4d88f273ba94L },
-      { 0xf0056b4210e735ebL,0x3337279a7786e93bL,0xfecc77c44bb3c31dL,
-        0x3385bf5be0e26a05L,0xa9454ab85f45fcbfL,0x41a4158346edb553L } },
-    /* 8 << 329 */
-    { { 0x1877dfd0c8110f1fL,0xea88f59d18db27c2L,0x9d089536c78e295eL,
-        0xcbb5d55374a04cc5L,0xe3666006827f75edL,0x8557b81a61e7378cL },
-      { 0x74170170ed223f48L,0x84197a6ed86ee829L,0xd75a30f8ac1c4a0fL,
-        0xd7e7be0d3cd92824L,0x5ea0abdb1b5e86d4L,0x41146ae1b3b615efL } },
-    /* 9 << 329 */
-    { { 0x6d340fd3fabd376bL,0xb5066b1ccc169cb3L,0xa4148142d20ef8f1L,
-        0x0c5d66fb461544d0L,0x84c7a232d67043d2L,0x4c0e77867e609af4L },
-      { 0xb1e83f1af4619e4eL,0x40fca1a0b225d174L,0x39bb3a882e42fa4dL,
-        0x04dfe833d2682205L,0x49016d9d685296f8L,0x2da587198b735155L } },
-    /* 10 << 329 */
-    { { 0x570deceb1ae5e9daL,0x5c079c70b73ead01L,0x522a30a6d2ce6639L,
-        0x71dc5c3ff4056ac9L,0xd93c7a2dbaac149fL,0x5c3298b8f1844cebL },
-      { 0x282adf408c23c0dcL,0xbe4981899b646f86L,0xe77c1950628da9e5L,
-        0x38cc27baa1fd5a18L,0xb5579728aacdca52L,0x8d34fdb4c8e1ecbdL } },
-    /* 11 << 329 */
-    { { 0x563e0b8a7a7fa597L,0x6697c375bb7dd079L,0x95758ff6c6233951L,
-        0xca07993fa2059c40L,0xc3065507ce2aaefcL,0x9faed33c6ea927d5L },
-      { 0x0f8b48241207247eL,0x0044f6115eb2263aL,0xd7c9ce7c851596fcL,
-        0x54729d523c69d424L,0x42cbdcca45876770L,0xc1e0e6ceeff2adcbL } },
-    /* 12 << 329 */
-    { { 0x323f2102adea7d6aL,0x035b354eb694b253L,0x66dc4e4a5b8a36c2L,
-        0xb609222471795ca4L,0xd8c6d7eed300d80fL,0xf31f258db3b94954L },
-      { 0x0f2eb679277ced5bL,0x0b16efa3eba40e3fL,0x400035070dca4f36L,
-        0xd34c91cb59a9a3a1L,0x5e8fea3286da6408L,0xf237959f03f31728L } },
-    /* 13 << 329 */
-    { { 0x1d3173653412e8d3L,0x1d14cd1b09695abbL,0x9044adf2a2cda00cL,
-        0x60a6ccd60b7ba011L,0x614b100417284b46L,0xfb3d84b9cf840203L },
-      { 0xd65b3566532b068dL,0xc8c03996c2465150L,0xc9035c2df71c35f4L,
-        0x350231a752222e21L,0x59440020451935b1L,0xd723a55cccfdd206L } },
-    /* 14 << 329 */
-    { { 0x1b5bc630bbaaedc6L,0xe7d25088b49cbb3bL,0x5622cbf70deb8cf0L,
-        0x3b20803cd309c3baL,0x64c2e7deff45e2fcL,0xfa730ffb9aab84a5L },
-      { 0xba83cc514edfb52eL,0xe05c0140748bbd69L,0x27bbb5f52254ec43L,
-        0xca740989324c8c40L,0xa21488b1d26491b4L,0xe2753a1f69d8626bL } },
-    /* 15 << 329 */
-    { { 0xea04908f64dab001L,0x8ea1f127b4debb2eL,0x87adb69534f155a0L,
-        0x41595cfcca8afe0bL,0xffef042f8763ba08L,0xb7b4865decd3e667L },
-      { 0x2c46c97070c4c8a3L,0x1ab18c080403d206L,0x08b2d3c94b3df379L,
-        0xc6a4c268a87a7166L,0x449bc61f5323b1f0L,0x8d4b7ced489ada74L } },
-    /* 16 << 329 */
-    { { 0x618ca06b8956146cL,0xd51f1e6f552cdecfL,0x981372cca3b6ce7dL,
-        0xb44a68ee5f14bb57L,0xfc1167e96373abbbL,0x3d621f8b767d4c0aL },
-      { 0xc6dcdfebf6ecc778L,0xddda926282d1fbddL,0x477501aabfcbf2f7L,
-        0x0be7228a67aa8277L,0x5de7b8331daab9cdL,0xb88a4f9a262feb4aL } },
-    /* 17 << 329 */
-    { { 0x203a666c608fea53L,0xbf71f8fde8979c08L,0x3bd58feba22a3d2cL,
-        0x596bfcf521f178a1L,0x6f207d89f84beffcL,0x8a7c6dbb18097607L },
-      { 0x208f5e64a1c5c927L,0xd7d0e33478dc83c3L,0x5e9397261d4e30f5L,
-        0xf3877242fa09a36cL,0x68e4338ae6a7b0feL,0xcf8cd131ac47b369L } },
-    /* 18 << 329 */
-    { { 0x28f18586936fb33fL,0x9809b2ab381bf7bbL,0xf6e16931eac3c252L,
-        0x366d18335e151187L,0xe5b4c2357a3b6460L,0x693a9fa50a68bc91L },
-      { 0xa35f104a6a7f8b6eL,0x3e5d6981688676c4L,0xc0c081b10651a609L,
-        0x6df5da2dd77057c9L,0x8bb271bbc4602847L,0x322547b3c4bd07d8L } },
-    /* 19 << 329 */
-    { { 0x9b56b9444deb8158L,0x5f4b15a6da5eb70fL,0x120afa9514cb0126L,
-        0x01f6d00d6bdd0d78L,0x73dd7c5c463b1ce6L,0xc770cf35df00a133L },
-      { 0xb5db93a1247ff879L,0x1c12f3f0c70ecea1L,0x10168c4e5b59cc9cL,
-        0x1e9e0f8a0e19efe5L,0x43987dc1cfd44b62L,0xb1d265c204814e2dL } },
-    /* 20 << 329 */
-    { { 0x8c283529233d39e4L,0x96300796c6092096L,0x2c549de55dde766cL,
-        0x27e0b444b4151002L,0x802e5fc3f2f88f1bL,0x2af579c28ba1956dL },
-      { 0x52edd04ed68196c7L,0x2e22e71474a202b0L,0x338948248bf66459L,
-        0x8f0d8c259e39df55L,0xee4f109e6c5276d9L,0xc0c893f0c5dc0bf0L } },
-    /* 21 << 329 */
-    { { 0xa3081bc75b3f17e5L,0x299e7a0222e46b9dL,0x36184c98a9afa278L,
-        0xee2043319095a8a1L,0xf5e54622cd5ac080L,0x08d649013fa844a4L },
-      { 0xb20ddfc6d7fbb42bL,0x15130bdbd868a81eL,0x25e5fd2f32ff1a03L,
-        0x907e3c01ca5288d3L,0x2f2f7496a1f6f96cL,0x831feefd38ab83d9L } },
-    /* 22 << 329 */
-    { { 0x06054c76f8482849L,0xc24b4a6a5fcca65dL,0x71c27e01a17ebda3L,
-        0x1ffce0281be9dfb8L,0x3784c950ebc43854L,0xcf0ecc2dd5086510L },
-      { 0x86d0fc3cbe24d8ebL,0x5bad01911f21788eL,0xe2c3bcb9c49b3a12L,
-        0x66f82433f7d5992dL,0xf7cc5eb913969246L,0xe52defd48660a6daL } },
-    /* 23 << 329 */
-    { { 0xd6d6a42b102490deL,0x9e6532acf40d27d7L,0xcd1591cdf2a08bbeL,
-        0x973e09f234eb47ccL,0xb3a5915add4fa316L,0xb36ca6ceac38218dL },
-      { 0x73d370b3e58a0cafL,0xbc8fd39f07766be2L,0x3d5d9ef7c2ea7997L,
-        0x22877500bbfcc1a7L,0xc54d0c6406e0547aL,0xf7bc1d2d564e9ef1L } },
-    /* 24 << 329 */
-    { { 0x7a9623b653fd1a04L,0x13bd35bf3a3b8500L,0xf8a5dec9e0f8e530L,
-        0x88bcbe291d65dcd4L,0x09fe38036739541cL,0xebd04b7fe716a97aL },
-      { 0xbd8e34df1e5ef7cbL,0xddfc4243d7c4fd6cL,0x0183d9053519411fL,
-        0x63450996f7a3c483L,0x18283cea01355739L,0x8c1d72cf9aaa72f7L } },
-    /* 25 << 329 */
-    { { 0xffcd4b6f9be9ff57L,0x0bff01bb939327efL,0xde596626b5ed90e3L,
-        0xc07464ff4379e17cL,0xefd3e2c470d31340L,0x78b2192f4e7df61bL },
-      { 0x7cfe28def3faf2fcL,0xd2d1a994dd642f87L,0xa5d4fb1410b3377eL,
-        0x2cb4978ead6fa00aL,0x5b6fe7a765fb3688L,0xc26c1b3336d5acdeL } },
-    /* 26 << 329 */
-    { { 0x551e1b4e8dc72468L,0x8a926cb2a7b2f1acL,0xb873e83b0fd12fadL,
-        0xb6cde14fa4e7fb13L,0x81ae41415befc256L,0xffb0c636b4c7631cL },
-      { 0x80f1408f8a2478feL,0xde6d051d44fa7605L,0x5a15b1f84d44a1e4L,
-        0x1a0031c5a0daafe3L,0x304338dd597652a7L,0x6830dcc7f257f17aL } },
-    /* 27 << 329 */
-    { { 0x62fae4072fdc8ea4L,0xff77522fcbe76ee3L,0x5fa03a454fd2bae6L,
-        0x774c635e8dc90431L,0x718081b62ddc4376L,0xf4901a2c03e7aec7L },
-      { 0x5339a3109eb023d7L,0x15dd4f96366e35f7L,0x1f802d4a0e2d2e95L,
-        0x8e5e9cb2fe1b1226L,0x175806f623a0de5cL,0x115a97db068c7bbdL } },
-    /* 28 << 329 */
-    { { 0x4a67ec76193aabbcL,0x3da6dec6d74761f9L,0x751720c90b35bb70L,
-        0xe5e049058d9e0f8bL,0x3cd37c840858f29cL,0x7ff1abfbb881733eL },
-      { 0xa0c2698b0c4f7694L,0xc736419296b95e4eL,0xcfa55c5537ece651L,
-        0xa2bbd6ae7cb1e9e1L,0xcd2292b9a0eb0e8aL,0x8aba99e18d5030d0L } },
-    /* 29 << 329 */
-    { { 0xa3f508a498fa3d8cL,0x4d894cbf45bcff40L,0xbcdac17d0c095cc4L,
-        0x397caa6f407c2ed8L,0x2195056b5f97b4a9L,0x41eb6e0e97434508L },
-      { 0xbb5e4e4a73f211f8L,0x5e8e638f720a451cL,0x8470bc9e4974252dL,
-        0xc487aae29f6a9a96L,0xaa66417101165deaL,0xc8af7172b603771bL } },
-    /* 30 << 329 */
-    { { 0xb7c74c58dc4a1d3eL,0xe3ec30160331ea39L,0x83afb271023c8712L,
-        0xc2670d56c9c82680L,0xd426f350feca1061L,0xe8aee692ba6edc01L },
-      { 0xc916fbe546e801d9L,0xcb001c377097286eL,0xfcf79d2678ee1328L,
-        0xb05b0634b6a4afb3L,0x2ab327bb306da14fL,0xc11a0294ba5ff534L } },
-    /* 31 << 329 */
-    { { 0xcaa287c30f00dfcaL,0x9ca672930601cc7eL,0x435e883fb105d00fL,
-        0xf9cddbf91238536aL,0xda604ccb45f558c3L,0x7e51d9d182f48366L },
-      { 0xc1e8d50d7e8396c3L,0x58638b85edbb75e3L,0xe926aabe9b088d2eL,
-        0x8103a34a428c41e3L,0x03e5e35d089deeedL,0x64969c6d93bb0b99L } },
-    /* 32 << 329 */
-    { { 0x7b7da028e19763ddL,0x662f54df8b98ff78L,0xc056d83c51f3dbd9L,
-        0xe2f4d46fa91d085aL,0x31759c9ceb35262dL,0x624d0cf20c9dd29eL },
-      { 0x108cf9bb1624b02dL,0xa241444e345531d6L,0xf69816b273d372b2L,
-        0x126575a7d5415e53L,0x546bb4c1306b8b0eL,0x82bb0c124d54ea5eL } },
-    /* 33 << 329 */
-    { { 0x85b355304c397362L,0x218a3b0eeda72e19L,0xd8eae54461729c56L,
-        0x3d9b4a62735b571dL,0x12f3ee775629e437L,0xa72f9809095e5378L },
-      { 0x5420a641bbe6dd1eL,0x8121eb3d02f41fe9L,0x5698eaf945e7acbaL,
-        0x8a5e1a89469c2f12L,0x801740e25b434e0fL,0xa4dbe1cc670f58bcL } },
-    /* 34 << 329 */
-    { { 0x2f1919df5819e9f2L,0x156489e7a62287a9L,0xed038deb20a0c2caL,
-        0xf63ac2d5c5ab4fdcL,0xca2b648ce391ec06L,0x8258e3f45b047d2eL },
-      { 0xb7dcff56fd17b40aL,0xa8ace11f4bed747eL,0x542d70d175018429L,
-        0x6c568967951bb2e2L,0xce420f73bb0e089cL,0xdae9623ed13f8eb5L } },
-    /* 35 << 329 */
-    { { 0x2d561034009a41d3L,0xf078204f5734d3a1L,0x2b8973ff7408e71fL,
-        0x07cb9f95aab9c533L,0x376c1f59d0b35fffL,0x4a756c7fe851b313L },
-      { 0xdc690e9874dedeaaL,0x625b082f70cf3f5cL,0x44839b5803dfc301L,
-        0x5835a6c3c520f618L,0x695425e3afdb68d5L,0xc04ce4c62db97ee7L } },
-    /* 36 << 329 */
-    { { 0xc1d9b27ecb5833e7L,0x9911909567a8a669L,0x9317f8c30ab9ee27L,
-        0xfad65eb9f34551e6L,0x7725ec2e016504f6L,0xca492cb47ebbdfc1L },
-      { 0x6d2a3c962706aa66L,0x53e6d650836d8ee2L,0x109496434bc84bf3L,
-        0x8442ee826df7c0f1L,0x7ab2eb9918fe80c5L,0x6a8579b35cd2ea35L } },
-    /* 37 << 329 */
-    { { 0x96adba7706e80e68L,0xa8839d6a0fe580e1L,0x755227e337a31a9bL,
-        0x40b5fc70e27ec051L,0xb900a11b29af222aL,0x8fea2e509dd84811L },
-      { 0x4f844c8861b59ab3L,0x26739874560c0948L,0xb39f85ba0cc08828L,
-        0xcdce2fca829082edL,0xbd17998eb4555dceL,0x827eae97a3608a9fL } },
-    /* 38 << 329 */
-    { { 0xa77087f4c98e17c4L,0x9fa12dadbe2985a5L,0xa68cabc94bdce4e2L,
-        0x222a6fb6d3500913L,0x15e28fd5a9c0904eL,0xed31c63f7a91f825L },
-      { 0x9cd9f3e56f2f35b0L,0xa2b14261923cab8dL,0x71a780516d8ccbeaL,
-        0xf1fe532bdfa937b4L,0x6e3d7252539d0a74L,0x27ef2720814cd797L } },
-    /* 39 << 329 */
-    { { 0x8bd8341e6899b9bfL,0xc2ea111680865aedL,0x0cabb5cf13fed0e6L,
-        0xa11e82c1e4ce70c0L,0xefe3d4eb99aba16aL,0xd774db4dd8df10c3L },
-      { 0x72ee5c98bae14dbaL,0x9161d0b179b86e02L,0x1ba8b84585e5ba90L,
-        0x3830148f17228bdfL,0x222499e2ba89b2a5L,0x5d50922cccd4f87eL } },
-    /* 40 << 329 */
-    { { 0x81dd074e4398751eL,0x87b11b480a3f3ebcL,0xb5afe1f0352b58f5L,
-        0x6d2d94829c390eefL,0xd073f9a0f36a8d23L,0xa7c5abec466ebbe5L },
-      { 0x968c04a60539f145L,0x52a3ad0c93f4d3d3L,0x98e196bb15c0970bL,
-        0x2af28ea370ab8ddaL,0xb912fbda7a039fa9L,0x3dd8d87acbd02ff6L } },
-    /* 41 << 329 */
-    { { 0x849b2f0b4ee5ebb7L,0xfd1b015158bea2f9L,0x260a6b5bfbc530f9L,
-        0x2b6c198d06776366L,0x6540793f8074c6d2L,0x1c722c259871be11L },
-      { 0x8ce5241ce0560ce9L,0x3574db548096df0cL,0x1d9dd078b0fb8c98L,
-        0x6049c7f25625a023L,0xd2c0853cb18d0dd0L,0x5e57bd71cd645f78L } },
-    /* 42 << 329 */
-    { { 0x8da9b831361ce377L,0x6496515b7dc06076L,0x870e7df3b8cba83eL,
-        0x315ac0049f8f495bL,0x1a09dee576fe0978L,0xae7af621c18059a2L },
-      { 0x2bc9dea404fac2afL,0xc630bd5021b90a79L,0xbded6b8628c0f9a1L,
-        0x709d72c7be4fe93cL,0x3d1e2eed74b22303L,0xcdaf6b1d0e81dfcaL } },
-    /* 43 << 329 */
-    { { 0x42d004f3be8ec138L,0x5379a3063d617cfeL,0xcbbd274ec1a87d06L,
-        0xb9967c5284c9df0dL,0x0238d715c421e288L,0x787ee6abd239639fL },
-      { 0x746e4071adace009L,0x2e2545db61377666L,0x47cc241cf07deb1fL,
-        0x0a0742f1847dee19L,0x50175dd06e59b0acL,0x95ce3065d2333a87L } },
-    /* 44 << 329 */
-    { { 0x65c33cf4ca5eba6eL,0xbc48b22e12c2f19aL,0x6c5bbde461fbdcb0L,
-        0xe086202bbc503a00L,0xa9483799deecbb11L,0x9b2c0216279aff50L },
-      { 0xc10fce1069f99456L,0x2b0051d5b7820d55L,0xd2de9cc32129b5a4L,
-        0x711166d9e4f565d6L,0x7a8c3dfb88075f30L,0x6914edda224ac45fL } },
-    /* 45 << 329 */
-    { { 0xca481b6e4e1e3cabL,0xf390ed5f7e12d8b5L,0xcda82616dcd06247L,
-        0xf7d791422cec8917L,0x0c2ea9fe2364e5deL,0x471b71ed21f98e3fL },
-      { 0xbebd6a753b9aae94L,0xf9914c0b45f5d5a5L,0x07c823ca4b3dd18fL,
-        0x0b8c09ab74ad2bafL,0x21048cf7c7376302L,0x080e4a00efb16ac2L } },
-    /* 46 << 329 */
-    { { 0x1699d711379e6c77L,0x9126d88c7427418eL,0xbb05797d825210acL,
-        0xc0b611df315cb277L,0x90f82a9d61f69206L,0x39a79014f517228fL },
-      { 0xd9f2def450e8a693L,0x88c1104381e9d71aL,0x28e20b56451f8a9dL,
-        0xeaa794763e101231L,0x3f1ba0c56423e8c3L,0x2fe7ce4e3c6c558dL } },
-    /* 47 << 329 */
-    { { 0xd706ab9cc55b1a3cL,0x99c453663aa386f6L,0x348c8f743617676aL,
-        0x5f3c49092b9ef7bcL,0x26969963ff5d4864L,0x1f952e03f5b490ffL },
-      { 0x4007914e30cd5518L,0x3b38fd1e0b0e6513L,0xb25e0a81decbba43L,
-        0xb7e77345a7d78431L,0xbb7bc23062467d4aL,0x616c1724598ad852L } },
-    /* 48 << 329 */
-    { { 0x5bcf287864e60ac2L,0xf70e78a455d53345L,0x88685de6707a7138L,
-        0xa77646dcfb2041a4L,0x8608695289db3060L,0x08b7c4d8e27a1690L },
-      { 0x4148d9373ca7fd81L,0x58c7440bff7698a8L,0x9d722d4db0391d14L,
-        0x5683112462b0373fL,0x87b0363be9a9992cL,0x51870cd18853db84L } },
-    /* 49 << 329 */
-    { { 0x775086f481eb73b1L,0xddf02d0e4db4d236L,0xab3d637445b09e54L,
-        0xb7ef92657e883a2eL,0x20e6ae8f7f42b4b3L,0x26a14629bc49d85cL },
-      { 0xf0ee4e5ca4ed9ba3L,0x288c5b0793b0b721L,0x9c767a59e9917114L,
-        0x3dde322015085ec5L,0x3176507f7ece24dbL,0x71e1995686cc47fcL } },
-    /* 50 << 329 */
-    { { 0x86dedf2e9b1ab85eL,0xf3330387c2d0593eL,0xf5e6143997e907a5L,
-        0x1992569d8cd66e4aL,0x836b215e0869329eL,0x8b5c4891153ff215L },
-      { 0xf6c52f1b609dcc15L,0xa3a5258c085722c3L,0x0a4e81501c378dfcL,
-        0xa8997ddc739040aeL,0xb1c4417a7180a073L,0x618009bff1dbab34L } },
-    /* 51 << 329 */
-    { { 0xc276e23733ec753fL,0x196a1ccee112da60L,0xcc049e2b953211efL,
-        0xa60e1aa711dcc43cL,0x091ceb49cdfed2ddL,0x8fe1c52e72c69037L },
-      { 0xf66eac87a986ba11L,0x4917f822b273d90dL,0xf7ef04cc957befacL,
-        0xf8a7ac1320b8aeebL,0x71f0db3dbe6af428L,0xcb0bf8ba566429c8L } },
-    /* 52 << 329 */
-    { { 0xf617674d2cbb40a8L,0x446ad46b4d11399aL,0x4d4246943076b6b3L,
-        0x1b9e7d881c33ea9eL,0x8e1aa6716954589cL,0xf1099b26e221722cL },
-      { 0xb18904f94917576eL,0x0512b21bb549058bL,0x12c89a64a209ad3cL,
-        0x421f5e575557cc67L,0xb42e17371b5a17edL,0x427c6a621ff3230cL } },
-    /* 53 << 329 */
-    { { 0x74e75db02bfb49e4L,0x7685588d58cf18dfL,0xfbfe8f56398e27a9L,
-        0xd2711ec365666b9fL,0x1df7714d2c59b787L,0x0f2c4b4c486f8fc0L },
-      { 0x098ed315f847b688L,0x60c367e332a20ae2L,0x58f48cd6bba6dd13L,
-        0xc41e31960616128aL,0x7f90dd69a3205005L,0x8e6ce9d23581c177L } },
-    /* 54 << 329 */
-    { { 0xcf2da6044a3b3618L,0xcfd27cc6b83f1814L,0x8cb45c0a6b9369a6L,
-        0x1f11501633976ef1L,0x2654a1574afc708cL,0xb47f423860970498L },
-      { 0x548be9389fd8536bL,0x454fde1673ff1ecfL,0x44657efae96be82dL,
-        0xc8e7e96b555df813L,0x2a0b3f4a4fccb822L,0x2e0f36b114b6dfdaL } },
-    /* 55 << 329 */
-    { { 0x227ba88551cefcb8L,0x81e8f52e00071a19L,0x4afd5a5d170fee3eL,
-        0xc8864e274e17ff05L,0x1d8c2083710ffa4dL,0x22529baa9839c46fL },
-      { 0xad771341825a0a87L,0x34a3049edad7c56cL,0xf1f14e1712f3625fL,
-        0x6103d1fabcd36dfbL,0x9f5ce7a949a7cf78L,0xa5a4e38a333cf634L } },
-    /* 56 << 329 */
-    { { 0x6c8e5a261d99492cL,0x6e5bab8e77f916a3L,0x9b014aad50ad6f39L,
-        0x2a3933c51f107e26L,0x4b04395cc951bf73L,0xf8f683b4b0ef56dfL },
-      { 0x28c9fcdd1905c84fL,0xb03604f14141feacL,0xb546f58e53ace23dL,
-        0xee5fec4efe688f02L,0xd8b43f6d2e91406dL,0x75e44b21261764d9L } },
-    /* 57 << 329 */
-    { { 0x56905026e84e6549L,0x1dc1958c5b84b0b7L,0xcb477afba55d3c52L,
-        0x6c67cf7bc1434094L,0x739da94d2ecb03edL,0x8c45e5ee778ca2fdL },
-      { 0x66084f9712e2fe43L,0xee6a89e66c3289d1L,0x623b73abc5d1a215L,
-        0xb0edfa31cbf45830L,0x8024dffbd7de3b1fL,0x2ddf805a27f25caaL } },
-    /* 58 << 329 */
-    { { 0xb4e5a5d5605d7341L,0xe7a7a4069a1d3465L,0x234783d66c60b1b0L,
-        0xdd7ee2fb3b480129L,0xfd183240dbb7032fL,0xba2a97accaedc8c1L },
-      { 0x1a1824d3b0185c9bL,0xddc0f82cd36edae3L,0xaf7bbcc03116b17dL,
-        0xefc9095985f6e8e4L,0xc6bde428acb9c328L,0x69d80732cbf991a7L } },
-    /* 59 << 329 */
-    { { 0x455a23a465ecec1dL,0xcf0b2a221d9e9887L,0x0b43131e3fbb1cc9L,
-        0xd4ece789bdad49b9L,0x370c2f9aedfa4d17L,0x7f6855be15163f17L },
-      { 0x868a16f3735ecbd1L,0xd84527db08897c01L,0xcdbf5b18f2df294aL,
-        0x8c500b1f12b99a2fL,0x929c58df2591e3b9L,0x314cb13714eae6cbL } },
-    /* 60 << 329 */
-    { { 0xd014cc6deda2479bL,0xd2586003f1a85fb5L,0xceb0611153cd207cL,
-        0xe8c9fbfa647b3c16L,0x1f53e8e6ab7d6738L,0x06dcceabb060b5f3L },
-      { 0x80e023b2ab770ccbL,0x83ca0a5f4cda70d2L,0x19f7f5dfea1caa2cL,
-        0x769041414ffe884eL,0xfa4d93a3fca3c05bL,0xd381f527e88e1169L } },
-    /* 61 << 329 */
-    { { 0xa4553b3534914b85L,0x03968ddddc176f80L,0x095fb9531f258fa3L,
-        0xda9d2df7a554bb6dL,0x012a30ed84926864L,0x3fea37b12aa219d2L },
-      { 0x730d2c6d81cc6036L,0x96ea83c9ddd81991L,0xfab080dcef1678dfL,
-        0x16e25c6bfb2fe230L,0xf083a2b298ef2fb5L,0x0c0d0767581feac0L } },
-    /* 62 << 329 */
-    { { 0xd464a6525bc81cc8L,0x513353adebfa99d0L,0xd1aa97c0be51245bL,
-        0x0d37e590e4d20201L,0x7afc95cbb45c5c19L,0xdbd640cfb6a4ea8cL },
-      { 0xffcc3ff2be9c5b78L,0x61cb76ac1b2865d1L,0xb145bb0011352d21L,
-        0x69568e5ce550ac6dL,0x454a33043bf7ee0bL,0xa2fcf9b45dad3642L } },
-    /* 63 << 329 */
-    { { 0x2e2c8fb3f33eaca6L,0xae1c78b265f75366L,0xbdc601092280d2b4L,
-        0xed8409b7b6f472f0L,0x69eafa4f439e09afL,0x3b9ca2ecaa2b1531L },
-      { 0x59b2e8eb336e484bL,0x93ec3ecac5f0481aL,0xb01e690ad575157bL,
-        0x811aebc262e9d767L,0x1b26c0e49a9065eaL,0x5712d2c969a18827L } },
-    /* 64 << 329 */
-    { { 0xdaa7fcc9f9474bb7L,0x3c82e74bafa5db2aL,0xfbf918c59894edceL,
-        0x470c45eda9ac29a7L,0xdfd44f6fbc372f2cL,0x73a4790aa1e38d3fL },
-      { 0x23d2400ba9674837L,0x3dad71bc136a92daL,0xc76a488148baa4abL,
-        0x73227e4ebc26e6b0L,0xe732edcfe8ef5662L,0xfe96aa5f0c5662bbL } },
-    /* 0 << 336 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 336 */
-    { { 0x87c7dd7d139b3239L,0x8b57824e4d833baeL,0xbcbc48789fff0015L,
-        0x8ffcef8b909eaf1aL,0x9905f4eef1443a78L,0x020dd4a2e15cbfedL },
-      { 0xca2969eca306d695L,0xdf940cadb93caf60L,0x67f7fab787ea6e39L,
-        0x0d0ee10ff98c4fe5L,0xc646879ac19cb91eL,0x4b4ea50c7d1d7ab4L } },
-    /* 2 << 336 */
-    { { 0xcfbcbc4a7db62b5aL,0x2919bf514ab45ddeL,0x735de05622322f91L,
-        0xd2590bda7662ae23L,0x63d468fed82be7a6L,0xc84d0435695ea172L },
-      { 0xc50f494120a6fccdL,0x2d613990620f44f1L,0x680ccd041fd25778L,
-        0x25ddac444a3d0808L,0x41d8b738c4684cbaL,0x2611645f53963888L } },
-    /* 3 << 336 */
-    { { 0xb05cb834b0279be5L,0x2de7d0ebf08c5f93L,0xf023b5aaefa9e4f0L,
-        0xb8061e5d9bd075ecL,0x7d2ba50f1aa41bfbL,0x8963f3e390865d96L },
-      { 0x7f221a794713ec7aL,0xc83bc5178500b4c3L,0x085feb6af6ab1540L,
-        0xfd141024dc87cd93L,0x3e196fdb3239dbf6L,0xb7cf3e16dbcd5364L } },
-    /* 4 << 336 */
-    { { 0x1466c9f5e03a2fb4L,0xb866c006862a58a2L,0x291e8c75b5865550L,
-        0x1ddb7154e65862ccL,0x285153bc2b997167L,0xe2fce0e7954b6c19L },
-      { 0x985d450616dc2937L,0xf7f14216ee41d9c3L,0x39e098dafa5fe5e5L,
-        0x3fc26046f90f231dL,0xde5d5ced32afd0b5L,0xad688b1d60c09c18L } },
-    /* 5 << 336 */
-    { { 0x3720b1720f806b59L,0x1f696d47f224597bL,0x03c46e315b54eefcL,
-        0x387e466472b0edaaL,0xfc59b03dee77476eL,0x86854e54607a7259L },
-      { 0x1478bcee3e9320dcL,0x4aa825a88c9d87e4L,0x71272f72cf272ee0L,
-        0x19e3a4a38bd885cdL,0x9af6415b376ba31cL,0x6394b5a7807b2b36L } },
-    /* 6 << 336 */
-    { { 0xdbfcfa75e572e06dL,0xafa019d08b7d5653L,0xcc6c851d67a19b60L,
-        0xace88bf431ae1a67L,0x74554a6193d1e135L,0x51ba2cdd4211890aL },
-      { 0x7cb326899e8d1f02L,0x29a6b8258b66ab99L,0x0a672c21766e72f3L,
-        0x24bb718a880642e3L,0x425dc41d184d2b36L,0x96a1468e891024abL } },
-    /* 7 << 336 */
-    { { 0x3180789c26df7050L,0xe375a43e96cdfd31L,0x7951b895e99e922dL,
-        0x987ea2503d0bbe80L,0x6d2f49f0e2fe79c0L,0xc9c2c636c2b18d2aL },
-      { 0x707798f3d8c8620cL,0xc2d603dad5c6a0eeL,0x46cf1e32bc447940L,
-        0x4dfc145938a845f3L,0x210083fe455e5d92L,0x6be989eaa1fedc3fL } },
-    /* 8 << 336 */
-    { { 0x72fc8198dacc038cL,0x5fdae1d9f1077bbdL,0x369198bbd99e3036L,
-        0x6b68390a0efddfcaL,0x8c35f3e4f0914741L,0xd2bc54ecca7d7807L },
-      { 0x564d991e3a8695d1L,0x5e1e14c81b0d937dL,0x51f30dab5d635893L,
-        0x0427e346f944e49aL,0x1e0bf1b56a233bc0L,0x75b0ee6c617bf93eL } },
-    /* 9 << 336 */
-    { { 0xcd2db6797b1bbd75L,0x1ce5acecaac388b1L,0x715ab9f634c1fa9cL,
-        0xa531e1b8e0815643L,0xa64511c692de769bL,0x8425126b785b8bc0L },
-      { 0xc8d9320de72e155bL,0x9cf36dcd5600a04bL,0xbea8b0f4c6e1f7fdL,
-        0x6f9af6349767d85bL,0xc3ea9fa4c403ecb8L,0x0af7be1ed60a0e70L } },
-    /* 10 << 336 */
-    { { 0x180afdcc20928729L,0xec2e90f436bce72bL,0xa8a8c54d8f48e48cL,
-        0x9d0c6a355248109bL,0x8bdd819baa6c3ae3L,0x95e221a6dc0bebc1L },
-      { 0x83e568eceb113737L,0xaa6d29c8a1a3a0a8L,0x0ebd5015c54fbda4L,
-        0x692a84832a5c8b17L,0xa08e384b51836490L,0xf1904bfc37ded786L } },
-    /* 11 << 336 */
-    { { 0x2093335463919940L,0x34e4f27397ea3359L,0xbe64c5584d4156a5L,
-        0x368a6c980497cf92L,0x59931a502288b8cfL,0x67d70ff8c36cf906L },
-      { 0x4175562a8886126fL,0x46ecdd1d55114ffeL,0xd12876f94efde702L,
-        0xb0c9333fc046d908L,0x8358b04a2cd6c180L,0xcbaf4612336d3c84L } },
-    /* 12 << 336 */
-    { { 0xd77d9cd4fe8dee55L,0x7a0f60c12e43fc84L,0xecc5cd746d5da126L,
-        0xb5ac6fee2382a984L,0xd9db83e26ccd0feeL,0xaa4dbcba350717d4L },
-      { 0xb3c0562c812ead77L,0xf7a995eea96cdd07L,0xd5419bf1ffeb4e67L,
-        0xba0aa22e1226df29L,0xb8d0d7f4c1e333d1L,0x86fecca60a27388cL } },
-    /* 13 << 336 */
-    { { 0x9ea1d715dc579084L,0xc1e715dd0b1cf2a4L,0x624fa6e4926bf7d5L,
-        0x5034c9d34f7b4e51L,0xc1b0ed7aba3a42a6L,0xd1847c28b73cdb77L },
-      { 0xa4794bc36ae49ff0L,0x50b2d908b9144fa5L,0xad112c778f073479L,
-        0x040499dd4b98f590L,0xd415d273152b5e30L,0xd3f4ff3f39054cabL } },
-    /* 14 << 336 */
-    { { 0x1e0318d5fff93451L,0x40b91fa9283e197eL,0xdebc5a28089ac579L,
-        0xcf25f527e9d98537L,0x73f7818d4ae08f51L,0x397f2cb6a956c875L },
-      { 0xb7d74ac57515436dL,0xc29a2ffd830664abL,0x02e273563cabe01bL,
-        0x418417c103c78924L,0xd12994116535005eL,0x53fc391258f66295L } },
-    /* 15 << 336 */
-    { { 0x6b1fceac4d87dff4L,0xd31aef70f262f722L,0x894361782612da01L,
-        0x1d3bdfa9963bc230L,0x9a46505ba7afa565L,0x662c2fc7a31db4ffL },
-      { 0x33983a9ae5ef30c0L,0xb8c874ee723f085aL,0xfb5fbc860f279c05L,
-        0xcd9cc376ad0a380cL,0xcb19d881fdfad736L,0x1c3d9734585167ddL } },
-    /* 16 << 336 */
-    { { 0xd23658c8d2e15a8cL,0x23f93df716ba28caL,0x6dab10ec082210f1L,
-        0xfb1add91bfc36490L,0xeda8b02f9a4f2d14L,0x9060318c56560443L },
-      { 0x6c01479e64711ab2L,0x41446fc7e337eb85L,0x4dcf3c1d71888397L,
-        0x87a9c04e13c34fd2L,0xfe0e08ec510c15acL,0xfc0d0413c0f495d2L } },
-    /* 17 << 336 */
-    { { 0xf791c8196726ae9cL,0xc95c53f13cee0ca7L,0x816b37ae601b0802L,
-        0xcf28a2371b854925L,0xdc4f6bc111d5d9f2L,0x222d6102df6862aaL },
-      { 0x93d3fcc5c0053ee2L,0x1d30937fdf873eb7L,0x925a2c2527d098b9L,
-        0x8564c199001cf28aL,0x87cb85ed748b8479L,0xd12d6b2b184c1020L } },
-    /* 18 << 336 */
-    { { 0xeaf36b865bddb3c8L,0xa4bab6e0099f18ecL,0xe22839208addee4cL,
-        0x485307e053bb454eL,0xf981c80d362db12aL,0x012190355cb4b460L },
-      { 0x62824680c78bd110L,0xf3e0b963d87df5f5L,0xd96de5e2758da525L,
-        0xc6a810faa60956abL,0x913d5a7b8e3eb6dbL,0x27c581fbbc9e8c3cL } },
-    /* 19 << 336 */
-    { { 0x5edcd7dcb0c55d75L,0xaeb0b5c727838c23L,0x13d65db758c3fea0L,
-        0xe821d853b36f1f15L,0x3435a4bc365e7703L,0xb890e52f3a04d292L },
-      { 0x6a96ae92e7a823f3L,0x3960ecb0ca611036L,0x81638aff210cb460L,
-        0x5f95793ce6b983d1L,0x0d5029ffa3ae1a8dL,0x54f749b492ca1229L } },
-    /* 20 << 336 */
-    { { 0xefe0a702537c4a5fL,0x322ff89c151d0e69L,0xcee88b48491b757cL,
-        0x8e92cc15b5da77c0L,0x3138b90bf6af039dL,0xeb73edd2f3748d35L },
-      { 0xf29f06435b8bb06cL,0x91ea9643560e4966L,0x013c274875acbcc8L,
-        0xdb2d1d9703f1d40dL,0xed7aeef1fcac606eL,0x91395dcabff4b849L } },
-    /* 21 << 336 */
-    { { 0x952e4e21c8967f37L,0xdc9f71994bf85ec3L,0x6b01f3d00c141bd4L,
-        0xc6601dec06c9ba55L,0x7d884fc0c4a5945eL,0xcab1de947e19d3baL },
-      { 0x9ca6aff02e3c9c5eL,0x01e828a1445e4a8bL,0xf97165ae80d065c1L,
-        0xe2195895881978a2L,0x4834501fc6b77acbL,0xbcf7545445d99f5fL } },
-    /* 22 << 336 */
-    { { 0xbfc9c5071e434ba6L,0x30768f646f2634adL,0xee3a7cec1caf9c0bL,
-        0x27c4fd0bc232910fL,0x5c5813ee24ff4510L,0xe5e731af901f2ce6L },
-      { 0x440ca2cf68f9aef3L,0x54ff9e837fa17587L,0x4d792db7982acc0bL,
-        0x73c3863834846c98L,0x76cff95f8d6243d9L,0x5fa573399d015583L } },
-    /* 23 << 336 */
-    { { 0xe0419a6fb007e4cdL,0xc44ac4961f613529L,0x3408e15af18f82eaL,
-        0x66bebd87d92d3b39L,0x1c563ee4f85d0c1eL,0xb31a8c891f7eb37dL },
-      { 0x65c7bf8c458a056dL,0x9d2ba592f25b6f73L,0x1ac4f0bc94eeb39dL,
-        0xa008b562d9a9ac29L,0xe7de714589d1c354L,0x420f5cf04c2e45d2L } },
-    /* 24 << 336 */
-    { { 0xe11cc2e117cc0d20L,0x9b4cc698d406fabfL,0x6f6e9b0cb8567c18L,
-        0xa0dcda9c61b22b83L,0x4c8683fa79ee53abL,0x7d46b3f82f11f0c4L },
-      { 0x91e74e482740aed8L,0x75afb62a056466e3L,0xc60bb430e8d0c16fL,
-        0x36cf252522b4aae9L,0x3713f254aceb6dd2L,0xc2906379eb8c6fd9L } },
-    /* 25 << 336 */
-    { { 0x440da0369eb8b2deL,0x6c4d1a38462fbb19L,0xfd86930fb050f995L,
-        0x2e5f1a8c954823a0L,0xe9122aefcb9f8e9aL,0xc9e923f2794be14eL },
-      { 0xdaa5663dbf740c2aL,0xf3a7ecd6df75c915L,0xa047a07efa80015aL,
-        0x846b4d27ea4a720bL,0x2389717e295845f4L,0xf56f77f6cbf2eabaL } },
-    /* 26 << 336 */
-    { { 0xaac4f6a7e67b6dcbL,0x59ccb836d51c5183L,0x78d19f452b7ccb20L,
-        0xb32d4ffd5a619a1dL,0x86b11dbe5c4bd17eL,0xd983e839a9b52073L },
-      { 0xfe9c0b92993455c1L,0x3a156676ea36006eL,0x578217fea907ca7aL,
-        0xaa3c5489440a251fL,0x6760a166d7fdf3fbL,0x4a2fc54b4415c6fbL } },
-    /* 27 << 336 */
-    { { 0xaedf171dbe18bc16L,0x00febab2b2d026ffL,0x82b6d8890cdcca4aL,
-        0x1b1e4c53445bc877L,0xc2174e10ed74285eL,0xced66cc02b243f6bL },
-      { 0x73e9ff69c7b9a66eL,0xc4fe5caad5e4d121L,0xaef80d67402c5d1fL,
-        0xd3b95a0f2f3dcaf9L,0x00cb6e798ceeea00L,0x1ee2ca8c436f35e1L } },
-    /* 28 << 336 */
-    { { 0x0b21c764a6db111fL,0x7c36dfde24c5721eL,0x53a0b6db66e2d428L,
-        0x6f37bf728169d776L,0x9baf6385a68511c8L,0xeaef9c919b218151L },
-      { 0x712cdd5bdd58d201L,0x50bcd0988d3f78c3L,0xfb6427b571fcb05eL,
-        0x6245fe7cc4675aebL,0xb5b75b50fb767bdaL,0xc1d8b76ddd7a18fdL } },
-    /* 29 << 336 */
-    { { 0x6392686cbb52f636L,0xf10df7c41c46a5c1L,0xab7f88acc504a122L,
-        0x2a179193fdb6a9d5L,0x2a7c7e4e2901f29cL,0x3ab41b80a2cc726eL },
-      { 0x8f577fc31fb5e412L,0x65cba0aeff7c47faL,0xa79191697f45c04dL,
-        0x2712fcaeb29a4c06L,0xf2a879e4099f76e3L,0xd333fabd98a22a04L } },
-    /* 30 << 336 */
-    { { 0x87a905e056ddf14cL,0xd36289cb95a1c633L,0x2fb251aa57f8f0f2L,
-        0xbf9c72a9fb7907a4L,0xb4f9b6f3f771333dL,0x7b5ed437469ea10bL },
-      { 0xe8cfa847fa5a8f93L,0x456395c945a4c9a9L,0xe20ffc39f7fac5a6L,
-        0x8b07c9ff287a3c78L,0x117f306f67e66d0eL,0x97c8a6388b331e09L } },
-    /* 31 << 336 */
-    { { 0x1b3e04c26a98318fL,0x04d5ed5dd5a63b2bL,0x4098d09f3cebabecL,
-        0x226bb70565a14306L,0x5bdce76fd962a94fL,0x47a66e96c40dedbcL },
-      { 0xd514ae5bbedcfbb0L,0xa8c0fe40892f07e7L,0xcf78e224c9186f1cL,
-        0x2499f68fe94329e0L,0x3ea3fae5ebbe3d2fL,0x681fca8bbc631de3L } },
-    /* 32 << 336 */
-    { { 0xb097b2c5c4e81268L,0x7ef175521d50ca8cL,0x638266e942099644L,
-        0x43d059deff729073L,0xeebb5fe1148c3940L,0xb82e73d1daa8e925L },
-      { 0xf43c78d8254380fdL,0x2beabc58fce37fa0L,0xcdd5a7d66b636357L,
-        0x8b70a2ebe096a954L,0x011d5419d0afa2fcL,0x3e49eb6704fb095aL } },
-    /* 33 << 336 */
-    { { 0x5c73f69fb99abd8eL,0x0a7c36aacc1ed636L,0x9d2fe67e7f69a6cdL,
-        0x04d015fd48c34b1fL,0xc50f88c17f84915fL,0xeee3e105a706fb24L },
-      { 0xbd42861c734d0513L,0x544b6ef495408b60L,0x4526e680d40179beL,
-        0x9f984c4140ab740bL,0xbed7baee67a02ab3L,0x09e3446862a9fb2eL } },
-    /* 34 << 336 */
-    { { 0xdf64ebcf28eedf59L,0x435531be73b5d9f4L,0x1990df01cf35d981L,
-        0xa34d4fa9a2cc41b0L,0x9f643bd6b5a10b37L,0x90cae11158a6cd14L },
-      { 0x2b0490701943d2f3L,0x2c9f8af4eda3fc20L,0x48c245c5f96e72f3L,
-        0xb4505a3a861355deL,0x4dfab1b9be032112L,0x69c1a9195942de24L } },
-    /* 35 << 336 */
-    { { 0x761c2c356efcc891L,0xd06710d1fa376241L,0xc83a491c8a78b0fcL,
-        0x0c0ee8d8af75b3eaL,0xe6d9d92e4532b587L,0xcb3b652d64eba138L },
-      { 0x1cc504ca34ff5d2aL,0x207e7443d0eae0baL,0x94ad1676428382b1L,
-        0xfcb5909992ec17c5L,0x7f99e1b5ce3b2e48L,0xa8c38c0fac9bc921L } },
-    /* 36 << 336 */
-    { { 0x5763ff1af4ba4711L,0x6aac1315bfaae662L,0x51b9c30ede4b5505L,
-        0x50e63d1891b25d3eL,0x41938349e65ea695L,0x11260360f514dd15L },
-      { 0x231f7f574a086eecL,0xa2c3237f55bd9ee1L,0x8afafa043e0705bbL,
-        0x44607900e9fc754fL,0x7250929678519ce3L,0xe751c3a74d17708eL } },
-    /* 37 << 336 */
-    { { 0x0098a3254611d3dbL,0xbee52036dde82f67L,0xec432a62cdd50282L,
-        0xae8a144e52f994f2L,0x027e9e60aa5c03fdL,0x1a49ce47821f55f7L },
-      { 0x46fbbd6c4d10c0ffL,0xe14c82ff8c461df3L,0x95570f44aef902b8L,
-        0xacaa04ec0eb7eb26L,0x3c8c86a8e738570fL,0xb87d47ccb77cc59cL } },
-    /* 38 << 336 */
-    { { 0x2f4f68377bbf7168L,0xd5b67947f03f7145L,0x2c6ca74d4cecfe22L,
-        0x0e559b9f0a7d6fadL,0xdbcd039ff6b37f98L,0xaaf1f6edfa7a3877L },
-      { 0x97b779f0f607316fL,0xe2185ccc72b99fd4L,0xd3f696bf2bdfe399L,
-        0x20d9baf15e6c403cL,0xe5bbc1cb4c4f1216L,0xd1c0761a428838fcL } },
-    /* 39 << 336 */
-    { { 0x4f433b8abd08dd65L,0x27849a72773bd3c0L,0x62351b911854502eL,
-        0x836580ffca24ce7dL,0xa5c224a39355258aL,0x8d33fb43e65db7f0L },
-      { 0xe44d391edf49a825L,0xc28e0d9bd2f5d4bbL,0xf7208342efb61ae9L,
-        0x43686b414dbce055L,0x7f7562d01800c062L,0x5031bd7c8b8ace99L } },
-    /* 40 << 336 */
-    { { 0xc183199375476a4fL,0xa6383a0055fc4367L,0x23a72dea98bf90c4L,
-        0x67ee6f451045a947L,0x4e6518836920d0a2L,0x49132c9ac8042a04L },
-      { 0xe249e46d5dfa9fc8L,0x6ff9eba1c60d1a11L,0xa4d9362d43490335L,
-        0xe8fad79ade504480L,0x519e8d1bac43c951L,0x7e688047952d6f54L } },
-    /* 41 << 336 */
-    { { 0x135d677342e27f9eL,0xd58b98fb8fcc77e0L,0xf3bb847d7f64928bL,
-        0x15ec841663176905L,0x83e75b6a0f755173L,0x4c3eff5c7a24de69L },
-      { 0x289e9a45313bf61eL,0x01b15aadeafa2733L,0xae7fafe1d2cf501dL,
-        0xd6fba525d5ac0b3eL,0x4bf48be0689bb20aL,0xa591843255bf610eL } },
-    /* 42 << 336 */
-    { { 0x0f019b64c5f8df0bL,0x112f06a979307310L,0x91dc57276d16102eL,
-        0x34070a5be2651248L,0x0b9f35dbd3423044L,0xf29bb4a072b10ed1L },
-      { 0x87071a9a07fb6388L,0x4246d532b7dbdb1eL,0x87db3d2285a039c9L,
-        0x76620a5d42b030cdL,0xc798e3816a42d8ebL,0xdd97441ac441ef9bL } },
-    /* 43 << 336 */
-    { { 0xa9b004a0f08592c3L,0x984d17e5d069c54dL,0xc96f2132ccb87e81L,
-        0x67fd082f3b1f9eccL,0xcdd0827ac4ff9feeL,0x9d1025070e04b7a6L },
-      { 0x4ff3424177c67935L,0x4f2246f58efea5b9L,0x128085b12fbf7615L,
-        0x9f111f65174b0575L,0x0b27d8e2f455cba5L,0xda20626b536054eaL } },
-    /* 44 << 336 */
-    { { 0x4a3df6de3761fa82L,0xb839d6babc56eb6cL,0xe41afc5e13977a26L,
-        0x64022937fc0686d5L,0xa5d6dc19e2d681a2L,0x81afab3128f411b0L },
-      { 0xc089aff74321a117L,0x32b0ae2657d18f89L,0x650aacd5f66aacd0L,
-        0x7b317bf6b8d3f677L,0x2cd5789777ea82dfL,0x935be0f3c74e7509L } },
-    /* 45 << 336 */
-    { { 0x4387f8f602de9e59L,0x529c06f337589811L,0x6dbaab60bc9f06b4L,
-        0x0063bc3db5f181faL,0x7bcb289969b906b3L,0xdca70d1331d1ea3eL },
-      { 0xca65e546ee373e94L,0x13cd365c779f415fL,0x4183460e9d71cb08L,
-        0x60f312726e35eaf7L,0x3d0c265f14bc5e0eL,0xe7a1b9af39ce618bL } },
-    /* 46 << 336 */
-    { { 0xc234c892f46aac36L,0x213076ada55983a9L,0x81f96142dcf335a1L,
-        0xf21ceb724b22e311L,0xa12d6333dc053e1dL,0xe7808925a930732bL },
-      { 0xb5a9eb81b1f1075aL,0xd13739c0f0a3e623L,0xbcd842e9ff2f24d5L,
-        0x200cda381b16ff0fL,0x0a85ea521d6a6c54L,0xe1c0dc8756785463L } },
-    /* 47 << 336 */
-    { { 0x3287c8d39100f769L,0xb349ce8c052e8bcfL,0x5fdb952dd0d3e44bL,
-        0x68715110d0639cc4L,0xc9a5fbaac8efc67eL,0x14ebb97da009aec5L },
-      { 0xf0684e1ca1423e1eL,0xb282f2f56357fa17L,0xc2e79d3c5af78041L,
-        0xe0ca9f4bd7d2ba8bL,0x20629f1e04dd84bfL,0x274ebccc3ee73228L } },
-    /* 48 << 336 */
-    { { 0xeb05c516156636c2L,0x2f613aba090e93fcL,0xcfd573cd489576f5L,
-        0xe6535380535a8d57L,0x13947314671436c4L,0x1172fb0c5f0a122dL },
-      { 0xaecc7ec1c12f58f6L,0xfe42f9578e41afd2L,0xdf96f6523d4221aaL,
-        0xfef5649f2851996bL,0x46fb9f26d5cfb67eL,0xb047bfc7ef5c4052L } },
-    /* 49 << 336 */
-    { { 0xeadd123d385f2b36L,0xe3b14829ddf58569L,0xa4fdf0ec47c7e485L,
-        0x93c0d8380623ea5fL,0xeb9c0a2c9e2661deL,0x8046fc69e72e0ca6L },
-      { 0x6f439e5c7be1c918L,0xcd8fd2f92a9ffcdcL,0x7f134747420e939cL,
-        0x8e880ef05ae283f9L,0x502c5c99f780a249L,0x68a529ab94bf9d68L } },
-    /* 50 << 336 */
-    { { 0x3cf994ed88c9d290L,0x9209f5610bb34d46L,0x8170b567b2bfa21eL,
-        0xae87b6f7c62f86d4L,0xac6fc431d71bccebL,0x5f3a62ba83cf2970L },
-      { 0x390262d1d943b10aL,0x8fc9a27f28aec573L,0xe59beb203e3069f9L,
-        0xf3e7bd365e0812a7L,0xc29c8a433aceffa4L,0x015feecb41c25e2dL } },
-    /* 51 << 336 */
-    { { 0x5b6a4d6ca8e61f40L,0x35825d762f9a6e70L,0xd48f6d8d346a8b94L,
-        0x12bea60889801a40L,0x5182192ad57115f6L,0xb5a8dc6b954c1b47L },
-      { 0x084a5c71793b427eL,0xeb66d699f8de2a03L,0x9835b2fb8eb6d905L,
-        0xb4229923c79dfe40L,0xa7c8aedddee34c0aL,0x12a00675337b0658L } },
-    /* 52 << 336 */
-    { { 0x38ca9f61d44aee32L,0xb2cd0f505484905aL,0x23ecb3a4d812e727L,
-        0x9be645b874a3ac5dL,0xaa4a1d114bfa93b9L,0x5be5277d147072caL },
-      { 0x623a4bd9ba0a6d93L,0x03419661dcf3d9b1L,0x9bffbe8231de1cf4L,
-        0xbadfa2ab56a6af06L,0x9103f7256746f09cL,0x0cd5e956344a2688L } },
-    /* 53 << 336 */
-    { { 0x50a18ab1f40b0edeL,0xf963b76736e01032L,0xba2029b4d4f9a6deL,
-        0x8baec9b85a8446b9L,0x7a4107e766fa8a92L,0x06e78bf99f6543d9L },
-      { 0xdaa894b3a5043e86L,0x172858a8f4e6fe37L,0xff0265cc0844608dL,
-        0x5db1a8f1d5def174L,0xdf9f8a698874fbedL,0xdd2292a977a274d6L } },
-    /* 54 << 336 */
-    { { 0x46f522196ad8d03dL,0xb63e0eaadaf8b0d3L,0xd667f0a66e29df38L,
-        0x6e77432f96ef3b57L,0x78fe0872139ca180L,0x300a0c78d1e4af21L },
-      { 0x650f32462148816aL,0x31ef1e883b4301a2L,0xa2222b25f18442fdL,
-        0xb26b63066884291fL,0x977b6f7d713d88daL,0x3e8173248cd5f7f7L } },
-    /* 55 << 336 */
-    { { 0xd5687c9a9684771aL,0x797808e396cf65d4L,0x793d4eb6ea9ee562L,
-        0x2359b991fd94defcL,0x4e75cdf03a8959adL,0x7a08566900ce7815L },
-      { 0x5c61df5da699fc46L,0x02b62d4868da56d5L,0x8a6972d1eaea27d5L,
-        0x727582b3c8e5d04fL,0x0ab2e6c2de87c408L,0xaa9a62e47b9ed157L } },
-    /* 56 << 336 */
-    { { 0x9c6247d631af03e4L,0xe5a59ad075f9ee90L,0x1da1d64f6ac4b5a6L,
-        0xd2fbd169c521ec7dL,0x6d168015dfaa39f7L,0xe9bcf5b59c69d9d7L },
-      { 0x3d1d3e6693ae2925L,0xcda60beae4bc73a3L,0xb2456adc954e2f3bL,
-        0x5d312fdc02a8fe08L,0x7b37c00e0e497a0cL,0xbd1f3aafc2f8b148L } },
-    /* 57 << 336 */
-    { { 0x60f3bb27bc00d150L,0x159c5af42448affbL,0x4492b6bd2cfa563dL,
-        0x7e58219683c833b8L,0x9f9ebdb20edfafa2L,0x93a7048f31a39a8aL },
-      { 0x4172f74d50149d01L,0xff38fceec58b7588L,0x2e71ba9099f25353L,
-        0xdf50fb440604e555L,0x7effa7ca8f3b5969L,0x3bbe8d49b836b8bfL } },
-    /* 58 << 336 */
-    { { 0xc18c375c29d08d49L,0xb04c0c29c1a681bbL,0x0c4acce9e74dd458L,
-        0x1d6da95c85c920a1L,0xc67280d285387462L,0xeba99725e7e804adL },
-      { 0x08f80e5a8811a138L,0x26f442138f2136e3L,0xf67f157c2d028cc9L,
-        0xb436356d14cd7cbaL,0x1c9c610290281895L,0xf67f16ea48598bdbL } },
-    /* 59 << 336 */
-    { { 0xbf926a077a326266L,0x4045c18bef43cfc6L,0x6fad4cf56ce45553L,
-        0x613ad2dc45a9abc8L,0x7b086ace8836eed8L,0x855857c213ad51d7L },
-      { 0xa3b19c2d167664adL,0x422c548abbd2c452L,0x8cd3681f85928ef0L,
-        0xe969e45c3ed435ecL,0xf76f2cce746c9aacL,0x514df58d1dd90e35L } },
-    /* 60 << 336 */
-    { { 0x9b66219c4d09cd36L,0x6c6fa570b54f0853L,0x95c268bcf29a8fffL,
-        0xc8cf84bf5420c324L,0x5bfc975ebb61617aL,0x935cfe24e78f1bbaL },
-      { 0xa6e2afe919d71ea1L,0x8a321e568c9b950eL,0x42dd9e28ec097826L,
-        0xf06e600ef391633aL,0x94e5512b46acbe2eL,0xb0bca2cc61cc7a08L } },
-    /* 61 << 336 */
-    { { 0xcd361103e8b2d41dL,0x2d0d982cab0b5f13L,0x8158129618d55aecL,
-        0xf1c28a71579caa03L,0x5ddedfd7e50b83faL,0x932d2c03222105d0L },
-      { 0x48fd0ead75ada3f4L,0x29209d988c533a40L,0xc2acc587f2acf0c8L,
-        0x05a8703ef689912fL,0x8f28953b9182995aL,0x1cbba2f20fb3eeeaL } },
-    /* 62 << 336 */
-    { { 0xa1472574180e5eb2L,0xde27569b93fc7b21L,0x3bb956816b9af8aeL,
-        0x8a25fc0ee155f89bL,0x8aff018d825126b2L,0x6eda2f31906f0bdcL },
-      { 0x19cbbecc4e8fbe4eL,0x04e0a4a40568d248L,0x6de2c002ff07b863L,
-        0x6d388447e8d1595dL,0x6a193b70c2cfd10fL,0x00bd826ee6f6bf96L } },
-    /* 63 << 336 */
-    { { 0x2a0165a40a5b4d1dL,0x49c85ee904f12309L,0xc2d221031ded788dL,
-        0x510ccbb3735bd89fL,0x92d2eaebd8eb0e1dL,0x6bda8e346e428c11L },
-      { 0x44c01a1d361f7495L,0xddda8e97cc7a95bdL,0x95cbae30524a53baL,
-        0x266d7192dacad45bL,0x8a42793f22fa4b99L,0xbb393cb5ed204904L } },
-    /* 64 << 336 */
-    { { 0x88e7ac8e168d5e60L,0x53abd5696188a98fL,0x3b96d52918be419aL,
-        0x7e75e354c057621cL,0xcb1b709f5ce57e59L,0xe78befa2844f2463L },
-      { 0x536081993276d4a0L,0x92636ade157f2024L,0x6dd0d348e0411414L,
-        0x5b28e9504d73eeaeL,0x08439232690ed85eL,0xdde1a3496da14b58L } },
-    /* 0 << 343 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 343 */
-    { { 0x6cbd275739ed9ec9L,0x5db68a68fe5d4aa8L,0x177eaa0be4c58c7bL,
-        0x603551ef0e488784L,0xc8eba131df916b0fL,0xd0dbceda159732e2L },
-      { 0x55acca84b0834afaL,0xdbe98440b59ffbf5L,0x162a2c703bd3b202L,
-        0x4c5e5d256ddd8ebaL,0x66e7844a77b1d93dL,0x1292bc0e110b9dcfL } },
-    /* 2 << 343 */
-    { { 0x1b66faabf9e89beaL,0xc81c5ddc3a441284L,0x1a82f3a0a675f7c8L,
-        0x82884a2f30313a71L,0x7ac5d7b058aea9e6L,0x1954f075cd5ff05dL },
-      { 0x7c29638d6178d270L,0x6af7f8ba19381929L,0xe85e3c47a17ae3a7L,
-        0x91b107c77009e38aL,0xf3b777d8f1f9c52eL,0x5b7b74ff11b688a0L } },
-    /* 3 << 343 */
-    { { 0xe1e5b76914b87b2aL,0xee187f5d143a4ae1L,0xa9a38728908cb988L,
-        0x2027b2ed4443d8daL,0x1c6b4813c0c98675L,0x509ea7d1323bd978L },
-      { 0x43b16a587f4dc19eL,0x385f8be812940ae9L,0xa4ed64e57d59acadL,
-        0x47e7abed51ca7f14L,0xead594b82bcce6b8L,0xa2bff60cfc03cf06L } },
-    /* 4 << 343 */
-    { { 0x4ae3d232c0385874L,0x83bda9e6cbf96d2aL,0xba73c769ec62fd6aL,
-        0xd586ba7f62a4720cL,0x6497cd140cc1f491L,0x8b012b707b2ac571L },
-      { 0xa65eabb6268fd705L,0x8caf100a1431873dL,0x25b31b84231457d7L,
-        0xcab62f75901645c5L,0x2377d74db2f7b656L,0x4008277c2d33c95cL } },
-    /* 5 << 343 */
-    { { 0xa7be70c04bfeb784L,0x4633ddadc222ab44L,0x00e397d30f5924bdL,
-        0x5446db3ae25b7b9eL,0x433ea2c4fa1dd048L,0xbb9ae36a1421321aL },
-      { 0xf879069dc59fe8f6L,0xe0f2b8b4820bfee2L,0xcc6cf7c49cf239e4L,
-        0x0e3545c207dc3122L,0x23b0f48b1d2c737bL,0x1c6b6d9cfc1137d4L } },
-    /* 6 << 343 */
-    { { 0x10105dfd101d2433L,0x64e009b58ab6d664L,0x122e68324e80fc07L,
-        0x3b26e76287dc7da6L,0x7bc183de6d4728cfL,0xebfecf4f8bcdc129L },
-      { 0x8b995cec265c66f5L,0x080572d7c4b0e942L,0x612e9e6b4da5b77dL,
-        0x8ec048a96caf9161L,0xe3628ee2c7f45eb6L,0x0190b71bd85650e9L } },
-    /* 7 << 343 */
-    { { 0xccf79a81017fbd3fL,0xa852ca29c875bc66L,0xbb4cd90c0592f8e2L,
-        0x2ee786f455b05c79L,0xe1a2b6baf382e6e7L,0xf2d6cf6e6d2e952eL },
-      { 0x2f0b534abc9304fcL,0x1d63fd80795629a3L,0x42e70cd9322d8e03L,
-        0x8a282cdfb057e36cL,0xd18a0c313ceb177bL,0x270e31569c58b890L } },
-    /* 8 << 343 */
-    { { 0xaae2f448ed001c43L,0x08ad1d9bcf4be493L,0x3262b2f482c1f372L,
-        0x5521febd351a5f7fL,0xf8ec9190916c75a8L,0xf3c258c72728dfb8L },
-      { 0x5dd4ff4f8af19574L,0xefddf5795d076b1cL,0x318b5b98ba8b777aL,
-        0xd971d426fb7f8409L,0xed1465e8b0fd31dbL,0x80d24d4300f66347L } },
-    /* 9 << 343 */
-    { { 0xe8263e8012eb6baaL,0xc452c7581dde8c37L,0x5112af2840baa45dL,
-        0x949b8a740793703aL,0x8ba78382e60e007eL,0x38cd110412823c99L },
-      { 0xdeb0d555f86cf04bL,0xb2f20bfdfd9f6320L,0xff1d399d17c39502L,
-        0x1340aedd1bdf0760L,0x36b2b43c88cc0c09L,0x5f3dba7e9ce285edL } },
-    /* 10 << 343 */
-    { { 0xcea0374a69ca5051L,0x19e060ad5294ae7aL,0xf6ce02361bb01f47L,
-        0x2a5b28ba8c328b8bL,0x6991b1d8b253d630L,0x360afd40859455d8L },
-      { 0xf5c6e1427c1f5946L,0x1eab83084cc8c391L,0x4eb4032f67e76ecdL,
-        0x5bf14aa233898059L,0x0804a7c00e001b76L,0xe3866a93734cd134L } },
-    /* 11 << 343 */
-    { { 0xbe85177db72e5eadL,0x47c15fad59fd2463L,0x2cf5f07f4bd51f8eL,
-        0x82f48288c2898713L,0xdb08aab4c8f753e8L,0x18a1f5c510f58eddL },
-      { 0xaeb7bde366d0b94cL,0x04539620079fb6dfL,0x64d1aff2ebe8c4b9L,
-        0x08d9ef431a10a101L,0xe326c7ec6c602789L,0xd8b1b3e7f6efc3d1L } },
-    /* 12 << 343 */
-    { { 0x5ba5288c1ae586a2L,0x044f1fc61b715821L,0xc1a9a997602f3c65L,
-        0xc5c7512fe08c0223L,0x48a19c3c367e6f1dL,0xa9f2195dfb241597L },
-      { 0x9f674a5fb5ba32a6L,0x275a060f0a312742L,0x5aeb8c4303d6f13eL,
-        0x0fed575d917433fbL,0xe4a5ef9a59f53490L,0xa9f86145f315e616L } },
-    /* 13 << 343 */
-    { { 0x770d01ab2c1deef8L,0xca72f761f61b2a4eL,0xff686a4ceff9ee49L,
-        0xd6b338d30d07000aL,0x885b4e8ce1050b10L,0xd6326179b2364b01L },
-      { 0xceb2bafc672b298aL,0x7df8941aba628946L,0x9c94004ebc56b115L,
-        0xde09cc2d7b12cdd2L,0x9c2dda163833ce43L,0x88da691a6265b59eL } },
-    /* 14 << 343 */
-    { { 0x7059c58669a03980L,0x91f2dfe4e88e1287L,0x96dcd9318d9633ccL,
-        0xb2abc44f37bda148L,0xe31adb3feb8964dcL,0x7b07e015e316876cL },
-      { 0x31732880ababd240L,0x5c37a667e95854a1L,0xb5b334c91d6f69adL,
-        0xe613e5622c34e118L,0x8bbdbf5c5f5984edL,0x82ecfd95cf4f63a1L } },
-    /* 15 << 343 */
-    { { 0x813caa72ade4e3bfL,0x29055be8600c93c4L,0xcb346967e6e4ec1bL,
-        0x39c1152d50ce992fL,0x4682c20e5ce62852L,0x04e9dcb7f4e45ed4L },
-      { 0xda75355d7c0fa5bdL,0xe80f29b078949d91L,0x6214610130fb9e33L,
-        0xe70cda8f325eececL,0x49217f74efca3e14L,0xd3c890b36bd7246aL } },
-    /* 16 << 343 */
-    { { 0x315ad7a47e5a59f4L,0x1c615bfc543c8b00L,0xe12f97a8baa56473L,
-        0xf263db4446edcfcbL,0x47cf91d53c1a968eL,0x1a1165b4c15db875L },
-      { 0x5d35e53a3479616aL,0x649f87b45c59958fL,0x5d3d11ea246da3d3L,
-        0xc1ddfcc653f06820L,0x8169d7116610c00fL,0x15f16ba54bddc8c7L } },
-    /* 17 << 343 */
-    { { 0x307b040d9977713eL,0xc03f7787dee9e016L,0x761a5d03e12c354fL,
-        0x8fa1a4141cc88904L,0x2e079008b7675e71L,0x649c789591d68d60L },
-      { 0x63467e93c98f1c9eL,0x81931ac7fcc52703L,0x2060c89538e59af3L,
-        0x8c12e002a87024c4L,0xfc881e69b3b8496aL,0x2b4e482e1e827081L } },
-    /* 18 << 343 */
-    { { 0xf80ed61a30fa7e86L,0xf2e5f324a15ec5d9L,0x139ca085ecba2d64L,
-        0xd164ee5ff3f5cfd1L,0x758c0008e5cc3cc5L,0xd180c463ce8fa1f9L },
-      { 0xe5dd27054adc6e61L,0x061e0c3c592c39e5L,0xec5a8d4a4e437781L,
-        0x9e4c6f461e6d4540L,0x33ab232e2526e6eeL,0x3c551685ea282d9cL } },
-    /* 19 << 343 */
-    { { 0x59507a2162ce1459L,0x88b465d1c6a2cb30L,0xa5ef8b2b5c8ef7d4L,
-        0x73145f4c4dc9a457L,0xabad3390d19186f2L,0x7036b424f9b78a7aL },
-      { 0xf76f51bb16e04046L,0xecd1ece92b2b71efL,0xda8d82011900f2b9L,
-        0xc2d3291b268d1bfbL,0xa6c1c79a2d176459L,0xb27e5d5885ee1b7bL } },
-    /* 20 << 343 */
-    { { 0xcf19fb2a1e548ef0L,0x8bb6dfa0cc694171L,0xeb1668ca5c5e390fL,
-        0xf5a3485be1975263L,0x4edfc596442cc850L,0x9901f447f9627d74L },
-      { 0x3a6b85c984d0413aL,0x1466366167de639cL,0x9fc9fdcf11705bbbL,
-        0x6d066e2bbff2cf80L,0x38dedc2fdc3026fdL,0xad533a981b828538L } },
-    /* 21 << 343 */
-    { { 0xa7d51d862222dcb3L,0x52e2531cd1a6c525L,0x742b1234532126d8L,
-        0x226043f24e9e77acL,0x02f270afb3a75b2bL,0x7ede5714d4a8dc0aL },
-      { 0x24699e16b34fd97dL,0x4e5d785e8d417ad1L,0x273f5dd1ec307ecdL,
-        0x742373863186955aL,0xf46805fde6afd38dL,0xae100ba424562906L } },
-    /* 22 << 343 */
-    { { 0xed9f434e5216636cL,0x242bd09bc5c1668fL,0x8bb747bd804f3d6eL,
-        0xd66d8753c7c83dd2L,0xa71016c2584540b8L,0xd8b16210fdd41a90L },
-      { 0x5eb5947e1b65be60L,0x1bf995e7616dbdc2L,0x71b7099abb7dbdd8L,
-        0x53650d29079eec24L,0x6bdd1b0e8ebd86c8L,0x0a9658ed9a31624aL } },
-    /* 23 << 343 */
-    { { 0x3be2ce89b8cf4d55L,0xf9b3c501822cdcd9L,0x0cc8423010e12f3aL,
-        0xee09031a3c580ec7L,0xf4c256a812f4b48bL,0x71a8323104018d0cL },
-      { 0x69ad6d7babfcf13fL,0xfa79b457af658743L,0x249f32816001af58L,
-        0x158430fcea127a64L,0x25a3e4549a9be713L,0x68ba3f0fcc6b5bb5L } },
-    /* 24 << 343 */
-    { { 0x6c75bc93b7bfa29eL,0xf86f22b218ef6d69L,0x90ce6a1536dcadf2L,
-        0xf11f711c7ce50921L,0x0739ceda38a479e3L,0x840b825e6ec3dbc6L },
-      { 0x7c36c0a59fa23481L,0xceb61fd170cb186dL,0xac6f7d3c26e4754dL,
-        0x4076d3b5f317b385L,0x52f1bd723fd9e9c7L,0x6649d8b6bf316043L } },
-    /* 25 << 343 */
-    { { 0x5f03dcdcceb1e25cL,0xafff6561d50ff864L,0x17208b6f3a6bb787L,
-        0x61d96c978e15abf2L,0xb1beb427991107b1L,0x436328475008aa3fL },
-      { 0x8a326eeb3595febdL,0xa8e5a037ec60dc0dL,0x762ebd2a3159f062L,
-        0x8ea005adbd1b0bd5L,0xd4d863cf696d4121L,0x2a07a637eacc9b9eL } },
-    /* 26 << 343 */
-    { { 0xf352e28b54a8ffaaL,0xa8317f089ce68b6eL,0x7deb148770cad820L,
-        0x2411b382b2c3579dL,0x20b21ed214d36e66L,0xe7331bec353b9ff5L },
-      { 0x5692636840dff0b3L,0x13356f7b646eff07L,0x1e6e6e4508c64091L,
-        0x913b83f2ea0b920eL,0xb69e5f839f713aa1L,0x8e59d3794632a60dL } },
-    /* 27 << 343 */
-    { { 0x3594c0d3cdefc3dfL,0x9d850e2fd21cf9e7L,0x245322944e38263bL,
-        0x597964610e43acb7L,0x13fad563bca9408aL,0xe52983dba985390cL },
-      { 0x9c5e71e08c000a9dL,0xde6b0b2f800949e2L,0xc58032d131d94108L,
-        0x36cd4099b31811e6L,0xa8d9bdeb3981d619L,0x06f644e03d4760c2L } },
-    /* 28 << 343 */
-    { { 0xdc2870f8243cfbd5L,0x000b71b31ab496f3L,0x53511a3f708f4507L,
-        0xbd7bd0381949d835L,0x723a007d938f4db6L,0x5bc8679e2d04e9fdL },
-      { 0x51ca5fd176ec7fc4L,0x86c4205c988f354eL,0x9042e76b2a0a4a90L,
-        0x368f52a84ad44d2dL,0xddc2cab8912edfb7L,0xde74ccf5cde80199L } },
-    /* 29 << 343 */
-    { { 0x91b31fcbcaa3f1d2L,0xb8a29af1bcc99f53L,0xc5842b2695662f80L,
-        0x13954262a4b4b396L,0xc1fac956a6acfdffL,0xbe37fa4dcf60b88bL },
-      { 0xc7715493dffff3deL,0x06dfaceda1274350L,0x9dfcaffd7460fa94L,
-        0x5f1d3a351e9c317dL,0x2fbf393d377b84ceL,0xb4d9bc8404b83635L } },
-    /* 30 << 343 */
-    { { 0x29871ce22855a74eL,0x5418f0dc98696474L,0xd8bc07d6b90d0498L,
-        0x391012a79fdc0ea2L,0x271396949b09f60aL,0xa0a43dbf3371f0d7L },
-      { 0xab5849422af8d992L,0x64cbd121409eb3faL,0xd36faf01766864fcL,
-        0x69189faea2a83417L,0x3c24d85e3733b772L,0x125a915d2ee497adL } },
-    /* 31 << 343 */
-    { { 0xa8f9eb2abab3fa8cL,0x484584f654ab1e16L,0xee74e5aab21b34edL,
-        0x3ce626ff4eb689f0L,0xd757f22b0006e5bcL,0x611505d024a25e65L },
-      { 0x212df14c46382659L,0xd17898d78c73da0aL,0x5604a93e51421c2cL,
-        0x76147f7603a580a1L,0x325b5c8ae5c34d09L,0x6ff28848db857152L } },
-    /* 32 << 343 */
-    { { 0x8002f4583e455a61L,0xafbafd375bea205aL,0xa8ced112fb93f735L,
-        0x27cb6292196e3084L,0x72395bdd77e8c744L,0x02e018d8ee71f5ffL },
-      { 0x7cfc14d9c1337a1dL,0x94e14c0ad7b4d86eL,0x66e50129d213738eL,
-        0x7a905d91bc0b5ea3L,0x92cb630afca06700L,0x65e06d5cbf3a0821L } },
-    /* 33 << 343 */
-    { { 0x769ff9191e1cde66L,0x6ef257d1944a8786L,0x881437da4f75233eL,
-        0x15266f3768665eafL,0x21fcccafc1777505L,0xe9513e1ab7fea0ddL },
-      { 0x67806e9c53c8a735L,0x24be9a769b11ae2eL,0x928c1455045d2065L,
-        0xea0395b53557f62eL,0x910d7cb4c7d3a450L,0xe849c853c634443dL } },
-    /* 34 << 343 */
-    { { 0x76c6e48d3b476f69L,0x28195cdffe694ee4L,0xa3a9a99e2d3aacc9L,
-        0x0f68fe36b7f320d8L,0xca84a6c9889ce762L,0xc1eafac94901907dL },
-      { 0xa28b9916208c9770L,0x6846e639f8403e57L,0x12fdf9fa1d179e3eL,
-        0xb81e47c843d046dbL,0x700ad19468c14491L,0x136395cebbac51d7L } },
-    /* 35 << 343 */
-    { { 0x7452dfd4f775003bL,0xb38a2031f1a4765dL,0xef36c513a2888c68L,
-        0x2039b168a2339fd3L,0xf74c24be2cc498e9L,0xbeeaca157b622e31L },
-      { 0xda72e5a005f2fb8fL,0xab4a98f0568d5811L,0x231aa495fcb15e1eL,
-        0xf981bd7f537023f1L,0x29d6eb2db367e5fbL,0x15247194b8cd452dL } },
-    /* 36 << 343 */
-    { { 0xa81e4a4e55c2369dL,0x394de01b60a0f544L,0x22acfd07a8906e17L,
-        0xf59b37a6cc9bc4d0L,0xdd16a22c7ffec12fL,0x07decc2ad5976455L },
-      { 0xc5019463abe1d122L,0x2bf0ac0ce318c92cL,0xfa50280ab2bfc47bL,
-        0x53354fc5c7cf8bffL,0xaea1d293e20ca341L,0xec25ecda8b626244L } },
-    /* 37 << 343 */
-    { { 0x05c6f1c99a2f572bL,0xf13f8c7747987918L,0xccb406d74101fdffL,
-        0x93cea27bee1abcf4L,0x32703ada8f5adca8L,0xceaecb5f76313a1eL },
-      { 0xf1c558980b9620cfL,0x942c28b51046c388L,0xbed4e9dc5a07cf8cL,
-        0x423b695a6c734b85L,0x1ce0a2392ac87737L,0x40f126ac4d1cc7d8L } },
-    /* 38 << 343 */
-    { { 0x63e3bb09ad9e132dL,0xaa2880c5c9e84778L,0x23de89ea06049834L,
-        0x442d1df3554e23bbL,0x87214f9f08c5f124L,0x305d967a6beb4996L },
-      { 0x01676f804409f827L,0x16992f73a50147f9L,0x77ee56796081b38aL,
-        0x8c75d293290afd9bL,0xf9578bca813f0aceL,0x395212dd0e786ed6L } },
-    /* 39 << 343 */
-    { { 0x63475e65c21b0f48L,0x114f9af5326c2c63L,0xa897bc01310f768aL,
-        0xcaf47a8fc1bf3f5aL,0xc023bb3718cb887aL,0x3572f633685652a2L },
-      { 0x2dc4ea0d7523287cL,0xafd60b92a121a141L,0xb6b4bf6e085ca490L,
-        0xf599f8f2e5351ecbL,0xe38c8eacddba3d60L,0x2540585f5be9e748L } },
-    /* 40 << 343 */
-    { { 0x313b66cafd8ba33eL,0x10bdb130fabe27ddL,0x1181334c125e2b8cL,
-        0x0f4f198fdb6f94baL,0xf7000076ac3f5de9L,0x1a78813d9d6402aeL },
-      { 0x3427f75dc8a9e758L,0xcdac8b34b01f791fL,0x922c36d12a9ebaf5L,
-        0x195ea05fb0487cc4L,0xe33de901a808baecL,0x15e1d5ac57291d89L } },
-    /* 41 << 343 */
-    { { 0xfe52cd9cfdc7e2deL,0x3947e578da6dccf1L,0x0548d4b5738751e7L,
-        0xc73fc23f4b52a5ffL,0xf38eb8ff1b066accL,0xe9a40d37a27b40f5L },
-      { 0x723b0752a264ad77L,0xe5d0c4efdea83bf8L,0xf7301e3fafad27a0L,
-        0x336b0d86298d09b3L,0x462766bdb2ef2fb7L,0xa5311241141a7607L } },
-    /* 42 << 343 */
-    { { 0x10adb987ee1f44a1L,0xd6ebd1c3e51c0152L,0x0cf1303f4dd3b9eaL,
-        0xd06351b837a33a3aL,0xb5ce1d941cff1f0fL,0x326b3e055476e2bcL },
-      { 0x90f76b5d3426b8ddL,0x77497380648042f1L,0x48684604f9f83902L,
-        0x00275191180f197aL,0x36fd84ecde7ce932L,0x52b428e65391a268L } },
-    /* 43 << 343 */
-    { { 0xd2c1ccb0695c2851L,0xd722b84ff1c78f17L,0xaaa53d26fe52f2a4L,
-        0x3057f4ed24742143L,0x951332a4a2aea258L,0xe5e4db6091096878L },
-      { 0x71db9e48f0b9ef38L,0x7e4b25c1ac542c26L,0xb7250394dd021df5L,
-        0xcdcc6118ee48e711L,0xbc324af1fcdd5db9L,0x71a664ef3e6de57fL } },
-    /* 44 << 343 */
-    { { 0x4e2a05c1c21cdd1fL,0x8a232097dd46e76aL,0x8b55313cd871b1d6L,
-        0x976ce5f6af396bc4L,0xeb91527dafd381b1L,0x6cfd449014455ee2L },
-      { 0x8723be9e1f274d1eL,0x1c63fd011999fa9fL,0x5f1726258049b6f8L,
-        0xe18a3ecd99a51b4dL,0x329fc2c1b13d4e65L,0x94da252b0f18f300L } },
-    /* 45 << 343 */
-    { { 0x583adeb8b893316aL,0x69dce1efee5122deL,0xc5cacdf319b77627L,
-        0x061fedee5e8aedd8L,0xd53fce220257dce1L,0x0e4124bdc781e069L },
-      { 0xf097c697d44ed517L,0x7704e33e9a4e9019L,0xac245dc23e0088dfL,
-        0x70e1176bb76102a3L,0x55261ab235e4dcaeL,0xc2ba59230ede3501L } },
-    /* 46 << 343 */
-    { { 0x6edf35f3af073b6dL,0x7ab4118107376eb0L,0x4ef3e65be7ff1c9aL,
-        0x654ea359d2ac6d70L,0x2b41a7f67ffcd91fL,0xe5da0511e0a60e8cL },
-      { 0x97fefd9756701b93L,0x7a4a827dd34afe15L,0x8bd6c2299090536cL,
-        0x110156f217e510a0L,0xce62a26ec801ca6aL,0xa786e9b05522b64aL } },
-    /* 47 << 343 */
-    { { 0x3c73c2868f02f70bL,0x744a580d0eeca325L,0x58b7ca1733534669L,
-        0xd7d17d77800b0270L,0x864e3509538b116aL,0xc7eda5dce4797818L },
-      { 0xd6c00fbaf741f023L,0x718ed11131d022bcL,0x4586baf2f2ce39efL,
-        0x1095729dcd9a09f8L,0xf5ff3f2d7652f5ddL,0x29d95a09dbb72722L } },
-    /* 48 << 343 */
-    { { 0x7b151b98e28fd10dL,0x8fc01ce81dd884cfL,0x1f0ffb5098d56c2cL,
-        0xf9df1fa2b084606dL,0xf86232bfdc7d2008L,0xeae5cb8fd8751699L },
-      { 0x70f0229883ed54fdL,0xb575283a86087697L,0xad2191350302e2c3L,
-        0x1c09a0d6c4b57e01L,0x0f65e1e1c541b9fbL,0x85493d9bf4fe76c0L } },
-    /* 49 << 343 */
-    { { 0xecf595d6bc19db89L,0x32cdf31bd607e09bL,0xfaf93c636217e9faL,
-        0xa9a1619884d37c72L,0xa2688a33bd929e8eL,0x2ce3442e2842b31bL },
-      { 0x906ac09ab37184daL,0x93a1a54492587ea0L,0x1acfab1ec5b4ce7eL,
-        0xd4788cac7131e80bL,0xb463d67bc8cf0e18L,0xa754ffb81f24067fL } },
-    /* 50 << 343 */
-    { { 0x634f8d6db04ea518L,0xe8c424b4c60108a7L,0x3553b6d11ef6f4bdL,
-        0x1fe850dfbc0a8e1cL,0xa077055473a66e4aL,0x5417bd50da985b55L },
-      { 0x3f99edcaed53259aL,0xd243f2d1b3d5ae6cL,0x70f404b8cb49e74eL,
-        0xf6893edc51fec8f0L,0x3f3ac23871521335L,0x127c055436e39048L } },
-    /* 51 << 343 */
-    { { 0x459a96595ab6a5b5L,0x14ec172bb5ac2238L,0xe556f7061642ba57L,
-        0xe18d92d2da35bad6L,0xe64f9bcdd5805c1fL,0xabb4e0243b297094L },
-      { 0x95429e14b8b876f3L,0x27961a7d9c04bad0L,0x81c74cf57fa32b6aL,
-        0xb035259ebb0f1f24L,0x828c42da2e773f8bL,0x06c996366ea73c24L } },
-    /* 52 << 343 */
-    { { 0x353718ce191c21ccL,0x08e6edf64ad6bd18L,0xc2bb0d6e4dc5b572L,
-        0x328e19df88193daaL,0xccc9f6ab7211c958L,0x377d99ef58aae5c5L },
-      { 0x40e2ecc91c823442L,0x036d6d528b0d36abL,0x2fe0cd7eda4d0ad3L,
-        0xb8fc3c7ffc8af791L,0xdb7e44a42b201b20L,0xa5176004ebcf527dL } },
-    /* 53 << 343 */
-    { { 0x24d19ca6fed20bb6L,0x0c02db9841d634aeL,0xfb55998930310b8fL,
-        0xf9d0818506c00c8bL,0x2b9983fb4742362cL,0x16ae9bfbdce1b6f3L },
-      { 0x679057e6a161a419L,0xe1e80fe04db28bbaL,0x2ca0c869f06c9a98L,
-        0x7b80c43bc448ffa4L,0x100f205cb7ef73f7L,0x29565a93a938bea7L } },
-    /* 54 << 343 */
-    { { 0x4d00c613e1e7a831L,0xc90021dc56d9ddf2L,0xbb80b8385286ccccL,
-        0x156b05b771f5f09dL,0x120f47f47bc921f7L,0x6ea1715f8a65c50aL },
-      { 0xa070c9f695aa8348L,0x96120fe273171f56L,0x10c7d592ebc69e4eL,
-        0x73f6ba27c1c7ef52L,0x10f5b9cef8bb536dL,0x8bc82b225ce0220eL } },
-    /* 55 << 343 */
-    { { 0xac25749af4f3fa3bL,0x2376bcd76f50e4a0L,0x9c68fd1028b2332dL,
-        0x130ed4d12130b66bL,0x91842d58038dfc9fL,0x4111e4cbc401a53dL },
-      { 0x85532deafb5d9b16L,0x0c5657503025e3b1L,0x1340aa49b6cc0c31L,
-        0x1cfdd7d68b7f71a0L,0xee911d7e8b6e548fL,0xcddf07f021456ebdL } },
-    /* 56 << 343 */
-    { { 0xe19b7576fa5256d2L,0x418d5425db3f8bfdL,0x00424869951a1719L,
-        0x2383c7a8533b69b0L,0x166a38e2e67a86fdL,0xa6baa01c5876c435L },
-      { 0x574ddc4584a208f5L,0x8cee30b826b18dbbL,0xeced99c1e9f6b30dL,
-        0xb638d88da7d34beaL,0xa4836806069adedfL,0x62beb7ee7a07c593L } },
-    /* 57 << 343 */
-    { { 0xffc89d6de16d63b2L,0x4da3b04f5df40d2fL,0x3437da2ab48706d8L,
-        0xc35290a1d677df03L,0xe54fc6567c5b6c8aL,0x84f052ff2c77314eL },
-      { 0x59c33a99d968b4eeL,0x2424c5d0facce444L,0x022d7bfbf505307dL,
-        0x5372518d00c142ffL,0xcc82d21aeefa787aL,0x3517f3c0473ef630L } },
-    /* 58 << 343 */
-    { { 0xaf576c307a8a437cL,0x15852131de3f2cc9L,0x96bbff4371759da5L,
-        0x106934ec66f5257dL,0x712e7d0ba9cedae6L,0x5b0b876ddabf131bL },
-      { 0x1605f3a8b741f94fL,0xe5d961c109305b04L,0x3fb97996346266c6L,
-        0xaf4eafc0b3ec7458L,0x0aefa01abcd90b0cL,0x2b7723e3505ea305L } },
-    /* 59 << 343 */
-    { { 0xe5c6f37b43d12de3L,0xdc34fdad642baf26L,0x89d716d647268e1bL,
-        0x50047b391df8d657L,0x40da6352c64470a7L,0x406e3bc97879824eL },
-      { 0x9677b4c38b9ecc36L,0xc82bf16fd246788cL,0xbc9fa99cef5dda3dL,
-        0x3050febf0e7b676aL,0xfbb1301a53e448afL,0x3239f20267c84d67L } },
-    /* 60 << 343 */
-    { { 0x5093950b724fb94dL,0x107822718117ff50L,0xdc9e34b59f5961d7L,
-        0xfaa2fc012351a33eL,0xb9e0f1d9d5fc462eL,0x276a5b3bdd9c6914L },
-      { 0xe6136d1775365ca5L,0x228b77e2a91eed68L,0x5cd6a269411e4770L,
-        0xd8857b0e17590390L,0xe7094f3aa0d45fafL,0xe52d11dcf40693e4L } },
-    /* 61 << 343 */
-    { { 0xc873fdf565a0d2bbL,0x848244dbaa42c6cbL,0xa5d2d766ac50ba78L,
-        0xc650cf4343f38ad7L,0x901cf122ea895d06L,0x3ec1b583cbf46321L },
-      { 0x863dce6193c3db94L,0x902459202445bb4fL,0xae716052673385dbL,
-        0x9266b0bfff830253L,0xd201095844375610L,0x9e008b9712cf8d71L } },
-    /* 62 << 343 */
-    { { 0x2b1b2a551448e73bL,0xa8486146b5f97da2L,0xcf24d8636c848202L,
-        0xa3d6431c5e483407L,0x47a33db852edb78bL,0xb09256a37dad3826L },
-      { 0x740222a74dfa2b26L,0x23f43bec2a8ebe04L,0x4081e512a8072f18L,
-        0xe53f0d05751ad7e8L,0x100d0a17332361ecL,0x8a2122e9e0c3a152L } },
-    /* 63 << 343 */
-    { { 0x28be8affe7e6417aL,0x4e18b452d6a30763L,0x73ae410310d0d5f2L,
-        0x5151fe80003625caL,0x45ebb636ba7a91ccL,0x50f4b49d994e7e31L },
-      { 0x02eaeaa93ebac455L,0x7632c7dac830fb1cL,0x06fe1dde3bb0d765L,
-        0x0d2f7623a6789d20L,0xabba46de01a43e9dL,0x2e822e08f27917f9L } },
-    /* 64 << 343 */
-    { { 0xe96c4aebe5f5b545L,0x10a85a002d4c43b0L,0xf86ad2f632f9151dL,
-        0x05daf874302b99e2L,0x4299dbfa14fd3171L,0x27cbedd6812cfc62L },
-      { 0x42e61536b8772164L,0x52eecef76a5423efL,0xc34c6c70548fffa3L,
-        0x1fbed7777b6db825L,0x850bded44ef2989eL,0x3b8a542c815463eeL } },
-    /* 0 << 350 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 350 */
-    { { 0x9decf2173079fe2fL,0xc32ec5707c817f6dL,0xd5649ce8aeb36b92L,
-        0xab9f77d158fb4dc8L,0x66b11fb6b52d60cfL,0xe217941deaaa4619L },
-      { 0xf3522a9a1607c412L,0xea2eba4fc2a3d8c9L,0x267997c625e38722L,
-        0xed5047b72d4595eeL,0xaaa41e5f55e5456cL,0x891e3d1278cfc6feL } },
-    /* 2 << 350 */
-    { { 0xa438634ed7357a51L,0x918f14cd18c04d59L,0x2ab4dedfac40dd56L,
-        0x758e95ee4956a5deL,0xfc11e3945113f84dL,0x6d71b6736059f16cL },
-      { 0xfd8e2236fb357c3fL,0xd7c8681232dca873L,0x02aeb1538ea13b44L,
-        0xde1275d3013d3827L,0x470a7b7e659ca201L,0x862c83c55c77b351L } },
-    /* 3 << 350 */
-    { { 0xfc9b800f05084cfbL,0x1c4d4510496f23fcL,0xfea0003cc1d08465L,
-        0xf0281da09af48a41L,0xa5c0d97144d32eedL,0x2613b73e023a2e31L },
-      { 0x455013c87dc8ac1aL,0x581b13195958b3daL,0xd293f2f22290aaeaL,
-        0xa068256496f6223bL,0x38fd18fa69410ef6L,0x74eaf35f2b2cf629L } },
-    /* 4 << 350 */
-    { { 0x281f6e58c7ff5b50L,0xbc67791ecf9cd114L,0xe29fa41afd89abd8L,
-        0xfcb0b0b07984feefL,0x0b0928a6d9d20a64L,0x2fd385c46979ccd5L },
-      { 0xce9c34c81fbe72e4L,0x69364344aad0135fL,0xd464635250946a5bL,
-        0xb09a97c6f39f53b9L,0x1d47bc20dcbc8b64L,0xcda5c7bdd458b0d6L } },
-    /* 5 << 350 */
-    { { 0xad5b8c2887eff3b3L,0xa8a3917d9937833aL,0xbafdc493200c3b49L,
-        0x9e27aac5972c6fbfL,0xfd292bb20518c97dL,0xa62126db33515a63L },
-      { 0x9892a8bb1bcfc875L,0x93b066b7e0b674d1L,0xcde9b0087fd3d080L,
-        0x1e285a8859401ae8L,0x4679e32982cfea96L,0x52406ea023e615d3L } },
-    /* 6 << 350 */
-    { { 0x27de61138b6e9462L,0xb8ade1dc473464bfL,0x911ad49394dacc08L,
-        0xd036f28e44252cb1L,0x3865abf6d13dc20dL,0xcea487cdd528f0baL },
-      { 0x14d77eaf4fc290feL,0x5106533bc5084101L,0x11001dc7cda9eccdL,
-        0xb79ad4bc49fc4a78L,0x4f6369f54567f8a9L,0x64050aa2df7ab817L } },
-    /* 7 << 350 */
-    { { 0xffe057aade07f615L,0xf3f91b55342700bdL,0x294761e127a839f9L,
-        0x6411a2b480eafe1cL,0x4900eb120737b80aL,0xa1134d10bb73264cL },
-      { 0x0ebfad730ddbf7f1L,0x57bbe692cd1f73ecL,0x675931fca20f8944L,
-        0x1950eefffad2ad19L,0x60d304029cdf88a0L,0x121af89e33fd2c6eL } },
-    /* 8 << 350 */
-    { { 0x763e3664295c4db2L,0x632fd676dbbaa92dL,0x62ab11a8c66b40e9L,
-        0x06244698f384b708L,0xe7cdf3bd69197876L,0x9cc79c48064f8837L },
-      { 0x95900a229486589eL,0x7953f6e72ff01639L,0x3f65fbbddd3e6e46L,
-        0x84f52e06baa2e2a0L,0x1dc462a8e3852824L,0x9be69c3f7e4c032cL } },
-    /* 9 << 350 */
-    { { 0xa40afc3670977e01L,0x965f110da6c3b289L,0xc4952f87805a8491L,
-        0xb36804b80b65e2d3L,0xd3f6f5ace8cf2b2bL,0x0f37a79da4b71938L },
-      { 0xb2f810d9489ef671L,0x1feae0262df23cd8L,0x7412eee321a14e4fL,
-        0x1458b8ad179d51faL,0x2156a90ee201509cL,0x39f29fca72605867L } },
-    /* 10 << 350 */
-    { { 0x231f70adb2e066e3L,0xf09db880bb477a19L,0xdfa0e503907e5c63L,
-        0x12fe09f4f97022adL,0xdbf06f3620bce7ddL,0x0140e197f1371cbaL },
-      { 0x917b6da464b0b4b0L,0x9a6f4d9b20fe3320L,0x0981d60ed66bdf87L,
-        0xb430e4e062d3487cL,0xc3440fb934dc4a94L,0xe7972dda09a5e3c9L } },
-    /* 11 << 350 */
-    { { 0x29d6394093f47052L,0xadf04e70847e5937L,0xa0ef4fee731bab6fL,
-        0x21de31956ee7d7bdL,0x99af4a8dbd716777L,0x9e15c983df4c569eL },
-      { 0x2ec7bc0ce94401eaL,0xda1835ad85727722L,0x2b5862ce5dad81daL,
-        0xb2be508188dddc2eL,0xa02482101414286bL,0xc52c436d8ea33f3fL } },
-    /* 12 << 350 */
-    { { 0xcc580ea73b24e776L,0x0f3a8b189d721d6eL,0x8665604fb23480cfL,
-        0x95787cba34414689L,0x425d7c6f4d10a945L,0xb5ec2626b2f1cc78L },
-      { 0x55da88858658de6bL,0xb50919d1e9aba03eL,0xc64881d7d99e417eL,
-        0x1eeba5aabf28fba2L,0x20feb7b3504eff80L,0x9f5f9db650debfb7L } },
-    /* 13 << 350 */
-    { { 0x4eb94584230923dbL,0xba8611287b3a6929L,0x5aa7faa3ab1d6b31L,
-        0x95c1e23916ae0966L,0x98674fd3a2fe2297L,0xa8da0ee53c42d488L },
-      { 0x103cabace0740db0L,0xf0b860d45bf16882L,0x03cb0cdc289e48ceL,
-        0x3c15d3759e52c7d5L,0x524f731998103ca2L,0x828ed65cc609ffebL } },
-    /* 14 << 350 */
-    { { 0x518f231b83dfb993L,0x4b0987db37c0826cL,0x0c34961cd5177eadL,
-        0x9d882d3e452c92daL,0xbfeaf5588765bcedL,0x83957b62b9962295L },
-      { 0x2d1d01757bb084cfL,0x04c4cfcde8cffcfcL,0x2f35e33d8d4536c1L,
-        0xbebb31cbd83124cfL,0xe342bed2abb29019L,0x2af0fcde2692a0d3L } },
-    /* 15 << 350 */
-    { { 0xece5d865c7e3b29fL,0xe58106a4622839ddL,0xf5272d43f2969d76L,
-        0x90c72c1b2a1a240fL,0x1e2aa0acaf15e14fL,0xfa2f1c7bf1b6b5a0L },
-      { 0xfb5d343d880224a5L,0x47b88a84f91881c5L,0x140f5ee9dd142fe7L,
-        0x4e76982e24b37c44L,0x6aaf61e9578b482bL,0x01950e22765bc4e2L } },
-    /* 16 << 350 */
-    { { 0x20ebf79ce8a2e8f0L,0xec040d0daca418a2L,0x016c07e78d630d2aL,
-        0x20021d57fa605dcbL,0x6190f3e942d04705L,0x4e000df58974b7e6L },
-      { 0x6710da6c5abcedacL,0xf31aa4965f95d37cL,0x192c4b8ba5830899L,
-        0x171ab8c4ea7dbcddL,0x715f60818cdf1097L,0x0e0135bf205d10edL } },
-    /* 17 << 350 */
-    { { 0x070fbbe1687645c4L,0x4dd859c8c7e0261eL,0x749fa1e9fad54b60L,
-        0xb35942f483cdc91fL,0xcef26d0018eeb83cL,0x4dddd5787462064fL },
-      { 0x0420ed6e703e8740L,0x9087d805c180c7d3L,0x93807412828424f2L,
-        0x8bcea69a6dcae236L,0x22aed9a2d1973c78L,0xe3d0f6f83328d690L } },
-    /* 18 << 350 */
-    { { 0x5ce5bc6da85a13acL,0x868f385c7f1dd71bL,0x15aa63a420c376c6L,
-        0x7802fc9e749127dcL,0xfad59f8e67a98935L,0x6bc97b1d60c0fdf3L },
-      { 0xd24caa7ebce87ee6L,0x8aa08bc27ba511f8L,0xe5ba94f47ba61c1cL,
-        0x9fe9c343364d2d75L,0x8ee0468161273932L,0xab2f0dbe5e8c4861L } },
-    /* 19 << 350 */
-    { { 0x13239c0a8254ded6L,0x594182e61762f9cdL,0x6326369d480efa21L,
-        0x7fee5afd33101382L,0x9e1ea59c4688bc0bL,0x7a3b1b8eae19c17aL },
-      { 0xa8f8f8e5777aedf3L,0xe2d018bfc6bbdeacL,0x3625b03b54328db4L,
-        0xda7540c8711ab8caL,0x7faa19fc46930a99L,0x61a5d1845b59a973L } },
-    /* 20 << 350 */
-    { { 0x4a6226f9f7092423L,0xfe6b7a6dec945231L,0xb44e2e60a1193cabL,
-        0x2ce6393543dda270L,0x1a9e8a2138d64738L,0x863d151a9d843675L },
-      { 0x98a1222ee2b14443L,0xbf8b32712826846fL,0x80475be555508801L,
-        0xc39ccd917b38f064L,0xea31304de8e249f5L,0xa3b6891b4d42db74L } },
-    /* 21 << 350 */
-    { { 0xc0f1627a147e0f32L,0x59fb7f2f5e8822d8L,0x21d8be6371097441L,
-        0xa6169f1b855543f5L,0x188c420645102ae3L,0x4c20a136131b674fL },
-      { 0x05487c4d15999699L,0x8a82a130e6ba5542L,0x93a2119519ec0de9L,
-        0x634d644cc8d0538aL,0xa90c5eeb3b6bbd60L,0xd59105125e4db926L } },
-    /* 22 << 350 */
-    { { 0x5140a7172119e821L,0xe5a2ca8cbc370a14L,0x0c17ad48a6db3398L,
-        0xd7094545ed6fc82aL,0xcf32984dedb976d1L,0xcf04ac16cdf83a9bL },
-      { 0x9bbea16b49775502L,0xb4855286452a6f35L,0x45cbc3b7a86f445dL,
-        0x5972ec64763f5990L,0x14d0b9c0b780b2f0L,0xb120273456e707feL } },
-    /* 23 << 350 */
-    { { 0xbf6b76e1e41c43c6L,0x64ea1824db033acdL,0x7fc0399987c9406cL,
-        0x9427585a51b371d3L,0x464f3559c9705e0aL,0x6639797ac8cb6ff6L },
-      { 0x5104a72e842fbf01L,0x7cabb009fea7af74L,0xe42aa69b19a1db1cL,
-        0xca9599a3a6a7ab69L,0xf31e4aaa1a70d770L,0x0fcc7f1b8a5ef098L } },
-    /* 24 << 350 */
-    { { 0x39a689bc281548baL,0x11aacfca138eabbeL,0xcf33108a8d29457bL,
-        0x312612e014ed4b4dL,0xcbb21f345115625fL,0x4e7217de303a363bL },
-      { 0xaeb0c8c0d137f67bL,0x4ff84a937bf78dfeL,0x7a022604683b37dcL,
-        0xfa4ced77862b0847L,0x5a49bdc136d69390L,0x6d9dff06c0215314L } },
-    /* 25 << 350 */
-    { { 0xcb116e787b1320bbL,0x6310206258ed15fcL,0x1a7891a082c13108L,
-        0x203d73d939eb4c93L,0x0485b8493c78c65aL,0x663897e93c935525L },
-      { 0x9b79708088b41afbL,0xbd34d5134f2b649dL,0x0b4c156f62f6b652L,
-        0x24125d1d6863dca7L,0x726a8bb2edb6638bL,0x2ec5deaf82aea7a2L } },
-    /* 26 << 350 */
-    { { 0x9fb22ca52a3706f1L,0x5a265b5279f5203eL,0xc8844f096fcbd426L,
-        0x52a165f0ed8a3267L,0xff0b3a00dfdfcac5L,0x80167cf52de9e1c6L },
-      { 0x9e9c4391b0b969c7L,0x279440c41e0dabf6L,0xaa535b8f85133e39L,
-        0xef61e22234660228L,0x8ea81a41c386528bL,0xd0bb1f6e71a8c66aL } },
-    /* 27 << 350 */
-    { { 0x75a689bfa67ab0ecL,0x53eaad3e54843363L,0xdb71f81619a3ba98L,
-        0x817257fdc244f33dL,0x8181c028c0fb3720L,0xc813c4651cb7bb39L },
-      { 0xbc44c1e71b189585L,0xaedef8701eea3a29L,0xcdd828d7ccb5dc90L,
-        0xd224f1774fd2e0f1L,0x2a4723b0e78883e6L,0x33bb05473128e260L } },
-    /* 28 << 350 */
-    { { 0x544874b71477473cL,0x253a455a3907385fL,0xb303afd631411ba1L,
-        0x30047aa0466d6415L,0x3a1b676594d4c2deL,0xc265f1912860c7b1L },
-      { 0xfe140a73688e7975L,0xf08a652bf37ce7deL,0x6c9f6df9f46f144eL,
-        0xf7e7b95bc0defbc4L,0xfbc9a9697824c075L,0x9745d768d7773c39L } },
-    /* 29 << 350 */
-    { { 0x7170ab4699873dabL,0x765eb89b8952bc0fL,0xbe3fe2c4f78fd020L,
-        0xde51f8579f194b70L,0xa625839e7cc68fbbL,0x50e59b49f7105097L },
-      { 0x625294f3b82e287dL,0x98daa85288ca9d10L,0xfa0eb790b499d9bfL,
-        0xe280de610382dba8L,0x3fd350e0e76a7d70L,0x1e5c2bebece5ba7aL } },
-    /* 30 << 350 */
-    { { 0x73e187e000ce469bL,0x21dc6268dbd717ceL,0xe9d63224ee564ef2L,
-        0xa7553c854c4c444bL,0xdd409398f6a9b713L,0x902c9cff72f94d6fL },
-      { 0x944edb33f50a36eaL,0xa48a5ae4cfb65a8aL,0xcb9a83b9ed82fddfL,
-        0x9476090c209aa829L,0x66cd0cb1c7e2347bL,0x0f1fe07c86fa005bL } },
-    /* 31 << 350 */
-    { { 0x7c17a2e0c65e52b9L,0xa987f030615b8325L,0xa39b78aaa3d4dba8L,
-        0x738ce26396e96e82L,0x313f7bb7f08f99cdL,0x29571b3cd1a1b7c1L },
-      { 0x00c0e66c89ead6e5L,0x231de4ff19b9874dL,0xc9445296a4137755L,
-        0x7b95f3ea336ea724L,0x7c0a222c49bfe5a0L,0xa265c41d782f8d4fL } },
-    /* 32 << 350 */
-    { { 0xd2db4d35c8d2bf7bL,0x52105d0981571d06L,0x447565cc723a57bfL,
-        0xd98c3597d8ded62cL,0x0aeac6d9de2f1a9eL,0xd363b0b70a98d3b2L },
-      { 0xd9708f0702ad9933L,0x9334677564f5809dL,0x499332cf49cda010L,
-        0x546df74a858467e2L,0x8b84a55093748e8eL,0x9e88ef9706f09073L } },
-    /* 33 << 350 */
-    { { 0x1cdc6b4f673d9c55L,0x4300148a0c11743eL,0x2f924ce4c38b8c99L,
-        0x5300ecc925f32459L,0xb9cd815004473c2cL,0xffee15498eebdcabL },
-      { 0x42c292d54c537dbcL,0x32f6d8a293a133d0L,0x4da3a50c35dc41a6L,
-        0xc16dee6a102f9ea4L,0x69a017a1f00d0bd6L,0x6a95ee1527acbc5eL } },
-    /* 34 << 350 */
-    { { 0x6c02c17adcb73b47L,0x10073a3454b70b07L,0x417ca218a7fe7a73L,
-        0x6f81a38e4ab64b0aL,0x4e25301f8fa7fc44L,0x180f3e1b27d41e1eL },
-      { 0x88925649ce1cfbf5L,0xae279fff2eedaeb9L,0xeac9b033eed426cfL,
-        0xa8488f8aa1740d49L,0x6f748bc3711b5da7L,0xbb1c46fd23bbe135L } },
-    /* 35 << 350 */
-    { { 0x6b2f317b9da70c21L,0xebddc2b5c99dc82dL,0xf4a85d4c5c807d1eL,
-        0x47a79b298a15ad6eL,0x02afb05befbda553L,0x34f3998e6941a669L },
-      { 0xa4a413fb72deac14L,0x2bd9306c1941b899L,0xae023fa5788c1db8L,
-        0x38cd6c42e1012bb6L,0x77ae298c13bd860bL,0x6312af9d63bb40cbL } },
-    /* 36 << 350 */
-    { { 0xbb7742f370fcad48L,0x6dcce7ff57d444acL,0xfc338485b6abc122L,
-        0x03c1118caaf9060bL,0x095dc123cb997905L,0x2dfe24453dd9bee4L },
-      { 0x9bffbbf9d45cdcdfL,0xc5b50babb4b26fe5L,0xe985754e87d31873L,
-        0xb5b007f5a503d2e0L,0xe25c4eb620bb8357L,0xb6f00e50803fa8ddL } },
-    /* 37 << 350 */
-    { { 0x21cab682b8035f01L,0xec82f6ae301c96c1L,0xf25d6a0c1539a503L,
-        0x94180ece1e35b449L,0x13fbc96f1ede3c57L,0xe4a63eac01d8e678L },
-      { 0x3d1a745c068c6886L,0x0659d6ff233be378L,0x493d7a6f3244a214L,
-        0xfa852b1b772bd953L,0xbf05cc0ce87db547L,0x28f497ccb30aacf9L } },
-    /* 38 << 350 */
-    { { 0xa92f28b88ea312ecL,0x9c702e953a3b5f1eL,0xf0a2f787583053edL,
-        0xf99506f29cb41eceL,0x4c3b00b5c2b5c214L,0x59bb943717b8d5caL },
-      { 0x9ccc7869af5e6b94L,0x6eb795a7f340d02cL,0x7fc613c80a09eca5L,
-        0xdac14e61d155f16eL,0xda25c7fcccadb39eL,0x160fda8c9c7fe2b3L } },
-    /* 39 << 350 */
-    { { 0x8aa83310312ee9dcL,0x702ad7bc2af291bfL,0x3940f883ec915c5dL,
-        0xdfb7e44f6fe07c64L,0xa7af875c72d09357L,0xb5df04f4f70b766fL },
-      { 0x738af1bb96f8b10bL,0xab27b86735563f8eL,0x18fccbec2ebaf570L,
-        0x94e9066dc1d7d59dL,0xa1e3518dc63373e4L,0x0722fd0f22d8306fL } },
-    /* 40 << 350 */
-    { { 0xcd42d2391be93e28L,0x93c11fcae2ea0d1cL,0x8acd0b17345984efL,
-        0x3e3feaf350905d0dL,0x4124e89a6f35b49cL,0xafdd8d27a2bae979L },
-      { 0xce1e814015ad5661L,0xb0f9296dde281bc6L,0x11e93935c31ea529L,
-        0x1c4c3bd7ebb898ffL,0x7cb73fc76ccc32c2L,0x69e5307da3ac9b8bL } },
-    /* 41 << 350 */
-    { { 0x37bec50c8e5a9a8fL,0x7f0daba5055a1aa3L,0xa56bc577a1c00a74L,
-        0x0656b6aeab88258eL,0x2959237fb88f0f0fL,0xffff63bb9ef15ca9L },
-      { 0xd9a2909eb94ae6c0L,0x2506a1779b304c76L,0x5658fed3abdf17c8L,
-        0x9c95765e0f90cc53L,0x80ffd7b38e74dc97L,0x97e032e6b8c73479L } },
-    /* 42 << 350 */
-    { { 0x7073ada11780b0c7L,0x6d4ce321f35f07d8L,0x27b26ee589f35e5fL,
-        0x5af10ecd324349d4L,0xf9a0a9071b9bd956L,0x5dde968571350ba0L },
-      { 0x678158f5b6400a5eL,0x93764a022842e0deL,0x71a17724057c9ff8L,
-        0x04c4313c72f58c63L,0x07fdf15cc4e81260L,0xd6c25e82a509f1acL } },
-    /* 43 << 350 */
-    { { 0x4f8a719ae3cf3138L,0x7aac7f0d9b1a2e30L,0x3fe8dcb88c0c76d0L,
-        0x34afed4ade0b5be0L,0x824e043cfdf7c28eL,0x5b700afce708e71bL },
-      { 0x6c7fa728eeffc50dL,0x2488eee97ca62450L,0x25490cb59d969f4eL,
-        0x8bbbac3d8bd629aeL,0x7e5213b56e75e171L,0x1385bff25324b23bL } },
-    /* 44 << 350 */
-    { { 0x364e7371c7d996d5L,0x053390bf8cc483aaL,0x69c23cf281e948d1L,
-        0x65e45d618e822ec6L,0x9240ee412ed94568L,0xe0f33912510a84cbL },
-      { 0xad42eb0f6ecabdadL,0xb35afdb4bc7e39f6L,0x4ee63cb10cb50316L,
-        0x7ccfa14a2a27dc3fL,0x584328f0b4141347L,0x361b2614a23cd89fL } },
-    /* 45 << 350 */
-    { { 0xe70edc42ee93ec36L,0xec773e52bccc99efL,0x9b0367a0ce0816e2L,
-        0x43baad458c6757e4L,0x5d25fa821fb7b01aL,0x65913e86bb6bc3fbL },
-      { 0xb1f1fcab67fafef2L,0xe5ffd89c9e9261cbL,0x86f7b89ff29bb205L,
-        0xa76ed6722db408b5L,0xd6f1ce5cf83f53a5L,0x9cb5cd26c2882d51L } },
-    /* 46 << 350 */
-    { { 0x03f6ca364b2582d0L,0x70345ae80f8116e4L,0xc2612cbfc562aba3L,
-        0x9cdd127789898142L,0xea7f202c02d762ccL,0xa00c15da33662a74L },
-      { 0xcb5cc621aa430b63L,0x6dd1482fb1550d67L,0xb27e7df46216f063L,
-        0xfffe57408f49403aL,0x9403206cfc2bc9f9L,0x132504014593a578L } },
-    /* 47 << 350 */
-    { { 0x6b9c67e6076b2d5bL,0x54509f61883d31d1L,0x25905831fe051be5L,
-        0xe6633c1be93608f5L,0x284afa7697480e6aL,0xb124e6063a06cc65L },
-      { 0xcbcb2c2e2c608edaL,0x07a39d8f813795a2L,0xf27742a8bd108bbeL,
-        0x7425519005b4e5b6L,0xa27620b2b0145a3bL,0x6e3d1210c0f42782L } },
-    /* 48 << 350 */
-    { { 0x0eeb9dc702ed3c24L,0xe7cb624dfb39fc44L,0xded105f581d4cceeL,
-        0xaa675d0c46465cc3L,0x313f4fc99af0a81bL,0xd129819f227e6a72L },
-      { 0xaa6b690340b16103L,0x3dba75b2fb4c2fdfL,0xc9feeea1e7c79c2aL,
-        0x14f503104e024e75L,0x3704aaa8b5729449L,0x39ac6b0c24b86accL } },
-    /* 49 << 350 */
-    { { 0x7e25860735214575L,0x3baa75cb068c68c2L,0x93b6a33f10be8d33L,
-        0xa88f3cc11ba06b10L,0xe70e7ec2a4f8fe72L,0x32fed39fd4835710L },
-      { 0x16137edf3e6059b5L,0x57b1bb9fbb064775L,0x68d3f26dac98cfccL,
-        0x89339bce7f9fd53fL,0x15b32212825e946fL,0x55b0a89bf92a0ef1L } },
-    /* 50 << 350 */
-    { { 0xf419d9becd3eed01L,0x851b31659851492fL,0xa9ac81a9c9b0a402L,
-        0xf67bdf20122c09acL,0x9b26b131f442a030L,0xf7a548f517e72d1bL },
-      { 0x9e0dbf852a7f505eL,0xaa8e7348c7e93ff2L,0x4efa7877134d8017L,
-        0x48f476fc13e5fb0eL,0x552d0447154f4040L,0x8d5b166569b18f6aL } },
-    /* 51 << 350 */
-    { { 0x65ef443e63c90cfcL,0x3a0dfb8194ed3ad4L,0x75570ba710b5547dL,
-        0x5e161fa498e84064L,0xf55dc5003c576f89L,0xe46bd28c7f530eabL },
-      { 0x367607400109f9c1L,0xde7a997bb15e9598L,0x25386f307593c3d7L,
-        0x680e3639def120b7L,0x43fab687aa6e213eL,0xce48861daa99cf3bL } },
-    /* 52 << 350 */
-    { { 0x93c2cf3e53ead820L,0xfca3b3564f4444e1L,0xeb6d82bfaac7a37dL,
-        0x9c0915d4cf49947cL,0x771f9f7cc7edadaaL,0x51418e487b2df679L },
-      { 0xad1b249173f28cf8L,0x8fe4fb7baecacd2aL,0x539764bdb20d0b77L,
-        0xb0073685a6a4f808L,0x4c6f5602cf909196L,0x1ae89342d45e9e7dL } },
-    /* 53 << 350 */
-    { { 0xcf8aa4e5f007985eL,0x833ea882c325d2dfL,0xc1cbaaf5f9f326e8L,
-        0xe779a4a9bf906c20L,0x29f475bbc923cf15L,0x6598d52a54055b74L },
-      { 0x1001a5f1e4fbd4f9L,0xb4933d56cc74cc71L,0x45c04a50fed802baL,
-        0xda140558052bd04cL,0x71c127d63dfbd563L,0xef2b85ba42ebaafcL } },
-    /* 54 << 350 */
-    { { 0x76569e44bc325891L,0x8f8a1487fa2604afL,0x07a8bacdbc90be04L,
-        0xeb53b1087b2c9bb7L,0xcfdc78aaad3c7943L,0xd74807da3bfcd779L },
-      { 0x642552417189257eL,0x28138e8d23cb9584L,0x0ce0b331476b888dL,
-        0x6d9ceaa0f2a9bbe5L,0xb4f1185653b872efL,0xfa9e6fb222d06df6L } },
-    /* 55 << 350 */
-    { { 0x0d45565ce6eabd52L,0xaca75463f41a4559L,0xc3e4064a846eb291L,
-        0x22ac04bc8613d2f2L,0x74cf6fac2364ce2cL,0x61bbaca8be4fce3cL },
-      { 0x302e8117b24dc7b4L,0xa72ae24dd89a053fL,0x75b2023967de96e1L,
-        0xbe51cfd2a9e6d1bdL,0x807a8e3d07c9259dL,0xcf3cd92e43cf6384L } },
-    /* 56 << 350 */
-    { { 0xc040412c754b8669L,0xbda7e0cde2c1d3b4L,0x2ac3b3d5ba29b9beL,
-        0x98a415e3f63bf3abL,0x25aee93ed1776a16L,0x46db7347ec3bc968L },
-      { 0x8e44180a02612d2bL,0x4e3dc4e82db990ffL,0x2050f58f5f7705dfL,
-        0x7b41f5892672d845L,0xeb301603c96e4fecL,0x66ecd24e6cb16a6eL } },
-    /* 57 << 350 */
-    { { 0xd428e7e3d01edc1fL,0xef608062873fadf8L,0x05e7c80d5606965eL,
-        0xb818d0c6a979f826L,0xe9b4c5c7c4793537L,0x7ef637225e83bb66L },
-      { 0x825d89499fbb3a85L,0x557abf0396e34cabL,0xfc3db05b8040ad0cL,
-        0xbdc8e907e305204eL,0xdfc1628d1c1637e1L,0x10841d2a947a78deL } },
-    /* 58 << 350 */
-    { { 0x99432df309c7b138L,0x288eef14593b1fc1L,0xf47f9fb21b55f0b4L,
-        0x5cc20dd46788b9a5L,0x2e87fb4605e43a77L,0x08cf86be849c700aL },
-      { 0x467ec61374680ce7L,0x44e5c8d45884aff8L,0x549f2ea86b33a1a9L,
-        0x2ebf696a8b4a815dL,0xc1705b152a74323aL,0x930a9fde69745934L } },
-    /* 59 << 350 */
-    { { 0xbb11fe102d168ee9L,0xba4aea667f39e124L,0x139364b6fca2841fL,
-        0x6feef5b13d359df1L,0x4fe89fe19787be92L,0xd4cea92e0f6b6aa9L },
-      { 0x794006c0039bd8f5L,0xdce0eb5b0be647abL,0xf4a97f7d4e40c1d3L,
-        0x78d19059d5f7254eL,0x464ddc1d0df22d8bL,0x990b0a39e0fc7628L } },
-    /* 60 << 350 */
-    { { 0x72f5a0f70ad3bb67L,0xabb15e3dce6396d8L,0x2ae94788463efba7L,
-        0xe77b53b41fd4c512L,0x09921a1ca88606cdL,0x1b86b75608e980eaL },
-      { 0x2def667af3d22731L,0xadebd3a39641b175L,0xc0f35509045da920L,
-        0x8fbf85e4952b7ca9L,0x4ee7565023517a65L,0xd31eeea30e75a4a4L } },
-    /* 61 << 350 */
-    { { 0x6d9a5d3cc4508650L,0xe71fcf32d1a2ac1bL,0x784b9148d62ec2dbL,
-        0x9a3d5d572088946aL,0xc488178757848c00L,0x2f50a62e0875c1e9L },
-      { 0xbd23d4aedec0f2dfL,0xc9c28dd5188dad0eL,0xf87ef6460977ba29L,
-        0x89ce8330ab03e4d7L,0x7dbec90dbcf1a5a9L,0x3ddc39c1f6c2a4d4L } },
-    /* 62 << 350 */
-    { { 0x8c0518c7618b787eL,0x6f226212b95734feL,0x3e6cab90c66e138bL,
-        0x6e56d68037a7c0b8L,0x67a3c7df16f6acbbL,0x43df95107921bb92L },
-      { 0x967846f6a0887d25L,0xf717017766908fcbL,0x1a8ec350267430d8L,
-        0xebb46f1a25855c90L,0x73eb78cb396c1714L,0xf766957cdc081e43L } },
-    /* 63 << 350 */
-    { { 0x0700da846de27e73L,0xfac9dcfd78c35563L,0x01af330ccd073b09L,
-        0x0bf5c3b1bb784ceeL,0xd3d9a9ff5d465498L,0x4836b065bde8bafbL },
-      { 0xf5bf3316329b4cf5L,0x387388fc54a5275fL,0x73e880d8254af26eL,
-        0x07ebcddc8d05311dL,0xe8b9965a4f46cec2L,0x4f07a4fa01b06069L } },
-    /* 64 << 350 */
-    { { 0xc0a40cac52133095L,0xfe1b22fd93c162bbL,0x8625898c34018741L,
-        0x69c9f3f636d9e57aL,0x69d9d7f3378aa211L,0x6b03f897e7dca168L },
-      { 0x24d49aebf997a48fL,0x1d984c67c149ac40L,0x667c1d01576f533fL,
-        0x372eee199ef82eceL,0x577723c0c207c14dL,0x4225907a0eed37f6L } },
-    /* 0 << 357 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 357 */
-    { { 0xc61db977bc0e0903L,0xbaf6e4da645c32fbL,0xce89b8ca060b1adbL,
-        0x41db448188e2c178L,0xba6339f3923bdd3cL,0xff25b818d29db42cL },
-      { 0x3521116ee6d6b35dL,0x4e1bd283b22f16acL,0x9357c984bd79fe5dL,
-        0x2eda73be9d45eee4L,0x1a50c59f6288e01fL,0x37baf64975018873L } },
-    /* 2 << 357 */
-    { { 0xc552c6c6097f322fL,0xdf59a3028bc06287L,0xc9ed375c19610b0cL,
-        0xf0e7b4ebb051dad5L,0x7267a304c6556643L,0x0044f6d8c96dc1d8L },
-      { 0xf0ed5f9af4fc3725L,0xbbaf9f2c9de8e1ffL,0xef5d66f4af5a4b4bL,
-        0x0b5bed3d20644cf2L,0xf7e4543a75ae23c0L,0x696f60dc41325b66L } },
-    /* 3 << 357 */
-    { { 0x9949b33d2c20f868L,0xdb3aa790b5706250L,0x88ce71e788e17f2bL,
-        0xd851baf2da9c0881L,0xe869c5ba86d8c9e9L,0x1af68d65a01425b6L },
-      { 0xeae8b1c69bbd3963L,0xf34900b1ec087425L,0x14942910c374bb96L,
-        0x3e13c45705487483L,0xe0e6fad435bc6ee1L,0xc7c38dc7b54d247bL } },
-    /* 4 << 357 */
-    { { 0x6d34bdf6ab463fa6L,0x7bb127b60093b9cbL,0x61d051135a3bfdd0L,
-        0x4abab575f1296bddL,0x72da68494d2e9a7cL,0x90267bca8d11f03dL },
-      { 0x478111223e9b310bL,0x8ffe91d31b1920cdL,0xec293ec67521898eL,
-        0xf0cf026996c1da75L,0xb0dbd4c380f2c7b3L,0xe528175534e4baf8L } },
-    /* 5 << 357 */
-    { { 0x7ce1ce36189e2f1bL,0x36ca8fe3fa84ca41L,0x54cc2c13a6a568e4L,
-        0x1967d9ed25a6d223L,0xf8d20c88537252afL,0x5a58936cac3d697cL },
-      { 0xa2659671b0084ffeL,0x08a9e041ec25bb0eL,0x6bd405ed4074ccedL,
-        0xaeebb470dacb5503L,0x6f18e32bd5448d3eL,0x0412973ba94cd45dL } },
-    /* 6 << 357 */
-    { { 0xd72fcc3742fb1cd7L,0xadfb8967c49c359dL,0x6dc988a55935bb0dL,
-        0x3fb10981e3080802L,0x12c4494f3be161ceL,0x5a0e22d44b649dd0L },
-      { 0x5c57cbfd62a85259L,0x7ad55b3c0e5ab7a2L,0xcd53564928de30e7L,
-        0xce35e6e76867e6a7L,0x626810562f6716fbL,0xd8b4ff26a88d3bf8L } },
-    /* 7 << 357 */
-    { { 0x5949ddfa53abe7a9L,0x944a2ae0716f63a6L,0x90961922675d1f43L,
-        0x36c41c12f5b55722L,0x85b8250f7782775eL,0x89a3a733748663beL },
-      { 0xd4358450475d2d88L,0x4183f45e1beef8adL,0xee3bfe8b06ec8d58L,
-        0x2e462b1609cc4d82L,0xf9cc307ec6148e1dL,0x70d3b2f77b1281a3L } },
-    /* 8 << 357 */
-    { { 0xc32730e8dd14d47eL,0xcdc1fd42c0f01e0fL,0x2bacfdbf3f5cd846L,
-        0x45f364167272d4ddL,0xdd813a795eb75776L,0xb57885e450997be2L },
-      { 0xda054e2bdb8c9829L,0x4161d820aab5a594L,0x4c428f31026116a3L,
-        0x372af9a0dcd85e91L,0xfda6e903673adc2dL,0x4526b8aca8db59e6L } },
-    /* 9 << 357 */
-    { { 0xf0467111e854f886L,0xe228021d8dc6117fL,0x07ff954cac432e28L,
-        0x373be2ef31d9b69bL,0xaa214d016fd61f0aL,0x27bb7932f950b029L },
-      { 0x1caa914f967c97f0L,0xfb133ec0d548897dL,0x598514173cfad251L,
-        0xd41d1da432d14208L,0x446c79f2cee424ceL,0x8b5272a175e839a5L } },
-    /* 10 << 357 */
-    { { 0x26b5e85d62f50c12L,0x8418cecf5ff562d5L,0x0d35b4d459be698eL,
-        0xd79ca9ee93730d2eL,0x2414d99325627fe5L,0xe31dc5293fc64803L },
-      { 0x5c9100d60d027a12L,0x9004ee36f2208db5L,0xe734b13b135d02bdL,
-        0xf905c01a7bc09b60L,0x4eb51557b21b68fdL,0xe6e98bea8c583359L } },
-    /* 11 << 357 */
-    { { 0x14dbcf1a61dae7e6L,0x559a7b52ea0da075L,0x7391545d439d10d6L,
-        0x187e00e675e617abL,0x453b546b5142355dL,0x9bdbddbc84bca97aL },
-      { 0x742a699591e5035dL,0xcf86d3e1831209ddL,0x6fb66757f5f2a999L,
-        0x2e360aeff0e71f2dL,0x6c6f71f2dc97114aL,0xef686b8b17c3a3dcL } },
-    /* 12 << 357 */
-    { { 0x7d07a61d13b5ea74L,0x7f4b7157c8afecd9L,0xefce9c89820b0298L,
-        0xe85c4510e3888d59L,0x9cd3352001234b9cL,0xba2692c0fef767e8L },
-      { 0xd2bea3d45b3ca353L,0x9ad478e5b51a704aL,0x1fc9bd0d9426f25bL,
-        0x52f930bf864a1ba4L,0x559f36353765ff27L,0x548c7f0dae28479fL } },
-    /* 13 << 357 */
-    { { 0x6296d54f68b0df62L,0xace420ee9e6afdd4L,0xa20a510dfcd1812fL,
-        0x488f113a8cd04a29L,0x1bee07640765cb70L,0x50bb5c446d0f44e5L },
-      { 0x5ea842cb7e320ebfL,0xa6e0c1e6e795a7fbL,0x89cd1f765e7e79c9L,
-        0x7436ec1e87ce6c5dL,0x1376222de28309f9L,0x9ed7d6fb7f01548aL } },
-    /* 14 << 357 */
-    { { 0x32e9740ae2fb0467L,0x3a7a32b3ec039d67L,0x630d8d346a425a7cL,
-        0xc9af74ae418a7dd0L,0xc903576daf502870L,0x7e02b3b7e98cce5dL },
-      { 0x0bfdee7a158f005bL,0x88eff4a363b91d59L,0xf23079728bfe3ed3L,
-        0xc75536bce6b1fb4cL,0xf61a82e1a04d46fbL,0x771a8fedfddd52a5L } },
-    /* 15 << 357 */
-    { { 0xf5efc82065af5b94L,0xd618a9e8ce5535a2L,0x70cfb112cda6249cL,
-        0x6986f00f9f217280L,0x41e46ce605faa951L,0x2abb39f3a3ad613cL },
-      { 0x3e04b28b07671c94L,0x61d323ac53cdaf80L,0x2389875cbb9580f8L,
-        0x64800835febb0b34L,0xdaebba99d0d21027L,0x0f1cebfc23288a7fL } },
-    /* 16 << 357 */
-    { { 0x51a033a5cecb916fL,0x2ac62f638d7de61cL,0x92eece49a42a266eL,
-        0x87e037db82c4d11eL,0x875be1416fbae08aL,0xf348fe26c539478cL },
-      { 0x51f8b907ff94c01eL,0xc46cc0e019695a9dL,0x2c74bd666c51b9c2L,
-        0x635d3d24ee565de8L,0x6bd656638982c8c3L,0x5c345b79daf6a93cL } },
-    /* 17 << 357 */
-    { { 0xee7265ee93f081dcL,0xe8f90a6be03493f4L,0x4e8d10275328b0b8L,
-        0x13bb82bb96fa0930L,0x764c2915d1f7d5a7L,0x1896c78f73476481L },
-      { 0xe9a34ff267873b76L,0x8a9a719cfa0afda4L,0xce93d4cc9ccb715aL,
-        0x9ba00f011495d1ffL,0x3131e6666df0e119L,0xe68e1815c902ac6bL } },
-    /* 18 << 357 */
-    { { 0x0ce4ae1044f4a2dbL,0xa8645e2310bcc5c6L,0x6d9728b5e489762fL,
-        0xd365c12a9d46ad88L,0xedf484fee1a527aeL,0xfdf5c519e5be2bb1L },
-      { 0x4706cc2870a3d4e3L,0x07c60129065f1506L,0x42e2e16478298553L,
-        0xa56a2bd5bae646dbL,0x893bf45c61437e62L,0x97dbf9266c525900L } },
-    /* 19 << 357 */
-    { { 0x65c56764b52213c3L,0xa171ba9d97aefe9aL,0x5904e8c934336916L,
-        0x727209b6ff187f05L,0xaf4e50525cb68a5bL,0xb46a6abadc4319feL },
-      { 0xfd48d0d57890cd90L,0x5b0b68c7252942daL,0xc41023352b01887bL,
-        0x582251eb5ad09a7dL,0xbd79b557e1312726L,0x9f5ee3788057db5cL } },
-    /* 20 << 357 */
-    { { 0xa30486a6666fdcc5L,0x5cb7f7ce84056f89L,0x0f8a6b96505636a5L,
-        0xfeafdf97c6624ce2L,0x9dade91c55b8a7d6L,0x3d009219ca2b459fL },
-      { 0x483549845a969337L,0x37d57cbd323c09adL,0x32a91e91e74b9e74L,
-        0xdb4f18ff1c317c24L,0xf9f0daf342418667L,0x735a1eb946946667L } },
-    /* 21 << 357 */
-    { { 0xb395bfd1c8eaa54bL,0x8181d6262ee25219L,0xf4bf437b38d912f1L,
-        0xf9f1161228a8b32eL,0xe359adacc2be5c61L,0x71557ea2971b60c9L },
-      { 0xf071404b1b00cf1eL,0xb163c3608da3141fL,0xd9dedc07a8d51d98L,
-        0x29e89ac5ac827b74L,0xc38cef633ef35dfbL,0x9abd281097d477f1L } },
-    /* 22 << 357 */
-    { { 0xb34e560f0e6d9646L,0x4fc05a0dc0ba033fL,0xc9f5e040ddc1bcc8L,
-        0xf723b78ab92068cbL,0xd558f5912b5c7030L,0xb16bdec774ed778bL },
-      { 0xc12aacc3b32980e0L,0x856e90411daaa32cL,0x34f7a28596429db4L,
-        0xcc2c61ea415dcd04L,0xa0e192cb46b7d996L,0x5b7c845d55d87ce9L } },
-    /* 23 << 357 */
-    { { 0x9ba0a26fc0ee684eL,0x1b871ac353573254L,0x76a094bc5783e706L,
-        0xe78bea66dcc01e8fL,0x7e20c5aedfb74e56L,0xbdc5314a8710f0e6L },
-      { 0x2bcc7a0085f2233aL,0xc58dd45b8aba1575L,0xdd1c6b78e411b6d8L,
-        0xbb8d19529d23d2eaL,0x5293f3cc0066c9cbL,0xb7d0d7b0249c6d93L } },
-    /* 24 << 357 */
-    { { 0x68fe359de23a8472L,0x43eb12bd4ce3c101L,0x0ec652c3fc704935L,
-        0x1eeff1f952e4e22dL,0xba6777cb083e3adaL,0xab52d7dc8befc871L },
-      { 0x4ede689f497cbd59L,0xc8ae42b927577dd9L,0xe0f080517ab83c27L,
-        0x1f3d5f252c8c1f48L,0x57991607af241aacL,0xc4458b0ab8a337e0L } },
-    /* 25 << 357 */
-    { { 0x614c4bc273041ddfL,0x4fef1cf6364135aaL,0x2c9ac204ecf0e610L,
-        0x75a302a991a6dce1L,0xa5899c96651ec9f9L,0x6c5384f64bcad1a6L },
-      { 0xa41012e560f705ebL,0xfcf6512235e85d67L,0x2fdcfc235ced3638L,
-        0xf834fac02deac34aL,0xf5a64ec510a8ad80L,0x843855e1a412c4feL } },
-    /* 26 << 357 */
-    { { 0x440dfebd76ca517aL,0x79924057c577eb59L,0xf1aea290d038a921L,
-        0x77afb37fb0c95974L,0x48a5b9a715763d44L,0x713de85155c8683eL },
-      { 0x250e8f8239d7e1deL,0xc5f1f61c8a2c846bL,0xf26ea6f9faafd017L,
-        0x8ad26055f9d7cd35L,0xc980ba773b2df598L,0xe23b7eabd5e299a3L } },
-    /* 27 << 357 */
-    { { 0x5d37811464744605L,0xfab096990278c1f0L,0xc4d32b208448c344L,
-        0x767a24d2d7d1df17L,0x842de148773ea0fdL,0x73d7dfbdff6e40b4L },
-      { 0x3d61439283576d1cL,0x4820c435ec865519L,0xf99e84dd6bfa5e48L,
-        0xeb18687a9d0d2adcL,0xc3b7369da7fd75d2L,0x7e332b5739f5f093L } },
-    /* 28 << 357 */
-    { { 0x0796a8b6ec13d2acL,0x19036c255677347dL,0x2f0d36eef527c827L,
-        0x7c8a3d17ca61ed60L,0x3920bc68748cf7c2L,0x61835bdf9018b300L },
-      { 0x9cf595c1689d5826L,0xdc547999fb51aea5L,0x11bb04120fc297c6L,
-        0x88770df2b2f9fe0eL,0x99e031f5f6856a85L,0xbb59e8c7afe29c50L } },
-    /* 29 << 357 */
-    { { 0x714e784820dfc5f8L,0x35cde8ae2a2265bcL,0xf6b29ce4bfc32fecL,
-        0xbd5e91f1918043a5L,0xd3766f8b60f8c218L,0x273c41935298904cL },
-      { 0x0a76492d5d441fb5L,0x99cb3b1d164d9275L,0xb2be87c80ac7935eL,
-        0xbd1a1b3f0962981bL,0x8a0c207b96d0df2dL,0x1bb1e505929752d9L } },
-    /* 30 << 357 */
-    { { 0xa574de94621b2705L,0x0d0ca1b73e3f2227L,0xbdc9ddf2e49bc2d8L,
-        0xfbc7254309d314f0L,0xf5900cbb827e0b1dL,0x3994eadd8a7e8164L },
-      { 0x2e7949793046f170L,0xde21ddc3c6883cc6L,0x9ea19d34bcd40da7L,
-        0xb4334df8f01a9ae5L,0x801496ebce8c53c7L,0xc2a5e8527a4b0601L } },
-    /* 31 << 357 */
-    { { 0x435a6c512ecf62d2L,0x757cd8f6559a6a0cL,0x47833f815e4c0d40L,
-        0x2d0b48047d960c6aL,0xf5474833473d5eb3L,0x70264154bf756b52L },
-      { 0xcc46e58d940bfb7cL,0x2e0dd3a69c89d48aL,0x483f3ee19387df66L,
-        0xb3097da4585d3600L,0x82d64b4d76411ef9L,0x0df7d95719682e87L } },
-    /* 32 << 357 */
-    { { 0x179c59cf210c3144L,0xfb613c5733eebbc4L,0xdda75cfdba0cf384L,
-        0x94081a5b3a8fbafaL,0xb91de90a33384e0bL,0x7d1f8f4027aa2a45L },
-      { 0x0747bcc162031148L,0xd2db8e39f324160bL,0x9c1ce3e9722484f0L,
-        0x13a7ee5da62d1ddaL,0x77fd79343a963bceL,0xcd3d871783d2f21bL } },
-    /* 33 << 357 */
-    { { 0xc7c8eedc93a27196L,0x0832b0dfa8abe585L,0x31fe11e8d8adfb86L,
-        0x1091601e9d50e4c7L,0x7931a284ac3d2ca4L,0x0f1464b6f3fc6641L },
-      { 0x2ead94f3260f29a7L,0x914b8396d88a7696L,0x950be4bbe73d807dL,
-        0x26d0115e5b3ad83dL,0x3de8a73146c22525L,0xe50825dac5fffff1L } },
-    /* 34 << 357 */
-    { { 0x716378cae4b98aa8L,0xacf8d67b59b746a9L,0x78f0b5eca65ce8ebL,
-        0xe5997983523cfa35L,0x85bf5badbeba89e3L,0xc8052bbfcfd73b41L },
-      { 0x0b3d77139fb311a3L,0x821a20e2d96f696fL,0x0f087e5744657c9aL,
-        0x72031f281ecfea36L,0xd0765f333f32b010L,0x0412c69929c48643L } },
-    /* 35 << 357 */
-    { { 0x53d361b89f501481L,0x8970937717153c6fL,0xb52280b916bb8d8cL,
-        0x5985cdc0b33dabd6L,0x35ba0cd9dca8ae72L,0xf55c6e7301bc4efdL },
-      { 0x2106ed2f269577c4L,0x4cc34291bfe765b4L,0x9f4168ea812eb958L,
-        0x02869228999ba5cdL,0xff91540d3ab27498L,0x9020e6e158e55a79L } },
-    /* 36 << 357 */
-    { { 0x1a5b15377f1c7cbdL,0x5b31930b7cc17c56L,0x5b91e1a492cc8cf5L,
-        0x970e43deeca08bdeL,0x36424bfe0e2e963bL,0x2e49534968b1a489L },
-      { 0xe350ca52d8e85a9aL,0x3cb9f599ae2cdd7cL,0x0ff35a0aa83215ecL,
-        0x64cf57b81973a966L,0x128be6cd36b26702L,0x8067afbd5f65f7bdL } },
-    /* 37 << 357 */
-    { { 0x23d1f49215876c71L,0xafb21c1d41e7495bL,0xdb3ab62c2705885dL,
-        0x20ff803f7ba216cdL,0x26cb190699c9ee55L,0x8280dc9c0fb05389L },
-      { 0xadf55171df1020dfL,0xc044e9bcbd011b5cL,0xe21aaa60cbed2430L,
-        0x5939fe583336df4dL,0xfa306816ff78c665L,0xba92ca8243eb18f2L } },
-    /* 38 << 357 */
-    { { 0x6f05e6241b7edb64L,0xc280105b6681f48fL,0xd1b94413f993dc9eL,
-        0x84f24c01e46de412L,0x092017d54abbf7dbL,0xb73193a56f7b1b08L },
-      { 0x22a7c5765195ae46L,0x81dd6b12610c28efL,0x61959874ad7bfcc1L,
-        0x3ade0a77d15f8cf9L,0x124cef4d954db624L,0x0733bd7a5c247650L } },
-    /* 39 << 357 */
-    { { 0x52d7f9ddf1cee098L,0x538b7fa17a6a2ad1L,0x5f2294312911e75aL,
-        0x71c337b7e6ef0271L,0x5e278a1267ee72d1L,0x7b348c756f33fea9L },
-      { 0x7bb59f1a694bb928L,0x5783e43f292b258aL,0xe3b53ca77181f1d2L,
-        0x028ba90e051c7d2eL,0x4bb06f9364789d76L,0xcf97fc4da228a7a7L } },
-    /* 40 << 357 */
-    { { 0x3dbb3fa651dd1ba9L,0xe53c1c4d545e960bL,0x35ac6574793ce803L,
-        0xb2697dc783dbce4fL,0xe35c5bf2e13cf6b0L,0x35034280b0c4a164L },
-      { 0xaa490908d9c0d3c1L,0x2cce614dcb4d2e90L,0xf646e96c54d504e4L,
-        0xd74e7541b73310a3L,0xead7159618bde5daL,0x96e7f4a8aa09aef7L } },
-    /* 41 << 357 */
-    { { 0xdf5c2fa79111caacL,0x493ada25b04d2b3aL,0x5c4850bfa39a7872L,
-        0xbeae16c067e07e93L,0x63bd7d390178358dL,0x7a7e56a1cfe0bcd0L },
-      { 0x9ba7a4500816b666L,0xea6c70c8dae070dfL,0x84013756832c2b35L,
-        0xa28e5dd08d3e9fc3L,0xd67665aac653c08fL,0xee54d7b6aa6bdff8L } },
-    /* 42 << 357 */
-    { { 0x99b870afadbd24baL,0xb34fa9083bee289fL,0x4a20f29bae836fa4L,
-        0x4188ed5024b464c3L,0xfb93f48fc6c00297L,0x334b8689736186ecL },
-      { 0xbf7f1c424e1016f1L,0xf95e6e59413ca088L,0x5878156c288912d8L,
-        0x9e99199704c7ce69L,0x0f0c185d5d6520d1L,0x1ed2ece33fe6f498L } },
-    /* 43 << 357 */
-    { { 0x319fb249607cfd40L,0x5920056f62b40e28L,0x9ab4528058631ab5L,
-        0xb527738f413452d2L,0xb2885e46b296e602L,0xb1dcf41a74824807L },
-      { 0xca9d2b06b2ad2fc6L,0x500c5f11ad05eeceL,0xca94160f21f3db6aL,
-        0x693adf4e262470d6L,0x1f4c62c5480b0cffL,0xb3ebf11f54c748e4L } },
-    /* 44 << 357 */
-    { { 0xc8ae4d2bb4ef93b3L,0x4967da7b99758d99L,0xd1483a1fe04db9baL,
-        0xf5e657df3033474dL,0xdd9371c89db4b96fL,0xb5f288956044b259L },
-      { 0xe8987a43b2ec27bdL,0xaabb1ae68fce67bcL,0x4518fa3eb2b97680L,
-        0xa0142a13748591e1L,0xf9148ab96c2db557L,0x65592253e0e4f9e7L } },
-    /* 45 << 357 */
-    { { 0x21163809bccf41d8L,0x0eafed515b3f09d1L,0x3b5360d9d84b27f6L,
-        0xee752fd04411d37aL,0x1cea3b5c6a3f5027L,0xb206e74d9454d9f6L },
-      { 0x710715dab52af43dL,0x8175ca136e6c6463L,0xbdb123d39689144dL,
-        0x569e6edd4d9c459fL,0x070f09a4f02e5b25L,0x691c23ef3d79a7b9L } },
-    /* 46 << 357 */
-    { { 0xc0c94165781356cbL,0xcb9fb705876a839bL,0xfe23f07e89db25feL,
-        0x710f0fa3a52cec3bL,0xb0ab363073e0f037L,0x3b79a8167c9aa037L },
-      { 0xdbc7f83ca1f13fe1L,0x8bd910c63d653a81L,0x2e54ad408c78d003L,
-        0x0de02157a3e9ccf0L,0xe9081e8bf7670dfbL,0x6a2ad476c8647bc8L } },
-    /* 47 << 357 */
-    { { 0xaf58106ebf047836L,0xadc3245e195e5675L,0x75612e175290e051L,
-        0x27b81bd869d46bb9L,0x9d4dad5b5417b5faL,0x19850d70fd024259L },
-      { 0x987daa604b0a86b5L,0x5d5a5f9c0358a944L,0x9008682f48d2ff67L,
-        0xc9db4d4b89e81cf9L,0x133516bc850eaae4L,0x0b5bfdc81da8bd19L } },
-    /* 48 << 357 */
-    { { 0x609deb162d8bcd6eL,0xe42f23a92591750dL,0x4a9f3132b378305cL,
-        0xf101799869275f5eL,0x14be746761b089b5L,0x05f620d20c81b0c5L },
-      { 0xca90a9c06cb8412eL,0xfe0f6a8915b1b0d5L,0x1b25ac9620c71988L,
-        0xb971b61a390aedd0L,0x995214d779d8cd39L,0xd7fa135b65c6e11aL } },
-    /* 49 << 357 */
-    { { 0x5aaa98f875330325L,0xc900a7781f3541a6L,0x69bcf864174a3200L,
-        0x3abc5ef71c46b3e2L,0xa53c9e4e47851b97L,0xc166a4e22acdc42eL },
-      { 0x49e4e6fdb19b4678L,0x4fe02cb162b7da19L,0x575c61a6633153feL,
-        0x49578b28a4f83b70L,0xc6840d063737532cL,0x93047d40480f55b9L } },
-    /* 50 << 357 */
-    { { 0x835be7417d930332L,0xa4d001bb2cd86fc4L,0xef141e30a6e3a24dL,
-        0x4047620adc328d2eL,0x5c80a3bc9a5f1f12L,0x6cde5e4ca19b423cL },
-      { 0xcdd5d7773ba0fa5cL,0xb96dbe62ea85c28eL,0x963c02245c804896L,
-        0xb2a581abe5dd6b98L,0x28a908a2abc8dac4L,0x5834b212985fd18fL } },
-    /* 51 << 357 */
-    { { 0x02757b1f0fbe0c5dL,0x2d0d05a854ef99e2L,0x2bda526d0377ffa0L,
-        0x58ca8b08925985afL,0x1fb7dbe727b69722L,0x322d7db5f1c57fe5L },
-      { 0x4049c8bcfdf111f3L,0x0b4712974148b027L,0x34fcb1e58782dab0L,
-        0x697dc9431665557cL,0x3ae30e2844659ba2L,0x479dbc2f118e7417L } },
-    /* 52 << 357 */
-    { { 0x10b10d86227e8607L,0xe83536281d1be36aL,0xe34068f9d952b0e9L,
-        0x148eeb38fdb6ea99L,0x82657d605547e7ebL,0x9c35dc82a86155eeL },
-      { 0x408f79262060a81aL,0xf2a79205a6282e8aL,0x10dbb58526e70e7cL,
-        0xd636f8225df85d6cL,0x03202c027682b922L,0x31323940baf18500L } },
-    /* 53 << 357 */
-    { { 0x5882374401879796L,0x068943ccd1249281L,0x20dec1c12e1d6effL,
-        0x5f4c2c070bdddecdL,0xc56d52b37ee724c3L,0x93bc2c7a559e25ddL },
-      { 0x0c95d2e5f98a9940L,0xc570e96ada60a809L,0x94c4a964076233eeL,
-        0x843c99627dbbc526L,0xe4075129d4cdc652L,0x0afff70561cb2698L } },
-    /* 54 << 357 */
-    { { 0x3ec1e3a5f607f893L,0xd476dd24054aaa8cL,0x2cb92280a93488abL,
-        0xc8d1207710d1dc68L,0x564839b9bfb494e6L,0x7a13930ceabdfe56L },
-      { 0x52f72a9724f9b183L,0x30ae4bc87e9c6fc3L,0x3d7d2765f35b8e6cL,
-        0x701f3d89a665ba55L,0x98f2fe85c466111bL,0x338073600c1c0dadL } },
-    /* 55 << 357 */
-    { { 0x7dd106bab3a48d42L,0x7eac4690ebfc75aeL,0xdbf3547e68ef4ea3L,
-        0x3629c438a1a5faa2L,0xac2aa55e653bfd97L,0xae5cc39752c3b8f9L },
-      { 0x117380552853b626L,0xd5a955f224a0dfe2L,0xc4356ca25940233eL,
-        0x73f7eda97994aedfL,0x2bfa76c693b185d9L,0x091cef91a0327108L } },
-    /* 56 << 357 */
-    { { 0xa8393a245d6e5f48L,0x2c8d7ea2f9175ce8L,0xd8824e0255a20268L,
-        0x9dd9a272a446bcc6L,0xc929cded5351499bL,0xea5ad9eccfe76535L },
-      { 0x26f3d7d9dc32d001L,0x51c3be8343eb9689L,0x91fdcc06759e6ddbL,
-        0xac2e1904e302b891L,0xad25c645c207e1f7L,0x28a70f0dab3deb4aL } },
-    /* 57 << 357 */
-    { { 0xf5dafec85f102704L,0x2f3b6b6929f5b946L,0x84472c029d4c9979L,
-        0xed49f3e6341f0150L,0x3ee3432eb3bb085fL,0x84c553183cbac42eL },
-      { 0xbb358bd9dc4c7ffaL,0x0713917d2db356ccL,0xc73e9fd0670c7139L,
-        0x87600c4c3581108eL,0x2ae731d7586af51dL,0x30630ad6614c126eL } },
-    /* 58 << 357 */
-    { { 0x15f8fba7712c0edfL,0x4a1f93baa2c363ceL,0xfabca37e8f2948a4L,
-        0x652922e4dd765560L,0x2da78559220cb98bL,0xb797746a54b940c4L },
-      { 0x8535fcfc591bb7faL,0x58857815c25376e3L,0xcd8db789da627557L,
-        0x718072ca318512b7L,0x92266469813efd94L,0x3217649aafa85382L } },
-    /* 59 << 357 */
-    { { 0xd517b39e51c4bf28L,0x6614c16261f583a3L,0x79c72f414739ea59L,
-        0x597e1c2ff76e80f8L,0x3a72b05e7b846f3aL,0x1849e5126c0a45a2L },
-      { 0x79a6ea5b9d506d83L,0xc48e570219b7f46eL,0xc89c5047c524bb48L,
-        0xafc1fdd99cb88cfdL,0xb07eaaa0b82056e6L,0x60f6544f05885df8L } },
-    /* 60 << 357 */
-    { { 0x9894ef75f39e2738L,0xac585d07b40db6ecL,0x07d9e938c4cfdb92L,
-        0xda174933737f1a7fL,0xa4f1fb65484031a6L,0xa96d9f612c21b546L },
-      { 0xaf981519d24ccee0L,0x238de6de9d53b571L,0x09afc481fd78c3ffL,
-        0x4351715d9ea7f6fbL,0x91a02325b14a7320L,0xcd8958d8bbb6346aL } },
-    /* 61 << 357 */
-    { { 0x22ef4217452ae6a0L,0x3192309d9ced837aL,0x773585ed2ba43ee9L,
-        0xa9b29d94f3379e81L,0x43838b3aa6835e44L,0x1afe27ab0c7b2336L },
-      { 0xca1dc61683ecd230L,0xc9e8b95e6d235df5L,0x9667829b2af11adeL,
-        0x27254b0fbe532148L,0xb50bc3c86d233f14L,0x30e0e450bb35d985L } },
-    /* 62 << 357 */
-    { { 0x8b3f79087b95cf32L,0x67c654b06272c619L,0x61160a9d22c0f46eL,
-        0x1cce95721d2e36ccL,0x62bd951d3990db3cL,0xcf0005c8d9700d14L },
-      { 0x304aff9c70116120L,0x1c919dd2b08d57ceL,0x841b058ec0c0c0b0L,
-        0x7cfd4deb7af05aa2L,0x4fbd13c57b11ce5bL,0x03e07dc9f8259bebL } },
-    /* 63 << 357 */
-    { { 0xe9b37f569d0703e0L,0x7b5e0df5f83c215bL,0x7fbb40f0d3c21efcL,
-        0x87a2ff119fb33620L,0x208b062bd1176635L,0x806bc549950d30efL },
-      { 0x862de3a4ae2bf355L,0x917b06bacf9ef6e8L,0x55f1ec4cadacc178L,
-        0xbcd679fc81d752fbL,0x9404d6ce65a00270L,0x25ce99e6000c6e1fL } },
-    /* 64 << 357 */
-    { { 0xa13f19b40f3ff12dL,0x57ee08b1019564aaL,0x00ec0c997044a6f4L,
-        0xaf5665f8dca1075cL,0xded5ca3f0620ab0cL,0x9b2cb8c7a896deffL },
-      { 0x032ab2b307df2345L,0x964d109ef1da3f88L,0x2286b6f725133304L,
-        0x0d16d531977a4567L,0x00a66036f1abae4fL,0x5debab1d95f0103bL } },
-    /* 0 << 364 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 364 */
-    { { 0xf2cdae3196230a58L,0x47cf36b4f304e1eaL,0x9d14f25ad750b29bL,
-        0x931b9c65dba15f3eL,0x34db169ebf9fe2ddL,0x8a89e47c52663433L },
-      { 0x8859a4f8026ec31fL,0xeeb703eaa913ceeaL,0x74638d6a67ac4db7L,
-        0x5c8ea7b2be25d755L,0x8a0f0a8738db10eeL,0x96a26bace890bcd3L } },
-    /* 2 << 364 */
-    { { 0x883533af64a5e869L,0xaaa778c26973ec23L,0x8f0b5fb546d0fcf3L,
-        0x7e6b0a0a4ab05da7L,0xcd91a869c67b6614L,0x7de9f2ff6c6f7cf2L },
-      { 0xc072a106d1ec14c3L,0x3f4b960642a128eeL,0x7378192c8f0ce946L,
-        0xdf2e7b9fd1149441L,0x4fa17cb614ccf45aL,0x575680e945f03568L } },
-    /* 3 << 364 */
-    { { 0x0f4ca7803374f910L,0x5948ae98fedc5b5bL,0x4873625b4ef805afL,
-        0xbddba22fc015c586L,0x7091b50aa41a8c93L,0x721dd3384c005f42L },
-      { 0xf43d37462065f41dL,0xd16bae3e172512b3L,0x3efca10c8277068fL,
-        0xd0c25d7b77513f00L,0xc0015cc12dc3af9bL,0xdf11a4ec94c6cadaL } },
-    /* 4 << 364 */
-    { { 0x8b70e94f8f458c68L,0x292726544160ecc7L,0xe22219ba4d3ef22fL,
-        0x7f8a712a1999f948L,0x25575e96abfe7302L,0x21c6ffc6564a1af0L },
-      { 0x045e9c667e8500daL,0xef7c3cf704ef8ea6L,0xdd23b825c3db161aL,
-        0x05fb173aba33a906L,0x9a8b5ecb870e41f2L,0xf3d9db0bccc30d1dL } },
-    /* 5 << 364 */
-    { { 0xbed7d94ca1bf2c8cL,0xbb7f437cb8b719ddL,0x65416af6106834bfL,
-        0xdade8a144c4f7448L,0x62227a1d881dfc06L,0x37bc7de58dc2b7bcL },
-      { 0x4f11541712ce030bL,0x72439d8ac2a9e0d6L,0x98cc53aba0f1b961L,
-        0x2f68011d48b0ec8eL,0x4bbc34679c72d034L,0x0320c1469c576e38L } },
-    /* 6 << 364 */
-    { { 0xd9243926e873ff0fL,0x2e2a5ab6f20b0e49L,0xa1bcfeee0e35f201L,
-        0xd25be5f3196f23f3L,0x298c67f2ffc1d068L,0x77dae55c0c3d950bL },
-      { 0x5e15ab998822c996L,0x52de2e6d83f60a98L,0xa9f82ec947a7e269L,
-        0xf02af9a22ac22e49L,0xdfb3103fa706f090L,0x125599623cf8dcb0L } },
-    /* 7 << 364 */
-    { { 0x9f5f44fa666e278fL,0x53c88803f5582c78L,0xd7e8f258f9627f9cL,
-        0x22499dc938fd51bdL,0xa9d7497c846a4a79L,0x791b8ead026ae250L },
-      { 0x84d47d19db15ff63L,0xb58a82c0267b44b5L,0x9b2f138806a52e30L,
-        0x3fc8da027f08953fL,0x22d074d292fcac08L,0xb9c7c3db701d73fcL } },
-    /* 8 << 364 */
-    { { 0xb7b8562588ad12b2L,0x81f5958b1e44b254L,0xb4ebddd5c91b8ffdL,
-        0xef815ae155d38511L,0x98587d551b0da525L,0x1d41817734a9ebbdL },
-      { 0x844811fb1e6057d7L,0x0c16977176e5976dL,0x4b268bb4f623789bL,
-        0xb26ae5be40498058L,0xb47a5ded3c2b435aL,0xe15a684b8fceceb3L } },
-    /* 9 << 364 */
-    { { 0xd55407583353db48L,0x0e334ccac0c0b5e9L,0x679a935f270c48d3L,
-        0x170693e436ef0e90L,0xc72fb12f9de59023L,0xaae13a0e9371697cL },
-      { 0xe98ed704d8d56e4dL,0xc6de5384eb71f091L,0xba63adccc6d905a8L,
-        0xc84e614d66e40dd4L,0x15dcf1a3fa0f55e3L,0x4e26ee3af157c7a1L } },
-    /* 10 << 364 */
-    { { 0x122a3eedd09dc3c8L,0x6a19907faefe0819L,0x057aafa1da325339L,
-        0x138033bdd42a5345L,0x8ac206af1a065ebeL,0x0a46f5ae25c31ed6L },
-      { 0x7fc577a9d7e379dbL,0xc6df694369dcee54L,0x4c167ba2a8336bc1L,
-        0x0fbd9708f3a1339cL,0xc6b8c01f226f612fL,0x5d4ed789d51332e1L } },
-    /* 11 << 364 */
-    { { 0x67ead4e0f6a40814L,0x42fe051ca2ec9ae1L,0xc09f84395eba62cdL,
-        0x7bb5ba0c9d8e7305L,0x85962d0db46f81abL,0xc7183752628b18ebL },
-      { 0x7a1f023edf58ec0cL,0xf21bfdbaab6535dfL,0x12add590801d2481L,
-        0x1fccd1e37a11520aL,0xf83caddd6fa8f8e2L,0x99e7256c24e58433L } },
-    /* 12 << 364 */
-    { { 0x26aa2c2e5a1abcd8L,0x2b16a12e9609d9d8L,0xe485a551a2bee00cL,
-        0xfa28c30bf4f2292eL,0x99abef78b7358f1bL,0xda6b3cdf10a276a1L },
-      { 0xbd3858b747c03f71L,0x4f0bf5f0b22d05d1L,0x2d80f5d28250f760L,
-        0x060f9b278cd9666cL,0x6a6c40b0b1b014a9L,0x44537af38c440a9eL } },
-    /* 13 << 364 */
-    { { 0xce1c070a2275263dL,0x2723b3d149cea971L,0xedca02f5817001b6L,
-        0x5c160e9349c946e4L,0x273b4952458a5265L,0xc7bcd7c610385173L },
-      { 0x22cddfd17fb08b14L,0x959d5dfe10f73d01L,0x900f5f348e387351L,
-        0x6d7381dfdadb8695L,0x8dff2b193aeafba6L,0xe4a8d6bd8adadc36L } },
-    /* 14 << 364 */
-    { { 0xb564cfd676faaca5L,0x8a6e3925920dd223L,0xee59a140a590a383L,
-        0x9e29b552a1922ad9L,0x604367de60a0da63L,0xc498aca592c35fd0L },
-      { 0x74135082250ed8a0L,0x5d109d1a6c7c3e77L,0xf9e2d84dc63dff94L,
-        0xca50f5e4f7aa2b0eL,0x7cba9e87d543d389L,0xaf5fbbefd8fd1292L } },
-    /* 15 << 364 */
-    { { 0x3163e2e895bcc345L,0x4ceaaf2d80d9a931L,0x4d2dc44b2f621612L,
-        0x2a5f60b86cc8ffd0L,0xf49038cf7e8c9434L,0xb580b8c508015b8fL },
-      { 0x4283ec01d52af80bL,0xac9dc35f99076245L,0x38785f7bd64c3dd8L,
-        0xca19c17623bf8915L,0xd778291370478260L,0xc1e48e6816e34149L } },
-    /* 16 << 364 */
-    { { 0x707656834fc11c3aL,0x53a9403166aac4d1L,0x2a935ef0a6db6169L,
-        0x002927612032d599L,0xb5babb2d3a6f1316L,0x601a7dfadb26af51L },
-      { 0x00c340131322d983L,0x45b062ec2bb507c5L,0xa1bbe2ed0f9b3656L,
-        0xe17a5d4934031d18L,0xe3661047f8fe1224L,0x0e4f3b3d623c6cf5L } },
-    /* 17 << 364 */
-    { { 0xb335d83c7c3b8c3cL,0x01eb94f059359a67L,0x3a8359a6aef3ffa0L,
-        0xb0270076ecd2d862L,0xc946b1610377e30eL,0x9a5506c282bd6ae1L },
-      { 0x737bdad0218512dbL,0x449238633487fb13L,0x36026dd12a8e7907L,
-        0xb67bdc80784811eeL,0x9f92cc2405c90646L,0x02c551554c370746L } },
-    /* 18 << 364 */
-    { { 0xffaac084ca45cccfL,0xaea5cc3d061ffe3cL,0x7c5d7c60b355f387L,
-        0x4bbb2a0c99cba92dL,0x6b4ba3ef2f7768d6L,0xc7484ed2cc5f9c40L },
-      { 0x5d4e92fc52b57a7eL,0xba9f16c4ca2c200bL,0xebe02a8a3797ccbaL,
-        0xb6b3f42138c4133aL,0xad5d85b68153d033L,0x782d6ee85714f269L } },
-    /* 19 << 364 */
-    { { 0x4654991087f226ccL,0x97894d5fc7bfffcbL,0x94f67786b3cabb83L,
-        0xa6abaa960d788dc4L,0x08ae72d61723738dL,0x5003f41d86704dfeL },
-      { 0x67687c3d40fb0a3cL,0x6fdc98c9b43320aeL,0x0f22572fdeb08964L,
-        0x05bb02a4c8002624L,0x4c5adb7f987c2991L,0x3f1c6dddef4e60cdL } },
-    /* 20 << 364 */
-    { { 0x7845b6969c0cf752L,0xb82d052b5a732acfL,0x7760564c1262877bL,
-        0x29b3c57a8ecc7aa5L,0xb58eccb0df1ebbedL,0x86fc15443c3a3303L },
-      { 0x44761ddf13060f0eL,0x5a3dacfd7371a5a8L,0x846f6faaf7cbc2bcL,
-        0xf5e098b0368caabfL,0xe23ea10710c08769L,0xbc5df1db1563fcdaL } },
-    /* 21 << 364 */
-    { { 0x75647f6476638edbL,0xb76ceb04aad6e25bL,0x33c73367d9393a41L,
-        0x8396726dc55f0feeL,0xe1cbd48e751b3d43L,0xb779c5bdf47141a3L },
-      { 0x122b85434eab6097L,0xeabacf45e08c6fa4L,0xdb32eab7769f49cfL,
-        0xf956976a04ac2cb4L,0xf55c6fcb5ea8e71aL,0xd72940dfbad47ea9L } },
-    /* 22 << 364 */
-    { { 0x65c3a54e142d8955L,0x5c6583cce7814f25L,0xbd5a07d8d924dc7dL,
-        0x9f717bd9c28f6e8eL,0xa0c4ec4e3b6540a7L,0x3153bb2b142b3283L },
-      { 0x53bf403c9b296946L,0x659a828ab1cdb6d2L,0xe9517d811369af19L,
-        0xd8c7a0998990e7a0L,0xbaa9f59de535cd04L,0xbb0cc68e0f269551L } },
-    /* 23 << 364 */
-    { { 0x2b4a0e69d0cd5fc2L,0xeb8dd25981167a94L,0x356198ae61b73503L,
-        0xb159ca12e5289d45L,0x99d71c97991765b5L,0xce3a3b6c198e10b0L },
-      { 0xcf6ee0bcafbb512eL,0x4aadd1381e19b49aL,0xcf6a9cf3b4806f0aL,
-        0x6aff0386ad688bb4L,0xea487c6e4f2e5065L,0xec200f4b56573b51L } },
-    /* 24 << 364 */
-    { { 0x3c00ac526a78c6e5L,0x9c61aca6defaa52cL,0x0034128939794a09L,
-        0xe08910d141cd7c0aL,0xa58ffbb6a732e3bcL,0x87bf51ab91fe8fd8L },
-      { 0xc4f4f2674a59e2beL,0xdeb512c7438071c8L,0xddf82842e9cd290bL,
-        0x3e17311d6ae85fe0L,0x6e9236a9b41be881L,0xbb9ddf9853555ebfL } },
-    /* 25 << 364 */
-    { { 0x07d2df1162bb0e3aL,0xe74ce211ce469affL,0x9629d7d4756b5a83L,
-        0x61d2a633aefd449eL,0xd39a6afe491e503bL,0x0f1568d14d2b2ed7L },
-      { 0x8216304cd19611bbL,0x6df99bbeb27388daL,0x2b0f60c0b7a3b4beL,
-        0xcff84c1c7dadf840L,0x470201e28a9f8a49L,0xcda3693c21afc717L } },
-    /* 26 << 364 */
-    { { 0xccc163ea09f3f0beL,0x9932b56f6a5b0a63L,0xf89fae919c69668eL,
-        0x555f98215ce13021L,0x4b02693f37037aa9L,0xc4afee79bde50f35L },
-      { 0x4b0919c202aa6c7aL,0x3166de2a991e15e9L,0x284baa3e7077fb38L,
-        0xbb7a6416a116ddecL,0xe8c89547b7636772L,0xff9403620ef92c54L } },
-    /* 27 << 364 */
-    { { 0xcd183e8bd3ea4c3cL,0xc8ce2f2154b7ac32L,0x75387e04be960826L,
-        0xaf878400f2e39f5dL,0x7fcefcd94fa628f7L,0x76eb621c34582cbbL },
-      { 0x44e1f848f29d2496L,0x42aa36174ab4eb21L,0x43cead840c08b50aL,
-        0xfa4ecf60dd44f7c2L,0x5ac9ffd59f817546L,0xec11567eabcc594dL } },
-    /* 28 << 364 */
-    { { 0xd5d81275e2ce6008L,0xc45bdf250b3b9d10L,0x15ab5da36cbc83e2L,
-        0x85a18cf8c52a66cbL,0x77e202b8b042c047L,0xc4dc3de2e7e7997eL },
-      { 0xfe9335b1995fa67aL,0x809e161d75b96a00L,0xfb03c2a5a0c3baeaL,
-        0x5c7e0523888c2f77L,0xa8fda1c887ad10e2L,0x90484f78858a3577L } },
-    /* 29 << 364 */
-    { { 0xefc5aa2681bf26c9L,0xdbe91f606bf105bcL,0x0d70c4d4369dd3aaL,
-        0x2b357b847af9bf66L,0x4293e9a01f27f163L,0xc846f67cb3eaeddeL },
-      { 0x4556bb787da305dfL,0x4ecebf83a5a26bf9L,0x8e05af924c1bc430L,
-        0x4f3bdaba70f80402L,0xccaccfd3cf204577L,0x8fdee135a0c42d1aL } },
-    /* 30 << 364 */
-    { { 0x49e41f0af9fde126L,0xec9600443613d3c2L,0x2c62a49d10421d3bL,
-        0xe24024648131a0d8L,0x8a7ce188bdf794fcL,0x704dea7d4665b1b6L },
-      { 0xbdb9c18e4d57c6baL,0x5288a053f669b3c0L,0xbf7d01b878a5e252L,
-        0xb26cccf926b9cb7dL,0x14191a3284326c47L,0x460ff74791f8425bL } },
-    /* 31 << 364 */
-    { { 0xb9958c5397698b9bL,0xe1f74292c27f96ffL,0x172b0d50806da6bfL,
-        0xaf3d889ddd38b97eL,0xe7a75ea409c688daL,0x1f0951b85c631b2aL },
-      { 0xdad8b2adda1c111eL,0xbacb9cc832813338L,0x30b8336b10582abaL,
-        0x0ff3d7549494e71cL,0x8d99be5cd663ed6dL,0x8eb412cf7073a941L } },
-    /* 32 << 364 */
-    { { 0x59367582bd27be7bL,0x92bf5bbc1ab2c596L,0x5d96351af6a27741L,
-        0xeab94db87f929e0dL,0x865ba011043f1afbL,0x43acea125fb631ddL },
-      { 0x192e0652b2fd1436L,0x44f22ff17b38d121L,0x7bcc228db7cae5f6L,
-        0x02eaeccd6a828b03L,0x7c48a2ea91f301aaL,0x1e090717f5eb1a07L } },
-    /* 33 << 364 */
-    { { 0x4c7f41b4609c6818L,0x978c2a561c82b3c4L,0x68404f1d7f6ba836L,
-        0x91e056d0c863aa7cL,0x0b24599ba2261804L,0x16e9060dcdd7596fL },
-      { 0x42aa49434eff004eL,0xb99408690438f1e4L,0x28299e8581775712L,
-        0x498998eb83be6877L,0x84273d9e91328a67L,0xb7e9076e9a87bc8cL } },
-    /* 34 << 364 */
-    { { 0xe8d204865e5aea08L,0xaa946076addc7ba0L,0xc0153a9bb6a5cabdL,
-        0x622271bd4fbe43e0L,0x44de159cbd62e5cfL,0xefca41112b9b63f8L },
-      { 0x30774d3cf5269928L,0x4fbb7ff84ac0c8b6L,0xe0611f1f8839106aL,
-        0x5d4121204ffa4a64L,0x9552c123e86251c0L,0x57d029680efbdb14L } },
-    /* 35 << 364 */
-    { { 0xdf3f8e06d7aeacd2L,0x725b25fe4d0e7af3L,0x1794f0da5c17392dL,
-        0xabc807dac977ff46L,0xd90e6c8f0d5ca66fL,0xaf8eb526c2d26d49L },
-      { 0x4661962e8a8efa37L,0x2a2cbeade87ad53aL,0xa57d34b1ce3ff40fL,
-        0x1190437dc6aa3067L,0x92c31e779db66b47L,0x86a8ee0f8e8a70d4L } },
-    /* 36 << 364 */
-    { { 0x7b65bb14de97229eL,0xad6e3fee4c6d35b8L,0xfcbbf6afbee3f5d8L,
-        0xb51549ca4a438fe3L,0xe66e615d437d531dL,0x9ee793eabf168624L },
-      { 0x796789b0f8878a84L,0x3d38950dd32ec2ecL,0x74c37196a638d45bL,
-        0x35d318327aeedaf0L,0x082c44f046a001e5L,0x93fae5cf89886220L } },
-    /* 37 << 364 */
-    { { 0x8e585fea499b635cL,0x60afcb3566781e83L,0x06594d9267482257L,
-        0xb9f6101128773448L,0xba9ef7102817fd2aL,0x494e05b2aad046c8L },
-      { 0x65d804fc1614e265L,0x1b0884c6d97fe002L,0xd7d34f60875bcc2dL,
-        0xf34725444b440852L,0x49386bfb95591325L,0xe3966f4ccf68a142L } },
-    /* 38 << 364 */
-    { { 0xa5f3bc6cea06320dL,0x1bf855c637ad6e7eL,0xce7ff06ec58befadL,
-        0xcf0d22cf1c2c0478L,0xf53e473e75616621L,0x00539f8700829986L },
-      { 0x45398355844866d3L,0xbade46a2d710bc63L,0x6b3da567d4e2641fL,
-        0xff70185978fd963cL,0x2eefaabaa5bc18a6L,0x61eeca92eb64cd49L } },
-    /* 39 << 364 */
-    { { 0xdf7c7c0b4cd4c82fL,0x67a26a97188ab9dcL,0x58c5bd74dd189cebL,
-        0x3e1e93a9bb6409f2L,0x0d18a8bca6bb744bL,0xad3eafb45328dcf0L },
-      { 0xacd15db5e311dfe8L,0x13a1c10ac1e849bdL,0xfaaa7227e1e73aa5L,
-        0xa4cd2400e33d4665L,0xb9be68d9d6d527b4L,0xfe282bc05efbfc40L } },
-    /* 40 << 364 */
-    { { 0x159b38e17f8fd522L,0xf3ea27b5755e2bd8L,0xfaa52efebf11ac90L,
-        0xc2014b892cb9f6dfL,0xa711c179d8baa5d6L,0x5474c1ceb22c2f27L },
-      { 0x3cbc74cb031d05d9L,0xddd97ca6c44e469aL,0x21b386a647db83e5L,
-        0xd1431c7b7abc0595L,0xbc05d009a416a325L,0x1c29eb709da53e92L } },
-    /* 41 << 364 */
-    { { 0x7f1aaf98181ce8a0L,0xa890cd3b6caa5b6cL,0x5d78dfaa5fbeac66L,
-        0x36c63cef3d3d4594L,0x6f89ac3ec36d117aL,0xce9095640fc90e27L },
-      { 0xaa356b1ac127aa76L,0xfa42cc119d181455L,0xbe4622fcd27f5ab7L,
-        0x58d924542c3d54f7L,0x78a84f6b07e93c24L,0x5bf7cd278bce9a46L } },
-    /* 42 << 364 */
-    { { 0x4bde9ce5f810db3bL,0xec4a74b7281552edL,0xf5b4fa5fee085bb0L,
-        0xb07a62936192c8b2L,0x163ff0d1fb18d219L,0x8d4b5e1d8e0ce753L },
-      { 0xbfa6211baebcbf50L,0x1ed6d4b4fecc19eeL,0xbf6d514b82393e94L,
-        0x90b356c1711e7d6fL,0x87b28dc2f975139bL,0xc41900648d8bebe9L } },
-    /* 43 << 364 */
-    { { 0x3468af53e8d49368L,0xa0a07369ff825262L,0xfad134fd662958f7L,
-        0x5be79c00ce900822L,0x4909a56c44bde5abL,0xc2e8c4df4862e335L },
-      { 0xd5e9b9386e7e41f5L,0xd3828d424fe474afL,0x058b2723cef44adaL,
-        0xc74ac74617eebe66L,0xc3e6e014bca4416cL,0x2e30bc88167c2e86L } },
-    /* 44 << 364 */
-    { { 0x68211ba4969c2c58L,0x7a34733977f218e4L,0x0237eb3696ea1d64L,
-        0xdc97f94b7416f3caL,0x63aa82e476bf9e52L,0x4b88a32d388465baL },
-      { 0x7322d9f44adc7579L,0x70c01c7fb24d28f6L,0xdf7f4213c7517ecaL,
-        0x42c027f0a8db6d56L,0x2708360eb6c2f8baL,0xf20690d1c2dde09eL } },
-    /* 45 << 364 */
-    { { 0xf139c3e3bc6158ceL,0x19207b6a4c86b780L,0x55af3eb977c036b1L,
-        0xd192686abd563ebdL,0x8bd0afb05550266dL,0xaaa7376d83bf81bfL },
-      { 0x26aa74ae4a114541L,0xd92549dfbb6745ecL,0x6ad6a14ec6bbfbd0L,
-        0x63fee75b411771f3L,0x111ae3101938e8b5L,0xce3e5e346c363756L } },
-    /* 46 << 364 */
-    { { 0x2a53c88ae0a45b56L,0x26367466da72228fL,0xdd65516edfdbb135L,
-        0x5fe254e82d7e37bfL,0xc0f5cbe433ef39e3L,0x249b7e3ece85effeL },
-      { 0x85951a5391ffba8aL,0x41117672c8dd5ec6L,0x7a74538d9dbb0761L,
-        0x0b35fba0cfb06ddcL,0x8c36be4d1a0aca2aL,0xbf884a8e45848e1dL } },
-    /* 47 << 364 */
-    { { 0x191eef31788596c8L,0xa7413be65a2d0ef8L,0x30894fcc5c3c09e1L,
-        0x6b0e429b2f72a333L,0xceea52a1e70470e2L,0xfc638b316b682db2L },
-      { 0x31af73cd615f7f21L,0xb31663760094996eL,0x7ec37e33dfff756dL,
-        0x38c50101d9b63a4cL,0xa517c6df192f18e4L,0xd674c53a841fb337L } },
-    /* 48 << 364 */
-    { { 0x4dd3bd842446fc6aL,0x4654b82ef25ab510L,0x1ad46998ba066896L,
-        0xb7c679acad713bbdL,0xef9389aff7ca4fa5L,0x1b864105d68b6a1cL },
-      { 0x3acfff604b6f5ea4L,0x81ef58f7b9e5a475L,0x5e2f6441c66ad734L,
-        0x49f144c42fd3eb16L,0xbd7f22082e4e2117L,0x30865994417911a3L } },
-    /* 49 << 364 */
-    { { 0xc2f25d9e80d2adb5L,0xa0e77dc5242430feL,0x7f30e54b4f504e97L,
-        0xdc114db4680ca2cbL,0xf76fae57adec4d89L,0x06f892eff313535fL },
-      { 0x50af729a9a266407L,0xb0cbc4f0764dffd1L,0x153ff8f8d20c2e19L,
-        0x27fa845a7388d22fL,0x26e08ef5d784e057L,0xccbe49ee53b5dfc0L } },
-    /* 50 << 364 */
-    { { 0x6fa8e5ff3082ceb5L,0x81f4dd02ef4850ccL,0x626b324456483f9aL,
-        0xc0acbd8782e65652L,0xf9bef3117e23f93eL,0xc2474777c2310f6fL },
-      { 0x6b4617704379fd64L,0x2f8fc599f18c3b14L,0x2287f1d0bd076aedL,
-        0x9f8eac0fef366016L,0x517cd2e371fd845dL,0x0fc2f219a30c371dL } },
-    /* 51 << 364 */
-    { { 0xfea0464721c56ce8L,0x4f7b055b6a32a26bL,0xf8c8d93e487ed396L,
-        0xe620b440855f4df9L,0xa3f6f21dea870c14L,0x0518225207dad127L },
-      { 0xbdfb7b12c68ab5f6L,0x5f58bdd7fc68f296L,0x2df9cfc505e4fdc2L,
-        0xed12a102379c282cL,0xd388362654d8de77L,0xaefb0f7fb01065afL } },
-    /* 52 << 364 */
-    { { 0xdc64f8d23d80d738L,0x7ae74ab1d95a1c6dL,0x4dba93a8dd46de0dL,
-        0x271aeb870fddbd1dL,0x1bab6546e9e7ed31L,0xe6445d22efec8f37L },
-      { 0xd927df1797a718a7L,0x738c2450351b1ceaL,0x3809e595d51a7422L,
-        0x4f8d5ea58969456cL,0x74d9168421c9ad95L,0x59a69f8f4f796a11L } },
-    /* 53 << 364 */
-    { { 0x2542fcf1f07717aaL,0x032abb3f405a7717L,0xc757e6e294cade8cL,
-        0xad4776adf2e84dd1L,0xb7e277243d5e397bL,0x173894a605f8921cL },
-      { 0x0e3a78531f6afc3fL,0xf33732b8ad62482fL,0xa6b4e0f03e4cb6e9L,
-        0x51ba565eda02264aL,0xd0afaa4600f3f376L,0xf5506a1e35252e93L } },
-    /* 54 << 364 */
-    { { 0x3574783b5ea1c662L,0x675894e514fadc8dL,0x64dd63935ac6ea7fL,
-        0xa76c00dc77f16c96L,0xf73ef2c62eb9574cL,0xdd39a89a2e408008L },
-      { 0xbef8c8c72bafa10bL,0xa31f030a074733f8L,0x5620dda5445b4b6dL,
-        0x4e08fb0173040ab8L,0x0a279f38598ad48aL,0x03e8b55e2d40d775L } },
-    /* 55 << 364 */
-    { { 0xf49d4d54c20c8610L,0x1b1d70bbc0d62b65L,0x524d3a0c16285ce2L,
-        0x0be553b08a0785b4L,0x9b93e5093c84975aL,0xbeac761160769465L },
-      { 0xffaaffcb3331dd0aL,0xad0f01542d70fcf1L,0x65aaabab66fe24bcL,
-        0x283edb562cab253eL,0x1659deca80383c87L,0x06de45fd83fc6d7cL } },
-    /* 56 << 364 */
-    { { 0x7bcb055d5f76c311L,0xdb2d05878e293aaaL,0xb15036e7207360b4L,
-        0xbc38cc9f163f0ae4L,0x5a942f85a44d0a0eL,0xee8633a23f553a88L },
-      { 0xf66b65c5c9bd4ee7L,0x7a4ca96a80b8ceefL,0x7b71cc55f6f08036L,
-        0xc0408b198c41be7cL,0x885fd72f80860d93L,0x338a567be7f68b7bL } },
-    /* 57 << 364 */
-    { { 0xcba302e939d99b60L,0x2557b3d903b8faa0L,0x2a99cd6e9efc4461L,
-        0x03ce3e08268f14a3L,0x59226a83b1c68a01L,0x81a18c69fe379976L },
-      { 0xfdfc9f148af62557L,0x0cdf327140b2d4ebL,0xf99ff3ded26c6085L,
-        0x2c138ffdf9b0273cL,0x393d6de6888dfbd3L,0x75903c68e5cc102bL } },
-    /* 58 << 364 */
-    { { 0x0c56d477b78a7b91L,0xbedff933c7c3ecf4L,0xe02da64223ead65aL,
-        0xf7e7cc19a8162300L,0x3719fb8f2f3dbd03L,0x4f150cb8cff88c59L },
-      { 0xa564c5eda7fcb233L,0x9b042870b6a41ca7L,0xf253b65ac1615f1aL,
-        0x9ccb49a7b8aaff46L,0x38bbc5f7af0086fdL,0x688f7c2054a6d8a9L } },
-    /* 59 << 364 */
-    { { 0x3702c5e5d22a0892L,0xf17510a28d510809L,0x5c36dc68bfdab4e7L,
-        0xf72c9357623a98e4L,0xc660fc5146624a0cL,0xf0b4983d3e64dd4cL },
-      { 0x5cb98cc9a5ecf45eL,0x79759acdf5082a78L,0xfd0daf366e7321dfL,
-        0xf61c54f7f1ebcacaL,0x782e5e74b8f665c4L,0xb1d54c2145d78c08L } },
-    /* 60 << 364 */
-    { { 0xb64f3b9bef1af123L,0xc86dc5ffe1b75401L,0xc3a76d81d928e989L,
-        0x075005abff8ca002L,0xca6226325c3cd8b1L,0x017a97b2bd8f772aL },
-      { 0x187eb635039c4757L,0x9eb7a9d1e905c6e5L,0xdacb98bfbc251cceL,
-        0xe357c60e8704c639L,0x50563b8558fd987aL,0xb2f89c864cea5d4bL } },
-    /* 61 << 364 */
-    { { 0x3d13c0bfd32233faL,0x997c424145aceb7cL,0x77ff5a75ed2e9df0L,
-        0xc4279aa23c91d085L,0x5a11a276ca0392c7L,0x928e06032daae653L },
-      { 0x21fe225fc4046f85L,0x591fa82f512dbfb4L,0xb5b01a3f51aa53feL,
-        0x900012ef7133befbL,0x24609da17130c15dL,0x3c4a09b33d2549faL } },
-    /* 62 << 364 */
-    { { 0xcdd3073d3ceabe32L,0x56e155bc5a848977L,0x07f4c7c6da48eef6L,
-        0x00a2f9f79e021b38L,0xeb683e17ffc4bd6bL,0xa7d6b87592b7e240L },
-      { 0x651d21de7e48836eL,0xf9c9ede775de3c75L,0x72cea748d90f2634L,
-        0x29d8022283fc524aL,0x1e412b510dd044faL,0x1b9b332a76a04fdfL } },
-    /* 63 << 364 */
-    { { 0x4dc8421f06f49d8cL,0x6a3fd9a83f979e4cL,0x50b0e3760b51bd69L,
-        0xec22f486a592313eL,0x5e4663ff8e8904d4L,0xde7b9e23f3362548L },
-      { 0xa1ad270d1ab757abL,0xb91fd935a3089f6aL,0x1d6b1524a635f996L,
-        0x8673f8e29c718c6dL,0x0e04360725932b9fL,0xb5d0447222ac239fL } },
-    /* 64 << 364 */
-    { { 0xdf0ae8df941948e3L,0x123fee901d010bcdL,0xde3717ca1dd28691L,
-        0x0c1db879709b678eL,0x0288959a400acdc6L,0x66c691815ca2d03aL },
-      { 0xe52534b3dbbb75deL,0xe914938c3de927cfL,0x1a9a34f873eece30L,
-        0x0fb0c7bd642a6799L,0x375cc0cfeaa7e8a8L,0x75fb9eb5d00ec238L } },
-    /* 0 << 371 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 371 */
-    { { 0x9ca8cc9db72958ebL,0x3c8cd0db1014f562L,0x72115d53059b2bbaL,
-        0x8fe7ac30730e5dc3L,0x4e67ef69841d8998L,0xfb6439ffc8ed37a5L },
-      { 0x48164b3e26df84c4L,0x37d492ad365bc99eL,0xb7fd4643beed38ceL,
-        0x993cfa9fa3e30b3dL,0xdcc5e7af01ddd484L,0x5edf3ac06840175dL } },
-    /* 2 << 371 */
-    { { 0x79768e9f51d33c11L,0xeec34505a4b24889L,0xc194821bbe0c67d7L,
-        0x537a6a4a6909fdfcL,0xae6d705195ccdda7L,0xed4b722292b3926cL },
-      { 0x2c5dd6af6b24a3d4L,0x9282ec39e4386095L,0xdd3c7388397a3bd3L,
-        0x9d176c6a8baf59c2L,0xd5c6219e380ec958L,0x194fc11654e8e315L } },
-    /* 3 << 371 */
-    { { 0x0b7576f901ec1432L,0x84b30eecabc5f603L,0xdaaf7ba9f4a84b7aL,
-        0x9e3a5daa3bb37a99L,0x56bd964880378cffL,0x2fdeeeb78e6ed856L },
-      { 0x079014a73c81ac34L,0xf8de4004b4211c27L,0x0cee3df97fe4391eL,
-        0x441aa7fb2fd2fc38L,0xeba7be864d1b575aL,0xca2fb5b7231c2d01L } },
-    /* 4 << 371 */
-    { { 0x0683349e463a8251L,0x97dc4f475103e72cL,0x47c7181050663b9eL,
-        0xf327d1499733dac6L,0x03f55e4a292137c5L,0xccc6232ada59e1c7L },
-      { 0xbaa8b4ddadc59cb8L,0x45370d35fe7486e4L,0x99a88c1db0322df9L,
-        0x394440a7fd69954fL,0x9060473da5a29889L,0xc8ca43e32f04864aL } },
-    /* 5 << 371 */
-    { { 0xd5c7241add8b9644L,0x45a5f2d1993116d2L,0xbacacd4a823048dfL,
-        0xa278fa042568547aL,0x3a4f2482bff72820L,0x1305d1a713e4314aL },
-      { 0x9d84c33334ba28e3L,0x9995b5bb6a32fb41L,0xb0f75f3c520946d8L,
-        0xd7c4b8b7de98aa63L,0xee5efcf3ba856b6bL,0x36af33683324ed66L } },
-    /* 6 << 371 */
-    { { 0x90762c1f5827fe2cL,0x20160f7aeaffda88L,0x7420849f5c47c645L,
-        0xb08231956d72e748L,0xaeac683b8ee11773L,0x8c2a0a79fb5c550eL },
-      { 0x6d986d696c07cc1eL,0x57269140ba8398b9L,0xd13e136fd94d5223L,
-        0x1aa75419ed5b01c6L,0x7c2014b1408fcdccL,0x0680a985cffde5eeL } },
-    /* 7 << 371 */
-    { { 0x92fc9a3342c5a7eeL,0x8768614af9f0ed71L,0x1ea5f7ed87ebfb66L,
-        0x296852ded361069cL,0x1cec6f1a0192498eL,0xbfd4858fa9cca3aaL },
-      { 0xfba98c242ef240e8L,0xc8b500e4ab635d9fL,0x9f49c572913a3eddL,
-        0xe6181f93d42b2d4dL,0xf96b5db26aa77fa3L,0xdfb2241fe43558d8L } },
-    /* 8 << 371 */
-    { { 0xc7d0abb2edee15a5L,0x72dc0105228cc4a1L,0xeb67defca80767deL,
-        0x6fa174d871820908L,0x3215df485674d19aL,0xf944531a960a081aL },
-      { 0x93ed7180ef2cce62L,0xb318edbfc8bcfc0dL,0x0909d56efe787e58L,
-        0x5ae74fc98fe8b96fL,0x8fc342c435ab6811L,0x6fc6cc5c0b991e0cL } },
-    /* 9 << 371 */
-    { { 0xa8eaba6e291f689dL,0xfbfa9a2cdea0cba9L,0x5b1b4a21727bfa11L,
-        0x3b69505fac59c8c4L,0xb06290c89368ddb2L,0x4181abc294bcc14aL },
-      { 0xa19f65813e29d997L,0xab1ae8408864aac2L,0xb04a24300fcc9ae8L,
-        0x3ca2428e1059e4dbL,0xe288731117e1e01dL,0x1f5d4164be56238fL } },
-    /* 10 << 371 */
-    { { 0xc600dd57354416d9L,0x6f5840991f829d6bL,0x2d7b0a27de43c1d6L,
-        0x21bf3a9e616bdb16L,0x33ce767c96297953L,0x99bf97b69e4398b2L },
-      { 0x4069cced8d441287L,0x52e0edd6bf01017dL,0x9981bf89c5394236L,
-        0x07d9c079acb24e38L,0xd2e5e904a2da4735L,0x4c3c12162f1b6cd9L } },
-    /* 11 << 371 */
-    { { 0x1f28bd0de6f1c85cL,0x4a49d0864e6f3db6L,0xc9a8e70c4ef7d981L,
-        0xde8abcf2682bc68eL,0xd0ef89a4a66cbee3L,0xfa03108432df7f0fL },
-      { 0xe361e0f803594856L,0x1f423bafc985c77fL,0x50397b67010ee4acL,
-        0x502f4a20c0a48e96L,0x260bed875435539eL,0xdae03cefa0391250L } },
-    /* 12 << 371 */
-    { { 0xfeecc6e83be5ba68L,0x3293dbda40445158L,0x48454e20e81879caL,
-        0xd0ea9cb89c4a2712L,0xba8b6f33540749c3L,0x95e6d6e3e971df93L },
-      { 0x4c2a1b13478a2eb5L,0x8b5f9af330b92170L,0xe6c60b5343573986L,
-        0xb9f56a6a57040c00L,0x6de6489f6291a7b4L,0xa9a7784653bc3246L } },
-    /* 13 << 371 */
-    { { 0x0dd4172f9025411fL,0x978e952ac6129de8L,0x9afa974bc7ab7609L,
-        0x7bd29a644e42f223L,0xc0232f5f3deb639bL,0xacce69d05f39a264L },
-      { 0xdaee07cb3070b24cL,0xe3adc8556b532246L,0xae5935ce1e6ee4f6L,
-        0xba9c4329ea018a45L,0xa1a4002e6b97ee9dL,0x98390aab8a9460cbL } },
-    /* 14 << 371 */
-    { { 0x828a9dbe67154a02L,0x57a3af981866aadfL,0x1558428089faa581L,
-        0x2da092202dba2a1dL,0xa225f631df197ae6L,0x0abff5cf8f4ebabbL },
-      { 0xbbadc9b3b98e5e4eL,0x7c7cc36e4509f98fL,0x072a6cc2759413f6L,
-        0x7b39ea4121dd1222L,0xd6baf9e196ac2c73L,0xee38818c75d46296L } },
-    /* 15 << 371 */
-    { { 0x19befeacfa37c53fL,0x32c29b361f95c29aL,0x1d282db40d5aeafdL,
-        0x8812b6c8f102a97eL,0x1cd4a23c8402f481L,0xbfdf7b6b8eddec81L },
-      { 0xc8039ae0616b2654L,0xdc6f38acabd23a57L,0x2431c763f147dd44L,
-        0x7c45ed50d795bc37L,0xdbc30ab9842022aeL,0x568f7d4ba1f05a43L } },
-    /* 16 << 371 */
-    { { 0x55671129542f4e90L,0x43bedccf0623d4cdL,0x7e21207ce99ca16bL,
-        0x785fa1057c7a26b9L,0x33c28658c2c3ab00L,0xcce42a48d79cd59fL },
-      { 0x9a674db4b8c3bc75L,0xea701d156904e3feL,0x990e722166bf2c6cL,
-        0xba29affabd4c3791L,0xd98510cf20696ee1L,0x722ed471f93d26a5L } },
-    /* 17 << 371 */
-    { { 0x74e6c2624ba40f04L,0xf7ad1f159a63b3c2L,0xa89e8490ef75d482L,
-        0xaf8e79b83bb5f5c4L,0xb094f8660c624d8aL,0xb571ce6613c69a60L },
-      { 0xcbf9722d53787457L,0x97e24cf5c15d097fL,0xdba98bede99e034bL,
-        0x8b6c171a57773590L,0x5d2b441cfe822efbL,0xb8c6dc57fc74ef1aL } },
-    /* 18 << 371 */
-    { { 0x37c70bdf7db1c03fL,0xd9368612964632abL,0xcf6368d742530338L,
-        0xe56beecbb1d9522eL,0xb1caaf16bb6fba3aL,0xb7bd485ac8384d26L },
-      { 0x4ba13818528d4372L,0x95c469bab9c5e8f6L,0x4e5cef0c4a370695L,
-        0xb87c97ca663f9b07L,0xa9e1b388e5f3b79aL,0xc0416bb84c845a1bL } },
-    /* 19 << 371 */
-    { { 0x4483db00e4634d8dL,0x4d8d623d0a268bd8L,0x296f179c64e6d10aL,
-        0x048f3a1cb6c7ff95L,0x60f8ad62c60c76d1L,0xa0a497610d028845L },
-      { 0x10128387aea1b714L,0x81e5c75ca18bd98cL,0xac30d7361dac4200L,
-        0xb83c1c12821380f1L,0xc8ca7c6afaaeb726L,0x13fb870dfead4cfbL } },
-    /* 20 << 371 */
-    { { 0x3921332a6b393648L,0x49ec6df649584f38L,0xa0fc013dce243a6cL,
-        0xde5b16b5f8da8a00L,0xabcd0c0471ab1c9aL,0xff6594bc78b83305L },
-      { 0x3546004b76c1900bL,0x87428fa236fb3186L,0xd2e464ce59cdeb49L,
-        0x1260bd28faf6ec08L,0x1ada2f08d0c9d098L,0xe0b66299dea06396L } },
-    /* 21 << 371 */
-    { { 0x603d58167c1212e8L,0x95bb823fa4590144L,0xf239058a4bc3ba48L,
-        0x21f2aa610db724b3L,0x29c706e8cd6792a2L,0xb143a84a634f01e6L },
-      { 0x68f37382626ee80eL,0x56daa0e51fcd8c4aL,0xe01b52b39e5299a5L,
-        0x2224513c3accdac7L,0xbb21c7d74acd435fL,0x039bc010bbcb948aL } },
-    /* 22 << 371 */
-    { { 0x5006c3a00848d6b7L,0x726b8648b28285aeL,0x7162e3c0277c5a87L,
-        0x567f7ab02019c20aL,0x490c858fa551d5efL,0x0029a108d134a2bbL },
-      { 0xa9e19284ef0aca3cL,0xbc399dc16e414f83L,0x5bdf85f86efa5a8eL,
-        0x5291e1a674fe7c5fL,0x249ddf2acd7091dfL,0x71d4cb4c2e29fcf6L } },
-    /* 23 << 371 */
-    { { 0xc374acf4c1ded13cL,0x300d96132b69132cL,0x909ce34b055622d2L,
-        0x26f033f6bad97809L,0x30987ebed1f7a220L,0x23147226db775b8cL },
-      { 0x8d45c2c28d05ecfdL,0xeee0c679f0c1b419L,0x9f7df70d8c380da2L,
-        0x4d49f3d130212a25L,0xa9602e8c64491ff3L,0x5ab91d223a254c49L } },
-    /* 24 << 371 */
-    { { 0xedd3291c9dac47a9L,0x02d64634fb5d396dL,0x2ce21bf163264c51L,
-        0x0fdcc68e092c4724L,0x653acb286e3e4c2fL,0x2f9c77f12f1fa1edL },
-      { 0xd91d4c3aa58afea2L,0x5a91b2ba7b0d8092L,0xd47e0f61f10a15fdL,
-        0x01652d86f9c86edeL,0x1cc1b668d6006daeL,0x2763e36d24af68beL } },
-    /* 25 << 371 */
-    { { 0xaa5f387c2314a1adL,0xb8c00105e2647c74L,0x1f950dd8d6719178L,
-        0xb7dae31de79881efL,0xf2d49aa2e45a615eL,0xb22dc098f17352afL },
-      { 0xa4c438728ac23ba4L,0xedd6e4092c55e588L,0x1956b199022f5632L,
-        0x18adcaa58c11bc50L,0xa0c11f6458b1cbf5L,0xd1204377f961ce1fL } },
-    /* 26 << 371 */
-    { { 0x35a2685bbb77f5dcL,0x1b5b79bbc08efa67L,0x4ebec6e6ea5f411eL,
-        0x1800a21988c57793L,0x8d7397f2cbb13c96L,0xbc13ac35dc0327f4L },
-      { 0x53ac05a6fd94b150L,0xd898fa600423e787L,0x802aad2c2a66b97fL,
-        0xb604ac0692c62b03L,0x9f395d3a45911e7dL,0x5d38164128ae56b6L } },
-    /* 27 << 371 */
-    { { 0xa7d5a3afa5fb0decL,0x0d11c0cd5b27e02dL,0x8d854b53366c6cc9L,
-        0x87ef4c140ad9a5f5L,0xaf7c2e6b0c5f8acfL,0x81fc22b69f010f1aL },
-      { 0xe49e0c7e4e25ddb3L,0xd30bc860ef233d23L,0x0b63afb89fa41205L,
-        0xd14b326c702fea93L,0x10ab93662c2a5fc8L,0xab35bab356cfff28L } },
-    /* 28 << 371 */
-    { { 0xdf0f79524130138bL,0x117e4628934c58afL,0x227be6867b6a4087L,
-        0xe73fb2f3b8d298a3L,0xe32e89fda9bacb9dL,0xdd3be6130e9ea7e3L },
-      { 0xd3d655ead4da2d1eL,0x153cce647833bb3dL,0x4a32a9f0b36da20cL,
-        0x025768e5a69c4b27L,0xb0b5da379cf1fcecL,0xd0ecaba23aa3b99eL } },
-    /* 29 << 371 */
-    { { 0x9ab6dae0aaf6b398L,0x2d50f46b4f8e270cL,0x46c1e676fd7b7005L,
-        0x4b8b203e32cf8be9L,0x0253ec899451bca9L,0xc3a7eab7f512b7a5L },
-      { 0xf3bed3fdc5bd61a6L,0x5c0eb52f0a37ef8aL,0xb61aee11140894dfL,
-        0x690607f9bec928f6L,0xba2b1db65148b45cL,0xbd309bf56619b652L } },
-    /* 30 << 371 */
-    { { 0x79d624c7a7b92932L,0xcd086bd7cc75e7a8L,0x3cddc1bbb48eab26L,
-        0x10282df1f6791cfdL,0xffedb4fb1048f114L,0x937ed0e7c092d899L },
-      { 0x045e4f60b84b6d20L,0xdd67bd36877ed915L,0x9bf8fede97617aa9L,
-        0xa7ff9b0789cb8e1aL,0xc49e310e74f4e7d6L,0x12dde0fb3f62eafeL } },
-    /* 31 << 371 */
-    { { 0xe2e3dc4d50ba6e73L,0x31c19ebce6114f87L,0x8df0ffb01ffa99b5L,
-        0x305142f1bfcf7fbdL,0x39931954ab88b782L,0x1952bbab43de3650L },
-      { 0xb32ed678aa09e528L,0xa5150011acee68ffL,0x0307716a97b98b23L,
-        0xb60c3edd4fc8d2b7L,0x91c81725b2b2f887L,0xf1dfc70ab9fb0288L } },
-    /* 32 << 371 */
-    { { 0xe7cf5bacbc579793L,0x11db7ddfd73f881cL,0x9c1a531d04fa8473L,
-        0x399e84845780efdaL,0x6e9c12be4f62cb5aL,0xf21bdc4994a5df3bL },
-      { 0x3c15fe1211da2a4fL,0xdea123bb23e631d1L,0x3ef76da4be294c90L,
-        0x5cf21d5aa99b8398L,0x50679cf8751b9f6aL,0x4b3f3b9c54d0b7bfL } },
-    /* 33 << 371 */
-    { { 0x442dc0fd27174604L,0x5aa056efebc95895L,0xbb8cf9b54c96a2dfL,
-        0xf43342d440f8618bL,0x58b0d00a8f89a8bcL,0x74d32dbc81f69f20L },
-      { 0x5caf0910ab22a49eL,0xa0e9a677ff372f3cL,0xec90b5aef5c05066L,
-        0xe2d98821b663f0e1L,0x388804bf50c7abc2L,0x2fbab16e97ba64d3L } },
-    /* 34 << 371 */
-    { { 0x09138c6071ed8d4eL,0x994d0fa991ef82b1L,0xe6089dbb931f3193L,
-        0xb3b229d0aac23611L,0x52cf03fdacb8affeL,0xf64f9872bd99d6e2L },
-      { 0x52ebb8b40186279dL,0x36a2349fb09efd7aL,0xa85b5d802225772aL,
-        0xd2dc3c1547522562L,0x659297a666471319L,0x65913b608c8e7b68L } },
-    /* 35 << 371 */
-    { { 0xd54591f9a713f82eL,0x0ecfcffc6fae64b7L,0x7df9d7ea7287e218L,
-        0x8b260162abe71460L,0xf75097efb12d48beL,0x82d5902482581904L },
-      { 0xc5c0b5dc400d4288L,0xf6493c78190f768cL,0x1844b5f895bc9fccL,
-        0x24afb04ba615bff9L,0x6c9638ee8bf51197L,0x38bce012b9ab9fcaL } },
-    /* 36 << 371 */
-    { { 0x087a2790494efdc0L,0x0b5f23c9e1645cb8L,0xa6e1d1e8193a99baL,
-        0x0d324e67c0e0c026L,0xa86d993820d608b5L,0x48ddfbfd8d6944dfL },
-      { 0x6aa07f90d371864eL,0x5cf727eef2060df5L,0x7694e02c9a7cf2d0L,
-        0xe091982f6260f63cL,0xd2d481a72cae5da6L,0x045e3685ebcb4172L } },
-    /* 37 << 371 */
-    { { 0x1765632323c82633L,0x5de90578d590cdd3L,0x5cc5e7b9525caf0aL,
-        0xdd9be80dd53e825aL,0x9ed28b29949073f3L,0xd15024156a6ce0bcL },
-      { 0xbc34beeabf355f49L,0x73724878d2b210ccL,0xe47b7af911e8122dL,
-        0x381a4cccdf53a9eaL,0xaa22c9b229e8a466L,0x7a05e2081a4fa093L } },
-    /* 38 << 371 */
-    { { 0x3dfb53521830d848L,0xea183d5cd2820590L,0xc83a65bcabbeb376L,
-        0x5d9ca4d189bb9ac9L,0xb32217be137c900aL,0xcc40daebb0827afdL },
-      { 0xc76130060c58b0afL,0x39f4ed8adf32389dL,0x04a586e2bc1fe9f6L,
-        0xcf018c2abb50450eL,0x5072b8f016d55d0dL,0xc3c72e90d59e1dbdL } },
-    /* 39 << 371 */
-    { { 0xb3291b4e50b4e9f4L,0x79a2e8121b7b9e08L,0x81855db1ddd5f0adL,
-        0x91fa12fc884392e5L,0x6373de02291c5694L,0x15c77432a7171428L },
-      { 0x6016a06c1132df9eL,0xa4286939a0c21c8fL,0x70c5ebe26dca3f37L,
-        0xc5278c510f115497L,0x8f5b07a35ce1953cL,0x4d75c1dc41f6ac0dL } },
-    /* 40 << 371 */
-    { { 0xfeac8e8ac24002e7L,0xa43892076643fa6aL,0x06e7ed63daa68b52L,
-        0x8580bbd5d8c7b952L,0xb17ce22410c8fe9dL,0x40266bd379b88ceaL },
-      { 0x32afc840dd63ffa5L,0xb4a3eb27a2280b83L,0x90528bf685897e28L,
-        0xe4612391d231f941L,0xa7b3a2ccacb5c909L,0x2606844e5558d57aL } },
-    /* 41 << 371 */
-    { { 0x49ad52380519dd66L,0xe1b0b03b3c1470f4L,0x15e42792cd3a4852L,
-        0x91c954b7388ba040L,0xe9fd8c7f857711f1L,0x8552d3d44b63a36dL },
-      { 0xbf867fde230ffab0L,0x362a32a0793f885dL,0x687802cba11e0225L,
-        0xd95b073b308c1972L,0x13b104aa6b3e5120L,0x60bef12333673f57L } },
-    /* 42 << 371 */
-    { { 0x4c4cc5561c8a5d9fL,0x5c6e1fd52b8a42c9L,0x73fd66c44ccfa024L,
-        0x73c777563c50d038L,0x26964a68a5076758L,0xb14cdbfa7484d080L },
-      { 0x24c499cf3f4b92ccL,0x40c8c0d84682daa1L,0xaa156edf785561beL,
-        0x36718fb6de75af0aL,0x4d391cee03f5b180L,0xcf28d08a3100efc8L } },
-    /* 43 << 371 */
-    { { 0xbf1fc9fdd113a97bL,0x19cee87f5ff5ff3cL,0xfc140acf8f8213a3L,
-        0xe70d50d546127d5cL,0x78cd24032faa7ac9L,0x409675f1c1808096L },
-      { 0xaa7b6cd91765da93L,0xc0755b924f508d86L,0x09b8fb7640169a6eL,
-        0x9ca977e52e7da664L,0xee1aab6c9a9616daL,0x54d740391ca0f4fdL } },
-    /* 44 << 371 */
-    { { 0xfe011830c37c7fc5L,0x0b2b965b2ee958c7L,0x99fd253588a43cf6L,
-        0x6a73d62dbf8dc33aL,0xd53c0241a99247deL,0xb8186dccb4127f94L },
-      { 0x86c4c274964cc3d3L,0x2f3f2742cbfa9429L,0x5b4bd23c5391abd3L,
-        0x030b211bc5838fe2L,0xd2263dc4ae2e36fbL,0x45583a3ca0bf7280L } },
-    /* 45 << 371 */
-    { { 0x9ce7f43f1ed3f49aL,0xd8094c4afcdce20cL,0xd8b423d12b37b162L,
-        0x332ce47c53d90a7dL,0xc686fc0c94a38ff2L,0xb44938d6c33d842eL },
-      { 0x5ed14772cd9b0002L,0xffa5d063e800c655L,0x4511ec79ffcb6120L,
-        0xb8c9de3f9da8e70dL,0x4d0759ca952b0ef7L,0x685f7005dfd88f4cL } },
-    /* 46 << 371 */
-    { { 0xcbdb755f1dbdc85dL,0x63d0d7047961be6aL,0xf65af35d8220a1b3L,
-        0x8dcea7df77db51b3L,0x8cb2c5d14bfe8fbeL,0x740579bdee2f03e0L },
-      { 0xa7eeea4ed3f0181fL,0xedbdfaa3c12ef399L,0xee3cc40f1c332118L,
-        0xdae0995e731ef93fL,0x05165c6c0f24d954L,0xcbcc014219fca63aL } },
-    /* 47 << 371 */
-    { { 0xff24bcd842c7c110L,0xa5ddfffc56dc10c6L,0xb9937fcdaa1a09c5L,
-        0x8e18ed5b852dd22fL,0xf24e43c7826fb5a7L,0x13989a43415c2c63L },
-      { 0x71ad7c21d36ffe0bL,0x68b77701129df418L,0x1c5324cd9a8d424aL,
-        0x2e2a2b1ba9bf46abL,0x7d0c04d19cd0ea12L,0x8b4186bf2f9869e8L } },
-    /* 48 << 371 */
-    { { 0x6c8d97e075a46271L,0x0fa0c4cd9dbed39fL,0xfb6da5e2de74ac6cL,
-        0x041ce886c17c1ec5L,0xb42941a8d7419105L,0x79768eee002fdfd5L },
-      { 0x64849afd88c8111fL,0xf425fe14814192d6L,0xe916e8640448fd7eL,
-        0x31e224ad72ed351fL,0x73e6e6ac7c0183c1L,0x375657c621bf7cebL } },
-    /* 49 << 371 */
-    { { 0x093d8039114fd7b9L,0xb6bed3eb45c5e1c7L,0xb73ab7fe50fdbf14L,
-        0x68d95e57af0cd23dL,0x5c260eacc7b750fbL,0x79bb142bb5358c26L },
-      { 0x5aa9845158ace251L,0x04b2388637dbfef5L,0x1051172dc0532263L,
-        0x686ee9e6294890d9L,0x092617b3bffd1609L,0xb4a50e50ea3836a4L } },
-    /* 50 << 371 */
-    { { 0x8bdb3886cdf950abL,0xe2bdc8d3d595dbd5L,0xd28211254ecc49f1L,
-        0x946566081d3c2f24L,0x8124ad390c87df6dL,0x6020c322d16272baL },
-      { 0x2150f7e694af134bL,0x38512401a1a14e33L,0x39a54386b1ff7304L,
-        0xfaf1ffea078d8f0fL,0x7739ea99dea995bfL,0x3252e815c020816eL } },
-    /* 51 << 371 */
-    { { 0x1609832322f1bd8dL,0x6b02533cd4df163fL,0x25108619a8296363L,
-        0x373bf9988f8c755cL,0xebfbc5b23b32542dL,0x7ada597688b9d360L },
-      { 0x3914406ebd605f01L,0xe245ba48cb3a40b2L,0x11a1dc4ed3171f32L,
-        0x4a10d5d26ffb5915L,0x9326b23e997460b6L,0x53ddfee92aa0c77cL } },
-    /* 52 << 371 */
-    { { 0x44f51dd51104ed7fL,0xfca4773e270f6135L,0xe36c8b266bc757f4L,
-        0x2cf0515d6941c7a0L,0xdeab655d5fb16e2aL,0x75c28116cff7be07L },
-      { 0xb24ca428abbbca02L,0x6aaeca9b1e7f8116L,0x4252f4c3510f0c81L,
-        0x01462d856f3ff7fcL,0x4df702879d1c25e3L,0xddd47a1dbebd1559L } },
-    /* 53 << 371 */
-    { { 0xdffaef2c6f2e2611L,0xc2c2e6a41f29efa2L,0xa29bc3b75ebb40c9L,
-        0x8473594bac31a2c4L,0x100d7d6a8604447aL,0x80318670794bbab9L },
-      { 0x78979f72054dfc75L,0x94b4c17e55232511L,0xac44836b78b883c3L,
-        0xc1f7e98168422328L,0x34fcdee68266747cL,0x18533b3f0475c011L } },
-    /* 54 << 371 */
-    { { 0xede6728e3bab17f0L,0xfcd9c96879b94302L,0x6410ae37544a677bL,
-        0xeacbf6de1dcd0fdeL,0xdae70841e2f3ac0fL,0xeea2a9b6e41ba13bL },
-      { 0x1b06aeae9349cdf0L,0x28571e3d33c0ea87L,0xceaf9dd46043e874L,
-        0x32cbcc69fa6fea15L,0x7db75664e135aa11L,0x588d4458f816929aL } },
-    /* 55 << 371 */
-    { { 0xf70797d02b014160L,0x1ddf312d8d7c3263L,0x3bdd58f3c78beacbL,
-        0x8bccd90101c71f77L,0x3c637f58166c1486L,0xb62c0aa45fd1a307L },
-      { 0xa68db7b05f2544d4L,0xb9727946f860585aL,0x91565060a068412eL,
-        0x1283d6d1ab536c42L,0x86c2a11c79caa387L,0x2687309b62bd7797L } },
-    /* 56 << 371 */
-    { { 0x525cd8849b711a38L,0xd413d82b8c95bf61L,0x19ecc14a36b82970L,
-        0x65190ee6e3416342L,0xde9834c93066fcf7L,0x3b87b15e8302cd85L },
-      { 0xec6f67a785268eb2L,0x5ab08b5af95aef07L,0xb5257f70adda86a5L,
-        0x53e95ec4b934400aL,0x9611a632c33b870bL,0xd27929522723a3d5L } },
-    /* 57 << 371 */
-    { { 0xcd203b542c95b469L,0x89b140e768713ca6L,0x451646a165701050L,
-        0xb97a582575e54715L,0x070fabaa93bb6a91L,0xe517e07a196421b3L },
-      { 0xc8d741235f46e495L,0x920ee94fdf60eb8dL,0x885b86dd19564c3eL,
-        0x6c9e973231670005L,0xb52eed1fe4893763L,0xa8f9fbd759157417L } },
-    /* 58 << 371 */
-    { { 0x0c41f2eb56517cafL,0x47778a92798cf8b0L,0x4232ab390dc60cecL,
-        0x5de0b7e39e3eb6f1L,0xa2569d8571562511L,0x37b3c62a1ce1cec9L },
-      { 0x312caccd8b3391aeL,0x6b22c9447dcbe533L,0xc890d22f4fefd4edL,
-        0xd1504f7df007a64eL,0x117e4e595845d5bcL,0x999386c7723584e1L } },
-    /* 59 << 371 */
-    { { 0x02c396533bdadbd5L,0xc07325fda1fe704aL,0xf78d7e23350aa0c4L,
-        0x9f09cf22ce50784cL,0xcdea9a6a1a6e8abcL,0x245fba06ee5a5e06L },
-      { 0xf1fd3b9b4a3d0d7cL,0x24c65a131a4952c4L,0x40ea3ef37236b6f4L,
-        0x60aa573d8f7addcfL,0xdd5ec47b0305577dL,0xd92dc5035deacea5L } },
-    /* 60 << 371 */
-    { { 0xc666f8f3fac2de80L,0xabb2b8aba8fa36a6L,0x1bd0ec8f12202b09L,
-        0x88b184be6d17a3c5L,0x00d501fc670a77c1L,0xe1f94f1db3de1c7eL },
-      { 0x953179cd2d6de8caL,0xa8873a5bb9263791L,0xd76433098d7ac5d1L,
-        0x3d751cab4d2f8224L,0x7417b8262e5458eaL,0xf4eb3c669e454a8cL } },
-    /* 61 << 371 */
-    { { 0x65b0d7e9ae3284a2L,0x3d4770bb1e3cbb18L,0x217a0cdb808ea164L,
-        0x9ed6d0f689810270L,0x62d9cc95f14139e1L,0x4d39eeef6a2c82a0L },
-      { 0xecf319f40dcf14afL,0x62c95df6ab0fd145L,0xfe85014d22db0105L,
-        0xc37756e6a652168cL,0x6ba9f6b370a67e9dL,0xe453fd0af18d8058L } },
-    /* 62 << 371 */
-    { { 0x265798acfe3bf4f8L,0xc1603abdc1183f63L,0x14e3952f1063e086L,
-        0xdcb106d2910f0a78L,0x27c2aee2f454f625L,0xf16d83e60f463fe9L },
-      { 0xaa5547207f5ae172L,0x42ea8fea9a2133eaL,0x9f3b33f6e9253e7eL,
-        0x6224ef75d67af0afL,0x06f0ddfbb92d6cc9L,0x12e66e32656e9e9aL } },
-    /* 63 << 371 */
-    { { 0x1a93be3424ace7f0L,0xb993bcb9a56be2eaL,0x3b054afac33608d7L,
-        0x36e782c3aea3d7e9L,0x54f1dda950e9b3adL,0x04dd021f55f51bb4L },
-      { 0x9c76f7c0347bb352L,0x3d9a04ee2f1dc5fbL,0xea5e582ae80e06f0L,
-        0xe523aab927e1e818L,0xe2f1960252d4904cL,0x1bfa8b03adecc51fL } },
-    /* 64 << 371 */
-    { { 0xc84f917203bdf6d6L,0xcfc4718769f60e03L,0xcdc4753ba05068eaL,
-        0xa177ad14077777efL,0x0b7f54eb7e4cf44aL,0x4ee443f91860144eL },
-      { 0x1279ed4d42bb6a93L,0x511137d7436c1b54L,0xebc958fab8cdb6ceL,
-        0xbc4f93f4a0c7614aL,0xc5bd6cde7b2c6d8eL,0xecff7dd78d65f38aL } },
-    /* 0 << 378 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 378 */
-    { { 0xffec6674f65de0f5L,0x4043079cd23ad193L,0x31811365ee61bc95L,
-        0x358bbd6e8948b6e2L,0x1cd9c342e31644beL,0xbab3aa8c60a8a7a7L },
-      { 0xe065519fa375beb6L,0xf7d0b0414439990cL,0x8957c03b8517ae8aL,
-        0xc96a040173750d6eL,0x4eb2e364b2aee6d7L,0x813054feed099114L } },
-    /* 2 << 378 */
-    { { 0xbb39a17a7c34f095L,0x7be330a822fbbe61L,0x6be6abe3b91f1482L,
-        0xf972804fbd39a2bcL,0x06737e54f91d813eL,0xbd6066681a87cd4aL },
-      { 0xbf88b2e5f538d56eL,0xb8206a8134afd68fL,0x7a93aedfa58af042L,
-        0x8853cdf6ac0511b0L,0x9d7f416d067e2c19L,0x5d0bc923f9671d8aL } },
-    /* 3 << 378 */
-    { { 0xf3b6fd79dd3532a7L,0xf60262b5dbbb9e4cL,0xbf75bb57da4d6ac4L,
-        0xf016adf1c094b38cL,0x9114cdd012def474L,0xdc74d638c785f143L },
-      { 0xdea060d6a8d90bbbL,0x1f141878cbcd0d4cL,0x552685b79ddee1f5L,
-        0x381dfc0c636ea6b6L,0x8c601615cb08f34fL,0x5b843830271041eeL } },
-    /* 4 << 378 */
-    { { 0x2e7d0a16204be028L,0x4f1d082ed0e41851L,0x15f1ddc63eb317f9L,
-        0xf02750715adf71d7L,0x2ce33c2eee858bc3L,0xa24c76d1da73b71aL },
-      { 0x9ef6a70a6c70c483L,0xefcf170505cf9612L,0x9f5bf5a67502de64L,
-        0xd11122a1a4701973L,0x82cfaac2a2ea7b24L,0x6cad67cc0a4582e1L } },
-    /* 5 << 378 */
-    { { 0x139d9fef6bfc08e4L,0x4399615939ffcb3bL,0xaa299008a84ace07L,
-        0xfce43e873cbb2b3fL,0x07b3e8b9191a320eL,0x3ec851d706c4d485L },
-      { 0x03d8a672a4bb8477L,0xb6a5dcb213c31d5cL,0x58b79d01c439ab23L,
-        0xdd6f8b5134f66137L,0xccb178a0b29be48cL,0x4c71b7aa4df8a1b2L } },
-    /* 6 << 378 */
-    { { 0x92bf8c4508359896L,0x77253434ae2c30f2L,0xf05086ec827e6cf8L,
-        0x46d4729f1771c5d3L,0x92587306f37f0bedL,0xb82c99d2e7c30180L },
-      { 0xee0141dcb1684841L,0x7fa984be994ddaf5L,0x5c583347165c238cL,
-        0x1a1ad3eea5d78204L,0xcfed795f2736bce6L,0xa7a413318961204eL } },
-    /* 7 << 378 */
-    { { 0x87451ca71400851dL,0x3aace28e3573ecf6L,0x3a5902cee85717c5L,
-        0xe4b51dd0c9f57944L,0x33cf684789a9d8aeL,0x2f6fb08031e6e769L },
-      { 0x4bf3da323b78dad1L,0x2d73fef4e7809638L,0x84d76151965109abL,
-        0xa2c932c9a2098f46L,0xb8c457c3bc17d1fcL,0x5ef2562d0c8012a4L } },
-    /* 8 << 378 */
-    { { 0x96a1e74f51e4de5eL,0x72913696e37f5006L,0x12449c4fbe35109cL,
-        0x1fad8b304521d7e6L,0xc85eb23d57d00293L,0x4ebd334b35f68229L },
-      { 0x7c5b86682df5acf1L,0xc2b4da6e5463de2eL,0x067b0456757cd570L,
-        0xeaab81be3a1c866bL,0x72a6af75bbba88c0L,0xaed4dbde0ef567dcL } },
-    /* 9 << 378 */
-    { { 0x085e33cd9273818aL,0x8fb9294a8cf4e306L,0xaed46bbc35052bd1L,
-        0x031febb3374661eaL,0x9386a35d4868dbb2L,0x381e5b521d3f2dddL },
-      { 0xa938a3a5179617edL,0xb0fc99f49dc95af1L,0xf446dfa92b9dacbcL,
-        0xbae262ae490c1969L,0x042707ffa7443354L,0x8dc0511f267d5c14L } },
-    /* 10 << 378 */
-    { { 0x8f0e1908fac2674dL,0xd86e85a483e43c26L,0x1f719f7036fb5a4eL,
-        0x7ad61b8ca57dbcbcL,0xcf6ba7db0f63dc79L,0xb4315ab11afe8540L },
-      { 0x0448e852425c4df3L,0xf51969ef8838a51dL,0xce98589b9eab87deL,
-        0x55867b5645149689L,0x9b70bc8c60d2a624L,0xc158a2710b6dbd45L } },
-    /* 11 << 378 */
-    { { 0x0b262f808f1915f2L,0x64ba3bc73d501e01L,0x8ce2db1f4645152cL,
-        0xf4a4f3afab047cdbL,0x1a7c4af600d31e7fL,0x0005bca678d1c0ecL },
-      { 0xf5ed135f6fe5ebb0L,0xa299b1002ea9abdfL,0x4fa387e5fccb58f5L,
-        0x105b9dd2fc657b72L,0x1494c6050dc3c22cL,0xf7468e8a92d281c7L } },
-    /* 12 << 378 */
-    { { 0x597a26ffb4dc8600L,0x264a09f3f9288555L,0x0b06aff65c27f5f6L,
-        0xce5ab665d8d544e6L,0x92f031be99275c32L,0xaf51c5bbf42e0e7cL },
-      { 0x5bb28b061e37b36dL,0x583fba6a8473543aL,0xe73fd299f93fb7dcL,
-        0xfcd999a86e2ccad9L,0xb8c8a6df334d4f57L,0x5adb28dd9a2acc9bL } },
-    /* 13 << 378 */
-    { { 0xc760823646dd14f3L,0xc6d97d37e7a97f33L,0x05037f26de2f444aL,
-        0x5267ded09aa9a5c0L,0xd1ef46340be2d841L,0x308b37a8d48b9574L },
-      { 0x102f7878487bad5bL,0x1d5169d938b7c1efL,0x2d8adde62c39c75aL,
-        0x71bfb8bc0b80f3bbL,0x126505999bff252fL,0xf99e952f24f8bd3bL } },
-    /* 14 << 378 */
-    { { 0x24496a8b7a8a6d47L,0x9fc75c0aec6afe43L,0x4200e00670744f15L,
-        0xe2f87d5e2973be1dL,0x0f6c5993c82e2013L,0xe9ecf6ce198c99f0L },
-      { 0xcbdf72058b37d828L,0xbef4b8c8325d1d93L,0x8e962ffbd0fbb134L,
-        0xe4273a124bcffc61L,0x4f24ba23f3d93d73L,0x8f02df83bcfcb930L } },
-    /* 15 << 378 */
-    { { 0x985c8f4b0614348aL,0xca4ca7cd5a03c014L,0x5bdd4382a7b62effL,
-        0x623d44b9e4a0bb42L,0x1f28862ef23931d5L,0x30568303868326beL },
-      { 0x850d2a0d82e76f04L,0xf4dc02330ac4a153L,0x62b74879b1e70a9aL,
-        0x7b32249baf3f0dbbL,0x2f50395d155eae92L,0x6d990c16f6f5c9a4L } },
-    /* 16 << 378 */
-    { { 0x3afdee277d221ab6L,0xecf10abc47bb619eL,0x340c8ee3ba4a3301L,
-        0x1a6ea51a2a883b7fL,0x64f27976d5d7412bL,0x7fcf0ecc91251b6eL },
-      { 0x5f3f8f41365b18b7L,0x38e48b96e2e13e58L,0xde3b73d6ad61b2cbL,
-        0xf08398d5d542676dL,0xd373931e8e7d712bL,0x89325d7a7f96e023L } },
-    /* 17 << 378 */
-    { { 0xeb2e48c10bf4e94dL,0x00614bf206b7e166L,0x536c999ce295c451L,
-        0x951f92186359cf06L,0xe2a938890afc827fL,0x63102e93ff029787L },
-      { 0xab297c7d2ac89645L,0x7354df74928742bfL,0xc0934ca6c8604304L,
-        0x36b7e9711cc2f3b4L,0x487ce890e10ee837L,0xe6aa9eabae2ae9e3L } },
-    /* 18 << 378 */
-    { { 0x6e7a578340517347L,0x7db868f3a950dfa2L,0x7fd7fd8eb3c2eff7L,
-        0xae7b59c5fbe10a47L,0x5239b5c4109797d6L,0x3838356a53264b8aL },
-      { 0x8df8454c320a8c5aL,0x67c86ef46958fa2cL,0xfe1aad846241a50aL,
-        0x3df64ef5a06f3cf3L,0xde6af0ff83282fbdL,0x25ca45046cdbe5feL } },
-    /* 19 << 378 */
-    { { 0xa319340d6e6c0debL,0x101f055acb1b1cd5L,0x4bea31ad623e7e55L,
-        0xc0c88af6aec23cd2L,0xca98c4364aaf2f73L,0x1969eca437dd1341L },
-      { 0x6b03989f97866dc3L,0xafdc99532eaf5b08L,0x199ec0e93d6ea9c4L,
-        0xc3d1069474f262e9L,0xa7e5670079911cf9L,0xc0213ec56844da05L } },
-    /* 20 << 378 */
-    { { 0x5adf3d9a111792b9L,0x1c77a3054f1e0d09L,0xf9fbce33a82d3736L,
-        0xf307823e718c8aa3L,0x860578cf416ccf69L,0xb942add81ef8465bL },
-      { 0x9ee0cf97cd9472e1L,0xe6792eefb01528a8L,0xf99b9a8dc09da90bL,
-        0x1f521c2dcbf3ccb8L,0x6bf6694891a62632L,0xcc7a9ceb854fe9daL } },
-    /* 21 << 378 */
-    { { 0xfc9660a3c8808373L,0x84c5d6a71a50c560L,0x13fe0588ba057fe2L,
-        0x29b0341dafb73ad1L,0x37b11137f15f0cd2L,0x84422ba89c2d7eb0L },
-      { 0x0b595ac52554ef7fL,0xd7a8303f08b37a84L,0x908895a9e02d77fcL,
-        0x70cdeb0c9f242a42L,0x535e8540116e2db8L,0xc88f0cf685c54d31L } },
-    /* 22 << 378 */
-    { { 0xf534f145e2290ebaL,0x3d081c0d7f15c9e3L,0x716574c5e9ae3da0L,
-        0xbe6bd7b92c078aa8L,0xab8802bab8da8e68L,0x0c5be4a1ab204fb0L },
-      { 0xad25c5ee0d3f12b3L,0x3929d0d78fc9b7a5L,0x9c6e2ce0bb5cd2fdL,
-        0x855367c4924ec2d2L,0x6b532891e6550d3cL,0xab2bc89575ba5c99L } },
-    /* 23 << 378 */
-    { { 0xb56b035e2a0349adL,0xcfa41da6f89ce836L,0x9d86bcac8b5c43fcL,
-        0xc77375da47644b07L,0x9e9c222607f4b670L,0x71d663c80482a61bL },
-      { 0xb423e739ef237431L,0xf1cedf7e48832b5bL,0x09e0cb2a7ca7548bL,
-        0x9b463559631b9850L,0x8a2bd7fed4dd03deL,0x46115292ae0c97d3L } },
-    /* 24 << 378 */
-    { { 0xe44e3f864b3759cfL,0x90cab0eb9d74e3f6L,0x1004254501c4e171L,
-        0xc12df68cce52defbL,0xb1fae2fbf363100aL,0x5016c8533573235fL },
-      { 0x8d4deb661d922e9bL,0x8a20d42317f84ef2L,0x324985835a4e118eL,
-        0x5abfa961308772e9L,0x41c7611ff54e4876L,0xc1da40d31f5867b2L } },
-    /* 25 << 378 */
-    { { 0x4df02a7d3088aebcL,0x7dea27ea12487485L,0x2a773270df98069eL,
-        0xea435fa0e9ceaf44L,0x08e952e365e5ebabL,0x972877d5c3511480L },
-      { 0xef5685f859a04cd0L,0xe50abe68b8c7c796L,0xbbb792e2c3225f20L,
-        0x7d9878e811c89153L,0x4b72a1e619354751L,0x7d5f05a3faa1be22L } },
-    /* 26 << 378 */
-    { { 0x61dd7692f27eed54L,0x8540213ea7a3f2f7L,0xe659cbd6ace07e13L,
-        0x3a998cdcc8995cacL,0x0accb4a7922d3b25L,0x762b3406c6577d81L },
-      { 0xa09db4f57e043740L,0x7f78e02d8cc9bc5fL,0x080a522673b98cd3L,
-        0xb6d72f7ce6490808L,0x36815de2c724284aL,0xc27d13df98b867b5L } },
-    /* 27 << 378 */
-    { { 0xbfeffd5356adb6e4L,0xb5e8876c499a1455L,0x4771281390833f18L,
-        0x5f49ef880115b9a5L,0xb041ec67cf575de5L,0x490753350b7e4afcL },
-      { 0xad4dc4a15f0b9f24L,0x9dbb181edafad9a5L,0xa84431a6e6ed5198L,
-        0x33ee16e27993eed6L,0xfdf76899c1e4f8b4L,0x868d06baff60e943L } },
-    /* 28 << 378 */
-    { { 0x46303171491ccb92L,0xa80a8c0d2771235bL,0xd8e497fff172c7cfL,
-        0x7f7009d735b193cfL,0x6b9fd3f7f19df4bcL,0xada548c3b46f1e37L },
-      { 0x87c6eaa9c7a20270L,0xef2245d6ae78ef99L,0x2a121042539eab95L,
-        0x29a6d5d779b8f5ccL,0x33803a10b77840dcL,0xfedd3a7011a6a30fL } },
-    /* 29 << 378 */
-    { { 0x5d782a0778664144L,0xc1413da46682c779L,0x937a15f52a67b12bL,
-        0x8ec00d9fc04d8cd5L,0x3f16d1ed3b5fe8d6L,0x24ad6b0ca28c8067L },
-      { 0xdd1eecc532732b19L,0x62c4c2beab2fa785L,0x7d863f5b2ac0c238L,
-        0xd686eb7239384e15L,0x3770e54d16bd75b2L,0xdcd9e4e8120b3881L } },
-    /* 30 << 378 */
-    { { 0xe3052838df5147e1L,0x87bc4d75b1baaa7cL,0x49b13eb95acc5572L,
-        0x919081881990c13cL,0x5d43a4a6191cc808L,0x20b358444182aa55L },
-      { 0x70d49a4a670b1fd1L,0xc6e6e061722e91e7L,0x8d130b3900c5ae9eL,
-        0x5db7d06920f68ec5L,0x85b6c505470fbe13L,0x14101ec7326c4d38L } },
-    /* 31 << 378 */
-    { { 0xeef03450e10e8018L,0x75921e487576c3ddL,0x6c8e22676e97f5afL,
-        0xd7323e01a856ae6bL,0x43a195425fed884fL,0x010865380377ba8fL },
-      { 0x7cdbd06ac82a8f67L,0xc6fce58bf0fd4281L,0xae098b7f9e67bed0L,
-        0x0c8d328bdd918524L,0xddf723ec0a11fb83L,0x210d6016e25a2073L } },
-    /* 32 << 378 */
-    { { 0x3c90a59f85adde98L,0x35414174e5269140L,0x9aca885c1a0d58e2L,
-        0x77b9b6dd6816b009L,0x8e5c12139ee4718fL,0x60ad991e4e4eac45L },
-      { 0xc00c35694d71f624L,0xacbf4eb25bc5fd2aL,0xcba1ffc75eaf3eaaL,
-        0x5f99092d42a87e32L,0x2e7b49c76f7a882fL,0x5e9bfc5c29040512L } },
-    /* 33 << 378 */
-    { { 0xa31d3524b295958dL,0x9713a5e04894f486L,0xe8804ab3329a0b9aL,
-        0xd4447c1b20eefa54L,0xf5b944c9040b7ad4L,0x9db0ee0b907f2cfdL },
-      { 0x0b1a1f3a5384a999L,0x3137241ea8351764L,0xe0663b5ab29c3cffL,
-        0x2b47ca0622d4deefL,0x4f952109f1172bcdL,0x1e7a7fca9b447bd4L } },
-    /* 34 << 378 */
-    { { 0xc9898355ecf2a473L,0x20d0c4740dcd66f6L,0x6459720f8eeefff5L,
-        0xd9b625dcf9ce0cdeL,0xed3a6508ea56be90L,0x6847c20de211c90eL },
-      { 0x36d86bed71a73ceeL,0x9222eab23023d16eL,0x3155874750209b4dL,
-        0xcac8f277d145b831L,0x49cedc634470e754L,0x6c7c065add370f77L } },
-    /* 35 << 378 */
-    { { 0x46a95735f8171804L,0x1ff2549ec4c93476L,0xfb8a08285bb5202dL,
-        0xaff5505f1070737aL,0x162aaad842f412c5L,0x02a37213fac8a477L },
-      { 0x05ff9238932f08e2L,0x9be6a0b29fc66787L,0x373a9039db1e5a40L,
-        0xe657e8c782d04913L,0xa2006f207e6ee867L,0xd7aa1d2378d82f9aL } },
-    /* 36 << 378 */
-    { { 0xfa070e22142403d1L,0x68ff316015c6f7f5L,0xe09f04e6223a0ce8L,
-        0x22bbd01853e14183L,0x35d9fafccf45b75bL,0x3a34819d7eceec88L },
-      { 0xd9cf7568d33262d2L,0x431036d5841d1505L,0x0c8005659eb2a79aL,
-        0x8e77d9f05f7edc6aL,0x19e12d0565e800aaL,0x335c8d36b7784e7cL } },
-    /* 37 << 378 */
-    { { 0xdcac39d87c1d9f4dL,0x88322d8bc225ce6eL,0x5c240cefa3ef5202L,
-        0xf60ce5d991f1d487L,0x8e857069e462cfa8L,0xa6e5585e996d2033L },
-      { 0x709675a556281e6aL,0xcd90c140f907ebf0L,0x5343a0a2a3231eecL,
-        0x74b1443214892291L,0xf8cb9c26a5325b8cL,0x1bb28be140089be5L } },
-    /* 38 << 378 */
-    { { 0x2bb6e7ec3092d0b2L,0xc7c9e5f1d27d1f31L,0xbac785aeac0939e3L,
-        0x186d3d934f810d8fL,0xda296dacfe7d778fL,0x6189f5e41a991ea2L },
-      { 0x098f794e9634363eL,0x04aaf59a88a4dccaL,0x09d718487196dfa8L,
-        0xa447a31ed83044a6L,0x720cd3908d1363fdL,0x6f670479e22efa03L } },
-    /* 39 << 378 */
-    { { 0xaa452e81cdf60f9aL,0xf3dc472a8e2c58e9L,0x16ddefa50589fd01L,
-        0xd56ec8f223a1656eL,0xcccb784f77921ca4L,0x9bace7adf8a7c0baL },
-      { 0xc94ef3ef51f052e2L,0xa70c0579c34e7cb5L,0x3599817883ce8674L,
-        0x033647c392a20951L,0xc828fcc77a21add6L,0x5a446de871ba27a5L } },
-    /* 40 << 378 */
-    { { 0x75cba9d530a3ada1L,0xb69e308bf8ae9565L,0x990e3425ca7b8369L,
-        0x9f67567fe0a7ad0bL,0x76ed6fe718bd01b7L,0x282358aa2ff95cfeL },
-      { 0x28d2ea41410f8841L,0x89d1533fccd67c81L,0x969bb272b6a7b8f9L,
-        0x54f8664c26330782L,0xb89f3ae81dcd9164L,0x54d845b93d962c14L } },
-    /* 41 << 378 */
-    { { 0x08ba5b61fde4ca03L,0x39b1a9c697b17ee6L,0x885253779336b2b9L,
-        0xe964dc9c9aabc3fcL,0x6aed101a5295e728L,0x30369ea0ee12356aL },
-      { 0xe081e022c8e80e5eL,0x3a769ef0df9f47c0L,0x3b2f7aab5590750cL,
-        0xd16c7a85a1a5e504L,0x9e528623e854d7cfL,0xaca079354468e419L } },
-    /* 42 << 378 */
-    { { 0xee521c0af93098bfL,0xf517c925b79aa0ebL,0x17779f5e7bbc58feL,
-        0x093c3dc2769de891L,0xafbf32372a69ad0dL,0x33a95de702001e8cL },
-      { 0x3b30afc73410a2b0L,0xb379a3f425bc7d9aL,0xf1c069251604a646L,
-        0x04f0bb334fca052fL,0xe5cd9c39cab33871L,0xf259795816fa1b16L } },
-    /* 43 << 378 */
-    { { 0x291d65c801189d9aL,0xb16ca18bd8e94e49L,0x55f7680599440d4bL,
-        0x55d40c1b2eb7f0fdL,0x752d98f6018d7c64L,0xa1cae78c7b491c4dL },
-      { 0x898fc8c78f66b8d3L,0xbb48956a3ceecd27L,0xb8f9498dfaa9451fL,
-        0x583b336aa5683ef8L,0x0deaa373e92656f4L,0x7f87b4412a9a0272L } },
-    /* 44 << 378 */
-    { { 0x8b2fc4e96484fd40L,0xee702764a35d24eaL,0x15b28ac7b871c3f3L,
-        0x805b4048e097047fL,0xd6f1b8df647cad2fL,0xf1d5b458dc7dd67fL },
-      { 0x324c529c25148803L,0xf6185ebe21274fafL,0xaf14751e95148b55L,
-        0x283ed89d28f284f4L,0x93ad20e74cbebf1aL,0x5f6ec65d882935e1L } },
-    /* 45 << 378 */
-    { { 0x4b0c7d0c69c284cbL,0x907e4f38199c5176L,0x4ebfbda7cf3dab12L,
-        0x675f12cca4fa74a9L,0x86628102bdf579e6L,0xf08cbfe771c4d061L },
-      { 0x9dde390e03bc1cb9L,0xb6d0d48b4c727915L,0x7cad28c370c0b7bfL,
-        0x8d978a8110d1e881L,0x1c071597924baeb1L,0x83c09192eb103fe0L } },
-    /* 46 << 378 */
-    { { 0x494dbd2665925506L,0xe239b1d404b6fc45L,0x38a1ec5ce16b874dL,
-        0x1588c4712a3f012dL,0x5bd45adcdc6938b9L,0xe4c35c2244ab2fccL },
-      { 0x87cbd9ff887108a2L,0x92a9c3b2144fd3eeL,0x3a0e55c7982a4928L,
-        0xcaf679765bb0fddfL,0x04616318263ea256L,0x56eb022838caa901L } },
-    /* 47 << 378 */
-    { { 0x2f7de141a48da000L,0x323bd638835a4edfL,0xd2d9da967e155bd5L,
-        0x717c302a766b69daL,0x5927968beb0f6ca5L,0xfd96bd168940c766L },
-      { 0xf89f7539a334fd71L,0x4ba9cd8bd870954fL,0x7e639523a3d57aa8L,
-        0x88f31e162314c0ceL,0xa836a6ad53b7e6e9L,0xd35a825190e43169L } },
-    /* 48 << 378 */
-    { { 0xb3984b176c0f3509L,0xf9fa4483d8b4d6bcL,0xf4ac2b677dec20d2L,
-        0x67ef024eb3dbe034L,0x2dcc51180f94f4d7L,0x024cdcfd74a51393L },
-      { 0xf1c0fead20e7abcbL,0xffc18f81d3a7414fL,0xb00ce5567062cb0bL,
-        0xeccb0521817bc8d1L,0xa0c0fe6040411c15L,0x053113221defbe00L } },
-    /* 49 << 378 */
-    { { 0x74faca8a6af7e742L,0x6f206002d878a97aL,0xd69b7c83177305ffL,
-        0x605e7a32d2e2bcf1L,0x65bd03584590bf03L,0xab3ae700d1a378c5L },
-      { 0x037e79028a929b0dL,0x83625ae0a7c451c6L,0x82a18f03492b01d4L,
-        0x12c6d168e67756b1L,0x1e704c3bd7924df1L,0x7708617f1989244eL } },
-    /* 50 << 378 */
-    { { 0x4c98c61d097bde48L,0x6a55edf1c354f433L,0x1ceee947c3f39212L,
-        0x162cf27f36ba3cebL,0xd9f3982e3ec5f7ffL,0xd363e435d58d42d2L },
-      { 0x2ee90d7bad36681dL,0xd916df56ebfbf51cL,0x61d94ed8d7c27fe7L,
-        0x5010582e923c1acdL,0x89d23e8b6de52994L,0x0a4f9c10525dbccfL } },
-    /* 51 << 378 */
-    { { 0x7778fad7e65573e2L,0xa4af7a2d74986210L,0xd78ecebfec57d967L,
-        0x9be8a33f67d61b2eL,0x6888444f98a9add7L,0x218e7fb1b71a25a4L },
-      { 0xf75a6b795f46323bL,0x2f8610ad11a52cd9L,0x23692f85fc6837caL,
-        0x3a37965f71fe847bL,0x29c25cc3fe3bdeeeL,0x68fefc83f624665aL } },
-    /* 52 << 378 */
-    { { 0xe222eba4a4dcefe9L,0x63ad235fec1ceb74L,0x2e0bf749e05b18e7L,
-        0x547bd050b48bdd87L,0x0490c970f5aa2fc4L,0xced5e4cf2b431390L },
-      { 0x07d8270451d2898eL,0x44b72442083b57d4L,0xa4ada2305037fce8L,
-        0x55f7905e50510da6L,0xd8ee724f8d890a98L,0x925a8e7c11b85640L } },
-    /* 53 << 378 */
-    { { 0x8357d8bb460e77b2L,0xc749a6a77709a52bL,0x94035a1f0c82ab81L,
-        0x15245ac616c11ef4L,0xbf3cd96c034d021bL,0xf79e2d39b2e8fac1L },
-      { 0x387015194b6cf1bdL,0x341f9b53b3143bf7L,0xb2584aabdda9acf2L,
-        0x16f34bdd553a8e68L,0x89d0c4c5da7830b3L,0x6cfe44c63f488c2eL } },
-    /* 54 << 378 */
-    { { 0xee536a26d4bcaa59L,0x5ea6a57c699397bfL,0xb28f476b59a7eb99L,
-        0xa901f2551406ec90L,0x7b6e3e4d1f54ef38L,0x058ff1904c89c9a8L },
-      { 0x5690fa10fca546ccL,0xfe98793145e14268L,0x6181fa1675362f5dL,
-        0x3ebe84466964b9aeL,0x3e1957812ce0f969L,0xb33ea619b0195852L } },
-    /* 55 << 378 */
-    { { 0xeef402410ec537acL,0x1f72c1f8911316f6L,0xab4bb08268cc6678L,
-        0x031fc087255e8c5eL,0x99c2ff0b948ac53bL,0x13db3201919c1870L },
-      { 0xdec81fd312057a3cL,0xbdffa226ff7a44cbL,0x748d2e93d97167e2L,
-        0x33a9fe40bd21effeL,0xe08e4213817ea560L,0x2221798b9f4337d5L } },
-    /* 56 << 378 */
-    { { 0xda828fe556467257L,0x5e9abf67d640c2a1L,0x0eed233cc25c696aL,
-        0x72483dc5b3e1d84fL,0x30bf1ee34f114abcL,0xf58b321ed1f9bce8L },
-      { 0xcb26564c97524f33L,0xdc2f105e1e453229L,0x9da43ceb72a982ddL,
-        0xecf5649dfeef8862L,0xd8afda341fa2f06dL,0xf0d0ced355035432L } },
-    /* 57 << 378 */
-    { { 0xec22bb32205a5301L,0xe4d168e75b0b727bL,0x91217a6be34fe2e0L,
-        0x03c6831675f0f139L,0xb21e275d8b991b29L,0x7f517c9c01f3f401L },
-      { 0xbbe95d19e55e49faL,0xc5470808504514b1L,0xb88be15c7cc1367dL,
-        0x242cb06bbfd24bacL,0x08647a158d2ab0baL,0x8f1fd1bd5716ed9bL } },
-    /* 58 << 378 */
-    { { 0xe787054518ba5236L,0x243622f9e8a47507L,0xe7d94f4697b97d7cL,
-        0xb120589021649255L,0x8b5101310dd4e1d4L,0x1690687e164c44baL },
-      { 0x65bb4d8cf100fef5L,0xfffffee70a684c3dL,0x2aa11707c463a975L,
-        0xccaddeaf391ad03dL,0x4d2cda1c81cca7deL,0x9d3eaa58c5b0f8e7L } },
-    /* 59 << 378 */
-    { { 0x3d92ecc18f8802dfL,0x3024ce311a719461L,0x6bdf53fc46c1f31bL,
-        0x4f4576a12c9c7744L,0xe1ee7508c3ff7356L,0xd4b25ed3883ebf03L },
-      { 0x1dc46052420c3ac9L,0x376ebbfa11ecefa9L,0x36e175265e9693f5L,
-        0xeb82b33740ed3143L,0x6960312ff19fa66aL,0xc7edb5db6c742e1bL } },
-    /* 60 << 378 */
-    { { 0x5bfa10cd1ca459edL,0x593f085a6dcf56bfL,0xe6f0ad9bc0579c3eL,
-        0xc11c95a22527c1adL,0x7cfa71e1cf1cb8b3L,0xedcff8331d6dc79dL },
-      { 0x581c4bbe432521c9L,0xbf620096144e11a0L,0x54c38b71be3a107bL,
-        0xed555e37e2606ec0L,0x3fb148b8d721d034L,0x79d53dad0091bc90L } },
-    /* 61 << 378 */
-    { { 0x4b98cb69c5c8a182L,0x887071bbcac96dabL,0x03d42e96afc190c3L,
-        0xbc2c3b8d7a813820L,0x1ee7797f6590d0ecL,0x4a95f7f3ad4777a4L },
-      { 0x7a36de4e2a8d2736L,0x7f8c6751ad78dab6L,0xf9874bf6974c0a8eL,
-        0x759fee1c8b53025aL,0x1b00fb28a2171c8bL,0xdf206f19be8f2e7eL } },
-    /* 62 << 378 */
-    { { 0xe6bbcf0bf8ed6302L,0x7734dc91f8fe7a42L,0x840210ee61ff9d1eL,
-        0xbbf2d5477007f2e9L,0x0f17d421a6542ac0L,0x0b2d3d2ee01df4e9L },
-      { 0x520e4fbb84f3703fL,0x8362f7b1431106b7L,0xdcfc96ae6e50d836L,
-        0x2dfa176cc44153bbL,0xeef1c6710b09ffe2L,0x633a2ac888531d81L } },
-    /* 63 << 378 */
-    { { 0x29262b6d7636a78dL,0xdc504f01d3ce2967L,0xa441e5035bcf0e19L,
-        0x8025224f7ad39d9aL,0x780ec65de871b792L,0x977b4bce597694b4L },
-      { 0xe05eaeb87fe3ef11L,0x1cff87ac9748b10eL,0xb669c1d60c34153aL,
-        0xf5da63e0f8f90368L,0x6f7f2fc47d31bf61L,0x37e9158235c16a0fL } },
-    /* 64 << 378 */
-    { { 0xcf17f9dc08d1be5dL,0xb55de4c8afdfeb23L,0xa69454ffe437b29cL,
-        0x6628d789e27ee9e2L,0x56e3b975ee3af03bL,0x0083fe9c2f532d62L },
-      { 0xcae15213e63e7511L,0xdb5384f386ed849cL,0x902ba959fa4d825fL,
-        0xbad700d55ae17566L,0x16b2c5dc14c82eb4L,0xa4b057a736708ea7L } },
-};
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_384 v[55];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_ecc_recode_7_6(k, v);
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        i = 54;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_65_6(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_65_6(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_384_sub_6(negy, p384_mod, p->y);
-            sp_384_norm_6(negy);
-            sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_384_proj_point_add_qz1_6(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_384_map_6(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_add_only_6(r, NULL, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 6);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 6, km);
-
-            err = sp_384_ecc_mulmod_base_6(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 6 + 6 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6 + 6 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 6;
-
-        sp_384_from_mp(k, 6, km);
-        sp_384_point_from_ecc_point_6(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_6(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_6(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_6(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-static void sp_384_add_one_6(sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x1, x2, [%[a], 0]\n\t"
-        "adds	x1, x1, #1\n\t"
-        "ldr	x3, [%[a], 16]\n\t"
-        "adcs	x2, x2, xzr\n\t"
-        "ldr	x4, [%[a], 24]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "stp	x1, x2, [%[a], 0]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "stp	x3, x4, [%[a], 16]\n\t"
-        "ldp	x1, x2, [%[a], 32]\n\t"
-        "adcs	x1, x1, xzr\n\t"
-        "adcs	x2, x2, xzr\n\t"
-        "stp	x1, x2, [%[a], 32]\n\t"
-        :
-        : [a] "r" (a)
-        : "memory", "x1", "x2", "x3", "x4", "cc"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_6(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 6, buf, (int)sizeof(buf));
-            if (sp_384_cmp_6(k, p384_order2) <= 0) {
-                sp_384_add_one_6(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 6);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_6(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_6(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_6(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_6(point->x) || sp_384_iszero_6(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_6(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-    sp_digit k[6];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_6(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_6(ctx->point->x) ||
-                    sp_384_iszero_6(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_6(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_6(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 5; i >= 0; i--, j += 8) {
-        __asm__ __volatile__ (
-            "ldr	x4, [%[r]]\n\t"
-        #ifdef LITTLE_ENDIAN_ORDER
-            "rev	x4, x4\n\t"
-        #endif
-            "str	x4, [%[a]]\n\t"
-            :
-            : [r] "r" (r + i), [a] "r" (a + j)
-            : "memory", "x4"
-        );
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 6);
-    int err = MP_OKAY;
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 6, priv);
-        sp_384_point_from_ecc_point_6(point, pub);
-            err = sp_384_ecc_mulmod_6(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_6(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-    };
-    sp_digit k[6];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 6, priv);
-            sp_384_point_from_ecc_point_6(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_6(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_384_sub_in_place_6(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldr	x2, [%[a], 32]\n\t"
-        "ldr	x3, [%[a], 40]\n\t"
-        "ldr	x6, [%[b], 32]\n\t"
-        "ldr	x7, [%[b], 40]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "str	x2, [%[a], 32]\n\t"
-        "str	x3, [%[a], 40]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_384_mul_d_6(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 48\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_384_word_6(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<6; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[12], t2[7];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[5];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 6);
-    r1 = sp_384_cmp_6(&t1[6], d) >= 0;
-    sp_384_cond_sub_6(&t1[6], &t1[6], d, (sp_digit)0 - r1);
-    for (i = 5; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[6 + i] == div);
-        sp_digit hi = t1[6 + i] + mask;
-        r1 = div_384_word_6(hi, t1[6 + i - 1], div);
-        r1 |= mask;
-
-        sp_384_mul_d_6(t2, d, r1);
-        t1[6 + i] += sp_384_sub_in_place_6(&t1[i], t2);
-        t1[6 + i] -= t2[6];
-        sp_384_mask_6(t2, d, t1[6 + i]);
-        t1[6 + i] += sp_384_add_6(&t1[i], &t1[i], t2);
-        sp_384_mask_6(t2, d, t1[6 + i]);
-        t1[6 + i] += sp_384_add_6(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_384_cmp_6(t1, d) >= 0;
-    sp_384_cond_sub_6(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_384_div_6(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_6(r, a, b);
-    sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word64 p384_order_minus_2[6] = {
-    0xecec196accc52971U,0x581a0db248b0a77aU,0xc7634d81f4372ddfU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word64 p384_order_low[3] = {
-    0xecec196accc52971U,0x581a0db248b0a77aU,0xc7634d81f4372ddfU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_6(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_6(r, a);
-    sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_6(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_6(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_6(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_6_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_6_ctx;
-static int sp_384_mont_inv_order_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_6_ctx* ctx = (sp_384_mont_inv_order_6_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 6);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_6(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_384_mont_mul_order_6(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 6U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 6);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_6(t, t);
-        if ((p384_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_6(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 6U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 6;
-    sp_digit* t3 = td + 4 * 6;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_6(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_6(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_6(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_6(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_6(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_6(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_6(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_6(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_6(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_6(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_6(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_6(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_6(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_6(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_6(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_6(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_6(t2, t2);
-        if ((p384_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_6(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_6(t2, t2);
-    sp_384_mont_mul_order_6(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_6(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_6(k, k, p384_norm_order);
-    err = sp_384_mod_6(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_6(k);
-
-        /* kInv = 1/k mod order */
-            sp_384_mont_inv_order_6(kInv, k, tmp);
-        sp_384_norm_6(kInv);
-
-        /* s = r * x + e */
-            sp_384_mul_6(x, x, r);
-        err = sp_384_mod_6(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_6(x);
-        carry = sp_384_add_6(s, e, x);
-        sp_384_cond_sub_6(s, s, p384_order, 0 - carry);
-        sp_384_norm_6(s);
-        c = sp_384_cmp_6(s, p384_order);
-        sp_384_cond_sub_6(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_6(s);
-
-        /* s = s * k^-1 mod order */
-            sp_384_mont_mul_order_6(s, s, kInv);
-        sp_384_norm_6(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 6);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 6;
-        k = e + 4 * 6;
-        r = e + 6 * 6;
-        tmp = e + 8 * 6;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_6(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 6, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_384_ecc_mulmod_base_6(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 6U);
-            sp_384_norm_6(r);
-            c = sp_384_cmp_6(r, p384_order);
-            sp_384_cond_sub_6(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_6(r);
-
-            if (!sp_384_iszero_6(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 6, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 6, hash, (int)hashLen);
-
-                err = sp_384_calc_s_6(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_6(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-        sp_384_mont_inv_order_6_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*6];
-    sp_digit x[2*6];
-    sp_digit k[2*6];
-    sp_digit r[2*6];
-    sp_digit tmp[3 * 2*6];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_6(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 6, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 6U);
-        sp_384_norm_6(ctx->r);
-        c = sp_384_cmp_6(ctx->r, p384_order);
-        sp_384_cond_sub_6(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_6(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 6, priv);
-        sp_384_from_bin(ctx->e, 6, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_6(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_6(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_6(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_6_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_6(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_6(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_6(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_384_norm_6(ctx->x);
-        carry = sp_384_add_6(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_6(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_6(ctx->s);
-        c = sp_384_cmp_6(ctx->s, p384_order);
-        sp_384_cond_sub_6(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_6(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_6(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_6(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_6(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 6U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-static void sp_384_div2_mod_6(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	x3, [%[a], 0]\n\t"
-        "ldr	x4, [%[a], 8]\n\t"
-        "ldr	x5, [%[a], 16]\n\t"
-        "ldr	x6, [%[a], 24]\n\t"
-        "ldr	x7, [%[a], 32]\n\t"
-        "ldr	x8, [%[a], 40]\n\t"
-        "ldr	x9, [%[m], 0]\n\t"
-        "ldr	x10, [%[m], 8]\n\t"
-        "ldr	x11, [%[m], 16]\n\t"
-        "ldr	x12, [%[m], 24]\n\t"
-        "ldr	x13, [%[m], 32]\n\t"
-        "ldr	x14, [%[m], 40]\n\t"
-        "ands	x15, x3, 1\n\t"
-        "b.eq	1f\n\t"
-        "adds	x3, x3, x9\n\t"
-        "adcs	x4, x4, x10\n\t"
-        "adcs	x5, x5, x11\n\t"
-        "adcs	x6, x6, x12\n\t"
-        "adcs	x7, x7, x13\n\t"
-        "adcs	x8, x8, x14\n\t"
-        "cset	x15, cs\n\t"
-        "\n1:\n\t"
-        "extr	x3, x4, x3, 1\n\t"
-        "extr	x4, x5, x4, 1\n\t"
-        "extr	x5, x6, x5, 1\n\t"
-        "extr	x6, x7, x6, 1\n\t"
-        "extr	x7, x8, x7, 1\n\t"
-        "extr	x8, x15, x8, 1\n\t"
-        "str	x3, [%[r], 0]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "str	x6, [%[r], 24]\n\t"
-        "str	x7, [%[r], 32]\n\t"
-        "str	x8, [%[r], 40]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
-    );
-}
-
-static int sp_384_num_bits_64_6(sp_digit n)
-{
-    int64_t r = -1;
-
-    __asm__ __volatile__ (
-        "mov	x1, 64\n\t"
-        "clz	%[r], %[n]\n\t"
-        "sub	%[r], x1, %[r]"
-        : [r] "+r" (r)
-        : [n] "r" (n)
-        : "x1"
-    );
-
-    return (int)(r + 1);
-}
-
-static int sp_384_num_bits_6(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i=5; i>=0; i--) {
-        if (a[i] != 0) {
-            r = sp_384_num_bits_64_6(a[i]);
-            r += i * 64;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[6];
-    sp_digit v[6];
-    sp_digit b[6];
-    sp_digit d[6];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_384_num_bits_6(u);
-    vt = sp_384_num_bits_6(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_384_rshift1_6(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_384_rshift1_6(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_384_rshift1_6(v, v);
-            sp_384_div2_mod_6(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_6(u, v) >= 0))) {
-            sp_384_sub_6(u, u, v);
-            o = sp_384_sub_6(b, b, d);
-            if (o != 0)
-                sp_384_add_6(b, b, m);
-            ut = sp_384_num_bits_6(u);
-
-            do {
-                sp_384_rshift1_6(u, u);
-                sp_384_div2_mod_6(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_384_sub_6(v, v, u);
-            o = sp_384_sub_6(d, d, b);
-            if (o != 0)
-                sp_384_add_6(d, d, m);
-            vt = sp_384_num_bits_6(v);
-
-            do {
-                sp_384_rshift1_6(v, v);
-                sp_384_div2_mod_6(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-
-        sp_384_proj_point_add_6(p1, p1, p2, tmp);
-    if (sp_384_iszero_6(p1->z)) {
-        if (sp_384_iszero_6(p1->x) && sp_384_iszero_6(p1->y)) {
-                sp_384_proj_point_dbl_6(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_6(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_6(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_384_mul_6(s, s, p384_norm_order);
-        err = sp_384_mod_6(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_6(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_384_mont_inv_order_6(s, s, tmp);
-            sp_384_mont_mul_order_6(u1, u1, s);
-            sp_384_mont_mul_order_6(u2, u2, s);
-        }
-#else
-        {
-            sp_384_mont_mul_order_6(u1, u1, s);
-            sp_384_mont_mul_order_6(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_384_ecc_mulmod_base_6(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_6(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_6(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_6(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_6(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 6);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 6;
-        s   = u1 + 4 * 6;
-        tmp = u1 + 6 * 6;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 6, hash, (int)hashLen);
-        sp_384_from_mp(u2, 6, rm);
-        sp_384_from_mp(s, 6, sm);
-        sp_384_from_mp(p2->x, 6, pX);
-        sp_384_from_mp(p2->y, 6, pY);
-        sp_384_from_mp(p2->z, 6, pZ);
-
-        err = sp_384_calc_vfy_point_6(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 6, rm);
-        err = sp_384_mod_mul_norm_6(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_384_mont_sqr_6(p1->z, p1->z, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_6(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_6(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 6, rm);
-            carry = sp_384_add_6(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_6(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_6(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_6(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_384_mont_mul_6(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_6(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-        sp_384_mont_inv_order_6_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_6_ctx dbl_ctx;
-        sp_384_proj_point_add_6_ctx add_ctx;
-    };
-    sp_digit u1[2*6];
-    sp_digit u2[2*6];
-    sp_digit s[2*6];
-    sp_digit tmp[2*6 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 6, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 6, rm);
-        sp_384_from_mp(ctx->s, 6, sm);
-        sp_384_from_mp(ctx->p2.x, 6, pX);
-        sp_384_from_mp(ctx->p2.y, 6, pY);
-        sp_384_from_mp(ctx->p2.z, 6, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_6(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_6(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_6(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_6_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_6(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_6(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_6(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_6(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_6_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 6, rm);
-        err = sp_384_mod_mul_norm_6(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_6(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_6(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_6(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 6, rm);
-            carry = sp_384_add_6(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_6(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_6(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_6(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_6(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_6(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_6(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 6 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 6 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 6;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_6(t1, point->y);
-        (void)sp_384_mod_6(t1, t1, p384_mod);
-        sp_384_sqr_6(t2, point->x);
-        (void)sp_384_mod_6(t2, t2, p384_mod);
-        sp_384_mul_6(t2, t2, point->x);
-        (void)sp_384_mod_6(t2, t2, p384_mod);
-        sp_384_mont_sub_6(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_6(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_6(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_6(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_6(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 6, pX);
-        sp_384_from_mp(pub->y, 6, pY);
-        sp_384_from_bin(pub->z, 6, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_6(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 6);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 6, pX);
-        sp_384_from_mp(pub->y, 6, pY);
-        sp_384_from_bin(pub->z, 6, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 6, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_6(pub->x) != 0) &&
-            (sp_384_iszero_6(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_6(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_6(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_6(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_384_ecc_mulmod_6(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_6(p->x) == 0) ||
-                             (sp_384_iszero_6(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_384_ecc_mulmod_base_6(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_6(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_6(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 6, pX);
-        sp_384_from_mp(p->y, 6, pY);
-        sp_384_from_mp(p->z, 6, pZ);
-        sp_384_from_mp(q->x, 6, qX);
-        sp_384_from_mp(q->y, 6, qY);
-        sp_384_from_mp(q->z, 6, qZ);
-        p->infinity = sp_384_iszero_6(p->x) &
-                      sp_384_iszero_6(p->y);
-        q->infinity = sp_384_iszero_6(q->x) &
-                      sp_384_iszero_6(q->y);
-
-            sp_384_proj_point_add_6(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 6, pX);
-        sp_384_from_mp(p->y, 6, pY);
-        sp_384_from_mp(p->z, 6, pZ);
-        p->infinity = sp_384_iszero_6(p->x) &
-                      sp_384_iszero_6(p->y);
-
-            sp_384_proj_point_dbl_6(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 6, pX);
-        sp_384_from_mp(p->y, 6, pY);
-        sp_384_from_mp(p->z, 6, pZ);
-        p->infinity = sp_384_iszero_6(p->x) &
-                      sp_384_iszero_6(p->y);
-
-            sp_384_map_6(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_6(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 6);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 6;
-        t3 = t1 + 4 * 6;
-        t4 = t1 + 6 * 6;
-        t5 = t1 + 8 * 6;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_6(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_6(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_6(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_6(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_6(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_6(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_6(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_6(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_6(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_6(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_6(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_6(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_6(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_6(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_6(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_6(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_6(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_6(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_6(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_6(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 6);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 6;
-
-        sp_384_from_mp(x, 6, xm);
-        err = sp_384_mod_mul_norm_6(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_384_mont_sqr_6(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_6(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_6(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_6(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_6(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 6, 0, 6U * sizeof(sp_digit));
-        sp_384_mont_reduce_6(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_6(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 9];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 9];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 9];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[9] = {
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0x00000000000001ffL
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[9] = {
-    0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x0000000000000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[9] = {
-    0xbb6fb71e91386409L,0x3bb5c9b8899c47aeL,0x7fcc0148f709a5d0L,
-    0x51868783bf2f966bL,0xfffffffffffffffaL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0x00000000000001ffL
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[9] = {
-    0xbb6fb71e91386407L,0x3bb5c9b8899c47aeL,0x7fcc0148f709a5d0L,
-    0x51868783bf2f966bL,0xfffffffffffffffaL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0x00000000000001ffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[9] = {
-    0x449048e16ec79bf7L,0xc44a36477663b851L,0x8033feb708f65a2fL,
-    0xae79787c40d06994L,0x0000000000000005L,0x0000000000000000L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x1d2f5ccd79a995c7L;
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[9] = {
-    0xef451fd46b503f00L,0x3573df883d2c34f1L,0x1652c0bd3bb1bf07L,
-    0x56193951ec7e937bL,0xb8b489918ef109e1L,0xa2da725b99b315f3L,
-    0x929a21a0b68540eeL,0x953eb9618e1c9a1fL,0x0000000000000051L
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[18];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 64\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 72\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 128\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[a], 0]\n\t"
-        "ldp	x10, x11, [%[a], 16]\n\t"
-        "ldp	x12, x13, [%[a], 32]\n\t"
-        "ldp	x14, x15, [%[a], 48]\n\t"
-        "ldr	x16, [%[a], 64]\n\t"
-        "ldp	x17, x19, [%[b], 0]\n\t"
-        "ldp	x20, x21, [%[b], 16]\n\t"
-        "ldp	x22, x23, [%[b], 32]\n\t"
-        "ldp	x24, x25, [%[b], 48]\n\t"
-        "ldr	x26, [%[b], 64]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul	x3, x8, x17\n\t"
-        "umulh	x4, x8, x17\n\t"
-        "str	x3, [%[r]]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul	x6, x8, x19\n\t"
-        "umulh	x7, x8, x19\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul	x6, x9, x17\n\t"
-        "adc	x5, xzr, x7\n\t"
-        "umulh	x7, x9, x17\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul	x6, x8, x20\n\t"
-        "umulh	x7, x8, x20\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul	x6, x9, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x19\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul	x6, x10, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul	x6, x8, x21\n\t"
-        "umulh	x7, x8, x21\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul	x6, x9, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x20\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul	x6, x10, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul	x6, x11, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[4]\n\t"
-        "mul	x6, x8, x22\n\t"
-        "umulh	x7, x8, x22\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul	x6, x9, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x21\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul	x6, x10, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul	x6, x11, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[0]\n\t"
-        "mul	x6, x12, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[5]\n\t"
-        "mul	x6, x8, x23\n\t"
-        "umulh	x7, x8, x23\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[4]\n\t"
-        "mul	x6, x9, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x22\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul	x6, x10, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul	x6, x11, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[1]\n\t"
-        "mul	x6, x12, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[0]\n\t"
-        "mul	x6, x13, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[6]\n\t"
-        "mul	x6, x8, x24\n\t"
-        "umulh	x7, x8, x24\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[5]\n\t"
-        "mul	x6, x9, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x23\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[4]\n\t"
-        "mul	x6, x10, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul	x6, x11, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[2]\n\t"
-        "mul	x6, x12, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[1]\n\t"
-        "mul	x6, x13, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[0]\n\t"
-        "mul	x6, x14, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[7]\n\t"
-        "mul	x6, x8, x25\n\t"
-        "umulh	x7, x8, x25\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[6]\n\t"
-        "mul	x6, x9, x24\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x24\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[5]\n\t"
-        "mul	x6, x10, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x23\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[4]\n\t"
-        "mul	x6, x11, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[3]\n\t"
-        "mul	x6, x12, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[2]\n\t"
-        "mul	x6, x13, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[1]\n\t"
-        "mul	x6, x14, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[0]\n\t"
-        "mul	x6, x15, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[8]\n\t"
-        "mul	x6, x8, x26\n\t"
-        "umulh	x7, x8, x26\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[7]\n\t"
-        "mul	x6, x9, x25\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x25\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[6]\n\t"
-        "mul	x6, x10, x24\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x24\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[5]\n\t"
-        "mul	x6, x11, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x23\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[4]\n\t"
-        "mul	x6, x12, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[3]\n\t"
-        "mul	x6, x13, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[2]\n\t"
-        "mul	x6, x14, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[1]\n\t"
-        "mul	x6, x15, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[8] * B[0]\n\t"
-        "mul	x6, x16, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x16, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[1] * B[8]\n\t"
-        "mul	x6, x9, x26\n\t"
-        "umulh	x7, x9, x26\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[7]\n\t"
-        "mul	x6, x10, x25\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x25\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[6]\n\t"
-        "mul	x6, x11, x24\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[5]\n\t"
-        "mul	x6, x12, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x23\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[4]\n\t"
-        "mul	x6, x13, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[3]\n\t"
-        "mul	x6, x14, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[2]\n\t"
-        "mul	x6, x15, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[8] * B[1]\n\t"
-        "mul	x6, x16, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x16, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[2] * B[8]\n\t"
-        "mul	x6, x10, x26\n\t"
-        "umulh	x7, x10, x26\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[7]\n\t"
-        "mul	x6, x11, x25\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x25\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[6]\n\t"
-        "mul	x6, x12, x24\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x24\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[5]\n\t"
-        "mul	x6, x13, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x23\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[4]\n\t"
-        "mul	x6, x14, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[3]\n\t"
-        "mul	x6, x15, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[8] * B[2]\n\t"
-        "mul	x6, x16, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x16, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[3] * B[8]\n\t"
-        "mul	x6, x11, x26\n\t"
-        "umulh	x7, x11, x26\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[7]\n\t"
-        "mul	x6, x12, x25\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x25\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[6]\n\t"
-        "mul	x6, x13, x24\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x24\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[5]\n\t"
-        "mul	x6, x14, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x23\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[4]\n\t"
-        "mul	x6, x15, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[8] * B[3]\n\t"
-        "mul	x6, x16, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x16, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[4] * B[8]\n\t"
-        "mul	x6, x12, x26\n\t"
-        "umulh	x7, x12, x26\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[7]\n\t"
-        "mul	x6, x13, x25\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x25\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[6]\n\t"
-        "mul	x6, x14, x24\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[5]\n\t"
-        "mul	x6, x15, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x23\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[8] * B[4]\n\t"
-        "mul	x6, x16, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x16, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[5] * B[8]\n\t"
-        "mul	x6, x13, x26\n\t"
-        "umulh	x7, x13, x26\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[7]\n\t"
-        "mul	x6, x14, x25\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x25\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[6]\n\t"
-        "mul	x6, x15, x24\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x24\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[8] * B[5]\n\t"
-        "mul	x6, x16, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x16, x23\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[6] * B[8]\n\t"
-        "mul	x6, x14, x26\n\t"
-        "umulh	x7, x14, x26\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[7]\n\t"
-        "mul	x6, x15, x25\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x25\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[8] * B[6]\n\t"
-        "mul	x6, x16, x24\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x16, x24\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[7] * B[8]\n\t"
-        "mul	x6, x15, x26\n\t"
-        "umulh	x7, x15, x26\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[8] * B[7]\n\t"
-        "mul	x6, x16, x25\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x16, x25\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 120]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[8] * B[8]\n\t"
-        "mul	x6, x16, x26\n\t"
-        "umulh	x7, x16, x26\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adc	x5, x5, x7\n\t"
-        "stp	x4, x5, [%[r], 128]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_521_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[18];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 64\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 72\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 128\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_521_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x10, x11, [%[a], 0]\n\t"
-        "ldp	x12, x13, [%[a], 16]\n\t"
-        "ldp	x14, x15, [%[a], 32]\n\t"
-        "ldp	x16, x17, [%[a], 48]\n\t"
-        "ldr	x19, [%[a], 64]\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul	x2, x10, x10\n\t"
-        "umulh	x3, x10, x10\n\t"
-        "str	x2, [%[r]]\n\t"
-        "mov	x4, xzr\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul	x8, x10, x11\n\t"
-        "umulh	x9, x10, x11\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [%[r], 8]\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul	x8, x10, x12\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x10, x12\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul	x8, x11, x11\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x11, x11\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [%[r], 16]\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul	x8, x10, x13\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x10, x13\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul	x8, x11, x12\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x11, x12\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [%[r], 24]\n\t"
-        "#  A[0] * A[4]\n\t"
-        "mul	x8, x10, x14\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x10, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul	x8, x11, x13\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x11, x13\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul	x8, x12, x12\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x12, x12\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "#  A[0] * A[5]\n\t"
-        "mul	x5, x10, x15\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x6, x10, x15\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[4]\n\t"
-        "mul	x8, x11, x14\n\t"
-        "umulh	x9, x11, x14\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul	x8, x12, x13\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x13\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "#  A[0] * A[6]\n\t"
-        "mul	x5, x10, x16\n\t"
-        "umulh	x6, x10, x16\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[5]\n\t"
-        "mul	x8, x11, x15\n\t"
-        "umulh	x9, x11, x15\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[4]\n\t"
-        "mul	x8, x12, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul	x8, x13, x13\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x13\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 48]\n\t"
-        "#  A[0] * A[7]\n\t"
-        "mul	x5, x10, x17\n\t"
-        "umulh	x6, x10, x17\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[6]\n\t"
-        "mul	x8, x11, x16\n\t"
-        "umulh	x9, x11, x16\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[5]\n\t"
-        "mul	x8, x12, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[4]\n\t"
-        "mul	x8, x13, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 56]\n\t"
-        "#  A[0] * A[8]\n\t"
-        "mul	x5, x10, x19\n\t"
-        "umulh	x6, x10, x19\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[7]\n\t"
-        "mul	x8, x11, x17\n\t"
-        "umulh	x9, x11, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[6]\n\t"
-        "mul	x8, x12, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[5]\n\t"
-        "mul	x8, x13, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[4]\n\t"
-        "mul	x8, x14, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 64]\n\t"
-        "#  A[1] * A[8]\n\t"
-        "mul	x5, x11, x19\n\t"
-        "umulh	x6, x11, x19\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[2] * A[7]\n\t"
-        "mul	x8, x12, x17\n\t"
-        "umulh	x9, x12, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[6]\n\t"
-        "mul	x8, x13, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[5]\n\t"
-        "mul	x8, x14, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [%[r], 72]\n\t"
-        "#  A[2] * A[8]\n\t"
-        "mul	x5, x12, x19\n\t"
-        "umulh	x6, x12, x19\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[3] * A[7]\n\t"
-        "mul	x8, x13, x17\n\t"
-        "umulh	x9, x13, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[6]\n\t"
-        "mul	x8, x14, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[5]\n\t"
-        "mul	x8, x15, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [%[r], 80]\n\t"
-        "#  A[3] * A[8]\n\t"
-        "mul	x5, x13, x19\n\t"
-        "umulh	x6, x13, x19\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[4] * A[7]\n\t"
-        "mul	x8, x14, x17\n\t"
-        "umulh	x9, x14, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[6]\n\t"
-        "mul	x8, x15, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [%[r], 88]\n\t"
-        "#  A[4] * A[8]\n\t"
-        "mul	x8, x14, x19\n\t"
-        "umulh	x9, x14, x19\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[5] * A[7]\n\t"
-        "mul	x8, x15, x17\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x15, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[6] * A[6]\n\t"
-        "mul	x8, x16, x16\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x16, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [%[r], 96]\n\t"
-        "#  A[5] * A[8]\n\t"
-        "mul	x8, x15, x19\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x15, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[6] * A[7]\n\t"
-        "mul	x8, x16, x17\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x16, x17\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [%[r], 104]\n\t"
-        "#  A[6] * A[8]\n\t"
-        "mul	x8, x16, x19\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x16, x19\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[7] * A[7]\n\t"
-        "mul	x8, x17, x17\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x17, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [%[r], 112]\n\t"
-        "#  A[7] * A[8]\n\t"
-        "mul	x8, x17, x19\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x17, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [%[r], 120]\n\t"
-        "#  A[8] * A[8]\n\t"
-        "mul	x8, x19, x19\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x19, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adc	x4, x4, x9\n\t"
-        "stp	x3, x4, [%[r], 128]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 64\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x3, [%[a]], #8\n\t"
-        "ldr	x7, [%[b]], #8\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x3, [%[r]], #8\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldr	x3, [%[a], 64]\n\t"
-        "ldr	x7, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x3, [%[r], 64]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 64\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x3, [%[a]], #8\n\t"
-        "ldr	x7, [%[b]], #8\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "str	x3, [%[r]], #8\n\t"
-        "csetm	%[c], cc\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldr	x3, [%[a], 64]\n\t"
-        "ldr	x7, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "str	x3, [%[r], 64]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-static void sp_521_lshift_9(sp_digit* r, const sp_digit* a, byte n)
-{
-    word64 n64 = n;
-    __asm__ __volatile__ (
-        "mov	x6, 63\n\t"
-        "sub	x6, x6, %[n]\n\t"
-        "ldr	x3, [%[a], 64]\n\t"
-        "lsr	x4, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x4, x4, x6\n\t"
-        "ldr	x2, [%[a], 56]\n\t"
-        "str	x4, [%[r], 72]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 48]\n\t"
-        "str	x3, [%[r], 64]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 40]\n\t"
-        "str	x2, [%[r], 56]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 32]\n\t"
-        "str	x4, [%[r], 48]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 24]\n\t"
-        "str	x3, [%[r], 40]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 16]\n\t"
-        "str	x2, [%[r], 32]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 8]\n\t"
-        "str	x4, [%[r], 24]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 0]\n\t"
-        "str	x3, [%[r], 16]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "stp	x4, x2, [%[r]]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n64)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-static void sp_521_lshift_18(sp_digit* r, const sp_digit* a, byte n)
-{
-    word64 n64 = n;
-    __asm__ __volatile__ (
-        "mov	x6, 63\n\t"
-        "sub	x6, x6, %[n]\n\t"
-        "ldr	x3, [%[a], 136]\n\t"
-        "lsr	x4, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x4, x4, x6\n\t"
-        "ldr	x2, [%[a], 128]\n\t"
-        "str	x4, [%[r], 144]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 120]\n\t"
-        "str	x3, [%[r], 136]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 112]\n\t"
-        "str	x2, [%[r], 128]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 104]\n\t"
-        "str	x4, [%[r], 120]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 96]\n\t"
-        "str	x3, [%[r], 112]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 88]\n\t"
-        "str	x2, [%[r], 104]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 80]\n\t"
-        "str	x4, [%[r], 96]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 72]\n\t"
-        "str	x3, [%[r], 88]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 64]\n\t"
-        "str	x2, [%[r], 80]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 56]\n\t"
-        "str	x4, [%[r], 72]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 48]\n\t"
-        "str	x3, [%[r], 64]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 40]\n\t"
-        "str	x2, [%[r], 56]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 32]\n\t"
-        "str	x4, [%[r], 48]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 24]\n\t"
-        "str	x3, [%[r], 40]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x3, [%[a], 16]\n\t"
-        "str	x2, [%[r], 32]\n\t"
-        "lsr	x5, x3, 1\n\t"
-        "lsl	x3, x3, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x2, [%[a], 8]\n\t"
-        "str	x4, [%[r], 24]\n\t"
-        "lsr	x5, x2, 1\n\t"
-        "lsl	x2, x2, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x4, [%[a], 0]\n\t"
-        "str	x3, [%[r], 16]\n\t"
-        "lsr	x5, x4, 1\n\t"
-        "lsl	x4, x4, %[n]\n\t"
-        "lsr	x5, x5, x6\n\t"
-        "orr	x2, x2, x5\n\t"
-        "stp	x4, x2, [%[r]]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n64)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-static void sp_521_rshift_9(sp_digit* r, const sp_digit* a, byte n)
-{
-    sp_uint64 nl = n;
-    __asm__ __volatile__ (
-        "mov	x6, 64\n\t"
-        "sub	x6, x6, %[n]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "lsr	x2, x2, %[n]\n\t"
-        "lsl	x5, x3, x6\n\t"
-        "lsr	x3, x3, %[n]\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x4, [%[a], 16]\n\t"
-        "str	x2, [%[r], 0]\n\t"
-        "lsl	x5, x4, x6\n\t"
-        "lsr	x4, x4, %[n]\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x2, [%[a], 24]\n\t"
-        "str	x3, [%[r], 8]\n\t"
-        "lsl	x5, x2, x6\n\t"
-        "lsr	x2, x2, %[n]\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "str	x4, [%[r], 16]\n\t"
-        "lsl	x5, x3, x6\n\t"
-        "lsr	x3, x3, %[n]\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "str	x2, [%[r], 24]\n\t"
-        "lsl	x5, x4, x6\n\t"
-        "lsr	x4, x4, %[n]\n\t"
-        "orr	x3, x3, x5\n\t"
-        "ldr	x2, [%[a], 48]\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "lsl	x5, x2, x6\n\t"
-        "lsr	x2, x2, %[n]\n\t"
-        "orr	x4, x4, x5\n\t"
-        "ldr	x3, [%[a], 56]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "lsl	x5, x3, x6\n\t"
-        "lsr	x3, x3, %[n]\n\t"
-        "orr	x2, x2, x5\n\t"
-        "ldr	x4, [%[a], 64]\n\t"
-        "str	x2, [%[r], 48]\n\t"
-        "lsl	x5, x4, x6\n\t"
-        "lsr	x4, x4, %[n]\n\t"
-        "orr	x3, x3, x5\n\t"
-        "stp	x3, x4, [%[r], 56]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 64\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x2, [%[a], 0]\n\t"
-        "ldr	x6, [%[b]], #8\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "str	x2, [%[a]], #8\n\t"
-        "csetm	%[c], cc\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldr	x2, [%[a], 64]\n\t"
-        "ldr	x6, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "str	x2, [%[a], 64]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_521_cond_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 72\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldr	x5, [%[b], 64]\n\t"
-        "ldr	x4, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "str	x4, [%[r], 64]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 72\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "ldp	x9, x10, [%[a], 56]\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_521_word_9(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_521_mask_9(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<9; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #8\n\t"
-        "add	%[a], %[a], #56\n\t"
-        "add	%[b], %[b], #56\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "ldr	x6, [%[a], 8]\n\t"
-        "ldr	x8, [%[b], 8]\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 56]\n\t"
-        "ldp	x8, x9, [%[b], 56]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 40]\n\t"
-        "ldp	x8, x9, [%[b], 40]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 24]\n\t"
-        "ldp	x8, x9, [%[b], 24]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 8]\n\t"
-        "ldp	x8, x9, [%[b], 8]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldr	x6, [%[a]]\n\t"
-        "ldr	x8, [%[b]]\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[19];
-    sp_digit t2[10];
-    sp_digit sd[10];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-    div = (d[8] << 55) | (d[7] >> 9);
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 9);
-    r1 = sp_521_cmp_9(&t1[9], d) >= 0;
-    sp_521_cond_sub_9(&t1[9], &t1[9], d, (sp_digit)0 - r1);
-    sp_521_lshift_9(sd, d, 55);
-    sp_521_lshift_18(t1, t1, 55);
-
-    for (i = 8; i >= 0; i--) {
-        sp_digit hi = t1[9 + i] - (t1[9 + i] == div);
-        r1 = div_521_word_9(hi, t1[9 + i - 1], div);
-
-        sp_521_mul_d_9(t2, sd, r1);
-        t1[9 + i] += sp_521_sub_in_place_9(&t1[i], t2);
-        t1[9 + i] -= t2[9];
-        sp_521_mask_9(t2, sd, t1[9 + i]);
-        t1[9 + i] += sp_521_add_9(&t1[i], &t1[i], t2);
-        sp_521_mask_9(t2, sd, t1[9 + i]);
-        t1[9 + i] += sp_521_add_9(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_521_cmp_9(t1, sd) >= 0;
-    sp_521_cond_sub_9(r, t1, sd, (sp_digit)0 - r1);
-    sp_521_rshift_9(r, r, 55);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_521_div_9(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_521_mul_9(r, a, p521_norm_mod);
-    return sp_521_mod_9(r, r, m);
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_9(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 9, pm->x);
-    sp_521_from_mp(p->y, 9, pm->y);
-    sp_521_from_mp(p->z, 9, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 9);
-        r->used = 9;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[r], 0]\n\t"
-        "ldp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x7, x8, [%[r], 32]\n\t"
-        "ldp	x9, x10, [%[r], 48]\n\t"
-        "ldr	x11, [%[r], 64]\n\t"
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x16, x17, [%[a], 32]\n\t"
-        "ldp	x19, x20, [%[a], 48]\n\t"
-        "ldr	x21, [%[a], 64]\n\t"
-        "eor	x12, x12, x3\n\t"
-        "eor	x13, x13, x4\n\t"
-        "eor	x14, x14, x5\n\t"
-        "eor	x15, x15, x6\n\t"
-        "eor	x16, x16, x7\n\t"
-        "eor	x17, x17, x8\n\t"
-        "eor	x19, x19, x9\n\t"
-        "eor	x20, x20, x10\n\t"
-        "eor	x21, x21, x11\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "and	x13, x13, %[m]\n\t"
-        "and	x14, x14, %[m]\n\t"
-        "and	x15, x15, %[m]\n\t"
-        "and	x16, x16, %[m]\n\t"
-        "and	x17, x17, %[m]\n\t"
-        "and	x19, x19, %[m]\n\t"
-        "and	x20, x20, %[m]\n\t"
-        "and	x21, x21, %[m]\n\t"
-        "eor	x3, x3, x12\n\t"
-        "eor	x4, x4, x13\n\t"
-        "eor	x5, x5, x14\n\t"
-        "eor	x6, x6, x15\n\t"
-        "eor	x7, x7, x16\n\t"
-        "eor	x8, x8, x17\n\t"
-        "eor	x9, x9, x19\n\t"
-        "eor	x10, x10, x20\n\t"
-        "eor	x11, x11, x21\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "stp	x7, x8, [%[r], 32]\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "str	x11, [%[r], 64]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m, sp_digit mp)
-{
-    (void)m;
-    (void)mp;
-
-    __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-0xa0]!\n\t"
-        "add	x29, sp, #16\n\t"
-        "ldp	x8, x9, [%[a], 0]\n\t"
-        "ldp	x10, x11, [%[a], 16]\n\t"
-        "ldp	x12, x13, [%[a], 32]\n\t"
-        "ldp	x14, x15, [%[a], 48]\n\t"
-        "ldr	x16, [%[a], 64]\n\t"
-        "ldp	x17, x19, [%[b], 0]\n\t"
-        "ldp	x20, x21, [%[b], 16]\n\t"
-        "ldp	x22, x23, [%[b], 32]\n\t"
-        "ldp	x24, x25, [%[b], 48]\n\t"
-        "ldr	x26, [%[b], 64]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul	x3, x8, x17\n\t"
-        "umulh	x4, x8, x17\n\t"
-        "str	x3, [x29]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul	x6, x8, x19\n\t"
-        "umulh	x7, x8, x19\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul	x6, x9, x17\n\t"
-        "adc	x5, xzr, x7\n\t"
-        "umulh	x7, x9, x17\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [x29, 8]\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul	x6, x8, x20\n\t"
-        "umulh	x7, x8, x20\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul	x6, x9, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x19\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul	x6, x10, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [x29, 16]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul	x6, x8, x21\n\t"
-        "umulh	x7, x8, x21\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul	x6, x9, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x20\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul	x6, x10, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul	x6, x11, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [x29, 24]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[4]\n\t"
-        "mul	x6, x8, x22\n\t"
-        "umulh	x7, x8, x22\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul	x6, x9, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x21\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul	x6, x10, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul	x6, x11, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[0]\n\t"
-        "mul	x6, x12, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [x29, 32]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[5]\n\t"
-        "mul	x6, x8, x23\n\t"
-        "umulh	x7, x8, x23\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[4]\n\t"
-        "mul	x6, x9, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x22\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul	x6, x10, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul	x6, x11, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[1]\n\t"
-        "mul	x6, x12, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[0]\n\t"
-        "mul	x6, x13, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [x29, 40]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[6]\n\t"
-        "mul	x6, x8, x24\n\t"
-        "umulh	x7, x8, x24\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[5]\n\t"
-        "mul	x6, x9, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x23\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[4]\n\t"
-        "mul	x6, x10, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul	x6, x11, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[2]\n\t"
-        "mul	x6, x12, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[1]\n\t"
-        "mul	x6, x13, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[0]\n\t"
-        "mul	x6, x14, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [x29, 48]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[7]\n\t"
-        "mul	x6, x8, x25\n\t"
-        "umulh	x7, x8, x25\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[6]\n\t"
-        "mul	x6, x9, x24\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x24\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[5]\n\t"
-        "mul	x6, x10, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x23\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[4]\n\t"
-        "mul	x6, x11, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[3]\n\t"
-        "mul	x6, x12, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[2]\n\t"
-        "mul	x6, x13, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[1]\n\t"
-        "mul	x6, x14, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[0]\n\t"
-        "mul	x6, x15, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [x29, 56]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[8]\n\t"
-        "mul	x6, x8, x26\n\t"
-        "umulh	x7, x8, x26\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[7]\n\t"
-        "mul	x6, x9, x25\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x25\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[6]\n\t"
-        "mul	x6, x10, x24\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x24\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[5]\n\t"
-        "mul	x6, x11, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x23\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[4]\n\t"
-        "mul	x6, x12, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[3]\n\t"
-        "mul	x6, x13, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[2]\n\t"
-        "mul	x6, x14, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[1]\n\t"
-        "mul	x6, x15, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[8] * B[0]\n\t"
-        "mul	x6, x16, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x16, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [x29, 64]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[1] * B[8]\n\t"
-        "mul	x6, x9, x26\n\t"
-        "umulh	x7, x9, x26\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[7]\n\t"
-        "mul	x6, x10, x25\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x25\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[6]\n\t"
-        "mul	x6, x11, x24\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[5]\n\t"
-        "mul	x6, x12, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x23\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[4]\n\t"
-        "mul	x6, x13, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[3]\n\t"
-        "mul	x6, x14, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[2]\n\t"
-        "mul	x6, x15, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[8] * B[1]\n\t"
-        "mul	x6, x16, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x16, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [x29, 72]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[2] * B[8]\n\t"
-        "mul	x6, x10, x26\n\t"
-        "umulh	x7, x10, x26\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[7]\n\t"
-        "mul	x6, x11, x25\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x25\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[6]\n\t"
-        "mul	x6, x12, x24\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x24\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[5]\n\t"
-        "mul	x6, x13, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x23\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[4]\n\t"
-        "mul	x6, x14, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[3]\n\t"
-        "mul	x6, x15, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[8] * B[2]\n\t"
-        "mul	x6, x16, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x16, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [x29, 80]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[3] * B[8]\n\t"
-        "mul	x6, x11, x26\n\t"
-        "umulh	x7, x11, x26\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[7]\n\t"
-        "mul	x6, x12, x25\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x25\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[6]\n\t"
-        "mul	x6, x13, x24\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x24\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[5]\n\t"
-        "mul	x6, x14, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x23\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[4]\n\t"
-        "mul	x6, x15, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[8] * B[3]\n\t"
-        "mul	x6, x16, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x16, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [x29, 88]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[4] * B[8]\n\t"
-        "mul	x6, x12, x26\n\t"
-        "umulh	x7, x12, x26\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[7]\n\t"
-        "mul	x6, x13, x25\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x25\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[6]\n\t"
-        "mul	x6, x14, x24\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[5]\n\t"
-        "mul	x6, x15, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x23\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[8] * B[4]\n\t"
-        "mul	x6, x16, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x16, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [x29, 96]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[5] * B[8]\n\t"
-        "mul	x6, x13, x26\n\t"
-        "umulh	x7, x13, x26\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[7]\n\t"
-        "mul	x6, x14, x25\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x25\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[6]\n\t"
-        "mul	x6, x15, x24\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x24\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[8] * B[5]\n\t"
-        "mul	x6, x16, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x16, x23\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [x29, 104]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[6] * B[8]\n\t"
-        "mul	x6, x14, x26\n\t"
-        "umulh	x7, x14, x26\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[7]\n\t"
-        "mul	x6, x15, x25\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x25\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[8] * B[6]\n\t"
-        "mul	x6, x16, x24\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x16, x24\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [x29, 112]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[7] * B[8]\n\t"
-        "mul	x6, x15, x26\n\t"
-        "umulh	x7, x15, x26\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[8] * B[7]\n\t"
-        "mul	x6, x16, x25\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x16, x25\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [x29, 120]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[8] * B[8]\n\t"
-        "mul	x6, x16, x26\n\t"
-        "umulh	x7, x16, x26\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adc	x5, x5, x7\n\t"
-        "stp	x4, x5, [x29, 128]\n\t"
-        "ldp	x8, x9, [x29, 0]\n\t"
-        "ldp	x10, x11, [x29, 16]\n\t"
-        "ldp	x12, x13, [x29, 32]\n\t"
-        "ldp	x14, x15, [x29, 48]\n\t"
-        "ldp	x17, x19, [x29, 64]\n\t"
-        "ldp	x20, x21, [x29, 80]\n\t"
-        "ldp	x22, x23, [x29, 96]\n\t"
-        "ldp	x24, x25, [x29, 112]\n\t"
-        "ldr	x26, [x29, 128]\n\t"
-        "and	x16, x17, 0x1ff\n\t"
-        "lsr	x17, x17, 9\n\t"
-        "orr	x17, x17, x19, lsl #55\n\t"
-        "lsr	x19, x19, 9\n\t"
-        "orr	x19, x19, x20, lsl #55\n\t"
-        "lsr	x20, x20, 9\n\t"
-        "orr	x20, x20, x21, lsl #55\n\t"
-        "lsr	x21, x21, 9\n\t"
-        "orr	x21, x21, x22, lsl #55\n\t"
-        "lsr	x22, x22, 9\n\t"
-        "orr	x22, x22, x23, lsl #55\n\t"
-        "lsr	x23, x23, 9\n\t"
-        "orr	x23, x23, x24, lsl #55\n\t"
-        "lsr	x24, x24, 9\n\t"
-        "orr	x24, x24, x25, lsl #55\n\t"
-        "lsr	x25, x25, 9\n\t"
-        "orr	x25, x25, x26, lsl #55\n\t"
-        "lsr	x26, x26, 9\n\t"
-        "adds	x8, x8, x17\n\t"
-        "adcs	x9, x9, x19\n\t"
-        "adcs	x10, x10, x20\n\t"
-        "adcs	x11, x11, x21\n\t"
-        "adcs	x12, x12, x22\n\t"
-        "adcs	x13, x13, x23\n\t"
-        "adcs	x14, x14, x24\n\t"
-        "adcs	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "lsr	x17, x16, 9\n\t"
-        "and	x16, x16, 0x1ff\n\t"
-        "adds	x8, x8, x17\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, xzr\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adcs	x16, x16, xzr\n\t"
-        "stp	x8, x9, [%[r], 0]\n\t"
-        "stp	x10, x11, [%[r], 16]\n\t"
-        "stp	x12, x13, [%[r], 32]\n\t"
-        "stp	x14, x15, [%[r], 48]\n\t"
-        "str	x16, [%[r], 64]\n\t"
-        "ldp	x29, x30, [sp], #0xa0\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        : [r] "r" (r)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
-    );
-}
-
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    (void)m;
-    (void)mp;
-
-    __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-0xa0]!\n\t"
-        "add	x29, sp, #16\n\t"
-        "ldp	x10, x11, [%[a], 0]\n\t"
-        "ldp	x12, x13, [%[a], 16]\n\t"
-        "ldp	x14, x15, [%[a], 32]\n\t"
-        "ldp	x16, x17, [%[a], 48]\n\t"
-        "ldr	x19, [%[a], 64]\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul	x2, x10, x10\n\t"
-        "umulh	x3, x10, x10\n\t"
-        "str	x2, [x29]\n\t"
-        "mov	x4, xzr\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul	x8, x10, x11\n\t"
-        "umulh	x9, x10, x11\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [x29, 8]\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul	x8, x10, x12\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x10, x12\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul	x8, x11, x11\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x11, x11\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [x29, 16]\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul	x8, x10, x13\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x10, x13\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul	x8, x11, x12\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x11, x12\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [x29, 24]\n\t"
-        "#  A[0] * A[4]\n\t"
-        "mul	x8, x10, x14\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x10, x14\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul	x8, x11, x13\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x11, x13\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul	x8, x12, x12\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x12, x12\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [x29, 32]\n\t"
-        "#  A[0] * A[5]\n\t"
-        "mul	x5, x10, x15\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x6, x10, x15\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[4]\n\t"
-        "mul	x8, x11, x14\n\t"
-        "umulh	x9, x11, x14\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul	x8, x12, x13\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x13\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [x29, 40]\n\t"
-        "#  A[0] * A[6]\n\t"
-        "mul	x5, x10, x16\n\t"
-        "umulh	x6, x10, x16\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[5]\n\t"
-        "mul	x8, x11, x15\n\t"
-        "umulh	x9, x11, x15\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[4]\n\t"
-        "mul	x8, x12, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul	x8, x13, x13\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x13\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [x29, 48]\n\t"
-        "#  A[0] * A[7]\n\t"
-        "mul	x5, x10, x17\n\t"
-        "umulh	x6, x10, x17\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[6]\n\t"
-        "mul	x8, x11, x16\n\t"
-        "umulh	x9, x11, x16\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[5]\n\t"
-        "mul	x8, x12, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[4]\n\t"
-        "mul	x8, x13, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [x29, 56]\n\t"
-        "#  A[0] * A[8]\n\t"
-        "mul	x5, x10, x19\n\t"
-        "umulh	x6, x10, x19\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[1] * A[7]\n\t"
-        "mul	x8, x11, x17\n\t"
-        "umulh	x9, x11, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[2] * A[6]\n\t"
-        "mul	x8, x12, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x12, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[5]\n\t"
-        "mul	x8, x13, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[4]\n\t"
-        "mul	x8, x14, x14\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x14\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [x29, 64]\n\t"
-        "#  A[1] * A[8]\n\t"
-        "mul	x5, x11, x19\n\t"
-        "umulh	x6, x11, x19\n\t"
-        "mov	x4, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[2] * A[7]\n\t"
-        "mul	x8, x12, x17\n\t"
-        "umulh	x9, x12, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[3] * A[6]\n\t"
-        "mul	x8, x13, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x13, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[5]\n\t"
-        "mul	x8, x14, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x2, x2, x5\n\t"
-        "adcs	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "str	x2, [x29, 72]\n\t"
-        "#  A[2] * A[8]\n\t"
-        "mul	x5, x12, x19\n\t"
-        "umulh	x6, x12, x19\n\t"
-        "mov	x2, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[3] * A[7]\n\t"
-        "mul	x8, x13, x17\n\t"
-        "umulh	x9, x13, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[4] * A[6]\n\t"
-        "mul	x8, x14, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x14, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[5]\n\t"
-        "mul	x8, x15, x15\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x15\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x3, x3, x5\n\t"
-        "adcs	x4, x4, x6\n\t"
-        "adc	x2, x2, x7\n\t"
-        "str	x3, [x29, 80]\n\t"
-        "#  A[3] * A[8]\n\t"
-        "mul	x5, x13, x19\n\t"
-        "umulh	x6, x13, x19\n\t"
-        "mov	x3, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "#  A[4] * A[7]\n\t"
-        "mul	x8, x14, x17\n\t"
-        "umulh	x9, x14, x17\n\t"
-        "adds	x5, x5, x8\n\t"
-        "#  A[5] * A[6]\n\t"
-        "mul	x8, x15, x16\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "umulh	x9, x15, x16\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "adds	x4, x4, x5\n\t"
-        "adcs	x2, x2, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "str	x4, [x29, 88]\n\t"
-        "#  A[4] * A[8]\n\t"
-        "mul	x8, x14, x19\n\t"
-        "umulh	x9, x14, x19\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[5] * A[7]\n\t"
-        "mul	x8, x15, x17\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x15, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "#  A[6] * A[6]\n\t"
-        "mul	x8, x16, x16\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x16, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [x29, 96]\n\t"
-        "#  A[5] * A[8]\n\t"
-        "mul	x8, x15, x19\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x15, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, xzr, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "#  A[6] * A[7]\n\t"
-        "mul	x8, x16, x17\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x16, x17\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "str	x3, [x29, 104]\n\t"
-        "#  A[6] * A[8]\n\t"
-        "mul	x8, x16, x19\n\t"
-        "adcs	x4, x4, x9\n\t"
-        "umulh	x9, x16, x19\n\t"
-        "adc	x2, x2, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "#  A[7] * A[7]\n\t"
-        "mul	x8, x17, x17\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x17, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x8\n\t"
-        "str	x4, [x29, 112]\n\t"
-        "#  A[7] * A[8]\n\t"
-        "mul	x8, x17, x19\n\t"
-        "adcs	x2, x2, x9\n\t"
-        "umulh	x9, x17, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x2, x2, x8\n\t"
-        "str	x2, [x29, 120]\n\t"
-        "#  A[8] * A[8]\n\t"
-        "mul	x8, x19, x19\n\t"
-        "adcs	x3, x3, x9\n\t"
-        "umulh	x9, x19, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x3, x3, x8\n\t"
-        "adc	x4, x4, x9\n\t"
-        "stp	x3, x4, [x29, 128]\n\t"
-        "ldp	x2, x3, [x29, 0]\n\t"
-        "ldp	x4, x5, [x29, 16]\n\t"
-        "ldp	x6, x7, [x29, 32]\n\t"
-        "ldp	x8, x9, [x29, 48]\n\t"
-        "ldp	x11, x12, [x29, 64]\n\t"
-        "ldp	x13, x14, [x29, 80]\n\t"
-        "ldp	x15, x16, [x29, 96]\n\t"
-        "ldp	x17, x19, [x29, 112]\n\t"
-        "ldr	x20, [x29, 128]\n\t"
-        "and	x10, x11, 0x1ff\n\t"
-        "lsr	x11, x11, 9\n\t"
-        "orr	x11, x11, x12, lsl #55\n\t"
-        "lsr	x12, x12, 9\n\t"
-        "orr	x12, x12, x13, lsl #55\n\t"
-        "lsr	x13, x13, 9\n\t"
-        "orr	x13, x13, x14, lsl #55\n\t"
-        "lsr	x14, x14, 9\n\t"
-        "orr	x14, x14, x15, lsl #55\n\t"
-        "lsr	x15, x15, 9\n\t"
-        "orr	x15, x15, x16, lsl #55\n\t"
-        "lsr	x16, x16, 9\n\t"
-        "orr	x16, x16, x17, lsl #55\n\t"
-        "lsr	x17, x17, 9\n\t"
-        "orr	x17, x17, x19, lsl #55\n\t"
-        "lsr	x19, x19, 9\n\t"
-        "orr	x19, x19, x20, lsl #55\n\t"
-        "lsr	x20, x20, 9\n\t"
-        "adds	x2, x2, x11\n\t"
-        "adcs	x3, x3, x12\n\t"
-        "adcs	x4, x4, x13\n\t"
-        "adcs	x5, x5, x14\n\t"
-        "adcs	x6, x6, x15\n\t"
-        "adcs	x7, x7, x16\n\t"
-        "adcs	x8, x8, x17\n\t"
-        "adcs	x9, x9, x19\n\t"
-        "adcs	x10, x10, x20\n\t"
-        "lsr	x11, x10, 9\n\t"
-        "and	x10, x10, 0x1ff\n\t"
-        "adds	x2, x2, x11\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "stp	x2, x3, [%[r], 0]\n\t"
-        "stp	x4, x5, [%[r], 16]\n\t"
-        "stp	x6, x7, [%[r], 32]\n\t"
-        "stp	x8, x9, [%[r], 48]\n\t"
-        "str	x10, [%[r], 64]\n\t"
-        "ldp	x29, x30, [sp], #0xa0\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "cc"
-    );
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_9(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_9(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word64 p521_mod_minus_2[9] = {
-    0xfffffffffffffffdU,0xffffffffffffffffU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0x00000000000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_521_mont_mul_9(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-
-    /* 0x2 */
-    sp_521_mont_sqr_9(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_9(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_9(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_9(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_9(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_9(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_9(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_9(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_9(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_9(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_521_norm_9(a)
-
-#define sp_521_mont_reduce_order_9    sp_521_mont_reduce_9
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x13, x14, [%[a], 0]\n\t"
-        "ldp	x15, x16, [%[a], 16]\n\t"
-        "ldp	x17, x19, [%[a], 32]\n\t"
-        "ldp	x20, x21, [%[a], 48]\n\t"
-        "ldr	x22, [%[a], 64]\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..8\n\t"
-        "mov	x4, 9\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x9, %[mp], x13\n\t"
-        "cmp	x4, #1\n\t"
-        "b.ne	L_521_mont_reduce_9_nomask_%=\n\t"
-        "and	x9, x9, #0x1ff\n\t"
-        "L_521_mont_reduce_9_nomask_%=:\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "ldp	x10, x11, [%[m], 0]\n\t"
-        "mul	x7, x10, x9\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x12, x13, x7\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "mul	x7, x11, x9\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x13, x14, x7\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "ldp	x11, x10, [%[m], 16]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x13, x13, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x14, x15, x7\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x14, x14, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x15, x16, x7\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "ldp	x11, x10, [%[m], 32]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x15, x15, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x16, x17, x7\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x16, x16, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x17, x19, x7\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "ldp	x11, x10, [%[m], 48]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x17, x17, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x19, x20, x7\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x19, x19, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x20, x21, x7\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "ldr	x11, [%[m], 64]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x20, x20, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x5, x5, x7\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x21, x22, x5\n\t"
-        "ldr	x22, [%[a], 72]\n\t"
-        "adcs	x22, x22, x8\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "extr	x12, x13, x12, 9\n\t"
-        "extr	x13, x14, x13, 9\n\t"
-        "extr	x14, x15, x14, 9\n\t"
-        "extr	x15, x16, x15, 9\n\t"
-        "extr	x16, x17, x16, 9\n\t"
-        "extr	x17, x19, x17, 9\n\t"
-        "extr	x19, x20, x19, 9\n\t"
-        "extr	x20, x21, x20, 9\n\t"
-        "lsr	x21, x21, 9\n\t"
-        "lsr	x3, x21, 9\n\t"
-        "sub	%[a], %[a], 72\n\t"
-        "neg	x3, x3\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x12, x12, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x13, x13, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x14, x14, x6\n\t"
-        "stp	x12, x13, [%[a], 0]\n\t"
-        "sbcs	x15, x15, x7\n\t"
-        "stp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x16, x16, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x17, x17, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x19, x19, x6\n\t"
-        "stp	x16, x17, [%[a], 32]\n\t"
-        "sbcs	x20, x20, x7\n\t"
-        "stp	x19, x20, [%[a], 48]\n\t"
-        "ldr	x4, [%[m], 64]\n\t"
-        "and	x4, x4, x3\n\t"
-        "sbcs	x21, x21, x4\n\t"
-        "str	x21, [%[a], 64]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
-    );
-
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_int64 n;
-
-    sp_521_mont_inv_9(t1, p->z, t + 2*9);
-
-    sp_521_mont_sqr_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_9(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_9(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_9(r->x, p521_mod);
-    sp_521_cond_sub_9(r->x, r->x, p521_mod, (sp_digit)~(n >> 63));
-    sp_521_norm_9(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_9(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_9(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_9(r->y, p521_mod);
-    sp_521_cond_sub_9(r->y, r->y, p521_mod, (sp_digit)~(n >> 63));
-    sp_521_norm_9(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[a], 32]\n\t"
-        "ldp	x10, x11, [%[a], 48]\n\t"
-        "ldr	x12, [%[a], 64]\n\t"
-        "ldp	x13, x14, [%[b], 0]\n\t"
-        "ldp	x15, x16, [%[b], 16]\n\t"
-        "ldp	x17, x19, [%[b], 32]\n\t"
-        "ldp	x20, x21, [%[b], 48]\n\t"
-        "ldr	x22, [%[b], 64]\n\t"
-        "adds	x4, x4, x13\n\t"
-        "adcs	x5, x5, x14\n\t"
-        "adcs	x6, x6, x15\n\t"
-        "adcs	x7, x7, x16\n\t"
-        "adcs	x8, x8, x17\n\t"
-        "adcs	x9, x9, x19\n\t"
-        "adcs	x10, x10, x20\n\t"
-        "adcs	x11, x11, x21\n\t"
-        "adc	x12, x12, x22\n\t"
-        "lsr	x13, x12, 9\n\t"
-        "and	x12, x12, 0x1ff\n\t"
-        "adds	x4, x4, x13\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "stp	x8, x9, [%[r], 32]\n\t"
-        "stp	x10, x11, [%[r], 48]\n\t"
-        "str	x12, [%[r], 64]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
-    );
-
-    (void)m;
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[a], 32]\n\t"
-        "ldp	x10, x11, [%[a], 48]\n\t"
-        "ldr	x12, [%[a], 64]\n\t"
-        "adds	x4, x4, x4\n\t"
-        "adcs	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "adc	x12, x12, x12\n\t"
-        "lsr	x13, x12, 9\n\t"
-        "and	x12, x12, 0x1ff\n\t"
-        "adds	x4, x4, x13\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "stp	x8, x9, [%[r], 32]\n\t"
-        "stp	x10, x11, [%[r], 48]\n\t"
-        "str	x12, [%[r], 64]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
-    );
-
-    (void)m;
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[a], 32]\n\t"
-        "ldp	x10, x11, [%[a], 48]\n\t"
-        "ldr	x12, [%[a], 64]\n\t"
-        "adds	x13, x4, x4\n\t"
-        "adcs	x14, x5, x5\n\t"
-        "adcs	x15, x6, x6\n\t"
-        "adcs	x16, x7, x7\n\t"
-        "adcs	x17, x8, x8\n\t"
-        "adcs	x19, x9, x9\n\t"
-        "adcs	x20, x10, x10\n\t"
-        "adcs	x21, x11, x11\n\t"
-        "adc	x22, x12, x12\n\t"
-        "adds	x13, x13, x4\n\t"
-        "adcs	x14, x14, x5\n\t"
-        "adcs	x15, x15, x6\n\t"
-        "adcs	x16, x16, x7\n\t"
-        "adcs	x17, x17, x8\n\t"
-        "adcs	x19, x19, x9\n\t"
-        "adcs	x20, x20, x10\n\t"
-        "adcs	x21, x21, x11\n\t"
-        "adc	x22, x22, x12\n\t"
-        "lsr	x4, x22, 9\n\t"
-        "and	x22, x22, 0x1ff\n\t"
-        "adds	x13, x13, x4\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adcs	x16, x16, xzr\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "adcs	x19, x19, xzr\n\t"
-        "adcs	x20, x20, xzr\n\t"
-        "adcs	x21, x21, xzr\n\t"
-        "adc	x22, x22, xzr\n\t"
-        "stp	x13, x14, [%[r], 0]\n\t"
-        "stp	x15, x16, [%[r], 16]\n\t"
-        "stp	x17, x19, [%[r], 32]\n\t"
-        "stp	x20, x21, [%[r], 48]\n\t"
-        "str	x22, [%[r], 64]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
-    );
-
-    (void)m;
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[a], 32]\n\t"
-        "ldp	x10, x11, [%[a], 48]\n\t"
-        "ldr	x12, [%[a], 64]\n\t"
-        "ldp	x13, x14, [%[b], 0]\n\t"
-        "ldp	x15, x16, [%[b], 16]\n\t"
-        "ldp	x17, x19, [%[b], 32]\n\t"
-        "ldp	x20, x21, [%[b], 48]\n\t"
-        "ldr	x22, [%[b], 64]\n\t"
-        "subs	x4, x4, x13\n\t"
-        "sbcs	x5, x5, x14\n\t"
-        "sbcs	x6, x6, x15\n\t"
-        "sbcs	x7, x7, x16\n\t"
-        "sbcs	x8, x8, x17\n\t"
-        "sbcs	x9, x9, x19\n\t"
-        "sbcs	x10, x10, x20\n\t"
-        "sbcs	x11, x11, x21\n\t"
-        "sbc	x12, x12, x22\n\t"
-        "asr	x13, x12, 9\n\t"
-        "and	x12, x12, 0x1ff\n\t"
-        "neg	x13, x13\n\t"
-        "subs	x4, x4, x13\n\t"
-        "sbcs	x5, x5, xzr\n\t"
-        "sbcs	x6, x6, xzr\n\t"
-        "sbcs	x7, x7, xzr\n\t"
-        "sbcs	x8, x8, xzr\n\t"
-        "sbcs	x9, x9, xzr\n\t"
-        "sbcs	x10, x10, xzr\n\t"
-        "sbcs	x11, x11, xzr\n\t"
-        "sbc	x12, x12, xzr\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "stp	x8, x9, [%[r], 32]\n\t"
-        "stp	x10, x11, [%[r], 48]\n\t"
-        "str	x12, [%[r], 64]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
-    );
-
-    (void)m;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "adcs	x4, x4, x5\n\t"
-        "cset	%[c], cs\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 72\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_521_cond_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "ldr	x8, [%[b], 64]\n\t"
-        "ldr	x4, [%[a], 64]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "str	x4, [%[r], 64]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldr	x3, [%[a], 8]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 16]\n\t"
-        "str	x2, [%[r], 0]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 24]\n\t"
-        "str	x3, [%[r], 8]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "str	x4, [%[r], 16]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "str	x2, [%[r], 24]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 48]\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "ldr	x3, [%[a], 56]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 64]\n\t"
-        "str	x2, [%[r], 48]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "lsr	x4, x4, #1\n\t"
-        "stp	x3, x4, [%[r], 56]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_521_cond_add_9(r, a, m, 0 - (a[0] & 1));
-    sp_521_rshift1_9(r, r);
-    r[8] |= o << 63;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_9(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_9(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_9(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_9(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_9(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_9(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_9(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_9(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_9(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_9(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_9(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_9(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_9(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_9(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_9(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_9_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_9_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_9(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_9(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_9(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_9(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_9(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_9(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_9(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_9(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_9(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_9(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_9(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_9(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_9(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t2, b, p521_mod);
-        sp_521_mont_sub_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_9(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_9(t2, b, p521_mod);
-    sp_521_mont_sub_9(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_9(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_9(y, y, p521_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_9(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_9(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*9;
-    sp_digit* t2 = t + 4*9;
-    sp_digit* t3 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_9(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(t2, t1) &
-            sp_521_cmp_equal_9(t4, t3)) {
-        sp_521_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_9(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(x, x, t5, p521_mod);
-        sp_521_mont_mul_9(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t3, y, p521_mod);
-        sp_521_mont_sub_9(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_9_ctx {
-    int state;
-    sp_521_proj_point_dbl_9_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_9_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_9_ctx* ctx = (sp_521_proj_point_add_9_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*9;
-        ctx->t2 = t + 4*9;
-        ctx->t3 = t + 6*9;
-        ctx->t4 = t + 8*9;
-        ctx->t5 = t + 10*9;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_9(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_9(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_9(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_9(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_9(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_9(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_9(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_9(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_9(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_9(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_9(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_9(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_9(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_9(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_9(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_9(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_9(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_9(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_9(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_9(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_9(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_9(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
-        const sp_point_521* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<9; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<9; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<9; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(w, w, p521_mod, p521_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t2, b, p521_mod);
-        sp_521_mont_sub_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t1, p521_mod);
-        /* Y = Y/2 */
-        sp_521_mont_div2_9(r[j].y, y, p521_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
-        sp_point_521* rs, const sp_point_521* p, const sp_point_521* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t1, xa, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_9(t3, t3, ya, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-    /* H = U2 - U1 */
-    sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-    /* RS = S2 + S1 */
-    sp_521_mont_add_9(t6, t4, t3, p521_mod);
-    /* R = S2 - S1 */
-    sp_521_mont_sub_9(t4, t4, t3, p521_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_521_mont_mul_9(za, za, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(za, za, t2, p521_mod, p521_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_521_mont_sqr_9(xa, t4, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(xs, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(ya, t1, t5, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(xa, xa, t5, p521_mod);
-    sp_521_mont_sub_9(xs, xs, t5, p521_mod);
-    sp_521_mont_dbl_9(t1, ya, p521_mod);
-    sp_521_mont_sub_9(xa, xa, t1, p521_mod);
-    sp_521_mont_sub_9(xs, xs, t1, p521_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_9(ya, ya, xa, p521_mod);
-    sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
-    sp_521_sub_9(t6, p521_mod, t6);
-    sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t5, t5, t3, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(ya, ya, t5, p521_mod);
-    sp_521_mont_sub_9(ys, ys, t5, p521_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_521 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_521;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_9_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_9_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<87; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 64) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 64) {
-            n >>= 6;
-            if (++j < 9)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 9) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x3f);
-            o -= 58;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_9_6[y];
-        v[i].neg = recode_neg_9_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-SP_NOINLINE static void sp_521_get_point_33_9(sp_point_521* r,
-    const sp_point_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit x6 = 0;
-    sp_digit x7 = 0;
-    sp_digit x8 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-    sp_digit y6 = 0;
-    sp_digit y7 = 0;
-    sp_digit y8 = 0;
-    sp_digit z0 = 0;
-    sp_digit z1 = 0;
-    sp_digit z2 = 0;
-    sp_digit z3 = 0;
-    sp_digit z4 = 0;
-    sp_digit z5 = 0;
-    sp_digit z6 = 0;
-    sp_digit z7 = 0;
-    sp_digit z8 = 0;
-
-    for (i = 1; i < 33; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        x6 |= mask & table[i].x[6];
-        x7 |= mask & table[i].x[7];
-        x8 |= mask & table[i].x[8];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-        y6 |= mask & table[i].y[6];
-        y7 |= mask & table[i].y[7];
-        y8 |= mask & table[i].y[8];
-        z0 |= mask & table[i].z[0];
-        z1 |= mask & table[i].z[1];
-        z2 |= mask & table[i].z[2];
-        z3 |= mask & table[i].z[3];
-        z4 |= mask & table[i].z[4];
-        z5 |= mask & table[i].z[5];
-        z6 |= mask & table[i].z[6];
-        z7 |= mask & table[i].z[7];
-        z8 |= mask & table[i].z[8];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->x[6] = x6;
-    r->x[7] = x7;
-    r->x[8] = x8;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-    r->y[6] = y6;
-    r->y[7] = y7;
-    r->y[8] = y8;
-    r->z[0] = z0;
-    r->z[1] = z1;
-    r->z[2] = z2;
-    r->z[3] = z3;
-    r->z[4] = z4;
-    r->z[5] = z5;
-    r->z[6] = z6;
-    r->z[7] = z7;
-    r->z[8] = z8;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* rt = NULL;
-    sp_point_521* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_521 v[87];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_9(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t[1].y, g->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t[1].z, g->z, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_521_proj_point_dbl_n_store_9(t, &t[ 1], 5, 1, tmp);
-        sp_521_proj_point_add_9(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[ 6], &t[ 3], tmp);
-        sp_521_proj_point_add_sub_9(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[10], &t[ 5], tmp);
-        sp_521_proj_point_add_sub_9(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[12], &t[ 6], tmp);
-        sp_521_proj_point_dbl_9(&t[14], &t[ 7], tmp);
-        sp_521_proj_point_add_sub_9(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[18], &t[ 9], tmp);
-        sp_521_proj_point_add_sub_9(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[20], &t[10], tmp);
-        sp_521_proj_point_dbl_9(&t[22], &t[11], tmp);
-        sp_521_proj_point_add_sub_9(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[24], &t[12], tmp);
-        sp_521_proj_point_dbl_9(&t[26], &t[13], tmp);
-        sp_521_proj_point_add_sub_9(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[28], &t[14], tmp);
-        sp_521_proj_point_dbl_9(&t[30], &t[15], tmp);
-        sp_521_proj_point_add_sub_9(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_521_ecc_recode_6_9(k, v);
-
-        i = 86;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_33_9(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_521));
-        }
-        for (--i; i>=0; i--) {
-            sp_521_proj_point_dbl_n_9(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_33_9(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_521));
-            }
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_521_proj_point_add_9(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[9];
-    sp_digit y[9];
-} sp_table_entry_521;
-
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*9;
-    sp_digit* t6 = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(p->x, t2) &
-            sp_521_cmp_equal_9(p->y, t4)) {
-        sp_521_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_9(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_9(t5, t3, p521_mod);
-        sp_521_mont_sub_9(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_9(t3, t3, x, p521_mod);
-        sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 9;
-    sp_digit* tmp = t + 4 * 9;
-
-    sp_521_mont_inv_9(t1, a->z, tmp);
-
-    sp_521_mont_sqr_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_9(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 86 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_9(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_9(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_9(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_521_proj_point_dbl_n_9(t, 87, tmp);
-            sp_521_proj_to_affine_9(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_9(t, s1, s2, tmp);
-                sp_521_proj_to_affine_9(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_64_9(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit x6 = 0;
-    sp_digit x7 = 0;
-    sp_digit x8 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-    sp_digit y6 = 0;
-    sp_digit y7 = 0;
-    sp_digit y8 = 0;
-
-    for (i = 1; i < 64; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        x6 |= mask & table[i].x[6];
-        x7 |= mask & table[i].x[7];
-        x8 |= mask & table[i].x[8];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-        y6 |= mask & table[i].y[6];
-        y7 |= mask & table[i].y[7];
-        y8 |= mask & table[i].y[8];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->x[6] = x6;
-    r->x[7] = x7;
-    r->x[8] = x8;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-    r->y[6] = y6;
-    r->y[7] = y7;
-    r->y[8] = y8;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^86, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 86;
-        for (j=0; j<6 && x<521; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 87;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_64_9(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=85; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6 && x<521; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 87;
-            }
-
-            sp_521_proj_point_dbl_9(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_64_9(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_9(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[9];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[9];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[64];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_9(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_9(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_9(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_9(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 65 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_9(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_9(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_9(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_521_proj_point_dbl_n_9(t, 66, tmp);
-            sp_521_proj_to_affine_9(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_9(t, s1, s2, tmp);
-                sp_521_proj_to_affine_9(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_256_9(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit x6 = 0;
-    sp_digit x7 = 0;
-    sp_digit x8 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-    sp_digit y6 = 0;
-    sp_digit y7 = 0;
-    sp_digit y8 = 0;
-
-    for (i = 1; i < 256; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        x6 |= mask & table[i].x[6];
-        x7 |= mask & table[i].x[7];
-        x8 |= mask & table[i].x[8];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-        y6 |= mask & table[i].y[6];
-        y7 |= mask & table[i].y[7];
-        y8 |= mask & table[i].y[8];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->x[6] = x6;
-    r->x[7] = x7;
-    r->x[8] = x8;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-    r->y[6] = y6;
-    r->y[7] = y7;
-    r->y[8] = y8;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 65;
-        for (j=0; j<8 && x<521; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 66;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_256_9(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=64; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8 && x<521; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 66;
-            }
-
-            sp_521_proj_point_dbl_9(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_256_9(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_9(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[9];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[9];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_9(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_9(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_9(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_9(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(point, gm);
-
-            err = sp_521_ecc_mulmod_9(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(point, gm);
-        sp_521_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_9(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_9(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifndef WC_NO_CACHE_RESISTANT
-/* Striping precomputation table.
- * 6 points combined into a table of 64 points.
- * Distance of 87 between points.
- */
-static const sp_table_entry_521 p521_table[64] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L },
-      { 0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L } },
-    /* 2 */
-    { { 0xb4c52f11f3d7286aL,0xec47cb5cbbf67a41L,0x89d3382eaafb10a4L,
-        0x4afd876806222b90L,0xfa16b295feb5416dL,0x0946f9d45d095b7cL,
-        0x18526b28ff975e3dL,0x259cec2fb2f1c609L,0x0000000000000104L },
-      { 0x545642a062e36127L,0xc3e4c6f71c38e6f5L,0x1d0e02c41bf9d6c4L,
-        0x8a7a6fb6483ba43dL,0x7104aee9cf390b9cL,0x4acdccdf2578e2fbL,
-        0xc17af6df73b3feb4L,0x2fb789d77977fa95L,0x00000000000001d6L } },
-    /* 3 */
-    { { 0xdae82f27eb2db12fL,0x675f5cdb25444b98L,0x3234752e78288513L,
-        0x53e37a78730f5769L,0xabad04dadcecd88dL,0x29d87958f3098a34L,
-        0x00567f1a50cb0363L,0x400b67853878a6f6L,0x0000000000000183L },
-      { 0xba3b00c422d2d58aL,0x06c351857b0e93d5L,0x78810249545fa63dL,
-        0x1d72e7923a6be922L,0xe38827919e285f6fL,0x3212ca84b33128efL,
-        0x41640a1022acf93dL,0xbf1819691f33c6e9L,0x00000000000001beL } },
-    /* 4 */
-    { { 0x0cfa67a640b0a066L,0xe97c179e8057a710L,0xb69d285227cce600L,
-        0xf7dde8c5419687d1L,0xdbcb15185d5b039eL,0x3e47772fd99abbe0L,
-        0x71c9c23ab2a9c6a0L,0x5af10b9b94496951L,0x0000000000000152L },
-      { 0x0f96137f2c91f83aL,0x1f743fa449f15b33L,0xd43b3ec0ccb4c1b1L,
-        0x895a3be3cfeea9b0L,0x27c3b4959eefee4dL,0xf1b4212712e344eeL,
-        0x023afa76ff929c1eL,0x3078097686d07325L,0x0000000000000166L } },
-    /* 5 */
-    { { 0x36005a37c7b848a0L,0xbac203eee032cc07L,0x8d20246ee4c229c4L,
-        0x13b8b0f97b7f6b06L,0x0223a119e13c7b1dL,0xa91307c053c2e32aL,
-        0xce595e9f3536fe07L,0xc2a2efbc8489551dL,0x0000000000000019L },
-      { 0xed22e7b467081afdL,0xda1c5f3c81df2676L,0x48f406480ad04de0L,
-        0x8d7720d1f7391873L,0x111178cb13448f78L,0x39087943ea49e233L,
-        0x692f712c73d8d101L,0xca20ab46f4e7e521L,0x000000000000005aL } },
-    /* 6 */
-    { { 0xfd0c67177af706c0L,0xc500416552ebdf4aL,0x332675708ff0bf03L,
-        0x3f282dddd2cdcf58L,0x93b60398bf766c2fL,0x124f1fd970748a8cL,
-        0x05422ecb20ef5badL,0x9fef00a63eafb2dcL,0x00000000000001d8L },
-      { 0xcd2d1f04e4d1ae24L,0x099afd68e44bae9aL,0x669b9ba3a4880b2aL,
-        0x5608536cab513fcbL,0xfd7de6a330d8ace2L,0xebc44b8deb95e59eL,
-        0x2302405e64969883L,0xbea96ff09b276f35L,0x00000000000001b6L } },
-    /* 7 */
-    { { 0xa7b7271a71b90b8cL,0xbdc1bcdad12ca22aL,0x52a5f2901f10a310L,
-        0xf5c070c0f420fb28L,0xdd09d3a5f099a78fL,0xaf60cbbe3914e826L,
-        0xeac320c9a914d69fL,0x78bc962dfd5ba85dL,0x00000000000001c0L },
-      { 0xf69575cebe45049dL,0x418d09354958daccL,0x142da6f236c0f076L,
-        0x51d23cfba83dfce7L,0x2df0421809714d01L,0x1260496a9ecec18dL,
-        0xb4317aa1f700b1adL,0x86174a20cd86c341L,0x000000000000016cL } },
-    /* 8 */
-    { { 0xc2453d609102b570L,0x70840e5c142c3e23L,0x7294b1f1c30037d9L,
-        0xa2500f121dbf5ab6L,0x03eceb67c9c8ee6eL,0xa19c319330820abbL,
-        0x7aad59e87da6b820L,0xe97823f8c38d842fL,0x000000000000006dL },
-      { 0xce5bb75ea7b6bb9eL,0x9090358d569c9eddL,0xa8b5ec369cd0c065L,
-        0xb2b5ac1cf81c82b8L,0x8feb364c3ffceb86L,0x355ed9ecdf4f9f7eL,
-        0x6f2efe425ce12ff4L,0xb23168780155070dL,0x0000000000000035L } },
-    /* 9 */
-    { { 0x5ba6aa8d478bab98L,0x849ddc2dbcf097c4L,0x67f6f4b274b08601L,
-        0xb15c438fe3acbdacL,0x0bcd49256ee2c337L,0xd15facb9b3085e64L,
-        0xc8e919dcf4d1b708L,0x6eed3e36e1fae449L,0x000000000000000aL },
-      { 0x5103486e84926700L,0x1c6b82b28fef959eL,0xb309fe2355b9fa8dL,
-        0xdb35d40e4b8579efL,0xad5288e08145279aL,0x92b15dbc4ba26317L,
-        0xda42d33ed9838c28L,0xd13ae9ba313a0399L,0x0000000000000047L } },
-    /* 10 */
-    { { 0xe2fa0b39d0851f6aL,0x2f7f00e5263539c6L,0x46a066b81f107130L,
-        0xe7cc14f87dbe9579L,0x61f1e5c2d0607b55L,0x539a9c4d07a4c0b8L,
-        0x9b6893829fdc8d6fL,0x684725a9847245fcL,0x0000000000000020L },
-      { 0x98dd1588d9de1e07L,0xbe9ed1154f6dc491L,0xd4605724f2b85d2bL,
-        0xf94da3ba93aa2d3fL,0x81229b618d489608L,0xb7e6a31ed9eaf52cL,
-        0x787d526dab03e098L,0xc16ee426e5b06c1bL,0x0000000000000171L } },
-    /* 11 */
-    { { 0xa732fe002dcd1035L,0x034d6ff8da1f6ee4L,0x2103d3e5097d7909L,
-        0xcc496507dfbec358L,0x27044faeef335708L,0xf685e6bffe9be99aL,
-        0x57b8c6c406aababdL,0xb8e751f6a901830cL,0x000000000000011bL },
-      { 0x87101fab8e15a6b9L,0xf5ad21a11a270874L,0x5d9a90506e900902L,
-        0x15a2f5a1d7fe9a86L,0x7ba4fb21dce37de8L,0x7751df45ff07bfb9L,
-        0x12089b6202345c0bL,0x46f675ec6a9ace86L,0x000000000000006dL } },
-    /* 12 */
-    { { 0x689a234ba08e3299L,0x941f6f05c4cf87aaL,0x3a98121b9ffdcb65L,
-        0x3252b8481623b72cL,0x65f531b5c6bae311L,0x4c5005a1c383df2cL,
-        0x13c011795826c457L,0x90ea82a2ee3b03deL,0x00000000000001d3L },
-      { 0x582b79258c0a1261L,0x859c8a11788ba98eL,0x693c1e149a3ad4f7L,
-        0xd3f4b8032d62063cL,0x6affccfa0ddc5607L,0x63a3cd821eb6c797L,
-        0xa94ce4ae6fb0c290L,0xce9479c1612cf5d1L,0x0000000000000190L } },
-    /* 13 */
-    { { 0x4ab1603c78f459e6L,0x7d9af2dc6a84373eL,0x2d2be036159a9a40L,
-        0x82371e3d509c38ecL,0x82188bf292f079b7L,0xd74b82801e82e017L,
-        0x4041778a6b59bbfaL,0x40cf824ab8d4f9a7L,0x000000000000005dL },
-      { 0xf9f79e729bc88c1eL,0x8459190a77e9ceb8L,0xdcb44b726a41a19dL,
-        0xe30dbe8ce243350bL,0xa168a6a9f3adebc1L,0x421fdb0c48e22f81L,
-        0x3cc1d22a9b601ed1L,0x226ef6f6d2b564c0L,0x0000000000000170L } },
-    /* 14 */
-    { { 0x0eedf7150a80f0b9L,0x7f78ee5beb322905L,0x15d5375783498544L,
-        0xff081204b66d249aL,0xb95434862bd0d1fcL,0x6404f1321899b952L,
-        0x1de3aa0ccdd8789cL,0x8b6f01381a7153a4L,0x00000000000001beL },
-      { 0x12d645e1fe536313L,0x14f4969e373af74bL,0xa56f032a30d498ccL,
-        0xf30e4fe50a666b8cL,0xfb42284e3fb31a5eL,0x065215a7efba6b77L,
-        0x217ca76c6fa31b46L,0x13a6f6f91fc38bfdL,0x0000000000000007L } },
-    /* 15 */
-    { { 0x5141181078303dc6L,0x93d1836de01c1d96L,0x98046c2ff50b037bL,
-        0xeb3a5b31fcd53e6cL,0x3976f8fefb2f8250L,0xd193f5369cda2685L,
-        0xc609817dd26ee74cL,0xeea2244858f903d3L,0x00000000000000e9L },
-      { 0xc4f3956b8e0c791bL,0x68cf3903875c10f4L,0x3ff4a407c1f7f0adL,
-        0x3672c4658902e832L,0xdf5d0b6796ea88b4L,0x68df74bda86075a8L,
-        0xe6d2d0675071e56eL,0x8c7fb077c7e5fcd5L,0x00000000000001f1L } },
-    /* 16 */
-    { { 0x1e2df23635210df1L,0x387b5c569aace566L,0xdd8152c9ee401323L,
-        0x56fe9ec99cac0076L,0x88ed7fc1e1a9f782L,0x6551487d681f0428L,
-        0xeaacc10197689006L,0x626bcad13b7e7fe6L,0x000000000000015eL },
-      { 0xe1b3574a7acb23caL,0xadda7c9e3636a1c2L,0xfc998cf89f3d947cL,
-        0x38ee4df41ba0511bL,0x1f40cc1403e4694bL,0xccecf4e0800fb6d9L,
-        0x021f708ae1665d06L,0x2bcd7975c492d329L,0x0000000000000063L } },
-    /* 17 */
-    { { 0x66bd9a0dcd698697L,0x0e7d8559bbbc1758L,0xe072a980ac76a88dL,
-        0x3cf9af4de2c17874L,0x85b24bc4748e97adL,0xe5522faff3f6d8eaL,
-        0x60ed43eecef45795L,0x1859fd20de38467dL,0x00000000000001d7L },
-      { 0xe62c76b958e8181cL,0x3731bcc7fee454edL,0x2cb0b570ee89f8f5L,
-        0x0a38b9539a262283L,0x46887e748c19a774L,0x1dbea5dae80adab4L,
-        0x09fb720cb1f75c90L,0x91e0b746e723e278L,0x00000000000001c5L } },
-    /* 18 */
-    { { 0x6fa722771bac59f3L,0x72358865520791adL,0x8da1c8c4e32463d8L,
-        0xe0e75863d41001a5L,0xcea164f748e602dbL,0x93cb5f21cc294cfeL,
-        0x28a3168a941cbefaL,0x018fff3bab807177L,0x00000000000001e0L },
-      { 0x3da709346a145377L,0x1fb17f7fd16e2b7cL,0xef6432fcc0469077L,
-        0x62a59a97d6660f5eL,0x8ddc75505e2a0275L,0x2e65b1f75b88dce7L,
-        0x0f4283da066f2c44L,0x561b9e15ce4b84a2L,0x00000000000000ceL } },
-    /* 19 */
-    { { 0x728e1148bdbc363aL,0xdfbf9e0bf7a1bbabL,0xd6fcfc8fa2e12868L,
-        0x3969e7e50a19fe81L,0xf104d3bef512cd5eL,0x9879c459810da8f5L,
-        0xad31c365924bf3a3L,0xb2e2d4914d4fb575L,0x0000000000000151L },
-      { 0x330d4d1d79410972L,0x7e6ef2a0ba1831bbL,0xa18cc9af4f4d5b93L,
-        0x29d8de68069c9948L,0xb8bc009db5e104a0L,0x4237d3728d929561L,
-        0xa126a4e8a2274babL,0x85ba9fcba99c454fL,0x00000000000000cbL } },
-    /* 20 */
-    { { 0x954376cee18bd1d3L,0x350613fc9c8e4d95L,0xa60d595673323968L,
-        0x4f6ac836a044cdbcL,0xf38d747b881b8e40L,0x79f7faf00426afe2L,
-        0xf6e7403d2ae12787L,0x721445a6726ae667L,0x0000000000000141L },
-      { 0x9e0d2f66306787cbL,0xe2e3c834fce146f5L,0x4b62143f2fdbe2b4L,
-        0x19dab7745acb5238L,0xee46bfcd7e138359L,0x29dbfa6675966b0fL,
-        0xcde19c032d601936L,0xf7daf7b4f2aa4f6fL,0x000000000000019cL } },
-    /* 21 */
-    { { 0x55a5e8f4641b7e08L,0xe1e589f3caa920f7L,0x07b90ad9abfced83L,
-        0x05ff78cd7c466f08L,0x2020ab945a71ab69L,0xd3ad1f5787ee2ec2L,
-        0x078ba17efb3d4c91L,0xcf3753ba8607cf69L,0x0000000000000138L },
-      { 0xb5e391e2b9b22600L,0xd20b3d088454c979L,0x4c9945642f77a85dL,
-        0x972896db1f169687L,0xd3554fa2ff8d2b83L,0x57123d99bd48e671L,
-        0x1266b6b9da59843fL,0x633ff4df9241786dL,0x000000000000011fL } },
-    /* 22 */
-    { { 0x071492bba1e06f89L,0x6f3f72de734cc62aL,0xb50a11309d477637L,
-        0x5f6b0546a5ce54f0L,0xc1cde769698626edL,0xe43af79564ade3d0L,
-        0x3067161797a20d2bL,0xdf5821678c48495bL,0x0000000000000129L },
-      { 0x544a65284790d91fL,0xf71c90983f2924bdL,0xd5adb1d63e5c39e1L,
-        0xeba20528d8cacd81L,0xac72518ac728e735L,0x789a0bdf565cc9a0L,
-        0x4b320c80c922bce2L,0x99b26c84e458f8adL,0x0000000000000138L } },
-    /* 23 */
-    { { 0x2fdf67bf4f6f867eL,0x56f6ea005f1e2bf2L,0xa7d7c0d8896ab990L,
-        0x589102a023329acbL,0xbb8b6a64156a7f42L,0xfbb556a95882578aL,
-        0xa82481cc609250ddL,0x573e51d9daad3d36L,0x000000000000005dL },
-      { 0x7e2ede0bb08ffeecL,0xa37176acefbed279L,0x5acafeac0b72e855L,
-        0x4c7c3ce3fcc75badL,0x2fc0939bb9a704a1L,0x6bf0c5328e4b4841L,
-        0x5b72f1f2c10742b0L,0xaa62d2889c54371eL,0x00000000000001c1L } },
-    /* 24 */
-    { { 0xd3a8c547c7d40b83L,0xd9fd110285002a83L,0x4bd9516c97f61840L,
-        0x8c628537448c4851L,0x5cae5aa1c90925adL,0x356195c572319740L,
-        0x8cb6e19ba2b5be38L,0x68626a4b6d9c8c33L,0x00000000000001c5L },
-      { 0xa0c846a9ed58b48cL,0xebe6013ae2590d05L,0x60c5d677da2fc481L,
-        0xb6a0897b9252e895L,0xb84595be218bf72dL,0xf1c527960dd1b9b1L,
-        0x3f1583a86d38442aL,0xcda593dec4de5fdfL,0x000000000000010aL } },
-    /* 25 */
-    { { 0xdb0fa258898a19c2L,0x26346630974ccc01L,0x135ec9db1f1e6a83L,
-        0x9bac9c9bff494d1bL,0x78d21ad4f24be4d7L,0x3249c89f61e8dacdL,
-        0x528df6852df2cb51L,0x4f0ec6792ccdc5b7L,0x00000000000001dbL },
-      { 0x789f22f80f551d73L,0x42ec3257e7ba5676L,0x3f52c4094cc69a65L,
-        0xafdd277df46f1eb6L,0xaead8379ec161194L,0xdc657d191f924e46L,
-        0xe43263451578ff09L,0x4750da5878d091bfL,0x0000000000000173L } },
-    /* 26 */
-    { { 0xdf886f2283fe19b9L,0x740586885dba4f8eL,0x3c04af37a13f8dc7L,
-        0x21771e2b3b99dcbcL,0x1e77950d55c5b6a7L,0x20a6975b1b1338e1L,
-        0x4956e06bd276d114L,0x56686808b0d3b14cL,0x000000000000016cL },
-      { 0x08f3f2a25182063fL,0xdea422b775992149L,0x845260b0d5cd158cL,
-        0x6e0768e07c353c5aL,0x5718a1c23afa81caL,0x522f094d3ca2a17cL,
-        0x96a361f77d93ebfdL,0x75c32db595c76942L,0x0000000000000095L } },
-    /* 27 */
-    { { 0x953bb441f640de23L,0x5d35f0a9e1e08dc6L,0x323a1bcc7bbad4e6L,
-        0x4dc31447742e5ad0L,0xca0e8e15068bf07dL,0xfc317d5097ebd2b5L,
-        0xf5447997db4c9342L,0xf98a3ac80ba0a29cL,0x0000000000000061L },
-      { 0x4ccb1f249e925079L,0x97af5a3dc5c916d3L,0x7ef650a8e497e318L,
-        0x0d49927842975745L,0xcf328ffb2462eba5L,0x8ee8e88f6e360cf3L,
-        0xe15c3f8dc77cd3c2L,0x5ab87910736a646aL,0x00000000000001cbL } },
-    /* 28 */
-    { { 0xa2d5fdb981e3d610L,0x0127b05c456ddf1cL,0x29e247d9bd5bd8a4L,
-        0x5758d126f5959d68L,0x9b0fb7fb2b28eb19L,0x1d8aa23a1d312140L,
-        0xf8b9e467281b4d2cL,0xea57464cda959b8fL,0x0000000000000028L },
-      { 0x8e118540a87d4633L,0x3af88a0815200b8cL,0xca1806b488f790e1L,
-        0x605032a919cd9554L,0xf671627867d0cefdL,0xb58e8671d1676085L,
-        0x51098dc308decf4cL,0x5a6cb932a50e312dL,0x00000000000001fbL } },
-    /* 29 */
-    { { 0xa15c4a20a5eff951L,0x1baa735b49f4f32fL,0xab53ad000feaf2c6L,
-        0x354c2bc4ed66b803L,0x587fd2379ac12f3aL,0x3837c9643881a729L,
-        0x1d8bd95b9f6c3bbeL,0x237ed2d808d914b6L,0x000000000000001cL },
-      { 0xcde7b0d13de67115L,0xe645422dec23815bL,0x286703896b445b51L,
-        0x11be335a80ae2784L,0x9185d3df1a64b6e3L,0xa0ccbdd0ba228c67L,
-        0x6bc79dff3a013cf7L,0x229f4e59b464c70cL,0x0000000000000185L } },
-    /* 30 */
-    { { 0x3f621de51cf1a11fL,0x18b004fd0658152dL,0x1bc8a9455df479b5L,
-        0x901719473da586acL,0x06fe325baa2f052fL,0x4a2fc982b6323a69L,
-        0xa975e8bcd4f0b34cL,0xfe3f271914ed1d56L,0x000000000000001fL },
-      { 0xeb6045d192f826d9L,0xbd7c962e5facf02fL,0x87a5cfbd35fa1278L,
-        0xfd1ff1cbdeda7159L,0x1b0f6638a1287202L,0x861e7cbae1fcd5deL,
-        0x33709b6bb9822a98L,0x171b15ba8b2ae55dL,0x0000000000000130L } },
-    /* 31 */
-    { { 0xb7f2a894410a34a1L,0xca6d4597f0e4d4f6L,0x84c4a0fe6d4d1f8fL,
-        0x42d465bb405c281dL,0x44893a203587a898L,0xc0d0d12dab4ffdd6L,
-        0xd5f85269fc00e886L,0xd93f9cdce1999ae1L,0x0000000000000199L },
-      { 0xa9d573cad9980812L,0x87d7913ea7e02cb9L,0xb772f40954b00468L,
-        0x207850e8cc28eec8L,0x772468db7603910dL,0xb5d3125db256e07aL,
-        0xbeb567df8b59420dL,0xb3467a5331e5ccd1L,0x00000000000001daL } },
-    /* 32 */
-    { { 0x3a44dde085f45eddL,0xc543bb6498309156L,0x82d1ce827597d0d0L,
-        0xb2dc0f228106ca3eL,0x66f394472c3a313aL,0xd8f6fcdaa6cf2e03L,
-        0xed6e0e279e6bf40bL,0x7dcd3a305b9a41afL,0x0000000000000095L },
-      { 0x0a870cec12be5b78L,0x912c21c51406e140L,0x977417fdd5e13ca1L,
-        0x9edbae8ab9e21e28L,0x9fce45ea13b2f069L,0x25bd760b84f3cbf2L,
-        0x29e0c3ce2489fd01L,0xe16d31c1ec62a766L,0x0000000000000061L } },
-    /* 33 */
-    { { 0xaff40f1bb5598dccL,0xef04d8e02cd12fd9L,0xc97ea3b0bad7f4acL,
-        0x336776a6565108cdL,0x71d9d056fe63178cL,0x31a7c54714c3f6aaL,
-        0x5da757a2f6804c72L,0x7b3ee12ff87bb311L,0x00000000000001faL },
-      { 0x30df907b6bf9f426L,0xca534ca162ef821fL,0x540f8dba017699e6L,
-        0x7cddfe567358f4afL,0x5bc334a1e8f9cef6L,0x427fd83d6adc5f09L,
-        0x2fd7c1b8b851f4c2L,0x234d1bd4d1587daeL,0x00000000000000d3L } },
-    /* 34 */
-    { { 0xffef7d4f0399f8ccL,0x1e2708d99da4c3faL,0x5792ebd0a9474303L,
-        0x21aa73f56812a436L,0xf61f60fbc052973dL,0x7061be89fc874833L,
-        0xe65c7ebe2638329dL,0xe728d78b032852d9L,0x00000000000001e5L },
-      { 0xb633df4e27c9f6a6L,0xdea08843cc406457L,0x75f688183cb011bcL,
-        0x234d1b4ad5603044L,0x2a156ae5b6a4d089L,0x9021af3b95e9f0f1L,
-        0x90e987df968be7d3L,0x0821a4d3781ef8abL,0x0000000000000027L } },
-    /* 35 */
-    { { 0x94de21d800df95b9L,0x5d5301b2c33c47f7L,0xf271cabd2343171eL,
-        0xbe5441dc4f0fba70L,0x11183253702639d6L,0x01e0573a97074632L,
-        0x268025dfce4f92d6L,0x47d14b05039a6f5bL,0x000000000000015dL },
-      { 0x2051179030720125L,0xee2db45c6541fb74L,0x07bbcc41aacdcd66L,
-        0xffa2e9630a08ced4L,0x819b5b7a7f21a83dL,0x5f857f0a44896b10L,
-        0x6126655c197cde7dL,0x81d0f14a2962acd7L,0x0000000000000138L } },
-    /* 36 */
-    { { 0x0b7a0b9ebb82fc5dL,0x7f2e7af14ff667a2L,0x5cc3df3907a17aecL,
-        0x91465af2398fb92aL,0x785b749098cf002eL,0xfe22218f7380cfb0L,
-        0x32bd17997f4f03a8L,0x1c78bd791209f39aL,0x00000000000000e4L },
-      { 0x90389734e8b69225L,0x26dc02b5fc69c2f9L,0x37eeea93ff349339L,
-        0x642556bfc05ec9e4L,0xaa5744b64bd93ef1L,0xc29f3c91bfe9d602L,
-        0x399cbf01aea4f871L,0xc02b2b1cf485b047L,0x00000000000000beL } },
-    /* 37 */
-    { { 0x5658a9eb87400032L,0xb3513556ff0b51afL,0x99ecda719408ac7bL,
-        0x5e8d8b317bc54d5fL,0x8f178f9e3ef10515L,0xfc49ad94624b9cf0L,
-        0x344433fd8fc6c90fL,0x0df7be427f17965fL,0x00000000000000d4L },
-      { 0x47918d08133929fbL,0xd6cf0aa92ff979f6L,0xad55ab19a37a87abL,
-        0x9e9d1956c5010be8L,0x8c0bd3ea3b82de19L,0x6c87820ff3c76b65L,
-        0x70499d39f2232ed8L,0x70dab0ee7aafde31L,0x0000000000000163L } },
-    /* 38 */
-    { { 0x5ba4b10081d6751dL,0xeb0319dcb96a5495L,0x56407c25654729d3L,
-        0x3de520199330d3fcL,0xb3f8a00e28998bc4L,0xeeea220977ddd518L,
-        0xc1429a49cb758f5eL,0xa86982a271834361L,0x0000000000000040L },
-      { 0x7472fd7ac36a0150L,0xfb61ab940138d406L,0x0cef5dd5b30829f5L,
-        0xa8ea3257aef599f4L,0x593011df7fa063bcL,0xea4c19ced774cb2cL,
-        0xad0eeee6b85e8883L,0xb5ef126b2aba018bL,0x000000000000014dL } },
-    /* 39 */
-    { { 0xebc08efd502a4e76L,0x4589d863767c0f52L,0xcf85eef44eb92decL,
-        0x0b59aa5d965c95c1L,0x60945a8e68d2dbcaL,0xc94cb99f77bf02d9L,
-        0x6cc41e81cfc0dc2dL,0x7264e2dc8637cc2bL,0x00000000000000d5L },
-      { 0x28989d2059b1302cL,0xba90dc20f89d0c77L,0xa29e9c3ee7f4a0b1L,
-        0x332ecd54b0a225b5L,0x38a3b080b042d9eaL,0x6d27ff408d9dfe9fL,
-        0x146f8b3a88a69d3aL,0x634fb13f1fee39b6L,0x0000000000000031L } },
-    /* 40 */
-    { { 0x2cd49af1f76d4173L,0x269b00cea89acef1L,0xb60e2977a015990bL,
-        0xbe86499685f72cefL,0x4e23b9db4d5b0156L,0xfa92c71c6bb926baL,
-        0xf4a8ff2fe2f815b2L,0x543eee4aa5cd2e72L,0x000000000000003aL },
-      { 0x9cf75fb5ecb67b4bL,0x0132019091a51dbcL,0x0557fcd377225c2bL,
-        0xe2e69807eec94860L,0x58ccae9fe6c35624L,0xeca667a6e8c2ff7cL,
-        0xf6939f23a37b64a3L,0x2eaabbb70d225b40L,0x00000000000001e7L } },
-    /* 41 */
-    { { 0x036735d2ff9ed76dL,0x8653e8e35d154fcaL,0x6811cba29824f792L,
-        0x96a3c594e1252e06L,0xb02543e7ba6e82e0L,0x5435187349b46518L,
-        0xb7c14c8662bc5b59L,0x6535a2bba295f29bL,0x00000000000000bfL },
-      { 0xd8b41e4bb0625972L,0x1063ba69b0ce550dL,0x64687d34db86696eL,
-        0xba2b364455ca06daL,0xa4699ecd3dc4d46cL,0x9f40e631bfe4443fL,
-        0x0e97fbe375fa4f7eL,0xd026b0481cbdc008L,0x00000000000001d2L } },
-    /* 42 */
-    { { 0x042191fad75cf083L,0xaffc08409bd72c49L,0x8f5b9e3f67faf055L,
-        0xa99fa2dfc9794f77L,0x1ccbe885a9ef6764L,0x5fd1e3d66880eb3cL,
-        0xbef622be06fd7bfaL,0x80d418fe9b10c7f8L,0x00000000000001a9L },
-      { 0x6637732018148fceL,0x9655f8b345c2a46fL,0xdc2952408caf763dL,
-        0x4313d4b72816a721L,0x6ff4aa0a50da95edL,0x66cbcad2d4f9e551L,
-        0x0ff11d35e6993438L,0x93dab445b9a4f5f1L,0x00000000000000b4L } },
-    /* 43 */
-    { { 0x8e846df2fa327b1cL,0x6755220d1d0321a0L,0xbacbc29c0342f918L,
-        0xbe6f119dd996a1f8L,0x11c02d40eb5740ffL,0x28a8232f4fbb962fL,
-        0x066250a52185293aL,0xf9220c87cf927dc9L,0x00000000000001c9L },
-      { 0xd59cdf5b32a50e5aL,0xa13035882c379627L,0x0894c6ebff69b440L,
-        0x881458aaad6055c9L,0x27d9a7d5b2f2ff3cL,0x15f33160d254ae2dL,
-        0x6e8342f1e38392bbL,0x7d7f4576b7c8d249L,0x0000000000000104L } },
-    /* 44 */
-    { { 0xd63c86d1774512bfL,0x1524c2d8624719e4L,0x2f7568d486d00e48L,
-        0x02140d74cb9cf033L,0x3fff92dd0cae0cceL,0x7ec6068613941889L,
-        0x791633ac5b8bf2b0L,0x43c98854ca54ea3dL,0x0000000000000027L },
-      { 0x15a79b14e40eb5e3L,0xccbbb5c75eeb2285L,0xc67c8dff5686232dL,
-        0x8b45a2c1a83196efL,0xa274bf939b2acfb3L,0x35c2b5486e56b741L,
-        0xc93963b24c1f5672L,0xbe9d6f8edf0e741bL,0x00000000000001caL } },
-    /* 45 */
-    { { 0xc8bc017afba4114aL,0x8e2791028d7327cdL,0xb95bfa6bddf662a4L,
-        0xd828f02c44a2caefL,0xc6504c42a27af13cL,0x67f79cab503e832dL,
-        0x42da6976cb78ed1dL,0xda6e4727431e01dbL,0x0000000000000094L },
-      { 0x44d5bd3eb9544fd3L,0x329d747f694035c9L,0x104d2b68676f065aL,
-        0xc8e81e7cfc4165c6L,0x4cdad2fdaf3779f2L,0xa3e4a4625669a833L,
-        0xa281178a21737142L,0x86f7afb87b8f5514L,0x00000000000001aaL } },
-    /* 46 */
-    { { 0x407a70134deacc7cL,0xa2540e3c94faf272L,0x4246beb934b43fa8L,
-        0x157b03f43ba9f184L,0xf7898d60b939ba99L,0x0f7e245e3a5f62b4L,
-        0x2db5a341eaf7a575L,0xd3adea091278c0f7L,0x00000000000000d2L },
-      { 0x2cba440ada687094L,0x3b478947767e75d2L,0x07c7de48078f23a0L,
-        0xca6d86d8d7252108L,0x5fd954fc6a7fbe1aL,0x4d552bbec9a2a901L,
-        0x71ab270159e75804L,0x294298fa5413091cL,0x0000000000000149L } },
-    /* 47 */
-    { { 0x6e60bc8cbebdd14bL,0xfe195cae8c57a662L,0x41e77bd8d9e4437aL,
-        0x20fc2e7c85e4b9edL,0x97be566d2a012e02L,0x433786ae9b250c6aL,
-        0x9eb76699cbb3224aL,0xf727091bf090f756L,0x00000000000000c8L },
-      { 0x31496439ef08161cL,0x265407a997e3a008L,0x2088210700e2ffcdL,
-        0x27426c055359fd16L,0x03e836825c39f78fL,0x380743a8e2a8832eL,
-        0x8739d8ed792bafe6L,0x6cef07c47a912015L,0x0000000000000128L } },
-    /* 48 */
-    { { 0xf29780090fd83accL,0x247593df630645dbL,0x171e6b9f9e2db252L,
-        0x3a6342a3c30aec58L,0x23524040fdd7151cL,0x2589b6988b15fee7L,
-        0xca588f0a17dca917L,0xb2cf2fe7677cad49L,0x00000000000001dcL },
-      { 0x14332d38c8573626L,0xd4fe66fd4adedd4dL,0xc5d8f397bb83b706L,
-        0x00aacee43aa8a4c9L,0xe90383ff107c81a9L,0x6cf1fb2f18abdf47L,
-        0x9bf5444df17c55baL,0x8251ec253659322aL,0x00000000000001deL } },
-    /* 49 */
-    { { 0x5a0e940caa2f106aL,0x7c55eb23418781b7L,0xcc6cebb679cc53b8L,
-        0x7f6f64fc9d7377f4L,0x1571161c6de3403cL,0xd7a52f1cff1bf45aL,
-        0xaf938df4110b0e06L,0x9bf219246f64c558L,0x000000000000001cL },
-      { 0xe15e4f0ea5afb352L,0x9ff6c56df2ca770fL,0xe0e86c68338e1890L,
-        0x96907f1990808bfcL,0xd0d47de2686b805bL,0x2fbfcb72b367c12aL,
-        0x800a58141dd3d54fL,0x2f4b07b398657a79L,0x00000000000001f3L } },
-    /* 50 */
-    { { 0x3340fb54f31cb1daL,0xc1e88317e1752360L,0x183ae7f8121667b1L,
-        0x1f271fa2bfd7bae9L,0xb31175b92b745d3dL,0x22250cc540b13e3eL,
-        0x63aabbb70d01026fL,0xab63c0f1b428cd91L,0x0000000000000018L },
-      { 0x7435eaf9988d425aL,0xf9f323c7fcc441f4L,0x8de16b8c3e4de08eL,
-        0x2e603853e495b0f0L,0x204602204b3f0024L,0x8aff3f40b43cdb09L,
-        0x409df7af4d00e185L,0xc681d091f1637f16L,0x000000000000019fL } },
-    /* 51 */
-    { { 0x0801a2cf5f0f872aL,0x67a587356ec8c90cL,0xf21e24aba0913e94L,
-        0x985fc1703502bcb9L,0x8552800450a05926L,0x65918c8f426e56f8L,
-        0x382414dea5cba2acL,0xc3e7a7e62874cb00L,0x000000000000005fL },
-      { 0x96630e9e8fa87335L,0xdcf938c1c7771bc8L,0xc4f3d77aa8cf3cd8L,
-        0x931ae9adc99a5fddL,0xa89581d55e2bcffcL,0xd0c7c71f29758819L,
-        0x4ef995634d5aa9d8L,0xc6de91cd8f04cdebL,0x0000000000000171L } },
-    /* 52 */
-    { { 0x24b42a1c35c6448eL,0x129a536e1f4e7b86L,0x7ca12db87e48d8f6L,
-        0xa827acf3587d6577L,0xfc62bf4bb1cce77eL,0x702ee5800f45a823L,
-        0xb4989843cc7a73a3L,0x3d49a2326c0afb5bL,0x00000000000000a6L },
-      { 0x7055c61255086dc5L,0x0622af5a3cf49868L,0x113dc4cbe695b064L,
-        0x65b33365479ff727L,0x156ab542336bc622L,0xf5a2ef703014770dL,
-        0x486f74556ded88eeL,0xbb4619488c8a7452L,0x000000000000005aL } },
-    /* 53 */
-    { { 0xea6e991125fdd488L,0x4ea556fb3d0183b0L,0xe8cfd7c274dc3ac2L,
-        0xe20307a3ddf1bd8fL,0xfc6684582ee9be7bL,0x64a60b7937782071L,
-        0x612fc9c865acf2e3L,0xcbb8c60c0de59326L,0x000000000000009cL },
-      { 0x250e6112195cad69L,0x81cd7e491f0b4f39L,0x9b6808db61302e46L,
-        0xe569c108b3af7841L,0x34d86f57c15d5fc4L,0xb3e586fdf76ad338L,
-        0x6de8477b70bd63a8L,0xa52b119d7ec86218L,0x00000000000000b6L } },
-    /* 54 */
-    { { 0xe51f8aca27806255L,0xcb4da51a101b2dbcL,0x27b8a0dfe08b3553L,
-        0x6e2a0d066ad56ac8L,0xa751cbedec44486dL,0xf574538ec5b2ae67L,
-        0x64e1e3c3827536e2L,0x652fa060707a8b39L,0x0000000000000170L },
-      { 0xe17a85d7684c6e53L,0xc957477272d0d747L,0xf892866558d12edbL,
-        0x7fb212c8c815db67L,0x44b676eff3e66186L,0x15b57bb3998ef4d3L,
-        0xb71f3b8e815c5036L,0x3fe9796573bcb190L,0x0000000000000162L } },
-    /* 55 */
-    { { 0x5c7f569ad5fd84e2L,0xf84d6e126fa4bb7cL,0x7b74629c82a1081dL,
-        0x7935151d0522589eL,0x94fb78055ccf889aL,0xec677309792f6bacL,
-        0x42fbece8d880a0d8L,0xd97b4881b70be7f5L,0x00000000000000e3L },
-      { 0x85d79261eda953e8L,0x35894e9b5dd94926L,0x95c1cbc99aeb12b8L,
-        0x017029fe1695dc35L,0x36e2b978d6b13364L,0xb86b7afdc388ce34L,
-        0x2d25b1af1e501e40L,0xf9127abdd5d7e7c1L,0x0000000000000031L } },
-    /* 56 */
-    { { 0xa18a458f1bb9a390L,0x916fc4b62062e5d6L,0x7040176be16db823L,
-        0x25de966301177efeL,0x2b679ddeb778335cL,0x6ecf1689862622ebL,
-        0xa191ffb5cb8a74ebL,0x4cc26680019ff743L,0x0000000000000047L },
-      { 0xfa5b847e047d9854L,0x6151153b6527d4d7L,0xf72721185bdda4c9L,
-        0xdde383c5f17c7e63L,0xc44040392a82edb4L,0xd1355d9781853b97L,
-        0xcb503386b211c3b0L,0x0f9dbd602c17c154L,0x0000000000000107L } },
-    /* 57 */
-    { { 0xc8cd8f5d80a2aa22L,0xb73c67a164793948L,0x55abac7fff49c73dL,
-        0xb5bc3df0833e5481L,0xf6ab8a42384a9287L,0xbea5929eee4f0be7L,
-        0x2e6bf0f29619ddbaL,0x224ce58ab2ddfcbeL,0x00000000000001d4L },
-      { 0x12f87e99ac4906b7L,0xe752f6ea5101c876L,0xa32a9b1f2b668943L,
-        0x9e6e6c2b07950fdfL,0x72a31f91bbb4c324L,0x2e799c7b28546e5fL,
-        0x7183a2daa6ff4503L,0xe2cb8237178fdeebL,0x0000000000000030L } },
-    /* 58 */
-    { { 0x140767d0bcd89552L,0x31548634f10fdf7fL,0x2c4cdccc210355fcL,
-        0x4929888955704a76L,0x7102e8820f1d3e5eL,0x4afc588292691f55L,
-        0x4cff09ede9e34260L,0x49d3a32932cd76ccL,0x0000000000000063L },
-      { 0x6adbd32efbdc0c1eL,0xe3fe998b0ebefe86L,0x78099d79bc2a7085L,
-        0x333c30095adeab44L,0x45e4d96f07ae4b5fL,0x4bd1f0d29de88636L,
-        0x8c7e69d7bf2020a9L,0x126a5886c3c5a340L,0x0000000000000000L } },
-    /* 59 */
-    { { 0xaed91dc9263f94d8L,0x40f3c1cd20289709L,0x74dc1e9b60b5c995L,
-        0xf08cb2a07d5bb95bL,0xbb6d3339e642d133L,0x3c3e5d14d2fcc05dL,
-        0xcf159316403e4a78L,0xd84be52727c124faL,0x00000000000000d4L },
-      { 0xbb2246c1bcd8501dL,0x86d450b3a1600eadL,0x6f5a476db626b180L,
-        0x01f4b93e3511ac45L,0xd813396bbbfa9758L,0xc69b8e7512347b15L,
-        0x108defb629cd9e2cL,0x4778bb2725e9ac47L,0x000000000000012fL } },
-    /* 60 */
-    { { 0x140ce283ea9f1213L,0x2326ce38af8d7bc8L,0x90d21012914ac8b5L,
-        0x0b07cea5e255c0e1L,0x93cc5e972dcccb43L,0xb89b14f2ee9885efL,
-        0xa35afc40dc56967cL,0x8125d749ee2e3671L,0x0000000000000101L },
-      { 0x1855e97a55902052L,0x8a572e69e6f0db6cL,0xb1bb6014fcfa3f3cL,
-        0xe77eb435f5b2440bL,0x9045dd302df3f74aL,0x7853068b590ee6e0L,
-        0x5714e1f03b9ddec5L,0x9810d77586086f6bL,0x0000000000000008L } },
-    /* 61 */
-    { { 0x66e566e3d3a87a30L,0x325081762cc44c2fL,0xdcaf7c52b80871eeL,
-        0xdad02ffbdd245945L,0xb9e691ace956cdb7L,0xdfefe49fc62064e5L,
-        0xc322f6978c8f2c6dL,0x68a5d7a8aa88f4acL,0x00000000000000deL },
-      { 0xee5555b183ae6c21L,0x895c837c478467b0L,0xe6b06030dd4d105bL,
-        0x9d9f32247636a759L,0x68132ea4fb8142ddL,0x6109a099ff919487L,
-        0x775c37af76a1835dL,0x4279a9c48604a81eL,0x0000000000000093L } },
-    /* 62 */
-    { { 0xb72859988df31c84L,0x0489bf6fcf37c1c3L,0x4ccd18d9e4c102d7L,
-        0x8b1d6c45ac3e23c9L,0x7b7d259a5744d781L,0xa0033649b4778129L,
-        0x5c7414d99fbf3e2cL,0xfa78a7fe20774c25L,0x0000000000000043L },
-      { 0x9b46685f8e69fd50L,0x2632cf3c3e47d4deL,0x44fd8f9f0238fed0L,
-        0x2fbc3f42e03f169dL,0x0c9df28eb7dcd132L,0x5deae7cc3d18592aL,
-        0x3034fb93406adf0bL,0xbf5a3a75ae059280L,0x000000000000010aL } },
-    /* 63 */
-    { { 0x272883fb34c28cb6L,0x22b00e9e5e7d03a4L,0x23bbacb97f4602a2L,
-        0x27564d96c248ed06L,0x9b7e1ce6d1c5b544L,0xb3d77b2d71182e92L,
-        0xb18e78aade9d46abL,0xde48d9e12e69d74dL,0x00000000000001fbL },
-      { 0x8de62222099effafL,0x2212621b1328146cL,0x05f3c0b003677fccL,
-        0xf43e4825fb0fc3c0L,0x94d3b33698536e0bL,0x22c1cca4225481ebL,
-        0x2b8668dfa9fcbaf5L,0x51e858f2c30e9271L,0x00000000000001e9L } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^86, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_9(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 66 between points.
- */
-static const sp_table_entry_521 p521_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L },
-      { 0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L } },
-    /* 2 */
-    { { 0x803986670f0ccb51L,0xb87e1d013654974aL,0x7f58cf21b2b29ed9L,
-        0x06c0e9aaa3add337L,0xf13b35d0e9d08ffbL,0xdd8bf44c96761627L,
-        0xa4a18c14758a3ef4L,0x96a576dda0043adbL,0x000000000000013eL },
-      { 0x2bde24f8632d95a3L,0x79f15ef14c524829L,0xaadd863e9bdaba19L,
-        0xdde053f4a962b707L,0xc598a2de14258d98L,0x9fa5a19d061c235cL,
-        0x0ed46510e8ffd32cL,0x2aea9dd1ef78ceacL,0x0000000000000185L } },
-    /* 3 */
-    { { 0xd0a91dd8eaaf1fe3L,0x0db386624400b52bL,0xff6a06a921abf0d2L,
-        0x9412879aa768c940L,0xf3791abc9a1eec37L,0xc913fbe62738343cL,
-        0x728b42abe222abc1L,0x874c0a862b9ef313L,0x0000000000000157L },
-      { 0x0ac8f184e6f03d49L,0xa9c357e41e48be03L,0x02ce5ef3815cbdefL,
-        0x7a41c7ab5fd8dc3cL,0x4bef67c9faeb109dL,0x2f98cca1a84f4d38L,
-        0x7e03d47d672f0aaeL,0x24b1ab581d58968bL,0x0000000000000007L } },
-    /* 4 */
-    { { 0x904f2d4bdf9314e0L,0xdaae850de7a00aacL,0x79231083582efb03L,
-        0x80f1c283ec7fe6d2L,0x2d5b3996199d74a8L,0x5f120b9b395007e7L,
-        0x30d237734773f03eL,0xf4c192733b78b686L,0x0000000000000121L },
-      { 0xf103ff6dfa8b51f0L,0xae7afb5140e2bdf0L,0x1130380e83254171L,
-        0xe83501b8cda10d95L,0x1057771e4f3a8c01L,0x8f52196aac807069L,
-        0x3609b0aaa5623821L,0x8c25790694a0a7f1L,0x00000000000001dbL } },
-    /* 5 */
-    { { 0x300370ccb2c0958dL,0x89aef16669a7b387L,0x2792f3cf480c9b38L,
-        0x0b2984f2fab3e149L,0x9751e43650748967L,0x9cab99d5ad33db2aL,
-        0x4d945d32b44a4daaL,0xa26cca5216c77325L,0x000000000000000aL },
-      { 0xcdbe1d41f9e66d18L,0x80aeef96aa117e7aL,0x053214a2ddb0d24bL,
-        0x6dcfb2275c98b7bfL,0x613e7436dfd3c848L,0x6e703fa13ca4d52cL,
-        0x0c8e297718551e64L,0xf5e90eacbfa8527dL,0x00000000000001c6L } },
-    /* 6 */
-    { { 0xa2c2f1e74ab2d58fL,0xc1bbf82c2a097802L,0x6583eb24770bb76aL,
-        0x8e4ed9ed5667f7bdL,0xd8c01d86fd96897eL,0x66395a133fbe0f15L,
-        0x51e4f39dd99cdcb1L,0xde08424a720deb25L,0x0000000000000082L },
-      { 0x97aa53b260ea91afL,0xa4384af77a31dfddL,0xcd82f2395cd09bbeL,
-        0x997c19daf30058e1L,0x443b60c6e5c78e97L,0xfaae9b5f575b1845L,
-        0x5ce86f3308c2ce16L,0x983ce58f4f63fa86L,0x0000000000000073L } },
-    /* 7 */
-    { { 0xaee931318217609dL,0x7f8a9dd42412fc00L,0xe117e64c286c6329L,
-        0xcc3782d67bf1c65eL,0xe8c144db8d03eee5L,0x01acacb29ab93799L,
-        0x215eb1b5b07784c7L,0x2c409fa81affcd87L,0x00000000000000f8L },
-      { 0x007d3766378139a4L,0xc6d969ebb55bea93L,0xc7c60d6f68c8bc9dL,
-        0x844e84615f93f242L,0x8461ca2a741717d9L,0x8e930e79f0bf120eL,
-        0xe1554a026b5699d7L,0xe69c77026a4fb6deL,0x000000000000007dL } },
-    /* 8 */
-    { { 0x61b51bb04bee80d7L,0x0e1f6a1f7692de69L,0x8379e46ca0ebc3bdL,
-        0x1c0bffa7930644f0L,0x97c67b87390db077L,0x095c33e1fada1ce9L,
-        0x3c500addac54b512L,0xc231d360d3118656L,0x00000000000000b0L },
-      { 0x0628929839bcab2fL,0xc0c0678064dd220aL,0x062f6084763dc2a0L,
-        0x88e9da731938c3e3L,0x69be8f2d52e46eb9L,0xe55c8d2d6a5de0fdL,
-        0xf3a3fd63db2c0e26L,0x899c6d9f1e4bff57L,0x000000000000014aL } },
-    /* 9 */
-    { { 0x9ff6e3a1ec05ce88L,0xf8fc2496b6afd202L,0x0b9d20776fbeb007L,
-        0xb50ec0bdeebded40L,0xaef97742693700f7L,0x806e37a13f7b030eL,
-        0x5cf17d171b901f77L,0x9036e5dfca95ae0fL,0x0000000000000159L },
-      { 0x00af64b5000e8e0cL,0xd3f2ae0406fb4df9L,0x5f61da67449f23baL,
-        0x0ca91842255b25a9L,0xfa6af3e68e33c650L,0x14373c00c2c027c1L,
-        0x99f3cda1972840a5L,0x98c62b79d0e84240L,0x00000000000000e7L } },
-    /* 10 */
-    { { 0xe8c7c4a8ae4d0f28L,0x3a8a55ef566d006eL,0x37985f65066e4023L,
-        0x8deccab55d321b76L,0x38b966d6b8351b07L,0x2e889e5357d548abL,
-        0x7a9e8e2fe631ab0bL,0x45c60f95e75c537bL,0x0000000000000059L },
-      { 0xbca27d347867d79cL,0x7f460b1581c81980L,0x7ec2d9ab976b8c51L,
-        0xfcd0448661b91ed9L,0x730a7a25d9c1d15fL,0x8a2cf259f94c9db9L,
-        0x8e784b875dec5a3bL,0x062526073e5131eeL,0x0000000000000004L } },
-    /* 11 */
-    { { 0xdee04e5cf1631bbaL,0x40e6c1df156f4524L,0x06603f30e4c30990L,
-        0xdb649a436b6abec7L,0x354f509cf6b94f6eL,0x7fecf46936b7e0b5L,
-        0xa7a7107eba1e6dd2L,0x889edac5689450caL,0x0000000000000022L },
-      { 0x9012916ed05596f2L,0xe3901dacb023cb8bL,0x2501d3ece7d4abe1L,
-        0xb2815040a9c90313L,0x9dbcd3f1c6d146d0L,0x6fa1d5b174ee1896L,
-        0x49aea161a91226fbL,0x754ceedfb8a80984L,0x0000000000000154L } },
-    /* 12 */
-    { { 0xb64e27b04270b2f0L,0x84b34e48bf4d74d7L,0xb186be8b0c2722baL,
-        0xf54a589d9ff9b71cL,0x9887e4df34fd6bc4L,0xb7c669fd7412f49dL,
-        0x4008d9bb77f89d16L,0xafb9426bc902e074L,0x00000000000001cfL },
-      { 0xcca4f2d1662935caL,0x2847c703997dcc46L,0xc089e9e5353c79f8L,
-        0x9ed8d9895215f0f4L,0x59cf08bc80911b9dL,0x4b03540e6de27aa3L,
-        0x52f4d63ef69e320dL,0xa0217fd694ef193bL,0x00000000000000e6L } },
-    /* 13 */
-    { { 0xb77de62774214780L,0xca066817207459eaL,0xf78579b7e9c7fb01L,
-        0xe55548c1d6d4b7c7L,0x45756190a66caa39L,0xf8141b0398505a4fL,
-        0xa5ca0d7c4c8864ebL,0xbf8af9509e129d3fL,0x0000000000000053L },
-      { 0xbc9b29d885285092L,0x82f31daa8eed5e5fL,0x9c33690ef618aab9L,
-        0x0eee14f4d2626ed1L,0x4229570b07ed8e09L,0x1977920e8736d040L,
-        0x47ee25ffede7d01dL,0x3c921c3abc7ab73bL,0x00000000000001b9L } },
-    /* 14 */
-    { { 0x0b6a07cca08b2b14L,0xaa978debbf174c7fL,0x291cb828c40cb2a4L,
-        0x95c7827290adc838L,0x08da8b2a8c1edde6L,0x741ceb2f90fbd220L,
-        0x5f89c9e5322db94eL,0x18266085b73c548eL,0x000000000000007dL },
-      { 0x69ebf82a2defd012L,0x01ecb0945a1537efL,0x3c5575353ef0811dL,
-        0x59c882a7b2bd4deaL,0x00a1f9727bf969c8L,0x063adf5e0b25ad1bL,
-        0x4c1ff306f2536005L,0x8e515bec4112fe18L,0x0000000000000117L } },
-    /* 15 */
-    { { 0x9314787fefe3d3d5L,0x29e76f659d897227L,0x15c77ed1e0b6acf5L,
-        0x9c2b7b201c5e8dd9L,0x788038f15f5667afL,0xf38c766ff3576ef4L,
-        0x9f0623c80040154aL,0x47d3c44bde883b53L,0x0000000000000096L },
-      { 0x32075638de1b21a4L,0xbb6399c1571081c1L,0x322e606775c03599L,
-        0x5c7fde7fade60cf5L,0x1b195440efc19059L,0x7e70ac8cdd7b3960L,
-        0x4aa5a83d6a6fa73eL,0x34f8cfac63080764L,0x0000000000000042L } },
-    /* 16 */
-    { { 0xee31e71a286492adL,0x08f3de4465f86ac4L,0xe89700d4da713cb4L,
-        0x7ad0f5e9a86b7104L,0xd9a62e4f2572c161L,0x77d223ef25cc1c99L,
-        0xedff69613b962e0cL,0x818d28f381d8b205L,0x000000000000008eL },
-      { 0x721231cf8cdf1f60L,0x8b640f2b6717760fL,0xbe726f8ce045a403L,
-        0x422285dc0370689fL,0x7196bf8f72ea0dcbL,0xa16f7855c8086623L,
-        0xd4e19fc7c326fe48L,0xfdbc856e8f68bf44L,0x000000000000013eL } },
-    /* 17 */
-    { { 0xde34d04fe6a3ace5L,0x0dbb603e896191c1L,0xb4dc0007f75ed0f4L,
-        0x15e0e6bc95b259b5L,0xdfbcba662615f020L,0xb2ec5433d31ea3f8L,
-        0x42b0b0e4103ff824L,0x19315060c480332eL,0x0000000000000111L },
-      { 0x9997ea28045452f1L,0x80b678cf71f3f73bL,0x4a52bddc41e9328eL,
-        0xb7f2656ee6af1c23L,0xc43805b9b44215e7L,0x3aa734f2f0a4028bL,
-        0xe3c72479422476e2L,0x6dc2e8b068c60cf7L,0x00000000000001f1L } },
-    /* 18 */
-    { { 0xbcdfae6ffffc0de5L,0xa801814fab4a5f24L,0x19013658ea2aa8ddL,
-        0xf3b1caf5da4f0441L,0xf24b9cdb34100611L,0x48c324ed96e0cf88L,
-        0x4b7ea33423055c82L,0x6e835b6489092e29L,0x00000000000001d3L },
-      { 0x7eb77ae707372f27L,0x4779b4fa83bae19aL,0xa175dae165429ebbL,
-        0x942ec266fc03ef3fL,0x0e5fc6a96991c7c4L,0xa0f61e4f56253d3cL,
-        0x7a11ff58de74e738L,0x60524cd4624de919L,0x0000000000000002L } },
-    /* 19 */
-    { { 0x45b5d0ca01342e08L,0x509ed4f0b749f0afL,0xeb5502d96529d804L,
-        0x5eb087db6d80359cL,0xeaa66a874c384800L,0xe972c7a0c75a8784L,
-        0x8c169e216874317eL,0x81c556e0e5c9fbf4L,0x000000000000014fL },
-      { 0x26b0b12be120674dL,0xc6bf09b9219f00acL,0x1e1e732dd658caa6L,
-        0xc771c5af8292d99eL,0x5d81352925fdbf80L,0xe61bd7983666c37dL,
-        0x8dac946a1d0df680L,0x58dcf684c39f0983L,0x000000000000009fL } },
-    /* 20 */
-    { { 0x141691027b7dc837L,0x2d719754b50eb1c4L,0x04f4092ad7e6741bL,
-        0x1d0a7f1dbc824a38L,0x570b2056c8e20bcfL,0x6732e3b9da181db0L,
-        0x7880636e0a7b508aL,0x11af502cc9f70492L,0x0000000000000045L },
-      { 0x0b820d94c56f4ffaL,0x1c6205a2c4f0c0faL,0x99f33d4ea1a0606aL,
-        0x1bab646679b316fbL,0x05aa0852e4f240fcL,0x22539b7892d7dc43L,
-        0x03657f1206e3c073L,0x28405280cedb6633L,0x0000000000000059L } },
-    /* 21 */
-    { { 0x90d087114397760cL,0xb9020b761c9fcd06L,0xc7fec7fa987e24f7L,
-        0x0e33b8a0522335a0L,0x73dbeafdae21ca10L,0x458c060a3b032220L,
-        0x9b9c73b8ee145da6L,0x31c661e527ff62efL,0x00000000000000aaL },
-      { 0xaf518eb081430b5eL,0xb32f9cea50ee0d69L,0x0ecdb0b5aa6ebe8bL,
-        0x1f15f7f29fe1d689L,0xce5d68f31a59cc9aL,0xf4d6799408ab2a63L,
-        0xe85b1cef4347ce54L,0x8ff423c0286d0776L,0x0000000000000176L } },
-    /* 22 */
-    { { 0x8564104c33dcec23L,0xbaf0d61bcdd07519L,0x486daf514c4f309aL,
-        0xf01bc8f5de488715L,0xddd6baf1d3539ba3L,0xbb7e665d3a3be8ecL,
-        0xf919dac3cb5d865fL,0xfe203da3f12149a0L,0x0000000000000173L },
-      { 0x043ae9a178d4a3d1L,0xa4d5cf58865316d8L,0xeaf026c041176463L,
-        0x316c638ff84afa44L,0x512f2397ffea422dL,0x691eaa046622b613L,
-        0x48856ea397e7068dL,0x42d1b2e3f4a1b33cL,0x00000000000001b5L } },
-    /* 23 */
-    { { 0xf51b2d5e1f487402L,0xe36016e67aaf1dd5L,0x1eb3f1f56da9c20aL,
-        0x25b7d361ece45bfdL,0x42db0633027a9e18L,0xbf228777e8411649L,
-        0xf5fce0c4458773d0L,0xb2b3151d2dd7a5f0L,0x000000000000001fL },
-      { 0x102773e8fbaa096aL,0x152726ebe093a878L,0x5c53cd072c7f1781L,
-        0x38d3dfd0ab5dca76L,0xbb4a7d8587ef2d4aL,0x5c9c2013b7eb11c2L,
-        0x5e353c340b6da22fL,0x846d50a5a325ecadL,0x0000000000000039L } },
-    /* 24 */
-    { { 0x76da77361677df58L,0x364bd5671cb50d6cL,0x0443c7d70a080ff2L,
-        0xa0a8542986532430L,0x82002dd2c35101e7L,0xbebc614348c5cd76L,
-        0xff1591aeca6cf13fL,0x91c7c2e698bf8dc0L,0x00000000000000fbL },
-      { 0x6a7c5cad12de14d5L,0xbc448c5f6561c822L,0x9f8de4307cdbb3daL,
-        0x9c58f011c76811d7L,0x1e89806e75462049L,0xe52ad0a2c9a74e49L,
-        0x2034685cb2be37c3L,0x7a8632450a0bc72dL,0x00000000000000ecL } },
-    /* 25 */
-    { { 0x33818c218a86786eL,0xed537f742137e2c8L,0x5d9690d1a7e6eb20L,
-        0x9790ec705cdc4803L,0x469162c824f7bd75L,0x09e7ef9d4e1f0f14L,
-        0xd30c128bce9915caL,0x810145f66c71226fL,0x000000000000002dL },
-      { 0x312749f5b71d87e5L,0x25f3b1417b02cedaL,0x02456d2ee0baff16L,
-        0x97f7b3a9fcae6627L,0x0d6ebf8f37bd985fL,0x20aa81b97fa6d0c1L,
-        0xb29f1a0121f2f137L,0xe326a2f85cc0ddb1L,0x000000000000003dL } },
-    /* 26 */
-    { { 0x26f3398b38c2ee78L,0x40c3d101a75a0beeL,0x35a31706565a7f8eL,
-        0xd12985e304019e5dL,0x21e2a642b8174b6eL,0x25a15ee8af80a52aL,
-        0x5d1e0fe68518d80eL,0x8cbbc13804f6ea9aL,0x0000000000000084L },
-      { 0x76828690dfd45169L,0x38d7e09859d3e8d0L,0x23758811cdb8bfc2L,
-        0x8499547a162cf648L,0x494bab3bb4d15b8cL,0x822cbc57c60499a6L,
-        0xac43224ea8a1cfedL,0x4356346957c6598bL,0x00000000000000d9L } },
-    /* 27 */
-    { { 0x2b06925368271323L,0x24d9e0a849cd04d7L,0xaae35fbf2b31cc7dL,
-        0x44f64b4f57a3e361L,0x149046860294e856L,0xddc82ee743ced4aeL,
-        0xcb92a6a57e2cda47L,0x989c42efbfc1f968L,0x000000000000013fL },
-      { 0xbed98bdfb8651600L,0x8c3634347a3cfaeeL,0x93a1254335b1a226L,
-        0x558da7ddd5825507L,0xa5173b23852eb1e9L,0xdf5ae5852295f545L,
-        0xe546e2ef6646d101L,0xf7e16a2c5d89f862L,0x00000000000001faL } },
-    /* 28 */
-    { { 0x0d746c8ec7ec136dL,0xf8e1d827cd11351bL,0x764a3ad3f187a116L,
-        0x2f1b968f136e8465L,0xd41aa294850983c2L,0x2123ecc4be717259L,
-        0xdcdcab52763c149cL,0xa7f50b181022b82dL,0x000000000000016dL },
-      { 0xf99e532d0ca5e258L,0xa148ad1797b62a7bL,0x8d0a242ec77fddefL,
-        0x58518bcd74f9b6c4L,0xc53b30b87fd122d4L,0xbb8cd193fb50b2d7L,
-        0x1a169aeebc01aae9L,0x7e49b10a1de26e09L,0x00000000000001c5L } },
-    /* 29 */
-    { { 0x2cabe67521210716L,0x81a296a307e02400L,0x94afc11d8c83795bL,
-        0x68f20334dd9efa6aL,0x5be2f9eb677d686fL,0x6a13f277bf5ce275L,
-        0xf7d92241b9757c5cL,0x70c3d2f4c74f4b8cL,0x0000000000000132L },
-      { 0xf9c8609c8d209aa4L,0x46f413a2db2b5436L,0x96b72d1a2992345dL,
-        0x186f2aeb9487c34fL,0x4fa72176b440a375L,0x3a4209367da5358eL,
-        0xf11eade3ff25b310L,0x9a570153505d60b8L,0x00000000000001a9L } },
-    /* 30 */
-    { { 0xae1513936e7495bbL,0xebd2fd28490879d1L,0x9c232b0b29fd76fcL,
-        0xa1a0d49bc60e721cL,0x9f582b83517a09e2L,0xac37809e9d8badf8L,
-        0x4aa4de9e0ad48bb4L,0xfd041312cb6cc487L,0x0000000000000027L },
-      { 0xc05502eeead4fb6dL,0x760c25ed0a602cbeL,0x58ba6841bd7f4a07L,
-        0xc28b603254edce14L,0xb9d41e390397614cL,0x4221b71d181eed93L,
-        0xd010e3c2332d4b0bL,0xdfe58a27dab0e419L,0x0000000000000096L } },
-    /* 31 */
-    { { 0x4cd6fcd67debd24eL,0xbe3fca609ae2b075L,0xa7d8c22ef217c26cL,
-        0xd42d03e0b9620e3fL,0x634bf216c7f9f87dL,0x22b1ec538972ffeeL,
-        0x83a957c1d60d3e77L,0xedfe5f860f6a537eL,0x0000000000000162L },
-      { 0x40a05400f0ea20b8L,0x2872ac7e1d796900L,0x7765a5c90edb0cacL,
-        0x9df5b930b62939a7L,0xf78a676eaf2cb708L,0x030732bf52febc12L,
-        0x3a6640deba190ad3L,0x36eae15f93e7e341L,0x00000000000000d5L } },
-    /* 32 */
-    { { 0x6c6119f6a1c88f3cL,0x924e5fec2ec6944aL,0x4c8aac605742ff2aL,
-        0x60adde1eddb22c7cL,0x9728938cfa5d25bbL,0xfa5ac4f7ec117de0L,
-        0x41f35ab7482929c1L,0xd1c4e8f90afd95f5L,0x0000000000000180L },
-      { 0x2fc4e73da7cd8358L,0x39361a57f2a1c920L,0xf6f2f130ad94d288L,
-        0xe37e24662b6a78e2L,0x0babff8b79c262cdL,0x6cae01ef61b597b9L,
-        0x9c1e33f0a60d4e64L,0x52a42280dd01f845L,0x000000000000000eL } },
-    /* 33 */
-    { { 0x72d640a40f013755L,0x0b6dce77fb8380e9L,0x2789ce797eb64b31L,
-        0x8e704b0b93ca5a36L,0x18c360ff58bdffc9L,0x53b1f323b230c372L,
-        0xd6b390885a7385d1L,0x071130f556b93bf7L,0x000000000000004aL },
-      { 0x29a2096bfeef3f88L,0x22eba869b82b3945L,0x7fe2184a872664a7L,
-        0xa0dc0ba1858ff942L,0x33799eb57490c9daL,0x1d356f6281588ce8L,
-        0x7dd9bc7fa7b2cee2L,0x1e61a4e8a3cfaee9L,0x00000000000000d2L } },
-    /* 34 */
-    { { 0xec5db629e9068656L,0x623bd70c9fede4dfL,0xc78ad5bdfcd45546L,
-        0xf7981dd26291a741L,0x3ac53d92761e688eL,0x6a96892a55b9272fL,
-        0x4217e7b806546fecL,0x793c03cbab9e2f56L,0x000000000000015eL },
-      { 0x08fd95436eff39beL,0x5a1af07edbff4f68L,0x83d47abdb0241616L,
-        0x37c5d2fdd4798029L,0x9d86d97860b2e6fbL,0xe3e3284ece8db998L,
-        0x9f049eb5d868b9bbL,0x3b3e8a789dad18b3L,0x000000000000018eL } },
-    /* 35 */
-    { { 0x57026c56e51e61f0L,0xdddbcaa3307f2757L,0x92a026ebb1aeaf41L,
-        0xa33e937ce2d7f5baL,0x1f7cc01ebc5ead91L,0x90ab665d2e46807dL,
-        0xc2a44f5553419519L,0x099c1ca679664049L,0x00000000000000aaL },
-      { 0xb561a9098f97e387L,0xf605177845e1dd69L,0x1ffa512b7ff1d6abL,
-        0x42da55a4d09a9c89L,0x5e5a7c71d2282e2bL,0xdfa5a203e74185adL,
-        0x19b1369dea0baeffL,0xa5eef9141ecc0a16L,0x00000000000001a3L } },
-    /* 36 */
-    { { 0x2af20d0a7a573b81L,0x7eac1ca866194cefL,0xef0d2d8d0b711c34L,
-        0x6aea016cba099d42L,0xa6609d285067a8caL,0x6a52c6007a1351efL,
-        0xdab85818b11c2634L,0xf17fa45dbb1c033cL,0x0000000000000121L },
-      { 0x9fb8b87afc3279d6L,0xe30e76abc201f1e1L,0x02af6a83806c21ddL,
-        0xeafd7e2bc63f824fL,0x7b074e2646bd1a53L,0xcd6f4931a2139164L,
-        0xab2cfd39c172d9bfL,0x62f3eb4b4db59cf1L,0x000000000000010aL } },
-    /* 37 */
-    { { 0xe402de36e0689a1bL,0x9dccc9fd7dcafe72L,0xe4dead7e255d0bfbL,
-        0xd7ee87ee4ada04d9L,0x5a85039ebfd2e774L,0x282c6657770b2b9bL,
-        0xa7aca826ba103bbaL,0xac7028bac7cd5071L,0x000000000000011aL },
-      { 0x2e61d39c680c8f04L,0x2f09c4ccb48b3b5eL,0x131609bd95744f3cL,
-        0x6d72e4b4aaccb593L,0xdb7060ca5adfb209L,0xc67d9e431fd3eccfL,
-        0x1487a26fe1752a73L,0x3d95366364d0857cL,0x00000000000001e3L } },
-    /* 38 */
-    { { 0xe664506b4cec9e7fL,0xa44564b430aab98fL,0x5e1b501f173fa284L,
-        0xe7b7bd7e15c97472L,0xd6cc67a882dec033L,0x1fe2e9340a63b762L,
-        0x3a084e1b3f8e2fcdL,0xccce4da89ae6e752L,0x00000000000000fdL },
-      { 0x0797f8eec12fd820L,0x325f892a96da4733L,0x597d241d55997bf4L,
-        0x3aef35ac02b753cfL,0x8a73f95df677cebaL,0x5b2892b7d1bbac6cL,
-        0x90751583cc5278b0L,0x2f5ed53fa47f45f6L,0x000000000000001cL } },
-    /* 39 */
-    { { 0x3914165eab40b79cL,0xbfb6eed825b489a8L,0xda136b7d8a6c107fL,
-        0xd431db8b8e01f28bL,0x84e5d0dda4d79907L,0x69a91472a471e685L,
-        0x58d0696998376ff8L,0xce369b74c46311fdL,0x0000000000000006L },
-      { 0x6c0773d11add1452L,0x2e4e9c95ed8e9a2aL,0xe8ff8e32ca15a40cL,
-        0x3fcb7d36af62f18fL,0x2ca336eeeec9484bL,0xa4d6e7a93b20405bL,
-        0x6d90d031956d8352L,0xdd375603d9ca03e7L,0x00000000000000e5L } },
-    /* 40 */
-    { { 0xcc5f297d8b481bf7L,0x06a2a3e42a13383cL,0x9e14528cdc40b96cL,
-        0x9a2bf35f1189da3cL,0xb8adb9896cd57fa7L,0xc1a4935c9357d32bL,
-        0x51fb2580c2d76fadL,0x98721eb424f23de1L,0x00000000000001baL },
-      { 0x8c02daaf52a4b397L,0xc3c5f4cc0d0b4e54L,0x29be4db37b7e79cdL,
-        0xf34336ecb33970b6L,0xed3dcb7c92808c7fL,0xec290eff02288db1L,
-        0x2a479d51e96ed59aL,0x9d7ed87076d8fa5fL,0x0000000000000092L } },
-    /* 41 */
-    { { 0xd8edaf0be660043cL,0x84aa2ccb016e074dL,0x9d2368e7e2cc3b3dL,
-        0x47b501305c269fc4L,0xd0194ee13de33e36L,0xdb3361b9789ca504L,
-        0x8cd51833984db11dL,0xd5b801ecc8ec92f0L,0x00000000000000c6L },
-      { 0x33f91c1547ab9887L,0x2f285e2a6b5ab011L,0x9b734e5a133fc818L,
-        0x5c435a7438d8692cL,0x3c92b47c43282e81L,0x191231f59c7bcdaaL,
-        0x3ae425c34d158c86L,0x7f568febc5a23ccaL,0x0000000000000011L } },
-    /* 42 */
-    { { 0x8ccbd9d5bf5caa87L,0x17bfc60f68dd8c9dL,0x63eb4dbbc7d4dedeL,
-        0xbf6e59458270b5bfL,0x887137a5cc098fe7L,0xca5eb68705d7b8f5L,
-        0x4b7deeee4b25a533L,0x8e045c324a700a6cL,0x00000000000000efL },
-      { 0x160c1c9270cf52bcL,0x4bf3f63a90cc6298L,0x5fff421cbf3028fbL,
-        0x0a8102d7523beff1L,0xff3309a38b9ce105L,0x8e9da4d006621b1eL,
-        0x9775f89fcc0a7807L,0x5904486500178612L,0x00000000000000ebL } },
-    /* 43 */
-    { { 0x8a6664fdebbd33ecL,0x0cf9a660ce5ad579L,0xecd06c0550fb56edL,
-        0xb4ca5fad1d5aaa6eL,0x36daee5b948a7f07L,0xd2e37887efe1c11aL,
-        0x41f61ac491d2544bL,0x49df70712bffd8eaL,0x00000000000000beL },
-      { 0x60e2f1f565acdb56L,0xf2f13c845e5e5bdeL,0xb97fd354e17a0412L,
-        0x8a2867cfd9c93befL,0x9ca9d16b25a957e4L,0x1f55c19b4a18635fL,
-        0x9b3868f58d26ae71L,0xac4480414c94541dL,0x0000000000000000L } },
-    /* 44 */
-    { { 0x6c1bcf89d4ad38dbL,0x1180f3813d714511L,0x5b4c2759cb70243aL,
-        0x5dd64d63163a716cL,0xbbd2efea13648bdbL,0xa47187f9e4de9969L,
-        0x65de6912e2de8c45L,0xe075f29c4bdad0a7L,0x0000000000000048L },
-      { 0x003354745e4dd88dL,0x1828363880577afcL,0xe4b35c01227288f7L,
-        0xd008fd91e68989deL,0x42142315cd3f71baL,0x5cb023ff3e4da1e2L,
-        0x7e6b9c35b5662bb1L,0x143f41657fb04fe5L,0x0000000000000072L } },
-    /* 45 */
-    { { 0xb06b046c26f40f2cL,0xbd5d246c6cd7c31dL,0xaaa562701953a9b7L,
-        0x5ac929b88f00436fL,0x1937392c21d0660dL,0xd279ed159bd6dbe6L,
-        0x377c4d5ad17c43f9L,0x800eda50b8fcd025L,0x0000000000000179L },
-      { 0xb88ddc0b36132f31L,0x6f8f4f012ade73a3L,0x38859ec3203de2b9L,
-        0xedb03814231b6533L,0xad08cd20a14093caL,0xb9f86d445c2be2f9L,
-        0xfd3d9532f6ebc09fL,0x757b58991aef478dL,0x000000000000013dL } },
-    /* 46 */
-    { { 0x7d9ad100580f894bL,0xb612488ad925e46fL,0x45497e142e5a6865L,
-        0xc86e105317f9a813L,0xd8aa820af8a33541L,0xa67906607a66d578L,
-        0x47df60ae5f758e23L,0xcadd4c90a7f8ab5cL,0x0000000000000107L },
-      { 0x356b044f6764ad0eL,0xf69fe0e1250189b3L,0x2deaca625f14db6aL,
-        0xe9f2779f1bd77d54L,0x979911f25cfa895cL,0xd4e94cedb6f19ac3L,
-        0xc353341701af44b1L,0xcac43fff50c727f5L,0x000000000000003bL } },
-    /* 47 */
-    { { 0x1742951c83c1d4cfL,0xe03791d0b245c34fL,0xea8f8ef69c2dcc71L,
-        0x2ea57a292a310767L,0x255b46bbb12948bdL,0x2adc1e090feaeb83L,
-        0xa0d2d18c449abf59L,0x9e8c9ff5c4a8a689L,0x0000000000000019L },
-      { 0xc9f7b9cdeb28171aL,0xefd78403d576987bL,0x58b4f3bf22ff824cL,
-        0xee09b393bf333cc5L,0xebff83a2b01ceb72L,0x5bb34c45220299cdL,
-        0xa3c3e8a066ebf751L,0x5dee07bb49d05cf3L,0x00000000000001a6L } },
-    /* 48 */
-    { { 0x09a958d6b114257bL,0x729afd41d4975e30L,0x072879b53aae7b11L,
-        0x0791b093edd1ac83L,0xcfefc7d11eb67975L,0x0e54bd37e2675b4aL,
-        0x89a62d7e8d69517fL,0x96f805d8202109a3L,0x000000000000006bL },
-      { 0x4815d51757b5f9f4L,0xe5c9e436405b44d1L,0x3442dde0e4870160L,
-        0x953fef951ef6b3f8L,0x919e4cf5f7497fafL,0x24e3cc4d016ef0b7L,
-        0xfc5caa872512eeedL,0xf1ba4029a3bd1703L,0x00000000000001b6L } },
-    /* 49 */
-    { { 0x2a668435529252acL,0x3da626c074e7b0d8L,0x55080cc1e0be86abL,
-        0x534a53f74ed5dc53L,0xa9eff1400cd41fd0L,0x0e7c945c5674891cL,
-        0xdea4b895ec53b5adL,0xefc67bef15150988L,0x00000000000001ffL },
-      { 0x988dc109306033fdL,0x1b287979f36875d9L,0x4d39af26e3c335c5L,
-        0xa47259fd124e29d6L,0x5d60c570c41dbdfcL,0x06224b610cc0d895L,
-        0xa041d4e5eea8ff86L,0x2920e15cae4d8707L,0x00000000000001fdL } },
-    /* 50 */
-    { { 0x66d15f0ccd67da85L,0xae98b6f45ac54a15L,0x2f05e021f1ac71c3L,
-        0x1feb222647559224L,0x2a2f156166e856dcL,0x65eb14566fb4ba47L,
-        0x34688bd2a29d920bL,0x943ce86ef9d4cb9bL,0x0000000000000061L },
-      { 0xb4696218aac91174L,0x85b519ec41dd9234L,0xb7efadf29f0763a4L,
-        0x98517f27712c8b33L,0xa02e7ec3b0538630L,0x46bc45bb1ff3e3e4L,
-        0x46ae896f29496486L,0x2aeb1649ebd2b93fL,0x0000000000000146L } },
-    /* 51 */
-    { { 0x1f34f41fe8e4d3c3L,0xc80d87ff5bb7e9dbL,0xf0216c0ad910b579L,
-        0x2a24b761b87349aeL,0x054bc5282b0a6cc0L,0x3b4c7029af2d1957L,
-        0x0e4b90e2adbe6cddL,0x8e774f8126060a34L,0x00000000000000cfL },
-      { 0x3c7f9dbc2e229950L,0xab11f846d9f82b70L,0x2b7ad9a3f10c05f3L,
-        0x203ead4f0f1820caL,0x51dbcbc8ccbfb332L,0x3bd9caf0066706f1L,
-        0x5a39be2506059d5eL,0x984387c8dcafe64eL,0x000000000000014cL } },
-    /* 52 */
-    { { 0x708a757f8e011531L,0x7f45b172c3dcd57cL,0xa8eac9fdc2d99e29L,
-        0x9d4ee81fb93b6415L,0xa5833b54a5488e86L,0xddd561c30bb7ab70L,
-        0xb5bda384b3bdf3a9L,0xf909f8e01ddf332bL,0x0000000000000124L },
-      { 0xc5b8aa84ab41e782L,0x1de20126851ddb87L,0xf49baa7d99482bd2L,
-        0x05963debf4b6413bL,0xed369fbb7cd1e224L,0xdcf495dd1bad60eeL,
-        0xeb475693892e30edL,0xaaf11bd8af0a212dL,0x000000000000010bL } },
-    /* 53 */
-    { { 0x7146017416ec64e2L,0xbfd14acf7d7c6ebeL,0x1e3504a3668b7176L,
-        0x72e3f3f3741b041cL,0x651fa54a2d3b67b0L,0x623edca3e57d928dL,
-        0x29b74e8b72c8f419L,0x3d99cb47327abaefL,0x0000000000000038L },
-      { 0x808dd0b3da342a3fL,0x12002462def4a954L,0x1b1c642eeab5a860L,
-        0x5e1e2a0506e54b6dL,0x9ba1710f10c6cf1aL,0x334fc3660f903cd0L,
-        0x969e0001134166f5L,0xfaa26074155c4353L,0x00000000000000faL } },
-    /* 54 */
-    { { 0xc85cd0e6712de285L,0xcd2ff8b0869f5dc5L,0x372a2b92df4ed389L,
-        0x63524d3055b99c84L,0x46fef5a2e07a0033L,0x0a2c82dad6e09493L,
-        0xb362662172a8952bL,0x9afcb188af217eb6L,0x000000000000002cL },
-      { 0xd3b9d4769a64c5b5L,0xa0d8d5de44c4cfe1L,0x560858ef11c6dbffL,
-        0xce1d978f41c14aedL,0x251f9e7235efe854L,0xf9d0c14c0474575dL,
-        0x0d2c838ebda89c03L,0xa25f040b36cc9dc0L,0x000000000000016fL } },
-    /* 55 */
-    { { 0xb23d9dea9cad682dL,0x87acb1b346369391L,0x9f5c19885c0f24d7L,
-        0xdff62fc7d41883ceL,0xd1ab29df53555e46L,0x569b1cb2891cda05L,
-        0xdb14dbc452c633edL,0x1acbb86c2a345428L,0x0000000000000194L },
-      { 0xd86a70c824db8127L,0x84a6563f41b7cf5bL,0x8d84dabeb908d9b4L,
-        0xaaeaae63899c260aL,0x13ed6b2b44436957L,0x3bc94f99d0a92c8dL,
-        0x978f2e2bd04bcb97L,0x56a388ef716a565fL,0x0000000000000074L } },
-    /* 56 */
-    { { 0x6082dfe496fc1f77L,0xb04c435f1347ad6aL,0xf42694dc25ebe457L,
-        0x64a17069b6f764aaL,0xe03873d504d83da1L,0xb0b9db52e0c82330L,
-        0x9886b34ed4239b3eL,0x76587f2a598814daL,0x000000000000016aL },
-      { 0x6918f8e8ebc71a5dL,0x49141a4285405233L,0xd63f09ccc182cbccL,
-        0x4afe59d3e09057a7L,0xe633db0de239d8ebL,0xbac8582dfd9494b2L,
-        0x8b915a414704fd61L,0xe0866a9dfceaefd9L,0x000000000000010eL } },
-    /* 57 */
-    { { 0x2b50c47052e07a4dL,0x7f6d38b8e5d745d0L,0xb414c47ce1af1226L,
-        0x03e4b44b39c505f7L,0x59f3d79586f739beL,0xca19bca7e7c2f1bcL,
-        0x1c51c01ec063fad4L,0xda3937a57f428afbL,0x0000000000000080L },
-      { 0xe9d8ca9d102369faL,0xe009bffb706c0e35L,0x2e0a19a796b55d80L,
-        0xda0e42deac0d094cL,0x6c1be2c5787c187aL,0x6d4ae2cc9cfa04b6L,
-        0x5b0cea6076577340L,0x2d525245c7c96285L,0x00000000000000d8L } },
-    /* 58 */
-    { { 0x6dcb238cae93de69L,0x4963c8333bfdae9bL,0x33c81f4de8b79836L,
-        0xe13a2244ae8bf8aeL,0x0bc6e7864c3ebaccL,0xa837a53c555a5ad6L,
-        0x875d8d35bc7e9459L,0xb3705534f9f46fcdL,0x000000000000001fL },
-      { 0x78e9270c7fb974a1L,0x23448fa0e9ed2481L,0x14166c3d64bffbd4L,
-        0xa05aa443d79f4b3cL,0xd855a4f13b9f32a0L,0x4bebcf8dac90235eL,
-        0x658499878db52b48L,0xaa4d59f1e48d09d1L,0x0000000000000183L } },
-    /* 59 */
-    { { 0xee585d75dbffad9fL,0x64df6174f419d8fcL,0x6f73bf59e6c69345L,
-        0xb80793d183d59b0cL,0x6baf4fc3929c8950L,0xbd445a9529962babL,
-        0x52b61945eaa91273L,0x4fccdfff3d1c785bL,0x00000000000001beL },
-      { 0x05c384d97cb2857fL,0x4cf8305806b7abf4L,0xf528dd1743ace6b2L,
-        0x2c7b8fa2bc43d6b6L,0x8f0e28bf14e564b9L,0x1b69bc73d2b9f01aL,
-        0xab8beb403dd383e6L,0xaccea0c59791946bL,0x00000000000000aeL } },
-    /* 60 */
-    { { 0x9a68baee0163c2deL,0xc42d0b2beb2768a4L,0x5686f124ffdae767L,
-        0x926da5d50aaca943L,0x699c34cee01091cfL,0x3d2545405324becdL,
-        0x1b6b58f14193a0a9L,0xf144925ed611cc9dL,0x000000000000014fL },
-      { 0x7f61a60cc1ed9259L,0x1be37aa32f1d5a7fL,0x0384713d07aef431L,
-        0x99f33d494e6fa7baL,0x43928c168bd3730cL,0x73cf8ccf5b9557dcL,
-        0x0bc6d460d1a2bee5L,0x27cd194383b15610L,0x0000000000000145L } },
-    /* 61 */
-    { { 0x4be651353427af4eL,0x2e6c0bb1310d937dL,0xbd8ea76acaa671c3L,
-        0x9d7b3fd4d3a9c376L,0x124ce863471709aaL,0x225ce41d018051c0L,
-        0x5489284ff9e8ee1cL,0x22d829c9535c4ec8L,0x000000000000013dL },
-      { 0x6b01ed9da1b15e02L,0x1d092bac301e5868L,0xbfa7a1835764135bL,
-        0xc0ee59b76f7159a4L,0x9171a05118090d0dL,0x5c1531bbb8052196L,
-        0x740930fc20927904L,0x963b48cc76337685L,0x0000000000000008L } },
-    /* 62 */
-    { { 0x0fe8b620f4aaaed5L,0x1068de7dfe871ee8L,0x2b22030ffebfcb4bL,
-        0xd4dfbee7c3a2155bL,0xa7a26a8c2769b805L,0x377de7706d39eaf0L,
-        0xf1a92447f615f032L,0xa1b81a8442d9b731L,0x000000000000012aL },
-      { 0x299e67d0b1152e8fL,0x2e773d9792b5e14cL,0xe0d81073f1cb57a2L,
-        0x03af0a9cbf1da4a2L,0x169b160ec22b449aL,0xb82c1ac8dd2d7d1dL,
-        0x7508aca6bfc98ee4L,0x54992440e3cbea15L,0x0000000000000150L } },
-    /* 63 */
-    { { 0x70004a0aa13a4602L,0x505c71a3d0d2c60eL,0xa4fe2463a6d79bc5L,
-        0xe878eb3ad54d9df4L,0x7ecca90773d3c7b8L,0x5b3bb278244ecfa5L,
-        0x8a30f61fb124d179L,0x5b7e50014f632af0L,0x0000000000000115L },
-      { 0x62c42ecc9ef0021aL,0x58017fd7f856c9d4L,0x10e243b82e6478bcL,
-        0xaf0746691505a4dbL,0xd9bb0a1c4cd7eea5L,0xe8ba39a2d52aed0aL,
-        0x0747449ab549f09dL,0xd5c8f7bd9e57fa64L,0x000000000000013fL } },
-    /* 64 */
-    { { 0x1bd8ce7b5a53c22bL,0x78733fcd7cab446aL,0xc44ca4e248acb394L,
-        0xa9888b1ea38c790fL,0x36afb6eb15c34237L,0xb913b8a8fb702063L,
-        0x34b77cc5917508faL,0xa931d7a7f9e4732bL,0x0000000000000050L },
-      { 0xa90a429056d21d18L,0x8266630755b410a1L,0xb4684a8b894a6b05L,
-        0x8a1ade63828cf75cL,0x4fb2f85a127702a3L,0x83ff7d05adf7b709L,
-        0x1d3f5a92a68d1db6L,0x243ce1dbc093cd5cL,0x00000000000000f5L } },
-    /* 65 */
-    { { 0x8fc183c3d37d7891L,0x17b50149fd865ecaL,0x0f6e43d68f218441L,
-        0xaf51ec255a07f658L,0x8fe5a6cbad303202L,0x95de68f310676ef5L,
-        0x7508e31fca4e000cL,0x783e5a9577735254L,0x0000000000000159L },
-      { 0xbc1db5712e537ad9L,0x5e87112d35be9cf7L,0xbb522b48d57f9bcbL,
-        0x1eff7890a8b3cbc7L,0x4f306e11e5ecdb5cL,0x30da83923387e7edL,
-        0x4d91fcf472321e3dL,0x8487bb62e412a67cL,0x000000000000009fL } },
-    /* 66 */
-    { { 0x86f5f80f8cb8e08eL,0x7cfd2c412496fed6L,0x0061b74360b7dcdfL,
-        0x4dbaffdf57f4d05fL,0xb1993c2a458061f2L,0x6c6ca8d09de994c4L,
-        0xef70d24d2747e062L,0xd4e5d4e3b9995cbcL,0x00000000000000ffL },
-      { 0x3171e245c6f40077L,0x1592e0450723e506L,0x35c86f7e6a6bfd88L,
-        0xba0959d16d9d9ce0L,0x2e7f8fe83eb5770cL,0x58eb0881c40d63ddL,
-        0x56333bdaeb9e4419L,0xfb0397df3afd1f4dL,0x0000000000000034L } },
-    /* 67 */
-    { { 0x7b84e05eb358815cL,0x3abcb2d4e41087d9L,0x87a7588907f05d7aL,
-        0x350778d57a9d481cL,0x9d34cff842d64cbdL,0x0859cd5accf289feL,
-        0x8372d591dd2b2c6eL,0xc06d482e18b40b62L,0x000000000000006bL },
-      { 0xd10695a0da4ed375L,0x51baf588298daaeaL,0xb028a1b4f4b7092cL,
-        0x8ab87dae7a335b35L,0xa73593620567efd8L,0x7a49fc103320c374L,
-        0x737acac4a3558b30L,0xd30696a34c0fce9bL,0x000000000000001eL } },
-    /* 68 */
-    { { 0xd9550ab0bd3902feL,0x9bba4b4b86a9d3b3L,0x3a59e0a9975cac37L,
-        0x045e8731333605dcL,0xf2c598c21afc2c58L,0x81ff8d6feef9cbf1L,
-        0x82bed5d09bf83c42L,0x9d1d9d5b528131d5L,0x0000000000000157L },
-      { 0x687da3055519258eL,0x73f539f9027de2a8L,0x69fa9747d6a230d6L,
-        0xab1aeb235f5d1684L,0x5bbfe9475f7e41f5L,0xbd546abb16a7feb3L,
-        0x2afbd4e8e16d5187L,0x7437be13bcc953ddL,0x0000000000000160L } },
-    /* 69 */
-    { { 0x55f165a9ee9755a3L,0x0c8d5a1ab82c9ab1L,0x65a1e45aab6b97e6L,
-        0x3004cdb0ab05e271L,0x9e0c3b526db0830fL,0xaae1ec1a75acbdebL,
-        0x413d4484761e8498L,0x589e09bbb1b9c62eL,0x00000000000001e9L },
-      { 0x675120819c72258dL,0x61dcd7345c1593d4L,0x6c627a7b91c11fdbL,
-        0xd1d3e9bf8857908eL,0x9aac06fe530bc68eL,0x125c16bb6b5b44ffL,
-        0x38860bb6db90edd5L,0x96fe8b08fbbedb5cL,0x00000000000001aaL } },
-    /* 70 */
-    { { 0x323a5dd8f257c0f8L,0x4884dc92dd3a10d9L,0x03f379cebbb8ce03L,
-        0x6217ad53a47262a9L,0xa1df201752e06c6dL,0xf5b723e0c32428cdL,
-        0x1e5d38892c30c62cL,0xd9a90f1f477f82ccL,0x00000000000001fdL },
-      { 0x830d27ba1763ab59L,0xcf27d93e723783e9L,0x81558264945968aaL,
-        0x63251a321700d5d5L,0xcf6bbe7303146d9fL,0x6cdcf455e65bf0f2L,
-        0x80aa00ce632323fbL,0x6e49e62cd96a4744L,0x0000000000000149L } },
-    /* 71 */
-    { { 0xbeff0b7e40574c09L,0xb76f26433fe80e96L,0x0b3bd352eb237d91L,
-        0x3c0c62b77edc3102L,0xf989394b424a36dcL,0xe9ea64c27c6c435eL,
-        0x2dfc21c4e388d076L,0xcc3852f6a4e69e4bL,0x0000000000000139L },
-      { 0x5238a3ffbb096b91L,0xee72c9e573d8d43eL,0xc116db118c577558L,
-        0x54ec89d2dc47d4b4L,0x2006dd3542e1955fL,0x004aed6a7437475cL,
-        0xc1ddc32a2bee9041L,0x597417a2ed9332c9L,0x00000000000001fbL } },
-    /* 72 */
-    { { 0x3c0f1981859bae66L,0xab48e9b1845d7c1bL,0xc6ce9c03452a3c1eL,
-        0x2384a00cff810339L,0xcd7ede115f98d6feL,0xf7a00e3d38a0dd5bL,
-        0x56dd948a3c7e1c06L,0x9d21a7d18e53a61fL,0x00000000000000d0L },
-      { 0xf9cfdbaf880eb3fbL,0x64cfd2975e83f7c9L,0x61ba7d6fa28a74b4L,
-        0xb8200d5fdfb13e03L,0x03bc8f4b232a6128L,0xd1fb92c281a8d86eL,
-        0x68675fae706d6ea7L,0x9b08608aefab18c2L,0x000000000000011dL } },
-    /* 73 */
-    { { 0x17cf6146bbd2f539L,0x96052fc076e26ba2L,0x36821d18d4be4a67L,
-        0x8f8234229f3f39a8L,0x68b846b9433f873aL,0x7a1d3f36716f4568L,
-        0xdf603e282fd47750L,0x77cb02c56975e226L,0x0000000000000003L },
-      { 0xf275add38c01dd59L,0x9c213a9eb9c1a37aL,0x690ad1044dfc5403L,
-        0x202ee20607ee0d86L,0x896ede95661fc40eL,0x6b4d7398d0b02f56L,
-        0xccb96991e5af1a24L,0xd5c281afc13f7125L,0x000000000000009fL } },
-    /* 74 */
-    { { 0xc858c54bd7073a5aL,0x87c81a5c861eac7dL,0x51f84a39e720201aL,
-        0x952a9f8e40e003ceL,0x76bdc4ab58f199deL,0x1cf12322d56cc02bL,
-        0xb6634e6383f162f3L,0x84c017ee8f969e11L,0x0000000000000169L },
-      { 0xf1f433625c89f1faL,0x4a02a630b697b078L,0x33311e5c4b05b7f4L,
-        0xa7ccae514fede4ccL,0x0d26e8744b025aa4L,0x7d5b77bbf84db7adL,
-        0x39ef1aa8f571c1feL,0x65eba928418ccd20L,0x000000000000018dL } },
-    /* 75 */
-    { { 0xa37866ab8abb2537L,0x14ac4cbb65b3096fL,0x827fa7ed2a428ad3L,
-        0x95d19f6210e9e196L,0x31eb97a089801b4eL,0xaae77a62aae8b823L,
-        0x9693d62a5f5c9642L,0xff5bfe973e368b84L,0x00000000000000adL },
-      { 0xa3efae21492b0deeL,0x2143e9ee9602c2ceL,0x21367c996f3b99e5L,
-        0xdd78b2b0e93b8f59L,0x8d541c381064c13eL,0xe6b970daf5738e7aL,
-        0xaf6ecc168373b1a4L,0xdbfa3f4f74ae208fL,0x0000000000000180L } },
-    /* 76 */
-    { { 0xb024621a907a6aa0L,0xef56cb68407879f6L,0x44c38b688168a934L,
-        0x70d638d39b9a9048L,0x6968caa082541f20L,0x0c5970531fc88b50L,
-        0x5564ded5af635784L,0xe7e898c7c4d494cfL,0x0000000000000097L },
-      { 0xe1dc98d96b6ebb2fL,0x292a17fc7aa9e126L,0xb60f0fdbfa2a2c68L,
-        0x9c63270cb2e1851bL,0x898db26581ca4cfeL,0x94082638b11959d5L,
-        0xe44f308ea54b8d19L,0x96399eb844e63094L,0x00000000000000d6L } },
-    /* 77 */
-    { { 0xfa00f362b83769eeL,0x72d040ac3efc4cb3L,0xc393388957abd687L,
-        0x62264425940a7128L,0x909c4c8fec242a31L,0xd1e48f1e65a1a551L,
-        0x68bd70f1049c2172L,0xc8692d2b709b7fd4L,0x0000000000000041L },
-      { 0x4e388aa1df816784L,0x4a58c8a501be75ceL,0x9b49dffb02a67812L,
-        0xa73299e0eda721e0L,0x8a0bd1f5e67a65ecL,0xd81e91e8856c71b6L,
-        0x37aee2f4c005aa30L,0xd94007500595bbf2L,0x0000000000000073L } },
-    /* 78 */
-    { { 0xa912ac4a010c0ef3L,0x0e654bd84e81b1a0L,0x8f0563dc4f353509L,
-        0x10dc41f3b47d189aL,0x122edd06f238c09cL,0x224c16afc41acf67L,
-        0x1ccb933483758520L,0x1a4b5f292275ae6fL,0x0000000000000127L },
-      { 0x792fd4733ce688b5L,0x14566d37dca9c68bL,0xfce9326e541711d0L,
-        0xe3ba14ee3cc341a8L,0x6b8ab4cc2122c11fL,0xc0fa763bf5d379b5L,
-        0x95e2d2aef1522f91L,0xd4e21b3d31cf95a5L,0x00000000000000acL } },
-    /* 79 */
-    { { 0x4013a7791d8e061aL,0x62707e70acc84a30L,0x6ac08266eb2f636aL,
-        0xe917ea2177b25c9dL,0xddb78bbd70ff35cfL,0x5008db2b041898beL,
-        0x0f58a4fcce0ae445L,0xed0923972257d0e7L,0x0000000000000043L },
-      { 0x2cad77b3e2e129e6L,0xfb8c4a870f1be4d7L,0xaee50dff20056333L,
-        0xbc2658c12a691543L,0x95dc0ccab8fe2640L,0x694eb5841965a0afL,
-        0x7d3baa53edd1d99eL,0x2df13b208a1edc87L,0x0000000000000083L } },
-    /* 80 */
-    { { 0xfead2247d181c3f2L,0x915d35bef337b23fL,0xdb4cfcba74890672L,
-        0xe4f70d8ffda7a3a1L,0x226b641979275686L,0xe80408636ff1f79eL,
-        0x98e84b39cf5fa4e8L,0x57aa0be9d8a09f60L,0x00000000000000daL },
-      { 0xd40cecf54efcea66L,0x98df2aecafc76faeL,0x63f19a48c91585a8L,
-        0xb111bda713f00aa5L,0x6687afab44b5cb9fL,0xc6d5fb12652620d1L,
-        0xaf953f1bbacb35abL,0x99709370ff94c4d2L,0x00000000000000edL } },
-    /* 81 */
-    { { 0xac9f56e068b54c89L,0x08ecc17dce737c22L,0x208ee83fab089b53L,
-        0xb0f3a129543fbd1bL,0x1b204cf8844dd706L,0x80975c89dec2e40dL,
-        0x08b011ae9399914aL,0x6b4ba17074674df7L,0x0000000000000017L },
-      { 0x71216ea98fdfc175L,0x77b7fc637e0f5b0cL,0x88d0285fceb33a34L,
-        0xb679814f0223eab7L,0x9078720b51c6d922L,0x5859d5a49c13f51dL,
-        0xe69f850bfaed60b5L,0x2499a8446d0ccab2L,0x000000000000005cL } },
-    /* 82 */
-    { { 0x41d581fb73e7bcf1L,0x16dde61cdd3c17beL,0xc62997ecfa199fd9L,
-        0x1a758873c159db97L,0x4ed7789664132830L,0x9672ce892942a918L,
-        0xf3ee4587816ba4bbL,0x4fb7a148ce54dd7fL,0x0000000000000123L },
-      { 0xf05d80aff009be8cL,0x62e938d778df1ba1L,0xa7e22e84312de620L,
-        0x48d29e7f6070c4b9L,0x5cd9c3eba1b5da37L,0x1e51bd2fa4717453L,
-        0x94098ab056ab9e67L,0xbb584abc49f7c6a1L,0x0000000000000049L } },
-    /* 83 */
-    { { 0xa9f255301ea470f7L,0xa01bf808e9254e30L,0x098569ea71a0038dL,
-        0x0d2b2ee15913ca87L,0xae17004bb8281fdbL,0xdb5c6eb0118e5c2aL,
-        0xa56ac64c1fa943abL,0x1aaf64771a92d501L,0x0000000000000053L },
-      { 0x9679ef4906345730L,0x946aaa4e846f37c2L,0xf81726b01a7c3aabL,
-        0xcb808da28166df4eL,0xe9fb3fc24e04dc3eL,0x9e0b61db76ec19b4L,
-        0x6e7f665eeed6d13eL,0x70ed8c0786a75384L,0x00000000000000e5L } },
-    /* 84 */
-    { { 0x66456e58108ce13fL,0xb5bfc58d0e397813L,0x04b6a84bea3949e9L,
-        0xea9b66bc75af667dL,0x7cb4d6dca891566bL,0x1b3cecf0bf61595aL,
-        0x4312c73d002e2520L,0x81d768986135a5faL,0x000000000000014bL },
-      { 0x4047bc25841078ecL,0x75aa9c96179c454dL,0x6a1606094851f8fcL,
-        0x998d4e3ece34091fL,0x9a9f670488e54102L,0xbf280f885da8ac5eL,
-        0xc64caca08fec230cL,0x0ac864b05094b775L,0x000000000000002bL } },
-    /* 85 */
-    { { 0x6b606e398f5daf7fL,0x4838548910927506L,0xa2255c5c08c58a72L,
-        0x2f362fd0c90f3ee3L,0xc9633af408795f02L,0x71710bd10425f5aaL,
-        0xc2017e05ec06dbfbL,0xd9c7dc82c1b8bbcdL,0x00000000000001c8L },
-      { 0x7db41fdf18b8bed9L,0xe9483308e3a23125L,0xbcf91de77291c4bbL,
-        0x9b0b972b41448aafL,0x95dfc633c44da462L,0x90b9c46301bf50a2L,
-        0x18b66f77869e3131L,0xa8a4e2fa121baad9L,0x00000000000000f5L } },
-    /* 86 */
-    { { 0x8ca55109ca0251eaL,0xf2aeed8b27a6c9b0L,0x901a8beb5620f528L,
-        0x9a8421e8ae13fc56L,0x1349f1c485993c07L,0x29e083590d1ab0d7L,
-        0x96e2929baeb5d909L,0x96c2f1f8f599a66fL,0x00000000000000ceL },
-      { 0xe4bc4b5112be8bd7L,0xf4846a0f3c67e99bL,0xd89cc7d34d3a3864L,
-        0x1f64711273f43981L,0xc32bc32426dce567L,0xf7134ebff02b096bL,
-        0x5604f00b0d0682b7L,0xfd23d7eae3ce8b59L,0x000000000000011cL } },
-    /* 87 */
-    { { 0xf89646cca27689a6L,0xd6a7dc435564172bL,0x30bda48eb57cbfccL,
-        0x9b11fffb5b1adfe5L,0x9f2d80db711d8bf4L,0xe879fdf0b70e5a5bL,
-        0x975341836bd18a1dL,0xc8c526bd8cbfd504L,0x0000000000000114L },
-      { 0xd5fe725bef7388bdL,0xf1c3dbdfe7ffaea7L,0x78395b897e6de2acL,
-        0x81a72c9a9ebf1bfbL,0x6526570769785146L,0x3925ecd9f52670afL,
-        0x437bcdd283d57d48L,0xb5d732a7c80ecb02L,0x00000000000001ceL } },
-    /* 88 */
-    { { 0xa7f9fccecfd376d7L,0x6b4eab3ea66b084dL,0x6ac90d08d5b91bd8L,
-        0xaa3d5b7e8aa304d8L,0x27f3d42b7f866a4fL,0x95d19fa8bb813ae1L,
-        0xd38798d7e34a9206L,0xdf7c0a69a32c1cddL,0x0000000000000073L },
-      { 0xbe2c01bb38315b16L,0x1daa7c899e18c8f9L,0xa3d43fb408b6b853L,
-        0xb159e48c68092a81L,0x77e93d9e836faad4L,0xd4ed6361a4699730L,
-        0x569cb3f66297e476L,0xb69d8183e7811fa6L,0x0000000000000185L } },
-    /* 89 */
-    { { 0x18f27eb3ab9cb764L,0xbbbefc218ebc1d6dL,0x47760ddb0479aa79L,
-        0xb4d16d2409e542f5L,0xe35c38d1bc699b96L,0x13b2ae258c8d8c8aL,
-        0x8579c15267a3a45dL,0x773b73576c554c04L,0x00000000000000d9L },
-      { 0x9620a4730218c299L,0x69be29b399f78a33L,0x4684a009484f414fL,
-        0xb2c749379a2ca4d4L,0x09c0773e68db7ab3L,0x6181f059935c357fL,
-        0x0931303d8b7de3f2L,0xf3effcd0e0fb6e08L,0x0000000000000060L } },
-    /* 90 */
-    { { 0x723c14beb25d6530L,0x5e015b399a97d40fL,0x209c3c4bfbf7f622L,
-        0x83d8c59c14b4f0f1L,0xcf002fde3f7e8ecfL,0x35d353c91eb1ef0fL,
-        0x394c42a5201f0c60L,0x787128ab7be8ee34L,0x00000000000001b5L },
-      { 0xa0937d3ab70110cdL,0xe0fa4efc477911b5L,0xc6acaf5bc53a4c19L,
-        0xbd3010f338d509f2L,0x3ee2a82be54ac1c6L,0x31ea67c3e4f2a3bfL,
-        0x7a4ca66ef089c7b9L,0x5bda2c4f34a2362fL,0x00000000000000b0L } },
-    /* 91 */
-    { { 0xb424a071d1f575cdL,0x15693b01a5237182L,0x141336029a2c9d40L,
-        0x50c4348b9c914a60L,0x9024573d095b31c1L,0x6f975fd222fd4962L,
-        0xa1704886e210b277L,0xac29b8136dba937bL,0x00000000000001f6L },
-      { 0x09edef55775da491L,0x25953f9e2b6aad82L,0x6696a1061bb40d5bL,
-        0xcfc453114d5127d8L,0x2f21dca981ead062L,0x3f3e4f07af3b7123L,
-        0x12cd06b89646f20dL,0x241363696910f5bbL,0x000000000000015eL } },
-    /* 92 */
-    { { 0x0c844fd03ecfc44eL,0x4095f2c85043b3d5L,0x9a5fe7dbc9bd059aL,
-        0x239328faf65becdfL,0xe3102471a67961cdL,0xea9e39bfbbb5dfddL,
-        0x8022b6d0133dc5baL,0xbed7aa9b5f12c379L,0x0000000000000141L },
-      { 0x096f0059fd94d941L,0xfc6e9f007d4ff018L,0xe63af598779f05e3L,
-        0x4c40f0b300483c99L,0x04d2feef72a19870L,0xdb773b5b464a4a71L,
-        0x00b6770f49367f1eL,0x4f7e03012a9fbd2aL,0x0000000000000169L } },
-    /* 93 */
-    { { 0x0df5dd738a9095fdL,0xc4b7a021d3ce857aL,0x90aa796be5edc767L,
-        0x56497eff180a0808L,0xb9856e1f66f10aabL,0x3129882439879766L,
-        0x61748cf73ba80601L,0x07d9076c555da929L,0x0000000000000012L },
-      { 0x0b049a011c44394dL,0xf5f25ef70ce49e45L,0x1e3a09f0b1694265L,
-        0x2c5bd9fe109b33f8L,0x07f2a43fa30932e4L,0x736abfcac6cf8af2L,
-        0xadf7fa04f3366722L,0x2f1e92fbfa9d26b0L,0x00000000000000e0L } },
-    /* 94 */
-    { { 0x9524e4a663be4d4aL,0x1fa57bed66f3cc91L,0xdd7c93fa7e7a7ccdL,
-        0x70e8cf6a88c5d1d3L,0xb257997a3f251f1eL,0x0a5ec58ee3554cf5L,
-        0x68d268d7065a7109L,0x7c23d4d2085089eaL,0x000000000000004cL },
-      { 0x63ae575bbd52d132L,0x0fb8daa738c81cc5L,0x096a6e51e4e63b99L,
-        0x51d6b366b239d387L,0xed5f8874a5d49fedL,0x025091d943a8c07aL,
-        0x100f845ae4686ae2L,0x1af59d747eb4ef5aL,0x00000000000001c2L } },
-    /* 95 */
-    { { 0x5f7bc01edd441308L,0x0dc3494486308890L,0x2af38a74759611cdL,
-        0x11a712614c23ce66L,0x37f317b5f8bafed2L,0x4efbb9ff4c93e079L,
-        0x880f0edd8ecc52cfL,0x480cdd2cddc9d82aL,0x0000000000000028L },
-      { 0xe8f1ca0dc3f807acL,0x6a3e4fc2bd070549L,0xad3d0a1491f8bb6cL,
-        0xe3ee1cfd3d6dfacdL,0xee46b1b95fb46ffbL,0x5207b3ac7dd5cfbcL,
-        0xd580c0d9b1b8e8b7L,0x52c669f4c7bdd11aL,0x0000000000000084L } },
-    /* 96 */
-    { { 0xa42b4747c0ace6d5L,0xd5acb64bbe7287adL,0xf330489989bc2614L,
-        0x817fe836ff05c71eL,0x772eb246d35ac450L,0x7f5fc216375a9c3cL,
-        0xfb6f9e1acbc0d6fdL,0x7643c315720e9733L,0x000000000000009aL },
-      { 0x4b2216b4f3845ccfL,0x9c174e8090bc05bdL,0x7a550c74d6049037L,
-        0xbd7220a16358c806L,0x838f9c41aa677b6dL,0x37332c1966e2e08eL,
-        0xb032875e496f6da5L,0x52b274cf9c30630dL,0x000000000000000cL } },
-    /* 97 */
-    { { 0x6ec2e7828ea58bebL,0x2b404c1d3665fa48L,0x546d5fad20b40ff0L,
-        0xfb5df7b629d3e6a5L,0xf186846d66c81991L,0xbe690bde6e2cfe3eL,
-        0x97aeb9a01410d16bL,0x59d81548bacc8e92L,0x00000000000000cbL },
-      { 0xd905d3adbaf66a23L,0xc333738740dfb081L,0x6d5535de4b00f432L,
-        0xe17fe8e807d3a03eL,0x29544ff7066bca80L,0x60c2b96cbadffa55L,
-        0x9f018d9445a26ea4L,0xd543816724a34ffcL,0x000000000000011eL } },
-    /* 98 */
-    { { 0x62a873fbbd7f8a61L,0x5e18cd71bbe580bbL,0xfd5c9eb3667f6980L,
-        0xab8d4f61571d3dc0L,0xe2e45215783f9bc8L,0x36c3774b24398b14L,
-        0x2db4a36374d811b5L,0x9f7f12972debe3c3L,0x0000000000000138L },
-      { 0xbb97f21c798fefb2L,0x9c76fcb5107baa72L,0x12fbf760fadbb568L,
-        0x1a648be7d33ea6c5L,0x412a2993236134a5L,0x4a3d81698985893bL,
-        0x6144958f3e66ada4L,0xb4dfc79b7687b457L,0x0000000000000140L } },
-    /* 99 */
-    { { 0x83b145707abe5bb9L,0xae0cbfd8e51d81beL,0x20dadf49c9827affL,
-        0xc3a72548a687b554L,0x080263fbeeb41733L,0x7014fdc3d3827c63L,
-        0x7d018f84b5e3b70eL,0x1d483e00fbcf7168L,0x0000000000000015L },
-      { 0x154e3c7c6b578aa3L,0x511ce9b5d3043daeL,0x55f89e9bb6008101L,
-        0x4ec31112f405ac6fL,0x7e66a4d82008ac7bL,0x73c00d3925c52fa6L,
-        0xee1b99988acac2ebL,0xdfa31d9560b57453L,0x000000000000008fL } },
-    /* 100 */
-    { { 0xcc74a0e0251cf8d8L,0xd4d8949d041f2bd2L,0x0b734a4933ebce52L,
-        0xe1ac5f515c5bcdaeL,0xd3ecdfcc16200b93L,0x2506a266a793736eL,
-        0x585a1c8bea6e6940L,0x081cdd539190f935L,0x000000000000000eL },
-      { 0x055f995653e28412L,0x0d1526f2db27164bL,0xcd5625eb1df3adc7L,
-        0xd2c453cadd35deddL,0xed442849a838ffe2L,0xad20c1375c0ce589L,
-        0x2d5fba81bd99b609L,0x5be41dcc622efb07L,0x00000000000001adL } },
-    /* 101 */
-    { { 0x563af6678f850756L,0x86d37aae52f3b597L,0x10d38a53796842f5L,
-        0xcdaaf99ff743f997L,0x2fa755e593f1a8baL,0x1af04e15409f7cd9L,
-        0x63bf9a0ad6d0650bL,0x67b1cead55abfd9aL,0x000000000000000eL },
-      { 0x3660a8e0b5f43178L,0x56bd412d9cc35b33L,0x3d7bfa63880f6808L,
-        0x7f372d662e622c71L,0xad7b7be76ff82445L,0x0f2bde808db04e51L,
-        0xe1e781fe4bd15c8dL,0x1f475bfbb8e502f2L,0x0000000000000194L } },
-    /* 102 */
-    { { 0x79482bf9d63543ecL,0x985cb67ca117ef3eL,0x8ac50638160ccc63L,
-        0x556cbed5729bdc1eL,0xd62ed97da22686dfL,0xb124cb5fc81eb77cL,
-        0x4d7b4f6672fa2ed9L,0x60b29aa778335b96L,0x0000000000000172L },
-      { 0x21bfc7b6a43df7c6L,0x85acac23bc20706cL,0xeb6f37bc345d9580L,
-        0x9d8f20d2a32a08bcL,0xf08924f6d1953c5eL,0x7d25d7c6c4f680d0L,
-        0x64e6a2372de9912cL,0xda1c06c452ce644cL,0x00000000000000ebL } },
-    /* 103 */
-    { { 0x26677c5c411dd110L,0x0d6787aa2c991c4aL,0x53be6a41a45666d6L,
-        0x73e716aac15f9f15L,0xa93b863f0e0cc7b2L,0xa40571172a624ab0L,
-        0xe5e7656e1a39c260L,0xaf8d78b52ef6f130L,0x0000000000000046L },
-      { 0x796214b170f38dffL,0x3e35d828123a1105L,0x046a44d4957ed812L,
-        0x618fa9ba0da60161L,0xe7cdd2a554f84413L,0xf1c2563e19ea95abL,
-        0xc4459e14cb2a30b4L,0xc748add661ff9aa9L,0x0000000000000183L } },
-    /* 104 */
-    { { 0x32981f399de58cafL,0x05bb80fd8753ea64L,0xc83f9f242d119486L,
-        0xf490cf0603eeb00aL,0x4037f2517c73d79cL,0x844209fd724d461bL,
-        0x6b03f6d2272420cfL,0x6f4bd29eb3438fa2L,0x0000000000000152L },
-      { 0x964d034ac389e51cL,0xacda55e96db7d98eL,0xb2ae97dee913c583L,
-        0x0793077bfeb03440L,0xaa16e3789d461e29L,0xb0a67533043bf8beL,
-        0x9d749a42ba7d8c3fL,0x7c41e6d66bb925dcL,0x00000000000000ecL } },
-    /* 105 */
-    { { 0x2e9b345dc5da8398L,0xbc66841fbb38c430L,0xce3ac5627c3bb47aL,
-        0x8fbeb12b738d2cddL,0xd4bc2ad768731185L,0x9521db1cbbd4f4f4L,
-        0x2a690caefe4e1b0eL,0x375215eb7bfebe3eL,0x0000000000000194L },
-      { 0x4cb234f12edfd661L,0x0149984eed52c1f4L,0x32d27260d8f8f98cL,
-        0xfe76e4e47be38590L,0x5435873d95e8b672L,0x916c397ff2b00e82L,
-        0x3b9bf705bad61eb8L,0x7ee90182ae131bbeL,0x0000000000000000L } },
-    /* 106 */
-    { { 0xd36fea9e93fbcb5cL,0x382be5839fa8529bL,0x0b243125fd611ba0L,
-        0xa59ae37fcd8a2637L,0xab78c60e3d8d4704L,0x1bac243d44c41b79L,
-        0xc4001feaeda49cc5L,0x988ea44a83dc7e9fL,0x00000000000000f6L },
-      { 0x4d90caa4f077f79eL,0xf4d17601d9e2590dL,0x11debbb3d21b4b77L,
-        0x031b3f609037e1b6L,0xf113ed82135becf0L,0xf6c01379f2903ddaL,
-        0x36bde7caa6f19296L,0x57d3b6849dbbad85L,0x000000000000006cL } },
-    /* 107 */
-    { { 0x963fee389abfccb0L,0x6c6e2a24b9676e63L,0xf8768f0284ba6d27L,
-        0xc38ba3ba465853d1L,0x6e3ab36d1b8ab9b6L,0x01fc974247a07331L,
-        0xfdd4171825233f32L,0x4dacfa81ac61de7aL,0x0000000000000021L },
-      { 0x365a9f37eaa3198cL,0xcbe8a345fc8b99d5L,0xa427f12ad4f5ecbcL,
-        0xe841ff600c237514L,0x5d9e8c5a28a27b05L,0x2d37744462859ff3L,
-        0x1c0460ffea8bde37L,0x0a0e49a129cf5bf8L,0x0000000000000181L } },
-    /* 108 */
-    { { 0x688203af45843c3eL,0x4601e303aabebae7L,0x397b08f3624df62bL,
-        0x5687348ad21e5aa8L,0x2cf12c739a242b0eL,0xc848ed0132a76c6dL,
-        0xb72aa1c2f52751a2L,0xb63296c392c02d05L,0x00000000000000f3L },
-      { 0xce4b42adc6f3d1f0L,0x2f0dcc532f532b94L,0x5781333583443d9cL,
-        0xb50118eedc8dd9cbL,0x3039e1a5ee87192fL,0x9977267d557419c2L,
-        0x462efa4c30f96b0cL,0x454fb7963cd3c35aL,0x00000000000001f7L } },
-    /* 109 */
-    { { 0x10f281949d153926L,0x42e28c9182b57548L,0x4b423b30509e94c9L,
-        0xc5acc52ade9d6b57L,0xaa746c398b3ca314L,0x0f4ea307c63d5bc5L,
-        0x425553a2e1ccc989L,0x271198bff76d9194L,0x000000000000008eL },
-      { 0xc7900e463c8e672bL,0x703675cd3f2dfc27L,0x704951f7af2163c9L,
-        0x74d699087aceaab0L,0x482f21a97e8d2369L,0xdcfbc1dc813dc115L,
-        0x0ce2bc8004f6cd13L,0x2a54662c82bfaff2L,0x000000000000003fL } },
-    /* 110 */
-    { { 0x0dcf41e61588a8bcL,0x6f48cd0e210c52cbL,0x338562bd758e7a45L,
-        0x1600d54b48b9b957L,0x461df80ba6b89b9eL,0xf7fd4f17098cc82fL,
-        0x167f01cd14977147L,0xb13385116116c5f9L,0x0000000000000048L },
-      { 0xdeb763335d2617f0L,0x3f9a57726ecb8606L,0xa93c032d1b91fce9L,
-        0xf7a4388b6c84b997L,0xbfe80225823ca5beL,0x6f19c02835a32f6bL,
-        0xf26cd5ade3cb5c58L,0x7f5ddc776d0c1dd9L,0x00000000000001e7L } },
-    /* 111 */
-    { { 0x3c9feec86ee764c9L,0xd1bec836b07c82ccL,0x6bf1b2e6a005b142L,
-        0x70ef51a329e8a5eaL,0x517d298e3ffe241cL,0xbb389e2872966c28L,
-        0x3a2da8a92c7acc76L,0x902c9126732a21b5L,0x000000000000004aL },
-      { 0x96c51b9c8f7ce110L,0xdcc33a87aeb036f1L,0x826950980a6a59e2L,
-        0xceaf26a7e78db500L,0x82f3c384c95bb030L,0x6dd6e9f724c42f42L,
-        0x768dde2970ac4a0aL,0x4aedce4b03d22efcL,0x000000000000016fL } },
-    /* 112 */
-    { { 0x077f032aeded03c0L,0x2684a052588ddd4dL,0x6d09bc4f9a85be0fL,
-        0xbdda0c7fe0b9b6bbL,0x19689c7ef2fb5887L,0xf8a96960ec3cce7eL,
-        0xb043d9d5768d2ae5L,0x29c8081bdb21219aL,0x0000000000000068L },
-      { 0x6bf872fade59f006L,0xc2b9ffc6cb97ef5aL,0x371915db58ae7ef8L,
-        0xc2e23ca1f4ccaa1fL,0x1af8c60e89c27cc4L,0xeee5d7e7c86bdcc6L,
-        0x9225b47f9bd8de43L,0x53e7f4634b24f08bL,0x00000000000000b4L } },
-    /* 113 */
-    { { 0x54c496d0e3048bdaL,0xe2b6749943c3de4eL,0xac2049f74c2d509eL,
-        0xb01f691e543c5089L,0xcd9960a3105a365bL,0x34d93ffe78b17049L,
-        0x029f99b3f82c9467L,0x785c5ea20161a755L,0x0000000000000091L },
-      { 0xb455f978953dbdb6L,0xea9e84d997eca19fL,0x473bd02936d4d75aL,
-        0xa9c17ca8c15276faL,0x9cf6613347c76356L,0x4a68360b039738d2L,
-        0xd3e430a869733609L,0x0ae532dee2b27f21L,0x00000000000001b4L } },
-    /* 114 */
-    { { 0x68110e825164cb8bL,0x6979af4f2552a67dL,0xe10d6d0e8d185527L,
-        0xcf6c5787fb64eac4L,0x8408163bac424592L,0x5d8fff37fce0d810L,
-        0x8b284e49da84c15cL,0xed80556732663ec9L,0x0000000000000010L },
-      { 0x106f403051f3ee9eL,0x2e8e3ee9b38adf1eL,0xd3c87a6ea13d6449L,
-        0x27b49f4580e1abb1L,0xc283d1790bfd7298L,0x8fe50fa5afc7a35fL,
-        0x773da545ade3ad4fL,0x78bfaae4d9a21df2L,0x00000000000001f8L } },
-    /* 115 */
-    { { 0xae60d8e8abad5678L,0x0afa72cee600c25bL,0xb9d4e0b44c288e21L,
-        0x64447f76d254cf9fL,0x1fb36bc4959e2ba5L,0x393c44d72961132cL,
-        0xd7a8881ffc140f19L,0x27a861288d096648L,0x0000000000000091L },
-      { 0xb536c0218a9e690cL,0x85dcc521eab4fa15L,0x09af4423b00ee54cL,
-        0xb3793525af3a8e48L,0xe1f36308b7731d85L,0xb5361d78141cfb55L,
-        0xea41f29eeffc4529L,0xcf5755b19f7d2634L,0x00000000000000e8L } },
-    /* 116 */
-    { { 0x01edb80dd212b398L,0xd0396181d53dd373L,0x0e0860478a52fa95L,
-        0xad1e6432a7825e6dL,0xe0185bc5330ece4fL,0x508f7313b078936fL,
-        0x1dc982fd9e7f6ea3L,0xdbf3a602d5556b60L,0x00000000000000e8L },
-      { 0xc3763234279e05bcL,0x7f5f40ecf44453d3L,0x310c5f4d7fa30793L,
-        0x5cffad36108d7e22L,0xf2f01ef3c2a98bbcL,0x30ab1719d7d47f80L,
-        0x7bc9f918a9b22e1cL,0xf53dc52ae834df94L,0x00000000000001f9L } },
-    /* 117 */
-    { { 0xf266b49ec183f89bL,0xd3fb5f025f5806d4L,0xd30a42b594ec3080L,
-        0x4b6b1940371cd917L,0xf7541aabb7f7e26dL,0xe55269eb2d5b7b64L,
-        0x0e1a85c17f8036c5L,0xa0ff0f22da5f2675L,0x00000000000001ceL },
-      { 0x602bd56a3a8e11f8L,0x29864021f5f9ab54L,0xc6742c5a0ccc92d7L,
-        0xd64569e6523f650bL,0xc8e4681bf7fabfb4L,0xb4275947c3c9e6cbL,
-        0x2b3952d538f5ff20L,0x818f8e381f04aea2L,0x00000000000001b0L } },
-    /* 118 */
-    { { 0x3be5bffae50d90f0L,0x4cb3b11bf5011cdcL,0xe10ca711a691dfacL,
-        0x62ec211d4ea1a773L,0x5a979ebbe586eeb6L,0x4df16ab1a0c2f1fdL,
-        0xfe9e3f7ec57bbfeaL,0x1b05960e5ae526f6L,0x000000000000015eL },
-      { 0x1c8e04a58630e62eL,0x3d00310e6447e1b7L,0xcf1e6b6143b4447aL,
-        0x92abb8517462e7a3L,0x8309ea080002724dL,0x1d805d70e45296dfL,
-        0x0f3849b33d4ed812L,0x2d6bffbc6834d44eL,0x0000000000000096L } },
-    /* 119 */
-    { { 0xd13fe58d48e07711L,0x70f83648d270a3b2L,0x1517892d8cdff04cL,
-        0x15bb657851411f14L,0x6c31cd903e4f8a55L,0x73f871520413362fL,
-        0x2fe025eeeca06d4dL,0x32a6e417954e317fL,0x00000000000000adL },
-      { 0x7e38c63f69d147dfL,0xb69bb06e710bf37bL,0xb94debef28d514deL,
-        0x4b2307fb8d11c3d9L,0x3b369df90385c604L,0x68ea2f49e7800e83L,
-        0xf028b2587d501c1cL,0x970782215cef7818L,0x0000000000000055L } },
-    /* 120 */
-    { { 0x10c351db54c1d751L,0x81445301ba0f9512L,0xa77eb34fbfdc8bedL,
-        0x498d8138cf23680aL,0x928c14a4e04f2860L,0x96192dba16a5b6daL,
-        0x49dea95b5f9a9103L,0x80dd457801724102L,0x0000000000000085L },
-      { 0xe90725000e09221cL,0x62e05b21f21de056L,0x448cafa1e0e60950L,
-        0x657fb97b6f775129L,0x5d2991bdf1f34acaL,0xa66cd5ac49ff15d6L,
-        0xdc1d6897d049ec79L,0x388fca84e72baea8L,0x0000000000000067L } },
-    /* 121 */
-    { { 0x6520b49da6ef1dd3L,0x391a045e3ba6cd76L,0x9c84980af33d5f48L,
-        0xe53cf5b2ef07474aL,0xa35b2e9a78bfb1eaL,0xeca97fd6eda906faL,
-        0xf1a937891b9f2cf4L,0x667533693ab28589L,0x000000000000010dL },
-      { 0x5b51049673691fafL,0xdc73d3a9d57ec618L,0x7e2921bb930a8525L,
-        0x094f571e40b05b69L,0x5e96a017413bedcaL,0x9e7d4f728d1a6b98L,
-        0x55143fda3eade8b7L,0x859b8444d16e454dL,0x00000000000000fbL } },
-    /* 122 */
-    { { 0x7c22083e7c667aafL,0x33545cb94a91ccbaL,0xca1e99318ca0e94aL,
-        0xc3afff23e4eaa0c7L,0xa21ac43642f56844L,0xfcc68a8b60d52d0bL,
-        0x401a585b6a9301d4L,0x547f762c907abce1L,0x00000000000000a3L },
-      { 0x63dd3ed3fbe260ceL,0x2717752d80dc01faL,0xd5fab75d6f1da3e4L,
-        0x5f16864a5261f10eL,0xbe7b1f63d20cd6bbL,0x9d638c10221ac656L,
-        0x3137b8f6673b918eL,0x23eb44384ada2fb8L,0x0000000000000174L } },
-    /* 123 */
-    { { 0x194e27c42a1fbcf4L,0x4c0d285b5facd5eeL,0x75c2ebdd915e6607L,
-        0x1e696510ef0a6a9aL,0x13c5afa1067cf458L,0x2be013c17bee1fbaL,
-        0x85a406d6dad279e7L,0x0042951d5142cf59L,0x0000000000000031L },
-      { 0x6a735ec1a22bbc45L,0x4ee5391a7f56f4d8L,0x305af9d0236001deL,
-        0xa8b21851aa2f8d25L,0x0e2c36d8187db78aL,0xcfcc083fa1a888c3L,
-        0xb91dab7fbd3e7d5bL,0x62d85460f4fdd023L,0x00000000000000f4L } },
-    /* 124 */
-    { { 0xf568ba024972d703L,0xfc44ca1d39098a03L,0xe9b8e542ae28c855L,
-        0x4fd4f3605b1b4536L,0x2e08b07b4c7f7e48L,0x042f3b982230823dL,
-        0xc9ffd3131889fd13L,0x56af0652c6c68359L,0x00000000000001bbL },
-      { 0xedbf05e206e0f16aL,0xfc1ac2fad74644a5L,0xe59a0a980f92c71aL,
-        0x13ae37d736c800a1L,0x5f20efc6236178dcL,0x443a58b82b46ef10L,
-        0xc9517dcf442509e4L,0x7d0bb415640ed9b0L,0x0000000000000166L } },
-    /* 125 */
-    { { 0x3aa30a613d22842dL,0x8c6e00f5b3c4ece0L,0x8764cf876df82b79L,
-        0xda92d86d78d208c5L,0x0a52d391e788854aL,0x499b26fba59b0994L,
-        0x5dc133ad04c5fc9aL,0xa5c0926934e3f134L,0x00000000000001ddL },
-      { 0x6f0dcac2fad6d673L,0x6d8fdf0500f3b3feL,0xece71941631756e9L,
-        0x3990f4930a4d80e3L,0xf2aca93631d13001L,0xee91966c75581638L,
-        0x6df0f574e6dd5679L,0xbe124868ccd71cdaL,0x0000000000000111L } },
-    /* 126 */
-    { { 0xf644c726475cc1b4L,0x915fc2f92b73978cL,0x65a7e6d10e3d7eb7L,
-        0xbb44e21af40c38e0L,0x988662b9e1ad24fcL,0x270ba4ddc35606e5L,
-        0xc3834a2c1a4f93f7L,0x93d0c9a23362a4d7L,0x0000000000000021L },
-      { 0xe2cb7b8cf769fd7fL,0x1815da9789a213b9L,0x7b4f8c566b910fefL,
-        0x2088b30926931438L,0x477b71bd925b37c0L,0xa049a92126a640e5L,
-        0xd3ddf1bdfd21c6efL,0x9b5f9d7d232a56b2L,0x0000000000000064L } },
-    /* 127 */
-    { { 0xd640adf8679a9c35L,0xcdad98e3cb74d796L,0x464b8ebb5f8e9dafL,
-        0x4738614ead4a073cL,0xbd86c0ee2edde557L,0x77331738576ce0b9L,
-        0x9b5d33274095fb96L,0x72f0aeb3ee09aeadL,0x0000000000000136L },
-      { 0xa388c76d64e54ba5L,0x63fe7af1dc474d21L,0x7fa3e9d1b2a77081L,
-        0x0447b49ede1240adL,0xd9f64b66c720303aL,0xb1c78029e6bd0213L,
-        0x1caf1c700aa03ea5L,0x179180eb3bb85d2bL,0x0000000000000103L } },
-    /* 128 */
-    { { 0xadbf4f9faf2ed12fL,0xce1d19e4f380fd8aL,0x0957bdb5a39e81aeL,
-        0xf9833321626ef6bcL,0x110ae5ea0cf5b28dL,0xab15945020392cd4L,
-        0x67c498876bc67855L,0xce7e5938a3fd61c6L,0x000000000000004aL },
-      { 0x59c5b9ef28c7dea9L,0xd02f95ba0a6a7184L,0x034dc2578202769cL,
-        0x213b0b0894dd6896L,0x03730b7fb5dea95aL,0xfe243ed0617ca889L,
-        0x16cf4d17fb1ba052L,0xd8691d6b226f96daL,0x00000000000001c0L } },
-    /* 129 */
-    { { 0xaa2edf3fbf8015c2L,0xe7f8236dc49502d8L,0xe890f6e0a6a43157L,
-        0x318ef325a2d04b0cL,0x9cc0668da809dbabL,0xdd26937ada67ca21L,
-        0x8f27c12c83febc49L,0x87b3db2f3c9b9844L,0x0000000000000029L },
-      { 0x37e7aed0fd2e3dc7L,0x498e8bdb7415fd55L,0xfc0d6c9a58a45f25L,
-        0x83d5baba209c85d0L,0x31ec8dc6d579e1eeL,0x1f4cad0ba502bfedL,
-        0xc432e6ce1f41bef1L,0x3b10afaabbffca65L,0x0000000000000191L } },
-    /* 130 */
-    { { 0xbd9f7df053053af7L,0x60304765b28a1cf4L,0x441778fc7ce90438L,
-        0x8fbed36eac8c5dddL,0x27b1313bfb59ec61L,0x9d2656ffa1b1becfL,
-        0x334e1345945973a9L,0x3261888cc362b595L,0x000000000000018cL },
-      { 0xf413a414aa7f6ff8L,0x092aeb883fab7c7aL,0xfa1d886b7cc307baL,
-        0xdc81c1252346100eL,0x93d4d27302140c93L,0xa1ed7e3ce6104835L,
-        0xe2b91ecfdf1795f3L,0x160dc11a369ed416L,0x0000000000000191L } },
-    /* 131 */
-    { { 0x9a72f46e8b57d7ccL,0x3140b0e54bf02386L,0x886c396e05b3a91dL,
-        0x1b9ab3a9a4ec26e0L,0x742feaebc50f58e9L,0x1592c60855e26af0L,
-        0x943cd476bb1cd9f7L,0x3ed97fd4c7f02c89L,0x000000000000017cL },
-      { 0x53b02503e6d54964L,0xd9bd1162c6a318c0L,0x18ff6cf49cc28c22L,
-        0xa45c784003534640L,0x8ea3335eb4cc0668L,0x7ad727f8f42dbe03L,
-        0xb157e911fdf6c3cdL,0xa7f894c9ec992d76L,0x00000000000001b3L } },
-    /* 132 */
-    { { 0x91e6e397af09ea77L,0x26a760b975dc25c5L,0x8c040c08b94a197bL,
-        0x041baca8b68ce619L,0xa19a0d155bd23564L,0x86ca5b94d977b33fL,
-        0xf31f87f8e5fbd029L,0xf76c55a6b1901f99L,0x00000000000000b8L },
-      { 0x175bf8c33846ec9fL,0xf462205c9deaca46L,0x92cb5ec0a3108df0L,
-        0x879db283cfaed928L,0x477dc00465049fb2L,0x48d24bac96ee5031L,
-        0xa7db6b1656adce45L,0x0110cdabab1c684fL,0x00000000000000fcL } },
-    /* 133 */
-    { { 0x151b66d84d308bf2L,0x99013c9fd6638004L,0x6892df92fd383bf9L,
-        0xa10efd843ffc8efcL,0x527e316c313ea287L,0x8ef6e3cd3a0df740L,
-        0xcb96e430f6ebd2a1L,0xc1ebecf2a70ee4ceL,0x000000000000018cL },
-      { 0x80d14ad71a70404cL,0x6ad21dd0f9ce2a30L,0xb94cbcde3aa3e072L,
-        0x0ab596116363a690L,0xe70bff45c6b1e2b4L,0x1296dd0b66ceec5bL,
-        0xd4cb2a74747757c0L,0x08988ca63d7d91e8L,0x00000000000000aaL } },
-    /* 134 */
-    { { 0xaa2dcfcaf8db0396L,0xe8ae8f37b422da76L,0x652f834996485724L,
-        0xf647c3c47bf1493fL,0x8b600b46b0247a4eL,0xabf3e4397aebda8eL,
-        0x2e1d231fa7958df0L,0x38e692b1f881bab2L,0x00000000000000efL },
-      { 0x1f3c168926cf3047L,0xdad14f9459539858L,0xfde85d1c293f20b6L,
-        0x2ea5436ef57abb17L,0x0d1a8ffc1794de38L,0x9ba508e22bfecd2fL,
-        0x110f0a7fdb786042L,0x2ade6f647cde31f8L,0x0000000000000196L } },
-    /* 135 */
-    { { 0xc996a537fec78898L,0x0b39de72de0fa77fL,0xf6d076acd34cb08fL,
-        0xacd8bb82da78d353L,0x5fe804d3a0392cc1L,0xab7adedee581549dL,
-        0x883901a0c067c6d9L,0x5855ffa24ed93f37L,0x0000000000000191L },
-      { 0x29570e36bf9ebef3L,0xe21046a5df4b3177L,0xf9b89a95a6816b5cL,
-        0xadf39281288d0e11L,0xd6baabe53979159aL,0x411afee05c8fabb2L,
-        0xf192c3afe5c7af10L,0xaa72e81cd7dce37bL,0x00000000000000f7L } },
-    /* 136 */
-    { { 0x20fa3c0f16c386eeL,0xb33b0469d4c09839L,0x79e0d722876a3136L,
-        0x343c0a923c406c06L,0xef220e3e4debe27dL,0x09d7b1e1196f00eaL,
-        0x4a0f5dd824a9dcffL,0x53582ec599c1d085L,0x00000000000001e2L },
-      { 0xcc8ef2625138c7edL,0xdec431946547f88dL,0x2b6e53addd0a9488L,
-        0xeb9f1efa8257ebdcL,0xc583c6eb1f08c989L,0xf173691140163768L,
-        0x6282ff8bdbc20e3dL,0x26b810059cbd514eL,0x00000000000000d5L } },
-    /* 137 */
-    { { 0x2449522fa0025949L,0xb26d888f0bbd8945L,0x33442f5fe637216fL,
-        0xd8ec3b64472827f6L,0x91d8a1a399fc2681L,0x6d232ead68c7710dL,
-        0x8e5bfe2fe51b2762L,0x0f9f4fedfd109fa7L,0x0000000000000004L },
-      { 0x1952ea516b4a05e0L,0xcb0d48eef21c78ebL,0x64d366191997dfdbL,
-        0x0d11b2048b4c21fdL,0xa6f569b6be92303aL,0x2b8f609678c5e809L,
-        0x7226b5ab36805d8eL,0xd6cff180db349ca2L,0x00000000000001bdL } },
-    /* 138 */
-    { { 0xa49f8576943cc612L,0xc914319e832b31c7L,0x9225e297cccadebdL,
-        0x4918fb42b0619821L,0xaccb308425b1cc7cL,0x751d3347a646e5f0L,
-        0xeafb4aae590e3e22L,0x821460382c4a0008L,0x0000000000000151L },
-      { 0x3c2481dbbf96a461L,0x51c122e9b52a3ba4L,0x21c2858e464db08bL,
-        0xb1014b786d6a081dL,0x167d3ed4f533cef7L,0x6cfb329481545f7cL,
-        0xea46d31c449b7b9fL,0xcfad76139621c299L,0x0000000000000081L } },
-    /* 139 */
-    { { 0xef796327478a7f0eL,0x914183e2de17705dL,0xd24a26df572117e8L,
-        0x3cdb1b09b7cd52cfL,0x9e42b9fbad83c160L,0x6971d2ea709ef8c9L,
-        0x1894fc5b8ee54ccdL,0xf757b4e534a520fcL,0x00000000000000fcL },
-      { 0x5a5518cc86b62347L,0xec51c9d27bc2a928L,0x2eea2b052966727fL,
-        0xbc8a8e3a0ae43e6fL,0x80535b5e05ca066bL,0x91ffcdb18833986dL,
-        0x2f4a5bba32374cddL,0x08763a490d202243L,0x0000000000000124L } },
-    /* 140 */
-    { { 0xe498b9724efac14dL,0xb6f4bf8da79a9d3cL,0x0f1e8dbdd6e07c29L,
-        0xfac30cfd71771538L,0x4c91ed2271b03263L,0xbf93833519b455f5L,
-        0x76a5e789127092bfL,0xa97674e1b4813bd9L,0x0000000000000128L },
-      { 0x29b63c41583e5924L,0x61f9aff18f171d06L,0x2b45b3cdab227a28L,
-        0x939d5dda8a11ab70L,0x2bfb47b0e8db6971L,0x562379df0ec10805L,
-        0xaf5a648124ce1801L,0x8d98c43434f94abaL,0x0000000000000150L } },
-    /* 141 */
-    { { 0xdea9fe73cfffc80fL,0xe23e2e9bd43473f6L,0x27fb3ed3c9d37ba7L,
-        0x733766d27a3fc357L,0xd0db4cf38e04a03dL,0x8ce017522bbe0f43L,
-        0xd87eb719da986f4fL,0x6d1b50ae2fe6b037L,0x0000000000000153L },
-      { 0x371f5defda40bab1L,0x07d6a8af9b2bda63L,0x5e8a5c890d4aca87L,
-        0x4d72f0ff643ff8abL,0x9c4c10d94bf8ec2fL,0x36b0eaba0eb93e22L,
-        0xbc4b0e8f1d2dfd01L,0x9f252e5a9d34a082L,0x0000000000000142L } },
-    /* 142 */
-    { { 0x4affd4c17d0e7020L,0x9b169aaab5482168L,0xdbe01708588f348fL,
-        0xdaebf6ff885986bbL,0xb33987f515f9c381L,0x7e455f2c04a94a7bL,
-        0x39a41442a0ed6849L,0x1c1ad4a61ef7798cL,0x0000000000000154L },
-      { 0x7647b628072709c4L,0xb330d68b8810e5feL,0xd1bd8874e92e0f63L,
-        0x144e4fb9f8bea9baL,0xc15afc188318981aL,0xe19c5c82b68c6a07L,
-        0x858c57a236e00b66L,0x9b25511007cb7aecL,0x0000000000000011L } },
-    /* 143 */
-    { { 0x121ced27c887027dL,0x6050f3352bfab286L,0x6e373c1c19d511e2L,
-        0x02d4c3a97f4c69f5L,0xe6f356af25226bb4L,0x3b9011c383e7ac30L,
-        0x43b0c23d33d8fdfbL,0xa8c390f7af2ea363L,0x000000000000000bL },
-      { 0xc430c3d67e851bacL,0x8991c389a5f544fcL,0x006bbc6467fba061L,
-        0xd49d024e97cbdbf4L,0x4539b7dd7734adadL,0x90ba8f9f28cb6d2aL,
-        0x7a9218304de4b3adL,0xb28732efa7b96928L,0x000000000000006aL } },
-    /* 144 */
-    { { 0x71dab52d22ed5986L,0xdeee627a58533e06L,0xe8fee37acf155fe3L,
-        0xcd61490d7ae8b132L,0x2706e18534a08b94L,0xa85ffd52f9c15c30L,
-        0xd5a224f351a5ad46L,0x44d1b6d554d700bbL,0x00000000000001e6L },
-      { 0x96830686862e4e9cL,0xfe5cd76c48763fe4L,0x60309679c0839caaL,
-        0xc0e4cbeb8d83d62dL,0x911e254e11bc4ae2L,0x96a0d7c864fca062L,
-        0xf5785dd5e9a27045L,0x2f4677d0f3e0412cL,0x00000000000001beL } },
-    /* 145 */
-    { { 0x4c0012ddab01a6dcL,0x391bd6c1ae1adb69L,0x3ae7daecb9b05079L,
-        0xc2714f9e62a1061fL,0x71978ee7a96536b7L,0xeec11bd05e17654bL,
-        0xc71166e0efab3dd4L,0x0f7aa57287edbf61L,0x00000000000001d7L },
-      { 0x26ea6f7d51eb5932L,0x354ea0aa5f882ca4L,0x175b60977739f7dcL,
-        0xd335192a9be57934L,0x9801f42378545eccL,0x32b8e2567b643c9dL,
-        0xb9411dd723e3abecL,0x656dea68cf1c6509L,0x00000000000000eeL } },
-    /* 146 */
-    { { 0x4d38e140a0890debL,0xbf7bd87dbceb84bdL,0x51f0ff72ba041decL,
-        0xafeec70aa6820be9L,0x755190a38c486298L,0xecdba558e7010ec4L,
-        0xced91db88c7879b1L,0x08de3e4cef5e215cL,0x000000000000014cL },
-      { 0x9c1534ed16266da2L,0x9ce322eb7b4c9009L,0x37decaef69927688L,
-        0x6525097f05c2844dL,0xd23b7e131ac519abL,0x682ebb7265a3cc86L,
-        0x0c531db9628c4575L,0x2e00e8b873805373L,0x00000000000000beL } },
-    /* 147 */
-    { { 0x3807c80057ed32e9L,0x427e40cf7c024997L,0x58506abbabb54830L,
-        0x5649776fce820bf4L,0xb5353293b2c43e81L,0x671e8353cfef6648L,
-        0x27217d3f903bdca5L,0x40a9c109a813fd79L,0x00000000000001dcL },
-      { 0x6beaa6c33db21a38L,0xcae222e1d73ef7e4L,0x1ff684e7bd1d507fL,
-        0xf5bac664587a77abL,0x58c74f620c64a4d6L,0x4ca837d96a7c378aL,
-        0xf43df5313e42e409L,0x8a9a4347fb49e14fL,0x000000000000013fL } },
-    /* 148 */
-    { { 0x85ab4edf992f8923L,0xe24aa5e06fd209f3L,0x27be9b871b1340eeL,
-        0x2957d11f91e0bb40L,0x425afad2f3d4c62cL,0x2d231286c7ff7aafL,
-        0x96412b2b0114cbe9L,0x6706a231c3e23529L,0x000000000000019fL },
-      { 0x06b3bbd2225c02afL,0x53ebc1663fa3e98dL,0xa6df2b75b84f482eL,
-        0x912b45212bfc55dfL,0x30bdbd40512a73daL,0xac0f43d93d53eaa4L,
-        0xfc358fe40c27fd53L,0x2cb183be919424b4L,0x00000000000000a3L } },
-    /* 149 */
-    { { 0xe39b0c2d3fa6a746L,0xe84a79221d5a24a8L,0x70a5891478cdf2b5L,
-        0x8a88067d30666cb3L,0xb09a709ef6d71d06L,0x50007a3e0065d184L,
-        0x7046af4bb8dc9448L,0x2b6a3129c65493acL,0x00000000000001fdL },
-      { 0xd3d5d5bde45f2771L,0x8542b08af432ed95L,0x2ecd40fbf232a6bbL,
-        0x0fcb6143e8beccb2L,0xcecc513abf8e247fL,0x955d56f78da3039bL,
-        0x9157c61956c2a0dfL,0xa6d35cbf3031fe2aL,0x000000000000018cL } },
-    /* 150 */
-    { { 0xdd800b1bbe0c4923L,0x046ae7406902907bL,0x2398b37f957bd0c7L,
-        0xaa8e1a9d9655f8b8L,0xcd2927fa500f4150L,0x826a9c6d202e7aeeL,
-        0xb4cf58b39f29692eL,0x3093868cbf41577cL,0x000000000000011fL },
-      { 0xadcb5e7a333ed442L,0xae5c8e2f906fef7bL,0x2d9b01233d98f228L,
-        0x4632f2da7ffe125cL,0x59487731ba231835L,0xa0caae5b12d2c512L,
-        0xbf00e6589857d9c4L,0xc5d1008654f200f6L,0x0000000000000172L } },
-    /* 151 */
-    { { 0x589540462fc283e0L,0xf76339847ee0880eL,0xfaf1b40eb7fd1622L,
-        0xecf5151ef598c5edL,0x6b4d92f77e00d9bbL,0x7543e3b3a8c43fd4L,
-        0x3994e12c6511d1d2L,0xdd841a1daf05b6d3L,0x00000000000000c6L },
-      { 0x23da17e023b991adL,0xaab2b21371fba514L,0xb417ec5a0ddc1879L,
-        0x173bc8ad5f63acdcL,0x2fcf52101e2a7d50L,0x63373fd06106d008L,
-        0x1e8211de7db012cfL,0xa07766d9576545efL,0x000000000000018cL } },
-    /* 152 */
-    { { 0x8e4347b9af80dfafL,0xa80b631f9c4667f3L,0x6ff1db266ddbc238L,
-        0x6161e365aa8718a0L,0xe7f7ac90af31c35fL,0xc03831d1fc6846e8L,
-        0x1e669d10684175b4L,0x6da9d620934b731aL,0x00000000000000c7L },
-      { 0x981f597ba3e4e78bL,0x2c14dedc55099f9aL,0xbf37399593088c61L,
-        0x7c5683079b207458L,0xc4440c47a2276900L,0xb6df23c8f7e6daf3L,
-        0x4f662c2542929103L,0xf4ea6db18b3b7963L,0x00000000000000f9L } },
-    /* 153 */
-    { { 0xc669eb88ced36049L,0x87a4ffe1f41b99f8L,0x690b75636a72e108L,
-        0x67dd6a8c65a0bb8aL,0x42cf8c5896e42955L,0x5286b5f31aabffadL,
-        0x1f7dfaf28f6f26a4L,0xc5d9e0ac0e1ae503L,0x0000000000000120L },
-      { 0xafbee3ffacc10da7L,0x67e2d5f9944946e5L,0x8ec17e863c4220ffL,
-        0xfe6f7414bd6f632eL,0x4a9e3c0fc3fc9ef4L,0x25ff3cba03bfb870L,
-        0x18fd3600bb03342dL,0x1e63e7530050cd2eL,0x00000000000001acL } },
-    /* 154 */
-    { { 0xdd83d07c8f3d6a02L,0x71fc143c7ef4d0d1L,0xca994bf0d4c7af61L,
-        0xc8a93e98827c5cf0L,0x4a102c7b2b697882L,0x633c87d58a55e8baL,
-        0x1ae8822fcc2d64f0L,0x2ce9b53f986d01fcL,0x00000000000001c1L },
-      { 0x859639fd95dc1b79L,0x2728f7543f4e616aL,0x6e703c4cede2fb9fL,
-        0x042f7680d50fae9eL,0x0546bc3bc2d530edL,0x00a4006bcdd598acL,
-        0x3f3286c9e1294910L,0x77782255b6bf9629L,0x0000000000000146L } },
-    /* 155 */
-    { { 0xaf81421ee30c98feL,0xdeb0feb0fc2cd705L,0x9b2c4ca614df6ad2L,
-        0xd38134de9ba314e8L,0xa443deb84f04b16dL,0xfc556ee0f07f8ca8L,
-        0x3c1c83bb3a4f3917L,0x8397dd24b1adcd41L,0x0000000000000199L },
-      { 0xca01e17edf4781e6L,0x32d7c31946f1f901L,0xa227a613b53090daL,
-        0x2495b1dca7c8c607L,0x1cf2fbeeddc69709L,0x1d3d82bb45608098L,
-        0xcfcddda3085134d7L,0x3dd171b596798c41L,0x00000000000000d2L } },
-    /* 156 */
-    { { 0x97a40f84d4dd7e96L,0x7114c8ea8409fc0cL,0xc56f29e6a9d11393L,
-        0x3b6066218fd8c6d6L,0xad3baa8600269e7cL,0x1413c6b005929d5fL,
-        0xc1ad7e40222e365bL,0x6a82621a4798aaecL,0x00000000000001d3L },
-      { 0xaeac45c4c1003c81L,0x9ef9ef5af43d8602L,0x36a65f5e60f77469L,
-        0xf312e7abbf5d2858L,0x2f53ec81c84acef1L,0x63e32ca29d248b52L,
-        0xfe9aa7c581e65c60L,0xe3686c9a52841973L,0x0000000000000017L } },
-    /* 157 */
-    { { 0x0b2efe659e90de99L,0xbe4485bcad05ab63L,0xc48a6a52e14e4892L,
-        0x2ad8543022628687L,0x261f0e955eb3db54L,0x48e81863d45e5841L,
-        0xcfe1ce0f8ed75739L,0xbd6f1ff57d84ade4L,0x000000000000003fL },
-      { 0xd43711ddd1bf968cL,0xd558d7cd48dfa472L,0x49f09223e425a566L,
-        0x0cf833385c26d041L,0xbe7b81f17c2c1743L,0xe3bdc33e5143d9d9L,
-        0xf385ac3594fd3faeL,0x7551cf429fd1811aL,0x0000000000000113L } },
-    /* 158 */
-    { { 0x4928f55b20193bb2L,0x96e579d07310b872L,0x5ee06309d345d276L,
-        0x9a43e432a871868aL,0x28c113e111038683L,0x8286ecf3a332f108L,
-        0x3348aa370385cbb4L,0x698ffcaaef158dafL,0x00000000000000c6L },
-      { 0xa044c54af6908745L,0xa6b336e46a3353fbL,0x694c2852d561e821L,
-        0x1b2979703634917fL,0x6e1023b981f61315L,0x6817dc2bef46a5efL,
-        0x93dea0af8e114f7fL,0xc3cf3cd5ed72c5bfL,0x0000000000000136L } },
-    /* 159 */
-    { { 0xbb8799ab7b080de4L,0x3b8f781dd69d8396L,0x76b42aaa986f8f63L,
-        0x5d74c038a54bc5caL,0x76fcb605a9c2fbb9L,0x8451b44080178930L,
-        0x40f00c389d286f0dL,0x3038e9520c543263L,0x000000000000014cL },
-      { 0xc94bc3816977aad9L,0xadbfd082d7087be3L,0x06d0820c875fed08L,
-        0xe1ce84d4345656fcL,0x71c4d8e00fd6dd4eL,0x23338b226a5fab40L,
-        0xd477eac10baeeb6fL,0xe4db08bb5f80c26cL,0x0000000000000078L } },
-    /* 160 */
-    { { 0x0111d12a1078342aL,0x0534725e559a1064L,0xea459d590fd3ffddL,
-        0xcf694a9f06f0ac1fL,0xf6d24adb3e19bc69L,0x3ce38f5eb9ddcd00L,
-        0x38400f66b632dd4eL,0xcab8fdfbe15e1c55L,0x0000000000000085L },
-      { 0x0a943f6b8d09422fL,0x17d297560f988c3bL,0x55a441fa2ef2e4d9L,
-        0x6743523b35f7c13fL,0x274d3407edaad3ffL,0x594114359347242dL,
-        0x1cb273013bb8615dL,0xa0437004bd7794cdL,0x000000000000007dL } },
-    /* 161 */
-    { { 0x824b99a62d712c44L,0x148368f8a6962577L,0x8ed68432d65e2287L,
-        0x140283066f5bc5f8L,0xe6cf31214ec3479dL,0x96db6f449326db70L,
-        0xca5ac098ca32936bL,0x69e248c72fea21afL,0x000000000000004dL },
-      { 0x0aa89092a71269fbL,0x2f6bdba818650b60L,0x1d9cc2a39fb55db2L,
-        0x0fceb0df6311e9d0L,0x6faeb79c90ac2c1dL,0x2393b222cb1f372aL,
-        0x62a6f3dfbc8c4193L,0x9dea30b22fe8e674L,0x0000000000000001L } },
-    /* 162 */
-    { { 0x7df689ac12b3118bL,0xd06ee39d6cb6ea56L,0xcfcc22c2187cd978L,
-        0xb985b6818d537d87L,0x75845152e9f56db2L,0x0f8398715e098c15L,
-        0xbe96a5c83b212cd2L,0x3dda0338d9ac1c47L,0x00000000000001fbL },
-      { 0xf06b7fe0cfa0a9b8L,0x9478bac7e22dcf75L,0xf3815e04136887c8L,
-        0xed811dde914c54bcL,0xc8c241600f51ea64L,0x63914d834c870577L,
-        0xed24e552a8abbcb4L,0x9e5eb9e82644f52eL,0x0000000000000001L } },
-    /* 163 */
-    { { 0x1f65a04e66d52313L,0xfd6945454d3f72bdL,0x2bc0ddafa6b7ae11L,
-        0x921f79d8571ab247L,0xd4c5f966ae5a8d68L,0xfde17716aec5ce13L,
-        0x70e6eda4b764bd39L,0xffe94085990d6783L,0x00000000000001efL },
-      { 0xf3fa0e27d88f92e8L,0xa21ef0fd9c77123cL,0x6259974c89274dbaL,
-        0xd4cfa4a5b9ba2762L,0x10c909d246ebcaf6L,0x0317a10d8f8e2870L,
-        0xb0771de1453aeea2L,0xdf0c479168c6b0a3L,0x00000000000000eaL } },
-    /* 164 */
-    { { 0x11bc1e484c854477L,0x2bec25b48638e47cL,0x43d4e02b869c54d9L,
-        0xe318de32be1e7ed2L,0xf5471eb06b460c4aL,0x38ae7bf3aa426afeL,
-        0x23ae26ddd8452dc1L,0x9d3fc1d55782de9dL,0x0000000000000164L },
-      { 0xd87cae310ade1979L,0xa847041d3b4bc728L,0x38923c4056c3c9beL,
-        0x36fe182ad74ae467L,0x92bff6f4ecbe49aeL,0x6680db80dc41f9f5L,
-        0x35bac06fe4630715L,0x6d68b4c7d6d07307L,0x00000000000000c0L } },
-    /* 165 */
-    { { 0xdbe22be7854dfcf2L,0xee21a7dfa6ae3bd0L,0xf4633ad1a521ec46L,
-        0xee94527a41a9484cL,0x1145eb9b2aa123f3L,0x5634a82acae3ca92L,
-        0xe176aca0fc85d925L,0x504cf7fc19082d8cL,0x0000000000000078L },
-      { 0xd74ce7c43799793cL,0x74ddd618b5519fb5L,0x2cf6df9395ff9808L,
-        0x00ea45d1b8bf61e6L,0x26863613dcfcf54fL,0x67423b76030035b0L,
-        0x9fbc75344028a9cbL,0x7b52ce37051a077eL,0x00000000000000f4L } },
-    /* 166 */
-    { { 0xebf7d8ad96bec962L,0xd1cc81f617e0107aL,0x64c44509214e1058L,
-        0x6c298c4342394c9fL,0xd910052d1a660513L,0xc364375490df8243L,
-        0x2313be1efe5cdea4L,0x249a60f7d27fb7b1L,0x0000000000000076L },
-      { 0x749758381cf593a0L,0x0c9ceefb8364c59eL,0x2f5a1333e05c9991L,
-        0x30ea5e1f421808e3L,0x56fb3a4f4f5e8f4fL,0x2cae6e2eb6c0cb47L,
-        0x60b307fd08bdcc6aL,0xee17901c0ff8c117L,0x000000000000001aL } },
-    /* 167 */
-    { { 0xc048336b89aa9e14L,0x66634271f676700fL,0x4daa0433906b6980L,
-        0x30247ee1ebb7ab23L,0x969b4aa7eb59a053L,0xd78ef8258000f4d5L,
-        0xe5db38eb46026b5bL,0x06a43e5d7d6856c4L,0x000000000000003bL },
-      { 0xaa0ae838ed2a0ee7L,0x04bbe528f16e8813L,0x8ab6df5c4ea64137L,
-        0x5be80cb606e29867L,0xf19b1b72f459ed2bL,0x7a9cce4d1761521aL,
-        0x39aff994aa516f3bL,0x97d92e86b3416925L,0x0000000000000007L } },
-    /* 168 */
-    { { 0x25aeede15af3a8caL,0x33924782a5c351ecL,0x41e7a3fbf93ec080L,
-        0xb04f93c4e6f425b4L,0xe4ec12ec81e76009L,0x797366d45180ffc6L,
-        0xd293cbb50e0aef3aL,0xa149694468d71d91L,0x0000000000000061L },
-      { 0xf52c541c675a67a1L,0x67d38d308f5fe906L,0x2a70bcccf6be988eL,
-        0xae03ecbe18589886L,0xecd026167067045bL,0x1facdd9910ca8d96L,
-        0x7aa10a8230c0735dL,0x2a27e5543328f21cL,0x0000000000000015L } },
-    /* 169 */
-    { { 0x3dd609e0e6057e27L,0x87e8b6a7c7a454daL,0xff5991451f32dd5bL,
-        0xea397a88d0ef51e2L,0xc49866a125567546L,0xea45c8b13228b480L,
-        0x3dbe0e77dd01997aL,0x0e2ea28fc51867d2L,0x00000000000001f8L },
-      { 0x6295412d69d0820bL,0x031731271ea65a18L,0xc27c8221eb06380dL,
-        0x7ffd4efc75fe9706L,0x7b396a575a71d250L,0x61c80051c7cb7543L,
-        0xe07db4d7ad4dbee3L,0x1c7481f49b192d45L,0x0000000000000143L } },
-    /* 170 */
-    { { 0x5eab2d0408e1cc4dL,0xe93758d3ad2dc1eeL,0x0ceb7dfe5c9c7393L,
-        0x530d86a9d3379683L,0xef5283cae24f86d7L,0xab5d1a64f0b1bb0bL,
-        0x96aabc1f54db4e3cL,0x3e3d87cc3bc00c59L,0x0000000000000144L },
-      { 0xe50a82131d60e7b0L,0xfc9b629b5d33d018L,0xc54aee42fd05338dL,
-        0x0678f2c0e821c6eaL,0xe5c9d75f06ac09cbL,0x8335751353018df6L,
-        0x81ca6fac0bf8c667L,0x7fc8020e9d0ae2ddL,0x00000000000000e1L } },
-    /* 171 */
-    { { 0x8add47411baaa5ebL,0x02cbb75979bd8036L,0xd8680c40cdffed22L,
-        0x1c23a8f04e091141L,0x65d141ed20748b87L,0x586a1575659e9289L,
-        0x7c68d7cd5006dbfeL,0xda0ad0df22569a74L,0x0000000000000148L },
-      { 0xc8fcc5db7f9069d7L,0x2487d2455c0531a4L,0xc5ab4899e9a2db3aL,
-        0x52bfd538b4fe9720L,0x73a04ca4d27f35e4L,0x7cbbc549ee2dac93L,
-        0x0287229dff3ee7e2L,0x3179878d28da9360L,0x00000000000000d0L } },
-    /* 172 */
-    { { 0x89b7e9bb3b66c047L,0x22e65869602a3e1dL,0x44f82297c8db9c00L,
-        0x0e76aca3d08a74a3L,0xfbf1a71dfcd398deL,0x2fbb6eaa8320e66aL,
-        0xa82d0ebc179c9fc5L,0x4e00cf6f4e7ab2b4L,0x000000000000000fL },
-      { 0x424c0e9a4890c439L,0x37564a2bbc35a6b2L,0x95a4479dd9b7497dL,
-        0xa1ff3f0d612de942L,0x358627fce60d0033L,0x815da8c0522417daL,
-        0x506104d4ef6b8385L,0x800728d2f16e96aaL,0x0000000000000120L } },
-    /* 173 */
-    { { 0x976f2372ab039042L,0x10e6978c9fa084edL,0xd03fdd2f58bec143L,
-        0x3200c101fe2045c3L,0xe6868f7ab0a5a928L,0x26c95d1de61faff8L,
-        0xa1e20127b7b12265L,0x8e63dd78c2a5ed17L,0x0000000000000089L },
-      { 0xbb6533da22bba4eeL,0x3eff6397f496a574L,0x409329f714f2a6b9L,
-        0xa08248bd1dfdd73fL,0x62f33f2e69bca1b1L,0x9a177e64ba2e0327L,
-        0xbc50e99375ddf741L,0xb87a979f4a56bd1cL,0x0000000000000095L } },
-    /* 174 */
-    { { 0xe83736a967c1f177L,0x1b6d3508600133c9L,0x9424bb926eac9a5bL,
-        0x7a9c01a6c27ef31cL,0xad93bba5122b4870L,0x9eb94e2a9d1ac985L,
-        0x511c0206d53f175bL,0xd13eb2525102d914L,0x00000000000000b1L },
-      { 0xcfe7dbeb675a1171L,0xb228295c16c0d2b1L,0x8db25b5a057c88caL,
-        0x73ea9e96d300e9cfL,0xb0e0037f269552ebL,0xea9d035c9e0f98dfL,
-        0x860e49b8d290480fL,0xa35e9512c036b319L,0x0000000000000037L } },
-    /* 175 */
-    { { 0xc56729ee8f00df48L,0xb89ca7b611ac8304L,0x497a57f98b3a8123L,
-        0xe0431b19c21ca3eaL,0x45a73debe2bb3ce7L,0x2f86cc2badc77819L,
-        0x5ff005e4e5eb3df1L,0xf955dd7add27dcf0L,0x000000000000005eL },
-      { 0xe0c22ffa00ee402fL,0x5b335e2a3b30bb4cL,0x542551d0643cb101L,
-        0xc6183f453cd19688L,0xc6664f22f0be54b4L,0xa5f4cfee4c20cde4L,
-        0xdcaa972f80a4c475L,0xde4af20059111ed9L,0x000000000000019cL } },
-    /* 176 */
-    { { 0x9e9d0bc8d771f428L,0x3ac1ecd9e43ca382L,0x8d5ee480eb93acf0L,
-        0x16232f81065a2a3fL,0x1fc04faa2f0b8a73L,0x4a8df7e7025474a2L,
-        0x51ac4ff23bb15f6fL,0x66e21b73e0950e52L,0x000000000000006bL },
-      { 0x59c9848067a41deeL,0x2cfa95ae7b3e2b3fL,0x54d98386891454e1L,
-        0xf0dddbdfeefca6a4L,0x5f691b2411e9cb75L,0xa9b9e766fef208c3L,
-        0xe8df100018b33cf6L,0xb8a55ac9d1c174a9L,0x00000000000001c4L } },
-    /* 177 */
-    { { 0xa99f58625c4cccb8L,0x70bf52092ef4d3efL,0x28f4e57689efc878L,
-        0xa2366f96da14206eL,0x90331a007c52107dL,0x478d4cead4a0f0f0L,
-        0xb2899ee2472a47b0L,0xae96534e64207549L,0x0000000000000110L },
-      { 0x2cc1d655cced05b0L,0xabac3f0901759543L,0xbaeb70a48e577cd7L,
-        0x84b0089340e98d6dL,0x26983653603d24f1L,0x6e1458832572173dL,
-        0x1d348b26611141deL,0xe52257dcefa27f34L,0x000000000000006bL } },
-    /* 178 */
-    { { 0x92678f33c947e655L,0xff0fb76a08923795L,0xb2dfe745790239d1L,
-        0xea0874923cdbb7ceL,0x21326db905f6d41cL,0x5b1ae9ae79dc5588L,
-        0xe145340ce9c31702L,0x07502c29a2c38a9cL,0x00000000000000c3L },
-      { 0x0c124f11c156ace2L,0x2c170fe779ff2529L,0x60df9a816e1171b2L,
-        0xa19bca8355de2797L,0x1ad927ea7c6cc79dL,0x285901121d61f770L,
-        0xfe80c826261c06bbL,0x4050d338aa2642bbL,0x000000000000015eL } },
-    /* 179 */
-    { { 0xc9397829eaad87bcL,0xe0ac936781e84cbdL,0xb579c24d6ade4fdeL,
-        0x50b9aba5690d7f56L,0xf09b29d3d14fb0b9L,0xd0684f2325a0e7b6L,
-        0x0514e9d3606f4ff3L,0xe63bdd26e8ad733bL,0x0000000000000077L },
-      { 0x0afd06ece0d25c6dL,0xdd90021a00ba2dcfL,0x1b0257708c5bb398L,
-        0x077f06d8198ff8fcL,0x87d50ff1b7e2cd68L,0xef75e057263a3572L,
-        0xbf257892fa925a9aL,0x847d3df0739d0e95L,0x0000000000000111L } },
-    /* 180 */
-    { { 0x52ab9cc7fec82924L,0x1c76dd69a7220d69L,0xa63527dea06ef0e2L,
-        0xab3e51c227183904L,0xf4db35ea716807c8L,0x8f3ede0a748f1246L,
-        0xf149364441156095L,0x5f6583d1874b38deL,0x00000000000000f7L },
-      { 0xa39189e10b927eb7L,0xa87c6359c2e2f127L,0x0b72c2337fe966f4L,
-        0x102b8382105e5585L,0x63fee006e58c39f9L,0x3f052ee3991b5329L,
-        0x7f5b854ccbaff97bL,0x935e5f6c5f805060L,0x000000000000016aL } },
-    /* 181 */
-    { { 0xf19a0355dfd88d38L,0x555cd8e3c549df40L,0x322729e304d006e1L,
-        0xf16b706cfd0b0ce6L,0xf156dc0935f2ad31L,0xb30c5213f7a3df9fL,
-        0x9f29cc92a55e5fb5L,0xa0ecfdd42b858da2L,0x0000000000000144L },
-      { 0xb5c115df52658a92L,0xbce3ed17c4281616L,0xa5595f707fd92a91L,
-        0x663c8bfd9cd5d896L,0x0776343f5a9472b1L,0x14e44ca8b033e1bdL,
-        0x27a1c9861e5c02fbL,0xece0f2c4cc4ffb32L,0x00000000000001b5L } },
-    /* 182 */
-    { { 0x17127bab31211943L,0x44a8cac65684325cL,0xd2fe0b88d855fc3eL,
-        0x47abab0cce91eea5L,0x5d23ddc478ec7d12L,0xa3986de70cd9fefaL,
-        0x32c7b86782655766L,0x3e54018beeaec7faL,0x0000000000000087L },
-      { 0xc96e86f2b38d17c1L,0x9cbfbd0c71fa040dL,0xe111ab79f88499cbL,
-        0x1d47c5cef71ec80bL,0xacaa3bc146c89692L,0x5f921c0e3d316331L,
-        0x31fa081ee768765bL,0xd5dafd5f41eff270L,0x00000000000000feL } },
-    /* 183 */
-    { { 0x8af10b9d4cda1348L,0xb0769fd225c3013aL,0x450aa5b18957c22bL,
-        0x5cafd6c7f5acf1c4L,0xcf71a1409fef8029L,0xe12029f5ee089f5dL,
-        0x9752a8fb0fbd2ba8L,0x61e2275f6f70cb58L,0x0000000000000090L },
-      { 0xb70a4ac51fbda16aL,0x79910e79f1dfa2a2L,0xba2ce132d9945f6fL,
-        0x450d59aeeb4ba4efL,0x6a8e09b34bf2d53dL,0x76010204e620c7a8L,
-        0x63f8943d0a53c6f4L,0x14c91d1987eaf56aL,0x0000000000000132L } },
-    /* 184 */
-    { { 0xe54fb120490d66c3L,0xeaed7328a0dc8204L,0xba014c3804b4294dL,
-        0x3f2fa2ab31ddc467L,0x70ff55ea8342ed11L,0xb18da72f23034e0eL,
-        0xadc30dbebd8ae3c1L,0x179bdf6f3e945a02L,0x000000000000009cL },
-      { 0x46c928ef7484c26fL,0x206b7db1ef2adbb1L,0x0887f5483f58dda7L,
-        0xfde4e20c4bc7edb6L,0x484d121d975cafdcL,0xc5b5967086beec20L,
-        0xb579aa88a6d6db67L,0x22c6d87e41187488L,0x0000000000000015L } },
-    /* 185 */
-    { { 0x0a890757c471d4aeL,0xfef4b1a543a1da76L,0xb892b1826aa701a1L,
-        0xbf4d4e5259c65f93L,0x923af929d789df35L,0x3ccb46c60b79c3f2L,
-        0x95582ce7cf4cf130L,0x7da081b4257f0ec4L,0x000000000000011cL },
-      { 0xf92c6ae59aeef274L,0xe6c5bf4f1437c083L,0xaa74b023e13c86afL,
-        0xd21dace62a225360L,0xb3d572b822589fa5L,0x3d4a3916dfa74b0fL,
-        0xe76cd8dcb12891a9L,0xa0391a3f59f4cfbdL,0x000000000000019aL } },
-    /* 186 */
-    { { 0x054ba69e203fc3f1L,0x09168ccb62106a29L,0xb0818540aad5fa9fL,
-        0xecb8f20ebff7ed6fL,0x2c80a618bef94afdL,0xe25d8ca0b0abd1dbL,
-        0x75e67a41028e0a7cL,0xdd7662ddd6e95b9aL,0x00000000000001b2L },
-      { 0x87dff279f289d7eeL,0x4d755d59eea2205cL,0xaeb0fd54c18adac6L,
-        0x3a8c46cf7ec01019L,0x6fc90e7eb48d70a4L,0x965c53c110b39ef8L,
-        0x455777cc38545a20L,0xa33430f757dd023eL,0x000000000000016eL } },
-    /* 187 */
-    { { 0xfa9f39490ff53d2cL,0x8dc91596b00349b9L,0xf10a5014d5997967L,
-        0x4dd72daba8a6b78aL,0xef5de5408b517b10L,0x142b90bca6d39be0L,
-        0xcaeaa3e9eda17f70L,0xa01689d606b31118L,0x000000000000016dL },
-      { 0xea6ca563f46afff7L,0x3945c7ba34a5e5f3L,0xc1ffe4c8aa998fd8L,
-        0x42a60146b63f535eL,0x50816888d1f509e5L,0xd1918daa9f8cd0dbL,
-        0x6505e6bb78a36772L,0x4ab03a819cc6dc66L,0x00000000000001efL } },
-    /* 188 */
-    { { 0x06089d14d376d986L,0xd0f4e077a2dc35b0L,0x1c11709a53ff2c86L,
-        0xfef4ba45123c3fc8L,0x852cd5a71b656fc2L,0xb57c74891fefa8bbL,
-        0x8f05383e48110b77L,0x4b55d3ad52c5a129L,0x000000000000004cL },
-      { 0x5110cff3f3827633L,0x086784d5e00afe96L,0xcb3878823ead32faL,
-        0x3dcf4d162b91cd86L,0x078b6a58e6f3638aL,0x33792112e8b7fd42L,
-        0x6964044dee5683e7L,0x3b84210f28e28433L,0x0000000000000122L } },
-    /* 189 */
-    { { 0x6c28a9a9c3ebeb27L,0xd7bcdcb53ef590f8L,0xe88a2e114dae7f37L,
-        0x033522e4726ea7c9L,0x99d503868c141388L,0x59b1aeca61621575L,
-        0x719fcfebfcc564d8L,0x3a577af11aeb8e36L,0x0000000000000043L },
-      { 0xc3f26ce06feba922L,0x5f6c83ee475a5693L,0x7f79674028bf378eL,
-        0xd2a5e368bdc3f6f1L,0x3d034a0aa6ed90aeL,0x3b1c3a4c4a47cbd5L,
-        0xa4f0aa6e4dce2bc8L,0x97c7af4374ca00ebL,0x00000000000001c0L } },
-    /* 190 */
-    { { 0x0037717879c28de7L,0x617aa2aaab9c330cL,0x4308182666bc61ebL,
-        0xe0b5b5cf4d78b504L,0xd76a752d9870fc72L,0x3b4689f5d40b7bc5L,
-        0xa97fd86787f2d03aL,0x6ab7b5eefd6060a9L,0x00000000000001c0L },
-      { 0xe99eadb1ffb71704L,0x436e58bb390fe3b1L,0xeecab82cab4f19aaL,
-        0xda492dfae0f3d9dcL,0x2a0f54bd6e20ad12L,0xaf89fa0f7dbbd262L,
-        0xdcc50a1ae8d2eb54L,0x9799f816ef7d0758L,0x00000000000000b7L } },
-    /* 191 */
-    { { 0x9ec46462104f98ccL,0x4511592272aedeaeL,0x7ae93dd07e62186fL,
-        0xd17ce0268d6d69b6L,0xb5347608fd43a8f3L,0xe87f1c137c0ab797L,
-        0x3bf597a8139f991dL,0xe293a85be547e0d6L,0x000000000000008dL },
-      { 0x0982add38ef668b1L,0xc54e6b2d611c9764L,0x3ce76b121c1d4263L,
-        0x3134b28eeff64e73L,0xaf71a9ac2871612aL,0x31c88af2ba093594L,
-        0x0b649112ba9108e8L,0x8febc5c55cf437daL,0x0000000000000113L } },
-    /* 192 */
-    { { 0x7e9ca589c4a2daa2L,0x18ea703c400f608cL,0x6f8cd058d5175103L,
-        0x264934724abb6f29L,0x0be553e194296ab4L,0x9af9398fac51657dL,
-        0xe232deec4f880ea8L,0x2f81761e67b1e1b1L,0x0000000000000137L },
-      { 0x51014bc73a20f662L,0x1fb7e77c49ed9502L,0x89f5096fb62b9652L,
-        0x3a659c67a2e8d37eL,0x0f2b2a265804170eL,0x1674fce69ed50a34L,
-        0xaaa4537efdc3c00fL,0xf3c3bfda4ce99d93L,0x0000000000000198L } },
-    /* 193 */
-    { { 0xbab1f5cd81614189L,0xc7d56c4524b259f7L,0xc7baa4b245fb415eL,
-        0x302bc8dc7af6bef9L,0x91b770e074b48e82L,0x4a1336e09b6d1b1fL,
-        0x285c1357e6680c97L,0x59bcb813c7ccb625L,0x000000000000012dL },
-      { 0xddad83b47c019927L,0xe10f2667630dfd5bL,0x15dbec5a31e05d23L,
-        0x2aa6e5fa456ac460L,0x46956529243cac82L,0xc69c9c7f4dc8c9e9L,
-        0xadb27e09e24a4065L,0xdfa7a34eae41301bL,0x00000000000001ccL } },
-    /* 194 */
-    { { 0x176a864d59cb1a7dL,0x4d864ca36aefb8eeL,0x0ee83acb1c22b0d8L,
-        0x7e80a6ebd980df1dL,0xf582acc47f94ced9L,0xa29cd1233a72c115L,
-        0xce12a2a8c7107bb7L,0x0229ca564ed80a30L,0x0000000000000150L },
-      { 0x9774bad52f1c180bL,0xd08be998d749aa10L,0x978c48ab56dbd1baL,
-        0x6ed3e3e40afbea9aL,0x8a8be97b153dc5fcL,0xadc7f0959be93ed0L,
-        0x8d2429082cee23bdL,0x417523c6dc2729deL,0x0000000000000016L } },
-    /* 195 */
-    { { 0x74eeccf16c14a31eL,0x488e2534b2de3c2dL,0xf9bb35997cec43c3L,
-        0x4210459d916ac936L,0x71d15c029f7e4400L,0x8c9c7c1244553583L,
-        0xcc97548dec94a467L,0x4ca678183167bad9L,0x000000000000014eL },
-      { 0x033af0558d0312bfL,0xbd1bf4f554161e66L,0x259945a7fa41781dL,
-        0x33494da800eef1d5L,0x6c505ec079c3b8d0L,0x70ae1ade1c9f6e69L,
-        0x0288f0c176830aaaL,0x7f4cfe3ba62a060cL,0x000000000000000cL } },
-    /* 196 */
-    { { 0x0d8b447d057d6006L,0x38b976e6fd71c8b0L,0x5e77e029abcf40f5L,
-        0x13bee386f103a783L,0x20a6ac205e472c4bL,0x43b045f631fcb194L,
-        0xe5dc1d9fc00abf49L,0x28c0bc70a5556b79L,0x00000000000001b5L },
-      { 0xba9d07ee8a8640b8L,0x25611023d0e34012L,0xc7ce655bbe24ae89L,
-        0xe358e524fa579dcdL,0x57ce2715377bbfe5L,0x64651c6c3c0947e4L,
-        0x5fbd8d50f4a97826L,0x6fcdd28fe2e1c15aL,0x000000000000008dL } },
-    /* 197 */
-    { { 0xb564a2f65c7202c8L,0x7d6340525a54b0d8L,0x8414d6721434fbf5L,
-        0x8114215e1d9830a3L,0xc7a758d55ef0fbe1L,0x5705dcf8e6f57f9fL,
-        0x5dd49a56d92269d3L,0x8f015d7abdb49f97L,0x00000000000000f1L },
-      { 0x07131110b4799ce6L,0x35bbfb992cbcb7dbL,0xc1f00c9ff7ba21e2L,
-        0x009d6913b18f49feL,0x8da61951abcf959bL,0x0e6872130d42146eL,
-        0x55832817ae5f23f1L,0xc9b5bb689ae7386bL,0x0000000000000143L } },
-    /* 198 */
-    { { 0x423328db48c74424L,0x32616e11d19cb2ebL,0xe534192a40d6e217L,
-        0xdd83a94c0cbdc752L,0x5c623050d733bb01L,0xcd0d631a5b7a4520L,
-        0xccdc0a259a4011c8L,0x22f112cc646e7cd5L,0x00000000000001e6L },
-      { 0x47d6e29a3e1e4c4bL,0xd5f825389fb1548aL,0x7e3705b54fd3e319L,
-        0x8c4ce59a0a08b966L,0xbca749e7d8cbe8dbL,0xcc4496eaaeec3d75L,
-        0x17dc723a8a1a313dL,0x250ff77a8ceb9360L,0x00000000000001a5L } },
-    /* 199 */
-    { { 0xa55a0726fe29bd79L,0x6574a8104f990b34L,0x6906946daad56983L,
-        0x0e580ab950d41fefL,0xbc75b5146e6f7f45L,0x508cc97bf0f3718aL,
-        0x51ba2ca4a5634087L,0x75c39077e64d8910L,0x0000000000000172L },
-      { 0xf37cccaff77ca6bdL,0xe0a0df41bdb18df5L,0x9f46cff8019e01f7L,
-        0xbe4f3d44aa65d72bL,0x7822d8ac6e3663e9L,0x5f37f9223ef9db6dL,
-        0x7f0ad39dabe4a9aaL,0xa0a57c70f69cc8baL,0x0000000000000098L } },
-    /* 200 */
-    { { 0xd9c50cf400fd5286L,0x1ea5b9d572a4b03cL,0xf5e60f9e051ae73eL,
-        0xfe9b5142951b3824L,0xb034b2d09fb4d667L,0x4b537a80edc50856L,
-        0x69ee10128cb0022eL,0x7c8b9e5c6a548aeeL,0x00000000000000edL },
-      { 0x746007bcd933619bL,0x0ce7668e2b9dfe19L,0xa9eed5d3cc6e2a2eL,
-        0x35a14f5f7eebf32fL,0x75cb898d67cc4f64L,0xcb2185fc7850c16cL,
-        0x09874a7645f79c96L,0x7468f8ae27db4744L,0x0000000000000139L } },
-    /* 201 */
-    { { 0xc5de68adc88684f6L,0x7c1edaab619a7dbfL,0x258d1735b27a18f5L,
-        0xb27e7b658ecd89ebL,0x3d8889c6d879f7eaL,0xa8fdc96d67d5befbL,
-        0xc84d86ae37bad73cL,0xc7e91976ce8e56d7L,0x00000000000001a4L },
-      { 0x5001a5406319ffa6L,0x0cae64ec134ec04cL,0x1f69a96cd541242cL,
-        0x9da259eebf2caeeeL,0x88e7978c28bee805L,0xe9484bebb8e890e4L,
-        0x0e5246d0fb227fd9L,0x8be2a54a625d6318L,0x00000000000001b7L } },
-    /* 202 */
-    { { 0xa223554af472f13aL,0xfac993b75733e91cL,0x26afe9f096c168a2L,
-        0x7cfe761d4b127535L,0x84301873e77070caL,0x66b6aaadc7e7cdf6L,
-        0xda2dd5eaa1562ed4L,0xa81a2e0039faf8d8L,0x0000000000000016L },
-      { 0xa880759c4e3de3bfL,0x0c1e2e1152f3088aL,0xcb2ded9aaa7eba5bL,
-        0x4c65d5539f9c11caL,0x0ab9bd87b0dc5c19L,0xd32f8c96ca3f4b61L,
-        0x49842fcc28cb5f9fL,0x31ae27ccb90e21dfL,0x00000000000000f4L } },
-    /* 203 */
-    { { 0x3b2a0a0d6a0ccd0aL,0xa3eeec825993b555L,0xb13486fd9de672a6L,
-        0x8d9c51480da05dcfL,0xc4aa444d6739874dL,0xd9cf35b2e29a35c9L,
-        0xd6bd9b5f89177eadL,0x9af0f59d2a0470a1L,0x00000000000001d6L },
-      { 0xb2f844c7ba7535fdL,0x45bd4c3da842ff39L,0x5fe149ede951974bL,
-        0x6982e997fd4453ecL,0xa63f705de6c37c0eL,0x09b0f6a9d2c3ef6aL,
-        0xbedd35861776a8d6L,0x4048a46aede11b78L,0x0000000000000176L } },
-    /* 204 */
-    { { 0xa47c6ee551a251d1L,0xbef4bf120d279dfdL,0x4c2d538cec518a28L,
-        0x1b2b78873880be6eL,0xc69ccf8e1be9b20bL,0xe41dfeae3796a19eL,
-        0x25676fc9fb50bdeaL,0x8b815a0503e180c0L,0x000000000000016aL },
-      { 0x2ca085f653f5ef65L,0x61dfbbf977b25105L,0x88ea87e3a3346fe6L,
-        0x25ddfdee1b95f7efL,0x22074e695b65eaecL,0x11869a154c2e023bL,
-        0x8601b57742e83bb5L,0x1464652cfa877e7dL,0x0000000000000015L } },
-    /* 205 */
-    { { 0x250853c857fa58f1L,0xb58a4e684ca4c670L,0x07b96d0a1b81f40dL,
-        0xa4651e10558e8cbdL,0x1a64046e42e388cfL,0x51b0d53944436088L,
-        0xc2bf35b3e26b8fd0L,0x4ae787095702cfceL,0x00000000000000fdL },
-      { 0x3c79bc29df53d498L,0x4cf31c4e1137f624L,0x93b6856c17a3cedfL,
-        0x2461131c6cd9115dL,0xab30a4539228cddbL,0xe97757b68d202bf1L,
-        0xa666de7ce6108612L,0xc200fe654f6026b4L,0x0000000000000051L } },
-    /* 206 */
-    { { 0xea96103cb1a2b4b5L,0x98dccbfe843c0968L,0x6a37072d986ffb5bL,
-        0x2fa07af2169d3ac2L,0x8bb85b9a771371f1L,0xeae10d34e7c299efL,
-        0x3d4bdc69e2372efcL,0x378df75d8dd856f1L,0x0000000000000039L },
-      { 0x31e902ffde7ff5d9L,0x0e9a85d2325a09caL,0xd71b93a6f4192fcdL,
-        0xf52a573715b076b3L,0xd726aa866e711d1cL,0x0b61b1df2c292819L,
-        0x224e575cc8015de6L,0x68e893e118b79e47L,0x00000000000001dcL } },
-    /* 207 */
-    { { 0xb7924ff96ffeda73L,0xe709f406a0da2018L,0x368e20eaf89584dfL,
-        0x0095112e8355a040L,0x259d4528fd777d7cL,0xb0c495652bf8f2c8L,
-        0x7f63192844c5311bL,0x698d0e4f8466d9d5L,0x00000000000000d5L },
-      { 0xe10d64fa015d204dL,0x7b626bfa6dd10c53L,0x087f8e63a7698c94L,
-        0x525a654705337a56L,0x558e2244df5c782fL,0x48aa1e41855fbaffL,
-        0x48f2218e47ee3830L,0xf2523959138463d3L,0x000000000000004dL } },
-    /* 208 */
-    { { 0x76f4fd69d8695310L,0xe28eb09f7e8768eaL,0x039c1812e0d532a8L,
-        0xdda67744c572ac79L,0x1f9800e0785d6293L,0x2bfe2a5a3da76bb2L,
-        0x6ed15b90a2bc7217L,0xd80e61bfd1788a8eL,0x000000000000004cL },
-      { 0xb9f4037016730056L,0x46f45fefdced3d43L,0x0afd763c1aa50742L,
-        0x21e5c652ff92ae73L,0x6ef0830d1bb2063fL,0x18306ecc12d22540L,
-        0x4edd9b3a1f15001cL,0xe4eb25b8c0cc5424L,0x00000000000001f4L } },
-    /* 209 */
-    { { 0xed61a714a1db5c18L,0x9454e61e7677074cL,0xe970fbe57bf685deL,
-        0x221b0c53d2145be5L,0xb931881bee49a5f2L,0x00b91afa14b11d03L,
-        0xc6aefe493ec22137L,0x50554e94526200afL,0x000000000000013cL },
-      { 0xd42c45e77364c92eL,0xe0500265735218e8L,0xd281da0284d3f3c5L,
-        0x312f8424dbf7646bL,0xe1a88f2a485f304fL,0x583f56311127a513L,
-        0xed7950c71a60e0bcL,0x92855e104b7b70a4L,0x00000000000000c6L } },
-    /* 210 */
-    { { 0x8d06185c644614e7L,0x2e906cae4749a424L,0x585412ea2587e528L,
-        0x3763990ad12857cdL,0x770c7f70ba5593b5L,0xc2cf6dc4dd5d2a46L,
-        0x564da4563b69a1baL,0x639f7e14187895daL,0x00000000000001c8L },
-      { 0x05c96b02f8589620L,0x2fe468a341e44054L,0xbf22da11096ad09cL,
-        0xbc73c2989c652aeeL,0xcdef9f8b547e1b8fL,0x7073785a977dbf73L,
-        0x0a92a1aa7e13552dL,0x227611403a393d3fL,0x000000000000015bL } },
-    /* 211 */
-    { { 0x89a5a7b01fbfaf32L,0x5c5a62d0be661d21L,0x47970f5ef5e3b44dL,
-        0x3ea001edf43bbf62L,0xa8e74285260ae5a0L,0xeb899ebd2697c62cL,
-        0x36a003e6751a7643L,0xef178c51ba0725a6L,0x00000000000000eaL },
-      { 0xaacf8e9f9bd51f28L,0x39febbdba8712044L,0x8780ad3a5bfc8365L,
-        0x408a34cd10e6f08fL,0x8104ca108241ab0eL,0x843e71ce98a662a1L,
-        0x9dce8514232048d6L,0x5cba23be1cf3d187L,0x00000000000001faL } },
-    /* 212 */
-    { { 0x2fe8c9d22973a15cL,0x66fec8ddd42979f3L,0x39af4a390b6afb3eL,
-        0x0bb1e436ab65ef22L,0x8f26201e66c5fcdbL,0x3cffe8a35af4870bL,
-        0x65ae286f2bb44e24L,0xda2e283a51dd1722L,0x0000000000000114L },
-      { 0x4a9c9a56c1e3d708L,0x4fe62d3f1cb0efa6L,0xf070298497e87540L,
-        0x138b7d6b3cea46faL,0x0780634e83886263L,0x27e8428071c30909L,
-        0xf0af79d7e5838647L,0xc1b86582b236a267L,0x0000000000000104L } },
-    /* 213 */
-    { { 0x32ff09eda526c894L,0x95abf12014ac7d23L,0xb6f94dcd3cd92934L,
-        0xffaaeb1292e6b556L,0x193796ea1036c31bL,0xa9d237e7707ff32eL,
-        0xd65a5b0d829d67b8L,0x48edb556db29248bL,0x00000000000001b3L },
-      { 0x6ee9f9b2ded46575L,0x496ca08affa69acfL,0xd5aeb3a1f16d37d1L,
-        0x4a507db1789e5d01L,0x05e2ce29c827cc45L,0x29b6e4a52964e677L,
-        0x0563b0ba4c0e46f2L,0xe75c24484bc46485L,0x00000000000000a3L } },
-    /* 214 */
-    { { 0x0fcb476fd2f6615dL,0x4b7f9b78d98da9a9L,0xe2fddf1cd2bdf107L,
-        0x2bda30869b956f31L,0xf3cca2f7b596eadfL,0x91c09f8b355b2538L,
-        0x46f3f6f3c6c846dbL,0x9bb9398e2a14642eL,0x00000000000001ffL },
-      { 0x5118d4f5a17bd645L,0x57033eabdbd6d552L,0x007e86fc734d0957L,
-        0x98ca065f5f53c435L,0x9949d9bffd27dd19L,0xddc4e3046952d1caL,
-        0x84cab4fb81ac101cL,0x46d079f94a56b007L,0x0000000000000003L } },
-    /* 215 */
-    { { 0x95eb8e4fa6bfdeddL,0x993a285e7a74c6f9L,0x8bd5d4d13d09a252L,
-        0xeaa10be619a5f767L,0xd3db083e0cebb340L,0xc633a78b1dbf7a83L,
-        0x2664bc3ec30f23e1L,0x6630f8f107a08379L,0x00000000000001c9L },
-      { 0xbbf4cb4bdef86a80L,0x1fa4ec783f8259abL,0xa4bf7604609532c8L,
-        0x71bb7acc8b909e92L,0xca1d731717884160L,0x7f7f14beca1ab928L,
-        0xbfea016e5f8455a5L,0x7b8c76b9bf21e899L,0x000000000000002dL } },
-    /* 216 */
-    { { 0x468605634b9f8e7dL,0x201176b763fc58a8L,0xe7a5da7e2feed68aL,
-        0xcc67763e65183190L,0x7d7d0102e9377ad6L,0xccfc472077032321L,
-        0x573ee031534bb505L,0x1bf1ef8c0f1a2769L,0x00000000000000f3L },
-      { 0x635f5c4b0c935667L,0x74152c39060d2b8bL,0xeffaac2e37c3a574L,
-        0xfd5fcc4c0b72e0cdL,0xb743f9b9f4f60247L,0x05c2e35479e16f33L,
-        0xa2234c473074ef9cL,0x4092f279495aace3L,0x0000000000000124L } },
-    /* 217 */
-    { { 0x5bfd7851b30f9170L,0x715aa1e937fce5b1L,0xcffd55e0928437b9L,
-        0x88acd259c32f1273L,0x5a145cf248be1e34L,0x3a3408607a5bc62bL,
-        0x6296eb1518156f46L,0x397fad192774e1c3L,0x00000000000001e7L },
-      { 0x362f99f49c8225b5L,0x33efce4946b77c4dL,0x451df5308541e91bL,
-        0x0bd2d93438f3d693L,0x0b5de2d6e727b54eL,0x42d929c27622d940L,
-        0x36ace72356f6a94bL,0x64a18cd5fccaf205L,0x0000000000000044L } },
-    /* 218 */
-    { { 0x8dbe0aababa95d63L,0x92780c617b4b346dL,0x6430f8630e0d8142L,
-        0x875be02ab56ef04cL,0xc28feb95785e3633L,0xd5401795c12c93e4L,
-        0x89ff51c1e36f82a3L,0x3c48c89510eeafd6L,0x000000000000016bL },
-      { 0x79287ebad4f064beL,0x1a77d55554ebda99L,0x46745ef2623727eaL,
-        0xa911f59189f366c6L,0x7e5435cdc59d6ebdL,0x3a84daea7524d213L,
-        0xc7b1dd1c4395b38dL,0xca13e7041a823c49L,0x000000000000001cL } },
-    /* 219 */
-    { { 0x6399860c874d64b0L,0x3375b0921653ce0cL,0x16700000eaa11986L,
-        0x62c67909621cd15dL,0xbe1d7dd677d70dcdL,0xeff0f270305bd4cdL,
-        0x076ec621362f8f30L,0x812048167e445b78L,0x00000000000001d8L },
-      { 0x81749a0e161f9758L,0xe60915fea3c4fce2L,0xf537ce41911dd8afL,
-        0xfe36a8ac79a51a09L,0x67fb54b42ca5cf8eL,0x1bdcae07e49057f5L,
-        0xb71ff0c5a4244b64L,0x4815a5364b606583L,0x0000000000000106L } },
-    /* 220 */
-    { { 0x78c69c3eef39cc39L,0x98304564fa6356d1L,0xbd3c3542412fb990L,
-        0xa1d531d379dbb2a5L,0x4865f188e7e75e3dL,0x2dac4e220b0147b1L,
-        0xf59e51ca33d29ab0L,0xc964f7fe37b074efL,0x00000000000000f1L },
-      { 0x7080c0a60e301262L,0x9a4580605390a22dL,0xda677f9acc8a9029L,
-        0xdfae905714c0f1c2L,0x3665ff166e66d9f7L,0xc866dd8c47846924L,
-        0xc5afe98fc4cc307cL,0x60e3ba63e0bf50e4L,0x0000000000000039L } },
-    /* 221 */
-    { { 0x1a785136959ecdb3L,0x289af617f9e959beL,0x5145b2b8cde0dc88L,
-        0xfe9070b07c079e15L,0xf77f04d350e22415L,0xb3ab7372358d6d42L,
-        0x14fd41b9ba7b629aL,0x7b32d80e7400fd25L,0x0000000000000193L },
-      { 0xe5d80d4d7147886fL,0xe08ced61576c81caL,0xe14e8692642717bbL,
-        0x9dcdf198abb4bd21L,0x658be6466530308bL,0xfbf192dad99d19c7L,
-        0x55a3d1b3304ab126L,0x943f4be5fa24de31L,0x000000000000000eL } },
-    /* 222 */
-    { { 0xc54240587fe9ea48L,0xaf24f82561b57486L,0x9d2c413c78719740L,
-        0x27a9be7970eb874dL,0x43fef8e0b62ba3aaL,0x0a23f2862c1bf0acL,
-        0x51c276f34af130e1L,0xf6cd1e9aae55cebfL,0x0000000000000185L },
-      { 0x24defa7f40369093L,0x11f1d9d658581e0aL,0x9900bf33e512ed9eL,
-        0xbf8a8459ed120896L,0x8324555e8b73c399L,0x54a305698f6f54feL,
-        0x2a9d6da53c252355L,0xe6a6f9042a093b31L,0x000000000000016aL } },
-    /* 223 */
-    { { 0xb2e123c9152cdd35L,0xae6e43a886402ef1L,0x892bf0dfb9ce5bd5L,
-        0xb4acb84a75804914L,0x8c7f55fff502eec2L,0x9c8a7b93aa33ef4eL,
-        0x06b10357fd9d2001L,0x3e319ff00ba3bcebL,0x0000000000000027L },
-      { 0x182c2f77abe360a3L,0x57ef5c84adfefca6L,0x9a4f0ca6650b6fccL,
-        0x3f4f8e56aaf0b202L,0x5c8508a0a24ef156L,0xd8f62fd91ea45f13L,
-        0xf2c923a028036dbeL,0x4a9ca4c01a4d103bL,0x000000000000018aL } },
-    /* 224 */
-    { { 0x2a3fb7985448e339L,0xde8770cf18a39976L,0x1160574d7a69170cL,
-        0x4bb05c592b6067acL,0xde0d2db0848138abL,0x149dab924909e794L,
-        0x83a336b6790315f7L,0xcd9074d9a335a258L,0x000000000000013cL },
-      { 0xe839c5e0ac1b784dL,0xab65c8c6ee527ae1L,0xd3c86146a1c88ec0L,
-        0x2201f79046c1bf58L,0x71cec6273fda502aL,0xff3f88eb225b9065L,
-        0x6c1f0c98c556dfcdL,0xaa3222aa484fa5ccL,0x00000000000000acL } },
-    /* 225 */
-    { { 0x17e74bc3c9b4dfd6L,0x25ba8053f8e76293L,0x0307dc059d8c3520L,
-        0x1c9036ccb85a20b4L,0xf2c63f0a23871359L,0x1a99d9d8ca95fb4eL,
-        0x3d7c4f399850c6c6L,0x162969c968299668L,0x0000000000000169L },
-      { 0x7d13c267cb63ee53L,0x67b12e6175eac353L,0xb3369a11191abfcaL,
-        0x5ad0649dee1af69fL,0x4d7a6f0011dc11e7L,0x80f030b8db9f9765L,
-        0xa20001a3f0ab1332L,0xe17c98d239d8cc62L,0x0000000000000194L } },
-    /* 226 */
-    { { 0x720d80b41d8fe898L,0x8d7a28b732184534L,0xf1f3c38504f21740L,
-        0x5d381cd5166aa6afL,0x9cde6084cc560e35L,0xcb041f0a5e61e2cdL,
-        0x621116f5d9b4951aL,0x509e16d37ee2ac2cL,0x00000000000000c4L },
-      { 0xb82a20c42c6fd79eL,0x95b7ee4e3af78b0eL,0x3d9b63c1bad819caL,
-        0x10d674de98552569L,0x17de64b2f9c19d0fL,0xa03fabaf47c5e6a9L,
-        0x858bc4ad2ce2db6fL,0x76c2380a1fc9d18eL,0x00000000000000c9L } },
-    /* 227 */
-    { { 0x91171ef8b064f114L,0x83cb15654f2f0f4cL,0x3052585457b262b7L,
-        0x468c67010f34936cL,0xef26d2fe99a41fedL,0xf6da2267a7f7f6a9L,
-        0x2563b8dba01bfc1bL,0x14b36c85c340ed40L,0x000000000000000eL },
-      { 0x5e57e26425db67e6L,0x85df4e897f2e905fL,0x7832e514026c4268L,
-        0x312be2623e875093L,0x856b5bd83c538691L,0x5b1cae5595734f9dL,
-        0x5a07bfe2d5aa4861L,0x7a4c96f0ce8abb58L,0x00000000000001d0L } },
-    /* 228 */
-    { { 0x7bf54d05523aa2e9L,0xc8841e0ced3d0860L,0x5683f6e27f9bfb69L,
-        0xdcb07f44162bdf85L,0x62d1783907b0dcc9L,0xa2cbb8ab657a536eL,
-        0x98b9a0d27cf47d3cL,0xff154d685eea6370L,0x00000000000001f2L },
-      { 0x568b768a56b232acL,0x4e8d6e363f2a52abL,0xbae87a168837fc60L,
-        0xebc58a83d10a7691L,0xad5e4af0f9455fbeL,0x1a20d6c37d654e2eL,
-        0x8c40fcb9da7c8255L,0x6d7b3cd760d9b931L,0x00000000000000b2L } },
-    /* 229 */
-    { { 0x7b090c3ebb2eaf45L,0xed24d91c62ffb92fL,0xbf2a3ea4a736f23dL,
-        0xb5b99ebd6ff0fde3L,0xbca2b55dca1102f5L,0xf6203cd807e032a8L,
-        0x5410b448a8bf17a8L,0xb86660a7e1dc55b1L,0x0000000000000109L },
-      { 0xb148b1da02a2fbd8L,0xfed85e8b3b22e8a5L,0x1378a0e48712b509L,
-        0x68560148c6a3e516L,0x7100921c1633b503L,0x9392514325512711L,
-        0x7b4931d207d31047L,0x623e722b8542e0bbL,0x00000000000000eaL } },
-    /* 230 */
-    { { 0x084823d324972688L,0x58b83c12003f5762L,0x194d66906d0d4528L,
-        0x842195842c6f747eL,0xc8f8a2e90146d89aL,0x29ec1de77451bbc2L,
-        0xf622b6b8f7f284faL,0x83f1dbe97b71e44fL,0x0000000000000060L },
-      { 0x99649333999dd56bL,0x2cfac0ba97a47de9L,0x6660d8aebbe8fb20L,
-        0x47c29dd8f61d7bcaL,0x6f5fb51d85adc14dL,0xe65ac7884f9fd41cL,
-        0x1ce69dd4ff513e6cL,0x1ace591effe59d3eL,0x0000000000000023L } },
-    /* 231 */
-    { { 0x2e67a438a9fda771L,0x626f652c8663100eL,0xdfb19e48e133f23bL,
-        0x599f88f2035d2d1fL,0x1723a1128d13e878L,0x890aa292fb51ce07L,
-        0xe5f3a70ebbd9ba82L,0xdde82673374514b4L,0x0000000000000155L },
-      { 0x08b2b77ed6f59a95L,0x93f853e302020420L,0x52252ac1ebac7797L,
-        0x6ecdcb99b56b6676L,0x4abdb9f99722a500L,0x26210f3f04e2bad0L,
-        0x0ca5a0ff3034dd4dL,0x333d8080dac0b80dL,0x0000000000000041L } },
-    /* 232 */
-    { { 0xe851070935a85a06L,0x4e166e7642ef1b44L,0x84a90b71a07b3a6dL,
-        0xd6dd6c0030329e6aL,0x20c4ba653d555259L,0xee3b26af6f8ad05eL,
-        0x20e3d5412ab4cccdL,0x79798934a9406424L,0x00000000000001bdL },
-      { 0xf2a1d1848e0c7ff0L,0xbae85efc9543b340L,0xe96431aef51d318bL,
-        0xe5d3ed4e75878fa6L,0x4d2a29dbc2895f52L,0x3af278771f11067cL,
-        0x6ccde9649e7f4ee5L,0x35188da1a56d74daL,0x0000000000000192L } },
-    /* 233 */
-    { { 0xb083212003d310edL,0xd20ee8cc987b0311L,0x9e549d2684c558a8L,
-        0x5e25f3ceb7167ec8L,0xacf114f44bf55bb5L,0x819edc77061c9017L,
-        0x759a44e6deb343c0L,0x58df9f7e04c9b5edL,0x0000000000000078L },
-      { 0x4fa47ebb3bf13222L,0x1e451dcdea07da11L,0x1be9fac3c0d8242fL,
-        0x93257d4d36eb871eL,0xf49e775abea3190dL,0x406d191f4ebe2b33L,
-        0x67aac53c0c110096L,0x5215cf8bd381ac78L,0x00000000000001f4L } },
-    /* 234 */
-    { { 0x387e8a8efa493b79L,0xb20e270b4eb1c2acL,0x9f393fa09ff22320L,
-        0x5ee1baaea91c393dL,0xdeda961a138a8d96L,0x69ab238c97bd50e4L,
-        0xff68d48a2363c8e0L,0xaf8e00e5ce4c4c16L,0x0000000000000158L },
-      { 0x6ccdcf06cfc509a1L,0x60f411efc26cc075L,0x6d0cdfd64d9c57f0L,
-        0xa951485332e99cacL,0x58f9ab3d8b8e9510L,0xa7e98709b10dc3fdL,
-        0x8390843d75ef3509L,0x28ccc9d05a9312c7L,0x00000000000001b6L } },
-    /* 235 */
-    { { 0x1d934f00e341463fL,0x14c8a6ce150da7a0L,0xdb4860fc4109553fL,
-        0xc23bde5aa93f4a91L,0x9f47c7872cd58067L,0x1d3300548433dc80L,
-        0x0c0be7f975a32a7dL,0x08b777d588c75da9L,0x000000000000012eL },
-      { 0xdfc1281761a10d37L,0xed7b61815c50f5a5L,0x28af95db79477c60L,
-        0xa0aa2b7733c5310bL,0x905faab853118267L,0xf40e98166b41959fL,
-        0x9ccb425216b37784L,0x6835d77c69866accL,0x00000000000000c5L } },
-    /* 236 */
-    { { 0xe9d714cb2b450a66L,0x1318885c7dbfdc14L,0x655a8d85b466a0c0L,
-        0x02a21e995bdfc1a6L,0x7a0d7c98e67792d1L,0x2a01bb57b550a797L,
-        0x42c462335d74d337L,0x7be4e1c088dad495L,0x000000000000008bL },
-      { 0x1873b03f95812273L,0x2e26ed32ee3f757fL,0x2c710eae6da6217aL,
-        0x9b50b574261d9f4fL,0x43971fa9b7c1da2dL,0x22c4fb87c4a85de7L,
-        0xf72c3451ec22137bL,0x1345668c77ba1926L,0x0000000000000173L } },
-    /* 237 */
-    { { 0x3e3e8c7a8a3ba183L,0x4e8cebbbfe389fa7L,0x8ea446870f9ba60fL,
-        0x55176e35cb601a83L,0xf90bdc2612e52db4L,0x95f9e4598f712bf1L,
-        0x9bd3200fbea054cdL,0x2cf19bf6dd5fd40bL,0x000000000000017aL },
-      { 0x71cf6ca266736febL,0xbde86f49de7cfe2fL,0xc60abce8fc290563L,
-        0xaae8a3ce726b6e4fL,0xd23824453f29235bL,0xa4b557f5650ffa5eL,
-        0xa1453e54113ef744L,0x7c676a533e426dd2L,0x00000000000001b0L } },
-    /* 238 */
-    { { 0xf5e603f235d96872L,0xab1a23cc3fa5b8caL,0x5459871be988dc5fL,
-        0xe32e8489d430c0bdL,0x7ec269e0764d9cc3L,0xf7238212f2c0c40dL,
-        0x2d946183887b83b4L,0x281fa6712f18a411L,0x0000000000000010L },
-      { 0x8028048f64858b37L,0xe0e149af357de5d9L,0xb2218791619ebb18L,
-        0x210200b39f2b0ba0L,0x5a87eae61039cbaeL,0x4efdcddb39579d1dL,
-        0x1b388eaa2788515eL,0x1a552c3cc81878aaL,0x000000000000002cL } },
-    /* 239 */
-    { { 0x7ac7f5000ea723dcL,0x0a5f04f442b15231L,0x63d49445be885c86L,
-        0x61f9993fff119702L,0xc3fba45cc4c58ceaL,0xe6d151e6b9cd6036L,
-        0x75a3ab1557b923bbL,0x4ec07c52ceb2fd46L,0x0000000000000147L },
-      { 0xc46a3d32ed88239dL,0x0d1b8ae6835ae694L,0xf4fde3259feeb2e7L,
-        0x223bf71c43bc0bb5L,0x3cd220b78f62a705L,0x2224860e9fe799a5L,
-        0xd855870324ab7f93L,0x8e0f7330b594958bL,0x000000000000010fL } },
-    /* 240 */
-    { { 0xaf35c7bb3c67d520L,0xd8f4958b23fca9ecL,0x0778f1948bbaa808L,
-        0x418c30ce2135e8aeL,0xcdd8d9a9c888eff7L,0x72075df0f73144abL,
-        0xb549c8954506a534L,0x4ef389795fbb7fc5L,0x000000000000011cL },
-      { 0x3fe2c9ac43f5e698L,0xce77fcbce38a5e3aL,0x6d05c90e3089c2e1L,
-        0x5a74f3ffac1d5801L,0xaeeda220381b9d2aL,0xd958b143f5f3960bL,
-        0x65ffd0510db7abbeL,0x8e97e6807a05b718L,0x00000000000000ceL } },
-    /* 241 */
-    { { 0x2251e61b8ce86a83L,0x8604159fbf7e7160L,0xfc127dd748f03377L,
-        0x87cb2c3745052242L,0xbd4950f4934ea09bL,0x5146c403c4679441L,
-        0xe8ad471023ba416aL,0x89b81a60af638eb1L,0x00000000000001b3L },
-      { 0xe699934ee8150c69L,0x74f75908e27c14bcL,0x5dc0a8916a0194ffL,
-        0x38f49d321bd51b76L,0x6bc3305e18779630L,0xfe2f3fbffd3b4a68L,
-        0x1409b377d7caf189L,0x029ea13b9b8f109bL,0x00000000000001b3L } },
-    /* 242 */
-    { { 0xef7938d225a2fd88L,0x890f2f7cceba0603L,0x4c3e1c80d7a6dff4L,
-        0x00c78f362883f986L,0xed92b592998e5305L,0x018a8f1b325ddc73L,
-        0x6dffd987d5d3708aL,0xdcd3554f0d1f28bbL,0x0000000000000059L },
-      { 0x17c6e41d23a74e7dL,0x94b61ebe5db32df6L,0x3c2fffa79e7ffa0bL,
-        0x473662b72ebb7a0dL,0xa86415ee01adf9c3L,0x1502c32654679264L,
-        0x169113492fa09c57L,0x897f34aa24749086L,0x0000000000000195L } },
-    /* 243 */
-    { { 0x4845d359abadc253L,0xe054b92cc797c95eL,0x22a9b5bd9a218212L,
-        0x9bb80a5ea52b8827L,0xea38e78e2e61c676L,0xfb274b1a08b0f8b3L,
-        0xb6aa42e3db9d854cL,0x8ba2252356012d73L,0x0000000000000163L },
-      { 0x7cec0e6f75c8c576L,0xabb20e7ce4bc7dd2L,0x0958a0c869d80726L,
-        0xa908c66a8a023eb7L,0xca9f50ea76110b15L,0x668c9994186f61a6L,
-        0x9ddf22ed2a0a69d8L,0xbfee1897bbf8a10fL,0x00000000000001e0L } },
-    /* 244 */
-    { { 0x26d8681848319e4fL,0x6be6f6b55a586fa0L,0xbef5d88626713265L,
-        0xac252ac598529cfaL,0xe7cc45f162b29cfbL,0xee050609a2a6358dL,
-        0xf7cb9ca42940ac70L,0xfb44aaeca885b1f0L,0x00000000000001adL },
-      { 0x66b7a936e798678eL,0xca01e10399540438L,0xf2491e37816860b7L,
-        0xeeffd483b745d857L,0x5dbb3628a4705ed6L,0x57d68d49b2a5d0f7L,
-        0xd1a8529a2389fee3L,0xdbbc25491a7fd686L,0x00000000000001adL } },
-    /* 245 */
-    { { 0xe10cba20969686a3L,0x308b1c55e3c053f5L,0x1712b13426f47102L,
-        0x1f9165b149033038L,0x45b720172d01527bL,0x6fcf6647aa9a34e2L,
-        0x51f54b94b0be35c8L,0xfccb22a55a15e382L,0x00000000000000e3L },
-      { 0xaa71e4ec5b4dc0beL,0xbb136248db1cd5c4L,0xf36bff43046e1007L,
-        0x5a6806d7da9c99a3L,0x9cbfc6ee8349bc50L,0x26871e73e13e0850L,
-        0x5e6aa22767f448c1L,0xba77787c2da7baf9L,0x00000000000001b9L } },
-    /* 246 */
-    { { 0x1abe58eec5a73375L,0x175df69d7a8ac438L,0x2cf3150aceca835aL,
-        0xb87b0609f507d30fL,0x9ae53a2bc60b0424L,0x4931e182410f90ecL,
-        0x452c7d0fadd689bbL,0xab45349147631a8eL,0x0000000000000013L },
-      { 0xaf2dd8568c84f3afL,0x829dc0921baae33eL,0x46542a858b96b070L,
-        0x42260d40e8a82516L,0xb9e5edac5c35322bL,0xbca7956039eda0d2L,
-        0x86bd07c6b962b90aL,0x2e22dac7b1ec5302L,0x000000000000010aL } },
-    /* 247 */
-    { { 0x665fc09d239d8f0aL,0x92b2e03cab8a1021L,0xe43697680173477bL,
-        0xab38ed9f8e361604L,0x79b0091d9eb061beL,0xcd4226543e845670L,
-        0xa0f77ec72fe1a2e0L,0x1d242162760a030fL,0x0000000000000093L },
-      { 0xfa9f834cf8646bc3L,0x7df94a5240ae96f9L,0x901c3890379177d1L,
-        0x9dfd0644ffeb66cdL,0x81aec2ec77b92465L,0x2df3b7f2cd981d4fL,
-        0xc9bc3f69f377b093L,0xdaef34f3dd859d8bL,0x0000000000000125L } },
-    /* 248 */
-    { { 0xac08451ba2c123bcL,0xd1e83a680818fa54L,0x56dd570298957b8aL,
-        0xcc7f2e34f0f12f16L,0x1f6a9c330a9fa14dL,0xefc9a2bbb2fe782cL,
-        0xd319c697709f54ddL,0x0b8238cbd6460a53L,0x00000000000001dcL },
-      { 0xf649290144dfb6f6L,0x270d7cb46e401d26L,0x1a70a40e48537ad8L,
-        0x84d661b570d8dbd9L,0xca27223af170d58bL,0xeeb4cf146344e1d2L,
-        0x2255fc95ab9de1faL,0xcd6e110adbdc5ea7L,0x00000000000001f8L } },
-    /* 249 */
-    { { 0x2a57c6b978b8a0a7L,0x24b4aeb6e833edeaL,0x9e4617c14bd13fe7L,
-        0xc4186888fc2e8ee4L,0x8d398a49fb147eefL,0xe9f191f12e662cfbL,
-        0x61872289958ba2ecL,0xbd6d0f1b00b8d50dL,0x000000000000002dL },
-      { 0x895cfdfe24c93cc9L,0x29ed7780b9e718e7L,0x01c8ba5838baf7ebL,
-        0x0225387e4ddcbf69L,0x64b250bfa180d6bbL,0x6d68e548c947c7c2L,
-        0x82a7b6329923f3cdL,0xb8f036132d103cd2L,0x000000000000000fL } },
-    /* 250 */
-    { { 0x8198b3f08cd9d494L,0x9b2065b994f4f9f3L,0x7664a2203c738fa9L,
-        0x199f4c14d8d229cbL,0xddad75c4c51c54b3L,0x9a32ce0bd213a332L,
-        0xf3a21085888c7b2fL,0x6defa3625b1ff20aL,0x00000000000000d1L },
-      { 0x44e0054819a296ebL,0x1d94ff15d1a91313L,0xd7dead2bfeaa454fL,
-        0xae65a8034d40bd7fL,0x604f147e1801a4afL,0x983048f9a5e0de77L,
-        0xa3b19ca5ff572ca0L,0xa237dba71821d117L,0x00000000000000e0L } },
-    /* 251 */
-    { { 0xedbabf8491630ee8L,0xde6589c205eb5301L,0x9f7d2b2da051f47bL,
-        0xaeaa9f96212bbe81L,0xdced3d5e94292124L,0x691f5b89f4435e5bL,
-        0x19604c339411f66fL,0xb7fc09ca4356f0daL,0x00000000000000e6L },
-      { 0x1294e413f74f811cL,0x1a42d831df8d8ddbL,0x27f57217963418c9L,
-        0x5fde521888ebcdecL,0xfdd5e06eea305bc9L,0xed1e6088ac668b61L,
-        0x333af016eb811861L,0x5ecb192d15ddcebcL,0x00000000000001c9L } },
-    /* 252 */
-    { { 0x927b37a3e0bde442L,0xe0543fe866f7a73eL,0xd30d9d208ed10c2eL,
-        0xaf79c341a6617a32L,0xe7367870d1d5cf8bL,0x02d0dce9e3abcf8bL,
-        0xfe23d2dd772b5e7bL,0x29fceea01ffc70c5L,0x000000000000010bL },
-      { 0x31bcae4d62d803ffL,0x93ee913fdbc306a9L,0xaf1de7abd8c10662L,
-        0xd485782ae7a6d658L,0x9126592e102f4e06L,0x91a3127f136fafe6L,
-        0x46b9344088371213L,0x53bb4380a31e1634L,0x00000000000000baL } },
-    /* 253 */
-    { { 0x62e517fcca5636b0L,0x4296e0216aba15c7L,0x5aa8fd7c212e7b2dL,
-        0x9517ce6d5717ad84L,0xe762b85b98b2f357L,0x42f996b5df59b07cL,
-        0xf3732abbf37ef6f0L,0xa5d145ea4542b489L,0x000000000000015dL },
-      { 0x1e77c55eaa7f6e3fL,0x3f4d99a7aa4a05bcL,0xa56d7d7745828227L,
-        0xdb0895fb77b748fbL,0x1c484cce0629f5d1L,0xf5b1c90a359803fbL,
-        0x43ac4f291720b8d0L,0x8c10bfe872ac13f2L,0x00000000000000e9L } },
-    /* 254 */
-    { { 0x9d1c4785c06c4fd6L,0xbf4b9025d25c2b9dL,0x04135eb1d4982f24L,
-        0x3ab3edc2ba4fef2bL,0x55a5239f98de07abL,0xd5fc49ab096f4b7dL,
-        0xc50a29603844c815L,0xdb1148d015676b2bL,0x0000000000000047L },
-      { 0xc49f9cc510f3bad9L,0x490888fc022901d4L,0x917a55ebc47b44dfL,
-        0x20b2ebc6f39f2b68L,0x0c58e3af04e9962aL,0x52ab7c1b573dd5b7L,
-        0x2b54add6a329f76cL,0x59dad1eb82f4ca3bL,0x0000000000000108L } },
-    /* 255 */
-    { { 0x662c4128a182d1adL,0x7751796e20916c45L,0xa7704272ba681647L,
-        0xfac8b0fab92c85c1L,0x207ab2dfaefb2e07L,0xc73530a07861b32dL,
-        0x63dbed6588aed145L,0x547bcdca0a53a49dL,0x00000000000000bdL },
-      { 0xa7c1382f87056b51L,0xc3d91edb130f9912L,0xf7c7de46d3805b42L,
-        0x456101ebfd31a995L,0x1efd22b4cd3fb8aaL,0xfe391df79eb17bceL,
-        0xb4d4c0c6616c0c32L,0x19f023be711beef4L,0x0000000000000112L } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_9(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* WC_NO_CACHE_RESISTANT */
-#else
-/* The index into pre-computation table to use. */
-static const word8 recode_index_9_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_9_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<75; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 9)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 9) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_9_7[y];
-        v[i].neg = recode_neg_9_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_65_9(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-    sp_digit x0 = 0;
-    sp_digit x1 = 0;
-    sp_digit x2 = 0;
-    sp_digit x3 = 0;
-    sp_digit x4 = 0;
-    sp_digit x5 = 0;
-    sp_digit x6 = 0;
-    sp_digit x7 = 0;
-    sp_digit x8 = 0;
-    sp_digit y0 = 0;
-    sp_digit y1 = 0;
-    sp_digit y2 = 0;
-    sp_digit y3 = 0;
-    sp_digit y4 = 0;
-    sp_digit y5 = 0;
-    sp_digit y6 = 0;
-    sp_digit y7 = 0;
-    sp_digit y8 = 0;
-
-    for (i = 1; i < 65; i++) {
-        mask = 0 - (i == idx);
-        x0 |= mask & table[i].x[0];
-        x1 |= mask & table[i].x[1];
-        x2 |= mask & table[i].x[2];
-        x3 |= mask & table[i].x[3];
-        x4 |= mask & table[i].x[4];
-        x5 |= mask & table[i].x[5];
-        x6 |= mask & table[i].x[6];
-        x7 |= mask & table[i].x[7];
-        x8 |= mask & table[i].x[8];
-        y0 |= mask & table[i].y[0];
-        y1 |= mask & table[i].y[1];
-        y2 |= mask & table[i].y[2];
-        y3 |= mask & table[i].y[3];
-        y4 |= mask & table[i].y[4];
-        y5 |= mask & table[i].y[5];
-        y6 |= mask & table[i].y[6];
-        y7 |= mask & table[i].y[7];
-        y8 |= mask & table[i].y[8];
-    }
-
-    r->x[0] = x0;
-    r->x[1] = x1;
-    r->x[2] = x2;
-    r->x[3] = x3;
-    r->x[4] = x4;
-    r->x[5] = x5;
-    r->x[6] = x6;
-    r->x[7] = x7;
-    r->x[8] = x8;
-    r->y[0] = y0;
-    r->y[1] = y1;
-    r->y[2] = y2;
-    r->y[3] = y3;
-    r->y[4] = y4;
-    r->y[5] = y5;
-    r->y[6] = y6;
-    r->y[7] = y7;
-    r->y[8] = y8;
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-static const sp_table_entry_521 p521_table[4875] = {
-    /* 0 << 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 0 */
-    { { 0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L },
-      { 0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L } },
-    /* 2 << 0 */
-    { { 0xf43e3933ba6d783dL,0xcf2fa364d60fd967L,0xaa104a3a35c5af41L,
-        0xb3b204da6ef55507L,0x2c6e5505d769be97L,0x7403279b1ccc0635L,
-        0x2fcb288148c28274L,0x3c219024277e7e68L,0x0000000000000043L },
-      { 0x1be356d661f41b02L,0xeafcbe95edc0f4f7L,0x93937fa99a3248f4L,
-        0xb3e377de9f251f6bL,0xab21a29906c42dbbL,0xc6b5107c4da97740L,
-        0xa7f3eceeeed3f0b5L,0xbb8cc7f86db26700L,0x00000000000000f4L } },
-    /* 3 << 0 */
-    { { 0xa5919d2ede37ad7dL,0xaeb490862c32ea05L,0x1da6bd16b59fe21bL,
-        0xad3f164a3a483205L,0xe5ad7a112d7a8dd1L,0xb52a6e5b123d9ab9L,
-        0xd91d6a64b5959479L,0x3d352443de29195dL,0x00000000000001a7L },
-      { 0x5f588ca1ee86c0e5L,0xf105c9bc93a59042L,0x2d5aced1dec3c70cL,
-        0x2e2dd4cf8dc575b0L,0xd2f8ab1fa355ceecL,0xf1557fa82a9d0317L,
-        0x979f86c6cab814f2L,0x9b03b97dfa62ddd9L,0x000000000000013eL } },
-    /* 4 << 0 */
-    { { 0xfbc87412871902f3L,0xa1d5025b08e5a5e2L,0xe8b88e9f078af066L,
-        0x8659e24afe3d0750L,0x06c5d55541d3ceacL,0xc61c891c5ff39afcL,
-        0x54b483487c9070cdL,0xb5df64ae2ac204c3L,0x0000000000000035L },
-      { 0xe21f47fc346e4d0dL,0xbb7faef04699d1d9L,0x5224f750a95b85eeL,
-        0x79f283e54ba38540L,0x5ae63fe2f19907f2L,0x5521aef6e6e32e1bL,
-        0x73e0178eb0b4abb6L,0x096f84261279d2b6L,0x0000000000000082L } },
-    /* 5 << 0 */
-    { { 0xd5ab5096ec8f3078L,0x29d7e1e6d8931738L,0x7112feaf137e79a3L,
-        0x383c0c6d5e301423L,0xcf03dab8f177ace4L,0x7a596efdb53f0d24L,
-        0x3dbc3391c04eb0bfL,0x2bf3c52927a432c7L,0x0000000000000065L },
-      { 0x173cc3e8deb090cbL,0xd1f007257354f7f8L,0x311540211cf5ff79L,
-        0xbb6897c9072cf374L,0xedd817c9a0347087L,0x1cd8fe8e872e0051L,
-        0x8a2b73114a811291L,0xe6ef1bdd6601d6ecL,0x000000000000015bL } },
-    /* 6 << 0 */
-    { { 0x23731bedf79206b9L,0x2f66e95657f380aeL,0xe0727a239531be8cL,
-        0x5fbcca16153f7394L,0x981506ade4ab0152L,0x623d30977fd71cf3L,
-        0x2eff34f94480d195L,0x4569d6cdb5921953L,0x00000000000001eeL },
-      { 0x1eaccd7858d44f17L,0x3dc7b8b55ca0dadeL,0xf96c984de274f220L,
-        0xcab72d0e56648c9dL,0x7240a926201a8a96L,0x2aabbb73da5a808eL,
-        0xe2dd270546e3b111L,0x0255ad0cc64f586aL,0x00000000000001deL } },
-    /* 7 << 0 */
-    { { 0x01cead882816ecd4L,0x6f953f50fdc2619aL,0xc9a6df30dce3bbc4L,
-        0x8c308d0abfc698d8L,0xf018d2c2f7114c5dL,0x5f22e0e8f5483228L,
-        0xeeb65fda0b073a0cL,0xd5d1d99d5b7f6346L,0x0000000000000056L },
-      { 0x5c6b8bc90525251bL,0x9e76712a5ddefc7bL,0x9523a34591ce1a5fL,
-        0x6bd0f293cdec9e2bL,0x71dbd98a26cbde55L,0xb5c582d02824f0ddL,
-        0xd1d8317a39d68478L,0x2d1b7d9baaa2a110L,0x000000000000003dL } },
-    /* 8 << 0 */
-    { { 0x86f9ea54aa78ce68L,0xb56289b5a6f40405L,0x8b598c1bc8d79e1aL,
-        0x5bfea5b8579f49f0L,0x8b8a3b05f826298fL,0xd4e29d8a9b003e0aL,
-        0xa8348396b010e25bL,0x22c40fb6301f7262L,0x0000000000000008L },
-      { 0x8ad642f11f17801cL,0x9f3ba94009471353L,0xf0ba0df065c57869L,
-        0x89e9c0aa5911b4bfL,0x5083de610677a8f1L,0x44f8ede9e2c0715bL,
-        0x48fdab6e78853b9aL,0x31911d5542fc4820L,0x0000000000000163L } },
-    /* 9 << 0 */
-    { { 0x1f45627967cbe207L,0x4f50babd85cd2866L,0xf3c556df725a318fL,
-        0x7429e1396134da35L,0x2c4ab145b8c6b665L,0xed34541b98874699L,
-        0xa2f5bf157156d488L,0x5389e359e1e21826L,0x0000000000000158L },
-      { 0x3aa0ea86b9ad2a4eL,0x736c2ae928880f34L,0x0ff56ecf4abfd87dL,
-        0x0d69e5756057ac84L,0xc825ba263ddb446eL,0x3088a654ee1cebb6L,
-        0x0b55557a27ae938eL,0x2e618c9a8aedf39fL,0x000000000000002aL } },
-    /* 10 << 0 */
-    { { 0x87ff09a04f2f3320L,0x7c2e411f1a8e819aL,0x9daa4da9842093f3L,
-        0xa2c7c178fcc26329L,0x4a9246b11ada8910L,0x901d879ac09ac7c3L,
-        0xfcfe7bb6721ec4cdL,0xeb8f22bda61f281dL,0x0000000000000190L },
-      { 0x2954bc98135ec759L,0xf3689639739faa17L,0x536f6163dc57ebefL,
-        0xbf5349d44d9864bbL,0xa97fd78a62ef62d2L,0xc2eeb2144251b20bL,
-        0xbaeab3b0ca2ba760L,0x5d96b8491614ba9dL,0x00000000000001ebL } },
-    /* 11 << 0 */
-    { { 0xecc0e02dda0cdb9aL,0x015c024fa4c9a902L,0xd19b1aebe3191085L,
-        0xf3dbc5332663da1bL,0x43ef2c54f2991652L,0xed5dc7ed7c178495L,
-        0x6f1a39573b4315cfL,0x75841259fdedff54L,0x000000000000008aL },
-      { 0x58874f92ce48c808L,0xdcac80e3f4819b5dL,0x3892331914a95336L,
-        0x1bc8a90e8b42a4abL,0xed2e95d4e0b9b82bL,0x3add566210bd0493L,
-        0x9d0ca877054fb229L,0xfb303fcbba212984L,0x0000000000000096L } },
-    /* 12 << 0 */
-    { { 0x7be69571bf842d8cL,0x3774c75c530928b1L,0x477fee9a60e93801L,
-        0x44e90b7c3fb81b31L,0x107cf7a5967713a6L,0x81874157958457b6L,
-        0xe4fae9749c7fde1eL,0xd9dcec93f8221c5dL,0x00000000000001c0L },
-      { 0x79e7b1a3281b17f0L,0x884ba72224f5ae6cL,0xcc10a6f951b9b630L,
-        0xd6d18843d86fcdb6L,0x5e404abf6a17c097L,0x63fe65ab71494da4L,
-        0x3ce1d103a682ca47L,0x48b5946a4927c0feL,0x0000000000000140L } },
-    /* 13 << 0 */
-    { { 0x1887848d32fbcda7L,0x4bec3b00ab38eff8L,0x3550a5e79ab88ee9L,
-        0x32c45908e03c996aL,0x4eedd2beaf5b8661L,0x93f736cde1b4c238L,
-        0xd7865d2b4924861aL,0x3e98f984c396ad9cL,0x000000000000007eL },
-      { 0x291a01fb022a71c9L,0x6199eaaf9117e9f7L,0x26dfdd351cbfbbc3L,
-        0xc1bd5d5838bc763fL,0x9c7a67ae5c1e212aL,0xced50a386d5421c6L,
-        0x1a1926daa3ed5a08L,0xee58eb6d781feda9L,0x0000000000000108L } },
-    /* 14 << 0 */
-    { { 0x2c9e682dd3432d74L,0x6767f6b812efbf5dL,0x79df3e4b7bc744aaL,
-        0x74fc06c8b897222dL,0xd4fb0babe0b31999L,0x958b401494116a2fL,
-        0xe1b8ccfaaf84ded1L,0x5bc7dc551b1b65a9L,0x0000000000000187L },
-      { 0x41669f852700d54aL,0x5b690f53a87c84beL,0x11e89bf1d133dc0dL,
-        0xd07781b1b4f3584cL,0x0847ce9b86d7ed62L,0x8470122b8e51826aL,
-        0xd66290bbabb4bdfbL,0xa4923575dacb5bd2L,0x000000000000005cL } },
-    /* 15 << 0 */
-    { { 0xe9afe337bcb8db55L,0x9b8d96981e3f92bdL,0x7875bd1c8fc0331dL,
-        0xb91cce27dbd00ffeL,0xd697b532df128e11L,0xb8fbcc30b40a0852L,
-        0x41558fc546d4300fL,0x6ad89abcb92465f0L,0x000000000000006bL },
-      { 0x56343480a1475465L,0x46fd90cc446abdd9L,0x2148e2232c96c992L,
-        0x7e9062c899470a80L,0x4b62106997485ed5L,0xdf0496a9bad20cbaL,
-        0x7ce64d2333edbf63L,0x68da271571391d6aL,0x00000000000001b4L } },
-    /* 16 << 0 */
-    { { 0x3a6c508f81a8402fL,0x0dbf5c8007dcdc53L,0xe5965da7985630dfL,
-        0x943ff18861ca00a0L,0xd632f8d20b188a52L,0x2a87f66192fd3f3dL,
-        0xda97da26ac743b0bL,0x7d10d8a89c8ad05dL,0x00000000000001d1L },
-      { 0x52e272f89bc73abeL,0x9e3004d28d186333L,0x0b3075ac9d998852L,
-        0xc182e1398db547aaL,0xc7ca30c94b6b82c1L,0x1335e4c3b800d50eL,
-        0xc714b18d3d3e6972L,0x37343c582d77001fL,0x000000000000007aL } },
-    /* 17 << 0 */
-    { { 0x76f817a853110ae0L,0xf8c3042af0d1a410L,0xdf4e799b5681380fL,
-        0x760a69e674fe0287L,0xd66524f269250858L,0x99ee9e269fa2b3b4L,
-        0xa0b874645923906aL,0x0ddb707f130eda13L,0x00000000000001b0L },
-      { 0x35b9cb7c70e64647L,0xe6905594c2b755f5L,0xd2f6757f16adf420L,
-        0xf9da564ef6dd0bf0L,0x8d68ac2b22a1323dL,0xb799534cf69910a9L,
-        0xc111d4e4aeddd106L,0x683f1d7db16576dbL,0x0000000000000085L } },
-    /* 18 << 0 */
-    { { 0xfdf44d01dd99c61dL,0x84ce572f5a15c423L,0x2f0702c3096dec08L,
-        0x6edbb8525bffe522L,0xbd0cfe367de4666dL,0xf7e86dbc7bf99a7aL,
-        0xcb2edcc5b63d1281L,0x33425e72a12779eaL,0x00000000000001bcL },
-      { 0x35d841e2d8f9a86aL,0xa79fe15b19f84fd1L,0x915d1b4b45209b9dL,
-        0x234aeb201f7a9133L,0x2c8e4a00ac84c044L,0x4fb07ce0d196f255L,
-        0xe3e74d33d9e63d02L,0x06e999885b63535dL,0x000000000000010dL } },
-    /* 19 << 0 */
-    { { 0x78ff0b2418d6a19bL,0xfecf431e725bbde4L,0x9232557d7a45970dL,
-        0xfa3b309636266967L,0xfff0acdb3790e7f1L,0x45b77e0755df547eL,
-        0xc0f948c2d5a1a072L,0x8dcce486419c3487L,0x0000000000000099L },
-      { 0xa9091a695bfd0575L,0xf5a4d89ea9fbfe44L,0xb0ec39991631c377L,
-        0x73ad963ff2eb8cf9L,0xcc50eee365457727L,0x67d28aee2b7bcf4aL,
-        0xc3942497535b245dL,0xd5da0626a021ed5cL,0x0000000000000137L } },
-    /* 20 << 0 */
-    { { 0xe2603bfb11b0344fL,0xad792e43b74e16d8L,0x11dd48b9bdb3cd5cL,
-        0x09506339cb1049cbL,0x2e968fbed342b517L,0xbd767c2ab0d93fb1L,
-        0x3deeae39cc6f8cc2L,0xdd7f1b889598a465L,0x000000000000018bL },
-      { 0xdd3287fed0990f94L,0x37ccb22eee9cfc94L,0xedfaec1030da8ef8L,
-        0x4da3bdddc6d4eae7L,0x546c550952d31120L,0x9ee7f52b410b9444L,
-        0x6908296959bf0af8L,0xaadbe63f68ca5b6bL,0x00000000000000c5L } },
-    /* 21 << 0 */
-    { { 0x42ef399693c8c9edL,0x37ac920393a46d2dL,0xd9497eaed827d75bL,
-        0x46257eae4d62a309L,0x19523e759c467fa9L,0x268bb98c2ed15e98L,
-        0x3cc8550859ed3b10L,0xcbb2c11a742bd2fbL,0x00000000000001a1L },
-      { 0xe60bc43c9cba4df5L,0x7c9b0f17649ccb61L,0xbeb43a372c63eec5L,
-        0xdf741a53da483295L,0x180a296f6bafa7f7L,0xe83c0059c5193e6cL,
-        0x2c12da7c5e40ce62L,0x209d7d4f8eeb3d48L,0x000000000000011aL } },
-    /* 22 << 0 */
-    { { 0x4e38650bb6f5a561L,0x904b3a12cae0af93L,0xadfffcca8b28ca1fL,
-        0x74cbfe1018ffcd40L,0xbde3122096c4089fL,0xa7facca319d4b7aaL,
-        0xf1f6e66dc1eae621L,0x00ce6190c6d36ca5L,0x0000000000000097L },
-      { 0x64319ad5a535acadL,0x5c43427efea6210dL,0x2f22ec132ed14e5cL,
-        0xf40ac9cdadfe028aL,0x95e0fd06c5b46824L,0xbe4a8d24e415f9c1L,
-        0x61c78fad62100104L,0x78827e13569356b0L,0x00000000000001fbL } },
-    /* 23 << 0 */
-    { { 0xa1c6a5ece2af535cL,0x07e1f1ac26ae5806L,0xe9e3f8e9a5ec53e2L,
-        0x1f6f83fc9af5b0afL,0x490d234d0cdd4510L,0xee7a39ba785fb282L,
-        0xdb1cacec5f547b8eL,0x0b275d7290159376L,0x00000000000001aeL },
-      { 0xd815c3536fa0d000L,0x213b4450a8d23856L,0x3c27b27bb07dd0c2L,
-        0x10843361ee97fcf4L,0xb431647844c2dc0eL,0x7d759ff890d05832L,
-        0x68a2858fc068471cL,0xc97a825e53853806L,0x00000000000000f2L } },
-    /* 24 << 0 */
-    { { 0x44a18c28b69bcef2L,0xc710838fa0a4198fL,0x6fdefaa4a86f6559L,
-        0x93ad7a9b2d0e4f66L,0x91391a8862c2cd7fL,0x0e49a0e6ec407366L,
-        0xb447ce5d4930becfL,0x8e98d1008e9d525dL,0x0000000000000096L },
-      { 0x8a0b537a0b446729L,0x0575ce65dd7dd9fdL,0x8385e09fa134f793L,
-        0xa48f492cf3d07536L,0xb4cd2b81880aa962L,0xa555cd2f64a2b032L,
-        0xe44476658a352aa7L,0xa7e96f293f75117cL,0x00000000000001e1L } },
-    /* 25 << 0 */
-    { { 0x3f8c2460bf70ace0L,0xe41e0eb1c25d3fb1L,0x56e87e2aa648ff27L,
-        0xa91856917c36ee4dL,0x1c772c8c5499994aL,0x0073102651b107b1L,
-        0xa35874a6f5dff9d2L,0xe84c6d5c5a9a1834L,0x0000000000000154L },
-      { 0x4325bce404c78230L,0xeede2a54672e6b6dL,0xd1e2370a6a5972f5L,
-        0xdee3543572fbc1a0L,0xf66c2888151666a6L,0x15a923eb0022a0c7L,
-        0xe22a28f80bb60d3fL,0x0fdce9171910473aL,0x00000000000000cdL } },
-    /* 26 << 0 */
-    { { 0x60d9e9a7e8c685c6L,0x68dd29c10c73e410L,0x007102d5dd038ed7L,
-        0xf686bfc27593b717L,0x09bc2cbefa11d6aeL,0x31a02407e9a85766L,
-        0xd9857bb0c04dcd13L,0x61bd55cc8b533222L,0x000000000000017bL },
-      { 0xe74aacc5b9b4844bL,0x5b8bff6c058ff572L,0xd74b5b2ac347d133L,
-        0xb4ddb8a4191a4648L,0xcbdc724709e1f426L,0xc8b4ac79f5a29ba2L,
-        0xa0196c0682be4633L,0x4da05ea4b9de3bbeL,0x00000000000001c3L } },
-    /* 27 << 0 */
-    { { 0x357643017002d68bL,0xb215604492ec4568L,0x51353aeda0d3163cL,
-        0x80b2123da719d483L,0x33f35187e135854dL,0x8739535d0e4f862cL,
-        0x62a4d4eb889e646fL,0x373edf8218f9b6a7L,0x0000000000000160L },
-      { 0xf3e6aeca5d90b740L,0x463ffe709d45acb3L,0x13b874f4a8bb572eL,
-        0x1efa491ed92ebc54L,0x4a56f78e1a1b2201L,0x9fd193c5cf52c3bbL,
-        0xe5828401ac06a3faL,0x597050014dcfe1c5L,0x00000000000000f1L } },
-    /* 28 << 0 */
-    { { 0xe160709ed9985b0cL,0x291adc92433ee2deL,0xb93220fe2ad07f0bL,
-        0x949da6c395738534L,0x116d7f87032133e2L,0x988bb828d895ed5dL,
-        0xec5c29642dd68d1aL,0x95646effed8e5f6fL,0x0000000000000191L },
-      { 0xc31c832ba74eed38L,0x886f4ded1741425aL,0x2e495cf2adcdd6b5L,
-        0xb345b828c8b09a2bL,0x5443c5d9216ae388L,0x606d3f34656a52efL,
-        0xce28b4724f834f49L,0xacd53b00c9f29f3eL,0x0000000000000177L } },
-    /* 29 << 0 */
-    { { 0x2c3927618eda25dcL,0xf33d8595d51f6d96L,0x4003ab8e847ffb9eL,
-        0x5ca9bc06876d7291L,0x28bef38f7664a130L,0xf9f45131e86265ecL,
-        0xb3c1fbfcb65a085fL,0xc644d6c94b68287dL,0x0000000000000174L },
-      { 0x187bbbc4821a0c30L,0x0679927c26ebbfbdL,0x50c2732d706d303fL,
-        0xbe0e21952ce0d90bL,0xb5cf5eb795ad34b7L,0x0233ef8fcb6441fcL,
-        0x05acc95b41b7b782L,0xf3a7c2f87f419e68L,0x000000000000011aL } },
-    /* 30 << 0 */
-    { { 0x6117fab72ec4b081L,0xf7d9b10f1b0af595L,0x352756cc169eac6bL,
-        0x35573f35d14754c6L,0xea52dbcbae2a3e44L,0x3cf015e1f913a610L,
-        0x0b6913261570a6b3L,0x87d70d11074b36bbL,0x00000000000000d0L },
-      { 0xb64d6af6579dbed3L,0x069edd46ff01cfc7L,0xf279efee5d860be9L,
-        0x54d5b99d1d7d4adaL,0xe47015660d29f153L,0xbcde1cd94afbdbd3L,
-        0x811d7b95a6ac2dceL,0xd07f8c3cafdc1636L,0x00000000000000c4L } },
-    /* 31 << 0 */
-    { { 0x2257d0e0c16a8803L,0x0dcfb5e488e24812L,0xfc14c1ac09cd6b22L,
-        0xd65543a904c9d429L,0x7260a83ca5e7726cL,0xb574589657c2a661L,
-        0x006a58cdb7307b7dL,0xe9920cf30f0c6615L,0x00000000000000d8L },
-      { 0xca4677c739792d19L,0xaa1bd97c7b54318aL,0x139a868cae4cc263L,
-        0xf76b8c3244d14790L,0x0aefb72cbed1aa30L,0x8b5406328f10c806L,
-        0xdf09c13a214a30ecL,0xb023b5454a663987L,0x0000000000000127L } },
-    /* 32 << 0 */
-    { { 0x47915ab876e56a9eL,0x9cf7475cd6c5c782L,0x67d69bd6ba5d1f94L,
-        0xea04a35dc73596ecL,0xdba7ecefb9e5ebd6L,0x3e3e16654e068038L,
-        0x43707af94ba15b34L,0xba3596d20a3a4694L,0x0000000000000166L },
-      { 0x95ca9a9914a156aaL,0xcd98c965ab961636L,0xb74de1c7ea0f36dfL,
-        0xe204cdb818cdd6b9L,0xc1df01c65c2dd77dL,0xff7bd8bf5ff01967L,
-        0x1635e75ff3e08268L,0x7b0ff4d1940ab811L,0x0000000000000047L } },
-    /* 33 << 0 */
-    { { 0x5ea2e1fc649f308dL,0xa5ec59186b2ed12dL,0xe9a519a57aa53ac2L,
-        0xabdbea7e2b77ef1aL,0xf381421a74236df0L,0x52086d482be92613L,
-        0x8c76eb4e3c76f58eL,0x4195f0978fb969e6L,0x0000000000000028L },
-      { 0x6be95a3dd3e11c4dL,0x88effd5c228b58f3L,0x00bd7216c16deb3aL,
-        0xe7656ecbf3d138bfL,0x9e016769614ac5f2L,0x24d513abe063c663L,
-        0x7b7a3bc869056d3aL,0x43eb08c656dc636bL,0x000000000000007eL } },
-    /* 34 << 0 */
-    { { 0xdfeab253d54e4d87L,0x55ac0435b8317a8dL,0xc1f1f8993db2173bL,
-        0xa866a98b697d432cL,0x0e7d84e588581cdeL,0xeb8db26b14dbf8bfL,
-        0x48c58962f5b7c130L,0xf66451d0843fb594L,0x0000000000000122L },
-      { 0xda9dba82fd9a06dcL,0x6baa5223db7571bcL,0x13184d9be8ea9140L,
-        0x5097293e4f87a6a4L,0xd357d7c04965b051L,0xa373f5aee0a89a48L,
-        0xc1f12141aee1538aL,0xd137b942249932f3L,0x00000000000001beL } },
-    /* 35 << 0 */
-    { { 0xdc1039c9ccd7d718L,0xa92ff614b5dcc8d8L,0xee4a618608f6b2ceL,
-        0xb4806c84fda74023L,0xc4a780b56f97392bL,0xa267a642b593e0bfL,
-        0x398b62069e0ba392L,0xc300757549630a78L,0x00000000000000ddL },
-      { 0x3eb1d3ef241e07f4L,0xdeba4db422640a4dL,0x5c212522ee69e797L,
-        0x9ab1178bd2c70142L,0x462796591a31db50L,0xa510936cb5d85bcfL,
-        0x1b83431f0c30dbbfL,0xbd2d07f6ac7fc5ccL,0x00000000000000c1L } },
-    /* 36 << 0 */
-    { { 0xae56cbf798bd6ef0L,0x5323bdc821e585edL,0xe724672821b585e0L,
-        0xf385da9cc679bb96L,0xe81a91dac8198aa9L,0x2a25afe471eb8ad9L,
-        0x514d5e71894c417bL,0x81c98659bd21e082L,0x00000000000001adL },
-      { 0xac7712f8455c99efL,0xd2c4ba1759a98b43L,0x75db963d8698121dL,
-        0x1af50b0bb140013aL,0x61285bc6dc8f01afL,0xca7f475441227b97L,
-        0x61aeda5705b3c0f8L,0x7026e6cf8e6fc4e7L,0x0000000000000121L } },
-    /* 37 << 0 */
-    { { 0xf1ac4d59b557a36fL,0x8c64e76ae4780273L,0x0e58e26ee0980df2L,
-        0xbd445763a2885604L,0x29ed0ae6af9d5749L,0xc35c5d56c1d59e42L,
-        0x39e798352ded5867L,0x4f64a6c21832b671L,0x0000000000000094L },
-      { 0x312bf98394fb2a03L,0x31a4be4056988296L,0xb85c564995a057c3L,
-        0xdcbdbc2471c83f81L,0x26317da6b7991305L,0xfe4e6ff21865f859L,
-        0x0c4b9624f26cb192L,0xb7ee1b02028ab741L,0x0000000000000150L } },
-    /* 38 << 0 */
-    { { 0x853028d72a5f4a8bL,0x46f120cb19ae965dL,0x12ac2ecc9d4e6883L,
-        0x18413823ed8d4ba1L,0x690815bcef8f3127L,0x9078207b610c2c77L,
-        0x922563d71ef6e744L,0xaeb1530c7d932a18L,0x0000000000000195L },
-      { 0xc87e1acd797bd130L,0xa29e51d193b701e0L,0xe3e3c9a002b7985bL,
-        0x51f9ba596291ef1eL,0x06c5bdf7d0e15448L,0x8611d8bd49b6090aL,
-        0xc0ec0975884bb030L,0xc42d3cc093242000L,0x00000000000000e0L } },
-    /* 39 << 0 */
-    { { 0x0b704119ee33b77cL,0x5b4fa1d48083af67L,0xac0bf434e5fa3179L,
-        0x256b0cc58626a1e2L,0x38d9fd62359c6ea7L,0x9e9661a49b5b9072L,
-        0x5264126356a49902L,0xa0b8f411fbad6075L,0x0000000000000124L },
-      { 0xd8dcdc61228b61a6L,0xf212e74b698e40abL,0xa3caf2415944e762L,
-        0x18dc59feb96825aaL,0xdc0b1240c690db48L,0x68937baa8796154cL,
-        0x602a9a406bbd399cL,0x29616edc7335dce3L,0x0000000000000010L } },
-    /* 40 << 0 */
-    { { 0xaf456a57824c9d93L,0x067fffb5ac53dbcfL,0xb513eb4d0d01e18fL,
-        0xf85d832dc9767b2bL,0xc4ad6090a169b596L,0x9f67883679409022L,
-        0x3a0c67f41886ad96L,0xfdef97e46cd54455L,0x000000000000002eL },
-      { 0xb591f36738ae8e5cL,0x2c101fec75d81e09L,0x4f4ef79e44aa97b2L,
-        0x46a5357b21dc2240L,0x5bb3141d0df516feL,0x23ffc6106dff96f7L,
-        0xc4c2a4687e65a6a8L,0x8e2e3fdd283592d6L,0x00000000000000d8L } },
-    /* 41 << 0 */
-    { { 0x8e00ce952624381eL,0xddfda1a522cc2af6L,0x4c08c3ddc8297bfaL,
-        0x16b931eaf495ccceL,0x85b85f23864a60c8L,0x52a523e4b28998a6L,
-        0x63ebfd9d28830825L,0xa140ed79e85e24a7L,0x0000000000000175L },
-      { 0xebeb760ec1028ecfL,0xf75dd758e7f3a3ecL,0x052a6e551fa28ebdL,
-        0xb39e0e11ecf327daL,0x23de821b22c82111L,0xab59e580e9ee5632L,
-        0x36f21343ca399be7L,0x9696d71855e2d4edL,0x00000000000001b0L } },
-    /* 42 << 0 */
-    { { 0xb7902612a9491855L,0x420bebfa3767dcd4L,0xea20d4e83c72305eL,
-        0x2868fa8595d78243L,0xf5633364979e0bdaL,0x874f472a2a5de6f2L,
-        0x7a0a1c0aa146f918L,0x960dcd7bd7263ed3L,0x0000000000000161L },
-      { 0x38a50e352ad521efL,0x414fdd6ad7d07223L,0x324cba6a2c4cce08L,
-        0xf728d67c4e39de86L,0x2da602f01cc43b7eL,0xa00e6a6b58d1eec4L,
-        0x5c6ae0d1031bc121L,0xc1cfdd433815668aL,0x000000000000016aL } },
-    /* 43 << 0 */
-    { { 0x713e3083224f497eL,0x51f0b62fdee07d20L,0xa3a74e7a9b3d85caL,
-        0xfc66ad7aed7d37ddL,0x8ef0f94438fea396L,0x70678aa2ec1419afL,
-        0xd55022d90544d8a0L,0x0148a165ec58e4feL,0x000000000000018cL },
-      { 0x895829067683adbfL,0x94edb92f76b688d2L,0x932d602b547ce17aL,
-        0x67fd6098879b1cf1L,0x7a3037819f1a0becL,0x2677e91db1d144cdL,
-        0xebf7a83c7aa3bf24L,0xbbaa1f099e78869aL,0x000000000000010aL } },
-    /* 44 << 0 */
-    { { 0x78f253cdcde738d2L,0xb25aa02cb1d33a53L,0xe77fffe912d2b367L,
-        0x761e3e73e6509ec7L,0x7c3cfcbef88c88cfL,0xe1cecbe9fd57f650L,
-        0x5f0c48a04cca16cfL,0xdb51df11f0b29b48L,0x000000000000013fL },
-      { 0x42343b5cbafa661aL,0xa123424f99a20b52L,0x57733ea23d7284a8L,
-        0xa4460186aa2271d3L,0x9ebedc0452b7c2f2L,0x7aac908b39acf39cL,
-        0x4e4f65b3d0338f66L,0x4c8c184a7228a703L,0x00000000000001d1L } },
-    /* 45 << 0 */
-    { { 0xa32dec600fc95c1aL,0xc2954607b66b70c4L,0xdc8ea1ace5703f0fL,
-        0x79189b7df8a1f2d9L,0x7b2df5e3f1972867L,0x7a58f7f28c147cc0L,
-        0x79596b8fff2bc020L,0x69d186aca09e53b8L,0x0000000000000049L },
-      { 0x9498a7cd000903a9L,0x3463f5d90b37564fL,0xe6ed9e879be328e1L,
-        0xb8d5b2802eadae85L,0x35584a1bbcdb40a9L,0x15862a4232708841L,
-        0x4d6ac21f3149fc7bL,0x1ec9b50cd8d3847dL,0x00000000000001e8L } },
-    /* 46 << 0 */
-    { { 0x64f2ae8093e738a5L,0xf672b6d2bd57d22fL,0x07c09231d2ec1549L,
-        0xa6ddb5626540f81dL,0x09f753aaf1c4d248L,0x1a9cfb9a69a8fc57L,
-        0x1998e2d14f33a8c5L,0xdb162d8284a91002L,0x00000000000000bbL },
-      { 0x42c142895961259aL,0xb7ec80b09fa59f0eL,0x7d3af42dc8cd7e17L,
-        0x2a1831112f54132dL,0x2ece424b786f6c37L,0xb81c9fbd9674149dL,
-        0x1fe9c7cabc10b00aL,0x86f0d5921216efe0L,0x000000000000013bL } },
-    /* 47 << 0 */
-    { { 0x2fda63c9abd59d11L,0x0a56a130d1ecbb67L,0x9cee75a3a9c4dd66L,
-        0x381864a0b9e922acL,0x97233106c71dd0b2L,0xe4e4fe2714033ff8L,
-        0x9cf5083ecc35882cL,0xe31f8907048afd5fL,0x00000000000000afL },
-      { 0xd3065d2f1d90e1d6L,0x11ca41599f10673bL,0xebb760f478d825e7L,
-        0x9276080b904982a6L,0xecea7f3276f06497L,0x605f079349209f88L,
-        0xb4290cbbb54ff69aL,0xf95dc8657275fe9dL,0x0000000000000012L } },
-    /* 48 << 0 */
-    { { 0x87027d612ad879adL,0x641752bd214aea2cL,0xdedc21b10ff08ee6L,
-        0x2da0980f3f6fbfacL,0x4b3cc8a5803e72f4L,0xae7d6d6672102c33L,
-        0x8158e5caec62c8ccL,0x35de3b21557462acL,0x00000000000001fbL },
-      { 0xb1958193d256d46bL,0x596f24804841cae7L,0xb7c142e0fb0e3c28L,
-        0xe6214d64a1d97e37L,0x871294f66cc2e1baL,0x76f27fc94d09e2ccL,
-        0xa855b9ec4bb3f5c1L,0x34a5ac1587992dedL,0x000000000000018dL } },
-    /* 49 << 0 */
-    { { 0x0c8cb45049efc0adL,0x7258dab1ac4c04caL,0x91d8c84e2e345fa8L,
-        0x6bc2a2df52f62842L,0xf581b8b111dea9ebL,0x9d45c347ae499839L,
-        0xcba40a63bbaba0d3L,0xcb98fa3c0b8c1d57L,0x00000000000000a5L },
-      { 0x0b9bf46a2c8884b4L,0x4b963fbfb0b88b1dL,0x0c10f2ceebb72bb4L,
-        0x5dd9775543d575c2L,0xb072c39d9da8bf83L,0x749ee467877e5b7eL,
-        0x1409b01bf72e151bL,0xdc95654090d77b97L,0x0000000000000015L } },
-    /* 50 << 0 */
-    { { 0x5386773de84d4766L,0x56b6ddab593aebf3L,0x250a859beaced3f3L,
-        0x84804ab26d84fe02L,0xd8384cf1be365bc6L,0x5312b292e34a0cfbL,
-        0x0baf0dbb1aa3f9caL,0x76204957627b7a12L,0x0000000000000171L },
-      { 0x3f16ac6addc84f8fL,0x36298e21939f704fL,0xad93d2e5b9d0e753L,
-        0xaf8c1321bb6c8d5fL,0x5def1db4859b504cL,0xd3032d3a9450b50cL,
-        0x83e07ea5f688b03dL,0x713d5c2ffb0e1119L,0x00000000000001acL } },
-    /* 51 << 0 */
-    { { 0xa8d916fffbcc9504L,0xfba689ef1d7be2ddL,0x1321ae1b1054cbc0L,
-        0xc2edfe6af07390dfL,0x3ba316cbf9beea26L,0xfdf9f5bde34fe9baL,
-        0x025d93b68145f3ccL,0x395ba51e278415a2L,0x0000000000000168L },
-      { 0x8eb9c45edd5c087bL,0x0600aabed3a89e18L,0x849c36096e3aeba5L,
-        0x97bc2b68badb600cL,0x24e5b174adeb9b3cL,0x52dd878f21c480ceL,
-        0x39d9531942d3f579L,0xcc10f3ca041a2456L,0x0000000000000071L } },
-    /* 52 << 0 */
-    { { 0x86177e368b29f6f3L,0x955114f2afcab7a1L,0xf00784311b6e5993L,
-        0xb9259354dcee33a4L,0x58aef6be769f0693L,0xa4dae03e0c1b4b4aL,
-        0xc39a55b518749158L,0x32e875ce65d1e6d4L,0x000000000000001fL },
-      { 0x9301992d481b07f8L,0xbd6b45f989f292daL,0x112577769cd77ef2L,
-        0x1e73a061b8098a91L,0xa0c126d318c39791L,0x2cbf93bbae0f4ad4L,
-        0x895ea8b22ee1a6fcL,0x3c8e76fb7849180bL,0x000000000000005aL } },
-    /* 53 << 0 */
-    { { 0x6285684cccb69906L,0x08153da9c9880816L,0xd3af581fba4fe12bL,
-        0x4e210e637209a78eL,0x27e82f6f948100c4L,0xf8688be916895fb7L,
-        0x7b3d0ffd310306dfL,0xf6e249195ee693f7L,0x0000000000000143L },
-      { 0xfd6ddaddd40c7861L,0x040a3dfbc4abee6aL,0x0f6a7a9de3b4cf8cL,
-        0x4fdf64f503cf3bb3L,0x35437e8053d10cb1L,0x7dc73fdde42c2169L,
-        0xc5611a0257510987L,0x3e8fcc9618eb2a74L,0x0000000000000105L } },
-    /* 54 << 0 */
-    { { 0xf5ae2048a0ce100cL,0xf707cab63228fdfcL,0xdac4214e4dbf052bL,
-        0x393cf55982451c97L,0xc6d866fdc6c98505L,0xcb09728861ea138fL,
-        0x414997e998e0e3e1L,0x8e65f2a40e6899c6L,0x0000000000000193L },
-      { 0xfa47b98bb8d1b411L,0x0f607d677492659bL,0xc972b99ee0d7fcbcL,
-        0xc6069fa8017db8beL,0x222e0ed99fea4bd0L,0x943485186e2074e8L,
-        0x9c2868a692e89dbfL,0xd556dd0941ce794eL,0x0000000000000163L } },
-    /* 55 << 0 */
-    { { 0x84ad7ccebd470f5eL,0x7fe9ab4bda96ac4eL,0xbe17486b1e0b549aL,
-        0x8cca93917cad27e6L,0x6472d4028e8da1a1L,0x7cb03e9fd9d0a79dL,
-        0xb551e4155c6daca9L,0x52fc4b6d310ce7c4L,0x000000000000004bL },
-      { 0x7a196cd230a36ef2L,0xfa03a23006a096eaL,0xd69609e345b53586L,
-        0x10aa85895c5a084cL,0x00fb114a7dbae155L,0x619f44311a16a0b6L,
-        0x385ea7907a1a7b2eL,0x85e54fe81461ae21L,0x0000000000000035L } },
-    /* 56 << 0 */
-    { { 0xb3f739d5ae2df998L,0x1df04ea2e96c1840L,0x5730e56267acca24L,
-        0x01378e253fef51d2L,0x9cc29b3435be97f6L,0x638c12398e4b8b01L,
-        0x7e9056e95b0cbef7L,0xd775038527f32bafL,0x000000000000003cL },
-      { 0xc10d9706f4083cbaL,0xeba60fb5d8b4723dL,0xc431863c1a8cbf15L,
-        0xb52a737cbaa0ffa2L,0x7c1e5b54987f4a28L,0x2b0430e114f67a39L,
-        0x70e1a3561fc3e123L,0x9bf7cf42095c5b17L,0x0000000000000078L } },
-    /* 57 << 0 */
-    { { 0x3475330a4e9a13e2L,0x8372c8fff95c8450L,0xf66fd5bc64b8a520L,
-        0x4af300bbde9118b2L,0xef3c6d77a521b9f8L,0x5a8defe72e6dbf85L,
-        0x4463da75efb25ffaL,0x53c3e7fcf3c902e0L,0x00000000000000dcL },
-      { 0x33ad7f7fd9c4248fL,0xa9493190c62a5532L,0x4a3f82056a929f73L,
-        0x3482530d0d3bd86aL,0xb62e7eb390dff3eaL,0xb13d0dd2caf9d989L,
-        0x68073ee6c4d4f8f7L,0xe88fccd4fdbd992bL,0x0000000000000074L } },
-    /* 58 << 0 */
-    { { 0x0f583210d81ab70dL,0x5479d3ccb04647adL,0x342a03e174a3106aL,
-        0xb96a728ad56c650dL,0x9871b54c6764d3fdL,0xe61385c801f5277cL,
-        0xd53b6ad821b5026bL,0xc46df1c09851ab92L,0x000000000000008bL },
-      { 0xfa08b29292c1205fL,0xcdec69190bf94d71L,0x3b8ac3a45ca1b766L,
-        0xee784bec8fca81a7L,0x52b53e4fe686134fL,0x765073f1f9a731aaL,
-        0x7a4c58d40bfb0e0bL,0x48ff92784e9946a2L,0x00000000000001d9L } },
-    /* 59 << 0 */
-    { { 0x63be8a26eb16686bL,0xcba8524ec3472088L,0x1a90342d64373a8aL,
-        0x055693c9b1344c69L,0xaae5c2934c222920L,0xc7223c5d98901999L,
-        0x063c60342df29eadL,0xaeb454ad31876773L,0x0000000000000035L },
-      { 0xcf4aa03c5381fa2eL,0xfd82c38cfaffe51aL,0xc9fd5fddd64ffec3L,
-        0xb8cf8c44bc83d0b8L,0xe22f2ef3cb6efd45L,0x15a48db3660903f4L,
-        0xdb0b0ca0aff1ba7fL,0x7ecbec147e7e43b4L,0x0000000000000018L } },
-    /* 60 << 0 */
-    { { 0x9fd17ffbfca45bdcL,0x051c3f6061c25274L,0x7fb6bf92d04b42fcL,
-        0x92681661adc786c5L,0xf79836e37bbe1183L,0x36f33caef52de9fdL,
-        0xccb82b562ed32ff2L,0x8a508e954435eff6L,0x0000000000000003L },
-      { 0xf8464ad3910e9522L,0xd748f73799f3e5d4L,0x4b1ccdfa683285b4L,
-        0x5edb1e7a605abfd0L,0x997df1a529560a5aL,0x9b0ecf8e37baa0e9L,
-        0xdb7a7399b931e716L,0xbd87d8b1e7bd4d2aL,0x000000000000008dL } },
-    /* 61 << 0 */
-    { { 0xcb53d8cfcfc376a1L,0x952bad1671543c41L,0xa5e7fce59a7b32d7L,
-        0x7193c11a77dc0b39L,0x4cd724b1be8b1717L,0x8b6cd17d5b660d1aL,
-        0x92ca7c732a1c7d8fL,0x544c4a011407425cL,0x0000000000000115L },
-      { 0xb8eff8cd4a17604bL,0x56f22ee9c3fe5e24L,0xa834ff603afa032bL,
-        0x03f78d54b7f553a8L,0xec097a3aed58c6a0L,0x79af485fef422cbfL,
-        0x07996d2a399c872cL,0x3df9c6c0ac6485b3L,0x0000000000000115L } },
-    /* 62 << 0 */
-    { { 0x9627fe31114dc85eL,0xf0a8c971ef2a1696L,0x213f3fe32bfd4e19L,
-        0xa38bf246fec516fdL,0x943ae59581dd5885L,0x378b0b7bc177aeafL,
-        0x20f6ed49f27734e2L,0x05dada534c5c8ae0L,0x00000000000001f6L },
-      { 0x19f1002224aa57b5L,0xdda2d7e072a578a3L,0xcb156b6e7671eb7aL,
-        0x6284a831f6b296eaL,0x50e685ccd164a220L,0xf2b0afd6935f4aaaL,
-        0xa2252c7a4be38a37L,0xf96d82698b78d305L,0x000000000000014fL } },
-    /* 63 << 0 */
-    { { 0x0f5beb6fce8888e5L,0x75af7d025770ac8dL,0xc63996847586265eL,
-        0x3ae99661308e125eL,0xe7f54fe4d51b0845L,0x1ca21b5affa0ddc1L,
-        0xe82f799acb0a6e8eL,0x32753b64640c457fL,0x00000000000001c1L },
-      { 0xe9d15ad2a03dba15L,0xaf657b5bf664a2acL,0x13f78f82f0071283L,
-        0x05d3dbdcec1896bcL,0x595e8c353aa22380L,0x1a9e093286414006L,
-        0x6d81ac89b205d796L,0x47e184197a053817L,0x0000000000000153L } },
-    /* 64 << 0 */
-    { { 0xb53dc38ce320f742L,0xf5aab8029a04fd41L,0xa7c02c1603e7001dL,
-        0x1bebd3c5efda3773L,0xb614b9ccf8872d27L,0x7ebdbba81860bbacL,
-        0x4f3d7c0392fec2a6L,0x9aa17dce1112ecd1L,0x00000000000001abL },
-      { 0x5af17058a5f8df5bL,0xc1c1a5dba0653dd4L,0xf4a7b9e3af958043L,
-        0xac165ba1508d4b10L,0x0c63ba369e87ab8bL,0x9bb1cc8b2fb1dc1dL,
-        0xaa10217c57b9586dL,0x8d70eb848e920573L,0x0000000000000074L } },
-    /* 0 << 7 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 7 */
-    { { 0x76b026e5736fa9e0L,0x2e27e720e23413b5L,0x51df70816a5f814fL,
-        0x4e49496876271d7dL,0xd3124af75ce07d97L,0x3c9698bbc2d6dd2cL,
-        0x631c070153023fa8L,0xd41259f27e381f83L,0x000000000000017cL },
-      { 0xbc309412c9dfb131L,0x0e3434093472a8e4L,0x4e69c32464ace613L,
-        0xa49ff4b0dc99ac8cL,0x1b4fabc3b1af9ca9L,0xdce01ed3e7df7966L,
-        0x5330ffdefbc7a682L,0x6e5df506a8283dceL,0x000000000000006fL } },
-    /* 2 << 7 */
-    { { 0xb38e8b9069be00acL,0xe46b33cb95e50b81L,0x9c9152c41f5d4723L,
-        0x7b8f4f6e8c2a465aL,0xb85fa9e8f269cb33L,0x03c7389ecb5b47a9L,
-        0x458afc780f312e99L,0xf40a0f02b5ac20c9L,0x00000000000001d5L },
-      { 0x8fac1245486bde7fL,0x1430cd504d4a7784L,0x58d2b99dbd29a67bL,
-        0x965cf65738e3bcebL,0x062dc3aa57354f17L,0x40ed2a81e5b45635L,
-        0x981bba93103b69c5L,0x3503aa73413c42fcL,0x000000000000008eL } },
-    /* 3 << 7 */
-    { { 0x56870723706a1717L,0xdee44d64cbecf7ecL,0x2120fc43ae06d588L,
-        0x78086900695451dfL,0x596711a00b6e13b5L,0xb8e2b20d76c11762L,
-        0xc1f30fd6f71431ccL,0xc8cfecf557133623L,0x00000000000001fdL },
-      { 0xb73cd41565e5811aL,0x688b3301550441c7L,0x9cb5a657d50fd76fL,
-        0x724f5ed8b588f34aL,0x48eeb907f67f5927L,0xf71b353897aa02c5L,
-        0x0239e51026db84caL,0x61ab0a5710fce663L,0x000000000000014dL } },
-    /* 4 << 7 */
-    { { 0xa48e3c3a9bd47f93L,0x4e1485e3636c0850L,0xd8264f7ff0ea4f3cL,
-        0x0b9047fc044463c8L,0xb03311c98360fdf8L,0x007c068dd0db7f48L,
-        0x5e82c7e7d429af87L,0x5a81286a6d64d318L,0x000000000000000eL },
-      { 0xe1d75c7eef97408eL,0x7c54b93f58a5e905L,0x0d8eee9a08c607d5L,
-        0x2aeac3b0e2dec0b5L,0x96db5ced9fc99e2cL,0x27764de20a51c0acL,
-        0x7999170f1b15ad22L,0xdcfc7192ced85f26L,0x0000000000000137L } },
-    /* 5 << 7 */
-    { { 0x136100c21f0ab49bL,0xf2763c0d8fd640c8L,0x32576a60a10ab0fbL,
-        0x45efed229b4b2fc8L,0xd50aafff5ed021c9L,0xb8246dec184ac0c1L,
-        0xe2519fc446002b5cL,0x440b77c67d492f06L,0x00000000000000a7L },
-      { 0x24fdbf51777310deL,0x1b57c3c267a603d1L,0x4daef7f2d4f9e51fL,
-        0x2326062ffc847f9dL,0xbf6644f62f1175f9L,0x170083e32d9bbb9dL,
-        0x7f64b63896089981L,0xb949d76a9accba57L,0x0000000000000165L } },
-    /* 6 << 7 */
-    { { 0x49eb72c3f62a4087L,0xec8734325b00b2bfL,0xbb040159643c12a4L,
-        0x2ef972f4eac95679L,0xc7e358bd2bbea697L,0x924a6105db23f1b4L,
-        0xd587c6bebdd61fe2L,0xf348d2f7aafc22ceL,0x0000000000000058L },
-      { 0x7bf1deec930f49aaL,0xfd3224c43cec939aL,0xac7eced36d94e0bfL,
-        0x5ef5a81cb2c7b10fL,0xa6e9c773f85c84d4L,0xe139b7ab2f547b59L,
-        0x436bffd61fd522dbL,0x32ee281e0b189b69L,0x0000000000000073L } },
-    /* 7 << 7 */
-    { { 0xb97c4ac3ef64ffeeL,0xfafc66c9e0513ff3L,0xcb15b02551d57f8bL,
-        0x5a94fca3a0f73040L,0x1df583781ecdef64L,0xdc88683a2e876043L,
-        0x897308dfa547bc00L,0xf9d9cd0346cddd21L,0x00000000000001c8L },
-      { 0xa05d56b56854aee5L,0x948513d41337a153L,0x96806e7b1461e392L,
-        0x74d411bcd4f89728L,0xe39ed8aa54173ab8L,0x82acdb9ae17fabd4L,
-        0xb0b61eeaa5fd0c85L,0x4ab388ee0a933577L,0x00000000000000fcL } },
-    /* 8 << 7 */
-    { { 0x8a4d6b672986daf8L,0xff67c35d3f0247b1L,0x3e45f2e50f48c2d6L,
-        0xba941fa43663525bL,0xfe5a47af97fbdb12L,0x617a16b820ae9103L,
-        0xfd6eee9fc57a09d0L,0x4bfffdbead5fad3bL,0x000000000000018cL },
-      { 0x7c2cd6fce8839b07L,0xee10cab923601344L,0xceed18245f0b8f0bL,
-        0x6ea30adb68064245L,0x66306dadbf29705fL,0x4f9d0131be7db901L,
-        0x1d972c0a531d35ddL,0x0ff3da3c08edcc09L,0x00000000000000c9L } },
-    /* 9 << 7 */
-    { { 0x69344fe39d6186adL,0xe85c33e690fc2732L,0xde9bf41a7d60ee51L,
-        0x9d90a9105a70cda6L,0xff3b1a64879cdbf2L,0xcd89aba7dd686017L,
-        0x9a891f87db1f6b9cL,0x6fa1abfc9b556eb2L,0x00000000000001f4L },
-      { 0x9aeb96367a4d8d49L,0x7f968cba1b2933faL,0x0e04c95323abd39dL,
-        0x4a4b0b0549509543L,0x95fb7e645e7d71ecL,0x9568b11718f7086eL,
-        0xeb8a07ef0390b0c3L,0x7b8624d13cccb970L,0x000000000000014cL } },
-    /* 10 << 7 */
-    { { 0xb491062b1c6cac89L,0xf20c58359adecc2eL,0x488d7b916f1d7401L,
-        0xff98b90e94761e60L,0xe63993ca857557a9L,0xc4ff9951acdeadfcL,
-        0xed5a53c7fd8dccadL,0x42e02c14f101c24aL,0x000000000000012bL },
-      { 0xbb9fe6f6bd3fe0efL,0x72f26ffcc1393d0bL,0x2e831b196c25ed19L,
-        0xdb50a0d7ebcc6b99L,0x202ac3c8245c479cL,0x97b284d7436117a0L,
-        0x13bd5e82fd694e11L,0x452b5a94022193a6L,0x00000000000001c8L } },
-    /* 11 << 7 */
-    { { 0x3d8c19764ac0927eL,0xcbc9ba6613389954L,0x727a3bb8defdd149L,
-        0x4b2d64d24a3e6bb4L,0x4f5d185658ac36e0L,0x6d5e79b9f5acaac1L,
-        0x426e868b4b602032L,0x1efd37220c41942eL,0x000000000000004dL },
-      { 0xdb8ef6c4ebb168f0L,0x0b4d7fd2de0e0478L,0x9c77f534097fdb12L,
-        0xadaaa54bde3ea9bdL,0x3bdbe93f45f9f191L,0x45cf748118bd8d2eL,
-        0x422ed3d85e63012bL,0xd8c1b94ed20c2076L,0x00000000000000cbL } },
-    /* 12 << 7 */
-    { { 0x65c7757b84367fecL,0x7ff69a4b6aa22fb7L,0x197f4c3659b0a103L,
-        0x897241b712350397L,0xefb60dd033bf2644L,0x3ed30a65944af798L,
-        0xd67a5cbd5bd2d770L,0xe9d97ea6f3caa508L,0x000000000000006eL },
-      { 0x94633f8662fc83a9L,0x6d68a34729a5137eL,0x88f2b4777bf9924dL,
-        0x7bd70fcc00b533fbL,0x4dd3b695b7b8167fL,0x85dfca1cd0162981L,
-        0x2f96a81f43e5022cL,0x2596b2ef14872ddfL,0x0000000000000131L } },
-    /* 13 << 7 */
-    { { 0xf21f278ab1cca421L,0x69452c4fc9c944e1L,0xab6f0267b5e1995bL,
-        0x6871f6bf8e371695L,0xa175e5747c561f3eL,0xa0a9a596fc97048eL,
-        0xdeb9a72472d14a89L,0x6068a848beb4e020L,0x00000000000001acL },
-      { 0xd187185e41589675L,0x9ab0c85fe7f8b9ceL,0xd866c2c25a6ef98bL,
-        0x4fe3a42c88dd5569L,0x28e16344591c5ce6L,0x2ab62c9dac764ab7L,
-        0x924cfb8417e00b2aL,0xb039e64f1804d328L,0x0000000000000039L } },
-    /* 14 << 7 */
-    { { 0xd59595d1d131f694L,0xce8a83752a7fdc21L,0x9e62e8b175869627L,
-        0x336d78456e01b014L,0xb53acb366ea5a8edL,0x4451f2e57dd8ac89L,
-        0x4c8cf19c2bc29533L,0xfbc29ef47c10e63fL,0x000000000000017cL },
-      { 0x9bc2ec347a9357faL,0xde489a133b8a04afL,0xb3521cda230520b7L,
-        0xd7699690af6deb0dL,0xace1af3a14655a0fL,0xf628697fcd89b94bL,
-        0x40a71ea33c079ab6L,0xe7b89297fd251809L,0x00000000000001dbL } },
-    /* 15 << 7 */
-    { { 0x49041d4784ed9ff2L,0x199606dfb57c5ed5L,0x3b8805182e409600L,
-        0x854b5c40f0548f8aL,0xc64b1a67810d2870L,0x7232957f7095700eL,
-        0x84f1a370b4758cf0L,0x5c267b9e70f58198L,0x0000000000000132L },
-      { 0x0339062438472718L,0x07734d06b8b84729L,0x1b78f06c26126b2bL,
-        0xd92e040a77c87891L,0x2c4ba3849588cf7cL,0x09b19b0e230e1a23L,
-        0x634174526980a2b2L,0xd34ae179bbe3f6e1L,0x0000000000000023L } },
-    /* 16 << 7 */
-    { { 0xd00804524043c91dL,0xe3362d2a01d9a152L,0x3d143282404673daL,
-        0x1d1c9b70a881d770L,0x4254627ed4a785a8L,0xf801104f2d8b8d09L,
-        0x306f6f22c6ceca92L,0xf0529d16130418eaL,0x000000000000011bL },
-      { 0xfa1e73fd6d8f9fa8L,0xb402cacceaa0860bL,0xcb08d922ae11ae49L,
-        0x79908f8f76387f9bL,0x126b0ebab8b14819L,0x156a5ea63bb333a0L,
-        0x0ba63111fe7f302fL,0x225ee26a4cd4f889L,0x00000000000001d0L } },
-    /* 17 << 7 */
-    { { 0xfcc2afcec54b8cc3L,0x2c4032b2bc4ec6f5L,0x9e6c26d66c62aaf9L,
-        0x7b93cc5ae1eb8fc8L,0xce80f55d20a95dbdL,0x841e250cb822f54bL,
-        0x9b84e5a91965018dL,0x36e53589b969312cL,0x0000000000000002L },
-      { 0x3c511a989eaeb028L,0x2efdcdb20cd5d5c6L,0x3226c4a858b01f2eL,
-        0xdc5dfb8949ca64c9L,0x9afbb61ab0678018L,0x4114e7856d147d7eL,
-        0xef683c889ff02c8dL,0xe143f8689b0655ecL,0x00000000000001aeL } },
-    /* 18 << 7 */
-    { { 0x4300169a60b57216L,0x0143c544441bc961L,0xa682548d7fef586cL,
-        0xf064f99ee993fe8dL,0x169a43dbdeba875bL,0x935ce8bf6d3cd064L,
-        0xe986a7cb7c9700ddL,0x1447fbea51c0f10fL,0x0000000000000117L },
-      { 0xf10cf577e3adf2d8L,0xfd750660bf433d46L,0x4944b8842395ce48L,
-        0x63c24a4dc1725875L,0xb12376d0f3392f50L,0x9fb12a1a97588187L,
-        0x3c03cc124bb92450L,0x26f27fe0b4e9c733L,0x00000000000000c8L } },
-    /* 19 << 7 */
-    { { 0x67ab4438cc4b3b6cL,0x9d47969be199d9c5L,0x95211e215e288cf6L,
-        0xec223f59eb99a911L,0xd4408dad7fbc455bL,0xcf5037c6e8bd254dL,
-        0x8d0f9f2ca920b371L,0xafbc9c94f0d5952dL,0x0000000000000100L },
-      { 0xdd090be1bbfd4541L,0x91fb0b2960a60ef2L,0xa631624d7477e013L,
-        0x121ab825fa1b4a90L,0x13446ddf0a2bfab6L,0xdf92e361a05dfd80L,
-        0x5a41609e15079b20L,0x815020c4d656089fL,0x000000000000016aL } },
-    /* 20 << 7 */
-    { { 0xdcf42b383b9e35b6L,0x5b92cc18d2a99f54L,0x55d1c68c30e7c057L,
-        0x3a66cba43a7bd12bL,0xbd21276482b879e6L,0xd0154d7d0bca108eL,
-        0x1e0c926fb273e3a1L,0xf063b1fd5e005f6eL,0x0000000000000169L },
-      { 0x7eea86aa702dd8e1L,0x4ed21f67fb054211L,0xfc634d80c3b592f6L,
-        0x36066f725afadb07L,0x11244608875383f9L,0x57a100127c01dd73L,
-        0xfa53012f4eea7d92L,0x32fc27c706e46a11L,0x0000000000000151L } },
-    /* 21 << 7 */
-    { { 0x0560b7a81cdbe62bL,0x48216ec02b69b169L,0x8473c01ca53cedc8L,
-        0x4b28a72f421b41f1L,0xca176bcdb2a9e3a2L,0xa53467c885e7ef54L,
-        0x5acde94e6e7b42b1L,0xca852c3fe58d357dL,0x0000000000000184L },
-      { 0x361ac3bf65696a12L,0xa17302498773f839L,0xb67cda7b8af8aa33L,
-        0x495fa40ff68d9e49L,0x1db30912ed1f64d0L,0xd69756d5040cd7f7L,
-        0xf00a572051714973L,0xb1431d1bbd1c1d1fL,0x00000000000000e3L } },
-    /* 22 << 7 */
-    { { 0xfe87dde0d9e02e98L,0x416547e5c932a7d3L,0xbac5a7827d904335L,
-        0x7077ab520fa3993dL,0xbe4eacb39ea4d3e5L,0xcddb4006f56df114L,
-        0x0c4fcca5a34c7b12L,0xa1450a3a05dc8144L,0x0000000000000178L },
-      { 0xb5d6b79945594505L,0xc1e8f726dd0ac080L,0x6269b2a1e2d97d82L,
-        0xe9c9e6e320004746L,0xab497cfaa7f067f5L,0x55fdf3a16dfbd572L,
-        0xfb825d8470231374L,0xbe464555e606857aL,0x00000000000000daL } },
-    /* 23 << 7 */
-    { { 0x4aa75dbf3fe45c64L,0x984319bfac44599fL,0x6a9f5fe68d365824L,
-        0xb188e2357af31facL,0x238f73c3d9a23fafL,0x55ae76a5b2011c25L,
-        0x3fc45a1279e98b35L,0x4cebe6d6b9178aacL,0x0000000000000002L },
-      { 0x2ad7f331d91ba2ffL,0x337d19a14528123fL,0x6966284d9172998eL,
-        0x3dbe46a5a78104faL,0xd64c5cc3126b5bc5L,0x7c3b65aa76f1dc3bL,
-        0x51807e032b762128L,0x5a96328ec6a60ccbL,0x00000000000001e0L } },
-    /* 24 << 7 */
-    { { 0xa0242d2359b58cfeL,0xdd86e8cadf33a5caL,0xf5108bc2b08cbf3aL,
-        0x4eb5d82bda1733ecL,0x01eb740244dfac1dL,0x66f1ca152a30cd80L,
-        0xde973c30bfd63e5dL,0xeda12faf640918e8L,0x0000000000000148L },
-      { 0x250a8d93bd70515dL,0xb2d0389b15f9705bL,0x4845788f4ee84ceeL,
-        0x88926b3283f6fe3eL,0xd487de769e834d93L,0x3e4a88e11b7dfaa1L,
-        0x10b6759de684beb9L,0xefc2282ffc887b1aL,0x0000000000000021L } },
-    /* 25 << 7 */
-    { { 0x5abbd8f370fe7fa0L,0x3f9bb48bf231ffd3L,0x935b99d8645a2ba8L,
-        0x6516eb26a79dc498L,0xb3f04c2b9205d3a1L,0x947f338edbe99243L,
-        0x7fb24af62be752afL,0xfe1b2b011053a4b9L,0x00000000000000d6L },
-      { 0x3bdc2af92a4ff7ccL,0x17cf61867902709aL,0x37394caeb4a54187L,
-        0xdd2fa8aaa97f6c1aL,0x61478eb937775709L,0x9191485999524713L,
-        0xa52dace45c79ed9fL,0xcf33ce2c602de95aL,0x00000000000001a4L } },
-    /* 26 << 7 */
-    { { 0x34cdf57179fba304L,0x2da4c0b855cba8eaL,0xfa08edb0e3ab7e7cL,
-        0x89bb570a1176d554L,0x13f14aecf620989dL,0x070496cf73ab04d1L,
-        0x0fd6e1e4e776b1a0L,0x6be78274e938cbf6L,0x00000000000000d9L },
-      { 0x8c93bc922cea82b4L,0x841a245a8f61cc83L,0xf6d7371707b43460L,
-        0x17789f54496e9107L,0xd79a87dabf60ab90L,0xccb42770f04f3232L,
-        0xda9dc1deaaeb6908L,0x0389467e83b7bd43L,0x0000000000000081L } },
-    /* 27 << 7 */
-    { { 0x8a119d3b89293e7fL,0x8829872e7fd1cb46L,0x511969b796e8a867L,
-        0x2ae47fde2fdcd328L,0x657ba478462c5116L,0xed1e2c23686b8ab1L,
-        0x9e111f8d653b32c7L,0x507b05a0cf55d5efL,0x000000000000005eL },
-      { 0xe452817b4beeff01L,0x20683c1527b777f6L,0xe075294f9877e28dL,
-        0x56526da46e018831L,0xc0f16bef1997f554L,0x167a23dd2b350ba2L,
-        0xb656c0d37a19f7c2L,0x0f9c5b5b5adc0909L,0x0000000000000110L } },
-    /* 28 << 7 */
-    { { 0x536183888cc1b1d8L,0xc4caa4f436009a81L,0xbe295ba7db665aa6L,
-        0x4ca4e46fbc0a3df2L,0xfa5d29b60beea0f1L,0xeb13931e86c30cbbL,
-        0xc3fbe7b253ec9ee4L,0x95a931572b98e62dL,0x0000000000000003L },
-      { 0xf8ef16326477ddd7L,0x87ad8c3b79fe61f1L,0x5d00661fb635ececL,
-        0x181527820f321c67L,0x4819373f635bba1eL,0xde36d5089a09eb68L,
-        0x48d4a31bb4c9aa92L,0x28c3f527bb549db3L,0x0000000000000182L } },
-    /* 29 << 7 */
-    { { 0x38c9f940c68fad90L,0x77d0f2254b76e5d4L,0x7df41a86096626aaL,
-        0x377aea6d8c22d84eL,0x8228cfbb882544a5L,0x89f9f9b3b1669379L,
-        0x7a0ef6c3e8ac7a4eL,0xccef3bafc96ea0a2L,0x0000000000000172L },
-      { 0x70f4de9feb10583fL,0x76f7b047c27ee4adL,0x544bdfb63fcb3ebcL,
-        0x632d453921a2c4e7L,0x4f70b8c6ab207ae0L,0x2daa1737ce209d65L,
-        0x9f094efb4921286aL,0x725653ef5465a990L,0x00000000000000a3L } },
-    /* 30 << 7 */
-    { { 0x16a72eb79e6dbb64L,0x0e4a2f79ddd1a126L,0xa231a534482b6a66L,
-        0xd1506e255f4424b5L,0x72869485b848cbb7L,0x8110e25977260252L,
-        0x4f3776fa6132f329L,0x71ce95f6f911712cL,0x00000000000000c9L },
-      { 0x85e3de361c4417d8L,0x26e85989703b3b41L,0xcb1f8ab41d0da946L,
-        0xe042ea5196c2e272L,0xe2255e1f662c470cL,0xa1bd3d5672c1f8b9L,
-        0x38698fd77fd14593L,0x4b9eda73f820ee6dL,0x00000000000000edL } },
-    /* 31 << 7 */
-    { { 0x6bdf5a24c96f6fd8L,0xde9420b80ec69af9L,0xef89755b25a46a01L,
-        0xf7447d81e8871eb1L,0x1477c32e4ed21e9dL,0xdf036e42996bd5b5L,
-        0x78099d1b9918c856L,0xfd2e3b70f8dfe807L,0x000000000000011eL },
-      { 0x19437721fb1df8efL,0xdae12e1cfdd0d41dL,0x3fdde152bbb0b79fL,
-        0x8f8c75324bd97ea2L,0xcdbac848d872e34fL,0x2b507f37168ac6d3L,
-        0x3128cebe46a04043L,0xb4196978f5a821c8L,0x0000000000000092L } },
-    /* 32 << 7 */
-    { { 0xe070a145e4ffac9bL,0xf8295455aa280fffL,0xa2d6cf897010805fL,
-        0x04e130893220ff7cL,0x5935e6e2ad11681eL,0xd91efb7bb9cef2bcL,
-        0x3c260b9914bb8c4dL,0x24bf88d53a265599L,0x00000000000000f0L },
-      { 0x1ff2439ccc9c279aL,0xdfcd0b6e90bab4cfL,0xfa08a7bac3acbfdaL,
-        0xc91b8f40cdb22a56L,0x9624ac18672be103L,0x1e59bac0a7cb0f83L,
-        0xae0aa78eed5f94c6L,0x9655b8c3b43029e1L,0x0000000000000052L } },
-    /* 33 << 7 */
-    { { 0xf0abb749e0b45567L,0x35a3562be1b25216L,0xda2ba89fbebb512cL,
-        0x4f4fc05d4d9c9ed4L,0xf4f488b08789462aL,0xc1b1ed9676223e7bL,
-        0xf4702d30ca356c71L,0xf25425fa6075b8afL,0x00000000000001a4L },
-      { 0x48f573eca93e0794L,0x336e5577b317dac3L,0x66be7dbc49940907L,
-        0xa2da2289fe310627L,0x4d39847d129aaefdL,0xfc33556aa71e2383L,
-        0x3f36017c8c962e42L,0x4a29a03939ef2110L,0x00000000000000e8L } },
-    /* 34 << 7 */
-    { { 0xdec3cf59ea27c05aL,0xa7f67083b52e2b6eL,0x38ce7a200474b960L,
-        0xdd1975e729def768L,0xb114af497c50fb3cL,0x11ba4d4fb0b25935L,
-        0x5b8088f0f6882daeL,0xdacff26b9f98d4a8L,0x00000000000001c2L },
-      { 0x14dac24531675d19L,0xb28812683ad6531cL,0x335b8fbc4fcee598L,
-        0x03d355986a6218a9L,0xf949f8bc00de3490L,0x5f3ac4d1197b4f84L,
-        0x5d0134a9bf92f51dL,0x34d805dbf42b3ec5L,0x0000000000000106L } },
-    /* 35 << 7 */
-    { { 0xacde8c05303edc58L,0xe7448e83f30b2de0L,0xd01600b5f56693dbL,
-        0x11dddd528d1de024L,0x504351d8ae9a52a3L,0x9575e24ebb9ae192L,
-        0xa063f065f2894ae3L,0x3217c3923c876549L,0x0000000000000083L },
-      { 0x212aa9d5e6932da1L,0xf7acd1f004c91e15L,0xb961a8a429495668L,
-        0x943925040ea593f7L,0x834bfa64200847b6L,0x033b1ec77dd4647fL,
-        0x4541a2f2334e806eL,0x90ec0295dc2bc63fL,0x0000000000000126L } },
-    /* 36 << 7 */
-    { { 0x35da5eaa514aa1a0L,0xcdd35c375b9bed0eL,0x91f1d3dc0834c326L,
-        0xe529992bef9c0f44L,0x04570f257660418dL,0xbbfdcd21f2e7a423L,
-        0x2b52019a1b481b2aL,0xf06a0cbd956bf66eL,0x0000000000000133L },
-      { 0xf47b962bb2bf730cL,0x22ad11370b787697L,0xc2c14c015f9afe14L,
-        0x8bd0f5f23b4dbb1fL,0x2787d1b7137d3f32L,0x0e60261f91a6f97aL,
-        0x761bfe8ae5b0f47fL,0x9e0f42185e729f2fL,0x000000000000005eL } },
-    /* 37 << 7 */
-    { { 0x3c0cdc877d8589ffL,0x6b599da101ab0129L,0xed6ae833cb178542L,
-        0xc4206185c7014257L,0xfdee5dc18ed75972L,0x30422a42c46afcb6L,
-        0xc990c82f85ac77a7L,0xc73e857d3a775c10L,0x0000000000000180L },
-      { 0x2dd3442b8642a173L,0x89d3b9151d213119L,0x19f6ce0fbd1f66b3L,
-        0x1cb3fe0ba7811243L,0xc8383bb3c3786820L,0x8b5dc0c1b06a0e53L,
-        0x575971ed870c6488L,0x5c1eab4ff71666b8L,0x00000000000000daL } },
-    /* 38 << 7 */
-    { { 0xa112afd237c6742bL,0xf85c7e5425ef3985L,0x4e623a062fde58cbL,
-        0x4831bb2c1b18660eL,0x070a617b8cc9ce53L,0x3b59092b1d9b9cddL,
-        0x4ff5178379d76cd8L,0xc59e27c72cd5db8aL,0x000000000000018cL },
-      { 0x18adadff364202e7L,0x7394b31421136377L,0x27ee75271da7b19aL,
-        0xca9f1342464f6acfL,0x1f1d417206c24afcL,0x9b2124214cee62e0L,
-        0xb63db356d4324e57L,0xc446ad3f5e72cf84L,0x000000000000013eL } },
-    /* 39 << 7 */
-    { { 0xb4dab7c1dd5c0101L,0xa2df684b3940fff8L,0xb22f144657aeb440L,
-        0x20bafed817987125L,0x5d3a5c17f81f2ea1L,0x8542239d74810449L,
-        0xeb05aff9d7f767b9L,0xe88b3034fd75c524L,0x0000000000000041L },
-      { 0x1dc76528d9c83428L,0xd317a4a7299a05ffL,0x2868cf78d8e73503L,
-        0x4d9140a24d6ccb4aL,0xe0b0f24894eb64c8L,0x4b38e9477c5e853bL,
-        0x920c1373dfb43575L,0x069956acc7f6e5c1L,0x000000000000001eL } },
-    /* 40 << 7 */
-    { { 0x2120f7a02565cae3L,0x8b7701807772e523L,0x83d1d71da1a4e556L,
-        0xac9de3546893b076L,0xfc06849cd643a9a5L,0x66cc453d6e46c73eL,
-        0x295b72d3e6b4cb6cL,0x27d7ea49f8d2fd22L,0x00000000000000b0L },
-      { 0x0a0022913905ce31L,0x58fa6abc37b6e43aL,0x639d7074f0bed901L,
-        0x751cca9a0b2b80d7L,0x498f8be5356bb88fL,0xa1e192ed084fa7f7L,
-        0x72123071fdabffe4L,0x375dd6cab6d31ec0L,0x00000000000000e2L } },
-    /* 41 << 7 */
-    { { 0xb986a1033fa0a922L,0xd8af1426471aa7a6L,0x142757f75da16f1dL,
-        0xaa5aa2e5112ab9daL,0x2528729d7a36d194L,0x66f8e9d2a5931641L,
-        0x647ff5ed954111d4L,0x91353bb782096582L,0x00000000000001f3L },
-      { 0xd5e1357471f27d0aL,0x8a17cfc4bef718caL,0x045d82b76c25b86eL,
-        0xc190470da060638cL,0xfe1ccd344fe469efL,0x7216f6a2b6e4a4e6L,
-        0xe878f0013d4ecd71L,0xd9e6bef5c06db8e1L,0x000000000000000bL } },
-    /* 42 << 7 */
-    { { 0xa2ac1ae9ac8574c2L,0xa94d700bd8e57fc9L,0xe553a50483768f7cL,
-        0xf7ee17786a4b96ceL,0x9cd65ec7435476b3L,0xec29f389227fc1c3L,
-        0x04d7c2cb02ab76ceL,0x955fc98eabeea649L,0x000000000000003bL },
-      { 0x2caa7206a4347b25L,0x8f9c3dfc888d9c02L,0xd13abad5c7637e02L,
-        0xdd4f2d9889bff5e0L,0x6639923e91237db0L,0xfceb7bec76b38fc5L,
-        0x6f51b35946622c86L,0xcb45000bbc3b052aL,0x0000000000000096L } },
-    /* 43 << 7 */
-    { { 0x7bdd3a436fe42b7bL,0xd751294a80a13668L,0x0c360e45a02c31b6L,
-        0xcadb32ec364ab022L,0x714b47b52915fc64L,0x12894036314a27daL,
-        0x93988364131a29c9L,0x8345fcb41c11e126L,0x0000000000000020L },
-      { 0x7379fc37adf71005L,0x763700973e92607fL,0x7ef1e34ade1aecfaL,
-        0x3e9dccbc364796b5L,0xc2a20940b9b3b46eL,0x209ff5a7b71eead0L,
-        0x8fc5eddf3e6a184bL,0xcaf50b8310b1d636L,0x0000000000000004L } },
-    /* 44 << 7 */
-    { { 0x24ac95c1b023a7a7L,0x900f86d152a600b3L,0xee5907d16cb1e79cL,
-        0xac05c5459e15310bL,0x379b5f665baf1a18L,0xb936c3748ebdeb65L,
-        0x2da06f140b4bb218L,0x3cce7e77a902a571L,0x0000000000000105L },
-      { 0x6e88f5350d47761eL,0xcdbe953128102f67L,0x5fbc898b5d8a732bL,
-        0x4e2b80b20674c9ceL,0xbb1b8ff3b9ca6e9cL,0xacfb7ce058cf73eaL,
-        0x3e38eb1e246664f7L,0x23e34b6712c6e67bL,0x00000000000000b0L } },
-    /* 45 << 7 */
-    { { 0x788cfa862ce9987fL,0xcf87d7181f3a827fL,0xeda41d438963ebe8L,
-        0xc0fc14f2352ede26L,0x1c887d1f9aab3086L,0x4b2ee360e7afe709L,
-        0xb32dcc7781abfa6eL,0x93acc0e721e565c6L,0x00000000000001acL },
-      { 0xda186d0d64798caeL,0x0e1245903faa2a4aL,0xdf259b1e17f2b48eL,
-        0x08d00309e1738aa7L,0x55fad154488c2c04L,0xa49a1f6c8d1cb326L,
-        0xc17528412a587b54L,0x1ae3846021b28da0L,0x0000000000000125L } },
-    /* 46 << 7 */
-    { { 0xc60450ffcfe88e41L,0x90e4a31ce80ee199L,0x129c8141054f77f9L,
-        0x3d87883643d18e19L,0x7d538b08d0aa43a2L,0xaec78cbafedc871cL,
-        0xc2512a4b22c45176L,0xe0fa4fd7adc1c057L,0x0000000000000054L },
-      { 0x6977ed3cb3d0e464L,0x20392cf15876e2f1L,0x4ccc33533e070075L,
-        0xb7aeeef1cf3dc364L,0xed66fe98757b2e2fL,0x5aaa91f114988622L,
-        0xe8f06691772fe270L,0x593bcbdce68972e1L,0x00000000000000abL } },
-    /* 47 << 7 */
-    { { 0x79f3c8d48b4979c1L,0x9f314f3ab34227caL,0x53f70c238542df00L,
-        0x735c9c1f5d2925f4L,0xbc85ead47a520674L,0x03ed628cbaac2b52L,
-        0x920fcf7c3b63752cL,0x82b2bbcc4ddbca03L,0x0000000000000025L },
-      { 0xb3e15c93eee68bacL,0xcaeaf1cab4c6d5dbL,0x87135e437d63080dL,
-        0x7aedd26eece9d3d5L,0xc2cf0281703d669aL,0x669e59b813ab55c5L,
-        0x3682cc5bdc1f5faeL,0x27631c8b969d7e7aL,0x00000000000001faL } },
-    /* 48 << 7 */
-    { { 0xd8af5067441231b0L,0x060a5889b44f70adL,0xc8b668b8d34dc5fcL,
-        0xefd712c3c0913970L,0xb399e81b39dca3dbL,0x78fe34977b823568L,
-        0xe9898e44b2345a5cL,0x71d1075305abf156L,0x000000000000004aL },
-      { 0xb207612eabd2dbffL,0xda4acee7f8666c01L,0xb5385d489eb81547L,
-        0x54aef0260b0b50f1L,0x753b6de9117bb8baL,0x770ce21ac85f7040L,
-        0x2c84b50d55ba9a93L,0x3d6e5e41ed6d5184L,0x0000000000000172L } },
-    /* 49 << 7 */
-    { { 0xbc90b46a54ddbec7L,0xd41023cc9f994187L,0xacd294e2e2bc97ffL,
-        0xab4a43a925eb30dcL,0x73a2f91e7d271790L,0xfdddfdbd90babdcfL,
-        0x075d1009786d202cL,0xe27659f112af11b5L,0x0000000000000132L },
-      { 0x82bb740b5015e833L,0x1b146b579756a549L,0x0676b19bbdbbc646L,
-        0xd905bde08b917c5dL,0xd612630a385d16b8L,0xa990c8d30750f8afL,
-        0x9b692f8b964eca68L,0x0cb1417c6cbf6aa8L,0x00000000000001ddL } },
-    /* 50 << 7 */
-    { { 0x633c95cacfeb6e6dL,0xf310f055d3a913f8L,0x82b3c285962f7c53L,
-        0x93cea71d41ab7d17L,0x3e1938c7c2663a84L,0x03e5c149da567012L,
-        0xbef4569ed1fddee1L,0xec2c08d2c0a14e36L,0x00000000000000a8L },
-      { 0x9f1984ea8c66bb0dL,0x33ec54fa24a7ab3cL,0x82363d70bc7cd59dL,
-        0xcdc086c9dd7205b5L,0x81cefb78bd3f9b62L,0x2f7d9848d0c20358L,
-        0x7d19925e827ab25fL,0x27432ca7bdc46e8dL,0x0000000000000103L } },
-    /* 51 << 7 */
-    { { 0xe5fb482725ea9627L,0xd1b15417eb4a6824L,0xec66b336f640dc0eL,
-        0x58b67fde1f768b93L,0xdb052d30c38e94beL,0xb8f9bf0026c71d3aL,
-        0x524029e3967c2608L,0x2cc1604c3e96c14bL,0x0000000000000018L },
-      { 0x1e00bf024096151fL,0x4682903a3280e791L,0xd10747413f59b08eL,
-        0xf805afcf57dc3da5L,0x69231f31c41ed588L,0x8d88792c3a6f17f2L,
-        0x8c7ed0f3e5562da1L,0x56210b8fcdd3b578L,0x00000000000001c9L } },
-    /* 52 << 7 */
-    { { 0x9560994f8b256515L,0xe6a1c4bfee0c60f3L,0x90616d735c40e06aL,
-        0x96b06d488938c896L,0x3e91746cf7a0d6a3L,0x64101f1f323bb0dfL,
-        0xb9063a273c5f05d8L,0x9a3278f8707f1505L,0x000000000000016aL },
-      { 0x99599034cd47eb2dL,0x2445f57192baec6aL,0x3d775c01f4785d10L,
-        0x5b52741ba39f1742L,0xc3b9b777ae6b587cL,0xf843aed8a8f986d5L,
-        0xac95d65bc8e3e8a2L,0x5ae638e982675b40L,0x00000000000000e1L } },
-    /* 53 << 7 */
-    { { 0x02e5f7474e915b10L,0xfe984f976f9492f8L,0x9539886769709243L,
-        0xf4525d86df138cd6L,0x0c4e8a47f691a83fL,0x7ad0d619cd6eb376L,
-        0xc5185be22dc115d3L,0x0f31c58e3c0cb3c6L,0x0000000000000117L },
-      { 0xf32d5bc157532f62L,0xb11abd34088396f3L,0x41bca25c0b5c4572L,
-        0x85c1d94afd7dee4cL,0xa3bb272129b04077L,0x4ca6c9d0b087910dL,
-        0xef465fede2824a30L,0x3bbcca9059bb45e4L,0x00000000000000c2L } },
-    /* 54 << 7 */
-    { { 0x5620edeac1805532L,0xb0d80cc507b46a79L,0x147fd42b4ad3c20dL,
-        0xc5a3cfad1efb9437L,0xa8c731ffafcc3dd3L,0x3ba852716b815aeaL,
-        0xae961cead66d3336L,0x3f046de2c4a83a83L,0x00000000000001d0L },
-      { 0x87ee923ff0ea8ff8L,0xd0fa8affd0f83feeL,0x5164155928b3f47aL,
-        0xfe93907dbda41a94L,0x8da252c4dadabbc1L,0x02c5a8792d3e40c8L,
-        0x1ed3ebe41b678f29L,0xcc33244ff9b63773L,0x000000000000007fL } },
-    /* 55 << 7 */
-    { { 0x347a11bc92d26303L,0x59820ecf9064fc95L,0x32c8ea2bb66853a3L,
-        0x3dd1cb41b71920c8L,0xdddf7e6914bbf36bL,0xb0f71e18c4d27229L,
-        0x35218d027c56d60eL,0x0e1f568591c81b81L,0x0000000000000049L },
-      { 0x94649487c1a83b3cL,0x79505e0ac2894f9aL,0x12548fe7f64af5a4L,
-        0x0ee8e52a838817e3L,0x625ae0a8faeb95f3L,0x6e82be89f6fd174bL,
-        0x16cb1065c3c4ee67L,0x43c8d753e4cf40ebL,0x00000000000000d2L } },
-    /* 56 << 7 */
-    { { 0x7dc3f4d8b36d4820L,0xc1367c104f2582efL,0x0d65009c600cea72L,
-        0x663152830418692bL,0x973e1aad1b497fe9L,0xa89362316a9c3aa0L,
-        0xa884d7d4c778e6f9L,0x241c3d34142bae6bL,0x00000000000001acL },
-      { 0x09636cb73ff4bc16L,0x7f924363dc70dd8bL,0x44ab005c916de001L,
-        0x5995d92173cf5f83L,0xbc1528c1ae70dc46L,0x94335a4f065bfd79L,
-        0xc50d05469b5a3a41L,0xfeaa8d5a6c039454L,0x00000000000001bfL } },
-    /* 57 << 7 */
-    { { 0x47a78493446416e9L,0xa88b09e0e09e1613L,0x8ffe68539241f3eaL,
-        0xbf5369920fdd9ac4L,0xd619356d487d6560L,0x66a29c0b3a326f9aL,
-        0xa4562dcb975f8c4dL,0xa9b11a8f6827192cL,0x0000000000000034L },
-      { 0xa18d94c3beabe49eL,0x4c95b3d210247731L,0x7e4aaa62800c61ccL,
-        0x192be7ad93aafef3L,0xacdb0684548c37edL,0x906c5dca6b217274L,
-        0xe82905411aa5e87bL,0x99499377af948d0eL,0x00000000000001a4L } },
-    /* 58 << 7 */
-    { { 0x3ccbfc85947098a6L,0x51a647133cedcde0L,0xab36cd65840db808L,
-        0x27f54065e1e6da2eL,0xacb7bc24c4dfb935L,0x0539fb6b85811a51L,
-        0x9a834c153458dbedL,0xf200b042d91c1ffbL,0x0000000000000129L },
-      { 0x64408f3e63cef0a1L,0x9248b34a1e8f0362L,0x666f2a1ef133487cL,
-        0x47574c1e074d37b5L,0x747eddc62bfb71a2L,0x126ccc0ee2f3a687L,
-        0xfe46cb0a74df9695L,0x76c6f165390f4609L,0x0000000000000166L } },
-    /* 59 << 7 */
-    { { 0xcdaa7ab5f50dae67L,0xaa79f66748a0f682L,0xb8527b90a5eece8cL,
-        0x52140489e971d0cfL,0x46592debe5dcb864L,0x93b033d749d3a03cL,
-        0x2ae696de6111a307L,0x92d90b30ac5a9212L,0x000000000000012fL },
-      { 0x1237c3437c548a9eL,0x0a6a33f85ca220dcL,0x89efc633944f854aL,
-        0x1720353b68491e43L,0x50c189b0beb38a01L,0x84cf858336ee395cL,
-        0xd644ee4d644a684cL,0xc496e4eacb2536c3L,0x0000000000000039L } },
-    /* 60 << 7 */
-    { { 0xa12ab81202bf43adL,0xec13c1d85b4fa76cL,0xdc2693f35ef4cae8L,
-        0xe77c16cfd10b16c2L,0xf0885709af73ee84L,0xa0178986db518b00L,
-        0x5b09e2e2435f7a09L,0xb043059120378b2aL,0x00000000000001baL },
-      { 0xe4f25ecfc35a9aefL,0x183d67e6923c79b8L,0xc1ef889887e007cfL,
-        0x243bc11fdc0f34bcL,0x93f6d3cab5219ef8L,0xce0f0c34e7f8f11cL,
-        0x2980543534f5dd6fL,0x425109831808c4ddL,0x00000000000000aeL } },
-    /* 61 << 7 */
-    { { 0x4a1c78eb6d3ef9b9L,0x8e378182ea5b2c00L,0xcc80009a7f17bc57L,
-        0x4ac0725c3aa76f52L,0x67074a8316090e69L,0x247a99f906040d66L,
-        0xffc91223c202669dL,0x36cc81087cf6079aL,0x00000000000000ecL },
-      { 0x0f4c307f9a9b6f1bL,0x784340bca4206c20L,0xb97598c2e2d0b207L,
-        0xc7505ffe1ddcc638L,0xe9d636eee73109c9L,0xd85e9e014b69754bL,
-        0x2a9802d5445c653eL,0x56e8b9e89805df1cL,0x0000000000000183L } },
-    /* 62 << 7 */
-    { { 0x50749bac0480a6eeL,0xd198789139ea640eL,0x13ac416185393676L,
-        0xe28d116425c2eec7L,0xe636a59655b9f322L,0x4ba90f173a8ba194L,
-        0xbca2eb38d49ed797L,0x9dc621d4f4e753b3L,0x0000000000000036L },
-      { 0xe1f60197f0f3bf12L,0x9137f979e7460711L,0x65cf559e696dd5d0L,
-        0xbcc8bc9be80803f3L,0xab56300de8693f04L,0x03ece5d00979cf03L,
-        0x907f30ef073bc6e5L,0x3a7773c1344d837eL,0x000000000000007aL } },
-    /* 63 << 7 */
-    { { 0xe25c24651f92f8b4L,0x3c12a2ad947b1043L,0x159bbc425aea4035L,
-        0xe2519611012a7a12L,0xd237c4afeec2c287L,0x070eb6c60bb8f6d1L,
-        0xabc1864e29a8a0f1L,0xc6d6f9dc9a1ef77aL,0x0000000000000179L },
-      { 0xca4e4bdfe6f42115L,0x86dc6504954f8811L,0x501d86c5c35fe50cL,
-        0xf381c7b059fd3d0aL,0x2f3d1282a5a428a8L,0x152986e24130b67cL,
-        0x2b3719068151bc5fL,0xdf41c90aa163dc68L,0x0000000000000063L } },
-    /* 64 << 7 */
-    { { 0x2172a8aa81a7b4c3L,0x97ca8dfdabf93bbdL,0x2525d8caf37d1211L,
-        0x16442a63917e5726L,0xc67b9ec8e12467bcL,0x53240d523c5227e1L,
-        0x6f6049267101b132L,0x70da1ac7de1a0f56L,0x0000000000000086L },
-      { 0x8d0c56be53e7dcddL,0xca55c626eabc48deL,0xd4cbc52a585ca3c4L,
-        0xa36f240277288d74L,0x42922ebcf7ff687fL,0x482022cd5efbb12dL,
-        0xe539f2aa7a1abed1L,0x561c207037c7469fL,0x00000000000000c7L } },
-    /* 0 << 14 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 14 */
-    { { 0x6db672c63a46caefL,0x999560bf8bd02589L,0x53e343871d900fa3L,
-        0x33c80c2c53d2590eL,0x3b11ead69801a393L,0xc6701879591e52f0L,
-        0xc1c1982d60428399L,0x77d747971932418fL,0x0000000000000177L },
-      { 0xa4f615a05b4fa0ecL,0xb5afe599059eb5c5L,0x1260ba581142b875L,
-        0x3cc654abf4f69ae0L,0x0422ac16ab6d27bdL,0x119f316acae65c55L,
-        0x3ec0a913e15b6c6fL,0x1603620e0ae71c5aL,0x000000000000008dL } },
-    /* 2 << 14 */
-    { { 0x7d5f8e474538e761L,0x37c788724c878738L,0xe69f4711816427f0L,
-        0x4da6f4677315c7d8L,0xf4665c460e84d136L,0x6b6c9c506a9d82d0L,
-        0xab5d9fec1a96fcd2L,0x9ed96c86f7974f3aL,0x000000000000011aL },
-      { 0xbecff7179a66d7acL,0x67d08b6d8f4f08b6L,0x0f7ce5bec02e60acL,
-        0xcae69a50294aed52L,0xb1e2278e10970dfcL,0x618459af75b3e40eL,
-        0xe395787ded5e54a0L,0xcd8a442be862c8ffL,0x000000000000001cL } },
-    /* 3 << 14 */
-    { { 0x501c5422910040b2L,0x3d8fadef6fd18a7dL,0x1ca9754cc159f2e8L,
-        0x3e337074f3570cc6L,0x8d2e0b274f64c1b0L,0xb458964157d8e707L,
-        0xdb9c20ff3b377e8cL,0xe202cb7e3c7a95bbL,0x000000000000014cL },
-      { 0x443b521528898156L,0xc803d7d24d94ae93L,0x768497c3aa70513bL,
-        0x48e7031adb916475L,0x7668dee27654c9a3L,0x9d9403b272eb0122L,
-        0x28eaefd23999b060L,0x663b8a7974c55442L,0x000000000000017bL } },
-    /* 4 << 14 */
-    { { 0xa3480d58caa4bec3L,0x389489935989e4a0L,0x3f4d7b6c6f7ba4caL,
-        0xe2913a55d39cb2aeL,0x615043ead7be6499L,0x9d4c41cbf504fec3L,
-        0x4f93da968d44893bL,0x33a7acdc9a7928e0L,0x0000000000000013L },
-      { 0xc865844f48219a09L,0xa6d0b17937426bdcL,0x7386a0a6284ae0e6L,
-        0xddd6cba0c2dc16fcL,0x77d2934d2940d262L,0x3af6ed35741b88abL,
-        0x96f43a65a6dae43fL,0xc71435351414083bL,0x0000000000000057L } },
-    /* 5 << 14 */
-    { { 0x7790d2eebb886b9cL,0x80caee478c4013c7L,0x2d7d404ec987fefdL,
-        0x31a416b818d7d489L,0x00f6c0f7206e539eL,0x725d958fe52b602aL,
-        0x5729d79e5c4f58e3L,0x2e03f6286906e10dL,0x00000000000001b7L },
-      { 0x2e85fdc682793d69L,0x90676d2f89340b5fL,0x21b84c0e32410378L,
-        0x0a3f3ec8596bac35L,0x986e33fa25754c0dL,0x9d278b18aa967da9L,
-        0x60e45c3719545be5L,0x7c67878814875f0bL,0x00000000000001b2L } },
-    /* 6 << 14 */
-    { { 0x5f3b4a9387f6aa1fL,0xc2b1fe751d34fc74L,0xc437a7aee34cfc89L,
-        0xed72014c30161cfbL,0xfe567e693f395ab9L,0xa1639cf06f0de2a7L,
-        0xd21f55d847970dc6L,0xb5e535794207deb0L,0x0000000000000139L },
-      { 0x594d169afd419bd1L,0xb52e9e26c90e05bfL,0x44d444b7a62de4b2L,
-        0xdd2f17762364737eL,0xc0f6a25563c867d5L,0xf2b52b0e19341f8eL,
-        0xaf95afc014538a86L,0x9a4427ad1dd0c0a7L,0x0000000000000040L } },
-    /* 7 << 14 */
-    { { 0x11f2c66709bb5ac2L,0x09e0c0068b1bc2b4L,0xb8b059d595edf7cbL,
-        0xe84466599cc3b6f1L,0xff0bb4d21a19ff38L,0x4b28f740daa847abL,
-        0x4dc18b713f2ba13fL,0x82797e6a24f93563L,0x0000000000000066L },
-      { 0x24647b9ce0b37526L,0x151f8e85a66e7426L,0xfbc49bd366cbd549L,
-        0x35236b47f1bf9e2dL,0x22d57f5652ce20f5L,0x348388680fb86429L,
-        0x4fd6f7c92729eb8cL,0x47760b45003362a5L,0x0000000000000104L } },
-    /* 8 << 14 */
-    { { 0x394d510624891f36L,0xb4265c4f825fa293L,0x65a54b87f6ecbd5eL,
-        0x6a2f900f2a351a03L,0xfb26d52f8d1dad9cL,0xbd651f19ba2c39ccL,
-        0x2d5894f2bb30ed5aL,0x4cc3f05794732ec9L,0x00000000000000c3L },
-      { 0x8c03ccdc9bfec4ffL,0x4ce76352d52329c8L,0x0a92cdf03995d109L,
-        0x44d28a5d7518ba0cL,0xbd74ecefce16a6a6L,0xcab52531123cb82fL,
-        0x72065b99f34e1c5fL,0x4949379f03a9a916L,0x0000000000000164L } },
-    /* 9 << 14 */
-    { { 0x8ee1c74910ad8ac4L,0x110157d24a29d219L,0xf118918bb59bf09eL,
-        0xfbba7a0ed6b61104L,0x63da0b9a32b9e1deL,0x3fb49a8689f92a39L,
-        0xd229edda291d7f6aL,0xc1e45caaf69a443cL,0x0000000000000044L },
-      { 0x08deb935b6066acdL,0xdd28bcb7b88f3d6aL,0x2e6be43d91b9a3ccL,
-        0xb2480a1a17c1ed87L,0x6bde69bbb5b2b5bbL,0x97dc1fe8cc8f7010L,
-        0x7e2807e7fdb1b32fL,0xe7b130d5f70fd8a0L,0x0000000000000043L } },
-    /* 10 << 14 */
-    { { 0xc3b8439c8b56ac59L,0x59cf8542da6f121bL,0x025a79c1032590e5L,
-        0x3f98129081a8cbceL,0x757cdfa5b3cf905bL,0xea0bba9b91354970L,
-        0x59482cb1dedf20afL,0x67d12c761e59c982L,0x000000000000001fL },
-      { 0x639ba69e08e7113dL,0xa47020a6d9a39024L,0x9fef97a3cb50be8aL,
-        0x5a7a5e7f9d733c97L,0xf2794e015c28cf0dL,0xc1dbb356cae9bfbbL,
-        0x77793cc224716c82L,0x5ccc298d50e5d617L,0x0000000000000037L } },
-    /* 11 << 14 */
-    { { 0x9812a6d442817149L,0xb73e1c2efd845130L,0x842633677ea37239L,
-        0x3074c70bd66a5ae2L,0x15461fbba435a562L,0xe1457c9dcfd53243L,
-        0xcb95324a4b559ae6L,0xd21b06be80fee082L,0x000000000000005bL },
-      { 0xb2a047a250bd939bL,0x50f8174e9ab3c538L,0x7566dd4371fbec0cL,
-        0xd8e989b442a8285eL,0x40b5fb08c129ba84L,0xd3febcf542eb6910L,
-        0x85627da7e425b9cfL,0xb5baf38fc4232846L,0x0000000000000071L } },
-    /* 12 << 14 */
-    { { 0xd49bea9d0d67ee97L,0x3b54996ff8ce59aaL,0x609f5808f5862792L,
-        0x8fff6ee3bf16a7b1L,0x2d515a919ef889a0L,0x9fdad17ecc6a85c3L,
-        0xa93c168b54d161d4L,0x269cbd3fd42907b7L,0x0000000000000077L },
-      { 0xefbdc466cc9bc5aeL,0x562163329f2d0abdL,0x567a46bc78b7f191L,
-        0xfe6f5ffe55cb85ebL,0xb6a1bd3a1fa1e9b7L,0x92a1f94db23aa4a1L,
-        0x8706df4e85b417c5L,0x80f8e27972c38e1dL,0x00000000000001f5L } },
-    /* 13 << 14 */
-    { { 0xdac5bbdfc3346801L,0x108dec419bcb0f02L,0x5fe3f06d48153635L,
-        0x5ce5a8679d23b153L,0xe5dc5b536531411eL,0xae4960cfe36feb3eL,
-        0xd2e67e4524c4fa67L,0xf00a144f30702333L,0x0000000000000182L },
-      { 0x746a744e9428502bL,0xe12542d5e48622c9L,0xd694eee1a88fe253L,
-        0x971c241e1cd5c3a5L,0x7de4e880e0e6cad2L,0x76187547c4ea49e2L,
-        0x0bd43790d02af40fL,0xe7cbcdee5dccd37aL,0x00000000000000edL } },
-    /* 14 << 14 */
-    { { 0x7c22cc01f186fbd4L,0x658ab99c126df416L,0xe558e64094889f6aL,
-        0xa2bb3d4d6138f3ddL,0x0b566d593c7c1262L,0x3d6e21d39de86bbaL,
-        0xf58a8bf45b3fa663L,0x5fcb32d5e5a9783aL,0x00000000000000deL },
-      { 0xe003185eed8094b2L,0x8c44e4e9cb093e1eL,0x9b22bf6557b21153L,
-        0x4e77fcbff755775dL,0x60aa9c223918bf3fL,0x02efccef93854e6bL,
-        0x8d5c09d076894b99L,0x000562319adbd877L,0x000000000000016dL } },
-    /* 15 << 14 */
-    { { 0x63d27e60b67b7904L,0x440e4862517bd828L,0xc6f01d917b4009d7L,
-        0x111a41ce5fd8c6d0L,0x711dda3365429b9eL,0x2cd2af55551c4ccaL,
-        0x5fb416e681cbda87L,0xa20d3108da546986L,0x000000000000004aL },
-      { 0x0554dea9f7d2d8e0L,0x8b6bfcf7eb41abb9L,0x40ee181804e3c7c0L,
-        0x530c3e7220c85212L,0x235f022bc9a2fca7L,0x95fab2db0300639fL,
-        0x48426194585506f5L,0x61a8465852018681L,0x000000000000014dL } },
-    /* 16 << 14 */
-    { { 0xb3ee676376229445L,0xf39bdb10fed827feL,0xbbd917775abbf64cL,
-        0x260ee1d529a83fa6L,0xa0fb51a9e14c0321L,0xe285da4285203855L,
-        0x5c8ab2d255550c91L,0x88a94f055e3e844aL,0x000000000000006cL },
-      { 0xe2c20af1885e1b36L,0x93632bfb5132eb84L,0x8ec0a26aeec26e58L,
-        0xa189aa9bc1a0b075L,0x3786be8fff4a93f9L,0xaf4ace63e4302fc2L,
-        0xc19ae28d5856207eL,0xcd791d4e5425099bL,0x000000000000013cL } },
-    /* 17 << 14 */
-    { { 0xc2e311642e400acbL,0xb36b8691858c3d81L,0xa51d8133cc1c343cL,
-        0xb58a9c83c55818e2L,0x8ccec493946b84c6L,0x5665d20eb30779ccL,
-        0x2edf3534a8d10a72L,0x865f8ffe3962aabcL,0x00000000000001a3L },
-      { 0xd992bb1c76d1bd21L,0x1b61530c574f2eebL,0xc5cea02a6431db08L,
-        0x5abac615b6643c40L,0x839a739d9f0146c4L,0x0a6bd0d2d7b1dc8fL,
-        0x225d01259f6f6dcbL,0x413d64406b6c5498L,0x0000000000000047L } },
-    /* 18 << 14 */
-    { { 0x72eff79a8d1df15dL,0x71e97979714870c1L,0xe66f939f9eb85672L,
-        0x88eea0f77089e658L,0x4d2e37bd4bc49047L,0x3acc988fdd1bd5e2L,
-        0xf4436daa725264deL,0xd294eb310c6f167dL,0x000000000000012bL },
-      { 0x37dcec51defe6cb2L,0x0eb39b1e82ae447dL,0x0e67d023461c386cL,
-        0x67298ef032d4e679L,0x70c9d3e74c18fd88L,0x322b18eedc3a0158L,
-        0xe643985c8d036e18L,0xafecf85494a080a2L,0x0000000000000102L } },
-    /* 19 << 14 */
-    { { 0xbea1d3999258e609L,0xade5b232992aab46L,0xa937d66aabb0b737L,
-        0x75919dc971c1be45L,0x11f1edf6dcb6b3e1L,0x62be1beef84fc1e9L,
-        0x5a7e2788d3a531f7L,0x5cc174fcb1eb09f9L,0x00000000000000d5L },
-      { 0xec6dc93ff199ad60L,0x7966f0725067e8eaL,0x5db6fb626cfa4a74L,
-        0x9b7792ea5a8e325eL,0xd0165798a79ed9e2L,0x618db06c17fea9f4L,
-        0xd4f26caecd5efe3bL,0x8848d8a2b1147f97L,0x00000000000001d7L } },
-    /* 20 << 14 */
-    { { 0x782a46b3a45742d3L,0x7fb395dc9ae4f831L,0xaa0a249906715575L,
-        0x336dd153987995c6L,0x5678c82a70d00fcbL,0xdc87a87233b45f8bL,
-        0xd5b269003498dfa5L,0xa8ef2e81410f7c71L,0x00000000000000ecL },
-      { 0x00e42ef069a89d17L,0xdfd638d21de60ee9L,0x5e3e68a98e2a3b24L,
-        0x19d1cc8ad7a07f7cL,0xd84e18094d2c9b89L,0x7674bfd1fd778f5fL,
-        0x962735a61e2b3490L,0x9ad592a5f535952dL,0x0000000000000031L } },
-    /* 21 << 14 */
-    { { 0xc8f1c0548a0c0bccL,0xa30f26a5b54457fdL,0x6fc1b24c95252d41L,
-        0x7c17f5b425f17d79L,0xaa30b0d126e54e69L,0xc7319dab8072a467L,
-        0x1b3b1209f653c077L,0x95dd97a541b0d682L,0x00000000000000b4L },
-      { 0x48e4678c3f3185d7L,0x1558aab9c5f4f58cL,0x8ded1080b9177b55L,
-        0xb0f7ed32d457739cL,0xfd11aae5a6f09d9fL,0xd8c1338874a99d1bL,
-        0xe68c2f61727f9c0cL,0xbe311c7779ee6a1eL,0x0000000000000165L } },
-    /* 22 << 14 */
-    { { 0xf5eaf9f335acce1dL,0x0b96a6023b9738ebL,0xad95bc9e3eeb44d8L,
-        0x0eec1a5bd535a06aL,0x772a256b21ef687fL,0xb4d097892f4e9fceL,
-        0x5f51391a31e0fab4L,0xe19ddf7c24d4a11cL,0x000000000000001fL },
-      { 0xe78b3824810e0d87L,0xb9a45999c38b789aL,0xef8856703d63565bL,
-        0xc5c41e8704fbb216L,0xfdad741d95b5b15dL,0xf47540283617de9aL,
-        0x270e0d35c4ebd6d3L,0x38c2d45b3166287aL,0x00000000000000b7L } },
-    /* 23 << 14 */
-    { { 0x87dd73b253e3448fL,0x60a7de8cc6d5fcc9L,0x0f0e775e7d9f372aL,
-        0x7d3d0454356ca0ecL,0x67ef63091202240bL,0xe19efd47f65d2cbfL,
-        0xd3407ca767184ce4L,0x6e17fc95a294bbdaL,0x000000000000011aL },
-      { 0x4e28296f4ece1453L,0x1c7af2e5626ebbdeL,0x9701e52b02e2a703L,
-        0x17ae7fa8ab279190L,0x8db8f694dcaf71a6L,0x1ab5594633e49a0cL,
-        0x38b2529c4c4de6d7L,0x16f59109d0e0b997L,0x00000000000001e5L } },
-    /* 24 << 14 */
-    { { 0x80d754cbaf63a6ffL,0xa4f718c114970f91L,0x33767545b184b25cL,
-        0xcb615b6126115598L,0xddc1e848b0ec3a99L,0x238885ae7a9ee0f4L,
-        0x4f434c1a70cff1afL,0xa5d8f62804f92877L,0x0000000000000103L },
-      { 0x889a468cf5e7b21cL,0x42c6b1284f73f4c1L,0xc825355fea99c1c9L,
-        0xdfabd44eb8502cabL,0x2c19c4f8078ff997L,0x766be192f948436eL,
-        0xc086ddd4d3dcdf09L,0xf28f946c1d8fd86bL,0x00000000000001ffL } },
-    /* 25 << 14 */
-    { { 0xba6292380ed67da3L,0xf098937a18b18a45L,0xf40e4ff532aa3697L,
-        0x65f0f6d484f25d73L,0x0447d49a2409ee55L,0xd8f3f95ebe06fc9aL,
-        0x6720b40c38a09cf5L,0x498d11f28fdced99L,0x00000000000000fdL },
-      { 0x30ba67a673dfbf54L,0xe1f24bf629950888L,0x0cb868f331bfd446L,
-        0xc17fd67b7f9e5043L,0xa7da16fa4623e449L,0x3702bc7d2f358149L,
-        0xc350a191ea209cedL,0xe0d4d94b80089030L,0x00000000000000a6L } },
-    /* 26 << 14 */
-    { { 0x4a2e8b7588b8ffebL,0xac8299ad552743eeL,0xcc88211f46a49114L,
-        0xeb39502e41625dedL,0x55322cd961f01503L,0x5dfc1640b9fcc446L,
-        0xa4dcb9b9752c2d0eL,0xbc5ff858b4084347L,0x0000000000000016L },
-      { 0x842af48f1d8ace0dL,0x0c7fed42216d4efaL,0x2f280f63cee88219L,
-        0x15a76cf8278f154dL,0xc1dba01188ffa0d4L,0xe18e7b9a5dab9669L,
-        0x1072ce8351c3451bL,0x81466b0bc0625ce7L,0x000000000000008dL } },
-    /* 27 << 14 */
-    { { 0xc6532dd495f1a993L,0xed2d9c8e994550dfL,0xcd980625dc3206d1L,
-        0x44920d5d8a99860fL,0x179a1fbfe95e6ac0L,0x21586f6e642b18a0L,
-        0x382e467bb9bc16e8L,0x1bdc2a08eb4a3081L,0x00000000000001bfL },
-      { 0x2dcdd601a46e68e0L,0xd015240b93b19720L,0x77749858ce57fd5bL,
-        0xb3cdcd8216d48d32L,0x65ad981f28365bd7L,0x392c56e9dca4a70cL,
-        0x76767327573481d2L,0x5827f187873f6cf3L,0x000000000000005bL } },
-    /* 28 << 14 */
-    { { 0x9ddc754cae4622faL,0xac04c42905c5947fL,0x0b53d6db2dbfb6a4L,
-        0x1fb16f7b883c6d42L,0xe38b1745e5dbab18L,0xa320f80a0087b164L,
-        0x4a5c274f32cd4694L,0xe32650c10855dc1fL,0x00000000000000ceL },
-      { 0xf1c1a8c55997c5b5L,0x3a20ff072e051a16L,0xbaaccce236a4bc59L,
-        0x72ae4a192c407bfdL,0x0ada1e57c128c710L,0xf4ce04dbb2d91ff3L,
-        0x8616da8731fd0538L,0x5c19b57f245b59f8L,0x000000000000010bL } },
-    /* 29 << 14 */
-    { { 0x31597b8c0a73b81fL,0xcd52d82105ab588aL,0x4baf4239e28ced35L,
-        0xc53a092e39673af6L,0x9e64a4d0f36bf7f2L,0xac2e493576c02cdfL,
-        0x4ee3570ad7fd8566L,0x3a35bcc242fcfa04L,0x0000000000000178L },
-      { 0x556867075b8e9c9dL,0xba2645ac9c6ad053L,0xb43529a90a748b98L,
-        0x2f9af439901cf7c1L,0xd7996db75282357bL,0x11015af01ce89b7fL,
-        0x67b216b74963a6caL,0x8a8db55b74ad3678L,0x0000000000000054L } },
-    /* 30 << 14 */
-    { { 0xb2d55efa0c44bf54L,0x8f646047b5668a6cL,0x5e399e3f28000a00L,
-        0x50551969f61e1838L,0xc32196b12613df05L,0x3e838233f7a1478cL,
-        0x392a6c1fc508d707L,0xd93d05d6311b3998L,0x0000000000000009L },
-      { 0x6b31024ef05a16e5L,0x5a914eedc202d6aaL,0x2ecfe24db04a8795L,
-        0x596a539e3e88e191L,0xebfa53cb697fdba9L,0xa69b735d1dc0d0f6L,
-        0xa6a8ce767ff79787L,0x071e45f09aefaf38L,0x000000000000007eL } },
-    /* 31 << 14 */
-    { { 0xf27472c1ae93f8c0L,0xf04c6ea4a8e48c7bL,0x31d58b6422cad4c6L,
-        0xc7ff26cd06556907L,0x44e71c873b03e6f6L,0x01eb2ef5eea10ed3L,
-        0x61bc27e81b7996e9L,0xd0ab98cdb523dd48L,0x00000000000001ebL },
-      { 0xfe27e8cd3a19cd0fL,0x5ccf20a0d70e567bL,0xf2e641e142c65e55L,
-        0xba46dfaf1ed8e850L,0x1af42222e5ed2072L,0x691811faab988c72L,
-        0x94e7f4fa93d8842eL,0x6442a9c5a1152efaL,0x0000000000000186L } },
-    /* 32 << 14 */
-    { { 0x44edf8be84357b3fL,0xe5df9129588059d0L,0x83e65cfaab7d5b23L,
-        0x79c2e1982121a504L,0xe6a19633eb3be7d1L,0xd9f8869586b85bc4L,
-        0x78508fa279f2187cL,0xa2eb8fc012254f09L,0x00000000000000aeL },
-      { 0xb1a6704e2797d3faL,0x95b4c2682c78669fL,0x5294a8e42997c68dL,
-        0x7246b0614085bad5L,0x7ca017c24159e5efL,0xb8fe1a6187d1a013L,
-        0xdba0dcde44bc4ea3L,0x1fdd53c6a8ce296fL,0x00000000000000feL } },
-    /* 33 << 14 */
-    { { 0x8476dad138c75952L,0x256608000e53b9c0L,0x6f5f6ffc5002a11bL,
-        0x025ccfea8d537febL,0x1d09d62b2eb845d9L,0x5d4596b2e1a65903L,
-        0x49528722d492b0f8L,0x444b3def4cf2b0fdL,0x000000000000008cL },
-      { 0x25c1941661967bd6L,0xff50303688985e0dL,0xd180daccc95cd952L,
-        0xea18affd18456eeeL,0x6ccf36af65317267L,0x8fb2380251dc5738L,
-        0xaf16178d33439112L,0xb342543e0b99b0cbL,0x000000000000006eL } },
-    /* 34 << 14 */
-    { { 0x53277acc3ccbc40bL,0x218e751f6d939a22L,0xb3e92769c121b67fL,
-        0xdbf0fdc0522b77a4L,0xbed0af74fafbf581L,0x8a9c509e162b2417L,
-        0x1ee6bd74f86831a5L,0x14cbe9f436df364bL,0x0000000000000100L },
-      { 0x013a60b8164ffbdaL,0xfc05d43a28203c5bL,0x112489209bc7a027L,
-        0x2ffa9cf550713fb1L,0x9c1d0bd5b07e598fL,0x207fcec72df3eb6eL,
-        0x632ef362e16f2bc5L,0x20bb3d440a840efcL,0x000000000000013dL } },
-    /* 35 << 14 */
-    { { 0x9a5c53712dbf76edL,0xf5cc66adfa183c55L,0x84ce4c1f1c020230L,
-        0x4c2d3b4490f2990cL,0x9150627f643357baL,0xb7cfd07f31fe37c2L,
-        0x1e5a915b888b5198L,0x5ac98b6e98bbacf8L,0x0000000000000185L },
-      { 0xc79d020aeb775585L,0x5974d3de45a3257fL,0x72b152daa6a4749bL,
-        0xf3603d175ad334feL,0xe3d82b9532e115dcL,0x15a6b62edf4f90d7L,
-        0xda84eab108fdd614L,0xd893690b706bc3c1L,0x0000000000000199L } },
-    /* 36 << 14 */
-    { { 0x7dbc777cc8eda3e4L,0xf93443a53d138b69L,0xf88673fabe32f323L,
-        0xc53f686eaf91501eL,0x2c583a94a9e8df0fL,0xdbb476a579a360bfL,
-        0xd6d61debed573377L,0x8bf9489dd85e7ce8L,0x0000000000000186L },
-      { 0x4ea12cf58c06659eL,0x3a5df265fbc275d3L,0x434f440ba5ea596bL,
-        0xa386793e82ec727bL,0x4f4d4575b4af3144L,0x465aae52b64cd799L,
-        0x4c7c443401dd7df8L,0xc7d3008e40ec3273L,0x00000000000001e3L } },
-    /* 37 << 14 */
-    { { 0x296d12f19fb85a94L,0xf9e671e189de482eL,0x596ff3b73de0eed9L,
-        0xd4bdb6b976feff0bL,0x8ac1d1fe0133e043L,0xf3a91297c19b02d1L,
-        0x247fdc3217bba0e5L,0xadb9cc46caed480bL,0x00000000000001cdL },
-      { 0x71f9bb404eb96e74L,0x786704f425cbd4f9L,0x35c01daf4127f783L,
-        0x53bcd595ca68c06aL,0xf7a45e8f548751daL,0x8c0b80dbc36658b5L,
-        0x0eccb01f3182ead1L,0x7b4da8ae3dd4577bL,0x0000000000000111L } },
-    /* 38 << 14 */
-    { { 0x0f80cc7b2aa68d6cL,0x2aeea46ba5b1edefL,0xc1a582e38e4246c2L,
-        0x4890117c468c83c0L,0xb203066fc0f4c50cL,0xc3d86d97753bd8c0L,
-        0x7c7796b45821c82dL,0xeab746ef789602bdL,0x000000000000008bL },
-      { 0xfec63dc6d79ff090L,0x3f34e577fcc4f8c9L,0x755ddf0eeb73c7c6L,
-        0xcb6ee6d1c400c474L,0x070ef40f27a0f15cL,0x3e30e74ac75fb5ebL,
-        0x203e4d10f0681326L,0x1933a5161906e321L,0x000000000000015eL } },
-    /* 39 << 14 */
-    { { 0xf40dcbdd97c06856L,0x5093f148ba7c198fL,0x9b63c31888a4e5e1L,
-        0xfbe0d089980bc362L,0x0d1d1889d1a2f1deL,0x56df5ede9fb22fc5L,
-        0xcb790b388b0d329dL,0x68de9e9507e0dd4aL,0x00000000000000ddL },
-      { 0x870b198434557937L,0xbc4de915cb8041c0L,0xfb1e1e3b25df82a6L,
-        0xffd486000bb66bbdL,0x408f76d32485fda7L,0x5eb686cd56698db2L,
-        0x9b466dc1a16d4f85L,0x50657a6ce17cd57eL,0x0000000000000085L } },
-    /* 40 << 14 */
-    { { 0xd06fcbb8cbdd8953L,0x5a7495784a83da15L,0x9a509298fbdbf149L,
-        0xe87856427b745cc2L,0xf473e129b6b6ea45L,0x325e846f5982df34L,
-        0x2761bcbf39c922dbL,0xd598487a4c8a1843L,0x0000000000000141L },
-      { 0x4d4ce00e255dbee0L,0xb990df3e75a0e0faL,0x947755b894297a3bL,
-        0x4797193fbf7a683bL,0xe3be49554c1f5e73L,0x0ebabf7ce3832a6eL,
-        0x55aa92bb16574df2L,0xd05f35e66ace50f8L,0x0000000000000032L } },
-    /* 41 << 14 */
-    { { 0x0fe114732d5dd3eeL,0x387d15619e3b9f56L,0x6e68c4c4a2b445d9L,
-        0xea666a0682103ef1L,0x5d1c563756e00144L,0x6167168a056a94dcL,
-        0x75af25224dd46bbbL,0x9d5ac0de25f2477fL,0x00000000000000d6L },
-      { 0xb2c55ad2ad8ada45L,0x5e2a1d14c04094efL,0x2c7f76f93c359f4dL,
-        0xfec96532462b8fb3L,0xc5ddd1a99a542665L,0xe0ff14b28d3fb2adL,
-        0x802a81d51b16e7c2L,0x02eda0edd5bd8418L,0x00000000000001b9L } },
-    /* 42 << 14 */
-    { { 0x19d40ead8c3208a2L,0x921a28ae4b57239bL,0xd9c1cdf87c048e0dL,
-        0xc0896b487c1924adL,0x6f8e11b70015cb8fL,0x93fbe340e490613bL,
-        0x34f8734f8758f850L,0xaa9acf4f5cf61cbfL,0x000000000000014cL },
-      { 0xc3636b8815758f79L,0x7c1d4f0928dc60c1L,0x48cb27e6b77f1edbL,
-        0x5d5a94b007580b50L,0xb6934e25a129e7bbL,0x6f00412da44d9a6eL,
-        0xe6e347f209f16d89L,0xa60de5594470a50aL,0x0000000000000086L } },
-    /* 43 << 14 */
-    { { 0xd94e16dd0f5545c0L,0x99311bd1655e0f8cL,0xbd28f252b6084433L,
-        0x5dfc8beacb8a0b6aL,0xca27033f7e2964c9L,0x4e1d96942b5eacc2L,
-        0xca11c059f2eab44eL,0xb9a4ae9feb61f161L,0x00000000000000deL },
-      { 0x6840e5d242e77d55L,0x58235511a7df2d6cL,0xb00763753af2b1f8L,
-        0x7ac404ff9f430068L,0xf5b2bc675e6129d2L,0x3d474d6c30d6fbbaL,
-        0xa0c66d83afc5cd14L,0xa93c5ccf84651070L,0x000000000000019eL } },
-    /* 44 << 14 */
-    { { 0x28e8d7cdab4f88e3L,0x898baec98ec7fd82L,0x13328d8ec459c3fbL,
-        0xa635e9b13b0493efL,0x039493381ddff9b3L,0x93f2886cff82a4fdL,
-        0x9cb165730c609c2cL,0xab282b67ae8e6e06L,0x000000000000018dL },
-      { 0xc16fbd160792dcfbL,0xc42bbe74adf64db7L,0xc85534c4315f21d9L,
-        0x66cd4cd3747b8361L,0xcd26cbe3f33752b1L,0x185add8554d2bfa6L,
-        0xac366f9f3364f9b0L,0xdb6b5e544188b82eL,0x00000000000000f0L } },
-    /* 45 << 14 */
-    { { 0x40394dc28eb60051L,0xe85d4323b94b7c23L,0x35ece007398df4b0L,
-        0x4048e7668f3837c7L,0xd2968bf381699670L,0x341d0b90ef321d08L,
-        0x9fb3d866adb69687L,0xf649f7a01e95fbc8L,0x0000000000000040L },
-      { 0x637c2c6a230521a6L,0x538783613fbf1391L,0x624386a14812d57dL,
-        0xeac925d71c92e4b1L,0x886160dadd9f8fb7L,0xafade790ad700edaL,
-        0x4795d6eac4a75e99L,0x30a507699c844dbeL,0x00000000000000a4L } },
-    /* 46 << 14 */
-    { { 0x7749f0fd407325c4L,0x82a14463fa3e21b6L,0x456f01251367a25fL,
-        0x7fb481cd59345788L,0x18b408080fbab520L,0x44f57759821b00b4L,
-        0x2260d7a7e88bb2c7L,0x3b6a935d609f7ea5L,0x000000000000004dL },
-      { 0xa078b27909d38bfbL,0xa5a0db3da266eacdL,0x5b022ed5eb2a2fafL,
-        0x6596a4aea49586caL,0x401a450d6f1bd9bcL,0x2a272cd4fe972a51L,
-        0x1af0c66897c701beL,0x74c04b6721402335L,0x000000000000012aL } },
-    /* 47 << 14 */
-    { { 0xa046a8084e621a9eL,0xb61cdc55514a1be3L,0x45b894ae05e335b8L,
-        0x2a7afd2f3f2cbd40L,0x9febc8b21d4cdc78L,0x8022fb1d990da9acL,
-        0x2a544f9786ea08feL,0xc8f50cd46af5d246L,0x00000000000000faL },
-      { 0x8325acc8dbea7bddL,0x86ec5d580a254408L,0x0328bd2f6b93bde0L,
-        0xc4a75a47256ef2b3L,0x61b14aee0d43792cL,0x660894bc15f60963L,
-        0xf06c411a9e2ec909L,0xc7bb2f80846c3b1fL,0x000000000000017fL } },
-    /* 48 << 14 */
-    { { 0x5e597d089b0a6b1cL,0x3ed100fab66ad53dL,0x9852718497c12a70L,
-        0x295556e631779d59L,0x9733135a0d5a0720L,0x4cf945e66f937863L,
-        0x8289d86b87679e05L,0x1979cf02f3b45d70L,0x00000000000001b1L },
-      { 0xeca4684be1874574L,0x4cde87b963ec3ebbL,0x74486ff281b929caL,
-        0xcf9c54dd5113e211L,0x95bbc0e1b8237581L,0xa92320f70fe355e7L,
-        0x945a1a0345b9dbd3L,0xebbc1d0d4c99791aL,0x0000000000000143L } },
-    /* 49 << 14 */
-    { { 0xffd45977b2f6d655L,0x2a2895ec5dca5a02L,0x4b12c0cb0f0229d7L,
-        0xbc5066638eb2d617L,0x7859a404b4414ebeL,0x25a4ed7bd0414b93L,
-        0x967f9aa382670c9eL,0x1ad77f6fc430405bL,0x00000000000001ebL },
-      { 0xf88be831313b212fL,0xe2e6cab7348e2d56L,0x357676d439019ec4L,
-        0xff936f3869846bd4L,0x6345ca8d66ce27ceL,0x82836c0ec72384c9L,
-        0x5ebe05967beacdfcL,0xfc1d54f4150fd26fL,0x00000000000001abL } },
-    /* 50 << 14 */
-    { { 0x6649d0ddd7587da5L,0xa9f6c67abc3b988fL,0x7ff9da31921c0c68L,
-        0x47453a7901728d6aL,0xf29a285af14e4958L,0x559fef9ecb3695aaL,
-        0xf00d26d90d698abdL,0x9f2a87adf0e12bf3L,0x00000000000001e9L },
-      { 0x1cdd21ff7823d0cfL,0x7817d994456ba521L,0x11a2d178e6b7b13bL,
-        0x272ed174315c7508L,0xee909a0bdf995ad9L,0xe9432355b9194220L,
-        0xfe5bd9b1b2458aabL,0xea8e397b7dcd8a61L,0x00000000000001adL } },
-    /* 51 << 14 */
-    { { 0x3dbd43387b55498bL,0x6e596b6bc82e0ebdL,0x382ef7e250a694bcL,
-        0x3c840753865dac40L,0x37b13cd0267c7b8aL,0xa4767ad5cdd6b7e6L,
-        0xf700ba8d60af4929L,0x3fdbfdfd4c96867aL,0x000000000000019dL },
-      { 0x4f711cb378e1611fL,0xeaf744da23723236L,0xc3f6bda778ebdacdL,
-        0x9aeef0e09e0053b5L,0xbdb6d71a90b16d38L,0x3765112f3dacd8caL,
-        0xf6d3a468704cac3cL,0xe6f258412646b586L,0x00000000000001e0L } },
-    /* 52 << 14 */
-    { { 0x74ff5c5188e250d1L,0x46e6a1dedc911cecL,0xc28ba25b48c5291aL,
-        0x0f571b2aa9fde68cL,0x1c7d3fe989952038L,0x40b66dab6a4850f9L,
-        0xf2a3db3956af4d75L,0x9861204f03123ba0L,0x000000000000016eL },
-      { 0x1ecdbbd45ac22cd7L,0xe7349a910000be6fL,0xff94c6a2327586b9L,
-        0xe78c257f7e123652L,0x18e795c5aaebcaf2L,0x7dffc5b363c70794L,
-        0x6c3b3d2067e76a08L,0x820b7e33afba9f7eL,0x00000000000001cfL } },
-    /* 53 << 14 */
-    { { 0x28046bad1bed718bL,0x89dd1a2a107fad6bL,0x72d4a58ce5be292fL,
-        0x44c2bfb40b8f0633L,0x175b44b9acf0bc64L,0xe77b0389e2a0082bL,
-        0xba56099662ce72f4L,0x88d47c05977a1195L,0x000000000000001bL },
-      { 0xe08df997f1937128L,0x7be24d4e6d7b6de6L,0x2c1da8cc2895c158L,
-        0x867b4dbde6095143L,0x2f9fd14167dda364L,0x746c8bb98f5dd0a7L,
-        0xec978e1931fe3f41L,0x3c2b278da2b6be6eL,0x00000000000000abL } },
-    /* 54 << 14 */
-    { { 0x53305692201e8211L,0x453de0b663165a91L,0xb5787597bc0e4356L,
-        0x49d7a66f6036286aL,0x4f3ec2a9545399b0L,0x87b0f978e70c2bdcL,
-        0xc41adf47db793dc5L,0x6394b7ef20acc60eL,0x00000000000001f1L },
-      { 0x8f24f67bcb1ba826L,0xfde4bb5c9e783ae8L,0x4ab170a0b072e2f2L,
-        0x01968ba82be627d9L,0xe8c1a0115710c838L,0x9aa5552eff2c4c0aL,
-        0xebf694e1aadea875L,0xcd34f51184feeee3L,0x0000000000000101L } },
-    /* 55 << 14 */
-    { { 0xc1e4d3db1ef1e686L,0xb8a1403857560e2aL,0xbb3d623b47538074L,
-        0x18921f9026b5e77dL,0xbb7096d508be51c1L,0x1118eb73c714f7a6L,
-        0x0dfe997369e0fc89L,0xc28cba21f8a93363L,0x000000000000018bL },
-      { 0x66c5603da2f03e1dL,0x4f17de957d775555L,0x26e00c87c2bb36bdL,
-        0xf5a4806a3288e106L,0xf934a912a9a42ed3L,0xe374aa3df76e08e9L,
-        0x3bb52d94983fa9ffL,0x74b832e55d421496L,0x00000000000000c4L } },
-    /* 56 << 14 */
-    { { 0x932645e87ada2a97L,0x21c7eba2e8300b13L,0x948ee3bec714208aL,
-        0x7d4c3d65d66c4b41L,0x8373248e8530bdeaL,0xb053676048b836e1L,
-        0x9db23d3975656dcaL,0x37da5fa90e294ebdL,0x00000000000001fcL },
-      { 0x8715df66bb355ca4L,0x9f0eb8f4ca81ae22L,0x477877be167325c2L,
-        0xde6d697564174912L,0xfd9770aebb0b5cd2L,0xd83513421999f713L,
-        0x14fbdc847fecf8ecL,0x1700b51341521ea8L,0x000000000000006bL } },
-    /* 57 << 14 */
-    { { 0x1fb72fa4e1a987e1L,0x2ec447d4b3a419e1L,0xf414904f0af68019L,
-        0xbd78ef312a752878L,0x84280607c9d3f03dL,0xd234588a676d8a40L,
-        0xfd83257c8405dfdbL,0x9e40b20e5b0e8942L,0x00000000000001aaL },
-      { 0xad94e86e8e352cd5L,0x28598b94e481b980L,0x6bf8a3fa3441e4f1L,
-        0xcf0e604288c65230L,0x9e3cb7518097669eL,0x205666a00e1cc1eeL,
-        0x0c18df29b2f5cc87L,0x418ba30d6986decbL,0x00000000000000b3L } },
-    /* 58 << 14 */
-    { { 0x440f76b5efc7c941L,0x2655270e0f135411L,0xf29c7ba6095b4edaL,
-        0x7ec4aadc12c0b3b9L,0x162b1a6e2637926dL,0x25e1e9634eef2802L,
-        0xd413ab20e56edc9cL,0x0d6ab23eca7901c4L,0x0000000000000019L },
-      { 0xf1d31cac5c98bcd9L,0x939dbd4ebdcfca60L,0x0492c4cae0be4dfcL,
-        0x68e939f3422574f3L,0x80996ded137cc107L,0xc714e969aff399fcL,
-        0xe772477000fc77ccL,0xd980f985472af5ebL,0x000000000000014eL } },
-    /* 59 << 14 */
-    { { 0x5a28ef5122dc1e97L,0x9da0854654fcd9c8L,0xc6b613d635ad72b3L,
-        0x413cb175fcfc0f36L,0xe16aa604bdfa0b08L,0x3e1bbeaf35235a92L,
-        0xbcc910ff3b7d1193L,0x4f6b1df31c21441eL,0x0000000000000087L },
-      { 0xa940ba897d940cdbL,0x93708a405b4b3a34L,0x67579e47cc7f3b19L,
-        0x16260fc86b5c6b95L,0x0bac93e0a1c9c2e9L,0x5dd70dbe2d9c44edL,
-        0x01ed179d47ff1001L,0xd7e891ea2eb5f1fcL,0x000000000000006eL } },
-    /* 60 << 14 */
-    { { 0x330f31b6c916e988L,0x601fca7fa6e737c0L,0x99e063dcdf9c7b04L,
-        0x49e97a9627cd93b0L,0x576fe3429a7c06deL,0xa6d8c4796eac19aeL,
-        0x4c5cc139fc72dc81L,0xf34b69073533fe76L,0x00000000000000f0L },
-      { 0x8d444d34983c41e6L,0x650af8bbe2e49bd6L,0x1794d4c0c1bcb88aL,
-        0x798cb3d8b2fe435aL,0x8544a707e7433605L,0x82dfc6359fd393e0L,
-        0x572bd64292981c51L,0xb451731fe001273dL,0x000000000000010cL } },
-    /* 61 << 14 */
-    { { 0xfd6a06190f7d5e62L,0x363d0d2820d126daL,0x56b94c82ec82e67dL,
-        0xdc493f04d5e8870aL,0x936ac4b4c9cd9fc3L,0xfb6d59b2ad27c8daL,
-        0xc94e470edf8f5ef6L,0x9e47d7f32e818bf9L,0x00000000000001a3L },
-      { 0x384d552bcefa9b33L,0x02d8353268aade38L,0x61b0f08d8208634fL,
-        0xbf13ac956235c74cL,0xa44deea4a108f58eL,0x485fa5c8a991ab4eL,
-        0xd53cb2c59682a856L,0xa590f750072f2accL,0x00000000000001bdL } },
-    /* 62 << 14 */
-    { { 0x5dc324b538f9f14fL,0x0e1b29ca25417001L,0x244cc7596932af3dL,
-        0x19787a6c2765e15cL,0x7144d48fb7fbbde0L,0xe898a059012c68f9L,
-        0xc66ebe6d9d907dafL,0x02aa0fd3e114e429L,0x0000000000000101L },
-      { 0x138b94bb6551e782L,0x326631f7bb5ff6d2L,0x21c17feac81f02a6L,
-        0x72f829c4a1d73b84L,0x941c0390bd578fceL,0xd2c600c409bbf7a1L,
-        0xb849f9bdd3438945L,0xc09307c24d330616L,0x0000000000000170L } },
-    /* 63 << 14 */
-    { { 0x6c553f60c70835a7L,0xdb249d1d454158b1L,0x34eea92e29f411e6L,
-        0xd75f12f67037c4c4L,0xfc5cafae3a77bd41L,0xa7309f006680eae8L,
-        0xa04eb002404a6360L,0x359a53cfc069275dL,0x0000000000000147L },
-      { 0x2bb3ac825af98268L,0x1f3fdf5f50056aa2L,0xd82b90bbcc7a2c08L,
-        0x5c7b793a7c4dbbeaL,0x7bdbb47f568ef299L,0x3b7716307b4f839dL,
-        0x2fa53e49d475515dL,0xa0ef2b77608ea974L,0x0000000000000101L } },
-    /* 64 << 14 */
-    { { 0x4f0e025fa2302041L,0x4d50d98948d262b5L,0x01720a0ad622c7d4L,
-        0xe3b5a94158d1c97cL,0xfbc5b18338aed2a5L,0x27f02177823b5d8dL,
-        0xadf74074775f38c5L,0x95bf91f44f1a6ea0L,0x0000000000000104L },
-      { 0xf9cd82998e2d6ab2L,0xa75b296b6c27631dL,0x077000491e00bac9L,
-        0xdc99e546ebd66975L,0x44fa528275e54993L,0x25fbca4bd50e44d1L,
-        0x4663139381057b1aL,0xc22eff26bdcdf45aL,0x00000000000001cfL } },
-    /* 0 << 21 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 21 */
-    { { 0x3519394e7f6b9b0bL,0x76e8c23501aed422L,0xcb70fe5c64bf111aL,
-        0xc6c025915b3c7eeeL,0xb53b8858f9ed8925L,0x51503afabb66cd7eL,
-        0xa2479b22a6b3f2c4L,0xfbcb06c48eeee4e4L,0x00000000000001c6L },
-      { 0x29f2ff47198bb516L,0x1895fb6877671ddcL,0x10a1e7541e2b80eeL,
-        0xb19efc72a7732627L,0x88f9176e1e0ef24cL,0x22ef41af1fa7183aL,
-        0x994ea31c47d7c8d0L,0xe838b3f2e9793ae0L,0x00000000000001b1L } },
-    /* 2 << 21 */
-    { { 0x39f73a5667d26eacL,0xe15b72b9938fa0e2L,0x16e09f8b554f85dbL,
-        0x0e6d1cee02a16cc2L,0xcd989df35e548e22L,0x9ba195fc3cacda0dL,
-        0xcfecc6f94ce28d02L,0x8b8f51e0c91fa6d8L,0x000000000000019fL },
-      { 0x79f455b2c1a33bd9L,0x76514d33fe83b781L,0x3f5ec772f2ef9526L,
-        0x2d1e47946ea54f2aL,0x472fb203c1e2d62aL,0x6e94a20beabf2c9dL,
-        0x11da7502781a8076L,0x12ccf29a91ba87c8L,0x00000000000000ddL } },
-    /* 3 << 21 */
-    { { 0xc9518f3fb711958eL,0x74d3a13f0bc5dfb8L,0x7da464ac62025afeL,
-        0xbfb139fa9a3e2fa5L,0xb30511cc9a8d7c09L,0x4d3a313f17e41faaL,
-        0x7c53ff823a10c83eL,0x2e85a451abf3f866L,0x00000000000000d5L },
-      { 0xe2844777df1d2939L,0xc3a4ccfe21fdaeb8L,0x47b7e6138c8f6176L,
-        0x038b43eb1b6571d0L,0x9f380474e3f47c8cL,0x623e3416b97bac68L,
-        0x625b6bf1bed4caefL,0x6ac6e0c81664fcddL,0x000000000000011fL } },
-    /* 4 << 21 */
-    { { 0xe7bbf4a8d2249935L,0xbaa56999adb64049L,0x5e0ecae945f8df55L,
-        0x20b22a2f64e2a249L,0x480102231420d76aL,0x24bd8f9ffb45acfcL,
-        0x66e9c51167673f8dL,0x719eda3c1f02406fL,0x0000000000000138L },
-      { 0x56f88274d07c2fdfL,0x2b82612a54c1db4eL,0x0d4ae93896c3b009L,
-        0xf97a730e5897ed7eL,0x3e3505c0396f9c18L,0x20d682e4daea8f31L,
-        0x05fe6ea4e85bd289L,0x6e05507b14613e5cL,0x0000000000000164L } },
-    /* 5 << 21 */
-    { { 0xf0307ea7a3abdf0fL,0x25bc4d1d49de2354L,0x2b8ebd094b8160b8L,
-        0xf437b69e3a63c866L,0x59c64b2fdf07da1aL,0x817d2723ba53a71aL,
-        0x1ec10e309715b466L,0x852eb71d4b5f821fL,0x000000000000010dL },
-      { 0x3a53ed2dab617319L,0x0279fb691e3accc8L,0xe2746511030858a1L,
-        0xd5411a7f4fd0acffL,0x8f31def309c66cf1L,0xf8b414cf85c0c9f7L,
-        0x15222a47d2565b67L,0x732e7eb6471411c7L,0x00000000000001a7L } },
-    /* 6 << 21 */
-    { { 0xbc36eed32f7bf34dL,0xfcdedaaa7cce180bL,0x3b719b5b5cb22fdcL,
-        0x6ae5bdd9e4111433L,0x865a0148381f4186L,0x170a523b9245c6f6L,
-        0xe3be816ac2b1118bL,0x30e7aa62174efd73L,0x0000000000000033L },
-      { 0x1abfe12c4ca2f7c2L,0x60485268733b1f6aL,0x82690e31a1d38bd6L,
-        0x3a55f831d862dc8fL,0xfb3e4436e03e590aL,0xf265ed1075222c2cL,
-        0x41cf2d8753b1fb51L,0x12922d525a82041bL,0x0000000000000060L } },
-    /* 7 << 21 */
-    { { 0x5b6a6ca5ef7dc356L,0xc47b9c0f55c1a178L,0x89eb8747c07b52b0L,
-        0x097775cf736ebbe8L,0xcb84611f506fbdb6L,0x2135b7da68c82d60L,
-        0x1084122dac4454a3L,0x115da2f59c93e278L,0x000000000000016eL },
-      { 0x743591776721fbbeL,0xd051798061337a71L,0x78b344de3aa24943L,
-        0xf41a1bfb0c600b70L,0x25f8d92f0af82b82L,0x1ca931aa74d2845bL,
-        0x0a49f46da9adc76eL,0x78678a328a130e6dL,0x00000000000000bdL } },
-    /* 8 << 21 */
-    { { 0xb5f5385146d39a88L,0x58a99a0f9cc76debL,0xcfdd909ef3825b82L,
-        0x8f49dbdcf4694014L,0xefd505fe9cfec7b7L,0x66a7f2a156925281L,
-        0x6f478d9b2a604fb8L,0xcbc72e9e60f7c436L,0x0000000000000021L },
-      { 0x5bf75682d9c31e98L,0x74d5cd73c8bce143L,0x778bd5f1c700e94aL,
-        0xb01480c73a66b233L,0xc667f078688df0ccL,0x780c73e416bbcf57L,
-        0xb77f5ba9485890e0L,0xd62addf5b9ddacb3L,0x000000000000017dL } },
-    /* 9 << 21 */
-    { { 0x672c965fd2ab32f9L,0xab2a374db95c87a1L,0xe4fe8139aa132e05L,
-        0xb98cbbc73f85bf7aL,0x725d68d9d7ccb3cfL,0x582b15ae213f62efL,
-        0x11c9b3fbd26e9f8aL,0xbeaca8d74076121eL,0x00000000000001f7L },
-      { 0xa1ba33fa48888485L,0x9bdae7eee5ea2744L,0x4ac9910c709eeb17L,
-        0xc40fb92fba0596edL,0x5ae8178f018b8c4eL,0x195d2620536bad49L,
-        0x6ae6807272578ac1L,0x6c759dc05272df37L,0x00000000000000b9L } },
-    /* 10 << 21 */
-    { { 0x28b82948eb24a59cL,0x0bf25c631b236d05L,0xd387a58c49bfeed9L,
-        0x2dbced2791685729L,0xa1cb27d76177f87aL,0x090e003097e13ddfL,
-        0x20eb9c50449d6867L,0x83a4a7d47cf7d05eL,0x0000000000000055L },
-      { 0x65e05f87d0f35fe0L,0x655acaba791ab720L,0x55a8ce4f5da1223cL,
-        0x995fb0091d34dd73L,0x20286c23a837ca4eL,0x9fb1050b368d1ad1L,
-        0xc5fa244d09ee2148L,0x6cfa02a5fdb0a25eL,0x00000000000001b1L } },
-    /* 11 << 21 */
-    { { 0x22421cd9ffa96a6dL,0x9d55702c11437d61L,0x7321fa9eeefe0024L,
-        0x6dcd329c64264faeL,0xc46bfa2b9df8f072L,0xae3d0b0bb712b9bbL,
-        0x58872fd2843ca51fL,0xfd7ba4be6a587093L,0x0000000000000085L },
-      { 0x6a5d962f34e5cb31L,0xbee0621565638aaeL,0x1c6f68bce79e0fa1L,
-        0x2a909815c8d586b0L,0xcd970a5f1e6c2e8bL,0x5d111730d4788cdeL,
-        0xf1e99fa3f9502cb7L,0x2820507bb7a2fea9L,0x000000000000015bL } },
-    /* 12 << 21 */
-    { { 0x2840a083925c2709L,0xbeeb776d988e40dcL,0x9d2307cb281c1df1L,
-        0x17b077868a93579dL,0xec15d5f787d44e7eL,0x78b701a8e8f57a6eL,
-        0x514706b67b1c05ecL,0x7bde81a7918bd719L,0x000000000000014cL },
-      { 0x41d47f48d22c8109L,0x48389e6b0794bcadL,0xb520a2fd65114ee0L,
-        0xad7526c779202240L,0xc25e665af69e5952L,0x180f827aab014a8dL,
-        0x7ec96758db437718L,0x16b626051ae01bf2L,0x0000000000000159L } },
-    /* 13 << 21 */
-    { { 0x338766eecc06a7bbL,0x38189d60f59f6fb9L,0xca63fefc094f4b7cL,
-        0xfadabb8f08ed44efL,0xf56c6c633c5674aaL,0x2ec1c71c3c5178f4L,
-        0x9a2f00872b225bd4L,0x7cbf794d2016171fL,0x00000000000000d0L },
-      { 0x08fc4051c49781faL,0xacefd0a45580fd95L,0x2f99b4e639b0e279L,
-        0x88bc9e961fdcb4f4L,0xf3a44b826f6877a2L,0xf16942811529b850L,
-        0xc94ab84f2fac2a36L,0xdddea7e816a99317L,0x000000000000007bL } },
-    /* 14 << 21 */
-    { { 0xb6fa89c0c3d79838L,0x05627f88d9737181L,0xd82f21517555d940L,
-        0xc6f6a5ca0013b808L,0x54dd8d247472b0c4L,0xbe50f040fb2fe264L,
-        0x43656c23cfed9e37L,0x35bd9e4cb5cb0103L,0x0000000000000150L },
-      { 0xb9da98d1c1640493L,0x6f00d8cf3420374aL,0xf9b4f2fab2892822L,
-        0xb2d967e790404bd7L,0x520b40fcf966a3e1L,0x4eb41624d081f30bL,
-        0xfdf4f5d90f5d4fefL,0x49b561471a1cf19bL,0x00000000000001a5L } },
-    /* 15 << 21 */
-    { { 0x5312245c641ed37aL,0x88c4f135b0b9a3d5L,0x30d1dde090934ee0L,
-        0x2b24f2af7109bd4bL,0x9894c85859f2fef6L,0x0c3a394918ea397aL,
-        0xb69afb5c6556487aL,0x3e722abc2b37f147L,0x0000000000000014L },
-      { 0x4f3625ece9d75120L,0xe8bc9f6e760f4777L,0x5ec9f7ad26990adbL,
-        0x12ce89f5a71fa52bL,0x162ca13a59e66240L,0x30e35e8e2c327a19L,
-        0xcc9671c352274f0bL,0x1c3179a8ad16ddeaL,0x0000000000000043L } },
-    /* 16 << 21 */
-    { { 0x173ab94cd4820fa0L,0x6ac5ae1344f0e094L,0xf67c3f7164fc4c70L,
-        0x2648a59a2ad78517L,0xa7b344939505580cL,0x8cab6b445a741d25L,
-        0xfe41bd4563355fa6L,0xd2731f41d1091a6dL,0x0000000000000096L },
-      { 0x2550a62286e4f90dL,0x65fa978b80070b03L,0xf3ac57b5e3b526a5L,
-        0x8e9207bcf84fa4bcL,0x675a8e31f88e6047L,0xf648cc7c9050ddadL,
-        0x1fd62dbcbc5b7dc3L,0xcc0960d696f0aeabL,0x00000000000001daL } },
-    /* 17 << 21 */
-    { { 0x35b9693643afc702L,0x7ab761253f64bf46L,0x74536901af94fce5L,
-        0xc398a29f000050c4L,0x253372e11f61a444L,0xbec32a601a7a968eL,
-        0x30f79ca4d32cdd9eL,0x8fc8a273d36aa188L,0x0000000000000199L },
-      { 0xc1011950aa637877L,0xcb16308c8348afadL,0xbdc517d0d75d1a04L,
-        0x2416e9476e49496cL,0x536ff3587ffa91ddL,0xebfa91de093d5f53L,
-        0x153def3fb776f2e9L,0xa316de0622aae585L,0x0000000000000077L } },
-    /* 18 << 21 */
-    { { 0x993330c9fc3f22cdL,0x79577855bd4eda29L,0xa63d19d45c666141L,
-        0x0ccb6a6a0146d928L,0xb074cc0b404bc7b7L,0x1f7a96006b8f40e2L,
-        0xbd70c74eecad6cd4L,0x822420f05348f77bL,0x0000000000000151L },
-      { 0x4a3aacda27f09596L,0xaa0514071e083dd4L,0x0424ddfeb91831f5L,
-        0x0131f82ae4d16705L,0xd233fc30983d9eb6L,0xfc5e1759f3dd3cd0L,
-        0xa114e50adc95864fL,0x5ccf299fd01ca0b8L,0x0000000000000019L } },
-    /* 19 << 21 */
-    { { 0x4addcb6e89602aeeL,0x0ba1477fe7a864c4L,0x6896c0d0f2013ee4L,
-        0xf5447fc09de2ee99L,0xf2325a0a377aab46L,0x96715e9cc03d1c27L,
-        0x3c1b0e332e7c82afL,0xb8a1bc163c32e96fL,0x0000000000000124L },
-      { 0x5285e546d427a41bL,0x1e61fb9d07e6faadL,0x6fa31b8c157445aaL,
-        0x613502752276672bL,0x53c4145cc150c553L,0xefdeade47ae2f69dL,
-        0xedfc8ce4622f4c92L,0x30cacfbd5ecf6936L,0x0000000000000156L } },
-    /* 20 << 21 */
-    { { 0x49d65486dfd05db3L,0x18ecda88925480efL,0xe5b4aff93f652a32L,
-        0x80fbd64756e37478L,0x62442ef6e9be38ecL,0x8dea0ede229ca487L,
-        0x59628d74c45becfaL,0x235003453f7398eaL,0x000000000000014aL },
-      { 0xd54645dad2ee9439L,0x35245813ba3abc64L,0xe3fc1027aa7cd95cL,
-        0xeecaee6787f95eb9L,0x9985e5e9fadb71b8L,0xfe172fffbd62ea7fL,
-        0x08830ae729eba895L,0x32f7a9479ea9c27aL,0x0000000000000167L } },
-    /* 21 << 21 */
-    { { 0x770d7b309a9f0e06L,0x205abc30d3efacefL,0x2066b6add8556b1fL,
-        0x2c8caabeea298703L,0xaf766f04735b610dL,0x7c5f3a1083028232L,
-        0x92971e06f3c16a5fL,0xc5f89af1fb4e3fb4L,0x00000000000001f1L },
-      { 0x0a43e9f2974cc63fL,0xe8c4f4a95430a8a6L,0x7ddaf6fbfcb45c3dL,
-        0x40f4d1e3666ef219L,0xe11fa195c2a08ba7L,0xe4176c0448cc0ad3L,
-        0x31da8dd0809145e8L,0x528f736389a99e31L,0x000000000000009aL } },
-    /* 22 << 21 */
-    { { 0xe30c5fbf95151b35L,0xaaffaa4c155b8c7dL,0x4033f52aae3e24abL,
-        0xefcad4675b76fa3eL,0xa0bcb1bd465985c2L,0x7640ccc01c9d6d1eL,
-        0xae11fe7dc809f0feL,0x33f7a2ae8005b8ffL,0x00000000000001c7L },
-      { 0xc69cf35dc2423d81L,0x773a30c54c072a0bL,0xefdf7d157240291cL,
-        0xdd1706dd64a77c60L,0xd313db32365ddda5L,0x3d4114c15a818bbeL,
-        0x83081bbb0394b6b9L,0xf661d4963d411defL,0x000000000000011dL } },
-    /* 23 << 21 */
-    { { 0xe5de8769bd6b5de4L,0xbcc2c3222ca8a529L,0xc18bcfbfe5d4e70dL,
-        0x9756709ea7699d37L,0x3b89a6dbe98a7c6cL,0xe184ab40dd776ae3L,
-        0xfd37deff67292edbL,0x462b1ccb170fc654L,0x00000000000001fbL },
-      { 0x3009aa92647fbcf1L,0x8785ad4545f17f6bL,0xae5f59f29bda68c3L,
-        0x77316cdb713844d1L,0xc3895dbe491a5e2aL,0x6dcdee854abfe1d4L,
-        0xfcebdedbde5388b7L,0xf805a43359094b22L,0x000000000000019cL } },
-    /* 24 << 21 */
-    { { 0xf7ba638d767335cfL,0xb6fb9463733c2346L,0xa0e475a1ed81c85fL,
-        0x5d2fc9f1cb58e955L,0x941fbdc675a1dfd5L,0x732d6cea0f14f1c2L,
-        0x4c13e55921367160L,0x5ba5a950ef0e8d39L,0x000000000000007dL },
-      { 0x355dbbb2bbeb43f6L,0x0adaf151b3505972L,0x01976a0482f0d0baL,
-        0x080824b6fd4be88bL,0x8392b272f4424f37L,0xdc69d67872f6efd8L,
-        0x0a4b8ba4a06b0ca3L,0xb731404cad3fd7c9L,0x0000000000000119L } },
-    /* 25 << 21 */
-    { { 0x8c4b893e8438ab04L,0x426e9c015b7cbc7eL,0x3a294e956f565d53L,
-        0x69f98657888e6f0cL,0x6a9486adf5b803f6L,0x687e5264ebcd577aL,
-        0x6cdc93244a205a78L,0xe10a9e9101c97e5dL,0x000000000000001bL },
-      { 0x42d58686fb52764bL,0x157871b80b39ec31L,0x75a0505c0126704dL,
-        0x96dfd8c2437c5a08L,0x5302bc74e97bb9d4L,0xcae0092ca0fbe05fL,
-        0x4fbf134085caaaa1L,0x6d4de19cce5683a5L,0x0000000000000139L } },
-    /* 26 << 21 */
-    { { 0x45d1b5e3ae0d2bd0L,0xc13cdbc8ef5c8f0bL,0x662be7feef589951L,
-        0x423d544a2ef4171dL,0xe796a4fd9bfaa54cL,0x5e9de83af9b57752L,
-        0x2042c3e8074e5cbfL,0x6c4961a3ae564697L,0x0000000000000001L },
-      { 0xe64d92cdaa69b5edL,0x7ca022404de0366cL,0x385792b3c4de9d34L,
-        0x75b4e2b8b781fad5L,0x77d2671da5772294L,0xc636df75604302d1L,
-        0x35987ba57c003a82L,0xcb61e2501756909eL,0x000000000000011aL } },
-    /* 27 << 21 */
-    { { 0x399a20701976dae9L,0xf6f2e4571b71d3a9L,0x0bfd6fc7e9b58f96L,
-        0x8164107dd991b706L,0x7fb03af7769ff866L,0x0af6920107c255c8L,
-        0xdf5033bbe1aec752L,0xedd2e23d0349d656L,0x0000000000000030L },
-      { 0x48b220ca845c71bdL,0x60aab3582feac689L,0xc6d4210a5c225cfeL,
-        0x5b76afddcd64d859L,0x006a820512c63e37L,0xfadfd8bbe741c044L,
-        0x1bee33806de9fb14L,0xc9e8b7a6ac7fb855L,0x000000000000005bL } },
-    /* 28 << 21 */
-    { { 0x03e7b349f5aa1704L,0x2b9687f12b58ae4bL,0xffcdf578bed31f46L,
-        0xa9fe8c654e9c3260L,0x6ba91059a84d3576L,0xbe8c2ce937adc2cfL,
-        0xee24bad42fb77257L,0x44fd20b693ddc7b8L,0x00000000000001e9L },
-      { 0x0712f3d6af6ae6cdL,0x514a5d50bce47d88L,0x4c6cf0d6b218f3e1L,
-        0x7d9faf6bbe3ebfe3L,0x819449e21731f3f1L,0x7f24451d0be0a5ebL,
-        0x5fd2cc6d6f0fce5eL,0xb9ad4dddfc0930cdL,0x000000000000015bL } },
-    /* 29 << 21 */
-    { { 0x89bcb72f2965c1a3L,0x78ed158faec32473L,0x267c90783c9aaa3bL,
-        0xd76fa6e14f0cd352L,0xebd853f87afb0f9bL,0x95af77ace6185ea6L,
-        0xe4203b726f3b8b65L,0x7ac011da5e19c531L,0x00000000000000d2L },
-      { 0x6a32dcf32bb4a48fL,0x175e8a50892a8375L,0xd4c5362a9b6237f1L,
-        0x82a7c950596608d4L,0xae9aded7238fb8faL,0xfbdad9713df49d9bL,
-        0x53f6cf7db8a3ecdeL,0xdf1be8c023bb25c6L,0x000000000000001dL } },
-    /* 30 << 21 */
-    { { 0xe0af085cad265654L,0x96a9b06d0e9ba333L,0x0498e6bb80075bf9L,
-        0x0774434cfcf89a88L,0x15763bab9d96f967L,0x7ad273ba38775e47L,
-        0xa68abae987147b51L,0xc5afb6878f85dc73L,0x000000000000009eL },
-      { 0x189583a3e29591afL,0x6ab0c471c24ca220L,0x76fefacd27b4fd7dL,
-        0xc550d3513e87b357L,0xae78a070f6961730L,0xc3a5de91c814eb1aL,
-        0xdcf655c51e9f0ec6L,0x1603d1090f632d7eL,0x00000000000001dfL } },
-    /* 31 << 21 */
-    { { 0x655aac17eac519cbL,0x067206c2476f0c95L,0x4ae4ba9e51b4934fL,
-        0xb1c15e7aa0cbfd9fL,0x7fed60c898298b00L,0xb3e6e1a265b6c888L,
-        0xf518f046f462720fL,0x3639f35c665b8764L,0x00000000000001c0L },
-      { 0xdb15a3075d4b45e6L,0x84723914fcfdc41dL,0xcaefb6d932ec163fL,
-        0xd1731f430c7b5872L,0x85d686fd05f934e2L,0x513e444327b0a36eL,
-        0x2d051e22c7b3369bL,0xb4398e0fd3c6239dL,0x0000000000000184L } },
-    /* 32 << 21 */
-    { { 0xddd7a0733f0741e6L,0x6d74b1e2a4689d58L,0x6f6037646798ba3cL,
-        0xdc038772b996b179L,0x6e7e797ae1668e1cL,0x551f4a8e3e285251L,
-        0x705484e5e67fd032L,0xa65fdfcdebcceea3L,0x00000000000000eaL },
-      { 0x33a1c053acfc4123L,0x25030e6abbe1fd24L,0xd9d6af7100d3d90cL,
-        0x063f818bade7d232L,0x99630ac3521ce597L,0xbb594d0eb9ea28edL,
-        0x3f61acbd3a1fb8eeL,0x7e00686f88caade2L,0x00000000000001a8L } },
-    /* 33 << 21 */
-    { { 0xbf04c2f10188a108L,0xd97a675f9bd5cac3L,0x7cf307ba3d550f85L,
-        0xd92bf5638175fa0cL,0xc0b15ced245f8262L,0x21bc381f3ac2e314L,
-        0x0546ca1b630688d0L,0x175e7dc3c4b4496bL,0x00000000000001beL },
-      { 0xbf335d90428c7969L,0x0b0387dd9505806cL,0xa6ebd4a0fef04f3fL,
-        0x019c08a6f16cd1eeL,0x159f950c8516a54dL,0x884c6b4c08e3a0ddL,
-        0xb24a63a5f481327fL,0x0f59393fc58c7694L,0x000000000000006dL } },
-    /* 34 << 21 */
-    { { 0x9e5dfe7511482722L,0xd5cab6054b5e60d9L,0x4fc124c7091e9a56L,
-        0x1bc8ffa6100bd803L,0x415d2974a1c1f05eL,0x5deb11b2328462a2L,
-        0xad47e4ee7cb76829L,0xe28e8cb0734c35faL,0x0000000000000156L },
-      { 0x01bfee8e695d79adL,0x632fa08695129a0dL,0xdf01f6b258964d2cL,
-        0xa535f7780eb0c0feL,0x437acc8b6f055b47L,0x1e090aa3051435eaL,
-        0xabb69b8a1ab3ecedL,0x1ef06b846365da48L,0x000000000000018bL } },
-    /* 35 << 21 */
-    { { 0xb6a65d464fa97150L,0xb19c96e55e1dcaa9L,0x2a6a862687e3b1c3L,
-        0xd4b9123d8d849559L,0x56b91af2419166f0L,0x84129be9531e2638L,
-        0xfb4a404a41f85918L,0xd871249af9933f3cL,0x000000000000012eL },
-      { 0xefc9fb3fc819be78L,0x3c47fb8f43aa377fL,0x431fa13f86e32edbL,
-        0xa6fca0c0f64f51c5L,0xd04a845a6d65828aL,0x2c545f532d623133L,
-        0x979e09ca20bf1330L,0x64b6bd355d28805eL,0x000000000000004fL } },
-    /* 36 << 21 */
-    { { 0x2303e5e45b1a63a6L,0xa8610396589d2437L,0x27c48ce9d7d1d687L,
-        0x5032499a49a2c92fL,0x30727e711af2969bL,0x2668c8f074c335f4L,
-        0x9d11c2808dc25fe6L,0xc1523a37506d1e4dL,0x000000000000010bL },
-      { 0x8709ecf62fa178dfL,0x0eb58c3af8acc7d4L,0xed6a352bd28b9c62L,
-        0x9b232108faaa811eL,0x0cb3f9aa038718f6L,0xd05191930f05ad17L,
-        0x67bf6bec1293e6a5L,0xa3508a7f9abd18f3L,0x00000000000000dbL } },
-    /* 37 << 21 */
-    { { 0xf1555428b42a7bd1L,0xca229f80867797e1L,0x23196735437fd7e0L,
-        0xd6fc95759fda4046L,0x8731b144c2ba4501L,0x748a43a0bda4783bL,
-        0x52878286165a1976L,0x345e999725fe070eL,0x00000000000001d8L },
-      { 0x0193b975d77d2d63L,0x9d406d507cb07465L,0x5d583f3f36396728L,
-        0x236de10de9208950L,0x5f11d5c8ad10ddd5L,0x5d6a91ce792b9f41L,
-        0xf7889239e0f9ed3eL,0xa6278c8f7ed1f09aL,0x000000000000003aL } },
-    /* 38 << 21 */
-    { { 0x4658a9436e35bfe0L,0xf279bf8ffef18cceL,0x3d61d8ba12d3e8a1L,
-        0x67988c8558473f0cL,0xecd48fb0d8032914L,0xb5c547e7a044eadbL,
-        0xf1f61987b5cf8144L,0x90c69abfbd65f4c5L,0x00000000000001d6L },
-      { 0x6dec092ab30cf08aL,0x5a64596a78a36a3eL,0x53cfc2f19e10edc3L,
-        0x82422ac095ce9b54L,0x0b10c3c0c6b2c86cL,0xc4dfc68d6242e7f4L,
-        0xcd0fc4557cc7de9fL,0xe0a9c2568e4beec1L,0x0000000000000147L } },
-    /* 39 << 21 */
-    { { 0x7dcd4b4eb68ba235L,0xcaa7d77bd7b38b21L,0xcd6cb4594112e083L,
-        0x04b016fdda7d8cafL,0x5c12612e23c89818L,0x02ba59c59b3e18caL,
-        0x834f4c029a9ffffbL,0x5da192d72e725278L,0x000000000000003bL },
-      { 0x3aede0a9980ddff6L,0xcc057c5354ec8b06L,0x7467ec0755f24b26L,
-        0xb3e3163b82166403L,0xf3b64bb023f83247L,0x92f1e85be0a32218L,
-        0x7995216504903b6eL,0x0e3d1d200ffbaf22L,0x00000000000001d6L } },
-    /* 40 << 21 */
-    { { 0x1730b2a5c9b816e5L,0xf2c2a1bb5531ee33L,0x1da21329659e0b2fL,
-        0xbec25192c88bce0cL,0xddd4b9e6ac6f52abL,0xf15bd68f9e4b9f7dL,
-        0xea9e12e67d249b4fL,0x56a65055451abab2L,0x000000000000015dL },
-      { 0xc4d7dc72c4b6910eL,0x5fd335922ddff22eL,0x43e429e2b8287af6L,
-        0x258a4647a1585685L,0x31f72f413b62ce95L,0xf63172fa57933b4fL,
-        0x54749d3a0c5cb4d8L,0x514da5d28cc931c6L,0x00000000000001deL } },
-    /* 41 << 21 */
-    { { 0x896165235e844515L,0x0445b78da349dfaaL,0x2d97809a98cd85abL,
-        0xa26356f9acd297c9L,0x23138b25dfcf5a42L,0xf5c56101752030d3L,
-        0x561b7e4288014607L,0xda38360218c12c54L,0x0000000000000052L },
-      { 0xa13a8ae1f3c90e7eL,0xdc8c1d54456ccc88L,0x88f1c0dc733a77aeL,
-        0x55e1567fceb2924fL,0x300ab8cef0291fc2L,0xe4710c77ed9f68aaL,
-        0x623ef9b378f1c0afL,0x90b6c115031e610dL,0x0000000000000055L } },
-    /* 42 << 21 */
-    { { 0xaf881c6a5ed47898L,0xd583a12d314be8cbL,0xc871d32a13385ecbL,
-        0x4a3b26ef9abb78b6L,0x10bea9273313c278L,0xc5e4fef09e2de3c5L,
-        0x899e5a357f670b65L,0x7af654120a813003L,0x000000000000000bL },
-      { 0xab30982a8e0cd895L,0x3ab1a9f32bbae855L,0x1cb2164cf9f45ea1L,
-        0xdad048026dc7de22L,0x31422acf309178deL,0x86ba73a70880dc8bL,
-        0x53255902a44f7762L,0xf8b3d2e6ac090679L,0x000000000000015fL } },
-    /* 43 << 21 */
-    { { 0xc81e8be2e96fc1efL,0xe9b8e8ecdf4a79a0L,0xcef3624371875b4bL,
-        0xb76d0eb976c9298fL,0x04a9f25a7a2f4f86L,0x5ebfbe16b98eed69L,
-        0x591258f21cb923a3L,0xd2704654ca8f4451L,0x000000000000008cL },
-      { 0xa74e395adab82d0eL,0x1838dbcba15563c4L,0xcb3ad95626785cf7L,
-        0xadb39a9392ecd059L,0xbf1440198a788f6cL,0x75a7eb68cdfe152fL,
-        0xb637e415a521d720L,0x2224b489166357b1L,0x0000000000000144L } },
-    /* 44 << 21 */
-    { { 0x7201e2d03e49e1acL,0x11258a5fa85d74edL,0x3d5f97d1aa5d5c55L,
-        0xb0353c296874d83cL,0xbb008111fe79c52fL,0x1bb9d0a52da4d5d7L,
-        0x6c0efdbd45897053L,0xc65636e774481945L,0x00000000000000c9L },
-      { 0x71b21b9b33347b52L,0x84ca3f41d1ced26cL,0x49d65cb043c68921L,
-        0x601a6edc743b9e48L,0xa97dc603e90fc101L,0xb42db9c7d4aa7153L,
-        0x4440eced6c624cd8L,0xcf52d4b8c03036a6L,0x00000000000001e2L } },
-    /* 45 << 21 */
-    { { 0xb6b5541f80eea99bL,0x5e05ba1d0d5c66e2L,0xda681cef35ca870fL,
-        0xe9ce25959f52ac0eL,0xaa144a0897103546L,0x2e8adeea8bc0324fL,
-        0xde71c23196352390L,0x5ffc158b1190a231L,0x00000000000001eaL },
-      { 0x5a6d7ebfd3c77423L,0x087f3be2aadf36cfL,0x44b7382ecac813f8L,
-        0x9a7ea85fda66aca5L,0x7e5e106813af7225L,0x40e6c5730690c976L,
-        0xe2bb8ee55cda95bcL,0x89ab8fbbc7d15d87L,0x0000000000000131L } },
-    /* 46 << 21 */
-    { { 0x2b26bc1e17ca1ea5L,0xabb1ea0d563a9b23L,0x4cc07a7612c5592cL,
-        0x752dcb1940938649L,0x8fc2268dba4358cfL,0xc345a36ba21931cdL,
-        0x89df99fef439d9cfL,0xd9befa2b4f0c2580L,0x00000000000001c4L },
-      { 0x01e1ada7484a52cdL,0x4e80d9c73ea4c56fL,0x48c0b1526b8a8abaL,
-        0x8a3649d3a4a434e3L,0x9c200c7ff18df9beL,0xe4cf8e1570e9b087L,
-        0xe5ac0206645b233fL,0x1ae5ea925372333fL,0x00000000000001fdL } },
-    /* 47 << 21 */
-    { { 0x56086f88e91f967cL,0x5b068412777b581aL,0xdc912cb06758892fL,
-        0x619754c616bcc341L,0xd9e47125e612c547L,0xc12c85685dc7a039L,
-        0x40e97019a27fd186L,0x7959dd2a02b1678cL,0x0000000000000006L },
-      { 0x586f5aa0a27d91b6L,0xc2305d49c6dda71fL,0xf2d049553d6d14cfL,
-        0x9e617cf9d31a1d03L,0xa356ea57cf1d8491L,0x65704bd38b75a624L,
-        0x5fa767156b36400aL,0x975fbf3565a5489dL,0x0000000000000180L } },
-    /* 48 << 21 */
-    { { 0x0febef06cb4a809eL,0xa8af434c261b4facL,0xe3b7185059d1e70bL,
-        0xb62f01e45d1c24f4L,0x8abe4e3db303a2ceL,0x91a5a10f36e2c2a8L,
-        0x710bd5ca7e472ba9L,0x14a31aa677a05ff7L,0x00000000000001bcL },
-      { 0xbadec183453e07baL,0x54c92ec41e3087a2L,0xb87b0b724a6e06a3L,
-        0xe26c6162b5507e77L,0xeb64a07175faedaaL,0xde1c75464988a08dL,
-        0xe99b34851ff0a98fL,0x29a660c2053f0e60L,0x000000000000013aL } },
-    /* 49 << 21 */
-    { { 0x06ed9df68c85e279L,0xde8923fb07d26dabL,0x9de21f265df321eaL,
-        0x46573469d2739ec1L,0x9bd77ab28eaffbefL,0x99493fc132417837L,
-        0xdbdb09c5fa664abaL,0xa128e72276e35b38L,0x0000000000000108L },
-      { 0x89bd3d466e299be1L,0x909cae0e56999cb7L,0xd14abf38cde8b394L,
-        0xb449bc09d7c8d422L,0x0a2f935904ef1f5dL,0x164492d22c962ea5L,
-        0xc334ff1d4322bdc8L,0x0ac21031d0e9b113L,0x00000000000000ccL } },
-    /* 50 << 21 */
-    { { 0xf0185304edc95e01L,0xc200becd9186d5d5L,0xbc9946c03722a9d4L,
-        0x73d2b80aee0c0f7bL,0x3ffac114c25f680aL,0x86a201b64940567eL,
-        0x1744de6eddd392baL,0x9a30fb2334cd027cL,0x0000000000000078L },
-      { 0xc5e2e29d26372a22L,0x82a3e1cb9ea293dcL,0xd470ef090b09afa0L,
-        0x44a6a43be89990a9L,0xffabe7ec82f9f8bfL,0x8c1227e6f274a2b8L,
-        0x73b2f7bba3b60869L,0x1b2510533ae49e15L,0x000000000000003aL } },
-    /* 51 << 21 */
-    { { 0xc6ce482996fffaafL,0xc3f952ef261e06b1L,0x0d07b3310380850fL,
-        0xa2e1b0974bb1fc31L,0xf060f318c059a3c1L,0xef8ae3b2316feff5L,
-        0xc8cf197fa5686663L,0x5f974b59e2cba233L,0x00000000000000e0L },
-      { 0xcc26bce6f24e9213L,0x5d59296170c1bfbdL,0xbb4681d331d2656eL,
-        0x4271c96450f0683fL,0x5a9976d944783a96L,0xd3ed0a6a41eea6ecL,
-        0x9f24f797beae86afL,0xf38112f792dadcecL,0x000000000000001eL } },
-    /* 52 << 21 */
-    { { 0xba2cf7c45cb6324eL,0x7bba7a0805b7da17L,0x53084c6758c59b62L,
-        0x2cd1c9a43cab8df1L,0x0cfd3c151f38d256L,0x373df9d2a34a65bcL,
-        0x88a92c31e815057fL,0x11b2a0e5b8c0cad1L,0x00000000000000c5L },
-      { 0x97f74ae939d6533fL,0xb04e5e9516c73570L,0xf7a53b4ffa446dfbL,
-        0x61dba2b24b4d094aL,0x24fcf80996f67da4L,0xea60ebf50b21ab78L,
-        0xe4d76de60bf97bb5L,0x95032a893c1883bcL,0x000000000000008dL } },
-    /* 53 << 21 */
-    { { 0x55ae0b1461612346L,0x9b0f5c01b19b690bL,0xed0a114eb5185164L,
-        0x852e56403471d444L,0x54c370df67c7af55L,0xf3573f9e9df278c9L,
-        0xf658b02c593c852fL,0x353dc49805bbf9f2L,0x00000000000000ccL },
-      { 0x3f5d30ef08d3da4bL,0x40be4093f479393fL,0x67b87661778da315L,
-        0xf50ef8637512f2ccL,0x4c8c728ab69c92c9L,0xb8a11ef63cbf14a8L,
-        0x75df83bc26cd8287L,0xa4cf8319c99c3d51L,0x0000000000000054L } },
-    /* 54 << 21 */
-    { { 0xd5b6600ff0c1462eL,0x532c6476588cdddfL,0x97737ad126ec65e9L,
-        0x88033b8f801516dfL,0xf9c06f4a55cfa617L,0x5be87436cb5d8557L,
-        0x4245d3d2f48c909fL,0xeb3b54849a6b09b1L,0x000000000000016dL },
-      { 0x377762c7c7ff074fL,0x62240f289ec0af00L,0x47dfdc3ecc3b8a22L,
-        0x70a10d983d40f5bcL,0x61657aba05e18781L,0xb7c112fa31910613L,
-        0xdc29680dfb3b31a7L,0x00aafce3d41fe224L,0x0000000000000102L } },
-    /* 55 << 21 */
-    { { 0xcb71ba5711096104L,0xb0ce7ba638a2b20aL,0x808983acaa6ba1feL,
-        0x21cab98eea2ddbe8L,0xf7e656439f7d2f9aL,0x687d4d7ac9df8af6L,
-        0x342af3932ccf2d82L,0x0352c43ac6a8fbdcL,0x0000000000000052L },
-      { 0xa968c9be5fb47434L,0x3135271d91ca8cbeL,0x7cb25ca5e3f8970fL,
-        0xc427d97cb50ea245L,0xc5144f82bfadd4b8L,0x54473d162937e958L,
-        0x9b5c789b8cb41622L,0x409ccf55ddc0786eL,0x0000000000000114L } },
-    /* 56 << 21 */
-    { { 0xd495b0ec16eba181L,0x834a505a76f4fb91L,0xd1950cf8db3b0c92L,
-        0x5108e0cdbf6bd68fL,0xd8492e459f777ac3L,0x2caa1a4e184f5a9bL,
-        0xfbb91ea5ce860f91L,0x05957c32597025f9L,0x0000000000000097L },
-      { 0x1774a862b07d29ffL,0xcb4eda89cbcc928eL,0xa19276a102ad819bL,
-        0x3d0cacf6f5af5b3eL,0x8dcec31f3bdbc653L,0xaad437092f1ade3eL,
-        0x544e97c3574e10b1L,0xd4364902c62c4debL,0x0000000000000077L } },
-    /* 57 << 21 */
-    { { 0x1c617b0ec7454b5aL,0x192f8da5688d212fL,0x8bb3ad324dffab82L,
-        0x921d0b102ac4cb94L,0x11a93e54698b156dL,0xbbffdd46ba176214L,
-        0x29fbe579b563b65bL,0xf339c5ead20f3224L,0x00000000000001fdL },
-      { 0x425dfbffb94c9ba7L,0xd5bd477b25caf944L,0x99c838ffe4b5755eL,
-        0xc25eb25038c573fdL,0xb5118d7f75ed773bL,0x44f6e5e8e6ea5b48L,
-        0x2ca7102a8a7e4c4aL,0x0124d2c29c4f4fb8L,0x00000000000000c0L } },
-    /* 58 << 21 */
-    { { 0xa364e55cbfc650f0L,0x1a2b834413857077L,0x0f38bd537e8e2025L,
-        0x61829061f7c11262L,0x7e9710e7c3c52c38L,0x9d61eb0b5437249aL,
-        0xe968f5e104c73e0dL,0xc086474678394fb5L,0x0000000000000185L },
-      { 0x08333228a65f7f47L,0xcb026a48269ef9c3L,0xdf7cf0f3902d129eL,
-        0x7fba1a847a5fd75eL,0x3f7338c577e5e332L,0x24a06483c7545ae0L,
-        0xb84bdda926f22ee7L,0xef0538ff3c3d5295L,0x00000000000000e2L } },
-    /* 59 << 21 */
-    { { 0x7cac9163c6f9388cL,0x91c49193705210dcL,0xa5c1088c1358a451L,
-        0x7b6710a56e928e99L,0x98d4263179fa67b4L,0x31932728f9f623b3L,
-        0x27ed2f252417899eL,0x6900af3df6e9651dL,0x0000000000000044L },
-      { 0x7021421eb17ee12aL,0x9dfd837bbcafe310L,0xe54f136b84cdd344L,
-        0x0943bddb5f7875fbL,0x23786b2bbd2ff324L,0x758d4cf386597884L,
-        0x8e831868849cb1f8L,0xfbb48f93c01a2e6fL,0x00000000000001b9L } },
-    /* 60 << 21 */
-    { { 0xaf3720cc32afdff7L,0xcc84e0db51d60c35L,0xedf89c0a595d2b23L,
-        0xfbb1fafb0c9c0f55L,0xe3556b3b8b9b6aeeL,0xc208eb382f5e0a50L,
-        0xa8ee4fa226e707feL,0x65ce95e5b043519eL,0x00000000000001e4L },
-      { 0x05eb17d3ca16c880L,0x617a63a31f1e4c1bL,0xb8aa601ff35ebf94L,
-        0xaf515b4fc5022f1aL,0xc98f8f0a17a2b7fcL,0xa768b9ca67e03fd5L,
-        0x67e6d9afb2e5670fL,0xf069de05d217f764L,0x00000000000000c1L } },
-    /* 61 << 21 */
-    { { 0x90211eba92f1a89dL,0x8a3418ed81b3b80aL,0x0150ed13b0ea17d5L,
-        0x5fc05e99bddb5ff9L,0x3db25dcec5bd9918L,0x50bdec38c09beb7fL,
-        0x34650128159c352dL,0xdf63ab922366df69L,0x00000000000000f1L },
-      { 0x15595a9127aaacfaL,0x4b262b893f0cad94L,0x750f5c4e8ffe4bbdL,
-        0xc7c6cbdf6617b6f5L,0xc96e50343fc54c60L,0xc0bc517912e64bc3L,
-        0x145b25c60d79b77cL,0x049ab957d4b9a2fbL,0x0000000000000044L } },
-    /* 62 << 21 */
-    { { 0x127e4b38a542a8b1L,0xdd85f0c3e2f444f6L,0x44ee07fdb6e479fcL,
-        0x59ef243a40f4a51dL,0x1e0e83ac6f8ae9ffL,0xc7de39577fae0abbL,
-        0xc911c37f62b89c14L,0x998e3826b3ff9facL,0x000000000000010cL },
-      { 0xa45e8947bb8b084eL,0x5a4ef9bf80029d67L,0xc371f57529b4c9c3L,
-        0x1b4c0fbe77732c86L,0x3bd5da09a6282a9fL,0xd668e0a2ffac1e00L,
-        0x2df2a2a08aae6398L,0xa4ab9fcd898755b4L,0x00000000000001ebL } },
-    /* 63 << 21 */
-    { { 0x1935900b9cdb1e23L,0xa2ad33fe0d798a47L,0xa53f7a0a7d291929L,
-        0x320277e12e3a69e3L,0xe5139222cfcf9a38L,0x2ff86f3bdb790cd4L,
-        0xc0bf4565f22c11d1L,0x565340d652a81f8fL,0x00000000000001a0L },
-      { 0x16ce3752e31fc3cdL,0x948e3a7d7e402490L,0x2e2c0f7e5343bb9bL,
-        0x17956f666ce73ee7L,0x93ca1925cce89b93L,0x6b3d128c41464004L,
-        0x11370aca5c4abe8cL,0x70abf93623032806L,0x0000000000000124L } },
-    /* 64 << 21 */
-    { { 0x87daa931dbbc43b6L,0x882a2421d1895005L,0x6013f2ba7aae1124L,
-        0x01d2a8f0bad34df3L,0xdb1b7f432f0b3d59L,0x59039f352a95ac2cL,
-        0x555077aaa6c0a8b9L,0x543b69a862685a03L,0x00000000000000e0L },
-      { 0xbb104059ec48d2afL,0x691c1f18930fa171L,0x8c434c7637d9fd85L,
-        0xd1e56d52068741abL,0x1117a9fc130e01ecL,0x126d517b1f510538L,
-        0x25ce40cef290a27eL,0x0d0b0d8ae90e675dL,0x0000000000000028L } },
-    /* 0 << 28 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 28 */
-    { { 0x93d61c073ca98249L,0x04c4f43d907aa44aL,0xee3d2c3151d5b1d6L,
-        0xe74d6892f859df2aL,0x16ab4838922f8fa9L,0xb0b6f7d1757b0010L,
-        0x7ca940d8a918f320L,0x45e9325b97b8c9b5L,0x00000000000001e1L },
-      { 0xdb18d7bf37316056L,0xc34532048fc0eb89L,0x3929db79060e2db1L,
-        0x2ccbf668b1e67403L,0xc7ce019a9b05f538L,0x9377f4464dca0ffeL,
-        0x42947eb68a570683L,0x6eb25e34e0a1bf92L,0x000000000000009aL } },
-    /* 2 << 28 */
-    { { 0x8b60dc2df6130e66L,0x8ed41be47b6448fbL,0x0862c67e5ea7dec5L,
-        0x97cd528272e431edL,0x944a76da0bff84c7L,0xc168a8fda2075162L,
-        0x21af8de713ad271dL,0x27ebcd24437e9e66L,0x0000000000000044L },
-      { 0x399007d74c7b3dc7L,0x5128a9febafa8850L,0xb7e7cff44db4a4b4L,
-        0x923571173410d116L,0x47320eacb450efedL,0x47ad42e6f8042421L,
-        0xe4ef55c263b6aa24L,0x7a97987c3f882833L,0x00000000000000b9L } },
-    /* 3 << 28 */
-    { { 0xc76e5f4d022667cdL,0x2c78870a3e07fb1fL,0x9e001396d1c68926L,
-        0x707a9c2eed2a502eL,0xaa9a37f8e68933fbL,0x1ae458ac4e4c8f98L,
-        0x8047ed5da71656eeL,0x06826324a9df9d4bL,0x00000000000000adL },
-      { 0x2c4cbd9319c176efL,0x8dac64428092be6eL,0x0c349ee87a074bffL,
-        0xec35b47c0129e1a0L,0x4096e01235253255L,0xb3e6e7fd06b23b09L,
-        0x8b36eac316fd165cL,0xb7d5f97294ad125cL,0x0000000000000154L } },
-    /* 4 << 28 */
-    { { 0x58241d2f43416440L,0xad00daccf36bb0ccL,0xef105aade1b517a4L,
-        0xa88fb367418524a2L,0x960efc2bd69f903fL,0x58b761e2bb316fa8L,
-        0x634a724e43593289L,0xa341dd2178b2c871L,0x0000000000000178L },
-      { 0x29de72f83261324cL,0x53767dbc0ee348c0L,0x7f5a005b2ebc04f2L,
-        0x8c6987a70f7b3b9aL,0x0f387e9d7e48f271L,0x644134585b456a10L,
-        0x015a5da5d0a2a3c5L,0xb236cc58708be977L,0x0000000000000057L } },
-    /* 5 << 28 */
-    { { 0x13c413632bb30ebfL,0x1c51e2fb84a62b56L,0x0ffaefe0883cb2caL,
-        0x23a651151997f036L,0xf030712c9c64e7e3L,0x06320295457aaf0dL,
-        0x945bd82fb2498539L,0x2995df47623a481dL,0x0000000000000161L },
-      { 0xf962f403feb7f8b3L,0x244d8a3a872dff16L,0x59fdaabc89f6ddcdL,
-        0x41661bc87db8acbfL,0x1b641d50c256c87fL,0xd7f8aadb27ccdb57L,
-        0x4daf613731f353c8L,0x33d401882a2a6f9eL,0x0000000000000125L } },
-    /* 6 << 28 */
-    { { 0xbd4062286eed0f95L,0x8693a9d97c6c1c3fL,0x0392e931c066dcc8L,
-        0x2e1eedc6cc819d2eL,0xc7a315d6069e2217L,0xa7495b1808e6f72dL,
-        0x364f38117051ff13L,0xeeeb3cc4bb59d612L,0x00000000000000acL },
-      { 0xfd9e0c1078616d6cL,0x585de5ada8d4af09L,0xd08d9021c3143504L,
-        0xb38fe6557f67ffa2L,0x5682040cd0fcb4d0L,0xd56c8348e6329179L,
-        0x76229a732621c84bL,0x0c98cb02de4cc81dL,0x000000000000000aL } },
-    /* 7 << 28 */
-    { { 0xbfb85a9ba8f70eb0L,0x9fa45d83e59b107cL,0x90207916cff39e25L,
-        0xdf20520f61816661L,0x250a81b64d88eddfL,0x3583bce4d4c88e4fL,
-        0xfcafba316121deecL,0x40e71ea745ff2c20L,0x00000000000001d6L },
-      { 0xf91f204550452ed6L,0x4c7be74a00fca85dL,0x6ac750dc0fcc66daL,
-        0x829ccef87bb3a7cdL,0xf232419e97039a3fL,0x1647039db5f00ad5L,
-        0xc72ebf12dd7f9785L,0x42bbfd03c675e619L,0x0000000000000119L } },
-    /* 8 << 28 */
-    { { 0xb2308971ed0d691fL,0x31c3c54e8cef282fL,0x5cc3d26a97a5ed69L,
-        0xb611a35d43da55beL,0x97492fe68fe11b61L,0xc10a18f0e26f0805L,
-        0xb6e0f2a2ea78e6bbL,0x2570f42e71c3f3daL,0x0000000000000043L },
-      { 0x30048b23d0630da9L,0x3756d05e0f635ba8L,0x1e6e383a8ce0e80bL,
-        0xcbe43361c723d456L,0xb1f089e45cd18501L,0x53132cf36ff2c160L,
-        0xc759b7a24a0406d9L,0x17917e066dc5143eL,0x0000000000000141L } },
-    /* 9 << 28 */
-    { { 0xf8c5b2eb11628dfcL,0xc66d10fc0a42e49bL,0x44c184b4e26fe77fL,
-        0x22ef369da4d3daf3L,0x6662870a2cbe0115L,0x80846b9736ca9e6dL,
-        0xbbafd1317ed388a8L,0x4da614274029082fL,0x000000000000011cL },
-      { 0x68db20a0c06f365dL,0x46005f812ffb8bb6L,0xa0a17ce3bec18577L,
-        0xb7627d8dc3cf8b54L,0x441830cdff30d00dL,0xa53ed5cd8f7a941dL,
-        0xfd1147c999071de9L,0x619db4eb77dd8ad3L,0x000000000000010cL } },
-    /* 10 << 28 */
-    { { 0x7fc5ba6013564f62L,0xe82397841238d231L,0x8249f141e7b6cfbcL,
-        0x37e1b845668154d8L,0xa99523bc5095c5eaL,0x1196969c76fb9d42L,
-        0x6428aa7c92185a3aL,0x428e78d88246676aL,0x0000000000000095L },
-      { 0xe44cef632b1e5685L,0xd9665e7e0d228ca1L,0x066367719dfacf7eL,
-        0x42b09d00fd5605acL,0x0b101edce65b8e60L,0xca4d0290e2210994L,
-        0x50ed6bc6cf9cc92cL,0x2ca63c9ebdebc35bL,0x00000000000001fdL } },
-    /* 11 << 28 */
-    { { 0xa32a9d65fd85284bL,0xb08333a5a4fae26cL,0x8aca0a12ef75e239L,
-        0x9035b7385a77bb33L,0x466f97979aa71a08L,0x375dd05662f91bc6L,
-        0xd93ea401f5cb1c8cL,0x7ed00ca316d691c4L,0x00000000000000d1L },
-      { 0x8ccbd8fae0a3542dL,0x948625d070b071d9L,0x8654df26586a94d4L,
-        0xd6fbfc0f80290be1L,0x2e103eaa260729e8L,0x342394e5f5f52aa6L,
-        0xfaa21f70fb684270L,0x1348fabd7c862797L,0x000000000000002eL } },
-    /* 12 << 28 */
-    { { 0xf5e5237b52fecadeL,0xe0a50e6e4db2795eL,0x7481845f2a4c1493L,
-        0xfea36aefaa8fba83L,0xe7a2e20bee8eab2aL,0x3f4ceb5766a0ad1dL,
-        0x9be294e7c15afc26L,0x7952338d711c1de5L,0x000000000000016aL },
-      { 0x8a9806bba64d25ceL,0x6e72057d8eb8e0acL,0x46eb31f2d3f7e99eL,
-        0x4a408b8d7c3f1998L,0x5df31a262f59604bL,0xd12dc298137d937aL,
-        0x60c9a1480678810fL,0x3011046b48418a2dL,0x0000000000000139L } },
-    /* 13 << 28 */
-    { { 0x317b098c5ca5f978L,0x18fd83202c21b6e9L,0xc147ab01f1193accL,
-        0x7ef3414deaff0d9fL,0xef1a3d6fe28e9173L,0x2603ccbeb25fceacL,
-        0xf825502d5affa9ffL,0x539a125e066a68e2L,0x00000000000001dbL },
-      { 0xaf4b16bfa90a3b2dL,0xe0d81048ff63d1faL,0xb203e68707286721L,
-        0xec631a327bf45b93L,0x4d38cb033b10b512L,0xe08eb57aca57f26bL,
-        0x737d9cd0d7d6ddd0L,0xb00845a86c572d39L,0x00000000000001e1L } },
-    /* 14 << 28 */
-    { { 0x6f24af3eec231c64L,0xa4edad38e7c7bee4L,0xc6ba273ed1eead3fL,
-        0xf68b581f08c4d123L,0x1db45c2364b13567L,0xcd3d42cb5772318eL,
-        0x5cd6e6cb007bf13dL,0xf02d313b071bfdc9L,0x00000000000001aeL },
-      { 0x09083eda4ed3782aL,0xbcdf9ce75b29280eL,0x014232bc63b04675L,
-        0xbd4bdaeceefec679L,0x8712c19ed47c5385L,0x4bb00b447ae76a01L,
-        0x1f847ebd2fb2cf2cL,0x9f2b12b9a7a56439L,0x0000000000000050L } },
-    /* 15 << 28 */
-    { { 0x6ee9325abf53583dL,0x3b7ef054921dd595L,0x95c35ce8c0abc07eL,
-        0x08a3a510646fe810L,0x77fe478185ec11baL,0xe382a5134e870f3eL,
-        0x4eeb7787a9f1b8bdL,0x8521f39d9d8f6459L,0x0000000000000068L },
-      { 0x10aae6d8428a37fbL,0xf0578f9fd66092f9L,0xb90f50ee1ab36081L,
-        0xbb41bcf30ae841eeL,0xf73fa600cf79eb81L,0xeb88461b991afd1bL,
-        0x1b9feff62ce5c0f2L,0x80183105cab1b304L,0x0000000000000029L } },
-    /* 16 << 28 */
-    { { 0xabf17feb008c7a44L,0xade7917a7b12def4L,0xbfba65b83786b033L,
-        0x8ef4af44f0d9f9f1L,0x8f47615cab136caeL,0xe42f100dbcbd5d3eL,
-        0x8f3dc658f05f9b27L,0xd95a6b2dd6f2dbb2L,0x000000000000008eL },
-      { 0x23bb06a546bbc412L,0x15718699d0135eb6L,0x8f1639c4b4ed9e10L,
-        0x767fee42d7f644a0L,0x668267b0fe8ec420L,0xec4f548264e90133L,
-        0x679e614e536d132bL,0x0d72fbaf174df6c5L,0x00000000000000a5L } },
-    /* 17 << 28 */
-    { { 0x0d423fc8b05c732aL,0x1a585cfb9fc565afL,0xd0f09ba8438e8e22L,
-        0x87cb63973b53004fL,0x30673a866bc86afbL,0x555ad65d7e068e3cL,
-        0x4da2eed69da1d5afL,0xe25456e54cb910dcL,0x00000000000001fbL },
-      { 0x412e1fd8c5516135L,0x5465fd3139d159b8L,0x36d437af1a1ab099L,
-        0xed474e6a03e10008L,0x4f229235c14fd291L,0x6f4a44ce3622b070L,
-        0x5221ac85c506ac3cL,0x3e9f54bc552fd421L,0x000000000000002fL } },
-    /* 18 << 28 */
-    { { 0xbe5ee60713182632L,0x4d463baf9bbc5212L,0x658fc11c5c21a796L,
-        0xb81542941474c364L,0x66b925171f6fde42L,0x85cc97916fd16ba1L,
-        0x57c38a821feefec5L,0xb5c51d319b44b1d1L,0x0000000000000145L },
-      { 0xe2da12a3c6228bbaL,0x2be11b05a8522096L,0x8b60f44c6f83d963L,
-        0xf3bac9f672782a82L,0x32bd85e32757d236L,0x901c50c6d59ffc8eL,
-        0x1075eca86ac7c1deL,0xe78c786cf1302741L,0x00000000000000c3L } },
-    /* 19 << 28 */
-    { { 0xe045587941df76d7L,0x5fed520b829a93bbL,0x8eb7752aa9c54f24L,
-        0x0d73e9371b21ee03L,0x4a09582102686b1cL,0x8f887b9944c1e014L,
-        0xc7dd142035f32864L,0x0ccee70dcd5896e3L,0x00000000000000f7L },
-      { 0x73d4e288f84e6409L,0x37444a9e84a45459L,0xac888ad1fc6bd60dL,
-        0xd0f03008ce257cdaL,0x1eba5a906f0e3546L,0x556839e8a7788e16L,
-        0x1fa94edc1624a710L,0xf1ee65bb28d9bd43L,0x00000000000001bbL } },
-    /* 20 << 28 */
-    { { 0x9685604a378806e4L,0x5c0e5a8763fdb760L,0x47b37fd23c4d46e7L,
-        0x911e9f7c46ed261aL,0xab42ac68497d6281L,0x656f59410a8e88d4L,
-        0xcfe3ffac3a296c4dL,0xad1cbe5719241e9dL,0x0000000000000070L },
-      { 0x880193368cc01741L,0x8d354ea83f0eadf5L,0xd334ed2c30cf53f4L,
-        0x4490515e7d521d3eL,0xd5d3d50f83d830dfL,0xde5fac26a718d969L,
-        0x45707e7e4e0d85a2L,0xbac03693e2568e37L,0x000000000000003eL } },
-    /* 21 << 28 */
-    { { 0x05691330a54a03daL,0xf9e12a7e52a5d05bL,0x4e0a20c105bb2074L,
-        0x27872197491f88b4L,0x9314134b0a02eb07L,0xb5840bb05633b498L,
-        0x0348bb60dac28206L,0xc7eaa69e4fa82ef0L,0x00000000000001ccL },
-      { 0xd9d4c45319e54096L,0xdd3587dceb3875e6L,0xd6fdfca14a4b4149L,
-        0x1abc691467148a91L,0x6061e274b3da5e59L,0x2f9eb868f7cea854L,
-        0x057bca4f05aa6a2eL,0x3aed5fe77cc21838L,0x000000000000000cL } },
-    /* 22 << 28 */
-    { { 0x718f892ef3348160L,0x9f4c88c8f6acbf45L,0x2f886753c5fc4654L,
-        0xb078063657a5c32dL,0x63248d855ab020c2L,0x490a231ebebbd4c5L,
-        0x6daf12ab6bf2e47dL,0x144885a078e76ccdL,0x00000000000000d2L },
-      { 0xb5c08a51682e7203L,0xd3b7632dbdc76ca6L,0x1272869f10ad6667L,
-        0xa07122fb431c8b82L,0x226ced3c14371122L,0x2f17db3f67cbe25dL,
-        0x74e6946b54858696L,0xed3a84c544ffb855L,0x0000000000000102L } },
-    /* 23 << 28 */
-    { { 0x40dee98563bc734eL,0x0ef45f6e0c38c9b4L,0x9c5858bc94b7735dL,
-        0x4368630de30fa193L,0x4b9bc14602726a71L,0x18142c21960891e8L,
-        0x08d6b5780dc0ea24L,0x055ca09abe408a2eL,0x000000000000008eL },
-      { 0xfa8cae11987c9c95L,0x9f692d092b011ce8L,0xe5f725ad8e7c6b42L,
-        0x6b54b6a3f4d13859L,0xfaa64fd0e8384d5eL,0x66a16b11682b4c97L,
-        0x04b57cd76809bc31L,0x1afaad69d3eea7e7L,0x00000000000000faL } },
-    /* 24 << 28 */
-    { { 0xf7692e60b5cdfb7bL,0x7fd887faa548923aL,0xe43623edc2d58828L,
-        0xd8047114e1e2f3d7L,0xadd5a16d7c6abbb8L,0x9fafe28a2f1133a2L,
-        0x5ecaa9bd69688723L,0x5281e4addb5c34c7L,0x0000000000000153L },
-      { 0xfc1a8cf1c42d278eL,0xb76ff008220d26e8L,0x6749770f1fb6e918L,
-        0xa7e6f520aec33172L,0x23c7456c247a2e94L,0xe4ef1adf8c38913cL,
-        0x26c0c817aa8455e9L,0x9e38ea10680454f1L,0x0000000000000155L } },
-    /* 25 << 28 */
-    { { 0xc4a03e90b431c373L,0x75a014321dd2d074L,0x9ef6f893b6235777L,
-        0x3e6557afdd83b252L,0xc30056fad6d21946L,0x49175c7ccc4e6bfdL,
-        0xb48d402316ad5f7fL,0xe1f1aa86dabf2fa4L,0x0000000000000054L },
-      { 0x7fd8a69da617a3afL,0x3a6875aeeb6b1e2bL,0x1b42637effaff5c6L,
-        0xa397fc03cb327e27L,0x251106b73e60a49aL,0xf36242809c3e2b31L,
-        0x04a1243054509c5dL,0x023238269992caa5L,0x000000000000001cL } },
-    /* 26 << 28 */
-    { { 0x1375e971b4520f2dL,0x1507d0b367025850L,0x9d9c351920db152dL,
-        0xb9f63cb55e5e5b1eL,0xe4cb0a89428af0f0L,0x9e1857404a4140ecL,
-        0xf05173ae168f1d13L,0xe6a8daa0b553bdd1L,0x00000000000000d8L },
-      { 0x5bbcc749353c767aL,0x85192aa1f811d60eL,0xfbe7b89e7cbc2769L,
-        0x752cc4426f68ea1eL,0x0e5d76f4f550fd90L,0xf2ca39620ee19f5dL,
-        0x1fb501b48398c8fcL,0xbeeab7ad6047081cL,0x00000000000001d3L } },
-    /* 27 << 28 */
-    { { 0xe4f13a4678187349L,0x1a7986452cdad07dL,0xd12edd3b435e558eL,
-        0x0a466b2500c452f3L,0xa1dbe185e3d65c74L,0xcc10132b5bd1dd39L,
-        0xbb42cff31919d652L,0x711748162c26481aL,0x00000000000000f5L },
-      { 0xeae22d3ba0f7e4f8L,0x29d360c402dd3bb2L,0x016d91b5e3b86cf6L,
-        0x888b637cdf4dfbaaL,0x72a94792ab525be8L,0x69d628cde606b3baL,
-        0x34904e50a95540daL,0x18979662c4644642L,0x00000000000001ffL } },
-    /* 28 << 28 */
-    { { 0x1f06341d13a9aa39L,0xedc0d26a7415e0c4L,0x1ba18cd0ee8fed64L,
-        0x6d8fa3e4fbfac509L,0x394bae0b08dda417L,0x44ead62fd835f0acL,
-        0x793b6a8501b1d873L,0x0956227870f859e9L,0x000000000000017fL },
-      { 0xc42d6d2dc699d304L,0x41e68ef38ef5407fL,0xbfe24ff5a825f2ceL,
-        0x36108ae9bdd3f4d2L,0x7fd3cdccbe47aabeL,0x93e1da7ca8b5af7fL,
-        0x29fa9925b0cf1bc3L,0x5c9f946832411132L,0x00000000000001eeL } },
-    /* 29 << 28 */
-    { { 0x600a0bf9d2dac618L,0x685a2a4448291771L,0x0e7bac6514e41416L,
-        0xff8f4f544c0a19a3L,0xab91c47719bf697bL,0x8874baa15a8ae505L,
-        0x4a95436eb79474baL,0x7ec81267f0b04bbfL,0x00000000000000b8L },
-      { 0x61aa15a6d7dc681dL,0xdcbce70b90573096L,0xed2174ff06e003d3L,
-        0x5118698a1f70c6b5L,0xf3f6ebce94529a6bL,0x2e3c16ba7facd875L,
-        0x56ff76fa9c233c63L,0x48d58232b25308c3L,0x0000000000000040L } },
-    /* 30 << 28 */
-    { { 0xe0fe382608b55604L,0x2c1942a38d460615L,0x9527fdfe82cecf84L,
-        0x2a193e252ceeffc0L,0xc238cb9d25d20cb2L,0x357240a611d898a2L,
-        0x94c467330a554201L,0x860fcb2f93f09e27L,0x000000000000019fL },
-      { 0xe19b84d262304b4eL,0x7d06c611375b7f95L,0x59267a24db7fa504L,
-        0x2712fa55cb322b42L,0x31e2690a2bbe4428L,0x0fd9a28a599eb8cfL,
-        0xff80495e26c5d99bL,0x6de22868dd44826cL,0x000000000000002fL } },
-    /* 31 << 28 */
-    { { 0x18e983ea9babce7fL,0xd794f3872c121aedL,0x95377a1ff9be1cb0L,
-        0xec3a779fe94176eaL,0xd1e5c67084093fafL,0xcb651415f62b3cf9L,
-        0x1b0e00bd178fec50L,0x84529ad9e1300de2L,0x0000000000000019L },
-      { 0x4cdd2ef87fd07920L,0x987b7c86fbae0a4eL,0x7fe7d1505007327eL,
-        0xdf55c0da4a8c92b3L,0xcbdaf5ad3b61e07cL,0x0a768f308803468bL,
-        0xf887801ab2ef831eL,0x5dd31ed28493948eL,0x0000000000000166L } },
-    /* 32 << 28 */
-    { { 0xd256b6072de9b28fL,0x286fc763cbefe110L,0x736ff52a138783fbL,
-        0x6f6d822b4ebcd973L,0x78c5a0b685eca174L,0xbfcc5ab679ea21b7L,
-        0x9ccb278d4937e0daL,0x9f50f4422d009304L,0x0000000000000049L },
-      { 0x566947d729f8a798L,0x9793a90581cc1ed4L,0x73da631e851115d4L,
-        0xa0b5c181fc7da6f5L,0xa70593d29f5a7634L,0xc9f71df41e6250a8L,
-        0x2dfd10897a97cd35L,0xc3cdac7ed4e0074aL,0x00000000000001fdL } },
-    /* 33 << 28 */
-    { { 0x527dff175e34cb9eL,0x1185849f852371a3L,0xb9d706ca6726ca47L,
-        0xc1dd38933d915bf0L,0x9a9f8c7c35256ac7L,0xe2c3c09136838dcaL,
-        0x05e64ff7870a320bL,0xa994d8aef3132cc9L,0x00000000000001f2L },
-      { 0x46e991b9272d18e8L,0x8a25edf2fd58a9ceL,0x3785868f285cac3eL,
-        0x5fb2e743d880fc4cL,0x3a1d2ef3b2c3e9a9L,0xfcdc85b5e00ef7a8L,
-        0xbd24e872b5b4076dL,0x668da80789caff99L,0x0000000000000017L } },
-    /* 34 << 28 */
-    { { 0x97bd38162078f256L,0x5d8f6c9b986e1064L,0x54503fe4f389bb49L,
-        0x926f338e896b4713L,0x456413e55b6b0d6aL,0x0c55b0104f321c4cL,
-        0xff7b9d8b68144d46L,0x5558ef1ff5a77121L,0x00000000000000acL },
-      { 0x1d11903a5e46b3dfL,0x5d07f4024329d68cL,0xe7fc54483d4584dfL,
-        0x85cb4edde10f716bL,0x2d8138c27ae7e0dfL,0x23fa18aa0e362800L,
-        0xd29f622742704470L,0xd019bbc004ea20cdL,0x0000000000000010L } },
-    /* 35 << 28 */
-    { { 0x77b70582bfc725dfL,0x40b2fec1c7ac2712L,0x3c12e6c61950a057L,
-        0x854deccd121c54e6L,0xe6650cb5f20f8d75L,0x68bd92942455567bL,
-        0x4d88a2b9b216af0dL,0x690d0fed06150c6bL,0x00000000000000edL },
-      { 0xd17bece2f2efbe2eL,0x231fafc9bb1f57baL,0x06f9776b85b23326L,
-        0xaec0776ef3f362f2L,0x21e0b5369e0c259eL,0x944c4d19139e4f62L,
-        0x6d3067c700a6a022L,0xf58f9dfbd6539e9fL,0x00000000000000b0L } },
-    /* 36 << 28 */
-    { { 0x61acda55111366a8L,0xdec95e38b7f07d93L,0x8222e3d6baf73ce6L,
-        0xa8d24dfa339b0560L,0x205df5b8caa53e45L,0x53ceb84c07f44c35L,
-        0xd44ff89c819e3f50L,0xab02c3c1a9d0fa4bL,0x0000000000000156L },
-      { 0xdb16ebcd79987e96L,0x986ace08fa013307L,0xb83bb30a0c1a370cL,
-        0x9d2cd27dc95cec3bL,0x4c125471240da52eL,0x8f9b0f23588d5cc2L,
-        0xb03e0c8a0e21e5c9L,0xf3a55d8b860c813cL,0x00000000000001a3L } },
-    /* 37 << 28 */
-    { { 0x90c5a583c3835851L,0x4219b5de3cb23bf5L,0x044d34effe2a24a9L,
-        0x5ae5eb83762f96deL,0x9d476c6487fa31c9L,0xbc6aba41aed7972fL,
-        0xbea75febc9ec7341L,0x8ca0dd60627f5b64L,0x00000000000000a8L },
-      { 0x1b50115ed6888e70L,0xa4545e2d794f75c3L,0x401861f9dace48fcL,
-        0x2d5a89afe11b82bfL,0xbe38f972ae3391a5L,0xcc1f6db06d026c05L,
-        0x084ca28ae7a3ef5eL,0x176e9f1fd2864659L,0x0000000000000050L } },
-    /* 38 << 28 */
-    { { 0xc2019c0271b15a05L,0xd48bbe070860ed8dL,0x2361677c20c6be37L,
-        0xa957ea9259c63464L,0x48bdee912c443f75L,0x44f7cc053758b6c0L,
-        0xf4910cca5bc5717dL,0x149c230cd5085dc3L,0x0000000000000100L },
-      { 0x6daa5d33b9ce132bL,0xccf4fbdb2fe80f7bL,0x844149b7b34a3216L,
-        0x66a4b73c9372de80L,0x54b0e50ab74feee9L,0x733214dc6d44764aL,
-        0x06e5f78a04b817acL,0x179ba42cc714eab2L,0x000000000000006fL } },
-    /* 39 << 28 */
-    { { 0x41ca17fe324ebe57L,0xe5b597fc38248859L,0x25a9281f71b1fc77L,
-        0xec8c0f355257f629L,0x9951712b32763a6bL,0xba39f3393983150fL,
-        0x59a52f445396034fL,0x1272ba122070c464L,0x0000000000000195L },
-      { 0xfd4339486ff38a26L,0x0b94645a82186928L,0x37e034cc66c1e676L,
-        0x82bb11a0826343b0L,0x90d5b4c1572a5785L,0x1cb39ed5535b33caL,
-        0xa751d3ca20e812b4L,0x99eed4a961c771afL,0x0000000000000120L } },
-    /* 40 << 28 */
-    { { 0xe819cc844c848a52L,0x97d6bb24a95d1c11L,0x68b512de29b00048L,
-        0x61bc95c028390416L,0x51f63fea5a21876bL,0x109aebd7e3075459L,
-        0x7735f70c233315b7L,0xef66a59c6e0f35a5L,0x000000000000006cL },
-      { 0xad0aafcd784af74dL,0x3c5bae42c1b0ebe0L,0xe12e2963f5a634d7L,
-        0xa0bbcbda7a495138L,0xa4c2f0c2863b8befL,0x1d13dc0a0362bfb8L,
-        0x04be3b6554a111c8L,0x9eefc66cb793f1e6L,0x0000000000000149L } },
-    /* 41 << 28 */
-    { { 0xaff95949aba4045dL,0xef288e2241d0dbc4L,0x0ab889d979410183L,
-        0xc48157059989f404L,0x2b110dc9491692caL,0x6d5786920c0aece5L,
-        0xd6afdbf4189fb2dbL,0x6188a57807a0d0aaL,0x000000000000006fL },
-      { 0x9daa0f2d3790f377L,0xad1c16553dbd8164L,0x806e1f9d98217107L,
-        0x10c67e47fc30518dL,0x80f2ab513af331c8L,0x36c8e5f435bc6788L,
-        0x698054e25e7b589fL,0xff145a30b144fd63L,0x0000000000000039L } },
-    /* 42 << 28 */
-    { { 0x77f03fcfcaebe2f1L,0xb032ab4fdb8d0df5L,0x50298bee11271b80L,
-        0x7c9b538213044e40L,0x1e63fb4cba1f0404L,0x0cc77790e5221558L,
-        0xfb667df9d87c07c1L,0xa1bd9b5d4fa5461aL,0x000000000000015dL },
-      { 0xe666b8a3f59d0fc7L,0x8cd99856f93b329fL,0xf15ac9dc87d43f51L,
-        0xd62f1d4413c7726bL,0x35987d28cf157054L,0xe7319cf68090fc08L,
-        0x4fb5e518a58e7727L,0x3d916c071005294bL,0x0000000000000096L } },
-    /* 43 << 28 */
-    { { 0x26387c347fa8da38L,0x006b5bc95663e995L,0xa81762db2fdc672fL,
-        0x5aabce64d76c766eL,0x6c65a1c46b285f33L,0xecc5dab81d758143L,
-        0xdf983510b9f496b5L,0x2cdc07a59176541cL,0x00000000000000a3L },
-      { 0x290335c934e7f5cdL,0xddb7748db9b7f197L,0x109b9ae09bc63c8dL,
-        0x29e888ac028d3fc2L,0xbf292ad344771ea8L,0xdb60dfe2168360c0L,
-        0xf3f5490d7d7a936fL,0xe387ba89057dfc8eL,0x00000000000001f0L } },
-    /* 44 << 28 */
-    { { 0x9a4b7f6493d68b0bL,0xe6e6ab700404d1feL,0x6879df3a95063fb2L,
-        0x6aaafd74fc273d08L,0x71f6336497fb7eb7L,0x4ae28c634362c275L,
-        0xf5848a9d8c1a487fL,0x67c1efe8eeda4a03L,0x000000000000005dL },
-      { 0x60e266b622da687dL,0x0a676ac5b651741eL,0xe39e0012736dd734L,
-        0x7cf92513a3880359L,0x8b6c609629913ad2L,0x2c5b829daf6a7412L,
-        0xd6fb88f34ff49696L,0x2eb1377cdb4b807cL,0x0000000000000030L } },
-    /* 45 << 28 */
-    { { 0x7a3663d88d937dadL,0x505e614c7a1002c4L,0xc785b58d85142711L,
-        0x656182e5d3ad2984L,0x8d10353e265220cbL,0x3b1be55ab5b54894L,
-        0x5cee86bd6fdc5483L,0x3405297d76c6839eL,0x0000000000000198L },
-      { 0x872c51c47e6df1d6L,0x924e0616fdbd9f55L,0x8dfc23caec4f6876L,
-        0x14989c5e42c59e5bL,0x9cb5b0b59f20ac1dL,0xb9a5c77bffb1f896L,
-        0x9eeec4ae52e7e29dL,0x6b0353efc45b8bddL,0x00000000000000bbL } },
-    /* 46 << 28 */
-    { { 0xf2d4f1c72688cd8bL,0xf192d22d5ed62791L,0x40228bada8326f24L,
-        0xad8b562974aeaf7eL,0xc7d3b568ecf92ff6L,0x23108db20fd0b496L,
-        0xafc3418f1ebda53cL,0x029bfd1a165a4ef6L,0x0000000000000160L },
-      { 0x340cb9d7c908ed51L,0xef88826762017c05L,0x1313d7669ae63181L,
-        0xa8d9c2cd6c8a1b89L,0x524cb90b35bad6c9L,0x91af48d2c6aabfdaL,
-        0x7b7487b93c3231cdL,0xf20201abf5028680L,0x00000000000000acL } },
-    /* 47 << 28 */
-    { { 0x414b33978ac56c3dL,0x721029e16bea57c1L,0x9cee0c176997d034L,
-        0x0e066baa743206c4L,0x54151f4c5f961984L,0xed5900facc869502L,
-        0x0d9da2d227e7b18eL,0xc7fa2af5e3783266L,0x00000000000000a0L },
-      { 0x6616bf15ad5ac8b4L,0x72c8d17c80102d46L,0xbc1f78c8168b5c6eL,
-        0x48018dd3c400914dL,0x20cd1be54cc9c130L,0x7fc70e61d99d9e60L,
-        0x8b14cc2a42d62a83L,0x74df1bd13070d89dL,0x0000000000000074L } },
-    /* 48 << 28 */
-    { { 0x8fd8dc497694f566L,0xb2ab052d1fa6e13cL,0x7e4a708e9aabc7cfL,
-        0x68a9c33a6b81f0f0L,0x96e4988af1f7cb07L,0xdca8d731ea264c22L,
-        0x245371e321b3372fL,0x02216476308d2300L,0x000000000000017aL },
-      { 0xebf5411633696cfdL,0xa10c5784419623a9L,0x4c6a119c38fa84d5L,
-        0x5c8eee646d4e5bafL,0x7f99d26d9b4959d5L,0x58708101174f417cL,
-        0x48cab8f38294b72eL,0x828aaa19d9710f9bL,0x0000000000000192L } },
-    /* 49 << 28 */
-    { { 0x8a45f3c1f711e80fL,0x9f5a1b9df5d9caccL,0xbc1fc975a7625035L,
-        0x80b67120b5f7fc73L,0x9bc987572eafb656L,0xf20515ca406e0a1dL,
-        0x83305c67b23372c6L,0x40f4c0ce9ecd6e90L,0x00000000000001c9L },
-      { 0xb3598c05be9425d9L,0x255dd9d8a49eb383L,0xd4ec4a2f04a8bd10L,
-        0x5c0d36abd5c340f9L,0x0d568642795637acL,0x728aa0f2e00d6487L,
-        0xf8f49bec3e20b8a8L,0x65d71712de23750eL,0x00000000000001fdL } },
-    /* 50 << 28 */
-    { { 0x73e49f63e25b0952L,0xb877a9e56030d626L,0x3ce843972e0cf3a4L,
-        0x3d1a2de214820b67L,0x528fcf23c2261e9aL,0x8a9318e1c47264bfL,
-        0x87331e933d4a4fe5L,0xc5f4d3321ad39c92L,0x00000000000000e1L },
-      { 0x3c22a52df23bdfd4L,0x78a4fe92df000b45L,0x359fa4c23eef9355L,
-        0xebd16e3f4c272143L,0x661c7c241736536cL,0x72a7416408be5d5dL,
-        0x417ef58e88a433ebL,0x79f30b9d3a0aa85cL,0x00000000000000d0L } },
-    /* 51 << 28 */
-    { { 0x968f8fd66f2f9e3cL,0x0dbd79fc8adb4e50L,0xf78190a5bc410644L,
-        0x0167515013eafb09L,0xaf9a05602b728353L,0xed98a1b3fb685f2bL,
-        0xe07d0806e04f3502L,0x6607fe2785954a39L,0x000000000000007cL },
-      { 0x7169286c817b5efdL,0x8cc453557b7f8a16L,0x0c3339433f68a9c3L,
-        0xf6f5c92ef13d3edcL,0x1e09ef6cd115e7cdL,0xad3b1ba9f6271d3fL,
-        0x4cc6ee4fc6be55c7L,0x32cd2db2e20d8022L,0x0000000000000151L } },
-    /* 52 << 28 */
-    { { 0xa2b57e47ee31f1eeL,0x35ea17041c5d6c0eL,0x5e23fbd525856990L,
-        0xb560d2e20908d00dL,0x5c0804d5b516dceaL,0xb84fd1cf6a938abeL,
-        0xc1f15c276ad24548L,0x42850a0f4de8022eL,0x00000000000000b8L },
-      { 0xcf3f0f8c86fac159L,0x1e9b9f2741cd1461L,0xc470786c27f36196L,
-        0x8eb042646ab8c405L,0x237fb49506bbbc7dL,0x40c30b4714750e91L,
-        0x9db7193bc17373a0L,0x597f1ea9b153e953L,0x00000000000000c2L } },
-    /* 53 << 28 */
-    { { 0x4fdf2cebc8434a58L,0xe2d310b11587a33eL,0x7870a0118476a5e1L,
-        0x23a5c69ca4d72f4dL,0xc77d905fce3550bcL,0xd61a54a01c717549L,
-        0xd97c3c91864059b2L,0xe1f1c2f0d6636fa3L,0x0000000000000036L },
-      { 0x312ce02a59481b67L,0x361cf25529cb2c16L,0xa6cb28f9c8ad1e71L,
-        0x82729b40b59d68f7L,0xf6d4ac7bb8b4e098L,0xb4993a2c711612b7L,
-        0xac9ba748b7a1e41aL,0x5418d9a322a5eb87L,0x0000000000000005L } },
-    /* 54 << 28 */
-    { { 0xd89fc40850c82edcL,0xa41578bad7465868L,0x6fd92f67c937ccbcL,
-        0x7564cfdc2467d5adL,0x32ba16a72b4babafL,0xf6ff32a4cfe6d562L,
-        0x2797b1689ef2ceb3L,0xb7a640f2f578b176L,0x000000000000008bL },
-      { 0x4f319670b8ca6146L,0x972e72a0742476efL,0x7bfd9206f2f25ce2L,
-        0xc68027e007eae81cL,0x2eeb468847fc7d16L,0xaa08354f502dda1cL,
-        0xe3137c68ceb141ddL,0xe5e27505d1f6ba8eL,0x00000000000000f9L } },
-    /* 55 << 28 */
-    { { 0x62a6970950bee1d4L,0xd1f4674013839f16L,0xab48f6f44cb023ecL,
-        0x683371fa89ac6079L,0xec8abd69ca14e962L,0x3f2a8f4619f6cf07L,
-        0xd2ceec98cde7fef2L,0x4615e03fcac0741bL,0x0000000000000196L },
-      { 0xcfe7cdc5821caba6L,0xbd82d1481006abb4L,0x5725410af4919b55L,
-        0xab26f4c1af20960eL,0x1bef3c7b9558b455L,0xa4b2fad5d098a394L,
-        0x9a656c097f01c091L,0xdc7048d7fa70a8d2L,0x00000000000001efL } },
-    /* 56 << 28 */
-    { { 0xcd4f21b88df62d16L,0xa99200834bc94f02L,0x95211c6856a37590L,
-        0xc933ae22dc0e83d6L,0x8e733582aa26236eL,0x129991995e6f68d9L,
-        0x43f6cb3853e4cbe4L,0x6d14bf9948098f89L,0x0000000000000177L },
-      { 0xa3e3899f9173bb49L,0xbf5bc771d1969f3fL,0x09207ffae5b5b91bL,
-        0x29d14eec974821e1L,0x0d3fdde868cded21L,0x4d99062ac9895973L,
-        0x836aaeee85928705L,0x9ca8345688cad913L,0x000000000000013cL } },
-    /* 57 << 28 */
-    { { 0x7b16f87dcace418eL,0xd2a74c4165a2b019L,0x95ec1e15c7d4681aL,
-        0x01c830f417e4aebdL,0x0de6f0ba401c8bc1L,0x8114c81627d5149fL,
-        0xa01d3c00882054d5L,0x2eca68b0abf0dd69L,0x0000000000000105L },
-      { 0xe2858d41a6369d0cL,0xdc444fb36d9ac709L,0x8d51a6eb2ea50b78L,
-        0xc3c1f95e17149666L,0x39e712190439bd89L,0x5f3e04cc1fa5b6d4L,
-        0x40c776d524944156L,0xf7859b8892597750L,0x00000000000001ebL } },
-    /* 58 << 28 */
-    { { 0x18a3a3122877dcf9L,0x4c57231db0789aa4L,0x1f9758d9f4e77a15L,
-        0xc5c1c2ddea02469cL,0x4f33f024035a3628L,0x33b60b241bf0ca55L,
-        0xb957e710bdd64bdbL,0x96d0abb164b24ecaL,0x0000000000000059L },
-      { 0x0b9145eaa2035647L,0x929ac0d3196cc1d2L,0x0daf403c10192c2fL,
-        0x7250de726ce0a385L,0x5027595cc2217f3eL,0x7650cda46818396bL,
-        0x7df3f9df94ef5f3fL,0xf9ce383e3e9c1a38L,0x000000000000010eL } },
-    /* 59 << 28 */
-    { { 0x80307b9548f639d7L,0x089dd1b7fada9eb1L,0xc0f43d7948380214L,
-        0x2cc2421afbf50727L,0x24111e56f3ae1323L,0x33dfbad162541943L,
-        0xfa604e1b9bf30a36L,0x3a41e9980ca23f2cL,0x0000000000000051L },
-      { 0x463d1718e369ad8bL,0x4b789649cbdad74fL,0xd921f71d3229fa15L,
-        0x179d3710aa4ffff0L,0x347a47e251e078e6L,0x79ded1a24aaa0a8dL,
-        0x93fba0dacc6d871eL,0xf4b3e8f626309221L,0x0000000000000158L } },
-    /* 60 << 28 */
-    { { 0x0220cc1183aab8fcL,0xb66eba5bd21536a0L,0x7f537a8dad7476c7L,
-        0x6250e935d154a65aL,0xe3e8bf57ecf46b3fL,0x8f3f800bb0133ba3L,
-        0x3b16a5be59bfbdb8L,0xe575b5ca3f0f52efL,0x0000000000000096L },
-      { 0x41211e957280531eL,0xc1287776078368adL,0xae87eec633a5db39L,
-        0x2d076f221846c7c5L,0xe11fe8f1bbe5f70eL,0x7cb1cf6f8bc46087L,
-        0x5c2a40382eb6325dL,0xb0aa793ef76b0b80L,0x000000000000018aL } },
-    /* 61 << 28 */
-    { { 0x2d5e2db75759d562L,0x036f50c2f0d645e9L,0x5a2f49d295e73061L,
-        0x43a6194ca19819ccL,0xac1f9da3bdf2a175L,0x5bc51f5ea6e0386bL,
-        0xd932dc0aca202aadL,0xab9d361dead9e506L,0x0000000000000179L },
-      { 0xc3fd69caa5500bccL,0x35ec63c388bc2b00L,0xaccf525c4e34d8b0L,
-        0x7689d112db03dce1L,0x6686d2b5ebcfdfc4L,0x6cea5f5186d46983L,
-        0x52e8e77117e4417fL,0x279048cbca4c2157L,0x00000000000000eaL } },
-    /* 62 << 28 */
-    { { 0x5cfa362a96323595L,0x10d1ad380b2a3e9dL,0x59baa91aad12493cL,
-        0x0f5bb9d432c9bd68L,0xac141dcc0464141cL,0xc3d395e08460a809L,
-        0x6919e44f14719d6dL,0xa66fc8237e5aa5c2L,0x00000000000000a4L },
-      { 0x7d4fe91ad7fb6604L,0xf0cdc6166125d587L,0x52bd3f11ba69e22bL,
-        0xbcb33f67f9af69bdL,0x4f3824ca3296150fL,0x2490712b2ab3bf72L,
-        0x561da32946d6d180L,0x1a7607b4bb6fe954L,0x00000000000000c7L } },
-    /* 63 << 28 */
-    { { 0x6f5340ce32ebce2aL,0xf8403e09331393daL,0x4cedd42fd5eed810L,
-        0xd697d934f24a2dedL,0x7253178f7f2eed40L,0xf637a3c22e487a59L,
-        0x3a562449230bbe9eL,0x7ee1c93313a9f00aL,0x00000000000001e0L },
-      { 0x3e9c3f430c67ff5bL,0x415d74ea77e94e6aL,0x4ce10a8fdaa7e03eL,
-        0x3a38ac77ca7e82ebL,0xb63762010391062dL,0x9e261b95276309b3L,
-        0x33787055f4fd6e43L,0x0655512a1e763082L,0x0000000000000114L } },
-    /* 64 << 28 */
-    { { 0xaed480e002f799d8L,0x021a2f24d635c04cL,0xe49a60d8004d0abdL,
-        0x58ab8fb04d8873bdL,0xf36a43c81ecd98f1L,0x555f15c4cd2f93f7L,
-        0x295d868d4eb95e03L,0x1aa8e425b50553a1L,0x00000000000001deL },
-      { 0x2efce59878fcbf33L,0xc499e9fdf4e93711L,0x0f5220ad0c6e6fadL,
-        0xed0d0a9b9fc9da8cL,0x84235958f7813802L,0xed21398e62729b3dL,
-        0xdf6c25ab3c9bb158L,0x87d306d9edd78e48L,0x0000000000000085L } },
-    /* 0 << 35 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 35 */
-    { { 0xa0bede1baa9a08abL,0xa32364531fc48289L,0x27f83d5a8c4e95c5L,
-        0xd4e05998a98b2122L,0xe4118aec7d51821bL,0x18ae6c6a883ce4e9L,
-        0x686d2a6e0d65e4afL,0xce00c72768d87702L,0x000000000000004bL },
-      { 0x8c8c0c984c0b4b11L,0x09c31a00977e63aaL,0x1999f20642100b94L,
-        0x7314df12c4f0cf33L,0x0bb59f1a5f5da290L,0xf08e85bc03d4fd95L,
-        0xcb0b361fd6fb0524L,0x9192a173f35d713fL,0x00000000000000b6L } },
-    /* 2 << 35 */
-    { { 0xd23357cbc11b2a0bL,0x70de0d3fb179a631L,0xb57a0fad122b12b6L,
-        0x3203600f78489416L,0x99fe0b86d26d2267L,0x36f3262f3b9deed0L,
-        0xb6e6116024a32dcdL,0xeabd7c06aa745047L,0x000000000000009cL },
-      { 0x3f277e18cdc4cff1L,0xcad81ada6eb7045fL,0x3f82d6dabb804212L,
-        0x7eca837503b6a618L,0xda88796995f2970dL,0x21fc350feb3a7834L,
-        0xfc332b6e55f9ac1cL,0x0d85b43418d4111aL,0x000000000000003aL } },
-    /* 3 << 35 */
-    { { 0x0a06f1def4fbe878L,0x09f64854ab82ebedL,0xce87ff16deccf5daL,
-        0x8da229260c3ee54fL,0x9daecdb54b3b01beL,0x3235049383c3f13aL,
-        0x83009a5fce924497L,0x02c32dd344f6445cL,0x0000000000000099L },
-      { 0x29fe64280889ade6L,0x53e62dea97b76d1eL,0x2bbd1dbc85849c69L,
-        0x2b35472d511dd92aL,0xce302bb9a1200de3L,0x8da55e0b188c8660L,
-        0x4beaf0cbb581d96dL,0xe8b2a18ff7b7e9a3L,0x00000000000001edL } },
-    /* 4 << 35 */
-    { { 0x9b7b7da8ccec2c14L,0x1ebd382dcf4fcf1bL,0x72a07d22f1c3f836L,
-        0xef166de452992679L,0x5add8684088555cdL,0x61fbb803c2f8fff6L,
-        0x7da8e738e52770faL,0x36a94145f9f2506dL,0x000000000000016eL },
-      { 0x50af6f099e6f7092L,0x541acac8bd540556L,0xf927547a616159c2L,
-        0x4d2a84617c7dfe4cL,0xb603c320754fdadfL,0x0ada986235c19059L,
-        0xaa95304ebe17a78aL,0x50f8baff41244129L,0x00000000000001d6L } },
-    /* 5 << 35 */
-    { { 0x260efac5aff9e319L,0x8e3650c87d4f1d91L,0xce7bee9d3b3fb7b4L,
-        0xa6d415cc99eed5f6L,0x8041fbf9974686a2L,0xcfa2aa4f379d32bfL,
-        0x920a936febfae5bdL,0xb75e33b8282e5ad1L,0x0000000000000050L },
-      { 0x979059cd6175e89dL,0xd630ac31f3da1ed4L,0x64f8fbb8d3225d27L,
-        0xf78de657c1c566deL,0x6759e1cfd17fb6a5L,0x50864db03bc3a849L,
-        0x225685c9365020c5L,0x16ef56abaae66d87L,0x000000000000013bL } },
-    /* 6 << 35 */
-    { { 0xa8187a5fc0c3e8aaL,0x89107b456dbae123L,0x023bb57a57ee86f9L,
-        0x7b574f5dd0a5e4b0L,0xf832b673e8c79ce3L,0xc10bfdf66771037aL,
-        0xf448e37efad2b5dbL,0x198293caef6701f1L,0x0000000000000070L },
-      { 0xee3e2714deb4db92L,0x5af53d653e2a9e0fL,0x8fe35f6e0fa38e48L,
-        0xe512d6895dd085e7L,0x8b6aac03ead33215L,0x44cf0c3c6dda0f8bL,
-        0x1d642848a861f599L,0xaae60d552d02dd4fL,0x00000000000001bbL } },
-    /* 7 << 35 */
-    { { 0x79710d49dbb8281eL,0x2296ca841e2a213dL,0x7f8e1a9cd847ec78L,
-        0x158f24bed7aecd74L,0x571e8ca657b870e3L,0x8748e407df98feb8L,
-        0x822192b857348ae5L,0x7eea8f745f73e93bL,0x0000000000000136L },
-      { 0xa56d856b87d43834L,0x9fe0ff564fd91500L,0xf52ef09924aebb47L,
-        0x3c311496864cba01L,0x93d2bcd8a74253feL,0xfbd223f96fbb71dbL,
-        0xa7776b83bb1badf6L,0xcbdd63a911f4e4dcL,0x00000000000001abL } },
-    /* 8 << 35 */
-    { { 0x6a7316dd5dc62efbL,0x377777eb824cf4dcL,0xe349e9457255c5a0L,
-        0x64111cb9bf497e75L,0x1d91dcc714b1eaaaL,0x87ea1779cbcf5454L,
-        0x070f848d42c890f3L,0xaaaf9a3881e4bc6fL,0x00000000000000baL },
-      { 0xfd521f1d853096ceL,0xa44cca3f3c8f7ac5L,0xd960927b3f30cfceL,
-        0x0d30feb7c5999722L,0x5b0d38e22adc3822L,0xa00f4a022aed7af7L,
-        0x1bc83e716ed4dd28L,0xba2213a238615d83L,0x00000000000001a7L } },
-    /* 9 << 35 */
-    { { 0x7df37450630874ddL,0x028f47c9e0e446b1L,0x1ca7c1c3881cd7a0L,
-        0xbef2f5ce04bd0fa2L,0x6cb6bfe1bb0716baL,0xfe1d702d263901c7L,
-        0x8537e484e098aba3L,0x9f5aa1332885a9ffL,0x0000000000000196L },
-      { 0x82ad05da072c7a4fL,0xaa09589418c27ca3L,0xc39c9cdde3b68587L,
-        0xe94da9f0e85d5f74L,0x7287ea7df479ea5cL,0x7b4a94403825c3aaL,
-        0xb8bfa948d0cc984aL,0x713f8cc029742546L,0x0000000000000073L } },
-    /* 10 << 35 */
-    { { 0x4a7912f4453a46d0L,0x1d2e76231c7cf115L,0x2208de2b8f29c610L,
-        0x809daa6181e502b5L,0xa8f149fc6bd724b5L,0x38af43fc31ce0e18L,
-        0xa2fdba97e8139cfbL,0x665271bd9eb155f9L,0x00000000000001f1L },
-      { 0x8b86fc468d28ea7aL,0x8cf2558a51d8fa58L,0x2c97c546d7ba83e6L,
-        0xde7cf223acf26595L,0x7802038e4ce7407fL,0x95574ca7ac6b1de1L,
-        0x98631057f0e9c573L,0x43fa05d155e8bd77L,0x00000000000000a1L } },
-    /* 11 << 35 */
-    { { 0x35492249be9bd7e4L,0xcafe206f52521c89L,0x47dc978d77be09a2L,
-        0xc0ea0080ebf81c97L,0xc3e10de2694d91c7L,0x9811bc56772426ecL,
-        0xd1f4fedea3e2d3faL,0x4305664eb53e0995L,0x00000000000000b6L },
-      { 0x25a3583d1be78b26L,0x8ddb19664de54cd5L,0xa766c88dde4b1b5fL,
-        0x5b23a2a7fcd74bcfL,0x1ed2d0cd3a4784f6L,0x14020b80b6c02a2aL,
-        0xec21146ed646ac46L,0x6896cbd4a392e47bL,0x000000000000000fL } },
-    /* 12 << 35 */
-    { { 0x6f3326291afb08a9L,0x9f159db2908c995cL,0xa36f91bb5e8dfd58L,
-        0xa8ee1cd8736ce4d1L,0x45832ab2cf58ae21L,0x08ee6a41316e9061L,
-        0x0e39db0b1a2ffc32L,0xea9414e1380323caL,0x0000000000000042L },
-      { 0xff010e54fc832689L,0xee1f4824c59214ecL,0x8ac0dc4a62b52f22L,
-        0xcca082d2dba63497L,0x03b4dafd826e8cd4L,0xbc3c59580f8ac57aL,
-        0xfa53329789525cb3L,0xc00ed59547ce0d1eL,0x00000000000000d3L } },
-    /* 13 << 35 */
-    { { 0x38ac2c1f27599c6fL,0xc8515670058fc921L,0xc95ee67684954ea1L,
-        0x7d87418fc0523bbdL,0xa9b8cc71138ac6b7L,0x0230bfcbd4f818f0L,
-        0x114c9539beee08eeL,0x32b57cb454435a17L,0x000000000000019fL },
-      { 0x997e7382d0b079caL,0xcd0eddd90952e376L,0x80c215bbc512362dL,
-        0x0d7da33c06ac1492L,0xb6eeaf325c2720a8L,0x90b67f842106208eL,
-        0x2e08a3ff7e0e56f9L,0x76e9b031c6afd704L,0x0000000000000120L } },
-    /* 14 << 35 */
-    { { 0x50c0ae1bbc78973aL,0xda11769b5afc5571L,0x72dca0e13989fc6eL,
-        0x270e2d671f23be5aL,0x0c9d34d48bb2aef0L,0x37f07fdb48ef02f4L,
-        0xff1c0206e0c549efL,0x9a62c16a6fd94255L,0x000000000000005cL },
-      { 0x368d1944785a3c92L,0xbab00ef3f92d17b7L,0xe8f15f69e6b2113aL,
-        0xd58342fff6b46f5cL,0xa0edf615ada12adeL,0x12d90798e7b4926bL,
-        0x284ca9e1671bba9dL,0x15def43a8ed23f9bL,0x00000000000001d2L } },
-    /* 15 << 35 */
-    { { 0x132dfd2814ffdde6L,0x9e0ba5fef2e1c419L,0xda21747db1dbfe86L,
-        0xd0fadabd78a62587L,0x50ce9d488a2d37bdL,0xb4ee4b8999d70e25L,
-        0x12ade8a38db8fbb1L,0xc03f3ecad2ef5fd5L,0x0000000000000188L },
-      { 0xfd17694aa2e6a2faL,0x1225dce9e3196a27L,0x25b09ef2a191bfcdL,
-        0xe260325f7975942aL,0x3e62541bc98342fbL,0xdc572b5772876fc5L,
-        0xadbbfef5c5ca0ccaL,0x16960b62028d57f8L,0x00000000000000d6L } },
-    /* 16 << 35 */
-    { { 0xd714194e2f415999L,0xa4b29d685128d8d9L,0xd1046cb83324ca57L,
-        0xe5e6a47504828300L,0x9c5c4f6c694c18e9L,0x84d00de8d01e5707L,
-        0x8ed94290bc2b3e66L,0xafe23a51ec6a6e31L,0x0000000000000141L },
-      { 0x2b996fae976e9c3eL,0xba0cc494be1288dfL,0xceb07fa6de8aab8eL,
-        0x7f460647985651adL,0xee200258189376f0L,0x21f13320f9a7ac9eL,
-        0x66a57bc58f3cd359L,0x7b13832775ed8259L,0x000000000000018fL } },
-    /* 17 << 35 */
-    { { 0xa54091b5fe742428L,0x9fb8d0ae9ec0b6bcL,0xcc9d3cfd658202baL,
-        0xbd1360dcdec5a1f7L,0x62b0e1a8e8f09c97L,0x66efebd288db9d06L,
-        0xe55656f90a30c3dcL,0x62ae035fed27ad52L,0x0000000000000190L },
-      { 0xdd740f0ce530b69fL,0x3d2642b8e83c5d80L,0xf42b632fcb53650bL,
-        0x94ffb5fb97b9f17fL,0x446299b5b4231998L,0x43df639e2a9a71deL,
-        0xeca5ac9a024e9ab0L,0xff1ee10a967d00dbL,0x00000000000001e1L } },
-    /* 18 << 35 */
-    { { 0x68d62207babd7e5dL,0x7618829b2368aad8L,0xd8bc9d594cb2e88bL,
-        0x8f4545f76fb516efL,0x0a5769f13078ffdcL,0xa7ddbd1aa5fbf510L,
-        0xc4c70ba312ba6fd0L,0xef602078f8e0dafcL,0x0000000000000016L },
-      { 0x6035217344f95785L,0x945017d70d3be590L,0xc12442d3ec7355cdL,
-        0x57fd71d8b71b36eeL,0x65aeb2d8ced7c563L,0xcf050f810155581fL,
-        0x6cf9c035b2f83a15L,0x302a86fc4cb4ddf5L,0x00000000000001fbL } },
-    /* 19 << 35 */
-    { { 0xd6296332f0be10e3L,0xaa891752113c0106L,0x3b36e13f465f6c3fL,
-        0x90cfbe2263274782L,0x3c2b63160c7104f7L,0xa12c5ed0f74fb1bdL,
-        0x6687e14716325f64L,0xeaf5b0a897e27f93L,0x0000000000000012L },
-      { 0x627645cc46e1d4f7L,0xfafd755a48296d3bL,0x5bb39b18554edbf9L,
-        0xe91e5bcea18115ecL,0x292b808ed880befcL,0x2a8abf44b42f1efaL,
-        0xfe48a1ec96bc93bcL,0x081792b8168933f9L,0x0000000000000077L } },
-    /* 20 << 35 */
-    { { 0x0e5eb14161f457e7L,0x92a3bacfeea01ebbL,0x564ad7678fc26d40L,
-        0x4f48057b446b177aL,0xf1255b23788fcc70L,0x1ac8aeff459f99eeL,
-        0x24731f8fc8af6c59L,0xc44122dacb32a633L,0x0000000000000114L },
-      { 0xce32416d6fad3db7L,0x59d803bd73ad309dL,0x211e641d0cc0c9aaL,
-        0xe385bce0bcc90bbcL,0xd24b7461c6690793L,0x31d7bc5e4908516dL,
-        0x268c54c4acbf7371L,0x95c7374121b9407aL,0x000000000000016bL } },
-    /* 21 << 35 */
-    { { 0x25a6ec1a4565257cL,0x56da9c6f45d4b786L,0x5200f490abb04ea5L,
-        0xf553a6bfa633d526L,0x8a563d61827dc74bL,0xd459b61db4bc0d1fL,
-        0xd0762e8ca49cce8fL,0x29c625e7ab89a9c8L,0x0000000000000091L },
-      { 0x4ce3b817f18f870aL,0x07ae3556c595c23cL,0x314772b0444d3dd1L,
-        0x7f09c046fc8efafcL,0xed25d47e330b71bcL,0x604967dfcf801ce1L,
-        0x67101fd2467cf3b9L,0x3ec2c9be15a86011L,0x000000000000005eL } },
-    /* 22 << 35 */
-    { { 0x5ee4bcbf9aa0a8c1L,0x3f701e41a37cddbfL,0x57790d50253a2decL,
-        0x594f2c7ff30ec59cL,0xd104ac878a383d81L,0x28c238510097bacbL,
-        0x961c3dc36de5b94bL,0x21b3dbc6dd673666L,0x000000000000004bL },
-      { 0x223f6e40bde60673L,0x8109ed96d88c2017L,0x3ce877773b960bf7L,
-        0x36b20625e3dfdd86L,0xc959fc6a737dc9e9L,0x9f3acc42635e8d98L,
-        0x4c171a9b4e87cf60L,0xec218d66033b148cL,0x00000000000000ecL } },
-    /* 23 << 35 */
-    { { 0x7f91a5a7bade2b11L,0xb2db06128afc083eL,0x17ac0a6acfbf6469L,
-        0xf0a36b26bbf78b3fL,0xa69725b4b4b48af4L,0xda7604dc4099e049L,
-        0xeaafe16b1c309bb4L,0xf50567b89f231c92L,0x00000000000000feL },
-      { 0x4fbc4f36d6af3953L,0x704506374fa5818dL,0x71c67575b7d018d2L,
-        0x1ed130f60d98cd48L,0xbba32ed1f5abe4f8L,0x90a0d5512ef01ac1L,
-        0x45da1ef510ba9c66L,0x28d732789d8a6865L,0x00000000000001e9L } },
-    /* 24 << 35 */
-    { { 0x4b52f6fc34afd3ffL,0x246423c4e0c6879cL,0xd21db87bae1f9e19L,
-        0xdb92edd51b56152cL,0x4a4aba09d420e95aL,0x21e9b73d912bbaafL,
-        0xc22a8b330f004632L,0xa90e4438f3b78c5aL,0x00000000000001abL },
-      { 0x7bb69d03a21ab7cdL,0xb0658b924a91742bL,0xd7386c4d4adc7123L,
-        0x981e8258ee6c6852L,0xb2ae71400efe8332L,0x5b91d439245b9f6fL,
-        0x8f2118290fda3b1fL,0x54beff28842e2ae7L,0x000000000000006fL } },
-    /* 25 << 35 */
-    { { 0xe8b3dacc713db46fL,0xcb8349a7f7365288L,0xa68504d17f939e4bL,
-        0x51411b60ddbe781aL,0xf7a8ba4b0fac5648L,0xed3a51aa99f6d936L,
-        0x4ba023ffd3588b2bL,0x16e53adf129cf4e2L,0x00000000000000c6L },
-      { 0x02ca237308fbb8e1L,0x90ae9b6d0b60e3caL,0x6776eee587d8385aL,
-        0x0d6b1b9314bc9d4aL,0xf68d1f6c8be2915fL,0xd0e01dedcaf0f0b9L,
-        0x31e1a76c60db9ce0L,0x882c3e86268d5f62L,0x00000000000001adL } },
-    /* 26 << 35 */
-    { { 0xb7715ceaf14e77a5L,0x30b15cbf85d3eae0L,0x99aada434b1d66a7L,
-        0x11e13473f303a321L,0xe075d04ca3c2fa64L,0xb02855205f4d07aaL,
-        0x3d838d13e5d0dbd5L,0xd65785326adca13dL,0x0000000000000082L },
-      { 0x3785f4d05fa73d0cL,0xfaba0633c4098f4dL,0x9d0a4e294f749d9cL,
-        0x5966c3debe4319fbL,0x97e059ae1a5367dbL,0x0333cfc26fa3debcL,
-        0x38e9675b283be3d5L,0xd800fdc824d7367aL,0x000000000000017dL } },
-    /* 27 << 35 */
-    { { 0xe425802eb9ecf83eL,0x67179c5efe330a56L,0xa25d8b602db73eacL,
-        0x6e954907ce31e6bfL,0xef2500fedf0e3b24L,0xacd2851f01fa4396L,
-        0x836d694c844ce475L,0x1a7d6c59d48a71ebL,0x00000000000000ebL },
-      { 0x25d87aac9839f111L,0x09fa18f8953ff5f0L,0x9b079ca013ca276cL,
-        0xcfa23f4558b56ba5L,0xbee77e5598b2b4caL,0xc8c1a305977b27daL,
-        0x8481c92fbcc31ad3L,0x88afda5311734146L,0x000000000000010cL } },
-    /* 28 << 35 */
-    { { 0x7532ad64b77714eaL,0xaa8b0d323e2ce07eL,0xaeaa4744b51e888cL,
-        0xfd08f7188e7b5816L,0x57016828e993b6a7L,0x69a9d410ebc5408dL,
-        0x2c0a373da91c70a1L,0x5b583311992d9800L,0x0000000000000197L },
-      { 0x93f02d300402323aL,0xeefa9c5481b765f8L,0x99557a399c28c31cL,
-        0xb410e5842d8a08a0L,0x70568fa7fe1a202aL,0x4ac9eaec07bcf04cL,
-        0xe4f69dc4367c9a04L,0xb483bddb581e3bc5L,0x0000000000000178L } },
-    /* 29 << 35 */
-    { { 0x54c022d2e7b598dfL,0x79e2cccef073700dL,0xa5336c980669c555L,
-        0x27cdeec12dc4509aL,0xcfed8ba84197e364L,0xd45ef416e15c075aL,
-        0x29454994f444e86bL,0x799e40a7cb4d8ee7L,0x0000000000000060L },
-      { 0x0000babdf8d904ecL,0x7653dc720e4e5eb3L,0x0d0087d05b6f7b42L,
-        0x38be9b10a6df9d85L,0x1240afd3b918bb23L,0x23d4f0c546176345L,
-        0x8242efed0c47ed2dL,0xd81070a93597fe3eL,0x000000000000002fL } },
-    /* 30 << 35 */
-    { { 0x1a52836470b32e66L,0x5b76dabb0e9b3086L,0x48b57c94382fa85dL,
-        0x49de76759cd9f361L,0x6c744071b5f63c2bL,0xb7067ebbe741cfa6L,
-        0xa95efc93702d19c9L,0xfd647a47cb409c01L,0x00000000000001c6L },
-      { 0x4c31f670f9f06368L,0x775b1698a075c748L,0xfb6cbb0fe7656e7dL,
-        0x69c0f805da1881a5L,0x1267496cc2fe6b31L,0x0612fb94d8926ee1L,
-        0x561807476cefc9dcL,0x5518665cf90f2aa2L,0x00000000000000e4L } },
-    /* 31 << 35 */
-    { { 0x64d0965b1258699aL,0x4318a056f7bd1b22L,0xe86e065bcbafcc09L,
-        0x7607f0446a179875L,0x368d4f652cc4b9b5L,0xae4dd2ebe34674b6L,
-        0x8ff7af5a487e0831L,0x6c65f9af48388679L,0x00000000000001f0L },
-      { 0x30078bec2c49e55bL,0x353adc525131ccecL,0x1a60d3e32e7e4f72L,
-        0xcffb559b0d8f9cf7L,0xf7ba89a6b2eb6515L,0xee0b6927ba852015L,
-        0x691a678d8a982a09L,0x70d6cf66d8d36085L,0x0000000000000178L } },
-    /* 32 << 35 */
-    { { 0x1683448de93ef527L,0x158fd9220e5b6f98L,0xcd0bcea6e23f2fa6L,
-        0x455d35de15982d3bL,0x2fc788d7bda98d71L,0x65d44c08f139b889L,
-        0x219749fd4105fd65L,0xa9ff816ae02f1fd1L,0x00000000000000f0L },
-      { 0xa2a53148e55948cdL,0x2d952f500cc0a0b5L,0x26f77e7161839836L,
-        0xa8bf589aad87bb45L,0xaf21e0fc6a9296e4L,0x917881207d394e96L,
-        0x47f3d38968622361L,0xf17141da090a8cb2L,0x00000000000001b6L } },
-    /* 33 << 35 */
-    { { 0x01279781a9d1af36L,0x135633e6209d1854L,0xca9959c34bcc2c26L,
-        0x9ea2bc68a8553b2aL,0x5f97d137804b7466L,0xa1790fc774b3739fL,
-        0xe150cdf4830b9a2eL,0x3b7a3f5850e4d1e3L,0x00000000000000bdL },
-      { 0x75a53d5299105ebeL,0x4fafc9b8bd00206aL,0x9fadf1e5d48baa99L,
-        0xcd2c901c2526d67dL,0xc2888298bf4b9ef1L,0xa185bc6b5615d788L,
-        0x66f7aae4c02b90eaL,0xb58dfd6d544bc9c7L,0x00000000000000d4L } },
-    /* 34 << 35 */
-    { { 0xbeac5a04dc3598afL,0x57afe9de8974646fL,0x729e165d14018728L,
-        0xdb5aa250c48f69fbL,0xbd3732ca6a2a9532L,0xfb8b66ed0953ae9cL,
-        0xc4b2791764a63ee2L,0xb3cee5a7b501889fL,0x00000000000001d5L },
-      { 0xf01d492bc01b6386L,0x940d92c8f50d3221L,0x5fb0717d1df2850aL,
-        0x53198fadecdc9e39L,0x3b43aaab37221dedL,0xa776ceb1fdfd723bL,
-        0x795561a2d6f780ecL,0x0ddf9112bd9c4c20L,0x00000000000001f2L } },
-    /* 35 << 35 */
-    { { 0xb2b958b192246bb4L,0x9ec1fcb042a8ec26L,0x7d035e6622501d65L,
-        0xef96b924dca60d56L,0x40aa7306904e72ecL,0x65df4ceb51cae3feL,
-        0x5588726f2e43f4adL,0x01b8b3c1ae60824eL,0x00000000000000d2L },
-      { 0x274d226496d3ef76L,0x706cf68d25663f29L,0xe211735d2bf5fb14L,
-        0x40d4f39b286e96f9L,0x2c31dc264a2cee83L,0x074f6ff7ccc7a3dbL,
-        0x049ab010073b5faeL,0xe8f39718a3d95de9L,0x00000000000000b2L } },
-    /* 36 << 35 */
-    { { 0xa58e956bdb750655L,0xfe67d0fba11d4441L,0x802a67090052ef49L,
-        0x7b37040d5393e1e1L,0xad57cd92a8bb9edbL,0xaedc34ed19bbc0edL,
-        0xb8126e59b39c8f27L,0x6a9f6ff2bda531eeL,0x00000000000000d5L },
-      { 0xc8b6e197c6cd7feeL,0xd9b0106ebfc7cd1cL,0x3c0e289b85aecd74L,
-        0xedb8f5b324b94e66L,0x3d0c40fa4ce2b7b8L,0x849aa40d48dca638L,
-        0xd6fc723dfa48d109L,0x4515db8af5dd0476L,0x0000000000000193L } },
-    /* 37 << 35 */
-    { { 0xb0683294383e3ce8L,0x844dc47e33ed51a1L,0x50c94e00d5996d55L,
-        0x267925bb3bd6b4f2L,0x604bd4192b0e3cc3L,0x52095d9846421982L,
-        0x55192496666ba499L,0x606df30c07e53b0dL,0x0000000000000092L },
-      { 0x3f2abad16f768ae8L,0xf2e7735ad41589c9L,0x61e8c3dce8516d55L,
-        0x28e7a45b76303e72L,0x2b702b792e5c0204L,0xdf2882d56c2ea1b0L,
-        0xebb4aaf6636de2e3L,0x9004996c994b5397L,0x00000000000001ffL } },
-    /* 38 << 35 */
-    { { 0xcc3ce574ac6839afL,0xd81a4213153dc2e1L,0x64829f778956f5daL,
-        0x884a66eb32d3dfacL,0x9a52938ce79ff6f0L,0x0d56f215990e8a04L,
-        0x723fbeb5a65e0186L,0xf97b1537897e6514L,0x00000000000000bcL },
-      { 0xf78198881229ee99L,0x08bf9c3750e4f43aL,0xf0b1d230513be81dL,
-        0x8d920ee5da4f7856L,0x9e796bc35527eb47L,0x55d5a35111049ee3L,
-        0xbb55397b9ccf6b0dL,0xfd8390b6d17e55b2L,0x0000000000000180L } },
-    /* 39 << 35 */
-    { { 0x8234b440d5d9e622L,0x32e428882d0e1ea8L,0xe6c81ec8c99d38ebL,
-        0x699cd82e1c6911f6L,0x6de7dd4f91d95087L,0x61e4d9397e50aea9L,
-        0xf41214b481faf2c5L,0xc1542f137ad1dfbcL,0x00000000000001caL },
-      { 0x17093e561e2098e1L,0x6971fadfde3dc089L,0xa5dd0f64be5223dfL,
-        0x8d77620a6d9a65adL,0xc3f34c417cbf0ed6L,0x7d4db21d9d25c237L,
-        0x09ca81b6e8037141L,0xc7fdf36262a876abL,0x00000000000001b9L } },
-    /* 40 << 35 */
-    { { 0xb817b9d19327a3feL,0xdf8ced7438fc86a0L,0x2f4869ed9e7c4a3bL,
-        0xc669a7c7022e4d73L,0x0712075affe0fd8eL,0xc59f461860ab5941L,
-        0x4c87781b6b168844L,0x0500f12a63e6a599L,0x0000000000000105L },
-      { 0xdf244b348e82038bL,0x78b822897d03382eL,0x8a995d805630be38L,
-        0x217987bd6eec82f1L,0x58d1319f3e083c91L,0x21230442c486ee90L,
-        0xd86f468d72c75e0cL,0x18abe0c5258783d0L,0x00000000000001f9L } },
-    /* 41 << 35 */
-    { { 0x2cd9bc83a782ee3eL,0xc6a91ca1e958c3feL,0xa54debb7cef64e5eL,
-        0x13b5af135fa73ebdL,0xbca16674c51b44e7L,0x338f4db0f95d0250L,
-        0x180e25555828c384L,0x6986868c0f86e48cL,0x0000000000000191L },
-      { 0x142eb0de6eaa2da6L,0x9637e5a057a6f82cL,0x7d8f0f3eb84c21f7L,
-        0xa3ad6bbcd40afd1bL,0x1a3cd6cdc1aee54dL,0x279abcffa6b9ea25L,
-        0xbd7ea9b9bada8b66L,0x326276b4e718fe19L,0x00000000000000f1L } },
-    /* 42 << 35 */
-    { { 0x65ac0bb815dc08a4L,0x9b10b48fc7249272L,0x2f699538403ae1cfL,
-        0xc4f720464df2cc13L,0x17bc249e14a28ca6L,0x8df067e5a41e3e9aL,
-        0xebbdab21cf185139L,0xe1eb3c38424aadb7L,0x00000000000000ecL },
-      { 0xb6e0e2277b05b001L,0xc762d6e11470a2b5L,0x6bc7a06efd43bfd1L,
-        0x5a47815c8ded3264L,0x1c717f27bd22d935L,0xe646d0b9b9dd3b0aL,
-        0x214767e6b264d058L,0x02cd9ec33f311afcL,0x0000000000000060L } },
-    /* 43 << 35 */
-    { { 0xc955625993b6ff60L,0x86bf8b7f7fca1753L,0xb14d3c3b96187d86L,
-        0xab1072c272d71a34L,0xce7cbb0d13fdfdc4L,0xae9ae97bd5bd0917L,
-        0xf3f150fb81d80e76L,0x5c972596c81ad986L,0x00000000000000b5L },
-      { 0xa46c1d9b50ed6bbdL,0x7d7a19d1be2ea4dfL,0x60b07dd08bbf9adeL,
-        0x6588d7bf1aa70d31L,0x289483929a089f74L,0xcf439ad0c4f70486L,
-        0x8753838310931614L,0xef1f89c0cfba8634L,0x00000000000001b1L } },
-    /* 44 << 35 */
-    { { 0x830e21f1e0d139ceL,0x999277dabb3c2b4dL,0x61d61a69008b64d7L,
-        0x3ea63636ecc3e4e6L,0xf278f8248d368e08L,0x5b5021ec52c1a135L,
-        0x49d77b1348ac51c4L,0x75a6dad231d8b33aL,0x0000000000000184L },
-      { 0x8979245368b03863L,0xeee0ec59459c5d13L,0x2215a723a762a714L,
-        0x3c61664047adac25L,0x3ea9bf8cf74e1d76L,0xe81f677183aef634L,
-        0xe90d300c801a214aL,0xbdacf70fbbdf6cbdL,0x00000000000000d6L } },
-    /* 45 << 35 */
-    { { 0x549ca8a62fc82ebbL,0x0966172fefb4da37L,0xbd657773f05f137eL,
-        0x9273f3b9a0a14c1eL,0xae7674bea56d37c3L,0xe796fd98e7eeb54cL,
-        0x690f7da335a31dd8L,0xa773d549f2bc1053L,0x000000000000019fL },
-      { 0xc61a2aee6e4461e5L,0xe788fcf6f11cab4eL,0x1e15e9ca7de73225L,
-        0x203c64df06c82462L,0xb6c8a5f360b7c125L,0x10a30ced94087cf9L,
-        0x244298d7aac7db9fL,0xadd593c3e38b5928L,0x00000000000001fdL } },
-    /* 46 << 35 */
-    { { 0xac92aa67efd692f8L,0x461a4f0414aa1b74L,0xf756506f6e0d1b70L,
-        0x49b9332e7202c5a0L,0xd458392bf4a3eb34L,0x70a6f237903e034dL,
-        0xf7e74bff376f0e79L,0x1bc49634e7406700L,0x000000000000003bL },
-      { 0x69e839c6aa0f8fe8L,0xa0b25fcee8e918f6L,0xf06f66d255fd9ea4L,
-        0xe54dd6f4c525cfd7L,0x0fcb1d3e1bab49adL,0xfe97828a8d6460e0L,
-        0xc8f87d5388be0227L,0x32bc6479a1578dfeL,0x000000000000010aL } },
-    /* 47 << 35 */
-    { { 0x05a8ef77b79714baL,0x221f14fe8c448461L,0x036b54d7ebb08ec8L,
-        0xb1fe5c5abc4ae646L,0x68b64241fa20e161L,0x6c4ed74f692e9ad3L,
-        0x906e788265157d53L,0x34dba9f715097f12L,0x00000000000001e4L },
-      { 0xc9480d587381885cL,0x028e2690706a98a3L,0xeeec9a743a34e3a5L,
-        0xb249016cf655d964L,0x305946104c688049L,0x9e7bcdf9637460ebL,
-        0xc1a40951e8f969beL,0x144d1507a47ffb9aL,0x00000000000000b1L } },
-    /* 48 << 35 */
-    { { 0x93f63503110a8e2cL,0x8bcb929fed94cafcL,0x44934ed35baa912cL,
-        0x4dfc0eac7920fec0L,0xf2f642bb86b99a2bL,0x0e2e59bfd0903505L,
-        0xcc44edd3ef99237aL,0x98cde5795af6f89aL,0x000000000000000fL },
-      { 0xf279af6dd1ecb2d4L,0x2c520d717a4ba4e6L,0xce33faea662b4f22L,
-        0x5d2c6df333ddbc4eL,0x5c2f283138dcc3b7L,0xbeea8bbc5e64ea59L,
-        0x434aad230772c227L,0xcd6d33c871062cecL,0x0000000000000007L } },
-    /* 49 << 35 */
-    { { 0x59bd148246810d15L,0xbc56caa70ec29531L,0x11fe2559ba32ad70L,
-        0xcdeaf7da9b04c10dL,0xa556a5eee042abdbL,0xf5bada661c47b667L,
-        0x134006e409d62e56L,0xede1067f8a871ddbL,0x00000000000001a0L },
-      { 0xe87c38b88ef287f2L,0xee72603243670334L,0xe21a09b60809c366L,
-        0xaf24199e33fbad00L,0x99a879c66232ebebL,0xfb8b08a73b1c8edfL,
-        0xe8cbbe4589ee6cf4L,0xf4ba2e5b2ecf414aL,0x00000000000000b9L } },
-    /* 50 << 35 */
-    { { 0x332d72a9ed527173L,0x4c71937716c49b89L,0x7a127d87b684d892L,
-        0xedb45e899f77ace9L,0x68ecf908296cadb1L,0x917a4d8b8ce0247fL,
-        0xc7c634e3094ff83aL,0x095bd5da5ccc4d40L,0x000000000000000eL },
-      { 0x27e9246e4f7ddfa2L,0x7ebad205fca8cbe5L,0xc99c9b0be453080fL,
-        0x1896f632232df338L,0x2e0647ce4226a666L,0xac91062c634cd754L,
-        0xf0df151c71368fc4L,0x53d1a5a831f38365L,0x0000000000000114L } },
-    /* 51 << 35 */
-    { { 0xe1e928f1f39f6d35L,0xaf73a1624b4eae8dL,0x599d1e428e29612fL,
-        0x6e7b4c2da2bd2b03L,0xcaa94b7e5ee08f6fL,0x26452280a708c9e4L,
-        0x4753c0e9eff87fb1L,0x9b9aacc612d79464L,0x00000000000001ffL },
-      { 0xece3bccc055d6691L,0x80f7b76baa64ed7dL,0x63a1053ef4adacb6L,
-        0x3f5e833d69482071L,0x8ab2d2e776d37d8dL,0x7b4984d4509e5d79L,
-        0xe5a32d95009cb254L,0x12f2ee9dde547828L,0x00000000000000ddL } },
-    /* 52 << 35 */
-    { { 0xeb1a46cb0fe7547cL,0x7ac12a6c6dc6c819L,0xaa7ee65698dfd5bbL,
-        0xb28ce5904b306758L,0x4d7945bd2c268cacL,0x10ac23b8b94ae165L,
-        0x6e1efae24834d9ffL,0xb2b5efa68220fd25L,0x000000000000001fL },
-      { 0xbff886d8844e5b7fL,0xc242fb3908602f14L,0x9f9bce94f58b4aa8L,
-        0x80e46cc5c48583ffL,0xcf29272952d4ade0L,0x38f3ac0b3f65f345L,
-        0x8ff60c1263b097e5L,0x35ecd555287b7dfdL,0x00000000000000d3L } },
-    /* 53 << 35 */
-    { { 0x278102a1a5b222e4L,0xdc5f6121b47a6032L,0x2d38216511dbcae9L,
-        0xc63c21bf42bdb2c3L,0xafb68446d7dcac98L,0xe3685e2c3cd2e244L,
-        0x414b4974731f6884L,0xd741f91c9dca2bc9L,0x00000000000001e0L },
-      { 0xd0a669e178ac8c45L,0x07fa58a7b7b43ab5L,0x5fd07638f2052d03L,
-        0x4f0e4b2faa9999feL,0xcb9ac71370fd1eaeL,0x9410da48ebee3806L,
-        0x7fcbdae832a700beL,0x488b3853abe7c10cL,0x0000000000000154L } },
-    /* 54 << 35 */
-    { { 0x8868bd8fe499eecbL,0xd00762e79257c00bL,0x4e58b972773fae1dL,
-        0x0aff71c0bac2df50L,0x3ed0b4a37887e1d6L,0x627024cc558b9dacL,
-        0x9e13a0f7c4135286L,0x4491810f6ebacef7L,0x00000000000001f9L },
-      { 0x6d08b913f5189d9fL,0x8312190a24b2fc37L,0x3c282ef702c1068fL,
-        0x40cba7b5bcc75f8aL,0xb992a9c6dd4704f4L,0x437dc8551cf0f9d2L,
-        0x7f902ae7786d0addL,0x464c08c2f6b23723L,0x0000000000000125L } },
-    /* 55 << 35 */
-    { { 0x153be35473256476L,0x632f6ad7cdbfb55dL,0xeacb063c1701fa3dL,
-        0x711992817e50dabfL,0x8e70efe0e361247cL,0xeef996913d6c2584L,
-        0x99342b365f1a7172L,0x82aa3e46a3be3898L,0x000000000000013bL },
-      { 0xb6926ffd3bcc0564L,0x80027de19f27bfb8L,0x0a6cec9deb09b4cdL,
-        0xf952ee6b237c12e6L,0x20b2d4160475ed2aL,0x533c12b6f0643f11L,
-        0x11bbdecdac6468acL,0x651e84e95b039866L,0x00000000000000c3L } },
-    /* 56 << 35 */
-    { { 0x90a60e09bd58611dL,0x19f9e897807acd15L,0xd14b65a53359e712L,
-        0x3a8cd601ba2e3c02L,0x3ebf3dc780855419L,0x0ba3dcc9993da1c9L,
-        0xd926fa9c763aea46L,0x5ee8f9003720bb78L,0x0000000000000094L },
-      { 0x9ab2f1db266ccac9L,0xc5c9efa5c6c9d71aL,0xe65768f4ba1a6c65L,
-        0x80f0f12041ee29cdL,0x8fbbe2f2a9fda865L,0x678e08db3f325a3cL,
-        0xd72a224576840159L,0x934c1904a4d8a7b7L,0x0000000000000108L } },
-    /* 57 << 35 */
-    { { 0xb8c07819e38a2661L,0xf92e9402c650e59dL,0x850a80f7d03a96cbL,
-        0xf0ea0c7a76ee02d4L,0x02d96e07379b1ef3L,0xd5859369a8a6f8e5L,
-        0xb4f7b27644e88c39L,0x8f739a71219c6d30L,0x0000000000000186L },
-      { 0xf88fbdd26ae83e11L,0x1fc231f84717aec8L,0xce4d216fe7ac9dc8L,
-        0x8c12832abc741f40L,0xa80e842a9f5a5cb4L,0xb9bc23a867283096L,
-        0xf430ff4d9f6dbbbbL,0x45c97a92f754b3cbL,0x00000000000000ecL } },
-    /* 58 << 35 */
-    { { 0x16ae9ad4b70d4afdL,0x9c91d2ff7b8ce81cL,0x3e1a68ffeaeff601L,
-        0x99980d7d3c05df00L,0x96c29797ec215736L,0x6b6bf83e0a99316dL,
-        0x8054259cf62899d4L,0x9f39008f36676143L,0x0000000000000179L },
-      { 0x2a1d68baa09fd65fL,0xb072da01ec5477d0L,0x140d29fa404cf420L,
-        0xdea8aef7aeb69f20L,0xea9606763125f663L,0xa26de345935e02bbL,
-        0x4c0152b7e9df1fe1L,0xda6d781f6b1162bbL,0x000000000000019dL } },
-    /* 59 << 35 */
-    { { 0xbb583f128d5542aaL,0x1e29f9ecad0e801eL,0x02f793efaccc9b85L,
-        0x1860130f78b3365aL,0xc802165b57c401c1L,0x6f5837856b64648eL,
-        0x78f10b17e6256a68L,0xcd0480700f5c43c2L,0x00000000000001b8L },
-      { 0x1e171d092dd5f89eL,0xc80605272a1458eeL,0x63b259191e335fe5L,
-        0xddf7e4de6c2fe24aL,0x80d9ad40e1a3ca49L,0xba447a3c45a9751bL,
-        0x79a8b213fbe20918L,0xf998902bbd826959L,0x0000000000000114L } },
-    /* 60 << 35 */
-    { { 0x4d0c9dda2123b077L,0x3719ed5f6ec3e16fL,0x76e14fb3c9becf2aL,
-        0x7dc73e7accf6aa22L,0x0a75e100ff4a5f27L,0x2989ac9a67dc8054L,
-        0xb33b298936f3d4bcL,0x0d79fbdf97f57f76L,0x00000000000001b4L },
-      { 0x375f79ecdba7f5bbL,0x74babfbe620e1045L,0xaab000d015cd82b4L,
-        0x8d9157aa4d992702L,0x6bcd5a63d172ff7fL,0x21e3f97b1b8b959cL,
-        0x441526998f55153bL,0x77e4a535e4da53acL,0x00000000000001fbL } },
-    /* 61 << 35 */
-    { { 0xc760c5eb35a8ed76L,0x8541ae9427f20985L,0x8a3d6f6810483c73L,
-        0xd591830c3769b499L,0x398ce1dcc595ef94L,0xbc869a47fb6918d3L,
-        0x9142551146b1edc9L,0xf492ed9dd2a4555dL,0x000000000000002fL },
-      { 0xd7e24885b950c177L,0xf90c3a0f3f6c9fadL,0x415add2251346351L,
-        0x756021d26e45e3f0L,0x72d65b4ecbc2463bL,0x53f3c07f1d91adb8L,
-        0xfd0b41b9a53cbedfL,0xf9a3af4ca9280662L,0x0000000000000112L } },
-    /* 62 << 35 */
-    { { 0x6a014cb6220edea6L,0x00dcaecc734585b6L,0x8d16a80d06d56992L,
-        0x3aa9c24e844d8382L,0x71822c10f37e3563L,0xca2e4d4a8db2350dL,
-        0x799322647ddafb6eL,0x8529609524430c95L,0x0000000000000125L },
-      { 0x8c63f30844734d8dL,0xf46aabb1d60d0ba7L,0xe8395fc9b18fc0c3L,
-        0x042d21115a21c6b9L,0x1b5e8a27cdcb4261L,0x50632338e3efa848L,
-        0x60640eddc6805c4cL,0x6273c772ea293267L,0x0000000000000127L } },
-    /* 63 << 35 */
-    { { 0x386e53df690f045fL,0xf7efec6f9776e13eL,0xd24ce88d1988fcf0L,
-        0x0b5d478a3fc9102dL,0xc08a3154a9efc4f5L,0x06d0820155e4fb51L,
-        0x03e1529886b656d1L,0x456f88bd833c233cL,0x000000000000013dL },
-      { 0xbba27abb7db3562aL,0x05c60b050a210d7bL,0xd46a2c3778da9e61L,
-        0x7b6c46bc07fcae8aL,0x3993caae6c9035bfL,0x48e1c8d96b90aeb9L,
-        0x01561d3435f0b54aL,0xe9cf0fd81ed47430L,0x0000000000000003L } },
-    /* 64 << 35 */
-    { { 0xa6149ac821a91383L,0xfae0515c63176a50L,0x436d0d6a696e3e7eL,
-        0x3d44ea3eb32b2e16L,0x142644cc66f3bbe0L,0x697d5cef82322b00L,
-        0x384543c64c388edbL,0x4afedcffd395d1d1L,0x000000000000002dL },
-      { 0xa7b35fac84cec5f9L,0x003daaa65d827e5cL,0xc7c5f3d3dfc8263dL,
-        0x8dca1315d98790d2L,0xb1f54568f00346beL,0x3e6f6876de680d87L,
-        0xde73e95b6af2e269L,0xa5969ec77e8fae93L,0x0000000000000185L } },
-    /* 0 << 42 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 42 */
-    { { 0x747e8dddbc0ffee5L,0xa50f058afb9178a5L,0x14f41c93b2d52777L,
-        0xf7c95492aecac13cL,0x9698bef3b7f715d3L,0xbd7fabc2f132c199L,
-        0xbec856136e9b47a4L,0x08c7486e62f85cadL,0x0000000000000036L },
-      { 0x3a44d74eb39c9ba2L,0x22b4c6aee89de157L,0xfe4985bbb93dc56eL,
-        0x85d435bfdd1201aeL,0xa01e7f53aa68d442L,0x2a4fcf509d9afcdaL,
-        0xcc4c5b5c6b95d6f4L,0x5e8afa0e8c390221L,0x00000000000001c1L } },
-    /* 2 << 42 */
-    { { 0xaa498bba799e30a1L,0x7e193db1562eede4L,0x4dc49402f4a94bc1L,
-        0xcb63d972c4d7d024L,0x98d59716f6778b61L,0xe6c0a829b40261e4L,
-        0x5f1738fb65e3b28cL,0x3c4e80d216a75ce7L,0x0000000000000035L },
-      { 0x376d19ef733ded62L,0x9400e36e0a93203dL,0x013ef7caf98ba94bL,
-        0xb7556ca035756aaaL,0xc6b8b05a2f643611L,0x23891b32438f759bL,
-        0xecc9927e27f69733L,0x2ebe0180969ae58dL,0x0000000000000069L } },
-    /* 3 << 42 */
-    { { 0x9417c585174bac49L,0xac479ed35fe90109L,0x40cb51ddc374556fL,
-        0x2767e7c46cf0ff89L,0x0df9e9546a284db1L,0xbf89af89b317ca42L,
-        0x863018a69d05c5e5L,0xb68c6f8129717e9eL,0x0000000000000151L },
-      { 0x69a97e79a12e3bd5L,0xc85780bf4a057173L,0xab4d585f2bfaaeadL,
-        0x039589dfaea4c334L,0x38823f8a9a840138L,0xe4448b345b0d8117L,
-        0x9fc3060247e9d309L,0xf9f42989a44f2124L,0x000000000000004bL } },
-    /* 4 << 42 */
-    { { 0x6f7f2fe8b6813f72L,0x95f979fe940210f0L,0x42cbd8d71a409657L,
-        0x2e2d2f08474c141bL,0x63e5eff052a6a362L,0xcd24503eb1c5a27dL,
-        0x30335d77db08b256L,0x827057cf9724bebfL,0x0000000000000003L },
-      { 0x6b372ca7dc5feef6L,0x7557c331d06696b6L,0x4b10d90b4a42090fL,
-        0x2c93e9846f10352bL,0x72ac24ff2b8ded01L,0xfa53f5dad8c833a6L,
-        0xc166ed4b7c9354caL,0x81df59a09e3b4cf5L,0x00000000000001faL } },
-    /* 5 << 42 */
-    { { 0x3d37b5c3f1e8092fL,0x52f9d7f02083e034L,0x2f7de776ee86398eL,
-        0x302298c9ac0cfc7fL,0x08b41a8f7f5bbbf5L,0x331ce968d91f52b2L,
-        0x1ec1c1dc1cb43d1cL,0x6c93d72038545bc3L,0x0000000000000121L },
-      { 0x9fbb15c9f1925474L,0x2779a1a6c6e0020dL,0x367a921594e71878L,
-        0x4a1ce464e2692460L,0xa3c5e4560c3a5aefL,0x5dc2ef3ced47ac93L,
-        0xd27ada21415bd438L,0x90ca8c3166b0f5ebL,0x000000000000007fL } },
-    /* 6 << 42 */
-    { { 0xce8865dc68f7cf0dL,0x9734bed0051db980L,0x6c1ebfc3805247b4L,
-        0xd80a3c973be516f2L,0xfdd123b9beafd70bL,0x6dec300ae3a84da4L,
-        0xe6d7e14f24178c07L,0x39810dafc4a67c89L,0x0000000000000067L },
-      { 0xfea3bf4eb47aea7eL,0x8394f3c24a4fe2ceL,0x50753f252a191024L,
-        0x39846eca1cc794e3L,0x6ce5aa37c806fa24L,0xacacd14890982be7L,
-        0xbab241b1ed46b6b3L,0x7b696b06ecc56027L,0x000000000000010dL } },
-    /* 7 << 42 */
-    { { 0xda69cd2586c38b08L,0xfca9f4e06f3fb63dL,0x80d0a99f6a96c788L,
-        0xd69615b854e77f31L,0x17eab3a318a78b2dL,0xc66044b4227cf99dL,
-        0xd2ed45988076af9dL,0x2bfd33d7c6fdca97L,0x000000000000014aL },
-      { 0xd6701f8ed292c052L,0x0b5afccd75d952dbL,0xf6cb5727fc4b2866L,
-        0x39ec93d2bb220367L,0xafb0b16b7c18bfc9L,0x198e2dfd9803aff0L,
-        0xc5ff9fc4d2b124a9L,0x7ff8ab6a82414a7eL,0x0000000000000009L } },
-    /* 8 << 42 */
-    { { 0x8ce9e114e43c6a8bL,0x4ee9f8b0804168b8L,0xf5fffd5b5fa74509L,
-        0x4589d84cdc20088eL,0x00cdb864d8cca5adL,0xfab8ee1674cb7285L,
-        0xd5e46fc6ab702098L,0xcaeb2ef79cdb1896L,0x00000000000001ecL },
-      { 0xf5886bbc26b04438L,0x61613d0ed9567198L,0x749eb5d8ca99b91eL,
-        0x5861944d53b41996L,0xdc22071c54df4765L,0x1f6288a8b8414aefL,
-        0x6b34db2f7ff1c5eaL,0x5edf2873ff5262b0L,0x000000000000002eL } },
-    /* 9 << 42 */
-    { { 0x239a57b62bd9413dL,0x341d26f30136f66dL,0x9e4222cf78b3a484L,
-        0x76a6fe313e227fb8L,0x9d724ac0af025ba5L,0xddc57fc691ab5699L,
-        0x8b768f35e278e0ceL,0x485f7b177c12687aL,0x0000000000000198L },
-      { 0x3d6e79f4688c325fL,0x45b4d50680cb1ab1L,0x92f89190ab8640eaL,
-        0xd70c0dc4e079ffe5L,0xa80c729bdd78e9ecL,0x2b7956208591ab90L,
-        0x5cd2ea6e7f90dc9bL,0x7790417ef057c6c7L,0x0000000000000024L } },
-    /* 10 << 42 */
-    { { 0x3688c2cfb08b842dL,0x46e70a8b509af85bL,0xa580b032ae4e0ff6L,
-        0xb945d72433674d0bL,0x58bfa0dbb95b1c05L,0x3e5e9d8e35ca8038L,
-        0xe0ef29bd3ad503b7L,0x9f300fc22fae5708L,0x0000000000000148L },
-      { 0x7c225981128ae9feL,0x1d205a4dd0101b45L,0x95c33725f98e3575L,
-        0xc2c9df812443a70aL,0x1be7bd1c134b6ea6L,0x70b8bd656f1a4e1fL,
-        0x7d3e41455ee45a2eL,0x27bc05477e8f38cfL,0x0000000000000117L } },
-    /* 11 << 42 */
-    { { 0xd8495a1a4ffde107L,0x82acb1112b7f0d9cL,0xaf106329c3622c88L,
-        0xe61140ff59f698b3L,0x75bd953659068866L,0x03d5841c591b7a27L,
-        0x967eb69f7bdc7639L,0x504f158a5e4ec11cL,0x0000000000000137L },
-      { 0x4b1ed56a9f2d48a4L,0x9f0ade2220312abcL,0x07898cc964b74837L,
-        0x082d0eea21d92392L,0x6c1103086781ebf3L,0xef9ecbe4e9ad8425L,
-        0xbe46c0f330b02c57L,0x2b1d60726267db5aL,0x0000000000000139L } },
-    /* 12 << 42 */
-    { { 0xcb9e50b3cc6dce31L,0x0b656fda60399388L,0xd3104fa3600d4b62L,
-        0x7cfc68acb660e0eaL,0xd8c2218add9f415fL,0xb3e0d7c626c649d9L,
-        0x37e6279f4d09f7fcL,0xe9ef720e136ad787L,0x00000000000000e3L },
-      { 0x0bada672d03870d7L,0x553ef23f815592e0L,0xc1132ad8b8dd5471L,
-        0xd8666e9fb80b521aL,0x38f49d542c62908bL,0x3095f1bec9f15b3cL,
-        0x5aa771bafe8866d7L,0x0fa253a28590b3cfL,0x0000000000000015L } },
-    /* 13 << 42 */
-    { { 0x6e37d1fe56b126a7L,0xdb1215088ecf27a8L,0x3012eca692def89aL,
-        0x03761cf976effd5cL,0x9b49af9365fe555cL,0xd4cd598969a41926L,
-        0x506c406f65022be0L,0x4b49c23050baebc6L,0x0000000000000154L },
-      { 0x6fdd3549c425eca7L,0x42690f8c7dd8dd57L,0x866a6a5097938d4fL,
-        0x6e77025f9055da56L,0x7ba19f35e0dd3935L,0x57a71e7db1e74f01L,
-        0x4a9fffaa48000494L,0x5c18a259085743ccL,0x000000000000011cL } },
-    /* 14 << 42 */
-    { { 0xd38ceb253d23e873L,0x94c2501ab6c80ee0L,0x8d03f7c2d5c233a4L,
-        0xd86ee22efb9f0759L,0x8b57c3981344aa31L,0x21f15c8d4b44d7e4L,
-        0x22cba67334bf4ed1L,0x2d459d4f587690f1L,0x0000000000000038L },
-      { 0x3b954f93b9acda8fL,0xc41e5265e7721250L,0xc76c15110881961bL,
-        0x2a0b4efd6e53d2c8L,0x350455dcec0adfc1L,0xd7ac97bd922255b8L,
-        0x39d023ee4c4c50cfL,0x1fc03d079473b093L,0x0000000000000183L } },
-    /* 15 << 42 */
-    { { 0x57c3a1e1315a5a83L,0xb75058039091dc2dL,0xb9c26bcd9d320a7bL,
-        0x13c81a8a12c8df41L,0xab970177f757a70dL,0x8f2be088a4a27340L,
-        0x01636d7437506668L,0x940d42aa8a92e58fL,0x0000000000000025L },
-      { 0x32a6a8b7201c31e5L,0xd1c8f9cb0fcf80e1L,0x7fc5fd9302fcef41L,
-        0xa09c4c02472f6386L,0x6a852fb75767dd02L,0x995703ec3d17f69bL,
-        0x10cde7934fac3a32L,0xafa0f0edf71bbd98L,0x0000000000000065L } },
-    /* 16 << 42 */
-    { { 0x49d0e9bbf1a37365L,0x650f8e4e523ffafeL,0x37b691a0517b3aacL,
-        0x73372e761824cba0L,0x0c0a1ac3063372e3L,0x2387470841aa63edL,
-        0x1d70995daf840388L,0xea733e27491b2e8dL,0x0000000000000122L },
-      { 0xeb6e7c3b573b43edL,0xa645f29308f87584L,0x19a56fe0af100aa9L,
-        0xb767ce92b1d5fdbaL,0xdbf9b1b20c349030L,0x42f0cdf3586e1ab8L,
-        0x65876bea99631140L,0xbf016fd8268af542L,0x00000000000001acL } },
-    /* 17 << 42 */
-    { { 0x746b65d463a3307eL,0xdcff899fa57f17f0L,0xd9adca93946f6eaaL,
-        0x0ebe65fc04756a3bL,0x2653a837dfb99071L,0x3a80de4c3b8ce452L,
-        0xc64562cd4fff1594L,0x02dce3ea859d741aL,0x00000000000000e9L },
-      { 0x1a949222944de68fL,0x1535fa32a48135b2L,0x2691dcbf6a03cc87L,
-        0x99ddb4450fb1f4e3L,0x621c99c2eee93dd0L,0xb9debe99ffbc6597L,
-        0x64a5568250d2fbbaL,0xdeefd277ceda3428L,0x000000000000017eL } },
-    /* 18 << 42 */
-    { { 0x379bfe948e2cc41eL,0xef843d504cbaff27L,0xa541389d608dd952L,
-        0x7b3cda475d24e091L,0xa66d480fd051a610L,0x082af70b435609c5L,
-        0x00529182762a5791L,0x6f4651518460f5f8L,0x00000000000001d3L },
-      { 0x53c20bfeab267f94L,0xb8917621293967f1L,0x176c8af2c7ca82c7L,
-        0x875c7792331a2dfaL,0x0a34cdbeaace8970L,0x2228eeade29878a0L,
-        0x64ebbedcb9e6b75eL,0xebc8fa2c87e5fbcfL,0x000000000000001fL } },
-    /* 19 << 42 */
-    { { 0x677eec9a5c8cb438L,0x898a62466444b1f1L,0xfd46a21196472331L,
-        0x7a4f96db39ad4d79L,0x24a03f04113e2f4bL,0xe39a949531a0af3eL,
-        0x7efd887bd3774f4dL,0xc58e8360638e2e62L,0x00000000000001cdL },
-      { 0x8e289acabcd909afL,0x5c99d510d5131f29L,0x5d5122b8e85edbd9L,
-        0x919b2e2d6e18283dL,0xd740dddc5070b20aL,0xea31401ae4d879e2L,
-        0x14ff112abc0c3eeeL,0x1a6ad04b61dd98e5L,0x000000000000012fL } },
-    /* 20 << 42 */
-    { { 0x3133809747525f3bL,0x49551e31c6cdf694L,0xdfbe83625b9451f1L,
-        0xfed9c23bee491931L,0x5270a02f324d645cL,0xe323781f4175d154L,
-        0x31511e52ff475990L,0x0b60cda369b0445eL,0x0000000000000082L },
-      { 0x822e418092fa5405L,0xe78f939b6b4d67b8L,0x6f09c296265e1b54L,
-        0xf6ef60ddb6baa0baL,0x1d83f2968be593baL,0x777e06327e71d499L,
-        0x5db334162e0ded5eL,0x6800dc32357e1be4L,0x0000000000000077L } },
-    /* 21 << 42 */
-    { { 0x519d71ba17d9dbd3L,0x70caf81bde95e99aL,0x067d64fb20043aefL,
-        0x533a02d15cd816c7L,0x662d9255fa0316f7L,0x7a04f551f523f7a0L,
-        0x5e00f334ee1e5d9aL,0x246b5aebe7439ed3L,0x0000000000000132L },
-      { 0xdf48079568d4c2bbL,0x945bf6c579f10fbeL,0xe817703aa572433dL,
-        0xd9c8580c61013cf1L,0x0e77739ac9d9bbe6L,0x2d2a8c7aceebe40dL,
-        0xe5561526c853e2ccL,0xa6cf89623e9b763fL,0x0000000000000147L } },
-    /* 22 << 42 */
-    { { 0x284322075173f4b6L,0x774e95f84181e605L,0x36b97d1c4247bcb6L,
-        0x46efcfce781dc2fcL,0x401d5ab2e22608d3L,0x6b854062c32b8fd1L,
-        0xb99d2e90c0486953L,0xefcb9abbaa770dd4L,0x000000000000018cL },
-      { 0x44a667184ef47c94L,0x3a5e72bf4f3e8c89L,0xff303101df7dc70dL,
-        0x4029bc66a63c3782L,0xf74a21b993c6a3feL,0xca320f1afb0d401eL,
-        0x80d8bd7447c8d5c7L,0x20da72fc97e610dcL,0x000000000000014fL } },
-    /* 23 << 42 */
-    { { 0xe29af3f05a5540f8L,0xe1ce7efc815f0154L,0xe3ff74e8e67013a7L,
-        0xc51d9c7ce89998d7L,0x93913371cde4787cL,0x72b290126ed58fccL,
-        0x61f6d6b908f0c14fL,0xe3aafef0f44b2791L,0x0000000000000119L },
-      { 0xc72229012a036f1bL,0x1ecbb2c2387c8c54L,0x6ee742220b32e10dL,
-        0x51440a0c8a95e719L,0x3d20b7fb998fcd81L,0xf52f182651a10e47L,
-        0xbac05579a9edb43cL,0x05aefa586b0f7532L,0x0000000000000143L } },
-    /* 24 << 42 */
-    { { 0x7992da26804ed5e3L,0xac4677b05fcc6497L,0xb1a09585208ebd95L,
-        0x1c0cfae7199d3419L,0x7c862f540715a11dL,0xd23e934f9cab55b0L,
-        0xfd5d250ad4310fabL,0x0976782caef426bdL,0x000000000000005eL },
-      { 0xf78b0a7a2a7d5b37L,0xf31c5594fedf69deL,0xb2b9e3f157f76616L,
-        0xe9cfa2f23040cca6L,0x8a91bf0c5a72502eL,0x71f8a5b63c810d16L,
-        0xc9701ce42a7666dcL,0x2da80d6c216a59c5L,0x00000000000001e8L } },
-    /* 25 << 42 */
-    { { 0x869a4db4310de1c9L,0x81d5423c32f9190cL,0x42e3244d1db414efL,
-        0x09c8b865ced2746fL,0xd49a9c37e3ebcd63L,0xf0120bc11b4c24b1L,
-        0xabf538a709b52979L,0xe04be5a8f0f3fce2L,0x0000000000000139L },
-      { 0x17738b903126b962L,0x723f5845c088121aL,0xe3d9c64015629c9fL,
-        0x509e97d95b8dfc68L,0x578a3869fc16c27aL,0x1bab4b8ea2a47461L,
-        0xe1443bf0c957e6f6L,0xe9cc17852bcdad9dL,0x000000000000002eL } },
-    /* 26 << 42 */
-    { { 0xa2f2f2c1f23794e6L,0x6f6281621181e396L,0x2e9bab64fced0d2eL,
-        0x631f7e60c6bd7b02L,0xf0db7f12468fbec3L,0x854afaf573c8b79eL,
-        0xf579fbedb0de4a3cL,0xee13e418678e1e08L,0x00000000000001b1L },
-      { 0x1c725f6e874ac8caL,0x85414cf3fbbfc22cL,0x5262e129ec3fb934L,
-        0x6facf53f4a0f37deL,0x6811fea52216fde7L,0xf63e665515b977caL,
-        0x63c2344877533feaL,0x2481232a38302196L,0x00000000000001c5L } },
-    /* 27 << 42 */
-    { { 0x5e06ff9c56e023ccL,0x8a89de8fdb3e3bc7L,0xa103d54745fa4924L,
-        0x788c59a2e1c033e8L,0x4f7c33e967f782afL,0x2f37668d9ba93c12L,
-        0x73d6fb8aa10f70a2L,0xdca22ebded2fd7b3L,0x00000000000001c7L },
-      { 0xf6b6e6fbe8f38522L,0xcc7d7c45a5a249aeL,0x6a5235175bb4caffL,
-        0xbe60043dbe38ee66L,0xf0dad8cd1c96b5f5L,0xb597c1546c3e4799L,
-        0x3f06c2ab2c9871edL,0x4581dffb3963ae2bL,0x000000000000013eL } },
-    /* 28 << 42 */
-    { { 0x46fbcf70aad63226L,0xc023eb8af2c43f64L,0xab1b684ca3f42111L,
-        0xc6262621d12cea22L,0xa2539d86ad523f98L,0x76b98970b45f0b6fL,
-        0xf9874df8d788809cL,0xb24620c7ab358b89L,0x00000000000000c1L },
-      { 0xdd50316f92e3b976L,0xb6a2fed9ecdf1dc5L,0x746bb5d67f40b693L,
-        0xb76ce9e40572240eL,0x5c65a823084f25baL,0x51ba6ed9b9890ec6L,
-        0x3930dea2cad192d9L,0x2c78150416dd9bfcL,0x0000000000000126L } },
-    /* 29 << 42 */
-    { { 0x3e8797c7ef8491edL,0x7842b2dd5f13493eL,0x2c99f9363afa2890L,
-        0xe3e157b785014501L,0xaea92ae17774f4f0L,0x05b7b3bc560e63daL,
-        0x3d2b8875bf8030a7L,0x21095ef3004c61e7L,0x000000000000004bL },
-      { 0x203687226361e4fdL,0xc9d8ecca7cb95f1aL,0x1063e19ed5c7cc5eL,
-        0x0bb0e71d020a9508L,0x5b895541fb092e99L,0xb1733fb8dae4a59cL,
-        0x2a3ef56b29edfb53L,0x75c1ba1c389ab3bfL,0x0000000000000090L } },
-    /* 30 << 42 */
-    { { 0x0c3e572a0fc1e4e8L,0xdbded0b529787f66L,0x103a656853b84d7fL,
-        0x939253ddc74bef10L,0xcc3f928f5bb84406L,0xbab921429ba6615cL,
-        0x41a9b386cf35dcdbL,0x750c32e133bd6fc7L,0x00000000000001cbL },
-      { 0x0fc37bf5d0b0d141L,0x213a97d1ad59d2e5L,0xcc1dd07db86e3859L,
-        0xb3b4668f4a229914L,0x258c47aac41c94f3L,0x51d26a397745d941L,
-        0xebbd50931809b9a4L,0x9a31e3caa6f1976eL,0x000000000000010eL } },
-    /* 31 << 42 */
-    { { 0x12b398e7ecb584d1L,0x71379d000fd02cf8L,0x5d69a03de25d53e5L,
-        0x724445bba9cf6c9cL,0x97942b084184b050L,0xd8e7770f8a903d8cL,
-        0x23be2cd6e285a39bL,0xd8262c7f54e43dfbL,0x00000000000000faL },
-      { 0xb1dfd3321171711cL,0x91720264c55e34d3L,0x6c2fe07176ef48eaL,
-        0x50a86d8419f04ea9L,0x21b234876ef9f5adL,0x2dd2953198ff68afL,
-        0x2ccd5b31e5be2b6cL,0xdad0c4408cb81a45L,0x0000000000000078L } },
-    /* 32 << 42 */
-    { { 0x2631b3c36ea5e7eaL,0x0576e1edc566c837L,0x1e50e071ac9c1eb8L,
-        0x5e74360ea8482d3bL,0x2e037e7718ceab4cL,0xf7d17456c8424fabL,
-        0x202efbf582fe1841L,0x410f708c8cca4c68L,0x0000000000000165L },
-      { 0x659dece0d00ea056L,0x495170f43d1301caL,0x749e3276cf2c6e53L,
-        0xc0f5d00087b6f996L,0x46b7c068dfd50725L,0x83e9d3de67ef401bL,
-        0xec1cee4e3d4ef196L,0x31583197bef2dd76L,0x0000000000000023L } },
-    /* 33 << 42 */
-    { { 0x4aaf3d3a2d846afaL,0xcf35de6580c606a7L,0x022deb760cb93fcaL,
-        0xa0e60afc96fa361cL,0xafcf7cc90b377305L,0x876c066cbc5e9abeL,
-        0x5632b4763bfd78a7L,0x1271111fa016a308L,0x000000000000007aL },
-      { 0xe762fb74fe8f5299L,0x7b179b4e4b614b25L,0x7e5de5c81f840510L,
-        0x69047ec18d783eabL,0x98b381ec3516e026L,0xe7778e602da90ec5L,
-        0xf3b4d6cf5930e668L,0xc0bc0326fa9e8051L,0x0000000000000157L } },
-    /* 34 << 42 */
-    { { 0x2618f715359a6e41L,0x9132721a8b5e4de2L,0xfbfcf4aad2b349c7L,
-        0xa4719bf086415128L,0xac080de43058d78dL,0x588b76300c29ab89L,
-        0x847249def2b1a566L,0x090c25d01545fdf3L,0x000000000000013aL },
-      { 0xdaf439760ee334d7L,0xd847290c51ce020aL,0x62246b88adafdd5dL,
-        0xc4fabcc7285636d3L,0x5f4bbd8e908964baL,0xd76d498d43ac7a30L,
-        0x5beed326f425209aL,0x7bc22416f9dc7d90L,0x00000000000001e2L } },
-    /* 35 << 42 */
-    { { 0x512fa0c9f59767e3L,0x2b8b565b236870ecL,0x646b5d0b30d8fd55L,
-        0xc0726c70bbcfff1aL,0xf09c125e16cc9832L,0xf7d5fd367c1cfc6bL,
-        0x22257c4b1e01063cL,0xdbd248561d6d9bacL,0x000000000000008cL },
-      { 0x9ed1b5e18f3af826L,0xc42dcea6f3160e2aL,0x3f3e13b1ff834019L,
-        0x39d61040dc48b3b9L,0x557fd39ac47f458eL,0x452a16ac987520beL,
-        0x2ec6d00219505190L,0x66fac607d5b3ed1aL,0x0000000000000174L } },
-    /* 36 << 42 */
-    { { 0x1eb52d8c8961c678L,0x9318b87f5188a0b6L,0x449da5f7998c4703L,
-        0x814e23ebba1284a8L,0xc4d98c41bcd03139L,0xb1fe6bef965a1803L,
-        0xa2b5b201889a0bc5L,0xbc93a3519b13ccdcL,0x0000000000000181L },
-      { 0x17c9763ff4e51116L,0x26c730852a842e35L,0xdd6481a71296397eL,
-        0xd588b1b854f7416dL,0x59f846cbc3d62325L,0x8f0d9ad920321e09L,
-        0xd9c7bb569e1699daL,0x42a8b57f15de9318L,0x00000000000000e6L } },
-    /* 37 << 42 */
-    { { 0x90c29dc2d1043639L,0xbbc7cbdcf5e17066L,0xc249c81d9a986ddfL,
-        0x081eb4d8c19cc606L,0x2e390f829fa13a21L,0xbb500f2ce369c007L,
-        0x2f716b7cb5aa598cL,0x7ac490d538645632L,0x000000000000004cL },
-      { 0x1d73543fd62a0b86L,0xed5674cc9eb85ebfL,0xcb4ba15fcbdf1a2aL,
-        0xbe0c1e77d0caff4dL,0xcc8905381e3e3f97L,0x9513a987b2624ae3L,
-        0x6a93bf660437efabL,0xc7ab75cc119e6bc7L,0x0000000000000146L } },
-    /* 38 << 42 */
-    { { 0xc2ae2ccee84ed2b5L,0xefb47683e2c4c512L,0xe86fe38992bbe0b4L,
-        0xb027a47b2d4a353eL,0x270a319fed2c3482L,0xb5470e60df72b036L,
-        0x0264dc8895967134L,0xb410a2f4bfe6af47L,0x0000000000000063L },
-      { 0x1d1024bb7ae0582cL,0x88675bcfef5e48e9L,0x0d928096f5e8824bL,
-        0xf172a15d94f0edf3L,0x1deda1cb3b823a69L,0xdc3722f122ea0b88L,
-        0xdea7f8583437020bL,0x16543f8ce317d065L,0x0000000000000187L } },
-    /* 39 << 42 */
-    { { 0x1df3bd54a11f8d7eL,0x76b9ed25db6b8ddcL,0x5bc6ebdf63a01f8dL,
-        0xf96b8f72b7f1589dL,0x94fa3a83a5476f8dL,0xcb63499a5fde5d1eL,
-        0x7f89c36d688048cfL,0x3e2f2d487a377a21L,0x0000000000000169L },
-      { 0x8537c54896c0c39bL,0xeb98619a0dbf2821L,0xa5abaf6ffc11be9fL,
-        0x88d3c0a10a5b0478L,0x4cb55dcb4c72ea75L,0x7585e394e753fdedL,
-        0x797b588de3417ae1L,0x82dea02b45a0ebddL,0x00000000000001ceL } },
-    /* 40 << 42 */
-    { { 0xb6f28395a29d2024L,0x77ac682616726da8L,0x295c447073fd20f1L,
-        0x9b2ec3f65856531fL,0xca27a7659555237aL,0xe497546f7a7bffedL,
-        0x4f51b73ba508d541L,0x6b23a204befd9c3aL,0x0000000000000039L },
-      { 0x264295052ddd93a9L,0xda92059c3ccf01dcL,0xaeca4b1d851d4cdfL,
-        0xf7fcfb537e0ca450L,0xe87d6e18cddb9a15L,0xb126c191d895153cL,
-        0xc8a744137e5a46c8L,0x36ad8a91de12f4f4L,0x000000000000018bL } },
-    /* 41 << 42 */
-    { { 0x74ef02d265e852a3L,0x324fed680f658cfaL,0xd466f103eca3fc85L,
-        0x6034b5f0a0f02951L,0x806ff94ed0dc2633L,0x70ab663177e83219L,
-        0xbda70dbc6db52c50L,0xbb7c538955b0b5a5L,0x00000000000000e1L },
-      { 0x0e0d975de1aff7efL,0x3e308234bae3e688L,0xaf6711bacf272359L,
-        0x62d70d6cffc92c50L,0xc95de419f4cf9c6dL,0xdc7dead78879f341L,
-        0x33e941e09e25e4beL,0x14dc267622519153L,0x00000000000001a4L } },
-    /* 42 << 42 */
-    { { 0xd434b84d74697824L,0x40539e16acf24795L,0xd572b3054ad638d2L,
-        0xde69e6788dd379a0L,0x675895fb4f7acb10L,0xa9e7010e28b809ffL,
-        0x0c46b090bb932c71L,0x67faa77393164c0fL,0x00000000000000faL },
-      { 0x929c93f16059ac46L,0x18d944565f740f53L,0x329b4c8fea065a97L,
-        0x84919b306f560f7dL,0x861d07d5062ec3f2L,0xb7f0c7801f09dfe4L,
-        0x7bb618819bc97c71L,0xc37b2767a48c1b40L,0x00000000000000dbL } },
-    /* 43 << 42 */
-    { { 0x3e450ce0a8d0cff3L,0x2e663e6b78ff9f55L,0x9f15134d5c0ea3b0L,
-        0xa8e53ea772ce0e5fL,0x6668ae1188e1d08aL,0x11c498e6b3e48748L,
-        0xcf8e174401b97c6aL,0xa7d61b3ffb5a55faL,0x00000000000001e8L },
-      { 0x9be324b502984ae9L,0xb2ada2ccdc986c8cL,0xb73282ff92e4acd9L,
-        0x59645b6929444216L,0xb462b0ec08094d4cL,0x3a282fab8a220754L,
-        0x01b6567e6f43ca4cL,0x3413e0b6dd2bfc33L,0x0000000000000035L } },
-    /* 44 << 42 */
-    { { 0x32c6a931b227157cL,0xd276f7d0d347b7d4L,0xda50395f0ab44f59L,
-        0x5d0c517699a52be4L,0x7b0f28e7b97054dcL,0xdae56aefd8e7b1deL,
-        0x05b0180087b4ccaeL,0x21c81809274a0ab5L,0x00000000000001edL },
-      { 0xc1c7e06b9f9761c7L,0x3bd3309fc2a78191L,0x2c239fd7702a4f90L,
-        0x5686716434a9f65dL,0xf8097255c1695583L,0x9b59c0bdf8597cf8L,
-        0xe0c0ea8558996101L,0x30afb4de2622f5edL,0x000000000000005bL } },
-    /* 45 << 42 */
-    { { 0xc37c982c301c80f7L,0xc0bc3df13218b36fL,0x6c7959568f8447a3L,
-        0xd3e11b8074d687a6L,0xba0e78bbacfeab37L,0x3160260448e100f1L,
-        0xc59f32cc2759d36eL,0x919a699fe7c183a1L,0x000000000000014aL },
-      { 0x1db45cb6b237b42aL,0x6be246b1cd20d06fL,0x71175e1852d92e5fL,
-        0x1b1a559dc6379ff3L,0xf4a86e0f067063c7L,0x4f55eca2e61fb16eL,
-        0xf4aa39140b9b68b1L,0x26746312b83d83f1L,0x00000000000000d8L } },
-    /* 46 << 42 */
-    { { 0xc3d57a8323e01244L,0x6c1765687554530fL,0x17e5b0c355b8fbe0L,
-        0xea068a1726350a44L,0xf06413c117ff3090L,0x2daf2cf8baef2995L,
-        0x499bf72a2db9ee9eL,0x1a0ef8eab6efdb69L,0x000000000000000fL },
-      { 0xe1a9efa76d4eb0a2L,0x6e8182ea78617b26L,0x9b7d9837881857d2L,
-        0xf18d42363a64071bL,0x21e43124c7df9bb5L,0x223bea1620366b6aL,
-        0xbca36c195f3b8b74L,0xf6998f39fdd2b391L,0x0000000000000036L } },
-    /* 47 << 42 */
-    { { 0xa5e08e2708c182faL,0xe7dbceb058be3eb8L,0x454381379f440918L,
-        0xfb10aa677a37d898L,0x8ca45c4a838e089dL,0xae3e13c06477efedL,
-        0xf42788377871ec9cL,0xa4efd9487c02bcddL,0x000000000000014bL },
-      { 0x8058ab501915d2b1L,0xf0e0b18507a23009L,0xf312041cb21746a5L,
-        0x19702c8127ff31ffL,0x5bfc0ffa39269d49L,0x11f8306f5b2bb7e4L,
-        0x7fffa345134e7ca7L,0xdca4d5ef3f626ad8L,0x0000000000000138L } },
-    /* 48 << 42 */
-    { { 0x882e70bcf935169aL,0xbe4f1a7e9faa4bf4L,0xc00ee4b63f49bf19L,
-        0x7108876fcf2ef2c0L,0x475d94d6ee33e82aL,0x88381a2fba2b1bafL,
-        0xd6ba047a0e1d8204L,0xf49a4704c9ad93abL,0x0000000000000112L },
-      { 0x64a6ca0222fcc815L,0x35c840ded006e9dcL,0x44777fb5d7dc2178L,
-        0x3dfbe7fd91ca3731L,0x026fff77e116256bL,0x6ffb7c2a648b3f43L,
-        0x6688f6c0470a3209L,0x632e1094a98c1c6fL,0x00000000000000e2L } },
-    /* 49 << 42 */
-    { { 0xeb117f6f5c5e8510L,0xb1cacd2d52aeb1d2L,0x62bdb4954f806911L,
-        0x230a593c916da8a5L,0x8f5cf40280caf0c9L,0x4031db58a1e8c7e9L,
-        0x34c5ef907e23e556L,0x276981361c3c4694L,0x0000000000000148L },
-      { 0x99ac9916ec9b4f91L,0x432ac8cc476a48a0L,0x25d59bd336ceb46aL,
-        0x03e24d9a547005eeL,0x01435f74efa3d224L,0xa6cf7444a4870b84L,
-        0x9725e6046f067e62L,0xba420cc6d694cb2cL,0x000000000000015dL } },
-    /* 50 << 42 */
-    { { 0xba476d873030cc65L,0x40c8a7233f53e13fL,0xf15a7ebc139ddd99L,
-        0x59473015dcdd8ea6L,0x06ad0d0e2ca9faa1L,0xf95d33cc9672c4efL,
-        0x183bc0d13b31f16aL,0xc7e7132613880e33L,0x0000000000000079L },
-      { 0xd4ca8c9030b61d4dL,0x293fb721dfe76d10L,0xcd4378cd025faf7eL,
-        0x496f67ab38987186L,0x96bbf0c70b0caad8L,0x5a441f7ae9a127fbL,
-        0x292a39d18bc38c28L,0x1fa309288bff6412L,0x0000000000000006L } },
-    /* 51 << 42 */
-    { { 0x41cf0341f2c97897L,0x07ecbc3155140e3eL,0x25dbd2d5fd0e65a5L,
-        0x89d802f8ab0e731eL,0x200aa9cfaeb60ed9L,0xf2abd47318270058L,
-        0x2290980f7222134fL,0x80dd2156d98c893aL,0x0000000000000033L },
-      { 0xe4dbee4746b5197dL,0x5d110c69d34bc910L,0x2551116c7c6d43e0L,
-        0x03391f080b0a6c40L,0xe11b366d39a3ac3bL,0xda60ccdb29749bb2L,
-        0x32d05f2bfab0625bL,0xb2a3d728348b774dL,0x0000000000000057L } },
-    /* 52 << 42 */
-    { { 0xc3120df78ea50ac8L,0x124a99bf819551e9L,0x69dd9b95eddf11e9L,
-        0xde805c83adcd1283L,0x3cb8d5f8a354632dL,0x1d9dcbaf4d718278L,
-        0xebf2d04742c9aa97L,0xaf43c4b6b9b68e10L,0x00000000000001adL },
-      { 0x21edfcb3d2451b29L,0xcc9acf06a48336f3L,0x8471e8c311e3e8b7L,
-        0x3fe0082e3e1e38e7L,0xf9e09f1df6a8aa86L,0x3b445adbe946eb4dL,
-        0x83d1b8d21579db09L,0x602db173ecaa7cd2L,0x00000000000001feL } },
-    /* 53 << 42 */
-    { { 0x7d0146ba1a83feedL,0x0be06076b6b5a896L,0xabd622a1b574173eL,
-        0x4511461a9687cf2cL,0x6a8662ecba2a9970L,0xcd138a7026840ba5L,
-        0xb4600008dbae80eaL,0x446cc5d10e75802eL,0x0000000000000077L },
-      { 0x9d3f027ffb4be66eL,0x155462bc96f39f6eL,0x573003efe04e4009L,
-        0xd4b2edd219bab2ddL,0x82a7818a37b54094L,0x2619e20c3540a3bcL,
-        0xd9815146946f623dL,0x393c8bfaa09d03ebL,0x0000000000000115L } },
-    /* 54 << 42 */
-    { { 0xa34c9ed658a89822L,0x42082c28ec5d8ce6L,0xe8d9bea36ba32197L,
-        0xad2b7b6391123266L,0xc27acd5a18a3ad12L,0xcb8ed647708ef7a5L,
-        0x0c5b0ed49fb1e72cL,0xd6580f7a5e30a10bL,0x00000000000000a1L },
-      { 0xc52666b0438e766eL,0x3526912dd840853eL,0xfe1aef567ea68037L,
-        0x0d8d383e9ccb43f9L,0x17788627acf36e20L,0xa28864ec0e1a7491L,
-        0x822d8f2efcc40c94L,0xdddffd26a2b0bf5dL,0x000000000000012bL } },
-    /* 55 << 42 */
-    { { 0x48dff182c056cfd7L,0x4520fe724282fd9aL,0xfa0e53108d3bc991L,
-        0x298fb724742f02e4L,0x403a647af5b8e1dbL,0x5bcd5a1655262f9cL,
-        0x92889ba779b16c76L,0x1e26ed2971a16b7fL,0x0000000000000109L },
-      { 0x749c137ce8e9b2c2L,0xd3b85753db690723L,0x940eb70133649fbfL,
-        0x89e374f678597b64L,0x02cb67149414281bL,0x024bb7dd9f5a5741L,
-        0xe048fe4adb3b50aeL,0xc6de99b14e7a1fffL,0x00000000000001c8L } },
-    /* 56 << 42 */
-    { { 0xb48fa75a590e92d6L,0xab1888ebeeda06b4L,0xffb140dd9e71fec0L,
-        0x8fb4c8ed2a623d2aL,0x645c4442bdd3fd9aL,0x34adb68f2de96e6bL,
-        0xbd7819ec59225d29L,0xa0a8b0c5768b22e9L,0x000000000000014eL },
-      { 0xfc0ab8407662f537L,0xf75bde0788b7fcc6L,0x6dcf7e22656a1f21L,
-        0x6c1116415318b15eL,0x731751bd77a8529eL,0x23e7c2723c846197L,
-        0xc6ab7b666ad27061L,0x7e315762aad0e5b0L,0x0000000000000163L } },
-    /* 57 << 42 */
-    { { 0x6fcfbba1bbd9d928L,0xf3fc85d8a6ad07f2L,0x4eb1ce1bd5ec3e9bL,
-        0x35a18838bba23455L,0x83f9e697aa05e005L,0x51b2c15bbbab3722L,
-        0xf2f76c2f91080b97L,0x6b4c3d7b30adc94eL,0x000000000000017fL },
-      { 0x676703ce17466400L,0xb003d1e144ab5f8fL,0x5c71817b4472d0d8L,
-        0xef5dfdab35b276e8L,0x223dce9a94c083b4L,0x8fab9633c842f4e8L,
-        0x7487d2a71b32ae51L,0xa73df4521e91b61eL,0x0000000000000149L } },
-    /* 58 << 42 */
-    { { 0xe3081ef15ee16ecdL,0x572190eaa301933dL,0x717f1fbb78b476f0L,
-        0x53f3424bbecdccd6L,0xd6e3646020c12be9L,0x1a9aba50bf672196L,
-        0xc677242c64fea24aL,0x1243d8cf3163375eL,0x00000000000001beL },
-      { 0x649ea2f620d364ecL,0xef9918f9ca1347d1L,0xa690c23690a25227L,
-        0x46de1a1ee9d7a9a7L,0x04d980378f454a29L,0xf92c691733fe5162L,
-        0xd8fca5190ab84b9eL,0x142af9fc4db77590L,0x00000000000001a0L } },
-    /* 59 << 42 */
-    { { 0x9bd789058423f66aL,0x4a1a18da7b4303c8L,0x9bc361e5f078f42dL,
-        0x6df051f9fb9c9f42L,0x25d75614bbe4b87aL,0x17afd17b86701f66L,
-        0x5d6afce29d60c6f3L,0x167f180eae9efcb6L,0x0000000000000029L },
-      { 0x74ade397a1f06cc8L,0x450132df74fbcdd8L,0x5fd754812ec58631L,
-        0x7db6f5af073ebc91L,0x29bfa114e046dfe0L,0x955659d40764e251L,
-        0xc8420c2c3dc0bd0eL,0x50e6309a6943b512L,0x00000000000000fdL } },
-    /* 60 << 42 */
-    { { 0x8b2c940f98c0aa63L,0x6b8f11b6552f4b66L,0x36d68942208bdbd8L,
-        0x1a27268d6d35a682L,0xffbabe3ce3c883c6L,0xb2f48c34c7b51fa6L,
-        0xc307666acff5f20fL,0x988421026823d193L,0x0000000000000064L },
-      { 0xa307127da730707eL,0x89c67ae8b63d595aL,0x235a76d5075c1933L,
-        0x4e1488e6c680da9cL,0xbd34618dac7d5a89L,0x22131bc390fe0290L,
-        0xb6709cefe5f6d0e4L,0x6d74a464cb81bb60L,0x00000000000000f8L } },
-    /* 61 << 42 */
-    { { 0xa91ebf5aa98f49b1L,0xe9966de520c72be4L,0x399c3525d2df5446L,
-        0x30b0a731b8d64fbdL,0x85f30a4fb17ad183L,0x4178f5643bdb7251L,
-        0x0497c93c32984a4fL,0x8a5d97eb380b5a7bL,0x00000000000000e8L },
-      { 0xf2cae7dca29fd5b5L,0x73d2fdf8ff1c8977L,0xd5fc8a2e7251ce7cL,
-        0xbf3e822b747dcc22L,0xdc9332f10b7bb04fL,0x80bd7f3cbf0baf6dL,
-        0x063050956dd4d5a3L,0x2a6fa9aa22dfb616L,0x00000000000000ecL } },
-    /* 62 << 42 */
-    { { 0xbf786c4fd9712fbdL,0xd9e5f5873f8f4ed7L,0xdce2f57471fe2a47L,
-        0xb1e0427d219a6430L,0xbff2b1baae521bdbL,0xc5166a723324479dL,
-        0xd150919d6a6c33dbL,0xaaf9eba7e5412b6dL,0x00000000000001a8L },
-      { 0xcb1c3eba6cba10baL,0xacb0b7075d5d30ffL,0x25ef098c370207e7L,
-        0x74fb4cec078d8b39L,0xe0ef8c1cdd7b66d2L,0x678bee9533e9c36eL,
-        0xdcbfd88e938220e7L,0x6c67d672b4dec38eL,0x0000000000000049L } },
-    /* 63 << 42 */
-    { { 0x40811a23bc3787fcL,0xf1e0938a0cc25bf6L,0x8ea5e4b9a83d5a2dL,
-        0xeeec61008466a4b5L,0xd1e8499efe0d444eL,0xe27ecb8978890749L,
-        0x901b2a6fa043632dL,0x424899f7baecac92L,0x00000000000001ebL },
-      { 0x1c781c1973b26d1eL,0xbccb957b8f157a3eL,0xa374f01ccf29cb56L,
-        0x3271773277420ca6L,0xd147cbaa49904865L,0xbaa719955c9dce3fL,
-        0xe8d401d705fee441L,0x47f583418a001ff8L,0x00000000000001a9L } },
-    /* 64 << 42 */
-    { { 0x62b631691c3be7efL,0xdab254bf8074207dL,0xf6f1466b235a4c77L,
-        0x66f8f60fd3b01424L,0x9da540693bae9f80L,0x1a840763500f8a6cL,
-        0x542e2dd9b25994b1L,0x996307e5183b3ceeL,0x000000000000006eL },
-      { 0x45e2ae85a4b301edL,0x0640d46de1fb6112L,0x7f102d1983fc8f4bL,
-        0x6eeece3a4f30038eL,0x74d062f5912f39c3L,0xa802a55316906c7bL,
-        0xa8d8c58fe6d6e8c1L,0x77cfd9bca57b4387L,0x00000000000001f0L } },
-    /* 0 << 49 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 49 */
-    { { 0x3b61c3204268e7acL,0xf9fef1976dd3709fL,0xabd3a2d551f7146dL,
-        0x4c03d266f40188f9L,0x56e27dfd088bae58L,0x5ba4660d03fa2b77L,
-        0x56889642a39ff216L,0xc11b9feaca849201L,0x000000000000007eL },
-      { 0x357c77971dbca40dL,0x23c449c26d3c6441L,0x6ad3b6a626ca2d6eL,
-        0x32cadcb3b2ca4aa6L,0xdddc43e5ad004aa8L,0x7994e3ab37600864L,
-        0xf09f263976e4580eL,0x6a2032a0a270cd54L,0x000000000000017aL } },
-    /* 2 << 49 */
-    { { 0x598766ce569614a3L,0xfc1534f1d485cc29L,0x1f5e87ce4f099a45L,
-        0x93e6071f387d4d84L,0xa3f72298a130f8bcL,0x51372018edd37225L,
-        0x165340e9b856f72dL,0x4d64ec749011bc47L,0x000000000000004cL },
-      { 0x975d2c0d5b62d194L,0x845d25cb1bbd10bdL,0x1326f9d742ee849aL,
-        0x61f90228a333154cL,0x4993f33d7500f71eL,0x3824dc401b6dcf4eL,
-        0x1c71e193b65b8ecaL,0xa8ddc0c7dca1396bL,0x00000000000001a3L } },
-    /* 3 << 49 */
-    { { 0x35a51eeba9c350afL,0x22821a636097710dL,0xf5a5c2c95f6ee6e1L,
-        0x8f9f201269599ba9L,0xed36867f12918ea9L,0xf1a5450d0ea832e9L,
-        0x58c5a7311e15e027L,0x5a6460d600416b3dL,0x0000000000000198L },
-      { 0xa0afb24fcf8c23f6L,0xdd6966eb2d40bca9L,0x7c8d20aabf132ab2L,
-        0xc24efb7d7d32b64dL,0x26d793380c9547f5L,0x7e7d62251fb47f5aL,
-        0xf1f5880d9a488725L,0x8ec9740d38749037L,0x0000000000000030L } },
-    /* 4 << 49 */
-    { { 0x7bad211d4ca94ce3L,0x7b7bed87d66cc144L,0x7eba714bbb5ee0ceL,
-        0xc26e3a3cf5eb8337L,0xe5c617983dfec21fL,0x9c679e26117ba62aL,
-        0x6d67db8c1b6e1641L,0x1c2e077ee31c06d5L,0x00000000000001a2L },
-      { 0xc0d71279cdc2d75cL,0x0b15b14709371b29L,0xba1f3359dc2ceb6cL,
-        0x9a701873be25dad5L,0x03c466b8c8bfe287L,0x9697f32941ec3009L,
-        0x4e21e900b4a54990L,0xee1b53c8a99d3093L,0x00000000000000d5L } },
-    /* 5 << 49 */
-    { { 0xcacf7227489ba5d2L,0x1a523c29f67d6ed6L,0xedfb4ca69923509bL,
-        0x571434694ca275c9L,0x31b2e485340e8fb1L,0x1839d1e3fa9cdb14L,
-        0x0f1f4aa874423836L,0xa1f66938027614bcL,0x000000000000012fL },
-      { 0xddd453d05635bbd0L,0xf078bbfbac909f3bL,0xdc827eb809ce7304L,
-        0xbeecd2de0f10ecffL,0xee375c35e43d5225L,0xd47f1c6dc1caf971L,
-        0x6d9b9daf56133721L,0xe2e43b93763d052bL,0x00000000000000b9L } },
-    /* 6 << 49 */
-    { { 0x9a842cd1d7d39f33L,0x45d1ad8c4bca4affL,0xe490b9caf398d092L,
-        0xdb73aab1dde5bfc4L,0x3b7984d7741c8e35L,0xf0b828d5f5819fedL,
-        0xce2fc89bfbaad5b1L,0xda615df411c9e58fL,0x000000000000015cL },
-      { 0x4b01920ad96156faL,0x221381dccedf3b14L,0x98da481c5d9b1206L,
-        0x826399dbe4e4c2f0L,0x51dc45b6d73dbbd5L,0x68f639eb3f275528L,
-        0x7093a3ab2d235520L,0x520f9416e8429996L,0x000000000000013aL } },
-    /* 7 << 49 */
-    { { 0xb3638db98048a2d6L,0x0526971177f15306L,0xa09f7697de04e4f2L,
-        0xc782f1073cfbd4a7L,0x0232781e01adb58dL,0x2caf85d422724ee7L,
-        0x952f12dda5ca3245L,0x658d58a74cc18585L,0x0000000000000191L },
-      { 0x35ad5dc0145a3b22L,0xc6acb7e2d56fc847L,0xdce25662da9b5fadL,
-        0x3c6d9c6620861f44L,0x4c3680ea5c573776L,0xf59066292ac95553L,
-        0x5e70ec1c5f814c5eL,0x3ec45db4dfcde9c1L,0x000000000000004aL } },
-    /* 8 << 49 */
-    { { 0xbb59f2675c346588L,0xac37b36876f373a1L,0x4826e015a4c6d860L,
-        0x4ef341b061bdf224L,0x70b01fb4becac30bL,0x5f518cfcf0bb0c51L,
-        0xbbec7a919d163117L,0x8a65bee8de2da58eL,0x00000000000000baL },
-      { 0x965caf8e566098b5L,0xe8ba0e81afbd8436L,0x77f4e27d7299fbc1L,
-        0xf5169f5c367e2155L,0xc88fa56101a49a6fL,0x8a6a0228557b66deL,
-        0xc867f1fa8e1bee40L,0xbf4b5f806de8fcedL,0x0000000000000042L } },
-    /* 9 << 49 */
-    { { 0xb9524e1cb1f9f441L,0x0598193ea2b3656bL,0xa4259f49f5540942L,
-        0x1cfdec1f6adefa22L,0xd923db68e30584a3L,0xa2a82559fd521cccL,
-        0x3411a7edd7abf365L,0x40a53bccd2452d25L,0x00000000000000f2L },
-      { 0x56b5c3f7d570f6f4L,0x692c9ae1fbd422beL,0x76027f68bf2bc5acL,
-        0xe51a3a373e31e89aL,0xaaf34aac1dfddf2cL,0xf45a034e9d16cfcfL,
-        0x5c8fe990ce407aa9L,0xbbe2e574acf3b5ffL,0x0000000000000149L } },
-    /* 10 << 49 */
-    { { 0xc3a9433d7169c63fL,0x3551fd4733c6d323L,0x507699e2bf2ca336L,
-        0x5f6565d46878f701L,0x006acf880d019638L,0x788dfdcf4671f89aL,
-        0x4d2c708a3224fccbL,0x7802c681810c6074L,0x0000000000000002L },
-      { 0xc5576f9ad0c38110L,0xa8c3419961cfd5a5L,0x48b1d5180a8a1b9cL,
-        0x9d1cb1dff3740051L,0xd7f5a27ca860e4a3L,0x9f149f487f8bac83L,
-        0xddf84b81ac7f5c55L,0x30e0002ad9d529a2L,0x0000000000000047L } },
-    /* 11 << 49 */
-    { { 0x9585b7bc418dfaddL,0x4c58f686b5a32cefL,0x7efb7fb586cf7c76L,
-        0x87512eb00cdda427L,0xd3b27213699021c9L,0x3a1741d24f969176L,
-        0x58bc37cb14fd5744L,0xbfe9f937752fcbd2L,0x00000000000000e4L },
-      { 0x10b3c0c658cc73abL,0xcaf09eae9f733202L,0xc729ced840fbabedL,
-        0x997df02c3ccd6909L,0x4898124828c2898bL,0x734c9f989c96b3a4L,
-        0xf025ebc3f20c8071L,0xd3a570ab384f54dcL,0x0000000000000066L } },
-    /* 12 << 49 */
-    { { 0x35e45c4b84376818L,0xead0b323c0564a2eL,0xf9e0790fb6852540L,
-        0x3336a9aa55fed5a0L,0xa1dbea8ed6d817e4L,0x66ca0e37a8cb6e98L,
-        0xfeb1493cc60383bdL,0xf910ce15208ea92aL,0x00000000000000c6L },
-      { 0x25d128bd3a6aa1eeL,0x0bcabc8337d1b4d7L,0x31cb792ba825d7afL,
-        0x288f5d5b7a6b56c0L,0x737a14be66b37a0fL,0xe9005d89b6662a43L,
-        0x446d1492f1b00aaeL,0xd0be38cc545ace31L,0x00000000000000edL } },
-    /* 13 << 49 */
-    { { 0x87493232bdf7f4e6L,0x14541c5b49d814e6L,0xbbad3425fc906a15L,
-        0x2cde8410c26b9540L,0x03d8b69a2269726cL,0x522113c8df932996L,
-        0x329dda1640f1b59fL,0x1eb39fd5a2a62e23L,0x000000000000018dL },
-      { 0x3e9e4ab1d977f9b5L,0x06b3afd518f3f70bL,0xee59a274d12f3910L,
-        0x94e07eede16dd544L,0x8adc0bdaed27abd3L,0x7e4135b59fa28de8L,
-        0x6818fb61b0186541L,0xcf0f9186cc9fae56L,0x0000000000000184L } },
-    /* 14 << 49 */
-    { { 0x8532e2b84de469aaL,0xd1324820fefd245aL,0xbf47d6669b108318L,
-        0x33c64bcbd7c86054L,0x4859cbd052374f8aL,0x8339b91418337de4L,
-        0xb95a65009523dc40L,0xe759895961b6fee1L,0x00000000000000d1L },
-      { 0xf85b9031652f4cf1L,0xa2fc5e77406dc843L,0xf12c0af404306a60L,
-        0x2ad58232e20d0293L,0x884487ac3ca21308L,0xcc3570635bd3f20bL,
-        0xd673170784ae6af6L,0xb8ba5ac32757be45L,0x0000000000000091L } },
-    /* 15 << 49 */
-    { { 0xa659f5656e835f6eL,0x7ac653f268f73febL,0x9c6e43b5e00fa5c1L,
-        0x2b9b4245746bd49fL,0x3d7a750dd88d0e3cL,0x6728829167922860L,
-        0x67eac654cd8acf74L,0x5d155498c194238aL,0x00000000000000a9L },
-      { 0x7ac1ed3044b273a5L,0x4387bf6824d195a1L,0x5491474be5f20156L,
-        0x961ee2ad04598989L,0x6ba547225e180905L,0x0119d4fa7801d12dL,
-        0xe0f12a42f7d5390fL,0xb4fc030b3479de65L,0x00000000000001b6L } },
-    /* 16 << 49 */
-    { { 0xb19a5828676a875aL,0x40729f28c83a4911L,0x511949b1c6dce05bL,
-        0x25914c8c3fcf0490L,0xc49490de0c6c2742L,0x3b21feefdf6cd770L,
-        0x012d2802dd1a82a2L,0x72f5a0b76453439dL,0x0000000000000020L },
-      { 0x3e85d07d9b58e26dL,0x56527bdd1c50af24L,0x564b56587df377d0L,
-        0xf5b0335865e97a30L,0x2b22d6e96b31bc52L,0x8ad449abcccd4bbaL,
-        0x84b8b888f7c162a2L,0x3b647f0e4d56f29bL,0x00000000000001fbL } },
-    /* 17 << 49 */
-    { { 0x538386b50142105eL,0x6a36896e5d844432L,0xa3f6bbe123903414L,
-        0x806672513da50509L,0x2989b59047596bafL,0x71137e6cddb7c04bL,
-        0x6b76f4c5aaf9107fL,0xad1575a18f0a7798L,0x0000000000000118L },
-      { 0x8015bb4110007622L,0xf09b16c927c41f67L,0xc42d63b3961b905bL,
-        0x8e8d60bf0b64722fL,0x1d44e65b31893514L,0x17aef76a971aab52L,
-        0x63b990c7275e43b0L,0xa16c2ad0eabdb348L,0x00000000000001e6L } },
-    /* 18 << 49 */
-    { { 0x07120374a0e09362L,0x693d91b9dee217daL,0x69d89c4913f0cc96L,
-        0xc39d993228c1b06fL,0xa20b517e54c7a529L,0x1076b98fce82be67L,
-        0xacbfb44d04839b7fL,0xa0e7e6cbab7a6a5eL,0x00000000000001d8L },
-      { 0x5aefed1d047ea917L,0x01ab000dbcbd7218L,0x9c9729136a369a58L,
-        0xf9b364f2995e7c83L,0x15d114f8c4e2de2eL,0x04720f6fca00e9fcL,
-        0xbf1f54934913f69aL,0x4128e1d050a572a8L,0x00000000000001ceL } },
-    /* 19 << 49 */
-    { { 0x04052b0bc21341c7L,0xaa3738e32824cd0bL,0xd61bd9fcff92879dL,
-        0x1f81dbbdef405b1fL,0x50764b05b9087702L,0x1c477a0b30be79faL,
-        0x3bcf0f99f3adedf2L,0x3270cd7bfb1671efL,0x0000000000000099L },
-      { 0x2dce98e903485ca4L,0xfd79314bc4e9dc13L,0xf64590430750dec0L,
-        0xbcc8ef428a2f200dL,0x2a48ea838bcdc7daL,0xbd19939a616d34d9L,
-        0x46c4674e673a3ce3L,0xdd5c17afe21d038cL,0x0000000000000047L } },
-    /* 20 << 49 */
-    { { 0x807392c4a8bd340bL,0xed20f6e0c0dd8190L,0x9d0f81d8fd1d379bL,
-        0x410ec93adc0a7e5cL,0x660be24545c6a3ffL,0x920e232a68bfc7cbL,
-        0x3a8e589e4992a0cbL,0xf7aaf37ed0ba8827L,0x0000000000000004L },
-      { 0xf799075916cfd13dL,0x593652e05843ca4cL,0x8520e39c721fc81bL,
-        0x01c1aeddee26ecc0L,0xed48e68e20064495L,0x2049cfb8c4b50a1dL,
-        0x8e4545d403b6baebL,0xd1b2962aa041443cL,0x00000000000001aaL } },
-    /* 21 << 49 */
-    { { 0x9442441e21dd7a46L,0x5c5c5dfe1855582fL,0x411281d4104a43f9L,
-        0x6fcbfb5d529c0255L,0x69cc3d43ef383628L,0x3e5adc17455ff08aL,
-        0xb5aabfb47a16eb28L,0x464de4ae5c39b1b0L,0x00000000000000d4L },
-      { 0xb36f33a4ee570b8bL,0x7f2f0809885f3677L,0xc110d6674adb4bc8L,
-        0x17ebc77514f16716L,0xfcb24ac6d06d0b5aL,0x2a8eb070bb467ee5L,
-        0x82498e6dff7b6a27L,0x651560a7b3be99c1L,0x0000000000000152L } },
-    /* 22 << 49 */
-    { { 0x5974d160916366acL,0x4c1117ea317518b7L,0x0d910ce0a9e0482cL,
-        0xc472a9267522314dL,0xb531e038788e3d76L,0xc33babe371936389L,
-        0x651b8b5dd7e44d40L,0xff292597d3f61049L,0x00000000000001e2L },
-      { 0xe0dab29387469e8fL,0x94f31bf9b9860039L,0x49baafd0dbea96daL,
-        0xc0dac82a69701943L,0x3975417bfbced35eL,0xd932a0c9387455bcL,
-        0xedee6eec6ae9c37eL,0x004ab4ffb7a67355L,0x0000000000000005L } },
-    /* 23 << 49 */
-    { { 0x796e9c557ca11ad2L,0x58f34f3f7d85a82aL,0x591f92c027ca6530L,
-        0xd83841d85ac34027L,0x465a3ea45f65d747L,0xde92e4766398a5caL,
-        0xcca220e5e6df968bL,0x71b01c2ad75b85fcL,0x00000000000001afL },
-      { 0xdabcb750ef8429deL,0x6ca8ddffc37a94d1L,0x20d1c1e8c06f1a6dL,
-        0x16cedc9406a7eca2L,0x2af3694ef6b38940L,0xb88e20dd41111d23L,
-        0xeaedf8e6ab3419aeL,0x233e0966baf248ccL,0x0000000000000074L } },
-    /* 24 << 49 */
-    { { 0x59fa6794628233edL,0x1c30a04a25a1287dL,0x8dd4fdcabf3fad38L,
-        0x522aad840d0b6f87L,0x12a66e90d160f8ccL,0x714213f3e673af6bL,
-        0xd5e6feebad0ab724L,0x0ddf08f16a892358L,0x000000000000001fL },
-      { 0xaa50abcec077feddL,0x36e6411ee7610feeL,0xbea885d1eb815b83L,
-        0x9710ed6d5d57a6abL,0x794e6f1b85645674L,0x7608184df124cbf1L,
-        0x356377f6cc8be47bL,0x56cbd2604b3e7161L,0x00000000000000d7L } },
-    /* 25 << 49 */
-    { { 0xf3da8295fec48fcaL,0x4aa389b04868517dL,0x1eae63410e4fb849L,
-        0x2d79adaf3e627a33L,0xeb057943c16bf394L,0xf68653de184ebe57L,
-        0xafabe009c84066f6L,0xeadf4244ef303ea2L,0x000000000000008eL },
-      { 0x9cf14a2e9d04a4cdL,0xeb45f173a1896d1aL,0x40bfdff6e61abc9aL,
-        0x7fc85552930f6a60L,0xd9ca2a4361801770L,0x545752c1d7ce2682L,
-        0x75f003dc8e904de4L,0xf7d696c1e0d28d1bL,0x0000000000000138L } },
-    /* 26 << 49 */
-    { { 0x318921d51607513cL,0x4f4691aba028aaacL,0x6b89bf2c45571403L,
-        0x6a33bd35bd50a74dL,0xa12697537320b060L,0xbdc0601f7b3d4567L,
-        0xa3a545d0adadfa59L,0x1d57a713fb791746L,0x00000000000000b7L },
-      { 0xde5af490b3ccc7d4L,0x230148e32096ef20L,0x1728c17afd7a6a82L,
-        0xfe9ae61d832185caL,0x5315c8993c95585cL,0x1c5382864602f4edL,
-        0x8e2eb045d51e72feL,0xfd69ab13b1dfc663L,0x0000000000000103L } },
-    /* 27 << 49 */
-    { { 0x907945a9e512926eL,0x0b965ac514dff417L,0x6e735674cee891d7L,
-        0x9560323e84d70b73L,0xb20c6b12b867ed3aL,0xa8c57b78f3e266acL,
-        0xaacc72a9031e4af9L,0x21a577716c8def4aL,0x0000000000000042L },
-      { 0xc3c3673e5eba099dL,0x9adb0cfb96d46b1fL,0x360e2fce94637eeaL,
-        0x96d93ecf8c797569L,0x2044f2cabf3878dfL,0xdbd03f0c8a4a46abL,
-        0x0aa2542188fd829cL,0xe10b564de070ef95L,0x0000000000000024L } },
-    /* 28 << 49 */
-    { { 0x5a14d2a9e7beab9fL,0xbb93a9d2eb30ccceL,0x033eff382f6c4435L,
-        0x241389884ca1d8d9L,0x683fded4354372d6L,0x3a5733b79f237e56L,
-        0x8cf9a5daed9be593L,0xfb98100be321dc4eL,0x0000000000000062L },
-      { 0xe3c8df880c2b9ec8L,0x1e3f4b351aab0f71L,0xea412d009efbaea8L,
-        0x89c2b8592a711842L,0xab502e2666337728L,0xf8397452aa5e9d63L,
-        0xd1426326e61ce0f3L,0x3c65ba888b2a3595L,0x00000000000001d5L } },
-    /* 29 << 49 */
-    { { 0x7c40492595f69136L,0x45e971ba99e00647L,0x8f52311b8df162f7L,
-        0x37be3333b9625948L,0xf78c980fdcd3f0dbL,0x04fd571e95450e66L,
-        0x2c8c94a45ad646dbL,0x7aaf42e5cbda65ceL,0x000000000000017cL },
-      { 0x839547cff6df4638L,0x95d2aac672edd7ceL,0xcfdfa802e0028305L,
-        0xbf7fbb9b592ed18cL,0x828e423790ce00f9L,0x83653bee85dae1c7L,
-        0x92cc5b1aa352c38aL,0x323f48337c389854L,0x00000000000001ccL } },
-    /* 30 << 49 */
-    { { 0xa8b2a97fb6cedd11L,0x97dbaff9f8032972L,0x342989110d29a5ceL,
-        0xace98046cd01a3cbL,0x2a3d2959be278299L,0x5178699b7d9f96a4L,
-        0x275e90c83aefc4d4L,0xed40ae71c9ddc6c5L,0x0000000000000018L },
-      { 0xc68d02ce0082825dL,0xeb8c04bb63e05e72L,0x734a75cc8b7a75f2L,
-        0x1c6ff3f5f996c116L,0xc23fa867564c6f4bL,0xf13cff17198d779eL,
-        0xa4f04051d621edcfL,0xd86ea3fb9bc3a2beL,0x000000000000003cL } },
-    /* 31 << 49 */
-    { { 0x8687c8d286fb5666L,0x51bda4adead592d1L,0x9a47bc7e8d9bf5adL,
-        0x0c16fc8e3f314ef5L,0xcb5262e50b653a4dL,0x4dee35618e512af9L,
-        0x41aa85f125232f51L,0xb4b485ed7af6c2e0L,0x0000000000000084L },
-      { 0xe3326af2a937424bL,0xb091d60435264ac9L,0xb7fe1c75607363fdL,
-        0x8d3fc5e05ce8b153L,0xfea7f23d9ac5e150L,0x38b3592fc8c1f2f9L,
-        0xb5346f4f01996117L,0x485d0162ede54b07L,0x00000000000000ddL } },
-    /* 32 << 49 */
-    { { 0x0b91d5244cfc2928L,0xaada5377f9855767L,0x43014e69652cad7fL,
-        0x8680000dee500ebeL,0x95eea80462086edbL,0xea6484375ce7cd0aL,
-        0xee14680d51a5bb78L,0x28363f309167ae22L,0x0000000000000047L },
-      { 0x5335dbd719692e28L,0x30c79590c6495ad7L,0xb9f87b1462c85189L,
-        0x5b87c196c5b0545cL,0xbbdfef3cbe7fb4f3L,0x2b531d69f3216d95L,
-        0xe7298f7361c8215cL,0x9652e358d96015dbL,0x000000000000011dL } },
-    /* 33 << 49 */
-    { { 0x4ecfdcbc609f01e8L,0x43cce6f602da9b00L,0xb5ccb510cb875b01L,
-        0x38ef08459d14985dL,0x5dc8f4f88e28ff2dL,0x2123c91386de81d1L,
-        0x80691159098d59d5L,0x44715192dbc14f82L,0x0000000000000171L },
-      { 0xc7d2bc1e420737d6L,0x04d07a8634926b1fL,0x4a558a526719bbdcL,
-        0xad7181739558b878L,0x0d2e6fca5af3a191L,0x6c49dd8fa73f113aL,
-        0xf57eefe8b3f72cf4L,0x39b23c1b37c5645aL,0x0000000000000093L } },
-    /* 34 << 49 */
-    { { 0x1a21f7609e382dbfL,0xbe278ead5c4326a2L,0x72f12ef962016fedL,
-        0x21bf913c8afa14a5L,0xb7c4145a9f9b8899L,0xc17a7b5fde4dd03dL,
-        0x14f34601ab717706L,0xe6192f11432876c5L,0x000000000000013bL },
-      { 0xa2f7972ba69fd71cL,0xf6ccdd1f9a0289f6L,0xc4634027e67f1f93L,
-        0xc87dcef88ebcb728L,0x2053a2db4468602aL,0x6406b53cacbdae11L,
-        0xf3f29cf3ee6ee32cL,0xcb79a551a0e19432L,0x0000000000000110L } },
-    /* 35 << 49 */
-    { { 0xef5cb254481df44bL,0x3184a229b38cbae8L,0xc1b8f38dd3bfe1cbL,
-        0xd054eb6b1523138bL,0x9635da2935029a99L,0xed8ad119918794bfL,
-        0xb3b9ea73d86ffebcL,0x174afa73454d5e5dL,0x000000000000007dL },
-      { 0x0b7e89f996442409L,0xf308ceb46bf1c207L,0x7bf551a8d7488abbL,
-        0x06be62570d2826dfL,0x7da841c4c45d6b49L,0x90e0c656320fcdd6L,
-        0x625d0ad9c57ae245L,0x1117fa49a6216b67L,0x00000000000000eeL } },
-    /* 36 << 49 */
-    { { 0x740389608eaee36bL,0x7df35d2c162d1f6bL,0x2cebbe053186aa89L,
-        0xc17db617944dc7acL,0x1c6a5a0781e3d0d1L,0xc1e8ce8e29c741eeL,
-        0x8edd5a72fc708460L,0x337ba607bd44d4a2L,0x0000000000000143L },
-      { 0xc54244b594eb3f3bL,0xf6303630ea66f38aL,0x72aff79bc6149c29L,
-        0xecb88c9faa4b1c13L,0x648ec54762873c5dL,0xec17c8cc65222b9bL,
-        0x887c31775c4b3466L,0xcdc8fe2b7e3e7954L,0x000000000000008dL } },
-    /* 37 << 49 */
-    { { 0xcefcc053278778a6L,0x8b23916cf443f1e0L,0xb54c427ecbee97faL,
-        0x24c75ee812bc4efbL,0xb7b0cb176a167e91L,0x1b307498bacd972fL,
-        0xd744a51b519cb27aL,0xbc28421783cd2333L,0x0000000000000020L },
-      { 0x81f745e1b02be1a4L,0x9de30681c6537840L,0xc9bdcf9e9fe1b32eL,
-        0x850f2187eae10736L,0x5dc72e3f8cbe70ebL,0xff288749c832cb6eL,
-        0x648754cfbdaa6ffaL,0x24e3f97d26354f2aL,0x00000000000000c0L } },
-    /* 38 << 49 */
-    { { 0x09c04a0f926bc690L,0x43fbfa9f6286e106L,0xd1a8fb90e1c3b305L,
-        0x7b4ee666fe37cdb9L,0x404be05f9b915078L,0x5d886ece2e0fdca6L,
-        0x58cfc29cedf36049L,0xf94ec764dd30d905L,0x00000000000000ebL },
-      { 0x4ad5bb20650c67d2L,0x760e0784377c5de6L,0xa6fa0ad7a47acd80L,
-        0x91e26191802a68ceL,0x932e9b57c492de6cL,0xf51aafe3c0d70872L,
-        0x17e1ee20c0a4eb8fL,0xdadd7f5ceb04a2d8L,0x0000000000000101L } },
-    /* 39 << 49 */
-    { { 0x4b6c35299c3fb75cL,0x2020efc7e2f85697L,0xd2dfcd4892684019L,
-        0x366e38a2ec2edf42L,0x7217d73d4aec48b0L,0x098c0ae01adb4cf6L,
-        0xbbbcb22ae102cc11L,0x46785dc5b1740371L,0x000000000000004dL },
-      { 0xe2cbce804c10fb38L,0x2ae649622280d0afL,0x7e3465aca1b0c46fL,
-        0x8bfd57b6dd9e378dL,0x01f628f91dde62e5L,0xf3e4adf12526bb39L,
-        0x1734ed33ba88260dL,0xe6b9194041672e7bL,0x00000000000000d0L } },
-    /* 40 << 49 */
-    { { 0xf42c064a910fda3aL,0xfbafa50fcea6aa25L,0xafe5f5580de9bbbcL,
-        0x24e9d4ae0e89fb39L,0x5b71973925c76201L,0xa87ea5295475aeeaL,
-        0x1e5495e03c4be889L,0x7866138b995ad46fL,0x0000000000000087L },
-      { 0x5f9f803e46afb538L,0xf8c0f078ca875a75L,0x63f1050a89b71552L,
-        0x0858baab8d43bb0dL,0x8dc61935fe38cf7dL,0x50fbdae220f815eaL,
-        0x6c6a84e52e070889L,0xa524045e73fb1857L,0x000000000000001cL } },
-    /* 41 << 49 */
-    { { 0x18d8ccdae2479e67L,0x1baa53f2a74a289fL,0x6edaa01c578d7dd5L,
-        0x39deb2bf383bedf1L,0x55b2cb09c0c843bcL,0x4389566147a692a7L,
-        0x6c9ae23f7e9cda94L,0x21cc9bceba7b7179L,0x0000000000000026L },
-      { 0x19db39e25f4eedefL,0x5c22018976727eeeL,0x2bc4e7bfd2b991deL,
-        0x9c136af758617aebL,0x25f438605bacc62cL,0x8e469c5668e7b7a7L,
-        0x905da2b18fd497f0L,0x5ca49b9f114ad2ebL,0x0000000000000067L } },
-    /* 42 << 49 */
-    { { 0x1a6f8d8de1a52dc5L,0xcf96814d03a474a1L,0x89bf6b6d11521565L,
-        0xdef2de686891d9c1L,0x84acad656e7c7d4bL,0x886b8a280175a6cfL,
-        0x9ee8240c926fe7bcL,0x152a76cc39bf83daL,0x0000000000000091L },
-      { 0x85376a369b33ef6eL,0x59cfd5a4f181f89cL,0x679c3adc2593d6caL,
-        0x6ed84b8bfbae89b6L,0xee128a9017cb08eeL,0x4f29fb137726bc40L,
-        0x20ed5454dd8a2a9dL,0x4e91664a378adbadL,0x0000000000000191L } },
-    /* 43 << 49 */
-    { { 0xa5dad36b52b70595L,0xf87e799e31e1f282L,0xd2cc0cbf9e1f33e1L,
-        0x4cf0cf552d62e0a1L,0x18d2a4d5fc30b065L,0xbc92b38273812cceL,
-        0xb252123d18868d58L,0xedac40192d70d6d7L,0x00000000000000a1L },
-      { 0x06ef9212c3f4e226L,0x59efef442a3fda9bL,0x9bf2803a42146a29L,
-        0xfa8dab397c4a93deL,0xe1d34b9562d8ca13L,0x9989f1f7ef4060ceL,
-        0xa57df883280ad2ffL,0xa7672319b32b7398L,0x00000000000000d1L } },
-    /* 44 << 49 */
-    { { 0xb841b3a2716363bfL,0x1fe55966930c285eL,0xd32798db70bcc6e5L,
-        0x69e8e3f7cd08aa70L,0xc062c65836522b1dL,0x5f540d1d845d3226L,
-        0xc3fb106d65d5893cL,0xa7e29ee98ae43be8L,0x000000000000012aL },
-      { 0x10107bd45f12406eL,0x09597eeeaff644d1L,0xd6016ea4a82208eeL,
-        0x91ae818f1b864b66L,0x443f4f76f39bba56L,0xfb1e51720ed82a06L,
-        0xa79c9ef8d5b29a93L,0xcf62b0acdf4bc546L,0x0000000000000095L } },
-    /* 45 << 49 */
-    { { 0x786dddbd9a6770dbL,0xfbba1c37c9bdf259L,0xb0ee1d34c50b403cL,
-        0x1d67be441e207360L,0x186f06bc422c455bL,0x595806c00c1576b6L,
-        0xb88abc273985699cL,0x47398d6d704fbcd1L,0x00000000000001c0L },
-      { 0xdf0187cd0bc02f06L,0x98eb35357610f278L,0xa253493558e633dfL,
-        0x633c5838abe6ba6dL,0x98e6522d8345acf1L,0x403be8d023f02650L,
-        0x929e6fde26185a91L,0xe11ef0da93f223bcL,0x0000000000000106L } },
-    /* 46 << 49 */
-    { { 0x0e407af213d053ffL,0x90d5045e06f74badL,0x066fbdeab7245e4eL,
-        0xfd7b75ca58eb3154L,0x1b71f8fab1085c0cL,0x0813f46a32f91863L,
-        0xcb798c7cf9b79419L,0x89ae2cf7b03a117aL,0x000000000000009aL },
-      { 0x5c04b5fd596b9fb0L,0x39cc235d1bb7e7a6L,0xbd27de310638c16bL,
-        0xd12cf68dc62576c7L,0xdab34467be49955fL,0x6e9ff707f0e83b90L,
-        0x9be7a05a7f860800L,0xfceae2f729c5a536L,0x0000000000000076L } },
-    /* 47 << 49 */
-    { { 0x839213697b1d62c9L,0xd22e2902a95f6724L,0x29d3cff45962cbf4L,
-        0x74adaf534e973e6cL,0xad2f70c1a766f389L,0xc8eadf0ac2b8cd2dL,
-        0x8206870d8d1654d4L,0x99168a47a8feba9cL,0x000000000000002cL },
-      { 0x1b25ea9fef1068fcL,0x48d00e1e844eec1fL,0x5e405a57497cdaeaL,
-        0x9ea279918c28de85L,0x162811a8db094da1L,0x83072388e11f3bc4L,
-        0xb0b78a7ce6b0b528L,0x97576dd0cdb3fabdL,0x0000000000000046L } },
-    /* 48 << 49 */
-    { { 0x0f9052c7b597ec4bL,0xc6f41c80ad573ab6L,0x347a20e1e3a60425L,
-        0x8b466cefc852cbb5L,0xf38734d5dc78e008L,0xf347cd72d1ad9a04L,
-        0xb82d096f30eec82bL,0xe43cc8e9ca4f7ab3L,0x000000000000001bL },
-      { 0x78d630caf659615aL,0xd686695eb1617e24L,0xbe1c2194d5983cf9L,
-        0x4522d8f78329caaeL,0x672fee6b101fb01aL,0x1b1f4c0950d301abL,
-        0x7dd87dac5e431e1fL,0xbf07ee0cea0100dbL,0x0000000000000172L } },
-    /* 49 << 49 */
-    { { 0x07f921760f9f20faL,0xfc96b84ecb68b725L,0x7718b02302cccb62L,
-        0xedd4dd7985b5fbfaL,0xf6e1e454f4db3795L,0xb4888ae03a7653c6L,
-        0x8fb8fc4474baeffbL,0x063c86b72d45c22bL,0x00000000000001cfL },
-      { 0x0c41e282815b2541L,0xac43abd94c2ee392L,0xe24e214a71c286d3L,
-        0x1282830043728b88L,0x3bd6814757828877L,0xf197e9452febf81aL,
-        0x8a1c679cedbea19aL,0xe251fa945967dcd2L,0x000000000000016eL } },
-    /* 50 << 49 */
-    { { 0xe01d086a1075213eL,0x8f1b00cbea347edfL,0x8498f8c425c21dddL,
-        0x95abb4086d820738L,0x557eaed7ec5afe32L,0xe497900ca38f0434L,
-        0x0515c9bc903e17b0L,0xc02387e3dc40307aL,0x00000000000001d3L },
-      { 0x96a0bc63eaf352c3L,0x579c49029ee03dddL,0x757a34d6c98eb9dcL,
-        0xcfa9d25abd86a2baL,0xc8809301f6054b1dL,0x30b0c70afff80255L,
-        0x69f40403c5ff5831L,0x6e5fd068c60c11ffL,0x00000000000000b6L } },
-    /* 51 << 49 */
-    { { 0x5340fc5166c83cbeL,0x507640cb9f3024fbL,0xf750a8d5a1a0a1e1L,
-        0x9e7f6338adbb9bb1L,0x09a208b43976445dL,0xa6cb9df3457f574fL,
-        0x7de5c8214fbd3509L,0xde3f5ae19d50d9a1L,0x0000000000000027L },
-      { 0xc82405f8ed17132fL,0x43256e646a46977fL,0x8a353d2a994b1950L,
-        0xff3152f2ad9a40c9L,0xfc9cfa4f87e47049L,0x3ac2a3b0c168d8b0L,
-        0x80742ee9bb4d7fe6L,0x3d2ba8aa8678a9d8L,0x0000000000000046L } },
-    /* 52 << 49 */
-    { { 0xa04a119dcd2fdac3L,0x2ee2c11c9ce17d39L,0x197cfc5f32fe1c10L,
-        0x656774fe3aab0424L,0xb43b296a067463a7L,0xad338aca55d78e93L,
-        0xc74471b7b87e1358L,0x5bb5cfc201be2553L,0x0000000000000075L },
-      { 0x71ed2ff019301a86L,0x49d0b18dabb3a3f6L,0xb14c65b0aba86284L,
-        0x4a537637cb47beffL,0x340621ea976f6945L,0x66fae29b5c4ae1ecL,
-        0x8e56e0fba5e5cc76L,0xc09a72fd7cd3d0bcL,0x0000000000000035L } },
-    /* 53 << 49 */
-    { { 0x349d9c4dee613f38L,0xef68106f51fb9826L,0x92f4c8386d78ed38L,
-        0xb98420f7586485edL,0x0ec1b91d60f3f9deL,0x93d3828b84a7a66eL,
-        0xb9f3374876299a8bL,0x4961a01e9f7fcae6L,0x0000000000000106L },
-      { 0x9f606ab04ed763c5L,0x1d8f91a3e9a674f4L,0x97fc8242a521bae2L,
-        0x7008aa90dcb2af6bL,0xba359079b4110efcL,0x7e54f8c1fd447eaaL,
-        0x3aad38aaf746ed2eL,0x3eb1cecef0df9b09L,0x00000000000001d6L } },
-    /* 54 << 49 */
-    { { 0xd32d280e3ccd90f5L,0x91e87e9e7cb176bbL,0xb5a8a77f30f3973aL,
-        0x1f6389b465126792L,0xda9c26d978cd0d47L,0x5207f05eb2c99703L,
-        0xbd89f16910a3caaeL,0x79ecf9d1f547e27cL,0x000000000000005eL },
-      { 0x5a9846021ad57e4bL,0x29373c083b6dc43eL,0xadfe6bad320676e8L,
-        0xd4122508a6380857L,0xa83a74ecd1d1ad46L,0x98c04d58f1207f89L,
-        0x19948a9ec12d1d1fL,0xa3cf675347dae287L,0x00000000000001bdL } },
-    /* 55 << 49 */
-    { { 0x69a5518193a902f6L,0xdc736d4689ee0441L,0xea81c08bf0cc23a0L,
-        0x9a63c879a61c1beeL,0x9b8c27d1f2c2dedcL,0x14c7458b5f0dcf06L,
-        0xaf32ef31e8763a8aL,0x46821a538c0aa44cL,0x0000000000000108L },
-      { 0x0c7e06114965b20cL,0x69154474ce496d11L,0x964e6477e160f351L,
-        0x841083e9d6e4fb2fL,0x70640bc3c0e71fd2L,0xbed0bbf4db30ddc2L,
-        0x1b30d4d54c9e01f9L,0xc58137f9a143b3feL,0x000000000000017dL } },
-    /* 56 << 49 */
-    { { 0x32966f76bd667641L,0x7de72be5f0d579a6L,0x0a6ffafb81276712L,
-        0x0c76a2135e91a169L,0xeb960ed85f953cedL,0xaa5f7f8f0be111cdL,
-        0x2cd0b477911f59faL,0x059a70c6e5220a86L,0x00000000000000dbL },
-      { 0x16f99e8ba61c4277L,0x011745b656710251L,0x13cb7d19f1ef7ff2L,
-        0x2162edb414f0c0e0L,0xb0a459e867467a1cL,0x2cee2121248e6fc9L,
-        0x2ba236eb98142385L,0xbd7465c91e63fa6eL,0x00000000000000daL } },
-    /* 57 << 49 */
-    { { 0xed2afb1c966951c4L,0xd8fd93de5daeedf7L,0xe5fa9c4cc93d1c57L,
-        0x386b2c9bfaefcc9bL,0x4b59656fc59929c0L,0xce1d20e5eab86992L,
-        0x3c11b1a137676f63L,0x1a35c38f85420d79L,0x0000000000000171L },
-      { 0x8f88bb55620441abL,0x47af796eaf094865L,0x8888bcd9ef98fea4L,
-        0xc3f31342413e8555L,0xdfeb4b48c2b75c9dL,0xfd99c9a4a0c1d15fL,
-        0x94241431cefee2e3L,0xab9e1f0a23fd9b10L,0x0000000000000026L } },
-    /* 58 << 49 */
-    { { 0x25ccc78e776cdc28L,0x34bfe1407f0407e4L,0xfdb8fac8d9e8897dL,
-        0x49c0ddb3814ce374L,0x4c983cdc10173846L,0x9c4d4eff62108873L,
-        0x12fd9caa476f5b17L,0x8658c9a0731d2d9dL,0x0000000000000171L },
-      { 0x14b0aedbf23ff601L,0x632cfdc58f68ccdbL,0x8485d63227078299L,
-        0x1b83394f4856bb41L,0x5f905b4a04999398L,0x9645aee589030563L,
-        0x30ce56159f7c6eecL,0x53aa062997c9b6f4L,0x0000000000000182L } },
-    /* 59 << 49 */
-    { { 0xddcbdedee68e0fedL,0x99ccbf1f05063476L,0xb89a94876cb38f6eL,
-        0x3022a2323bc6e121L,0xbc4aed50fab2bc77L,0x46060acead728bfbL,
-        0x6c950f528b881519L,0x9c0edf597814d1f0L,0x0000000000000137L },
-      { 0x58b14d40d0e8fc6cL,0x5e61d01c942ae23dL,0x6bdbad564712f262L,
-        0x61fd6441155fe00bL,0x1ab1151ad617185cL,0xce8ea53c623a376fL,
-        0x5f0cac41c768b147L,0x1f5f832e22a26dbdL,0x00000000000000ceL } },
-    /* 60 << 49 */
-    { { 0xb9532a46e6ebc565L,0xde038371b7c6883fL,0xa934fd5002bbe9b7L,
-        0x4b82ec8ef3837d8bL,0xc00073fba5d11dfcL,0xae3a22c2dc5ac742L,
-        0x8adb521a73b3415aL,0xe0902743f43bd62bL,0x00000000000000dbL },
-      { 0x3cf82ff6173b48dbL,0xec4e00c39af49c1cL,0x786b4099b3a267e2L,
-        0x16e02a248820f967L,0xe0689ca4e4fc99deL,0x2a5f17575fbd3f1fL,
-        0xc0c02624ba0f38aeL,0x586ca28d58cae5dfL,0x00000000000001a5L } },
-    /* 61 << 49 */
-    { { 0x25b05b4ed1f10799L,0x76cd6f8bc800ad41L,0x13fb260460b2ab0dL,
-        0xf59f0cccd05a52c0L,0xb65218b0288de748L,0xc03f3f749f3e5ca5L,
-        0x777a1100abf69427L,0x69340a66f7b3528eL,0x00000000000000eaL },
-      { 0x1dcae8f5b7b29411L,0xa34600730dfea3c8L,0x13b469f258498ba4L,
-        0xdf838dd3bbab9202L,0x4dbec5fffe347b04L,0xb84fd1d91eac8f9bL,
-        0xe74760c46e283eb9L,0x7c24f5141a49e088L,0x000000000000008cL } },
-    /* 62 << 49 */
-    { { 0xb330cfe8ae5124acL,0x4205f06afb62311cL,0x21c0f9cbdf03f5d1L,
-        0x0f4d3d7709c90889L,0x970803101dc16211L,0xae129fff455f228eL,
-        0xb209416415043833L,0x95312756bac62236L,0x00000000000001b5L },
-      { 0x74af54c370d0fd85L,0x55862bd38d6ef975L,0x52ae68bcf7bdbbf6L,
-        0x92615cfc17424b12L,0x3711586fe21a24ccL,0xc0afbe33e3739cefL,
-        0x46f3ae0794c296afL,0xb16803df799e4152L,0x0000000000000031L } },
-    /* 63 << 49 */
-    { { 0x0e910ae76e30834dL,0xcc082cb386c72df4L,0x88a278b2b0dac2d3L,
-        0xddd107b085c2a06eL,0x7423df9623246789L,0xc10556841087702dL,
-        0x75cc98651081b21cL,0x5279c1a2e7f4c29aL,0x000000000000006aL },
-      { 0x0fcaa2f8953245b6L,0x828ab5a68cb75480L,0x06381dfffccbede4L,
-        0x0c3f8eae499f669cL,0xc6fe81f8f5dc5c99L,0xb5083730b4aae613L,
-        0x8d2038c777622821L,0x263228451f870cc7L,0x0000000000000179L } },
-    /* 64 << 49 */
-    { { 0xdeed672da38be841L,0xd62d42d762febdd5L,0x002aa47e2d4af6ffL,
-        0xdadcda955be24d99L,0x91ec05c46727939bL,0xe7535c591b7966d0L,
-        0x83d7f5f023c47893L,0x470bca4e2c4e6181L,0x000000000000010eL },
-      { 0xfe45f9698440535eL,0x240e6b2c49adab54L,0x61089282db726b76L,
-        0xcff3e30bfa643350L,0x3aafb169a7c01f88L,0x51923c30e0a5514dL,
-        0xc077936f3ccc700aL,0x23375769586f4854L,0x000000000000006eL } },
-    /* 0 << 56 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 56 */
-    { { 0x9aa53b475a714194L,0x01163dd86957d5ebL,0x5bd2c24f908f5929L,
-        0x87f519f4dbe42b0fL,0xff767379fb6b5ad4L,0x4d0f8bba9a193f28L,
-        0xf3c42bd0ee549d79L,0xbf851d3f825244faL,0x000000000000009bL },
-      { 0x825ffb609f78b57fL,0xd1913668e0f74b73L,0xf42a5b035468f89dL,
-        0xa2347499aacae46cL,0xc771e34cc85272e8L,0x295684c1d427d3a1L,
-        0xed749903433451dcL,0xb872072c0cbabbd4L,0x0000000000000049L } },
-    /* 2 << 56 */
-    { { 0xf98db50e8435735fL,0xeb51c34660bd7b77L,0x200adf1e996ef096L,
-        0xecac256b57b8d488L,0x889639b07e65ea9fL,0x4f763f7313a4a243L,
-        0x401c22a42957db01L,0x86cff8bc68eb751eL,0x00000000000001c7L },
-      { 0x1c0549ebe47805e9L,0x57716280b223b355L,0x69a29cf4db5c068bL,
-        0x63fb8a8c432af690L,0xdcbb94f97f36ebd6L,0x693983dd08609c4dL,
-        0x69875f98d458fa6eL,0x149758e81fff90b4L,0x00000000000001eeL } },
-    /* 3 << 56 */
-    { { 0x8452736310a0d011L,0x299e1cb30bbaddd0L,0xf5f3079b5294c956L,
-        0x9edd5fa24f0a3584L,0x764bb175641f1fe4L,0x0217a94a93b38db4L,
-        0x61c992b7e31e6fdbL,0xeb231629764cabecL,0x000000000000013bL },
-      { 0xbd3b12a4d2e8c15cL,0x8eef9b5d8accc1f1L,0xb931fbc752747252L,
-        0x8a7b86c7f9817befL,0xb52330ba584e1181L,0x9bc4926d25a0a0abL,
-        0x002feb9b89a625d7L,0x653946b5db41831aL,0x0000000000000061L } },
-    /* 4 << 56 */
-    { { 0xf1efe65befd91d43L,0xdd872fb0aa3323e3L,0xcb7c357901e9dd62L,
-        0x04677143cd97ebd7L,0x906eceb8806e055fL,0x334b997f2fd96082L,
-        0x41a732b0caaad051L,0xe1b97e125bc0500eL,0x000000000000008fL },
-      { 0xfc4e9baaa1bee510L,0x2b887e327d63c5f0L,0xcfb9c52eee6cad4eL,
-        0x596bb714b0b8dd96L,0x2db254c665f9a215L,0x000359bdd799749eL,
-        0xc4ecaf126d91b457L,0x8153709ebe4f02f6L,0x00000000000000c4L } },
-    /* 5 << 56 */
-    { { 0x2218489b09d9e2f2L,0x563769927f4fe3c0L,0x61e365211ed2b98eL,
-        0x166d671a178d242eL,0xb65381c97e8d39b6L,0xaefe583a82851b43L,
-        0x6caa4459a24a7af4L,0xb421380f5640d447L,0x00000000000000b5L },
-      { 0x706a413011d91549L,0x4214be92e3064f4aL,0xa7c3b7b8b7649258L,
-        0xa782e2fc71c05ddeL,0x0fa90ef683d30793L,0x1c77425b15dbd474L,
-        0x917cdb42fc0b16d8L,0x7ef5faf8c7bfa045L,0x00000000000000e9L } },
-    /* 6 << 56 */
-    { { 0x5b408946a60059ebL,0x0d707cc2a1e69f42L,0x9be262d3cddd4401L,
-        0x0c2d64bd01c14145L,0xcf8b305a27c198a5L,0xadccc32e05c03494L,
-        0x22e5f02b6c1de307L,0x2ae62bac48f43edfL,0x000000000000001cL },
-      { 0xb02341cd598a8ef6L,0x0e6041748456480aL,0x159e591932132353L,
-        0xe03d4f2c8b3a8a62L,0xd1190722f861d8f0L,0x59d3d3b6a37c89a2L,
-        0x07fb0e16a2987768L,0x5dd98e191da91a16L,0x00000000000000adL } },
-    /* 7 << 56 */
-    { { 0x09238de907ae5402L,0x14fce2b1444b8b61L,0x37ee7affbd0d2eadL,
-        0xecbc75de97804504L,0x343a5d1a3b5e5fd8L,0xbf806ee5a90dcf6bL,
-        0xd07f1054b2bf2a3dL,0x6f590326ed9fffe2L,0x00000000000001fbL },
-      { 0x9c42832de6198aabL,0x3eacd0ed475ec98dL,0x715b6aa8937ffe67L,
-        0x4b35d1e7891bffc8L,0xfad8af9cb36a8835L,0xa3a21d6f7b8f6f81L,
-        0x4faaf12e771c3b1cL,0x4e05313304fad4c8L,0x00000000000001f1L } },
-    /* 8 << 56 */
-    { { 0x7eecdfe4e541183aL,0x7b0dd2285aa8b868L,0x8d38cd0c1de22f71L,
-        0xa9ca796dbd2638c1L,0x1819373249e5ea36L,0x4fc5461729212b0fL,
-        0x4f3874d22debe3f7L,0x46499322cd4b02fbL,0x0000000000000015L },
-      { 0x7977cdaaa3bc23c0L,0x954aa6d88ba98676L,0x6b8471c793c7bf98L,
-        0xf8025a0b43c70437L,0x0aca0d09b1a8c71bL,0x9fb1d00b6fc48277L,
-        0x50bccc4ee312939bL,0x5aeaf55665e5df83L,0x00000000000001abL } },
-    /* 9 << 56 */
-    { { 0x296c4e5e4114124cL,0x8f760836d47c56bdL,0x9fda0a36f6758211L,
-        0x2bc5e75b36cd51bbL,0x32e6873f1bba9f2aL,0xed7a7c288e6c979aL,
-        0xbec902bb47cccd6cL,0xacf4c76c48dca66aL,0x0000000000000080L },
-      { 0x44a892f6355a975aL,0xbbd44a35bd1b1666L,0x6b49014ca612f865L,
-        0xcd50cbb36b81bd2eL,0xb25e204fc26beab6L,0xddcf6123f93fe188L,
-        0xa3c651667a980260L,0x87f09af9e19ae815L,0x00000000000000c5L } },
-    /* 10 << 56 */
-    { { 0x36fafde5fbbd4e98L,0xaf44b924868ff31bL,0x0281a7fa945ab6b9L,
-        0x2a4bc2c85323df28L,0x51959c042a3e0fb6L,0x6aba3103143c1a63L,
-        0x3a572db88876e600L,0x418cd1b4506efccfL,0x00000000000000b6L },
-      { 0xf121c2f9beeeb151L,0x69c65d11d76943abL,0x74063608addb71d4L,
-        0x072af1c6702d26b0L,0xe0fd470b473b6ef3L,0x765b0f46bc36697eL,
-        0xa24b34bcc6acd252L,0x0401f4521c3311e8L,0x00000000000001d2L } },
-    /* 11 << 56 */
-    { { 0x3f298d941c6a01eaL,0xb6ee6874dec1f22cL,0x189023ac496d5522L,
-        0xca543ecfc08a48c9L,0x240ca6a0a2db1ea9L,0xa591ef2e54492401L,
-        0x22027038344bcd0bL,0x34cb84596dc4ced7L,0x00000000000001dcL },
-      { 0xb5a949080414ed02L,0x8bddf24ba14739f7L,0xa788ab9679ac753bL,
-        0x754163a977fe2ff1L,0x49803f05af045bc3L,0xf482041842d13f83L,
-        0x9f86243cd7528fa3L,0x9b4c2abe08588f48L,0x0000000000000131L } },
-    /* 12 << 56 */
-    { { 0x34853c5d35da05aaL,0xedf100f6b15b5d6cL,0x1dc6e841d3da67b0L,
-        0xaa5d83f0310fd872L,0xa686fa787cfd885bL,0x297a0e48b09f9c96L,
-        0x9e899c7dfbd40e05L,0x2bfbaf44b9589b4bL,0x000000000000013dL },
-      { 0x937376913784f654L,0xaba39ee088f316f8L,0x7fc611358a3c3666L,
-        0x5a09da1f80a1fadeL,0xffd6018133651828L,0xc400cf569a7ac400L,
-        0x64fc091f665c4152L,0x8679f2d7c350f654L,0x00000000000001ecL } },
-    /* 13 << 56 */
-    { { 0x3af9dcd14473f37cL,0x7c31843080e36492L,0x5115486ac8d049ceL,
-        0x594ee800b10d6316L,0x3c9aec97f913f656L,0xc9b99ae4476865fdL,
-        0xf9a597f80fecfa86L,0x59313aafc2664276L,0x0000000000000020L },
-      { 0x431f1976e5a1239aL,0xb406a1eb58838d43L,0xc023f4698d681f4cL,
-        0x5f1dd612dcccc654L,0x9032c342434f82c6L,0x99bc4322c7965da3L,
-        0x8c2f2ce32745885eL,0x415ff1a86cf68162L,0x0000000000000009L } },
-    /* 14 << 56 */
-    { { 0xb10ff95e0e9132f1L,0xf49e33b7045c8800L,0xdf0314f4842d3bdcL,
-        0x55fb97a8f584e160L,0x0b923612e71c4d35L,0xdb8c2885ea2f1d23L,
-        0x514e37d7dff21f90L,0x0a0cbe3dfd2278ecL,0x0000000000000081L },
-      { 0x20daf0c8e84e328aL,0x9885850d6978f468L,0x8ffffeb098151489L,
-        0x5bb7fc177a0b4d73L,0xfc401e51706e036aL,0x7016943c64c94259L,
-        0xa8cdd03a570abcacL,0xb94b40df2520b74eL,0x0000000000000167L } },
-    /* 15 << 56 */
-    { { 0x41ec06596dd7d8c6L,0x8baeaeffb07d565dL,0x55f5138c26c9b544L,
-        0x975e212788825ee5L,0x90422ca7c1a092e0L,0xa03de4e8dbde0554L,
-        0xdf408882734e71a8L,0x80e01f63a10cc8e4L,0x0000000000000157L },
-      { 0x7b4e0e130a65cb93L,0x1f3e7faec1e49a1aL,0x1b12fdb3dd71b3f8L,
-        0x8d32d35f1253f42eL,0x38e09d674312f8b0L,0x9a727ebd4281b5ceL,
-        0x0002358abf211bc2L,0x46c3dba13e61916cL,0x000000000000003cL } },
-    /* 16 << 56 */
-    { { 0xbf2097b9414d9815L,0xfa0673b3cda66dfcL,0x8c775677193b17b0L,
-        0x07c8dbf6c5387e9aL,0x141de69d4c5da984L,0xf0650ac806a8b133L,
-        0xadd766eed2b258c4L,0xa6f4276396303678L,0x00000000000001daL },
-      { 0xcdbf1daa39c8824bL,0xf8f2cd8c5638cb0cL,0xd966c8e9b6d33286L,
-        0xe4b63ef8c1331e1fL,0xac72d8e3fb5f843eL,0x110d0d4a8ff6b4b6L,
-        0x0067fe1eacd5cf3bL,0x5eaae5b321c1e826L,0x0000000000000068L } },
-    /* 17 << 56 */
-    { { 0x3c2cc8401217a97cL,0xb50bb1f3c1c919f8L,0x5becdaec4470c37eL,
-        0x378cab9bceb1fbb9L,0x04563e25cc95f3f6L,0xae040e389d4a2100L,
-        0xe66969915950151bL,0xa855c542c36aef82L,0x00000000000001e5L },
-      { 0xe5c950666cd47003L,0xc602fbe4b6bae5a9L,0xacce809c76110dd2L,
-        0x757b37d9047a58c6L,0x58c9dc97ef3e68d5L,0xa2dc7d9012714826L,
-        0xad4e0ba11fbf2747L,0xe710d91de5af3928L,0x0000000000000084L } },
-    /* 18 << 56 */
-    { { 0xd79cd3bc6e819754L,0x7c18ef6a8809e3d0L,0x29468b115c990dd5L,
-        0xed6cf22a8be7c0b6L,0xb62cab9a75ff6d61L,0x035cfbcc46116fc2L,
-        0xc375d3ffcb5139a8L,0x9fab6a6207bedcb9L,0x00000000000001e9L },
-      { 0x0b07578f9d888066L,0x9438e828693b78fdL,0x046f159b622825fbL,
-        0x00125b1e0a349677L,0x408d9c746d8e1d12L,0x4e46f3fed0358225L,
-        0x63dd41bff4448e2fL,0xc87ae9f74d54acc2L,0x00000000000000a1L } },
-    /* 19 << 56 */
-    { { 0xca6d413b739aac79L,0x5ca8d0f0cf84b822L,0x6ea753d2490fbae0L,
-        0xd02d641bf68588dbL,0xdcf9aa5b12a69358L,0x3b3d2093c00dcf36L,
-        0xaef49dbc3556af94L,0xd878e02a7ad78427L,0x00000000000001a4L },
-      { 0x8f65cdc927f5b36dL,0x968c84e51ec6669aL,0x3a412c9d99424d9cL,
-        0xbdda9213690b435fL,0x00899ee877958c53L,0x64032787de5424aaL,
-        0x6d3df87b4261056aL,0x556eb68e62019e38L,0x0000000000000015L } },
-    /* 20 << 56 */
-    { { 0x797062240d893addL,0x73be154c32ee77caL,0x462c16d2021f4043L,
-        0xe593ff234c08fc6dL,0xb17e52f03b138c7bL,0xa8ab2ad5e5fbe9bfL,
-        0xcf64eafcb597ce57L,0x83743f38f970be21L,0x00000000000000fcL },
-      { 0x6013ab2614c70201L,0x0c69287d9ebefca5L,0x255e3927d7113008L,
-        0x5077b04f4d7558a5L,0x85c914fda5be2217L,0xc44bb4136d336d7bL,
-        0x84a4f0027728a6a9L,0x9c83da4f0040ca25L,0x00000000000001bbL } },
-    /* 21 << 56 */
-    { { 0x3757eb12813cd071L,0xe2c5e0702f18fb8aL,0x3dfd08305f451a83L,
-        0x91e430441b09aef4L,0x0b8493b2153d6dfbL,0xe5cb9f878aa9de2fL,
-        0x5f4136b67e86e730L,0xde3b214ff8007c7dL,0x00000000000001b1L },
-      { 0x6f3d65ebaa289400L,0x2937901f23fc2f30L,0x208a45403c97ad38L,
-        0x496fdaf41d956449L,0x68d7b49d7b70e243L,0x1fe890dbad43f7c8L,
-        0x6d5d15b6fb734683L,0xd8cace1d2636aeecL,0x000000000000007aL } },
-    /* 22 << 56 */
-    { { 0xa221c321cfb59cc5L,0x54e6a28dd152e86fL,0xbe574fad4c73e2cdL,
-        0x66a16063a28c6a34L,0x9d051f2ba6bf4e33L,0x6f6e57f0efef1f7bL,
-        0x9f8530c7266ea965L,0xde64f62ffc3c5ce8L,0x000000000000016bL },
-      { 0x101e26f9e249ae6eL,0x64b186185ccd4bd7L,0xbbe43dbfa725469eL,
-        0x2a13bcaf3c77a158L,0x3f52b1d45196b990L,0x5d3d31009643175cL,
-        0x0c45dd2949e58e34L,0x2376457f0c9272d1L,0x00000000000000e2L } },
-    /* 23 << 56 */
-    { { 0x1aa1200038b3205cL,0x76e66ea19d58cca0L,0x80c79ada0cc03958L,
-        0x81bc2b5e01351773L,0xd3728abfbb0e9fe5L,0xf5ab4fb5c491587dL,
-        0x87338eb582fd5606L,0xf6347c4826c78494L,0x000000000000001bL },
-      { 0x8a791f669efdfe9aL,0x755e8267e727d49bL,0xa3099a447992d40bL,
-        0xef46bdb01d15a101L,0x559174a23c94ac49L,0x584f8051ea2c9e4dL,
-        0xf4e16886bf84b50cL,0xff78f54b1b77ee46L,0x0000000000000074L } },
-    /* 24 << 56 */
-    { { 0x7ac3de5ca9041d75L,0xf644635482759efdL,0xab1b9f174ade5840L,
-        0xeee52981b8197804L,0x46000cbe38c3a5f5L,0x88230b1626431a41L,
-        0xe28d80f67766d1fbL,0x2e75ed96eb167421L,0x00000000000000dcL },
-      { 0xc2e83c5b0e7b8b33L,0x1066058ce284acc3L,0xaf2f0891593a5571L,
-        0xdc3b9416f48d96e4L,0xb290b6d07c9c6be2L,0x52eb2fde7c9039b2L,
-        0x3eb91e6fb68324a8L,0xb30518e936711c4dL,0x0000000000000015L } },
-    /* 25 << 56 */
-    { { 0x2d009d1f7e81379fL,0x1186c036eeb29927L,0x9c5dd22a91b3998bL,
-        0xb6592abfab377cabL,0x244093f60dcb585eL,0xa4aab53d2afe72b1L,
-        0xcb3555cdbf6a94fbL,0x4fb141b4a362f98cL,0x00000000000000f8L },
-      { 0x4a846565f7b37ee8L,0x951a4ede2449b8c8L,0xd0207baa5b7a7cadL,
-        0xf6d4d8d91d81b91bL,0x92e4989362f348efL,0x2d1344480ce09f2aL,
-        0x1d44afc329e7a94fL,0xd86cd0c3d2df7d47L,0x0000000000000005L } },
-    /* 26 << 56 */
-    { { 0xbed09ef139dafe80L,0x29280156660a6824L,0x44826c00399c500dL,
-        0x62a0b9bc916333c5L,0xf8e99a122f328b47L,0x5399ea024bc286c4L,
-        0x41c108bcc314dc67L,0x84028e33144199b5L,0x00000000000000deL },
-      { 0xdc9acfdf38f3e37fL,0xd25f15a1b6ebf57aL,0xb8cf0e9228aaf7a7L,
-        0x3e4b2657ebf0dd9cL,0x47c13b14898b9c60L,0xb86aa4de88315b53L,
-        0x3c922479502a03e7L,0x12a71062d5664fb1L,0x0000000000000002L } },
-    /* 27 << 56 */
-    { { 0x0888c3373a129502L,0x58221c2e5b441f44L,0x492f61b92730c69bL,
-        0x9ec3c2d586c89b52L,0x6c5376a2036b0dddL,0x324072e8e30189f7L,
-        0x9627871a8f6dcce8L,0x2affe689f14c2a67L,0x00000000000001efL },
-      { 0x7a6891020deb1c93L,0x4adb5b63d03180c0L,0xac46e5de2dab3606L,
-        0x2cdcc3e0f809e0c3L,0x5eac59fbb6bcf717L,0xec49aba1d98d62edL,
-        0x2c547f2b9cbb81b3L,0xfc3afcf962672e3aL,0x00000000000001a1L } },
-    /* 28 << 56 */
-    { { 0x56b5f75c7925dc46L,0xfa149311dd8ca6dcL,0xfca42ef910155bddL,
-        0x661b558ac2779509L,0x330257621f4fc11dL,0x00a4a692ba594d25L,
-        0x384f36c67892fe4eL,0x3559163a4b3bd1d1L,0x000000000000007aL },
-      { 0x6e75533a4dc7b82eL,0xef9a1ec584f65759L,0x3b6598970198445eL,
-        0xc1635aefa87878e8L,0xcded2de7b779f2fcL,0xbcce07ca79b30a66L,
-        0x784f05e143cc83b7L,0x18fb4648ebaf4810L,0x0000000000000118L } },
-    /* 29 << 56 */
-    { { 0x21cca143a0849267L,0xdb3c09476150ab19L,0x913aed807d17af24L,
-        0xb9d184be112ef198L,0x51e8658a87ad4afeL,0x3af8395f440d7c27L,
-        0xaa056c70a4538d3aL,0xd32da7d8fb38fbd0L,0x00000000000000ceL },
-      { 0xdd19261f7df2749cL,0x3d136e087f22ce77L,0x824d05c2e8e2900cL,
-        0xbb9952149c7ed67cL,0x3d3500c36d5ca1e6L,0x3c05e9faa07cb4afL,
-        0x3cdab734d4dc2a66L,0x8f0dbd5f524a3016L,0x00000000000001afL } },
-    /* 30 << 56 */
-    { { 0xde0a68bcc944ad6cL,0x5789ad9ef6a7c9ceL,0x5bd83d19ff4935c8L,
-        0xa976293acf267a19L,0x04552718f1aef41eL,0xd87c58e4cdccd277L,
-        0xd5d18bf72542f5a7L,0xb41bcf033a6a2a8eL,0x0000000000000086L },
-      { 0x21e495d3188aeb3aL,0x158ee1fff0ac6ef0L,0x18e6446f09c4dffeL,
-        0x82fc447d9c1afb5aL,0x84595eeeace56f3dL,0x94f6edfe590928aaL,
-        0x2b0c90f9b997105cL,0x71ba70da5d064ab3L,0x000000000000016dL } },
-    /* 31 << 56 */
-    { { 0x6ce8c00009abc364L,0x4ec14c04f010a407L,0x45e5c5da8c10a618L,
-        0x91bbf4e4ca43655bL,0x171e65a9b62c2cf9L,0xdb1915f3821cd7faL,
-        0x75cf2fe3e5acbc70L,0x46e005431959d2b8L,0x00000000000000ecL },
-      { 0x2a339ea5cc146e5eL,0x0d4b69e30a693102L,0x7b2707c6610642e3L,
-        0x5ed9f43767880ecfL,0xfa1b6091b769708aL,0xba717e325aa5501bL,
-        0x6833adaf1c963c7dL,0xc66016586e445c3bL,0x00000000000000f4L } },
-    /* 32 << 56 */
-    { { 0x9917e8cc2c863225L,0xe627d938dff7a5fcL,0x62017450d3c9fa85L,
-        0x30453775ce2573f1L,0xcaaa02c343e3b41cL,0xf541c0065901e5ffL,
-        0x78ec0e91e163aa77L,0x1cfd0693f446bf70L,0x000000000000009bL },
-      { 0x82aeb71678063f41L,0xc442f8a7861c6782L,0xccfbc9f3f28b51f4L,
-        0x92a5f71127335516L,0xdb6dc76e23578ef8L,0x365972b3cfc25f57L,
-        0x0dc48630afd7fcb4L,0xccd4f3de87ea6884L,0x00000000000001b4L } },
-    /* 33 << 56 */
-    { { 0x0cba78e07f180ae5L,0x651f442380de7820L,0xd2280fe6fdcee178L,
-        0x0398d592f0604b17L,0x719a56a516c5f918L,0x521773981ba15826L,
-        0x73e7c994b4cc167eL,0x46116f5351fc4cb9L,0x00000000000001a0L },
-      { 0x39eb2793fe76f997L,0xae5381c07344404aL,0xbdb170ea3a99ef88L,
-        0x4b807687b9364627L,0xda38d1e6010cb096L,0x7a26ade40e9e8c32L,
-        0xdba2bc77b15795a0L,0x4a4ef3a9e390b4ccL,0x0000000000000107L } },
-    /* 34 << 56 */
-    { { 0xb822040321dd5804L,0xc94d9465a3678e1aL,0xd4f146062c4bff3bL,
-        0xcd466a747b9ebea0L,0x2b6ea1b11a3915eeL,0xbfe9fa8d4c9d25b1L,
-        0x5acc811179c0b546L,0xc015bce832ae8d9fL,0x0000000000000199L },
-      { 0xb1b1a996c5d68750L,0x0e3f7bd1a3119441L,0xac55b06d80de3e62L,
-        0x1901ae921cb02517L,0xbb05723529251d65L,0x84ab8976f8de5e88L,
-        0x8b0306a18a2a5ceaL,0x9ff34fa9b109a4f7L,0x00000000000001c1L } },
-    /* 35 << 56 */
-    { { 0x8b2cc329e83b40b2L,0xd03981d20af83376L,0x223bb252aa06f709L,
-        0x98fdf150d0ed1e1fL,0x7197d38267248d5fL,0xc87c56c008a30dffL,
-        0xad81ab335715c061L,0xb4c884e24a323524L,0x0000000000000122L },
-      { 0x715113b529703ca5L,0xb22e290ccedaf9ddL,0x627021563b1af469L,
-        0xe0bade40092e1c63L,0x1e7acfe15a88c7d1L,0xcdc94e4fb93c02c6L,
-        0x8053412b444075f9L,0x73d22f8ea1d504feL,0x00000000000001a2L } },
-    /* 36 << 56 */
-    { { 0x36a54e320063e3a7L,0xb6ab589b2e92d11dL,0x8472d62cadfa6a1aL,
-        0x57c611004799cceaL,0x7643922d8a3d93afL,0x55c52a1e7e3deed7L,
-        0xa0399845e3d1e892L,0xe9e618c644708214L,0x0000000000000035L },
-      { 0x0f929bf6c945e0b5L,0xbf9d77efcd8bcf03L,0xdb81f7486f13964cL,
-        0xad6fc6071da1d2d6L,0x658cbe0e689fa23dL,0xaaa75375cf636410L,
-        0x5c69a9f55f5e58b8L,0x518fcdbee31fb8a4L,0x00000000000001d3L } },
-    /* 37 << 56 */
-    { { 0xe2ad01a012b9d5abL,0xa94dc3c22971085bL,0x6355e2e3013db1cbL,
-        0x91e8f97c89904bc7L,0x4f79feeb5e230144L,0xafa43327cbf85425L,
-        0xc3326b4bd442e79dL,0x696348b814e996efL,0x0000000000000040L },
-      { 0x4a58ba810613928eL,0xd30d25defaff6e4cL,0x6ad322500b0b681dL,
-        0x79e4e5c4e8c851fdL,0xc90a7058e2a3530aL,0xe2f77504052a52a5L,
-        0xe34ab1ae2475a042L,0x9cef5db6ac963f34L,0x00000000000001d1L } },
-    /* 38 << 56 */
-    { { 0x0b472c43ecfb80deL,0xb75578188d5196f0L,0x30b9f8aeed8ed1caL,
-        0xa918b126b15b2bdfL,0xe178db2f9514c041L,0xeb5a0fde8071a8e0L,
-        0x21a6b6aaa6e3fbd0L,0xcde45edad9a740a3L,0x0000000000000193L },
-      { 0x6ce6ff4ec84efc29L,0xf7196b6a7acbfc4aL,0x5738f1534c99adcbL,
-        0x0f8d6be935bb6865L,0xaed7c338f140328fL,0x3ca7470417870fb8L,
-        0x09445978820d213cL,0x35cabb29e28e0ea3L,0x00000000000000f6L } },
-    /* 39 << 56 */
-    { { 0xb78f9b1e46e1e6d1L,0x2ed415ee865fb220L,0x3360c23105fb6fb4L,
-        0xd9e41dc9b4123875L,0x850bc64de51cfcb3L,0x5a4028277fb29e1cL,
-        0xa819c1459a1fd35dL,0x8963c9145adf53f3L,0x0000000000000096L },
-      { 0x351539579dc592daL,0xced12343842c7d44L,0x45e5c8029b3ca1dfL,
-        0x93fc7aba55fca7dfL,0xcb44a2f1565bfe7dL,0xeab3c41a6a6d828eL,
-        0x832aaaf0b3280533L,0xc36ebe30002f19ecL,0x000000000000006dL } },
-    /* 40 << 56 */
-    { { 0xbfe65b92256f11aeL,0x41a8ca150644ccdbL,0xe72c186365b6247eL,
-        0xe9f2d3429527c44dL,0xf6db950dd064e99eL,0x02e75e2bfa7900bfL,
-        0x159712c560f397f2L,0x26eb5985287407e1L,0x0000000000000159L },
-      { 0x252ae5169ac237efL,0xf57b24855909b88eL,0x78c4a6859abf3888L,
-        0x0e57276f7fbe4495L,0xb9f442a4dad1dd50L,0x20323a507183d2d5L,
-        0x1e676b45da92af11L,0x175b3098b5f33ca3L,0x000000000000015cL } },
-    /* 41 << 56 */
-    { { 0x942771e527b66afcL,0x5a76b2fdd50f0efaL,0x299b8398f6f37575L,
-        0xb9e442799d7b0cb0L,0x7962c682564cf210L,0x70aea74fa2ec8efdL,
-        0x7ebb28461b348292L,0x40b56fbf19dcd6d3L,0x00000000000001d7L },
-      { 0xe4ff5d4aa08f1cb4L,0xfdce86fb3ff162ccL,0x995a1749d9c055c8L,
-        0x5be6cef5e3361d50L,0xda779c62528fda04L,0x0264ede22f552d58L,
-        0x28357e96ad3823aeL,0xc574b6220958846aL,0x00000000000001cdL } },
-    /* 42 << 56 */
-    { { 0x4d949b43a2192eb6L,0xd0de4a428ff40937L,0xe301c8c698fc090bL,
-        0x2165e3123a1432b5L,0x30a1e1eb1a548d24L,0xb66c9f969ea5f18aL,
-        0x28de679479bd7860L,0xad6af8cee995d105L,0x000000000000017eL },
-      { 0xe62d25e80f66e7fbL,0xeb2b047e88130c02L,0xe5efabe5f80b2318L,
-        0xba1f6034e02a6606L,0xe48ec52ac80eff69L,0xd8b89963cd47e665L,
-        0x2694fa9e78df8006L,0xd934e06fdc90bb92L,0x0000000000000104L } },
-    /* 43 << 56 */
-    { { 0xbdc431c9ad266526L,0xbcd5379c9e6ba1ebL,0xd8fc65f5826ce26aL,
-        0x507c025156e89a30L,0x8ec5b4caece29675L,0xdd420cc204892288L,
-        0x918fb43e1582ffe4L,0xa3d0b98215ec5417L,0x000000000000016aL },
-      { 0xdeecb7356e2a93d2L,0x9def735bd30c86b8L,0xe0df13b92ae8f100L,
-        0xd9f31ccf470824c5L,0xe80be73073dd956fL,0xe807bc69658cc359L,
-        0xb8739dedee8aacc3L,0x55c2bcac185d5debL,0x0000000000000123L } },
-    /* 44 << 56 */
-    { { 0x62044fa7be3ae5f4L,0x5d17023b9ee07956L,0xb01411700a1c53ceL,
-        0x390aa024b633da2bL,0xad7f59f5895bf18aL,0x3124a23cb468fe0cL,
-        0x92ca9da8b12aa6f9L,0x25147c19ebb5363aL,0x0000000000000022L },
-      { 0x900b43421dab5723L,0x0e396b3038ee6d5aL,0x1d3fd7ae1561252dL,
-        0xd169e474281a619eL,0xf25b8b97bef82d20L,0xa77f259526ffd23aL,
-        0xc4075d3659107aa9L,0x4989a721e23d327cL,0x0000000000000043L } },
-    /* 45 << 56 */
-    { { 0xeb1574d03f710952L,0x9657aa2874526b72L,0x7076e904776a3edcL,
-        0x83f624e2036e6cf0L,0x270d20bab0e58a2cL,0xef81f06d5199fb54L,
-        0x50f81b5e9ba0b9d1L,0x14e233d537d9444cL,0x00000000000001f7L },
-      { 0x9ff63f3750de8a6dL,0x714682f14a57ccbaL,0xb16d90f38d6253f0L,
-        0x2690aca4f1fb2279L,0x5c8e1c463fcd9343L,0x1f2f4c3f2b43dfd0L,
-        0x9deb00529b4e03c0L,0x75061f03526d24e6L,0x00000000000000bfL } },
-    /* 46 << 56 */
-    { { 0xe2ca98a649f1acc8L,0xb46de54a52116d8bL,0xc5be41266f108234L,
-        0xb5e07998003f2803L,0xe387c00379eff438L,0x4c0287daef9ad35cL,
-        0x0a8181cbd85d5441L,0x70ca63cfe9926489L,0x00000000000001e7L },
-      { 0xdc2fe75c91ae2059L,0x4e23a3c7eb458c3aL,0x02922886913edb61L,
-        0x66549c892805c886L,0x599148224b1cc49dL,0x3326135d3790bfbbL,
-        0xaa62b1535b40d61aL,0x06f704773550a984L,0x000000000000011bL } },
-    /* 47 << 56 */
-    { { 0x23c79b50ac79f04dL,0x96ace814167f28e0L,0x5644752c2d99e5a8L,
-        0x28bfad59c099f81eL,0x27250746e9970582L,0x210db573f528c364L,
-        0x5b59afc5e8f782d5L,0x402269fb05ace43fL,0x000000000000018eL },
-      { 0x1f133f478b618330L,0xb691d541312582e0L,0xf40d84c8a3f64f94L,
-        0xb2ed7ae2d60b793aL,0x0b604ad005a966ceL,0x12809a7526260877L,
-        0x1248f6b2686c8bcbL,0x4eea6c43474eb54dL,0x0000000000000045L } },
-    /* 48 << 56 */
-    { { 0xc1d7001b26e22b52L,0xb4b208962825905dL,0xa064fdcde739e7beL,
-        0x83bfa334f2d62d9aL,0xa2baf3892758b810L,0x3a88f2e4ebd64633L,
-        0xd621be3476dfd697L,0x7168c0779f4a85c3L,0x000000000000017eL },
-      { 0x5b8f06f520f8f0eaL,0x95e44505cfacfc46L,0xe20192bd787844b5L,
-        0x316468c44a04adc2L,0x30d71497d6774463L,0x7c826a925a606a2dL,
-        0x22abadf981ba512eL,0xeb15b45fce26365cL,0x0000000000000146L } },
-    /* 49 << 56 */
-    { { 0xb9887fcaf7bbbaf0L,0xf0826aeca4ce1d88L,0x4d62ea62c4f7965fL,
-        0x06f15abe449e26f1L,0xc18e11f2b31e5238L,0xf8b93bbc1af9d49aL,
-        0xcd0a8fb808d073aeL,0x4b51841540d4dd9fL,0x00000000000001e8L },
-      { 0x7374840c30998d71L,0x589382d436ccc41aL,0x9ca23a60306c2184L,
-        0x176eee48b753b87fL,0x434f008845478462L,0x3fb180f1636c669aL,
-        0x558742218a7ad6a7L,0x8abfe4a668f8bf1aL,0x000000000000015dL } },
-    /* 50 << 56 */
-    { { 0xd232ef02f6009ce1L,0x33e196f312d0c06cL,0x61b889c3d37ab4c6L,
-        0x6994c1271c3a216cL,0x50bff9f8aecf084eL,0x7d2e7c71fa0d3536L,
-        0x4d0c3a44f42e86b3L,0x42a1cf960b3e7d90L,0x00000000000001b1L },
-      { 0x6bfc53d7f9bec891L,0x0969a0d9708ecba2L,0x57d04efe31b7bc78L,
-        0x7ebd3fd128efd902L,0xa9cfa0e9fd6e7da3L,0x39fae95964c474b3L,
-        0x6549f29eb68d9f5cL,0x3c570ecc13f84c68L,0x0000000000000060L } },
-    /* 51 << 56 */
-    { { 0xbf9a21ef1634ceebL,0xb16b78a414c68429L,0x7ff643a098fb371eL,
-        0xc733a0a42e44c567L,0x24e633f2d310aee6L,0x3ce8bdb316e3c03bL,
-        0x3ed7a15b662d44e8L,0xa81ea8e22329d421L,0x000000000000000bL },
-      { 0x28405c80d6491d1dL,0x6ac0cea7e069e536L,0x6d6d4d3e7e67cf0bL,
-        0x889fe753240ea8e9L,0xcbbf7c5b0a89ac1dL,0x1dd88ea1a2477925L,
-        0xefd5f0e148e2e534L,0xaf56b1c5af3ff0e0L,0x000000000000003bL } },
-    /* 52 << 56 */
-    { { 0x02d6a09b39435d76L,0x14607c4033261f8fL,0xb7bbc6828cfa6714L,
-        0x24891fac3486f8c5L,0x940f9bea8592cea5L,0x20d420065230ad37L,
-        0x3bff94e036b6e919L,0x596fec36468065a8L,0x0000000000000163L },
-      { 0x1836fecec86ba807L,0xe1f9af2970ec6073L,0x51b5a102f4de5c91L,
-        0x0108f1ed8eed7ffdL,0x22569348f45657d1L,0x59b9601720dbe0b7L,
-        0xa90e49237730150eL,0x477531f6182fbcc7L,0x0000000000000106L } },
-    /* 53 << 56 */
-    { { 0x4e73f4eea189246bL,0xf9fecdedca87ad2dL,0x207ec7d5e2e3d505L,
-        0xf37313baff1083e2L,0x16c97e9761bd24c3L,0x89474bb93845239dL,
-        0xca1c54f442bcd760L,0x20cae9061413c906L,0x00000000000001f9L },
-      { 0xa2333077c7397651L,0x5c211fa519423669L,0x559cd47daed32353L,
-        0xadff408bedc217ebL,0x40cf1b33123dc0f4L,0x839ce0897e4a35f4L,
-        0xff76ddbefb7762b1L,0xe8e61888a4957ad5L,0x0000000000000130L } },
-    /* 54 << 56 */
-    { { 0x591de5c6362c4edeL,0x39aa3a8cf936a410L,0x471d9875f45a68eeL,
-        0xab848bf26417283dL,0x3930f64c17395a6aL,0x46c2c2ecd5c088c5L,
-        0xc82eea0217d1685dL,0xd2578ceff9e81418L,0x000000000000000eL },
-      { 0xd203425d8941c18dL,0xebbd3e9aa73385c8L,0x13b2699de2650901L,
-        0x021e79314a90be3cL,0x6af0b6e9e7819b93L,0x2eb061baaa10e875L,
-        0xdab14c0d7d693ff1L,0x23a83afc0f7ce5e2L,0x0000000000000139L } },
-    /* 55 << 56 */
-    { { 0x3415bc0daddd94aeL,0xb6da870e206a5091L,0x383aebe8951ecb36L,
-        0xe2381acfc3cc4b83L,0x2c57fcd46077da9fL,0xec27dce3cdc2bfa4L,
-        0x5fa457d7ac74831bL,0x70929b9d873146d5L,0x00000000000001f3L },
-      { 0x2898bc157ff3cfb0L,0x933c69db1b1cd249L,0x21dab0321a6a3715L,
-        0x06e0bc6b6ced718aL,0x93052d3510328c54L,0x8cc2fac1d73c7c80L,
-        0xcd2b155686936113L,0x458e24e07668b2bdL,0x0000000000000168L } },
-    /* 56 << 56 */
-    { { 0x5ac4879b41fa2753L,0x2b60d3a8345073f1L,0xe2046eb872eac59bL,
-        0xf480bccdf197df4cL,0x326cfce9578d9371L,0x15c3eff387f19540L,
-        0xf5d1f2f62d76b437L,0xaa3b9f284a2d837fL,0x000000000000004fL },
-      { 0x3bb0f06972915337L,0x3514f6f95f8295faL,0x1dcca7e3156a036bL,
-        0x68d2d0615d48ae2eL,0xb5731bd212ac786bL,0x4015ce122bd726a6L,
-        0xd3b325b52f972524L,0xad89e2c715ca38b8L,0x00000000000001dfL } },
-    /* 57 << 56 */
-    { { 0x80f3752746ba3374L,0x17c3915a76b9250cL,0xa81ef86e5641a4faL,
-        0xdb65b01ec2e3b903L,0x46b79c9acbaa007dL,0xf96657aafa03f7d5L,
-        0x39c73fbcba538237L,0xe95777559318c4a9L,0x0000000000000063L },
-      { 0x78d1e0b2fb143ab2L,0x93fa7bf4cac9457fL,0x316cc8b62c49a2ceL,
-        0x5aabc3b2f41cd892L,0xeee80db1bc9a08faL,0xfb07f5c1b59f1a2eL,
-        0x1d1ae1622a1ae2cdL,0xfb1c023c3b5e28b2L,0x00000000000001a0L } },
-    /* 58 << 56 */
-    { { 0x57e6838723bbb10bL,0xce43b3fbe2d50c09L,0xf1dfd466de95334dL,
-        0xd33833ab00568c70L,0x3b07afa03dce59d5L,0xe06155f041d46076L,
-        0x66345e81ec062903L,0x35831a3a7d9d7c58L,0x00000000000000c9L },
-      { 0xcfc25d2564cfcde7L,0xb06f5dce33ced182L,0xe4c9634dd03004a1L,
-        0xfb6ff3a0ae1218d2L,0xd789018b67a58246L,0xecb1e40866957bbcL,
-        0x905b08ad2c29f673L,0xb1a3289d3755ffdaL,0x00000000000001e7L } },
-    /* 59 << 56 */
-    { { 0xdb31fac07977f851L,0x94f0265d50bac93fL,0x112b3aa3de5cc643L,
-        0xbd801c10091773b4L,0xd39349f406356000L,0xb6d10739951a5fccL,
-        0x67c4c2a346a64c7aL,0xbbff71099b914860L,0x00000000000001c0L },
-      { 0x3bfe3e8b848ac957L,0x05211d3b5389375fL,0xeb0bc5c75c156ba0L,
-        0x08d24e2a1a7a553dL,0xfa0cc235b328cb81L,0x782a58dc91f27c34L,
-        0x149da3fa1cdf0ee6L,0xdab41dcbf1d7c685L,0x000000000000013eL } },
-    /* 60 << 56 */
-    { { 0x468816bf0e4b804cL,0xe3c85f32cf84abe3L,0xf2a460f32a6e257bL,
-        0xfd519486a6979e17L,0xbc722a3681e12915L,0x43285362e2965c8bL,
-        0xeb684e297dd12eb2L,0xcf0b3d2c51940f61L,0x00000000000000b5L },
-      { 0xa9d02d65f2905443L,0xf19253da29be718dL,0x6fbe038204a5ffafL,
-        0xd4d42b3a5466364eL,0xf2575aeb4fb8b934L,0x56a35ffa88dd5475L,
-        0x894d296f67b692e6L,0x50e6c388fb45781eL,0x000000000000018eL } },
-    /* 61 << 56 */
-    { { 0x352429236de91b7fL,0xe73222409cc8a649L,0xee8e66a463b2941eL,
-        0xc8bd62c66e2c9a28L,0x3e82ac1bc43d158cL,0x2eb41b3b9be8efd0L,
-        0x551eec869d585174L,0x258c356317ccd162L,0x00000000000001e4L },
-      { 0xe63ed8577a7d717aL,0x0f09b874c207eb1fL,0xbb94042c0ecdee46L,
-        0xd08478728f418f3dL,0x3eab958e700177deL,0xc326a47822aea03dL,
-        0x22d01a0f37ccd3d3L,0x0bbe9ef8f9dda412L,0x0000000000000140L } },
-    /* 62 << 56 */
-    { { 0x0c949e8cc853e7e9L,0x52feaad8231a9c75L,0x382cfee233fddf9dL,
-        0xc6b412401b081917L,0xbb2af113a5800aceL,0x203d3b3f62a15a88L,
-        0x174b2602c32d6121L,0x32bc39cfd9a93228L,0x00000000000001f5L },
-      { 0xf13bf17ed40e0765L,0xc54f2409c1eda9b9L,0xe824c8805d92029bL,
-        0x43d79cbb1e13c2d3L,0x4b8b896c14d20cb3L,0x3c32a0d82559daa6L,
-        0xdd2321a03cfe4976L,0x6dc9b1af4fd3ecceL,0x0000000000000024L } },
-    /* 63 << 56 */
-    { { 0x0b7ce8de2ef7874bL,0x7b4bfaa070157203L,0x4b6f5fcb1af1491eL,
-        0xc0b9acac1e572d0dL,0xe4012cfb1d5fcf38L,0x80f2e86c0a1993d1L,
-        0x4c7ae53b9d2105deL,0xabfc15200cf27789L,0x00000000000001f9L },
-      { 0xb62c40f483f73444L,0xd3306a87826409c7L,0x9f04fded3ab05940L,
-        0x3d7534fb2d9db0f9L,0xe36a557d5f5bff91L,0x3c009b9826b33300L,
-        0xfee7231232a9d384L,0x1d83185a7c1210c0L,0x00000000000000b4L } },
-    /* 64 << 56 */
-    { { 0x72f88bd2a3b42a3eL,0x7cca9272c8287e7aL,0x527c4a5caad93849L,
-        0xfb481c75da6615c2L,0x27ce59bf042b3497L,0x70b3fea29ef62e76L,
-        0x025ecfc40d097f4bL,0x5ef137da607f9d21L,0x0000000000000053L },
-      { 0x3295047616741f79L,0xeaac9e23a4e120e4L,0xe15f333776f4fe2fL,
-        0xac402f2d8028f30fL,0x87a6b88b99c4b4d3L,0xfedd124cb0866e18L,
-        0x07c5d4334aa80397L,0xafdfa6830961d56aL,0x00000000000000a6L } },
-    /* 0 << 63 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 63 */
-    { { 0x1f70b2980af43bd4L,0x9351c3c2d13901f9L,0xf702c613845ea55bL,
-        0x892be0152c193388L,0x485c40141e6adb21L,0xf394d50e9296f310L,
-        0xda5872dfb9ab0f6fL,0xa10bd887f5d389aeL,0x00000000000001c6L },
-      { 0xe268935dc8f44c3cL,0xaa7e595bfa72991bL,0x78c2a8e39bf7d8ceL,
-        0x0caadde13b655948L,0xd9444be5c080228cL,0x4990733bf651b425L,
-        0x7513085102578b0fL,0x5c375bb3c5635719L,0x00000000000000d6L } },
-    /* 2 << 63 */
-    { { 0x94a182e2689dbe3cL,0x2d8ee16602610256L,0x4d0cb259e6294291L,
-        0x244db1200a7fcf2dL,0xb50d34b08f58f3afL,0x2ad4b9ec13275075L,
-        0xa19beccfc96bfcfaL,0x1a5509da86f5baf0L,0x0000000000000185L },
-      { 0xefe1469c5ac043e6L,0xc86b77217d273130L,0x2324af0c2606809aL,
-        0x33a3324e21800fcbL,0x8a38f30fa6b0d999L,0x12db51d0d038b182L,
-        0x53ca86ccb3490ff5L,0x2ecd7ecf7a935163L,0x000000000000016fL } },
-    /* 3 << 63 */
-    { { 0xc4bc947556f30775L,0xb8bffac8a7779bc2L,0x59c0b0079550271dL,
-        0x68dc98306303b3f7L,0x4079b84d19d6cca7L,0xb3a87933f7ff41a1L,
-        0x8417384b97ab2b4dL,0x795a4fd926faec00L,0x0000000000000179L },
-      { 0xc72b8fd99ce51ceaL,0xc230b054cc876f6fL,0xfdb6c8fa23c093c2L,
-        0x6c7406112bbd837bL,0x5f6bc8c543802bffL,0x4cfcbe27f9bfb3f5L,
-        0x7ed94f5c4444552eL,0x12cd078f366d40dbL,0x0000000000000089L } },
-    /* 4 << 63 */
-    { { 0xf192b0164b374ff4L,0x3aaded48125fd529L,0x57484ac45dfa717dL,
-        0x815b6549a4b4e41eL,0xe230ea493153d4afL,0xbd883b1277769a23L,
-        0xae58965ead605e32L,0x4cc9cfcf77179455L,0x00000000000000a5L },
-      { 0x5cfe2ea43f30741fL,0x79c512a52565e3d7L,0x9a4075adaea005bdL,
-        0x6b2593277fca076dL,0x1ea80148166a3678L,0x25075d36d75fda30L,
-        0xd9f2bba9ad53e052L,0x04fc6adc182ac606L,0x0000000000000090L } },
-    /* 5 << 63 */
-    { { 0xee4779be0ebd57d7L,0x459b071978264e7fL,0xc881006f4bb02fc8L,
-        0x9379e60f2a5e085dL,0x4dbca56b92d5f103L,0xb12b712ee2f44c2dL,
-        0xb00fd84a642c9631L,0xdec635e926d7fa3dL,0x000000000000006aL },
-      { 0x6c7096bf5787204cL,0xff933f0d77eeab07L,0x98ce764279f79751L,
-        0xa30afccb5d93fe38L,0x5019a10fa1509d52L,0x6da21e0612f60c20L,
-        0x0caadc3c96ee3760L,0xc316231446e7b054L,0x0000000000000129L } },
-    /* 6 << 63 */
-    { { 0xbb3cb4daaa283027L,0xb3284a114637a686L,0x2f675f378d4d1678L,
-        0x4d2b46fe6bce4a50L,0x65e0d06d583ad60dL,0xa897d633525ea4b7L,
-        0xe2aa9fcc42bb371cL,0x8f91d296dd500e47L,0x00000000000001beL },
-      { 0xc43c6cffaf7965f1L,0x116c957ca63638dfL,0x80c1361be5a3f8a7L,
-        0xa1f87abecc9582d3L,0xd47bc0102bef1ff9L,0xdb660935f3fe712aL,
-        0x8cc56dcfcc584a15L,0x27984274a035f2efL,0x000000000000019cL } },
-    /* 7 << 63 */
-    { { 0xfee036b2d5a60b38L,0x6c09cbdd3de853d2L,0x11f2edd4d74766efL,
-        0x19ec36dabb8e5e8fL,0x3755e6f8b103f6efL,0x79a6edc7cfd76631L,
-        0x7f3d410265a8227fL,0xc02ea4d369326d57L,0x000000000000019dL },
-      { 0x8d5764e32379c4a9L,0xdee4a0f9250aef31L,0x88e469b586f0044aL,
-        0x4e83703b0ef683ecL,0xe5887ceab9688ea3L,0x6b42207428d29d78L,
-        0x3a20510f60098e8bL,0xa6d929986b4eab5cL,0x0000000000000172L } },
-    /* 8 << 63 */
-    { { 0x803986670f0ccb51L,0xb87e1d013654974aL,0x7f58cf21b2b29ed9L,
-        0x06c0e9aaa3add337L,0xf13b35d0e9d08ffbL,0xdd8bf44c96761627L,
-        0xa4a18c14758a3ef4L,0x96a576dda0043adbL,0x000000000000013eL },
-      { 0x2bde24f8632d95a3L,0x79f15ef14c524829L,0xaadd863e9bdaba19L,
-        0xdde053f4a962b707L,0xc598a2de14258d98L,0x9fa5a19d061c235cL,
-        0x0ed46510e8ffd32cL,0x2aea9dd1ef78ceacL,0x0000000000000185L } },
-    /* 9 << 63 */
-    { { 0xdefc05a810b7033aL,0x3f675458ac32078fL,0xd3ea130a9dda153bL,
-        0xda427c6edbbec7f2L,0x10c3809b269c27d6L,0x6f00e4483acf442fL,
-        0x00cd414cae989dcdL,0x33eb20b2f559398aL,0x000000000000013fL },
-      { 0xd16d5178ee191966L,0x641a327ef65d2127L,0xac8d07fac5fe58aaL,
-        0xf0bf06d10e428901L,0x65ea2147d6f1477eL,0xdf1a1634f78e78f9L,
-        0x43cec4b2889a387cL,0xb52152850e161507L,0x0000000000000163L } },
-    /* 10 << 63 */
-    { { 0x2bb9d8b5b329f7d3L,0x7e561b23569eba9bL,0x65fdae9309b7bca0L,
-        0xf4206737ef327916L,0x2963cd698f7b2113L,0x3b22a38a9cc9532fL,
-        0x455c3790b31def2fL,0x9a6cccd5931e5346L,0x00000000000000e6L },
-      { 0xe9860742981c49a8L,0xc6bbffefdac58cfbL,0xf28ca98c7dcbbfa6L,
-        0x6a53c5d43e512f79L,0x072d38f9fee0577dL,0x75fc677e0b2260d2L,
-        0xe1ce6a188e97c4b8L,0x48308dff3d3b1e4aL,0x0000000000000109L } },
-    /* 11 << 63 */
-    { { 0xbc61c248776b9816L,0x2c83f888139741f9L,0xeab3396648a694d8L,
-        0x6a7740beddf8a509L,0x3bde3e01f388b62eL,0x5c579737c76e98eaL,
-        0xafea98992f10893bL,0x1d6486dafbf3549aL,0x00000000000001b1L },
-      { 0x43087f5893143072L,0xe844a95631e5c89cL,0xed5c4e44bee070faL,
-        0x7371101a889fd481L,0x282498090f890001L,0x4c8a8d3097b45376L,
-        0x4fcaf87c54c665a0L,0x8685ba22863ed8b9L,0x000000000000019fL } },
-    /* 12 << 63 */
-    { { 0xd389b38cd19f496eL,0x9868052fdc520fb4L,0x698b397ebf6e877eL,
-        0x7896e7ac15d39a80L,0x3eecc9b5057ce533L,0x00f6cfc7001509b4L,
-        0x8c2c3d6ee01e25f6L,0xf64a3e270dd1056aL,0x00000000000000f4L },
-      { 0x192245f8ba1bde97L,0xb68aa03741e87accL,0x849cb6e449d24c74L,
-        0x93c36f752569de67L,0x93542a5630ad91a4L,0xa802f2bfcd021165L,
-        0xf3eb185fcecd5cdcL,0x42ef43d9ae520746L,0x0000000000000185L } },
-    /* 13 << 63 */
-    { { 0x78a7620a8a3944cbL,0xca1330ad3a2c833aL,0x151fe934a9fff1aaL,
-        0x03baba7dd19fba22L,0x8cd7ec0578147950L,0x8e217c558062827dL,
-        0x91e43f9a80a596cdL,0xe63325fdf60dd85bL,0x0000000000000109L },
-      { 0x3beb5eceb5446496L,0xdb683de1a5d6592bL,0x1e1c60087cfee827L,
-        0x2c4433fbaf08ef62L,0x6818f3ec36270cc2L,0x03581a8683829e2eL,
-        0x40161dd9a2a84e47L,0xfe30fa15a62fe107L,0x0000000000000013L } },
-    /* 14 << 63 */
-    { { 0xcc39400a70a75215L,0xd237b4077ebe4792L,0xb2cf5c3bd20c2507L,
-        0xe7b00e11daa4c46dL,0xa576029d38cec7a9L,0x699005e7b05e1375L,
-        0xb88d5837f1b051bcL,0x054f8abb44630f00L,0x0000000000000060L },
-      { 0xe53a8d17da2bb0c3L,0xcfdd266cae7bdb56L,0xd9551cebdb11c9b9L,
-        0x1a11ac221fc5b3d0L,0x63056e13e161a118L,0xdfd99567f76b5e73L,
-        0x7f5f7283836f2217L,0x8323f67fac0c57e8L,0x000000000000001aL } },
-    /* 15 << 63 */
-    { { 0x49581733db3272b4L,0xae447ec9076cd8bfL,0xfa292064666afbe3L,
-        0xf8194e0e317ff821L,0x87ab3e6df316b471L,0x2d909542058df8f5L,
-        0x951e4970d7fd5afbL,0x073c56e8e8f2f73eL,0x0000000000000175L },
-      { 0xcd8497e0c3995b6aL,0x76d443067eda0594L,0xc71be704d1359e77L,
-        0x3e29076941cc9d7aL,0x7762b707ad2c5ff9L,0x4208efa8d4102ac3L,
-        0xfa15b04cc6d0e969L,0x977815e5ee7e56aeL,0x00000000000000b2L } },
-    /* 16 << 63 */
-    { { 0x2838cdbfeb5a169aL,0x25c826c4e1505d76L,0x2d5b0ff8c512faf2L,
-        0xcf831e691e5cd6d6L,0x4540775caf5eda1fL,0x4f4514da5ad5605eL,
-        0x8472b1ae2f87cfdfL,0x07c8cbcc9e338ce6L,0x000000000000014dL },
-      { 0x096ab718d9243216L,0xe966635fe37cff51L,0xced8fb110586ebbcL,
-        0x3216d6af86abe6f4L,0x37392a301b77f4e2L,0xecc903afb8ef62b3L,
-        0x0453dc44fd74231eL,0x3cb3927b57895508L,0x000000000000013cL } },
-    /* 17 << 63 */
-    { { 0x6e902960eae03d4eL,0xf94cc9d57676a731L,0x0a624542451cd174L,
-        0x702f8c7ff9a07db6L,0x9c4d40d28812a01aL,0x3fdb4c44d775f115L,
-        0x3ac9ed82f31b60aeL,0x0c7df028f7bfbf86L,0x00000000000001cbL },
-      { 0xf0269e95a5da962aL,0x3cd5a3532fa54061L,0x120017f41745823bL,
-        0x8032a3c67de7a766L,0xdea8fbfb36927fd0L,0xc8a86f2deffef472L,
-        0x1931f92fe94c1b8aL,0xd2aaccbcae43c384L,0x0000000000000023L } },
-    /* 18 << 63 */
-    { { 0xa1b0bbc3e372d394L,0x4eecaeca8044f021L,0x97636d0124c350e7L,
-        0xf1f047ef209d0e2dL,0x0f922e78d12b0758L,0x8808519a01a2a08aL,
-        0x6570af356b5dcc8bL,0xee31edf8b59cee8eL,0x000000000000003eL },
-      { 0xd467ff1c9bcdfe17L,0xa6feffa02d58b7e4L,0x3b8f9b17271e5025L,
-        0xbe2d94786c151628L,0x934cf55f75fa8b04L,0xd6217d62abf8e3efL,
-        0x6f1625cc9841059aL,0x8d4b7142ed8bf5fcL,0x0000000000000148L } },
-    /* 19 << 63 */
-    { { 0x2f17878e04af92fdL,0xdf29ab114470d793L,0x62094a2a645c90daL,
-        0x386b0df0e461f0d2L,0x0ba305e3fcfc889bL,0x01b6e611b9ce50c0L,
-        0x396be840f25a09d7L,0x6bd838a8d5715b41L,0x000000000000018dL },
-      { 0x60d5c8f971c336e6L,0x7967118885352eb0L,0x58de4fd6d579c51cL,
-        0xf65c5db8b8e61555L,0x88023de715ccbec4L,0xf2334044e8662625L,
-        0x469745190bbb953eL,0xe8eeca46d6f4b217L,0x00000000000001a8L } },
-    /* 20 << 63 */
-    { { 0x6bab39543f106abaL,0x3d9c29e352dc57c5L,0xbe339e28d50ff250L,
-        0x247c8a49f08b8b6cL,0x79dd3128317bbe5eL,0x735c5b6dd533b321L,
-        0x1374c3a28fd164c9L,0xce029be81cd71fb5L,0x00000000000001e7L },
-      { 0x0657b663c6aac6a7L,0x0dfd84e22f233cfbL,0x210fbd7bb2f9d0b2L,
-        0xd7e7ca02a90dec0dL,0xc37d11213fa3b10cL,0x160276ee1aff3c3aL,
-        0xd825f5ceca6d0545L,0xe03cdac46558c1bbL,0x0000000000000124L } },
-    /* 21 << 63 */
-    { { 0xe3bdc41f8a78618fL,0xe5e00b1c2fa238c3L,0x132f66010ad92caaL,
-        0x35cdcd7606de8ddaL,0x78c2f93ab95776e5L,0x3819082008f8ed10L,
-        0xa2862e2c045f708aL,0x5bd7b941acb45943L,0x00000000000001c8L },
-      { 0x23fbe1be22514d9aL,0x7e20070b8cd4c4b4L,0xb77618475401c6d5L,
-        0xa95163e18bd87a02L,0xc87858801cce9d98L,0x814bc82ea8f70e71L,
-        0x166f6fded4ddb0eaL,0xc2e1b1800be17361L,0x00000000000001fdL } },
-    /* 22 << 63 */
-    { { 0xd238e451a7c101bfL,0x0bad1bd28a0e4552L,0x15eb91427e77916bL,
-        0x9c8ef51649ebcc4aL,0xf6425c28ca085959L,0x498ce242c87d4707L,
-        0x14b8121edfbf2093L,0x338d5aacdc3b4580L,0x00000000000000e9L },
-      { 0x886a911f6177b4ecL,0x6d305ab15a7d1548L,0x6ec3be3475e8baeaL,
-        0xcf1cb5a7891bdf87L,0x9aa5f7ec6088b030L,0xe261eedf83288f6bL,
-        0x2db08f6444678f76L,0x8d912da6c1cc7f63L,0x00000000000000e2L } },
-    /* 23 << 63 */
-    { { 0x03241429b406a7c9L,0x1b3c5b0c0308dd8eL,0x27f414dbcb00e3ffL,
-        0x8a9e850bba256af6L,0xd8f206fadb86c3b8L,0xaf051dbdec108e78L,
-        0xf8093ab3972aaeffL,0x2bc37f41ac85f743L,0x000000000000006eL },
-      { 0xf57594cbae5ca3d2L,0x0b140cbbbc1ec354L,0xcac08c4c7d8c40c9L,
-        0x0266382d8f8f46cdL,0x9a78dd2907b8649fL,0xd8fe7b2347d25b30L,
-        0x322a7bb1b13c050cL,0x7a03a032e5ce60b1L,0x0000000000000140L } },
-    /* 24 << 63 */
-    { { 0x0644bc15b320de71L,0x2ed296112aefad3fL,0x67754c4c88519d1dL,
-        0x47de1837e5f01818L,0x8ea1dd7e63033410L,0xc1abbecd8f6b2c5cL,
-        0xb06bd510c8ab4da2L,0x4e0cdecc5964e0aeL,0x0000000000000006L },
-      { 0x7c3b12481ffdb678L,0x28ff66790e9911a3L,0xaf7deb99a718a3daL,
-        0x391b96215e272577L,0x0f2789b0b4001e20L,0x60b4541686a4c603L,
-        0x0c3941313a259848L,0x3218bf48aa7e7d38L,0x0000000000000109L } },
-    /* 25 << 63 */
-    { { 0x9e4832f7116eeb08L,0x7554d6af45cb254fL,0x7098d4b3fab6ca32L,
-        0x994c923e7f403fcbL,0x265bea28516cf1e5L,0x927a73b63faae4ecL,
-        0xc69ac429986dbcd2L,0x67575e0ecdf65148L,0x000000000000009bL },
-      { 0x71fc74abaa76166eL,0xb0cf3fe0f558c185L,0x9b68f71b7630d7eaL,
-        0x78713c556bcf7e7dL,0x442d5e7f38f14777L,0x71c0d44b3002fd0fL,
-        0xe3ab882351ea27dcL,0xa89c6ef9a03d2925L,0x0000000000000080L } },
-    /* 26 << 63 */
-    { { 0xb03563923e5a6e61L,0xb5e0e27873b8d05dL,0x53f7d377b3078789L,
-        0xd56358e1c698706fL,0xa2674710505a1be5L,0xbc1559f4cb650c44L,
-        0x93361f0867d11d3eL,0xd5d124ba63826b8eL,0x00000000000000d9L },
-      { 0x943eb3571403f021L,0x80d125b3cf992a03L,0xb1365ff2d8bab8cbL,
-        0x5eb0490498a1fae7L,0x4f728e6f8004beaaL,0xa4b1dc8074121d80L,
-        0xb8b782b3c6b52616L,0x844cf275c3ab4b91L,0x00000000000001c4L } },
-    /* 27 << 63 */
-    { { 0xdb731dec2c7c6d72L,0x95be4c6d7253d7fcL,0xd983f26a3926cba7L,
-        0x256d5d8e5a99093fL,0xd645f6ec8fee2c83L,0x76df91bfb562b901L,
-        0x96cd6502753a97a8L,0xe53742c4a5a241d4L,0x0000000000000012L },
-      { 0x5e920ba21d11162fL,0x628a198b1bae3cc8L,0x571e9f2b57d92345L,
-        0x7a8271497c06194fL,0xddad8318036be033L,0xac129b561d5e7930L,
-        0x89a5024057a2e5f6L,0x92e5f7ac3a385984L,0x0000000000000041L } },
-    /* 28 << 63 */
-    { { 0x255d6d1bf8682934L,0x6167be166fbe8832L,0x3f2fb997c331343cL,
-        0x80c30a82bbc0455fL,0x6b06e6039604ee9cL,0x61433976a8a2c05dL,
-        0x9b693e3ca6c73e15L,0x5643bc3ac7b6d3ddL,0x000000000000001aL },
-      { 0xf362db1d072fc054L,0x95f7e68981452d4cL,0x14382bdc7e8044fbL,
-        0xf0ccc6594e884acdL,0x9f4598920db303d4L,0x4494e0177763f7b4L,
-        0x8d4de910b3422e42L,0x949b363a2b03d91dL,0x0000000000000174L } },
-    /* 29 << 63 */
-    { { 0xb20fa7f54065d8a4L,0xd5b8bde5f6cf1533L,0x61ca108443d18b61L,
-        0xb4601d7fd5f9671fL,0xe56d7386bb8f433dL,0x29cab0089d364d92L,
-        0x6ecb78fce1b4761eL,0x05c88ba39ae6c258L,0x00000000000000deL },
-      { 0xc84ab45ea2dcaaceL,0x3eaa1e487c3d46f9L,0xfb29bfa87eed4017L,
-        0xd630592c198259f1L,0xf88e6103edba3b02L,0x7e5463527779bed4L,
-        0x66431dc5fdd7c079L,0x9c9edb200505eab1L,0x00000000000001a4L } },
-    /* 30 << 63 */
-    { { 0xd5f2127b4413c3c8L,0x53d19d1790c5ee5bL,0xf46a12c4bd0b0607L,
-        0x23ff83b852f21415L,0x345d3cc5564a2084L,0xdd29de25b8128778L,
-        0xf22c6930511855afL,0xd4a6af3342541b83L,0x0000000000000067L },
-      { 0x3ff378abc334139fL,0x0d042fa8c59741e7L,0xcc57395df6333e80L,
-        0xd458b57146a21bf4L,0x7b5378f61b92954cL,0x0b6a333ea29d48caL,
-        0x83ebfc9324bd0efbL,0x84a30cec1062509aL,0x00000000000000a4L } },
-    /* 31 << 63 */
-    { { 0x7364675a65f8a22dL,0x29dd71039c0e9419L,0x7288a9c2677d42bfL,
-        0x1b1991ece9334a31L,0x4b82036d71ee3d46L,0x27597cb83d91b61fL,
-        0x1f4334c21acd3c55L,0xdd32214062f2ff38L,0x00000000000000c4L },
-      { 0xddf5a8caa81abb52L,0xcc1d2bd5579198bbL,0xc721ebe0c5d36fe7L,
-        0x80f82284e4f0a67bL,0xa611478e97997e42L,0x36fdad39b81d30e9L,
-        0x8abcdb957f9c8ddaL,0x81ddf6066c6cffd1L,0x00000000000000e9L } },
-    /* 32 << 63 */
-    { { 0xd8720c8ae96a67e2L,0xa646ecedd54e0f6aL,0x3936ce2dcbd31552L,
-        0x6d44c225b35268c2L,0x56dc0d086168f13dL,0x2b9bbca1fb2c207fL,
-        0xb4f0da3aa136c5a4L,0xed2cf79bf8216f89L,0x0000000000000141L },
-      { 0x1eb0707d7ec6bceaL,0x341b0f22ebe7eed0L,0x99c3c50c37333b3eL,
-        0xdcd5faebde463e09L,0xe688ed5ee481cdd0L,0x6fc12bd10fead808L,
-        0x7b8a498329746a50L,0x2be1b92f829e8d3cL,0x00000000000000a8L } },
-    /* 33 << 63 */
-    { { 0x81c98ad1581c9488L,0x3aae9ba74c2faccfL,0x4d2f796dcc390584L,
-        0xcb22c0644247e6c1L,0xed884751e19da72cL,0x4dd2400863d28313L,
-        0xad0c15efb0c8a9d6L,0xff5e4387d0d17586L,0x0000000000000023L },
-      { 0xc41ee78e2c12a59eL,0x8b5949a3ffb2cb34L,0x62a3917a30a3b1a8L,
-        0x5e9cd23e2d50ea6bL,0x226184de89a1faf0L,0x3d73604ee842ca17L,
-        0x72b01c78c7b33e65L,0x46bc0719126c1d15L,0x0000000000000163L } },
-    /* 34 << 63 */
-    { { 0x4bed8237777faa85L,0x48347d35048d0b1eL,0x7f0b38f476fcc2e5L,
-        0xef6f31029486baa3L,0xb5f8acde91d438bfL,0x41a87e12a8526166L,
-        0x8cc2ef135592881dL,0x8f99d106859fd440L,0x0000000000000045L },
-      { 0xe6eac1d316e9fab7L,0xda9bb9ddb98856beL,0xc6a6ad2170c12aaaL,
-        0x4e24a2b058c77b2fL,0x33432f40f95a8674L,0x021a71070c9020e7L,
-        0x4089166d8650289aL,0x4d1986f551969a61L,0x00000000000001a4L } },
-    /* 35 << 63 */
-    { { 0x9c21dfb230fb58e2L,0xa6f3914dbbbd435dL,0x6e602e2898109fb9L,
-        0x1b700670b44ff97dL,0x7edfa439ab01fb2fL,0x42325f8d60a9be9bL,
-        0xb5e0887a0a50918aL,0xcbcf143dab8877f4L,0x00000000000000aeL },
-      { 0x173d8cfbb2bf045aL,0xf7ed171942d73eb8L,0xca200f4ec094493cL,
-        0x9ad3c750b986ac9eL,0x11c9b6c837ae7c68L,0x315a7712db180137L,
-        0xcd8c3dbe14ef1560L,0x35a53627c9a60bfeL,0x0000000000000029L } },
-    /* 36 << 63 */
-    { { 0x8bb1ae9afa1e7335L,0x472218bcbf806e06L,0x2b9d24030e0e14d2L,
-        0xdd03847c275884bcL,0xa4ee2d9878f97e8aL,0xaf93d39acb69f1f8L,
-        0xf3e76c60b8b834bfL,0x0b4f2c0473094895L,0x0000000000000060L },
-      { 0xed08418036b33636L,0x81b18aa7f78d1671L,0xe20fd32389e80436L,
-        0xf8c9f81cf1faefd0L,0x1f7ad3e2602d9f2dL,0xcbff2ab2648cee87L,
-        0x4e7440a0f25ddd51L,0x2670e9e1dceab96dL,0x0000000000000193L } },
-    /* 37 << 63 */
-    { { 0xaa3d00eac058f210L,0x6e5ea70ba3c14757L,0x379d3b3b7e489509L,
-        0x62f62a0692767b17L,0xf1539bc721b030b4L,0x4162495067544fc9L,
-        0x4f5b019986666040L,0x1be80ab4745a7692L,0x0000000000000032L },
-      { 0x6049ad0475117623L,0xe49e9c8781efb988L,0x90dbbf72b574d1cbL,
-        0x27d065b3ece9ab4dL,0x8370a703e2632ad5L,0xf390eacbf0859cccL,
-        0x4babadd0e117d800L,0x066b62d0cc9697a5L,0x00000000000000c3L } },
-    /* 38 << 63 */
-    { { 0x63c4d634e78a2da4L,0x4b7a5da294ad0358L,0xf41e93ee9966ada7L,
-        0x12072c45fdad9880L,0x1418ca2416a9e931L,0xf74ace09b30a4eb9L,
-        0x637d765850045726L,0xf3b20a5e78ae3400L,0x0000000000000157L },
-      { 0xf15e1c7ab9e5db75L,0xbf1ff1c2bd8986eeL,0xdec28ef35b8b26b6L,
-        0x7bf708f1dc427cd4L,0xefb80977c13928a3L,0xf4975bf5e4c8c4aeL,
-        0x8feb6a29fe76a6bdL,0x695bb4dcb4eb10a8L,0x0000000000000193L } },
-    /* 39 << 63 */
-    { { 0xcde6ee654783776eL,0x47aa98dbab6a4a7dL,0x5c94835bc8032fddL,
-        0x992ff3a1c6534206L,0x98b88c5e4ff7a8c4L,0xfa011fd93428ff60L,
-        0x4788d51c15510bf4L,0xcacb9fde0719ed09L,0x00000000000001c3L },
-      { 0x7d204f6aa83da259L,0x9e4d04ff36ac5825L,0x1928285183d984faL,
-        0x29d49d8eb1488712L,0xf43e3fe22c533a1dL,0x826ce0162ddd30e1L,
-        0x2c7004d34084ac94L,0x88fe5d68d54b7430L,0x0000000000000091L } },
-    /* 40 << 63 */
-    { { 0x6e4b93549a207163L,0xe7ce12aea3fa19e2L,0x3b79d9c3731e7845L,
-        0x22d9831ccd2ede26L,0xabb6705b86ca4cc8L,0xdd0920df29ddb9f2L,
-        0x9d0f445b811862d7L,0x4166d6e7839180cbL,0x000000000000005eL },
-      { 0x182711206b4e81f1L,0x4b6b68c349837065L,0xb7377b163263682cL,
-        0x2e0fba0eb79cc7e6L,0x55d9ecf4c02e89f6L,0xe993faa0482c2446L,
-        0x9753d5e395d1ab52L,0x73fe5af5c1b06cfeL,0x0000000000000096L } },
-    /* 41 << 63 */
-    { { 0x7cb01f2827560700L,0x3116ede7f0594295L,0x11714c3a769c3488L,
-        0x31b80a2e8fbf02ceL,0x11cef04e5c6535dcL,0x64df55ff3e27c9edL,
-        0x0d63a163bc8158feL,0xf9cbf1603b63a411L,0x00000000000000abL },
-      { 0xe26c4abf3158ba4aL,0xdb117a38e132d2cdL,0x4ad696322a572d0aL,
-        0xbefddee3a8b979c3L,0xbcee468784c32c63L,0x3f861ac5f38ca9cdL,
-        0xe94a5b0f5d303be4L,0x60bf3ab155305eddL,0x0000000000000143L } },
-    /* 42 << 63 */
-    { { 0x2b73e62e977fc1ccL,0x33819c4b1eef1b48L,0x86c62fd2606d7b32L,
-        0xb1156e8b9ebbdc60L,0x066d6f66b9e5df80L,0xc91948c566b577afL,
-        0xcc7f76043ef1fbe6L,0x5c16641e68aa2e46L,0x000000000000012fL },
-      { 0x2747d4b711e75c9bL,0x6b27519fd9bd64a9L,0x1283769a2b54c57fL,
-        0x10e1164d081abde1L,0x5a1f76f9992f7ed2L,0xb6c588bf852850b2L,
-        0xddb5d11939399542L,0x6a550ca3115876ecL,0x000000000000013fL } },
-    /* 43 << 63 */
-    { { 0xa47c585a016bcc9eL,0x7e0ec9f0578e48a0L,0x708dc0a8d8c93583L,
-        0x6612567c04b5e0bcL,0x3ac1ff92dcf8bbb9L,0xf51ba067ac4f9eb8L,
-        0xdfbec7c94bcfd749L,0x44bbd8642eb5bab3L,0x00000000000000e7L },
-      { 0x25f2603535bcc21bL,0x060e8f62f03ee3e6L,0x15c57ec99e0479e7L,
-        0x976e8a5b05f84775L,0x127c6d03c8c674bbL,0xc9e9f32f933c6b5eL,
-        0xe405fea7628e2f5eL,0xd83b69a218dc1cf1L,0x0000000000000085L } },
-    /* 44 << 63 */
-    { { 0xfe64594aead54bcfL,0x698f1f89193023aaL,0xea6309e02517e1b2L,
-        0x5dba33b1015a622bL,0x95a9c92cfbf4115bL,0x30c7972981cc106eL,
-        0x05ae3f9d9e44aa71L,0xb996f804a23ddbcbL,0x0000000000000101L },
-      { 0xe3d697de475da0b6L,0xce26df727a70a313L,0x057b0e9b55989f12L,
-        0x705ef3af732a2c49L,0x55b69e808c2b9314L,0x17f9042282897d3bL,
-        0x235ae22e75a957a7L,0x77811795607c84ffL,0x0000000000000022L } },
-    /* 45 << 63 */
-    { { 0xff24c793f9b699caL,0x14b15d3217ea10a0L,0xc719f783343073bbL,
-        0x2a83d8b90e93b5d4L,0xde503f82f5353f85L,0xbac075114f18ac59L,
-        0x530d278c7f81ab98L,0x7f51762a1c619e74L,0x000000000000010eL },
-      { 0x5897a7e714360ac7L,0xd69da38de3ff95c1L,0xcf0c8334bf9736ceL,
-        0x6e465e9273bc4213L,0x950fdbd6a4e87fd3L,0x4bb07b3a47ca6e6aL,
-        0xb9eded92744a7e7bL,0xfb882d485a7514baL,0x0000000000000116L } },
-    /* 46 << 63 */
-    { { 0xc25e05c36b05e0d7L,0x5a2b025d4da08ae2L,0x71b546980cb36f9eL,
-        0x96bf67a4248d9978L,0x9a7bcaa587c7581aL,0xffaa9a7f39a6ff19L,
-        0x425c17c27471755fL,0x250359a026062f38L,0x000000000000000aL },
-      { 0xd0b2e9a20e795413L,0xbd4e31cb33853998L,0x8c4541ae95a4388fL,
-        0x8cb64c8bc50dd060L,0xe34c811101ab0da8L,0x5de5d97069305f2cL,
-        0x7a13ad595f5aba36L,0x9e2facc817de1ab9L,0x0000000000000086L } },
-    /* 47 << 63 */
-    { { 0x7cdf9204bd8cf1d7L,0xe3ad55d8bb0ef236L,0x15773c50555a9e3aL,
-        0x46af0d3003688a2bL,0x221ee5d72fc9260aL,0xd1561cf90bcc7900L,
-        0xeb1929a2fa485b0cL,0x13482477f9bbdb62L,0x00000000000001b0L },
-      { 0x9432cb5a6ca8bf58L,0xb64c60ac6c5411efL,0x52c05411eb94e57bL,
-        0x34597b1a6e3b2facL,0x7861df27595820b3L,0x4aff5520d02f000cL,
-        0xd0d78d9d0b71a270L,0x015e10d18fe933a3L,0x0000000000000125L } },
-    /* 48 << 63 */
-    { { 0x0498365338587f45L,0xdf7ff2c77c9bede4L,0xb0158c72a21d0d97L,
-        0xa774c9e3a5e5d3c9L,0xf58e7c02cb10150cL,0xb4af1ee79c24a5a9L,
-        0x02e0a1d644ab20cfL,0xf24d2c5ada1b7783L,0x0000000000000028L },
-      { 0x80bbf95278f7b5b8L,0x4c0bd396efe31505L,0xbcf19c3bec6d175dL,
-        0xa8e820cf868e9452L,0x902114319cd29126L,0x7518c2f8cfd996fbL,
-        0xf676e6cf4ebb311aL,0x6d108d7e7fac5d7aL,0x000000000000019cL } },
-    /* 49 << 63 */
-    { { 0x97aaaba1c829bb99L,0xf6860f8745bb55feL,0xf8b50fe71498e519L,
-        0xab3d16e3fe8f0221L,0xcac909cfdcdb7323L,0x685be174503ac866L,
-        0x97600f6f42b4888bL,0xe935129f3b2bde52L,0x0000000000000189L },
-      { 0xb9914e14c98a8902L,0xaf8252efd12e2742L,0xed19080a9e82bc5eL,
-        0xeb729e01b2ce8f88L,0xad7c2b07fdc2d2e7L,0x714be551434c5683L,
-        0x533f127a33d712c1L,0x5c1a7dc314b47fa3L,0x000000000000017fL } },
-    /* 50 << 63 */
-    { { 0x4291478195de7bd7L,0x19372e9158be52bdL,0x17fba77f92e5c6a7L,
-        0x6374fd9b699a1dfaL,0x22a45a6bb5c76282L,0x5c9a9a28c720a1c3L,
-        0xfb9dceee60825162L,0x69f9a5093ac4b11eL,0x00000000000001a1L },
-      { 0x934410934bd1d68dL,0x9f75dc6d6ded82e6L,0xf936823f9ad5428fL,
-        0xe87ec8b9c84feabdL,0xdac9bfc13c2f56ffL,0xa160399975f3b25eL,
-        0xfa8751ec5ca58a84L,0x1a709ac5f6e53798L,0x0000000000000165L } },
-    /* 51 << 63 */
-    { { 0xf327fa804594c279L,0xb58ea5486215b212L,0x20e5b9a833e0ce1fL,
-        0x3747da9a4a370732L,0x1634ee2e0777119eL,0x32df2dda5c08f5e7L,
-        0xa5d66cb9f811ab09L,0xdf8c1dc9ed7de036L,0x0000000000000003L },
-      { 0xc910aaf774efbe82L,0x20b0ebe46c378a20L,0x7542866526368ec5L,
-        0x85dcb02d25e2b43bL,0x14b5055e26273949L,0x07415b0245387101L,
-        0x0986b25d605380d0L,0xf0f61b04cf0def05L,0x000000000000013aL } },
-    /* 52 << 63 */
-    { { 0x8a87953f92591b59L,0x3143818d5a451f32L,0xf2e96f8b0c29d764L,
-        0xff943ed94c40a8a4L,0x82967f842535730bL,0xccf1a40336dcbf8dL,
-        0x7dc8d83c45f21a55L,0x0d1d08e3cbf08cb6L,0x0000000000000093L },
-      { 0x5eee829d0ab0a1a7L,0xafcb11e44d5694e9L,0x4d87ac664b03e1c1L,
-        0xeeeffa85094e51d0L,0x07e16ed7f957519bL,0x7a329adbbe6b8eb5L,
-        0x56f27e425f41a65fL,0x749a394ceb0c920eL,0x0000000000000113L } },
-    /* 53 << 63 */
-    { { 0xac10b05febfab632L,0xe9db26eefb615921L,0x83f9274ff7b609bfL,
-        0x208ff0fdb1c6defcL,0x25f97bd50ee1d15bL,0x0d1929a73bcd6f7aL,
-        0x13414e340bea3ce3L,0x5a1fd76dac768695L,0x00000000000000f0L },
-      { 0x52166f0da85b0ab0L,0xd7b84eb0d03e5891L,0x3d177fbb05391cf4L,
-        0xeda59b5d0eff66c3L,0x4eae434e57c15709L,0xe2e28d1394652300L,
-        0x9f6723518ddca2b7L,0x6b18b0d057928e33L,0x00000000000001d9L } },
-    /* 54 << 63 */
-    { { 0x692493e38e9e3858L,0xe3613ac3c54960efL,0x394b17dd14dee07dL,
-        0x6dc33f9010f81a66L,0x1c2b9571fe76445dL,0x64f0d6f6fb0961bbL,
-        0xfedcf72c371e04d8L,0x0877291e9cf9ca3eL,0x00000000000001a2L },
-      { 0xe33520e7f874564aL,0xa7acf4bf1026c741L,0x46569cf304030157L,
-        0x89310d88c0980781L,0x1fe5287f0acde0c6L,0x3e05a033a4696f12L,
-        0x1a5f3ea425cf5a8cL,0x4587f6f783c85990L,0x0000000000000076L } },
-    /* 55 << 63 */
-    { { 0x26047dcdebe585d9L,0x3abcde530ddc7b3aL,0x43231aa9e036918aL,
-        0xf4316041818bb25dL,0xd95a25f65eb56f8eL,0x03d1ea7b84e16f23L,
-        0x385f010d0e007937L,0x421c7ab1ce1fa2b5L,0x00000000000001bbL },
-      { 0xea42f6aa9c67ceb2L,0x2756973ae3f1940aL,0xa4fb7ed908e9b02bL,
-        0x26e6e78af5b1921fL,0xa9293c8b90f146fdL,0x39bd4ec3fa3d511fL,
-        0x6a82d362a65253d4L,0xbca05eb41e0fdc37L,0x00000000000000ddL } },
-    /* 56 << 63 */
-    { { 0x10fc7b6fd90fa53aL,0x3e6ce96795fe03c1L,0xcc2308acf9b7b89aL,
-        0x1bc9f27a33c58673L,0x1c12f0186273457cL,0x68e172f74c063ea0L,
-        0x52f75bf1d34d34deL,0x0ef03bce65f6b2caL,0x000000000000000bL },
-      { 0xd8cb54d3d705118fL,0x1e4b56503a7509c9L,0xcc35224e84c60259L,
-        0x8ed6226ce578172fL,0xe6fbb97fafa5bb2aL,0xdd461323189d5d7fL,
-        0xa4ff6f7a32109b05L,0x5896d4ed26f15e4dL,0x00000000000000f6L } },
-    /* 57 << 63 */
-    { { 0x05a13d26e82b26aaL,0x9be7e85d1f51ad4cL,0x64216a135bf8d231L,
-        0x9a52f4d338918288L,0x811795296042f73aL,0xcf4531b88fb3e209L,
-        0xa5ecc2b2b60e33c8L,0x4065785c53ac1b01L,0x0000000000000106L },
-      { 0xc19366e2098430e8L,0xd01b9140bad7cc45L,0xd9cd202403d7ed4eL,
-        0xfdc06de10880828bL,0x9dc1458082c50ff1L,0x050a0ad4dd5cb07bL,
-        0x23c2c3e802e03fb2L,0x9ef4c1720f843180L,0x00000000000001cbL } },
-    /* 58 << 63 */
-    { { 0xf269b6ea5323d6c0L,0xdf260532c643e91eL,0xc1455524c2768048L,
-        0x7b5d6da85f0207e5L,0xde9b50f074781d78L,0xd95862cbdcdf15deL,
-        0x5d8d5fabb94c1baaL,0x6892741043e83ad2L,0x00000000000001e8L },
-      { 0xf6e72c24aee1d9b7L,0x3326fcbb24b9bb0eL,0x3a749a424a7f74ddL,
-        0x5d2578773471ef0cL,0x33ecdd54c95f4cc2L,0x52eb8a04991cbb7fL,
-        0x3a73fead1aea5286L,0x6a0234c85d8e847fL,0x00000000000001a1L } },
-    /* 59 << 63 */
-    { { 0x3a9e952c73bc08afL,0x94816b86fd2ebed0L,0x308a88e4ad9f31a6L,
-        0x9a7dfdeed0600231L,0xe4f89ee9f181de44L,0x0a7df633f7c26fb9L,
-        0x2c9ae6ae5f221c7aL,0xe47f3d2872d4115fL,0x0000000000000010L },
-      { 0xbf708d7c085f506eL,0x7c4c215b9b26815bL,0x9176aca1c2ec9917L,
-        0xa6a694bbe5176a22L,0x119764672c3a75ddL,0x8c4de6dc47e0fd08L,
-        0x6111e87d0d1f734bL,0x8d1ded25dc07d865L,0x00000000000001eeL } },
-    /* 60 << 63 */
-    { { 0xfd833a94974ce9cdL,0x4ca65be246948f84L,0xb7ca6a79f17f102dL,
-        0x0c2d75789b8d7dc5L,0xa344848c42df2129L,0xbc8ee0055ec488edL,
-        0xb46597b0bc2053abL,0x5c865ead03f3e2ffL,0x000000000000012fL },
-      { 0x276249288a899a69L,0xc02d2ee568d0b403L,0xe46c1cdd828b23ceL,
-        0x8e52b84309c12d2aL,0x860ddf224f41e7ffL,0x077cf30319235b08L,
-        0x7a4db503690d79ecL,0x13f69a12e8a29f83L,0x00000000000001e5L } },
-    /* 61 << 63 */
-    { { 0xcb347d5f91d9d6feL,0xd0a524b43b9ef3c1L,0xa9e6392c547edac4L,
-        0x04d365a9b14bd9b4L,0xe5c90208db0aa5dcL,0x28ab9f56ad2db020L,
-        0xdcb2fa5be7ec65e5L,0xed81f29efb0e42b6L,0x00000000000000f9L },
-      { 0x4bc95c3197f4324bL,0x64fafe5f71476329L,0x044a41775a70b0cdL,
-        0xf2c61da17ba19d9dL,0x983216f2da3877adL,0x83298d8d4b4bd3c0L,
-        0xc7243bf461564560L,0x464b5bf41111eafbL,0x0000000000000061L } },
-    /* 62 << 63 */
-    { { 0xc34857014b40dfadL,0x6400778d0760a76bL,0x89f31e637e4a553eL,
-        0xb98eb50e3246a962L,0x956d3e4e7966732eL,0xb7fd65f4820569a6L,
-        0x35f492b77a5fd094L,0x079fd9be89a9e2d7L,0x00000000000000baL },
-      { 0x2f9bb4decf21481aL,0x7303b3e8d3a12b6cL,0x500d6509ad398eb9L,
-        0x4e8be72efe3a1a76L,0x8a82354a5745b6f2L,0xf037ebdaa20fdfe6L,
-        0xe12aac60584f6152L,0x75883d79f01f9963L,0x0000000000000178L } },
-    /* 63 << 63 */
-    { { 0x32b6b535c7c043c7L,0xe41d0e05423daf2bL,0x2cbacde8c0f421f2L,
-        0x11cd2d90fdeefc5dL,0x2fd90ed7e691e7edL,0x4bf72e93f5721f79L,
-        0x764fb068602fe745L,0x21594eaa97cd2c33L,0x000000000000014eL },
-      { 0xaeee0ca0ca8ea7a2L,0xe469cbb01485c545L,0x4c947ee0467f66fcL,
-        0x92f9f6b3606a8aa1L,0x56783791ed86541dL,0xcdb60ee64c8d8313L,
-        0x2f7fcb7560eca2e0L,0x0a847de3e7816be5L,0x00000000000001ecL } },
-    /* 64 << 63 */
-    { { 0x27b472fa3d0e9678L,0xcef22b18f18eab4aL,0xc49e75cc5fde2724L,
-        0xd9ec427a39f3c3d3L,0x240963ea07a9f9b2L,0x2b0301e0fc73761cL,
-        0xf734c2f480d8c0e3L,0xb9f52a609948da76L,0x00000000000001c9L },
-      { 0x6ef525e6fe70af9bL,0x4faf1315c936d7daL,0xfed0cb7aa1c67010L,
-        0xb1c8cdfb650fc5bdL,0x643e77418ac141ceL,0x8ecffb683144c8a8L,
-        0xf6ff17f5544deba8L,0xea30d6b2721a6d98L,0x00000000000000d0L } },
-    /* 0 << 70 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 70 */
-    { { 0x476395029a2936b0L,0x48a88079918b33d5L,0x453bc7931b067a87L,
-        0x5fe40adc63e55fb7L,0x615677f03d2b9756L,0xdc376c92833e336aL,
-        0xf7743da0b0b6c914L,0x780bc5a93effe23bL,0x0000000000000037L },
-      { 0xe9c333804a1a9456L,0xda9c55a8eb2eb173L,0x022757865ed17864L,
-        0x491f250816039d4fL,0xb1ac3d7b0ec8959aL,0x4d3855d3465a7151L,
-        0x7285c2d418e0d6b1L,0xd1a5af1833eac3e9L,0x000000000000011cL } },
-    /* 2 << 70 */
-    { { 0x80877bfe331dd8a7L,0xb708de53dd15f09dL,0x19f93da02ae5d424L,
-        0xe7e4ca9750064a50L,0x95ff7eafc76f7c7eL,0x5a6e49f06e0344d7L,
-        0x1f016633a4144a34L,0xff32c2a16fe7d882L,0x0000000000000031L },
-      { 0xc8c7b1826df27677L,0x33049c001751ad84L,0x7685641c109f091bL,
-        0x0e2bef03fde67f9fL,0xfb7ba091da20f027L,0xcd7200850d2e4994L,
-        0xf565899fbc584078L,0x465f703946520913L,0x0000000000000058L } },
-    /* 3 << 70 */
-    { { 0xb439f594f839375eL,0x273e0e12d6fabfa0L,0x4811f186986b62bdL,
-        0x3460a7df29a07e23L,0xf7fb6f4c20aed738L,0xf26b2b9c97d88113L,
-        0xa87f0ecc047ebd57L,0x0403df2b1a81558bL,0x0000000000000130L },
-      { 0xe8071597f66ce34bL,0xd14095a79440f830L,0xe7924b9994488565L,
-        0x972cc87937553260L,0xd33dd2db3c2f0eaaL,0x57e6830e9bf34ee1L,
-        0xe2f328371d13ba62L,0x4f84bcb955174ffbL,0x0000000000000010L } },
-    /* 4 << 70 */
-    { { 0x519a595a5c6f42b0L,0xe39552a9a675acb4L,0xc993a489609641a9L,
-        0x1427eb18cb9d6301L,0xeb102dd9fe02d86eL,0x86dfc2d5a4c15ddcL,
-        0x0dbfd177b76f6b2bL,0xec31ea91b285289aL,0x00000000000000e2L },
-      { 0x46ed4b2ab85445ebL,0xd272162cc8124af3L,0x1b7e446d675589f1L,
-        0x605b28069e56e455L,0x39f9b1abbd0d72efL,0x52d79f51793f00e5L,
-        0x28d3e23b7978077cL,0x9759e0e64866c9d8L,0x000000000000010cL } },
-    /* 5 << 70 */
-    { { 0x5783df4e1036ae82L,0x96d3c8e7186158a3L,0x161876e639b3df61L,
-        0xca9525e1b8b99336L,0xdcf0e3f745776a81L,0x1cbd5ebdcf6ba61bL,
-        0x895ebb5a345d74a8L,0x9861a95fa29bb4f8L,0x0000000000000106L },
-      { 0x59316637e824248aL,0x81f91fac0ec8a559L,0x48d8a50d1b2789daL,
-        0x75627156f8298d6eL,0x1c340cf13f452c6dL,0x7e99c311d0221466L,
-        0x57d7d1fef04842bbL,0xe0208d495f471f39L,0x000000000000006bL } },
-    /* 6 << 70 */
-    { { 0x04d40419725e8d7eL,0xd8a785c43faf2e8eL,0x7ed0dc16b456823bL,
-        0xab8169b6f8db939fL,0x5066e969510cd7adL,0xa9050429b3cff3f0L,
-        0xbc2fb7ff7450449bL,0xc550ea90106929f3L,0x00000000000000fbL },
-      { 0x75cfb97c77f10a30L,0xdc20c3be0987d625L,0x69e0878cb18777d1L,
-        0x2d77668ec850871aL,0xf2759bdbdcf84652L,0xf7efd592769eb8e1L,
-        0xb4dd3aea69169a30L,0x18106739653dd7ffL,0x0000000000000053L } },
-    /* 7 << 70 */
-    { { 0x6f435bba95d13790L,0xc082ddb3b8171861L,0x28f5c4cfc3b9797dL,
-        0xbd46e6f20fcbceccL,0x8a08c2a6fb265f73L,0x0c89cd1ab54ce3e8L,
-        0xb0915e664d2eecf6L,0x4d3a71276c691306L,0x0000000000000154L },
-      { 0xdcadc680181127fbL,0xd56dde12bec233c6L,0x77ec3c0ffb46e355L,
-        0xb047a6a206812dfbL,0x8fee038a509e92cbL,0x799cdc0199465b9dL,
-        0xf82664276ce79488L,0xbee7eeebd26ea0f8L,0x0000000000000128L } },
-    /* 8 << 70 */
-    { { 0xbb292bf5f98c20beL,0x3a3411a680e7f858L,0x4ee85c60884a2064L,
-        0x8bf2f700d1ffb068L,0x28a61b4ff5514a5dL,0xef4280ba021ca558L,
-        0xaa64507dbeae03e4L,0x8bf2aa0fd601d59bL,0x0000000000000123L },
-      { 0x61ca18a2ee308bf1L,0x9e9dcccd55fddd4fL,0x858dd91faa4b0103L,
-        0x21a4a04654338e37L,0x88237da980d564cfL,0xfa544159a0dc17b8L,
-        0xf6e71432e684e7c1L,0x9b2ec5cb6bcb8393L,0x00000000000001d5L } },
-    /* 9 << 70 */
-    { { 0xf8184868d78b3258L,0x294a5c8693d8db62L,0x3631dd8ae94c1e33L,
-        0x6086c859e22ade8fL,0x1333c8b0fad51601L,0x755a497081778bc4L,
-        0x9d0a7220adf97dbfL,0x9271364238802b70L,0x00000000000000daL },
-      { 0x5c8e5b906601b869L,0xde3d0dfec943c397L,0x39d9f226d18fdcc1L,
-        0x8c57ea34a90b2bf5L,0xa83a15756c4a7c25L,0x3e4fee5b3def7d92L,
-        0x5027d72ad9fe323cL,0x01ec60b853dd5f74L,0x00000000000000ceL } },
-    /* 10 << 70 */
-    { { 0x8bcb3d9d1b2bf1b6L,0x973fa9e312796b3bL,0x8c312eee0826934fL,
-        0x182e3371e7601ca6L,0x6ced3e75991abc97L,0x5b8ae056a347d5c8L,
-        0x4808debf4983ea2bL,0x0011eae167510327L,0x0000000000000156L },
-      { 0x15ce511d25441f8dL,0xf97a353ce97373ceL,0xf04be7106e289edaL,
-        0xe44c1542149c56f2L,0x0bbd7b79d31e6fa7L,0xc7461c7396def27bL,
-        0x4947e763f0b4134eL,0xb17d8168c56f702bL,0x0000000000000128L } },
-    /* 11 << 70 */
-    { { 0xebec93f04ac3f69bL,0xea341f190108e13cL,0x44c89c183b9dc7aeL,
-        0x1b643dea7d219c86L,0xa0f8211f1b24f1adL,0x362ed929b660c2e5L,
-        0xf4111c58accef904L,0x7d5ae557616b6ca3L,0x00000000000001c9L },
-      { 0x5e15f25e64078f7aL,0xd5afe9e9dd0f5ee0L,0x494ccc3c481745bdL,
-        0xab14448b8d7378d7L,0xe2d6f0d304da0eb6L,0x133ece3a8e9cff05L,
-        0x26d60edf3571e036L,0xbbd2816fb4f9a6f3L,0x0000000000000125L } },
-    /* 12 << 70 */
-    { { 0x23c4d719a31b8bb9L,0x048abcac740f7882L,0xbd895a1c5ee72269L,
-        0x95595e429077db96L,0xd01e2d4b49088381L,0x48570b7ff7e50193L,
-        0xa8830d23e6f4ed20L,0xbc8aae5b9a45ddb2L,0x00000000000000dbL },
-      { 0x527e8ff8970f294eL,0xd3f0cf5026c1d870L,0x255e637c69aefa63L,
-        0xf332ed105bf085b7L,0x6a0bbba69520d99aL,0x46f6172c3bbf6757L,
-        0x5f0b4e9f77664d47L,0x5b8c50a11e6ba9efL,0x000000000000019bL } },
-    /* 13 << 70 */
-    { { 0x9236c67ae086b576L,0xa790103d654d0bfeL,0xc8991f4701bcdc45L,
-        0x6a6f3fb3bec6da2fL,0x01249352077f3e54L,0xc242ea70f714141fL,
-        0xeb3a0089b7c19b57L,0x03647999992e47faL,0x0000000000000025L },
-      { 0x8b46fc0338224530L,0x0349584a95b7d309L,0x86dd737f92514473L,
-        0x3e5228f5a538c8c4L,0x184a5259939d9593L,0x4bb9925b0213865eL,
-        0x908c3fccb5c7937bL,0xb776024601e2984fL,0x0000000000000065L } },
-    /* 14 << 70 */
-    { { 0xfadbffb640bf4cfeL,0x6354576d468d492eL,0xa417db805eb84c73L,
-        0xc5a35afd367becdaL,0xd167b100c1d6833fL,0xf181791bc862b1ffL,
-        0xac0ff3d2016dded6L,0x29435dd2caf04f74L,0x00000000000000bdL },
-      { 0x5caa8fc6fdd66ecaL,0xcaf04d02f73457f0L,0xe4738b2cd8d60dd7L,
-        0xcfc4221aaccec9a2L,0xec1fc96e6d831b6dL,0x8661a6fedbc8cecfL,
-        0xc3fe3bbe0060ed23L,0x24c065e7ff5c70dfL,0x00000000000001a8L } },
-    /* 15 << 70 */
-    { { 0xc66433dceb676b47L,0x05c45b2d6ed68884L,0xbec6dd9cc497d94eL,
-        0x71567210fb86988bL,0x924292f876834001L,0x0d814f7c3e825949L,
-        0x3738e741cd6e5f83L,0x320f4721372ab8dfL,0x0000000000000039L },
-      { 0xbf2143f9dd94ecdbL,0x4f2a53a48df2f184L,0x5fb740b7b9c7e9efL,
-        0x96aed28a2d5b4840L,0x9a359445fd4ed339L,0xb275af3abcf23a6bL,
-        0x0449c11290242ee5L,0x06516db8a7ffada0L,0x0000000000000056L } },
-    /* 16 << 70 */
-    { { 0xee02879ba3ea1a16L,0x8e2314e439f3a110L,0x931dcab50671f5a4L,
-        0xb3010e67fe8a9df4L,0x5df54e420f52a951L,0x0b5eb472530c0c9dL,
-        0xfc19d87c18a07787L,0x60ed2c6ff0f2b9f8L,0x00000000000001b4L },
-      { 0x6bed0b7e2c3d7f45L,0xd6903d7610fd3891L,0xcb4a9876f30f92b1L,
-        0x328688dd25c03d48L,0x8f51283ccdb11750L,0x195f5a81b8d8e361L,
-        0x4cf3580afeb346d2L,0x044cfa9425c261e0L,0x00000000000001dbL } },
-    /* 17 << 70 */
-    { { 0xf125d0eb580b2aeeL,0x3878efbce322b538L,0x2faff7abfbc577d9L,
-        0x911a569672826ae1L,0x217136025b759fdaL,0x874e78b16c83f073L,
-        0x8357b9eb1ae1f09dL,0xc50cf6a266f5e089L,0x0000000000000041L },
-      { 0x7c5ba64930d641b4L,0x4e0c4810d87b5271L,0x7de6d695aa6c6d4eL,
-        0x48585b5d9e6e0dccL,0x27e52cc9733b7f52L,0x44f93094118055e6L,
-        0xc466de5e79e243a3L,0x9b120026ce5a2675L,0x00000000000000f3L } },
-    /* 18 << 70 */
-    { { 0xa379e5e5451e1063L,0x839bca6f1cfc15bbL,0x76267c6eeeb1f167L,
-        0x6bb1f5c8e8de14b2L,0x053a50d80a056b25L,0x67e18b5c6046ef57L,
-        0xc508121660b6d2acL,0x97efffed56e951e5L,0x0000000000000189L },
-      { 0x6fe2249a0a6237fdL,0x3e8fc2c9af92fe3bL,0x93406ede77987ec1L,
-        0x4a6f3ffcdd289c9aL,0xe6d23748bee59fb5L,0x1218f5958261de30L,
-        0xcc8cfa5bd3a0e00bL,0x3658c52f485e6937L,0x000000000000016bL } },
-    /* 19 << 70 */
-    { { 0x9588721c38f24c62L,0x75f78ee0b63f6799L,0x966fb95973e53b96L,
-        0x6898f5efedfa6b1aL,0x5d4be54bfd90c78bL,0x4a9c2f701c06c9a4L,
-        0x14cbd88183649de9L,0xc1f0d4edc04aa071L,0x00000000000000a7L },
-      { 0x523d47a89250cc0eL,0xf2bc8db83a37d239L,0xa41c054f9af865f7L,
-        0x86e0c8282af3b998L,0xea4726e56c6e21eeL,0x9d8a2148c0a499d4L,
-        0xe590538e9cb7dc09L,0x74c7dd3bd2d8393aL,0x000000000000005aL } },
-    /* 20 << 70 */
-    { { 0x4143662dbe2d233dL,0xdaa51ea937b9c343L,0xe4543a36e39801a0L,
-        0x8f043e35c1319e2eL,0x7a0f8df8504b47b3L,0x0c081ef2d4d60dabL,
-        0x710081a899486cd4L,0xd2e4ec67a36e4207L,0x0000000000000116L },
-      { 0x55c7a9fe07d56e26L,0xe01c071f037f6067L,0x6c4b2bad496b19baL,
-        0xe511cb4ebff6490dL,0x0e086c9385868504L,0xac978aca2db3b875L,
-        0xc24e564e28a8e768L,0xdba8099b3b1f3412L,0x00000000000000e2L } },
-    /* 21 << 70 */
-    { { 0x1e036478c5e524ddL,0x7482522f06751ae2L,0xfdd65ecb4d805e43L,
-        0xc85188213c81a2c1L,0x4351af46208510feL,0x20258b4286654055L,
-        0xce94ad2436951413L,0x51719c791fa571bfL,0x0000000000000186L },
-      { 0x4160e3cc57cb1d62L,0x54f91d695c7ca415L,0xac962802c7c230eeL,
-        0x474a74dd38772ba5L,0x07dc8e8dcbfb771eL,0x4bbf1d327faff162L,
-        0x5c6df969a5e951feL,0x8faf6e8b30aa1ccfL,0x0000000000000124L } },
-    /* 22 << 70 */
-    { { 0x2ae2176e4a7aedcfL,0x6cc99ac5db4109f8L,0xafc603ca9acd7a99L,
-        0x5709cd2e0292cec2L,0xdc3bbdc4a767e68aL,0xd1b99d15ca6414ccL,
-        0xbdfd63d8b90ce4c3L,0x5a277d71758432cdL,0x0000000000000165L },
-      { 0x57bc026809f79161L,0x8069381b75174677L,0xaee30d96471d5392L,
-        0x5b411edd0ab268faL,0x5c6780935ee8258bL,0x16dd3897aff1f327L,
-        0x6bd497a4b7be8300L,0x0ed094006a9ec135L,0x000000000000006cL } },
-    /* 23 << 70 */
-    { { 0x8935e366d379c4cfL,0x3ac951791ba6b75cL,0x0ee860648518d548L,
-        0x9ad786622b6b6891L,0x986fd8162db27dc2L,0x94cf26ad2da61998L,
-        0x97182802f34138fcL,0xe6a82f6cccc999ecL,0x0000000000000059L },
-      { 0x279ba13f96ed64d3L,0x66e45c5f8c942f2cL,0x1e723356b167bb87L,
-        0x63392b6ace4614e6L,0xb157e406828ef176L,0xfbdeff2043a70a11L,
-        0x26398beb39d70349L,0x84fc3685130bd235L,0x000000000000003fL } },
-    /* 24 << 70 */
-    { { 0x06845f761c46e0a4L,0x304f1a22bf614354L,0xf1ef1477999719c7L,
-        0x077cb0a94a2082f1L,0x88d79bc1c5ce4148L,0xc0da1dbebec656ffL,
-        0x5b78daea71ddae3aL,0x6216ba84ea9a43f2L,0x00000000000001abL },
-      { 0xdead308ebea49092L,0x857aa6bd5f4f2d7aL,0xa80d0eeedf4f49dcL,
-        0x81f3fbd4612b71f0L,0x8feb7e2e009cb72aL,0x149df0698880b33aL,
-        0x49e5030ac70e9ef9L,0x7fdf363de32d7d93L,0x000000000000018cL } },
-    /* 25 << 70 */
-    { { 0x4b7b9419cca1b866L,0x1b91f7a8ed4b0024L,0x292b214b3f190795L,
-        0x4f0f9a9468187149L,0x6af57b920991d891L,0x62be4e9781380070L,
-        0xf9631fb59570bf10L,0x85e5e54a46791c24L,0x000000000000019aL },
-      { 0x0d1b6e6f58d272bbL,0x2dd54725026260b1L,0x52925be520caa63aL,
-        0xd73b7bdf49bcdf40L,0xbf521158f9da7059L,0x2d260f094a257601L,
-        0x8711caee7733680eL,0x01fa1a04c910008fL,0x000000000000006eL } },
-    /* 26 << 70 */
-    { { 0x5fc62df164ca38aaL,0x6e65ba75928404d0L,0xfac5532c04b905ddL,
-        0xe7e788ced028cacdL,0x6f6d46a1e4ebaaadL,0x612bb1ccbaea7105L,
-        0x234e28db202ccfb7L,0x9368d2b838a2bd0aL,0x000000000000014dL },
-      { 0x8fc9d15599616067L,0x8d1b2d5f8551e5c2L,0x86bef02384a895d8L,
-        0xe771fa9da6dc3808L,0x7aaebdff2dbeb156L,0xd8179f04aa61893fL,
-        0xe3a11d5ab4df5a7eL,0x83babe1fee003cd5L,0x00000000000000b2L } },
-    /* 27 << 70 */
-    { { 0xbaa5e960356b7671L,0x69cbe8949a55c547L,0xea21f0e7d010da2eL,
-        0xa6458bae24057f33L,0x685e19ade119c12dL,0xa4a4bf1cd1323547L,
-        0x638bc3c57ea2692cL,0x1b23941f787fa55fL,0x00000000000001f4L },
-      { 0x07070fbbd655f411L,0xcdc85f1b0a078b8bL,0xcded78e989c7f01aL,
-        0x8e56f279561248b4L,0x27131c4543017398L,0xd85568439a89e7acL,
-        0x840f778f5022acd5L,0xd02560ccbad33615L,0x0000000000000132L } },
-    /* 28 << 70 */
-    { { 0xdc8418b0430aee87L,0xbd5f89c0fe56a51aL,0x10db29c4c631bea3L,
-        0xa03fbcbc0c973806L,0xace383ab0ab83b29L,0x19f1d9ba5aec5994L,
-        0xf36d16c245cb06a0L,0xa80a5ef4e427ea44L,0x0000000000000104L },
-      { 0x8c77115e67c4bd41L,0xbc0d9d752edce105L,0xb4d58d35e1a157deL,
-        0x0564c86be85ab91fL,0xd0bdf26d3cc536ffL,0x4b36e529237657ceL,
-        0xd108d7f75c27949bL,0xca0dc963ad81e019L,0x00000000000000d5L } },
-    /* 29 << 70 */
-    { { 0xdf088fed5170a20bL,0xa9a7752101752a4bL,0x7ad0d5a5d8096500L,
-        0x40031b9258232679L,0xf714c7503413e6bcL,0x9869755a1fe03713L,
-        0x6e2501ebb8c82fd3L,0xdc0984c442530088L,0x0000000000000016L },
-      { 0xbd92501c05c25c04L,0x1c5321cc9ec4c868L,0xfb1f693a4a48a478L,
-        0x86d327ca3b87d350L,0x46be9803e525bdcaL,0x1ec5bdbab274abccL,
-        0x83c080f9369d1df5L,0x4f700c9cc46b2610L,0x0000000000000149L } },
-    /* 30 << 70 */
-    { { 0x2f91efc7c0526cd7L,0x798751b06bcf03f2L,0x2e9a2b185b1d1b15L,
-        0xa5df63b07585e989L,0x0f7f20cbe088785eL,0xf7e41109c3e810eaL,
-        0x6f2e6b0196ddfd16L,0x7c815f673677adf5L,0x000000000000012cL },
-      { 0xc88f54441615746aL,0x7c59e46e6b14f304L,0xa4d9adb5c4343abcL,
-        0xba341145932fd2e2L,0xa8ead97ec577c110L,0x72c03b1efc69b4dcL,
-        0xc7cbf9dac2418ecfL,0x585777da2a60ff3bL,0x000000000000009cL } },
-    /* 31 << 70 */
-    { { 0x355b900311214b41L,0x5c4c60458255d77eL,0x653841db02befdccL,
-        0xf0dc18ec82060478L,0x041dbc6fd8b5343aL,0x2ab668cdcad75821L,
-        0xa8219ba431403e5eL,0x2187bcd7dd6f1818L,0x0000000000000057L },
-      { 0x3a187181672ef3b6L,0x32aa9ece8bbe1871L,0x42db253f9083e47dL,
-        0xaf661bbede04d778L,0xc7d30363b6e2c3a0L,0x883a3cf7c303c0daL,
-        0x2e743c812e09eda8L,0xb8a80c00d43eb9a9L,0x00000000000001d6L } },
-    /* 32 << 70 */
-    { { 0xa8aece33c6467674L,0x89ff0d8f1843299aL,0x59adbaf13ca3a78eL,
-        0x196374f4b9a4a75fL,0x789f72316ac10a73L,0x448193fe379c704eL,
-        0x65c6e5794fdf5217L,0xe6565a0b57174e77L,0x0000000000000001L },
-      { 0x509a5be95b7a3aacL,0x5ec7dfd35b281d20L,0xfd549cc3ff94ffc7L,
-        0xf29fe9740cd3bd2dL,0xd8a4f3af708e35b7L,0x45222e3bb52edcd2L,
-        0x896b102acd710014L,0x452cd4f4e63ebf74L,0x00000000000000e8L } },
-    /* 33 << 70 */
-    { { 0xe1cc6844d76a7d21L,0x98a653c0aad01f39L,0xa8e0aa6f5cc3db7eL,
-        0x53e176c8616ef3c3L,0x2fcd40c1ecb97fe7L,0x979560d1dc9765aaL,
-        0x8ceb932ec9497178L,0xfdda2a9f528d5fbfL,0x0000000000000046L },
-      { 0x5d78055191f09fb7L,0x5025b276358205e3L,0xa2ebb84ce669a482L,
-        0x0a0299fb3630ef08L,0xb1b479c07a91a3e9L,0x90ec5d7d5a165b78L,
-        0x82e7a594584a646fL,0x393648e146cf895eL,0x0000000000000126L } },
-    /* 34 << 70 */
-    { { 0x4122c7785767b754L,0xdb5083e1fffbd4d7L,0x602665453533b469L,
-        0x729a29a76027f62aL,0x9d5e8150d18a8518L,0x99983cb81c736f6dL,
-        0xeee827892fbcc4b2L,0x48c41e5e31554af0L,0x0000000000000062L },
-      { 0xed41a057380bd093L,0x90fc9595fa2649adL,0x200199ad591d2e82L,
-        0x8936742d4c2cb7bcL,0xd0a3fd6e36575e21L,0x76e227053f305fa9L,
-        0x7bdda0df7a21b3afL,0x143dbef0c67f4dcbL,0x00000000000001d1L } },
-    /* 35 << 70 */
-    { { 0xb5f11cf2ba68056bL,0x15cbc5b04de81e37L,0xd4417ca25cfd5b38L,
-        0x5bfb146339a246f9L,0xb74fd92f7cc33e94L,0x7f04e99306ac2e09L,
-        0xa79523fd32ded24cL,0x546f77e4f9bd012bL,0x0000000000000169L },
-      { 0xca1194a897bb2761L,0xeb8c23d390384797L,0xae9b4cf2ec702d04L,
-        0x7591beee789790d9L,0x40a5a1fd3a51f2ddL,0xf696422591d9c91fL,
-        0x943b41c0b539db9bL,0x4bef1a61aa810609L,0x0000000000000084L } },
-    /* 36 << 70 */
-    { { 0xb89c242a654f4e39L,0x3a242406ac7df59eL,0x351db3bf11cc09b6L,
-        0x337ce2e5b5cd27daL,0xb911a8c8941f351aL,0x1829610f4f4c663aL,
-        0x8c1e50449abd904dL,0xb2a4aecbbe384923L,0x000000000000007bL },
-      { 0x20f4b1d2485a76b0L,0x946f7c9f03d1b899L,0x7ee2ae32c4080be3L,
-        0xd8926ff9ae4c9f69L,0x29dcb8a9752ffbd4L,0xa19b5f862d627aa0L,
-        0xf21a0cf6dbad059aL,0xf209613aeaf6e53bL,0x000000000000008eL } },
-    /* 37 << 70 */
-    { { 0x77b7a695addb51a9L,0x371624600758a0dfL,0x6366fadd9b96c964L,
-        0x9620762a8a257da9L,0x4cf5a821b73d4d9dL,0x885a02e7a5a44883L,
-        0x2efaff5be9e6dabcL,0xe56434986c631f4aL,0x000000000000010eL },
-      { 0xbf8c22605af0c963L,0x38af35636c1508fbL,0x90e5c18cd3e73bcfL,
-        0x45ae790f15381143L,0x59b3919ca68915fdL,0xdeece0122f3f3dafL,
-        0xfe50ee7cdf4846ecL,0xe06d6ac82b4d8de1L,0x0000000000000042L } },
-    /* 38 << 70 */
-    { { 0x4f86e374d4ed697dL,0xfd6361cb5404674dL,0x3db2dbac05238633L,
-        0xeaf6a3abd21266d6L,0x9f326b1f6a6ac16eL,0x68602e1a98c82d68L,
-        0xf07a98f68c974427L,0xbad6f88e5e76b4d5L,0x00000000000000ceL },
-      { 0xd1694a3fa0041699L,0xac0ea49e1561ebbdL,0x9b0d19f405ab2755L,
-        0xa4f3fc8b7cc61e69L,0xbef82a8875e5fe87L,0x725fa4412cf49dacL,
-        0x2bd557393e82ee1eL,0xae5fe7a67ebae861L,0x0000000000000005L } },
-    /* 39 << 70 */
-    { { 0x9ba09dec8ca53aabL,0x77869c0e2e5633a1L,0x4461fc7c445d39e4L,
-        0xd6d9b5a15d1700e4L,0x14500eb6bbbe1927L,0xccc39a2e8b1d7227L,
-        0x24697b146d4210ebL,0x5f09bd32b1242c25L,0x0000000000000021L },
-      { 0xc8a50fa9ad88b85fL,0xf50a6eb907748b9eL,0x8135162693366f48L,
-        0x56d7aa91bdb9d82eL,0x03d6cc9b76c2a5ddL,0x6aa01804c25383cdL,
-        0x0827cdc98f69ded1L,0xfb2e0e58afb7e2acL,0x0000000000000024L } },
-    /* 40 << 70 */
-    { { 0x3c4abf3fd97e4127L,0x4d660aa326a7685cL,0xc97e6b3ef7a49e47L,
-        0x7b9d1badf34336a0L,0xf7dbf5ad2d068101L,0xb0467ec242fece7dL,
-        0x73d37b2b1e537f73L,0x057949157ad06ac5L,0x00000000000001dfL },
-      { 0xe8ecdcf643f6a0ffL,0x972197753cf6cfddL,0xc01f32aa931a36ecL,
-        0xed5da14457db8ac9L,0x94cc6cabbc5ffc23L,0xfbe877fa7d5d27b3L,
-        0xe1c5975e5e6428ebL,0xa2193c9c5a0daa17L,0x00000000000001a4L } },
-    /* 41 << 70 */
-    { { 0x011b7a689d61071eL,0xe35a59a67bc5c1bdL,0x4b057690da770dd1L,
-        0xd5a013dbbc56db57L,0xeece6246f79b0f59L,0x5518d020efdf202eL,
-        0x8df9df69a3d6bee3L,0xbda52c0199387789L,0x00000000000001e1L },
-      { 0x1c5105e0e2d9d626L,0x9f7cd19de1a5379eL,0xa53dd35bc7f9f7a7L,
-        0x18b24218ce4fa266L,0x3e96fdc091047332L,0x97b94516870935f2L,
-        0xa433f8ee4468e1c7L,0x4870ae15d77235fdL,0x0000000000000121L } },
-    /* 42 << 70 */
-    { { 0x7f759aad1e4e55d6L,0x1b6e4c24207d1d3bL,0x12b6917f6a8f4624L,
-        0x746b53df3e128c2fL,0x527ebc86d5a0eb44L,0x65d4cf7354880c3bL,
-        0xe52f9c5ebc2f92c2L,0x243b18aaa7581d5cL,0x00000000000001ceL },
-      { 0x1f18adb3d81cca4bL,0x08ef8756ddc57750L,0x38cec13ab0ed406bL,
-        0xdbece99f1f99966aL,0xf86d0ec07285ef43L,0x04a1c0d00f13fcb7L,
-        0x5a7dcc74169a4c21L,0x8224bde539fd0453L,0x0000000000000039L } },
-    /* 43 << 70 */
-    { { 0x3f137f59354edaf3L,0xcf81077943db0014L,0x11befe5055d92f75L,
-        0x03b4beb76cfede5dL,0x142107251b39d04fL,0xba238693ed8e6364L,
-        0xd3fb6113eeec60deL,0x88ce54c975c482ccL,0x000000000000000cL },
-      { 0x8b56584bc7c2449aL,0x737e2a1969e7b7c6L,0xb58a7dbac7c387c9L,
-        0x82b6e6dd3480c33bL,0x0cf346f48d2ea041L,0x37f1d4d6f60831b2L,
-        0xaf853adb2b91d254L,0x122fe99374182acdL,0x0000000000000132L } },
-    /* 44 << 70 */
-    { { 0xdb55c6c2986f7001L,0x67b6c09795cb3d1bL,0x8c985426d2166c0cL,
-        0x59026d57e1c9bf0dL,0x59a7419071c85698L,0xfd2dc29c95831354L,
-        0x78a61f5c43d60779L,0x09fbd320b2969ee8L,0x00000000000001c2L },
-      { 0xba4292559295996cL,0x76252a2b15de5fd1L,0xd2cc5546092dcfa6L,
-        0xe91692386e887ebfL,0x4f4495125fc232c0L,0xd0c857cd21b85119L,
-        0x2f36082f35fd0670L,0x1be3d45ba37cb8f5L,0x00000000000001bbL } },
-    /* 45 << 70 */
-    { { 0x25daa7796cfea33fL,0x93c7759086e6a405L,0xcc1ccf6884a1c535L,
-        0xfeeab6205ed4d313L,0x6950b0c08a15da19L,0x5b4db037675f34acL,
-        0xd84162c5a5cc3525L,0x912030b7ec7e21adL,0x0000000000000078L },
-      { 0x86c56b4f19587a4bL,0xb15a58ba8f6920d2L,0x779c28482105317dL,
-        0x5e6d47915859b5ccL,0xa7fc961e970b44dcL,0xcc0bf4dd02b1e83bL,
-        0x523624b256135690L,0x3f667b5f02443fb1L,0x00000000000001afL } },
-    /* 46 << 70 */
-    { { 0xc1d83a2638e205b2L,0xfe5221c8d7d0c2c6L,0x6bdb4ac3c1a769f6L,
-        0xe4bb2703001f5426L,0x8938ae06f0e37a2dL,0x0f684030b78134eeL,
-        0xc37b7d9287aeb54bL,0xca52792c4d47a2bdL,0x000000000000011dL },
-      { 0x6ecb81f1b4c2b8c1L,0x4b8c56014b97345cL,0xb37eac649a59f0d9L,
-        0xa66ad129a90a37c7L,0x0f2869f7c18ae478L,0xd96066b5ba43a3d7L,
-        0x0cfd6f7c091f5184L,0xf30d4f40005d8ddeL,0x000000000000016dL } },
-    /* 47 << 70 */
-    { { 0x8d6966bae1015a09L,0xdefb5a8cfc2b390eL,0x34a1b39c52254d4fL,
-        0xdb691d108958a3faL,0xe17c12d40f1291afL,0x0ea4f61874a2bd6dL,
-        0x64d7a420721c9f32L,0xc520a90d468a8bb9L,0x000000000000019cL },
-      { 0x811ff4142196746fL,0x6c84aabaec8df85dL,0xf0a1815c502c2e9aL,
-        0x2e613f1cb74e586fL,0xdfa1ddace514289dL,0x4de976896069c2c1L,
-        0x42a9730362662f01L,0x95584b0f209c9f1bL,0x0000000000000161L } },
-    /* 48 << 70 */
-    { { 0xcb0dbd8c81e4d356L,0x292afafd4e0178cdL,0x3a7d9941430adf54L,
-        0xfb7dbe480c8f7a12L,0x3191467eb36cc72eL,0x77375b0ae1c3bb00L,
-        0x4f6d8307a22d64d9L,0xdd46b8bbaf0baa09L,0x0000000000000131L },
-      { 0x07b578c9007dcc0fL,0xab944686094e6e2aL,0xc6bc5ecc762c8082L,
-        0xf113fd5e9044d50eL,0xf84f6c1a3048cdafL,0xb3d315cfaf0b90f9L,
-        0x8cc36b9430fc0e21L,0x5af00bf1a2975344L,0x000000000000013aL } },
-    /* 49 << 70 */
-    { { 0x0204a7ed30e14cfeL,0x5c1b090c936eb829L,0xe2bdd0f52ba5fc20L,
-        0x2a73a40606bd827bL,0xd292485433abbeffL,0x8878d661123777d9L,
-        0x14dfbc3db90150c1L,0xa843edd44ea45920L,0x00000000000001c5L },
-      { 0xf21e1fcc3beeb206L,0x2fa375889c6f5b91L,0x974397a83ab64565L,
-        0xfd643b96d524eaa6L,0x0c4a87767802c959L,0x66bd68b3d2e8b462L,
-        0x3b3d987b5d35d420L,0x1f4edb49c91abd9aL,0x000000000000014eL } },
-    /* 50 << 70 */
-    { { 0x3b0bd56922fa69b6L,0x6e75e34a36478f37L,0x0a1ffa483270c064L,
-        0xf278b5c8cbfa92c8L,0x03e1bfbfa2b9c974L,0x427d4a8c5815805bL,
-        0x70075d82b9a9f3c8L,0x1f9ea976a8d98663L,0x00000000000000f3L },
-      { 0x13a1debcb67afe56L,0xbc746aced4f90c05L,0x26c5d6f8a280bbb0L,
-        0xd0247b69581ca4b4L,0x37e29a53be4842a8L,0xb47c7fa39ad28343L,
-        0x2054355f055f25aeL,0x92c89f4292dd61c7L,0x00000000000001f0L } },
-    /* 51 << 70 */
-    { { 0x160e975afc9057a1L,0xdeb93807786662abL,0x9aa06f5246488ffeL,
-        0x8a968143b1e1b1c7L,0x234c6e2387bb6c38L,0xe5f30ad246087620L,
-        0x6a37229c0f760c37L,0x38bae97e1a50ae34L,0x00000000000001eeL },
-      { 0x1326f1c92b609a2aL,0x9fd27c710b12c5f1L,0xf8ab5311a97362f2L,
-        0x67b636400430e4faL,0xdeff5367d8964eb0L,0xb2cf669aa1dff262L,
-        0x48a55fe4bc0c0282L,0x8cfe7c6a6cdb5eadL,0x000000000000014cL } },
-    /* 52 << 70 */
-    { { 0x64900ab5e105ffc2L,0xb3e0a69fd00c2920L,0xfe3a57e0acdc7d5bL,
-        0x50017de528a32d2cL,0xdbe2ba7e5bd24047L,0x8f337130884e4863L,
-        0x79022d566b48a2eeL,0xac5c8a0b0c2f309aL,0x0000000000000186L },
-      { 0xaab8b2cf84bfc6c8L,0x50877d98c9fe9744L,0xde69bb18384d5471L,
-        0xe88ee61e438c52a3L,0xa76f2afccce637ebL,0x75b5620ad56fd7bbL,
-        0x56f3f8f0d04fbc41L,0x394174bf023bb654L,0x000000000000014bL } },
-    /* 53 << 70 */
-    { { 0xd023ab52c6bea32aL,0x6c51c915513932d8L,0x5aece30ad133acd1L,
-        0x6fcf4832b981cb16L,0x8b2e8cad9ec1f734L,0x8ab4c75ad10ea732L,
-        0x2a044ea51d74bf98L,0x73e479194c492848L,0x00000000000000c6L },
-      { 0xe7a5d2cd98038ea5L,0x556046e204a82c25L,0x25d91782b242bacaL,
-        0x51f3e0ee1c690836L,0xdbc96f2e730bec27L,0x70830a8102ea0f79L,
-        0xc1c16df146e8fb12L,0x2ab499df30403687L,0x000000000000018bL } },
-    /* 54 << 70 */
-    { { 0x158102961f3b5f22L,0x0488e5021393cea7L,0xaf3e259b2f7dd31eL,
-        0xc4a20bf305698181L,0x4f6f54d7c0ab5d89L,0x5057c46df04298f4L,
-        0x9e02e2ef67d898beL,0xc88dbe64a3b4ef38L,0x0000000000000124L },
-      { 0x3ab2db8ba57e0f38L,0x64b8bc290e21d3feL,0x8d667ea9125f5c6dL,
-        0xdabc90e93b7d1513L,0x4e4bad620a9eb460L,0xe51a1df4ef2b9108L,
-        0xd19961243d204330L,0x05d1c570c95c650bL,0x0000000000000143L } },
-    /* 55 << 70 */
-    { { 0x0c0baf4e9e1ac5acL,0x6560212c36c092b3L,0xfe47d88b97f69772L,
-        0x60ccdb14e9dd8621L,0xd01c9fb94799fbc2L,0xf0eed0a832103864L,
-        0x5253a877d8a18225L,0x98d6acb8b7b95f7fL,0x00000000000001e4L },
-      { 0x2648e152738b06ddL,0x906b0951d8d81a05L,0xf65a31390c1f0749L,
-        0x4c6f7f0c228e993eL,0x828fa196a36a2aabL,0xcb565b672d28a2c2L,
-        0x56253a6472e6f445L,0x64f614b086c8a38aL,0x0000000000000138L } },
-    /* 56 << 70 */
-    { { 0x3a67b300e334c8abL,0xc08d0ff9984aa5b5L,0x8d72ed49cd8e1509L,
-        0xae856df59b2a8535L,0xa34ef023c0cd980fL,0x29c83e84c243d7d2L,
-        0x8ecdc4d8411fad2aL,0x26ab853b89eddc0bL,0x00000000000001a4L },
-      { 0x3a060b7bbb5b50a7L,0x62adcbe78ddeacd4L,0x953850e464c7dc2fL,
-        0x4ec4a15c4e7bf3a3L,0x1834b3ee7d5b2569L,0x729a63cc470a84c0L,
-        0x9c80233ffa5e25d1L,0x7da5b6c70ec91aebL,0x00000000000001e8L } },
-    /* 57 << 70 */
-    { { 0x8ea14527251ffa02L,0x2bf1e67547d87a1fL,0x7b27c81091ba2e1fL,
-        0x104c606b9b71cd04L,0xbcccdb93d614f681L,0x7acc330aacd80ec7L,
-        0x6ae973894a27fd8bL,0x53827c1b27ccc900L,0x000000000000008fL },
-      { 0x4d95d08cb8be4cffL,0xe400db2af9ffa040L,0xa0141a32b1c11971L,
-        0xd126f1474397353cL,0x566cd105b5f4819bL,0x270fb6709b0536dcL,
-        0x23af7e24bab1fd28L,0x9710b8e7df1db272L,0x000000000000007cL } },
-    /* 58 << 70 */
-    { { 0x8dc226ba4ad8bba5L,0x33460d86e63da7dcL,0x77a4605dc88d1aadL,
-        0xed5b10f1ea39f371L,0xb70a14697ed77a64L,0x0e60327c61d9bd6aL,
-        0x0783398bbf619adbL,0x3ec7209535f6c121L,0x00000000000001b1L },
-      { 0x13dd11d6e87d8781L,0x0511b90514684b3eL,0x84726e9723c18f1bL,
-        0x29ac0d6d26942427L,0x7d1e62d4f6e29d25L,0x2135742a96de6bd7L,
-        0x496a330ced5c26b8L,0xc1ece08a9387f81cL,0x0000000000000060L } },
-    /* 59 << 70 */
-    { { 0xd254b41b30e4ed89L,0x78502bb1706e5eddL,0x0f80dc97668407b3L,
-        0x29261f750c1adca1L,0xc8e281d5d1026701L,0x92b4da71f0a77f80L,
-        0xbcfa39e991c34f07L,0x59668cfc83cca319L,0x0000000000000039L },
-      { 0x92ab845a79387e8dL,0x59bad0ced71a614cL,0x0388357983ae2d62L,
-        0xcda51bd9b1b30c96L,0x81794eba23f2a56fL,0xd5783d4ce9a2644cL,
-        0x8c083a7a6e365e0aL,0x6bf3855df6e86aefL,0x00000000000001eaL } },
-    /* 60 << 70 */
-    { { 0x2edc22f9503dc30cL,0x8e15166ba819de2aL,0xde92a1c90881ff55L,
-        0x5063c292425bc484L,0x7265e0a25894ffddL,0x29a93e2bd01afeacL,
-        0xb10aae1e4f850b16L,0xd136e09e5bf5f95fL,0x00000000000000f3L },
-      { 0xb339031cb292040aL,0xe3a653c6c8872fbeL,0xbba8b2a4e3b091d0L,
-        0xde53daa4755f2616L,0xcbc9a13169ff06f9L,0xd7d107b972b153a9L,
-        0xbf3d962eed2593a5L,0xf9c71c781eb4063aL,0x0000000000000119L } },
-    /* 61 << 70 */
-    { { 0x54e878315b00173fL,0x9491c63fe8310c5bL,0x224a487d193c27b7L,
-        0x37533a42f6a4c698L,0x2f6a7d23faa79af9L,0xc21f52e2a74900adL,
-        0x310382fe6980e5f8L,0x61df1496b9570f7dL,0x0000000000000086L },
-      { 0x9519fbd250fcfb88L,0xe3699589db1e40bdL,0xd08ecf3c5d58a256L,
-        0x42ca58a17f189165L,0x388309fef63d209aL,0xa9954b554f9fea80L,
-        0x0e725ff40cafcd97L,0xfda100dac558c042L,0x000000000000003aL } },
-    /* 62 << 70 */
-    { { 0xe8fe168dfd2310a4L,0xf898b948a4b90dceL,0xf56e896e16d40ff5L,
-        0xb637e62886078426L,0xf8260b3ffb6bd016L,0x8fdde3e65f7d485fL,
-        0xf26d3120f6ff0bccL,0x234769001b371153L,0x00000000000000faL },
-      { 0xc48d9d588885aa1bL,0x44b751afc5bcc29fL,0x0e786e998d1dbf86L,
-        0xe7b9a49131eb141eL,0xd729dba6c2bc12c3L,0x6feb96ced668fcd3L,
-        0xfe0d902270a496e3L,0xfbdf5ea4ef9ce528L,0x0000000000000170L } },
-    /* 63 << 70 */
-    { { 0xc62025d1d8d1bed1L,0x83a5876e694e25bbL,0xcd4bdf56f844819bL,
-        0xbf1ff474a318be3bL,0xd44a10d049d8a390L,0x01e2b1518c6e34bdL,
-        0x148d248d646df4a8L,0xc5c4aad079925c4cL,0x00000000000001ebL },
-      { 0x5a268e4ba03ccff9L,0x2d03661edb04c064L,0xdfcf0af9ac3e2387L,
-        0x90b2da8ddfc0530cL,0x9bbf27ecac30685dL,0x3c286c0f4d93abbcL,
-        0xf8cf7f6864a024fcL,0xff5929d6b416d6d9L,0x0000000000000129L } },
-    /* 64 << 70 */
-    { { 0xc6999604bdf87653L,0x5383b379b3f0b8c1L,0x98c6ac3d0bf0435cL,
-        0x2b04984e433c527bL,0x5308793c02073e7fL,0x4897091de1ef3fa7L,
-        0x4fea6f39bb6b4777L,0x5ad4c5cc472023e1L,0x00000000000000e2L },
-      { 0x0db5541ae6cd3ba8L,0x5504d5218c0bac0eL,0x32f61c5ccfac5e4cL,
-        0xb8e644b58538bd21L,0x8517c72e51fc9949L,0x8d47a70cad6f4e8dL,
-        0xb158e06317ab479eL,0x8c565f7b74f01418L,0x000000000000002fL } },
-    /* 0 << 77 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 77 */
-    { { 0x4dc47d473ad158a6L,0xaaf743f315320816L,0x4ecb999de6c5537cL,
-        0x4daf6b4ee63c7840L,0x4bf5f19b02bc574eL,0xf65d174caf39b238L,
-        0x0093f58bd91f67b5L,0x8ad3a5b346d5e8c9L,0x00000000000001c3L },
-      { 0xbb99652c22171340L,0x4da02aaa3f1193a3L,0x7a73a7371776161eL,
-        0x831def3aa5ff856bL,0x5f6a4f56da00dc5bL,0x2a23f5009ec3a028L,
-        0xce2fd53b7cb32472L,0x894514811bb02b47L,0x000000000000012dL } },
-    /* 2 << 77 */
-    { { 0xc75e1cf3dbfed7ccL,0x2af884ee092e1835L,0x1e303d715472bf17L,
-        0xb1ea537be7ad90beL,0x7fa6a69cc4d8b1cfL,0x5b5318ee1b57f5b0L,
-        0x60e617587ccbafcbL,0x5832172a9c4acec8L,0x0000000000000168L },
-      { 0x36bae29b9f2f8613L,0x9181194ad464a557L,0xf74c13fe52ff8f2cL,
-        0x88d40dff0860d712L,0x405a03bb6c86e898L,0x61f01f2fdc243178L,
-        0xea9771e091b667f3L,0x1db5cff3b26bd16bL,0x0000000000000141L } },
-    /* 3 << 77 */
-    { { 0x2366b92a98d9df56L,0xa626f80c44eface5L,0xae61b15e9040c6eaL,
-        0x1a44a0e218d1d16eL,0xc6f45f75c7cf836dL,0xe0057ed6c87c35feL,
-        0x568b05b9b88d323dL,0xfbfcae7a9a12dc71L,0x00000000000001feL },
-      { 0xec63ad133dcc4d25L,0xc75d539ba54f349aL,0xeddd4102c5ea1e5dL,
-        0x9028eb89a867f628L,0x2d3b3fd042846e4fL,0x23190ead8ed269b9L,
-        0xa55122ea67d610dbL,0x83603cdd637c60adL,0x00000000000000faL } },
-    /* 4 << 77 */
-    { { 0x73f3a17d4787129cL,0x6ca94151e8c8b154L,0xae7257f060011616L,
-        0x5d72f548d4459499L,0x11739701c3af5f62L,0xdc2f39ee9915b9b1L,
-        0x1d6448e76a3a0976L,0x1263eb6a9216a12dL,0x0000000000000001L },
-      { 0xbc6e933bd3c200a3L,0xe4ee3dd9bb9a9ff5L,0x3772c8f553b7bff8L,
-        0xbb6a11b8482ad6bcL,0x59bbe81bcf1dd575L,0x2c9ad563891128dfL,
-        0x4b190e9390470495L,0xb40f60c5d58762deL,0x00000000000001e5L } },
-    /* 5 << 77 */
-    { { 0x8c814a121edc8a1cL,0x7b6a7bf4e7395565L,0xc868143978ca6525L,
-        0x57477d25fae6014dL,0x8d407fcfb71944fdL,0x4bab62eee154d68eL,
-        0xe0db4fe2db1a8e36L,0x8b5a0a9e51e7105dL,0x00000000000001f8L },
-      { 0x3c6ba57aeb49cea8L,0xd7100fde6fa16f5cL,0xbc73dcf2580249c3L,
-        0x8fa02f243f4bc342L,0xb32061c81a285d16L,0xb348535c499f8f5eL,
-        0x95cd0cbe63dc0bc7L,0xd1a09b04920c26c1L,0x000000000000008fL } },
-    /* 6 << 77 */
-    { { 0xab913473c18c21fcL,0x9a8d50e85a3c3b57L,0xa3f98027ab4214baL,
-        0xff00eda9ed6199deL,0x7e5255d83ff38cd6L,0x200f60a17976e4e5L,
-        0x2145dc0f6604bcbcL,0x26506027e30d5f5dL,0x0000000000000075L },
-      { 0x74c1c25830bf2169L,0x0636d007d332125aL,0x5fae19411ab021b9L,
-        0xa2e53c56b7779050L,0x0f15f2a1fc02474bL,0xf32c52daa91a9c2bL,
-        0x016b2c4e09af347fL,0x3b98d8d9c8b5752dL,0x0000000000000195L } },
-    /* 7 << 77 */
-    { { 0xbfd693ce14dca7e0L,0xfca53d1fdf7201d6L,0x10ef9c293f39346cL,
-        0x2f007c8150335445L,0x1cd56f642fef4d80L,0x727adb3f179a01cbL,
-        0x043c868d1216b55bL,0x1725267a8b7e4431L,0x00000000000001ebL },
-      { 0x08f27860c03b7717L,0x46184e5ad56540e6L,0x9d4413db0cd006c8L,
-        0xec1262b6c613918dL,0x6dd0eaa7719b6e5eL,0x04a254658cea469dL,
-        0x66575d7d57fe33b5L,0xf2df873dc1eba9ccL,0x0000000000000104L } },
-    /* 8 << 77 */
-    { { 0x620aff9a81128a65L,0xa463ffe7d6a9d2c1L,0x2206277add4810efL,
-        0x413edd73dd0687caL,0xf4b12ec9249cef0aL,0x14dd6665c4b165cfL,
-        0x0cf86a23c5c070c3L,0x42354fe984755f2cL,0x0000000000000131L },
-      { 0x6f4741df2e9c881eL,0x2656911d43f26343L,0xebae8ae41c82e8e5L,
-        0xceb1ca37f3900776L,0x07f2f8fe16721332L,0x59265673aad4911bL,
-        0xe8799eabfc3bda3fL,0x55805723fd073355L,0x0000000000000088L } },
-    /* 9 << 77 */
-    { { 0xc1702e2d7ad5f4c8L,0xf923f2bc5a1339daL,0xa595a3bb549b6f65L,
-        0xc610545ee1dba535L,0x7f51f3d42ebaad6eL,0xce7f8bcc6c9cae0fL,
-        0x688732ab3d8f57f7L,0x2804a3276493278dL,0x0000000000000117L },
-      { 0xfd4db14748347a3fL,0x6fcef6816be9c766L,0xb94a0653e9cbd7c2L,
-        0x1642e8b6693b1957L,0x9d6c17e5b68dad23L,0xedc75322b0a1d8feL,
-        0x6061c9696d7dbd33L,0x898893654e198b67L,0x00000000000001e7L } },
-    /* 10 << 77 */
-    { { 0x9c3c0e612af820a9L,0xe80ec4172b23949bL,0xfd6741edf39b5cc6L,
-        0x7508d2c569195b07L,0xc5b0b05bf66670e1L,0xc3a6eff7b4fbe0faL,
-        0x6bcdfee8439d44f0L,0xae90d63b912965c5L,0x0000000000000197L },
-      { 0x7959bec9ee9e6f8eL,0x59f50c0987483ac6L,0x5deccebbacc28474L,
-        0xd832648efced11d1L,0xd59cde8c46abbea7L,0xac18a27605da98dfL,
-        0x315ebf629282c511L,0x67cf83eca91cc95fL,0x000000000000009eL } },
-    /* 11 << 77 */
-    { { 0xb25b845fc9f46a97L,0x5f2a1efdc18bd95dL,0x454be47ef18f3fc7L,
-        0x0f14f6605543dd92L,0xcce66ca31e88d28eL,0x7de0041d6ad77c03L,
-        0x0bfa9ef1875fe7a5L,0x459043152b7c660aL,0x000000000000011dL },
-      { 0x5d7c18371811451fL,0x43278c38b3d82a76L,0xc1a74c9387525910L,
-        0x6426e55e01983c0aL,0x9ef7fff22afe0faeL,0x54814953d94166c2L,
-        0x356c3af7244a9fb1L,0x5b0b753ca6be34beL,0x0000000000000063L } },
-    /* 12 << 77 */
-    { { 0xeb936532eba11d2bL,0x5a99185776dfa0d1L,0x557cb975f1dda3f2L,
-        0x31a06276bca5b098L,0x43b4ab995e00fd06L,0xdbca3db3e6b05745L,
-        0xf82d9a4dfbd3914bL,0x9df9a855d9583413L,0x00000000000000ebL },
-      { 0x0c6f9f1ac17aeac3L,0xadb82b657aa9309dL,0x5f7d18d0dad1edf8L,
-        0xda0ccd7d6f7a4113L,0x21ff3dd62e459a42L,0xef0ced7a4b586ff3L,
-        0xd3899d53cc45432cL,0x06cb34b4415e1762L,0x0000000000000095L } },
-    /* 13 << 77 */
-    { { 0xd87d4bad1db8928dL,0x6b3b3e07435b5743L,0x4d2de9b2332129d7L,
-        0x69e49dacc8cf4e98L,0xf69c8eec8eda24cfL,0x0957359a143e9d82L,
-        0xb85860d9519c4f29L,0x8280559d5dfb9972L,0x0000000000000126L },
-      { 0x3d53979179a086c0L,0xa2641be22809fd90L,0x90c6e7b0d3b9b9afL,
-        0x219465d05d6d7e22L,0x6faef26d4f1805adL,0x8ec78f8e9ea67504L,
-        0xfde34e6960c2bd44L,0xada7e8b46e85d7c5L,0x00000000000000c0L } },
-    /* 14 << 77 */
-    { { 0x09710a2cb143b2feL,0xe8a5da4966ee5443L,0xd0c100132f12b4d5L,
-        0x5e7b0e772671b1baL,0xb4dddf2e8a6348f0L,0xeacee7a2c4ecac65L,
-        0x19a1c51d04d317f5L,0xd5075202f7bfac9dL,0x000000000000014eL },
-      { 0xa82630e6c4383072L,0x739a02360f9afb1bL,0x7cd580240782c13aL,
-        0xd5dca3e5269cb563L,0x534d1d4469d39b18L,0x8a99a7eee725e8c4L,
-        0x4ae1a734e09b12d0L,0x96b8831a4511fd7dL,0x00000000000001e3L } },
-    /* 15 << 77 */
-    { { 0xd348f834f34ecfb3L,0x82423bf3a2b5a7e6L,0x11e41b02c531994cL,
-        0xc4141466202d71c6L,0x60d3db1693b2104bL,0x2b9cc9bbbf1488fcL,
-        0x820dd17464971852L,0x255efd4eb83dbadfL,0x0000000000000017L },
-      { 0xc2d71a64d751248aL,0x2088c20bbb351370L,0x5fdf0cf4c33df9a9L,
-        0x71e307bbd6796dcfL,0xecff035ef166c04cL,0x8f6ee686bd58429dL,
-        0x51a81bd8027186e0L,0x52e8524b22705c39L,0x00000000000001e6L } },
-    /* 16 << 77 */
-    { { 0x2b14935a7ce70edfL,0x1d88d30ee3c6f5a6L,0xaa6220de207e5973L,
-        0x692b3ff064b5e637L,0x04c9ddc8ff0eb748L,0x9e5ec39e44978142L,
-        0x9cc06266fa674339L,0xe0d13dcddd3e430dL,0x00000000000001edL },
-      { 0x74604722f38bd4ceL,0x473e4d3549da70f3L,0x1228875507d72efcL,
-        0xdf89a5050a7521deL,0x674176564c1a6866L,0xe2c330233f7a0eadL,
-        0x5e100468a7474dc1L,0xa47ca1a5dcc02d45L,0x000000000000001bL } },
-    /* 17 << 77 */
-    { { 0x6ec465e156e2014dL,0xe11db5d88be7c4bcL,0xe280c2ef46ee44bfL,
-        0x9650200bfc287502L,0xa623faba21131932L,0x883521a67c64c58eL,
-        0xf6cf505718803a4dL,0x3466bd19ec4cf07aL,0x00000000000000b4L },
-      { 0xb89009ef651d7f32L,0x97e0c0afa7012731L,0x5a66579cdb06f6bfL,
-        0x326054c1ae4ef154L,0x6701b07d9709ad6aL,0x754acc2876647a83L,
-        0xec5c1b4194a4d548L,0x7da690fff296788aL,0x00000000000001e7L } },
-    /* 18 << 77 */
-    { { 0x89971aabe09fd32aL,0x8863882406d544adL,0xc2ce75b757b06c62L,
-        0xcf839aebfde27541L,0x236be270534a25f6L,0x22e7c530c753df84L,
-        0x8c9277e537d2ea4eL,0x48d1f633ebc61e9cL,0x0000000000000160L },
-      { 0x89e3f1eb69876684L,0x90c977e026a0ed1bL,0x610a0a8534a0698dL,
-        0x12b6bc1933cdaf22L,0xa40068414f80ee0eL,0x91146c1f7b956979L,
-        0xcd77ddc326655fa5L,0x3f480d870f745a46L,0x0000000000000061L } },
-    /* 19 << 77 */
-    { { 0x40b96c1c3a259f14L,0xe7f40ea079e72202L,0xe8313e54d7267895L,
-        0x173ce8f7559cafffL,0x494a51b3a6c1b23fL,0xc696bcceeb58815bL,
-        0x170010c8e0dc01fdL,0x01086056d3602b64L,0x0000000000000061L },
-      { 0x410f23cc8a1148f2L,0x9c1f4ffc71449f8eL,0x1b7c1d63e39b69fbL,
-        0xb3c0a279581a2ebbL,0xf3a475ed4e37ab82L,0xbae74b39c0ce76a6L,
-        0x10059c6f67feeea6L,0xf4b5db802b5f3fc7L,0x0000000000000039L } },
-    /* 20 << 77 */
-    { { 0x899ff5b3a39492e2L,0xba2ed9c090fec192L,0x1f3f792e373ec69eL,
-        0x58892019804a999cL,0x2decbbf65680eb65L,0x4c4d1fb1f1991cdaL,
-        0x81c7cd2da9bff737L,0x641d5365db793801L,0x000000000000010bL },
-      { 0xd1a3e393e7b02799L,0xca23126f920e1690L,0x16229cabdae08e97L,
-        0xe02535dc0dc624e1L,0x7f4a6c2707229ca3L,0xd00f68a7ea546fbcL,
-        0x14c7a9060bcb65fbL,0x18a29801a778cdc2L,0x000000000000012aL } },
-    /* 21 << 77 */
-    { { 0x88ef7214a340a2bdL,0x6c21447fb3711634L,0xeda5e1cf59a1a9edL,
-        0xec843ced532a2068L,0x5d030969a721eaa9L,0xf848b622c5c12f80L,
-        0xfdbbe02eb3b5f479L,0x5a4a7e27ecfb32aeL,0x0000000000000152L },
-      { 0xa0ebecc73bd579c4L,0x947cc8931ae87971L,0x55a335a5f997b3f8L,
-        0x0fa52370c742c232L,0x04f557068fe480bdL,0xd5dfbec56e89bcf3L,
-        0x68094b4fe7e79004L,0xb930cb0577e383c9L,0x00000000000000e8L } },
-    /* 22 << 77 */
-    { { 0x404b0ca7ef717037L,0x086a03c3afacef33L,0x1a82f5347d458148L,
-        0xe4380258397e4eb4L,0x1330d8d4ca7d334dL,0x1838b028ce1374f2L,
-        0x368e12f620c20e72L,0x5a1a189b19279435L,0x00000000000000a9L },
-      { 0x938d0621ba67ae4dL,0x8edee31826d4e2cfL,0xf5476a05b5445042L,
-        0x32fd912047791f6dL,0x9b896d1d278da749L,0xf0647a5b8027024aL,
-        0x3dce74aede2c779fL,0xd238785c70d0322bL,0x00000000000000cbL } },
-    /* 23 << 77 */
-    { { 0x1389bd572c5be10bL,0xf417b76d6f40d705L,0x43eb4f0ae6bbc695L,
-        0x83ee3dbbbceede7aL,0x3b7944776a96d4ecL,0xc8718559cc6adadeL,
-        0xa5a422fe93cb083cL,0x88f55bde65b67cc0L,0x000000000000007bL },
-      { 0xa38582d46eabed01L,0x8555c12c141ce97cL,0x8af7c38b358fc420L,
-        0x40639ba9c43f8fcdL,0x187da0e6ebd2a1e3L,0xface1ad56d325bf5L,
-        0x9f44ec9fbbc2d694L,0x9029fab4d125a7f0L,0x000000000000007fL } },
-    /* 24 << 77 */
-    { { 0x79b40005d7c3e500L,0x99957461a7cbe47dL,0x1dba911d53a81eebL,
-        0x50049c2a54cac621L,0xc3052ce65c8458c0L,0xd4e4cc285cd9822eL,
-        0xa64bd2ba9c89113bL,0x616f47f324a9a360L,0x0000000000000000L },
-      { 0xb309b38536bb95e6L,0xf7808da5eeb3af75L,0xc9eb3a68ffef855aL,
-        0x0d7c5382da981f49L,0x2176630e5a29fe14L,0x7c59c56f4b6dd847L,
-        0x363fc08115c998cdL,0x28b9018e1c0e00d7L,0x000000000000009cL } },
-    /* 25 << 77 */
-    { { 0x2573417e81c83b0aL,0xdd9e807e048ebc99L,0x82a6c4a81b29f10cL,
-        0x7d10a230142588d2L,0xbfcc4299646d2ff1L,0xcf6ec008b3d474d4L,
-        0x4739d5a10fc69418L,0xc40c43ea6653b7ffL,0x000000000000010cL },
-      { 0x35cad063fec6bc85L,0xf71acf741da4918aL,0x1cab540ece2afbfaL,
-        0xda8b2b24c98eb950L,0xc727151dc45eb0daL,0xff80e6ff5e8f915aL,
-        0x61ece0f0f43fe366L,0xea66de22262859ddL,0x0000000000000128L } },
-    /* 26 << 77 */
-    { { 0x474171efa97a4763L,0xd93201a034920094L,0x6481f28d5a35265aL,
-        0xe3e4d437b7eff28fL,0xe9af6e1aae3a1e45L,0xc4aa6f1cbd9522f4L,
-        0x7c03335bbc9780cbL,0x96d41e4a321d6c2dL,0x0000000000000174L },
-      { 0x5f26167549113aa9L,0xaa8b464d7b5a62a4L,0xa5a46db0820a01c9L,
-        0xc7faa813d78edb2fL,0x930e2c550d6a1d85L,0xa9093a617de2a013L,
-        0xa127661d71d619aaL,0x54cbb5a5f1c8ce41L,0x00000000000001e9L } },
-    /* 27 << 77 */
-    { { 0xb2ba328e784b5740L,0x3aab9cb34128749eL,0x28f63dea025efe48L,
-        0x50ac057754239c62L,0xd69d52d61945325dL,0x30729b23d6e44079L,
-        0xb53986e0ba39b326L,0x00cee2b7000d74fdL,0x00000000000000b9L },
-      { 0x4c6c851b9dad4796L,0xe5e9073bbb3f588bL,0xb353a8be7a520bcdL,
-        0xf3e17105f9f53a85L,0xf1f9092b4ca27a37L,0x98d205f5591535ccL,
-        0x36d397df9b0d9312L,0x274fe8314e3ed5a2L,0x000000000000010bL } },
-    /* 28 << 77 */
-    { { 0xa5c21ee422b55a11L,0xb3d53f0aaafcfa04L,0x801275fda03eadb9L,
-        0x1d198806804399caL,0x90ebcc340a2e19b3L,0xe6e38f0aaea736abL,
-        0x708a52b84a9edc51L,0x2eb66e95fc7ffffbL,0x0000000000000178L },
-      { 0xd46591fd9e589f0fL,0x4f0d19c86d5aa7b2L,0x06709841bf48454bL,
-        0x9ebeefe12b45c9c0L,0xf0a115fc6fb45000L,0xff84e50179ebcb41L,
-        0x0ec79d93ce8d1212L,0x5566d34415ee3721L,0x00000000000000e9L } },
-    /* 29 << 77 */
-    { { 0x1ef4d33308cfb94cL,0x7441eb2b997fed75L,0xf5168da9af996143L,
-        0x81618ae829a3693fL,0x19744ee0f0b96e6bL,0xb965ef0bb2fd289eL,
-        0xe5e5dc6b0cebfaefL,0x8ff8be97049bc826L,0x000000000000010aL },
-      { 0xa8eefd0dcb1a9859L,0x51a376b22ac2b4a8L,0x21bc8fa24625bc78L,
-        0x415780cf59ca09f5L,0x91b61e743291ae38L,0x5571371deabadbc8L,
-        0x03af77636156dc1eL,0x71baf8d9a32f5f90L,0x000000000000008cL } },
-    /* 30 << 77 */
-    { { 0xb983e450215de93aL,0xf9a04f4d388b1042L,0x4a5d19b5a992494dL,
-        0x6daa0b565edd34c6L,0x47c234303575862cL,0x3088d50b4e9d944dL,
-        0x02b04a29ada9072cL,0x78027f7acb9e0062L,0x00000000000000f0L },
-      { 0xa0826f19f446b373L,0x7d93fb0f81263a01L,0xe6921097c78ea270L,
-        0xfa538ddd2aa5c2f9L,0x01c031423df7010cL,0x955fa08be237455bL,
-        0x056bc335462e5d09L,0xf4253cdec6b5db6dL,0x00000000000001f8L } },
-    /* 31 << 77 */
-    { { 0x7817f55b58d0551dL,0xb14d44372fba3e21L,0x0957c7c6213afec8L,
-        0x16af19829c3d5a98L,0xce97f84f27ee4bc9L,0x9e67f2ecbb61232eL,
-        0x21a4a6a3aacf3cfbL,0xaf2c734abe76c0daL,0x00000000000000d4L },
-      { 0x3c25948c614d7f45L,0xe38052af2070cdd5L,0xa1eee814c0addfb7L,
-        0xaddf7463aef0d0e1L,0x881ca72b6f18263dL,0x3ded9d2a4ed2eeddL,
-        0x1fc7d77bd7c0367aL,0xd72254b3b3ebfcfeL,0x0000000000000047L } },
-    /* 32 << 77 */
-    { { 0xc9d22d532c51ab39L,0x0bb42c882f02748eL,0x576c89c847e18934L,
-        0xf34cdc49b9513257L,0xaf97df129ed107a2L,0x860263daeead8f82L,
-        0x6147d39bfe11c289L,0x3b94b3ebf41158f1L,0x0000000000000113L },
-      { 0xc4c84d7cf747d887L,0x9a54f1a2f71f1726L,0xb4a79290daf5817fL,
-        0x33dd5df87893855dL,0x567a1293f6953979L,0xf0c76bb60eac5025L,
-        0x863fc87abb498d81L,0xf5d4e58ee9b3c11dL,0x000000000000016aL } },
-    /* 33 << 77 */
-    { { 0x3b17d547448dfb53L,0x7f2cb0729f642572L,0x63e29455c76a69d7L,
-        0xca61b766bd3e3646L,0x37a6dd73810708b2L,0xe1a14fd91c905068L,
-        0xd44e8f8c80ac4b2fL,0x835bf4e52af9b43eL,0x00000000000000b3L },
-      { 0x8c346f71e06e063fL,0x1a328b150b7d8d8cL,0xbaf6a09807bf6a99L,
-        0x87e133f9596da0b9L,0x0e597178cf3e907dL,0xd5f05f8ddf233a55L,
-        0x309225a26b463c36L,0x300bdf0f0584aa15L,0x0000000000000053L } },
-    /* 34 << 77 */
-    { { 0x4e7a75991895dfa6L,0x47a75f95bdba3effL,0xca07fe2d3f9a18a0L,
-        0x5980f02ac1d1c586L,0xbbb9347f47e52186L,0x64655f6ac4d3c668L,
-        0x49b744d851222ef4L,0xff1a52afbcee213eL,0x0000000000000046L },
-      { 0x07b176399164551aL,0x8670c0eb724fe5fbL,0x939b844418827401L,
-        0x0057903fe2b0b7e0L,0x3715250a6bd60303L,0xfab5172cd457ae91L,
-        0xfe0fffd5cb98bd63L,0x2442dd530529b127L,0x0000000000000045L } },
-    /* 35 << 77 */
-    { { 0x1ff6afce70614995L,0x8ec5c3c42d35576bL,0x3db78d6bf19c93b9L,
-        0xb687f566561b78bfL,0x9a0059d21b471120L,0xd2335ec12a6d841dL,
-        0x51f487eb03bae0baL,0xe0cddfe86348a091L,0x000000000000017fL },
-      { 0xe81c1483f1461684L,0x37d83bb3baeed32dL,0x5d8cbce8fa24c9aeL,
-        0x14b9a08bc19282f5L,0x0ffec978bc0d960cL,0xe3453f9dcc202f77L,
-        0xe258d82ec95021acL,0x0b7e13ad3cb3f629L,0x0000000000000166L } },
-    /* 36 << 77 */
-    { { 0xc7ac11e626f1454fL,0xc3c07fb2b35c3517L,0xb3250791aaa6cc48L,
-        0x386fdd4b80913dc3L,0x9ceadabacef02e0dL,0x8ffbd36041b82b0cL,
-        0xa419d90fe5459cf5L,0x96b655a4d2be1233L,0x00000000000000d6L },
-      { 0xfc4d23c02f0b4251L,0xde6584339c166c63L,0x5d2a686fc992b364L,
-        0xebe9eab62aec7318L,0x1f276b32205d70a4L,0xa86bf8dbe3ad7c9fL,
-        0x94a38b3aee6e87b8L,0x60dafef41af5d923L,0x0000000000000175L } },
-    /* 37 << 77 */
-    { { 0x5a3443b09f246493L,0xf304564dbcd26507L,0x0e97a06aa7092182L,
-        0xc3db692d8477c80fL,0xc5947c4347f9b7bfL,0x5b16b09bfcb8be69L,
-        0x6d68633942bfed11L,0xb2e2c5a703585ba1L,0x0000000000000102L },
-      { 0x0c92464dce2a9c87L,0xdd3ba87f5a22f114L,0xe91630bee7c79285L,
-        0xec9d61b81671061bL,0xb124aeea3135b566L,0xdb2e1760b108a419L,
-        0x8dc457368dccb7e0L,0x395f8c1269f288caL,0x00000000000000d0L } },
-    /* 38 << 77 */
-    { { 0x5b44bbb6e8d951b3L,0x3fd669c6eda76243L,0xf5060d8492a121aaL,
-        0xa3cdd2388ff0d7c2L,0x1fd8c08b68451b81L,0x0d473fa8947d2bc9L,
-        0xb84cfb1558ecd9f0L,0xc1d74eaa5861f3a8L,0x00000000000001b4L },
-      { 0x8992dcd5a7e3fd83L,0xaca06108361d9bebL,0x6e8a01451eea9b43L,
-        0x468cbdff0dec9235L,0x13f19bff1f3f0571L,0x1c521a953db7e61dL,
-        0x8315bb22648cc46eL,0x7a4b2e18e8060604L,0x0000000000000155L } },
-    /* 39 << 77 */
-    { { 0x5aeb03ff7d3ab094L,0xfda8c273a90d5cc9L,0x6883bcf2ddf59c2eL,
-        0x6496e8504dec3d19L,0x356eab571c428360L,0xf15edcc7aa376191L,
-        0x751db33905e75700L,0x90dae8887250d302L,0x000000000000000bL },
-      { 0x11679572d6180ad9L,0xfed6254809ed164eL,0x14598065c141b48bL,
-        0x1c1f0baca4575d4fL,0x207b297aa286b951L,0x971052a3ae4c9f63L,
-        0x38ca88212a097f14L,0xe505b1ec718e620fL,0x0000000000000119L } },
-    /* 40 << 77 */
-    { { 0xf02ebe9596f52213L,0x2aba2dfc62f9f1e9L,0x7bbdde57934ef9f0L,
-        0xd5c7882ea417af58L,0x55cdfe89dcdf7815L,0xf79051b18470a435L,
-        0x364da0aa7e8593e8L,0x02c3d160975a5f81L,0x0000000000000034L },
-      { 0x59493183ccd37734L,0x085a8cd2e645e991L,0x2d54d2668c4b4a86L,
-        0x96cf84cf7b4079beL,0x4abade40ba683f56L,0xfb29c00bb5457b07L,
-        0x6ed5fd3592ae7f9bL,0xb1f1a25fb5a9d039L,0x00000000000000caL } },
-    /* 41 << 77 */
-    { { 0x26cd556b3921e1a1L,0xaea7a4d9b1f5f62fL,0x8be062eb1ad9028bL,
-        0x99c738b3f3c0f0ceL,0x5db59317f043ae79L,0x30903c23fa93058cL,
-        0xe075745250dcde94L,0xb63ee08f5d35faf8L,0x0000000000000130L },
-      { 0x9dade46088d5a5a1L,0x7f687f6624dc764cL,0x224429986af08677L,
-        0xf6ffc5179857465bL,0xdd1d92cd16eeb385L,0x3b27c4363a9ab99fL,
-        0x36fc22217b450819L,0x8a2ae9917c077c4bL,0x0000000000000126L } },
-    /* 42 << 77 */
-    { { 0x6edbc169d3c026efL,0xb990e974b3656143L,0x82dce5f11052b46cL,
-        0x522b454f346588e6L,0x87be4c0a2f04bf25L,0xc013f791d83edef8L,
-        0x208f49a8736ff68cL,0x00ae3843281e5af5L,0x00000000000000b8L },
-      { 0xfb7c1540b14834ccL,0x7578c1c9036b2491L,0xb1328c4174f9c4d3L,
-        0x9158cc04bb0a5630L,0x95d413897757dcf6L,0xe6be1b4f6bdc01a7L,
-        0x92930721197a54abL,0xf8cbb795262c5de9L,0x00000000000000feL } },
-    /* 43 << 77 */
-    { { 0xd4e40c43d91f2e22L,0x760551b0ea9f06dbL,0x7271357be6424d8fL,
-        0x1c139ebfd700c632L,0x36ffaff59c1ca226L,0xcc10334cc07ea685L,
-        0x066963dbb8b2376aL,0x38066959a91e1636L,0x000000000000006fL },
-      { 0xd27f9dc0aa8a23deL,0x9143dd55b035bca1L,0xd21f7d664d70575dL,
-        0x3e86e93ad29defadL,0xff32fb430d7d088fL,0x268353357ceb5006L,
-        0x9696d3a595ff6981L,0x6e866b5b44250a28L,0x0000000000000156L } },
-    /* 44 << 77 */
-    { { 0x351a043f060f4eebL,0x15209879d5b3bb63L,0x9698170c9178b96cL,
-        0x5b90ee14085b927aL,0xc8993568b5f2f8deL,0x9b5e29d34847abb4L,
-        0x46be1cebefd9a245L,0x8b4d783fe64a4af9L,0x00000000000001ddL },
-      { 0xb7bef10844ca314eL,0x26be580eea2bd1a1L,0xf57173d964855abcL,
-        0x21d2e1ed42aea843L,0x2a75fcb632f0d49dL,0x13316023b1c84fadL,
-        0x45734d1e7a1b533dL,0xb1a134dd8eee750fL,0x0000000000000050L } },
-    /* 45 << 77 */
-    { { 0x2891a9cc118e30e2L,0xcaa1b23324d29c24L,0x299600b7614d15b0L,
-        0xd3fa214bb2b193beL,0xabd77d87402684f1L,0x8c0b18c2fdec80f4L,
-        0x977833ca8efc68d8L,0x80752a69b3a99b6dL,0x00000000000000c1L },
-      { 0xab8b54aaaa4faf4bL,0xe58674b91485e938L,0x70e4907df9448c62L,
-        0xb74aadeba5f687aaL,0x994221ada0ebfc28L,0xa2e0bbac8df568a9L,
-        0x66e22982e1f06342L,0x800f40d53e73b5bcL,0x0000000000000053L } },
-    /* 46 << 77 */
-    { { 0xad24f8630abc1fc6L,0x04be06226625e9ccL,0xa0fd69eda80ce1e7L,
-        0x3f61e48b44c92416L,0x2ff89da5ce72dfa6L,0x462258a109268f2cL,
-        0xfb125f58b4b7fd03L,0xf72a865567c58ba6L,0x00000000000000e1L },
-      { 0x4db84d835c451179L,0x88ccccc63b02f7d2L,0x03ac849dc542c185L,
-        0xc20bc4c8b38b637bL,0x8076a9b8cdc5a419L,0xc712278bb3ddab32L,
-        0x3cf2df106e8e74b9L,0x7b177eb9486b20b2L,0x0000000000000105L } },
-    /* 47 << 77 */
-    { { 0x8afcc24d382f5750L,0x3acddfde54812d70L,0x7299dc77cd9c82edL,
-        0x1642c13900c140feL,0xa778b51691c0c3c5L,0x038b15eb2502380dL,
-        0x0762404f0bd24e3aL,0xad1e2552ce726c20L,0x0000000000000196L },
-      { 0x20a92f312523da44L,0xd1023bc8c536bc84L,0xe6b5f3a86c43897aL,
-        0xadd1b4f1b3437151L,0x5687d3eb1a97933bL,0x07c6421383350406L,
-        0x56874e419e93c582L,0x6bfc781c1f59dab5L,0x00000000000001a8L } },
-    /* 48 << 77 */
-    { { 0x6503932f0c7723e0L,0xd185af25a8934788L,0x5bc1660c792232f4L,
-        0xcfb04aabc2ccd476L,0x59e84fee16844fe7L,0x736c2cd809c31ad5L,
-        0xdf44215499058585L,0xf3b79464c3f2b46eL,0x00000000000001d3L },
-      { 0x282464c7089e2e4fL,0xbe9d0bfa17d8eee1L,0x7934aed1fcf3e876L,
-        0x76465104d4e606b9L,0xf114efb4fa4412cbL,0x8f9f32d2f1fc8480L,
-        0x2879c7855c340a29L,0x3d28e8a7d570bcefL,0x0000000000000178L } },
-    /* 49 << 77 */
-    { { 0xe39823fd528505acL,0x8ebc47325c5f2cf1L,0xc44463bec2949fe8L,
-        0x85161d86cce2693eL,0x07a25ac07ee556d1L,0x4f25af1952e857cbL,
-        0x11c601ec54424593L,0x73ab0d66312c6359L,0x00000000000001b7L },
-      { 0xa5a485e638d15a2dL,0x508d127b1473315aL,0x77f80913ce227761L,
-        0xc5ab5ba6f973549cL,0x2feded3f26e06fadL,0xe3e8a9421884393cL,
-        0xd10318ee59a646a0L,0xaf1ac30d53726ff1L,0x0000000000000152L } },
-    /* 50 << 77 */
-    { { 0x100b85a9dd94b4d1L,0xd8daf57a6587d8ecL,0x9310171258ae0fcaL,
-        0x0f97b4f8f2987b29L,0x7a3e6862af6fb771L,0x3a285868b8b39256L,
-        0x00d36274ee37b5eaL,0x52b11d2e10720476L,0x000000000000012bL },
-      { 0x3fa5ea33242d8351L,0xf9d559b230f44661L,0xd2c61b6cb62b0b61L,
-        0xc316078cfe0480feL,0x0ad7a72e4db4ea51L,0x624045e0f8bdda6eL,
-        0x30f27b5ad9c158a9L,0x94b07694a3b997c1L,0x0000000000000152L } },
-    /* 51 << 77 */
-    { { 0xc2965b4b16ac65feL,0xc4b7d9409ab82e5bL,0x229ff0cff7ea0055L,
-        0x40efdc6369eaa5fdL,0x93c5764644112d4fL,0x0b25310e2715e10eL,
-        0xd6a9efe5c9974136L,0xedacc9706ee8d832L,0x0000000000000046L },
-      { 0x893377613727b7e1L,0x88c850afd078941bL,0x58756ece7b823796L,
-        0xde7bb167aafaba1cL,0xb057cc537a7fc085L,0x83b15ebba59b9fbbL,
-        0x1319c88bc112199dL,0x74f8df4e55023975L,0x00000000000000d7L } },
-    /* 52 << 77 */
-    { { 0x52c39bdd29c86c06L,0x36c4a7422e6da397L,0xb429fe2916c08eb5L,
-        0xa8cbbcaa5f62d74cL,0x49c149eb40b83aacL,0x38128a270b423a47L,
-        0x947c4abf4f3121f9L,0x0b2c865c2ae48961L,0x0000000000000096L },
-      { 0xd489f8b216565942L,0xc94dc15e2e387adaL,0x7ecdbea39ec45872L,
-        0x122026994189738aL,0x57deb4ea1268576dL,0x59dbccf1d8ef43ebL,
-        0xdc0d07a5acc68febL,0x519e8d571a01e26aL,0x00000000000001d3L } },
-    /* 53 << 77 */
-    { { 0xaf380ca366cddf42L,0xcac3e386a4625641L,0x6366ffed6a06256bL,
-        0x9803be38a63544acL,0x75a7a48c4235d59aL,0x880b86944b0fa3b7L,
-        0x105f4598e06fd240L,0x861670560370cf92L,0x00000000000001c6L },
-      { 0xded452e494949561L,0xddae0321d7dd2556L,0x9f81b561326f74c1L,
-        0x12b3e9632604eb59L,0xb7f0a72f30a9e3ffL,0xdc6d097e4df8dc6aL,
-        0x5b82f64fb2ca84c6L,0x605abf186073c250L,0x0000000000000052L } },
-    /* 54 << 77 */
-    { { 0xcf8532fb7c6c5928L,0x809b06af68ef4167L,0x1e3f716e69dca4f9L,
-        0x605a859dd655961bL,0xc5414e946c1180f7L,0x864afda1026b8a2cL,
-        0xd181e149da3fadbaL,0xe7be322d8fce2449L,0x0000000000000142L },
-      { 0xc85d4ffa5670ff12L,0xf7e91b0ec3a84a89L,0xdf19ed5befc145c4L,
-        0x206c72965a8c3c4bL,0x0b97942db93b820aL,0xb1b890b7a51b824dL,
-        0x013d153d20dce1a9L,0xefe9ded346743f8aL,0x00000000000000a5L } },
-    /* 55 << 77 */
-    { { 0x88d2dc674477ec08L,0x80ba5fac1411b3c0L,0x969b5230a98dfe57L,
-        0x752ad8d4eeaf4654L,0x6a922cc35f3d4184L,0xc523a34808e7a943L,
-        0x5f764b409cfe4145L,0x7395772bc03b9f6cL,0x000000000000012bL },
-      { 0xa990597615682164L,0xf164f513939f3d99L,0x30f6e9db7016f097L,
-        0x8890d32051fe1e18L,0x3bba183346117780L,0x70ac1f57c19f9604L,
-        0x8457dd06d81e63e5L,0x79f823471aee9177L,0x0000000000000076L } },
-    /* 56 << 77 */
-    { { 0x8acd524bd326ffb6L,0x4a1091a39e731029L,0xb056d998600d299aL,
-        0xfb695c26b78ebf7fL,0x2b83e30c73cc7f48L,0xf2364e614bcb6645L,
-        0x6a707650837638c3L,0x6d1652bf21528a26L,0x0000000000000034L },
-      { 0x353dc81f6d2b8fc3L,0xfd3003918627a2e4L,0x5f7c25651179264cL,
-        0x69856301af46d535L,0xdfcd6cbd16f35cbcL,0x5d2268fb4fe07645L,
-        0x2ca719dd29cac6aaL,0x9f8fcb728cbe9556L,0x000000000000017cL } },
-    /* 57 << 77 */
-    { { 0x4f2db278e6836ef9L,0xdc9db67431f1f845L,0x41dac672afb53ff4L,
-        0x1f39842ea4d18cb8L,0x832a0120c8d7d103L,0x5af1307130d09edaL,
-        0xba18cee34f80aef4L,0x919ff54e9b1ece22L,0x000000000000004eL },
-      { 0x9e47ee63129039d8L,0x9b52315e4fcd8e90L,0x38df4512cbd444d5L,
-        0x35db7331788cc2acL,0x50dbadc2e36c9026L,0xc6ef1044bca03510L,
-        0x79e05a990a970df8L,0xbdd712ff5af0d25aL,0x00000000000001beL } },
-    /* 58 << 77 */
-    { { 0x9aa54906870f00c8L,0xeda2769c2f3b15c0L,0xe0532ca76d46ab6fL,
-        0x9c0906af876b4061L,0x1bd77842076041c8L,0x6174e11fd89f7021L,
-        0x9d479b3b9bd405a2L,0xf4f7c9ebacfbc196L,0x0000000000000019L },
-      { 0x7913dcc655e1cddcL,0x1aed0ee4b8d46e1bL,0x15d4d50ecd4a8a46L,
-        0x19f9f35e2c6ab887L,0x1572156140028363L,0x87e4c807d98c50bfL,
-        0x3c2ea1ef5dd21087L,0x7f39af3bfc7cfde9L,0x0000000000000065L } },
-    /* 59 << 77 */
-    { { 0x0418f880e7228e86L,0x02a31e0bc2425928L,0x1ba3e262cd64b30dL,
-        0xc90cd1893cb75cfbL,0xdda6046a6b60d4abL,0x700f6be365d4ae88L,
-        0x6c19cceb2a55c16eL,0xdda5c411dc3d25b4L,0x0000000000000088L },
-      { 0xade4b36ac8dae67cL,0x406b38c3a42ae110L,0x2ba70cf3e640d5b3L,
-        0xdb2c34c2e6b4b6d8L,0x2e0c90d8bd73609eL,0x6d1be3ccade63bf4L,
-        0xda9a3d0bb0ac8323L,0xc42d60d0d2f72670L,0x0000000000000076L } },
-    /* 60 << 77 */
-    { { 0x302ccef76dec3c88L,0x04db4fd6110918afL,0x895be3981815e18fL,
-        0x87d89080690de8a8L,0x95d62d3304a44f0fL,0x206a7909fb546063L,
-        0x327de8996eea1c3fL,0x729f6291fe7aa87fL,0x00000000000001e0L },
-      { 0x0efe87e02a49d439L,0xccc22bf2fdf9dcd3L,0x22e02cc613639aaaL,
-        0x9502c35f9ad086fdL,0x7d3551898b574050L,0x1ecc10ff410cce0eL,
-        0x8f538a0a134236aaL,0x8f60cd8c27d66de9L,0x00000000000000a4L } },
-    /* 61 << 77 */
-    { { 0x55645b80c16661c6L,0x948e917c7d0ee031L,0x3eecac38b7e15502L,
-        0x0d8e9f161640fcf5L,0x43c6dc1921b94ca6L,0x6e812bbb6a097c02L,
-        0x2d3f616b6e983e37L,0x328a6ab8353feb24L,0x00000000000001b7L },
-      { 0xdeacf95c5372c6e4L,0x16bf649897e667ceL,0xc73d49047d89c4c0L,
-        0xedddbb70621449d8L,0x55eda935acd93cd5L,0xdb12b4afb06b3addL,
-        0x2c09fe7ab0dddaedL,0xb5cdc9e307cb7ab9L,0x00000000000001acL } },
-    /* 62 << 77 */
-    { { 0x63077120aefe3471L,0x6afdb40a16520c6bL,0xdefe75d8e10ffec9L,
-        0x61bb8618aba587dbL,0xe787478faa110a6aL,0x660b61e0adaeb173L,
-        0x9c2ab425be6b827eL,0x05e45ab3bd4272fcL,0x0000000000000105L },
-      { 0xfc20b8cb722ef6c6L,0xd78e5751dc4821b9L,0x6cebe18b1f7e4a73L,
-        0xd82a17b7b3b3665bL,0xda96aa6da35af6cfL,0x7b5b59476f5ff66fL,
-        0x43ad4a772606eb76L,0x358dcbd77d164e28L,0x0000000000000173L } },
-    /* 63 << 77 */
-    { { 0x980490160e955688L,0xf9f19c4243d2e2e4L,0xd2c0104dda5c9863L,
-        0x700371f62cdd8df3L,0x5d7f0fa834cf1b7bL,0xc54ce1a18d7b8a16L,
-        0xc4ba22b8ecd80872L,0x31c353dc77828799L,0x0000000000000032L },
-      { 0xffc587a418dc7eccL,0x4973b0e2389fb0feL,0x65013621b185b1d7L,
-        0xad6003d1a86d72c3L,0xe78484f1bad2e076L,0x20f1a5678d9f7dcfL,
-        0xc351ed478c3d52ceL,0xa6280661ec7a67eeL,0x0000000000000146L } },
-    /* 64 << 77 */
-    { { 0x20084293eea8d666L,0x01afa6ae12780dedL,0xdbce851a5b79d11cL,
-        0x280a43a009b895b3L,0x95c92e1a77c59c03L,0xd99606376b9ec1b8L,
-        0x08c0bb007beace14L,0xd0ba7943eb76c9beL,0x00000000000001b6L },
-      { 0xa14d2a3f15a51540L,0xfd25ffcb7211ba73L,0x020efe82cbeedfacL,
-        0xdc5b6591aa5301e5L,0x25d3413fe1708393L,0x9a3fff34b0a1e5cfL,
-        0x1892f1b7d310f9aeL,0x3ec31f629df3548dL,0x000000000000017cL } },
-    /* 0 << 84 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 84 */
-    { { 0x541bdd795338e99eL,0x2753b15c2656702dL,0x360263f1a7f6af6eL,
-        0x42c9778702adc827L,0xb4b4a66527abff88L,0x1f9dfe514a9a1ce9L,
-        0xf1fa56ac48ceb12eL,0xf0e55a366d0b967dL,0x0000000000000116L },
-      { 0x7ed35bc349642f41L,0x69c8bc4622ee3354L,0x528466231911836fL,
-        0xdb193bafbf4b87e2L,0x427ff5f44209f1e3L,0x4152fd13dae27044L,
-        0x3b73f059a1f0ae7dL,0x621ace506f1503e1L,0x0000000000000196L } },
-    /* 2 << 84 */
-    { { 0xceb3d6d8ecc914faL,0xaaddd75d326df942L,0x8475ee47391b67b2L,
-        0xad4cc87be0591e3fL,0x1aa4c9fd9129c3b2L,0x52172155525f0054L,
-        0xa32fff27aeade029L,0x550ac763217c0ea7L,0x00000000000001dfL },
-      { 0x3d4bbc04df12e80dL,0x82d0b17e8d5ad5baL,0x7b059d1e1e38ba38L,
-        0xb22b3beb0f9c9ad6L,0x75948e7725833548L,0x15e78db4b7d8216dL,
-        0x3c573681c1697cc0L,0x02dfd8b537f9ed90L,0x0000000000000172L } },
-    /* 3 << 84 */
-    { { 0x72c5cf1e83625a05L,0xb04221efd0b73c77L,0x52de6bdddcd8527bL,
-        0x73e03488d491416eL,0xcfefb1b130e7b551L,0x872c5b20813a17faL,
-        0x75f43fb9685a3923L,0xf057cae66960bcd8L,0x0000000000000119L },
-      { 0x84e8d67954becb7eL,0x47d5e5da3afdb96cL,0xf0b5d59b04476ed9L,
-        0xb2d7daee4c2984a8L,0x07fc2e0e986271e7L,0xa9895f88b3300786L,
-        0x8f8fcd5a53a88830L,0xe9446200452d1a5eL,0x0000000000000181L } },
-    /* 4 << 84 */
-    { { 0xeb05b269a9e110faL,0x3dc96e495694769fL,0x22d5dcb190129a2aL,
-        0x15b02839ddcab3beL,0x2784efed9819a2d9L,0xc19a373a83ba587aL,
-        0x0ecfe7e631ac78ebL,0x6b7d9a50b6580d76L,0x000000000000009fL },
-      { 0x20cf011e22e1f23eL,0x2bcd70c671dec689L,0xa4956ecdb968b2e9L,
-        0xee6224fd8c68507eL,0x2aeb7d0c6e7c15faL,0xf857d1a55e1c74a9L,
-        0x4f5eb8c6298d033bL,0xfcda7bdada7ef5ffL,0x00000000000000fcL } },
-    /* 5 << 84 */
-    { { 0xf21724305ce20879L,0xd48233b602995c9bL,0x5da336e0d39d6149L,
-        0xc516d0131a37df28L,0xa7098d962b3fe1c0L,0x65cee9a96a3099b8L,
-        0xd1df9d2e320323a0L,0xb1c49334cfad65d8L,0x0000000000000024L },
-      { 0x3bbc258e902dd9f8L,0x13861a7c0e9ce909L,0x0f0497f50f7c4ab6L,
-        0xef96a255ddc4a4caL,0x4655fd6414a185ddL,0xa983915491345882L,
-        0x96c039266695b74aL,0xd88db243481da372L,0x00000000000000d0L } },
-    /* 6 << 84 */
-    { { 0xabe2205b68e52960L,0x773afddfa062a50eL,0x8c58ea01f1cf4a46L,
-        0x3e88e23dc76bb8d3L,0xbb3b294bc501e0aaL,0x42cfd6220859b18fL,
-        0x8c6dc95f16286e18L,0xd4ba253e0ecf00feL,0x0000000000000071L },
-      { 0xc3970825eb3340eeL,0x4f981608b3ad699eL,0xffb5ea24c80bc4deL,
-        0xb774f894604dbb78L,0xa164c4cb1c947619L,0x92bd21e5cf2b764bL,
-        0x4b38a590ecca13ddL,0x1a47520a05cb48a4L,0x0000000000000166L } },
-    /* 7 << 84 */
-    { { 0x85e007a105e31f06L,0x8b43c7defdcaffd8L,0x53d13f277e4ab187L,
-        0xf7d22a394d4e71e1L,0xf1daecf88d0a8b1dL,0xe51e2f3a90c409cdL,
-        0xb84b6e0b46d43496L,0xb70b148ef5e87710L,0x000000000000017dL },
-      { 0xfdcd92b7e45e1097L,0x6c5fa06295da5ef1L,0xd2fa00bb7bac30eeL,
-        0xaada82e4f49d2088L,0xf8c4fc0f56827ba3L,0x04ef216b207c79acL,
-        0x3a3a685138449d34L,0xf0ad4b5191900ce7L,0x00000000000001aaL } },
-    /* 8 << 84 */
-    { { 0xb4c52f11f3d7286aL,0xec47cb5cbbf67a41L,0x89d3382eaafb10a4L,
-        0x4afd876806222b90L,0xfa16b295feb5416dL,0x0946f9d45d095b7cL,
-        0x18526b28ff975e3dL,0x259cec2fb2f1c609L,0x0000000000000104L },
-      { 0x545642a062e36127L,0xc3e4c6f71c38e6f5L,0x1d0e02c41bf9d6c4L,
-        0x8a7a6fb6483ba43dL,0x7104aee9cf390b9cL,0x4acdccdf2578e2fbL,
-        0xc17af6df73b3feb4L,0x2fb789d77977fa95L,0x00000000000001d6L } },
-    /* 9 << 84 */
-    { { 0xa14396d3e9cd61e9L,0xe5b79eec037dc92fL,0x88217b170156582fL,
-        0xedc457471f70551fL,0x60be827f32d048d9L,0x2fe4c45edb6b91b0L,
-        0x8bc71163ba4dc597L,0xe3fc3791936e1f8aL,0x000000000000002fL },
-      { 0x8dfc5ec30139f399L,0xc93f22717334f267L,0x9b8d510da10066dcL,
-        0x8a9d400ab7c157a9L,0x5e83d95d3ad20222L,0x2e244da8483db80dL,
-        0xd434f50e97e427ccL,0x0c98d8fe73195f8dL,0x0000000000000014L } },
-    /* 10 << 84 */
-    { { 0xbf53d7cafcc691daL,0x6b8fb94f57f9d8b0L,0x8124062527343963L,
-        0x98cf3891d6d682edL,0xf0ae9654119fed89L,0x61f5810a32803c8eL,
-        0xda1c6f26ce561b4aL,0xa23e3c857b478bc7L,0x0000000000000048L },
-      { 0x455e708f3530d96fL,0x38d3928e003d010bL,0x289f06c4764bfcb5L,
-        0xcccf4fd96ecaae0bL,0x76496e196b09aa3eL,0x13cdb1b5f2f24787L,
-        0x1040ea015837cafeL,0x869751f81de1b6daL,0x0000000000000027L } },
-    /* 11 << 84 */
-    { { 0x573811f6ad9570b9L,0xbaf2ec126ca614d7L,0x6f4a9a0bb735cb79L,
-        0x850e4b736f9affb6L,0xe399dfb43b760ac1L,0xa7759b8e5cee0611L,
-        0x58d84ae60722de06L,0x5ab2ed5483dbb9feL,0x0000000000000148L },
-      { 0x98c24006df14f9e9L,0xbbd0130f0ad7bd90L,0xee55b08dc3c91b77L,
-        0x16a18d954f6934d7L,0x5f191a312deed126L,0x776bcd3284897d4bL,
-        0x83b4d25b7b0cd708L,0x6e6aa60cd9f50beaL,0x0000000000000181L } },
-    /* 12 << 84 */
-    { { 0x34383bb055bef397L,0xc14c123a43be84dfL,0xa0fae432057eb68fL,
-        0x5c6c07b24903c2d8L,0x3e78de9d32bcfee6L,0x3d2d16af93bcba15L,
-        0xafb2db59c206822eL,0xbbea1116a332e64fL,0x00000000000000fdL },
-      { 0x20075ed100c6ea12L,0x2b1d0a044e4f3d33L,0xf3bf3ba82c5370c4L,
-        0xe1675545a4b86668L,0x609432c3bcc6dc6aL,0xc09a32e36777d69dL,
-        0x9248e09861f37219L,0x32650569f539662aL,0x00000000000000eeL } },
-    /* 13 << 84 */
-    { { 0xe82b6739d225d7c4L,0xc69d44ec0e8b47daL,0xd842c960d69237a8L,
-        0x6ed0097ad24a796eL,0xef96b040030e4149L,0x55c049ac212e51d1L,
-        0xcce35f170c44bb8bL,0xbfd67f2971c94884L,0x0000000000000196L },
-      { 0xf02b65df4755c1c8L,0x3330ff77a8144225L,0xb4d9365aa39fb2b9L,
-        0xd5d31cf295c66174L,0x7597fd7decc0ca46L,0xe7565e2ce11870a1L,
-        0xc709bc5da36c5100L,0x4d319121639f0a7cL,0x0000000000000144L } },
-    /* 14 << 84 */
-    { { 0xaeb813e3c79e8798L,0x01ceafba48e50c58L,0x974bdb02569d8013L,
-        0x83c90f107c7c5033L,0x2d6e1617702dce8cL,0x55eec88c3e07ead9L,
-        0x9f9bb723106b9a4dL,0xbdbe0818e2b351c3L,0x0000000000000084L },
-      { 0xaa512a7ee5058362L,0xb288f28904c001daL,0x0ceed00ca713504aL,
-        0xff656d2de24f8ee1L,0x637ae9543eb57ca5L,0x4a21412e7342f010L,
-        0x205cf0c2a9ce4de1L,0x4780b6a3d59aee6dL,0x000000000000005cL } },
-    /* 15 << 84 */
-    { { 0x83994e557fcc0c7eL,0x887856631c37f01eL,0x88a9a5679f196624L,
-        0xcd828df25b3fc857L,0x470f8623581344f9L,0x85cf12a6768e83a8L,
-        0x5d11327b9718a861L,0x9a1045d76e713452L,0x00000000000001c5L },
-      { 0xd4c452e4711f46b1L,0xdc41b91e12fd1e23L,0x845897e431aa874fL,
-        0xcf51cd7e8cd6171bL,0x1825bd254f183e74L,0x361a0e53b5da3216L,
-        0x16349308601e0405L,0xe3a40682f094f144L,0x0000000000000187L } },
-    /* 16 << 84 */
-    { { 0xf762eaf77b602085L,0x3b6e62332d470147L,0xe1028d76d3cca3e7L,
-        0xf3616dd8ccf39be7L,0xa35c4cc108e8f10cL,0xc413db107cb4b321L,
-        0xeab81774c3249f4bL,0x3e7bdea7be83bc78L,0x0000000000000134L },
-      { 0x86999f159d38d508L,0x0c9a990afb204d42L,0x27c4421dcb616f5bL,
-        0x2cb6590d46ae31ecL,0x1a33f6ab309acf22L,0x13d99e2a80320210L,
-        0xa13731b3341d1667L,0x7e0baeba4bfcc116L,0x00000000000001f0L } },
-    /* 17 << 84 */
-    { { 0x09ab412d6424425eL,0x74cc553061d3c0abL,0xa97378272d2c78c7L,
-        0xb25da089e684f1f2L,0xcc4de4d2f911ef5fL,0x35b774b0c9b239c0L,
-        0xf155c51653f100b2L,0xb58b7edbfde0c23dL,0x00000000000000c8L },
-      { 0x176534ff99e35e49L,0xfdb72d0f3f22064bL,0x96fce9811926fa09L,
-        0xcb7d400f587ef357L,0xe45d45ab0b2988b7L,0x7c8cc19e1cbac1b2L,
-        0x8e43cd5f0a3cb693L,0xb06b000d3302b5a0L,0x000000000000017bL } },
-    /* 18 << 84 */
-    { { 0x544bbffad1aca0f8L,0x27a01dc60e8e570bL,0x23f27a75fdaaba6eL,
-        0xf3a345d98626fd81L,0x439bd947a89f1553L,0xac968c8688113865L,
-        0x7aa489c6aea28591L,0x386be8175e2e0423L,0x0000000000000198L },
-      { 0x8a5f011f50c91fc9L,0x1f8371bf1c27ba7bL,0x7e54d98356505a0bL,
-        0x108343e521aa0a75L,0x291295d453e9e9f6L,0x4398536d23f6347bL,
-        0x864de21b44ba01efL,0x58d7f468737319f8L,0x000000000000012eL } },
-    /* 19 << 84 */
-    { { 0x90da648771065501L,0xcaa29c6b26a4582cL,0x9e4edc4a47ed26adL,
-        0x42003fc1576cca06L,0x9781c36fa7d795cbL,0x61aa367436397bcbL,
-        0x5a283a1bf9903003L,0x9e80ff413adf36feL,0x00000000000000c5L },
-      { 0xf5ff812916855bc1L,0x65046899a776d1b4L,0x221fd17941fdef50L,
-        0xf19ba04539dee7c5L,0xe6df5dec0fcab146L,0xcf68fd0a805416abL,
-        0x710f16e2e4dea8b1L,0x703229d7af3ae211L,0x000000000000015cL } },
-    /* 20 << 84 */
-    { { 0x8622dc3ffa286a36L,0x51b25ca952dcd8b1L,0x3dfcd6c4753d9d21L,
-        0x491384cce2aaad12L,0x016b19a77f8167ceL,0x8c03c919e7a09ab6L,
-        0xc7ded8e3e8c1f60dL,0x318a4556c45fa24dL,0x00000000000000f2L },
-      { 0x93decd4a3ff218c4L,0x84efb5a7f04927d8L,0x2f9ca93e1cdd14e0L,
-        0x77747b0197364d94L,0xf0555c73f6ad16c5L,0x7fb0cf2f141826ffL,
-        0x7c2e2ed7b21f5339L,0xabcba46bf76ea20fL,0x00000000000001b8L } },
-    /* 21 << 84 */
-    { { 0x01a139a713943e96L,0xa3a5224c0be158e2L,0x25b4c06101cb5d09L,
-        0xd4f1a98e51e99014L,0xad1aad0e8cd226c8L,0xe791062d81749b08L,
-        0x6ecee7e89a223687L,0x4f3163daa063dc05L,0x00000000000000d8L },
-      { 0x7f1940fa1f3aa8b7L,0xbedaf19c58b91285L,0x4c309e63f113920aL,
-        0xcce150924a8a95e9L,0x7e8c2c756d1f1185L,0xeb5093d138e24ee2L,
-        0xbb1a329aa0414d8cL,0x7521eff1265b457eL,0x0000000000000085L } },
-    /* 22 << 84 */
-    { { 0xdacb242420f495b0L,0xab9079b8e08cfb82L,0xdc0a584e764487f1L,
-        0x541bbdd56d17b2b2L,0x75e7c8239b665315L,0x9e5256ca8b3cf073L,
-        0x53ce698ca963c000L,0x746f0c775ca2949bL,0x0000000000000027L },
-      { 0xac741a8b7915623dL,0x64426fbc4a5edc48L,0x8a52fba3aaef5c08L,
-        0x3c353caa91018453L,0x1e2985f81a96fde5L,0x200f91cc90733d41L,
-        0xe60794477db133faL,0x274563f14eac2054L,0x0000000000000180L } },
-    /* 23 << 84 */
-    { { 0xd573dd7a12d8cd30L,0xdce706a9ec2de865L,0xc9b322f1a4ab8aabL,
-        0x0ce9268098773392L,0xa1b40d60bf5196e7L,0xc5cefc2d898f2d1eL,
-        0x4fe80b90c18c6f17L,0x87eb7298e4fe5bcdL,0x0000000000000181L },
-      { 0x1038d18b1c63bac1L,0xff56f0c8735b6d04L,0x0f9b85f87624d96bL,
-        0x8d0da28ef1d48f88L,0x3cc190897e1f8316L,0x75114fea47058d44L,
-        0x8f7130d118e224edL,0xa0f4114bbb6215f2L,0x00000000000000a2L } },
-    /* 24 << 84 */
-    { { 0x5dc39d107da4f65cL,0x0973b4af52e2bdf1L,0x2e35974b195c5d3bL,
-        0x2321d8c5de0856b3L,0x9b218d518e19f2b6L,0x414f483cb9eba23dL,
-        0x5eb4d875d87c2c14L,0x8c3693144becdcf7L,0x0000000000000180L },
-      { 0x8ce9961bd78615e3L,0xcb4dca5b7877078aL,0xa082b950067faf84L,
-        0xbe4ef854a1ea4fe8L,0x1a746d028ebd8cd5L,0xfcd8a6be58ced7feL,
-        0x5afef0183e2b39bfL,0xfd07234d1eb20debL,0x0000000000000028L } },
-    /* 25 << 84 */
-    { { 0x5f8ee39ad41d6132L,0xdc76ed945f63e2f3L,0xc24a406ab107431eL,
-        0x8b30660eca996341L,0x5673b95c20747fc9L,0xe09168a8b0bed38dL,
-        0x6120f80719a7ab41L,0xaf1f3376e6b66ed6L,0x00000000000000a2L },
-      { 0x7c535035491f6023L,0x7d70019de7f908d7L,0x92f8ca9996e33046L,
-        0x18c5df345fc7f094L,0x38c7e1eabe02b829L,0x7b6ee9b4cc301d3bL,
-        0x55f41778b14d398cL,0x52a275ff5b3f124dL,0x0000000000000081L } },
-    /* 26 << 84 */
-    { { 0x48df4f176e539400L,0x6433abfeac7ec090L,0x9c935918c9474b64L,
-        0x472fedd0406d83e6L,0x42cc03c72592c93aL,0xff2ae77db510b8b0L,
-        0x22fb8dc513ebd07aL,0x3f093c2be656d363L,0x0000000000000016L },
-      { 0xc46f526fd725a2dbL,0x95cef0f32be69c0cL,0xb941c71b329e02ecL,
-        0x37a8cf5fe0fc49bcL,0xe5d012a888a9e033L,0x0a90a0c07d701e97L,
-        0x4d8ce592bc2ddfcaL,0x4698c015e01f5349L,0x000000000000005eL } },
-    /* 27 << 84 */
-    { { 0x97ca07ca64725780L,0x901c76f4cdf4cb59L,0xba0472400a8dd50eL,
-        0x5a6ffd1da8028447L,0x438d0474cd8e128fL,0xf92f83db9e7e41c5L,
-        0x9504f799ad95ab9dL,0xb2df6f6578f9ca93L,0x000000000000004eL },
-      { 0xae2d32fcceeb8c6aL,0xd66683f2eccb6ad1L,0x2132bf4fd0b462abL,
-        0x65d7f312152b21c8L,0xc5abfb1aace7ab8bL,0x3c88dd8282ccd06fL,
-        0xd1916201e023fe4dL,0xce3e0f140f882c2bL,0x00000000000000beL } },
-    /* 28 << 84 */
-    { { 0xa1a2d265436f1191L,0xa63ecd90846e768bL,0xce361cce96880f0eL,
-        0xbb06470312cc9bb7L,0xe58b4cf9b6d5d885L,0x711f490d872f791bL,
-        0xa31d70221b61790cL,0x1c0231435e010dedL,0x000000000000016cL },
-      { 0xc4833f45b9f2ae47L,0x39556e38e6c5aad5L,0xe7889ba4714e6359L,
-        0x7d4fa851edaf5d7dL,0xa860fdb59de3fcb8L,0xc4a44f663b213dacL,
-        0x843b20da5b662002L,0x0e4569247cc1f364L,0x0000000000000194L } },
-    /* 29 << 84 */
-    { { 0xa1f3ae570844c579L,0xff79de39a6263761L,0xc2bc07f0a1ce54dfL,
-        0xf6f36b5bc7a75e1fL,0x37ed63e547649754L,0x0bbee79b9e40b603L,
-        0x3111770ad1396489L,0xa0be70b7655f8f80L,0x0000000000000118L },
-      { 0xf396b09dfffbe440L,0x5c64b53ee98d45b7L,0x42aa83ff599b7ea0L,
-        0x4130842825c6b232L,0xdf4377f764153f28L,0x7253ee06ddc00b84L,
-        0xd6e3139b30384ae9L,0x47a15b0b5bbb7451L,0x000000000000002bL } },
-    /* 30 << 84 */
-    { { 0x817f91e777960e81L,0x16ec79224e9251d1L,0x20edc99036eecb38L,
-        0xd1287d7e6d0c4b7cL,0x9a98e31842255d2aL,0xc5d8fdee1cbf6b61L,
-        0xf4aa4eed4b8c971fL,0x506ed9b587a96b0cL,0x000000000000000fL },
-      { 0xffb1cc83853daa7fL,0x650ab9962aa0d0a1L,0x1d1a02515ca4f753L,
-        0x7e3dbe541252c13bL,0x256550cdffc132b9L,0x0c01f3a681cc2164L,
-        0x174f7145eb5741f8L,0x6d134e21b5f4b761L,0x00000000000000bdL } },
-    /* 31 << 84 */
-    { { 0xb2113429b557c0e5L,0xa95168cadc18b438L,0x64839ff62228b40bL,
-        0xc0d6a854c63f11a4L,0x80502e786ee1d154L,0x872c5a6d432e45d0L,
-        0xeedcdd06c62d1651L,0x8ecee7ea2f605a64L,0x00000000000001caL },
-      { 0xa5dc211b2d708b77L,0x4e92269ac396cd5cL,0x384e400c93709f53L,
-        0x48afd1bab372eb3eL,0xc189796872262e2aL,0x0fc769ec4a02e904L,
-        0xbee107dfe82e06b6L,0x47b15a79d838f656L,0x0000000000000012L } },
-    /* 32 << 84 */
-    { { 0xb6675f53da1ef419L,0xdea5203bad0b5824L,0xf882dc2fcfff1ea2L,
-        0x8ef992e408eb5b24L,0xd80e2ecfc3d2321fL,0x4ca7becca5f96675L,
-        0xe2ce41b01e1a9196L,0x9b3d81319890d917L,0x0000000000000094L },
-      { 0x85c66efe87c9c810L,0x66fc21bdf644e538L,0x2b90cdb5e4835d87L,
-        0x9a60f2140f91258fL,0xb60eb76484bebf7eL,0xebe2c36f96b0614bL,
-        0x95acc92792a11210L,0x31101643f35ccb23L,0x0000000000000101L } },
-    /* 33 << 84 */
-    { { 0x1bb898741403ae70L,0xb71332db93c5c5adL,0x8d376cac631d9843L,
-        0x6a64f3d5a0d90788L,0x65f635c0b16fa167L,0xe8b3efe222000a88L,
-        0x4c11db4472cdd206L,0x64fd7c85794b4affL,0x00000000000001e6L },
-      { 0x360185c79563ef6eL,0xedeb5d8659aa49f9L,0x012d2b3e6927b587L,
-        0xba435a3d7c25729dL,0x222cea98cf3ce39eL,0x8fa5ad445dd816f1L,
-        0x4d2112b530d8033cL,0xb60209556011d8d8L,0x0000000000000099L } },
-    /* 34 << 84 */
-    { { 0x63f01bdaa71c3878L,0x3d4afb465cf66f74L,0xf9583ec1678f8f6eL,
-        0x9cbcdf8b63daaa0bL,0xf342f44f57521779L,0xf8840fe19fc0e1bdL,
-        0xc9eaf6ad31105808L,0x33c51a393f6d43e2L,0x00000000000001b6L },
-      { 0xab9720cfd10fa72dL,0x8df3a2db5c0d0c52L,0x99fcecd7c197aa7eL,
-        0xea53f54b37c93ddaL,0x6f185d4115d2837dL,0x19f0b7534b1e1f08L,
-        0xfe2fb6302131d7f8L,0x72d9a3561a76d7ffL,0x000000000000019bL } },
-    /* 35 << 84 */
-    { { 0x437f79d375c6b34eL,0xc0e3f217b9eb1ad2L,0xe876fb20b70a0c11L,
-        0xf769ec0a5ab5e17bL,0xb15cd92e0e3e8809L,0xa0487df77a2baf4eL,
-        0xcc0959837cf8334eL,0x1d8963d1c44ce5deL,0x00000000000000eaL },
-      { 0xea4053f0120c4d48L,0x15f63fd5cac7a63aL,0x6a390224848ad40aL,
-        0xec32269d76a755f4L,0xcda608f2eefe1c64L,0xdcb61661d558b4eaL,
-        0xf98391a0dc807487L,0xe633fa599e31b651L,0x00000000000001bdL } },
-    /* 36 << 84 */
-    { { 0xb964e249e324fb45L,0x968e1e694d8f7829L,0xe883e2ce4313e21bL,
-        0x62f2f3a5c0e654f9L,0xb2d921e6c6129771L,0xbb10882246ee4248L,
-        0x27fb3a768f8b0e62L,0x3a49d6a6d36ce785L,0x00000000000000c0L },
-      { 0xad32676fa616ee2bL,0x73b1140bc4840882L,0xf1464ae8588be8beL,
-        0x24d0cf2d0a9bb743L,0xeae9e1c230c88289L,0xd8f78a5b642331edL,
-        0xd5010f57537f40f2L,0x0a936df89609dfcfL,0x00000000000000ccL } },
-    /* 37 << 84 */
-    { { 0x97f48719ae3ce48eL,0x54690b991d17ac8bL,0x5c9c2f04b5e64622L,
-        0x9e62f3506da3c286L,0x153fcc9a51798c01L,0x9d36b1d6f1674c75L,
-        0xa7cef42f10977d7bL,0x00610128c0bbe827L,0x000000000000017eL },
-      { 0xbe9358d9aaef8892L,0x53abaf01b2af87ebL,0x2b4001b86d6cb1d6L,
-        0xa14df2ed1faf6b9bL,0xf88044d032289473L,0x83b6b3499918fd58L,
-        0x52115a9d8fb5d528L,0x9acd77c8a0bf9026L,0x0000000000000191L } },
-    /* 38 << 84 */
-    { { 0xc91a51c7040a8d8fL,0x3cc49d9661a7ef84L,0x80b29df6ee19d30eL,
-        0x5846acc4c76a6aa3L,0xf59e5c8b0f6e605aL,0x59cc663742788224L,
-        0x2573ab2034f423d5L,0x80ee46c160e18d6fL,0x000000000000017bL },
-      { 0xe7ec97098046e552L,0x492ef25050f412aaL,0xd4bcffad10a7a752L,
-        0x6508108fc376b144L,0x977ff961ba934045L,0x07d99b2e5dfcae1eL,
-        0xc4fed2e4aa955090L,0x294c7669e1d608b7L,0x0000000000000067L } },
-    /* 39 << 84 */
-    { { 0xccf1f6c5ef4f2f8bL,0xacbd47025a3525d9L,0xb3ca26135fecadcaL,
-        0x46fc46a340358ec3L,0xd3e61faeea406aaeL,0xa7abaeca6d70ad8fL,
-        0x53468d6374115258L,0xb276835206ffccd5L,0x0000000000000000L },
-      { 0xa424a15acf32d90fL,0x28766c229c8153d6L,0xbf06c575395ba3bbL,
-        0xbd027833e7a31dcdL,0x12a012a9eefa9763L,0x951bd91f08eeecf7L,
-        0x1b2a8bbf81cc733eL,0x46edd7f005bc357dL,0x0000000000000198L } },
-    /* 40 << 84 */
-    { { 0xe4e1851f8482e5f3L,0x41c94a2d3be00950L,0xbdd52c7712e434aeL,
-        0x985367cf5700e59fL,0xc9368d83bd1a3ee1L,0x7be0cf37f24fd5acL,
-        0xad4cb8dc8c53e814L,0xfa2bf5414d59b923L,0x0000000000000100L },
-      { 0x205f070765c46cf7L,0xe87fc3e236c06ff5L,0x40686149364e6680L,
-        0x3e7a4dba44aea566L,0x1a43cd99743158d2L,0x8b6d491ef63802a0L,
-        0xd4956a9d57ffabb3L,0x0416326261950885L,0x0000000000000181L } },
-    /* 41 << 84 */
-    { { 0xb1e98d6fc192467eL,0xed8333a1b0944aa3L,0x306ef165d1c49f1eL,
-        0x707bc71d81d6b7a9L,0x29be1c1371882a29L,0xcc9c8eea35825332L,
-        0xfa4ea1ed6d1089d4L,0xcef289b15f949cc6L,0x00000000000000b5L },
-      { 0xf99439420c8b490cL,0x2a4684215ca1924aL,0x5ddce0e570f4aec7L,
-        0x4b380387ab2f1d5bL,0x9da44a9eea16b553L,0x8f497cc8d5cc8e78L,
-        0xef3ebf1567627483L,0x5686bbe0bbfb1b54L,0x00000000000001b1L } },
-    /* 42 << 84 */
-    { { 0x4662d28ec7e6847fL,0xe545ac9ad8ddd128L,0x2172153149f08bf3L,
-        0x88bbc0079365959aL,0xce2248bb82dca136L,0xb666d008f10e0af2L,
-        0xd415bc8db5c51813L,0x3651b829b851a49aL,0x0000000000000011L },
-      { 0xe1ba9a43aa6302e4L,0xfb903793436b8d1eL,0xcdf4d3f7f178a0e6L,
-        0x628bbcbbdbcf158eL,0x18e2270de95d3b9bL,0xa5a9618a9f902344L,
-        0x41faa409a5c86b2bL,0x8332a0d2a1a1c2d3L,0x00000000000000c4L } },
-    /* 43 << 84 */
-    { { 0xe886e4cd45872d57L,0xee5bd4078124f950L,0x28bbc75fd3ba8e8dL,
-        0x3fe2689b2ad21b8bL,0xf73d1b63843923c9L,0xe845cc510bcd7064L,
-        0x6744555d4cf3485fL,0xd3ec166fa5a608c8L,0x0000000000000090L },
-      { 0x1b78f5d6c66341adL,0x6652224f03d0da0eL,0x85b069c5afb3147aL,
-        0x60fd70524a920fedL,0xb521aa799812ba7eL,0xada36124a15040c2L,
-        0x2c982c738205d28fL,0xd4e80bba57750491L,0x0000000000000005L } },
-    /* 44 << 84 */
-    { { 0x5010064a8e955d63L,0x11caef9eaaaa54d2L,0x3de4eae733f1f9a9L,
-        0xd559a26a9a5be2dcL,0xfa61002e0022eaadL,0x156c011675f376cbL,
-        0xa67586806f193ebaL,0xf92ce94d44b2579eL,0x0000000000000191L },
-      { 0x083cc46c2fb67bd6L,0x4f3c6ca21f06d1adL,0x0ee38f3985b65aa6L,
-        0x093adf465c42e7deL,0x31fbdf11aaeadb6dL,0x6be3fc78b115c404L,
-        0x7e385a3a7716f591L,0x18bda694c482d126L,0x00000000000000d1L } },
-    /* 45 << 84 */
-    { { 0x62bc238b9350ca2fL,0xab8c8c907ce8d14bL,0x330fffc7cb6951fdL,
-        0xadbdbdf726228babL,0x97da0a346d86e130L,0x7fec5623a25aea42L,
-        0x2922441ffd4335d9L,0xab2cd1dd1abb6d5cL,0x000000000000002aL },
-      { 0x7d759a051a8bdc24L,0xddb3079c7d82c77bL,0x3eb72f6e47e40f15L,
-        0x486385847b2f8e23L,0xe112ce8c04043e37L,0xb48be1b38da1281cL,
-        0x0e10355b67f8bfd0L,0xf2b0c5434b82b796L,0x00000000000001eeL } },
-    /* 46 << 84 */
-    { { 0xaa7425c422ecf2b5L,0xc695477f535d1924L,0x49eaebfa73688248L,
-        0x5d1daa50958195b3L,0x5e4b153e7c018a3dL,0xe42017076ee32e65L,
-        0x96e3679190564352L,0x65162c18dfee3262L,0x0000000000000123L },
-      { 0x128ef8610f1e66b1L,0x0b3b7f96243b98e6L,0x69252a134db87938L,
-        0x6523a4f880af7609L,0x2883c39d8576bfc3L,0x1dc4d969021262edL,
-        0xf1d2dc8acd5cecd3L,0xdcd1e118b56a9e1aL,0x000000000000007bL } },
-    /* 47 << 84 */
-    { { 0xe7bfb96f27c1c719L,0x1a7c15ff79d8affaL,0x5641d7e5ee475f3bL,
-        0xbd5cbcc3a00e54e0L,0x18dc810eba44c745L,0xd7a3f693c8b3b3dcL,
-        0x225735667779731dL,0x305ba162fa55fbf2L,0x0000000000000119L },
-      { 0xa47c5ff2e6ca3cbbL,0xe4d73b0fbe4bf508L,0x7afb6b99d95ffd74L,
-        0x0acb7b5955f22144L,0x162205d8205205dfL,0x8650751dcde671e0L,
-        0x34f91ffb549b2867L,0x7dd0bef98cf1252bL,0x0000000000000047L } },
-    /* 48 << 84 */
-    { { 0x8f345bc8d78fd6f6L,0x35446be7bc603416L,0x22a05fc392954e8fL,
-        0xcd51695bde517ca3L,0xd452c3c1c30b42e4L,0x71f0be42385847bbL,
-        0x3e5604dafa66294bL,0xa32470c791efa7abL,0x00000000000000f7L },
-      { 0xbe46e43f247c00dcL,0xa464ee494fa716e2L,0xf16522fa81328c41L,
-        0x495048b6187556ccL,0x71224071c1682e5fL,0x5e33dedfb9f18963L,
-        0xfce493c999a767d5L,0xc7f53c566ffa81f2L,0x00000000000000caL } },
-    /* 49 << 84 */
-    { { 0x7557d129fa582630L,0x0c29419fc3a8f93dL,0x05d98c11c43ea10cL,
-        0xa42d9960b32cd279L,0x5477eb119d8e50e3L,0xd9df006a04037414L,
-        0x1a8f5bce799cf5b7L,0xe5f831b3973a4d2dL,0x00000000000000b0L },
-      { 0xb71509b84f43baa6L,0xde79572a94216d36L,0xe4e1219ff8c907f2L,
-        0x718153f00c58e3d5L,0x375bc748b0b9c967L,0x74542658e9866665L,
-        0xbbc3f48935637c07L,0x7be87a6602bef3c3L,0x000000000000009cL } },
-    /* 50 << 84 */
-    { { 0x6f3a54f7faa6af3eL,0xb6b5c7a3b40d2a61L,0x74488f8b7e5e78e1L,
-        0x9785934f32458d93L,0x816bb076497bb349L,0x402cd0102bab1095L,
-        0x645a00a73952775dL,0x81c168da32ccaf83L,0x000000000000001cL },
-      { 0xf349c1a8e63682c1L,0x05b8208312f3fdf5L,0x4a66e016a3c212ccL,
-        0xdf57f4624c8e1a06L,0x0a58dc1f3ce46f7bL,0xc2cbccbdbcb4ff74L,
-        0x4181af1fcd9816e6L,0xa74ac7b2d9bef6cdL,0x000000000000004eL } },
-    /* 51 << 84 */
-    { { 0xf4c94110e40800bcL,0xe7fdd5f32c1adf77L,0x34cdd805433705c0L,
-        0x1e052bace29c6896L,0xac99d1e357668ffcL,0xf2493acb108fe93cL,
-        0x2525654594876b05L,0xb5bdfba4243ab702L,0x0000000000000043L },
-      { 0xca1a99e24e61dec3L,0x3156650fcadd4f7cL,0x154d58e7316df624L,
-        0x168f675ec69f07dcL,0x2b6132aff1f6e22dL,0xcf26d9cecaa1da1eL,
-        0xc90ebd6649614b29L,0x25bd2d23c33f111cL,0x0000000000000104L } },
-    /* 52 << 84 */
-    { { 0x0b53f0b81b4d52d0L,0x8c4441776ef01b39L,0x3bd2523e3ae80d38L,
-        0x9bc7180022780af4L,0x790c175dfad470e3L,0x6b0901ca7899421dL,
-        0x02f1fae7f277dd5eL,0xc3f2ff0fa752993eL,0x0000000000000053L },
-      { 0x6a5fdd41467789ecL,0x008e446af6c45a22L,0x29b94285a8a2549dL,
-        0x97b6f905b790912aL,0x813ee7d71d18e889L,0x24ef40cffb27f9c7L,
-        0x17804ebd2e5b2ee9L,0x46e274b1a23b11aaL,0x000000000000009fL } },
-    /* 53 << 84 */
-    { { 0x37405c0f2ec88247L,0x0efb4320bcd3980cL,0x6f5208443300619dL,
-        0x55ddd732bc2d59fbL,0x9492d50639fafeb5L,0x497dfa7083d6b3b2L,
-        0x256fc9c3bff9aafaL,0xf098b2e3bc00553cL,0x00000000000001a0L },
-      { 0x614f8b947c52e7e2L,0x2a37ad1ffc24205aL,0x6789e9ab7cd65901L,
-        0xfc1affa3cf4a3893L,0xe85ebf5395afb652L,0x1f125e08d894d2f9L,
-        0x84ff44210581d1a7L,0x94d9ad851141226fL,0x00000000000001daL } },
-    /* 54 << 84 */
-    { { 0x2a6c39229fd5362bL,0xe3f57b2c9603ea6bL,0x9bf96cfc06b377a1L,
-        0x78441c5bfb189eb4L,0x92b2f03859b24728L,0x36df97db7aeaa65fL,
-        0xffaf8dc7577bb75eL,0xfdf8a723f94a0cd7L,0x0000000000000054L },
-      { 0x9d98b4e63b18f662L,0x006a23929f5527a3L,0x146d79edb9fcb789L,
-        0x1c2e41541a688f00L,0x9c3ad38a03723314L,0x20db0b042792f661L,
-        0x3f8e5a9ad44e279cL,0xc1759eb7e4234ee0L,0x0000000000000146L } },
-    /* 55 << 84 */
-    { { 0xd93f2eb26a5a8f34L,0x03be88bf736696f7L,0xc567bc9fa6421a9dL,
-        0xd3de6d94de629f74L,0xc0c799756b3804e1L,0x915c3c2d9fb8218aL,
-        0x37a5348070dae219L,0x6846e38d019dc6dbL,0x00000000000000beL },
-      { 0xf7e5952acfdfaa59L,0xadd136aebd5931efL,0x7d46541132cb2671L,
-        0x185c32a081655330L,0x3c4b5ce10349dbfaL,0x1c3fed832ecb307dL,
-        0xe46449a989c05184L,0x675cf8dd123d9b59L,0x00000000000000ecL } },
-    /* 56 << 84 */
-    { { 0x1278fa814bccde89L,0x5f87ab65ca1aa6b6L,0x3224aa7276b5225dL,
-        0xf6eb6a973ea5228fL,0x54144015f78bb113L,0xa045a86710626f8cL,
-        0xe3ff56bf38d5584bL,0x74caa5e96ff5aa1fL,0x0000000000000078L },
-      { 0x8caf4a080806bd7eL,0x8362ba16c2f33680L,0xaa6661c891a5125fL,
-        0x62bc9088a5e3e1a5L,0x5290b3f327286edaL,0x4af9e00621622922L,
-        0xea41b46caf9f424cL,0xfeb0036d7f5a2f0dL,0x000000000000006fL } },
-    /* 57 << 84 */
-    { { 0xb092feff1b9c9b5aL,0x85d4a394ef27381bL,0xc9ae229257c413efL,
-        0x81ef8394c16afc72L,0xba0aabca6f16377fL,0x973f71e7685374b1L,
-        0x138a6e2ee8d2affbL,0x15c3a93400cff0aeL,0x00000000000000a1L },
-      { 0xa37a19670e094a1eL,0xc8f1b7699121d92aL,0x1556bdb35570ebaeL,
-        0x713b4c060db754c3L,0xc864a6fa87371dd4L,0x80539a886f6d0e2dL,
-        0x69cdcf5f5dce8380L,0x175bcb246ce73030L,0x00000000000001fdL } },
-    /* 58 << 84 */
-    { { 0x463bdf0350cdc663L,0x00f4f1ac34ae8e83L,0xc4553a54d0dcb3a3L,
-        0x765bdbb63611767cL,0xf523682af9a08ffeL,0xc9e2adb2d0c9ea77L,
-        0x6dc611956b5ff81bL,0x45281bf570e2e065L,0x00000000000001c6L },
-      { 0xef26494f7be2fd61L,0x06bccc4c1e97e9c4L,0xaf0deb0092a75c16L,
-        0x4e67e0eaae8a4e84L,0xbb994c6fb27331a6L,0x9d9431e64250cc74L,
-        0x1e6013cbce2fbad8L,0xfe2c5db4c8934179L,0x000000000000012aL } },
-    /* 59 << 84 */
-    { { 0xbf7ce9203eaeb879L,0xe4adb4412790ca4dL,0xaef87b4077d14c85L,
-        0x9db9212d3d01cc39L,0x5d1080dd2db945cbL,0xd85c0a46a0ec741eL,
-        0xa0db567c6f98c8ddL,0xbd5887fda6c88bffL,0x000000000000010dL },
-      { 0x3d55f50a2ce32631L,0xbe582d2664339e56L,0x4e2f8bd7ab5210f9L,
-        0xffe002bf641284e2L,0xa5b24d9844b55b21L,0x35944f8f399a9eceL,
-        0x78b96886bc8d155aL,0x6d2b068993da1b6cL,0x00000000000000b5L } },
-    /* 60 << 84 */
-    { { 0x752f2383f47d22d9L,0x4436f59ab058e8a3L,0x30d780e7be6327e8L,
-        0xf7e393b5f00c622bL,0x46d05f6528533fa6L,0x9642c8a0e01903bcL,
-        0x99f5c21312b7afdaL,0x3b740059a89e1edaL,0x000000000000009bL },
-      { 0xdf0a0c70304f33d6L,0x458c5da833038214L,0xd2045ba526c1e684L,
-        0x217fbdb9379ac190L,0xd94eb4c18e21ec0bL,0xd12612ebc3ace041L,
-        0x5e37a0e595fe0e88L,0x8c588a87aadc9beeL,0x00000000000001c8L } },
-    /* 61 << 84 */
-    { { 0xb3ad16e907cffecbL,0xe901374a7619fc54L,0x65759e1cf2eee444L,
-        0xe4070ff0f73eefeaL,0x6d124a8bfdf9f9a6L,0x9c8abaeafc9dd073L,
-        0x9b32d3d77a8681c4L,0x3f11eec648f8390bL,0x00000000000001cdL },
-      { 0xb0168093d60307c2L,0x7c6c4d9c939fd410L,0x56673b7ed7727cfeL,
-        0xa94cd30a12c5f670L,0xed7ebb3137b094e2L,0xff2c49e15fa3a378L,
-        0x484ca05395672337L,0xf003dfa5bc56bf71L,0x000000000000007bL } },
-    /* 62 << 84 */
-    { { 0x838aaa72aa1a8108L,0xcb69952741314f71L,0xb86e9b187229923eL,
-        0xe4b3edd49f464608L,0x8771316c1b071ed2L,0xb07e1b084e5a8628L,
-        0xc26653e1c612209dL,0x4b3bbf396bb8d7dfL,0x0000000000000182L },
-      { 0x893144f03ca1a824L,0x78bd4476853ad53aL,0xe55634ba95927c46L,
-        0xfff6f90115cb52a7L,0xf4277aaa05f678e5L,0x6c3177a1ec5503b2L,
-        0xa0cf20337725d926L,0x7509b601bfb02022L,0x000000000000001cL } },
-    /* 63 << 84 */
-    { { 0x3c71f272f99ccff5L,0x248c71670baa49d0L,0xcb6b725da2ef88aeL,
-        0x4a1a6badb5a5e92bL,0xd7a8a6680140c680L,0x07311eb78037e44dL,
-        0x0eabe9b35a276617L,0xa7103657db352138L,0x000000000000019cL },
-      { 0xb1c0fed884d7f562L,0x9983df5d634efe2aL,0x9ba4a7697ef18903L,
-        0xccf0889b53fb1f2eL,0x8330a65c863a63e2L,0xc9763fe49141ee1fL,
-        0xa9145ee450a81aeaL,0xe21cc944bd46f62eL,0x000000000000004aL } },
-    /* 64 << 84 */
-    { { 0xbf73b24cded2eb86L,0x102900b33ea89845L,0x1d88c5073857cdb6L,
-        0xa939a76b9be255d7L,0x28d517522ff653b3L,0x6d8170467642df2cL,
-        0x148b45e157e353b2L,0xd565f776b34f0f19L,0x00000000000001e5L },
-      { 0xca5185a2c4b5de1eL,0x527acebfeadf8e0aL,0x652b994b86479736L,
-        0xe252209ad2f97a05L,0xc9b07fc9d6960578L,0x479ba949d264f983L,
-        0xc80d32b5e8d9b938L,0x59280d580a6a7f28L,0x0000000000000177L } },
-    /* 0 << 91 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 91 */
-    { { 0x2db7055db286bac2L,0x0fce34c5fe2d537aL,0x8addcea5b95e9476L,
-        0xf1bacbd41a7c7ff2L,0x28b7f0c9203fde3aL,0xdfa6cf793e844a62L,
-        0x0107e9039627dc6cL,0x053f2778413fcc52L,0x000000000000011dL },
-      { 0xf67e718bd10f90a4L,0x7dbcf1e00bc29398L,0xfd5e65d19130e9c3L,
-        0x6149b3969c518e5bL,0xfb574bb4918e2279L,0x6c67563fc513415eL,
-        0x60b90d7aba1b801aL,0x2239b9dfaf900381L,0x00000000000000c8L } },
-    /* 2 << 91 */
-    { { 0x2d2f9e08a2abb00eL,0x4c8c679d17648c6aL,0x52e2e9bab8520197L,
-        0x7470a3cfe0898e48L,0xbfeb2a9190617e18L,0x247ea702f44de1a6L,
-        0x7baf95b27b1604fbL,0xe9e81b78020c5856L,0x0000000000000159L },
-      { 0xdeb81330da533799L,0xdc4de9f13996b5beL,0x6a8b7630d33f04b5L,
-        0xa4554acb2bccad83L,0x7974bd472a7f5d61L,0xc481a752b01696d5L,
-        0x6dfbefde8ca48da9L,0x2fda492fe7db0c27L,0x0000000000000053L } },
-    /* 3 << 91 */
-    { { 0x9ade14635a0a982bL,0xd31440afc586e5b9L,0x07bd1b34749ffc4eL,
-        0x2f9bed8ea9f71f98L,0x73de5d52add7cf9aL,0x1b55d53a31a718f9L,
-        0xf06707b8cde59432L,0x247e5a8deaf860faL,0x00000000000000d0L },
-      { 0x76dcbffdf5131ee4L,0xc17d25f7d4e3d0eeL,0x195daf924a96ace8L,
-        0x342d659305b1ca63L,0x4675cf349b40dafeL,0x1855efc293b0ec70L,
-        0x94aacae1f878f477L,0x818b2f1a524aa9d8L,0x00000000000001faL } },
-    /* 4 << 91 */
-    { { 0xa2dadbb4cd046713L,0x63eac83e81afa390L,0x0d85b1ab422bc0bfL,
-        0x9dfc0092d5895af2L,0x125b2e6c87ee0edeL,0x962988829eb070d9L,
-        0x1a1178f85b0785c6L,0x9335c96bd4486f80L,0x0000000000000029L },
-      { 0xe747e4433c5cb794L,0x50803223044fd597L,0x4bf3bcc02fc59de3L,
-        0xd9f4dc3244245ab1L,0xbedf6330d2dd61e3L,0xdf8110a904d7c5a7L,
-        0x852f2205bd400d1fL,0x4595afaf9c6e9cefL,0x0000000000000111L } },
-    /* 5 << 91 */
-    { { 0x72eb4fb66672a844L,0x2ed80354a581749cL,0x456d603fb3a028e8L,
-        0x82bb6fec3703c343L,0xec001da6c2967450L,0xe6930d3c01cb4b41L,
-        0xd3a7073dfc88dab9L,0x28564308bae83616L,0x00000000000001aeL },
-      { 0x7a6b143eef89965aL,0x3d75a3d3e25394aaL,0x7185b011164ed20eL,
-        0xf6744be64334a31dL,0x9715be2f8a86350eL,0x8d3ad1d585ff2738L,
-        0x1081a847a2b1ebffL,0x7918917b3d13f45cL,0x0000000000000030L } },
-    /* 6 << 91 */
-    { { 0x1f6fad01e435a290L,0x2233fb1ca1797bbcL,0xe5c86b07adec0e98L,
-        0xa6c3e3b32c38f3f3L,0x148c7cc4be4d76ecL,0x9a269e568f91b601L,
-        0xdd4fde651872ef0fL,0xac81696c8aa5366dL,0x0000000000000123L },
-      { 0xdd10f5bfc06df67aL,0xe02f88cfb5e3d640L,0x67533defb63366e5L,
-        0xb81b500dd4f7515aL,0x258048297ac6fdeaL,0x05e776b30c92e736L,
-        0xd366e4abfdda7ba5L,0x1c88e25338a7d99cL,0x0000000000000199L } },
-    /* 7 << 91 */
-    { { 0xa8dc56599f91d149L,0xa923bb49026dc899L,0x2690fd103064ff52L,
-        0x5633caf40d3450c7L,0x923c18b90f268931L,0x7e333305cc000404L,
-        0xe4913381c2160055L,0xc8b61c0db37bdb04L,0x00000000000001e7L },
-      { 0x8f3cfed118432691L,0xf3409d8e0bbd5e86L,0x8094f20d1f240ab6L,
-        0x8ae2ba7484473b65L,0x509f55533d950c04L,0xb377553f306e84aaL,
-        0x32863abfc776e80fL,0x7de67f5d788698b4L,0x000000000000005fL } },
-    /* 8 << 91 */
-    { { 0x9b40a31f03d3477bL,0x57e0e72e400294feL,0xe8aa7d3fe3e8af40L,
-        0x6a3d54748dd4d7c0L,0x564564fc65e1bac8L,0xf8584769108c5fa4L,
-        0xeb211eacdbbbb595L,0xe06b04dc24a6b7f6L,0x0000000000000197L },
-      { 0xc7689ffd29bfb3d1L,0x7aee57f372378c9eL,0x007255d96efe861bL,
-        0xb8d3f65f6cfbbfabL,0x44629a5fb6d3923bL,0x49e47cea97373f3dL,
-        0xccefc3e7e5d385ccL,0xcccad6e68461478dL,0x0000000000000061L } },
-    /* 9 << 91 */
-    { { 0x65e1029251b47bc2L,0x050f0ef396e11799L,0x05ca59da588c0f6dL,
-        0x3fe6edce2ff2979fL,0xf5d22ed3902d3268L,0x66f1fad3053dcf39L,
-        0xf59a2c579c249cbdL,0x376c29df17ad6077L,0x0000000000000132L },
-      { 0x023fb75627e9548cL,0xeca768ffcc4e8a89L,0x9751524855744e88L,
-        0x62133797b724a018L,0x047efbc1039f2eb8L,0x12605556a4f29411L,
-        0x25f2a0fe026f882aL,0x58e45392f069b7f0L,0x000000000000018dL } },
-    /* 10 << 91 */
-    { { 0x8980df2d3699e35fL,0x9116ddbe7fee846fL,0xe8e6e54efa3d46b8L,
-        0xb6c3996eb65bc109L,0xe549c8eaeffaee6cL,0x9553bb7b31410debL,
-        0x3900d1cca660056eL,0xea4c30ef15f7dbf7L,0x000000000000018dL },
-      { 0x0bf375e11b976fc5L,0xbfa9c68017e1cbe9L,0xd9c860a1a7478ff3L,
-        0x3412562269e4e8e5L,0x0e98341ce1ff1512L,0xd320c6fe76eb4630L,
-        0xa06cec281ea3e4a9L,0xbb00b6a08ef84307L,0x00000000000000deL } },
-    /* 11 << 91 */
-    { { 0x892e36ce5b432ad3L,0x65dcf3b180d272acL,0x4a5861edd686b1c7L,
-        0x313b59e35fca28acL,0x1db0e208a29011f3L,0x4b91de51b632d0b2L,
-        0x024ca341ce943710L,0x6427e1ac2e5db5ccL,0x00000000000000a9L },
-      { 0xd6513c981850c1f6L,0xb93d2ced05479ac3L,0xe186562779609143L,
-        0x8cfd054ed44fec67L,0xe60e2c83e580c3d8L,0x17f8ddb76f8b3a07L,
-        0xc6deddcec0273a7dL,0x8020047a079b21a6L,0x00000000000000a7L } },
-    /* 12 << 91 */
-    { { 0x475427960f5bfa4bL,0x30d431dc7949b183L,0xf8988f286f450425L,
-        0xd6f6e60dd3778a2cL,0x08719f9364d83e77L,0xc77516d1cb7840ccL,
-        0xafbcd88077b2ccb6L,0x7037603dbfacc373L,0x000000000000008eL },
-      { 0x7d1f72796e42ce5bL,0xc9c7aa48535c241fL,0x117dc1334fa7bc3eL,
-        0x85e9129b83ac9251L,0xb0237b53de78fbb3L,0xe95c6512ab35c8eeL,
-        0x8ba19c451f97669bL,0x9b9f0c8a7aab8881L,0x0000000000000127L } },
-    /* 13 << 91 */
-    { { 0x007dd941777f4caaL,0x61a0c071d02a6bbfL,0xc0651514126587eeL,
-        0xee66732f97cb295eL,0x9c72c2da783373deL,0x530a0bde961281efL,
-        0x595096121d87a2d2L,0x3c9c4775fe361e36L,0x0000000000000144L },
-      { 0x190552d422a5f596L,0xee643d7b2beba873L,0xfb0ec2637529f7c0L,
-        0x4aae3efb6677edb6L,0xeadd8fea23ac4ebeL,0xcc44798f791f6241L,
-        0x69c5d73d0d94c9e9L,0xda1bbd06d7a37d3aL,0x000000000000008eL } },
-    /* 14 << 91 */
-    { { 0xc184af99246bc98dL,0xae516351e0904d25L,0xda6cc6c8a4fa486aL,
-        0xfc9ef8fe33dd0f0aL,0x8981f399afd708fbL,0x655302032a22f104L,
-        0x5a8d2895890718a9L,0x7f48ddf88c71713aL,0x00000000000001f0L },
-      { 0x2e16fac769a4fbffL,0x1ef4ff56c3abf535L,0x8f332c083aee6084L,
-        0x312a01982b2ef3e8L,0xb53036685ba34302L,0x728716190f62a886L,
-        0x9f6ff887fcb4c8bfL,0xa86874a9c3743566L,0x0000000000000180L } },
-    /* 15 << 91 */
-    { { 0x146f727ef7c671dbL,0xab579f7e0aef41c6L,0x7e4ba80ab8fe8727L,
-        0xeab360c1711b17dbL,0xb47511fe2b3966d2L,0x62e7f396f8e65dffL,
-        0x3d7a6cc5ea306211L,0x1f4b50346432ae78L,0x000000000000002aL },
-      { 0x3aa75ca8e91c698dL,0xd1e99a5bf01868a2L,0xcc1cd1bbcb461835L,
-        0x5c3cec62d521fb7aL,0xad85cc2cefc4153dL,0x9f85fe129a592b99L,
-        0xb9e983d15f43c9f4L,0xb9597f273e56eaf6L,0x00000000000001b8L } },
-    /* 16 << 91 */
-    { { 0xc8be45a27fe18629L,0xa5c577aaaf2dd971L,0x6e3a67f061570e7bL,
-        0x2cfc162946c8f13dL,0x6a05848ca2754906L,0xfd319607d0da74f2L,
-        0x0941d89d65b65761L,0xe3d2c4005821ae08L,0x00000000000001d0L },
-      { 0x3664ae19a334b91eL,0x21285e386768d183L,0x0914545399758724L,
-        0xd3debfa9ff52fa6cL,0xa1d9cb9ad614ce9eL,0x9c371626452e7305L,
-        0xcb2d7e9229277a97L,0x13171ad82f307a9aL,0x000000000000010eL } },
-    /* 17 << 91 */
-    { { 0x2734f7ee0da19241L,0x55c59dd0eea444d4L,0x41e48f0d6be546beL,
-        0x2d64bb8923f87d2cL,0xb0e56af43a6b2d00L,0x3393eb7224e16c9eL,
-        0xf318640a2c65adb4L,0xaf23c472de501421L,0x00000000000000f3L },
-      { 0x67c51d3ea5bc2d44L,0x4d7c5ba436622944L,0xb46b82ed7d4c50ffL,
-        0xe6e6322325bd5c42L,0xd6c35c121416508cL,0x8897538f107cf747L,
-        0x3117daae4b44b6e4L,0x6f2813a36be5042cL,0x0000000000000068L } },
-    /* 18 << 91 */
-    { { 0xa810227e65dad623L,0x01fcda5624662210L,0xe8543511a9154721L,
-        0x2914e67ce47aeec9L,0x85243b1645a2aec8L,0x1055599c4db1dcccL,
-        0xd8c2e07a3d1ee37aL,0xb240748691ff64f6L,0x00000000000000e3L },
-      { 0x89d53742c47ad646L,0x887493ed21d95cc6L,0x9ec6e14c252a6effL,
-        0xdeaa3eedb7c7af4dL,0x0b5ceb7cdc2be798L,0x95f753c3e8559739L,
-        0x3ca3a7c8a188513cL,0x4f9912cfdb1ccc8cL,0x0000000000000085L } },
-    /* 19 << 91 */
-    { { 0x8d3434eb19505b84L,0x75856d66d34ed7c1L,0x2729b5cb9dbea3edL,
-        0x01f91132230db209L,0x9b6962d157a8fccaL,0x506af49aacc7b180L,
-        0x29049874256b28d1L,0xcafca60eac95cde4L,0x00000000000001f6L },
-      { 0x80e8ade36c3f0557L,0xd1f00017614e9fb2L,0xc24e87cdec075c35L,
-        0xf5c0c19b0803d1bfL,0xc8256d3c56042212L,0x77309bac1e9e447eL,
-        0x41174c583958b51fL,0xb48e28ca88a66bf7L,0x000000000000011bL } },
-    /* 20 << 91 */
-    { { 0x66b11de35097807fL,0xd97001688956c6d6L,0xb44ab980f789112eL,
-        0x8d84c890d8065a6fL,0x68bd1eb836556220L,0x2d78a2f0600ab712L,
-        0x877475e699e8428eL,0xbaf046b5bd40b22bL,0x0000000000000054L },
-      { 0x406ca5189164af2bL,0xcfdd3ad4600c8b76L,0x8b443270cb90ec32L,
-        0x9f021a66e20d198dL,0x507f551ad2177737L,0xf1edd1ff8e49231aL,
-        0x8f30cab6007eba51L,0x7b91be67d8676f16L,0x000000000000001eL } },
-    /* 21 << 91 */
-    { { 0x8135ca7369086939L,0xbf17399a0e19ce3dL,0x73f0d2c021d13a4eL,
-        0x9e4c35ad3729460fL,0x323cde3e58ba36c1L,0x4e3c7f3ec77b972aL,
-        0xffa35319fd8afb3cL,0x36171d68c30e0685L,0x00000000000000e9L },
-      { 0xea5e35682a5c8115L,0x6c46f6048b0154e2L,0x7df48b8177c0512dL,
-        0x9fde5f493a09ececL,0xb1b004dbc5c11a60L,0x0c476649dac83f4cL,
-        0x1a15eea3cbc8f2e0L,0x993e1a33ee486143L,0x00000000000000acL } },
-    /* 22 << 91 */
-    { { 0x2bfa1554b203d524L,0xc6d86d8c64dafb80L,0x26807c023ee93e42L,
-        0xa384b2f0de86dc52L,0xc5816a9f5725df01L,0x89bbaec758fbaae1L,
-        0x2f452eb60957c4acL,0x119f0291913c1a72L,0x0000000000000121L },
-      { 0xf173df1d2ef523f1L,0xf7491b475c934cd7L,0x83698ba3965c47e2L,
-        0x7c88c285287406c3L,0x241e36fff3d293e3L,0x43c728798f6a23afL,
-        0x0f6571eafb1ed946L,0x5a627fec5514fd3cL,0x00000000000000f4L } },
-    /* 23 << 91 */
-    { { 0xe8dcffc39c33a23cL,0xeec6350e83037ff6L,0xa373f6d772695216L,
-        0xe4df9cb0099d5a16L,0x0173befd9af7d58fL,0xab067d55382cc41bL,
-        0x3d34f02eb8a58041L,0xb209e9f323f980b7L,0x00000000000000fbL },
-      { 0x1980fc9941c0bd9aL,0xa60001622a593908L,0x2a1c27e0070bfb85L,
-        0xcd18df8fce5c648fL,0x288f117d5cd7f21cL,0xcfc5495f8bc00633L,
-        0x39b2c847ff32ad8fL,0xebde0138e4bf5e9aL,0x000000000000010aL } },
-    /* 24 << 91 */
-    { { 0xec04ae998e006e2dL,0x923ac4fcda7c9902L,0xe91a96c89ec9a28aL,
-        0x28004a30377c556aL,0xe82f82d4be756bbaL,0x4e9c4655155143b8L,
-        0x667c4acfadd3ed92L,0xdb590aa6c2d95a2bL,0x000000000000014cL },
-      { 0xcb7f053132237847L,0xa06ff9854e110073L,0xba69f4b935676e46L,
-        0xcadc7250f1a9b32eL,0x10cc7f2281f0bbbdL,0x5967c22300cb192aL,
-        0xc93fa9eb9b9c2e28L,0xb1d3b84416699f51L,0x00000000000000a3L } },
-    /* 25 << 91 */
-    { { 0x90d4d5b4123e7bddL,0x05b161ba1ac34bc4L,0x1298247b24947c92L,
-        0x914a1d9003dbb06cL,0x8f033b39a0a6e2f3L,0x625982a2e7492fa1L,
-        0xe46b4b027b73d40aL,0x8b9a26c0eef66bdcL,0x0000000000000008L },
-      { 0xe4754290054f7507L,0x13a6f03cb0598a51L,0xece11d437539cf78L,
-        0x3b7853f2ffc61cf0L,0xf7ffdf3512e72e37L,0x1c67b7d797dd7ff3L,
-        0xc653bc89ecdd5b21L,0xd831303a1ec35d8cL,0x00000000000000acL } },
-    /* 26 << 91 */
-    { { 0xfba33000f6b1ab74L,0xa9e1f2f50c96eebfL,0xe84f0eda5c33000fL,
-        0x33789a12153679c1L,0xda4629f589209ee2L,0xce3785b20e22fe7bL,
-        0x53183b466f0c0ec3L,0x6fe1779e5285b4bcL,0x0000000000000056L },
-      { 0x1eaf8ecca5d768d3L,0x224ee37310c1561aL,0x519298e8fc7af9f7L,
-        0xcdca25634af7c25cL,0xf4096cb4d862bfefL,0xd49b6f4ff5223cbcL,
-        0x678d2e9f1ac83c79L,0xaadf01b78f1ddc04L,0x00000000000001f6L } },
-    /* 27 << 91 */
-    { { 0x75ef961ad84fd84cL,0x0012c3ae9bfb608eL,0x5a1f3b50c70e020fL,
-        0xd81bbadba2abf2c7L,0x2869fa049c0e2b8aL,0x4ff238ccd4d55cb5L,
-        0x11663a7ff9176721L,0x60c84c2b1764febeL,0x00000000000001b2L },
-      { 0x937b3b185215da65L,0x81b22f969dc29782L,0x7c0c13b1cbb740acL,
-        0x830290ae8e2779a6L,0x27d939bfe3e00368L,0x0e2ecf5b729116afL,
-        0x69e0ac2bcdb96f4cL,0xead47fed70704210L,0x0000000000000168L } },
-    /* 28 << 91 */
-    { { 0x27690556b119ec98L,0xa07fc4e8b33cdd83L,0xdd70a4e6959d2560L,
-        0xc723b197a824df32L,0x387f408b6b104364L,0xe36f86cbda9c0a19L,
-        0xee5df4d2ef6744a9L,0x8c583a3ff56ce630L,0x000000000000000fL },
-      { 0xa32cfc657cb1662aL,0xa698c83930e77387L,0xc3eacb751453a17bL,
-        0x86e25cca10ce2530L,0xbc4ec77ed137a2d7L,0x4c6746ca235dafc3L,
-        0x8b168ec927d5122dL,0x0c75daef3d1a30faL,0x00000000000001caL } },
-    /* 29 << 91 */
-    { { 0x5cc5c9119b2cccf8L,0xc8000ca65c1cab93L,0xd80663f5fef5ea9fL,
-        0x62906368e60a72beL,0xd85016621556648eL,0xcc2b6f93bb48531eL,
-        0x21a9b53d7fbf49e6L,0xddd378ac7b9c185fL,0x00000000000001e9L },
-      { 0xcb7033f7f7fc334cL,0xde062112a5b5d78cL,0x509a02a1701bf69fL,
-        0x64339bc557e490a5L,0xd4bb88c029ce5872L,0x20944f831dd17464L,
-        0x7d5c190934197eb0L,0xbcf57d5faaad6be3L,0x00000000000000e8L } },
-    /* 30 << 91 */
-    { { 0x3bb43beb00ef2a72L,0x0ea2ee348a65bed6L,0x4a07c01a25cf2864L,
-        0x81f50428def2d374L,0xb5b902f731d5ce65L,0x740f1ce1478326b1L,
-        0xaf7a25606905c052L,0x4e6e4f6e1fc70939L,0x000000000000008bL },
-      { 0xc32ef5c1b1edaa65L,0xf0ab55ac28e6d983L,0x954900d5708aceb7L,
-        0xefd9f5c13a326bafL,0x05fd87d8be1c4709L,0xa40702b17b6cae96L,
-        0x9263a19265344d33L,0x141dbc82576f073dL,0x000000000000001bL } },
-    /* 31 << 91 */
-    { { 0xb15e9545d626ae06L,0x3a0722a1ab0b410fL,0x832cba6776772e76L,
-        0x015d5fd9bc34d2f1L,0x067102cb87c77de6L,0x0469b3fc490d84b1L,
-        0x5e2f5a08b3462225L,0x352eb90a0d1096feL,0x0000000000000113L },
-      { 0xf9ef4a525930c83aL,0x5808cd0ba38b4104L,0xdbff69203cdabd8eL,
-        0xb7881613d88a14eeL,0x79c0026b1b096991L,0x5e69a28a2c82ffa3L,
-        0x607809fee1524e82L,0xe0f5ec4acfaec5c0L,0x0000000000000187L } },
-    /* 32 << 91 */
-    { { 0x336b06222feda8acL,0x4658ae220c0b391cL,0xe12f058f1f2119d0L,
-        0xa1f96c94495525a1L,0x32efc7aecd7d9f17L,0x34e4fe2abea7a5ebL,
-        0x0efd24927135c5f5L,0xd7a04eb2b83241ffL,0x0000000000000036L },
-      { 0xf11b8e769ca40933L,0x1951cd54d06857c8L,0x0e9124f629f13914L,
-        0xe6ebbbe33d67d0cdL,0x5483a2bcbf16f9c2L,0xd4e4ea52255ea8caL,
-        0xee0db0b5734eef50L,0x54434b5116207775L,0x0000000000000017L } },
-    /* 33 << 91 */
-    { { 0x553daedb5944343fL,0x3606ec07d4d0ffc7L,0xc6524155ca243c3bL,
-        0xd58cb6991527de09L,0xeede8aac13bfd2dfL,0x21ba74aff923c663L,
-        0xc82663667eb66df9L,0x5afc421916d74e8bL,0x000000000000012fL },
-      { 0xe4988134c59c0bfcL,0x068d052cefd2d387L,0x44132ab7b193eae2L,
-        0x1debbc87bebb0f7cL,0x2e1126dfd9772c79L,0x865dc53f3bbb504cL,
-        0xe1701501b85e7361L,0xe2a6ef6ee258a516L,0x0000000000000094L } },
-    /* 34 << 91 */
-    { { 0x76fd2af6bbcf1ef0L,0x74f728d1582e6b95L,0xcb8aa6bfdda9b1feL,
-        0xb9f03364c5708bf8L,0x84ebfa3ca5d5e4d0L,0xb007dc5e583e8a91L,
-        0x746afe5e82e7bb71L,0xe320d41037085932L,0x00000000000001f0L },
-      { 0xd70e0d63282273ccL,0x5cf2e2c3305f484bL,0x04768257c5138617L,
-        0xb603b06f9f72b38aL,0xbc2f8d4d238eeca2L,0x16fd9071880b51d8L,
-        0x4c13664ff86838b2L,0x7de53d218a6ff68bL,0x00000000000000c7L } },
-    /* 35 << 91 */
-    { { 0xd9d533d44f5adf8cL,0x3734d7f8177b8731L,0xc155a11279082d46L,
-        0x9fee9bee55c670c1L,0x4792e233bb026778L,0xbc36eade50fe0facL,
-        0xff70c0e73da20a58L,0x417610c538fdb880L,0x0000000000000192L },
-      { 0x05cfaa1554127b14L,0xa92f93dee146b94aL,0x80d3ad15e5af320dL,
-        0xf6fdf30cf9b93477L,0x56e1e73f8912b2aeL,0xbcde8088a81d4249L,
-        0x8711ca7358fe2d0fL,0xc2c9cd60328932f2L,0x0000000000000124L } },
-    /* 36 << 91 */
-    { { 0x657b00c3c6659533L,0x7c4ebb89d4f40b8fL,0x240ac0f607952574L,
-        0x67788f2a2d1103acL,0x04a55a0c15dfac39L,0xe516c9830d854801L,
-        0x25949bd2eba13079L,0xa603149e1cc2ef88L,0x00000000000000e2L },
-      { 0x394021ec0c1c2efeL,0x06c411c6ad56f16fL,0xed5735a23c85892cL,
-        0x744c27e3a7749e09L,0x48ec0665ae7e3e20L,0xf9b4163bac7bd334L,
-        0xcd5581551a4bbacbL,0xd6b52b5459cdd2baL,0x0000000000000167L } },
-    /* 37 << 91 */
-    { { 0x39a2354ea18a42f9L,0xa6316bc8cc4b9ce8L,0x45cd304831be097fL,
-        0x250cf0da411e55eaL,0xaec0f4a08756aa97L,0xbbed2c68e3cd749aL,
-        0xdc1516bc6023d468L,0x2031a0cf013b7d7bL,0x0000000000000198L },
-      { 0x66bd2998907d5626L,0xf84be0f5ef405159L,0x47913cd8a13eea10L,
-        0xd98e273609412514L,0xd07e8ff1d7eeebc4L,0x2ccf81bb692ebfb6L,
-        0x98259e9beaa3282cL,0x1e73d6761979dfddL,0x00000000000001dcL } },
-    /* 38 << 91 */
-    { { 0x17915cc92fd4fbafL,0x5ccfa56f987a738cL,0x9322bbcdd4f04e2bL,
-        0xd11dc12a3d80faf3L,0x8a5b1f959751eb1bL,0xa0944deec74e364aL,
-        0x7830f950bf5583f7L,0x3ccabd2290302a78L,0x00000000000000d4L },
-      { 0x97af459227945905L,0x3e6475f8c89e8478L,0x07a75003061caa42L,
-        0xf307f63fe96c6ee8L,0x116b590fb3ac7eddL,0x8cc5129fcc572d4eL,
-        0xfbb1956538070b86L,0x142309e12214d88dL,0x0000000000000151L } },
-    /* 39 << 91 */
-    { { 0xe87d85e1849d8d67L,0x67f27415f71ba46bL,0x2a469ef7261c4c7bL,
-        0x42b25fbb196b3a59L,0x4a06c13c64ab6781L,0xb5fb64097145eb2bL,
-        0x2ef16fec84d837e2L,0x1336ee80fc35be92L,0x0000000000000126L },
-      { 0x0950419772173df1L,0x08ed9987c1ed4d44L,0x60f415854ec72dc9L,
-        0x1e96109cdebdeb7cL,0xbc5d5e01d4e266dbL,0x865f2779b97437abL,
-        0x60aec81e4603b596L,0xbdff4a3579f89a7eL,0x0000000000000133L } },
-    /* 40 << 91 */
-    { { 0xdaf096439768c17fL,0x3fea42473fefbb34L,0x6219c7a10b58d304L,
-        0xb1d22efdcc27f099L,0xc40b3e4087610d7dL,0x5130d3dd8f8e950cL,
-        0xc50fef134b6433abL,0x8694a6fbe79d8b49L,0x0000000000000034L },
-      { 0xbe5028acda708745L,0x573354a3d2e9e2b9L,0x65023a39bda28cccL,
-        0xfd3f235151c040dcL,0xe8674a7754e038e6L,0x6c2a5e75ebadf602L,
-        0x26ebf6e9a9330218L,0xe564a069001c8135L,0x0000000000000022L } },
-    /* 41 << 91 */
-    { { 0x93b89ac719647427L,0xf2e9800662f60cd8L,0xd17928788b4a860aL,
-        0xeca75f8aa6f7f822L,0x553e987fa08afc7aL,0x68c7eeb375168c32L,
-        0xe2d7c361f02866d8L,0x4cf488d01f457ef8L,0x000000000000019dL },
-      { 0xb02e2aee5dd3a10dL,0x399ac0b774d7f78fL,0xeeb5d6194dadb32aL,
-        0xe9749e2d31475847L,0x0e2894577dbb6ca6L,0xb1a8de40d01c8c73L,
-        0x111bb1a717e9a87cL,0x38016c50525524c7L,0x00000000000000d3L } },
-    /* 42 << 91 */
-    { { 0xf2f5b47cd83d5980L,0xa9d9084742d37e32L,0xe0e804bb8fe68776L,
-        0xdc4f8950138c0caaL,0x7eff3e0f5c3e9d96L,0xc0a1de28825548b0L,
-        0xcb0ce3648a12ad2dL,0x3467ec580d44b1bfL,0x00000000000001dfL },
-      { 0x80a72cd7353e4e27L,0x3d8c7245c5047f28L,0xa74798df7231688aL,
-        0x99e24af065d80630L,0x5a653dea8475aa27L,0x89d84371a44391b2L,
-        0x2eaf73f22f4f0562L,0xe1628cbcc9be07b0L,0x00000000000001b2L } },
-    /* 43 << 91 */
-    { { 0xf84751465841f56dL,0x5b972d1beaa26045L,0xc1bb3bb69326720cL,
-        0x656b3cc491990d51L,0xaa493b911aa9c0a5L,0xd12902d4f2af0e57L,
-        0x873e1f30136832d6L,0x7f93fed865bab8edL,0x0000000000000150L },
-      { 0xef43b48fff75fde4L,0xd7cad9e14e9e8062L,0x5f0fc4bb495e772aL,
-        0x685fa07c58df814fL,0x6b8d8ef7088c5dfdL,0xc2ecf7f51436df3eL,
-        0x3c2b71f5f99a9736L,0x0a2a30a45b65c55eL,0x0000000000000172L } },
-    /* 44 << 91 */
-    { { 0x1fe9426b0a6c6d9eL,0x8a955028e8e6c259L,0x6575bc53fe2d3113L,
-        0xaf4a1328b7cc80aaL,0xe3b2d1e559ce1d34L,0x555642307da20bb6L,
-        0x450e75e56f0a3e73L,0xf4462fa27ff87e37L,0x0000000000000146L },
-      { 0x0c211f3a58e16248L,0x902c342f4506b24fL,0xea4e8fd0a68aa254L,
-        0x7a8a1409258fdf8aL,0xd77bc05e1304fbd3L,0xddf4d3af3e566510L,
-        0xca6b3c5a7fb9c9ffL,0xaaf671967fac362fL,0x000000000000011cL } },
-    /* 45 << 91 */
-    { { 0x8f3d956e6b9e05ddL,0x8e7c2babc7ff7e65L,0x5a75719253ae6a00L,
-        0xc96d8b795b54b6a8L,0xed3e7f1c5b7d7d00L,0x228f166f5ceb2b6dL,
-        0xbfb91eee09dac21bL,0xa8279317dbe20b62L,0x00000000000000cfL },
-      { 0xccd5ccd6ba990e97L,0xb945ae888236c13eL,0x01c61e4b7ec5ab76L,
-        0xa390fe0b1315a1d6L,0xbb6f26932a162becL,0x782df1974811290fL,
-        0xa16250e205a4beb4L,0x8a94424936670e18L,0x000000000000010aL } },
-    /* 46 << 91 */
-    { { 0x08104eead1978abcL,0xc4aa64182869f184L,0x1d3bdf3040a17f91L,
-        0xd385a51c24b0f6d7L,0xc07b19a5e867b991L,0x91a34606528814b5L,
-        0xb4c41a54b65a49e7L,0x9babbcf59df9f529L,0x00000000000000b4L },
-      { 0x764aa96de287026dL,0x5314fa4f90cc1767L,0x8d66884a1c955f29L,
-        0x5fbfb4e9877d0860L,0xb389496c4518d3f8L,0xa40da285971965e0L,
-        0x92289bd13d3104c7L,0x5467d571480627c0L,0x0000000000000004L } },
-    /* 47 << 91 */
-    { { 0x73b067663d3889f2L,0x9cfaaec7975d71c4L,0x32dbe1cbaabb2914L,
-        0x95c1be2fe4d3f5b9L,0x9f043bb55a9d6ef0L,0xd8fd47fa2124525fL,
-        0x2ee657cb218e24aaL,0x53358623f62039d7L,0x000000000000005dL },
-      { 0x1c9f2390e488690fL,0x74350646284b571dL,0x62b8f014eecc8839L,
-        0x0d0727a2cc3602ddL,0x9a4a864741b32344L,0xc53ceac84c506cfdL,
-        0xe07215a5fbf809a8L,0x74ccdf9bf0d0c843L,0x0000000000000185L } },
-    /* 48 << 91 */
-    { { 0xffeaae90a5f79719L,0x6e6df606d3492f7dL,0x2c2bb9c576eaa27cL,
-        0x33d699cda76e4fa4L,0xfc90add1bcbefbc6L,0x2c7014b254672c91L,
-        0xea55e101b935deeaL,0x12f035bb8a9ea2a3L,0x00000000000000a5L },
-      { 0xa3e9e470a478a531L,0xd90105eb1992bfd8L,0x8c0b466dde6e1978L,
-        0xaf1b491584e1c6f7L,0xca957a0824931507L,0xc5b18ccd670262dbL,
-        0xc8b50dc0da787fb6L,0x087dea9c7d5253ebL,0x0000000000000119L } },
-    /* 49 << 91 */
-    { { 0x06a9262ad8cffaefL,0x0202733a16dcad26L,0x889461d885e4b6a7L,
-        0x8aa5ee3ebf2b5a1eL,0x209afe0dd59e8c5dL,0x6fbc3bfe9fb34eeeL,
-        0xa2cafea7854d31b7L,0x40dbcb67b34dea06L,0x00000000000001b5L },
-      { 0x38c04e9a6fa0ebefL,0x7e538c4aafa0dcadL,0x7bda0e2a29d75198L,
-        0x6af9b41944d6606eL,0x35cba42c03f90cb3L,0x7067e8fb0ac1b1afL,
-        0x97044878e1e90e22L,0x3e5ea9f8d802e89fL,0x0000000000000041L } },
-    /* 50 << 91 */
-    { { 0x510da10c610f1026L,0x3905429820278fc2L,0xec273624264701f5L,
-        0xa28eaba19f852f1dL,0x3a48f9a649452affL,0x80200f98532be9b8L,
-        0xe1fe9faf3e0fd8e1L,0x9016f5592aed9512L,0x000000000000011cL },
-      { 0x15a0b2f34d16a4deL,0xdf45147fc711f66cL,0xacec295a2e9d2971L,
-        0xa363ba454d608ea5L,0x2be77f31ef707d72L,0x71e2efaca70f5e07L,
-        0x8874489778c61141L,0x7088d771f36cb684L,0x00000000000000cfL } },
-    /* 51 << 91 */
-    { { 0xa15af0a98612eda3L,0xd20f6eee8cfdf251L,0xd13f13187edb43d9L,
-        0x12c8caefd20f1911L,0xf718e3879d2dddffL,0xe5476ac9ae1d8619L,
-        0x46996c8c6abdf7a6L,0xaf747be0d673af48L,0x00000000000001e7L },
-      { 0xbca4d3b4f681818eL,0x97d89e7e1dc67c61L,0x8fe1d23272adad93L,
-        0x0c3d0e0aab0d1120L,0x80755cb5354d0bbaL,0x8227290c29941953L,
-        0xd6b2bf435bdc8c57L,0x72b415c4cc5efbb9L,0x00000000000001adL } },
-    /* 52 << 91 */
-    { { 0x9840fefb94eceab4L,0x3f2df52cb4ab428cL,0x5d01c629dc912e83L,
-        0x69fb1a87dccd56f5L,0xae7a79433c692deaL,0x62cfa5b6348795b4L,
-        0xe0b621352bff3017L,0x1355d15a465aa055L,0x0000000000000031L },
-      { 0x715572c92f17bc87L,0x3d0761bb5408ce13L,0x32e1ebcc740d844eL,
-        0x503de141845bcbc7L,0x5f5d73affd491083L,0xe357fd9f459050caL,
-        0x1b55a4836d811ad1L,0xf503dd70e855671eL,0x0000000000000152L } },
-    /* 53 << 91 */
-    { { 0x99472f10e9570837L,0x59fdf7f0a7537eccL,0x6163b2fd4bf81966L,
-        0x9cb1ce6d58669895L,0x5f1f0238bb6928bfL,0x87b6a8471944b59dL,
-        0xa0dfa5cc4196844fL,0xd89a1cde26186526L,0x0000000000000184L },
-      { 0x0601560613c8ebd4L,0xeb16ead091204191L,0x46cbe8543c28c13cL,
-        0xd000b7abdfb0d4deL,0x1726c9a74ea29c57L,0x0f193196c781b82eL,
-        0x1387110693994983L,0xb50560b19d7bf34fL,0x0000000000000168L } },
-    /* 54 << 91 */
-    { { 0x163701bfea642575L,0x0a6a2f5d2e678618L,0xe4c9b9f5804587ebL,
-        0x6f8e5064ccc8fb0bL,0x4b69a7091c635a34L,0x5e86bae9b96732e7L,
-        0x07fa20d37c643344L,0x77f6268664b84c35L,0x00000000000001d0L },
-      { 0x06a5c9c908ae642bL,0xb472c3f14c44fcf4L,0xe52310eac2df057eL,
-        0x72597d099a3c2a5eL,0x953d96935b215b2fL,0xe9a9436c573f77fbL,
-        0xf577c9c6334b0b7eL,0x9dba2bccbce93fb3L,0x000000000000011cL } },
-    /* 55 << 91 */
-    { { 0x770c5fece69da7a9L,0x19f64e37a77befe4L,0xd3c78be1c75aa586L,
-        0x9f4fad22a4140e40L,0xdacc138f56ea04c1L,0xcf2449f983fdff97L,
-        0x7459e685c65440d0L,0x86ec5d4b46bcfca7L,0x00000000000001acL },
-      { 0x6741957f376dbad7L,0x7a7f41f3d45e0c7fL,0x1ffdb37d40041998L,
-        0x3df73b0673f33365L,0x7ef0296328023845L,0xe58c3a849cc74753L,
-        0x4d442f576df77c6fL,0xe0517e5e00f4cea8L,0x00000000000000c4L } },
-    /* 56 << 91 */
-    { { 0x46d19e84e4ffc94cL,0xb0c6a22b46ac3defL,0x78b32cb951b0c5b0L,
-        0xf3a9d47ca4d6703eL,0x564725a602e1858eL,0x962820cdda51085bL,
-        0x07079fae5d66a816L,0x2975644b7efdb35cL,0x0000000000000067L },
-      { 0x53e0fe0f027e7d4fL,0xe7919470fe2f6b5cL,0x0029df1fba6e0852L,
-        0x4a8c72c2cb9b0c0eL,0x8e94526c4398ce0cL,0xe5535ec6945ea9caL,
-        0xfed0915990686396L,0xce1523a9a17486e4L,0x0000000000000175L } },
-    /* 57 << 91 */
-    { { 0xb6a22a0200055b41L,0x1530d3c2738d7765L,0x74b844494b19e498L,
-        0x7e8080589e7bef67L,0x99f69a43bffff80bL,0xfdb0e8b1b027fd95L,
-        0xc5bc0fd033b928baL,0x6561d98bd273c3e1L,0x0000000000000124L },
-      { 0x3b992ebc4c8a05b1L,0xd151de1554ce8100L,0xbb63a62b154cbf46L,
-        0x3374fb329ce29809L,0x13994e41708b1aceL,0xb37f9846587049f3L,
-        0x6b6708e773cace40L,0x25ed315a8dfbe7acL,0x00000000000000e7L } },
-    /* 58 << 91 */
-    { { 0xc6f86aa312eaab15L,0x3f4fc2334051be9cL,0xcd591d72db49c31cL,
-        0x65ba21ffd2100c28L,0xdced627f512e30dfL,0x9c948bfd52d495f0L,
-        0x3b246e9ca178617cL,0xb7e99939f772b804L,0x0000000000000085L },
-      { 0x3ba75fc152793a53L,0xdf8f02a9c86c7a0cL,0xb7861f9ac573bac1L,
-        0x16b41667a3b76aa3L,0x069da96a345dfe76L,0x1df94b267585cb88L,
-        0x8b57ec9d4f2f7645L,0xfaa8230851320177L,0x00000000000000e0L } },
-    /* 59 << 91 */
-    { { 0xd8ac0bcf6c9950cbL,0x316eeb3196787697L,0xe1b0fb38589d27eaL,
-        0xcb9d58fbbdfd0018L,0xfd39a23040bd2016L,0x47ae06bd222818c2L,
-        0x7ca37a695d2a87c5L,0xa8a39329d2a51e11L,0x000000000000005eL },
-      { 0xf1e98f9d31797318L,0xfeb139037e1cb61dL,0x7d84a9664aca85beL,
-        0xe2dfd634b1056464L,0xf62a4661ae33a99dL,0xcc522a0cc86d2097L,
-        0x8800d70dc3d29ab3L,0xfe0e17145aa40b80L,0x00000000000000f8L } },
-    /* 60 << 91 */
-    { { 0xaf525dfffd31cac1L,0xab4dd60075e22b8aL,0xd6df54601bcfac1dL,
-        0x83d0b758ea498cf2L,0xc6c8a7db725379ffL,0x926a186bb282eee0L,
-        0xb0e0b072c1496c2aL,0x8f159a3e48668171L,0x0000000000000101L },
-      { 0x4494dfeda5edce74L,0xb5dadc35e28d5661L,0x320502550d978436L,
-        0xaa350e02ace0dc5dL,0xff8c6c8dc85e3d76L,0xadd61548038e9206L,
-        0xc5b0eeaf48b9ec2aL,0x3f1e7dc7c2645b2aL,0x0000000000000125L } },
-    /* 61 << 91 */
-    { { 0x911b6ec2d4d191d2L,0xa0be596398bbfebdL,0xcfc1858fcdb33929L,
-        0xe838e59fcaf4b07cL,0xc3cf06ff253f9c18L,0x96d4c2242cb76433L,
-        0x1bf6b527db17c2efL,0xdf9282d82792e421L,0x00000000000000b8L },
-      { 0xd9b60a5fa94190e4L,0xa82f09cdaf66cfaeL,0xb65d0c46c4e5935aL,
-        0x65c1bc0a65ce2172L,0x533f9f19629364c3L,0x522db0fc51c1cd20L,
-        0x1038f65b19332e86L,0xb64007f864003cedL,0x0000000000000094L } },
-    /* 62 << 91 */
-    { { 0xd5070a5ea979804eL,0x1fcc05daa28853d5L,0x7537020daeea2123L,
-        0x33583d857d3940eaL,0xdb4854fc6a16ee2aL,0x2fa7b6c674cb45f0L,
-        0x94b299c273a0bac3L,0xf5bfbdf0066135e0L,0x000000000000008fL },
-      { 0x7700d5f6ff090f73L,0xf186cb1328b231c6L,0xd080b318eec40e57L,
-        0x9acfb30b5e6eb82fL,0xdfa57c03550c698eL,0xe32e90ca75f80094L,
-        0xe4f0efa25d0871b3L,0x2c4e1314ff1ae785L,0x000000000000019fL } },
-    /* 63 << 91 */
-    { { 0xa1cf6e98abb1ce91L,0x94357a5ece988fa5L,0xce23c897403945dfL,
-        0x8926b4a89ae2d087L,0x39d0ec46294d25f4L,0xd571fa4d0340cfb0L,
-        0xd0389f1b25552596L,0x31c3d45476b870adL,0x00000000000000adL },
-      { 0xa4be459fc1acb2bfL,0xf98de31e4912a631L,0x5058dbc3f8e05adfL,
-        0x30b64887ecf93058L,0x6f0ccdd7a4a98333L,0x4f036282a5e29a50L,
-        0x141c5a024774ab8fL,0x5b11663b58682707L,0x00000000000000ebL } },
-    /* 64 << 91 */
-    { { 0xe67ad2a7a597628aL,0x424dfe8947deb6b6L,0x42669bdc0ecaca8eL,
-        0xae7a2f64d86f6549L,0x3858f56b652a2e24L,0x8e5611a650291825L,
-        0x21c2061120feb545L,0x4e550a9ecd63163aL,0x000000000000005fL },
-      { 0x4fabbb26b3b110bcL,0xebe74805036de290L,0xde88d2d633789748L,
-        0x56a1b7b8dbf7865dL,0x0646d53de8707cf0L,0xcfb67fae64108a0bL,
-        0x04f1401ba32160eeL,0x5998552d5f462a78L,0x0000000000000056L } },
-    /* 0 << 98 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 98 */
-    { { 0x80e86d53083e8647L,0x4c143f8de6bf14c4L,0x98965bebd250ddf8L,
-        0x66ad16a097f5f7ceL,0xf3b79e6a91ca08f9L,0xc8478bb25555ae35L,
-        0xa3b1085a3048210bL,0x400e0a3fc2e9f129L,0x00000000000001f1L },
-      { 0x73dd8aabef069132L,0x4aa4c72566348212L,0x44b84c9436f78446L,
-        0xf835da5068c9b6cbL,0x66b8e1d9a3536e11L,0x29ffbb214f4541d4L,
-        0xcdb5baffa43e5d3eL,0xca8fca6dd75f692aL,0x00000000000001d6L } },
-    /* 2 << 98 */
-    { { 0xbda14abf4d9b67c0L,0x54478dfabf9ac0b2L,0x08943aedca457b40L,
-        0xd82f3d75f18006c3L,0x434d99a148f5e818L,0x600c40e3c5422ad5L,
-        0x8a6294594361f89dL,0x25fd287b9c176983L,0x0000000000000003L },
-      { 0x5465deb69d02479bL,0x61fd5b4facf06848L,0xbda65f8547787599L,
-        0x1689cdce23280fccL,0xb2efd35d62e25557L,0x19fd60739c9f12b4L,
-        0xaf9a39433a87dae1L,0x20dd9c0ac5a84a92L,0x0000000000000101L } },
-    /* 3 << 98 */
-    { { 0xd8764ed5adab4cf4L,0x6a3f2257baf7618cL,0x6607661ba03bb43aL,
-        0x16f0ad3d41029908L,0xf8dadf979b47f97eL,0xe690674d9dd13ddaL,
-        0x8f5f3c154180317eL,0x9694476452c697a1L,0x00000000000001b8L },
-      { 0x9e9715e5f7894511L,0x43c263b702f78d2dL,0x31b78c2547ad4de4L,
-        0xe2f6454ce10ef4bbL,0xd0f816ad15787104L,0x169f4e00bc5c632cL,
-        0x99c89fa79b77e99aL,0x7c758a0eea13b439L,0x000000000000003aL } },
-    /* 4 << 98 */
-    { { 0x067f879fc7734385L,0x787c7f18b4a51794L,0xa269c44672d9af69L,
-        0xa4498e7387d71897L,0x28e3d84aa91814acL,0x8caf2f61f62fede0L,
-        0xad36da315dc202bfL,0xfed8bc0fa4689189L,0x0000000000000068L },
-      { 0x84a0854296aa1400L,0x871885f1cd72b4a4L,0x00954202e9d3027eL,
-        0x19b350695c86a302L,0xbe420b636cfc52a2L,0x8b75228287175b19L,
-        0xd1811b8c9a22611dL,0xf9c23d803e468601L,0x00000000000001d2L } },
-    /* 5 << 98 */
-    { { 0xfd9470df9bb055e9L,0x356be674b8a9cabbL,0x7ceda113f1c13a27L,
-        0x2a717f78d70ae9b1L,0x971609234ca55928L,0x7f9e4e226e14f3f2L,
-        0x5b8a03155a589e18L,0xf8c780b940b09acbL,0x000000000000008cL },
-      { 0x2fee3ccb74d98575L,0x2d33151fb892607bL,0xf0fdedda3a2a25c9L,
-        0x0c82e2d3124e2527L,0xdab009109bbb329bL,0x402e27ea52798e10L,
-        0xd0009cb2f6d91403L,0xeb90c221ea21c5d4L,0x000000000000010cL } },
-    /* 6 << 98 */
-    { { 0xbb7c3bbf98814afdL,0xfa3eb481e568d703L,0x1b8f1e0658318259L,
-        0x44c2c4a0d9df9cc1L,0x9906fec621cb9541L,0x4513855b90220398L,
-        0xba8e04c7730f3d49L,0xf6f844eec5039f3dL,0x0000000000000062L },
-      { 0xff651f70c32b230cL,0x2bf8f30c4ce8747eL,0x2748f82ddf061f06L,
-        0x9ebe9d519b73f4e2L,0x428724b7b60edd59L,0x88ddeb09c85196ecL,
-        0xe9a64c7a9ed85523L,0x2465d7a62e865fdfL,0x0000000000000099L } },
-    /* 7 << 98 */
-    { { 0xf8cb5eb1fe3b6e1dL,0x8200ee3a92dea299L,0x8cd62994aae59107L,
-        0x2953835d17e38995L,0xebc59a3c6b24fdafL,0x847a4f3c89e2b86aL,
-        0x68f32c1a505225e5L,0xd9d254f8ac4ce49cL,0x00000000000000e5L },
-      { 0x357de1596d60adcdL,0x7ec27f7d8d7d0d59L,0x43af31858acd0224L,
-        0xda2541a71f551347L,0xa13e7bac81ae12cfL,0x4952416780e2588fL,
-        0x8b716928caeb93b5L,0xe32a7fc61642f543L,0x0000000000000146L } },
-    /* 8 << 98 */
-    { { 0xc52699b9e6a0bf64L,0x3d1f9b860d0e9732L,0xa14ca004e0882130L,
-        0xa69508493d669257L,0x65c264d6d76816d4L,0x594a5d7cba522818L,
-        0x8e44a20532ad6596L,0x74445203093718efL,0x0000000000000189L },
-      { 0x63b108c628885dfcL,0x7ddd44ccc31cf288L,0x82b2cad4b5267f9aL,
-        0x5b8a5f7b449e0cc8L,0x24a85f05e8bbb4a4L,0x694cdc1ca0eb93a8L,
-        0x58943b3455741ffeL,0x381df171377ad2a2L,0x00000000000000adL } },
-    /* 9 << 98 */
-    { { 0x0801f029405ebc29L,0x416cbd9c9e0c3db2L,0xf0fcb43499f8654aL,
-        0x6ab20655c0f9668dL,0xc4c78a18877a85deL,0xdfe8ab138d16c153L,
-        0xdcd5e7c1183c66dcL,0x2f1f7dc246c3b605L,0x0000000000000173L },
-      { 0x1cf1a9f24a25993fL,0xa792f66ce5a76bd6L,0x124befa3e06def72L,
-        0x4b2b2ef9d85dc995L,0xf1b45b1645b0c395L,0x7b35ab2fcf5ffc87L,
-        0xb7b346b5d34c4e26L,0xb00503fe39b8fa4eL,0x0000000000000013L } },
-    /* 10 << 98 */
-    { { 0xb5491319e335e6c2L,0xc892ed96b5f0342cL,0xcc4a8411e412e065L,
-        0x2f8b20e3fd229e7bL,0x9ab982f9843e35f8L,0xf904caa67a728b27L,
-        0x283c27cc8360e327L,0xd3a7f980e08c96a6L,0x0000000000000049L },
-      { 0x11de6dcbf507feb0L,0x9033db6c32233dabL,0x39e46408c4586261L,
-        0x0c31a9624bae870bL,0x5f833a79cfa69865L,0xa4e9e08b019af648L,
-        0x928769ade156f8d8L,0x9ce74709c4a99988L,0x0000000000000150L } },
-    /* 11 << 98 */
-    { { 0xb53d5e9b4a51dfcaL,0x7b60443da3894de5L,0xe25e2bf7b1515643L,
-        0x3486b05885451eeeL,0x2c0827a4d806fefcL,0x6cec283cdbe198d0L,
-        0x589f669bf950d73cL,0x2988117f1a6cbf5dL,0x000000000000015eL },
-      { 0x6f8031cd9cf3edd9L,0xf0ec99d2e35d3239L,0x06284ed6d954a869L,
-        0xdb1fba06265e04bbL,0x94f3d6a2d08e378eL,0x5a060f9e778b4464L,
-        0xbd9c9b10152f5a69L,0x7045807405281905L,0x000000000000004eL } },
-    /* 12 << 98 */
-    { { 0x13996f30e402d747L,0x2524a83bebc31a51L,0xa41699b795d7ebc0L,
-        0x602112c7ad867499L,0xbf81b788d43b5a3eL,0xf3cd28581c736ceaL,
-        0x01a6df580ff424ddL,0x6e527daa95500baaL,0x0000000000000171L },
-      { 0x1d966ecbd1b77ff2L,0x2980d1c923985bd7L,0x20a275a635732ba6L,
-        0xa1b81f99430369d0L,0x6052b0183c0a4d36L,0xb4fa4d6c8a790b12L,
-        0xf4ee3079353165bcL,0x79ef46797ed670deL,0x000000000000002dL } },
-    /* 13 << 98 */
-    { { 0x7ace245a07c2e7e9L,0x64cab9a80fd5b38cL,0x6a04658d9c5cd391L,
-        0xc6e7b879e6b8f8d5L,0xbc208a42349b740dL,0x67f77d263e4deb3aL,
-        0x47b6aeca8c7f3b39L,0x74b9557530083c67L,0x00000000000000d4L },
-      { 0x780d1c78d729d124L,0xaa4b4b8bf3bd1ac3L,0xcb0e1707d5afa9bdL,
-        0x336ea478e41831fcL,0xb34289ae0e1e4c73L,0x3533cae21e38d267L,
-        0x50b48d18bd7e62d2L,0x419bc9e607476b8eL,0x0000000000000006L } },
-    /* 14 << 98 */
-    { { 0x443c1b80fa605db6L,0x57287045107c6a8cL,0xe9fd39204bfa9bb8L,
-        0xecb90ec960291f2cL,0x78b1fc15087ea126L,0x3caa818986592da6L,
-        0x3a2abd00dd8c6d5aL,0x885c9499a771ec5bL,0x00000000000000a3L },
-      { 0x15c5483b4ae49580L,0x66b59335ec88a215L,0x5486fe34207948b2L,
-        0x1a41ac9453866679L,0x9f568c63de3497c3L,0x6b2cc6b5ee1a320bL,
-        0xb2e2cc04d12d68ddL,0x3bcd8d271b2a518cL,0x00000000000000ddL } },
-    /* 15 << 98 */
-    { { 0xcc3f7489019ade2bL,0xefb874571a7402efL,0x073176ddb31586dbL,
-        0x062ea41b73784230L,0x688de8033a8fa379L,0xe281a7a7a2e28e00L,
-        0xa232a142a323d618L,0xd84cb9002792d666L,0x0000000000000143L },
-      { 0x2f1e3f96de5d6ab9L,0x9fad76a0b1a97255L,0x0db69c89649a5f4bL,
-        0x3a997973b899710fL,0x75ec0561af8157c2L,0x62753eabd270655cL,
-        0x497669a80b46d35bL,0xcffb44c44b926857L,0x0000000000000084L } },
-    /* 16 << 98 */
-    { { 0x84b4e6f6783099afL,0xa94ca2294dc772b8L,0xcb768aa65ea29d0bL,
-        0xd47361170fcb316cL,0xc411b7b79775774cL,0x410c974c96ac3f48L,
-        0x1663c40aad24a12aL,0x87f1508da2a503bdL,0x0000000000000161L },
-      { 0xecd265ced518bbbaL,0x8d77018ddcc67981L,0x1e9c19223ed1a18aL,
-        0x5484ed8427440d05L,0xd319640942d659d6L,0x82ce3a7181354397L,
-        0xd097534de7d7dd79L,0xda9d11cf084658f4L,0x000000000000006eL } },
-    /* 17 << 98 */
-    { { 0x2a6ad43f50e3eb59L,0x735dd00ebc32b62aL,0x317f6f679e89b620L,
-        0x7b9e260c36e98778L,0xdd338b8e168d53a4L,0x83c196436f9a8038L,
-        0xff1ec28cb607e41aL,0x2d7cc7618f05f0a6L,0x000000000000005dL },
-      { 0x4276274d347c52ecL,0xbaff740b14ce5d7eL,0xb47b6a4167d528d1L,
-        0xd0c678f7962850ccL,0x4891dea22b049133L,0x1786e620ada076ecL,
-        0x09451905486b08f6L,0x948834d92bbf984eL,0x00000000000000a8L } },
-    /* 18 << 98 */
-    { { 0x92cfc98dea9c994bL,0xcfc7b48217371932L,0x820a2d553180e799L,
-        0x0a164a5a5b0a82c4L,0x45ddc7fd7a87b97aL,0x582e845754b2116cL,
-        0x371ef68d8f9eb2cfL,0x127d572a03067708L,0x0000000000000069L },
-      { 0xde83da9cc02d06c8L,0xc262d58529c5e4bcL,0x32c73d8f44046239L,
-        0x2bf12411bebd50efL,0x7a2729e160af2df6L,0xaef5ebfcc859d25dL,
-        0x05efd7c034c0edc8L,0x89adc752185901c0L,0x000000000000019cL } },
-    /* 19 << 98 */
-    { { 0x485e2623be1f51beL,0x143ebff4f8173134L,0xa688b45a819e5154L,
-        0x67fe58f8eff4fa2fL,0x449394c9d4ce70a0L,0xc37b8a8d12dd3462L,
-        0x2a10cdc1217745f0L,0xd6435c4c17a00c1bL,0x000000000000015eL },
-      { 0x3222b4a2ce699e69L,0x9473d565ecbef61eL,0xa183e92e8db063eaL,
-        0x2f2df05d20ff011eL,0xd201a960916ed069L,0x6af80e44c72fff72L,
-        0x994817c219a2150aL,0x63e8bea770fd901bL,0x00000000000001b2L } },
-    /* 20 << 98 */
-    { { 0x9886a22962c16459L,0x0e0236afe5aa41c7L,0x468d4c3a61fef10eL,
-        0x8c3171ad3db4d163L,0xea4180801022bf50L,0x29c61bfddd95500dL,
-        0x79073998fc1086d4L,0x18e62735d880bed1L,0x000000000000008dL },
-      { 0x3772a3a6bab5ed67L,0x59aeaa70c4a82be5L,0xdefd15693fa10eaaL,
-        0x60cf6bbd3d7a410fL,0x9c3ce822061382edL,0x4b45af6448a0b43dL,
-        0x4c7b5a07752c5323L,0x638f2663cfd710f2L,0x00000000000000b9L } },
-    /* 21 << 98 */
-    { { 0xee1e449ab498ff47L,0xbe4cfc2e82915614L,0x45947d849510e9cdL,
-        0xd413618b021fadf7L,0x896a62bc9cdecbe1L,0xf4113eb9627f1028L,
-        0x5dd6e91605aaea6bL,0xa52dee6d9a1ac809L,0x00000000000001a4L },
-      { 0xdf07521a7863cc22L,0x5bdf617356d0ea3bL,0xec462a8693dd110eL,
-        0x4a53f3c18d68aa25L,0x45919920a7d4b28dL,0x2d2d42abfbc5e401L,
-        0x2158573907fa46d3L,0xd5715aa9b937900dL,0x000000000000017dL } },
-    /* 22 << 98 */
-    { { 0x759c736628c6b666L,0x68d5cbc1f38bb6acL,0xa6acf7fb07508ff3L,
-        0xdb68b1c90d31ee2bL,0xfc8f402a071bbf2dL,0xebed7bdc838e87a0L,
-        0x3441693f9465d8b3L,0x6732878d1dcb390fL,0x0000000000000129L },
-      { 0x358cd92b170795c5L,0xab88a0a20a185fe1L,0x9901aeb8c4cc8c02L,
-        0x4b763c08e85250e9L,0x29f2c8154625a096L,0x153b9ed3b3124358L,
-        0xb8af8770a4d48d39L,0x8e3217113164955dL,0x00000000000000a0L } },
-    /* 23 << 98 */
-    { { 0xccdfacd34cddc5baL,0xa06e3fe25047a9f8L,0x81206e0e9d8c2652L,
-        0x75167c3e88419d67L,0x3c0442de1db10edcL,0x019f18ac0d0d486aL,
-        0x56c7baeb64efbe20L,0xc7ac08b0f7c220bfL,0x0000000000000062L },
-      { 0x07ea8fcd9f040b6eL,0xf02de9fda6b37d8cL,0x93fd1121da55f26fL,
-        0xd0393a45090ff3e0L,0xf492651ae4b87e78L,0x4bc0e5b5eef1cbf2L,
-        0x6f560378d51bb3b7L,0xf471b347c5efaa96L,0x0000000000000175L } },
-    /* 24 << 98 */
-    { { 0xb6d0eeb7510be54eL,0xed352173060b7322L,0x0f581a2183364ea6L,
-        0x78ef831ef59ec71bL,0x09a472c9a055e4b0L,0x0a529bcb7d2404dcL,
-        0x45f10074b461331fL,0xf80627f369a5a576L,0x000000000000006dL },
-      { 0x12cf73e37362082aL,0x7cb89bc91d6278a0L,0x2b0c5312b9f399d8L,
-        0x4403d4fb21e7ef6cL,0x34dd11819b453f15L,0xa38c5e981ae02a19L,
-        0xa1ed1aaddce1792fL,0xab8261dba4d71c9fL,0x0000000000000036L } },
-    /* 25 << 98 */
-    { { 0xfad65c13dac2b992L,0x762f983d5304c00cL,0x4c7b49b7d2da32e3L,
-        0x4c4122a83bf0d5adL,0xe3afec2564f9af81L,0x933f38f305217cbaL,
-        0xb213496e96d7241bL,0x469b9aad37ce2c05L,0x00000000000001b7L },
-      { 0xd105c543c1166f98L,0xff7e04a6a913acbeL,0xf07ebe34252a9c03L,
-        0xcc7a8b753e7df88dL,0xf14f0a16e44bdc1fL,0x684fefd718c1bb4eL,
-        0x498ab8c0925b286aL,0x598d3f5808702939L,0x000000000000002fL } },
-    /* 26 << 98 */
-    { { 0x06c90f137ba2cdc1L,0xb427ace8f70aa58dL,0x33fed4366970546cL,
-        0xaf8ae02b0d5eafa5L,0x74b6f45d390ea792L,0x121708e487c81e88L,
-        0x323a3672d186ce90L,0x1a66c0a48b4e7832L,0x000000000000006eL },
-      { 0x331064266beef707L,0x722fb7844f59525fL,0xa73cb5be473798d4L,
-        0x2bebfc77f44d5281L,0xf397282673030f11L,0x89c0d9dad93404e2L,
-        0x4e76c1852e5aa5fcL,0xe95f8dc3275485ffL,0x00000000000000d2L } },
-    /* 27 << 98 */
-    { { 0xa925539c3ede62d0L,0x195ef41b574551f7L,0x7049c9c1f270aea1L,
-        0x746d0dbf486bb267L,0x3cfb69b104d8eafaL,0xd0a86d9e8cb4df64L,
-        0x8abf12841dbb9b19L,0xe7d381d1d3b0e425L,0x00000000000001f1L },
-      { 0xa469a46539ce8ef0L,0x63cfb5adf537b1feL,0x2f84fd9dfb96b734L,
-        0x3ddae07e2ef3ff5eL,0x8be74870350b4402L,0x0e014d43098f11eaL,
-        0x2862b3b50f0784b0L,0x097303411327f2c9L,0x0000000000000102L } },
-    /* 28 << 98 */
-    { { 0xc9eed4f2599a7682L,0xf1ade4e4a4f4f82aL,0x7479dc8b6ab6d04eL,
-        0x2da874dc271e42cfL,0xc700ca719265e2bbL,0xaf88ba91255fdcc6L,
-        0xf68c29705705e0ddL,0x6ee1135b229fdc50L,0x00000000000000fbL },
-      { 0xf4bd32a2a1a31961L,0x4e67eccfc4785c20L,0x8c0cd85d17f740e3L,
-        0xf6930e3ad8c21194L,0x2c9d9c7376b4c919L,0xd32de819e69ea290L,
-        0xc1028dd33724a066L,0xfd3f06ee7538d3adL,0x0000000000000054L } },
-    /* 29 << 98 */
-    { { 0x616e5cd45bf0af55L,0x6b79cc4dcd382cd3L,0x661574af66107910L,
-        0xf7ad62be9aea6fa1L,0x6a47e48e8c0c9cdfL,0xaf5aca071e6d464dL,
-        0xf180a69f8925c182L,0x282864092b7ca708L,0x00000000000000acL },
-      { 0xb6bdf74fa48967ecL,0x95d640c0484ff456L,0x942032b4db3ef654L,
-        0xd12caff283c4f9e7L,0x946903ca1b8fa837L,0x1cd9b1463e8e7338L,
-        0x7376fa9dd4c41057L,0x50be41a35e26c299L,0x00000000000000f3L } },
-    /* 30 << 98 */
-    { { 0x152c38fcd581471eL,0x05b8e79160b4b12aL,0x5ff32ad285168011L,
-        0x43ff030dbf64b3b6L,0xcb660ffbb119ea1dL,0x0d551ab6abe7c1cdL,
-        0x7c012e803b76feb4L,0x6cafd8b9ffd0b552L,0x000000000000005bL },
-      { 0xbc486f8d855d1dfcL,0x8a6440ef381a9c23L,0x5e97a549d9d1b832L,
-        0x351cc9264d4208d9L,0x2c905f05f72a4413L,0x0feb2643c61c13c8L,
-        0xbbebfa77d50dbd43L,0x3bacdd79c7cfee04L,0x0000000000000141L } },
-    /* 31 << 98 */
-    { { 0xa489600cd04efabbL,0xb1913b347679d8faL,0x071f212fbbe3b326L,
-        0xa78728838b2e519dL,0xde545995b4e503c1L,0x5e5c3df6f58f6c94L,
-        0x8ab21347bd887cc7L,0x894be454e5529c65L,0x00000000000001d1L },
-      { 0x5628656d77eb1957L,0xad52a8d96df565d1L,0xa83f387c8e0b8311L,
-        0xbddb40c83f3a1d96L,0x1f91eac2cc121356L,0xff612889d0bb2745L,
-        0xa15437c096e19a86L,0x6ae3410f4efa63fcL,0x000000000000005eL } },
-    /* 32 << 98 */
-    { { 0xad3570f4d827a280L,0xdb625d88b2f60f8bL,0x81bd93b7ae94d18cL,
-        0xc2fffe8af3ae3394L,0x06b0ec262e4a72b4L,0xf1285a13c7728dc7L,
-        0xd97dee85a4190a48L,0x945e4869d4b0f305L,0x0000000000000023L },
-      { 0x44587f935c577abeL,0x256b56424ddd2f17L,0x36e73dff0eab2bc4L,
-        0x6b2b5f3ace0f4471L,0xce1f2f0fa25bae4cL,0xcf10076029866124L,
-        0x0ec9b4d25ea0d400L,0x621b68580adece0cL,0x0000000000000162L } },
-    /* 33 << 98 */
-    { { 0x33e194dd9a7e3430L,0xe9d5ab561284bb95L,0x9c067ead0e58900aL,
-        0x05355bd3e1af14c3L,0x9a3892ac06815865L,0x5a8c70c331c62938L,
-        0xd8e522e3afee9136L,0x50e266510abe2cc3L,0x00000000000001f9L },
-      { 0xd8ab109d2469ed04L,0x90fc703dbdad4fa4L,0x1d0882afda97fdebL,
-        0x60f8b44acdeac89eL,0xc497d8d5af9d0bf4L,0xe30ef07a66044397L,
-        0x614c26190dbb6093L,0x8eebc530ea3adb8fL,0x00000000000000e1L } },
-    /* 34 << 98 */
-    { { 0xfc84c7d966cf468eL,0xb05444b6a6dd0c36L,0x6ceefdc9cb75ae66L,
-        0xa16407e1fcd19989L,0x0e4d008e3ea55530L,0xe2e44180a8796154L,
-        0x2c96ee812bd73378L,0x84c750f4a6a094e2L,0x0000000000000046L },
-      { 0x3ced13152f93d6caL,0xbc1e7b5cb492a410L,0x4e0238df9daeead4L,
-        0x946fe9921e47d1a3L,0x6b3827027ae7ff3fL,0x305d7c604be9a4c8L,
-        0x5b4a7ad35a3421c4L,0x97dd360169cf2602L,0x00000000000001f8L } },
-    /* 35 << 98 */
-    { { 0xc7c08962ae59aa33L,0x65e33dad2f839e55L,0x751e8014c7cf5accL,
-        0xdce80c8b384a7c9bL,0x4ed68aa2155876dfL,0x68f1fd1e6a12109fL,
-        0xe478bfc5df171beeL,0x25a6d4efa0d40af1L,0x0000000000000127L },
-      { 0x3d08cf5216e520a5L,0x0e0c219aec295ca3L,0x4a11607f58c573d4L,
-        0x2e94a059027c52aaL,0x5f86333bf001ea33L,0x1d5390fe8d19323aL,
-        0x530581f92030a6c7L,0x13436ed1984258a6L,0x00000000000001c0L } },
-    /* 36 << 98 */
-    { { 0x1ff09f33cae6514fL,0x191fe11b261fb47dL,0x97e72c53bdf0b228L,
-        0xf81cdedb8caad4a2L,0xaa5f28367542e922L,0x090df178d68e225fL,
-        0x9adfb6202c8431d8L,0xb8f9bea70f010ff8L,0x000000000000016bL },
-      { 0x78fc8973f422e828L,0x8496b0b5d149e76cL,0xb1f0911a565c8f4aL,
-        0xe580f18ca79f3220L,0x8d3b71356fe124baL,0x8911601d673928b4L,
-        0x193c9fa9e5209d66L,0x988483f1bea837ffL,0x00000000000000f3L } },
-    /* 37 << 98 */
-    { { 0x2c6f263b3fdaa30bL,0xc469da4af8289eebL,0x126c0a3e4f2905c9L,
-        0xac4d69276852183bL,0x9f76c56965b948b8L,0xdd3297e86cc30f05L,
-        0x83cca68afee0c55aL,0x7062249b13d1eb8fL,0x00000000000001ffL },
-      { 0x66cca2f1488bb713L,0xe4fe61c013ce959eL,0x10ef025c5bd7aee9L,
-        0x651aede32c4e3aa8L,0xe233186271ba632fL,0x91887184db1340c5L,
-        0x5cae47ac291e4167L,0xbd1dc2ac61e04921L,0x0000000000000062L } },
-    /* 38 << 98 */
-    { { 0x9365bd5f6e280862L,0x3eb1370af4e5f679L,0xad83574dac728e89L,
-        0x6011dce778ccbe43L,0x51010f61d20a552bL,0x614eaf6c6c29a90eL,
-        0xb1d5f33caea2fcb2L,0xa001efcb12511f6aL,0x0000000000000114L },
-      { 0x769ae8486be363efL,0xed582b28c1195a6dL,0xab11de93a3d3cde9L,
-        0x6e467f11acd39daeL,0x0439b529ba6cd7bbL,0x71019d73fc6195a0L,
-        0x9693ad57c81639e0L,0x31a722a10ed42ec9L,0x0000000000000068L } },
-    /* 39 << 98 */
-    { { 0x0c5c60509cd7678cL,0xac3eeaa649215514L,0x1d124f7ffad388f4L,
-        0x1aed3c0e6d9c49aaL,0x7cb12edb54a3c297L,0x7f1e0889f2432aefL,
-        0x62b2bae3fd1795fcL,0x48e20ba944caa18aL,0x00000000000000cdL },
-      { 0xb1a6ca263b7036a9L,0xe53c3a75af94680fL,0x878870b5352a936eL,
-        0xaf3c86ea55fc352bL,0x60a91eabd9b66071L,0xa2c246a297c722a4L,
-        0xe1f2588cdfe226b7L,0xd1671ac1fc2267c2L,0x0000000000000079L } },
-    /* 40 << 98 */
-    { { 0xf9bfe015460032b6L,0x6410756336a6c19aL,0xb0712a3510d65254L,
-        0x3c97ae7d2a9946dfL,0x28e961edbf77c7f9L,0xf937f17cbc8537a9L,
-        0xed718f65057512d9L,0x7ee133ff8bc561a9L,0x000000000000003cL },
-      { 0x675476a99e3441e0L,0xf8abe77c9eeb9df0L,0x0ce788421a10b4ccL,
-        0xa6f28b21793079e4L,0x01c63657267d9dcdL,0x2de2e74e702b40e8L,
-        0x28620c5a25617600L,0x7505685e5d4d9809L,0x000000000000008eL } },
-    /* 41 << 98 */
-    { { 0xc77c81dfb49ef4f8L,0xcc7a1f775aa25efaL,0xdc450c19b138a6f6L,
-        0x05d2d28b8a09e2e6L,0x6c631d9e49886053L,0x0fb35d84bb82d381L,
-        0xd8a0a353fa26cdc8L,0x8b49879a9a4448dbL,0x000000000000001aL },
-      { 0x6d91d316fb8aa58cL,0x933d09813affa02bL,0x6f68fd557c5a5a04L,
-        0xcad6f83f21ede5f6L,0x364829e50302650aL,0xabf09253bc326cd4L,
-        0xfc23db4b75573e98L,0xe6ccc3f67891f2f2L,0x00000000000000adL } },
-    /* 42 << 98 */
-    { { 0xeded14459eb444e9L,0xd1605d6d257afeb5L,0xd9c649f54a25d9c4L,
-        0x8f148eae369dfcd0L,0x72c632dc79197e8eL,0x55a15a077cdbf577L,
-        0xdd50e58248c28164L,0xd9e03b72971e416fL,0x00000000000000d2L },
-      { 0x63443c908a063207L,0xceb2fadf26fe1696L,0xfe06b1df27b56c4cL,
-        0x75978d3adc74026aL,0xdd313d3424c9b16eL,0xd8d800e0eacc75c4L,
-        0xdc863b4b595b73daL,0x638f474f0a6c15f6L,0x00000000000001b4L } },
-    /* 43 << 98 */
-    { { 0x4e30388a3fa31d74L,0xcedb2dfc4960cae1L,0x744a7745f4f45ce8L,
-        0xd742c0017186bc80L,0xcafad4ad164ca760L,0x396ee3d486f8d7eeL,
-        0x1084ed389b54c6bcL,0x289c4f8e0f7a5b68L,0x00000000000000b2L },
-      { 0xf6b9e59783ea21b9L,0x3135f10773dd812fL,0xe1012d9a9ee85a75L,
-        0xc9a47983ba06a432L,0xb237d66881581dfcL,0x1b0225611e35da83L,
-        0x837cc40f94261e64L,0x11f933f5fb3344f9L,0x0000000000000161L } },
-    /* 44 << 98 */
-    { { 0x5cfc2f27690b6bf1L,0xdc6e6043f33ba977L,0x39dc991e82d11ba7L,
-        0xfb80c94e2922c70dL,0x393dcc3ba5cdeaffL,0xd44d9c7ca687f07dL,
-        0xbd25ebab33bc5437L,0x9a389625d71c4392L,0x00000000000001e3L },
-      { 0x0ac41a2f228f0787L,0xabb96a60cde860b7L,0x22cd3ce604c04d14L,
-        0x157669c6f65e7b0dL,0x0ef03f6167abced9L,0x9d2cd63a814717ccL,
-        0x3991c34977387f7aL,0x3c1b38a58a80a7f4L,0x0000000000000033L } },
-    /* 45 << 98 */
-    { { 0x051a1d25a03c152fL,0xde506b47f51d02c1L,0x6a0458d855e35f7cL,
-        0x9df1cf180c96a540L,0xb658cf9b47a847bdL,0xdb2efe9ce8d42a41L,
-        0x8e2290741219314bL,0xf8fbac85a1cd9697L,0x0000000000000143L },
-      { 0xfdf09168226d0a89L,0xb58b9906a82a9965L,0x88fdad1ff0b79bc5L,
-        0x573b2da29ccc3019L,0x4c2a220d8173e9ccL,0x060bc07731f682e6L,
-        0xdf135af96e7e3dfaL,0x78c191ca507811ffL,0x000000000000004bL } },
-    /* 46 << 98 */
-    { { 0x75627d858584bbbfL,0xbe77f77ec5670f07L,0x86ed433624e2e6cfL,
-        0xe9f725fc83e2e6e6L,0x14b4015ff8a3131bL,0xb1211805c61a5f71L,
-        0x024152443d5b62ceL,0x1aa1a84fcf15a0dfL,0x0000000000000171L },
-      { 0x36f8293435d927f8L,0x22e3300715513cadL,0xc5e42e5783d8b14dL,
-        0x33e90ea35251a8c2L,0x64c1eb44d96f4b8fL,0x52f2ec240f126f58L,
-        0xef84f773b2a8cfecL,0x34949d2ed9d11c70L,0x00000000000001eeL } },
-    /* 47 << 98 */
-    { { 0x7ec007f751d62408L,0xe1669c21119dc50aL,0x8260e2ecf101ad5bL,
-        0x6a6062580c5eae7eL,0x221708bd91ce06f0L,0xdb91beab76d79e37L,
-        0xbdfb4ec33adee1b3L,0x61d216d1feb7511dL,0x000000000000005dL },
-      { 0xf77d7881483fb649L,0xf16f36a8d54d0788L,0xece1796dbda356aeL,
-        0x79f49ef894859937L,0xc4397e207982f311L,0xc98b6e076ce8f498L,
-        0x6c9e0cfeb80ac218L,0x485d36a17b24e50cL,0x000000000000017aL } },
-    /* 48 << 98 */
-    { { 0x95f7fb41da8576c3L,0x42901717d151bb68L,0x7a0277d38777c80cL,
-        0x6827807b5a429477L,0xb98e1de8941ef5ecL,0xadd50957575465fdL,
-        0xd436cda505f5b417L,0x6d30bf0bc232aaaaL,0x000000000000012dL },
-      { 0xd4b799a488873a5dL,0x2200c6d4d60dc1d3L,0xb784a12b75c91d8fL,
-        0x6c8aa91f09fed40cL,0x48db563f5720cce1L,0xbb0de5c0f50bddc1L,
-        0x4aa1fb064c4bc117L,0x905d18a31cb0da02L,0x00000000000000e6L } },
-    /* 49 << 98 */
-    { { 0x05ae51c09ef391c0L,0x6da01b3ebbec8ce9L,0x352303693ed0bf8bL,
-        0xdde6b42cbd380ef8L,0x306e895ec96ab6ceL,0xcf75a84635797d57L,
-        0xed402b30cc298916L,0x66ddc1ffcf95180aL,0x000000000000013eL },
-      { 0xc472f66dfeb4d388L,0x446f756911b1a667L,0x4ebb535be578315dL,
-        0x54f8ef708b039744L,0xf6b95976b877b79aL,0xcc4283c1f5430e02L,
-        0x393ea2f9e1778b25L,0x26d55bfec9f45a41L,0x00000000000000feL } },
-    /* 50 << 98 */
-    { { 0x5617c67b09834aaaL,0x1520f46508ecedacL,0xb331bf9d63dc2045L,
-        0x1633f5f6de5be628L,0x959dffbb65391a40L,0x53450d3241b0bbc4L,
-        0xaa6442cbba6d681bL,0x7e6d47c0f07b5808L,0x0000000000000095L },
-      { 0x78def4619649ca24L,0x970eeaad9fd68eb9L,0x2f170dfd1f670a41L,
-        0x8c28d6fdfad9c708L,0x46892517acdef254L,0x0ca7991fb22ff7abL,
-        0x42ef276428c61efaL,0x1b1b24d9879002b5L,0x00000000000000e9L } },
-    /* 51 << 98 */
-    { { 0xf6465253c4c46cabL,0xcc3593d92fc27318L,0xd17ca4d778519ac0L,
-        0xb34dfb3947d5bfbcL,0x4fe4682e89d6216dL,0xdbe11575a53af405L,
-        0xb622af037d96d9d0L,0x27441f0161f9b532L,0x00000000000001c3L },
-      { 0xef5e7b08d1742a09L,0x77b47c7bf740e0bcL,0xbbb5e859b3c2b8fbL,
-        0x676b7939cb40d08bL,0xb98d654932da9e1aL,0x42546a9dceb3d8d7L,
-        0x0f1e38ea5687f118L,0x357ea1d50f472bbaL,0x0000000000000101L } },
-    /* 52 << 98 */
-    { { 0x85a59a49b81f2d5fL,0x5ab98b4cd12cafc2L,0x7be9e55c9036f3d4L,
-        0xb6644d14ac17dda1L,0x0d6caf4ba23f330bL,0x960e78ef567899fbL,
-        0xb6ec1c3f4bedf73dL,0xbe7e5caba971c6b3L,0x00000000000001b4L },
-      { 0x20cb3a6a66a01413L,0x1fc8c49d71dd7853L,0xc6eea4c1d0f467cdL,
-        0x72adc39ac442dc91L,0x1349ac1b9fd5a2e0L,0xa58d769226814c74L,
-        0xbe23da1602685093L,0x411491b34f2278a1L,0x00000000000001c3L } },
-    /* 53 << 98 */
-    { { 0x5df613d86eeb2735L,0x9adffc0f3bab3590L,0xa9e579d5fbb0951cL,
-        0xb2f2301d93eb0acaL,0xfd90af4277018d78L,0x5fb3dfa8d26e5801L,
-        0xb5f4a0b58db45b65L,0x5152a2c96bff3350L,0x00000000000001a3L },
-      { 0x3c3d0aae3bbe30c4L,0xab6a28c32b64812cL,0x552a8e1fd45d39b8L,
-        0x00f9ad121a9ee27cL,0x0985dcca840dbe6bL,0xa511b246f8a3d008L,
-        0xbec2ee441ff2d83bL,0x53a67bbe0e46b345L,0x000000000000001fL } },
-    /* 54 << 98 */
-    { { 0x63e9d7b2f8ccf1c3L,0x158001879260eed6L,0xa687c4759a40eaa7L,
-        0xcead499e587304a0L,0x0ea47fe6fcd6e4a2L,0x1fd51b69b04a24daL,
-        0x5519ae53a83160ecL,0x4f7d9444ab88175dL,0x000000000000009dL },
-      { 0xcd73bd2d8fd64c7dL,0x8da0c21e69451d1fL,0xeb66fd3fc0f3a5ffL,
-        0xcb267f27e9499043L,0x407f43f7df79a3d9L,0x000a877adb145264L,
-        0x056c0e2af3952498L,0x6f893940b83e7528L,0x000000000000008dL } },
-    /* 55 << 98 */
-    { { 0x42495d2779a151e2L,0x040725e19e477378L,0xc4d382f1ef2c6b94L,
-        0xf34dd70c2b5bb0b4L,0x3d2740c94a5150a8L,0x53de504865e4ddbdL,
-        0xb110cd91f58703deL,0x5c3abd4e167ffc8eL,0x00000000000000adL },
-      { 0x136129e5607e01a6L,0xed84c7926c809502L,0xf9c736f8a3f3ceccL,
-        0xc43308d14cf83eeeL,0xc8ae4fca644d91efL,0x3b58a62bc25f1045L,
-        0xdddbbba6a80de8c2L,0xb2c329cf2b831b25L,0x000000000000012aL } },
-    /* 56 << 98 */
-    { { 0x414530555ab463b0L,0x545b0b693248cab2L,0x25ec52d5dd9b920fL,
-        0x73bf68542dcdb1ceL,0x8efb2a6d02bf830cL,0x794ab4165ea6b254L,
-        0xa4422d12df2a60f8L,0x78bd1b524e9d5a0aL,0x0000000000000026L },
-      { 0x3f341acbb43f9e41L,0x4a73e42a6991d638L,0x596cfd672d29b6eeL,
-        0xc9184fe2940dd578L,0x283a30954a2883edL,0x0626dd7aa58bc7ceL,
-        0xf2d6c6ef401334f3L,0x55b107493c254bafL,0x000000000000002eL } },
-    /* 57 << 98 */
-    { { 0x2d9295c1f2bf5edcL,0xf764d4c5cb524dafL,0x2ca917e19800cf00L,
-        0xda3da70db6d553ffL,0x6a14076bcce4eb3bL,0x1bcbf4e8ddd246c7L,
-        0x653ed1fcfc906223L,0xc0ffa99f49e555d1L,0x00000000000000e7L },
-      { 0x6e75a577914f520aL,0x043dd7d0d4070fe6L,0x58ddc37ff47638a3L,
-        0x2d28267b70ceddeaL,0xe1c529280b9f91ffL,0xefa6ec2805e983baL,
-        0xdd61a80670d85f35L,0x9226446bcd48aa34L,0x00000000000000d2L } },
-    /* 58 << 98 */
-    { { 0x00afd4965d8690a8L,0xf86123ff5f81af58L,0x92791fc1d2e32baaL,
-        0xfb0517927d442591L,0x05d935c115baf7c3L,0xaff80ea31ee6a681L,
-        0x4c82f39458a15599L,0x691aa0055165d86cL,0x0000000000000160L },
-      { 0x8fc906b0da216432L,0x2553176a31adbbfeL,0x0acd0c27fa180f5dL,
-        0xcc22f6a295ca0db6L,0x2aa225bbd4f8515bL,0xcad879abe8685485L,
-        0xa7889114fb4b2f2dL,0x5e2f58e958175c94L,0x00000000000001dfL } },
-    /* 59 << 98 */
-    { { 0xa3fff0780481f1e4L,0x2c928413de29a775L,0xdb08b5d3f7168a7dL,
-        0xb2f81d56633213e1L,0x9928e38b33a95654L,0x42d16f450c473c01L,
-        0x0662ab7be4c7ffdcL,0xbea6e39ef5484520L,0x00000000000000b5L },
-      { 0x34cd343237cd50f6L,0xb969f3cd85686cceL,0x10558cab3e15b35bL,
-        0x87aa8ec532f13ad4L,0x706b9ee99311191dL,0x38adfcb860ba780fL,
-        0xa1485d172515550eL,0x2de9d6fd18b92a8cL,0x0000000000000052L } },
-    /* 60 << 98 */
-    { { 0xdcdfedb147c91a15L,0x89c1654de8003763L,0xeef03c09e074525dL,
-        0x1a75460c0b7979d2L,0x58881343fed5ae1fL,0x3fcd3227ddb9340aL,
-        0x1e4db699885bf042L,0x2923f9382340afaeL,0x0000000000000067L },
-      { 0x934ef610cce2e800L,0x8db3f34bbfb68efeL,0xd78192d6c8df9008L,
-        0x94929564d3fa0c49L,0x2d0cdbabfb20d848L,0xbe73f64fcd307b38L,
-        0xbdf434f3183096a8L,0x009a7ab97bb336bfL,0x0000000000000096L } },
-    /* 61 << 98 */
-    { { 0x51482c31c0279b71L,0x5a64d764fa114064L,0x1cea19dc613f02e4L,
-        0x584b4754ad92a890L,0x41d258fefe288772L,0xa46f97e2712b9833L,
-        0x6834b1b47263bd06L,0x2377b6a5e840922fL,0x0000000000000085L },
-      { 0x785b453e05243545L,0xf7cef5b951e1376eL,0x0b4baf26bf6985d3L,
-        0x1b19968160b01ea0L,0x8c67d48322d1bd0aL,0x44534e2069d7265dL,
-        0x5c66184f4d1b7631L,0x80173aabb4f2f684L,0x0000000000000139L } },
-    /* 62 << 98 */
-    { { 0xb2f73e97c2f18c9bL,0xafb9e244bc189020L,0x7940431bb4f03f21L,
-        0xdf6d7a8da1743efeL,0x34b51488b2d1f43fL,0xa4c57f09da0bb60dL,
-        0xca8497729e7a0788L,0xabb13fae3c00114bL,0x00000000000001f3L },
-      { 0x82b4d795bc829c42L,0xf9f1dad153a68a72L,0xf4dd335759991d6fL,
-        0x1602f217fff13f30L,0x55af8ec3e9568101L,0x36f1d1f1147a832eL,
-        0x9f1dd9d2408cae6eL,0xe5d03de373b26e6dL,0x0000000000000193L } },
-    /* 63 << 98 */
-    { { 0xf3dd72a10f87eb25L,0x8ef640f8237745deL,0x49c04801fc90b8afL,
-        0x836914f5bc493335L,0x3fc6bc7c66e73cf5L,0xbec3517371e8f965L,
-        0xec11f247478c734eL,0x1806c5d2f53ad410L,0x0000000000000058L },
-      { 0x24f77c0dee27650aL,0xf19cd730e89f447aL,0x2d4d5ff8af16422aL,
-        0x4a5a3cf9b38edb7dL,0x4476596d9a775f5dL,0x2fda6cb49e5716c4L,
-        0xe4926cdd84e5e040L,0x54c354ba388b853dL,0x00000000000000e9L } },
-    /* 64 << 98 */
-    { { 0x5d3f00ecbecff63cL,0x280fc963671a2835L,0x27cf9990849ad2f5L,
-        0xa1cfa523b27c7f2dL,0x9d9a6870b8278b74L,0xd6176cdf9ee793b2L,
-        0x9a98521ab31e9501L,0x4422e43e7436e438L,0x00000000000000d9L },
-      { 0xda4f7464daa8dc76L,0xa5b83150919e1298L,0x00d3948d81c82c13L,
-        0x95def32463724cdeL,0x9b57597b7d5a1038L,0x42d9d64e57432b3aL,
-        0x9807d998936e411cL,0xe68eefacf1e57507L,0x000000000000003eL } },
-    /* 0 << 105 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 105 */
-    { { 0x45d90cf8876b33acL,0xe53e1a993ed58f0bL,0xd5d181f549d916b3L,
-        0x1b1ef0402ec09be2L,0xe5787176b2113b57L,0x11d02e708073044eL,
-        0x9d1c19e7a2ae38ddL,0x2662d4943634f6faL,0x0000000000000130L },
-      { 0x454c8a736bd6208eL,0xd2447cefae37911aL,0x56ac592e69b8c5aeL,
-        0xe7f564839b615bfcL,0xfac066e1bbe7fe62L,0xb2ac3ee1b7777b32L,
-        0x55f8653315114adaL,0x15cba83e46497cc9L,0x00000000000001efL } },
-    /* 2 << 105 */
-    { { 0xc06a64ce981fd289L,0xb8dc2603d11fcd02L,0xea27a922770d2eb2L,
-        0x83c64076da8f19edL,0x9f6d1b650ae6a311L,0x977277bf73fa8721L,
-        0x7115ef98cc0292d8L,0x93237ae7d2e0c67eL,0x0000000000000069L },
-      { 0x83481b595c151734L,0xba00bd740ac1576eL,0x48f33272f178d4f2L,
-        0xe09fde3816492d95L,0x876124dbb9dfce3fL,0x27e7b1e503fe728fL,
-        0x79347e4604f98f99L,0x63ec8c5d48dcf0eeL,0x0000000000000149L } },
-    /* 3 << 105 */
-    { { 0x82a80d88b23b9243L,0x1a102766d91555efL,0xdf3cec50f069fa76L,
-        0xf6c125294319ca89L,0x9a11b37a0330eea5L,0xa5a659a902c12564L,
-        0x3e01e4311612fa73L,0x85580747e35674b7L,0x00000000000001daL },
-      { 0xfa500e83b5a20999L,0xb539909dcc336ec6L,0x76aa969e7ae2ac1eL,
-        0x2144206ce0a9712fL,0x095fec7e3ec387d1L,0x5988797252c7840fL,
-        0xb61a7c61262f5f93L,0x75bc25e7a76b83b5L,0x000000000000016aL } },
-    /* 4 << 105 */
-    { { 0x327d64092ccbb0daL,0xc5750f6adc39da33L,0x8b9eebbf7383f8f4L,
-        0x9ebb5a8e256c4edfL,0x7513f7c0a917a2aaL,0x31eb5a3dc4824bd9L,
-        0x2d6a4cfc2ed4a7f4L,0x9ee354aae0c9c30fL,0x0000000000000179L },
-      { 0x20eb09c9cbf2d15bL,0x4574d31c2547c112L,0x76543e3dd38e79adL,
-        0x1d35b8874edc05c4L,0x3ac58dc7aea4de85L,0x9aa6fa0aaf5715e1L,
-        0x8869704eb163a66fL,0xc685ea7ad14001caL,0x0000000000000083L } },
-    /* 5 << 105 */
-    { { 0x5b6711a5052b505aL,0x3b32ee5adbb104daL,0x3a59883e14432cfaL,
-        0x57b6d6bc88b7c74aL,0x363dc2628d5582a5L,0xbe6d3bf58928103eL,
-        0xfffbeb0963b06525L,0x29acbf58fac9b5ecL,0x0000000000000002L },
-      { 0x78696df41ce15975L,0xa9732060c78337eaL,0x288fe1958aafa892L,
-        0x5de9cd9132a7be5aL,0x2f1baccdbec8ed8fL,0x88131f8db1f0d997L,
-        0x8d15c4049d123bf3L,0xf460d41630a1544aL,0x0000000000000029L } },
-    /* 6 << 105 */
-    { { 0x95524dcea3342331L,0x2ddf9b2f0e413b88L,0x342e0ce86a03fbe1L,
-        0x8e2dec3eeaa3999dL,0x3ccf191b5ca80ad0L,0xf93ebc99804b9c29L,
-        0x97d83573f2282b48L,0x51f33e7359ecb135L,0x000000000000004eL },
-      { 0x789b5cfc7d53f035L,0x5ff3ae9a209b881cL,0x09af30bd80dcd35bL,
-        0x850cd0aa799b2059L,0xb660d065e2642327L,0x9d9424520f5134b0L,
-        0x1fd8897381ab299bL,0xe126dbe9b6a2ba25L,0x000000000000013cL } },
-    /* 7 << 105 */
-    { { 0xcc6292a08a547e2dL,0x9a76a8e180565c69L,0xda4d2475fb616140L,
-        0xc9cd45238b5a04c3L,0x8313b6c0554879adL,0x9a103a9522038226L,
-        0x4e5db49dd06a57e5L,0xfc49d649d1f333efL,0x0000000000000063L },
-      { 0x529f97e82f30ea09L,0x06692dc9416e0148L,0x534c9f6ef6dcca0bL,
-        0x26f9f8409d575d04L,0x93f66c9743c153d2L,0x776b12bd9d1b22cdL,
-        0xa44528e4b4000757L,0x738ecfb9881f46c4L,0x00000000000000e8L } },
-    /* 8 << 105 */
-    { { 0xbee094232a7f01fcL,0x75176a16998af9a2L,0x13273068fbe89a7aL,
-        0x3e74aa6f13c42b6aL,0x7da022be579c61b0L,0xaa759216ff23e10aL,
-        0xcf7f7d1afd852641L,0x0e9aaf1c1090b6c7L,0x00000000000000dbL },
-      { 0x483b1f8c6d9ebcadL,0x25f3aadc987b2c42L,0x83a7bd03f70950d0L,
-        0x67aefd6a14f250eeL,0x6e90c4f990070d75L,0xb9d65432035fdd1eL,
-        0x190281bb2ab23f7eL,0x36008cb1b69015daL,0x0000000000000137L } },
-    /* 9 << 105 */
-    { { 0xca31701dc0f403e8L,0xce036ea893374a84L,0xf15352701872a713L,
-        0x346ccdb0e92111e7L,0xd0427b8ab3ed8f01L,0xa165cec95fea17ceL,
-        0xee36680a6bff1155L,0x0db2ff965a8d9ad0L,0x000000000000004bL },
-      { 0x8f2638947cf7d4fdL,0xb1a229c024f483f3L,0x141a47114139f5c5L,
-        0x4449f744e2a1f981L,0x1450ba3101c7860aL,0x5b968d93857f6d90L,
-        0x63ac13fa1646bbaaL,0xb43e9791d771bff6L,0x0000000000000110L } },
-    /* 10 << 105 */
-    { { 0x105147eaa3ef560bL,0x4a60db0bdc1823adL,0xd8e3108b48c7d8d2L,
-        0x562883f0a2aa9b3aL,0x59413cccf07a672cL,0x8d5b9b0ad952cc65L,
-        0xc63448bef4ec1122L,0x82790e4d35ea3ffcL,0x000000000000003bL },
-      { 0xb50f1a1a88531051L,0x5529d01f18f9cd8cL,0x57f285f266427c66L,
-        0xc98f9e0abe17e614L,0xa773fa6e3bd58a1cL,0x8598347086cfbc69L,
-        0x54cba22bdac04edeL,0x847b94b086e3311eL,0x000000000000015bL } },
-    /* 11 << 105 */
-    { { 0x1d61cce6ad9b2624L,0xc78885f8427ab78dL,0xd59f99b14857d152L,
-        0x3346b89ca5824a84L,0x8430b19997613060L,0xf59e15a866033997L,
-        0xbc442c8ea4ba1ed0L,0xb74f9fca46645f9cL,0x000000000000010fL },
-      { 0xe65a7edb5a48ff11L,0x145010e14866254fL,0x041641c5b4e7b068L,
-        0x54f8ae8efeb7efdaL,0x506d0109d08412eaL,0x4aed71b9d1b1a35eL,
-        0xfcdcf29c36c821e5L,0xc9b518d3da012ad9L,0x000000000000015aL } },
-    /* 12 << 105 */
-    { { 0x2dc395a5556d2be5L,0xd27a811d2fe83cf2L,0x915fbe80e070e5d3L,
-        0xc3e38ef0c80a61afL,0xc1b529f6b988671fL,0x74b7fce60412de40L,
-        0x8ff8c2c5a6ec7d2aL,0x7d3093d743346692L,0x0000000000000032L },
-      { 0x6d6fd108ef669f24L,0xdb66a863e60d43d3L,0x2cdb23a2da77cc60L,
-        0x6baec01bd73a2bbfL,0x4ad344c27d5fe4c5L,0xd6cf895c9f1df645L,
-        0x9cabb9379501481dL,0x3f57061a600abd58L,0x0000000000000042L } },
-    /* 13 << 105 */
-    { { 0x9c26b76ab37d43cfL,0x4ff11777927c55b2L,0x585193b49f3f5d94L,
-        0x3d85adc371de2d3fL,0x76d195fa70a2a2beL,0xc91acdf60f514a93L,
-        0x921b5a28d78a46abL,0xe46c201728239dc2L,0x00000000000000e4L },
-      { 0x6d7969d8d3531ba7L,0xf409eb62ecfbe5eeL,0xb31fe091d2c08a17L,
-        0x250b1f2efecaa70fL,0xfc73982e66500ad3L,0x4dac9fd1ffab2445L,
-        0x507eaccaa3931986L,0x83eb25409bbe5225L,0x0000000000000105L } },
-    /* 14 << 105 */
-    { { 0xb9e3b8bb17a515bdL,0xf8d68dd2d396d767L,0x7de89508decadc2aL,
-        0x9831907c75695a61L,0x4c5f2cc7a3b7d429L,0xcea07ffc4ee09e20L,
-        0x309f2c3fef0d7f4aL,0x3227ec7f9643a1feL,0x00000000000001dcL },
-      { 0xf8cd3e8373ee6524L,0x5570129e98f4749eL,0xc8a020dfd9f271b3L,
-        0x0ab6677db2fbafd9L,0x0a0168838b084241L,0x466644d787d85db5L,
-        0x3d631143fb15dbe1L,0x698e8237c6afa7c0L,0x00000000000000a0L } },
-    /* 15 << 105 */
-    { { 0xfb9c0840bf144a2fL,0x1fddb4d78eea78b8L,0xcd5da1617a68c123L,
-        0x57bac9f5ce110d74L,0xbc329c6f726a02baL,0xf2e4e02404b8b550L,
-        0x88018b6a9f558689L,0xd1eb211aa0192931L,0x0000000000000066L },
-      { 0x5501bc7802a25d57L,0x5eabb394b7c28b33L,0x4a322d1b7fbda862L,
-        0x67f3f67e6314f639L,0x06e2768557f63f41L,0x2d1fa432b4657646L,
-        0x0338960d3950136dL,0xaa94f24fd48716a5L,0x0000000000000188L } },
-    /* 16 << 105 */
-    { { 0x80d935b163b7a2ccL,0x3315375ed6dc2acdL,0x400bb7948b895a51L,
-        0x35962ff9b28f625aL,0xd75e5cd7ef66bec1L,0x3bea41715157464bL,
-        0xf372e7c8605c7eb3L,0x3741fbf0e3301a57L,0x00000000000000bfL },
-      { 0xa5388110d0c6184bL,0xcaf6355ef89ed74aL,0x4e170981fa93c1eaL,
-        0xea60089b0dd9b47fL,0xa27efd8b3b9cda73L,0x5852497b5ee68672L,
-        0x60f0dd9c45bac304L,0xf444a8f03048cd59L,0x00000000000000baL } },
-    /* 17 << 105 */
-    { { 0x95f255bb5c07340dL,0xf8de4c0b69160158L,0x234d0988543e6e26L,
-        0x728fe0b5fdbbdcdaL,0x28415205dc5479d1L,0x0d10dabb4737ebe0L,
-        0xe66b187c8bcd92a4L,0x7c1384f8268d40e2L,0x00000000000001b5L },
-      { 0x8f6f9b23c6f33f05L,0x84188aaa402cf04dL,0x0c34d78fd3d3cb54L,
-        0x99b6220be5a78cdbL,0xca0404e0f3f4a122L,0x3e0f1a94d9b7dbc7L,
-        0x69544dcc1e434d32L,0x3c5e1f066cf599e2L,0x00000000000001a5L } },
-    /* 18 << 105 */
-    { { 0xd5c3ba5d9b7426e2L,0xbf007ff534f50a36L,0x1f35505edd9b1ae0L,
-        0x4207411bf1170c6dL,0xa092286e1fa9f8c2L,0x8561f6d09aa935faL,
-        0x25f6a210887aa36eL,0x1326468d916cf990L,0x000000000000014aL },
-      { 0xc5b4aec75f4c5f97L,0x19078493fd51578bL,0xcce5c1b5d27f947eL,
-        0x555a000791d55544L,0x673149265ee062edL,0xc2e2b9bb30473d65L,
-        0x84a0705f0c4f654cL,0x2e7ddefcb53d901dL,0x00000000000000cbL } },
-    /* 19 << 105 */
-    { { 0xad0f207da13d6874L,0xaeef4cf48cb34cc1L,0x9d7d25e0cda81d1cL,
-        0xe8c11d3a47b69696L,0xdcacc0c193463587L,0x8da07ec922a666bfL,
-        0x586f6831dd7d59bcL,0x98e125d5a4e67363L,0x000000000000015dL },
-      { 0x0f9878144fc1e663L,0x739c449ae54e65abL,0xc2f151cddacb89f8L,
-        0x54c9468cfda8de8bL,0xfe379ed859e9db53L,0xe53c1246de0d711eL,
-        0xc72d6669b716288dL,0xd98eb6947ff434b8L,0x0000000000000197L } },
-    /* 20 << 105 */
-    { { 0xd8828453ba55c50eL,0xfba129a6011f25cfL,0x92b111d214212513L,
-        0x606c4cac10dc46bdL,0xa2bdb94ec971ab1aL,0xef64fc272ed13cfbL,
-        0x4e6abf3b6d95da9cL,0x893ad58b6db4e176L,0x0000000000000093L },
-      { 0x8aae0314242e9cd4L,0x7d6d2214e64a78e2L,0x03a80376d3b2f48aL,
-        0xdd43f77b18e8cac0L,0xf140eb83098210f5L,0x0a31f295b84aa3f7L,
-        0xdc0dce3edf6e0c08L,0x69d9d0ad1f6094c0L,0x000000000000016eL } },
-    /* 21 << 105 */
-    { { 0xed2e0249efb97167L,0xb89824df19f6e8d9L,0xe23ede3948475753L,
-        0x70604a1063c1dad0L,0x722e21c1ccd7cad5L,0x6df0e5f2a10d5e50L,
-        0x61ca16329aa48e17L,0xe65eba88f9569945L,0x0000000000000023L },
-      { 0x70f4a192cb5b92ebL,0x2b9a208a8900f126L,0x76409cc9f97972eaL,
-        0xf41dcf4ff70e601cL,0x2650a3476f181642L,0xfb733417318b0fe1L,
-        0xc6b04e56b5a047eeL,0xca664142806a09c4L,0x000000000000002cL } },
-    /* 22 << 105 */
-    { { 0x1ac10389b68f339fL,0x91b38759ed194f5eL,0x3914798fba6b7970L,
-        0xf3539fa888adc703L,0xafe49a1323a1eb1cL,0x07391e320e9a2944L,
-        0xfe950d80c196e2e6L,0x757a6aec3d5aad1eL,0x00000000000000bcL },
-      { 0x21f49f512bc1cf8cL,0xdb4a00d39672f74dL,0x1c85164cb58d71b2L,
-        0x8dec2f612cd5ed70L,0x88bf4b050eed1979L,0x33896b492dbd7dd1L,
-        0x0524e9cf77fa12f2L,0x42e60f7f839d35a8L,0x0000000000000029L } },
-    /* 23 << 105 */
-    { { 0x491564d68731bfb8L,0xe89203481128cfb4L,0x0026a96d348cd681L,
-        0x58193c9ea0af729fL,0xa3e1089947a22bb8L,0x074a8f92dcd1bfa7L,
-        0x45cbe7b054946516L,0xfea57561cd7b02f6L,0x0000000000000069L },
-      { 0xb19a61bc10b93767L,0x2866d9cd9dcdb1b4L,0x8f540d9d3b401ae1L,
-        0x196d3843ed89cc1bL,0xfaa6336ea19e3aadL,0x1132d0261b294d32L,
-        0x9aff85ed6a0b975aL,0x11e2111302584ad0L,0x000000000000003fL } },
-    /* 24 << 105 */
-    { { 0xcacf976d657d30afL,0x8d99f439e599602eL,0x89b7ba5142c60609L,
-        0xbe1fd86127695726L,0xd1fe4929cf48052eL,0x785c994775a3938aL,
-        0x89c0d82562f5496fL,0xcf585a3f24237d10L,0x00000000000000eaL },
-      { 0x3d2d602df48c877eL,0x56732dbcf094b87eL,0x5603dd5c4c825b63L,
-        0x41a7454849d45408L,0x573734f5ddfc690bL,0x5fa016412c2993aaL,
-        0x1bd91fcaaadfe3cdL,0x3cd67d47be83c452L,0x00000000000001d2L } },
-    /* 25 << 105 */
-    { { 0x1003b83b3cc92301L,0xf5e76d65f8f493d0L,0x2ce44912fd07df7aL,
-        0xb2781226fa8fc5caL,0xc1188930371bb7b0L,0xd903037daecaa2f6L,
-        0xb5a0c7b572ffff20L,0x250bc26809e28877L,0x00000000000000daL },
-      { 0x51246eff1d835cf8L,0xca86aff7e2aa17cfL,0x4a286343ed95465cL,
-        0x761b330a2e0ec7c4L,0xcec609e70e238a29L,0xaf57e17f2ded7b72L,
-        0x783fee52dd97a8e7L,0x9e70a6bac9b0e6e1L,0x0000000000000148L } },
-    /* 26 << 105 */
-    { { 0x9ba159e917acbbacL,0x21d2cd40b3b2d4f8L,0x19d30414cf0c0962L,
-        0xea38bfa1e46a922fL,0xbe6961f2463d079cL,0x811dff90c6bf5348L,
-        0xd96c494b785c3396L,0xf3ad523ddcd944e8L,0x0000000000000066L },
-      { 0x634d8e7d206d05a8L,0x15b16c22a1324639L,0x16b8add8e59be967L,
-        0xfeae166da509f7ccL,0xb9c7e3979f5a873cL,0x7bc71c573ef93a82L,
-        0x6b70e12d6115406eL,0xe22f4254de6bab3cL,0x00000000000000adL } },
-    /* 27 << 105 */
-    { { 0x7552422040c553faL,0x8b57e7c008e5d334L,0x69dc672bb0576f54L,
-        0x93f4183b389374d2L,0xb75b0d40cc422c64L,0xb44b0e56287a6c2dL,
-        0x6409c0e89c25d3baL,0x02c259d8c06b946bL,0x0000000000000089L },
-      { 0x84719a851b45cccfL,0xca07d64720613663L,0x04055dbca18c0ce1L,
-        0x2769ca934c88632aL,0xebd3eba9ae212295L,0xbbcca701d7d19150L,
-        0x7890908d5520d207L,0xbe9223c03918f231L,0x000000000000001dL } },
-    /* 28 << 105 */
-    { { 0x7681afca91957c78L,0xd0e5379bf37ff077L,0xf5d60a4494adc198L,
-        0xdf6fd776d87fe24aL,0xe361851fd13e39d8L,0x2513ccb0576ba50cL,
-        0xfa50610afb934e52L,0xbeb4cabb8dfdc65eL,0x00000000000001b5L },
-      { 0x578b16474b080c52L,0x5c27918e45a7bf77L,0x8eb701fd5007f0c5L,
-        0x98bbf9989230a8a8L,0x82cf1074790f53d9L,0xff6b6226a375084bL,
-        0x09a928db2eb7289aL,0xc28d4dacfe5e2315L,0x000000000000011aL } },
-    /* 29 << 105 */
-    { { 0x31bc319cc98a9c37L,0xa0bb2283a3984dbcL,0x3f301a6b54cd9423L,
-        0xac47b1b806b84615L,0x26450a5582d1dbffL,0x1d5657363a97de2aL,
-        0x47aed4ea512c76a2L,0x7ccd33197fd528d3L,0x0000000000000055L },
-      { 0x2164253f5696d45dL,0x5e0bf77bb4f480d6L,0x1abf68e6540a1dfdL,
-        0x17538afb9e1e823bL,0xa0f9656e310ac00aL,0xead8fe6396b4c493L,
-        0xbb21e9ed4430ccc4L,0xe750b446f8db037dL,0x000000000000014fL } },
-    /* 30 << 105 */
-    { { 0xfba9eb2d3cec0762L,0xa9fcc5c16e39d300L,0x49efec4e5d9d4024L,
-        0xf0de3c99a14df0e5L,0xf1a1eda4cd197e7cL,0x23c79138c8fa57dfL,
-        0xfa27666efaf7ab50L,0x88c563d41b17e0b9L,0x0000000000000103L },
-      { 0x354d24b33bec9b99L,0xa6f3879ea3b30a27L,0xad3cbf31c4a341d3L,
-        0xc39733b81873136bL,0xb0e58f73d36a0e8eL,0x6de55e1efb08244fL,
-        0x921fe1304a5d4a2fL,0x2ab1ca90c634beb7L,0x0000000000000176L } },
-    /* 31 << 105 */
-    { { 0x07c0f5899a41407aL,0x9c8bf2b39bbbd8e9L,0xa5b4bcf8e513a7dbL,
-        0x85e61af7f2979de9L,0xf4ccbb625ca009daL,0x41d81be066ef1639L,
-        0xc7870e2a74a14becL,0xd0817703e04c1567L,0x000000000000000fL },
-      { 0x2be84421f2970915L,0x59794c74f26c5082L,0x8883a0bbf491677cL,
-        0xcdcb38a31f01db0bL,0x7ba2101e6fba9ddfL,0x9228e0674b0b0f97L,
-        0x0000e6124d5c084cL,0xe7be273d6bd21734L,0x000000000000016cL } },
-    /* 32 << 105 */
-    { { 0xd15ea6b41f8670abL,0x1957a0f1199b1007L,0x113aff43e3efadc2L,
-        0x07c606090fdc6abfL,0x93e7ba310bb0014bL,0x0f6b7e135d34945fL,
-        0x2303a74aa9f86051L,0x6c9fc83a312cf1b2L,0x000000000000017bL },
-      { 0x5588cca5e501aaa7L,0xef0d3bc16e7ac7bfL,0xbffcd55147339a1aL,
-        0xf83b4cb8c36eaf74L,0xa4e70ee39ed93d5fL,0x0972ac415c249069L,
-        0x2e9968feca09bde3L,0x1b5b37298c5aec39L,0x00000000000000c5L } },
-    /* 33 << 105 */
-    { { 0xacc96c98b769fd56L,0x86d507327dae0910L,0xa1dd43651386165eL,
-        0x38e6d2a3f3213894L,0x890e1328f8b379aeL,0xa6200559306788d4L,
-        0xf88c4751a7def4f1L,0x6975c2db70bc1914L,0x0000000000000100L },
-      { 0xa8f2f1c9b892640cL,0x5b1ed01e21f7b44bL,0x13ff919bbacaffcbL,
-        0x76bae5427271c130L,0xf6daeb9faf5a9725L,0x9da7b38033ec07e8L,
-        0xa5cf0ef503585e6cL,0xf79529ffe6ef4b51L,0x00000000000001a1L } },
-    /* 34 << 105 */
-    { { 0x1f7b4389bdeef89eL,0x6789ffd1066ce776L,0x671ae6869d25dc8aL,
-        0x6e4eaae92a888ac7L,0x232dbd9f46a4af36L,0xbb17127ac6fea211L,
-        0xe34ac986ff807938L,0x0222d0b4132b4057L,0x00000000000001cfL },
-      { 0xf1511b8e8217c466L,0x04a4581414fdd478L,0x49147df5a79487d8L,
-        0x9bd381fa23c6e0fdL,0xd91d805a9f74cf82L,0x0ab490b37a8b86c7L,
-        0x090cf1b26d582a67L,0xc64ddf5627fa5841L,0x00000000000001c6L } },
-    /* 35 << 105 */
-    { { 0x3bdf7a2ad1814226L,0x07c5dfc8f027968dL,0x4bb29e991211439dL,
-        0xf7c1b4f71caf12c0L,0xd7b807fb79f9fde7L,0x938bf15f5fb1dd69L,
-        0x073eebfd1780e837L,0x642b138cb0faac2bL,0x0000000000000168L },
-      { 0x56b0d340082b362fL,0x0bfe8f67f85cc2dcL,0x50c288955c32b783L,
-        0x1e53f45c7b898114L,0x71b9ae7056cc9e6cL,0x56b5107c72099c86L,
-        0x63311d09311f3509L,0x78acea51d6a5f3d0L,0x000000000000005dL } },
-    /* 36 << 105 */
-    { { 0xc2089b19fcc9c03eL,0x089cb861b3c3b222L,0xc98b822e1ce7d1e5L,
-        0x3dabb2044977f564L,0x227cb87d5ea70d29L,0xdcafc8a47069304cL,
-        0x20d80ad6802b1253L,0xca26c7426b904cd6L,0x00000000000001b3L },
-      { 0xb9ce07cead8419aeL,0xa9b14ff2a9544909L,0xfd3d940bb7a73089L,
-        0x5fc97e71d3d01c28L,0x84eadd2847850cf8L,0xb54183bb27f823aaL,
-        0x557fd65129af6bf0L,0x180b581acc18b8a8L,0x00000000000001f4L } },
-    /* 37 << 105 */
-    { { 0x7a4cba6bb978f541L,0x3e6f49205343823bL,0x2bbd7ba217fbe204L,
-        0x4026c8212de816d0L,0xc3b60a1a0e9b6bf8L,0x9ed6b7df684e996dL,
-        0xf50e40abe73868b2L,0x10b2f15cc492b090L,0x00000000000000daL },
-      { 0x221216615aab5f3eL,0x8e9e9c682529ac88L,0x12a17b7723cdd031L,
-        0xef53fa6250d3b5ecL,0x2d09807c8fad5c6dL,0xc40e0cf6487138ddL,
-        0x52d5db3b323038f1L,0x1425a7359d09f1aaL,0x000000000000019eL } },
-    /* 38 << 105 */
-    { { 0x59fed1c491a11ed8L,0xfe263c0a3180d98dL,0xdcdc10e42d368fcaL,
-        0xaa2f0a1bef1e9926L,0x768984895745f2e5L,0x48830803112ada7dL,
-        0x4c63137696c9e854L,0xc0e129f08250e11dL,0x0000000000000191L },
-      { 0x457dd4a21e6bf787L,0xecd443ca026b528dL,0x4a02a60ad84d6716L,
-        0x5a2a31fee3f215d7L,0x05c6ea2ef4789397L,0x78bb4bc49df48571L,
-        0xbd322028c263a45aL,0x57bc9ae162fc82e6L,0x0000000000000131L } },
-    /* 39 << 105 */
-    { { 0xa51538ca93f73b65L,0xa209bc3c23ecb9fbL,0x5f4b4dbe6590de4cL,
-        0x410efe51eba978b2L,0x2c2cab5d0159bea6L,0x506278d2a9e69f90L,
-        0xcad07d66b89db270L,0x5b59625e22847a48L,0x00000000000000abL },
-      { 0x4c305e6bb8cea678L,0x5842bcd09909f9a3L,0x53a5a114477599b2L,
-        0xc7c5a7e8a735de6aL,0xec49f912c9df0d78L,0x794e2c2d3be4756bL,
-        0xdb7b920d68824272L,0x3c4823e0e7d2549fL,0x0000000000000156L } },
-    /* 40 << 105 */
-    { { 0x8ff38aa4093edcb7L,0xc3c6b459e8f5564fL,0x613e5157b8935ffcL,
-        0x1eba7a2ae10e448eL,0xcf8d70c9fc31845bL,0xe1e4d5bb77f5a42dL,
-        0xe61bc59edd07816dL,0xa0928cb3e85fabbeL,0x00000000000000c4L },
-      { 0x12e7717eacc0393dL,0xca036b26540be4cbL,0x4f59050e36dcf32fL,
-        0xdd2e7ff9234b425dL,0xbd17895136b8d833L,0x132d27fef989d479L,
-        0xc2049ea7ba09ef6dL,0xb526a9b5c83a3b7cL,0x0000000000000157L } },
-    /* 41 << 105 */
-    { { 0x06a4efb20228649cL,0xdffc2bcda7942aedL,0xcf2e51715b4eb8e0L,
-        0x399bb5320052238eL,0xbc53cb0c46e3f1d6L,0xa020f3e430a71ec3L,
-        0x340c96716ae10068L,0x0bcd58b7dc04715bL,0x00000000000000f7L },
-      { 0x87deb87d8f9d8244L,0xc510965fb14747edL,0x5e084f544fa3df33L,
-        0xdf3d534d10cd6916L,0x15345bf7a9379b76L,0xa6d306f97dedac05L,
-        0x18243b39dd131822L,0x12fad40f9d9eee60L,0x00000000000001d4L } },
-    /* 42 << 105 */
-    { { 0xe47e92bfdad2a018L,0x7169fc3557faecabL,0x824b95d921861e70L,
-        0x3691cc6191077fa6L,0x39b9bee4de1dab77L,0x3166f0042a4c87b1L,
-        0x6279470b574cb51fL,0x0fd510aa9eac155eL,0x0000000000000040L },
-      { 0xbe71e07d80d4bb34L,0xf09f4e405a9bdb09L,0x7045942d1a249979L,
-        0x603c2c25ed241724L,0xa6fa617216c91e0fL,0x9fa0a49fce6e8b62L,
-        0x9767b1486cd9fcd8L,0x223901649b1d52e6L,0x00000000000000c5L } },
-    /* 43 << 105 */
-    { { 0x2ef5152be65ed57bL,0x7cc90f473bb1fd66L,0x98f6873244e66f0cL,
-        0xa3447ae327bd8ce1L,0x324c3ac08f22eaccL,0x838a435f0397222dL,
-        0xc63bee579b0ecdb1L,0xd0bc1d6a9d2d789eL,0x0000000000000015L },
-      { 0x1c6f47cf4202af3aL,0xe847a6104c99a557L,0x9cd3807e4b94f1f3L,
-        0x703f916b8a2806c1L,0x8fb83be08cdede77L,0xb07b30bcc62bf497L,
-        0x90f4da36187ed83dL,0x035fd29aed3131adL,0x0000000000000157L } },
-    /* 44 << 105 */
-    { { 0xb259c83324eedf44L,0x2037b6fb73545c4dL,0xe126c4834c157523L,
-        0xf80292adb36b003fL,0x4ae3fcd9772a9a08L,0x424a61f919be1da2L,
-        0x2e2b901d8026443fL,0x879864f1dd59dc90L,0x00000000000000d9L },
-      { 0x4b838953b15eac94L,0x0c5fb88ce1a57ca6L,0x9a09e28ada88728dL,
-        0xa80a4a9b6853a1deL,0x46a596bff0e07484L,0x6511ec6e7b61760bL,
-        0xd2f6b328571859f8L,0x5e872f813cbfbf41L,0x000000000000018cL } },
-    /* 45 << 105 */
-    { { 0x3011bebc26674da8L,0x667107b215be6300L,0x0c1b7f26f8a583b2L,
-        0xa10eba84d1d1ee29L,0xd03a1e2d00f8d4c1L,0x20d5861341f576b4L,
-        0xae64da886806cd41L,0x75f1394a49176ef4L,0x000000000000012bL },
-      { 0x5e06e1f20154a8b3L,0x8c54c4c780905a09L,0xed75aad004b741beL,
-        0xc7be78f5779f5177L,0x1976c894ae9becfdL,0x20b11c80c14943e9L,
-        0x6155f1fdebe9faabL,0xbba7d4a7a2d16b16L,0x0000000000000015L } },
-    /* 46 << 105 */
-    { { 0xc96ff6be3e035793L,0x8883f0151793d415L,0xc4f3ef64d04363edL,
-        0x93a75f7f73f1283bL,0x9614a3999f7ba92cL,0x061bd7e241b95c66L,
-        0x887792ff1c2276a0L,0xa80706d28ef5b98aL,0x0000000000000063L },
-      { 0x2d7720a8b322dfefL,0x7623a0674dcabd9eL,0xc6936cd944e66fadL,
-        0x9841e95ee16d312aL,0xe3e195b9eb94fa29L,0xf3edafaa2c284fd7L,
-        0x7aeee8c08211a418L,0xebec3d3fb6305911L,0x00000000000000ffL } },
-    /* 47 << 105 */
-    { { 0xba2c92f5f2b0af81L,0x0d64e1ce1aae3f08L,0xa1f9d651cc19d12bL,
-        0xc6f6a4bb78a15858L,0x12f3f8828d55e390L,0xb2791f72dc4b6dcdL,
-        0xf51d8c9b758a15d5L,0x0f712d967cb6c682L,0x00000000000000aaL },
-      { 0x42b424f386a49713L,0x63664f53b65c98caL,0x09fa6b470cee5673L,
-        0x066107f5de3c1fedL,0x0797ca8db363b845L,0xe5df7026114d2e2dL,
-        0xf827b59cf67fd6bdL,0x657c8f1421876f0bL,0x0000000000000112L } },
-    /* 48 << 105 */
-    { { 0x68a3040e09eb3233L,0x0a44434506fa4864L,0x579edeff83af8af8L,
-        0xd619358709f49bafL,0x4597975c33f9ee19L,0x5318a888cb85cb9aL,
-        0x6366031f423ff919L,0x32fa03eef3ef6e44L,0x0000000000000072L },
-      { 0xadc2b71b8fe0bdc4L,0xa4b86022245354c6L,0xbd96981bed7a1ca8L,
-        0xaaf0bf088d27b9f8L,0xcb56e8f255ef3926L,0xee69ee6af868426eL,
-        0x04146106114f6b0cL,0x5bd940000b8d34dbL,0x0000000000000154L } },
-    /* 49 << 105 */
-    { { 0xbb9ce2cd216785d7L,0x6542eac454fec1d6L,0x26fad4f1cd6bc203L,
-        0xd35862595dbdc5edL,0x9549ea9fae3698bfL,0x8c354042fe0d57b9L,
-        0x9548e67f2676cd04L,0x059aec2b22edf4dfL,0x00000000000000cbL },
-      { 0x21fe898ad316063eL,0x78930f796d38b86bL,0x72064b45d1154023L,
-        0x3184619fc2fe7c4bL,0x9e47fa4ed2cc3286L,0x99484c69731d0886L,
-        0xa10f25480273326dL,0x84c2f78729efc551L,0x0000000000000133L } },
-    /* 50 << 105 */
-    { { 0xc677d129f82dd083L,0x8a9a603584a35d1fL,0xa0e725f2f7707c51L,
-        0x0e67f36673314f89L,0x5ae78b3962c79980L,0x57e1ea302a48db75L,
-        0x1c77997bc8cb73f3L,0x69c6ee32c1a61b9fL,0x000000000000019aL },
-      { 0x53abe39156756339L,0xeb1cdabe4edc4cd8L,0x15f70954026801e1L,
-        0x9295a5207fe8de52L,0xb6eda43869a0fb2eL,0xd9e6e518510522afL,
-        0x121fd3cf4e8e7655L,0x0b587ad6ddc0367aL,0x000000000000000cL } },
-    /* 51 << 105 */
-    { { 0x1c0ee685d50f1534L,0x9abb1c5827e3c974L,0xdc73da165ae04b81L,
-        0x0bc4a178fc2d401aL,0xd5c269e4ba33ef71L,0xf858a1fc996faa33L,
-        0x859915cd45b85f00L,0x7c507b4238b33ae3L,0x00000000000001f1L },
-      { 0xbde761b6490593a4L,0x388f79d436f6b62eL,0x6129b78b1b33fc5bL,
-        0x04a3b9f5b8eafc22L,0x4a718e577eab0b39L,0x14ea35580398ea2fL,
-        0xd737bd1bfca0213eL,0x34c27b9174332a05L,0x0000000000000185L } },
-    /* 52 << 105 */
-    { { 0x84ace35ba08df37aL,0x8f2e690a3ece9e6eL,0xe2649ed7bd6ed0cdL,
-        0xc2618e7d5b70fbb4L,0x3f072e8727f675dfL,0xfa17717f88590abbL,
-        0x6aa5119dc257a2b9L,0x016cbe362f48d5c6L,0x00000000000000ecL },
-      { 0xf7d3a01b29117b53L,0x3e544e8558d4d8f2L,0x63bf0dc8bba83f7cL,
-        0x341d35ac60f1bfacL,0x84e37ee48ea4bbc4L,0x981744d7192d6dc4L,
-        0x7b559536ca34c6e6L,0xf32ddf2b067ad38aL,0x00000000000001d6L } },
-    /* 53 << 105 */
-    { { 0xecf882c7ecfed198L,0xbe88ee265c47e839L,0x6c267c95a60cc381L,
-        0x285d1e767ffdbff6L,0xee34af6f6e349fd3L,0xa331769599f4ea4eL,
-        0x5f87359375d39105L,0x3559f31e8c9de520L,0x00000000000001fbL },
-      { 0x61d45de2d0a8892eL,0xbbe42953bd8a2c6cL,0x7792057fe3e3ec8dL,
-        0xd040df71566078d8L,0x8852496ad470a52eL,0x4b6b08597ebff173L,
-        0x1195102db36b2801L,0xeb28646305df9bc3L,0x00000000000001e5L } },
-    /* 54 << 105 */
-    { { 0x6e8ef1e946b46e28L,0x7cfd8d1f86249c66L,0xa8f6559d7a5aa3bbL,
-        0x2bee79a6f7abc1b4L,0xc8286725b48f60e7L,0x2b883127f717fbddL,
-        0x7ed12c1e2d4ef9e3L,0xfc910265e008750eL,0x0000000000000024L },
-      { 0x56569b61212f5d32L,0x97ddd0d69d4ab1c5L,0x639c33f149ee1f05L,
-        0x97d1ba29b2886916L,0xef869ff04b553ea9L,0xaf504911b88cbafeL,
-        0x524feccab9efa22fL,0xfa15902b321d6755L,0x000000000000014eL } },
-    /* 55 << 105 */
-    { { 0xdac797ffc2df83f0L,0xca75939070f59d50L,0xc53a3b9d8dae80d1L,
-        0x4ee2534321d73857L,0xd458295ea7ae4212L,0x5b29d98f30385f03L,
-        0xda3843b910deef6bL,0xd148ab67448387b3L,0x000000000000009fL },
-      { 0x68ca489bfa10caadL,0xbaf2095ba1ccac6aL,0xcf4d1eac05a5bc7eL,
-        0x67866117ff5f28e5L,0x62d6cf59182d4a00L,0x96353d36ae15e91cL,
-        0xf5b32693175f7fd0L,0xa160046d521eaa66L,0x00000000000000f4L } },
-    /* 56 << 105 */
-    { { 0xfe88213a38540b67L,0x16613cada30b9044L,0xb06dce427861d61fL,
-        0xfb5c9ffde2b9cbe1L,0xae4af79ba5ae6125L,0x56e69b5a3ff351aeL,
-        0x68de3b3f31df9832L,0x8d2c2960fa3fc1cbL,0x00000000000000ceL },
-      { 0x979c3dd49fd40f91L,0xca979b58b5640389L,0x855dd28e836ea10cL,
-        0xbf40ee0e17f1cc25L,0xe02bbb2f5fd556ccL,0x6aadb11005f32f3dL,
-        0x26bf5c119366213dL,0xc15f02c49a1ca27aL,0x00000000000001b0L } },
-    /* 57 << 105 */
-    { { 0xc2cf8600f06edb9bL,0x74745d77824ec696L,0x2a502a21bce3ad49L,
-        0x0e2fac9ccc8c2f94L,0xb6c43b6ab26006bbL,0xf76dbb35c74f3d21L,
-        0x3559f25ed6920ba5L,0x0203fe602af91aa6L,0x000000000000016eL },
-      { 0xa1ee163458415056L,0x49c48a0274df3e92L,0x8a871514959f3e11L,
-        0x2a50833460c01400L,0x06ab882ff3c1f3f9L,0x788fd2f2f3f8a3b2L,
-        0x8d9f63abe5d2052fL,0x6f9136c2baebe4e6L,0x0000000000000102L } },
-    /* 58 << 105 */
-    { { 0xad4aeaece0792955L,0xc662f8dc6c8cf64bL,0xf96c715cccf91d5eL,
-        0x798040378fbd7f45L,0xf0f3ddf401cb31dbL,0x0448603b334e8ec7L,
-        0x1c9e8c7be737fc3cL,0xa9fdbafdff78b864L,0x0000000000000112L },
-      { 0xd2c6c2de72547858L,0x82dd7a88ff8f4f45L,0x55db641e9eab2f08L,
-        0x7243199dd73bcc8eL,0x55e708b46a907e32L,0x361af050db188207L,
-        0x4e21c1e461f3c0edL,0x948142fe7cd3c766L,0x000000000000013cL } },
-    /* 59 << 105 */
-    { { 0xf937b0e53e950ff0L,0x6e24b4e5de551199L,0x9190ae60d524b733L,
-        0x23890323e070cdbfL,0x3b61f098514e259cL,0x63091050729f0e0aL,
-        0x74ce4e07d2ded515L,0xec98c9a7417d44baL,0x000000000000012fL },
-      { 0x3ada2c8f63dc0f50L,0xe80a5a8ce2593386L,0xa39d716914c9dcbbL,
-        0x084c3faf0c4fdcd8L,0x8833788bc79dcb54L,0x852a9f9b6aaccf73L,
-        0xbe2be436ab0ef855L,0x8e522348aebf47baL,0x0000000000000147L } },
-    /* 60 << 105 */
-    { { 0x413a5117a2262a1cL,0x29c97c05795db169L,0xa03d9861d7ca7976L,
-        0x8428c9aa730d1caeL,0xe2922ccf6fb7d613L,0xb8a33ca521533014L,
-        0xf8c059a418266bd3L,0xbc7db2234ebc4a35L,0x0000000000000007L },
-      { 0x6fce14a2f2d17d69L,0x91920c6844b28892L,0x9066e8d13c3cdef6L,
-        0xf90115f8d5c6e3fcL,0x39f91f2fe9ce6701L,0x5ad4bcb4a1f30378L,
-        0xc6b0e8f1aa92e892L,0xf2ab25c70c0ef133L,0x0000000000000036L } },
-    /* 61 << 105 */
-    { { 0xd256b02a6cb68a4cL,0x2b16306d2ee6b938L,0x4886fd97cad8da2cL,
-        0x9a5accad3825c96aL,0x772d7b13cfe2cae3L,0xe16361a620e8843eL,
-        0x32473b0333448c28L,0xf1a37e18be23247cL,0x0000000000000040L },
-      { 0x63ebc83fb66042daL,0x583f691176c07055L,0x4f7630ae6a3fbd5fL,
-        0xb785702efb0af367L,0xb7c837a554d558ccL,0xdbf9820a000c0c3fL,
-        0x32b10b9d6233b57aL,0xc811d02fd02a7cc8L,0x0000000000000179L } },
-    /* 62 << 105 */
-    { { 0xf67675f773b899a6L,0xae60c0d9aaf10a99L,0x1090ce72648df5b4L,
-        0xe325ffed3b186a86L,0x403f48e80c01ed9cL,0xf7453a5696c2e25cL,
-        0x5151f743bd8e41e6L,0x76cac7110aecca2bL,0x0000000000000147L },
-      { 0x5c51bf550e29a85eL,0x6c7fc654143718f3L,0x8bd8eebdb31a4a9cL,
-        0x852d2032b22e7b3eL,0xf6cd67263b6c1296L,0x8f10ff0f4ca1aa08L,
-        0x7ec8838028830ef4L,0x765904f339ee7926L,0x00000000000001c9L } },
-    /* 63 << 105 */
-    { { 0x2dde6e928637fd54L,0x0b87d325ba84f1feL,0xfc08553ab4af92e1L,
-        0x7dcf26d634d231aaL,0x94da1a1a6fab3060L,0x33fbca8958b11020L,
-        0xc68e11f0edc2b3bcL,0x21a56c3647f05ba9L,0x00000000000000deL },
-      { 0x9daf1e861bb9fa34L,0xcc4688c2d6e87d28L,0xd32c7df423e13585L,
-        0xb2b03cbacdd2746aL,0xc5c3af6b73eb2f89L,0x11fddbb38e2796fcL,
-        0x3212dc8e0fa04a64L,0xc6628b6fd92a5784L,0x00000000000001d7L } },
-    /* 64 << 105 */
-    { { 0x671757a6e2adfecbL,0x22eb6b422ba58ff0L,0x845ad5524e6e393aL,
-        0x3dc6f7cb60fb46a7L,0x9240526b0a84396fL,0x13c8f57c56152715L,
-        0xab02366c6c45e7a9L,0x6d4f07bead159399L,0x000000000000006eL },
-      { 0xf69fdd7f07f6e883L,0x946b2efb3f45aaa4L,0xc3390ff156806edaL,
-        0x22764fab21d28bc8L,0x363b41d10c20eb57L,0x7d693bb1f6e0fe71L,
-        0x5ba2e46a2816dfc1L,0x53c3d41ab0f7ee72L,0x000000000000012dL } },
-    /* 0 << 112 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 112 */
-    { { 0xc2d7eaa1c6884ce1L,0xd7b35c4f9faf6322L,0x8d1a1d85337ea884L,
-        0xbcc6a8090f946ebeL,0x45eab172754fb8d2L,0x1e0b251e91dbd926L,
-        0x4b61112afdce8503L,0x80737c4915fa4759L,0x000000000000000aL },
-      { 0x1973c88b40260e22L,0x83078cb7e48dca69L,0x4815d67fb199e3ebL,
-        0xf57bde1f7b4de5d3L,0x88a1ebb5e139dc10L,0x7c20e7c66689dd21L,
-        0x40cba34680884875L,0x5c82140239171e05L,0x0000000000000062L } },
-    /* 2 << 112 */
-    { { 0x922f12dd4e187fffL,0x5edc9b962faa9f8aL,0xb7c218f8c854c83dL,
-        0x3dfcbf3265052d62L,0xbd809261053d38c2L,0xf871b4be31d0c279L,
-        0x6db21156f30b4a34L,0xb50605148db71e6aL,0x00000000000000d9L },
-      { 0xa08ce4a86bedc91dL,0xdf89cac0a0bae827L,0xc035a514aa3f520fL,
-        0xd5e9631fda672398L,0x8a5c34867150a93dL,0xe176d6c30d1a66e5L,
-        0x1aebd73874a2379cL,0x42d11fe6279c3eb9L,0x0000000000000139L } },
-    /* 3 << 112 */
-    { { 0xf2937edecb4c6645L,0x1e8dda6d1b68f3aeL,0x25a8cbca5c45eae7L,
-        0x6f07c48eb1a328e4L,0x473a67acef4b3917L,0x5e4eeac1208c0836L,
-        0xca67351bec92f538L,0x34a8f9f8177cf537L,0x000000000000015aL },
-      { 0x7d7f6d7ab9a3216bL,0xa4ad0bab0ed36d7fL,0xd58507f3d4b646cdL,
-        0xbd275213a2950840L,0x00f031c076c25f08L,0x300e0a0c3f46258dL,
-        0x6ce16cd6a03dfbd7L,0x35e0211d40c879f4L,0x0000000000000001L } },
-    /* 4 << 112 */
-    { { 0xa033349762383e65L,0x4f94f82b681092c0L,0x583b450378a19ca7L,
-        0x81c69ed050e7ea14L,0xbde43e882042e0a5L,0x752a9d3e6a9f7938L,
-        0x865464d9af321417L,0x5bcc326fb5794804L,0x000000000000000aL },
-      { 0x7714afcab958f657L,0x3b927db46e725914L,0x9ef1925c7fd9a9d8L,
-        0xed13fdfdbe7e139eL,0x5b57aa066e80a43fL,0xc9c221be810f9412L,
-        0xe6536f3a04ec7d73L,0x77765db5db4d13e7L,0x000000000000019bL } },
-    /* 5 << 112 */
-    { { 0x21fe770f84924113L,0x2c5d06120ab300cbL,0xe1699e81ed6c7197L,
-        0xdec38f45f5948795L,0x79db54b83a48da6cL,0x95f9d633b3f3af61L,
-        0x3e4e733da772f809L,0x48dbe53a605e477fL,0x0000000000000142L },
-      { 0x5ab3454e86f2714fL,0x87d83de7939b3218L,0xb980fbc096d16ff0L,
-        0xba3cfaaddd96a283L,0xed41324416c3b69fL,0x57968830968c773eL,
-        0xf315b38ced4d4dfaL,0xa013acc5a24cfb0fL,0x00000000000000caL } },
-    /* 6 << 112 */
-    { { 0xd064803e24e3c650L,0xa90109303b9aec0eL,0x407b393219f6f56cL,
-        0x045d7e95d143be9bL,0x2933b6be47a9533bL,0x01b01ec62bc7f731L,
-        0x723abd9a043e4c5dL,0xcd8a1bfd25c4e8afL,0x0000000000000095L },
-      { 0xd719eded6d8a2f90L,0x08b7c6af8b5c2378L,0x027c6cb7c01df5dfL,
-        0x1c020ce0155cbce9L,0xc3aeed933deb94d9L,0x2cae43c7a6f7fee3L,
-        0x54637a4a7512ef37L,0x3b64366081582bd4L,0x00000000000001e8L } },
-    /* 7 << 112 */
-    { { 0xc6d7698f7e59dde8L,0xb1ab83ac08aab860L,0xe1972059c7fcac6bL,
-        0xde4446ae656119bdL,0x8dfbbedef9f8d976L,0xe3b8e6d2009be348L,
-        0xa8ead6ee974cb79fL,0x4a566503b7a415bfL,0x0000000000000002L },
-      { 0xd661701b24c0d839L,0x6a3200d111c338cbL,0x5016ba3237f3769bL,
-        0xf4396987a00f1d08L,0x16abf9062add49aeL,0x17dc53e804f3dbd4L,
-        0x9ee15f5354a44690L,0xaaa77f7ea27e4c96L,0x00000000000000bfL } },
-    /* 8 << 112 */
-    { { 0x86dd8f04def62f7aL,0x42cd01b9cc9e5065L,0xd50b855643275c45L,
-        0x404e04a59814155eL,0xf7e62f98266b665eL,0xd68e806e86eedc55L,
-        0xb23e4bf34332001bL,0xe0b405b2366d78c2L,0x0000000000000150L },
-      { 0x6e4c1160d49d6c3bL,0x10c209647ce72d17L,0x0c0ba5325475d05dL,
-        0x77d8dc831523a4f9L,0xb053a8be5693cdc6L,0x5e0897a3e947e953L,
-        0xde13f4517899d5d6L,0xbafca001ca78c763L,0x0000000000000013L } },
-    /* 9 << 112 */
-    { { 0x668d132f5602a1b0L,0xbc4a769fef7a02a1L,0xe67a3b7a4126a867L,
-        0x6bcb37d5a775d18fL,0x719b93ef11901e4bL,0x3aaa34d531f7386aL,
-        0x7f81f95156335bb0L,0x22ce53aa1d9a8fb5L,0x00000000000001bfL },
-      { 0xb901f8b5580d76d3L,0x9ae57d49a4d6e345L,0xf7af2dee4e5b689dL,
-        0x5d79160110e321e9L,0x43f66981301f6090L,0x8835a85f23c4f0ccL,
-        0xdab2de3b083b5b68L,0x7fc613f51e97c0faL,0x0000000000000051L } },
-    /* 10 << 112 */
-    { { 0x9655cac34d110319L,0xf55e56d996e35209L,0x6f375ec27c15d50eL,
-        0x2d38334326e468ffL,0x943096d75c103732L,0x4b30c0d40b0e523aL,
-        0x4169da7ced307fccL,0x5c1e47e9da5da806L,0x0000000000000158L },
-      { 0xaf9ea9b5700e6489L,0x05d34fdbb2f6bfc8L,0x3b2dc12594068bd4L,
-        0xb568253751b3f965L,0xc1a3271e109ff65aL,0x79ffae0e4b377ba6L,
-        0x5e0149cedbfb4a77L,0xdfdb05a969f94a1eL,0x0000000000000143L } },
-    /* 11 << 112 */
-    { { 0x98cffe72a8e16494L,0x990dcdef990f6ae5L,0x2ffe758f7718e6acL,
-        0x08fffe7f94b86a5aL,0x29ec8e3824f249ecL,0x1115cf1e702e2efcL,
-        0x42d3b998ac7863bcL,0x9de49c4ba8469112L,0x00000000000001b3L },
-      { 0x23c141d47f0f461aL,0xd622ebb51a75ea51L,0x671dac9b98084ef2L,
-        0x930fc09d8fbe7d8aL,0xb8ef755e8fa1e70eL,0xfe65e8a389920cf0L,
-        0xe79b849e876f0425L,0x1c6ba4df46c016e1L,0x0000000000000130L } },
-    /* 12 << 112 */
-    { { 0xe8f06c2f869db704L,0x1225fe8e1be3a442L,0xe40e87fdf139548aL,
-        0xafff68201a7dfd4dL,0x883cbb604489813bL,0x21f07a4520c07c1fL,
-        0x037847dd761bfeb8L,0x2879d201fe9d73f3L,0x0000000000000098L },
-      { 0xcc3e104798fd5063L,0x9e3888796f0c1179L,0x6f8e0ca8f2e65336L,
-        0x51d688edaf342355L,0xfef444c177e831aeL,0x34b47f9f18abf899L,
-        0x4f7c42ecf9d15d64L,0xfe977f078747ba4bL,0x00000000000000b8L } },
-    /* 13 << 112 */
-    { { 0x1d7948e7e31a2875L,0x305e549d55f21221L,0xaf6d2fc5ebbf39ffL,
-        0xeabb12c80ffed2feL,0xaf421cd07b32d227L,0xf8226502a9bec07cL,
-        0x065359ac149ef0f7L,0x9e5e784e4f1cbce5L,0x0000000000000027L },
-      { 0xe64bdf95e8995641L,0x4f00ac4c4e803ed5L,0x04ac0dec6b51176bL,
-        0x6de249642c3fe476L,0xf765f2240dfd1e8dL,0xdae016d744709cc0L,
-        0xdcaa2f3b8ee0b68cL,0xae531c980b6bdaa5L,0x0000000000000192L } },
-    /* 14 << 112 */
-    { { 0x586d8be345624df6L,0xc58ca225de489ac4L,0x2131279186184b44L,
-        0x1bacffb7566e654fL,0x795c06ee841818e5L,0xea81a1f7a64fc54eL,
-        0x4202ba3b7bed4199L,0xe8e7eeb7fe735c4aL,0x0000000000000195L },
-      { 0x3c3260519c58b094L,0xd321218c31dda195L,0x2bf7a3196e707d92L,
-        0xcde93cdbd88f1ad2L,0x80b6b9f4ceafc8a2L,0x8ddef6d7edd98905L,
-        0x999d8539ce356fbaL,0x57048edffb834c3dL,0x00000000000001d2L } },
-    /* 15 << 112 */
-    { { 0xb4c8a95f54f6c3c2L,0x75cb6585b4bb79eeL,0x42acf9813af10b62L,
-        0x390e90f9b1fbe61eL,0x8b38992a73c905dbL,0xeb8eeaa4b2772547L,
-        0x50f226739fb26d56L,0xa7fd3621bc8ff539L,0x00000000000001fdL },
-      { 0x9f5f71c047cb14e9L,0x57efde78a4eea6f5L,0xffdcce979720279aL,
-        0xf2602f0c42407354L,0xc32e952e4f8047b7L,0x6bef44fb120ea438L,
-        0x64d8e221d5ec1b83L,0xd99027b78ef102a3L,0x000000000000003bL } },
-    /* 16 << 112 */
-    { { 0x8002b6d63dca9409L,0xd31714c1163b8124L,0xca655b42720a124aL,
-        0x88388dbe9596636bL,0xa321822dc0b7dc61L,0xcdd952c85824e60fL,
-        0x79ff44366cb4916aL,0xa115847e5f88dab8L,0x0000000000000009L },
-      { 0x1eaf3d400aed0c43L,0x7a7196f7ea2a20a4L,0x4312341497781948L,
-        0x856126d0e88d93fcL,0x96dac31fd5710224L,0xc23548f5243e6395L,
-        0xf351df8b9613a79eL,0x0dae5d50626fb1fdL,0x00000000000000e2L } },
-    /* 17 << 112 */
-    { { 0x9e8c65562d81c8fdL,0x361ab7401015a8f8L,0xd8bacdbc343077c0L,
-        0x37cd82a04634dcddL,0x0977ad1e940d6c70L,0x97fe72e327c38270L,
-        0x412f62f6a07167acL,0x08deab9b451a09bfL,0x0000000000000150L },
-      { 0xdd02b8d3abb38852L,0xef1b8f1d41ed4b96L,0xbfd538b1da6597c2L,
-        0xf98a304e10475511L,0x232d62f619d54040L,0xa2b919809183ec5cL,
-        0x5ce198ce8f3f79d5L,0xa5c7192628c2e16aL,0x0000000000000028L } },
-    /* 18 << 112 */
-    { { 0x8aaeb6bb3f28f069L,0xe57bd85a41cd19f6L,0x7a7033fbcdd073b6L,
-        0x5fa5d883af974d72L,0x034fe2f8317d5354L,0x022dad78dc1c3c86L,
-        0xb115c5fcdaddc33bL,0xd20ed9cacf71be7fL,0x0000000000000076L },
-      { 0x906767d94036188eL,0x3c3cac57a74401b6L,0xb26d32b46272050aL,
-        0x01cd2c3ee4d06b8aL,0x7caabb449244b30cL,0xa4c1874d25c6219fL,
-        0x53a70b98afbb215cL,0xe357a7f7f2280543L,0x000000000000012aL } },
-    /* 19 << 112 */
-    { { 0x21419b4f117d5755L,0x6af1ac64475ac8a6L,0xc1226e159cb49eebL,
-        0xd61aa69c2d3f8486L,0xaacb9140fb60ad9dL,0xe0fb2170b59dc623L,
-        0x5aac6818eceaecdfL,0x1e88ae0f5cdaceecL,0x00000000000000fcL },
-      { 0x823f91bd24c8c72eL,0x3f419586c2b074dbL,0xec995125d3c89804L,
-        0x8c98840af3104c36L,0x90445c3bd88cb43aL,0xe9d1da4f814367c8L,
-        0xf5edf338d4636152L,0x316aba3a39ac293dL,0x00000000000000bdL } },
-    /* 20 << 112 */
-    { { 0x1ef1df604dd7f14bL,0xc190c8b79206dde0L,0x8c0095679fc144a7L,
-        0x0ca2f30a0f11e938L,0x3f06119ad15a3b46L,0xce68675d1a911f3bL,
-        0x3e234a0e7dd215dbL,0x909d38cd6028bdf1L,0x00000000000000f4L },
-      { 0x49b323bb7b25c4f0L,0xe0a212449f498976L,0x8ffcd809bf2a0459L,
-        0x1a6890a9cea1e7daL,0x6e2e2b99ab0cff78L,0x650e3170c5d1287eL,
-        0xb5248d4d8ae5d083L,0x0951c926d7596441L,0x00000000000000c0L } },
-    /* 21 << 112 */
-    { { 0x9bf0fe1536b5757bL,0xf078da917322f698L,0xed973489b52119b0L,
-        0xa22cb0b80dff82b2L,0x8f83dba01da278f7L,0x15a6cc1299da0c4fL,
-        0x2f67fdfe5e334bd0L,0x25ab5ab602e8e1cdL,0x0000000000000125L },
-      { 0x269f859aa8d8e447L,0x575d716c1b24a12eL,0x729ae77eb95f04daL,
-        0x4372f9de30e0ed29L,0x673c0bfd398cfa49L,0xbe9ff4fca3ec6966L,
-        0x5ce7e5e3d01c14e2L,0xbec8d2f406373e24L,0x0000000000000040L } },
-    /* 22 << 112 */
-    { { 0xd93727e0486bb813L,0x04283a3e1fbd99dfL,0xdc4788c99b75b637L,
-        0xe6851f5a32167da9L,0x998f7431fbc4ea2cL,0x7a9c33d1a9183057L,
-        0x6b3473245d20e7e2L,0x18a168600b90c80cL,0x00000000000001ffL },
-      { 0x38a94d64bc888e85L,0xfe7b79ac9df19c05L,0x00bbefebf654ee0bL,
-        0xebfaab4e7bfe85a7L,0x48deed60b19482e5L,0x287c06898db1c527L,
-        0x5a6b27ad4c8eb494L,0xf68182ae0d447f2fL,0x0000000000000118L } },
-    /* 23 << 112 */
-    { { 0x4b816e241c2457e4L,0xbb437cd3f149da13L,0xe0be68f94998c797L,
-        0x883b58207dbbacacL,0xe1da5fd525b58074L,0x77d77fde69592848L,
-        0xd1f2bc60c4c21c04L,0xf2bd7b785acbe370L,0x0000000000000114L },
-      { 0xbea3154637b024f6L,0x7f15fc8a9fbcaae2L,0x1b56ad116021c3bdL,
-        0x9356fdf096b118b0L,0xb7865be1daa0804fL,0x3a2ca9e99574d0d5L,
-        0xaa5adb0f5f999f14L,0xc25f9c38ebde48f6L,0x0000000000000049L } },
-    /* 24 << 112 */
-    { { 0xb4c7662650ee9086L,0x2d9cf5f46a31d89fL,0xff6bfb32dff60978L,
-        0x5176dbe145a61de7L,0xd00d55447d0750dbL,0x0d83b80c85c9b411L,
-        0x2dd6470906fb9605L,0x69b0c1333d535903L,0x00000000000001d7L },
-      { 0x94871938210a0c39L,0xf8331fb90c93f6efL,0xf7ee035f253771b7L,
-        0xbfbf3ac00f1e874bL,0x6d02567e077969c4L,0x29a752a783d55d94L,
-        0x4f69563f088bff67L,0x7b1161060b77d6f1L,0x0000000000000034L } },
-    /* 25 << 112 */
-    { { 0xba6aeb1a33687c9eL,0x7d52e286f08ec854L,0x53187e3da1008096L,
-        0x6cc41c9a2b238ff7L,0x5c95188b399bf250L,0x4864754ddbe60f4bL,
-        0xd266be6d3c9440abL,0xe59c36d4977447cdL,0x0000000000000128L },
-      { 0x7c29f965bea1476aL,0xb8fec71e7624ae90L,0xfa1cc18fde04ae65L,
-        0x00fa80b93a6b1843L,0x8ebd2e7305e7520dL,0xfc12b6a59d714810L,
-        0xa219d25f3a532a09L,0x1121083c45999cf8L,0x000000000000013cL } },
-    /* 26 << 112 */
-    { { 0x137ada30d2de83eaL,0xda2153422a878fcfL,0xa6a5cee60e171f25L,
-        0x3f69086f2dd4c3c0L,0x86088100fb43ba86L,0xef809bbfbb0ccb0cL,
-        0xd79c4869c4d677f2L,0x2b2bdbb20404add2L,0x00000000000001aaL },
-      { 0xdafc91eb22edf44fL,0x79590681f4d70677L,0xac8808fd3d9bfe05L,
-        0x2b0c8d47afdedeb8L,0xc767c9b30f819111L,0x26d2b198b54b2fdaL,
-        0x17a4d748425ecf19L,0x3d553a2e27bbc127L,0x00000000000001d7L } },
-    /* 27 << 112 */
-    { { 0xaf086404ae4f64fcL,0x24ec81035e4dac4cL,0xa4251f19f4188728L,
-        0xb90da169ecde3424L,0xee6c23889d75d76cL,0x5cf9b73e303f7e0cL,
-        0x4f0d6e9e45d8766cL,0xcbbe41aa6734beb6L,0x000000000000006cL },
-      { 0x11f1929f6460b3c6L,0xbddb7165e81dc98bL,0x0dfd5fdd725622c8L,
-        0x7c4b0cdc2c8090abL,0xf2605abf9966a482L,0x5ef91579fab0a8e3L,
-        0x334d92ff7a5431ecL,0x5440c23516dc21d9L,0x0000000000000086L } },
-    /* 28 << 112 */
-    { { 0x9fa60a6af5784616L,0x54bc84246184acc2L,0x57d5d2c41435c018L,
-        0x5f94475b333621cdL,0x5b7740d06e210ce6L,0x624d301d0dd3dbd6L,
-        0xad599276a4216433L,0x7e1140bd4b3817e0L,0x0000000000000032L },
-      { 0xadfe76b487f3e336L,0x88a9a1231a1b9b6fL,0x1bac6e4f14c14b8aL,
-        0x8a531f4dbc215bebL,0x874545261c42d401L,0xc65a168cd62ecb42L,
-        0x38188b89f24bf291L,0x94f7d5dec788c069L,0x0000000000000194L } },
-    /* 29 << 112 */
-    { { 0x7d9d6f15fd868b43L,0x3308e6e8e1332d89L,0x53a64fc25c2ea868L,
-        0x819f727861bab859L,0xcd683cc16fc55f42L,0x46ec76818e4ac49eL,
-        0x16e180e3b85ccaf8L,0xcec7676e180c0dc5L,0x00000000000000f0L },
-      { 0xcaf24b54f10d6c7dL,0x3bb37a70423e6ab5L,0xa40e49d25eb685afL,
-        0x512b2a6ca52af2beL,0x495633b5253da10eL,0xa87169e1ac1316b4L,
-        0xd9ede4ff3ea71d6aL,0xa7bde55c751fee86L,0x00000000000000c6L } },
-    /* 30 << 112 */
-    { { 0xb4dbbfc31d447fa3L,0xc0180e814e1f0ae5L,0xc4aa44e04e921352L,
-        0xed72abd5dbbbcc8dL,0xbe0924e6f0fc4050L,0xc735729a7e5a1390L,
-        0x23b83364443bdb32L,0x72df0a07ec53bdc4L,0x0000000000000048L },
-      { 0x2c24dd590a570f18L,0xe436ab7291876f65L,0x5b92bcc4ffc6ae4fL,
-        0x3d6471f3c9ebc873L,0x43efbc5d44292f69L,0xd47637134a107c1aL,
-        0xa367b573248b7c52L,0xf099ea0671daf202L,0x000000000000013cL } },
-    /* 31 << 112 */
-    { { 0xbaf9d6a6b3e1adf8L,0x20ccb29705fd0ec2L,0x3241615122d8be8eL,
-        0x8c0084416a2db0f8L,0x1ef0ebd4551dd651L,0xe6cc97edaca8e550L,
-        0x9c6f70152c1571afL,0x6ffa2b32b9c3f7d4L,0x00000000000001f9L },
-      { 0xd200e04cc91c0f39L,0x0e096f28fd99b77cL,0x9594a20807de898dL,
-        0x55a442ae69bcb511L,0xce1d9649e015f1b4L,0xdd4a639869edda8eL,
-        0x3955b85fcca25768L,0xa003c09dc949f4a7L,0x000000000000000cL } },
-    /* 32 << 112 */
-    { { 0x0fd02a81c0326cdaL,0xb52279ac0e5cf6e9L,0xd0e8f1cf682ad865L,
-        0x01eb99642e847be3L,0x30468f94689baa91L,0xa466fa2bb4584d20L,
-        0x99847f1b327c510fL,0x206bd41d26e6f2c0L,0x000000000000010bL },
-      { 0x8a04fd93ba3011f2L,0x14c757b9af6c7e86L,0x4987100779ecbe33L,
-        0xedf33e226185a74fL,0x35ad7383d4a03368L,0xeb5a269ece6efd32L,
-        0xc83c5fb3208fbf53L,0x35030bb2702bb900L,0x00000000000001deL } },
-    /* 33 << 112 */
-    { { 0x286bf9c2facb4117L,0xddbf33d2133bb3bdL,0xe0c21ce9897c4fe6L,
-        0x3f3a249c219126ebL,0xe925c2cfe9c7e211L,0x7999d7c0f418a42dL,
-        0x24d5577c585a7c91L,0x580ba3affad6e5c8L,0x000000000000005dL },
-      { 0x596e7dc97200c090L,0x8460b9a4531d17ecL,0x19f9aed95e4e1067L,
-        0x522379e68a7a6444L,0xa6618a0e7cdc51a7L,0xb285055396e7f790L,
-        0x605b7e1ff732fdd1L,0x0fe9b751fa8b87e4L,0x0000000000000028L } },
-    /* 34 << 112 */
-    { { 0x0686b81946cb78fbL,0xac50e15b367be8acL,0x6b74a620211895c8L,
-        0xc35a52e83817a3f9L,0x9d3a57cd4fc49432L,0x771878ad4df33060L,
-        0xea4ae8015c216dbcL,0xecc02683da89b496L,0x0000000000000193L },
-      { 0xea1efb5a768b6f09L,0xd97562e7e3ab79adL,0x61ad861c094a606aL,
-        0x614dfe95b42bae9dL,0x0372b7a5558bf490L,0xfec9f31dd1f2089bL,
-        0xc31fd1236d5d51d4L,0x26dec1eb0f1ef668L,0x000000000000004bL } },
-    /* 35 << 112 */
-    { { 0x26ce089dbac679acL,0xa9d9673a64c08615L,0xfe92cec3f9d9d747L,
-        0x4616a4dcad6da7b2L,0xaaddf97cb6f6b8fbL,0xa1cabda1c32a0803L,
-        0xe8591a79c55e17e5L,0x3bb889adc7dc707aL,0x0000000000000191L },
-      { 0x22158400511bd374L,0xd10d5a727f1f4d0bL,0x5b40bd90e732bf5cL,
-        0x88d82eb665a81746L,0x4f64f578fbcebfe8L,0x867c0094eee40ddcL,
-        0x6934932a6c500cc0L,0xc117a16b667da9c5L,0x00000000000000a4L } },
-    /* 36 << 112 */
-    { { 0x5c7994b4abedee4eL,0x3e77983ba4fbf6d7L,0x9d7f330f30003463L,
-        0xb2ec7f739a611df2L,0x595627f9a405b4d8L,0x187ea7ae0ea408bfL,
-        0x2b087af141b1dec4L,0xd8d66597807e4012L,0x00000000000000f6L },
-      { 0xfb1b1154ea7b83ffL,0xcb3c2b19d3b88c90L,0x8c15c0b5ff85a044L,
-        0x65154a83e62fc44dL,0x1fbf5b7f26ed762bL,0x81d36b15c7b364c0L,
-        0xdb0091f1bf2553b1L,0xb6dddcaf2845f359L,0x000000000000016cL } },
-    /* 37 << 112 */
-    { { 0xaa5114266f231058L,0xc6482f93928adf7cL,0x523a25c347a07da7L,
-        0x4ab79da70c795a5bL,0x9a5026f119711fe7L,0xcf2212a729784bc7L,
-        0xe59e7fa59822fbdeL,0x5b4e997e94e459efL,0x00000000000000d8L },
-      { 0x085b185681605f9eL,0x8e3365c4f006bca8L,0x71d7b84b54838742L,
-        0x2b18649aea5a336eL,0x3268764778f7c79bL,0x2b02db33998d6a9aL,
-        0x830a0a96ce221a5dL,0x6c02d7d754314b97L,0x000000000000007aL } },
-    /* 38 << 112 */
-    { { 0x618ac20093031925L,0x160d9b20afb97ccfL,0xbd4b01c66aed35f4L,
-        0x202c1b39edeb2215L,0xd52fb1cb468764e6L,0xd6da21af72b76e0bL,
-        0x98740e64527eb510L,0x443caf748fdbc02cL,0x00000000000001b0L },
-      { 0xd1d700ea574366bcL,0xb40254dd9b0e1210L,0x3172876c607a8809L,
-        0x624a23de5ac14d73L,0xdb1e5debed4d8a80L,0x5d717d8f2976f6e8L,
-        0xf4e1d47f42f699c6L,0x433896d520c0ece7L,0x000000000000015bL } },
-    /* 39 << 112 */
-    { { 0xc648e6401f24b1f1L,0x783449d73e5f7c72L,0xa57ac4eff3742d85L,
-        0x61ffe0c9835552b1L,0x62834ef697fdac2dL,0x02703b63f115fbd7L,
-        0x44f47a41aa559e1dL,0x1e7e37c5d15332beL,0x0000000000000134L },
-      { 0x427f35ffd9dd4be1L,0xddcf13578da4e6a6L,0xe76af9ebdda54617L,
-        0xe3e193dbf90ee15eL,0x39a4c7219604bac2L,0x14789a4ac4760af0L,
-        0xb38e14c8cebf3c19L,0x40f7c343d9f78662L,0x00000000000001dbL } },
-    /* 40 << 112 */
-    { { 0x7d46f1e8b4cf8254L,0x3c44cc7f8651132cL,0x3875ea48ee02fdc3L,
-        0xd5d464377fd9ae7cL,0x25ebde075fbebf38L,0xecdce3a5ffa2efbbL,
-        0x6d34a645aacaf39fL,0xca5b72131c664594L,0x000000000000012bL },
-      { 0xe9ad950f97a7b67dL,0x37188f256fb141fdL,0xced17e9ca1d977f0L,
-        0x8137e722c6c3dbbaL,0xc50f36d663a37fe7L,0x68e1ce2f8fea88a9L,
-        0xbee6e56df5023489L,0xeaa15a26a2efd265L,0x000000000000013aL } },
-    /* 41 << 112 */
-    { { 0x504c9c3d75e5a8b4L,0xe977ce76a03d92b7L,0xc3f27a726d9519acL,
-        0x5832b7597ec79b04L,0xb95c1a2f6e80227fL,0x0c329956fb9974faL,
-        0x3359e49ef8bfa9b0L,0x2d20a5b0e2a1b8aaL,0x0000000000000034L },
-      { 0x4fcc30afd686911eL,0x308f27ac164c63ecL,0xf28538a1ee74882cL,
-        0x1b5788b17d109e31L,0x1f74b17e6527057bL,0xa00fba0ef43780f0L,
-        0x43f846884577d23eL,0xb6a7ae44decaaa4eL,0x00000000000000eeL } },
-    /* 42 << 112 */
-    { { 0x032f87b82c06f35aL,0x64d3ff064e7bb1e5L,0x08996732093862e9L,
-        0x3170addcccf193beL,0x641c81835da05299L,0xe296c9ff4ef3361dL,
-        0x3995b3a1e8783402L,0x0800b438e47c8177L,0x000000000000012cL },
-      { 0x6dd8391f62e4d595L,0xdb4d7411ab9a174dL,0x927d7c28f1eb7186L,
-        0x26657338bd593ae9L,0x3bc2051cf5628e63L,0xa97e4b8b685408d4L,
-        0x28251aebd2f3e22eL,0x4a08d5bc83d10ac4L,0x0000000000000043L } },
-    /* 43 << 112 */
-    { { 0x2a8ce2836288507bL,0xa635d48fdd390d24L,0xeee7975ed1b87f8fL,
-        0x162563d6d731058cL,0x3d84bd12fbab97f7L,0x5c918d9c5fb43dffL,
-        0x3c4bd11bc0a07876L,0x8d4ddedeb4d4f961L,0x00000000000001faL },
-      { 0x38e6acf7ee510691L,0xa15ceec44c94614bL,0x50a5b266995668e0L,
-        0x0d4a02f08e0821feL,0xb6f05bdce7b13d84L,0x8f749724f4633064L,
-        0xe9c87eb2218611c2L,0x266a06987e558ce8L,0x0000000000000193L } },
-    /* 44 << 112 */
-    { { 0x1a590ef8fd2add3aL,0x9a67ccb86eafaac3L,0x32b6e3eaa95c46a5L,
-        0xdedf7158cc6fd626L,0xb43928588add9774L,0xea5bd604df9136c1L,
-        0x8675163af55a7019L,0xb3f4557cc3a96febL,0x0000000000000111L },
-      { 0x2835680edb0e4f25L,0xe969cf144cab4022L,0xae88c607bfa42739L,
-        0x27cb7e15c80b87daL,0x4bb26559fc7432f5L,0xd083dbeefb7371b5L,
-        0xa47fb4e384e05decL,0x2872d4720a3ab26bL,0x00000000000001c3L } },
-    /* 45 << 112 */
-    { { 0xeefa89d6ccfb12f2L,0x2096c071dafb741aL,0xd3d1918e4619fd06L,
-        0xfddcceb9da05c012L,0x3385b550dc794688L,0x038c5c77c3911912L,
-        0x770139d611721c23L,0x2266e021c30f428eL,0x0000000000000015L },
-      { 0xfa215837ef6edd0dL,0x1c26f889bb764661L,0x7b94a37bba914166L,
-        0xf571f7e9042f65bbL,0x38de83e849b57e28L,0x30b1332bdf81998cL,
-        0xc8abf5abaabd0834L,0x4a0c78cfc8381e84L,0x00000000000000afL } },
-    /* 46 << 112 */
-    { { 0x3d5a2cc2b9b6cb9dL,0x451655a6344f2f58L,0xb1b47d157fa3f835L,
-        0x968a6841f42c60d9L,0xb84b7308f8f7c5adL,0x452a354d89555eb6L,
-        0xef55dd0ffdf2cb27L,0x74eb80451f99bc70L,0x000000000000010fL },
-      { 0xee70cf6eae8f7d18L,0x0c7c6a33cc7856a6L,0xa0b262b553cc50b3L,
-        0x885cbc7856cd61c9L,0xe804e59f27357b72L,0xa25e4e2ff0de1262L,
-        0x6f15c8fbe66bc201L,0x553d0f8e2a012e0eL,0x00000000000000aaL } },
-    /* 47 << 112 */
-    { { 0x984e30a1d77350faL,0x2d8d4baba501ad13L,0xf6a76e16e10ee73aL,
-        0x512b31c76955b642L,0x25a977e01e88bd3bL,0xf5a5f60798821007L,
-        0xebb4e8ed81819b38L,0x359f9c62004e07f6L,0x00000000000000d2L },
-      { 0x1c0218a4499f21c5L,0xce12310336fc822dL,0xa9a55a60d384c462L,
-        0xf891a118812e45c9L,0xadc5eb313ecde0e1L,0x189f50c1e4e0da26L,
-        0x34b21a3323276e3cL,0x490c316c9467a0d8L,0x0000000000000192L } },
-    /* 48 << 112 */
-    { { 0xa59d74fd4ae20507L,0x46d0adbaa86a468cL,0xc004c36b0df04371L,
-        0xa0f3cad9c6138633L,0xfe2133c1eeb5863dL,0x0ef5dc4884041aa3L,
-        0xbc3f0e491707f418L,0x3677e9ebdd7cdf90L,0x0000000000000178L },
-      { 0x454656623a62115fL,0x4985e0a08192fa59L,0xabd64eec2ae07a9fL,
-        0xe0e94a6d9182d301L,0x5230272bb543c76bL,0xb7a9f6ce5b5b137bL,
-        0x45903dec3e7b2872L,0xade6111744296989L,0x000000000000001cL } },
-    /* 49 << 112 */
-    { { 0x1641b779225fe8bbL,0xb2c04a9e0995ebcaL,0x0270ad40d7b634d2L,
-        0x54301c3a0235166aL,0x17a2655a84428da6L,0xe4849f07bf319f15L,
-        0x54346197a3975f9bL,0x1400bb7353454131L,0x00000000000001adL },
-      { 0x1d8cc6c47b133fdaL,0xac430140c99c62beL,0xe438a1d959380ab9L,
-        0x984c0ed8d0ce3602L,0x56f90ee1bcab7a0bL,0x55067ca825fcdba1L,
-        0x7fde8ced07db34c1L,0x70a106fa9448fbdaL,0x0000000000000110L } },
-    /* 50 << 112 */
-    { { 0xf5c0e5baf99caf44L,0x4b0a642c89af2ab6L,0x082ea9e1c6f1f294L,
-        0xc1da27771a9eb5e8L,0xce038334379f1b75L,0x662775ce806524f1L,
-        0xd4200a961de789acL,0x94e49840f985d4c7L,0x0000000000000188L },
-      { 0x9765c5a05332e704L,0x35e54513f357c532L,0x871a4dcee65f1729L,
-        0x100d2bbf9b2d7c46L,0x58590df34c23bfcbL,0x8ffec9bf59d15a0dL,
-        0x33c0e85e6a2a3312L,0x6fb39c77d2846bcfL,0x000000000000002fL } },
-    /* 51 << 112 */
-    { { 0x2f6183097b4858b0L,0x4d4d2b80f34c0437L,0x4bef8204699cc258L,
-        0x13a4f63696736be6L,0x6ca2df088c828b7bL,0x0dbf95001564f616L,
-        0x03806a3426723221L,0xadd4715f3594f49bL,0x00000000000000feL },
-      { 0x2255c005d91a7a23L,0xd31821aabd8738f4L,0xf417c40758c41cdcL,
-        0x1bf2e581ce1b6aeeL,0x13ba4d9331a003ccL,0x02658dbdb9d35167L,
-        0xcce7251fcb565afcL,0xd17dc6a8d300b06dL,0x000000000000011aL } },
-    /* 52 << 112 */
-    { { 0x023b057fad5df81cL,0x0906bab2d1df9f2fL,0xd8d8a173709fadfbL,
-        0xa8ba2a86a6c45ef3L,0xeb1d4e331be5b53cL,0xdef9c19e56c39843L,
-        0xbd1763c0c1d3eacbL,0x0e7eca5142490ba4L,0x0000000000000088L },
-      { 0x8d446e88a5f070b8L,0xe8136967fe9e8b21L,0x0a26424b816d519bL,
-        0x0dee87a30bdd1c2bL,0x2c6c6287b75b6cf0L,0x50558e41c28a75f2L,
-        0x40727fe07d2b4ab6L,0x34832548349c668eL,0x00000000000001fbL } },
-    /* 53 << 112 */
-    { { 0x135a24aeba593c17L,0x024315aeeeadb96bL,0x549040a3872ee831L,
-        0x05781e1ca527850aL,0x97a7a4a46ff2f4fcL,0x667bef40328e2318L,
-        0x133a153c13ae6aacL,0x25e691f7dd80ce7dL,0x0000000000000041L },
-      { 0xbf2b901433cf2b24L,0x74df7e9c1ad04c41L,0x5cb289df132de33cL,
-        0xbcd1bec484f41349L,0xc0f49a0c36f55149L,0x578571e03398aefaL,
-        0x65823d11b11cd39cL,0x44f1a009ce63b025L,0x0000000000000042L } },
-    /* 54 << 112 */
-    { { 0x8a2b478e8343cec7L,0x2820d2fbda374a71L,0x9d473bb194af8efbL,
-        0xcc54c95f16b56d2dL,0xa0bf40a0430f13f0L,0x6a56a1dbecc6cb08L,
-        0x6180fbfdb7bc57d0L,0xd6b165b76bdab048L,0x0000000000000100L },
-      { 0xf5b147b7f8e4648fL,0x97d37c258437bf24L,0x9465879086556798L,
-        0xf1321e101f3fcab3L,0x37d4d1ea7351c0deL,0x59b6bf365fc92770L,
-        0xa950de8086276f0aL,0x367635f61786be75L,0x00000000000000b6L } },
-    /* 55 << 112 */
-    { { 0x31f3a5c38e113349L,0xa374734db1c20ec8L,0xa6f0e423d1eafe52L,
-        0x1f32e96c0b901678L,0x895ce01dbb18837aL,0xd91347a55d9930e0L,
-        0x7a43364e9a86a004L,0x590ec9096b157d23L,0x00000000000001cbL },
-      { 0x7e3b46799392608eL,0xe29453e8a9c8b459L,0xf460b030993c90ffL,
-        0x91ec7bbc33b15097L,0x743fbdfe1a68fecfL,0x224e914959860761L,
-        0xda87ca63eb1dabdfL,0x6f509876cf17d2b4L,0x0000000000000058L } },
-    /* 56 << 112 */
-    { { 0x951aef0c34412809L,0xb20f279499403457L,0x5a30efe2df842006L,
-        0xccd7c89150a68d91L,0xb750afe1f819f912L,0xc0017d9a4fa1c8d5L,
-        0x19a5f2cdbcde79b8L,0x7b6686e03b7f4682L,0x00000000000001a4L },
-      { 0x74060a6acdce424fL,0xd35ffef26ee7e0a4L,0x8e238effacd0a03dL,
-        0x95d28a08f5cb5bb7L,0x654858407771be75L,0x3b753ffc4873ff72L,
-        0x1bcb2bc8c60d11aaL,0x005e5c5d3dc06c4dL,0x000000000000008cL } },
-    /* 57 << 112 */
-    { { 0xcd13e3389eb436baL,0xb0ac873ea2da8315L,0x4666e06810f3dbf3L,
-        0x0e5832027644be64L,0xd682457a397db83fL,0xd55546a11b832130L,
-        0xd6dcb98d8ecffff5L,0x7e95eb40c3368e15L,0x0000000000000125L },
-      { 0x8239cf6862306bb7L,0x3ab70de64ec9caf2L,0x4387316c86af4457L,
-        0xc60d6e709327cf2fL,0x0f936e7caea1796eL,0x184ef761f8dcec2bL,
-        0x447d5a965eb06c81L,0xc969bcce3764ed27L,0x0000000000000145L } },
-    /* 58 << 112 */
-    { { 0x6a9ea90ba4680770L,0xf9e6ec6093314278L,0x69360f538727b4c9L,
-        0x5f20e2ccaf754475L,0xfe3f4c4aef4d31f2L,0xe25edaa3fd4dc244L,
-        0xb255796172dc983aL,0x7ab62907a1c19791L,0x000000000000002dL },
-      { 0x6af3e2c939a3be8dL,0x7c100f6bba83593fL,0x933408151f986d85L,
-        0x6a3e36274c8ce9beL,0x263f3820d0fe0d3fL,0x100201e1f9a54852L,
-        0x34ab0e71c2175ba5L,0x105312c8a23a1598L,0x0000000000000196L } },
-    /* 59 << 112 */
-    { { 0x1a844aabd7391a5aL,0xaaab287d8b4b3501L,0x1435f8a12bc5061fL,
-        0x4588693ec9044802L,0x9e86c1820a553513L,0x7bd0602fc8fd44d9L,
-        0x894b901621d26ce4L,0xc0f06181bf73bfb1L,0x000000000000000bL },
-      { 0xe6ec15971782220eL,0x4c2e6efc285fb2b4L,0xb688822d2edaadb2L,
-        0x129be3f8338c9913L,0x0836465246d13d20L,0xbc93fd48530f4ffbL,
-        0x8b6d9caf472dad14L,0x7a977a52a37172c2L,0x0000000000000037L } },
-    /* 60 << 112 */
-    { { 0x1b26fa58fe5246ecL,0x45b69d4ea6d48abbL,0x4bd1bf364b47c822L,
-        0xe543f2c9f015149cL,0x1f82bab432c44a8eL,0x6f27aee23824ae58L,
-        0xba8cabd695e3e7ecL,0x9bbb31bc66b8eb78L,0x00000000000001fbL },
-      { 0xc88a99b9e2708288L,0x7e228e8097db1cd7L,0x84c064e5c935e31eL,
-        0x0d69185a2f2f010dL,0xfa9c64e661a440ffL,0x9d655e24a4bf903aL,
-        0x776e8661bacc5b4eL,0x39a98e6e18231a7eL,0x00000000000000f3L } },
-    /* 61 << 112 */
-    { { 0x3d7416191aa43b05L,0xa196772534da61f6L,0xc6a9881c9fe86cb4L,
-        0x312a9d68c3b88c86L,0xbb34c3cefbce7f28L,0xab59cf050eefb825L,
-        0x174945c17c8ca5a1L,0xee1a3e9f78d5f3e7L,0x00000000000000b2L },
-      { 0x23545e86246672c5L,0xea0ffabbee486373L,0x5d0ad0371dc589cfL,
-        0x7c9e301d57718f3cL,0xc9772db800fbd5beL,0x9821a095463668b8L,
-        0xc76345bdc3c57757L,0x4bd844a73c2d1c8eL,0x0000000000000060L } },
-    /* 62 << 112 */
-    { { 0x8539e35c7e332459L,0x00fc0e9f98112339L,0x66bb5320ba989b61L,
-        0x4c6a3f25209282c3L,0x14ad058dc440c82dL,0x6d4b647649afd02cL,
-        0xe2a127a77b3f32dfL,0xf3a4d7633c921ff2L,0x0000000000000036L },
-      { 0x88de18f672d6240fL,0x980bc77f373f12c2L,0x6558ca734246eba3L,
-        0x903c033b4ec51cefL,0xd83342185dd505bbL,0x51a9e645e8bb1731L,
-        0xb32588b6e307ec2dL,0xc9a481b31c46ca72L,0x000000000000015cL } },
-    /* 63 << 112 */
-    { { 0x2b5bdf56beea4241L,0xc1e3e0225b740107L,0xfc8fbae009238bd4L,
-        0x991d834280953392L,0x3418731d37d2efb3L,0xea7940f99b0e2279L,
-        0xe45b37101a57c70bL,0x69c37528e4e38879L,0x000000000000009dL },
-      { 0x6f566050b423111aL,0x8719ea62fb467f2fL,0x805bec724b45fb47L,
-        0xfd2169aca28673f3L,0x90d8d9757d896d31L,0xf553651583762591L,
-        0xc7fc36f483122a6dL,0xc145ab75e6c19a5cL,0x00000000000000f8L } },
-    /* 64 << 112 */
-    { { 0x809dc9ec3ecc9997L,0x005bcab58cf9605cL,0xfc78790eaa1b4ed6L,
-        0x6d80a56d687f88a6L,0xb7640965ab9c0398L,0x61fbd11cfeda1c18L,
-        0xdf0fb213831177f2L,0x39e15bfe11a2d00aL,0x0000000000000049L },
-      { 0x05d1b9cec407557aL,0x0fa7f405ffe62203L,0x0267252d7efa3c26L,
-        0x445c8adda59468e2L,0x205a0236cd1dda49L,0x3a2196f39f2bcbc8L,
-        0x9c1158d8cd2760d0L,0x1ad9a2f4e806abf2L,0x0000000000000044L } },
-    /* 0 << 119 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 119 */
-    { { 0x97f22a4110c355dcL,0x550f2515bf8056baL,0x253c72a37ef07316L,
-        0x0f1f8cd585b059a3L,0x8d432e48a7e4d4a3L,0xcdf3981d7b2c78cfL,
-        0x15d98f56dfd71053L,0xc95ecb64949930d5L,0x0000000000000195L },
-      { 0xd5e23bcd4b7d613eL,0x8603f848f66ecebeL,0xe2cfaef127a24540L,
-        0xd35bba9b2e9e7eaeL,0xb7f17d307f8c1bd4L,0x901506c4e0ab51a6L,
-        0x3e0d62a390755f2bL,0x8db637dd3c553544L,0x00000000000000c1L } },
-    /* 2 << 119 */
-    { { 0x9ebd0a79e09d583bL,0x8890ceb33f312038L,0x254ff069fe1c7d97L,
-        0xcd82a50a3825dcb4L,0x065bf2f94c37cde0L,0x59b7c4e2a7b458e7L,
-        0xace6716e7d105c29L,0x84d999349f26170eL,0x0000000000000107L },
-      { 0xdca7480bfaada7a3L,0x203303d30d4fb693L,0x0ec1c4d2b9ef7822L,
-        0x2b97216d594552eaL,0xb93e533eb59c5490L,0x50d31ad60d6c3787L,
-        0x0f1014d65cb84476L,0x0523796c02b816adL,0x00000000000001faL } },
-    /* 3 << 119 */
-    { { 0xaf1e4ca2a7db5dafL,0x7cd7bc5fcf367163L,0x1bc98e50f65d85a6L,
-        0xb86fe8a7aeed093fL,0xfebaef0941e74246L,0x7c4ae3825d97753eL,
-        0x93352c2db192c8c4L,0x0edbd295f0753edfL,0x000000000000009cL },
-      { 0x12c415e884e12bc3L,0x6f90b11c8582ffc1L,0x67cb4af0d8c1070bL,
-        0x97c8ccb18a79326dL,0x69ed5c55e5125d94L,0x496103ae1b1baf56L,
-        0x32066cfdbf98cfc1L,0x77c898116d9f4999L,0x00000000000001d4L } },
-    /* 4 << 119 */
-    { { 0x186535555b9bbe35L,0xe67d27e0e3d2342cL,0x06c2f1f39775eeefL,
-        0x1d98dae9e778d2ddL,0xd04ae2693d8c8e86L,0xc49c1b77d8c7ff3cL,
-        0x33c474c9dff1687eL,0x4b0397567350001aL,0x00000000000001d5L },
-      { 0x3a01b07dfe70659cL,0xe8bb7a25ec01b5d1L,0x42f9b07d713a5bf0L,
-        0x9c1f15cf370d1490L,0xd2804385895c898bL,0x72905d530194561fL,
-        0xf467f9e0828ce8b5L,0x54d2132d53e3859fL,0x0000000000000183L } },
-    /* 5 << 119 */
-    { { 0xf143a867c3316e20L,0xf2bd4f50bc497e24L,0x2aaad2ef37ab1547L,
-        0x9ce62d3f3f7713f9L,0x3246f9c020486bf8L,0x3db017e20da96c8cL,
-        0x56b674701a782cc7L,0xc4c70e3b136bf566L,0x0000000000000058L },
-      { 0xd8c1bb99ac35dc35L,0x7487501327c7a0dfL,0x45a025f618aa1c21L,
-        0xdd7ce0f04280e892L,0x8fc15397ddb495aeL,0x51b198def1891c05L,
-        0x81cd5f32268f273eL,0xec2aa11586b31e95L,0x00000000000000fcL } },
-    /* 6 << 119 */
-    { { 0x7e4fc745603f4f62L,0x300e74342f0eb97dL,0x0e64a63411be4195L,
-        0x6c160b9d52b038e7L,0x4d130d75a62d7fb8L,0x83b6412b23b6bf71L,
-        0xe92b5b0719d0a2d2L,0xf547f666fe79aa1bL,0x00000000000001dbL },
-      { 0x609495e1a1364f6bL,0xc196a1c69de725e5L,0x24e0c338051a1989L,
-        0x5b24ecc17132b77cL,0xc38889537d5f2440L,0x847186d0ddffd474L,
-        0x0ea28f9c643c84f9L,0xac9296ca4cdfcc12L,0x0000000000000151L } },
-    /* 7 << 119 */
-    { { 0x8010e2ec682e5ed7L,0x231b6fc4ccd555e2L,0x08b20819b4cc2bb7L,
-        0xba49a7a8b38f4af8L,0x6ee2df34ff5875adL,0xe10d9cba25883081L,
-        0x7b41a2bf599dc323L,0x01679b17a6aaa35bL,0x0000000000000060L },
-      { 0x3396ca47c09ee443L,0x4eb85f5371662a3dL,0xd9dcc6710ef4b6bbL,
-        0xaead8bf43c3199edL,0xd5ee8048216c81a9L,0x5e60fffd6f00e815L,
-        0x115afc95967359a3L,0x316b88ba9c6fb569L,0x00000000000001cfL } },
-    /* 8 << 119 */
-    { { 0x62e30f146b33442dL,0xde4d2e1042123a0aL,0xa1e5e2dda59b4649L,
-        0x2b6aa7d5dfa5d292L,0x83f0033e00c25b90L,0x2e6143261d598a8fL,
-        0xa5aa5a26df8943faL,0x7459318ad4fb7104L,0x00000000000001a7L },
-      { 0x53ed625bd67084d6L,0x47a2d5950d232f5dL,0x593a7030f8863270L,
-        0x3e87b5ab993051e2L,0x02e51486ca5387c6L,0x7612f0c7a818de0fL,
-        0x32d26729b42f317fL,0x48a9b12fb9a3c2f4L,0x00000000000001ddL } },
-    /* 9 << 119 */
-    { { 0xb331e5f4f0c18c18L,0x34ebae25ed4f1f6eL,0x1d43ad4aa25f2fffL,
-        0xc75517b81c368e17L,0xeb289c54992ad974L,0x8ad87538f5e364bbL,
-        0x914d356e089ad0f3L,0x65a5ea69d54982caL,0x00000000000001c4L },
-      { 0x51212cfc269ce3e2L,0x43a6142228f9247dL,0xfaed8540c4abf936L,
-        0xeffda37241f6c6ccL,0x766e3a2bd9497366L,0xbfb0e6af67baae9eL,
-        0x4b943b2b4cf8e2eaL,0x14ff3bc90579b694L,0x00000000000001c0L } },
-    /* 10 << 119 */
-    { { 0x60b11099cc0ae72bL,0x51cf7973d3588531L,0x62aea2ee1f018f3eL,
-        0xceaec7a028e42557L,0x695f7cce52df0599L,0xf22825452a1b3f00L,
-        0x8c2df32e6394de22L,0x18ce083e2db1770fL,0x0000000000000088L },
-      { 0x7989f8bf4ba02f8fL,0x22fc813fb69bd72bL,0xf4eefa600a383c73L,
-        0xd7aa3e7e6dbf9f7dL,0x98113db2d2d50a4dL,0x47e078b14d81782dL,
-        0xef4cea6327df6aceL,0xf720012f577eefc9L,0x00000000000001c9L } },
-    /* 11 << 119 */
-    { { 0x8a7250ac0b860356L,0x68cc18db827712fdL,0xf51e42975c278210L,
-        0xd739081ce152d377L,0x3be304ef809d58a8L,0x2e2866fe1d8e32f8L,
-        0x079e155045a93bd3L,0x0b6e67a48277ca0bL,0x00000000000001d6L },
-      { 0x554f41797dac30e9L,0xd57280b1379d715aL,0xd12134dcd0185268L,
-        0x9fb040dd55b10542L,0x89f90cbe9419c076L,0x058fa0d6397cc301L,
-        0x7b1ebc8b10ab543eL,0xeeadfe47674313faL,0x00000000000000e1L } },
-    /* 12 << 119 */
-    { { 0x45ff6cffe1a83401L,0x7b9b4eed54a79e2aL,0x979b1475933bb48aL,
-        0x135e2594634d7ec6L,0xc08ba7b4d5dccbbeL,0x78fce165c3826372L,
-        0xb1f172e431102cdeL,0xb6fd8f343eba4396L,0x000000000000000bL },
-      { 0xf7d351a9b4f622a3L,0x80215fc752af1195L,0x967f5f190e0e3c73L,
-        0x4e05f75f9f80960bL,0x76c30e858eeb6e11L,0x9f270d1556a7acb6L,
-        0x9236e11764fff770L,0x80c87737e474ea10L,0x00000000000001cfL } },
-    /* 13 << 119 */
-    { { 0x991489171d928ce8L,0x727f54c83b241dc3L,0x837f9b5e5b7b0e99L,
-        0x60b9885a65c90179L,0x025c5092a0723b78L,0x6f465cadb35a299dL,
-        0xbf3e23b849ac4709L,0xd3d8a7547a8c1a2fL,0x00000000000000c0L },
-      { 0x855e31df15d9ac7dL,0x57c4d92146e48a7dL,0xed2f5b45d787acaaL,
-        0xb004403b65895d32L,0xb671cad3324326eeL,0x419aace1f7db0750L,
-        0x5079c99935051f2aL,0x4785a42e08e80cc5L,0x000000000000001bL } },
-    /* 14 << 119 */
-    { { 0xd3c4e96b03d54c5eL,0x962ef31f65450ba4L,0x4a75aeb64dd512c0L,
-        0x4c4d23aa233d2675L,0x42cfc07c0055293fL,0xbbff60c5242a0317L,
-        0x3f27d5c95c4f2c32L,0xca352c57746505b8L,0x0000000000000080L },
-      { 0x5751eeca92a1ef30L,0xb83a993e1f9eee84L,0x5eec2ed72e0ac56fL,
-        0x95ad825bcc0d1e16L,0xd3aa7ba68af2a112L,0x3035c3f8c7ef1fcaL,
-        0x5b5bf3e55216a429L,0xdf187ddd0fcb5720L,0x0000000000000025L } },
-    /* 15 << 119 */
-    { { 0x78efe954502ba658L,0x1acdb02ca79d89e5L,0x6c83c8808cccff30L,
-        0xf6b6cc94db66a880L,0x9f374ff9ce82c740L,0xf353329b9f06fbbeL,
-        0xfb73109a9e34d30bL,0x4ff19c4c2ae4fb4eL,0x00000000000000d5L },
-      { 0xf3329d5a4e4bec08L,0x14090d979e97c3adL,0xc413b1e477844381L,
-        0xa1649708be56dbe2L,0xba1a525241d4f044L,0x2c7da53909d84593L,
-        0x5c1494f9961312e6L,0xece942c3d4cd25b5L,0x00000000000000c3L } },
-    /* 16 << 119 */
-    { { 0xa549238eb310bea8L,0xb542445a99bb8ab7L,0xa930bd6a8c208b86L,
-        0x1b97c831168af442L,0x18d4fc46a291bffeL,0x1d202d44a6b461aeL,
-        0x433dd2d7c57c66fbL,0xf21b5d1d2a79f133L,0x000000000000001bL },
-      { 0x99343aa32ee37543L,0x904b8dcd7eff1bd4L,0x4e1b01fa9711ab88L,
-        0xf8111ac33af62c90L,0x59ccfea158910f9aL,0xf4d713a358e5f398L,
-        0x6cbbd15fb9c12355L,0x6181d1c0c3f59372L,0x0000000000000170L } },
-    /* 17 << 119 */
-    { { 0xfd1909b68d45b896L,0x40d662ac394c6c7cL,0xf5cea1dcf74c3e17L,
-        0x52641b5abf892800L,0xba56fa53cfae386cL,0x34d5d6e508a7d7cbL,
-        0x93a70eb6eb77e443L,0xe1f4539c3df2b1acL,0x00000000000001f7L },
-      { 0x654e70fda8174410L,0x5b339e60fbefce00L,0xcbd494e6957674d3L,
-        0x59a2fa2ba3719a56L,0x84b7ef4361be71b8L,0xd993ba7996bbd063L,
-        0x4e360f9d87a626feL,0x47fb3ca54c60de10L,0x00000000000001c1L } },
-    /* 18 << 119 */
-    { { 0x64f8ec4c94dbcef0L,0xc97a5fe1d006d598L,0x7cc416b15fee99baL,
-        0x5e76561a698113acL,0xc81c6079ffa11af2L,0xc04b5048cdaee971L,
-        0xa79ec707c46bb0b7L,0x20aedd0f45f1cfd3L,0x0000000000000189L },
-      { 0x678e01fdf1aa0926L,0xf6794950809be2ebL,0x9420aa4b9f89e63eL,
-        0x80440a43f8be307bL,0x5f745612dabbb2e6L,0xc68ea3c278a61df1L,
-        0x37c8c2f6d67e5c46L,0x32cac5262b38ed94L,0x0000000000000008L } },
-    /* 19 << 119 */
-    { { 0x8e864ff05d5cfcd6L,0x43e2041c6f9fc03cL,0x2db99b7e23583833L,
-        0x5dccb3a8339ff572L,0x06586d385e30a99aL,0x1c5dfb435976d778L,
-        0x23751881d86629e2L,0xa5d2aa9db94c022aL,0x0000000000000164L },
-      { 0xb460335a0d36e04dL,0xffae905ee8e64c22L,0xe3a3a0890ef4ac2fL,
-        0xf2395b267d86626eL,0x2601b8cb3adcc664L,0x5fbf5face8832bd5L,
-        0x6ae36465bff22aedL,0x8df993b2b0541b7dL,0x00000000000001f8L } },
-    /* 20 << 119 */
-    { { 0xc2ab59e873ada2ccL,0xbae59c15cbec8583L,0x91b446abcf3b6345L,
-        0xff7a1af20becb4e3L,0xa2ba8e42707dec53L,0x3ad25c5191ee1072L,
-        0x50624ace261414e7L,0x52c9513adfad31d0L,0x0000000000000085L },
-      { 0xe08f4efe933887cdL,0x88ef090ae39784afL,0xdf8d631e0d1e77c0L,
-        0xa5d3a5292f764f0bL,0xd782f2bf2a993c96L,0x66bd58533d305512L,
-        0xdaa06e5fcaafa3fcL,0xe5ee3ae28e21902bL,0x0000000000000189L } },
-    /* 21 << 119 */
-    { { 0x4a29ed0cfac4faffL,0x845117baae022e6bL,0xdabb52d4f8d70af3L,
-        0x24026deac5e6fbb3L,0x44b230ca918eea16L,0x0ed0c105bfaa5514L,
-        0x57c3322682aef559L,0x67bcef99cd389b75L,0x00000000000000b1L },
-      { 0x7e8088902867777eL,0x8de1b2c3af7d1830L,0x2755e5556dd95dfeL,
-        0x64641564b86f4994L,0xb629925edfc94844L,0x5297aa1c77dec939L,
-        0x1f706f40c445f067L,0x9384cd0b480c8c54L,0x00000000000000e7L } },
-    /* 22 << 119 */
-    { { 0xb191bfc95379208aL,0x2a1f2ba91ad2a396L,0x8a482274cff511f3L,
-        0x20fb75155b03819fL,0xedc652327fdde9d5L,0xa73b9708f88e8979L,
-        0xe0bfe37f5e93f0a2L,0xbe3b0ef20f1f13c2L,0x0000000000000008L },
-      { 0x52cd7f260e0288fdL,0x6dc435d7872f25e9L,0xfa45bea70164564dL,
-        0xdd4667eb9d109fcdL,0x1e23bd77b282d30cL,0xb3bb1a7478610e7cL,
-        0xf48ee3dfccedda5fL,0x2483a44a16942c44L,0x0000000000000048L } },
-    /* 23 << 119 */
-    { { 0x05a88878734d704cL,0x40c181a63077bf30L,0x8a9a744692a8af26L,
-        0xda1c1e825393db91L,0x5ed215541599d840L,0xfadc24032c645869L,
-        0xf2bf75501e1b5dd7L,0x2f512f9789250c44L,0x0000000000000003L },
-      { 0x0b1020bc1e05e15aL,0x8998b2fe07c12cd3L,0x1f9de8b8a849a0abL,
-        0xed5d9ad7b34dda41L,0x8f576dfd3941866bL,0x6b2ab23bdf701b54L,
-        0x1e8c11f936179a14L,0xb9f4893243e693ffL,0x00000000000000a4L } },
-    /* 24 << 119 */
-    { { 0xeb1706ffe55d9dc3L,0x128f942b47cf0bc8L,0x6a5d94a8cc1ceeedL,
-        0x8736f0290ca71858L,0xc100090dd1fd8b55L,0x5970b8829caa1f54L,
-        0xafe5e74c9266c865L,0xff310a7a2889325fL,0x0000000000000005L },
-      { 0x4b0a8d9bae5ed924L,0x81e086f41a8d0a30L,0x6c209d40190f4957L,
-        0xbf69cda925fd95f5L,0x5a7a31a215c6321dL,0xc4f9d4e866200541L,
-        0xa675123925161f67L,0x3134ad6fd5ff9687L,0x00000000000001e1L } },
-    /* 25 << 119 */
-    { { 0xb5f514a7e0bb67bfL,0x9e40b6e4e48a475aL,0xf889e93751dfc4c0L,
-        0xd6a56b5fa94b1777L,0xa53c024ce66b7400L,0x54aa63659c499f6eL,
-        0xa318725c40eea1d1L,0x959b22025fa02502L,0x0000000000000166L },
-      { 0xf4ac61080c71fefdL,0xc0ccefc5a79fdca9L,0x4c540ee1fc90c9f8L,
-        0xc426e0d1c1d56f4bL,0x5dc15d4c5b7bde88L,0xc5e8b846ddd7a8bfL,
-        0xd8f63c9b8700dbd8L,0x96966bee03f867b9L,0x00000000000001a3L } },
-    /* 26 << 119 */
-    { { 0x60ce32b9138490feL,0x3195cd4ad2685b04L,0x0e36b35e239110a6L,
-        0x63129c87d4740967L,0x994570fadc6d3f99L,0x8edae6940031cab0L,
-        0x504b1b8f7af36802L,0x5cfd2bdac466fec6L,0x00000000000000c8L },
-      { 0xd5dd304e703de0c0L,0xe7e0f651df8244d0L,0xc5bf943c240569ceL,
-        0xa100eda82824e162L,0xb7b7b3b63dda41f9L,0x48f90dd91e5455a9L,
-        0x8c821e2a7b1de463L,0xe653f0674ede44e9L,0x00000000000001ebL } },
-    /* 27 << 119 */
-    { { 0x459c2acbe7a0e738L,0x3e7b0714c6f21da2L,0x5475f4ffcb875deeL,
-        0xb951bacce164b589L,0x457e8912de96aba5L,0xb774ee72fe8219a9L,
-        0x8978e772f097ebadL,0x12860ee828f4d4e3L,0x0000000000000061L },
-      { 0x360293f7aaea6fdaL,0x31008270991d3924L,0xb8b3a28e0bd95d8eL,
-        0x2f38092f695f3004L,0x581cce8636edf878L,0x96dd5a9a14d73e23L,
-        0xe318676fff47dbc9L,0xb767451baba7fae8L,0x000000000000004cL } },
-    /* 28 << 119 */
-    { { 0xbc008f6f12853216L,0x4bf12ce42b48c455L,0x54ff9bd2fbafa90aL,
-        0x5fe9e7e641840f1fL,0x042dcb9c65e15455L,0xcfd8e3cb4c57c3f3L,
-        0x4c57920afcc0e297L,0xb4cdc9adedd993d0L,0x000000000000009cL },
-      { 0x6b6ee23c382e05c0L,0x17f4b2c3b8821acfL,0x48517aa5b5db9ea8L,
-        0xa86c1f52c23154e4L,0x5c13f1540f4d1d9dL,0x83e69e90e13257a3L,
-        0x4cfd01f2e6b1bd31L,0x04610d106f53c1d4L,0x00000000000000d2L } },
-    /* 29 << 119 */
-    { { 0x96f21b5c587ece4eL,0x2ec1c0d35e494d28L,0xb2f2b82c71276480L,
-        0x1556d678fc677d2cL,0xd2d1d79ca8cd767fL,0xa317f1c6a04e42aaL,
-        0xbb445d70ddedc4ffL,0xc2a0dddccfff4b00L,0x0000000000000048L },
-      { 0x743026ad46ec7a40L,0x909df3034e4b2c97L,0x1942a04f54f5aea2L,
-        0x2316f22aff478c5fL,0x1aa79b3decddd9c1L,0x2a9f761432e997bfL,
-        0x58b8aaba9b14edfdL,0xf2e3dd78e507dea0L,0x000000000000004dL } },
-    /* 30 << 119 */
-    { { 0xd498bb74e6cf516eL,0x5142e4d31d808796L,0xa5e120b141cf0189L,
-        0x50b0208b41823038L,0x290dda83eca548f7L,0x3617a82941bd5a4cL,
-        0x3ee40e94717cabccL,0x7801f6aa97f09b10L,0x0000000000000175L },
-      { 0x00bc1f19e1e5636cL,0x3ee1b2a1790abe39L,0x423dcd56b6935099L,
-        0x951fb17eb8189d05L,0x2086426183d235d9L,0x1d060a7799abd480L,
-        0x393b00f9871477e4L,0x3d751bf09a968951L,0x00000000000001e3L } },
-    /* 31 << 119 */
-    { { 0x6b238a6a447a1655L,0x87e723a1b29ad51dL,0x2e1618a3cb5d4927L,
-        0x61ce36defb5ea331L,0xe66a95a69dbf6e02L,0x7e2d71c88ff6b838L,
-        0x19ff9378b2144d22L,0x573686d3dbc2f8afL,0x00000000000000ceL },
-      { 0x027a78fb3b8116a5L,0x431129b0105e775dL,0x0b111a77a199ce40L,
-        0xe282a92c3d72ffeaL,0xe4e9e0d2f41b8ebdL,0xc6775590ed468e58L,
-        0x585f9c702df78db2L,0x6c1d2b10c6120772L,0x00000000000001bbL } },
-    /* 32 << 119 */
-    { { 0x0bc2fc66a6a08edbL,0x4f83dbe481d46942L,0xdd379bc14e44b819L,
-        0x6f409f1ab5785cc1L,0x3fac6dda40232da3L,0x83b4bfdc11b9bc84L,
-        0x4563149ac91e3874L,0x210062c6f562966fL,0x0000000000000126L },
-      { 0x6a00191e9548d9c4L,0x800f66bcd9716285L,0x3a8c05a315dd9859L,
-        0xaf6dcdf5ac571627L,0xeae07417006a2a90L,0x11b368fbfcb7c955L,
-        0x5e47618fc4abe2b7L,0x328f44c85ab9dd68L,0x000000000000015dL } },
-    /* 33 << 119 */
-    { { 0x2a1f44bf35f04663L,0x35863dbcf2cb12ccL,0x65966eb50645618dL,
-        0x121be877084d9977L,0xb293bc95a71b0855L,0x15cbf71b3e8b2bbaL,
-        0x18432ee58df913c0L,0x47fd2827e04dfad2L,0x00000000000000e0L },
-      { 0x9ff5d0451f756bc0L,0x149333a7cb99ff05L,0x514778ffc7520037L,
-        0xf9e3810a69a033b3L,0xc107c7f739edc855L,0x613b65b44f1cf022L,
-        0x8ad96f8dcc6df762L,0x5d46de0029fc7d62L,0x0000000000000000L } },
-    /* 34 << 119 */
-    { { 0x1d850ba68665bf9cL,0x0a5bfa5ecd57b87fL,0x06ecc39391eb1ac0L,
-        0xc92b6bfb47a8713aL,0x4dfcc9f1b5a6c2dbL,0xeec1b0b4361c81ceL,
-        0x44635bcce1d3f510L,0x73ed43e468bdd964L,0x000000000000009eL },
-      { 0x5ef7da45e203e241L,0x415015340b472483L,0xae2fd0edf8c38f62L,
-        0x497f78e07f8125eeL,0x3b25ec8d2f86cfe9L,0xdf5be34f63202086L,
-        0xfaac26690de5c0e6L,0x515f0bca5c14a0ecL,0x000000000000002cL } },
-    /* 35 << 119 */
-    { { 0x388204a5856f6cd7L,0x904812166cf197baL,0x464561f15fb4bf7dL,
-        0xd134b856f100c475L,0x6ff4dcded7592257L,0xd76fb6af4d3963e5L,
-        0x5158524f9e80e9eeL,0xe56520ec2e0e44c9L,0x0000000000000002L },
-      { 0x8178bb1d5481b113L,0xa4bcda1d0bcdb35dL,0xb5f582f01dfd501eL,
-        0x0a69c092b148ca76L,0x2d5d8f611ffdab41L,0x1559fa8d0416db07L,
-        0x3e0dfea55da20aaaL,0x65feeb54cdae4b30L,0x00000000000001b2L } },
-    /* 36 << 119 */
-    { { 0xb99c8cbbb9f77625L,0xbb9f09212461cc35L,0x8b93dbd9bdd1edb5L,
-        0x5a53e36e7de8aac6L,0x2aa01adc4d122c59L,0x9beb895d36e58874L,
-        0x49cebc216f3b18ebL,0xd6ceb0334676c58aL,0x0000000000000075L },
-      { 0xa914bb8e5fa2193eL,0xc4e659990f747a2cL,0xa6d517b9957743dcL,
-        0xcdd3ede4d4c39e00L,0xbcec7332aa4c0329L,0x3ab06883425fe620L,
-        0xd1cc5d15668dfa78L,0x4d96ddae52b7579aL,0x000000000000019bL } },
-    /* 37 << 119 */
-    { { 0x4be1055088151d4cL,0x9d380be1cd317b85L,0x135a9b2500b5933aL,
-        0xb2a5bbf5bebf245cL,0x18fafe7a7fd975c7L,0xd68068c9b48104efL,
-        0x1aa0df9c8079c090L,0x8efcc46fcdbc1da3L,0x00000000000001d2L },
-      { 0xf773a926f6609360L,0x43b75bbd140a56e9L,0xa4c713e6d3a0b820L,
-        0x0f821f3f5de9d334L,0x1c6c4f45b947eadcL,0xa974aad7fbb18aeaL,
-        0x414b97de33ca4d45L,0x809bfa14f7bbcc4eL,0x0000000000000076L } },
-    /* 38 << 119 */
-    { { 0xca350ea9e37b698dL,0x9eb0052ef86416b9L,0x784ed0be5ed684a6L,
-        0x2b41249bd685ba76L,0xcbb7f9bdf8885679L,0x18973477ded73fb4L,
-        0xb89489b5a787e3a6L,0x7bc63168aa40bdecL,0x0000000000000079L },
-      { 0xfec9cd3b6d62a5c6L,0x91f481cbbf766a62L,0xb55ba1f2286b4265L,
-        0xf3e28afc6b10ea1bL,0x1945a36d4e4ade55L,0x9823132fcb191569L,
-        0x0c4ce33732178d49L,0x5f0a08e255189f04L,0x00000000000000a3L } },
-    /* 39 << 119 */
-    { { 0xb7849d36fe2477a8L,0x311c25a323f26d2cL,0xd6601942c5f1b989L,
-        0xc45c73d160698449L,0x8f52a35889025c50L,0x289f61fd4503f0efL,
-        0xce5ee29ccfbdc0b5L,0x56a6fd6fd0947666L,0x00000000000001fcL },
-      { 0x53c2998e1173eb9aL,0xd7e525fbca74814cL,0xe6a9bd42e7ae0a8bL,
-        0x26587842f9aa587bL,0x464bbbf3f79d2faaL,0x89a0bd3355f3fb1aL,
-        0x8fe1ac20cbeaece8L,0x2387e29f36016942L,0x00000000000001bfL } },
-    /* 40 << 119 */
-    { { 0x6d20e58e82000ffbL,0x1ea966716e7d118eL,0xb0cb325041c88eb5L,
-        0x973b977faacd407cL,0xf20cd8f6f0ca7a17L,0x2f0ef22e9fef2038L,
-        0x23d15a01175a188cL,0xdbdddfa829188156L,0x00000000000000a3L },
-      { 0xfb1a78b3993a35e7L,0xf7badc2f131829bdL,0xf9e29ac9a58a4099L,
-        0x302502e0c7ced6a2L,0x0d09dac9f1cb6d2eL,0xb31805d7d96fafbeL,
-        0x8124802b7410b804L,0x8720b403d824baa3L,0x00000000000001ecL } },
-    /* 41 << 119 */
-    { { 0xa7290d9c48b1f38cL,0x5b8c285d132d4075L,0xb97ab2320f6612c9L,
-        0x278778d5f8cc7252L,0x1bb9cfb9f88bf532L,0xbf27cee0fe2d82b3L,
-        0x568fe3492c626677L,0xa29cfa7b663a62bdL,0x000000000000010eL },
-      { 0xd8eaa38b28160c39L,0x5aa3566b05af5ea1L,0xd5de166d4c045d02L,
-        0x3d0029b93de6e8d1L,0x6ef61a9745c158b3L,0x2a76310bfa47b87aL,
-        0x2d4cb8f174440b9fL,0x2f1d69bf22788f42L,0x0000000000000061L } },
-    /* 42 << 119 */
-    { { 0x2aa57c505668fefdL,0x1d383b64bbaeb298L,0xe4be715ad8a2f406L,
-        0xc0d9df9754005292L,0x423dc4c773eb56abL,0xa5651c8e01586953L,
-        0xa4afc432bf57c12fL,0x0fae1a0b3db56d05L,0x00000000000001d6L },
-      { 0xb6a8f2764827d50cL,0x6096d31c6921e003L,0x4100d72e88d61542L,
-        0x872c450a56e575e6L,0xf25cee3e5a82b93aL,0x797af76ca2a32ba6L,
-        0xa1e2af54ff02fe90L,0x6ba03aab44163fcaL,0x0000000000000052L } },
-    /* 43 << 119 */
-    { { 0x45e97d51cbeca15cL,0x92ecdf862b747064L,0x2dd8552961bc072aL,
-        0x1ff9552ac1c0783dL,0xe424c5fe4c9235f7L,0x702ed8f71a1bccbbL,
-        0x44ce8000061a4767L,0x09ad63882e4d5303L,0x000000000000018eL },
-      { 0x93a69860c1a12d88L,0x20fe34ce34096d41L,0x0395762d55ed8738L,
-        0xb52c3127b21aa0d2L,0xb3ee6efe8c5c0ab9L,0x7ef6aa092ab17c19L,
-        0xc7dfe85539c623b4L,0x4b4e21ec470a5812L,0x00000000000000c7L } },
-    /* 44 << 119 */
-    { { 0x41f1110cc6c5882fL,0x269cfa8003a383a6L,0x063066bc3fb339bdL,
-        0x893cda4818001024L,0xdc69f450a35accd7L,0x7bc9d8c37bfcdca8L,
-        0xb3034c8661dc6f02L,0x65e4d3ac27f28f29L,0x0000000000000026L },
-      { 0xd485c332700bcf1aL,0x97bd7f097c2ae8a6L,0xd07bbb26c2fe444bL,
-        0xc637e7632b702432L,0xb4e830218750ecc1L,0x1bd3bfac22178bdaL,
-        0x2deb354ce56f8538L,0x9ffac3411745164eL,0x00000000000001e6L } },
-    /* 45 << 119 */
-    { { 0x83369d68f61454ceL,0x3f00ac930ef465c0L,0xf372ca70c9ac3434L,
-        0x7a4df749a652a4c2L,0xb5cbf0aa6d77058aL,0x016c55b4f828b256L,
-        0x2d5b8556574471d6L,0x3802a2adf605e691L,0x00000000000001efL },
-      { 0xe250d04a621747a1L,0xe1815010f73b751dL,0x2911a81dab76c836L,
-        0x47e76c4cd4ec7b58L,0x13bcbfc531868dabL,0x71fd1826ad6217bdL,
-        0x58d008b0332e4a37L,0x6b046494cd88d120L,0x00000000000000bfL } },
-    /* 46 << 119 */
-    { { 0xb0dddff0f61ce5bfL,0x162bfccb7644e88bL,0x62f50e15ab7a4b15L,
-        0xa34c92f13b3289aaL,0xa78127d8ebab98c4L,0xe805aadc0908f884L,
-        0x237a8b9aab0ff641L,0xe0017b5f1b7ff0baL,0x00000000000001f3L },
-      { 0x871e2a2d3a0be93fL,0xab5b0dab375f5672L,0x4db1185439454995L,
-        0x5586e23420d5e373L,0x45ba928391960be2L,0xca170fa228c6ac75L,
-        0x73af1b708481edb7L,0xe7f738bd66cd194dL,0x00000000000001d0L } },
-    /* 47 << 119 */
-    { { 0x5e706dac23b4a6d5L,0x1ce385acc2e54919L,0x6aa1ae21e6a1b808L,
-        0x8b6fa602d276b630L,0xa045ee27b1666aecL,0x0d94dfa8f4de0f17L,
-        0xb8fdb55612f63f7aL,0x16083fc661173439L,0x000000000000001bL },
-      { 0x1b8ddf1802095fabL,0xf10e700fe66b44c1L,0x0b6d14a584bc01ddL,
-        0x34f7a7e595aace58L,0x068003fbb0cef64bL,0x071161805837ebefL,
-        0x09e3dbb9530aee02L,0xf16a7550c2d924daL,0x00000000000001dfL } },
-    /* 48 << 119 */
-    { { 0x7504bfd02e9b52d8L,0xc14c2e06f96980f1L,0x9f8a9d759fd5b1e3L,
-        0xf182865b45156aedL,0x50b0cc368ce9cc26L,0x795f14da99833447L,
-        0xbfb65a7c8bb4ee45L,0xf69152996ad0b825L,0x000000000000015cL },
-      { 0x7515a268f20f5a41L,0xa9f0c26ab40016f9L,0xa1e9255c68244585L,
-        0xa7f9b9b63593b04aL,0xb3b584b379b006cbL,0xf8f232002fa6001dL,
-        0xded262cf2d85354bL,0x32684f9602a212c4L,0x00000000000000ceL } },
-    /* 49 << 119 */
-    { { 0x28f6eb1f7209b0aaL,0xd3ad776d5ceeb136L,0xf5776c122c51355fL,
-        0x68ceac473c98f9caL,0xffe36607a189cdf6L,0xa6aa2cb0c41b5335L,
-        0xb6f97b13f4228d0fL,0xc08f5f9ad8499d39L,0x0000000000000170L },
-      { 0x64fb5744ba209520L,0x285a6f3a3e69bcfcL,0x94ed78757004b6d1L,
-        0x58cae99fdf95df4cL,0x33c25bed249942f1L,0x65d8b14cba4429fcL,
-        0x49855d740b951c72L,0x19c4896828bf84baL,0x000000000000017bL } },
-    /* 50 << 119 */
-    { { 0x4c9d8cacff2d8b65L,0xc45bd92d179f3040L,0xae72e5018e5cdc37L,
-        0xaa449c76f3403c8cL,0x7cc0b59ad969f8fcL,0x82d42d85953bc5f9L,
-        0x42d22f167329ed61L,0x1346f831d79da154L,0x000000000000013bL },
-      { 0x453eefc095d4c1b0L,0xf368d0a9c0151480L,0xe5e70e121c88eed0L,
-        0xd2d4e183ede8dcafL,0xb3c1aeaf2b7c0e96L,0x267cfdc3d7119ef6L,
-        0x726315544d66f240L,0x35a5053f8b3ba01bL,0x00000000000000ebL } },
-    /* 51 << 119 */
-    { { 0x18e992882d99b995L,0x91eaf7bd18da99ddL,0x6cd867b276baf30cL,
-        0x81ddb37e79f3951eL,0x1a31a11da660cd44L,0xfd1d7abdc64bb6caL,
-        0xd06da3853ad047a1L,0x0551dc5d18500d26L,0x00000000000000d4L },
-      { 0xd655dbc4a56c2d9aL,0xefd030860031587cL,0x72e9f59994e89201L,
-        0xe40fe6c62ab9e1cfL,0xe096cda83f4facbcL,0x8f1256653d8ae874L,
-        0x757c85715e1ae9d2L,0x194254584eb4b540L,0x00000000000000f7L } },
-    /* 52 << 119 */
-    { { 0x2b59d0e19914987eL,0x0dd9211ffdcd7c4eL,0x8e64f4307374cecbL,
-        0x2871801fdb74abe1L,0xec2a36fe7eccd46cL,0xa352a1fa019682e2L,
-        0x4d33e93e89fdb09dL,0x0766c47e0aa4a0efL,0x000000000000018fL },
-      { 0x0b8e93435eb6bdccL,0xcc0ff53bc54f61f0L,0x4c56f488f18e3583L,
-        0xe68caf9247091732L,0x3ae769850463bfb7L,0x5e1c264ec3731f02L,
-        0x02c43734b13b2407L,0x39c2841a6ae98aa9L,0x0000000000000053L } },
-    /* 53 << 119 */
-    { { 0x2426d599fceb982bL,0xafc5ece1fee285c2L,0x350815619b7e6025L,
-        0xc7320a8d2bf6fcb1L,0x45755ed78c9bf467L,0xbc3282102df44bf3L,
-        0xb259e7efd74d2ff6L,0x674facb030ed2509L,0x00000000000001d0L },
-      { 0x861acf33a2f0cc96L,0x62db05068367db2eL,0x639033ec2b1fb906L,
-        0x91f2cf72b5b5f399L,0x76236bf2b0eeeb34L,0xbcf075451b047c87L,
-        0x071f150ba29bc4c3L,0xef42687e05dde2d9L,0x00000000000001f5L } },
-    /* 54 << 119 */
-    { { 0x7a8eb2ab0ee6708dL,0xba7e08b7f90168e5L,0x763aac0d3f58f2dcL,
-        0xb0cdc84a7ba2a4dcL,0x02a8bd35f1e3b519L,0x5f39ac1b8e3b9f2dL,
-        0xa042d7e89d98f86aL,0x8096461ca9e64b14L,0x00000000000000afL },
-      { 0x3d09672d4e3e44e8L,0x2506dd9dda7c3de8L,0xf85d30baf4829b9eL,
-        0x082923844dfd7291L,0x915707e19e64b3dbL,0x19683c2c819a0b64L,
-        0x23cc1a36324f5d0fL,0x3d11e9fb33ce2655L,0x000000000000012eL } },
-    /* 55 << 119 */
-    { { 0xf68386fa888aa958L,0x613390b5d9d0f67aL,0xeaeacf1eed2656b5L,
-        0x74b550a872877de3L,0x57fa4d941ab845b2L,0x1225595224eb57b1L,
-        0xa4f4c0fe98a50b36L,0x52f5c07e1ae96581L,0x00000000000001f4L },
-      { 0x30898f2d1028fdddL,0xfb3f5650a0344437L,0xd5033e856a58e784L,
-        0x9e51e2e6ee46b6efL,0xd5e841f005a8c5f5L,0x15887595fa9bc00eL,
-        0x8adf4c9304c01ae9L,0x4a9cd9bb9d9db32aL,0x000000000000016bL } },
-    /* 56 << 119 */
-    { { 0xaa6cdc01e7416b5fL,0x92bfe795ec1feae2L,0xeeb400bddc173db5L,
-        0x8609dbe0bff7846dL,0xecf621229d201903L,0x4c15e42f5a3ec1d7L,
-        0xcd2b85015119af15L,0x981a0c08add9cb95L,0x000000000000004fL },
-      { 0xa6d2f3a0186db260L,0xb259fad5b0c24c87L,0xc68d1b53c7f64d0dL,
-        0x38c1c8c2543c50b7L,0xb3f7a5c61e042c56L,0x2083f846d4498e97L,
-        0x41c5fb320b7d08c5L,0xc5196c8d9c2caa96L,0x000000000000007aL } },
-    /* 57 << 119 */
-    { { 0xee862a82e2056fbaL,0x1f4e8288d286c0abL,0x55158dbfed0751cfL,
-        0x3e72a1b69c51cc83L,0x07e9544a464cbf5bL,0x06b7f08d84ca5228L,
-        0xfd4e306720cedbbaL,0x441f23d2fd663b38L,0x000000000000014bL },
-      { 0xb56e86d029cf364bL,0x2e4cbbe886ee100fL,0xa2ac7cde1af4c403L,
-        0x20b602aeead7dfd7L,0x32db7a58a912eeebL,0x7e46fc37cd65cfcaL,
-        0xa61ce9ec64e513e6L,0xc46e45ad5e355c59L,0x0000000000000082L } },
-    /* 58 << 119 */
-    { { 0xd9446d12d08d5183L,0x1930a976ff54d766L,0x4b5f889fe0f983c0L,
-        0x3f9cb2d9f4cf0b95L,0xf25e0f78a3e156f3L,0x85698419471f2ed8L,
-        0xcd2e901f340547cdL,0xb735b0afe5b67d75L,0x0000000000000090L },
-      { 0xbd5dc2a524d04605L,0x81b22ff6cdaeea52L,0x35e5177fc2dcbe54L,
-        0xa021681e5d5c2a50L,0xb6316fbb7772bd63L,0x7513efa7fac05cb2L,
-        0x2ebe68f969e4bb0eL,0x4ace321e7d9692bcL,0x00000000000000bdL } },
-    /* 59 << 119 */
-    { { 0xfd326e55d25b6175L,0xaebfd41920d968c4L,0x470743454b5e33d5L,
-        0x0c5e0f18553ad718L,0x435094bf6a41609dL,0xe4583ca75b278266L,
-        0x62009983871212d6L,0x1404bbcffc7a545fL,0x000000000000002fL },
-      { 0xe34736dd5f7295d9L,0xf5e4b0cb1eb15ba6L,0x1815b6fdfdabc947L,
-        0xbac35e1fea16f54bL,0xd9adc92196fefacdL,0x8bd671a7a338e668L,
-        0x024352aa43905638L,0x7f4f43cc43d3b2ecL,0x0000000000000084L } },
-    /* 60 << 119 */
-    { { 0x74409db3feed975fL,0xe70514b682733880L,0xfe1b718ab5a41e01L,
-        0xa2059a6544b53e78L,0x25c2079fb1fe6720L,0xea6df9fad9cd24f6L,
-        0xe5f1f5b4fca222f5L,0xe8f6dcb4dcef0479L,0x0000000000000039L },
-      { 0x2cfc5286b2a16b82L,0x25ecb74775d40713L,0x4b263a4755dda1f1L,
-        0x0676b9c117aa9c19L,0x6f2e9310476acc39L,0xb27ef44fd5c4e15bL,
-        0xb5d3e4f79d72b9d2L,0x8a3aeb37ca49521eL,0x0000000000000038L } },
-    /* 61 << 119 */
-    { { 0x1a80ebd82d914976L,0xd5d1c8cc996eff0aL,0x06ac9a8535cba3eeL,
-        0x381d54f62e809546L,0xacf4ce4c769411f3L,0xa64b28314a37638cL,
-        0x13d99aaab7cc63d7L,0x462b14c7a591857eL,0x0000000000000192L },
-      { 0xf3807c3ad22ea880L,0x76f9339636cd3b1bL,0x77d0bc89d2ab27d0L,
-        0xd7e7f64e87dcabebL,0xef3f8eaa3ec8afddL,0x698141961205cc30L,
-        0xf89c8a8ee16e9331L,0x95b0f6fd2d30c290L,0x00000000000000dbL } },
-    /* 62 << 119 */
-    { { 0x3471f7f706f7bfa9L,0x912385e739e980bbL,0x829fcd40e8774d7dL,
-        0x637e17490e295af0L,0xe2aacc7d9fab3a4eL,0x1e074bab0dc9e073L,
-        0x53fe3fd6bf348272L,0x0779d4332877f11bL,0x0000000000000076L },
-      { 0x44b3a7711763e639L,0x50a471be9d95f8b3L,0xb50122f106d99fbaL,
-        0x6fc8784613054c47L,0x33befbe2d0e71575L,0x1cac97e3789e115fL,
-        0x3f61f57e455d8c54L,0xec75111ee7dac210L,0x00000000000000c7L } },
-    /* 63 << 119 */
-    { { 0xae4363ed7c759c6eL,0xb663d67dfa6e2ba0L,0x745abea27791af0aL,
-        0x708b4c271cfea43fL,0x90ce598808d390fdL,0x3142798061acbc72L,
-        0x413c40bf20dfc34bL,0xc7577fba6be74f89L,0x0000000000000054L },
-      { 0x4f315b816225f675L,0x08b7537d99b0789eL,0x0723ee516f760ca5L,
-        0xe6fd90d08bcdfc98L,0x40eb0f9177226310L,0x6412fda8f8b2e5bcL,
-        0xf1421d2a7e40a5b9L,0x846449c3f273b934L,0x0000000000000165L } },
-    /* 64 << 119 */
-    { { 0x7ac007ad8451ad30L,0xadb09d590905b6a7L,0x96b382333ed8d9dbL,
-        0x7ba1ab90144aaaaaL,0x2d31fb344abae176L,0xc0471119d1d9cb6cL,
-        0xe56b681221c9fe02L,0xfd040d70efbd1643L,0x000000000000009eL },
-      { 0x91c517c02975af75L,0x7a77c8f2834de3adL,0x7dfd1527c6e95530L,
-        0x982a2eef0ea03560L,0xc340fe70c7e0205dL,0x302ca446735bc119L,
-        0xcc1072285c271f62L,0x9ba4e55bc486fbdaL,0x000000000000006fL } },
-    /* 0 << 126 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 126 */
-    { { 0x6a00d57da5e6776fL,0x8a138da8dbd9bd8fL,0xa059ed07d5fddaa1L,
-        0x4f6122d91a42e212L,0xe72e39c509d704dfL,0x025696a8f15340ddL,
-        0xe75fa17db760bafdL,0x1b7950b1017f537bL,0x0000000000000109L },
-      { 0x1e1af3bd3f72ec2fL,0x0b95f25a8df112a2L,0x6f3e98aec4b96ea1L,
-        0x5b890eecf3ddf2c6L,0xb4e902c3d1b40c40L,0x331cef2678e129b2L,
-        0xdf376cfca4f572deL,0x9299466aad414479L,0x0000000000000103L } },
-    /* 2 << 126 */
-    { { 0x36252c7bd5a6eac2L,0xe218a649cae5dc4cL,0x690f3b49b249829eL,
-        0x4858d6576e5a7464L,0x6e4b2ca633ae77e0L,0x28cfd8ba871586adL,
-        0xaadaabc9d63d4d38L,0x2ea000e98acdd480L,0x0000000000000043L },
-      { 0xbb0525eeaa905e22L,0xd6ad676ea045363fL,0xa0abe10eadbb3a6dL,
-        0xbf7d435a49793facL,0xd96b7452c4dd6260L,0x4e64c9930aa813f9L,
-        0xac364502001a15ecL,0xc33efef71af6493aL,0x00000000000000eeL } },
-    /* 3 << 126 */
-    { { 0x4ac52cc0248119eeL,0x69c12fe2732cf0c4L,0x4ed67c2a560e7ac4L,
-        0x82f29f7e79346ba1L,0x47607b94f488c23bL,0xb39bff863dbb4817L,
-        0x91de351665116670L,0xafd0ce8fa77373f0L,0x00000000000000d3L },
-      { 0x9d96404bc2a1911eL,0xa43a089a21382683L,0xf16276e883e13d93L,
-        0x581897d09fe988eeL,0x3ad0dd8b998d0f46L,0x078f1a9bb6143261L,
-        0x303d457410d18924L,0x0bc45e0c82a9a0a6L,0x0000000000000076L } },
-    /* 4 << 126 */
-    { { 0x9aecae2d6a3cf15fL,0xd9d0b49a9c959376L,0x4aad945457cc7e25L,
-        0x683618323876fe58L,0xccc6f2d82bd9dc24L,0x3970525c605bafbeL,
-        0xf17524eda2c5499dL,0xe30b69d5b0c7bf4fL,0x000000000000005fL },
-      { 0xa71532adb5d073b0L,0x37159fb3b4fb97b3L,0x15b655b27a1fff6dL,
-        0x55ac89ee9e08a89cL,0x13cfab6bbc027776L,0xa57a7f289dece9a9L,
-        0x65a3d815c03a1d45L,0xe5cd61ea95515dbaL,0x0000000000000100L } },
-    /* 5 << 126 */
-    { { 0xb5c48a06cfc6b235L,0xaa7c3f7009f1e479L,0xb6bb50cf899f94e4L,
-        0x3e0823b34b850b6cL,0x4777c2c2795acd34L,0xde6999f169c9c574L,
-        0x5d3e7f18cae69639L,0xa0a30c05ee76b726L,0x0000000000000095L },
-      { 0x0d1df4b3760bd806L,0xe76381175f56b063L,0x876307d8fe5fc610L,
-        0x0db04d83536a446cL,0xf020f6b4437b971cL,0xd5eae3a0ee10ad1cL,
-        0xd8041973920ed5ecL,0x42825e955216c588L,0x0000000000000147L } },
-    /* 6 << 126 */
-    { { 0xb0da1338de123c1fL,0x0e0c698e649a8652L,0x812b95f93c9b1fe1L,
-        0x15e7b770d3b3714aL,0xd75d98da400398eaL,0x86663448a6666434L,
-        0x8a820ce79a26a89aL,0xbcd785914d7f2fd1L,0x0000000000000058L },
-      { 0x470af7d334f3d449L,0xa54f2eca47a36f7fL,0x1a1afce9ab8573e2L,
-        0x180bb5940e1d26f9L,0x0adc2f21c2f87c19L,0x0292b1813d39dcddL,
-        0xd116d62af52b928aL,0x803ab7608dc43b17L,0x00000000000000f2L } },
-    /* 7 << 126 */
-    { { 0x9fabf32c1b953f8eL,0x6a1919f297c27760L,0xffc5895b235fa996L,
-        0xbc6a06c9a860faa0L,0x08a3f0b8f5cf032cL,0x1b50f6d7e54d862aL,
-        0xbef9525a2ee95ce6L,0xd29d4cbec0cf300eL,0x0000000000000078L },
-      { 0x3298f5bef6f748fbL,0xa1477e05624cb33fL,0x790a733bfba77178L,
-        0x5c71c7fb1a852470L,0x412df1e51e5e062fL,0x1deae6b98494f310L,
-        0xe28bc9e2a851449cL,0x0a8819713101ceafL,0x0000000000000076L } },
-    /* 8 << 126 */
-    { { 0x64107659d44e9b1cL,0xdfe2b3ed599694f3L,0x348b163455939fefL,
-        0xeb5fb1860b2f8b7aL,0x19d2becf5a1469b5L,0x24c67ff96bea8f5aL,
-        0x1a4037a85924fde9L,0xdd0e9acefe0231aeL,0x00000000000000f0L },
-      { 0x5b3f06a237cee8e6L,0x3ccc49c67e4a80a6L,0xe8729cc405b38a1cL,
-        0xa51323391f4373f1L,0x1dac8246b3a773f0L,0x9824b4980193d5b1L,
-        0xb63e677ac4db540aL,0x9c74537f5f10a7c1L,0x0000000000000094L } },
-    /* 9 << 126 */
-    { { 0x04c48d47fb40834aL,0x597722f2ce2a8ae7L,0x60d17d9eeae4d77dL,
-        0x621c37135b996e51L,0x57bdcd302bc1e0daL,0x8dcb34eedfdc6cc5L,
-        0x5252936144ce5a05L,0xbf52929bce1a2ef0L,0x00000000000000dbL },
-      { 0x1b8e10a725993998L,0xfb6d649983675966L,0x03318a2d858e41c6L,
-        0x6b6b365e33cd6c75L,0x3aa091143500ee2eL,0xf2ac959d6840c8b3L,
-        0xf677e86103445169L,0x2a0d3377b52f2064L,0x00000000000000ffL } },
-    /* 10 << 126 */
-    { { 0xbf7a23f2f851b8fcL,0xc1bd1b74db32c685L,0xd0ab7f93138501b8L,
-        0xe7c5770454cdc320L,0x6b64807ada0a6e60L,0x84f83a22d75c0a8bL,
-        0xa555aa9537b4524eL,0x56787a37b6459681L,0x00000000000001a2L },
-      { 0x4479f49de83cd71fL,0x4f53ebedc838cf55L,0xcba234498ff72ff6L,
-        0x203ff691435a3557L,0x51f0d2949bb325e0L,0xe3da5139806ceb26L,
-        0xcc4b204ebe6bbdd2L,0xf05ef8e12e3bef4aL,0x00000000000001ddL } },
-    /* 11 << 126 */
-    { { 0x8726192031da68e9L,0x8d660db73619c127L,0xf3d5a3e2f282597bL,
-        0x9f1535cd54448812L,0xaba3e02b18f499d5L,0x70d4159c457d8737L,
-        0x4a86b7edcd6f52acL,0xb48981d296176e37L,0x00000000000001dfL },
-      { 0xe05b90319a61218aL,0x1933ad6600381905L,0x32c647a4988b8b38L,
-        0x4dda10b72c5224bfL,0x2083d17f002c8769L,0x76184ea513c0705fL,
-        0xa4ab64210b653f0fL,0xaa24960e3a9ff008L,0x0000000000000010L } },
-    /* 12 << 126 */
-    { { 0x21cbb2c74ce9abd3L,0x7f157a4845073c39L,0xbc887f720de2380eL,
-        0x295bad1c6f96a397L,0x9bb39be48ff6daffL,0x65b52767d80498e3L,
-        0x1b07529402b936a0L,0x04c89f2fb90ec0fcL,0x00000000000000b4L },
-      { 0x47f62ce6f3bf4b3dL,0xf79921250e3e0bd4L,0xe1555bf8a14a6183L,
-        0x8169e02567f3936cL,0x62dae8ae846ce4b0L,0xcee40b04fe0b0558L,
-        0x520c3e208fe270e1L,0xa1f2420ec44de629L,0x0000000000000150L } },
-    /* 13 << 126 */
-    { { 0x87a4f58f95002c4fL,0xc0f5a15375cb2b64L,0x462b10584fa3bd39L,
-        0xa53461051d56f6ebL,0xb2b70b8860c20135L,0xdcbcdccb9df24a37L,
-        0x71d030c375cefc7bL,0x389a788c776a7674L,0x00000000000000faL },
-      { 0x26ad8f5398b8d9f1L,0x33640e375d442332L,0x4831351d6a8d3878L,
-        0x8f84df35bb4f8ecdL,0xf9ee728f0921bbf5L,0xa4768d023391c771L,
-        0x07b56316b867956aL,0x9e1ae1cb2338f7bfL,0x000000000000018aL } },
-    /* 14 << 126 */
-    { { 0x3b0ae395e4f69814L,0x5ff5c84e6a747e34L,0x35e69b0a29ef0396L,
-        0xd1b54c35835654b0L,0xe247e93979cfc63cL,0x7efb57321f7bdd7aL,
-        0x07af836785156ce9L,0x3437319c68ad0803L,0x000000000000014bL },
-      { 0x3162f3727ac81dc5L,0x9bb5caf4f08565feL,0x467224e5d19abfdbL,
-        0x92050b4fbbfb8528L,0x2a78b72b6812bf36L,0x33a409687b2efcf0L,
-        0x4ebd9e465991d0feL,0x68ffa516e8555f3cL,0x0000000000000100L } },
-    /* 15 << 126 */
-    { { 0x415876531dc87e3bL,0x40fd387a843c306eL,0x6000915d01f6cef6L,
-        0x86df2dc147a8966cL,0x63a5132075e86f42L,0x6ee59bb6b9751faaL,
-        0xbee42edc6eb0fe81L,0x7d4ceebf9df2a3daL,0x0000000000000188L },
-      { 0x59eec8519e8c84ebL,0xbe9bc225ac158f45L,0xb50d7f7ff403ec17L,
-        0xcae0e31f86689313L,0xa85359400a613f4fL,0xd2fc94710a594025L,
-        0x900273e8256edcefL,0x1b5776c2b67ee0d4L,0x00000000000000d5L } },
-    /* 16 << 126 */
-    { { 0xc773faacbc875baeL,0x5ad3cc9408dc8719L,0x23a9cf666fd3dbdeL,
-        0xf9c47b69a4c8d8feL,0xaefdcd39fc6d9e13L,0x3647f3a92ef2fff0L,
-        0x7fbf9d741f53ee3cL,0x9199963d85e5a502L,0x00000000000000efL },
-      { 0x191173743ad5b178L,0xa5892671f086fdf5L,0xa828f5beaeabb8b1L,
-        0xa9c1a33e62711d4bL,0xf8a2e9b101e1de48L,0xe5eb2de9568801daL,
-        0x3e0b7a845f2f8052L,0x074d3c36ddb76ffaL,0x0000000000000160L } },
-    /* 17 << 126 */
-    { { 0xe3bba4c44e1d104aL,0x23d230985486ea3dL,0x23f6a18676d19da0L,
-        0xc286b66dbbcda9b8L,0x9e42651ea2ccd664L,0x597a8783ea75aa04L,
-        0x688cb16b74bcab22L,0xd983661aec74a513L,0x000000000000017bL },
-      { 0x7065739f19c41974L,0xc026315ab663d886L,0x0417e4ca5bc05ce0L,
-        0x9e43b822c05ef3e7L,0xd2e8450ef16ab5d6L,0x278211c0ab315709L,
-        0x9bb0e36146c481b2L,0x222788b5f3acac77L,0x0000000000000164L } },
-    /* 18 << 126 */
-    { { 0x9a36088c8517b761L,0x1d49f690e77f2f41L,0xaef7ca451b4af218L,
-        0x9629c9c7b17e4fabL,0x052e9acce55663cbL,0xac455c5874b22e1aL,
-        0xcf000252de25ce2aL,0xddb6e6c4449e7684L,0x000000000000008eL },
-      { 0xaf28bf6377f6ffe8L,0x3b6eb30b6fd5f4b2L,0x77b4244aef362208L,
-        0x5db842e4ca41a1f6L,0xd7a8774263a815d1L,0xe9a9c316ac2312b0L,
-        0xcbd383be87fa009cL,0xbe2a91d2de5be94bL,0x0000000000000041L } },
-    /* 19 << 126 */
-    { { 0x1c18d8a676f3e8f0L,0x4521da83a2651f7bL,0xc8d2991e18f7ac31L,
-        0x96c25646c128653aL,0x852b44c9acc53a44L,0x9fad53c52030825fL,
-        0x207273a08d2d18e1L,0xd9dee4ec3094fcfaL,0x000000000000011eL },
-      { 0x3720de1cc5166970L,0xbcc50de4fe148454L,0x059615420b197ac1L,
-        0x940a3e6cabb72c37L,0x19cec56f63a3ba33L,0x94b04c0ec28fc6deL,
-        0x337e7309aade99efL,0xa9b60e49406b3fedL,0x0000000000000148L } },
-    /* 20 << 126 */
-    { { 0x3ca5ae614d0a48d1L,0x39648cec7f021444L,0x3c92b2521e90c6ddL,
-        0x776994bc94a49837L,0x53e54c207ddbf5b2L,0xfaf593c7d4576141L,
-        0x17e000c226cc7ab2L,0x9484de380bf5318aL,0x00000000000001c9L },
-      { 0x7aa1d4d397546078L,0x06b60ee9f1e5fd32L,0xce10bdf08447917dL,
-        0x40fd8d610e3de8abL,0xa3c917af34e29cc4L,0xa7bb1b542c27de76L,
-        0x6992979931e6c453L,0xc668fbe42f185b22L,0x0000000000000142L } },
-    /* 21 << 126 */
-    { { 0xe0dfb4e582a7839cL,0x724fc7b532068c9fL,0xf8510404a4a51707L,
-        0xf65fb0e634e33830L,0xa1ae29bf48e5b4d0L,0xc70a3beaa3d3410aL,
-        0x131c23e466a5d1beL,0x5eb1c285d107cd51L,0x000000000000019cL },
-      { 0x7b61971c7c414730L,0xc722293b3a7e4352L,0x0d3203c6f5ae7457L,
-        0xaa7fafaaf773fd74L,0xf88c67cc68830e7dL,0x5a71236c09730382L,
-        0xa1661f7d1701c04aL,0x4e8979467ed93ad0L,0x0000000000000099L } },
-    /* 22 << 126 */
-    { { 0x10ea083c5ec936b2L,0x6011069c58b11715L,0x3e58532003a1796fL,
-        0x538e1d0310eabb5aL,0x4b9640632ab5d141L,0x7d34fa8206aba7cbL,
-        0x81692c655f1e613cL,0x2f3ed8894411f352L,0x00000000000000a1L },
-      { 0x3cea6506f6fe4425L,0xb246f4318a8d8686L,0x69666392fdb1c07dL,
-        0xf8e2a71872b25c8eL,0xc2f6c4bc10e81a1dL,0x5c6746ed3d2788f2L,
-        0x92d9bfb31d236efdL,0xc65dc241f922e874L,0x00000000000001b3L } },
-    /* 23 << 126 */
-    { { 0xa01148ecf4a21f7eL,0xfd85ea9c5d0894d3L,0xc1349c182e3e497fL,
-        0x6ff182da3115b3ffL,0xc67455c26be8d31fL,0x559369800aa15b5aL,
-        0x35904c6ebdd17173L,0xae743b7d52b5b531L,0x00000000000000c3L },
-      { 0x4785276788ebfa67L,0x7a8daccd6235572bL,0xf8c7cfd6e9fb4fe0L,
-        0xece07c0c6f9f658aL,0x121e045b2550b943L,0xdcf493e709e11ba8L,
-        0xf120183ac50b4aa1L,0xb68ec6f24668c0f4L,0x00000000000000fcL } },
-    /* 24 << 126 */
-    { { 0x953b8ca7af0603f0L,0x4b5eced77e21e713L,0x427652e12864dca9L,
-        0x547f5fb516cbfbb1L,0x6ad85c7ef75f17f1L,0x469af7948222107eL,
-        0x20d4c8e79bef1085L,0x867d4d0b152552e6L,0x0000000000000142L },
-      { 0xbb5ffb0cf3f26574L,0x047c1bc015cd38c0L,0x76c5dbf176f8e575L,
-        0xf7eb7b0e20d33c17L,0x1e9cc21e6d879e9eL,0xeb2edc8340ca3223L,
-        0xb0aa90a8290d165fL,0x7c17d3b223c1ef71L,0x0000000000000055L } },
-    /* 25 << 126 */
-    { { 0x91d91ecf643d458cL,0x962345a55e8691a1L,0x883ac05d1af94a9dL,
-        0x747a7302f476f098L,0x44c326ffd0667890L,0x344aaeb5f76f1602L,
-        0x60e6437c716561c5L,0x412f5a0546540e4cL,0x0000000000000104L },
-      { 0xb0553215617eda16L,0x8d95ffd17e7cdce8L,0xe1162d136fa892cbL,
-        0xd69a1ce67041a11eL,0xb8559697a144ed95L,0x6ec56d46024f8ca9L,
-        0xefc9cdeb514bf316L,0x69d2c9b290a22342L,0x00000000000001abL } },
-    /* 26 << 126 */
-    { { 0xc9f4133c7443182bL,0x8a6b2562f5d6eab0L,0x8ab8fc0b96e13ea9L,
-        0x1070f3aa810771e3L,0xe8745a7c01bb3865L,0x97bf12d49586f6d4L,
-        0xa82edb725d473130L,0xa75508ecbe3c9bdbL,0x00000000000000e9L },
-      { 0xdb554bec480c4283L,0x647fca1d341e42eeL,0x7dabe114766ae5bbL,
-        0x7b5db510e7581fb7L,0x4f1647c0bb3a71a7L,0x5389934264d27664L,
-        0xebda4815606cf2edL,0x7a8fe4ecccc611a5L,0x00000000000001bdL } },
-    /* 27 << 126 */
-    { { 0x7e2894589cb55c95L,0xa834c287ecf5f9e0L,0x4a74f1cd2bc1efeeL,
-        0x6a1f60941ba0db9dL,0x3cd9e239da42e0c4L,0xeac13ef43e2dbd01L,
-        0x99353f4571c37766L,0x5c633343c0c9f425L,0x00000000000001c6L },
-      { 0xc7d01c367439c08aL,0xec5613e9d32aca4fL,0x884fb18182f492fdL,
-        0xa551f913b6c01487L,0x15b7ed76d5a46ea5L,0xe961a4ea688f0277L,
-        0xc7addc6a16149e7aL,0xb3ee69e80d41a979L,0x000000000000001fL } },
-    /* 28 << 126 */
-    { { 0x80fd3dd3c1e4a87cL,0xf2230946e63e847bL,0x9d51e3a3477178b7L,
-        0x06b089a460b2e4deL,0xf98e4cdc53ccd5f0L,0xfaba504ae9e18aecL,
-        0x22b799be34dba1caL,0x75409d50a4c9ca6eL,0x00000000000000f9L },
-      { 0xec619962617902e1L,0xed26be734c58c299L,0x083e94e46d1c30e8L,
-        0x2c8f71158be269bdL,0xf7c13ea9e0fed762L,0xb6c9bea0b517e55bL,
-        0x7d656933aeb4bec0L,0xf386fed9ca01bf37L,0x000000000000007dL } },
-    /* 29 << 126 */
-    { { 0x9263b871dc1dc230L,0x0208cb151bb6cdf9L,0xe767b789fbb07097L,
-        0x180f1502fe499e7bL,0xeb8fc35d782cd35eL,0x0e5aede16d18dc13L,
-        0x596979e9075b5f1cL,0x93548273ddab0649L,0x0000000000000108L },
-      { 0x6484acaddf9a9c9fL,0x698f20c8bfee6c7dL,0xb3f89ba614c8b2d5L,
-        0xa1b11b16c07bd4dfL,0x5a5eef740acd17d8L,0x5f2d1074f24e1b0bL,
-        0x161a5489766b5674L,0xb208a6abda3b10e2L,0x0000000000000145L } },
-    /* 30 << 126 */
-    { { 0xd57b41e5ce2874a6L,0xfbf0d623b5bd9b26L,0xab64b932fd3750a7L,
-        0x12be25d6586fba44L,0xf28a20cd1402ddf6L,0x058c0a6028b9102bL,
-        0x27678cf4d68b4aa4L,0x927445e5de23211dL,0x00000000000000f9L },
-      { 0x46a5c0939c6e96d4L,0xcda4538f010f2c55L,0x5053aef6b0b776d3L,
-        0xb0f5c0f895e614b4L,0x0d42f943f2856b07L,0xfe51414f426b1275L,
-        0x49b65061a5de95fcL,0xf4a6fb5cadbdf4beL,0x0000000000000040L } },
-    /* 31 << 126 */
-    { { 0xcbeee2169021308fL,0x2959093bd6ece14dL,0x68d757404093d151L,
-        0x77a6a05785259344L,0x63b1a5fb6d893564L,0xd7bcdd88e3e35d1eL,
-        0x76f862a445c13992L,0xe466691221730cecL,0x0000000000000056L },
-      { 0x23e1ecfbce1e1e57L,0x3dd3e08822c19c3aL,0xa7d0301032146b0bL,
-        0x35193697fe806487L,0xa9f13fa54854ad0eL,0xe4ba06e756149ff5L,
-        0xfa5cbd737e6032dbL,0x3f663df3adce1658L,0x0000000000000197L } },
-    /* 32 << 126 */
-    { { 0x1036eb9b66fd07caL,0x6ca52cc16b7fb490L,0x512e973ed3e0c270L,
-        0x889980bf73d92d11L,0x38b4cfe4a4005eeaL,0xb6f992cc8ceb4313L,
-        0xd0ac2f8d6daf7c23L,0x1ccfbf17e32a93cbL,0x00000000000000c2L },
-      { 0x7bd9d6f12f508ccaL,0xe82d7171595a72afL,0x25d0297697512873L,
-        0xefc1de8b8cf39fbcL,0x25e6b77f9a1237f4L,0x9f3b73e7d4d98b5dL,
-        0xe1fda62beccb07feL,0xdb813b03625350cfL,0x0000000000000014L } },
-    /* 33 << 126 */
-    { { 0x7907b2c97fcca66cL,0x6516825362d05422L,0x94e0752213f45a4fL,
-        0x1ac91e11c4c62129L,0xef3c27c76a4cc2acL,0x5677109687867eccL,
-        0x091994ca1289a9e2L,0xa3d70e2a75d15d56L,0x0000000000000004L },
-      { 0x5072005570aedaf7L,0xd252fab22cf95f71L,0xcb0c8766830ec191L,
-        0x3fe6bf257e18f064L,0x5c5ce223ae21206aL,0xba44c780c5b7f1b0L,
-        0x339a7894181afeebL,0x68d02a575ff231ffL,0x0000000000000134L } },
-    /* 34 << 126 */
-    { { 0xe8ab1445c5eaf5e9L,0x95d96c674d22ede6L,0x03c3ab6cb7a0fba7L,
-        0xeb3b5b6796487583L,0x171befc1c3e7d0adL,0x8b43bc1ffef58ae3L,
-        0x11800901171b454fL,0x6a42fc801f5358b5L,0x000000000000002fL },
-      { 0xbcd8373de74453acL,0xefaf2d8e8b03d1efL,0x7e17c8902b434397L,
-        0xff3a65b4b0f49b6fL,0x288d883d723ebfaaL,0xe152b3f524e32fdcL,
-        0x2f044966e2dff973L,0x16f0bf33f2c0ae62L,0x00000000000001b3L } },
-    /* 35 << 126 */
-    { { 0xdc6b5651efbc2867L,0x077952546b03925cL,0x2860cb96535d4160L,
-        0x273f6ef8fec0f37bL,0xb7b144148bb7ccdcL,0x012561602d4018d9L,
-        0x84671a39bfddf7afL,0xd52d837cbaae273dL,0x00000000000001aaL },
-      { 0x4b1d19cb649da549L,0x4c354d7d9cecc0b3L,0x64e4665700376779L,
-        0x247cc8922e59378cL,0xb4be23495c6e18b1L,0x5793c5c864dfd529L,
-        0xc486d6656c38c470L,0x0494793f93ade6aeL,0x000000000000015bL } },
-    /* 36 << 126 */
-    { { 0x2b675aad33c1333aL,0x5b635d5de3f70bc6L,0xdc1b161fcc3993dfL,
-        0x3a966f3c07e1c9cbL,0xbd684a329fcdec80L,0xd7b51c19f12c7088L,
-        0xadfdefb4f549b4dcL,0xe542877b58db90bfL,0x00000000000000c0L },
-      { 0xd7a8f7cbf2b37e98L,0x0898feacb303eaa2L,0xc40968038ab3ec65L,
-        0x178d3f6fd7d2f42fL,0xceb00cd5c31552ebL,0x85d9d2b5d878396dL,
-        0xc6b51a1f2173b3b9L,0x3de5f48ac997717fL,0x000000000000008dL } },
-    /* 37 << 126 */
-    { { 0xdce090edcd84da75L,0xb1165394678048f7L,0x58e1c4df92f6f8caL,
-        0x8347365693eda7aaL,0x88359b5039500625L,0x455fcb1a6424b594L,
-        0x11ffcbdad7a86a6bL,0xabcf989ad68b45afL,0x0000000000000121L },
-      { 0xbba5977cf6d851a8L,0xd4a4f5319a39399bL,0x933ce57bf1b1f725L,
-        0xd9e63d1970d12e1eL,0xe8a4a94f4c3e73b5L,0xb54fbc144103bbdbL,
-        0x8b96cc8c90f25055L,0xb660990e7ed06482L,0x0000000000000154L } },
-    /* 38 << 126 */
-    { { 0x89568720a7253d96L,0x1f68812e0b93c9e3L,0x14077833b832d791L,
-        0x9374abd0a1b1c6f2L,0xbc4a0f3f2945ec29L,0xcf31921a8bc301a2L,
-        0xd2aa436db992ae7aL,0x9a3d6309f1dcf7b2L,0x00000000000000b4L },
-      { 0xd6cddd57e108567dL,0x97dd4615bb904179L,0x9724b58f7f8e9eacL,
-        0x20258807decb2b7dL,0xe3ac333cdf5e10b6L,0xf0ee0a7bde6510deL,
-        0x502e4677f77ffa98L,0x05bc4724ed6c6731L,0x00000000000000a0L } },
-    /* 39 << 126 */
-    { { 0x14ea632747944f6cL,0x4b542fa18e12e641L,0x9e73d65b716c29b4L,
-        0xce4fcd50943d8274L,0xc2d8f4bcd50b1954L,0xf56c1429bcaa5d11L,
-        0x4d3009e5bbec9109L,0x74cca9dfa25b9016L,0x00000000000001eaL },
-      { 0x0d3ba441245ef27fL,0xcdfaf08b5f09ac0aL,0x20f8b98d19f3dcfeL,
-        0x0de8607dec975f66L,0x9137d362b488e1c8L,0x4bd2dd285453d7a0L,
-        0xd98457be533bf6e9L,0x492026fc9c747fd1L,0x000000000000019eL } },
-    /* 40 << 126 */
-    { { 0xfbefb8c9644f809dL,0x5013f5ad50b747faL,0xab3c8de1a054a0c4L,
-        0x687c5279c608ef1dL,0xfd4c40096bdf1f8aL,0x49caa9ab72a4a4a9L,
-        0xbbf3951812790b7cL,0xe0535999b6373459L,0x000000000000007aL },
-      { 0xa2dcab70fe2fb036L,0xc2aa9ad018b31f0aL,0xb5a76e592be108efL,
-        0x68ff6f12ba3ede8bL,0x6da7ac98e860842eL,0xdba409b2969f77f7L,
-        0x490dd67bf92b2ef0L,0xfa837cde26207a6eL,0x0000000000000143L } },
-    /* 41 << 126 */
-    { { 0x19f334f8515e0800L,0xe86806502435b94cL,0xbcb190dd8313a87dL,
-        0x834b84a8ec5a36baL,0x15203a655639ac59L,0xa8752a705230a929L,
-        0x37ae9b10e149343aL,0x3cdbed17ccf9e664L,0x00000000000001a6L },
-      { 0x7a8926e6dc707695L,0xbdc0bd41fa849e17L,0x46621657668bf25dL,
-        0xcdac0561b33a596cL,0x359a86131244fbc0L,0xb6d5d31e02b73688L,
-        0xebcef3d390394d81L,0xec76090ef03972baL,0x0000000000000140L } },
-    /* 42 << 126 */
-    { { 0x951148835e5ef22bL,0x9125af3b086c572cL,0xb24ef04ff594e704L,
-        0x414a4c09671591deL,0xc586772f55b0d554L,0x41daf9a1e3d723a3L,
-        0x7a8f5eb2def1abf4L,0x60825c418dc54c39L,0x0000000000000185L },
-      { 0x40b62591f51569e0L,0x0696b545d752fec4L,0x60b8363c88119cd2L,
-        0x234f3e85ae327b8eL,0xd31f4f0acda9ccafL,0x3d581d7377e5ebc5L,
-        0x4e9b38118e20d693L,0xc3db07bad0c29c3cL,0x00000000000001c4L } },
-    /* 43 << 126 */
-    { { 0xbe476abd5b92e5ddL,0x7338532b16d1237dL,0x022f670f6870cfdaL,
-        0xeb8dc7c79b90dabeL,0x393200eecda571a8L,0x0c6aca6791ac6936L,
-        0x14346e26488cb230L,0x273065e39536c901L,0x0000000000000030L },
-      { 0x13aa183bc593d9b8L,0x48ae6dc7343198d8L,0x7b62448571798e8dL,
-        0xea83244ea71750d3L,0xf55e8ab5f6a39a13L,0x1728d30129d92e75L,
-        0xd50d981f10614337L,0x6b0decaf77d6383fL,0x00000000000001f8L } },
-    /* 44 << 126 */
-    { { 0xea856cb6b878c367L,0xa9c546214a4fe60cL,0x1019fc69abf32138L,
-        0x6c4b6ccd06730992L,0x1a311a6d0e41375bL,0xf0248235114992a3L,
-        0xf41b1b39764b38c8L,0xce60da46dc105e9eL,0x0000000000000114L },
-      { 0x6aa1e85bb3994b60L,0x71512ea2c86972bbL,0x0741f2c4ee618490L,
-        0xca37bb0da39e9c5fL,0xde4d4610ac5d2a89L,0x4f6c0db09ab5d88cL,
-        0x81bc4e8876ac9892L,0x69c37cc885406e8bL,0x00000000000000d0L } },
-    /* 45 << 126 */
-    { { 0xdee629187f42e8afL,0x5cffbdddd3afaadeL,0x4a1b49fdcb2e4014L,
-        0x50618d1c0d3d2d10L,0x33f3664eaae624b4L,0x0cc69b93cc062199L,
-        0xb24a2b9bc82d9ff4L,0x3aa76f87ba908201L,0x00000000000001deL },
-      { 0x2be85cdcf5e32e54L,0xbf49717e92be486aL,0xc399c36657a1a1deL,
-        0x6fca0189fbd93af2L,0xae241e2234367725L,0x09d626afae886ef0L,
-        0x98529fc5b2523cdfL,0xb9cf93bb7627b317L,0x000000000000016dL } },
-    /* 46 << 126 */
-    { { 0xec182c95314f1ef3L,0x639755d63bb94f80L,0x68f1135f4226cd5eL,
-        0xea726aae144b80b7L,0xf28425f789e8c673L,0x6b1aa275b32750e6L,
-        0xad084021d82069ffL,0x8a46c57d9ec866b1L,0x000000000000001fL },
-      { 0x67b95be0941c5c8aL,0x276c490eded9fac8L,0x8420e9525734f9f6L,
-        0x02f4cdf9bda6a56aL,0x7a37266e3ae782dcL,0x3980321a3e284d56L,
-        0x36a300897c1d0382L,0xc0e8d093bc4d5b39L,0x000000000000015aL } },
-    /* 47 << 126 */
-    { { 0x067b652bab71a0a4L,0x556b7ba427ec168fL,0x5148f2daa39161e7L,
-        0x37949e842818aeaeL,0x06837989d63cdbc0L,0xecae47c32c2781d1L,
-        0x3a35acca4f826df1L,0xbe89aad66bd0dfeeL,0x0000000000000069L },
-      { 0xa31d586b613eaca4L,0x01ae304c231ef718L,0x85eddb49ac30afbeL,
-        0x535eb7b938cfa36bL,0xb71c1334f948b8d0L,0xf0bb2d35722426beL,
-        0x022926d36e23d8a6L,0x9229e9f90a053ffcL,0x000000000000014aL } },
-    /* 48 << 126 */
-    { { 0x2d8061ae51e200c8L,0x2ed4baeacba53504L,0x7a99581d1a816471L,
-        0x918011cd8e03b1bdL,0xebf02ce3403bb07bL,0xe34fa50b55b600a9L,
-        0xc9b864cdbfd6e3caL,0xd321624427effe1aL,0x00000000000001ddL },
-      { 0xcfade4e193849908L,0xc0f031bf48a0e903L,0x7d2b8b8ebce49719L,
-        0x42d55ff0b518922fL,0x1f87d2e3d6fedaacL,0xd2e6ac95fb5ffdecL,
-        0xfcf0b4b31a3a896aL,0x5a3b6cf15070e85bL,0x00000000000001d9L } },
-    /* 49 << 126 */
-    { { 0x6fec5fae1ac7901dL,0x4e7d2ad3ab3555bcL,0x6cef79e4c1f20c1eL,
-        0xad3307c2b04f2014L,0x51bf0ad4f00438c5L,0x77be5b640c555e7cL,
-        0x656812453f950e12L,0x233d773f91066329L,0x0000000000000136L },
-      { 0x1416db4b63b0a3cfL,0x0c8a94bac1652c6cL,0xc516152a81614204L,
-        0x48b25ff63cfe5f60L,0x1d525e0bfc3f6c21L,0x9e60149106bb637aL,
-        0xb042eaaac477a455L,0x538885a61fc4039bL,0x0000000000000026L } },
-    /* 50 << 126 */
-    { { 0xd8969d84fc075646L,0xfb95b2b9cf469b45L,0xd0558743461890b9L,
-        0xc4a7c4d62d5be147L,0x7bdddc2abf485a2dL,0xe51570f923629993L,
-        0xe4e0e7eca9fa2458L,0xe6106cdc8e0678aeL,0x0000000000000190L },
-      { 0x2c4c56ebce32e8eeL,0xd94ad3f5a5593d72L,0xe854d1ac0ff0a233L,
-        0xa406b8375145ee0bL,0x0e3584ca488da729L,0xb6ff4f5380b8f316L,
-        0xb363e9cc402b0513L,0xccc22a8755811946L,0x000000000000019aL } },
-    /* 51 << 126 */
-    { { 0x47d2138b3580621bL,0xbd4c9c9a1474dbb0L,0xf1481018ae0e3eb4L,
-        0x6a093b167078ee4eL,0x4224d1f910edc815L,0xbb73d935a375ffefL,
-        0x218c7befdaa15567L,0xda7f1dca1a74f587L,0x0000000000000027L },
-      { 0x811b1e8e92233eafL,0x5000dc5d3554ea4aL,0xecf34661944bd497L,
-        0x0450716d15e5b3a0L,0x95e2529d671d928fL,0xd19305ae3946dfe5L,
-        0x0f2065a76211cca3L,0x0e1476a6c806fd74L,0x0000000000000181L } },
-    /* 52 << 126 */
-    { { 0x84b08fd1b927faf4L,0x236eae2654fc3722L,0x1a7cb9bff4836cc0L,
-        0x251833480db8508dL,0x36a19e7c9d1b8764L,0x8eb89180de352f40L,
-        0xccf372836e1a3ea0L,0x3e550c0a0a72c4d4L,0x0000000000000136L },
-      { 0x8e83af37f7b2ea82L,0x03c78b22395bdbdcL,0xc229423fef042d8eL,
-        0xf9eb603d4ed515f9L,0x2f56337627176ddcL,0x8390b596112af839L,
-        0x617bed410774a6abL,0x52903a20d5f44b62L,0x0000000000000014L } },
-    /* 53 << 126 */
-    { { 0x4e4fe470af6efb14L,0x6e9bbcf0be657506L,0x68100c8e2c3159ddL,
-        0xc0b59ffa5bbdf11fL,0x08681fbde6d49ff6L,0x7169ccb7e31b4c65L,
-        0x8703c995c929042fL,0xa12f13323361e4ddL,0x0000000000000196L },
-      { 0x00ebad68a0783eadL,0x02d1925992856a97L,0xfdb7acac51bb0952L,
-        0x5d46997c526c7fadL,0x9835ebd5c7a75eb1L,0x2ac64c34c3655307L,
-        0x13101862da8f9faeL,0xb0f6ab8ed9f230d0L,0x0000000000000012L } },
-    /* 54 << 126 */
-    { { 0x6cc723d437603fc6L,0x18055821d352721aL,0x942c0d47fe656ee0L,
-        0xd20be2694b170f87L,0x02f7ba5088d08be0L,0x53e64fdf1346bef5L,
-        0x2d23c4d4ea146dcfL,0xe68a09a37987bc92L,0x00000000000001bdL },
-      { 0x7620c264359c5796L,0x5846dd812b06b415L,0xf5b1ce8c2b242c54L,
-        0x3a42814aa2888a57L,0x4b2d89cca26460b1L,0xe3423f2974533daeL,
-        0x3da2e8a63e9f0bf9L,0x53b6f11b1454ac77L,0x0000000000000021L } },
-    /* 55 << 126 */
-    { { 0x06ee24893ca6735bL,0x70fee9e83374e617L,0xe8b3fa54d4a16bedL,
-        0xf364a301f3c1e5d0L,0xf16d5ef13c3e0753L,0x248d4e50d21da609L,
-        0x242edf3ef60f6054L,0x3fdfc80c0c24e00aL,0x000000000000008bL },
-      { 0x0a18a90bc3170235L,0x5c1bf5dec086e9b1L,0xcaa2d5f62cd7657aL,
-        0x51a3c67591ee757eL,0x16c99b21a186249cL,0x2c5561941b8cadffL,
-        0x9c58712f16ef2913L,0x6ccee5a5004b31fcL,0x0000000000000078L } },
-    /* 56 << 126 */
-    { { 0xa5dba4e1352ecab9L,0x6b02e6822c778abaL,0x2540e2cbcd90027eL,
-        0xe9273e1028ef0df3L,0xf06ac93932993c75L,0xff0dd2dd17e95ccbL,
-        0x67647a2edba0d5a0L,0x88aac34883a00096L,0x000000000000017fL },
-      { 0x5b0503a0a1edd5c1L,0xa3b6b42ad77e1a61L,0xfbbc558fb0ac4790L,
-        0x6e091b612c98fea0L,0xe9dd74b179d85e44L,0x01c6eb8996cb7b14L,
-        0x3f220aba0a79bd88L,0xb30988e26365ab82L,0x000000000000002cL } },
-    /* 57 << 126 */
-    { { 0x54a308fd559f11f2L,0x31e2721b647cace7L,0xf118348be8222f9fL,
-        0x97c4a761d5c359beL,0xded55d0b43515850L,0xeaf9aac7c43c5a7dL,
-        0xdbb25a12d68e503cL,0x282258dc50e474a2L,0x00000000000000c8L },
-      { 0x7464fbebff35e9a7L,0x522a0c6c38c685f9L,0xa70a2bd404a05041L,
-        0x0637bf682fc8355dL,0x33130aa254cf363aL,0x3ad9a6df0d4657f1L,
-        0x9e49f74a60758bb0L,0x2024ecfce25eb216L,0x0000000000000085L } },
-    /* 58 << 126 */
-    { { 0x33f1a6e161e91c74L,0x4ff19110e6c0cb10L,0x5c42e957f600ab08L,
-        0xdde03dd42f9bb837L,0x3641e9391a234d0bL,0x53f8620f0b9b78b0L,
-        0x1fe0b61aa1409944L,0xe3dc9c0333cfbe8aL,0x0000000000000053L },
-      { 0xe668c6ee20c3c089L,0x427daa6df27385e3L,0xcac71fe61f72a4abL,
-        0x6e5eb2cfe1329f8eL,0xe46c870f4e37087eL,0x5831ca51ad032d30L,
-        0x5991353dee77c07dL,0x3362598e0bd85cd0L,0x0000000000000138L } },
-    /* 59 << 126 */
-    { { 0x9eb88eadeb34a93cL,0x6d29e37a4701b69dL,0x426b10f150770987L,
-        0x73548e71d1f0f072L,0x80f016da0def01d1L,0xb1ccf96a3ea4825dL,
-        0x39265cb1e0b3c83eL,0xc978e8b42b3039c2L,0x000000000000007eL },
-      { 0x730a6fbc3e04c5aaL,0x67b705f33d44b9f2L,0xefa40dc7e961f235L,
-        0x5d20afc2c64cbe5bL,0x7e3e1033b0a4ab7fL,0x26ca57a6425506cbL,
-        0x0205449170798bbfL,0x2397723fbe05c4e1L,0x0000000000000144L } },
-    /* 60 << 126 */
-    { { 0xaa272aaad19d50a1L,0x3571d10bb1d206b7L,0x13d9fd10c3b75ad4L,
-        0xd8dfb50b546daf84L,0xd2b77b3a3a1f736bL,0x33725766683f310cL,
-        0x5c27d38b9fc3b081L,0xd74611bad1642ff7L,0x0000000000000026L },
-      { 0xdb5eee71f30e1c09L,0x819fdb72ca6da656L,0x312f0d734cde6546L,
-        0xa45ffdbb7bf7c656L,0x3fe1359af71f5257L,0x6ee0ea0ac34e9a29L,
-        0x969e2682b1e77c79L,0x1e8323864a901cb8L,0x00000000000000daL } },
-    /* 61 << 126 */
-    { { 0x22ed87b1b25beddfL,0x3683f8776daac239L,0xda6806bcb77d6ed9L,
-        0x046324c87a1c73b5L,0x5302a1f0280619fdL,0xff691f965d3ab015L,
-        0xfd8e1f0576a75d3cL,0xb170a9c48883921dL,0x0000000000000199L },
-      { 0xe2e4582834cf1693L,0x4e53f2ccb6cbeb25L,0xd7c26c5a13f317d0L,
-        0x51871564f2f46ae0L,0xd17031e8abf83111L,0xe07adfc84579ad64L,
-        0xa9461bc123467da6L,0xcb2976479eccc563L,0x0000000000000035L } },
-    /* 62 << 126 */
-    { { 0xb146ed5aa9f72a7cL,0x484b8997a7f0e604L,0xeb7b7cba9531f3daL,
-        0x272a057cae6515d2L,0xb5afd269686fed9dL,0x3495b87c6d05afcbL,
-        0xd60b71ce218f80f7L,0x2d850946e0ded104L,0x0000000000000002L },
-      { 0xadb631e23692300cL,0x30aa16333329dfccL,0x8546c0fa71ffd9aaL,
-        0xc5e4b3590962f556L,0xf09a2444bd391207L,0xdbec490c71cab26bL,
-        0x4055668615b145deL,0x5f18aceeceab1ac1L,0x0000000000000170L } },
-    /* 63 << 126 */
-    { { 0x62cc9557f077d63dL,0xf30f4a8be8f5f5f9L,0xf98c9bdcde80ec73L,
-        0x167d81b80c4c8e3cL,0xbb7ff344653cd736L,0x60725f05591730e0L,
-        0xbe4ef60d1803adcfL,0x04ed04c0c5127350L,0x00000000000000f1L },
-      { 0x5d2cbf0b776f33beL,0xd1a495b3cd90ab6cL,0xd47c850fecb6e7d7L,
-        0x75dfa50f266f13f8L,0xfe272a12e317dca2L,0x14ce7728bdff1777L,
-        0x3dc3926220fba381L,0x148ac59d6c2259d0L,0x000000000000012cL } },
-    /* 64 << 126 */
-    { { 0x904f2d4bdf9314e0L,0xdaae850de7a00aacL,0x79231083582efb03L,
-        0x80f1c283ec7fe6d2L,0x2d5b3996199d74a8L,0x5f120b9b395007e7L,
-        0x30d237734773f03eL,0xf4c192733b78b686L,0x0000000000000121L },
-      { 0xf103ff6dfa8b51f0L,0xae7afb5140e2bdf0L,0x1130380e83254171L,
-        0xe83501b8cda10d95L,0x1057771e4f3a8c01L,0x8f52196aac807069L,
-        0x3609b0aaa5623821L,0x8c25790694a0a7f1L,0x00000000000001dbL } },
-    /* 0 << 133 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 133 */
-    { { 0xe2445c75cb0284f6L,0x7266ed21f0d3b65cL,0xa6f7fb639c0cd13aL,
-        0x68d77e3537fee05aL,0x1d21ea95dd708c8eL,0xc75f44e793ba8d14L,
-        0x8bb1876d90e34ca9L,0x7a3621e4b70e8cb2L,0x00000000000000b8L },
-      { 0x0fb7c958e1d0f420L,0x34b8bcf2fadb2239L,0x1800038b6a67f72cL,
-        0xa8e3236ac19f70a9L,0xa73dd94cb908c753L,0xd7569d95a6fa426fL,
-        0x5ab784f60a295ae2L,0xdc2bd296583f0f13L,0x0000000000000039L } },
-    /* 2 << 133 */
-    { { 0x4624399658603a1eL,0xf6bf54496310788dL,0x178120864c799cc9L,
-        0x20a0d4e63f9c7982L,0x13340a26930d81caL,0xb248675461520fa5L,
-        0x0e9480cce3e2cbb0L,0x11f633c1c61dd54aL,0x000000000000008eL },
-      { 0x34510e9e07ef7a73L,0x242ea6950e00a9dbL,0x1a146ea20ead5b7aL,
-        0x52c0a70bf54a3534L,0x4b85dbbeb8113e6aL,0x62df74261446fc2bL,
-        0x3a79c26ee9fe597aL,0x6327cecda7afdc59L,0x00000000000000c7L } },
-    /* 3 << 133 */
-    { { 0x8bf9e0791c403388L,0x219a3154046f9ecaL,0x3a8ee73bcec86e4aL,
-        0x0a31124e281f2e27L,0x6a6fb93716bc3255L,0x0706364a8ae63821L,
-        0xcce86c65323d4b3aL,0x0c238449fd6cfbd4L,0x0000000000000174L },
-      { 0x031202de7faa8a49L,0x97b770b2579d75fbL,0x5cf4413ea5e0d986L,
-        0xe93b56fdcc936d96L,0xe4ec80d2b1c5576aL,0xbf8972a2da093bf5L,
-        0x0c5a98bdbcbefd15L,0xa19b3e630e6f9d2eL,0x0000000000000131L } },
-    /* 4 << 133 */
-    { { 0x0f73c85a8201c48bL,0xef502f8a4c9caee3L,0x8df7699641d84048L,
-        0x93f8a34bba0f3b82L,0x0fba696cd6a81ed8L,0x0be6c83196622944L,
-        0x0de9a8f2085495f9L,0x12d843e6580b2551L,0x000000000000010eL },
-      { 0x507820fbe51de678L,0xe404cd9317831a13L,0x4818c9d1721196c2L,
-        0xefa01a64cdda697fL,0xdccd32f0bab8b58bL,0x51ac6e1fb4a19bdaL,
-        0xd402693f4e25340aL,0xd6567590afbbec44L,0x000000000000018aL } },
-    /* 5 << 133 */
-    { { 0x07cf170343ea64efL,0xd1dcaf5fe29ad51dL,0x6bc714cbfe586ba6L,
-        0x95d455c4a564449aL,0x786b09c6a3f8c7b9L,0x6b2825349a9f9acaL,
-        0xccceb672df41c312L,0x88da8f633a5f10daL,0x00000000000001c5L },
-      { 0xf41c956600a865dfL,0x8eeaa9fb92362410L,0x232c80aa699ea6c5L,
-        0x86ad242d2e4ce53aL,0xf54d983fc51e3b6bL,0x5fef2fb86e2dcdcfL,
-        0x08b9a493e3f0b5dfL,0x32594fcd676f65f9L,0x00000000000001cfL } },
-    /* 6 << 133 */
-    { { 0x79541ad2f0258929L,0xb69d65afa7ffda3cL,0x7a83f701fb3fccfeL,
-        0xb8c83005284111f3L,0x7b48d4acff594c0eL,0x4364f321b301dc8bL,
-        0xccdb0184404f2b6cL,0x52239a4b8f4e85efL,0x0000000000000144L },
-      { 0x1dd594a2f650828dL,0x98b50e840aad2d93L,0x491fb295fd90d0f7L,
-        0x511abc0b7fc0144cL,0xeb240aa88d0085cbL,0x926f083c4f4e0a76L,
-        0xf5e8865df32a6e48L,0x8fae6ec023e3413aL,0x00000000000001a5L } },
-    /* 7 << 133 */
-    { { 0xe038336eae697aa9L,0x1545b82e6b122bc8L,0x2acfc7a2465cab13L,
-        0x396d60549e0670bdL,0x7099e416d4ef9b8aL,0xa745f4a6f144b1b7L,
-        0xe859dac381092b9fL,0xf4bf2786ca8dba24L,0x000000000000016cL },
-      { 0xd43fa47a1d8e919dL,0x7848e02298994d0cL,0x88559fc88b5c1e94L,
-        0xd810594a0ee65987L,0xc6b9837b9476a135L,0x08b04d2778667d75L,
-        0x3d35806e815d0639L,0xd703da9b9cea4585L,0x00000000000000feL } },
-    /* 8 << 133 */
-    { { 0x714c9d4d6e4a010aL,0x9e8621eb98bbdd05L,0xf3f33305efc60f48L,
-        0x4e392a4c0706c352L,0x5d0f7b3a94dcfc6cL,0x28c343062434d058L,
-        0xdba377bb41885900L,0x0ed4082dad73df88L,0x000000000000012aL },
-      { 0xc0899758fcdadfebL,0x1638c31454319374L,0x1831028ec8ae469cL,
-        0x41093ffe3a0e36a7L,0x75c6667b2860701aL,0x38c843a264de0a06L,
-        0xc6e2c8a0949389d1L,0x754f22b73a1cc818L,0x00000000000001feL } },
-    /* 9 << 133 */
-    { { 0x90d5cf72e8548dffL,0x0b0082421130f27fL,0x2b742a08fd094a2dL,
-        0x8002cee1fe8642b5L,0x94ba68b089e850d4L,0x9bfe83a1084d0ab9L,
-        0x6aa91c002d2b5f7bL,0x0886530f383c1125L,0x00000000000001b0L },
-      { 0x039fd9101b334478L,0x762fdf6b772b30dbL,0xf0b07b33950b4e70L,
-        0x704eab49aab6690eL,0xfe91d13cbd747525L,0xb40f6f7ea5ab8cd3L,
-        0x9f66e805fe523b78L,0x232466335f117f27L,0x00000000000001d3L } },
-    /* 10 << 133 */
-    { { 0x3660997e1d29651bL,0x017c92f21c43ee22L,0x399bd07278817d09L,
-        0xe7886c7efcc2e4e7L,0xd86cddf76c75869dL,0xbf7491ac8d350f4dL,
-        0x794d402ad99eda1fL,0x93a31aa3ba86bb24L,0x0000000000000155L },
-      { 0x3be864461ba82751L,0x2fbb5d14599c74c0L,0xb91bfae79528f6e4L,
-        0x9718d1dc27ecc011L,0x2e6ae4695685c69dL,0x755ef4fcf2f01e8fL,
-        0xd7d5ab2292d8a1aaL,0x0b96bd64fa7d56f9L,0x00000000000001f5L } },
-    /* 11 << 133 */
-    { { 0x803708af0a32a860L,0x611b39670a9ffb60L,0x1d73591bd1c64167L,
-        0xabefe36c919b5b6dL,0xa6e40fe88e76d295L,0x59af88d392cc3d6cL,
-        0xed75288dc978e6c9L,0x1d4f6dc597c882eaL,0x00000000000000adL },
-      { 0xa71e31457368f4a8L,0xc5b4991a47a78cbcL,0x718cfc2581954234L,
-        0xd154abe8846e6039L,0xfc6cac6c2e7fa9b9L,0xf8c914314a4c53c3L,
-        0xcc073a4bfaa6ddcbL,0x3980d5f90aec7bddL,0x000000000000009eL } },
-    /* 12 << 133 */
-    { { 0x53f7cc1dcd9c3b89L,0xd01fc88e37c09eedL,0xdaad94c7fd4ba95dL,
-        0xa7bab576f6331227L,0x4919757ba6066bfeL,0xa8d525106197a2b5L,
-        0x1a7c2cdd80fe8f9dL,0x47a0587c292e069aL,0x000000000000016dL },
-      { 0x0374fc0618a5170bL,0x80e54bec68f03073L,0x8de8d710a373c6a3L,
-        0xc25d052115e254d7L,0x97fb5a235d0da356L,0xae1d930aa3099c32L,
-        0x4a362d78b750367dL,0xeaa2fd7c6c7e426dL,0x0000000000000160L } },
-    /* 13 << 133 */
-    { { 0x7d18c1c82affd347L,0xd1380fcd2983736dL,0x595f7723c63223ddL,
-        0x631cfbe5b484b6fbL,0xbd2861390a6ca8ccL,0xee72e38d4f471ca1L,
-        0x032046a1971ca142L,0x479212432a1dd8c0L,0x00000000000000c2L },
-      { 0x35e6b9e5d7ae4e8fL,0x5a00b0f90a3feca7L,0x1c342e080a0a3d2fL,
-        0x1e8879ddee0b5c36L,0xa420ee79ec8626cfL,0x79a1917573f33218L,
-        0x1258124a86bdec5cL,0x691be2ab06058dd7L,0x0000000000000042L } },
-    /* 14 << 133 */
-    { { 0xcfa90e928d85981bL,0x44fbbe308470ae90L,0xb1c923e3b4a1c507L,
-        0xb2d07ce9ff4afe17L,0x6efdd4cc1fefef7fL,0x9dc388240fc6d59eL,
-        0x90a95ff8cd639f85L,0x97907edbc6d5cc6bL,0x0000000000000012L },
-      { 0x4321d7bac15ff87aL,0x266401efa1c681ddL,0x71b9f08c84b64526L,
-        0xa59beafcfd5df281L,0x75c4a3cfbb791707L,0x48cac59c01ce567dL,
-        0x14cd0e56a00a8628L,0x2e9e9b3f0cacd47dL,0x00000000000001d7L } },
-    /* 15 << 133 */
-    { { 0x234103cfdeacba24L,0xfe7118f964b60ddaL,0xb600dd482a7d4f4bL,
-        0x60177286754ef7dcL,0x49a59cffe9ab0cb2L,0x309aeff80cbfcc2dL,
-        0x0a995830b4cb626cL,0xe5c24958357da294L,0x0000000000000108L },
-      { 0xdc25d5d416fbf2d2L,0x76f7dd357630d805L,0x0fa599f1883ffd97L,
-        0x81490dda0c07ab63L,0xb0afa4b335d3a0b3L,0x5339cd6c98872553L,
-        0x31702ec41f849f90L,0x111738088b6e6311L,0x0000000000000180L } },
-    /* 16 << 133 */
-    { { 0x58821c974a0c0913L,0xb7707006307795f2L,0x44f5f5bcea20c664L,
-        0xc23f5ac39c5ec494L,0xe83e4fc380affd1aL,0x7e92884d50102ac6L,
-        0x632405b8a3c31198L,0x1995f831453cc03fL,0x000000000000009fL },
-      { 0x8019071721e50847L,0x794b63d991f3efd5L,0xe9d69357a95c778cL,
-        0xbd298eb0d04a14c3L,0x40a105154c5cb3bcL,0x296fd944f9c2fa5cL,
-        0xfee5fe79efb9a49bL,0x12e8d7b35ba9db09L,0x00000000000001d7L } },
-    /* 17 << 133 */
-    { { 0x7978a92b15e89a09L,0xc21eaf079c8cbea8L,0x977fccc67d83c497L,
-        0x037b22f5a4996ef4L,0x79b075dfb1fa5efdL,0xff169c5d895b8646L,
-        0xb91366e1139eaab3L,0xfeac1026a55cf585L,0x00000000000001b6L },
-      { 0x0e827a8e83e55daaL,0xa7a27e77cd68ce98L,0x2cc9672e7d586572L,
-        0xd055fa46a3ff0e35L,0xafcc63023268d057L,0xccf7b4f3294e84d7L,
-        0xe972308991a61758L,0xda4feb6b72a08bbcL,0x0000000000000098L } },
-    /* 18 << 133 */
-    { { 0xa3c2e3b89a33dcbeL,0x69a1af65846e1f3fL,0x325e624b23d94d03L,
-        0xc9f9a9fe7b606aa5L,0xe660b7b341d6f8e6L,0xd9b994a8e7a4b883L,
-        0xd97bd77226a3c490L,0xed529b01110a6d8eL,0x00000000000001a4L },
-      { 0xc956d69d12852a59L,0xe0271878b91f3a5bL,0x70ca2552c30df3d2L,
-        0x1b322ad23ed9a3f0L,0x2bd7fa803ed7b14dL,0x2b0e40c9937ca92cL,
-        0xf0a680d7c88bf5f3L,0x2c1717bae18f006dL,0x00000000000000e0L } },
-    /* 19 << 133 */
-    { { 0x4f62538b805ba0bfL,0x521cb0d1ab71e577L,0xbbc91db992f0b4c1L,
-        0xd97b96acea45846aL,0xce2a73bef99195b7L,0x4808f872335360b4L,
-        0xeb784cc1e09fa8c9L,0xc9d0de8524667ffcL,0x0000000000000098L },
-      { 0x8aa32a023abb4464L,0x8539cb99aa2eeb37L,0xf97a730fe6572cb9L,
-        0x49a2ec198d17e745L,0xcbb7f722581a6561L,0x5271b9e7fd748594L,
-        0x7df05c8555efe907L,0x12b457a3648b30ffL,0x00000000000000dbL } },
-    /* 20 << 133 */
-    { { 0xc2eb058989126facL,0x796ce4619a94396fL,0x40eca49d99c7ecccL,
-        0x20ed57c7c492a4a3L,0x4089296506fa952eL,0x4690915c906f1b9fL,
-        0x099b286b548ce05eL,0x293617b76fe582a4L,0x0000000000000094L },
-      { 0xa34b04313831cd9dL,0x51eeddccb647a424L,0xcb7754a1e82a9c3dL,
-        0x59bd6cabb14c49bcL,0x8f6d2d2e8ac8f7a3L,0x5f2fbf4346ce83b7L,
-        0x93ece81c0d68eb87L,0x01271a1304d06b9dL,0x0000000000000067L } },
-    /* 21 << 133 */
-    { { 0xe26b19f2d74f6e10L,0xf3d3187d2ce14a93L,0x389726ad0da15517L,
-        0x370c53b748f5a2d4L,0x052065fa2adf6e52L,0x35193065bae051ddL,
-        0x82351b7900b33478L,0x03e7d6d80cdf4884L,0x000000000000019eL },
-      { 0x383538be2e446a7eL,0x36190c9adb8a52deL,0x51d74979946c8943L,
-        0x01bf13a579d3b4c4L,0x7f27c8610f2f49e2L,0x6ce84ff46a734dc1L,
-        0xec6f79ddbb5ff5a0L,0xdb6e4fe3a96d9a23L,0x00000000000001bcL } },
-    /* 22 << 133 */
-    { { 0xbeb1d116cfb1ec29L,0x3f1502f0c5f0152eL,0x501456fe75a4ee8aL,
-        0xde95a49a23265eafL,0x9e9e8319c0b85f89L,0x04d93a60647d2726L,
-        0x63a54a59cb65cc94L,0x56766e88f173d58aL,0x00000000000000deL },
-      { 0x9bccc01ebdb6a51cL,0x3d893bac5ac0d14dL,0x4a89af9516e16ea6L,
-        0xcd7eba6798db611fL,0x90e2d187e84acf42L,0xfdb5ecbce1053f4dL,
-        0xac124000e8c4a365L,0xf724f56ecb5910b3L,0x000000000000017bL } },
-    /* 23 << 133 */
-    { { 0x0978471e01ac4394L,0x057a926de4d2cc08L,0xece99f2f002fbdc9L,
-        0x07bb884abe832818L,0x7f396535fb1c9404L,0xfdb86a9f6ba39a7cL,
-        0xf4b372d9665c78e8L,0xc1b321e9dd520572L,0x0000000000000006L },
-      { 0x51f1b8b8841a3ed3L,0xf49b313516b4a01bL,0xe01130df5af2717fL,
-        0xb62166e4eea414c3L,0x7991e1ac050b5040L,0x8d632c2207cfddfaL,
-        0xa9033c3efa37f8b0L,0x542b8994790c1190L,0x00000000000001fbL } },
-    /* 24 << 133 */
-    { { 0x1711039279d6593dL,0x7d88866ed6d1e388L,0x27e0aa5fc9a20e92L,
-        0xc82ef455b781bc4cL,0x36888ad0a1e9a984L,0xa51d1804962eb333L,
-        0x3964bf4a6589216aL,0x88904ffa7529c9fdL,0x000000000000016bL },
-      { 0x9e0aca53e59081d4L,0x8b9066c009c4315cL,0x51d18e8b44dafb2eL,
-        0xa86cd85c3c757835L,0x7534cba2ed8b25e4L,0xe1db4aebe59c5ebbL,
-        0x77af93de72024396L,0x0779f6af77f5a9beL,0x0000000000000090L } },
-    /* 25 << 133 */
-    { { 0xfa55f353e1eee7e8L,0xe3728f0f832a86f4L,0x08ddaad44cb9e21aL,
-        0x9b49d70e9cf0f3d5L,0x8ffab00c2fd4bb7bL,0x7b24a72f1435c1efL,
-        0x390f209023687920L,0x1ae25cb77c75e684L,0x00000000000001ceL },
-      { 0x881170cb4ea45115L,0x7cb03b3b2fdcf8cfL,0x0a7628ad560c4124L,
-        0x44811560823820e9L,0x61ed767b6994e17cL,0x94da851fb95b76c6L,
-        0x78bdec4b3c1ed403L,0x463d6cc3f1d85a84L,0x00000000000001bcL } },
-    /* 26 << 133 */
-    { { 0x4b1cf5b9c8514599L,0x609b60221834d2b1L,0xbe5b9326da5dde47L,
-        0x64409ae86c87d75fL,0xa3567801e8d1e7fbL,0xa9b932338bf2915aL,
-        0x91fd8fe62941cc91L,0xed0e7455cddffdf4L,0x000000000000010dL },
-      { 0x913d2a5deef7108cL,0xaed5d7062be9d4d0L,0xfa01ca9bfa991f21L,
-        0xf3518ce8e99b856dL,0x981faad4e99672cdL,0x539dd546e7f474e0L,
-        0x9bda2db4157e9f13L,0xb8a88661ee003dc8L,0x0000000000000081L } },
-    /* 27 << 133 */
-    { { 0x8521387559df2f72L,0xb509af3789687b4aL,0x077892b261f8a34aL,
-        0x5603f3095d0fee80L,0x6d42d34edbc6cf37L,0x0cf8c9c4a3920fb1L,
-        0x655e26bfbdaf412dL,0x7272f887e2208eb2L,0x0000000000000141L },
-      { 0x62a68859878f4a5bL,0x0146336435dc49edL,0xc3a2caaec6d3081fL,
-        0xc6b69c2ce990949fL,0xbf1385e215a826edL,0x0419547fb367f8c0L,
-        0x389ab431323d3470L,0xb0453b45669f8c98L,0x0000000000000180L } },
-    /* 28 << 133 */
-    { { 0xd815b0c258bc45e5L,0x91a14033dde59521L,0x2af00d61185031ecL,
-        0xb1113f8df49ae2adL,0x623869a703db5dd0L,0xa27f52a38b084e1aL,
-        0xffae28447ec2a78fL,0x316a4a837d788dcfL,0x00000000000001edL },
-      { 0xda151fa30ae71753L,0xd2c6156661148b48L,0x5e1d6aa1ced8d6e9L,
-        0x4c784fcdacc9df51L,0xb5715fadfeb5fd68L,0xe8aa4f453c4bd41aL,
-        0xc295cf2c83a6506bL,0x6ebcfbe68959cd18L,0x00000000000000aaL } },
-    /* 29 << 133 */
-    { { 0x1e628033cbc78ba4L,0xb1b10d9e6af66a7cL,0x22732085003e1d98L,
-        0xf76bf139b4ef67c4L,0xfdc2dc37b969d917L,0x8e9b0e633e84da86L,
-        0xe1860be5f0916be7L,0x0e800a237c15f060L,0x00000000000001deL },
-      { 0x213138e0bed62300L,0x2919defb59a9fc70L,0x076e46c4a40aac25L,
-        0xba2e019231a4812eL,0x8fc6de496adfcd6aL,0x38d17f427d95423cL,
-        0x79adb39063487d5cL,0x58a207a931a424a8L,0x0000000000000025L } },
-    /* 30 << 133 */
-    { { 0x35c5164a45d58f3bL,0xe8b634c956a438f9L,0x9534282771b03d58L,
-        0xa8c2ac9f6b9023c6L,0x4d90973f13636501L,0x9d371c592eb26e43L,
-        0x24e2ea7d97f169a3L,0x6307489ee3af53edL,0x00000000000000a4L },
-      { 0xa142cc05e27954edL,0xfa9cfb5de2d9d9dcL,0x7d78edee9c8624a8L,
-        0xf0c2bd235976c173L,0x9727567c08649437L,0x516662a467e6759dL,
-        0x5bc285768c8f1790L,0xa62faec4956463faL,0x0000000000000068L } },
-    /* 31 << 133 */
-    { { 0x6a9df5fbe3f77972L,0x52703588c85f0f3fL,0x29c45e81e6d57b9dL,
-        0x3ff4393a0be4937bL,0x5c85f2ccdeb7dec9L,0xf885d42872f17b38L,
-        0xc839bd481d95a39eL,0xfd14d7c7dd7372cbL,0x000000000000010fL },
-      { 0xe9a106f0dfc4e535L,0x8d1efece352ca519L,0x4649995c18b5a799L,
-        0x17e6bc99cda75652L,0x9b7edb4dc27545bbL,0xb196ef1436d9adb6L,
-        0x2a3244496ef504feL,0x5a8e3e9fb9b92a69L,0x0000000000000095L } },
-    /* 32 << 133 */
-    { { 0x0d200089e0b8b7c6L,0xfa7c2a74e0c3a66cL,0x47465db046e3e5cfL,
-        0x2bd1dd818537bb62L,0x748d70127165a234L,0x4d3737455c718337L,
-        0x40c0f48e189ce8cdL,0xd018ce08a2f751cfL,0x000000000000014bL },
-      { 0x5513201a7ac22c09L,0xf559e050a1cd3533L,0x6e1eba1ebd4031d0L,
-        0xbfd8a1cc532b1d53L,0x3fdee4cf5a15b193L,0x226693f7789bb143L,
-        0xa0d4dc89dee75e9dL,0x438d3544f09a0c6cL,0x0000000000000189L } },
-    /* 33 << 133 */
-    { { 0xae388e5fbc7cfa67L,0x519392e5c4a83747L,0x4ccc4f517e71db2dL,
-        0xd0613eab43b51f80L,0x512eb54540a16cffL,0xfb154e87e61e6026L,
-        0x676633c8c236be41L,0xad0ef2ceda383a00L,0x000000000000010aL },
-      { 0x551ec1eb5b304592L,0xf85423b68c0864d5L,0x4e1550fb4b330062L,
-        0x09fe089b38cf2f38L,0x5b9116c2970c0163L,0x9098bb3fcdf09e59L,
-        0x7e65e01668bd9e33L,0x5c5d66f89b52bf2bL,0x000000000000000aL } },
-    /* 34 << 133 */
-    { { 0x72d78fb610dd1d61L,0x8be49d9a7bd8cd95L,0x3026eb2662e523ecL,
-        0x7bfdd7dbd55b37baL,0x7dc305b0effcc9e3L,0x00a2eb23fa3415e8L,
-        0x44ce408be37bc2bcL,0x0988ece81f78d0f0L,0x0000000000000098L },
-      { 0x0e7dd8fff0f57120L,0xb519a4f6b2d8b7daL,0xc28b9d98aaa4606eL,
-        0x63655931b7ebe8daL,0x7d5e49937aa83d31L,0x8fc247695d7113b2L,
-        0xaa723099af3672e6L,0x57a2ede46113f6bcL,0x000000000000017fL } },
-    /* 35 << 133 */
-    { { 0xbab36a6c9c8171b5L,0x2b92b467e3b4a5e7L,0x44181477ef7b6955L,
-        0x14887f78ea6af659L,0x9d6c37d31334f773L,0x46ad0d60b49909b1L,
-        0x5e6f4e00e13b1c8bL,0x1342dbff52e575dcL,0x0000000000000028L },
-      { 0x845e56bef3dd7aa6L,0x35d1cd6645b0451eL,0xef47dfa5d812844cL,
-        0x58c3217d8a377dfaL,0xf1c825800e7fcba0L,0xd8b870a470af2953L,
-        0x8b04f1bb44705ea2L,0x985e4d4d60d8733fL,0x000000000000016dL } },
-    /* 36 << 133 */
-    { { 0x6339d37cd0d9229fL,0x6005c395e584a476L,0x6d0069ae28566e91L,
-        0x429756900b0315faL,0x79dd1ffdec520a49L,0xc838751c0a8b3c1eL,
-        0x0d28edf14f3751baL,0x500d09678bbc87b4L,0x0000000000000118L },
-      { 0x7c7e207e14e4c072L,0xe63e49dfd3416c7cL,0x477aaa052eab5b31L,
-        0xb73c00ada919f8d1L,0x3f892c301613ac11L,0x04d69886a3169be8L,
-        0x8a2cf2a7f534f014L,0x3181e5a8a0b80c93L,0x000000000000005aL } },
-    /* 37 << 133 */
-    { { 0x0ab7aabfdc9ad56cL,0xd23c15c5eae45f77L,0x8890ba1666310ed7L,
-        0x78aa3af2f6769617L,0xddc04ace79481281L,0x93d7c93609693faeL,
-        0x89f579dca7f87b7bL,0x9fd68aa4c0811d4dL,0x0000000000000090L },
-      { 0x90acac1c3d570677L,0x2db8af73915160c5L,0xb68f09301a9bd834L,
-        0x92d8f38a3bc34baaL,0x6cc48f4d2c2a218eL,0x29cb31dccf297452L,
-        0xa425d2e8b3a8e929L,0x778988ad9d279aa0L,0x00000000000000f2L } },
-    /* 38 << 133 */
-    { { 0xd64682853c9f5c09L,0xe9c6093417a4877cL,0x30e2768b789a9e6bL,
-        0x92c8cc80a7f44fb3L,0x0da7ce7e21477158L,0xd6e1e02b94e9e544L,
-        0x9610eedecb4dc8d2L,0x47f8263b903a1fa3L,0x00000000000001d5L },
-      { 0xecd9b15649d6c575L,0xb862a41f882a88f1L,0x49423e64ede1dca0L,
-        0x4c5fda7de7b3c050L,0x949691d28a4614e3L,0x66bb747b0b9f0904L,
-        0xd4d91254ab12272bL,0x255b9e8717d749cfL,0x00000000000000b3L } },
-    /* 39 << 133 */
-    { { 0xa875e013bb5d1c4aL,0xa3f2502ac3e007c7L,0x6de7cc3766e12aa2L,
-        0x879a3b104a63a2bcL,0x6b31dd72854e1969L,0xd90cc9a146ea617aL,
-        0x379e82c25c4a71f7L,0x8f516047281e3dd5L,0x000000000000009bL },
-      { 0xa0fcb1903b84b7abL,0x0a52b50e0fc3d3c0L,0x32f65ccf32e1e6d1L,
-        0x0ab8ab6b013731eeL,0xea4c3be597b82568L,0xaa6c59b1f617b5d5L,
-        0x84b5dc5864f766bdL,0x1408d8b8df0ccd58L,0x000000000000009dL } },
-    /* 40 << 133 */
-    { { 0xf9573f8d640e6a08L,0xae4874b31138e3e6L,0x9de063dcda7c7652L,
-        0x3f4f25905c5e679aL,0xbf26d5286355457cL,0x071b6eb12fbdc5abL,
-        0x66f75278b8344ed2L,0xfcae83ac52898292L,0x000000000000014cL },
-      { 0x13b69d24c652cbb5L,0x072f96e6120253a9L,0xe8f88c7564985f28L,
-        0xc7eafd4f089a1e10L,0x6d4d0fbc9562b680L,0x6e4e5af7b91b73bfL,
-        0x253f58ce07278b89L,0x1df25657e8a56798L,0x00000000000001fcL } },
-    /* 41 << 133 */
-    { { 0x7366c523a6d0298eL,0xfc9896739908952fL,0x4e7b7e4b7cad6846L,
-        0x7d61390da76096ffL,0x121c9c4bbdc2d1afL,0x9b4a5607a0731325L,
-        0x037059e473265b99L,0x8674868ee48a42e1L,0x0000000000000097L },
-      { 0x78109eb260bf7a21L,0x84264885d3af48c1L,0x07659bf119b54790L,
-        0x8ea14ceb95d6aaf0L,0xcae15147cf069d4aL,0xc76144d6c7c72fb0L,
-        0x2b3a00a10d04f324L,0x2b1ccca3b23706d2L,0x00000000000001d3L } },
-    /* 42 << 133 */
-    { { 0xb2737edb4397a1d4L,0xa3cc4752adf24307L,0xe7076bb998c5ca38L,
-        0xda5f14a29cbf2670L,0xf17c4d57900f3687L,0xa5da2a2bc47f8b80L,
-        0xfe06debef4dc7298L,0xd171fac45a85e086L,0x0000000000000059L },
-      { 0xcf8e159ada084c91L,0xe537e29b9bb027abL,0xda5d260c2b9929b2L,
-        0x79587899c6d406c9L,0x4901def2b1285e88L,0x75514c448458dd8fL,
-        0x942b087b90071771L,0xb3bc605d576fe985L,0x0000000000000185L } },
-    /* 43 << 133 */
-    { { 0x20ff84d0abe1e0d1L,0x72bba8f48b5ddd1aL,0x17ea9fa311158d5aL,
-        0xdde176b4d05a1a67L,0x26a74063002ecc58L,0xf2a0564dbcefb61bL,
-        0x5846fefa3d6fdda7L,0x362dbb738d841101L,0x00000000000001daL },
-      { 0xe7957a081e70f44aL,0xa9dc89fa1e152397L,0x871ecf03a8f6bed7L,
-        0x01428e993a1d5e32L,0x6cfbafd4d04d7217L,0x31acf44166b784e1L,
-        0x68da3e28dfd839c2L,0x0eefd3f7a67bf28aL,0x000000000000005bL } },
-    /* 44 << 133 */
-    { { 0x16ce6ba9219403a6L,0x704c37ed72f83290L,0x1af9f9d700efb6b4L,
-        0x456cd8d972b63e74L,0x98256804fe6873b0L,0xcc5ec6b62243b040L,
-        0x0d6b88a1bf16f3a2L,0x19632b44d89006b4L,0x0000000000000188L },
-      { 0x8b9574fa6b48efbaL,0xaa2a766f9517e3beL,0x134f8f42c7789b73L,
-        0xde6e8af2e435cc54L,0xfdb8a89202acd7e2L,0xe7fc99b4db22b516L,
-        0xe33eb6b38a467a40L,0x7c98831102aaf81cL,0x0000000000000117L } },
-    /* 45 << 133 */
-    { { 0xc69fa235f9f382b1L,0x138dde0b97936162L,0x0193fb316ab8c45dL,
-        0x52b3734d5b963d2fL,0x68bcf54c42cb98caL,0x946127ae86c80ea7L,
-        0x2e85d3b8ea0c5814L,0x89b5ae1d0c05cfb1L,0x00000000000001efL },
-      { 0x30ec78ba83ead66eL,0x89ee8df807bc31fdL,0x3ee5b5dfe40653a5L,
-        0xbda53ce7c0d84d01L,0x8719017a332fd5e1L,0xe2c26ec1af60a467L,
-        0xfe92a92c5324fdd3L,0x4fbb7d03fc90f8e2L,0x00000000000001d3L } },
-    /* 46 << 133 */
-    { { 0x41517372268ee4c2L,0xf2ef66f1567195b7L,0xdee93cfd536b7c76L,
-        0xf4c81df537122f67L,0x8e18116fe95c1d48L,0xe55b76c713761ce1L,
-        0x067b6632af514d6eL,0xff26860207d9b612L,0x0000000000000050L },
-      { 0x153007507f8082e5L,0xba3bf499a614746aL,0x9bfb85fdc02fae9aL,
-        0x326b1d5cef48c254L,0x62d6db68098f53e9L,0xcd5a5120d68a1895L,
-        0x9cda1c53b571d2d1L,0x6745a05b13894f7bL,0x00000000000000a9L } },
-    /* 47 << 133 */
-    { { 0x395e92dd10b4a524L,0x2f607e83a39bfaf5L,0x56f5226da4ecac96L,
-        0x43a914ee1330398cL,0xb856077396dc6548L,0x7d6df876b7a3e898L,
-        0x119324ecf20fa238L,0x094f660ac05709d8L,0x000000000000009fL },
-      { 0x0adf96dc3dad163eL,0xd9a70fac8472aa53L,0x87276f1499571aeaL,
-        0xdb8f9182eae49b95L,0x0e612c83e0b31c76L,0x04a89299b29554cdL,
-        0x2cb3c97166eb58f3L,0x9b80b548127517b4L,0x000000000000002eL } },
-    /* 48 << 133 */
-    { { 0x6df6776bc353a269L,0x0d232f2ddace9809L,0x7649e04403d5d78bL,
-        0x59710087fc283d82L,0x86d65eeee2ee05abL,0x3d1fc3f227851d69L,
-        0x3b86ed771781977bL,0x4d4a61be1ac0290eL,0x0000000000000161L },
-      { 0x2deac320c5400967L,0x026949097381541bL,0xd373ba709cd429a7L,
-        0x547f0e86928b72c5L,0xb1c2f84c223ab61aL,0x06c039941115f60aL,
-        0x6e5b0cbe82136cfdL,0x08e4a467489d7de6L,0x00000000000000c6L } },
-    /* 49 << 133 */
-    { { 0x032b213a98212293L,0x2c3771f84175ba18L,0x34d7387f11656e9eL,
-        0xcf12328156425813L,0x2b4ef4b4722fee93L,0x7db8afb2799c6333L,
-        0x0ab9c8aa511cf76cL,0x14dcb970c785bcccL,0x000000000000018cL },
-      { 0xa5db10cad3cc86c6L,0x6c6a06a4abf9410aL,0x9057b0ca268823c4L,
-        0x1a3de830fa5744e8L,0x695f7952038b260aL,0xe0394707ae89d231L,
-        0x24a3e94c86b0b57aL,0x1acf30aee57206e7L,0x0000000000000161L } },
-    /* 50 << 133 */
-    { { 0x60eee52395f7e189L,0xe5499be0c5942327L,0xd385ce00d2ee8132L,
-        0x4cfdb18cfb6609d3L,0x2b4bb533b29a9768L,0x21ee5b2937a92df5L,
-        0xd24d2625d93a8b26L,0x432dc9a2102ae479L,0x00000000000000f1L },
-      { 0x9df9906be725bdbcL,0xe95ee011daabbb73L,0xe681c90af4d6dfbeL,
-        0x062b8fb003bd2ae3L,0x0e25ec30f61d8f86L,0x78c7612e5bb8dbf5L,
-        0x0c8b6a8545b562fdL,0xd972652ef4549f6fL,0x0000000000000123L } },
-    /* 51 << 133 */
-    { { 0x17b6f280f8148b30L,0x2114d1ecfc765a46L,0xc69d56bdd97da81dL,
-        0xe2ef34422e97a94aL,0x05212af05bfe5bbcL,0x98c1299f03cfe2a6L,
-        0xbeeb7efdee28e6caL,0xdeb67b9c09994359L,0x00000000000000bbL },
-      { 0xd4578886fad7480dL,0x61e757a46cb49108L,0xe2811c9d28480964L,
-        0x14ffd6bb2a68d261L,0x6afd6a0aac401fe7L,0xed21c3f69db834a7L,
-        0x877e265b2e156034L,0xfda68f45935cb0feL,0x0000000000000190L } },
-    /* 52 << 133 */
-    { { 0x0b0a8610ac5e165dL,0x21152a8c85cb157bL,0x6db9a7ce551cabe6L,
-        0x7e36ec91dfda6187L,0xf8727bdde8ff337eL,0x6009e6f01152b37cL,
-        0xffbdd5570cbded62L,0x4f1c3db00152b926L,0x000000000000002eL },
-      { 0x6b32d8b606c8a9bcL,0x734eb64a79b60428L,0xf680ec0030394592L,
-        0xff99fb910bfa6092L,0x43b696b7cbac9513L,0x3029ffe7fecf53a4L,
-        0xe36787ca6985a6f8L,0xa1c08a99132dbdbfL,0x0000000000000188L } },
-    /* 53 << 133 */
-    { { 0x81e74494c49d4659L,0x981c641e95f5147bL,0x84d1d3de4d8b3bd5L,
-        0x1aa8242301a6e411L,0xa98db43ce663d148L,0x1f4e05fed67ed0c0L,
-        0xb53dbab2662faa40L,0x8d1f14ac9c524ee4L,0x000000000000003aL },
-      { 0x0d7f01a90f85e070L,0xecc933cbe5063726L,0x683848d9dc641f20L,
-        0xd714d8d086dc3268L,0xee00e70ae4fb106bL,0x4c0af171fdd9367fL,
-        0x9085d9012d77d729L,0xa4b755e3da1b2659L,0x000000000000014cL } },
-    /* 54 << 133 */
-    { { 0xba16f14aab5c411eL,0x73bf410805bb77dcL,0x6e5e936e0cbdb790L,
-        0x095df1e82806dd17L,0x93d31cb976115ed3L,0xad42b79f4dfb1145L,
-        0x27fb4d2ee478b2adL,0xa0de22b349819e04L,0x00000000000000e1L },
-      { 0xbae8522996dab504L,0xe3f3c7d5dc069f77L,0x844307a2ed7f4f3cL,
-        0x3a8486cde2db6d25L,0xd085347ded20d8e4L,0x6af9e096f2d8d426L,
-        0xbefd13e374c38168L,0xbd6ee56577f7349cL,0x00000000000000a5L } },
-    /* 55 << 133 */
-    { { 0x4119d514d028e912L,0xbc53213293adafd7L,0x0176ca03e31467d7L,
-        0x109f2dd7dbe712aeL,0xc991ff43dc87e626L,0x986c9664bbe227c2L,
-        0x55b27b44ed625994L,0xab0d9892fab4c1dcL,0x0000000000000184L },
-      { 0x73fa82dee846b7deL,0x76b39d20978e6d94L,0xbe90c6022955b242L,
-        0x258fcc6d60653be4L,0x2884e00013a12e7aL,0x6e23077d6c5283a7L,
-        0xc52f652b50650616L,0x76c21d604a4564ffL,0x0000000000000115L } },
-    /* 56 << 133 */
-    { { 0x06fec2df700cd193L,0xf077afee002863a6L,0xb60894fd6cf0c0c2L,
-        0xc7d01cd0f8b7c551L,0x7adb74e4c33c337aL,0xb4b5767ea8867af3L,
-        0xbdb10aa62f3d57a7L,0x80d5ac5eb1ff9d7dL,0x0000000000000116L },
-      { 0x0e0df41c91867318L,0xe3cbb1ae1912bed5L,0x006dcee9c15465bdL,
-        0xf4768566352746c5L,0x567e2bcf767e554dL,0xa4eddfaccfc14923L,
-        0x5c661c2e5e096c3aL,0x5b13488d8123fb58L,0x0000000000000045L } },
-    /* 57 << 133 */
-    { { 0x7efb5d55427705e9L,0x7441763e3aefa5a4L,0xcfc1631a7dd7503eL,
-        0x1931431763a1ebd5L,0x28701646cb713fcaL,0x14e962bd8b152c31L,
-        0x257692ff76400fa4L,0x0f6600204b46efabL,0x0000000000000046L },
-      { 0x3fea71317ad6603dL,0x972475c8e4e9e4c9L,0x4bd0c751cecafbf3L,
-        0xbddcfd670c1312bfL,0x0a572cd16dcda451L,0x6c9ccfe8e4c9282fL,
-        0xad69bc9f267b4addL,0x504419d562517ae3L,0x000000000000009bL } },
-    /* 58 << 133 */
-    { { 0x874b11b11d0861d5L,0xdfb04016f49936cbL,0x2882feda5a6b94bdL,
-        0xfa80197cbaeb3a74L,0xc53a57fd3f8223adL,0xc4dff53dfc41cd27L,
-        0xff8ccf62cb813e8fL,0x243607d1e9325b2cL,0x0000000000000128L },
-      { 0xdeb8c7f10169da0dL,0x13f6f33fd5072565L,0x5a8a4c2f5128d693L,
-        0xefe2355be809d274L,0xf9fbb0786c9a8373L,0xe2b94a728f2e8165L,
-        0x0bb7b087052f5589L,0xb3a7cab974dc02e5L,0x000000000000017dL } },
-    /* 59 << 133 */
-    { { 0xbc9b22ed1648af13L,0x4cc818be46cd5d3aL,0xc5656c38380e7df9L,
-        0x7c961b149f628ec1L,0x96ddf65e6035c381L,0x9fb033981ee39576L,
-        0xf237b837459ee04cL,0xcf997019c1178539L,0x0000000000000067L },
-      { 0x35b3503f7d3970f7L,0x24df0bf854532bd5L,0x09e847bde9c532dfL,
-        0x0c5f797166449ee6L,0xfb9cf1629563558aL,0xe7e49989a521d4caL,
-        0x6a8c87b04a7e71d1L,0x0f9600f8c64c4fe0L,0x0000000000000121L } },
-    /* 60 << 133 */
-    { { 0x941f1a68f391b195L,0xf563c05b48755ceeL,0x02fa0eb4a4b11b13L,
-        0x89f09fe4110e0044L,0xda3601eccdf17866L,0xb63e2b31821c239bL,
-        0x72afb2946a4cfc70L,0x4cc16417876bb699L,0x00000000000001bbL },
-      { 0xf02270e155c4416fL,0x1a69d7a0a8fb98a1L,0x4f5219550debae64L,
-        0x0d93fc627a75e48cL,0x7555793a2e11801bL,0x6e275e97618c2327L,
-        0x57957f18f1af9ebcL,0xe16aa048085f0047L,0x00000000000001d3L } },
-    /* 61 << 133 */
-    { { 0x959cb1705b5721dfL,0xbef678407757dfadL,0x296da84fd14066b5L,
-        0xf63609e59024efb6L,0xf643a52c8efdaf37L,0xc512f72a5fdff43bL,
-        0x35dea1a55c5a2b0aL,0xbbe9f38e3bdccba5L,0x00000000000001efL },
-      { 0x585065f80662190fL,0x1b566da784cbad73L,0x20937378fd439316L,
-        0x00e8c5423908a556L,0x7f10e264f315c479L,0xdccc1dfc4840a392L,
-        0x6097b7f6a789f4f8L,0x7d593eef0fbc7e15L,0x0000000000000187L } },
-    /* 62 << 133 */
-    { { 0x9c59a11981b51f74L,0x7a7aacec4c9c20b2L,0x8ab9de7d0959f510L,
-        0x3bc2215deff0cd8cL,0xd609a192ba5ab07cL,0x2dc4323dfe7c9044L,
-        0xd20fc5a275025d5bL,0xc38808f868ad1441L,0x0000000000000054L },
-      { 0x41574f55f8f1594cL,0x0e9628dc130cb3f2L,0x30f8407c5375a79aL,
-        0x28bee5a986522cdcL,0x75a4472e6be35431L,0xcb6da55b06f2326cL,
-        0xf31d9ef60acc996cL,0x75b5edf92e86b7ecL,0x0000000000000140L } },
-    /* 63 << 133 */
-    { { 0x3e6fae603dad7855L,0x5030d3e21224bc29L,0x23be6fa4604102deL,
-        0xe2fd452d186e1249L,0x04d431a74a13d329L,0xef754a14c4ee6e42L,
-        0xd4a33388d01ee315L,0xce211eb300a21f02L,0x0000000000000120L },
-      { 0x066c034572a9514dL,0x18de295c8b1c5dd6L,0xeade73adf43fa0aeL,
-        0x5e1c485dbc9f2723L,0xc998a5fa0a88330fL,0xe42f25e4f90d631eL,
-        0xab6b3a19b31f7dc7L,0x6c02cfddca2d7e01L,0x0000000000000061L } },
-    /* 64 << 133 */
-    { { 0xae917a54a084d91aL,0x4a1095a88a3ae45fL,0xb7a358faa30ee909L,
-        0x807aca835aee3272L,0x58d144a9681d54bbL,0x36569b8d3352c5e8L,
-        0x75b7e2f1e5d9ba90L,0x348c70da08068bb3L,0x00000000000001d8L },
-      { 0xc2bca2f5309376d1L,0x87ca2cb0457d23d0L,0x7dccf53dacf94fc7L,
-        0x0646dea871e898bdL,0x8a053df3c8bd817eL,0xa9e9c6825a002253L,
-        0xb23c781375a16c9fL,0x2500d5a13f81c2beL,0x0000000000000043L } },
-    /* 0 << 140 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 140 */
-    { { 0x7facf165d19906d0L,0xd8e059afad92d455L,0x7356696f6ebec576L,
-        0x67044e551d6d311dL,0xe2bc81dc3a2e50cfL,0x860036dec00ea37fL,
-        0x71dfbe61ff32d69dL,0x298b766bf502baffL,0x000000000000019fL },
-      { 0x5e5e123901bb03f8L,0xd36c35835304ba94L,0x5025f960b49f6a95L,
-        0x72dd554f75e5b6e3L,0x85bfb398869c9d17L,0xd71cf71f9cace4a7L,
-        0x0f6fd3ad7291dd9dL,0x5da8a689d1b5758fL,0x000000000000018bL } },
-    /* 2 << 140 */
-    { { 0xabdf1b02db567888L,0xf47d5cd15a14bd4aL,0xa3483f68b56ec127L,
-        0xf09422294e65795aL,0x225b339b2de6ae78L,0xfbfe7ef011792afdL,
-        0xf27b31a04548c2a8L,0xb4821ea3dfbd3ba7L,0x0000000000000159L },
-      { 0xba06333ca1c887b9L,0xfc6eef566b243e38L,0x345900c3596ec79cL,
-        0x243b17ab43e33d8dL,0xffa7e30da9370da9L,0x3dc587a50f09347dL,
-        0x0fd1b2463343a72dL,0xe4acefb48372fcf3L,0x00000000000001d5L } },
-    /* 3 << 140 */
-    { { 0x99d91691af8c8ccdL,0x2be2648633764c92L,0xb6e681492477aa78L,
-        0x90430fc6c52d4964L,0x4ced96c54e1647a5L,0x5b52a279c1489674L,
-        0xab7f4127c26ec42bL,0xcd5528fcf1097b9bL,0x000000000000019aL },
-      { 0x7785add63a47e5c2L,0x9c82fae9635cb4acL,0xadcb0de0ced83245L,
-        0xa42230c8ccb91b16L,0x6af43e953a3e11a7L,0x36288135a3145d6bL,
-        0xb74a3e63e2ded224L,0x15df0d2948aab5a7L,0x00000000000001bcL } },
-    /* 4 << 140 */
-    { { 0x25455c2ae3e97a29L,0xd497ab4fd3028514L,0xeadb13ea914ae0c9L,
-        0xf9f6a27533e0bd85L,0x1103bd6053851649L,0x445b182dd66c948dL,
-        0xf74f853bedbecea9L,0x643db0530d27351cL,0x0000000000000082L },
-      { 0xe5ccd1170fd56cdaL,0x421562c371495df1L,0x865b3f9ab2d1a036L,
-        0xe0407f28d3e4f471L,0xa64f74fccb7e4c42L,0xe87e464d1d1e7bbeL,
-        0xcdb9e777abad4a1aL,0x6e1021d7e76deed0L,0x0000000000000161L } },
-    /* 5 << 140 */
-    { { 0x089fbb85b7f279fcL,0xb3562a0b547a1efaL,0x40a3fa3c98080868L,
-        0x90ce47dd94597f7dL,0xb3bb20850c6f4b4bL,0x8c24eda75953ab03L,
-        0xb8b110f04eee13ecL,0x3ace7b901bdb3cbfL,0x00000000000001d7L },
-      { 0x33b6b36f335c7820L,0x43efeebc6b2b5992L,0x3b56649d36ded655L,
-        0x15419020a9dd98a3L,0x08d081b563f405aeL,0x5b1f59d02c588c8aL,
-        0x745c687eff822e70L,0x7ab7b9f169ef398cL,0x000000000000017fL } },
-    /* 6 << 140 */
-    { { 0x568e60bc840e5c81L,0x12b35cd301788f64L,0x70422fa0123e9018L,
-        0x6ceabfced9cdbe2eL,0x67032a107626e2dfL,0x0888ca79d250ef1cL,
-        0xca1fa245d5ba46afL,0x590f29972f6be510L,0x00000000000001d1L },
-      { 0xbd6dd880f2a02370L,0x3ae5f4ac20d42c5eL,0xd2b300f46c08e487L,
-        0x662be2ef896bdb34L,0xe7632d9b07011f7aL,0x9481b843e7e83b8eL,
-        0xeb7e2084a30c0fb9L,0x53e59adfa71241b2L,0x00000000000000cbL } },
-    /* 7 << 140 */
-    { { 0x49d93794c2911aecL,0x586554f1a810c993L,0x867b77a3f2322411L,
-        0x6083b099c2e4cbc5L,0x0445ed8e7cbd094dL,0x417ba195e0feaa26L,
-        0x432b645fc178ed78L,0x429282dfc9948690L,0x000000000000010fL },
-      { 0x3045657baddc286fL,0x10f36372863fa4c0L,0xab804fd7dca96fe2L,
-        0x6b0a12a618c34d71L,0xbae3dc772a7c0ea4L,0x241e63a0abc48f80L,
-        0x34efeaa3ef1843f8L,0x321d171a8498816eL,0x00000000000001c1L } },
-    /* 8 << 140 */
-    { { 0x26e479f9b9b07fb9L,0xf8e49cdfc03b5adeL,0xa0d66a21d525e891L,
-        0x8a062d759a62e3d2L,0x4b025cb738704c65L,0x2b7a6b60d440836aL,
-        0x3e55fe53a3ca3ac1L,0x59577407f1031f19L,0x0000000000000128L },
-      { 0xa5bb1eb02b4edfebL,0xaee5a2174dcfd68cL,0x582146cfa19f4f45L,
-        0x4481152269f7c258L,0x72d7ce9a7f9333c2L,0xe6c88fe2b1dae530L,
-        0x1367ce5c88b50de2L,0x10367dac7150206bL,0x00000000000001a1L } },
-    /* 9 << 140 */
-    { { 0xd210619a37f4b554L,0xa2cc4be40b01fa7eL,0xbf3805805488768eL,
-        0xcb190c6f8a100ae5L,0x6f82bce1749bf03eL,0x0914bcf0c75efd73L,
-        0xbdae235886e6b29eL,0x6e286b36ec5deb30L,0x00000000000000e7L },
-      { 0xf4eb4fefff080663L,0x0702453df93ba24eL,0x1ee5c4e556edfb3cL,
-        0xdc5bef4b7afd8870L,0x74bee7cdc025f4abL,0xaf63727b5597771bL,
-        0x2a51fee0dc0cb4faL,0xd9eb893d309e2a54L,0x000000000000017aL } },
-    /* 10 << 140 */
-    { { 0x991ebfca6cd7b62bL,0xb8571f56009d1d74L,0x14d27d7c441cb94aL,
-        0x4021306519e77736L,0x9aaabb26cb20ade1L,0xa283eb52533f6f74L,
-        0x84ae1f5856dd48e0L,0x275ab1ad91f11a89L,0x0000000000000118L },
-      { 0x61f3c5b415960882L,0x036d46e444f0a7a1L,0xf6c5a1f94bb28f39L,
-        0x610f8313f1cd4bc6L,0x571ba872fcde5b45L,0x23c35a185f066ef3L,
-        0xf878375da40c5fd0L,0x9fc32ccc1158dc83L,0x0000000000000167L } },
-    /* 11 << 140 */
-    { { 0x86d444cdd1d81ec5L,0xe5f57d64c29b3744L,0xe606ada6f74f9589L,
-        0x5fa4dfad28f6b922L,0xf90993ec5b5d30e9L,0x307d234bb0541c49L,
-        0xc010a0daf75b0402L,0x2f36ec8b2d0d3135L,0x0000000000000168L },
-      { 0x1ebdfad4b51917f2L,0x7f7f6c94411faa6eL,0xaef4c9a7d74ec215L,
-        0x3f7ff15d4041ef68L,0x21d6dddc30b6b53bL,0x1ecac9bc6f918cebL,
-        0x05ce1210fcb67a22L,0x7aa44454c5c0e9e3L,0x0000000000000139L } },
-    /* 12 << 140 */
-    { { 0xac513c23102cc86bL,0x34aee96bbfd0baafL,0x47047407eaab0d63L,
-        0x3a1eff07ccd57509L,0x53f237cca81c8d03L,0x7742e3f1cc16c904L,
-        0x5325d4796e2e981dL,0xd959b9f8289e6427L,0x000000000000004cL },
-      { 0x3114735e26f5e6cdL,0xd17e0d5337c5de44L,0x5adf2f3f002a7993L,
-        0x7c1f1f6e176f2f70L,0x01d7f210003758e2L,0x8a2a198693beb852L,
-        0xbded219b40b61e5bL,0x2450d9f2a7427ce0L,0x00000000000000c4L } },
-    /* 13 << 140 */
-    { { 0xfef846878597ca44L,0xa1379684d227c76eL,0x661764327517d749L,
-        0x1420872d295d8438L,0xf296988cd91221f2L,0xb6115a026241e88eL,
-        0x589dce4ea0969d25L,0x4318724ee35919faL,0x00000000000001d7L },
-      { 0xf3ea462a41fa8073L,0x8f577c2156900887L,0xb4318c9929e43377L,
-        0x821a520ca7686967L,0xb62b1149354c5868L,0xfc76e87f6a9dfe8eL,
-        0x8aeb05c6bdc6443dL,0xabcbb41c51a3fd6aL,0x000000000000000fL } },
-    /* 14 << 140 */
-    { { 0x06bc23ab58dd91bfL,0xbfb489e37fcdce7cL,0x50a99333f0d69619L,
-        0x6f1a78a3d65751b0L,0x10ac9bf8e1dbd9d2L,0xe3d584f0133b5409L,
-        0xa52cba20db27d29bL,0xbee71f220ded25f9L,0x00000000000000beL },
-      { 0xcdbfa2cb8d49e1d6L,0xea7e04c2752b7a25L,0xc6cd12c9915cdb88L,
-        0xf5d56504b292eaddL,0x2d0ac7ff26dc8f0bL,0xc6e0722d551bf7fbL,
-        0x17f9acd4c0a3d7f5L,0x0cbdeb4f3498ee12L,0x00000000000001cfL } },
-    /* 15 << 140 */
-    { { 0x8d2b73570149c225L,0x6f048760b1294d56L,0x4feebefe53097a6eL,
-        0xdeb1abbeca846c24L,0xc920fe521ba7f7c5L,0xa851d87174295fbeL,
-        0x8a977818717e5fe3L,0x4e35d70c5320f185L,0x000000000000000fL },
-      { 0xcc43de63bfb2d00fL,0xfc526e5170414bb4L,0x45574b72696ef1cdL,
-        0xf29b91cc4f96a64cL,0x17b2e3503d419bbfL,0x13f2873916dc8aacL,
-        0x3a8afbb755b08a44L,0xf1cecdf34e23f8ddL,0x000000000000000dL } },
-    /* 16 << 140 */
-    { { 0x69cad3ccc4d6ab08L,0x3adb57773b8990b8L,0xd0cad8ce8d958801L,
-        0xcb572e666d728f9eL,0xe3d9e7c4cd5131fcL,0xafceb6b06145dc06L,
-        0x12ecd392e213043aL,0xbd5992943a64c87cL,0x000000000000000bL },
-      { 0x8623bdbbf6ea9cf1L,0x3aad9495547aa650L,0xd3d853fcbeb27159L,
-        0x3d25a64830b40833L,0x12d188e8dec51bd1L,0x836330d2b348c3faL,
-        0x9df50cfe73c2ea59L,0xb5dffb2061ded0b8L,0x000000000000018aL } },
-    /* 17 << 140 */
-    { { 0x4b138db0a2237262L,0x6dd1135e1ab9ad06L,0xc31f50c4c7cfff02L,
-        0xc89ab22d6ab45111L,0x5b8461c35a62394aL,0x0f8a58be8236491bL,
-        0x3660e9f30b0011e4L,0xc83dfd989395955cL,0x00000000000000d7L },
-      { 0x8c4f8327e2177d42L,0x893a9166a8a2cb6cL,0x27d47141b6f7405aL,
-        0x2285f6249e2be11cL,0xb55b89d717722bbfL,0xecb10b0d28d3d548L,
-        0x9682096f6c97c7cdL,0x5d84617f8588d1cbL,0x0000000000000008L } },
-    /* 18 << 140 */
-    { { 0x75cc12737f775b7aL,0x0e0a040e4f3b788eL,0x2eb00b21038bc8ccL,
-        0x750b88536ea1ad7eL,0x0d93be1bd56b81dcL,0xdd262f462a3c3eecL,
-        0x421995083289b172L,0x0fd1c19221cf4378L,0x00000000000001a8L },
-      { 0xc038f20f787c37a0L,0xd8f48746f363e515L,0x5d91de9f54a85207L,
-        0xf72c0e8f953d5932L,0x4e37af2f3f25bdebL,0x03d9084d0ee85cdeL,
-        0x64e551feda041351L,0x55fdee4e6067100cL,0x0000000000000096L } },
-    /* 19 << 140 */
-    { { 0xb4254ee4e048f571L,0x2529deff0aebb093L,0xf1f1ecbca72853eaL,
-        0xf100ab831a56b014L,0xf09cb22e9d01985fL,0x65e22e41cd855cb9L,
-        0xfc3e23afafc54970L,0x8a0f8e16847cde07L,0x0000000000000105L },
-      { 0x6c27488e9e09346bL,0x38666895d7783338L,0xd28155fd191e59acL,
-        0x5454681fe04ff0aaL,0x27bbb0f76362c683L,0x18a787f430340b44L,
-        0x22879ce10a64c12eL,0x0eeb0304b5ac5768L,0x0000000000000164L } },
-    /* 20 << 140 */
-    { { 0x1a9a04ffc48a91ccL,0xe11f57dd5723e9eeL,0xeff193d3f573d896L,
-        0x4c2ce4824e62f80eL,0x9f1e43a7010a0e78L,0xe9c1be55f4364c5eL,
-        0x548071daccd4aa64L,0x9eecd41439d22af2L,0x0000000000000064L },
-      { 0xccea349ea1aa4684L,0xd2413abfc247f97bL,0xecfa10c1aa385b03L,
-        0x9b0d25ddf77ac70dL,0xcffb885d12dfd388L,0x89e1174d6f33dceaL,
-        0x37e1423cdf3cee18L,0xe4ba71be378c8bd0L,0x0000000000000110L } },
-    /* 21 << 140 */
-    { { 0xabb17070333bc84fL,0x41090912d03c10ebL,0x8adda5ae18e32b11L,
-        0x7bbc3c10f86dc4a8L,0x9092ae12d649c287L,0xdb06dd82bc3a65cdL,
-        0x18ca4d753e07b6b8L,0xe291bdc47a9f4b35L,0x000000000000001aL },
-      { 0xcca919f56830e001L,0x748a24a9e3117f7cL,0x9ed8b483a3222af9L,
-        0x745dc8ae55996204L,0xf7c9afa042dc624aL,0x900e3f41449efd5dL,
-        0xed319f077084a837L,0x3e4911c944052eecL,0x00000000000001c2L } },
-    /* 22 << 140 */
-    { { 0x83bd9ff7daa696bfL,0x7fa14326059a611cL,0xb526f26264d7924fL,
-        0xf1ef5c6fc1cfb749L,0x6a2d7d3f6892bb09L,0x34b326a1d69bfa95L,
-        0xb702cd98f8f49ec0L,0xa32611a39b8d2fe5L,0x0000000000000028L },
-      { 0xbd0e80afc982fe86L,0x3c59319f0292e026L,0x1e77d11ec72215d4L,
-        0x39d2b2c6fa0d77edL,0x22ab784f71ca01efL,0x87ece833a7e8268dL,
-        0xb5d67f6bd1682c8aL,0xb18f577d677b9508L,0x0000000000000183L } },
-    /* 23 << 140 */
-    { { 0xa02284c4e2be6438L,0x234448f60d1b27d2L,0xdb7d087adaaed164L,
-        0xca39a1f9bb959ba3L,0xf87e2f49a4b8b5f8L,0x559e905f4d5f1b60L,
-        0x479466a072370c3bL,0x63d28e16b0bca628L,0x00000000000000c3L },
-      { 0x147e8781e8d32ad2L,0x40e530111472ade4L,0x40f05d9a97cc63c9L,
-        0x485dff28f13f5454L,0xe360a4c25824a4c6L,0xac09f1c4ebb6e58eL,
-        0xd80077bd1e778bb7L,0xb549c19d6ce4263cL,0x00000000000000dcL } },
-    /* 24 << 140 */
-    { { 0xae6b428f554b88b9L,0x26bf6b6c8313c74eL,0xae7e5874ce24b917L,
-        0x26e268738b3162c3L,0x2ba4f3edcaad88f4L,0x6e9e5051375a3f9cL,
-        0xa754cc49d70210f3L,0xff8cb757e4553c0bL,0x0000000000000119L },
-      { 0x93f6a0a4ae1c208eL,0xb56b6a4ad247d4e2L,0x4cff7d0391009637L,
-        0xc6b56f6be0efc126L,0x81f5d59c42de039cL,0xfc4c1d26f36854c2L,
-        0xa66ab1792d280f60L,0x6c5468c3eece88ceL,0x000000000000000dL } },
-    /* 25 << 140 */
-    { { 0x1df2fe5226b04f55L,0x43febfabf8717ce0L,0x6ca4a4c906a32d96L,
-        0xc625ce6c9a25aad0L,0xddcbd5755bf093c6L,0x4740594fcb1fbaf2L,
-        0xa1e50234d12cede3L,0x27b1937203f2fcf1L,0x000000000000010eL },
-      { 0x5b9999d1c137a9c5L,0x1580a031522d2decL,0x21b2cc0a35220780L,
-        0xc66015fbb9286a1aL,0x5ecd634a90d3aef9L,0xd9c91a6d88d39d33L,
-        0xbc02dc02864919a0L,0x110830f991b49396L,0x000000000000019eL } },
-    /* 26 << 140 */
-    { { 0x897d947ac5d1e1e8L,0xbfcff6ae0587d4d8L,0xb5f3ffa5279d1ebaL,
-        0xa4c3eb1cb725ec65L,0xfe037a76cdbd4600L,0x424c015216a86cd2L,
-        0x23645a597b3ea150L,0x9e913a47c9db1cddL,0x00000000000000baL },
-      { 0x714c4dcedc4fca02L,0xa1c699ea5ff04ea5L,0x6144a96f0ffeae0fL,
-        0xcd2e50d7203b8a69L,0x0012fc770d2c230aL,0xdbc4f25bfa8b6928L,
-        0xea8941ce060f3141L,0x86836d7b946f207dL,0x00000000000000d2L } },
-    /* 27 << 140 */
-    { { 0x95a4c2bcfbc9136fL,0x9ffd305bbee15a48L,0xe445467ef86e497bL,
-        0x7bbb4922bc2519c6L,0x9dda7889bc9b2de2L,0x9ec70bb743b88ea5L,
-        0x5b58943ca1bb75a8L,0x3426ff7c5c5cfe2dL,0x0000000000000042L },
-      { 0xbb152162963204a4L,0x19ab08f23ab85bdcL,0x266ab5ad034cca2fL,
-        0x7a27928d8eb8753eL,0x405302a272272090L,0xea7479374a010ee1L,
-        0xfd2764875eb40da3L,0xf8d4f8029b6cf000L,0x00000000000000c2L } },
-    /* 28 << 140 */
-    { { 0x0587d31801873864L,0x6c4940d1a8758f49L,0xd5928f463f1f13cbL,
-        0xb0917630481afcbdL,0xafbbe96c2804e91dL,0x1016565133ef9d5aL,
-        0x7284a58ea2c3796eL,0xf013d38a5ff369a3L,0x00000000000000b8L },
-      { 0xea1ad141d71ec602L,0x5faa6539449f5326L,0x30080af4455cde9aL,
-        0xc4bcfdcd6affaba7L,0x52e0ef42801f9569L,0x5abc27b2c80b0b5bL,
-        0x3c4cd4339e99ccf2L,0x63e689dd6703e3c9L,0x000000000000010eL } },
-    /* 29 << 140 */
-    { { 0x55b2acfd76824739L,0x7f2d73ede9167239L,0xd7e63103419b9e86L,
-        0x4c358f755f58d997L,0x9b8771ba635a21ffL,0x5f3394307708bd7bL,
-        0xa0de93faf730a252L,0x19524f0de8a755e8L,0x000000000000014cL },
-      { 0x426e17b7446f65a0L,0x93c214feb669d1a9L,0x93fd2087a657e7bfL,
-        0x16820da66b9354c7L,0xea8818c3c6a24661L,0x8b673d76ca97c304L,
-        0x028065fc59d65adbL,0x6e75b61ccb0656f7L,0x0000000000000098L } },
-    /* 30 << 140 */
-    { { 0x94bdabc696b632d8L,0x5685cd96c04f512bL,0x09135f1dba7c2f6aL,
-        0xdf4bccbf16711651L,0x9339f902ba842c06L,0x84649cec4ea6ade7L,
-        0xf98ce1ace76c4520L,0x25d796d082b2e5edL,0x0000000000000159L },
-      { 0x190184670ef41247L,0xa8aba9cbb06ab440L,0x6a2c8f0d424575efL,
-        0x29542661a7641251L,0x4aef28806063cd71L,0xb6521c4661007b1cL,
-        0x44b83804d1f05f1cL,0x96545d8984a8d313L,0x00000000000001c8L } },
-    /* 31 << 140 */
-    { { 0x56c2c87fcabeb4c8L,0xc0acf4c98c3e6148L,0xbe7fe6ccc20e488eL,
-        0x423761668330b587L,0x5af5ced080883de3L,0x4b6aaaf85add9229L,
-        0x7c7ad512ab13ab0dL,0x14bc975727ddc17bL,0x0000000000000036L },
-      { 0x92d037848d17337bL,0xd5d878b97bd6dba0L,0x9d229cd79e89007bL,
-        0x3c014e2492b07e2cL,0x533280fee56c30b4L,0x41fd5f6ecb3790f6L,
-        0xc5e9b610c89facbbL,0x89429ae2d48d455fL,0x00000000000000cdL } },
-    /* 32 << 140 */
-    { { 0xe843d0350c62942aL,0xeb792fc5d8920cd4L,0x3fa4154e90be6fd2L,
-        0x002631cbce2557abL,0xb37b952a226742b6L,0xa7658c0afeafdc24L,
-        0x62a7de67b5a09597L,0x25074f6a9bb3cfdeL,0x000000000000015eL },
-      { 0xe6db0f49d03cf65dL,0x1187c8b40347dff1L,0xdea411166e4ce605L,
-        0xac0ca35322313708L,0x395ddee3b6a5cadeL,0xf31abcb1c6d80c86L,
-        0x013371b1a07f0747L,0xf54231898f55b804L,0x000000000000014dL } },
-    /* 33 << 140 */
-    { { 0x31cb7a50f9a638eeL,0xb23e940381388b46L,0x1c0b9ebc7bf805a3L,
-        0xcacce3dbd40f4071L,0x8360c4c6652cc8e7L,0xeb2829c4327a1acdL,
-        0x4fca72678eedc8bbL,0x49a6630aca904d48L,0x00000000000001edL },
-      { 0xdf7aff0abe745b6fL,0x15b66c0630f736dcL,0x4efc54545d6c3ba4L,
-        0xa1becaaa4ec61d29L,0xda6f8551b17a9158L,0x889c4a939eed3eb8L,
-        0x6f5dc762cc33be94L,0xd0f2a30010588a5bL,0x0000000000000144L } },
-    /* 34 << 140 */
-    { { 0x93b6f1877e5836afL,0x0e7009435c3af4b9L,0xdb3b4d704b4f0f02L,
-        0x0c196039d71d4375L,0xede744582ed230c5L,0xd0630162add9da94L,
-        0xae533629cd2c0ec5L,0xa93a8b231108523eL,0x00000000000001b3L },
-      { 0x6891494b70a36874L,0x5c15139dd85b565bL,0xc8104f07b620217bL,
-        0xda49717001c964eaL,0xcf38a9e7631c7daaL,0x631856c19e124493L,
-        0x057b8cd2ab9d4cd3L,0xb3d089bab13791b7L,0x0000000000000013L } },
-    /* 35 << 140 */
-    { { 0x27d87b3b4032e076L,0xe37fc28f6aa218a2L,0x55a525b1ad652b86L,
-        0x82ecdf89db0e1642L,0x7951a419d974a454L,0x4367ac17f8195a7fL,
-        0xad2b7d0d86b0cad5L,0x36113772d6140139L,0x00000000000001a8L },
-      { 0x98f04f1c8ec6a745L,0x1dfaa104644bb3a5L,0xb9c03e2bd331c407L,
-        0x15188e1662af07a8L,0x0b2f2cb67f329a15L,0x0b7ca5fc0a91b5ebL,
-        0x28b5e4bb5c410c39L,0xcc64e7eb0de792b2L,0x0000000000000188L } },
-    /* 36 << 140 */
-    { { 0x5f4b9fa400a0bdb1L,0xcc2cb2b2a274ac45L,0x7c05dc7c6e646620L,
-        0xfca73a120cc2626dL,0x6bf5386457718621L,0x1843b57ae81976a7L,
-        0xc350b19bf323d6d3L,0x0c514dd5c4a360eaL,0x00000000000000c7L },
-      { 0x24ed924263c17c00L,0x4a49aa5368306bc4L,0x11b210cc1744cb19L,
-        0xa6d24a9cc7284b23L,0x7a438e436b558be0L,0x798304c7bda0ff5cL,
-        0x5c6782b6c1c19b1aL,0xab2864276f4d0e2bL,0x0000000000000106L } },
-    /* 37 << 140 */
-    { { 0xfedd7c404f2f5c7aL,0x77c579e61a9c79efL,0x88cfe011463e782eL,
-        0xd51523c57ff1d238L,0xbce03def946a4c51L,0xe56855fe4486a582L,
-        0xb52fc072d6d9ead8L,0xb406446c52fe62bcL,0x0000000000000085L },
-      { 0xa4db7d7811dd4ac5L,0xd877aae6647e8dbaL,0x2c7ace9980bc3941L,
-        0x29f8ebc99faa3242L,0x6153632a10afc24eL,0x57cbe075dc5c3cc6L,
-        0xcae0ed2e9b8a0c22L,0x029cbee5ef2c6786L,0x00000000000001e7L } },
-    /* 38 << 140 */
-    { { 0x413c7ee2987d0c74L,0x2ed4f5a085300d40L,0x158c43d7ac13c624L,
-        0xd71848db09c8b19dL,0x75505e2b0565dac7L,0x168e414a20fc368cL,
-        0xcfb4283e0ea9f88eL,0xf39543bf758fe171L,0x0000000000000164L },
-      { 0x35e54289d98d8173L,0x2ca86f6fb9518343L,0x61dcc693519ce3cfL,
-        0x91aded0d3f9e26eeL,0xbf70d414b824d11fL,0x8a2d8a7f0f4cb14dL,
-        0x735009e46c6261f9L,0x7ec2b1232471c948L,0x000000000000008dL } },
-    /* 39 << 140 */
-    { { 0x870f9cb4a32999b0L,0x74437cc97189a3daL,0x9dc9814abe7c0a6aL,
-        0x49d7ea1cd8a8b051L,0x0501d49b68b28d3fL,0xd3e65e3df496c58dL,
-        0xfcade2203b8d66a2L,0xb5a6c1c9526c8bd0L,0x00000000000000f7L },
-      { 0x91cd67b271fb5f4eL,0xa0af14d96d6e2e1cL,0x840a19d4d38b37efL,
-        0x4b66e20a93a9ea62L,0x81fb5fa30b83bf02L,0xa92fea241051e64aL,
-        0x6788483422c14f6dL,0xe10bafeeca340776L,0x00000000000000ceL } },
-    /* 40 << 140 */
-    { { 0x789f41da83a65a18L,0x5bb4894fb8a305c9L,0xa6f3bacf2f738054L,
-        0x997b0fdfdaf74eaaL,0xd5684faae810d5cdL,0xa935b391392fa19fL,
-        0x8663e1c6850b10bbL,0xc0bb73437c749d23L,0x00000000000001fbL },
-      { 0xb090011f1ae17d4fL,0x67152af36d6954d9L,0xc2e0ab2979e7822aL,
-        0x6dd7cec997784f62L,0x96c7fc2957109376L,0x2815b8113f967c39L,
-        0x22cb5983d7fabd0fL,0x583ee8355fa5a752L,0x0000000000000146L } },
-    /* 41 << 140 */
-    { { 0x8b56eb2c5019302bL,0x06e9d1aea8d84e40L,0x691e1c877df7094aL,
-        0x47b910adb1f1e654L,0x83e506b760b44fd1L,0x1918e257b9ba00c8L,
-        0x0ec4be508d41465bL,0xfd121959da18d1a6L,0x0000000000000140L },
-      { 0xa34a1e684d047374L,0x6201d460b4316331L,0x331a7882078f21dfL,
-        0xfaf64df9148c48aeL,0x2cce458d87e58591L,0xae3393755d170040L,
-        0xfd9ba9ff4a6d9a42L,0x58493d52573859d5L,0x0000000000000056L } },
-    /* 42 << 140 */
-    { { 0x6187b95820a9dac5L,0xfd9315c1a8f9e18bL,0x50e385c080fbbe78L,
-        0x42e8fa0b6d70e105L,0xcebf0b28c535e577L,0x2095d5027cb7352dL,
-        0xa6673d873972a336L,0xce13ca020126a92cL,0x00000000000000a9L },
-      { 0x6f3dff0689b255fcL,0x71a60c67df1a0a04L,0x9b04cf5301c122cbL,
-        0xc3d298b91342573fL,0x12aa6b82848b07eeL,0x8b10b9069b619109L,
-        0x56660e8ccc89c390L,0x32bd385c8f29dd7bL,0x00000000000000e7L } },
-    /* 43 << 140 */
-    { { 0x4e3876b249617dcfL,0x0eaded881393d785L,0x7c6967e570cb9ce3L,
-        0xc6873abae584ff6cL,0x6d18a71a967162b9L,0xf29d7f31a203b785L,
-        0x627ccb0851ea4b5bL,0xa4218e75ad6f8c89L,0x000000000000014bL },
-      { 0x552819fdac3f5ce4L,0x4a00293c539999a9L,0x5eb79de4c782bfc7L,
-        0x21fe279d671a30eeL,0x146b912c58c123e6L,0x74b095804c97f32bL,
-        0xf182d37ab3acbf61L,0x8c9886570d00d2b4L,0x000000000000006dL } },
-    /* 44 << 140 */
-    { { 0x57f80100fe209f1dL,0x71c60c6fd43ccebcL,0x033d3c2854e446d5L,
-        0x2003e502d3f1007bL,0xd87ffd20d79548bbL,0xefd5056f86ece398L,
-        0x80cef761e69482deL,0xf62b923038d1673eL,0x000000000000003bL },
-      { 0xfb44b80cfdb5cab4L,0x4f520a4aa1af6209L,0x0ff5bda847e5b2ffL,
-        0x85d1dc6e8b0ac82cL,0x8a19ca4f1d2eb0e8L,0x9e99fdca7c488126L,
-        0xb754370b1edfdd03L,0xfd181a02ee494576L,0x0000000000000106L } },
-    /* 45 << 140 */
-    { { 0x1d3d318ff362cd2eL,0xdd4725846711d19aL,0x56207e9ff1858a12L,
-        0x3bad522a5c10b471L,0xc925ffa871aedf63L,0xd8d53ffedae62373L,
-        0x248da617a3819bebL,0x71fe647262ae36adL,0x000000000000012bL },
-      { 0x2acc43d9375712a5L,0x8d942d284a4962e4L,0x53c296197cc6b7beL,
-        0xdec24b5919f536c1L,0x15b9e285b2e78107L,0x86d0f79383e95280L,
-        0x225219f813179418L,0xd416e229387c2867L,0x00000000000000adL } },
-    /* 46 << 140 */
-    { { 0xb58259824bea9e27L,0x9e27af0751f4fd00L,0x5cec315a1e77fff8L,
-        0xcce4be49021d7518L,0x9330fb3373d0692cL,0x1730d9e896be6a41L,
-        0x9019c06c80444818L,0x84ee038eefcdd584L,0x0000000000000041L },
-      { 0x65869ea65157da30L,0x478e70f6facf8c15L,0x5cfd22fcca9def36L,
-        0x5ed90506a3126a73L,0xca6b0ab1a1e2cd48L,0xaab6ac8215cb7122L,
-        0x8f88e213d86ddc96L,0x0412bf12c8c13f1eL,0x00000000000000b1L } },
-    /* 47 << 140 */
-    { { 0xc4a01839e6931841L,0x5953809f30be402dL,0x8b56ce11c3fa4c19L,
-        0xd2677642043a7e0fL,0xd4b9df95fe0f5cc6L,0xc6f4a5a22d6b2c98L,
-        0x49db7c27426282a3L,0x658d11be03260727L,0x00000000000001b1L },
-      { 0x9236615fda96f5f3L,0x76e3fa6f6e6ae4a5L,0x1f1d55010c7de659L,
-        0x80e17dc33f994e69L,0x74c24adc6684ff4fL,0x614652d6c4a60902L,
-        0x6ef20ec54a2e2ff7L,0x6db06cdfcfd9b199L,0x00000000000000e0L } },
-    /* 48 << 140 */
-    { { 0x6b8f830418a82ccdL,0xc3c560011b132b2cL,0xafb9250d8ded65a4L,
-        0x921b4635945b6410L,0x100306bd9f168610L,0xdae04ed366edab88L,
-        0x4edab84ed86b2664L,0xdedaa28cc815c6b2L,0x0000000000000142L },
-      { 0xdb8265f17b7161c2L,0xf022683f8f11558cL,0xb8859f1fcf5fe6efL,
-        0x7419abd8ad90be7eL,0x8289c33f24aa372cL,0x3871cb407c9d3be5L,
-        0x55402906b3034315L,0xae557332a7e70821L,0x0000000000000014L } },
-    /* 49 << 140 */
-    { { 0xd39f520b8e0f7e9eL,0x153866ff8d0fd062L,0xdb15decf87a3f88aL,
-        0x6ff41e5c72d55d0eL,0x44ba35b94ded067eL,0x46f07e1e584a3fbbL,
-        0xc2998a4a3f909c94L,0x645d2f7dc1f8d292L,0x000000000000019eL },
-      { 0x992c5807341c12c9L,0xf2d2f1e0b2c77b3fL,0x9dbc83aabc99a864L,
-        0x0687cbd145300329L,0xf8b22c0a5d7b5dfeL,0xe110d7e57cb97195L,
-        0xa680d2d96fc7e42dL,0x39f4584cae5d5039L,0x0000000000000023L } },
-    /* 50 << 140 */
-    { { 0x7836badb584fb47eL,0xec96b42dcc48845dL,0xeec01e0f435017f2L,
-        0xd7f7857766f61203L,0xe82608d41730ab48L,0x9eb3b2c3a4b35551L,
-        0xf14b296e21e399e8L,0xa07c6566f4d2e554L,0x0000000000000005L },
-      { 0xf50bd939b79d53beL,0x376e88bd324ca0b6L,0x43a24688b91f677cL,
-        0x821c11d97fc385c7L,0x0b766adbfa3459fbL,0xce0225e33c45fecdL,
-        0x508a49f7130a419fL,0xde6f53c5b9515e1fL,0x0000000000000143L } },
-    /* 51 << 140 */
-    { { 0x175cd2cec14ffcbfL,0x4b1b3cbbd269602eL,0xea11435a257cb2b8L,
-        0x172ffe4827c1f139L,0x2f4e6229bfffa4fcL,0x4be074c9c2be5e41L,
-        0xf91f21bb8f2cb3cdL,0xf116fcf14d7108b2L,0x000000000000001dL },
-      { 0xf93def59effad0fcL,0x9957c785e54de87fL,0x2b3d8e7396903c15L,
-        0xc373efb0f091ee95L,0x881699e9f4564854L,0x4a64517b7de613edL,
-        0xb260565d73c10c4eL,0xdeb813b518d4d4fcL,0x00000000000001b8L } },
-    /* 52 << 140 */
-    { { 0xd64a62e38f0599a4L,0x17c8c046e4bc61a0L,0x76b9b05d1812e087L,
-        0x253e9187c0f673d1L,0x8e02cdd01f8cde04L,0x576609d68714debbL,
-        0x61bb207657420758L,0xfeefae3a3e68bfb4L,0x0000000000000111L },
-      { 0x2ec9513515522d32L,0xe35811c580c19a4cL,0xe7dd7c057e37cb87L,
-        0xb1cf36ba16a8ca9cL,0x57163e9bb05ac678L,0x9bbe8a774ab4d064L,
-        0xadb308e09451dd9dL,0xe7b834ec17aa1d11L,0x0000000000000093L } },
-    /* 53 << 140 */
-    { { 0x847550a14f3203c9L,0x441cd9d9bd63820cL,0xf827fec2d231b04cL,
-        0x96c5e5dacae5e016L,0x06dc22775d223032L,0x87e8052724c4313dL,
-        0x15cc1b277bb78ea0L,0xd92f2574201d9edcL,0x0000000000000159L },
-      { 0x4d7082592d170a33L,0x01e2b8e72fbd98baL,0x180daba85f9e906fL,
-        0x77a1bf3a8def35bbL,0x648fbd384dd7bc01L,0x7d90c0863455a0d1L,
-        0xaa24fa724004cc29L,0xbf3868c54a5fd928L,0x000000000000008fL } },
-    /* 54 << 140 */
-    { { 0x8cbab5a70c570045L,0xa475735431d1bb51L,0x9eee4ceb444399c0L,
-        0xbb0778665a4d10a8L,0x04f4700eed6a38a6L,0x58c5c6c85bcbbc76L,
-        0xf7c0f5c3976b1c84L,0x9ac5fe72074af6b7L,0x00000000000001caL },
-      { 0x551d4acecdfff064L,0x7aaa92f1a4c00fa3L,0x1e55fe218c3f16a6L,
-        0x3de2f116f2e73439L,0x457d00585c583e87L,0xe3335a69ca962853L,
-        0xa21c0d2c118d709fL,0x4257e6a6d21e990aL,0x00000000000000cbL } },
-    /* 55 << 140 */
-    { { 0x6e6c89f5d04d03faL,0x63aaa58dce5e7290L,0xf76838bda910619eL,
-        0x80c24771bcd11f15L,0xddc294169425e02aL,0xcc486bce0263e8cfL,
-        0xad11349862db25deL,0xb4bf878a6dc9f601L,0x00000000000001fbL },
-      { 0x895ee8c70b91aeb4L,0x8e7cb7e0cf0f7609L,0xe89b60279e1427a2L,
-        0x7b9035cf7b8dd96aL,0x096b128e4535357bL,0xe333a5e139e3f807L,
-        0x4d2ce2d08819dd53L,0xafe18d5568251143L,0x00000000000001e3L } },
-    /* 56 << 140 */
-    { { 0x8d6eba17e9d0c03dL,0xdf3d3c1cc3c1f760L,0x9776992607401f2bL,
-        0xa0a5992204cb691aL,0x1fe9bb01b6ffb7a2L,0xceeee53e207c9509L,
-        0xc9224c7f82352c8eL,0xbb29f68f772d9de6L,0x00000000000001d7L },
-      { 0x3708ea24802ea716L,0x7735dcd80cb41faaL,0xb0e4dc31e2e98dedL,
-        0xfcbf0807a5776dfdL,0x30b121261602ac0eL,0xb1080dc0cb155450L,
-        0x9872c0b7686b0117L,0x53718ec24fc407d0L,0x00000000000001f2L } },
-    /* 57 << 140 */
-    { { 0xaac1bebddd3131b6L,0xb6ae2dbd355fc1a3L,0x179c6fe93e91bd61L,
-        0xdb13596c2f5fe441L,0xaefaa096a6171014L,0x6af216af84ce8690L,
-        0x90fc31872771b4c1L,0xef31625f6c17ab8eL,0x000000000000005aL },
-      { 0xd7de907dbe106f8eL,0xea860c78ef29153eL,0x19de038a9fff6a9aL,
-        0x1a4b9b0f816645f7L,0x6eac219be91f38cfL,0xec8bb484cc084436L,
-        0xf1df126ec024e970L,0x106e9d1df10a9f32L,0x00000000000001c7L } },
-    /* 58 << 140 */
-    { { 0x887f5f7dadaeff53L,0xedcbca6c786fef67L,0xd7bb8943f09a8d39L,
-        0xd479d649909702dfL,0x4ae419db67ca7124L,0x261d989c485a86afL,
-        0x98967d4a9be0ae87L,0x3f6aaf7ec22f8626L,0x00000000000001a2L },
-      { 0x84cce3aa6127b3a0L,0xd6c6f9e454bfe185L,0x7ea36b64c8207accL,
-        0x9ec42d09651c627bL,0x3b933445b30cd27eL,0x24671c86057472eeL,
-        0x59ecd8cc6eb69b43L,0x87b80a767eb210dfL,0x00000000000001b4L } },
-    /* 59 << 140 */
-    { { 0xa923220091a7620eL,0xedd722be85bc2a66L,0x3876833331e7a7fbL,
-        0xa190e74125837410L,0x0ba399038d0339aeL,0x5e5bede878292e1bL,
-        0x65c8e564fc1727e6L,0xca1a08b61c7626a6L,0x0000000000000165L },
-      { 0x465c87a5d36c351dL,0xdfbb991bdde74f25L,0x587247c439474176L,
-        0x24452876ad1dcd0eL,0x020dd2685d105c53L,0xc6578e676c09755dL,
-        0x38e992b57fd6720dL,0x722e35424d7cab65L,0x0000000000000028L } },
-    /* 60 << 140 */
-    { { 0xafc72082bce9ceeaL,0x3d6782d22e39b303L,0xcf80e0e42d0707bdL,
-        0x2ce86804499c7a85L,0x2886fd1d0078e18cL,0xb4fd3d50f4b05c32L,
-        0x0e15e71ec3872f88L,0x22a9f5d16ed84f63L,0x0000000000000021L },
-      { 0xb3373fd31a67be31L,0x2d735f4cc320c1a6L,0xbe78bf0e89cc9314L,
-        0x103c15dc9d83b96cL,0xdc4911c6e59d4b8aL,0x82035e43e77f32abL,
-        0x5b67b58fcc0fc8d0L,0x68345fd533f6fb5fL,0x00000000000000a6L } },
-    /* 61 << 140 */
-    { { 0xbf16e67a89cea871L,0xcc9468110e8a4e02L,0x0b98bedf81bd3ab2L,
-        0x3e1426e33d54ffffL,0xc1cbbd7556c0dfa1L,0x620757a15eaf6969L,
-        0xf4bcd2c407429b44L,0xfb1d11cafa1954fcL,0x0000000000000130L },
-      { 0x620e9551ec84e8c2L,0xed5fb669bd2b2df2L,0x5fb8443227f1b8eaL,
-        0xfc245aeffde8747eL,0xb5c86e67b3d63366L,0x840d13cbe6f5ace9L,
-        0x8f48e4b80d52b642L,0x47218d9612968625L,0x00000000000001baL } },
-    /* 62 << 140 */
-    { { 0x63c7f49beaf731a7L,0x8de8815f4d3db806L,0xabb9f24f05a18ce5L,
-        0x5907d287c98281baL,0x112f1c1499819cb4L,0xb6c82e83f4b873c6L,
-        0x84dc0f43369bf15fL,0x71c53d9005d32850L,0x00000000000001f1L },
-      { 0xa83cf8ee69584f8eL,0x5417454910553d5bL,0xbfb36711adafdb64L,
-        0x4d28a04142f7244cL,0x03458837900552d0L,0x712d0c1cd6f23c51L,
-        0x5f541b75b10fd53eL,0x3e1824c5f43d7b90L,0x0000000000000081L } },
-    /* 63 << 140 */
-    { { 0x83f636b0455342b5L,0x4eefc94489cd2497L,0x9cd00d6c21d70b2fL,
-        0x6ffa051f02a29335L,0x03085ff0e800ddffL,0x9de699100fcc7935L,
-        0x33e4e2a246689663L,0xaa6c25f3b467e56cL,0x00000000000000c8L },
-      { 0xb448fad49af4127fL,0x1b3603254d024fedL,0xdd1b4ec1724446eeL,
-        0xac577edb13df9d91L,0x515818244616a822L,0x289df7cda5480005L,
-        0xcd8f303c0b8040a5L,0x88e9b6fa7d0559c0L,0x000000000000012eL } },
-    /* 64 << 140 */
-    { { 0x42458cfc40817aa5L,0x96f15f13560cc12bL,0xf96ea2034400b1e3L,
-        0x266c2a626ebc6b8eL,0x98ebd5d42b374cbcL,0x15c1f4fd97f946a4L,
-        0x759238ae33a07357L,0x6de75cfe2e3338c4L,0x00000000000000acL },
-      { 0xf73dfd08a1d6bad6L,0x32228f5f72566188L,0xea587fed0497dd53L,
-        0xad4c4a562c1673c2L,0x8c8dcec4ade968ffL,0x77bf520edef7feaeL,
-        0x856bb7987e6a19cbL,0xc289274db7fb508cL,0x0000000000000050L } },
-    /* 0 << 147 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 147 */
-    { { 0x2491a894de6bafe8L,0x8aa13ac5ee9eb4c2L,0x1623b9df31b2d1feL,
-        0x1fb69ca81a5b21efL,0x722f1be3290d231cL,0x8d2a56eeb93891f0L,
-        0xb534845b48a2dc2aL,0xe4fadafc3e2a9160L,0x00000000000000caL },
-      { 0x7f9d50b8810034b4L,0xfebda319e8703f93L,0xecae100844caa3d9L,
-        0x21767275bb5e0dc6L,0x529817cdac64fb7eL,0x984cb5bd31b97b4fL,
-        0x33000d288ba3a593L,0x950b9c149003a472L,0x0000000000000039L } },
-    /* 2 << 147 */
-    { { 0x5e94c2a2a1da3c44L,0x90d950916c05a3e2L,0xb29b791e74871eb1L,
-        0xe82a41fa50c2d855L,0xd2d24df91e689f42L,0xe9e935450cf6ed2fL,
-        0x5fc9d992c6ed3e7eL,0xb4eb7df03606713dL,0x000000000000004dL },
-      { 0x248fd9d72099171aL,0x908d539e1d16d66cL,0xab47b9eb171bfd3bL,
-        0x70e5de8cecdd8e37L,0xedd44ae051eed557L,0x4983c6faad95aeb2L,
-        0xdedbfea1cdc8214fL,0xc6ae2030131549b3L,0x00000000000000c9L } },
-    /* 3 << 147 */
-    { { 0x7f642d9767b9ec83L,0x262cf832a01a1318L,0x279669d0288517c4L,
-        0x39e8ea3451456d59L,0x5a8b5b78e9cdcf0cL,0x37b6e21f183a3198L,
-        0x0cee02daf754f97bL,0xb6fc483e9c76fa86L,0x0000000000000137L },
-      { 0x783a819125386715L,0x4fa789033e397588L,0x25dc90b31825e7bbL,
-        0x648caf54125497ccL,0x14940daabd22072eL,0x0a6fb1af51e5a037L,
-        0xc637e1ef41570602L,0xb63d078dc1685b35L,0x0000000000000030L } },
-    /* 4 << 147 */
-    { { 0xff25170724db06fcL,0x4421108c849ea0b1L,0x3073c4caca8162a1L,
-        0x6d768642e42af7adL,0x031eba68a6bc7790L,0x9a8154c3d8d64e3fL,
-        0x7060550e297aafe9L,0x8681a2c6641391fbL,0x00000000000000fcL },
-      { 0xe9e76b16e0675e14L,0x3c4e3c42740f9bb7L,0xd3e75ff52869a3aeL,
-        0x99a891aba47c7580L,0x42b47bcf0b321989L,0x2d1212a00a6dd3baL,
-        0x25b1c5c8b43e9086L,0x8bc954e8e8d1a73fL,0x00000000000001acL } },
-    /* 5 << 147 */
-    { { 0xcb43d398c9b67ea0L,0xff2afbac39f12f2bL,0x516c8971a99ef099L,
-        0x283cbd94271d23e0L,0xfc2a6cb5cb3ec463L,0x2f08949e25d3036cL,
-        0x496b399a5d21c843L,0x493ab65a61dc0631L,0x00000000000000afL },
-      { 0x1f2e2d3d092d0f6cL,0x4d09ae2975901dd5L,0xb4324dff826cc023L,
-        0x98744acff8f24acdL,0xb4b90fd6c4da3267L,0x3c5a2dffa221c054L,
-        0x70c249032f1d7804L,0x3d8676a9ae973b22L,0x0000000000000080L } },
-    /* 6 << 147 */
-    { { 0x5c9da1422f134a93L,0x898c25ba65dd482aL,0xa8ce92fef6ef3e64L,
-        0xe462faec5da54ecbL,0xdff68f3fb81e3ec3L,0x5278eb6c4b8ef144L,
-        0xf98a36d50dc84f3cL,0x8edd6edba94ef000L,0x0000000000000191L },
-      { 0x738606c4ce8f5403L,0x102f1b3a1a20b349L,0xe7f1bf3328f73251L,
-        0x0136f3eb1dccbbdcL,0x5b2b77633df6d9a6L,0x02b03dc6c9ee09fbL,
-        0xff600116ea421742L,0x432728e840d3c3ebL,0x0000000000000034L } },
-    /* 7 << 147 */
-    { { 0xd97ddfa513137accL,0xb48fd161f90ae86eL,0xbe3b1135664772c7L,
-        0x36a3f3bb882ebcbbL,0xa0bd95d4c260b262L,0x15aa4d0514b47d2aL,
-        0x93607e4a08838ef1L,0xdbee0effc3e3a24aL,0x00000000000001d5L },
-      { 0x552772377ea76b01L,0xfdb2d29e02b16d83L,0x8503e9f50a9f47bfL,
-        0x6b462a78702205edL,0x996d0687e7449e0cL,0x005ffde4a89f336bL,
-        0xd784ec5fe7b964f6L,0x4360cf20c319e445L,0x0000000000000194L } },
-    /* 8 << 147 */
-    { { 0x4bc6f28624374decL,0x9ded182eddbf9446L,0xf58ddb470c3c51e1L,
-        0xa6bd194efcff08c2L,0xdc47a3a63e931aaeL,0x7f1020a8daf165e6L,
-        0xd439739f8faabc58L,0x6efc35ab5951222aL,0x0000000000000187L },
-      { 0xf15ee7129498152eL,0x9e85afc9acbf1f82L,0x7b5853ee397280baL,
-        0x0283243a6b8d13eeL,0x64abbdc796cde865L,0x0284a75f3dff94eaL,
-        0xc476e3a69c7b3d53L,0x9dafe302d1884045L,0x0000000000000133L } },
-    /* 9 << 147 */
-    { { 0x274d321fa6ea2d61L,0x189731b0d4b12aecL,0x3e3ad753923d81b9L,
-        0xe89c40b7befba1a5L,0x6fcd642a015eb22dL,0xde04f997d12be7f4L,
-        0xf2cfa38caf2ccc17L,0xc9aa307ed96b8001L,0x00000000000000a9L },
-      { 0xd390598b0b1d5123L,0xe784d0dc329e33efL,0x5b5c64a26d030653L,
-        0x3bc1c276b5a20b12L,0x2cca6aa8755810f1L,0x0c01df0aabe5186fL,
-        0xe997bd088aa9c400L,0xbb8d216198c3fb2aL,0x0000000000000117L } },
-    /* 10 << 147 */
-    { { 0x1d7b9b778d4fec63L,0x47eb33fb690c571aL,0x3d2bb2de05a01ce5L,
-        0x16cde99b78c47fffL,0x0359242c699656b3L,0xde0c7d81bdd416b9L,
-        0x60863068b6144f4eL,0xdfa66d197583c05aL,0x0000000000000142L },
-      { 0x892f8b4e8ccad1d1L,0x085cf7f6cceaac0fL,0xa07608425df33b07L,
-        0xd4737bc3a8747ec7L,0x7f8147a128f4caddL,0x49d9db4c8480de3cL,
-        0x5baa01d5872dea19L,0x2a8726b1e84044c3L,0x0000000000000126L } },
-    /* 11 << 147 */
-    { { 0x7f3138f9e293680aL,0x6dca11bbfd6a8b9bL,0x88932ac6b4b7ee2fL,
-        0x5138acdae2b95958L,0x91dc3e9a639d074fL,0xd7d4903064296944L,
-        0x818ab55f21383bd9L,0x78ae7acb1032d97fL,0x0000000000000069L },
-      { 0xb23f14d075173454L,0x51df08b37ebc4f81L,0x808454cf65aa52b9L,
-        0x782b09610e6c952bL,0x40658769b8e92c5cL,0x4fd3ace2349f1d8fL,
-        0xa9cce79ba0699cc6L,0x587f8a83e565c582L,0x0000000000000043L } },
-    /* 12 << 147 */
-    { { 0x19a54eb6407386d7L,0xdf16baf601c2186eL,0xfad573e89bd9a894L,
-        0x343bbb0bccbeac47L,0x44febe5e4f7f5443L,0x87c81269c3ad9175L,
-        0xdd79411447319eb7L,0x3302374938f26dceL,0x00000000000001ebL },
-      { 0xf94f891c1f1401dfL,0x2ae0e96a1450357fL,0x179a522785202255L,
-        0x10518e7f397d8d98L,0xfa56e665828575b0L,0x7622b705faebb982L,
-        0x63f9067ae3b3b8acL,0xb30f7bec6fdf48ddL,0x00000000000000dcL } },
-    /* 13 << 147 */
-    { { 0xa1e6af0f35b8d081L,0x46af5adba14b50ceL,0xc6cc9452288c50f4L,
-        0x1bcacbd6f8910af4L,0x9ac8ebdad83a4b2dL,0x021e43ee5514aa3dL,
-        0x4d5d0544b14bfd4aL,0x5bef6ab754bc3519L,0x00000000000001e1L },
-      { 0xd6ee66883af6fd56L,0xfc55226508bc92a7L,0xedab91fa2e7ddfb3L,
-        0xe3f1fd7731472d2fL,0x2c751ccf35ea46d0L,0x570cf16d4cdfe038L,
-        0x6ace17d6c87e7495L,0x02a9a0f3942997b0L,0x0000000000000198L } },
-    /* 14 << 147 */
-    { { 0xe5b551ea2dbff4f0L,0x438195568ed22f87L,0x1a42769cd42f4897L,
-        0xe5a6f518a1a6ee3aL,0x9b53a9e63ab29b90L,0x6189a415c2fbf1e6L,
-        0x6ee4570e2599d956L,0xebc865b6dd1f4bcbL,0x00000000000000a4L },
-      { 0x66abacd8843e4791L,0x3bb5c48e7a8cdc84L,0x3f4e2d197b5a2f8cL,
-        0xbb945d44caffda4fL,0xd09a8f34b7bfb4d5L,0x1308f3d83501d709L,
-        0x0bfb71e4352b9435L,0x92c77d2a403e594cL,0x000000000000019bL } },
-    /* 15 << 147 */
-    { { 0xcf38db175fb9017bL,0x66e774ccd1149878L,0x262164d38581662dL,
-        0x52ca418bfbc653e2L,0x9d3b9b86c74d0c1aL,0xdd58b60b41dd9fe0L,
-        0x63455b0ce55cf6f6L,0xef7fa7be5e37bd43L,0x00000000000000dcL },
-      { 0x6982c041cf5b3c78L,0xb48f8d01eb7fb22cL,0x2f88398d5c4c129eL,
-        0xfe6c03131bfa5216L,0x2c94d9d55eaa1448L,0x19b49c084fd026c8L,
-        0xf3ff621ee08f4788L,0x4b3e563397f2b547L,0x000000000000012aL } },
-    /* 16 << 147 */
-    { { 0x9e4ab8c58b327354L,0x89377c3c73f5d13aL,0x1f93cc126e55dee9L,
-        0x7b4255bce490c030L,0x5451bdf5047ea02cL,0xc01d952cb461d14eL,
-        0x172d0f20b9e21078L,0x694587a5a1295f3fL,0x000000000000002fL },
-      { 0xd54076270219fa4dL,0xbc0b846fa3bb7f30L,0x5c17104e2ba06bddL,
-        0x2490f12bdf3ce36fL,0x0fe2e1ca08468c10L,0x8126c060a9e2c73fL,
-        0x7685e59c5cce9dd7L,0x5f5f64da9e8ca8b2L,0x00000000000000bfL } },
-    /* 17 << 147 */
-    { { 0xd8f8dcb47165a15bL,0x3566655d27456d16L,0x3f8d6e4dd64d1044L,
-        0x63cc9c8d4d23368eL,0x3b81eaa384ed399aL,0x7c81ee61be377229L,
-        0xdc091f9720e863a4L,0xa2d486a7342e6ec7L,0x0000000000000194L },
-      { 0xcc7f5d9294fa2791L,0xdc18552a8cab138fL,0x0418657c2e9238c0L,
-        0x38b45acaaec9eaebL,0xbd68814fa14aa270L,0x5b521b2ae14bc29cL,
-        0x22f15327c5ecd539L,0x285ff2f2e109b02eL,0x00000000000001d1L } },
-    /* 18 << 147 */
-    { { 0x90276bd80eed122fL,0x5feb9a3a51af464fL,0x6723d65f591afda1L,
-        0x4612b5b20f6233c3L,0x8427e3b7aa39d6e6L,0xa6311da25050a2a8L,
-        0xfcf3c90a384a189dL,0x956c6fa5c0e2cb3aL,0x000000000000010aL },
-      { 0x665bf31000b63facL,0xcb8cfee137c71ea8L,0x8b3cdfeac1bc2f1aL,
-        0x712f91a9956eb88fL,0x3e7ab8c3b979486bL,0x376b1f96e540d2b4L,
-        0x01ef726f8cb06e29L,0x240b1df4cc582bd2L,0x00000000000000d2L } },
-    /* 19 << 147 */
-    { { 0x489148c9c274d307L,0xc660855334a59a0aL,0xf1b52d7feb4b8eedL,
-        0x98e050a7ffb5310fL,0x5c6c2a50069fa531L,0x390546312329789cL,
-        0xd525a9f162ad0e01L,0xfe4f68300d72772eL,0x0000000000000145L },
-      { 0x22065d2ccfec9cf1L,0x55c4e59c64422d9cL,0xf233fd545bdf4751L,
-        0xcd8536a0221ad6b3L,0x277d802686061244L,0xee697ba465e521cdL,
-        0x0efce228316d5176L,0x26bf3a5dde23683cL,0x0000000000000189L } },
-    /* 20 << 147 */
-    { { 0xd145eb32b6f1416cL,0x77bfe297670bd3e2L,0x4fe924dfce10f4d2L,
-        0x9651650629f3c127L,0xcc669c51715b9e23L,0xafa90094b60a780bL,
-        0x35114c8ae1aee1b5L,0x3f793f136599dd0aL,0x0000000000000176L },
-      { 0xf098fa02bab41133L,0xc018fb4737635fb9L,0x0be935b6eb948d5cL,
-        0x453838bc27db09c0L,0xcf717312b29a531cL,0xb001eb51446ff102L,
-        0xeb0a15c7275b0b94L,0x32e88f1499a3fa93L,0x0000000000000049L } },
-    /* 21 << 147 */
-    { { 0x8cf0c5cab2cd40e7L,0x02005c870804d05fL,0xda149871a34588ceL,
-        0x867ee45824cedfe3L,0x87be46ef27b2c1f9L,0x7774a05c22a6426bL,
-        0x37322562a785a3d7L,0x1027a76b6ecf1cdaL,0x0000000000000164L },
-      { 0xe5e8a7d6131efb98L,0x93da652a3c4c1d49L,0xe7c912d72658edacL,
-        0x8185f36a36903539L,0x37b3cf19dd6f668dL,0x70ad7a7cb48ddd81L,
-        0x8b290a4f8b04de45L,0xb7382782f7a955b9L,0x0000000000000031L } },
-    /* 22 << 147 */
-    { { 0x5add1d5f23342e9dL,0xdfc4c696230f2ddeL,0xd925c3a6049c89baL,
-        0x9e2e23d5074b981cL,0xa11db26cf8766d4eL,0xc0a69d7fc37ce4cfL,
-        0xf6de27c4b102e1d0L,0x9921ec7010409988L,0x00000000000000c1L },
-      { 0xa66b32657b6f0de2L,0x2bd9a65778871bfbL,0x29f760a353bb697dL,
-        0xbd91b082ad080bdeL,0x8644a3328e96ea2fL,0xb3e71cdb10d83cf8L,
-        0xd8611580758300c0L,0x7ebb9fd48146381dL,0x000000000000009fL } },
-    /* 23 << 147 */
-    { { 0x64b6828796343187L,0xf8f6db918829c5b9L,0x6474822e697768c7L,
-        0xd5cf4ddd770add15L,0x483b8ab4e7439172L,0x793a759d7624731aL,
-        0x9d4b4dcd439b35adL,0x46654a6afecca0f7L,0x0000000000000084L },
-      { 0x9f2b0ec49d347a03L,0xc4ea4300d7610174L,0xfe4be93c7f5b78d3L,
-        0x00984cc68d6e3886L,0x42a4f895c7e026a2L,0x258e4272d69990e8L,
-        0xe50f642e7dbd5c71L,0x6f81b7ea0d04a6c6L,0x0000000000000073L } },
-    /* 24 << 147 */
-    { { 0x8c9f5cc170b1bcceL,0xe2d68ecef726d3d6L,0x330e1c4c707f25abL,
-        0x4397647f18dfd382L,0x8f83b1ee249a6ebbL,0x7d291bb65738ebedL,
-        0x11d6af26e8db7b2dL,0x47b048ec173d8d33L,0x00000000000000e0L },
-      { 0x16819a7b1843c807L,0x9bddc58230ca2736L,0x2bccd7f2e1525168L,
-        0x0f9dcb4d5900125bL,0x90e3017bb5adef07L,0x09c2381a7bda2ffdL,
-        0xa203c883d47cc848L,0xd173669eeec3c0e4L,0x00000000000001a3L } },
-    /* 25 << 147 */
-    { { 0xb3652eaae3f65b22L,0xcaf7a68167717ba5L,0xa80950e2129aa188L,
-        0xff5be361375861bcL,0x6770cc746abb2853L,0x00252a511fd9dd49L,
-        0x9fe309b2ac485383L,0x59660b05d6c63d4cL,0x00000000000000fbL },
-      { 0x0434d8c896b55b01L,0x053204c5de25fa3cL,0x4291f70d0e8d9361L,
-        0x29a8f0a9a61ef3faL,0x0192e14431b82f8eL,0x9df111c73cfa7d38L,
-        0x344917426663b84fL,0x5da29dea9c154f7cL,0x0000000000000022L } },
-    /* 26 << 147 */
-    { { 0xf1321a601f9d09a9L,0xf4d31ea30c863f7aL,0x8a43a25aad2ce3adL,
-        0xe338837799bc8bd4L,0x062857c2a8e816fcL,0x56378ac296c41801L,
-        0xdc0f04db0e66af1dL,0x8848081a56ffcedbL,0x000000000000011aL },
-      { 0xea2a3e6060b59a1eL,0x85720082f6ffb469L,0xe10dc94cd3e820feL,
-        0xbbead00b43243370L,0x9c4f4aaf715983bcL,0xb53c487337aab294L,
-        0x527c167f49239950L,0xfc0884fe9c1d2b15L,0x00000000000000f1L } },
-    /* 27 << 147 */
-    { { 0x066eb52486148ffbL,0x05fa5ca6b12813aeL,0x3f6cf7521042cb23L,
-        0x620497148cc148c2L,0x7063a531fc06d539L,0xdd392b8c9422ec6eL,
-        0x0dabd4a1dc8c778bL,0x86485e1b9e0f9471L,0x000000000000013aL },
-      { 0x6c358e988f9b6601L,0x11820d055601185aL,0xed9ba8a45e0a28b4L,
-        0x3f28600944c12ec9L,0xa4b35a622ef871ecL,0xe8a89ea53312df04L,
-        0x22cdb00ad5975031L,0x34bb65de3d7c84eaL,0x0000000000000142L } },
-    /* 28 << 147 */
-    { { 0x247f9f991415b5a5L,0x8d40f1e22ed5e708L,0xf1133cb0efc81f52L,
-        0x278a9e9c2b0ed8b6L,0xd0e4058b608882b8L,0x0a74bb730c8107e2L,
-        0x13e8d54e5260f955L,0x7a147d79d3ab9424L,0x00000000000001c8L },
-      { 0xdc0b55a16f9ebf4aL,0xe7a018e054ae1fa0L,0x542720cc8cebfcefL,
-        0xad8fb8dd27d8ba5fL,0x6e9d00da68c5590bL,0x4f1fa055014f5fc6L,
-        0x972a148006b1efd5L,0xbe9062432116830eL,0x000000000000019cL } },
-    /* 29 << 147 */
-    { { 0xc6004c28eeec070dL,0xc744cdc1249ddbdeL,0x33a8dd7ed2fdcac0L,
-        0x1bb3b8478a15f9e3L,0xbe5270ba74951deaL,0x974cefc5c62182beL,
-        0x91a2ed05e7bb8ba2L,0x54ec25d63ec05196L,0x000000000000003fL },
-      { 0x61e73c5078cfe5f3L,0x26d3abaa9a6a4149L,0x4813ce619128d73eL,
-        0xb60761a175e2bad1L,0xa8f869cadca6d591L,0xc46ef1b082aaaf57L,
-        0xe207a47f87ca8574L,0xe156c908eb027d9bL,0x0000000000000131L } },
-    /* 30 << 147 */
-    { { 0x12a5b6b9d51ea4edL,0x6ee257dc65396af7L,0xd921c77aecfe3419L,
-        0xdb9d587e463e4d69L,0x0224cc9f03fe3388L,0x062c03973ec5049fL,
-        0x705fdb3fb1e1d2beL,0xb9c77024ecd64766L,0x0000000000000140L },
-      { 0x9591f031cc7fc0faL,0x2eb3bc1cc0b49c59L,0xbd54081797ce9a6bL,
-        0xd5285b3641b37630L,0x85137b727a1313a2L,0xce410db03bb3c320L,
-        0x2d3628d4193ace4cL,0xa39b6d8775b26d92L,0x00000000000001acL } },
-    /* 31 << 147 */
-    { { 0x0caca7f6389bff14L,0xc34226ae7bbc3a8fL,0xe99816857bf0ff44L,
-        0x259e33e7580f4f8dL,0x5e909449d4a80364L,0xf8b2da9223c3d509L,
-        0x5b3a3f4bbf30299bL,0x4da73ca88151ad0eL,0x0000000000000010L },
-      { 0x5a575220fe7e78fcL,0xef28d13b03eda908L,0xe131b1fcb0f3f2f4L,
-        0x2c8fe211d8151429L,0x1b9897d692f85e68L,0x76e34f11b6437168L,
-        0xe13b797b97e53e66L,0x0ec0b9d4463020b9L,0x0000000000000042L } },
-    /* 32 << 147 */
-    { { 0x16bc33413fdd638dL,0x8c37c58a8c518c30L,0x9dddb8ee79df75d1L,
-        0x0bc82320c91a620aL,0x6e924a6c9126a200L,0x744594a9d20c8c89L,
-        0x0e9b59ac4cc73caeL,0xce872f0a0b276b4cL,0x000000000000008bL },
-      { 0x651f74222c35933cL,0x95238355e025609eL,0xe7891b5b6c14d96eL,
-        0x89c0fa370304d219L,0xdf7da33d61b597efL,0x43df03574120905cL,
-        0xacf01355718df73dL,0x7ca32d0e631ada96L,0x00000000000000b8L } },
-    /* 33 << 147 */
-    { { 0x88809494252b6a07L,0x9afb2482a30ec634L,0xe68ffbc927436190L,
-        0x63223b43168356f3L,0xed2dddc2640ef7ffL,0x8a3d853beeb5ce07L,
-        0x6b555cec4f9347a7L,0xfbff3ff241559afcL,0x0000000000000189L },
-      { 0x60b423485261ab5aL,0x06ec126f930b3a8dL,0xb70a741a9eff20dcL,
-        0x63ef08dd43f6aeedL,0x4b7e962b391a4cbfL,0x2dea977be636890dL,
-        0xc8bcca8edf28a2beL,0x75a069a00db7e727L,0x0000000000000130L } },
-    /* 34 << 147 */
-    { { 0x64ad4b5d38c6cb20L,0x87b25a276cccb7aaL,0x882e1be1695dca6aL,
-        0xb6e216ae98e6653aL,0xab1adfbe4f2a32f6L,0xc7eb17991640b34eL,
-        0xdfb5a618e9b287dbL,0xb98377f2e1c483baL,0x000000000000017aL },
-      { 0x38c1708b0e576a20L,0xcae3cbb5666618d3L,0xe7681da6a8baaa65L,
-        0xca4a87db3661f5faL,0xad07c49713a2923eL,0xfb8e098a1612b88fL,
-        0x00648cbd0211082cL,0x77fb7ef7c08add74L,0x00000000000001c4L } },
-    /* 35 << 147 */
-    { { 0xfd7f19efcd518979L,0x3d439ca9d73c25fcL,0x0834e5770d158067L,
-        0xa52457eb7560ff4fL,0x1d72c5c540f8627fL,0x90445790aead9bacL,
-        0xa0019ef9ebd5094eL,0x0ec581eff66ceb3bL,0x00000000000001e8L },
-      { 0x52b5917cee75ca82L,0xf66fdce0bf5bea5aL,0x825c07b024f56801L,
-        0x5fd13cef8991b8a0L,0x3d1d4880e739ff2dL,0x01a6a6218d6aead6L,
-        0xb5cae8d5fec72d3aL,0x48c498cf9e68ccccL,0x000000000000011dL } },
-    /* 36 << 147 */
-    { { 0xeb7eb4e3cf7c7817L,0xc190cb66eaab7734L,0xdc8faf6a81d04f60L,
-        0xf11c8a8cf998d778L,0x4e2d4b63db67e150L,0xe5522c9556099bb9L,
-        0xcf8dcbf0aebfc2a4L,0x921787cc0c8f6ce7L,0x0000000000000075L },
-      { 0xf6e3e647e163b36fL,0x5e1a1c7428973a57L,0x08c85f9ddf4fba25L,
-        0x45137abd0f27483aL,0x993d2b71753cc2adL,0xc6b0112853fa2055L,
-        0x74e63b5088ca2fe3L,0x06aa66a1d2a13d00L,0x000000000000019bL } },
-    /* 37 << 147 */
-    { { 0x682ffa1b7ec4f64aL,0x95d2e079a15dfbe9L,0x172c693cf5184016L,
-        0x45b10e4f33eac72eL,0x57f555c9d99bc8daL,0x0ca53b2f0656b3e5L,
-        0xd5ad1f26afff9ff6L,0x54197dd60c648286L,0x000000000000016aL },
-      { 0x98c5f4989aa5dc36L,0x906d5559936cf066L,0x4daedbf578c08c11L,
-        0x60ee55a31fd25c15L,0xdd6d6c5f83d1fea5L,0x66af4443c96f658cL,
-        0xd8d4b001326b34adL,0xae9b2b71a2b138dfL,0x00000000000001dcL } },
-    /* 38 << 147 */
-    { { 0xcf5174df03cbc63dL,0x6c45aa2990858f82L,0x4feeb0e94ca9ff29L,
-        0x45c913dd476b0fb3L,0xe019eaebc60aaf76L,0xa616a69f20013ca2L,
-        0x57a9477b8c19cea4L,0xc2d0700a1cd82afeL,0x000000000000007bL },
-      { 0x1eef2b5fef402297L,0x9f9c57d25aca14a2L,0xb890e7bcd4f3bbf5L,
-        0x210714a2ce430268L,0x9088523a57390f8aL,0x165bff6f4e58247dL,
-        0x9aa04525f815b565L,0xb775a4615c6d8ac5L,0x000000000000012eL } },
-    /* 39 << 147 */
-    { { 0xa9bd87c6bd49c789L,0xa1fe2842970f53ebL,0x59160816abe18d83L,
-        0xf69f674898c30254L,0x63688c8e6543b683L,0x14d5ee6af773af1cL,
-        0x327a220e8c42efc1L,0x666a878c900c62ccL,0x00000000000000d4L },
-      { 0xd868e30687e762b1L,0x213f7b043de4e833L,0x022b5fe26c684d45L,
-        0xdfbac3e02cd286d1L,0x7d4e6a80aedb794eL,0xbc3f105e1e60b9bcL,
-        0x6dfd09ed711f8011L,0x2b4f4fe7a3a0de69L,0x00000000000001cfL } },
-    /* 40 << 147 */
-    { { 0xda90f7d5baf7c7bdL,0x1a6719969766aa85L,0x3528f03b24f802a1L,
-        0x04b09da3c7d51cceL,0x7a2fb5077b8e58c9L,0x4cd283ca46c7716cL,
-        0x3c682896f1027492L,0xe34524bd8d6b9f97L,0x0000000000000186L },
-      { 0x4696ab6ff2e6ce3eL,0xff2a7b70f6e77b14L,0x19cdf652897ff820L,
-        0x09f952c2cdf6c8f8L,0x9b3b7e14e34d3dcfL,0xecf5054ee1a3bd0cL,
-        0x19d2e4c83403783aL,0x549bfbc73a373796L,0x00000000000001a4L } },
-    /* 41 << 147 */
-    { { 0xdeaf616310141b69L,0xc41e53f255557467L,0xce2b3655c4d8b612L,
-        0x5ac8d24202f58186L,0x213affee697dcf46L,0x254e7ec39c955508L,
-        0xc43cb58c85f554a9L,0x0d58d3994500579bL,0x00000000000001efL },
-      { 0x466b1a5bf7a19f41L,0x113f74e91fe1301bL,0x18bbe771c54304acL,
-        0x8340ad81c26c2e27L,0x65367af7544448c8L,0x3021f03f017efbe2L,
-        0xbe92d7e6b090ae98L,0x1a0f53e920ecd3cfL,0x0000000000000133L } },
-    /* 42 << 147 */
-    { { 0x66dc8a9b1def0f5cL,0xf4d1c2b73e9135edL,0x317063850d8e70e0L,
-        0xdd355c7a4d254a7bL,0x6189dd55dcf70a93L,0x9d62b529b728ef6aL,
-        0xf9986ad1c74066b1L,0x9aea4f1ae540d945L,0x000000000000011eL },
-      { 0x130818dcf200a284L,0x56418ab66e71f015L,0x94b3427eab8722d7L,
-        0xc5c1c1587aac7863L,0x55fe2df518b94dc9L,0x4813e9915c782da6L,
-        0x6c50ae473eb671daL,0x8b25a79012ba0f9cL,0x000000000000004cL } },
-    /* 43 << 147 */
-    { { 0x409447460587a0e4L,0x5d458c798d9f57fcL,0x684919bcd8657675L,
-        0xcf551d43839fa071L,0x9de6fa17af775947L,0xf4bfb5506669009eL,
-        0x234870726375aeddL,0x5cb589eb1c7180e2L,0x00000000000001bbL },
-      { 0x128d24df97ad0e22L,0x160d55a40111adbcL,0x7e57af656d0f5f99L,
-        0x4d6c763f09910699L,0xfedb36a7ab9c174aL,0x35fd8a827f579c65L,
-        0xdf7e65d169af343bL,0xca6829bb448a45a4L,0x0000000000000015L } },
-    /* 44 << 147 */
-    { { 0xee98bc02f445f09eL,0x8a9361ff6b4728abL,0x8ce33c616bc007c9L,
-        0x191819be51c7e170L,0xa1c971c0a0f7eb3dL,0xc00ad1e760c9f532L,
-        0x790750ba5972bc14L,0x665d98cb776c1093L,0x000000000000014bL },
-      { 0xcf81d62fd598c5daL,0xfe84e05c7aa8be48L,0x0943e0156c7e2a3cL,
-        0x39bbb769352063aaL,0x3ec54f1b638ad619L,0xe0a92fe3e248bbc8L,
-        0xedeb7234718dc78aL,0x22840b19ce6775b8L,0x00000000000001f1L } },
-    /* 45 << 147 */
-    { { 0xb6f96a59d33ac825L,0x5b7d26dbe328d33eL,0x4b914baafb3a9c2bL,
-        0x626782a126376196L,0xc4ce8e4e9c5c39ccL,0x936c7957afc6729fL,
-        0x7d33ddb57a880449L,0xf1c162de61f21de7L,0x000000000000003fL },
-      { 0xca755d673c0abcc4L,0xee71ff879568310dL,0x57bb9cd89996bdbfL,
-        0xcda5682e63602af4L,0x45f7d757e526c8a5L,0x3f70d0a67e9730d0L,
-        0x47d5cc70584be9ddL,0x57453cca4a5091fdL,0x000000000000001dL } },
-    /* 46 << 147 */
-    { { 0x9e6e310cf74041ecL,0x00525f452f102196L,0xd509a1fafb089536L,
-        0x25eafb85b6ecab1dL,0xc3db17473e670edfL,0x73cd5b1a02a74deeL,
-        0xda5f180a708059e5L,0x4756564105f4a4a7L,0x00000000000000d9L },
-      { 0x4617c8dba2e177c2L,0x4c1cd54d48928799L,0x9db79cc174cd39f7L,
-        0x6ad011de815393e2L,0xfda0a9d375ab45d3L,0x941924fb4944f8aaL,
-        0x9e5612f2425803feL,0xb85b6231e73ad659L,0x00000000000001beL } },
-    /* 47 << 147 */
-    { { 0xf5f9fc42c0ef1a21L,0xe9f903271bb54b84L,0x194164521fd4c3d0L,
-        0x07230be791a093adL,0xc8611dc627a57239L,0xeb64b31ef0a2ed05L,
-        0xc99864d317c09562L,0x13bd93ec682aa5c6L,0x0000000000000072L },
-      { 0x22a721e66314648aL,0x04bbe0541809ed8cL,0x709a97cb3431bf60L,
-        0xd23000ca75e2ab96L,0xcf94327f7317e6e0L,0x5c07a24361efe4dbL,
-        0x1e0f88bd75585a53L,0xe9d5784e71067b16L,0x000000000000008bL } },
-    /* 48 << 147 */
-    { { 0x140d97d668d43990L,0xc2153671f05254d7L,0x15c7cb4048835a51L,
-        0xed01ae6e9b1e5c22L,0xc33296c45a63713bL,0xb44ae73171a53417L,
-        0x70b2359e4e771c6bL,0x582eacf2fe7d32b4L,0x00000000000001e3L },
-      { 0xb6a805b0b9a67492L,0x97617ae34369cc31L,0xdc08edb44d0a7af9L,
-        0x1c89e626c0c63f8eL,0x75e1f1ed615ac711L,0xe03d1b7d8e3eb258L,
-        0xcc2e06e4761fadb7L,0x2dea6e630cfc1724L,0x00000000000000d9L } },
-    /* 49 << 147 */
-    { { 0x30eeed7612619b7aL,0xd8daa1efe23568aeL,0xaf0c5d2700f7929aL,
-        0xd89f78a90dca03efL,0x8eb2878fe39fdcdfL,0x8d8e0ddda71f1a3dL,
-        0x4042473e60afe2bfL,0xe0501f41c19d3ffbL,0x00000000000001baL },
-      { 0x1693d5a1030e8b4fL,0xa0d858cf93320df4L,0x45b0c87cfcabd7c4L,
-        0xb6e171378f8fa025L,0x892617bc01ff2d11L,0x89030f422ed3a401L,
-        0xda0ddd2ac10ee939L,0x24b042d5fd5f3ed7L,0x000000000000009dL } },
-    /* 50 << 147 */
-    { { 0x28ebed439ae8948eL,0xbe7a777ec909cbadL,0x4f5b240434fdd33eL,
-        0xb0ce95a86f24e7feL,0x9549d6a80a6117aaL,0xea4f9ae39ab68d8cL,
-        0x117b35bf9258ab2fL,0x262f08aed8e0e9b7L,0x0000000000000092L },
-      { 0x808fe92c29be09dfL,0x57f69b77ea43d2c3L,0xfaf2e024f50c9e91L,
-        0x00a2dbc95fce3573L,0x72d3ae0513d465d1L,0x4fc54830ed56e68cL,
-        0x662a86491a37f74cL,0x6977a68476c58416L,0x0000000000000063L } },
-    /* 51 << 147 */
-    { { 0x56c1d2934f06b0daL,0x396c88f326ab5d67L,0xef6b98362d0ee910L,
-        0xbd5794fb82fea351L,0xb4aa0ebb8e8a0674L,0x1f99bd2c992a8e30L,
-        0x6c77c4ce13f5b05dL,0xcc2d35166d96d584L,0x00000000000000eeL },
-      { 0x29896c6aa05844fdL,0x615a57b51b2ee851L,0x0780b7ba64120a3eL,
-        0x5b4a41d756738a39L,0xc38019755ea981b3L,0x925ef03121aafd98L,
-        0x62a94e460c31922fL,0x13cf0f0c36933ad5L,0x0000000000000083L } },
-    /* 52 << 147 */
-    { { 0x301c46545f009683L,0x5dd9f7cde23f6a45L,0xe751c7d9d96753e9L,
-        0xb26fda93e50ed86dL,0xb48e4d2ea3014b3eL,0x6d82b06551d16e40L,
-        0xa8b8f4a19952b35fL,0xa3b70bff95f097b1L,0x0000000000000003L },
-      { 0x98b9e4d7ea5ce5a2L,0x86cc4bb2d9548b1cL,0xee2c3a715f65d9a9L,
-        0x22b7cc27212980abL,0x8820302cf5dfdbeaL,0x7f0290529fd77d3bL,
-        0xfaef33b3599b0e13L,0xd6b215998a929bfaL,0x00000000000001bcL } },
-    /* 53 << 147 */
-    { { 0x3822d6dde05bcff9L,0xa1df90859a966665L,0x37d8d08affd0c260L,
-        0x044eb203a393185cL,0x2bb1e2a097b4fa61L,0xd824c5f2f069339aL,
-        0xee973a505e47a499L,0x57c7cb70c7739a14L,0x00000000000001a3L },
-      { 0x50708368841c8a1bL,0x149b29f0e1c18a5bL,0x6d3057aff86259ebL,
-        0x42b1013f9c561498L,0x9c917c000a3c96c5L,0x1f64ce7260e1c1e3L,
-        0xdca64e5d0b26eacaL,0x70809a61ffe62202L,0x0000000000000060L } },
-    /* 54 << 147 */
-    { { 0xf7cb364bebc4106bL,0x322868aa1f5b16d7L,0x35d2bc278a47978eL,
-        0xdd71c1c5888a45d6L,0xbced525701370078L,0xdb80de35d2c742c3L,
-        0x9de9da88492943b8L,0x056084de6d5369b2L,0x00000000000001ceL },
-      { 0x481ba518bd731791L,0x5b7297867252de15L,0xd9e0d759af151de3L,
-        0x32df8fcf9485cf7cL,0x959a47d70da582faL,0xada095c0ae5e4106L,
-        0x1f870a322c80f5beL,0x3996f25c7b53b872L,0x00000000000000fbL } },
-    /* 55 << 147 */
-    { { 0x7b6c5a0d299215b2L,0xe63c9ea3ff30cd5cL,0xe20dcdced944d3d8L,
-        0x58fc33a5037bfe23L,0x084db73f8964c02dL,0x295cbb668036f2d5L,
-        0x5fb5b1575f11677cL,0x08c6f7868c0b8c9aL,0x000000000000005cL },
-      { 0xa71be7daf9fc7b49L,0x90b4fb112eb884afL,0x5a433d1bc20f3de7L,
-        0xa9f96c15d7ec8c53L,0x19d73a9202b16cf4L,0x6db1ec20f0c59b32L,
-        0xea08ad41e9148372L,0xa9425964a8fd959aL,0x000000000000012eL } },
-    /* 56 << 147 */
-    { { 0x327d0a715d58ae51L,0x5781201b6bbb0e9dL,0x2e738768cb5ba871L,
-        0x7a7c4287a1ce9418L,0x75e146164efab0e1L,0x14839cf658a84558L,
-        0xc9c0e010b0156aeeL,0x337859475f043330L,0x0000000000000177L },
-      { 0x9f821ccf075f05d1L,0x18ea20c4c28c986fL,0x6b3173993906dd1dL,
-        0xf8c200ac1ac84aa0L,0xb6876e9b2170699eL,0x967ebc48894c5351L,
-        0x545de7957c5503a5L,0xaa3e77f946b8d0c9L,0x0000000000000038L } },
-    /* 57 << 147 */
-    { { 0x09995831678db97cL,0x21a68fbeb3a294d1L,0xe7e00883a6e564a6L,
-        0x6c2bc4473c6351fbL,0xb26c5e696be68123L,0x5f0bec160f558615L,
-        0x7861fd1d3d4e11daL,0x401c74bb74294954L,0x00000000000001abL },
-      { 0x99ccf2f0240019eaL,0xcd7b969a7d4cd159L,0x5c8c5407f98ad9e1L,
-        0xed9f828849e17f16L,0x15e6f01c07ec8be3L,0xb9385f7f9215c605L,
-        0x9d0dcdec545b52d8L,0xcf19523c4ee0d717L,0x0000000000000081L } },
-    /* 58 << 147 */
-    { { 0x6075fa38019b76d6L,0x69026a5309c93da7L,0xd74ca37abc94b34eL,
-        0xb9326f7dfdb4db42L,0xee55a0529d571ca1L,0x28cc82349b045d9fL,
-        0xc32980ff32b90fbaL,0xae7b8a9e23bcaaa1L,0x00000000000001d9L },
-      { 0x7999b36bb1e28505L,0x3f1a81991a8b12dbL,0xfc384a1e842adb45L,
-        0x45928ce192acfae9L,0xf9c422639575c3b1L,0xa1d497c00c64efb3L,
-        0xbb171deb8f675d61L,0x1112bb0ae420e774L,0x000000000000012cL } },
-    /* 59 << 147 */
-    { { 0xd3a1a740a18e8dafL,0xc7ea1eb81f85d156L,0x9cb8aa11e8cb68e8L,
-        0x5867e62f3cd3e2e8L,0xb9a337f1d8525a5eL,0x19e80310986615bfL,
-        0x35b1126ccd2046ebL,0xe0adfd0ca338224eL,0x0000000000000114L },
-      { 0xb5041e87e0d36af3L,0xf6c1d74ac830aa98L,0xa1251bcd3d9a58b5L,
-        0x084bde5b887e46c6L,0x17c1cfdec9066fdfL,0xdbd86d9be1a07155L,
-        0x04e6b547ad8b184fL,0xe1387caf9ce95793L,0x0000000000000082L } },
-    /* 60 << 147 */
-    { { 0x4443a6c3322a7d6eL,0xbaaa07e080c34583L,0x030a347041f390bdL,
-        0x1570596ce98c416cL,0xa7ed4c7e3ed2ccdaL,0x936b5951440b9124L,
-        0x6587c9d546d24df9L,0x77ddf54c8b22db32L,0x0000000000000025L },
-      { 0x63c9e7b7a4762e43L,0x5a15b97f843b6aa6L,0x370982cb89c1481cL,
-        0x2d4bfe90bc3ce946L,0x5467f0821fa11973L,0x727ec857f1ed8d70L,
-        0x6d0ddd0bbcd130f3L,0x952129f8b6cbeddaL,0x0000000000000142L } },
-    /* 61 << 147 */
-    { { 0x8c63e55ac218c2b4L,0x93017667ca59394bL,0xc0f8e0d1602295deL,
-        0x5de02425002fb9b1L,0x493fd199e8b8fc46L,0x854e759781e1ea54L,
-        0x2f57f5a2dae7a5f5L,0x8454844cd6f46c80L,0x00000000000001b5L },
-      { 0x246d3a54b0b01c98L,0x807bf3892860d179L,0x3455551b5474e8d3L,
-        0x8e007f866fc4f8b1L,0xc409e7d377e29dbaL,0x84510eb48359b208L,
-        0xf29d0ad368d94a20L,0x7afbd7935010b843L,0x0000000000000114L } },
-    /* 62 << 147 */
-    { { 0x48b9115978951f4bL,0xaef87217265fad80L,0xb5d5547ad94d42dcL,
-        0x723c460f1a5ac9d5L,0xbced8eb304aa83bfL,0x276275ab9f569648L,
-        0xb7e2654d7db652c1L,0x16acb62bdd9088a8L,0x00000000000001d8L },
-      { 0x8318bbe3a0134fcfL,0x73dce05c07cab5f3L,0x0d3421b9ead384b5L,
-        0xeb5c77f492b4c9c7L,0x15186834e01bd002L,0x27583717e576e035L,
-        0x4d3ecbc88c8d4d43L,0xe63044592b81fde8L,0x0000000000000059L } },
-    /* 63 << 147 */
-    { { 0x7ec6163a6f63d2c3L,0xdff5558287421ff8L,0x7dd99c23b1f59a95L,
-        0x7604aeaaa41319c8L,0x81c31a0cf7b60b77L,0x80a5bea5597dc7c0L,
-        0x9abc806b7c1f1d0fL,0x60e9f42bb2c9a37fL,0x0000000000000090L },
-      { 0x3526b63f850d46b9L,0x4532e167a10fc8e7L,0x48e5c8f5a35019f0L,
-        0x7aee2a2dd22272ffL,0xa08dee5c726d0685L,0xd0058b333979987eL,
-        0xd155241263607bf5L,0x2201b75aca9a11d4L,0x000000000000018cL } },
-    /* 64 << 147 */
-    { { 0x5249e953d6ae5716L,0xbbf778ca1027f3cbL,0x0a535c1f01020499L,
-        0x80f4cf1b7b847ceaL,0x3cb8c87b66d8dbf8L,0xa8d7b35bdd3562a9L,
-        0x0305b1595ba3f0abL,0x9d5ee3ba7775dbedL,0x00000000000001b7L },
-      { 0xbe2096494e5050cdL,0x176602a16790efceL,0x6aa6ba5f0b21f5c7L,
-        0x6a1d5df0f8c4116fL,0x1a188a83746abbc3L,0x2b2d3317fd2c047eL,
-        0x18067e79b9e5d5b8L,0xed9bbbcfc4be8357L,0x000000000000018bL } },
-    /* 0 << 154 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 154 */
-    { { 0xf6a2bf97f0ab06d5L,0x9f8da4f011f2c6a5L,0x776a1eb0cb8b966eL,
-        0xe74b7349a1903dd7L,0x6978c653dae05c8fL,0x77d364c9e1f5b52fL,
-        0xf3e29bccbc7779eeL,0x4cd77a80641ba885L,0x0000000000000136L },
-      { 0xc79b648f9cb2168eL,0x1b52d0b7d06dbbe6L,0x7b7302bfa65c96d5L,
-        0x1eea500edc838093L,0x83aa1612fb69971bL,0x6398cff0528e16ffL,
-        0xa64963a56d95deebL,0x36f359053d7da7aaL,0x00000000000000a7L } },
-    /* 2 << 154 */
-    { { 0x708003f83c48adedL,0x936a8a382497ce05L,0x66f8e450afece34dL,
-        0x6cc3a161513e1c0eL,0xe2fb655e044610faL,0x8af6a3b362e764c3L,
-        0x839a61f18ca809a0L,0xd43f2d1ec330dddfL,0x000000000000007fL },
-      { 0xf4fb698b7acee1ffL,0x5d19501bcb302bf8L,0x393c9f0876ac0468L,
-        0x16f8b677fd22441cL,0x85662743c504d916L,0xdf3d33119c8cb9c8L,
-        0x1feb20ee42f9cbe5L,0xecd3eece5cad0542L,0x00000000000001ebL } },
-    /* 3 << 154 */
-    { { 0xa9c120098d6d74c4L,0x862c2e5ac0e79387L,0x30e24459ee38eff9L,
-        0xd3637e69764f4b51L,0x6440afad56e273a5L,0xc95ca130e45adb77L,
-        0x89cbd694c96ea2baL,0x9b9c1edbf2099810L,0x00000000000001d9L },
-      { 0x48770298e474a5acL,0x5612463b7b903222L,0x4d92c48f12de8a11L,
-        0x360e5c32ca366bd5L,0x8f16dd03e7e9928eL,0x41cbda9e88bf12f7L,
-        0xe7d794691af3b3edL,0x34c52e7caa4e82a8L,0x00000000000000a2L } },
-    /* 4 << 154 */
-    { { 0x8756b00a9f004528L,0x20374136e9c2b2e2L,0x9e6c6a22cca54915L,
-        0xc5dc6015f6629736L,0x5ef3efa8c4510c8bL,0x1fe7836cdcc2ce9aL,
-        0xac80124a0b55a453L,0xe430cd86dbb7a64fL,0x0000000000000104L },
-      { 0x939b5896a385741dL,0xa80c7d7e3a6c90e9L,0x8df754d6e4c02621L,
-        0xccc73ff172958d91L,0xa80cd923e911d8d9L,0xee0dca498c0171e8L,
-        0x850d8439fecadde6L,0x37550fc24f714086L,0x00000000000000c8L } },
-    /* 5 << 154 */
-    { { 0x04b6a0e91ecb5d79L,0x76dd6ff66661a50aL,0xf781aee776b0f62bL,
-        0x1c5aba38e8569d33L,0xcedc599451bab8d9L,0xb9753d145556e4f7L,
-        0xe0434b07504b2dbaL,0x20ebda14290170beL,0x000000000000005dL },
-      { 0x2c1ede1ef77da08eL,0xcf0c0f3da5a7547cL,0xfb8f6167f81eb5baL,
-        0x36854edada4a5de9L,0x006dcb13de55ea82L,0xc92040022e6d0330L,
-        0x444e1300ee733ae1L,0xc75a73608f3de483L,0x00000000000000c8L } },
-    /* 6 << 154 */
-    { { 0xe09a3cf0af969a6bL,0xb92d2f90bd6ac057L,0x1b2f0a7c84d4595eL,
-        0xc74ccfc4694eca28L,0x5f9cd8d4330323f5L,0xfcfcae74ef391ed4L,
-        0x0081ef66bba18e42L,0xc025895aa955d164L,0x0000000000000156L },
-      { 0x9ea9ae8ddcd1ce6dL,0xce0eaa5f3c6ec110L,0xf8336a3517ae8ce0L,
-        0x34205d8698f175a7L,0x42a29536af7c195fL,0x21b0cb3cf85cdbfcL,
-        0xe6da7fa8840fe9bdL,0x766646688a894e33L,0x000000000000017cL } },
-    /* 7 << 154 */
-    { { 0x9ef8a9907b69dfd8L,0x3c01c44a3ad9d90cL,0xb576538c5e18521eL,
-        0x234ca9937a342024L,0x08f6b0d84b8f02d4L,0xb2c97f96b70eb5bdL,
-        0xe8747b6f235ce355L,0x04d9f7126870110bL,0x0000000000000075L },
-      { 0x1fe78e291de0c835L,0x7069aa9eac0c1b5dL,0x5f04cb3d2b647a13L,
-        0xf3523829affc1b77L,0xebec6717bb0df520L,0x6abc248682c68f93L,
-        0x2ac72f4e21541ab0L,0x82b5d659bfc23f23L,0x00000000000000daL } },
-    /* 8 << 154 */
-    { { 0x8323b86fec088bb0L,0x18eeb2d3e169bf94L,0x9eabc22555450a6bL,
-        0xfd49e8fee35c62e5L,0x1a8255f86a5d661fL,0xb7ee978fff87b2b7L,
-        0x6d59a24739975957L,0x8a12c7f513e61ba9L,0x00000000000001dfL },
-      { 0x61a3f3a2b30ea34dL,0x21fa89924be16d8dL,0xba41fc20d8613751L,
-        0x10b11b88cce7e39dL,0x82a797d7f79ede48L,0x9559db4a5fdaa76aL,
-        0x445442ce577e7ef6L,0x358c9be06751a909L,0x000000000000001cL } },
-    /* 9 << 154 */
-    { { 0xc5febe234897adb4L,0xdd7e212192ee8af1L,0xdf70f39b6892b4c9L,
-        0xf1ea9349d4a09185L,0xd5121d35fb3ba54aL,0xe4d39b40e927a37bL,
-        0x39f03f40d3517713L,0x414e0e866f12f5e3L,0x00000000000001eaL },
-      { 0x4c24f87b627300f2L,0x8ef8b8301a0c9008L,0x959744aa7b140d22L,
-        0x7a406464bb9589caL,0xdb329b0f1bfde0ceL,0x0401dd975b24cc0eL,
-        0x8aebc77378371f29L,0x02fc0c33f1febffcL,0x0000000000000028L } },
-    /* 10 << 154 */
-    { { 0x56e2294c1317d843L,0x66a415d0f34bd426L,0xd65e0abd82328d7eL,
-        0x0026bcece495cbefL,0x45b42d450356eb16L,0x08f16cebd999f3c6L,
-        0xa841b2bee82cc5e0L,0x9273864fb4719eefL,0x000000000000005dL },
-      { 0x35ca9c719f125b1bL,0x2ae57e9490d045baL,0x2ca6a02babbd691dL,
-        0x1dfa73463e2e1507L,0xff9ff444b7fc8813L,0xc6cb3ba2fec77e7dL,
-        0x3f9d74e5b9d39df1L,0xfc653ef49be360acL,0x00000000000001baL } },
-    /* 11 << 154 */
-    { { 0x2d1043706f4b5907L,0x279eeb552a965a41L,0x06863a068bfd9926L,
-        0xb1a1567f839d5e83L,0x8f417c47d8c0490bL,0x548295eb268992d7L,
-        0xf3a1978a1ef3cdefL,0x402b4001669c3be9L,0x0000000000000097L },
-      { 0x9a9f1ab9606891d7L,0xcbe4ac71cf1bdb11L,0xbcd93ed09ca6dbb7L,
-        0xba64c0644767f5b8L,0xd64c49b1842b720dL,0x4ed8dc7f29bf4c35L,
-        0xa97b185f57bb1f04L,0xfbfd4a978e62cd56L,0x000000000000017fL } },
-    /* 12 << 154 */
-    { { 0xa22790ae7d5e235dL,0x6ec954be4a9a5780L,0x26aeeddce38ffa50L,
-        0xbeb75310eb3feee0L,0x44cbb50840a31067L,0x4a0ff701380e0baaL,
-        0xb23528c820cfe922L,0xcff1ac948fdf6c51L,0x0000000000000158L },
-      { 0x80acb80001d7f58bL,0x2181a99daf2d7b4dL,0x30ff9020146506d9L,
-        0xf091d3057967a5dcL,0xb37c10521cd6c51aL,0x401010b56b0db694L,
-        0x1b1bc5e960fc5f73L,0x8ab0cf8eab3aac42L,0x000000000000019bL } },
-    /* 13 << 154 */
-    { { 0x58703a2ad975b4b6L,0x6167e7ae4f202eabL,0x26cb064f7c8b1d44L,
-        0x1bd0c0b1552b7474L,0x1f1fa56f85b02ad6L,0x42f451f99363ab7aL,
-        0x9f9888f1b7f2df41L,0xe0982ddc935b0f16L,0x00000000000000b0L },
-      { 0x5b3133ffbbf0e24eL,0x22cadc2c623da1daL,0xc106e88a6ba85f88L,
-        0xf6e00838a71bd558L,0x6917980380b79631L,0xcc177913a4fd8cdcL,
-        0x004e0ca999889eeaL,0x530683b77ea0ea1dL,0x00000000000001fcL } },
-    /* 14 << 154 */
-    { { 0x409928e4278ffc44L,0xe39bdc274353b086L,0x1323b2d040382fefL,
-        0x69de9b7d28c99bacL,0x1c68f0e2bfc5d486L,0xfe49bce5094d3cb2L,
-        0xd37daaf81110a3c0L,0xc9938bea2f6c58b9L,0x000000000000012cL },
-      { 0x39b6da445a2f1875L,0x848c2bc18302b740L,0x10b917d8cb988452L,
-        0xac9b47fabbe451fbL,0xc1d6792eeba243b2L,0x2eab0db88610f760L,
-        0x3810ac18e475e77fL,0x1e60d81024c55728L,0x00000000000001aeL } },
-    /* 15 << 154 */
-    { { 0xff7ded2add770286L,0xd8d3c66e845a63e9L,0xf05e27d53c535b94L,
-        0x9aeb2f6723f42216L,0xc399087f1031b277L,0xa67bb1dd192acf43L,
-        0xc3957a6162fb8f4eL,0xd3ac962f8f632266L,0x000000000000006bL },
-      { 0x078cf75e873bbcb2L,0xde95d2a9aa5d4d4aL,0x94e8064d7a48befdL,
-        0x168bbfc6763f2312L,0xf48b61bc4603519fL,0x997d31e07c65d872L,
-        0xc404c7b818cffe80L,0x540b8bdd75fcbc1fL,0x00000000000001c4L } },
-    /* 16 << 154 */
-    { { 0x686698e89cafe97eL,0x3f2a465db6891510L,0xa99bcd91c9aad498L,
-        0x0c7ae217a47c770bL,0x95067a8b6a5e6f06L,0x0b55da4025a11429L,
-        0x5372b805997cabffL,0x1e8bf414963d233fL,0x000000000000002bL },
-      { 0x1343ebe6ab613409L,0x7aab5a01ac96cd26L,0x243758af112c0b65L,
-        0xd276e441b236cad6L,0x88a7d43f557111daL,0xc6dace8ba0f46068L,
-        0x866c31efcf4a5cebL,0x6dd991b89554f30cL,0x0000000000000066L } },
-    /* 17 << 154 */
-    { { 0x4d8b375c14bc49d9L,0x93b4385f18a01862L,0xc3b0ad5ee4090d89L,
-        0x2038dbc2d3248ee8L,0x84c0d4bc2c487600L,0xc5ec52743ea53b08L,
-        0x92d8a64f7d099e76L,0x26a6f8d1e6d580edL,0x00000000000000ecL },
-      { 0x105080aa3d7beff0L,0x854ce36ec85ce751L,0x94e0df2bbbe2d753L,
-        0xdd3a67f7a54ec65dL,0x21d6f4c15968bba7L,0x5951642df707706fL,
-        0xc5bd9cd33158e447L,0x566eae345c290325L,0x0000000000000042L } },
-    /* 18 << 154 */
-    { { 0x0a1212fdf6bf1120L,0x1bc14a398cc5a658L,0x351552bdc1b52efcL,
-        0x0d19749245d55560L,0x425372c97793c57fL,0xf0c48415f5838d74L,
-        0x4153e1917c64e071L,0xc43828e2373272eaL,0x00000000000001e7L },
-      { 0xba8932ba91dc2c19L,0xa5756a08a5163390L,0xf64a62cb65738648L,
-        0x66c5c1a874a8bf79L,0x355f420f98ce1d80L,0x2de834b1f30008bbL,
-        0x580f0664950681b0L,0x8630c1290033866aL,0x00000000000001deL } },
-    /* 19 << 154 */
-    { { 0xe77f6cc4e46e0754L,0x77af9150a883763fL,0xc5aad5130393ef51L,
-        0x62ccd275526f9855L,0x83df1ac8abadaba5L,0xf6caa723741443caL,
-        0xf43bbef6876c8f4bL,0x8c6e39220425ccd7L,0x00000000000001a6L },
-      { 0xc5cf64d1ac4879ccL,0x1b761a83ae4857efL,0x480792c183901056L,
-        0xef90c8b6047b0328L,0xb86c8a422c523b1cL,0x6aa932a8a31dd46eL,
-        0x64259ea3d3dea6ceL,0x092ba1c68d41d4d8L,0x00000000000000faL } },
-    /* 20 << 154 */
-    { { 0xb7c90bf85b923896L,0x42f96bafd3f08076L,0xddbd3b0b0bd90a84L,
-        0x8adbbb43e00a7e7bL,0xd3205108b2059c91L,0xccb379b76223fd65L,
-        0x2c1eb7e2a6f8571eL,0x13f3bc56d80ebb13L,0x0000000000000092L },
-      { 0x5e23bc738d30df11L,0xaab73a1f4aabdcd3L,0x4cd660823e764e18L,
-        0x942328161d0c98c4L,0xd8b64c225b5048f0L,0xaf741f8ad2a17f6fL,
-        0xc1540070cdb03f14L,0xa16e5e67a2476ee5L,0x00000000000000a7L } },
-    /* 21 << 154 */
-    { { 0x94c155b1feb3c7cfL,0x703b56a4cc26b74bL,0x7291810d1f436b9fL,
-        0xe3ef9b82d28ad0adL,0xc6941fe32504f06bL,0x370e5a2eadb26060L,
-        0x4328a40ec8e317ddL,0xc67fd42b0bfa2d08L,0x000000000000012dL },
-      { 0xb93e8547eb854e1aL,0xdadcb35a2b4d3b66L,0x1de5ea2d8ff90fd7L,
-        0xcb5d75a2d722dc7fL,0x5c4192d10e3ec171L,0x2ba11f14ce7ed871L,
-        0xc43e303f9840ca81L,0x34cd4fabb1da84e6L,0x00000000000001bdL } },
-    /* 22 << 154 */
-    { { 0x90e3c53ef55acde5L,0x910bc008184aa9b0L,0xa62f771bb71d8054L,
-        0x4f6e1a5480ff577fL,0xdaee302fe079e754L,0xeba6f1187bcd7837L,
-        0xec13761caa06a669L,0xd39dd3f3f5ea95fdL,0x00000000000001c9L },
-      { 0x049ae3a64b42938aL,0x8263e429b24a6867L,0xfb618fee9e9b8374L,
-        0x77cd9ba6a9571903L,0x6c5a592dcd0c2186L,0x7539392cf94608faL,
-        0xdb4b672140df175aL,0x7b74240b2438f55eL,0x000000000000009dL } },
-    /* 23 << 154 */
-    { { 0x7daf2c363805dd53L,0xedea2d49323f28d9L,0x6f8dce4163a8e4e3L,
-        0xe5d47bb559423e7dL,0xdd4329e18b816db6L,0xcb6f85f22cffb9a4L,
-        0x5b0ddadbae45f979L,0x6a78983747aea678L,0x0000000000000082L },
-      { 0x275090b481bcd3e9L,0xfade474e249fdc18L,0x2ab90ae1bdfb4666L,
-        0xbfa10e3514787825L,0x8e5ed81ce23c2f2bL,0xacf48e50825ca78fL,
-        0x46b832f9ef7e9e7aL,0xf3d4d7e9278268fcL,0x0000000000000162L } },
-    /* 24 << 154 */
-    { { 0xece31ecffe1d1b82L,0x368c5ac029036cfdL,0x217420afa13ff567L,
-        0x1b29e5f077776b5bL,0xdd1a5dda98f42d23L,0xba05233bb6c34257L,
-        0xaea7d3bd2d56e9b5L,0x3d5777e784e7205cL,0x00000000000001c4L },
-      { 0xf4dd56b5e7c6eb47L,0xc479b9d64a1b9d04L,0xfa1d38a48117a210L,
-        0xdc603246dfb5a934L,0x9e8156abda0675ecL,0x6937ccce0ef78eabL,
-        0x72dd487ad2e5cc67L,0xb735f780d372a668L,0x0000000000000049L } },
-    /* 25 << 154 */
-    { { 0xff5df7dd9f3f2988L,0xa20bc35e1be8119dL,0x244ccc83e9801d10L,
-        0x5ab8e9f3c620ba2eL,0x7a1cb9e05237f9aaL,0x0e50887f61d0d851L,
-        0x95f1d7727e0353c5L,0xfe7dedca9253110bL,0x00000000000001ebL },
-      { 0xa2337f586a64b9c2L,0xb9e4cb8e44e70c68L,0x0812cb6c5ecd48d8L,
-        0xd9cf0c0e6d048efdL,0x5fc207222d2d3b1dL,0x3efd117c6b03a35fL,
-        0xa42ea8a8cef040c3L,0x80c4e52b3199fa1bL,0x00000000000001c7L } },
-    /* 26 << 154 */
-    { { 0xfd5782606e9f3949L,0x94e36ca087ee9707L,0x919b401eb1a117e4L,
-        0x2418b5ce109738b5L,0x0185bb8483a54440L,0x1d22a848d6945f4eL,
-        0x17c275c3624fd9caL,0x81862ee627b15448L,0x0000000000000108L },
-      { 0x57cc2c959184dc02L,0xb31ae7d544011d47L,0xe076ac2d417b7eb1L,
-        0xa5b2ac1baa4495ebL,0x14ca78cad984cb5fL,0x59005112daa7bbc6L,
-        0xf45dc10071d06591L,0x681ef23be278b5c0L,0x00000000000001e3L } },
-    /* 27 << 154 */
-    { { 0x8f8240265a0a487dL,0xdbd1d7c23e8d3e90L,0x1a69874bd3c62608L,
-        0x435c7884c6cb4268L,0x85b31d00655218b6L,0xcacf7eb498a67fc2L,
-        0xd20215ddf7a56bd5L,0xc6950c8be60ce8e3L,0x00000000000001e7L },
-      { 0x1cba47452e984f46L,0xca242d3a2a298b6bL,0xa1d3653a98c71337L,
-        0x5bc149263ad4bafbL,0x09f200a204dfe1ddL,0x78e00b4714fa42e9L,
-        0x1f80dbadfc2c69b2L,0xfd84c0ea9cd01382L,0x0000000000000098L } },
-    /* 28 << 154 */
-    { { 0xc3b2adb729fffdeeL,0x154f4d7951fb8606L,0x56e497fe9d7f4b0cL,
-        0xe5e69faa0df7fd94L,0x1891fe5d114fa3caL,0x4162f0e9045c3286L,
-        0x98de02c4780253d6L,0x703080027947b60fL,0x000000000000019cL },
-      { 0xe77f7b12a9510bd2L,0xc663fbe72d32a857L,0x6538a301b9274d4fL,
-        0xb2c191d0bb01302dL,0x567474f26366bbf5L,0x8446925cae1e52e9L,
-        0x3ee00ea9209b55e8L,0x3d76982d2419e4bcL,0x0000000000000091L } },
-    /* 29 << 154 */
-    { { 0x6ce35fdc36bf03a9L,0x2cca3e4b19fd800dL,0x1c42c2ebeb7c3707L,
-        0x345e0391fc298d33L,0x6f552d1aefea0fd9L,0xc22eadb8e73d461fL,
-        0xe49110b96d4435f7L,0xf7a2fb8a81759c25L,0x00000000000001f6L },
-      { 0xc09df3a632d5a1d8L,0x423fb07a53b9696dL,0x9a5942112802e680L,
-        0x59e615a3e5d1b962L,0xf418291d6976a9d9L,0x93addf8326ee6369L,
-        0x376c918a7446e0d4L,0x73ff26b4530f3c52L,0x0000000000000179L } },
-    /* 30 << 154 */
-    { { 0x271550ac40465c23L,0x7a499e8dee0dd714L,0x6feba0dc2394b340L,
-        0x666de55a6e293ce6L,0x3dcefd6d17e817f4L,0x337e774f93eedd97L,
-        0xc9c103f37a86610eL,0x97ae91cfc0eb2c8bL,0x00000000000000d3L },
-      { 0xa7dfe71a65981a9aL,0x3d63534234407037L,0x05739745cfe533bcL,
-        0xf5188158a1bfb967L,0x2d76a9c44e4702c5L,0x7e11dbe04bc7cf4dL,
-        0xd6a6cac11e0faed1L,0x04ceafa1c20c5723L,0x000000000000006fL } },
-    /* 31 << 154 */
-    { { 0xad5aac564ea2ba2bL,0xad0a5b610b4933f3L,0x5aa51da928d19d01L,
-        0x15a74ffe94ed89f4L,0xd23335608a870eb2L,0xc94daf2ed5e5a24eL,
-        0xd98f616d567659edL,0x08f6a62c6c8eddd7L,0x00000000000001b1L },
-      { 0xab4fe43bf3295b7bL,0x5562384426f75385L,0xe9d70df0097f11c9L,
-        0x7cf18143e23c34a2L,0x2a7b24fa136938d0L,0x74154841e678eea9L,
-        0x0ec99b1920202480L,0x4d1aea7252e4b7d0L,0x000000000000005aL } },
-    /* 32 << 154 */
-    { { 0x08136cbf025189d4L,0xa1c389cbc1b25a05L,0xbecdade76e9ed11dL,
-        0x6557006ba7f3f38aL,0x96d6c877bc852dbdL,0x3a0afe4bc53efd4fL,
-        0xc7f58410febe4737L,0x86deba3b84e35e2fL,0x000000000000015bL },
-      { 0x96256db24dfa7da8L,0x379735573dccf202L,0x2e0b263e8fcc1274L,
-        0x14870fe89ee7b82eL,0xcb8f9ba5425ca276L,0x683c748e7d876e79L,
-        0x48e990d5de2f2cfeL,0x2ecc8f1f48547013L,0x000000000000018fL } },
-    /* 33 << 154 */
-    { { 0x5b7d4e5300df51d2L,0xd82ba908518c2d9bL,0x95121a5d8447eb0bL,
-        0xc25d07a662755277L,0x51cbe7f5c19c32ceL,0xd038800e4c726273L,
-        0x1e1b0e9125fbcfcfL,0x5cb2408eb5e8a4eeL,0x0000000000000122L },
-      { 0x940da58ede254894L,0x6fe04e02f5d5b5bbL,0xbe069bad692f537aL,
-        0x6d24c50013873687L,0xd1cd8bd1089ad9bdL,0x07929deff8eff657L,
-        0x8d4d97bab426304eL,0xefe85addf45dc5d2L,0x0000000000000014L } },
-    /* 34 << 154 */
-    { { 0xa5fc916ec715b5a2L,0x7e6dcd80c069c5c9L,0x94dc1dd10085e7b3L,
-        0x81041f123e71623cL,0x29f931fd28807fafL,0xaa5f757aaa8003e0L,
-        0x0f9865bb318fe406L,0x2f18ba42cbeb37eaL,0x00000000000001bfL },
-      { 0x8e9acc7259cb1f04L,0x3b9c7ff8d790d71aL,0x081ec7dcecbc1c2aL,
-        0x2ee6eb196e63fe41L,0x95815ea0f4ad6fa0L,0x8bd5c1ad79cf7f1dL,
-        0x3d73c9c85ae89337L,0x2eaa40409b1286a1L,0x00000000000001f3L } },
-    /* 35 << 154 */
-    { { 0xec9fa757fbefa7e8L,0xb41dfd88382bb7b7L,0xf9cd0f6314c0b89fL,
-        0x94a8c09b56c7b584L,0x251fde74a9d131acL,0xfe3e706d8a47f3e6L,
-        0xa2cc25d799bfb317L,0xb9cb1e4114c7fe92L,0x000000000000001dL },
-      { 0x9daf45e2768f397bL,0x1903422a83975ab8L,0x0e42b292a61b4715L,
-        0x947c78bb1a1323d8L,0xbe36ec019d1699c0L,0x9ac1807792e2ce89L,
-        0x8dccf873b118c12dL,0x879c7a2187638db3L,0x00000000000000bcL } },
-    /* 36 << 154 */
-    { { 0x15dba0d81dbeec0aL,0x6a1671e23145554fL,0x6f59000813588c31L,
-        0x404b6424783bb97dL,0x30502b92cc7922feL,0xa1bd25ce1517a238L,
-        0xeb81e9dd5fbc51a5L,0xea919df3bdc3b1f2L,0x000000000000009dL },
-      { 0x70802002a4aa5953L,0xb908e35d23fbdf34L,0xb47ddc1ad971a142L,
-        0xe4f88a184c6ebd7dL,0xb2f7177f3065ed39L,0xd7b8cc98162b61aaL,
-        0x8472dbd5774c6ad4L,0x8d1dfea98f87d2d0L,0x000000000000018aL } },
-    /* 37 << 154 */
-    { { 0x5caf9816316399caL,0x29ecd26efcaa7fe5L,0x07f4e09b03d18979L,
-        0x00e88b2581b43697L,0xb04d6d03bd0408bfL,0xd3e4a0d3cf0b6793L,
-        0xd98262dbce0e8490L,0x3ed76b1601bed96eL,0x000000000000015aL },
-      { 0xcbfff64a7d070eadL,0xfd8db6ed1776da0eL,0xca03a6a2b1279cecL,
-        0x16f6ec788b989efdL,0x17f581a70dabb5e0L,0x975c57adf8b5a413L,
-        0x34bd7827ed1e3568L,0x7460f3374292fb3fL,0x0000000000000193L } },
-    /* 38 << 154 */
-    { { 0x754f1e7fd6633590L,0xb281de767862f091L,0x9135b836c3494e22L,
-        0x4cb7a1bd84da9104L,0x20bf9b88ed7088a0L,0xf7e2c4378ced80b5L,
-        0xfafdaef6038f3ae6L,0xd948d168e786659fL,0x00000000000000ddL },
-      { 0xc84110b66115d5e3L,0xf7cb7190a7d744e1L,0x2542a0d478a699f4L,
-        0xf0ae20cd574dd390L,0x4ce38ec5f120b181L,0x3763208a49ac50eaL,
-        0x24a93ddd6df7ab1eL,0xd9ae90ec2e3c1f8aL,0x000000000000018fL } },
-    /* 39 << 154 */
-    { { 0xc6069b8567f9df8fL,0xf9f56d614436dfacL,0xa3926590bf7359e6L,
-        0xd22bc2568d84397aL,0xdbf0455ce61706d0L,0xd01ed734b7bd8dafL,
-        0x6dd4ffa085c07accL,0x474802574f3c459fL,0x0000000000000198L },
-      { 0x5cc9670110bf26f0L,0xe4166acc4f70a85aL,0x73219eb9cb8f0809L,
-        0xd9798096679a93cdL,0x6737a07257df9ffcL,0x1c897e3a1e65b481L,
-        0x87fb6a8b73063acbL,0x28140113b7aded18L,0x000000000000017fL } },
-    /* 40 << 154 */
-    { { 0xadcd31054115d224L,0x1fdacdebb7fed1f1L,0x878fcb459e5a2448L,
-        0xc3910eabf7e8596aL,0x5fca4f0e37f267f6L,0xd10d0aa06e9fb79fL,
-        0x589f94624b12a182L,0x2864c5acfb879db8L,0x00000000000001faL },
-      { 0x6c024c2c07e34963L,0x49581cb82de2a43dL,0x4cdcc98e29c06b7fL,
-        0x338a9c59b976f565L,0x38540bc223c8ff24L,0x53f3c9b98bc61d4aL,
-        0x3eaa8166e3913cd4L,0x4620fe57455e4018L,0x00000000000000b9L } },
-    /* 41 << 154 */
-    { { 0x3d88a754db29e8a3L,0x7bb8f52c14527b19L,0x2d3bb7d2dbd788d1L,
-        0x49dc14bd036cfe26L,0x99471968e3c4e712L,0x0ac8222f664d6f40L,
-        0xd76f5194480b3215L,0xc9359ce9711701abL,0x00000000000001e9L },
-      { 0x159c8f1b440f4fe5L,0x56a3531e0b66c225L,0x132eab73408ea71fL,
-        0x7ca9883f8ce9f301L,0xa709285bc3646318L,0x7d27e063cbe3e36dL,
-        0x751cfaef4d8cd738L,0x0efabf55a2b6ffd2L,0x000000000000013cL } },
-    /* 42 << 154 */
-    { { 0x7a9706beff928d4eL,0xbb8726a8faba89c6L,0x39fe9f9bcfa998b9L,
-        0xd62320f745c97a8dL,0x9742ef6f536968ebL,0x2cd382d2901e7715L,
-        0x1439fc59a576e87dL,0xfa71d3e06310658eL,0x00000000000000c7L },
-      { 0x9b0cf9a2d3308f7dL,0x8c7587624856e971L,0x58b4f4da34174e29L,
-        0xa8406c3fda8aadc3L,0xc13d8977c487e6bdL,0x45e5cd3baf56ece9L,
-        0x243c3a5ffe52108fL,0x52d1472fea829c13L,0x00000000000001dcL } },
-    /* 43 << 154 */
-    { { 0x8bb77dc36083c21cL,0x77acd9f15ed5b28cL,0x45d3bd9415b1ecbeL,
-        0x3801687abc78b16aL,0x65a8b24dc6a5dc14L,0x5c1f39f925ba9696L,
-        0x094d5000498bf2fdL,0x5dc5f51d8d58cbc4L,0x00000000000000a4L },
-      { 0x260fd308925ee9eeL,0x19449853450ade34L,0x8950cacc6228bb71L,
-        0x04853a651585b4e1L,0x10cca9b124de0ad4L,0xde491b7b3294f352L,
-        0x56f35ecb05bf7690L,0x1a71fd8811eab2d9L,0x0000000000000123L } },
-    /* 44 << 154 */
-    { { 0x22d05a079995b39fL,0x95d85f0e97572e8bL,0xcd0262424cb31201L,
-        0x15c10195a9661cffL,0x7366e9943d4d42b5L,0x3d89205fd08b2304L,
-        0x4f08bfe1c72f3319L,0xf2bb6fef51da0362L,0x000000000000000cL },
-      { 0x61689ed6daa8789cL,0x1342f413c80ebe32L,0x10e3c8bc6cf15c5dL,
-        0xb59a6f209e380e00L,0x6faf882b16a0a01aL,0x5b43ff2c96deb592L,
-        0x61ffa81c22cda20aL,0x825e5e4545d1497cL,0x0000000000000070L } },
-    /* 45 << 154 */
-    { { 0xf3a2aa2ef62a271dL,0x608d878cdf46740aL,0x2ebfec653fb8ed79L,
-        0x085d812e2eb1d516L,0x739c07e661ebd520L,0x085705a0bd9b19a6L,
-        0x6589012abf32e3aeL,0x87354918e8e0d4a7L,0x00000000000000f6L },
-      { 0x2ae316a69560d282L,0xff6571977fb5311aL,0x2e317d5bfd7b740eL,
-        0x392cd22956bb7d02L,0x9a84fd4ad462ed84L,0x381b59c019b2f83eL,
-        0x230a68ca47a6c3e2L,0xc9372bc4660fbed8L,0x00000000000001faL } },
-    /* 46 << 154 */
-    { { 0x610b5c299b82e4dbL,0xd237f09a0bdec03fL,0x8509f5a57eab51f4L,
-        0x418b77d8c604baebL,0x02830b0ff0b4e07fL,0x4af187f4a4d4df6fL,
-        0x00483aa9e0bb134bL,0x9b0b6e7722357f23L,0x0000000000000120L },
-      { 0xcb09d589a259bfb1L,0xa708770853774d43L,0xbab0b5d04504b5d6L,
-        0xc128fefd23ae1fc3L,0x84a99019f0cf68fbL,0x3bbf2bd5b1656aaeL,
-        0x36294624eda54a94L,0x0c6df507d4e9b03dL,0x0000000000000068L } },
-    /* 47 << 154 */
-    { { 0xb3210cb2d8b230d3L,0x1e173d0445f2b4dfL,0x777f7e921e51c3c1L,
-        0x1f09c83dca2d24a9L,0x18f6110d7b0ed41bL,0xfc47b77f1741f679L,
-        0xed0c01d530bbb573L,0x79d732666b1edf8dL,0x00000000000000ccL },
-      { 0xd80eca007d182a43L,0x8d7a50665674063cL,0x6f3a06ba012fb6faL,
-        0xe06f683a10c1f5c8L,0x305692702fb5cb0bL,0x009de930236d12d8L,
-        0x1b3bc0356438e8fbL,0xb4c91501af74c6d3L,0x000000000000003bL } },
-    /* 48 << 154 */
-    { { 0x0724e185fe85076bL,0xbda15c151e532717L,0x6005728065e7c149L,
-        0x1a0cafe8158e6817L,0xee796ad900baa1ddL,0x8ff14a074d3ca73aL,
-        0xf153c867a3604f8bL,0xe07458b5c4ca1be8L,0x00000000000001c5L },
-      { 0xb8c4f3ad8f7dc861L,0x98ff4d7f6c38d10dL,0xda77b9018c10e7a5L,
-        0x448fbc787d69625bL,0x91ff7124ed5dcb7bL,0xaf0fb28be310d65cL,
-        0xacf3cfc0c388141aL,0x2d3d003454bbb99cL,0x0000000000000097L } },
-    /* 49 << 154 */
-    { { 0x81bffa6ca966e8acL,0x048dfaa314845f1dL,0xb38f181e803a2355L,
-        0x0f854fe03a91ad7aL,0xb523f3665ce6a9d7L,0xf40cf03a828f212dL,
-        0x128550efe3b4d93eL,0x16cb5eee53d13993L,0x000000000000011eL },
-      { 0xde85cde7c9e55138L,0xedc613495183130aL,0xaa4bac70d709a5b4L,
-        0x0e69e8bd50ab30c0L,0xef2c35b69738eaddL,0x486ac544ed00f833L,
-        0xbeaf94aad4708e9cL,0x1be9775c9a0bfb65L,0x0000000000000111L } },
-    /* 50 << 154 */
-    { { 0x111041700f944affL,0xe0fb9dfafadc4f56L,0x86a7245c1411b66cL,
-        0x25afc20163eb7a89L,0x3400be4c6404ec18L,0x62d34a7e53c67d6cL,
-        0x4feaee310655849bL,0xd0343df08ad7770cL,0x000000000000000cL },
-      { 0x1a2a4a20c81c959eL,0x9386848e8c2194e7L,0xce7c378aca4024edL,
-        0xd336fb923710a3aaL,0xfea376078da68818L,0x885e98fda10bd29aL,
-        0x7fc72000f5d55becL,0x5f1d796a7f14dad7L,0x00000000000001c4L } },
-    /* 51 << 154 */
-    { { 0x808147c7c32eac97L,0xb959c61d91e84536L,0x9ce837b46b7f230bL,
-        0x62b7aebfa19a78cfL,0xfdbf0af641120b6dL,0x30b5525b18a1bdd4L,
-        0xfe54bd619fc0f391L,0x0f19f880e152702aL,0x000000000000000aL },
-      { 0xfea6fa9a19cd0ff3L,0x4f3c3272b86342a0L,0xcb3db4f982cd5ce9L,
-        0x626a3ebd70dd4903L,0x3103519773bd843fL,0xddcb8135885ec254L,
-        0x19e39cdd277200ffL,0xace2b791def0d1b4L,0x0000000000000098L } },
-    /* 52 << 154 */
-    { { 0x9429698b23371e14L,0xd9d9270c3fdb1b92L,0xa4a76289dd4ba2a1L,
-        0xd9dd43d69ad4dc60L,0xba76236063dc6801L,0x210be4e3b8a45231L,
-        0xaaa24379f764e727L,0x7b1a75a82b1fed01L,0x000000000000006dL },
-      { 0x89e40d215f621487L,0x70c38498a2f303d5L,0xa88ce1890faffebdL,
-        0x0cc0eae6735ebceeL,0x2b755a3d8518c06bL,0xf3cd31dc62f92c33L,
-        0x6f7fe733c7562c48L,0x749f7a1c83b00376L,0x00000000000001e2L } },
-    /* 53 << 154 */
-    { { 0x2f1ce070f5ce45c0L,0x15740dd943485e36L,0x2d64f265dda2a33fL,
-        0x121759ed77b450e6L,0x4948df7e9b3e74e3L,0xcbe885b4fcd25d35L,
-        0xafbf90f2e3436d1aL,0x5e26435a3deb2819L,0x000000000000016aL },
-      { 0xbcaae7b82a463668L,0x57186a775ac86d9eL,0xc0d15d503d5f4223L,
-        0x4a2f6842c4fcf264L,0x79991f8c301187fdL,0xc699b4b77352976fL,
-        0x51c47ee14838204eL,0x716e444dc03bb06cL,0x0000000000000151L } },
-    /* 54 << 154 */
-    { { 0x8d3fcb66a7684cb1L,0xa4bb8ee051970634L,0x29ea9efdb52f9d9eL,
-        0x63fef7659018974fL,0xe31f478fb752b634L,0xdcc67b7730b8f98fL,
-        0xafff9899b4b62d24L,0x7d4a60ee4efb0c00L,0x000000000000005dL },
-      { 0x17d0f2ffa2bb6822L,0x3d74b52ab3b2e1d7L,0xf7e7150d5ba4a476L,
-        0x712e26f18771c73eL,0x22f9054ff322f80dL,0x9863136b3c085bcfL,
-        0x317a39fcc7e4dc86L,0x96a83008be7f0929L,0x0000000000000092L } },
-    /* 55 << 154 */
-    { { 0xe0908d5214cb295cL,0xf74df339f363ef28L,0x56eab1abdba8fa26L,
-        0x33f43f008ecabae3L,0x5d1acbf12425e382L,0x480bf576ee67518fL,
-        0xd6644dd469d388d3L,0xb3c512501e64d1a1L,0x0000000000000069L },
-      { 0xcb3010b42e3bfab8L,0xdb788efcba2e0da3L,0x4bd5ad9cf9d0d7c4L,
-        0xd363a5471214e14eL,0x108980023a09dbd2L,0xb0745bedf03a2af2L,
-        0x5d56b6aefacfc072L,0x37ac6ad4e2873b41L,0x00000000000000b1L } },
-    /* 56 << 154 */
-    { { 0xcf04e87527a5499fL,0xea912dfb28f3fc97L,0x4a9e4e41d59efb52L,
-        0x9ccb0b83f8f373c7L,0x684d2d75ba1b61ecL,0x15449a0254d58701L,
-        0xee02c9456a4e86aeL,0x5887a0882069e1dcL,0x000000000000006aL },
-      { 0xcf7bfc8c922649ceL,0xb4fff12e522a5024L,0x262bf90df6d0066eL,
-        0x97ae80928e0b0afeL,0x7191c6fe18507cbcL,0x54e973e1b2ae3ee2L,
-        0x41b734bc7bea70ecL,0x38975ba3b3f6b89bL,0x0000000000000138L } },
-    /* 57 << 154 */
-    { { 0x0cc156bd6c72b806L,0xa9d9c17b0dd25daeL,0x3b6c0857b6738119L,
-        0xb95b735d3476c04bL,0x737d1ec2dc86969eL,0xb36e0bc8c1cb47bcL,
-        0x83f15727ea463cd7L,0xd7484fb02e58dce3L,0x0000000000000060L },
-      { 0x85416de81bc14766L,0xae6a0b47fadb3be2L,0x496b92ab303d0900L,
-        0x3fa4d158292db573L,0xf501ec245e3fb9faL,0xa317ae11bf021888L,
-        0xfef0d5ec2271c572L,0x7e69594e90d2ebafL,0x0000000000000162L } },
-    /* 58 << 154 */
-    { { 0x19f57f08b5d2523cL,0x197abf7ece1690c1L,0x9fdf174c768a6dafL,
-        0xb1a50c4b7f45acc9L,0xcac4790de77ff44cL,0xc4985159642f4c0bL,
-        0xdfc5151faf23c14cL,0x61f453cb9b5fb8d8L,0x00000000000000abL },
-      { 0x61f3c9ea1432808eL,0x4c3b91d68da6cd90L,0xa97b9dd60b47817dL,
-        0xe51ba786ae34dcaaL,0x6e1ab1b12bfe1245L,0xcf8435b9aa609192L,
-        0xdf7a582cf97cfe54L,0xf9871f1f80fca392L,0x000000000000014dL } },
-    /* 59 << 154 */
-    { { 0xbd5fce303e85ba4cL,0x12152109b1d4ff28L,0xa94551982256991dL,
-        0xe54b2276191dc793L,0x7aba8d3c1232ad0dL,0x95b7d7023e493e3fL,
-        0x90c17102574f412aL,0xab5d8dabf1245c79L,0x0000000000000119L },
-      { 0xd64211426352b215L,0xbea2f2d73ca86b5eL,0x4c3b97bbedf46484L,
-        0x1bd94ff68332db35L,0xb8729f9a7dcd9899L,0x461df4172e1c9299L,
-        0xbfbcdb18295c8819L,0x1613563c551a6832L,0x000000000000017fL } },
-    /* 60 << 154 */
-    { { 0x704d466059d5d8e0L,0xa4a222b252d7ca1eL,0xa45b5ce29c26a86eL,
-        0xc9668e73dfb9fb62L,0x13efde0ad58183ffL,0xdc752a59850dedb0L,
-        0x0314cbc5ebf8c27dL,0x279680f3d1ab5f41L,0x0000000000000118L },
-      { 0x3b8a1d583184e940L,0x8cc52f17cd1fa6c1L,0x5118b9093f701026L,
-        0xe04d31daac34a4afL,0xf3a66f73282febacL,0x05018340e8d029f8L,
-        0x1a8bd0002058c971L,0x61198c7e7e962723L,0x00000000000000d9L } },
-    /* 61 << 154 */
-    { { 0xa86cc3e807f97c2bL,0x8c9e8034112ae91dL,0x1cfc242420bcc2f3L,
-        0xbb04d40865dcf7adL,0x8b7bd0b5e4652017L,0x080b6a0df49cec36L,
-        0x94d0ab4360e82729L,0x97ec8ea8a301c00dL,0x0000000000000012L },
-      { 0x9eda2fd27ed16beeL,0xbfef5c8acc95961fL,0x877ec19bae691773L,
-        0x2aad9eff76522fecL,0x4daeb48170b656f0L,0xc4fb1cd626197e6fL,
-        0xd8bab20ec0e741b5L,0x4b5d6d8e16332fd1L,0x0000000000000044L } },
-    /* 62 << 154 */
-    { { 0x67d03c6a85f8f5b5L,0xdcb9caba90e96ceaL,0xd23feeb7f3811dc4L,
-        0x8c54b7237276f1b4L,0xd09156767d4bc3c9L,0xf48a98c87a1d17a8L,
-        0xbe959d5b76b265b7L,0x6fe4777d4abdcaa0L,0x00000000000001f5L },
-      { 0x2807c04517c8deaeL,0xd1bbf745674d701eL,0xa8e5a7bf272c6e74L,
-        0x1901e0947c7c55cdL,0x2e1316c029711934L,0x05f68290f804ee8dL,
-        0xd3a3cb0a7511e346L,0xd3a640c3c5565874L,0x000000000000000dL } },
-    /* 63 << 154 */
-    { { 0x088fccf4ea02385fL,0xdec0885d3c2e714bL,0x02d6b86fad82e553L,
-        0x8712c2bf6c241bbcL,0xf59427d81f33a407L,0x172dd5359fa5bde4L,
-        0x019b1451380694e5L,0x55b2c33bf9c76789L,0x0000000000000135L },
-      { 0xf73d19986397fbd3L,0xfb91732482721b52L,0xd42957f6aee6a644L,
-        0x9d7857f260cbb57cL,0x6dc17afa5df4783aL,0x875dc5e0e0382dd0L,
-        0x458c445b02d1298bL,0x8a1562fb5183e144L,0x00000000000000adL } },
-    /* 64 << 154 */
-    { { 0x11446efe378cab85L,0x4c3c68cfbc48bf6dL,0x5e51466164c19bafL,
-        0xc0f00735d5cbb135L,0x5d4844a7a693b1a9L,0x517a48719579fdafL,
-        0x5ead064b532c1e6eL,0x60207c2d4135ecb1L,0x0000000000000172L },
-      { 0x4b033a37843dc902L,0xb2d3664cc27a9863L,0xf4ebdc3518280e54L,
-        0xac7789a6ae02b757L,0x50084ba410dd96f8L,0xcc3459371f5f6349L,
-        0x5f65aca8fdee6f84L,0x4aac5f5902d841cfL,0x00000000000001b9L } },
-    /* 0 << 161 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 161 */
-    { { 0x7c44096f532856caL,0xf054ac944d701f46L,0x1bf992e78de81577L,
-        0x871d2df2a90a4d2eL,0x963357a5775cabe3L,0x2e92d83dbae3ac5dL,
-        0xc39e645c415be4dbL,0xbcca60e29781b22fL,0x00000000000001c9L },
-      { 0x638cf76cfc5374edL,0xffbfbc7a24278420L,0xde577d69e7668bc6L,
-        0x88444fdebab7b568L,0x4cb8237b59d220a6L,0x02186c1c25b582ebL,
-        0xe4a04cb19b639f32L,0xd12b0e644590e20dL,0x00000000000000abL } },
-    /* 2 << 161 */
-    { { 0xdd0f09b1bb55f47eL,0xfacbdef0be55c9d6L,0x8b8b1a9cbb62c5eeL,
-        0x617ff446eb8f0bbdL,0x24176f925c1efe94L,0xf27ae452962f4019L,
-        0x3b812a15220fc04dL,0xb17b1b9bcc92239dL,0x000000000000005cL },
-      { 0x9200f2e48a465257L,0xc8ca2a1cfbb69960L,0x5410ef875a8ff2aaL,
-        0x87bc97b0e11b6896L,0x1d3a496952263f49L,0x2ed88b0bcca15d27L,
-        0x90ab34c1765c9300L,0x719d9bc7d2630404L,0x0000000000000010L } },
-    /* 3 << 161 */
-    { { 0x6366cc838d9e9c1eL,0x6da8b24c7cf6ea2bL,0xcf34ac0834a0c6ddL,
-        0x957954dde3a1bea6L,0x2ea0ef68f4060336L,0xe61893a5a84fdf5dL,
-        0x03cacab47bf522c5L,0x823249dd0dbf1790L,0x0000000000000145L },
-      { 0x2ea0344dab3e90d0L,0x5c70cc712bcccc9cL,0x5eec27550063e840L,
-        0x3983cb1bbe50d3a5L,0x462b3dc27b09ff44L,0xf779391edd6b34bbL,
-        0x6c00d9b8bbf36f70L,0x9e0eb0d1f82ee371L,0x0000000000000080L } },
-    /* 4 << 161 */
-    { { 0x41b4d05bd15e752dL,0xce20b1f846e78fafL,0xb529cc0108d808b5L,
-        0xd934f10f2210cf60L,0x9f2e7e1be41eca93L,0xc09da7a94d82d15dL,
-        0x45a84216a1ed7860L,0x9f6fa43de6be684eL,0x0000000000000109L },
-      { 0x592bd464ecf53a79L,0x9dac1bb8349754edL,0x79bbe62284339a7dL,
-        0x29c3d4aaf9f4fa5aL,0x4788cda816dc4698L,0xf94ea4495c3060efL,
-        0xc5f4191dcb3c2b37L,0xeb720d23ff69861aL,0x0000000000000026L } },
-    /* 5 << 161 */
-    { { 0xd2285ad12caa3808L,0xb871463efbc2278eL,0x361fcadec889c9b8L,
-        0xf261c688541e9cc3L,0x2cdf861c7a27b983L,0xc97af02cacc87384L,
-        0x7a80f6087638d824L,0x79852d0b79663aabL,0x00000000000001e1L },
-      { 0x9a2b626f98893ca3L,0x31a7d784d1e24597L,0xd230aba2129eedbdL,
-        0x1d339471d270be5eL,0x826c3dd781950b28L,0xfa1b74c66b0b44f4L,
-        0x5d2131e993fdbbceL,0x78176ad853eabdffL,0x0000000000000002L } },
-    /* 6 << 161 */
-    { { 0x52df1de37f4c74e7L,0xa1554957c7c2a420L,0x2bb5b1a7a850b73bL,
-        0xd0b58abf05174618L,0x09c054687bb9dc77L,0x50cca4a64e6b8e44L,
-        0x53298c54a61636f7L,0xf0325227718f824cL,0x00000000000000daL },
-      { 0x10f1de0bbf549e72L,0x7153f47caccd5cd7L,0x9c171b49425abf63L,
-        0x9902c984eac3d535L,0x9853a7df0a098af6L,0x7f88102cae0627b1L,
-        0x318ec476f6bd8690L,0xaca786dae42b065eL,0x0000000000000069L } },
-    /* 7 << 161 */
-    { { 0x75eb8d356bc9662aL,0xfdd82d5f0d8bcb50L,0xd8caaf4b9d8ad82fL,
-        0xffb9e309d0642731L,0xb514ec984da42a1eL,0x9a765c8a7d4421ffL,
-        0x0ad7d2be7e9ae93dL,0xab4d7910c97fd28bL,0x0000000000000130L },
-      { 0x4f08b836fb2b614dL,0x259737dca73051d0L,0xea3c3bc8c30af31aL,
-        0x5cee4c934a11e8faL,0x4be3e8e3b1fed7ecL,0x0b313e360052c235L,
-        0xd760058f5f082363L,0xc6e58d205fcae886L,0x000000000000000dL } },
-    /* 8 << 161 */
-    { { 0x7b9409bb42df612fL,0x32f47dd21bc66a3fL,0x213f80e023f375feL,
-        0xaa71c57f06aa6c21L,0x5bf7b3a784298947L,0x001c2c965b608fa3L,
-        0x417619c6173c7f4fL,0xbcff66acd4a20677L,0x00000000000000b3L },
-      { 0x81b9b5640603bc79L,0x8f39155ef875e591L,0xf6a508fddfd32c0dL,
-        0x7eace6f96b0dac71L,0xe40163d89e4c1eb3L,0x265226c5ff10fa6dL,
-        0x1e1af5cbda76d272L,0x954bc056a10dc788L,0x000000000000012cL } },
-    /* 9 << 161 */
-    { { 0xbca524e7fadb3e3dL,0x0d2906d5783f176cL,0xd5e30887e94c1a4cL,
-        0x3f2d19b69790cfbfL,0xe0965575d49af522L,0x3830ed4d1881a1acL,
-        0x207dbc8554f43059L,0xf0f178b3973ac147L,0x000000000000003bL },
-      { 0x7f0e0020693db310L,0x4914754404980bdaL,0x2d9a8176cc4521bfL,
-        0x3893e7acc5e2d29fL,0xa99dd4d11afa9ad3L,0x8a6ce7fab2e0af41L,
-        0x868c12a1a5188ad3L,0xd1138b17b8debefeL,0x00000000000000feL } },
-    /* 10 << 161 */
-    { { 0x709016a77aa3bb92L,0xad85ec5a6310f638L,0x37806a891d746ab2L,
-        0xb878e2df80c6026bL,0x2d1bd5cb715e5095L,0xfad149bdcf029798L,
-        0x252f826209fa7a60L,0x48c7e31ca0e64ce2L,0x0000000000000124L },
-      { 0xed6295952077c9ebL,0x86ccb5d1e1191074L,0x456067b16aabffa9L,
-        0x55deb4fa5921dfc9L,0x4d9bfe498fec9c3fL,0x09a4cb5ce52a0452L,
-        0xa590232e9c48af89L,0x593663f633ac7451L,0x0000000000000032L } },
-    /* 11 << 161 */
-    { { 0xe7e659560b715201L,0xc3db8e9fdce536b3L,0x0f53382987bf4fd8L,
-        0x4630cd5699c4668aL,0x377120aca98b1b34L,0x878344bbd54a8a45L,
-        0x788fbd286c45b8aaL,0x473be93182f3fbeeL,0x0000000000000097L },
-      { 0x3fc47f9a536fee38L,0x69bea946488b377eL,0x3d75c35835c67175L,
-        0x7fd136ea89085cb2L,0xda6e1ab485bfe292L,0x703a854684848f1eL,
-        0x37f0e804ac8000daL,0x53b3ed02c83fb8feL,0x00000000000000b6L } },
-    /* 12 << 161 */
-    { { 0x76f6bd2345f1f8edL,0x01af1d612c1af63bL,0xd83a40982bd9cdc2L,
-        0x12ec79ad79d14104L,0x999b06da0b7f13d7L,0x111b8eeeecd188a9L,
-        0x920f2064138b5729L,0x290b5f2475b98e34L,0x00000000000000c0L },
-      { 0x38a91bb8b98cfd7fL,0x0cc2d4ceb574c3f7L,0x49a05d4b8ff024c4L,
-        0xff054d9491b0d00bL,0xbed247dd100eb8aaL,0xafdb1747e9a46615L,
-        0xf801a52fc03cffdcL,0x415f01eeb9d027ceL,0x00000000000001aaL } },
-    /* 13 << 161 */
-    { { 0x15b2ae5549f234c7L,0x58635013b0beac59L,0x94c23cba4739fae8L,
-        0x840ab93eacef3a53L,0x3bc47650dcccd34eL,0xaac77901e7df4d3bL,
-        0x440cfe01370e4438L,0xa53a1a7b8e5923e1L,0x0000000000000006L },
-      { 0xa8e48ebfaf875672L,0xb6d62f9f3221cb04L,0x521ca35fb9d685cfL,
-        0xba27652d100ed01aL,0x652fe08c46958398L,0x32b370924443c383L,
-        0xac43dc6de676ea7fL,0xad362a924bab6228L,0x000000000000014dL } },
-    /* 14 << 161 */
-    { { 0x018820c2d2f48f4fL,0xc0dd7d24686b3002L,0x8ff02f40a5f47131L,
-        0xb84bad1b1995b352L,0xc640b6049af32820L,0x87268cb03dd15622L,
-        0xfea64350ffd221ccL,0xc7f6e79257deea86L,0x000000000000012aL },
-      { 0x482e7151037030deL,0xf781946d9cfd8f64L,0xd4d751a1037bbb78L,
-        0x3197bde1031ed4d6L,0xd9bbfeacd6ba8cd4L,0x5688d4fdc0fbe2e3L,
-        0x76dcd7e0f260abefL,0x019122d294017174L,0x00000000000001f7L } },
-    /* 15 << 161 */
-    { { 0xf22306192420c83dL,0xcb52f3d51a6ad672L,0x6f23327787188da8L,
-        0xc9978c3e37b3ba7eL,0x043d79269986ba91L,0x71312bf8b69e4f23L,
-        0xe868d488669cebefL,0x358d1c613b9ea975L,0x0000000000000000L },
-      { 0xa1f3d9c7d2435583L,0xb30834558f46d4e8L,0xf857db3c847df616L,
-        0xc69106f36e4969efL,0xff89cb872a3e3af0L,0xa28a9399bae1ad4cL,
-        0xae59df21c67b70e7L,0x10e6c606fe60fba4L,0x000000000000003bL } },
-    /* 16 << 161 */
-    { { 0xdba8e40547f7153bL,0x73071fd967dbfebfL,0x35881eec4441a2ffL,
-        0x50623c475b31b917L,0x8f09dbf6c2bad8b3L,0xbf1f09cd90bb890dL,
-        0xab770cd77f034fdcL,0x45b959236b7d98b1L,0x0000000000000029L },
-      { 0xd2ef1e00f599c343L,0x1289bdb17024d641L,0xed8e7886f4e36687L,
-        0x4ad57b343696269cL,0x69bd1b6e70bf3629L,0x680f08622bab0453L,
-        0x1865f02a68e4b123L,0x7bc5dbf3e8d8ab75L,0x0000000000000150L } },
-    /* 17 << 161 */
-    { { 0x6726ccbc3e2aff94L,0x5484b226c90c8dccL,0x2a2bdbc53a2527a3L,
-        0x0bc5ef43d04f49d3L,0x3e245050b41ceddeL,0x89eb42f3066f3911L,
-        0xd5a654cff6abf8ccL,0x667c82e307a3812dL,0x000000000000009fL },
-      { 0x1263649921a22440L,0xe811715df9b6b318L,0x9b6531ad5cd6faceL,
-        0xcc9494fa99de1630L,0x515021752dc29591L,0x65b72bd29d42f5bcL,
-        0xeb938f6b2e72ce01L,0x9f28e413b40a61c9L,0x00000000000001bcL } },
-    /* 18 << 161 */
-    { { 0xa7b6d19ac91805e9L,0x615699eb501c2667L,0x48e2afa5a34bc77eL,
-        0x3481417aa5c5f041L,0x2919a3596c1e6286L,0x3d1dd1d074db3545L,
-        0x342a15f49e76b201L,0x82b5db095e08f638L,0x0000000000000105L },
-      { 0xbcc640c0ad8c1f5eL,0x2251bb88dd8a841dL,0x5f210ad6a5948f36L,
-        0x28d15c5f82e9e673L,0xbe1d9e7e6a1b484cL,0xd40a0934622ce1afL,
-        0x1b7d637fbcb6d740L,0xa76f02210e1a2598L,0x0000000000000174L } },
-    /* 19 << 161 */
-    { { 0xb896a3f2d350250dL,0xf294278d7ee9ea71L,0xc9c8283e6249854eL,
-        0xc21eab81bc99cd28L,0x73b8e2c38f4be65aL,0x8244fedf69c189ebL,
-        0xce75ac12d0cdf781L,0xf323ab63fe1faaacL,0x000000000000004aL },
-      { 0x8860fa20e9ce92e6L,0x83479ba5eff82f2aL,0xfe15b93eda4dba32L,
-        0x7f6c7ace601dd142L,0xec990ad49d19bd4aL,0xde2eee45c95fed76L,
-        0x88e4dcd7f5448f60L,0x8aafa008120b0d53L,0x00000000000000ebL } },
-    /* 20 << 161 */
-    { { 0x5e52e88599dd702eL,0x8788f039002b4e01L,0x1c6e3d695c4f0701L,
-        0xe5739c8b4d9f865eL,0xaa101c5cc3799864L,0xe3cf2696f3fa07fcL,
-        0x389a552716f96437L,0xbbb4d9808b801596L,0x0000000000000164L },
-      { 0xae6ea79567728022L,0xa02d2498f57436ccL,0xa7d4f844f72b5ee7L,
-        0xe1be79d19c24f898L,0xe9d02da89af2917fL,0x589677b798d5af37L,
-        0x8515a1be298ddfedL,0x85c9f54d73c666eaL,0x0000000000000099L } },
-    /* 21 << 161 */
-    { { 0x266b62cd5e9b3f3eL,0x5923ec10fcf4c770L,0xa94e579454e6c393L,
-        0x4537ad5461e76eecL,0xb0c3a5730f27b256L,0xebc9b1cc3d1829adL,
-        0x43f486fb2a535031L,0xac5e5f3d265b0bf2L,0x0000000000000034L },
-      { 0x696366449ddef973L,0xcb381b06bd3c5340L,0xa007691234214149L,
-        0x15c92a1bbe0faff1L,0x9093712f0da430c9L,0x925af269f6ce1ed0L,
-        0x25aac7039766963aL,0xf00a980f330c5e9cL,0x000000000000015fL } },
-    /* 22 << 161 */
-    { { 0x9dc85b22b1c47096L,0x122c6be77e0e8e66L,0xdec66b03648fb290L,
-        0x27f4376ec40116e7L,0x7b7bafe69dc0cc4cL,0x0cad9ff312d08efbL,
-        0x70db245bd6542645L,0xc28346160b545d05L,0x0000000000000026L },
-      { 0x298ec3d3ed63af02L,0xbba1f13c8bf8477dL,0x2830e1ecef7a945eL,
-        0x49a0e5e009c1b798L,0xe2ef4ed3728f9e0cL,0x235768bb24570e74L,
-        0x10007a9283a6aff4L,0xae2217684ff5f9d5L,0x0000000000000014L } },
-    /* 23 << 161 */
-    { { 0x78be01f01cdd5596L,0x27c282a59b4b44f6L,0x03a41b7ba989e031L,
-        0xd477af5342fc6296L,0xd24df6d41fdb1d44L,0x7458e14ae1b0d7beL,
-        0x8eefd3d58838a0f9L,0xdf17dc2d7db4b37bL,0x0000000000000113L },
-      { 0xbb8f431ca4c7855bL,0x7cc9118df5a15060L,0x61ff999b04efc1e7L,
-        0x34f30946331fc317L,0x6f24717219a61908L,0x869beba812619b2eL,
-        0x1c53bd3a4916f1ffL,0x1276f58ea988bc64L,0x0000000000000005L } },
-    /* 24 << 161 */
-    { { 0x02e206c37471a905L,0xb6ce013934d0c122L,0xcda8a158ca1ec8adL,
-        0x17ba844b6eb26374L,0xf8dca5a62ae7179cL,0xdab1da42807ae8f2L,
-        0xdcc18ac94083d6a7L,0x1464e68edf65f291L,0x0000000000000038L },
-      { 0x6599fd7bd22a48c2L,0xfd36f482477abe8aL,0x403663c930756f73L,
-        0x1b38f348805b2e09L,0x213feb71c142d148L,0x9878091a8855d42fL,
-        0x317421962821af05L,0x9023473580457e5bL,0x0000000000000053L } },
-    /* 25 << 161 */
-    { { 0x47ba1f99743fea79L,0x06acb3c3a291a643L,0xaa7348bb9f2bb6e6L,
-        0x84fdba6fbc8a12e9L,0x15b33b6b0a667c24L,0xba9f7deb101dc30eL,
-        0x459a46034c57add7L,0x5464da8fa6609167L,0x00000000000001a8L },
-      { 0x0c6a508a3784eb33L,0x4479937d0f0a90bcL,0x1a531a0d977b0dcdL,
-        0xc2b64ddae64bad13L,0xd5be67bfee7f09adL,0x22f09f2ce76c1626L,
-        0x9686e65fe16904b6L,0x36b7a900855d97f2L,0x00000000000001d5L } },
-    /* 26 << 161 */
-    { { 0xd43858c0df99624bL,0x13136325cb492988L,0x1c894e8eee9f005fL,
-        0x22ac0619eff5ed87L,0xe5541a5988b981bfL,0x5bdc0aa3fa6c6896L,
-        0xee9ae8d5d079468cL,0x62019c6ddee442fbL,0x0000000000000133L },
-      { 0x26522a74f2b6d9c7L,0xb5b484afa0d85fc4L,0x5e43e58b8ecffd0bL,
-        0xe4208afcae402e16L,0x0f40d075c422d4d8L,0x2a9bb7082750ab4eL,
-        0xede6cf4bf468eff9L,0x8513051277fae59aL,0x0000000000000198L } },
-    /* 27 << 161 */
-    { { 0xcc69a0ccd9e4f8e7L,0xc022938a9bed81f0L,0xfa5d71e306664d82L,
-        0xd5be5e220f1e2acdL,0x92c0da616ba1adf6L,0x7f4f4a83200f1487L,
-        0xf057fde0dd6b2d46L,0x04a1fea64ee5aa31L,0x00000000000000c1L },
-      { 0xc89bcd96ed79484aL,0xa5c975a6ec2453f9L,0x33215bdb09a122e1L,
-        0x354116245bf4ac00L,0x555dccea0adbf9dcL,0x305b7c95457c70b7L,
-        0x1afe30a21ef03bcdL,0x4fb417396ad91b4aL,0x00000000000000e4L } },
-    /* 28 << 161 */
-    { { 0x9b725e514dd1d21eL,0x168e6606593e95eaL,0xae7b78d6fc4197eaL,
-        0x5292f0812cd1c536L,0x7ec384125dbdb782L,0x2853f48a71352e28L,
-        0x904986af7516103eL,0x23d71c892b57f46fL,0x0000000000000091L },
-      { 0x5d4a4f006a1e8ca4L,0xbbc96d859935baceL,0x4175dcd7b578a386L,
-        0x208f65eaac20bd79L,0x2859dbdb96f5e3efL,0x59757e035c91ede6L,
-        0xcca1eb6dce0673afL,0x886baaa29a7cf180L,0x0000000000000086L } },
-    /* 29 << 161 */
-    { { 0x23206c18b63cc880L,0xae2a1109db8b7f25L,0x6779ed193b8e5e1eL,
-        0x565a9bd7cd18feadL,0x17bd2284ccf3caa7L,0x385aef038c0d52eeL,
-        0x8ae77665138d63ffL,0x718bd33248a59df4L,0x0000000000000008L },
-      { 0xf9d111dbe3242981L,0x2fa83b3d575d3c49L,0xf45ce3fda49b5fe1L,
-        0xf35d796a9d2ec2b8L,0x9b29bd6b4fff07dbL,0x7a773285d6801cbdL,
-        0x2050e529a0c11fd0L,0x049b8045486f19dfL,0x0000000000000178L } },
-    /* 30 << 161 */
-    { { 0xfd8f5732a214ffb8L,0x44b1642c528bc00cL,0xddf614c664ab949aL,
-        0xd2c8792db600c8caL,0x742d67de888308f1L,0x7c935d3ecbd60490L,
-        0x100cda325395d111L,0x1b6a6cd19a931f92L,0x0000000000000110L },
-      { 0x5d45901e48ac9d0bL,0x1b6930212ed16103L,0x938c16a2a85d4fd3L,
-        0xd42348aaa382830dL,0x1bdea8d49ba29408L,0xde5f07a05aa9b9f4L,
-        0xf2ff6e2c17118d5eL,0x7d9e7fd948437ea6L,0x000000000000001cL } },
-    /* 31 << 161 */
-    { { 0xf21bb0d569edba14L,0x5b03deeaba63fd7fL,0x6428178b6ccbda3dL,
-        0xd90721c9ae40f7cfL,0xffa95ed408c9d593L,0x233675f5916327bbL,
-        0xf63a304a3ebd7c4dL,0xfc1e62599af1bdb0L,0x000000000000019cL },
-      { 0xe10c054ef0fb085bL,0xa82deca9e42abb84L,0x9657610111a401b5L,
-        0x7a8a0895b7452de3L,0x9a132acfc3b65cceL,0x550ebc8e611b6aaaL,
-        0xc769bab2fbb950d4L,0x9b0207afb0bbfea8L,0x0000000000000139L } },
-    /* 32 << 161 */
-    { { 0x4f6ba84d09ed0733L,0xdb3908d14bf2273aL,0x33bcff3f3a074347L,
-        0xbafc83c622e849cdL,0xfb13992ceed3b0dbL,0xd24dd41d3c016bedL,
-        0x0d15167af6c72694L,0xe06346be162238b6L,0x0000000000000050L },
-      { 0x28fea53455d96852L,0x46aee84a3f0cef9eL,0xb8af77e1775a77a5L,
-        0x63e3b7fcb66f217dL,0x763ceb6796e84554L,0x39b7ec8ed79b3203L,
-        0x62e24b184f17b166L,0x873ea1aa905054dfL,0x00000000000001f4L } },
-    /* 33 << 161 */
-    { { 0xf9e957e011ecd03fL,0x36e97a5162a70172L,0xddc99f268cee4a6eL,
-        0xc9133a8bf59c132dL,0xf0360bc56ea138eaL,0xc951611bbf929662L,
-        0xd5e127b017c41f0bL,0x273a6206effc45eaL,0x0000000000000034L },
-      { 0xede37cd5600d7097L,0xeab8d796081144bfL,0x1b45983f88a59279L,
-        0x9bac431f8fd88379L,0x1261faf43b1033edL,0x72f4d092e7106cb8L,
-        0x9c77283c885fe210L,0xd61437588f312001L,0x0000000000000120L } },
-    /* 34 << 161 */
-    { { 0xe741401b3e4b27f0L,0x3cba76aa0649726dL,0x56c542047fad17c1L,
-        0xc6f0731569335954L,0xc578f101a9fcaec4L,0x5c100c039431d291L,
-        0x2bf9d339f2630180L,0xfe18d6e0fb611fd6L,0x00000000000000f4L },
-      { 0xf7c8ebd21d5a95e2L,0x50abdb6201c572d9L,0x8122c3d1cfa44f8aL,
-        0x6eb1ebb1266a9f78L,0x6fac9cc4ea52170fL,0xb27ace4dd2a508fcL,
-        0x6060020ac99e9aa1L,0xe55643997d3f48ddL,0x0000000000000190L } },
-    /* 35 << 161 */
-    { { 0xa9e4882c7ed59d91L,0x07a64a9b1fce9c0dL,0xcc45cd129065e704L,
-        0xeecf8b38f26f1dfcL,0x2f5c4945a1616c3bL,0x900b2ccf9642e488L,
-        0x5af1d7f8162fc9e2L,0x2a71595e18424eb8L,0x00000000000001fbL },
-      { 0xec338fe3dd9c2e9aL,0x65dafe42b0517883L,0x40a9bae3d93ec0b7L,
-        0x674169aaf094a74bL,0xcc4ca4f411a22a04L,0x45a2ee1e25ffd70dL,
-        0xf12af516101337a6L,0xaebc10f406fabda0L,0x0000000000000072L } },
-    /* 36 << 161 */
-    { { 0xc0bbb7f74d30e883L,0x492e66eefcb15f83L,0xf72ef2fe6f48c1f7L,
-        0xb947548d314b03feL,0xd65e9cf3c25acceeL,0xff39b4dceeb29d36L,
-        0xbec64e77c99c5afcL,0x5b8a197d3a67c06bL,0x000000000000002dL },
-      { 0xe1331e50f871d815L,0xe03985a391481e0fL,0x813f257a226cedebL,
-        0xcd331cce2a206ba1L,0xd638fdf4827d764dL,0x6a615884c63d7d4bL,
-        0xcc4d0e0d6b08663aL,0x66436385310ece41L,0x000000000000005eL } },
-    /* 37 << 161 */
-    { { 0xadd8cd73f0ecf34dL,0x43f62967ff35e2e5L,0xf5e43e254b1a345bL,
-        0x1ae3f1eec54f35a2L,0x4f1c7df9cad2bf13L,0x15d4803bde8fd01bL,
-        0x9f4042173924fc8eL,0xadab12608a67eaacL,0x0000000000000030L },
-      { 0x194e264056788778L,0x9150f420b9b52528L,0x65e6f21ef741753eL,
-        0xdec82a916b87ac55L,0x1cbe14d2287c7942L,0xd7a761913f6f27b9L,
-        0x4aab93b16fc85b18L,0x542dd2083b421209L,0x00000000000001e3L } },
-    /* 38 << 161 */
-    { { 0x2791f6cbd8c481b1L,0x5f6e979b105355abL,0x9717cbdb3c359624L,
-        0x524de35b434adfa2L,0x342553b9e4390513L,0xba52714e2c4aa1d3L,
-        0x203610b03352d5aaL,0xb0417dbfde6e9eb2L,0x0000000000000007L },
-      { 0xa7a4ab660778eeb6L,0x3e73596701347028L,0xfefbc03f86847bcaL,
-        0x6b746803cc5bdcc8L,0xec44a1ae77b147a8L,0x447f4acf99a32887L,
-        0x57fc9a18a05edd76L,0x984f16610c725648L,0x00000000000000f6L } },
-    /* 39 << 161 */
-    { { 0xd19616ae1983ebe8L,0x4503d5f2e1e673f5L,0xef3f5a36e6b42028L,
-        0x55b2352ddf585e21L,0xc96b97cb803254a0L,0xbb91658d46a8dc81L,
-        0x510b21ca6c1d02c5L,0xc01a0264618a46ccL,0x00000000000000fbL },
-      { 0x809346c47c10f0d9L,0x1f4da743e1e88f53L,0x53670064ebd2df12L,
-        0x700b420afa09e88fL,0x4a22c1529e631b7aL,0x1d4d965c170a085dL,
-        0x0d6d1a47fbbdf9b9L,0xf95f3f2816be4629L,0x000000000000001fL } },
-    /* 40 << 161 */
-    { { 0xe410d8f75fd30bbdL,0x966e71d6031cff85L,0xfe51c6c9a6f4b6a7L,
-        0x6aa83ca8d5681412L,0x28a61d2e57a5d801L,0xb699f6cb52bc0413L,
-        0x1729f8d0443bb821L,0x6e22f51204452a00L,0x0000000000000076L },
-      { 0x7b51ffac0cc2608eL,0x370f9a54495e770aL,0xe32a66e2f574b07cL,
-        0xc3ead5c57c808c30L,0xf04bdebd20d3d51aL,0x82b07f2804ffd31cL,
-        0xd2d81ae3b6df8fb3L,0x3978bb58002ea4e2L,0x00000000000001abL } },
-    /* 41 << 161 */
-    { { 0xe78315f6dfbb52a9L,0x9d3cba08427fe77aL,0xdfe7bf03a89c1b0dL,
-        0xab65916f705a6509L,0x674049815c466030L,0xe8f1d410c97d6559L,
-        0x38bdb4141cd203caL,0x3ddba428daf215d9L,0x00000000000001e1L },
-      { 0xd1174c6998d10f89L,0x049f8fdc7bf92d99L,0x5e93b8e5cb52899dL,
-        0x886da2cad057f3d5L,0x7bedd886c75e69d6L,0x48b808d7b869acb7L,
-        0x542a5fbb7168759fL,0x18d5a3b332d207f7L,0x000000000000015aL } },
-    /* 42 << 161 */
-    { { 0x7d28aec6ca1338b9L,0x60e2c0021de0a9e9L,0xec83a036473cdc40L,
-        0xa18a48427b3ca8baL,0xbb6ce1a4d57240f9L,0xd8849fb45cd926edL,
-        0x0a6bed34a99ff832L,0x4f95f32bbf65f46cL,0x000000000000016aL },
-      { 0x1b97562771d2f781L,0x75e4501fc527e102L,0x79130a459ac2b105L,
-        0x470192f34acebcf5L,0x72b54c075997b4a2L,0xed718897c8b60b66L,
-        0x4093b1f8f51bd41fL,0xb29f58d3a42de0f8L,0x00000000000000d7L } },
-    /* 43 << 161 */
-    { { 0x331982b89a4db510L,0xf3712ed38465e8c4L,0x3d34b58f16d166c5L,
-        0x4c288793731d073bL,0x70ff503acbb64d41L,0x8c1af3bc188deefbL,
-        0x5a73b272b1ec9218L,0x9ef75613bf5d7d3aL,0x00000000000001bfL },
-      { 0x539822ff861474bdL,0x180f16e73e4fbb41L,0xcd2510ea4d5b4fafL,
-        0xdcc4d89a7fd914a7L,0x2b80a838ae4c4ac9L,0x51b8089df7376ed8L,
-        0x0ab1f9608fbaa6a0L,0x6e736c68dd816684L,0x00000000000000d0L } },
-    /* 44 << 161 */
-    { { 0x5d35a91d101c28c4L,0x0f09bee540733fc9L,0x15b904b81454c498L,
-        0xca3a5474136142c5L,0x58c9b304bd03303cL,0xea4075b5a60b59dfL,
-        0xca58872e67858464L,0x788b761f48354a3bL,0x000000000000016eL },
-      { 0xd17d61f750501d32L,0x791776d613aceb1dL,0x3b0e441e42c97751L,
-        0xbc212d890edad7b1L,0xf9fe60a0ce37bf73L,0x65fcc158880d070dL,
-        0x00a84549d1d4e035L,0x01c1e68c701162b4L,0x00000000000000ceL } },
-    /* 45 << 161 */
-    { { 0xd0a8554c494fb156L,0xc71afa6a8c500c38L,0xee41b4fa39a89f0bL,
-        0xbbb592d2af6b45d9L,0xfe957349f903b987L,0x43cd6c638db1e4d9L,
-        0x8e43ec817ce3023bL,0x416c60c5329a63c2L,0x000000000000019fL },
-      { 0x2b21d1cf4d61105eL,0x251b9594b74f4dacL,0x12b8fe3c5e4d45eaL,
-        0xba2c53365fc42715L,0x223fdd1c773b2d48L,0x94f125933065fc8dL,
-        0x492cc924e2333395L,0xb3616a8475ac3c66L,0x00000000000001e3L } },
-    /* 46 << 161 */
-    { { 0x5ace22d86c5a60ffL,0xb851dfa9f4a3b8e9L,0xf69113c2fa83cda2L,
-        0x32ebf61d64cfd0f2L,0x54c22f18957e47caL,0x6bbd312371db481aL,
-        0xee07ace023f0bf72L,0xe21cc99694f56b82L,0x000000000000015bL },
-      { 0x5f550ca712edff28L,0xfe0f2ee6bdbf147cL,0x0c5ce5382fbf0a76L,
-        0x1ed469f774b92d4cL,0x9b1c90af48edafecL,0xffd719c5d02d67d9L,
-        0x1393017c26b20c72L,0x394c92a765bbfc0aL,0x00000000000000e8L } },
-    /* 47 << 161 */
-    { { 0x8e3b16ffff7e659eL,0x46277baa15e7d54bL,0xa9a805181780a668L,
-        0xa3c489288ee7de0dL,0x5a33494c6a492932L,0xf21c24fc8c77046bL,
-        0x0f03d8aefe34a7d0L,0x124f0b04cee67a16L,0x0000000000000155L },
-      { 0x5a35d64c33c9043bL,0x43c74b4c3bf7ba98L,0x799109fbd8945905L,
-        0x144fe1552c7afef7L,0x216b3cd4a58245eeL,0x59db3457dee2d7edL,
-        0xff7a2017df7c0f11L,0xc4f76ef73306c02dL,0x0000000000000056L } },
-    /* 48 << 161 */
-    { { 0x35a5767a91f7da33L,0xb73136937ba4dfedL,0x3843d6c37f7e4d30L,
-        0x6f461c6be2595a8aL,0xa34766d014105be4L,0x62d28311d7c9924eL,
-        0x7bfd28110f51f78eL,0x9cd30fb24b760751L,0x00000000000001c4L },
-      { 0x739b01bc3391726aL,0x82721aef5fde4fd5L,0xf3ec542dea71f1f2L,
-        0x520fdd3458345718L,0xef2a3d6f54bb2d09L,0xf75fc3fcfaeb5530L,
-        0x6fb68582f73076b3L,0x27d3835620e57568L,0x00000000000001beL } },
-    /* 49 << 161 */
-    { { 0x7a28d24dd585507dL,0x1e4e683466285c9dL,0xe4b682babb22705bL,
-        0x64d1ef0045ab2054L,0xb5cec856cc08627eL,0x889ad5ebb8b7e942L,
-        0x8d714cd95079afafL,0x4d8076a73e83d558L,0x0000000000000190L },
-      { 0xe9f3ad2bf576cd63L,0x59000a34b58cfc2fL,0xc264ed814685f799L,
-        0x982c7552123238a0L,0xa9ee7e5968384c7bL,0x8664439308b33f41L,
-        0x17b12f704e50471dL,0xc0d7e9bc75ebea21L,0x000000000000019bL } },
-    /* 50 << 161 */
-    { { 0x912222d815c2f2a8L,0x2de888271cd8f2a3L,0xe76034a53dd91b8dL,
-        0x845a5d5194b6f95fL,0x2eb60c5b52e29a05L,0xf0d98738ba25e6bdL,
-        0xfe6a89c8cdc0327cL,0x167c43e4c20b4ca6L,0x000000000000005bL },
-      { 0x39630959e8c54a45L,0x02c1c7fe70765ab8L,0xec3f9a8de3407090L,
-        0x9cc4b5fb695237a6L,0xd8f106ce75b984f0L,0x9cbaf61edbaba8d1L,
-        0x1d97a9051041afc9L,0xf2e9161e55b31a38L,0x00000000000000ebL } },
-    /* 51 << 161 */
-    { { 0x5a6bf7f91f8b55a8L,0xc69d8efd172ad4e2L,0x225a073ce679c187L,
-        0x715c881907c52ca1L,0xc0e7ea40ea089856L,0xd468af9b39f8886eL,
-        0x0d4ba8bc050432baL,0x19f774a064252dceL,0x0000000000000156L },
-      { 0xc799518c93721f59L,0x366c163c364ad15dL,0xba588393e560fb0dL,
-        0x016a8490de01278dL,0x2b528be2d1a40335L,0x5309de257787392fL,
-        0xeb1b66711c0958edL,0x53fc34a953ef3c21L,0x00000000000000a7L } },
-    /* 52 << 161 */
-    { { 0xb4329354b10450e0L,0x467523c0f2c7c16fL,0x8704d83d9859020eL,
-        0x04daea48e8ad89feL,0x63c0e5f15b92f0a8L,0xb46d370e1b70e374L,
-        0xdbf6127aa728e693L,0xb2121298b13a28b4L,0x00000000000001a0L },
-      { 0xd0421f84c0574c9fL,0x0cf61cd6d362b1a8L,0xd89f8484bb97b57fL,
-        0xc9bd3731b39b01f3L,0x1af2db789dc8f339L,0xe4841c8d5be1a90cL,
-        0x4fa214cce1f35bd5L,0xdf654917c1a9f844L,0x0000000000000118L } },
-    /* 53 << 161 */
-    { { 0xcc657fbdeded2e02L,0x141fc3e7caf6a533L,0x7da03a50c37499b1L,
-        0x065eb76c204614f0L,0xcc8bd1807ab23c85L,0xca7080fb5f1cec2aL,
-        0x1760042d05f0a0fcL,0xd8fe8fc96c675e0fL,0x00000000000001b4L },
-      { 0xeac258083d064fc5L,0xa906864eade9696cL,0x58fcf49e1f711665L,
-        0x1ff08bacde11a5bbL,0xa7feb828b482ca23L,0x6a0182962648ed45L,
-        0xb86ca29c5066a0a5L,0x6365a8682517aa29L,0x0000000000000077L } },
-    /* 54 << 161 */
-    { { 0x34733894f44f0ca9L,0xe4cfd1e412871471L,0x744cae9c6937e907L,
-        0x4e64dd6163227fa9L,0x47d3efa71c46edc0L,0x0872f46ecc49f614L,
-        0xef5581ef6c3aa650L,0x40cbe7deffa56263L,0x00000000000000b9L },
-      { 0xaa3435661a572651L,0x3dfd8846f16f48dfL,0x0a61cd2df660bd14L,
-        0x2aac6852b7382316L,0x237e7531a213fc6cL,0xe5fd6bd5733eb51dL,
-        0x07d667c654816bf0L,0x1ad4cb04e1079eedL,0x000000000000001eL } },
-    /* 55 << 161 */
-    { { 0x6798f4d06e56988dL,0x41378b308e88eaa0L,0x2dd138d2fd992c8bL,
-        0x5e7400ae71030b13L,0x7b00ea1f13c9ad72L,0x171f656d79101b3eL,
-        0x1614fd762b2d5ebdL,0x75c70e686e0f5bb5L,0x00000000000000cdL },
-      { 0x9d980a7936d23463L,0x834c407489e9fdb9L,0xc9b2dfe11423a5cdL,
-        0xab0462bbfec68ee5L,0xf1b299fd96ad5ee7L,0x1a1052ce79847284L,
-        0x11d08428d9a4aba9L,0x3f76770dd07f8532L,0x0000000000000058L } },
-    /* 56 << 161 */
-    { { 0xf85c1b6a18db2823L,0xda36fa1c2203eea7L,0x81f96771cdac541bL,
-        0x52e33f39605c943dL,0xadf4c06637c23121L,0xe9e5aa4b8ad2c86cL,
-        0x3d4a61630354ad23L,0x44b4d8ebae152c75L,0x00000000000000fdL },
-      { 0xd5d3d35dab2d2652L,0x55b6f8ed382b2fb7L,0x3a1eee79a7e69b83L,
-        0x98f430aab5c6da08L,0xf4af6cd956cce57bL,0xd67e787b7af2ea27L,
-        0xc276f0a7d8841e4fL,0x2e23f60fc0478c59L,0x0000000000000026L } },
-    /* 57 << 161 */
-    { { 0xf0eb4ab877863073L,0x94181818a546f8bfL,0xcd887c3ca8731841L,
-        0xe2bcafcc75595c73L,0x344aa895985d3b76L,0x1bf93659471fdde9L,
-        0x966caabac3b6a887L,0x3ef855c5d55370f8L,0x0000000000000066L },
-      { 0x19d2a2302184ccb0L,0x8fc183ee69acc9dcL,0x7a4e06407c15ff8aL,
-        0x558ad1c20c26289bL,0x6c4115510529310cL,0x280ac8190fca48a9L,
-        0x0415f9bacf58bdbfL,0xc3886683f2c0dd4aL,0x0000000000000062L } },
-    /* 58 << 161 */
-    { { 0x3e88401aeebc8d94L,0x7e5f8ec0075f3f3cL,0xc9fa5c48d3004237L,
-        0xcb17bcbb3d2f2e5eL,0xb105514bea735fa2L,0xba377336fba76370L,
-        0xf221092e050d6dc4L,0x77a261f905f5f809L,0x000000000000013cL },
-      { 0x606d9cfad207d34cL,0x596d48e3d86cebd4L,0x9446a6eea25feb06L,
-        0xf8aa591e0e3061baL,0xfafdaf2e4d4e8f87L,0xdc642f5dcde1b623L,
-        0x0780a3b18c4123c6L,0x0b0e00885b2343d8L,0x000000000000009fL } },
-    /* 59 << 161 */
-    { { 0xd6968c6456a686ebL,0x76bf6f10f6be50c1L,0xb07ea82138afb6a8L,
-        0x0fc9edaf1d7736e9L,0x20d6045f9b3e0246L,0xd17c5795991c0a45L,
-        0xd7db43f4df3ed4e4L,0xc89cf90f2ac74830L,0x00000000000001a2L },
-      { 0x30417f69b28de367L,0xcb660863643918c8L,0xbdb5eb048fb7d82fL,
-        0x401f0699f4368ab2L,0x9ef1961f15413dabL,0x30b0324f41c40991L,
-        0xc2b48a84f8668b54L,0xd93b0282b6d52027L,0x000000000000019aL } },
-    /* 60 << 161 */
-    { { 0x69660fea949317feL,0x373d869babd661a7L,0x9af9b8f1d3e12c73L,
-        0x924254a4b60c5995L,0xe35cd8673d19f242L,0x52b966e567041fb6L,
-        0xa23e82421d39defcL,0xdd92b1a8eb62a410L,0x0000000000000125L },
-      { 0x3c1d6f5250ed0bacL,0x3266bab423c65483L,0x1773d1942fa296fdL,
-        0x1716ffa0cc5c82b1L,0xed0b4af7185788b3L,0x9ad866b5990b8e96L,
-        0x3263e59f69dad8d4L,0x4fa90e3f3c4701bbL,0x0000000000000142L } },
-    /* 61 << 161 */
-    { { 0xedc26bc2b7001966L,0x07965896b8d8521dL,0x485564a35427755aL,
-        0x522dd1d1f3f96155L,0xf182a1d731bf10a8L,0x3967f375fabecb7aL,
-        0xe657de0bdcd6c80cL,0xa8db2b3a8de73efbL,0x0000000000000074L },
-      { 0x6cec45bbbb1b75a3L,0x1e28ed9134f5ef01L,0xe4a2fdbab493e0f9L,
-        0xf3b058cbc67f30f4L,0xc63ce1f97c21e9e4L,0x6df803bc9587af66L,
-        0x83b68042b2d6058dL,0xbd466da98be4c8adL,0x0000000000000050L } },
-    /* 62 << 161 */
-    { { 0x8ebd9194aecfa334L,0xf12fdf8b12498ec5L,0x10aeeea323bc15c8L,
-        0x67e32fb5746aa8f0L,0x6c2a3ce334ea8c2cL,0xed5b45bd7d1e6a40L,
-        0x4ec06953c478d94cL,0x06653d528fa54d3eL,0x0000000000000002L },
-      { 0xefe66e37c9fc19c3L,0x3df15ce78f92ef51L,0xecae3d50d107059fL,
-        0x4e588f54d6f8d314L,0x3fb75086789921daL,0xd475779892273a4eL,
-        0x18a75dfb63e04c7bL,0x90f39dd1fa412403L,0x000000000000018bL } },
-    /* 63 << 161 */
-    { { 0x618e0931d9ee46b4L,0x3c65fdc65ac70195L,0x46a7ca1f25b503a5L,
-        0x3d43ee7529d9d453L,0xeae5decfcb21a646L,0x32cdc75f95a04c13L,
-        0x7b39b1bcfc631a28L,0x903bbdaed2ab7499L,0x0000000000000085L },
-      { 0xa0cfb2a4f158b009L,0x59cf9fdda8d72e02L,0x2f83798e4e24207dL,
-        0xd8fb75cf4272d53dL,0x55e7a933a3dff9a0L,0xb72160f8815ef182L,
-        0x5a14b7e3fe0d0337L,0xad937b534b590bc2L,0x0000000000000041L } },
-    /* 64 << 161 */
-    { { 0x0db2b099cad6b074L,0x4749379c2a6efc26L,0x31862f75ab64d63cL,
-        0xa465075d1623e85bL,0x5f03bbea00e7e1b8L,0x24ef8956a2c133cfL,
-        0x6f9fbad452533ca3L,0xdfb15df3abf81b19L,0x000000000000015fL },
-      { 0x0616fd242796855aL,0x4a9a066c9cbc946eL,0xaa0fd8ee347283f1L,
-        0x63bde9adf15aa16fL,0xbdd5677a9277e9bbL,0x5ec032e2d045538cL,
-        0x5f4eba3aba8c76fcL,0xa17d2872088e500cL,0x00000000000000a6L } },
-    /* 0 << 168 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 168 */
-    { { 0xd8faa3bcd4cd8948L,0xddc437839d2888d8L,0x1e951bd5581abba5L,
-        0xa52dfab22947d11fL,0x8fbb0ed8728a40eaL,0xd4f4d06f31d769ccL,
-        0xd93b1d93fac908d2L,0x8852b438f5a3b0cdL,0x00000000000000bbL },
-      { 0x84ea0e03c8c88de9L,0x621a808863cdb21fL,0x332c292ecd6ec216L,
-        0xfd01ee09c4cd0dcaL,0x5354ec9efdfce95cL,0x05c307b2a6b8db30L,
-        0xf7b254eab44784aeL,0xd38481257e61408aL,0x0000000000000128L } },
-    /* 2 << 168 */
-    { { 0xf9b815fe2f1993f7L,0xe1f5199a3ecce0e2L,0x8898d789ab10a910L,
-        0x49863dac4e863533L,0xb5f118aa5e465bafL,0x10d031280281e10bL,
-        0xc98361355042343bL,0xc2140930bc68242dL,0x0000000000000073L },
-      { 0xf1417466e84f3896L,0xd4167f1323db4590L,0xe5347265c7699f09L,
-        0xe4458198be6204bcL,0x9375296868d8b7a8L,0x49757c532a065d8bL,
-        0xdc0856fbb6927e83L,0xb1679b0c56449cf6L,0x00000000000001b2L } },
-    /* 3 << 168 */
-    { { 0x1a80e022f6b5e497L,0x210b6f4b8d73860aL,0x16f2e7bd7b7f92c4L,
-        0xded9e969d068de98L,0x68105e12546ace60L,0x56a0c5b0efb6f66fL,
-        0xf0d5fdb985d590d0L,0xf15e274fb69d5821L,0x00000000000000bbL },
-      { 0xd8d0621dde543268L,0x9e0ab44c04b71011L,0x25c135cbdb9fe3ccL,
-        0xf0a9044b024b4ce3L,0xecfb54fa49d2589aL,0xf57495388bca2c50L,
-        0xd76bf119f8f8e5f6L,0xbd946e2c292a452eL,0x00000000000000b2L } },
-    /* 4 << 168 */
-    { { 0x1d43440f28eb6ffdL,0xa97797d41faa5c82L,0x14a960425c895eefL,
-        0xd35e5d8cd4fa3e4cL,0x9e68f293277b5084L,0xbf5b8a162bc6b1a0L,
-        0xa1d47a38cf49a617L,0x703e609e62fd2244L,0x0000000000000048L },
-      { 0x5909fbf6c6af3c4fL,0x1428b8357c1975abL,0x30f8a30810400297L,
-        0xd753559f5b5750bbL,0xbc5235ebf99fabb3L,0x588aaf0bcaa35305L,
-        0x13085abc579dc86eL,0x793f9efafea9393bL,0x000000000000000fL } },
-    /* 5 << 168 */
-    { { 0xd1e60e5f8256720cL,0x171027f57c49fa90L,0xf64e8839f6549f3cL,
-        0xffa1490469b799b0L,0xadd4e8fb34553fdcL,0x7cf91923741a95baL,
-        0xc9fa2fe993a1ba5aL,0x5d9e34020980acc1L,0x0000000000000020L },
-      { 0x2a5cb99c98d2c9ffL,0x448896bf6c3294e9L,0xf76232cb81e067a4L,
-        0xbda3583a3757184dL,0xfa41813b2e0c61aaL,0x6ba2aeb6c106499dL,
-        0x93782286a19e4b30L,0x13e2306f86e8c59aL,0x00000000000000a4L } },
-    /* 6 << 168 */
-    { { 0x6f8275e50e37edbfL,0x64ad3b76db3e6343L,0x2eef15036a5161ebL,
-        0x2c60875ecf10d729L,0xd477f32a9424ce59L,0xfbd5ab3fddd91be6L,
-        0xbe1f16dfac18456bL,0x88e755378dac1a4cL,0x00000000000000d1L },
-      { 0x4f8e076e3c10f2f8L,0x04f48ba57a6bc509L,0x8b825c99420b54d1L,
-        0x35fb71ddd7412044L,0x1d954ed2771b6d9eL,0x24ead049473e8a03L,
-        0x513ff05d28ba193aL,0x42d94d2c7a8abf0cL,0x0000000000000143L } },
-    /* 7 << 168 */
-    { { 0x5169a5ba3792d0e1L,0xa94f38ae866a52b1L,0x52123a0860f5270dL,
-        0x3753c8f7a5b51694L,0xc28f1bd14c0dc22bL,0x39279193e55184f5L,
-        0xb9fe5bda528c4498L,0x1a04e978bce7de75L,0x00000000000001c9L },
-      { 0x95b584d1ed890690L,0xd02b7fc965d82f4aL,0xa630a8dc3f0b031aL,
-        0x79759d955be69e84L,0x8cdb211f45539242L,0x523fbd101032dad8L,
-        0x40c47f4d5b003e94L,0x02de551920d6fd97L,0x0000000000000144L } },
-    /* 8 << 168 */
-    { { 0xf63486b5ce9c07a2L,0x109221f7b9b5e762L,0x0450b6c79210d1caL,
-        0x8a9b11b1cc780322L,0xf33c4701a30bfdaaL,0x1a7d75f3c33bfca1L,
-        0x4ee930e51c13af9dL,0x3ce4223bce402aa2L,0x00000000000001ecL },
-      { 0x2ffbfae311fdd6eeL,0xca5f04d003c1edebL,0xbd80684a5d3a2e52L,
-        0x98d1a18d54193ab1L,0xc549cecef366fc87L,0xb194e11aa13ead38L,
-        0x6acaf7b21882660aL,0x686c0c7bd2cad2adL,0x00000000000001ffL } },
-    /* 9 << 168 */
-    { { 0x1a90defed7b4fdedL,0x195bee8f6336c055L,0xe843d42796a94272L,
-        0x86cae8e64d7dd6e9L,0x5403b7b7119151e0L,0x3314afc85037da6bL,
-        0x6d7f8f8212ca9455L,0x3937bc09b94463aaL,0x0000000000000081L },
-      { 0x306e5a03cb8e9b37L,0x126473043c8b52f2L,0xc869679ef93cae12L,
-        0x20f33375ab4f3d13L,0x90d9c5cf0501336cL,0x35c85984849df5ecL,
-        0x42f846286244c6c3L,0x901d2a938b835c13L,0x0000000000000113L } },
-    /* 10 << 168 */
-    { { 0xb584b65394932b53L,0x68aad973af36cdd6L,0x2ac829a60bb4cadaL,
-        0x403367f33f0e5d18L,0x412b28ad7dda08e1L,0xe7841355e24b3863L,
-        0x5171c588093520b9L,0x9db8db4c5ec5762bL,0x00000000000001d1L },
-      { 0x8d3b541ec6238d25L,0x586350aec23dc89aL,0x8455da87fa4d8c25L,
-        0x7adfdca316492352L,0x8fdb5c08c81f1590L,0xd5e01e0324773e80L,
-        0x4a3b7f13dcc95928L,0xc08babf4f80b2facL,0x00000000000001e9L } },
-    /* 11 << 168 */
-    { { 0x37d8ad51452f6968L,0x9abf76030be46391L,0xc64ba0aa4f51f996L,
-        0xb71cf4b72bef5fa2L,0xdadcbf144aea3eccL,0x86619a4a5ca7abeaL,
-        0x17bbbd06af54e743L,0x70c9d3b76d5362ebL,0x0000000000000057L },
-      { 0xf2486bbdfbf53393L,0xbf16873cb87c38acL,0xca1694b587557348L,
-        0x95ad3cb860dd9d75L,0x61177e70b097e1eeL,0xb481729fc4d1faaeL,
-        0xaa07352130f14ce4L,0x8c3e81e6e534f9e6L,0x0000000000000104L } },
-    /* 12 << 168 */
-    { { 0x22d3054c1ab5373dL,0xbd4f796363adadc0L,0xfb4298ff2650904eL,
-        0x2801e275ebdbc2c0L,0x1122ea0608190926L,0x41ec28d8b2e79279L,
-        0xce049e5276667fcfL,0xc84223fa732778a4L,0x0000000000000081L },
-      { 0x56be4933666ff503L,0x0b396d37bcee9583L,0x1b469e0e153f80beL,
-        0x3d42cd0932305dbbL,0x8c0d230527134efdL,0xb90a2abb08752f5eL,
-        0xce873be8b5b796ddL,0x6a240d331b25403fL,0x00000000000001d4L } },
-    /* 13 << 168 */
-    { { 0x86aad63f60740f5cL,0x32b7cc316ee3ee57L,0x14340252a16df7d9L,
-        0xc70632bd30867552L,0xc34ab941e536c3ebL,0xb8cea58f1b8c9771L,
-        0x4f12848942876fc8L,0x2b6009fca2b9447cL,0x00000000000001edL },
-      { 0xc93452d882b5e6ebL,0x29958d78ac7dee6fL,0x22dd8fd9bf6fa7e3L,
-        0xc59c69516a75f72cL,0x1c6101e36123b596L,0xf5907c48e3f2d479L,
-        0xe5d0b6a671bd58b7L,0x840ff28c56d9185fL,0x00000000000000a7L } },
-    /* 14 << 168 */
-    { { 0xd89e1fe8330465deL,0x73a9c39780ef0efbL,0xb8200ef38ed739f2L,
-        0xe0914b2f6ec1025dL,0x7f277714866a3ec9L,0x1c9b4cd05716d865L,
-        0x176d3095167f3a3eL,0x85a16f0afcccac3cL,0x0000000000000177L },
-      { 0x767e84814f1e3019L,0x88b991b861f15fdcL,0x26cbcb752a17701dL,
-        0x79f801348eed411eL,0xdd053c40411302fdL,0x35d3c2f030858f66L,
-        0x0b53da7a9107a692L,0x9452396f37f9cacbL,0x00000000000000c3L } },
-    /* 15 << 168 */
-    { { 0x961404136bc539e8L,0xe6edfee1e4524c6bL,0x09749744d07cccf5L,
-        0x1748b47ec03bdba2L,0x2690d0192bc9c91eL,0xd3f34165bade77f3L,
-        0x1903c781805ee388L,0x56ede14320ee5637L,0x000000000000015fL },
-      { 0x4300285a7b5b9f4aL,0xdd3a022f1b6ae86eL,0xc54a8abe376288f0L,
-        0xc1d8ec4f26e3394dL,0xa3979d7b91ce3ad0L,0x0aaf9ce7d1798cc8L,
-        0xe972a6d14649a9b3L,0xb0d0e5b7f260defcL,0x000000000000002bL } },
-    /* 16 << 168 */
-    { { 0x327eec483e206f1dL,0x20bae09cfd9e0124L,0x90e15a5012fe91f1L,
-        0x0dd6de71359590d6L,0xb47ff7877346265fL,0xf68c7538d72b31fcL,
-        0x1210aa5e853e2029L,0x22955a4df09c0c81L,0x0000000000000040L },
-      { 0xe194dba07335f4a6L,0x9d6532fb4bde2f58L,0xfac563c59016930aL,
-        0x626eaeefaf9e2095L,0x7af29b71b7d9fde1L,0x809b7fe436360bbfL,
-        0x57b5e52de3cd1c8eL,0x52b9040937b01251L,0x0000000000000032L } },
-    /* 17 << 168 */
-    { { 0x2de80b5c1b9fe008L,0xd7a592bdd3848f67L,0x12505f695f8777c4L,
-        0x596956be711b00a8L,0x04ead4ce34d9bb68L,0x87d1821cd0ed1006L,
-        0x0f78cb9699acc9f9L,0xb77b5d17054b4885L,0x0000000000000081L },
-      { 0x61d1517fd4aa7593L,0xc1f884346683d4cbL,0x15409fa1c660ba6aL,
-        0x5756c0f91e5e0b78L,0xa110b7ec1649f63aL,0x5a1b015f245a2867L,
-        0x450aaadd6a15fffcL,0x2f44146d8f20e164L,0x00000000000000edL } },
-    /* 18 << 168 */
-    { { 0x34d354711d7c9b90L,0x02efc83e7cd3e5c4L,0x3bdce4d599838e28L,
-        0x903b361fc09f1f79L,0x13c9e9250540eab6L,0x69f28111375ec845L,
-        0xd35cefa96f3fb692L,0x7dd9245da6e1cd71L,0x000000000000007bL },
-      { 0xcf0e51b7d6693e85L,0x34584a15e14a978eL,0x38d36120591126beL,
-        0xf26f3d52d1a5a853L,0x904a64964e97c262L,0x7f3089ff6ac89132L,
-        0x1f8934fd38e0e5fdL,0x52e3fdf2cd20b982L,0x0000000000000134L } },
-    /* 19 << 168 */
-    { { 0x1c18f81921822327L,0x19d3895763107dafL,0xab3c2c5bbf02410bL,
-        0x056973d48084f3faL,0xf6c0f0ad9c6c0e1eL,0x5813f6354715d332L,
-        0xb1435e02d54f75b4L,0x483968e79f4ef80eL,0x0000000000000077L },
-      { 0xeb0da4e25a942323L,0x2236437f2120ac60L,0x16ee032f66313c05L,
-        0x6bff696400a38fedL,0xf5b8ee71cf6d4cd1L,0x939c85b5fdc6617dL,
-        0x1505c244a7fcfe0fL,0xa496610ab7881695L,0x00000000000001cfL } },
-    /* 20 << 168 */
-    { { 0xf915b3f2f47e55c4L,0xb163cda470610cf0L,0x822197f50a302cbbL,
-        0x8d787800ad959227L,0x10c30f94571bc9ffL,0x2a28b5ab2caa7d3cL,
-        0x35cdf34647775889L,0xc81fec4b397cc8f3L,0x00000000000001fdL },
-      { 0x83a251027f5a86a7L,0xfc270fdc49e2b112L,0x351f20f947f16503L,
-        0x4fc2abe97820ddd9L,0x68391136093b9c29L,0x0bb983f1c6d0c759L,
-        0x15a671860ea6b033L,0x56602ab7edd62f4fL,0x0000000000000125L } },
-    /* 21 << 168 */
-    { { 0x947fb594aba4398dL,0x19a131cb57bb07e8L,0x8f3be50326eac16eL,
-        0x451e83c0f2546781L,0xb4139dd4e44ca83eL,0x38a9d3905dc48a1cL,
-        0xfadb6d0641cfb776L,0x6ff29cc5eef89414L,0x0000000000000021L },
-      { 0xcbde6f766a7e915cL,0x1a7e27d2797752a6L,0xb09dd97ab6cdad5eL,
-        0xbe5d66881bbb61b1L,0xc4b76c701fa85cafL,0x88282fbd92ee96baL,
-        0x1681c7dde1b4e7a4L,0x3c57dd60ee3982f6L,0x0000000000000128L } },
-    /* 22 << 168 */
-    { { 0x54c8fc4e9f2b71f9L,0xb6c0fc49988e8120L,0xd2058da0c8927203L,
-        0x16766dd5bd3f622aL,0x7ad98310f854d625L,0x4995d6bb55c5058dL,
-        0xeecdf90c74bcfc75L,0x2d62d4faf4154102L,0x000000000000005fL },
-      { 0xbcfd7e5cc78ec9abL,0xba7846a3e9c8c551L,0x80ce88d165cbee60L,
-        0xefda52b95632fdd2L,0xfeae287b8ddbf5e4L,0x8fe72dfa152ac780L,
-        0x63f4561e614d87e5L,0x1a8d5a1e1190f43cL,0x0000000000000124L } },
-    /* 23 << 168 */
-    { { 0x14e9504a41cf60e4L,0x4d580f91ba2fc313L,0xc4d5ec9342122efaL,
-        0xa5a21ef9a3107935L,0x190ecc1c466437b7L,0x696df2275126df44L,
-        0xc9d6872cd8ae1dc6L,0x7e2fbe46f515214dL,0x0000000000000047L },
-      { 0xe226b86e0bb95f94L,0x77f82979db22d5b5L,0x059b2efca0b81578L,
-        0x8994c684251b4724L,0x248ab92581c5c432L,0xd7a601bd7218d58cL,
-        0x87e9d6e652fa557fL,0x94240f677c6717d2L,0x0000000000000172L } },
-    /* 24 << 168 */
-    { { 0x04b6642cc79728ecL,0x82006db7d4052ddeL,0xd7c03908da99c38fL,
-        0x7ba70fb9a6637549L,0x1dee482cb94a286dL,0xa628ac2a01d36d7eL,
-        0x4de12e5c003da5e7L,0x4f68a006e306d20eL,0x000000000000013cL },
-      { 0x90cb32d5635d5908L,0xa802b2585c89c608L,0xbb22484549a3be5eL,
-        0x53f1fc3655480c5dL,0xa3eb1e7b0c070e5aL,0xd0e34a5af1abbf5dL,
-        0x145ea8cb4b88db7bL,0xa9ff13bc839bead8L,0x0000000000000147L } },
-    /* 25 << 168 */
-    { { 0x30cf3767c86ddfa0L,0x6b3fd143eee9269bL,0xcebdd16d52204c51L,
-        0x274b0dc204cd14b8L,0xb6e928505a86d610L,0x6b37ae54e6800db9L,
-        0xd93efc3df84a0f79L,0x879d7dd56af06c52L,0x0000000000000101L },
-      { 0x8167dc1f83b6b8e3L,0x13e08ee718402d20L,0xf0186bf60b26ce15L,
-        0xd5aa811535c6875dL,0x0c76d0c2c5ca2103L,0x5fc8a70593646cb0L,
-        0x8afb8877a4ae3f67L,0xe2326f750e699723L,0x0000000000000143L } },
-    /* 26 << 168 */
-    { { 0xcf7d26bb15ba71a8L,0x000c8e8c0bfbfa5cL,0x718a54266f646f01L,
-        0x7c0fa210dd018dfbL,0xb64adc0f384f7dcdL,0xc0c66542477625edL,
-        0x871e593e2c75b53fL,0x96c1451fb9f00e20L,0x0000000000000060L },
-      { 0x8e0c5c99b1d5302fL,0xb2c5f34efd4421c4L,0x947c3fa92a1a9d1cL,
-        0x6721f393881b28b2L,0x1b5513edddd050a2L,0xfb2d77941408593bL,
-        0x3425f229e707ecefL,0x88c2673666df4ce3L,0x00000000000000aaL } },
-    /* 27 << 168 */
-    { { 0x5b7ecdb52c5f43eaL,0x53082afe02559d3bL,0x070e354264f68b42L,
-        0x58d6c1aa7c879d43L,0xc41be80750405684L,0x955a275cbce7908eL,
-        0xc70c146dbab9f5c9L,0xd31d7c27901ac701L,0x0000000000000010L },
-      { 0xdbc82b2bf7614365L,0x2875d55c32cd5ab5L,0xb395d08feaa9be8aL,
-        0x97838c558ce9b4d6L,0xee22d8ce4fc6794dL,0xe401877623372c0bL,
-        0x6dd2c34bfe0d49b5L,0xbcbcd109f128646fL,0x0000000000000105L } },
-    /* 28 << 168 */
-    { { 0xd0bdf16917216f79L,0x2a9d74a468bbe483L,0x6965b608e5c7b3b8L,
-        0x83e8d0b290d8ddf1L,0xb27aa05509ba77b1L,0xbf4a09be67c32e3aL,
-        0x5982ac195bf2c8eeL,0x764907324f70b752L,0x000000000000000aL },
-      { 0x1088b1f878a204d4L,0x40a0293f4d4e8a06L,0x312854a3af8d6f9fL,
-        0xb1df39186282a51eL,0x9de32af13769fc44L,0x045404379a6d0abbL,
-        0xdadc6c9d13185e57L,0x1f2b8d38e979f37bL,0x0000000000000012L } },
-    /* 29 << 168 */
-    { { 0x5f8a8c0d3ddd0191L,0x1f266a867fae699cL,0xefbd18d2bbbb048eL,
-        0x648e5f90d1ab43b6L,0xf81591adcf10f706L,0x362ddc168ed8f28fL,
-        0x2108b2c3f6b398e1L,0x1269ce097783a2c8L,0x000000000000008bL },
-      { 0xa6a691c37f465dfeL,0x8bfddfc027667ee8L,0x85db93c4e9bbb777L,
-        0x77b3e07dc3aaecb0L,0x0bba38f41d6635b2L,0xb608d7f20156a865L,
-        0x628c6f6e0f7e38f2L,0xddc70efd519f6429L,0x0000000000000069L } },
-    /* 30 << 168 */
-    { { 0x705bc9adde556ab7L,0xfd31b77a08c5f548L,0xe4d6128f47ccec97L,
-        0xda6413aba2467e6cL,0xf551c43677e4ddf1L,0xd60ca0c72bc04c9aL,
-        0x7ad228c8ff849e17L,0x59934f4e930f91a1L,0x000000000000011fL },
-      { 0xa76a8707868154b8L,0x15eca497a7dde8cfL,0xc7c5191877ab98a0L,
-        0x3ea558ae7fb66e87L,0xdd8e344c48afd9bcL,0x2f65b11c119fb92fL,
-        0x9dff92f896a00df2L,0xe2fde0a4be17daf9L,0x0000000000000057L } },
-    /* 31 << 168 */
-    { { 0x65ad3804ea9ec2a2L,0x44155525f7c6d675L,0x7c1934b57d7cdf15L,
-        0xa9ac66b468cc4856L,0x98b006b4ab305ce3L,0xc0bbc4242c87391fL,
-        0x1c8056caa6fc5d89L,0x91c2a6af74ba9ca6L,0x000000000000007dL },
-      { 0xa0b6f93e661a095dL,0x91a7b4d05deac6cdL,0x151ef226bb2331fcL,
-        0x37ebf47e93095466L,0xab8aa36598606ec4L,0x27d7aaadfc03f039L,
-        0x0c431597fdd46012L,0x0556f5285af06a03L,0x0000000000000118L } },
-    /* 32 << 168 */
-    { { 0x7eff6eb56037ff54L,0x78cfc774963e7cb1L,0x48d139d16b3956a1L,
-        0x3265461a619f159dL,0x80dcb967a3b1db5eL,0xdb164bf4f293c925L,
-        0xb0a372de83b65b62L,0xda262fd344760c21L,0x0000000000000058L },
-      { 0xa8f9432da6dfc562L,0x0c7b74ecdc54c213L,0x56b4b751df24c7e3L,
-        0x5b32314bb42c77d2L,0xcf2312a419053195L,0x60bf22144f2c75ebL,
-        0x0207884171877095L,0x8acd999da44f75faL,0x0000000000000152L } },
-    /* 33 << 168 */
-    { { 0x45a2719a8907ce54L,0x013d1b3aea166fa5L,0xed88621b21199f5cL,
-        0x7700e61eede4254bL,0x5939852d884c08a4L,0x19734a9b2d1d89aaL,
-        0xa246df9f0dfa3941L,0x9879316c979c73daL,0x0000000000000151L },
-      { 0x8dbcc1180b113864L,0x7ee1a88ce82525b4L,0x0c43f86653bea16eL,
-        0x37ff6f028824f34eL,0xfa8838b9b027581fL,0xed25a70c8647d511L,
-        0xd63ae1953618e600L,0xcf0b98339b9a93d4L,0x000000000000003bL } },
-    /* 34 << 168 */
-    { { 0xd506324903eb9185L,0xf65164dd7c1fcccaL,0xb69558864fb70360L,
-        0x0d697e8afac2988cL,0x9c4c06a537c97636L,0x635c88f58055600fL,
-        0x4ea4c09a74703af8L,0x81ec33b9e7a75723L,0x0000000000000089L },
-      { 0xda9a2dc047213f93L,0x6ed717efabaac078L,0x3076325bed22d7f4L,
-        0x951dc05863bd3f8bL,0x77f1cf965b1c8d00L,0x9dea7ebab5941b35L,
-        0x293095f4d4e61491L,0x0e7ead86eb9ae037L,0x00000000000000d2L } },
-    /* 35 << 168 */
-    { { 0x39f9f819f6c209f4L,0x089db5253c2a5cb7L,0x20c5ff24accedeb3L,
-        0x82f84b46d2b5c3fdL,0x1a1ed43fb90a33ffL,0x436766d3e973e5afL,
-        0x2294111437456b11L,0xe860807c70ae9ea9L,0x0000000000000059L },
-      { 0x9009e20ab72f6cccL,0x741fefc4fe6e5cafL,0xf1a848dd63098fc9L,
-        0xac752a505ede32ccL,0x9efccb9732ba5b6dL,0xb2856b15b94e8d20L,
-        0x99e35bc499607f7dL,0x113f31762f82564aL,0x00000000000001d6L } },
-    /* 36 << 168 */
-    { { 0xea8b99529f5e6fbaL,0x667318ea35ac6c04L,0x7485f1c55ed348acL,
-        0xee18ff33019501b6L,0x90107a5f3e904e7dL,0x2ec33497aed29e07L,
-        0xafd289974c20de45L,0xc48cd0bacca26170L,0x0000000000000018L },
-      { 0x9ba74136a948ebdbL,0x78ed508ac81acda0L,0x9facc76fef5fedcbL,
-        0x36faeef8a3b6ddffL,0x5624949573b54036L,0x089e6fa3c9408662L,
-        0x1604ae228f9f0744L,0xc1297a7657db098eL,0x0000000000000065L } },
-    /* 37 << 168 */
-    { { 0x3992cb6807815aaeL,0x7195db4f1b803175L,0x97cd250b424fb1cdL,
-        0x016049f38ff45927L,0xb64141ada1ad30f3L,0x8f16a5857dd25547L,
-        0xaec66e6aea7f6a7fL,0x4dd29ee57846a86dL,0x00000000000000bfL },
-      { 0x6e964890f5112f11L,0xb011a6269bb780f1L,0x6e448385bd208e60L,
-        0x5210e0dd83eb0a37L,0x996090715d94a88dL,0xc8bfcac7273e631fL,
-        0xfc414a18bb2f9b24L,0x975182160c054385L,0x0000000000000196L } },
-    /* 38 << 168 */
-    { { 0x9b304aea874e82c3L,0xffbfb0822b7d090aL,0xd9196a7d06ec403aL,
-        0x9209f5cde36151faL,0x8935c8aae25e0c13L,0xdb1a4c7716593d65L,
-        0xd1e963377d694686L,0x4356bae0e08dcb7eL,0x000000000000001bL },
-      { 0xea20f2c0c14af785L,0x48d27833a4295f88L,0xf05d85ca6c7d3114L,
-        0xe58db881730ea2d3L,0xdfbe2a686b20c2a2L,0x31768d41efcae9f4L,
-        0x9cb4a4e393d8386bL,0x63ce4ef1ad75a399L,0x00000000000001f9L } },
-    /* 39 << 168 */
-    { { 0x5614856e14f693f9L,0xee48d0157ccc71a7L,0x943ba66129590c3dL,
-        0x154b5cc174db3bfaL,0x3d1ee077d73d37dfL,0x05d5e0cea58a17d2L,
-        0x6abb262dfdb1cf05L,0x858b3bec8b39082fL,0x000000000000013aL },
-      { 0x394f12df6ac53fe7L,0x9d14a39e3a811443L,0x051a0ce3addbf1b9L,
-        0x7e4fc131013bd7c8L,0x5795cfb876750d1bL,0x14f8ee5d3ab7d068L,
-        0xcb83f31d2f526886L,0xe6f51eea0b3f327eL,0x0000000000000032L } },
-    /* 40 << 168 */
-    { { 0xe17cf4f985e05448L,0x5e29ec55936b85d7L,0x5f4969344230c449L,
-        0x6fc1d8a08206a6f0L,0x399712364d5d2de2L,0x42689259be3a7848L,
-        0x77279b58c493be56L,0x43cbcf5c7d422c0cL,0x0000000000000004L },
-      { 0x6b1df3f0438b9048L,0x293cee3bd53799a6L,0x44b4dee8945bae0cL,
-        0xdf3236a21fc75aedL,0xead6de57fed25024L,0x68541a4ce87d013fL,
-        0x72be3aeb4a734d6eL,0x5e84735bc7371e3cL,0x00000000000000f3L } },
-    /* 41 << 168 */
-    { { 0xd3aca247bfebd246L,0x7d956df376ca7483L,0xb7b30bf20f3a19b4L,
-        0xb062c4b5697de983L,0x31cdaf2d79521344L,0xb8daa6236ced6cf0L,
-        0x73830cc4156e1821L,0x6364e445b8644ed0L,0x0000000000000152L },
-      { 0xb26d84846704d687L,0x42ebf82d2c2b018aL,0x68b526dcdc65295eL,
-        0x145615d496530ca1L,0x3ece93877955b80aL,0x177d234769f38006L,
-        0x19f33f4c84e14bbaL,0x01c98346e0704d10L,0x0000000000000082L } },
-    /* 42 << 168 */
-    { { 0x735eb443357ba15dL,0xdfa17a9a54409ca0L,0x6ef5378cabc39f28L,
-        0x7936cd2a1ccd0467L,0xd85db56a5c9af9e0L,0xfcf9e3d12316133cL,
-        0x3904ded86c2487c6L,0xbff674d2b8cc515cL,0x00000000000001ceL },
-      { 0xbb912bd83ddb6e4dL,0x9d82f6936116dc27L,0x3b72986d952ee214L,
-        0xc932e3fd03c36dd4L,0xd787bc68500decb3L,0x39092ea64b6dc85fL,
-        0xb3cb876162e68168L,0xc4df21b060e2d9eaL,0x0000000000000029L } },
-    /* 43 << 168 */
-    { { 0x77cf38dd8b9bbedeL,0x7b0a344f7b110970L,0x18827ec691d85793L,
-        0xea6a1f394d11d455L,0x2fcabbd4a81e87bbL,0xeae28f10dc775f92L,
-        0xa3df2a95e8acef4dL,0xc5e112384901a4f9L,0x00000000000000c1L },
-      { 0xda7885dbc589a008L,0x1054bc12edbebdf5L,0x24ffbe9e60727f53L,
-        0x89be3122c2e1b79eL,0x28e91a4be68dc55cL,0x2232a01160a852c4L,
-        0x578de9e994036a7fL,0x6e5b3ef4936e8e5aL,0x00000000000000e7L } },
-    /* 44 << 168 */
-    { { 0x8a7b02d872e5f18bL,0x29c3db48b8dd1860L,0xf3b0f47fa5b307f2L,
-        0x6bc9ea8cbaf7b51bL,0x6651b8dfc59c6616L,0x11df28a9da6f33adL,
-        0xc8879af48b93d7fcL,0xc119ade4e9b03431L,0x00000000000000c5L },
-      { 0x6bafe0406631c4f0L,0x4ecf64f6c34562b8L,0x1ceb750c3c4c04caL,
-        0xadff4c89b93e2106L,0x9e281057459e3e63L,0xbf3b3cdd4b54f2c3L,
-        0x7547b18beb880314L,0x34d7af52e0663b30L,0x000000000000017aL } },
-    /* 45 << 168 */
-    { { 0xcf9abd89b41c4c8fL,0x5232bc8561dc8213L,0x02da5b3b1cbcb9e4L,
-        0x43ba9d21f98b522fL,0xa061c2b6534bf7adL,0x5f375638a48855a3L,
-        0xa0450b26113089e3L,0x9ce6a8484ff249d5L,0x00000000000000b8L },
-      { 0x9fbdac93bedac56bL,0x4f95bd5bcdf67eb4L,0x657253778d668ae4L,
-        0x762845ea23c3aa43L,0x3af6d2c21ff463b5L,0x6f2aeb6c0ec166d2L,
-        0x134f65a49be5d26dL,0xeb728f6afabccaddL,0x00000000000001a5L } },
-    /* 46 << 168 */
-    { { 0x4a0927077c43553cL,0xabd2598f43690980L,0xab06313fa8572f82L,
-        0x56e8f3ac4cb0844fL,0x0bd7554aa69f60b1L,0xadaa48b599f8ff55L,
-        0xc7f85e160e0ed3d2L,0x906dfd3f77e510f2L,0x0000000000000064L },
-      { 0x1629167574a41facL,0xc679c38178d601bfL,0xee9838c2bd9fa391L,
-        0xe1fabfc20c7f88abL,0x7759b0943183eaaaL,0x62bdc1f4cf96a23bL,
-        0xaf85e735b9a8dd9bL,0x1be45d2bfe461052L,0x000000000000017fL } },
-    /* 47 << 168 */
-    { { 0x8add55157869f938L,0x8328e90a3567ecdbL,0x265f489d0ab7633aL,
-        0xda46aaa44a9a5a8dL,0x725f698404b3b4a5L,0xd5cb793e1d7e98acL,
-        0x77a2e141b724608bL,0x711415c04b81416cL,0x0000000000000173L },
-      { 0x5d2381001f95cc6aL,0x8eeb20613f6f9261L,0xa9f048ce38ff1f73L,
-        0x39ff65199978b00cL,0x1e81ccd1a7a52e68L,0xfd1103a50c01e3a2L,
-        0xd533b3a501de60d6L,0x7746c9c4374412d8L,0x000000000000013fL } },
-    /* 48 << 168 */
-    { { 0xfbdd71d76da23955L,0x58aed61e4e9dca11L,0xc8f75ddcc41906acL,
-        0x37020b118ae30a21L,0xf91295233fe85c4fL,0x201400fdbe4b3724L,
-        0x9739962d3a2d4446L,0x917e35cda0f4b655L,0x000000000000018fL },
-      { 0x99496b29ae9e0ffdL,0x98a9369f6dc1cb95L,0x5db5ca11cf116e11L,
-        0x3df10d8508fb818cL,0xddc80cc991ddcd37L,0x8e8647da496af53bL,
-        0xe244c394573a894aL,0x056a45e741b4de2dL,0x00000000000001a1L } },
-    /* 49 << 168 */
-    { { 0x84c2553f194efd8eL,0x15247b56051d3139L,0xc1e3437f7cdf7295L,
-        0x8c154778be6ef662L,0x809b77523cdb4e9aL,0x573cbaf2cf155669L,
-        0x083e1d6cc2fec451L,0x879d2b2408e53cb4L,0x00000000000001f3L },
-      { 0x6ed740af3991a529L,0xcf5df2320ee78333L,0xd597b1865f2a7fe1L,
-        0x169b4d47e1da55b6L,0x4b61da2128866db1L,0xbedf5c1851a98c39L,
-        0xbcfa723bd4c47affL,0x293bc51c24bc0569L,0x0000000000000193L } },
-    /* 50 << 168 */
-    { { 0x2a3902169926b505L,0x8d78ef77e00be256L,0x1b4243060813f0f7L,
-        0x7bbe8aea99e1bfc2L,0xee0d8bfb2c16d048L,0x0f52f62c16927281L,
-        0xfa1eed898b0aab8eL,0xc960284b03aa8ec9L,0x00000000000001f0L },
-      { 0xc0cea54084e2c7d4L,0x2c967298631cd12fL,0x9d363cee377d24ddL,
-        0x8044dcd6a5143a2eL,0x827cd09de5438b71L,0xfa445ab5e086affdL,
-        0x6bde5b7ea21ab95cL,0x473e55f7e1344c94L,0x000000000000018dL } },
-    /* 51 << 168 */
-    { { 0x1806b23055de5e11L,0x66181382a8b7907bL,0x9a53b2cd761b28ffL,
-        0x99b04005e0d8111fL,0x2329d028af15774dL,0x0c69a9aeed7ab9b4L,
-        0x679b29e25ba9fb26L,0xc4da383c1109c306L,0x0000000000000096L },
-      { 0x0c596d701ec7b181L,0x2320a21d38dd635aL,0x76fb5cbbbef074c3L,
-        0x659c69f34c245d5aL,0xd4cb6c4f73910addL,0x7a9b35b02bcb561aL,
-        0xe6a998c30b42e5baL,0x1d13f70aedffeffeL,0x0000000000000050L } },
-    /* 52 << 168 */
-    { { 0xb063202f31fe14fdL,0xbb003d9c8bbc840cL,0xf0e2d2cc3d91dd50L,
-        0x09db1c24722cafcdL,0xdb3b82e189c2e546L,0xe719cfa86f470d17L,
-        0x909871aeb4c59142L,0xbce979234a64f3fcL,0x0000000000000112L },
-      { 0x95b635710d88533eL,0x778f74c30006844eL,0x2821500ad11a08e6L,
-        0xcb91cf3a0d64bdc9L,0xe1ae9e56e2129232L,0x7f7c927ab11ff55aL,
-        0x8db638e4416ac07aL,0x3a38dd3d1d2c2dc4L,0x000000000000002bL } },
-    /* 53 << 168 */
-    { { 0x12c5026f19d3a430L,0xebd36b518531be4aL,0x2d0eedc93dca12efL,
-        0x441f0dec6cc652f4L,0x8b0fd67bf1272c4aL,0xd9b90373ecb89af5L,
-        0x75514cf9029341daL,0x438f0a8da9e45ec9L,0x00000000000001d0L },
-      { 0x79fa46f4b976862eL,0xbd0b6a77cc80c75aL,0xf37779ebb69d3f59L,
-        0x77b1d47d8cfc2042L,0xab8c9d21eb6f9983L,0x02620b797cff3615L,
-        0x4000cec1d74dafd6L,0xd5cc4e4a5cc17f2fL,0x000000000000000aL } },
-    /* 54 << 168 */
-    { { 0xde6d2f0250b19dedL,0x17e09363c883d0e3L,0x583f1980473a0d98L,
-        0x669ec3ddc3666af9L,0xfc4c58c495d4ca2fL,0xcbba5d0a4125183cL,
-        0x878a81f19cd646daL,0xc3fb9edf12f64d9aL,0x00000000000001eaL },
-      { 0xdb504ffc97bd5280L,0x05aedba0a49b016aL,0xfdada5630d234e6eL,
-        0xf7d210f9201efad7L,0x41e2fadcbad7f0c4L,0x8746684bf35f6af5L,
-        0xebc37b5a8f816409L,0x5fe729b874ccb6cbL,0x00000000000000feL } },
-    /* 55 << 168 */
-    { { 0xfdc15977e34a2d53L,0x03a3ecd71eef5a01L,0x4a024948549c37d6L,
-        0xf9b6ebba3572805dL,0x8468d745a3904985L,0xa446d8636fe46f66L,
-        0x6425a52a6242e469L,0x0d8ea4349722c51cL,0x00000000000001dbL },
-      { 0x11603f9e75d953e9L,0x424af418470a0f3dL,0x62dec6c2e5d8071dL,
-        0xd26d146f32dad225L,0x99f756df8f286bb3L,0x4c0f5d7c1dd19cbaL,
-        0xdb43a2d1dbe50905L,0xce07db2555d15d34L,0x0000000000000145L } },
-    /* 56 << 168 */
-    { { 0x060ad0b2473d5f1aL,0xba73eccaf0d23a2aL,0x38ff0b96b44913b1L,
-        0x551791f011ef6a24L,0x728c5333b5d8ff2aL,0xa22a2fb1f6c23b09L,
-        0xfbf8a99a6442b975L,0x2433fcf020e16f2cL,0x00000000000000d2L },
-      { 0xd98e567c33ad7094L,0x386b2d8e3689fe95L,0x842afb8d5d2e0b51L,
-        0xb04c9c8d2f412733L,0x09acadadc3a3812bL,0x6ca2083c78c320ceL,
-        0xdff84922933deb8fL,0x729eef0f270fa28cL,0x00000000000001ecL } },
-    /* 57 << 168 */
-    { { 0x0e70ba30d1457b21L,0x06d7b4372aaf52a4L,0xb5fd37195a0d8d07L,
-        0x57f2d337eaca1022L,0x2fb19653b038b66dL,0xb7aab5519f1835a2L,
-        0x183eb2b9e5565ff2L,0xbe91ace36018b442L,0x0000000000000052L },
-      { 0xcfbd5ca05082d526L,0x4f358cf275761316L,0xe67eeb30dbf98fffL,
-        0xf3719573a45ffb48L,0x1fe011d829cc0c3fL,0x640743f0507ad2f6L,
-        0xe2e66fb4d225c2fdL,0x37933dcbf3f6de1aL,0x00000000000000beL } },
-    /* 58 << 168 */
-    { { 0x56d47bc171146be1L,0xeb3ec09f4e911458L,0xa9dff639184c52e8L,
-        0xe68567f4b5d0a63eL,0x1c2ee8b7126e32dfL,0x731d04202898412eL,
-        0xfc01fc84e0b2f347L,0x0599ae70d031d939L,0x0000000000000011L },
-      { 0xb90a4fc12e48754aL,0x8c4c8dcccfc67435L,0x8986e7b11cd90cf7L,
-        0x080af15a92813705L,0xf31e604f94c68b5fL,0x178bab1966ad70b8L,
-        0x017bfa632a529227L,0x1e4d20d3e0e9d229L,0x00000000000001bfL } },
-    /* 59 << 168 */
-    { { 0xd7680aaa26e31466L,0x90f7d3a84ed9df83L,0x7ce63b23f4cc85fbL,
-        0xc97e8e4d3d2b2ee6L,0x8e1b908f2f0ca474L,0x6d334abfe6f70df8L,
-        0xc8ba8486ab24e38dL,0x21f8763be7ca8513L,0x000000000000018cL },
-      { 0x238477ee82cf6a21L,0xbd6b5c610164a8f3L,0x4a931e61674dad92L,
-        0x48f0a0a926e566deL,0x0e8886143f5f44c3L,0x42f5473b4302e1beL,
-        0x322092857a5fca8fL,0x4f77cc8c4b4b7cb1L,0x00000000000000b2L } },
-    /* 60 << 168 */
-    { { 0xa1dc7875d24cc937L,0x8bcc5f83efc3446bL,0x26da651ee8126a41L,
-        0xe784188a356f436fL,0xa5765424d774138aL,0xfc685d4cc8a96662L,
-        0x036ac0f080a3fd62L,0xec41502a6dd04e6dL,0x0000000000000006L },
-      { 0x6982079813ec2f1eL,0x52ceaa44e8f956dcL,0x9f8211bc6c221df1L,
-        0x4cedf8cfdcd0689bL,0x915c690a05fbe468L,0xb745f676942032b6L,
-        0x531dfaeb81ab170bL,0x63163f66951d11b4L,0x000000000000016cL } },
-    /* 61 << 168 */
-    { { 0x59a83a30ebfe0068L,0x532358c703d578c0L,0x20e092c3d7cb9ad8L,
-        0xea469bf62dec6c49L,0xcecff1a9d541249dL,0xe8346d1ff9970638L,
-        0x90c33c61a2e00cb4L,0xaa2babde0c03ebbaL,0x000000000000015eL },
-      { 0x6905928fd6423e1eL,0x68fd55acb4419fbfL,0x9475915a53727da0L,
-        0x6d4d6b768dd0d218L,0xeca16dd535e418acL,0x67962c9e28ea6a4eL,
-        0x7e5a60333071a0a4L,0xcaa404212bdbb2f3L,0x00000000000001cfL } },
-    /* 62 << 168 */
-    { { 0x24a1ffcd85febcc0L,0x4e2d4cce5fd15677L,0xa52aaecdf168ed5cL,
-        0x7fc6ca94de1944d8L,0x7b058166dc2e18f1L,0x6ebb51366c4c7ac7L,
-        0xa11f966fd06c33e4L,0xcc445c9f1e602e6aL,0x00000000000001e8L },
-      { 0xd8622d0945fc989dL,0x48b4f9dfc820794dL,0xb3a22f12ceff02c8L,
-        0x1fb5feb7350fc5d3L,0x6590d85b716bd79dL,0x923b166fb46d3df3L,
-        0xae7d111bfb66e05dL,0xf869c3913e382cb3L,0x0000000000000035L } },
-    /* 63 << 168 */
-    { { 0x91592d60beca406fL,0x2d8ce8f2838ff992L,0x194caec60bba2292L,
-        0x38833614c8d8769dL,0x04f36284a443febaL,0x3352e7afed8c2369L,
-        0x431ee9dbda6ad421L,0x2ffd00f078f1f563L,0x00000000000000d8L },
-      { 0x47fcd60325da5fc7L,0x5b55a33e45b44e69L,0xa8ea02a5be9c36d7L,
-        0x510aa45fcd6fb386L,0x1378ce53b8adeea6L,0xcc015dd0847ef47cL,
-        0x77f3813358f44061L,0xca4610c8de8eac82L,0x00000000000001a1L } },
-    /* 64 << 168 */
-    { { 0x0cfa67a640b0a066L,0xe97c179e8057a710L,0xb69d285227cce600L,
-        0xf7dde8c5419687d1L,0xdbcb15185d5b039eL,0x3e47772fd99abbe0L,
-        0x71c9c23ab2a9c6a0L,0x5af10b9b94496951L,0x0000000000000152L },
-      { 0x0f96137f2c91f83aL,0x1f743fa449f15b33L,0xd43b3ec0ccb4c1b1L,
-        0x895a3be3cfeea9b0L,0x27c3b4959eefee4dL,0xf1b4212712e344eeL,
-        0x023afa76ff929c1eL,0x3078097686d07325L,0x0000000000000166L } },
-    /* 0 << 175 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 175 */
-    { { 0x48a2fc84658b96b8L,0x039af24c465ebf34L,0xa7a9b0144f404eb3L,
-        0x80176ef0763ab5c4L,0xd4984b136b5617adL,0xa6a39ed89195ee81L,
-        0x1ce2974905c2eff8L,0x78aeff6c1281fa56L,0x0000000000000199L },
-      { 0x40cf462310374f0aL,0x89212e99958219f6L,0xe7599b2027b97cbaL,
-        0x1ae1cb659e551710L,0x62881658502e6670L,0x8f78ccf876e23a8cL,
-        0x78e165ad732cc46eL,0xd6b5ab1cf7670684L,0x000000000000014aL } },
-    /* 2 << 175 */
-    { { 0xb342d85dda44ff51L,0x54ba0522d08596ffL,0x3da8e8ceb0ac99c2L,
-        0xcebe6a9691f37dcbL,0x8ebad3d9c24d7d1cL,0xf11a4319c75945efL,
-        0xd4dfe534ed1ac001L,0x745e27721a521e4dL,0x00000000000000c4L },
-      { 0x745e5b41df65e0bbL,0xf8887b533b84ed58L,0x1a54bc479c0684eaL,
-        0xfd4f1d36ce9c7672L,0x490bc265ce5730fcL,0x2fa1ad6d8430adb9L,
-        0x0f117bdcb7db19b4L,0xbd339a789c246e44L,0x000000000000005bL } },
-    /* 3 << 175 */
-    { { 0xbfc7e834db350c46L,0x3c5690ac4efc9f55L,0x2fa3c78e3dac8271L,
-        0x0a74acbe0c8572aeL,0x8923620856c68aacL,0x8fca20bdc305b75fL,
-        0xb42c64d995be9334L,0xa738887613fa1dedL,0x00000000000000cfL },
-      { 0x03c242e114b5ce0aL,0x89ee94768381d1adL,0xdd3c7dcb2d1ceb97L,
-        0x64f13ad71ee7368fL,0xa014619a5ca7fdc4L,0x5a62e9bd3cf1e7aaL,
-        0xb9e9288a45541059L,0x3008f4f6055be852L,0x0000000000000019L } },
-    /* 4 << 175 */
-    { { 0x5f8fd91ae19a881cL,0x355105b08cf8a2c3L,0x442b97782810e499L,
-        0x930d835ada7972c5L,0xd2266522555ef4d8L,0x943d9adb64e05b06L,
-        0x480bd27f42fc02faL,0x9265b289699e5b7eL,0x000000000000008dL },
-      { 0xb60df9c855c7cd14L,0x62131e73270e2672L,0xe6983794672942b7L,
-        0xbf8c55d1817db72eL,0xc3785f3608a5963dL,0x4a6646098f39218cL,
-        0x95c868541b5b49ccL,0x045a0243178df85cL,0x0000000000000019L } },
-    /* 5 << 175 */
-    { { 0x52a05628990339a3L,0x5ef0637a72ee1accL,0x88b9dfca0eb46118L,
-        0xc529dec836cbba9dL,0x0a9a77cd549d674aL,0xba2d3b7b6e878eebL,
-        0x3585c2a2ed48127fL,0x79c54417a4fc7430L,0x0000000000000130L },
-      { 0x70f7b87e0affc41dL,0xf0e0487fd5b72949L,0xd9b820bb6ad325efL,
-        0xd3d96caf9a05b4d4L,0xb4785d8a951e1dbaL,0xcb985c219eb25fc3L,
-        0xb11c96769313e51fL,0xd6e66bc87fc01e6fL,0x0000000000000100L } },
-    /* 6 << 175 */
-    { { 0xccc1bb64b666ff60L,0xe786f358ba04b5c3L,0xbcd5e56d384c0ad4L,
-        0x5d22436fd0372bbdL,0xfeea9ed9a061a543L,0x6f81f168fa3d34beL,
-        0xf52059d24ba47193L,0x5ff055894ada65adL,0x000000000000006fL },
-      { 0x346aded56d4cabf2L,0x65e4b11f4f1a8ee1L,0x1521718b07eba73aL,
-        0x8a2f32bad16d7d56L,0x01d49595d3acbb17L,0x67625faad3f62095L,
-        0x7c3cbecf613b6059L,0x3908f6506118c496L,0x000000000000016bL } },
-    /* 7 << 175 */
-    { { 0x98a6459bb3ccbfebL,0xf71c7a35cafe23f3L,0x7bb7dc9d87162f32L,
-        0x547b6132e519e8a5L,0x3663ff8b259f407bL,0x5bf1ec1a75b127d3L,
-        0x00cb4c43429402e3L,0x129914ec09801ce9L,0x000000000000017eL },
-      { 0x4ce81e8a0e74a262L,0xd40155c7834f3480L,0x17b56afeb5575007L,
-        0xd977fa3a692ceb5cL,0x6efadcc239b47d03L,0xdcbe2b844d776ac4L,
-        0xfdc2c5f16ba4ae9dL,0xada2148824840515L,0x00000000000000f1L } },
-    /* 8 << 175 */
-    { { 0x06494428cab2443dL,0xc52ad2d86afd7840L,0x8ef6e0a6fce7b5f7L,
-        0x6151d2b3a82ae7e3L,0x08abb38a14e3b825L,0x9782e6f9366cada3L,
-        0x9f0127b25076c2ffL,0x2f29b7282d812ed5L,0x000000000000004fL },
-      { 0x7142e7e004e049f5L,0x9338a870d7f99e76L,0xf7e4837b72a90177L,
-        0xa7bff79911aacd17L,0x5442d6f2d1d10b06L,0x986e7bc45ecc3f54L,
-        0x02cf381831286fe1L,0x5cdc56d1cd383eacL,0x000000000000002dL } },
-    /* 9 << 175 */
-    { { 0x3383252d2cc34f63L,0xffaab47215c2cf2eL,0x04fb57cdf89242edL,
-        0x6b87076af9b1e42fL,0x9ee7a62c24682e88L,0x23d9fb1a99ffae3bL,
-        0x24a055cdce125019L,0x33ba5705ebdee308L,0x000000000000019dL },
-      { 0x911f2dd9f00fb803L,0xbc3c90d88ccecdf6L,0xac2a5eead4d059dbL,
-        0xde8cfc4cc3dc4a6fL,0xf51a932dc565a8b6L,0xe0ac04382b13a372L,
-        0x6f9dc1bf079c4979L,0x386c19b4d0c32e09L,0x0000000000000068L } },
-    /* 10 << 175 */
-    { { 0x7303ec69c80291f9L,0x0f2c64390c9ff7f4L,0x96c08ea0f3ada285L,
-        0x3cb50f3ddeae887cL,0xaba571fafefe26dcL,0x4e4dba336c6f1071L,
-        0xf5796982f02bda38L,0xa59c60b140485de2L,0x00000000000000a1L },
-      { 0x28d7c281cab044f7L,0xa5eb04fe515d247aL,0x5b42d919ba014b10L,
-        0xb150b4fbde221cc1L,0xb5cb8c3a22a5a502L,0x62c0da97cc37e34aL,
-        0x4b9bfb1f9e827814L,0x96666256c97679acL,0x00000000000000e6L } },
-    /* 11 << 175 */
-    { { 0x0df173a23adf88d8L,0x519aec4c0cd5f80fL,0x83c410d4af5f84deL,
-        0x9cc04e5db1f7f73aL,0x1aec97b529db8865L,0x12748d28220ee9e1L,
-        0x9fb6df0a4d6669a8L,0x02305a83b3714010L,0x00000000000000f4L },
-      { 0xbd96e2ea2c8a86caL,0xc5436ccd0f9a14c0L,0xf428f7fcf0d34672L,
-        0x952b703956697a68L,0xdffdd1770bbf56c6L,0x8b4ea6932b65057fL,
-        0xdcef28d3630e47e4L,0xef879aca74cb48baL,0x00000000000000b6L } },
-    /* 12 << 175 */
-    { { 0x415fab9a8b894ac8L,0xb189914d64822449L,0x0abfdbf50f4b9444L,
-        0xa333e872eb96cf1fL,0x91d3473db8c5318aL,0xbb5740e624d09cb4L,
-        0xebe6ef7f5b5d73eaL,0xbe33338809f67393L,0x00000000000000fcL },
-      { 0x9970d38e1ffa22b4L,0x00d1fb74003e55f9L,0x0d1ef824820f7bfdL,
-        0x4352125173fc040dL,0x295f8a66e51b5870L,0xceacb67d3dbfe159L,
-        0x0ee77417a218d2feL,0x25a0e0a9f3b7d44aL,0x00000000000000f8L } },
-    /* 13 << 175 */
-    { { 0x3e2e135a15a102e1L,0xa4b33d115fb3faf6L,0x12da9549693b3a58L,
-        0x32c39adbee7132b1L,0x87da9a38fea6b800L,0xd32b22eb92074fa9L,
-        0x3f8d05570673a898L,0xfededb49a5044d27L,0x00000000000001fdL },
-      { 0x89658bcc94e1a724L,0x5ad21f6e48a02c0cL,0x4d17fd1d0c70669fL,
-        0xdef09b95709fc4a4L,0xbbf206eb610ed18eL,0x4f454d2e2282af7aL,
-        0x5c8334bb75660c93L,0x0037d62bd4064169L,0x000000000000006fL } },
-    /* 14 << 175 */
-    { { 0xc1f7698483ef0448L,0xc4d18389fb276974L,0xfef2c810e52836c2L,
-        0x3687104bc09e4020L,0xec3248ef0cc4bf06L,0x38daa51bc401078bL,
-        0x84bd9f6157bc72f2L,0x68b23e45003676ebL,0x000000000000009dL },
-      { 0x22526e98d78b9d6bL,0xc4ccdc71c4f28366L,0x7dd12d941c646b9dL,
-        0x0cc00136931bd51bL,0xfebf1e1e512ec8a6L,0x6bc281f6bdc888b1L,
-        0x0bc271f3f6ab354fL,0x27d1ee7630c4e559L,0x0000000000000038L } },
-    /* 15 << 175 */
-    { { 0x98275c41fd5ea81aL,0x74f37478b8ebd833L,0xb91006f1e7e3e071L,
-        0x6c900f222a0389e5L,0x7fecd4c8919e031fL,0x36625840d6596951L,
-        0x3f43ae32a685759dL,0xfb2b004d44199a43L,0x00000000000001faL },
-      { 0x92383e835e0731d2L,0x387ddec2cdb84d5bL,0xd4dbfa0ab10f9abbL,
-        0x50172a7a4e02cd21L,0x6b1b8c40d0a95f48L,0xc47d694d5c2cd4f6L,
-        0x4b0402695e712406L,0x4fb68605536a77c8L,0x0000000000000041L } },
-    /* 16 << 175 */
-    { { 0x12427d324acccf77L,0x3194664ffb77f869L,0x07e01cac61a58e24L,
-        0xc506637b91bf22b5L,0xce7d0251dd2d701aL,0xf9a662d4befc0d7fL,
-        0xa54117ba2c6c9454L,0x31864e416978e919L,0x000000000000007cL },
-      { 0xbbe419029d971044L,0x68742001f8f24116L,0x6d0065933e4a40ecL,
-        0x9fc1b8e282771429L,0x59b2f9342e7968caL,0x4817f90b470dd353L,
-        0x3d32e10f7e2c1429L,0x43e9474e00206509L,0x0000000000000076L } },
-    /* 17 << 175 */
-    { { 0x30a937cc52c7da7aL,0xe5ea72ba19c1f2b9L,0x6bc71d9c417aa5aaL,
-        0x10aab323644f9edbL,0xcb37ff967bfdcf69L,0xb0a66538b7e9b0cdL,
-        0x40d040ead2138d03L,0x8aec105b0bb5c9fdL,0x0000000000000074L },
-      { 0x19ed6f4d481e74caL,0xc36fb9f46f0a3b87L,0xb010d6af88bae63fL,
-        0xc7eb8196dc29e08bL,0x4a7e448713523497L,0x9c01c48c96c052d3L,
-        0x71342956f6210924L,0x8034186347f93f2aL,0x0000000000000099L } },
-    /* 18 << 175 */
-    { { 0x2ac928fa4ffa68bfL,0xafb482236b647009L,0xa7b54f134cfae9cdL,
-        0x8a271e4bbb3f772cL,0x78faaf7ebf953d68L,0xb5f12134519aa8e4L,
-        0xef343445359ae969L,0x86e25aad76816a06L,0x0000000000000110L },
-      { 0xa0b1814536a88707L,0xdd48d1f21f9a1284L,0x48670dad845e01beL,
-        0xc13d5aa9fc7fe6a9L,0x611969b964757542L,0xa4529c72689bb1c7L,
-        0xd7c3f96a06f31f72L,0x8b09a45a5418d15eL,0x0000000000000121L } },
-    /* 19 << 175 */
-    { { 0x0b8c943bc8c379e3L,0x00e426a148453fc4L,0x15fdfec387f6176dL,
-        0xd298cda5d2efc806L,0x8be18a1c7d81d810L,0x45580c064b172b23L,
-        0xac5fa9093b7607d4L,0xcac47041e73d7361L,0x000000000000001cL },
-      { 0xb2b2c5bc0eed9820L,0x2cc057538ff7e335L,0x35caa1845f2063a8L,
-        0x342669b5a43751d7L,0x222d457413260988L,0x2bd0633f296a6b04L,
-        0x3c803e22f5904b86L,0x1fd07d57a93673c9L,0x000000000000019aL } },
-    /* 20 << 175 */
-    { { 0x58170eb934fcd20dL,0x8205ac09c669b90bL,0x2dd08c383d1c1595L,
-        0xea1217ac91da182aL,0x3c9275359d2cff8aL,0xe8223f7a2a4a396aL,
-        0xd206d341db22c77fL,0x6e03fe3227864348L,0x0000000000000168L },
-      { 0x3a717c4665d9bb06L,0x234158eb1431d7afL,0x389290045a27a3b0L,
-        0xd745267181008744L,0x7961f9c3055610e7L,0xe260f8a1936a3625L,
-        0xc05dfba284b88f57L,0x930747e71f67fd22L,0x000000000000002fL } },
-    /* 21 << 175 */
-    { { 0xc7079fd7a4e9afe7L,0x43bbec79f95430a2L,0xafb58ef46bf066bcL,
-        0x074e17d918835bd8L,0x9fa64f88ec35838fL,0x627686e0a6a44e92L,
-        0xb2fa7adbf0040657L,0x064a31740debb6c9L,0x00000000000001a8L },
-      { 0x37d6f29579c093ddL,0xa72f5b6a3288b841L,0x46c586707cfe2a15L,
-        0x221b3107d1f7e80fL,0x0e332aa17826dad0L,0x38c9217328c7b27fL,
-        0x522ac38d4d0aec11L,0xdc271d8fcef88378L,0x00000000000000b2L } },
-    /* 22 << 175 */
-    { { 0x886c7f2258ef1600L,0xd581f2bc4eb5bba0L,0xd6c7b858e64666b2L,
-        0x114250884e813bb2L,0x428e86f000c98e08L,0x3ac9b40376eb5c59L,
-        0x904f313961bd2db8L,0xa3144a05c71cfa5dL,0x000000000000002aL },
-      { 0x002ee77cb69fa450L,0xa1f5050c87240a19L,0xd7df65abbe333836L,
-        0xb64362dcb8cd4a96L,0x058d9bc3d814096bL,0xad04c7e39687901cL,
-        0x67aef9e2f5527030L,0x20dae8096f375a8bL,0x00000000000001ddL } },
-    /* 23 << 175 */
-    { { 0x6cdcb4f4d7358b2aL,0x721a661239de828fL,0x90fe45b87849fa10L,
-        0xcbf025e4f5f3dd29L,0xafc867ddd5e38af7L,0x445f0caec89ee1fcL,
-        0xa1bb95133a94995aL,0x9e2677e8a7fc2cc0L,0x000000000000013bL },
-      { 0xfaac6a7e45067fe6L,0xf6e4b6c3db3c4c8aL,0x9505248205472bc2L,
-        0x99a92d49b96169dfL,0xe9f7dcdc77a9943fL,0x5962e40811c6f013L,
-        0x9f2209abb25ab9f6L,0x9a3c6ccf1c4e31c0L,0x00000000000000abL } },
-    /* 24 << 175 */
-    { { 0x2124d45c3f9900d0L,0x2452fe1db6a32111L,0xf12b476586f1f700L,
-        0xc04e44ec977316f6L,0x582ca8509705fd58L,0x51ef29493167cf6aL,
-        0xca75486404f204c8L,0x61dec7f3a46fd945L,0x00000000000000b9L },
-      { 0x78114ed6af6e04d1L,0xe1ec56f601a4b6d2L,0xc26f5416ba41c631L,
-        0x76b8204b7d9b9f82L,0x665fe0fec0565f61L,0x7ccd8aa573c27925L,
-        0xcd6756d82f58e901L,0x6e932418e8f75a4fL,0x0000000000000019L } },
-    /* 25 << 175 */
-    { { 0xf40476e4bcea293fL,0x7b36fc1824605173L,0xddc9d807136fecebL,
-        0x07e3f62b80bde5c8L,0xff1a3e28f192162cL,0x6e38386668f587e8L,
-        0x7f14a26b473ca679L,0x8370dc18bbb2a08bL,0x00000000000001abL },
-      { 0xc10876849fae944bL,0x8b7105dd319085b9L,0xa81fceb47e689653L,
-        0x9a69e78c74054550L,0xc13a53b0d742d36cL,0x57e2bd060cfde494L,
-        0x2d7eb0afe06377e1L,0x21f439a8df91f422L,0x000000000000001eL } },
-    /* 26 << 175 */
-    { { 0x11113aff28dbbef1L,0xac6ac5329515632dL,0x1e88244e42a245a7L,
-        0x30f28f4a9b0e20e2L,0x8bc178722b15e0ecL,0xc15e2549ba5a885aL,
-        0xb42f06201685ce7cL,0xd80f13b9df452e98L,0x000000000000008bL },
-      { 0x39df7724f9a80bbaL,0xc734b0bb28dcf06dL,0x6e09c92bb43a5cd4L,
-        0x175127da8c0ee83eL,0x50bde213f88485b4L,0xd9f6c90124a0ef83L,
-        0x66ce46bfc205d20eL,0xd6f1c04fde4968adL,0x00000000000001a2L } },
-    /* 27 << 175 */
-    { { 0x0b0c0c46b26e8efdL,0x9afae2cbef3aeaf3L,0xce90d21ea18d8d77L,
-        0xd951a21fb7ae720cL,0x33317bc9a460d39cL,0xe5be6b979a5930baL,
-        0x9ea57837ae7f0e7bL,0xeec5b7efc747589eL,0x000000000000007fL },
-      { 0x454e0e744ac962c6L,0x3b802e2b396bb8c0L,0xd3aa625a4cd0c242L,
-        0x44ea67800cf000fcL,0xce7a84112be0e87aL,0xa9448c66754f626bL,
-        0x62c789ed9e6d6832L,0x0f5bd24ad7463e7dL,0x0000000000000096L } },
-    /* 28 << 175 */
-    { { 0x920e0cf981414e26L,0xb45cf442498a580dL,0xd424e9e24cbbfa67L,
-        0xe64390071decf2e2L,0xc7fae004d9051a61L,0x9fd02f2898e66be9L,
-        0xcc4afb0b419b7e92L,0xfd421f03ef8af4b3L,0x0000000000000126L },
-      { 0x7b45c797e0e5eaccL,0x04a9b25f202041aeL,0x27888ac85849c309L,
-        0x9325ce353f58628dL,0x90e98c4a25ef6fdbL,0xf4ff673cfd3dfdf2L,
-        0xe56aad1a32ccfb2fL,0xa6c6d2caab9d6f10L,0x000000000000011bL } },
-    /* 29 << 175 */
-    { { 0x4a4d81339e5e7cc1L,0x80abf8ea31cb6f3cL,0x098274246ffe6f1cL,
-        0xa164acfc5b814af3L,0x5141097ba9b76b27L,0x1693d5fc6e26a0a5L,
-        0x70d5e6e75223f787L,0x417a7ddfd3686b7dL,0x0000000000000082L },
-      { 0x9315994a8004c24aL,0x1bb50e549423011aL,0x0c8b3470ead2f81cL,
-        0x9afa2a0e52c11f14L,0xc7094b863b019170L,0xc3405dacd8518bb6L,
-        0x3df2a5c805b718b3L,0xe0dbf810b65b9d21L,0x0000000000000038L } },
-    /* 30 << 175 */
-    { { 0x13f45d45ed942a64L,0xfcafee83705cbec8L,0xbc9a11d052186f58L,
-        0xb5ec924941ee3189L,0x71d770cbc95c6c4fL,0x7f348c27d610f241L,
-        0x9116747564ab476fL,0x30396f906d8350abL,0x00000000000000b6L },
-      { 0xb866ca72a9c8b74bL,0x26aeabdb3d3df97bL,0xd4ea56a365cae75aL,
-        0xc873fde088facf27L,0x4d4211cedb995516L,0xa01cf05289799b04L,
-        0x55d85824d0f0c2a4L,0x434682b0dd83ded2L,0x000000000000011dL } },
-    /* 31 << 175 */
-    { { 0x920437b6b0463ae7L,0xed6c97665155b076L,0x06ad4f3c0a2cdb79L,
-        0x98cb88f2485ffea3L,0xc8ba1b252988de4dL,0xce3a27f73529a997L,
-        0xb1440b30b2796951L,0xb810edd37887e411L,0x00000000000000c6L },
-      { 0x22d9308a6c094e06L,0x01d5e2e57cb1cafeL,0x2587378cc3de4bbcL,
-        0xf60e9c3d774d4435L,0x689cff22147428d4L,0xc3dc80c093139fcdL,
-        0xb3c4ba93c526a089L,0x623be8e82e6e4891L,0x00000000000001d3L } },
-    /* 32 << 175 */
-    { { 0xc03c182d851368eeL,0xbb94a33d57c919f2L,0x9cf0c767e333ace3L,
-        0x037c7d47d974de7fL,0xe96e02cf8b18fa5cL,0x6f1a3e9126cf35f7L,
-        0x47affdc033486c59L,0x2c370bfeec8c2a2bL,0x00000000000000e1L },
-      { 0xdce5de2c18a3f84bL,0xc4bb672e2ad42ca2L,0xb6581d7edd0731b2L,
-        0xb6ca46ca2809ac7eL,0xde8edba2189b0ff8L,0xa72ee3e81ff4631dL,
-        0xf44a8fc6f1004bcbL,0x103dd1b9c8878531L,0x00000000000001caL } },
-    /* 33 << 175 */
-    { { 0x4d01b08c332bfc6bL,0x8223c8936205e95dL,0x4d003a46cb91bfccL,
-        0x08316e3431e111dbL,0x30c85a86e0c13d49L,0xce3c5846b4fd3073L,
-        0xe4b316bc05c18409L,0xd7e8304cc72b6cb1L,0x00000000000001ddL },
-      { 0x9ceb7fccaa1fc1eaL,0xcefb89e96f61cf07L,0xb1728fd5a3daa487L,
-        0x2476192440ab1f39L,0x23d5fdba2e9e2328L,0x0ba18c70f81dd4c5L,
-        0x61333b1c10884f58L,0x57ef145f6496ae54L,0x000000000000014fL } },
-    /* 34 << 175 */
-    { { 0x5bf22305ea6d16ecL,0x1a13c5bb3ae82195L,0x622ea9454f1c43f7L,
-        0xdf1011f675063cf4L,0xbe98aca99eec62e8L,0x2face80fd88258b0L,
-        0x9e3dd0c4bd532a0aL,0x1c13334252ad512bL,0x00000000000000faL },
-      { 0xe7004937964433d2L,0xf15f8f25b5d0a434L,0x392242bbb1c07babL,
-        0xfd3c197437177cfcL,0x611a58203051cf50L,0x4a830e19f9c0b4ddL,
-        0x2675d3aa2d92d1b7L,0x7a2ae9dcb649859eL,0x00000000000001e3L } },
-    /* 35 << 175 */
-    { { 0xed601d01372f2e61L,0x989f14361e886ed5L,0xc924db9cee004808L,
-        0xbe07b40b7469977dL,0x2be5445a075e3ed3L,0x2dcb8edfb00fb21eL,
-        0xbc859cd63ee23c76L,0x484c8988125dd98bL,0x00000000000001dfL },
-      { 0xf6b5b6871f25661cL,0xc95ad2c580939d4cL,0xfa12444f920a40aaL,
-        0x7880e344a99e78a0L,0x6539ed2251356672L,0x41f6c73ba4910f50L,
-        0xb6372d7ea09afb69L,0x6e7a691b1e8c75a4L,0x00000000000001adL } },
-    /* 36 << 175 */
-    { { 0x659f832f1cc592e3L,0xd9c86a4591c3bf97L,0x1b1166b918c82b12L,
-        0x82ad18e294eb33ffL,0x0678927a15699561L,0x7cd0ef8016f7b8a5L,
-        0xfd885fe19451b7e7L,0xaf7de79539a9fc7eL,0x0000000000000052L },
-      { 0x6f2206e984cc8626L,0x71d11d08a976b5b7L,0x0ac59e61b66812ccL,
-        0x1b40ab0a9c675e35L,0x6562f93810775f6eL,0xc2da3006def4955bL,
-        0x89a9418346554627L,0x2972033edfe70a84L,0x00000000000000f2L } },
-    /* 37 << 175 */
-    { { 0x985f25c699200f88L,0x262dad2bfac98496L,0xc9274cc72ed4811bL,
-        0x413e0b2d02b34d7eL,0x57462287f3201f03L,0xefa6d0a869264714L,
-        0xc052453a9baffce0L,0xab1111b0929171a0L,0x00000000000000e0L },
-      { 0x1358d4d4112c22ffL,0x2fbbda6874617bcdL,0xbe2bac8e85a767f9L,
-        0x5a30778114862b96L,0x82c0ea86a58e1ec5L,0xe096587186208bacL,
-        0xda711c4c6dd71c57L,0x8babe7ae242273a3L,0x00000000000001e8L } },
-    /* 38 << 175 */
-    { { 0xfb985617a96468b6L,0xc71a196944df6e18L,0xb8f7a7d810c008aeL,
-        0xdfa67bd1372d99b5L,0x328e967977169ef4L,0x20e3b7e505134517L,
-        0xfa7cac595097dc00L,0x09631199122797d8L,0x0000000000000003L },
-      { 0x6ef792160862ee06L,0x71996694a81f02cfL,0x133519becbd2e915L,
-        0x193f486759e47728L,0x90195620a28aff0fL,0x5da4a9d642049561L,
-        0x60372d2126350d3bL,0xa7b159f3c9f56af2L,0x000000000000003eL } },
-    /* 39 << 175 */
-    { { 0xa58f7256ccd817f2L,0x0465664ef4fbcf70L,0xad43a3ec1608a6a2L,
-        0xad7caae01bfe0a90L,0x3f2599a0b3a447bbL,0x4ddd47b8f61936f6L,
-        0x61a3607779e2c9edL,0x6cbe8278c92cb5b7L,0x000000000000013aL },
-      { 0x3c882911139061b8L,0xd6d348d221d48350L,0x5979da6b4860b3fdL,
-        0xd051bc321869311eL,0xf3ba42446ad422fcL,0x3b84c1810d1d093bL,
-        0x2f29f5a6a96ab441L,0x8f9c5d395bf8399eL,0x00000000000000e0L } },
-    /* 40 << 175 */
-    { { 0xa3b9aaacdc1c3f86L,0x529872b63f893dadL,0xff3e74c2e604ac86L,
-        0x39652c96857a9dd4L,0x494455e9fa60a469L,0xa11b7cbf1320b873L,
-        0xeb26217c6ee60a53L,0xf732544484560f96L,0x0000000000000125L },
-      { 0xdd6e98a1c4996f4dL,0x5fc566d07e9e70c1L,0x59e3c611dd9ee515L,
-        0x4d60fb0795e436c0L,0x50e75e0cc096c8c2L,0xaa7d04addebafd21L,
-        0x2fd1b14c7ea109b7L,0xd72ee3392594d6f8L,0x00000000000000c0L } },
-    /* 41 << 175 */
-    { { 0xff378e0a242ee38eL,0x38d26881d4264551L,0xca783b631e1df843L,
-        0x019aeefff9c95555L,0x2fcd1e94eb753522L,0x16c244eec1225950L,
-        0xbc7a6a75685338b9L,0xae67fa3b6215cf68L,0x0000000000000012L },
-      { 0x53b4e8f437defd78L,0x2263cc33e9d41961L,0x62814a2a2119dc07L,
-        0x50dd22ec96b76d54L,0xbf0b2b8727c615d8L,0x66c9c5f1730ae555L,
-        0xc04c86a937cd7d89L,0x451915bed4ed94d0L,0x00000000000001f5L } },
-    /* 42 << 175 */
-    { { 0xb3e69f756c45239eL,0xa015685259815529L,0x37951fa13984661aL,
-        0x8f7699e888e8fd3dL,0xae10f84b6ebf1690L,0x7f2baff5ec3175edL,
-        0x2d6f42f53266e09eL,0x94482ac1273e04a6L,0x000000000000015aL },
-      { 0xa3ed1424e85317c4L,0x7d9afa32db2a9492L,0x660fc8e609558105L,
-        0x611bbeb9a8be7a44L,0x8d66417600638075L,0x4685c94a4d7a0954L,
-        0xb23ae4dd1ec88785L,0x766a2eddccb991f4L,0x000000000000016bL } },
-    /* 43 << 175 */
-    { { 0x1c24478a341f455fL,0x8132a6b905502538L,0x5c23c4d9528d2865L,
-        0x6fd3bc4e93b35d0fL,0x88838b49f6f4768fL,0x60c0a07f18a8ded4L,
-        0x4fb44a8e0d71dcc0L,0x4b41b64efbd17fc0L,0x0000000000000198L },
-      { 0xdb828f7a2f01d067L,0xad69f37320b0b060L,0x650cdaf51f7c4be0L,
-        0x00b810e8ef9f47e6L,0x924e5a636e908d72L,0x4836dd4ef82efeeaL,
-        0x91855928e8ee36b6L,0x747f47d578e6199aL,0x000000000000001dL } },
-    /* 44 << 175 */
-    { { 0x7844a30e11f5f4d4L,0xbd36ad4cc9663248L,0xaf697c63af7b4892L,
-        0xe1f94853bb03fb6cL,0xd5da7f43e368631aL,0x970c4f6c783be7a9L,
-        0x2321bd2643f90845L,0x5030a262966a8c34L,0x00000000000000e6L },
-      { 0xf12d877ff7a82150L,0xbcdd93fea5ce6cbbL,0xe6c917b93c59668fL,
-        0x4184cf3046222b1dL,0x24b27ee14b67d28fL,0xba7e6f7345e0b96bL,
-        0x64dd699bf935b686L,0xaf0be69e62eb62c4L,0x00000000000001cbL } },
-    /* 45 << 175 */
-    { { 0x74ae258fe63f6b8fL,0x2f58e84b09144f8aL,0x858165d0064af3f4L,
-        0x77ecf07c5a2081f6L,0xd9e9be22e211fb05L,0x3758f5b14971cc28L,
-        0x68ca7d8af535a5d2L,0x2addd4138398e52dL,0x0000000000000046L },
-      { 0x442dfac0dc04d140L,0x6abc234ebae00092L,0x63209027118de0d8L,
-        0xb2510bc14b1bb070L,0x6bda803e3b104f51L,0x1821f785bcf2d58fL,
-        0x506f07e25785c8deL,0x9d78c916b2e16847L,0x0000000000000028L } },
-    /* 46 << 175 */
-    { { 0xd3bb0945ec04d3d9L,0x3a706fed4eca5fecL,0x9b228ea2c93eefcdL,
-        0xd412dfcf0a627f68L,0x906c39a812f470a0L,0xa115f5899c93c4ecL,
-        0x5f22b7175e649e76L,0x83ba978a159e8642L,0x000000000000014bL },
-      { 0xde363c41c76cdb50L,0x909b66c948f7ba77L,0x30d1e4ba7d0d3b17L,
-        0x39336ef38b390c4eL,0x8cb65cef53420b4aL,0x5c811baa11b8a142L,
-        0xa4be4bebf8eef3ffL,0x4a11fd509bc39344L,0x0000000000000097L } },
-    /* 47 << 175 */
-    { { 0x8474dd63efa97351L,0xa12cf18a58d6b638L,0x3bd605e35d890e6cL,
-        0x21cf4525a2127369L,0x7db4aa6a5466e713L,0x3f034b4fcda4954dL,
-        0xce44ccb88ede8849L,0x6e5ff0eb6fe75314L,0x0000000000000191L },
-      { 0xa700e7fe9dd62d65L,0xa2be6afacff305a6L,0xfc61f045f675a7e6L,
-        0x69be21693f984612L,0xb5e140abaabd7748L,0xcdac92d519c004cfL,
-        0xe28bf3bbd7164a07L,0x1ae1ffdfbe784423L,0x000000000000002eL } },
-    /* 48 << 175 */
-    { { 0xf57c47836c0f67a6L,0xa5704e7dd3a38f5aL,0x24fce48d4f9422eaL,
-        0x0dabc5a4d9982f3dL,0x6bf4f9eb3f09226fL,0x944ed407a196f481L,
-        0x949495bd7d88490cL,0xbae973645634cf1dL,0x00000000000001e9L },
-      { 0x5bebd8ee1e5dca35L,0xbac77371b329d451L,0x124ff920b7a9d67aL,
-        0xf7e8e1f69616c1beL,0xa518deb38dbc7e17L,0x13ffa792d52e3e76L,
-        0x6dc6ef5d93109227L,0x5ba160b49ce19c4eL,0x00000000000000ccL } },
-    /* 49 << 175 */
-    { { 0x1dfa85794d2a0cf8L,0x48618e4b2bfba0c2L,0xf266f3b7177f1fc5L,
-        0x0f12b884cf1720e2L,0x0ae8e5a8ddd5c9f0L,0x33a683cfca4456c4L,
-        0x68b15ae27b153cf3L,0x78c717e3f483a724L,0x0000000000000135L },
-      { 0x3416113cd38af77aL,0xd5063d39fa9c36dbL,0x97daad1fc1a854fdL,
-        0xf7b1efa6f2599bffL,0xaa3314678e129857L,0xb920da73a4b7c9f2L,
-        0x6aa551a06d96f499L,0x2b7f6f1fdbcc5e09L,0x00000000000001d9L } },
-    /* 50 << 175 */
-    { { 0xd823b9961d977aa9L,0x88decc8f402a5bddL,0xc7b191d8368c7e5cL,
-        0x556e9ec0f5ed5110L,0x4a81febdffecce67L,0x75919f76814bb429L,
-        0x04d08334849762c4L,0x9a037df8ab24edb7L,0x000000000000004bL },
-      { 0x9cab359f9592c8e9L,0xcf5dd731f35f9450L,0x49ff6c9083f04d04L,
-        0xce238fe14f50c7adL,0x6a971ec477442addL,0x7aaff382eb6dada3L,
-        0x14b43e873b7f4447L,0xc9e21cc7c67838aaL,0x0000000000000032L } },
-    /* 51 << 175 */
-    { { 0x3c5764d9e652d9e9L,0xf6d664d15c58afd5L,0x6f72c39c5263ea19L,
-        0xb7c2a994e740eb02L,0x24868934ecf6cd38L,0xeb5aaa0ab07e9b54L,
-        0x76893a641cf1a8dbL,0x13b31739fb9f2e6aL,0x000000000000012dL },
-      { 0x185abf0f52104f6aL,0xa352e81acf2e3361L,0xf3d248cdd9a21f71L,
-        0xdae16ec865f3686cL,0x42ce080c6bd346e8L,0xd0354599fab70983L,
-        0x9259e6c9a24aa4fcL,0x816c3c813b4fe5d3L,0x000000000000007eL } },
-    /* 52 << 175 */
-    { { 0x4df0de9441fb96a0L,0x4412561574225d62L,0x02c82702def80205L,
-        0x7611d83d8585c7f3L,0x4b30c7c70a4a0380L,0x5f2089fb0d1c3a3aL,
-        0xce0fd7a169b754f7L,0xcbcf956d7b840647L,0x00000000000001eeL },
-      { 0x9254d02e9152b2f6L,0x0004290f5a55c8eeL,0x1e65776a06eeb968L,
-        0x1aa40ca875898404L,0xe5f6d7e1082b1b3dL,0xe8a4447d432c62aaL,
-        0x5c988bde7f251463L,0xf1a617221e477a2bL,0x0000000000000082L } },
-    /* 53 << 175 */
-    { { 0x6e94a400a12e0ed3L,0x7ec7f137693f0b2bL,0x3369312a64dcb97dL,
-        0xb6ae9d92bb174be6L,0x4343763fb49f4545L,0x2781f0c93988b19dL,
-        0xae34e2bfa54bfd46L,0x19a6243e347e1992L,0x0000000000000135L },
-      { 0xab693a17f339cc98L,0xcda5aa8a306031fdL,0xcdbd42722daafd10L,
-        0x8fafb43f6dd6c153L,0x1eb19e412ba28ddaL,0x34a0298c447fde55L,
-        0x7872662a05fc38b9L,0xa174d1070222688cL,0x0000000000000032L } },
-    /* 54 << 175 */
-    { { 0xbe5631d2d56dc535L,0xde5e0ef7f0485a91L,0x848a5d3836185a80L,
-        0x61dbcdebc44e4ba7L,0xb9a36cbf13524447L,0xb10894ae6417cda2L,
-        0xfdf2be12c4321744L,0x604734309cfcb161L,0x0000000000000031L },
-      { 0x13f91ab30bb077cbL,0x27f4d378846d00deL,0x3a75d114c18b6495L,
-        0xb33cd9d3cff1421eL,0xf72e1ba92e077183L,0xe6d74ff2fb4bc174L,
-        0xcd5a5f06d2ed2ef7L,0xeaa9a4d132ead477L,0x00000000000000adL } },
-    /* 55 << 175 */
-    { { 0x208c52b387c78c83L,0x8a814dcb41c862e8L,0x278976d32ca53494L,
-        0x488caf4bcd7bf0ceL,0x2a07f905074b5f09L,0xb53383af0fccf4cbL,
-        0xcff62835deefe7b2L,0xbb0afbcbc2febcf9L,0x00000000000000c0L },
-      { 0xea3673b6d107b949L,0x9253804482d5a087L,0x52da8af43c18e3beL,
-        0xcf635990b6fe0565L,0x7be60be52dd319a4L,0x246d7e44be349ee4L,
-        0x395a48efc0cb8352L,0x3013388d08100678L,0x000000000000000cL } },
-    /* 56 << 175 */
-    { { 0xf43f57f1644be376L,0x5ead8d33cf66858eL,0x40d9ab0358ad4128L,
-        0xaa6ad5b5707e7c69L,0x52d2bee602b4e5f0L,0xb39b48968b1a1287L,
-        0xa9f1e0ecebc32b16L,0x7ff75a69f442c70aL,0x0000000000000039L },
-      { 0x118149e893cee35fL,0xdc281d8fcbb28a72L,0x33055e64e8a60d55L,
-        0x8c247f5a89367610L,0x246297062f93e57cL,0xff8dc0ef68104540L,
-        0xea50e01fccda4787L,0x18ae4a7472e80504L,0x000000000000015dL } },
-    /* 57 << 175 */
-    { { 0x974295ab6f7aa51eL,0x5f1f806d43926d80L,0x803b6f7cdc56e092L,
-        0x02a052652cbe5bf6L,0xcec50eba11dcac2bL,0xebc5da4767993ba7L,
-        0xeb38f44945afb69aL,0xf84fc77f0e5d3809L,0x0000000000000103L },
-      { 0x31bbb0ec544fb496L,0x3d31c7f9675994d0L,0x8c77b0c4c5116ee0L,
-        0x8f212d31360d5cbaL,0x133fa56c95775eb7L,0xea09f1bbeb5fa46aL,
-        0x50d1ec5096379da9L,0xe07b4ad7d54e7be9L,0x00000000000000bbL } },
-    /* 58 << 175 */
-    { { 0x6e83884fcc138ec4L,0x776f59d1af876d2aL,0xe884ba6e1138ec1cL,
-        0x1f5ac35fb7ee8a3bL,0x411a904dc6f0ca3dL,0xa0e25f75698458f4L,
-        0x8ab4b3f1270abf22L,0xc45f0668afd72a81L,0x00000000000000ccL },
-      { 0xe93b101ab1428555L,0x49c43cefe1110034L,0x5d33dd3532cec22dL,
-        0x6c96474469e47c69L,0x2a3af875eee1b050L,0x9ef7e37c53339d75L,
-        0xf7b4e7cc69f70379L,0xe52c507c005d6188L,0x000000000000016aL } },
-    /* 59 << 175 */
-    { { 0x900a407c16ea7e9dL,0x7472498ebf1e2d4fL,0xc41b8e8f47d6ffd6L,
-        0xd93cdcdb567590d9L,0x2361492cab650660L,0x0ada3e50975a5b7aL,
-        0x4342909767613b71L,0xa8d9a32cd90f479fL,0x00000000000001ceL },
-      { 0x67c544a1722a95d2L,0x68312626d409ec5aL,0xed244c5c2738cbb0L,
-        0x491e21fa8fbbe571L,0xbc6431fdbe4b131dL,0x8b84091b8eb05fb2L,
-        0x7d82a00220103d94L,0x016cc8bc6ef8af3cL,0x00000000000001cfL } },
-    /* 60 << 175 */
-    { { 0x5e2b4a26cd5ccc7aL,0x44e349def1b8db05L,0x034d54b8efeedfb9L,
-        0xaf410c3eb0de1cf0L,0x0e6cbe44ed9148e5L,0x752ad823e9cc2a8cL,
-        0x3917cc72e9af3244L,0x8639e4a393e23c63L,0x0000000000000111L },
-      { 0x4c0d05a46faf150dL,0x2d93d0d2d8d42497L,0x70669c4383f3c667L,
-        0xea34f74cf766b202L,0xcfd2dfc1a8cccad3L,0xbe520b4002cb38f7L,
-        0xeeeebc97677939b8L,0xc7a734e82e86cf07L,0x00000000000000d8L } },
-    /* 61 << 175 */
-    { { 0xf72c72940d75ed6fL,0x3135f686ccf5cc3bL,0xe971c1f6cb3219edL,
-        0x01aeed44d7c35486L,0xb9fe395d13a4d803L,0xad124ee40f47fdc0L,
-        0x113d1117ee46329cL,0xe252a70e8ffb9c24L,0x0000000000000072L },
-      { 0x88f443817efec9e2L,0x2444c821133a819bL,0x558382008114f80eL,
-        0xc3a4e191088f5c42L,0x222c3389f8775660L,0xee7e2c8b0329f914L,
-        0x3a4fad9f45c18e0cL,0x3ace9e4b3309eca3L,0x00000000000001daL } },
-    /* 62 << 175 */
-    { { 0xd343830f2ab0160aL,0x731c5a9bd81bd1a9L,0x4443103457b8df66L,
-        0x2af1ef67433ef550L,0x9e84336c278ea0d9L,0x53f2c6addb1c8881L,
-        0xbdcdeadf12be675fL,0xfca45c98ffb39ecbL,0x0000000000000109L },
-      { 0xd7e752f42cd3a337L,0x245572edf0c5ccafL,0xad130568627281c2L,
-        0xf1948b1494920647L,0xc35f002381b60cceL,0xc99bf95e4d6d439fL,
-        0x827a29de2c19ed5bL,0xbefcd94f65737517L,0x0000000000000157L } },
-    /* 63 << 175 */
-    { { 0xf54cd73b46227f96L,0xb6beaa8d1a062ddcL,0x1d6ea57dca017154L,
-        0x47292049f2c3f854L,0xe0b35769eb41db25L,0x58573070cdef8384L,
-        0x8cd35c89d8eb4e66L,0x883e914d4fdc8982L,0x0000000000000056L },
-      { 0x0e47c705af242c24L,0x864a4cc18e09b24fL,0x32ee11e88747f144L,
-        0x72d496348f666496L,0x74a0a314bbf0720bL,0xabe29f1db6ba8cc1L,
-        0xae92d4e7c20e7e84L,0xc2e5dd9336f6c9f1L,0x000000000000005aL } },
-    /* 64 << 175 */
-    { { 0xcb35df1c0a0eb364L,0x6d0479606efaa084L,0x2ae2d2833735ce56L,
-        0xe0b9d7e8df82fdffL,0xff7a316c39cf5ab2L,0x23254f4e26b6c05fL,
-        0x4751cb2de5c125fdL,0xfa059629894e9a61L,0x0000000000000148L },
-      { 0xe64ca47b49112eccL,0xf4f9f08cf5fd0dd6L,0xad1c8c7274bdc4b6L,
-        0x34660962bba001e4L,0x346d7a407e2ad36fL,0x68c8b34bd27181b2L,
-        0x8aeb7ea43b424e34L,0x257ab659d4498d11L,0x00000000000001f2L } },
-    /* 0 << 182 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 182 */
-    { { 0xad57280abb5be7e6L,0xf102ff10066e97a7L,0x5308cb8e61c86340L,
-        0x11b53155d02e15c2L,0x50ed7916ef223374L,0x8c48f8371ee821e2L,
-        0x0b3010cf7931b97cL,0xb84cd0142062ec30L,0x0000000000000007L },
-      { 0x05a7a5a024b6e1ebL,0xf8364d18b5a7402dL,0x2b9ec6c5f9eb3538L,
-        0xf363dac905915b41L,0x2a567784a7909cb6L,0x5b386ead22fa3badL,
-        0x646554b91e873fbfL,0x99f6ad72b88ca34cL,0x0000000000000077L } },
-    /* 2 << 182 */
-    { { 0x8f37e861fc3d5a8eL,0xd09d8e74901ce1a2L,0x212e32a992f81574L,
-        0x38ac8ba60d96a933L,0x3d990b98b84c99d4L,0xb97f4e73df58647bL,
-        0x95ae93cc7641888cL,0xd7bdb083a0969dd3L,0x0000000000000182L },
-      { 0x6531530c17830426L,0x9db488f48a57b683L,0x9452ca0f0d87eca3L,
-        0x19b198f08b4be2a7L,0x17939ab22775f0fcL,0x7f662a0625bc5c0cL,
-        0xdf04cbef428884f3L,0xa4d202209f9ff142L,0x0000000000000090L } },
-    /* 3 << 182 */
-    { { 0xd36d95e98d20af1dL,0x042b6b721475a01dL,0x90de7dc34e5322d2L,
-        0xd7201c9c8085753bL,0xb2467afb2a41a80eL,0xde0b994dfcbef3eaL,
-        0xab46bec5219735a2L,0x5c6efc5a9f068a58L,0x0000000000000167L },
-      { 0xad80498ffbe3e605L,0x0e49b878b58b1af1L,0x5a90b3d5f7467e30L,
-        0xb6feeb53d872561eL,0xd33ca82162456735L,0x6262f717cdf5cb42L,
-        0xb7fe12752d9b039fL,0x3d76868940af9134L,0x00000000000001efL } },
-    /* 4 << 182 */
-    { { 0x4585d3aa31ff6e80L,0x8521ac35c19ae65bL,0x983e0c6af9f78334L,
-        0xc4131279435db0f0L,0x0f2d350b51bdb67fL,0x1fea5391d65d265fL,
-        0x7f0b55f7798e80aaL,0xf322493ad549eaa9L,0x00000000000000ceL },
-      { 0xdf7b80aafe9e5dabL,0x5585f93a1861e785L,0xb70fa9abbbb5764cL,
-        0x23ce8aed3a39ef40L,0xa719329a14920ff9L,0xa74511124a00e5b9L,
-        0x48b0001bff5c3588L,0x8dcb5fe10e0551ceL,0x00000000000000f1L } },
-    /* 5 << 182 */
-    { { 0xa31575ca4b4c5966L,0xae86a8c831b5d540L,0xd19ce0a2386fc523L,
-        0xce86998b4540a480L,0x7a4897ab0f0eeee5L,0x0dea1fa0042b6dc6L,
-        0xd1c403044ff99780L,0x3d882bc861fb0837L,0x0000000000000023L },
-      { 0xef942ae4bd2b6cedL,0x7a91fbca038d1540L,0x644571d23631a109L,
-        0x865061c09289c9a1L,0x9f9d809df67c8866L,0xa73777bb75b91533L,
-        0xd4128ce73ee99cd6L,0x2c83701571d8a67cL,0x0000000000000043L } },
-    /* 6 << 182 */
-    { { 0x1e318c6a5ab019e7L,0x83c490b03660eaccL,0xe464c85856e4b9edL,
-        0x6724aedbecf9b627L,0x83f9312e6a28f322L,0xe1f8314f3e3758e7L,
-        0x8ac29afc1c0639f4L,0xa0390923591fb450L,0x0000000000000132L },
-      { 0x0188fc767dab76e1L,0xcff3c75f570fa4c0L,0xd1a1db3a4be7e55eL,
-        0x6f97be3c575e816aL,0x5ea0e3240a9acea0L,0x05699068a9be2cc7L,
-        0xbe8c58299391ceb6L,0xcb55ac5d672c1fcbL,0x000000000000013cL } },
-    /* 7 << 182 */
-    { { 0x82320b25e4eec241L,0xa93543d00c54433fL,0x5ff474b1024c6917L,
-        0x70337516d2e8c7c0L,0x5d97d6b2eff507c2L,0x415cc09eb642c29dL,
-        0x6234cb715a3b675fL,0xf4721ec9bf150b2eL,0x00000000000001bfL },
-      { 0x5e4120da2a377b63L,0x518a3bf81a851ddcL,0xe2dd2b95dcc9ee26L,
-        0xc2b153998fd7b647L,0x1b4b43df7eb436e8L,0x7c354da61ca50fa6L,
-        0x2997e27dd1f1b4ceL,0x89b755a4f0e78f01L,0x0000000000000097L } },
-    /* 8 << 182 */
-    { { 0xdaa72ebc797ee80dL,0x5ee6de5e13bde073L,0x8f21fd78a69b5019L,
-        0x5a8fce8c89191df9L,0xce39466d725f4f61L,0xe1015721d258c98eL,
-        0x22a2f6a5bfb1acc6L,0x5dfef1da97265eaeL,0x0000000000000164L },
-      { 0x4697804882470cadL,0x5a62de6c92e3daeeL,0x95cbc0199163a136L,
-        0xd1f51a60f0ad7fbeL,0xd300b7c6f2380828L,0x3fce67f4b1246df8L,
-        0x6aec1313466ec418L,0x95ffd2856063ce6fL,0x0000000000000080L } },
-    /* 9 << 182 */
-    { { 0x082a54184ceb12b4L,0x20d67a8ce6889f68L,0x5beee4dcf78c7ee3L,
-        0xe234bc07a7c70d07L,0x57957765845cd20bL,0x9f16fc18ce9f8562L,
-        0x7793805865d54d1fL,0x244d5d5c0a33ac80L,0x000000000000000dL },
-      { 0xa7642eceb3d0302cL,0x7553b599438b82ceL,0x35db7e6e3bca2614L,
-        0x0f549f7414c632c4L,0xe9d8a3122cf8bdaeL,0xa27062b3281d7c68L,
-        0x1023e6791155cd46L,0xa2d781fb734a6f3fL,0x0000000000000017L } },
-    /* 10 << 182 */
-    { { 0x46cd5849f6ef2fdaL,0x5b3fa640b1d02cdaL,0x0fb696664e1222b9L,
-        0xf7c6c4a888c8de4cL,0x742c5f24ef16cc79L,0xa4866982c0032997L,
-        0x076035dbbf0a2982L,0xffa69b49779ef790L,0x0000000000000068L },
-      { 0x74a20b1174e76a5dL,0xb9bf4b3f35722dd9L,0xad2de2d42bf57ad6L,
-        0x413223308bb9d811L,0x6e7574a05ee8d6c2L,0x16253e6b439a3683L,
-        0x8ba8f866d611da87L,0x11f5f946c9e2df24L,0x000000000000006aL } },
-    /* 11 << 182 */
-    { { 0x1fa5a29708431e9cL,0xa400cf7ae43aea69L,0xc197afcabd8182b9L,
-        0xd8a48cb691ed64e2L,0x45b3b155fcd39e10L,0x4951cc79cbe71480L,
-        0x939e1a833101aae8L,0x4c354aa4c1bc4f13L,0x0000000000000042L },
-      { 0xc21a1cab3571c9c2L,0xe85b99fb54b5d704L,0x0b26a9e0e740e33cL,
-        0xcc33a25ef6780727L,0xaa203d30c2871675L,0xfee96fc8735015f8L,
-        0xea5f0118fb6c489eL,0x1ee87d166e566a79L,0x0000000000000012L } },
-    /* 12 << 182 */
-    { { 0xd3107dc42eb6d453L,0x3897a60ba3f6b312L,0x5d8ae4b9a26ebd5eL,
-        0xf83e1efa445f3ea9L,0xcdf3f2d6e9c5ae62L,0x43624a7ffe4a7f11L,
-        0x9169460f6634235dL,0x642b8b112f75464eL,0x0000000000000186L },
-      { 0x7924b1cdc84496a4L,0x0a5eb42c5f8f5f30L,0x14068d49492cd04aL,
-        0xe0824856f2a5f227L,0x6e146cdead328ed4L,0xc63a68c19118fabdL,
-        0xa295b4127e56624bL,0xc1d31ed187055125L,0x000000000000001eL } },
-    /* 13 << 182 */
-    { { 0xeb7242709aeaf343L,0x51e4dda7521d1303L,0xb0867bcf4b6d79ecL,
-        0x9f3769280dc1e1c1L,0xc807e9397ce09227L,0xd46d4ccf18f02ee5L,
-        0x4f50c46e7cbe5fbfL,0xee0d19eb8464a6c6L,0x000000000000008fL },
-      { 0xf9eabcaf838eb681L,0x3a04860e43b0649aL,0x3ffc96f3f6f4a93eL,
-        0x0e1cefca2689da24L,0xa5c0b7cc6aaca275L,0xa5bbc5ab87f572dcL,
-        0x4c577d4f315e7e93L,0xcdd104b0be10ef14L,0x0000000000000065L } },
-    /* 14 << 182 */
-    { { 0xa267789abceb62c0L,0xc3536fa5dd342598L,0xa0a158edc66bb97dL,
-        0x2282d372413001f7L,0xcc6365d7bb80b2b0L,0xcfcbab5a75e3e8e9L,
-        0x0b0c89a9d832c899L,0x4c5f3c139109e60aL,0x000000000000013eL },
-      { 0xe9437990177cdf1aL,0x0ce91379f9a4d1bdL,0xb3a1a40968b5bdb7L,
-        0xf9a22cc775573480L,0xd05f00d5bdd43f32L,0xc65e107c24cd9011L,
-        0xd3c7f981782fd8d9L,0x4b998ad9771b4074L,0x0000000000000153L } },
-    /* 15 << 182 */
-    { { 0x3829eee292c5afbeL,0xd6ceab835f385af5L,0x80feac24ad9740b3L,
-        0x2795a4aa1425ac94L,0xf8a2e2fea345fd1bL,0x83e9ee2e41cf9386L,
-        0xf384b56b675a9faeL,0x8dd8fd07ad024c34L,0x00000000000000b8L },
-      { 0xe5e8b6b647baac01L,0x0cf5cdaeebb4627bL,0xa0c05d92d9ece132L,
-        0xb778b8723138e22fL,0xf15d930b482fb046L,0x4420d1953ef00d49L,
-        0x07c2bce32acdfd2cL,0x5f0932a7df5d86deL,0x000000000000008cL } },
-    /* 16 << 182 */
-    { { 0x241872e36910d714L,0xdfcd9db5cf96f106L,0xd32e27facb3a51e7L,
-        0xa55ecaeac4a051c2L,0xfc54759af8944204L,0x569d9efdf938b503L,
-        0x8882ab15c54bf05fL,0x9a8869ed0cab8124L,0x0000000000000007L },
-      { 0x1f5995bf361ce52aL,0xda53a556b51ee176L,0x735bfcd6cb664a03L,
-        0x4d8e405d38486de8L,0xeeca6379a807c481L,0x9a24ac8a4d456d2eL,
-        0x159b9f4c3b85ab21L,0x77524d58f256c82eL,0x0000000000000125L } },
-    /* 17 << 182 */
-    { { 0xabe54ca59d266057L,0x10173cf8ad5590e8L,0xd52929fdc2710408L,
-        0x75164c9941c9bbd6L,0xe2042c2e09ec8272L,0x244a305e411aa6ebL,
-        0x004b6a2930ab6539L,0x58d67a63bb2284dbL,0x0000000000000190L },
-      { 0xd830c66efcd95a1cL,0x0e023ec73b20bcd5L,0xc136f25c50b4c7a8L,
-        0x2e36e65af69c7a3aL,0xfca3db62e46a0699L,0x2615d7fe828e0fdbL,
-        0x4bcd0acac894a9f6L,0x1f6a011bc266e64cL,0x00000000000000d6L } },
-    /* 18 << 182 */
-    { { 0x9624aea7c3ba79a5L,0x303f5c44356b4d55L,0xb266745f4420746aL,
-        0xd554d641ab2157c3L,0x270e293a89a1b1c6L,0x73541da2e81fb3d0L,
-        0xa3af4df99d28ef8cL,0x83e20fe57f159a0bL,0x0000000000000075L },
-      { 0x6d4032ad216ce79aL,0xa979ded996dc5993L,0x0653ce03a77cf5e7L,
-        0xd4c7c0f8e612cbf7L,0x664b14144cfd535fL,0xfc1127f460795eafL,
-        0x3c612b6b68378b1cL,0x023e398ec1c7d949L,0x000000000000013dL } },
-    /* 19 << 182 */
-    { { 0x6f1d92ec3d4ae696L,0xb86106f398fab4fcL,0x822b872e3d5b0645L,
-        0xe99b1302745556efL,0xf7d257a7ffb5a1f3L,0xd1c72810c5469b4cL,
-        0xc023f597f796298aL,0xfe1e4d4c37019403L,0x000000000000016dL },
-      { 0x0afd0124d8c8e429L,0xdc549ae033397fcaL,0xcb6b425ffef20af6L,
-        0xf179caa3d3ee3c39L,0xa2bafb4ae2cd0281L,0x6ed7124a8c6764beL,
-        0xe347fd98c891540aL,0x6b531daa0ba5c525L,0x0000000000000176L } },
-    /* 20 << 182 */
-    { { 0xd83376b06e0604e7L,0xf3da2540b9bdabcdL,0x8a64129ab0069b9cL,
-        0xf98d8a694ed21f8aL,0xcd7950fb17c1fdd1L,0x988ac822a1b303f3L,
-        0x2d6dc22444468a4aL,0xed780eb123f65549L,0x00000000000000c2L },
-      { 0x38e4f1e17c4f29cbL,0x030f563663776af6L,0xea357f378032b066L,
-        0xbc96afa12141ebbaL,0xe1396e9f7cacbe45L,0xdc5e9f07c62172a2L,
-        0x00ca038fa26039a1L,0x23796edf96c93fa4L,0x000000000000014bL } },
-    /* 21 << 182 */
-    { { 0x016e72db586f95f7L,0x7f9e2c36c2400728L,0x052457cf2bf04972L,
-        0x029911681fb30152L,0x5be915ba80cd0439L,0x5e151e1c6faa956cL,
-        0x21ab062272dcf9d1L,0xba0e51b09414b9b9L,0x000000000000014eL },
-      { 0xf0a1bc7a201e1ca9L,0x768f5444c7ce120fL,0x2961c06b496c605aL,
-        0x3dfd88f3c22605eaL,0xca174491e4a89909L,0x71319e378b5c6ba1L,
-        0xd56268a9e975dbafL,0xb2e5ff36f38511b5L,0x000000000000014aL } },
-    /* 22 << 182 */
-    { { 0xa943c94277e540eeL,0x9d13fef6443f5f5fL,0xe9c360fc9ef01a49L,
-        0xf2e1fb0698f8ab08L,0xcb966ce4cc21b8e9L,0x212a01e81f1cecdfL,
-        0x800a4f8be95f2409L,0xa0a6b162fa1a1310L,0x000000000000009aL },
-      { 0x23b1052ee4bde75fL,0x032a7dcbb01aa17eL,0x5e4cb05ba641f2b7L,
-        0x6ff29dd715184d0eL,0x29181004f479238fL,0xc3f7b9466a04f7f9L,
-        0x12db296a2c9e0a68L,0x323542c22f7f2a7dL,0x0000000000000108L } },
-    /* 23 << 182 */
-    { { 0xd9cf8b726028a775L,0x3850c15741cfa8ecL,0x6b4bc9b606915137L,
-        0xae55a728d1c99839L,0x045b7719e23ff638L,0xcae591faf3269ec6L,
-        0x04d5743ff130730eL,0x53372a0e6208ad0cL,0x0000000000000036L },
-      { 0x7db65e4e4af7b7f8L,0x9dfde4aee67bba08L,0x62dda13e2cc2e030L,
-        0x4ffd3135a4080e00L,0xd06a20444b48aad0L,0x9442188e59609700L,
-        0x10ffbebaa9ce37a8L,0xe22428600ecb7346L,0x0000000000000005L } },
-    /* 24 << 182 */
-    { { 0x20f7c6ee1bcf9917L,0x1c7d940f8cbc7d2aL,0xc2a1139ed592def0L,
-        0x0b6b644a936c827aL,0x1b16bf59abb4f3ebL,0x1693fe7916b8b498L,
-        0x4b81cf5badbf552eL,0x620ef3be7e0cb980L,0x00000000000001a3L },
-      { 0x6106878f2f6f9a16L,0x15c2303e6cf02778L,0x18c605cf7f7e7e27L,
-        0x6bd45dc798a8de3fL,0x5874172095869ddeL,0x621d8a4b2de20d0aL,
-        0x7632703cdca67562L,0x9374d05536957eecL,0x00000000000000f1L } },
-    /* 25 << 182 */
-    { { 0x291cad563c81c389L,0xfa1b6f768a663dfaL,0xc23bccfb4d4e1bfcL,
-        0x14218a8881c16ee9L,0xf4c48023fae0c87eL,0x58e978728e9874dfL,
-        0x690b375959dabf0aL,0x45e8790a2f13f6bdL,0x0000000000000156L },
-      { 0xc1070b3f17bd5f8aL,0x4bb893cf246d0744L,0xf5e5d9a855e6f814L,
-        0xfea75ee5a20ad845L,0x000d0926d4e9a182L,0x120ef85508b102aaL,
-        0x495db2342947588cL,0x5101834a455b2626L,0x000000000000011bL } },
-    /* 26 << 182 */
-    { { 0x2a8ebbb27efc758eL,0xc14880f28e3bd85aL,0x95ec9fa6536a42e7L,
-        0x07a26257f6cf0da7L,0x67976b68d1a6a137L,0xf143f97bfcd0179aL,
-        0x99645da231832f2bL,0xbe0940ca0955eb50L,0x0000000000000076L },
-      { 0x6d01c753e3acb83eL,0x9cb6f41194373f4aL,0x935f9fc2e758ddffL,
-        0xddee3e64b16c8ae5L,0x5b16820748e77dafL,0x2c0a5f0862a3cf00L,
-        0xf47f143a79315466L,0x2adc4a4853a7d9beL,0x00000000000000dbL } },
-    /* 27 << 182 */
-    { { 0xd2d98879bb29fe08L,0x261ca47e9e1e47cfL,0x349da8771951592cL,
-        0xe6da4080eb147166L,0x036929ab99d5410fL,0xa870f2a4ff40d8a3L,
-        0x6e12a9c78b775ae9L,0x0c493e092de6fac1L,0x0000000000000193L },
-      { 0xea12c2dec0522680L,0xb3a5c0e533afbcc6L,0x5e7da51f049aab7aL,
-        0x5dba87587f2dfa4eL,0x4e931594e3339e83L,0x100c2dcd0c75a4c3L,
-        0x6795a18e562cd1e0L,0x3778c7509aa010f2L,0x00000000000000e5L } },
-    /* 28 << 182 */
-    { { 0x2d0e0e8c3a12be03L,0xa4febeba75aaa59dL,0xe5ac02d67e8056d8L,
-        0xf3788c67bacd030cL,0x4018ae3921fda504L,0x690259dcf16aa240L,
-        0xf51723b291ad5d2fL,0x9cf893221f0aa525L,0x0000000000000166L },
-      { 0x0f4b0c2a09388e2cL,0xb8308ceff40b8763L,0x2462458061a66221L,
-        0xb67a79e8165aaa95L,0x94bc0b4708789bc2L,0x8b234c8708114d2cL,
-        0x1ee26556bec8d5efL,0x22e3055df315d134L,0x0000000000000118L } },
-    /* 29 << 182 */
-    { { 0x46cf9a123b3ba75bL,0x1d186c661adb1a26L,0x56c777349bf1316cL,
-        0x0f3e2f5ed8304840L,0x01baabfbe6070ce6L,0x503f8d930c9102d2L,
-        0x4dcd3adacd453ef9L,0xd1a8baf5fc6aad57L,0x0000000000000084L },
-      { 0x1faf5d6dd292a0c7L,0x910d30cb74f8c530L,0x442d713a6c0fa806L,
-        0x0a18ec4704b1a792L,0x880b2e809501a8f2L,0x2f074b43aac9e8f5L,
-        0x44209c655e1eddb7L,0x5916efadee7e28f3L,0x0000000000000131L } },
-    /* 30 << 182 */
-    { { 0x91e1ced21c8781b1L,0x1b160a6cd9eaceccL,0x32169b6de05009ccL,
-        0xa6e611cbd398f69aL,0xce953c71b0eee5fbL,0xf0b9112de9cdb766L,
-        0xad581159c871f5d8L,0x0ebe554be2279127L,0x00000000000001e4L },
-      { 0x89976adf1ab77e95L,0x33164f3df139a517L,0xef133446a1c4a5aeL,
-        0xdcbd304791d5782cL,0xdbd5c67c9750d5e5L,0xa23fc0fea185893eL,
-        0xe094fe8ec7f91de6L,0xf9e3a96a99faa7a7L,0x00000000000001bbL } },
-    /* 31 << 182 */
-    { { 0xd116cbade405020cL,0x7c108b67c633aba9L,0x2b7856f5e8aa0582L,
-        0xf8eab5a93ec464a6L,0x0e90e325e59632daL,0xd4dee596e85e20bcL,
-        0x4cf2c91482dd5124L,0xdda35341a6160911L,0x0000000000000073L },
-      { 0x4d225d4108a2c6f5L,0x481686652c17247aL,0x65877f1497b579b6L,
-        0xda95b1fa53d48dd2L,0x43fb7079ca44e73aL,0x7b69f069e3ec902bL,
-        0xdfd35aa860d9ab1cL,0x3457f579b3e5b6edL,0x0000000000000041L } },
-    /* 32 << 182 */
-    { { 0xf43e7556bd385e53L,0xbf8f9681875c0190L,0xe3d90dee555bd31fL,
-        0x3baf65546edfe5ecL,0x3d6df218960e906dL,0x7b6635cb873d0635L,
-        0x98a44993ded25371L,0x918b7555ad8e24b4L,0x00000000000000d7L },
-      { 0xb776f9146553287bL,0x7075a0a36fa9fa1dL,0x7bc1d77c11d5513dL,
-        0x789a19867993f668L,0x6162a249612a7f5aL,0x04348eb04ee7f938L,
-        0xf7102ceb56583274L,0xae423442e356e7bbL,0x0000000000000002L } },
-    /* 33 << 182 */
-    { { 0x523d61302f4ead44L,0x201058f04e5b8666L,0xf7680d4267d123adL,
-        0x0884457684ebdfb4L,0x84274505abd16ac3L,0xb9fafd02b3ea127dL,
-        0xbbfa958703e32460L,0x291a5eb015781790L,0x0000000000000173L },
-      { 0xe91a30aee53f10c3L,0x9584ef2bfd5dd433L,0x108924ba581b9fcaL,
-        0xc2fd60ccfd8e8fa8L,0x318e224fcab2784eL,0x0c81392b9d31ae14L,
-        0x9b2311108aa8130aL,0xb270d685276f3462L,0x000000000000010fL } },
-    /* 34 << 182 */
-    { { 0xdb7ce23edde05ffcL,0x3498ab21c6d0e52dL,0x70c111977b0e5286L,
-        0x2397818f56a3293fL,0x8e5190030f16f124L,0x42f9ae77dad7d391L,
-        0x5b6d52b49000eaadL,0x0250415c53e5d19aL,0x00000000000000a4L },
-      { 0xd5134d31720c627fL,0x5225579c2ace2686L,0x43db384eb8a3ec7cL,
-        0x3f857459f0f7a16dL,0x897549699739d8dfL,0xb1a377181c8ce480L,
-        0x81c5b1868267d330L,0x3f45401b037f89c0L,0x00000000000001ddL } },
-    /* 35 << 182 */
-    { { 0x4e66abd437417d43L,0x9514ca813998603eL,0x3fd620ece6ffe0c3L,
-        0xc72d522ec2371320L,0x9aa50a59acf05fbfL,0xc3e9213306fe5a5dL,
-        0xc1d244d73c56f206L,0x7c22b8ea72b4d2e0L,0x0000000000000114L },
-      { 0x2cd8c20869310665L,0x41bc43a56af1617eL,0x41acd532d54f9707L,
-        0xc3fe18ad05c56c89L,0x706756a536a5189dL,0x63137c9f3815ce6fL,
-        0x2ff051973eaabf9bL,0x0c3118fe365d4a01L,0x00000000000001d8L } },
-    /* 36 << 182 */
-    { { 0x5d07a2964e588df1L,0x141993bb19b144a5L,0xabc8b7f17aef2cfcL,
-        0x6a447e47adf5f260L,0x3617bbf9413523aaL,0xae2df3568658871bL,
-        0xb73a2681eca0d3d9L,0x9faa02a845905049L,0x00000000000001daL },
-      { 0xcea9672c9249e1f3L,0xd6030dd792b80377L,0x1731a9b6b430427aL,
-        0x707319a7dd23ecd8L,0x7497f2d3137eac72L,0xfd455e149fc57ecdL,
-        0x1d5be9f6f7a02326L,0x58127f1635ac3188L,0x00000000000001daL } },
-    /* 37 << 182 */
-    { { 0xa465edcff4ff1298L,0xf6875a88fb3ce39aL,0x0f8c3e4154571e9aL,
-        0x9750c93b2a33bcfbL,0xa4dda6a9c95cd2d0L,0x09512242e236cfe6L,
-        0x7045f4a1f8b5241bL,0x6cfba4be0c875c33L,0x0000000000000053L },
-      { 0xbbda856f057cc244L,0x039c06c1a80b8883L,0x909d27543627186cL,
-        0x02163479f6b0fc43L,0x46c3962436cc44beL,0x83113b35d0abcaadL,
-        0x0d62ed6f0ef103ffL,0x04100f40c2c14b5fL,0x000000000000000cL } },
-    /* 38 << 182 */
-    { { 0x5492babe8e507a53L,0x01ef00154f5fdf0cL,0x5b07f050e8bf3b02L,
-        0x06205d089907fdc9L,0x4ce4ecc11ad754c1L,0x3d01c3b63723fdafL,
-        0x77064d779065a5a2L,0x5de5e1cb725ff125L,0x000000000000006bL },
-      { 0x32d6e29d839ddf7aL,0xb5908a08f6518318L,0xcaedb6a5e99f9497L,
-        0xbe22eccb8509addaL,0x46511cdcdd3a6f5fL,0x74e345cb75b8d2e3L,
-        0x041b65006c166683L,0x23c654ead41aa178L,0x00000000000001a4L } },
-    /* 39 << 182 */
-    { { 0xd79f98edc740422aL,0xb365a02f6f658438L,0xcbd68ebb726bb3d3L,
-        0x1a74279568c9ffe1L,0x173b3d054253a108L,0x2873faa613d84b25L,
-        0xba2b605b705e1276L,0x35aa0bfe1d1e7e13L,0x0000000000000013L },
-      { 0x54a4ac10ae28e669L,0x392bcb0022d8b070L,0xf15f6b0819e99d02L,
-        0xd3019505f97077efL,0x8ba03e9342036fc1L,0xf1b3b093837e9fd2L,
-        0xc92b110d891b000bL,0xb99d4924e628c1deL,0x0000000000000169L } },
-    /* 40 << 182 */
-    { { 0xa62acac89702711bL,0xfa8afde1e5a60500L,0x6d0b6ec9851d3077L,
-        0x2928a849ddb4d927L,0x40731d2fee9c5656L,0xf53c199c78402e28L,
-        0x8d704153bf178d27L,0x67bccd2a3f735c1fL,0x000000000000008fL },
-      { 0x1fb2240d935c8aa5L,0x1fa6b65f794daaa0L,0x30aa4bd3c31a7abcL,
-        0x7b571e77f50b1a73L,0xe5105e178d05b874L,0x224ce4ac6574a6a3L,
-        0x64f2c14ba2d9fba5L,0x30e0f151c304c3dfL,0x00000000000000feL } },
-    /* 41 << 182 */
-    { { 0x7400571b0014829aL,0xc976d3db3d15b8adL,0x2d3780591335164cL,
-        0x57e68ee0e2e843bdL,0x0df368cc40341b75L,0x004e99f63666a071L,
-        0x80898faa2ded5ebeL,0x2d5e2b8d5d64a7c2L,0x00000000000000a4L },
-      { 0xb54da69bd389bb74L,0x3f2bfe1ddb6e2d4aL,0xeb09473dc831acffL,
-        0x64455b0c0ad6afc8L,0x38ac4f0c13088a99L,0xcd44c67980602e36L,
-        0x6b28f3b36c93cc94L,0xcc9ed6f2649f16c0L,0x000000000000001dL } },
-    /* 42 << 182 */
-    { { 0xcb8db302d5aaec94L,0x58fb71700e303300L,0x0a78247a8b0e0ddeL,
-        0x2d30370d6c007b9cL,0xb9d1fd916bd6d93eL,0x8e4be06b02362bd0L,
-        0x373af6632227469cL,0x1a1b76090bac6e9aL,0x0000000000000171L },
-      { 0xae3c93ace2962773L,0xbd96ef35232d4523L,0x44b5d53f254b07b0L,
-        0xbdc86e94658ea74eL,0xbde3eada9d758615L,0x267b46acc55f69d0L,
-        0x91fc9a2d4f0a8474L,0xc3757adce7249118L,0x000000000000006cL } },
-    /* 43 << 182 */
-    { { 0x18b7327734169522L,0xc80df3cade9f570cL,0x2248ebd72ee0abb1L,
-        0x719461e77ebb6b43L,0x8432cb62cbf4f4e6L,0x031df9951dcda661L,
-        0x1889b33b9e588c1dL,0x1d9ba4a04dee2e11L,0x000000000000017dL },
-      { 0x57ee376f719a392bL,0xbc128291bcfce4c0L,0xde788ed68be2ebb3L,
-        0x865d088f0c72b0a0L,0x720f285ae7b5af3dL,0x716d0d401f6564faL,
-        0x68b5093e16b7733dL,0x3ce4e5a3544922acL,0x00000000000001c3L } },
-    /* 44 << 182 */
-    { { 0x3e157f2273ee88f7L,0x1c0630464384bb96L,0xfa8ccff1163124abL,
-        0xf2a63516e1c82e20L,0x06f7a495ecc52cbdL,0xd00255d7d546b8b3L,
-        0xa4e0ea97f2c1bd00L,0xc279c9b9d8367846L,0x000000000000018cL },
-      { 0x493ca0d2f4846640L,0xf2f65176836101bbL,0x9a2131507c4f5f62L,
-        0xe7a4d6cb33ca1654L,0x6705565959e1757aL,0xae2233738bbdda8eL,
-        0xe915be3be856975eL,0xcd6117edb40db96eL,0x00000000000001cfL } },
-    /* 45 << 182 */
-    { { 0xb4e8c9370aca7d71L,0xaac0761b9812c1fdL,0xe8596d4bee0886f8L,
-        0x9bcbfa589fc12093L,0xb9e4b19c06967ae7L,0xc0e4f5c98172cd32L,
-        0x94098a335ccb77f4L,0x8996dc27bdfdee8eL,0x0000000000000129L },
-      { 0x81b4d7ee284d4731L,0x263845cfdbf96ca8L,0xe773b3cd3a19983dL,
-        0x7e16a7d17e7d7707L,0x7270b36600cffe6cL,0xef2ac9029c2de9feL,
-        0x3cfae8b0c875b52bL,0x8bf88154f21e1d82L,0x000000000000002cL } },
-    /* 46 << 182 */
-    { { 0x9c765f620a5e3ebbL,0x970ccd4e818fffc4L,0x9522877a70bbf4fcL,
-        0xa720852dcd9f1e17L,0x50dd2c7e15b0005dL,0xd5ff9c20842795ddL,
-        0xa942f53eaab55facL,0x9c8350e25cfb4548L,0x00000000000001bfL },
-      { 0x8afd20bb94f7a376L,0x17de2a98a5c8cabaL,0x97d74ac55ae239ddL,
-        0xcf5925c5917be399L,0x0092fdd6185c43f8L,0xbce625310c2334a6L,
-        0x264385c8688c7ea4L,0x09b75046c0a5b76dL,0x0000000000000000L } },
-    /* 47 << 182 */
-    { { 0x1569eaf24cb224cfL,0x269fa0409f146821L,0x76debe784598e444L,
-        0x55dbf9b1dfe244a5L,0x16cbf26eb67a835eL,0x59af39e01281e580L,
-        0x71eda217a229a7a9L,0xbada5b1369432cfcL,0x00000000000000e2L },
-      { 0x59356f88eb5b5f1fL,0xac200a20ee82718cL,0x870cbb11bd305f9eL,
-        0x6ef0a89a969de1ecL,0x89c705ef0110fd77L,0x2c944b594c73e141L,
-        0x4bac7679c140aaa6L,0x910125524b4d3534L,0x0000000000000024L } },
-    /* 48 << 182 */
-    { { 0xb77b2273b687e9e4L,0xd0c9629b158071baL,0x7b0d0576bd865783L,
-        0x47ca9a1b48334138L,0x22c0b777990beeffL,0x3dae022d7e8dbe92L,
-        0xdecf568567233c8bL,0x96eadd8a999e9c94L,0x00000000000000d6L },
-      { 0x8aefeaf1b8755eecL,0xbfd2bc88789362fdL,0xa2c3bc994e34479dL,
-        0x5025831148df5301L,0xd392cb00c0e07947L,0xc8c4c6a5e4a0c2baL,
-        0x315a9be295c84fd7L,0x12be251d40cb144aL,0x000000000000007dL } },
-    /* 49 << 182 */
-    { { 0x600281fafdfb666dL,0x89b2e2ee9bee6f0fL,0xe8f208e3124ff0a1L,
-        0xd674853a97ef8785L,0x333f682b7c613cc0L,0xa7bcf59549dc2ea1L,
-        0x3431a30d26a67e52L,0x1023799fbe4720f8L,0x00000000000000abL },
-      { 0xf98a30432480bd59L,0xc46d6cf7fdffea8fL,0xf6f7c7e58a9d667dL,
-        0x2a7fac095c65f054L,0x389cf284df19c157L,0x7b70ba00b35cc84dL,
-        0x068cc13ee30d0abcL,0xca24da284f1db63fL,0x00000000000000adL } },
-    /* 50 << 182 */
-    { { 0x22becdcd9c071a34L,0x66bca042c09cda4cL,0xf701267bf0732913L,
-        0x25c3b4b5a6a84d63L,0xd20b654f96a4bccfL,0x649bf2c16963824eL,
-        0x3e173b274d84f899L,0x0573e68b5ae76effL,0x0000000000000193L },
-      { 0x850d688aa7578c52L,0x9e967e16cacaef52L,0x24e39bf84daec11eL,
-        0x9ee4a66878b0072eL,0x3255f3f8f17b5e45L,0x1d8b5306c11d1f63L,
-        0x79b70aa80fd0248eL,0x1e15707ccfcc577eL,0x0000000000000095L } },
-    /* 51 << 182 */
-    { { 0x6e9477a46b25f458L,0x808fe2c599cb8c78L,0xad2dccf34619ad52L,
-        0xf2424ad828e3efdeL,0xb4cf55c2bdd4b5b1L,0xf03879f1d1735445L,
-        0x74fb4795f9feaf2dL,0x588c3fd6312ca1eaL,0x0000000000000046L },
-      { 0x13b13beed8007d8fL,0x5c5b92246fdaacf9L,0x84ab74efc221e90aL,
-        0x37384eb8758581d9L,0x923205a320eaa26aL,0x0cfc39ffd0995704L,
-        0x8b3bd7a2d4ede2ecL,0x4a640b0002c020dfL,0x00000000000001a2L } },
-    /* 52 << 182 */
-    { { 0x9649b0c126bd0385L,0xdf659955ac77dd42L,0x512cab0f5f1d946fL,
-        0x3365c06cb8e888ceL,0xd5b139364003ad9bL,0xb9ddf7422e777936L,
-        0xd882a2e7f0a2ea17L,0xca25477d329706f7L,0x000000000000002cL },
-      { 0x109144281f14b985L,0x8c6727485f7bcafbL,0x43da81611a6b62b8L,
-        0xadee9242ffc82eccL,0xb7dcdb418f391fa4L,0x1fbbf2e0593add60L,
-        0xfb551a699ec74127L,0x2ae9b20e7443a903L,0x0000000000000116L } },
-    /* 53 << 182 */
-    { { 0x1ef97491410cd077L,0xa8206904f205d56bL,0xdfea5b4c334d1427L,
-        0xf1982219bef52120L,0x2f5de7f02af4cbccL,0xb80fa224b097d873L,
-        0xe7ebce309b3ef192L,0x34043ba58508a38cL,0x0000000000000044L },
-      { 0xe73a1b716e77eddbL,0x422356ea070ebe74L,0xd1e293e6b5fe5ce7L,
-        0xe8897492231d1036L,0x04241a1ea9676b41L,0xbfe53ca26833593dL,
-        0xb52a531006b71326L,0x09b13c8e66a34460L,0x0000000000000197L } },
-    /* 54 << 182 */
-    { { 0x65b70bc6eeae508aL,0x78b81935b70e19c5L,0x9652937bee8c6b85L,
-        0xdfb53e2a9ba55188L,0x9bde675e8ce3f3baL,0x021519ed8693d863L,
-        0xb64130071fd9ac55L,0x428560d4845869c4L,0x0000000000000170L },
-      { 0xeae5f3757b7ec622L,0xe582b16f49a0d23aL,0x23c4a6c413352ff2L,
-        0x29ac206336a323c6L,0xc1be1ef1f7fdd1f1L,0x490e35a0a7d81d3cL,
-        0xe6fce48a29caea09L,0xa8b619aaf3969db2L,0x00000000000000f5L } },
-    /* 55 << 182 */
-    { { 0x1870f45409e7211fL,0x63654bcea1a5ce06L,0x82f781ebaee02970L,
-        0x704b05b98e6cfb1aL,0xda7779919e75ee2fL,0x9c311b5c8119aee8L,
-        0x878920321ec5731dL,0x45db4af638e2efbaL,0x00000000000000f7L },
-      { 0xc9da8fd8e60fa998L,0x2a908c8fa661efbfL,0x948c9b3fca468a51L,
-        0x485238d4944e68b9L,0x4d696e8be223a143L,0x260195a48ab78084L,
-        0x3c53be3a2fda134dL,0xaab965b37d24899bL,0x0000000000000028L } },
-    /* 56 << 182 */
-    { { 0x2698187d69d2a365L,0xceac05a40b4636e7L,0x508d87efb39d959bL,
-        0x7dadb94ac08ac0caL,0xbb5161f9df1dc5eaL,0x9f9118e6ec7a8f47L,
-        0x5f7d5a7ee578d6bbL,0xd2cf3964beb0c4c3L,0x0000000000000076L },
-      { 0x312ccd712dd174e0L,0x84bf3b4bf1b3cf22L,0x4215bd31f0927edbL,
-        0x062cfeefc2aafa52L,0xdd22d90155eec990L,0x18e19734057e44e8L,
-        0xdfc288d25f2cd2dfL,0xbfbe2cee43c3cfcdL,0x00000000000001b0L } },
-    /* 57 << 182 */
-    { { 0xede9dba37de1996dL,0x5cd619af1e5e92b0L,0x10a0c857f0d58153L,
-        0x61315a1882d47722L,0x66dd97910865fea2L,0xd2de59878c9ba9c4L,
-        0xa5824d290e0820d6L,0xe5d76f638dfb9646L,0x000000000000007cL },
-      { 0x50c9cf139ea56fc3L,0x6da6381cbdb8339fL,0xb032c6afcd108fc0L,
-        0xfa7e5df3f3b77a78L,0x5341541b5164eb5eL,0x155b51417cceb4c4L,
-        0x4f553c4b4beeb913L,0x6843d58366d8e171L,0x000000000000012cL } },
-    /* 58 << 182 */
-    { { 0x46edae7d7392fef1L,0x13c81fa327e3da29L,0x131235e48fc31b9dL,
-        0xd45727f4b5da6124L,0x01da47fdef43cb27L,0x5bf5a111ba1b6f30L,
-        0xd139d86b94e2ec2aL,0x4509851b27a5489dL,0x0000000000000050L },
-      { 0x8e15e7da4e69630dL,0xb108240ba9cd3f1aL,0x3a17d2e7e78db971L,
-        0x5c5d774bbb9907c6L,0x28a2b3d988c7b081L,0xae4db188a3b1b36dL,
-        0x2f3dad86d87987a6L,0x9a5bf38f3ab24f4eL,0x0000000000000158L } },
-    /* 59 << 182 */
-    { { 0xdcf8bff495b0e157L,0x53222102015e65c5L,0x26806b4211c7c94bL,
-        0x5d3b14efad4a65f6L,0x5b3c27aa8f1803e1L,0x9903b6938f835996L,
-        0x459cd77f13b3933bL,0x895307a086b8393cL,0x000000000000004aL },
-      { 0xc82810de845e5630L,0x8eeb40e14c46edd9L,0xd71578b209ff3691L,
-        0x5d4c8c8d7d9b5b99L,0x27751925ddbab2dcL,0xaa917a7c563fc5f1L,
-        0xdbeea6a290fd3955L,0x758fe38ec8b0effaL,0x00000000000001bcL } },
-    /* 60 << 182 */
-    { { 0x3069b9d66e77aef9L,0xd042ac052eb93fb9L,0x8335fe4212830002L,
-        0x293146e6e1b614fbL,0x652317e76ddb3ae5L,0xecf47236fefba037L,
-        0x24b51adf58eb0b7bL,0x5109f7df4874fb35L,0x00000000000000d6L },
-      { 0xff02ac885f1d5485L,0x8a993daf530607feL,0xc63139c93ba41f73L,
-        0x934a2f9445f411a8L,0x2208220bc95aae6bL,0x96710a9c63292771L,
-        0xc1b102e35b2a77a3L,0xc8177ecba35d5e23L,0x000000000000014cL } },
-    /* 61 << 182 */
-    { { 0x9203060baa7b98a3L,0x07051a435181b164L,0xd3fa67c3eaf21604L,
-        0x088e3498db6572d5L,0x7bab12be9fe1247fL,0x3c0eccaaaa9ff72bL,
-        0x57f2e32204b15e7eL,0x633bc218494c1a0fL,0x000000000000010cL },
-      { 0x773b7a085bd8eadeL,0x8f844710f88f009dL,0x13dac3f48190c4abL,
-        0x48d9eb6ea3f2ae28L,0x81f21ad313664e39L,0xd4110b6316c4b065L,
-        0xa11b1afa2b8e957dL,0x0a5f65cd9bc85cb9L,0x00000000000000a6L } },
-    /* 62 << 182 */
-    { { 0x8739e462a1a8188eL,0xca1226f5110b4497L,0xce536f0a7d506e8cL,
-        0x9f0e49dc8a1e00f5L,0x8abd40830a409966L,0xee494417b4ff83a2L,
-        0x6a2c14d4c8b8e02dL,0x2eba1a0242c27ed3L,0x00000000000000b6L },
-      { 0x4991518dec3148eaL,0xa516810f34200143L,0xd15d96f86b6513deL,
-        0x359a3d9657b574aaL,0xa689c45cdeda4bdbL,0x764cbd196bba4697L,
-        0xd9d7997f82988c9dL,0x24dddb31d7554449L,0x00000000000001daL } },
-    /* 63 << 182 */
-    { { 0x51bc4616753f0ed2L,0x7c3c6eee58b2a1c0L,0xcf37a0748131bc15L,
-        0xf06bd740fa7909e1L,0x2d7984b54b800a3eL,0x57f583984ced2487L,
-        0xdc68de17f0f308caL,0x813c4b8e3a16b769L,0x00000000000000ffL },
-      { 0x26daebaea97c43c2L,0x258edf708fe82e3bL,0x64847056879ab94aL,
-        0xfab3c35232f43e05L,0x01aa155831a2f7f9L,0x0ac01ea817d8b3f2L,
-        0xa7e3667b67cf00d7L,0x83e9a2ef50ccf5eaL,0x000000000000000bL } },
-    /* 64 << 182 */
-    { { 0xdbeeb421cfd387adL,0xd208fe085bb4d523L,0xff2282dbed24edf7L,
-        0x30556ff9c806b492L,0xe7716c3cd5b5bf57L,0x847e3a43153fb3b2L,
-        0xe9a8fb3c391809c5L,0x52b4a72992596244L,0x00000000000001c0L },
-      { 0xe49b344e59d9ae12L,0x5a5e32a1c925b6daL,0xe81d38d1f054a1c6L,
-        0x4ae4fe0cf15fb6d7L,0x6ef46dcd5cf03296L,0xbf46b97612da300dL,
-        0xfb373fe835fa7fddL,0x0f78e5ee62bcaf82L,0x000000000000003bL } },
-    /* 0 << 189 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 189 */
-    { { 0x9f3034247a56433eL,0xbbfa0fd960307947L,0x21c78cd331db3e3dL,
-        0xa837641c0a2a5f1fL,0x28338efb56b8bdf5L,0xc0b66594f0600d27L,
-        0xc07399315cb9a3bcL,0x95eac1715267267aL,0x00000000000001e3L },
-      { 0xe9ee22d1897f04b2L,0xb6002a034cde7dfbL,0xcbb7be483c3b494cL,
-        0xbe6c1a98670f740cL,0x9e9d0b911fc603e2L,0x532af80c351c0915L,
-        0x0bbf9ea379802339L,0x96c16ecadd33d50bL,0x000000000000002bL } },
-    /* 2 << 189 */
-    { { 0xd7ba67b2dca5c86fL,0xa2ad0453e4c65e75L,0x77cf1258e190bc9fL,
-        0xb3f630142c69bc9eL,0xd962eac71689858fL,0xc1b865c669336a7cL,
-        0x3f97565d9b5a5216L,0x93ea967c1a73a39eL,0x0000000000000083L },
-      { 0xa8e4af6b6ea73ebaL,0x3ff8e52dbe248173L,0x28a4e2bd3f3d34acL,
-        0x5d52213e1be61adbL,0x8ebaa43d02968a4bL,0x735958e06fadce98L,
-        0x2f143cd6c15f7644L,0x533bec76a7fbfc74L,0x0000000000000061L } },
-    /* 3 << 189 */
-    { { 0xfbd6e794814311efL,0x1751996b26cc272fL,0xe6a2e157a4d9ffa3L,
-        0x10fc93529a7d88f4L,0x02545d80395d7365L,0x56b7ee84dc6c4d32L,
-        0xc3dea31ea455538aL,0x582e311bb82cd5f3L,0x0000000000000151L },
-      { 0x1eadf021b3bec16dL,0x3406d4109ce73860L,0x6785be85eadb4c7aL,
-        0x68adfdc3e1e59a9eL,0x131ead3cab13f561L,0x0b2c0c4925936137L,
-        0x6c318ebc0f35b6f1L,0x0abe8c27f819e825L,0x000000000000015dL } },
-    /* 4 << 189 */
-    { { 0x44b3f23919fec274L,0x1dc89875e3a66eccL,0xe36ec60985eab4f3L,
-        0x3713bcd6840458e2L,0xccea99d32bb88a8aL,0xebd3d4bafd21e802L,
-        0x03437c286ffc588bL,0x3a21efba413b06bfL,0x00000000000001d8L },
-      { 0xd9afa45c16355e69L,0xe9b28f5b2502acc5L,0xef1999b91711da7dL,
-        0x4657efa14eaa0320L,0x0729dac2badbe83dL,0x45b0acd9b9cfbc6eL,
-        0xa014eab6bb296d4bL,0x29f6bef363b0d362L,0x0000000000000101L } },
-    /* 5 << 189 */
-    { { 0x30016ee322b152c0L,0x70de4bbf114bfedcL,0xcbdbef831e26173aL,
-        0x7614a523370e3b92L,0xd7d0c5f4d3e9e924L,0x221af66abbea4a57L,
-        0x2da2bd107007e4f7L,0x17d2a5bacd5b3b7eL,0x000000000000012cL },
-      { 0x6e8482436639e4ecL,0x9eeab903ee4d0989L,0x0bb3fb64dd0b4efbL,
-        0x07089df4ce8f6909L,0x7ef71f65545a7c71L,0xe91cdecc6884437fL,
-        0xe1d60e1401c4ba6fL,0x398484de2ab50390L,0x000000000000011fL } },
-    /* 6 << 189 */
-    { { 0xebce4a115a224092L,0xfe887cc974e91ac0L,0xed3beff1626717d8L,
-        0xd6915dc097f9e7d2L,0x6c5aeb18a6de7e4eL,0xe18c932268e302a2L,
-        0x4ef08d0ee3a4fce4L,0x7524f6f1a36161aeL,0x000000000000001cL },
-      { 0x096e3563fe82f5f0L,0x54cecafd13216b13L,0x51d809421d3cde0aL,
-        0xdbd61ad0c2608747L,0xaf378b29ddc6c9f1L,0x09a4057360507871L,
-        0x755fb6481251c43eL,0x7eeaf993a14377deL,0x0000000000000035L } },
-    /* 7 << 189 */
-    { { 0x354d6470cff89fc1L,0xd5880e0184c3f4a5L,0xe8cb2497dbd934d9L,
-        0x80244f291dd7a63cL,0x87c983b43117c661L,0x72361de291c17b69L,
-        0x2c94190b2ee78d13L,0x995a4ff57d91fc16L,0x00000000000000f9L },
-      { 0x98b17d2525c080a5L,0x3f2403b05b281b5aL,0x30f4915af7f4c45bL,
-        0x01310b2ab9189ec2L,0x3dd5f6adef36c514L,0x39c3a0e711fd5062L,
-        0xcb2063dc862bd28eL,0xe1a75d8e90a76270L,0x0000000000000037L } },
-    /* 8 << 189 */
-    { { 0xfdf7681d6debbcf6L,0xe21aef25600ea3c3L,0x181fb048bb30b75bL,
-        0xf9d8c43d8d8b7b4fL,0x3d3bc6deca68ec32L,0x6d469252af1641ebL,
-        0x1be3c9ba10252291L,0xb57f2c328fa4c10bL,0x0000000000000155L },
-      { 0x599e10e59ea96c94L,0x4426deb740593ce0L,0x948d92862d48d29fL,
-        0xd3ad8e54c03f5cc5L,0x53fe15e4219cd0d4L,0x03b914210c8fc479L,
-        0xa023c978e5aa96e6L,0xdee00502edb69f81L,0x00000000000000b7L } },
-    /* 9 << 189 */
-    { { 0x2cd49083e79f9778L,0x7f9946f671882e65L,0xfb08405c07d0fe20L,
-        0x5ed7e04781c7bafaL,0x01aa5ca253de8921L,0x71ada196b70cdb9aL,
-        0x2db79a24e4149028L,0x2d2a7f5c94c21733L,0x000000000000016eL },
-      { 0xecf6e42f2cbeb376L,0xe632d553b396294fL,0x5cca8cb36fd4084bL,
-        0x92bbab151b2a587aL,0xb2e240be130d1e99L,0xa0672abac859261dL,
-        0x84cf5fd413d5c102L,0xf470027bb2cdd4ccL,0x00000000000000dbL } },
-    /* 10 << 189 */
-    { { 0x27e1ae748e84955fL,0x09aaf5ae9c4f7a26L,0x4ec5554621e1e993L,
-        0x800515f0370d3efeL,0xc32a04e6c4c06f83L,0x5483476dd5fab42cL,
-        0x07278cf44de2d405L,0xad26e4ed4e6413ddL,0x00000000000001e4L },
-      { 0xbb9628ee17f12587L,0xaa5ff06f578f0bcaL,0x5c7a8d11d465f293L,
-        0xbf2955e83f6e5394L,0x262cc5a3affc8451L,0xc35a8e8a722ffad7L,
-        0xb93e5c2aa09cc5e1L,0x4cea80e846301158L,0x0000000000000185L } },
-    /* 11 << 189 */
-    { { 0xc18386a836ae1465L,0x7f620b6851f49485L,0x35ff5db59ac12858L,
-        0xa24cb377e1b66ef8L,0xc5a5f120824944e6L,0x6ba1777e2c75d5a9L,
-        0x9b02b8a4205b5e9dL,0x06a6688c47c4473aL,0x0000000000000039L },
-      { 0x17801becd6b7a9eeL,0xf99177ee7266ee48L,0xce538f55eb961569L,
-        0xeaf8059b06dbe1e2L,0xf136975608a59309L,0xd86d2a94532ac00cL,
-        0x64467ba65380bcbaL,0x0301f9be27d7e1ebL,0x0000000000000164L } },
-    /* 12 << 189 */
-    { { 0x29d39a4a7807bc2cL,0x835ca5afc2a6dc42L,0x26bb5781ac817836L,
-        0x3def5563525f97d2L,0xc6cf91e9237a68b5L,0xe1e954d9f9f587a7L,
-        0x7854a450126484d2L,0x0690c82dd3ae3825L,0x000000000000010fL },
-      { 0x3d46b028271428d1L,0x278c1fafd766ea34L,0x9c59b166355eec06L,
-        0xd6570ec7a36f1efeL,0xb64c51d48e8de46eL,0xdc4c58e2b39a5f35L,
-        0x1c46808b966c687fL,0x0d045d3e28f0fa4bL,0x00000000000001f4L } },
-    /* 13 << 189 */
-    { { 0xe1f8f593e4035d20L,0xf3115ca872b27c29L,0x6f021dbcce8a79a5L,
-        0xc9b99de992e812c4L,0xeef9605ed479ced8L,0x17bf75d1ed230e0aL,
-        0x1c37a667604f45a0L,0xba2e8685455b00cfL,0x0000000000000159L },
-      { 0x8d9901318b4e88e5L,0xfb0085e29fa679e9L,0xd4b5a294d35bc826L,
-        0x65e3da16624f4c16L,0x28dfc963738be5c3L,0x093e9cb0de3d8c84L,
-        0x83ea7628f32f052dL,0xe095054317da9fb1L,0x00000000000001d0L } },
-    /* 14 << 189 */
-    { { 0x55b440bb989b4a3eL,0x4a558cdb7ca65342L,0x0243665f6848d1afL,
-        0x46e00dd3eb611d13L,0x7cdbc1eb485f070dL,0x0b6b2a4e37d9317cL,
-        0xb86c7c90d9212b88L,0x0a5a39d8f0436535L,0x0000000000000185L },
-      { 0x0d127ab6cc7ad679L,0x87e9e7400651b018L,0x4c87124af0507f1fL,
-        0xc89734aeae2e207aL,0xba7939ac576d7e51L,0xb95bd1af45eba10fL,
-        0xc1674d96f2530deaL,0x227312b48e61b9f4L,0x0000000000000066L } },
-    /* 15 << 189 */
-    { { 0x1b31108442459f4dL,0x7cae90dc5e878116L,0x127607a98c0a313eL,
-        0xd2c39871a55fd972L,0xdc51776a077e2127L,0x34b0a44a2fdcf34fL,
-        0xa79ff2c28333072cL,0x384befa6bf1e4db8L,0x000000000000014eL },
-      { 0x1163018471e4da59L,0xe8eb4bd16da9fa16L,0x169061c82cf15f97L,
-        0xef24bf4b32753221L,0x79cf9b4e978c0e94L,0x4ee31d9fb2e8c08eL,
-        0xa9999a9b491f866aL,0xb40eaa6d61d44be8L,0x000000000000018aL } },
-    /* 16 << 189 */
-    { { 0x28904911200ad609L,0x6fb2b6633505c98bL,0x1bf6e6b517ad4abaL,
-        0x6d0e654fdbd8e9b0L,0x8db772c1f588fbb6L,0x5c2b736fa292489eL,
-        0xeac6e04ab902a7c9L,0x249c84e7b2dbafadL,0x000000000000010bL },
-      { 0x2cbc039029de2306L,0xac01d1a5bfc36a57L,0x89f1a059bacd8b95L,
-        0x2e1e095a3e92c99aL,0xf172bad607b4e976L,0xdce0b2e435885013L,
-        0x9a0c55567fa11b87L,0x1df0dfd67eab7ad3L,0x000000000000008cL } },
-    /* 17 << 189 */
-    { { 0x55c1cb327ee5e091L,0x9b3b38b6a4f1553eL,0xa93f2ab9ca3703b5L,
-        0xe153206da14864aaL,0x53cbdcbff2500ecbL,0xd70649347984ffaeL,
-        0xf0193f44c239a4cfL,0x6bfc462f1567d5deL,0x00000000000000a5L },
-      { 0xcd6b480b381c54e5L,0x17190f5f936eeb1aL,0x55514c1aab4dd2d5L,
-        0xff15013f4d378b6eL,0x086bca23e25466d6L,0x84b630fef5c92761L,
-        0x6909e2adf9aaf597L,0xea3054a8e1b21ec2L,0x000000000000003dL } },
-    /* 18 << 189 */
-    { { 0x5225f56496479004L,0xfe7f6ae01d60f576L,0x1215e4a2885f56a8L,
-        0xe70f09235d1e6df0L,0x7cbf30fb66614db3L,0x346de189209d9a42L,
-        0xff0cec30249c0bacL,0x76488efe69c479beL,0x00000000000001a1L },
-      { 0x4ad5db4a81213654L,0x748c9e51a3b0203eL,0xd9c64583acb72ac8L,
-        0x3926c7c4856aab8aL,0x62eae82ca80385efL,0x74d7d9713c061721L,
-        0xe647d75b3a7ddbb3L,0xab2b33724d872279L,0x00000000000001a0L } },
-    /* 19 << 189 */
-    { { 0x563ada4da040a5ffL,0xea621ac31fff0784L,0x28e6ff0875ce88f5L,
-        0x09769ec371f3aeceL,0x0ff40dcb3d45fb95L,0xd7b33147eb09a022L,
-        0xf62ccb4a81d97a19L,0xe45cc4d83f51b39aL,0x0000000000000137L },
-      { 0x79aa7c43e9a9779dL,0x36b108fb70f8c585L,0xe1736644af50cf32L,
-        0x820b16320c429c35L,0x442c9d21b01595cbL,0x28c0c7683c79c26cL,
-        0xde4901b3e59608caL,0x0a19facf0b39089cL,0x00000000000001e0L } },
-    /* 20 << 189 */
-    { { 0x1b5336d7e43ff8d0L,0xc6586c542375cf3cL,0x751a95b05d372296L,
-        0x95517fa7db98d315L,0xb7671c0f015782f7L,0x467c1fe893c3fe96L,
-        0x2a6c0f17f284f967L,0x76bff3a612aa02beL,0x00000000000000d9L },
-      { 0x3242434e39647784L,0x4cfb956b92a3ffe2L,0xebebb9bd37da53caL,
-        0xb0c81cc581b8ee8bL,0xe3f6dd68212e7cb8L,0x7bc578594c1c5556L,
-        0xc053d123d233497aL,0x599caf98bd4c5762L,0x000000000000017aL } },
-    /* 21 << 189 */
-    { { 0x461e855e310573dfL,0x54014992600cd5d8L,0xf59622b38d9f5217L,
-        0x8a12593ce712e5d9L,0xc3ec3c3adfefd672L,0x424c770e4264f3aeL,
-        0x08be0d0020979dd4L,0x5d78b2e57c42109aL,0x0000000000000147L },
-      { 0xe0136d93f5bad4bfL,0xd06d7d2e2957b516L,0x43aec5cba5b37693L,
-        0xfb83976ee625c1bdL,0xf244bc273bbd2729L,0x82b9d28ff5aca07bL,
-        0x0accd6d898b95aeaL,0xad438298370aaec2L,0x00000000000001f8L } },
-    /* 22 << 189 */
-    { { 0xc7c33c5eecca4b24L,0xf9044a18db7e92a0L,0x33676183cba7445aL,
-        0xa9ae5991d5766cb2L,0x77c6ccfb59467537L,0x7f0b64d45a680fc8L,
-        0x942a29960cb827b1L,0xec6fda25fe4e54e9L,0x000000000000003fL },
-      { 0x89d45bbf50285e48L,0xc367bbc6bbb6d77fL,0xcea1ade71e45ff58L,
-        0xcf02f6dc094f0616L,0x87e28486305c7815L,0xb1509ee1bb11a8bfL,
-        0x17d6e7d1b32df112L,0xc8c5a7f784aced31L,0x0000000000000038L } },
-    /* 23 << 189 */
-    { { 0x1dc8bdbe227db0f6L,0x1e425be636244ac1L,0xc6c7f5b0164da7f4L,
-        0xe2aed98497ff7952L,0x92e74200872554e1L,0x15004c56b9be5350L,
-        0x402804113966ca44L,0x5ac0cfaa80173c93L,0x0000000000000149L },
-      { 0xbbe3e8071236a9b6L,0xf1699483b8a492bbL,0x7a217dfae96083dcL,
-        0xfcae468c2ee8724bL,0x2a1ced809815ca66L,0xc8a7078d0644ff4eL,
-        0xbda30ba562fb3e52L,0x7a487bb502077ec4L,0x000000000000017dL } },
-    /* 24 << 189 */
-    { { 0x3555f75c6a7e545fL,0x1ea37a8e7a15bd6cL,0x188207a366f5c712L,
-        0x0fc45bd94926901eL,0xc55d2d8cd34b1e01L,0xfc75e1afd84f7268L,
-        0xded24e68bec74ee3L,0x0f611682b82806baL,0x00000000000000e2L },
-      { 0x5454065af1943440L,0x88291bffd01b257eL,0x6eaca283c6ae2502L,
-        0x88f29ce08a74cbe8L,0x6ddb3ae9adce5e80L,0x93df4593bd911187L,
-        0x16bdc203a6b62e07L,0x3a0ad818e8eaac95L,0x000000000000011fL } },
-    /* 25 << 189 */
-    { { 0x28e370db59a880c7L,0xa84aac2c2a3c718eL,0x4f9fc4fab725af9dL,
-        0x52ae3e8947f0e1abL,0x4684a83853068039L,0xa3f5b78f6eb5b99bL,
-        0x631dcbf590a53bb1L,0x65924aa0fbbc4453L,0x00000000000001a8L },
-      { 0xe12adaad50519774L,0xc9899fa49227bb12L,0x496631535bfe092bL,
-        0x7ddad74485659edfL,0xd527efb9d5a37c69L,0x52d5d81842abf762L,
-        0x8a41c43b2d11ba2eL,0x97bf9f89a7abf282L,0x00000000000000c4L } },
-    /* 26 << 189 */
-    { { 0x3f21fb13ef8235fdL,0x488567261d6a5b98L,0x6ba7b7667852a2adL,
-        0xcb927631373de0deL,0xcae220066eb7e6a0L,0xe58ea13dfac8816bL,
-        0x4dc4f35b4b2cf759L,0x7a8c6844737f6e13L,0x000000000000016eL },
-      { 0x0ae2eab434c605b7L,0xd78433a0fcd4c618L,0xa7596dae82b46a25L,
-        0x35dcb1ff9d1608b8L,0x6380a771432f758cL,0x73bf36ed012ea66aL,
-        0x923c12bcdf4a3ba1L,0x4cfb1a1b12249dbfL,0x000000000000002fL } },
-    /* 27 << 189 */
-    { { 0x21c6dda909afafd5L,0xc3ffe02f54ec3531L,0x81c46e852f5b6b5dL,
-        0xfbca5691640e9b41L,0xf3a8c5f270a6f613L,0x47f8636a333304d4L,
-        0x9619088688f84bdcL,0xa74c957089b07f7aL,0x0000000000000003L },
-      { 0x8ac2444429053fe3L,0x5f016a56f3422459L,0x3957735f6aba2e10L,
-        0x1bf31ff8ed5bdd25L,0xc4c8ee2ef7e5572dL,0x6c36f06fae94f876L,
-        0x5abeb8b11cf49d8cL,0x9226e08369e4554aL,0x000000000000015bL } },
-    /* 28 << 189 */
-    { { 0x6b89e2e509ace912L,0x5f4e515d7b067334L,0x6aa5259aec702301L,
-        0x9cf73f7f688485cfL,0x48a5f3410659825eL,0xde9eefd6a1d3be96L,
-        0x34a432aafaa769f6L,0xd1f8f08434abde10L,0x0000000000000025L },
-      { 0xd9b076e3bbac8db4L,0x85858504f72ee1b8L,0x451a18815ebc2846L,
-        0xc8cb018a0ff63a36L,0x5256a51f13eebe02L,0x85058bc0160ac671L,
-        0xd110ea4ed0d4a62aL,0xcaad594b2b033a9eL,0x0000000000000023L } },
-    /* 29 << 189 */
-    { { 0x1d34963913c1a7a6L,0xd980f79ea896afb9L,0x701959597495f839L,
-        0xf0615616e8aa79c8L,0x80061bd87a3147beL,0xe5d69e15f6973e6fL,
-        0x2522bad76030ef18L,0x8acfbac4495c762cL,0x00000000000001acL },
-      { 0x5cd25ef7321a2280L,0x95b9b0d0a0458db8L,0xccf4f8ce8ac8b7deL,
-        0x904356985aa93f11L,0xe50024d1e7df2595L,0x09d83948ac09ff49L,
-        0xfbaaf1d19abb573cL,0x28e4b4cd92bbe12aL,0x00000000000000daL } },
-    /* 30 << 189 */
-    { { 0xe5ca83fa634ddcb6L,0x5460a43245f882c8L,0x01a701ff4d1b379fL,
-        0x743801734316aac9L,0x5e1a0761c8e815d0L,0x4f129ade260d2619L,
-        0x3dab946d6a892a9dL,0x6ec73a540d8efc75L,0x0000000000000048L },
-      { 0x7d8189195a78b6c6L,0x110936717cd52f20L,0x42d3bed515e9988fL,
-        0x1c55dcea772def70L,0xcbdacd7c334ec5e9L,0x0686fd8a7201506eL,
-        0x6148b0ee02462ea5L,0x55acec514eec4f0dL,0x00000000000000a2L } },
-    /* 31 << 189 */
-    { { 0x009751a569eb5133L,0xda66bc95a61f94abL,0x839c283d21b8e5ecL,
-        0x77b3814771f6e8b4L,0xf08e62f140cbe8fbL,0xf1e7ec5e33993050L,
-        0x3e540919a5c6f5d6L,0x143d5a48b948ae50L,0x00000000000001abL },
-      { 0x227237fe6d7c37b6L,0x12b782ba91c864faL,0xe770b68f8bb0141aL,
-        0xc3059e3f470cb922L,0xc55ecc13e3494d25L,0x7c7ad20198ead855L,
-        0xed29220cdbf56bcdL,0x55607debe48d3158L,0x00000000000001bbL } },
-    /* 32 << 189 */
-    { { 0x1206ea28cd7bbb6aL,0xeff556d0c63062faL,0x8ad321fadeb86a3aL,
-        0x9ea9fbdaf78fcdc3L,0x3ef406cb0e8c80a8L,0xc168b5970f593d36L,
-        0xd6456267c352a3a0L,0x303bd08332c5a9a8L,0x0000000000000102L },
-      { 0xbf911f73e680d0f9L,0xb12fcca8bc1a1b47L,0xb8264577ef8024f6L,
-        0x9d17b8b7f66ae119L,0xb135dfc275b33227L,0x4cbf0d6d96e667c2L,
-        0xfff742beba373b24L,0x218e787e776cbd3bL,0x00000000000000ccL } },
-    /* 33 << 189 */
-    { { 0x6ea795ecf0b3e8e9L,0xa8d0f3ef415b14e0L,0x388d0b9eb2b8bdd7L,
-        0xbac3606b47077e99L,0xf27e9a49fd56307bL,0x879d0ad938cc9279L,
-        0x2b33ad7acd8f229cL,0x948444d5577207fdL,0x0000000000000164L },
-      { 0x028ff3d3b9b6280bL,0xec12413d8aba1800L,0x8fa64506ac21d32cL,
-        0xfb3b64089ad6c573L,0x4e558b8146d75117L,0xdd4a2eea3159469fL,
-        0x7c9060ddb61dbf21L,0xadb892fb4fe85705L,0x00000000000000e6L } },
-    /* 34 << 189 */
-    { { 0x610cb28654137f6cL,0x1aede3330753a5c9L,0xc67e4426f48014beL,
-        0x85b1131f733f87ebL,0x4b5b882d2cea996fL,0x29c274a0859aabbeL,
-        0x822e16883647b4a9L,0x484e63777cae42c5L,0x00000000000000b1L },
-      { 0x358f911aacf0fda3L,0x0693edbb8fe82648L,0xfbec08a1c04f3fd0L,
-        0x45316917607c7c60L,0xc8ea888ada6dfc1cL,0x2121c681c65bf16dL,
-        0x00ed364fa1da19afL,0xa28b1de4514495d3L,0x0000000000000184L } },
-    /* 35 << 189 */
-    { { 0x2999ad23a2dc7f0dL,0x77d0c3861314df56L,0x01f67ce42a664882L,
-        0xfe134b6c5787a492L,0x2bcd1d1996126d18L,0xf190abf67aa5602bL,
-        0xcc21b699f42256adL,0xc629989d7e2510b3L,0x0000000000000001L },
-      { 0x7aabff2fa2c86a01L,0x8f5272cc0bbe44c5L,0x86c041b44308cfe8L,
-        0xb14043018862f6b2L,0xbe9d148d51fa122eL,0x651dfd87b3519fd0L,
-        0xa0610f30d9e81817L,0xb6976414ed2a30c7L,0x0000000000000110L } },
-    /* 36 << 189 */
-    { { 0x386cb3067bdfc975L,0xb8ab848e10483147L,0x7fbbc54074dde708L,
-        0xd58eb2b596761accL,0xa885a6e8b8a0f062L,0x2630f19117e92bb0L,
-        0x7169a8ed1258ed15L,0x471e6bcb40976b29L,0x000000000000007dL },
-      { 0xa6d493e2795c47a6L,0xe118ad5806746dd9L,0x47ea093ba29cee54L,
-        0x2a61aa20f7d8e228L,0xd78ec0e1fa70eda7L,0xf9511b38e1f2734cL,
-        0x491fb14ec91629c2L,0xa3379d598e002052L,0x0000000000000170L } },
-    /* 37 << 189 */
-    { { 0xc505a9bdbc1a0a26L,0xb85a1e9478d9ed45L,0xdea7d140b7a562f3L,
-        0x9930f6d4e2ae8f4fL,0x1159929213476304L,0x13e811ae421ff4f6L,
-        0xd9e2eee649cc4771L,0x73c04b328b036469L,0x0000000000000180L },
-      { 0x4664a7a522123d30L,0x053c5233f9cbf61eL,0x0c6d121442902bb0L,
-        0x61a509855f6d2484L,0xb427545c1f3fb40dL,0x55e444a4dbf4c320L,
-        0xa8311978c13da776L,0x4623001ddb288ee1L,0x000000000000001eL } },
-    /* 38 << 189 */
-    { { 0x1cb6ff10734c362eL,0x3ec3afdc195a00b1L,0xa1ea59124f0957c3L,
-        0xd9fc3ff63a5f5203L,0x9949e8d68e8a558fL,0x252995ac0e4cf7d1L,
-        0x517b1dfacc935cd7L,0x7d8bdba8f0db0cf8L,0x000000000000005aL },
-      { 0xe8ce78b579f92ab1L,0xd9fde900ede42817L,0x5a6add0bb9b4bf72L,
-        0x845e8b94a03706c2L,0x3bb16f047eaf2758L,0x29d823930580ca79L,
-        0x5930385b7bf0462fL,0xd69171b381b47f3fL,0x000000000000007aL } },
-    /* 39 << 189 */
-    { { 0xb054987a59b57345L,0x690f4ea00df9adbcL,0x709a2218b262038dL,
-        0xb5df8e93e44eaaedL,0x3e1580e4b2db7099L,0x1ebefedb2b3342e3L,
-        0x6e0ef1246521bd90L,0x767b444de97f9531L,0x0000000000000112L },
-      { 0x4fa11e48d4e8e902L,0x804eb6b4375336b0L,0x0d79d368f96e7400L,
-        0x66fa057582576c82L,0x514fbfc45ec62c7fL,0x72eff87ed38bd85aL,
-        0xfe9185f4d8d6cc9cL,0x47a733213fd2ed50L,0x0000000000000171L } },
-    /* 40 << 189 */
-    { { 0x1f8215f9efb91de7L,0xf3add5d08a2f74d9L,0x56433008a520d556L,
-        0xb6df83c58628ac75L,0xf3c38ea27390eea0L,0xb1aadf0f6078a673L,
-        0xa9e0832827b6b8fbL,0x22e64291f3b7ce53L,0x000000000000017fL },
-      { 0xb3e7ae4c6e69500aL,0x740b9752c441e02cL,0x3d04d6dcf503d4a0L,
-        0x22490a59862f3496L,0x0f4a62aab2472177L,0x668475b979720c85L,
-        0xf6ebeb0bed9b4fd9L,0x8a5a6926914e8bf4L,0x00000000000000f2L } },
-    /* 41 << 189 */
-    { { 0x88714284d7f15d9bL,0x23bb89a963dae31bL,0x1dd869f770aad758L,
-        0xade2a58dbc0c8b8fL,0x4e34cb29ecee1b5aL,0xffc36695a418cf27L,
-        0xe6b995d08e90eb26L,0xdb6704209e7edb4cL,0x0000000000000030L },
-      { 0x11a61ac697a71becL,0x01a7863ce7f9c778L,0xb33e274f0dc175d2L,
-        0x5bc952b86bd31118L,0x3d3c7b5ecb4a461aL,0xb247e08560a81989L,
-        0x98cead253cabd814L,0xcbda7ffe5f3774b0L,0x0000000000000015L } },
-    /* 42 << 189 */
-    { { 0xfb865e6491e6c598L,0x88b4cbc94f5c3464L,0xc14f04519bba56dcL,
-        0x283e370e9828f0baL,0x178381311807abb9L,0xbd9227dc91eb4794L,
-        0x998862db036ae356L,0x64214f5650a6534dL,0x00000000000001d6L },
-      { 0x5c07fc067be97a7dL,0xb83d3ca51f918746L,0x1fc4ac0bf600c884L,
-        0x00c1c0643ff9138cL,0x37107da9fe8ae63fL,0xce43f9671a021382L,
-        0x533716b2dcafef65L,0xa50b01d91c1ba0a3L,0x0000000000000140L } },
-    /* 43 << 189 */
-    { { 0xc8c61097bfe6c874L,0xe4a957c48c7b1695L,0x8975c3d5cd617093L,
-        0xb55cf8b8a2aeb3c3L,0x210a5fa0412b23dcL,0x3b306039222fd5e8L,
-        0x58ebec8802e8b2b8L,0x85a935b9175925d9L,0x0000000000000088L },
-      { 0x20262a2acd9e1515L,0x23dd0510bad24e8bL,0x3f904417b39e83bfL,
-        0x4767a90419e5a1e2L,0x4cd0316ec8b10371L,0x33f91aa8c3985efdL,
-        0x2d2eabb1bcaf62e3L,0x61c39f69a9070a71L,0x0000000000000197L } },
-    /* 44 << 189 */
-    { { 0x2f548b4254bd23edL,0x9bdccde5e22e32ecL,0x01b0646f4d769b35L,
-        0x749212ca1ddb13a7L,0x01aeb2c2793156d2L,0x1dc2dd05afed290bL,
-        0x2dc90777f5976b90L,0x69b807201c24d363L,0x000000000000000aL },
-      { 0x927ebc909024b3d2L,0x04befa23e7fba843L,0x179ed851cc504025L,
-        0xd66e92d06f1e878fL,0x27604533a48eacd1L,0x25f304c0be099838L,
-        0x12f01ab1ff150469L,0xfc009f4cb502c2c3L,0x0000000000000067L } },
-    /* 45 << 189 */
-    { { 0xd18e7cdd15b76157L,0xb8b81063545ee371L,0x18860c3a5685e78aL,
-        0xd2d62d66fa06d7f1L,0x7d518c8ebe31f479L,0x49634d5aca4d86edL,
-        0x73510393286743faL,0xac5cb2646b005aeaL,0x000000000000006dL },
-      { 0x3ef1fb8c995ac4f7L,0xb1b476da5041fdc8L,0x013bba673ae16bdeL,
-        0x8edf24bd989ab5d7L,0x27cbab12f77269c8L,0xd0df40b13ea9fa4aL,
-        0xa0ef8425ec2bb20dL,0xe69c5d12bbb95ee4L,0x00000000000001edL } },
-    /* 46 << 189 */
-    { { 0x38d4b079f0269288L,0x024ba79538c84188L,0x8dce75a4f8f34375L,
-        0x12ed9b998811a78eL,0xc43f9833966242c8L,0x1ebf2a2893a4de55L,
-        0xb77ba54b5df20ecbL,0x0b59c76549fb4c99L,0x0000000000000001L },
-      { 0x23d73eaa305df024L,0x17641a8bd4804cb0L,0x3d7e68433251d480L,
-        0x3a7ca4126fb3aef7L,0x511263cf18747d97L,0x670de6bd5cd3b9c4L,
-        0x6cdd5a8ae71b247aL,0xd984e646528e3fbbL,0x0000000000000108L } },
-    /* 47 << 189 */
-    { { 0xe027d07b2f4be08cL,0xbcc10ac427c3e5ddL,0xf64b8a22e63fdda2L,
-        0xf9df0d4046b68556L,0xc08d7d8e7e2240fcL,0xd854c44766a163bcL,
-        0x5c52966b491bba4dL,0xb84134db9f066e7aL,0x0000000000000044L },
-      { 0xb09bdb9264c613b1L,0x2ca2ccbdac59d414L,0xa97aa22e6436bcf3L,
-        0xf22bc357227e1feaL,0xd8a7b25c7f842c67L,0xfb4cb6c88939f9f0L,
-        0x28b488967f1d398bL,0x8de5e61a807c6f89L,0x000000000000000eL } },
-    /* 48 << 189 */
-    { { 0x4231da59e97ea880L,0x5d4c048745262614L,0x3718643736aeeaeeL,
-        0x17229d1dbbaa66cbL,0x342daf59a5d41097L,0x5fc2cc015080f051L,
-        0x657c05a20e6527beL,0x3e61c315949e36ecL,0x0000000000000008L },
-      { 0x961bdc35d8a5319fL,0x5b8f4db874708cd1L,0x901d28564726604cL,
-        0xe35ad211ccc10400L,0x5a9b120594004a0fL,0xdbf493bf5c8eaabdL,
-        0x6ccc828bbaff6fd2L,0x83003f1077e9a126L,0x00000000000000b9L } },
-    /* 49 << 189 */
-    { { 0xd0396d365c605661L,0x736a0fba8c8a36ddL,0x120af17a26d18bcfL,
-        0x2846334514e206a3L,0xd3690bd20f5657e7L,0x5f7879531bb3ddbbL,
-        0xee94af0449d00002L,0x29f266ce19c87885L,0x000000000000005aL },
-      { 0xe4c501899ceb0396L,0x065237a9181dd431L,0xf6b4de78102156d1L,
-        0xfadd137e9466701bL,0x556194d58bad4752L,0x4d7cd2ed0b23e83eL,
-        0x770c7e894b1329fcL,0x4af47a31fb173fdcL,0x0000000000000035L } },
-    /* 50 << 189 */
-    { { 0x111c4e8e15567b4dL,0xba2af2f3d1278cb8L,0x95e0ef97c8a0c184L,
-        0x47e7053b2a46e1f4L,0x1e288ab774cb99fcL,0x2a5285bb17060961L,
-        0x50bf49cf6921f98aL,0x4ce741821d7e1372L,0x00000000000001d1L },
-      { 0xcf181e712a064bf7L,0xc534c01e49b3e010L,0x277fe91f939ef9aeL,
-        0x0724737c2a40040eL,0x2a320ce8ffe77170L,0x391b6f9f8eff74edL,
-        0x83b4195abe5b9daeL,0x937f0bcf4114237dL,0x0000000000000021L } },
-    /* 51 << 189 */
-    { { 0x41d6ef761ab2d533L,0x298cc67e04d17f47L,0x062870d3c680b409L,
-        0xa74cd183e9685d65L,0xe2db43ef1eb8e1cdL,0xb0125ff3856c97e5L,
-        0xe7d81e0b672a3ae4L,0xaf12df591600af74L,0x00000000000000d7L },
-      { 0xc6a9d40b7bdc041aL,0x8e91290a49e7d705L,0x52beef55ae198296L,
-        0x5c4b1922f23fb61aL,0x79a2a393957a052bL,0x1452ec147c8cc360L,
-        0xf168e6f217c63a38L,0xbe17a226707be9dfL,0x000000000000012fL } },
-    /* 52 << 189 */
-    { { 0x717f198fb091e5e2L,0x13a018ba5a3c1a39L,0x2f8745d8131531cbL,
-        0xfc9c44e53e11e93dL,0x7240364643a6f330L,0xebbbe261babaef99L,
-        0xc4f1941da2e2749dL,0x6bb03f4bdec5c4fcL,0x00000000000000ceL },
-      { 0x321b501994a5c6e6L,0xc6b51804a3f6b8ffL,0x269f2a832561b248L,
-        0x3b97ea7807238ba9L,0x2fe33d8bf290911cL,0x5d148537c8cb8e95L,
-        0xd1a1305196d62b4bL,0x44121143649ad208L,0x0000000000000049L } },
-    /* 53 << 189 */
-    { { 0x18c67cee142f459eL,0x374f0e63c240a5c7L,0xccb426eed0b3c8ceL,
-        0xc83a69c7018a50d7L,0x9a2e51154c61e39aL,0xec5edbee6dc14408L,
-        0x45725abe624cdb91L,0x4c0a11373d6d72aaL,0x0000000000000154L },
-      { 0x7accd15cc3b86af3L,0x78de4ff07ef41f2cL,0x3601519c309d2841L,
-        0xa8712f8c378ff8f6L,0xb6e9045a0b8f9a4eL,0x2ef0a92ac1501d2eL,
-        0xfff126325c745eefL,0xb0712d67b91b1b4aL,0x0000000000000165L } },
-    /* 54 << 189 */
-    { { 0x7714e43a0f7b0604L,0x225769c178d565bcL,0xedbd4a162759fc30L,
-        0x5094390eb8daef23L,0xcac7cdb538737603L,0x6ec71d48993c34c2L,
-        0x9eb0c65edf4ffd86L,0x9a9076f819830bd7L,0x0000000000000159L },
-      { 0x43d60e2fafe174ecL,0xbc38a3da61f4d263L,0xcca7c7f7dd11ad45L,
-        0x8aaf2e3342e975cdL,0x9d8b2919134c2420L,0x5f8c989ebd92fa2bL,
-        0xb4ee181c72b418feL,0xaa7368d199f80763L,0x00000000000001a8L } },
-    /* 55 << 189 */
-    { { 0x7baebdad95697470L,0xf6fe566efb547be8L,0xb087ed3f2a8fb882L,
-        0x1c4d32db206e9a27L,0x3b047777f384b8edL,0xf2a55b91a1dd6624L,
-        0x949d913812f34dafL,0xdb09a6fe227067acL,0x00000000000000d4L },
-      { 0xfeb27fb80160f0f1L,0xbc082e7c89550518L,0xea404d2ff506e716L,
-        0xac5ac13f410aaeffL,0xa6463d178eafe900L,0x41febe7847b7f1b8L,
-        0x7f6304ec189426d4L,0xf481347ff7b60b29L,0x0000000000000178L } },
-    /* 56 << 189 */
-    { { 0x3d91ea604c2a4cefL,0x8de8f69c3de838adL,0x9a725723538c37d7L,
-        0x3923fa077948b4ecL,0xd1a25d23d23e67f0L,0xa2d7b9d7396fbc50L,
-        0x8f8504e41d36f98cL,0xaa9e585159191798L,0x0000000000000147L },
-      { 0x8edbf0c2e3db7296L,0x677a299681fc8f30L,0x05e27b8db727e6aaL,
-        0x4f5a9a6903113b4eL,0x9d4724e83ed42117L,0x06c0b8a572fcb859L,
-        0xecdcf4d8ad040b87L,0xe6bb9a0e8cda9eb0L,0x00000000000001d4L } },
-    /* 57 << 189 */
-    { { 0xcf9d92912f2e8e0eL,0xa061e2d775701d6aL,0xf4a75abcb896c99dL,
-        0x7b502799c595a675L,0xd703789763e618e2L,0xf076e4da3fbfb9e6L,
-        0x3b7196719736bb0bL,0x0e2f898f4f343030L,0x0000000000000056L },
-      { 0xa67c36c34ce58368L,0x42fc1d6643ec3b5dL,0x2bc8c76731b19f69L,
-        0x66bb8a65b40529acL,0x2ddbd08a1bd5d8bbL,0x3358549130479ed3L,
-        0x4fe81de647ea8842L,0x9d43206628fb9086L,0x000000000000000cL } },
-    /* 58 << 189 */
-    { { 0x0ab82b7cfd9f395bL,0x6a40f5c4b4edd9d2L,0xdff6705215b2434cL,
-        0x52a16a6a7627d662L,0x42d0a2e3360868d1L,0x7bd61bc13135ddb7L,
-        0x756baf27fd0b2628L,0xc66119f396b6d910L,0x0000000000000054L },
-      { 0x1b35db2327a27e71L,0x3de3025d74802d8aL,0x1d1924ad6911cfedL,
-        0x56b50c4fc3626e7fL,0x5ae02f9e48297981L,0x92c82e544102fd01L,
-        0x0824a2f45de66a6fL,0x0e3e069689d53be8L,0x00000000000000eaL } },
-    /* 59 << 189 */
-    { { 0x31330a7b71c94713L,0x4311eeb630cbcf92L,0x6cbdc637c826f128L,
-        0x07911288df0bb278L,0x13c1197a55ca042aL,0x7058c95b521d6793L,
-        0xb4f7251008580366L,0xae2725c7fa6780eaL,0x00000000000001cdL },
-      { 0x132cefa9e24b6b80L,0xb87b576fa20cfc85L,0x596c4323e05b359dL,
-        0x2ad43ee0a8c677f6L,0xb4bdfd4283cb25e5L,0x0cb93226376be03eL,
-        0x5617ae0aeb0a9712L,0xf2a2e92048e8e273L,0x0000000000000040L } },
-    /* 60 << 189 */
-    { { 0x20be8f1deec0daffL,0x06e4f56b826d13aeL,0xa4c7e5313d4e15daL,
-        0x27dce66c40aa5d0bL,0x88778febdc9227b4L,0x64304c472cecbc95L,
-        0xd9d8f0d3d393cef4L,0x3383e2dc872b3f66L,0x00000000000001dfL },
-      { 0xe805eb457cf69310L,0x961caa7041f9dbf8L,0x3053e3c57e2d4b33L,
-        0x4b877980a63a655eL,0xc41dc07cf1836df4L,0x6d1c3b9b2634f265L,
-        0x368c4bd1062e70e4L,0x35c6e6c42b00fe78L,0x0000000000000106L } },
-    /* 61 << 189 */
-    { { 0x664ea3fa8433f73eL,0x20696c8e1e96d416L,0x8ac356ece1e2cdbfL,
-        0x104c4bd5e64270ecL,0x8f25722b0c79a50eL,0x43523e2977d6a915L,
-        0x04bc5be29f26d4d4L,0xfb4a05a84542270dL,0x00000000000000fcL },
-      { 0x908b94c28618efebL,0x99dceba2b5266591L,0xf3834ace94cf34b4L,
-        0x69e6d2cf5a56d236L,0xf4030a4f05de63ddL,0x05ffad5422571079L,
-        0xd5fff5da4cdc3814L,0xf0c143e2079d4e91L,0x00000000000000a5L } },
-    /* 62 << 189 */
-    { { 0x57f9bed894e9705aL,0xb2152f6c13e76e24L,0x35c88fe5d3293955L,
-        0x2f9eae4d5ff3839fL,0x9c81a6c705d09a9cL,0xfa25a810240d9691L,
-        0xb72c661177297890L,0x6181b2bd10c73788L,0x0000000000000101L },
-      { 0x4339f177dad59376L,0x03decffdc272fd1eL,0x0e311e8c5e1915cbL,
-        0x89e003b809e2d503L,0x4356b8d46f2fb5edL,0x459d3fe5f482888bL,
-        0x8851c7086fafe565L,0xf29b97c5da78e2b5L,0x00000000000000e3L } },
-    /* 63 << 189 */
-    { { 0xdee86d864b8e33f0L,0x2db9e320e3d4a055L,0xefdc83bc93eda388L,
-        0x8960e57a47eda00bL,0xb96aaddffff77657L,0x44b1deef8dc0dd1bL,
-        0x5a154403cb477801L,0xb14a66c5a8f3ae22L,0x0000000000000103L },
-      { 0x3acee5a7c5a696e7L,0xa833e7959e1e41b4L,0x1956f091705706c0L,
-        0x0f37ea79ba39f516L,0xecc5e91b4a48092bL,0xbf42b417f640b7abL,
-        0x2f32ddc0addbe690L,0xa136296a9903bfd6L,0x0000000000000153L } },
-    /* 64 << 189 */
-    { { 0x6287bbca1236bec1L,0xc16eabd8608e6b5cL,0x253193ef15fcd3c6L,
-        0xd4ee71c7da5fe623L,0x62531449ac806cb8L,0x9152cf1690d7e00dL,
-        0xa1e05703d20a1668L,0x6480d486bbf588daL,0x000000000000014fL },
-      { 0x37f70ab3fe2753e3L,0x562f4a46023ebdf8L,0x97358d7d89caf63aL,
-        0x387422a7ab4b1dfbL,0x80d654962c8c3421L,0x7d338b4bdb8e13cdL,
-        0xa535529dac590192L,0x39a28761a6760430L,0x00000000000000c7L } },
-    /* 0 << 196 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 196 */
-    { { 0x1e226a938f1ef579L,0x8aeebec9138fedd2L,0xa7e39d7d1ca4c4e2L,
-        0x5e53f86d49724f86L,0x9815987deb759db4L,0x538c9f700e9cd47aL,
-        0xfffc98c71a7fac87L,0x3195776e7ce980e1L,0x000000000000019fL },
-      { 0xccab7b37e33cdcbdL,0x561d18f2855619d0L,0x56aa5963818f21d0L,
-        0x1413193b571c3c5eL,0x9b30214cfd748c72L,0xef0bd8d48eadf936L,
-        0xeb6d831fd1964b92L,0x4b37d5e09bc42bebL,0x00000000000001efL } },
-    /* 2 << 196 */
-    { { 0xb854567b979551eeL,0xf97b8cab3f3f499dL,0x3e343aca603fe8e0L,
-        0x2c4167f8813abd6bL,0x6b23eed8a74bfd77L,0xf88b1cecd47dd491L,
-        0x9e613c3226b2fd87L,0xc1b1ac19fe54bd69L,0x00000000000000afL },
-      { 0x12bcafbb43b4df17L,0xbd0829247266cd9bL,0x9d1e0eb35a197805L,
-        0xf44ac91276cae6cbL,0x7d4e90e630d68179L,0x5407a9a02ad9609fL,
-        0x02cbce1c921ecca2L,0x058ab973a246d665L,0x00000000000000c9L } },
-    /* 3 << 196 */
-    { { 0xf31853c99a73eba3L,0x3fd889550e6e4613L,0x0f685bb932a3d4acL,
-        0xaeab0cd88cca35faL,0x8f65c0f7ef18d468L,0xbd45dd2509f0f948L,
-        0xfc2ea6e46ba83339L,0xf6f79e60ae6934ceL,0x0000000000000158L },
-      { 0x3d279791e60d9028L,0xc2ca4234f0c3cf4fL,0xf21ec8f085ac780aL,
-        0xc2d9b19ee6fdb32bL,0x9e2811fe0827c781L,0x42e1538749e61bdbL,
-        0x936b8e23414d6887L,0x7fe54043d7edc198L,0x000000000000008aL } },
-    /* 4 << 196 */
-    { { 0x61b51bb04bee80d7L,0x0e1f6a1f7692de69L,0x8379e46ca0ebc3bdL,
-        0x1c0bffa7930644f0L,0x97c67b87390db077L,0x095c33e1fada1ce9L,
-        0x3c500addac54b512L,0xc231d360d3118656L,0x00000000000000b0L },
-      { 0x0628929839bcab2fL,0xc0c0678064dd220aL,0x062f6084763dc2a0L,
-        0x88e9da731938c3e3L,0x69be8f2d52e46eb9L,0xe55c8d2d6a5de0fdL,
-        0xf3a3fd63db2c0e26L,0x899c6d9f1e4bff57L,0x000000000000014aL } },
-    /* 5 << 196 */
-    { { 0xef850c0a886b7b20L,0x8f635025bb9943c6L,0xb81d4c7d73ea21aeL,
-        0xcb8f069f99d3a6eeL,0x6cf775a6fa33eeb0L,0x4e222f778f96805dL,
-        0x143517aaa6141ea6L,0xe38a3c64167210c0L,0x0000000000000116L },
-      { 0x0fb62f621fc78dbbL,0x2c6410236cab326bL,0xa72ea35af1549e38L,
-        0x537f6ea3830f25ceL,0x9e079cae33eefb84L,0x38c173bab87ddbf0L,
-        0x1b4373897184af77L,0xf978084cb1868bccL,0x00000000000000aeL } },
-    /* 6 << 196 */
-    { { 0x37456b07d454e1cdL,0xca872026e651ca99L,0x66d075726a03d9a8L,
-        0xe6e9ba231d31cbaeL,0x2b720e01a80f7b13L,0xb6d7f827615f6ca5L,
-        0xf88f8cd69012b0afL,0x5024d5de7a8e112bL,0x000000000000019fL },
-      { 0x24ea6d08a8749354L,0x1143855e290612b8L,0x64cfb996e2edb77eL,
-        0xaddfbf4f77a5f775L,0xdd57f915dd64fd57L,0x89ce3192055a07d0L,
-        0x9323e3e13cd0549cL,0x7cc109cdd89fc00cL,0x00000000000000dfL } },
-    /* 7 << 196 */
-    { { 0x09dac9edf4222533L,0x241333a9fd65cf38L,0xaa15ecbaaf69f2f4L,
-        0x680cc1a0e6afa6e0L,0x581099c95f6f8c82L,0x32f948104dcae40bL,
-        0x0fad007d4ff8175cL,0x5dfd36385450471eL,0x00000000000000bbL },
-      { 0x57a1bd6b9bedad5eL,0xb187ede777139166L,0x66ab56bbd66ab437L,
-        0x8d67305e0875cc7bL,0xd1221e1d2130fbabL,0xed4482700a435b57L,
-        0xea5da47bf4089497L,0x280b2cd4e8bfb1f6L,0x0000000000000115L } },
-    /* 8 << 196 */
-    { { 0x8f33504dedb74cb1L,0x1edd5d969d2a2437L,0xb4a43aadbeced5e0L,
-        0x94faee53a6679dceL,0xda5ca04ff6d1589dL,0x4e55494935d8be40L,
-        0x3df8d236d5311f54L,0x46f9c2d24988fe68L,0x00000000000001f7L },
-      { 0x4d0d9475fb2327cdL,0x552291cef0b8faf0L,0x3e3f4a98661e3c78L,
-        0x2c452f05bda95549L,0x53276d708bb411bdL,0xfde0440e539322f3L,
-        0x02d8d55b20961bf1L,0x3c1e105518739dccL,0x000000000000017cL } },
-    /* 9 << 196 */
-    { { 0xc03f25c3c4aa5646L,0x86c63161f5058946L,0x524d9f422c02da6bL,
-        0xffd709d2d08cfc8fL,0x1e8214f8bd67d9acL,0xfdb0716ea4953705L,
-        0xcee198f0637d647cL,0x0eda33411fc50c8fL,0x000000000000014cL },
-      { 0x3771081ba26d80ecL,0xf495ac4f7ee1f2e6L,0x458ecda5cc9f8790L,
-        0xa98f84aa11d6c1d8L,0xe9d067997b694bd4L,0x510a0f753eb0c3f8L,
-        0x9747f31b40f2693dL,0xa08798275c3a8fdbL,0x000000000000014dL } },
-    /* 10 << 196 */
-    { { 0x2588c869678be8ecL,0x643c5bcd70a17049L,0xfa8ac412627e6964L,
-        0xc9e2c5e1d12b30bbL,0x6189df6fd7f8b20cL,0x7fd5df1593b30b2bL,
-        0x30176abaaa08dc30L,0x12c058c36722406aL,0x0000000000000166L },
-      { 0xf11e3160e2a9cc34L,0x839d94196b6ddfb8L,0xae2e884680035a3eL,
-        0x8bc4c61bd1f3c45bL,0x128980af18fd9ad6L,0x4210b25ee59cc085L,
-        0xab245ee01ef3a74bL,0x256fac53af76d59eL,0x00000000000000d9L } },
-    /* 11 << 196 */
-    { { 0x31509afca5f6cedaL,0x147406dd5010591cL,0xbc35c5699341d9ceL,
-        0x7ce9ace9ba35f50aL,0x19928ac5ea9234bbL,0xe036d3987fe039f4L,
-        0x920ffca4004965e5L,0xd18e5104051a7e12L,0x0000000000000040L },
-      { 0xf5630cf3a22366a1L,0x52e3ff045ca6ab82L,0x98b95576053a65e4L,
-        0x8e7f4a1b08b986a1L,0x7e4f3c04e03a5dbcL,0xca92d084a3cc2e38L,
-        0x92ebfe5fefcd06f6L,0x88f060b35a709eabL,0x00000000000000d6L } },
-    /* 12 << 196 */
-    { { 0xab2a1492a5cba744L,0x6a6a4317986c613bL,0x9c8d1d01e872357eL,
-        0xe7c3d762a1a8701eL,0xca296c88937b667fL,0xe5ddb632b105ffabL,
-        0x602efda3db9d7cfeL,0xb72b8ee5075fa1abL,0x00000000000000f7L },
-      { 0x420f01bf09297d3fL,0xe6cdd604ce02895bL,0x475de3990ec6827fL,
-        0x2a44d697d96cd553L,0x889200f98c9d9769L,0x4fa1f222a7289c6bL,
-        0x5a45ff976d4d1b4cL,0xdc9910a51e63aa2dL,0x0000000000000098L } },
-    /* 13 << 196 */
-    { { 0xb6a85b1106456038L,0xa422307cd48af4a7L,0x25c9835ce781207fL,
-        0x61e1a5ac67c18dcbL,0xe294353581f948f2L,0x427f9ac30f7fb178L,
-        0x2dc53c002e2bb161L,0xda0d1835b838b9f7L,0x0000000000000122L },
-      { 0x2e4d3e46df6800cfL,0x66910d0655d86505L,0xae5a0dd7f0d1ed6eL,
-        0x0f3f3d6a84643a02L,0xe9d03f79eecf2e38L,0x8a7c07d8ef3e2228L,
-        0xba7786af35a3f709L,0xff8997ead43da7c4L,0x0000000000000044L } },
-    /* 14 << 196 */
-    { { 0x78fbe6ecff0fdb4dL,0x4625db146786490eL,0xd296291fdba395e3L,
-        0xa6a1df669878e3c8L,0x0aa57c9655fe0afaL,0x9294f74589235066L,
-        0x6fb4692d1d24d786L,0x7fdaab78e13f2a4eL,0x00000000000000ecL },
-      { 0xced57ecbeec9bdbdL,0x5b935678813a87cbL,0xefed2811b9c45d4fL,
-        0x17b12bf552c52dd1L,0xc8f5c7e0211123faL,0x387fa7dd245804d9L,
-        0x2a42349809bc76eeL,0x5b95c590457daa36L,0x0000000000000089L } },
-    /* 15 << 196 */
-    { { 0xd2006fad8a90d8c0L,0xae1a509ab872540bL,0x774048a4ea281ecbL,
-        0xa53efead7a84cfc0L,0x5d970194332cb313L,0x4b2736352866ed7eL,
-        0xb646a148a3d68d32L,0xfaca3712cf8b5d7aL,0x000000000000011fL },
-      { 0xc726fbc2c789acf1L,0xabf5095893f6d7f4L,0x5c9b593f8791335aL,
-        0x83523e7de5e84484L,0x5dccab399f06edacL,0xcb72c6d6bc2cd75eL,
-        0x5038af212638469fL,0xfa7eba1954b0dba0L,0x0000000000000165L } },
-    /* 16 << 196 */
-    { { 0xfd0261287468e327L,0x789e8dc4ee755906L,0xea0453e480218c94L,
-        0xe263fe27088d7c56L,0x9219cee630277200L,0x293401d28ce5ad85L,
-        0x627036d3b960ebbaL,0x8be032fef92da0eaL,0x0000000000000030L },
-      { 0x7ab52e739daf8d6dL,0xd6d75d4c3f789f6cL,0xc3b7560ebfc9a31eL,
-        0x87b7f183d7db7ad5L,0x0f60a2db9c213425L,0xc2e67c9452c58981L,
-        0x001cf3e81b6d0b43L,0x31efa39b78235b3fL,0x00000000000000ceL } },
-    /* 17 << 196 */
-    { { 0x82dcc474b926527eL,0xb05d073fc3255b46L,0x3a5d46c0a94534d5L,
-        0x90e7d00664949c9cL,0xe4de4002925753d1L,0x68653da277145588L,
-        0x8161ee0fb6d85753L,0xa76d05fcda37d8b8L,0x0000000000000030L },
-      { 0xf0baeebad0cbedc4L,0x6aee7715d6cb0047L,0x9d0952da03cdda9dL,
-        0xd90557e55fc2f41bL,0xe30c3f5a68e8a4deL,0x2393e17cc79fca8bL,
-        0xb11077041c6c604eL,0x6bc9e1e163858b47L,0x00000000000001ddL } },
-    /* 18 << 196 */
-    { { 0xa27480914603ef03L,0x3f533f5d3c01915dL,0xfbafdfb8da43a354L,
-        0x730d876e3f58afaeL,0x72a24af75e4a20cbL,0xcfb685270e8ac725L,
-        0x98dfcd5a0ac3e4cfL,0x24183e26023324feL,0x0000000000000033L },
-      { 0x47f328728f9a1a5bL,0x24813af407534a66L,0x928fbfd422744d19L,
-        0x4f40a8ad4dc1aabfL,0xe39d2cf81946d1feL,0xf5ff40ea1ad5eb5fL,
-        0x84e96cb1cc4f45c9L,0xb35d04bd39761faaL,0x0000000000000045L } },
-    /* 19 << 196 */
-    { { 0x0bd7313310603fe6L,0xb1b275b4ef3295dcL,0x1c6cf47747c52883L,
-        0x950000c5904cba77L,0x36086feec437482dL,0xd59c1b42b7e63ab4L,
-        0x66106e22b1b9479aL,0xd0f2f68620df7528L,0x0000000000000180L },
-      { 0xacb366106e9a8384L,0x7db709202b9b5667L,0x4a1fb3fe1f19a121L,
-        0xe5e0295f9e62333fL,0x827ae3f70cc830aeL,0x4546f4aa82d17628L,
-        0xbc357b50afdcfe1fL,0xd5287e6e8ed152d5L,0x00000000000000afL } },
-    /* 20 << 196 */
-    { { 0x829ed3209592cb28L,0x86b85a02f9bfea7cL,0x895d6cf2a22a9de0L,
-        0x9cabe2bcbfd6d129L,0xb1c051eb4a792e52L,0x6684d6d90fbf1905L,
-        0x77f1483ccb09e7cfL,0x8e04529b9e4cc9deL,0x0000000000000103L },
-      { 0xb4e2ff1ee3817349L,0x5486debd159eed89L,0xd58f04d8f1b7cfbcL,
-        0x825120be1fd7a7f8L,0x3db1a0c20fb0d63dL,0xda92a7911ca49429L,
-        0x21772918dadc1761L,0xff883825e3d1c3daL,0x0000000000000151L } },
-    /* 21 << 196 */
-    { { 0x6e8d3a7747c54a44L,0x2fbbee944c70d069L,0x3b0b5d7dcfce5abdL,
-        0xa1588de81dd88c6fL,0x8bea3b2f3970b25aL,0x9b57781fc0211a66L,
-        0x41559a91a0f70d7eL,0xac02eea95d7a7d8aL,0x00000000000000feL },
-      { 0x7fdaae745ec7c1d1L,0x21301b2354323760L,0xa5575e5b951e014cL,
-        0xf6ddf2aea1689a42L,0x9f9b01adda3ec528L,0x21dfb4c20341571eL,
-        0x9f2734abcda1a75dL,0x794ad1e16d2418bfL,0x00000000000001c4L } },
-    /* 22 << 196 */
-    { { 0x2b0a6d8949380b2bL,0xb6be08f3d53dda84L,0xf12421a02bc75f54L,
-        0xc6aa94691172bc8bL,0x9ae6f245bc269c6fL,0xea55b4def0069449L,
-        0x2efdfe343235c756L,0x48d89a45a7f9471aL,0x0000000000000006L },
-      { 0x6aac03fd019f94c8L,0x6cc17e953487dcb4L,0xd3be9f21dac7ae3cL,
-        0x85c706c50cfe0d60L,0x15cdd8e82e74e362L,0x043cda214f1829b3L,
-        0xaff541f04b50619fL,0x27f7440b29562dcbL,0x00000000000000aaL } },
-    /* 23 << 196 */
-    { { 0xcee0dd4d2d4aff98L,0x8cd8c37c025d56dbL,0x2855e53f95b39565L,
-        0xfd72a2f7a7cba4d4L,0xc36a463b8758cef7L,0xaacda7d98488a435L,
-        0xb77cbe7dbdca5af5L,0x019c571e46e70a6cL,0x000000000000008eL },
-      { 0x37e15e7801d4a3a0L,0x5ff7813ccd35c388L,0xcfea3bf2ac8378caL,
-        0xf8b1ecb62e32328bL,0x2930b5ffe4c83cf2L,0x489f0f1ad6f765cfL,
-        0xc8be93137d7c2d1bL,0x3ee2ba463c16e2c5L,0x0000000000000084L } },
-    /* 24 << 196 */
-    { { 0xbbcf2dcf3deb0321L,0x999e365320b9a035L,0x80ef540546c0470eL,
-        0xe80ed2ab9934bc72L,0x512c5cb9f684a11dL,0x3d5b66118185f3a7L,
-        0xdf159ef4885ea75dL,0xa3ea9b394ed4cf9fL,0x000000000000013eL },
-      { 0x7b66126b8c20b4d1L,0xc4ed6bc1544ac0e0L,0x279f02aab2923004L,
-        0x0b40e88bf0747e04L,0x05c9e6d27312dc2cL,0x6294972e1b7860ceL,
-        0x14a57cd533881463L,0x8b82ededa1248b49L,0x0000000000000185L } },
-    /* 25 << 196 */
-    { { 0xd7d62aa27fb8b741L,0xcc49ebaa22c2ceb0L,0xb7bfb7a6d783b548L,
-        0x38bc7436ce389959L,0x8b0f8386da43e59fL,0xdfc845523c0eb486L,
-        0x45ec3ccb01814a76L,0xe962b5073a441d4eL,0x000000000000017dL },
-      { 0x2b9bf5d3e7daa36aL,0xf3db2ff2de01078dL,0x8329d82a2f10cb32L,
-        0x8a933f560a0240efL,0xb05ac0fcf0ab8458L,0xdc32a5492dd7cd0aL,
-        0xa53ce7ea66018a68L,0x8d453dece96184f0L,0x0000000000000017L } },
-    /* 26 << 196 */
-    { { 0xfd28fd2f06a1b72fL,0x54d721eb28ab431eL,0x131944e6449a31ceL,
-        0xcee896aaf743b99cL,0x5a22f9b61f309b87L,0x52595371d6f002c9L,
-        0xec1119fd2f9c5506L,0x685f82c7228d2e82L,0x00000000000000d2L },
-      { 0xee614493cbf1b3bbL,0x44d7be7af3861222L,0x4b01c72974a0b60fL,
-        0x8272691f411bef96L,0x276d9a53b6a0abc9L,0xec66bc5e0495166aL,
-        0x0c3802fb8127af16L,0xe1d8c99ccfd1e4a4L,0x0000000000000021L } },
-    /* 27 << 196 */
-    { { 0x4fe4d6cc0345e12eL,0xfc55a162bd0ba258L,0xf5945aba4fa7fa6fL,
-        0xef5b2f368a815568L,0x345ed8ff6f8d1f91L,0x57a9ecae13e62497L,
-        0x121b4b4054ea607cL,0x2e33b7eddc577373L,0x000000000000015bL },
-      { 0x69b188f030164779L,0x5a5c8bf1b5595d69L,0xa5ddf2d33c99af05L,
-        0x5421f999e5f631a2L,0x75741d7fc9767800L,0x9f3f1a7c1e91e805L,
-        0xed1f12ac428cde8aL,0x0cbc29b61258e75fL,0x0000000000000179L } },
-    /* 28 << 196 */
-    { { 0xdb0b25781169daafL,0x6136642d2a9d17caL,0xfa6bc4e8f72df335L,
-        0x1778a4c225b9ed79L,0xb633fd4f4310dbcdL,0x4b13b4faafd58778L,
-        0x4522514b00e07b54L,0x559f9ab9e477fe71L,0x000000000000011eL },
-      { 0x5c8d43b07ddf0054L,0xa53226de46f8cac6L,0x065c1269f2f221b0L,
-        0x9cafcd4a9956f22cL,0x982ac10bc519cd6bL,0x15318af6799774cdL,
-        0xe71307981ac986c1L,0x73d702b5045f1c18L,0x00000000000001e3L } },
-    /* 29 << 196 */
-    { { 0x8eadf42faf4686cdL,0x1d08e2137ab97161L,0x0f210dfa3f500b83L,
-        0xf1b2e0861ce61acbL,0x7eaede2891fd68dcL,0x895d7935745fb13dL,
-        0xe01b00823880eb43L,0x6f6f1e0287e35884L,0x00000000000000a3L },
-      { 0x54e32082e6dbaf6cL,0xe7a3aaddfb20f209L,0x9a0378062a9ec5d4L,
-        0x03e8f27aac9a81a8L,0x2a98abdec88a9bc4L,0x71ef89d99dc10283L,
-        0x4f0489fad411c02dL,0xff054fe1b63afa4dL,0x000000000000002aL } },
-    /* 30 << 196 */
-    { { 0x5c9de5a4256a761eL,0x683f423188f0d612L,0x2a78b4b8280c04f5L,
-        0x57b2bf75e3f6518bL,0x477eea36ca8677f5L,0x71035e47b0bb0034L,
-        0xc12117e2aff585d4L,0xfc2faeca0c076757L,0x00000000000001cbL },
-      { 0xeaf9bdfa3be3d035L,0x8d68f8ccf1ff65dcL,0xf293f7cad465c674L,
-        0x89ba6110617b8082L,0xe20a69b05a81151cL,0x6846f5bf5cdee0ceL,
-        0xc152ffdd86d5304aL,0x0b309e4ff1a6e86dL,0x00000000000001c5L } },
-    /* 31 << 196 */
-    { { 0xd0483c82a8530876L,0x63098f1b0e175f10L,0x3f2b2af973cc5d1bL,
-        0x1e1a0147e2868b4bL,0x2c156d2e0a5b21d5L,0x58954ed044ca50d6L,
-        0x66c0fee44271ccf5L,0x4671b5ead83255c9L,0x0000000000000072L },
-      { 0xc96b825264cc2271L,0x79bf4ed687d0b7d3L,0x90aa275e308f708aL,
-        0x556639c530812a17L,0x926fb02487645ec9L,0xec979253102ed54aL,
-        0x5317b9e51478db12L,0xbd141acf0110f601L,0x0000000000000171L } },
-    /* 32 << 196 */
-    { { 0x04e8dc9fbcb97cccL,0x4652847e88086fbaL,0xe5ec071965411266L,
-        0xaf72b4a169e1c843L,0x48e75c318161e951L,0xab6457928a39806bL,
-        0x3fa10b38a2a97512L,0xba9e2ee7fc3a693aL,0x00000000000000ffL },
-      { 0x3b96e7c33b70d15fL,0x87c3f3dd4ae9e52cL,0xa256e7e864ecc9f1L,
-        0x541d8b6d07c90736L,0x2367141f6c2b4160L,0xe32aa363cab770f3L,
-        0x51e2c83261282e7eL,0x194b06a2f3fa7817L,0x00000000000001c1L } },
-    /* 33 << 196 */
-    { { 0xe8a62c0de1d32dbfL,0xf1f616421cdaf3eaL,0x70881e0fbf70d93dL,
-        0xf031d4ea8bca2111L,0xa19a22ea7037de31L,0x37018144040b9b64L,
-        0x6890d852d77984a3L,0xe460fa7552eda9feL,0x0000000000000105L },
-      { 0x6446173460a056fcL,0x708f17630b561251L,0x8e32715ffab9f6f8L,
-        0x562046fb8987e3bcL,0x6fe352a8e555a225L,0x9a1db7632433a38fL,
-        0x81887733cbb91ebfL,0xeff8a2c627793c77L,0x00000000000000e9L } },
-    /* 34 << 196 */
-    { { 0x3ca6f47973e4c097L,0x6ff9fa2ae38e7294L,0x1289d5bc9ea599abL,
-        0xf2a37ae7a8928130L,0x50f2f989f1a6c895L,0x8757f302d7d6cbbeL,
-        0x4196104d4e40f53fL,0xebbe471fbd519cf2L,0x0000000000000107L },
-      { 0x2ffa710db24b0064L,0x02cddcf4aee5996eL,0xe16b2968e5d23a32L,
-        0xe5c9be9072f414d2L,0x8a5c1db065de7f6fL,0x2130bd6b0ccef750L,
-        0xdd3df13f4f42f281L,0xc13fe304695f4b82L,0x0000000000000084L } },
-    /* 35 << 196 */
-    { { 0x93e7f4ec605cbaa3L,0xae4407b383e3f52bL,0xa2097b0241a92aa1L,
-        0x9e7466e3deb06bacL,0xf8f92193bd45255dL,0x8b5f880087cc518dL,
-        0x3f49ebef9ff8b60fL,0xde7fa84a2963894eL,0x00000000000001bfL },
-      { 0xb50f8ad28a71215eL,0x458e00b689d5ea0eL,0xd7713a988a12ca3eL,
-        0x3a87bb016251a8ffL,0x9628caabf1b37745L,0x33b4c2ffd0d6c193L,
-        0xc3ce2cd7168ba8e8L,0xcf2c2dd14078fec2L,0x0000000000000147L } },
-    /* 36 << 196 */
-    { { 0x8bf7c9c33cf23534L,0x5653e5d9a1868c02L,0xbfec2eeac365617bL,
-        0x2b6f61f1ecc8298dL,0x40396d9f1a169a31L,0x42eb3d8659bd4b25L,
-        0xa1b8cc7d241065d7L,0xa6e89c216fc1ace9L,0x00000000000000e7L },
-      { 0x10d6248e72bd3d50L,0x1a6446b3c4671f34L,0x6734a9f04bfde2edL,
-        0x84afb994938bdf38L,0xa122be493fee450aL,0x9b83520e500ee214L,
-        0x11982bd9dd8ad22dL,0x3bd3f748c9839b36L,0x00000000000001baL } },
-    /* 37 << 196 */
-    { { 0x621af6617e7b439cL,0xd6e8e2b815afe413L,0x97c6b17c7b245ddcL,
-        0x289e61717feb0b73L,0x98505d821c5e51f0L,0x33cb22cd631d3314L,
-        0x723a81a5e1e6b48cL,0x8e32d81164218c3eL,0x000000000000014dL },
-      { 0xf98fef26fdc0e56dL,0x0e9cba0ad776149fL,0x896f5700cc8b41d0L,
-        0xc2361bf783699489L,0xad6795f43e5d1c59L,0x717681b64d2c7cfaL,
-        0x5fe3591eeb9a970eL,0x47c95b0d8350b6e6L,0x0000000000000184L } },
-    /* 38 << 196 */
-    { { 0xbf0616bd5ddc2698L,0x765ac3d4be906553L,0x1f75a167f5494395L,
-        0xf81d9ad94284513fL,0x9d6e5bdc7d63f117L,0x64311ef80dd9a72fL,
-        0x1e03cb88a093fd4cL,0xc044f4baf45dac7aL,0x000000000000004dL },
-      { 0x01c2507bcd22efaaL,0x62a24322e919f292L,0xb1b116e684c75e56L,
-        0x8ec19402f1471232L,0x4b206e3ba7712367L,0x91ef56c2038e4419L,
-        0x9facfa3e5ab207beL,0x4fdd07bc11203cd6L,0x0000000000000106L } },
-    /* 39 << 196 */
-    { { 0x4d0117ffbfec68f5L,0x4cd18a0033d8d3c4L,0x3d63af1e96480162L,
-        0x8b2bf467fa9ff1b7L,0x74b4ad4943c77644L,0x35725c2f089a359eL,
-        0x639a66f4df226886L,0x50b29f65fedcac88L,0x0000000000000018L },
-      { 0x0afc4f29bd92ab9fL,0xbad68d8a47163560L,0x1ffa046d37e10fbcL,
-        0x2b49d323ec249cbeL,0xac325052aec86c45L,0x3a7519254b6a83a5L,
-        0x22ede30b2f277217L,0x8f88e2e854d41982L,0x00000000000001dcL } },
-    /* 40 << 196 */
-    { { 0x7278584f6efe90ecL,0xffe6da80c2971903L,0xd05ae9ff0e5b498cL,
-        0xef414b291a1027b3L,0x2f651f532ca82e24L,0x2f0da56297e1b677L,
-        0x7e984b0792315558L,0x30f1b1f81c3e6b0eL,0x0000000000000183L },
-      { 0x273edf2427a65a6cL,0x6ff4b6fa7b16c778L,0xfedb4e3731fb5dfeL,
-        0x181e43b8cf9d4e15L,0xd60dc117191c9415L,0x9daa6f3583e150ccL,
-        0xeff60ac45cf670adL,0xa75fc519da594d74L,0x000000000000005dL } },
-    /* 41 << 196 */
-    { { 0xe20b5aec250f9de7L,0x1aae76fb3fab5e0aL,0x0becc02b33318cb6L,
-        0x3238d3a763f85fb8L,0x32b6b02f81279952L,0xfbd0321d4463d8dcL,
-        0xbcf5583706ba9c4fL,0x215737ab3e66a0d2L,0x0000000000000047L },
-      { 0x0630af2f21485b77L,0x98d384749422760fL,0xd5ad435706253457L,
-        0x3d72489a60164b41L,0x1eceddf2318658e2L,0xc01ea9d766ad11e8L,
-        0x85381580468ad1daL,0x6fbf66bb215835b0L,0x0000000000000000L } },
-    /* 42 << 196 */
-    { { 0x89733251bc6e092dL,0xceb697d37f36c9faL,0xcdd80fe333cded69L,
-        0x4e1dacdcad9308baL,0xa2ffd125033c2941L,0xe8d009e6974bb3ccL,
-        0xd72c5fa93368b9c9L,0x8d7ed4ff5a1331c7L,0x0000000000000189L },
-      { 0x4813b528e8edc388L,0xdc17a243e0c0af22L,0xf1bd51fa74495d32L,
-        0xec53b061b286aa96L,0xa6abdf9619068cc1L,0x820646d9e4207cdcL,
-        0xf74a8d2d1bcfa5c3L,0x8633342d5f097f9bL,0x0000000000000078L } },
-    /* 43 << 196 */
-    { { 0x0c95ca695ac18348L,0xf75ca2fa5b052634L,0x28d4424b71bf0289L,
-        0x0d40063f31653756L,0xc814832deb0bcc02L,0x0158f9995e70861fL,
-        0x05d5a762936ad90aL,0x434a7f74a144b3f8L,0x00000000000000dfL },
-      { 0x6ffd78fee3f669f4L,0xe16f72d982c47401L,0xe6e5963f36c8f97aL,
-        0x05c42226cf7de123L,0xd4101edcb94ee7c6L,0x6b3e2b62daa047a6L,
-        0x4d55db3b99607484L,0x70960806e3c0818bL,0x0000000000000055L } },
-    /* 44 << 196 */
-    { { 0x0c19aae6b0dcfc0fL,0x9e0eb373c5c3aae8L,0xc161fd1c4a50f55cL,
-        0x1ee02a2b9e0697e0L,0xd57f6a602ee4267bL,0x5d336ac44a0ddf2dL,
-        0xe695c75e6e4a7d7fL,0xa79a0ff3fb055923L,0x00000000000001d1L },
-      { 0x2e7ea0098188fce2L,0x81ef9870c12184a3L,0x4e03c68fb1e88e83L,
-        0x3b5ebc5d7e85694dL,0x436f1044bbcd787fL,0x56c1bc0d2d3e5789L,
-        0x23c6542d6fe9f054L,0x8a1bf0c65ffd53ecL,0x0000000000000162L } },
-    /* 45 << 196 */
-    { { 0xee9e0619502108a8L,0x4f1b33366a1062e3L,0xfe009ec650a122d9L,
-        0x2d8fcb69c9e48f99L,0x808241ac63c706c2L,0xc91225fdb524a19dL,
-        0x4a8e5dcc9ec80451L,0xa03ef54586005457L,0x000000000000015eL },
-      { 0xac3efcae7fd50c83L,0x7e0b922f431aa19dL,0xa715c2def3d56a91L,
-        0xc92deab66be3d952L,0x1c388d660db1584fL,0x65d59dea3102a4c9L,
-        0xaa23da841d251b83L,0x12234fba7c16c390L,0x00000000000000d7L } },
-    /* 46 << 196 */
-    { { 0x908fc9cd1bcbb1ccL,0x1c8e79c605c7336aL,0x3be79537e9943726L,
-        0x50fbdd811d9cea24L,0x0bfab19d8c2c7fbdL,0xc5549a0ad1ce3a2fL,
-        0x9b9d925f8cd9652dL,0x9897484a739e0cd3L,0x000000000000007dL },
-      { 0x393991e454df8672L,0x3182ec23505c2450L,0x1a6d66342e010ffdL,
-        0x4862c7f13a3a0457L,0x04128c4709ce1141L,0x7665a44691ecac9eL,
-        0x4d35845d698e56a2L,0x2bd11b9c63edd2e5L,0x0000000000000069L } },
-    /* 47 << 196 */
-    { { 0xf005c9a8b9a2702cL,0x810498cf2c1e6de2L,0x6befe7b4e18f6d56L,
-        0xc6589cf794b8d39fL,0xbf8d443c00cbf65bL,0xc7c9879f45df1b9eL,
-        0xccc79b076de50858L,0x929bea822826a4e0L,0x000000000000010dL },
-      { 0xb296b3eca13db6f7L,0x7e5d7795faf5b85dL,0x2ff9b0b266854f2bL,
-        0xc25523050a9a844bL,0xbe3c89f03882805eL,0xa9cf3ecf3b332aa9L,
-        0xbe5ed1a69fad543cL,0x0f7d29f52bec4b80L,0x00000000000001e3L } },
-    /* 48 << 196 */
-    { { 0x22d8c3c4d2a1f241L,0xcb6055158ed2c14bL,0xbd634a2e2939f855L,
-        0x30b2b6b91e9519b4L,0x19911c0008a31d22L,0x60b0713b979cd33cL,
-        0xf41a8abdb94f9b61L,0x3f2d8c91ef72cf1eL,0x00000000000001b4L },
-      { 0xf0acf9b3d78b56eeL,0x12112d24e915a265L,0xa18c93adc1d7025fL,
-        0x279a4db82e652107L,0xbca73ad02bffb5daL,0x2cdfeee4e2d168eeL,
-        0x6d83a77f5a4aca12L,0xc203514b1d22e8f4L,0x00000000000000f8L } },
-    /* 49 << 196 */
-    { { 0x91055288c64e6ec6L,0x8c16e01acd04e9b3L,0x4036627a86571434L,
-        0x881ed57082957000L,0x310c958bfa5d4e68L,0x06baf7e9bb2d87a9L,
-        0x4fe3ea057c2f0a2bL,0x38bb26bfe948412eL,0x000000000000007dL },
-      { 0x66b2c752f3e37ae3L,0x0dd0ff8df7224205L,0xf90ce316e12378caL,
-        0x6491f235c3d6855bL,0x4fb4f58faf02496fL,0xde97dddce1cb8cd6L,
-        0xd92c7227fa3d595fL,0x9f6b1ce8fceea6b4L,0x0000000000000180L } },
-    /* 50 << 196 */
-    { { 0xbd22be71b0de2450L,0x2e3f91b14c3a57a3L,0xa977e3772a4ffb4aL,
-        0xdbf6fffe5aa5cd91L,0xbc48435eee1e3920L,0xa563e4307d378540L,
-        0x62f6de0dfb41e34cL,0x8011c6cce38ee8efL,0x00000000000001baL },
-      { 0x005b98bcd74a67ceL,0x8befdb54ccb7e590L,0x9f161fae5663c8aeL,
-        0x3693d9d550eb0d37L,0xafb1e38ebf1d75d3L,0x087fcc9c5153565fL,
-        0xf43377b8105862c2L,0xeb84439f6dec3a5fL,0x00000000000001dcL } },
-    /* 51 << 196 */
-    { { 0xcde6dee7eca8f051L,0xe3f3cf361cc4d62eL,0x25ff2aa03b1c36b8L,
-        0x6e72443eafdc5613L,0xf893f5ecb9772bc5L,0x38371f1262192ac7L,
-        0x9c1813baf309d94fL,0xb449174edc9a7a48L,0x0000000000000111L },
-      { 0x3b0e446d09c82a82L,0x6f50ae7c89493d60L,0xf1903236a6080476L,
-        0x5e3827be27267e80L,0xc24b7fe32bc49a51L,0x616056db7c842855L,
-        0x97ba566f1e70d7b8L,0x4dc726365a13ac33L,0x00000000000000d0L } },
-    /* 52 << 196 */
-    { { 0xf4f43b19e0e59b2cL,0xc6e2be38afeb7cdfL,0xae8a39acc29cebd1L,
-        0x6efba10c45c2e785L,0xf8e52a9ab2641116L,0x40c2f2414196bec3L,
-        0x60a7d1e4b1d839e0L,0x5d7d06d259f62c00L,0x0000000000000130L },
-      { 0xea760695ac9c3c53L,0x5986bea02581f9d6L,0x59308ce3cfc0fd55L,
-        0xea705a6119235af9L,0x443894840718acaeL,0x836bf3f6328cc902L,
-        0x235deb73230f3339L,0x8e0c21f18ee4baf2L,0x0000000000000164L } },
-    /* 53 << 196 */
-    { { 0xe926ef80c0a99509L,0xed1649689ccfc4f2L,0xe99b4885e39ff73fL,
-        0x8ccce32809d0e1beL,0x805d18ad17806543L,0x10726fcfd6d2a9a6L,
-        0x0e3467645de89209L,0x9b900651642b18f4L,0x0000000000000027L },
-      { 0x2b74d221bc1b36e9L,0x7e989f8c6caed8c8L,0x1e25efb759d92e98L,
-        0xc6de531b1b5c7709L,0x26e58ed46b64af05L,0xd86e96d549e9e433L,
-        0x4fecebf92c240df5L,0xe0d4dbf983308bfeL,0x00000000000000b9L } },
-    /* 54 << 196 */
-    { { 0x0e30bb6868a51131L,0x0989155b462c88c1L,0x548c6c52d03cae33L,
-        0xbc452d0ffe58d840L,0x24200a5335a13957L,0xa601a8497546a30fL,
-        0xe5d9c7e607f23c63L,0xfc71ce9d10a1c525L,0x0000000000000015L },
-      { 0xf6a1299a1fe5ca30L,0x2f81c374ea5824d5L,0xe644122857981dceL,
-        0x3df02523b1a2de8fL,0x54e40ac804cc4237L,0xa3055eea7bd400d9L,
-        0x48872d662187a56fL,0xa69e9dee884aac47L,0x0000000000000181L } },
-    /* 55 << 196 */
-    { { 0x75eefbfc42f8fcbdL,0x07eb8d597ba7414aL,0x84cd31bc2c8f2b79L,
-        0x4d26c915d04becaeL,0x36868d1c210fb6c8L,0x6cfccace72f79b53L,
-        0x3cdf02781ebdbe12L,0xdb4a114286fc40ddL,0x000000000000000bL },
-      { 0x73f66dd28db9ed5fL,0x889959a887f6b0c7L,0x6704c74140878e48L,
-        0x1090b3d446b6c3a1L,0xd7b7aca178e5c4b1L,0x2d612e96ad1a5598L,
-        0xca5da9eb614b70ebL,0x9ca5c48a854622e0L,0x0000000000000031L } },
-    /* 56 << 196 */
-    { { 0xd20ea6d6f77ed05eL,0x4ba76f5ad4eba7fcL,0xb8f202d214b757d4L,
-        0x4c9fe411a5fa5280L,0xf6e25d132839f868L,0x13ea010ba1cad300L,
-        0x480c268bf85ea22fL,0x4d0cf6672072c1bbL,0x0000000000000023L },
-      { 0xf1e5e5230b6bb224L,0x0d56223d8d239295L,0x3682808df54c3f69L,
-        0x0c17e3ca1e59cb8cL,0x7d756e19ec2f17dbL,0xd836652462e7664dL,
-        0x3768cbff8ac12886L,0x5e741a688c3d34f5L,0x0000000000000020L } },
-    /* 57 << 196 */
-    { { 0xc54fe29871847964L,0x8280a8fcfdf1f5dbL,0xd6a0534af822e863L,
-        0xdc9d3cf826386f9dL,0x9bc6b98e0407ff49L,0x017784bd80755fe7L,
-        0x213c81559a977a8fL,0x8dd3801d4e65da56L,0x00000000000001bcL },
-      { 0xef919759c03c33b2L,0x75233bef62d3430bL,0x3f1cfea4e4cc6a49L,
-        0x38ab926464e971bcL,0x423b0ed9d5eb0c22L,0x6624a340b79c6d63L,
-        0xd6b3fce896fa51f4L,0xadd1d8b35d609eceL,0x0000000000000070L } },
-    /* 58 << 196 */
-    { { 0x35045126ad9eda52L,0xc2ea75df374dd433L,0x487538ab0373e6c3L,
-        0x33614263e0eee811L,0xc58358ea57c10df4L,0x32dc5cc35073a6c4L,
-        0xb045e46a13446f08L,0xa5732ad5b66c0656L,0x00000000000001baL },
-      { 0x7a153e655b0966fcL,0xb603017fb8c3c1afL,0x1a39c8dba067a681L,
-        0x3033a65440667020L,0xd7801a9db73a160fL,0xac1ee568789ccc50L,
-        0x554288945893ec7cL,0x384002a000eda7e3L,0x00000000000001e0L } },
-    /* 59 << 196 */
-    { { 0xe8b72ba4767216dfL,0x2bd7cc62233437c1L,0x2ec3866c25595c2bL,
-        0xad8e4cadcb1171acL,0xb3013d8151bd5ac4L,0x6b5abdd61b508534L,
-        0xb4cc2718d3050696L,0x6b986ac7816e843cL,0x00000000000000cdL },
-      { 0x674cf9e1a395c9f7L,0xba207b7ba99d5579L,0xb88e686fa1933b93L,
-        0x12c6706d9df81c4fL,0x15e65e3946b23f93L,0xf35458c73fc0f44aL,
-        0xf1e31de2002e545fL,0x4af49917e9f03de5L,0x00000000000001caL } },
-    /* 60 << 196 */
-    { { 0x9dbe2571dddb531aL,0xcb512e4c394ebff0L,0x4b63c8a4a8d37bdeL,
-        0x97beaa21bdb7f8f0L,0xf200e1e9b0a7a3f0L,0xdb7fe7da3a46a4e8L,
-        0xa180445dad11a863L,0x74cf8239b2a4b922L,0x0000000000000108L },
-      { 0x427c0b0eb74b8368L,0x55c6a2ea42e1ee50L,0xcecb56d06ee5f819L,
-        0xdd52e9cef6d2ec2dL,0x1c990f3f9331556cL,0x9178c5a82f80fd9fL,
-        0x75d32ffded631398L,0x0cedb14b019fba96L,0x000000000000012aL } },
-    /* 61 << 196 */
-    { { 0x69faed89822a012eL,0x53c0271bc1ad8f52L,0xee0d31f1937d338bL,
-        0xa06b3a494041a239L,0x8b63fb07702f6ba9L,0x41d5178398b69014L,
-        0x8486c40b544bbcb0L,0xcf2a64640917e881L,0x00000000000000ceL },
-      { 0xeadcae05e83b1cf0L,0xc225b14edd855ea5L,0x1ea3000a0373f195L,
-        0x28e08aa0bef5f415L,0x323f250c04f8b333L,0x5c2790bc8c761109L,
-        0x49334e096d0e9ebcL,0xf82c8cd830e0fcafL,0x000000000000010bL } },
-    /* 62 << 196 */
-    { { 0x4c1a21f51222a135L,0x7ffc7eb85e187c31L,0x2b6d847fe1fe189aL,
-        0x19dfc0372d394d0bL,0x55dc23a056e7e285L,0xeadb01c77fb7a5c1L,
-        0x885f8312bd11402fL,0x7bb2f26fff2843e4L,0x0000000000000137L },
-      { 0x4be6d277183e33d9L,0xdb4a534c64233c38L,0xf6cb271db58af85bL,
-        0x41e0e7e5e334d256L,0xc91e2cea2d50cf26L,0x7819aed35fda0020L,
-        0xe8f81026c0a98fb6L,0x109243793a618687L,0x000000000000009aL } },
-    /* 63 << 196 */
-    { { 0xac831cc6dd08552fL,0x749fb06f21e38f55L,0xffe1fa0503348862L,
-        0x8181db69c8c3e026L,0x1404819e3dd3daddL,0xb065c5a303749cdaL,
-        0x9f2ff76605fdc4e1L,0x6c73b8ccf67793efL,0x0000000000000080L },
-      { 0x807f0dcbc1f25aa0L,0xa38b959a84dfac44L,0xa112f1c8427a1fa8L,
-        0x8bbe3c9dca7866e4L,0x67777e1960dbae5aL,0x323e9a90a9f6aa43L,
-        0x693abeca12ab7028L,0x262a90dad5667809L,0x0000000000000053L } },
-    /* 64 << 196 */
-    { { 0xad8f0fe4c4e24c8dL,0x81cf16fdd1eaa52dL,0x710a08a7d68864caL,
-        0x8e736c0e7539de5fL,0xca6583377f67341cL,0x63892b7d900b74b6L,
-        0x5d1d91db6e9be886L,0xa4da95649633a600L,0x000000000000019bL },
-      { 0xcdae7a975c319d97L,0x873b4f53d0316874L,0x7ac186845c213ab4L,
-        0x4f0b5ae2ae9109c5L,0x1934b7ed7a661690L,0x0f98acd90707b518L,
-        0x12f07c5534017e00L,0xe9b121a16ce4ad49L,0x000000000000015eL } },
-    /* 0 << 203 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 203 */
-    { { 0xf4d3bcb3e588a775L,0x63161619365983c7L,0xba7334ad66782f6cL,
-        0x1f14dedb8783d25aL,0xff6fe73c50c67fe1L,0x711ddfe3f79a86a3L,
-        0x7cbd7f3a027d18eeL,0x7f63d331c4ecd52aL,0x00000000000000d7L },
-      { 0xf463a32bcb49037bL,0x66e4ce3de7c35c02L,0x1d175313116e0d6bL,
-        0x3bcfa6722d307ee9L,0xc6f9bcdc7c79261dL,0x79bb33dc994649cfL,
-        0xb491b05f6d4ee55cL,0x4bd0668e1e6846bfL,0x00000000000000ffL } },
-    /* 2 << 203 */
-    { { 0xe7bfc99fbdec6efbL,0x2bd3d26b67326c7bL,0x23f041ff594c614eL,
-        0x5a778c67ec9b4420L,0x75b5618b30eaa444L,0xf8e2bb92ae6d50a4L,
-        0x7278c60b1fdeb6f0L,0x5b8471dd97c654ccL,0x0000000000000139L },
-      { 0x115a81123e959ca8L,0x13dc4aa38bed7eeeL,0x02340f86ef94c5fdL,
-        0x519293a499a5d5ccL,0x09573381294349a0L,0xdefe063fda33b39fL,
-        0x6a18640aa382a806L,0xb3e25fdbd227a86fL,0x00000000000000d3L } },
-    /* 3 << 203 */
-    { { 0x64018be514712d81L,0x5fafa8b67cdf8720L,0xd92dbefac4676cc7L,
-        0x81b9d5d13ff37dbaL,0x2ecd7dde297a8d41L,0xc893b59f1f558676L,
-        0x5d8d83ce75659922L,0xe1dc82f90559beacL,0x00000000000001bfL },
-      { 0xa3cc74ebdce6c952L,0xa76fdacac95505acL,0x67ab4bddbfa02be6L,
-        0x2a24dae8df7d00e4L,0xf82d0a5af2523788L,0x0b3db8532f8ffc37L,
-        0x65ee0920549e630cL,0xb682bfc6e02b93afL,0x00000000000001ceL } },
-    /* 4 << 203 */
-    { { 0xe3169760d3a4d912L,0x5568005c7ba3a1a6L,0xb469884dd7e7b5d5L,
-        0x6be70c098cecec62L,0x6300a32fc5d6363dL,0xc2fd66e44db63578L,
-        0xa131ea2135ae7bebL,0xa82fd7fbd31a6f2fL,0x00000000000000daL },
-      { 0x1280d69100deb4b3L,0x72865157a4ea0abeL,0xc87881678934a09bL,
-        0x5733cc11a70dd871L,0x139e88760ffc8eb0L,0x8e9436e30d958521L,
-        0x06d1a845b3059f58L,0x3c220ab3a81354f6L,0x000000000000000bL } },
-    /* 5 << 203 */
-    { { 0xadb4a7d18cd7b861L,0xa73ebcba1bf42950L,0xd952d5552c86dad2L,
-        0xe3f82d13b988894aL,0xc389b7497ad6f062L,0xef0ed10973ec36d6L,
-        0xecd5d73dcdd4431aL,0x006edb8d828f55e5L,0x0000000000000144L },
-      { 0xf19bb0ce05a40d99L,0x152e0fd650dd05b4L,0x057bbf2e9508569dL,
-        0xa125e601f434a3adL,0xcfbf6d31dbd7abf3L,0x8a47f4fbabb7ec67L,
-        0xba9b13e665be73a5L,0x06d9f4989a033039L,0x0000000000000113L } },
-    /* 6 << 203 */
-    { { 0x1499ff98ac49d960L,0x98f7925a3940ff6fL,0xf6c696dd743f2ccdL,
-        0xe7c6c272ef310a73L,0x4029492d91ad1858L,0xa2e65af9483037ccL,
-        0x080c3fd0d3453348L,0x4a1f9803068380c0L,0x00000000000001bcL },
-      { 0xa39427ddd9dc2514L,0xe0f733ecb2a91d48L,0x0144d74f29219e28L,
-        0x25ddcc92e3fc6c5fL,0xb90e371391f871e5L,0x3f763adb81a245caL,
-        0x1fc6a1492f3e2323L,0x92cc2090b41f0b93L,0x00000000000000a7L } },
-    /* 7 << 203 */
-    { { 0x16fc10ab7052570aL,0xb8ba7dd0743fc619L,0x74e19ac2fdc9c41eL,
-        0x8c377fa7ad8dc91dL,0x9c7d2ea6e0cfa9fbL,0xb1f1b0d571b1aa87L,
-        0x912d33bc900e1282L,0xe8efdbbb0235ab3bL,0x0000000000000193L },
-      { 0x2f42a780ecf05e45L,0x4abc067a5ffea26bL,0xd934e1bf3b8f86d9L,
-        0xc622689102f42e09L,0xb828a02f94bdda3eL,0x08d0e0d8fd23164aL,
-        0x49138165cd40abe2L,0x2cad4154325e1e74L,0x00000000000001d4L } },
-    /* 8 << 203 */
-    { { 0x293385edb0596774L,0xcdf619f0dc09fb31L,0xc4af9e6a90f76d96L,
-        0x54b471b7cc8596fcL,0x18ffee0265bb2ef9L,0x4942b53fcf9d919eL,
-        0xd6f9d2a9e553f316L,0xd83946cc6a58eaa5L,0x00000000000001b2L },
-      { 0xa1d2daecdf8aa88fL,0x62cd7b320caed19dL,0x7c08bc5735b5b292L,
-        0xe1a60a4454118651L,0xb1d83a9eaa8e4f5cL,0xc47b05fda30e7ac3L,
-        0x9167e33e388daa83L,0x27a10be2b9685de6L,0x00000000000000bbL } },
-    /* 9 << 203 */
-    { { 0x61072e6115d296f8L,0x11fc465ebc5f7f34L,0x93eb012252ce572dL,
-        0xe66fe1a8a14f9fc8L,0x0857caf11118519bL,0x0ec99efbce22fd7aL,
-        0x9630984caeebd7b7L,0x06e2507983a6f11eL,0x0000000000000123L },
-      { 0x6b5c0e4a5b5a2bf8L,0x0a0430a05250b970L,0xa547c2981f8d2d99L,
-        0x942a92d7773b6ae5L,0x3832ae1f9b1776f7L,0x9ff2f6eaf2484715L,
-        0x8e886adfed1ac349L,0x5fa46fc33779f565L,0x0000000000000112L } },
-    /* 10 << 203 */
-    { { 0xf5fe39ed1fe5f835L,0xe17a6fb3164e9741L,0xeb9a084a0f1180e9L,
-        0x95f55d56a1174f31L,0xc33fa3d103850ac7L,0x15a29bac6e0ddd06L,
-        0xb80a0b7836f2f29eL,0xe5d8ddf467cde67aL,0x0000000000000133L },
-      { 0x1767c74cc5ee0dd4L,0x1d61299bd7e4bddbL,0xf4d89a2ffa74fb11L,
-        0xe8a63c4a0037fb90L,0x30fcdb047800ec4aL,0x49a1e298d490df3bL,
-        0x3d3510a2da5acae7L,0x2d4184aa78ce9832L,0x0000000000000024L } },
-    /* 11 << 203 */
-    { { 0x461789e5a7e331b4L,0x94f5c063e056cf9eL,0x51c4cb0bafe86b1dL,
-        0xa77f9298ef14a074L,0x077bb1b48fc7cda4L,0xe5463bbe3ec37500L,
-        0xd8929e637a85c083L,0x99bde81e8a6a20f3L,0x0000000000000039L },
-      { 0x3267c02daa1f7d63L,0x23d9787ed3ea992dL,0x8bd7ecc6eadfc006L,
-        0x1dcc457818d40a6aL,0xf4e545c5c2837f18L,0x4936de14599552abL,
-        0xf7ba407716ae7bc3L,0xb5a4143a28bd986bL,0x0000000000000132L } },
-    /* 12 << 203 */
-    { { 0x7af8ee911d17b705L,0x8e4e597421098f55L,0x0542a394d5cecacfL,
-        0x4d8eb8395094f357L,0x8c86900c62d5a150L,0x7ad4081bafe653e7L,
-        0x387c8a7e677a5bbcL,0x088120b9be7886d1L,0x0000000000000156L },
-      { 0x986523706c398918L,0x7c9c49714f6c44c4L,0x443abe7820a8fa98L,
-        0xf42a7ff4137f926fL,0xff4c7aa9f464b480L,0xf88b491a277d4eb8L,
-        0x170a625fc3cab7f6L,0xf9bba62bcdcab435L,0x0000000000000186L } },
-    /* 13 << 203 */
-    { { 0x31b0c09c5bf0852dL,0x18aaaed5d0a908a1L,0x4895590f40ba0908L,
-        0x5b3c1647b5ce8ae3L,0xf1b7f80893496465L,0xd5dd6bab9f019279L,
-        0x85473bc14ec60138L,0x5e219e24c353225eL,0x00000000000000b9L },
-      { 0xb175cd2ff10b3294L,0x8cdc3ffa902373d3L,0x49bf103f9b547ce4L,
-        0x78437a78684806b9L,0xedf8cea1ecb2881dL,0x3f74415f802d7f2aL,
-        0xf921f614ec2bd162L,0xc5e11e9860a14a15L,0x000000000000007eL } },
-    /* 14 << 203 */
-    { { 0xda963dc90741634eL,0xc2b6b3cc6a62e31dL,0x726ffdb0926a9817L,
-        0x2bc8a0c6a7a05347L,0xb440bef6dad1f7a5L,0x96ae7cb3666ebfb7L,
-        0xf3b41ea36955bba1L,0x2ed577ffb1869190L,0x0000000000000025L },
-      { 0xcd5dc527b188b5e5L,0xa3fa5778ce6e943eL,0x463b9aa822daf81fL,
-        0x2a0544efdfb44926L,0x7c78f0e5c5f56c83L,0x83a5552b87a0cacfL,
-        0x8a5a5cdbf491affeL,0x419ba8841b8398d3L,0x00000000000000bfL } },
-    /* 15 << 203 */
-    { { 0xc7a233d26a1409e2L,0x75613083d555f813L,0x57856cf213217cf0L,
-        0xa98b1bfbf09af4a8L,0x43ce553426956b0dL,0x952672fca3623606L,
-        0x6c5123aa9b1676b8L,0x7ea503cd2c03b708L,0x00000000000001ddL },
-      { 0xfe97c8445f696473L,0x41fc8b4210c17454L,0x5988fe457d0bc836L,
-        0x771a9260151ffcdcL,0xb20c19f78f31f140L,0x6a616316ea95a25aL,
-        0x16ca637432de15b1L,0x428f650bfdd3aecbL,0x00000000000000fdL } },
-    /* 16 << 203 */
-    { { 0x4ac7cf5e23e6c204L,0x7b4459a48deb8019L,0x2ffd2583ebe4e27bL,
-        0xab15feb705e6ae2aL,0x270a5d8fc902355cL,0x8d3df414faf419fdL,
-        0x191b90b534ae3d01L,0x497282c4bb5abd9eL,0x000000000000011bL },
-      { 0xd2232ae08c7267f4L,0xe1fec69b17b6532fL,0x1c6a586eb1a2d82cL,
-        0xeb84318629128558L,0xbf24d2f13a80efd7L,0x93763ddbb22228d1L,
-        0xf9da00393cb37b92L,0x780d8ba986cd2952L,0x000000000000018aL } },
-    /* 17 << 203 */
-    { { 0x85ce6086c42c91ceL,0xe3730ba1beff726fL,0x3a03ccef7b5cdd1bL,
-        0x21f5dd5f74df90ccL,0x515f92541dd8a8a5L,0x32e144b04540ec56L,
-        0xd5b0f4ce1bf59220L,0xf7475efc15b613a1L,0x0000000000000009L },
-      { 0x9648786de09a8312L,0x637db864dec600f8L,0xc8d80a2aeff36b2cL,
-        0xb35ee379748d7b89L,0x80480f180bc51ee5L,0x93ecb703dc1e3844L,
-        0x96285408970354c9L,0x1d025481acdc2e04L,0x00000000000001b1L } },
-    /* 18 << 203 */
-    { { 0x11da16733b2b4777L,0x0da01f6bee05eca4L,0x4a39b2c1b5c102bfL,
-        0xb1c398f40180ecafL,0x0f34076588c87533L,0x0c47914ac3c66289L,
-        0x3696a6fa0dd34c31L,0x81e365a2a368c6d7L,0x00000000000001f0L },
-      { 0x840b207fbd408342L,0x30261282fece17e0L,0x40257c9f3da41fb8L,
-        0xa4cae7603b1ac31aL,0x5fbcff5f594f704cL,0xe351cefe85314299L,
-        0xe22cb75c12b975ceL,0xb1f453d9aa5cac15L,0x0000000000000004L } },
-    /* 19 << 203 */
-    { { 0xc9ead8a3a32cf5c9L,0x7dc1770b97c506e6L,0xe7c79e2d42a4fbc7L,
-        0xb04c9f61bd24d6a0L,0x3205b73d256b6b7bL,0xf16c9e4b2de3cb16L,
-        0x227f1ff5d82a3f34L,0x0019b2fde6349182L,0x000000000000016eL },
-      { 0x1f14191b7572f22cL,0x7302f1d0bf7099bbL,0x7fb16da069ac373fL,
-        0x3339a34583f442ebL,0x2e9f4d5b3748f434L,0x824a57612b80770fL,
-        0xdbb71eccb3f15c50L,0x1682849bf4442e7bL,0x0000000000000195L } },
-    /* 20 << 203 */
-    { { 0x178d85d0416d2153L,0x4c5e98ac3192f6b3L,0xa2bf4a99f469bfb7L,
-        0x0cf96dce79b1c827L,0x1f0c1c1426bfefe5L,0xb311eb1d1eed9d89L,
-        0x740f6075a0e8edfbL,0xaf5aaccd20253b96L,0x000000000000004aL },
-      { 0x383c53e0e2c5bcb2L,0x2bd6968fddf8bed4L,0x3f7fded26470a5adL,
-        0x4262c3d7081745f0L,0xda4dd333cdf6dfd3L,0x3198e00505d05d05L,
-        0xc90c1c96590157c9L,0x2ab65d5b805804c4L,0x000000000000018cL } },
-    /* 21 << 203 */
-    { { 0xc8b63533163574afL,0xd4411f669392afb1L,0x39cae3efe849fbb4L,
-        0xb6905a8d734c3270L,0xb67c07e1cbbb8c06L,0xb255b4db9aac51d0L,
-        0xf199d235564033e6L,0xa95f3a7c0f798793L,0x0000000000000188L },
-      { 0x991b58c05d94e2acL,0x160c5d37fee15559L,0x34604e5ab17d3f15L,
-        0xf5a0f8bdfb1b01f8L,0xe991821b060c46a2L,0xf7a38307a55a0299L,
-        0xc356d8e03afaa0d2L,0x333a3c25f0970ad8L,0x0000000000000175L } },
-    /* 22 << 203 */
-    { { 0x127344e29f66bf23L,0xe5072714c3ff9b2aL,0x9aa6b001571e9d32L,
-        0xe92e4ae6e6738a5dL,0x4616e315433defabL,0xe1309a4a0b892330L,
-        0xde5f54f81acd85a9L,0x6615d532a0013a39L,0x00000000000000b2L },
-      { 0xae7fe9461948c112L,0xaba4b1f25fc94eefL,0x622344602eebeedfL,
-        0xe9794e6c8c0c8afeL,0xa2dbac68aa7d5990L,0xf59d5a7ad07e966cL,
-        0xc301f1334490bb8bL,0x05102377fac91f14L,0x0000000000000076L } },
-    /* 23 << 203 */
-    { { 0x60373c888966b32cL,0xea1c42d6dc6c28c8L,0x18d4ad6301e1db60L,
-        0xbdaaea6027297a7dL,0x8195b41927d1104fL,0xc48c92ed6b0c1bc8L,
-        0xb73823906b31a986L,0x33294cc20e930151L,0x00000000000001c0L },
-      { 0xc482e8e3c6e67f35L,0xeeb9cc9aee7cfe14L,0xff393c6df96fd071L,
-        0x77f360224c240d36L,0x7aa6e6d4008cf062L,0x33f7ba5e334659e1L,
-        0xb7bb47e3338f19e0L,0x24641529965a354bL,0x0000000000000081L } },
-    /* 24 << 203 */
-    { { 0xff3620b84bdbf53eL,0x9a92f844cfb096a3L,0x3b4c39d9d79176efL,
-        0x5c23425d20c67ba8L,0x2a3a36c2aa571818L,0x131fbff694d33bceL,
-        0x8a647ce852fc474bL,0x082f25d4708dee34L,0x00000000000001b7L },
-      { 0x0b83c1f0799941fcL,0x39efdd8895537412L,0x569503fdb5578a16L,
-        0x858772ff0ac52d85L,0x1eb29ef86eeaed65L,0x416b2a4900efb022L,
-        0xc34726fb98e0e612L,0x460f3c084eb7474bL,0x00000000000000b9L } },
-    /* 25 << 203 */
-    { { 0xfd46e1db27a1181aL,0x1ee50b461711b1f7L,0xa60af377813334e3L,
-        0x8151c9876ce57ecbL,0xc75b6a7d140d4b4fL,0x1b8f031e29797048L,
-        0x142493c798c35dc6L,0xb2cfe7b7cbe996a7L,0x000000000000015eL },
-      { 0x80544a487edde636L,0x46353ae9fd5db792L,0xb20013c8220846afL,
-        0x2416e5bdde7762b7L,0xe64be27df87fd397L,0xab712e13e2ffa788L,
-        0x5193155a057b1e4aL,0x5469e2a4b847b16cL,0x000000000000001cL } },
-    /* 26 << 203 */
-    { { 0x5d942f48eea1b609L,0x5b5928f55d45821eL,0x4e902a63e4334d8cL,
-        0x9487288dfd9c133aL,0x076583ec0562afa4L,0x15ac51ce847620a8L,
-        0x75614dcd6bb7db20L,0x61b4f0ac79817a3cL,0x0000000000000135L },
-      { 0xafa3db2917e1ade5L,0x34c874f1303a98a8L,0x46a0324db21aa653L,
-        0x6bbd6e145845d604L,0xa08a64424c41da8dL,0xa86f0eced381c0bfL,
-        0x680383de6177267eL,0xd8a8c02c2eb78f7aL,0x0000000000000182L } },
-    /* 27 << 203 */
-    { { 0x510c5be254c5aa6eL,0x814e5b33a2c96898L,0x5c5409cc0bc238d9L,
-        0x5b5f3771d0f892eaL,0xc6d889cb5adb6dd6L,0xd69b4a965bcc3a28L,
-        0xb005053762d3d8caL,0xb649554bbbed8aaeL,0x00000000000001ecL },
-      { 0xeed46bb08eb806a6L,0x9b77f90339b297c4L,0x768412874c81b21eL,
-        0xb9f15aae9f97d21fL,0x860ca9350ecfb6efL,0xe4199e02d03a9365L,
-        0x4b4f34036b22befaL,0xfce4b34a3e909e2cL,0x0000000000000035L } },
-    /* 28 << 203 */
-    { { 0xa29eabe4613c2400L,0x6da11ad55fd4843bL,0x6c479b3ea02471adL,
-        0x36f15bc6fbb5c3acL,0x4fb2678cb1d9580fL,0xffe413ff946486c5L,
-        0x5907bfdfa12b55e6L,0x32f96e37446dbb1cL,0x00000000000000f6L },
-      { 0xd371325a5f34ecbcL,0x4381c3cd2296b634L,0x059d9308e5fd27ecL,
-        0xf6ce8b258e757bbaL,0xddbf8e7ade871b1eL,0xe66728521ed3e5d9L,
-        0x6d20b61da5d76131L,0xb8902120ed8a464aL,0x0000000000000029L } },
-    /* 29 << 203 */
-    { { 0xafd1249ea0049ad9L,0x17e3f90da460a3f1L,0x9bf7805cad6c8671L,
-        0x4de57997e5e4efdeL,0xb6d31c92436e52fdL,0x3b5d07d0e66dfedcL,
-        0xe8f61a8613b6040bL,0xdb120430540de2f0L,0x0000000000000046L },
-      { 0x17a3a42b480fcae3L,0xe6724148df4383beL,0xd0d8e825e7398a02L,
-        0xff5e909116413545L,0x80a83d1b9e9f32d7L,0x1e64d4128169cd89L,
-        0xc06a950009862dd0L,0x5ab3d610135884b7L,0x000000000000017fL } },
-    /* 30 << 203 */
-    { { 0xb22b6df53fe8f109L,0xe4ae50e7c00edcd4L,0xbf891ce36387044cL,
-        0x0716f49bd08fb385L,0x0efbe8c154934b45L,0x08e66176982f659dL,
-        0x042ce73691962a9eL,0x1f08748ca2974528L,0x000000000000006eL },
-      { 0x8fa7abdd6b9af5d7L,0xaa2fbf79978b04ccL,0x4ea61bae7f3136b7L,
-        0x406b670e150cad9cL,0x22be2a1b08aa96f6L,0xffcc680d566c56d7L,
-        0xe65207819a111236L,0x940aef1c69d2e843L,0x0000000000000062L } },
-    /* 31 << 203 */
-    { { 0xd129e91b896698afL,0x73b41a17181e6925L,0x97ce44352236ade8L,
-        0xd75aebca34fb46a8L,0x14c944000e23617bL,0xcd8b9bfbeb166d12L,
-        0xee040a4c3a905495L,0xb72ecd7ec410f093L,0x00000000000000dcL },
-      { 0x061e964149500be0L,0x6bd1c08f37d923d5L,0x20ace6977d7c8942L,
-        0x4b0799a17ec28340L,0xd78d922cc03f7a1eL,0xaa5ed16c52d72598L,
-        0x9a9465fc536adef7L,0x1520c2f1b2190fa1L,0x000000000000014fL } },
-    /* 32 << 203 */
-    { { 0x0fc6c549c4c762bcL,0xc43915e34e5eb96fL,0xad88ee68d1bb0b5bL,
-        0x484a9fad3f1f26a3L,0x0d93055c2bc15e9dL,0xa745abbb06d26bb7L,
-        0xf60ed3b8464f0731L,0x963d8d94ea9058bfL,0x0000000000000039L },
-      { 0x4608ac087b67b298L,0x3baf2ae6c85cf812L,0xb30aec550d25bedfL,
-        0x581493507ce48459L,0xfcb39f45d3c41e2dL,0x48d241a0126e11a7L,
-        0x7b425421909a1621L,0x9bb349dde746bf4bL,0x00000000000000abL } },
-    /* 33 << 203 */
-    { { 0xf78ef0177735364dL,0x4242a9b94f24972cL,0xaafb2ff361309582L,
-        0x68159118c9fe5e6bL,0xa139c9d817d00812L,0x396e0ab8226a0decL,
-        0x3a30e3c673ea4520L,0x18df75b8a9dd6918L,0x0000000000000104L },
-      { 0x1604bdd3791132f0L,0x0d35e98dca54008cL,0xe9ceeb9b6c26b2a0L,
-        0x4a4c2574b1f5b2a2L,0x69fbe01ff67ec174L,0x869a7c63315bc86cL,
-        0xf08c67d6679659abL,0x5569ff11470dfd0fL,0x00000000000000dcL } },
-    /* 34 << 203 */
-    { { 0x3f0253b63cbfb254L,0x6ae0490dfbc31984L,0xe3211ed9838456d9L,
-        0xa777ce33d6dda841L,0x2477049c8192bf72L,0x272fd5e9a4c1ffceL,
-        0x4d93c00b02a926a8L,0x1f2575f0e049893bL,0x00000000000001daL },
-      { 0xee660c10a1ea2fafL,0xd873fc0cb8c5388cL,0x567dcbe9dca70a47L,
-        0x9d40a36f11c8a42fL,0x3676748d0ac98534L,0x2bcbf2174d49d6cfL,
-        0xe11f56cea7891326L,0x1ab209d7060afa57L,0x000000000000009fL } },
-    /* 35 << 203 */
-    { { 0x4b6d579ba05593bdL,0xc6285d8e3e95708dL,0x9241a96b5c289411L,
-        0x25ca7d1a7ff046d7L,0x2590294a1361f71aL,0xb49a914ec83ad83eL,
-        0x89aceb3a85fb27d8L,0x6776c7f95575641fL,0x00000000000000ccL },
-      { 0x4b835dbc0613476bL,0xc94fdc0798cd4c80L,0x335103581a99e1e3L,
-        0x904d83c4be2dc3aeL,0xbd1970b7528f5723L,0x6bd945cdf6821722L,
-        0xe3f06e613361a4b6L,0x6dd9696ad6bd360bL,0x00000000000001aaL } },
-    /* 36 << 203 */
-    { { 0x060220b0d5aabf1dL,0x7ec07ddee8faef1bL,0x1c30e81f33c88f67L,
-        0x3ab29b3b460c1969L,0xc884e421d4f18871L,0x3d76eba1e1d5f78eL,
-        0xad2f04f5f5600f5eL,0x2e07b7c6fdfaa998L,0x00000000000001ecL },
-      { 0x94aa1de0801495d7L,0x35dead394496468eL,0x3b3856ac27ab597fL,
-        0x0d1781704ce8ab57L,0x32add9b6a50d197fL,0x251a00a000be8d21L,
-        0x8c65dd58c2200093L,0x2da03bd64b7ac520L,0x00000000000001f3L } },
-    /* 37 << 203 */
-    { { 0x7d77930ffe885231L,0x7c1d348265515480L,0x1028d2f332001982L,
-        0x7bdd01a2f88d1e1fL,0x08e5a9624fc0514fL,0x5fe3e2f0bdf8eb8bL,
-        0xf4028d9cf33bf562L,0xfd0aac8b9adec91aL,0x00000000000000fdL },
-      { 0x262500f4c7eecbc5L,0x8e1ea6e773113904L,0xb4fda953c677fb11L,
-        0x15e2bec7f004bb4cL,0x0ec674739adf1319L,0x30c7b3002e1908c8L,
-        0x72b9155302f8fe1cL,0x4c1ae8241fef5d3dL,0x00000000000000bdL } },
-    /* 38 << 203 */
-    { { 0x65afe7c36fc63e54L,0x6c79e1d949f2ee4fL,0xc8c051c698930252L,
-        0x433fbf5bda5a1e42L,0x0f5fb506d2262325L,0xc3ac5598bf7bb66eL,
-        0xb4080aff038c1d7aL,0xae7fdc8a879a0b88L,0x00000000000000fbL },
-      { 0xc8633f62b2ccd88dL,0x7a8c4df946413bf3L,0xbb3a0aff154bc142L,
-        0x0a25d6637f99f5ceL,0x2f9b556d91512e7dL,0x5856e88dd4fcbfc1L,
-        0xfbac60880d590e7bL,0x3e74b8f7572a6a15L,0x00000000000001f5L } },
-    /* 39 << 203 */
-    { { 0x2e92481a490bf8c3L,0xb234c92c44d07befL,0x23be000f6010e6abL,
-        0xdd24b74db1f6e796L,0xb885f4d57f2b555fL,0xf884923f24e9d3e7L,
-        0x12bb9608f5252325L,0xeb4d240142895b93L,0x00000000000001d8L },
-      { 0xb7639fb2e02a475cL,0xbf16704256218563L,0xe8f52550b704617fL,
-        0x35fbc89365a77f60L,0xb7cf34eb39d0d9f9L,0xfc9a3a37721dfea9L,
-        0xfbdd63fe12b1bd09L,0x8319294c9b186376L,0x000000000000002dL } },
-    /* 40 << 203 */
-    { { 0x760be85ba57579c2L,0xe47a63aeea20d741L,0xf80319e5232ac17fL,
-        0xe3a492894c6087d2L,0x3d8d470fe20d0690L,0xfb770c1ae9a1e231L,
-        0xd7e1cba177a0824aL,0xc90a181ef7ab7398L,0x0000000000000123L },
-      { 0x26bd2f3b59ec175aL,0xbf65beef751bd1bdL,0x242a83d6fe1b44e7L,
-        0x9c16d231a1dccec8L,0x7ca438f66e6b3e04L,0x50b091d4c43e7f09L,
-        0x23a893f32d886f9aL,0xb18a52c8b26c60c7L,0x0000000000000069L } },
-    /* 41 << 203 */
-    { { 0x9bd5bea7d2af96d4L,0x6fb5de3bbc502c9aL,0xb5fe88e904928dd6L,
-        0x660accf4c03c98a1L,0xe59d202975520adcL,0x12c50027fe29eef8L,
-        0x6d2739cf3758dc66L,0x49b418f24b9cb6a0L,0x0000000000000021L },
-      { 0xdf55798a1a079e8bL,0xc7c4f956fe9f31c6L,0xca1c9c93604849fdL,
-        0x29d32b26f33c9d98L,0x79f867bfd1cc0d6aL,0x776857b4bd3b05cfL,
-        0xf445083cdc53ac52L,0x19f3a0e3be72024fL,0x00000000000000faL } },
-    /* 42 << 203 */
-    { { 0x4a5cee83dee4aed4L,0x670871eaaccf44e5L,0xd325710515daa7dfL,
-        0x41ed4dee9573f014L,0x0621cfe9c7e9c774L,0xdb71a7db46ae0c35L,
-        0x5fbbb44236d96fe6L,0xfc4ee442791497f8L,0x0000000000000025L },
-      { 0xb58373bfda824d48L,0x2eba350be2b6feb3L,0xe732690e5cece104L,
-        0x42f7dc57a0fade31L,0xb2ac02a777a8ea62L,0x2c39600f2730cc77L,
-        0x71ec3499ab92a6ccL,0x857ac22e85b8f70eL,0x000000000000013dL } },
-    /* 43 << 203 */
-    { { 0x351b69db61e98acfL,0xb2699c2328ac4d57L,0xee2392c34b2cd5c6L,
-        0xcb4914379838b68cL,0x11af2ea4a79b35a0L,0x0baaf41584ec5f87L,
-        0x380dbda247432ae0L,0x5949262bbd9fecc1L,0x000000000000011aL },
-      { 0x461c1a7c33de0a7dL,0xed6b4f1a2158de9eL,0x1b51b42f97af5453L,
-        0x5dd95efc0b1f9f62L,0x43680178f2fe73b7L,0x43eb48a07ad44206L,
-        0xfefa59bbbc57342dL,0x92be4ae731e62d3eL,0x00000000000000ebL } },
-    /* 44 << 203 */
-    { { 0x50720100fd88d0daL,0x6c96ed6eff0c9301L,0x5cfee40f95d538bdL,
-        0xb8a8dc1d8ce5618cL,0xc4f7326f15fc988cL,0x2c93679915b83096L,
-        0xf99f2517cfa85d25L,0x822fcfae5900af2cL,0x0000000000000011L },
-      { 0x4c87b89e2e424f4dL,0xce5f4f37eb2ebfe7L,0x9bea312196392a9fL,
-        0x30c5e7742855b498L,0xa9fef9945a06b8f3L,0x9372653173d076d1L,
-        0x3237fe278510f6faL,0x2889eaaa1ed4a243L,0x00000000000001bfL } },
-    /* 45 << 203 */
-    { { 0x2854d519527d1fa4L,0xec81e71f030bfa56L,0x7c7a6f6c74f9b14eL,
-        0xc14b2e2fac46e139L,0x266d547234be2050L,0xc76508966ee9b75eL,
-        0xbcb2a8ff31cc54dcL,0xd30db5283217cbb0L,0x000000000000005bL },
-      { 0xc60582de3d8f4fe7L,0x3571cea717d2bcceL,0x51f2c889cdb6114aL,
-        0x67599f6dd8034eb2L,0x39ea1fb81c73d606L,0x202f869715dcadd0L,
-        0x75b193f9ed7493ddL,0x0594f438966147b7L,0x00000000000001baL } },
-    /* 46 << 203 */
-    { { 0xe8a247b9ddb773eeL,0xf011460b3a15d54eL,0x513260d9c6c9729aL,
-        0x3141d40090f7c352L,0x08abd3ed3ad70a9eL,0xecc1c0b0d4416182L,
-        0x378a698baf4f30d8L,0x0e16d0c80d60ca6eL,0x00000000000001beL },
-      { 0x1dfd2561ff8f8008L,0x81ea4aa79a575caeL,0x7c786f74b483667fL,
-        0xd8fed3f94ee8c195L,0x90fbadb4a6f48ec1L,0x60ffc1f0427e2ac1L,
-        0x50278a1d955ae40eL,0x6ad088ec707c1993L,0x0000000000000040L } },
-    /* 47 << 203 */
-    { { 0xc5fa1b24da9e4707L,0xb2ed74501186afbaL,0x6a7b01ee5671cf3cL,
-        0x533241c421e91105L,0x33fe3ce08e6c7277L,0x6bc05f002376d680L,
-        0xe35268f1a828e28cL,0xbbe9432cb60d1db9L,0x000000000000002bL },
-      { 0xc11785a77cd09d89L,0xa68d9f4cc5495098L,0xfd929e7877817c92L,
-        0xfc91a43abb6c8891L,0xa931f7edb133140cL,0x30f07e5841125b2aL,
-        0xff9ddb7427f03ab2L,0x0cb025851fd99248L,0x00000000000001b9L } },
-    /* 48 << 203 */
-    { { 0x9cf44ab408998910L,0xdb3fc2ed1a5c47c4L,0x7752c31eee0be9f5L,
-        0xbd4bdfa943658470L,0x6fe2594572f2fc86L,0x237e1bcfef842a76L,
-        0x74a857e47220a961L,0xd007b3e3c6bc996fL,0x0000000000000075L },
-      { 0x133e7f3d64ae70e0L,0x31966cdb96444608L,0x88fe449aacf0d4efL,
-        0xddc0df233b47912bL,0xc19d556d5771cdb5L,0x122a6b4c834c9d4cL,
-        0xf4fd9193128abd43L,0x42dde25bc55b3ec4L,0x000000000000004cL } },
-    /* 49 << 203 */
-    { { 0xfdb3c4406206a4feL,0x125e23203bd37671L,0x51afe42085c66b55L,
-        0xc82746a7c940c824L,0xd2f7bb9f815d4539L,0xafc81b12635037a1L,
-        0x52186ca4c7627416L,0xe1af5236303a7901L,0x00000000000001d8L },
-      { 0x2f110c396dc058ebL,0xbe11880e4a4c8a7aL,0xd08d8ee763cc89a4L,
-        0x609e4b127ff4eaa7L,0x34344cbe13acbbdfL,0x327f290902faa861L,
-        0xa78fdd5ac3ebf0d0L,0x0bb5a4256c4d55c8L,0x00000000000000afL } },
-    /* 50 << 203 */
-    { { 0x42aad690805acc53L,0xa7493fc7dd905627L,0x487f9407d9ff6965L,
-        0xdaf7232e6c45192aL,0x403d57cd8d6e7d00L,0x931d29065fd272e5L,
-        0xfd7ddc1c35824aabL,0x587760407dd72d28L,0x0000000000000194L },
-      { 0xa559885f94fb6cb8L,0x18dd399e1dfeaa2dL,0xa6f23d25eb1a0248L,
-        0x4875945120e84064L,0xd481f3bae40bec92L,0x7bd5cf14464e0aa2L,
-        0xdcfcce53ab13bd66L,0x47391f2ba2ec1297L,0x000000000000000aL } },
-    /* 51 << 203 */
-    { { 0xac5fad77cb3652b2L,0xf60c981b1702815cL,0x3f848d658c5451aeL,
-        0x158ab410e63af4c6L,0xcd7bb3a5f46545efL,0x81dac1f4dd4f3e3eL,
-        0xae18eb6b0ca68587L,0x3c11c12b0f2f0afcL,0x0000000000000027L },
-      { 0xa770e6757e36cb2aL,0xdf6d0de92153e716L,0x84b953bc23da6df9L,
-        0xa2b731d222921fadL,0x76d5d2bd6f721c04L,0x84826a176ccf0ba4L,
-        0xc5876c6a0f44e9e3L,0xb215b5099f6f565fL,0x000000000000003fL } },
-    /* 52 << 203 */
-    { { 0x156a9949f151db06L,0x22b6b0fd06a70b1aL,0x32d582e4ce617d0dL,
-        0x84fb33d0992eed75L,0xa1c7f6b2c077d815L,0x3285938f313dbd79L,
-        0x8a8fede6076f503eL,0xfdae2afe7c95c93eL,0x0000000000000139L },
-      { 0x96f542035812daa7L,0x479ba6d3a2d361b6L,0xa3793b005705ed2eL,
-        0x943d444ad5ffe440L,0x474e4864379e007aL,0x9ff8bc4dacd38afbL,
-        0x508f54e5a6195a99L,0x3085a04113817842L,0x00000000000001feL } },
-    /* 53 << 203 */
-    { { 0xfc91e9f6bfd0daa6L,0xaf6b749fa3f661c7L,0x01909cf557e3ccf5L,
-        0x35b238be3ee3bca3L,0x4bcd54419bf8184dL,0xfba84a8c70887c36L,
-        0xfcbb0d1de463801aL,0x50ccf27f439a5570L,0x0000000000000087L },
-      { 0xc4493206a8126517L,0x7fe519f9f3614d98L,0xd384e085c3b33b80L,
-        0x7cb14d0b2f997b13L,0x768db950e87f06d6L,0x970b51fbbfee3e6aL,
-        0xa39779e815cd21a0L,0xf677327e5bb60c21L,0x00000000000000ccL } },
-    /* 54 << 203 */
-    { { 0x1da1477e29decfa5L,0xda072008f02d4900L,0x308e95bba4a4a5efL,
-        0x7ea7a7e700684dadL,0x8fdecb5864c70f1aL,0xac1f215de2b6bc4cL,
-        0xae5dcfe17aee88e2L,0x755dc3734b87ea15L,0x0000000000000113L },
-      { 0x31cdcd38c9abbdf0L,0x002275fbb68c75beL,0xa597136936819c82L,
-        0x0d32bd7478d0808aL,0x8c6272fd441d62d9L,0xac06165632ff00f8L,
-        0x21b9e0076a1b924fL,0x38af0f3fff5ff630L,0x00000000000000dcL } },
-    /* 55 << 203 */
-    { { 0x55989a4e1513fe24L,0xd6fabb7a377c6d9dL,0xfb823e5b0578f12cL,
-        0x2468f83105377082L,0xd4878755ace05f05L,0xcdb85e0e1e391758L,
-        0x45635c6b145f3ebbL,0xd278b81411717273L,0x00000000000001c3L },
-      { 0xc72cd647b50c5d7fL,0xf047d529dd74bb7aL,0x9300b986938084c6L,
-        0x39476814f0b7388cL,0xc7b74b2fcc7f991dL,0xd684e2f5bed333beL,
-        0xc6191b9f5f713216L,0xfacbf180c5995497L,0x0000000000000065L } },
-    /* 56 << 203 */
-    { { 0xe3cf0d5abdae44fbL,0x71ecef1ef6f5cfd1L,0x7fa5ff37a11bc661L,
-        0x2e0d9032ab6a8007L,0x8e465ff4b99ed2b3L,0x63ee69531a62a4cdL,
-        0x31ffa26bad2e514aL,0x0c5e085f6ff7bb4aL,0x0000000000000128L },
-      { 0xe1b74ab9d20c8193L,0x0f67229ad63050feL,0xeeaf4ec6ce73ff43L,
-        0x10094ecf114d6d87L,0xf515978540801d95L,0xa09334933f23d6dbL,
-        0x0ac122515f242117L,0xa1a4a37f5643d48aL,0x00000000000001d7L } },
-    /* 57 << 203 */
-    { { 0x08bb5ac7384a5d01L,0x4b476ae6141e85b7L,0x00590a5e1d16b1baL,
-        0x722dce02a2654e49L,0x380d3ac2483bd792L,0x247a5eb2ce16ad4eL,
-        0x5ba4f9402eeba293L,0xec77ec84a7507cc4L,0x0000000000000137L },
-      { 0x1abf1b23c775da9bL,0x51926f26193fd227L,0xd4a448fe01380d03L,
-        0x681fe1925ea66a42L,0x794acc9567e1d118L,0xe712708229692e86L,
-        0xbf4924323e527353L,0xd9aa506903fc2288L,0x00000000000001adL } },
-    /* 58 << 203 */
-    { { 0x8f6c6de220075145L,0x2005c1b150c10e08L,0xcb6f289fe8304e93L,
-        0x8772c2f895b33af8L,0xfc9ac3cfb78f1556L,0xa4a401e2be444c8bL,
-        0x140354191c3ecbe0L,0xa65d09c100ac6e64L,0x000000000000015fL },
-      { 0xa6d278eaa028bb56L,0xf8fd2af7f7809e33L,0x8ae6c10268f7c2dfL,
-        0x6c70558658cdaa11L,0x2bfbbef7e3c31f4cL,0xf8b8a7cb9e618b41L,
-        0xb521782dd7782d09L,0xd779f775dff8910eL,0x000000000000013bL } },
-    /* 59 << 203 */
-    { { 0x5320eefa9777d185L,0x68beb1e5eb1e2074L,0x78dee05ec1e19dd5L,
-        0x5f860f6599bd6062L,0xdee3934194257635L,0x342770ce8635d6c5L,
-        0x8a06a3512e8be17fL,0x9d59963df78ab6fcL,0x0000000000000153L },
-      { 0x39d400fbb2b8dd24L,0xf133abbb1acfdb33L,0xffd9d7a4d0506911L,
-        0x134d6fedff9d17c2L,0x64622ea9d5149d82L,0x8ff0c386bab0505aL,
-        0x7998c2288977e003L,0xc41aea628ad09185L,0x000000000000001aL } },
-    /* 60 << 203 */
-    { { 0xe8f81e67f0dbc26bL,0x67a84c46f8124049L,0x7c12baed629b2402L,
-        0xd39ab731384afbbdL,0x7abb971abe6168eaL,0x3ec476fb5dc96bddL,
-        0xf568fab44fa5f270L,0x739374abac51818fL,0x00000000000000bdL },
-      { 0x83d36009af42bb0fL,0xc6958d2c42dbd415L,0x39f20878bfd8cb62L,
-        0xb2528156e23525ecL,0xdf6b3537ea725e7aL,0x6ddafd2d6c2dc45dL,
-        0xb696f0b8b8682ed4L,0xdd22cc010b611962L,0x0000000000000123L } },
-    /* 61 << 203 */
-    { { 0x10a08a1d429ade6cL,0xcfebf0de40932626L,0x2a55e9c5e357b14fL,
-        0xd551713e4ac50b0aL,0xeb32aa3fa3be7addL,0x6c10ef40612e530aL,
-        0x887ba5fed318f9dbL,0x9328d459bedf5ba0L,0x000000000000013aL },
-      { 0x91af92d7c4ce63daL,0x2500a7b7aa099030L,0x5cea55f7f0e69a79L,
-        0x28ca6b389e2136ffL,0xa0a71734e6472420L,0xfb6dfe6f191baf68L,
-        0x80d32b3c985c5e32L,0x29d49cdaf82c5f47L,0x00000000000001a2L } },
-    /* 62 << 203 */
-    { { 0xb55c2c748f50537fL,0xdd9c6df320a3297dL,0xb0b5477afce6109eL,
-        0xdde894cfd5a0ccedL,0x4499db297480d3a2L,0x22dfd2bb556180eeL,
-        0xde7299830c83a1cdL,0xf4dc6b95a709c0a5L,0x00000000000000f0L },
-      { 0x2f295e2db07bd50aL,0xc0a72738bd5546b5L,0xd52477a78ec7811eL,
-        0x92e14d8eba3186a7L,0x8eb36ad32467a3e2L,0xebe38e24a07ed270L,
-        0xfbebfb87fef24897L,0x6bf271137005debfL,0x0000000000000144L } },
-    /* 63 << 203 */
-    { { 0x9441cc5908dc7a12L,0x64ac736d8fca53eeL,0x19d3acb882a58c26L,
-        0xc159d488cda04962L,0xfe82b61dba03928cL,0x8a7234e590149eeeL,
-        0xa561263424bf8caeL,0xfb65e1ea2ac90b43L,0x00000000000001ecL },
-      { 0x646b4ad41ab30bd1L,0x49c490c08bc81256L,0x0e07b398bb57c018L,
-        0x8d00bbea5bae6201L,0x1e3cbbaf746d5441L,0x48ea6a235bc6f24eL,
-        0xf6828b36cbbbf53aL,0xb54e8f928f84432bL,0x00000000000000ecL } },
-    /* 64 << 203 */
-    { { 0x8f45148da52d1421L,0xe89923fd09daf522L,0x112ca311c8f15492L,
-        0x91b33ccb469e61fbL,0x040de443fb2ab91bL,0xb9d124fd4f9b32e8L,
-        0x84da47a9f07573bdL,0x93b7ee6baacdd14fL,0x0000000000000064L },
-      { 0xb3af161f4be64122L,0x5946d2ec149c5475L,0xdc04fcd0256a1ecbL,
-        0x4fc571b7327e7a8dL,0x5206ea559580edcbL,0x7f41a742f20a94c0L,
-        0x1bfddff0f7fe1fbbL,0x3860b232e2f1fddcL,0x00000000000001caL } },
-    /* 0 << 210 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 210 */
-    { { 0x7eaefe12155c337bL,0x357f27cec7186596L,0x90c26c69654dbbebL,
-        0x6bcca278a1b63a6aL,0x776b7a928edd9123L,0xb2bef5076c6da5e9L,
-        0x805ed3aa0e3c747bL,0x298ef458659df2efL,0x0000000000000098L },
-      { 0xe3dd893935a79f8dL,0x672b109ca1972c6bL,0xad41cbae07953a4dL,
-        0xde07527fd206de77L,0x1f55a4c0b61d9811L,0x929d56d57a75360eL,
-        0x9f2becff5032efe6L,0x0de654c760f0622cL,0x0000000000000018L } },
-    /* 2 << 210 */
-    { { 0x50e39fd1ea8dc4aeL,0xc68d8b0f5fd16c88L,0xc95f46e90ced75abL,
-        0x845ee3947375e952L,0x5865161d3c14b1c2L,0xe29ae3a6399431acL,
-        0x02d1c6eaf0feca0eL,0x76059dad24f35b02L,0x0000000000000081L },
-      { 0x29fefca13ac6a96eL,0x260a7f7d5d01c1d8L,0x63fa36033ef9812fL,
-        0xab1a91c9f9404b6dL,0x32555cfda9406e88L,0x666eae1c5b63890dL,
-        0x22ec92aafe9605e0L,0xde2a85103235e860L,0x00000000000000c3L } },
-    /* 3 << 210 */
-    { { 0x6587c0b191979247L,0xf06dc068ccf0762eL,0xc3a2b88e277351e8L,
-        0x42e9494a2f607af3L,0xd1aeccc782b271dfL,0x3ac627d494648a93L,
-        0xeb180b78bb62dfa0L,0x7e34653033232d06L,0x0000000000000183L },
-      { 0x084e8c75e5c2357eL,0xa380334756c91ac0L,0x772e24a0015742f3L,
-        0x2610a9b247393c4aL,0xb58ced0b436a641dL,0xd55dbdc01850fb56L,
-        0x64c97fc5aecf40afL,0x6de1de5d00330087L,0x000000000000009cL } },
-    /* 4 << 210 */
-    { { 0x2bad7686d90119aeL,0x8dcd64f0464b230cL,0x1d1eeb94dad19cb1L,
-        0x3b47038986f0eb48L,0x42abb37d2c50f380L,0xfabbcebba7a99eb1L,
-        0xfeed69dd33fb0b08L,0x8de8b50e31dc2b1eL,0x0000000000000057L },
-      { 0xe10dc8a6054ed7a9L,0x7094fc36cf39bec8L,0x487789a825848527L,
-        0x8786eaa339974124L,0x47a0d6b0a6e3e5abL,0x54ed0b21e981e517L,
-        0x85cf17eae768123bL,0xd9a933b0636e78c6L,0x0000000000000127L } },
-    /* 5 << 210 */
-    { { 0x773317e5e965abe3L,0xe8862edea879f77eL,0x4601164bc562701aL,
-        0xbeb011903d4e07b4L,0x75a41c645c19194dL,0xd86e32ca954ddfb5L,
-        0xbe5ca8c991a87274L,0x034c2e1d26aacfeeL,0x00000000000001e7L },
-      { 0xc2bc377abea32ea0L,0x9de44c2dbe946f97L,0x5d4e3f655c44e66dL,
-        0xbaa8d970ac2805f5L,0x706fe3da518a0081L,0x2bf6f7c79bc1f747L,
-        0x1b468d12759da2e6L,0x3f5a410239f61705L,0x00000000000001deL } },
-    /* 6 << 210 */
-    { { 0xe3acc0e88e647c26L,0xf22855fa2eeccf87L,0xf31f71d569ff841aL,
-        0xa9e26b1ad8ef203aL,0xb3fd64db61ef98cbL,0x29af19d73b642e77L,
-        0x94474091741591eeL,0x904e7fd077619d47L,0x00000000000001b2L },
-      { 0xe4c9e0608f0e5bcdL,0x9a35f72d0905a05eL,0xd0ba9e95fa0cf7dbL,
-        0x445ca1a5614f1042L,0xbbd0d5dcaf5a5318L,0x67782d6e0a41d90dL,
-        0xb296381bb6a00b72L,0x57fad3940de3382cL,0x000000000000006eL } },
-    /* 7 << 210 */
-    { { 0x6da8acb7636d8777L,0x17555ae8d341b800L,0xb1568202f44d6da9L,
-        0x08a44805f4dc644fL,0xc55f2c18e121a82aL,0x5b5aad0b568d7db6L,
-        0x3ee3c48b686c7713L,0xc57cac2c6d44f289L,0x0000000000000128L },
-      { 0x0f14e697858b59f0L,0x00d714b14d03cf4bL,0x709f77084de0de30L,
-        0x708cd7f0c5ee4559L,0x38dd88083e9a8665L,0x0a5fb9589f83fbcbL,
-        0xc224694a5c7dd1b5L,0xeb7258003626ededL,0x00000000000000ddL } },
-    /* 8 << 210 */
-    { { 0xd388e288cf34553bL,0xd09b7877c6d36700L,0xc3e51b059504c41bL,
-        0x0bbd1313d0ef31abL,0x455759080a3e2144L,0x774bf584d4b738b8L,
-        0x3f4d85bae9d97733L,0xdfea7f28f0e4a66bL,0x0000000000000172L },
-      { 0xa6b684558118ae5cL,0x7a387b8b8e41c0e2L,0x96193c31f2b2cd4fL,
-        0x54d8c8934c5c7414L,0x397ba89f0ab2b85fL,0x2ab9e8f773eebea5L,
-        0xf4b5eca1e8d4c927L,0x026a0b0842ac45bdL,0x00000000000000abL } },
-    /* 9 << 210 */
-    { { 0xc2c87545298feddbL,0x470bb0bd57824145L,0x8535201fe71f2a83L,
-        0x15c5c54c117080d6L,0x128d4fe3a05e76beL,0xd4e70c4a4bf91f37L,
-        0x54fe9a939826b38eL,0xd67c68802a561594L,0x000000000000011bL },
-      { 0xa82826c1a97b6d7dL,0xe2da2126e413c90dL,0x2d897fea71a14c78L,
-        0x507ffba7806b4541L,0xc9ce796501b35c08L,0xaced047127638092L,
-        0xbcbf0b84ed0ea6ebL,0xb63a061b05d84400L,0x000000000000002bL } },
-    /* 10 << 210 */
-    { { 0x57e9a69316532d1aL,0xf478a1fbc138250dL,0xf361a41cd2ac2c5bL,
-        0xf25c676d2e731c53L,0x279560ad1ebc7490L,0xe8236eddc10384e9L,
-        0x7441e5732d5228caL,0xd118d9328feb88d7L,0x00000000000000a0L },
-      { 0xf31779e746032b98L,0x05ab63064ee8d408L,0x4e67de56b0bcef53L,
-        0x762e211f843fe3a7L,0x22bf07e8774b56d0L,0x3aade5d730c2d994L,
-        0xa7f2f71246c80546L,0x3ac087b22883ca5fL,0x0000000000000087L } },
-    /* 11 << 210 */
-    { { 0x407c5d9aeb5d82e3L,0x30a608780f78a237L,0x245819947c64f8aeL,
-        0x731df3f705e01562L,0xa2e62428758cc895L,0xd211176cfb7413daL,
-        0x7e6e91ec84b68277L,0xa3f3f7633b3b5b35L,0x000000000000016aL },
-      { 0xb6008526ecd1f4b0L,0x713463dc81f30634L,0x6453a4f7bb65e2e0L,
-        0x1a1116bc0aa7ed8bL,0x363735d5d3c34ab4L,0xf0333b9b525b97f3L,
-        0x284602fc50aa6cbdL,0xa9f283df0cadf6a1L,0x0000000000000145L } },
-    /* 12 << 210 */
-    { { 0x4b736d32df234e4eL,0x66237d17d14bed77L,0x552baa3e4dde4942L,
-        0x947169dc23756ffcL,0xe595f2646749eed0L,0x2ed82e6ee3c8ec5fL,
-        0xd52dd4bc495b60a0L,0xccd7a2b340553cfcL,0x00000000000001b7L },
-      { 0x9de7e73e889fbda2L,0xeb68c0d9c02a698bL,0xc433363b1510c24bL,
-        0x329f6b4ee2af686fL,0x3bf95cb33cd6cbd5L,0x2c9924b339e49b52L,
-        0x3a4322bb3e1ae491L,0x3efb3b85504f582eL,0x0000000000000150L } },
-    /* 13 << 210 */
-    { { 0x013dc2bd0444d98fL,0x4de8b097924c66e2L,0x9ec9f89623d19d49L,
-        0xfe687746b87f064fL,0x246382118a91a448L,0xc67b870471e274b7L,
-        0xc4418f6008d4a531L,0x4586c1eb20ce1a9cL,0x0000000000000131L },
-      { 0x7ad3cd88751ffcc1L,0x18d68df10ce22160L,0xccfeac397abea4ecL,
-        0x29d9fddc2685bf7fL,0x9e6b18ff47a6efeaL,0x3b627d6f57d0e3d5L,
-        0x58ce41ec7ff343f2L,0x5158919391a231faL,0x000000000000017cL } },
-    /* 14 << 210 */
-    { { 0x21e51a0354ff9df9L,0xbc033f12390d78abL,0x7faa458e9c43347fL,
-        0x2057222fbf867c8fL,0x6f5b703c3e064f9bL,0x4e36ce8df6330e33L,
-        0xfa0198f8267ee695L,0x68eaf31f89f13590L,0x0000000000000153L },
-      { 0xb493ba909970b82bL,0x31e3a61197d166daL,0x0b11fb84ae14be07L,
-        0x10d94ceb5fe0479eL,0x56c6f6fae10acb34L,0x46f3308f1d2441e1L,
-        0x1374e4f3ec9db49bL,0xd948930f13d2533eL,0x0000000000000025L } },
-    /* 15 << 210 */
-    { { 0xbd79f69a17f3e079L,0x581645e9398eb5c8L,0x1164a83314fbf1e0L,
-        0x578256f31c79999dL,0xc3dd57963e64e48aL,0x00207040947387efL,
-        0x73a0b57ed406b606L,0xd9d3c48c970a0d17L,0x00000000000001dbL },
-      { 0xde458dfe8fa49aa3L,0xe87a7a3cde431fd9L,0xc6f7d8ffcbc16172L,
-        0xc105217099a5121bL,0x4a8cdcc81598125eL,0x748703e3e913bc06L,
-        0x906112b45fb246a4L,0x784afb8f1a1a56f0L,0x000000000000006cL } },
-    /* 16 << 210 */
-    { { 0xa01f0a1936b984a3L,0x46ad91732ae5ad96L,0xbd7c413ddf12a570L,
-        0x24a748c0fbe510aeL,0x27ff3748434d6671L,0x96ad6f33e1d69baaL,
-        0x4b89a84a7daf1390L,0x2e25577782e527cdL,0x0000000000000129L },
-      { 0x78b130d2615c0331L,0xf5a9b025fa3cef15L,0x67b99de5fea12b29L,
-        0x5f5b07e21f56caceL,0x2af1ee2faeb8b26dL,0x04e82314346279b3L,
-        0x0f1d88179ae70e2cL,0x85f03c614c3ea88cL,0x00000000000001fcL } },
-    /* 17 << 210 */
-    { { 0xbbf913425e25254eL,0xae8a194d65fa3727L,0xe2ed53b88c80987cL,
-        0xe90dd4e4332d1115L,0x858c5b438276591cL,0x96af9612cf030af3L,
-        0x334408b230f81b63L,0x50a0b93648908e62L,0x0000000000000156L },
-      { 0xc07a9b16e44f7fbaL,0x64b736ca33fafed2L,0x701e1cb3ac0f2dabL,
-        0x7d4fc722562b85a1L,0x2c86fea7d2b4d291L,0x83ee4a5d9f6970e8L,
-        0x6620f63f3d8c97b0L,0xe3bca31b9ad21699L,0x0000000000000123L } },
-    /* 18 << 210 */
-    { { 0x92101b445ffe5dfaL,0x6b76bbf95527f907L,0x2869cfd96356a819L,
-        0xfd98991f858d1a94L,0x8d5d5864f0fd9b00L,0x625cab968f9c11e6L,
-        0x0da53e4909b866b8L,0xca447b81b24cabbeL,0x0000000000000178L },
-      { 0xd0ac32d58a4893cfL,0x2edd684e9a4293e3L,0xfbc5f91fc233ef37L,
-        0x2516eb7f682025b2L,0xc25529e742c123aaL,0xf5da8e54c9f4f7a0L,
-        0x8c3d0de074eaf57dL,0x6794c4bfccd164a2L,0x00000000000000b9L } },
-    /* 19 << 210 */
-    { { 0xc69f59364255c77cL,0x62a41fef78ceaf18L,0x94bd08105a8dd0a1L,
-        0x7afbb99a49892f3fL,0xb9544236faf945a6L,0x28836d015e540f1cL,
-        0x244e6a470bc80b13L,0xb283cf827c32d810L,0x000000000000014eL },
-      { 0xf47d267a487a9f79L,0x2ad81400b00b749aL,0x7f9b103420d209bdL,
-        0xfbf1adbd49d3785fL,0x8d59d9898a036103L,0xc6f4b53a089998a5L,
-        0xace1e9ee478e179dL,0xa749c8aad355bf72L,0x0000000000000005L } },
-    /* 20 << 210 */
-    { { 0x63c835437badaa12L,0x2929fbf993d1298fL,0x22d8a8e5a6d3c271L,
-        0x4361a0966cc70feaL,0x4c1698920b060761L,0x43b3a57b7b83b19aL,
-        0x8e4e16ed5d1e0382L,0x1c4596c101fb83b1L,0x00000000000000d2L },
-      { 0x571e0f7a2d0878bbL,0x28efbf803ba6448bL,0xc49eadd53f53ec10L,
-        0x5f67c5799b6b85b6L,0x999676ed0f279676L,0x62ba191b129e0870L,
-        0x5f0823b621475e41L,0x8bc381adf2c8b56bL,0x0000000000000164L } },
-    /* 21 << 210 */
-    { { 0x343c04685b855e62L,0xd05a781d65a9e8a0L,0xad965cc0d76b69d1L,
-        0x0a60d928e3a92585L,0x8eb709dc93667a1fL,0x4612c3b7f09f0396L,
-        0x76e56cdfe5ba21c3L,0xefd26ea6b6dfce55L,0x0000000000000142L },
-      { 0xe8ef0107c3ea51b4L,0xc510a688a6e86ef9L,0xe1382167be6e6ff2L,
-        0x6235ea21a22146a1L,0x0e75ef83dec8e173L,0xc3aa17235d276798L,
-        0x81b77ebb6f964ef4L,0xb332f534b9a1daf2L,0x0000000000000062L } },
-    /* 22 << 210 */
-    { { 0xc71a3f48dc690e06L,0x449a246c614381b4L,0xce239cf6f0ea8df3L,
-        0x2384abc79f46bb3aL,0x1c93a8ec536f0722L,0x60521fc696bdd0e7L,
-        0xd3c1a0736defa22aL,0x5e2ffd99b0905245L,0x00000000000001a0L },
-      { 0x865d018d4fa96567L,0x2e861bcde51f532aL,0x0512006f4808fb7dL,
-        0x3b0ec5befab3cc28L,0x79df334934155d68L,0x4799a6e956e98b04L,
-        0x620b5b8666630df1L,0xdc690f70a3e08672L,0x00000000000000b1L } },
-    /* 23 << 210 */
-    { { 0x85d162cd106f9475L,0x44f080894ef3dae9L,0x9cf807e0bd35511bL,
-        0x578df8ace663e312L,0xa653190ceeb0b989L,0x9ed6127f1ddf4b8cL,
-        0x8b0c20c4f18fed73L,0xf4b71bd731359811L,0x00000000000001adL },
-      { 0xc4f7a8d1c65be73aL,0xbe69a441506a8e82L,0x6d5546328fe4f097L,
-        0x617fa14727ccad49L,0x1652a47ced10618eL,0x3daa7571df5f43f5L,
-        0x2bd307ea683542bcL,0xef379a1097a6ae86L,0x000000000000015cL } },
-    /* 24 << 210 */
-    { { 0x86b14b1452e9a506L,0x06f9f838ecd178c9L,0x3d605ee53599039bL,
-        0xdd3ad5a22e3df8f7L,0xbd51af94fdd6867fL,0x707034f3d45cf3daL,
-        0x54edcf4a3f70a45cL,0x7b6164392979902cL,0x00000000000001aeL },
-      { 0x7d63ee2728389bcdL,0x8b39bb03b8eba714L,0xfe5a3aaaa6e99d38L,
-        0xaf6074ac14a97bafL,0xa15ac327aff2ed81L,0xba728133fe4fd2efL,
-        0x9db04ddae93db974L,0xd50f26293a858d00L,0x0000000000000119L } },
-    /* 25 << 210 */
-    { { 0x5313dae6dfa56156L,0xd94f3ae7ac345c99L,0xe78fb5be35108fffL,
-        0xce8566813a5e8c70L,0xa235711d5b1f6104L,0xa71be1748b87dc50L,
-        0x896b4d545b8939c1L,0x8a8231c084f3ab7aL,0x00000000000000c9L },
-      { 0x817bf1fb1e85d890L,0x184f61cf5d643f88L,0xcf5848918efc7679L,
-        0xc9861a5c09913c4cL,0x9957437efca0ed7dL,0x26eaeb36d4e9c4a6L,
-        0x62a2b4ce68bef05fL,0x35eee957532fb33dL,0x000000000000012fL } },
-    /* 26 << 210 */
-    { { 0x0d102216761b3f5fL,0xc20c57002b98c864L,0xf843d83e1aecabe3L,
-        0x9f6208ea8ebbe2cdL,0x0a052c4a80658842L,0x10da1ddaf5022171L,
-        0x75bb824b9d07cdcdL,0x13e6b38440d6c610L,0x0000000000000047L },
-      { 0x9ba0732bd447fb06L,0xfaa3332e7c85db71L,0xa4b5cb19124daefbL,
-        0x030a7ebf84434aeaL,0x90bb08622da1bf4aL,0x92e2162ee7273d3fL,
-        0x58dad0586f9f95d6L,0x4ce76e55838aa919L,0x0000000000000099L } },
-    /* 27 << 210 */
-    { { 0x1ba73b76eea26fe5L,0x10311b589f6d8b56L,0x1e7165b4f59dcd15L,
-        0xd84021591383a1dcL,0xe0e1eb96c044dfbbL,0xcd512afcb13d4262L,
-        0x0770855a201de5aeL,0x426e52a9e44af8a8L,0x0000000000000064L },
-      { 0x2b3f973f1b631b61L,0x3facac113c56e76cL,0x96d8fde961b33795L,
-        0x3d15ae3c51fe1162L,0x966f56a2d095fad2L,0xe5cec26f7a7ed99bL,
-        0xc86a297d339268ffL,0xac1327d95a7d5aacL,0x000000000000010bL } },
-    /* 28 << 210 */
-    { { 0xea0d44c4e34e4c6aL,0x6f50243de8b02105L,0xede2b16c796c212cL,
-        0x3f7169f242a087c6L,0x33fa8470a4762cdcL,0x05f65db613ffc120L,
-        0x9bf29f3f4fb1c4f7L,0xef4ca47345433134L,0x00000000000000f8L },
-      { 0xe59da628331968bcL,0x3fbf6bc46946b696L,0xec6ab1d7f82ef2afL,
-        0xd0423e4f260bb4a9L,0x956fef511d44cbf6L,0x26f861228e5195c9L,
-        0xbe8b410c5daca40aL,0x3fac01f29d08bdadL,0x0000000000000104L } },
-    /* 29 << 210 */
-    { { 0xd296d03e4da85b59L,0xd20dca5fd6b01747L,0x3f815ec4dc2596abL,
-        0x2e8ffb20523225c2L,0xa03e3bec4c45bcbaL,0x8b8a4e375be794ddL,
-        0x1e80fe190c2625e8L,0xe38cdda7ecb0a216L,0x0000000000000125L },
-      { 0x78939a7c40a4f676L,0x38a302b8686cd8abL,0xf39054024d368792L,
-        0x52f9befe123a4394L,0x5386d9fb555bef5bL,0xc8d8eee487e29a25L,
-        0xfd789f9f36cb1b91L,0xe75f606b085c477fL,0x000000000000006dL } },
-    /* 30 << 210 */
-    { { 0x76c885eb91229a3aL,0x2604b6f7f73e4d9aL,0xbebdfaa988fa9a1bL,
-        0x442a747cb58bb763L,0xd8fa3f9ca1ef860dL,0x719d6316f2d89cacL,
-        0x39eebc32fad21ad8L,0x5c00d02d886de11cL,0x0000000000000148L },
-      { 0xab82282a837d7661L,0x638d139d5cbb4510L,0xe6066d3862fc0035L,
-        0xce4a49a8185cd0ebL,0x48f9a3ee3d41d802L,0x95d7f1ee067d33eeL,
-        0xc5e89c814c069fc4L,0x25e2b6e5d8b300b7L,0x000000000000016dL } },
-    /* 31 << 210 */
-    { { 0x125cb0656fd3f45eL,0x5d373f9c2da83750L,0x596131d335c71844L,
-        0x93ab568a7590cd52L,0x4296d1f04f64934eL,0x2af6028ba38c427fL,
-        0x5578235374fe642fL,0x10ae3ac1911c7354L,0x0000000000000064L },
-      { 0x24d13d1cdca07c95L,0xa76e8a5d5578ab0fL,0x8a3c17a4af1f99f9L,
-        0xa1a2a81e49509859L,0xf7a6e870a17853faL,0xe77c3c235989a9b2L,
-        0xacb43c903f2d4d84L,0x0e10eb44d3af2b00L,0x00000000000000b5L } },
-    /* 32 << 210 */
-    { { 0xbfecf64a8f358002L,0xa9fa4a5e9179b6f0L,0x8c1ecbec5b44cf88L,
-        0xf443c158eb342a9cL,0x0eee17b6ada473cdL,0x4eb51b723af99df4L,
-        0xa524e6d1e0fe8dfcL,0xedc72c8efe2a4f42L,0x0000000000000073L },
-      { 0x34eb386de0cd65afL,0x387c3874cc80c3b0L,0x75ac76b751883b25L,
-        0x0f6ccbfb6b514806L,0xe85c5856867909e7L,0x61a5bc9e5a9b263cL,
-        0x08b8491ac6228360L,0x6835d3592850dbc7L,0x000000000000005aL } },
-    /* 33 << 210 */
-    { { 0xe5a1c0f716762f99L,0x18e150a00e1ffb05L,0xd8d254b5dd30ab2eL,
-        0xca9fbad497982447L,0x704cf09c072ceeb3L,0xd983772bb6dc2abfL,
-        0x60d8e8589d4a88cfL,0xb7370cc99a762e11L,0x0000000000000042L },
-      { 0xdd8c613394f66f49L,0x854a0a8a64840d80L,0x8b36199429e09701L,
-        0x720bc46c87681a8bL,0x3e659cf95832499fL,0x639e121a3a965654L,
-        0xafe73745a0e877fdL,0xdb5167d3c73ddb0fL,0x0000000000000041L } },
-    /* 34 << 210 */
-    { { 0x93ca4468eb54bb36L,0xc9f2df65fd1a5e06L,0xfc22174b03097b4bL,
-        0x91fd9ae9c45c49f5L,0x6102dd35230002e3L,0xaea4b2e3ff6b1838L,
-        0xb762468b28453764L,0xa05639a86875b179L,0x00000000000000b6L },
-      { 0x406563adc60f9413L,0x61b6bb5f75616054L,0x1625fc74b653f9e0L,
-        0x7ea58a6a21ca1e00L,0x6461c50537e49dedL,0x904294a956620a78L,
-        0x4c01cc1dca8aa6d2L,0x3f8e60a4beb7b9c0L,0x00000000000001f5L } },
-    /* 35 << 210 */
-    { { 0xe65251c39be7d1b0L,0xd8e18151bc857666L,0x80d8d4670142a8f7L,
-        0x411203864e50d192L,0x44e9b0d1d0683bb4L,0x6027de4339b0cd7fL,
-        0x39cda0ca1570eb84L,0xe0cfbadb6ee54d8fL,0x000000000000007cL },
-      { 0x613dc76cfd483908L,0x9f4c35cf97d9650eL,0x1ec7107c69d29e0eL,
-        0x11de8c70c58a2a1cL,0xc1d1bd39db5936e3L,0x0645f3a73278328dL,
-        0x44a30bf055cc8564L,0x918eccc88531a826L,0x00000000000001a7L } },
-    /* 36 << 210 */
-    { { 0xfbfa18bfa4b8ecdcL,0xdb161f18fa7c7c3dL,0x1ec53bad24a21f6cL,
-        0x3e5343aaf4f6ce31L,0x8ae86fcd1b669758L,0x394b964b7befd9beL,
-        0x84b25af45c60a585L,0x02ad7f6ba5888ffaL,0x00000000000000d1L },
-      { 0x0b86e101c83fb0aeL,0x6e16e6e6d2b8e139L,0x29425fb60333faf0L,
-        0x8d0d9ad20ceb6480L,0x9249e8d0b3e18ad7L,0xae3b935bc94d5491L,
-        0x06fe7f0744260b3aL,0x1d8af88339ec64d8L,0x0000000000000158L } },
-    /* 37 << 210 */
-    { { 0x2e41b2ed1d704acaL,0x03c2bc0817bf101fL,0xce1bfaaa844c18f7L,
-        0xb4df6b7a96909ca0L,0xbf63a091ee5e0867L,0xd4388841d246a432L,
-        0x2f79892f9ad915f0L,0x32338dc06b41b066L,0x0000000000000118L },
-      { 0x78bf5ce2c53b3850L,0x989487d6540132ceL,0x3b028312158f0507L,
-        0xe5505d7a61847bccL,0xbd26640fe9c5f58fL,0xea786834f46d807aL,
-        0x12b9c22738c8f52aL,0xbb0394c11e8ce727L,0x000000000000006fL } },
-    /* 38 << 210 */
-    { { 0x5c442a83c9cff0aeL,0x6e3e75c4d44225eaL,0xf41d8d06757bd27dL,
-        0xabb92c7ca16c6a26L,0xdb02bef102370af2L,0xa394000dce87ef1fL,
-        0xe4d6eb87c3ac8949L,0xabff55c1682ec032L,0x0000000000000002L },
-      { 0xf2439cb836f99a0cL,0x871399611f895491L,0x86e73bb2972293fcL,
-        0xffb0f9c0f4587a52L,0x9158a262fcccc9b8L,0xe20f8fdc77325b64L,
-        0x9691d90945464152L,0x3026f5898a043f9aL,0x0000000000000147L } },
-    /* 39 << 210 */
-    { { 0xd75c363aca0bb47fL,0xe06dcec09b0fc2feL,0x1d124ff2ed47c2e6L,
-        0x68ae6fbf9c71dd3cL,0xd425be30410658daL,0x88b954dad343a932L,
-        0x64648b8bab08b1c5L,0xf891ed517f60614eL,0x0000000000000007L },
-      { 0xe06bce61aef1da1eL,0x4d8cbe4802d489fcL,0xa5cce046ba95c57bL,
-        0x71410ffba132fa69L,0xa708d710840160e7L,0x7d480584f5c1605bL,
-        0x31d61aa873bad916L,0xc34e2a1339c4685aL,0x0000000000000032L } },
-    /* 40 << 210 */
-    { { 0x97330958b61d5315L,0x9b1fed27813d91e0L,0xfc2aac10d0c63423L,
-        0x4a30af61043b9728L,0x0f62b5c1ed8502d8L,0xd9575c7c3b16f0d1L,
-        0x03c27db727b8c8d4L,0x3244778e33be7fadL,0x0000000000000106L },
-      { 0x8537bd35641d5339L,0x81bf82ddb3c40dc8L,0x20172430409d603dL,
-        0xb5da061ce2469826L,0xed42f1f0959d0f5aL,0x00dad493913111f5L,
-        0x1cfddf2bf851b239L,0x9851d1e84275e8f9L,0x0000000000000051L } },
-    /* 41 << 210 */
-    { { 0x4855d1dba965d2c8L,0x5f30449c244e4576L,0xf1f66ddc102836a7L,
-        0x8e9131a9ec4310cbL,0x0408e0751723bfb6L,0x328592dc99ea53beL,
-        0x0d16c086afb2a7d0L,0x08ea2ef221079ac9L,0x00000000000001adL },
-      { 0x5e9c1e1cb8a4268dL,0x22500bb2fdca442eL,0x423f0e3ccdfb9609L,
-        0xb07f48f43b66dab4L,0xac3334e53a9a16b3L,0x11f147c037448161L,
-        0x486506187014f21dL,0xaeecce6968960de4L,0x00000000000000c8L } },
-    /* 42 << 210 */
-    { { 0x819fe7e06ed79a0fL,0x784ceef609f8e8a1L,0x57d5b1bfcb22dff7L,
-        0xc4f56fc69ae9661eL,0xbdd03823162750f5L,0x92bb9df3f146dabbL,
-        0xee6ff7d7605cee53L,0xcf0c1d6c6350f6ccL,0x00000000000001f9L },
-      { 0x1c9c29e313fb9416L,0x60aac35195ce11d9L,0x7f9a4b110ffd00b2L,
-        0xc81e3235f6f182b6L,0x398950bd16cf3c7aL,0x5b69da1297a24847L,
-        0x642f9f183df06a74L,0xd8879543ae3dc599L,0x0000000000000184L } },
-    /* 43 << 210 */
-    { { 0xc62e4a9bccf48be5L,0xb6e83e2b8c35dbceL,0x0191a9c69385a75bL,
-        0x8db45f037f8a7eb3L,0xc05fa5da716b86b4L,0x85aff148ef42c3eaL,
-        0x0bdc01682db38738L,0x93337937d776daebL,0x00000000000000feL },
-      { 0xa17b9fd4403afd34L,0x7b09c077646aff94L,0x90597e2d8dc6a08aL,
-        0x744099e0183f3e3eL,0x1c5fb306071fb772L,0x92b8d6a4d997fb7aL,
-        0x0de13d6454bb10dfL,0xf31dfa573608964fL,0x000000000000015dL } },
-    /* 44 << 210 */
-    { { 0x7f7941d9888f4bfaL,0xc4f99685476bc929L,0x3f73018d8e853ce0L,
-        0x68a86f6134fdf8e9L,0x7c88b0312a6fb200L,0x3bab6755f6911821L,
-        0x06b84c1788917fc6L,0xa9f91561f5254039L,0x00000000000000dbL },
-      { 0x76c522936dd119d8L,0x6571dd2beb1cb340L,0xc66e8c823a33b42bL,
-        0xaf289ebefc43ddfcL,0x203bba75ed2b085bL,0xdb1d86048176f169L,
-        0xf762fbe0d91afe68L,0x7dd617af2026cf1cL,0x000000000000005cL } },
-    /* 45 << 210 */
-    { { 0xf92aaa90b3eec59aL,0xbffbac4cb98fa157L,0x4a6eda99c95c081bL,
-        0x31c0fde9dbbc33a6L,0x9ad4e5b9ab1887edL,0x580110e38983bb1eL,
-        0xd7156bd5507d9979L,0xe03e75829ecccea1L,0x000000000000002cL },
-      { 0x672fb2c3fcff6b71L,0x7d73a95202c0fcacL,0x6217982052b713ffL,
-        0xcdaabc9d8923912dL,0xf0d3eb3a651247bdL,0x5484c30ba50c00cdL,
-        0xa9f1173c03bba882L,0xbe7465af19a18e5fL,0x00000000000000feL } },
-    /* 46 << 210 */
-    { { 0x88fcfb06d58a4ee0L,0x00a415e2c9be2df9L,0x84e1ba6b22d03ed3L,
-        0x51cd83af2567aa47L,0xef6aac434fda2455L,0x2a32b1e255ea0dd2L,
-        0x013e1751228720f4L,0x57afcdce7bdbd78dL,0x00000000000000b5L },
-      { 0x094f8441471c7d66L,0xac4896c544539ae3L,0xe82e74eb5776831eL,
-        0x21087391291c65cdL,0xd340f5ed3160a6b1L,0x85bbe11244d404aeL,
-        0xca35de4823d823a2L,0xc20e39e406df497cL,0x000000000000011dL } },
-    /* 47 << 210 */
-    { { 0xfc68fe96d1751282L,0x8a1f297e5936ef4cL,0x4fc2f368e07ac5feL,
-        0x5ef7311f109bf107L,0x6fbed28144342ef3L,0xf825e7ea55138f1fL,
-        0x2c91032471e64888L,0xac2d0335ae2f2246L,0x00000000000001aeL },
-      { 0x9fbad98320933d06L,0xea69d15035c00e2dL,0x559df842a04206ecL,
-        0x2a9cc878d54938e9L,0x16e14d674408551eL,0x022ec0d86db7e02aL,
-        0x54cacfa9f1bcbfb4L,0x25095d1626646fcaL,0x0000000000000181L } },
-    /* 48 << 210 */
-    { { 0xf147f1a2e7e50e60L,0x1309c8a5e30cad85L,0x565c5e69621ed64aL,
-        0xbe5a64757938c494L,0xe56315e5d7792054L,0x64855cfdd97f771cL,
-        0xe95a4b9e599e2f5dL,0xef1c8a857b06d720L,0x0000000000000015L },
-      { 0x2331c4282a92c2f1L,0xe155a823f37e82a7L,0xb47cfc2976020919L,
-        0x6131a11ffe98e8e0L,0x965adc12c0be6be5L,0xf773d72c153cccbdL,
-        0x10d64e59d8ed6127L,0xfa7d60258b5ec467L,0x0000000000000063L } },
-    /* 49 << 210 */
-    { { 0x51c2bdba271b6102L,0x965c59b90e9a8af4L,0x0a54e4d7610fb124L,
-        0xed96a5b2a543ff6eL,0xbab9d37243265ab1L,0xe63366bd24cf6541L,
-        0x5fcabfec17413aecL,0x6ba1941437041b8eL,0x000000000000009aL },
-      { 0xc746f20dfcc3cfccL,0x2b0937465e1dfaecL,0x2e75151e14285929L,
-        0xb4ef90301b96cff8L,0x54cbbef998c89aeeL,0xcc53de423a028272L,
-        0x8373e2805f57ba4bL,0x551c46b3b1498773L,0x000000000000008dL } },
-    /* 50 << 210 */
-    { { 0x1c238ed06300acf7L,0x8eb48c65bcf1125cL,0x65b5c0cb231365bfL,
-        0xd9d40c2683d76f5dL,0x7dbe2462ae3872f0L,0x4262f282de107d81L,
-        0x48bf1e05b21512ceL,0x27e6ff2817212e1bL,0x0000000000000184L },
-      { 0xb39aedb29b451cb5L,0xe96de26a84a29aeeL,0x1a3154cc9725d43fL,
-        0x587e1cf56d8be1fdL,0x840560b633539bd1L,0xd4b6a7c4663d836aL,
-        0x4203e22eb3f669b5L,0x02be0e3cf18b437cL,0x0000000000000095L } },
-    /* 51 << 210 */
-    { { 0xc1f65b0d9dc37e45L,0x89275a9136b7d53bL,0x2949c4982e971c79L,
-        0x8c04749a1a538febL,0xcc9b6fa02cc328a8L,0xe22336ea602cfc59L,
-        0x47f83e70f41f9ba2L,0xbbfd03212cbd1052L,0x00000000000001cfL },
-      { 0x4711443cede128e2L,0xea12ed3f30c82c13L,0x17f83633829d3106L,
-        0xf1202f38f5b5bc62L,0x5850efbc562fc338L,0x07fa11815e423b47L,
-        0x9a419bae32459cabL,0x8add9587ec4146c5L,0x00000000000001a4L } },
-    /* 52 << 210 */
-    { { 0xfe4cd502f1b7c167L,0x679fadc6dab47f91L,0x1bf2bb513037e209L,
-        0xd9ea6d92822e8a02L,0x7a2a77d530ccb948L,0x6fde628029a7a46dL,
-        0x8b71cb731bd2bdc9L,0xaf8d591ca3c0ca96L,0x000000000000004aL },
-      { 0x63fcc569d852c164L,0xca7202764f07d6f0L,0xa7e6e11ee7dc1581L,
-        0x325d3921440980ccL,0x098bd53a148a56a4L,0x4eea0c37ebc5e005L,
-        0x89434ac1b9773a5cL,0x97bd03a875cae957L,0x000000000000017eL } },
-    /* 53 << 210 */
-    { { 0x00d9070caf1910dcL,0xc617cd48dcfbd522L,0xb533991595cfa421L,
-        0xbed0e54c1c7f6141L,0x5fc82c432e31d64eL,0x4c95d5c841370bb0L,
-        0x384401ba1dc077b7L,0xe88940db1b711f2cL,0x000000000000017dL },
-      { 0x60e0ccb946cd94eeL,0xfbc8e63f705dad8bL,0xad2f8d2430990961L,
-        0xd6724b3aa578ad6eL,0x8b11d8339c176f25L,0x12e79dbbbf8e3ac8L,
-        0xe4a943d7fd9940cbL,0xc888a09a909e8fe4L,0x0000000000000122L } },
-    /* 54 << 210 */
-    { { 0x6109ea2de8fb7694L,0x3ec1e872086093e4L,0x978e96c0f4225f3aL,
-        0x2695c6c91952ecdcL,0x728be492d83757cdL,0xc810df7023ac63eaL,
-        0x9485d432d730ebadL,0x86e4d8518f91edcaL,0x0000000000000009L },
-      { 0x1a3378469ea9e56bL,0xa27a55a28a9debbaL,0xb23af748c0f66a79L,
-        0x5d8b134dd11bc92dL,0x00567e5825e02569L,0x4e55a9c941991079L,
-        0x4ddebd3f77d6ad31L,0x6933b46e536f3d79L,0x00000000000000ccL } },
-    /* 55 << 210 */
-    { { 0x812a9b2184f5a0c8L,0x33d0143243a13fc4L,0x9e71afb2efaf3fc7L,
-        0x1663885a0884b6c4L,0x97be8fad8c8fcea3L,0x8a3eed05a8e13913L,
-        0xb2262ce22e54b510L,0xfe9acf7eba246055L,0x000000000000003cL },
-      { 0xa302ad0e8b89f53aL,0xa73ed70070b8d772L,0x9e311983c5c37f58L,
-        0x01e6b111978870fdL,0xd584e4e06afd83b2L,0x70707df88e6f511cL,
-        0xfe0812356f6fab16L,0xc476c66841571d07L,0x00000000000001d6L } },
-    /* 56 << 210 */
-    { { 0x442afc6dddf45a12L,0x91e285345c5e6114L,0x29813a938589fa9dL,
-        0xeb71194671a4ae9dL,0x5dcd8adc9044306aL,0xaedcb84bf9b52561L,
-        0xc21e290a402e75f2L,0x70510bcaf6550a52L,0x00000000000001d3L },
-      { 0xde9843e884f2532aL,0xa14af3a6f79d325fL,0xf6906268bb1868bfL,
-        0x8ac9b2825fb4a6caL,0x6c5dedcd4676cd53L,0x149996604f339636L,
-        0xde2a17658d7b427dL,0xe8c56a66710567a7L,0x00000000000001f1L } },
-    /* 57 << 210 */
-    { { 0xa8ec1a8d2b835d07L,0x8c8dfa457ecde602L,0xf08edd6c0d0246cfL,
-        0xf33a88675d9bc1adL,0x39c5d909b8675ea3L,0x282a2d848a96fc50L,
-        0x019ee082d2d27a32L,0xfcf2f31ba5e0dcc9L,0x000000000000003eL },
-      { 0x6a0ed3b9c1f6a4afL,0xdb83b0612c7730e0L,0x169a96abfe5cb03eL,
-        0xad5ae2df0f055afeL,0x50fa3820d27ed7d3L,0x050484f10e2b1595L,
-        0xd07a515e63ebf720L,0x406f5d0cd68d846fL,0x00000000000001bbL } },
-    /* 58 << 210 */
-    { { 0x04d02219db404261L,0x85b9c71ed3c9e7d3L,0x52acbf57505dee08L,
-        0x9e35ee60c4e1ad8fL,0xd4c0ce77194c1493L,0xfadfd42351103eeaL,
-        0x11403891926541b3L,0x25c4c172eb4f082cL,0x00000000000000cfL },
-      { 0x1f7c31b8ac3bd930L,0x88a8cccb65d3a485L,0xe081d0a295e69145L,
-        0xc513ae2e9804d14eL,0xf7b6aa084dcb993aL,0x47de6f4d191aee26L,
-        0x42b005f56011eb61L,0x05f03ae3f7e525beL,0x000000000000015cL } },
-    /* 59 << 210 */
-    { { 0x0f37890e7c825579L,0x4fd5d272b3c0d6d7L,0x9a299db6ddb4405aL,
-        0x0730a9825deb2939L,0x28d8bac57c904d7eL,0xa71c627fe6a7919dL,
-        0x52f1b334b49c2af2L,0xef7414134b512f97L,0x000000000000000eL },
-      { 0xfedb9bfd92b96ec9L,0x613a1e5742d22f35L,0xdf9ee8d6b9175ebbL,
-        0x085d38923a0ce558L,0xb7207bf1f3f089c9L,0x31660368ded15db0L,
-        0x4ea4ebce0beecacdL,0xcaab38cc88eaeb88L,0x0000000000000159L } },
-    /* 60 << 210 */
-    { { 0xa10cda065dc2aa4aL,0x89d874e605ad6cbeL,0x7d51bfd5d061da12L,
-        0x457d656c376141d4L,0x36ced50a1a715c73L,0x252b0b021d27223aL,
-        0x053aef6fe2d6e01eL,0x8096c5e332716027L,0x000000000000013fL },
-      { 0x1864a030cd3635deL,0x5aa25da659cc5701L,0x8af63026ff2bcdd9L,
-        0xebdb7f1717c277ffL,0xf94d8299758b7979L,0x38025e0009bd3eb9L,
-        0xf7c4c29e5bd5c30aL,0x202201c752f90b3bL,0x00000000000001d5L } },
-    /* 61 << 210 */
-    { { 0x1af17d6b9a9a68f2L,0x1922895850d8202eL,0x5f26f6141d379566L,
-        0x8842f3f0ba041c62L,0x856e05ae211c23dbL,0x7fd5b4c8db979091L,
-        0x61f3b3740064021dL,0xee2403c789416b44L,0x00000000000000a6L },
-      { 0xf52f661156a4b455L,0xc3da69834dd9ba22L,0x58cee2db445eb941L,
-        0x20f0bd4632a7bbb7L,0x212b03f7ea3e0325L,0x810b632b68653bd0L,
-        0xf7a4c209c6cb33d9L,0x2f5c990c6c3facffL,0x000000000000001aL } },
-    /* 62 << 210 */
-    { { 0x6b3cf500b77b2655L,0xc203e28b60b8b5ffL,0xf19e8ec597cbcd7eL,
-        0xb1cfa6bb6369ebc0L,0x4bcee60766936b2fL,0x49c8783749743037L,
-        0xfebdbbae374df175L,0x6db093b69f79968eL,0x00000000000001daL },
-      { 0x6dd1ddbd88f766e4L,0x91fd01c5e8ee248bL,0x5837f9b63c727a7fL,
-        0x336706e3393e3990L,0xe1e10fe46d43c4f7L,0x20ca5f27d6266f87L,
-        0x7f2db9d9c2c42304L,0x3f3536bedaad6d40L,0x00000000000000e7L } },
-    /* 63 << 210 */
-    { { 0x1c8bb48681b82b0bL,0xddb9f1979b95474dL,0xa53b69cef11441e1L,
-        0xcc7971f5218104ffL,0x40e07e762fd8166dL,0xd7f1d93ac9d44c2cL,
-        0x3322abe434b2fcadL,0x7d0aab3a9bcb07b0L,0x00000000000001c7L },
-      { 0x60db8e39682100afL,0x747095769a4ff812L,0x93df55e1c3eef35fL,
-        0x6ce66fa8b82acf43L,0x3b3b298818e25e0aL,0xc288d46523740df4L,
-        0x824c5d4cecf599f6L,0xae5bb7388de7b001L,0x000000000000001cL } },
-    /* 64 << 210 */
-    { { 0xec9a8956f6d20ecaL,0xeda0a24d684e0169L,0xa55ae258e583c40aL,
-        0xbe8c6286455d3ce1L,0x05bf63132096ae62L,0xf68e024920b48bdeL,
-        0x1b6595bc4d99cd14L,0x0e740830774958beL,0x0000000000000030L },
-      { 0x3241b0df9fd73274L,0x7b6532398fe5a5ddL,0x2d4dd56e38412a8dL,
-        0xe2925f33cc58a62aL,0xb859ea32f5cee12bL,0x5af7c4027c25d1d2L,
-        0xe172cec16f196e55L,0x34815491de00641cL,0x000000000000010bL } },
-    /* 0 << 217 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 217 */
-    { { 0x0869ed35fa226aeaL,0xcbc7bd56645f4485L,0x611101b13e6c3d97L,
-        0xa1550183f7a56f83L,0xbe209b3c80a6fcd4L,0x0e2c9da9ea3beaffL,
-        0x0fc7a16f14d9f7ceL,0xeb8a5e147a1e6db1L,0x0000000000000047L },
-      { 0x55a78c253b0fb32cL,0x449a7852a430d4c9L,0x1383a88a412509f0L,
-        0xe895d858329af78dL,0x14afc01cf8d65a07L,0x89303bc5193d67e3L,
-        0x42b20c9716fbcdf5L,0x79fe69660ee012aaL,0x00000000000000d9L } },
-    /* 2 << 217 */
-    { { 0x7480912f507ce79eL,0xf2251da23a1ea21fL,0xb925aadbfbc957f9L,
-        0x79a66979f4548e12L,0x9200714b6de9a9feL,0x779792bbee62d344L,
-        0xeed3d08357501cccL,0x51ecec8b0ef8c948L,0x000000000000014cL },
-      { 0x734a634b05271e42L,0x70e28c86643cdb88L,0x849fc7dd0c24a7eeL,
-        0xcec60426b20506a4L,0x6ee05fce35655c14L,0x79ca2be8c072d950L,
-        0x6c473203105c09efL,0xd9698b133dbf27b2L,0x0000000000000010L } },
-    /* 3 << 217 */
-    { { 0x15079b9d3a7de86eL,0x97e07c04354faf62L,0x045f48f34280e300L,
-        0x9a5fd235bd9ea013L,0x3f75a31f8760c3d8L,0x18aec5ffd05d488fL,
-        0xccfb484b617daf6eL,0xf33084debffab914L,0x000000000000015eL },
-      { 0x1c034f37dd5bc9b0L,0x8e2bedaf882c69a5L,0x6789f307a61afc24L,
-        0x8540d05dc57b651cL,0x7214914319f83ea8L,0x57af134d962c6ed0L,
-        0xcd059751d98b1089L,0x08ad5d1d42e7077aL,0x00000000000000dbL } },
-    /* 4 << 217 */
-    { { 0x163cd52464d8c387L,0x0cfe9416cb029390L,0xce6b5dab9e9ec846L,
-        0x96a78639e9ba4592L,0xa78e42968f174287L,0xe5d09a7637763d66L,
-        0x9f47acf6b54f368dL,0x8e63481b6a0fa894L,0x0000000000000026L },
-      { 0xe1663ca805c8bab5L,0x99bf02aaca0af033L,0xfb1c0c7faa1d7c42L,
-        0x05ac75b011bdcc7dL,0xbfa1dc7399d86019L,0x8f11d0a4937cfa73L,
-        0xf4795bd7d24e356dL,0x7c1f3dc478b4e4ffL,0x000000000000014cL } },
-    /* 5 << 217 */
-    { { 0x3dfeef486fd25746L,0x5940add47d758bd3L,0x9f08c453d26de538L,
-        0xbc7dd28b040d20e4L,0x92cebd97aab4420fL,0x79f4bb203337466eL,
-        0xa72fae2ecb132a17L,0xb394a9c29a59e4c7L,0x00000000000001f8L },
-      { 0x6146396eb48c979cL,0x24b453db99a310e3L,0x7e3917a871967c56L,
-        0x3be40e190e539ed0L,0xc357bac87206739fL,0x8f8c1d8229b17828L,
-        0x06f0ea1f949db344L,0x922daa8467ea4ce3L,0x000000000000013bL } },
-    /* 6 << 217 */
-    { { 0xe2473fe401d47863L,0xdf01581ba1940ffcL,0xa35005ef71f1311bL,
-        0x647d568ca5eb4e66L,0xf1dfe4475da1c32bL,0x05d5c8b5ba555b7bL,
-        0x2584842719302166L,0x5bae9fdf71dcfa1aL,0x0000000000000184L },
-      { 0x531661b422bc00eaL,0x3db39e0ce55a5757L,0x1cdac297fca4fbfcL,
-        0x1dd0012bb1d24a8fL,0x52ae5759714bc921L,0x016aea1fe8481e89L,
-        0xf34842d1254d5d7eL,0xeb75ac8af21fe811L,0x00000000000000f0L } },
-    /* 7 << 217 */
-    { { 0x27a66dd1e4c74b72L,0x9942ada0c51b39c7L,0xaa53c8461a3166bdL,
-        0xc987efb7b9d48025L,0x991f01bd361c98d0L,0x5bfb025e3b09f9e1L,
-        0xab478eb54514704bL,0x784f1a8de0c6dd62L,0x0000000000000031L },
-      { 0x42757f2cc630dfe5L,0xead6fb443f3e6723L,0xe8128bbe1a1c8b83L,
-        0xe35a9d2fab681466L,0xbf9be668356c2595L,0x0e3cf40f99e2b833L,
-        0xfee57f088ea10a4bL,0x207da69ed45302c9L,0x000000000000017bL } },
-    /* 8 << 217 */
-    { { 0x36cdc3e624acb1faL,0xf593d32d6c6d43adL,0x766c2fcd373c8e18L,
-        0x0a1518363d12b7f3L,0x924427f4b4234a24L,0xaab877852335ff44L,
-        0x9e5811897c362011L,0xd86f8fba5ee724dbL,0x0000000000000184L },
-      { 0x25f04ed9c9558569L,0x0a315324ef9562c5L,0x65a02a289ccefb92L,
-        0xb2429dd488115608L,0xc1714c93641d646bL,0xba4d369148bb144aL,
-        0x48ec2d9d9efa3a6fL,0x5ff6a4fbf1a93ae3L,0x00000000000001edL } },
-    /* 9 << 217 */
-    { { 0x6a3f7799955cae01L,0x8fedb6b1e4f38ce0L,0xdb6107f34e85864eL,
-        0x03ade49547410da3L,0xddcbf5190038d029L,0xf0f29d5fe5d4d46aL,
-        0xae17f5923b27f562L,0xf29afa56e7c3f779L,0x000000000000001aL },
-      { 0xd5026e725d8adb02L,0xa06db93aec16acd0L,0x83acfde18042236aL,
-        0xc38abf4033ae9809L,0x22fe6dfbdca5d7eaL,0x383a9fa5a2c8db99L,
-        0x6d9ccce5d334a39dL,0x7861d1e9359da075L,0x0000000000000120L } },
-    /* 10 << 217 */
-    { { 0x8fec394bb678283aL,0x24675c5b80934192L,0xe910c009495ca6ccL,
-        0xe27707e02e53b765L,0x804e24f1a4ea631dL,0x3f919eb5058db7caL,
-        0xa5010f37cbbf29eaL,0x758bd2cc225ee400L,0x0000000000000019L },
-      { 0x52fd1ce51535d519L,0x2b1decdc28e1db07L,0xe076dbeeb4b9815aL,
-        0x670c75e2f9f5ad5dL,0xc9fc07876a78d26dL,0x52951cf34ae31294L,
-        0xe318cad8e793634fL,0x0e9242886e01fcb2L,0x000000000000015aL } },
-    /* 11 << 217 */
-    { { 0x892b3b400cfb1d04L,0x3bea12122b96b4b2L,0x70f73b359c1f649cL,
-        0xcae6ffb47e679dacL,0x96b8d2aec55695fcL,0x0050271f424e84bfL,
-        0x8650dd5119533f6bL,0xc383e0b7571d0e67L,0x0000000000000042L },
-      { 0x3b0bfdab1f7cfd38L,0xea8f9b107b7ec7d6L,0x43139c4e0919083aL,
-        0xd69f6d790fe910eaL,0x094221d3e7ba5fb2L,0x4f374df8f556a667L,
-        0x328a7762ed30e6dbL,0xfc57fcee326a62bdL,0x000000000000008dL } },
-    /* 12 << 217 */
-    { { 0x4c7be70cc22a178bL,0x396b7df601209f9bL,0x2816070b60b48d09L,
-        0x0995b11e9d11e63dL,0xde65c7d35ac5b1b2L,0x29c06ce1dda415b0L,
-        0xf95189d9abdb408fL,0xb6f3dde38bbf2454L,0x00000000000000cbL },
-      { 0xbd38febf8dc44542L,0x2c9d18903f962af0L,0x34cea4d76e93a735L,
-        0xf63e364df81f25ebL,0xad8d7b89df0cdfdcL,0x126ac26d730e8a2fL,
-        0x434700f896d59c8dL,0x1aa5875eb3da4bcbL,0x0000000000000139L } },
-    /* 13 << 217 */
-    { { 0x2598aa4de58417d7L,0x73315ae4ba28fc1dL,0x5517268c46243119L,
-        0xc4974c53b719bdfcL,0x6100c44e189538d8L,0x9db41e3800cd674aL,
-        0x18d5dd5009fe8bf3L,0x4e55b10393ed2b3aL,0x00000000000001f2L },
-      { 0x6bdabaafa06be83fL,0x7521de13204a1caeL,0x1a330aaabbfcf7aaL,
-        0x7d263940f4260f0dL,0x9f8f411dec87d8bfL,0x7a6f66562f9d628eL,
-        0x0ffef527076cad32L,0x1702ce89176beb62L,0x00000000000000a9L } },
-    /* 14 << 217 */
-    { { 0x52965a07e1c091b3L,0xc19999534000c8f5L,0xb46cb0961b5972d1L,
-        0x4a308aa918f8f6f4L,0x3cee84ce606ccca8L,0x486fcae6a169fc9eL,
-        0x5b19c4bb5b7288ccL,0xa20b1b3b9004638dL,0x000000000000005aL },
-      { 0xc63c9bbd9e2f0f41L,0x23cb2e54e409e31cL,0x7da5e7c8549c6dbaL,
-        0xa5c2d1b958a734a6L,0x710b2953b6fb8021L,0x17c27048b5adc912L,
-        0xc775ab78900f7c18L,0xc77a1a632b014e3aL,0x00000000000000e2L } },
-    /* 15 << 217 */
-    { { 0xe77fd781f0aa0c3dL,0xfab5faadce9dd050L,0xdada6c655657f21fL,
-        0x783b1101e768bcbfL,0x6589af44e3340018L,0xcfb592b9da65a6a7L,
-        0x7bd5567297e1f3a0L,0x88785334ffb1fd45L,0x0000000000000119L },
-      { 0xa63a0a55b5cce8f0L,0x6f3064b4eac3c4bbL,0x268dfc16c3931cf1L,
-        0x2e70af6b4661d0dfL,0x1d3463d47cf9a2d9L,0x06221386427a35c3L,
-        0x0fcc93fc18f7dd40L,0xe1df83f19e78e3a1L,0x00000000000001deL } },
-    /* 16 << 217 */
-    { { 0x8661728eb584af4eL,0x954bb8753a25e264L,0xc839860915be119dL,
-        0x06a54d7f989fb866L,0x27b590ede0375bc8L,0xc394a6b7afbf60ddL,
-        0x32cb71643a892981L,0x61b46241cae4336aL,0x00000000000000d3L },
-      { 0xa2e80eed970af48dL,0x087c2e6320f95e36L,0x82956a6eee080071L,
-        0x933a2568f9fc2967L,0xaa2b21a31b5430b1L,0xb1efdf09b6502fa8L,
-        0x56b2b8b50a897789L,0x3a6f9fda663dc2eaL,0x00000000000001e4L } },
-    /* 17 << 217 */
-    { { 0x6a53c0b0f4e4f6bdL,0xbed51fa0b3339216L,0x9e1c31446ae0a294L,
-        0xe8f9136d0186061aL,0x6f0f313f188527fbL,0xc8b712bfe45aa9f5L,
-        0x6a4edc9711290895L,0x8f5a9d9328245576L,0x00000000000001a7L },
-      { 0x77e9f20e207e93acL,0xf2aac110e8d7f6ecL,0x6d098ccf619f7771L,
-        0x7cad915e8ce10c43L,0xfd880f1671cec05eL,0x1c2925678cf46b99L,
-        0xfc5d2f1c5226011bL,0x157e69596cc74eeaL,0x00000000000000f3L } },
-    /* 18 << 217 */
-    { { 0xbc6a400038abf795L,0xee50c23a9287efd7L,0x2e49103a9a5fe5c8L,
-        0x932f55e7ec47bc0dL,0xfb9d8ba5a1e42656L,0x14bc1a30bfec520dL,
-        0x0e22436e2c51ebdfL,0xb45f409c227f0203L,0x00000000000001dbL },
-      { 0xdb059428e549200dL,0x944be2239a2f5fa0L,0xb50e8d34ddb8f268L,
-        0xcf19eea782193454L,0x89965b1de0c72633L,0x6d5dd72287cb4786L,
-        0x87dfc6f877b57b33L,0xa3814dd5d3b6507bL,0x00000000000001b0L } },
-    /* 19 << 217 */
-    { { 0xd3422f5b02e8723fL,0x77b65a704b483835L,0xfb8db8f5e6c4fa44L,
-        0x178119d69bca2cbaL,0xd3011b68fb7c2516L,0xb51eb8ed7b2422d2L,
-        0x638d850b4fbdfe7aL,0xef478553a4a2cc4eL,0x000000000000006dL },
-      { 0xcc1b4cbab66d461aL,0x85209539ab0614a7L,0x9284a459d7b45e90L,
-        0x6261939b3d6b31c4L,0xd440f1eca261a369L,0x8b9f30274347957bL,
-        0xeb40b1e9593ca13cL,0xe4bc3937f76f36a2L,0x00000000000000f8L } },
-    /* 20 << 217 */
-    { { 0x8979880e76ef73cdL,0x6b6723b19811ce62L,0x76b79fd3ebf26fb6L,
-        0x485a962d3a38e353L,0x55df05bbf650782aL,0x2708cce29010a481L,
-        0x55a55950611af69cL,0xdcb0ff444d195963L,0x0000000000000012L },
-      { 0x02313a03b53e1297L,0x0496acc4d53e4561L,0x71dc5bb477fff348L,
-        0xb3a90b9a3497b65dL,0x1cc2d09ab0eb0550L,0x6d92c629525a2a0dL,
-        0xacf38f9941e776c6L,0xdde54e8b76ce2676L,0x0000000000000040L } },
-    /* 21 << 217 */
-    { { 0x75be2409fd243c58L,0xfb1f463bdac51e3fL,0x509862194d0a4586L,
-        0x36bd9a9e93c8ee2fL,0xeef97f6992bc64f0L,0xa78103bf1086dfc5L,
-        0x88aa88434e424ed1L,0x0a5b655e99ba7ee6L,0x000000000000009cL },
-      { 0x249c1f37a7bff9c2L,0x524a308b3e8c734aL,0xbe9e7a1c4cca4101L,
-        0xbfe5d60006384eb3L,0xb7d6b88ba7870afeL,0x9298e013c329ae1bL,
-        0xf209c57749fa728aL,0xf266f26d14fa6743L,0x00000000000001f7L } },
-    /* 22 << 217 */
-    { { 0xecaa972f97a6c375L,0xaa67099f3c5aa416L,0x5e4734dc5f9037b4L,
-        0x5a71f4d8feaac9beL,0xb66122ce9fd22e94L,0xd09f8f79796500a9L,
-        0xb6e9a33d09e807a9L,0x44a1b6f515b33f25L,0x00000000000000feL },
-      { 0xd1c9abc3752c8f9eL,0x9b55269a8dfff422L,0xedfdfd976e33a411L,
-        0x624051be5fc39babL,0x09b5446a79090558L,0x59df039c097b7956L,
-        0xbc79ccb2f4c7668cL,0x04b2b4066bda888cL,0x0000000000000157L } },
-    /* 23 << 217 */
-    { { 0x01657adf2b32a82cL,0xa562f4cf4f956c2fL,0x84ad34232910648fL,
-        0x9ea4e24d2bbdbd02L,0xdead6b9a4da91c2aL,0x36d5efe14c04f787L,
-        0x7fba5358fe4dddb1L,0xa6479901f366a73fL,0x000000000000018dL },
-      { 0x3feba9211c557b81L,0x8a7d55ab07441493L,0x2494fea073a3361bL,
-        0xe0b259a20c4b1040L,0xb916142e58b9d4d9L,0xbc680954f8a4db27L,
-        0x5cd9b153e5640dffL,0xf4a05f27ae9b5981L,0x000000000000009bL } },
-    /* 24 << 217 */
-    { { 0x8b2f31a02c825d50L,0x5fa4a38e0b3dd67aL,0xcc07eafedd220e0fL,
-        0x3a8496f853666cd5L,0xf1e8b23e116da23eL,0xf48de9f41631080dL,
-        0xcc3274454139c8dbL,0x3270ce0a1dbe7c3dL,0x00000000000001c6L },
-      { 0x210895785054f6b3L,0x8295ec2dd94bf609L,0x1922bdba854941f4L,
-        0xa95eb4de357020e9L,0xd15fe663df0d7747L,0x89ca6db1ff86b9ceL,
-        0xc3bbaadc4f1a6d6dL,0xdeab3f658a0c471eL,0x00000000000001bcL } },
-    /* 25 << 217 */
-    { { 0x52c4c94bafa6c8a4L,0xcccdaac638d082d5L,0x6756e588603919fcL,
-        0x46e53d034f729c3eL,0x79a9a3ba3642d064L,0xf7f9370b6e781f51L,
-        0x871f38423fc72274L,0xa2be2d7f631fa996L,0x0000000000000169L },
-      { 0x33d1dbbdca0f5b6dL,0xfa5e0a4020137338L,0xe03314dea4fd1455L,
-        0x15c0dcb0e68a4ad0L,0x5c99e48ccf09b744L,0x80be1812142f6b65L,
-        0x13aa8e51ca2e9df6L,0x7a1772606a44f01dL,0x000000000000002cL } },
-    /* 26 << 217 */
-    { { 0x600b48b92806f212L,0x24f49b0b9ce93a73L,0xa61905f11fa33a53L,
-        0xd8112bb3e9c9f4ffL,0x668461e5cd923562L,0x6a04eb9c7c8fd814L,
-        0xcfebf8b2aa0b7176L,0xf5aeff5e9fdacbcbL,0x0000000000000089L },
-      { 0x6a4e78ccb73a9977L,0xff5464997a7fe914L,0x9a3851b2e4e9e8acL,
-        0xece7462ca3e78784L,0xa3a59ea640b86efbL,0x7247b5df42bac9ceL,
-        0x0807058cc4751049L,0x0f02c3bc79e24b3cL,0x0000000000000120L } },
-    /* 27 << 217 */
-    { { 0xaaa07644734ec473L,0xd85e99103b702814L,0x21a498758173c202L,
-        0x2c890717cb3f4b5bL,0x33c149506922f4aeL,0x124c5e49ad484e7dL,
-        0x611d7a967d9e2082L,0x7df895594d15f0b6L,0x0000000000000098L },
-      { 0x2e345ed3a5039457L,0x34947b7cce38e17cL,0x8fd52a5e30f99d29L,
-        0x4f8f3001c0b186f0L,0x2581c68bc7b4641aL,0x5006916be7dbbd07L,
-        0x2f2495f23e744e9bL,0x449cc2d31db7cbc1L,0x000000000000013bL } },
-    /* 28 << 217 */
-    { { 0xb30ff36d7eac7e6cL,0x388bbe38ee0df2a8L,0xf2398b6858bf4ee6L,
-        0xc7af5233c8a3f768L,0xac4dd8d6f880b20eL,0xc09ce5090735320eL,
-        0x50ad570da58d9c39L,0xadc538325bc36a0fL,0x0000000000000021L },
-      { 0x177653737fa3650eL,0xd8e95e4f742687e5L,0x3209d3007af39d87L,
-        0x67bc05f8a5910ecbL,0xc3af4f238d00bc76L,0xd314a1fac6edf5f9L,
-        0x41cf7b7ee3a65fdfL,0xe40089715a11eaacL,0x00000000000001c1L } },
-    /* 29 << 217 */
-    { { 0x0c838f9887c8edecL,0xe5dd51181e7c478fL,0x2ff66c0512dc028cL,
-        0xac5ad1a801931b29L,0x329df33f2a15b905L,0xf092020568a1a962L,
-        0xebc983869ed7766fL,0x6f88971bad265df9L,0x00000000000001b6L },
-      { 0xa06e9c10c9c14848L,0xcafd6d9fe8e7e01dL,0x77ea7583859a3229L,
-        0x934d04af8688d9faL,0x35e7ddcd558f96b2L,0x6961dfc8332509caL,
-        0xceeb4359f0cac525L,0xbb84703578878919L,0x00000000000001e1L } },
-    /* 30 << 217 */
-    { { 0x4348c0d62208ea16L,0xa6b7c867828ecfa3L,0x5e6e24f8bf2263f3L,
-        0x44a63dcbd3a6da5bL,0xe19a8335346f0280L,0x92f45f0a44192c6fL,
-        0x2683e6fff5c5e5e3L,0x687acfae77d82944L,0x000000000000011aL },
-      { 0x64dadbd27318bba1L,0x06775603e713f894L,0x5a86db2702699287L,
-        0x0eb2657c9dc65560L,0xad0ecf6ae85b2f8aL,0x5213fbe63ce623b6L,
-        0xe728f470f79b4791L,0x2f462b02e21f708bL,0x0000000000000185L } },
-    /* 31 << 217 */
-    { { 0x316de848faeaedfeL,0x78a110cb74883e78L,0xc02acbf279b5bfb9L,
-        0xf2a4e3d18302fa76L,0x82098a687e585e68L,0xab0f26c8b64373beL,
-        0x17a96c041f6667b4L,0xa5804b6a8049357dL,0x00000000000001f3L },
-      { 0xc4cddde35fe9e210L,0x52214a65e888afb2L,0xd1e861acda8a2060L,
-        0x228f7b6e8c3a37f0L,0x81cb013a4631a725L,0x1500ad208bfd51f0L,
-        0x17504e9c496fa6f0L,0xcb0a2b4070e311bfL,0x00000000000001fdL } },
-    /* 32 << 217 */
-    { { 0x1874803fd759f021L,0xe16e4f43f7ccdc14L,0x33b15c686ca96e4aL,
-        0x16647507c0c8f6a5L,0x0a69a27b0ddc1a2bL,0xefa1d7d28c4496ebL,
-        0x8bd873d347064396L,0x13b07fa653dd5370L,0x0000000000000008L },
-      { 0x97373827dbf8a088L,0x0f48a5dfdcd37018L,0xf3bc5022172e6d9cL,
-        0x96a0d7020867bc4eL,0x26130628d1a46e33L,0xba6c1f6a8c2bdda5L,
-        0x273f3f4d4e5e6112L,0xc9f3341ecf810455L,0x0000000000000084L } },
-    /* 33 << 217 */
-    { { 0xba5684306a70e5e5L,0x2dd3cf84f677fdb2L,0x4639444c2093d4d4L,
-        0x48145ac0cfa9d695L,0x1947f72dcbcdffdcL,0x8ee3d63223a695efL,
-        0x3f7cef682c0c00e6L,0x50a326aa9f8878a3L,0x00000000000001eeL },
-      { 0xf2ef9b77f3659baeL,0xb02047c9bb5d2078L,0x9342227bf5473552L,
-        0x6af1262c972198b3L,0xf06c8495545c59d6L,0x5b76b44d7d2254a6L,
-        0x0edf239adae2db07L,0x808bcb01b071a927L,0x00000000000001e0L } },
-    /* 34 << 217 */
-    { { 0x751ecd118ea4d1a3L,0xa416549385584530L,0x3c998d2f48ca5366L,
-        0x5d2a945994867756L,0x40eb22d0ed2ce938L,0xf2384049eb6fa53cL,
-        0x1dfae9f4452bfcd0L,0xfde76aeb67aaa0a6L,0x0000000000000070L },
-      { 0x3971401bcff41b83L,0xe60901c2652b56a8L,0x4e58a099f4f9d6bcL,
-        0xb822ec2f3cb0761bL,0x2199ca7ff5a4cea9L,0x52146c0e87d35cffL,
-        0x507233f309f44c81L,0x24a9f28e1ba0c4d6L,0x00000000000001a5L } },
-    /* 35 << 217 */
-    { { 0xadddf2ffd9c057f1L,0x6634c99638431f5cL,0xdeb1e0e10e0ccc49L,
-        0x5b08f82a9eda3938L,0x5ac5ba95b7be5ac3L,0x12e7c0a6d405b331L,
-        0xa7e8f80e1ce1a099L,0x09192de2086e69e2L,0x00000000000000b2L },
-      { 0xfd1c75f964436336L,0x02a5a6cdd3750eebL,0xfcb0759338ceb24fL,
-        0xe613ce9408e8d3d1L,0x84bd977dbbc20a44L,0xc301f3f18b41ad98L,
-        0x75dc2519a7586874L,0x2c179de3bb4cc82cL,0x000000000000001dL } },
-    /* 36 << 217 */
-    { { 0x783751f1ace85e33L,0xe9bdcbb4d36f8988L,0x51d219a6e7361da6L,
-        0x5f374eab9fd26dfbL,0xd62ecb9f12301759L,0x77f528f2f3af5667L,
-        0x38de7fed85a91b36L,0x52a085d7d022c0bbL,0x0000000000000045L },
-      { 0xf7f423fb3a234e71L,0x69e75f34635eed5eL,0xb2196ded1d3590a4L,
-        0x46a9094b52c84b99L,0x039260d5c36fa19cL,0x755dd132b5b09dd1L,
-        0x85d599e7784fe05eL,0x71187dd1167916d1L,0x00000000000000fdL } },
-    /* 37 << 217 */
-    { { 0xc2003f2f71056506L,0xbd1af63cbedf3b7dL,0xb8bfebef0a027704L,
-        0xcf2b3463da5747a7L,0xd7620b0138eb7d5aL,0x04ba1fe62aec3578L,
-        0x99b988baa26a76faL,0x059d1e5079ac26dbL,0x0000000000000182L },
-      { 0xca94d1c96ef3129bL,0x361e2c88bdcca8b9L,0x446fbd76cc7b11afL,
-        0xbc12cc4345c1ff9eL,0xf61d708a1b41f633L,0xddb2bf042db37562L,
-        0xa470ca1eff6e0b9fL,0xbf4c9c9e1ce7e20fL,0x0000000000000026L } },
-    /* 38 << 217 */
-    { { 0xdd3f12d68dbdc1c2L,0x01e34587f4c4a308L,0x29de44b9243d76ecL,
-        0x5d17233cc2f30f10L,0xa09262e4bbc6db0bL,0xd17c9a64d629b3ceL,
-        0x57d7afc416e00ed2L,0x7968b7727b3d962bL,0x0000000000000011L },
-      { 0x07c08b240363a6f6L,0x37ca731f096b5148L,0x3bfea8f7cac7db7eL,
-        0xda2e44f5fd9625cdL,0x5b4cdad91660ca28L,0x085b48054e493323L,
-        0x7c6994fd2f3ba77bL,0x0a0387299decf7b4L,0x0000000000000071L } },
-    /* 39 << 217 */
-    { { 0xfffbe77ba9ae3378L,0x9beb958edc28dbdaL,0x7fec7dbe060ba465L,
-        0xeee11a73a6098a07L,0xc83f4667ba7234f3L,0xdb034e18753fb743L,
-        0xe274fb5a5f53a77dL,0xd2a161d640d9d73fL,0x00000000000000abL },
-      { 0x9c9880a8ff15ef46L,0x97bf6f4576ed1f9aL,0xec02ab9ec55d9ee9L,
-        0x8a3e57efb5ad0d12L,0xe9db08c164d665e7L,0x0e7074369e1b30c6L,
-        0xe953299b83aecc46L,0x9ec97a400bdbf832L,0x00000000000001f3L } },
-    /* 40 << 217 */
-    { { 0x677450828f3756c2L,0xabf1e75d0a7bfcc9L,0x047931dbb8bad3afL,
-        0xa380c9855e392278L,0x5195e47d0237d6bcL,0x8c7ef452fee7427cL,
-        0x4f078dd2585b6365L,0x4e82eb4b1e10d24eL,0x00000000000000d8L },
-      { 0xda54dc52610b349bL,0x96746e43904633f2L,0xd2a58f332c50aa46L,
-        0xffea4d06987f9fc3L,0x5505265acc521553L,0xaf2b7da0c316df83L,
-        0xa74f09b1ea362ecbL,0xcf9f0ac3a2e1f4f5L,0x0000000000000078L } },
-    /* 41 << 217 */
-    { { 0x59af0c27a1a02f35L,0xe0ac14ea079fffb3L,0x7eb918803ba6efeaL,
-        0xf4f7ece1c20a4df2L,0x38d3a92237d80bd8L,0x54c4a59d6a6ea3f3L,
-        0xb2a32bcebdcfa4d5L,0x700e28b56b9040fdL,0x0000000000000170L },
-      { 0x56e3b014ab113b65L,0x0ec2175c548c1c84L,0x35fef7ad0213402aL,
-        0x4d91c747b2ce0bedL,0x9c699db9ebfc8d58L,0xfa3d5a081329db85L,
-        0x74b910498a16ccdfL,0xbb98d8300887072cL,0x0000000000000131L } },
-    /* 42 << 217 */
-    { { 0x96c26386e4cbd521L,0x0b1a38abd272b855L,0x30a03997f9875ff5L,
-        0xe00ab13a61dbb1c1L,0xb31c80251bf9a773L,0x4d09ff2938888083L,
-        0x356496085a48bffdL,0x8734455b7c0ceff5L,0x0000000000000185L },
-      { 0x4e3f5b3369306de7L,0x54c1bf0426328640L,0x7405d971c8b247deL,
-        0x0193c644218439ccL,0x91d5c51bc5bd4db2L,0x083af5e8d97ea0c8L,
-        0xc29d34ebba9533ecL,0xa61393defdc6e9e3L,0x000000000000006bL } },
-    /* 43 << 217 */
-    { { 0x4cbc18fd8f743330L,0x794313312b0a18ccL,0x1a8f8cfe4b46dd3bL,
-        0xea6a1b0a78faffa6L,0x71b836b8520dcc57L,0x5efddbd89b6e74bbL,
-        0x3d6b6151dc6b7c9dL,0x95f2cabff235d63eL,0x00000000000000f4L },
-      { 0x15b2e9802245f71cL,0x557c9c3eb1ea762cL,0x7121b8e7a57e9103L,
-        0x31c6a917b2bff1cdL,0xe6883a84ff413e00L,0x33f8655f4a67ca7bL,
-        0xa548bf42c27e7e2cL,0xe32f78ad352d4fb4L,0x00000000000001afL } },
-    /* 44 << 217 */
-    { { 0x75ec3f26656e2672L,0xcf0d9739ddf3748bL,0x5765797c7991dabdL,
-        0xaf30965268cee722L,0x5bcf9603ed47b3c5L,0xb739ce4e493a140eL,
-        0xb209fb5dcbfbd96fL,0x10de84841ecedf68L,0x000000000000007fL },
-      { 0x297535a097eeb1fbL,0x40bc00d9479587cbL,0xd20d467736f110f6L,
-        0x029ce5ca422c636cL,0x9c8133c2172916e3L,0xf6e1a538e3a60dc9L,
-        0x17809428fbfdb3abL,0x399fdabc973f2523L,0x0000000000000155L } },
-    /* 45 << 217 */
-    { { 0x103d1964126508d7L,0x9374fc63953fe4a0L,0xa3e5fef2bf65b5c3L,
-        0xcf1e9f434dea09f3L,0x73cf4433db5dd9c6L,0xe0cd97b415af4b48L,
-        0x6ff6d7f6ebecabe5L,0x67ab5f01e7947376L,0x000000000000006eL },
-      { 0xe36cafbd0ef747caL,0x69cff962339f8b52L,0x0aaf54ce45c3da2bL,
-        0x15c960ce248fc6dfL,0x0464d7df61eff9c6L,0x1f783e7b3a1eb474L,
-        0x37d81b791791de17L,0x356bda6296b6e9c5L,0x0000000000000188L } },
-    /* 46 << 217 */
-    { { 0xb0afc4e65c223c96L,0x88f2e5f35aaede44L,0xc3183f1cb71a856eL,
-        0xa41a1487b9c00b69L,0x28b5aaaa69d2bc7eL,0xf5c5dc2172fcc598L,
-        0x6c70b857400234dfL,0x861eedb2c2d21c53L,0x0000000000000060L },
-      { 0xc9d7f77696cb55a0L,0x0497d6176a92197cL,0xa3e0f3a608b23cbcL,
-        0x2110a78eda86341aL,0xdde07944da306990L,0xbf6cfc6ab988aed8L,
-        0xe2add66fd14d708fL,0xa44d983157dbfd52L,0x00000000000001d0L } },
-    /* 47 << 217 */
-    { { 0xc56bbdf675812dabL,0xd9e2cea8a82d54d0L,0xc78535044a6379c2L,
-        0x2c974afd849f9130L,0xb35b4d7bb75ea82eL,0x7fa6b09c58bd2e96L,
-        0xe1416607f1d13d0fL,0xb684652fd79eb307L,0x00000000000001ccL },
-      { 0x987764f187c31932L,0x99c1ba6ffb1d4bbcL,0x2ed38e948015c51fL,
-        0xf424922c93ca5a9eL,0x201c868c6510cf1cL,0xfcaacc9a10c4ed5dL,
-        0xe622fa46dc5316eaL,0x6f9a6df2518b7d2aL,0x00000000000000a9L } },
-    /* 48 << 217 */
-    { { 0xce7ae0b6075676dfL,0x24daa3aa29be05beL,0x795b32d17b2f292fL,
-        0xf71dbf4f77ae64feL,0xe5f8b83bdcca4f00L,0x111a06db71e2e120L,
-        0x6e7937f5a861e714L,0x7b14d15817bf3be6L,0x00000000000000e6L },
-      { 0xa8748d319d04daacL,0x28e3fdac9325722bL,0x4384ac259e26fc1cL,
-        0xcbce8c3320f8d023L,0xa21e8abb9fed4b2fL,0x5f1d2dfca075f969L,
-        0x43d3c57f5e8e705bL,0xcac9948fdeb0bca3L,0x00000000000000a4L } },
-    /* 49 << 217 */
-    { { 0x66a65e83dad7d797L,0xdbd972bc359e9564L,0xe35acc8a5eccb5ffL,
-        0x35e3ffac0ad3ef9bL,0x851de6e98dbecf69L,0x90c0b3bc520a3d86L,
-        0xdca6e3dd40607f03L,0xba8a7ea766dc9c2eL,0x00000000000001b0L },
-      { 0xe2a78b19c0187be3L,0xf0bfde9ebd554b70L,0x6a61dbf7e7357ee1L,
-        0x7189a9916f16a7a9L,0x1027a7495028b3bdL,0xab2f2df6a104d723L,
-        0x3f214e95834a7f51L,0x5033df8cf6019533L,0x00000000000001f3L } },
-    /* 50 << 217 */
-    { { 0x49d49732774494b6L,0x3c9506bd04770a4aL,0xbb8415e4c248a4fcL,
-        0x60ed58b8374418ddL,0xc26440d39aeaa332L,0x1601233a7aefa5a0L,
-        0x8ba67f98ffcc867fL,0xb93887e4e716de59L,0x0000000000000028L },
-      { 0xf9467d0a3f1ea0e3L,0xd69dc7b3c349e641L,0x21bb7c3d47a1fb70L,
-        0xcdce7b0485baf8f8L,0x6a94cd2df74d61bdL,0x9b4aaf70d80c40ccL,
-        0x67958b15554675a2L,0x1212272b37de6aa5L,0x00000000000001a1L } },
-    /* 51 << 217 */
-    { { 0x65b30c4693d202fcL,0x69278e20a91bc534L,0x2159b74620ebfcbaL,
-        0x9a039589158a9358L,0x3431bf268fbe3a07L,0x3f052e4d5ac5aff9L,
-        0x0c9236c539ee1355L,0x95924b8148fcf947L,0x0000000000000179L },
-      { 0xd60db53922fd1648L,0x6fa28ffd2d08381cL,0x48efc7edf1831068L,
-        0xbcbc20d73ebf4420L,0xaa29a9d85f3f90fdL,0x79b874cc5a1ca0ebL,
-        0xc177fb6d3a75b3faL,0x45005fcc887cd30eL,0x00000000000000e5L } },
-    /* 52 << 217 */
-    { { 0x22c042b9ae0ff839L,0x532ee1b07b82dbadL,0x05e95394dd5b19d7L,
-        0xc6702ff7d56b7f6cL,0x55d30e5d0e9b86feL,0x709ba115f1732c78L,
-        0x74a6cd649ac1f9aeL,0xc692aec65f088cabL,0x0000000000000067L },
-      { 0xa276f7466deff8f2L,0x36b98e844ee21c9cL,0x862c26e1b552c998L,
-        0xd5a2a5bbbc4fbe00L,0x4919ca8c18fdb4ddL,0x66d9bb81c77b7776L,
-        0x5aacc969d0db6420L,0xd14d5266a5ac63abL,0x000000000000000aL } },
-    /* 53 << 217 */
-    { { 0xef65a4d01f4c8edeL,0xaa46b120dcb08a38L,0x40f468df7069f2d5L,
-        0xcb4829542bc58171L,0x8be42227c99b25f5L,0xb0f18b7307eb98b7L,
-        0xa1fae0b29b9ec47fL,0x8be5738cb5a371b2L,0x00000000000000bdL },
-      { 0x4c571a9fdc6a7103L,0x34ce343edce86822L,0x8d732bf9cc528a1fL,
-        0x4203e1f92a313cdeL,0x3ae79ca7a5626baaL,0x0b552456eaeef625L,
-        0xfa5b3a161b406f85L,0x25b35d73eb95605bL,0x00000000000001d8L } },
-    /* 54 << 217 */
-    { { 0xa9dfea9c3c7a06c3L,0x529d3a3644d3e30cL,0x7f8d907f76897d3fL,
-        0x309a2182581c26b6L,0x4d29dc6f0c0581fdL,0xcdbc510a7bf06072L,
-        0x9d0cbdf3f55f687cL,0x5a5443e55b0b307dL,0x000000000000019aL },
-      { 0x5738cbb543970892L,0x3219a82ae52498eaL,0x00e3f1db9a0b043fL,
-        0x87e704902e29f37dL,0x3bb34b3bd2d0b401L,0x8ca921c189b818faL,
-        0xf122b4d3fa6c6e6dL,0x70098c5f3ea74c79L,0x0000000000000097L } },
-    /* 55 << 217 */
-    { { 0x4faebb5ed4d176abL,0x793cb9749742e217L,0x42c33d81e013378bL,
-        0x4ac4b7ac800a3d3cL,0x929871ea86ae5230L,0x02e2b5fbd923d457L,
-        0xba95bf17b797df41L,0x4f2509a33651e982L,0x0000000000000117L },
-      { 0x1a4e60c5a0afd2c7L,0xe96f14e4d2685919L,0xdf1961fdab7a498dL,
-        0x8692057a65b97a84L,0x4ceaacb1ed5ec892L,0x806aa214f34b0220L,
-        0x285dd9b1501fc893L,0x401b959d0115c368L,0x000000000000002cL } },
-    /* 56 << 217 */
-    { { 0x17100a613bb93eafL,0x7ccb5bf3d80ac200L,0x585d17b6eab320c3L,
-        0x8d53eff1e7258f8dL,0x9d671ee13f21f78aL,0x76e7ab703dc4ad54L,
-        0x9ef2272419b3ffc7L,0x67b54b1fafd5a3caL,0x0000000000000122L },
-      { 0x629dfafb33a86edfL,0x237e33d97e4ae084L,0xe1d102344ca49a1aL,
-        0x768d5901b6e2e180L,0xfebbd9dad2ec4ad3L,0x90ab63eba9e332dcL,
-        0x5e2636c78da3786bL,0xcbabb3fad3f6ff9fL,0x0000000000000190L } },
-    /* 57 << 217 */
-    { { 0x96c2b30c8b4503bcL,0xef8079b76ea400dcL,0xa8693f0228e1ce2dL,
-        0x3f191b4d2d51f267L,0x32e177ca3361ae9dL,0xbd7d0a66ddfc80a5L,
-        0xdd761eaf25fb8d88L,0xa2e52fd503d4a584L,0x00000000000000f1L },
-      { 0x023d3607fda8c4d2L,0x51a0c87a59aac242L,0xcf51d25c4f8a9c42L,
-        0x3a8a96c6aaac8b07L,0xa635ca96feae776bL,0x09f4b77ce5b272d7L,
-        0x1edda904f7a74fccL,0x3baf043648f0578aL,0x0000000000000015L } },
-    /* 58 << 217 */
-    { { 0xaaa50d58f000e356L,0x0b3193c7016dd924L,0x8fb754d8a0ea14b9L,
-        0xd91c9f3fa50b4c23L,0x10e6d8a82bb95226L,0xca4a37214dd94671L,
-        0xadafc0d9ce05e753L,0x1ed81caf97e6c298L,0x00000000000000e8L },
-      { 0x230fcce8d8b0bb47L,0x04b5df73c0f13872L,0x844ee3ee24286c1bL,
-        0xd25336e8292c55b7L,0x49b25059b9fe1d90L,0x88302407130bf270L,
-        0x164ea993ee3efa36L,0xa2967cc81606a7aeL,0x0000000000000063L } },
-    /* 59 << 217 */
-    { { 0xf3e4e4d3c3c8fb65L,0x51ce545919cbf83fL,0x11a1dc28f47ff417L,
-        0xc47cc26a9408c5fdL,0x8e59575bc25546eaL,0x462f9375aea3d032L,
-        0x9c0a03996f33ed40L,0xedb8b2b6d15ac9d5L,0x00000000000000a6L },
-      { 0x50c5c11ffcbc7ad2L,0x3cdaedf0e5d53272L,0x7e5df4def7d3737eL,
-        0xfd4570fe5964b614L,0xf29db31b4d1d0bb0L,0x1927ae724617ec1bL,
-        0x7f3dd228e3f040bbL,0x4b4fa22b6617a2b1L,0x000000000000012fL } },
-    /* 60 << 217 */
-    { { 0xa71ecbf6370b5ec7L,0x2ed3a5916ae50f0bL,0x5197ab87111470faL,
-        0xaea260dbe30df740L,0xcd7e1f9d02e37578L,0xa3569bfd8bae68d9L,
-        0xea8e96e7c2a89697L,0xb9d1f162f9fcc566L,0x00000000000000f8L },
-      { 0x32cd11647ef36ad4L,0x1e58205fe4b08a4fL,0x6e7d004a3dc37cbbL,
-        0xd639b5b527ebbda0L,0xe92db32e2cb36fdbL,0x25ea06757e17bfe7L,
-        0x5f49bd54c8e8cd0cL,0x793d24cfc3e25af2L,0x0000000000000033L } },
-    /* 61 << 217 */
-    { { 0xe5c1b03d6c5f70c5L,0xc634f61e0bda5d66L,0xf7fa1fb6c3782a1aL,
-        0x9da5e4eb94b3a1ddL,0xab10baef997aad2eL,0x9bfff40e40296f45L,
-        0xa17714fcaf3ca04eL,0x44315b37424f4d32L,0x0000000000000152L },
-      { 0x1898f6677a2bb552L,0xf73bf0419fba5d55L,0xa0505207adb92bfdL,
-        0xb5f8949940775fdaL,0x0a4bba547c52106cL,0xb238bff05336edfbL,
-        0x7586b6aeb6c0f11bL,0xf3b1a6d93320ed85L,0x000000000000016cL } },
-    /* 62 << 217 */
-    { { 0x1ed5330496a2c264L,0x25d19d7be58b1775L,0x87234824d1c26e46L,
-        0x2eb0c2acba0860f7L,0x1ae2194cc81321d8L,0xd45ec0f1fcdf40faL,
-        0xa0953ba97e3d11e6L,0x495a35ac11350bd8L,0x0000000000000184L },
-      { 0xbcc2861b80ecf438L,0x859849509750ccb7L,0xbdb997929e1cc8e6L,
-        0xf64a9df281f7c4e1L,0xd1860d60ca400f68L,0x9782a95d5e2b500eL,
-        0xa3af2257d6320c6bL,0xd0a1666d0488032eL,0x00000000000001f1L } },
-    /* 63 << 217 */
-    { { 0x69a468fdb7a36758L,0x297d8dd0da785f23L,0x66c8518c215c8620L,
-        0x2b420fdb7e84feb7L,0xaef8a39b26a3e7afL,0x81979bfa23484aabL,
-        0x5b9c8bf22d0d13d8L,0x1dcbdb5fa6ac2309L,0x0000000000000132L },
-      { 0xa9c831fa65bc4bffL,0xbd8b10387d5f077cL,0x361b762378a3206eL,
-        0xbeec611b4724ba57L,0x423f56177b690d52L,0xbc6dcd6aeaa09b15L,
-        0xf0b60ebf7d9c160bL,0x1c3af39c6918b37eL,0x0000000000000110L } },
-    /* 64 << 217 */
-    { { 0xcf8e03c512a09898L,0x2090118438287af8L,0x8fd47e85371620a2L,
-        0x5a2b2ec87f16350aL,0x45841b1c608c7488L,0x627c632e01739426L,
-        0x3cb05aa78f8e8224L,0xbe277fd79b643a85L,0x00000000000001feL },
-      { 0x950843e61538cb4dL,0xe88383994f7ae0e6L,0x6b90ac85d2e1d225L,
-        0x78c211321e5361b4L,0xce09f24034b950ffL,0x3884016974b71400L,
-        0x58ae40a665e2bbafL,0x5d370978c823b954L,0x000000000000017cL } },
-    /* 0 << 224 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 224 */
-    { { 0x7ddf47051733b3c3L,0x7c7878a3f4a25d85L,0x4d86f57c29ad09a6L,
-        0xa97d4ab6b26d5c69L,0x71cc925004b07913L,0x08a84131b4c0b7b2L,
-        0x388fc8aa5119f83eL,0x23a3bd0b6bfda0cbL,0x000000000000007eL },
-      { 0xdfc7c8448e549373L,0x439dc785b52ad215L,0x9e157e18fb9de6dcL,
-        0x9283c3318793d562L,0x79f9ec9033ddc16cL,0xed0dbb7fceff5086L,
-        0xfa4668078765145eL,0xba9411a9a3b387b7L,0x0000000000000176L } },
-    /* 2 << 224 */
-    { { 0x319885d110e10587L,0x2da8979a609853a4L,0xfe907fe389b08ef5L,
-        0xa3a338a61a97d9dcL,0xa5ad1a9ad7e3fb92L,0x77a3bfc07a0136e3L,
-        0x99634588aa6ed29aL,0x41f148beef4787b6L,0x00000000000000dcL },
-      { 0xb8671195ebf698bdL,0x323b6965e2974ee2L,0x1411c67084c20702L,
-        0x840b396eba4bc1edL,0xd857a525eecff9a6L,0x0afad4f4d2d6829bL,
-        0x84ef6315bf6ce02cL,0xc38fe857ccc6b333L,0x000000000000001bL } },
-    /* 3 << 224 */
-    { { 0x2d9ba7e36f07eef9L,0x46ef4ce6eb692362L,0xa869ee262fa2cdc9L,
-        0x5b7d3a81642a2378L,0xc024410ad4d6bcd4L,0x88cc0f7121ceafefL,
-        0xeee011ebe04af152L,0x9cf87d1d7829107fL,0x000000000000002eL },
-      { 0x49260571e07147b1L,0x632583460ca0c303L,0xf1cda5ae6602e056L,
-        0x418b618681a45861L,0xcbf17fcdd1921fa5L,0x355e5d1ae07a08f1L,
-        0x3f4f5bb0a26b6b2fL,0x898ca884ade69b50L,0x000000000000008fL } },
-    /* 4 << 224 */
-    { { 0x1a00fc111c417fadL,0x8816dd0b3fba7366L,0xb3a5499232c0e5a9L,
-        0xb6a634789ec0fa14L,0x880b10b8a8d8615eL,0xe3635bb83abbe5fbL,
-        0x62a209f64de9be52L,0xac41cce182b76cf9L,0x00000000000001c5L },
-      { 0x287c7bc77dd1e73fL,0x072bb2ac1f8c7d2cL,0x399011fb3af5565cL,
-        0x787b94845e2a7e13L,0x5858c3df5761ae9cL,0xf0f831ae6d2875daL,
-        0xd5f5bf2dae9c82f1L,0x191b45fbb247a36eL,0x00000000000001ddL } },
-    /* 5 << 224 */
-    { { 0x1d2d4ab0fe772021L,0xd6e75054041053d5L,0xdb480d2e5705d868L,
-        0xf68a09f76aa63e89L,0x0bcf4c31379a4d0cL,0xcbc0c737b681873cL,
-        0xdb6931a6b886d407L,0x0fbaa44bf84e033dL,0x0000000000000056L },
-      { 0x5339b4f34f90a0fcL,0x2743f6818ebc0b28L,0x37567e5bf7db2715L,
-        0xf339c91aa5b1053aL,0xde65f7188125ebfbL,0x32f7c06d6bf4ed15L,
-        0x8071d1aa40353dcfL,0xb8fdddd93c994068L,0x0000000000000198L } },
-    /* 6 << 224 */
-    { { 0x1c081356b6965640L,0x7a01b38990c7a0f0L,0xf72fdba4874007eeL,
-        0x6bd85d94dcddefa2L,0x80fbde7e48db2fa6L,0x60b2be1c4a319dadL,
-        0x996217fbee51fb71L,0x85f1b13be0edb983L,0x000000000000012bL },
-      { 0xdf53aa14ecfb1d0dL,0xdd77fc37760a217cL,0x659bf31e99b56fbdL,
-        0xd0f042ebaca3e106L,0x50c215ba1f907ea8L,0xc6bb892ca4ef5f48L,
-        0xc3beb73bfeb86870L,0x04b740bd4123f812L,0x000000000000007cL } },
-    /* 7 << 224 */
-    { { 0xd50c9fcf6016e8f8L,0x27f12c32b8c12f9aL,0x2e13fd2b08e0e13cL,
-        0xe48a1bce89e659efL,0x1bbe7f01f62a49d6L,0x87e0ca4fd417e497L,
-        0x1cf55a48364ee9cfL,0xf4fbc7eaf66635a7L,0x00000000000001a6L },
-      { 0xbe3e55113eb12a0bL,0xaffcad4b462ebdcdL,0xf6f097ace8f4d182L,
-        0xdb1fe0f2404a92feL,0x9e2a51594fc084ebL,0x6acd3a8e7af882b2L,
-        0x17654a579602fc6bL,0x1307d12271de39cfL,0x00000000000000deL } },
-    /* 8 << 224 */
-    { { 0x470bfdd42540e5c8L,0xc2c849a1057592ecL,0xd8f4b30d2f886637L,
-        0xce56d15025ba43e0L,0xcaca4a05f200d2fbL,0x38fdfb3595d80545L,
-        0xe274649f22418951L,0x155badb2cb7437beL,0x00000000000000a4L },
-      { 0x09195792c828a666L,0x3ceaf45353f59336L,0x3982e19643850a1dL,
-        0x02f8077df2d2afbdL,0x83197e1e6a6946faL,0xf158b0b4c4ffad53L,
-        0x12559573853b51daL,0x8838409e8d35c9deL,0x000000000000019cL } },
-    /* 9 << 224 */
-    { { 0xa844a48f37315ba1L,0x2db10df96f401d40L,0xb092031359508b56L,
-        0x4ccd40a51df7356bL,0xf6e6de667cba0994L,0x8d052d22aff1e407L,
-        0x6579f0aee1ad5185L,0x02a2654c2fe56ff9L,0x0000000000000107L },
-      { 0xfbe7245fc52e3a9aL,0x5cf1f315767802eaL,0xd1bc98865cfa064bL,
-        0x6fe2e272218c2d74L,0xfbc0f239e105d3c2L,0xe93040f86c2d5d8dL,
-        0x3564207844f0c1ddL,0x526cafb534a20e65L,0x000000000000007bL } },
-    /* 10 << 224 */
-    { { 0xa403b2cd3e0bf039L,0x1f331cd769ae1607L,0x5808812d9341e113L,
-        0x3bdc37f4acaef9c4L,0xeef79000a056ccf7L,0x6e36e89079f26a8eL,
-        0x225a7216a5a165ffL,0xb0f49eea4a8d4e72L,0x00000000000000c7L },
-      { 0x7df03cd678eaf6ebL,0x4e96fcfc7a3ef5e3L,0xb4578857fd3bfa43L,
-        0xaf079521906c3961L,0xa8e06dea1227fc18L,0xf0f06e6808be24bbL,
-        0x0af15713b84b3fa1L,0x6bb9ba45d30f7aacL,0x0000000000000111L } },
-    /* 11 << 224 */
-    { { 0x7055735e2734bc7cL,0xdbbb0d7f2015daffL,0xde7f735ad048c6f7L,
-        0x1401c4fe3d025035L,0x3017088af09b1518L,0x53beaa128c919403L,
-        0xe623ff8d6e6f4894L,0x1622621fa6c45b25L,0x00000000000001a6L },
-      { 0x3aacbd8120e1fd32L,0x21963a49f0c52d67L,0xb521f29dda79f988L,
-        0x5ca6538ab632a340L,0xfeccb403a1c38793L,0x800a81e46c1993a7L,
-        0xbfe7989e08775f1fL,0xa7c0bb935f6056cbL,0x000000000000007bL } },
-    /* 12 << 224 */
-    { { 0xba1f3d04e155a234L,0x83285cb7a2f5d3afL,0x120231908196da46L,
-        0xc05f48389399a9b8L,0xe1604051a097e0c1L,0x3c48963b8f3cb46aL,
-        0x7ee7debebc20857aL,0x74c375ed8ef449ddL,0x0000000000000148L },
-      { 0x6086f7e549a22d3bL,0xcf65faa71ff513f7L,0xe5f24ae161c6db58L,
-        0x085cdc7708664d9aL,0x8e2385ab1df20e4cL,0x58910a818006cd4aL,
-        0x1858bc67c143e34cL,0xf88a9ca118f7d8ebL,0x000000000000000bL } },
-    /* 13 << 224 */
-    { { 0xac6ed780d8dc7694L,0x1517db0f7f0ce3c9L,0x14e574efe2724276L,
-        0x06bf1c0ad420a1b9L,0x092fcdc0ecb5bb09L,0x00b1952db3c22e3fL,
-        0x8486050d66dfef5cL,0x4162baf5b4aa2363L,0x0000000000000035L },
-      { 0x5f188ef1ccd62e93L,0x357224c0a78fc426L,0x6a38a6a0f311d595L,
-        0x632d3b1d9363d024L,0xda7edb5aefd29098L,0x1ae7e00046198910L,
-        0xd299ea6c8637f141L,0xa33a21d96dce1f27L,0x0000000000000191L } },
-    /* 14 << 224 */
-    { { 0x33b557a9edcbf5e2L,0x8d42c77f4fb31e95L,0x3f006dce258e5a7eL,
-        0x07ab56329dc0f10dL,0x6a79f1d388012825L,0xbbc9f71d997f67e9L,
-        0x733aee4fb0484d0cL,0x0d7d26af06b23588L,0x000000000000007eL },
-      { 0xae584763447d2b4bL,0xe3c380900abe0533L,0x19dc9a0946a66debL,
-        0xc5e21596f7351889L,0x67efb3732e9062b0L,0x38c539278def3d27L,
-        0x8f2afe546ec1f561L,0xa80f0c62159002baL,0x000000000000007aL } },
-    /* 15 << 224 */
-    { { 0x0574b1c11fe4b65fL,0x564bc4eb99fc3470L,0x040cf7e88ad913eaL,
-        0x72f64fde21e6dc7aL,0xf061a2f945e43f1eL,0xb30d7ace4cf73cd7L,
-        0x4e67338fed5303f8L,0xd1ca92f827fb18b4L,0x0000000000000123L },
-      { 0xec92ff11b2ff61b9L,0xa1196425dd3bd645L,0xeab1a0b3ffc4a720L,
-        0xbb01e20dcde12819L,0x222fca782f6f9062L,0x5343239fbf735e40L,
-        0x8e4c78ee7a1efa11L,0xbb68361cacee5111L,0x000000000000009bL } },
-    /* 16 << 224 */
-    { { 0xbce0f1074175e7e0L,0x51ac63d71965464dL,0x429f6b9f52aaa9ebL,
-        0x6ed3c53b2a1846d7L,0xfa87d5876dcda98aL,0x9858c801c72d6d0aL,
-        0x94a5bcf367681451L,0xb7c46ecdd3de0285L,0x0000000000000183L },
-      { 0xfd301b76d2dfd89cL,0xac9c2b0d0f38e6c1L,0xcf9d3acf2da8e6d4L,
-        0x99db13dceb9024c5L,0x4ebfc5ba9ee659a9L,0xbded80949b2fa547L,
-        0xfcf035f9c08d98c5L,0xb50dd13656b8b217L,0x000000000000014dL } },
-    /* 17 << 224 */
-    { { 0xbd6785f67bfbd788L,0xf5b0998e64b74e2aL,0xb9807c2339968512L,
-        0x7de81d72cbb6513fL,0xca27798033ef0d45L,0x09ea26e95b9b19d8L,
-        0xbf8414db4390e170L,0xef1287bc2e6a7e43L,0x00000000000000c3L },
-      { 0xd10112737f0c5ef6L,0x47393f003fc452dcL,0xb193a4a17f51c291L,
-        0x7d0ffe318cbc8483L,0x330d79be90e56adaL,0xb913a2e9c8c6c717L,
-        0x3c5e0d0c3f227508L,0xf57d2ea48a43f045L,0x00000000000001f7L } },
-    /* 18 << 224 */
-    { { 0x00b8eebbbd959bd9L,0xc5406f8e65f420cdL,0x6a60db3f063154c5L,
-        0x5d36e596311dbdeaL,0xa2bd49a842a485e7L,0x661fe033dd24a2ecL,
-        0x00d78bfb695ba009L,0xfcc1198129afe784L,0x00000000000001afL },
-      { 0xf30ad5348384e611L,0x46f55e5266df249dL,0x5cb69969ee339313L,
-        0x266a39971707af6dL,0x58d83aaf3a65d217L,0x46289bda29bc352bL,
-        0x13a780b3a7375993L,0xc694ec0434a72490L,0x00000000000001d0L } },
-    /* 19 << 224 */
-    { { 0xf54fce2fa396f979L,0x69dd3e5e44540d2dL,0x4bdf033a2929586cL,
-        0x055090d894086923L,0xda62e5374c8595c6L,0x8a9e1def4d489859L,
-        0x84a3f9502ac811faL,0xe6753ec71733f749L,0x000000000000011bL },
-      { 0x1d3b67d036f97445L,0x6f154f990f2533b4L,0x69493d6eb0e8573aL,
-        0x4ca3dad5b8f6d7acL,0xd3ec695236a717e5L,0xd8c719b7e78bfc25L,
-        0xf4746d3e069fc4b0L,0x8d967a3a6486c44dL,0x00000000000000e9L } },
-    /* 20 << 224 */
-    { { 0x7d8f48632cfeec8dL,0x9974152a814a01dbL,0xddc0bc6cc92694faL,
-        0x4e7bff595e2b5689L,0xbaa96e1a812f16fcL,0x800462f4f6585b6aL,
-        0xbd8c7d984cf44364L,0xe49ad28a84fa6863L,0x00000000000000d3L },
-      { 0x417df8bca87cb33dL,0x4fccdc1bdcf62845L,0x8784400a576b1235L,
-        0x708f13ce2676a8a3L,0xa7534d0dfdc376c9L,0xbdcc20da643f1159L,
-        0xc0f21e2e86b8fbe7L,0x632c15d52f0326c9L,0x00000000000000a6L } },
-    /* 21 << 224 */
-    { { 0x68fdb156f0af9d3bL,0x5f53c821be3429a8L,0xf37ba120798adc16L,
-        0x13793b18980624a3L,0x5f6297ab421c8a0aL,0xd429fe05b9a9bd9fL,
-        0x80b7d860ff3a84abL,0x10ecc26a3e1769e6L,0x0000000000000020L },
-      { 0x0a1afce2c04cbbd5L,0x9b6b5b9cdb6c081eL,0x5759236d62cada78L,
-        0xce57613aedc49bd7L,0xf66a9105f4df2865L,0x738e3e09768d556eL,
-        0x4ea024b2487b98d6L,0x69f02ea84e9bb27dL,0x0000000000000078L } },
-    /* 22 << 224 */
-    { { 0x8499723aa10fbd04L,0x638fdf9d1d392e78L,0x7befbecbdf12c367L,
-        0x522a5d26db60f06dL,0xce23f73fe6ce2fc3L,0x42f4ea36b20e9b7bL,
-        0xcaf5a320e0401d85L,0xdf4bf7a79938d740L,0x0000000000000131L },
-      { 0xfc8a14c7b9493be8L,0x2e89cef551148e47L,0xea3375758b804aadL,
-        0xce58b786362d9aaaL,0x0f3cdaec13bc5120L,0x1e773c0d49f1afd7L,
-        0xe9127a8b4ef25b4aL,0xe6d30caf29f670bdL,0x00000000000001c6L } },
-    /* 23 << 224 */
-    { { 0xbd401bcae131ef57L,0xbbe597a154c52236L,0x6d1c702efcd7d43bL,
-        0x0eb0316d8a359106L,0x143b98b6ac6374afL,0xb2578bfac4a2b559L,
-        0xa210d0c1bd53053eL,0x5fcb9211c1779f63L,0x00000000000000f6L },
-      { 0x5f83788c000e35a2L,0xd00c38172eeb99d2L,0xa565d239c63ff60eL,
-        0x147f29dcd0d4caa8L,0xf8b63389115dbd52L,0x2dcb407f6856405dL,
-        0xb1bd3bb6469671d9L,0x4468b9a148cac2d5L,0x0000000000000013L } },
-    /* 24 << 224 */
-    { { 0x2db0707f8144a351L,0x0885661375ca2dd2L,0x7a5052e1db5369b9L,
-        0x0ee205ccd81351b7L,0x17352e8de1a0c288L,0xbb36a1cf89c9cc19L,
-        0x5797a9b2768d2d2dL,0x2736a45cd28ca1e5L,0x0000000000000118L },
-      { 0x0c9e5469931503b9L,0x2c0487af3d942235L,0xb71d495e95ae408dL,
-        0xb5c2e5d1a853a205L,0x09747539585803b3L,0xc703600a44cf93eeL,
-        0xa0a16aed1904461dL,0xfb5c6e6ab0333ff2L,0x0000000000000119L } },
-    /* 25 << 224 */
-    { { 0xc4c7b8c62b36290bL,0xe2fb417d81e58d27L,0x086f3d384750dfe7L,
-        0x8359ab7548c6d58eL,0x7b78687a094386f2L,0xcb1d4021a140ec3bL,
-        0x52a8d9962d7dbaa3L,0xc7552a9b8facccf9L,0x0000000000000182L },
-      { 0xfc3ce1ff88706b52L,0x5cfb2c61ee0aa036L,0x3c52b2c9b87e28faL,
-        0x01ceb01f22eb006dL,0xb0fd7d823174e206L,0x190d8131ade8d5d2L,
-        0x1d195d6ac3f7f087L,0xdbfae9d2eb09decdL,0x0000000000000134L } },
-    /* 26 << 224 */
-    { { 0x9b21b0eb2daa2fb7L,0x62506bd10665aaf4L,0xfbdb475b82e9704eL,
-        0x4088093f50b1377eL,0x5397eea199707c61L,0xd3356b6e75fd8b3dL,
-        0x561c380705fe8914L,0xd0304825f77342d0L,0x00000000000001b8L },
-      { 0x7daa92433fdaa949L,0x12f461af51ea7441L,0x56c37d995a63573fL,
-        0x5d6c77c84a7025e9L,0xd2f2be05817b31a0L,0xc3b01b281f472be6L,
-        0xa9bf6a9f861524ccL,0x1dc74be29f0ca5b6L,0x000000000000002fL } },
-    /* 27 << 224 */
-    { { 0xdf2687a38ee78e5bL,0x5ca01f45dd1c0e1cL,0xf2bb5db54161d203L,
-        0xabe1d9781258d82dL,0x9ed61dc1371f1fc3L,0xb5882d2e8ebcd9bdL,
-        0x62d2a79ea86df9f4L,0x925a80af6c50a563L,0x00000000000001b8L },
-      { 0x472e8479a891d8f3L,0x47741910543b0678L,0xa1df2d293d53f8d9L,
-        0xde28fb0e30acb4b1L,0x9683ff8d5d4e1f2aL,0xeb74a8044ae8a13eL,
-        0x727434e967e736d4L,0x514af3dc0db30c54L,0x000000000000010dL } },
-    /* 28 << 224 */
-    { { 0x8b883f22fd5b9cfeL,0xebc175f592656667L,0xbe995418d9c86f02L,
-        0x9dee3ec51ed7a5adL,0xe9c7b177a10117b1L,0xae7ead0547724e37L,
-        0x4baba8316fefa7e4L,0xb496a2d1d7727641L,0x000000000000013eL },
-      { 0xed31fca226014cc5L,0x3b36d6148a223091L,0x32ac1f7b521e4fcdL,
-        0xcc7348015ad644d7L,0xf60d0ae0931450aeL,0x1db3acecd993d7c7L,
-        0x0f3e95427a9cbf22L,0x7c688fba58fede8aL,0x000000000000005bL } },
-    /* 29 << 224 */
-    { { 0x53259e5950ef71baL,0x1dfc6bec47c25dcdL,0xfbd8d5c47087cf41L,
-        0x5a5ecfd10249e9e4L,0x2c6af4a91ea582fdL,0xd01b1f80cc54d09bL,
-        0x9cfa9960500567ffL,0x7c744e9348b2e9d5L,0x000000000000004cL },
-      { 0x5c596099783f1792L,0x7e2b1d15d0f14bddL,0xcc195fedecad2e07L,
-        0x324953104117835cL,0x8eb7128ca206aabcL,0x0b9d40cd4873c84cL,
-        0x4ffb71b40648225eL,0xe7ef4f33a4139697L,0x0000000000000081L } },
-    /* 30 << 224 */
-    { { 0xf6171f9bdc8d6167L,0x1bef4c1bdcdaca1eL,0x069ea1943224f5b9L,
-        0x16e603adae98eedaL,0x1c2551a03527f99bL,0x677bfceef3324cf7L,
-        0x89739e2afaa65d81L,0x7c63f321ee01a2a8L,0x0000000000000083L },
-      { 0xfca4b775684bf04eL,0x12b2accc10aacf28L,0x60eb59796f5b70daL,
-        0x0973753341ad9c9aL,0xcbfd801c2698b98dL,0x6915f2608eece898L,
-        0x932c7de6e88b02bbL,0xb183858db0f499f9L,0x00000000000001daL } },
-    /* 31 << 224 */
-    { { 0x9a4db1714ada6df2L,0x113d6ca8a6503065L,0xfe1ce2a393f30e86L,
-        0x0ec4df0f5b883187L,0x2ba9f9377b6de31bL,0x6319ca2907d3cc32L,
-        0xadf2d42c0de3d0c8L,0x1cf47cbc8b60ebcbL,0x00000000000000f3L },
-      { 0x9737b3155a5c472bL,0x405097d38f44ac04L,0x11d7b5e098060980L,
-        0x1031d3a49c649638L,0x851dd24036cc36a2L,0x72174467106c19e7L,
-        0x0689ee3ef1ab03b9L,0xab05c26f83c47bfbL,0x000000000000002eL } },
-    /* 32 << 224 */
-    { { 0xa198d04b1b9ed16aL,0x2244536251340438L,0x77078e91251deca8L,
-        0x1d7b7be1be67e98eL,0x106648be2cc726d4L,0x79dd8d7bf5877e13L,
-        0x42bbd30e37993843L,0xe768f54dca7796c9L,0x0000000000000078L },
-      { 0x91c5e19d1acdf2fdL,0x0a2eff89e93c20d4L,0x6a84e609ce41ac1aL,
-        0x186ab6e8df08373cL,0x44c2aef6f6f9abc1L,0x9c7070b0dd735102L,
-        0x0e58b51807643871L,0xbc9f2e800b15d805L,0x00000000000001ecL } },
-    /* 33 << 224 */
-    { { 0x2cd086126ac3eebeL,0xe2163c355db014f3L,0xcc0834dc214e34deL,
-        0x67d2cc1775ee3864L,0x804612d5c4b02021L,0xa11ef6c76c805b05L,
-        0x898fc69d371dfecfL,0x8e977d1ba62b7df8L,0x00000000000000d9L },
-      { 0x037816ccb8e7e3c7L,0x2bc7a1eb52cd66b8L,0xf12d63ac37ef823eL,
-        0x42f8b36b29442388L,0x5b1d0dd6caa4d841L,0x21e213cd81986c48L,
-        0x492df17ff19ef6e3L,0x8a08cec5a5bac400L,0x0000000000000033L } },
-    /* 34 << 224 */
-    { { 0x49d545a21757c756L,0x8610764d3c78c7fdL,0x888363b0285ce4b1L,
-        0x6afe14c4d52e0e81L,0x612a58397177ffe0L,0x05a4bea49679b41dL,
-        0x121bb1c14c519b94L,0x844a95ddf521675cL,0x00000000000000d7L },
-      { 0xc6045c5c7288cf7bL,0x79319df2da1016c6L,0x67ef5845055e3ea0L,
-        0x91e7ead7bee71541L,0x285c08d78843f3afL,0xa90f3a94c2089d1fL,
-        0x3d0e6d1caa37b132L,0x2f18d93b62fb149bL,0x0000000000000013L } },
-    /* 35 << 224 */
-    { { 0x9287f41090921a21L,0x0cb3476c2f63ade5L,0x87eea82b66e3e879L,
-        0xb3c50d698eaa88f3L,0xe5b64f705624741fL,0x6fcac6de5e6a215eL,
-        0xe786b1dd66acd6caL,0x9e478411a5244800L,0x000000000000009cL },
-      { 0xf784aa4fa84c388dL,0x801593a26cdc8009L,0xadc07673ff1109a6L,
-        0x708a579d42678ae7L,0x2d246455e0d1dc79L,0x42f5c10a232c0027L,
-        0xd7adecb1785590d3L,0xeb58cecf139cf371L,0x0000000000000061L } },
-    /* 36 << 224 */
-    { { 0x5f0ef75a63dbd14fL,0x70883cf607b91b63L,0x2a1a32252f16a270L,
-        0x4d2ea66709740ebdL,0x50d5f3687e12f70dL,0x94442fbf06eda6c6L,
-        0xff1df80648f80934L,0xb5b52dadc7599220L,0x00000000000000e1L },
-      { 0x307f5ffafef02d74L,0x980fc52d49e703feL,0xa1006542c0eb1a94L,
-        0x2748d7af25476aa3L,0xcf9eda78370f6f57L,0x56c8f00f6ec2b826L,
-        0xc61b847a72375d88L,0xb0833b255e744eb8L,0x00000000000001c2L } },
-    /* 37 << 224 */
-    { { 0x78124c4f967e4b4eL,0x7ed9ab8d15a66ffdL,0x26af569efc3a3f52L,
-        0x0286ff20425d38d8L,0xfec9b67f51e9e240L,0x6d8a01c657256933L,
-        0xfc8f705ad2ca6b4fL,0xac3d7833da28a9d3L,0x000000000000008aL },
-      { 0xc4371b8ea0924274L,0xe543f30a55a72435L,0x03405ef6afa7c869L,
-        0xa44ce2098226a4b6L,0xc0aac941a0f9fc88L,0x3fd69258a497b61bL,
-        0xd431b511f80688b3L,0x664b77780a42eda0L,0x000000000000009dL } },
-    /* 38 << 224 */
-    { { 0xb9d84fc9d0cf69e7L,0x98f1940ea8e34a97L,0xe4bffa94dfc118ddL,
-        0x1849a3edfc66b9fcL,0x623db3947287a7dcL,0xde0d7d087019e9ecL,
-        0x2331aabf80aa347bL,0x44a365b11b999a3aL,0x000000000000010fL },
-      { 0x198f73ac92ae7427L,0xf62dc73002e04aecL,0x0506c93d3088101fL,
-        0x945ac732184edd51L,0x57f825fdaf7c6201L,0xeda00ab31c31f295L,
-        0xeda9d910f425b2e6L,0xa360259c7cdd8528L,0x0000000000000040L } },
-    /* 39 << 224 */
-    { { 0x7f0b99ba527dce55L,0x34b0ebfe5507d70eL,0x17cf8c47887de484L,
-        0x24a47965c1e5db40L,0x7d00b4a73f930257L,0xb294ecc224daec20L,
-        0xe8b20a6d4dcf26d0L,0x3214127cf13fd50cL,0x000000000000015eL },
-      { 0x8cc788b35eb3732fL,0xfd1ae000133d4b75L,0xf9bce1bc69223ceaL,
-        0xdb5a3d114511bb55L,0x39a956cd174c7629L,0x8b986a5b97c29420L,
-        0xa2a1eb4b38c80915L,0xa61c0e9f0cbb3c1eL,0x000000000000009dL } },
-    /* 40 << 224 */
-    { { 0x225c059ed015590aL,0xe49bada67483540fL,0x2318feb81b31b7a6L,
-        0x2f21ceebe675c20eL,0x3120aaf01c4da767L,0x96ab6834faf8f96aL,
-        0x3d4658ec30ea971bL,0xd1ea8938bf6a4e03L,0x00000000000001acL },
-      { 0xfd222beee78e187fL,0x56be63dab3c6322bL,0x8d1df732b9be02d7L,
-        0xa3df259fc2738beaL,0xafba1c5a5132fe56L,0x3fa503e9e7b27139L,
-        0xa27ca7549faf45eeL,0xbfd0a46e69c674caL,0x00000000000001fdL } },
-    /* 41 << 224 */
-    { { 0xe4addb8a7c626af5L,0x95410e92784c28c3L,0x46cf5d1e41cc58ecL,
-        0x84ef22e1ed080326L,0xd2a89dd536622acdL,0xbbce8e6ab278d4ffL,
-        0x7e82c968ef05bffcL,0x529507651613c4e7L,0x0000000000000191L },
-      { 0x66b1666ebbbb1311L,0x6e7c4d8967c415b7L,0x349f95b4f99b5985L,
-        0x1570e3124410e7e1L,0xd580b98a20a06e99L,0x6d57fcf02719178cL,
-        0x33adb81f803d3d62L,0x00289e3d44e383ffL,0x000000000000014cL } },
-    /* 42 << 224 */
-    { { 0x4c6047e27f3de4d2L,0x52a7f1291f69a829L,0xad9795a543bd0bc3L,
-        0x5c71a352ab36a628L,0xb208e87f6fe6bd16L,0x8b2cd1443b7ddcaeL,
-        0xec7432bb74041659L,0xfb284cccef17cb28L,0x0000000000000032L },
-      { 0x046dc83e96a2607fL,0x8134edca02e02d8dL,0xacdfc4551b88ca47L,
-        0xd0074a612695bb9aL,0x11987bd8c3074bc3L,0x5438070061264550L,
-        0x00b82a987a57f0b8L,0x66c456c5454b48d6L,0x0000000000000168L } },
-    /* 43 << 224 */
-    { { 0x900944e57151aea8L,0xdbad74a8f5bff8a2L,0x1eafcf55286f204bL,
-        0x82458315f3dc6626L,0xd4007ce5a7714adcL,0xf73b313fb5ba570bL,
-        0x044331b1151fb782L,0x45880fd4a6e31445L,0x0000000000000167L },
-      { 0x42f4af3c14b5e10eL,0x8b5d030c99a6683cL,0x79e437bc5e5633aeL,
-        0x2d81f1998b1a40ccL,0xcddd50cbdacea56aL,0x8211a78b39d40f43L,
-        0x5191c58618becac1L,0x749d45b75e116bf3L,0x000000000000006aL } },
-    /* 44 << 224 */
-    { { 0x6b40cb65a890ca97L,0xd7c6159338fc3078L,0xc78089f208c33a15L,
-        0x43e1b721021432bcL,0xc865bd2ccbef3f81L,0xbbcbee060108433eL,
-        0x336daf037cbe3b8eL,0xa10111577168018cL,0x000000000000007dL },
-      { 0x267f0241c0b153a9L,0xfc22a8b8984c2ad8L,0x6906a223572e597aL,
-        0xd964050675f9a034L,0xc9187173533e0c25L,0xd8b9f9f87c94582dL,
-        0x66fbb9c58980b28bL,0xf8446492c9daecc8L,0x0000000000000098L } },
-    /* 45 << 224 */
-    { { 0x2d9ea0622878a241L,0x46de4cda5368642aL,0x4fa9ad358a5243abL,
-        0x5ca45b8ff67260e4L,0x50a702ff0b4f3d28L,0x0f7f2095dd1fce0eL,
-        0xe417061dba620770L,0x86cae35273b13911L,0x000000000000002dL },
-      { 0x8ab3ae4b76e1fc5aL,0x06f704572033cefaL,0xa5bff96c08db98caL,
-        0xff04cbaf958d6e43L,0x43eefc8fe3c74fa8L,0x76185b498db92137L,
-        0x920ee668bd3c9f38L,0xe1f4f3f2758c856bL,0x00000000000001f8L } },
-    /* 46 << 224 */
-    { { 0x0f97a466381dc2a6L,0x3113353553f904e9L,0x69dfb20035d8fd47L,
-        0x6cfcbaffbdee4042L,0x54a55759ff2c161aL,0xadb79909f50226fcL,
-        0xf13ec08be24595a7L,0x39d14bf39ab2b842L,0x0000000000000127L },
-      { 0x87045804e123ba29L,0x795dc65abe8c6f6fL,0xbc7dda3badade7d8L,
-        0x9f5dae17f9cb4dcdL,0xf1289fa8b261a79cL,0x9e5958fc2330157cL,
-        0x20d13331d798dd7cL,0xadd88400a218259dL,0x0000000000000065L } },
-    /* 47 << 224 */
-    { { 0xd7059bcbd7a1a42cL,0xcb29b62ddd63d4acL,0x2ddfe66885e05419L,
-        0x78011be6b23f63caL,0x40eb7f025dfc1c3aL,0xea4802d856a4fd4cL,
-        0xb4ec884c80924d5cL,0xd095d9a909fbfe59L,0x0000000000000115L },
-      { 0x4b5bb25c529993bdL,0x2be02abeb9b7521cL,0x8c0176b7641b7babL,
-        0xf479474a9c6a564aL,0x6dfc0b64f26968abL,0xab5dfefcd5ea697dL,
-        0x6f077f0cc6b8cfc0L,0x67e7275df6bfcd48L,0x00000000000001acL } },
-    /* 48 << 224 */
-    { { 0xe83dfbfb6987a9bcL,0x311372dfe03b29b7L,0x1b88ad50f4176bdcL,
-        0x5771946f37733cf5L,0x4a020165d5c0cd18L,0xb8e35a40c7603086L,
-        0x3d06b8d0db55f57eL,0x9cdb00cab17b440aL,0x00000000000000fbL },
-      { 0x840ec34134bd8619L,0x40b0c10700ab86c3L,0xf478205885c69c9fL,
-        0x22e8d92e10d63734L,0x5b8e637420a53cdfL,0xe80c3d14fec8a052L,
-        0xb9c0834eede62895L,0xb2ae0eb3de2ef959L,0x00000000000001aaL } },
-    /* 49 << 224 */
-    { { 0x61c9a15ff1779177L,0xf9aa8a6cc76f1327L,0x913619829bedde20L,
-        0x2649f43e26525601L,0x411daf56f5d6018bL,0xaa5c02480e72e330L,
-        0x5d4c0d86d07c778dL,0xf6219f689575ab53L,0x00000000000000d2L },
-      { 0x3b3e3119f9e2f91bL,0x842508feb3dd20abL,0x1715d9be576222d8L,
-        0x47805f30e4ac2305L,0x7d5a8bff610df90aL,0x82289362f166a8b8L,
-        0xb10cd13ca0b00aafL,0xce3012dc2bd95a52L,0x000000000000008eL } },
-    /* 50 << 224 */
-    { { 0x7f3557744356b52cL,0xe4df74da343a8082L,0x0ad02ea630fd3ccdL,
-        0x41c092de81ee408eL,0x5b7314cc0b7af2cfL,0x4f14ea6e18876155L,
-        0xee09e162c5bc9211L,0x33b0203b754d1a04L,0x0000000000000119L },
-      { 0xbba2396d5a659158L,0xc8bd42a381dc2121L,0x96ca706eebae2b49L,
-        0xa47f6a3b27997ddaL,0xea8114cfcecdd7f9L,0xd2c8ebeae936e2e5L,
-        0xd7472cb9fb68d089L,0xa23bd4403d346567L,0x0000000000000024L } },
-    /* 51 << 224 */
-    { { 0x1cb466c1b9c5c233L,0x644e56e7ca17089fL,0x87689df22f23ec6bL,
-        0x7fb193160983cadeL,0x3f174e023542b10fL,0x896aa0aa52204547L,
-        0x0fac42698f3a3319L,0x16bfb9186ea6d467L,0x00000000000000b8L },
-      { 0x9f2675ddc7905198L,0x2377a69ba0bc6a9aL,0x789bb3609de78affL,
-        0x3c9e13121dc56711L,0x7e45f51897a01744L,0x57d6f870229ee331L,
-        0xf4e661027c84830dL,0xa8a3ff8f92a41beeL,0x00000000000001e7L } },
-    /* 52 << 224 */
-    { { 0x47a968bae826a120L,0xc0fb676354042559L,0x97dbf43c0b0b45edL,
-        0xd11788e1d819d0baL,0x6209a0c57eda726bL,0x65a8225cbb83ca8bL,
-        0x1cabddf0a6e5d980L,0x19cc1e75572ce15bL,0x00000000000001f0L },
-      { 0x292a9cf080e60532L,0x93ad928f418cbfdcL,0xeefb9eff36c16b79L,
-        0x2b2bb7cb6df5235dL,0x06920ab01a3f0e35L,0xafe3ce52c22c596cL,
-        0x7e04284c52a95640L,0x2a270b1a7b4789a1L,0x0000000000000121L } },
-    /* 53 << 224 */
-    { { 0xc6b314c1f4239b73L,0x4e54432f8debd8afL,0x1e45f0025aec3601L,
-        0x4b7090c312f51571L,0xdce4e7a4c9c1cea5L,0xe75161b104928b9bL,
-        0xa454b9d35dd8b9f9L,0x50ebb50835b06602L,0x000000000000011dL },
-      { 0x07a84718985c8551L,0x2563d00d0e100ba7L,0x3f69f4101b90b25bL,
-        0x6cf41c9be0ed8b78L,0xb71319ed7d01acacL,0x978d8b39525d0edaL,
-        0x064db8e6734ed194L,0x9ea11ecb8d6d9654L,0x00000000000000cbL } },
-    /* 54 << 224 */
-    { { 0x2b8b31c4eed9cdf5L,0xe7e616bfcb262a4cL,0x41dae45e4b7d7dd3L,
-        0x982a2408caa8c982L,0xffcbce7a3f2a9e6fL,0x50121acccc21ea38L,
-        0x4c2cf642e32f6ca0L,0x22f3a5335b36d5a2L,0x00000000000001c9L },
-      { 0x1f2ad6eee92b1fe6L,0x6a3bf10db5ef5acbL,0xae6f23edd3503528L,
-        0xc2baee0f5ded8513L,0x1f29e1b304c9a105L,0xadd1d742e6b6e61fL,
-        0x72dd27a22e532676L,0x9a53e3a5ac0aaa7aL,0x00000000000000a9L } },
-    /* 55 << 224 */
-    { { 0xe0c8af94cdd6ae96L,0x7a4ea983e2977012L,0x9e749b02365a4de3L,
-        0x2ad28ef487969ffaL,0x93dfae73b6015cd4L,0x6a0350fcd291c2bcL,
-        0x8899eb4142cbcfd4L,0xbf324b61613604beL,0x0000000000000112L },
-      { 0x2a22b916e110f342L,0xe9b1f40520b9a301L,0x7429d456c530c11bL,
-        0xc8c6bb369c275befL,0x65e9dba104319247L,0xd3433e680d8f08b4L,
-        0xe6d50c0a297ee342L,0xa35cd9c083615fc4L,0x000000000000016cL } },
-    /* 56 << 224 */
-    { { 0x8439b14cbaa20680L,0x5f16560db2c77c25L,0xe3c19ca9554f95cfL,
-        0x9e494f8ec3e722e3L,0x3d4b917f1908e637L,0xbc08600dfe6f4915L,
-        0xd730de4026e8d819L,0x28025a154c864edaL,0x0000000000000106L },
-      { 0x0fe4b4805cf7d60eL,0x1d9c195fd22286e8L,0x7c30b704daca5bfaL,
-        0xbfddf0e2b1185d19L,0x1ddf3bfebfa68c75L,0x95d6947fa94774a2L,
-        0x491b041fc28aaaf6L,0xdd984208014c07d3L,0x00000000000001eeL } },
-    /* 57 << 224 */
-    { { 0xc006f8261c14b152L,0x607b76d8548caad4L,0xc533d8f6644b2fedL,
-        0xb5949a09a9cbaf32L,0x980f4e5ee9b82934L,0xb69c4940e0bc902cL,
-        0xc483bd7010ceb0afL,0x85a7296f0da99f98L,0x000000000000015dL },
-      { 0xae2476dd7693b27cL,0x4fa6dd3599041a13L,0xb3ce6a53c4e4e838L,
-        0x4eaf476a9801412bL,0x615d927d421334a8L,0x663ccce26297dbf3L,
-        0xe2e7668e3d03a5e1L,0x4d15aa4099993736L,0x0000000000000188L } },
-    /* 58 << 224 */
-    { { 0xb7639306e80de633L,0x8206add9ee5e527bL,0x2f5e86f4baa789b6L,
-        0xbc772de757d25d54L,0x3ce87740b4b2b380L,0xf61acf7ebc08ab4aL,
-        0x1b81b706e4c17950L,0x70e16670f97a672bL,0x0000000000000084L },
-      { 0xb3c11d39ee5d0d74L,0x57470243c23309bfL,0xc04f806ad970c46cL,
-        0x0a91f05641f15577L,0x0888829070ab35d2L,0xb413e83fe301207eL,
-        0x0b17e3648bba92e8L,0xb1b97d4ed7b430e6L,0x000000000000017cL } },
-    /* 59 << 224 */
-    { { 0x89447b27bd4b54d0L,0x19cf8afd7f8112f3L,0xf8b4a959bf831e34L,
-        0x6dd1726a6b244017L,0x5783a070413e1aedL,0x27438461d5a29d55L,
-        0x29a921f789e2fbdeL,0x1abdad7e001a5932L,0x0000000000000106L },
-      { 0x9c35f7e9947b1ac9L,0xfe5f4c5b086b5e09L,0x12da650c105c5c10L,
-        0xd6e60f998dbaa678L,0xd3f99655ca972737L,0xeed2c3bd48d3ad22L,
-        0xfa0d06cf42a51f2eL,0xafe258e8c9d10b1eL,0x000000000000007eL } },
-    /* 60 << 224 */
-    { { 0x920ef3b8f225d101L,0x14533fb672346f7dL,0x8f391dc232eaa7edL,
-        0xca99c1fc9cf81d89L,0xbd298ba671bd3ed7L,0x2ee73abe68942dd3L,
-        0x2cb7b2009bca1375L,0xad67f957123137f3L,0x00000000000001b8L },
-      { 0x838fad634c6ecb7dL,0xb79af8cbb96744e2L,0x7c4190fcd3bee960L,
-        0xdb298cdf1740bbdbL,0x801cfc4a655bc379L,0x35869a8d80ce1b99L,
-        0x437c60f11004665fL,0xb904ae8df965f967L,0x0000000000000176L } },
-    /* 61 << 224 */
-    { { 0x9b6cb18391a51175L,0xdd88aec4fb80c7eaL,0x29cb000bb640c84bL,
-        0xb391ad58d58c3da3L,0x2671ce7f83dea34bL,0x3daf6c2d490ede19L,
-        0x39e152910ec82d99L,0x8c5df3d73928795fL,0x0000000000000124L },
-      { 0x00f19b087e411379L,0xd74a2e9ee6aca0bdL,0xac5723e381207f79L,
-        0xe888e1b58224168cL,0x9f54500800c0b0efL,0x14e8160dad9e4155L,
-        0x8f04a2a28203bc81L,0xef916792d7fb7e1aL,0x000000000000014aL } },
-    /* 62 << 224 */
-    { { 0x5057d40664da7708L,0xcff34770c7f0fb54L,0x71779c1c72de7d6eL,
-        0xe3245536baafe87eL,0x3547d3cc27ee8200L,0x6fd335b373ca8819L,
-        0xfe68353f13487c33L,0x3465439099cdd431L,0x00000000000001d5L },
-      { 0xb1b27dd4e9031706L,0xce565fc49d72eed0L,0xb48715abb1962bc7L,
-        0x849d8b56bae93f30L,0xa3548c4ddb34ac91L,0xffa60fb4985a3543L,
-        0xe43b129448a4c7bcL,0xeca115250e74194dL,0x0000000000000021L } },
-    /* 63 << 224 */
-    { { 0xf1bac1afb0f94217L,0x93744bd640f2ef25L,0xd920ea38f832f1feL,
-        0x95ddcf8c13a22b90L,0xaf759f72e0087be3L,0xdd03642be6baf27aL,
-        0x012d7445cd0dec66L,0xef35032ab1bfa5cbL,0x00000000000000bbL },
-      { 0x980f0d5290448667L,0xf4cca39fef1eead8L,0xe11005d6d02b1b57L,
-        0xff6253f2cc5182aaL,0x75f3838e96a49c6bL,0x49b5a038a5348a1aL,
-        0xe2ae0b06dcd79d60L,0x976e296a0a8fa296L,0x0000000000000196L } },
-    /* 64 << 224 */
-    { { 0x4b67fb4118d0a514L,0x0a9fdb8e32ae28f3L,0x786b00f8c238ebb0L,
-        0xf73d53d11cbb7ea0L,0xe3928456988a4366L,0xa108e52a1d62fcebL,
-        0xb923f2471d9484f2L,0x9c8dfc0caf781f08L,0x000000000000012dL },
-      { 0x6485c32f15c72d41L,0xf7ef7e581a01f229L,0x2dca15d289c87f68L,
-        0x91a22920d86c6968L,0x6015a068fe0747cfL,0x429c4d4dd744a2cbL,
-        0xd707e9ea43d3b8a7L,0xa03aa304040ed223L,0x0000000000000107L } },
-    /* 0 << 231 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 231 */
-    { { 0xa9338e3d41b1cb9eL,0xe9173c96c409be61L,0x2b8ea989ba7ea91eL,
-        0x5ad99388870edd75L,0x9d3c5a11c2112dafL,0x5a7c3d52851694a8L,
-        0x8ecc1d6dfce31234L,0x2aca74ef790d720bL,0x000000000000002cL },
-      { 0x66dc50ee20df1f66L,0xe8785c5b3b05ea85L,0x0e28d55e569d94c6L,
-        0xacd3c1651a119f91L,0x51910b8e7226e29dL,0x849b5229dc3eadb4L,
-        0xc8c44e85a88f3b08L,0x990504945e42bc66L,0x000000000000019bL } },
-    /* 2 << 231 */
-    { { 0x27068f87578b7a3fL,0x506446f1423a5346L,0xe9d9c75b58dac5e4L,
-        0x8ebc86e561b8f695L,0x272ac14e611c51e3L,0x67863a1d4e24fb32L,
-        0x270d4fdc02e5b539L,0x96d7b7a9a4186d8dL,0x00000000000000f4L },
-      { 0x1a60ef0526627252L,0x31682a839bdc0f5fL,0x52a055ada112be82L,
-        0x9c3a88484ecf7367L,0x5235087249e70680L,0x61b6b478b881b9cfL,
-        0xbec16c5a887d3c1eL,0x8a8b2b82d598a671L,0x00000000000000efL } },
-    /* 3 << 231 */
-    { { 0xc493e06c7cfbc9e3L,0x7238a446e82d3bdbL,0xf388c069940bcf25L,
-        0xb82837d2da27a485L,0x693111380941d771L,0x93a43f0de8bede22L,
-        0xb3578669b3bafb47L,0x44d6e546bc7d5cc6L,0x000000000000010bL },
-      { 0x9f703d04c2f5a320L,0x6cf923ae1a4d8cbeL,0xe24663d06bec90d0L,
-        0x94870abbb4276e9aL,0xd690b52fecc55c0dL,0xbed5a84236316797L,
-        0x8edde42f1e63e3fcL,0x2f6f5311b2a7c97fL,0x00000000000001b6L } },
-    /* 4 << 231 */
-    { { 0x3dac1eb44cb7b72bL,0xb027bce2e0c7deeeL,0x69032db2e994001bL,
-        0xde2c253a4d22b49aL,0x957977f9bf66a47bL,0xc118eae521ad303dL,
-        0x40c78cb818ba4889L,0x09901c2ce69238cbL,0x0000000000000162L },
-      { 0x8099814b08bc1ceaL,0x3e74578a38139921L,0x899412a6d9d15fe2L,
-        0x973a21ac29446072L,0xe6c4ce99ee7401cbL,0x03a86c736a4c5223L,
-        0x6976124e6f3e93cdL,0x074326df34dd40ecL,0x0000000000000065L } },
-    /* 5 << 231 */
-    { { 0x02f0014275880224L,0x6ee059da7021973cL,0x931f296db3dfe309L,
-        0x9ed8b1e9485c0d9bL,0x6f3fc0cb1e018747L,0x9add7a9b697a142fL,
-        0xe2ddd8f3e94cc581L,0x666a9b29b6d8d36cL,0x000000000000015bL },
-      { 0x1eed14bb24add8dfL,0xfcf71bd2216b86a8L,0x0f87aa7920faa29cL,
-        0x7aba4fdd9fce47e7L,0x48902baf0a014042L,0x93e911622f4b7154L,
-        0xa39079f6e5f3dae0L,0x6114f249e871766cL,0x0000000000000071L } },
-    /* 6 << 231 */
-    { { 0x943dbc45cedc41c5L,0xa3889cfc075fbcddL,0xab0a889dbee1ac11L,
-        0x9a5319b1d8721711L,0xc4228d8987ecea8eL,0x55cfce64e8221d39L,
-        0xd3e9699d39e3e962L,0x8ed1dd020549f4cfL,0x00000000000000baL },
-      { 0x1729967dfb5fec20L,0x16246ab37a6208f5L,0x10904e4b5f5af897L,
-        0x68c575bb273b4049L,0x973f128b97335687L,0xb696381ed6cb8cd4L,
-        0x3ef2ec73d2fba17bL,0xe4c62fde5233aeb4L,0x00000000000000bbL } },
-    /* 7 << 231 */
-    { { 0x2f171a11b947f8c2L,0x56959046cff17f3fL,0x824fb57f66097883L,
-        0xdd07bd642c2c8782L,0x5b17dd22867ee913L,0x9adb1675796b2aedL,
-        0x9cd315516326bf4eL,0x5839ce47d98c3c62L,0x000000000000001eL },
-      { 0x03323a3fb463977aL,0x95dccccf667a3e88L,0xe3a04d01dea1a6bbL,
-        0x427caf8c2c159eb1L,0xbb2dd277ca73e601L,0x833e194b414b5d11L,
-        0x6594999ed51e212eL,0x5423b8373e583089L,0x000000000000017cL } },
-    /* 8 << 231 */
-    { { 0xb685f627dd308ae0L,0x78d327cb5a08f7caL,0x83e55dd1ee74108bL,
-        0x906408358d01ffdcL,0x6d7694e81625f9a7L,0x48b92a43d782c8bcL,
-        0x61f7b571bf98ee6bL,0x02b2a743e511df25L,0x000000000000003bL },
-      { 0x020b09053aea9b6bL,0xc648d06d989114d9L,0xd7861a73ec1e3d92L,
-        0x2c0eb0720a0581e5L,0x5be8c4da3fdd93bdL,0xd45049f2897946c7L,
-        0x0fa12b386ebb7fbdL,0x7b5391783aca1751L,0x0000000000000001L } },
-    /* 9 << 231 */
-    { { 0xc8f1de47497aeb0eL,0xa1535a60dfd637d3L,0xda8089a50d3b3e38L,
-        0x9981de1279280d2bL,0xd0259e6c483a9659L,0xb16ad60f1cadaecaL,
-        0x150e8c7e335fcb39L,0xba8a6b8c3224d554L,0x0000000000000028L },
-      { 0xcdf6bc521dfd36bfL,0xd89e8950109ff325L,0x2bfbb3aa949c6cf7L,
-        0x5d155ffeb638dd02L,0x9f778149256af551L,0x6ad7a0913e7b2743L,
-        0x4045ec8341939950L,0x6d36b14a36c29ce4L,0x0000000000000009L } },
-    /* 10 << 231 */
-    { { 0xf61f56901631f481L,0x31cd4a4460057252L,0x11c6764a7f3683edL,
-        0x813e617d855abd6dL,0x07dd6c6674bffc99L,0x4eff77903d28a486L,
-        0xda809b5a1236cc16L,0xf3a0a984e1b1fa07L,0x0000000000000015L },
-      { 0xc1557c02fdbaa820L,0x22f1b155490ace41L,0xaadde80bbb30fe96L,
-        0x3ecb3b1e8005fcbcL,0xbfef06d968a1db30L,0xa8e0a6a1a6b85ed3L,
-        0xa602e5b52b82ae83L,0x567eabd6fa699305L,0x0000000000000177L } },
-    /* 11 << 231 */
-    { { 0x714021c9367bc63eL,0xdfe85b6765d131c1L,0xaba75de76eeda148L,
-        0x53a1d3775e567a81L,0x2990d626909efc1aL,0x178755cfa636420cL,
-        0x9b168b964750968fL,0xdb2cc57e5af133a1L,0x000000000000008bL },
-      { 0x58ce08b0e2ffaab5L,0xfd0ff4ad1865bb21L,0x838c66c9bb65b3fbL,
-        0x4a4b95229893cf54L,0xf50f0afb0467f480L,0x1380b003555da012L,
-        0xb2a7dda45126e11dL,0xc88ac327dd17c592L,0x000000000000018fL } },
-    /* 12 << 231 */
-    { { 0x9d86d84feae13cfbL,0x6d235a5f994991dfL,0x0b5b3e99352cbf4aL,
-        0x9512101aa087ee0eL,0x2ab9fec1900fd50dL,0x48129fe5c8fd91f5L,
-        0x69ed1f4d08c5117bL,0x533e83c6e7007bafL,0x00000000000001e1L },
-      { 0x10a0c08d2f0fac2dL,0x35a77d2af3e1daa4L,0x447a8e905f5e78a5L,
-        0x0f5835b0d3acde30L,0x5486f6b961b9aad8L,0x9be0a9b8ecbfd6b2L,
-        0x95a5bd0409452928L,0x4fc3182dea830996L,0x0000000000000125L } },
-    /* 13 << 231 */
-    { { 0x91c85cd2fc7a969bL,0xb16347ac0b3e36b1L,0x66a36f694a3e8b27L,
-        0xb8ef5e3f91cb5d5eL,0x0aace6f26be296f5L,0x4e6d9d9d548235c6L,
-        0x9f24f5c8a7a35b0bL,0x3260930390a55e8cL,0x0000000000000048L },
-      { 0x57924d7afc9c2b83L,0xfc60aa68e403b1e3L,0xdb73a35932ffed37L,
-        0x68d0af3455642effL,0xef0d8368290a4929L,0x7be7c6143930fca3L,
-        0x22ac1195c9f52bc6L,0x074fde05df055539L,0x0000000000000191L } },
-    /* 14 << 231 */
-    { { 0x9e71f0bb8bff6d2cL,0xf35c6c1367b26058L,0xb8791d9e9fb2cd17L,
-        0x834f77fb655344b7L,0xf672749488c6106bL,0x1d51d49a83bf0b92L,
-        0x2888ca81b2598cc2L,0x454c00258377dcf4L,0x000000000000000fL },
-      { 0x622ab6ebe9046dc1L,0x3594e53e40d5f30eL,0xaf4fd362632372beL,
-        0x08601954aa276034L,0xa2369d15a10a69efL,0x9c9ffcf525bf301bL,
-        0x7cd516d5dbaf10e3L,0xc24aacc1f35e5f7cL,0x00000000000001f9L } },
-    /* 15 << 231 */
-    { { 0x518f40a0ba132499L,0x3773088dea2f1aa0L,0x232cfab18b326435L,
-        0xa399e58d73900055L,0x0b416d331a80306bL,0xa34d9a80d9f9b09fL,
-        0x8f9f4355cb95746eL,0x73a7c35d1ce94cecL,0x00000000000000a6L },
-      { 0xf619fafd8b3a57a5L,0x80e70710632fe43fL,0x287b444e581e2becL,
-        0x916afe78030be2a7L,0x6ebe236508f41e02L,0xfd7b7641b70e8c84L,
-        0x1a131e7bdda3edbaL,0xb8e1748a0677e206L,0x0000000000000110L } },
-    /* 16 << 231 */
-    { { 0xb5b80c0e82a8845fL,0x6fdd0a0f42fa43cbL,0xebfa4307803cf184L,
-        0x1dd85b5b4935a211L,0x2438607c6beecb33L,0xfbbb723e40ea88b4L,
-        0xaf5258a6e84db1ebL,0x2c2b8cd9b7ad5e3bL,0x000000000000013eL },
-      { 0x313ce4450a092935L,0x9fc84cec8d0efda6L,0x004929dc197593c0L,
-        0xebd50bb3fbef27f1L,0x9e71f61938c08b52L,0x590ef00571196231L,
-        0xae3c0d2eafc73d42L,0x768bd9624da4a91cL,0x000000000000010cL } },
-    /* 17 << 231 */
-    { { 0x47c8d3c8ab1c60b6L,0xaf198413d12a659bL,0x73fcfe24bd4d19d2L,
-        0x59c7728758032192L,0x48b1aa1f88887224L,0x01e399cd38e96fbeL,
-        0xf1a74ef9ab366e8eL,0x5087c7eb4f2103f1L,0x00000000000000e4L },
-      { 0x8861cfef7dda9880L,0x92b60a92d734c648L,0xefd3e299ed7977feL,
-        0x658f37a6e874dc55L,0x4b3fb1954e7aa888L,0x1c6111122ff97d89L,
-        0x25ad74f9f8345cd3L,0x676666b8ef50e0ffL,0x0000000000000157L } },
-    /* 18 << 231 */
-    { { 0x716cad1e90c8a719L,0x631d6acf882637e0L,0x42fd6468b140d288L,
-        0xe8dfb49488b10f5eL,0x5fd3394471d6849dL,0x51459c14c0026192L,
-        0x4c72b94fd25c7d5bL,0x157cf7e3c3a7ed7bL,0x0000000000000123L },
-      { 0x046419ab6bd8dbe9L,0x4be7f1c837eee4d3L,0x27f5a81aac98ab3aL,
-        0x830a7200bf7071f0L,0xa4dba25c4ebd5b40L,0xa8af3addf94bab5dL,
-        0xc5156c404fd3e972L,0x1fe23347c1a472c5L,0x0000000000000096L } },
-    /* 19 << 231 */
-    { { 0x314e6990933c502eL,0x3eb198b24230fb72L,0xed31a6ac78b0ebd9L,
-        0x98ac708cb7cffa58L,0x41e4880762ee91bbL,0xdb80a5fd6ff7ad3fL,
-        0x647ab9160c32c160L,0x258ca51ad736fefaL,0x00000000000001c1L },
-      { 0x65c312791e5576c9L,0x8393256a7c73070aL,0xdbcbab2ebfd3ad2cL,
-        0xb4ef593498b6146dL,0xf3e6d641f150b4ceL,0xb4ca1b92aa5589d8L,
-        0xc19f635f440c31ffL,0xf3d5705f5bb1fe31L,0x000000000000012aL } },
-    /* 20 << 231 */
-    { { 0x96618bec30be228cL,0xdc83ae086b84d4f4L,0x260b2652348c399dL,
-        0x7c10ac42e6ac3a94L,0xe3d44aeb367c5edeL,0xe0c1989639ce735eL,
-        0xa2bccd0b708b357dL,0x30d6969b489d30b3L,0x0000000000000039L },
-      { 0x3e9d894367d235dbL,0xe6ab2b4427ea16dcL,0xd5b60a504c54afbeL,
-        0x48f39402c0c645f2L,0x44fb14e9a03ed92aL,0x8a66c28c8ecf7a8fL,
-        0xf5ba4cb58d9f6e44L,0x8dd59588edf7d7d3L,0x00000000000000c8L } },
-    /* 21 << 231 */
-    { { 0xa9f649382296ca7dL,0xd80c7ae06b898494L,0xe041220c5a93cd3aL,
-        0x5d42e026f46c53dcL,0x9574fdec710ec9c7L,0x2f2e24b48dbdece9L,
-        0x87afdef250244f09L,0x325f4866235858d8L,0x0000000000000003L },
-      { 0x13e624ede637e34cL,0xa841d34a17e610a5L,0xf899a907bf2faa12L,
-        0x3d28b531ebb38d02L,0x73d1eae320ec138dL,0x6799644ed687d71fL,
-        0x51b93047fff6691cL,0xeccdd0242e44e87aL,0x00000000000000f8L } },
-    /* 22 << 231 */
-    { { 0x0d8a75e7972b1d30L,0x9556f1ee4f05a10bL,0xb0a90e0afe233210L,
-        0x5899ed3fe8c3ab51L,0xb3f56019411d224fL,0x2fc2ad6f9a30b1b3L,
-        0x66b1a36860c33436L,0xcb5310cde3490548L,0x000000000000011eL },
-      { 0x520fb4e711647babL,0x2c5403554e4c5f55L,0x3b4f3cbd58a8e072L,
-        0xaac1cf335d4dbcaaL,0xb5ff4b0426ac1c58L,0x456d3fb2cf35e684L,
-        0x6c05aac04b1eebaaL,0x3eb4e1447d0debb1L,0x00000000000001fbL } },
-    /* 23 << 231 */
-    { { 0x9f9f128f83dccaefL,0x285a6d9d3e4d202cL,0x1dce04e0fe2f32abL,
-        0xb63ad64b5c47d746L,0xc620a818ca9e5cbaL,0x5599183b102c367cL,
-        0xfc28310f1bb11cf3L,0xa518ef8ae7fe07a0L,0x0000000000000125L },
-      { 0x05d6e328aaca5233L,0x3485f1f7c0d36868L,0x2418102af2b53b08L,
-        0x2d7820ab3d138665L,0xcfd8d841fa9a106eL,0x70abdc68a83768a0L,
-        0x666ec137bd673c42L,0x0f55e404e77d49adL,0x000000000000002eL } },
-    /* 24 << 231 */
-    { { 0xbb5261dba4cc0ff1L,0xf63383eb52d5233bL,0x8ab1587033aa18a6L,
-        0x1779ee6ed6b62ce9L,0x80ef23be8ef0f8e7L,0x9ec1cfb401c71a76L,
-        0xb18a364ac7c793f1L,0xffc4c25b753ab994L,0x000000000000015bL },
-      { 0x80645523d4ca91f1L,0x7e8594c5f895f3afL,0x5e0d810510b5a95dL,
-        0x9a087f09fb4356b9L,0x7784383794c16770L,0x5f6c04ef5837e54aL,
-        0xa0803997f3166db1L,0x797335e56b68a586L,0x0000000000000075L } },
-    /* 25 << 231 */
-    { { 0x8821f20b25ea7faaL,0xea6cdaf038359721L,0xef36817a60f5c37bL,
-        0x79058c6589c3b6f8L,0x5f3e57a4f0e9c92aL,0xea23b73ca0eeddf1L,
-        0x3ce00ce36e7ca79eL,0xd7301945b21fe070L,0x0000000000000199L },
-      { 0x37f5e88ca60f2418L,0x4eab2df52a6caeecL,0x5a02d837c64cc4b6L,
-        0x6316cbb4f8a52989L,0x54985f0512b8c43aL,0xaa0b8a9313cc4fa3L,
-        0x19b9999e164acd3cL,0x3e99a0388122f26dL,0x000000000000002dL } },
-    /* 26 << 231 */
-    { { 0x86bb6a2fcf51acf8L,0x8cfb578447a49e34L,0xa931fc6be3b6d1faL,
-        0xd960cde64a9d14a8L,0xe4c4116245b21189L,0xe4aeb21abbbeb75eL,
-        0xe45db020d9be6508L,0xa001afb4789ad9e8L,0x000000000000002bL },
-      { 0x5f754551c271c0d6L,0x4926b87f0543b435L,0x3157188ab3123bbeL,
-        0x2a77d4547b3addfcL,0xb1c6000b0ee40ae4L,0x6de2cc2872f6a072L,
-        0x64fd97f7f1dd26b5L,0xd43467c38f229a39L,0x0000000000000041L } },
-    /* 27 << 231 */
-    { { 0xd00fdf12e6fa0314L,0xd447ca319be251fcL,0x27bc3f9abfd2b9e3L,
-        0xda101c4d5b716609L,0x109ee4ee24e9876aL,0xf8887370d3fb25a8L,
-        0x0491476e95f97cceL,0x6b7b4ebf8296d338L,0x00000000000001a2L },
-      { 0x52f3da4126bc2048L,0x0be18a87f37ed665L,0x83c03d105741e841L,
-        0x9477ee3354bbb810L,0x0ae3b6318e10be02L,0x13581e1a7ec3bc35L,
-        0x04ed1310294c0925L,0x8b6b71746718a4e9L,0x00000000000001baL } },
-    /* 28 << 231 */
-    { { 0x5717fd84a98f0156L,0x968337919a823677L,0xebe83d77a05e6d66L,
-        0x39e669f95c1d28c5L,0x0f577b1f0bf89425L,0xb3c2f12c9dfb7d73L,
-        0xe9ffe3e1987f449fL,0x14f8a1d9a57e7e4aL,0x000000000000017dL },
-      { 0x4e980189dfe5b34cL,0xa5561e4e202cd41bL,0xf6df35fbfb0d13d1L,
-        0x7f002e1707e1500cL,0x9324d1d0ca1bf4b4L,0xd3112b6a3e7adfa3L,
-        0x65b4c876e04902b5L,0x4ebbc331bb04398fL,0x00000000000000e4L } },
-    /* 29 << 231 */
-    { { 0x6863329b21c34854L,0x3ecb8aa8e4cc2e73L,0xf0e9fa087d257dbdL,
-        0x41ae92e4882c3c29L,0xd637e8e96de51602L,0x60745807093e1831L,
-        0x4b79a97b71922332L,0xb6903e0875e68278L,0x0000000000000157L },
-      { 0x4c8fab3b704b19d2L,0x550c2a56b34c0d32L,0x67347887bbcc5f6eL,
-        0x63946f225a9bebe1L,0xf0c5304d01c39700L,0xea8d8d6872deb3c5L,
-        0xd8369ef1c2a03da6L,0xaa3fd01140135bcdL,0x0000000000000025L } },
-    /* 30 << 231 */
-    { { 0x7b5e2027b631ab3cL,0xa4ab4559f2c42e69L,0xd8a3adc1b1670c20L,
-        0xa2240db40abc7c17L,0x104ae5cff054f41fL,0x5c08b0bf128df5f1L,
-        0x651f1be1877d5d9eL,0xafb7992265e13f7fL,0x000000000000015aL },
-      { 0x140370ee632ac61aL,0x7cc393058a188e1eL,0x21a228d9f6eac7d0L,
-        0x8a6f15613fd21c04L,0x64418721c35936a2L,0xf9f06b28f3e01680L,
-        0x7efe7361fdeace5bL,0x6a7264a96e30226aL,0x0000000000000017L } },
-    /* 31 << 231 */
-    { { 0x3f5aafe0bddc0937L,0xd2d0dd4a79f1b07eL,0x56e48aadca9cadcdL,
-        0x44f035c701af31d7L,0xf288f9b9baf4a56aL,0x8a486f9d65fc0205L,
-        0x0047f8d1941bb761L,0xebdae91b757a98e1L,0x00000000000000c1L },
-      { 0x1bb72fdd52fd742aL,0x5073de5a4fd8ea03L,0x47d8be4faa00a9ccL,
-        0x9c262879e45ce75eL,0xbd62c1d3f0a9c65aL,0xbb434e5b8c15c467L,
-        0x611816bfbd22def7L,0x8aa8cf5383778ac8L,0x000000000000016fL } },
-    /* 32 << 231 */
-    { { 0xe1f0c1aefcfefdb2L,0xb5bc33d344930c59L,0x253d5f4964d2c6e0L,
-        0x25efddede316ba1fL,0xeb3ab21fe30c3a34L,0x797a1ad6cfa52a9dL,
-        0x6a3ca2e0a81ba831L,0x27bb664ce112dd07L,0x000000000000007eL },
-      { 0x91fa1e121961aa16L,0x381b2d7167dd7513L,0xbae8635144db8a51L,
-        0x4cc1915fbc31c1cdL,0xf79f40598ec6e9e1L,0xb142b6eca8929a72L,
-        0x4629c6488ed71fb2L,0x9f79bccfbd52faa7L,0x0000000000000029L } },
-    /* 33 << 231 */
-    { { 0xa550f18a6cc76e30L,0x22627d8f61df412dL,0x1d0dc5d69ca28ee4L,
-        0xababc480beafb2bbL,0xb0a7d6926fbfd3a5L,0xf1a64e38a521f4e5L,
-        0x2ee40ff432ada17dL,0xad661a64254597f9L,0x00000000000001a4L },
-      { 0xc6d509050b6c9498L,0x0853d7fe81c37fddL,0x41fec397945c0241L,
-        0x9d94a286648033d3L,0xa977521cd11a039fL,0x9d70047366f73195L,
-        0xf3925c9498f1d8a5L,0xe03e6214f2182e10L,0x00000000000001c4L } },
-    /* 34 << 231 */
-    { { 0x8a13a69fe9708f78L,0x127338fe9439033cL,0x1a55f4be1c0ae257L,
-        0x687f3349da266c1dL,0xe84a7b031264780dL,0xdc796cef48a52f85L,
-        0xc0fd19a2aa4f5258L,0x72b52c44c6e60b07L,0x0000000000000069L },
-      { 0x754a8552ada70b8bL,0x7384869e2ab69b35L,0x1eb9a71bb23f4955L,
-        0x699c11f83f8656e9L,0xacab43310b640cf6L,0xee38be2d21b0d6e8L,
-        0x9d57cbd55499e2e9L,0xb90d2b06448f08faL,0x00000000000000d3L } },
-    /* 35 << 231 */
-    { { 0xbb9af2d1f25aa87fL,0x633f9eaf006ff7eaL,0x32cc47c05d875219L,
-        0x9245422d65a7fed1L,0x7b6095ee882e7479L,0xb0921b30038514acL,
-        0x599167f588ba84a2L,0xf15c510b4de07284L,0x00000000000000d3L },
-      { 0xb152f53babf4a045L,0x019016bf296dd5f3L,0x3eafdc360650071fL,
-        0x4843e9fc756a424fL,0x3f90b62472a46c6dL,0xfd2948483854ef62L,
-        0x139dc631ee3f68a4L,0xdc88b9b1f8d64497L,0x0000000000000044L } },
-    /* 36 << 231 */
-    { { 0x9ef8fc68b3f02f00L,0x4eaaefc11b404dfdL,0xb1a6864fa257718eL,
-        0xab09391e2d8d0067L,0xc38aa83ce8204af9L,0xe1bfb2b08c822776L,
-        0xe2cf738131273df4L,0xb2d517e40cd8fa47L,0x00000000000001f1L },
-      { 0xe5e30566969d3c42L,0x14fdf845f7d7eddcL,0x7eb18e1c25c3adf3L,
-        0x32abb9b1be777247L,0x3b129a9caeb73f86L,0x112ad378338cedd3L,
-        0x885cc5a12602d011L,0x4fc5afd3bc5586fbL,0x0000000000000066L } },
-    /* 37 << 231 */
-    { { 0xcc800639d6008057L,0x9c266f39bbc8d8f7L,0x95ceb2f0607153c1L,
-        0x45f0801babb7937fL,0x3642f3177d002d68L,0x3c72feaeec4c17bbL,
-        0x86921b33df45d803L,0x2166557618a187dcL,0x0000000000000116L },
-      { 0x16fc57bf455df4c8L,0x6a3f8e24a0a801ddL,0x44f80fcbe3f46c99L,
-        0xb6a005d8815493ffL,0x9fb7e1ddb10c1c29L,0xd427ba4473b5524fL,
-        0x8b46a23436db93d5L,0xa2c3267a65278f1cL,0x00000000000000b2L } },
-    /* 38 << 231 */
-    { { 0xcd0681f765c96952L,0xd11c084db226a120L,0x6961cff3a518daf4L,
-        0x72d85fbfaaa2d432L,0xbb0bfa37d8029adfL,0x8b307974f3e263afL,
-        0x1e78acfe4357cbf0L,0x1b24c3c478faf796L,0x00000000000000beL },
-      { 0x29e359eb15c49c42L,0x2a0e85c6bd5142a0L,0x2ca4919c8f74c2f3L,
-        0xc2c0522dab7dcd71L,0x78448d5f2687cfe8L,0xd7fed0780bc1b515L,
-        0x21d8acbbc78392e9L,0xc825030ceddd3383L,0x00000000000001b5L } },
-    /* 39 << 231 */
-    { { 0x6ded17c668888e6fL,0x7d04fbec48d7a438L,0xc95939f56720bd0fL,
-        0x32116dca5b339abaL,0x9868395c78b10c61L,0x9a631ebf64f83fe3L,
-        0x353adbd78b655864L,0x780ed89288891331L,0x000000000000014fL },
-      { 0xa1034f139209f475L,0xc3119769ebdacdb4L,0x5e46e5b81adcc433L,
-        0xb13ab568c9ea84d3L,0x65af681d3d982349L,0x495774cdb9fe5358L,
-        0xc4f40572e4dea0dfL,0x64ddade9d672b677L,0x00000000000000e2L } },
-    /* 40 << 231 */
-    { { 0xdfe1e6afd3bc4454L,0x940641a79e92d2f3L,0x9ad218730e1c2fa0L,
-        0xb6e06bc5a411d441L,0xb54c27d838bf29f0L,0x7dacafceb14f35d2L,
-        0xbfe2b09082b7bc07L,0x868699ab8d3eeed0L,0x0000000000000072L },
-      { 0xbb74a259b8f76318L,0x3ed5995df91b3df3L,0xa4a97a19ac6557b1L,
-        0x07255a2568cf70d0L,0xb28d48077f106380L,0xef6b891b7375c430L,
-        0xf638f42c90c29af5L,0xdf57cc5407c206daL,0x0000000000000088L } },
-    /* 41 << 231 */
-    { { 0xcce61ebaa95f4034L,0xc03193858d3934cbL,0x48125313045ecf08L,
-        0xa5293e9e00a86a56L,0x9685609ce4739621L,0xb4763b6e45a8cdacL,
-        0x0f7efc7417e70b13L,0x3fa90ba2b41aaabcL,0x0000000000000088L },
-      { 0x38849e404a869a92L,0xbe5d13dcf392f0c4L,0x564182b6a7a77b35L,
-        0xad96f8613b51e934L,0xcda67468a8944a6dL,0xc3a4639791afc06eL,
-        0x46517e758aa12264L,0x600044e225aa0d28L,0x000000000000019fL } },
-    /* 42 << 231 */
-    { { 0xac0f2e82bf2a6824L,0xe4a045edfde799c0L,0xf4bedaf812796db6L,
-        0x852692d02f95b690L,0x5991cfd95d3f8741L,0x91cffa0d40b8c83dL,
-        0x26c9dc52a566930aL,0x3dcf171f8c1fd3deL,0x000000000000001aL },
-      { 0x977041071ef70b29L,0x3419dd6b356da0a7L,0x69a6690c3f4259f7L,
-        0x643596f23f596c22L,0xdfa2ac5495452620L,0xa98ed767c7c2b5cfL,
-        0x78d44543a1b281f8L,0x2d6f804fb1800c0bL,0x000000000000007cL } },
-    /* 43 << 231 */
-    { { 0xd820a109f48d85ccL,0xacacc587ae63a21aL,0x64e3da09e0beb46aL,
-        0xa5020c60fca415a6L,0xb1ce6feb30ac9de0L,0x796e8d8ea918a87fL,
-        0x14d8b838e24fc12dL,0x50543fda5a2748e6L,0x000000000000007cL },
-      { 0x998570177a2fdb75L,0xae937494f7002ebcL,0x99906c28e38e1a23L,
-        0xc922a7b49285a1c9L,0x3783412560208b56L,0xfddcb5db55aa5343L,
-        0x7e1aa3e079405671L,0x717994d9b6c5afaeL,0x00000000000001ccL } },
-    /* 44 << 231 */
-    { { 0x3a6e35396a057b5dL,0x96bfc6907338fb26L,0x9dd6b30a6ec9a962L,
-        0x13980a46d62386f5L,0xe2efd90ec9e88bceL,0x2e952aea56736496L,
-        0x0f711da87eeed705L,0x25c0012c4f696d10L,0x00000000000001ccL },
-      { 0xd4f64d9daaecfe2aL,0x77d4ff6c04f3c02dL,0x6dfe2746f2d2d351L,
-        0xbe133c6bd547c567L,0xe3eefd95ed234f60L,0x5de33b9d0cbf5f2eL,
-        0x563fbcfd11ecd741L,0x4dd1ff2449ec76f9L,0x0000000000000166L } },
-    /* 45 << 231 */
-    { { 0x7f90db705dc505baL,0x0ed287e682dff023L,0xdc1e823736006439L,
-        0x45f7189e5d5fbcc5L,0xb0519882a90fa834L,0x88e1b59f135e2379L,
-        0x5f22a5ed447a0e94L,0x12230205384b1b44L,0x000000000000006aL },
-      { 0x4c6df3168a6a5944L,0xdd99a4c395811e9aL,0xdc18aba483642434L,
-        0xb5d321bda71f9f25L,0x338aadb635fc1540L,0xf7d5d16c9c5d076fL,
-        0xe9aed76046537780L,0x0b88e00e065f90bcL,0x0000000000000050L } },
-    /* 46 << 231 */
-    { { 0x5eba88dab51a448cL,0xc59140a1a3bf6be4L,0xfcb188c338515c47L,
-        0x5d212b1bf85097c4L,0x0a031432c37af0c8L,0x1434b11f8a69ea4fL,
-        0xf196646e16e47ba2L,0x49acc62d4ce5d965L,0x0000000000000062L },
-      { 0x63725ac292f56298L,0x18022c719412d3b4L,0x992db0a6db2b50a3L,
-        0xc57263c1c99dae3fL,0xa5cf2e9592d1d97aL,0xb5f93d02b730a5aaL,
-        0x500efdb45dff5370L,0x30e83357974821d1L,0x0000000000000198L } },
-    /* 47 << 231 */
-    { { 0x8e008d522c941ea0L,0x59156f3bb3ec2760L,0xf8e5257f72bd1775L,
-        0xfeb8a6caab104dd1L,0x0aa7934f1e24e935L,0x082a542f75b78c22L,
-        0x08a13d3ac08f5967L,0xafcdee9dbd0f2e83L,0x00000000000000b5L },
-      { 0x7d14271c4b5bc3a0L,0x0aef85c6d39586e5L,0xd92fb2fd460c3ea9L,
-        0x17c4554cbee0de36L,0x80e5aba407dd1df4L,0x23e588707cb3ce68L,
-        0xae5fe85678e22f39L,0x8cbf32748b9cde6dL,0x00000000000001aeL } },
-    /* 48 << 231 */
-    { { 0xf4d18a133b6da0e9L,0x10102e98bbaeb6f3L,0xb82cf999e6f414ebL,
-        0x5a2d09f201420725L,0x51ef37070d541392L,0x044404a7a4b6cbf7L,
-        0x98b51c307f783763L,0x154e7643eaa19df9L,0x000000000000012aL },
-      { 0xbba4d0924bea27e5L,0xfba7ca7dfc03da36L,0x4399448fa62fbccbL,
-        0xcf7863be93fbb08cL,0x41954ccdf35720c1L,0x6c37e6594ed8dfc6L,
-        0xfd3d7cc05aa73a82L,0x616281f077f1e04cL,0x00000000000001e1L } },
-    /* 49 << 231 */
-    { { 0xb8843a3baecb9c56L,0x471c521f71eb02e7L,0x2646f42f1978dff2L,
-        0xd1840b68db9b06ccL,0xf1c565cdd2eaefe7L,0xac478d82e5aac498L,
-        0xbb81c5731219236fL,0x9cef590eaf3ec7ebL,0x00000000000000fbL },
-      { 0x00fa48fd12839c79L,0xbe6930b2f9ba96f6L,0xca60400a52dbbdc6L,
-        0x97cdebbba58fbab3L,0x6cd668db0120fba7L,0x030f7cb1b6282babL,
-        0xf6a0f50c8096a500L,0x13f0031822365ca4L,0x0000000000000137L } },
-    /* 50 << 231 */
-    { { 0xd3e0a88bc7a47d95L,0x9c63dfdd73d59495L,0x02515679ddfa7285L,
-        0x719c60b134a9c1aaL,0xf7ed64522d297d47L,0x018ba27bb3864320L,
-        0xf0bbeb08c51f9896L,0x55977ff5c2943b8cL,0x0000000000000106L },
-      { 0xe29e2e6d9d310344L,0xa73c141821499e9fL,0x37f93b334f2b6177L,
-        0x1a953d005b41fd72L,0x079596887fc4c74bL,0x51fa8d6a18b54a16L,
-        0x8a2f0b23d73b8d7dL,0x81dcdf27c35d31feL,0x00000000000000bcL } },
-    /* 51 << 231 */
-    { { 0x86a623829fd8b32aL,0xabdfdda101d41983L,0xa53f4563528a7673L,
-        0xab916c12bedacf84L,0x3dc44fc48b14352dL,0x993c3213260d4c30L,
-        0xc539686f7e662556L,0xf1138c58b39a1a90L,0x00000000000001a0L },
-      { 0xcad7199577e5eb4eL,0xaa31beaacc030f64L,0x0f60b8841f7cfe77L,
-        0xa420cb1721b8d4f6L,0xd09feccb7de24d35L,0x63320b49b3473f35L,
-        0xb5bcc3e10bfbe930L,0x57a963500fedd838L,0x00000000000001ccL } },
-    /* 52 << 231 */
-    { { 0x00ed7a23a6fdb2c9L,0x1409a2b34b8ba58aL,0x4851489b0a6a87eaL,
-        0x66659b7f33733bf3L,0xda3870049ec4876fL,0x35ad268a1554dc93L,
-        0x8bf6bbf30c00d57eL,0x32a2935c06b48eaaL,0x00000000000001e1L },
-      { 0xe212ae20816d8641L,0x8cebe342575da6b9L,0xf2bd08277c7ccd5aL,
-        0x7a418ca5b8c2e3c6L,0x2348a14f2994a6fdL,0x5a31412a5490a371L,
-        0x73f8d42f36fd59c9L,0x161fdd18a541ed5dL,0x0000000000000038L } },
-    /* 53 << 231 */
-    { { 0x300696f3057c5ceaL,0xcad8a2c50df8356aL,0xfc4cb7fd7c706e7eL,
-        0x60e7d69ebe6a669dL,0x40003669ef923169L,0x5930b76457070b74L,
-        0x3ef2e5f99cff0d14L,0x7ade11730db36e1eL,0x00000000000001e5L },
-      { 0xa0705ba5db6d6631L,0xb1a50dd1e4903c95L,0xa8b727c765e44762L,
-        0x07f6f4c60825fd15L,0x33baf983444de623L,0x655caaaca138402dL,
-        0xe0cbfea729652452L,0xa99c262e681e5a6cL,0x00000000000001d6L } },
-    /* 54 << 231 */
-    { { 0x3132e6ce76fc9e0bL,0xcebc5afbd0dd32bcL,0x2c75ba8753bcc7f9L,
-        0x8cc874cd8ab343c3L,0xd2021ec20024924bL,0x2cda2074c5678891L,
-        0xd724916957e36dcbL,0x7097b4f7611442f7L,0x000000000000002dL },
-      { 0x6e6cea215db4d265L,0x7257f2934bba329dL,0xaa12a1bb9bf3c783L,
-        0x0702399538239dc4L,0xb4d22bdc73524369L,0x204186e3b3252770L,
-        0xe61c9fd037080fbcL,0x9c9a7d157396cc53L,0x000000000000010dL } },
-    /* 55 << 231 */
-    { { 0x4d6356cea8b6ae97L,0x55e296caebe17bcaL,0xfb9ed8b353d6b21aL,
-        0xedf72d6ada093a8eL,0xfa81761c24490122L,0x97e3e7c62f808d4fL,
-        0xad75f995aa0130a7L,0x641a63cfee06c9b0L,0x0000000000000083L },
-      { 0x309921eba0884ac4L,0x1cea2e3f6c788b29L,0xb412c4919295fc7aL,
-        0x9eb836cabbe43b7cL,0xeffb3ae33c591e1bL,0x825cb6d838f93652L,
-        0xcef6276e83301934L,0xcd857684c28e8b6dL,0x0000000000000195L } },
-    /* 56 << 231 */
-    { { 0xe5755448cd5974dcL,0xdc4336085d6bc190L,0x291521f7431ba450L,
-        0x31e71c894d80164bL,0xb42bb11ca6ed9fc5L,0x3a0966fead792be1L,
-        0x7f75f881469b8352L,0x38ef2c56448076a9L,0x00000000000000a2L },
-      { 0xac95a77d7d743f9fL,0x06026129f3465546L,0xd56bee30e9fc9605L,
-        0xfad39345bbcc7494L,0x2b178c653f526356L,0x22418748c661ca67L,
-        0xeb53cf749b79aeccL,0xe7c48bdce76a53f4L,0x0000000000000092L } },
-    /* 57 << 231 */
-    { { 0x781ddc8410eb4bceL,0xfe20bc22689f566dL,0xabf9614b250b11c2L,
-        0x2abc1259fc25b7b2L,0xeb9d15476817ae1dL,0x9e614c5fc00482a9L,
-        0x284a7be697aa02e3L,0xd2786becb912f11aL,0x000000000000006bL },
-      { 0x3e5b8b80f712bff4L,0x2b276fe8615a7bb8L,0xb7e4a47741667babL,
-        0xdbf07505785e403bL,0xdafda3048e5d87d1L,0x651fa13f2485f1e7L,
-        0x0e96561c41fa8c33L,0x9a964b6afc9533c6L,0x00000000000001f6L } },
-    /* 58 << 231 */
-    { { 0x5efb8a35a9a4aefeL,0x69f838d2ce792292L,0x56e06b1041f75d79L,
-        0x39c0f9fb6db28a88L,0xdc03a5303f58d36bL,0xc80062fdc6689d55L,
-        0xcd52297236e0a293L,0xa0179bb20ffb115aL,0x000000000000000dL },
-      { 0xab0bb76d856d0d54L,0x2513146539f307faL,0x4bedb07820813767L,
-        0xf9a1263f59928c34L,0xefe5bdc4909d6dd5L,0x5bec7330c4f8aaecL,
-        0x434209fc1c5c1187L,0xc6f261bcb3b2946cL,0x000000000000015fL } },
-    /* 59 << 231 */
-    { { 0xb939ba08271eac87L,0x01b74a5f96572526L,0x0128e1a8d003e6caL,
-        0x0acc7456cdde9dc4L,0x645651efcd70a637L,0xe19b922266eff529L,
-        0x12e19d5d5e40a325L,0xe0ba91f712d0572cL,0x0000000000000009L },
-      { 0x1b2ebb6600213e90L,0x0f796868e8f5a418L,0x460b815804d5336cL,
-        0xef5b776a8f3acd2fL,0x2d61e4f233112586L,0x13cb818d4d8859ebL,
-        0xae3177cd776f15c5L,0x9ce64970a87d1497L,0x00000000000000b6L } },
-    /* 60 << 231 */
-    { { 0x9cb870731e4539afL,0x9478d2def6271c13L,0x090c027268d3482eL,
-        0x8c977ce0f731a796L,0x13f5710bdc318bd2L,0x2dae989a9a151ed0L,
-        0x598f15eed94e7992L,0x72aafc8f4d65daf0L,0x000000000000012bL },
-      { 0x4ad64f6d702eb8f6L,0x2151ae34a1ef79d5L,0x98837c0e3ce0c875L,
-        0xd63615b6a2e6eb4eL,0x447c6fc3b7d9edb7L,0x67f864f5a86179a6L,
-        0x1e980d0ce354cae7L,0x983691a48c4e9674L,0x00000000000000b8L } },
-    /* 61 << 231 */
-    { { 0x81446ce047b083ddL,0xeb0eb48ded4164dbL,0x92159ee968b817beL,
-        0xfb501e7cb43bc0efL,0x7486c8f67ac944b2L,0xd091b2f3d63a9c1cL,
-        0xd80fde4c25e0d296L,0xc22410b3ba3d2bb5L,0x0000000000000042L },
-      { 0x547f85ccae50848bL,0xaa2af55884859461L,0xdbdd0e1a20f810acL,
-        0xe6f7bb90536880ebL,0xcd47da15f32226b1L,0x8a5bf84843885abeL,
-        0x0a95beffe5ade276L,0x49f09071102f85efL,0x00000000000001c8L } },
-    /* 62 << 231 */
-    { { 0xe16cc278d16c8677L,0xf0f1c0291aa4823aL,0xf235fc167c6b2ef4L,
-        0x854561cc58128c62L,0xb9553b64017d2fd0L,0x8f733f2883213fa5L,
-        0x52ededb79f93720dL,0xd7f0a1cf64f4fb42L,0x0000000000000070L },
-      { 0x23d01627ac7cc128L,0xbe2bb56afa287351L,0x961cade267bd39eaL,
-        0x1ab8cc062eaf0e26L,0xb46886315db2972dL,0x6e48cee137868d66L,
-        0x37856b801193521cL,0xac3f87662ddd16edL,0x00000000000001b5L } },
-    /* 63 << 231 */
-    { { 0x90c3310c6550603cL,0x368ddcb260508b36L,0x22724f188d23847fL,
-        0xe486e47c49eb4fe7L,0x4fe67da23edc4892L,0x437b4cda2c8767dbL,
-        0x61352775146e8e6fL,0xfc0a61384acc18f9L,0x0000000000000043L },
-      { 0x2faf71994c5f4459L,0xc82c0ac392e4b40aL,0x0044de2896e9663fL,
-        0xbf301ebfb957c578L,0xa25deea70d544928L,0xa78c79201fd91e0aL,
-        0x0e8f9087ba045978L,0x33fe0d7b7b01bdf8L,0x0000000000000142L } },
-    /* 64 << 231 */
-    { { 0x5a6db3a8e35ab524L,0x2e6954315117b9cdL,0xd81f6f6417217cb3L,
-        0xb4296467910f3354L,0x7249dcfb5a83e39dL,0x7b6df96f8c87a277L,
-        0xbc8ccd9fcfb09d4cL,0xb644e4e35f67508dL,0x0000000000000174L },
-      { 0x1a228c95246be9d7L,0xd9b7805b669d44f0L,0x7c240e63f5a7d167L,
-        0x863012f56bd7f19bL,0x1cf3d77e3a9321beL,0x407dcfd2782b061fL,
-        0xdbccc9df881439f7L,0x4a3a07a3116d1beeL,0x0000000000000198L } },
-    /* 0 << 238 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 238 */
-    { { 0x9ab5fe51e870201bL,0x181be214428dcc9dL,0xea30361a335ab6fcL,
-        0x8f43702a3af87eceL,0xa46b867147df3e87L,0x4b2fdc3fbb02e25bL,
-        0x72e3bc8e68e4d43eL,0x854ae7242cf96610L,0x0000000000000075L },
-      { 0x56ecf90bfeb21bf5L,0x75d38316e555d52aL,0xfaea840084cbcf08L,
-        0xbd4a0672b5126460L,0x33c3dd8fee751f85L,0x4d658970d8fd6a67L,
-        0x49e1041a439f0c52L,0x0480366fbd63268fL,0x0000000000000101L } },
-    /* 2 << 238 */
-    { { 0xcc24e895e1756b7aL,0x3874a79a3c09615bL,0x30e2489d9014ffc4L,
-        0xedfa2851e9070c97L,0x69113ac763017e47L,0x2dbd4d59ee9161c5L,
-        0xbd93abe740c20e53L,0x2eb660e491ccc0f9L,0x00000000000001f5L },
-      { 0x1363f45a719c9f85L,0x32dfb30ea43cd38eL,0x35933e9a0b75d1ebL,
-        0xaf1fc78775aebc26L,0xb444f393a27240c4L,0xdb46c96df7592075L,
-        0x59c26ad852510ad2L,0x163890bf029bb7a0L,0x00000000000000a6L } },
-    /* 3 << 238 */
-    { { 0x35e461c73f298075L,0xdabce92b476fd938L,0x1a928e413e13910bL,
-        0xb2e8f656cc7dd6cdL,0x8a8aebfa4d4cd65aL,0x23cc2419d684d87bL,
-        0x6e96b40ba93085c3L,0x303b86411f9c3babL,0x00000000000001f6L },
-      { 0xe66619d05a55180bL,0xab397f7d3be53831L,0x103c38d48f88fdb7L,
-        0x7e6d67dfadf9520eL,0xc93512456e517e33L,0xd8596b94a69929b8L,
-        0x9611f83a43dd1ff0L,0x46568571d30d5f6cL,0x000000000000006dL } },
-    /* 4 << 238 */
-    { { 0x0f8341fe21dd6e7aL,0x5c106f8eea93e5c1L,0x8e2ad8e9ad0114bcL,
-        0x277ef823f059d291L,0xed4a28e5dc50fd78L,0xa071965189cdf20dL,
-        0xe393b2641fde162cL,0xd383b86d30a5b16dL,0x0000000000000041L },
-      { 0x04b8115bad6dbeafL,0x7d7f0bb9a996519bL,0xab54d4c89c397c91L,
-        0x1750b97d77a6a3e3L,0x1637909b14554321L,0x7311da687a5aeea3L,
-        0x1f91a0fd52130453L,0x4338b3d686753f28L,0x000000000000014cL } },
-    /* 5 << 238 */
-    { { 0x555a5ed3e41bdc8fL,0xa4c7146e378bf6c2L,0x38ec797a397ff807L,
-        0x0a90aceb5054b6b5L,0x51c4fbf35013868dL,0xd02e806b4c84f3efL,
-        0xe6b25f2947687bd6L,0x9c80d5336dcd81fcL,0x000000000000003dL },
-      { 0xa804c672bf2ef9aeL,0x4a9ee6cf0608b597L,0x2e9648af9b9c23c3L,
-        0x4b4c51d97c465908L,0x742376d23f199fb7L,0x2c2466d04892a894L,
-        0x65b4a926f76de379L,0xe991d330e599d231L,0x000000000000018dL } },
-    /* 6 << 238 */
-    { { 0x524e9cb4da163afbL,0x8a0e4a8f228fb3bbL,0xf664c14b45960ee1L,
-        0xe6eea91bc51f2265L,0xbc9515293ce6bbedL,0x1dcb0c979f66a923L,
-        0x3c1dcaeffa6e34abL,0x8566db771ec37478L,0x00000000000000deL },
-      { 0xbabc8a979886e4daL,0x7be9df692fc58670L,0xfecd51cafbbd20c7L,
-        0x3d9edb6c856ca68fL,0x842d8464e1a1b32aL,0x7bb8fb391fab27d8L,
-        0xc7a7b8614b4c1060L,0x942bd576d69619c6L,0x00000000000000e9L } },
-    /* 7 << 238 */
-    { { 0x6870abbb49d18a7eL,0xeca5915c9e4dd9d3L,0x394f185c0196125eL,
-        0x5b1885351bb56e6bL,0xcdaf07e8e1299083L,0xca4421e89e734760L,
-        0x4288c2236376839aL,0x06e9e6aac7f2476dL,0x0000000000000043L },
-      { 0x83c257a2e91a87cbL,0x37d3a58193ba96d1L,0x23c753bf4ea5fd63L,
-        0x202f819864a1df10L,0x97a5b3dc5b6d5dc4L,0xb3262185add5915dL,
-        0x37a728f3055d11a8L,0x1110f66b8d850652L,0x0000000000000028L } },
-    /* 8 << 238 */
-    { { 0x99a1daa94cf92b1fL,0xb08a7bdecf013530L,0xcbe6c7bc1576e51bL,
-        0x9f88c296e6c13e9fL,0x13fdc9556370791cL,0xadefac0da42b1973L,
-        0xe69418a412cb2ffcL,0xaf05ce9762eae4e0L,0x000000000000005bL },
-      { 0xadb36e6565e89a12L,0xde7fee5853131bd7L,0x7335c5cbabffa9c1L,
-        0xabf94bc392947061L,0x11d2e02b6109bc5bL,0xfc1fc1d28a097cdaL,
-        0x4512fbb6f3d5db21L,0xd40e8637336a3d5fL,0x000000000000013bL } },
-    /* 9 << 238 */
-    { { 0xb927982ec0e8a1abL,0x478a75ff53dc6cd9L,0x45e6200fbe786ed0L,
-        0xee2c3a3699401156L,0x042c35b2176e07e7L,0xc09e54deb073382aL,
-        0xb23b8397c14ed4c6L,0x296c490bcedd676cL,0x0000000000000181L },
-      { 0xab1a53120317d2e2L,0x63ba4b47c5b44b41L,0x2c8a05a1a006a95dL,
-        0x4c3b5bebc7f285b8L,0x14371a425d385fdbL,0x465ae20ee294b472L,
-        0xd3ec2abb5edaa3f4L,0x72641b9f580e0a46L,0x0000000000000078L } },
-    /* 10 << 238 */
-    { { 0x005ce3f7d14c0264L,0x8ef018dc6b7d372fL,0xad9b3a6ec20ea32fL,
-        0x860938b2c327793dL,0x6c1669174b6867f4L,0x8d96f5fa19062b2eL,
-        0x484a2deb22be3819L,0xcad084fb965dec51L,0x000000000000004dL },
-      { 0xd3afa07be469f94eL,0x58e526d7762e7cf6L,0xec8641d0a6338b20L,
-        0x7694b364330d3bfdL,0xf5d8cf6f4193c78fL,0x7395355f11616b29L,
-        0xe29b7a83ab78eb55L,0x71c471aa4eb0dd18L,0x0000000000000079L } },
-    /* 11 << 238 */
-    { { 0x27a0dcec4640a9fcL,0xe00471295ee9a3a5L,0x94d54b86054af15fL,
-        0x21f6ae1dc99e6364L,0x9cb3b7413a5ecd7dL,0xdd128fa1c6840ab5L,
-        0xf62bd90375f71498L,0x5651778f8bd73c30L,0x0000000000000148L },
-      { 0x0c84978d1977a031L,0xee1868aba79b8071L,0xfcf1485672e09b67L,
-        0x0b1982dd174d8166L,0xa43baf2886045a38L,0x089d267e5b6bcf85L,
-        0x7bba2d8b97f39f60L,0xacccd7c488b1a299L,0x0000000000000030L } },
-    /* 12 << 238 */
-    { { 0x3671d520e411c88bL,0xe56d2622af747caaL,0x8c2d939f3f298a36L,
-        0xd09f955e38b36307L,0x7aef92fdacfe3a5fL,0xaa1b543a3c3413e3L,
-        0xa68bcf7585e8eea2L,0x1c33b90957271ab1L,0x0000000000000175L },
-      { 0xe829b5480993374bL,0x93ace6b43758fa53L,0x378932adfb48d303L,
-        0xa0be54cd7b9aca58L,0x6f020d2f07d56bfcL,0x661cc6df332d5724L,
-        0xe1c67b4c4702e14eL,0x6d7e1534fe0ce1f4L,0x0000000000000165L } },
-    /* 13 << 238 */
-    { { 0x542bcf698602b37eL,0xa5abcec8d9ccafc9L,0x9bbef4144d01c669L,
-        0x1cbe4eb53f21f94dL,0x73e4bd548d17cca3L,0xc71a14ef0fc467fcL,
-        0x965e6d4741791872L,0x53d248008a5d401cL,0x0000000000000045L },
-      { 0xc5e9fb2b7bc260c3L,0xaff4fa860768d8edL,0x3d9b189fe9bbb088L,
-        0xc2b32e2cb971a9c0L,0xef0b19a9500994faL,0x9a916d6b4ca815aaL,
-        0x3808a111df10d2f4L,0xfa259ef2d7d6440aL,0x00000000000000c1L } },
-    /* 14 << 238 */
-    { { 0x427e8420abc1c27eL,0x21124fb3118cc0c6L,0x3fa9121b7030b6d2L,
-        0xda46a2b7cba1c68bL,0xb248a68d3fa27645L,0x55268b8ec3876d05L,
-        0xd12a2229ca45c78bL,0x65aabd782de0e319L,0x00000000000000e4L },
-      { 0x6e660d9b77d9dd90L,0xe4edced2707fbf26L,0x8c8269de5d53a600L,
-        0xa9d2ac7cc1d0cb90L,0x7adf4c79998ce4bcL,0x553294473903cbb1L,
-        0x2af44eb383b6a801L,0xf3b473a71f55b558L,0x00000000000001c8L } },
-    /* 15 << 238 */
-    { { 0x650d6b150b56ca3cL,0x510d05a999013060L,0x8f317f930173d49dL,
-        0x1ba9a82c346efba3L,0xf21915c9238c3a66L,0x400b5e7081e3727dL,
-        0xb7a6c68ff2e8bfe8L,0x4ff4a4efe83e0afeL,0x000000000000003dL },
-      { 0xcdd4dd7cc85ada21L,0xef6508c1604c767bL,0x1155f07962894489L,
-        0xe85ce6f65b58e49fL,0xa5be7867bcdbe11eL,0x94251f2e0254ac77L,
-        0xb7e1e2fcb2a4c84fL,0x93b3013dad5da02aL,0x000000000000013eL } },
-    /* 16 << 238 */
-    { { 0x70eae5e2b7c097fdL,0x690c65c6becc7c65L,0xf684ce2cbeb8a529L,
-        0xfb5bd6fa772826c5L,0x12025c313b0d8680L,0x8f20fac7cbef00adL,
-        0xb810bf456fc66ac3L,0xa960e1b3c7878181L,0x00000000000001a1L },
-      { 0x85a5e619f6103b53L,0xcc4cf223fc14a4b5L,0x68985b1f977a8c64L,
-        0x410eaf63fe82447cL,0xe20381490453d341L,0xe1d008ad719258deL,
-        0x26c1b1773410d895L,0x93cad3da45bae984L,0x000000000000012fL } },
-    /* 17 << 238 */
-    { { 0x83470dd85087e317L,0xdb7733bae1f29847L,0x54f0d79b32b8ee6cL,
-        0xddc71c2d83573e46L,0xfd1fffb55e2b6321L,0x3daa5b01a31cbcafL,
-        0x084026ba3ea75ecaL,0xd4e58127f22d9f33L,0x000000000000018aL },
-      { 0x3ea9cefcbd40d455L,0x4350051a09e79ec1L,0x0e7888a7ce0a3585L,
-        0x32dab5ea59e3067aL,0x4843818f5953e6d3L,0xde8b4b0fcc703daaL,
-        0x386a70895d1c9c6fL,0x68d1bfbc6eac5abdL,0x00000000000000b4L } },
-    /* 18 << 238 */
-    { { 0xbd7c96176411ed7fL,0x39202b58f9a594c7L,0x4c20a11472ff2f6bL,
-        0x8eae9ef7641d9c13L,0x89aa633f48b0cce2L,0x92b63306557288b0L,
-        0xb3a581c0ce7380aeL,0x8666b913fb705467L,0x0000000000000095L },
-      { 0xf15719ceee9abfefL,0xe780789a4e41aa97L,0x9d21215431e6afb7L,
-        0x17d9bfab5cbf72ceL,0x0c48ccacb0237bb2L,0xe0a08569d349a092L,
-        0xa409e08ded3cfb4aL,0x79e67928a1c0e87aL,0x0000000000000182L } },
-    /* 19 << 238 */
-    { { 0x1d3c45e847667107L,0x866ca278c080ca9aL,0x9a41e8792dc42392L,
-        0xad3283a25b513845L,0x14d23b50b285d0a7L,0x4aef4370d7364e64L,
-        0xc5043319b807cdb7L,0x88c508189673ed5cL,0x000000000000002dL },
-      { 0xd56fa0fcf39ca196L,0x97e6dbd9852a5db8L,0xd8361629027563f3L,
-        0x93495e12e4c1ef8aL,0xcd5776f11bc10140L,0xb21ef334e3b873c9L,
-        0x48f0ece3098c8fa7L,0xd97318a4f2302f9dL,0x000000000000018dL } },
-    /* 20 << 238 */
-    { { 0xb83fdb669de748b4L,0xc46f81000c41f158L,0xade8932fb8f8f374L,
-        0x5728e8aac7ab11feL,0xa3be4365601535d1L,0xf366f0d450c52b71L,
-        0x6e00860084db7699L,0x39c5934c32bd9061L,0x0000000000000003L },
-      { 0x4c5f3ab49c964a3fL,0x30ee02c369a70ba7L,0xe4f4e7721699b55bL,
-        0x957efd09f2104682L,0x7be1bdb0298947d8L,0x128be588a6ce37daL,
-        0x10f0abbb5110d219L,0xfe63de4b6c433528L,0x00000000000000a5L } },
-    /* 21 << 238 */
-    { { 0x0ce1685131ae8a81L,0xb72c77b2d7337ca8L,0x7e74dba79aedcdf8L,
-        0x18d4e5e3da3c5c9bL,0x19ccdba8edb516a9L,0xe62b675c446ece23L,
-        0x5b4aa29acf1e7f89L,0x37dd4f643940453dL,0x00000000000001b4L },
-      { 0xb3c5170a3b3b6d8bL,0x476b1d951f6c85cfL,0x7eba2355afd2f7d8L,
-        0xd6496bd907671014L,0x9b1e6ea26f122c61L,0xcf03fff746b200adL,
-        0xeac4278017b28fdeL,0x38eab344da84d1a7L,0x00000000000001bbL } },
-    /* 22 << 238 */
-    { { 0xb5bc3117e7c0701fL,0xb48e5dc0d6fd7595L,0xd1b5fe1a3b0f2afdL,
-        0xf1099d2f9248f207L,0x6cc721d9ca2b2ed7L,0xdb339d46a360ed1fL,
-        0xfa226637396de0adL,0x2fba134ae405fd2eL,0x0000000000000110L },
-      { 0xb1d2d7ac0b4bf098L,0x79d1b226f5ff126dL,0x92a0d70fbd01aa18L,
-        0x67e5828531f22085L,0xf694f833d8b14f5cL,0x13c3cc45a40691daL,
-        0xa3405c019388bfb8L,0x6003716261c4da19L,0x00000000000001b2L } },
-    /* 23 << 238 */
-    { { 0x9a02b009aaccf1f7L,0xb6ffb0541f2fd3a2L,0x16512f3487e4db60L,
-        0xf23615007af3e638L,0x3fe5d84a1d4c8fc1L,0x73c21064f2251788L,
-        0x54f27fc6fd65b906L,0xc2262a4040e07e0eL,0x0000000000000072L },
-      { 0xb8c93aab02b4791eL,0xae54bd0ca0bfd55eL,0xebb909da4ea41398L,
-        0x8af3c61555c3e881L,0x61d0d6b9cff9966fL,0x1c28b62eb85433a2L,
-        0x58167c244f422e5bL,0xae2dfae6446a4077L,0x0000000000000063L } },
-    /* 24 << 238 */
-    { { 0xee8b94e0bcbcf019L,0xa3965127952a5a75L,0x5d306ffdbd99b8e6L,
-        0x9726acfcf7f77f82L,0x52a8c48f333e69a2L,0x2561b47ee5310f8cL,
-        0x5c707992ddba50adL,0xca39fec1d49f9302L,0x0000000000000197L },
-      { 0x773374e03330c1deL,0x3c186e5a12186692L,0x7c50d77c2a07fe4fL,
-        0xb0387d01ec8cb87fL,0x891a741524af7e0dL,0xacd3fc805dce5454L,
-        0x2a92f9cb257238d4L,0x25075cbc4415b2a6L,0x000000000000006fL } },
-    /* 25 << 238 */
-    { { 0x7884bbb629f1ff9eL,0x2b3706ed9719d7f0L,0x3a418c4929172624L,
-        0x1857e4ddd83e00c4L,0x8d5bea69add00324L,0x60ee0dacb3d682c5L,
-        0xf34b52b594bf155eL,0x9cbc6954fa986cc0L,0x00000000000000ffL },
-      { 0x23d72f25e31ed109L,0xa053addcebe1cbecL,0x375503015674aeefL,
-        0x2651c46a6eefe964L,0x600c18699dff26f4L,0xc20ce2878be15274L,
-        0x17f6b16a86f62663L,0x919c4e3d4158baeeL,0x00000000000001daL } },
-    /* 26 << 238 */
-    { { 0xe8d55c1e634e034dL,0x344ec79cd9e13479L,0xf3b583bf4be319f2L,
-        0x36bd595ea43a6c72L,0x64c244cb8ee00c73L,0x592642553034b765L,
-        0xf98e04c8d6d25e62L,0xfe83950036bfb0f0L,0x000000000000004cL },
-      { 0xcc19547c4f773a47L,0x1b974525f727e658L,0x36290dd2b17ab2bbL,
-        0xb1e03bc6dd339b6dL,0x3d2fd734d4b510dfL,0x56e14c3136363925L,
-        0xa61a6fd8574c83b9L,0x7340921e4c17fa62L,0x00000000000001afL } },
-    /* 27 << 238 */
-    { { 0xe6eeba2ac872b54cL,0x3734508057576f82L,0xc82723574939b69eL,
-        0x4c9f83c24460d5baL,0x635d558bfd73c262L,0xf58b7a7750cb2d56L,
-        0x14bdaf8abd4c14f1L,0x31d03f3b5acf2c6eL,0x0000000000000099L },
-      { 0x595629f11a4aae0cL,0x2f72899cf87bedc0L,0xbe2d7dcff6797377L,
-        0x49fb22c2ff654225L,0xfa99f364161f0820L,0x6f069ff13b8a9200L,
-        0xf07433d474600803L,0x4035ba9921b24016L,0x000000000000003eL } },
-    /* 28 << 238 */
-    { { 0x64f0ae6630ae5727L,0xeb7fee1cccfe2f46L,0xcb52d65cc17226f5L,
-        0x11bfdd3c4bde2ff6L,0x14593dba22f56523L,0x7549c2a8e5a07b06L,
-        0x27e857b0a259420cL,0x5f2702cfd795bf2bL,0x00000000000000ceL },
-      { 0x50247b7799ef6f42L,0xc5d4d501a9496281L,0xc2898fd0848ee90aL,
-        0x5916df473b105ea7L,0xc963d568a3fc2a93L,0x4f5dbd88a71e69ffL,
-        0xb1dfb820ed98520aL,0xf91d6e9e5bbb0779L,0x000000000000010eL } },
-    /* 29 << 238 */
-    { { 0x96ad602860bf7a00L,0xc3426e16c47cdc65L,0xe57e994a1e2760b1L,
-        0xeb93b5f7b3fb4b03L,0x31bb9ec24a492c4dL,0x65d3cf03584d5be8L,
-        0x601b91ccc97a4958L,0xc969b84d7336cea0L,0x00000000000000e7L },
-      { 0x0979646c913be9f6L,0x6320c63456598b42L,0xfb1cb31e59f91ddfL,
-        0xa2f17bfc0c88b8d8L,0x894985b268d26956L,0x3e960fcbabfa8376L,
-        0x913526f20caa7b2dL,0xaa97458ead4a33e5L,0x0000000000000087L } },
-    /* 30 << 238 */
-    { { 0xa3931ead385812f2L,0xa5d9d3ab9ff9b9a1L,0x8b98aee83299344fL,
-        0xb9e1f38bbfc5c57cL,0x66c8223742e07798L,0xf2bb539d6f4bc8baL,
-        0x022615e0eb11077fL,0x41059629845c0f9aL,0x00000000000000d5L },
-      { 0x05e13d3b4953c8ceL,0x4892bd1e05ecb056L,0x15c3d629e54ce7b4L,
-        0x818460931bc0c8cbL,0x70ae6768e5b06fc6L,0x549cae2800e46659L,
-        0x674019953a739df8L,0x3323b1b868fcc1e8L,0x00000000000001c8L } },
-    /* 31 << 238 */
-    { { 0x1b81beaa3dce6ebbL,0x3232328e2986bcc8L,0x08562a2e7a7ec1b1L,
-        0xeed1e9d9c46c24b9L,0x15a05107ef0106c2L,0x54dbe4e566610461L,
-        0x4c5fb5c51ec80c7eL,0xa7507d581e15f329L,0x000000000000011dL },
-      { 0xc3de850e31675fecL,0x2164d583de66dee1L,0x2346eecfef36f11cL,
-        0xd3037b676d397030L,0xc88b32b46c94a3e5L,0xb9494d80fcb7031cL,
-        0x45060066a79a0c8bL,0x2c283d47fd946bacL,0x00000000000001ffL } },
-    /* 32 << 238 */
-    { { 0x6bce4008db3002ceL,0xe109980c03fe67efL,0x35f077201cd61540L,
-        0xb0adfba4723c0ef2L,0x811b100860ca9a5bL,0xedd17f04c0d112c6L,
-        0x8cc7cc5f49688782L,0x716f36bbd5f89c31L,0x0000000000000031L },
-      { 0x700cb92a1d19d891L,0xb99918262daa7a23L,0x834cd1fdd9ad0c74L,
-        0xd74ee37682c919daL,0x6569353497696deeL,0xe2615c6e12e9ab53L,
-        0x4be93a40090bbdf3L,0xb811069663437098L,0x0000000000000162L } },
-    /* 33 << 238 */
-    { { 0x3776e68de439b6e6L,0xc11c5cf2a93fec79L,0x18322c456e8cb760L,
-        0x6d23d5923074466cL,0x922635baff1e0ba8L,0xa37b56544de73b12L,
-        0x0767e97a82224c9fL,0xae0f9650044cded8L,0x0000000000000050L },
-      { 0xa0a9a5b35971b232L,0xa1aef7a02da1a761L,0xdf1cfc2c85b63dfeL,
-        0xf91bbb7d5d293c49L,0xcba0ba2a9a832665L,0xe5a1b4c739fd3a27L,
-        0xe647ded0140ed954L,0x6ea2c367f0e619ccL,0x00000000000000dfL } },
-    /* 34 << 238 */
-    { { 0xcdf28f7cb59ac237L,0x2d2fb106ea4e11ccL,0x0c4d36c2120a150bL,
-        0x21adb80a382f0b0eL,0x3559de088dde2c46L,0xf419d3758b9d7854L,
-        0x925741d95bea2eceL,0xe94a66a4372032e0L,0x0000000000000170L },
-      { 0xb34b3fbba5e4a112L,0xf14faedf1303ea36L,0xfd2f1daa22e48527L,
-        0xee04e38138ae2616L,0x4f70a2f74b4262fbL,0x6cdf8c988f9eaf7fL,
-        0x89287d7a67171cc5L,0xbc4f369fa911d65aL,0x00000000000000b4L } },
-    /* 35 << 238 */
-    { { 0xe0b1e01ea1fc8413L,0xd1272c9abbb3e2e1L,0xb79eff0eb97e058eL,
-        0x3e22d38d68027d9cL,0xb8a10d739d6e9ed5L,0x2987ceb003d3a5b1L,
-        0xc039b0fe1d7eb0f8L,0xa40991bc58942c9fL,0x000000000000004bL },
-      { 0x0b8602254bd1a64aL,0xa2a6a556eeeaa4f6L,0x2006573bd5fb4f71L,
-        0x7e2ec04cfcf5eb9fL,0xdded1c6ad3080364L,0xf0eac914ed587661L,
-        0xbbad7d89912701dbL,0x1926f99ed89b48faL,0x00000000000000c1L } },
-    /* 36 << 238 */
-    { { 0x2640b0474717da49L,0x6b303097f0a90682L,0xe3fbb37ba4756b74L,
-        0x084581b1e3f7ea6aL,0x942b168d67a536e8L,0x4cecb7ef8e8e4dbdL,
-        0x48f4b7c0b17164d3L,0x8a464b3a93bfca74L,0x00000000000001ffL },
-      { 0x21f4906f7268ec93L,0xd61c24432acbde61L,0xde475d32d6fa2261L,
-        0xbaae1526a02f45c5L,0x16b2c6b30212c1fdL,0xd6afdfe9fddea6a2L,
-        0x1f8fb94d5daf789dL,0x2f89389b576846a0L,0x00000000000000ffL } },
-    /* 37 << 238 */
-    { { 0x9382f1039bf6e708L,0x17d1164758ef0269L,0xace45ade38ec27d2L,
-        0xcfc559ceb0a356d1L,0xa771069d6edef1e0L,0xc0dc328f753868d8L,
-        0x19a2e784b9621a36L,0x2a959514f8607fa1L,0x000000000000007bL },
-      { 0x2edb1cad55f7e034L,0xb17fb1b8a475236eL,0x06c1cd91ec88e88fL,
-        0x01b3ac7c9b4b4972L,0xb826191aad44bee8L,0x80260416b37c96a9L,
-        0x3ca2a771b7132816L,0xc38c82ad652906e9L,0x00000000000001edL } },
-    /* 38 << 238 */
-    { { 0xec3a61c2762601e9L,0x4b70960158620f6dL,0xa4d1de2b8cb3717dL,
-        0x926fc94297198836L,0xa3b5a26b93c6aeffL,0xc6f933c6ee4999ffL,
-        0xf2fc0ac93b15ac85L,0x645c919b43ced35dL,0x00000000000001d9L },
-      { 0x543749ecccb952e0L,0xa05917794fd35411L,0xaf499a4fecd3e486L,
-        0x3a78d1f489b19c12L,0xe110f2333129acbcL,0x13e4941b73ea2d43L,
-        0xed5c7b9f61892b8cL,0x9cbe3ebf9fd89b47L,0x0000000000000092L } },
-    /* 39 << 238 */
-    { { 0x5abb2e1f0648f550L,0x6f964c0a58d46cc3L,0x568ceb9058852020L,
-        0xe01f9481e794a871L,0xe5687af6d5c440dcL,0xd88b9baa6ed0bf7dL,
-        0x8730befb073a24f1L,0x950d38f59614bd97L,0x00000000000000d5L },
-      { 0x49e471eba5517b5bL,0x1fdc6a0f9ba2bb7eL,0x9e3baa4d4a47f403L,
-        0x96ba18b57bbc5ccbL,0x570a28b31bbd2780L,0xbf948e37002edc95L,
-        0x6a92422b11a4eca3L,0x00a21cb769b7b1c1L,0x00000000000001e8L } },
-    /* 40 << 238 */
-    { { 0xff9f5e5ed7c958a0L,0x99585b2f434a426dL,0x07b475a96db1ed0eL,
-        0x1ea7f5d7a973929cL,0xb4006a0b7bbc180bL,0xa86f75d4925bfaa9L,
-        0xf986de1075c8a7e3L,0x43e74f08f25ae706L,0x0000000000000088L },
-      { 0x4ffd5c105068acf5L,0x6ffd7eb6063d53ccL,0xe899d17938343cb5L,
-        0x9451a0150a3df7beL,0x8a581525a24b1528L,0xe5dfdb1b67a03545L,
-        0x715d2b87caaa5064L,0xae4594ce0ea125baL,0x00000000000000c5L } },
-    /* 41 << 238 */
-    { { 0x3d8b52ea7a44f134L,0x9831076a6478318dL,0xc343c2e93314ea42L,
-        0xce35d8739724b677L,0x4f9c688b8f14677dL,0xc7c080a58d1bc77fL,
-        0x512359ab2b8053a1L,0x5bcae66250c3b651L,0x00000000000000aaL },
-      { 0xc82f3a8769afbb4aL,0xb073c1da2d601213L,0x68d6cf6518ce0d09L,
-        0x620f23a591c7fb05L,0x938c96dc6d56e8edL,0x966e1f705007a705L,
-        0x3e4a940a2db66d9bL,0xac446031d466e3ccL,0x0000000000000026L } },
-    /* 42 << 238 */
-    { { 0x87aa2f8da0cc66f1L,0xcf4b9975e899fbf0L,0x45cc21ef33edf673L,
-        0x7005319b091438f1L,0xc1e62e05fd50eaacL,0xe49ef8a210d2041dL,
-        0xf49778b07531821dL,0x8390c7378c684a3dL,0x000000000000012bL },
-      { 0x435518173d6cf7afL,0xc011d17b97f2560fL,0xd222f97d5c29d8b3L,
-        0x5a9ffa8ccce3a4e6L,0x9271c90c8587b8ccL,0x73277e5099870509L,
-        0xe004a07eeca76a93L,0xff9a8582086c9530L,0x0000000000000115L } },
-    /* 43 << 238 */
-    { { 0xb04a4b529d47f4d6L,0xa1c4d096aee9c324L,0x98e9d57517076ad9L,
-        0xea9ab91c22dea26cL,0x58e4d80a64a5ea57L,0x2ec9a6e0dcb2a76fL,
-        0xd05f78756a1249a1L,0x0cb424f2ba719843L,0x00000000000001c8L },
-      { 0x20832c3e5f3b404eL,0x033963e7451b36cbL,0x74046f923cc7d7f7L,
-        0xdfe2ad55c47171c1L,0xe7fd701821fb7d83L,0x7bb4722bf8319c2fL,
-        0x1b7cb3224986e88cL,0x7ab64a64a9ab0760L,0x00000000000000bcL } },
-    /* 44 << 238 */
-    { { 0xaa0898403516e4d9L,0xdfbb159afba094abL,0xdcb895e26bb49ebfL,
-        0x7a7b572756cf3c64L,0x52861b3c38c7bc1dL,0x7c34176c27352c7bL,
-        0x5b3cc2177d33ae38L,0x4a2083698c494a63L,0x000000000000002eL },
-      { 0xd32926625f514fadL,0x5dee99706020b420L,0x8aff8c84fdae8486L,
-        0xfdc0ee6551e60c42L,0x564287bd236681daL,0x6da3e12ecaa82af6L,
-        0x6d17c67ce1efbe58L,0xa0334020ccc6c519L,0x000000000000006aL } },
-    /* 45 << 238 */
-    { { 0xea94c88e4fe1d344L,0x0a08e3ce5bb17e77L,0xfa1bfe20b9b51a79L,
-        0x8d455cf8fb324d32L,0xe58f0de564d6dc3fL,0x01e80692f396b39aL,
-        0x86a1250628441338L,0xa81733dd8e134355L,0x00000000000001e3L },
-      { 0xb5952292228e3d82L,0x3582cb17e1eb802bL,0x84129ab6accfd9feL,
-        0xd3cbf4eca3db67b7L,0x5dfcb4576325750dL,0x638916ed9030a81fL,
-        0xa26d196d5d39a3b3L,0x26d30fec1b8864fdL,0x0000000000000124L } },
-    /* 46 << 238 */
-    { { 0x6c72d4108c03da42L,0x3b05e597d8d0e71eL,0x947e55e37b5f1e9dL,
-        0x3c899ff708629865L,0xffbb711ddaaa3d57L,0xb888cf7bedecbe75L,
-        0xd7b6bd46961d1f1eL,0xda9a7125dc451900L,0x0000000000000121L },
-      { 0x683d251ae65785ccL,0xd00439685a2422c2L,0x6d4668e5d36c1417L,
-        0xe8df49820c580ec5L,0x80f79552b28680aeL,0x4e777d7eab114520L,
-        0x67995b1ae5b2f6b7L,0xddedce535855291cL,0x0000000000000064L } },
-    /* 47 << 238 */
-    { { 0x219101904aeb5bb1L,0x3e9a204ae5de24ffL,0xe8ec4721ae3b23c7L,
-        0x1e87147a6dc89b75L,0x13ca53950d19680dL,0xf1352672920c68b0L,
-        0xc6cc77db4ad11314L,0x78d984df75daeeeaL,0x0000000000000186L },
-      { 0x6cad576e442cc089L,0x74bd0f59409ad43fL,0xfb0ec10fcd1f82dfL,
-        0x6b46a052bf822010L,0x90658aa13d6c9741L,0xa56000a1d91bb102L,
-        0x7c8e2b47f0edb777L,0xc0607199447fdf10L,0x00000000000000faL } },
-    /* 48 << 238 */
-    { { 0x0609a97b58033238L,0x5b9678b1d40689e9L,0x4ecd26c3986c40f7L,
-        0x7a6083dc2002e8ffL,0x73fd1d708b769797L,0x0fa7df7924e06e55L,
-        0xfa7254f8d49b9efdL,0x742ad69df862350fL,0x00000000000000b1L },
-      { 0x78e2366a314a07f3L,0xd0ecaebdaa487012L,0xfb13a82507fd4b1bL,
-        0x6ee4483aec0c854aL,0x0e7d617e72fd006eL,0x0cdfec5b291b4018L,
-        0x2b9fa205f66cca32L,0x261f67f6149d20deL,0x0000000000000075L } },
-    /* 49 << 238 */
-    { { 0x664c27d0a20d557aL,0x896b2675f0744080L,0x8beaf01afc5af408L,
-        0x40ffc5cd38622d77L,0xc43885d4a2528371L,0x81e1f6745b02e290L,
-        0x4916d18799d1631bL,0xb223123e8dd86517L,0x000000000000009dL },
-      { 0x40d9d05f2fb7c4aaL,0xe40e4753a50abfbfL,0xf850526214078e53L,
-        0x5e24344182804fa8L,0x7915bb4726da0a8fL,0xb2c6b557779d3504L,
-        0x04e9ded5050e4e95L,0x9e99a2bb5f476a78L,0x000000000000006bL } },
-    /* 50 << 238 */
-    { { 0x6c34a56a6ea0b1cdL,0xc71325505a787710L,0x7b88ee97e9a5ea07L,
-        0xe74726638239f9a0L,0x4d37a6dde17258d3L,0x15bae9319708c6bbL,
-        0xc174958fbbc04aa0L,0x7625733b86528ebdL,0x00000000000001efL },
-      { 0xafb5465248095b06L,0xc1c05fafd067b459L,0xa6ad20025bc1a76aL,
-        0xaa096c10cd725a94L,0xd37e975f282785d6L,0x2ab89b9ff67d3a9fL,
-        0x5d6f3ed7b7b6e4c2L,0x04ff41ca29502853L,0x000000000000005dL } },
-    /* 51 << 238 */
-    { { 0xc888d1d441ece6c0L,0x26df9e1bbfeb1062L,0x0b4ddd821bb94aa4L,
-        0x71efd8d119ffddd7L,0x9b3998224e47d498L,0x59872b31aa653dcaL,
-        0x759a84fb2712e2c9L,0x398af98399e74778L,0x000000000000007aL },
-      { 0x35ebaf9392c7b6c2L,0x8bacd47278141bd8L,0xd60364f09c53d1e9L,
-        0x790e9dcba27a7a57L,0xb5e554f8991e40b3L,0xc7f3ce27da7a13f5L,
-        0xfb65dc3926398b00L,0x2c6cb9b8229dca96L,0x0000000000000036L } },
-    /* 52 << 238 */
-    { { 0x46d6266d92756c0eL,0x3164f6a8305e1611L,0x65dfea3d613b00c0L,
-        0x75ea9ab9571828a5L,0x5184dc138be872a9L,0x8c59c14192347d22L,
-        0x96b331914baa4678L,0x0d34cc5a2ae17a1bL,0x000000000000000dL },
-      { 0xc05c3c516fcb342dL,0xb36a7efb677d6ea3L,0x016811b2a8067b2bL,
-        0xffff97f94822fa85L,0xfc646b5145883bb0L,0x56c40d49c28d61dbL,
-        0x91be8847eadd1593L,0xecf0a8f5128d8ad9L,0x000000000000002bL } },
-    /* 53 << 238 */
-    { { 0xe276b588d7262b3fL,0xa64b1324064fc6ddL,0xf82cb69a9cd02e25L,
-        0xf399f6f385ba9d89L,0x3903c34dc52f03e2L,0x91d41630888c7aa6L,
-        0x0402b6f8cc39ea02L,0xfda829d4f8c6dce9L,0x000000000000015eL },
-      { 0xba3c550fb2f9160cL,0xc4ef6745e2ad5099L,0x528d3a72cba7c269L,
-        0x38e13dec67106a10L,0xff878c2e05687e58L,0xa6f53fec246e5459L,
-        0x4f30e0c2f126c843L,0x4d3dedcbbdfc0320L,0x0000000000000131L } },
-    /* 54 << 238 */
-    { { 0x897294e8dbf874eeL,0x84ec352267d9abddL,0xacb0e94b830bb2fdL,
-        0xe4e81bd945db3a07L,0xfb029eaa52e22815L,0x920edf272170ad75L,
-        0x4ebb3c5001e13530L,0x01db6df29b62da53L,0x0000000000000096L },
-      { 0x555a5a6823815d09L,0xc3c7463a59449b21L,0xebfe5fcc964b5b8bL,
-        0x1683e495c2076735L,0x361c14526e18bdb3L,0x14496fa3aa0ef3fdL,
-        0xdd45b105a48eee14L,0x91cc21d205ac61dbL,0x00000000000001d6L } },
-    /* 55 << 238 */
-    { { 0xb539df1f919748f9L,0x942df28d9ab585efL,0x22d555d147e56084L,
-        0xdee5bf1a34baa8ddL,0xe9eef1adca2d8eb5L,0x78505f54b404690aL,
-        0xe4d77116b87f8bd2L,0xae4949dbdcee6b7cL,0x0000000000000177L },
-      { 0xb6861e9ac81fd641L,0x113403993596b4c9L,0x588dcca1444a7b1cL,
-        0x573e6b83df0cc0d5L,0x429e5ae8d6610ceeL,0x060d9bb429bd62d5L,
-        0x1337eefec513318aL,0x5c3cda2664cc2019L,0x0000000000000081L } },
-    /* 56 << 238 */
-    { { 0x436121db4291d3c6L,0xdb32e56791d00413L,0x17e048dfd571849fL,
-        0xcadf80d09d174b7aL,0x504fcd8cf3a16f6dL,0x0bca040b55a79e74L,
-        0xae5e562a9dd8e72cL,0xa2ad35266d83c58fL,0x000000000000001cL },
-      { 0x68cc0e2f8be48c08L,0xa4cf89f3a957cc18L,0x7ee580a6720e8f3aL,
-        0xd45347c5ce9222edL,0x2043ba4b964685a9L,0x8a59c2fd1ad8acb9L,
-        0xb2ab5a3fa3a1fb58L,0x6f0d28c3e7a7befeL,0x0000000000000060L } },
-    /* 57 << 238 */
-    { { 0x02c32597e24f4558L,0x6b8cd177f3b8d3e7L,0x51fac672365fb517L,
-        0x5553c4053855aaf3L,0xfa6c278a2250753aL,0x5c1b7cbccd07fcbbL,
-        0x84300435520e2f45L,0x4913a52b00bf3f6aL,0x00000000000001a0L },
-      { 0x438a1803fb3388e2L,0xa15ebc4ec2b44780L,0xa830255c9087838aL,
-        0xb7e6abf7884847d1L,0xf31fc86eaba507f4L,0x72009f406675e50fL,
-        0xadacd3a574ec178aL,0xd6d36127afba1b1cL,0x00000000000001d1L } },
-    /* 58 << 238 */
-    { { 0x768d163a3a14efdaL,0xa080b14468d84579L,0xd477061fdb39ae5fL,
-        0xbfea91ebc229bda7L,0xe28c79fa07f1e026L,0x0a0fb62d143ffd3eL,
-        0x41b2fbc3a2ac222bL,0x184753613ba365f9L,0x00000000000000f6L },
-      { 0x70329a2a27d288b5L,0x02abc5a928617e54L,0x14f646bfa0ba713dL,
-        0xf5b3652fb5d28656L,0xe0841164ce97deccL,0x0aa84aa74b63dcf6L,
-        0x59613768715e4e05L,0x23d572c0c884e71cL,0x00000000000000adL } },
-    /* 59 << 238 */
-    { { 0xbff79e46c5aae205L,0x4c77219362eb2de7L,0xa6d723f0b383be53L,
-        0xc2f26458e641839bL,0xfcf6980d5442a5ecL,0xc755fd48bfc3bddbL,
-        0x7a1a100b9504bc93L,0x8864ef9fedf3f45aL,0x00000000000001dcL },
-      { 0x58dd0f0e5a20814fL,0x52770e9bee9ed846L,0x64c23fef02e82a1aL,
-        0x4fbca3bc96d16619L,0x547101a099489c36L,0x92869dbbaffda8d9L,
-        0x28fe8e2924c28bf1L,0xa859941e8b9885bbL,0x00000000000001e7L } },
-    /* 60 << 238 */
-    { { 0x33ccf08de10db8f5L,0xe481ea75d2b4cba5L,0x8db73d5bee9cdb6fL,
-        0x5d11d992b5c523baL,0xe9d79978d11b927bL,0x61be8fc17a355c88L,
-        0x5c31c7a65a062e74L,0x2aff5a1117a4a844L,0x0000000000000061L },
-      { 0x9f5386773c9f31b4L,0x7f7681c7766dfcb0L,0x1d759dd9cb41b746L,
-        0x1842ce5a3df8b332L,0xd6650a1d46cf5438L,0x3afad154d8e57a31L,
-        0x72df5ed3c779ec95L,0xa9f04f62733f1f9aL,0x0000000000000072L } },
-    /* 61 << 238 */
-    { { 0xa4c9bad76cd25119L,0x0893c15c677a2ff2L,0xd4c74a285fa5309cL,
-        0x811ace597343a331L,0xb4a1a3738b5d30f1L,0x2d2b14a4650fba78L,
-        0xf38fc6d263c2365fL,0xc7ab7a5135ada1beL,0x0000000000000021L },
-      { 0x24c8de56b90ba651L,0x47e5107fc3a16ea7L,0x48d7396e8d859e56L,
-        0xd9eef922d1c2b3d0L,0xf7d7c0fa24267a36L,0xc1b416e77f92ade4L,
-        0x88ae119ef0634ab6L,0xe2c4fb17dc882f42L,0x00000000000000f7L } },
-    /* 62 << 238 */
-    { { 0x5678bea8848f8152L,0x09edf78a2db8f5f7L,0x577354a80e7a5101L,
-        0xde84b145d55f3d58L,0x6ce8a6e52f8a88c3L,0xab0c3fd1f9ac5318L,
-        0x163316926681788dL,0x4e1eba4bb9aac85eL,0x00000000000000afL },
-      { 0xaf37fba2668c4bf9L,0x5916958ee908dc73L,0x3b15e5e0d1351d09L,
-        0xcd0e3ea56388db27L,0x37a3364b5ddebef5L,0xf881e32c12e18700L,
-        0xd52db48980d36881L,0x67630057f5db73f9L,0x0000000000000094L } },
-    /* 63 << 238 */
-    { { 0x1574e5fe8e01c90eL,0x9a04e874681401adL,0x29186da48992dd9dL,
-        0x2625bf89f6a91151L,0x7292c99664fb81e6L,0xdb4e7747f161c777L,
-        0x21977978208c9469L,0xa25997d421d3699eL,0x00000000000000ecL },
-      { 0x3546a978ddd52ddbL,0x9242e4d42d7cf82fL,0x1080e50bb80f359aL,
-        0x70bb06fc98035b62L,0xf1ea6ee2098bbe60L,0x0e5cc73d8ba58df8L,
-        0x383ef670e8608307L,0xfdeaac2ef5e05b50L,0x0000000000000064L } },
-    /* 64 << 238 */
-    { { 0xdd9166282d3d7641L,0x99029e9b39c02ceeL,0xce03fac9b6de7881L,
-        0xc2cd0f784f66ebbcL,0xe391948364c83e37L,0xfc853cb8fd7bb155L,
-        0xa5a99b24432314ccL,0xef0b7ed0133b2709L,0x00000000000001d0L },
-      { 0xe4c4d8a054de3ecbL,0xe2f88ac25f8cb5ceL,0x17a4e60d68eb11a2L,
-        0x6d0e05fb3b79619aL,0xa54874b7d5da75efL,0x18c2b1b3c77f6ac1L,
-        0x5a2a6fdd829736c3L,0x9ce62f22cd44843bL,0x0000000000000059L } },
-    /* 0 << 245 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 245 */
-    { { 0xc3e525d2afd7c4f7L,0xc11fd457ae2b9475L,0x6cf55e765d48ead5L,
-        0xf9546fe48f93eb95L,0x3e3712a75e124ba8L,0xcb71caafcf7a3e81L,
-        0x512060172f3d629dL,0xe226fe2dbab1761cL,0x0000000000000079L },
-      { 0xbb618c7bf963a03aL,0x2fd9211cd55e0ab2L,0x25be6c8a20dfe924L,
-        0x40f5ff09135b7156L,0x7770ba4af706b788L,0x5a2146e0dc114357L,
-        0x48f25eda54b6fae3L,0x5adc7aa519ead5c4L,0x00000000000001e3L } },
-    /* 2 << 245 */
-    { { 0x21e292cb67355505L,0x7cdf9c24e192a20dL,0x07228775f6753eecL,
-        0xcd83121b93217c7fL,0xf6e99141ad41ce70L,0x2214296a41a8ec10L,
-        0xcdf7237b0200ddb1L,0xe2d943f5c7ca562dL,0x0000000000000056L },
-      { 0x9f743d7c9627a12eL,0x33ff2e7e31099d8aL,0x3c9e84d12a07248aL,
-        0x9cbc405a6136b3f7L,0xb131c000970be1e5L,0xea9c160b84162e6bL,
-        0x1c54fe695ba3f7a9L,0xd5a98fdcd51b962fL,0x000000000000015dL } },
-    /* 3 << 245 */
-    { { 0xd01bfb1f891d513fL,0xacf22e961375d0d4L,0x6f5c76f9d43c24f1L,
-        0xa220f50707a66e1eL,0xa0b91c2af227b93eL,0xefe049868fc8f377L,
-        0x58482184fbf6c7cfL,0xb224b543cab58946L,0x0000000000000094L },
-      { 0xe07e7d7914855341L,0x68881fb60a675863L,0x4083d236b9736e0fL,
-        0xec6ce43102dac8a4L,0xb0477cf188891340L,0x67c0cc0512cd1f4fL,
-        0xf3101c296f7b5340L,0x60f49d6d1e980837L,0x0000000000000116L } },
-    /* 4 << 245 */
-    { { 0x3cd54b988ffa8932L,0x73a8c09947855c60L,0x5272d16b3ecc6b44L,
-        0x7cf96927b4e83ce5L,0x08af41c8a3908edeL,0x98de920a73495d2bL,
-        0x6ddc94e1be247419L,0x0936e34f5e3e7c96L,0x00000000000000acL },
-      { 0xf3b1a1aa9d269d4bL,0xb20aff071103e749L,0x9a43c7a4632098aeL,
-        0x221c12cbf450a9eeL,0xf04a8e7c7f773a12L,0x427a8cccb2ad0ee7L,
-        0x93f7ee9dc0b2a786L,0x6592bb0089bbc18dL,0x00000000000000fdL } },
-    /* 5 << 245 */
-    { { 0x8f1c77f7a9e8cde3L,0xeb057a9562fd5799L,0x8428a885dbee1bc1L,
-        0xaf8c03c38acd2865L,0xd5c2c0039061a6feL,0x4daad9cad2016bd3L,
-        0xf698f86cd10ce994L,0x5da25e28b620fd65L,0x000000000000007cL },
-      { 0xe3162c8fff2198a7L,0x60b05d1f9084af55L,0x64ecff3c74ccc32dL,
-        0xadde221a29f6e28aL,0xd6d98db85f2a1653L,0xb661bb0b597a14a9L,
-        0xbaa4d0b80bf62ea4L,0x60b8da55e7feeacfL,0x0000000000000118L } },
-    /* 6 << 245 */
-    { { 0xf760f828ebf01d55L,0xd9e13bb2143c38d6L,0xdd69a7832620bb25L,
-        0x6d16106459a570bfL,0xda4ed76759a7c1a7L,0x5b07d2a0a22ce561L,
-        0x2d1614b0616ba6a2L,0xc2c99b092013b7b5L,0x00000000000000f6L },
-      { 0x532f835b6606eb53L,0x11e4eb8cd0fca568L,0x3d12bcb83abd1c3bL,
-        0x293651b7eeebaabbL,0xe49cf58535da243eL,0xf0377e4414e175c4L,
-        0x12a1f99f39a28cfcL,0x5b3c4c81c02ecdf6L,0x00000000000000bbL } },
-    /* 7 << 245 */
-    { { 0x6670d91e241fce4cL,0xeff7977950cec570L,0xcbdafc5ecfa2eafaL,
-        0xa40c09e53265b4a2L,0xc4fb20c0fb68c280L,0xdd0b12e9bb2e6910L,
-        0x31437bff0f2bc13aL,0xa92209d7493eae11L,0x0000000000000124L },
-      { 0x0dfa947c893d23e1L,0xed7f8f9c103e6b81L,0x2dd62ed73002e4c1L,
-        0x6ddda0871f9973e2L,0xb79ed2773b014d60L,0x12fbda2fe51b686aL,
-        0xac9c34b6911b0e3bL,0x6fa28f425f117d64L,0x0000000000000106L } },
-    /* 8 << 245 */
-    { { 0x1ebc5309b6bf5ec4L,0x29ca5ba73a92ba16L,0xbdb1bce470839c14L,
-        0x963fd369de1f966cL,0x208fdc754faba5b7L,0x2f1ea65a678fc163L,
-        0x792fa255a773bbc5L,0x752a08fab22a653bL,0x000000000000008fL },
-      { 0x096aff662e58f405L,0xee92b17dd6658910L,0x65792cb3d33b5b5aL,
-        0xfa503f215678f269L,0x4e2757c8efdffc67L,0xbe46a6f1665347f5L,
-        0xd049a1586d9773e7L,0x9555b002b0a28ac5L,0x0000000000000145L } },
-    /* 9 << 245 */
-    { { 0xa7c17d0350b289b1L,0xe3a9a8a3443f567bL,0x9c99bd6ac3e63db0L,
-        0xcf6a4c889362bf69L,0xbba95ac8927e459cL,0xb80f52a8dd937105L,
-        0xc518fc9b74c7d215L,0x8fed53990bae5104L,0x00000000000001ccL },
-      { 0x2389f46b189ab2bdL,0xf139d7af7d235907L,0x9aca655892901705L,
-        0xbdcdd09046ee4c1bL,0x0a0a655db42f41a5L,0x284d525ace537427L,
-        0x18dd8dea58dd7840L,0x379387c05ca95c31L,0x0000000000000040L } },
-    /* 10 << 245 */
-    { { 0x239fc64e9727b936L,0x1de0020395de5e1aL,0x219a07de1a43157dL,
-        0x2f427b59cdcec250L,0x557502cb4c36c8b8L,0x537492cd37e0f19fL,
-        0xe3d2dfb34d57d9a8L,0x48ef0bf3324ed81eL,0x00000000000000dcL },
-      { 0x9315dbc85a1538b2L,0x0591ee6e61aa41f9L,0x0c0c5fc2151dbb76L,
-        0x651f06aff4c47091L,0x89a2c2611a1f91b5L,0x6fe23d1b6d668c27L,
-        0xf8dc9ee1aec2fdebL,0xe253b8d8cc0d69afL,0x00000000000000bdL } },
-    /* 11 << 245 */
-    { { 0x9eccc0619669ebc7L,0x7bf661a6126d010aL,0xe72acef27390cab5L,
-        0xe4a7f348dffd3e7aL,0x3e37551fb1e12c74L,0x53e9e142887a122aL,
-        0xb0209d65daf5f134L,0xcff03a74033bfc15L,0x000000000000011dL },
-      { 0x3a133010d1f95cedL,0xdec6cfb744c85df0L,0x31308eafa9e486feL,
-        0x454ed725f49d5ed4L,0x4a3e969ce6dd4580L,0x6feab60dd7bb11baL,
-        0x9cd05773f075d873L,0x010563d04c9c43e6L,0x00000000000001f2L } },
-    /* 12 << 245 */
-    { { 0xfba8a8a05b07b574L,0x936590094fae646eL,0xdf8077f4446c60c1L,
-        0xb7680afc92fd0bc0L,0x1306288acacfb628L,0x674a6a5a74ed5a73L,
-        0x75a261a6d68d0dd6L,0xa583ee269868f3d7L,0x00000000000000ceL },
-      { 0x62c16e2068186114L,0x2403de3e993c15efL,0x1a539413fcfda8e5L,
-        0x97f7f8afd65a7fc5L,0x72fcd1fd33fff67cL,0x83b84ac442b4cdceL,
-        0x8b56062c4f14b831L,0xe29d467a09559420L,0x000000000000015dL } },
-    /* 13 << 245 */
-    { { 0xcfd36b8773920568L,0x199605c3bd6b45d1L,0x3d17e798231be8deL,
-        0x93901889a9b26b26L,0x922f8d5d101ebf1aL,0xdcb7b7b5e9748c52L,
-        0x87e18bc1250b67efL,0x1e23453034bdfc23L,0x000000000000016eL },
-      { 0x604df42a18efccdeL,0xfa49291cf9a7eb84L,0x1685a7f7495c62acL,
-        0x58a272e26b469c70L,0x7fea89e721cc23beL,0xa979783e76435dfaL,
-        0xe993c6cff9404884L,0xb653fe56934876d1L,0x0000000000000079L } },
-    /* 14 << 245 */
-    { { 0xe586141f43c118d1L,0x0d76256cbe65c263L,0x8f0413fd8fb5ce5aL,
-        0x451d3b65c1f76b2bL,0xf9a2ed094e7dd6faL,0x538af492d1e10a14L,
-        0xb8e78de206963767L,0x59887d285b003a25L,0x00000000000001b5L },
-      { 0xc9b05b2112b423aeL,0x6df1631e64549910L,0x1eea65ded96c323bL,
-        0x6d740f2bfd188fb9L,0x73b45366ed093cd7L,0x987a12abdcd33ed0L,
-        0x5807600262ef953cL,0x58db0e16370b300dL,0x000000000000012dL } },
-    /* 15 << 245 */
-    { { 0x9fbc14aadc38ead1L,0xb9f7df7f1a362565L,0x0745197f6a333aefL,
-        0x73dccd67666cc110L,0x8f3f2dff9fd92535L,0x7e7180ccf014a6eaL,
-        0x59028fc434220f3cL,0x92c45cc3fcf7431aL,0x00000000000000e3L },
-      { 0x8b17b3e2eb8c17e2L,0x2b02cf29251a6593L,0x415193432efcf7e8L,
-        0x359e00a1d098ec6eL,0x25f8934e771d7b65L,0xb51d511b14852dbeL,
-        0x36c3fe357bd243eeL,0x36a7b1f3424f4d55L,0x000000000000012eL } },
-    /* 16 << 245 */
-    { { 0xb09a3e8b160e37a4L,0x8ed9ac0627db36b6L,0xecf1838a99cbfcbeL,
-        0xb12c94da28b4ee00L,0xd0841818c5f1fdc4L,0xc43e50b2bee0adf4L,
-        0x19f3f05b122324c6L,0x796bac65988338bbL,0x00000000000001e3L },
-      { 0xf211af1ab50f7626L,0xdecf7989ca2f6779L,0xcbba6b74e1ecbba1L,
-        0x73f60e835e5fb261L,0x3eebd6890629dd5dL,0x8906a06e05fba7eeL,
-        0x7a23d83a58152375L,0x0f4b9b2de9f1d23dL,0x0000000000000009L } },
-    /* 17 << 245 */
-    { { 0x6ce126e4d85698daL,0xf003860ccf075ef6L,0x94424096d5716919L,
-        0xb0087ff76be87caaL,0xbc01f71788808904L,0xcdcb3e3812c3e361L,
-        0x66f47afef1ea9907L,0x2ff5843cd4fd5d8cL,0x000000000000005dL },
-      { 0x75de692e3ba79e08L,0xc49213b6aa146821L,0x61e443642707efa7L,
-        0x2fd64e12f5923cdeL,0xe51ec2ec37fea533L,0x03d72d4d2b36407eL,
-        0x6b84a2abe430e4e0L,0x1a1435c7bb4cafc2L,0x0000000000000028L } },
-    /* 18 << 245 */
-    { { 0x109514806348bb81L,0x58ae664bb1393e25L,0x206c4681f3ace22dL,
-        0x5984dabba050e142L,0xe1505d6e42ded28eL,0xfe2d93213e9a8afbL,
-        0x93770eed1a368d4eL,0xd3341598faa53c5eL,0x0000000000000136L },
-      { 0xf6818bc6a2785e49L,0x4cead604627405ccL,0xfcf4a9e7f9aa0a7cL,
-        0x8edff908798642c5L,0x34760c98e4554131L,0xb0849ed68b48863bL,
-        0xe5ed18d214caa88fL,0x556aff0a0cf7a0e4L,0x000000000000002eL } },
-    /* 19 << 245 */
-    { { 0x8cfd5c7326c01d7eL,0xce0dd0049cc28137L,0x7bdb6939b057fe81L,
-        0xf5655f1d1a601839L,0x700651ddc4d38ed8L,0x4715da6ad0c0338cL,
-        0x7c55a32fbe60326dL,0x30b13a3e98b89aa3L,0x0000000000000038L },
-      { 0x557d7dd83a5be149L,0x102ac658be542331L,0x66ff48f819017e3cL,
-        0x27a63afe85e0ba4aL,0x432a65afa1825871L,0xd6468f214e9d0950L,
-        0x096b0aeda4e2a365L,0xdb22f9adc561a95cL,0x0000000000000046L } },
-    /* 20 << 245 */
-    { { 0xa85ed91b7adf4067L,0x5b954f9965cacc6bL,0xb7da20a12f4aa0c3L,
-        0x23a0819e1862e363L,0x6c89e6eef4277b93L,0x49352790f3cbf94eL,
-        0x05e6e05515eeb890L,0x36ead153d2477c80L,0x0000000000000152L },
-      { 0x8ff423f9e980c969L,0xc70c24c96aeda7ddL,0xd2de4028b39df2f6L,
-        0x39a559b5f10f8f9bL,0x63fd365c5f8db29cL,0xed98f7141e8cd83bL,
-        0x1a8436d2a9f2a6f0L,0x089cf3ce58244f99L,0x00000000000000eeL } },
-    /* 21 << 245 */
-    { { 0xa9fd702dd495b62dL,0x766d1e6148af0c7cL,0x47f352707278e7c5L,
-        0x2aa27ecc84042027L,0x52159d31712a50d9L,0x180d507f699ec99eL,
-        0xe39fe323c1243d21L,0x7401559b0f3447e1L,0x0000000000000004L },
-      { 0xe920ac3e65cb715bL,0xd8cb492cf07c740fL,0x833b8edbf1d5efc0L,
-        0x43948f5714286a01L,0x935934879d912791L,0xb5a2432fb3767c2cL,
-        0xe21bc65688710c3dL,0x1a221b9a8df3f76aL,0x0000000000000077L } },
-    /* 22 << 245 */
-    { { 0x387b2584b1906296L,0x8584a570a0a5329bL,0xb0661a62c81806c4L,
-        0x5ad2e7599a819368L,0xd0ba7b8c1935cf34L,0x9333ac71b650c085L,
-        0x8c44bf98270788e5L,0xa1cab6f9e489817cL,0x00000000000001a9L },
-      { 0x44b0c84dda4fcce7L,0xe0dc701408d74a53L,0x29f3c3aaf88d0826L,
-        0xc605de2dd59e82c3L,0x5a98c98fc992079dL,0x356000aaded5509cL,
-        0x4574e63a9a00a60fL,0x02d48eb1e09e5c5dL,0x000000000000000eL } },
-    /* 23 << 245 */
-    { { 0x97d1f1180b0ff62fL,0xfa0770e729e1d0f6L,0xca7267da66d367dbL,
-        0x5b45034eddb1fdd8L,0xb3c238531ac7f4bdL,0xa4b9b677a12063dbL,
-        0xfc210b01c13ec6ecL,0x08dbbba6a89a2e69L,0x000000000000003fL },
-      { 0xe4ea8bbb6db96407L,0xfbbdda3e4fc2c9b8L,0xd18a140e6d2779d3L,
-        0x61cd8ce8845b983cL,0x6761497b8625b6adL,0xd2cb01c2f6ed8b35L,
-        0xddb4236ebbd0de0bL,0x5b9f0f78c73e54a0L,0x0000000000000097L } },
-    /* 24 << 245 */
-    { { 0x353ae6fd77b9aba6L,0xbaab19af013f3158L,0x14d0564c7b9b7aaaL,
-        0xe591b96a2d9ff473L,0x327e3fb873f46109L,0x61c0191e6be11242L,
-        0x9696f1bd6345cf6dL,0x3dd87573684c060bL,0x0000000000000058L },
-      { 0xdab49ba0285a6ddeL,0x7d66e2c3075ea1c1L,0x721973502d8ce1f9L,
-        0x5e64c366ae730c53L,0x17154d6dd30475e5L,0x14153f7a3341d88bL,
-        0x711dfab66235304eL,0x0e010897bd4533fcL,0x0000000000000177L } },
-    /* 25 << 245 */
-    { { 0x90afab7861c062deL,0x085ac4c2aae92dfaL,0xcdd94ace38f3885aL,
-        0x6c65b82d47a3478dL,0x66eee2c9f6eaaf3aL,0xe8a38973dc89840fL,
-        0xd2521b00921f59d0L,0xbda51f4f1181d481L,0x00000000000000e5L },
-      { 0xe3827db66a211907L,0xf410b7cc6515551dL,0x09bbd3d40a46f1f2L,
-        0xdaad1c9c2e0d139eL,0x54b99d040d9c10adL,0x9f1f110e278404afL,
-        0x29de72bad41fbe0aL,0x6f428ceb3c27e332L,0x000000000000002cL } },
-    /* 26 << 245 */
-    { { 0x76f0baf9f438a35fL,0xfa3966c30e5c85e7L,0x665a4870128d42bcL,
-        0x8d58fb6289898e12L,0x9626f184d06176ebL,0xe88973ea03d85e8dL,
-        0xbb142568436dda00L,0x712753b8eda9d061L,0x00000000000000baL },
-      { 0x8b191872ecfb2bb2L,0xe7642ce7114331a6L,0xd94e89fb7b3f2f87L,
-        0xdb4f769e3ed434edL,0x8c523d17a03c029eL,0x3d8653b866bb80baL,
-        0xed8721cc07b5bee5L,0xd64141c9844de9a9L,0x0000000000000140L } },
-    /* 27 << 245 */
-    { { 0x1181f23436682974L,0x63798602dccc4ea9L,0x80305e1d99b2ec36L,
-        0x274a84d12b53add6L,0xf45a7bce6bc50022L,0x7d855ff90f7d22c4L,
-        0x5ff789e9d60e96d8L,0xc84f80d186a8a1fbL,0x0000000000000087L },
-      { 0x49754d1d801c8558L,0xd27f7b211e49e2c3L,0xd93d0ac5d01e947bL,
-        0xf581f071a6785e70L,0xe2049e7954584369L,0x300d73a40f8c465dL,
-        0xaa7f684546083b76L,0x9f6345f0a50d63b6L,0x00000000000000c0L } },
-    /* 28 << 245 */
-    { { 0x6d8d90ccac308a80L,0x862fae36c3f7e859L,0x9bf414eea742e940L,
-        0x4ddc964c49029fb4L,0x39750fc64a18bf6eL,0xf8942dee1635f7d1L,
-        0x93e9fc2d8da2b6c8L,0xd42be164a18d4d86L,0x00000000000001b9L },
-      { 0xc831040e0d6c2213L,0x15f8e86f52d9e6dcL,0xcb79a0d697616828L,
-        0x7953d51dae14208cL,0x6a92f51122ec1792L,0x560d3bf6a8891fdbL,
-        0x418b3565a7acd242L,0x523a75944f8e5129L,0x00000000000001f8L } },
-    /* 29 << 245 */
-    { { 0x503e9a04849613c3L,0xdfe7b77ff0d7e56cL,0x6f2697fcdb76d90eL,
-        0x65933ee209bd9c92L,0xd5685ecd28343738L,0x710f4176749952faL,
-        0x42e023189f5d102fL,0x36d10f77f94440f5L,0x0000000000000159L },
-      { 0x0d4263d509266d0aL,0xdd8b8663db5bdbd7L,0xefca1b51b558c145L,
-        0xf5ee60e3e70a0974L,0x37dd6d658dc33d8cL,0xfd4a3bdf6814d0a2L,
-        0x153b585c1553384aL,0x7d4f0dea08b2ec0eL,0x00000000000000b8L } },
-    /* 30 << 245 */
-    { { 0x4b3eb15613fdc5c9L,0x449dcca9a182c015L,0xc78094722f93b771L,
-        0xda7036300e7455d0L,0x513554a53b5a9e06L,0xec7fcdbf4fa313a3L,
-        0x047528ffe3fb4d67L,0x38bdf53faef7306eL,0x0000000000000118L },
-      { 0x24680a5476ccdcebL,0x96e42aa84664792aL,0x02494069a27801bdL,
-        0xcb8439da7bf928a0L,0xe60d6eda322f44ffL,0xb0642335e482b462L,
-        0x6336c8709f3803ffL,0x92e9919ed725c323L,0x000000000000013bL } },
-    /* 31 << 245 */
-    { { 0x5e729774cb774815L,0x17da6efe704192afL,0xdb3c15ed0faeee6aL,
-        0xd9b8570bec65984eL,0x56c96381470571eaL,0x6962e90b4e573376L,
-        0xa7e5c4ff990ffae0L,0x4c90d86ef841ae38L,0x000000000000013cL },
-      { 0x27cca1fe0c9cf81eL,0x4e5348da7fef5618L,0xa59515bce0a75316L,
-        0xd66ee09d1c82ccd1L,0x79be306784c1bea5L,0x13fa7967e65dc45cL,
-        0xf47f47eda8987a90L,0xf329d0e19d0d80bdL,0x000000000000014fL } },
-    /* 32 << 245 */
-    { { 0x75b620639659f9e9L,0xa5568027c4b6dc18L,0x1c5dbfff1f499e7bL,
-        0x35b20ffdffa60eebL,0x4368ac975e2237e6L,0x502c0e789ed425d7L,
-        0xf8877b29f5aeaa27L,0x137e015dcd2e9bcfL,0x00000000000000fcL },
-      { 0x69be3c6d3fffeb71L,0x5739d6c9e33b4ca6L,0x94672002643a1eb8L,
-        0xd1359e0570fd238bL,0x3b7ef87493916a8aL,0x4ef08127efdaf809L,
-        0xde4174e74143ab1aL,0x3bb964e042e7aee4L,0x0000000000000151L } },
-    /* 33 << 245 */
-    { { 0x3693de23e707614bL,0xf7ec069499298960L,0x556f28cf89f11c00L,
-        0x7931968eb75a3c61L,0xd6c72278485683d2L,0x734c3512d4369fa8L,
-        0x08671bfcf17d7c5bL,0x1f06b63a5d69bd69L,0x000000000000011cL },
-      { 0x64d8055d7c23e2a8L,0x96251f5e1d95c234L,0x5fce87cea0f43bc1L,
-        0x67071f622f15f523L,0x40eb36b8d3fea005L,0x1d9ee274012556e9L,
-        0x10730e770887e50bL,0xa1a356784004f24dL,0x00000000000001c2L } },
-    /* 34 << 245 */
-    { { 0x8bd447567568da86L,0xcae3a56a8d725c85L,0x2211f108801c5fc6L,
-        0xe5de07da4c3c8b44L,0xff2167cbd0fbe37fL,0x7ef2307074994e56L,
-        0x150e804810cf15abL,0x052337af2c095024L,0x0000000000000106L },
-      { 0x7c6057f0e87d4ca6L,0x77900e45486f4fb9L,0x566981d17ba84399L,
-        0x8f863f24198b27dcL,0xa84e0841e7a49f6dL,0xd17dd7370f1060b9L,
-        0xe4f4d9b344f7961aL,0xa1b242e5da29c5a3L,0x0000000000000027L } },
-    /* 35 << 245 */
-    { { 0x47c2e6ed3a5f7687L,0x2dafe7db3cce6bb8L,0x419ffe4b771db38fL,
-        0x8410ddfd2d624c59L,0x0779b3125b900ecfL,0x1b01dc1c0ab57b8eL,
-        0xd245703de2fc4c74L,0x37c542c2f9f31707L,0x00000000000001f4L },
-      { 0x941e03652f8379e7L,0xf76dc50d288ef711L,0xba0af92876ab8d8eL,
-        0xa3e8cdbdc0c73e45L,0x522c45b349565c3cL,0x00f5e95a79c8c078L,
-        0x7554d72bef1b71feL,0xa36855168a5118f3L,0x00000000000001d2L } },
-    /* 36 << 245 */
-    { { 0x8bf63edd8e519803L,0x7d6d968474760503L,0x99afb2fff64f6308L,
-        0xc2df0c31c23b3a72L,0xaf8529c6950f14adL,0x9af0832dee96370cL,
-        0x46194ea77aef8e49L,0xe92679536da47b01L,0x0000000000000031L },
-      { 0x55bde6f749681136L,0x41ab4f3da512f655L,0x6dbf743677c5141eL,
-        0xa2c75d2e5507fa84L,0xc8117d02f9b98137L,0xfe2760c706888e33L,
-        0xc13bb97d53002110L,0x385619defd63f2e3L,0x0000000000000067L } },
-    /* 37 << 245 */
-    { { 0xfa1aa2447f27814eL,0xab02051c5105d84cL,0xccef8bcfe9b00b16L,
-        0x3783041e1158a067L,0x5b79215725e29b71L,0x401c2417fb1b4107L,
-        0x39c42434410a421fL,0xf10e887b5c4f6b31L,0x00000000000000e8L },
-      { 0xacea55d402076600L,0x9054fe9a59b7f920L,0xbcb07980e8a4b5e1L,
-        0xe33c2ab1dbb2df1aL,0x1651e2d0390680daL,0x68446f35401d8675L,
-        0x9f2b69d026985f00L,0x4446113258d0f8faL,0x00000000000000fcL } },
-    /* 38 << 245 */
-    { { 0x29d634179986b9d7L,0x39e022af0df6e934L,0xaf6cc96ebe1e9fb6L,
-        0x0891c88dc858c743L,0x7925f4300375dff4L,0x02fa4b94b52848d5L,
-        0x6db74714e2416cc1L,0x7af11e364b95f2caL,0x00000000000000f2L },
-      { 0xe003401840add981L,0xccccc6929796397dL,0x387856d06074f7dfL,
-        0xe812adcb61907678L,0xef4f33383c753d8cL,0x052c6e49e90021b7L,
-        0x384bcf9006bfb694L,0x5c0dec98d371fde8L,0x0000000000000012L } },
-    /* 39 << 245 */
-    { { 0x8029b1cd33b35443L,0x26829ac6820cd2abL,0xde4f535f48a6b896L,
-        0x1b9e10d51639919fL,0x20ebdfe88bdab109L,0x6ed42c3b39b129b6L,
-        0x73dc485879c78aa5L,0xc98fc0ea9a71f600L,0x0000000000000184L },
-      { 0xacb1ccb55aea360dL,0x7d835bfbddc1cfefL,0x32bfa37ed7c954a0L,
-        0xbf2da393f2998fb3L,0xa1d82913b19bfdf4L,0xe16c3b4a32ac5588L,
-        0xb9ac5ec37b25f23eL,0xe15ddc917547c489L,0x0000000000000011L } },
-    /* 40 << 245 */
-    { { 0xaa4a212a2177c1c1L,0xf08f1f5d4c8a2a83L,0xeeb0a8940fe14c27L,
-        0x564a1c8f3f0c1f0bL,0x6b73048c9297b55eL,0x3ddce9077a810e5bL,
-        0xd8f99efc3de8797fL,0xd9b3fa2e37379157L,0x00000000000001b0L },
-      { 0x65a7dc22fe9275e2L,0xbe8b93fb6960a690L,0xc783df8863f437eaL,
-        0x4fbcf1465a22f1efL,0xa1b86ab3cfdcf231L,0x0b1309cf50cb90c7L,
-        0xa77f0bdefc3cce3cL,0x86deff3cc30ac697L,0x0000000000000170L } },
-    /* 41 << 245 */
-    { { 0xbfed1d85a5415e7eL,0xf2cdc9c92a5ee8f8L,0x3a474a3965d153a3L,
-        0x1ba4eaf88d3a6303L,0x1710d1c4a46a689bL,0xe2f2cbbc3a54597aL,
-        0x3b223c6c76dc2731L,0xaff989c894979d28L,0x0000000000000158L },
-      { 0xa41d3a99df88fbd2L,0x75c1ec4cfb23896bL,0x915a2173fcfce02aL,
-        0xddc565efe861b7b0L,0xb1d0fa3f1ec84240L,0x93bee4d79ffc81bbL,
-        0x236a25221687f61cL,0x7d49c63e462bda79L,0x00000000000001afL } },
-    /* 42 << 245 */
-    { { 0x692567a5f802386cL,0xa13a56f6a6dfdde3L,0xa50394cb37c39a0dL,
-        0x3d16f5aa7040d3eeL,0x3aadd2f5e6edf55bL,0x187fbe5ca51277bbL,
-        0x55e700a285daa140L,0x280d135ca930617bL,0x00000000000001bdL },
-      { 0xf8d3e2267e0c0d8bL,0xdbb1cca204aa1cf1L,0xbb77b8f06552a12fL,
-        0x8e70802ad8ad6b41L,0xa021a4d7010ddbf9L,0x76ea576d780704b9L,
-        0x9e3a04148cfb7119L,0x8a6f4f2384e51f1eL,0x0000000000000177L } },
-    /* 43 << 245 */
-    { { 0x12aa2288f305b6b9L,0x8f748eae3e09e0afL,0x8a8746cf8e3f1a4aL,
-        0x51cbe927d1e329d8L,0x1e39a4366f29094aL,0x54d285eabc8f1209L,
-        0xe590966b4e8e7975L,0x5dec63afe66ae4aeL,0x0000000000000116L },
-      { 0x3b0e71ae7e09821fL,0xab231a0941d1372cL,0x852865276a4390eaL,
-        0x4d60e9bbb914c18dL,0xf0ad8d4e2ad21e36L,0x8bb1cc09fa2444eaL,
-        0xbdbfb2b40d8c7208L,0xcb2f1f7a32f413d5L,0x00000000000001efL } },
-    /* 44 << 245 */
-    { { 0x4515599dfdc05854L,0xda8ff3a6782c42a8L,0xdd8e941349490283L,
-        0xd85e445578dce0e8L,0xa77329fb7ac7177cL,0xb067a59806fd1d4eL,
-        0x6f1ddf79c8cd2f44L,0x1dee178202e39ce4L,0x000000000000007bL },
-      { 0x1a0dbd3e38a3a617L,0xa3c67e5f162bbdfbL,0x316f1b4a3173b0f1L,
-        0x1e49c5c3e5224d7eL,0x3f88443f64108b19L,0xae6531a1f6f95472L,
-        0x7c046d1e7c89c919L,0xcbc20e84ca70cbb4L,0x00000000000001e6L } },
-    /* 45 << 245 */
-    { { 0x45ae06b2bdcc3342L,0xd509e8020d55ebf4L,0xd1fe846db7bfe591L,
-        0x7e45117b66ea6d0cL,0x07f7ba94b5cb8e33L,0x2365cffa4c1fe4bfL,
-        0x59614a7a9e7ed518L,0xdba553f88f9fed0eL,0x00000000000000aaL },
-      { 0x99ca2d5a345708b0L,0x835ad98cebd1a22eL,0x66f253ba9c713fbcL,
-        0xf1015a40ae272ea1L,0xe582f157d00914a6L,0x9906ea50402ca5c4L,
-        0x299870d22428dccaL,0x7cfd6b258095af1aL,0x00000000000000fcL } },
-    /* 46 << 245 */
-    { { 0xe3be5d0d627f185fL,0x2c3d75b32b3389b9L,0xd0313bacee1e001fL,
-        0xe82de4821eb0a534L,0x8321862f2d78d8aeL,0xa2872545e1ffbacaL,
-        0xf8d9d239c1719916L,0x15cfd49783909f63L,0x00000000000001daL },
-      { 0x1e3e01f01063999eL,0xc5d2f9e1bd7538e6L,0xb25f6bcfbe3c8745L,
-        0x20c30f7613cc6a66L,0x77edef8bfee4b1ddL,0xb7b09fa8731e7a9eL,
-        0x3c514cc2bc686eedL,0x699ed1d2ae1d335cL,0x0000000000000025L } },
-    /* 47 << 245 */
-    { { 0x8850e09b2de78492L,0xa4f91fba9d81e3c5L,0xa47dca1e2b1eb8b4L,
-        0x2983ad5bc084e7f2L,0xde8c13ab5f4efc52L,0xff2fcf43652354fcL,
-        0x81e86497f601c563L,0xc3d6d3864dffcb43L,0x00000000000001a3L },
-      { 0xbab2f6d53a79466eL,0xa087360abab23b64L,0x5b37df4aac31247dL,
-        0x2b145d97d5de2624L,0x4851c9515cb00cc3L,0x22c4304ef34ad1bdL,
-        0xbdb1ce92cfbb9914L,0x07ccef0abe21104eL,0x0000000000000170L } },
-    /* 48 << 245 */
-    { { 0x9584a837980c0f9bL,0x4c2c21b4f234ff0fL,0x584a18241068eee2L,
-        0xb3c08003c5b71c77L,0x98a59e372505132cL,0xfeeb536724513321L,
-        0x83f623522c9afa82L,0x5a470aad23d28bbeL,0x0000000000000160L },
-      { 0x2aa901fdce4e21a9L,0xc0fb45706c14573aL,0xe0711b5e21c1a7afL,
-        0xee3bfbfa2a47a293L,0x12830261ff0de285L,0xd334f3ee68d87d16L,
-        0x3fb8d74765c6b8bcL,0x1c40f1aba12a5638L,0x0000000000000070L } },
-    /* 49 << 245 */
-    { { 0xd8de01e7d09513b0L,0x0e224cf695a57479L,0x66098ecb776d5c68L,
-        0x31dc808681d73198L,0xf34ab49771885d5aL,0x245b101068c07bccL,
-        0x1b0415956f754ffeL,0x28d98ac39eed986cL,0x00000000000001edL },
-      { 0xa5b7b90083abb8f7L,0xbbccf881305576feL,0x7ecadad7abfff444L,
-        0xac85c6b037ee04eaL,0x7fd13117a17cd3d6L,0x21d25a19ddd5bc0aL,
-        0x28de095c009073caL,0x3961d13dcb0c209fL,0x00000000000000beL } },
-    /* 50 << 245 */
-    { { 0x10bb54d9391ec713L,0xf25eb2bfe18ff505L,0xa45400ba6cc76e34L,
-        0xb1e654a2e55f9f1dL,0x6a929b7df4ab5d8aL,0x7cbf9f1318655654L,
-        0x1221d22fac713cefL,0xcdac9c9be1fc247aL,0x00000000000000b8L },
-      { 0xb83d4bf76480f3c8L,0x0cf881acf07b9b03L,0xb1fb5d2137534ebdL,
-        0x15bab0952c0e8fe1L,0x7f18cd140fecd0e1L,0xbbbfff81257469e3L,
-        0x7067debb1615060aL,0xd2be688fb55abf01L,0x0000000000000016L } },
-    /* 51 << 245 */
-    { { 0x608780b7e2bc7bb1L,0x561f8901ef5a0e12L,0xf0542f44549f8bd6L,
-        0x963cf806da34a9a6L,0x478e5efcfe94c12dL,0x35bba59014a9626cL,
-        0xa601a1bbc34e6af0L,0x269dffd4d19c944bL,0x00000000000001f8L },
-      { 0x6f2956333e41b8f0L,0xee0766054b4a2e7cL,0x15bdc7de38d4d8e1L,
-        0xaca4398008c99e00L,0x34c67680c545ca80L,0xeae77ef56ce03f0cL,
-        0x27fa04e27e5bff0cL,0x87b2f2a846a0e91bL,0x000000000000007fL } },
-    /* 52 << 245 */
-    { { 0xf60ae3ffcb6d2a3fL,0x482de542c33f5aa1L,0x22d7de4039386ccfL,
-        0x798f81e53a7d4c56L,0xd4d64bde3c8827d9L,0x1faf02c38b3b5cbaL,
-        0xaa438f22b1afda7fL,0xfbfbebdfc3170b92L,0x0000000000000122L },
-      { 0x429680862811743aL,0x82b9e326d780ee2bL,0x9105ddae1fe0dcb6L,
-        0xee40a9d2d989fbf7L,0xb3bbbe7a4dc53350L,0xb68fe7420a6e7da0L,
-        0x3e0083720512a045L,0xb766291ddaec0849L,0x0000000000000088L } },
-    /* 53 << 245 */
-    { { 0x01a091d8d3c4976dL,0xe976df9f909844adL,0x5a02c8a4247d52fcL,
-        0xb1aa080f7be65bb4L,0x7706859fef4a179aL,0x527a3e36b3d4fcd2L,
-        0x3984a1c97a4a6782L,0xefe16fbd714ae36bL,0x00000000000001fbL },
-      { 0xa8211b1c25cbb098L,0x4859a0eb3bd99868L,0x6c9649c20efd41d2L,
-        0x1bb4ba1856a41c6dL,0x0c8121ddb6bddebeL,0x34837d357d24a62cL,
-        0x5c3d55bcff33e24fL,0x45030bfd16840912L,0x00000000000000abL } },
-    /* 54 << 245 */
-    { { 0x5e50374c3a2da57dL,0x5f78556b1119606dL,0xd16ae65786badbf3L,
-        0xbcdc9d3ef7ddc184L,0x4272a8b0992238fbL,0x60ed6dffce0899b9L,
-        0x0c3d43145f78be82L,0x250527665a51c6b0L,0x0000000000000069L },
-      { 0x0fa9b9ce4a2967c9L,0xde64435bda5253ffL,0x466eacc0338fe90dL,
-        0x8ebe67813d7ec117L,0xd32402bfc1104e59L,0x5dba885e90be00a3L,
-        0xadfd197ad73138beL,0x8137f0c52ef27a3eL,0x00000000000001c3L } },
-    /* 55 << 245 */
-    { { 0x7f02f467394ad9efL,0x285df1a69f23b02aL,0x16e5676ecde7acc7L,
-        0xe3e9c6238fac90dcL,0x76aef25902c87d17L,0x92e6a16157eb512dL,
-        0x37eca5054023938aL,0x6b1963cf77e7fdd6L,0x0000000000000158L },
-      { 0x27a4063d61891784L,0x858d6af50fd9cb7dL,0x8af301b292403037L,
-        0xf4b2e253c2b52eceL,0x226bffe2eb92c43fL,0x50fbc9f200c974e8L,
-        0x7d07d1186b7dbb3fL,0x8fba39c8af045ee6L,0x0000000000000194L } },
-    /* 56 << 245 */
-    { { 0x1a4d19d6b580e3a2L,0xcee647c220834fccL,0x94066a7c2e9454e0L,
-        0x220b4993b1b480e6L,0x0a89c3e330e72308L,0xf22f323e6294e865L,
-        0x27dad374645c364dL,0x16b70ed4b47a7a2cL,0x00000000000000cdL },
-      { 0x208a7f56cc79e99aL,0xb844ed7d1991087eL,0x6f19c1c07ee9fc8bL,
-        0x12a4140bb9208633L,0x8f976b252c1a5947L,0x083544dda1bfc7c3L,
-        0xd432604b206df951L,0x0f3c03b57eca93b3L,0x0000000000000115L } },
-    /* 57 << 245 */
-    { { 0x99d40986753d916dL,0x76e71d0dc6f9ad8aL,0x7c1b28a9131d329eL,
-        0xd572e26068eda873L,0x6573c96b3dc992fcL,0x7f37ed7ff8056b40L,
-        0x8763b71e7e52cfb2L,0xb95a7916e3cc1875L,0x00000000000000d3L },
-      { 0x063f06bfa0d93ec8L,0x8e86a0ae68082206L,0x00d504f407041b08L,
-        0x4dd113bf92c96a08L,0x52e9b7eac04ae2b9L,0x84e384d5fdcb7b5fL,
-        0x493ca1391d0c6202L,0xcca8ca15fe81207dL,0x00000000000001a4L } },
-    /* 58 << 245 */
-    { { 0xd5d4d7cff6f13b77L,0xa235e197561ed919L,0xfb2fe413292a81c4L,
-        0xc0813a2712fd60fcL,0x5810faf1d63cb00eL,0x9f5f197d3fd6725eL,
-        0xf14546b1874b8146L,0xdfba72ae7fee7377L,0x0000000000000194L },
-      { 0xeae4ae28cbc9ce37L,0xec3f756dcd373c41L,0xa06e06a8f77cea19L,
-        0x94d4d6712105ff62L,0x72cc585c06f6fd6fL,0x663727a62e929fcfL,
-        0x8b961949dbf5886dL,0xda00c0f69718340aL,0x0000000000000021L } },
-    /* 59 << 245 */
-    { { 0x1f690177297f5c08L,0x829e1e491a44476bL,0x546ce72c95b8a526L,
-        0x775796e3c8b75808L,0xc88ded0ba53f8e9cL,0x6c9d25f77d4c14caL,
-        0x19c94323081d88efL,0x558a9201bd375822L,0x0000000000000011L },
-      { 0x3f9d75a8b8d1b7eaL,0x7922b2448df0af6eL,0xad5e8cc1abc15eedL,
-        0xe3b3754bf3b890e1L,0x379f1383a7648fddL,0x9eaff495874c0014L,
-        0x67e39f779ab784b9L,0x620e2eb4778ccdbcL,0x0000000000000127L } },
-    /* 60 << 245 */
-    { { 0x8f73b2234438a469L,0x39a3151a312f3e82L,0xc1b4a65f4fd6149eL,
-        0x5cfd0145d0d76e86L,0x391146bb1a77eab4L,0x3e4961491c97071eL,
-        0x60e4eddaec115d98L,0x0e58bcd6dcd6b9e3L,0x00000000000001a1L },
-      { 0x64049099d8bd20efL,0x2204f491ea12243bL,0xa219aa014de1a0f6L,
-        0xf04edad6989ff1f5L,0x5187c5776afebbdeL,0x6b50208e8707b524L,
-        0xf92f5bc8911785b9L,0x939c770bffc55f6cL,0x000000000000014aL } },
-    /* 61 << 245 */
-    { { 0x23bee635f7258c06L,0x167cae1604f1f357L,0x44dd3c13265880aaL,
-        0x14d4fcf659e7b653L,0x1cce371ab23c6ca4L,0x1f0d3fd2be665d7aL,
-        0xf9a6b67edbd611d0L,0x3914288b373b5d3eL,0x00000000000000b8L },
-      { 0x35ece3f280efbc9eL,0xf5ca78c4e90d9d2bL,0x28a4ac1626f91851L,
-        0x6c410ee1547cb8abL,0xe034876ad121a20cL,0xef1f5ccc10ad2acbL,
-        0x46b897f276faa816L,0xcfc360975d09bc6eL,0x00000000000000d4L } },
-    /* 62 << 245 */
-    { { 0x4e9b70429fe870d6L,0x6b3a18c95b05c44dL,0x9402371050c1dd23L,
-        0xc73dd6f17ec19f72L,0x341988d5d13247c2L,0xa2507b4211b903adL,
-        0x317804a96ab937b4L,0x61a65fcea908e4c7L,0x00000000000000f0L },
-      { 0x39645ebd823fbc2dL,0xb735849ea4146076L,0x3155c49373ffc246L,
-        0x38a8186d9eaef0bdL,0x6dcaacacad300f96L,0x1aa11954454bd19bL,
-        0x4742ad6d770ef5f2L,0xb5e674ead3dddd4eL,0x00000000000001e4L } },
-    /* 63 << 245 */
-    { { 0x2e70fc86d8f34db1L,0x5465c430a63abec9L,0x7ec081a39b336fe3L,
-        0x5dce23079972d290L,0xd92f92e87c892943L,0xc47b48bcd6dacbb0L,
-        0xace480e295957dcbL,0x762e668932a0e43cL,0x0000000000000187L },
-      { 0x3475d0d61e89009dL,0x943cd5f0db2bd19bL,0x534c64936ed81e64L,
-        0xbe764b65e36cda5dL,0x5a315225d65e0449L,0x6e045dc36797dfb5L,
-        0x50e92a969bf6935aL,0x08bc07d4aa863084L,0x000000000000005cL } },
-    /* 64 << 245 */
-    { { 0xc3246fc8bddb33c7L,0x68dc29bb81972f1fL,0x7b5edc9bee7ed0fdL,
-        0xee83430ce158deafL,0x8a924b48df7c5708L,0xb421a505f2c65a04L,
-        0xb5da215e5c289f82L,0x752d5ff9b9d02b8aL,0x0000000000000165L },
-      { 0x55564b4a0d9d7788L,0x70c744916cab3607L,0xf53bc98690091526L,
-        0x1e88044d9abc41a6L,0x38e9d3dd2bb6d384L,0x4177105e84bc3dfeL,
-        0x2b95a432674df1b0L,0x38196726eb1de0dfL,0x0000000000000137L } },
-    /* 0 << 252 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 252 */
-    { { 0xa6d6b095dbbd171fL,0xf0d3b95744f06181L,0x46b9786578fab381L,
-        0x7da97845ae356e29L,0x4a0c3e00d01b3c09L,0xaed18677e106d5beL,
-        0xd7309c761affdb67L,0x9715875425f2b8c2L,0x0000000000000193L },
-      { 0x65d3657b24785079L,0xb1d2b5f75e064334L,0x0736bfda2b7b61e1L,
-        0xb39c4db1284e4fa6L,0x66cedf43bd934998L,0x8f9f6243324d2de1L,
-        0x92f2524e4c193171L,0x75705acd964a8383L,0x0000000000000031L } },
-    /* 2 << 252 */
-    { { 0xfce13e03d0739036L,0x0af573f2a4161596L,0xf3db4c750bdedd89L,
-        0xb594cca3e8eae413L,0xd9ad2edce2e66f2dL,0xe99c048166f7f599L,
-        0xd141ff976886e453L,0x087714a153e3221fL,0x00000000000000beL },
-      { 0x91eab39e5daebd46L,0x3f9ddea494fb01f2L,0xfaaa200b142ae67cL,
-        0x853da6b0ca631c4bL,0x4c9ca396fb3f4229L,0xb00a8de2e3690f95L,
-        0xe8000000c2c7704aL,0x65c0ab7393ad0dbcL,0x00000000000001e0L } },
-    /* 3 << 252 */
-    { { 0xedec6d350f810445L,0x2ee468445fe4215aL,0xdace7f0e969acde4L,
-        0x3708f4f4c754dff6L,0xa510303f6c0370abL,0x9d5cac3ab4adc2feL,
-        0xf33d4a2b395a765bL,0x437bfdca1856e0c8L,0x00000000000000c5L },
-      { 0x287dc7f70812a78cL,0x30cb0cd905dc3fcdL,0x80343b51008ec68bL,
-        0xbb3da3a5cc404f65L,0xd5276af593d9f303L,0x85a875d47daa5950L,
-        0x5baae52f078e6556L,0xddd9e3efe58a4e97L,0x00000000000001c5L } },
-    /* 4 << 252 */
-    { { 0xa3ff48a37252eba7L,0xfe771fd391359daeL,0x9dda3a45d05be01fL,
-        0x5cfa713de97a9a89L,0x5fd23bd887cb6c64L,0xbe45c0758d9ae4bbL,
-        0x90f9438478e27270L,0x3e1b0d18f0dbddd9L,0x0000000000000018L },
-      { 0x6e5283f7f2fb7facL,0x232e9cd13593d0e4L,0x97418d9cee81f08cL,
-        0x339540f51f2e8dc0L,0xeaacb20b619b5ee8L,0xefc8079a4ae00660L,
-        0xa968fb1c765802b5L,0x60088783f20650faL,0x0000000000000145L } },
-    /* 5 << 252 */
-    { { 0x322efe142a7cbe50L,0xaf425a7db2f85051L,0xcc7c9d91812b26a2L,
-        0xd89fd04968066e44L,0x79ba895fec83b2f1L,0x570c2db410e90a64L,
-        0xe00f1ae889c59658L,0xd94f065c78edd742L,0x0000000000000021L },
-      { 0x3fa27bd8c5b5b0bdL,0x432599d6a5121de7L,0x528925da2e8294cfL,
-        0x28c15142cf0f9464L,0x38498320a6fa7f3cL,0x92cde9b1ba93f4b8L,
-        0xefe2455e4bb98cacL,0xe0cc0ef1d1b0e59cL,0x00000000000000d6L } },
-    /* 6 << 252 */
-    { { 0xc538d35074a00efdL,0x4776ad9697bc3ac7L,0x22041b531867f889L,
-        0x2aa3594319cbf055L,0xf00a49d00c38f064L,0xcf40e6177bd0991fL,
-        0xa59df69b0155ffafL,0x1f2d50feace4aa07L,0x00000000000001e4L },
-      { 0xf1a777ee5cce1b0dL,0xfb8a0ab09c7ad9aaL,0xc0d3b78058a6aff6L,
-        0xa9f4b3a3370af1d6L,0x3a0731a53d39d147L,0xf7aa9df732c93fa5L,
-        0xd9a0599f9c938c2dL,0x2702735d01b0c0d0L,0x0000000000000152L } },
-    /* 7 << 252 */
-    { { 0x64f62dcba1d24f4bL,0x134da7c1f5776ef9L,0xb6699e3f534bf835L,
-        0xc9b93539ef275259L,0xa9d68c870f7cf548L,0x4ee54ff7fbd2d9a9L,
-        0xcaf81404465e7c2cL,0xa02fce30048cad5dL,0x00000000000000d4L },
-      { 0x9ce2e24c6e76c091L,0x8353d7c941ec4c75L,0xe7f5bfbb43a019d0L,
-        0x74cf2bbe508e92c9L,0x58f2e1b68dfcbacaL,0xbe79df8b98bdc65dL,
-        0xceabfa1cc699db7eL,0xe237815e0e3f9421L,0x0000000000000093L } },
-    /* 8 << 252 */
-    { { 0xcfe4f02e36e4a40dL,0x3af87a7df2b51e5eL,0x3b6baa2683fbf682L,
-        0x9a7a9339063e5979L,0x77214ebf41b680c9L,0x1fbdee591ae59f71L,
-        0x9a4dd12ee1530c0aL,0xe113839691fe54b0L,0x00000000000000baL },
-      { 0xf84d66ebfc229914L,0xfcc47954452da1c3L,0xe662b9c06f9743c5L,
-        0xd0db646d087d7194L,0x2abc096b6e1bbf6fL,0x24272840331f3a96L,
-        0x0da86ea2a6b9f40dL,0xedb363317dcb4554L,0x00000000000000d5L } },
-    /* 9 << 252 */
-    { { 0x35ca7b714da6061aL,0xa9bf19f0003e19c8L,0x1298c7034c3c37f1L,
-        0xef43fc92921f123dL,0x065e9cb5cf8acdbbL,0xaf1392df0a25165fL,
-        0x2174ceea344d3fc5L,0xebfe81c529d22225L,0x00000000000000d6L },
-      { 0x0fd8fdf2bff99ba3L,0x7789d27d28498d5cL,0xc5d731b872535985L,
-        0x4dac761544e0ec8dL,0x1997b34953628596L,0xda8f1b453df08420L,
-        0x2cf56fdce0df23fdL,0x3c9a7005f2c7864dL,0x000000000000019dL } },
-    /* 10 << 252 */
-    { { 0x5c1c16872c1e8de6L,0xd70ec472b1c70780L,0xeb11585ec5b43635L,
-        0x943929d2fe1004b8L,0xefec44e1735d06beL,0x22380d73c2f367dbL,
-        0xcf498e0d550f497bL,0xb9d7707958da0a67L,0x00000000000001cbL },
-      { 0x4a86da6a6139e58aL,0x59828182eba6ee4cL,0x117ea761d5b978b9L,
-        0x6e5c95fb421c7b72L,0xcb8ab1e8b9da6233L,0x8a99b06f696c2a02L,
-        0x128544479166802eL,0x66c2c35cf1aa2cccL,0x0000000000000120L } },
-    /* 11 << 252 */
-    { { 0xd558d1c2d75dd2d2L,0x835a529183c47104L,0xbe1680cbd6a8d82eL,
-        0xf1ed775571b65f2dL,0x375ac4137edd4aa0L,0xca2bf9c9863979e3L,
-        0x8b2d261eb6a3f48cL,0xe3fa313d74fd8349L,0x000000000000001cL },
-      { 0x0b8664383e70dd66L,0x6a5fb43b15cef5dcL,0x83a0fe8cf8871f0cL,
-        0xb879a0e6848f9812L,0xf93ce978f35ca817L,0x74643f68687d2a6dL,
-        0xb9e7ba00c6df8a5fL,0x151a645afdd5d515L,0x00000000000000c6L } },
-    /* 12 << 252 */
-    { { 0xaf39cf7917f8115eL,0x538d81c5b1e2e5c2L,0x6d3a29b22661d6e6L,
-        0xbf9ab97716f4f3d1L,0x1ff2e621c84d4f92L,0x985dff6bdb14f203L,
-        0x24559c328f4f0e0bL,0x960527201a1e7a96L,0x00000000000000feL },
-      { 0x398cc66a79786d47L,0x009bc173b2b9653fL,0x295b412ed23322beL,
-        0xaa78b521ffe060a9L,0x5ff5a5feb808d2b8L,0xe84af56c3182e463L,
-        0x94972ab444022236L,0xa17d7b55de52f2baL,0x000000000000014fL } },
-    /* 13 << 252 */
-    { { 0x8c90e71abe54c3a6L,0x449b10eaf71c5359L,0xeea87dfd829fa44eL,
-        0xd8353ef02ca80e90L,0xaa71620cd1229447L,0xb0445ef2d4344caeL,
-        0x2792ebb0451ce474L,0x3581deedc2907707L,0x0000000000000199L },
-      { 0x39ebef0294adefa4L,0xc44fb92c3ac01ca7L,0x4df141e2c456c3caL,
-        0x20aed69b471dbf3cL,0xb31db16ce85b7ce0L,0xc239e7166911a4fcL,
-        0x3d8c230321f7392eL,0x98f6f7e6e19b03ebL,0x0000000000000142L } },
-    /* 14 << 252 */
-    { { 0xf3d8f02c9371d8ccL,0x034277222083bc29L,0x1bc1a1a2e0a508d0L,
-        0x75402b4365386b1dL,0x7832c7a2a81ea689L,0x30fdf8d8d3c43e8dL,
-        0x11af93da8bdabe83L,0x1fc117f8df22b64fL,0x0000000000000015L },
-      { 0x266747ceaaca36f0L,0xa3b4bacfb8eb0f62L,0x60b72b71577519e7L,
-        0x689653954bdded3aL,0x0366164aab2ff463L,0x5615191444c3432bL,
-        0x2040ed772700d67bL,0xf6b08ac8cff9e250L,0x00000000000001c8L } },
-    /* 15 << 252 */
-    { { 0xb8e81a2dddb4eb9eL,0x89f9c08f3947b43aL,0x69d84b2bb0e758a3L,
-        0x862f559972bc3e5fL,0xe9c567914ac68eabL,0x8d66059f8912bd54L,
-        0xa386e77fee35a78cL,0xa434e2e64303b216L,0x0000000000000165L },
-      { 0x545f743413593d90L,0x745c910055bbcb3fL,0x45e63824bb344485L,
-        0xc26c34dd38c0f16bL,0x55c10ecddf952e71L,0x60c4a2e598fd979aL,
-        0x5ff003efa6ff9ef9L,0xdfb5fce95e578209L,0x0000000000000077L } },
-    /* 16 << 252 */
-    { { 0xa87650d1eaffd713L,0xec781c97a797ad44L,0x1e94accdb4bcac17L,
-        0x2284f96fb3981cc9L,0xb8b2ef57091634ebL,0x4accf5e8cad053d0L,
-        0x0eca4f9b5d1ef480L,0x1598ef27d6e76957L,0x0000000000000131L },
-      { 0x7cbc9061b72d8840L,0xe611924d86a5ba36L,0xe02e9ca8e066d292L,
-        0xdb092f52a68a0466L,0xf5d97f5d0c0b18f8L,0xb5e171465c99b95cL,
-        0x1bafbe749d3d6acfL,0x606103fef370bd5fL,0x000000000000013bL } },
-    /* 17 << 252 */
-    { { 0x3fe39e9cda6f368fL,0x4af61b0fabb8e7a1L,0xc4fc73f42b9c9912L,
-        0x20ef2e5ecc24e5dcL,0x481cdbd4f1023146L,0xcb417697117bf9ceL,
-        0xb8436bbb544036a2L,0xd828ba5c0a8f949aL,0x00000000000001fbL },
-      { 0x19515a04ac53c4beL,0x909688614a652fdcL,0xddbc6aacea6eab85L,
-        0x15a84e31dd8f09c6L,0x1482d4ed2a71c6baL,0x48887451b38da85cL,
-        0x885c36530c77e28cL,0xca5e7a1b99505152L,0x0000000000000004L } },
-    /* 18 << 252 */
-    { { 0x040a2260aa34bc2dL,0x121519766afe1aeaL,0x6cef13fc4b8bff60L,
-        0x648802d6ff7615d9L,0x840563e335e69c6bL,0x39b0d6a55fa0b253L,
-        0x88a3c3ba4bb58678L,0x126b85d347abaea3L,0x00000000000001afL },
-      { 0xcc56805c23a0415aL,0xc577101dc281dd52L,0xfd3ef16d7ca89e69L,
-        0x4a7283f560b671afL,0x852732a794a73553L,0x3cdb84d0f7951035L,
-        0x6d9330e01c556d8dL,0xec1e7cd492cf6b85L,0x00000000000000e1L } },
-    /* 19 << 252 */
-    { { 0xd51138a7d7841050L,0x5a5253a482ee0b99L,0x724f84f5c6740508L,
-        0x80a3e456c2d2de09L,0x19dfa21c187141e2L,0x4d41ef7b42877c25L,
-        0x9d6b3326d75209b4L,0x3a21cd023587efacL,0x0000000000000006L },
-      { 0xa492f40456ad32a6L,0xfcda204c21031b3dL,0x4cebc3ba8fa9f767L,
-        0xf96068d423837f90L,0x99013dab42ea9f03L,0x6e21bf1b0ddd2cb5L,
-        0x0c9a452bdf051b9cL,0x5c9d2ed27034ea63L,0x00000000000000efL } },
-    /* 20 << 252 */
-    { { 0xc3c8d26f643c4cbaL,0x3a5bb59455e63c4eL,0xe0a25b35545e3cb6L,
-        0xc6d52abeed177530L,0x2eb287968f4cd3c3L,0x01b5433943c6ceddL,
-        0x85930ae934575ceaL,0xcf13a14404294cffL,0x0000000000000172L },
-      { 0xe9cf3a7c89e62cecL,0x19f62eba02e58adcL,0x0b98464bd3762108L,
-        0xd148d77d942b9f9dL,0xefd8cf2b6ffd03d5L,0x2ce97d571fe049ebL,
-        0x684bd7957de2640eL,0xf509af614fadaf12L,0x000000000000000eL } },
-    /* 21 << 252 */
-    { { 0xdaeeefc8bd7db126L,0x9aa0f6ca3e712793L,0x3219db3fc2424c7bL,
-        0x176f35eb708e50ebL,0xecd6fe934b0b3588L,0x897e0be7e25dd575L,
-        0x37764d7c511df00dL,0xf2534cd41e410d17L,0x000000000000005fL },
-      { 0xe086716404e39c47L,0xfcaa5822faa76d22L,0x325e11738fa74426L,
-        0x744a07fe3c45bc8aL,0x554c7032d61136b6L,0x0530bfc9ba0e8c67L,
-        0xf25a3a8ed53c15a6L,0x2f2c8715310c9174L,0x0000000000000134L } },
-    /* 22 << 252 */
-    { { 0xc4edf2abef129aabL,0x669fce1c0d57c727L,0x1d02a96d42e87512L,
-        0xe150a353f32d3174L,0x6808c4ab4d52e358L,0x16c366cbb7c74f3fL,
-        0x143e3bb816eb7940L,0xc50b78ebcc3ed5a4L,0x00000000000001a8L },
-      { 0x9cb287a40ac87da7L,0x35ecfd38b9dede9aL,0xfc155649fad6c214L,
-        0xfb97929926af1c4eL,0xb4fd33291b4ba2a3L,0x5027b62cd8079f78L,
-        0xcef56123ef96d8aeL,0x5c7c3b2ab1952e0fL,0x0000000000000147L } },
-    /* 23 << 252 */
-    { { 0x5a3018dfed37f7b8L,0x7a3b0c2a057bed1eL,0xd616a40033284d2aL,
-        0x86517965e501d780L,0x2216349cdf6fe150L,0x8af9ad6f9114ac94L,
-        0xc1a53ab4a61c04b5L,0x8dcbb53b09eb46c2L,0x000000000000010fL },
-      { 0xe672328378dcf9b4L,0x3aeddb5334ae43fbL,0x616116d1e4997ea6L,
-        0xd0fa538e3f22345fL,0x25131525fa6fa9fbL,0x7c1a8081705d6d97L,
-        0xc89bbc7389f5d450L,0x542a0882dbd80319L,0x00000000000000ddL } },
-    /* 24 << 252 */
-    { { 0xd883edca1854dcb7L,0x158f2ad5e4b33262L,0xa89ba702743cfdc9L,
-        0x762616ff85efe2cbL,0x01c666119880709aL,0xec6df8890999a8f8L,
-        0x11cbe7f35006451cL,0xdb0dc5696a551e2dL,0x0000000000000078L },
-      { 0xc8ac5659a91c9a13L,0xd146235491cfcd3fL,0x8031f8ffb83429e2L,
-        0x12f36b88c7c807beL,0x9bbe73ada17696d9L,0x631f9dbe13e49ec5L,
-        0x6a868794fccaf136L,0xe0341491d4c71b95L,0x000000000000001fL } },
-    /* 25 << 252 */
-    { { 0x714fded2fb616313L,0xd1f8be5c4138197bL,0xe06020deda814497L,
-        0x16e6c5994f00cb7cL,0xb75cfe69712c2c0bL,0x303d77a3db529279L,
-        0xaa2d207ddca146f7L,0x587e3f839bbeb98cL,0x0000000000000158L },
-      { 0x988d1f50a6b10157L,0x43a1d2fb914103b3L,0x8d3afdfca224786eL,
-        0x52bfdecb99a99cfbL,0xa6f20f93dc38e50cL,0xe71ad506ab79cb34L,
-        0x937405c803ca3b19L,0x12b16d20ade81e6bL,0x000000000000000cL } },
-    /* 26 << 252 */
-    { { 0xe14ddf295a95e0d7L,0xfb5740d3f0aa2850L,0x5e8c11d18d654360L,
-        0x3aaed8340252e7caL,0x1aeba10cf88cdedaL,0x1a57aa22cb63f2a9L,
-        0x89ae2ab42123c4aaL,0xf8665895bb8d9ec1L,0x00000000000000a9L },
-      { 0x73de3b4627fe0dafL,0x1267a3e741ca4fd7L,0x26684605cca84b06L,
-        0x9190d4d64bded61bL,0x50d97803989719ddL,0x605632471d59b025L,
-        0xc151df922083bb72L,0x6fdbeb823d3ce909L,0x0000000000000094L } },
-    /* 27 << 252 */
-    { { 0x0626cb92c7c9761dL,0x20d73ca5c6afa3e7L,0x1e20927bbdd40e51L,
-        0x39788dd2d806e2caL,0x143aba83269c8534L,0x127e8992cc4cd1ffL,
-        0x29eb0e1d86bb67bbL,0xe6cd55afdef639abL,0x000000000000005dL },
-      { 0x42f52e70509595ecL,0xc41012f3bf39cfe4L,0x6f7fb05ea709badbL,
-        0xd80b13e292cf6184L,0x23683493edc7bd6cL,0x277892f1dc43b987L,
-        0xc76285574535695eL,0xac2a363a1b8d2e1aL,0x00000000000001aaL } },
-    /* 28 << 252 */
-    { { 0xe90f84570012e81eL,0x6fa09e16b98fd2b0L,0x0a09399d9805fedcL,
-        0x2e315eef2d5c3795L,0x890ace479a886fafL,0xa901e7b5d1690ec4L,
-        0x45116659bbd30a26L,0xa07c60ad19302f7cL,0x000000000000016fL },
-      { 0xda9350157782fa75L,0xb0253020981b2b85L,0x3a2434f0f76c5389L,
-        0x51b7a3ea04884584L,0x09d81db0d12297ecL,0x46842ca99d202166L,
-        0xe9fd1469d502c092L,0x61703bf654ddf5cfL,0x0000000000000176L } },
-    /* 29 << 252 */
-    { { 0x6fd8079edb2c1400L,0x143a2304cd0e2f67L,0x9987e77144296e69L,
-        0x6d27cba4601afb95L,0x8f6d58c41a75b55fL,0xac76bf6fb30a6c2aL,
-        0xb6e0fa7760de6c0eL,0x1793832b98b30d3eL,0x000000000000018dL },
-      { 0x7d7582eccc35416eL,0xf0472b74398092a7L,0xb122b93c58c6b243L,
-        0x100b1fe07e032f1dL,0x62b71644058ca84bL,0x036760890ac11b8bL,
-        0xb36d7ad9092839edL,0x092759cf5f77a937L,0x00000000000000c2L } },
-    /* 30 << 252 */
-    { { 0xaf6d6bee01c05a63L,0x3d7282dbd5a612b2L,0xa4bcb677f9b49c9dL,
-        0x1186eeb8b8f5a993L,0x08fede59fdd551f9L,0x6ac2844cb7c047eeL,
-        0x972583e24e4c3786L,0xefb8e22533d3b9fcL,0x0000000000000145L },
-      { 0x9164f2c84f585b1cL,0x7f49bfd2d53a4a93L,0x4ad4bfca07ec3188L,
-        0x0412a46f933b2990L,0xddfcdb113f03779dL,0x1d7078ff17678e3dL,
-        0xe3fbc9b2e9b85930L,0x25bbb056ee1174c2L,0x00000000000001e8L } },
-    /* 31 << 252 */
-    { { 0x6a2da2be4951a177L,0xa7712dade0249695L,0xca9500ddebd45219L,
-        0x9512855fe6a249cbL,0xd2fd8a82b7b464f3L,0xc32ea5d18aea2d80L,
-        0xeb2a2ca3e13e3278L,0x629f37f5ac6e4e6bL,0x000000000000001eL },
-      { 0xfa92ca3d66778869L,0x994101dfad4fa305L,0x00e70ff2866528e5L,
-        0xf4e501e9fe725c14L,0x35f8f43e07d0014bL,0x55689c488108dad8L,
-        0x998730a593fa8b70L,0x640054d4497da817L,0x00000000000001fcL } },
-    /* 32 << 252 */
-    { { 0x272ec59646e69dafL,0x348d7acd79b09a47L,0x8731070bd806f931L,
-        0xe1191599011d80caL,0xd001ced01b8cd947L,0x31dd3c9878a6654eL,
-        0xde8dbd0cc6409599L,0xb8939d44691b6141L,0x000000000000017aL },
-      { 0x146fdd629c45660bL,0xeb9a13d3a6283d26L,0xb99e7e66c9e2a86bL,
-        0x926ee0abe626a5eaL,0xf01ec218e8a93dedL,0x8562b91a040fb497L,
-        0x25fa595f6ddd2f63L,0x9389fffca2612413L,0x00000000000000d2L } },
-    /* 33 << 252 */
-    { { 0x6c4d9184bf16e29fL,0x70e6d2ab705bb9c2L,0xfcabd209b2118b5cL,
-        0x66321abfc9722264L,0x7a36d66f3200176fL,0x674a9b43fdf743c2L,
-        0x0b70838fed49945dL,0x274a8631bf04eab2L,0x0000000000000028L },
-      { 0x08650f55a3b6345aL,0xa2cda848cc418bd7L,0xea80cd7d13c42880L,
-        0x6895e5e434f7c51aL,0x1c51266d65380432L,0x5a024a2f94c33187L,
-        0x5e5fd4988a8c0674L,0x1b9f5d2d250b1cacL,0x00000000000000ccL } },
-    /* 34 << 252 */
-    { { 0x54a1d996f85100b2L,0xcbc5aa64db80cbefL,0xe91d2b9f59e324dbL,
-        0x9a5be55343d54cb3L,0x0ce9b03acb01dac4L,0xba4de3a2c63fd291L,
-        0xb1deed8fe51325e2L,0xeb22652f5595c748L,0x00000000000001d1L },
-      { 0x1ba3d9749c6ab6f4L,0xea84bc15d4814870L,0xbba9c3a7b8034e24L,
-        0x07482120618eb92dL,0xf6e8b897bf7a2f69L,0xbb141cd921f09ce1L,
-        0x4737cb5e28f04b32L,0x333210812dbf0affL,0x0000000000000148L } },
-    /* 35 << 252 */
-    { { 0x3fbd36619f67786dL,0x0301a8134bc980f7L,0x3ccde4731d1abf93L,
-        0x7ec69b27aac22970L,0x02e4efca9d9ef464L,0xd3ecb5f7e4b97c90L,
-        0x22fc87ce2817aeb6L,0x3703fcc9926bb15eL,0x0000000000000151L },
-      { 0xf0906667a44ed08fL,0x685d2d12441de931L,0xfbc0bd4c2d6d7984L,
-        0xf76a510d39dbe5d7L,0xd2b30ce9192862c4L,0xbdea2ba3ba2b8335L,
-        0x020d4e210976edb4L,0x67d9047cef64f6acL,0x00000000000000f6L } },
-    /* 36 << 252 */
-    { { 0xcbe3c6553fca4498L,0xfe7348762b198c78L,0xd29325d2244e4325L,
-        0xf811d9a114fc0ce9L,0xaefd7d9540622672L,0x9e01aeebb59070b6L,
-        0x14811a71f8dae8cfL,0x9c4680d5c01426c9L,0x0000000000000154L },
-      { 0xf106ef2abc07c7efL,0x249a2234a39f9edfL,0xc8183c09615d7a51L,
-        0xe250cd31f509f19fL,0xf28eefe149134f13L,0xee2b97e95ddaff55L,
-        0x28b2f72ad3959547L,0xf40f9d6a47cd3c7bL,0x000000000000009dL } },
-    /* 37 << 252 */
-    { { 0x319d18853945bc6bL,0xc0569cb414c1c53cL,0x0e23bbe24104fd05L,
-        0x22ec69d1af763b66L,0x79816606bb0000e7L,0x6a3a8ae493893673L,
-        0x0573de9d2d6abbc4L,0xb28bdaa38fb6032bL,0x00000000000001d6L },
-      { 0x50baaea5ac05f0cfL,0xe88864181615f297L,0x9311a1dfa9d25c58L,
-        0x3333e14f8d6c9eeaL,0x6a8f3dce13608d91L,0xbb6b6955b736b86fL,
-        0x5aeb5a41eb0a22d8L,0xccf9043b974aa869L,0x0000000000000161L } },
-    /* 38 << 252 */
-    { { 0x9634396daf728c46L,0xa5bc9b7d247224e7L,0xdfbc08af5c081218L,
-        0x40daef2f74944bf7L,0x363b2863461700f9L,0xc7b2d7bc173bb294L,
-        0x99080d3eefbfe051L,0xf987b4b797e98cf6L,0x0000000000000023L },
-      { 0x3984bf231aeb61d0L,0x4d59b524b46acdc8L,0x5523fe15227d50bfL,
-        0x77b1691dcec5964bL,0x6517492432344e0aL,0x0778001be2ac2d32L,
-        0x8cea375f288c0542L,0x92aae3acad80ca37L,0x0000000000000047L } },
-    /* 39 << 252 */
-    { { 0x5f72b28080743791L,0xf6d24353bad4058bL,0x40941ebcfb22ed42L,
-        0x46f017e280467bc1L,0x43155ecf5b2eaf8dL,0xe7c3771ea97e0752L,
-        0x87b477068a9a2623L,0x8ca0232ae08b1132L,0x0000000000000184L },
-      { 0x32ef7ae5683dbb52L,0xa8dcbbe761094cb0L,0x9f2062fc2c48a96fL,
-        0x16bab4ceed9269ddL,0xf2b4713d2b9caa66L,0x81ccd94c07417deaL,
-        0x71dfb81ae196d3b3L,0x836e59ce53016c55L,0x00000000000000c7L } },
-    /* 40 << 252 */
-    { { 0x94804b92b95527d4L,0x90dd532b78404dbdL,0xf8e5b1c62c372391L,
-        0x7c4b488d68836ee7L,0x9d266ad6f8300a06L,0x16fb86b496340c5aL,
-        0x593521324c6fb7a6L,0x20328cf8e55babb5L,0x00000000000001a7L },
-      { 0x8cc5cf828c337a9eL,0xed52a678cb12ddf7L,0xa38d7a38af21e702L,
-        0xf4ea981de8c19a9eL,0x0e4e6bdc79a44d8dL,0xc76b800a5236cabdL,
-        0x4ac864e69c3644f3L,0x418d9fe3162729f4L,0x0000000000000132L } },
-    /* 41 << 252 */
-    { { 0x632fac9b6c0b884dL,0xe64b31b11fc25e52L,0x96132f079cbd3314L,
-        0x0e24dd947d867c6bL,0x895f8df9b24daf39L,0x8436f4630d7b8ad5L,
-        0x292df4b9f79f4019L,0xffefe90e02a7ed35L,0x0000000000000007L },
-      { 0x4ce7024fd1b1dfcaL,0x8ec5462cbcd0728bL,0xaf6d3ed726fa57c6L,
-        0xe6c42b8d3f45f510L,0xf8c2493a062a663eL,0xe988a4782075f60cL,
-        0x641270957d167671L,0x3fd8cd1558cf1479L,0x0000000000000152L } },
-    /* 42 << 252 */
-    { { 0x46159bb21866454fL,0xdb5d23dbf1c1de9dL,0xa5b2b20f73b122e7L,
-        0x1a5328d36e867746L,0x82d316f43432f556L,0xe1773f940a06b40bL,
-        0x283be2a70cbb906bL,0x3ba5f206a07eb52aL,0x00000000000000f9L },
-      { 0xf0fb626d3c7cb6feL,0x823e7d48108f5d54L,0x3e2713ac7b3646d7L,
-        0x23042db5afba0565L,0xc8d983df57696cd7L,0xdc2055c0f11edcedL,
-        0x3476704b495ce49dL,0xcb1299b72f5349ecL,0x000000000000002eL } },
-    /* 43 << 252 */
-    { { 0x44b93e40fd864ec5L,0x605efca6e1c25de8L,0xb0a3cd7d5f1178d6L,
-        0x4bff709678414d02L,0xc6c0f44c9e501072L,0x77967c9f92ad4719L,
-        0x579a4782a54e73ebL,0x0130dc8919eb16b2L,0x00000000000000dbL },
-      { 0xc93dcbfb4e105bbeL,0xe67766b5e0552c72L,0x05677f76faca76d4L,
-        0x766985710bce1720L,0x63946321e3270162L,0xa67411fbc2d2c96cL,
-        0x1e3dfd40c17bd0d9L,0xac6177b43071540aL,0x00000000000001b4L } },
-    /* 44 << 252 */
-    { { 0xccdb3eded06656ccL,0xbe5af4fa347da6ffL,0x22c0b0573b487907L,
-        0x027b5dcf0b018142L,0x18cbedfa397640bdL,0x296c1adba9ac930fL,
-        0x2dc0515599454bb2L,0x5a7c04edc0072ff9L,0x00000000000001ddL },
-      { 0x817ec973da3ec7e0L,0xbf7de96bcb692075L,0x5ec2350044bff6eaL,
-        0xcefad43c6f9cedb1L,0x808cbeda0e575221L,0x9631a43c7d0ed004L,
-        0xbbd48ef5cc055d44L,0x7adced52db3a9305L,0x00000000000000e8L } },
-    /* 45 << 252 */
-    { { 0x4479d35b7ce3f5eeL,0xea8a93523bdf4c0dL,0xccc3b4b4a0f641a1L,
-        0x4f9baeb1f1275498L,0x288f6fbb535c1ad2L,0xaf50e68f7d7e5e34L,
-        0x1573c99dc8c366c5L,0xf29ed752cda48eecL,0x000000000000008cL },
-      { 0xf61dfe1cce19d1fbL,0x3f0ba2cbf727fb66L,0xbf17e60c5a46a948L,
-        0x58bd4583e9e2c738L,0xe2ba0170ca15e3b6L,0xffe816af2fd57fd1L,
-        0xd258abc333e06a1eL,0xd48a7702b820bfbfL,0x000000000000012aL } },
-    /* 46 << 252 */
-    { { 0x1e9da85c3cb7986aL,0x8ca319700a232882L,0x6c1d4813d8db00b0L,
-        0xf05b2bb6728803a7L,0x757a5bfee989dbbbL,0xfe3782b857179a1bL,
-        0x580279433184f652L,0xed24df1e636b602fL,0x000000000000010eL },
-      { 0x23f24bae4b469488L,0xa30177834d56de00L,0xe304cfa2ed103477L,
-        0x4a55640cb8c80476L,0x58e7adcfb9b7feacL,0xf4f50f1087583584L,
-        0xf38761e72ee6decfL,0x62d87e7311f8bef0L,0x00000000000000d2L } },
-    /* 47 << 252 */
-    { { 0x64c6e2ee38f640b0L,0xdbff010c230cd78bL,0x7b6805e3711d0b19L,
-        0x31953411b2ead66cL,0xd03cd197e3497d2eL,0x7aa2213ee0b7847dL,
-        0x68c6e618540fd2a5L,0xee78f1944b427d04L,0x000000000000019dL },
-      { 0x110e84797561c23dL,0xcad5537536e5b2c6L,0xcb7d30ac9827ac1bL,
-        0xf609071cb3eff64dL,0x5a62d75bde8b2b8eL,0x2232be091a7ce124L,
-        0x266ebe5057ad42dcL,0x1b421359c61e775bL,0x0000000000000065L } },
-    /* 48 << 252 */
-    { { 0xc65023db6599420cL,0xd5f259932de4f201L,0xdf04eb7f325db6deL,
-        0xba7a4c67088c5b7bL,0x4288030314fff349L,0x5d8c5ac1ced29b1cL,
-        0xba44893aa9d0ff4fL,0xc94974baed3f3117L,0x000000000000010fL },
-      { 0xd804dafcffe235f6L,0x1701e38d67c31efdL,0xd6b499096b9307c1L,
-        0xf33c74961fa96ebaL,0xfab4f9f892099d0bL,0x3cc5ed866d5334f5L,
-        0x41745249c94e6d74L,0x27ef9399dd4b2b7cL,0x000000000000018fL } },
-    /* 49 << 252 */
-    { { 0xf099cc75f8a9e112L,0x3c74b4cb76c67a3aL,0xfa20479f8dc52ec8L,
-        0x65abe5c0989c6964L,0x3af2709a4f2c71f1L,0x57640513f76588b6L,
-        0x6353f91e26a792a6L,0xe89c1bdb21c67c8dL,0x00000000000000bdL },
-      { 0x0b515fad1e10dca1L,0x90abf43dcdaa45ecL,0x062412e84bc4b73dL,
-        0x718bd3c5b7e454bfL,0x39ad2babc0ac0ad2L,0xc873e3cf0fcc426aL,
-        0xd62abb4369ef63f2L,0x2586fe964669d4c8L,0x0000000000000034L } },
-    /* 50 << 252 */
-    { { 0xe39f0511307f1c16L,0x5b10e8b6bbb6c973L,0x0309e94f4d0b7a24L,
-        0x260ce1fd6621d244L,0x45fc1a57139898f6L,0x8ea7b91a596fd366L,
-        0xde6371e00771a0eeL,0x5482ebb5731efc15L,0x00000000000001dfL },
-      { 0x11d6093d8aff3f7fL,0xcda42fb9470d25aaL,0x005b142823539f03L,
-        0xb8c213cf33a131c4L,0xc8d4d05bc2d06673L,0xc280e948257b0746L,
-        0x382e6cb317e2d479L,0xdb86d2f4febdf3feL,0x0000000000000027L } },
-    /* 51 << 252 */
-    { { 0x78caffd2c356407bL,0x20edea9e58f1eb89L,0xd16fc85fb2dc193bL,
-        0xb1cd53747c8d19ebL,0xe2e606b24e7a43f9L,0x8c6f1b375ae2453cL,
-        0xb3e9a3ea3ab64627L,0x043518e52094ca40L,0x0000000000000084L },
-      { 0x2c793d0352c34b1dL,0x21222d8dafca2b29L,0x951527fbcef8af6aL,
-        0x73984b4bc18db31eL,0x30bd73641bf872baL,0x6c06495be01d557bL,
-        0xacb554b9fc5f7d63L,0xc02a11b7f50b0bc4L,0x0000000000000017L } },
-    /* 52 << 252 */
-    { { 0xdf677374c18bfe67L,0x03daa39249685742L,0x69d2a99736b62aa4L,
-        0xb7c3f6dbf4a734a8L,0x6ad1791560bb2339L,0x266dfc1f08f94b78L,
-        0x2d3d477dd21b35dfL,0x41aea44988cfec52L,0x0000000000000125L },
-      { 0xfd65ad5e5f780039L,0xffe76cbfd96b8044L,0xf7ae0f1428bac68fL,
-        0xe84394e6b4333bc8L,0xccce5687ad2c4225L,0x70471c81a6a9c7e4L,
-        0x60c5e87940b576e0L,0x2f4ef8bb92e9f4efL,0x00000000000001bfL } },
-    /* 53 << 252 */
-    { { 0x3e0a60297892ba11L,0xe21b499382962ba4L,0x3b60b6f50126f7fbL,
-        0x981850279dd3e473L,0xb337b151eb77334dL,0x32fdde882bed2f71L,
-        0xfb8f226fb6070306L,0x8f2db293b0c2ca16L,0x0000000000000130L },
-      { 0xcd05c367cc0de01fL,0x07bdf2d67df2cb4cL,0xb8082bfb2af2a6bfL,
-        0xfe5118c41f02c02fL,0x5c991d3da008a47dL,0x7f1fa1d4d8b33356L,
-        0x0e9d143a397fafb1L,0xaa7061308868a859L,0x000000000000011cL } },
-    /* 54 << 252 */
-    { { 0x827702a8005513c4L,0x716246abd9b83e12L,0xd204accf5fb3021dL,
-        0xaf843f358a4d8221L,0xbc3afbc0f965adc0L,0x7123eaadba9a8f54L,
-        0x21d08b162c8578f6L,0x5e0ab2f832307214L,0x00000000000000baL },
-      { 0x9c1fc84883e1c1a8L,0xb9c17d7ec713b134L,0xb1fbc3be4cbb0030L,
-        0x933803110d6f6b13L,0x5881c5cf7e61b510L,0xfeb0553c44ff008eL,
-        0x2c22a2f1e14b8b02L,0xbdb4134af7f01665L,0x00000000000001f9L } },
-    /* 55 << 252 */
-    { { 0x1e57a0852a7b7c1fL,0x501cd11a379f8b64L,0x2005ea95719460b2L,
-        0xe4cd1ea340555356L,0x6a2088ea43dd7f96L,0xc825ffeab958affdL,
-        0xec97ea43d0db0c21L,0x4d5da9be6175e131L,0x0000000000000076L },
-      { 0x754f2673e8c6ac0fL,0x822a8787328cfe16L,0xa2b1e03d7390327fL,
-        0x71a953aae3470001L,0xd29bef5157384b61L,0x6faae163b4e19442L,
-        0xd180a23c76c973c0L,0x356ee274d45e2bd4L,0x0000000000000021L } },
-    /* 56 << 252 */
-    { { 0xde124a53d9996176L,0x1ec1e39cdc53c313L,0x91917a6c42d879f3L,
-        0xa81372c74e70e810L,0x33d61ba95780fa10L,0xb52f521c73805446L,
-        0x81bba0727bcbb8d7L,0x91a608a605f22a02L,0x0000000000000164L },
-      { 0x6f11a4a870220345L,0xa3513d6d297b6e84L,0x3dc485a1de56cf82L,
-        0xf5e5240385610560L,0x72803421fa22b180L,0xb1e2031c7f0dc46cL,
-        0x676c5f9e43d4c03dL,0xa891aa30dfa7f707L,0x00000000000001c8L } },
-    /* 57 << 252 */
-    { { 0x8080622ee89b1d39L,0x34718e3b8c5f94f8L,0xd8aa15ea60bd7116L,
-        0x795258304437b505L,0x82c1c2707e5823faL,0xfcc0012b92d8a1baL,
-        0xff16cf3c978289d5L,0x01b487fe51fcb704L,0x000000000000007eL },
-      { 0x271a09c44bfec059L,0xe3ab9cd3fa138ec8L,0xdc8d866309c5dcc2L,
-        0x4caf43f7e599f66bL,0xbb4dd3b4688cd1edL,0x07eb1d9caa0ebb96L,
-        0x80eac6dc610cba68L,0x55e5e866ead2696aL,0x0000000000000085L } },
-    /* 58 << 252 */
-    { { 0xd27f55b9c46df5c6L,0xd940f368e310c4baL,0xc1697f3a32602d58L,
-        0x020061eebd564d22L,0x3042100cfa5d7c97L,0x937a3a303d8a5709L,
-        0xc60488f76c8b2008L,0x3dda8ffaab473dbeL,0x00000000000001f2L },
-      { 0x6f893aab79642b56L,0xf329524470359a71L,0xd7462e6ed933ef1eL,
-        0xccf86cd167e8de14L,0x0e8675605a4acf89L,0xc72ed3fef8e9e4d6L,
-        0xc0dc88afd19e4a39L,0xf2e51d088ff2b106L,0x0000000000000161L } },
-    /* 59 << 252 */
-    { { 0x94c5c2faa76e3067L,0x74c5f7baa9e0ba68L,0x503de3ffc79e67a2L,
-        0xe9da75b49903d81fL,0x52f7d9e94da7e1f5L,0xa83731d7b613e973L,
-        0x2dae3eefc35a30c5L,0xbfb55d4be5ffe984L,0x00000000000000b8L },
-      { 0x174b687d0636d4a9L,0x00f11f55b75b9375L,0x70524e62e10ec42fL,
-        0x0ef83d5da15440e5L,0xab7c2c2b7a7046f2L,0xa155482caf88ba29L,
-        0x5aa1f5c5edd7b984L,0x5b7323ff9eab391eL,0x0000000000000001L } },
-    /* 60 << 252 */
-    { { 0x4f18d1477a7d8443L,0x0d76e1b7d1967058L,0xee35bb031486e355L,
-        0x2b32b859da1bc577L,0x063f800d38adb65fL,0xd65ee21ff3f59f4cL,
-        0x56ccb1068382ccb9L,0x74e330b878c00d95L,0x0000000000000179L },
-      { 0xa3aa4a6f8436a8d9L,0x2b1f2c1a7144c8c3L,0x95a3d612fccef510L,
-        0x3c20cfce1af2d8c4L,0xddfdbbd52c0b33e3L,0x4236a2daf230e136L,
-        0x22b8cad2b533d171L,0xc5398e4f52bd69b3L,0x000000000000001eL } },
-    /* 61 << 252 */
-    { { 0xf9998925356a789aL,0xb035d4d643e44f5fL,0xa362c1d3c0491bb1L,
-        0xf9139080777ccd77L,0x7d0109074fefec2fL,0x77961dd61ea1b160L,
-        0x3674c27d2f9de773L,0x6d1ff90f84e79d39L,0x0000000000000065L },
-      { 0x54b1da37ba03c500L,0xe9a2696034fdc983L,0xb4ab12ee290f32acL,
-        0x6589b027a54917aaL,0xef94b1549a84fd5cL,0x1c598975cea54c74L,
-        0xbc50a9b7ee3e0bdfL,0x5d755951d99ab48eL,0x0000000000000004L } },
-    /* 62 << 252 */
-    { { 0x3607f884f22962e3L,0x7fbb0064f0bfe22bL,0xbad02b9b716b8109L,
-        0x2d2f55801bea19f6L,0x119a51eda3da1600L,0xed4bdc13a03e7da1L,
-        0x52cf75e0e1594dc2L,0x5cd2a02ad2740de2L,0x00000000000000deL },
-      { 0x1c1cb857aaa37069L,0x69623f57f69b1560L,0x77e24490cebe0023L,
-        0xca262a30e6395606L,0x4c68833affe15b74L,0x4daa7aa356fcb2a8L,
-        0x4beede7dc40f75e2L,0xa00dd3197a34c150L,0x000000000000002eL } },
-    /* 63 << 252 */
-    { { 0x15c921c8bf854109L,0x91333f4fff524ec9L,0x739e37ee20bfd5d0L,
-        0xe61087f8f8a8bc93L,0xcfc07fcddbe59f26L,0x1f5ac6d2f568fbe9L,
-        0x78a1b8654452a4d4L,0x585d2501d6b939b7L,0x00000000000001d0L },
-      { 0xdb4c45affd113ba3L,0x0741c4004abbacd3L,0x84f69bd7c86145c4L,
-        0x023850e1d597a974L,0x5d3a93d41f667362L,0x24eaefd5d8326769L,
-        0x79ebdedb45edadbcL,0xf8833039310dedefL,0x00000000000000cdL } },
-    /* 64 << 252 */
-    { { 0xd1a48c6847edd0e3L,0xfefb60be253c6bb5L,0x7265ebb75ab3e95dL,
-        0xc8d1b679f058192cL,0xcdc478d6fa21c3ebL,0xdf6360dc10b2b221L,
-        0x824b28a71101d18eL,0x4bc043f1e04269d1L,0x0000000000000032L },
-      { 0xa342984e5d49e112L,0x981ac5544e80cd3bL,0x489ede322c45f14dL,
-        0xb97b3ba50671c724L,0x3818c351bae2cd87L,0xf3719c9261521947L,
-        0xb9116ed9a8252d72L,0x992761ed9c406f54L,0x0000000000000141L } },
-    /* 0 << 259 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 259 */
-    { { 0xdfbfa8c0b9f59031L,0x683df70ba5e17023L,0x07958fdc42ce28b7L,
-        0xb8965b5bc6d4dc78L,0x78441b9a6e4b4290L,0x3909e659ea4b4aa1L,
-        0x9c8f59c629b6cd62L,0xf400a01919a026ccL,0x00000000000000cfL },
-      { 0x09844edef77fa34fL,0x9da8cdc495b4acfaL,0x5bb762074d52835bL,
-        0xc39505e29c0584e1L,0x4c9a0f296c4f318eL,0xdd1a8f417d87f206L,
-        0x423805cd95ec312cL,0x21639f519304343eL,0x0000000000000092L } },
-    /* 2 << 259 */
-    { { 0x6d9b0c3c9185544dL,0xad21890e8df2765fL,0x47836ee3cbe030a2L,
-        0x606b9133f7651aedL,0xb1a3158671c00932L,0x9806a369cfe05f47L,
-        0xc2ebc613f57f3700L,0x1022d6d2f065f07cL,0x0000000000000109L },
-      { 0xb292c583514c45edL,0x89ac5bf2947e68a1L,0x633c4300af507c14L,
-        0x943d7ba57da4020aL,0xd1e90c7ac0ed8274L,0x9634868ce59426e6L,
-        0x24a6fff2c26bc9deL,0x1a012168152416cdL,0x000000000000000cL } },
-    /* 3 << 259 */
-    { { 0xcc2fec030b4a18c4L,0xfc29fc82165d1776L,0xc8ab611ac317fc9dL,
-        0xa8d299571029913fL,0xa225949049f64636L,0xda588063c1db5e74L,
-        0xff94c5e6c0d70127L,0x199c1b8e74f89721L,0x0000000000000062L },
-      { 0x168ebf642d3b8836L,0xb05a8c0f1c2db301L,0x409e24edc0a052a8L,
-        0x6b6bb0163125a8edL,0xea9b956bf64bc66cL,0x4453021083f44d9bL,
-        0x0eb41037fe8b6632L,0x555c39b858ef78d4L,0x000000000000002eL } },
-    /* 4 << 259 */
-    { { 0xc2453d609102b570L,0x70840e5c142c3e23L,0x7294b1f1c30037d9L,
-        0xa2500f121dbf5ab6L,0x03eceb67c9c8ee6eL,0xa19c319330820abbL,
-        0x7aad59e87da6b820L,0xe97823f8c38d842fL,0x000000000000006dL },
-      { 0xce5bb75ea7b6bb9eL,0x9090358d569c9eddL,0xa8b5ec369cd0c065L,
-        0xb2b5ac1cf81c82b8L,0x8feb364c3ffceb86L,0x355ed9ecdf4f9f7eL,
-        0x6f2efe425ce12ff4L,0xb23168780155070dL,0x0000000000000035L } },
-    /* 5 << 259 */
-    { { 0x38a82571854f48c1L,0xd1b1b09af520fd6bL,0x7f01089cdf7207c9L,
-        0x96a6180fc9393ec5L,0xa736bb517aea3ec3L,0xd25dcafeb56b8f87L,
-        0x48933536a43ea781L,0xbbdbedab8e0fd61dL,0x000000000000003cL },
-      { 0xe8b599d37f7a088dL,0x85ade4938e5efd0fL,0xe3049a17adbab77fL,
-        0x3a24830b430f3f92L,0xe267f23e183b494fL,0x05f42dd6166e606aL,
-        0xbee09553f479301aL,0x5adda2a63ee09623L,0x000000000000012eL } },
-    /* 6 << 259 */
-    { { 0xd8be53eb86660e96L,0x72c2673c8be7763dL,0xa7c5462ec6b55bf0L,
-        0x9def337b574a104bL,0xa8fe70ae9e9a1386L,0x6070f210bd010cf1L,
-        0x5d3eda3894ae907bL,0xa69d86791bea88cbL,0x0000000000000000L },
-      { 0xd1dde97203c8dd6aL,0x562332d1d8950c30L,0x33be213e5ea340f7L,
-        0xebb49ed4eb40e91eL,0xefe4aac270b2ca5aL,0xf6ad3cc1900ceeb3L,
-        0x67e9a8816cc704d6L,0xdd3f2baf12fe8a0aL,0x00000000000000beL } },
-    /* 7 << 259 */
-    { { 0x7d8fff086a2f9346L,0xdf0fb4f2d1e2a388L,0x45ba8c01535d98ffL,
-        0xce448379f67301f2L,0xbedd58c03767978bL,0x7b1171f555aef5a3L,
-        0x66b7c88d5a486411L,0xd35c98709f6c12dfL,0x00000000000000d8L },
-      { 0x9dc04b408b746e49L,0xdef5954d4eef5b2bL,0x4bc53645fdc0ba16L,
-        0x3b488da37054acf5L,0xc610686016a0c2b8L,0x299f1abb911bc8b8L,
-        0x5422e599ecec19b3L,0x9ec27cb47fd2c939L,0x00000000000000f0L } },
-    /* 8 << 259 */
-    { { 0x5f56b5a41bc0fa77L,0x6cdd6bb564fd36f5L,0xd0ac68b58a5b7c7fL,
-        0x4a92d9bf09919ef9L,0xc305e12b71c3c520L,0x554a9d1cdb699aeeL,
-        0x7fde007761f54643L,0x99c13124479115ceL,0x0000000000000039L },
-      { 0x25f890e1c271ac2dL,0x1353ccd394b370acL,0xc7b5adf6744d4011L,
-        0x9ccd7687be378127L,0xa8489b5c06c4e3cdL,0x1945580a305505f9L,
-        0x07190a204ab3b12bL,0x0ff53eb11534ea4dL,0x0000000000000159L } },
-    /* 9 << 259 */
-    { { 0xa3f06f7e03301a8dL,0xfadeedf1ec05ed54L,0xe26adc226b4601b1L,
-        0x1b283cdddadcb386L,0x3acec9e811b4a113L,0x91b8284f1118431dL,
-        0xe18d0cc4ac01391dL,0xeb2c1b0a7cc7d837L,0x0000000000000074L },
-      { 0xd0662bde8e3877a7L,0xc979f8a15d0641caL,0x28d798bd044f4903L,
-        0x296941594e7b2108L,0x84d5ff89c5381df8L,0x299250a7a51d6348L,
-        0x02ee4fd3909ecdbcL,0xcfa39db1c84b1fafL,0x0000000000000114L } },
-    /* 10 << 259 */
-    { { 0xe774eed9b1167003L,0xecde86e1932845b9L,0x0381d17897a8a10dL,
-        0x995a4926aeb8bef7L,0x3ee19c812304bae0L,0x541449e3fe977e97L,
-        0xd7ef476ba517b358L,0xe55330bce0d847cbL,0x0000000000000012L },
-      { 0x1620a1d6f06a91d6L,0x714b3502ac578bfaL,0x2606ebdb6bed112dL,
-        0x8b7b271563f8e778L,0x31833913651fd543L,0x14929f1adc9638feL,
-        0x2637ec813ee709d3L,0x39faf7e705547eaaL,0x000000000000009cL } },
-    /* 11 << 259 */
-    { { 0x224aff4aa7b53656L,0x93b4629f1786efa8L,0xdcf8ce96a546dcbcL,
-        0x55f8dbafc17cbe15L,0xe0377d7cd48c57adL,0x28143a41d9a9a135L,
-        0xc1c07a77d9b71cc6L,0xed6d2a8fb29ae6b2L,0x00000000000001e4L },
-      { 0xe5dc2a6836867275L,0x7bb1a0b5349e1d5fL,0x326d1d94c30c763cL,
-        0x06389c1a6db2148cL,0x3a572e33ba33a05cL,0x4244f4884ff8334bL,
-        0x0a63419a240e3005L,0x8fdde11d479fe00aL,0x0000000000000038L } },
-    /* 12 << 259 */
-    { { 0x785e09ff6c6a364bL,0xd00a50fe53e3c393L,0xad964c6e0d36fb23L,
-        0x353441feebada914L,0x4e16727ea5ba72fbL,0x5114c6e07bdc78a4L,
-        0xca3a8e27f38384ceL,0xe48f64cc77307092L,0x0000000000000089L },
-      { 0xb3152778351aa439L,0x0bbc970e6a2e6c8cL,0xae03de8312cfdc8dL,
-        0x1622d6db779c99e6L,0x82d6078b59ef9e70L,0x3539ffd07368486aL,
-        0xe61a3e2b083f7b1aL,0xb214f0b74b874dc2L,0x0000000000000155L } },
-    /* 13 << 259 */
-    { { 0x97a1306e9e1d014bL,0x59ede0475517a3ffL,0x327b01f207a6b3f4L,
-        0xfc8bd2c2fd4f1a9bL,0x0e1b92c4b1af517fL,0x646bae59e1f96248L,
-        0xd14955bc75d5c91cL,0x6f849a406c2dfbfaL,0x0000000000000134L },
-      { 0x984d6925802559b7L,0xc51f33f880d5fd4fL,0x6fb6927113165975L,
-        0xb5ed83cd5dec0cc7L,0x53314bcd8649d155L,0x716d891fbef7bfa8L,
-        0xd7c07da0c3486607L,0xcab5e610669368bcL,0x0000000000000048L } },
-    /* 14 << 259 */
-    { { 0xe77c03eed7ecb581L,0xb0b4de18cef15beaL,0x318e5b24fa1ea3ffL,
-        0xfd1d902e710e95fdL,0x8daeda0655cafa30L,0xcaba29bf2bd11001L,
-        0xaec1861bd88085bdL,0xfaa66562e591d19aL,0x00000000000001f6L },
-      { 0xeee386f7b68c7429L,0x0a876aec502c0797L,0xcb587df8c6806fa9L,
-        0x4f7cb6dca84de772L,0x407a1f0ff746cc93L,0x7862e9bb6b953e5cL,
-        0x6c106caa0a4c9357L,0x04213043c0096e5dL,0x00000000000001abL } },
-    /* 15 << 259 */
-    { { 0x6c0ea19b675e5fddL,0x40b9015015507582L,0xf7237ea726e603f5L,
-        0xc4dce1026e0be9ffL,0x5f0d8a2e3c5b733fL,0x26a280f86ed664deL,
-        0x5f532bcb33c11487L,0xb0f9d44cacf164f3L,0x000000000000009eL },
-      { 0x70fbc712b712571dL,0xa2becc32da63e6aaL,0xaae77cf6c170057eL,
-        0x2f1d39620a4897dbL,0x4c1b5709079995e1L,0x5771457fe2de734eL,
-        0x7b355bf238fcd883L,0x1acad483a6f023b3L,0x00000000000000bdL } },
-    /* 16 << 259 */
-    { { 0xc68052c94876bab8L,0x81f704baf84c2e38L,0x28bb9436f2cf9927L,
-        0xb89bbfa0d06c972cL,0x00fe1dd8b7a78e76L,0x3adfb05af7f1e1aaL,
-        0x45321e42b7278eeeL,0x13d850e0a528ebe4L,0x000000000000006fL },
-      { 0x6b724c681934143aL,0x2f944afdb657d809L,0x38e501dfaba2fa08L,
-        0x9285ece1be66e568L,0x7af221f7f9df3327L,0x00b8a86fde74aefcL,
-        0x19d675189a992072L,0x806d1c88d9ddbbb6L,0x000000000000009bL } },
-    /* 17 << 259 */
-    { { 0x20ea1405d04d2000L,0xea35dca5c089a6c9L,0x038602bf3bdda2e6L,
-        0x477b746aebf1aaa6L,0xd47867e49e7854cfL,0xd8b1935170bc2ee9L,
-        0x76412c62a44fee1eL,0x129d55355abfa5d8L,0x000000000000019eL },
-      { 0xa5e36fcf3ab81c33L,0x6245c51eaf823a1eL,0xd62852eb0e836757L,
-        0x3b2db4b779c4b928L,0x11dc7ad28063e57aL,0x0316df7eeafc4648L,
-        0x44a90cbbfb758030L,0x3db503f2caa01c6eL,0x00000000000001ceL } },
-    /* 18 << 259 */
-    { { 0x2aaea367bd35d8cbL,0xf2a64bd7ae020e8fL,0xd7f80264d6dc5572L,
-        0x890e23621f36c56fL,0xb9daf028a09342ddL,0x6cee1fb190bf076fL,
-        0xfae167e70f0412ceL,0x2a79d89a8a2fd483L,0x00000000000000e0L },
-      { 0xc222a2450849a624L,0xed4033dd0082dedaL,0x11f78e31df0dc525L,
-        0x34240b3ebb3eb85dL,0x135d407dc287296aL,0xc47fbfce741ff1b3L,
-        0xe34dd021da643502L,0xf183174d65e3ba7aL,0x0000000000000116L } },
-    /* 19 << 259 */
-    { { 0x10f9009fe7aa5ec4L,0x125939c308e38826L,0x85a399e720424b3fL,
-        0x04eafd33c0ac71f3L,0x79c534b4452782e8L,0x57a8e52137e8307cL,
-        0x905909823134ebceL,0x8c0acf7565ff10a6L,0x000000000000015bL },
-      { 0x27afc0afe6436fe3L,0x9739bc6f13b24125L,0xe7b31b50902904b5L,
-        0xf7ac9e9c0e8dd2deL,0x8b0c28b2295bca58L,0xdc5817376beafa7eL,
-        0x1ccce1e33aa35160L,0xe57661cc297eafc9L,0x000000000000000eL } },
-    /* 20 << 259 */
-    { { 0x83c6b9ded09b1b31L,0xc2325238e3c06d55L,0xee4a352851db1a32L,
-        0x69bba3f21edd1449L,0xa445212e855c819aL,0x00a83136b62b4fefL,
-        0x1c51eb23e3edd8bbL,0xf5eba0c09a238dcaL,0x00000000000001daL },
-      { 0x1223b0b5b2448058L,0xb6e3ad9f699217e3L,0xa7ae6434584dfe78L,
-        0xf7d3d93f5b407cbaL,0x68b167ad39035117L,0xb369219cfe239c88L,
-        0xf3d9bc4913bba594L,0x6123679d698e3bb5L,0x0000000000000183L } },
-    /* 21 << 259 */
-    { { 0x95f7b69fd2f71619L,0xf96d943794b12017L,0x6d0cf626a6415ee3L,
-        0xd6ca14a945b74621L,0x9cf18c6eccba609cL,0x3d33890bfba5a052L,
-        0x38426ba5c7e9a4e6L,0xdd28b78e61840224L,0x0000000000000062L },
-      { 0xfff724ab6d9606c1L,0x9b61bc1178750133L,0x2137470f8fd0f355L,
-        0x84605f37daf83165L,0x24ee8714edc5f305L,0x77cca00adb7ee62aL,
-        0xf45654e1212cc286L,0x638f7126ef2ed80fL,0x00000000000001abL } },
-    /* 22 << 259 */
-    { { 0xfa37c4d089b3a5a0L,0xa8ed9bd86065deccL,0xc5068acfef8cc1dfL,
-        0xea2a71018c98a08eL,0xde77dd771b4baeaeL,0x855a8b672b794f71L,
-        0x1acf5585cfc02477L,0x1535d73cc30f94c2L,0x0000000000000149L },
-      { 0xc7f723eba566c87bL,0x88d22c712cd0a69dL,0xd7f9318bf60c47c0L,
-        0x8d652ed79c239254L,0x186ab5d6c46760cbL,0xf83bb0d588e7879dL,
-        0x2976daac122a83b2L,0xc7bc8602f240460aL,0x000000000000010aL } },
-    /* 23 << 259 */
-    { { 0x6c4da53b55c8c9fdL,0xcae3b7ba785cfe10L,0xcdb8f1c59c4cd91cL,
-        0xbd1c603ab874a86bL,0xfb8654e1043ea4acL,0xad5c88fbca482074L,
-        0x89d5aa873262bbd5L,0xdcda775402ad836dL,0x0000000000000076L },
-      { 0x4d5190e63441966aL,0x99698619c7ff468fL,0x0a5e1697bb1a77beL,
-        0xb5c0dcfd32ea31f9L,0x2121cd321b6f6ba9L,0x53b7874f779a966aL,
-        0xadb4e60ea3c6172cL,0x5de2f937754ab9e7L,0x00000000000001fbL } },
-    /* 24 << 259 */
-    { { 0x4a7aca2f4dde4b24L,0xe56e7b54b4a15f13L,0xecb9c748eb5705b0L,
-        0x675ffbc695977aa7L,0xd200cc67501dca3aL,0x82b4152d3c43e1ceL,
-        0x64be95945c124198L,0xfc52e520389aa160L,0x000000000000000cL },
-      { 0x157e8281f875201eL,0xe98a64c03b179b49L,0x8df77ef0d4bce1c6L,
-        0x8b6764909a9fd8e8L,0x6d8879b8bb67721dL,0x558091cc19e81bddL,
-        0xebacde3fec6e7394L,0x987a87d51bc77288L,0x000000000000010fL } },
-    /* 25 << 259 */
-    { { 0xd2fded8759ce0d63L,0xfb2c78fdad3f2b6aL,0x1e47201d30bf7a0cL,
-        0xefd45dfcdd7cca88L,0x9d46cdcf392768b2L,0xbddabe42411e4cd1L,
-        0x6a2d18754088dddbL,0x56ac6278c731d94cL,0x000000000000011eL },
-      { 0x11aec7dcca650d47L,0x0f4e8a9e2d8a5dedL,0x92a664a4c2c1f5b3L,
-        0x2cef12ef01e930d9L,0x87e8b0bd01ac4347L,0xdb547402a854a695L,
-        0xcc487db9b9d1733eL,0xe8dfdc0472b35b30L,0x00000000000001a5L } },
-    /* 26 << 259 */
-    { { 0x866ff3c908ea3335L,0xfb58377c88d2ec52L,0x5715d9e014a8829cL,
-        0x9376778b0595d929L,0xc1ccd5d59b8ed6b5L,0xd90d82dc00d1367fL,
-        0x15bce4d84cd41c48L,0x1144874144a2b97eL,0x000000000000017fL },
-      { 0x0e3e35fe60aa94e0L,0xaa1456964891e593L,0x51ec590f402ead1bL,
-        0x23c0996d7345d47dL,0xd93e5a1a2ca244e6L,0x80c00f6fdf85d7f8L,
-        0x1ca50525867d760eL,0x29cf9fb20984377bL,0x0000000000000196L } },
-    /* 27 << 259 */
-    { { 0xbd692d023a5647efL,0x964c9bae291eb75eL,0x704d6f07f201fd7aL,
-        0x6fdc417b52db9f6eL,0xbf85909f6291d4a1L,0x75d316a483e42991L,
-        0xaeed45ef9cc62549L,0x1f4d10c5995a6c4fL,0x000000000000002bL },
-      { 0xe5ff3d1dbc6c43a2L,0x552282bdff596546L,0xc9a7f0f45518beeaL,
-        0x29e5b89aa6339aaaL,0x1b7acff5f0d0399dL,0xcec8edaece588c77L,
-        0xaeb3a8e88fe82680L,0x96f35f5b9fc80e41L,0x00000000000001daL } },
-    /* 28 << 259 */
-    { { 0xb95253361ea445c9L,0xa8a0fe24c10de158L,0xaba4da83211f91e9L,
-        0x307538caf2390466L,0x1e0313e0153d0062L,0x8f5ee2c89ffb2a03L,
-        0x49f2777ff412ebc8L,0x463f67093d268ae8L,0x0000000000000057L },
-      { 0x3856bef0a32a201aL,0xd240074b30514b6fL,0x277c70d8a9c71d35L,
-        0xe35d68cf7aa435f7L,0x8a3c9a0960681a98L,0x4ef5a19a5d25e946L,
-        0xdb60e7fc4316cb53L,0x2693e9a568601ecaL,0x00000000000001a5L } },
-    /* 29 << 259 */
-    { { 0xad35ecaee98cd7adL,0x906bd768a474bc5dL,0xda3926c0d0ff4afdL,
-        0x9b850c9da31111e9L,0x426e3fdc6caf82a7L,0x9644b0d4bfb03a61L,
-        0xc524fe4534531e4bL,0x0bfc8bcd7c3802beL,0x00000000000000c6L },
-      { 0x9342cee294463876L,0x83cc9e39f1be35a2L,0xb18ead7df321b335L,
-        0x00c2fb7044628d65L,0x7b320756ac074cfbL,0x71f3cd03644e931fL,
-        0xf82be78c1e0df54fL,0x397a7d9ed542dddeL,0x00000000000001e0L } },
-    /* 30 << 259 */
-    { { 0xd8bf062c1e073747L,0x26c96d9fee2e6d05L,0x79d919d7890b4d75L,
-        0xb42e2bb900653fbbL,0xf8987798e3ccc877L,0xb47d6eb25033de8dL,
-        0x39f94c596c5fd1a3L,0xf3c0c3882fa0ab65L,0x00000000000000c9L },
-      { 0x9661d7f82b18b119L,0x6fa045ecc4b5c3d0L,0xc858de883bcf37a2L,
-        0xd81d90fb3224d885L,0xf251a9f77a8377e5L,0xfeb83a50a3d8c771L,
-        0x853cfabcb5394fe7L,0x950559bf67c9eba6L,0x0000000000000000L } },
-    /* 31 << 259 */
-    { { 0x08cf7dfbd3c147b9L,0x12ac86d2f10d9656L,0xe02add8249b8805cL,
-        0x9456f02a5f74b988L,0x4a631e1087cdba37L,0xb51ee73a96da245fL,
-        0x1378e514042f40e4L,0x9ca9b65c1f1d6aa9L,0x000000000000002bL },
-      { 0x01757173a246897eL,0x943f9cc04c7b233cL,0xdf545f8e7858a222L,
-        0xb8b36cae3d074306L,0xb7c5c74d9a30dc70L,0xe3b361764c35c88cL,
-        0xb0a1f4f1f0bac884L,0xe86e2f8874506af4L,0x00000000000000d4L } },
-    /* 32 << 259 */
-    { { 0xee31e71a286492adL,0x08f3de4465f86ac4L,0xe89700d4da713cb4L,
-        0x7ad0f5e9a86b7104L,0xd9a62e4f2572c161L,0x77d223ef25cc1c99L,
-        0xedff69613b962e0cL,0x818d28f381d8b205L,0x000000000000008eL },
-      { 0x721231cf8cdf1f60L,0x8b640f2b6717760fL,0xbe726f8ce045a403L,
-        0x422285dc0370689fL,0x7196bf8f72ea0dcbL,0xa16f7855c8086623L,
-        0xd4e19fc7c326fe48L,0xfdbc856e8f68bf44L,0x000000000000013eL } },
-    /* 33 << 259 */
-    { { 0x28ae363b4f9810f3L,0x3c8be1a72b4adaa2L,0xb6ccf2e9a106c1dcL,
-        0x1eaa8df5dc082342L,0xa9d31a0f093f4db0L,0xc21ccdd96a7d1821L,
-        0xb65f98905a9fd515L,0x2277f550f370da1fL,0x00000000000001c6L },
-      { 0xe9c244cb48277947L,0x1c4bd7fbd7f2e795L,0x0f131239511d2132L,
-        0xa8414dbb86c7eecdL,0x191644a8486dca5aL,0x1ca965ad6c84a2bdL,
-        0x56022cf1985eb7e9L,0x25b227393c581accL,0x0000000000000118L } },
-    /* 34 << 259 */
-    { { 0xb1b6d3a65bbb33a1L,0x3075d6caf5c56c88L,0xe6dfb0e533d4db68L,
-        0x7f2ef47003fc741dL,0x2bd5d92bec7c0497L,0xaa499ca8edca6a5fL,
-        0xb16771e43fd78f37L,0xc110eac51e8f7acaL,0x00000000000001a6L },
-      { 0x1faf956a555073f9L,0x2e665871977f2a0cL,0x2fe68703a4ed455aL,
-        0xcc2bd95fa496e153L,0x8233f9bfafc21f60L,0x402fea60f2144bfbL,
-        0x680a736ca2ffc242L,0x69634dcc94d4f0c9L,0x000000000000013cL } },
-    /* 35 << 259 */
-    { { 0x230cadee4136c79aL,0x53a2dce673945040L,0x94f8a859e6429d9cL,
-        0x52383e90b1ed3b5dL,0xf2a0901f5fa55cd0L,0x2026ccf13e2f8760L,
-        0xcdbaa7cc91a22dacL,0x5b2163adbd3c3a35L,0x000000000000017fL },
-      { 0xdd444ce700d782bcL,0x100dcc2abe1fe73fL,0x640c492a0ab9b972L,
-        0xa487fe3863528daeL,0xfc1e9dac220fe227L,0x299b97cdc6c10c53L,
-        0x598cccf628179b7eL,0xe4991c506af23688L,0x000000000000017fL } },
-    /* 36 << 259 */
-    { { 0x1f021ef05478138aL,0x53076dc4067de90bL,0xb325a033c6cbb9c7L,
-        0xd41768278793b908L,0x3cb14074a18b1a70L,0xf50ef63a236f4953L,
-        0xc59bf449c8bc84feL,0x2952abb6f0b868b8L,0x000000000000005cL },
-      { 0x2a0e56c1652bb7bfL,0xf2186af3b9a9a9f7L,0xbfb054232c2d7ef8L,
-        0x9aceb677cabbdd86L,0x40314bd8270a74efL,0x71e9c648d933146eL,
-        0x9a19956d14b0eac3L,0x9797358c0c75f494L,0x0000000000000121L } },
-    /* 37 << 259 */
-    { { 0x80bc51e0c4a4f043L,0xf18f17f98fe0c29cL,0xdd6b0e054c815822L,
-        0x63bffee5b3d55da6L,0x84b0917351b59231L,0x71689568a7d603b1L,
-        0xd579f92e227fbaa1L,0x962feaddbb1f1d79L,0x0000000000000079L },
-      { 0x52e249efd48c66eeL,0x400c89e816b9737bL,0x39cc526b4abe856cL,
-        0xf38ccc7eca5d4e44L,0xb215a07bacb8ef4aL,0x0712bcf081443047L,
-        0x494d622ee238c55bL,0xcf6a1baa50e72dfdL,0x0000000000000117L } },
-    /* 38 << 259 */
-    { { 0xd8eb671dd0e16c37L,0x426b4fe04fac827eL,0xa5ca693c33cbc22bL,
-        0x54de649e6a5c797dL,0xd9e900bf9e0e10b6L,0x531cffe217dfa29fL,
-        0x0482aa87674ac4efL,0x210528300059648eL,0x000000000000010aL },
-      { 0x056126f75d644042L,0xb2cdfa0f893ad834L,0xdd7935cd9cc62fcbL,
-        0x820515a09f640985L,0x6aebdaeeb809328dL,0xdfe17ad7fc12ef5eL,
-        0x6b650484501f50e3L,0x3b8eaf3215fd9a0dL,0x0000000000000002L } },
-    /* 39 << 259 */
-    { { 0x82ed9a8dda6639adL,0xf6024a774e995343L,0xe6a1cdf6070572a1L,
-        0x6a15e3512ab3eb5fL,0xcb4f48bb6655ecccL,0x9295854303dcb66dL,
-        0x060fd5396523aa99L,0x3004bc44f42a7f0bL,0x0000000000000090L },
-      { 0x8e2060ce679910bfL,0x512c4ea8e342d6b3L,0x6d125c9b569f8e2aL,
-        0x833d68f3ecacb92cL,0x7ecfa091e570be21L,0x14539cfe17dae806L,
-        0x111cb671599c5e7bL,0x7d0361e735cad2bbL,0x000000000000006eL } },
-    /* 40 << 259 */
-    { { 0x0206454024a7e70dL,0xd7c69d0cb892b167L,0x4b5a7d36f6f94cb8L,
-        0x7237ffff807698d1L,0x90ca471730d2a69dL,0x052ba947da584fe9L,
-        0xea15b35b970ee0ccL,0x0d7ba4f0be2d7cc9L,0x00000000000001ccL },
-      { 0x10d8cd17f953d168L,0xcd255ba241da2817L,0xed38eccb2381ea26L,
-        0x53eee2ef55ed1ab5L,0xc94ad92333ac6a32L,0xd000d271a71253bfL,
-        0x77c8d5c9547f8b3aL,0xbef4d3aa18ae2ddeL,0x0000000000000159L } },
-    /* 41 << 259 */
-    { { 0x3eeba73f7dc5de84L,0x61f94421baf4ce8eL,0xebf5e4c01e5e5d3fL,
-        0x87b7a9d18b008fdbL,0xc78a071f49b69718L,0x56743f3d87413117L,
-        0x28ca8e2f94c872cdL,0x5f36f860fac7f330L,0x0000000000000100L },
-      { 0xbce6c975e85d255bL,0x21e0235a4066ae6dL,0x786e6d4ac50be9f7L,
-        0xfdd3a4ee582e9ec5L,0x5d8ee443c1fda7e1L,0xd076758e1bf06a98L,
-        0x31508bfc8534eecaL,0x27ab9f1931641184L,0x00000000000000d7L } },
-    /* 42 << 259 */
-    { { 0x76b363b63c5ce17cL,0x75e8ba323e1f0c00L,0xafe8f47ea3ad49f4L,
-        0xdeb90e8dd38a4c8bL,0x59e3777d07743abbL,0x1092a633dd2a10deL,
-        0x082446e157e17d7cL,0x0d01da2edce36407L,0x0000000000000019L },
-      { 0x73a9f09639a6db94L,0x96bc010721374c72L,0xbceda9caff17e1edL,
-        0x32b708692d130febL,0x14a201008f0e1601L,0x34f1cbbbee4a4a76L,
-        0x488b76db85c287b8L,0x4e64b547b6a7d1feL,0x00000000000001adL } },
-    /* 43 << 259 */
-    { { 0xa836842eb6ae189eL,0xf1b19c170056ab75L,0xae3374042b01c3a6L,
-        0x89d5cc7a0bb8c2bdL,0x6e02b009fb866289L,0xdcadc0fc5abf3d3bL,
-        0xce7b2d6604290e7cL,0x94ee4a4d18364ed0L,0x00000000000000afL },
-      { 0x672841bfc58e7b41L,0xf2fbd6fa87db5ad0L,0x2511d4e7dce7195dL,
-        0xd21c4d314dffb69cL,0x8231cc4396b5a36fL,0x75c447f63ea477ecL,
-        0x2574bee0d6186096L,0x52870fd9c167aad7L,0x00000000000001b3L } },
-    /* 44 << 259 */
-    { { 0xece40f9775f9275cL,0x686e628af28cddfcL,0x544b842b887b5aa2L,
-        0xb33a8517c4ad2061L,0x1525dcd7bdfe3c4fL,0xc771ef08b09c44b5L,
-        0xeb02c6bf781ae208L,0x784dbff997fc9c2eL,0x000000000000012eL },
-      { 0x10717e71d93974bcL,0xd6a9e82900a10d31L,0x27b00c7f35d5e291L,
-        0x451d556e0bed8699L,0xa3ff4fe0f5118f55L,0xfb5d9590f07091d4L,
-        0x2dea085ea6378d60L,0x24dac7bb4741b622L,0x00000000000000b6L } },
-    /* 45 << 259 */
-    { { 0x58f22e521589fc91L,0xd26d923c1572f936L,0x119123075356419cL,
-        0xac8ef534d050441dL,0x2095327f1a4e0cf4L,0x39cc6a1ee169d2ffL,
-        0x8ebb4d099b67523aL,0xcc3a215be1bf9afcL,0x000000000000001bL },
-      { 0x39abe3cfd0c96670L,0x1948c476066b056eL,0x47932f316512b7d0L,
-        0xc905d875ca50f67eL,0xe94876bfcd454f38L,0xf15a676e69ed3d3dL,
-        0x32320896d595a940L,0x0656340a48ad1e79L,0x000000000000006aL } },
-    /* 46 << 259 */
-    { { 0x8f6ca036a25c9b50L,0x56356d4785bcc87aL,0xe646d82299817898L,
-        0x6f9c87155d43bafeL,0x09e17a9509926705L,0x1eb95e765fc6bd98L,
-        0xe5894e0146e44174L,0xf345a2821c1f16f6L,0x000000000000018bL },
-      { 0xe6a6189e502ca51fL,0xea04086caf88b82cL,0x400cf34589a390c7L,
-        0xf1da9ba44ed71572L,0x07b61a37913f522cL,0xc69f7f0c0e27f8e4L,
-        0x25d6a2dee6073472L,0xb1d97674586573e4L,0x00000000000001e0L } },
-    /* 47 << 259 */
-    { { 0x3bf9c246be511a2aL,0x528e184cd12e41f6L,0xe473382fff9c33cbL,
-        0x7b152e99e6e39137L,0x01d3d113a4a2e625L,0xa7ab2c27eea47137L,
-        0x0a69cf3194b87f50L,0x36af1fa902fcf00aL,0x0000000000000177L },
-      { 0xc5a45d54b2ff7576L,0x18998a609b2e0046L,0x70720cc450e4fdd5L,
-        0x8ab8a8766f9adbf0L,0x0c09fe59285f4e50L,0x41f772e1aa49ce03L,
-        0x70675276e7e928b3L,0x9e4c40d95f1dffb6L,0x000000000000002bL } },
-    /* 48 << 259 */
-    { { 0x3b52947390b32585L,0x57359ccd7b3ba1d5L,0xb6daa5e0f8889d88L,
-        0x6ef5de0607674ccbL,0x5c000c596eb2b8c9L,0xdc4f33e5fbfbbf74L,
-        0x195a92f58a060ed9L,0x49c845be41beff63L,0x000000000000014eL },
-      { 0x7190d74d265e6dedL,0x95373592453d9809L,0xb087112de8f1b76dL,
-        0x1341db8a73d34d52L,0x54075f5b4bfa2fc8L,0xef25714741071528L,
-        0xfe227bc8c3a0079cL,0x6dff050f64de7e14L,0x00000000000000d2L } },
-    /* 49 << 259 */
-    { { 0xefa6ae34e7d9c270L,0xb1abcf3dcd99fc38L,0xed1681698ef0d319L,
-        0x3648e51e7269773aL,0x0b08bb8036ce881bL,0x9055f280db3f6fc8L,
-        0xe95823b16ad5efdeL,0x0a18738401dfee23L,0x00000000000001acL },
-      { 0x2a8f55bea8a15ccaL,0x96c9c72dde4c36a0L,0x439e0198306f2426L,
-        0x225257a55ad4151dL,0xbd8a9150e4407dbcL,0x93ded257490cbb52L,
-        0x70f1e3f2f0fb6dcfL,0x8d424da6ceb42cfaL,0x0000000000000194L } },
-    /* 50 << 259 */
-    { { 0xd80664eabe1827eaL,0x8444e48081e18779L,0xb6e6246bfc3ae63eL,
-        0x48ff2368b6e36f8bL,0xf79455fdd4a8a970L,0xe3403cbb1f46a06bL,
-        0xad00139dab2a8c5dL,0x68a9ece4fabd20d8L,0x00000000000000bfL },
-      { 0x8240e0275b7b9242L,0xe89bd598dbd8c035L,0x761d0b2eec9d4f1aL,
-        0x111fa0e57df88f57L,0x4741f6b016d01143L,0x0f4b1c1ae59c8337L,
-        0xa23d571e0fe0544eL,0x84be6651ada2d65aL,0x00000000000001bdL } },
-    /* 51 << 259 */
-    { { 0x4835246b6aff5b05L,0xb280322a955831bcL,0xf96ece94ea39c9f2L,
-        0x3282ca94819d4198L,0xffed1187773856f8L,0xd9f62443678893c0L,
-        0xac106b951224557aL,0x4ab67573ee3a017cL,0x00000000000000d5L },
-      { 0x5a4f21a86940798bL,0x25024af6ee0b3a60L,0xeeb9fdf73f8b5370L,
-        0xa76a2c14c102bf6fL,0x0c1da7e1f47f6803L,0xd2f244e7ed271ffbL,
-        0xbc823e462de8cdc9L,0x07bbcd925979772aL,0x00000000000001aaL } },
-    /* 52 << 259 */
-    { { 0xe1db6b7c281e407cL,0x2bd41b23f0f0127aL,0x8c62b1db49d40963L,
-        0xa0a5378e4aecf129L,0x0ab063f6afb779b9L,0x9fce0a3976caf17dL,
-        0x361c82ec51f85f9dL,0xdc45a48c857d1c19L,0x000000000000019cL },
-      { 0x01fd89c64251f9f8L,0x1ba0872e3d68ecbaL,0xed3894017d29b968L,
-        0x7de4a3b2496be4e3L,0x3e8815a6d28dc1a4L,0xb4a743b262683444L,
-        0xc9c4a64ad0be70a4L,0x3e79e5754095638bL,0x0000000000000053L } },
-    /* 53 << 259 */
-    { { 0x65d9c77be8976523L,0x0ac11fd66fc3be5eL,0xe939a935d9655ecfL,
-        0xc9debc12fed311c3L,0x0b460f9bae0088a6L,0x28a82b09d0f0139bL,
-        0x15465c4bc746dd3dL,0x4c149c73f132fe91L,0x0000000000000061L },
-      { 0x7556718de6868a48L,0x8da2dee8b28b880eL,0x24856a384e5dda6aL,
-        0xdc76c7a70ea27973L,0x9fc3053c360bd595L,0x8d41a89c3e1540e4L,
-        0x4b7e977841c20751L,0x14907ac0e8d84b0eL,0x0000000000000011L } },
-    /* 54 << 259 */
-    { { 0x4f736d9a66c5c0c9L,0x2677a79c58a4b4fcL,0xf612bcf8a49ad272L,
-        0xf39799188256b986L,0x1957f6626eb7515dL,0xefbd5ff12964c253L,
-        0xc33ddfe1e8447ca9L,0x9638690a39b7430dL,0x000000000000015fL },
-      { 0xa3552fe58470d9dfL,0x2a0d1fdf093484ccL,0xb81bda1be2eb7fa8L,
-        0x3634d9242688d523L,0x11f94f70cc600f24L,0x87021e6c2adf964fL,
-        0x35b07acd5ace8426L,0xfa2853e1dc2e6f71L,0x0000000000000142L } },
-    /* 55 << 259 */
-    { { 0x2575efbd283e89e9L,0xdb769726720a620fL,0x37c9268d59c0da16L,
-        0x7f35d8bbd0357166L,0xbe8309c61eb19a85L,0x74eb837d19a077efL,
-        0xb1eb237daca65900L,0xcdc312ad0d7c99c7L,0x000000000000002aL },
-      { 0xbe10915aed84c76aL,0x7b0f723a85519abbL,0xf538710f42a081a6L,
-        0x78265356dcbbd734L,0x0f499a07096e7577L,0xff5daaf70079b100L,
-        0xc8bf37a2eb6c1ba4L,0x84ac26592b098eb6L,0x000000000000017fL } },
-    /* 56 << 259 */
-    { { 0xab4d88d64a5595dfL,0x6c8dcabeef39ae0aL,0x2624df12f37103dbL,
-        0x86be6542141f2376L,0x647ba3bba25fabc3L,0x5332a3fce7456368L,
-        0x6d3c328ba44bfa16L,0x34a647fa239e3b29L,0x000000000000009bL },
-      { 0xaa7ad625991ffeb1L,0x4e43f778d03d63f2L,0x39cf73f43cab9baaL,
-        0x2250a6ab66f0706bL,0x83bbddff0e7828edL,0x8c63c4f79209731eL,
-        0xce7951a6b2988761L,0x9d4e402fcac241c2L,0x0000000000000150L } },
-    /* 57 << 259 */
-    { { 0xa12465c4df67bdd5L,0x9218ff8bbc9eca2dL,0x794924a761d09f06L,
-        0x89d11f65e1dbf4b3L,0x60e94678bcbbbecbL,0x34187685a297c4c2L,
-        0x2169b8c93c788f5bL,0x61e7a4603bb5d6c8L,0x00000000000000e3L },
-      { 0x25af24472719a0edL,0xdc1c88f4edfbfd6dL,0x0eaec9a6d9888a49L,
-        0xcf7bc7e4fc0565b0L,0x7d9b1b74cd500f9dL,0xd2664e1ae2b62831L,
-        0x18412cb253f95ba4L,0xb652b95b9c4b365eL,0x000000000000012fL } },
-    /* 58 << 259 */
-    { { 0xcbcce98ffc07fefeL,0xdf3b08fa0bdfc750L,0x4e39fcd4fc05529bL,
-        0xf2aaac2e27114979L,0x7131d54541e195cbL,0x933fa5193f41e9fbL,
-        0x630c99b3e95fc9dfL,0xbd5163825cbe8a8eL,0x00000000000000c9L },
-      { 0x3c6b0a2406057628L,0xff27b4a4ef249b30L,0xe42dc28302e9465dL,
-        0x71d7d424dd0bae7bL,0x4d04ba9f602f88c3L,0x6111058a74d2ae5bL,
-        0x2c382c9cc3712cc6L,0x80b7d0e14d5b66d2L,0x0000000000000017L } },
-    /* 59 << 259 */
-    { { 0x019c03604022dbe0L,0x592bb5efcfee0bd0L,0x19be33c02b149c03L,
-        0xc89d18c2ba04db0aL,0x5a3f5d450bba9aa2L,0x01319e4ad2d6cb21L,
-        0xf6e9f27badc7b155L,0x5bdb9a7844825e84L,0x00000000000000cdL },
-      { 0xfd75100dca64ee61L,0xe13ed4adcf163911L,0x56d0e58980d2069dL,
-        0xf8064a05c45fd383L,0x64567521ca0632f6L,0xebfe94ed94c7f528L,
-        0x80f8b30a5e4debb5L,0xa3d53bbb3bc900f7L,0x00000000000001baL } },
-    /* 60 << 259 */
-    { { 0x72ce80061672b5e3L,0xe0d15784257ac5bfL,0x2083a445fbb308f1L,
-        0x2fc46f2dc8e53f2bL,0xad835795aa2adb58L,0x89b3d1edf35d6ebdL,
-        0xcf54ea81724a0efbL,0x3085e94b513eb0ffL,0x0000000000000046L },
-      { 0xc1d6ca589b47ffc7L,0x553268ba41a17354L,0x15f50394aaba1ae7L,
-        0x9377378dcd023c80L,0xf5556f2a70213614L,0xb56122a4cb30db70L,
-        0x03ae2b4c59650a3bL,0xbbfaa947e337a318L,0x0000000000000108L } },
-    /* 61 << 259 */
-    { { 0x0c07f65f3e218411L,0xf93336dc34e3653eL,0x915543013151ee8cL,
-        0xcdeb170ac7b83bc3L,0xae1673cd6ed8c8afL,0xd6fa1c4b8a778809L,
-        0xd98dc5cc95d4e2f8L,0x50a6f916a906d0afL,0x0000000000000048L },
-      { 0x9842940d56885519L,0x487e1610eaed31f7L,0xb4336a8018cc4dd5L,
-        0x92384fdd9eed314dL,0x39f2647569b8de9dL,0x9fd9be6b397286f7L,
-        0x861bc717ce04611aL,0x5eb3a63d5d9aafe8L,0x0000000000000022L } },
-    /* 62 << 259 */
-    { { 0x577a30fa4b357fb9L,0x36a9492463e6b447L,0xfce5c432731fd6c4L,
-        0x48eaf60527d69a4bL,0x0c5fabdef271da03L,0xab9ab8bd570d0974L,
-        0x07780c6b9c004fe5L,0xe78c11feecd1146cL,0x000000000000015aL },
-      { 0x52c4fa6239153966L,0x7aebe3aa7ba8471bL,0x618c9a3ce81fa8a0L,
-        0x7abd26a68a47b9d1L,0x844c1024f06473efL,0x6231f29ab4072d4aL,
-        0xe698c315218d976eL,0x39b20c9ebfbe05f4L,0x000000000000001aL } },
-    /* 63 << 259 */
-    { { 0x407010d297770b95L,0xe2490ae0b2c13f78L,0x7cb994e1b8634a50L,
-        0x8ccc0776281300b9L,0x1c7a056d83f81cc6L,0x592034c74d47f984L,
-        0xc170bd8f7df09160L,0x07b59c4e6cf44c96L,0x000000000000003aL },
-      { 0xdc66941021689ed3L,0x4ddc860456288484L,0x68bfe9ed8f1a853aL,
-        0x426531e548e4f90dL,0x574498889bc57ac4L,0x5144cfe92e90e5caL,
-        0xfc1d8502d5f8796eL,0xcf50aeba50c5f60fL,0x000000000000018dL } },
-    /* 64 << 259 */
-    { { 0x225256fdb79711e5L,0xbdcf3433a6a843b7L,0xbd3d4548414a71abL,
-        0x2e13fd39e29e7606L,0x194b6e92e07f29c4L,0xd6f5e492b68fd0d2L,
-        0x3ac649985de0ae9bL,0x10e5afe94e5ba961L,0x00000000000001f7L },
-      { 0x27df3c4b8ec9ccffL,0xdb2913722a7b0a2bL,0x1ca89222f045afdeL,
-        0xa666763c69c99247L,0xd8d9f6b199033177L,0x10b696f690eca082L,
-        0x41991d660d180f50L,0x7cee7f9b82d6f6bcL,0x00000000000001dfL } },
-    /* 0 << 266 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 266 */
-    { { 0x853233c2b24565f3L,0x43478b915fbd38c5L,0x962087ffd2a6992bL,
-        0x403427f45ec71ec0L,0xc07276099b151a4fL,0xa8bb2dc4dfa1844cL,
-        0xa20d339e101140e4L,0x0df52fbda1c70e3bL,0x000000000000002eL },
-      { 0xdc4129870447de06L,0x080b5dd16cd90fa6L,0xcb6a6bc7c4ecddc5L,
-        0x9462fbda970fe140L,0x4b0cda7ea7581610L,0x6437af41dcab0c19L,
-        0x3ab19e3f4e100705L,0xf8e93a95adc5e7feL,0x00000000000001f7L } },
-    /* 2 << 266 */
-    { { 0x38ee58f048e075e3L,0xf285797e18d38b67L,0x02e97c63a120348dL,
-        0xc64defa717bff13cL,0x0fd5b7237f983d56L,0x70acc4a830d1770fL,
-        0x0f0ec2d749151740L,0xe99f0a612968c0dbL,0x0000000000000174L },
-      { 0x4a5d683a67aa8ad3L,0xfa3a36cc56c69e37L,0xa392130edf8a093bL,
-        0xe80d7527c840b37cL,0xa28eb4926ab73b96L,0xeece0912c7d4304cL,
-        0x0b900a1130b9dd79L,0x43d757e3a20c5d55L,0x000000000000018aL } },
-    /* 3 << 266 */
-    { { 0xdbc8e45f29056168L,0xb1789b8f8aa24063L,0x8e394ec4e8af7801L,
-        0x451958953e6dacb8L,0x42e76886d8e18229L,0xe9be1e0238912e71L,
-        0xf4cc3bbbc793af2dL,0xa7dc4d1bb6ef26b0L,0x000000000000011eL },
-      { 0x0255437c02adbc28L,0xad007fd57f4098d0L,0x5b827c408ecbf87dL,
-        0xb9acb85cbf9b34ecL,0x6d45ae094a85c2b6L,0xee94e87b95bd71adL,
-        0xa7f0f61b420c1eafL,0x8f39c45c8f1291d2L,0x00000000000000c0L } },
-    /* 4 << 266 */
-    { { 0x56f74e6985edc827L,0xafe2ef0a6a731640L,0x61f8bcfdd51647d7L,
-        0xbeabbb8f41e33fa7L,0x3e4c3aaeec83c547L,0x48a9d1e92cc8dd97L,
-        0x7b4d53b5e57d3822L,0x92387ac8a45c0584L,0x00000000000000d5L },
-      { 0x802ece3dfacdb1cbL,0x9e4f5d209e537236L,0xd10acc25386a5610L,
-        0x53f55d464c6c0247L,0x390fe9808c419fa4L,0x8b0a8aa6bed2bd92L,
-        0x90e7f479f854424fL,0xd714bfb59e7f4392L,0x0000000000000074L } },
-    /* 5 << 266 */
-    { { 0xddbded0597026decL,0x12f1ff098a199bb2L,0x761a746fc1428d3eL,
-        0xb9495d7ef012002fL,0x7a7c2c3aa50c6565L,0xc1264e37dc970f6dL,
-        0x4f05342c865a7518L,0x9818d13d49d9ae95L,0x0000000000000195L },
-      { 0x1bb4a4a08cc45e7fL,0x5fba73b315781343L,0x1e704a47f68560e4L,
-        0x90fb65e54eaceb4fL,0x95438866400ac026L,0xbc4b4d817e6f6a48L,
-        0x3b2bbaaf6e7d0d0dL,0xddf027615419780fL,0x0000000000000070L } },
-    /* 6 << 266 */
-    { { 0x2f9cf1972fe33230L,0x17021cdb2ceae391L,0x18b273a28a2ad728L,
-        0x53289496e7d3cd0aL,0xfbf1d2dd06775a09L,0x445cf659aa70465eL,
-        0x69ef17ef44d92276L,0x852c4f629a70a820L,0x00000000000000d9L },
-      { 0x24819cb9192b4bfcL,0x2a3259fffd8c7b97L,0xb39c9e000e31618aL,
-        0xf4dfe5b7f802aa84L,0x57bd5d63fec026deL,0x4cb4de99848b4c62L,
-        0x68c65e5354a00cf3L,0x37ed0124161b63a7L,0x00000000000000c8L } },
-    /* 7 << 266 */
-    { { 0x2a5e0c228610952eL,0xbf871948e20cb271L,0x24fe902d31955404L,
-        0x9678b0feab00b79eL,0x0d170ac43fd72c73L,0xc91bb075236c56b0L,
-        0x45feeb4f75044149L,0x8cd5418362f8b77aL,0x000000000000015eL },
-      { 0xadceca285c84440aL,0x27d8d9ddcc727b54L,0xcaa94f511f1d6f1eL,
-        0x2e5e70ce41c288a6L,0x2bc6ff5b6c8116cdL,0xd84f24cf5725753bL,
-        0x71d36b45a268b9d2L,0xb10ff02719274e7fL,0x0000000000000065L } },
-    /* 8 << 266 */
-    { { 0x9abf4318e7c8e1a2L,0x89fd5c8d5ef038d0L,0x20641c7c755be1d6L,
-        0xfff489fb38b2c08cL,0x792104e1b3b3a7b1L,0xd8a69114c507e7d7L,
-        0x4c07f5bac1ac93f9L,0x0a2e3d13315c3a89L,0x000000000000012cL },
-      { 0x016026bed523d79cL,0xd4e3d86f00ee5640L,0x07627a1ca8e8f5cfL,
-        0xc07c67f8533afedeL,0x081a516dd3bed1acL,0xddc6f44086e8ff0cL,
-        0x4df71bc8c112d075L,0x2b8cc08f7cc49d32L,0x00000000000001d0L } },
-    /* 9 << 266 */
-    { { 0x8f20e8e5296dd3e6L,0x5b35a6296564254cL,0xee36dfc32969a7f7L,
-        0xa32df83a9b8ce874L,0x449cb63355989616L,0x1cfec15081a04ac4L,
-        0xd625a5fa5f6ac24bL,0xea46b54e1f95a1ceL,0x0000000000000093L },
-      { 0x08e7153e171cc8e0L,0x0b4cc450c58a9d47L,0xcca705da93881d6fL,
-        0xbb825112c702b9a2L,0xffa42735ea68fb62L,0x5ccf465db32b28d7L,
-        0x6c099defd7fc4547L,0x91a920d33f37b44aL,0x00000000000001cfL } },
-    /* 10 << 266 */
-    { { 0x3377ff96a34b8405L,0x735fe3b8a3607c6dL,0x05bb89954a680280L,
-        0x2a1b844443f751d4L,0x88577381b6131136L,0xf6095111bd4bf7bfL,
-        0xdbb63de95babc815L,0xdcbda003457174ffL,0x0000000000000125L },
-      { 0x4c0dac17d659699aL,0x0c97f1a4b90797e1L,0x86e3f70037c1752aL,
-        0x28770759661a54f7L,0x696ccdc1f0226610L,0x36399bea2424ad25L,
-        0x94f98b4bbaa7e4e0L,0x7e2207dd8e149164L,0x00000000000001e3L } },
-    /* 11 << 266 */
-    { { 0x3e459b94f997f2b7L,0xe2c4670e5a5ab47fL,0x6c42f7bea7277f71L,
-        0xb6f4a867b849ea22L,0x9c261ef533ef93ebL,0x14faef70383434e8L,
-        0xcc2581fe68ecf568L,0xbb425d21b0d9b128L,0x0000000000000069L },
-      { 0x43dd049b2a74207cL,0xd89e8403d14cc7c9L,0x5e4b96d61aa77222L,
-        0x64f3514b16efa356L,0x9336114aa79aa125L,0x86cfa19308e23be5L,
-        0x6b0d3088316a61e2L,0x8ba7f7d478b735b8L,0x0000000000000041L } },
-    /* 12 << 266 */
-    { { 0x74af3f63edfcbedeL,0x6b0830b11356f827L,0x060db15a02536f8aL,
-        0x166f9099f7095358L,0xd759efb4e03b9601L,0x05a4e29768484f67L,
-        0x469b4832dc631a7aL,0x7c5406150bb2b1b6L,0x00000000000001b2L },
-      { 0x590174e012481c04L,0x8d4ef6c7d7180a84L,0xd134b543303674ddL,
-        0x60dbf72600c378b0L,0xc60e026a93d8406cL,0x57af4a82082c527cL,
-        0xe3d038fe349a607fL,0xa7cb9b475a3582e5L,0x00000000000000c6L } },
-    /* 13 << 266 */
-    { { 0x113d76470bd80953L,0xe4478391e4fd3d00L,0xb599a4a78a9e2693L,
-        0x9b0a26a00c2122b9L,0xa06d75d822f2ab6cL,0xa91bce84d181c4b8L,
-        0xdcb896f252c19efbL,0x5c009091838a3552L,0x00000000000000faL },
-      { 0xd077530a7a3feb1eL,0xb923c5e923a5b8ecL,0x518a1fde94742d7fL,
-        0xf5d7ccd85609a48eL,0x98a271bf88865d38L,0xafea9987a60efbd2L,
-        0x145df51ead05f497L,0x776f6dcf9f9e829bL,0x000000000000005eL } },
-    /* 14 << 266 */
-    { { 0xb4b3726011219674L,0x47c3a79526626299L,0x64c93e90f7b9b98aL,
-        0x08eff93aff8e46adL,0xb4204ee85b43c5f6L,0x520b0790611d0ad4L,
-        0x29d122dcc1dc2742L,0xcbcefa6e3169b5fbL,0x000000000000000aL },
-      { 0xd43ca630a537c7b5L,0xae40e59aa9c0a428L,0xfdf9b81999f2182cL,
-        0xca851eccec7e7227L,0x6760158bab6a8d6dL,0x3875e88ce215b7ebL,
-        0x569be1e84514f9e0L,0x0a0a202ae14d5c5eL,0x0000000000000124L } },
-    /* 15 << 266 */
-    { { 0xf6eefade50247dc1L,0x507af32ce36262f1L,0x7e981908f13b6ddcL,
-        0x7212c2b68c8c8580L,0xf643133ca54e7f13L,0xa1b10239c4a0069fL,
-        0x18ae36e186279c29L,0xe4f7235a61fbeaf2L,0x0000000000000167L },
-      { 0x4bc859b15533c37dL,0xdc59cf0624b1408bL,0xf488d1e9100554dcL,
-        0x3eaf3d7920b37912L,0xa87f0850ee5acf54L,0xec6d7d40fd3bb7e7L,
-        0xd95e630cb6b4eefbL,0x1aa0a4a5b2a5e55dL,0x000000000000005fL } },
-    /* 16 << 266 */
-    { { 0x69017ed5f1c86157L,0x8ad717eb3aabcca4L,0xe14dd980e57ac297L,
-        0xc2f0da4b931e307bL,0xde7fd5799080b37dL,0x45bf6f6414134de4L,
-        0x5cde0727ac019cf3L,0xb4e5c2e7863e739eL,0x00000000000000e6L },
-      { 0x094e085628e15f36L,0xf92c44fb46276090L,0x9219998521cb21ccL,
-        0xcedcd4f2de53957dL,0x802c6f95b6c417ebL,0x0ea41a2b6075e71dL,
-        0x194d6fb1b9eec681L,0x8e7cd41f2e0320d8L,0x00000000000001caL } },
-    /* 17 << 266 */
-    { { 0xb35b4973fc9a8271L,0x07df6c1baa64d87bL,0xf8a40753c20694b8L,
-        0x9e99bcc963c0ee99L,0xd1a9e1547b93b57eL,0xdf820e3853787f84L,
-        0x27f53ecd99f332cdL,0x4fb11f5a9232ec79L,0x0000000000000088L },
-      { 0x24b553cbee20f924L,0x0b7ef51349d43360L,0x96c9487ce38d79baL,
-        0xfdb1c74fb5ed12bcL,0x21685ed84900c152L,0xa357e469e3bf2258L,
-        0xbd08ba2c6fb351cdL,0x6bf4eab57c702332L,0x000000000000019bL } },
-    /* 18 << 266 */
-    { { 0x4d9b809e882e2e8dL,0x9c08905471a4d335L,0xf7d10eab057174cfL,
-        0x2362775e835f8b97L,0x02cffff193e325e5L,0x5da2c5e530a19357L,
-        0x3682adb3fac8a110L,0x0c80cbc5842d7712L,0x00000000000001d6L },
-      { 0xb1f34b5ce63fcecfL,0x1b7ef8b72036dcacL,0x1e77a65bf2918bdfL,
-        0xee7953ef56dec2d7L,0x3bb9d2d96e8dce20L,0x690991b765dc8ddcL,
-        0x289f7b1c5127b031L,0xcfc012e6b308fb5fL,0x00000000000000dfL } },
-    /* 19 << 266 */
-    { { 0xe4e588655455e3ddL,0x0a3faf6e37979e4dL,0x0fb1185abc2baf05L,
-        0xa7757468231db3c6L,0xdfaa6b1e2dece4e4L,0xe0fd7fbb57b73e1bL,
-        0xd0a759633c1319ebL,0xfe723d7944751078L,0x00000000000000f2L },
-      { 0xf34d75824e65024aL,0x4f3e335728712abdL,0xd736d0a0dc0619d8L,
-        0x700cb63c18df1a77L,0xa741d8188dc6f72fL,0x1fb046b4e3f4ce0dL,
-        0xe4c65bcf36daa0d3L,0x7de83bf3e0a1b42aL,0x0000000000000118L } },
-    /* 20 << 266 */
-    { { 0x5466a9901fe423c0L,0x59f6a48ba57e7875L,0x09a9f84acb7bd46aL,
-        0xb5ae0d9469e02df0L,0xaecc3392d9fec11cL,0xc94de920a4bcd130L,
-        0xfb5b36f882c78f1bL,0x32ad1cf22d4fc970L,0x00000000000001fbL },
-      { 0x8cd894d5df0a2534L,0xcb83665c9735fc04L,0xcbd9157635169f6fL,
-        0x2f3b64a72775c9d4L,0x80c9608fdd6410d3L,0x6503badcbcad20d5L,
-        0xbdb308571b2b1640L,0x92338c7878fbc82aL,0x00000000000000d6L } },
-    /* 21 << 266 */
-    { { 0xac3b7a4a49a3cdceL,0xf58661f0a02ad4fdL,0x1ffcfa7c613c7e53L,
-        0xf2524615a312b766L,0xcf475cfb5616df03L,0x4cfa2b326c13fc81L,
-        0xbccd8375bc58b87bL,0x8abab16ea321ba9dL,0x000000000000011dL },
-      { 0x3e0c8aa36c9c6bdeL,0x52b709235145030fL,0xb3b79def957b71bbL,
-        0xc5d4d6d82ae65cb2L,0xe46b42854fe000d6L,0x7f0cbea3df9a4175L,
-        0x184a74fff4816509L,0xd4309c3fda9b614fL,0x00000000000000ceL } },
-    /* 22 << 266 */
-    { { 0xc8015af9e84d1058L,0xfde0b0b44630167fL,0x75a6485be04303a9L,
-        0x386d40635dc6a595L,0xb6a7e6ddb5e1fea7L,0x88760f62a98f79ffL,
-        0x0fa02a3715ceb5eeL,0x3b5f506d6b7b4aa6L,0x00000000000000f8L },
-      { 0x03364c2377688a7bL,0x8efa63b109c6d5c2L,0xb57aa39794f3f323L,
-        0x1527ffadfc11fce0L,0xfe42ecd364d6096aL,0xfdc0cc40d56842e6L,
-        0x4e82c4c8770bfa36L,0xc43342307717694dL,0x00000000000001d9L } },
-    /* 23 << 266 */
-    { { 0x4fcdc0c1d5f4e912L,0xfa7cfaa4004a4db8L,0x25aecad367023dcaL,
-        0xca002afd5eb57cd6L,0x34541373741405d5L,0x67a0d594d3812ce2L,
-        0x7b34bef0cfcf2d6dL,0xd6cf2f835bdd535aL,0x0000000000000110L },
-      { 0x454609ac442959beL,0xe9237086b8a51511L,0x6fac92553babcba9L,
-        0x78f71e6b27e7884aL,0x92d4c3ede8f4feb6L,0x52c5d2b4420fbfedL,
-        0x009792ee9f40b090L,0x82b8ba85df824367L,0x0000000000000179L } },
-    /* 24 << 266 */
-    { { 0x3f99e9b3ee05cae4L,0x32cc71107fa0e686L,0xfefe300a1ef8a5c1L,
-        0x232d446e86846634L,0x250f4e801ce3e75dL,0xca3146f236bae498L,
-        0x41b28b529339513fL,0xf05d31b6623cacb0L,0x0000000000000066L },
-      { 0x12b4c656682f53c8L,0xc865fa0ef72ed178L,0x7d41ffbc55f68dbbL,
-        0xe4aa53b7c0ac64aaL,0x66e397bbb7194380L,0xba629db6834331f9L,
-        0x6d14e879ea0c0083L,0xdf2e7eb0039343fcL,0x00000000000000d6L } },
-    /* 25 << 266 */
-    { { 0x0397ef6f17081314L,0x9546deb646fff7e1L,0x5b4dd93bc94171ecL,
-        0x0a8a85527444b12cL,0xb1513889b9c40474L,0x9cf88d84bb2a206fL,
-        0xb910e92085c19e6eL,0x45eccb62676a3583L,0x00000000000000feL },
-      { 0xae266163ff1f2098L,0xf440e5da0d1ec4a4L,0x3253fc3f92193348L,
-        0xe74818b8e34f82e7L,0xd5a623060676bff7L,0x27b66af8199cf83fL,
-        0x3f10e57fcc0d1357L,0x5e957d2472cc938eL,0x000000000000008fL } },
-    /* 26 << 266 */
-    { { 0x575278cf18bc690fL,0xcacf60ceb54dc657L,0x26bbb292b42fbfb1L,
-        0xdc41efa143d3991dL,0xe1b66a31f437cbfdL,0x78f6b7c39a9fb752L,
-        0x91bb4eee42b805d5L,0x6be454c8c53eb4c3L,0x0000000000000003L },
-      { 0xa33f2a2a709d0dd7L,0x991168d9fb00c9eeL,0x33f59abe2755ae74L,
-        0xddbd1abb9f173047L,0xe45fa246f4075d82L,0xbaf7b425bddf38fbL,
-        0x6a934744ccd0af06L,0x3f33c9152473c3b8L,0x000000000000017aL } },
-    /* 27 << 266 */
-    { { 0x354623ea02695dddL,0x311af2095e666b21L,0xf8aaa2aa323d976eL,
-        0xff0efef950504afeL,0x87d20f09de7f31dcL,0x6295e64a7c4596b6L,
-        0xdc29db81de13042bL,0xa145cbbe42be7ef5L,0x0000000000000111L },
-      { 0x0833ee13598cec0bL,0x3915b741a55c1756L,0x56a8ab1191e38ffdL,
-        0x8ab41e3bc1b823ebL,0x18fa8910defb1732L,0xe3454a259a628d6dL,
-        0x9e4264e494e99e1dL,0x31832bb5637d5ee6L,0x0000000000000182L } },
-    /* 28 << 266 */
-    { { 0x3ee61d53e8a300ecL,0x65e529c7e0cd8617L,0xb8c03cb0077b303bL,
-        0x05eba936d5c88dd2L,0xc1e54497d42bb4afL,0xab477aafb0589057L,
-        0x55acddc8e8f70a56L,0x6579b78b4fc80182L,0x0000000000000164L },
-      { 0x535e7ff0bc97c72eL,0x65e954c9809dc093L,0x49edc4b8cd182ee3L,
-        0x804874f9877d38adL,0x20104ab16df1638dL,0x78459a4b748ee6f2L,
-        0xb895205d3504aa35L,0xbf26ac8af8089e32L,0x0000000000000041L } },
-    /* 29 << 266 */
-    { { 0x414660fad60c46d9L,0x771ea3b5defcc1eaL,0x47e275514478526fL,
-        0xe13deda6872bc6bcL,0x6a8af4a708e6829eL,0x0d234a58c0cc0817L,
-        0xc209a0b1993176d4L,0x703a36e8e4d7c55bL,0x00000000000001e5L },
-      { 0x00e521dbaf301144L,0x8cd4f076373a95e5L,0x1c409a63aacbb198L,
-        0x1712c6cf0c0dd3d5L,0xc2bc08609ade8d6fL,0x0f2f51bcce84b335L,
-        0x76bf54aa4a193540L,0x0b17b9455c0db4e1L,0x0000000000000040L } },
-    /* 30 << 266 */
-    { { 0x76251b3e9f2d82b0L,0xaeb86af12e4a0ac3L,0x01448c52ff3f9965L,
-        0xa3280f7c61042ff9L,0x1845a38fa1a3a6fdL,0x802be4bc51d4dd8dL,
-        0x189cd677d4837b6dL,0x9b052dc25af0fb47L,0x000000000000007eL },
-      { 0x91e76d5f5c765e26L,0xa63a93d821904658L,0x03318a472af96a70L,
-        0xe2b55958bc3a294cL,0x4aa9d90d9f7a740bL,0xdbb00ae4baa31d88L,
-        0x83df26343920d053L,0x33b1b418ce51fe2dL,0x00000000000000baL } },
-    /* 31 << 266 */
-    { { 0x6c95ebc8b8c1d76aL,0x70c33cc22d77832aL,0xa73477b6b48e542bL,
-        0x6d00020b6eeb8df9L,0x03888e1c3df975fbL,0xae48633704e49a91L,
-        0xfbc90f2f0d90bd52L,0x44ead1e3dfec8b7cL,0x000000000000013dL },
-      { 0xedd5fc2f83ac4742L,0x88933280ea5af10aL,0x369ae840a19847d7L,
-        0x2404ca4e99b4a8f0L,0xade7c798d4e88a47L,0x049832ae08308b57L,
-        0xb5fe206808d5ff33L,0x234872b6142fa38dL,0x0000000000000130L } },
-    /* 32 << 266 */
-    { { 0x3dff858061e5aa9eL,0xa33aef70955100c9L,0x7a52da3956ab4275L,
-        0xefe16518102c4123L,0x8faeb0188d2e4d91L,0x3516243081719f70L,
-        0x4ef1fb91fa78398bL,0x95eb0d18c351721cL,0x00000000000000dfL },
-      { 0x90c4d877e5f04c88L,0xe108471abf176e9fL,0x8efd42750ef8e8fbL,
-        0xadb1fc8e3b26ba83L,0x35050fd319bcb6aaL,0x00a7180d1e9a804fL,
-        0x23ae97b660b511c8L,0x07d0be62403cef81L,0x00000000000001b3L } },
-    /* 33 << 266 */
-    { { 0x5c7f1fa9f7983284L,0xad20a27f4cf3733dL,0x848a72d4d256795dL,
-        0x11cd1a8f31c2d9bdL,0xd101e6cc7875f7e6L,0xea169cd1013cee4cL,
-        0x7c00964f6ba5c6f0L,0xce957f49def21557L,0x000000000000019fL },
-      { 0xd87fec0c8fd38646L,0xc44d7c05105da346L,0xbbf95c4d910c4d58L,
-        0x6a379cd0ed266251L,0x3201baf27b4b75b5L,0x6835bd3cf593add8L,
-        0x09e93440b444ffa3L,0x8dd8d5428a999e34L,0x00000000000001a8L } },
-    /* 34 << 266 */
-    { { 0xcdcc17966d01191eL,0x76069b30cc266a67L,0xfe9a5cc93738b9e9L,
-        0xbf210857b8d72f0eL,0xe71cb6f7c51394e6L,0xad01d21bdaf33303L,
-        0x34c92183dc573fc6L,0xa293b60a8177e535L,0x00000000000001e5L },
-      { 0xe9e6f1516e74482bL,0xd9b14871a07f28dbL,0x9ec270143e8ba372L,
-        0x9050edcf579d622dL,0x2b3d57a3b7a0dec1L,0x5282d3fd7399d805L,
-        0x46fbf40518b06ba7L,0xf0d75d34706066edL,0x0000000000000089L } },
-    /* 35 << 266 */
-    { { 0x88b9a526ca277da1L,0xe990008438a61571L,0x899e1a40fccf02aaL,
-        0x5b352690d569929bL,0xc363f9897750040aL,0xad91ef44bd062400L,
-        0x3dc71c7812eaa485L,0x7644bd1efe306e6dL,0x000000000000007dL },
-      { 0x7f8ad11ceccd773eL,0x13cc76ea8b4bd7ffL,0xfba893a3a1e0a336L,
-        0x3563ef917150a5e3L,0x2676215848bb8dceL,0xd02351235bc0826bL,
-        0x284c75afcaf00888L,0x127c932a48b68a1eL,0x000000000000012cL } },
-    /* 36 << 266 */
-    { { 0xd877404a6fc3e4d4L,0x90f4424143959c60L,0xb11bc0dfadd26aa4L,
-        0x45c833fe8773bddeL,0x26e39709ca264f8dL,0xcc87592446314f2aL,
-        0xd9def19853ddf49aL,0xcd60de6495742a00L,0x00000000000000bbL },
-      { 0x5cb1207487d742a0L,0x41ddaa31655afe45L,0x69765ba5a54ece2cL,
-        0x575d21810b4b57b8L,0x8540de4bfdec936bL,0x2d73ccba13c17184L,
-        0xdeba26f2a345fe93L,0xf9a8115844fc190cL,0x00000000000000e6L } },
-    /* 37 << 266 */
-    { { 0x20db3c8c67046c7eL,0x5c5899fcbd8b92cfL,0x707ec19eda3d6021L,
-        0x3d4b9927fbc017dbL,0x6d8757ba35097e5dL,0x6daf1a7097e8598aL,
-        0x84677a8a65cf83adL,0x99e82cb24b4483a1L,0x00000000000001b6L },
-      { 0x85ac6ec39423cf6fL,0x746d4cd7f8ea9921L,0x7829a0ad8b6c7446L,
-        0x17833a99799b235aL,0x04cc99281cdb0e56L,0xe119f3213d1957beL,
-        0x9d723d47d6f73bb6L,0x478afffc456cd261L,0x00000000000000cfL } },
-    /* 38 << 266 */
-    { { 0xcac9ee0296bb50a1L,0x344a30a171b75917L,0x7040c29be338ca78L,
-        0x7d11b5ab7f1329d3L,0xf545164d5deb103aL,0xc056825de377a217L,
-        0xd1b8ce5d1fdc5ba4L,0x4ea7fa876b3f275eL,0x00000000000001f1L },
-      { 0xeac8c31323ff0cdeL,0x4317e5a759d122e1L,0x402d1078cf955e30L,
-        0xa26f2bb9e2aefe0eL,0xb33602a6779d0928L,0x5ad6f902966256a4L,
-        0x9f13eca6064745a5L,0x49432dbade6d235bL,0x000000000000018eL } },
-    /* 39 << 266 */
-    { { 0xa1dd69bd5714383bL,0x1ecd74467128e274L,0x5c14f4e26a0407deL,
-        0xda00128e3ea0e272L,0x3f07ca2c2e4b7815L,0xc886f05e80348645L,
-        0x987b488fb9edab2aL,0x56a44c68aa59100cL,0x000000000000000cL },
-      { 0x31c490fc20216efbL,0xc7d7cd07a226907eL,0x4f8dc600fbb809ddL,
-        0xbe7d49f895a97bb8L,0xc8632c28bc899729L,0xbccde2198bbfdb6fL,
-        0x9c20db29a3bffcd9L,0x63ae8bba2a16b4f5L,0x000000000000016dL } },
-    /* 40 << 266 */
-    { { 0xdd8026ea8d40a41fL,0xb0e2795c8f0752e0L,0x6f120a8d5e6d1f7eL,
-        0x0aa99441abaf2381L,0xa60677641815fcf4L,0xfa43027bfe2668e2L,
-        0x74557a4f87d678a7L,0x5c068d13c6096024L,0x0000000000000053L },
-      { 0x0ce11532bfd0f624L,0xce62d3a67e476a2aL,0x467ae9f11667b2b7L,
-        0xc418d77f4e4ea4bbL,0xb96c33825132ff6dL,0xca75d16c5fdb9483L,
-        0x24cf4df2d08f6f87L,0x70388217eff3b645L,0x0000000000000106L } },
-    /* 41 << 266 */
-    { { 0xce9620b3056271d8L,0x6612d8926cf33e57L,0xcd12436bbb8f54f3L,
-        0x98972847878977e9L,0x066c6a3753a12cf9L,0x80af4b986f85ed96L,
-        0x939721e3a7d2b688L,0xc07ca3cfe4b6e967L,0x00000000000001dbL },
-      { 0x5b3c9f28b32ef369L,0x2e365cec90bec7a7L,0xd2755e2441f7a73dL,
-        0x6eb6f889ea6be0adL,0x19a373073dda2212L,0x07bd68ee7ab4b633L,
-        0xadab0fac6a787bfcL,0x5cf888d8ce37e38dL,0x00000000000000d8L } },
-    /* 42 << 266 */
-    { { 0x9818697810a4cecaL,0x6360bc55d3c03045L,0xcebe3bc3f1e322f0L,
-        0xfb5d861458625a5fL,0xe91937a64f41216cL,0xd94e229fa392d9f4L,
-        0xe9cbfba022aa028bL,0x7c8a3d9b9f26e506L,0x000000000000004cL },
-      { 0x8095d4ac44690ed0L,0x8e76d94ab578e759L,0x25a1ead877504659L,
-        0xe7ffc4626bd2caf9L,0x18085dd8c7dcce0bL,0x336faefbf5476396L,
-        0x5e94e9dde08c63f9L,0x9be80bf65614a1c5L,0x0000000000000051L } },
-    /* 43 << 266 */
-    { { 0x225252040c05d291L,0x8254fc5ea459cd01L,0x7826a55fb121c3b1L,
-        0x0000dd29a49d91aaL,0x49463679dee46523L,0xcb5fab5db2c6c30fL,
-        0x70d7ed1edabb3865L,0xceac3e388d1d4152L,0x000000000000012aL },
-      { 0xe5ab8203b1dc6339L,0x00871ca7d6a1dae0L,0x3831e96762dc6379L,
-        0x6d423be07a6a29caL,0xad645df0e61ffe3fL,0x68567d31e414b0ceL,
-        0x48455422119b3661L,0x6860c25d6c3cf9ceL,0x000000000000005dL } },
-    /* 44 << 266 */
-    { { 0xf04691638d0bc669L,0x62b84488e939f5a9L,0x0d3f495380fe63b5L,
-        0xe39a7aa158880c15L,0x74df281ee613f21dL,0x908934dcfa016692L,
-        0x5b9cf6cc980904b0L,0x0f3aa0f43a17dd3aL,0x0000000000000105L },
-      { 0x346bd219651d59e1L,0x51024297c71b37bfL,0xc634d031f0640f18L,
-        0xa657da60ff003294L,0x9cfc79fc15aabd29L,0x56807dd77b4a869fL,
-        0xcd97cd8959d9033cL,0x58640103a3233c39L,0x0000000000000090L } },
-    /* 45 << 266 */
-    { { 0x1c1d333fe7c0c2e9L,0x5dad349290d5ed65L,0xfd50637bd1fbf910L,
-        0x73765e39d92af73eL,0x97100d8c7e12eac1L,0x2dd53ccca486a059L,
-        0x0a8949c5fca9464eL,0x86fee09ec1d1e819L,0x00000000000001f3L },
-      { 0x14a6857f2f1b392dL,0x55e63e4b61f6f679L,0x096b8806e2721792L,
-        0xe0c5fcf597b80c13L,0xbabc39f6d78c2248L,0xd7a963e14b2c3516L,
-        0x5d1bf511e8c0ee67L,0x15b6e43183b7041aL,0x00000000000001d8L } },
-    /* 46 << 266 */
-    { { 0x9fd0467622691895L,0x7bc9efbad1407b18L,0xbeaa1052bef6c449L,
-        0x5ec3fde4887ba913L,0xdc330887b93cc69fL,0x2f45e738189d6049L,
-        0xa5561ceda7b55419L,0x6c02e536c7c0c880L,0x000000000000013fL },
-      { 0xc480b98a11c8b600L,0xbce33f4ca381f348L,0x0993dfc429fe9783L,
-        0xde78a2b0e6c1590eL,0xe61ed1285347e99dL,0x51af7410e78af478L,
-        0x65be48f114275d9fL,0x3434df3d7cf1aca6L,0x000000000000011fL } },
-    /* 47 << 266 */
-    { { 0x2eb82ba1bd51b234L,0xc17a47adf106770eL,0x913b0804bcdd7ce4L,
-        0x2be5948e905cd641L,0xa2db49622ce3902aL,0x22c48f2c8ad6d3f0L,
-        0xab188f07cc119a95L,0xd8177552595fd7a9L,0x000000000000003dL },
-      { 0xd4de0f9cdbc3d844L,0xd195cd3257218c66L,0xbf9e5b684e68fd4aL,
-        0x6e6f3122bc74f17eL,0x6daa87f5d46c0547L,0xf636ac5282c5a92dL,
-        0x897bed5f780d6a32L,0xbcf2b58bde400db6L,0x0000000000000146L } },
-    /* 48 << 266 */
-    { { 0x79ba87baf1c9c2ecL,0x0e53555266aab703L,0x31d1d9712c990b59L,
-        0x1e0b5d0e12c6b29eL,0x014d53ff563bcab0L,0x425986f2f64309d0L,
-        0x475fc9d5318b9d6cL,0x02739c50ff59e392L,0x00000000000001b2L },
-      { 0x8bf58dfc16f1caccL,0x1c93ba4e6b08ce06L,0x79b5e0399fe18430L,
-        0xc9f67bd47de66325L,0x5def2733713d0fefL,0x31bd8b37b9945412L,
-        0x8b2b69f3f3b99628L,0xf08a7e5a3118ce62L,0x00000000000000d4L } },
-    /* 49 << 266 */
-    { { 0x421966e5b03d785fL,0x3dbb06bb2db82562L,0xfef17870e406ab4aL,
-        0xa6f04241b0f7f7ddL,0x69b5bcd1cb5270d7L,0xecbf4272e68d39e4L,
-        0x722a3a295fb029edL,0x12e1d8236a535ae2L,0x0000000000000080L },
-      { 0x57f3541d31af5bf7L,0xa9463bc40db44d31L,0x320dc4d335748c65L,
-        0x86e70f72eabc0fddL,0x47911116c02d0191L,0xb66114907b95b2f9L,
-        0x60ad777bb050875cL,0x168967505cfc66b9L,0x0000000000000015L } },
-    /* 50 << 266 */
-    { { 0x2f89c1663c2c5333L,0xddab9a55df09beceL,0x4bf00d3c6640cf11L,
-        0x8366d23df05a2e65L,0xaf81ce01e2c9f1ecL,0xbca9287ae2678ff5L,
-        0xab1854ea91ec560bL,0x2c74e77c6381b109L,0x00000000000000c8L },
-      { 0x36214f8f0b1c20e1L,0x658bf89c86a631eaL,0x160b2ce485061fe2L,
-        0xf7d151ea1d7b78f5L,0xb50a06792bdd0675L,0x8dbbd631d2f1cae3L,
-        0x2548deae849ce90bL,0xba74f3b7bb58c6f7L,0x00000000000000ffL } },
-    /* 51 << 266 */
-    { { 0xdbc33fff01a3ae90L,0xdc1fb1371737a61aL,0x7213e66891def29eL,
-        0xd99530b841d7df49L,0x23a50594943c90e3L,0xfefcb98881dd6daeL,
-        0x736b8505dbf5986bL,0x6f4c28a987496a5dL,0x00000000000000f4L },
-      { 0x92d13be9ca00d61fL,0xebd928d6dce1556dL,0x307e3fecc71ae83dL,
-        0x2a4939c2c15ca194L,0x13947cafbcad067dL,0xf4ce58667d41f480L,
-        0x1ef59d7047e07cecL,0x5d8068403796b61dL,0x00000000000000b1L } },
-    /* 52 << 266 */
-    { { 0xfea0d82ec8a4656dL,0x0fa181b503d94a84L,0x3666bfd2f8b5c4f4L,
-        0x4e246013619d399cL,0xea46dfc9c11c1ce3L,0xdfb408aa10af3583L,
-        0x94fce3f2785d7d61L,0x3244f6181feff091L,0x00000000000001b8L },
-      { 0x939d98f4add4f84aL,0x4c2e3d15e9d04356L,0x08529c57c5d1729dL,
-        0x4966bf7709597836L,0x03b9958cf4b32760L,0x2e7213b46a9536d0L,
-        0x455ceb5984faa490L,0x7d83e2f5146ed682L,0x0000000000000004L } },
-    /* 53 << 266 */
-    { { 0x3006b4db99b32f7cL,0xcc70659922b7c67dL,0x2ef09c9c5259dc6dL,
-        0x732ef8c90faf1eb3L,0xf3c83942a1837500L,0x6633ddde6cc28b75L,
-        0xd1c95f71e1ebcaa0L,0xcd6609dc9e548e3bL,0x000000000000017aL },
-      { 0xb35f17893b3da933L,0x8d169444379ef7f6L,0xbc00a35a8c84c365L,
-        0x3411d83a5ea4534aL,0x209414cbada5b0fdL,0xd0ae1bce1a59ed3cL,
-        0xeb7542c292c524f8L,0x0d233104eb75a43eL,0x000000000000003bL } },
-    /* 54 << 266 */
-    { { 0x9a4dd7b8ac1a7884L,0x2067b936b874749eL,0x52260e05d13b0d4dL,
-        0x61476a10a9c3e750L,0x2047d74ca0f97967L,0x8655120d1d34b122L,
-        0x60cd407c935034ebL,0x499ba4dd8bbe83b1L,0x00000000000000b1L },
-      { 0x6213fd52b2bdce3cL,0xda3f6f864cc05a03L,0x24183f37b78a7247L,
-        0x996bea8201ebedc6L,0x7de1df0aaed2def9L,0xb59c1f5a624d5b0eL,
-        0xd9b892084ec7e5ccL,0x230df59c54090935L,0x00000000000000feL } },
-    /* 55 << 266 */
-    { { 0x0e683a79496c5739L,0xd855e4884737520cL,0xf3b0fb38b1dea15cL,
-        0xf5118c492c55746fL,0xd313798ab9dcf49eL,0x33e97020992ef98fL,
-        0xc6ae345eabd13522L,0x47fa0669425f9edbL,0x000000000000012eL },
-      { 0x697599ad5e3eb523L,0x977313269216d4e8L,0x2bf6d652088d222bL,
-        0x852230c5114a21aaL,0x8e713dee3f02aad7L,0x02c85a4ffccdaa39L,
-        0xbebd0ff6b7a53b32L,0x103bd947b9b77764L,0x0000000000000199L } },
-    /* 56 << 266 */
-    { { 0x984d21e6b92a02beL,0xf2bba82c09f08a26L,0x9c4259d1909fba26L,
-        0xa36bcd437030f0a5L,0xf6c218e468ae6f05L,0x199a1ef30ed869f9L,
-        0x803860ff417e95faL,0xbd6bb9b4f29f7c84L,0x0000000000000130L },
-      { 0x5fd4e3b2d4e924d1L,0x388d2e0a9b2814d5L,0x8e4696653e9b1aecL,
-        0xe24a5cfe9a8320a8L,0xffd986e2a83ed877L,0x8499105d9c00fbc3L,
-        0xc6b2171f73f5deaeL,0xf1432d70f9d058f7L,0x00000000000001e3L } },
-    /* 57 << 266 */
-    { { 0x030550d7132338dcL,0xd768b93af6e8f267L,0x90ea975362c49edbL,
-        0x3d4ff755ca1676faL,0x2a6f71962a52f67cL,0x85f2473be355efcaL,
-        0xe1fbd88920c998dcL,0x70bfdc6fd8491c54L,0x00000000000000d1L },
-      { 0xcc89bbcf2b71306aL,0x10ea9edd6100aaa5L,0xd1774fbfe1f76710L,
-        0xf006f841ec8bb412L,0x7dfaa7290c2fa1dcL,0x45cca48e8fed926cL,
-        0x4600d2919e67f94aL,0xe363f267269a4cefL,0x0000000000000132L } },
-    /* 58 << 266 */
-    { { 0xd167783be279b76aL,0xa10f42afc988d262L,0x41da90eb8a53ddf3L,
-        0xa66061125539740aL,0x0575a23cff000f06L,0x150f47e563a5124eL,
-        0x8c923bf91a1c07a4L,0xac510583f4752dadL,0x00000000000001d7L },
-      { 0x32fa0b887c3a94ffL,0x7625bb5ffb91c0cdL,0x2f2be34111b94d00L,
-        0x824f6bfebcf2e24eL,0x95a9120f6f255fc2L,0xbde9336c35e3c721L,
-        0x95742cc454f31228L,0x689d8bf3a899e1bbL,0x0000000000000155L } },
-    /* 59 << 266 */
-    { { 0x04bab74886920088L,0x0cb1d789aa224f96L,0xc93eb318d28e0286L,
-        0x523d44902dda423dL,0x5150f518bcd81054L,0xe0443e329498fbc3L,
-        0x0089a01e8fd77381L,0x7f5cebd637ce0637L,0x000000000000011bL },
-      { 0x40cbeb26cb481b5dL,0x29d513b817e35565L,0xf884cd0182b961c8L,
-        0x2ebd1a191cf01a93L,0x2ab31a0b8f398d6aL,0xa15f3eaec09c3a9dL,
-        0x549b4cfc31f19b5dL,0xd42d563bdb0d2199L,0x0000000000000164L } },
-    /* 60 << 266 */
-    { { 0x8626cba3cd27ff10L,0x5f83c650dc15323dL,0x370d973042cc94e3L,
-        0x06ebd6efdb164003L,0xcda6f2d782850e4bL,0x74e500ef17a82fcbL,
-        0xddab08dbb228248bL,0x56e403d5870a453eL,0x0000000000000083L },
-      { 0x507272fc79dcfe50L,0x25ee735db3d2ba34L,0x92386ed3fc3349eeL,
-        0xb0a88de8f9ebdeb6L,0xf1ef010cdd93abf9L,0xead25256a0838914L,
-        0xce2acbc0d54b6544L,0xbc78ce9a7c94ce27L,0x00000000000000d9L } },
-    /* 61 << 266 */
-    { { 0xc6914e748df59decL,0x1fe914fc5fb68222L,0x6927c9ee4c5a99bcL,
-        0x6b391ac926d71724L,0xb702eac64ccabd0bL,0x30140f3225ef1fb0L,
-        0x2925f1a5368574cbL,0x019a246c817bdcd8L,0x0000000000000148L },
-      { 0x8b5bc82843a579fdL,0xa7df3a7e0428a197L,0xdc92a823b299e290L,
-        0xb4796ea49b9eaf60L,0x37fdf758efff2b39L,0xb51d61b119a00b8aL,
-        0xd0ba025158fec2dfL,0x4481424bdb70c86cL,0x000000000000019dL } },
-    /* 62 << 266 */
-    { { 0xdaf4f001c3742075L,0x9d21b51ee86d1e9cL,0xfe5359f1041b08a3L,
-        0x68890b43565a56b2L,0xa5dd5889cf437ef2L,0xf78e7c4621323d5aL,
-        0x0d6b8410646f2ff6L,0x7d08bb8206a40139L,0x00000000000000deL },
-      { 0xd9a729497ac5686cL,0xf03be45847486981L,0x7f3c9dc4cd31b81fL,
-        0x5c3b01b791730a67L,0x4abfeae42bcdc09cL,0x3e98e2ec1f65b976L,
-        0x280fe587b1686b96L,0x7038ea9fbcdb3f69L,0x00000000000001c2L } },
-    /* 63 << 266 */
-    { { 0x0788729410b5679fL,0x4a660d8e0e9207b5L,0x65f23f96a702eeb6L,
-        0x4d2892f71035ebdfL,0xcf6962a6237548bdL,0x599710afb3dc6988L,
-        0x0787789e9e8129faL,0xefe5135a7b65d139L,0x00000000000000f5L },
-      { 0xc1041db3dc996150L,0x61f30cbfb3b9717cL,0xcc86186dd933fafaL,
-        0xa89429239edd4ba5L,0x3b35f50b2d323ad7L,0x8f43b479acc1d0e8L,
-        0xda38daa46793e392L,0x564b87346fb6121bL,0x0000000000000004L } },
-    /* 64 << 266 */
-    { { 0x0e13c1ddcecdf0dcL,0xacd530b6eeb9aa6cL,0xbe3c0fc80af8d3a8L,
-        0xee67f380ce44ae8bL,0x9adc56363854b528L,0x527f7f90130f4497L,
-        0xee085713e80c35ceL,0x29bc4b3e190fae23L,0x0000000000000064L },
-      { 0x17ea6fb5dbb3838aL,0x192eca92b425af89L,0x5fd3bfcf85a94659L,
-        0x8d75b3f5daa4b4ccL,0xbacc18b89bee144fL,0x57591774ff60ec49L,
-        0x319cba952363ac43L,0x6c0d079e472ee36cL,0x00000000000000f0L } },
-    /* 0 << 273 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 273 */
-    { { 0x28cd16ce7333eea3L,0x601ab611845655fcL,0xf18179d957ed4bf8L,
-        0xa704b004172167c2L,0xe22ec70382e3fcf3L,0x4cd9bd0de64c4745L,
-        0xd1eb58dfec9737e7L,0x540c29e8e6658aacL,0x0000000000000124L },
-      { 0x4f35d47d4b18bb58L,0x3ee2a66ad4be21bcL,0x9d3d69a1052b60fdL,
-        0x556347ef8f07eb0dL,0x66014006165af89bL,0x808eb84331e62cc0L,
-        0xfd119574309553a1L,0x4945b9cd7656234dL,0x0000000000000060L } },
-    /* 2 << 273 */
-    { { 0x05bfabadb30c227fL,0x163a01129ca0d9f2L,0x448f630b4a448ffaL,
-        0x7a304fdcf52d44f0L,0x4ceb9902f50356e7L,0xe7615ab1c43b436bL,
-        0x9fd56374d63f192dL,0x38470c8f418bd616L,0x00000000000000d1L },
-      { 0x4b42c1459554d529L,0x5556cf8b2bfe7bc9L,0xe28b6f8994eb909cL,
-        0xc00748ee637dcaabL,0xf71e0fcffc076bf8L,0x57642f92b580d617L,
-        0x755fdf2e1d91f20cL,0x9c3c9c86dd5ab14eL,0x0000000000000187L } },
-    /* 3 << 273 */
-    { { 0x8dfa447387950112L,0xd032940ae8d5c1aaL,0xeb909e673379771dL,
-        0xe780d40da336a4f3L,0x318e1a69ce022106L,0x36b6b1748702e3c8L,
-        0x327e8db4f8e60cedL,0x9c1a790b8380c97eL,0x000000000000008fL },
-      { 0x8eec3caac6534a9aL,0x650fa0d556cfdcf4L,0xfe45e2ce58c3798cL,
-        0x320fac25a60e6872L,0xb399ec98ef983104L,0x133c9f01be57c16eL,
-        0x9736e7543b73b0a7L,0x12c0ce90b48f9618L,0x0000000000000155L } },
-    /* 4 << 273 */
-    { { 0x2ff940bfa7c8fc21L,0x9b3cbeeea6a86c6bL,0x5cd96c7d171573a2L,
-        0x49bb08e812cb3013L,0xddba493e34b92d91L,0xa56f49a5ef35e196L,
-        0x7a454c1c2cdca6c3L,0xb9c038ae684d25fcL,0x00000000000001b7L },
-      { 0x15adc72daf46c7eeL,0x21450db25eaf9891L,0x115517e153a32b0aL,
-        0x5bd9d862e26d8171L,0x991737bf3f8e37e8L,0xcbb33580531a836dL,
-        0x96aff0213d976493L,0x9be26568ca69b662L,0x00000000000000beL } },
-    /* 5 << 273 */
-    { { 0x32d089edecfa97e6L,0x9bf82c96b9f080c2L,0xf1798cd9af6bf9aeL,
-        0xa111bd63cc9b8764L,0x9d1aebb4295a4931L,0x37f6c9ac32442dc0L,
-        0x3785c17e6d6b2b32L,0xae63aea3ccbaa5adL,0x00000000000000e9L },
-      { 0xc2207aa55718e310L,0x5aaede6c9004a15fL,0x07e98d521a4b7f1bL,
-        0x351eca4df3f71723L,0x0026164672a30c08L,0x838f24ecf46357d8L,
-        0xa8278e1a05348650L,0x402ee68e10ec3795L,0x00000000000001e9L } },
-    /* 6 << 273 */
-    { { 0x91955973e33296fcL,0x83dc2cea4212671bL,0x59b7959a3ef3d3ddL,
-        0xad706c14147b4051L,0xff0e938e46217be6L,0x3550f6ba963236afL,
-        0x26a254a435de4d64L,0x829799ebd3fb0643L,0x0000000000000194L },
-      { 0x30dcbccb348f4e93L,0x1211c003aaa258acL,0x9d8500d9383698a3L,
-        0xc2c4310a530725faL,0x6f60e024d88235feL,0x1bcdbca5715c563aL,
-        0x2100b4b2000501c5L,0x9f483a0505c8bf39L,0x00000000000001f5L } },
-    /* 7 << 273 */
-    { { 0x618d04f0001b7109L,0xc5cbefa8a94e8a9cL,0xd5f0e7b20aed80f2L,
-        0x9c876050cd2e2661L,0x18a046bbe3f15e9bL,0x3568d9e165664a6bL,
-        0x8ef9c3b4b0b7229eL,0xa779b68d66dde1eeL,0x00000000000000dfL },
-      { 0x9997a707b3465741L,0x28192afa90f61124L,0xea06c8b89ace2e5bL,
-        0x208f1ad1acb7cf35L,0x1ac49e4ae569efa2L,0x7daffa0f8368ecb8L,
-        0xc559483f40e4879bL,0x8de74638753b0b83L,0x00000000000000e5L } },
-    /* 8 << 273 */
-    { { 0x51db2d9d07207165L,0xc7d56a41c3d4c59cL,0xa47fadda4e278b0eL,
-        0x5c3964e204ffc588L,0x52bc9f389719ecfdL,0x2c9292c035a04049L,
-        0x885ff9bafae7580eL,0x2319a2dcd5cc866eL,0x000000000000015cL },
-      { 0x8b77ddb70ae9af6eL,0x0e21b050dd7fd36cL,0x35d968ecdc8b9c19L,
-        0x6f3f0785a624ad4fL,0x97778a681d42c97eL,0x86103bf0a2a4342cL,
-        0x0aef36fd3ababc35L,0x46c8fb212fe10364L,0x00000000000001e1L } },
-    /* 9 << 273 */
-    { { 0x21488bccf8cbba8bL,0x6cd7d298c6cd24b8L,0x0c83f3ee5de8e8e5L,
-        0xdf29c9784582fcabL,0x7024c1526806aafcL,0x979cd4ff958067f2L,
-        0xc13fbc7c8cde09dbL,0xd468e6f5da3a5090L,0x000000000000000dL },
-      { 0x1ba673a47757fef1L,0x6992b5485070e0e7L,0x8b2c42327acfd5ccL,
-        0x27210f84a508dedaL,0x883d6e39c2629e49L,0x1b83cba19e7dd61dL,
-        0x455f212a4f2bee2aL,0xed70ce46ee719f5fL,0x0000000000000182L } },
-    /* 10 << 273 */
-    { { 0x5c3a0ed97adc9d29L,0x37ad64e4796a4dc2L,0x0d5920486ce3c6a8L,
-        0x2f5d313d166ba729L,0xda128b7bb5ea827fL,0x97c63821f4a68914L,
-        0x35a2d15501c3f074L,0x07fa2fb4b80123e9L,0x000000000000004aL },
-      { 0x408d54c34c208ee5L,0x75119aa6b2f910c3L,0x424a684d1453eecdL,
-        0x800c87a64e1cc60cL,0x1ca02fe5f835f438L,0x019870df716b0991L,
-        0x94e36e623cf7b652L,0x45cc33a25dabec4cL,0x0000000000000019L } },
-    /* 11 << 273 */
-    { { 0x304d81e391a9d18eL,0x152664f7aa95f5c9L,0x6507a739a51eeedcL,
-        0x77d8c41271aadc19L,0xf9908b36a7b6ba22L,0x8b2dd6ce2d5c2f59L,
-        0x38f2787cb66f5e0dL,0xccd13ca9b2c40bf0L,0x000000000000012dL },
-      { 0x1887e4a728b4694dL,0x417981e3a25eec32L,0xe07f28ff6490e81dL,
-        0xd2ba6c79f00abe64L,0xe0af21fccddfeb36L,0x82fbcfeb986898d3L,
-        0xae77cb38e0718462L,0x0818cb63fba01b54L,0x0000000000000193L } },
-    /* 12 << 273 */
-    { { 0x188c77cc75eccbbdL,0x424f7ec52aa03503L,0xfa5819b9c8fde26bL,
-        0x70a39f9b566dae00L,0x70ea7dfba22f5199L,0x502f681e60b863e4L,
-        0x0fd204ff4581af1cL,0x536f4b875d1aa7e9L,0x0000000000000044L },
-      { 0x52d311fb5713fa2eL,0x28d3afee2b0af3a0L,0x82aca5d14dec093bL,
-        0x9d6a3856a946f620L,0x91eb4618e32ae798L,0x62580350783bff5cL,
-        0x610110e5b76e4c61L,0x76287f2f3c2ae4aeL,0x000000000000002aL } },
-    /* 13 << 273 */
-    { { 0xdc5bba7b75716569L,0x41487a141dac5c65L,0x36e2a740b5c823e7L,
-        0xe40d249065e0b210L,0x77d4708f8839779dL,0x879b9a4ba1d7eab5L,
-        0xb3409669311b4f51L,0x6d1899fe423b3b2fL,0x00000000000001e1L },
-      { 0x2d351db99db2b624L,0x7143d053d054c63fL,0x3ad8fce9c5ae5097L,
-        0x98ac8ae089757358L,0xcbb20672ee232061L,0xf703f203c02c786cL,
-        0x9f7f153b2f4907aaL,0x2b2d7f4056eeb499L,0x00000000000000dfL } },
-    /* 14 << 273 */
-    { { 0x5054d6c0d4daec55L,0xe75aaa4d2d795df2L,0xa72ffe306da506adL,
-        0xe019fd58e375432eL,0x9827f72b4fde3a24L,0x54f713e42a3320a5L,
-        0x41408596baa1f5f6L,0x9c42b30fc65b3ff9L,0x0000000000000038L },
-      { 0x1b36dca6031dba90L,0x5e80043e0c0c3559L,0x17a387f6a3a6c663L,
-        0xc9a8c64f000711d6L,0x304a1f4178156da7L,0xdc5de4a9cbdd6bd9L,
-        0xf65f6d1a599ddcc9L,0x591e35e24c1e3e7aL,0x00000000000001afL } },
-    /* 15 << 273 */
-    { { 0x8a775e63fc349e8dL,0x25de6478e3b39a51L,0x1962bc0927ae51faL,
-        0x7d3cc7f79952670cL,0x9a09a697059050f0L,0x392dbf4355234066L,
-        0x1cbff05524efc89bL,0x68a50b092f805012L,0x0000000000000078L },
-      { 0x1c48213e47bef4e3L,0xae844a2a0d5e95d2L,0x95f0efc014c40369L,
-        0x0e1d7c2d59ee29dfL,0x1ed16e33d68d68f3L,0x0c54c8d47babfe13L,
-        0x155a3aa83b036552L,0xd9fd099e9efafce5L,0x0000000000000123L } },
-    /* 16 << 273 */
-    { { 0x2fe08a10462e6862L,0xa86db08f35ca4eceL,0x4af069a05960b9c7L,
-        0x9f0086014c7fbbe4L,0xfe91aaab59bcd54fL,0xbb6cd66467a1bc8aL,
-        0xf3b3590354ab69bcL,0x2d5b1227ff914c06L,0x00000000000000f9L },
-      { 0x22226588f7d5ac27L,0x5bf4d921d14893e4L,0xa0a5c850c384f172L,
-        0xc5deff764351441cL,0x9cba07b4539d45baL,0x324345620a80ae0dL,
-        0x0e144257bb44f664L,0x1c5c19c163da2750L,0x00000000000001a4L } },
-    /* 17 << 273 */
-    { { 0x51e56fd2377fe385L,0xd7492e760b164c7fL,0x2f6b60c80ef96709L,
-        0x9b0711e5922f73a4L,0x94778ad3f280a8eeL,0x64c426437a4bcefdL,
-        0xb0c26afc659c9918L,0x82ee9fab35019434L,0x0000000000000074L },
-      { 0x3d35f4ad7e800ff4L,0x238e7f313d01d6ceL,0x172c4169e901ebbaL,
-        0x3232f5673a643a41L,0x4c6f397f79701e48L,0xc8b78dae42cb8029L,
-        0x456590ca23d30eb2L,0x4822aa96ecef86a1L,0x0000000000000136L } },
-    /* 18 << 273 */
-    { { 0x2827509940aa836bL,0x4ff61db18e6dfe44L,0x8402c1a4b2ff8beaL,
-        0x35306c0483432ff2L,0x038990de7e604bd8L,0x24c5056d94db9d3fL,
-        0xe7b9a01fdf1dc845L,0x10d538b1c5918c0aL,0x00000000000000a5L },
-      { 0x1d80e8bd54959824L,0xcb6fd66c89a5d7e9L,0xf3af6940860e3fdfL,
-        0x421ce5e8563137c7L,0x03e6f677661866ecL,0x71e09e4b5276a885L,
-        0x915f8f97aa9aeb74L,0xa95c50572cc76508L,0x000000000000001aL } },
-    /* 19 << 273 */
-    { { 0xb3809974fb81dcebL,0x04c8b5f63319a12aL,0xfb0f28c8888e81bcL,
-        0xacbe4a1d2ad580c5L,0x98364afc0bb15f66L,0x989e8123ad9238a6L,
-        0x1c447ce56b1c3603L,0x5aefd392295aa36aL,0x00000000000001c2L },
-      { 0x9710f3e830cc890fL,0x7282afbae4c45659L,0x14ca9438c207839cL,
-        0x1ed458d898c2b015L,0x3f2a4c7af1ba2f97L,0xd9a0fd1c44908498L,
-        0xde8553a737b341a7L,0x2da1c2272e563011L,0x0000000000000140L } },
-    /* 20 << 273 */
-    { { 0x73d2ec27a3fa7b6aL,0x97ae7b3a601abb5eL,0xd42c967294f25a78L,
-        0x9516e3b715a54045L,0xae7bcc8d6b889d29L,0x1cde169f55b50252L,
-        0x52e0bd3767c5274dL,0x8784031d2ef34a50L,0x00000000000001ffL },
-      { 0x8993fe21afdcf8acL,0x09332a37f854b7d7L,0x7e59ab356cf0ef3dL,
-        0x296081d775691e53L,0xadab7d8697d96038L,0xd517a740df09ba1eL,
-        0x0883ca2d330b20e9L,0x930bfd5f43b56a48L,0x00000000000000bcL } },
-    /* 21 << 273 */
-    { { 0x8f9362b782308867L,0x4c617f3d2b121634L,0x7128d265a0c31abeL,
-        0xb149770ec374c526L,0xa30771d74c5ecbefL,0xabdc769627acda27L,
-        0xc258797b6450a1feL,0x8f0ac6d683044b48L,0x00000000000000b0L },
-      { 0x92e7643b6ce14f0dL,0xbb0cc016cc8cf431L,0x7a9fce4ef1056d87L,
-        0x7ebc00349fd21abcL,0x76ad91162c8c09ecL,0x38a51d4d3b161bedL,
-        0xe1f7286b9a9b8590L,0xd2bef39669822c45L,0x00000000000001e4L } },
-    /* 22 << 273 */
-    { { 0xceeadc92e3dba9dbL,0xd218a237a95c8cffL,0x03302b21eaf709daL,
-        0xbf3e305a8111468bL,0x72ab2ec07e82860bL,0x1a2df5a3e186f8f4L,
-        0x12579936f1a95aecL,0x61e2b1e1c19a4e2eL,0x0000000000000000L },
-      { 0xcc6802561edb4b21L,0x73d87649d7bdc78eL,0xe440ad1918073608L,
-        0x016ef0c7d90974abL,0xa466d5335c7e0663L,0x2885493eee21a1a9L,
-        0xf459216a2e4d05c1L,0x6dbce2c807a94608L,0x00000000000000c1L } },
-    /* 23 << 273 */
-    { { 0xfaac87ee84d6cef3L,0xd90ce8f916e9316aL,0xb90a157b7c9c7338L,
-        0xed9b08d2005e1b8bL,0x2439244636898a59L,0xa6ca07901c2f7350L,
-        0x9a93d39ad9447b26L,0x56acad519cb4c8a9L,0x0000000000000051L },
-      { 0xf8f0216874848490L,0xa86f9dc8d08c617aL,0x49b48bf8a0731a33L,
-        0x78126e62538afcd6L,0x40cde5c8ed4d2ea8L,0x254dee95831e1aebL,
-        0x7532ce3731639537L,0x27fe56322d4f834cL,0x000000000000012aL } },
-    /* 24 << 273 */
-    { { 0x604b730ef1ebe533L,0x336e362e0b4b9191L,0x246e5c1ab711e872L,
-        0x652dc2c1f46e3f97L,0xc3492e151398e328L,0xd85f2669475cd2bfL,
-        0xb4b28424a3c972bbL,0xf3d5711649a9ac4eL,0x0000000000000148L },
-      { 0x2a5e5f5425e365feL,0x9202ddff6abd415aL,0x314e872acb24f45aL,
-        0xced1dcd9b7bcc7d1L,0x0d39cf240377ce8fL,0x75eb96c9d1065414L,
-        0x984b4a459fe0ee9aL,0x8237616704703ab1L,0x000000000000011fL } },
-    /* 25 << 273 */
-    { { 0x2839ff0b73edf179L,0x0c86f7213c27933eL,0x0635f21660380a50L,
-        0xe30ac47e08978124L,0x9ef7580ca3c4c0c9L,0xfe842e3b5c323f9dL,
-        0x320eb96f2322e2a9L,0x37e518f3ea489b6cL,0x00000000000000e9L },
-      { 0x382199260b9d992eL,0xd96ade19441272a1L,0xddfb5d87ff188af1L,
-        0x0bb3a1d0afbb820bL,0xc81b98b73d9f94e9L,0x9fd45fcc0f4b8cbbL,
-        0x2b2e3a3ac5127190L,0x92c22ecf750fda83L,0x0000000000000047L } },
-    /* 26 << 273 */
-    { { 0x614ba6ccc44776c1L,0x80fede5815132829L,0xd69d5d613359d3ecL,
-        0xf302a63e0d76029fL,0x201938b1bc711f3fL,0x1e7db241764f0544L,
-        0x466d273d60c27af9L,0x472d12f244190095L,0x0000000000000027L },
-      { 0xb30bbbad213788c2L,0x64d2b58670427068L,0xa0040d46f4c71bcbL,
-        0x025d2898a6fb55daL,0x8f6bb191b5d4d6c2L,0xd9899a763ad65acfL,
-        0x08acb6e19fea8d7aL,0x75cd5e5c63dd79b2L,0x00000000000000a9L } },
-    /* 27 << 273 */
-    { { 0x217ede5bae998a64L,0xb49ddfe7f6bdf2a7L,0x27344e0df7b9fd0fL,
-        0x6692431a88552d89L,0xf22f33be0cc964fdL,0x56140230df10ab05L,
-        0xded604f02c79339eL,0xeb4b1cedf36bd72aL,0x0000000000000079L },
-      { 0xba2b0ff9f7844c49L,0xbda1e2396fb21a72L,0xe9ac028a95fb942eL,
-        0x33324e2b37bffacaL,0xb5068cc3dcce1f97L,0x3cf1b594dd4cc89aL,
-        0x65c4fd79ab81d662L,0xffd08615372b50fdL,0x000000000000018eL } },
-    /* 28 << 273 */
-    { { 0x06b3e15d5771af61L,0x1235e2b0a0b64d87L,0x5454afd261821972L,
-        0x94396699d6c76c37L,0x2aac7459c61d6be6L,0x94893168ca05d3cdL,
-        0x8d77047bc2250b78L,0x9adb6b8db1a06efaL,0x00000000000000c4L },
-      { 0x8cbe58961a7b33a1L,0xd75a2d7bd83f7033L,0xe81731f314f445d2L,
-        0xe905889593c865f8L,0x6caea833605f5264L,0x96df9656e3b6d3dcL,
-        0xe7afb0760b224f18L,0x4cb4c72107aa123fL,0x0000000000000090L } },
-    /* 29 << 273 */
-    { { 0xaded87ed9d1637d6L,0x6d5d5b3b694a536fL,0x6aba5271494ef964L,
-        0x5a9d8207f899f7acL,0xb426737cd77bd7d8L,0xe8de83bc8e7761fcL,
-        0x99f09dab881d65f4L,0x145efe113369e1a4L,0x0000000000000084L },
-      { 0x385830fac6470ecaL,0x08d8e0664a415836L,0xbac25039b5241a86L,
-        0xf02ed14198be6a68L,0x172cbd25fb41f819L,0x8e8c6c3ec0a203c3L,
-        0x4a7861303316f5ceL,0x0e5195fb1ecc5915L,0x000000000000012fL } },
-    /* 30 << 273 */
-    { { 0xb067305d41f4e9eeL,0xe2c3afab7b26ad35L,0x620dc76da158082aL,
-        0x13e8afcc03213e9fL,0x64018f55c12946a4L,0x770066dd8c4c89cfL,
-        0xa07b753efbe52d37L,0x79cec78b7424b86aL,0x0000000000000072L },
-      { 0x5ec514f1a5dc80a7L,0x7e70e414c049c348L,0xc3daf2f2eebcac00L,
-        0x0f49f8a703563a24L,0xc36c093204e789e6L,0x6c17a7c02b59bbd2L,
-        0x3a84fc9dc6cb7b49L,0x05e1457e0de6085aL,0x0000000000000109L } },
-    /* 31 << 273 */
-    { { 0xc90eb31fc17d94b2L,0x8ed3a7945e87b6dbL,0x85ebc38150d82b3cL,
-        0xc906cf47dfff4d95L,0x122b7a67f28fdcdcL,0x96bd35386bf4a9acL,
-        0x67788dc93f96461fL,0x982412df832f92faL,0x000000000000007fL },
-      { 0x5eaf69178324dd6fL,0xbd5ae389c8093147L,0x1c19b1917939568aL,
-        0x5fc18a88e5600018L,0x5c483792b28ac566L,0xd15eaaac13b67938L,
-        0x3ad1d25e8cab3ebbL,0x6e68deb0247e9904L,0x0000000000000031L } },
-    /* 32 << 273 */
-    { { 0x2347e38373435eb6L,0x75563e7858ea9f89L,0x20ccb854efa62cb9L,
-        0xdac97aec1cc86c06L,0xbe99c357f432d1b4L,0xcd89da561c2e03f6L,
-        0x7e424afda789af68L,0xc386d1bf401f225dL,0x000000000000009fL },
-      { 0x46f9bdbba1a12ca1L,0x489bdf59a6469919L,0x94ad85a73974bf6eL,
-        0xa7fe1c85c9fde759L,0xa26931a072b3c209L,0xbd5b56203db247ccL,
-        0x9ecb8a741085c481L,0x9134bbd1ea48e281L,0x00000000000001dbL } },
-    /* 33 << 273 */
-    { { 0x10689653e6397251L,0xd36ab8d90f9f0184L,0xa8c95b34a5da43efL,
-        0x1920d31fb6e047b5L,0x0dd12f4ce1469d06L,0x94efeb8c3cdee90dL,
-        0xf6b42234490b18f4L,0x4ffd0c3f9d9c97d9L,0x0000000000000165L },
-      { 0x04db694b8907f755L,0x1297a489cab5d47fL,0x531adce1572fba2fL,
-        0x63960f81014224ecL,0x61175880c4a771a5L,0xbb9116fd2941f7a3L,
-        0x04047b18a59d986aL,0x671b243166eb690cL,0x000000000000000eL } },
-    /* 34 << 273 */
-    { { 0x9db986ad8855ba41L,0xc106268894b3744eL,0xa92f7d8b15201d6cL,
-        0xe1e9769008782567L,0xc9bfc18a482f9905L,0xcc6569b1f54a18e0L,
-        0xd623f6e0ad8f5366L,0xb312dc0c5852a673L,0x0000000000000024L },
-      { 0x82a24990455c2368L,0x77771a72791c090eL,0xbbcd5223698071e5L,
-        0x4877919b2f7dbcb9L,0xb5b54e4e8622b142L,0x6c0f9b68c924f541L,
-        0x40f658639de92f6aL,0xd1b03e4e626f28ffL,0x00000000000001aeL } },
-    /* 35 << 273 */
-    { { 0xe357497c44f788aaL,0xeb886a8f9952cd9fL,0xaabac389c4d3a590L,
-        0xaf02fe81b2782010L,0x4cb27146ec5da884L,0x7104f1641074d877L,
-        0x3c049a5c4bcda0fbL,0xcf680a9200118890L,0x000000000000005aL },
-      { 0x76ea5fa1d2ca967bL,0xc8e6d78fb8d792d3L,0x203e8ca7e4fb3e32L,
-        0x80a8f1e34959b68bL,0x3b5a8c7f0165eb1eL,0xbe35a03d5c518971L,
-        0x815cc58c3dff7dceL,0xf4684b055909c47bL,0x0000000000000065L } },
-    /* 36 << 273 */
-    { { 0x7a8173004fabf449L,0x73b582d840f2b2a9L,0x3a3d45a8c970d55dL,
-        0x4b929ad041a73083L,0xc39402f969c262bcL,0xdbc16a80f9b3d2cbL,
-        0xf9abdf398d4fd1cbL,0xb3b5baa009125d99L,0x00000000000000afL },
-      { 0xe8d916331263ea71L,0x34f37faa9afe25feL,0xe00102248d62a061L,
-        0xfd4ac0ee89324085L,0x1ad23c7839425188L,0x3e04ce94f9b054feL,
-        0xad2630664ba78a71L,0x1be2291a86fdcda7L,0x00000000000000baL } },
-    /* 37 << 273 */
-    { { 0x6acd94de05e1e1f4L,0x673190a0645a2a41L,0xa35fc575310fafd6L,
-        0x3ac9c62230e58773L,0xb82a873cb07d1795L,0xe9946d72a34ccba6L,
-        0x46c81998a6222e44L,0x2ff50bbcc8faabe8L,0x00000000000000d4L },
-      { 0xa0b601a6786a9817L,0x93b775763e461079L,0x97ef405844808435L,
-        0xf5a7b80c1199d980L,0x9e41ce271e84febbL,0x208a021be7f836e4L,
-        0x58bf3f9231e33980L,0x00755fc7899562edL,0x0000000000000117L } },
-    /* 38 << 273 */
-    { { 0xdd5761c511676ffeL,0xb0cce6b697334331L,0x0cce322c7ef96ef9L,
-        0x79fc56838c450809L,0xac7ad874bad8c85cL,0x41f7958cc41af040L,
-        0xf491765edf1245d8L,0x02e26e6ccfceb02aL,0x0000000000000039L },
-      { 0xb1abbef48131e277L,0x7aa601fe63dca0d7L,0xb2c6c9b5d7e372dfL,
-        0x0b7298ad989af18aL,0xc7f3a5e3d5fe8f67L,0x769001fffde1066eL,
-        0xe10fded0dda36343L,0xa92f0d1b15d0522fL,0x0000000000000131L } },
-    /* 39 << 273 */
-    { { 0x6c1a6c256f3eef55L,0xb08580701c18b346L,0xce1c87968b4446ceL,
-        0xf17d9053e23c4f17L,0x327e132e89f21512L,0x205508fe284e94ebL,
-        0x1e62dda7f24fbc99L,0x344bbe262d39e997L,0x0000000000000060L },
-      { 0x770d0acb3035df5fL,0xdcd8b49049761501L,0x632b7d51ee075e78L,
-        0x6d945e49b47d9adbL,0x0f8c0b321d0ed89eL,0xc279b05c89cac70aL,
-        0xa227cc73353633eeL,0x925d141639a4d0deL,0x0000000000000046L } },
-    /* 40 << 273 */
-    { { 0xad4f18816bb2c3b8L,0xd45f9a0cd380ca18L,0xfb839dafaca25641L,
-        0xb89884f27e519019L,0xde295e5458cd6c25L,0x1bc5070e25a1e8cbL,
-        0x66f1635747c21e93L,0x379e8f32a4bddfa8L,0x0000000000000108L },
-      { 0x9141ea4e87cc4a52L,0x285cbaf972cff2ebL,0x27898f4df492be77L,
-        0xd49d035f223c8859L,0x763866c2726065cbL,0x0886e8d5b2eb9e8aL,
-        0x7deb06b31f70bf7bL,0x8ce6bcb7889d3e33L,0x0000000000000060L } },
-    /* 41 << 273 */
-    { { 0x271a04f88ce4f4b0L,0x2414550726b4b7f8L,0x159a895bbef3547bL,
-        0x3c71622e5db5a5f9L,0x7ea8523192ece243L,0x65c89b75bc972333L,
-        0x936ef797fc711efdL,0x05b810c7af98632fL,0x00000000000001b8L },
-      { 0x233474cfdbe53feeL,0x13f02ed581983f5cL,0x26f0244eb5c5b790L,
-        0xc39151490fd4b89aL,0x5d5731029a9ff308L,0xaa9ca0826b5e3103L,
-        0xcae619b710f4837cL,0xcd1617e2cf88ff6eL,0x00000000000000c5L } },
-    /* 42 << 273 */
-    { { 0x1b012cc6fcc7c3d5L,0x02b9f445dde71f72L,0x5f2cfd665a2000beL,
-        0xfd676315c8780139L,0xa594ecd3ae9b27dbL,0x9b06895afd3cedc4L,
-        0x0d532a0d1a268fffL,0xe06bfde60dfb1337L,0x0000000000000103L },
-      { 0xaa0a8cfdfbe7f2e7L,0xb2eddfb7adf3624cL,0x452e0b4fddeeeaa1L,
-        0x4bc994baa46e664cL,0x2bd9645ea0eac15eL,0x4d34b0e75e550962L,
-        0x6295f4a1697c8f01L,0x778a20923c08aab6L,0x00000000000000a5L } },
-    /* 43 << 273 */
-    { { 0xc4b1b87656477894L,0x9f8b9485bc8ff924L,0x55fa6ad5e675d0aaL,
-        0x27cc06eb926549deL,0xa53fe770d61fa7adL,0xb407e08f8fd62473L,
-        0x4c2c03f2a92b75d5L,0x810deda5009ca888L,0x000000000000016fL },
-      { 0x0f8e637dcca00512L,0xb195a15968dd81afL,0x44a70f986b904e07L,
-        0xb264193f52c9eb87L,0x5e838f6fe75cd8fdL,0xd25d4157a7123b3dL,
-        0xc6a13879cc52e032L,0xdda5d51ccffcbb8bL,0x00000000000001c7L } },
-    /* 44 << 273 */
-    { { 0xc7879147afb7d394L,0x8ec1b7fd4fb2b482L,0x955ea97dbd72c391L,
-        0x9c5c1ec6cdb4e57cL,0xeda7ae96723ade30L,0xc27b17b48054db82L,
-        0x0d1e386b91170eb1L,0xc6366e519aa3db3dL,0x000000000000002fL },
-      { 0x710fde5f6111f40cL,0xd231d1b3fd9de6f7L,0x9cbca1b1a15652beL,
-        0x1d1b5b4d0a93c0b0L,0x29f6c799dc4c3234L,0xc414ea5fcda6aad7L,
-        0x7c44805f3ead0e82L,0x1eea7f63e86c4877L,0x0000000000000036L } },
-    /* 45 << 273 */
-    { { 0xea03e06e6909b7b5L,0x1eb59e94dd60ebe2L,0x34dbf67688d4c7b9L,
-        0x45027f88f72d9b9dL,0x31b1f57995e61759L,0x61dfe2f6d4650f5eL,
-        0xbd0d212d6d0b74f4L,0x3f9948eb48083b0aL,0x0000000000000013L },
-      { 0x2bc49a766742cc59L,0xf83f88b2df5d4832L,0x3334aa91a688f8eeL,
-        0x8a225b1d50913867L,0xe3d0925b9f5830baL,0xdef272bc88056d19L,
-        0x22310572a90551e7L,0x5be1f7e622653c85L,0x0000000000000164L } },
-    /* 46 << 273 */
-    { { 0xc39065a8339a9d0aL,0x003e9b1e5ed50927L,0x1bddb64990510e1cL,
-        0xc9cd7f8305bf885aL,0x1f6f6b26c677e374L,0x22c8e14499d0ce42L,
-        0xe73b3c75760954c0L,0x8f1169532abfdac1L,0x00000000000000a7L },
-      { 0xcb29557273c46650L,0x9eadcd045832208cL,0x81a07d4b6a6f83b0L,
-        0xddf5c6863ab3dd60L,0x8f79004b68e2062aL,0x4dcc7bc7d2487a89L,
-        0x23a734b65d1fc56bL,0x8bd92ff31445da6cL,0x00000000000000beL } },
-    /* 47 << 273 */
-    { { 0x2484e9b86f9d25d5L,0x15a3eef11bb1562fL,0x2877237285a8fdc1L,
-        0xbdbe7ba434f5a652L,0xddef4b0751555a0cL,0x9ce61078fb946931L,
-        0x3f96d51e4a63b946L,0x870c89e539f2af27L,0x00000000000001a6L },
-      { 0x502642ad8155bbecL,0xf6405faf03db10e1L,0xe8a6560fa29bb9c3L,
-        0xe50d29554c3a2c35L,0xcde535401a0decc4L,0xbba9da77090bedf9L,
-        0x14ae1323a72b5b8fL,0x21a90f4992c11268L,0x0000000000000167L } },
-    /* 48 << 273 */
-    { { 0x0a65feba78bb30f6L,0x0235d91a50eabf36L,0x0b8ec4a4cd2d934dL,
-        0xa122f10b8dfcce34L,0xc3c86b639b2e6536L,0xb8002fac84962539L,
-        0xa6893cfbf6d36ba4L,0x280e9d60dccb7f1fL,0x0000000000000072L },
-      { 0xcbb4609e279551b6L,0xc6e893884b03a718L,0xdf62f063744dc7e2L,
-        0x1799ea3e4146ea10L,0x73d8cef29ecd77ceL,0x2b87c10eb2229d1fL,
-        0xe9d08175cabfdf74L,0xed1d16a83f0d60c4L,0x00000000000000ecL } },
-    /* 49 << 273 */
-    { { 0x2631e8bd95df30c9L,0x247fec887ec7359eL,0x37b1e3913bc00041L,
-        0xcbe855f3b87062faL,0xd338fd26481816c3L,0x0d8dd09ad0f19ebfL,
-        0x2741bf86ddff6006L,0xaef4f2e5495cc8cfL,0x00000000000001aeL },
-      { 0xeb8c8ac5a59d77bfL,0x63e588b77c3fc77aL,0xbeea43ed5d00f92dL,
-        0x8dff885a80169336L,0x5c0cef670a35b365L,0x4c61a43ba705b9e9L,
-        0xe95772c54a8c46f8L,0x0d81ff84829ff66bL,0x000000000000005dL } },
-    /* 50 << 273 */
-    { { 0x3dc4ad30a16aec5bL,0x9cf3022a8eb3ec7bL,0xd940cce316b6219fL,
-        0x6324514378a15c73L,0xa70b4f69107ecdeaL,0x3ac7eb803b2bfeddL,
-        0xee677c763137afceL,0x9686744c986c1392L,0x0000000000000115L },
-      { 0x9db83670d591110eL,0xfdc8ae98d29a560cL,0x0e27d3c0f840aed9L,
-        0x98bce3eb7e127e30L,0x7c1bb6b9184ba73eL,0x410c3f4f986eb84aL,
-        0x8c28448dac4caa8bL,0x2e3c82365a3618ccL,0x0000000000000101L } },
-    /* 51 << 273 */
-    { { 0xbf1dd991bb37b704L,0xb36ed5ae0cd09760L,0xd9750a8697aa7d3eL,
-        0xd1a27c2cc8a95b0fL,0x399937693893c07cL,0xb85a62c28ba9319aL,
-        0xc233630451b89005L,0x1c942e9fef7a20a2L,0x00000000000001c2L },
-      { 0x291509822572cb48L,0xe1ca81031d0b9df4L,0xfb70c750ba52c264L,
-        0x4cf3fb966bd2e72dL,0x04b65b4daf9a2bcfL,0x56eaf0f7db2205e2L,
-        0x5551b3333466cfadL,0x886b3275c55a1b10L,0x0000000000000139L } },
-    /* 52 << 273 */
-    { { 0xa976f5a2f8701332L,0x203dc2057771c835L,0xb1c541bde425fcc5L,
-        0xbe9921205c2cb7eeL,0x300e2b0279278283L,0x24b80fbfc88d605bL,
-        0xfd23544c3006aa2dL,0x1a212c5fd593c6d4L,0x0000000000000103L },
-      { 0xd9fe69f1ca88f548L,0xf2e065d1a37c6e22L,0x5804ff61e43ecc0bL,
-        0x34abcb423becc85eL,0x7d223605fd8e1751L,0xa2a0ea503b76b819L,
-        0x6c7b9dfe147f6beeL,0x8db65fbd3be2fcbdL,0x0000000000000178L } },
-    /* 53 << 273 */
-    { { 0x633d962c0c9fe7cdL,0x8fb7af4e05e74840L,0xb9cfda5ce5228fe1L,
-        0xcacff0b65199eb36L,0xb9ac48c7b6155dc2L,0xd147c6d3300bab8cL,
-        0x4f58e235a5034c42L,0x097078470291dcc9L,0x00000000000000edL },
-      { 0xacfde54d059836b0L,0xf755e402b6d8e2f6L,0x282c2d5581436e4dL,
-        0x0a8eff54b3ba7338L,0x910d9a5dc0551151L,0xcb2a43a629e3a972L,
-        0x49974730b85e35ecL,0xf79b7d5ccd5a58fbL,0x000000000000017dL } },
-    /* 54 << 273 */
-    { { 0x65d17a41539696a0L,0x57f8e852def0e88dL,0x8ef4f324c7739797L,
-        0x532ceb30ab421668L,0x691ae9641db40e22L,0x19a80aabc518454eL,
-        0x520e94d1338ad96fL,0x172bc7b6d28f8389L,0x00000000000001c1L },
-      { 0xbb52038d92e07ed9L,0x7ebce2feb5272282L,0x2cd12a6bfbf12724L,
-        0xd1c0d0f017e36d0bL,0x46b0fc6ca1709284L,0x41f37ca9d0015640L,
-        0xcc5dea20be174e7aL,0x2831510fbcca4571L,0x00000000000000eaL } },
-    /* 55 << 273 */
-    { { 0x488370b5e902f19eL,0x1fc4025b68b7a415L,0x27c316dbc935ac89L,
-        0x2fb89fb00293079cL,0xe4c123f52ad9ad17L,0x7031724aeb3910deL,
-        0x38223c12db0a05aaL,0x199b557bdce2bb89L,0x00000000000001efL },
-      { 0x49462b3bf467f0c4L,0x53d52ebfda88978cL,0xfe52b9ef3b5363f5L,
-        0x64ed965fa8acbd66L,0x92e5b025750c6e88L,0x0f4841bfe5b28b0aL,
-        0xd2a3d837e73509c1L,0xdf28934e0db0512bL,0x0000000000000078L } },
-    /* 56 << 273 */
-    { { 0xc466fd7b7514e752L,0xc0c9a0af8e1fd662L,0xd4b0ae397f3083fcL,
-        0x9af1c21f24cb5771L,0x8c20329d469dcd1eL,0xb115fdd26579990dL,
-        0xccd93d2a3160b749L,0x4aa17bb996f8fe36L,0x000000000000004eL },
-      { 0xea95c80a4118ebf1L,0x267ce3a6e78b533bL,0x54167eb7152ee4f3L,
-        0xda581b52d6d5b4c9L,0x285ddaa44f9408c6L,0xa1e4d6dc1ff6c988L,
-        0x9d1464077540a223L,0x127967a3f46c92d9L,0x00000000000000ffL } },
-    /* 57 << 273 */
-    { { 0xb39e35c824e3fbfdL,0xafef277235e6a7afL,0x25b3068748cd5a9bL,
-        0x305cd07226cd12d2L,0xbe0af44b191d2eb4L,0xe0c88872b14a8482L,
-        0xffa8362a895930d2L,0xe2da964817b31851L,0x00000000000001ebL },
-      { 0xc073c946625426d8L,0xd397726f62c66394L,0x3d1398374528c5faL,
-        0xd8da5a25b3221944L,0xf50efb6b2635e15dL,0xf68306be42115851L,
-        0xfc4919fa16837a4bL,0x5d4ab1f6b111cecdL,0x000000000000015cL } },
-    /* 58 << 273 */
-    { { 0x1fd61fd0b5286dd8L,0x237ed76f1b4f3393L,0x3e86a9a9d71eceffL,
-        0xc8ab89b8e74180c8L,0x2402e229e2014494L,0x41893effc276af0bL,
-        0x4b0c1a54eb97a632L,0x8d403e5aabdd0d62L,0x00000000000001d1L },
-      { 0x033c88e0e7df1bb5L,0xc4ff0974917b53cbL,0x6834e17dff5540f3L,
-        0x333daed32024b7efL,0xd76d2d74e7919887L,0x16ad783eccf4d0d6L,
-        0xe57b0eb14cd5587bL,0x9e52405b4c7e37b4L,0x00000000000001a3L } },
-    /* 59 << 273 */
-    { { 0x2233ca7fb47270f2L,0xae765c245a51e38aL,0x685a629043be58fdL,
-        0x070f79e18346ee5fL,0x09dfa96060cc36f1L,0xba1b744a516ab0bbL,
-        0xb99d4a5d2b2125afL,0xa88ef3ca45541791L,0x00000000000001d8L },
-      { 0xaa2d4980e27c4c50L,0x7bb1302b2a828c2eL,0x2b7f34c6e586f990L,
-        0x182b69e2b22de340L,0x084ae47141494741L,0xff811bebdda7aa90L,
-        0xb62bc87c0b45b4acL,0xc3971692251fa3a0L,0x00000000000001bcL } },
-    /* 60 << 273 */
-    { { 0x08c553f113562036L,0x11b803b8e4d93e33L,0xe7b3f20692fb7e89L,
-        0xd8352288cd0cc8c2L,0x2bf9cd2faaea0945L,0x828bf1c71d16f78aL,
-        0x9228c534afc79192L,0x1d7fc7f1c87becfeL,0x000000000000008bL },
-      { 0xbc9bc44354ed41f5L,0xfd759f9579a650b9L,0x951687f8bbe6ecb1L,
-        0x396d94a79e55762cL,0x4e489097b787cfabL,0x522cc6c3111e72bfL,
-        0xf494094c7a4d01d8L,0x2f0b8ed600666f1dL,0x00000000000000ddL } },
-    /* 61 << 273 */
-    { { 0xdaa376d3bf886d75L,0xda77b4e0c5fa164dL,0xc5fa99d7e140d0afL,
-        0xc1298a7f239e4b91L,0x656278ea77b95e2aL,0xd4615db928c2dbf7L,
-        0x679e343ab4fffdf4L,0xf454c81fb109106fL,0x0000000000000020L },
-      { 0xebb250e9d09e1320L,0xc1bacc99bc92b5b8L,0xd2bc9ce8c6fa578aL,
-        0x4b5480d06d5411c2L,0x4a667abdbc01eef9L,0x2293ff502b5b5ae1L,
-        0x064d795250578246L,0x4999b1244736e18dL,0x0000000000000056L } },
-    /* 62 << 273 */
-    { { 0xacabe0d649acab59L,0xf5c52f50022e503bL,0xc388decf5bc47f3eL,
-        0x8d0cdcf14f1b89a5L,0xae32536823906d64L,0xc3ce9106967e20ebL,
-        0xa820be6f821b2939L,0xa323b31a73d7b74cL,0x00000000000001eaL },
-      { 0x4a67d5f8ea7184dfL,0x34355eead1834b43L,0xdeb639e821ecfdc7L,
-        0xfa16656adbc01369L,0xb8791490db78b8d2L,0x8433fb9c29d46e0dL,
-        0x7327033b802bbe56L,0xcb2f72c7be24f129L,0x0000000000000091L } },
-    /* 63 << 273 */
-    { { 0x6d4e39d3ac1f4630L,0x1fa0065075a61ac6L,0xddc652c51817a6e0L,
-        0x42b1966823e50264L,0x3e980ad593896122L,0x8a47a5191081f154L,
-        0x6b4199134c2ffd1aL,0xcfb1914f16b21385L,0x000000000000004eL },
-      { 0xce79f49b2fc5c303L,0x9efee352e1d19a11L,0x7d084d1833b27ec6L,
-        0xd078a4c3479ee85bL,0xc88a27f1983e02c4L,0xf7493d4c411e9106L,
-        0xd13cca1d20cfca34L,0x80a39dc9c4f5a885L,0x00000000000000fcL } },
-    /* 64 << 273 */
-    { { 0xcca33db42a22b97fL,0x808d2e981942f8f7L,0xd972d1a737133c3cL,
-        0xfe4b5f5f5ff8d7aaL,0x8bd08c189175512eL,0x67bad971bb95ce67L,
-        0x885de1d49cf69b1bL,0x00d0ebbe54ba8e61L,0x0000000000000111L },
-      { 0x50aeec386c90b677L,0xc765c4753df368c1L,0x3865a7395d423382L,
-        0x5f843adf7e55f0d3L,0xa8c20b65e6159793L,0xbc3d7a4f05c2f2b9L,
-        0xb6663d297a052d8bL,0x50cdb83a65a7ea81L,0x000000000000017bL } },
-    /* 0 << 280 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 280 */
-    { { 0x4c740ae10ac4cb66L,0xc8a66d9759c635ffL,0x328b65af2569dac8L,
-        0xfdb6599b8838dbc9L,0x702473f87fd83c9fL,0x0d1f2ad8128683f6L,
-        0x00ae5b505030b76bL,0xb1375d706d15b5edL,0x0000000000000159L },
-      { 0x7a772a901f1e1f7fL,0xa790dcb7c669aa61L,0xdad905aec5e4f185L,
-        0x3bd91c29116ad6ceL,0xf87c96eac329d8a7L,0x399c929cb5b14581L,
-        0x6fd2983c3a8253c0L,0x616a8b61da988b39L,0x0000000000000181L } },
-    /* 2 << 280 */
-    { { 0x0d6e6eedae0e245dL,0x5c37e80f26f68799L,0x575626142aeeb588L,
-        0x9261cb14de82abc1L,0xa4b446f5ebeeb914L,0xe8b749efffb71dc9L,
-        0x3e1382391fcf5e8eL,0xcbdc4c5315c8cfb4L,0x0000000000000185L },
-      { 0xe8acd37da80326b1L,0x4aa2d80f6ffc9ae9L,0x46da631fdb069e01L,
-        0x1463768de7abe06bL,0x932e528dc3be779fL,0x756bc3de494fd10dL,
-        0x4a181a650b0c9870L,0x0ceae429ae34b70bL,0x00000000000000aeL } },
-    /* 3 << 280 */
-    { { 0x3a070e58524bc705L,0x86404f01fbd0358fL,0x88456d7874567144L,
-        0x91aabc494cb2bf46L,0x829df4fdb1e29372L,0xf177ce20230cf9f5L,
-        0x404eca037a3d29caL,0x6d9b609a231007dfL,0x0000000000000159L },
-      { 0x7ff3369eb1bf4593L,0x94ff624f5e4049a7L,0x5b7ef74134194bc1L,
-        0xf4bac202131b06f0L,0x70a46357b7549633L,0x0b293380761ae1bbL,
-        0xb2d9c64d974c1977L,0xe27e23b400e7751aL,0x00000000000001dcL } },
-    /* 4 << 280 */
-    { { 0xe15ef16cfaadef15L,0x0f2927a1babe010bL,0x252539dbcefdeda3L,
-        0x1e8ff8c4a98613a8L,0xec7026d9f76d425fL,0x507c1214ac386095L,
-        0xfba6c762c8024ee0L,0x1088460c3f4dd18eL,0x00000000000001b0L },
-      { 0x6ccf1452202080cbL,0x33b934d5b645d8e0L,0xebd4d772c0fd54b2L,
-        0x62a8045e207e1dfeL,0x9e5d3b88601b9f43L,0xc8f7e47d77e357fbL,
-        0x1c8764778ec21437L,0xc08c5a27069dd1c9L,0x000000000000005cL } },
-    /* 5 << 280 */
-    { { 0x8b7bad84aa505f62L,0x8052b3cbecbd5f9eL,0x0e985e1ab3660a2bL,
-        0xc17e62d3a69bdfaaL,0x9bb1033189b5e1e8L,0xc572485a6b55d39aL,
-        0xc322f39adf1f6747L,0x88881e7fc81cb6fdL,0x00000000000000d9L },
-      { 0x31d3f8493310a660L,0xdd188984fdc9db36L,0x89a0af2c3c61b203L,
-        0x508fae9c8e454871L,0x2ebd3d7a69879c4fL,0x5ac4c93d83e6e3f8L,
-        0x71744332c59f4c51L,0x0322f749ad204b19L,0x0000000000000057L } },
-    /* 6 << 280 */
-    { { 0xd445e8962dac6a90L,0x6904dd238a6d208cL,0x83adfbbf4e016973L,
-        0x91630953a384d374L,0xcd5e353435cac47eL,0xcec42d1088bc5e3aL,
-        0x13d0e8aa5141de2dL,0x3bbd85d1be1d414aL,0x0000000000000105L },
-      { 0x2b200480b911ac9aL,0x0c681a4332bd4596L,0x68e2718368edeb24L,
-        0xf8a34ce78950ff7bL,0xa58265b03afb03e3L,0xd0d866606bc58ad1L,
-        0xf9542bba3303c185L,0x13afe747cc393e4bL,0x000000000000005bL } },
-    /* 7 << 280 */
-    { { 0x6871a6e155b6f895L,0xb935913e9d7e2730L,0xfe1eebb1a9ac21a4L,
-        0xfdab879429c16938L,0xeb9afe9adeeb21b9L,0x967a2fb2797f546dL,
-        0x2fe2023bb9cf34cbL,0x9272977ee049697bL,0x00000000000000caL },
-      { 0x348928ef50b4a316L,0x115e58ece32c9a4fL,0x6d858be4e3a235ffL,
-        0x7464d70472b943b7L,0x6e785131e862030bL,0x4060a8c7b8a27819L,
-        0x831b7288d3e4f0d6L,0x81c21f75b36c3f8bL,0x0000000000000004L } },
-    /* 8 << 280 */
-    { { 0x640c489c80744c7bL,0x76c2615a09c3bd56L,0x0a0a64544b2e41b9L,
-        0x1f67ea463635acddL,0x7a93c39af36dc54cL,0x4efd6c2f386cdcccL,
-        0x789ffbcd8dd41a02L,0xb718d8187068e710L,0x0000000000000002L },
-      { 0x463b2b5d8e3ed0fcL,0xef348838c77bcb34L,0xf3cd1bbd8e9bf495L,
-        0xc275c5432a4ec1faL,0xe606d611cc394e16L,0x45c1e7c61a56a93cL,
-        0x828c42db1f6707b2L,0x59ff294843754051L,0x0000000000000100L } },
-    /* 9 << 280 */
-    { { 0x23ac84cd9e107222L,0x011f6752130abb36L,0x83d1979f5931a184L,
-        0x87880be04349bee2L,0x785209566b06ebe2L,0xa12c6e2f5c02eecfL,
-        0xcfb3b87d2c027b98L,0xe399b69f59d49343L,0x00000000000000dfL },
-      { 0x73f60492f763472aL,0xd0630d7aa32c8e02L,0x64fda2740b7eb763L,
-        0xd2ebdd95c0295433L,0xd3bf0c58f8650b05L,0xc0c0a4abdf491d11L,
-        0xfdd83464bec2efd6L,0x42dbbf3363fec348L,0x00000000000001e4L } },
-    /* 10 << 280 */
-    { { 0xeaefe760e7307475L,0x660015223de4536aL,0xc0c1396d45928311L,
-        0xb972d84029ea65fcL,0xcbf018ad83c0faa0L,0x0ce90359f5116096L,
-        0x33a6e9c82c9e2cdbL,0x1e61a90c5f1aa2abL,0x000000000000001eL },
-      { 0xcddf71f961709e18L,0xae43057240f72033L,0xde53f951b1b7d4a2L,
-        0x409f0a90cc853277L,0x341fa0c03789a7e2L,0x9cb4a809daf6b61dL,
-        0x3b42585df7bd34f3L,0x7a624ac415d77b4cL,0x0000000000000078L } },
-    /* 11 << 280 */
-    { { 0x02e9c325f196b6a1L,0xcfc01de1b0374324L,0x289b25be0121a620L,
-        0xec188af9f09b541fL,0xac954bc5fcb86a52L,0xd883b21f87a757b9L,
-        0x1194e3a12741cd24L,0x3d1914b61e3ef5eaL,0x00000000000001fbL },
-      { 0xb13ea4836bfd085dL,0x6e20b8d504a5dcd1L,0xcf5fba257f7af4feL,
-        0x58625751914d9c51L,0x1005bcc9eb304193L,0x7b54ef23579943f8L,
-        0x50ead06cc7d1c9baL,0xcd9877673664cf97L,0x000000000000010aL } },
-    /* 12 << 280 */
-    { { 0xe78a2eefd978be2cL,0x1958503c388b0164L,0x63a5d6fb3d35eaf6L,
-        0xff6e50d5dbfb3304L,0x4b9c89e3931e2555L,0x93d6c6e9e2a419d2L,
-        0xb2b26a9296f11b80L,0x1ba661c44c413fb3L,0x00000000000001feL },
-      { 0xea30821624fc3599L,0x83000d9ae1823a76L,0xb614483695d2aac8L,
-        0x661640c0996c6b75L,0x5212a79fa7b4f33eL,0x40c6bfde5a2fbee7L,
-        0x8ce6e88e86ce3a36L,0x4a9b0c5eccb757a9L,0x000000000000010bL } },
-    /* 13 << 280 */
-    { { 0xc8b31578e40e993dL,0xdd419459041d243fL,0x0c47e4492fbaf7c6L,
-        0x10b731c47d71b295L,0x41dca681f36a08c0L,0xec3582403d924e38L,
-        0x891991a88593f600L,0x8d684b374a984c9eL,0x0000000000000109L },
-      { 0x44787399a8a706dcL,0x307e57cb53caa9baL,0xea0ad37576a3276eL,
-        0xb1b79db12e025195L,0x96703f51aa828a3fL,0x174f1c27536e5266L,
-        0xc2d7da86fba650e5L,0xe69208051bed53a0L,0x000000000000010fL } },
-    /* 14 << 280 */
-    { { 0x6076eba5d73f6d54L,0x2dc200db4826039bL,0x683c59a00761fbffL,
-        0x525681dffaeb001eL,0x84175769d29ce601L,0xb5301cfc04112e5eL,
-        0xa242021d3aed1274L,0xc2f154ceb3cf3089L,0x000000000000005fL },
-      { 0xc754a9e65799204cL,0x186ec103d6251a86L,0xaa3bc7933f06cc52L,
-        0x2512fb5391c10e49L,0xe63f08c7df01b044L,0x4138d8974a7a5bc2L,
-        0xd23a1be79258b0e3L,0xddb136202bb7743bL,0x00000000000000c5L } },
-    /* 15 << 280 */
-    { { 0x409beff853938400L,0x3593e4f9c460d38bL,0x6d0b5d57f0673911L,
-        0x22c8dcaec72c6491L,0xe6e263f173e0ea62L,0x14c1e16512ece129L,
-        0x45b34f069a474ff0L,0x36c07c4fb96851d9L,0x00000000000001fcL },
-      { 0x250b8e258259bf92L,0xfb6826a6866e22feL,0x1d0fb6d935566f47L,
-        0x6381018504537faaL,0xf8f10b30f1d6bcdcL,0x6ce068c4abbf20c8L,
-        0x3ceaa8c944fcf678L,0x44c0ee4daa121e6bL,0x000000000000012cL } },
-    /* 16 << 280 */
-    { { 0x3878c70adf5ee186L,0x62f4f54a6fffef9fL,0x0a7664c380400fa0L,
-        0x99be58c2d0ea21b9L,0xfa70b9ade311aa6dL,0xafadd452abf43a4dL,
-        0xe6291c610f7b5de5L,0x388a421578d61e62L,0x0000000000000024L },
-      { 0xf188f980ee1bcdafL,0x9ccc1a6bc991f497L,0x6f733d1221ec6f5dL,
-        0x59ce56b9da9f5bdbL,0xe03a9a1f40e88d50L,0xa5e60328c0190a2aL,
-        0x382bdbe69ff9d482L,0x26895085bb792de6L,0x0000000000000013L } },
-    /* 17 << 280 */
-    { { 0xb62405a5676a3e6fL,0x5ef780579ac1ab5eL,0x4aba44936c1169c3L,
-        0x0e3dce11827d4ae9L,0x2d8bffba23687976L,0x9fc0f8a871502c8fL,
-        0x7bddcff7be7d4d2cL,0x00784e850b6a00acL,0x0000000000000163L },
-      { 0x54fa77ad66a2abbaL,0x14fc08c88a96575dL,0xf1b50adef2dd1b8eL,
-        0xeecd2a0f774ea727L,0x6cc9ccbcf14625cdL,0x8800d8a0ba597acfL,
-        0x52ee2b93f9dec864L,0x5da5fb84e642a27dL,0x0000000000000056L } },
-    /* 18 << 280 */
-    { { 0xcd861ffbe4649d6fL,0x2ed9b50d8dd76900L,0x5e5cff5dcc6dd1f1L,
-        0x2f649d9fe440c31aL,0x1b6cab30e1b50625L,0x0280ffb2fedf3d27L,
-        0x41fea755cdd53867L,0xda1c31ff4b6b3458L,0x000000000000009aL },
-      { 0x504a5a4a1c5bfa1eL,0x3b16eff4cb6c1131L,0x42ae4011ae721056L,
-        0xadcb0a5c2f4db3ccL,0xe9f89fbe43d4383fL,0x243f76cc28188da6L,
-        0x836268eb0f53be46L,0x2fa1ca1b386264f4L,0x00000000000000e8L } },
-    /* 19 << 280 */
-    { { 0xdf5b66aab830b085L,0x2f6cdf43b7a797cbL,0x0101d0724241a303L,
-        0x0a16ad64a6623b9eL,0xcdbd54b3a9f4c582L,0xc97a95567ee209feL,
-        0xac166a4f72e05927L,0x944328443d9fa567L,0x0000000000000073L },
-      { 0xa051a3107a366e15L,0xfd0e5a53c6bf5c08L,0xa240cf6d978ada91L,
-        0xe8ad78c9349ea3b3L,0x9494acb015573256L,0x2bdfd51e391180d4L,
-        0x911ad26d30e11852L,0x066206b1c0d32653L,0x0000000000000173L } },
-    /* 20 << 280 */
-    { { 0x682b6f1d6f37fe71L,0x3754800ccadcbcd8L,0x12367b4b70b949f5L,
-        0xa470950748bd0160L,0xf46eb3dba321a86bL,0x9ea717597b65a082L,
-        0x49607c639e80e35eL,0xcae1103f0ed3f9afL,0x0000000000000110L },
-      { 0xfecfb034c97c9712L,0x46794ae3487685c8L,0xd801e8d1d123a90bL,
-        0x6ee2529e5b0b89caL,0x2b3b7f4cf650661aL,0x23257437dbf31d1eL,
-        0x6d2e599d2f61e4b7L,0x4853ca0956a975a9L,0x000000000000013eL } },
-    /* 21 << 280 */
-    { { 0x4641c185951032bdL,0xb4a82d1ed654967bL,0x4f60abfaebe0534aL,
-        0xd8d59a71563969dfL,0x69a8365d897b93d0L,0x34dcbce7a3ddcad6L,
-        0xb4798d7484801108L,0x1ef48f2b9509858bL,0x0000000000000186L },
-      { 0x8f01ec3308d02285L,0x8f361eccfa7f5f30L,0x03d8d9aa173946f2L,
-        0x2ee8b5750e55fbc9L,0xf3d5ab9b804c4aa0L,0x928acfc13fb93feeL,
-        0xb60fb73a1f387d73L,0x4f0a74e1fabfa19dL,0x00000000000001aaL } },
-    /* 22 << 280 */
-    { { 0xdd033085ffc38940L,0xbdf00b79e0cbd312L,0xe027364751bfe81bL,
-        0xc9dd4f9d4889fd94L,0x307b0e6e06260888L,0x1cc21a4c57fc3aa6L,
-        0x80015db80375ec4fL,0xd8cd58e27ec6ce20L,0x000000000000017cL },
-      { 0x46ba9532bf2925beL,0x948247d693eaa62aL,0x7dd8c538b71fae69L,
-        0xc90496865561d353L,0xdcbb708b427cf50aL,0xa367d55f861bc80eL,
-        0xf46ec4634a8f28ddL,0x3481474dcbce8110L,0x00000000000001acL } },
-    /* 23 << 280 */
-    { { 0x254c69ed55155f2cL,0xe14b1c5db7d2603eL,0x2dffb214ba8bd917L,
-        0xcddb7eb590dff8acL,0x66e23246426e1109L,0xcaa97ba1cdf4a95bL,
-        0x56522b0177be0ef6L,0xa81706f55d3f77d4L,0x0000000000000011L },
-      { 0xd4b76f04639ff0cdL,0x15091830d19f7652L,0x64d3e1589351196cL,
-        0x63b04349370e92f9L,0xf247c96d68ca3652L,0xfda88c1295b0a39cL,
-        0x09ec4902691b35f7L,0xf1e93e7656a345a6L,0x0000000000000195L } },
-    /* 24 << 280 */
-    { { 0x1c1293a1f9640d38L,0xc24e8f93b6709da3L,0x5d9b87cb8cbfeeaaL,
-        0xab49ee81b0fd1d5fL,0x09cba9064c63b1b5L,0x379febb06f867688L,
-        0x2061b6eec99ba636L,0x966f2eaf51159b58L,0x00000000000000b0L },
-      { 0x4a130277873b42abL,0xacd92f6c1c8ab9b2L,0x117dcc6ba66d3168L,
-        0x70362ec85dae335fL,0x1f13ef5eea5f8570L,0x8268cf14a075c01dL,
-        0x2f8431fad2b71b7fL,0xfff9c7d1382b4939L,0x0000000000000046L } },
-    /* 25 << 280 */
-    { { 0xed53320a5467b695L,0x95777379d81bc3c6L,0x1f53f221165800f8L,
-        0x5a3a36ac90c1143eL,0xf319be6f7a9ab721L,0xb6d3e1158c4ed728L,
-        0x6a9e9dccfaceb5d7L,0xa8abd38370e27532L,0x0000000000000080L },
-      { 0x28f0cede226f9ad0L,0x8a96ae65e9efd27fL,0x4fe7eb7fef2564a2L,
-        0xdea5e9aaedd96a1aL,0x818a8f76469bfc52L,0x0e8eab80c7f687f6L,
-        0xebe81c5d4198b48fL,0xdd7e25c68d9d05f8L,0x0000000000000144L } },
-    /* 26 << 280 */
-    { { 0x5cfa7cbf1f54bc21L,0xd37a2401c5bf8ac1L,0xd6e4aa9fe1b4948cL,
-        0xc0af78bb87876571L,0xd5f38c4a9435c756L,0xdeaf4d5d196d5a67L,
-        0x847999d3665b16adL,0x55e422ab944e41cdL,0x000000000000011aL },
-      { 0x1c73a7be1f893849L,0x98773cab9b84e408L,0x5e6a4e145ed1c89dL,
-        0xe78d1b90716a5325L,0x1513fe4a577ed006L,0x7b8cfbaa90824caaL,
-        0x663d3fa73c2a2886L,0xc9d7e9608eb5b6b7L,0x0000000000000167L } },
-    /* 27 << 280 */
-    { { 0x7804ab0cd5dd017cL,0x2ee33f77c259ae7cL,0xbc379b5e1987fb05L,
-        0x472603f311e07d17L,0xfde157912168f043L,0x474bbd4c5d357133L,
-        0x278fdbb181d0f190L,0x44d8a1465f7a199cL,0x0000000000000090L },
-      { 0x7cf6a404bbd57b48L,0x19a5cb69db6852eeL,0x6f08b1da1b26de4bL,
-        0x04262f2a58360fe7L,0x287dbfd73bf7c760L,0xddcf22856e702e73L,
-        0xe4f8a899fe86dc89L,0xee9807e0c06c6e6fL,0x0000000000000118L } },
-    /* 28 << 280 */
-    { { 0x0a59179b025c0e2fL,0x43088758ddb8e4e4L,0x9ccb5d9baf9e3d51L,
-        0x5b220d64f6cc6fe2L,0x43a38530f69d1a66L,0xcf4dace9fdc5b0f2L,
-        0xf1bba4e1418ba2bbL,0x70e502e9d82fb27eL,0x00000000000000ccL },
-      { 0xb4fb372ba990ec9fL,0xc1c31603c5fa0250L,0x79b46f6cecbe934bL,
-        0xad2fc8f7b28f7d50L,0x240f4901b4d4e6d9L,0x11c72be533c59d92L,
-        0x16cb9bc5c94ffb67L,0x8517fa2b2e957b97L,0x00000000000001e0L } },
-    /* 29 << 280 */
-    { { 0x8672f8c178c2fae1L,0xce853dc0b390e692L,0x50cf0558fc7389d6L,
-        0x0eb7599014218bbbL,0x8942e82713a837c8L,0x07fb92d0213f6565L,
-        0xc3e799a7db1d4bafL,0x93ef2dbe0d7238aeL,0x0000000000000087L },
-      { 0x7e1c949a4d6f61edL,0x0951d2409855b4b2L,0xe99da0df0768f131L,
-        0x3a9895ca40b9263bL,0xeec3111e988e877cL,0xb887eeb1392e2a50L,
-        0xd26c888f3ae6a3edL,0x60db343170b42b56L,0x000000000000001cL } },
-    /* 30 << 280 */
-    { { 0xd6d025d839e224e4L,0xea671ba973ee2abdL,0xf71e527f0b2458ebL,
-        0x97adc0a443f0bb0dL,0x39d5e7b826a9a537L,0x02ee550a7e29adfcL,
-        0xd7fea1b5e6433c20L,0x6777e7f94b13721aL,0x0000000000000126L },
-      { 0x4682b1468c2c454dL,0xd6e496150d5c34dbL,0xe84ad426a9213f48L,
-        0x9143f004be2e5e10L,0xeb48a5a485f087d1L,0x10d141c784d2ceecL,
-        0xc96c7d6673ca411dL,0x28aa426c59faea28L,0x0000000000000144L } },
-    /* 31 << 280 */
-    { { 0xbb86295ab95fe143L,0x7a0778a004aa86f0L,0x72402bb054f3df03L,
-        0x5d2146943f81659bL,0x19aaa8e646689638L,0x8de0ef98937688a2L,
-        0xda612f96d910473cL,0xb0b8a1120a41c825L,0x00000000000001b9L },
-      { 0xd8d116daef118dcfL,0x4e24efd829a90bebL,0x3bc302db0e413b54L,
-        0xa0e984fd1a8c9f3eL,0x7b485798206268a1L,0x52a1f4523d769ab3L,
-        0x7bcb688e6853067bL,0x6b7f3335e784e934L,0x00000000000001e2L } },
-    /* 32 << 280 */
-    { { 0xba3a04f75f8fa47eL,0xb9c44aa1833dfb7cL,0xe4f3a4a6af4ea679L,
-        0x02b4bc288240ae75L,0x390076ae282412ecL,0x74e5bd6406709592L,
-        0xb87b1a57dbad0025L,0x71e0c6f732123b04L,0x000000000000016cL },
-      { 0x266b71d5e4ffc2c8L,0xb061cb88a73f6fdfL,0xbca068cd75b93ff4L,
-        0x4552d43b97712a14L,0x1035134c5b941ba7L,0xc14623abf31b6915L,
-        0xdfdd91c4aa972a0dL,0x54e8e7e0e17b9ad3L,0x000000000000008dL } },
-    /* 33 << 280 */
-    { { 0x664d379c66087692L,0xe4cfe5932b4cc0e5L,0xa293eb7c765981c8L,
-        0xa366a8be9ac9be69L,0x18a8fabdca5c9348L,0xa3d94fcda2a2c5e9L,
-        0xd6d42b142c19d210L,0x90c8d32950ebedf6L,0x0000000000000077L },
-      { 0x4b232a133ea6cce2L,0x9709a4f5efe51889L,0x6641e274e233ec8fL,
-        0x68744e54abf46598L,0x8c12e8da847eb365L,0x31c4a313be0dc8beL,
-        0x88503ca97bce4bd9L,0x98356a4724bf7fdaL,0x0000000000000058L } },
-    /* 34 << 280 */
-    { { 0xdd5dfc11a0dad11eL,0x6af8128d95bbbc01L,0x2a09533d2ba204d8L,
-        0xf656433c14308665L,0xfb9b0752873ddf2aL,0x462baf84bff789b4L,
-        0x4119391c36f8d363L,0x24a0d61bc83d0643L,0x0000000000000128L },
-      { 0xa811558a81d32679L,0x73ebefc16d51d480L,0x52e334d76723ca36L,
-        0xe102931c3bc64e40L,0xe0fc619a226f57ebL,0xc6533d88d5a49296L,
-        0x8a96610b856dc0b3L,0x7fc05cda95a3bcb8L,0x0000000000000128L } },
-    /* 35 << 280 */
-    { { 0xbdbe8a3a30b14db2L,0x7e4bc20c9a8247cbL,0xa620bdf811e536d0L,
-        0xe972971a67a49b87L,0xa10d8379f31c11efL,0x8908fe100b816ab1L,
-        0xe44858845c7db701L,0xacb4e91129807371L,0x0000000000000028L },
-      { 0xdb757df6497c4dc0L,0xad84afa0fd068916L,0xb98bb9c9c0ed25c9L,
-        0x9af8511a42c7c5feL,0x853e412f8549f45aL,0xe5fcb0b400cdd781L,
-        0xdda7fef0653d6e1bL,0x3340956d20aa3f18L,0x000000000000018bL } },
-    /* 36 << 280 */
-    { { 0x3751cc30569b8171L,0x0a5f50721195ceb6L,0x67a550c5aed5f6f7L,
-        0x9fa0ca1a467c1996L,0x342155f04c5cc05bL,0xa8fd7a3b1265b643L,
-        0xa105382b94eba9ddL,0xd2dc6762655a3ed5L,0x00000000000000c7L },
-      { 0x2913e45239c2dcc4L,0x81fa35062758d09cL,0x7df16b9411840bb6L,
-        0x0d96f28f04eeade0L,0xf5ab6c8c883daf5aL,0xa53d625e24e9795aL,
-        0x14158b332a711c2eL,0xd5ce7e2a97ad3f03L,0x000000000000010cL } },
-    /* 37 << 280 */
-    { { 0x9871dafee3cd99cbL,0xca11ffb2f9d1422bL,0x0cbec630ffe7633cL,
-        0x095207519701f5fbL,0xe7cdf5f0b714a25bL,0x54b44266e17aa21aL,
-        0xc53a84760ef13940L,0x9e8c18f56acbd9dfL,0x0000000000000057L },
-      { 0xabd27e097605396aL,0x731f83a012ea5abaL,0xb6a23513f28d07f9L,
-        0xbba530fa2ea3b230L,0x38f79ffe89abfb21L,0x2767e58ab7dce472L,
-        0x7eb867f9c16bd8b5L,0xeab0414eb76ce0c7L,0x000000000000009bL } },
-    /* 38 << 280 */
-    { { 0xe100e0eec1c91709L,0xa73bbf8c56238cdfL,0xe8b191e09196fb53L,
-        0x0c54c7820203b3d5L,0x914cd8154ad45f0cL,0xf488ed49b504e7ebL,
-        0x91983a3b525a0122L,0x7a9db32607a6bc76L,0x00000000000000fdL },
-      { 0x9e5874870b0b0ef1L,0x0c5df87d4deca852L,0xa671e125fcfb2b5bL,
-        0x4c0dc9d789fb90a9L,0x8bc6b9a1b47b79f0L,0x5ed3c685bcc0d53bL,
-        0x107f5ef1ec8aaab6L,0x5f93971f98ffcd41L,0x00000000000001e2L } },
-    /* 39 << 280 */
-    { { 0x81d5acf81e69cfcfL,0x5786ae3471bda15cL,0xc3e9c790d4ba8896L,
-        0x78415f43b320fab2L,0x5407bb1189d23809L,0x6b5d5e41d3007de8L,
-        0x1f686d5c39797363L,0x0be555c28d9004c2L,0x00000000000001ebL },
-      { 0x8eb5c5bf91addc9dL,0xe8b81cffe200f350L,0xca3b953d44b42146L,
-        0x6ba06ea9ecc482e4L,0xa6a70a446e4d1a38L,0x3210ff44eff587e8L,
-        0x9ad9ba8e1d8a7cf6L,0x813c4d94c77bf97eL,0x00000000000001f3L } },
-    /* 40 << 280 */
-    { { 0xe31effa2306c1354L,0xb5e2c13d85925368L,0xb1f2607f35ef339dL,
-        0xb06e916138e6170eL,0x4e6644b8f3f3e31bL,0xda16e937e3e59db4L,
-        0xc66e7dbf6accfe20L,0x31622dae364dc59aL,0x0000000000000187L },
-      { 0xc9d619cbc2b0bd83L,0xfe780349cf4a8cacL,0x8109dbb48b3d6584L,
-        0x55e1a93c943709d9L,0x651c52d321ed38d8L,0x87ca86938ef82c60L,
-        0x6ba45f8f4280d960L,0xe903e26b7e505800L,0x00000000000000a4L } },
-    /* 41 << 280 */
-    { { 0xbeaefb738d027004L,0xb93ae273b643fdf8L,0x171130c78b054ce8L,
-        0x03e50d97fa4348b9L,0x1e136c40bcd5a01cL,0x4c3c0b3320e072eaL,
-        0x5b07b9f5fb37369aL,0xc306209f6aae7067L,0x0000000000000096L },
-      { 0x28f228fdd8133dd9L,0x5e97b819ed9f4989L,0x0511850fa8e2e90eL,
-        0xfba9dac8a577a370L,0xd8f8a690e9748a8aL,0xc4061391c30a3f0bL,
-        0x22a676e042f585a6L,0x252bd6609c5f7211L,0x00000000000001b0L } },
-    /* 42 << 280 */
-    { { 0xd9e89ab1b2261b5aL,0x896f863c0bccf5d5L,0x09ba590aa5b7eb39L,
-        0xc8f52dfb0fa4086dL,0x3f236dfd1075176bL,0x0e0cc891296f969aL,
-        0xdfc18d50a2313921L,0x8494f9a73ef48a34L,0x0000000000000084L },
-      { 0xd57a2f227f5e334cL,0x69d7c5b7ded57c18L,0xcdb18f19b1ccf76cL,
-        0xeaec2b7c33021735L,0x41b62e1affce6cf5L,0x12282e773aad7e4cL,
-        0xf9c2216e9db6619cL,0x5f1678eaf32e4661L,0x0000000000000079L } },
-    /* 43 << 280 */
-    { { 0x3806aa79ed2215aaL,0x77b2b474fda96f56L,0x4957726aacc33f60L,
-        0x3aeede639dcb6de3L,0x7c5a4b2dd1f46307L,0x03638122d27dc35dL,
-        0x5c8c687cad802f35L,0xfb84505dcb2b917fL,0x0000000000000089L },
-      { 0x86ad4d10d3241367L,0xa5bbbe2804283e3fL,0xae8a8a156cf1b159L,
-        0x8b30bb7f97d37100L,0x302e14e45dc590ceL,0xe3aa0b5dcdd1751aL,
-        0xb2d7de843c7c9c0bL,0x9693fc8121ea3e9bL,0x00000000000000baL } },
-    /* 44 << 280 */
-    { { 0x30e7e4bda557a890L,0xb6a8ecf96b5cdb6fL,0xbec5ed5023b68ea9L,
-        0xc359d11f3fe99380L,0x84e9e7d83bd97138L,0xa58c8a9a3a5815eeL,
-        0x759839a47c240941L,0xb652633099670993L,0x0000000000000144L },
-      { 0xe3f92bef6bfae59dL,0x6eb6a3ef34c6f089L,0xb35ddc7862aa2a94L,
-        0x2495301b6c27da9eL,0xea719a48d8d23941L,0xf0be43ad79c61b1bL,
-        0xbafb76e1a27c859aL,0x9d2f814c97f29bb0L,0x00000000000001f7L } },
-    /* 45 << 280 */
-    { { 0xe3d9794863bfeecbL,0x787b7b93c4e33b5dL,0xd193545380e717c7L,
-        0x80f09edff51d7ee8L,0x5ece8dec2cb8e492L,0x1c2e49aeb0fbdd75L,
-        0x555ffd0c62ca40e8L,0xb087f09cc34239e1L,0x000000000000011fL },
-      { 0x058e0296c7e17929L,0xc37bb9507cabdf29L,0x3f760103337ba5a9L,
-        0xb04c49872eebc4d3L,0x06ed604d12273246L,0xb2b6a2ac48a00bdfL,
-        0x7b9eee4ef1e6f9caL,0x2bd8117abfcb3b3dL,0x000000000000003cL } },
-    /* 46 << 280 */
-    { { 0x9f03aa3fbadc0444L,0xd4646ae421350843L,0x9d669c31ae89c5cfL,
-        0x28f2dcfa88476683L,0x1a27c9a49927c5d4L,0x05f0d014342307c4L,
-        0x74a305b664bcee6dL,0xf2d3fa9c6b8102a1L,0x000000000000004cL },
-      { 0xb2801ee8e8313032L,0x484d7fc270c2bf31L,0xb1e823146bcb4da5L,
-        0x01c6855cf5dbd4bdL,0x59bc8152d21f4295L,0x452be6974095767fL,
-        0xd1557ede45d79429L,0xec32dcc2afb02a09L,0x0000000000000173L } },
-    /* 47 << 280 */
-    { { 0x196940e45ba5d05dL,0x6576d0f4bbc541ecL,0xe5e984bd3a91a1daL,
-        0xbc63c9eaf3498971L,0x89135ed31f03c14dL,0x44fe60e13379f59eL,
-        0x28a5a0b752e302bfL,0x14d350309b2c7e38L,0x0000000000000073L },
-      { 0x1c34012525832327L,0x88c1ebb85e862352L,0x5e82c2f646d29a75L,
-        0x98aa3bf4b5f97690L,0x17a8b7d4fbcc02caL,0x8190772afcc8f81bL,
-        0xee79fec1e5a4dc65L,0x62c89b093fe96241L,0x0000000000000166L } },
-    /* 48 << 280 */
-    { { 0x521cb4e322b7448bL,0xb51bca884c726beaL,0x9391bdea39c312eeL,
-        0xf9128ef72c8b9a0aL,0x988f9f78a8e51d04L,0xdd44418f96c8257eL,
-        0x3688fb242d7f2f00L,0x2f92e5ff1b1fdd4cL,0x00000000000000e3L },
-      { 0xba865459e98c49f5L,0x3545cf759dfe9dd3L,0xeb3ef7ffce823a85L,
-        0x39bc813a9b39a2a8L,0xb753463592a11c12L,0xb16a5bd61ee6d123L,
-        0x3192e6dd82fef180L,0xebfb81b4287687c4L,0x000000000000008fL } },
-    /* 49 << 280 */
-    { { 0x41889a308e521628L,0x353bbe7cd54a23f0L,0x6e30dc47b96e2ee6L,
-        0x957c31e030bf9a04L,0xe87fac6e880b0a80L,0xe7f5c5c603c6d936L,
-        0x2b605a09abd24985L,0x24da8804c0227c2bL,0x000000000000009bL },
-      { 0xbe44195151deea0cL,0x1d27a5349a94a2b3L,0xe89bd706906fd00bL,
-        0xbe0e3af4b48a3888L,0x462540f9ba0f807fL,0x5698134e4480f7e0L,
-        0xefbf0694f9470f38L,0x622aa439f2147a77L,0x00000000000000eeL } },
-    /* 50 << 280 */
-    { { 0x3d0eff5a9e14a157L,0x17b32d7a1e610aebL,0xd7d7e6da192e4c2cL,
-        0x9fe47524bafe7a78L,0xffde6e808f0f59d8L,0xfa5b05067f07595fL,
-        0x727527ab0c4ca54aL,0x3125b812f2ff633cL,0x00000000000001c5L },
-      { 0x9949eb375ebf3165L,0x6b3b1ca23d969575L,0xbdc906e777691f06L,
-        0x5c7fb79048e77747L,0xe14e6e1461b6e449L,0x168745a6ae1ca8c2L,
-        0xb1a8c53a10d7485eL,0xafba1519b3f97687L,0x0000000000000012L } },
-    /* 51 << 280 */
-    { { 0x1954666c0c70fb24L,0x82266d143f951a55L,0x05d351fb7571c7d1L,
-        0x18474822a33960cbL,0x9e21b386aff4d604L,0xdc1523b7c7722030L,
-        0x97d8d47c3b40f662L,0xe46c6e58c518f8e3L,0x0000000000000197L },
-      { 0x33776420fdf51fe5L,0x13c170deea2d40baL,0x9f058330686e0c42L,
-        0x187d65578e9b7d13L,0x60731c312fd50daeL,0xc4a33b8f616a056aL,
-        0xde3318374d1e0552L,0x883f0b1c76622fddL,0x0000000000000004L } },
-    /* 52 << 280 */
-    { { 0x702fec554340d2f2L,0xbfddf7ab5a6c6a38L,0x52d5a7ef0a77c874L,
-        0xb31d293155a58f3bL,0x3088d8036274e0d2L,0xb939133876fc6ab3L,
-        0xb144eb7c8e936c61L,0x9c6f8e0c31f651c4L,0x00000000000000eeL },
-      { 0xc4f7ef971969c94bL,0xd0ae9ee1b1ee6473L,0x9a2310ae3c6ef7b5L,
-        0x201667dcd9af7a6dL,0x177ef629e661696bL,0xa295439c27dce2c8L,
-        0x917e7ad90654b39dL,0xf4f4160e253e2455L,0x000000000000016fL } },
-    /* 53 << 280 */
-    { { 0xa5f4d18206539fa7L,0x00e9ca62193bd001L,0x4f82a43b34a98a26L,
-        0xf191a2c7acba36e6L,0x24af9551e410e4f3L,0xc497e07f6d3535ddL,
-        0x29c932541c60ad3bL,0xc979ef0d599a657aL,0x0000000000000155L },
-      { 0x0481964ddc0c026aL,0x02af224ad01e5c0cL,0x82bf913f1c2ef89cL,
-        0x86f6d32c471bf1c0L,0xca2ce84ad8022d80L,0x4f145b6799803487L,
-        0xebd0ffccda0964d7L,0x19f8d6f7bcef48f7L,0x00000000000000bbL } },
-    /* 54 << 280 */
-    { { 0x509b71b9ac36d28aL,0x15d32c770811d528L,0xb793235561dc6575L,
-        0x05233f01fabb650dL,0x3a16d034167495fdL,0xd567e0bf8c1efb75L,
-        0x253895e41fec8e93L,0x6b69015c5648158fL,0x000000000000000eL },
-      { 0x879a7df915627f86L,0xab3caf87f08f9464L,0xaebb91e351cc0b72L,
-        0xf5f3a2ce80718925L,0xb5740882c3e6f70bL,0xed18d27690f16d5dL,
-        0x318733e770b09c3cL,0xc1e1c737e4c59a44L,0x0000000000000095L } },
-    /* 55 << 280 */
-    { { 0x88537bbe883279acL,0xd66ce961da9ea3d7L,0x5a009e7f6f24804cL,
-        0x1aa5de7b572a81f5L,0x0a2d89e029910a84L,0xff6d0adba6a3b709L,
-        0xf709ae9d176ecf3bL,0xb55a2f97857e7161L,0x000000000000013eL },
-      { 0xd6ef2ad66d5ac444L,0x0cf086d7c738f5bdL,0x36484c34061945a8L,
-        0xad1acdb879dd65c5L,0xd58ac17af96e2538L,0xb1bc5d14ee8ca9ecL,
-        0x51ee010ef4765340L,0x2285cc3b31335245L,0x0000000000000138L } },
-    /* 56 << 280 */
-    { { 0x939fe75a6fc48236L,0x23d3887d911d8cbfL,0x258fea93b7d3a0e2L,
-        0x9b073bf37f01bba5L,0x7324e1698e6cb543L,0x44843d4aaf26dedfL,
-        0xa04a7c60ede00d61L,0x10218bd6cc5a03bdL,0x00000000000000a2L },
-      { 0x33c5563a2b93360bL,0xd50f6be0d4e9d47fL,0x78e7dfa1c7ad7ac7L,
-        0xff7c2c5a92c64ebeL,0x932531e7bb22d05aL,0x1c8f30604bc070ddL,
-        0xbd9787cb8d8150d1L,0x8ce2223b0cee42b4L,0x00000000000001f6L } },
-    /* 57 << 280 */
-    { { 0x6731c027e046c0a4L,0xf718dcede5a06138L,0x78ee5eb548b6ba4aL,
-        0xc2d5dfcadd81e407L,0x35da8dfe47dcfcacL,0xdc81e42a8eb7a98dL,
-        0x35db538102f60af3L,0x137c92f71af4e84cL,0x00000000000001a2L },
-      { 0x5fff48bc7fae3e38L,0xed6bb7ba7bfb9009L,0x3ea9829b94d9f8d9L,
-        0x1b02d966e57ac9f7L,0x2a2e7b3b9e17a7b5L,0xfd677d10f8b5971cL,
-        0xf02c62c4feac2153L,0xb2853d963d277f34L,0x00000000000001a0L } },
-    /* 58 << 280 */
-    { { 0x34cda6b2e8bcbdccL,0x1ca83d8ac58e01bcL,0x9c38e61d6a6033dcL,
-        0xd3df77d1696792c9L,0xdf573ec644eb1ecdL,0xa8a065432d74f38aL,
-        0x3cb79ad7491230eeL,0x828962151a271b8eL,0x0000000000000182L },
-      { 0xb889ef07d85525c3L,0x39a37a8da74b5e4bL,0x6dd97fe1ba9f0edfL,
-        0xfc32a4c55df3ce92L,0xfa0958f820517719L,0xd2570ed03c80801bL,
-        0x7b0d90f5df333517L,0x5448e3b21cbee93dL,0x0000000000000005L } },
-    /* 59 << 280 */
-    { { 0x9dafe225907309ceL,0xb5c7f7796ab4285bL,0x025fe316475406c6L,
-        0x6427b6a73703b8aeL,0x077b26865c34c5ecL,0x16bcd88fb1889dd6L,
-        0x963169a8eab6ae3aL,0x2a42b76c7535cd94L,0x00000000000001d2L },
-      { 0x7a7d5f3e60ea3972L,0x03495625a755ec1dL,0x441847032b183692L,
-        0x8303d22fadd33ccdL,0x6932dab9215523e8L,0x26f696dea7164118L,
-        0x682a8f9abb3aa620L,0x86aa638d15247803L,0x0000000000000078L } },
-    /* 60 << 280 */
-    { { 0x51849a5b53fbf94cL,0x2436d1f33647dfb1L,0xbfd7dfe1ac158d60L,
-        0x4157581eaba95982L,0x574c1d648b89798cL,0x6d659219754f1eb0L,
-        0x0654acce001d0c68L,0x8f1cafc9c86fb259L,0x00000000000001aaL },
-      { 0x96cf49426662061dL,0x6928d7c4565613e2L,0xfa3e5e7011afa907L,
-        0x2bedac91cd3c3062L,0x7b05951c87adb45bL,0xa2b68ef665e3fffeL,
-        0x682b65bedb7b8c54L,0xf8ef1353338a27a4L,0x0000000000000153L } },
-    /* 61 << 280 */
-    { { 0x3eec74aaf0d73d13L,0xb1200378a199d41eL,0x0501130712fce9ecL,
-        0x59e08d4685af38d6L,0x1c3028b097eb7439L,0x4389b2a7c8c2d7f4L,
-        0x41155e4c03df89a8L,0x06a993c37e415914L,0x00000000000001e3L },
-      { 0x1a57145402fb35d5L,0x818c71f0107f51ecL,0x009f840d42da6adaL,
-        0x67e4374f54a5468dL,0xf2250a74b245d86aL,0x09bc3e44bca120b1L,
-        0x6fdb2a6b308416a3L,0x0bd60e1c6a9146c0L,0x000000000000010fL } },
-    /* 62 << 280 */
-    { { 0x19ba4fdb0b35a9e4L,0xfc93eff181057e1bL,0x852ae0abf5380848L,
-        0x910c30d66877b719L,0x3bf62a9503916cb0L,0xd56a881ea3c2d070L,
-        0x256c3542a356f757L,0xcef8a8d929d75c65L,0x000000000000007eL },
-      { 0xca44a43576ea795bL,0x611ecedea8f27192L,0xfcb3a868de9182bbL,
-        0xac04e9d7dfa3eca5L,0x03f47adae89f80a7L,0xde7b801854858348L,
-        0xbf27c5a14a0e3befL,0xcd91a04d3461a145L,0x0000000000000117L } },
-    /* 63 << 280 */
-    { { 0x76dec50fd577c07cL,0x5a1d94bf5a8d2c7aL,0x871183453616e745L,
-        0x8b4e25d136e7d7daL,0x0464ac2c0033ea1bL,0x62f6569a2c5caacaL,
-        0x1989e0f6d2649cc3L,0xcd5990464b02997cL,0x000000000000006dL },
-      { 0x8df4238f7a8f232dL,0x04a5230661f90575L,0x179274765fdb83b7L,
-        0xddba74da6f09f3f4L,0xf6cfd200793d48bfL,0xe3ee41a1c980f85dL,
-        0xab48c17ae75f5667L,0xb09a7c62d4d971e8L,0x0000000000000009L } },
-    /* 64 << 280 */
-    { { 0xa99e0fa88b404760L,0x5f6b7eaa28835bbaL,0xebe75466811f0bccL,
-        0x3d69da3e9d0fffa4L,0xd815e361185f1ae0L,0x78623276b30ff597L,
-        0x3518246ea8466de1L,0x3c8e0d4a516b0e43L,0x000000000000003dL },
-      { 0xf4bc4434d1614abaL,0x49d062b7bfedf3abL,0x878c93290fc7e5b4L,
-        0x727ea9198a92c516L,0xd159dd269ac43994L,0xcc04bc19c25a36a5L,
-        0xcc7ffb96172789e1L,0xc136b9c92f2ee22cL,0x000000000000014bL } },
-    /* 0 << 287 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 287 */
-    { { 0x758be5677ed6ead3L,0x5aab37984ea30f41L,0x8a66701d724bded8L,
-        0x3e1ad9a070544b4aL,0xd0286777ee940423L,0x3335377b329a995eL,
-        0x244d471a4eee58a7L,0x32d4dfa067275e49L,0x0000000000000105L },
-      { 0x7ef7dd10f91eeef2L,0x51c22e8bba0c7d57L,0x45c515d485233341L,
-        0xd9d7cefcd353231aL,0xbef9d961da5bd561L,0xa5110c6f5531a41dL,
-        0x0f1f7a194328f21cL,0x1ad6d24c49ec18e6L,0x00000000000001a9L } },
-    /* 2 << 287 */
-    { { 0xbf2ffcb76e640a8dL,0x63479501a0b5a07eL,0x55bb30015f36f2e7L,
-        0x9890f999058a676aL,0xd9ee341b455c0d27L,0x6c95780c18e08fc8L,
-        0xeb63a675442a075dL,0xce46a1a5fb69da00L,0x000000000000006bL },
-      { 0x8c618934f3ed6253L,0xe00342446e9433b4L,0x989b99214260b2c5L,
-        0x11699804d9df4747L,0x125fe61f763a7f63L,0xa972786dc6ec395aL,
-        0x662f9fe7b7b7b8c6L,0xfb644a615456556eL,0x000000000000008aL } },
-    /* 3 << 287 */
-    { { 0x2014334668cd4338L,0x46b6c25dddec02b3L,0x7ed7b8e00f3bdda3L,
-        0x233b739abd4bfa08L,0x5d637074764e5f80L,0x16dca3c8bf2e9eb6L,
-        0x833e08beee088b75L,0x2e6d8782d0ef69a0L,0x0000000000000067L },
-      { 0xdd6bac439054fc97L,0x20f0fe3f00b0046aL,0x1f53f565aa8b318aL,
-        0xf74826286eba16cfL,0x899f86ddb055944fL,0xdecc577c4b26279cL,
-        0xefd021ba3dd92904L,0xa8be3c70f9aa1d87L,0x0000000000000029L } },
-    /* 4 << 287 */
-    { { 0xed29c2ffb0bb44d8L,0x0874c2a5fa00ddabL,0x9398e8a2065a4a5eL,
-        0xa6e1952691aab917L,0x20a816ac667898deL,0xda4b97934b94a66cL,
-        0x6fee1473b00e36e2L,0xcd9958d793a46ce6L,0x000000000000000fL },
-      { 0xeab9fa64a362872fL,0x87cc55b095457fb6L,0xe3e3f13d3c702019L,
-        0xe025b3c8ff6208c0L,0x8fcd5b2fd8b8f87cL,0xcf9ded31789bc9edL,
-        0x7474244818d40f49L,0xbf14e1f046c33140L,0x000000000000016dL } },
-    /* 5 << 287 */
-    { { 0x509b4ebd2a3f7a56L,0x284be6724315de88L,0xd9bc95a7708c6237L,
-        0xb614a4d485dfe317L,0xe35de3d30c1c5737L,0x9e0b17191bd97337L,
-        0xc3b084f841c2b929L,0xce03487b0953b7ecL,0x000000000000019bL },
-      { 0x35d5de3da22978fbL,0x7207c915b2212285L,0x109219a2328771e5L,
-        0xb262f06c8716c153L,0xc47aadea45f2bdfdL,0x7032cbeb4a1497f4L,
-        0x1603a5f69eabdf95L,0x56c6eb2bf53bb028L,0x0000000000000033L } },
-    /* 6 << 287 */
-    { { 0x0aa08334a3a5a2a2L,0x7b1e2f91dcfc5939L,0xe1c64158673e221aL,
-        0xa9ce2061cb3319d0L,0xb359c34b977a9b41L,0xc127af82b7f9fc83L,
-        0x18ada73481166c12L,0x1c4c48fb092d64d4L,0x00000000000000eeL },
-      { 0xfed1a8da4c5015c4L,0xefd54478526e1897L,0x0ac4f64075bbdc91L,
-        0xc0774cce910661ecL,0x699bb035c30ccc07L,0x836b7b1780952ccfL,
-        0x03b8bfef9788bdc1L,0xb24604c5fd47a69dL,0x00000000000000d6L } },
-    /* 7 << 287 */
-    { { 0x8f58d77c3904520aL,0xeaf3076af6db1f47L,0x249c1fdb6a139301L,
-        0x26211ebaa843505dL,0x4d3b5e4366b80789L,0x9adf20c48887bf76L,
-        0x411b47eb328f97c2L,0x3d00025636d82c8aL,0x0000000000000022L },
-      { 0xf0826b0c86b4639cL,0xcc429385bf2141c6L,0x72d72d948f036210L,
-        0x4aa9b7afc64f7650L,0xdfeb64b0b237cb8bL,0x7f901ff757a7461fL,
-        0x273abe41dd134f03L,0x026d1740005c1f46L,0x0000000000000033L } },
-    /* 8 << 287 */
-    { { 0x35e7af927e198aecL,0x2937b845ad58220eL,0x9c8c65cc625b0972L,
-        0x91991d8a1a9911c8L,0xc9f134d90a4ef588L,0x1cbe5c250e01d57fL,
-        0x4c31016e85251d47L,0xc587777652dc527cL,0x000000000000018eL },
-      { 0xa9232336d429c5f4L,0x60454705bfabb412L,0xf5f84846794cc5c2L,
-        0x1bd49ea0bfc8532dL,0xd4b45b2c3042cd43L,0x49590033374ab02bL,
-        0x78770266ee464c45L,0x0a33044eda262362L,0x0000000000000144L } },
-    /* 9 << 287 */
-    { { 0xcc4bae5e0e57b63fL,0x3d11ca0f42641e4eL,0x3bbfa96aefeece66L,
-        0x4857057f6abcde9cL,0xe796df9dc90f2d13L,0x28e49c241a945e44L,
-        0xb57f90935abaacacL,0x49a910222d46547cL,0x0000000000000058L },
-      { 0x868bc6345a6f0bbfL,0x466dce120f7ccec2L,0x23df20ee964331dfL,
-        0x281867e6b92cecd6L,0xd198e769f76f2ce7L,0x2461e009b02bb0f6L,
-        0x1a2009db2911f73cL,0x112c2f8e0897b7efL,0x00000000000000e8L } },
-    /* 10 << 287 */
-    { { 0xc17c5414720aebb3L,0xeaa1a7b97089e6bfL,0x9ee50ba136de9f22L,
-        0x4beb00685b3bf8ddL,0x330e8c045b3f6992L,0xf477636d6e7a978cL,
-        0x5799678a9543861aL,0xceb7d074810077e6L,0x0000000000000019L },
-      { 0x0d20db6dcafef71cL,0xb1c02cba35fa4e9fL,0xeb6628684630ee0eL,
-        0xda4bbe8c88265202L,0x71b53dc3e1aa127cL,0xf4e2e52f0abcaa62L,
-        0xe4c4cc96f8f6c926L,0xf9cf5ba414aaf997L,0x00000000000001e0L } },
-    /* 11 << 287 */
-    { { 0x34d27e320a34e7b4L,0x7fa34a4218845536L,0x54f38c415010e48fL,
-        0x1d19749a05382614L,0xcd7a8eea88443b45L,0x12534e16ab25cc4eL,
-        0x609939ae83f50958L,0xcd6795401a366d0aL,0x0000000000000027L },
-      { 0x877cd4c17f225eb8L,0xb0125faa2fd2154bL,0x4ee9df665f1aa132L,
-        0xb14bc327752041d4L,0x606da47f0db62194L,0xf4f0a39330e3f6b3L,
-        0x7f0d0e0743435381L,0x4078be8ab43b6346L,0x000000000000013fL } },
-    /* 12 << 287 */
-    { { 0xf946ab5188098f73L,0xe98c6e73ffd8bc23L,0x30d30a3c98758f69L,
-        0x302d5f8fbc8e359cL,0xadaa2ff6fcd2f1fcL,0x694de81c4adec57aL,
-        0x69735a5a97698a60L,0x15bbae8c2d55531dL,0x0000000000000164L },
-      { 0x2398abf08c6b2d9bL,0x258bdc0e9ec5ee96L,0x80aca75ca9bf887eL,
-        0x3e3adc8cd1495ad2L,0x1a30f94862d2f571L,0xebdbf063989dda10L,
-        0x86bddede74d3efaeL,0xa42598aac749c868L,0x00000000000001f4L } },
-    /* 13 << 287 */
-    { { 0xb8f4898284e24afbL,0x5df2eabb25b308adL,0xce0372215016261dL,
-        0xcf815e15125443d4L,0x0e41691c69ba86afL,0xb766cbd5d8f262a8L,
-        0x4ed7451e7fb6ecf2L,0x5df5ae6ef7f4659eL,0x000000000000005eL },
-      { 0x93994f1bcb7e522dL,0xc69bb9db8eb5bd8cL,0xc5a23729da4ece9fL,
-        0x33f2b7fbf2b293e1L,0xef4bcb035cb85fd4L,0x6c325c5ad8976753L,
-        0x5d3acef4ea95ccb4L,0x7ec98c6cc5de15c3L,0x0000000000000053L } },
-    /* 14 << 287 */
-    { { 0x6af0b935c936a7e5L,0xde94d724d4a248abL,0x0491c733594e53b7L,
-        0x238ef5341ccd7088L,0xaf0e791e4f5052c3L,0x70cbea8110c3411dL,
-        0x6b7c8574577d38bcL,0x00e147ae4ea6a924L,0x0000000000000085L },
-      { 0xcab57e2a497b793dL,0x3f642966edf47059L,0xa276326d2eb66b98L,
-        0xeba64255a76e1221L,0x698fd276d23677b9L,0xcbb4637445a0625dL,
-        0x5d92dddc50b672ebL,0xbef8ccd00839333cL,0x0000000000000091L } },
-    /* 15 << 287 */
-    { { 0x262fcdfa594f0099L,0xafc1ab5cbe87ba17L,0xfcb0b4ee7101073dL,
-        0x015c42afebd8503dL,0xee71a1a41b5a7741L,0xd77265524bdea91fL,
-        0x1bfe39a18879ccceL,0xb0ba1bfd516f30feL,0x00000000000001f8L },
-      { 0xcc05e22168028efcL,0x248242e61ad5d85cL,0xfa93caa2de771fc2L,
-        0x76d50a1a7d5ef758L,0x028a0b8d7b147dbcL,0x00f8e82a37b904dfL,
-        0xe105ca38ea612d6aL,0xc985187504292b07L,0x000000000000007fL } },
-    /* 16 << 287 */
-    { { 0x225420c396139042L,0x90a38d5c5bcf13cbL,0xb99a43ae99d999b0L,
-        0x5bbbe4d450a20372L,0xaa92420245a7eda6L,0x49543e058bb2a5b6L,
-        0xbd11556497d32f2dL,0xc57d1af95d680f19L,0x000000000000016fL },
-      { 0x93af05115ff37259L,0x89c88bef9b9cc398L,0x85526ff5a91987b5L,
-        0x8b7bb52adfbf9615L,0x25767d030839c531L,0x6b15aa2e1cd9033eL,
-        0x47490261dfae7d95L,0x4ee02157e7e1e8edL,0x000000000000015dL } },
-    /* 17 << 287 */
-    { { 0x61b3233b6fc2ac46L,0xf300ca4f577be5eeL,0x20751b6858ff827dL,
-        0x84f4dcd94fe2d451L,0xf566f8aebf7191ebL,0x4e0bb7c0ab75d2e1L,
-        0x3d4267d7246dbf2eL,0xce9ecb9b3888199fL,0x000000000000004eL },
-      { 0xd53b33dacd5cb1e5L,0x7c62f3c8dde86c33L,0x133ba1c89594264fL,
-        0x41e6d49f69a3d324L,0x3256265cae79db2cL,0xbf68642bd17a25eaL,
-        0xc3828f62f72d6723L,0x4e859cfbd6e41d3dL,0x0000000000000050L } },
-    /* 18 << 287 */
-    { { 0xfce66781065c3b1cL,0x2f28b538b5195f93L,0x9294fa3ed5f99ba0L,
-        0x32ef709c66c624bdL,0x4c555df34f610d8cL,0x90ee123f438e3d99L,
-        0x92d19b98919841e9L,0x2e228d8aeae83102L,0x00000000000001e9L },
-      { 0xb4566d09009cf7c8L,0x60b0ca8338105c3aL,0x9a4fa08aa8da65beL,
-        0x3208ad03b5fde8eeL,0x8462daa4737b4ec8L,0xbc182470a5c1b058L,
-        0xb1bf27ce7f0b478aL,0xdede341e67045b89L,0x0000000000000156L } },
-    /* 19 << 287 */
-    { { 0x1e44dd062149658bL,0xb1e065c68c59cd31L,0x8c96ff88ad2dd1ffL,
-        0xa18fb42b4f3c3753L,0xdd93c68fc4f74914L,0xf429553b8a075411L,
-        0x12086bb9bee2c2ccL,0xc0662dd733a37788L,0x000000000000002fL },
-      { 0x7830ac9733d6e53fL,0xd680aa17f434e81aL,0x2e2c636cbe139240L,
-        0x72e62040f21e8aa1L,0xcb4ac7a150aba0b2L,0x73f9f305362c3428L,
-        0x8582ca9c2d5d90edL,0x272c8dd4ca5ee047L,0x000000000000005dL } },
-    /* 20 << 287 */
-    { { 0x8cc3adc33883bee0L,0x306b08f63f15b848L,0xbf4896fc2340f68dL,
-        0x19b1de94b541ad34L,0xf343c4602c320a09L,0x1e5fa35ff581b0d7L,
-        0x34d600c7b3db161aL,0x54cd8526e9f8b6d9L,0x000000000000015fL },
-      { 0x4aa6ccd6ceb32adaL,0x2c2c5e7e7497bc17L,0x531ec78678791b13L,
-        0xa7f862c881596a68L,0xeb04236972e7ad06L,0x306db5ce7edad2f1L,
-        0x5e7a162ea1cdbb31L,0x06f0b4f3565f914eL,0x000000000000006aL } },
-    /* 21 << 287 */
-    { { 0x7d799dcfcf519949L,0xf36bf428d2734641L,0x775036b5b77431d3L,
-        0xa5a5c727b6b45979L,0x5aa5863d1c9b3278L,0x9330e8bbbc1f335dL,
-        0xfbf7cb34780d9905L,0x2287f0a50c894491L,0x00000000000000a2L },
-      { 0x1f922f765522c3eaL,0x52a337049e9a1399L,0xf0a0d965ba537263L,
-        0xb18778ccb87027faL,0xf15ece21a7bc1a07L,0x34ff0a5a0ebbdb94L,
-        0xf7875a19a18106b2L,0x6e17627f9432c0c3L,0x0000000000000040L } },
-    /* 22 << 287 */
-    { { 0x5f16528ba968accdL,0xdcfd5dc1261063cfL,0x99c6a790ad45c838L,
-        0x4b83b5dc811ff9d4L,0xc3c067f23c3deab8L,0x447ecca83496c2cdL,
-        0x212e9948ad2663c3L,0x080d13f5354fdc23L,0x0000000000000074L },
-      { 0x4e4a2ffaf202bae2L,0x12ee692f0b704ea5L,0xdf48fe7d66a3e286L,
-        0x13228b5095bdf85fL,0x65ab3ff9422dbe99L,0xfd795432b376e1eeL,
-        0x7dca34ac0de9e917L,0xf907ad9a8614521dL,0x0000000000000159L } },
-    /* 23 << 287 */
-    { { 0x6a62326cf2bef374L,0x0148ab35d0229744L,0xfec14cf2e5c28016L,
-        0x7f7a20b8f2913691L,0xe68c19f0a7a66511L,0x64181257c831bc8bL,
-        0x79373addb8bf5318L,0x3be916c44ab48ca2L,0x0000000000000197L },
-      { 0xab6dc2ae0e694594L,0x3e6d6dee6f24abaaL,0xe8f7befa436d78e7L,
-        0x40917244dce86463L,0x04837770fb488d63L,0x1645ed1b53cb01f8L,
-        0x492f484212320a08L,0xeea413edf21580d9L,0x0000000000000033L } },
-    /* 24 << 287 */
-    { { 0x1bcb1d73c96d566cL,0x0b51a27a1b6f4d02L,0x773be48b463d8fc1L,
-        0x267e606a6f19334fL,0x67a49a30db4a4bb1L,0xe33033bb6f476620L,
-        0xa2e4076b92025915L,0xb1845ee448f182afL,0x0000000000000070L },
-      { 0xdaf44e82d2f77d9cL,0x753f7f717caff6b8L,0x7fda258ac5d9943fL,
-        0x2f47f8379b012134L,0x9cbbdae94d2a9bebL,0xdb39f169221f799cL,
-        0xee68daf32048a54bL,0x36939e9d7f5aef38L,0x00000000000000f3L } },
-    /* 25 << 287 */
-    { { 0x21d565da891c0901L,0xe7258e5a02e8d871L,0xf7683e6e8d22ac60L,
-        0x40188b73d38b13aeL,0x09f41af92bf12facL,0x3a928b645a7b3178L,
-        0xb7eb9139de59434eL,0x12c96b6ff71e130dL,0x0000000000000003L },
-      { 0x0e18e0904423f103L,0x5e5184ba34e17c6bL,0x8fcf43a26fb05bb9L,
-        0xe5990252181ce682L,0x7deda4923df077f4L,0x37d276b504c18d50L,
-        0xb95438914c706ccdL,0x94d023c4ddbcb26eL,0x000000000000010cL } },
-    /* 26 << 287 */
-    { { 0xabf61a9ea3b3f8c3L,0x90237370b62fc9daL,0xc1d3de232c5128dbL,
-        0xf67097fb65ae3521L,0x0016debd78d68d97L,0x23ea15ddeeb9df30L,
-        0x4a09e240431259f6L,0xeb81173106ffdc4bL,0x000000000000001cL },
-      { 0x3c709776a20611b6L,0xd695948645d62433L,0x86c9232cc8344819L,
-        0x636675f6a260c3b3L,0xb927e00a2b6adb42L,0x9644f9e9f1c8c3f9L,
-        0xa0842190e01260eeL,0x6ea161f8e2a15fa9L,0x0000000000000127L } },
-    /* 27 << 287 */
-    { { 0xf245e320841600e3L,0xc597f039837d15e7L,0xa427b0c93669ff83L,
-        0x1b1fa11c054ce42aL,0xf985c1ab66e1c039L,0x7ee24b84af17c731L,
-        0x90d42d66f467a998L,0x670192d6222a6bd6L,0x00000000000000e4L },
-      { 0x252106f6b89fb34fL,0x8fcde56c7af89916L,0x9a6897639a7b371dL,
-        0xd92b0bdc14b4d750L,0x295cd60df7fe2ea5L,0x4f16e7fa93025bb9L,
-        0xb50d8e98acc07895L,0x0b2c2aab85295081L,0x000000000000001fL } },
-    /* 28 << 287 */
-    { { 0x84450f4a2d3a1514L,0x1ca1912da211fa6dL,0x18a4e99f487df3dcL,
-        0xae9dd13e6535495fL,0x0ec3771fba83ee44L,0x3ef3b94359ed9f53L,
-        0x0bae7d1fa163406cL,0x387121a0b815b7afL,0x000000000000001cL },
-      { 0x2dec1270f94fd988L,0x21680d0e3d3b53e6L,0xcc653cca28c69753L,
-        0xc03803d715d406f8L,0xae4e927ee939bf4fL,0x01dbf41d381933f7L,
-        0x602169e07ef8dbc9L,0xe782930581026dd0L,0x00000000000000aeL } },
-    /* 29 << 287 */
-    { { 0x793030dcfec9973dL,0x5e9bc45d259f2cefL,0xf691294dfb8710e9L,
-        0x371e0880556e5077L,0xe396fa2c3875f837L,0xc8062d5a607aa969L,
-        0xd17b9ac343675d61L,0xbe71883cde013cf2L,0x00000000000001eeL },
-      { 0x4495699ba7344978L,0xf546f5591c109544L,0xda2f84f37dd1fa4dL,
-        0xce4166a343595270L,0x1341e861a7df4f65L,0xf6ee6a0739292f29L,
-        0xe61f4613e5f02532L,0x3b36f58881f967c6L,0x00000000000001f9L } },
-    /* 30 << 287 */
-    { { 0xccfc7051875e2133L,0xfc3c0b55821f76a0L,0x544e229fcd8ef672L,
-        0x3666479347494f15L,0x22c05e5f109b2ce0L,0xc294314c492bcbb1L,
-        0x15beecde16558d91L,0x4518316761ae3008L,0x00000000000000a6L },
-      { 0x80bc2b2c26c28852L,0x941f0224510b0086L,0x0fcb9de4abffeb4cL,
-        0x0b1e80a966f723b4L,0x186fcc2be5cd0627L,0x8b1df932ca71dcf8L,
-        0x789cb0a1eb01452cL,0xb2e81e3681ffe1eaL,0x000000000000009dL } },
-    /* 31 << 287 */
-    { { 0x1d0a215efdb151faL,0x3e242b9cb0e023c9L,0x7b69678cc83b6d8bL,
-        0x2e8beb24f99e1e2cL,0x93149d54e690affeL,0x2b4e1f769b805cc9L,
-        0x68ca06fa9599daa1L,0xeab0311f5ca75c0fL,0x0000000000000170L },
-      { 0xa1012deb5102ca3aL,0x72335ccf4312d2e2L,0x1012b2bf4ab55d59L,
-        0xd09a5f033368547eL,0xd9b1570985acd78fL,0x6d3b9f42f7e576dcL,
-        0xc1de787eea6f8f55L,0xac3238aafb4c948fL,0x00000000000000fcL } },
-    /* 32 << 287 */
-    { { 0x5ec6427b05487074L,0x0b59fa1f80c426adL,0x0207d510c9946594L,
-        0xba1fe985d38f83d0L,0x113aec98c96eb133L,0x3424ad0182515193L,
-        0x3eb15aeffb6f9b10L,0xccb719e8f15d8be1L,0x000000000000013cL },
-      { 0x63f898834c67518dL,0xb5ca3508f85eb1d9L,0x1ea1c74faf652b25L,
-        0x4fbc5476bddedc4dL,0x22daa81af4b33c74L,0x9f7941a03f36ae29L,
-        0x90c2b8cebca5ca40L,0x53e736a1b587b3d6L,0x00000000000001b3L } },
-    /* 33 << 287 */
-    { { 0xb2c4b8f8fdcda3baL,0x5913f72464002d11L,0x978aed4cec7c81e6L,
-        0xfb9e4c7819795e08L,0xa63ad972e046e1ddL,0x4c913ef2ca493c76L,
-        0xa7b7de5c67d5a177L,0x34ea3faed5d548edL,0x0000000000000076L },
-      { 0x263ab24db8e17278L,0xf9db154a9ade657bL,0x66eac09c731d358cL,
-        0x40f840edb8d08934L,0x409adfa60c35b4adL,0x96e6e42913ed3e4dL,
-        0x4f8bc420d468368cL,0xbe6e5b6a5f85e95bL,0x00000000000001a3L } },
-    /* 34 << 287 */
-    { { 0x739e7cd7ebab693dL,0xcd08edef192f5597L,0x34ce91e9b4ab362eL,
-        0xbf0869027d8e9063L,0x9f85b3292893d739L,0x7b7713eb12c08939L,
-        0x81aef3b177d34b27L,0xfa873780f155d573L,0x00000000000001f5L },
-      { 0x1ec60390a76da4e5L,0x14047fa7fc79130aL,0xc4e484be8c4dd66cL,
-        0x347d3c918b008f74L,0x7a9fc84aca0ddaedL,0xde23768b59c02ff5L,
-        0x353ba3ed8983d294L,0x70bfbadad7535907L,0x000000000000016bL } },
-    /* 35 << 287 */
-    { { 0x7dd4835098829cd0L,0x6839f375c56e3a5eL,0x860921cb36c4f91eL,
-        0x0ca5e0b8159903ddL,0xb123ae8b23724973L,0xaa807279fb25d155L,
-        0x2b58fcf5f2d0840eL,0x33c635c7409f55e2L,0x00000000000000efL },
-      { 0xbdba4c387aa5323bL,0x8b3acb9b864fe257L,0xd440031e6ae45ddbL,
-        0x37b9bb525d86d712L,0xcc88786333cdcabdL,0x1f6533527c1daefdL,
-        0xc7bcc11e8a84fdccL,0x676e3d84b34be64aL,0x0000000000000004L } },
-    /* 36 << 287 */
-    { { 0x0b7c799943b4fc88L,0x47ea96a46a55dc86L,0x67fe6b4ba0bec552L,
-        0x8164398732aef8ebL,0xcbe3ebf7b23195ffL,0x23a03ed1b70013ccL,
-        0x3bfe99e80f6a4762L,0xdee758be7483a709L,0x0000000000000190L },
-      { 0x05a52134be5007a9L,0x869f393c68e4cf51L,0xc7b56267c28c1a88L,
-        0x2bd98f7e0dc40b0cL,0xfa631a8321f9d503L,0xde940d201fa14801L,
-        0x26fdb625c3e152acL,0x7f72d33650d8d6edL,0x0000000000000093L } },
-    /* 37 << 287 */
-    { { 0x7298111644c81fefL,0xff5c80aa32f7a76bL,0x82f5d039182a39d7L,
-        0x2f32365a7960f5f3L,0x0488e8918cb0e827L,0xd8549d180721822bL,
-        0x5c80c8d57d9cf4dfL,0xc607bd030ead496bL,0x0000000000000016L },
-      { 0xc7ff1e33ab77acf5L,0x1a514f0a044e2661L,0x12911922b906ce12L,
-        0x847951f023f86570L,0x83242de153bd17b8L,0xd04a3e96190ad7e7L,
-        0x3445dc26604be4d6L,0x616a61a208bac680L,0x00000000000000d9L } },
-    /* 38 << 287 */
-    { { 0xdc35d8c52cfeea6bL,0x45a9d97d99c6b24bL,0x727b2ff281261d8bL,
-        0x87bfa12e9a446a97L,0x44b5cb46d045b1efL,0x4aae3f8a70c29285L,
-        0xb911c6a8e7a014a0L,0x0692e0e36e1c9679L,0x0000000000000117L },
-      { 0xa3759e511300d87eL,0x461e8bd13ce09839L,0x55a8b8194932e9acL,
-        0x0623e3207eeff04fL,0x6f21721881e0ff93L,0x0b726fc0f9ccdbceL,
-        0xb94f97d15fb03e1eL,0x9339f75bbbd8417fL,0x000000000000009bL } },
-    /* 39 << 287 */
-    { { 0x4b7fd5cd70221112L,0xe95de56b71ae6670L,0x2cb7d98df08bbdedL,
-        0xabcbcd2fe57331a7L,0x69c3b30710dc3694L,0x5587e28e8e64f72dL,
-        0x29d7a61b02846a2eL,0xfd4abcfac88e66c0L,0x00000000000001f5L },
-      { 0x80ba4555d4f9d318L,0x7038827722c31c44L,0xeef78af085d0468aL,
-        0x846341582221ca01L,0xc8ec963f726e877cL,0x3aba70060d2be74bL,
-        0x71274ecbb2a71a81L,0x4a7c7680a6648fddL,0x0000000000000016L } },
-    /* 40 << 287 */
-    { { 0xa5d6c61faae6fe14L,0xff4fd50037b0da63L,0x087ca2202386bb0bL,
-        0x80a0d03deb70f71aL,0x1b5ed1d861b7b396L,0xc49483c906218384L,
-        0x3a3b534cb715959dL,0x4109d89408511c23L,0x000000000000018eL },
-      { 0x0524d716504b62e2L,0x514f91699a0104bbL,0xc41c74c8e9c613c3L,
-        0xce7a9561b4df2024L,0x17116cae95be7a5aL,0x372d47642172e2c5L,
-        0x9aadf8d65aae7d3aL,0x77bd6304d35903dbL,0x00000000000001baL } },
-    /* 41 << 287 */
-    { { 0xdc15770ef840ae67L,0xa3aefed136f17978L,0x38cf706b58806eafL,
-        0x7b5317312b8ca8e1L,0x45c9f9de1eb7b6cdL,0x8410e75a44a70febL,
-        0xd362903a942c4e05L,0x43e5ec0b482b04fdL,0x00000000000001a0L },
-      { 0x176aecfcf569465bL,0x8c6de88ca5f800a2L,0xb4efde01873fdbb3L,
-        0x1d4f10aa523beda9L,0x7299f81d77f8dd80L,0xae24679ffafe5f4aL,
-        0xff5eedaf142ab79fL,0x4f0aa1d58274cfaaL,0x00000000000001b3L } },
-    /* 42 << 287 */
-    { { 0xd9e66f808bbcda48L,0x6bf81e10ab2f71ffL,0xc0410a0051ca5f9cL,
-        0xd4c92b1195d2aff7L,0x83f38269af7927b1L,0xab3223cedeb329c8L,
-        0x1efd631048360a2cL,0x8aa5d85e4ed0a930L,0x000000000000018fL },
-      { 0x595e653509c61585L,0x00203ea9f8489891L,0x4a048a9784a2d1acL,
-        0xc3ccb4d21c6df789L,0xe7d740b3ab880e8cL,0x6345e96775fd1a87L,
-        0xf5636d795359993fL,0x100b98e94907e135L,0x00000000000001d9L } },
-    /* 43 << 287 */
-    { { 0x8f91e1fd96799962L,0x55b13fe2a1ccf057L,0xded45a5794d8177bL,
-        0xb9dceec579709266L,0xe3be73222eb10923L,0x8b06ffc8fc82aeefL,
-        0x46d6485a742741aeL,0xe1e0f1bc0e82d8e4L,0x000000000000013eL },
-      { 0xced2707e39ee8a27L,0x5c2664879dd5a0ceL,0x1d4115d44e369f35L,
-        0x92c350e24ba9cf2dL,0x6533ce6ab1d46440L,0x633115437de4fb1eL,
-        0xdc75f32cc0b8f159L,0xc04579e13b5b946fL,0x00000000000000f5L } },
-    /* 44 << 287 */
-    { { 0x980752e1b618c3fbL,0x1c15864b25161e86L,0x490bec9c83024300L,
-        0x20d33fca89ce7925L,0x34c7ab08582837dfL,0x207a275e0bfd6076L,
-        0xf09157704f9e58d0L,0xa8525b2f1b53bc52L,0x00000000000001c4L },
-      { 0x1a6f37d694130fe7L,0xbc72fdaaa18d2529L,0x6e51aec7bb557067L,
-        0x44860fc5147b7b40L,0x64f81f1cd254589cL,0xb4ba31930406123eL,
-        0x9dd412efe8b8be32L,0x8dbcb40b15702711L,0x000000000000013fL } },
-    /* 45 << 287 */
-    { { 0x9eca299b06a27b5eL,0x79f6fdc3bc3f5221L,0xc5b3305b7346f300L,
-        0x570a19511022cff2L,0x58740fccc5207454L,0x5215d8164004ea39L,
-        0x522224c739c8ddd9L,0x174c95e1039a27c5L,0x0000000000000001L },
-      { 0x4f69c604296bcce0L,0x51755ce45119beb1L,0x3d12e7d8a35cc907L,
-        0x360935b0ab351798L,0x75eba43bc11b521aL,0xaf991a2cd31467daL,
-        0xfaaf67ac17e63972L,0x44abfc569f13868dL,0x000000000000003dL } },
-    /* 46 << 287 */
-    { { 0xec7238d7c2d59d30L,0xaa4ef2e4aaa203fcL,0x566f58f4dcf9fc1eL,
-        0xc8474f1a0869c0e1L,0x2d77f6726ad3ccd6L,0x9325fbc3dbfe2d82L,
-        0x2860c924182a952fL,0x07b221d085b5769aL,0x000000000000000dL },
-      { 0x259039edbb854ca5L,0x70342bbcfc89ff2fL,0xc9a179010e634818L,
-        0x6a06796dc81f0292L,0x3f625bdd35063f58L,0x5d78a549f498f7f7L,
-        0x5fb6be9d911b1e7aL,0x9a3fb5bc3ba9e1daL,0x000000000000001aL } },
-    /* 47 << 287 */
-    { { 0x5731b8f3d98e6e5dL,0x6778b260d5a03ad1L,0xf279515b649b1ebcL,
-        0x48610ff53312d0c8L,0xd389681f46354ff0L,0x80e063c9ef3c2717L,
-        0x10ce407a83f0dd58L,0xbee78d46158e8ac2L,0x00000000000001b0L },
-      { 0xb5676bdb1a5531b2L,0x3ce62d7f2fb26867L,0x76e1b2152b0af296L,
-        0x76875d567a42d01bL,0xb59fbfcb56991384L,0x7faea2f32de3a3a4L,
-        0x06298c2772f7718aL,0x79264b65651d7515L,0x00000000000000acL } },
-    /* 48 << 287 */
-    { { 0x4de60e1e16d44fc0L,0x86143bbbd5546f49L,0x41fa8fd595ad6b38L,
-        0xf2f21b350251812cL,0x2f5ade77eb2a57e4L,0xced255c0ac290bf7L,
-        0xd1e7969058b23e1fL,0xba7a7514f406ffc4L,0x00000000000001fdL },
-      { 0xe2a9e7bc7b8ce9b6L,0xcc6107e8803955b7L,0x8a59ec8c432fa865L,
-        0x6886d08c481bbb72L,0x0de2fe38db7fcc20L,0x654419299976d353L,
-        0x0527047ec4efae8cL,0xfeec201ee21b2e66L,0x0000000000000086L } },
-    /* 49 << 287 */
-    { { 0x3f121bc676bffba9L,0xed8f7b175c3251faL,0x4755cd3f2c99c00eL,
-        0xe79768df8e766134L,0x58662ef2b2a09ffaL,0x6f8d645a6a29c866L,
-        0x5973d32426f990c9L,0xae9beecf5ae23357L,0x00000000000001baL },
-      { 0x64c20c91b3f0d194L,0x36b4d96ce153d1b9L,0xf294b342c9707d50L,
-        0xb269c9b80599d63fL,0x2aa166e48a672b71L,0xdd8cf8ad8c69d106L,
-        0xe446c91269bb8492L,0x3a5068e1e0afc64aL,0x000000000000006bL } },
-    /* 50 << 287 */
-    { { 0x7748105e4dfefb66L,0x952fc9823de55ef3L,0xc945662fec01a7dbL,
-        0x57dfc326136c9246L,0x5864f8aab3c0dd2aL,0xdd11387181126d21L,
-        0x096e017bc2f6ee68L,0x2bd384b529f22a80L,0x0000000000000171L },
-      { 0x7acc273262443e2eL,0x21f545cefa227e81L,0xbc0f387d716b1121L,
-        0x8756ea78a8d3df9cL,0x91294298cf6c071bL,0xa109d544d37e7a16L,
-        0x2c27c61c4a979e5dL,0xad4662bf6bb98eebL,0x00000000000000c7L } },
-    /* 51 << 287 */
-    { { 0x8f24735f7ef57d61L,0xfe764b217a74fb7cL,0x6b90cddaa7913c97L,
-        0x89001bfd3d0fed42L,0x874d170a776c73c0L,0x7a7095c6e6fd64e8L,
-        0x5f787a9dc5b6b31aL,0x550f1c531ff8424aL,0x0000000000000048L },
-      { 0x384c067743b13b54L,0x65d8884e2e5b67d4L,0x7106b3682b2b005eL,
-        0xc22c663d2cb1f1a1L,0xc3bb1b8294e03ce8L,0x04a562df2d97ddaeL,
-        0x7886ec4ba917202bL,0xa8eb4ac88bb2ae23L,0x00000000000000efL } },
-    /* 52 << 287 */
-    { { 0xf9a8bc79c269cd29L,0xbe6982a835a97cb7L,0xa7740e027200f43eL,
-        0x72be0da1165175c6L,0xf7c5f902e8aea997L,0x079dd00fe6d7de98L,
-        0x82940a7e0e5cd7c2L,0x615687af6e74f7ebL,0x00000000000001dcL },
-      { 0x84a93d46969bec3aL,0x673f8a1a81283fd1L,0x59ae6b7d1a24c4c1L,
-        0x1506e799db5385d2L,0x43f89c2dfaf7c9e5L,0xcd4a58e507df349dL,
-        0x87d1239226eff985L,0x9c7b514286548735L,0x000000000000000bL } },
-    /* 53 << 287 */
-    { { 0x8bbe703a952e81fdL,0xdf43b74182f9b684L,0x9c6ac3560ffbeeaaL,
-        0x78aacf6dc17fcb23L,0x2698f3bec9ee6c25L,0x707d8033a6fd9701L,
-        0xe844b5ae82b097acL,0x02cbc3fa57be01a4L,0x00000000000001bdL },
-      { 0x14ebe4367cedc9bbL,0x1d64fe901c921970L,0xe55c69b4daa0458aL,
-        0x0f68f561da8951b9L,0x606ce9ddeb7f4390L,0x8b249877c8204883L,
-        0xdae70a0a533eea70L,0x8367156bebbfc8d6L,0x0000000000000050L } },
-    /* 54 << 287 */
-    { { 0x4f085c6b70d71433L,0x500e36aeffe3039bL,0xbbb595eeecdbb49bL,
-        0x49b4a39e84d8418bL,0x657af86547150026L,0xa1b6888f3495dd49L,
-        0x3db61acb5f0cddd8L,0x86208eb95b9b0493L,0x000000000000017eL },
-      { 0x378f7c79a3a8e19bL,0xfe9d20c80225c551L,0x7192347f8a7d2706L,
-        0xaf66bd88bd5a1a12L,0x184528325eb963bdL,0x0eddc645fe3cfb9dL,
-        0xc50b1fa21f6d4faaL,0x582fc52f738cdaacL,0x000000000000015bL } },
-    /* 55 << 287 */
-    { { 0xcd8bb30ccff1f7f5L,0x2e476a3d52375afdL,0x84b205ede21acdfbL,
-        0x0c07485624b6524dL,0x081539bb079c9199L,0x0ff9151612dbacdbL,
-        0x0e2a291d778ea0efL,0x2c6bb624b6ae1b88L,0x0000000000000115L },
-      { 0x559603e05013ff58L,0x91ab545e04d6892cL,0xe58c8f9c9aabb577L,
-        0x460c88fc3f50fb7fL,0x1d36f37d2c29abefL,0xc32f5683e698ffa8L,
-        0x4311a22b14f77974L,0x061f7526c6512ae6L,0x00000000000000c9L } },
-    /* 56 << 287 */
-    { { 0xd0fc63b0ea5c4656L,0x87e24742b04936cbL,0x242865fef6223111L,
-        0x0a1c9f7c88c3fdb2L,0xa1ce393deb785b41L,0xb57b01e50f014ec6L,
-        0x84cd63f91eae978dL,0x28a02cf7615a8787L,0x00000000000001c6L },
-      { 0x000d32fb64317827L,0xeec5181bd8ebcb3aL,0x4f559972be5be8f9L,
-        0xaaae45d1ff34fa5fL,0x34330820ec25372cL,0x3d3d88af5f583d42L,
-        0x16e14e2dac9463faL,0xbfe401edd02c6401L,0x00000000000000fdL } },
-    /* 57 << 287 */
-    { { 0x303f7c2191026338L,0x1044db852d912c48L,0xfc2085c2470306fdL,
-        0xf1ae74d7d6261c9eL,0x9383596cca88358bL,0x40e3fc61130fed49L,
-        0x5b31503e7fb7caddL,0x74ae8b314ede0bbcL,0x000000000000019fL },
-      { 0x762dd492f4cfe3f8L,0x73ff4852c626dc61L,0xd71c7548dde18f9cL,
-        0xb0f6e288549faaaaL,0x1e4864e9596d3c8dL,0x9d6ef29060783b2dL,
-        0x4d4887031ec18d75L,0x18bb5d8f44f1de93L,0x000000000000005cL } },
-    /* 58 << 287 */
-    { { 0xd773ed1b16219cdbL,0xa9bc2d4bfd8c1c68L,0xb43ef1e5878e384fL,
-        0x1b070439a150dd75L,0x8d5c9984e8a4281fL,0x7b4371effe5192aeL,
-        0x4ca528f0fceb6294L,0x3657f78ac01f35a7L,0x000000000000008fL },
-      { 0x00b1077093170e8aL,0xab16fb4e1d2e8bcaL,0x9f313a1a4f2f8602L,
-        0x88521cae6b9b2573L,0x6f6bf5ddee331076L,0xcf05b7228e09934cL,
-        0xf8b445c395762a35L,0x2e1579120c892f04L,0x00000000000001a1L } },
-    /* 59 << 287 */
-    { { 0x3766a4d7858bc9caL,0x295bb5db99714cdaL,0xac54938ab5298fadL,
-        0x2ba0547a429ecfa1L,0xc49c9daef173653aL,0x1de672b7e9d21243L,
-        0x24960d342b2352bdL,0x46067324b31663a5L,0x00000000000001cdL },
-      { 0x13eae0f3789923d1L,0xb1849a53eac934d6L,0x354d92ffec456259L,
-        0x88a4b03fe558f44aL,0x8e9d23e101d5bb7aL,0xf5734a3494fdf6baL,
-        0x79e3d56e16e73899L,0x1ed057ee0e63d42eL,0x0000000000000099L } },
-    /* 60 << 287 */
-    { { 0x287d78f48c86cf27L,0x957ebaca51081682L,0xc5e2c0757ae4db49L,
-        0x4fd137c952000f40L,0x614a4ab213285161L,0x71a6928ddae9e341L,
-        0x9758874ba666dafdL,0x4bc8b6693697e3c7L,0x0000000000000161L },
-      { 0x5c31b76a89aac81cL,0x365bcf13bf1fcb91L,0xc64df528441b324dL,
-        0x8b57f07fbe9a9cffL,0x7ae23c2186fb45d6L,0xc3bf3c3b136ebdd0L,
-        0x6b5dc92e6dbd0b61L,0x330886f1d519ef41L,0x0000000000000019L } },
-    /* 61 << 287 */
-    { { 0x6d2e03fe6d8655c7L,0x0487d0369a5d4136L,0x86b1ba539c89b36cL,
-        0x168a8617c25c8477L,0x818ec8e4ce0b81d6L,0x5f7e1f5aa79096adL,
-        0x3ed99ae7396d84d2L,0x2798c459eef4e012L,0x00000000000001d7L },
-      { 0xe6564f4f531b9dc3L,0xb6627fe65b38bbe7L,0xd9ad26a6bea83504L,
-        0x1b9d887b0e3d69e1L,0xb67ab97090f81c05L,0x16c1fc9ffcdbb086L,
-        0xd7732e23d19f14b4L,0x047368461ec62389L,0x0000000000000100L } },
-    /* 62 << 287 */
-    { { 0x1dbc0bb16ddfa714L,0xda0302b7eec67fc7L,0x6daa1cba5a9dd848L,
-        0x640d3b5ed9e894e2L,0x461653b3f87be8b5L,0x5a9dcbfef36a148eL,
-        0x2e4784fca907eee0L,0x234c8b37b34d04b2L,0x00000000000001c4L },
-      { 0x2e70d5abec9c6abaL,0x6e9c28cbf32925b5L,0x77fd60422d0e1d25L,
-        0x216e3254980aa40bL,0x75e1075516878b0cL,0xcc80010706a2ba55L,
-        0x5f1f53368bfe962aL,0xc043f7eae6e46f09L,0x00000000000001e1L } },
-    /* 63 << 287 */
-    { { 0x2cbaa9d79a7d2353L,0xc8ddfcbfe0405dddL,0xd8b33d0c694fd5abL,
-        0xe1c2a3f3c2c6dfbaL,0xb26f832191fe9c8bL,0xd30b644aa794437fL,
-        0x2a94f86d74a29d06L,0xc249a27839b16ed8L,0x00000000000000b4L },
-      { 0xa2e31c29ea3096fdL,0x622d7af518e9785bL,0xf9a9c952c1cf5446L,
-        0xe5c66c9d44c9a592L,0x128613e545227c47L,0xc57169f2f5ed7a49L,
-        0xf5fe83dd15211638L,0x7cfbfa9beeaff7d0L,0x0000000000000140L } },
-    /* 64 << 287 */
-    { { 0x8645efeb9545bb61L,0xf696af86207181bbL,0x94d3014ca2b2d411L,
-        0xb8f1515665c54db3L,0x6574f1cb011dd592L,0x7d9c69ebf3247ab4L,
-        0x1708b24d5a391a77L,0xaaa19d08312e131fL,0x0000000000000167L },
-      { 0x1d3f4510ebaea62dL,0x2186c9c26c118b52L,0x81c0b0afcaaadd5fL,
-        0xa0256b3c665bb598L,0xec461656eced1f38L,0x77bfe65265aa7914L,
-        0xd2600229333f7aaeL,0xd916fbbde1f081ddL,0x0000000000000010L } },
-    /* 0 << 294 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 294 */
-    { { 0xb64361a93f7cae04L,0x23cfcf76af64efbcL,0xb4539c3cd4965ae5L,
-        0xf16e3e884df1182dL,0x2bf7eed4dd75fed1L,0x831a5956a215b733L,
-        0xc23e3f1a9732d4ddL,0x3644961904677879L,0x0000000000000068L },
-      { 0x14675e68e07af31cL,0x82c3d1baabcd16d6L,0xab1b388e6fe13962L,
-        0x3490b5218016a6aeL,0x13b584a11ce7f93bL,0x44265da4a5cbeb76L,
-        0x17e4726763df9697L,0x10144c87cf2b278bL,0x0000000000000013L } },
-    /* 2 << 294 */
-    { { 0x4e75aeb08523aab6L,0xd32a993258144cddL,0xe7a2ea2d3c055e41L,
-        0xc25dc24e31c1949aL,0x719e3bdaa124dbc2L,0x331bf1820c1b238cL,
-        0x6fb91096fb86656bL,0x6a12ae8db484c49dL,0x00000000000001e0L },
-      { 0x4e4b8553e97e59afL,0x6a2b1f0d8e98d66eL,0x9001ace6d49bc96bL,
-        0x70b21c8a3e8d2774L,0xba4c7da4473972a2L,0xf159ea8b7b898adeL,
-        0x7a0e87a0cceda981L,0xb886ab7d2f280717L,0x000000000000003aL } },
-    /* 3 << 294 */
-    { { 0xdda29d3be583a2c5L,0xbc0632201b0c039aL,0x31c58c6f602b6077L,
-        0xc8ddbb1bbb639a64L,0xdea19aefea3cf3d1L,0xbca9f001e9a2053aL,
-        0xf0ec77121930345dL,0x4f2cddd43b9b8eccL,0x000000000000015dL },
-      { 0xeb7851a8abf98eaaL,0x12d75a839dc39602L,0x252365a4ebb5f975L,
-        0x1b9301bcb8efb6a9L,0x0b489a405e8ddd2aL,0xd3629e5fce3b1dacL,
-        0x2064a36707a223ffL,0xdc7e94d10080ee45L,0x000000000000014aL } },
-    /* 4 << 294 */
-    { { 0xe0828a5b448996e2L,0xdd3f4d9b516e440dL,0x223b4f87ab10e109L,
-        0x766bde384ce7241cL,0x0b1cc320dcaf88a7L,0xb0470e7dd75440d5L,
-        0xe3894e41ba76b7e8L,0xa0341305a762bb9eL,0x000000000000013fL },
-      { 0x4f5581d30eadf722L,0x6e4e31e050d8999bL,0xc14bb14802f03368L,
-        0x41f1964326a263b5L,0xc0642e4c3b5f480eL,0x0a3280df63191881L,
-        0x4ee1959a78fa9069L,0x7376078a557a8dc0L,0x0000000000000181L } },
-    /* 5 << 294 */
-    { { 0xbe2d598bff25ee79L,0x2a7c3b68c82ea4ecL,0x2914f1c160cc7b7bL,
-        0xd9676e92e29a111dL,0xa5c2d63ba8ee3c8cL,0xa5c3ce60331676c4L,
-        0x865ae6a4e189bc61L,0x73e0bc606cc0c210L,0x000000000000004fL },
-      { 0xb36fdaebc2480585L,0x9e32b2fb0aa27761L,0xc1bc360f749efcb7L,
-        0x7bb61cd4a1c021cbL,0x78d559a81295d34cL,0xdb3da27d9ed2b89aL,
-        0x2cd8e29bdd5ef272L,0xc8ef3c63de181b01L,0x0000000000000092L } },
-    /* 6 << 294 */
-    { { 0x1d99435dc6064b04L,0x7fa5fd072b95a7ceL,0x40ef3a291dacc40aL,
-        0x95af1d5af4c68a6aL,0x67a2b605532c2d93L,0xfcb49b4b78620565L,
-        0xf814de99833ae939L,0x5770eba80f620cb3L,0x0000000000000190L },
-      { 0xbf93ee90ff475874L,0x334debc1a2a5b169L,0xc67fbf1e68aa4bedL,
-        0xfb1410ed74d07240L,0xb0a00657a9eb3f94L,0x59c6aa0a0f1be110L,
-        0x5d615203b40b739fL,0x8724fc0b4ad94ffaL,0x000000000000006eL } },
-    /* 7 << 294 */
-    { { 0x30c955f422b25fbeL,0x0469be6e38702ec5L,0x24dc7ed77b4c3dddL,
-        0xbcd2c1e51999ec26L,0x63d42519eb5918a4L,0x5b92b4a9b9272f31L,
-        0xd02102ce79dedbcbL,0x09bae7da4777b662L,0x000000000000017fL },
-      { 0x96d4a0c4897b1f72L,0xd481098d85bb152eL,0x226203a263df30bbL,
-        0xca5e74089bb6051aL,0xc89f1c4be0dead4eL,0xf9d8f9b5503a124bL,
-        0x9e73ea84a08dd221L,0x5a898d3d7b5a3e30L,0x0000000000000173L } },
-    /* 8 << 294 */
-    { { 0x5c6dcfe8fcb68ca5L,0x499866e3902e03cdL,0x28638635cff1adc7L,
-        0xd224bf5d6538cf65L,0x59fac5c2d7c55f70L,0xc710492699cda00aL,
-        0x043001c39ae92020L,0xbaf959dbc325cc56L,0x00000000000000c5L },
-      { 0x76aec243e69664a7L,0x0885dbb386d69554L,0xe4a288833647325cL,
-        0xdb1adc9a6e8e47a4L,0x3e2230dab14e1019L,0x49a16a19ac7da236L,
-        0x12eac3e98df54dafL,0x78d48ea77964ab39L,0x000000000000008eL } },
-    /* 9 << 294 */
-    { { 0x6033de1bbaf7f635L,0xc253533472bc0c5aL,0x8192188210a5ae12L,
-        0xa15accef6c3b8435L,0x6d0c30b8371eff0cL,0x877daecc0e7e663fL,
-        0xae63f47ab0fdba65L,0x9b91f14bbb19f291L,0x00000000000000fbL },
-      { 0xf98cbf19c9ed84d4L,0x26265242c73f3fb1L,0x62fba52fa237aff5L,
-        0x561e0ed381f85bc9L,0x18825d251d817972L,0x53de722c9ed3f84bL,
-        0x8a2817fa3854812bL,0xd03138cf3055d672L,0x00000000000000c6L } },
-    /* 10 << 294 */
-    { { 0xca64371d1b6ba219L,0xaee6dd0f5d49fd5dL,0x3bbf0a2ce222ca70L,
-        0xcdf5981fdfd4aa18L,0xd59333e9703352b0L,0x63c14fbce8c9d667L,
-        0x59c6249ee1c82654L,0xf74f29f7a2f2b42aL,0x00000000000000cfL },
-      { 0x78a98f744fb7397fL,0x3b72aacb7d62ee2aL,0x5a2b827142b78618L,
-        0xe73a88377efdba25L,0xe029ba19bb860133L,0x47b0f0fd48745802L,
-        0xb416fb7d8b425a5aL,0x1716aca7838eaabdL,0x000000000000006eL } },
-    /* 11 << 294 */
-    { { 0x7b5e9555e7377511L,0x764963ddf57ac8a7L,0xc9d4d1202bc0c55cL,
-        0xc89debb21325db7aL,0x768b37c0a42ad0a5L,0x6c47d86ab2c32964L,
-        0x592ce7ff10712241L,0x5fc45fc1874d5848L,0x00000000000001c2L },
-      { 0xfaa50c97de74b8a0L,0x3552df05a90e0a0eL,0xd9fbb1a5d216a436L,
-        0x08a1940cd78657f8L,0x2d91c2d64f5a0ba1L,0x0c1b9d61812b8946L,
-        0xe048c827ea96bec8L,0x71315883fa6e2770L,0x000000000000016cL } },
-    /* 12 << 294 */
-    { { 0xcb52bfa5386c4e0cL,0x9ad631ce173c0506L,0x7779fd8d1f481a10L,
-        0x0ce5155cadbf3b01L,0x946c3d6c4a66e714L,0x82363b8efc39257aL,
-        0x5bff5f529f7ddfa7L,0xf6019194c959f74aL,0x0000000000000195L },
-      { 0x97e049ccd1a7e5e3L,0x20b70812ba5aba47L,0xaa1ae913eed6d2feL,
-        0x3a742bce668bb4b6L,0x4527c1a564d51f79L,0x70e8a3c89295bfadL,
-        0xa30663031cc82fc0L,0x2c7c0291fd3f6160L,0x000000000000006bL } },
-    /* 13 << 294 */
-    { { 0xe645810f34132c1aL,0x77c28cc35de4c75fL,0xbb2f5483a0de31e3L,
-        0xd0fb9a7bdb26a8b2L,0x8886a0245235b15fL,0x526b04be0b4d1737L,
-        0xcf6084d9489f9855L,0x971ca8398ed5829fL,0x00000000000000e1L },
-      { 0x33b5bd61ca6b951dL,0x6bf54e1fb00b2c5aL,0x3e739a1de67b50a4L,
-        0x4a9af7f0ce82ee0bL,0x0fb8696146a2ee3eL,0xdb9363a79c97b9f9L,
-        0xabd29abbdb1be929L,0x7d4fb696e812de1aL,0x000000000000014eL } },
-    /* 14 << 294 */
-    { { 0xca22e1011f4db09aL,0x1a821888be1a96d0L,0xa5b1218d300d31d8L,
-        0xb4e11200befdce35L,0x6900c54fa507c579L,0xa343019dcc9fddebL,
-        0x1ef6f8e7ce55a800L,0x0b7e6f2eb39b7d09L,0x00000000000000a9L },
-      { 0x67aee879d16b84d2L,0x4775d42bc4a9e158L,0xd13945291f790f48L,
-        0x2cbd6d019bbcca5fL,0x08205b6360ad2134L,0xe69529826beba839L,
-        0xda24d18c265360e7L,0x070fe85c1afb1319L,0x000000000000002aL } },
-    /* 15 << 294 */
-    { { 0xb382471bded9c20bL,0x2a710cf6db64da44L,0x92e11ddce8b5040bL,
-        0x81d6600416313d98L,0xf9e48b77cfeef40dL,0x8a566a5c1961a274L,
-        0x7e288e774935ffb4L,0xf4d9e1a989fb716aL,0x00000000000001b3L },
-      { 0x27596e1e6d08166fL,0xc36263f89c92f5d9L,0xff7193ddc1150003L,
-        0x928de56fa4c5e839L,0x5709e478ecf9d5d0L,0x78834f6b90cc279bL,
-        0x3581d7a4a251ce7fL,0xe66b47cd30d757fbL,0x000000000000013dL } },
-    /* 16 << 294 */
-    { { 0xeb4b23274247e72eL,0x6660a1e5175cc2ddL,0xb6cb2db4fa58cacfL,
-        0x035b7ab3f93c9b5cL,0xd2582c31bbc94809L,0xb80863e54328d05fL,
-        0x61f99dd580b782b5L,0xa17fb8fc59e27db6L,0x000000000000004dL },
-      { 0x4bdd2a99e6b71bdcL,0x586b3ce9210c0d88L,0x590b0c459295119bL,
-        0x1ee8b021a417f7deL,0xce83ae394efecb1aL,0x06298f05eb3e3c84L,
-        0x0e13905295e6d8c8L,0x5e8a4031babc6bd8L,0x000000000000011fL } },
-    /* 17 << 294 */
-    { { 0xa45c4393de825f40L,0xb9ec95008c3cf0b7L,0xebe3990e65d35126L,
-        0x2de346a7703debc2L,0xdaaaa35182941b06L,0xb233de5e0a85d32cL,
-        0x6f954814ea2ff0fcL,0xf60aaa4dbbd2cf8fL,0x00000000000000a4L },
-      { 0x844743f9f912025aL,0xcc428af1e86e6a91L,0xdfe077bdd8b2ecdcL,
-        0x20eb2e7a0b8f76e2L,0x6063a73f0c3abbbaL,0xdbdcff05caba37acL,
-        0xec2f6cb84aaa8012L,0x1ae4c16d8cad3681L,0x00000000000001c4L } },
-    /* 18 << 294 */
-    { { 0x57d2461128803c3cL,0x9c6f153e905c766dL,0x2a8d0e65a3df5f03L,
-        0x5fb1c0c5ff0dc35dL,0xe3420a10bb4bd9b3L,0x464e2fa04c4a9eb0L,
-        0x511a5d07694c91cfL,0xb23f2f1a52c89680L,0x000000000000014aL },
-      { 0x3d9d955113088161L,0x3747c9ca64c5a2d3L,0x5d13ffb630032fbfL,
-        0x5f162ef0c0855550L,0x68bc14cc7f54d72fL,0x8ede5be68d825c01L,
-        0x437cafd1d87e0007L,0x7040f1e0bca3477bL,0x00000000000000dbL } },
-    /* 19 << 294 */
-    { { 0x28cce0ecb9bebb36L,0xb29c8a152f0621fbL,0xf651326b8d2580f0L,
-        0x26df142f35cc66fbL,0xe3750e9e14989eecL,0x55305d0d09feca96L,
-        0xe006e3b93188fa22L,0x19b0e9242df6f347L,0x0000000000000093L },
-      { 0x53811345b5c4cdb2L,0x57ac7a2a79fcfca5L,0x7814795cae76763eL,
-        0xecc5a5628821cdb4L,0x4cb555779a55aef9L,0x8e7a4b3792ef5935L,
-        0x45f20156f18a1791L,0xa785efdbf98c417bL,0x0000000000000038L } },
-    /* 20 << 294 */
-    { { 0xb9b6ebf9b1351aabL,0x3199f6e349a08f81L,0x3cfdb7175df347a9L,
-        0xad627841b15d1ecdL,0x994ac9a2d4918f31L,0x3f3b84a1a482e07eL,
-        0x82f47118d01df2a1L,0x1ce7c2530612e165L,0x0000000000000117L },
-      { 0xa4d357d1b1a67846L,0x0ed36337a5f6313bL,0xf759acc56224b03dL,
-        0x9f79550a43833acaL,0x71238a8d5b80bab0L,0x2f5d78d1f5a7e9d2L,
-        0x34844c10af79cf0cL,0x202250a1878e03c7L,0x00000000000001deL } },
-    /* 21 << 294 */
-    { { 0xcee095846722f2e2L,0xa7e2d5ef2b812e11L,0x021a444781d9a125L,
-        0x53b6ac752c3c35a1L,0xd41b7fef6cad23ebL,0x6f10644550687730L,
-        0x6c5f184cbda38409L,0x4fcae4e8afaeeeabL,0x0000000000000058L },
-      { 0xa6a280db7a9ad8daL,0xbfab051035f6f97eL,0x32ca44d4a6d62fe2L,
-        0xc7d3521955b5a2b0L,0x5ecd78fd85d6e1a4L,0x40b504b0f0f12cdfL,
-        0x483df9abceb7c1b2L,0xf416371483db0c9aL,0x000000000000000cL } },
-    /* 22 << 294 */
-    { { 0xd7d6b8dae1e2262fL,0xdd1ce7929442a0a8L,0xb3338e7a23ab20c5L,
-        0xc454dd1843e4d64aL,0xc03cf46e65e83085L,0x219b81220c11eb73L,
-        0x9e2f67deff2cd3d4L,0x46fff24e3a0d6beaL,0x0000000000000131L },
-      { 0x990fc4b50f52b1d3L,0x980926dcfa16bdcaL,0xf70295610e725151L,
-        0x009a73258100d906L,0x14beed1973be583dL,0x862ab646ee8ad63bL,
-        0x96bf39cdac7c1267L,0xe73e0eae5d9e3cabL,0x0000000000000053L } },
-    /* 23 << 294 */
-    { { 0x3ca878fc4806181bL,0x405c7b2811146abdL,0x2d16043c0771366eL,
-        0xd07c69fd4027bbabL,0xddadf4e4fbcac82fL,0xf5a67b2b7559132aL,
-        0x942a4965f1a47aedL,0xfca25633a52e8212L,0x0000000000000022L },
-      { 0xaae49d7b10ca9169L,0x97c05152759d11deL,0x655d94ad51815da1L,
-        0x57445ad9b5063685L,0xfced3ea4c51e8dfaL,0x2e9e229089e37384L,
-        0xe62ae24628f62dccL,0xfd5969067f5a5b72L,0x00000000000000c9L } },
-    /* 24 << 294 */
-    { { 0xaa91d38ba207739fL,0x8c5e7ae36cb4b052L,0xa785648126932370L,
-        0xec5f6683810f6a28L,0x56d9b66fdd4a1a39L,0x936d24f5b4ae3605L,
-        0x5b89adb53ccefa36L,0x7d893e3ac6a0096aL,0x000000000000015eL },
-      { 0x98cecb6d99db465cL,0x66db3e132c1113b7L,0x9dfafbca881d1c5cL,
-        0x78d6b56821503e69L,0xb0197722f05ac1b1L,0x2523d52bc45e608dL,
-        0x8e77c13ceeb9ef93L,0xc5c6e0e756a50594L,0x000000000000010bL } },
-    /* 25 << 294 */
-    { { 0xbe9639f5607be4ddL,0xb7d415b59e82139eL,0xede6ac04d77f0ac4L,
-        0xd8471424ceeb4155L,0x3fde6834bc76aa1bL,0x9020c58cae990b2aL,
-        0xbe49e85009e1f067L,0xfe76c73de5218d9dL,0x0000000000000077L },
-      { 0x787b9b1a0b3809c0L,0xd095141cf230c780L,0xfd6de04e1550c58cL,
-        0x648eef5d108a70f6L,0xbd0974b51fd5d1caL,0xc29be634e9f30f9eL,
-        0xb8559f72240c47b3L,0x8787033507c3bcdbL,0x000000000000001eL } },
-    /* 26 << 294 */
-    { { 0xfcf2897b3170660dL,0x29f6635c142ac9b8L,0x1b6d6f170b575017L,
-        0x254f887f443ebbfaL,0x5659e0e267479d77L,0x7f8597a73e6e63f8L,
-        0x13d34c6edcbe3f6cL,0x061b32786dbd9c9bL,0x00000000000000b0L },
-      { 0x9240fa42f1d121d3L,0x596d9037c65540a3L,0x420820c53103dd1aL,
-        0x494911c61334ddb6L,0xe0b43cc55fee1bfaL,0x6336d37087b32edcL,
-        0x726ed517f52b8682L,0x7c94653320a217b3L,0x0000000000000031L } },
-    /* 27 << 294 */
-    { { 0x13f2450b909c1a88L,0x3344c3cdccbda714L,0xe230f4a809da0a01L,
-        0x3fed866bfb805ca4L,0x2fe1c1cfca3269efL,0x49f7a32b47965aa7L,
-        0xaecab243bd604104L,0x79769ec1a97dc613L,0x0000000000000134L },
-      { 0x107daf6c16bcca1cL,0x1593235a005a0645L,0xae1114dcea3b7e40L,
-        0xfc3e330ec40033b9L,0x579ceaaf9e3b41e1L,0xee0d6fe7a459911eL,
-        0xfc55400245f98d3aL,0x2b995f850e73fc4fL,0x0000000000000102L } },
-    /* 28 << 294 */
-    { { 0xf7ed6ffdf50a3d85L,0x920b807525ecd014L,0x9074d5d14ebbd57eL,
-        0x2c7656f08ce72dfeL,0xd17c1313336df7b8L,0x342593894a6a7112L,
-        0xf9112c8171d23283L,0x80ee8f87b19617b0L,0x00000000000000daL },
-      { 0xd411f8b2e36790d1L,0xe0352d7ac03b68a7L,0xe2b16d4e55dd2c1fL,
-        0x3282a3de3b874068L,0x26fbc96e1b3d4991L,0x42f10b4520d08473L,
-        0xf17dce35c84ed8e7L,0x78da06e791f15069L,0x00000000000001daL } },
-    /* 29 << 294 */
-    { { 0xf9775c57cd2967d5L,0x65123c2cd738174bL,0x4d91a7cdd3820c86L,
-        0x3e709d34caf234acL,0x66250e69863a7e8bL,0x73cccdebb1885fbaL,
-        0xca872751809b48d3L,0xeb4ca203f236ea5cL,0x0000000000000115L },
-      { 0x7e499db1bb1d64a0L,0xff0b67f3c37a7a2cL,0x443c5f612741f78eL,
-        0x0768cb396aa2725fL,0x98c48c0d92dfbd7cL,0xfdada4a36fb67cbfL,
-        0x00c916f66b221b57L,0xb25a08a38fa18490L,0x00000000000001bfL } },
-    /* 30 << 294 */
-    { { 0x32fa6aa0ebf76affL,0xbbb4b69eea27786bL,0x1a61db994113e36cL,
-        0xd9ec11e72884fc1dL,0xa196c2e729d7cacdL,0x076ce25757e81101L,
-        0x2d9b9f7041062d32L,0xa0f7f96948d96dc8L,0x000000000000016dL },
-      { 0x7ae29604caa1564cL,0x7860e39ddbb46de3L,0x099372d4dfc84fb0L,
-        0xf784833c650622aeL,0x9711ddf9d66fff47L,0x62b51a5f046095eaL,
-        0x50d05cef44618f6cL,0x2b3bc7637a5aefdbL,0x0000000000000024L } },
-    /* 31 << 294 */
-    { { 0xbd875cc5b89c9889L,0xaf8042931aa82e4cL,0x4ce2924dde1defecL,
-        0x01f089d19b41586cL,0x9f2310e7ff9732bfL,0xe4c86bf3b0bb7eb1L,
-        0xaa010c968bbc420aL,0xed2c9c7164c47381L,0x00000000000001d8L },
-      { 0x4a6b565e045bc12eL,0x36bf29cf77275cdaL,0xb464be38b331e0c4L,
-        0xbdaec4d0cd49e3edL,0xa8c0eef1a647036aL,0xc40dd02ed31fa960L,
-        0xc7a368ccdc2f5113L,0x3bad9d88e632a505L,0x000000000000006aL } },
-    /* 32 << 294 */
-    { { 0x709ac1575b6e48aeL,0x7ef27b0f95eb72ebL,0xb1bca839d987e330L,
-        0x16d0f9b110b85d29L,0x08d6d9b2a5e559f2L,0xdcb7602d980b6daaL,
-        0xb38f08a5f2f9b64cL,0xd9adc282e2cf92b2L,0x0000000000000164L },
-      { 0xcc6a51913137f926L,0x9e4ccf8488821c6cL,0x0b3991794c8babe2L,
-        0x4269ee3929c119f0L,0x1374f63a3509d23aL,0xb7563c4386b73069L,
-        0x2ad51f46077f8bbbL,0xc383bf47d8d3310cL,0x0000000000000079L } },
-    /* 33 << 294 */
-    { { 0x1d6891d39c0144e6L,0x52ac8f54ccdbe3ccL,0xb8332000c88c51c3L,
-        0x033a0df23700556fL,0xf97e93d0ae841be2L,0xd8b2ae2e08523501L,
-        0x6eeb8117928f1a3fL,0x81999870a8d353f4L,0x00000000000000b3L },
-      { 0xc84500b07b8bb4b0L,0xae616e25d3320838L,0x0bd7d96a43cfdad3L,
-        0x8f9f3fbe4f1f18b3L,0xcbb1ebb2592a0c27L,0xfe42cf82368d7ebbL,
-        0x6ddf64b8747c2e25L,0x20e39304cbc56bb6L,0x0000000000000152L } },
-    /* 34 << 294 */
-    { { 0xa1259eb0bb2db655L,0xa89c9e6723209bffL,0xf09647c4a6c417deL,
-        0xf92aefac3904a74bL,0x0704a73616ca9de3L,0x9adca9d445a1c8e8L,
-        0x07a94afe87213d9bL,0xf74f1787766b608cL,0x000000000000002cL },
-      { 0xa9546f6cb6803298L,0x890b7f942c895a2cL,0xb63ee1f2ac1c77f7L,
-        0x1d40ecd67d5d03b8L,0x170a292646dba729L,0x11c4fcbbcd7545ccL,
-        0x39e139d129a71c77L,0xfba76833cdb60a56L,0x000000000000019dL } },
-    /* 35 << 294 */
-    { { 0x8887dfd9515bc9c3L,0x1cae6d1e9a3bf242L,0x37ab9d8905a3a363L,
-        0x1d37a7a883c27e10L,0x053e57b62672c074L,0x97d3adbad73a2ac8L,
-        0xb633f506bcc69d6dL,0xd4e3c2b08a152835L,0x00000000000000f9L },
-      { 0x6ee41d786c369bbcL,0x4ad8ad62941e1248L,0xf4e782a534050f32L,
-        0xa8ea4017752206f9L,0x073e2905a6c0904eL,0x536f600f5e5e161cL,
-        0xd67e05f5518ceee8L,0xde6a5527c3b67d17L,0x000000000000010bL } },
-    /* 36 << 294 */
-    { { 0x7bfeb9af12391b95L,0xd79181d83d2855d9L,0xeb0cb5ba84bc3f73L,
-        0xc7aaee27d4577568L,0xbebb1d976d62aaf2L,0xdf7f87711c0d2c76L,
-        0x8e735dc01390efe5L,0x324a3fef10b0342dL,0x00000000000000ddL },
-      { 0x0f074d4be5ef45e7L,0x2af56abee6c99cfbL,0x55f70e37666b03e4L,
-        0xb1f0116afed0a21eL,0xf9fe9c995603998dL,0x70507e45a43bfa71L,
-        0x68d2f7d4ce0e4a10L,0x819fd53796d5a95fL,0x000000000000006fL } },
-    /* 37 << 294 */
-    { { 0x0c0b1628c0ce3722L,0xef71fa4e06194427L,0xe9ffc8fd35815428L,
-        0x5ba6b0819d519771L,0xc0ff3c5e81293238L,0x5a91a345e4d2fa29L,
-        0x6bedab154d0e36d9L,0xa2860c0014f98febL,0x0000000000000145L },
-      { 0xd39d5aa9b47fcfd6L,0x7d6097fdb3537bdcL,0xcc18e7c947a1b76aL,
-        0x3a4f5d36e2ef31f8L,0xab932eb1656164d1L,0x48ad2dae3bb3c089L,
-        0x79240de0dd6942a5L,0x526b6529f9e208c8L,0x0000000000000130L } },
-    /* 38 << 294 */
-    { { 0xf53da60c28eba272L,0x120745e32d8a9f6bL,0xaecd0eced8dacf70L,
-        0xa40838eab208a28dL,0x5a1a7c465d52ddc5L,0x3a57c3b47e8ea970L,
-        0x0e1cbbe5ac84baeaL,0x6b65d65510465e38L,0x0000000000000170L },
-      { 0x0f1ebb96b489253dL,0x0c973fcbc40f5d44L,0xfa1cc30044a55f05L,
-        0x35173c9e07b22802L,0x4ba69f3619062869L,0xd0986139f6602251L,
-        0x26fa63d1e46cbd26L,0x5b75686d57991c42L,0x0000000000000082L } },
-    /* 39 << 294 */
-    { { 0xc5115f182596f8fdL,0x3eb7ab5627e6366fL,0xb46be9749a07d0ecL,
-        0x5a6e73b4dc031cbcL,0xcaaa10655df414f5L,0x42f6367757566770L,
-        0x475e0a1036b5a3d3L,0x2fa0375c46291bc7L,0x00000000000001e4L },
-      { 0x541780b5c542ce68L,0x8a2dca3d229cf7b2L,0xe792776ef974bae0L,
-        0x998503c7f582aed6L,0xc8c05f91dc12e582L,0x8fe4af98095607b5L,
-        0xccf8f7d8eb35165fL,0x292d6f084818a888L,0x0000000000000085L } },
-    /* 40 << 294 */
-    { { 0xf2f55e6187055f7cL,0x96c05bad1c7b6ae2L,0x24d4ba609b81ccc6L,
-        0xc4c666e9b704f1f6L,0xc505d03fec354e60L,0x6ee24bea512b62beL,
-        0xe86bc686b5ad8726L,0xdea6279ec3fc6e18L,0x0000000000000196L },
-      { 0x2bb0ed8b4f92584bL,0x4cdf258aa481affcL,0xf067c8c665362effL,
-        0x0341567f73099e69L,0xa42fa640487d6afbL,0x4856eb7e41d7455bL,
-        0x7deaf1b1d3730d35L,0x7158dfe5d247b629L,0x0000000000000068L } },
-    /* 41 << 294 */
-    { { 0xcc0ff75ba1efb92eL,0xba0ae458675c11e2L,0x7e9bb0646ac807cbL,
-        0x5050c5000f219badL,0xf8135f19babe7ae8L,0x3e7c7d8e65eda230L,
-        0xe7ce162a30069ec8L,0x7c3c5a9262a18f99L,0x000000000000015fL },
-      { 0x82e3dd1fddf2de5aL,0x130d220e94ff0565L,0x06f36b112ac2b85eL,
-        0x78f3dd866617c47fL,0x1aa3510d1a1d5df9L,0xce8b3b99c16a9a31L,
-        0x6b56971575712816L,0x573cac34cb8ca234L,0x000000000000000cL } },
-    /* 42 << 294 */
-    { { 0xd92f6b9d75b13008L,0x9a504d49a2bb0d27L,0xb38fde71b9ba11f1L,
-        0x4901413b2e9f2060L,0x8d13eeeadee6353eL,0xd84abab0485f7dd2L,
-        0x620df02792f99ca3L,0xc03f647f5e4d1b12L,0x000000000000019aL },
-      { 0x54560d5e25f0441fL,0x4338b22c51d1f048L,0xed6b559a159b7a05L,
-        0x476886554fdc8368L,0xf42f1a082eab0196L,0xac60f4d1f3b18394L,
-        0xa915b254a5f7a4b2L,0x73b6a490db363c41L,0x00000000000001bdL } },
-    /* 43 << 294 */
-    { { 0xdcf1a754ea2591e8L,0xfd641959381e2f22L,0xfbf1c118a66001ffL,
-        0x4269279d3413d83bL,0xe4ac33ac4b48066aL,0x6e6c559e0dc98b68L,
-        0x02a9a9e02faa1329L,0x8648b1ba747c1385L,0x00000000000000d9L },
-      { 0xc0aad5a5256c9a1cL,0x73129d17a8e79c07L,0x23145244eca7c812L,
-        0xfed6f8e785cac27dL,0x0054b0438269c8f3L,0x5a78b38da889f04aL,
-        0xbb890a92bf9897f6L,0xc7ce53668d484412L,0x00000000000000e6L } },
-    /* 44 << 294 */
-    { { 0x23095fdf14c98670L,0xa48c421e9dc0f253L,0xbe07424b0e23ffa6L,
-        0x2d6b8ac86e8dc32eL,0xe3d6e195ad8e1120L,0x2f1ee8e1ffc71daaL,
-        0x603908be648bd635L,0xff134805e912c300L,0x00000000000000ddL },
-      { 0x0ffcc425d4322e89L,0xc809f5ed8f09f42aL,0xc1114010ef2508a2L,
-        0x5c07dc01c51cb0c1L,0xf3d650a11d946eb4L,0xd907ad9a51e6b2b3L,
-        0xd588d588c945f2d0L,0x7dab07bfd1faab39L,0x00000000000001e1L } },
-    /* 45 << 294 */
-    { { 0x9d5b2544a3d51ab0L,0x084588178813a487L,0x4159e69cb8d92933L,
-        0x59494a445c5ee13aL,0xd339bd9cdcad1546L,0x3c021d0f1fae07edL,
-        0x07c938bf8be84dd4L,0xe4509d7a3163647eL,0x000000000000011bL },
-      { 0x29cf63b6756908ceL,0xa229c250b92741b3L,0x1d4507fd023662a4L,
-        0x5ec7929f7f96cee4L,0x6c6abb6dad431e51L,0x99b1af2bb7feede1L,
-        0xb08a47e466ceded9L,0x77b5577b2af814d4L,0x000000000000007bL } },
-    /* 46 << 294 */
-    { { 0x23c220f22f3ee9b9L,0xb3a0e0c9bf727513L,0x3e276e115108bd41L,
-        0xf269c6b23fb319d4L,0x28a035b0e40e70f5L,0x9974d2d490400c05L,
-        0xf7d62731e4e71f3bL,0x44119e4474b742deL,0x0000000000000000L },
-      { 0x502b39745f29b07dL,0x02f9f845c8b1ec1aL,0xa80e587d1ff9b054L,
-        0xc0e07aea1fd0e64cL,0x8b7e83622e582f60L,0x3e21f291ad1f1dbaL,
-        0x214395c034de6756L,0x5728d60a7d45dc64L,0x00000000000000b7L } },
-    /* 47 << 294 */
-    { { 0x39922191c05c3ffeL,0x5de7dd5586c48ba9L,0x325c9b5cd38564afL,
-        0x6a88a43990fa14b2L,0x87cf5b102362445aL,0xfa0eab8bc88b3f68L,
-        0x18f7e5b5341e78b9L,0x31b27ad4116fd87eL,0x00000000000001c8L },
-      { 0xf0ff17d4932024cfL,0x205a03fe3a30a631L,0x60b6627b733c9445L,
-        0xb091ba56a715d6f1L,0x0c4397ab3b1a6b21L,0xf16a58e63a2bfd3aL,
-        0xd217ddb7b6447176L,0x79d9a86cc2536744L,0x00000000000000faL } },
-    /* 48 << 294 */
-    { { 0x29d8faf43544cc95L,0xcdde285818e4e95eL,0x0a01b08dfe9368caL,
-        0x40512dd7c6dbbcdaL,0xcef252a068c1423cL,0x98204e95aae7650dL,
-        0xb922928b77e51a04L,0x9a77021a72eb97a3L,0x000000000000018dL },
-      { 0x5647c6f296c7c29cL,0x6a17e12a870ba81bL,0x42df0e2e73c0ee75L,
-        0xa214b4098765ee48L,0xc098d30234faf6eaL,0x0f5b59a79aa0e1a1L,
-        0xd73224f17c87855fL,0xb78b168cd6d2a061L,0x0000000000000050L } },
-    /* 49 << 294 */
-    { { 0x070fda90fa5df695L,0x3160656226b01e04L,0xf6e12156de3aaaf3L,
-        0xed0f215de7dd01d6L,0x57e283329659a00fL,0xc5969e57935e63c7L,
-        0x90e3b2844178ad18L,0xbbcb285453123b93L,0x00000000000001bcL },
-      { 0x36b29ac2195f63e8L,0x5771e9f017eb8981L,0xfe74b12b5da40865L,
-        0x5f0ff67386d920b2L,0xd327498440426defL,0xdeaef693e06941f1L,
-        0x61416da7dd68bf90L,0x8ff9d2bdf1723ba8L,0x0000000000000109L } },
-    /* 50 << 294 */
-    { { 0xd1da2b970f4ced78L,0x9486496aaff53bddL,0x3b2c09e905787a65L,
-        0xd714235e3bf092b0L,0x2c2bd98def495c76L,0x48d93c1256044673L,
-        0x897376addff54802L,0x68777721468af1b8L,0x000000000000016cL },
-      { 0x5bbb6bed1f304dd6L,0x35dd2294241518a1L,0xb94de945df0e416eL,
-        0x016ce62126a1b13bL,0xbd7cca2324a58997L,0xe3cb85775eb8b579L,
-        0x8ed1e530dfb46f50L,0xd3e45de5b7bebb2fL,0x00000000000001f4L } },
-    /* 51 << 294 */
-    { { 0xe3819d9a1c771ea1L,0xbf690720dc59eb84L,0xa541e37699348dcaL,
-        0xb7888fc369fbe622L,0x1c8a5762136e6a6fL,0x9ead48dabbfa63abL,
-        0x23ea7bafb1ceea24L,0x9e5b105b5f2cdd03L,0x0000000000000179L },
-      { 0xa0d739e636b63e7cL,0xdbe55702dbda9abdL,0x73866365556299bcL,
-        0x4c48b2c9efe0e38eL,0x06427eeebf017592L,0xf3d389aae05788eaL,
-        0x1db17dbb783c8e0dL,0xf1a6d1560552d575L,0x00000000000000baL } },
-    /* 52 << 294 */
-    { { 0xd185cfc3f5823bcaL,0x94e833382d648a40L,0x719def2c4d22d2deL,
-        0xe23be64f266e78a8L,0x8830cb3e752ac9cdL,0x2598bc00d0f2cc62L,
-        0x42513e2c62336adaL,0x7343da72b35e9e9dL,0x00000000000001a8L },
-      { 0xa38d5d2219b56641L,0xd7e2949e94a2e805L,0x03f06fa6a850f355L,
-        0x744779e0dea5393aL,0xf6078b4c9cf8ff02L,0x3a150184d43248faL,
-        0xf2b064f88cce580aL,0x3894f51466eaf1aaL,0x0000000000000049L } },
-    /* 53 << 294 */
-    { { 0x5bf8be23e3841518L,0x390df312c1d8812eL,0x87c36912461bffaaL,
-        0x9159a05a2adfaa7cL,0x7c1ebbe962f281cbL,0x9c0a76c9082166d0L,
-        0xa929dffb920301aaL,0xc32334dfd7fd6366L,0x00000000000000b5L },
-      { 0x3d292b74f63f5f63L,0x022e7982a5482092L,0x45808135f3179942L,
-        0x7256ff64865831a6L,0xa5c9588e5a3e9363L,0xcc7d2ca88c82986eL,
-        0x7bec162f05626c9dL,0x89da9ae77b9ff705L,0x0000000000000198L } },
-    /* 54 << 294 */
-    { { 0x5b038af3f5bb585bL,0xb98ecb5f37bd3ae5L,0xc1b18cb194be2a43L,
-        0xa9618ec095e4d777L,0xc40f2dabc748a4bfL,0x21904d556228ac53L,
-        0xc660cec8dde83410L,0xff36f88f50979bf2L,0x0000000000000160L },
-      { 0x9628fa6551d8881bL,0x73f061b88947cb47L,0x79f5d6c845cf0762L,
-        0x49504051376a43d5L,0x70c737b7a3f83f46L,0x59d034dd0cc593bbL,
-        0xaa0875df26342c19L,0xa585ead811d79d98L,0x00000000000001ddL } },
-    /* 55 << 294 */
-    { { 0x1779f234ef839635L,0x8f58efb1f40a5a65L,0x1d6206ab3e5cc402L,
-        0x1bbd6fd7e912df6eL,0xc924914685b7d132L,0xff29fea43e802e9cL,
-        0xc61175867bcf48b9L,0x6540528e9282c06dL,0x00000000000000e1L },
-      { 0xd0f41b96127c2594L,0xe7b7f49987819eaaL,0x86005a00584aaa91L,
-        0xb82005e47840a3b8L,0x37a7f2cccf139be1L,0x483a5922c7f15281L,
-        0x606a1b81c55ae9bdL,0x93027e7d27ed3387L,0x0000000000000144L } },
-    /* 56 << 294 */
-    { { 0x095c54694caddfa0L,0x7db5b97d383c724eL,0xb4698e9a92ca76e8L,
-        0xd964ac2001ae58ecL,0xd743f813b822b97dL,0xd8de0d8520171bacL,
-        0x549e8ae5ea164044L,0x03c9d920f8426c21L,0x00000000000000bbL },
-      { 0x794be56d907e69abL,0xd3c037943abe9f98L,0x9a5eae5c84e132d7L,
-        0x9a7afb80bf979b72L,0x624910c94bcba819L,0xfef0daf5adb707c4L,
-        0x7c9d0680ecc8bf66L,0x342fd8b9681d3792L,0x00000000000000a5L } },
-    /* 57 << 294 */
-    { { 0x31af9ea81c876e00L,0xf54b3306c17ce3b9L,0x9da29ba8b7b66baaL,
-        0xe8f958bdec97fbaeL,0x9aed85e5d5d5ca73L,0xde6ee26dfcf4f1d7L,
-        0xf4e2831640d20e59L,0xc344605f84d7d1c1L,0x00000000000000b3L },
-      { 0x5488e1b958226056L,0x79c948a9cb124c25L,0x278af742f40ff7b7L,
-        0xecc60fa1740757d1L,0x648f9a18476f60f2L,0x28d72cd41ec656a0L,
-        0x0679149a291cc21fL,0x74d87b8355eba80bL,0x00000000000000e4L } },
-    /* 58 << 294 */
-    { { 0x6d48fb31ad6f4fb9L,0xe536f4b6b626e78dL,0x49aae08b0d7fdbe4L,
-        0xcb3963457a9ed668L,0x041268b9b63b577cL,0x0b1593d8ea5b7d95L,
-        0x26c9109ca54dcef4L,0xcf5576e783ea872cL,0x00000000000000b2L },
-      { 0x835382690ae7e08eL,0xe844c9b9f4c32ddfL,0x839bf854110c1a1fL,
-        0xfaa5f6775c69fab1L,0x198e91e6e763e4adL,0x47da5f178f63cd42L,
-        0x61c638a62c872558L,0x6bf1c8895618547eL,0x000000000000018bL } },
-    /* 59 << 294 */
-    { { 0x6a8cc986caae6ae4L,0x1d7c2d67d6d6435aL,0xdcdf751c1f27d040L,
-        0x084a8ad907b0b209L,0xa03ce81aa4cb20a0L,0x8bd7ee7273b7ce3dL,
-        0xc30a9ee4bdc436dbL,0x09c04ae46034aff0L,0x000000000000007bL },
-      { 0xfabd79026c6bd45fL,0x799e004bc957c862L,0x5638fc917a905a28L,
-        0xf0faba028a378c7eL,0x89e982772ac3baf0L,0x80c111429112a683L,
-        0x134bf54ad1c0a381L,0x6981a134a371b908L,0x0000000000000165L } },
-    /* 60 << 294 */
-    { { 0x8cdf5496ea2d6f47L,0xd16475ce1384a82dL,0x443c6bbe79dce016L,
-        0x520583ea11c229e7L,0xc345965d32d1ee47L,0x046c5c214eff5930L,
-        0x9810075e19d48e5cL,0x3e1425909cc794ddL,0x0000000000000186L },
-      { 0x254d003679cf471eL,0x87a8c5ed0d5a2f06L,0xbc16fd945516fbdfL,
-        0x2e7c1bf26fa2a909L,0x28297856237ba960L,0xcfb6b336091507fcL,
-        0x0cab1eb283a9939dL,0xe49bc8d8aec9cb63L,0x00000000000000b0L } },
-    /* 61 << 294 */
-    { { 0xc62b48a8982b000eL,0x8277c2682d1953b3L,0x19cfe475a9b47cd0L,
-        0x310d9c740992a068L,0xc03ee94ec1dbed2bL,0xc26915c631c025c9L,
-        0x46d1a3136d451124L,0xd8840ea94a5e33afL,0x000000000000005eL },
-      { 0xbcb605537c315236L,0x01b759256d7c2f69L,0x31e142f17568be8fL,
-        0xd39380b76ad30805L,0xeafc7a683c516d0cL,0x83a284ec418c61d5L,
-        0x493a0f10045a330fL,0x548e81d57c31cc6aL,0x000000000000006cL } },
-    /* 62 << 294 */
-    { { 0xf3445d6401011685L,0x58c874941bcba0abL,0x4a5fb2a29e299226L,
-        0xf76e578d815c50bbL,0x996d096f14f6347fL,0x6056b8185831b153L,
-        0xda2fd3d05d5d22b4L,0x512217c398f9bc2eL,0x00000000000001bcL },
-      { 0x82c87114979f39abL,0x7a032a31ca612d87L,0x81bd29f591930220L,
-        0x361732d21fc75c2fL,0xff5fd67e43ce4841L,0x53b8c32d784a180bL,
-        0xc666c0a34a359515L,0x78095258fd91743fL,0x0000000000000002L } },
-    /* 63 << 294 */
-    { { 0x22c1d1baa579fa74L,0xa3000c7398e2761cL,0x35fa789b86e47f27L,
-        0x78247dded7ceb040L,0xe86dae9bf0211813L,0x4526464eb9a8e680L,
-        0x8a415c8dcf84b9e3L,0x2a3d5df6bc25d1acL,0x000000000000006cL },
-      { 0x34af41b5b5ad0cd3L,0x18920068740f40d9L,0x3efc1ccfbd6c4c23L,
-        0x7d188dcb889947efL,0x9b63949593e850cdL,0xce1d6ae38bf50f30L,
-        0x3f8370629c1740b0L,0x80d89ab62e93fa82L,0x000000000000008fL } },
-    /* 64 << 294 */
-    { { 0xcdb8a92c817221d9L,0x7ff2643e780ed8a2L,0x5efcceda56fc9caaL,
-        0x59b5aa12f823d2fcL,0xfe97818b9dbfeb54L,0x2becceafa13dde72L,
-        0x5d5b53cee8692b1bL,0xf5e5ac69cae9ddc6L,0x000000000000000fL },
-      { 0x6ee75741c692d9ccL,0xd97eb6f262a91d4dL,0x8858ba5de2924e75L,
-        0xb8e1b22a517030b1L,0x651a68382af83dfbL,0xc1fb14d21c21be14L,
-        0x87689d46c9eba60eL,0xe16cfc1a0da1a29dL,0x0000000000000107L } },
-    /* 0 << 301 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 301 */
-    { { 0x4021a24de3c91b63L,0xf7cbd01a0b896f6cL,0xb005e27e145743c1L,
-        0x170d30313d2c0449L,0xb2369781715e87bcL,0x7ef5d8e0d6e85650L,
-        0x1a5fa6c7b232c66dL,0xc0455caedb20ffd8L,0x000000000000001fL },
-      { 0x3acf9bd305c7c488L,0xbf769bb0294df5b3L,0x8d5f90958fa692fdL,
-        0x9b20f4c777aef48dL,0x312134317987ad09L,0xc0b03aead6a327e1L,
-        0x5be9a205e6f56badL,0x2db39c5e6c7ff60dL,0x000000000000002cL } },
-    /* 2 << 301 */
-    { { 0x06e672911fbe4b1aL,0x2df4c01c7328b43cL,0x811847ea7350889aL,
-        0xee53f7eff19988a8L,0xcc3fc6d371578d7dL,0x20682a7b7b0f48ecL,
-        0x6979a4f21ec4cd51L,0x58272b7c845bc78fL,0x000000000000000eL },
-      { 0xceec799c35e8ef48L,0xa01333eff9ec8ae5L,0x5b99b83ef9262e87L,
-        0x37c4df170f427205L,0xb20cef3ff972dea8L,0xb63ac380c6c4c976L,
-        0x0b915c3290866381L,0x8817b26a91eedcabL,0x000000000000001bL } },
-    /* 3 << 301 */
-    { { 0x7ace3143a092069aL,0x0bc9cd595e70d5caL,0x1c26df9860dae8ccL,
-        0xf4358cefb881888bL,0xfeddc9766632ab56L,0x08206f72b870dda8L,
-        0x46f76ea4cc81f687L,0x865b6cb3ca702001L,0x000000000000007bL },
-      { 0xc064a2e3b099af17L,0x88beb2371d625dcfL,0x507be25af7b18ac9L,
-        0x46c8c36077f8ed84L,0xb019195fadf90251L,0x386ed5ce56c4eb40L,
-        0x46427f9c870504a2L,0x156e3c6f36d0f019L,0x0000000000000033L } },
-    /* 4 << 301 */
-    { { 0x06e0332e000535eaL,0x5c58e86403bbbe55L,0x4d9a6db110b9b5a0L,
-        0x7ef09cfc6a24db5dL,0x61d105f4819d4d78L,0xc5e243dd82d474a2L,
-        0x8742d427886e0d59L,0x08cc598e079399e7L,0x00000000000000afL },
-      { 0xb1af75d1c8e53592L,0x74857a7fca9dbfddL,0x2f7f11d8d49cf79fL,
-        0x82c78c0d7c4073d2L,0xbe13602fab4c74c0L,0x4282184ed0d37ad7L,
-        0x719bb29728289fe0L,0x08fe79e9b09427e0L,0x0000000000000192L } },
-    /* 5 << 301 */
-    { { 0xfb9970015eaa1129L,0xbec9a530e84da535L,0x133710955d6afc1eL,
-        0x7156b33510b368edL,0x86d22c634c902f9eL,0x64ea7336eaf83f1bL,
-        0x700571f6d4313851L,0xe6398407a8fb758cL,0x0000000000000191L },
-      { 0x004bcb3ad7673444L,0xa0ad23ff6c5d7b10L,0x86969ed559aa896fL,
-        0x80c4897508a9f27cL,0x37a8337cba7fc097L,0x295b4ece65a34328L,
-        0xb14eceddf56efccfL,0xcf9265ea638d1620L,0x000000000000017cL } },
-    /* 6 << 301 */
-    { { 0x91a6ba108d64773aL,0x18e9f8c089ac1f66L,0x49f08c886ff68e9cL,
-        0x57b6fb9131913442L,0xdce8f943d9be3a61L,0x03a6d0137c897a92L,
-        0xa3cf84d469451d27L,0xf9d603b978585859L,0x0000000000000019L },
-      { 0x9b651ee0bbe619d9L,0x6595951edf219411L,0xc4b2ffb73e53e02bL,
-        0xc32b5aa6f8bd17f1L,0xe7788f4a97f05123L,0x31d33abeb624663dL,
-        0x9e736612d8b9fcd9L,0x6b948711fa3eaa15L,0x00000000000001a5L } },
-    /* 7 << 301 */
-    { { 0x7f209595588ba3f7L,0xe2407c9a57ea6473L,0x9beac14648c8914fL,
-        0xa76746da7281653dL,0xb98edf137b9eaf4dL,0x4af237b992b8e681L,
-        0x9681674885d4493fL,0xcf67088b2d55fb92L,0x000000000000002fL },
-      { 0xfc9967792f89cd08L,0x62bf8d1b54cbddc2L,0xd9395c418dff283aL,
-        0xc384a2e9e7ffadd5L,0x39f0e602bedf1036L,0x0fc173dcd28e10d4L,
-        0x574c346fb4a775a3L,0x9f62fef62b897266L,0x00000000000001cfL } },
-    /* 8 << 301 */
-    { { 0x163a9e62eec6e312L,0xd11432c1459162d8L,0xdde7d941a25d4934L,
-        0x9067028e8d868aadL,0xb71b17085b6e3d21L,0xaed73637e95d3c7fL,
-        0x51bcc93c1dce0d78L,0x2f45d06a504a9d0bL,0x00000000000000beL },
-      { 0xec12ea4b300b2478L,0x91ac6eedf2a48388L,0xfbdc1bba7a7631adL,
-        0x5b2669cb79d5f4ceL,0x219d64f948c8f025L,0xadcaab29aadb5873L,
-        0x3b07af1c671bd673L,0xe66e7c67b7f2d8f5L,0x00000000000000c9L } },
-    /* 9 << 301 */
-    { { 0x877a56c5e8c21c07L,0xaa9b34cc64389ebbL,0x05d0452d80b06ab4L,
-        0xef13a83f48e78fb1L,0x8f1ccb089003b1f0L,0x9b6f68ae0e240740L,
-        0x3b4e3941e661e336L,0x3d50ab4f9673bef9L,0x000000000000002fL },
-      { 0xd84e8415839a034eL,0x9af0ecb379490c58L,0x3fa5698f53a7f6c2L,
-        0x7ee6a1fe1f5f8a6cL,0x759f0ff62d9134d8L,0x413d44f634a2bc05L,
-        0xecaf95ee0fc28762L,0x881b307762a3eb28L,0x000000000000001bL } },
-    /* 10 << 301 */
-    { { 0x1d2684d8817a08b0L,0xdb7dca26c8be8d55L,0xa069d7e07c8974a2L,
-        0xc061be91d03247e4L,0x1c6b377d7bd92a76L,0xcd7e0d7f50330391L,
-        0x6de4e84426762364L,0x07276c1516426e46L,0x0000000000000102L },
-      { 0x1744a4f50c65db3aL,0x08c6a33f9b8fb672L,0x31f23108ebf4762cL,
-        0x7b2c0ab0181df967L,0x53cd3abd2be95364L,0x0be1aaa87bbb3eddL,
-        0xbb0cb0531b469e7fL,0xea338278d6e16032L,0x0000000000000047L } },
-    /* 11 << 301 */
-    { { 0xc7f394748381c552L,0x986d2d61d55f8773L,0x1748580c54b59ccdL,
-        0xe071cdd56194dad0L,0x1440e99aa75ba866L,0xd162309c0cb3e564L,
-        0x45786580289fc2bdL,0x1d4120f1da2a714cL,0x000000000000011aL },
-      { 0x564bfb392e7a47d8L,0xc43ad5f9c38c2c08L,0x60d4dd7acc7ead2bL,
-        0x89166f8b91fde4a6L,0x7f1ac6ee9f62d204L,0x1a5728aafbfd7551L,
-        0x7997f14a2e75d1a5L,0xfc2804ea649488adL,0x000000000000019dL } },
-    /* 12 << 301 */
-    { { 0x2d511de52dae34a2L,0x280126a9cc783bacL,0x247eb07f3b00a441L,
-        0x909b0ea7567b28f6L,0x6045d39b53c3600cL,0x41714d14c75815a6L,
-        0x6bef6123c601eadfL,0x3683ccf3d6343c4eL,0x00000000000001b0L },
-      { 0xcfce0c48b23f24c2L,0x8a051e71622cd9bbL,0x07ec1bc49eb85129L,
-        0x4ca832899cabb17eL,0xf095659733580331L,0x88e7f968e465e3beL,
-        0x61c5c643086d84d3L,0xcd236eee26444e10L,0x00000000000001c6L } },
-    /* 13 << 301 */
-    { { 0x6a3f660b0dc590beL,0x32d22798247e0247L,0xc90cd006d66c6982L,
-        0x653993195369eca2L,0xa1346bcab0838f49L,0x3b5d8514fb956f90L,
-        0x17fa86f9b27e8c72L,0x61b430690dbbfbe8L,0x00000000000001daL },
-      { 0x3d46ae770fb82755L,0xeac173262c02b0f6L,0x869be2347fc42178L,
-        0x845d561ac8b457dcL,0x8295d7de2c8495efL,0x57e84cd5f079a84eL,
-        0x30e443fe60b7d282L,0xe0340819a844632bL,0x00000000000000e1L } },
-    /* 14 << 301 */
-    { { 0x0cec34cc215c702cL,0xf9534c2acde28ed6L,0x5694c1addb2b1db4L,
-        0x78834607f0ce1dd3L,0x0897479ede16ad83L,0x711db79e7ad8d6cbL,
-        0x4fec3d6a30d12f46L,0x2fa068bab2925929L,0x00000000000000e5L },
-      { 0x79ae08ddd6d413d1L,0x7afae372233385f9L,0xa9faea3a1c5915fbL,
-        0xd1d81ccddbf76a40L,0xbcee5b60311bd5b4L,0x33fd134e0d295473L,
-        0x8971c976a1499b9aL,0xbe778d06c2dd33cdL,0x0000000000000128L } },
-    /* 15 << 301 */
-    { { 0xe165fe45591537d3L,0x494e9b586f9e77daL,0x05048c2406b5f840L,
-        0x27b142e0669c0541L,0x266d5823ebf3cba1L,0x2c9668a9f5f6117eL,
-        0x92b1a670041d08abL,0xd2e4bc7d98b28dbcL,0x0000000000000110L },
-      { 0xd96f0a4eb50c672eL,0x2a5ba3084f40bed9L,0x6ad427836ada6e01L,
-        0x11d68fda636a6b24L,0x38d87a77bfcb526bL,0x3666085af7663abdL,
-        0x9e8dd236688f4c58L,0x3f5eaea3577ddb84L,0x00000000000001c2L } },
-    /* 16 << 301 */
-    { { 0xf03e26842bc15ca5L,0x0b130b09bf196674L,0x3c27538756217f5fL,
-        0xb26d17d4349aca89L,0x3faf18590269bf70L,0x3cdeb74fb288736aL,
-        0xeba8f6007e38ea96L,0xd24052c851da8c99L,0x000000000000015eL },
-      { 0xa5582bacb2f51cdbL,0xa325b5cbd0a7f7c7L,0x065a27f009931317L,
-        0x1abd17b6cddc78ecL,0xd8fd426937962ce7L,0x5d8403c8002cf3c2L,
-        0xe62f5305e3eb09a4L,0x1900f36ceeaf6fb3L,0x000000000000010aL } },
-    /* 17 << 301 */
-    { { 0x284fc126babba399L,0xda961c2d629b5b0cL,0xdb458a6c7acc2fc6L,
-        0x2d048b73b07e4eb6L,0x9ee17cf76011f0dcL,0xff56041501eb1f54L,
-        0x39ed447f8b55cf30L,0xcf2256f1d85dbed0L,0x00000000000000bbL },
-      { 0x084a817403650842L,0x71be289cb89d85e1L,0xb9c9f5b8f0aa2e1dL,
-        0xf454a8a2a0048186L,0x67e89b8f11c62ecbL,0x3fefb1f66eeb3419L,
-        0x19c5c988db8b8343L,0xd477b615cb26d01dL,0x000000000000012dL } },
-    /* 18 << 301 */
-    { { 0xfebd0210b24b42c5L,0x4f8bb6ab782d99ddL,0x624530b516f9fb4bL,
-        0x9f9ac0dcf52469a9L,0x6cd360b7a7297153L,0xa1989d5ae3ffe52bL,
-        0x493e7f8e086c3ae2L,0x598af31b052d016aL,0x00000000000001a4L },
-      { 0xd22cd1eeecebf13fL,0x1dece9d773807b67L,0x9d68d0462573e787L,
-        0x70f7848f24c5d05cL,0x2e846609ad526173L,0xc8a05dcd05ce91f8L,
-        0xc39b7711eeae3077L,0xcbb8347d040614a9L,0x0000000000000127L } },
-    /* 19 << 301 */
-    { { 0x87eac716c5722d13L,0xc1afc869d61ef2abL,0x496b7a2aacf51364L,
-        0x5d48541015d5ca0bL,0xcb57650b8772fb05L,0xd26d4f958869f973L,
-        0xb320d08e025cc659L,0xa950e9363419e9a4L,0x0000000000000030L },
-      { 0x5e80b7840e4326edL,0xe712d1b6118b4b67L,0x9188de4ab4e2f1d5L,
-        0xddd7c742931ba11cL,0x19856e2d083a8b4aL,0x28fd9f4ec237b67aL,
-        0x264aa6aeb17c199bL,0xbb708f00b04ee318L,0x000000000000009aL } },
-    /* 20 << 301 */
-    { { 0x9d1eae14e6c6fa68L,0xc10a9135e799dc68L,0x7abe45371d7af249L,
-        0x50c5b3e44b78fb26L,0xba92be148298b03cL,0x6229f220227a8e85L,
-        0xde2d6415248042a7L,0xeaaddb9bcbfda7ebL,0x00000000000001bdL },
-      { 0x3495558bc0642562L,0x5649a710eb006b80L,0xdeb44b295e284cb8L,
-        0xfb01767c2fb2ad7eL,0xb40225510f9ccfacL,0xbe4eb5c0a67be6fdL,
-        0xb5d9f3e86d920a44L,0x918cde4238b14e5eL,0x00000000000001f8L } },
-    /* 21 << 301 */
-    { { 0xf14dd13f7e46d751L,0xde1faee5de539ce6L,0x1f580420a878c7e4L,
-        0xa4536a613feef467L,0xa7e9291d7b545e56L,0xded28c89e2b7025cL,
-        0x59506d85d042bacaL,0x14b37eee8a3adfd3L,0x000000000000000dL },
-      { 0x89d83dd3823c023cL,0x8dc3c29fca288645L,0xdd64a1a648af0bd8L,
-        0x79f885a65f285574L,0x26f5a31b60248187L,0x70bd4d6ace84d4b2L,
-        0x3f15dbc4463583a2L,0x6544d8e78426710cL,0x00000000000001baL } },
-    /* 22 << 301 */
-    { { 0x76d2d5eb9381aba1L,0xb2322af89b7df6b5L,0x71f40e2e58f343b9L,
-        0xb61e43f9efcc85ffL,0x0300fa7259a01585L,0x5988ff95db05e553L,
-        0x2b62aa0f5e93de6fL,0xc87ff47b4b549154L,0x0000000000000021L },
-      { 0xd77a8a93ff66a25dL,0xa68eea535e13f466L,0x794995e4f79a54c9L,
-        0x6df911fc56076e44L,0x8d78ab8c47c83b15L,0x3507ec1cb38bbf1dL,
-        0x613c3c1f6a89e612L,0xc07da4b905f7fa61L,0x000000000000009eL } },
-    /* 23 << 301 */
-    { { 0xb88f49e250318e89L,0x0b6037ef58a8e5b1L,0x62b4464f8305be22L,
-        0xda32be6c695d0c2dL,0x53718af39a3f3741L,0x7eab5da6e64b6964L,
-        0xd3594c8663064d0fL,0x39279566f6eaee98L,0x0000000000000012L },
-      { 0x4bbb1b13042a5dd8L,0xa70b5d62793e0d15L,0x30393d03d1ba796cL,
-        0x4a21fdf287555c23L,0x9646d43c61ba2ab2L,0x6408cb45419993c7L,
-        0xb9acd44b338322f9L,0xf283c84d4759b6ffL,0x00000000000000c4L } },
-    /* 24 << 301 */
-    { { 0xd142bfa992701a9aL,0x0b59d01447539e92L,0x7cefec6e8724475bL,
-        0x5c77d10dbcfd641fL,0x4946dbabdd42eb47L,0x4ae66c3a14f1c33bL,
-        0x05ba3e754c9f2c71L,0xb618a5071fc0f7b7L,0x0000000000000065L },
-      { 0xdd94ee057c169a16L,0xa29e26195a337e5eL,0x30e106eb9ad816b6L,
-        0xb91e66f71a17810aL,0x46abf80d5b672e86L,0x0f40f077f89626ffL,
-        0xa474dfbe8b67b224L,0x9d3af9248053aa79L,0x00000000000001ffL } },
-    /* 25 << 301 */
-    { { 0x7d22cf775e1f232dL,0x548fda9e7e51a2c7L,0x11a9774149cf868dL,
-        0xf0db0b7e2fb759c5L,0x1796b06efc5eb57dL,0x60ede66826f8e4f9L,
-        0x7c37fa5cf37f1ae2L,0xf5348593ac10e958L,0x00000000000001abL },
-      { 0x05239d1323d8b38bL,0x2c55a6e0d76a3773L,0xcea20821cd282bc4L,
-        0x9e552a3a5ca82699L,0x3f1ae5bfa1548eb2L,0x56ca5414452552bcL,
-        0xec3a3f85e1ba16dfL,0x91ed704a56240ce7L,0x0000000000000041L } },
-    /* 26 << 301 */
-    { { 0x525d2794aa3af70dL,0x62666bbfbf65bbd6L,0x250750d4b925995bL,
-        0x050457f8e340c57bL,0x919451793b4931b3L,0xa4a0e728d223ec63L,
-        0x9aa8b43380a43404L,0x9c52b96aaaaa7d45L,0x0000000000000149L },
-      { 0xa4dcb38e2dc7ef6bL,0x115ba55675a63e19L,0x31541c6e90d13e8aL,
-        0x4e0b09787401562dL,0xd81287b447cfebc2L,0x59ec023f074cc01eL,
-        0x7086b3db94d89d32L,0x274daafbbf9b0f39L,0x000000000000009fL } },
-    /* 27 << 301 */
-    { { 0xd7fd9795758d15ecL,0xbe89bb8c335f014bL,0x3be772ba54b6b739L,
-        0x2d652a561a35e643L,0xfd8b75fe36ab48b7L,0x89fa8e1d9c89c766L,
-        0x75e124aaea145d8fL,0xdf889765299c9171L,0x0000000000000170L },
-      { 0x103dda2e55540308L,0xc3c035e7cf05bb03L,0xd346e06a52488d57L,
-        0xe7833e27f8c702d6L,0x25b942ca6be87eccL,0x7b0588057505ad4bL,
-        0xa6fa90a5c97e6686L,0xd1d89bee28a9c029L,0x000000000000009eL } },
-    /* 28 << 301 */
-    { { 0x2b1a24297e163accL,0x07a52207912df2c1L,0x8b00c607c28459a1L,
-        0x172a4e12d0d1c992L,0xd7d28839f97852b8L,0xfa91f13ff8fd2bdcL,
-        0xb40ceb9cc7c71e5bL,0x6dfbd3ef1bb25495L,0x00000000000001d8L },
-      { 0x77d795eaecb9e7d7L,0x307ec55c034640ceL,0xc81199211dc90456L,
-        0xf336a8d62e6c8828L,0x39f69ea7efbdf285L,0x9f9b88446f6376edL,
-        0x9cf44f2767ef7e9cL,0xcfb6ea37759662d0L,0x00000000000001deL } },
-    /* 29 << 301 */
-    { { 0xac8e3a669a265363L,0x0bcc6be9a837586eL,0x1800b8af5b913525L,
-        0x6bb8bc3eaf0766d1L,0x83ca07cb0bad6358L,0x29442dc1330633bbL,
-        0xce862c876fbccbf4L,0xc5550669b96ea743L,0x0000000000000073L },
-      { 0xf015f8b97920c9d7L,0x34a73daf4c203156L,0x97bf03c337bb3adbL,
-        0x7a7f0014000c2070L,0x04a1bac2d9d1d2beL,0xbd7991e0b7297737L,
-        0xdbb0bd6d8deac191L,0x8ddab47a8386ee08L,0x00000000000001a3L } },
-    /* 30 << 301 */
-    { { 0x3d87a8098b966d8cL,0xb435d15896c76473L,0xefbd14d8e443c697L,
-        0xa1d59738435950d1L,0x53a2c7714b9bf3dcL,0x712bc49a2cf7a12bL,
-        0xa73d130b39f96cb9L,0x4c00c64ead7eebcdL,0x000000000000006eL },
-      { 0x75300d109db550eaL,0xa7235321f4f7bd1cL,0xfba90cd35f63a433L,
-        0x49b56ce3aeaeca59L,0x1d562d49f8ceae69L,0x42bf5c058ae7ade7L,
-        0x571ef4b5c6aa760cL,0x2beb1d379fdd6c7fL,0x0000000000000074L } },
-    /* 31 << 301 */
-    { { 0xf025bfb65b9ab00aL,0x5afcde150c317febL,0x2dbf474e5deefa10L,
-        0xfa820330f1e3a088L,0x52d1d96aa577534eL,0xaab36a89d11cbc7aL,
-        0xe5b59c3e1028606eL,0x11298e30688131c6L,0x000000000000017aL },
-      { 0x4e1d910a80a78b33L,0x82826cbfb3ed3ed5L,0x6259a943c011cfa6L,
-        0x81284e4503ee6f69L,0xc3b994d2b86b8f5eL,0xd4dda4b45f239bddL,
-        0xbaf7541f709ad8a9L,0xeaa31ffd52390dc6L,0x0000000000000186L } },
-    /* 32 << 301 */
-    { { 0xcfdc285df79421d8L,0x263289988674686eL,0xf991086e1ed73cd0L,
-        0x65046369a36bd06dL,0x9712bb0b72adcd0aL,0x9b2d422f5faf9c7cL,
-        0x7e3989f851491c47L,0x9fc24bf809aeead9L,0x0000000000000029L },
-      { 0x8584ee840370acb9L,0xed56c569ea40417dL,0x6443587557b4cb9aL,
-        0x752c5fa691d35c5fL,0xbbcf8703abd0eb6fL,0x0dd72d15c233db59L,
-        0xf2b7a1ab692baae3L,0x6ee634377baadfbeL,0x0000000000000111L } },
-    /* 33 << 301 */
-    { { 0x2f00b1014d3f67f2L,0x02773442dabf0299L,0xb050dd0649b08536L,
-        0x155d73c3ee3a8e0aL,0x0e468ccb7c29c66fL,0x3b7660e15b398646L,
-        0xb6b2782165c7155bL,0x09cd57fcecb519d3L,0x0000000000000133L },
-      { 0x3aa32f6097fcfd5dL,0x35d5448b279abb9aL,0x54bab5ce95cf663fL,
-        0x9dc193ea1776f8d6L,0x6d2bed78f4d90465L,0x08da1c145e61f723L,
-        0x68c8bb0604d91875L,0x03458fea8b3a3a3cL,0x00000000000000eaL } },
-    /* 34 << 301 */
-    { { 0xb40737908373a6e5L,0x9ce42cd2a1188649L,0xce446162ad0eb978L,
-        0x322dadd09b7ffb70L,0xe568d26ddb803c73L,0xd74eb110c414c261L,
-        0xa1be744270b5c055L,0x5f70ec901a420208L,0x0000000000000175L },
-      { 0xad6727ca8c2a9937L,0xe9fd6825a03949a5L,0xe4790c050a8c931fL,
-        0x80943e80b52d4b49L,0x104bd74362d38bd5L,0x0510772ffcc1cf4bL,
-        0xc669adcd5f9185c7L,0xae818ff028123eceL,0x000000000000006cL } },
-    /* 35 << 301 */
-    { { 0x7a5717a10792b4faL,0x2c248be7fcfdf67dL,0x970a7feddcb61131L,
-        0x0234eb04df345fefL,0x3eb4489ba2745622L,0xb145f3f95ed28a99L,
-        0x0384b4cc064fe474L,0xea70e7d96931ea00L,0x00000000000001c8L },
-      { 0x331e0fd9802e2aebL,0x42417e6c8732f311L,0x6006728b12056492L,
-        0x3ce9e7fd5b979aa4L,0xcaaffb764b4fa416L,0x064dd6eca006759aL,
-        0x28b047d186a9190bL,0x029d74a7595fc9faL,0x00000000000000c5L } },
-    /* 36 << 301 */
-    { { 0x657f1a4a0d3a6ecaL,0xe4131c3c9584cfd2L,0x75ecc937303e30e6L,
-        0xb062e9f44c0801a8L,0xd9cf5f10d3221408L,0xae77108f25262e9fL,
-        0xf5f313faaf40a968L,0xe40dcb7d2c4518f7L,0x0000000000000163L },
-      { 0x949fdc6e98e347c8L,0xef10af84b013c3abL,0x4c48606d0e6d48feL,
-        0x97e690a711fb595cL,0x9f47aea713f11f69L,0x1d670e6e31bae984L,
-        0x35020db9e62e6909L,0xc43ff5489d07874fL,0x00000000000001d4L } },
-    /* 37 << 301 */
-    { { 0x28316d8b9441a550L,0xff7227210a759555L,0x5481756e2ab2ee17L,
-        0xf3cbe2e8e3dd7974L,0x7dc4b0f78aa159c8L,0x9e5b4f561bf333e7L,
-        0x63ff9f52a91020b5L,0xc76c6456bc08d5b0L,0x0000000000000103L },
-      { 0x69bcec9d3a833b1fL,0x07441e04281f6fa7L,0x08315e671838e4e7L,
-        0xcdbae7275209d351L,0x14c1373de5e46a7dL,0x8e3601e092125731L,
-        0x6fa6044488b745e4L,0x8ec5cb7e562f6bedL,0x000000000000004eL } },
-    /* 38 << 301 */
-    { { 0x9936081ddd58574cL,0xcd952445fe2c792cL,0x852d5476ed663b93L,
-        0x4b13dd0faf869b0fL,0x8793e140290f6625L,0xdd61017faaf6d5b1L,
-        0xe7d2fe4699c8aae8L,0x8794c5703e234ac0L,0x00000000000000e3L },
-      { 0x2586bc84622848ddL,0x81816931dc799fa9L,0x84e590e24092ee76L,
-        0x7c11f235d863e257L,0x5f43fd9706988708L,0xeb474948e569a68aL,
-        0x66b18d86d3b8b848L,0xcaf4df955083487eL,0x00000000000000c9L } },
-    /* 39 << 301 */
-    { { 0x89d29ec37898d2fcL,0xd5e69b49b98c5a0eL,0xe3c7a979b49ac9f3L,
-        0xebe0c817530d25dfL,0xbbec2d1a2e03e0ccL,0x6447dc091be011beL,
-        0x1d990dee2d10c2c8L,0x8ad4a24baf507a38L,0x0000000000000197L },
-      { 0x8f38e29bac7a283aL,0x3ce5725db29af2c4L,0xe17035ef8077fba2L,
-        0x5b50a50390b970fdL,0xfca6cdafb8efdf69L,0x0d252e814d349a01L,
-        0xfe068bd123d614dbL,0xeb14408f3810431aL,0x0000000000000086L } },
-    /* 40 << 301 */
-    { { 0x97defe3d7938d98eL,0xe2458feafd0bec69L,0x7df8d2b58b42ddbbL,
-        0xa82aab40ff39914cL,0x78549b01d30f07e6L,0x253f8c461331557eL,
-        0x771750d919648cceL,0x96ad6776d045bc36L,0x00000000000000f2L },
-      { 0x4a2ee334e08b83f8L,0x3e9c4cb72e3086deL,0x913eae4b9936bab0L,
-        0x3cf83551d23cd36aL,0x7c51d84adfd27d4aL,0x2595a90f4d006eddL,
-        0xb2d5c68461cc7be7L,0xbb02bd59a4b310f9L,0x000000000000018aL } },
-    /* 41 << 301 */
-    { { 0xea273b8fd19caa8aL,0x8f2eb0e5fbdceb6fL,0x13e96cf4cc37e1f6L,
-        0xf91f2f4d7b6607e6L,0xdb70dc3e919dcb16L,0x752725306a35e521L,
-        0xd48d0a08e930983fL,0x62bb3d8f9e955697L,0x000000000000001fL },
-      { 0xc492f1a5bc57ce3dL,0x0496b245370d6a7aL,0x2a0b281dc8ed431aL,
-        0xb8a3ff7922cc9f02L,0xfb6c685d7d711d84L,0x68e508ad40b6b8b6L,
-        0x437d076c1f1236edL,0xdab5a2ef69a9f09cL,0x0000000000000009L } },
-    /* 42 << 301 */
-    { { 0x45ad42dec9ebfcd7L,0x4054e68145eef6c3L,0x05427862b00d1763L,
-        0x025fc05fa9852684L,0x717a17c10de39afeL,0x618c2b085586b46fL,
-        0xff0a80f7f6b71672L,0x3c7fa577f5e7c531L,0x000000000000010eL },
-      { 0x33e3534c52ccb986L,0x9ddd2298303c58a4L,0x261e5b794a324d2cL,
-        0x52c1c46af081f324L,0x0216cb8dfd3db922L,0x8e5b647c45a5a0e2L,
-        0x1b1c0b847184888eL,0xc1297760e66e1c57L,0x00000000000001d9L } },
-    /* 43 << 301 */
-    { { 0x555d70c34aeab359L,0xc57ab8bb64f78762L,0xf95aba0b8d3e12c8L,
-        0x8bf166223b0a34c8L,0xd9b90d4a97a02258L,0xd2718cd14e070653L,
-        0xfc0b4a7243ae776eL,0x10b07a1f9e739e1eL,0x000000000000017dL },
-      { 0xc53e4794dbf1d1baL,0xb82723e1ab28bff7L,0x5cc8876d993dffebL,
-        0xc84384567c943552L,0x98d1a6ea3e1940aaL,0x1bb513db6e2214d7L,
-        0x27a9e1daf0e11ef9L,0x000546decb247662L,0x0000000000000114L } },
-    /* 44 << 301 */
-    { { 0xf6820c898f7f0d51L,0x470f631b3e6bb71cL,0x1489563d67e33eb0L,
-        0xf9a58c5e34260065L,0x2f0cbe5541d317c2L,0x3501da3bfae4b6f9L,
-        0x25caef56436223a2L,0xe86cd4faaa1af452L,0x0000000000000178L },
-      { 0xbcda46bd2a68b8bfL,0x7005074bf6e3ff4eL,0x17eb86a110cc5301L,
-        0xaa01cafcfcf4b5a2L,0x8f4954e944dd4413L,0x485d7a8e3dbc7cb6L,
-        0xd042f1f4fef97fcaL,0x8e1bd4289991c8f5L,0x000000000000007bL } },
-    /* 45 << 301 */
-    { { 0xc6611fa87a271022L,0x10ac4d7405f4fa97L,0xf94e7e96b448c4a7L,
-        0x24a2e0ae49c62985L,0xa2d6dd08a74848f0L,0xf7710e0eef1b6b35L,
-        0x3e6eca62ceae13e0L,0xcc1397bb0a3d98c3L,0x00000000000000e2L },
-      { 0x4220e9e620923648L,0xecbcfc545b686455L,0xeb4580c51656d644L,
-        0x9d1747a6a197f15fL,0xcf2b77a1f78eda46L,0xe417400145448aa3L,
-        0x9a23f9a71649a48cL,0xfc6d16ab76272579L,0x00000000000001d1L } },
-    /* 46 << 301 */
-    { { 0xacf13584ec5f73b4L,0x14f5910a780e4469L,0x556672606fa1789dL,
-        0x5866c80b9a4d28b5L,0x4a3a72f3217e2b8fL,0xc774aa4118da75fcL,
-        0x9c9be5c98ca2cd13L,0xcfcbaedc2145b62fL,0x0000000000000070L },
-      { 0xf78d77ee3833e520L,0xc536906550caeadcL,0x0392c83f4af31e0bL,
-        0x9b9f30ce94537049L,0xb56dc7c2ef2c1d25L,0x820e464242363f57L,
-        0xe70134f9abbf4146L,0x55264e69abc9ff2eL,0x00000000000001a1L } },
-    /* 47 << 301 */
-    { { 0xdd3503c5cee406e7L,0x4b64dd4333236849L,0xac777279889363ebL,
-        0xeec078a0cf6f0811L,0xfd559e756d243ab0L,0xaac1010f2e4d26baL,
-        0xc0b719ef55e9c8f2L,0xefff2f164e29695cL,0x000000000000016dL },
-      { 0x3717eb9cad47f17aL,0xb39b8c6162b05e31L,0xac892a92918390b6L,
-        0xaa3c7f01650cfed9L,0x6a8f7ec0fba21f56L,0x4732e5129121bba3L,
-        0x220ce23e1a14d894L,0x9199750e5dff1692L,0x0000000000000038L } },
-    /* 48 << 301 */
-    { { 0xcaa727068efb0157L,0x713a7f37f08f035cL,0xff58c6a1aa4fd5e2L,
-        0x760b066000a48205L,0x4a39e66655f07cb4L,0x0f6bedac67558061L,
-        0x9eaa88c266a118fdL,0x8d9ea75c97d29ca9L,0x0000000000000190L },
-      { 0x50a4bc7abc6094f3L,0x105120ce68f17d91L,0x514fdeca4e559f9aL,
-        0x414f4c0ee8d688caL,0x1b91555424de5ac2L,0x5d983c0e298823dbL,
-        0xa537321243264448L,0x4baf77e986eede9bL,0x00000000000001cdL } },
-    /* 49 << 301 */
-    { { 0x5233363c3908e1ddL,0xd337db04f34868cbL,0x67e60b131108934fL,
-        0x197bff64d6300ccbL,0x2ae67541ba25d4a5L,0x2cecde5e52500639L,
-        0xc89f08d4f30776caL,0x5a8a70c2d54d3966L,0x0000000000000119L },
-      { 0x69950ee38b87ac93L,0x82f8ef8a8aae9a41L,0xa7240350d2ceebf8L,
-        0x89babd2121a729faL,0xb32954b0bf228627L,0x0dfef1aac46b78bbL,
-        0x9ea9cd1f4c5f1ea3L,0xd23bbc8bc8c76503L,0x000000000000017bL } },
-    /* 50 << 301 */
-    { { 0xa095037ded6f2736L,0x0646535bad883679L,0xf786126e9a39a143L,
-        0x7b0ca7e623b36c0aL,0xf24b3e4b927379bbL,0x9b7fb39b25e2bb09L,
-        0x9274d841abe08b45L,0xf6c52548dbee12c4L,0x00000000000000d8L },
-      { 0x50b4222ef75cb030L,0x166b97d284f9c593L,0xe850289b5a778cc3L,
-        0x36ac8e7bdbacde12L,0xcf3371820d8b021aL,0x01f6d14c223203c3L,
-        0x4680d14e6369d2ebL,0x6c0e46e4e17a4aa9L,0x000000000000011aL } },
-    /* 51 << 301 */
-    { { 0x7061a9f024b2f7edL,0xbb9981d31b3a2b57L,0x2656f1674fea4e43L,
-        0xd302b1ff4e19186aL,0x99747d59605eaac2L,0x462f9060bb48ed8cL,
-        0x45023c424c6159c8L,0x580520656cbe1bc5L,0x0000000000000041L },
-      { 0x87e0f7951f1a47dcL,0x4ea66203080b099dL,0xe9051bdc1dce1263L,
-        0x30ec89d3e469142cL,0x6daa81dab80471f7L,0x2e12e2fbfb7c0aedL,
-        0xc395d4415db48de3L,0xedde9d18069032faL,0x000000000000014cL } },
-    /* 52 << 301 */
-    { { 0xbcc582303e5ab417L,0xa60c1a36b86fa32bL,0x3918edf55e73256fL,
-        0xff9846acf315fd9eL,0x31b17c0d4471f470L,0x953aeb49574ef0a1L,
-        0x98879828271105fdL,0xc61be3605efdad16L,0x00000000000001f1L },
-      { 0x64a9eff28dee2c40L,0x61c07dbb3ce994d5L,0xd5f17ebaedd78e35L,
-        0x2cad1e605fa0d125L,0x4a769e59482f87caL,0xf9d4824301c7ca2dL,
-        0xa283ff0e1070afc0L,0xc2dbfd1c7d19332bL,0x0000000000000165L } },
-    /* 53 << 301 */
-    { { 0x658850d16ce799deL,0xcc973847aef174f3L,0x6caf2e528de6a894L,
-        0xb84584ad02fa012dL,0x1e78d607213be59fL,0xd9bf24ad7c2ee0adL,
-        0x8fe953f726b076c3L,0xd38dc31c14cee17bL,0x0000000000000178L },
-      { 0x8d0b066db1c6915aL,0x21ccd05457340145L,0x5885c54667ec6ddfL,
-        0x41e073c91b2ec5ddL,0xf847703ff931f748L,0x20d56c94c21f1fabL,
-        0x5dcb60b7021229beL,0x5193baddbaadd8d0L,0x0000000000000024L } },
-    /* 54 << 301 */
-    { { 0x37f1fc2d03a65cc2L,0x521d119a085fe64fL,0xfc0fa31a43e08d7dL,
-        0x8f29f08e14fb6112L,0x79513894d29b5799L,0x8c2a5e15290f1bc8L,
-        0xb0626ceaab7d477eL,0xde49612f5a1f5a67L,0x0000000000000035L },
-      { 0xef75ebd052be58d6L,0x480a1e4323635dadL,0xb57c91739a3cbeb8L,
-        0xe84cbe7311c90c9dL,0x53973bd42c272fdfL,0x5a69a9e16b1fc029L,
-        0xf510e2b810568445L,0x8abe0317a03d18b7L,0x000000000000010fL } },
-    /* 55 << 301 */
-    { { 0xa24d79fc1f915fbdL,0x6f9b01cac405aff7L,0xa3f928dac9dc1424L,
-        0xb6d7a76790832142L,0x1bffa8759c7ec089L,0xd8406c711f1d58cbL,
-        0xc10c59f08ec01b2bL,0x0e6c986c5c4d7bafL,0x000000000000001eL },
-      { 0xcaba835f0b06de2bL,0x82f3ad2b2bc71659L,0x987d851df34a59e4L,
-        0x3ea0707f48bfc12dL,0xd79e3cbe936f8bdeL,0xf496192f8bd05c8aL,
-        0x8c3ba6aed29848eeL,0x87f5784cba394b14L,0x00000000000000feL } },
-    /* 56 << 301 */
-    { { 0x47212cd83110ef21L,0x351356ca7dab31daL,0x5c31add7777a302fL,
-        0x44844eb4dc66a1c6L,0x559f3fb428384807L,0x95dab974ff78dee6L,
-        0x2fe12e92fb20857bL,0x41436000ef499bbaL,0x0000000000000106L },
-      { 0x5e0e5f369df7b969L,0x2c96f308dc819d59L,0x3258db7411cf4119L,
-        0x6246da5476676d2fL,0x5be278cfca079f54L,0x61ab6eb06e36452fL,
-        0xe7742741461fc9a3L,0x252fb6386a926fe5L,0x0000000000000171L } },
-    /* 57 << 301 */
-    { { 0xd15425a0044b1e79L,0x30c1da1c01c4e18bL,0x2a8fe18f5b56cf96L,
-        0xa65a8c353ec8ae22L,0xd5b3902b1ce4eff5L,0x25dd04aa45191df9L,
-        0xeeede6edd2ec0e96L,0x3dd71ef21178f647L,0x00000000000001a3L },
-      { 0x61cbd8a0a99485faL,0x2e3a830310b88a62L,0x821545277d196b55L,
-        0xee30afd7176227b8L,0x0d7f8cb387f3f451L,0x461ab2741c2ae402L,
-        0xb510aa7e7c25eb24L,0x2064a9326d6cb16fL,0x000000000000013aL } },
-    /* 58 << 301 */
-    { { 0x3a647a701e66ebb3L,0x87eda648234fb017L,0x522f0e31ab81b9b8L,
-        0x0b423e7514efd69dL,0xa4876674b8df1b85L,0x43be28d578427a50L,
-        0x2959b6b085148f33L,0x49b1b83da5796dabL,0x00000000000001cdL },
-      { 0xe42c30325d6b2eb8L,0xdfa003ce05f8e677L,0x59e1401917e9254cL,
-        0x34009be012ac5202L,0x7e0ebbb0db58cac7L,0x590acd1a64a0ffdfL,
-        0x100e7b6afca1d458L,0x8933fc7a84524656L,0x00000000000000ecL } },
-    /* 59 << 301 */
-    { { 0x5251639ab0e87051L,0xf6f979ce0ca338d5L,0x144d90c7b6e253b1L,
-        0xf037aa216a68696fL,0xf89c93246540c170L,0x29ff81b785893ae1L,
-        0x4adef9b90e2c8c1bL,0xce6b4390efee4a2eL,0x0000000000000002L },
-      { 0x8ddf233de075825eL,0x6b1e1fb82bb7ce2dL,0x6b6d4972646ee9e4L,
-        0x83b3d991a7723d1fL,0x99b83cd10ec203d1L,0xc03b08a4e02da448L,
-        0x02a118288fc47033L,0x604306491e6f5d22L,0x000000000000018cL } },
-    /* 60 << 301 */
-    { { 0x9628c0db8ed909faL,0xd3b2a86d0580185eL,0x5735bd594bd03ffbL,
-        0x4f83f8fd1cc44682L,0xbfa641e8a18ede58L,0x840c9d0a5ea97db7L,
-        0x66b28600dd4a3122L,0x8e603955d4678750L,0x00000000000000e8L },
-      { 0x7da4912cd87216c2L,0x1ff65b078fca0ee4L,0x7e1fd56ef9bc6ddaL,
-        0x566b2e611503ac12L,0xda75d74167835799L,0xc0ea3d59dc72ec9bL,
-        0x6e72e5f65e154614L,0x7c42bca592cee288L,0x0000000000000185L } },
-    /* 61 << 301 */
-    { { 0x745a839ffd28d6bcL,0x4589047acd47e3b7L,0x93b23d94bbb197acL,
-        0xa34679ceecf4fc7bL,0x034298450d34fd44L,0xee153249190fa29dL,
-        0x3ad1071072eda190L,0xcb61b38e3b741423L,0x0000000000000119L },
-      { 0xaf04e1516a6a568fL,0xf197ced617e3e52aL,0x0940b3238f8d327eL,
-        0x5ac9433f0d86d681L,0xa5cff71ee57e66a8L,0xebe9a6ff3736d6feL,
-        0xb84eef1671bf3727L,0x3c02e98d17c1cf71L,0x0000000000000088L } },
-    /* 62 << 301 */
-    { { 0x4c6238c497dd1d20L,0x3fa03dda3196ab67L,0x5fc72512a7f69b5fL,
-        0xfa56e5413948db72L,0xe631f4fbd8fa32d6L,0x8495ca1d086e83eaL,
-        0x715f2aad61ea493dL,0x7d8cfba3b12179dfL,0x0000000000000124L },
-      { 0xff5705a163c29a0cL,0x6b7f470e4fd2f2a7L,0xd4a25c106860eb08L,
-        0x479eeecf19028042L,0xdc108a08934796a5L,0x6dfd7872672cac03L,
-        0x809fd3bfc86d5c23L,0x193e18ab4ad9c302L,0x000000000000016cL } },
-    /* 63 << 301 */
-    { { 0x5f0eb4740d66d7d3L,0xad88da12ff43b22bL,0x6ddd0823f87427f3L,
-        0xa8753432c0af65aeL,0x8e4d1f970f47e6a3L,0xb9a187a3ec52c9c5L,
-        0x7df606cae458ff72L,0xb5b21deea1c108f9L,0x0000000000000107L },
-      { 0x14111844be16cc0eL,0x9bca8c559765b2a4L,0xf0649ee7e8f13547L,
-        0xce303044c8254c5eL,0xf277fadc62c52494L,0x8634d4d0b31a1319L,
-        0x3076ab431394abaaL,0x2ba1f7ed9e0ac32cL,0x00000000000001b3L } },
-    /* 64 << 301 */
-    { { 0x70c5acdc38693d3aL,0x9edee68238f054f9L,0x16e053f22960ceeeL,
-        0x5926857c28bfe7b1L,0xb9f7420e6145f8d1L,0x9e0c42f59c0298efL,
-        0x50b7210edd7d9fc6L,0xf9e4bd53d7be096fL,0x0000000000000078L },
-      { 0x428c2455ed19fc57L,0x9e8f777d56aa75dbL,0x4caeba30a671d991L,
-        0x5f927d79eae0f53eL,0x00d6ad369e4c2a5bL,0xc8811438a2e12d0aL,
-        0xa36d664eb2aeb4b1L,0x74e76676929a8748L,0x0000000000000191L } },
-    /* 0 << 308 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 308 */
-    { { 0x358eb53667db4570L,0xaed3f999685fa5baL,0x4593c950cb571fcaL,
-        0xdff7278c0411dc5dL,0xd62a44643bfe7e51L,0x53b87ca249f6f05aL,
-        0x72327899f2c3d2dcL,0xbaa194aa9df4da5eL,0x00000000000000c7L },
-      { 0x3e73accfb50a3e06L,0x0d8ebee30754f2fdL,0x3cd0ae954b3f3fd1L,
-        0xc4a4eee0c08bb2dbL,0x7955296319d71e5dL,0xf91e1ab7872e35c9L,
-        0xc85090f6f6c102afL,0x8edf8c5d1e42a1baL,0x0000000000000179L } },
-    /* 2 << 308 */
-    { { 0x56923e55f33c5a4aL,0x1c5624ec829a3c22L,0xed234e3870000295L,
-        0xa8467561edf3ff42L,0x717a939e9cec9497L,0xf80e28024e6be199L,
-        0x5023bbec06fa7b8fL,0x16e26a9ddd95c07bL,0x00000000000000fdL },
-      { 0x88091d673c3485e4L,0x0377260fd40b6b47L,0x6d9c6df416f7b3abL,
-        0x65376516f71b1fddL,0x89cc11f991956d40L,0x58992a09807610b8L,
-        0xdeb47aa2b2799c7eL,0x3ee5834c8a327765L,0x000000000000012aL } },
-    /* 3 << 308 */
-    { { 0x421b840e80905a7aL,0x97c7f1d394b48cbcL,0x421a23843b79f360L,
-        0x1121a2d8eaf59ef3L,0xddbe9d9959fb65d3L,0x6ad2be2371d9d306L,
-        0x36fa0077789af534L,0xb928a6e78013dc59L,0x000000000000017bL },
-      { 0xb4c26798a38d78e5L,0x8884dd394cf38545L,0xb74dd46112a2023bL,
-        0x1b242f854133277dL,0x401d32f2d29d7071L,0xcd7c9aa43d2e2a0cL,
-        0x9df2157e06ba6ad8L,0x749bfc4c80e2c3c5L,0x000000000000018bL } },
-    /* 4 << 308 */
-    { { 0xccf8b57aeffb980aL,0x82ea22f5d0108b23L,0xcab6a69f6c902061L,
-        0x7a3d74d843663f25L,0xb12ca29a0ad5df2dL,0x9d3ebbeb2f9fb277L,
-        0x6f975e2189bc5273L,0x75e8bf950929deceL,0x00000000000000a9L },
-      { 0x14493740e1af64e4L,0x9ce3ae66109961dfL,0x36651bb7e31f4ffdL,
-        0x18b7131cff1fcfe2L,0xded3378b085a67b7L,0x28efb2896e283271L,
-        0xb66deb9a73427ac3L,0x3c5fd6d2a9baa451L,0x00000000000001b3L } },
-    /* 5 << 308 */
-    { { 0xec1f6a5762efd94dL,0x1d80b5e87b95536cL,0x01f8ba60af47e2b4L,
-        0x6e8ae542a3b0e6d0L,0x5ecb52d9e45fefb7L,0x2108032a327299a8L,
-        0xc49fc5c5044ed33fL,0xd1fd083752cd0833L,0x00000000000000e1L },
-      { 0x3f6ae9b6cdad11acL,0xad3f0fa813bb828bL,0x812626816ff056e1L,
-        0x2fd37492a73196cfL,0x172beb76df90d5f4L,0x63f2c6e466144036L,
-        0x3e1f497457f6d086L,0x5e0d8e49fb6eb366L,0x0000000000000095L } },
-    /* 6 << 308 */
-    { { 0x611f4a795e2d7653L,0x966e843cceebb0a9L,0x2e358cf506e8a15dL,
-        0x2ce41dc740a74fc7L,0xa2fdea4f5eb455b2L,0xbbbd718f120fa4d4L,
-        0x210bff82030fff11L,0x5a1b943aa68b00a0L,0x000000000000002aL },
-      { 0xeb814a67ff037be3L,0x3b08220469f52c59L,0x3f72143e74ff3224L,
-        0xe7e85cc436f89aedL,0x2afcbe04caaf314bL,0xf8c8bb32bf93fd35L,
-        0xe41f8328ac1dae25L,0x5318c6d7bdeb2001L,0x00000000000000f5L } },
-    /* 7 << 308 */
-    { { 0x630190bb95989889L,0xe041da504e659dd2L,0x5d88d99b5df8e753L,
-        0xdbac25445ac2e158L,0x1ff6ece7699eda49L,0x3d0860a21051bd60L,
-        0xd4d8685740c3a989L,0x2bfcc26c4002d915L,0x000000000000012aL },
-      { 0x0c43772c2f4acc7fL,0x54963f2fe3753d32L,0xc699be8765dc40e8L,
-        0x6dbc95ad81560a01L,0xc805d7411dedf025L,0x46b049c177fa74c6L,
-        0x7c0f62fb288c1133L,0xa8a2e1f9e6f066baL,0x00000000000001feL } },
-    /* 8 << 308 */
-    { { 0xce24d42c1b72e95cL,0x7fa4289beab74b64L,0x42ba739e523fc1e5L,
-        0x9293167b814c4fc8L,0x4418fbfd8623db10L,0xb079853f76a132b6L,
-        0xec5bad8abf394947L,0xc78e5748e7b0a665L,0x0000000000000169L },
-      { 0x6038ad95d7eba9ceL,0x421ecdc9572f3671L,0xc6b7effc60bc3cfcL,
-        0x2c4b7b77a48fd001L,0x80280ec9d57795e8L,0x350815c93a7f6d67L,
-        0xce30bcdd7da13b86L,0xe36da7b123c894d8L,0x00000000000000c9L } },
-    /* 9 << 308 */
-    { { 0x31105c7864ea99c5L,0x513faf09396e75e9L,0x34a79931a04b75a5L,
-        0x3e026b0ed4c954f0L,0x70d2aeeb235bf7e9L,0xdd6c193bdf5682b4L,
-        0x7cf6e8f29b1d9704L,0x41fc6b32026eaac2L,0x0000000000000132L },
-      { 0xd09919ef5413aa96L,0xdb06523a393fc9e6L,0x8c6f8bcb74809cc3L,
-        0x7d2a5b46b27e50abL,0xc4f0d0792a507c1fL,0x28c3944b4a751fe8L,
-        0xcd55d261bf88e984L,0x56d48d0616da21b0L,0x000000000000008cL } },
-    /* 10 << 308 */
-    { { 0x2cf7fa7761bfa954L,0xb24bbea98e5118a9L,0xc5c77927689db327L,
-        0x8d12557569c43762L,0x41f4bb986c359329L,0xf0715fbed02caf97L,
-        0x3319662497538059L,0xfc8ae58b5ea0263aL,0x000000000000005eL },
-      { 0x7245131ce020630fL,0x459c5721ee23ba9fL,0xf25f9be9ac36a41eL,
-        0xbed1a35049589c41L,0xa72555b2c636e1cbL,0x35398149c006b213L,
-        0x7761c08b6a446a84L,0xed021d8673e41c6aL,0x000000000000001dL } },
-    /* 11 << 308 */
-    { { 0xf8d97141473e6d47L,0xe73699d31e25f25eL,0xbb3aa86000986563L,
-        0xd8158f88653b68e8L,0x1c7d943eb586d23bL,0x1074ee6888ee5191L,
-        0x6f60808b0b60c796L,0xa7fa912d84dd4730L,0x000000000000002aL },
-      { 0x589bccf26b6fe852L,0x902c7b946abbb0e2L,0x9145309822db1367L,
-        0x6febda2d555ff37dL,0xb6fd9b3008771767L,0x968892ece5a8b409L,
-        0xfe1910a2e1233793L,0x13fe7f04213d591eL,0x0000000000000184L } },
-    /* 12 << 308 */
-    { { 0x59975b4fdfc4e7ddL,0x35d9e63a3fa2a870L,0x7d6653749901f064L,
-        0xe89caa890e9dca74L,0x6eeb63913d92e7f8L,0x19d9af358a4ccbb0L,
-        0x405c35c2928e5cf9L,0xed771157ddb633ffL,0x000000000000008eL },
-      { 0x6ad1dcbc685b9a90L,0x479ab5746efb4e61L,0x27a023b6e72992c3L,
-        0x3607decab94c54fcL,0xfb2f50d0fbf16aa6L,0xaf3f098398c7c140L,
-        0xd1a20e9ea3814586L,0xf1bc43165412b23eL,0x000000000000018eL } },
-    /* 13 << 308 */
-    { { 0xa047b2e89a705668L,0x2fb2a1b74cd0215dL,0x90ef0bb734146de2L,
-        0x340074458c103e1eL,0x4803ee28d95e743aL,0x574f1ca6bb762bdfL,
-        0x703fec4e2ed0dc5fL,0x3f19a069d27172caL,0x000000000000002eL },
-      { 0x3dd8f275c44bcf81L,0xa32f84ac517a8afbL,0xc065ba2bf26384b8L,
-        0xb3fadb9619d14499L,0x6258447d07523eb7L,0x4c8c791afd107696L,
-        0x041ab2e7d111b4d3L,0xfd008507e28a3a07L,0x0000000000000165L } },
-    /* 14 << 308 */
-    { { 0x75d00875fbdd51caL,0x8c2e5ff75d7aa834L,0xee4fbe0aa4a1a123L,
-        0xdf61ce6939ea5515L,0x8a747ddaf3ee68beL,0x106c5c5d3cedff21L,
-        0x51ecf5362c3519fcL,0x6581ec138cefa861L,0x0000000000000187L },
-      { 0xa8668f9d0eecd8dcL,0x4dc8fbe96bdd6803L,0x5aff8cdd339f6f89L,
-        0x7a39f0ab91d488acL,0x20e1dcc8d8fa0333L,0x12e03a970fb08c2aL,
-        0x265c2724173af27cL,0x962fa034cc395512L,0x00000000000001bdL } },
-    /* 15 << 308 */
-    { { 0x5fa1aa9d9283f38aL,0xe0dcef924846cfa5L,0xea5d81e7e4c20234L,
-        0x5959dbcadf690b8cL,0xb77391b0c6e466a6L,0xdf6353c23982757aL,
-        0x6516e711b064d2c4L,0x6a29f216df8f77c9L,0x00000000000000e5L },
-      { 0xb5fd98187a2702b1L,0xdc2a2e1d49291bcfL,0xf18db82a493dbb22L,
-        0xaaef9aa431732b87L,0x6ce115f70f27262fL,0x4784c2ed93afc24bL,
-        0x97df3c8932540ad9L,0xc01564c169f2a2c6L,0x00000000000001dcL } },
-    /* 16 << 308 */
-    { { 0x92401ab5853572e7L,0x957d2ca6eddea020L,0x7d54dd653f9fbd6fL,
-        0xad0c7d092e05d05dL,0x6656fbab04183b30L,0x543b50170b716d5bL,
-        0x2481449d9857d796L,0x86173b6de3a39722L,0x000000000000005dL },
-      { 0x7130d0cae71e511dL,0x168ef9d935663592L,0x63a9936eadbf816fL,
-        0xaf63ee57d4f7a44aL,0x59f21032cd0ea152L,0x2f552046a881056fL,
-        0x26eda9a621ba6bf5L,0xe75991c7d0a0caf9L,0x000000000000004cL } },
-    /* 17 << 308 */
-    { { 0xd892c4c47f86d0feL,0x56f68e92d138ac8bL,0x8b6cea6b812bef69L,
-        0x65e6668136fb366fL,0x61708f66c5da12b8L,0x0f58c3a4c22b7b76L,
-        0x51d69be4faa405a1L,0x468bd1ec9efef316L,0x0000000000000182L },
-      { 0xfd9983c6150289b7L,0x7eb083abd79ab364L,0x2931bc8877a84d7fL,
-        0x521e5eaa959467b2L,0xb6c94464c1b64119L,0x6012353f4c2cadbfL,
-        0x134c778a4a2afac0L,0x996a73009c581747L,0x00000000000000e2L } },
-    /* 18 << 308 */
-    { { 0x33e1640091a78548L,0x0be887bfab17fd14L,0xd0a2c5b684e585a3L,
-        0xa7263ff6c9aad376L,0x3043f2fece1efd0eL,0xa0680aabdef6a593L,
-        0xe60970a1f0023f93L,0x3a37d9532721a60cL,0x000000000000019dL },
-      { 0xa6f89b88c747ceb9L,0xef6327fbd2f9af42L,0x9fc2f4e140059ad8L,
-        0x8cf625fb17fd0a67L,0x7b274e49d4b8e5fcL,0xabdf2b193b7de841L,
-        0x33ace325cb52a6faL,0x245e8346cedd79e1L,0x00000000000000ceL } },
-    /* 19 << 308 */
-    { { 0x01bacaeabea17fe6L,0x59915363440c14b2L,0xaa37092ab5b2c0b1L,
-        0x0d2bf652ab5e63ceL,0x78f5ca508ad78521L,0x22c92a71ed54e597L,
-        0x25e63d45070cfe02L,0x4bd01cf9443e0e82L,0x0000000000000092L },
-      { 0xd059eaebbee76889L,0x6bc4542fa6dffb4aL,0x249940849553d515L,
-        0x2ce00cb4cc103183L,0x45a3fdc168016708L,0x2bad1eabbac0273eL,
-        0x38ef326920c8a277L,0x849cd583f91eef7fL,0x00000000000001feL } },
-    /* 20 << 308 */
-    { { 0x1da8036a7a1e7dcdL,0xeba687ced11490f5L,0xc64142142c78ff92L,
-        0xf74c827871e76977L,0x4f4870199295ccc6L,0x9f1f19e06d459a5fL,
-        0xbd88bfbb1a7a5b0bL,0x64780f07e527efe7L,0x0000000000000042L },
-      { 0x9e3e79f3e6b1281fL,0x0b7b6ea6cf470445L,0xa1b8c1490c2ab815L,
-        0xc063df408bf69287L,0xc8db56473cda2051L,0x44a55be78b19b178L,
-        0x359c27432185346fL,0xf88c095f67dbbce5L,0x0000000000000103L } },
-    /* 21 << 308 */
-    { { 0xb91e5920ac8ef011L,0x7a54d4adfbcdb74aL,0xfe11613ffc5098b5L,
-        0x1336af032aef6001L,0x84605c56a061b0f6L,0x0f60d5e2e1fcaf04L,
-        0xde8852e49907ac17L,0xb28a7d61ea6f8bdfL,0x000000000000005dL },
-      { 0x4004301e0f0e5fe5L,0xf197d689fc10a41cL,0x0b0fa151123330c4L,
-        0xf03abc5f0d80b3fdL,0x70938e36c84adc56L,0x56e25d0682880d7bL,
-        0xe4ba61eab767a4f9L,0xfec4056bec7805ceL,0x000000000000007bL } },
-    /* 22 << 308 */
-    { { 0x71b0470927f2d575L,0x4ce1b5a35ec90c8dL,0x1fa98cc92ed1c562L,
-        0xffac24ea60a174a8L,0xa9eb67c721c17f93L,0xdff4dc8fc22a0e55L,
-        0xd44fe45a97f21f99L,0x617b224cd9032856L,0x000000000000012bL },
-      { 0x807472aea19c8053L,0x83365805a0ea3ce7L,0x15ade403800a5422L,
-        0x1d7f62916bfeca38L,0xd3454c6c3975cdabL,0xba22ba37899c6b79L,
-        0x46901af86bd4d316L,0xd7dc618e8259a72eL,0x000000000000006cL } },
-    /* 23 << 308 */
-    { { 0x2c1a594ce5e70724L,0x9827008023b65011L,0xc4bfcb78112d48a3L,
-        0xe9f153719f70adfcL,0x95fe6dfa442466aaL,0x11f7ba5cc44e4c58L,
-        0xbbb7c63059794602L,0x3caea52a595ab424L,0x00000000000000beL },
-      { 0x7bc2206923fddef3L,0xdd953f62707e24fbL,0x4711583a602d304bL,
-        0xb63e6c862ceb6dc1L,0x37485fd80d5380cbL,0x9dd8e21be6c10e7cL,
-        0x47e4555b2bf9a466L,0x12bffd0346e86fd9L,0x00000000000001c3L } },
-    /* 24 << 308 */
-    { { 0xe2f4e66122495a58L,0x0f547f2112dedb25L,0xda70b4ccab617fa2L,
-        0xdf8f0a8727716051L,0xda92b34e5b9602c9L,0x13f62ddb9edc1bb8L,
-        0x4c9453427196c75aL,0x03d6a92485cc70b4L,0x00000000000000b4L },
-      { 0x5b3255495f951e47L,0xcfdf328e31c6c06cL,0x4c747ca3b4409bc1L,
-        0x82b37aedb2420014L,0x254fad7217af258aL,0x8520c05a9aaf24d3L,
-        0x22c81bd52f2d8a68L,0x15f846222126085bL,0x00000000000001eaL } },
-    /* 25 << 308 */
-    { { 0x49cbcd516677335fL,0xff3b5c376973a2a6L,0x24fbdf0a76d9b3b1L,
-        0xb90d67e23be472a8L,0xd3104c78a0370080L,0x2d0c35e019f99197L,
-        0xc01ae666656ff6cdL,0x70357f51c10c44d5L,0x00000000000001b1L },
-      { 0xe922e0ca48b5b2f2L,0x8f4a74eeba82bfd9L,0x78744832f23c0329L,
-        0xdac7d5e418144f0eL,0x4b6c8a5573ab198bL,0xad8701552aeb0191L,
-        0xcb25a018937740afL,0x217c8ebb064ab75eL,0x00000000000000ccL } },
-    /* 26 << 308 */
-    { { 0xc3e6e304b6017e8bL,0xe0f4658e93da01e9L,0x7c000b973650f195L,
-        0xa252398f0db26432L,0x5b8c3d166a3e2695L,0x58aceeec15c35d5cL,
-        0xfbd04cf40c9d3e37L,0x91e494fb96955becL,0x000000000000006cL },
-      { 0xf233b2294ef54821L,0xdf93fae3e9f9da80L,0xbcdd5253e7d7234dL,
-        0x4b8a114bd07bb906L,0x32e091a2d6937e9aL,0xcc369893ad38b041L,
-        0xcc0a70efd48839a3L,0x243948c57344ccffL,0x0000000000000070L } },
-    /* 27 << 308 */
-    { { 0x7d6c6c044e864354L,0x0a901df4875d7d03L,0xb5907546246dae1eL,
-        0x6729f83134e1570dL,0xd764551bcfdea622L,0x313f1c743b5e6805L,
-        0xa1481042669a54ccL,0x5f415fd1b868de4dL,0x000000000000004cL },
-      { 0xd716453f41282c78L,0xd0195eb53fa4d88cL,0xe89c4289ab207259L,
-        0xcde2eb67f7971651L,0xcea4c8f7c8412a8cL,0x0bc1ad8e99a02f0aL,
-        0xae4acd7a8011b76fL,0xa1631045edd271d2L,0x00000000000001eaL } },
-    /* 28 << 308 */
-    { { 0xef3289b04ad9d4d3L,0x1642bc9a269cee37L,0xc43668c748c83a9dL,
-        0x1273811b4be20506L,0x6ac04b3ad754dea6L,0xd7fc6015233d6ef0L,
-        0xe1f876a478099339L,0x95f3600d848cc174L,0x0000000000000093L },
-      { 0xd887337dfe703d68L,0x7fe8618d7fbb4be6L,0xcc8553bb5e92c232L,
-        0x7c8c470d76d61087L,0x895e49a664c6ee9dL,0xd18e92679cce131bL,
-        0x37e1526eafcd5762L,0xb36a29bace71ee8aL,0x0000000000000012L } },
-    /* 29 << 308 */
-    { { 0x5bd3e13724ef2377L,0xe78c3cf63fdfcae6L,0x4e142cabb58a6d07L,
-        0x3e136d15d953e9a1L,0x0a7cc513153a91f6L,0x43b28b2c402eae12L,
-        0xcc70a80949e328e6L,0x36f604d3e4e3b6d3L,0x0000000000000137L },
-      { 0x9dab1378923289cdL,0xf78d3f45bde1d213L,0x5ab3e38b81422f9cL,
-        0x1380b31a8ba8cbebL,0xe4a0c0d8f6d62dccL,0x05a681bd04c2e5fcL,
-        0xc2dc99873ae76bacL,0x1b5b77687287ffa4L,0x000000000000009eL } },
-    /* 30 << 308 */
-    { { 0x313ffe575bed3c7bL,0x89efad76113b0db7L,0xa4068d0b23656bf8L,
-        0x58b54b358440fcd0L,0xf012adff64e85c0bL,0x95fc8d711b1a0be4L,
-        0xd8dda43290669498L,0x43a699b8cb319f35L,0x0000000000000030L },
-      { 0xb47ffe3b8d9462a9L,0xd89b60f9768e68eeL,0x8679af2a3a0033a4L,
-        0x585f61ee9dcca100L,0xaa093db603db700aL,0xe80a02fe08a588b7L,
-        0xd6ad55849c2f6c6aL,0x0955a470748f1c99L,0x00000000000001c3L } },
-    /* 31 << 308 */
-    { { 0x6323f8eed9c72869L,0xd78b8344726240f5L,0x7eee40c79fcc91c6L,
-        0xfe0d1b6a43b91a09L,0x9254b68dbdf3e3e0L,0xf7ab62718f3b0872L,
-        0x913f625223694657L,0x306927fe683200daL,0x0000000000000151L },
-      { 0x68e2727cbf01e24eL,0xcfc5c7bd9ce8a665L,0x97659cc53e39c7f5L,
-        0xeb81619823c6a080L,0x40b159fb9cc5fbe1L,0xed0d128e7072081eL,
-        0x15146656cfa8fd34L,0x8a860e6be7cd5746L,0x00000000000000adL } },
-    /* 32 << 308 */
-    { { 0xed90e62b5e3ced2bL,0x160214bb5a919213L,0xdfb8ac078cb4fc2dL,
-        0xea5aa6e7ea384db0L,0xc9492ed2f916fb11L,0xf40cecce1305bd78L,
-        0xb98af5013f28555eL,0x4e9f84b268417d62L,0x000000000000014eL },
-      { 0xbe791feaac7df2e2L,0x15c9429ce745ba60L,0xb02c1705198a2d50L,
-        0x0a67cdce9b6e6a44L,0x640506295ad00221L,0x75620ea82b314076L,
-        0x64c89ead87b02aecL,0x0e5ff515a92113ecL,0x00000000000001caL } },
-    /* 33 << 308 */
-    { { 0x2c19949ef2406274L,0xeb1e901251f176c7L,0x2695dcbb4ba80dc6L,
-        0x2e07a7e0f5334f98L,0x9428720daf669d01L,0x82c33b4fefb29d88L,
-        0xb2e43bcd57ca108eL,0x04a02cd6212733c8L,0x000000000000001aL },
-      { 0xa88f7adc850c9f85L,0x3e05d4e2e6d0c323L,0xfd785dccf2abaaa4L,
-        0xf4655ef4740cf540L,0x8ccd72a6db4f34c1L,0xff73999f3cb7f1afL,
-        0x7a8f7afb67b965c6L,0x689736dc011e9fccL,0x0000000000000190L } },
-    /* 34 << 308 */
-    { { 0xe370e04bda8b5457L,0x63b60bea8169a63aL,0xca9c40db704d3577L,
-        0x3232585b00e9f510L,0x917ba31c02396333L,0x7c5080f6b91efb06L,
-        0x1eb3475cbf68771cL,0x4cec20604cf02263L,0x000000000000011cL },
-      { 0x507d8e2d9a69e3c9L,0x5851d2297408ec4eL,0xb2ade543a8576e51L,
-        0x37a8e2664dc34c8fL,0x3bdee95ac43ffaaeL,0x0a0c91250fa2332cL,
-        0xe24013f395ee30f9L,0x5147e3805619b0f8L,0x00000000000000bcL } },
-    /* 35 << 308 */
-    { { 0xf004e4c8373d4c8aL,0x7822596b460ac6b0L,0x471aaf043775d740L,
-        0xcf749e00d276f1e1L,0xcaccb1f7f2ebb22bL,0xb5588cee33256066L,
-        0xcc12f8a3b5237d3dL,0xee1ddeae0b0be19fL,0x0000000000000019L },
-      { 0x447a0ca173675ea4L,0x635562ac3d1ae535L,0xf0743ca5170b653aL,
-        0x1104441f680762e2L,0xde5a0d91fdb1f4acL,0x2e7d6445c33ac495L,
-        0x9dcd3ccb794a087bL,0x1d3f68a58696a6a5L,0x000000000000015aL } },
-    /* 36 << 308 */
-    { { 0x2789d11789bd607fL,0xa49b3a3d1cf5731bL,0xb4d1ae40375eac7bL,
-        0x7a9e3214709d9d95L,0xc7af5abb98b3eea0L,0xde6ea6f093831eceL,
-        0x0a4230d2a22c398cL,0x7a2d8ce8484e09f8L,0x00000000000000d7L },
-      { 0x41dd59f7641a8d21L,0x160f13b2f280dbb1L,0x5a3ccbd65a915aa1L,
-        0x2bdc905e2c8b1919L,0x94c2351282289eecL,0xce5342af75f08e5aL,
-        0x6fb1fe090c9c86e0L,0x8eac3f4599539227L,0x00000000000001f4L } },
-    /* 37 << 308 */
-    { { 0x3994c61f837a73fcL,0x05e46220c3c61376L,0xc0e2194910b886b8L,
-        0x8359b1f1189ab28eL,0x13999cf923e8fe68L,0x04111bba06dab3daL,
-        0xf18121394ca82f29L,0x5dd0e72bd9943929L,0x000000000000004fL },
-      { 0x04858d7e9fe6d683L,0x2a004635afbc7265L,0x107e46cab959a351L,
-        0x2f3e6d698b035e0aL,0x801c719799822213L,0x4fc2eb1161f5bc41L,
-        0xf7c878ac5cbd4694L,0xb9dd8d02b6b9a266L,0x0000000000000196L } },
-    /* 38 << 308 */
-    { { 0x2cc54df39a952054L,0x47e7fb8b51ab4e98L,0xaff4e345b6e2cbd4L,
-        0xd610c468f8c1d6a1L,0xa7563cfa992df027L,0x140c736189033162L,
-        0x63971f30eb289c93L,0xe2d280352b4f7844L,0x00000000000001eaL },
-      { 0x82228cb1bae96b69L,0xdf0d49c6a3083751L,0xbe69f9c9c81c58d0L,
-        0x3cd796d57b379ce3L,0xccd51828bf65993dL,0x211b60262d97d104L,
-        0xd4fc2ed814cae057L,0xc6ec10767e620833L,0x000000000000012fL } },
-    /* 39 << 308 */
-    { { 0x5f9c3dd34c7a6d9fL,0x980f2239fc7c6101L,0x2f9d1cdbce021a46L,
-        0xa28bd3e778b27c58L,0xd945b2bc1c8ef989L,0xda48a77c0d1cb17cL,
-        0xfd09eebd7610f5aeL,0x56a9dd2796b6ac9fL,0x0000000000000167L },
-      { 0x849e468d1395f988L,0x2ab3d74264a87f6dL,0xf31f45c333b48458L,
-        0x3919d83712166e26L,0xbd8adf1e79b58f44L,0xfb3b7a45366e3d27L,
-        0x6290beabbba7525aL,0x7c682d245b4cecbdL,0x0000000000000147L } },
-    /* 40 << 308 */
-    { { 0xbe900c2b8b2cdcd6L,0x9cf651cf310d52b5L,0xd4a52f802935c768L,
-        0x6e2e1c7e42edb029L,0xcdc8d47abefe41acL,0x199ee4beeda259faL,
-        0xe706031f7f85ad33L,0x5a45278532b0f784L,0x000000000000004fL },
-      { 0x2d3934ba35610090L,0x398169e89e7de644L,0x471618b4dd43f89fL,
-        0x54961e3c7f1ef9b1L,0x46d59c5ed6fd43f8L,0xf5b2ecf88f2fb30aL,
-        0x6c423061b68e08a0L,0xb491e42bdf61a0e1L,0x0000000000000080L } },
-    /* 41 << 308 */
-    { { 0xdd61e4a3e3a78953L,0xbf87cfd848d529a0L,0x05aa387d57575951L,
-        0xd7335ac15d8653b6L,0x5a87134fa75e619bL,0xd3b65b4ffb2975faL,
-        0x60914e3730514133L,0x164480addf63e2d9L,0x0000000000000089L },
-      { 0x46993b20c16d3f41L,0x56b02cb3f40e7e23L,0x40dccfe49fd8bf53L,
-        0xd27718e9865bd74bL,0x7e67918f4f316243L,0x1496d27854c01a95L,
-        0xe335a4aabce954eeL,0x1c65a2279c07cc82L,0x00000000000000c8L } },
-    /* 42 << 308 */
-    { { 0x88c2882bd4c52879L,0xf5a17282601e9b5bL,0xa2cdc54876b70fe4L,
-        0x58dd0c4b6978da58L,0x745243423ffc240dL,0x24d69e0ea8be34baL,
-        0xe8e520f3fa0a2e8bL,0x3dbd0ce31ec56e1bL,0x0000000000000053L },
-      { 0x30f5a879ad6210bcL,0x2d50247054846592L,0x0fbd0ae1e24df628L,
-        0xca9f795424f3e652L,0x33c6f50b4c7907ffL,0xc6985026d1598043L,
-        0x05041dcd7b3e68c9L,0x16ce3f929c508fc0L,0x0000000000000012L } },
-    /* 43 << 308 */
-    { { 0x662b4d35c3726445L,0x5720f5305038de2fL,0x19da86837f89ec6bL,
-        0x73da9d38c6ee50d1L,0xd29069f62da75c84L,0x946fa6989562b2a0L,
-        0x39659a1c99802cc5L,0xeba11d668e39c13dL,0x000000000000013bL },
-      { 0xe30e9161797cf75fL,0x77a27dc6dd246755L,0x4681dd15f948fc78L,
-        0xce663c6999c0ffb3L,0x4b7a85cb661acc30L,0xa9a796cce444094dL,
-        0x36c43bcb6c9f5061L,0x2545040379695bfeL,0x00000000000001edL } },
-    /* 44 << 308 */
-    { { 0xba81ed506a19d751L,0xd7d6c9a08ede7c16L,0x20a58314e4efb6faL,
-        0x6cf44b6f17466134L,0xfabeff5243e52adfL,0x8bdd16b1c5f6f126L,
-        0x4a30ac449514d967L,0x1b589fbac46ab077L,0x0000000000000180L },
-      { 0x77cbae8d7a9f8a8eL,0x09f14f7997385badL,0x8136efa828b2c50eL,
-        0x9d13c7d39d3f91e1L,0xbfa47812231393c4L,0xd5e2e14001104469L,
-        0xd3e4a6876112a9bbL,0x3bb8410cfced65caL,0x00000000000000b2L } },
-    /* 45 << 308 */
-    { { 0x495b282a648a530eL,0xd97f888bbf1bfeddL,0xb8d68e2a724ef32eL,
-        0xdcb78c0f092d41ebL,0x225506b0d83cb14aL,0x9697dda14cd71449L,
-        0xbb1813e322d21a2bL,0x7e0e1f41ed79869fL,0x00000000000001baL },
-      { 0x8da6a9cc02b9ce33L,0xd4e48938353fb0c1L,0x4071ef95164b3e77L,
-        0xe00f67a4c29fdca6L,0x24ac0818d8687a9aL,0x3f2bbfa3f2c95e4aL,
-        0x3732ed47b24c03f2L,0x287b67fdaa853fa7L,0x0000000000000012L } },
-    /* 46 << 308 */
-    { { 0x71f8ab3171e1d201L,0x66af84451112f38eL,0xadf03cc091779ef2L,
-        0xde8028abfd0ab5dfL,0x4fa210fea692662cL,0x145649061d83000fL,
-        0x925492c383e1d5e3L,0x980ad314f0d5fb5bL,0x000000000000012fL },
-      { 0x8d0164410565708eL,0xd4ee65af3b1c93d2L,0xf2759e7872ea4b77L,
-        0xee155661b4384101L,0x354a5e0f85775c4dL,0x0d8ef755c8163ffaL,
-        0x9ea27178c24bbdd4L,0x9b53bbce1a2571bcL,0x000000000000018cL } },
-    /* 47 << 308 */
-    { { 0x30766fec7f664c94L,0x7409db5ad21d54f0L,0xd49b56fe5dcd8399L,
-        0xc78b523220b37488L,0xb2b34e987db34742L,0x453f193cc27ee29fL,
-        0x819f1a9ce7ae5b8bL,0x3da6aced7c36808bL,0x000000000000009aL },
-      { 0x6cfd9af22dd54b89L,0x774fa5ee9ff83338L,0xe4d38d08b9373ef9L,
-        0xb7e1f43fe23f834bL,0x1333a5c20add6baeL,0x4fbffd23faa1e20fL,
-        0xce555c822816888cL,0x34303fb8dd0eff4aL,0x0000000000000034L } },
-    /* 48 << 308 */
-    { { 0x52a60da401ecea43L,0x00e1ab1441bf6835L,0x785545cadd97b88aL,
-        0xe2bc1326d2f2894eL,0x3c730457e398bf19L,0xa4c297531bdd3170L,
-        0x7f01a08492ec7e73L,0x54d483b824bb9d11L,0x000000000000005aL },
-      { 0xedc13dd6beea4dd5L,0xbcecc285125ec53aL,0x8b7de1ba5bcd72ccL,
-        0x1853dbccddbbc9b6L,0x799b97b28f47fc1eL,0xc01253b8176cce73L,
-        0xab6c5fdd5430bf2eL,0xf9250653cf5b31e6L,0x0000000000000042L } },
-    /* 49 << 308 */
-    { { 0xbad1e3b4b1814e8bL,0xdc80df020017a14bL,0x92e7c7f5d0caa98aL,
-        0xd0fedadf154a72acL,0x83700909e5406a31L,0x009b49af34a6a9f1L,
-        0x49747a7f5e86330aL,0xa14c39aabd0ef998L,0x00000000000000aaL },
-      { 0x26eebaee360a5e0eL,0xfbf14808edfa126aL,0xe4d1dac6b7d01479L,
-        0xf04493dbd8063451L,0x8429cb9e48a0421dL,0xfa1a9ed2c7323dfeL,
-        0x1efcb833ed9d72e8L,0x3e8726103cf78a46L,0x000000000000010dL } },
-    /* 50 << 308 */
-    { { 0xc38371374a0bde6dL,0x675b967c2d8556a0L,0x6eaf1e86aae51478L,
-        0x36675d0c822be9c8L,0xcbcbfe0f90625398L,0xcc96e4dff88a4d3bL,
-        0xeaec101cdedaee78L,0xd87f4dc26c6fba50L,0x0000000000000071L },
-      { 0x2cffa71ef76c62cbL,0xe7adbdb562fc75eeL,0x991645e69f96589dL,
-        0xb838a48a46b866b7L,0xf77a287f7526217bL,0x255a2868320f6b81L,
-        0x59f9a54802fd4fb6L,0x3883508a2441ca7cL,0x0000000000000049L } },
-    /* 51 << 308 */
-    { { 0x6b348fd624b337a6L,0xa4e8dd141026a300L,0xae405b249069dc46L,
-        0xeb322a385cd34d1cL,0xacffdda0bfddc93eL,0x2d3ead70a2004269L,
-        0xca6ef046c923eea6L,0x95ec33c04d1c30e0L,0x00000000000000f6L },
-      { 0x8a4391ac74ff127cL,0xed6f4c5ff3de50bfL,0xd956fad840e42f57L,
-        0x078b1fbfab13da63L,0x53b8c6760f03b200L,0x7620a901916e1116L,
-        0x60ba8e8d5d005bccL,0x5aeb871b8c06ea49L,0x00000000000001bdL } },
-    /* 52 << 308 */
-    { { 0x3a62717c0ffd6985L,0x1fd32f21733d9f3cL,0x011dbe5d8147aa6bL,
-        0xcd9908fee54d912aL,0x3a816c571d8a478dL,0x2c3b8621546c8c6aL,
-        0xeed9efbfe7163461L,0x486c1588b1748edaL,0x000000000000014fL },
-      { 0xc74f435a42f32ff9L,0xcbb8a284762199ccL,0x21786a042b632b1aL,
-        0x4f00521e9c0f441eL,0x9731b233a4693246L,0x61903ec24f45b460L,
-        0x90d06bda1812873fL,0x233ebe9ac7dd899aL,0x0000000000000189L } },
-    /* 53 << 308 */
-    { { 0xd0cc6ac7d1604578L,0x8f7c03bd9a7cf248L,0xc3737964837f507aL,
-        0xd2cc12f3eb1aec18L,0x08827d5b1130097fL,0x1345bcab91f0bea0L,
-        0xad565af5255b4d20L,0xcefc35609f26fdcbL,0x0000000000000105L },
-      { 0x8242ac7a2f183ca4L,0xa6018cc3f9824ea7L,0x6efb40a2aafae2dbL,
-        0x34ac62097610e9fdL,0x86ec4e010120c604L,0xa63ab91f18999b56L,
-        0xf56dd81f2c39681aL,0x5e77017c8a7397f3L,0x0000000000000048L } },
-    /* 54 << 308 */
-    { { 0xcee29d979fd8ac86L,0x100ebc46736e18ebL,0x772b082c315677bdL,
-        0x9c1db95fb0a2e064L,0x396ce154ab199211L,0x1e30a3a2c6daa93aL,
-        0x9a7ac319f96900f6L,0xf1e451de804c81cdL,0x00000000000000f7L },
-      { 0xb332554cc5dcb3e8L,0x7417b3062c2bb6ebL,0x049d887506fac3fbL,
-        0x534ef151175afdd7L,0xf342d62e3a58683aL,0xe583a4bfe09ea4c3L,
-        0x5cf0b6caaf2483c0L,0x8faecd4f589f4692L,0x0000000000000189L } },
-    /* 55 << 308 */
-    { { 0xb73d4ba8c609a9acL,0xa3ae20b5e8cd2948L,0x6c9f7f2cf5ba63ceL,
-        0xba195b445d88340eL,0xee88c9c07e1cee38L,0x7ba10f56fcfa1694L,
-        0x4834f9cb439198d5L,0xa4fa944dd69d83fbL,0x0000000000000045L },
-      { 0x9488f1e0aee1243cL,0xf3931d8f731dc6a0L,0x6ea82c88b9a9311dL,
-        0xcae86a35158843d9L,0x7d8f6b9789e3d41fL,0xe45413a917a8638aL,
-        0x54fc84f72fde14adL,0x4889b4d4045c542dL,0x0000000000000137L } },
-    /* 56 << 308 */
-    { { 0x3b6ae375df5713a1L,0x507539c8eeb08615L,0xeea363fd79f23ed8L,
-        0xd35de9c05a24a3a6L,0xd655632794c5e698L,0x43cfb402eea346eaL,
-        0xf7f0d1e1bebe4d32L,0x3b36bd8c70a22463L,0x00000000000000b0L },
-      { 0x78777cd9c845e984L,0xcb446e18a31e5dcbL,0xb4851ea3dabefc01L,
-        0x18d2a234ef97b76dL,0x50a85010d5a74049L,0x14b78201acb00ffaL,
-        0x0a8fc98c4cbb648cL,0x4be4551f9873fce5L,0x0000000000000124L } },
-    /* 57 << 308 */
-    { { 0xb363062aa7afddabL,0xd8268f1de5dd4407L,0x3ace2a091b790e64L,
-        0xa0c92d9c3555f9a9L,0x0f752fb5384658faL,0x6749e84e52980595L,
-        0x7084539ff40b0d0dL,0x9eb1046f552ed611L,0x0000000000000052L },
-      { 0x4d47f6856686c007L,0x44bbdeccedbb1abdL,0x114cafdc075d0809L,
-        0xf4f4eeea6a05c788L,0x75ddcddfd45dfcc3L,0x147b1787235c7924L,
-        0xd492c7aaf5a4ab5bL,0xaa4b32a02bac18a4L,0x0000000000000075L } },
-    /* 58 << 308 */
-    { { 0x084a6b6311d23a5cL,0xab5f9756b3a73439L,0x252f50e4cf1a7bceL,
-        0xa066a37e7a498ac8L,0x29206e9e8c559d33L,0xf9fe43ec8c602500L,
-        0x2bb76d93c7c77774L,0x68609df4f9689fabL,0x00000000000001fbL },
-      { 0xf6223435a31c6d6aL,0x016ccdb2eeabda79L,0x33ef208790e53bb3L,
-        0x942ea7869d04b29fL,0x86905d345ba2a37bL,0x613723c8ac546743L,
-        0xd5a462b093c3a659L,0xf133494680b4a914L,0x0000000000000095L } },
-    /* 59 << 308 */
-    { { 0x0e964bfae51c867dL,0x4f3f0bcc3ed4de99L,0x66c3bc1c46193003L,
-        0x5ea89fcea9802a49L,0x1e81c4b4399876daL,0xa68d345dbf61cf47L,
-        0x2a527a8bf4ac1373L,0xcde8a8a922975cf0L,0x00000000000000d9L },
-      { 0xaad318a1d012c097L,0xca78d31b9b8d36dbL,0x2448c6ace479884dL,
-        0x7c43e6d65bb93799L,0xd293de3aeeca6834L,0xaec6d7d535dd9091L,
-        0x34f04c3b3ed39ff8L,0xa79da00f1ce455afL,0x0000000000000174L } },
-    /* 60 << 308 */
-    { { 0xd9e135d4909e5d9bL,0x1ae0a17c2e0bc5d7L,0x1fbfefd075076db8L,
-        0xe071dc39a834aeb9L,0x1eeb9d2eb5d650b1L,0xaa20dfbb76cddd0bL,
-        0xc32c3efc3795fae8L,0x5adcde3c2a3650a9L,0x00000000000000edL },
-      { 0xdb923c659f719586L,0x8c1b9bd1f69546b2L,0x4823b2184ffcc633L,
-        0x841f3292451d0538L,0x52a64ca0ebeb45e8L,0x8a0b375b64d61c71L,
-        0x0425f6cee13c6ae6L,0x98cf4b4d00827285L,0x00000000000000a7L } },
-    /* 61 << 308 */
-    { { 0xdcf7204a502a5841L,0xe8803fd9b3c2389dL,0x98af342ac7587e46L,
-        0xf6d845cf1b1a333bL,0x1fbe34235acdf342L,0x8ad324448c6cef92L,
-        0x4a48cbc2ac8608baL,0x105bf24a88f4bfb2L,0x00000000000000cfL },
-      { 0xf5bd7fbb45d5cc83L,0xd251ae69b14bb0ceL,0x7f6c9961cda6e920L,
-        0x5548da95b0e20d2cL,0xb2d81a5eeeb3f6b4L,0xd3c1ac3f83ee7b22L,
-        0x1198f80d9dcdee2fL,0x0f1113270cca9beaL,0x0000000000000052L } },
-    /* 62 << 308 */
-    { { 0x681c9c9e5551d22dL,0xe1011410c24d40bbL,0x1a659728df00294fL,
-        0x1d4ac5e4045c6bd6L,0xb61e6eb0c71e0ac5L,0x0aa6738fbd4c522dL,
-        0x278bee73f286cbdcL,0x9a9ca40d64f560a3L,0x000000000000003cL },
-      { 0xd18807d339aa5452L,0xcc5b2a69613b3726L,0x230b5e89c8957cb8L,
-        0xd32a1ec3b346ab21L,0x8a21c20975cf8d12L,0xd5d16bd029962528L,
-        0xc6f8836703130361L,0x034d6f15925aef31L,0x000000000000011dL } },
-    /* 63 << 308 */
-    { { 0x42e9edc80584715eL,0xd218b0a4011faf8dL,0x055e4eb095fd2a15L,
-        0x68ea9b5ddccea016L,0x0180246ffe9af8f8L,0x38bd9a02b832006dL,
-        0x9af977eca3414177L,0x0746ad2fa173e5e0L,0x00000000000000ceL },
-      { 0xefef29e60b444e14L,0x4357b9377d74016bL,0xeb63316d6bec3801L,
-        0x25164848dbfc9d02L,0x00d845fccd52497eL,0x8c54d90c615fd91dL,
-        0x33ceba564ec93464L,0x7a9e51d9f6f85b80L,0x00000000000000cdL } },
-    /* 64 << 308 */
-    { { 0xc071157213cc2875L,0x422583136ec01830L,0x32cfef4101e95528L,
-        0xa8741ca0af8116b4L,0x3195f7f358f1fa26L,0xf2e969281144142bL,
-        0x5a9c331f6b179bf4L,0x45e363f236c6c42fL,0x0000000000000057L },
-      { 0xbe2e55f12c04c8aeL,0xa522f7d53af16430L,0xeae2b2c42904630cL,
-        0x58f5c76e8e151736L,0xdfa21ea65aee8e9eL,0x103b7ad681717f92L,
-        0xa89e274a9b4464eeL,0x316f580f2daa3259L,0x000000000000004eL } },
-    /* 0 << 315 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 315 */
-    { { 0xd1ce126eec3d1383L,0x0c7f980a4805b18eL,0x65945086fc1b1f4eL,
-        0xac1703ae092e0ca0L,0x834c77f98b5ee5c0L,0x3e722f576d19fbb5L,
-        0xae8a944af6770bd1L,0xe1d110502a7c7101L,0x00000000000000d7L },
-      { 0x62029fd2ca303000L,0x366c72c9acb52ecdL,0xcf89c1aacc8dd8a2L,
-        0x95c235bf5d1b984dL,0x3434d10dd1a80d52L,0x094d0a8f77e95addL,
-        0x03890027d1203660L,0x32faf27329791ab3L,0x0000000000000075L } },
-    /* 2 << 315 */
-    { { 0x18cadddda03efd8cL,0x9d59bb52aeb3a762L,0x571d86bed1fd3f91L,
-        0x81642aa1d2f26d6dL,0x7d1c3bc999877251L,0x0518eff8d7c2fd25L,
-        0x6a54f17037b6c641L,0x8ffedfc00d33a426L,0x00000000000000c8L },
-      { 0xacf67416bb54847bL,0xa293a8d7f2b54b28L,0x32f2b11a1f7f6b47L,
-        0xc11948bcc6d67a9dL,0xc8b86b1f47623783L,0x357326aa5c2362e6L,
-        0xc298be1b6cf79126L,0xf07b3ea784c5a79cL,0x000000000000006cL } },
-    /* 3 << 315 */
-    { { 0xe4cc8937c5cfe5e0L,0xb01db28fe534260dL,0x3311127e76c1f2f6L,
-        0x0f4f7cfcdd8e1644L,0xd788f9f85ae2b93fL,0xf64431f8007d4765L,
-        0xb3ad8af287159ff4L,0x8401e32600a7857fL,0x0000000000000016L },
-      { 0x49b5a301e78a8db5L,0x97b3fd44b4d74fcbL,0xf5e2754d19f77e5aL,
-        0x908fbc9c7bf17a6bL,0xfbe48b086980179fL,0xc33a8480cd28c69bL,
-        0xa74a2ebed11832dcL,0x572b5f3957d49627L,0x0000000000000115L } },
-    /* 4 << 315 */
-    { { 0x4379897720210875L,0x8e95ab32d58004c6L,0x33058f96c68a6aa7L,
-        0x2db1fdb8914082e8L,0x7841a48993e12423L,0x051a4e151f9d2ff5L,
-        0x618eeac54da88e65L,0xc52113cd512c1795L,0x00000000000001b5L },
-      { 0xb6dace96e93af674L,0x4ea1073bedb5c3f6L,0x4352509fa0b861d8L,
-        0x05451d6f7adb5cfbL,0x194e3acd9a3375d9L,0x6258a5ab33658d41L,
-        0x2bc60cb7f542a8d8L,0x68e50e5a74afe0cfL,0x0000000000000187L } },
-    /* 5 << 315 */
-    { { 0x8ab1a9337e8401d3L,0xdb8a437374dd345cL,0x8fc17b06dfc52ec6L,
-        0x53a4528c3a8cbd43L,0x791f0050ff746544L,0x97c15abf468923c8L,
-        0x4ba5521cd71e2cedL,0xe7ff5cc44367a0f4L,0x000000000000011dL },
-      { 0x2397c8b2ca828fa8L,0x2d18f0b05bbc8858L,0x8aaec79f7ccdcee6L,
-        0x058906aaef1284beL,0x2bfc7d36d3e0d3afL,0x497a175435bb97ffL,
-        0xb270ae8ea8383a01L,0x3a7f70b8db1e5515L,0x0000000000000083L } },
-    /* 6 << 315 */
-    { { 0x5ebbd7015a0c9415L,0x7bcef0e229572d13L,0x539a78133f5a169bL,
-        0x6f3a84a4bac0abfaL,0x822da09bea1d0b7aL,0x9b2d6a6c05c00dbfL,
-        0x134fe65dcd8c7e6eL,0xe4622a9f6301e4caL,0x00000000000001ffL },
-      { 0x5fbeb1f8073963ddL,0xcca648b0e595aad8L,0x5cc97e773d15c1d4L,
-        0xf2d7697062989b5eL,0xf321c0c78afe8351L,0xbf361aa293a60c7bL,
-        0xd9938c1174c2503aL,0xb05daaa5e409747aL,0x0000000000000008L } },
-    /* 7 << 315 */
-    { { 0xc6874a121147f509L,0x0882051c83b58e0dL,0x25553306823e9395L,
-        0xba5751a97954be0eL,0x86056e04f06cf7f0L,0xdb057ca02c10577bL,
-        0x8ec2f7fd400e24a9L,0x32356d2fbcf34c3cL,0x00000000000000cdL },
-      { 0x931835514bb690a0L,0x373451d622798da7L,0x2474aa366b8da44bL,
-        0x947d984cdaeba693L,0x3c3e3b2b21f6d6c8L,0x37b0234fecc78a44L,
-        0x4b49e661959f6b39L,0x29cafa8b37bb5b1eL,0x0000000000000097L } },
-    /* 8 << 315 */
-    { { 0xc43876449d2224b8L,0x80c92ac5563094e8L,0xef919bdbf6d0542eL,
-        0xc71a882d5c40a787L,0xdb3851be0880c1b1L,0x4f72ff0c287cae73L,
-        0x0a628f172bf3efe6L,0x29db69240150e4a7L,0x0000000000000175L },
-      { 0x7983f80acc367287L,0xfe2c8f3dc4633183L,0x41b0e222ae89f8c9L,
-        0x93fdd59beb58ac1eL,0x5ee164c797538725L,0xb8e3b75b7591fb4eL,
-        0xa2d0fa2e355a6a6cL,0x391a05540405f33aL,0x00000000000000e6L } },
-    /* 9 << 315 */
-    { { 0x1b0bf08bf55f34e4L,0x5fe51caa1de9b981L,0xc243b50297197570L,
-        0x2cadcc3d699ac777L,0x80b62305dd9c8010L,0x93a003d3113ad5e8L,
-        0xbb920d789e783dedL,0x2a2df2e8cdfc37d0L,0x000000000000010bL },
-      { 0x14e3757112860379L,0x99f12790521bc74cL,0xc05287f50407d2b6L,
-        0xeb6b8d61b3fd9150L,0xe41ab7595d637ad6L,0x8efa6e451fb70681L,
-        0xe371b32cf025b1ceL,0x5bf35241e85fa064L,0x00000000000001e9L } },
-    /* 10 << 315 */
-    { { 0xfde8d0ed0254d2d3L,0xdc6868c5f24357a8L,0x1806776f26106991L,
-        0xa3a1446d387d0f81L,0xeb83f7b319591fdcL,0x97678d46136e098cL,
-        0x89292ad342e7487fL,0x53b24c0ab3c12865L,0x00000000000000b3L },
-      { 0x06fc68f37a74e056L,0x10354bae9d0dd6d1L,0x713509d967092c45L,
-        0x5ddd0fba52c97523L,0x421e81604616eaf9L,0xacaf5cf0a795b907L,
-        0x1ca067c8beb5a28cL,0xe07cbbcdb79cea20L,0x0000000000000179L } },
-    /* 11 << 315 */
-    { { 0x59900b5c8b1b724eL,0x8dd0246c388c09c0L,0xbcf033ea7b567f8dL,
-        0xaeb6215272898dc3L,0x01d8cefa24f7cceeL,0xa34d4c312415a08bL,
-        0x60315ab2bee682c8L,0x28bd510f85ec5fc7L,0x000000000000000dL },
-      { 0xc031c759d505a0e7L,0x40d1a56cda783571L,0xc15647414ec503e1L,
-        0xbd02b9a6621e3c52L,0x618d1cbbeb48b235L,0xdf1bdb37880c3090L,
-        0x95d53d4b664302a0L,0xeaf9e9bde9acab6cL,0x00000000000001ebL } },
-    /* 12 << 315 */
-    { { 0xcc511efe456925a5L,0x4290a6e5f0a1b7e2L,0x1705dcce8756548bL,
-        0x4c139046b509c290L,0x9d0bb0844cd17379L,0x4643b4bade17e05eL,
-        0x12be04c35f7100f2L,0x3ce4459479197058L,0x0000000000000191L },
-      { 0x065c3e87f32703cdL,0x5ae023cc11390895L,0xd2a40ecac01552a3L,
-        0xfcd1382288ee5054L,0xf61ca6f773498d40L,0x2a4653be0dd5e19aL,
-        0xa56016eef88e9af1L,0xbd5c973aa73e0e21L,0x00000000000000f0L } },
-    /* 13 << 315 */
-    { { 0x4416d2e6c4cb8040L,0x004946f92aceef23L,0xfbeb8979a86b1ea6L,
-        0x878481c65fd3c659L,0x28f514fba8e572d3L,0x8b9e4bdd55d6f02dL,
-        0x3e76d73546867a07L,0xa1050be7517430a4L,0x00000000000000c8L },
-      { 0x6538fa01526ae111L,0xf277a4bb142b038bL,0x6be27430efe4dd66L,
-        0xd8ed5e9f8f8d8888L,0xca67196065dc30b6L,0x1a1ee5afc652d2a8L,
-        0xe1a803044b3fccbdL,0x0ec65bd04cbd0471L,0x0000000000000177L } },
-    /* 14 << 315 */
-    { { 0x72e348491df30301L,0x71ba20a6a7ae2709L,0x2ac2b9e7eac84515L,
-        0x7db23e2c684fdd3dL,0xb7ff18f9b1b07c3bL,0x296f805422f64d40L,
-        0xe7e74e51aca26121L,0x2382baeba4abf51aL,0x000000000000004fL },
-      { 0x076d34bba03677f6L,0x42bcc9c76484f153L,0x7b5fd617d74dd1bbL,
-        0x1ba3e99c797cf9d5L,0xa907800787403dc5L,0x98278850d6d1e062L,
-        0x456314ca6cc37a89L,0x3d3cff1b0a6daf4bL,0x0000000000000117L } },
-    /* 15 << 315 */
-    { { 0x1a19978f485193f0L,0xadb5a7bdde0df861L,0xbaaeb9a4f73b9dc8L,
-        0xc66335183779f809L,0x9b55d68f3edee638L,0xcb261cf96a5affdaL,
-        0xcb6a9ba2e39b793fL,0xa4ee0df08936019aL,0x00000000000000faL },
-      { 0xe482665d53161177L,0xe3b2fc496ea0bdb4L,0x783ca2b5dabcdfdbL,
-        0x9025498735a60e50L,0x6b9114ed0414d9ecL,0x2a9467665f239c27L,
-        0x4623c042397b3971L,0xe683e6e532995c63L,0x0000000000000001L } },
-    /* 16 << 315 */
-    { { 0x088b099e8cdfe07dL,0x5a641cf1b905708eL,0xc281af16a221b96aL,
-        0x8bfa8dc0f622f5bfL,0x432872735ecb0216L,0x13ea7e4d6dab8b7bL,
-        0xa478fb012212b506L,0xcb4be166a0c1a955L,0x00000000000001d3L },
-      { 0x38a2aa3dcf16c121L,0xcd70ea8a7f8eed07L,0x54532cd7e3a04c52L,
-        0x8939f904ba78e53cL,0xc0132c268b563a91L,0x6730a0fcc093e75aL,
-        0x1e6d961600fb49e3L,0x0af2a79f28587059L,0x0000000000000176L } },
-    /* 17 << 315 */
-    { { 0x866bec9ed63e2975L,0x8a29116c3e8d9c3cL,0x2b0d1b0436ea7fa8L,
-        0xbf75196cf80c5e0dL,0x94dd18d370a51d7eL,0xdd9d61b9ea3f979eL,
-        0x7ce80604db84f9c7L,0x4207dd17a593918aL,0x00000000000001b1L },
-      { 0x5ab49cbf0b981980L,0x336f5442a93b94b9L,0x6568223fc5e38c54L,
-        0xff80f21b3b2b4ef6L,0x6a77ff11c1e9ce9cL,0x07d4d0c02fca93e4L,
-        0x955d771d76e3c109L,0x2f22c54d0ae199b7L,0x00000000000000c4L } },
-    /* 18 << 315 */
-    { { 0xbd742bb58c8601dcL,0x0d577d51bbd68faaL,0xb1ba3c3398b6e280L,
-        0x1bfc6c723e8a148eL,0x59a16f766e41826eL,0x3ee5c3e7161094f5L,
-        0xa98675bc24c86f2eL,0xb94c47abe2761752L,0x00000000000000b9L },
-      { 0x1824673056dc8149L,0x846838c94ff82f9fL,0x23c95268450afb9aL,
-        0x40cc51aa14fb3828L,0x28d1619711f0d733L,0x0efcce77513057a2L,
-        0x9edb17beed0a7d9eL,0x4d6ed1fac7b17549L,0x00000000000000d8L } },
-    /* 19 << 315 */
-    { { 0xbaca7240c82b5aa4L,0x61e27f19ef5855f9L,0xb4c9237aea0e986fL,
-        0xd090d6a554db69bdL,0x6b4fb63fccceaed7L,0x0cc89909fabad461L,
-        0x9f7676cf0b9709e1L,0xbe92aa69fdda8413L,0x000000000000018fL },
-      { 0xd99cc5a0410aa767L,0x39b6f4a87e75f2d8L,0x1980d6925eec5fa5L,
-        0x9b314dc3b8846f32L,0x9714e192286dd13bL,0x94cccd2c467b8524L,
-        0xd7b3d49005fba305L,0x75b7f38f7a5ff3c4L,0x0000000000000096L } },
-    /* 20 << 315 */
-    { { 0x15396e6b8c4141d3L,0x3ec8a34ef7755d55L,0xa9bddf95f39fb433L,
-        0x79e71beaed69b7d6L,0x51c722cb9d0122deL,0x8de4cb47e0e7b60cL,
-        0x726ba86dcbb17e78L,0x2815c3bf5c037641L,0x0000000000000032L },
-      { 0x3366bd3547050a39L,0xcf665be239de8ff8L,0x0b1b2dc88b657ce8L,
-        0xac1e0b80db61f750L,0x09f5eeb8971e2a24L,0x92850350ee755facL,
-        0x3ea8358d3e97465dL,0x755b7ed954cb917eL,0x0000000000000188L } },
-    /* 21 << 315 */
-    { { 0x374097fdd5c529c4L,0xeae8aeaf14e14b24L,0x6246c5fa5449b2cfL,
-        0x99c13884f8dc4b4bL,0x2e72eaedec7b3eeeL,0x877887a6f9f0d5f4L,
-        0x4f97725fc0e5a19eL,0xbd7971fe9bc83533L,0x00000000000001a0L },
-      { 0x79302079c035fa1bL,0xfa3e954f075d1cbeL,0xb59fda4254310460L,
-        0x35004b05cb8dc827L,0xfa4227dd598766a4L,0xd6610ed7257db68bL,
-        0x91f34e57df3d7a8aL,0xbc586bd69c420862L,0x00000000000001ceL } },
-    /* 22 << 315 */
-    { { 0x930cad152d7a2680L,0x6d7a0454c719cf5bL,0x7478744ebbb88406L,
-        0x2598c4885883c3c3L,0x466925014f5fab3aL,0xc803c49ddd8a471eL,
-        0x10cfa5b5831d5062L,0x2bce8e3c8cd03021L,0x000000000000004dL },
-      { 0x8a75f6cd09a2cca3L,0x44598d59b03cff30L,0xf49eefdc9b9d4ac1L,
-        0x6d759aea116a7518L,0x0f330edc02b18830L,0x52612307c41fc942L,
-        0xea4652fb41b5e855L,0x5dce0d5c3ad0f9a9L,0x0000000000000018L } },
-    /* 23 << 315 */
-    { { 0x685e156c633e8718L,0x664dbda487a0c479L,0xbd5bd2516b3e4747L,
-        0x873fb05ad9204996L,0xe1c1b3745b9ca959L,0xaee1fe5ab48568b8L,
-        0x2b8a77560ccc64aaL,0xe0fffa144a842525L,0x000000000000001dL },
-      { 0x81ab0b04d7864a53L,0xd2ded9626dce74dcL,0x20f4f42ae6ee03b4L,
-        0x216939d9b133502cL,0x1c164e2ae583d735L,0x558bb0247a01a682L,
-        0x68e8d4b88ff470e4L,0x1b500f437a69dc9aL,0x000000000000000aL } },
-    /* 24 << 315 */
-    { { 0x87cd5f5b43522030L,0x9b95d7cca97925f2L,0xa97d2673c4f3d98dL,
-        0xb760715ae3a33b1bL,0x6848b7f36f47818fL,0x19d3d312f4b35002L,
-        0x94faf039b3f57798L,0x62a72bfeb76ae400L,0x0000000000000100L },
-      { 0xdbbbafdc31877679L,0xa68c50a2945b79f0L,0xd5b6b7c1a457a77eL,
-        0x1d5249e0e8ea38c6L,0xef61b6ab33b52300L,0x864aca06e3d8c9a1L,
-        0x852087916060f8d6L,0x1827cac1e1dd6babL,0x00000000000000ecL } },
-    /* 25 << 315 */
-    { { 0x417c93d92a097cc4L,0xe2006ea23311b1c5L,0x6265dae786c3a4d3L,
-        0x22777fa2fd61a771L,0x21c8566ee52726a1L,0x5544b0ba525cbc66L,
-        0x0227192516a552ddL,0x26f159fe26ee27ebL,0x00000000000000a9L },
-      { 0xa03998cbaecc32f4L,0x3836f5f386372aa8L,0x0d708a1f5fb988bbL,
-        0x8d865eebac677bf6L,0x9386ec40244e47bcL,0xf38e252310e055dcL,
-        0x938b35a76ac7bd8bL,0x79cc344948973178L,0x00000000000001a7L } },
-    /* 26 << 315 */
-    { { 0xf8f4c244d0a59fe9L,0x0b34084b76402697L,0xe4240b863e032519L,
-        0x7cf7b7aac2065720L,0x798134d64cb1ffe5L,0x78e358f275f60549L,
-        0x4557430370582d54L,0x452570d4828dfbfaL,0x000000000000009eL },
-      { 0x1b0bcbc468d79237L,0x8bcb0d804f5a6a6cL,0xd108b4f099609cfaL,
-        0xe08db1ff71be7d63L,0x7ad777da27bd2d03L,0xce7fae775749c830L,
-        0x1ad692f7c4565777L,0x93798a2aff8b8327L,0x0000000000000010L } },
-    /* 27 << 315 */
-    { { 0xa44bd43b7d176e2eL,0x73017a4eae0c21d1L,0x6f98fe80c170cbb6L,
-        0xab5799b293df22fbL,0x765f4dcaa85dd542L,0x854eddbc619b4adcL,
-        0xe1dc52446cf558e6L,0xc0a4f996e45f4052L,0x0000000000000150L },
-      { 0xc1e0e94ea8a05aa1L,0xaf1abf91f3f24aedL,0x58c0603ec4d3ce6eL,
-        0x9c496e91dc76c75aL,0xe6049fc196d9aa52L,0xd7862b4a2ed5b8c4L,
-        0x41ceb99338f87e08L,0xe769c78f3c16ca50L,0x0000000000000000L } },
-    /* 28 << 315 */
-    { { 0xc50efa15dacda34cL,0x159e94dbb6e96210L,0x94b10231bd9319beL,
-        0xa5914f55e2a461f6L,0xb75fb2ab47bb66c7L,0x4ffcfa6756b6e4cbL,
-        0x559918efc40a2512L,0xad434761b66c07d4L,0x00000000000001e4L },
-      { 0x9885be1bebae3f4fL,0xbd84a8ee4302a9a7L,0xbea75f26c373e684L,
-        0x0da8fdf6472f2c17L,0x381a92bbb5dffe57L,0xc69646bad24160cdL,
-        0x0577b8792ecad05bL,0xc59496c27fb62711L,0x0000000000000068L } },
-    /* 29 << 315 */
-    { { 0xab4afde7ff46e9d5L,0x33e45d21d2516ec8L,0x5561315ae08354cdL,
-        0xde6e1582510407f3L,0xad202e0aad3ef0cdL,0x03c92749fc289a62L,
-        0xc5022bb7bd3bf154L,0x3b2112f0358497bfL,0x0000000000000085L },
-      { 0xd97a76c60e367447L,0xdd1c70ee13a73f92L,0xef80383807320e00L,
-        0x92fa2d854bd797b8L,0xaaeec02b5287a9ccL,0x8dc7d907101f13d4L,
-        0xffebb4d5f8c6b255L,0x76ea86c8a78c99b6L,0x000000000000007eL } },
-    /* 30 << 315 */
-    { { 0x04cc8a0b9c2de291L,0xbde190d41b774116L,0x76fd915e0cef5563L,
-        0x08980204a3ad15abL,0x8532bff00047227eL,0x93713303df68231cL,
-        0xa4d4b863b1b0de98L,0x67686192e0cad308L,0x000000000000007dL },
-      { 0x6748cd2672cf3e2fL,0xa342c5d7eb321523L,0x0466141c5021d422L,
-        0x116bf2246a70d2d8L,0x7129a3a4ce05f6fcL,0x86600259d9185da8L,
-        0x8a6db564dd965c37L,0xb073f80c79e8f792L,0x0000000000000049L } },
-    /* 31 << 315 */
-    { { 0x00da97d33d831a04L,0xd929cf2a1eac836aL,0xf7d5c4c77c7c118eL,
-        0xde71253e1c4c51ceL,0x6d2474376ec3e2e0L,0x9b912b7bf31fa3abL,
-        0x10f538043da99cb1L,0xfcf8a99c2a16e669L,0x0000000000000098L },
-      { 0xa70d9571d49b2fc3L,0x081849f4834cd35bL,0xf1e28cf98756bb05L,
-        0x2fa729aa5568d3a9L,0xbb5d124899bba4c8L,0xcd742b7c3ee032a3L,
-        0x693342cbd87a7668L,0x9bb74be7bfcfe6a8L,0x0000000000000176L } },
-    /* 32 << 315 */
-    { { 0x5f47ddb9ab9923d7L,0x839865d48e3fac52L,0x0214e93f647424b0L,
-        0x266c909c31d65c6bL,0x956deca451457facL,0x8e8d240ea85ce8a5L,
-        0x736652c4a4d9b281L,0x131a4191b77a526dL,0x000000000000008aL },
-      { 0xa848319532d8542eL,0x1f7a8e67c3f38387L,0x162ac248d6797f2eL,
-        0xd26469e10a6a1118L,0xb33aff1ff203102dL,0x63a52154aadf0ae9L,
-        0xf0431dbb4bb313a7L,0xf93c18fbca9da156L,0x000000000000015cL } },
-    /* 33 << 315 */
-    { { 0x39974a2672134c85L,0xd7aa0a9d4c7e0f6eL,0x1b9edbab3443bd65L,
-        0x6cd2d98bdccd2e50L,0x632879884b109d43L,0x44825b34d397a0feL,
-        0xd53353c27118c8b5L,0x268cd6d6c01b82dfL,0x00000000000000f2L },
-      { 0x8c5babff457c84bdL,0x117faa3055b81ff0L,0xc124c04661bbd4edL,
-        0xe136b9a5a787f1f3L,0xa06373d1bdafa50eL,0xea1b6c0844a7284aL,
-        0x9330d2feb1a5b08aL,0x25aa027d162f9e9cL,0x0000000000000182L } },
-    /* 34 << 315 */
-    { { 0x568ec079d87b35feL,0xa08deac6958c3388L,0x715279434034a877L,
-        0x0859576ef2fef769L,0x60bd705595201257L,0x9f19d411dd68e3c4L,
-        0x595fb01498308e14L,0xa2a84c0d4fa07f02L,0x000000000000000aL },
-      { 0xdf1e5d32e69aea45L,0x9557a618318f191fL,0xd4f95c503b1c6341L,
-        0xaaef0d9e6ae9e855L,0xea3847180c9cb2d8L,0x13e92ab81a52a30cL,
-        0x1651ed2863bb271bL,0xd97ff1ee98a52306L,0x00000000000001d5L } },
-    /* 35 << 315 */
-    { { 0xfe80b99efbbf1e27L,0xfb7b5ee11955b0c0L,0x4f3a5833e1708fefL,
-        0xf5a2e09a55e25e94L,0x9c6d38ed81d8c307L,0xe55d8fbc85262c42L,
-        0xd65f395c2d4726eeL,0xdc540d4333cd1d74L,0x0000000000000149L },
-      { 0xc010dccfd74a298eL,0x9e7056864a666f1cL,0xe0cfe3db254c3b4fL,
-        0xb979124ff7b07fe9L,0x649ceddfb1b99c8aL,0x400cca2d83df18a7L,
-        0xb0572105b99596b6L,0x30719cbf1edf710fL,0x0000000000000087L } },
-    /* 36 << 315 */
-    { { 0xa19953973af2d340L,0xfeb7bfb1d4141779L,0x64f0f9677a4bd845L,
-        0x55dfb0868b2b75ddL,0x3b71a0508bbb38e1L,0xaf038a2aeba716a2L,
-        0xc49b38c6a91319eeL,0x71f1e3cea8535e9eL,0x0000000000000105L },
-      { 0x3f07f7e964c26f33L,0x953a5abb347b8f7bL,0x5104f896c06b5c17L,
-        0x8a2e1b533c3e52c6L,0x2127f321ffba4ee1L,0xaf288b9499e502b0L,
-        0x04fde09b29407d69L,0x29d8e20c86bf0d35L,0x00000000000001d6L } },
-    /* 37 << 315 */
-    { { 0x1aee0faf9fbec97eL,0x7d82f31e42ad7101L,0xc9f00d2750e8458eL,
-        0x5c099fbe6b18313aL,0x96a679ef65d81613L,0x4fff394b8db6638eL,
-        0x53a97eea9248e6a3L,0x707785311729be5eL,0x000000000000018bL },
-      { 0xb8c6dd9e948f04aeL,0x4eb6c7f94a39815fL,0x1501c0bd1b7294deL,
-        0x33ed433f9a242a2fL,0x3d50c608994d9f32L,0x324ac45bfda6fbddL,
-        0x7d8a03ef6736a16dL,0x631d6c60ef0faacaL,0x0000000000000008L } },
-    /* 38 << 315 */
-    { { 0x01fe1042e436d76aL,0x2b65db559d05ddffL,0x48d26665932d9e5cL,
-        0x01c106ce8a761836L,0xbd83cdb30e8c1caaL,0x9a02dca8ac1b3140L,
-        0x6c27ef627d158450L,0x927980c2bedbbed5L,0x0000000000000123L },
-      { 0x965261732483b8e3L,0x5665a308b841e686L,0xc8dd3428f4a890ffL,
-        0x824c2b9522ade66bL,0xcf13a52fedb93640L,0x2af59ea913125d21L,
-        0x975485e0deb818fcL,0x1c34566416212cb9L,0x0000000000000074L } },
-    /* 39 << 315 */
-    { { 0xb327a7bf9b17c8deL,0xa8ec6459cea7bcb7L,0xd6939689168426e7L,
-        0x370eb9046450b774L,0x1f06ba383d71defcL,0xe185afa6aa16d5feL,
-        0x3814a269b3148755L,0xcf44b1bd8bb9de20L,0x0000000000000005L },
-      { 0xcbb2da404b8ed855L,0x32b8240ebf15a195L,0xf0cccd5a739cc9d6L,
-        0x2b6147c4d907536bL,0xada9b9b4b3b57e0dL,0x75abb8dff4093307L,
-        0xc503586c3ecd482fL,0x60a0b02fcd1d3312L,0x000000000000012bL } },
-    /* 40 << 315 */
-    { { 0x20527cec16bbc6f0L,0x1af2887295b9b3caL,0xea34ee171e96e75fL,
-        0xa45bba37e4b8a04aL,0x41f417225f3036dfL,0x4b86d3e223157bf7L,
-        0x1e67259e1a02706eL,0x8c1a3d9994a77d8dL,0x00000000000001e4L },
-      { 0x8c9fd4c4e3ae391cL,0x69e1f95801a97eccL,0x5e0c660b4f7bcd62L,
-        0xf3952575a21f57d6L,0x6b7d050c79bf361dL,0xf7a8893ffc95fe58L,
-        0xe28efa2075d0c333L,0x7b561de2ce39269eL,0x0000000000000042L } },
-    /* 41 << 315 */
-    { { 0x479800978563f771L,0x3410f8763c5662deL,0x5bc9cdab15e8afdfL,
-        0xd53088caea947c39L,0x9443dc753bdd8982L,0x71da1712be12e18fL,
-        0xdea9106b816abd0aL,0xc7145d12fe4cbce7L,0x000000000000018cL },
-      { 0x9be617aca5361866L,0x540a22e459fd2228L,0xf93e692ee3292da4L,
-        0x9f730056c797fbcfL,0x0f5b37dc080fb9dfL,0xee979d41dfd5be21L,
-        0x2fe9bbd377da5594L,0x7392b500940c7fabL,0x00000000000001d2L } },
-    /* 42 << 315 */
-    { { 0x534669b6bfd08da9L,0x0131ce0bad7f4feeL,0x3d07710449c9f551L,
-        0xa0519089124d6d6dL,0x9df5e6650e3c525cL,0x03e0caa51b0855c0L,
-        0x70f2d1aeaed8b293L,0x5258a199d9adab56L,0x00000000000001ebL },
-      { 0xab747165401dd32bL,0x5048cc1cab988597L,0x1080390a14dc9ff5L,
-        0x71808335ec187b93L,0x894a24ab1a1eac91L,0x97f922c61c234f84L,
-        0x245d34ae36d5595eL,0x8a43c41f6aaa4b14L,0x00000000000000a3L } },
-    /* 43 << 315 */
-    { { 0x295a4c6365d5cfa5L,0x5a8a43db51adce61L,0x25de9d5fed6aa752L,
-        0x934b8f517f9df62cL,0x6534c400235bebd6L,0xcaefa633d24cff48L,
-        0x4c55585a8562870cL,0x0a5d10180ddeb2e1L,0x0000000000000031L },
-      { 0x58d16026be4d501fL,0x38874de4d04fcc16L,0x4b795f00352da735L,
-        0x9e97091eac8c0b50L,0x91b153a99ebf81f6L,0xacf58b7ba5ec6a01L,
-        0x22374c638e177fb9L,0x62b7622c28edeed0L,0x0000000000000183L } },
-    /* 44 << 315 */
-    { { 0xc24d78dd440656c9L,0xca4fb99cb3819092L,0x88caaa9847f6ea2eL,
-        0x3ad7dcd37bf55007L,0x2a94011d87af1062L,0x176b3e376efcf26aL,
-        0x907e6108c362be62L,0xf00a10062b7c25a0L,0x00000000000001d0L },
-      { 0x435481d3adb9d45cL,0xbba44b115b840331L,0xc7c2869d4c4de57bL,
-        0x8cdffae2d43dab64L,0x1aa7c5f0c28d2e22L,0xb3f11b4bcab6c7aaL,
-        0xa0153a91cb4e8df7L,0xddf80a114ca337bfL,0x00000000000000ecL } },
-    /* 45 << 315 */
-    { { 0x6dae6ce65d4bac9bL,0x7e0cef116b6b0289L,0x45c7d3063e081f88L,
-        0xaba7cab9700ca222L,0xe8d94fef1fabd270L,0x0e76aac6f6b272a5L,
-        0xfe456c4b4ca8b682L,0xd021e03d4d6a93ccL,0x00000000000001f6L },
-      { 0x08355e745d39f92dL,0x6c1360477eb5dcfdL,0x90169cd5975ce76dL,
-        0xd01445f219764b90L,0xd67c0cb3d06031acL,0x9d522c431c5f97b0L,
-        0x5fde48bb040b9a24L,0x718a636325d29470L,0x00000000000000e4L } },
-    /* 46 << 315 */
-    { { 0xfd7f44ed23a3af11L,0x6333bd403ae53e07L,0xf1d2c8efe459a255L,
-        0xa0c37f9d8799c62dL,0x37ef089911e1d53fL,0xef656bda08fca1f8L,
-        0x0af3992870158e0dL,0xab14f9d1328c88d9L,0x00000000000001b5L },
-      { 0x51b410993d600c77L,0x343fc57816ffb129L,0x248ecbda469c89baL,
-        0x2c28ff288dc1b85eL,0x767141bf62952b72L,0xbcc3e57bafdcd8a2L,
-        0x80051675cc86283cL,0xa19961c6af99a56fL,0x0000000000000182L } },
-    /* 47 << 315 */
-    { { 0x0e5ec8bfc833c8d2L,0x17a323039aeb80ddL,0x0c8054818f413e42L,
-        0x53199f904fd9773aL,0xc6aa9d94e4fdce86L,0xe86019a45ea3d808L,
-        0xb2b25ecebe5d522cL,0xe50d1357b9dc03e5L,0x000000000000005bL },
-      { 0x18d688efd7d8655eL,0x9f297b45587aa095L,0xeb6488495ed1bfd1L,
-        0x2d62357eb283a41fL,0xd95a7a38244d4363L,0x3e01047c58e32ec7L,
-        0x4919ac6899283274L,0x84094ea76a033583L,0x00000000000000b1L } },
-    /* 48 << 315 */
-    { { 0xe54c6f706e842fc6L,0x19bf910e6f75efa8L,0xcc5b5fbd630e0ea6L,
-        0xf157ce88092d7e53L,0x1022928d11cf8dc2L,0x8f6b3753d03e642dL,
-        0x1cffc03b083e6d0bL,0x265c111b7e943f5fL,0x0000000000000025L },
-      { 0xc6cfd943368cce07L,0x1a14c3f74cc79e09L,0x38d2c6d092562102L,
-        0x98b25e33a91a0815L,0x0ac5666f3d7c75edL,0x1d89b14a9aa46d95L,
-        0x8c53e6ca3e1d0cacL,0x7e07bbd31325bf89L,0x000000000000011cL } },
-    /* 49 << 315 */
-    { { 0x0df1c4977dc11a7cL,0x223a1262b01cb5eaL,0x25dd803c0810c4dbL,
-        0xcb11f08785e41656L,0x73ec3e8b2f1dae29L,0xe50ec09af3bb0e96L,
-        0xbeb6b3fc3fc029fbL,0xdbcd195de9278518L,0x0000000000000144L },
-      { 0x1e51439cff7c554bL,0x7dd293ce2201bf38L,0x6521c8b6a1239dd1L,
-        0xd2200070b51cd909L,0x727d874744dfb20bL,0x57b82eaaca155e14L,
-        0x10761f46b6a7c6beL,0xe2b999e41d4536c9L,0x000000000000005bL } },
-    /* 50 << 315 */
-    { { 0x22af766ca4d900afL,0xf9a8bad8a91576d6L,0x532fb69eaad75d1bL,
-        0xc11ff92d39a81213L,0x51e63b1dc464eab1L,0x651b3246a2f8057dL,
-        0xeb84666f3dbcbf15L,0x98ac1e1baac37a68L,0x00000000000001e5L },
-      { 0x3083c4843eddc711L,0x0bc703f86ed884e3L,0xd1e76ede3d5e550fL,
-        0x4c24d2caa561ba09L,0xb7c212f9f8192b2bL,0xc683270c6e012870L,
-        0x1a5fe85a82b37cb0L,0x91289562a1818811L,0x0000000000000156L } },
-    /* 51 << 315 */
-    { { 0xe48906e35f228d80L,0x6216e75f94bedc7cL,0x9707ebd62f8e26a0L,
-        0xaa3958ca1a673e7fL,0x01ac80f2df41fe97L,0xb23738e01bf96493L,
-        0xe7684540e0b97882L,0x770056549fe02c76L,0x0000000000000151L },
-      { 0x910af00f89327a45L,0xd534a172f8205cadL,0x959d2b243776c9b4L,
-        0x3ac5f308cbb27ef7L,0x51ba3c3d49b5ab33L,0xe0177e6705861588L,
-        0x3fd40125c93b0f10L,0x29f0bcbb828131d6L,0x00000000000000adL } },
-    /* 52 << 315 */
-    { { 0x6bae11c47053fb58L,0xfed4afb1535c8c5cL,0x620bebb4fb6dca6aL,
-        0x5759da42ed7f3e91L,0xb537fcf726663077L,0x2829ffe0fbf0d31eL,
-        0x93666d29f290f144L,0x4de9a65e5826718dL,0x0000000000000146L },
-      { 0xbeff2ca3b96fd449L,0xeb3c9ddfbd865ac0L,0xd6c2bd3d851f94ceL,
-        0xaa428d52f9f0af14L,0x5a1106774f5cc20cL,0x3e976fa8ae1e9de4L,
-        0x82d0634b6dc9a17eL,0x4d4a7bd7afa5e744L,0x0000000000000171L } },
-    /* 53 << 315 */
-    { { 0xa3e8d517e8867df3L,0x59597f2323e2a3cfL,0xa5bcfb3e413462bdL,
-        0x69942cb7f1f38aa8L,0x8cb693756d9a2565L,0x4e5914dde3fa45a6L,
-        0x45ea2ce7124a4896L,0x0c9700171f1299f3L,0x0000000000000000L },
-      { 0xd543d0a6ef855750L,0x04dd229ce72dddf0L,0x2c72b7c73ffe71adL,
-        0x726f5c442305ab6fL,0x64438793d6704991L,0xc5a4c2667ff42b14L,
-        0x76ddf391b3086b51L,0xe5b30282588400b6L,0x00000000000000d8L } },
-    /* 54 << 315 */
-    { { 0xe5142d28595b12d0L,0x55e40067a14fe68fL,0x2b84189dd93da1feL,
-        0xa65531bbbe6833dbL,0x7b7eea747c7d7e8eL,0x41c72bc07215eb28L,
-        0x0a90cf0ce2d3c42bL,0xc3232468acb45de7L,0x000000000000007bL },
-      { 0xf045e44eba15d9c6L,0x2c6f4bd762fce75bL,0xcc6ed0fab9430ca1L,
-        0x2683da6990020f7cL,0x7c4cec7dca6d9077L,0x3e7e028b8fe80396L,
-        0x06f3e60f0ddbf616L,0xc0fabfc1d2a2e8d8L,0x00000000000000c2L } },
-    /* 55 << 315 */
-    { { 0x092a8391a47dbcdcL,0xbae279ea63678f3bL,0xf395a2501fb0434cL,
-        0xe1183e16105b8bc6L,0xb001cfbfdfd13240L,0x252d420549ae1be6L,
-        0x27006420135a39f1L,0x2a130dbc2d859c73L,0x000000000000009bL },
-      { 0xe638dc7141b6b9aeL,0x6a5f1007bc07e485L,0x7574919914cad421L,
-        0xb6012f24c1f1d11cL,0xfd20f9dfdb1f7592L,0xd7f2dfb9fa2a3c16L,
-        0x8ac19b7459368297L,0xb95552cd4e1622dbL,0x00000000000000c1L } },
-    /* 56 << 315 */
-    { { 0xe319a4da11c1ef91L,0x117ca85fa8ead392L,0x38784b6c757ae2fbL,
-        0x457a99aea307b95bL,0x698e3e9c8bb14a8eL,0x7172c6b2571ef3c5L,
-        0x02cd25bf3cb33498L,0x390b5efba243fce4L,0x0000000000000003L },
-      { 0xad23a309fd0eb02fL,0xd22e490f36c9fa28L,0xcdf111a3ab8b5d09L,
-        0x257bbdffe1c0b8c2L,0xd405532721284f9fL,0x46e4a9a534bb090aL,
-        0x7284ab106b2b6998L,0x46aba7e6f57bde50L,0x0000000000000099L } },
-    /* 57 << 315 */
-    { { 0x7475a134e10a04bdL,0x2e024e9bde9287bcL,0x48ef65326be4a304L,
-        0x761c87702ed78c9bL,0x450d1cc689b960dbL,0x2ba413a36e1855fdL,
-        0x0af0c64be2a82c40L,0x43c4773285bd1f85L,0x00000000000000b0L },
-      { 0xb79d374d5e6e57c3L,0x19d597c487b58f00L,0x2f08689424272b25L,
-        0x6fc826ce4ba5e7dfL,0x1daa63e338f961f5L,0x792ed02f8f78a2c9L,
-        0x93075e80fdb2ab90L,0x4b5aa382b67ba93eL,0x00000000000001aaL } },
-    /* 58 << 315 */
-    { { 0x4e9aa71ef43a6307L,0x58c0f6106e978e59L,0x093500d272236e84L,
-        0xfc4ac660ffc659dcL,0x47c0fdad706b4f50L,0x2056f72fe095393eL,
-        0x0b7adb25dd3ece91L,0xb6e5174297d8f944L,0x0000000000000023L },
-      { 0x009f45c1d0aabe39L,0xd2041cbbdb8e94e8L,0xf0ef2bc26a4112a3L,
-        0xd4b13654552e8c7fL,0xc2e819a41fa6f19cL,0xe9595ff52d299fceL,
-        0x2125ca74767e22d2L,0x99902ab316614806L,0x00000000000000a0L } },
-    /* 59 << 315 */
-    { { 0xe4fd64ae0cc153cbL,0x78e9e456424b39d7L,0xcdaf25a5d3fb88daL,
-        0x8b5157c5d1d2090fL,0x3009df9409a3b59fL,0x8993e887afcc70daL,
-        0x98d62e4b6aba6ca6L,0xae5bd1e9d0b55588L,0x0000000000000091L },
-      { 0xe51727ead2a73231L,0xbb78c75a11119940L,0x46cd02d334fead71L,
-        0x516fb90f79f074e0L,0x95794a415926aab3L,0x2acb4273ca95c0d8L,
-        0x2a554c55046d8abfL,0x3ea635345e0541c8L,0x000000000000014fL } },
-    /* 60 << 315 */
-    { { 0x39e516db05bd6b40L,0x6326d151b3450a21L,0x3f0595f40cdbf670L,
-        0x330c29d1933eccf4L,0xd4b341de30d980edL,0xcc507c0b49b16dfaL,
-        0x7013862cb0cf6c26L,0xea9aa644dd0f4300L,0x0000000000000104L },
-      { 0xaac1ae33a1a7c1c5L,0x990e19302e944d25L,0x3494435a34e6e768L,
-        0x2bffd9d0fdea3e73L,0x3449aa3d63401018L,0xd0742bd47458c879L,
-        0xedc90d58f893bf14L,0xc78a12f7ab8cd554L,0x00000000000000b1L } },
-    /* 61 << 315 */
-    { { 0x47b5e95d00a65e5fL,0x0d78b1d6649f9ff6L,0x9e2aa63ce37ee6a0L,
-        0x58f817a994c11bf3L,0x8c170c9fd5ba3c18L,0xe27da94f98518956L,
-        0x7e12d7a9bd858fd0L,0x913469c75403cba6L,0x0000000000000026L },
-      { 0xc0dd6e546195786aL,0x618e56115011e7e0L,0x06e017b330513dd5L,
-        0xd3af20882b48ca95L,0xc622ce0100e7de21L,0x40605d3ed4a05456L,
-        0xe3ea86f3be2886acL,0xa32b791e48371f63L,0x0000000000000185L } },
-    /* 62 << 315 */
-    { { 0x7475dd141a434a2eL,0xc1e3790411388191L,0xc94b7692bdadfaabL,
-        0x92ebeb2376d05a84L,0xead9002dddfc6806L,0xf8e3b5ab13f239d6L,
-        0xe76ca47a2f934e01L,0x05a1ecc18aded0a6L,0x00000000000001c9L },
-      { 0x545938b83172c0f9L,0xf0b5a269bd43272dL,0x8293c33a4c480501L,
-        0xb10ab474e2acb95bL,0xfe46ba6ee7f9dc18L,0x4ee4b0fc931c6276L,
-        0x9a2730d99b042b1aL,0x2d3175b3367479fcL,0x00000000000001a9L } },
-    /* 63 << 315 */
-    { { 0xf08f79df91452e27L,0x826c0321a1c388dbL,0xeea26b8de44c7caeL,
-        0x46b654482b6c49eeL,0x2c7c6d5d512e6928L,0x3279f451651d9718L,
-        0x8be44bdd001af2d0L,0x85bc67e29221e194L,0x00000000000001bfL },
-      { 0xc3adab308c929562L,0xd50abbf382b1d07cL,0xcb2300bd7c0e0792L,
-        0x275fc0b89c6c9591L,0x906b1ac03c1ea028L,0x4251b8a186a2a725L,
-        0x30af7c5057abc4f4L,0x865249727174416dL,0x0000000000000101L } },
-    /* 64 << 315 */
-    { { 0x8a9e56659d53ff0eL,0xe4c4fcd2c7ccbb62L,0x95a2b7a2b60b6fabL,
-        0xcf39fde59242b4d1L,0x43983f305b49d9f2L,0x4b5fece7220ec7baL,
-        0x10b1639c221fb872L,0xf5955c1df594795aL,0x000000000000008cL },
-      { 0x73dd1711eb1eea2cL,0xf027dae274f9e73cL,0x11c87d1589586cb5L,
-        0x16bc03cf1380814fL,0xfbbbe67a19693d82L,0x9ca4b47e5b37ae4dL,
-        0xad59beeedc7860a0L,0x46ff6ded599ca348L,0x0000000000000031L } },
-    /* 0 << 322 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 322 */
-    { { 0x47fe51518f87ae00L,0xf49ebf83b2d64637L,0x11eca7b4a1e86582L,
-        0x58bb53f9cbde2995L,0xa620bba204af7663L,0x2a01040d7221bc31L,
-        0x1734531da243ac9fL,0x1dcb67d6117d06e9L,0x00000000000001acL },
-      { 0x5bb6699b43275ffdL,0x4b141be73bfea061L,0x805d08b0dae58347L,
-        0xbbbbbae321ee35afL,0xfa863bafef02b56dL,0x21460360b35e5127L,
-        0xb64a8ac4dacdd7b7L,0x51582b4f92b58b6aL,0x0000000000000172L } },
-    /* 2 << 322 */
-    { { 0x74f71c976305b1faL,0x75c64449aae6788bL,0x072b8b0afc132537L,
-        0xd66862f496fd8bc3L,0x32cb2f3a5ff59f77L,0x9667801b58ffe8e1L,
-        0x227b57a4558302c6L,0x0c384f6e441664b4L,0x0000000000000130L },
-      { 0x0cfd7a96c16bc635L,0xe8f67af8d846d4c0L,0x7a398e333637d199L,
-        0x2648cdd111d7443bL,0xfe3bdc069843f169L,0x8192bff3b42d2c33L,
-        0x7caddfdcfd2b8fc0L,0x42d128611456b53bL,0x00000000000001dbL } },
-    /* 3 << 322 */
-    { { 0x4c7066df84e9430dL,0x77abd2e8e1f59506L,0x784cde21534bda51L,
-        0x84176c345bea6125L,0xc4f00c4c11104b82L,0xdbb8ef7087f79adbL,
-        0x1e47fff55961812dL,0x70326449202d45cbL,0x000000000000002cL },
-      { 0x84ecf48df169b460L,0x972348061a19979bL,0xde2caf4d9bdcf29dL,
-        0x90acca5e218caca8L,0x66480bb594715145L,0x70d761509ba70365L,
-        0xae45e69a924d4c52L,0xab48997cc321ca7dL,0x000000000000013fL } },
-    /* 4 << 322 */
-    { { 0x5637ceab569dfcd1L,0x0d1cf091b2c13802L,0x09115a1f731087b6L,
-        0xeda479febdb45b2bL,0xed883a7d8e6e5507L,0xbc9206ba30bd8162L,
-        0xff2af28ec6294b24L,0x2058521ac8947bc9L,0x000000000000003cL },
-      { 0xfcfa87a55a82fbaaL,0x988a9a6c1569f45bL,0xe65849f65d3d6aa5L,
-        0xa3d0879f05446b48L,0x45571ccf76f480d1L,0xacd9a3230efd5f79L,
-        0xf30e5ec4ae956132L,0x325306d0ea93f245L,0x00000000000000a7L } },
-    /* 5 << 322 */
-    { { 0x8582acf43008f8f9L,0x78d113721bd79b09L,0xab3aaaf5e6af3cc0L,
-        0xecdc672eae9dabd8L,0x56f69a15ed65ca69L,0x51b4b25a3932ae63L,
-        0x8047c54c6f8e81f3L,0x7fee87e2910eb492L,0x0000000000000006L },
-      { 0xac401b28e398d849L,0x5cda81e9c78212ccL,0x1d38ac77ab650ca3L,
-        0xf1c7e42583da6475L,0x2150ce594108cdceL,0x9a59ba89de85336dL,
-        0x3bf646ba9551319dL,0x2db133dd2540ea12L,0x0000000000000068L } },
-    /* 6 << 322 */
-    { { 0x7c1d8a0eaae05a6bL,0x4906595862835a21L,0x66338e4d7023e607L,
-        0xa8aec3272501507bL,0xe3eb9783283179faL,0x11908e2f9703f59eL,
-        0x08ff92f55a86e591L,0xe4c7c4d922806045L,0x00000000000000c6L },
-      { 0x27f1b842af9bd2edL,0x238d7152eb1c7239L,0xf02ca4f06935f71eL,
-        0x528b57266888b5feL,0xb9965603e8e613dfL,0xebd0e8fe7e1b59f7L,
-        0xeaf264d6f09bae67L,0x01ff76c9a540edcfL,0x00000000000001fdL } },
-    /* 7 << 322 */
-    { { 0x80a0e45b314cc74dL,0xd7fa3610b57c5800L,0x848d96d7b67e5f65L,
-        0xc861fad13449baceL,0x68cb8a38ddf3f1adL,0x66d16b9c66a153ddL,
-        0x94b81dd9e8236d66L,0x26b5570869130397L,0x000000000000008eL },
-      { 0x0b0a8f43a6bf9b14L,0x185a239e96c9d7aeL,0x1119dec363fcebbaL,
-        0x952da42323c83456L,0xbcecf110bdc4a430L,0xc64ba9f6b2a77ed2L,
-        0x75d06bb1323b6059L,0x192de9edf709226fL,0x000000000000004aL } },
-    /* 8 << 322 */
-    { { 0x5f7d9850fb6f765bL,0xafe6dbcad0ccfce0L,0x9e66a5e9d97d6f42L,
-        0x1b402928377f7e90L,0x44b0d87abfc71aabL,0x3cffd5151de366f6L,
-        0x845d7d74b292c4f5L,0xe0822ef93f88e818L,0x0000000000000017L },
-      { 0xfff7c1d7104d2069L,0xe53e122dec0fdb18L,0xf07a43395646b614L,
-        0x3f2341d0b47765f6L,0xfde6dd5e2cb3def4L,0x87d324787a97d20cL,
-        0x27235476bcb7b256L,0xb03f98dc9303c7d0L,0x000000000000010bL } },
-    /* 9 << 322 */
-    { { 0x634e5bf3d3323dedL,0x3bf31a84f4d4e862L,0xdd6b8f2235e8b445L,
-        0x0b82f8ffaa9b65cbL,0x34c6a6fd744b4cf6L,0xe1831208a43f35f5L,
-        0x7cd47de06db12386L,0x845e032b5b4183e5L,0x000000000000013eL },
-      { 0xc7b8b5ecb448fbe4L,0x779c1f1019d44cd8L,0x63be24d85e05ecd4L,
-        0xc34e9ff989f86617L,0xe1b13059d96a53a8L,0x92101f9fec8a4021L,
-        0x56150074ecb053eaL,0x802050cb44760734L,0x00000000000001d9L } },
-    /* 10 << 322 */
-    { { 0x29f559f30101f121L,0x755e6943457fc6c4L,0x4531ef607c423ebbL,
-        0x2e214b5f5c1752afL,0xfbb45080bf760382L,0x4ac072f6fb9ec95eL,
-        0x1c738977d3f9dc13L,0x8941f56b46cd8ddaL,0x0000000000000035L },
-      { 0xd99d101d543301b0L,0x9cbe76c1eb88a1f0L,0x3a83d44c974b3e02L,
-        0xaa0fad91d4c62aafL,0xa4393659c1aac52fL,0x5cc89ddeb695fc35L,
-        0xd248c1bdc017698dL,0xb232bd2028af0b2aL,0x00000000000001f1L } },
-    /* 11 << 322 */
-    { { 0x09742d9a3320fef4L,0x211ff0f93e06ff4bL,0xd78969686f42e626L,
-        0x6bd0c95a11fb5505L,0x28d29ee1288e9a9cL,0x6ff437b97d75ef3cL,
-        0xaae59f1669ad35ccL,0xa8d0a7a2e20c026bL,0x00000000000000faL },
-      { 0xdc4feadd783a9b51L,0x387f15e0622a4a07L,0x78005c174a207939L,
-        0x2f1c8ed7a4ad0da9L,0xba0da149f12ae544L,0xd3085ef61db1ce40L,
-        0x8185ae15c8027370L,0x672ae84ee7699af7L,0x0000000000000107L } },
-    /* 12 << 322 */
-    { { 0xc1d74d05ac5fab15L,0x6ea132c49b102d52L,0xd3ada4ce0d890cd3L,
-        0xab7248f092823f62L,0x246c373023871113L,0xebbca0b998424f07L,
-        0x0061eb2c2e62e741L,0xac1b03d25e90c5b4L,0x0000000000000136L },
-      { 0x0748c14a7eefae68L,0x82525b3581f8a2ceL,0x31a64097398363e1L,
-        0xcbf57e0257b6b33bL,0x523f0584807217e6L,0xd607efe780b9700fL,
-        0x79afcc9435596890L,0x140ed6f46985a97eL,0x0000000000000160L } },
-    /* 13 << 322 */
-    { { 0x994d6f091dc32085L,0x7ef66c0ca1ec3338L,0x862f3f00d05f032bL,
-        0x14b255ab398a3cd5L,0x15dcba7d14d0afb9L,0x426d2d2b0eba73c0L,
-        0x49c12810c97b173bL,0x1b41ee58de677412L,0x00000000000001e5L },
-      { 0xf95f8080e3f62ad7L,0x2043cc48def132ffL,0x675e320a4ac025a4L,
-        0x70d97e051e334fb8L,0xf1f374fdd5c92698L,0x092930a4e24b9c4bL,
-        0x9df749fe264df791L,0xba72b3748ec13529L,0x0000000000000170L } },
-    /* 14 << 322 */
-    { { 0xd9b7a5b9e1c9df84L,0x709198f2b5280f15L,0xb34b95d48277fd56L,
-        0xfd99a4ec9de8b8a2L,0xe382385a3a437ec0L,0xec27c9e21c556ecbL,
-        0x40e3599d22df4e54L,0x01c11920edd21904L,0x000000000000016dL },
-      { 0xd4049aebdd8453f7L,0x8c013265d4ed86eeL,0x97aff20706af369cL,
-        0xa09fb20b053ebdd8L,0xa0864a12daa9bb5aL,0x046821b0487993d4L,
-        0xc60e798c71b8e214L,0xe34ceba3b599ac41L,0x00000000000001d6L } },
-    /* 15 << 322 */
-    { { 0xa5828c36d7a89dc3L,0x469a1d568dd9c304L,0x66de18a2fd9cd815L,
-        0x9c9dbdc6b2dc8e19L,0x1a498589fd4ac190L,0x5a56e72594b98ad2L,
-        0x01af3fa4075c69ccL,0x1545c78e90dffbb5L,0x0000000000000050L },
-      { 0xa65c03dcc589d32aL,0x17e9f0ce6060cac0L,0x0e4407a37302e7a5L,
-        0x0b6d8617e87d0d8cL,0x6c4d924e82c0970fL,0xb8323cda4e7cf7a9L,
-        0xfec1519afc7592f4L,0xe3ca60ad3b413603L,0x00000000000001d6L } },
-    /* 16 << 322 */
-    { { 0x116ca45b2e19e0b1L,0xa49d8f1b730ac8c2L,0xda037586eb7a1238L,
-        0xeae3abd5e834391bL,0x8675c82a277eeb94L,0x975ac10634b19d06L,
-        0x6ab169a96b83a163L,0x3ed9a40a967424fcL,0x000000000000013dL },
-      { 0xa23d2b9b2082d8bfL,0x853ae3f39a7d0a3fL,0x04c7ce962879d8eeL,
-        0x17da556d29c66703L,0x1b3a760f1fde40f6L,0xb98726458c5b2120L,
-        0x59b18fee260aff65L,0xf2a8908d5df615dcL,0x0000000000000116L } },
-    /* 17 << 322 */
-    { { 0x0c565f6dbf610ef7L,0xfb3f938daf30f04fL,0x3e626c858b8f63a6L,
-        0x46b39352fcc292aeL,0xf7d0a0563a488d11L,0xdcc803337f10c63aL,
-        0x9ce707d99c6af943L,0x5a919c777093b168L,0x0000000000000198L },
-      { 0xc635f424549b3f1eL,0xdffe84686bfd7fbaL,0x2ca865d6999c72f8L,
-        0x904ff1826178fabfL,0xb431f3d908971a3dL,0xb6f8633bcbc2b248L,
-        0x65788bf3b9173f22L,0xfb2c9aaa9e356216L,0x0000000000000091L } },
-    /* 18 << 322 */
-    { { 0xa0fecc4018e76bfcL,0xaba8add4477d51acL,0x41057a450ba7ff2eL,
-        0x75b902a119cb81e4L,0x8e5b4a580e68c3adL,0xfcb68db8cc58a3d4L,
-        0x0a7e44ce4f044a64L,0x40e4907ed0543f9aL,0x0000000000000006L },
-      { 0x32195dac8df38660L,0x6e1d60e5377aa840L,0x847cf167ef79a408L,
-        0x3be397f0d44fbdebL,0x6bf1298cb6474131L,0x116995a6fd22822dL,
-        0x5af45b34c8290ecdL,0xddde3eecb230c779L,0x00000000000000e9L } },
-    /* 19 << 322 */
-    { { 0xd3d86741f2c7d24dL,0x21d5116b19322c3fL,0xaf9d1a0819063e10L,
-        0x5b594a50e31c6774L,0xe61198cd516f6354L,0xec9e8eb451088a79L,
-        0xcc3031bbfcba2683L,0xeb08633e531785d2L,0x00000000000001f4L },
-      { 0x539664466d67c0fdL,0x2a42f1e974ae1a80L,0x6c12467c885ea4ccL,
-        0x81ab0c5b0efb792eL,0x71ddf7497b91b2e2L,0xec246aafead35602L,
-        0xa0f4a61d2563662cL,0xc717f71c505df6c4L,0x00000000000001c0L } },
-    /* 20 << 322 */
-    { { 0xafc75c178ec70a8dL,0x32686ebf7b117380L,0x16050cda21e28c47L,
-        0x70c05654e731b083L,0xafa2e57571d1f6d2L,0x0df1a032c1982fd6L,
-        0xc0e7b1461e86f69bL,0x0df3c6bcdce1864cL,0x000000000000012aL },
-      { 0x46fa0fa600b0d0b1L,0x1f0a42b21691a590L,0xf5a6e4e8ac8c1189L,
-        0xa2cc987973a0ab49L,0x721ca290cf17f795L,0x4026f9c3ecf32b7bL,
-        0xbabd20c019cd7057L,0x99378e8c5c30cbccL,0x00000000000000d2L } },
-    /* 21 << 322 */
-    { { 0xd0cbcc47c26a88c6L,0xc7b0cda13f2dc480L,0x405f4a1024029c61L,
-        0xa79337861f262318L,0x009fa8def18a254aL,0xd8e1d3ff56e86d6bL,
-        0x9d1c8cb1cf685730L,0xe9e94c8373d42c86L,0x00000000000000b4L },
-      { 0x03d5e8cf263d6639L,0x008d0a7caf59818dL,0x030bfbf3d18597c3L,
-        0x7e6faa51312d4f8fL,0xbe896d83b2d948e3L,0xd6a7d6786f4f8181L,
-        0x2140942ed01ccf0aL,0x458145e3bf228206L,0x0000000000000182L } },
-    /* 22 << 322 */
-    { { 0x9925822b53727667L,0xb75905699f8ec5bcL,0xab4ec9d48d2a5fc8L,
-        0x1fdf79f123996a2bL,0xb7c9dca72e618aa4L,0x70df99533cce63acL,
-        0xdb24712df2c51a36L,0xd95239ec9d3a3f59L,0x0000000000000083L },
-      { 0xd649c751d2ef6338L,0xb18fa99e47365d93L,0x1f96c9811d979826L,
-        0x752db605cc8def36L,0xe723f8151830cba5L,0x11a2323f7123ba6eL,
-        0x63fb9a0d0a390d71L,0x41a6131c77638870L,0x00000000000001daL } },
-    /* 23 << 322 */
-    { { 0xa3e39aae9386104aL,0xde389403c6bab3e7L,0x2aba3b6dc8ecba58L,
-        0xaba666e342eda205L,0x247aa93c7ec04499L,0xeabe55e2811dc300L,
-        0x955ad4c37f7c679bL,0xffa5d2930dd8edfcL,0x000000000000001cL },
-      { 0x6cd7828c8d795923L,0x93fdd33bcf549b25L,0x8a2a61d68e5ca30bL,
-        0x5e0466db7302313aL,0x296faf9fba7c9c91L,0x4f8645cf5999f063L,
-        0x589f67f837992492L,0x0bed28248081dc37L,0x0000000000000177L } },
-    /* 24 << 322 */
-    { { 0x2229e06cccd6d98dL,0xad78008c2bbc14eeL,0x361ffa4fda34a88cL,
-        0x6023fcf46cf499fcL,0x72051f272a50f74fL,0x56cc61c8e9a59a2aL,
-        0x2defb0a1bf0392cfL,0xa5ed8b89d29013a8L,0x000000000000008dL },
-      { 0x9d396c29d3d7339aL,0x0d21b9dfca0262d1L,0x164b69e0a000d10fL,
-        0x2f7f7dfce1147d4bL,0x3cc2909978310e2dL,0xdca71fac36ae5a21L,
-        0xe0c8579aa0f4cfd4L,0xc05c548904582119L,0x000000000000013fL } },
-    /* 25 << 322 */
-    { { 0xecc1d27d517fd248L,0x5e8aa5936053787bL,0x46fe1e027a0727d4L,
-        0xe190ed905b0731cbL,0xaf9197611b2c2c55L,0x6d3b24cf61100b10L,
-        0x354826b3638b7314L,0x2ab60c42a335005dL,0x00000000000001b3L },
-      { 0x60406971fb3548c7L,0xa39ee5b246ea496fL,0xbda9226bdea5de60L,
-        0x125efd34ee468f88L,0xe04d9f1abe0b4fadL,0x123e18b7c72e7621L,
-        0x0e4c5a0dc75a09c6L,0xb31d669e57d867c5L,0x0000000000000162L } },
-    /* 26 << 322 */
-    { { 0xf5747cbc85245da0L,0x120980ce618dcf96L,0xec629da41d48d206L,
-        0x4419aa98d3952436L,0x01a4a6e1bb4544aaL,0xed247d13a94aa6dfL,
-        0xbceaddb76a5924fbL,0x11fbff73e1cf234bL,0x000000000000017fL },
-      { 0x224a152e21813c71L,0x6e2a6f4a20f47b53L,0xbf1a147535e50638L,
-        0xf1f713223308616bL,0x64d14f69d2f8fef1L,0x1e8b9fffa246cbfcL,
-        0x62bf5aa4d3763484L,0x7c57e682b86702acL,0x00000000000001baL } },
-    /* 27 << 322 */
-    { { 0x3a70dcd25f13c332L,0x576f41afe4313910L,0xd0b6b3c552430b5bL,
-        0x0d5e9e48e8996f32L,0x207b17fe77e70a78L,0xd0d76189584a4c91L,
-        0xd35b7d9ee12153afL,0x1b5f87f40becd4e2L,0x00000000000001cdL },
-      { 0x4bc65a348ff1d0a7L,0x4eefffa356825c30L,0xa42098b2616e22dbL,
-        0x46bc46e15e3e3225L,0x015f358ae05be037L,0xe02307bbd86e016aL,
-        0x14bc3a329a393613L,0x5bdce022e6a07114L,0x00000000000000b5L } },
-    /* 28 << 322 */
-    { { 0x161b9770b7dc0f64L,0x42ad385a84f67076L,0x6a94116c710d4992L,
-        0xddfa30033ec54457L,0xa17c61d12d520342L,0x7e673638f36c6f21L,
-        0x7654e648eaa1a95aL,0xc4b4a3c40dd8029dL,0x00000000000001cdL },
-      { 0xd748525500c9033cL,0xcf0d9c3551acd2cdL,0x02022ded596a8678L,
-        0x56fe8164d90b82ecL,0xe376a376863801c8L,0x559b0f3fad337694L,
-        0x3c720b4f06e23e58L,0xe02dcd8191914c96L,0x000000000000003aL } },
-    /* 29 << 322 */
-    { { 0x7c7c5db9082cfac8L,0x3598e5560a7f3db9L,0x2601b07557884076L,
-        0x6ff31de8b9759bd5L,0x8a065c1fe55fc009L,0x61b3433f212241c7L,
-        0x20413706427bcc47L,0x11748db7fc48d7c5L,0x0000000000000004L },
-      { 0xe5cf15518d4fd88eL,0xd68399f20567016fL,0x8e255e59ce2a0316L,
-        0x5214f9d91ac90dc8L,0x1e0c990eef6bc99eL,0xd604cc6438467d13L,
-        0xc3e5306af38a48beL,0xadf8009b6d167ca7L,0x0000000000000044L } },
-    /* 30 << 322 */
-    { { 0x21487ed2e126ce5dL,0x49bc01bc5bd1e210L,0x1aa5f2c20fa11fabL,
-        0xa2242af403fff4b4L,0x973eca3c209db9aeL,0xf2db2f1b3dd561d9L,
-        0x784606951bcd0ed1L,0x5510ea75e062faa1L,0x00000000000001abL },
-      { 0x5e7d9dd5f2bebc17L,0xe4244808d597a75dL,0x0aa0f5a516b9fe86L,
-        0x61d40d8a03e38a68L,0x934f4bef9e2e8268L,0x52a157da1ef90390L,
-        0x7b1a6498cc5d0b9aL,0x95b9693300f06240L,0x0000000000000072L } },
-    /* 31 << 322 */
-    { { 0x7952dc96c4dcca38L,0x71e01c35fdd766a9L,0xd4ad5e22d4782655L,
-        0xe4e886ca808c793eL,0x636e86b943abdc47L,0x00a2bee29483f877L,
-        0x6a88f59186462a7cL,0xff8140be192bbe07L,0x00000000000001b3L },
-      { 0xd8e44cf01ff8cf63L,0x82b1238f14439990L,0x9f1800edc4edd1d0L,
-        0xae0de82d7eb239ecL,0x9b60b1dfaf69441bL,0x4e521d71e632474dL,
-        0x964fd7357e9a7351L,0xed7cf4349f2ad1cfL,0x000000000000001eL } },
-    /* 32 << 322 */
-    { { 0x699f72e9e084ea4aL,0xd1c4bc45dc721bcaL,0x7eb43d78995db3e6L,
-        0x76e84fae02088e1aL,0x1b061123e048084dL,0x7caf0d3279abe6feL,
-        0x9340583753b13e9dL,0xa05d1313cc58f64aL,0x000000000000013cL },
-      { 0x81d54e675fa5b0aeL,0xee551c40086b46c4L,0xe7b98e209b7daa1bL,
-        0x8082803eb868c9d3L,0x036502f236731930L,0x075455aef9a93c2bL,
-        0x080e704652a61944L,0x9f4bbcf0580494e0L,0x0000000000000154L } },
-    /* 33 << 322 */
-    { { 0x298a0e46721ade9eL,0x677e8b3ac7e30064L,0x0568fd0178016c49L,
-        0x994f0036d3ec1adeL,0xeb07215b15c5599fL,0xa97133b3e01597c1L,
-        0x6c991e6ed54986a6L,0x2fe04bae2e971e6aL,0x00000000000001dfL },
-      { 0x25c966cdf287199fL,0x7e9f51d01c337d60L,0x0c823f68216d1b44L,
-        0xb381e0434d7ca148L,0xcb0cd817bcd421f3L,0x188b342f88fea786L,
-        0x751d7c1bb2a40514L,0xb05475b4f0efd0dbL,0x0000000000000083L } },
-    /* 34 << 322 */
-    { { 0xf12858a030e60874L,0x885b746a49363fcbL,0x89677efa9e6267faL,
-        0xda86b591948152a0L,0x13a52d2eefe62f36L,0x44a7c6cc22770a18L,
-        0xb71c6a83c8b69076L,0x239a31f25ed31aaeL,0x00000000000001c6L },
-      { 0xa91974f8adbb6beeL,0x0cef8b3d5fef0a99L,0x47accfa21999c491L,
-        0x8d9fd072192c2a13L,0x925393d4d87514a7L,0xad667ad4e6c482d0L,
-        0x812fbf47a5668487L,0xf1c2e82276e7bd3dL,0x0000000000000019L } },
-    /* 35 << 322 */
-    { { 0xbf8363be4df133aaL,0x00d7ebe6830d997cL,0x2059980566b5fdb9L,
-        0x2b682dec73cd9f64L,0xc4ab8c87e5db0383L,0xfa2dc9686d539483L,
-        0xb0ede1675e8498eeL,0x5d8c23dfa6a71bb3L,0x0000000000000002L },
-      { 0xed62df962ddcfedbL,0x62dbb40ddecfde69L,0x3a847e28ea8d6afcL,
-        0xb4c7f1db2fcf58a2L,0xd774982684eebdafL,0x0a5078bd6259f54bL,
-        0xf9d2df2d9b7545e8L,0xa5b293c9ca1ea850L,0x0000000000000053L } },
-    /* 36 << 322 */
-    { { 0x0e4b463a886b2e59L,0xa7091bdde1730e93L,0x53693de2e485313cL,
-        0x32137cec9d335d4bL,0x30983f46e7b8f7b6L,0xa8f5732c36785d2fL,
-        0xfc96dd6d27f2db5aL,0x649054e25a562614L,0x0000000000000164L },
-      { 0xa4b1b99714766d09L,0x93af1a132001eceaL,0x436fdf6a69bb5799L,
-        0xb0f3e655eae264adL,0x1ff369c761838a92L,0x3780d328a24da60cL,
-        0xe126d99241cade42L,0x9cc0e1ea9ea7d1b4L,0x0000000000000056L } },
-    /* 37 << 322 */
-    { { 0xe3f5c92af2c9c91bL,0x9fe56b3fc64b60e7L,0xe651ab8b2d15166bL,
-        0xf7421bb890e51defL,0x0adde7402cacdf7bL,0xdaaa12e1cb9e11e5L,
-        0x42dde46b5211a0ccL,0x621aea01f0da0299L,0x000000000000004cL },
-      { 0xb1c259a1a55cbce3L,0x10fd90719f2f0057L,0x8242faffc92645adL,
-        0xabdf00a3cbc7aa9bL,0x0b2deaa426b1272bL,0xc9edb172bc53e47fL,
-        0x7e3c26de93e77e99L,0xcadf52633d8eb2e5L,0x00000000000000ddL } },
-    /* 38 << 322 */
-    { { 0x89f03416a0f14094L,0xd56358745bf6b5a6L,0x07140f5ab2d9fec2L,
-        0x3a6be1f713d6753aL,0x29f0b6713669ba9eL,0xd3e499809c9edd9aL,
-        0xa1222f0a876e1af0L,0x7e4b2d8e3a539f63L,0x0000000000000197L },
-      { 0xb9fb59ba3657e3ffL,0xb0bdaaca95a402e9L,0xd6f9607d9fc5fcb5L,
-        0x08277d4ec95e8496L,0x9d6231d624a10303L,0xc45279e62ff82594L,
-        0x925b8d7bff7c6659L,0x2ce594e8599f6b14L,0x000000000000009aL } },
-    /* 39 << 322 */
-    { { 0x0d0927adec179a82L,0x9bb9d81707986ba2L,0x4dde10ba9a1e77a6L,
-        0x52ceeab0fa680f62L,0x7415c752e0dc60e9L,0x45bbf4dea0c28835L,
-        0x926ccc195a41d082L,0xc18e0bf9fcaf9128L,0x00000000000001e0L },
-      { 0x212b073ade970121L,0x2f3acba643d17f79L,0xc4f7513cb540cfcfL,
-        0x5d4ecfec9dba50a6L,0xb6ac72945403b601L,0x445f1431a3e52e7bL,
-        0xa4471581a24dd4c9L,0xbcac26f166e43679L,0x000000000000009eL } },
-    /* 40 << 322 */
-    { { 0xb3e7eabf951c2d0eL,0xbf9959209512c00cL,0x0f1d97a8dbf1f0f9L,
-        0x6a52615c430981d0L,0xfb0f0d2097073d82L,0xd843bc6cc0430de7L,
-        0x1bd02e5440061f87L,0xca4930b25dd88dc1L,0x0000000000000056L },
-      { 0x92c1350259a249afL,0x1597c507b2ca76b5L,0x298751f3039592d2L,
-        0xc50bb3a4e8a71d91L,0x4d3a058405f1e850L,0xd16f70a3764af248L,
-        0x5d508a243f2215ceL,0x2cbcdaed889ab117L,0x0000000000000193L } },
-    /* 41 << 322 */
-    { { 0x33651b0fa901023bL,0xb284799cf74f9e94L,0xca2adf58ab42f967L,
-        0x5682cd2f8f916cd1L,0x1fa28c120716ddd4L,0xc7fbd070fcce3af4L,
-        0xe2584ea683c7d494L,0x292cf09563e96f86L,0x00000000000000d3L },
-      { 0x978eab0d561ae9f0L,0x505bd69d87b3fa7dL,0x6da8f644e5f1eb0dL,
-        0x23835289de97f4beL,0xcd57f90042407f6eL,0xebbf612c3210ffbaL,
-        0x7b4bacd8094d959eL,0x8bff4d6940769457L,0x000000000000003aL } },
-    /* 42 << 322 */
-    { { 0x0afc9e7020994117L,0x0e57032cd363dcc3L,0x7524eb6c993e395fL,
-        0x8ef74be384122007L,0x7d33ed5003a27726L,0x27513a4eb65c88c8L,
-        0x6af64d0b7d9f370aL,0x4cb05a9b45c17a8bL,0x00000000000001ecL },
-      { 0xfd7afd321f4198b9L,0x385d1c7039b3b13cL,0xab60c146d2b332b1L,
-        0x50b827d7dc655444L,0xa2c7a8ddd25c4e3cL,0x0a27f3eab718ce9fL,
-        0x14ff04ece2dbeea8L,0x63f281fe2fef5044L,0x0000000000000074L } },
-    /* 43 << 322 */
-    { { 0x49fbd643eab88f85L,0x564f4ba7e8c9011dL,0x1d818e0bc7b1478cL,
-        0x1803f387883b4833L,0xedba2a623bc03335L,0x634a781db6fc5a17L,
-        0xe8196ce6811f8210L,0x76af8a379732049aL,0x00000000000000fdL },
-      { 0x8c283abdc06054cdL,0x34308c7a8998068fL,0xde75159933710724L,
-        0x992f8183afd84b44L,0x893f046a3e7c8ce0L,0x0a967e5f70f40608L,
-        0x95c11e854bc01128L,0xa5e3708141fc13dfL,0x000000000000000eL } },
-    /* 44 << 322 */
-    { { 0x8ed9e22a9439311eL,0xd3f46e41314b0141L,0xbdb1570568382359L,
-        0x149adebfb65d3aabL,0x4f73e3254fb4c8c2L,0xef7883ccecdfb62cL,
-        0x7a0ecaa2123003b4L,0x8da68ece15a2a7fbL,0x00000000000000ceL },
-      { 0xaac484e542250748L,0x5e1020b2e43c22e1L,0x755475a75f3c8e7bL,
-        0xbc1fd16e533061b7L,0xd10d8530011d193cL,0xb8d9c97e4ae8efddL,
-        0xf19de2648f813fc8L,0x3a0b5f66415daf6dL,0x000000000000009eL } },
-    /* 45 << 322 */
-    { { 0x9969b5fd3135fadeL,0x9bc95aa606e484cfL,0x355ddb588b0fc080L,
-        0x1093422b3bf11d43L,0x5d5237f95bc21dfdL,0x25c184a661758002L,
-        0x1625b15c318e6360L,0x32d2ae19b508e1ebL,0x000000000000012cL },
-      { 0x722ed1b76e253643L,0xe9242c221809165eL,0x5c962af74b9630a7L,
-        0x36d676d51fe4f40aL,0x9c6232022f1b1556L,0x209b0bc4daf3120bL,
-        0x72726a0105689599L,0xc16d60ab500ef70cL,0x000000000000004fL } },
-    /* 46 << 322 */
-    { { 0x9808593467fbef8fL,0x22bc62a9f82be097L,0x98cded2d74bb7957L,
-        0xf315e03a49c8bd33L,0xf9e872d565490065L,0xa5a6bd39857ea243L,
-        0xded7128e8cfe8539L,0xd763a75b8905dea9L,0x00000000000001c8L },
-      { 0xc9861044843cde89L,0xe3761912078c8f57L,0xefa422f7582d9659L,
-        0xb50a0a959632fa91L,0xf955855a469df6c0L,0x0ea369f34669bc3dL,
-        0x368ab00685599310L,0x2ad00a5eb7a8b481L,0x00000000000001deL } },
-    /* 47 << 322 */
-    { { 0x4c84c9f9ea65b932L,0x0b54ecf8bec4ea40L,0xd5de970a9e70ecd9L,
-        0xc940c1ed40455e5cL,0xc8bc7dca3838fdf7L,0x63c4efb6ef33dfd4L,
-        0x82b51dd6c47f4e20L,0x5cb41a27ff99b86eL,0x0000000000000123L },
-      { 0xe7b1d8113117d1faL,0x517166515e4a173dL,0xc6d75c1834fbc8acL,
-        0x4646316c524b402aL,0x361c0a1b7b71c7b7L,0x777727080796b95bL,
-        0xe6e931370451eccfL,0xb43aa00d237aacf2L,0x0000000000000108L } },
-    /* 48 << 322 */
-    { { 0x77b4759ecdc28bedL,0x2c9485511067b654L,0x97a30e9c1be3d888L,
-        0x1b8ee1134d8a74eaL,0xec2a632c3b1697ffL,0x60ac030fa8d72746L,
-        0xee82efee20b60c63L,0x6c7904a018c6ac9dL,0x00000000000000a0L },
-      { 0xefabd68d11a97778L,0x0c8e7905d29960d2L,0xc58e496f0b58310eL,
-        0x8bbcb95ce092e4e6L,0xcfefaa5cd7b6d076L,0xddb0d933600c7c58L,
-        0x7ec76492d34b8f40L,0x6ad971caad23f589L,0x000000000000004cL } },
-    /* 49 << 322 */
-    { { 0x9c3eaccf73c220baL,0xecd040d222e53490L,0xe4e958c14dcc1e96L,
-        0xdba4a808b1af5f74L,0x3106a290a95fbb79L,0xffb704293792882cL,
-        0x7e595219f8432c48L,0xdde6ce6c8e43e77bL,0x0000000000000125L },
-      { 0x5c5bed0062b3c950L,0x4287ec7870ec2a41L,0x31f56d23604c34a9L,
-        0x39550dc938e5e90cL,0xce05656c3502e7a3L,0xf65501831c683d8bL,
-        0xcb128c0981e26495L,0x4f4f4402cc33b9e6L,0x0000000000000053L } },
-    /* 50 << 322 */
-    { { 0xe5a77166be5da74fL,0x32f62c8e2fa814e0L,0x70ae9f87b6c207d6L,
-        0xd803c9a7fce84376L,0xa7e7e9ec53846c94L,0xeb357fcc3fa01a22L,
-        0x2fcdd432d264e780L,0x4ce115c9c352af13L,0x00000000000001faL },
-      { 0x9543539d8912fd69L,0xe1eb19b8d14ed2c2L,0xc47ab4f0beea02a9L,
-        0xa097de0020a38f8cL,0x182cb223511265f0L,0xcdaae98f01614e32L,
-        0x9968eee31ece63d3L,0x6219a46db34a7e22L,0x0000000000000080L } },
-    /* 51 << 322 */
-    { { 0x9e12cfec9c3a4c3bL,0x779628a45f53855bL,0x7ac6e3494ee550f6L,
-        0xc167283c7a4b2192L,0x58c2fa2063e39e4dL,0xbab2d6ae0b743e23L,
-        0xa34a920cca6e9cb0L,0x7818f9f4ececa894L,0x0000000000000010L },
-      { 0x3416933959b9f008L,0x0a9c68d604ef634eL,0x18a98bb9e6a78900L,
-        0x124443d61e0fa784L,0x56668b018fc2d6cdL,0xb5ddc6d2faa5ef32L,
-        0xeb89133aec245cffL,0x5b3dd85dc2929841L,0x0000000000000197L } },
-    /* 52 << 322 */
-    { { 0x42c6902d17001ab9L,0x6bcd13b0e3c3bef7L,0xe61d8161a3b5a78cL,
-        0xa201774e05b85e95L,0x9c0940abd7e54543L,0xd8c739a71066397fL,
-        0x2a086159a49687e8L,0x6e5a1b2592222916L,0x00000000000001d9L },
-      { 0xc2fe70be069126eeL,0xd337ff0cda37306aL,0xd91e07f157f8eb8cL,
-        0x83eef5e6c3e8974fL,0xa0584968665f08cfL,0x377cdce9b5297c10L,
-        0x581d1c013d1f2799L,0xa1b669d8bc2e1714L,0x0000000000000096L } },
-    /* 53 << 322 */
-    { { 0x087569b150902c90L,0xf91f6a3c073c744dL,0x7811c91daa8b077cL,
-        0xa5ec0a6d68dadbd6L,0xb885e064f45ab631L,0x24b696dc452bd6b1L,
-        0xa528be732e9ef035L,0xc5683c7afffda366L,0x0000000000000196L },
-      { 0x944aef1b14b55baeL,0xf9b890250d064e11L,0x47c699ca4c807c41L,
-        0x37312d6d205c11d7L,0x5d1546c69319437fL,0xdb86c05376c56164L,
-        0xc554d7719937d348L,0xfd1f3aac9cff2d06L,0x0000000000000140L } },
-    /* 54 << 322 */
-    { { 0x4e5f70bd593eeec7L,0xa08a3a07c68adf61L,0xa939150808b6d600L,
-        0x0b36d861cb6b65f8L,0xa5b6fccf274f5cabL,0xd821c75ed6a29c3fL,
-        0x61f56a9e5d06fe0cL,0x818aaa46240372a9L,0x000000000000010bL },
-      { 0x97e136c0c49978b0L,0x9ae5030e27f22acaL,0x9a2ab3a3ebb6f0a4L,
-        0x4eccb9a421c62aa3L,0xb3c264e17e298f4aL,0x5681ce55f5126a1dL,
-        0x2e55fbbb2dc003dfL,0x96eea8b06c8cdffeL,0x00000000000001bfL } },
-    /* 55 << 322 */
-    { { 0x225b4c7ca087d667L,0x1c7212bf5e019ad6L,0xb4d883fa55533217L,
-        0x060a1cb3a9382203L,0x0cdd75b0c64dfca2L,0xbca3849f8129ca54L,
-        0xea0f1541fdc4ba6cL,0x76420c089f8d1f5fL,0x00000000000000e6L },
-      { 0xa53a534f6ce1b6a2L,0x2489f4cd43caa085L,0xce3afd72f0ea6160L,
-        0xaf9e1e469665daedL,0x947a8d04312ec1beL,0xd802b36ed89e92feL,
-        0x41a7f3301ed24021L,0x6b8789018bfa23a0L,0x00000000000000d5L } },
-    /* 56 << 322 */
-    { { 0xb42ef882816f7665L,0xb3afb61fb9084579L,0x3127e9a54745395aL,
-        0x1fa6611f0126d538L,0x798fa552070097ccL,0x6f41901c704f16d6L,
-        0xf528b063bd6749f9L,0x3ca460784b9fff68L,0x00000000000001dcL },
-      { 0x0096eb977d54eb8eL,0x9de669afe24facdeL,0x1582b22ac6df403aL,
-        0x8f4fbd44a91242ebL,0x1696fcc0e0ad2760L,0x334c9d4ad2d90e25L,
-        0xe57995440d5893e9L,0x5074b63ed1077be4L,0x0000000000000029L } },
-    /* 57 << 322 */
-    { { 0xc11c1de6640b3b9aL,0x3075eec8641ac7c4L,0xa2484dec7b144ab5L,
-        0x4ac49f44e53e597fL,0xaabefa613e6c80d7L,0x2d964c50b363a587L,
-        0xcb58a0f06d2d92f3L,0x2015b478e899fe65L,0x000000000000005dL },
-      { 0x7c51a1a88df037fbL,0x86b9973bd5582434L,0x946f58e266867f0cL,
-        0xbe9451d97ed59b38L,0xfecd089d4c5df184L,0x3f14866afe5f8eeeL,
-        0xae2f927fc486af2aL,0x684917776c511735L,0x000000000000004fL } },
-    /* 58 << 322 */
-    { { 0xd8bfc4c4210815c5L,0x13012a4f8aeec2dfL,0x2fa0e6847ae5255eL,
-        0x1088cf4336a2fa9bL,0x94cd1efe36ab082dL,0x128c234009a7804bL,
-        0x159360ff1bb24487L,0x0a458b52ae3eab0aL,0x000000000000001cL },
-      { 0xc4775d3d9576ecc4L,0x13a0078c5c9c25a5L,0x92ef8e4e4062c8e8L,
-        0xf196769660375b3eL,0xd072937ba24b431cL,0xe5e3bf64d0420605L,
-        0x68712d5bb23660a3L,0xe89fff9ae6358c41L,0x000000000000016eL } },
-    /* 59 << 322 */
-    { { 0xff0da5c42a22890cL,0xc044cdfc46bff2d8L,0x2fca586d876f2f60L,
-        0xf06e8c8c14dd39adL,0x042dff7320789797L,0xed6a327aeb5cf944L,
-        0x844d7c94375fa477L,0x710ee88704b7b91cL,0x00000000000001f4L },
-      { 0xb8c9507ae8e1a9f5L,0xc273343f9575c160L,0xe3da5ae5991fee34L,
-        0x712ed5679ba2b295L,0x9301bef49b3f465fL,0x8ed51c6c25950377L,
-        0x5f46a90cad56c370L,0xb7694541fed996efL,0x0000000000000014L } },
-    /* 60 << 322 */
-    { { 0x5f4ba23b78e658c5L,0xa9463d66dd8f6428L,0x2b6792e9fb241842L,
-        0x10dfa360934aa1f1L,0x7769322ab7bf8a36L,0x223c1474f127aa05L,
-        0xebee2760d048d6c5L,0xf495b445e7b13526L,0x0000000000000032L },
-      { 0x7baa637e8bb79c71L,0x349709051681a7b2L,0x12359173edd0293aL,
-        0xbd9deb854e888c4cL,0x43f03f70563c6c2bL,0x42d131b2f20fe520L,
-        0xb080e82cdcf32d61L,0x7aca6b8c0817ea86L,0x00000000000001f4L } },
-    /* 61 << 322 */
-    { { 0x430d75a3c507c83dL,0x4406dddeeebe1adbL,0xdfe966eb94d0023eL,
-        0x7a403a862a422704L,0xc7f74e48d3fbbc05L,0x47ef018fe07bdeb7L,
-        0xb69187f8e5ee7ca7L,0x9340009d4fda175eL,0x000000000000001bL },
-      { 0x6eb88ceabc7b237bL,0x862c7ae95249e73eL,0xb517b7e79cf910d6L,
-        0x2b780471297fe7b4L,0x99738346acbbc73bL,0xc0a18e55e317c474L,
-        0x3fdba5cfe254a076L,0x02f6984cd7a4c08eL,0x0000000000000174L } },
-    /* 62 << 322 */
-    { { 0x70310eb86def0125L,0xdc681d69eddbda48L,0xcb29aa5c303d3057L,
-        0x93a7cbfff83bc576L,0xff9e461be48ded6cL,0xf0ba47061d15d104L,
-        0x2700a174bb028212L,0x85b2f2b815ed0881L,0x00000000000001a3L },
-      { 0xf48c263c758e2de5L,0x5fc91b78a810b626L,0xcc57c5471ef04f52L,
-        0xa3bc05d6db2ff614L,0x5918d61139c567b3L,0x8af3817bbf54d907L,
-        0x0f65e1a44cd3470bL,0x26d7c80b9d7f6cebL,0x0000000000000122L } },
-    /* 63 << 322 */
-    { { 0x6854aa7ee687f6e1L,0x74212a251b7b35eeL,0xadef57c11b3f79a5L,
-        0x1a748b8e45511b30L,0x5725c9e78c892a6aL,0x94cc52b54d12a323L,
-        0x633cda13a8b2824bL,0xdd069d05b24a8579L,0x00000000000000c6L },
-      { 0x563f4058af114a39L,0x820ab6c934462a35L,0x4340b6d903cc02e3L,
-        0xe8104176d06f02c1L,0x0b6583783c825b98L,0x07d0c3f46311ea4dL,
-        0x34b6a707673e0f0fL,0xcc3e2922dea3d23fL,0x0000000000000086L } },
-    /* 64 << 322 */
-    { { 0x4d1ba365c000e4f4L,0xcf34a1a87b2caa8fL,0x0e4a58d5783e3c39L,
-        0x1ad4b5ce2c1fcbd9L,0x6b30bfb9e8b9556cL,0x304ad2366301b3a4L,
-        0xdacf31b8c8d571f1L,0x25b7a0fdec93e088L,0x000000000000012eL },
-      { 0x2863bcbf3b6cc6ddL,0x70760671e9430f99L,0x46cce87b7586cddeL,
-        0xc1f58398161a045fL,0xa84ca0cf291636aeL,0x11242d2726892bd1L,
-        0xb1d85da78c971e9fL,0xc66e0e1d61aa5039L,0x00000000000001b1L } },
-    /* 0 << 329 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 329 */
-    { { 0xbd52d5127c1a3915L,0x88b64d2e59d9dc08L,0x142d5364a1da166eL,
-        0x138ed011c8ef7e38L,0x90e189904d6d06eaL,0xb0081001147f3f6eL,
-        0xa8e9f89711a1ee9aL,0xe7607f70e28c7a31L,0x0000000000000011L },
-      { 0xa73dc4e4db957a5fL,0xb3c023c02fa7966dL,0x590ca0877aefc5b1L,
-        0x63427f912ca0d266L,0x7bc0f1ef4eeb8864L,0xef9125d279239e3cL,
-        0x12e924a1a90c09c1L,0x0fec85e3b3663a4eL,0x0000000000000085L } },
-    /* 2 << 329 */
-    { { 0x6c6119f6a1c88f3cL,0x924e5fec2ec6944aL,0x4c8aac605742ff2aL,
-        0x60adde1eddb22c7cL,0x9728938cfa5d25bbL,0xfa5ac4f7ec117de0L,
-        0x41f35ab7482929c1L,0xd1c4e8f90afd95f5L,0x0000000000000180L },
-      { 0x2fc4e73da7cd8358L,0x39361a57f2a1c920L,0xf6f2f130ad94d288L,
-        0xe37e24662b6a78e2L,0x0babff8b79c262cdL,0x6cae01ef61b597b9L,
-        0x9c1e33f0a60d4e64L,0x52a42280dd01f845L,0x000000000000000eL } },
-    /* 3 << 329 */
-    { { 0x9f19b3e18c730727L,0xa2231248d5e33b72L,0x0505b3dd5bde07e8L,
-        0xaa30e5ace8a2fc4fL,0xb2d24a392f964eabL,0x2d9d22a460ca41f1L,
-        0xc7183625e0e8dd2dL,0x87f3ab032653d84cL,0x00000000000000d8L },
-      { 0x52e505e3c7fb02d2L,0xed5fcc2c7154e8b7L,0xc0df346f8e8397adL,
-        0x1c9abde6f542ce97L,0x158cd908e2a2205eL,0xfbf550dfe60b9a18L,
-        0x66a4aa43bd817d90L,0xeca35b6cc60dc534L,0x00000000000001beL } },
-    /* 4 << 329 */
-    { { 0x09bc56744c81da95L,0x9756c443f23b526dL,0xac041332abbece84L,
-        0xd933aaa327696aa1L,0xfe78e91d3e4e9032L,0xe491ec63cd67fcfcL,
-        0xb73746e7e8fe9c4aL,0xd2ca6f6a199f1eadL,0x0000000000000191L },
-      { 0x86a7466aad125891L,0x4817dd6e42499ff4L,0xf5478e3b7c6a0addL,
-        0xb92d8e5d2a394366L,0x5c5238e3bcdf955bL,0xfa855ff10489d6b1L,
-        0xbb15d2fd134f7f2dL,0xd5faf13744bd6838L,0x00000000000000f0L } },
-    /* 5 << 329 */
-    { { 0x0fc11e4c84b0f4eaL,0x435c27d47d244a14L,0x3996925dc6eb93caL,
-        0x0b699c9f09f7e1e4L,0x92d5807e1eb96a28L,0x772a095b9c14e99aL,
-        0xda362fd51bc8f956L,0x157e3c0b9d4800b7L,0x00000000000000a8L },
-      { 0x5efb3b8f90d9ec28L,0x8cc8c25ffa2e2948L,0x1ee212252668d00fL,
-        0x37102fb19651d783L,0x341ab0e5a50af73bL,0x868464e967e0b7b5L,
-        0xe264f59d5ba120e4L,0x661650aae80385c3L,0x0000000000000158L } },
-    /* 6 << 329 */
-    { { 0xfab2f74c3ef1eeb1L,0x71af5a9992007e36L,0x384d6a18a0273729L,
-        0x03df77a9ab5eaf13L,0xbe0136fa0e0bdcb0L,0x5f4be468bebaa588L,
-        0x2ebfcfb42840138aL,0xf8e098f02594311aL,0x0000000000000053L },
-      { 0x84055186c73f0476L,0x92dcdd0e729b0b1dL,0x7c523b4806be9764L,
-        0x95357b956a57baf6L,0x4b556882860ce9b4L,0xdc08b8f831882647L,
-        0x11c9b3c738c3deafL,0x50b6fea8e68f20c0L,0x0000000000000164L } },
-    /* 7 << 329 */
-    { { 0x76b2671fa4c28ca5L,0x91a0d41bd0f62e23L,0x3db3924db448f296L,
-        0x0925dc3fa60a9738L,0xa37774b00371c080L,0xfd182ac7b5167fe8L,
-        0xce4795b714eb4895L,0x7c993d229887590dL,0x00000000000000b6L },
-      { 0x6090f452a0feb93aL,0x032de9c217e4f78fL,0x29ffff34a237d15cL,
-        0x81205285efad6015L,0xcf90cf14ab143ecfL,0x56d1caab0dbd215bL,
-        0x2648af04284b4611L,0x6df91b71bc20a51cL,0x000000000000013aL } },
-    /* 8 << 329 */
-    { { 0xbf0b5ea3d34b138fL,0xc49513813ac7cad4L,0x82ca5536cab6a319L,
-        0xff56913688bb4ea8L,0xcee2512a4761d3e9L,0x4695e52155ef9647L,
-        0xbb83316b9378f132L,0x1d447f048d43bb4cL,0x000000000000002bL },
-      { 0x777ab201ce5889f5L,0x635d968f4c6f0545L,0xbb48a0cf872777eaL,
-        0x33f4de62c616138fL,0x93e74192bc8d65ceL,0x532ca9bd5ebae1f0L,
-        0xd783e104fbaba8d0L,0xb32af569bdf2d850L,0x00000000000001baL } },
-    /* 9 << 329 */
-    { { 0xa0bb7fffad4e0ec6L,0x6621d487b0fd2273L,0x7dac286992bb025eL,
-        0x2daea181e142e35dL,0x6d2ad2a7b5585b04L,0x7c156b91c67b8de3L,
-        0x018e5ad7f9a8259aL,0xa2fbf18af52813cfL,0x0000000000000176L },
-      { 0xf5f511266c344a4bL,0xc8ca1d94c7d3e7f0L,0xdb27ea15da64dad1L,
-        0x248a9d6eb2dd60c7L,0xc27b6461b6e10f17L,0xf64f36ecd01fa2bcL,
-        0xd395dad1052a4c0eL,0x2ed72e101ac0c910L,0x00000000000001b8L } },
-    /* 10 << 329 */
-    { { 0x218712c5d244dd3dL,0xed19fc5f3849ea68L,0xe4bef41212cdd2e3L,
-        0x4189ad768e675f49L,0x818140c606411e8bL,0xb13cdb88bd3e301bL,
-        0x8696b6b929e10534L,0xf325c324cdba3b73L,0x00000000000000b9L },
-      { 0xd41cdb59966ebb3fL,0xb82e5cba766a762bL,0x4cb02db9628fab85L,
-        0x1092daf6bd4d732cL,0xf307aad8333ec4e3L,0x956be117c56ddc0cL,
-        0x2e03ef708674b500L,0x9a540a11d836fff7L,0x000000000000010cL } },
-    /* 11 << 329 */
-    { { 0x5fe1030137825aa3L,0xa74e7065f13007ceL,0x7d3ebd9df6e9c94eL,
-        0xcba3ac5535e6d681L,0x602758b91c29d435L,0x6199e8ffebf0335eL,
-        0x338348e5e2747f04L,0xf3585a73bf365565L,0x00000000000000c3L },
-      { 0xb3c68f52e99b1b1fL,0x4f91a78bc8085753L,0xc7e549a78c010053L,
-        0x17912acc9790e0b7L,0xabbeaab400cedc5dL,0xe885041467136ca1L,
-        0x166b73459b51dc45L,0xc12d21e36d037065L,0x0000000000000102L } },
-    /* 12 << 329 */
-    { { 0x88367eebb1714fe6L,0x7e62026793ba98daL,0xc32ba6878352de93L,
-        0xf542af8c979410b0L,0x929bae6b0e5b7cf2L,0x1201a42abe4afff0L,
-        0x8dd7508567016e6eL,0x6cba441bc820de5dL,0x000000000000011bL },
-      { 0xeda68f37476e21aaL,0x16fcf4f2e71dfdbeL,0xc43966b272a6702dL,
-        0x2732f8f0d6af1eb7L,0x2bbd7368572832d9L,0x83807036b54abbb5L,
-        0x1f34a2c505aa9032L,0x0840702abc5297b9L,0x0000000000000130L } },
-    /* 13 << 329 */
-    { { 0x9989f80307ef564fL,0xb8b2ad57d8354633L,0x6f40c68a0ec997bbL,
-        0x1c7963bcff213ab9L,0xa9548ec25a844439L,0xe55816bc980a798bL,
-        0x724de727d2674309L,0x5a50a29195e2a8a4L,0x0000000000000119L },
-      { 0xf46573aa104d6a06L,0xff5f3f99d9d12718L,0x9d527c1889d06ed8L,
-        0xdfeb3fef6ba0946bL,0xa156e73dd8fcc522L,0xcf5fb969177f3823L,
-        0x98210af8c27cc78fL,0x452ce06048c56dd6L,0x0000000000000116L } },
-    /* 14 << 329 */
-    { { 0xce7489926632ad8aL,0x334efd2bdee28c6eL,0x5486cc6ba645df0dL,
-        0x5f02c1614bf66fcbL,0xcf2ca9b5e228e838L,0xeb7b3e95c58148d8L,
-        0x25f22a19a344184bL,0x8f522dbb73976e50L,0x000000000000013eL },
-      { 0xd758bbbbe87ee0d7L,0x6d7c077ae946a6cdL,0xd9732f17c80954b0L,
-        0xae1d674e56d292c0L,0xa1fba7cdebea75caL,0x533d65b08398242aL,
-        0x22fc479e22740f06L,0x5c13ab6063ca9aecL,0x000000000000008dL } },
-    /* 15 << 329 */
-    { { 0x9941d21ab49db659L,0x5284918d18fab9deL,0xa325293ef612f99cL,
-        0x2062c4dd8ebff205L,0x7b4b97775321cff8L,0x10d0c4726905b8d1L,
-        0x1645eefea2c71febL,0x7fad527a27ec5eb4L,0x00000000000000d7L },
-      { 0x36795144f93f74a9L,0xca5177b36115fcf9L,0xc49b404e5df5ccc6L,
-        0x940ca8bc2bda601cL,0x60d8607073ae2f2eL,0x410c1e9c3f1321a1L,
-        0x3181ce2c713e1037L,0x1d252106ec2ba1cfL,0x00000000000001a3L } },
-    /* 16 << 329 */
-    { { 0xd552c9d248351408L,0xa6d83a480ef56558L,0xad5e955a313b47c2L,
-        0xdf3caff7f6dc03beL,0x3d62ff1951cc488dL,0xdb49f397966a34f9L,
-        0xe10e72130bf6a9e7L,0x560e329abc5852d2L,0x000000000000004bL },
-      { 0xfdad029af3017c8cL,0x6ca51acbb78d4d1aL,0xf984fa8679d7d7d3L,
-        0x75d9044b911a4d3bL,0xc5b20c87ef955e4eL,0x413d6838f064fd0cL,
-        0x37a5ec08ec7fb5c9L,0x634cb97f74561d5bL,0x000000000000015bL } },
-    /* 17 << 329 */
-    { { 0xad1efc90854c308aL,0xff83fb8276d035cdL,0xd1959a8384fefc47L,
-        0x62c1d0574906d383L,0x8634b4ac4f968d2bL,0x03ff550c1a5571d2L,
-        0x76f35ffb3a99965eL,0xafa6323331f48bcaL,0x0000000000000100L },
-      { 0xb5c0272bad54971fL,0x4cb20e716cd136bdL,0x6245003b6f9aae9dL,
-        0x0be08260dd76ce6dL,0xe45b5015d2a01ad8L,0xa079ad1be686ab99L,
-        0x6ab15c9d69f8ac52L,0xa52bdbd741f5309eL,0x0000000000000161L } },
-    /* 18 << 329 */
-    { { 0x0b617b8a00484cadL,0xd966cd8eedfb5312L,0x78daeed22e0556bfL,
-        0x3770c07d5f740718L,0x0ca5bf4b4716ccf7L,0x0ed0493a9b99f851L,
-        0x9fd997f26f7a9b17L,0xa0bd37177c8b6fdbL,0x00000000000000f4L },
-      { 0x708283ffb63b3e84L,0x41f2f8872ab27c88L,0x2af970973e877cd1L,
-        0x9ded7532521ef940L,0x939a47de0eeff999L,0x630c45887ae38086L,
-        0x34268747773f602eL,0x9a91920734993ab5L,0x000000000000008fL } },
-    /* 19 << 329 */
-    { { 0x707b18b6c3928c9eL,0x465e5a820aa48af4L,0x2c18c4e7e68a74beL,
-        0x9b9037c2ac6930e1L,0xa1560f34b3416163L,0x511406a69285d6dfL,
-        0xf68235cb6e106799L,0xbd3d844a088a6ad6L,0x00000000000001e5L },
-      { 0xc4f78bfd85e2f692L,0xc83f003671075cbbL,0x8a75bafa208b6885L,
-        0x8b4097d0654cf76eL,0xf567fd4ff884572aL,0xf5dfb3b1ada26881L,
-        0x4f423f8bd71ea04eL,0xb148a467cfdbf809L,0x0000000000000147L } },
-    /* 20 << 329 */
-    { { 0x98d7ec4574b83fb2L,0xda049f4667938ccbL,0x6abf18a43e04316eL,
-        0x200bc564efa482a2L,0x5858ac6c029cfe0cL,0x2d81cea5a5bdc064L,
-        0xe7ab7be81636eb12L,0x6e7bd59fd1ea4c1cL,0x00000000000000b7L },
-      { 0xaee1246920b44e57L,0xeb14e358836b5462L,0x9b4f621d2b22fdecL,
-        0xa6b8be6be8b1a5d9L,0xc43a3ec35e3da0a5L,0xd89e2333d43f2c85L,
-        0xe534c8393fe85436L,0xc8f70bb54d6862b4L,0x0000000000000106L } },
-    /* 21 << 329 */
-    { { 0xe3f343d136aab671L,0x872612411057e237L,0xc649dacfd4686627L,
-        0xac5c2e85d6976ca9L,0xa778bdd13322b77bL,0xab619e1c856b0eb6L,
-        0x0b5fe3ad8a9941ebL,0x2f9b420a9c019561L,0x000000000000014bL },
-      { 0x185fefbbeb33f10cL,0x1cf9640cc41725d5L,0x55b9968c85d74435L,
-        0xede863e0504b63a5L,0xf59711270e07a7e9L,0x50d97b0da57bae09L,
-        0x6dbd2b8ab0f76892L,0xf52601b7f929729aL,0x0000000000000179L } },
-    /* 22 << 329 */
-    { { 0x9f97c2576700b350L,0xd002835d78f746faL,0xcf3ecd578da75e7bL,
-        0x8768abd95e23f219L,0x3f9e66466cf8ff2eL,0x3064948b1f360d9fL,
-        0x92bfce3bb129b55eL,0x4de97c12253a1789L,0x0000000000000180L },
-      { 0xa94b1dff29e5efcbL,0xb9c77f91f225c1b6L,0xeaf061bff40e20caL,
-        0xc7f20a1e5a880560L,0x1a49752babd0d172L,0xb2397b9b7704d613L,
-        0x1bf06d60563fd774L,0xb6bf63b045039cd5L,0x00000000000000d3L } },
-    /* 23 << 329 */
-    { { 0x7ea8ee24b4cc0562L,0xb5885f8fe2af04aaL,0xaa012337275d5351L,
-        0x76e54bb937e29944L,0x7f9b8f182ea56782L,0x4b3d999e28d442b8L,
-        0xf8b0e3804718f1e2L,0xf137fa8334e560c9L,0x000000000000002aL },
-      { 0x7fd295c0dadf8134L,0x4677e5ebe41515edL,0x5f4a4ea2b67de812L,
-        0x083b497c8e609e41L,0xb70b8f2669132911L,0x62c6e87f984b49d3L,
-        0x2549a999e54f6ee3L,0x16bff3e87206acfdL,0x00000000000000f4L } },
-    /* 24 << 329 */
-    { { 0x9fa30f39e43b6c21L,0x4d3822aab9fc57bbL,0x0230adcf69a8a55eL,
-        0xdc8ab2796f87f988L,0x2d642a82b2af81fcL,0xb9e63a7730765913L,
-        0x5787400625f2a77cL,0x0aa30a6f5bfee0f1L,0x000000000000003dL },
-      { 0x796f6508fce49daaL,0xb586299fbf907285L,0x21ccfc555838145bL,
-        0x20a0f8c0e6d43b4dL,0x17170a2be5e80fc6L,0xbb8f840688fba946L,
-        0x5c226b0e411fcbe7L,0x35ace6e02ae8e090L,0x00000000000000b0L } },
-    /* 25 << 329 */
-    { { 0xb547200a9bb37cabL,0x0f91bad87af4fc99L,0xb714d3e6695a4975L,
-        0x6f563effb9242c77L,0x6ee4ef17510f7214L,0x7119fbcc1b9f9343L,
-        0x0fd99faf8ce55139L,0xa9595dd66c1d1f5cL,0x0000000000000149L },
-      { 0x78fa8f186fb6dccfL,0xc9458c1fa23f4d29L,0x3c91cd7025d83072L,
-        0x05d221aa5d471830L,0x2c8874b90e7270b7L,0x88b5608741995b6bL,
-        0xbfa1e6af9c1280d5L,0x47e5b560d7d76623L,0x00000000000001c0L } },
-    /* 26 << 329 */
-    { { 0x35456330801af096L,0x8f66380bcdef18ceL,0xfd31fa5e4d12da33L,
-        0x931659924b9ed4a6L,0xc5112dc875c17662L,0x326d6659939112b6L,
-        0xab1acfab4f3be3f0L,0xac364fbb2e4d4d54L,0x00000000000001a5L },
-      { 0x45c40db020574528L,0x6a6667eaf0339597L,0x6e4543629c83c9c3L,
-        0xb385d150e06d9313L,0x3e135b18bcb29487L,0x5f5c63f833110b15L,
-        0x5b0e0ba2c9488f2dL,0x9bc7194609682bedL,0x00000000000001f8L } },
-    /* 27 << 329 */
-    { { 0x3472744006e20becL,0x7fac38c38c7ef888L,0x54d2cd7ecae2f3e3L,
-        0x8d4cf97a5064f2a7L,0x3db5cda7e928fb60L,0xa7a160cf6269afa4L,
-        0xd3612410e4aee8e2L,0x1a72c3961a2ec9d6L,0x000000000000000aL },
-      { 0x95a203bdbd1ee880L,0x22c099e645b639cbL,0x67dd291643ae9aadL,
-        0xdad086a4aa05dfd7L,0x8b832fd8c468741dL,0xd3b83b4b3b45c4c2L,
-        0x99c4a32791dd0c79L,0xee55689e99f169b2L,0x00000000000000fdL } },
-    /* 28 << 329 */
-    { { 0x15b283fd125d84a3L,0x56aeb34bc1890bbcL,0xd3b9d608a09c584aL,
-        0x0c2cb39dd4cb3bc0L,0x46db0f67fc3cc700L,0xf5cc2708db50f7dcL,
-        0x5795e7521f0867f2L,0x7cc9145f0427b3cfL,0x0000000000000178L },
-      { 0x2fe532cb31e66ab0L,0x2ac67713eee69b01L,0x38f6d515d77ed9feL,
-        0xf275c56a2118c560L,0x21a9c7f00fdc638fL,0xc50b3c693254e3f3L,
-        0x8fbbc2505f950b32L,0xf7122780014ae500L,0x00000000000000e9L } },
-    /* 29 << 329 */
-    { { 0xdd3ec700226f04ecL,0x0df90c19482e80e7L,0x68dc1e01c63dd9a2L,
-        0xa4f28e23a15fe774L,0x565f36a73ca7a790L,0xafb1eabf67ad7df7L,
-        0xd0cf7ff0d1c1da4dL,0xaeff6da8edc5e910L,0x000000000000005cL },
-      { 0x3c053168041b88a4L,0x988833f5df29cc86L,0xeed26f752ed77d58L,
-        0xf7f4788983991f9bL,0xa1271ee5e35e68a2L,0x312e0d918f01ec3cL,
-        0x839f1a84dea08bfeL,0x387d533914668886L,0x000000000000002fL } },
-    /* 30 << 329 */
-    { { 0x3e48d19e46fa0eb2L,0x3c52023de9765fc6L,0xee7c3a58ac5628c8L,
-        0xcdc6dc5fe06e780cL,0xda092f8a33c55394L,0x3f53c57f6eb9b6e2L,
-        0xa2f3321bbbf66534L,0xf14d50d72a650a3cL,0x0000000000000116L },
-      { 0x6e9f43d0f6b86d3bL,0xd845899a16fcfb74L,0x9ab03ba416f965f3L,
-        0xbb61b4a2cc21c1baL,0x13f64e24d547c4e9L,0x484e226bb2b9ce9cL,
-        0xddbc2681a05d3c18L,0x3c16171abbf49b24L,0x00000000000000aaL } },
-    /* 31 << 329 */
-    { { 0xee38edb2dd1bbe51L,0x80e6050243f2c49bL,0x74c3e9d891622e00L,
-        0x5a8bd3cd4047f50bL,0x4dd146c4f8cdd703L,0x91e38765ec128a35L,
-        0xaf641c18735f735cL,0xef96fbd12fcab7adL,0x000000000000000eL },
-      { 0xc3cbc6ca45287b7eL,0x55aec8fea1ac0f00L,0x630fa637af6e4abeL,
-        0xd83b22d2587d5779L,0x84fa662a50afa01dL,0xbd8dd789b19f62afL,
-        0x490ccda6f64aefedL,0x5008037e4af86aa0L,0x0000000000000164L } },
-    /* 32 << 329 */
-    { { 0x446b17b0e695916fL,0xb3b0dcebf9bd8da6L,0x6c76c3ce5ff86aadL,
-        0x0785d5a20cde74d8L,0x2ce9fae12bb7ae7aL,0x87cd05685f32e59aL,
-        0x8e229326e1598559L,0xa0bad54e34edfb01L,0x000000000000015dL },
-      { 0xa54529c20e1290b4L,0xe7c719cab795dba1L,0x68cac3a5109b4740L,
-        0xb032bd2ba68e8e4aL,0xce03d9321658337dL,0xb39d102ecc95d9dfL,
-        0x79838d96be248c98L,0x02562708d7df0b44L,0x0000000000000127L } },
-    /* 33 << 329 */
-    { { 0x65202498cc143cf4L,0x09f80cd704445898L,0x54fe51bec4f61a5eL,
-        0x29013981597d0979L,0x13b63add19e0ee5eL,0x1ea5e689341200cdL,
-        0x1bea4d3663d7514eL,0xe7d322f47b46f902L,0x00000000000000a6L },
-      { 0x349b1972cc60de8eL,0xed79aafaa2075005L,0x88f0a5b6004f0314L,
-        0x8c0738bc46dee06eL,0x870acd790b63003aL,0x64a1205ca367811cL,
-        0x8aa20bebd4a99dfeL,0x5f8eba3fc39ef513L,0x000000000000013bL } },
-    /* 34 << 329 */
-    { { 0x4cb51584855891a5L,0xfcd86f0188f33a98L,0x9ca889eb8e39e929L,
-        0xc0a5ca46bdff8628L,0xba14fbf09e965cefL,0xce2474e21b5cb8ceL,
-        0xde7d528bfa459a1bL,0xd741fd3992785092L,0x00000000000000dcL },
-      { 0xeb956f25ddbc488bL,0x29bacdcb6682a201L,0x03cbba50fb38ad85L,
-        0x0687794318ad03f3L,0xccb0a078e746ec1aL,0x4518bbf1c6d1f10eL,
-        0xf769f2dc1f59b213L,0x3b8b1035e24118c0L,0x0000000000000123L } },
-    /* 35 << 329 */
-    { { 0xa52e2eb373c6ed28L,0x3cbcd662c077dde7L,0x0a2b9b2967eeb3d8L,
-        0xcd61f644d697239bL,0xa934b899cd0e9bdbL,0xaf89b6ed95b01dfcL,
-        0x7cf64dadc1fd5fc8L,0xf9ed347799099fe9L,0x000000000000006bL },
-      { 0x473364deca19dae8L,0xb33f7926c2de1948L,0x9f77368bc9fef6ffL,
-        0xe9d364e3aa467f92L,0x825ebc2192bb93b6L,0xb348b9bec4932331L,
-        0xd66d94ed152467b3L,0xb6970ac7bb4591fdL,0x0000000000000028L } },
-    /* 36 << 329 */
-    { { 0x18584526dd5eaf27L,0x316d5c3591e8b4c8L,0xf0515b605b8d3ddbL,
-        0x5b64260a45525bccL,0x4f05352788d9435eL,0xa92426af7aa1b06eL,
-        0xac351063a5dc466eL,0x5b9ea7dd575a1f35L,0x0000000000000187L },
-      { 0xaca204a297772298L,0xdcd6314ff757e252L,0x2f9c3b40aa5ea9b6L,
-        0x1cc338f109311e8fL,0x441c170303512e14L,0xd1da2ca59c64f91eL,
-        0x9730d382c7ddc586L,0x84cea67d55dc73e9L,0x00000000000001e5L } },
-    /* 37 << 329 */
-    { { 0xbbc4e624ee3271b5L,0x6b5e21b6fe977a0dL,0xa3265ba66d0452d6L,
-        0x1ec78dd87baf2b08L,0x2c05e3122eebc034L,0xaa1b947bea4f5ad2L,
-        0x94f4933a06ebc241L,0xed58b946d50bb167L,0x000000000000014dL },
-      { 0xaec8d2b31be81ae8L,0xd86c6d69b3d0e22eL,0xa1ac5934c12c7d6dL,
-        0xcab83b6a54faf69aL,0xdde77363c47d62b7L,0x71f0a7769d919c14L,
-        0x5606c72bfbf2ab5cL,0x453a2d5d9db0d55dL,0x000000000000006dL } },
-    /* 38 << 329 */
-    { { 0x998d5368a9b51f22L,0x1f15d19ff477ab5bL,0x37442775d68c28bdL,
-        0xd64687ec2c0cd5c3L,0x90e88caf0f326169L,0x35fe08e939109538L,
-        0x32f70606af2c556bL,0xc6fc69bd96a5aa0aL,0x0000000000000095L },
-      { 0xff2f1fcae1d825bfL,0xabd7283905cc4840L,0x5e6ea842c3ceac94L,
-        0xa37eb05d7bf5800bL,0xc7e8cd9218feb383L,0x2cb64fd5a0e35725L,
-        0x14c7de98f5b53b67L,0x8c6f364a3280ab21L,0x000000000000004dL } },
-    /* 39 << 329 */
-    { { 0x052a61531ef9be5dL,0x2ce3b605a27b942cL,0x2d1982cec7a50a00L,
-        0xd2ab12fc3938c01eL,0x1aba919ad4e38b6aL,0x6464772967f6c405L,
-        0xcacf20a9efd8f7f1L,0xa8d90b0f84d73009L,0x0000000000000170L },
-      { 0x20b77432d6e9b843L,0x47d93d17d9df2d13L,0x15ac011057912081L,
-        0xa24fc7094dbc99b8L,0xe2f6ba470ed28e94L,0x6a9d4bb1e81889f8L,
-        0x48035db36831c638L,0xbc7f16c9b7b511f6L,0x00000000000001a7L } },
-    /* 40 << 329 */
-    { { 0xa39d4ac8162dd91dL,0x5704769322e67a01L,0xdfe57f997c446028L,
-        0x0f49df77d131a2c8L,0xc8f26682f7f779bdL,0x1696655818e884f1L,
-        0xc5d9d516f390907bL,0x23356e77617f5f5cL,0x00000000000001edL },
-      { 0x5e6830b9679deabaL,0x18bcc37f9fd1a70eL,0xfa84e86272225892L,
-        0x2e6cd938c610763cL,0xc179376a671378eaL,0xe3b844b5f502ea1fL,
-        0x74a390b75fb4dc36L,0x51f019400ed8d535L,0x000000000000018fL } },
-    /* 41 << 329 */
-    { { 0x829f07763b84874aL,0x43871c3c629f0068L,0x67ea591aabb86558L,
-        0xcd9d158842e26ff5L,0xe790b7b4b87fc2b3L,0x8fe0b1aded7d3f58L,
-        0xbd60a61ed9c77f0fL,0xfdc080c3779dd449L,0x000000000000013aL },
-      { 0x2a1419e0e10dd216L,0xc53633aedf69bf09L,0x8750156c554560f6L,
-        0x45d18d5211057cd2L,0x668e9f5d6bc3b095L,0x23c0ca2bbef1182bL,
-        0x66b5954e307147d4L,0xb55897fa6582e607L,0x000000000000001dL } },
-    /* 42 << 329 */
-    { { 0xc560dffe49b36a45L,0x93e588366b8574d5L,0x8181236440ae3131L,
-        0x0b7a1cc90adbbe10L,0xf0300653f9d147a1L,0x74bd55b4db6ee70fL,
-        0x04f147f86856ffd7L,0x62a12dea5e8fea8dL,0x00000000000001fdL },
-      { 0xe387062af295523bL,0x3c88bb54562c7c5dL,0xc1c6d25554ab4cb0L,
-        0xa2aa7dc600ede737L,0xf102965348769099L,0xe7fb6655931dbf6eL,
-        0x9b7f1bca63b027c2L,0x1a04490be25853c3L,0x0000000000000061L } },
-    /* 43 << 329 */
-    { { 0x2cad6e8e7d7a3311L,0x192637a101d2ce9dL,0x54408f763b09d1e0L,
-        0x056fbb0e6c9f1c9fL,0x5d86dd60e8a73041L,0x3cef3dc1649edc73L,
-        0x2a5855721c3a9234L,0x6fc27608d555c011L,0x00000000000001f1L },
-      { 0x084bbef69c34f177L,0x3e28813737096f4dL,0x4d163b57a397ab9eL,
-        0x2b50f5310e1e07c7L,0x8440e162a93ad09dL,0xe8e444632593df14L,
-        0x197660292b20316fL,0x90ef0d967f635186L,0x0000000000000190L } },
-    /* 44 << 329 */
-    { { 0x30ac47e8f7a5ad23L,0x9c7749b063788eb8L,0x74b0ccb37ba11421L,
-        0x95738a0b1c6a3f64L,0x0aae5fbe05110374L,0x53cfe62bc0c6e8eeL,
-        0x0c56162d6af02414L,0x3257726d88eb33eeL,0x0000000000000148L },
-      { 0x3f56ab59dcbe894fL,0xdc75f5e0bd7699eaL,0xb8f7d880e6f78aa8L,
-        0xffbb24f65e5e8d85L,0x7833e090f2011756L,0xcf9af908a0349a95L,
-        0xd31658498856a70dL,0xfaf01d021845a0d6L,0x00000000000000e9L } },
-    /* 45 << 329 */
-    { { 0x8b9b44f29e4685aeL,0xef81af6a7b8cf6f7L,0x8adef463de2bcbddL,
-        0x1b69518ffcffa721L,0x561f0c5a405464acL,0xe28b2f168bfc6e45L,
-        0x9172848b090e79c0L,0xe3c6092f2826d317L,0x0000000000000129L },
-      { 0xd95f1d0b79a9a188L,0xceac08db1f69871cL,0x93a8b01280b65e91L,
-        0x48d3e503ce3e8c95L,0xed2ceabcdf74d29fL,0x71220652c2119809L,
-        0x4bb4bca76642cbb1L,0xd228abd74d461a6dL,0x0000000000000122L } },
-    /* 46 << 329 */
-    { { 0x13cbe9d39086d901L,0xd71e1a2890ec6eabL,0xb8ae9ebb66472a41L,
-        0x4e3a88fd205e2c55L,0xab212c986f72621fL,0xcea45a44e27bb1b9L,
-        0x9056afc557d42873L,0x9d2d273bcb3c220bL,0x0000000000000056L },
-      { 0xf13ce2c9170143e2L,0x1f44bb4286d61f29L,0x005bf7e894eddae6L,
-        0xc24a3c91c0d3e2fbL,0x553b308db50ea90cL,0x9e779eb0a6c0a0ebL,
-        0x8d8a0321d980d46fL,0xba0df44d582cf028L,0x000000000000015fL } },
-    /* 47 << 329 */
-    { { 0x44c65a3ddcd99092L,0x68e73d6682c4c760L,0x19c50c79b8ca4e79L,
-        0xbd60adfb0971debaL,0x0bfa8cc333ecbf46L,0xb178da302146a1a7L,
-        0x1e60002d50fe9c55L,0x6ec488ea055d5140L,0x000000000000018fL },
-      { 0x79affabd184acae0L,0x7fb90a1c9869ee93L,0x2f1f9a663466f356L,
-        0x02a8273d4ef8be31L,0x8ba3132741874651L,0xc56ff44fd2483813L,
-        0x5efdb725a6e5448dL,0xaded563f0992ce80L,0x00000000000001acL } },
-    /* 48 << 329 */
-    { { 0xc9a88248ca91f6f4L,0xa368fd8ac7d5acc8L,0x33d9fd5ccea11e10L,
-        0x0af2f470816de633L,0xe78e8101ac186f1fL,0x0d97de7d5e3c4857L,
-        0x9346af7407946bb1L,0x81c2bd5ec7044ea9L,0x0000000000000003L },
-      { 0x04c2eda3696d947bL,0xc3f988f301efa843L,0xe839587792f22674L,
-        0x376972a2c83396c7L,0xaa679a3144f2ad2fL,0x61a46ebc3112b6afL,
-        0xbda02ce0c6b3224fL,0xb42aaba7dd4c7b77L,0x0000000000000060L } },
-    /* 49 << 329 */
-    { { 0xfd99ddf3949f1e54L,0x9e37bc9a42c74bcdL,0x667e6412b528c0acL,
-        0x45b8bbdceb560efeL,0x2605f758266eae0aL,0xd45cba357019456fL,
-        0x1e7abac6b80ad6eaL,0xccb23c42ba18ec32L,0x000000000000004eL },
-      { 0x3e3b6948e4a456abL,0xe98cc81ccdfaf3a2L,0xc3a78e4acfc4cf5dL,
-        0xcf981aefe80c61daL,0x4423a07d0a0699bfL,0x80a93eef8c2fa65fL,
-        0xe7396c7f7cac8832L,0xd9866a7b731d27fcL,0x0000000000000042L } },
-    /* 50 << 329 */
-    { { 0x8d452f698f1ef9c7L,0x87eccf87baea3098L,0xfc3204e24903728eL,
-        0x35db9b5ea004f3b1L,0x6094bdc2ebb31480L,0xfae255eb95e7fa59L,
-        0x59012cfcf0cf198fL,0xc7622600b97968b3L,0x00000000000000beL },
-      { 0x477ee91af42b1d5cL,0xf8a49e41b38f6e92L,0xc194985a0f78930aL,
-        0x829ec9f4fa14de02L,0xfe13d75852882268L,0xda34194f3e1e5ad2L,
-        0x0eec2380dbbe0391L,0xa33de0d430cc7f21L,0x0000000000000040L } },
-    /* 51 << 329 */
-    { { 0xab573086122f0868L,0x76c0316c261b14f7L,0x83bf61c4050c5fd4L,
-        0x41ca4dabb9bab773L,0x8071890301138744L,0xe790898da00fb373L,
-        0x502ad727a7ee4925L,0x4f02eb663990928dL,0x0000000000000086L },
-      { 0x73860d4fb81fa334L,0xec04cbff2fa2a1eeL,0xda93b91043041addL,
-        0x2fbb81e1afc62072L,0x3534caef06e6fd7aL,0x38c3238d9bcc1697L,
-        0x4ef619b141f85807L,0x97e4cb5432d5853aL,0x0000000000000140L } },
-    /* 52 << 329 */
-    { { 0x78dba3df1b03222aL,0xf9a19f4df743b0a5L,0xd9025fc728786953L,
-        0x974c35dd0e75b160L,0xec2ad730190ab6e7L,0xb9c3d4efe7417b0dL,
-        0x0e19df5b715a93ceL,0xac4cd49c6cb2d8e0L,0x000000000000006fL },
-      { 0xff2080ed69898bd3L,0xc0e345b7e724b25dL,0x4632246b33da2d5bL,
-        0xa031381d832ae2aeL,0x38d4d94fa7bf9935L,0xd7ca7e55f30d34fdL,
-        0x5ddbe112c9320a7aL,0x69fa155ed90e6170L,0x00000000000001fcL } },
-    /* 53 << 329 */
-    { { 0xf3fcd3f329070358L,0x61bcf6a94766608dL,0xae11489bfdc834a4L,
-        0x153265f486fa8a4bL,0xb39af52a03431002L,0xeb126ae4c8551498L,
-        0xd606f364aed87f5cL,0x38f70cbcb9361319L,0x00000000000001e3L },
-      { 0x6b1582752f3d2eedL,0x1e8d787cc83309eeL,0x4e7802fda22933fcL,
-        0x98a126cb4e0120dcL,0x1701b21f14accf81L,0x94d92ff6e9dd2425L,
-        0xeb6c98e6deda42cbL,0xea752ae39a83bbf7L,0x0000000000000088L } },
-    /* 54 << 329 */
-    { { 0x74c7966431e64320L,0xa73a381035e3541dL,0x1ef1544db34c3f57L,
-        0xf71aa56d9a16c02bL,0x42d6f0ef06f35f04L,0x674e853d76201cd4L,
-        0x4d416adc0eaadc1eL,0xe5434f2af51ddd7aL,0x000000000000015bL },
-      { 0x6a5d1969438cbc53L,0xb97f4776646e4cc8L,0x79f5d3dc66273332L,
-        0x93fbdc3b3afa59e8L,0x0c142dfb9af35764L,0xa27741a2a47ac0b1L,
-        0xd3a0f40d48383b7eL,0x7d05a2c010bffaaeL,0x0000000000000087L } },
-    /* 55 << 329 */
-    { { 0x32bec69a22d06febL,0x20b57b7bd6ed9f30L,0x65ca9046547cb8e3L,
-        0x689788bd1f69889eL,0xa4cfd9a0d2378606L,0x94db81ec364645eaL,
-        0x554dc20ad90cf501L,0xfda49475b0075c45L,0x000000000000000aL },
-      { 0xec832a2b513eebf3L,0xa3810d026f4c8dcdL,0xd92de6469737c052L,
-        0x32f07ce28b7a8178L,0xdc9adea7f8e7ea6dL,0xb078a52bd7e3c857L,
-        0xf70c3ad51cdd8d09L,0xebe8bcc6aa541cccL,0x00000000000000b0L } },
-    /* 56 << 329 */
-    { { 0x8879637b3d70360cL,0x053c278f72f41087L,0xcc895e1ff07f009eL,
-        0x4c9b8c6468db6690L,0xb45473981b97dac5L,0x0399cac8af65ff38L,
-        0x295e09141fd0a6c0L,0xab605fcd871bdefaL,0x00000000000000d0L },
-      { 0x3f2d42975ad63582L,0x28fda2bbdc7d3a40L,0x7f14436765672d9eL,
-        0x9322ab082937e8c8L,0xf351279faf748929L,0x63a624f5149d6f5dL,
-        0x3351f4ff989f5325L,0x0456187bbc7dd8d9L,0x00000000000001b1L } },
-    /* 57 << 329 */
-    { { 0xfcbf34524112884dL,0x7112c9ea903f7279L,0xa82dea538dfd3bc4L,
-        0xad4f103abbd451a6L,0x49d6cb3f59f7f2f3L,0xffe87f02c526bf33L,
-        0xf2b85e4ed9e6c585L,0x7c5777c158b38628L,0x0000000000000120L },
-      { 0x250a9befb4b57ef8L,0x3b872628b7cb867aL,0x35b111a51a879fadL,
-        0xcfd5cab5f73c98b2L,0xe484a6f6312c4749L,0x84f719e11c8b573eL,
-        0x83edb875f8840f86L,0x915e1ef95d2dc42fL,0x0000000000000064L } },
-    /* 58 << 329 */
-    { { 0xa77f1d5f92bf4853L,0xcd9ce94099447d87L,0x4cd274fcba386d27L,
-        0x075c64605c0cdd46L,0xfe26dec8d7583ed0L,0x4c0a447759e4255cL,
-        0x247938de6aef2ed9L,0xd8dbd48a3d227000L,0x00000000000000f2L },
-      { 0xfb51bb52916ce89dL,0xb7997a98092acb0bL,0x94bbe9d8ac2e55d7L,
-        0x899feb11827bea20L,0x469b4834919b2a7bL,0xc994c41b1dab85a6L,
-        0x8479555ce43d5b1dL,0x6635657f3b0925c0L,0x00000000000001c8L } },
-    /* 59 << 329 */
-    { { 0x81a0c97ada91e249L,0x5e1e5d32838076e9L,0x389ca1e02c7cf349L,
-        0xde81e23cbb367fc5L,0x926f32b9e5e4a732L,0x061a6b8f92c1b204L,
-        0x6e5faf35ed97ed0fL,0x4e1d4d170caf4fd6L,0x00000000000001b7L },
-      { 0xc8dc770aa4583241L,0x12e4ecf1e1ef9744L,0x099f111cf7d6264dL,
-        0x2b2307382e6772a8L,0x65cf0a517f27f826L,0x8ba92657ed871105L,
-        0xe9d1d3f5887e4295L,0x5cbeaefe4562fb6dL,0x0000000000000190L } },
-    /* 60 << 329 */
-    { { 0xeb7316a61a0dfca9L,0x12d74d0102113c17L,0x518499bf8b72396bL,
-        0x8151dceddcf70010L,0xcea6bb1168208deaL,0xa1127162501ab541L,
-        0x3b35298f471895d1L,0x1e43d852103950f4L,0x000000000000009fL },
-      { 0xe259a9b2a01e30b4L,0x8af1dc7b7c0b94bbL,0xb1020ba1b8d2d163L,
-        0x91d4953f11932c5dL,0x393b1a0c79689ea9L,0x42222ff8a18ad561L,
-        0xad03a6dbdeccde82L,0xe2a11f661162399eL,0x00000000000000f9L } },
-    /* 61 << 329 */
-    { { 0x6bc7b50525db69deL,0x4482b033d8b4b0e3L,0x52fe701dcc9e8d21L,
-        0x050c4edfc61dbddeL,0x7c631930d20dc520L,0x123db30c2e5b2f60L,
-        0x2fd7e1ec35d20b9cL,0x8385cf8e2644151dL,0x00000000000001afL },
-      { 0xb885a30bcc451719L,0x21c65d8e47e67d5dL,0xe971a878fa2b6a6fL,
-        0xa60fa1b2838c9aeaL,0x4efefeb5e4efcd77L,0xee35b7474fc48efbL,
-        0xa95f3beaa06a6906L,0x371c74645e0e6ebbL,0x000000000000019fL } },
-    /* 62 << 329 */
-    { { 0x5c59edc157066b91L,0x08407d6cc76fa7ceL,0xb3f0b31abfb5115dL,
-        0x54a04e6483f65955L,0x8f95167b035d326eL,0xa0eebe160d24f491L,
-        0xb1a1caf05e5b0ffbL,0x802645e2d08382c2L,0x00000000000001d8L },
-      { 0xcc8f65eaca39e065L,0xea7e6b2a6df057d1L,0xa725e7f64dbc48a2L,
-        0x60f36a0fd5c8d0dfL,0xd2adbc8c8f0cc4ebL,0x5cf276c19f0c2849L,
-        0x77ade71c8cc56dffL,0x77f04f45d35bc65cL,0x0000000000000121L } },
-    /* 63 << 329 */
-    { { 0x927e172adf84476cL,0x850b77b9a02bc731L,0xb6ccc003cfd20fdeL,
-        0x43ff11ca335e3da6L,0xf5fcebf888b42166L,0x08508ffce90a7019L,
-        0xaa50439e5c4b02b0L,0x64666563af1407d7L,0x000000000000008aL },
-      { 0xf0361fa97015d2adL,0x06c10c06c3f6d10aL,0x6b30ce607a0b50adL,
-        0x905727d44499ab51L,0xadaabac64b4ca19eL,0xb97d87dff24f4c97L,
-        0x9bd3bb9db808e478L,0xc0476491fd5b3b47L,0x00000000000000dfL } },
-    /* 64 << 329 */
-    { { 0xfab6fa734e185ee5L,0xec85b9edf15957d4L,0xa978adbd72ba04e7L,
-        0xc7e3107e7986fb14L,0x0e97063de37740b4L,0xf26f51c225e29918L,
-        0x66b9445312e6f22fL,0x6617deae68090e9aL,0x00000000000000a3L },
-      { 0x86595b1dd2dafd33L,0xcca6cd7ff3c234faL,0xd24847edaac709ccL,
-        0xbe089df8fc689536L,0x4fdcc1dc367bbbeeL,0xc2592739a01bef50L,
-        0xff4d427aa53d6b64L,0xd3ddc2bc47d9af89L,0x000000000000000dL } },
-    /* 0 << 336 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 336 */
-    { { 0xadf5e06ea79cb073L,0xcb46aca98bf180e6L,0x5bf0d9eb835f8e22L,
-        0xd692cd207713f3adL,0xa33e9d7ff0d87f74L,0x9f2b6950f602a362L,
-        0x27a4c70bdfa4f77cL,0x99c699dd3c56080aL,0x0000000000000105L },
-      { 0xdfb1b25595338fa8L,0xabadba3ad59e754dL,0x2338452b436e70fcL,
-        0x34cfb5b2e07a21b6L,0x25ddb684f81ea5a2L,0x98f463c0aa325fc8L,
-        0x963bbc8094aeb02eL,0xa98fe976434ab9faL,0x0000000000000188L } },
-    /* 2 << 336 */
-    { { 0x9a7fc933204a966eL,0x7c1c59150d9680ecL,0x0643609730415e73L,
-        0x574b06528ea44e8bL,0xd35d1340f4b8fe58L,0x81ddd1f4daa40ca5L,
-        0x5c908486ac09937bL,0x467dffa614c180deL,0x0000000000000034L },
-      { 0xe6f97acc8000602eL,0x2650e9570f527147L,0x3af58dd97c3923e6L,
-        0x67f7102e69f5cafdL,0xf80e76c00ecb60fcL,0xd3441285197f6bdbL,
-        0xdeed257a52050b0bL,0x8c28afea0703c0efL,0x0000000000000052L } },
-    /* 3 << 336 */
-    { { 0x2ea6e18456500523L,0x566ccdd0f44d63fbL,0x8cc0208db01114ccL,
-        0xdb7bf61311e5dd4eL,0x65e4263eff83d7b1L,0x12d2924cd6da83e9L,
-        0x093bd19078380401L,0xd2835bdbff97c4f9L,0x000000000000013cL },
-      { 0xd3ae4c901d8e9521L,0xe2c92a4c42dc5bbbL,0x478e934b8c96057dL,
-        0x0e526187ec6155f7L,0x3aca950d2bbe77d5L,0xe7edf96a6e492364L,
-        0xfc039fd22fe76745L,0x68dfce9653928c27L,0x00000000000000f3L } },
-    /* 4 << 336 */
-    { { 0xab482b76e225fbd9L,0xd561f4cdd3c33a7dL,0x18813777ccb2f003L,
-        0xa163377524cebce8L,0xddbe587d16adb540L,0xbc0d225f79e133cdL,
-        0x8fa3d30032a4c54aL,0xded1ece4243dc5e5L,0x0000000000000024L },
-      { 0x94ce92a3ffd4b7ddL,0xeac8e7a15a8efbd5L,0x0c842c3fa9dc648aL,
-        0x19172f460d286101L,0xc8681e80beca770aL,0xfaaa1ab4a8795d3bL,
-        0xe8625d4663944868L,0xe13004f94f3254ebL,0x0000000000000104L } },
-    /* 5 << 336 */
-    { { 0xb0fece2bb7f3d4b1L,0x8b6168aa47b042fbL,0x207d9b0f01658a57L,
-        0x52deebf25cf0bb71L,0xc678dcc72fc808a8L,0x8bea9d0975a39999L,
-        0xf26b5d2b7042c5a7L,0x58b1d1bbdbe12667L,0x0000000000000120L },
-      { 0x10cf0b69d821c3eaL,0x045a9342c684e985L,0x2245c17f56babdcbL,
-        0x7859852ab40c5f7dL,0xcbc11caf35b36fe0L,0xcbce03baddc4abe5L,
-        0xfa4797269e11ee36L,0xc70cf89a8b993b9aL,0x000000000000013fL } },
-    /* 6 << 336 */
-    { { 0x2e911bb30d9ea003L,0x50503fd6dd7bbb56L,0x23780725f43c710cL,
-        0xf3854bc2d236028aL,0x0bb0cd7085f08816L,0xaf2ba06878e34910L,
-        0xb0ab1008558b8babL,0xe0676170e24955dbL,0x0000000000000049L },
-      { 0xe2b0161a87b571f5L,0x1676b3346209d9adL,0x402122ece2f86308L,
-        0xbd0e364487d6f082L,0x587ef7c464747111L,0xe8edfeec8f3386a7L,
-        0x2b70f9333a489db5L,0x819e1d7c442a278bL,0x0000000000000025L } },
-    /* 7 << 336 */
-    { { 0x731be59d6ee24007L,0xe96884c4b97efd86L,0x9e4a2bbecf73d698L,
-        0x7820a2d72ef12084L,0x1ebbf048c5692055L,0x707194dac1b300f9L,
-        0xf45fe3fec0d5dc37L,0x20cb9bf6df061c3cL,0x0000000000000000L },
-      { 0xef76e09349841247L,0x7e963d5c5673eee7L,0x135d2ca7c5eab79fL,
-        0xf0d3ac04ceeb60e6L,0xdb33fc361d07b5f9L,0x37ef4405f1443ae5L,
-        0xe4716fae6ec33bd0L,0x3a6e33a14fd6f657L,0x000000000000003fL } },
-    /* 8 << 336 */
-    { { 0x6f01c26104e188ffL,0x0d9bf057c7ff2e86L,0xf9cd2dd6c8e36163L,
-        0xbfc6200bec1562e8L,0x735836b48afb5102L,0xb7a29e92035e1ed7L,
-        0xb16b14ca5f2e5924L,0xa77550a628630d59L,0x0000000000000032L },
-      { 0x7b4bc3ef7418d27cL,0xdf5c38b623b67adbL,0x168d61e3ea3713c8L,
-        0x806f95491abd92f8L,0xe806ab7b98eb3239L,0x47f49e50f09b81cbL,
-        0x4324da1706fd5ba3L,0xd54dc8613193dd6bL,0x000000000000003cL } },
-    /* 9 << 336 */
-    { { 0x9f88ff35a3d49d3dL,0xe4284139fce247f8L,0x6c4d5c7af9dcb985L,
-        0xfbcf4fa1161d138aL,0x2704ef59a06a95f5L,0x2a277e200d0e4d15L,
-        0x3105f965c5de8f83L,0x10fd313deabd284eL,0x0000000000000133L },
-      { 0x308bbdee0774ab51L,0x3e273e4200f231beL,0x843c53d8f8392927L,
-        0xbbae99a3c0007797L,0x110b8e4ce1f84317L,0x456790c6e26fc087L,
-        0x13144322bf6798e3L,0x35d44ed5217a52ceL,0x0000000000000020L } },
-    /* 10 << 336 */
-    { { 0xd7c148b3841f5e75L,0x4fb757644b5442a4L,0x95e65524dcdfb2dbL,
-        0x2265e0edd3446c55L,0x7d95f3b17a24cbddL,0x852beaa10567103dL,
-        0x48c62a902808760fL,0x5f872492fc689aebL,0x0000000000000065L },
-      { 0x11fa99ecd6740dfbL,0x0b028e97621f47f7L,0x2a75276c3b2a21bcL,
-        0xbad738bbb779b390L,0xa178ac3072cf8732L,0x4c515b788ef8ebc9L,
-        0x5a411714b745b0deL,0xb7c566faf0341a62L,0x000000000000008aL } },
-    /* 11 << 336 */
-    { { 0xad24d78c5774fc6eL,0x0ae7e57b8dccc508L,0x92d4a44ce70f8e39L,
-        0x3915c8eb837de2f6L,0xf7fd688854dd047aL,0x13bcad45d1bbd515L,
-        0x86e766a1302bee43L,0x788ea08a0986a53aL,0x0000000000000188L },
-      { 0xe0117403716f966cL,0xf2ff910991cbdb03L,0xb30a2a3cf6368671L,
-        0x29d49766adf90b6fL,0xe7333e2338d741c7L,0x11995ae97e584997L,
-        0x0f46aad3bbc84668L,0x98ad5a3f89992582L,0x0000000000000197L } },
-    /* 12 << 336 */
-    { { 0x42814ac122ff19a0L,0xde569bc8b27c568eL,0x1d08a1226ada1db1L,
-        0x3a3fde2e6e513dc5L,0x29c0813b1f856f5bL,0x13d3bc840b6cb7dfL,
-        0xabba0aba2c40bc67L,0x1fb6edcc8a718cf5L,0x0000000000000072L },
-      { 0x806a0ca2b312563aL,0xbb056c4891380b70L,0x0c90364b0a157f24L,
-        0xf79016c3d9e3f68dL,0x8d12edf88944a622L,0x333d61b31ec7abdcL,
-        0x372a693d50bded2dL,0x08bad7dc2dfefccaL,0x0000000000000081L } },
-    /* 13 << 336 */
-    { { 0x95aecad65c1c6ddcL,0xdd32cd749ae10bd1L,0x81882ab6a84c69dfL,
-        0x8a7d8cbe8838d94fL,0x099ad520bcc1300bL,0xd63bb039c30e4469L,
-        0xb3bef31417356877L,0x48fea9063238c2d5L,0x0000000000000047L },
-      { 0x772aa8f68e8fbfbaL,0xe852c8f15845a5ffL,0xf1355ee5a907e9d5L,
-        0x18c0ba0e5ba624e3L,0x32a3b125b72c700aL,0xe4e19fe46afd2a5eL,
-        0x08009bd907e95944L,0x14a813f019294091L,0x0000000000000106L } },
-    /* 14 << 336 */
-    { { 0xfd9946a699102917L,0x62df6a373c73b904L,0x9998064f29c4664fL,
-        0x626c7d71a38aeb0fL,0xebb4ba2d9ddbe513L,0xfb7b78301d72725cL,
-        0xc1314481e4c19372L,0x90c5ec66ed09077dL,0x000000000000003cL },
-      { 0x05bccd2f92b2ca1eL,0xffb71e3f55d4157cL,0xe4913c2eb5edf4e2L,
-        0x185eb955a96247b1L,0xd70ff9614d7924b3L,0xe6ebce13ed6c45f0L,
-        0xcbb30c53786c10d3L,0x37b6a2f2137354e1L,0x000000000000015dL } },
-    /* 15 << 336 */
-    { { 0x4d82915996367153L,0x60562a5910e88061L,0x2b2c480b942bd412L,
-        0xc015240fefbbe7b6L,0x363ddb1df084fba3L,0x21739dffd1c2f9eaL,
-        0xbf972d6fefe1ac54L,0xdfc5ff12edbef772L,0x00000000000001e7L },
-      { 0x2f0a919a39250f37L,0xca4b3f9711cb4bddL,0x85909ebfc15252c3L,
-        0xef2421d0f81d74c4L,0x7f8a45d7faa5d679L,0xcc97e0caaf2c27acL,
-        0x11fa8448f0393356L,0xd0727c3b091f3a2fL,0x0000000000000098L } },
-    /* 16 << 336 */
-    { { 0xd17bc05981fe2fbdL,0x8247a0c7cdfc711dL,0x973eab2f63ce74eeL,
-        0x270a6bdc4191b5f1L,0xe21afb51637f5917L,0xa84e71c550326c7bL,
-        0x14cef332f30c35cfL,0xff0e5f89b7407d5eL,0x0000000000000011L },
-      { 0x7b23a55df8b6b176L,0xbc660c66c679c536L,0xad82144a897fde1aL,
-        0x5082037d545baf12L,0x4bf2b1174448059fL,0x59c25c1bf1e8c52dL,
-        0xc01a4b8d8e030e69L,0x45077803229951c1L,0x0000000000000184L } },
-    /* 17 << 336 */
-    { { 0x06ab930118ba92b8L,0x0ecfb20658c698f5L,0x0d07b9580c53b831L,
-        0xeb8bcf504c6b8a70L,0xd6aa30dd46cfe9a3L,0xc0373457e824156cL,
-        0x14ae78702b281201L,0x3c50eefa57c56e20L,0x00000000000000cbL },
-      { 0xcd4eac45dc159da0L,0x3e09b24db817f40cL,0xb1a9ddb4f1ce719aL,
-        0x27e01e5ee7c528a3L,0x6d3effe69f1aa448L,0xcc3ea2c66c529ff2L,
-        0xf2ad16d9cf1095a2L,0x8497e6bf6795d3f1L,0x00000000000000d0L } },
-    /* 18 << 336 */
-    { { 0x5936402fea46c7b7L,0x611f48a4c8e292fdL,0xc9178953b1ef5c93L,
-        0xf8c3b0bf45132752L,0x6f60ee45243ba68bL,0x7aae87523de7945bL,
-        0x9a2526667e5b0f06L,0x39503fed24112340L,0x00000000000000e3L },
-      { 0x8479c73c64655be9L,0xd3c0a16e00645b62L,0x4e71df09fbe33ac9L,
-        0xa0dafba123f21934L,0xba16e195a3689496L,0x0dea634e05508b68L,
-        0x6855cfe25ebe2694L,0xec373e0b7d85a1d4L,0x000000000000009eL } },
-    /* 19 << 336 */
-    { { 0xb8c3dacd4ca0c4d1L,0x8424abd597274623L,0x081fba1ddc429d00L,
-        0x4ea6805c77022b62L,0x09561cf5610a6c42L,0x06bcb6857c4d0400L,
-        0xbf9d4591ee3eda1fL,0x6bee800bc391cf2bL,0x0000000000000011L },
-      { 0x5e41cb27c0611ef1L,0x7a25441cc7cd8245L,0xc5bd725ca22201aeL,
-        0x554ff12ef99102f4L,0x55ea06a484c51d6cL,0x93cc43c1fa4d3a28L,
-        0x1e930d0e95158c18L,0xdbbd3924f3aca4a0L,0x0000000000000064L } },
-    /* 20 << 336 */
-    { { 0xa929ab929b4fcaa8L,0xbd15698f18c196a7L,0x52ba54d9ed6b3cd1L,
-        0xaedec8263afce3d9L,0xc26a7b6aa7a05e27L,0xbfacb969c40091d7L,
-        0x73f5ccaec8fc6e07L,0x7fd306960a44e5f9L,0x00000000000000b3L },
-      { 0x00ddfd1f2a5bedbeL,0x417d4298c591c174L,0xf91f5a4c55f96920L,
-        0x3a6623d3936f7a6dL,0x9b67aaf628dd7721L,0x5bdda9995184915fL,
-        0x14cb50bf61a502deL,0xfbb382b2f0d3a5f1L,0x00000000000000b4L } },
-    /* 21 << 336 */
-    { { 0xd2e51c02358407feL,0x379ba801aa5d1f95L,0x78805d1d433bee43L,
-        0xc8406d4e30368d9eL,0xf1afbc18181d8bcfL,0xe1b5418dedcc02caL,
-        0x594140aade21f349L,0xc935edc90960aedeL,0x00000000000001d0L },
-      { 0xb4bac9577c6b52f4L,0x193cae40a1f988eaL,0xd3611a5686c73777L,
-        0x8861119d10907a06L,0x4080e88e97c5aba2L,0x13d48f856177a63aL,
-        0xd98a14637d1505ebL,0x712f5704345cbb1bL,0x0000000000000145L } },
-    /* 22 << 336 */
-    { { 0x9602183a8656a9dcL,0x38d9cf9914e10f6aL,0xc4480df1af352f91L,
-        0x312a0ee97284509dL,0xf8f1609428a89368L,0xdc60750c394fc38dL,
-        0xa45097b8c4b076ebL,0xebc69f19188f7500L,0x0000000000000011L },
-      { 0x0b82a33debf35521L,0x38cfc247822af398L,0x7e47262408ea1a06L,
-        0xdbf9ae15ca3b03b0L,0x992f77515b8ec4c3L,0xa2d4411d491fd8aeL,
-        0x00e5457f6d6707dbL,0x91e79e34a3d679faL,0x0000000000000123L } },
-    /* 23 << 336 */
-    { { 0x729069f3c2aac2e0L,0x0a3cbdbdcabc2ef7L,0x1ac994e853919f9eL,
-        0x988345d28f722950L,0x6c446036b3eaed7aL,0xc8d1ea591af32590L,
-        0xcb555a29c5f0298aL,0x2245dadc5a95ddc9L,0x0000000000000003L },
-      { 0x28b43e4040fd5df9L,0xa37c16c1700ddf94L,0x57f4770188bdd8cdL,
-        0xe46cf6913a7b7b20L,0xc2982480151c16ecL,0x064d58699ab5b911L,
-        0x282e068b1e2e9b4eL,0x8bce73305ca7880fL,0x0000000000000079L } },
-    /* 24 << 336 */
-    { { 0xb8f663eeba7642c0L,0xd6de3ffd8e5f9f42L,0x5f7a9a7bb661e29aL,
-        0x43e035a5e709fabcL,0x115ff746d241f6feL,0x9aff188d3a889406L,
-        0x35a4d29a00ce6f54L,0xa43706eb19542e2cL,0x00000000000000d8L },
-      { 0x6d4d00fe5307c22eL,0x97c82f0ac02f495fL,0x23857399a4563bb5L,
-        0xf5ad0f92e621b072L,0x5e28217f73ed71d6L,0xb850554f7c532cb8L,
-        0xb75dcba289b00deaL,0xa9252801fabb05cdL,0x000000000000016bL } },
-    /* 25 << 336 */
-    { { 0x113df94b7d7ca596L,0xd0d81f973a09c4e0L,0xfdf25b6dde5f749aL,
-        0xb7a9ca9ff56f6819L,0x4e227c423c76e2adL,0x8f568606fb0c6c74L,
-        0xc68a1311e7d75727L,0x3cae257ea97c6a06L,0x000000000000003eL },
-      { 0xb8fc17b67c4eec48L,0x859ababb5c2177e3L,0x372a76051058469eL,
-        0x82bc83878198208dL,0x362b7058289b96d9L,0x008fdbb14b1ff834L,
-        0x6754a93e001b5d35L,0xaf0588963cb788ecL,0x00000000000000e6L } },
-    /* 26 << 336 */
-    { { 0x7f0b78bf7e8da44dL,0x6bc7705a76e657e0L,0xf62df055522bd33bL,
-        0xcfa310d2d5730259L,0xdb3c752706babe9eL,0xa53c9580c5b35c93L,
-        0x88a085faa6e6210fL,0x2436bc42bfbb2a0dL,0x000000000000011eL },
-      { 0xfa99d4eddcfc0929L,0xc08653aec8373758L,0xdd402a641820eaf3L,
-        0x8fe28a88991a187fL,0xb2a8d2aa14e3031aL,0x5d15745af340b738L,
-        0x03f304abb5d057bcL,0x42b9c992b2d32a29L,0x0000000000000130L } },
-    /* 27 << 336 */
-    { { 0x7bf6c878e6f3697dL,0x0da60fe25286dc50L,0xdaf811cf4427b675L,
-        0x21263e1a63b81439L,0x6c1588eab23ad5d6L,0x67ae668ecf30a50fL,
-        0x019d2c48dedb60c5L,0xcfb3ef72898225efL,0x000000000000010fL },
-      { 0xceb271fc50d5ad72L,0xc590aa97a684a6a0L,0xf0c51ceb97b0397cL,
-        0xb0abb09c6f549db0L,0xb04b4898b6adf961L,0x4e5b4948ec0602ddL,
-        0x892d411e95a537b7L,0x613fc8af84b4dcaaL,0x0000000000000166L } },
-    /* 28 << 336 */
-    { { 0xc9eb8a3732462315L,0x91893c7c6e4e47afL,0xc2c9569bf9bbc7b4L,
-        0x656b2ce30314c0e0L,0x90b866af7e012597L,0x235d7f2adf853ba8L,
-        0xce824693266a534dL,0x3b362419b30f8251L,0x00000000000001cbL },
-      { 0xf5c990529df9422cL,0x261a1d31ab69da5fL,0x29ac221f2d225cd4L,
-        0x37090fc6ae4cec4cL,0x257983637417f8bfL,0xcd19cb04f6898caeL,
-        0x98580a0a75239b7aL,0xd1a38556e19c424eL,0x0000000000000025L } },
-    /* 29 << 336 */
-    { { 0xc4b2e4321ec0f9bbL,0xb6d9c02b4f72792aL,0x692936bcb7745461L,
-        0x70c8d81bf16ed29fL,0xfaf6602cead1e3f4L,0x9ff71ca731f17e50L,
-        0xae87c59b5a4f7187L,0x8103cc5ccbbded31L,0x000000000000013dL },
-      { 0x973df81487cb1debL,0x8d733cccf3e31541L,0x3f9a0a7bd66e3904L,
-        0xd9deff68e1a92726L,0x15118a0f9a57ef64L,0xfc1e37f6a079c288L,
-        0x1f3b8593d66e3a5fL,0x2f41c9df69904b4eL,0x0000000000000130L } },
-    /* 30 << 336 */
-    { { 0x2438afa71bfa8266L,0xe42c4d707aca9c58L,0xed95a6df3a0b8f82L,
-        0xc63e62418c218d8dL,0x17cb1bcf4a467ea9L,0x00add391e6a13b32L,
-        0x84f65ead54bca5fbL,0xf3a6b748d44c6849L,0x0000000000000077L },
-      { 0x46a9ffa49a19a7a0L,0x0e8a201247152131L,0xbf3cce1b9e569e70L,
-        0x8ad6f57ecc68962aL,0xdea8fc4929a6daaaL,0x71a147d711e9686fL,
-        0xb705d31d21d2ae96L,0x6bab44926ad7409cL,0x000000000000008aL } },
-    /* 31 << 336 */
-    { { 0x3bcbec5b43f1bc6dL,0x82f1c117e173ff5aL,0x86732bfc5f7bbae2L,
-        0xb369f7b53b3a68bfL,0x09723468dabd0f05L,0x536a17524466eb28L,
-        0x797ce5a43d685bdbL,0x5c6904da797af4d5L,0x0000000000000112L },
-      { 0x0125dc59b2365e89L,0xe95c31e5e6b036b9L,0x025da8ff1bd84808L,
-        0x980320c96689aa70L,0x7a7cf8959ce14041L,0x09fc1e84eddb13a6L,
-        0xa562767a27a54095L,0xdd0ed2f995de4423L,0x0000000000000023L } },
-    /* 32 << 336 */
-    { { 0x6a55868f11c50119L,0xb78abb45c7912bbbL,0x00ec6edcf2598660L,
-        0x45b396bf3b330dddL,0xf1e1b15d430b461bL,0xd7d7ad1de8c572adL,
-        0xc236b2601ec38412L,0xb668a33699889cf7L,0x0000000000000109L },
-      { 0xe39ab64b0bf6ef3bL,0x83496baeb87b2f04L,0xc9a9009ddd04f4b5L,
-        0xcd813e028fbed8dfL,0x8766407ed49842feL,0xed08303dd72a0525L,
-        0xed117dd7b47e882eL,0x62ec57f744ce2e25L,0x00000000000001a9L } },
-    /* 33 << 336 */
-    { { 0x2f7726ba8e8a63f1L,0xb0c2ad66ecb3ae83L,0xe57a64b99accb54eL,
-        0x79eb94ce3968e980L,0x1030ec413a04e7daL,0x60900b75ae88b7fdL,
-        0x6a2b74e30d22ebeeL,0x93e1657222357db3L,0x00000000000001c6L },
-      { 0x0cbe946b8feb2f46L,0xeebf1e20d5d78ad9L,0xbf52e57dccc955e2L,
-        0x03ca5245a84019c3L,0xd83c5de77390eec9L,0xdfb17932c7ca0529L,
-        0x4408ddc221cf2ae0L,0x4b217712bd878077L,0x000000000000010eL } },
-    /* 34 << 336 */
-    { { 0x19c2fb35e68bfa93L,0xd194609c6be8cd17L,0x3d5bac21c0950167L,
-        0xc6f452ad320fa097L,0x5efbc350c519d010L,0x04b5f5091ce6ff40L,
-        0xbc81371fd33d1152L,0xec1882e91ec5cbdfL,0x00000000000000d8L },
-      { 0x389fdd4ad929e151L,0xbc3bf1fc30b376ceL,0xb57789146458a81aL,
-        0xa1b02703bd08823bL,0x6e0bafc8b8ead9bbL,0x05009a9da4a6510fL,
-        0x788cd68402719b2cL,0x4abb7c12f4eaace8L,0x000000000000015dL } },
-    /* 35 << 336 */
-    { { 0x924834880d6e1420L,0x0f6b842f02a9e525L,0x5f195b9ef2c23ed3L,
-        0x872b7dab188c8a40L,0x6ea520e57a05f397L,0xb84f6f52a8318cf3L,
-        0x7c20f13cb4ab7198L,0x94c07e8634d193fbL,0x000000000000007fL },
-      { 0xa665378f640101c4L,0xf718aba2f23d6880L,0x7feaa46ae39f34ecL,
-        0x0c5e49bc45be61a3L,0x6c9e53e91d1097bbL,0x1f8311795b9afba2L,
-        0x7c91abbff68ea497L,0x84c407ffcfb9359bL,0x000000000000010eL } },
-    /* 36 << 336 */
-    { { 0xf66002a7532cded3L,0x12ae6fbd9b51ba09L,0x1877c71151a4511fL,
-        0x75a3a374b468daaeL,0x09f3fbee0866ffb3L,0xfb535b7479a0e5ffL,
-        0xa9f20777119d443cL,0xb0d45806818ba850L,0x0000000000000089L },
-      { 0x9ebce29758c4764fL,0x25239275d673bbbcL,0xb8e731d526a3b9f5L,
-        0xe00ea0a81b7a1218L,0x64e38615251ebaceL,0x1861ba0c43c768d9L,
-        0xabffeab0faa8388eL,0xd7a8dc7e036e9163L,0x0000000000000138L } },
-    /* 37 << 336 */
-    { { 0x3a548ee6767f67e0L,0xf43995d96e7381e8L,0xfc613affe3f4fa78L,
-        0x75b8421853a88ca2L,0x4efc41a4a34d77d8L,0x67704b6c6dfeccc9L,
-        0xb6301c73ad702b28L,0x2257dc83b0bd12c7L,0x00000000000000c6L },
-      { 0x01f144891820d290L,0xd2b2e7b74b212d5aL,0x2372e19e203ffa93L,
-        0x7847f736afc48e54L,0xfd061aa2b0d47790L,0xeb5d269c56107e9dL,
-        0x90e172f6f400c123L,0xf13bd3b9a924ac2aL,0x000000000000014aL } },
-    /* 38 << 336 */
-    { { 0x2f1e5d38c7d8a5a9L,0xc812dad7d2f00aedL,0xcccd0e9be04e41ecL,
-        0xac5b0abd217a004cL,0xb1332777129d0219L,0x7ec641f09f912102L,
-        0x53d6db38ef3b0f35L,0xc9d6b3cacabcfc1cL,0x00000000000000bdL },
-      { 0x834b4b341b206ac7L,0xb6e4bc6ba8a9615bL,0x024f9e7d83fef8fcL,
-        0x659a16fd427d6556L,0x56c796186ea415a4L,0x26b75d757aa919acL,
-        0x01522021d880f489L,0xa250d22c6089862cL,0x00000000000001d5L } },
-    /* 39 << 336 */
-    { { 0xd90132009928e628L,0x1193d8578046a060L,0x4121d1e40ce4e473L,
-        0x4c4d212253cd7702L,0xcd42376919823037L,0x696394e8b5506010L,
-        0xbd26c4266e10bcceL,0xbb15eb862869fc0bL,0x0000000000000148L },
-      { 0x24e36d1ce3895fb0L,0x99b1202f62a2e7adL,0x7be82d41360abc5dL,
-        0xaa8b30afe64dda1fL,0xa5c5cdf693938b09L,0x8a0d8440db48efedL,
-        0x17db9cab6dbdc7c6L,0xe0f3f1a778477ea9L,0x000000000000014fL } },
-    /* 40 << 336 */
-    { { 0xa35909198b52c773L,0x76609450fa34c84aL,0xcbc53186e1eb0e17L,
-        0x4f1f328a93f87b38L,0xad5a48aaf3e70effL,0xb90942f9338873f4L,
-        0x8d9018db7c92f220L,0x883ee17010edbe69L,0x0000000000000090L },
-      { 0xacbf26d4352788caL,0x6e1134413124e676L,0x8c23d996bf850dafL,
-        0x8781a364b318b4f9L,0xe9ccfb474366d53fL,0xc36fddcfa2522307L,
-        0x0d9d490f5c18063fL,0x70e6946a7c772f22L,0x0000000000000021L } },
-    /* 41 << 336 */
-    { { 0xceb65c253265473aL,0x0848d8c109e9c600L,0x7a1d52b5da02fa2cL,
-        0xc9d059a187ee1d9bL,0x6fc44d08796f782dL,0xc986ddc0de4faa1dL,
-        0x7ae99e1cdb221bbaL,0xecce252439e934b3L,0x0000000000000145L },
-      { 0xebf9741ec8b2e015L,0x8291788dcc2829e9L,0x85e30cb4b92d367bL,
-        0x6306f633d498e495L,0x982bf2b64b7d0e51L,0xec78717623b5ce39L,
-        0x13813e58d7dbe278L,0xf35d5ab7de0b9f48L,0x000000000000010aL } },
-    /* 42 << 336 */
-    { { 0x3465a55880b2842bL,0x69ae8ee5fb5c4ab4L,0x0f60b67f1d9d3c2cL,
-        0x43c637aba61d5441L,0xebb11af2616bb3beL,0xb233d60c8ebb368fL,
-        0xfe78b8e8e666a6bcL,0x40c89e61199647bfL,0x000000000000017dL },
-      { 0xdfd02f7d1a7e4004L,0x67ea0f94f0db6c8fL,0x75fb799d0b25ec12L,
-        0xbf15842512e0b07bL,0x6232d56ccf7cb388L,0x62852eadd2b1cf35L,
-        0xdebdf566d4d5a337L,0xd4224257c5d68925L,0x00000000000001f0L } },
-    /* 43 << 336 */
-    { { 0x3b3b236a2705c8ecL,0x18e596fe8f9ca382L,0x6cef674b595529f9L,
-        0xdd4d79e523afaeb2L,0x96b687668c095755L,0xc20d270322f1303eL,
-        0xaf55fa652118e930L,0xc1598fdb6ab3adddL,0x0000000000000007L },
-      { 0x8c72b53a9f7ec947L,0x230c6c33ea8256afL,0x3631364728ff1428L,
-        0xedd1a1d226269503L,0x35142f60f50ad51dL,0xfb1597d3365f7d6aL,
-        0xc0d5b6da40fb6f18L,0xc3cf67973fa48c72L,0x00000000000000e4L } },
-    /* 44 << 336 */
-    { { 0x7d59c3f4712ddfbdL,0x839dd63f84f37f9dL,0xb7d4176f102b47ceL,
-        0x91549e3ab3e2d34eL,0xf82494656176fa4eL,0x34cef89d534e8a88L,
-        0x5752810fd05652fdL,0x05878d59e8109c08L,0x0000000000000045L },
-      { 0x83e223e70f9b0af9L,0xd4094717d8b7e4e9L,0xfd6789140f16428bL,
-        0x39782a1591a6f1c7L,0xfc637c567d10b525L,0x396ce1a419b2719dL,
-        0xe3c112a59d21f5baL,0xcc9423b1fec40d42L,0x00000000000001e6L } },
-    /* 45 << 336 */
-    { { 0x9918e21421c67dc6L,0xbbbe96db3ce73d10L,0x646749af353facceL,
-        0x4471d11f941a1ae8L,0xdce491d8254be83dL,0x2a734d2b06044c3cL,
-        0x015bb26f33e90f68L,0x2986a9179b397235L,0x0000000000000000L },
-      { 0xf2bc225392d0328bL,0x3cf80ec41c01f96eL,0x7059378025f2b93fL,
-        0xe218c28f8caa3c34L,0xed5b3b01acf08f85L,0x78e7130b675abf03L,
-        0xdc164f62e61ea709L,0x5e9bcdafe7cce590L,0x00000000000001d7L } },
-    /* 46 << 336 */
-    { { 0x7dd978412969cc46L,0x464f831465c2a193L,0x0f0814d7556ba73cL,
-        0x4e0b01c2a746479bL,0xf769a86a222abae4L,0xaf204519b06949abL,
-        0x219f3dd4bc0cae6aL,0x41e7fd75bb04e014L,0x0000000000000111L },
-      { 0x8c81a4171b4685ecL,0xc2cdc2fb56fcf448L,0x047f00b60ffe70b3L,
-        0x4fb3e96353c0b627L,0xd6eb99c304092d40L,0xcef9e712824d32d6L,
-        0x22438fe0661c9073L,0x1d24b9508b5d62a6L,0x0000000000000179L } },
-    /* 47 << 336 */
-    { { 0x776548c41646b926L,0x5da803c6cbd4f251L,0x9fb4cbbdcafbff5fL,
-        0x136e5ab46b1967e8L,0xbf3187c655c2cc0fL,0xb5cb7010ce03caffL,
-        0x75f960d74cba3a38L,0xf1f7da468c4de719L,0x000000000000008aL },
-      { 0xaa9771cf8e145328L,0x955607127e9c7154L,0x7576c566c54ac3ebL,
-        0x83a1cc22b9565637L,0x65a033e85f237916L,0x0fc5b3076eecda9bL,
-        0x6a8a26805a6bbbc6L,0x3f5df88eace3f66fL,0x000000000000011fL } },
-    /* 48 << 336 */
-    { { 0x8ee76fb84b60e7d4L,0xcdcf289366df99e4L,0xf0a8087980648b08L,
-        0x3c499205ae3ade6dL,0x73d8d03503d4984aL,0x4fcd2c1ce21a233cL,
-        0x0b5c1e89bf51ca1cL,0x1b7a009f237792d1L,0x0000000000000116L },
-      { 0xd2dca97044961ef0L,0xd5a6fbcba97a7b6aL,0x5e6da5975a4f98c9L,
-        0x2421c548bca536b6L,0x7a591af11f7ee8a4L,0x320308818a8817c3L,
-        0xd98a21782af67257L,0x31fb8f953828bbddL,0x00000000000001cbL } },
-    /* 49 << 336 */
-    { { 0x2fe629cce3886eebL,0x703263920694724cL,0x42ea1744001fde6aL,
-        0x285ba5fcb4b7c99bL,0xa7474f9203317986L,0xfa84421405f64263L,
-        0xe64e02dfea76091bL,0xe5356b2ddff26696L,0x00000000000000e7L },
-      { 0x47e54d6513506a2bL,0xb66069948dd04445L,0x86413fcafda61d05L,
-        0x58a825310779b2ebL,0xaeebe93899414dd7L,0x838add05bf1cc63dL,
-        0x98cbe079d98429d5L,0x7416b93677ceb9ceL,0x00000000000000d5L } },
-    /* 50 << 336 */
-    { { 0x196b992f7903265aL,0x3f8c505985ac43caL,0xa0542a9832f558a6L,
-        0x34493872f8f15c20L,0x8422611411ff2331L,0xaaa95263dad5aa4dL,
-        0x5ba3c89449618a2bL,0x7114cb67ffb0b7afL,0x00000000000000ebL },
-      { 0x22896ed5c413488fL,0xb68be598e59cf5a3L,0x8aece01d5a9f0b73L,
-        0x5ef6ef9fe44bf3c7L,0x276042132e665544L,0x5cbaae365b4fb862L,
-        0x2bc1f35ed164d7b8L,0x353fe76e05a5405cL,0x00000000000000c7L } },
-    /* 51 << 336 */
-    { { 0x5c6259f3f2bd866dL,0x74f730eb67f990fbL,0xeda67791bac84b24L,
-        0xd77e5d5ff0d8e9e1L,0x997d32d627f0633bL,0xe26e2cff845bd85bL,
-        0x214962750bcec89cL,0x615c7f755ab41a61L,0x00000000000001c5L },
-      { 0x5b5e76ff238ba9a4L,0x5a66c41f6342061aL,0x036bd57b984949baL,
-        0xb8bd4d4c78893803L,0xade10dafc8bed951L,0xb17d2e19dd61db30L,
-        0xa36f13476346eaccL,0x43ef15d396e37846L,0x00000000000001c2L } },
-    /* 52 << 336 */
-    { { 0x2e82f2e8fc7dfeebL,0x4351215c52c20206L,0x3b7875804be6deabL,
-        0x480d4e87e24e7b8dL,0xbc1e73e71a2fee06L,0x9ee62e8dbbe97079L,
-        0x729883c30c65ff12L,0x7d79b4450d40e7a4L,0x00000000000001c7L },
-      { 0x0040e8251338a343L,0xd46631e703c25efaL,0x69038f5ec8d68911L,
-        0x5cdcc85d67efed4cL,0x7bc6c0d960dec282L,0x0ff1944dc69bd184L,
-        0xe9c1f924840c0a85L,0x8744d9a243df13f2L,0x0000000000000039L } },
-    /* 53 << 336 */
-    { { 0xffb073725731b8dfL,0x55b50655528162dcL,0xb06b7e4fbaf43a0aL,
-        0x2384151f3205c2ceL,0x2fb3a0ff0796e15eL,0x145b6de137a2080fL,
-        0xa7fc63f1eb9e8ed7L,0x282c8eeddbb2c666L,0x00000000000001deL },
-      { 0x797ac3c0cdb70b94L,0x9ed6c19f8afe775fL,0x959e53d08fdf4354L,
-        0xee3422904c6cd016L,0x878e3ce6da3d2171L,0xf91eb6cc0c0ecd98L,
-        0xa4c9deb0352ddefbL,0xe0fbf7404cd91881L,0x0000000000000093L } },
-    /* 54 << 336 */
-    { { 0xcf3ab1a8c06a14cfL,0xe1dab4729134a070L,0x02695c59d307b78bL,
-        0x6ff63c8927584f96L,0x0f2d84c83591c925L,0xc3f41483aee8afb2L,
-        0x9f1021819b9720d0L,0x990e1e26ecc16999L,0x00000000000000b3L },
-      { 0x3bd5760e1240a3f9L,0xf40840d9bb9c9613L,0xbee95c7dccb1cc9bL,
-        0x094f695218da33f7L,0x116776dcb55c954dL,0x7d5820b102e92e9fL,
-        0x06fb44a56ee9fb47L,0x35771a46baeb1c66L,0x000000000000007cL } },
-    /* 55 << 336 */
-    { { 0xd0440862ec99e2a6L,0xab4a43a33ba340ebL,0x12bae2691f10a256L,
-        0x4351afbd77fa12cfL,0x940ca3c3316a9a8eL,0xda41cfb0e7e77bd3L,
-        0x0fa1738fa142b7e2L,0x00fc2c8afc50ace3L,0x0000000000000157L },
-      { 0xb1d820d0714f689bL,0xe64117180c4c8717L,0x59083d80ba8d5ce6L,
-        0xcc2f13ab5a3b4531L,0xaddaf07ad5a8ebbeL,0xba541abb21a54993L,
-        0xbf86b7ca801cc68aL,0x23d9dae3b2f94878L,0x0000000000000107L } },
-    /* 56 << 336 */
-    { { 0xebe606acae034f8cL,0x818cdf076b6018d6L,0xfe55379b7608ef90L,
-        0xaa46536f8ba09a70L,0xc013d0e9c8e4d932L,0xf6c3c883da15fbfdL,
-        0x9d01956feee975bdL,0x12559e14ca159bd6L,0x000000000000013dL },
-      { 0x13cd63821aedc90bL,0x0702dfbdbb2ab040L,0x30b7ab23ff22a921L,
-        0x5e348016544e103dL,0x478ca80b00ef78b1L,0x5f56249af37d1238L,
-        0x330515a9222de97fL,0x415dc934b0a87d9fL,0x000000000000015bL } },
-    /* 57 << 336 */
-    { { 0x1c4d07047b5bd6a3L,0x48c3ef051b90b22eL,0x70a08c1f1a64461dL,
-        0x4a04e537dd99999aL,0x150e2d2272551b9cL,0xce73d701f738d935L,
-        0x0075c2f9282e466bL,0xd4fb74363bbfab78L,0x0000000000000198L },
-      { 0x4aa5ceeeb6af5e61L,0x3d5e02891ce71dfcL,0x4ec385390a795137L,
-        0x26a82c384e4c960cL,0x853dfe6003e80d25L,0x05c38fe7f833c27fL,
-        0xa0fc2cad0e5fdc8eL,0x651964f066b1409dL,0x0000000000000155L } },
-    /* 58 << 336 */
-    { { 0xbcd1b8fdcd2c882aL,0x972b6862b2561e9fL,0x0f3d3eed44ec7dadL,
-        0x2f193dca33dd798bL,0x16923e1b3425be8aL,0x424ac2d0fcea5e3cL,
-        0x04dae6a5d3088f6bL,0xb37290420a495a9aL,0x0000000000000191L },
-      { 0x233de0d8c36dd1b6L,0x4201b3dd8a627653L,0x193ee18fa4ba6c52L,
-        0xafd48153da4125b9L,0x893c89d06ef2233aL,0x1181fc422ad683d6L,
-        0x6e9a5811f22ee65bL,0x2b60ec5e843e7be1L,0x00000000000000c2L } },
-    /* 59 << 336 */
-    { { 0x6906f9196f71d92dL,0x05811b7aa400e02aL,0xad0a7fbeb1147b49L,
-        0x14756b6e854e11a8L,0x2f1ae8e68e071b70L,0xa923d788938cf9e2L,
-        0xa2798bc0dafa6f8aL,0x0762c1b7bcd2c30fL,0x0000000000000097L },
-      { 0x53c32ec5438538b4L,0xb81a76f9225d6abbL,0xa6bfdddb1596d571L,
-        0xe7fdd67a7bcbfa9bL,0x90bcccd91136787bL,0x2407ce31ef192712L,
-        0x89dc7c1c2656dcdcL,0x613cccda158f3d14L,0x0000000000000044L } },
-    /* 60 << 336 */
-    { { 0x17f4ae2fa457f66fL,0xdcbaaf86f7f9b42fL,0x63f9b6a4512eae83L,
-        0x0e7005e8906c197aL,0xa6dbca2a47d9a62aL,0xabfc7eb772e1d3d5L,
-        0x67a98eeb1f26cd4dL,0xda8b076a0cbf90e1L,0x00000000000001a6L },
-      { 0x6b0ad7ac20b776ddL,0xc866b4abfcd80552L,0xa61879f9df7a54fbL,
-        0xed17d02b5d624997L,0xd91598090e81e750L,0x0950c09fb796dd7cL,
-        0x2841052885acec3fL,0x951a064a247e3b6dL,0x000000000000007aL } },
-    /* 61 << 336 */
-    { { 0x92e45635293aa8cbL,0x632ad2cb47abe5b5L,0xa90124982269db7cL,
-        0xb43095b71331e914L,0x4791600f7092ae50L,0x12270e800afa04b2L,
-        0x6734fdca0a89a3b2L,0x703efce3cef04cdaL,0x000000000000004cL },
-      { 0xa3a0c24dac19c42dL,0x56dd189a4b3e8f25L,0x9413431f3ed8d5eeL,
-        0xb4f9626ec0db57d5L,0x7991275b8d43d9d1L,0x154a82d9aca25085L,
-        0x30d558d279af6d23L,0xc37d14ed0894d400L,0x0000000000000152L } },
-    /* 62 << 336 */
-    { { 0x8a52f15018291f3aL,0x0ba052fb8e4a18eaL,0xb33beb1850947674L,
-        0x24e7295dda7960d2L,0x9c881fa7b4252751L,0x141a115777d3eeb7L,
-        0x98ba241b6d50cac6L,0x6e7627ae87169304L,0x00000000000000bcL },
-      { 0x4d7bda103d0d4bcfL,0x22827deb008a4463L,0x0e52c2e79a70f90cL,
-        0x6712a9fce39b6617L,0xfd8973c0505fe510L,0x11cc0de558c8409aL,
-        0x210477f3c64f2cdfL,0x0e6e51af443cc0a0L,0x000000000000001bL } },
-    /* 63 << 336 */
-    { { 0x4e7381532c5b1678L,0xf1264efdf0c3ad21L,0xe6b67649c37f0993L,
-        0xb3250481fdf7a6adL,0x34841e26d656f64eL,0x6c582f17eb5e5266L,
-        0xe98350b4455c5d17L,0x58f8e6d373857797L,0x0000000000000156L },
-      { 0x43289122e842a3acL,0xeb6f13b743590803L,0xc62511d75946d265L,
-        0x68a0c27f718aebadL,0x0105232e8a8e7627L,0xf5c3f66c62bbebeeL,
-        0x8ed456985e690cddL,0x3eeacd862e990ee2L,0x0000000000000076L } },
-    /* 64 << 336 */
-    { { 0xee2f0d5e485da448L,0x1ed09705ff6f7ae7L,0x14eecc17280081ddL,
-        0xa120ee797230161cL,0xcc768683ff269a0aL,0xf63e5dfc2a872fafL,
-        0xbb5b1ae6acc10cb2L,0xd110650707a71c22L,0x000000000000007cL },
-      { 0xa17256895a78b340L,0xc8802d2a8d805b2bL,0x4f1bd019e62fac2eL,
-        0xa1dd8419806b6762L,0xe6808f48a9223942L,0x50a99d62a6a1e281L,
-        0xfa71344852fbacc9L,0x09e7a5fbb5d82a8bL,0x00000000000000c8L } },
-    /* 0 << 343 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 343 */
-    { { 0x56b1560ac1c7ce9cL,0x619fddf45fedc58cL,0xe8d35dc7b59afa4bL,
-        0x0c5f5ac8eda188adL,0x14d11e1b1a468155L,0x9a5fd6c91529288dL,
-        0xf8b121d3e9da413aL,0xcd307365e231527cL,0x00000000000000e4L },
-      { 0xda248cc0f086ec25L,0x800ea7d4306b0d1aL,0xa5011ab86b74d50aL,
-        0x68bad0af749befe4L,0xc1ad06091bbbce0fL,0x363078eb2727c718L,
-        0x2e2e4aec18c61d23L,0x41f8fd81c84e4120L,0x0000000000000137L } },
-    /* 2 << 343 */
-    { { 0x9a579dee796de182L,0x6f780aa7f6fd67c5L,0x8e2e0d6d6c566337L,
-        0xd8d685b5e5314714L,0xbc0bcb3a8099f308L,0x7127691f585ce610L,
-        0xb1dd4f51fe15ed8aL,0xab542e06217bd3c7L,0x0000000000000183L },
-      { 0x67e189835f29dbd2L,0xf0092c9f74d67113L,0x3faa747c847dc935L,
-        0x798604f27f5be1b1L,0xf766db9a8c76c26aL,0xa38d86f05c205ca3L,
-        0xfec097778c6e65adL,0x1c2b356c156b3b92L,0x00000000000000d1L } },
-    /* 3 << 343 */
-    { { 0xfd161d574973e99dL,0x10ee5e335fd197b8L,0x931929e7e937363eL,
-        0x3593ac90e29447f7L,0x69e629fa511c53beL,0xa9140acf40818adaL,
-        0x2228aa6cdbc45f65L,0xdac3b76cb6956fedL,0x00000000000000b9L },
-      { 0x6f387c616730915fL,0x167ce892b42fb653L,0x88ae15d58258e7e5L,
-        0x5b5467b445c89d8fL,0x4689f145d122a7afL,0x47c3167dbd359cfeL,
-        0xbaa7f767939f7d23L,0xd2457722cf62d4fdL,0x0000000000000051L } },
-    /* 4 << 343 */
-    { { 0x40e2e814378740bfL,0x63a78984cbd2bd7bL,0x372e13db8a8dac87L,
-        0xaf09f900f60984c2L,0x5fcb7a8e79dd89c2L,0x29b8a792ff667cb1L,
-        0x9f8db873adaa64f7L,0xc52129f85dcc5522L,0x000000000000016cL },
-      { 0xa7c053bf00c4f4cfL,0x236a5b2399f2b4cfL,0xaa4e794a7d8f5dfbL,
-        0x42752a2262ae7550L,0xbf731493b6aa180eL,0x4cfeb68e0c875ff4L,
-        0x0c30dcd7e0c5141fL,0x3dcf620376da59f2L,0x000000000000012fL } },
-    /* 5 << 343 */
-    { { 0x95dd4eb5f8656474L,0xd4669a971cd62198L,0x0cc8ef1e92d0b064L,
-        0x9dcf50884d3ec93dL,0x98579f40ebb7f117L,0x5d355b938f1d1f2eL,
-        0x84b5a27e9e66bea0L,0x813076efea829073L,0x000000000000013aL },
-      { 0xc377cf528a995f59L,0x51d5d552504af77cL,0xe78a03839e855f7bL,
-        0xc28dc8efd54d0003L,0xeca6acc485efd53fL,0x94835190e0a0125bL,
-        0x26df5fda0ecfbf08L,0xdeb29864cb0dd7d4L,0x0000000000000046L } },
-    /* 6 << 343 */
-    { { 0xdfb64f02974d9b78L,0x31f9a91b41cce8d3L,0x34dcb6e34999e143L,
-        0x01d57ca3739197eeL,0xc0f2108c78b9f00aL,0xadc6692c4a735404L,
-        0x8358671e3bcc3b72L,0x3fc1ea7d6f09f3c5L,0x00000000000000e7L },
-      { 0x9c983854e86d270cL,0x4d51aa04ae44b27eL,0xff192db6d49c136cL,
-        0x8b4eb830e0f2963cL,0x839723cc894608a5L,0x39df449cfd6315ecL,
-        0xa65f47eff69010dbL,0xdf70203694f69bacL,0x000000000000017cL } },
-    /* 7 << 343 */
-    { { 0x98a217d8a7979eb7L,0x2f4859d405e2e911L,0x37ec784f9f43d39bL,
-        0x6047068b55a35243L,0x2d40c1194be6cdeeL,0xa28ca46cc2d0a82eL,
-        0xf3f91ea1e53f26e5L,0xfaa1f1ee0ad5a3d9L,0x00000000000001c4L },
-      { 0x8774d3bab3deb139L,0x94e79e50bfe48f58L,0x31425427b8a91318L,
-        0xac77740efab106c0L,0xb496d88441a74a18L,0x45952361c5556450L,
-        0x3d513f1474936fcfL,0x80f8d50ebe0c79c1L,0x0000000000000006L } },
-    /* 8 << 343 */
-    { { 0xb3eee6fe2a5a58feL,0xe8fac6485f1bd90cL,0x8c76159758fb2b1bL,
-        0x58d5a7ec41103723L,0x33335bb4a9800518L,0xa2ded46025ed26e0L,
-        0xa8996e7829e98932L,0x819f8f8bcdfb40d1L,0x000000000000006fL },
-      { 0xb8b1d0edb98e803aL,0x29fd31264620cea3L,0xea10dcb49eebe49cL,
-        0x29b7b6999ad55911L,0xc77d33dbf0ca87e5L,0xb9a166ecfe915661L,
-        0xc2ad03b0eccf8c45L,0x7b16346d053affacL,0x0000000000000082L } },
-    /* 9 << 343 */
-    { { 0x916fd08c8984d1dbL,0x7c7870365b1bf3d2L,0xe148da9f2b88ff97L,
-        0xa962ff45ac7c4189L,0x7c1ecc275768d54cL,0x33da8d97d43156d9L,
-        0xbfe05acc50f9f6c3L,0x0fd6737671323d62L,0x00000000000000ebL },
-      { 0xe45e1307c547c707L,0x3db010d28499f1ebL,0xeabff4004f388db4L,
-        0x0b46757cb6041ecaL,0xca91315ebf746334L,0x5980424bd4445cdfL,
-        0x7ccb2bb7482799ccL,0x9c9aa96e3129e0d9L,0x00000000000001b9L } },
-    /* 10 << 343 */
-    { { 0x5e6daeb491bf9e59L,0x9dc3d78928978a08L,0x8ba213793cf5ab93L,
-        0x13e05a849f7f32d8L,0xca46a51d24d864cdL,0x49da1d0958f27ab1L,
-        0x3d44ac191dd5bb6bL,0x14eb042f960ba63fL,0x0000000000000031L },
-      { 0x8c9a73c4857451b4L,0x61a5f60d29e1992eL,0x6b6cd67b1aff692dL,
-        0x3b702f11b835afc3L,0x4270a9babfc9d3c0L,0x68c63f32ca0c7cc0L,
-        0x841cf2826ea38e95L,0x85c69baf0d60d28aL,0x00000000000001eeL } },
-    /* 11 << 343 */
-    { { 0x45e6c6b23f5f1b24L,0x15c28586b7cce3beL,0xe985cedf965cfc87L,
-        0x26747eb284cf2b49L,0x681700f7c15ce505L,0xe2d3e6344273ba87L,
-        0x09e2e994691f61b5L,0x13dccaf844b47927L,0x000000000000014cL },
-      { 0x8c7d0330798eedbeL,0xe0e7fa0ec3f4951cL,0x99e5422f22ffa060L,
-        0xa977fefc3e202a9bL,0x40d939b29fda521eL,0x49c677526e65acd9L,
-        0xc17c3b685171db47L,0xda5735369cc9843bL,0x00000000000000faL } },
-    /* 12 << 343 */
-    { { 0x085d3a3cd827cc1aL,0x66ade8b0b0a2b341L,0x4b810c4cb68dfc88L,
-        0x77fe410ee5230a76L,0x8426dd8e389a3a1dL,0x2dda407d7d94bcf3L,
-        0x5c661465415e7675L,0x442edb73273f2602L,0x000000000000016cL },
-      { 0xe079d5bcb074acfaL,0xa72d9c62d08169caL,0xe1d49019f8828607L,
-        0x6ec373632e99dad2L,0x00f11e7bc8707b4cL,0x8b3275a0face4dc8L,
-        0xfd045d4660ad7b4aL,0xb59f6b352d870ba7L,0x000000000000005fL } },
-    /* 13 << 343 */
-    { { 0x8d68557b51272392L,0x5309f4ee45658c02L,0x3095b408efe64d18L,
-        0xaa43cad23d85c797L,0x859fdd6a4466d136L,0x19522c68bdd1220fL,
-        0x2def78829b8cf52bL,0x3374cc6bda0d3564L,0x00000000000001caL },
-      { 0x70ba7af1481ff4fcL,0xbfec18ace52060eeL,0x193045817332c570L,
-        0x9bca275ae05313dcL,0x792532b3e4688a8fL,0x73a7088b2cc15270L,
-        0x0d5f57a3cdd433a5L,0x53928b9ce4932780L,0x0000000000000119L } },
-    /* 14 << 343 */
-    { { 0x360e5a48a3d933ecL,0x0ab120bdf7bbea20L,0x30b58f9adb780cdcL,
-        0x30736d9595285853L,0xd52795fb1b3839deL,0x61abb62ef74f223aL,
-        0x7134f16b31f8ec5cL,0x716089459beced0dL,0x00000000000000a1L },
-      { 0xe346fc2d8d5e323dL,0x56aa6ef5ae6c4aa1L,0xdea1e40d130796eeL,
-        0x7685efdcd71960e8L,0x07e19bb51040e1bbL,0xb89e54e64709427dL,
-        0xb09e9978ab677ccfL,0xd155e8cae4e79e41L,0x000000000000017fL } },
-    /* 15 << 343 */
-    { { 0x37911cec263d9d14L,0xf47b2325e6c4d1beL,0xda885016f0147d78L,
-        0x0885ca03887ecb3bL,0xed86eb282d186bfeL,0xbdc86af2532d79c5L,
-        0xb383a5e811c79f33L,0xe07db5fe06434eeeL,0x000000000000005fL },
-      { 0x94ebda7ed0e9c38eL,0x890cbadf57eec5ccL,0x0307af50c3e7bb87L,
-        0x7a736b3ad82a5ccaL,0xa11df6677ff0813aL,0xb6108387e88d8258L,
-        0xbd705b30d4d86b60L,0x8236cf82dac7fb06L,0x0000000000000038L } },
-    /* 16 << 343 */
-    { { 0xc08891ef1f60c05eL,0xf9407f855915d764L,0xde8e7a4f0c96f04eL,
-        0x6f2753d62cc9d658L,0x59c566b1ddd346f9L,0xf47b8329e3197938L,
-        0x279a225bec0f1790L,0xd2001390302c441dL,0x000000000000001cL },
-      { 0x71f6e57c20ea5e7fL,0x12786ba3c8eccc18L,0x31bfeee7563adb36L,
-        0x688bbe01c99e4db1L,0xc1a39c8458226d89L,0x4a23db6dd0436b3dL,
-        0x9009c835bcc4a5d0L,0xb5765b5b4bc5e903L,0x0000000000000147L } },
-    /* 17 << 343 */
-    { { 0xe6b4a598aa1bedf5L,0x961741ea269742a1L,0xa70c0ead730beb27L,
-        0x6630a4735b0951b6L,0x7705bf6ebe99d329L,0x72c5d355f107c12aL,
-        0x3339727727eb0146L,0x88057c43805888faL,0x00000000000001efL },
-      { 0x0e50400725ef77eeL,0xe4055d7b45c6b5d0L,0x50fe7dc291aab5e1L,
-        0x0a4a41f4b30dde14L,0xf79ef05566d0acecL,0x47ff1b08d751cbebL,
-        0xb3b376414b70d1cfL,0x839901ca495f96c5L,0x00000000000001e2L } },
-    /* 18 << 343 */
-    { { 0x70f293f78d7a1a55L,0x6d47ae698dbd1bcbL,0xd972ce7e2a482890L,
-        0x565b5a69ae414647L,0x1ff7f1f4fac08052L,0x6ac7e4f7a6b8ea59L,
-        0xb00046d54c758546L,0x57fda89278c94b54L,0x00000000000001efL },
-      { 0xc89c53d4ab9b1fd8L,0x120412c01939d37fL,0xacf8ab74178a657dL,
-        0xf02ff62e6277e2f9L,0x6d388adadef2648fL,0x0a21d194d18d7ec9L,
-        0x28a91fb9620af185L,0x9a4be9c4cb7ebf4bL,0x0000000000000025L } },
-    /* 19 << 343 */
-    { { 0xbc45e6e4b2dae93bL,0x078b15245136d380L,0x61d2079bcde5d587L,
-        0xdcb2f7bf4d18976aL,0x3134fa08f1163d89L,0x4548e1cc166d26d9L,
-        0x372b77f520cf54c8L,0x21e059e7370c6405L,0x0000000000000090L },
-      { 0x88f8eaa80398ad72L,0xef4dfabdc756e71fL,0x9793c8cd26ef090bL,
-        0xa2183be477e6c7ebL,0x89687bae0c15e96eL,0x973c780afb7901f1L,
-        0x98d0434c8c13b4e5L,0x5ac0079c7d545f02L,0x00000000000001b8L } },
-    /* 20 << 343 */
-    { { 0xb6cc18ebda4a348fL,0x75ec91dea1828b88L,0x33d09001749d90e6L,
-        0x09157f665444d6a2L,0x3d99e23ec900287cL,0x5b7ea7f56e259af4L,
-        0x23cf7c3d7f716c57L,0xf3eb640ffe71bb94L,0x00000000000001aeL },
-      { 0x8244fc846e9cdcf1L,0x595beb65e002db4cL,0x5caff71941a87d50L,
-        0x79b6aab4e3ccf8aaL,0x1c57658749d3eb51L,0xe81912249671a8dcL,
-        0x64c41ec1651fc983L,0x9f8680d37983f157L,0x000000000000006bL } },
-    /* 21 << 343 */
-    { { 0x60ab42fbe05b2926L,0x1c587bf61d33e1dcL,0x96f5e70249ff79e9L,
-        0xb962af43e24c2e89L,0x30042cb3be7c4f64L,0x79f652a81d63ce35L,
-        0xd898a931ad6a7c44L,0xb2fb1570230d1accL,0x00000000000001f2L },
-      { 0x2022d6a58be3811dL,0x00194f6b73c51c56L,0x3ef9434003d77a7bL,
-        0x6d1989c6b8e27ccbL,0x03eae3f13a64841aL,0x41fadc74c63267efL,
-        0x3e79f28722c3f704L,0x9d6bb8f454828d4eL,0x000000000000018aL } },
-    /* 22 << 343 */
-    { { 0x185cb8e721e2e26eL,0x1866dbbff82c3492L,0x5a5e2a8913fe27abL,
-        0x2a97a225ba74bc51L,0x9699342b754d7055L,0x11cbb11a2395566fL,
-        0x7a1a2e8d98ded0a3L,0x17986e2379b54681L,0x0000000000000003L },
-      { 0x646f4099da8c44d5L,0xb738986d451eeaeaL,0x09dbb26b7a3b8625L,
-        0x5b427f68db3935bdL,0xd946c20da7131ae5L,0xae04ca918a745c0dL,
-        0xa1b0ef3a3f2341a6L,0x7b87fe01d6c790e1L,0x0000000000000098L } },
-    /* 23 << 343 */
-    { { 0x72170b94be3f7ed3L,0xbce35d7df87e5a5bL,0x475dc4f4a187c49dL,
-        0x8f70214da1e51c4cL,0x4a4f2173b03f9991L,0x0f402769644bfa17L,
-        0x1fcb1fd205185c69L,0xc73f4d6ad59730d6L,0x00000000000000f3L },
-      { 0x718cba01d0af16c4L,0xf877dfc0321d02baL,0x92005bdd160a85bdL,
-        0xa77c73b9fa3cc000L,0xd32784fa789d71a5L,0x1fed3e8451aa04d6L,
-        0xe5eff488d6838f92L,0xc6dd5be9b197e512L,0x00000000000000b2L } },
-    /* 24 << 343 */
-    { { 0x78a6a00515ccb3f5L,0x77707acad710f874L,0xa9f60018df76fab6L,
-        0x7a05131eb0ef7585L,0x73076403c0347bd4L,0x5677f9b970f16928L,
-        0x71e01afcacdb7c70L,0x2801531df2261bc4L,0x00000000000001b3L },
-      { 0x2e0884c087ab879eL,0xcef683ae5692f07fL,0xe9378ca2ecb5108fL,
-        0xb259e58446581fb3L,0xbf13bd74d9ab63e2L,0xdbb1a8660488e2f7L,
-        0x308d1a9c791c614aL,0xc064c4b74bafecceL,0x0000000000000068L } },
-    /* 25 << 343 */
-    { { 0x3baa82b9d0344395L,0x61b0ae22f03f32d3L,0xfdf609fdb9ab6330L,
-        0x8d2d4961e63485d7L,0x118bcbae7ed8bf75L,0x48084311dab22cceL,
-        0xd878e073ffa72bf0L,0x2d31d41024088b64L,0x00000000000000d8L },
-      { 0x1e2ad88893e537ccL,0x723c084c89496f7dL,0x154523b8e2095efeL,
-        0x60efb050a2a64c74L,0x1da398ac0f97d458L,0x3a4f1f7c382044e6L,
-        0xced99f7be34a1f0fL,0x7d757166ecebb070L,0x00000000000001f3L } },
-    /* 26 << 343 */
-    { { 0x2368670204035fbcL,0x494b7bd0a09ffd39L,0x24d81683d3d1a346L,
-        0xd8717302a15611edL,0x67d48150235fbe70L,0x7056885b92733e93L,
-        0x7088dd8d149e63c7L,0x9d1fa18c9fa2b660L,0x0000000000000093L },
-      { 0x05ccc95bab42e341L,0xf8ddae598d84b663L,0xecbabdff710e5d05L,
-        0x6bf408efe7d83fa7L,0x01e9fba9cc612f03L,0xb11b149a4b68351fL,
-        0x2eb12cb1c441fdc5L,0x1c5aa7073f1779f2L,0x0000000000000079L } },
-    /* 27 << 343 */
-    { { 0x71a41f98b7c8df35L,0xc0956536a098c8e6L,0xba543f95b726e746L,
-        0xc930b14a1d6414bfL,0xbe77ca4d1ffa41b9L,0xe2c9b33a01b6503fL,
-        0x8f618a589be1f9f7L,0xc5352fdb58a1e937L,0x000000000000015aL },
-      { 0xab583155d4d38a4dL,0x7dae65b732f456ffL,0xe6dceba0864ea025L,
-        0xe1b8eedb2beb7e85L,0x1afa273c24ef0333L,0x15c04d35f74c8c1cL,
-        0x3df77f47fe398bc2L,0xe6759438fca98336L,0x000000000000010dL } },
-    /* 28 << 343 */
-    { { 0x37097c79f3582e38L,0x32fb2f72acb94fd0L,0xe9f248615bd8e99eL,
-        0x021bd377d89f261eL,0xc27ccfba354d698dL,0xbd90006363d0d0d1L,
-        0x1a2ff3650ffe8c76L,0x2e06e2ac0a5a912eL,0x0000000000000056L },
-      { 0x32d5f87321ac73f8L,0x6071df7f1ce57659L,0x7b26cfe7f3d02f88L,
-        0x49889f71ac4b7cceL,0x6a8e756e4aa74667L,0x68698ee6cb72bec2L,
-        0xf10fc0e132a6e923L,0x25d53885dde3045cL,0x00000000000000d2L } },
-    /* 29 << 343 */
-    { { 0x2578f6e4c55d2794L,0x33d4f6c052c21979L,0xcb692ea7f0ac80ceL,
-        0x4a075eb4d0d2bb1eL,0x2bdca085d766fb6aL,0x28800b66f9cef794L,
-        0x79a504a18e1af8efL,0x87b7c42918f6d72aL,0x00000000000000e5L },
-      { 0xa0315547c4fd70bfL,0xed90418d1bf84addL,0x9444ed07561cc0a9L,
-        0xe218634f926e1d91L,0x1c2867c9c45cccb5L,0x8867a11b0088364aL,
-        0xb33066483293a8c2L,0x5379837264319b9dL,0x0000000000000059L } },
-    /* 30 << 343 */
-    { { 0x6261f11a490fcb56L,0x80e1e5b92166a7fcL,0x2156e7b7410ca8f1L,
-        0x6ba2949dcf083d43L,0x6f8c280e85f7a658L,0x86921a03c5362a6fL,
-        0x212c2960a82059ecL,0xcd6e8bf65535b1fbL,0x000000000000003eL },
-      { 0xde0debf94fa231d9L,0x3891ee50bb251008L,0x4f2e882b1d3cf2f7L,
-        0x55ae8ab4a441ea5eL,0x1a2fd89697f3d7d0L,0xaddcebb8240f6844L,
-        0x00c9e36a7c1ae8a1L,0x017a9763b8c7c299L,0x00000000000000bbL } },
-    /* 31 << 343 */
-    { { 0x7f8843aa27c1fd2cL,0xc7c12738b7767dd1L,0xed262ca40459641bL,
-        0xcfd418f94ae40df4L,0xfea0e51e4b4adc47L,0xf71a6afbc1076188L,
-        0x51c967efae2fb1ffL,0x10af8b7593d3d135L,0x0000000000000005L },
-      { 0x60b155619802e32bL,0x1b766903875c51c2L,0x8e8f66b6afa3d68cL,
-        0xb174d2ebe8cf549dL,0x514733991f65fa9aL,0x5bc23426688a0642L,
-        0x7dafa87c49871359L,0xa01b3e316ee4c06cL,0x0000000000000069L } },
-    /* 32 << 343 */
-    { { 0x1e2df23635210df1L,0x387b5c569aace566L,0xdd8152c9ee401323L,
-        0x56fe9ec99cac0076L,0x88ed7fc1e1a9f782L,0x6551487d681f0428L,
-        0xeaacc10197689006L,0x626bcad13b7e7fe6L,0x000000000000015eL },
-      { 0xe1b3574a7acb23caL,0xadda7c9e3636a1c2L,0xfc998cf89f3d947cL,
-        0x38ee4df41ba0511bL,0x1f40cc1403e4694bL,0xccecf4e0800fb6d9L,
-        0x021f708ae1665d06L,0x2bcd7975c492d329L,0x0000000000000063L } },
-    /* 33 << 343 */
-    { { 0x96b4d04fab8001feL,0xe57a3a7bfe85f93aL,0x8ddba50b81d1d925L,
-        0xa721d664f4b81297L,0x97ed33af14009a3eL,0x566f67398d669f51L,
-        0xe390958133398239L,0xd7a868f9b1e9107fL,0x0000000000000027L },
-      { 0xdc583df06773c4c8L,0xd92a6a1e5e741619L,0x9fc62275eb819e25L,
-        0xf9854e0cf083005fL,0xecbd75ce7b51e108L,0x4cc07d2722a8eea2L,
-        0x06b4a95fa203629dL,0x65458a822e92393fL,0x000000000000009dL } },
-    /* 34 << 343 */
-    { { 0x0c33804b49726318L,0x02d8b4cea9a6b656L,0x308eaf52e8cf960aL,
-        0xb36b768adf3a112eL,0x8131fab42b004e40L,0x0559670c887c5137L,
-        0xff0aaaa311f55b20L,0x08f4a3c37882a219L,0x00000000000000f6L },
-      { 0x1e4c54f236e35580L,0x75b801076317c307L,0x08da116384ed361aL,
-        0xda9c804e9fd2252aL,0x12f480031c027a95L,0x4c2edab64ba5b4b6L,
-        0xc7e6ba6f307f959fL,0xb541004fdfb90d0dL,0x0000000000000099L } },
-    /* 35 << 343 */
-    { { 0x6e84f0d99170c45dL,0x6c18bb4d38aaf72fL,0x07982c04541fb2a3L,
-        0x87b518be80d9c949L,0xdee66e2966394187L,0x31511309f8dbf99aL,
-        0xa8778cbaf823156bL,0xf9faea959b606d0fL,0x0000000000000093L },
-      { 0xfd31893563961535L,0x7986e24f3f52f702L,0x5b1159b45ddfae4dL,
-        0xcd9fbfec2eab8be6L,0x7b02b3fc8041e138L,0xd6a03b7891c5a91fL,
-        0x27bbfa95e2cb2f1cL,0xa9ce01ce466ef3e3L,0x0000000000000133L } },
-    /* 36 << 343 */
-    { { 0xee5cc4b56463339cL,0x5db849afd60e46a8L,0x376ec6edbb0cd719L,
-        0xb25bc974b73d2548L,0x4d3b9651ce5787cdL,0xc9f56856fb8a6b9cL,
-        0x40712dcf9997fafcL,0x1e9a979d88c38605L,0x00000000000000ebL },
-      { 0x65aa240f387c6c7bL,0x8dba59ea2e4d5a46L,0x4dae7703cbc76db7L,
-        0x616a9765ce122f7aL,0xa7ba80479be5f249L,0x0e3cc2bc559ff606L,
-        0x533dc60febcf865dL,0x07f49e3224af8ab6L,0x0000000000000104L } },
-    /* 37 << 343 */
-    { { 0xdd77ebff685989acL,0xb6f95799ab8308a4L,0x4e3a55af398e759dL,
-        0xa450ca615693678cL,0x54fc55a0b225faaaL,0x16584ec91dc73d17L,
-        0x1a5d318febfd0546L,0x76b7d32f96c3c17aL,0x000000000000003eL },
-      { 0x51be80cc328cc1fbL,0xa7a78f194965e6aeL,0x5381b42874544db9L,
-        0xaff29152aacad99cL,0xc48bbcc61156add8L,0x363047efe566895dL,
-        0x33d0a4a5bd032371L,0x880ec2cbff5f5959L,0x00000000000000a8L } },
-    /* 38 << 343 */
-    { { 0x9690d5e55f5e7c31L,0xef7369b18adef74eL,0xf74ee9ef2a7db0c9L,
-        0xd59cb64addf21c43L,0x6eb9fb438da8e4ccL,0xd1962bb086d3a35bL,
-        0x7f8df70c107dd755L,0x4226aac2d64da7dfL,0x000000000000008fL },
-      { 0xe8ba50a0fff053a4L,0xcf3d93f3aa55315eL,0xb3cdbb97d1f458b0L,
-        0x4b08420dd5d406bfL,0x7d869582f55c2820L,0x6fcb33b1698de39dL,
-        0x6b7745f5daaa8a63L,0x6ecec49a60db3a06L,0x0000000000000189L } },
-    /* 39 << 343 */
-    { { 0xe7ec7a73a6fb4bf7L,0x9c4cb462c58d8eecL,0x1774812b9e39b420L,
-        0x3eb336168ef96477L,0xfeb07e85981c4ce4L,0xc5cbf961bc2806edL,
-        0x558213f9c99082deL,0x6da1895930463857L,0x000000000000006aL },
-      { 0x55fc5626e084de84L,0x1c14a1b6b1388433L,0xbcd81c8c13bcb966L,
-        0xf3c19eac80ec3df1L,0x3d8209db319be8c9L,0x009dd32c97cb53ceL,
-        0x11b045b569348a7cL,0xf062b5bf08a42755L,0x000000000000013eL } },
-    /* 40 << 343 */
-    { { 0x1c48fc22b0b3927dL,0x0bde722f69b0963fL,0xe408cacafa23304bL,
-        0x0286346c33892f47L,0x4edfa1d344dca6d2L,0x4ed4dc92dc7e794aL,
-        0x875f0a691bc2fa3eL,0xb6719990c61f95f1L,0x000000000000010aL },
-      { 0xd69e90f6b9d1af63L,0x78a0578fb8525cdbL,0x423058d607e5dd88L,
-        0x4566d2724e64b363L,0xfa878a8931cb06ecL,0x88ff5b4a1bea9ffcL,
-        0x343e558867212ac2L,0x0e4cb5b440dd6e75L,0x0000000000000184L } },
-    /* 41 << 343 */
-    { { 0xe0d0a82ddc9454b3L,0xf487a58cd0bd7052L,0x872289d507f23cb3L,
-        0x739561b660a4d759L,0xa785b509596c0ef8L,0x0013852d0842b0e4L,
-        0xf52d1e53d66380ecL,0xbff385dd62bb1e96L,0x0000000000000113L },
-      { 0xbdcb323fb841727cL,0x6943c4849a825146L,0x31893c76e74e00c5L,
-        0x62c0e3d55e3801ccL,0xa692149105663bc5L,0xc521169e924ea71eL,
-        0x3082a14de324bd5fL,0xa571779c8641c086L,0x000000000000004eL } },
-    /* 42 << 343 */
-    { { 0xfb39fb3373facaaaL,0x1305273c23052258L,0xa9205e1175193205L,
-        0xef9fecbb8cc8098fL,0xdd0f157be588ca9eL,0x3364b687f8f2e14dL,
-        0x3e0a4cb00594f821L,0x2697b264600abec1L,0x00000000000000e5L },
-      { 0x5f1048d60c425ae0L,0x596a72abd8196cc0L,0x76dbf0a6ff36707eL,
-        0xc7ab267255665a0eL,0x27ae6b082aacd81eL,0x4a2646471184702cL,
-        0xb6420d7981ffcc1fL,0x7ac1e298536904d8L,0x0000000000000188L } },
-    /* 43 << 343 */
-    { { 0xab8b3503416f5d87L,0x4fc288e16651df50L,0x3f0adfd9f62ec45dL,
-        0x92cd8547172e5630L,0x434fbc19c3aca907L,0x38eb1388ccb55646L,
-        0x19729f62dafb3a47L,0x8ced2ee49cfc34cbL,0x00000000000000edL },
-      { 0xb08ba1c3cdbc6116L,0xd075c733b7ab4b91L,0x547d457ff97f1759L,
-        0x919a38e18c601000L,0x2fae128fc9a3a7ceL,0x050486e31643b442L,
-        0x9034efad2afd1aa0L,0x92702ff21af79b99L,0x000000000000007dL } },
-    /* 44 << 343 */
-    { { 0x68d0506218f40095L,0xe085992447df111bL,0xab2400df4b409e59L,
-        0x5f8d22db555656f8L,0x606ced3146df6523L,0x4c92283116251601L,
-        0x8b383573007bb6a2L,0x99bb3be83dd4c4eaL,0x00000000000001e6L },
-      { 0x65838cf4d21d9bc7L,0xe07a59110168059dL,0x193d6b80c27c988aL,
-        0x08d7198bb6411f17L,0xb229275330ee2a99L,0x4dba6885690e2ed7L,
-        0x658b187cf10e2b34L,0x8002fb6b9ac63db3L,0x00000000000000aaL } },
-    /* 45 << 343 */
-    { { 0xf2aa7ff4fdb6b1f7L,0xfb45d9ab038645afL,0xfbe46a595d991f1fL,
-        0x777ebeadd152a3f9L,0x830688a04a7e59fdL,0x205e03ef3a6d1d41L,
-        0xe61a446a1ff8c82eL,0xc2557922ee29bd8dL,0x00000000000001e1L },
-      { 0x9181192fabfa9a84L,0xbcb13e6a99b82faaL,0xa509d7609f24f727L,
-        0x30f91875d7fcdb25L,0xf5e87646a279f077L,0xa1abe3b1afcd136fL,
-        0x5096c338f5d393a0L,0xe18e7d97c77f082cL,0x0000000000000023L } },
-    /* 46 << 343 */
-    { { 0x99a8fbb5a161f30dL,0x4b936314a6dca904L,0x582fbb6285f072baL,
-        0x638b964291f813ebL,0x8fbc4a5f33b67634L,0x75c4f8854786ce86L,
-        0x12fe375cb2be82fcL,0x57b6c79e1af62afaL,0x00000000000000ffL },
-      { 0xc584de033815bf50L,0x59284a85a5d2a462L,0x99205733a2db6069L,
-        0xac414cedc789585fL,0x74c918a17924fc12L,0x4179d5c0e01a417bL,
-        0xf3f6d46b2de7f1dfL,0x04d576ff993a462cL,0x0000000000000058L } },
-    /* 47 << 343 */
-    { { 0xe9599d6ac0d5f4e1L,0x175f50fe3ff2ad8dL,0x8387d0c9cbe62ffeL,
-        0x19bd7a93f759c79cL,0xd6dc8c1718264806L,0xffcd7dc91f93bdb9L,
-        0x272bbbde842b0f37L,0xa25c2429cea01bf8L,0x000000000000001dL },
-      { 0x6a294073e4187767L,0x209d9bc423ee345bL,0x720ae363dea56eddL,
-        0xe3bf827a23447df3L,0xec4fc4d9dbcb4442L,0xa523dea0df06b38fL,
-        0xb7a20ff275ff70edL,0x758975429c985220L,0x000000000000011eL } },
-    /* 48 << 343 */
-    { { 0xd6772399efd3e26cL,0x08fad2b4016cc649L,0x04b688e18c93ae74L,
-        0xee4cd37f884e93feL,0x0adfc5f43f4161e4L,0x38b754b36a15d63bL,
-        0x0a7c520fb63e3bbbL,0xc6d4a82a6bfb98c7L,0x000000000000006aL },
-      { 0x3fa2075432fe9124L,0xbb2d3081b6ba6e4dL,0x21294a30716ec099L,
-        0x930eebfcd2636892L,0x0f2d1febac11c6dcL,0x4a22383d797f5a02L,
-        0x40c0453b4e874895L,0x1d1ea32146bf9197L,0x000000000000012bL } },
-    /* 49 << 343 */
-    { { 0x98adef8589638e94L,0xef3d1a9e3d38b340L,0x6ce88584062c0c59L,
-        0x7a306b12e4d7ed2eL,0x3fd19f650e0ad96fL,0xfd800846bdd0f7f9L,
-        0x41aa2176c8958c40L,0x662b0a5f6b80a9f2L,0x00000000000000fcL },
-      { 0x3c1da866bc0ff89eL,0x8f659183ae7b7052L,0xf499f6a9c3ab5947L,
-        0xbca8b00cb8e883ccL,0x71b521e4ffbd2095L,0x6d9347e395bc461eL,
-        0x974c20ade248b5b4L,0x8b0e856009a7b234L,0x00000000000001e6L } },
-    /* 50 << 343 */
-    { { 0x0b011c32ee2b97d5L,0x79200cef3ad0b2ecL,0xea1decec50b54070L,
-        0xec2fa4a8daf1d7c9L,0x9c2061eaa9203504L,0x01ca3089e8e76ddbL,
-        0xf009b4ecb2ab1903L,0xd42e9d8d17418ffcL,0x000000000000003cL },
-      { 0x05c5851078dcb449L,0x366e588014134c89L,0xd3c226ca0f9d0ca8L,
-        0x90368b2231202cdaL,0x4900c6c679c08f36L,0x282ba56a42a6f1b1L,
-        0x3146c4170b497bceL,0x4b6a7d5d8b761fa6L,0x0000000000000182L } },
-    /* 51 << 343 */
-    { { 0x9687fad20f33e22dL,0xee13cbf0f861fe0eL,0x7bfd7b51e420708fL,
-        0x7e3b03c29408f6c3L,0x98e32d6cd2478ff4L,0x46c6a5ee34a542b3L,
-        0xfb063d20a9d664c8L,0x0d46f2fa462cd3bbL,0x000000000000005fL },
-      { 0xd864149319bdb879L,0x4c1eb5a09c32b27cL,0x7245a9ac8bb683f3L,
-        0x6c0416d6147ac3bdL,0xf0b832fcf13b6273L,0xe4cf4607f2140e06L,
-        0x3627fed4b74a3da2L,0x0b285a0d5eeec17fL,0x0000000000000118L } },
-    /* 52 << 343 */
-    { { 0x1fdcd60d607b148eL,0x52ba3a64ef0af894L,0x93d7e10f8e017e3fL,
-        0x54586254a1c56691L,0x7ba1d3344dc39c87L,0xdb980aa5947633fbL,
-        0xe005885333908ff9L,0x752e4a4cfc9c017fL,0x0000000000000111L },
-      { 0xf00b5caadca578c9L,0x33e7b721e5e36c85L,0xe12eabb0d35b31b4L,
-        0x7e7f6feb77020642L,0x593a80b27efc68aeL,0xd15b1c05b098be57L,
-        0xf2f8a3d4a680dd49L,0x41bcfdbc8743a900L,0x0000000000000152L } },
-    /* 53 << 343 */
-    { { 0xe941ed524f65e73bL,0xd3e1d57affc2f0daL,0xc6d535243702b0f7L,
-        0x81cbf7778599b1e4L,0xec7ea8a9c500dfabL,0xba77eb049d0bfbe4L,
-        0xa3d1cb95e1324dd6L,0xc8ef4cceede51d63L,0x00000000000001a3L },
-      { 0x6c2624e5052f9069L,0x235b7957a284f707L,0x2cef19e959304063L,
-        0x0e2ccfb01ea15b4eL,0x9a4c9bf0010f6519L,0xc1edf0173339bed5L,
-        0x5677cbbf8bddb55fL,0xe487e6d90b86d922L,0x0000000000000097L } },
-    /* 54 << 343 */
-    { { 0x942ee9fa3f9dfb04L,0x98f99ee04bb518c8L,0x7e82e828b4c177deL,
-        0xcdc34f88cb890189L,0x7662d2b1295eb6c7L,0x40f6e30126ff62adL,
-        0xb09ada6615539133L,0x0240f1ab994c1ee3L,0x0000000000000119L },
-      { 0xb788badd5b186991L,0x2f0f51d1feef6adeL,0xa6fcad6697ebc752L,
-        0x7a41969ecb9d2718L,0xe8b76733a3690ba0L,0xfbb3978055a3075fL,
-        0x905400f11e407ebaL,0x1cf6c26d29b33ca9L,0x0000000000000026L } },
-    /* 55 << 343 */
-    { { 0x82e0c91375602369L,0x37772fd0cdf88991L,0xed11013ce687811bL,
-        0xadc2a6ef0e32e842L,0x9b95a8c33183cb5dL,0xb7ea194ef178fd02L,
-        0xdf35cb1b0e373bbeL,0x4c70f3b2d5b46c11L,0x0000000000000154L },
-      { 0x62570b6cc73964d1L,0x0a0b268480c4e024L,0x400b160c1205a6a2L,
-        0x826be2f82f65aa46L,0xd10b64a20a054f68L,0x12bffa7464766cf5L,
-        0xfe9420788d929d96L,0x78a8682b8fa29a3fL,0x00000000000001a2L } },
-    /* 56 << 343 */
-    { { 0x567357340ee20005L,0x1867e14953306288L,0x30a011a2a8c834cbL,
-        0x85dd3b76e4be86d6L,0xe080a590059d6838L,0x27ba4bbc384fc1a9L,
-        0x08bd92bc1fb5f754L,0xbfe47313795078b3L,0x000000000000016dL },
-      { 0xd266058c646b3dafL,0x32edfdb12fbe6000L,0x641eba0fe2f9c075L,
-        0x02c67e0c69ad2966L,0xe2f469e903ae6d25L,0xe7e4198ad0927943L,
-        0x63e387902caf56f2L,0x563c3fe290ba1dc6L,0x00000000000000daL } },
-    /* 57 << 343 */
-    { { 0x986795c4e5fa0ed3L,0x6cacef9a47ffc3c3L,0x8406f9175b1dcda8L,
-        0xfeb8ce4570d199f9L,0xbbbc1f37d1b1aa68L,0xbdab7e0ecf1643a5L,
-        0x4fe791e953c4a8abL,0xebae700e4d20cc4aL,0x0000000000000177L },
-      { 0x702b8bdb97b76b31L,0x73da6623d6e6fde5L,0xb36946a708ea1f3dL,
-        0xfb25cd3ff11e7ae3L,0x996cf485c8475ecdL,0xf3ac42d20ef1dcf7L,
-        0xf218353842a60719L,0x3cc178281d61944aL,0x0000000000000191L } },
-    /* 58 << 343 */
-    { { 0xfcd47f6b67508a16L,0xe31427401bdf577cL,0x4895185967f0cff3L,
-        0x7d6fcef807638e5eL,0x39b9d003e9235a94L,0x0f58af795a824938L,
-        0x6cf21f76518b7880L,0xc485929558044273L,0x0000000000000186L },
-      { 0xe0f75e1aca93ef08L,0xd5644e7b4340dbbdL,0xcf01ad2491a927d6L,
-        0x43829aa53be7c5e0L,0xa0c72646c54fdd3dL,0xabedecc81d939f5aL,
-        0x8bd70b024c607671L,0xa0dc64200adc7aa7L,0x00000000000001e1L } },
-    /* 59 << 343 */
-    { { 0x26a9889300d4249fL,0x65abdecb009278b3L,0xc118a3f337065e41L,
-        0xea008486e7ce142eL,0xb98918b36b326823L,0x0f1031f33887e45aL,
-        0x7530610e1629d0aaL,0x6193410a3bdd47bfL,0x00000000000000c8L },
-      { 0xb1da190f84192eadL,0x61f8d02c3303a700L,0x6faa862b1b3bcdb6L,
-        0xf55bc5e116da96baL,0xd95bdcfbc7109dd6L,0x1a75f2179573e7a4L,
-        0x04ccd08b873cc228L,0x5b2039ee25a9f6f7L,0x00000000000001c6L } },
-    /* 60 << 343 */
-    { { 0x5fde9be18e99f004L,0xda1fca7fc4fcc705L,0x8776b448e77c338dL,
-        0x12ae11e1e0384911L,0x28172fff338ac117L,0x7d32e433fc4479b5L,
-        0x55f257f9c5c8cc74L,0x70190a52ed205691L,0x000000000000011eL },
-      { 0xb255a18ad36a0c3eL,0x435abf4b3c166cdcL,0x51f796a0d75211c3L,
-        0xfa43f06b521d35baL,0x47fae95d0575debbL,0xf9f7ac07626266b8L,
-        0xefd12b4837e8edc4L,0x03ccbf8b6af450f5L,0x0000000000000001L } },
-    /* 61 << 343 */
-    { { 0x4c3a5b247b4fd7f9L,0xbe4f6aaa73cfa932L,0xf8720019c183b294L,
-        0xa88e61113efbffd0L,0x02a45a2f505fa176L,0x5614def1ca32b335L,
-        0x27d80f82eb09898cL,0x341f3eb60072f7dcL,0x00000000000000bdL },
-      { 0x3b1074917ef9c7f4L,0x1db05b0daaca0f0fL,0xb4e8236c35fabb88L,
-        0x9ecdb35c2d887bdbL,0xe9e477a4685ff351L,0xd66108c5c8693cb6L,
-        0x3f45b6e0a0408fd2L,0x712b6b89197ecc54L,0x0000000000000075L } },
-    /* 62 << 343 */
-    { { 0xad5096b436373ad1L,0xc5c5d96a67e09911L,0x71d976bcd1c1bd0eL,
-        0x734eef2e26276014L,0x39826b9398abb08dL,0xf97c29bb60504d90L,
-        0x03e6b7bcc8dfe26fL,0x62fbcd06edab53bdL,0x000000000000001aL },
-      { 0xb8e19bcaba51fc6eL,0x51980bedfb188d4bL,0x947062215f9340eaL,
-        0x55fd26f2ea1bf912L,0x9b4bfd5b52acf80aL,0xe0cfdad11517a40eL,
-        0x0231b221bc0813aaL,0xd93ede1067c8de5bL,0x00000000000000f2L } },
-    /* 63 << 343 */
-    { { 0x14c36eed98352662L,0xb2fc535820cc7dc2L,0x4d9d0399afbf0b1cL,
-        0xc45410e2bf803069L,0xadf0b1e408a75f7eL,0x32483ad625d55976L,
-        0xe03ac79a40134cdeL,0x8a5e15bfeca20104L,0x0000000000000094L },
-      { 0x54bb69bfb2ad7a77L,0x1c7e147a4c7a969eL,0x3abd4c100ca1cfc4L,
-        0x25cebf8026549e9dL,0xbc93e23dcf7a3014L,0xd35c8df023b55805L,
-        0x6febda25410f6adaL,0x724a6fb680ffb7e4L,0x00000000000001e9L } },
-    /* 64 << 343 */
-    { { 0x2fb204ffc6ac25bfL,0x04264d4a20b8ff3fL,0x95b64338a430a774L,
-        0x573a4b367da8bba5L,0x950affbb5b83d767L,0x9254695bb560c0f6L,
-        0xfcd8a4fbff22df77L,0x8625ed302d6e43dcL,0x000000000000004aL },
-      { 0xed8010f61cac9547L,0x0612e17392c7ba4fL,0xaf48aeed051d9478L,
-        0xf7067a1069a78479L,0xb17c4be898a1aa82L,0x2b21d42a7a94d7e1L,
-        0x461b848fd38e3b49L,0x76af1bd6563a87e7L,0x00000000000000e8L } },
-    /* 0 << 350 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 350 */
-    { { 0x5a4ab9c18d71ef32L,0x08205f9bf4f4cf75L,0xfe64565db34a8c55L,
-        0xd12be047169994bfL,0xd3c3f84f43f91e62L,0x1dae2e732601b686L,
-        0x2a07fcbe2dee30e1L,0x25e562459a754926L,0x0000000000000174L },
-      { 0x288455f32ce4d340L,0xa1f4e6b0e321170dL,0x9a36bac390039106L,
-        0x1682b04d98c7ed01L,0x27166c68e9ebef5eL,0x41efe4f001ca803dL,
-        0xf76898ac460a4c5eL,0x6a787fc31acbcda4L,0x0000000000000103L } },
-    /* 2 << 350 */
-    { { 0xdcaed4e0eb86608eL,0xfdfd21688d7ba967L,0xd4793142866e3436L,
-        0x259b748bf9e22704L,0x86914896ac039548L,0x2236c40dd7c7eec2L,
-        0xd76953aea1c8873eL,0xf3e9f9539cd08a3eL,0x000000000000013cL },
-      { 0x2d653796535c50c7L,0xcb8b6a753478f1c4L,0xa2abfb2acf0ad848L,
-        0x9cd60fbf7fc08e6dL,0x3706c38749f48743L,0x3ea91a1d3e0781e3L,
-        0x8c19973bd007f364L,0x566d7cb522e5f10aL,0x0000000000000103L } },
-    /* 3 << 350 */
-    { { 0xff04036328faa051L,0xefc95341172c6ce0L,0xe4028c4a7d53a624L,
-        0x481fb2fce3aa1e70L,0x4671faf3d2d92ac4L,0x0d581a28cad49733L,
-        0xcfab195da5e23867L,0xf6784d62c8bd1eadL,0x0000000000000170L },
-      { 0x2ba73d671694ffaeL,0xbaf16d6d47d613b7L,0x5748fb2fe24a2182L,
-        0x337d36ad8b9d5587L,0x07b92ce38cfcf82fL,0x99b04584fca2cb04L,
-        0xe8fe5417a5db355eL,0xa29a83971e795369L,0x00000000000001f6L } },
-    /* 4 << 350 */
-    { { 0x674e392f0261ada4L,0x5af762f55bb103a8L,0x281ad6a5c9e8bf69L,
-        0xa88ad2e45c57af63L,0x7fbce1f23b909ce5L,0x37883da84a8c86daL,
-        0x94f7c5708fc8357aL,0xa1f2fb59c7c21ea8L,0x00000000000001acL },
-      { 0x30c79e7b1cba57c5L,0xf71d84be6062fa39L,0x8fb70b03e2b9c131L,
-        0xbb0f27e7cd862b12L,0x2fea10874ffd6a0aL,0x177871582a7a7b08L,
-        0xf79606cc8653ce49L,0x9514c960629a5ff9L,0x00000000000001a0L } },
-    /* 5 << 350 */
-    { { 0x685cb5e1ee76561fL,0xc7eed1f695507f6bL,0xeeeab42cd2aff6dfL,
-        0x32417d37c5c5362eL,0xf1dca5a7362b5f64L,0xa632d6b9fce1fb3aL,
-        0xdf5ef2ab8d95fa9dL,0xebae375560e41269L,0x00000000000001ecL },
-      { 0x18090f8b62102f3eL,0x1f92da5a150229deL,0x3c7262f9f45b03a9L,
-        0xf12f42c84967dec8L,0xc68b707051a319cdL,0x5fb0202c58e88be6L,
-        0xea58670dbacf6553L,0x4a218180bb263c69L,0x0000000000000038L } },
-    /* 6 << 350 */
-    { { 0x2df8ac505afa5f7eL,0x6df783774959ec90L,0xb26bdddb192bec1aL,
-        0x1c8d1feb809b6d87L,0xbf8e71e3c90fd61fL,0xb779d00f9d3abfd2L,
-        0xc9b25e7d40d5d7a4L,0xcf5dc7c2ca6c2dadL,0x0000000000000100L },
-      { 0x360d9b18c50b6ba3L,0xdf5958ff1b4ca3ffL,0x1073b7f6e05fce33L,
-        0x819739fa5936c3e7L,0x5d7bf0ce95b80771L,0x27043464d723e7a8L,
-        0xf665f01f769d0313L,0xe8ba3b82d21e5578L,0x00000000000001afL } },
-    /* 7 << 350 */
-    { { 0xcc1a5d125c84085fL,0x689ccbbf11e07a83L,0x818e90645bd5ce0aL,
-        0x7ff51fe77dd3b557L,0x244b2fc597c092fbL,0x56b49f61ce7dc3e5L,
-        0x60465ba316e1cb43L,0xdad9e6d70bca87efL,0x0000000000000159L },
-      { 0x410a5b331f2824f5L,0x7940293fff4bbccaL,0x2c37932925ce7150L,
-        0x4b0fcc706add5653L,0xbc7fa7355ad55175L,0xc751542bef886eb7L,
-        0x4c8352570b74d18cL,0xae7eeb6061542f24L,0x000000000000004fL } },
-    /* 8 << 350 */
-    { { 0x1fb30b26534de721L,0x467328664123d0bcL,0xe4e83c0d3a143f8eL,
-        0xe1f5f92a691180e2L,0x5fb00e76081f7230L,0x0e4e513d083c3776L,
-        0x5b81ea91eb042c2dL,0x7a221cb200af7f4eL,0x00000000000000e4L },
-      { 0x7bfd3f9131e75c9dL,0x8545adada2c68d12L,0x01c295b9f986ad9fL,
-        0x186952a541eb1f2fL,0x6f7e3e3ee802ffc8L,0x704e75d0b98fc92cL,
-        0xc233afee4800a8fbL,0xd0111a57549d5fa9L,0x000000000000010bL } },
-    /* 9 << 350 */
-    { { 0x703bdfc28fa5a117L,0x3324b4c7a72de61eL,0x66bffd4e189dd1aeL,
-        0x0dd312e197be2e90L,0xc0f200e159e34175L,0x494e207fb97fc751L,
-        0xd1a1b7a1bb27e3eeL,0xaffbced9b305b999L,0x00000000000001b0L },
-      { 0x82ecc5d084711c62L,0x339f3eb9f8990ca3L,0xbf24f07a5e5cf050L,
-        0x0e63379096b80f96L,0xb2713b232cd928d0L,0xdb2acbed1bec9ba8L,
-        0x259a9461a584c845L,0xd024aa292d12b85aL,0x00000000000000b6L } },
-    /* 10 << 350 */
-    { { 0x162d7affa798f350L,0x904fd12e7ccf599fL,0x2e13439240e92c4fL,
-        0x7439ad22afeb0edaL,0x2111df7dbb3a3984L,0x17da71600ba49716L,
-        0x03c556c8ef500d81L,0x292974427287b40dL,0x0000000000000066L },
-      { 0xc61ab9d32dc3165bL,0xa427265826fcadf3L,0xb8ccd6c0838ee2b8L,
-        0x2b43ac9dcad6ed19L,0xc5e072a314ac704dL,0x148021b6b3289a83L,
-        0x3da3fcb61d3e7f5eL,0xf6e0d0596fbc3f05L,0x000000000000018aL } },
-    /* 11 << 350 */
-    { { 0x07d7152724577876L,0x0ad731b07475d82aL,0x8181bc1ecc35789eL,
-        0x47453c419ab56a3bL,0x87ae49281343be4bL,0xff1e1a462366665dL,
-        0xd89941a533896339L,0x8603a0feee010861L,0x00000000000000e0L },
-      { 0x9aa8f8f3ebc782ceL,0x0b8cdd59dfe2867cL,0xe6bd219d63a7e153L,
-        0xb7748a8c62371590L,0x6f5ff5a8f67ba1d9L,0x9f057b843cc70904L,
-        0xb3949d0a3aa770d6L,0x1d7417ebc36c1dfeL,0x0000000000000134L } },
-    /* 12 << 350 */
-    { { 0x238d0f45e5375e53L,0xb576c6ca60b1447cL,0xa3a372a662216556L,
-        0xa36f6c4a8649c9d5L,0x00e80b35ab50c2cbL,0x11e5520e2556c5a2L,
-        0xac58d6f1d3aa02dfL,0xd56bf8228b95fddfL,0x0000000000000094L },
-      { 0xd172331a2a513cc5L,0x35eee6975ef6a6baL,0x4f02b17fb0acdc95L,
-        0x07ec621e1eb68058L,0xf266346cdac73d4cL,0xbe978e8aecab7ddaL,
-        0xda0244e8968c2eb6L,0x50b38345cee91ed9L,0x000000000000014bL } },
-    /* 13 << 350 */
-    { { 0xe86714c444bbba14L,0x4a0ba67fe0ebe2c7L,0x4d7b6342e19e2833L,
-        0x29e0766b768b7bbfL,0x109e7003d5b9f660L,0xcfaf2ddb39cb47bfL,
-        0x4be8337c9fd257d6L,0x5ee652afd3082203L,0x0000000000000185L },
-      { 0x0eace717a4e898fbL,0x936b7743a3ed5280L,0x13bb777fe20eb2d5L,
-        0x6e3fe7ac2e467eeeL,0x8b1bc5234bf9a409L,0x8e6eb8d336a9bc8aL,
-        0xcb22f89c060f98a2L,0x18a47fe4fe67785fL,0x0000000000000171L } },
-    /* 14 << 350 */
-    { { 0xfb7641f78dd2f484L,0xd3968fdc8458af7fL,0x49aae2a03f2256aeL,
-        0x3868855c184b5272L,0x02207efdb0964247L,0xc2e07ae88f026dacL,
-        0x6043c98a10fccbd7L,0xa0dbf1ec385aaccfL,0x000000000000014aL },
-      { 0x8e75ed542cffc319L,0x83c12af3727fb8e1L,0xf3fb0e7d5665201cL,
-        0x282b216e2c59469aL,0x7a71d0b07a2722ccL,0x3eab574727700dc1L,
-        0xbec4c097b809482dL,0x5363ca88baa425a3L,0x0000000000000182L } },
-    /* 15 << 350 */
-    { { 0x3e16bd1f7200a8ddL,0x028318f4b10ec669L,0x1fa937c6b9c35fa7L,
-        0x0ca277d969c407d8L,0xe0230f44ed5a32efL,0xa04df533e9dc21fcL,
-        0x5775e2b0847b808fL,0x7319f97b14c0cb44L,0x00000000000001c6L },
-      { 0x4f313cb5e7259335L,0xc2de5cf8a2e9a717L,0xc6daf9a41a0c65a2L,
-        0xe304c3aec39e1b4aL,0xa9a178e03cfad39cL,0x35dd14cdd2555011L,
-        0xdaa2701adf9b2103L,0xbf3d425b40c31b92L,0x0000000000000087L } },
-    /* 16 << 350 */
-    { { 0x01188022f8816103L,0x64e1c614db3855d8L,0xcd4bd4c229a7c0d2L,
-        0xd7ec42894d5ece84L,0x947a8bdc722fc703L,0xa4c09186bfebacffL,
-        0xf7fda81edcf3b746L,0x3bf6dc1b435034fcL,0x00000000000000c8L },
-      { 0x319fc666878b4418L,0xd600347ccfa14a68L,0x5abcf8fc912b3c2bL,
-        0xc82c5e12c5cd581dL,0x022f767c50a27865L,0x5c606862ead1f5f7L,
-        0x2702e8192259d674L,0xae371a48e02204abL,0x000000000000001bL } },
-    /* 17 << 350 */
-    { { 0x97e034b8a9080de0L,0xd85ffb9e7489f5dcL,0x5e82572b143fa372L,
-        0x0011ac86471e02ecL,0xedb1f0e68bd15910L,0x9f88d9fb76ba5f6bL,
-        0xa93eec11e73fd22cL,0xf4980f348e89e8d6L,0x0000000000000131L },
-      { 0x6972155ccb678eeeL,0x8450fe29b3f64220L,0x92a56dd2a22f685fL,
-        0x5938dc70bb05e6cbL,0x83b058f8c28d997dL,0x570df3b018f71a2aL,
-        0xb7cea974dc59cccfL,0xdf9376c83099d0fcL,0x000000000000006dL } },
-    /* 18 << 350 */
-    { { 0x767a6f66b1d1d2c2L,0xa1322854fe1b6fa1L,0x4be1a1cc6461d755L,
-        0xeed07ec250c221bbL,0x1ecbc0e0d9a306f0L,0xbe134f4df014a398L,
-        0x5b391aae8a62aa33L,0xf89d0bd98f8374d9L,0x00000000000001cbL },
-      { 0x834f7a49bd81ad66L,0xc0847d0c5b161a3bL,0x55ca398ece94c03dL,
-        0xee52a9325f7e7da9L,0x3c0764552256b0f3L,0x70a087cd10daae34L,
-        0x1e749e8b041e8275L,0x32e770866583c7c2L,0x0000000000000187L } },
-    /* 19 << 350 */
-    { { 0x1705841bcd474570L,0x8286faca79fdf349L,0xfc5cfc0fab4d7902L,
-        0xeaa4781d494df4d3L,0x160dd228a8d6515bL,0xc5e6a4393fac5de4L,
-        0x6f080b52e14684a4L,0xa1171a632a68c81eL,0x0000000000000185L },
-      { 0xf6da51320bd7b821L,0xf02d821685f6e165L,0xe4fc78f80c8b9ae0L,
-        0x0cb0278872ccbb8aL,0x37972865c36b4672L,0xa2e0aded0ddef47cL,
-        0xcdb8736483760595L,0x5ca51c2951194739L,0x000000000000003cL } },
-    /* 20 << 350 */
-    { { 0x2af67b2b1d6f6e88L,0x02b012d358551562L,0x6b82b1fecafa5d8aL,
-        0x7f82b4e2e6fefe9bL,0xac91d292e6b8bbdcL,0x1e330708aeb0467dL,
-        0xe5723339d2226ec1L,0xdcb1dfc411ce4198L,0x000000000000017cL },
-      { 0x4c55853aa74e39fbL,0xdeadb9343e55add6L,0xbb7f6b234d9052ceL,
-        0xc39590032f3e7badL,0x78636279ad990758L,0xc476679e34bcb90bL,
-        0x9ab2badcf9fe3f2aL,0x414a32c01b69ef65L,0x00000000000000c1L } },
-    /* 21 << 350 */
-    { { 0xf972e207226d5378L,0xcd708a71ff9ac89fL,0xbf32f744ba4d2463L,
-        0x46fe3a5fe3e118afL,0x746a334f64442a45L,0x716caa321f011c2cL,
-        0xfbfd3914b0a5fee4L,0xc1e251fd8637d992L,0x0000000000000086L },
-      { 0xb45d3c09336dde94L,0x418b61d9bab03eaaL,0x1ec1facd52276f8cL,
-        0x31a2838d276b4c3eL,0x5c0ac0e5344b4fc0L,0x84c5b86c7802d850L,
-        0x7f2bde812d1f1518L,0x749429ab89820544L,0x00000000000000a6L } },
-    /* 22 << 350 */
-    { { 0x8fd557cda14acfe3L,0xa78896e226a144cfL,0x9171e9bb7e81425eL,
-        0x1b03073ac232010fL,0xa2a67f9e4506d254L,0x9c74103f9b9e87abL,
-        0xf03b5f8cfd9e2110L,0x701e9602fceae96eL,0x000000000000008eL },
-      { 0xed614e9542b8326bL,0x1deca584f7c276fbL,0xc1c4acbc5c38606cL,
-        0x6c1d93a6a03fce8bL,0x114af997f1d63590L,0x63ff01ed89679610L,
-        0x6c1091e92ef1af27L,0x7577c9b8e47fbe2bL,0x0000000000000115L } },
-    /* 23 << 350 */
-    { { 0xe1e509705873e203L,0x92537e522ccb0f6cL,0x57f7ce82a48a196bL,
-        0x355baf4fa3f71850L,0x564770cb0fe17d67L,0x5f17428ce88a7b9aL,
-        0x2ea41803c7ede7e9L,0xcb4b4df25e9ae4d6L,0x00000000000001a9L },
-      { 0xd9149883a345b2baL,0x5f6edbf7aff49765L,0x6ccb568246bb6e78L,
-        0x28df77696f46d96eL,0xba7ce7265c6d0f7eL,0xef69e4d2e8c413d3L,
-        0x12be550be5d1ee20L,0xfee595f001ecba93L,0x0000000000000116L } },
-    /* 24 << 350 */
-    { { 0x114453e727f2f67eL,0x7199960246edb75aL,0x481cfc650714f2ecL,
-        0x7a359e11bd48c221L,0x6807f0b5bf80fbdcL,0xdfe57fff51b3a6fdL,
-        0xe58f3c47b6794229L,0x7f22cf6adef683baL,0x00000000000001a6L },
-      { 0x551bbae28c39f9afL,0x5057c3a7b1e075dbL,0xeeedd6009e0d386aL,
-        0x8d60b730715b2507L,0xd65f990b840be62eL,0x666437b2287cc361L,
-        0x11c2019c9cfe886bL,0xbeef8eb4ebf4ce61L,0x0000000000000008L } },
-    /* 25 << 350 */
-    { { 0x71df4f783f6d4a3dL,0x6ac9564700648a32L,0xb4173a57d4684f87L,
-        0xf0ae2e221d713b5dL,0xe8eef4e62c7e0fc5L,0xd646dd421ec5f774L,
-        0xc5e4f3dc1af0e91dL,0x73fcee0ba0aeff88L,0x0000000000000123L },
-      { 0x054667e6cb349e02L,0x2d76accf002f27bcL,0x639a3672d120b014L,
-        0x8402c2d156548bc6L,0xfdcef81372e04759L,0x09aed35779d36956L,
-        0x5d0843b61de45356L,0x16e122f7b2d31760L,0x00000000000001c7L } },
-    /* 26 << 350 */
-    { { 0x5ff6e5554594bca8L,0x85a83cd1bcb20291L,0x4202282673cb711aL,
-        0x24303de0175675c0L,0x426f264d2756e198L,0xbf84530704f7f348L,
-        0xe8203455e5137f75L,0x5ab0febd0a6119acL,0x00000000000000a3L },
-      { 0x7e826f3fc403eb15L,0x84d63da08c0152f8L,0x4c0b1ad51370c544L,
-        0x3a5afc691444a291L,0x4ffe236f29fec214L,0xb55331949df836dbL,
-        0x816a0784d7e7ef89L,0x28a78c1c534192f2L,0x000000000000018bL } },
-    /* 27 << 350 */
-    { { 0x1ef828db53638a6eL,0x946738cd62a782dfL,0x126f1b39d74972fdL,
-        0xae08daf5321db625L,0x8ed69c8a39bf7767L,0x3c65874016d76e57L,
-        0xbebf5778cac27566L,0xcfbcae3b36ef536dL,0x0000000000000088L },
-      { 0x3f548dcbd43d8987L,0xcfe2a5921e3b8a98L,0x19ec85179e1c2d42L,
-        0x9ebfff35ffe49227L,0x127821fc499ee1a3L,0xf02ebf0ae455b9feL,
-        0x6e9864a56340b993L,0x615e97fedcc15810L,0x0000000000000012L } },
-    /* 28 << 350 */
-    { { 0x422833d5e2cce69eL,0x3c1c8bdb69ff8b37L,0x44d41dfbc9fb427fL,
-        0x15bee2ddc54a1824L,0x9c804025e8ce4aeeL,0x5bcc7e5d9e5665b2L,
-        0xf38636a040b6270dL,0x84cada1a60b6778eL,0x000000000000014bL },
-      { 0x28b4411b9b47ccbbL,0xe4bc1e916c368197L,0xc0f36e6b2562c900L,
-        0xc60d562888c55430L,0x2e9613dffb81c20fL,0xfdd934ed56872b5cL,
-        0x6bacd3ad187bbdddL,0xf6f821d7d1e42d9bL,0x000000000000012eL } },
-    /* 29 << 350 */
-    { { 0xcd767d6025104f3eL,0xe0d35530b0b2f859L,0x6ca28dab02abdd82L,
-        0x6067b9bbdf3510a2L,0xdedc9f658f189d83L,0x80496472f42b7bcaL,
-        0x9c8802199fd57966L,0xe6774cf970aaf3bcL,0x0000000000000107L },
-      { 0xb1fb2955713d14faL,0x9ea12ac28769fe2bL,0xb0a35fbaeff1af3aL,
-        0x1fbdd1db98d8b108L,0x6d7db12ef9b6f0a4L,0x0a56e4cbdadac116L,
-        0x08431700b1c6b49eL,0xea501d0b69c53deaL,0x000000000000001cL } },
-    /* 30 << 350 */
-    { { 0x28007de29245c149L,0x0befcc909b90ec07L,0x734c6339e8639957L,
-        0x3f754697d0a82a41L,0x4336d11d47c0be63L,0x8325f084bda10defL,
-        0xff63085e6c2de53cL,0x67ee3dfcd36ba132L,0x0000000000000057L },
-      { 0x315b2f045951d063L,0x5c7f6d6eb6f8a257L,0x4783c43abe41ee82L,
-        0x08bf94b9341eda90L,0x85f12aced8558536L,0xb6cef1f47c1a76afL,
-        0x10c93a9304c6e842L,0x48967ee1f5ea5860L,0x0000000000000074L } },
-    /* 31 << 350 */
-    { { 0x66227cd38c9b254eL,0xc23c940e19fc7eaeL,0x20d5a008c3ccf958L,
-        0xd81a909cec5f6eb2L,0xfa042069526ce89eL,0x9d5429428e7af449L,
-        0x79cd81ded46860c7L,0x490a80a877275fc4L,0x0000000000000061L },
-      { 0x056ee04b63c81130L,0x4c31c93ad967f41dL,0x4f91d3347b98d3c1L,
-        0x5a584efc0f5d4299L,0xb591f98e4bb653f4L,0xa4bdd54c2f4e0cabL,
-        0xe2b6ae4e8905a6eaL,0x0101e1289d3abe7dL,0x0000000000000087L } },
-    /* 32 << 350 */
-    { { 0x15581925de0d59fdL,0x861dbef21e668987L,0x000ca03681fdaea7L,
-        0xee45e5edb5007bf9L,0xd98680509485c5fbL,0xd58ca541e2a800b9L,
-        0xa0d643df05e1bf66L,0x3db52cbfbdcf7da2L,0x000000000000011cL },
-      { 0x0a1db94387af7109L,0x33754c60fd35138cL,0x2bdff118fc19982aL,
-        0x2e8eb645d22ccc69L,0xa7873cd2c73e39d4L,0xd024363e1d04ff18L,
-        0x492503d60cc6abdbL,0xade16418185ab722L,0x000000000000015dL } },
-    /* 33 << 350 */
-    { { 0x69f6ad632c6d6564L,0x547345e6aaa70f65L,0xfe220b531e796903L,
-        0x9dc4208eac90043aL,0xdbcb2f9b1ac77eb0L,0x1509e41b952cb582L,
-        0x5fe81cfafa615100L,0x271bdeea16628120L,0x0000000000000084L },
-      { 0x09d9f31d93ba6f29L,0x87762e121d5b9333L,0x5c78a0f96729ad96L,
-        0x252d6ba8fb40c1fdL,0xfa3b5aae976145fbL,0x3838d4e64345c9ebL,
-        0x90a0427561b22f62L,0x3f2b49f9eade3582L,0x0000000000000139L } },
-    /* 34 << 350 */
-    { { 0x7e06283b88db8098L,0x5254f2d8bdc2ee3bL,0x19a4b99da7d1d2bcL,
-        0x5b7cb7c9c823fcafL,0x1610c35b55920769L,0xe39bf6381629e60eL,
-        0xbb17270b9ffdb484L,0x41f2041ae9758c69L,0x00000000000001fbL },
-      { 0x51a46b85b2c0c563L,0x2b69e1e711275735L,0xb671220e53b3dcbeL,
-        0x7340bec853362fa3L,0x6f57ddb541eb7772L,0xdf0ee415cb596fb9L,
-        0xc417728bff8477c1L,0x684c4fa4c3d566e6L,0x00000000000001d3L } },
-    /* 35 << 350 */
-    { { 0x43631e362ace4d30L,0x476ddfb7e15627dfL,0xd855ee87e9821f21L,
-        0xaafc352d13a160fcL,0xd491b1e722a31120L,0x2e330621a26e8121L,
-        0xb50d21650feadde8L,0x223817649b3f8fdbL,0x0000000000000161L },
-      { 0x577fc13560e6851fL,0xf4782a8cb3f655caL,0x74d5c579b0f5f244L,
-        0xdc93688ba2d001acL,0xa28376ef70768956L,0xbcb66d8a81df4a2eL,
-        0x2d1fd4b5f6ec5bb9L,0x95fa7d6ebc9d4619L,0x0000000000000069L } },
-    /* 36 << 350 */
-    { { 0x9c427efd472a1c76L,0xbb1abff22bb334b6L,0xec7c11468050c592L,
-        0x3795ab5851c77dffL,0x403fa93cd0a8565aL,0x7ea1b2ca8560a630L,
-        0x644b40bfd92ff341L,0xb83c8b3e25f2cbbaL,0x0000000000000178L },
-      { 0xe46c901a355d1a67L,0x0c8aab17077d71ccL,0x7d04573304f187a4L,
-        0x3849de53bd2def81L,0xb0b7dd7bb334041bL,0xb05f3b1d245df6e6L,
-        0x561b16a93433e78cL,0x25e1f0a1995c0111L,0x00000000000001b1L } },
-    /* 37 << 350 */
-    { { 0x998716bf439d38a7L,0xd7f8d80f14ec2b79L,0x52cc523e0a116fbdL,
-        0xb6fa8f35c553eb57L,0x2a9daed4b1df475eL,0x0f2a03f56efb1ea3L,
-        0xd87de564a207c6daL,0x0d29f1b85c150d6eL,0x000000000000000dL },
-      { 0x35c9657e7f6bd7b5L,0xcc1b5f16e96359f6L,0xc90a1783a5f70bd1L,
-        0x27e8319147906464L,0x107cc69df52d2fb1L,0x224e7abbf2dfc93fL,
-        0x6e0e805ec41e54bbL,0x30574ac25e5db791L,0x00000000000001d1L } },
-    /* 38 << 350 */
-    { { 0x32b656e891d18868L,0xadfe8b2599eece6fL,0x6c153a31bdf1972bL,
-        0x1b84a569401b1912L,0xa2dd8754adb8c7f0L,0x15bd0ffb165374c2L,
-        0x7d7f5807ff9e26d0L,0xe009311e92a12880L,0x0000000000000156L },
-      { 0x54d8f6bc9af03d71L,0x1126a5a5e0a9ef63L,0xc1f792885b103cb6L,
-        0x5e67739473108a70L,0x9a3befb284db9b2cL,0x9333f1aca12fbb34L,
-        0xa5d2a0f07cda2b55L,0x5372d3c2551e98a3L,0x00000000000001a5L } },
-    /* 39 << 350 */
-    { { 0x3d682a3d4db17b24L,0x7560eaf34eca0d89L,0x47e3a60c20dd7043L,
-        0xab67577582a0d23bL,0x2714437809a33798L,0x117b3f8609a73afeL,
-        0x15f677792e71e0daL,0x861f0bb2216749aeL,0x0000000000000034L },
-      { 0xb6755fb0e3ecd9c8L,0xc2db4ae203f7866fL,0x5d4e3aa16690fbd2L,
-        0x1e38e9a09b18ec9cL,0xc2c95824c703231bL,0xa8c457089d8a4205L,
-        0x5504ec5e4e6d1e7bL,0x42b6c5bb54127e2cL,0x000000000000016bL } },
-    /* 40 << 350 */
-    { { 0x94dcb7602d3724f7L,0x092d781e5fcdc7d4L,0xc3fedca6dc823e29L,
-        0xc2c19e31aebf4ac9L,0x2aeac69beaee6608L,0x2c2e52376c85a59cL,
-        0x08949223a91d8cf7L,0x9ef9b311f0811914L,0x000000000000003bL },
-      { 0xbc09e4ad786d0a50L,0x482bc9fd3b427aacL,0x614bde569d2ef9b9L,
-        0xd9d846800763d7b6L,0xe1c9849c7685856cL,0x5761de36532a8b13L,
-        0xaee9ae018ab8534bL,0x6297f7cdcffe238eL,0x0000000000000045L } },
-    /* 41 << 350 */
-    { { 0xfab2dfc946c1f383L,0xd3520f6418f56f5aL,0x443d47dcf8bd38b2L,
-        0xdb480bec4f279932L,0x5bb596b154a485e4L,0xdcfb04fde2601b21L,
-        0x0271c9d48a3b9c6fL,0xf67d082d938b7bb8L,0x000000000000015fL },
-      { 0xeef77c2d42f4ac8eL,0x2dd70fb546d67b2cL,0x5e588ff9d68b1997L,
-        0xe29565b76ba5fa5aL,0x6764f0e9d4f57c19L,0xd6b78633e66716aaL,
-        0x3483bdb27fd1a5a0L,0x24be2d70396089daL,0x00000000000000d4L } },
-    /* 42 << 350 */
-    { { 0x13ebb2e30333009bL,0xa842a7f9346ee656L,0xcb9fb67a1cb3b9f9L,
-        0x9b5fc3e5903d755cL,0xe776dadc2c519041L,0x1a3bbea475246222L,
-        0x8a1f073c2b03e847L,0x85beb02d5652c2deL,0x00000000000000adL },
-      { 0xae2eada769e89348L,0xbc20bd57cb14c2cdL,0x079bf80535196234L,
-        0xbb48228f19ee0845L,0xf53f5367fb15d09aL,0x256bd1e0244cd8e7L,
-        0xd4a0ec81c471a7e8L,0x9ba40ccbd4b56f89L,0x000000000000000aL } },
-    /* 43 << 350 */
-    { { 0xd8f106f9a769db32L,0xfca92fe9493257bcL,0x32b2bed729a888b6L,
-        0x13fc9590529f5843L,0xe2edce083bcd4012L,0xb316e6af3edeb588L,
-        0xa0bd8dde9cbb3ae9L,0xddb5d928d8601cbcL,0x0000000000000053L },
-      { 0xced907601d3ae473L,0xaf2f245cbe08d340L,0x15eef9c599466d91L,
-        0x3bfb970e9a2dd09bL,0x03c79319fd4d1efeL,0x9c6204518ce8f852L,
-        0x34b1b4dd37bb72ddL,0x225b8a0b6e356b38L,0x000000000000009fL } },
-    /* 44 << 350 */
-    { { 0x354d7d39ff3579ceL,0xd61a6c33687273dcL,0x8e79f8ba0bf66ea7L,
-        0x0914b68cc532810fL,0x86a1f3be19d74cd1L,0xf663a8d2ea1de01aL,
-        0xe890d4e8f989647aL,0x1c31bdc54c3460f6L,0x00000000000000edL },
-      { 0xc48f0b654d05c7c2L,0x10f0830687586519L,0x3a28a202b0b0b6edL,
-        0xa1ebb5b9a5655d5dL,0xbf19a5ab05790e30L,0x1e4ad7b17d237ad6L,
-        0x829ae2daa98c9125L,0x5406f57a544704b3L,0x0000000000000099L } },
-    /* 45 << 350 */
-    { { 0xb9a01925ff611f79L,0xd0dea6882d74a7d0L,0xd80aae28a95f1244L,
-        0xf70563196bebe957L,0x4ae651ef7898c6c5L,0xd293ea624619976fL,
-        0xee6b9a710bb857f5L,0x360dd469c307fd59L,0x0000000000000060L },
-      { 0x1a0bd0e9eb91952eL,0x30b79c523a77c2b4L,0x847f13fa4936db71L,
-        0xcd9fe25186f14605L,0x7f06535625b761afL,0x01d47bae6eb335f1L,
-        0xfdd96f8d6c1417adL,0x7dbd3cab6631990eL,0x00000000000000e1L } },
-    /* 46 << 350 */
-    { { 0xd83c97e2086cf3d4L,0x590b4f8641268fe9L,0x5c1bb1b8a6161137L,
-        0x49a11f2f49eeaf5aL,0xc2cf4d03cbb75280L,0x21ce922a465592f9L,
-        0x8c6eb3c8ee919d03L,0x5b9a98e8c6b5102dL,0x00000000000001b2L },
-      { 0xb4ef0faef120a8b7L,0x5e89cb627dcb8d5cL,0xcef0e7bef2f28c26L,
-        0xb52b392db642cfc8L,0x040a684ef03da73dL,0x5a723b5297933d4fL,
-        0x29fee2268dc82a55L,0xe3c0f2c4aca0067bL,0x0000000000000051L } },
-    /* 47 << 350 */
-    { { 0x8e229d60a712d633L,0x7f1fe86bdd051e59L,0xc11af604d4ee7fdfL,
-        0x9c0795378a1c305bL,0x6a1303f3cb306a9dL,0x07ddfe2aa268a120L,
-        0xc779ab13dae81354L,0x99f2a4b38406f8f3L,0x00000000000001daL },
-      { 0x484fb852a158cfd0L,0xa4af6f9d2ca5e503L,0x4a8f9542f4809264L,
-        0xe2c2fbd1146c0eafL,0xf06da61c067ff9c1L,0x33667ed5cd3a0fc2L,
-        0x708523a842fcb10bL,0x18b6364260d97a55L,0x00000000000000f9L } },
-    /* 48 << 350 */
-    { { 0x6af20098edcc581fL,0x744e603fb1d8ef85L,0x77a155e23a4c70c4L,
-        0x7cfec62980e719e5L,0x6ad16816771adb9aL,0xab2b9ae6917101b6L,
-        0xfa1c8fa122b8606cL,0xc6ade9b6912fc59aL,0x0000000000000099L },
-      { 0x5842a39a8bbc4442L,0xf7ccacc0937825eeL,0x8af901af76669dddL,
-        0x4cf82e79e7ca6918L,0x379dab5022df76d8L,0x7070302afcc877bdL,
-        0xa959a86b0dbbc81cL,0x38c984cb78c2c637L,0x000000000000008aL } },
-    /* 49 << 350 */
-    { { 0xe5e34c9afe2aa4e3L,0xbeef09e66cbd98ceL,0xf2326ace0f624fe7L,
-        0x3145bf2e6b6bd9e5L,0x8e26b154371241dbL,0xa8d70886b20897bfL,
-        0x240fcf30e4ec8a60L,0x065ad618b722ddfaL,0x0000000000000184L },
-      { 0x04e64b08825ed711L,0x2bc526e052ae37dfL,0x0d76611b2229209cL,
-        0xc5ec72065543bb31L,0x5d661329bd37b323L,0x4aee961c97f208f9L,
-        0x296e8e5af8bcea25L,0x55be6c51c7f25a43L,0x0000000000000183L } },
-    /* 50 << 350 */
-    { { 0xbd485a2168b9bac6L,0x96f8ca66b92c9bd3L,0x54651d6c9d5cd2ccL,
-        0x85a397f49b4d3558L,0xf9d46be109323661L,0x0345303a0efc8936L,
-        0xd7cb4ab7b2193896L,0x3838fc1e8567d8a5L,0x0000000000000092L },
-      { 0x9d27d6cc5888449bL,0x92fb49af08f1717cL,0x7bd684a61b7df8faL,
-        0x8d22465d49ddd9f5L,0xea8a1ab00ce6997cL,0x8a1f6f92b62a9a5dL,
-        0xba4ee8c067caa406L,0xeea34c787853c0fbL,0x0000000000000153L } },
-    /* 51 << 350 */
-    { { 0xcca88cfe71c9210eL,0x80dfea7f906985e3L,0x2d6d64511adc705aL,
-        0x1f00f1cd6a679020L,0xc90876f676b76b73L,0xb6782716fda27e31L,
-        0x38816e90e3a35a4cL,0x68eccad2ba92fb37L,0x00000000000000a0L },
-      { 0xe79f9da1ee9ca568L,0xf5177267a2f60f20L,0x51bd81c4442792a4L,
-        0x16871ba6b31012d2L,0x423ae3d46c49f876L,0xc1761593ca51334aL,
-        0xe3e4701cbf879981L,0x718001bdf5648e7bL,0x000000000000006aL } },
-    /* 52 << 350 */
-    { { 0xe05ad50282808e09L,0x7b5dc16001e4f0b6L,0x78d1ca1933a6eea2L,
-        0x9af18043509cb3caL,0x1e796ce5ff953005L,0xcac11cada26b33f2L,
-        0xfb9db0d67d84e525L,0x1b66890a8bb37875L,0x00000000000000adL },
-      { 0x7bdca42375d780efL,0x0af21a0bd16d7858L,0xb56371f7cf42aee6L,
-        0x0ed2542214bc7ae3L,0xafafd8948c5de97eL,0x340a2c54bb065e75L,
-        0x4adb4195861c19d2L,0x98c390dba914dc62L,0x000000000000001fL } },
-    /* 53 << 350 */
-    { { 0xa7f5f77023a25854L,0x95c125267a96c4dbL,0x61219e73c1777cacL,
-        0xc6fee78ab8df403dL,0x78e99f85fbf090aeL,0x9b7e068c86a1283dL,
-        0xbe9e1b8565ed0dcdL,0xf7a0bb1948a40837L,0x00000000000000bfL },
-      { 0xd389955952c2db22L,0x40469180e852e506L,0x450f976387d5db74L,
-        0x7cd7fc5ccc0b418cL,0x1fb11db4a5fe3416L,0x4b72467f1c837bd7L,
-        0x5619b345e8279f50L,0x4d0dea319ff61f46L,0x0000000000000107L } },
-    /* 54 << 350 */
-    { { 0xa948d7bf766acf6cL,0x8f741ac1004e4c47L,0x7f1a1ef4defbd931L,
-        0x5c0d5e57e6cfa20eL,0x496aead973d9db88L,0xb5f11ff5d6f826d7L,
-        0x668dd88800cd9347L,0x22f18499a4ba53dbL,0x00000000000000d5L },
-      { 0x420e05d696fbb953L,0xbe035ecb7c5c8155L,0x8027eea1d72b42f1L,
-        0xd679566ddb39e9c0L,0x60205b0969fc5b43L,0x9a8ba2d92cfe4776L,
-        0xb6677a309c14db60L,0xf9a134b3f1fc12dfL,0x0000000000000024L } },
-    /* 55 << 350 */
-    { { 0xc696cf6211e1d5caL,0xbbb285ad84300330L,0xf241d535d08e2f4aL,
-        0x0c85f24ee196ee2eL,0x2b070d57bf38d376L,0x7ef93bd06a98849eL,
-        0xb45d3d7bee04656fL,0x5fe517a5ad03b679L,0x000000000000015bL },
-      { 0xd3536e2059c48b4dL,0x5cf6b777913f2941L,0xab4e101bd476b4e6L,
-        0x1f717cd6a1e63091L,0x65c565f6c58ba036L,0x72bc476f79c53ac6L,
-        0x467ede3be42bf81bL,0xc31436b46e7c6917L,0x0000000000000161L } },
-    /* 56 << 350 */
-    { { 0xe8077e42ed76067aL,0x7a4d661b5885cfc8L,0xed03423d6e12c1efL,
-        0x2af0bd867d62b094L,0x5d5c959dbcde7990L,0x91f3292361c8c493L,
-        0xd3a2d1371ddd8404L,0x43cf907ee9416bdaL,0x0000000000000179L },
-      { 0xadd9d450f88ab3d4L,0x26abefd97b3c1b2cL,0x0eabdf60f0ec7168L,
-        0x48584461499d981eL,0xe2024f8a65f1e952L,0xb13926bdcc1fc913L,
-        0xe32e53c3ba02b960L,0x44b16d28b114c958L,0x000000000000003bL } },
-    /* 57 << 350 */
-    { { 0x0015027283ce0bcbL,0x5a6f1e8ad0a33983L,0x4d483980f1c66143L,
-        0xb37a9caf03204939L,0xb5e0caab9891623fL,0xaa5e602a0af5cfd2L,
-        0xdb19404a6aeb8e1fL,0x5e564a47d547c845L,0x0000000000000077L },
-      { 0x6502ddab6fcff0b4L,0x9b3b917c3c4d269fL,0x4277a91c89572b60L,
-        0xc4ab1a611c4fc851L,0x5e50a72e44e44005L,0xfcbb6af8780ad0dcL,
-        0xb4a90497c67497ebL,0xe9db959ad12b1f98L,0x00000000000001a9L } },
-    /* 58 << 350 */
-    { { 0xdcad1a7a26b19fb9L,0x0c1c5ff9750b92a2L,0x0f1fa28b058f95fcL,
-        0xb032e27098ee6b1eL,0xec3517835342789bL,0x61a075fe7dfa4090L,
-        0x2f5bf3468f71a0faL,0x3c420b15ba67509aL,0x0000000000000179L },
-      { 0x96facab3da8a643bL,0x1072c6a32b8a5245L,0x9b4459674b2a6bacL,
-        0xe7f134edb7657d74L,0x6fa48f3fa4ef87d2L,0x716df761e3af3715L,
-        0xe49d3969fc7f3d67L,0xd570e53846ba85dcL,0x0000000000000096L } },
-    /* 59 << 350 */
-    { { 0x47a2e7b45d421347L,0x049637bb55c6424fL,0x5213873c8891d0afL,
-        0x06df936818937d59L,0xab5b355bb5d15bd8L,0xd7cf6264f203554bL,
-        0xbc1ddb87b0e99f34L,0x8fbc558ac4d2b9e1L,0x0000000000000084L },
-      { 0xb56dec543b99c8abL,0x41e629b48623e2feL,0x47827ed735ba9b9fL,
-        0x23b57733e9486cfeL,0xa700b45f5fd4f31bL,0xb79d74ad710066b8L,
-        0x7b479783645d8579L,0xee14d73cf1a07835L,0x00000000000001abL } },
-    /* 60 << 350 */
-    { { 0xe769d8f767a1352dL,0x49b1d2c3e9856974L,0x9c15a1fc86e54afeL,
-        0x2d2c7e68b0e5b119L,0x3556ac15432cf4a2L,0xe25ebe20f39d2d76L,
-        0x048843ae51e8c89eL,0xce4822e802531be3L,0x000000000000004dL },
-      { 0x4992a988c947b6d7L,0x7eb5fe67eb717c00L,0xd4f2215be33b7f1fL,
-        0x32b9fcc2a4511d0aL,0x4884419d4d1089c0L,0xd7457e3e3dead6f2L,
-        0xf12c9f16c66123f8L,0x2ff7bccda2831727L,0x0000000000000025L } },
-    /* 61 << 350 */
-    { { 0x0e0272a0d8d3b893L,0x63fb603b4c72d7cdL,0x2f171bdfcf3b582aL,
-        0x624213d2708de1bcL,0x8a005cb66837c905L,0xd4146129e3c98adaL,
-        0x1ab6660facaabcb7L,0x0db3d2d28ac26da3L,0x00000000000000d5L },
-      { 0x48509cfbc07194c3L,0xff8f379fd2f9b6d4L,0x08de73963fc8d8cfL,
-        0x01b7305c8cdb7e13L,0xc49a1ceb4975a9a1L,0x5d43e036ac7b27e9L,
-        0xd966fb67695b828fL,0xc7ec9f958dbdffebL,0x00000000000000acL } },
-    /* 62 << 350 */
-    { { 0xb044c5b0a1f25fdcL,0x6bd4233dcf34c1edL,0xbdbfa1ee0d505218L,
-        0x1437801986e88bfbL,0x954329dfc9a0bf44L,0x7fe788acfcddd582L,
-        0xc89b05d567f5acc9L,0xfb5501ae95b0f029L,0x000000000000008dL },
-      { 0xd48fc71fa2c08347L,0xd7b35093f58203e8L,0x577552bf58cd9e2eL,
-        0x4832a9a2b63e6139L,0x6c51bff38d52008aL,0xb06b694411d85498L,
-        0x617537ad72466c2bL,0xd62576bc4e09a213L,0x0000000000000087L } },
-    /* 63 << 350 */
-    { { 0x66ced69ad8552a05L,0x53532f6f8c357a98L,0xf59b886be8474111L,
-        0xa434122383b36ae0L,0x5116daeee9fb4e22L,0xcbf240f8f9944958L,
-        0x7f5ee08c446b39b9L,0x7b1439a31d6d5952L,0x0000000000000013L },
-      { 0x1bd881fb009f21c3L,0xd0e41f4209dc3ff4L,0xa0a93d64bf8bd854L,
-        0x4755443ddf4bce85L,0x2c7dd3ae5137e57cL,0xb46efb67abbc8e6dL,
-        0xa9992f040bb87209L,0xf87c5f8f5b4ea762L,0x00000000000001b3L } },
-    /* 64 << 350 */
-    { { 0x58e8ca2cea2e4075L,0x5307ba37f271d545L,0x14de3b6e7ae7ad07L,
-        0x6bf3dac6169efeb3L,0x7be665b6f0996ac4L,0x3cbd076660a81ea5L,
-        0x93369d84b0876044L,0x33cd68dc8a489412L,0x0000000000000133L },
-      { 0x44912d16dca5b802L,0x3c30f445808db8c1L,0xd59e92904d2b7d5cL,
-        0xc1e20a6b2697a600L,0xfbbe023c3a028772L,0x8873d0bbc6e3b099L,
-        0x5fe76ac9050828adL,0xcf2ac286c0ab0ab0L,0x000000000000003eL } },
-    /* 0 << 357 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 357 */
-    { { 0x5fc885130076c379L,0x85e6f65cf31e63d1L,0x5def4f28ebc87b34L,
-        0x74d28f51ed0be6efL,0x1b83692d38771840L,0xd791f738a859b7beL,
-        0xed0cc1fea02d058eL,0x2b1befc5fecd2e54L,0x00000000000001a5L },
-      { 0x63864b8948cca591L,0x38195d6129335913L,0x8dc688bcc799aae4L,
-        0xb6d23959417331b4L,0x3d08b4f2743f8e65L,0xd46215b24fec2809L,
-        0xb37d17000497e0f5L,0x6bb17cc026ee48a6L,0x00000000000001e7L } },
-    /* 2 << 357 */
-    { { 0x59614f8580c55f68L,0x9dcd662c60ced87bL,0xe6dc932bf852f5aeL,
-        0x9db84a914f45a31eL,0x6062b2d6babea7acL,0x54a5881d28b65906L,
-        0x551e0b60b0f80dbfL,0xdb468350b286f88cL,0x000000000000005bL },
-      { 0x905656106bbb805fL,0xe38f65a46668e10cL,0xe619256657f2578fL,
-        0xc26d80922a72a1abL,0x904a9a525119d939L,0x622f5869d6709295L,
-        0x0a6ed42974543616L,0x8dad3c361c388e75L,0x0000000000000135L } },
-    /* 3 << 357 */
-    { { 0x8bf2fd7e6dae890dL,0x6b675c1fc9028f7eL,0x627b27a810d1a8c4L,
-        0xd24c988bf522e753L,0xab18f36ae0be9869L,0x9ff0e1fa962cdfa1L,
-        0x14911ef55945db5eL,0x6fd48fb37652ab6dL,0x00000000000001deL },
-      { 0xf8184ce8fbb2e5ebL,0x02056b25b09791edL,0x2e11264024abee11L,
-        0xcf22e0fec5119309L,0x64e4ed26136a9cd4L,0x16bbcc713e9b4baaL,
-        0xf2970b1f83d64789L,0x82c66547ec9a3758L,0x00000000000001cfL } },
-    /* 4 << 357 */
-    { { 0x9bf40d7110205c46L,0x10f27886161df55dL,0xdda5b7624763c7b1L,
-        0x4bce55110fbe9f17L,0x8fa954484bd30a7dL,0x302e33b31d27e799L,
-        0x4ddde60f9752ffd2L,0x98ddb153cded611dL,0x0000000000000069L },
-      { 0xdd9abcbb3e817caeL,0x3c6b3ffd52c627c2L,0x3209e7b3e28c3dfcL,
-        0x376f4071edb287bdL,0x9ddaaa58af0fab10L,0x969074cff859b34eL,
-        0xe16aec58c87e6ef9L,0xc5c7d470d113b6e0L,0x0000000000000066L } },
-    /* 5 << 357 */
-    { { 0xf0007020c199ebccL,0x1b8570d6f910a2a2L,0x35daadb9b2f82126L,
-        0x49a1e3218ca81d3aL,0x608ed9749a7ad74aL,0x92ae9decbb27faf9L,
-        0xea7db297dedcc552L,0xb61e57ff65e726f1L,0x00000000000001deL },
-      { 0x8b30b706d4b6b7e1L,0x9dcfebdd75d5772cL,0xa1e51c660b5f72fbL,
-        0xc594354756a7d61dL,0x45520f75912e1f45L,0x5c5df563771562edL,
-        0x8a2ee7850bc64d28L,0xd2c21b1430d7b664L,0x00000000000001b5L } },
-    /* 6 << 357 */
-    { { 0x845cd18adeaefda9L,0x0e694ca269b50e21L,0x060bd03952e5334bL,
-        0x4ab963a525bae929L,0x7904f9fd2a8fceb0L,0x535df726e889b7beL,
-        0x1fe0c30dab8d94f2L,0xddc0e7323f92e2a5L,0x0000000000000106L },
-      { 0xcc4c26e5404844ffL,0x53c01a4d301aa56dL,0xf7eff6a4a13a9558L,
-        0x994253bcb771fc98L,0x5b9323e8b1d9733cL,0x29ed522b1cb7c6acL,
-        0xe537003a3e4426a7L,0xbd83f66c36f23bb7L,0x00000000000001afL } },
-    /* 7 << 357 */
-    { { 0x732634970e7e5ee4L,0x01e0819a4f8e43afL,0x04dc6911b2620d54L,
-        0x5908bdeab166dd4bL,0xc27f597530b81a6eL,0x4f969894d47d8ce4L,
-        0x7d26b944a9b9b5fbL,0x1c77d724f2e481a0L,0x0000000000000007L },
-      { 0x99eafe7b9fefc298L,0xafeab30d35dfc4ceL,0xd9868f02b3fd8794L,
-        0xe8470c347893a641L,0xbde8016f9a5f544cL,0x5735714a2d93e0baL,
-        0x72d7a1dc41d47e55L,0xced50d7a89fe1dc2L,0x0000000000000137L } },
-    /* 8 << 357 */
-    { { 0x9dae6d7af8ece594L,0x7ad12f48cce0b041L,0x9d97efc7e7374970L,
-        0x7b8b1668311f5e2eL,0x0d68a7b6bb741640L,0xf9ea3dea9be65aa4L,
-        0xaa3e6811a11c78a5L,0x155ad4e50ac6e65eL,0x0000000000000062L },
-      { 0x5936d4fefebbfad7L,0xc94f1262a30ed6c6L,0x6013faf4b2081a7dL,
-        0x684ffdbf85a4e883L,0xaaff243819dbdad1L,0x8f3484441f91e40fL,
-        0x145d06f61ecea707L,0xeb7a4980ecbade82L,0x000000000000004dL } },
-    /* 9 << 357 */
-    { { 0xaf2d0a71a39faa14L,0x8c192e6be5bb2afeL,0xd62e45a44cfcdd3dL,
-        0x7b553314289c2da9L,0xfc4135f79db2af8aL,0x9f4be8fde9590378L,
-        0x20cb71f77e1f9d5cL,0x7b970c069a6d8b0eL,0x0000000000000090L },
-      { 0xdad63341ad2a5036L,0x8939b2fc3a6dbfb5L,0xd660a719b32c3bd2L,
-        0x61fea0eae187ad41L,0xc6e6c4ea766eed17L,0x0e85a989e14c91a0L,
-        0x8bf97e641167f7f1L,0x7a2eecaf37718ebfL,0x00000000000000d9L } },
-    /* 10 << 357 */
-    { { 0x374b1611a7274ad1L,0x2a0b82fdfe17b597L,0xa38209dedbe87483L,
-        0x2d31a7607617b6e9L,0x8b68a60b8c2631d7L,0xe290dfe601490869L,
-        0x9eedf0d622e67ae5L,0x17cdcb0f9c04930cL,0x00000000000001e0L },
-      { 0x8946af4e6874b6ecL,0x76be50db614e6518L,0xaf1e6990ff304e05L,
-        0x810413073edb16eeL,0x9d7160e06d0ff72cL,0x580b29bd12ef3a1dL,
-        0x47c5d81c5af9a9f4L,0xf96ef0842d828b7fL,0x000000000000009eL } },
-    /* 11 << 357 */
-    { { 0xa49b5b4d854620c5L,0x9e05bef6a25f2145L,0x53939ef2c63ed521L,
-        0x436783a1db13d740L,0x38f3aa8913f1e4b7L,0x23317818c364e263L,
-        0x301a26769ed21c63L,0x6e11a2342730950dL,0x00000000000001fdL },
-      { 0xc0dd00fe5bb3e26dL,0x0af3994912689233L,0x7ac01fb7c309b0bdL,
-        0x21ee2903f25bebf8L,0x9d9ae3a052f8b604L,0x3602803614c273dfL,
-        0x26126518bf5a2cf8L,0x022b5683c773cfd8L,0x00000000000000fdL } },
-    /* 12 << 357 */
-    { { 0xad453d3e15710148L,0xd5a72dcf93265c01L,0x153d58940f137f83L,
-        0xd15b25236577f8f0L,0xc378424bb1bd2bcaL,0x7ad83eb42dcc38e1L,
-        0xbe6c5006dea00d85L,0xf381d7b3003be5f5L,0x00000000000001cbL },
-      { 0x4290cf81a85be17cL,0xc4387af383bc4817L,0x81afe2281c4b8079L,
-        0xf231b430a26513baL,0x1d86f33cd7539aeaL,0x1bb43b3e9c4253fdL,
-        0x4eb49f8461000d51L,0xeaf801bc8115d791L,0x0000000000000053L } },
-    /* 13 << 357 */
-    { { 0x4fb83cd0f34cb82fL,0x69c93fd4019a99e9L,0xf9b3eb3e08b00516L,
-        0xcf76e0e08510cc7aL,0xe20bf27cacf20956L,0xa953142555e33a65L,
-        0x03e4e262d550453dL,0x493cf4e09dd063a0L,0x000000000000004eL },
-      { 0x677087f92a9ac3feL,0x4e26f17fdd36a879L,0x35822e0e3ced41c4L,
-        0x0e5d370bf3c6996cL,0xc7a460b123afc844L,0x2b4d9af0771476f7L,
-        0x5c3fffd48f8c1c25L,0xb02bbf7ab8ab8cb2L,0x000000000000016bL } },
-    /* 14 << 357 */
-    { { 0xfafd5607c5208d6fL,0x827f270e00c9ba87L,0xe8e7a1c84b607882L,
-        0xdd16443cf35d1a14L,0x2bd6a6a7bedfd9feL,0x62942d8dc5b2c568L,
-        0x590c4759127313a4L,0xc53b5fc26501778cL,0x000000000000009dL },
-      { 0x77c992e56221cd29L,0x1087ff0a2a5ecbeaL,0x1fca36f63f82e7dfL,
-        0xdd6bd34d86fcbc98L,0x1edd8206d7088562L,0x2d9973d492bd31bbL,
-        0x7f0e3aaba49088c9L,0x5a80616ca6b9082cL,0x00000000000001a6L } },
-    /* 15 << 357 */
-    { { 0x6c9c00cc9425d127L,0xb73e7c9e46995ad4L,0x63ea143a999706a4L,
-        0x6c760fa3855b0262L,0x596b82bd2e3f833cL,0x6d1125d423701b52L,
-        0xe44c7901fd4fdba1L,0x6e669d073ac0d4f9L,0x00000000000001e2L },
-      { 0xa580b58e12c34bcfL,0x56f7058f44605f24L,0x10addb7d59c18830L,
-        0xd6c8cebf0522df9eL,0x1d4e0092ce01eedbL,0x545e99de98246639L,
-        0x5898dc3c288b42dbL,0xfca8d04f85fc96dcL,0x00000000000001e4L } },
-    /* 16 << 357 */
-    { { 0x600c5b055bb88603L,0x9e4b5b739be3b3fbL,0xd485d76b4844ab63L,
-        0xffa20a3320cd3b55L,0x6003ad11e40ec83bL,0xeb5423b4eed37ac2L,
-        0xc25c87c09d4a0f44L,0x2de4bfe703c0e7d4L,0x00000000000001eeL },
-      { 0xaa9ee44d14bc1043L,0x9fc3875a24c86d4eL,0x8f9bc8b6b7405ee2L,
-        0xaede13e5b46a336fL,0xbf5de69f6651c1f8L,0xb8e7a34070dc1e30L,
-        0x437d3592f4d76655L,0x2d2c90e1beee67b4L,0x00000000000001c6L } },
-    /* 17 << 357 */
-    { { 0x4664ebe900c657d5L,0x7a43a626fad6a0baL,0x0fae848fa1a45bf4L,
-        0xaaba18c1a7724169L,0x10f5d5da8bd42cf2L,0x7e8c8325bf839af2L,
-        0x8d93d80931e37653L,0x74a5f0c70d179a63L,0x00000000000001f1L },
-      { 0xa04092aac673ef06L,0x22273ee1f1f44e71L,0x82b91d97d2424e61L,
-        0xa9bbc3a3e15c0618L,0xe5affe60c664d826L,0x69a5df34ef461b41L,
-        0xb5fcb32a9537f22bL,0xab073066f0b136ceL,0x0000000000000077L } },
-    /* 18 << 357 */
-    { { 0x291c30d8d404dbe2L,0xae586d4eba4aaab0L,0x4aa25d064fe7c560L,
-        0xdd8a3fa74a2c320eL,0xb4d269773ce46c90L,0x095e11baa1e6595cL,
-        0xbbc02c14dfcf4a78L,0x300d1c7c6fca5975L,0x00000000000000faL },
-      { 0x8f0f92e04d75128dL,0x32cf5813b7cce9f5L,0x723bf4fb506f432bL,
-        0x6d4165742f9bfc6cL,0x6d46f9a0afeedb54L,0xa80d2408ab7e42b4L,
-        0xdee2b761092cd638L,0x5ca05ac471680b52L,0x0000000000000078L } },
-    /* 19 << 357 */
-    { { 0x67ac7288f9b1e2a9L,0xd39accd88a9618dcL,0xf2eea4079788f1cdL,
-        0xad399fed231e29d4L,0xdd9ed7a7c3fb75bcL,0x5e209b29d3b22d47L,
-        0x207a0f402d4f8b93L,0xd6c21ae9ad537dd5L,0x00000000000001d6L },
-      { 0x12f0d8e20c6e991dL,0x9b2203f781f55960L,0x682308fa3fb0ba6dL,
-        0x58c21718501385bfL,0xe7edb949f2e89261L,0x711b06333e12d5dfL,
-        0xac5ff61ab4711546L,0x359f9e52fbe942ecL,0x00000000000000f1L } },
-    /* 20 << 357 */
-    { { 0xa7141cb5aa76edf9L,0x709fb9dbcdcda2d2L,0x49a8a4a4cafc26ecL,
-        0x4fc050c2b2aaa10cL,0xffdc2eabf44d5826L,0xf762925f09ea8dd8L,
-        0xd6378df3f8d1c25eL,0x26e9594cf8ef4a7eL,0x000000000000012dL },
-      { 0x17199c483eece377L,0x629bc6f2efd1ac52L,0xf4d78f2194fc4c0fL,
-        0xce45f81dc083c2b9L,0x26e4498e79b23374L,0x8e61a4c5d50a6fe3L,
-        0xde6b4c398df5a418L,0xc5b45d1908a404ecL,0x00000000000001a9L } },
-    /* 21 << 357 */
-    { { 0x59b3569b5557920dL,0xad74bcaee1289fcdL,0x1da74246b83a07d3L,
-        0xb8281e1a04d7b322L,0xff7eb19711c785efL,0x401faa11f3120671L,
-        0x757abd6ac64f7560L,0xba32b8d9912332e2L,0x000000000000015cL },
-      { 0xbb6740b88645d3ddL,0x21300afd5fb11e5dL,0x52e8e04d824b3790L,
-        0xff431ad6955ae754L,0x297251b6af3db93cL,0x815b56ad6e5fe4c4L,
-        0x7bc72cb2302c1847L,0xb47872d5d8ae63fcL,0x000000000000010eL } },
-    /* 22 << 357 */
-    { { 0xef086d92606c5ccdL,0x0368a9b91ad1f2a1L,0x7dca53159a4216d7L,
-        0x3b9722752ba7308bL,0x680fb882cbdcb20dL,0x8cf5b86093be3a49L,
-        0x2c366b9798528bf8L,0x83e51a9a2a100078L,0x0000000000000039L },
-      { 0xc4d52471a89bca47L,0x1b57283abe28d462L,0xd2435fb58f2b7ffeL,
-        0x9c3b714e58596f3cL,0x29cc40da99689f33L,0x1f94e6936d34becbL,
-        0x226148c7690e3096L,0x1b37296b5db2e1a9L,0x00000000000000d9L } },
-    /* 23 << 357 */
-    { { 0x86aaa7871589aaafL,0xa58a71afcf62397bL,0xb3f39935783c57c4L,
-        0xb4bb84bd1d05d2daL,0x8dcaa3a8bcf38515L,0x0328ff676c302fbbL,
-        0x2f6ae585de90d3bfL,0xce78807594b3fa66L,0x0000000000000082L },
-      { 0x3020d12b6ae46a4cL,0xa4a0efdd0714efd6L,0x4ce6635189a1f1f7L,
-        0xa42a3a2d17f8bbb6L,0x3e63a2011cd5084bL,0x0e34ebb1e4b7753eL,
-        0xb0db48f4e104b70cL,0x6365edb85230ae6dL,0x000000000000016bL } },
-    /* 24 << 357 */
-    { { 0xeaa998a0008164d4L,0x15d52dcd413f4ff0L,0x3b180c19e4ff76a9L,
-        0x879fdc34c30ecbf4L,0x7ec379cd518fd432L,0x8a51bb32e6161641L,
-        0x92e85885d582e0e8L,0x5503550ae00847a0L,0x000000000000008fL },
-      { 0xddf4c5cc039b003cL,0x0c8d3f93c4814d97L,0x213ca9b502075f02L,
-        0x347d87b988920f8eL,0x96ef11c896dbf1b7L,0xb092ba1ccf927dc6L,
-        0x6a12dcc7d068f694L,0xe98db68d16a6e447L,0x00000000000000aeL } },
-    /* 25 << 357 */
-    { { 0xc29f18d0d033e447L,0x4bf3a1eea22ae892L,0x92527cbfb0eb6f5bL,
-        0xbf7f74b77873907eL,0x32e0d8d0c55a06f2L,0x801bcde493e6f6bdL,
-        0x8ea36c4790dac3f8L,0xa17b404d8d084a01L,0x0000000000000096L },
-      { 0xadab47b6278c74d3L,0xbd17de910fa2bbdeL,0xb85a0413ca875158L,
-        0xade2a656639a7532L,0x5434ba0b0f86e65aL,0xa4b00d71423a16d1L,
-        0x2025b8db4f9d19e8L,0x774d5ba564a9c56aL,0x00000000000000e2L } },
-    /* 26 << 357 */
-    { { 0x89e6bc861181af3fL,0x989fcb1039d582cdL,0xdbe760be95374939L,
-        0xc2a3b1a495db6d56L,0x00ca290f0bef3e32L,0xa80d17d5fb7e42c6L,
-        0x37f23682391433b0L,0xa1497300fd3ba245L,0x00000000000000faL },
-      { 0x6684500110b99e4dL,0x163a5154d25f774bL,0xc3cb0e0eedd0e224L,
-        0xf3b428594639adfbL,0x29b757cb827a88cdL,0x3b93e712313a5d62L,
-        0xe90427941f2b4ad6L,0xd96f3be6f339ce2fL,0x000000000000010eL } },
-    /* 27 << 357 */
-    { { 0x9d900733986982c4L,0x318552d9ac043e1bL,0xc31329e818f19cd9L,
-        0xd4545cc6e6d8fedfL,0x584a8c309990ad83L,0x9822bf5cc7f5de2aL,
-        0x88a4ab27a1a0595dL,0xf33dbec11849603fL,0x0000000000000044L },
-      { 0xee18a6fa902af180L,0xbd6749d62d8a0745L,0x90f819e378988322L,
-        0x77cbf6c1a8a89881L,0x2b25b032afc38279L,0x039111b11f85e6f7L,
-        0x2d5c9c44f53149aaL,0x612b1f34576a5889L,0x000000000000017aL } },
-    /* 28 << 357 */
-    { { 0x57e0945b3f162106L,0xbf09909356b68350L,0x0dc60a427081a881L,
-        0x83130a725c91ff51L,0xdfc2900ab5421031L,0x7adcbe4cda92cb5bL,
-        0xe3b1b4e350fe781eL,0x825e00dc27e2e2f5L,0x0000000000000023L },
-      { 0x69dd98e974ae5f26L,0x65920f1833082671L,0x9667d392dfeeace1L,
-        0x080e764c3d330572L,0x2e4af049cbec5f4eL,0xc33a0fcd50d4523eL,
-        0xea84623a4fd8106cL,0x030d9f36f111aca4L,0x00000000000001deL } },
-    /* 29 << 357 */
-    { { 0xd59b137dd906f557L,0x13e53d54b000c6f4L,0x97b11ef277220004L,
-        0xefa864eaba1ad04bL,0x01bbe0c53b9940a5L,0x093438c59461c4f5L,
-        0xb8bd4858f02e4c47L,0xab236955aacdcf32L,0x0000000000000177L },
-      { 0x300f6e4fdc6fa477L,0x636c5e24479bc943L,0x162fb16b0a3037b9L,
-        0xc9b34c7d8d1c8090L,0x7575aeaa39f26c09L,0xea576004e4a9b03fL,
-        0xaa6ffb966b070d8bL,0x5f363e8ee19d31f3L,0x0000000000000156L } },
-    /* 30 << 357 */
-    { { 0xaec64b223ceb9d8fL,0x01c0e019c11322e0L,0x7fa117ffa28fed94L,
-        0xb4fd42817951378eL,0x9272e9c11a7e709cL,0x778d28e9d6c3adabL,
-        0x5dff9492913d9fb1L,0x5295e39d2db50e08L,0x0000000000000022L },
-      { 0x0793b7a2b251c930L,0x38b7ac80b20ea902L,0x63832322ecd86c5dL,
-        0x7c7085f103041135L,0xc6a97824da3beea4L,0x243049099bbf9d98L,
-        0x1dbbd3e6c5aa02c5L,0x777406cf81715102L,0x0000000000000101L } },
-    /* 31 << 357 */
-    { { 0x9ac223c2833f5b6eL,0xa41661e2c8ce1d45L,0x8e5c81882f76714bL,
-        0xee29488c14400154L,0xf64aff1c7f02d81fL,0x2b93109a6b843a48L,
-        0x88156fe61c2562efL,0xd4636076ee474fb2L,0x00000000000001c3L },
-      { 0x42c4cdd8a6b2aabcL,0x0cefb9353c0ab8d5L,0x950ee61226769ee7L,
-        0x516831ada2977cacL,0x1174ac00ed854041L,0x261d3bcee16cfcdeL,
-        0x8706465a2f4e7899L,0x18f2aaaff290e5cdL,0x0000000000000037L } },
-    /* 32 << 357 */
-    { { 0x46f9436c06c9837eL,0xa4feb9d508fea5bbL,0xc733ef31aa2ff650L,
-        0xa58f3ffe205e0f43L,0x54d1150fbf567988L,0x78c0ac9216052b8bL,
-        0xed2e587ba2f59a1bL,0xf80d6e5c2d6b5969L,0x0000000000000105L },
-      { 0x5029c675207ff447L,0xd8842988dedc6a4cL,0x5c3b90e4cf78d639L,
-        0xa008ae416e8e9794L,0x098d2fe729023bd6L,0xf4bc574a003e7a86L,
-        0xa7a024993d4ffa1eL,0xd55641098d521bd5L,0x00000000000001e8L } },
-    /* 33 << 357 */
-    { { 0x747b5923d475cebdL,0xe868d30ae7454df7L,0xc60fcf2ae8560236L,
-        0xddcff0f2967f3f67L,0x84fbe85f458c2bbaL,0x3daf2c80fbff1388L,
-        0x4799d4f27e86e7f0L,0x84482f9e8a74569dL,0x0000000000000018L },
-      { 0x521f01352b57d1d3L,0x7b4a58b49c2977e1L,0xd4b814010c9765b2L,
-        0x50c0eb1af6d91eefL,0x2ad82cb773e68f47L,0xd4768ebb16252241L,
-        0x92b37e3e308599d7L,0xea44f24f999beabeL,0x00000000000001d4L } },
-    /* 34 << 357 */
-    { { 0x7ec4adf92400c234L,0x956e6df24207eac9L,0xd2676feac9e07ecaL,
-        0xb1d7900cd44e5bc2L,0x7371f0078421b464L,0x9dd2c07c552ddfb8L,
-        0x55b32fb91ab48f64L,0x4c7aa6352d161efcL,0x0000000000000016L },
-      { 0x62af0f34d40817d4L,0x2bc7f399354cef0fL,0xf614ed51aef88f33L,
-        0x2a8aaaf6562eb7b7L,0x3f69e05f9374c7f9L,0x4e8580ac24a5d254L,
-        0x9fb8ded394aaed09L,0x47ee6861b44f65f8L,0x000000000000009fL } },
-    /* 35 << 357 */
-    { { 0xb88da0dd0cb7d987L,0x5803bf709d01e454L,0xcaa7cc1831cc5a05L,
-        0xfd0c0e2094704898L,0xd20841e583df7331L,0x0dadf18abf70720aL,
-        0x0eee9aa2e95a1826L,0x47c43dbaf7356e8dL,0x00000000000001b6L },
-      { 0x46f3881f01992a30L,0xf99d10419928c31aL,0x8cd5efdffba1c52fL,
-        0x527ddf05123c3357L,0x46943c89233150b9L,0xf41e12734bbd1ea8L,
-        0xa0cd7fce8c62e10cL,0xfd21a999192e00f3L,0x0000000000000183L } },
-    /* 36 << 357 */
-    { { 0xe6e75221cfe610aeL,0x1c98a33934eb829cL,0x1c8d8d909a4ac715L,
-        0xace287a451bd9ccfL,0x24fd7cfcbd6b8384L,0xce03abe6093b52baL,
-        0x42ac7a7ae38467d1L,0x97663c10c0df6af2L,0x0000000000000173L },
-      { 0xeab753a507e4f493L,0xe36b7afafecb8668L,0x02694012da27628cL,
-        0x8cf6fdf942bc520aL,0xe8549a7e7f995666L,0x5f0a927973d4a08aL,
-        0x1a87664ab708a5f3L,0x68333933435d6adcL,0x00000000000000ceL } },
-    /* 37 << 357 */
-    { { 0xb577c1533f989761L,0xae35d211bfa3d8fcL,0xd47c40c9b1f4a399L,
-        0xd5b0975b2364454dL,0xed4d9984b3237eedL,0x97c31b497df401f9L,
-        0xb7b427e22bc4659aL,0xd9bf226f45a55ae6L,0x0000000000000075L },
-      { 0xa5990f28073531a6L,0xe76bc93d8f8b9a4dL,0x588489cb74e5ed46L,
-        0xd13ed6ab72ee0648L,0xc2577aeefed5353cL,0xdab9de078dc20accL,
-        0xcac8e1f9d57b513aL,0x5e76607aad484dc4L,0x000000000000002cL } },
-    /* 38 << 357 */
-    { { 0xbcb19c11883359b4L,0x3ad2e194c4e7949aL,0xb773fca20ffa7882L,
-        0xbd1a7603e60cfad7L,0xbea03ebea5b4d66bL,0x875da4b871223c53L,
-        0x2e33d74ab5abef29L,0xa3ce7d910fd9b58bL,0x00000000000000d2L },
-      { 0x54784134feeafab8L,0x0af5113379e28a21L,0x02245680f0f5e643L,
-        0xf467cdb0027bfdd9L,0x9446e78a520929e4L,0xc0190cecb05f7059L,
-        0x31cbdade20e99cd1L,0x970d57f4c9001716L,0x00000000000001d6L } },
-    /* 39 << 357 */
-    { { 0x19dfeadf318077a4L,0x646f8bdab99ea8cbL,0x9c32bf839bce9a97L,
-        0xf054bf9ba74ef02bL,0xb51e016b44a4ca3aL,0xc6e07a7bcd3dc334L,
-        0xab3b52ad878eb40dL,0x12aa8a92ed323d42L,0x00000000000000acL },
-      { 0xa3436773633c177eL,0xa9c7bee1e2b5ef90L,0x175955d8acc698a1L,
-        0x473dd3eb2725fc60L,0xa7b4bc94c65fecfcL,0x8767e77f84427009L,
-        0xb719a53fe6c0bfa1L,0x66025e6e3b082160L,0x00000000000000a6L } },
-    /* 40 << 357 */
-    { { 0x8b335fa8eb78796fL,0x632a1e3598c921feL,0x8a81e3dc13ebb873L,
-        0x6ea0a1ca392ac9a2L,0x12ac8f7d7a111fe3L,0xe8019e481b74982fL,
-        0x970840ab372bd012L,0xf08f46778030b6baL,0x0000000000000191L },
-      { 0xf1daff85ff6ca70bL,0x83a30831c4c98b48L,0xb3d1402f4b44f090L,
-        0xea42a852ffc5fc43L,0x64fb5a0e5adb2237L,0xa3f97d5cef91d510L,
-        0xaa8a0026f0d6d405L,0xa9db41befedcd04aL,0x0000000000000061L } },
-    /* 41 << 357 */
-    { { 0xec4e0725f2d955e6L,0xf65913b6ba0ad53aL,0xb5436673f9c3c2edL,
-        0xdbb1e9214c59fa00L,0x480014831381e59eL,0x688f1d33ba2b09c1L,
-        0xcf5af8117a4e2a57L,0x11e023ee52198011L,0x0000000000000162L },
-      { 0x62cf35fa3dfe2dc7L,0xbced5f18d977b622L,0x240d0df41edd8ab6L,
-        0x7e047352991127e7L,0xdc9572f31df7bc5bL,0x97b0d175afbc0867L,
-        0x6a42f136de3d2346L,0x1fc3c25f5158affeL,0x0000000000000138L } },
-    /* 42 << 357 */
-    { { 0xeab39f78787edb77L,0x56a60472ff2e9f55L,0xce7b46bff785cb54L,
-        0x278a0c9ec7d39690L,0x0cf992f68c3e887dL,0x9e148e8051d0d1c6L,
-        0x5b33c695f3755acfL,0xb0451f2f658905c1L,0x000000000000018aL },
-      { 0xa6e028307fbc9643L,0x9338cbb303b27b50L,0x5c64eda85026ee72L,
-        0x7f1647d2fcefe41dL,0x85619fccf3dbb4bdL,0x393e6efa01d6451aL,
-        0x935171004e8d8ef0L,0x32c37325ffea99afL,0x00000000000000c8L } },
-    /* 43 << 357 */
-    { { 0x2b555d0e6fe03ba1L,0x773f545a8b03d806L,0xa31ffe71bcc6d9deL,
-        0x446edf311990a436L,0xd8c4fc206592df48L,0x3317ee33c15ac3beL,
-        0x41696fb6f63b4e1bL,0x83a4cba346027c25L,0x0000000000000084L },
-      { 0xde69ed4512dd9c85L,0xd667dcced6c26d22L,0x4ded2f5b385619c4L,
-        0xd2655d51821e0244L,0x1311765ebf2c49a6L,0x9415d8cc38383d4bL,
-        0xe71bcaf8bf9db4b7L,0xb3e5627ccc381e0eL,0x0000000000000025L } },
-    /* 44 << 357 */
-    { { 0xa4933fbea92fddffL,0x7c32d97032b86443L,0x2e9a7398b183d623L,
-        0x486972894721f8c5L,0xbee88c0cc969e75fL,0x842542613c4d5de1L,
-        0x909eae9e787a1700L,0xe31ff428974bad84L,0x00000000000001dbL },
-      { 0x984cb4ee752c8899L,0xa92f6ac567310f87L,0x47f0e7caa6a1de3dL,
-        0x5c3dcb5fcfeb910eL,0x7dca121b1205acf2L,0x6399f030cb5ebb96L,
-        0xe1c316b2e398cc1aL,0xfa8d37e0852051fcL,0x000000000000004dL } },
-    /* 45 << 357 */
-    { { 0xa2b6eb345f87572aL,0x0732cec41782a0d3L,0xd9435216d41ea9d8L,
-        0x543571ed5cc97716L,0xe3521d10956feeadL,0x750eb198f41fe528L,
-        0x4af6cf943d29c833L,0x78e073e6436a223fL,0x000000000000018fL },
-      { 0x49c4e5bc26897e4dL,0xb80996a2959ec43bL,0x13ae0906c00242e5L,
-        0x9aee89d706f4670bL,0xd06613d5c8d05987L,0x201b5d15c8675f76L,
-        0xd19defe0d4c74f5cL,0x043e361e6cb41c71L,0x0000000000000180L } },
-    /* 46 << 357 */
-    { { 0x3c015437c95ad2b2L,0xca901614d09999a6L,0xf8549f51d5fa15c3L,
-        0x7fdb2f64c5630ea8L,0x1e4ee6802b7b842bL,0xf475e8cf313eb14cL,
-        0xfcafbdb3d6c70e1cL,0x77bca78f4bdd4355L,0x0000000000000032L },
-      { 0x1512a85e9b20aef6L,0x2728e6820c9decf2L,0x8b3cf87bbefd8a4dL,
-        0x3a42b96e601b9833L,0x6f27e84d058180d8L,0x0cfbc003489fd730L,
-        0x208b7f66f8db094aL,0xf5987e8fc3f1fc46L,0x00000000000001a3L } },
-    /* 47 << 357 */
-    { { 0xf79e90d3ba0cfa35L,0x3d442ee9cd0223cfL,0x21b64ccc2dc0768cL,
-        0xcbe9a804db61bf73L,0x5871a42fa4d78ca6L,0x67e5f390e0b6be3bL,
-        0x9f4b155bff116508L,0x73f1924ac84bc47fL,0x00000000000000afL },
-      { 0xfb1d1caa6f41f665L,0x4e2717a196ad7cffL,0x1772f0581d490e34L,
-        0xd52e78b067c82478L,0x53e323f99b612421L,0xb23240ab51b055c3L,
-        0xb479a9cd2902f229L,0x1a63508d40c0e2b3L,0x0000000000000005L } },
-    /* 48 << 357 */
-    { { 0x56f46aeea79fec2fL,0xae7420e6caa8072eL,0xa8d82818e0909a51L,
-        0xb6fde2a2d53b908dL,0x2c291216aa4b288aL,0x522c8be8315bc370L,
-        0x27d342ed48cbe4c9L,0xcc7e7d2282bda6edL,0x0000000000000179L },
-      { 0x28c243b826b789cbL,0x0ee9307a736b8f95L,0x6bb0026317c8d0abL,
-        0xfb2563cb96c50f3fL,0xda495d9aff006875L,0x4fb2a94706b90869L,
-        0xf00cd1a64aec98d5L,0x0eff72f28bd40482L,0x0000000000000197L } },
-    /* 49 << 357 */
-    { { 0x98b780b5760dcbf1L,0xf260047b515a1d29L,0xfac95ac3814e0ee9L,
-        0x816e57a0fba262ecL,0xfc5cd59e48334247L,0xa341052546e7e886L,
-        0xd1db72bdddb0dcadL,0x5624b146ffd69bd4L,0x0000000000000178L },
-      { 0x35e3ace300b92a71L,0xc32822663c82793bL,0x53c3e94494ffd3b8L,
-        0x9f71ff3e58dbdfd0L,0xa7a41d4df73e87c2L,0x78c91fa31039d1c0L,
-        0xb58daa057807f696L,0xa450af015c2cd7b7L,0x0000000000000035L } },
-    /* 50 << 357 */
-    { { 0x7619732f42b7fc50L,0x765e9ae03259ee5aL,0xc6e36b88f486fc6eL,
-        0x7161e3133e057364L,0xb06faa190eb94e6dL,0x5018350dd7092a7aL,
-        0x2cd31d11fb6c1de8L,0x9561568bbc8ec647L,0x0000000000000126L },
-      { 0x839b1c55ed5d4d74L,0xf167bec107576342L,0x8afd2ae346e1cc51L,
-        0x2546e4ffa5126110L,0x403b72bef10cc605L,0xe611d43086ab00f7L,
-        0x6c828ae6ced04aefL,0xdac7bcf83ad5c8e8L,0x0000000000000029L } },
-    /* 51 << 357 */
-    { { 0x921b03409c60750dL,0x1fa1dc07a742d533L,0x2001a510cfe647c0L,
-        0xfdcec65d559bac54L,0xb006791b6c9979ceL,0xd8786269d197b3b3L,
-        0x8ba2d90530372529L,0xf0552a77063e1943L,0x00000000000001c2L },
-      { 0xaee03501d5b06ec0L,0xefbc6b5a906d4e35L,0xcba825b51f8fe6e1L,
-        0x098a5cf0e1db85e0L,0x0ca97bd479d75481L,0xe2090d3481d62082L,
-        0x0ee36412b26ca32fL,0x349e9c106f66e6d8L,0x0000000000000110L } },
-    /* 52 << 357 */
-    { { 0xe4fd1cf233c62e14L,0xbd7961f581615b2fL,0x1b82c51effc3ea38L,
-        0xa02c70e8e04b3a9aL,0xf8853863926b63d2L,0x57013d79e2733711L,
-        0xb62f0fb7006a0326L,0x225a8b3b98a22842L,0x0000000000000175L },
-      { 0x6718ed9f53021cd8L,0xdea4cdec2a3bf941L,0x0323bb3a5211899fL,
-        0xd83957736e557ae1L,0x657633b4a363900fL,0xda61a25732721ca0L,
-        0x9e53c3dbd9eb3821L,0x28972548aaf7a7adL,0x000000000000001dL } },
-    /* 53 << 357 */
-    { { 0x0e6ab03f3358352dL,0xaf91d6e912a5cbdfL,0xfc0c814d8350e169L,
-        0x6d76035e025bc3f5L,0xc48c841c91cc2fffL,0x988a58692d378112L,
-        0xe6b22cf41f1c5d84L,0x4d6a80c966be7431L,0x000000000000017cL },
-      { 0x329989467452fe56L,0x7c949998851cde83L,0x62f685df83aae234L,
-        0xebc255cf3273ce30L,0x5d9b1076cc1c544bL,0xdcb2cc0ba0afe211L,
-        0xb4985ff2bf40b28aL,0xe6162860dd765e5cL,0x0000000000000059L } },
-    /* 54 << 357 */
-    { { 0xdd36dad51f7dbea4L,0x668dad4d6506ae83L,0xb38d22d45b93e93bL,
-        0x8f01ab0073a449e9L,0x66d3db72d8e6e6e8L,0x19a9dd5d3d2427faL,
-        0x0fd8d0da3d40a973L,0x479f47bc10ca67abL,0x00000000000001f0L },
-      { 0xdf05de0bff3a276eL,0xc54847b14ffdc307L,0x56caf53a6fca2200L,
-        0x9fb352117ecda564L,0x9a0a56923369ffa9L,0xdcfbf647f8af9180L,
-        0x5b6d4451678c3fb5L,0x5a60678c6ff73ed9L,0x00000000000001bbL } },
-    /* 55 << 357 */
-    { { 0xd478174e1742c389L,0x5a2383c346b36bc3L,0xfbaca1a26581793aL,
-        0x2a1d1fa6f855f601L,0x14a376f0308d3c27L,0xee58276c0cc714f5L,
-        0xcc4030a2344e36b0L,0xce095846f956b0c2L,0x0000000000000093L },
-      { 0x89a622e8aeecd9c9L,0x206e4d6f27cd372fL,0x317476b49441b11dL,
-        0x399a84cf983641d8L,0xe9f70bdcf169555eL,0xfe01d5c38ad9b9b0L,
-        0xba6a96fc72ed19a9L,0x30239e4187057a78L,0x000000000000013fL } },
-    /* 56 << 357 */
-    { { 0x4ade586f26762e69L,0xa4d590d75c5452e9L,0x866d96d7a3d17b63L,
-        0x4820299b54373909L,0x9c4970f071889f59L,0xbe409ea4a47395c5L,
-        0xa1c14b17960a0ea2L,0x4a33c8a0307327b7L,0x0000000000000102L },
-      { 0xe590fe7c2b54a6c6L,0xb4a1ab5bc8f7ed0cL,0x91f19a290051c927L,
-        0xd9f5d6078eac2400L,0x9bc268f6f0cf556bL,0x823c77404112a75fL,
-        0x1a8168497d3647c4L,0x46f70e49b3b45d09L,0x0000000000000050L } },
-    /* 57 << 357 */
-    { { 0x66bea937a3a32754L,0x780ed9ca96a00b32L,0x65e5ad8e2b5cc630L,
-        0x7283fbc3dc7657b5L,0x15dc690b934d9824L,0xd6f130dba98a847dL,
-        0x0096e9cf3f226e42L,0xe2a54507e1e7d57fL,0x000000000000014aL },
-      { 0xee2fd2150bbc21edL,0xe095c08d4301f751L,0x32b119d43e5cb50aL,
-        0xe435e70435ec749fL,0x83369dd530a40178L,0x594a72fe98292f0eL,
-        0x118880ad3d2ea843L,0x9eb5cc991890318cL,0x000000000000011cL } },
-    /* 58 << 357 */
-    { { 0x361c1f3b4d6df598L,0x6956400f491b9e2eL,0x84efa820336843b6L,
-        0x88c0cdee43925859L,0x29193ebb69c6047fL,0x13607b35f0aad25fL,
-        0x20206ebd61dddd4aL,0x0e644f1eb9fc054dL,0x0000000000000108L },
-      { 0xca58a7ac1436fe82L,0xa817cc24e935e783L,0x2345a558c8ad7900L,
-        0x64c0aff682da4250L,0x3070a842a7e6b289L,0xab848eb00aecec1eL,
-        0xa26ce7e0900a03f0L,0x3fcafea7f76a6eeeL,0x000000000000018dL } },
-    /* 59 << 357 */
-    { { 0xc93375d857c613e4L,0xd6e163aa792ef674L,0x5b8da9694c9f17d0L,
-        0x51f0cb78ce67b932L,0x3c1667b022f10ad6L,0xb370de10b6a741d3L,
-        0x5b359e3527254ceeL,0xa4699c4001436030L,0x000000000000017bL },
-      { 0x444d66615ab27a0fL,0x7a63495561218274L,0x7accc97c8b6bc0b3L,
-        0x31e90f52e9feb480L,0x0ae5f490d73c2467L,0xb42bb6330947f2efL,
-        0x12130e62ca8bdc7cL,0x87538842afc7773dL,0x000000000000014aL } },
-    /* 60 << 357 */
-    { { 0xa0e61ef29c860a3dL,0x82efb508a7a35111L,0x95110f183fdf7c57L,
-        0xd08244f748f762fdL,0xe2584f839119ce6aL,0x0818a297f38db17cL,
-        0x0e604711bc3bc9e2L,0x46d5fe361b183756L,0x00000000000001b3L },
-      { 0x3c6c64217662e9b9L,0x1e057724d4a00cfbL,0x285c8771102bcc5cL,
-        0xa606d16e09724e97L,0xab2089a86dd635dbL,0x6fdd9e810b59f6e3L,
-        0x43d64d58ff787a8eL,0x7fd128ddd9699167L,0x00000000000000eeL } },
-    /* 61 << 357 */
-    { { 0x6e1e35308e1abfdcL,0x108178640e58238bL,0x91902f99aab590acL,
-        0x5132a07808a83158L,0x530791584fdf05d6L,0x629edbe68ad80625L,
-        0x32e9651d3f107300L,0x3e162ac228a30c6aL,0x0000000000000155L },
-      { 0x32d00fc0bb96dfefL,0x14d6778057d671d4L,0xd644f22da23a3842L,
-        0x68c9d17f7564276eL,0x4081b0b960b55ea5L,0xfb317cd3bd1dd449L,
-        0x3ae6ef5a8a1905a7L,0x2daed738a3b1e642L,0x0000000000000003L } },
-    /* 62 << 357 */
-    { { 0xab014c8728aa98f7L,0xf140362355cf61a1L,0x193f4267b5240bf3L,
-        0x07d29ec4df79676fL,0x7e5d124afef053f3L,0x577b7ef54d8a7c4fL,
-        0x05e53aa25f9e45cdL,0x0306e26cc0709ec7L,0x0000000000000145L },
-      { 0xd4609e0b47d36131L,0x0a27167e024b55c9L,0xc913e714bec0a1b7L,
-        0x391fbba1aea3e853L,0x5541c7015910da47L,0x40e545fd1c083ebfL,
-        0x73a6b44870eea6e2L,0x9578a3a138a320b2L,0x0000000000000133L } },
-    /* 63 << 357 */
-    { { 0x4d63d8568a4afc5eL,0x8dba9bbb93fe42a9L,0x2786def64388b3ffL,
-        0xb178c71c588ff35aL,0x9acff904dc6b8ddeL,0x96fc5adfe39951bbL,
-        0x36c16b128622694cL,0x8d3c04a120bbc11eL,0x0000000000000088L },
-      { 0xe910f16ab73d75a5L,0xce8c56594d0c3e49L,0xf9682dfd11ec38c4L,
-        0x1c98872dec673776L,0x65e891ea498fb63dL,0x9c743402270806bdL,
-        0x773660181eafb44eL,0xb52ff43420582f10L,0x00000000000000fbL } },
-    /* 64 << 357 */
-    { { 0x768ed0f6f74fb22cL,0xc967f6567e169c57L,0xf6c74d22e59559c1L,
-        0x0a419045556961cdL,0x97e83ef261c6f540L,0x434d28d7f523b49bL,
-        0x0f83e17117ac09eaL,0xfb02352b4a281f4eL,0x0000000000000160L },
-      { 0x78577044666031b0L,0x2aa75f54d401794dL,0xabf814bbde68d202L,
-        0xc1d18b79fd8f841dL,0xb68edc5e8c8449bdL,0x837b65b088a85d15L,
-        0x31a2c34e13249fa7L,0x2e20348e54be5f59L,0x0000000000000148L } },
-    /* 0 << 364 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 364 */
-    { { 0x1d40359e91609a61L,0x9adf4e086890616dL,0x89dd66358b14a62eL,
-        0xfaa34c0a49adeb20L,0x174689f7105a9bf0L,0xbf727a3da83a1154L,
-        0x4afe90c10d6d5d50L,0x9954d9d01f2fe4ffL,0x0000000000000126L },
-      { 0x027df2555d2ac4b2L,0xa61a555783078809L,0x6f5d2cd40237c9bdL,
-        0x7cd9f911cef7c441L,0x0d5256efabc19578L,0xd86047aff338db58L,
-        0xaa2a1b5014d7c98eL,0xbe9edffaf5e65a3aL,0x00000000000001bdL } },
-    /* 2 << 364 */
-    { { 0xfd4ac9a343d7f5d4L,0xefaf0979c99e0960L,0x49f0cee8309e568cL,
-        0x72b9d2770e83b629L,0xc9462e6b6b2c1601L,0x20fd87a59014edf5L,
-        0xf153ae0a4589a246L,0xdfc0c033d0ad9b0cL,0x0000000000000034L },
-      { 0xea4cfb1187abe460L,0xde9d0bf08e491e8bL,0x8b4f7381e7b44c51L,
-        0x5b470fd4582fc6f2L,0x351d31d09bd31114L,0xae86870521911e42L,
-        0x8c25ead699c6cceaL,0x6372bb04f6408194L,0x000000000000012dL } },
-    /* 3 << 364 */
-    { { 0xf76d94ea2648a187L,0x65cd1ed8841945b5L,0xa8b8b52c6d3b41ccL,
-        0x729f4f50c03e31c3L,0x2b315b9d4d930a40L,0x32c503647c78db5bL,
-        0x53b03b69e0cab657L,0x1cb16125d343324aL,0x000000000000007aL },
-      { 0x0d0cc220cbba148cL,0x21e13a15066281e5L,0x304904e6ae6bb049L,
-        0x9ed34cf1580464daL,0xb1c66d4684a6cdaeL,0x6ad36012751e42a6L,
-        0xfeeed4dcc89edbbeL,0xd9897853a31a337dL,0x0000000000000002L } },
-    /* 4 << 364 */
-    { { 0x9f89743c7de96ad8L,0xb36af506b0e3c020L,0x92ba9b369da8c48eL,
-        0x3b06a6c914e3dda7L,0x4ad7dbd9d035a505L,0xfd87c28a5825e565L,
-        0x1f117e6b5633716cL,0xcef5e5d6dcd99a7fL,0x00000000000001e9L },
-      { 0x839ba6957fed2cecL,0xba25c337132c54ccL,0xf032353e857c3815L,
-        0x9119f2e5b3b42940L,0xcf21d2c0fecbf8f8L,0x66b09ab9b5bafb4fL,
-        0xdbe05a703946ff07L,0xb83571fc2d9ba878L,0x0000000000000018L } },
-    /* 5 << 364 */
-    { { 0xf62c03a397de0e00L,0xf48d1de82611619dL,0x15d1a317721bc870L,
-        0x6ac60d814ed06bf2L,0xb8bc2ce0890cdbd6L,0x7810822846f4b48fL,
-        0x04ef830c287c7697L,0x32961e64a49838daL,0x00000000000000feL },
-      { 0x97cd5e96d8551d19L,0x68053374b2b1fd05L,0xe3013cfcccf9a8f2L,
-        0xcefdd29f981fa6c1L,0xef3a4ba402683ffbL,0x2e945f5855edc412L,
-        0xa4a58e25bfd433f1L,0x621ef049513f74f4L,0x0000000000000120L } },
-    /* 6 << 364 */
-    { { 0x9e1fadfb16822e74L,0x601a0218e2fde79bL,0xfaf91c0fcc11fb66L,
-        0x39b3d9cd38141aa4L,0xaecee4237b5e91a7L,0xe78c36baa418ff4aL,
-        0x97ffc63f7f084d25L,0x8d9f7b524160ab02L,0x0000000000000079L },
-      { 0x4460a50327772a7bL,0xca164baf7bb4b563L,0x576f7498cf894432L,
-        0x62af7b73b7c21ef1L,0x6559cd67a1ff287dL,0x366d49030189b834L,
-        0xce4f2dd602496d3dL,0x140a8383d27b4ffdL,0x0000000000000125L } },
-    /* 7 << 364 */
-    { { 0x16a826340847c82eL,0xb70042545f9a9912L,0x798f9e628d0b4dffL,
-        0x65342a6503c638d1L,0x4f20eebe5c54e53fL,0xc14bbfc9f840e2ccL,
-        0xb7bdaec4bf5122a8L,0x36f7770447b6ee89L,0x000000000000014cL },
-      { 0x1a055b39452878a4L,0xec912e63a4357006L,0xfa8318c8ffc61cedL,
-        0x2b0d1441f05c5661L,0x0b31a6b7f197ab70L,0x69d91f5999bc8257L,
-        0x62ce77826b1fe057L,0xcc37b64e8fbf4a9fL,0x0000000000000160L } },
-    /* 8 << 364 */
-    { { 0x73c9ca8c32bf47dbL,0x9914d5863827df79L,0x594400907e5d5d65L,
-        0x1fe4f4bdcc1f4322L,0x8e14f73d38ad9ffeL,0x4b47c892eea079b5L,
-        0x753f974ac9bd577bL,0x4231ef4ec3271dfcL,0x00000000000000bbL },
-      { 0x871424ac14bcaefdL,0xb1b24d5c97355e9dL,0xd38496396b934706L,
-        0xe90a821ca8c892f6L,0x884df6cc145aa180L,0x0dc1730e4c7dcb49L,
-        0xdad8a1ef67744185L,0x444de13badd5ca97L,0x0000000000000008L } },
-    /* 9 << 364 */
-    { { 0xfa51638c3342c8cfL,0x0f68b9af3860e485L,0xea4d914d06cd5f80L,
-        0xd5a9b6123d548a1aL,0x19cf167328c71d7aL,0xf88496f3e3ea941bL,
-        0xf7458d464cd8d096L,0x40a7eccdc3a72c66L,0x000000000000009eL },
-      { 0x017e43b0f067b7ebL,0x0e89bb59ae8610feL,0x0c2437f2b2bc6765L,
-        0x58c0a84449bf2eedL,0x723b0a50c13a6053L,0x3c2f581a1d1b46a0L,
-        0x2a930c3a68e9e875L,0xf6144dd459874673L,0x000000000000013cL } },
-    /* 10 << 364 */
-    { { 0x501c908869c2c724L,0x114cd1394d26e7e7L,0x2c8e71896128092cL,
-        0xd379c77c98d95167L,0xf4dc94f8c54fd3c2L,0xcb5d6568d61f0a9dL,
-        0x57e935c0222d29c5L,0x19707d68e5ebead7L,0x000000000000018eL },
-      { 0x0ca3d650df704c4bL,0x3a11092f9e7fbd89L,0x94accaf17b93a0dfL,
-        0x5e2ee6fc7a3cfa2dL,0xfe64b185e29c1ab4L,0x450622cc0dd624bcL,
-        0x19b6dace885fe0efL,0xbca6ee1159121790L,0x0000000000000026L } },
-    /* 11 << 364 */
-    { { 0xc3561d8aba77ae3dL,0x9668544884e9a9faL,0xd02a219cfabb2bc7L,
-        0xf05419ff19500a0dL,0xddec1e04fd9db302L,0xe8163eed27bb75e8L,
-        0x167a448cf55bedacL,0x0674936fcf331bb5L,0x0000000000000112L },
-      { 0x6fdd6a8f05915d9eL,0xd10aba566bc230bcL,0x3d08b2be6495b1deL,
-        0x1a677d3e25d490f3L,0x5435cabfabbb4e9aL,0xb1b88fe09dd066faL,
-        0x4143d97f96ad240cL,0x84d22c1a8105c161L,0x00000000000000bbL } },
-    /* 12 << 364 */
-    { { 0x50c7c1f5570b56deL,0xc4ec2d0e45e64231L,0x30d743c79fc8812cL,
-        0xc156a390336a6837L,0xed05f8e2ab56ec07L,0x9f31cb93c6ea8f39L,
-        0xb4e6d426fe637c9eL,0xa2940274a1068079L,0x0000000000000131L },
-      { 0xe90e065d0de0a523L,0x6a732029e7aa66e1L,0x54d8e21335eff2d8L,
-        0x316c567a8c25f616L,0x4926a680d4d8b337L,0x5af43676371babccL,
-        0x3de2803eea35e392L,0x1a31dc8d2569c1f0L,0x000000000000015aL } },
-    /* 13 << 364 */
-    { { 0xe37816de9b725c0bL,0xcc2a89c9166bb8fdL,0x49ca0257d89fe85bL,
-        0x48fd498a9b83fce1L,0x6ba525640cf52c0eL,0x1123fbde28ef21ffL,
-        0x85f8991d4d0cdebaL,0xfe5797d8772b53b3L,0x000000000000007bL },
-      { 0x3fdf5c44dd6b4d3fL,0x5321b885e2dcd484L,0x69ce5c11dfb203b2L,
-        0xe9a482386f8935bbL,0x9fcd2c9c75cc99b6L,0x251ac714e76daec2L,
-        0x772611564802f1c5L,0xaf4e8d575d6e5d84L,0x0000000000000170L } },
-    /* 14 << 364 */
-    { { 0x7fc39bb869546059L,0x17a87451dc30034fL,0x66bd74dadc7c93a3L,
-        0xf511104bf8e0b2a5L,0xffc0b9cecf5112f7L,0x32da477959194a90L,
-        0x37f686a5fc465013L,0x4418ddc33c921bd0L,0x0000000000000074L },
-      { 0x60e891417cca9624L,0x924e88461d0c45a8L,0x63575d9e03f81752L,
-        0x39ffb99931b565cfL,0xd2f96beca087029bL,0xbf5c66a0dd1e6fd2L,
-        0x3a3bb584a7da0587L,0xeeac3f724fc63a28L,0x000000000000007cL } },
-    /* 15 << 364 */
-    { { 0xc06eb52d95408d0aL,0x617f37aae6cd02bdL,0x605c3d6c1493be3cL,
-        0x74f50aedf516ed28L,0xe57889af120f76faL,0xcad1cd04a4bbda56L,
-        0xfd346ecbfc158650L,0xaee419b5ae3c475aL,0x00000000000001faL },
-      { 0x53ab6494eba5c579L,0x89baeaa366501244L,0x76714c0a0e1dfcd7L,
-        0xc31b6ae005ce3982L,0x38742418192bfb7eL,0xb303fdc69fa107f8L,
-        0x50f6e46723401680L,0xed7828e6032db727L,0x00000000000001eaL } },
-    /* 16 << 364 */
-    { { 0x2a7e8ac175804da9L,0x0b41f6118d50bdc6L,0xcfa0a757d8fafb1cL,
-        0x75540d94d231a6b0L,0x524440fb0c4fe03dL,0xb8665fbfce9738ddL,
-        0xbb74f6a88f1bd64fL,0x063afa3cbb8d6c67L,0x0000000000000189L },
-      { 0x259b9da4a864385fL,0xdbafc55c17c2597bL,0xde890acb56bf5d23L,
-        0xe51182c0f8455b59L,0x75d51a03c456e1c7L,0x9c7929c6b318e747L,
-        0xaf23a7f139b3ed84L,0xee136a2b910f4ab2L,0x00000000000001acL } },
-    /* 17 << 364 */
-    { { 0x0d6618c6b5262bd0L,0xd008879e083e8d42L,0x46be04761e2a0f05L,
-        0x29355fcba5a5a5d0L,0xf2990303abcc3151L,0x2ce9c4275a2b71a9L,
-        0x1c9bd913b773a173L,0x64748c121fbefea8L,0x00000000000001f9L },
-      { 0x386d740f94f39cedL,0xa22fe8b4b4202079L,0x23754fe4118f988bL,
-        0x3678c0d6fc32136dL,0x5fc81b01feb30812L,0x948119e46b9c9859L,
-        0x5636de19370dac51L,0xf614eea049b1fab7L,0x00000000000000c5L } },
-    /* 18 << 364 */
-    { { 0xd019c1759fc99b40L,0xf967bba57f015d82L,0x3cb81a604805189dL,
-        0x964ad8c7a00da205L,0xc888c43a64539ab5L,0x431eeadc9e553bdcL,
-        0xfc5527a9fb748695L,0x208a7a8bd0016886L,0x0000000000000123L },
-      { 0x5094299ba7c932fbL,0xaad7933f74be1be9L,0xfbc80552444ba30fL,
-        0x4ab16553f035fcc6L,0x364f1240c3e85c28L,0xa682343c2bb08da1L,
-        0x87f463e18186f10eL,0xa693ff1c33925907L,0x000000000000019cL } },
-    /* 19 << 364 */
-    { { 0x09f6995a1c48a442L,0x247f21612a842352L,0x31ab8596522e8ba6L,
-        0x5a378b5cda550880L,0x3cd7546920a22f99L,0xcc2308ad2a1b6f3fL,
-        0x102b70a618c84da4L,0xd4fb60db44ee1f04L,0x0000000000000019L },
-      { 0x26f00eb8c1395620L,0xb74ce39019a12c39L,0xe4942801abec4e92L,
-        0x975d591b94361e1cL,0x2996b121f3a13003L,0xcf1d269e23c37980L,
-        0xe140df82c6996c73L,0x10e9b26e40c5047fL,0x0000000000000054L } },
-    /* 20 << 364 */
-    { { 0x7dde1d1d5efb05b4L,0x6b37ab24499b96d8L,0x9a11b06965ca03b0L,
-        0x26cab3b3efe4f8e6L,0x438ff1523fa08ec0L,0xefcf8f96378206fbL,
-        0xab9c72cb8483c3e7L,0x0870abe23c21f2eaL,0x0000000000000045L },
-      { 0x04b9b4a909d596d7L,0x45d7b711168e1715L,0x86f4b7024059f9e1L,
-        0x1e23920b80207075L,0x247d24b7e32dcffdL,0x7fd7ee339b29daecL,
-        0xae0501392e5b646aL,0xf15cc9311f0b3acbL,0x0000000000000047L } },
-    /* 21 << 364 */
-    { { 0xa7585ddfcda0c2adL,0x5cec5557fbb2fddaL,0x1548595a1e228a3fL,
-        0x002f9003085c420aL,0xb68b0ae22c655b80L,0x9a41ed4526ea4931L,
-        0xbbea439a2b93a6f8L,0x37e82cde83f487a5L,0x0000000000000036L },
-      { 0x44fb9f9aa4688d59L,0xf43ccad09af2f558L,0xcb0bd99c421900acL,
-        0x6b14194f74d5dd67L,0xa515fb0e19820676L,0xbe5d2afffd020877L,
-        0x7861af502826917dL,0xee0fe35be172b2d6L,0x000000000000011fL } },
-    /* 22 << 364 */
-    { { 0xaed4feadb6cf4a42L,0x6a1bf5325717bfe7L,0x276babf2e055049fL,
-        0xe01a9b211147d4abL,0x92e2937e4d68fe1dL,0x4c40460f2682f5d6L,
-        0x7921148cbeebb6b0L,0x0f17c058d8a93c95L,0x00000000000001f4L },
-      { 0x97b9609deaf84a2cL,0xc723aedd1812bc14L,0xa884415778c0b6d2L,
-        0x5b68fd87c8fedc3bL,0x8109a51e6bec8a71L,0x476483e4a764bda7L,
-        0x7a997c16a7945df5L,0xccbfe8d8ad8f125cL,0x000000000000019eL } },
-    /* 23 << 364 */
-    { { 0x3d7957be4e45dc3fL,0xb06a358bc65dd97cL,0x63040ec31388da6aL,
-        0xe9adbf2a28e9515bL,0xfc0edda0f7900882L,0x4e1b100bb6465e9dL,
-        0x331d94772276c413L,0x95d57b9c2e8f8278L,0x00000000000001a9L },
-      { 0x163d561ce4c6e97bL,0x911f98435b29a4caL,0x1577698cc6de446cL,
-        0x48e6b4f38767f7e4L,0x126e23c51ea0038cL,0x8d52323e03c2a5f7L,
-        0x56e33850a0a2f55eL,0x5eb93209ba225457L,0x0000000000000124L } },
-    /* 24 << 364 */
-    { { 0xd797e61ad1ac73e4L,0x8b484aed7b9eb978L,0xc447ce99d1eb07a8L,
-        0xd899e82580667c06L,0xda95128239aa8ed6L,0x822cd6da7f6791f4L,
-        0x50600320ded12afcL,0x8934ec503214d5abL,0x00000000000001aeL },
-      { 0xf517b1b73737e867L,0x0ceae5828cf888ddL,0x450dce832afa92f0L,
-        0xc5fd288ac704f4d1L,0x5743e5b0f2c5c86aL,0x81bf9379d3c76ab6L,
-        0xbab459db9789efd6L,0x1d34125a28e098dbL,0x00000000000001eaL } },
-    /* 25 << 364 */
-    { { 0xe068ffa804c78d4bL,0x9d83b38317fe7e23L,0xa43422d05ffbd663L,
-        0x784837bf1788e709L,0x6a19ae5ea3723448L,0xbe6915ec36bb4307L,
-        0xe34cdcaaa29d7e4bL,0x7f3a28c031be1af7L,0x0000000000000062L },
-      { 0x3c476ec90af51a99L,0x8cd5d84f4b33e5d1L,0x4a257f60e9cd7f91L,
-        0xf6ce609ca61dd30dL,0x972ada9af1fc10e3L,0xf3e400881bbab939L,
-        0x886722f3585887a6L,0x0cb7cdecebaf6fa6L,0x0000000000000104L } },
-    /* 26 << 364 */
-    { { 0xd7d4d4e717431ee1L,0x8625a46a4dd90921L,0xf9c316c0dcecbca8L,
-        0xdbce57c02b95909eL,0xe97ae5d403ab6816L,0xab298218fd75225fL,
-        0x3434b7146592f521L,0xe5971064d7eb9710L,0x00000000000000eaL },
-      { 0xe1455ae54bfe5904L,0x15c778976d8f481fL,0xb400810f008ce4c8L,
-        0x779d772955e45c01L,0x8db56fb1e7d37e5dL,0x16686881921b330cL,
-        0xe1bce71f3b2e17a1L,0x07149446c5c3c7a3L,0x00000000000001cbL } },
-    /* 27 << 364 */
-    { { 0x3257b5c4f07663a5L,0x929494c319ff6597L,0x15af82a9765f4edbL,
-        0x483993cb5143381fL,0x6943fcf0b09287fdL,0x2fbb3117c67415b8L,
-        0xd7034c07b7c892f1L,0xf10b0db718d9a7a5L,0x0000000000000120L },
-      { 0x76c9338468458d05L,0xdf2208aca2a5d536L,0xb5a419630a99477bL,
-        0x51567562348c976eL,0xc695998909c4dcd4L,0xbbb28a3706af3fa4L,
-        0x15191540091300dfL,0xad333a273f1804fcL,0x0000000000000065L } },
-    /* 28 << 364 */
-    { { 0x5de5079168e68512L,0x6eaf85bc7be5bbdbL,0x308bfd92de4b2460L,
-        0x616a1141a7e52011L,0x9112ea97ef642831L,0x43149479aceeb127L,
-        0xf1b98d034c36c7daL,0x8eb9ffb8b493cbf4L,0x00000000000000c4L },
-      { 0x146df8d848853921L,0xf179eb875b1d03c8L,0x1a59f02db362eec2L,
-        0xe83b9f80c763c091L,0x17683a39794f86afL,0x6cd845d8f501ac40L,
-        0x873e5f099dff69acL,0x3442ded6af6124ccL,0x000000000000013aL } },
-    /* 29 << 364 */
-    { { 0xc5590498d555d898L,0xc3d1e58af00e8206L,0x499ebd23f5f2de8eL,
-        0x396cf1ae7ee84857L,0x14f61adf09b5553cL,0x8e6b51ddbf0b1843L,
-        0xc49674c2948f473bL,0x95aebd3a86d2ba2aL,0x0000000000000036L },
-      { 0xb804d00b393f0237L,0x0bb1751cabab5c21L,0x1413fa32a74a192bL,
-        0xbbb543ce65016834L,0x2d8a08b90125f257L,0x3663a514bf052c53L,
-        0xc69d8e20946815fbL,0xbfb6a7656272ee32L,0x000000000000003bL } },
-    /* 30 << 364 */
-    { { 0xaea6f72ff310550dL,0xf9e9ffc76380fb54L,0x074b3feda3542522L,
-        0x7af0bce77943f24dL,0xdbd33292ce11b0c2L,0x2e4f83e8bffe48cdL,
-        0x32a133ee388ae49dL,0x1b3521eab2f1f673L,0x000000000000007cL },
-      { 0xc4ae5fe493f8a0c0L,0xfaf94f2b69efd7b6L,0xc5838b693296409dL,
-        0x98330b32525a280eL,0x174ff22814c11c9aL,0xc8e5b0912047f8feL,
-        0x15d70d58072b06efL,0x8dcfcc607c7eed95L,0x0000000000000088L } },
-    /* 31 << 364 */
-    { { 0x00d6f3b0bc8bc4c1L,0x369b84bf4048d8deL,0x0faa2409e1ade43bL,
-        0x0fdb76c28c01adbeL,0xdccfe4b7706c272cL,0x4407382cb8f26255L,
-        0x07a11518539912a8L,0x1dca7e6519fca10aL,0x0000000000000091L },
-      { 0xd012c49634100b1fL,0xbbf05b6d90c5a9c3L,0x574bec951ae000d1L,
-        0x0006bcb031af3f21L,0x4efcfd1c01b77496L,0x0d7de152d781ba22L,
-        0x404117375fc20376L,0x4b1ef6553da0d8d5L,0x0000000000000146L } },
-    /* 32 << 364 */
-    { { 0x6e1b7d0b35e16743L,0xcad975b354d72c65L,0x78f7434a453b8906L,
-        0x8d140cae9690fa05L,0x6c8e152a31fe6bffL,0x1721155e418e415aL,
-        0x73b115dc77693d9fL,0x1274ea409bbecdf1L,0x0000000000000134L },
-      { 0x5953c5fef3354b80L,0x1e60a291bcda146aL,0x1e20c5c571ebe5d6L,
-        0x0bd949bfce4dfd53L,0xe489a64483280185L,0x819082883743f2a4L,
-        0x6126ed3581ec227dL,0xa4aab2907ff6cfefL,0x000000000000012bL } },
-    /* 33 << 364 */
-    { { 0xfb1b1a6cf4b320c7L,0x8cdac3fdb49695b3L,0x7c408a7acaba7e3dL,
-        0xdebef05ebf18e5f5L,0x806100c4ea74f06dL,0x3a0632a981be0875L,
-        0x16729db36099042fL,0xda8ade1d095c77f4L,0x0000000000000115L },
-      { 0x44e85000f9515d7dL,0x5ebfe250cb748746L,0x09543f257df28b44L,
-        0xc39738d79bb0b64eL,0x75a2ff624e839850L,0x690b6ea356b25b71L,
-        0x6e23e1ff783dca86L,0xcb504c26dfe0ea77L,0x00000000000001a9L } },
-    /* 34 << 364 */
-    { { 0x08c2ce64b4d5547bL,0xeb6567bb7570811bL,0xd2d7337a3e351a31L,
-        0xef2e55f1e1dcb4d2L,0x87a1f20bbd45eadbL,0xb378609624c1cffeL,
-        0x4aee03b50bf03514L,0x56417387fd881168L,0x00000000000000bfL },
-      { 0x8d047d51fca2895cL,0x82ae96e1da4c8e44L,0x95a9a423cfd2216bL,
-        0x448c829927592c95L,0xf825d63f8fc79200L,0x074291671bf6baabL,
-        0x0ff441a2842248bbL,0x20f55cb3f2c6bed7L,0x00000000000000a4L } },
-    /* 35 << 364 */
-    { { 0xd0dcc4d999045a60L,0xb160c98a07cee1b6L,0xbe8cff874c5b2888L,
-        0x70d351c7798a555dL,0xad3b4ed6fe119e8dL,0x9757616c9c6c31f4L,
-        0xc52176c7462106d7L,0x77fddc8df2ad67afL,0x0000000000000131L },
-      { 0xcf84d1f92610cdb3L,0xbb418eb03591c4f0L,0x0b494ecbde10bf20L,
-        0x70bf152917d05487L,0x566b9d733ea9d353L,0x93597d749bccb340L,
-        0x803844ce3462181cL,0x1786dd011a14d060L,0x00000000000000fdL } },
-    /* 36 << 364 */
-    { { 0x9c89e7cd382cccb9L,0xe53e72d7ad6eeff4L,0xa3f5e6442aa88cbaL,
-        0xb469c241d0a71546L,0x42273290f1c278adL,0x28a6cc29c0ea960bL,
-        0xe580ae1c9ff3b57bL,0x1bc9463b7b46d573L,0x00000000000000a9L },
-      { 0x810616e386692079L,0x486d7875765a87f7L,0x85a742aae0ea3788L,
-        0xd2c1955ea491b157L,0x1258547a517fc3a4L,0x69856b22b73f61a8L,
-        0x5dc2140349f00472L,0xafd5b26dde8c4751L,0x00000000000000ffL } },
-    /* 37 << 364 */
-    { { 0xaebc5a8a3c902e8aL,0x0039907bb2ff532eL,0x6bdf54a1854fbcc5L,
-        0x47e47af3bee412e3L,0x2366a7967b1e5aaeL,0xb2727457a8752568L,
-        0x2a5bb5b73e2d49c4L,0x43fd4aba846e36b9L,0x00000000000000dfL },
-      { 0x07fd53c858bf3f4aL,0xf5d34130b3725916L,0x75ffa232665c44d7L,
-        0xb016eb7dbc13d752L,0xfafa7dfaf6e37ef0L,0xdaa24625b805e1adL,
-        0xb197266153688d53L,0x1641661f16cb34abL,0x0000000000000027L } },
-    /* 38 << 364 */
-    { { 0x298160581c03281aL,0x75d01a189bd0684dL,0xb81bb844686e7da9L,
-        0xd71a3c0bc40baf8aL,0xa4b3a9cedf1cf9aeL,0xf3bea4bbb31c2e29L,
-        0xbf969b09628d5818L,0xbb1228938a88b8b0L,0x00000000000001a4L },
-      { 0x1a053aeaf0bdd2abL,0x3f1e00a781b5cb4fL,0xbf606681ee3eed67L,
-        0x30882b9db7a8958cL,0x4c4ba93ff0f63b80L,0xc55305cfe4dd1958L,
-        0xc7980ec98839886dL,0xd0baf2020b84f8c9L,0x00000000000000c6L } },
-    /* 39 << 364 */
-    { { 0xc169b72d1a9696d0L,0x79d5eab70f71a373L,0x78392dc783d9401bL,
-        0x27d3106e64b017d5L,0x2ce058abee26b0c0L,0xf22292a464858df3L,
-        0x77df2276a825f6edL,0xf5c2e794c745605cL,0x00000000000001d8L },
-      { 0x5842cad01e3262dfL,0x46c2d6695f54d3ddL,0x62f0553f0317e888L,
-        0xbbd1443d6a562002L,0xadb380e016279319L,0x1748e13513a945d9L,
-        0xd2681a0e43efa572L,0x38243ccf1668bf58L,0x00000000000001dfL } },
-    /* 40 << 364 */
-    { { 0x58b0739464e7b370L,0x20ef7659a93df058L,0x7ac8f45caa81fd2fL,
-        0x90c96baf8a23f6faL,0xe9598d129d6246a6L,0x75d74776229c6106L,
-        0xc6d98ba922f9ac4eL,0xf8792c97aab500aaL,0x000000000000012fL },
-      { 0x3264168025617adaL,0xd86e42c0a6be76d4L,0xd5b8928f0df9cdabL,
-        0xedf03a9f72787fbeL,0x257c8c9ab5556315L,0x97848014e655dc92L,
-        0x06634000b2992b0cL,0xe138f022e211ecceL,0x00000000000000d5L } },
-    /* 41 << 364 */
-    { { 0x1cf9d9c562b826efL,0xde0751a348e1c189L,0x733c861c6c5c6359L,
-        0xa75beab65162e6f7L,0xd84ce05b9aa1c7e5L,0xb69b230c41121218L,
-        0xc120a79fc1206f23L,0xcdf5ec7b4bb91988L,0x00000000000000ceL },
-      { 0xaf493f97a913ee89L,0x19e21de5ac7f1f20L,0x7f0754187bdd0e2dL,
-        0x439565b4bbab0c3dL,0x84fabbfddaab4827L,0xd5a718839b957b40L,
-        0x65dd01abff3ed391L,0xe83562f3a0eb441aL,0x000000000000002aL } },
-    /* 42 << 364 */
-    { { 0xf532d6f892fc2c85L,0x1a97475f9caf0c74L,0x44916ac4803e9c82L,
-        0x80f014aac9945b50L,0x9ebcba5a4b8a8324L,0x9637f84bbfc2d0abL,
-        0x1d7908a96150d329L,0x389543cd86b92024L,0x0000000000000035L },
-      { 0xfa7fca4ff8d0e456L,0x248bb158f3de61a4L,0x1df7b5ebd5327ee7L,
-        0x374c2f0c2af8ad25L,0x51f3a8052aa22e38L,0x373e647638aa0576L,
-        0x2dd8f6d1b9f97a4cL,0x6ee1f4bee073724bL,0x00000000000001bfL } },
-    /* 43 << 364 */
-    { { 0xab26101395d029a2L,0x9f45cf6c13c9832cL,0x1e2e6b3ac91c3af1L,
-        0x91dabc8d3d494d57L,0x038545e9d43ae977L,0x5ead75a54db2d953L,
-        0x5efdfcc5311df140L,0xee39830768154467L,0x000000000000013bL },
-      { 0xb485d389e6691cbfL,0x1c58b2e497046a1dL,0xb29aaf67b741e05eL,
-        0x6874c8a5612c46d4L,0x52630bffc1e99d9cL,0xe43b1e7b0eab9a81L,
-        0x9478a8cba64b601cL,0xa70734a2196fee1bL,0x0000000000000002L } },
-    /* 44 << 364 */
-    { { 0x3587f767bfa255dfL,0xfc983ef16af83cb0L,0x5659537ddb44c3f9L,
-        0x12c8477b4f59440cL,0x3e19703bd25c5fb5L,0x4cb6e3973476d63cL,
-        0xe96e9d7e04a21d13L,0x02e48301348ff11dL,0x000000000000015bL },
-      { 0x2940b770d2f12b6fL,0xcd619390a18a0f70L,0xcdd831ab0615603bL,
-        0x0e20657a0b4b54a5L,0x8a8ff290eb63b419L,0x6e48d4c674903abdL,
-        0x8478c94ff92d7568L,0x626c5a4784711d96L,0x00000000000001ccL } },
-    /* 45 << 364 */
-    { { 0xaa734cc4102a3487L,0x3ebd19d83a09e6d1L,0x7a5e991c510cc7d8L,
-        0xce45833c76adfd7dL,0x77c3dcda166b0b39L,0x5ba724c159d056b3L,
-        0x6b925b8a841ece2eL,0x568a6bf7a7f90edfL,0x0000000000000139L },
-      { 0xd0b1c8c1322539a4L,0x1e34c638530b052aL,0x6905b2added5b43cL,
-        0xe7b28e65808ea0b7L,0xaa066ef38d84deddL,0xdbd9101db7d82120L,
-        0x9ab79b41f1b84018L,0xf4772c849e4ca179L,0x00000000000000cdL } },
-    /* 46 << 364 */
-    { { 0x38bc3f9dadeda939L,0xa31d9bba85bb4ee6L,0xced24b2e359d0796L,
-        0x50df5f0d6683d656L,0x976d878c99e37319L,0x6c283c459b607d4dL,
-        0x8ed89d1d9ce07db7L,0xbe380a9c0bb04d85L,0x0000000000000198L },
-      { 0x32a3bf77e788dc40L,0x7efa9172473ae393L,0x405f0a92035ff1faL,
-        0x92e3f9ce4bc2d463L,0x925514e40a2021f6L,0xcd3b486a24f17a36L,
-        0xb3d53d04f3613476L,0x71c3f97fe77820f5L,0x00000000000001fcL } },
-    /* 47 << 364 */
-    { { 0x852f1fbcfb7f52b7L,0xb0cc00e8a5216d54L,0x8672df32b5963f15L,
-        0x762e9282a02e8cb0L,0x4d7014de28e19483L,0x00d4fe7499924b2eL,
-        0x3774ec31f8b18141L,0x0420a9c17157790dL,0x000000000000007cL },
-      { 0x911b65954e573db3L,0x32acdb9fa20c4d41L,0x711a9ec71305a54eL,
-        0x9c3d65a366d148ffL,0x625f52948fe247d7L,0xfab2043c4670bf1aL,
-        0x12582823a07de38eL,0xafb1eded5b959f06L,0x0000000000000129L } },
-    /* 48 << 364 */
-    { { 0x5d8c23c4ef873f3eL,0x2a29d680ce7bae33L,0x5109e098bc00fc8eL,
-        0x9bf92efc3cfad961L,0x272dfa3362036bcfL,0x5abb516cc2b13688L,
-        0xbfad4cccddcb08abL,0x05945b934f260709L,0x0000000000000043L },
-      { 0x67fe093b08a5f87fL,0x5f8e248a6c6fe1b1L,0xf54f710ba3b887a2L,
-        0x12e1b68790f7e972L,0x7002bd70429cd6c6L,0x0f010d4ae896b58bL,
-        0x44fb054b1a7f5713L,0xb9f3026865508714L,0x0000000000000173L } },
-    /* 49 << 364 */
-    { { 0x65483a1ab5c1fbc2L,0xa155ccbd53bb27d9L,0x9094f0ed3d5359f1L,
-        0x362abba1d9f40d89L,0x8d7bc1e7fa134421L,0x636633a976bdfe89L,
-        0xc6ef5d639c5869b1L,0x8e7ba642480bb0a0L,0x000000000000000fL },
-      { 0x88d645e1d0feed4dL,0xeb4adfa1c20d0d63L,0xe2209996fb1b2e2fL,
-        0x87d28ed192f8ce53L,0xed470981ceaa7a0dL,0x85aa8a0d90cf06b6L,
-        0xc60e34c958714ef8L,0xc8981d2c3809d2b1L,0x000000000000012bL } },
-    /* 50 << 364 */
-    { { 0x72fc8211bef81f27L,0x537a557025bf42deL,0xcf4897acb921c86dL,
-        0x5c8699ef53e61dbeL,0x8035b6a21224893dL,0x2898a3da7493e0eaL,
-        0x513c67d938bb7c30L,0x061bd9489096e40aL,0x0000000000000045L },
-      { 0x6dfd6e4f28d8262cL,0xa5e899779626f8faL,0x96ad23672ccf3544L,
-        0x942edf03854002f4L,0xbb5cc34da9661773L,0xb80cf020b8d08e21L,
-        0xaf4b59e6c43a0450L,0x808e168e090b9341L,0x00000000000001ffL } },
-    /* 51 << 364 */
-    { { 0xa21298f924d00a8fL,0x72bfd3d362d44b6cL,0xca5b5295b39fb777L,
-        0x5825f273d6c47ffdL,0xff94e450245eb6afL,0x6bc3a25b526f6540L,
-        0x7e2ab869326c3a3aL,0xfe19c44598793894L,0x0000000000000048L },
-      { 0x458eaf5d312c9130L,0x799818f21bc835f0L,0x9a0379fca84cf15fL,
-        0xe1e881b333eb47eaL,0xe8f388c96c148464L,0xdfd0331bf918dd3cL,
-        0x0fe9948d37c326bdL,0xa2e594354fdeacd5L,0x00000000000000b3L } },
-    /* 52 << 364 */
-    { { 0x167a44a4f48d1a6fL,0x17bd533c0674b096L,0x608ef0ff851af68aL,
-        0x853711b006c5a744L,0xe673db4b76e6aafeL,0xa818d41e84bb4967L,
-        0xce0648d4874cd99bL,0xe54897de3fd7bffcL,0x0000000000000121L },
-      { 0x4459a34f07254e0dL,0x134eba30898bf5e9L,0x7ee5ba719c1abf50L,
-        0x66a612de34bf7003L,0x78acbb6315d9f945L,0xb6d28e14bdb7f451L,
-        0x689d24f8b95c7028L,0x6483c9b4ebadf135L,0x000000000000004fL } },
-    /* 53 << 364 */
-    { { 0x822f612e68d5a09eL,0xacb6e113a31bd8cfL,0x2c3ad4eae8d17d74L,
-        0xab51cf8edfaf7e2eL,0x449183963772dca1L,0x62a617efa96de321L,
-        0xf09187352e20c698L,0x6e7a487e6bb591eeL,0x00000000000000deL },
-      { 0x1d33a89b7db906a1L,0x4091e01471dc64dfL,0x0540b534a58cc14dL,
-        0x849222c707396a5bL,0x58aef7eb775ea99bL,0xce7c63f65f302c6cL,
-        0x7a1e02cd1b867273L,0xebc4857b3743b723L,0x000000000000017dL } },
-    /* 54 << 364 */
-    { { 0x0671c7e112ca894dL,0x6b0a2c88c57f111aL,0xca88bfaf1721a2c3L,
-        0x61cb31da9a514c04L,0x4514bd8599b99880L,0xa9f46871a2059f8bL,
-        0xec4e6edad93af5b5L,0x1cec9d601d560d16L,0x000000000000017dL },
-      { 0x6257f235a79d25f3L,0xb1979a667f90a7a1L,0xb38545ac0679b79dL,
-        0x0703d6507dbe20d3L,0x5b88e91e64a68386L,0x7a5629c6c91e584aL,
-        0x0915e551ff339016L,0xf8a9e56d23a0500cL,0x00000000000001a8L } },
-    /* 55 << 364 */
-    { { 0xee27859c0521098aL,0x970c4051d872b16eL,0xad0ecde9c3c5bbf1L,
-        0x019f0c2c4b149f15L,0x9a5a4e5503a6d0d6L,0xa52621d2895c64f2L,
-        0x707aa7e689956400L,0xbd0e5a053795410bL,0x0000000000000181L },
-      { 0xdc51bda6b2a3e2a5L,0xde72d588cfe02f6fL,0xb18b4bec1be05194L,
-        0x68f8b786d6037923L,0xa494a1c4415279c0L,0x0e51e168a5aebb47L,
-        0xe79a88f04a96a716L,0x1feb112e1d788449L,0x0000000000000186L } },
-    /* 56 << 364 */
-    { { 0x281825f0af90c0edL,0x508b8ef58b11c46cL,0x3cb0e5a0ff67b87cL,
-        0xee6365c9a50bdce9L,0x3f933c55f589fb98L,0xf7950a283567064cL,
-        0x21e677926924a0ffL,0x6d5be0aa7eaceff1L,0x000000000000005aL },
-      { 0xa914263d816da5c1L,0xf5a6429d6a464081L,0xea57f436d831fafeL,
-        0x23641c3901b9ece7L,0x661d8811e2403f65L,0x023481f7816a7a7bL,
-        0xe93d5b84dc13eaf9L,0xacb875252dee995fL,0x0000000000000011L } },
-    /* 57 << 364 */
-    { { 0x7bac8a1f71752fe1L,0xb6ee08d1ef8dbcc6L,0x3fdf644ebb0a75a5L,
-        0x51e3c1eea521e7afL,0x920792c578e167dfL,0xbab8522244800674L,
-        0x02e31bbf3cb5b8f9L,0xf0bc9665b24b43c1L,0x00000000000001b8L },
-      { 0xc3b8ebc338cf85bfL,0xb1c104d25af1dd95L,0x2bdfd6dcda6cbd8bL,
-        0xe6ac454268e06800L,0x468c05305cbf5287L,0x65a8a23cdc2a274cL,
-        0xe44faf739e3692d8L,0x88b9600a9770e1f0L,0x00000000000000b9L } },
-    /* 58 << 364 */
-    { { 0x78186f42d20e93e5L,0xf882de3b52cb40b5L,0xe02c79387365549cL,
-        0xbc1fff4ede0f24f6L,0x4716829f33e8fb70L,0x487999c200e2d58cL,
-        0xd32e04f967046452L,0x5c6c7d0f139cd04fL,0x00000000000001a0L },
-      { 0xf5210c69ac33a880L,0xd32472219054b79bL,0x399bf1bfb9b9b279L,
-        0xb145a7345fa2a328L,0x70cb655f6a7cb853L,0xbb5c9d5edb9862fbL,
-        0x239fe8d6762ffc06L,0x912d2a518fed6745L,0x0000000000000084L } },
-    /* 59 << 364 */
-    { { 0xcb67ef37ff6c372bL,0xe9425af5c428b56fL,0x7854e7f36ff3a356L,
-        0x5965c0105029b282L,0x493d32f7fc87cae6L,0xc7ad7ff9dfc472e3L,
-        0xcd9ab378d8bf71a9L,0xc49c4707acec3621L,0x000000000000005dL },
-      { 0xe4c80149cf6db5aaL,0x52602b84909b1173L,0x36ce666e6714c0c4L,
-        0xc72ae2b5f3bdddb5L,0xbb0d0ceb584464efL,0x78bd6e2e92cdc8abL,
-        0x77107721019f02edL,0x7dbc999bec0397b9L,0x00000000000001d5L } },
-    /* 60 << 364 */
-    { { 0xf252109992d52590L,0x30ed7b6d4f408844L,0x4955bd8bbba75995L,
-        0xd37937658cb5aec0L,0x1261cf5df69bde61L,0xce174a491155e67cL,
-        0x7a1dcb85672e120eL,0x01af5025a31f4618L,0x0000000000000194L },
-      { 0x5d88154d535c4264L,0xcf3544f8262baf6cL,0xcb20720cd283226eL,
-        0xbaac302321f39572L,0xfe4b16de5314be46L,0xfd21b184e3413cb6L,
-        0xd03c87359ac85ca5L,0x0ca26710bafa0f60L,0x0000000000000084L } },
-    /* 61 << 364 */
-    { { 0x502241e716f77078L,0x6bfa20aab341ccc0L,0xf1778314d15149d2L,
-        0x7bcaa76057a09879L,0xdf92e0fc69388438L,0x203a14ae7744871dL,
-        0xe7327d6a7937eee8L,0xa319cc7ba9d12fdcL,0x0000000000000126L },
-      { 0x909ce004523922bcL,0xd1da8fd14423b041L,0x7166e840ec1fd1fdL,
-        0x7c04a7938d916182L,0xafa25c31611e6ef9L,0xaecab8083296fcdcL,
-        0x5483703b06078065L,0xd008cd2df0c882a0L,0x00000000000000f1L } },
-    /* 62 << 364 */
-    { { 0x0e7d946f1dfa75e8L,0xb1e329eb0eb8e7cbL,0xe1df4442ba80dccfL,
-        0xb3a29cdfc142cb7aL,0x3712a3cb0e5e7f49L,0x7037fc67a1f9236aL,
-        0xf049ac787833129eL,0x638fe65adac94ad0L,0x00000000000001a9L },
-      { 0xec8ac9e743be67eaL,0x84d8f6db517473c1L,0xad9de5dbc4ec6612L,
-        0x2f7ebb78e15058b4L,0x129353c9adf4076bL,0x7dab2a69d2683ad0L,
-        0xff049895a4228a12L,0xd0348267bb32f462L,0x0000000000000067L } },
-    /* 63 << 364 */
-    { { 0x2e0d4e523c99d98bL,0x2ef5e71343e2da00L,0xc0c2309974663959L,
-        0xc9df3fc467c2cd19L,0x5da2f192ba2721c8L,0x8702415febb5f418L,
-        0x4db2fd402eec0530L,0x2295bd8643c2146aL,0x0000000000000174L },
-      { 0xe7a701ddd762e18eL,0xca06d33a84fe83ebL,0x168dafbfc46cc2ebL,
-        0x398e74542544fc12L,0x4bce2b7d0e00ca94L,0x2488fa21756ef9e6L,
-        0x8e5b79ce4e3f6937L,0xbf90406a0a5d699aL,0x00000000000000a0L } },
-    /* 64 << 364 */
-    { { 0xd414309fa567339cL,0x4ee5c7a8dff5fbcaL,0x33d8e6c3064cc887L,
-        0x15992eb4ca553cbdL,0x3d733bb4459da20dL,0x98c2de2ea682b305L,
-        0x68c13bed5602ed92L,0x639b79f1c3bf7b46L,0x00000000000000b5L },
-      { 0x93de5e06289407e1L,0xa8f2b4e1b05a27beL,0x9d07927a9f5a6be0L,
-        0x9a5d02e2f1b97f94L,0x320db20df2dabbb9L,0x991313330c14980bL,
-        0x44845e16f888e761L,0x1baeb18063a5538fL,0x0000000000000196L } },
-    /* 0 << 371 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 371 */
-    { { 0x55417ffa525abf32L,0x1ff40e1678067dfcL,0x431a0ae12795ea6aL,
-        0xc3de691cef54c597L,0x60a0c51b95f9d2bbL,0x30840ca982772f1aL,
-        0xddaf460496eb0344L,0x03a9f6f48615d783L,0x0000000000000035L },
-      { 0x74598cb233edcfa4L,0xbb866bc9de9dccdeL,0x0c4831162a673bb2L,
-        0x3eddd388fee306a7L,0x8785a002c80eb5b9L,0xe2bd81f71937371fL,
-        0x501648595684a105L,0xf0f3fdde1f26e0dbL,0x0000000000000119L } },
-    /* 2 << 371 */
-    { { 0xa8c68b9d76bcd267L,0x95f78ca896362c64L,0xbb8302f303603f09L,
-        0xf15b0d54272622b9L,0x4cebfcd197692826L,0x4d29d2b119c758fcL,
-        0x4703bb56e11ac4feL,0x7152abd536b53bdbL,0x0000000000000060L },
-      { 0x68ac983427bede63L,0xd5c6c405e54a999bL,0x3d763e32231e8eb0L,
-        0xe36ca2ff47c7edb7L,0xd9f185058d2b6016L,0x4e576eb060d55105L,
-        0xe3e9f24976e3f591L,0xd5bf8f0083ea6a2cL,0x0000000000000157L } },
-    /* 3 << 371 */
-    { { 0x19167b042f78b31dL,0x0bc39ff3ee7cf690L,0x1ba8b94e84229ddbL,
-        0x3246debb20f057feL,0x48ca85514add6cc9L,0x8b7f118143ae3103L,
-        0xb668a2b5a6c8bb6cL,0xb64cc5c6b9096bb4L,0x00000000000000dbL },
-      { 0x9c55192350f09302L,0x9d4b2f64b0cd8facL,0x5082aef750c652ffL,
-        0x8bcd4095cf098fe1L,0xa0548bd149d1d0daL,0x88bb345714f1bd75L,
-        0xc0d5ee3412d51f96L,0xbf0bc99b3428d838L,0x00000000000001dfL } },
-    /* 4 << 371 */
-    { { 0x43164d3a02079397L,0x2a3fd379490d948fL,0x79ad8714635e0c5aL,
-        0x5ba9289871b5cf85L,0x1babc5a1956bead4L,0x5408a355ff6d701dL,
-        0xd924d7a369570fe3L,0x60d41a46831755afL,0x000000000000000cL },
-      { 0x7ccfe1a4ec2f26c2L,0x549a32be85ebc29bL,0xe183ff35d46e8b7bL,
-        0x0e8dfc66d421604eL,0x1ab4332cb30ddee6L,0xad4b6b316c35cea0L,
-        0x1d9c4df7856f9258L,0x65882c90850f81e4L,0x0000000000000052L } },
-    /* 5 << 371 */
-    { { 0x55a5a6ccdddca192L,0xb38bb7287b3e7f50L,0x7b9a20026c38d9d2L,
-        0x1d2b51021b932082L,0x999e6e2237f9c375L,0x4479906f28599828L,
-        0xf2f530c4a190dd77L,0xedf7a92bd90a48c8L,0x00000000000000a7L },
-      { 0x1f671a64995e4d4cL,0x600bfd00452d4641L,0xba5ff839569ac924L,
-        0x0b7be6fdbe11e6a8L,0xd6254f776167c3fbL,0x9ca2fb561db1833fL,
-        0xeaf23c8a2f38a1d6L,0x5ae79637580328b8L,0x000000000000007fL } },
-    /* 6 << 371 */
-    { { 0x14b97da09278f093L,0x77b62eb2aaf50774L,0xc94c47e5595788ebL,
-        0x3f6fbf17e78a7acbL,0x8beaed91d648cdaeL,0x1402478db0281eeaL,
-        0x06f48d3e057a9cc4L,0x9a75cb7b56f972cfL,0x000000000000001fL },
-      { 0x74749b84a7049117L,0xee6187df275efa96L,0xc8a4dd7fa7daefb7L,
-        0xc2a5680ff26b4deeL,0xe64ae23802c8ed96L,0x55d8e7bdc75ab457L,
-        0xc29f93f613daad11L,0x7e485b3f10ef96b4L,0x000000000000001cL } },
-    /* 7 << 371 */
-    { { 0x1c9e957789aec483L,0xba5e770a1bf4467fL,0xd7526f872451b462L,
-        0x75016fd27032ba28L,0x2dabd34d28d9400bL,0x061fcf0b059924b3L,
-        0x7b10c93f7ffabc41L,0x0036de6be31e7493L,0x0000000000000138L },
-      { 0xbc1e36684cf1f0a5L,0x7ee63407d00afe1fL,0x6cbde6d008365960L,
-        0x547354bc69072183L,0x6034bec0b1ac8702L,0x87fd85e523bfc10aL,
-        0x4324629f3e70e47eL,0x297e13f8b293881dL,0x00000000000000a7L } },
-    /* 8 << 371 */
-    { { 0x27cdf0121f91a935L,0xa3a2d0ab9b1da866L,0x62bc6ad520c6250cL,
-        0xe637b6b235233aaaL,0x3921e6a2e5109b06L,0xa24b99c558d73641L,
-        0x33073b25d3bd99f7L,0x60fad5fec0498cfaL,0x000000000000014aL },
-      { 0xb187185263080bdaL,0x8270739112d3fcf0L,0x770b113c7b3cd673L,
-        0x2cf6e741ca843432L,0x77c74d8dd75af1c0L,0x979e1fd4a0c24279L,
-        0xbf05a641f335ef51L,0xd7ec205d26b269b7L,0x00000000000001e0L } },
-    /* 9 << 371 */
-    { { 0x4a39cd1170a3f57bL,0xf7fad21a6293478bL,0x764c268bcdefc0feL,
-        0xa00708591e0f3357L,0xede58f82eb1922d0L,0x892fff77f01c6ff9L,
-        0x7560da0994b99265L,0xfa2a8b7655cd790dL,0x00000000000001a0L },
-      { 0x654458aebe04cab0L,0x54ae24c556d74126L,0x57a824ee98adf4c2L,
-        0x40bad2871153f8faL,0x6ccafa8041c1dcfbL,0x04ca0dec0f0d346fL,
-        0x823065b4b8909c28L,0xa2e9d0ed691fc92bL,0x0000000000000108L } },
-    /* 10 << 371 */
-    { { 0x12df8924cdf52775L,0xd89749666e3bc06fL,0x7f3310ce3e68cf93L,
-        0x0a012c7f97117fe2L,0x65288f5ba16adbb8L,0xb1e26bb892bc7054L,
-        0xa6833ac98a63d1c7L,0x5f3b945a5de7f156L,0x0000000000000176L },
-      { 0xeb8958990dd3a366L,0xef27b635958aa6f3L,0x8ef1df5f1dabec19L,
-        0x871fec8b0f53bdd9L,0xfbb413be9efe0c6aL,0x06e372b6aa16add4L,
-        0xdd08c66fa945e423L,0x66c1b806f3b12febL,0x0000000000000166L } },
-    /* 11 << 371 */
-    { { 0x933b1a154bc2cb58L,0xac8e7a848ef1d6b4L,0x70260e4618701778L,
-        0x57de74846479f950L,0x978936a560f27f7aL,0x4e7bb94ff6be0506L,
-        0x1457516e3fb3ea20L,0x0441479c4f869273L,0x000000000000017fL },
-      { 0x685fe4c987220437L,0xfa0bfbb2e943a125L,0x6fa0b3ed370ece4aL,
-        0x93c118d6dfd5cc92L,0x6030a716ddc2f6a4L,0x0a8ac606b43868e2L,
-        0x297b0af0c5884f2bL,0xd1a4017575bdb5b1L,0x000000000000007eL } },
-    /* 12 << 371 */
-    { { 0xa200e9eefc3de00dL,0xe02a24d1d3a22751L,0xc793c92ead1898f2L,
-        0x46ab743bb70f915eL,0x274fed3cd9a716c3L,0x292a43535c0d17a2L,
-        0xe7619f937874c664L,0xf21dbab53e3c8169L,0x000000000000019cL },
-      { 0x6d19c5de10f6e0d1L,0xc8d263ffddffa70cL,0xac7886e640a77aefL,
-        0x22bd9cf6d4a9191fL,0xc53a3301624532d3L,0x8edfa100fa74a13eL,
-        0x15f04d3357701dd1L,0xd5cfd2ed793d4da4L,0x0000000000000170L } },
-    /* 13 << 371 */
-    { { 0x398ee0581ecd73b7L,0x2f0d408133d6ed24L,0x1fdcc54b5fdbdcf0L,
-        0x0395f23a4c72a862L,0x367f52079a32bf9dL,0x5b0e3a0c52b644bbL,
-        0x1a611bc7d98749d5L,0xf33a5068dbd98abbL,0x0000000000000171L },
-      { 0x2e997900353531a4L,0x61b43baf887ff703L,0xc7f77d0a186f6196L,
-        0x1848d88b69925319L,0x5714b501bc49f4fcL,0x8fea9fe19f096741L,
-        0x967d954bbe08a7bdL,0x3924cd2b8379598dL,0x0000000000000187L } },
-    /* 14 << 371 */
-    { { 0x627f65fd51ed20ecL,0x1c31d4a36dec3a4eL,0x8f222ec0ea76b32cL,
-        0x890e15c3bd5a76a5L,0x236174697a3e2d67L,0xbed29d6dd8178f45L,
-        0xd61f7707c90e2df7L,0x31c286dd91be7739L,0x000000000000008fL },
-      { 0x7ea9ae7ce3d9f5a5L,0xcc26143e9dda23c5L,0xc231022efd1ef741L,
-        0x66e91f63dc1fa1dcL,0xe831781e364d03e9L,0xf2247b2b629af703L,
-        0x08f7eb82ae2b773bL,0x7c543051a0a208b0L,0x00000000000001d3L } },
-    /* 15 << 371 */
-    { { 0xb761f9dacad555a5L,0x1158077a4c08bebfL,0x20eb5340d9178836L,
-        0xa017580fc9cb0f56L,0x6398ac5dd6a9dd78L,0x8c61b607b81a037dL,
-        0xaeff0fa89e9b6cb8L,0x87114bb165251d54L,0x0000000000000047L },
-      { 0x54fe66cde6d7bffdL,0x691934c952cbec15L,0xeec20a71b2822a05L,
-        0xca8eb263df0d5327L,0xe64d4637b7c3f818L,0xeafa8d4f41fffc65L,
-        0xbeca4d821438206fL,0x5b1e7299b08e6da8L,0x00000000000000d4L } },
-    /* 16 << 371 */
-    { { 0x55a64b0a30239552L,0x447c6e084bfab408L,0x43cb43277063035cL,
-        0x68afe121d293b9eeL,0xa975707bed50a41cL,0x15a6a8be4488f96cL,
-        0xdbb6a3d81bf798e4L,0x0de2f103b5e600c9L,0x00000000000001f0L },
-      { 0xc070dab445bb5352L,0xd590d895afdac74cL,0x679fd21d37bfade9L,
-        0xe8dc87e7a0aedd41L,0x9e48f870b31dbd72L,0x21afacd8c7ea78b4L,
-        0x8ac51f26fbcf9d22L,0xb52293afde2b01dbL,0x00000000000001f8L } },
-    /* 17 << 371 */
-    { { 0x3758f2af7936635aL,0x74b798c72b40548dL,0x8f746cb7bc08951cL,
-        0xe7c48c0db90c67e5L,0xb3aecd64547b6065L,0xa7abe0f2357ebb83L,
-        0xf7870c3f514cd9bbL,0xd4d390c38af455d5L,0x0000000000000026L },
-      { 0xe3adfa666f5d6b82L,0x8aaf5a4741ab8606L,0x9f3a4e2e5c7cb83bL,
-        0xbfb5e5f97f817e03L,0xa1774513f962e421L,0xd8530e824f95199fL,
-        0xc634291ffd835e8cL,0xfccc2dcaabd346f0L,0x0000000000000086L } },
-    /* 18 << 371 */
-    { { 0x7f428dac77331596L,0xbf977f5fc255949fL,0x3da177d5c4d98be0L,
-        0x7cb4b3b7a8527c4bL,0x040683908032ca6bL,0xfab16224bb04c171L,
-        0x6660197a9c5610cbL,0x8fe2ad3091c7c2fcL,0x000000000000018fL },
-      { 0xc8df54981bc9c007L,0x9901a26b6aeeb5ecL,0x0c6cd18f85b8d02bL,
-        0xcddd3b72972a7ea2L,0x603843318c6fec2cL,0xd4200454211f8358L,
-        0xc7f5670ee44ccacbL,0x9fcb7d2d97a7417dL,0x00000000000000bdL } },
-    /* 19 << 371 */
-    { { 0xd144b65c368e0f94L,0x2aa6fd1861635627L,0x3f31fb42fe180a54L,
-        0x8883d6b30264febcL,0xe08156372a275187L,0x1b41b0ab2efeb608L,
-        0x7d4d5c8cd9209a9eL,0x059b7e52fb5e4ae8L,0x00000000000000f1L },
-      { 0x99f230bf1ae6d4a8L,0xd4305aa703d12070L,0x500e9eb3bfe7d196L,
-        0xed0419172cc4d4c1L,0x86b8ce8a7c13ad0cL,0xb98fbc926325540fL,
-        0x40a2b38df38b9857L,0xd9db5066e09d37d7L,0x0000000000000079L } },
-    /* 20 << 371 */
-    { { 0x00c31d64181f278bL,0x582351a85e31f839L,0x825b8006a74edfabL,
-        0x3d9bcb438e3019c0L,0xa05cc896415f4421L,0xfa32c6f82e7c6507L,
-        0xbbabcd82d133935fL,0xae65b063ca469a57L,0x00000000000001b7L },
-      { 0x6c872de99ba01391L,0x2905a70571855ccfL,0x9cd262192d4210d1L,
-        0x9de7f89b7aa6af53L,0x8b4cf2b2be39c3f0L,0xc563fc954e4d215bL,
-        0x957fa0bce34c2924L,0xfa619e7a4af69b61L,0x000000000000013dL } },
-    /* 21 << 371 */
-    { { 0xe46ef9e2f940c3e6L,0x54d48ea1dfd4f480L,0x35065f580b11f229L,
-        0x18835d382a2631f1L,0x986d96526284ec7fL,0xd7edda2e522a1c50L,
-        0x351d9e0abcef1fb2L,0x42a4da050d3f2923L,0x0000000000000048L },
-      { 0x65621778920b9d2cL,0xa4e48292ca599b9bL,0x705f6b5f09a51b05L,
-        0x17e2e9be14fb9f4cL,0x626f13c1fdbae0a7L,0xe0fff527a6c97623L,
-        0x0a492326e3b401a9L,0x14005f55d4c7923bL,0x000000000000014eL } },
-    /* 22 << 371 */
-    { { 0xe86339bafd804ef7L,0x0167369276bbf53fL,0x41236f2e3918ec65L,
-        0x1043b6b3c14159d2L,0x732bcb46ab04bb98L,0x88d1cb4c30d86216L,
-        0x3dca271b85ddd190L,0x927fba7b58e758caL,0x0000000000000182L },
-      { 0xca047c60f46e0e28L,0x915c93fc92b64674L,0x8fd233c6794d425dL,
-        0x028132b544a3ec1fL,0x975c8aa816509efcL,0x041ef627622584e8L,
-        0x1989a692938c99dfL,0x7704d7c7bfbbc611L,0x0000000000000192L } },
-    /* 23 << 371 */
-    { { 0xa7eaf4c895142d4cL,0x61e607a03cd97db9L,0x4763744a14981a6eL,
-        0xf54972914ede7722L,0x149141767b2054a3L,0x214aa26ecbf81d43L,
-        0x0f6799c64e524018L,0x0973267933808997L,0x00000000000001dfL },
-      { 0xd8603475f3af64a2L,0xf5e79fd58ab0f9e4L,0x691d0e631fe48f7bL,
-        0x58500c202bae9eceL,0x8867f3767fa96563L,0x5ec76c8c31bb14b5L,
-        0x4a24a4cf719e74c1L,0xa55ab3dc3018ac71L,0x000000000000008fL } },
-    /* 24 << 371 */
-    { { 0x8013eb783899c832L,0x463a9c46e6ba78baL,0x6d3a471ac9682ac6L,
-        0x599a9fb58dbd293eL,0xfabfd28a1897913bL,0x1de9fe55b9a23b31L,
-        0xdd90ed9ad55d93c7L,0x07581309290a5eabL,0x000000000000000eL },
-      { 0x54443bb9978f36b2L,0xc2c254c99f6c65c6L,0xaf9b5009f7b984bbL,
-        0xc5416eec0b97ffd9L,0x1107f9bb5ebb7853L,0x0ff4c94c9d487ffcL,
-        0x7b4f0985507ba23bL,0x0accf6dd5eb91f71L,0x0000000000000044L } },
-    /* 25 << 371 */
-    { { 0x192da2cd26f4c420L,0x572cee9631d8df5dL,0xdab3e7f5bdcf0a04L,
-        0x6a1d4dfbce93d59dL,0x61e82d140038c2cfL,0x8dcf11e453b76f40L,
-        0x0a4a89fff6fd7ad9L,0x1e290ca5ef8283c0L,0x0000000000000115L },
-      { 0xa9681e1b041ae86cL,0x8ed63e5f3f833d4dL,0x3610987bb4d3ddb4L,
-        0xd2ccde6e391b2249L,0xca83117b8d72067eL,0xe1ddd26fa6bdb2afL,
-        0x15ae36b72c70e306L,0xf98cd43ea7758469L,0x00000000000000beL } },
-    /* 26 << 371 */
-    { { 0x1a07bb1c0ac926c8L,0xdbdad1e77cde114dL,0xd677815bc1f3a574L,
-        0x5758e60628dff5e7L,0x95c76291a7501407L,0x5cd2407fdcb4d1f6L,
-        0xeb6d28c4b9472593L,0x0092a86b0b6fd187L,0x00000000000000fbL },
-      { 0x961f53cb791dec5cL,0x77e3a3129a8cd9d7L,0xcfc28c0775f8fc57L,
-        0x748ab16f531e8336L,0x100e37fe05192627L,0x9477fb71d0292d0cL,
-        0x924c1e0546a38ba8L,0x2018a9da4543f219L,0x00000000000000c8L } },
-    /* 27 << 371 */
-    { { 0xfc15c19894d6a58cL,0x6f96632933f600a9L,0x739ca01ad3897cceL,
-        0x4d55aa32f9951c45L,0xba939be9855859c4L,0x6036fd9015e2f163L,
-        0x5d186f9beeb5f81bL,0xa4fcf9103c005c91L,0x00000000000000d6L },
-      { 0xfbc5c0d24972f122L,0x98ba7c8a5c76ac91L,0x2ee0549a178b8a08L,
-        0xa4b87f877d08e3a6L,0xb79bb97e78826c20L,0xf4d47cc987e0716eL,
-        0xaf149859ce5232fcL,0xf06f3b636558ee4fL,0x0000000000000078L } },
-    /* 28 << 371 */
-    { { 0xdca43ef744ad140dL,0x18c95116f62a3beeL,0x766d5e214e144f65L,
-        0x1087ab025d99574cL,0x3bae4ddc4954da34L,0x673d2cac0ddb3e23L,
-        0xfc2f18ff40cd4d2bL,0xb67bbdbf2e578cdcL,0x0000000000000142L },
-      { 0xa3352aac08191be9L,0x24523f454fcf86eaL,0xca79a37a6eb6b7ebL,
-        0x24b8db952ce7f66aL,0xb8ba67584e8f293eL,0xf38b987a8bde44aaL,
-        0x0f3f142659cbcb5dL,0x647440675a6bc1fdL,0x000000000000001aL } },
-    /* 29 << 371 */
-    { { 0x4f553f1e50084eafL,0x17d18de4080f9a12L,0xc601052c365b8689L,
-        0xbcbc88ed44666175L,0x520b172e6e738779L,0x17cf5474d9331305L,
-        0xe5ca54f6af37d665L,0x729f3bb20505c180L,0x00000000000000acL },
-      { 0xb10c1bff0f04c79dL,0x521302ad827da287L,0x2beca71081205674L,
-        0xe817a9cc8bfc4bc6L,0x22bec5a6eb2b7888L,0x57bc24e031e4912aL,
-        0x1a575f46f1fc81a1L,0x52726c48a7f20ee2L,0x000000000000006dL } },
-    /* 30 << 371 */
-    { { 0xd9d203c4598d6047L,0xe1356b6104351a31L,0x8657a9c458b1e12fL,
-        0xcc26f6378ed5aaf3L,0x7272b2e03b6c0450L,0x2ac17670212aaa79L,
-        0x354b375423e6acbdL,0x22b9deae2a4f7adfL,0x000000000000005eL },
-      { 0x20421426b405d02bL,0x62f72a9f20ed4116L,0xb93c24e0308d525dL,
-        0x5489564edbc245ecL,0xa904ab8f3b6d7c99L,0xe4c11c4d99f5d096L,
-        0x1685220588930daeL,0xc2569fe5faef9b94L,0x0000000000000079L } },
-    /* 31 << 371 */
-    { { 0x54b7d472b9625eedL,0x96bf80ab1a3fb182L,0x29904fff4ee84a0fL,
-        0xdd03b6edb1a2ee86L,0x940f809aa2dc4daeL,0x2afc6d8d553e27baL,
-        0xc40f2a4177ffdc58L,0x8af0695509881ffdL,0x0000000000000052L },
-      { 0xbfd40b6420913ccfL,0x4fc3e9d8f708e344L,0xe401cede8f9c65a3L,
-        0x524d923b6757c00dL,0x34ae158b58ac6a2aL,0xcca4076ede97ca62L,
-        0x2504275746574675L,0x5b8c8366883cbd67L,0x00000000000001faL } },
-    /* 32 << 371 */
-    { { 0x0079a845a2fda60fL,0x6dfdf102da8db63aL,0x7d2759600148a559L,
-        0xe089c346684b9737L,0x09f865b2820bdb1cL,0x000daef6891ae57eL,
-        0x384f5eeea4f64f15L,0xdd68e4903da7e79cL,0x000000000000013aL },
-      { 0x20b7457d514ac5dbL,0xa03028fb954721fdL,0x6f20d5185c77cb17L,
-        0x28f92697ad74495aL,0x630e01566b327dc8L,0x6c5067d665832ca9L,
-        0x9c9305fbd3f6db89L,0x681013fa905fffdfL,0x0000000000000188L } },
-    /* 33 << 371 */
-    { { 0x052a6504fcde276cL,0x9ff83d3e03dca446L,0x6c456483086044c5L,
-        0x400568d5025b2693L,0xeb70c97d3644f851L,0x1c742ab829e4ac6fL,
-        0x6af46714baae2f04L,0xd4479f7478f947c6L,0x00000000000001cdL },
-      { 0x1e1fbf4082e4fc01L,0xeaa68ae275f50a5dL,0x499c4cf8e48656c0L,
-        0x3f40e8ea21124f0aL,0xc566ab479726ab46L,0xfd51c6e3f33cf47cL,
-        0xf8534cc9851da00dL,0x2d986dc979325a3eL,0x000000000000009fL } },
-    /* 34 << 371 */
-    { { 0x2d1cc7a62d628095L,0xbcbecaccf7084f83L,0x78bad38b2160880dL,
-        0x1df37a887240ee90L,0x0b59cee4ffc4d943L,0xd4bf72533ff81538L,
-        0x13ddd2ed2d735a8bL,0x70db19b11ebbaf08L,0x000000000000009dL },
-      { 0x7aab738e2d9699b2L,0xf14683cb590a2690L,0x70724263822d9936L,
-        0x814b413b358857e9L,0x9b284542f4d1fbe3L,0xba341ce4894486c9L,
-        0xecfa29df24e844b1L,0x8c25f4197db398e4L,0x00000000000001bfL } },
-    /* 35 << 371 */
-    { { 0x0989fd6fa3f8bfbaL,0x02117ba75cf7c0eaL,0x4c5844374540f23dL,
-        0x1710744e9e8e6c43L,0xdc1372b3f6438f10L,0xa0a2cb729c4e8561L,
-        0xd1bab93a68368006L,0x08b2d51c5111f2d7L,0x00000000000001e7L },
-      { 0x705118155d2f0743L,0x7d1b044ea896f737L,0x0f91e692474ba5bdL,
-        0xb3f073c2df57596dL,0xac9fdc864f784ce3L,0x935a5e29481b5c27L,
-        0xa971f3adde7a4bd6L,0xa1cffafcecf9a22dL,0x00000000000001e7L } },
-    /* 36 << 371 */
-    { { 0x1b626aed7e856756L,0x4c02b4f05910510fL,0xa2a90de9ad139464L,
-        0x83ea60047ae191d0L,0x1928f46a9ab9cb7aL,0x5534f73888c91d27L,
-        0xe0031a2f2b97814cL,0x85b9dbf6280ac4a1L,0x00000000000000b1L },
-      { 0xc4c2339403d60f12L,0x946f2de54e7af304L,0xf6586026d0fd54c4L,
-        0x19818309ac2c7138L,0xd9892eb25758d774L,0x451fc66b1c44714fL,
-        0x3f25ab9540fc9e5cL,0xe56efc7a8aac7a22L,0x000000000000016eL } },
-    /* 37 << 371 */
-    { { 0x84f0e7a3cea4d0ceL,0xa7728bf113707f9aL,0x1d933350247981ebL,
-        0x34f0f2bb7bb094eaL,0x2f1819ad7e307990L,0xc52e823c730a56b0L,
-        0x29203f56f2cc5b6bL,0x065fc11932c1430aL,0x0000000000000079L },
-      { 0xc38deb590a0c113dL,0xa8e60a9b5c85b7fbL,0x1b4a907f44e567caL,
-        0xa57c9bff9092f1d5L,0xfa8d7fa56e0d6c5bL,0x559ae140d6c660a4L,
-        0xfabdb4288cfb6e11L,0x54cb7688b87dda9dL,0x0000000000000065L } },
-    /* 38 << 371 */
-    { { 0x4cdf8a5640802856L,0xb093e241a4a7480fL,0x576c0cf150b6457aL,
-        0x14ff4a8b058e9d35L,0xb21d8c190109ed61L,0x7e5665920c1db4afL,
-        0x36ba4ef915791634L,0xcaf371a71d77afa0L,0x00000000000000f5L },
-      { 0xad4eb0fd4602316aL,0x4c1a0bfbe55635f8L,0xce0ed653ee1f570cL,
-        0x8073dd5e35096165L,0x98a7d8c3635ca5ddL,0xc5c250773c9e3650L,
-        0xe1fcd377487c2433L,0x3319733e097d8560L,0x000000000000013dL } },
-    /* 39 << 371 */
-    { { 0x304c6914e1dea7e4L,0x41d73698a178321eL,0x8282c3544499c318L,
-        0xc89303ea889a1aa1L,0xf22db4e07f57871cL,0x4674f5c53ce03a4eL,
-        0x6691881b63513ca4L,0x94a96d0fe012c78fL,0x00000000000000c9L },
-      { 0xc3ecade9ef232dcaL,0xddd2a751d4c84690L,0x2f25657a9d3d585aL,
-        0x87c2944a846e84c1L,0x1d698bf57907e091L,0x65c42161a2f220f5L,
-        0xcff188228c247a7cL,0x3391b401c1c4a35aL,0x00000000000000ceL } },
-    /* 40 << 371 */
-    { { 0xab14f586b69e066eL,0x3d8308fe198d67f6L,0x9bc53a0cbb4ecfc3L,
-        0xa2057c4059a3b558L,0xd21e271d18789187L,0xd6d29ba1562cf2b2L,
-        0xa247ac0da5521075L,0x419bb80c0b39367fL,0x00000000000001b3L },
-      { 0x0950c5ca7fce595fL,0xd07ff0ef4ee87d4eL,0xa2ed463145b980f1L,
-        0x6bc63c99587079e1L,0x285d306134f889c3L,0x93c029ade97b8a76L,
-        0x048f151b1dc86800L,0x69c5d19225bbc4ecL,0x000000000000007dL } },
-    /* 41 << 371 */
-    { { 0xd3f0afc8bdf94481L,0xc2e80a6c7e877adfL,0x640e4c028b332b2cL,
-        0x48e6df1ddadae6eeL,0x2d21985cbe6727cdL,0x508bcca2a0c64c31L,
-        0x2357969462e25c17L,0x2d968e90833629fbL,0x0000000000000074L },
-      { 0x0b400771bf0004d1L,0x0dd2ba8f732ac6c7L,0xd2763f3ee9c8ebcaL,
-        0x5a8ce5f4b4da65e4L,0x1e35a7e4fe30cce6L,0xa06e97884b791927L,
-        0x73f83c9a9857643aL,0x67fa51e3abdb7475L,0x0000000000000180L } },
-    /* 42 << 371 */
-    { { 0x4b13370446e00296L,0x58469825ecf84fdcL,0xe74203b87facef7bL,
-        0x54e0d777083cae38L,0xa4793f4b884beec4L,0x9a8ad2accc02badfL,
-        0x290844ff9959c92eL,0xf20beeebf615c267L,0x0000000000000004L },
-      { 0xe05d9d8869641a28L,0x612febd9d4942cb6L,0xc4beed25bc912c67L,
-        0x2823c041b15d0758L,0xb4a3b23607b1ef19L,0x6d93041ca6fcb0e9L,
-        0x291d2e3a5fd96b41L,0xc8d023c0ad731fecL,0x0000000000000177L } },
-    /* 43 << 371 */
-    { { 0x69db450ecf05454aL,0x525c58ba75dcc6b7L,0xabeeb3bd0f61f7ccL,
-        0xa7f6efe0d44b4aeaL,0x18229e9f49553eb7L,0xb2a463ea04fec5cfL,
-        0x79b8b43a90bd5c0bL,0x4d51d7f82413ad3aL,0x0000000000000077L },
-      { 0x0a5e7644b24c675bL,0xb2bc3292baddaff6L,0x7e9b435708757e9fL,
-        0xa9fca74e7dcf5d67L,0xe472ad966fb18401L,0x0bf3fccaf63d812aL,
-        0xfb195c5c96de8f40L,0x2301c12a4d363556L,0x0000000000000164L } },
-    /* 44 << 371 */
-    { { 0x853466f88199c13bL,0xdd186f3bb0442634L,0x6d825347e8a180a5L,
-        0xf311344bf05ea1c4L,0x543f9e173f1923f1L,0xafe9831ddb31fbf5L,
-        0xaac76e2e3fe85ce1L,0xcb2c4b1739f665e6L,0x0000000000000026L },
-      { 0x3f57a6d775b32737L,0xbab11b99a81e2c0aL,0x8b08cbcc651dac3bL,
-        0x889d9229f60dda2dL,0x01f560868c1dda9bL,0xfd2f6e052a872c52L,
-        0xd3107bf129a751afL,0x1817e8dd467418d0L,0x0000000000000142L } },
-    /* 45 << 371 */
-    { { 0x7c9274e1d1cb0137L,0x01a8534b7cbb09a6L,0xc6c9af57e5131af1L,
-        0x8fab2771d276194fL,0x28137f5170cb22baL,0x5da5963a1723f388L,
-        0x7e695abb9271a05bL,0x5b529cb96f26897cL,0x00000000000000f5L },
-      { 0x6740acd14d086e85L,0xee755ca560ddae0fL,0xc088e52bb4ff1a7aL,
-        0x297fabb504dc5ab7L,0xff60a2d3d794648aL,0x6c6db4ae62e808e5L,
-        0x0d8e99f3839f623bL,0x7578d594663b07d6L,0x00000000000000e2L } },
-    /* 46 << 371 */
-    { { 0x5dd4c07bf5fdc2eeL,0xbcec9e0dd1d27deeL,0xaffa6445e7512c4aL,
-        0xd6b231ba13b92689L,0x0bd338d613334d2dL,0x9bd0284664cf3419L,
-        0x0d52aaf854f6723bL,0x976e912d4b5a9b89L,0x00000000000000cbL },
-      { 0x0948483cf4895aebL,0xa34bdf41f41c95caL,0x85e0ef7f3df7ae66L,
-        0x2815167549268058L,0x78edc00d1b0440b3L,0xff99353b86ea5b8dL,
-        0x6b678541865c84ebL,0xc40ec092b9391588L,0x00000000000000a9L } },
-    /* 47 << 371 */
-    { { 0xa7b60f40bc65e597L,0x37cd630e90841defL,0x58baffce898b2bc7L,
-        0xe885f4a0581ac6c7L,0xf964d08319b9fb1aL,0xf4a5ad855b3ac282L,
-        0x90717aa56443f6a9L,0xac47726ca0dd88c9L,0x0000000000000182L },
-      { 0x3cdce286373ca424L,0xa7aafe97d673367fL,0x0c49b41131deeda9L,
-        0x847dd95df6d479a9L,0xaa72287549401096L,0xb2a054cf08697d21L,
-        0x1b72fdcf99963174L,0xb2cca97313acd04dL,0x000000000000007cL } },
-    /* 48 << 371 */
-    { { 0xa0d6c9190fdc0e64L,0xd937bde3d6679591L,0x9fe10f20a7296b3eL,
-        0xbdf41b3b5deae5cfL,0x6e5b59b969a28c2bL,0x17c81d3b37854490L,
-        0x61256f231f7560abL,0x2696b1a3d3960a12L,0x000000000000018eL },
-      { 0x5ec3263c732ac301L,0x6a9d57cc6da756ffL,0xb613de1323d4d5c1L,
-        0x90e38bc60196d425L,0x68ed94b6587d8458L,0x332f6403561f02e9L,
-        0x0b27d3cec8e40caeL,0xe9390832106640feL,0x000000000000019dL } },
-    /* 49 << 371 */
-    { { 0xe79632c57658c9c8L,0xb1f037013bb06475L,0x5bb0edce86ba01b4L,
-        0x06572eac16fbe169L,0x2c8e64c3a5924068L,0x7ede0ffe23732feeL,
-        0xa4591159b92acbf1L,0x1b4f74c83a486e3bL,0x000000000000011aL },
-      { 0x0d82a706815e1bc0L,0x06a4c7551a01cb3cL,0xeac6109da5a2752fL,
-        0x9c365f91d94f2e37L,0x20cdddbd3616120fL,0x92b19f0c53afa50aL,
-        0x7f2c06d314dc5f36L,0x5a35a24d05dfe73eL,0x00000000000000ebL } },
-    /* 50 << 371 */
-    { { 0x2940829b80478312L,0x6d88f23799ba7c9aL,0xed75717d55f305fcL,
-        0xf6234707f1c984b6L,0xfe0a83681e1eadd5L,0x793a987e7a7b7a56L,
-        0x13e0532a73a9a0d3L,0xd848c44c039e4c62L,0x000000000000004dL },
-      { 0x31b935621a681f5dL,0x0d47a8022edb93fdL,0xa221a02ed1f56820L,
-        0xf9944066e96bcabaL,0x6c3e8d317fc20290L,0x2e17289b025a2ff7L,
-        0x868dcd9301d72466L,0xf3c79dec7f37ad64L,0x0000000000000080L } },
-    /* 51 << 371 */
-    { { 0x80badd631af7163aL,0xe2608a8f629cc578L,0x1892410d5406ae87L,
-        0xbc09e8683d5d72e5L,0x14574558087607f5L,0x00948800d06fba2eL,
-        0x060ad156ab277f3fL,0xc764bee6823c305fL,0x000000000000014dL },
-      { 0x917cc72654d505f2L,0xe7795a1811309b88L,0x081915da5c4cc728L,
-        0xe3effbf55402b2c3L,0x508c65bd11febf13L,0x816b40557ac06302L,
-        0x4c50c5415428384bL,0xbaca344ca425f49dL,0x0000000000000111L } },
-    /* 52 << 371 */
-    { { 0xefebc3458f3735c1L,0xefe2d438ca5765afL,0xfd5881b2e7d0155dL,
-        0x307995a912eee27eL,0x7b9d4f553b608fb7L,0x708a3f06ff1c1eafL,
-        0x211f548861ef1913L,0x7bca0d46345312e5L,0x00000000000000eeL },
-      { 0x4015390c5a59bc8eL,0x669a2ef16c9ea8beL,0x37929e3112ae532fL,
-        0x6de9c6360a87cc7fL,0x676cd09d6c8c1ed2L,0x35aa3cabb7391859L,
-        0x4a95c14768a7d508L,0xda6e0209342e55abL,0x00000000000000c1L } },
-    /* 53 << 371 */
-    { { 0x85cf89c2f55b9236L,0x96d932f8623e2b82L,0xbbbaf4ed76def064L,
-        0x15ba1b2b59036e92L,0x1a2bc54b01f493c0L,0xb1dd70b1dbf80e4cL,
-        0x165dfa44fcd048d4L,0xc5f38ed45a7a26fcL,0x00000000000000efL },
-      { 0xffdb58f7756de9cbL,0x562fdec0964e7b0eL,0x40aff120746111edL,
-        0xcfc66bfe369b2314L,0xd4bd6928d1966fc1L,0x0e4f2a7e7aa9bcd0L,
-        0x7e4b8b6bd7888e90L,0x0bc4574aa4d094b7L,0x0000000000000192L } },
-    /* 54 << 371 */
-    { { 0xd94caad6bf3e4eb9L,0x940077c745546cf9L,0x23828c7cccb72d42L,
-        0xa06e1dd3e7fd28f3L,0x736bbc49c6a02e4dL,0x0aca0d8e8dd80a94L,
-        0x1e7355bdceb1aba9L,0x33cf05a96f071875L,0x00000000000000f6L },
-      { 0x87b3066dd067d6e7L,0x05db3ffab697139aL,0x681dcd62d8d90d65L,
-        0x9710f9de2cc68eddL,0xc7d09e4f9b997b9aL,0x496208d612c858e7L,
-        0x78dfdea3f1692d2bL,0x8ac90137e2dc87f9L,0x0000000000000114L } },
-    /* 55 << 371 */
-    { { 0x28dc28c979900f5dL,0xa2e881e24e099d79L,0x0d7885bbc60cf219L,
-        0x72bc84f5273c738dL,0x9321cc7f255f875fL,0x8e9b118bbc4969afL,
-        0x6886bf6250d698a4L,0xa31bc597d162494dL,0x00000000000001f8L },
-      { 0xdbea4f4c2ca3c41dL,0x7058c9c296f26b6dL,0x6ffbc7e3d72b2797L,
-        0xf15734a58075e016L,0x8ae59627d4df5cc5L,0x942ceaa51c4364bbL,
-        0x63d829e0d5a8b20aL,0x214a81864f8e049eL,0x00000000000000c2L } },
-    /* 56 << 371 */
-    { { 0xc0df77af85724c67L,0xcc83a425dd94fbe7L,0x6923e6ffe4c0e0ccL,
-        0x3dad274320f8571aL,0x7ba73c28b62ef81bL,0xd60f9232838d2f78L,
-        0x49a10395a7a6f55aL,0xc655ff3e8f133f51L,0x0000000000000075L },
-      { 0x5789909e2d6ab713L,0x5410badca52cb233L,0xbd3f37fe63454a5bL,
-        0xc71998f0977b8cc6L,0xc70977414b81b017L,0x1d37afe2393bbc02L,
-        0xc1f809b6d7cc8c20L,0x18920c3706ca3cd2L,0x0000000000000154L } },
-    /* 57 << 371 */
-    { { 0xdba5d98ececb3b2fL,0xfb97226090e743f2L,0xbd6ce397fe42c950L,
-        0x28b067328d584404L,0x980fb92181815117L,0x02054320454978d5L,
-        0x0563def626ab7bf0L,0xf531752a8c7146eeL,0x0000000000000140L },
-      { 0xd5cb7c6a87f97b5aL,0xbc242e6e9e1a8cd7L,0xfdfb12e765cee902L,
-        0xd2e3803a56a42f2aL,0xe8ac69ade9206ed8L,0xfb57c402668b14a8L,
-        0xef8f858c226e171cL,0x5021b98bec8fb4fdL,0x00000000000000d5L } },
-    /* 58 << 371 */
-    { { 0x2449088deebada79L,0xa23a4de43ccdafb2L,0x78b6631a789d4228L,
-        0x419af03cb6ffabffL,0xfa3699ee13133cb5L,0x737ec4d896c22a36L,
-        0x32edef00af55b6baL,0xe6f1c72e96e0d6a2L,0x000000000000011eL },
-      { 0xc0d0be8fc4de6c1aL,0xb7eede852cb83932L,0x65c116ca5f89a922L,
-        0x77b8e6aff6c6c162L,0x7127e0625a82e691L,0xb9ae11c241062230L,
-        0x64716a12cad22949L,0xd6cb5ed80e142596L,0x000000000000000aL } },
-    /* 59 << 371 */
-    { { 0x5563c8044eaaf6d0L,0x83785e884d61282aL,0x2d19641075b9e703L,
-        0x738abe2a67031bddL,0x7351a702392114fdL,0xd74621a2b438377aL,
-        0x224da5806c76f049L,0xa7ce99ec732477c6L,0x00000000000000aaL },
-      { 0x6e0e5a3a38bca0cfL,0x576efbc8ce259960L,0xfef2bf2e07a2c533L,
-        0x0c374e7b37f23263L,0xd8436d82f9603370L,0x5afdbcd6f047d841L,
-        0xa40d0067db50a26fL,0xfbc47928c1287fd3L,0x0000000000000133L } },
-    /* 60 << 371 */
-    { { 0x10c10e89a4f78e1bL,0x0bf7c82eae25d4f8L,0x198522759bb8dd0bL,
-        0xdeccab587ef26c90L,0x51d20addcf49361eL,0x997a0f9909827779L,
-        0x102a745d200dafdbL,0x98e1484b723114d0L,0x0000000000000034L },
-      { 0x3df6bedb00b69cd3L,0x7bd05f836f56e429L,0x9d31ea08762b3f9aL,
-        0xef84ee087204e805L,0x20d6c20de5a264e8L,0x85b6881ad7fc3279L,
-        0x8cff29870dd12086L,0x43898d6cbcca4f36L,0x000000000000007cL } },
-    /* 61 << 371 */
-    { { 0x8fdc9befa560413bL,0xe9ea9e2031f2730eL,0x8f3b05243a61d0e5L,
-        0x2932274c6f9d4628L,0x36d58f3218df923fL,0xf66083b38611bc64L,
-        0x6348e55c2d53743fL,0x69059a3b79693090L,0x00000000000001abL },
-      { 0xd72bb101f0d34585L,0x22d4ada32f8309f1L,0x19c6543bdb11c225L,
-        0xab0ba09d5349e6fbL,0xfa38b0c8fd6bef5fL,0x40e20ab68c5ddf83L,
-        0x28351a4d2e87ae87L,0xf51f0b52b8ff6cf6L,0x0000000000000024L } },
-    /* 62 << 371 */
-    { { 0xf768cfa5b3ce1936L,0x82c193e7cb0845b2L,0x0c2bbb74fc4dec8cL,
-        0x6f0684557438b1bcL,0x7d7535bb62d4a96fL,0x40c7498bcced8820L,
-        0x1ac733eed2c44657L,0xbc9de98f03f077d2L,0x000000000000004dL },
-      { 0x0db45688d55b796cL,0xa2f1857c7be53b69L,0x4df73c3c4671711bL,
-        0xfe01dc6cd27fc313L,0x2f770bdcc11c8592L,0xcc8eb844ac8593b7L,
-        0x8163d65855437a70L,0xe6072e3b4b436e88L,0x000000000000014aL } },
-    /* 63 << 371 */
-    { { 0x6a90b471803837e5L,0x18d7ef7345c32e26L,0xe5f4a8575ee5bdd5L,
-        0x5d0201d0e7e31757L,0xd856baa14b111dacL,0x6e346ca66b462db1L,
-        0x45ea4fb338b88b95L,0xde8cf5a046477f38L,0x00000000000000f1L },
-      { 0xce05bfba7c2ff5b3L,0x27291f1f1f7a8bd0L,0xc7620f3025a57de6L,
-        0x1847ea5c759e1d2cL,0x02ab7ec1e3774792L,0x3807be6e22b81177L,
-        0x389ec8496c206771L,0xf5c4fd984a375d6fL,0x00000000000000cdL } },
-    /* 64 << 371 */
-    { { 0x9d590ca72a708597L,0x5ea564a217c45d92L,0xa7098ca409f8d031L,
-        0x231c716117a9a6d9L,0x5919a777951ecc81L,0x9fb5df367ab0cd85L,
-        0x7f4d2d7a2b6b445cL,0x73a2764668251f9dL,0x0000000000000037L },
-      { 0x7bc56153e9e14113L,0x4747084f030af56bL,0x865abbe91efa69ecL,
-        0xaf6534b5da5d565fL,0x40549f0bb0001866L,0xc451348f812351afL,
-        0xe7323ae9190eb107L,0xfb3fd76fbfc098f1L,0x000000000000001aL } },
-    /* 0 << 378 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 378 */
-    { { 0x7ef1f62ccf0f33caL,0x225317b7184de5d6L,0xba7645c1260fc821L,
-        0x522c34f2d057844cL,0x53282114c4a6dff0L,0x6d3d84005f6dbdbdL,
-        0x165e4194f3fb787aL,0x210a607ac8c575ebL,0x00000000000000fbL },
-      { 0x68c834c2832c8deeL,0xcc4ff8611602f932L,0xdcfa537d456ed4bbL,
-        0x68f201750c079647L,0x972d770b8f28ecd5L,0xaa8fdbe82d099800L,
-        0x06285716ecaddb29L,0x67fa9a61d5dc6040L,0x000000000000015bL } },
-    /* 2 << 378 */
-    { { 0xe12b714e622ed5c2L,0xb1e036a7cb699185L,0x3920a7371ab44645L,
-        0x9844c8d9f5a325e1L,0xa91bea02c02de758L,0xaae624a018ade985L,
-        0x3a700e40cc31937dL,0x47c0b398bfdea449L,0x00000000000000caL },
-      { 0x04213750a9e1b74eL,0xa1d25057b3f7ff5bL,0xf8c7fdcc259dc673L,
-        0xa837e675953ca2b9L,0xe23e1e1fabf04630L,0xafe1f1b99889ea3bL,
-        0x40988791c4db25cbL,0xec8592e4f18669b8L,0x000000000000014aL } },
-    /* 3 << 378 */
-    { { 0x1fcf2222c7504de2L,0x7a048586b37c96d2L,0x75a974ff2600255fL,
-        0xfd8effbeea7922b7L,0x871c04531c3aeb4aL,0xe9445f23f167a3eaL,
-        0xe8b8f95431d66e47L,0x3ba0fb51b46bc080L,0x00000000000001dbL },
-      { 0xfa565b995ec9920dL,0xfeee4e89a25ec3e5L,0x8428e8ea5fe155d8L,
-        0x31b55db4caadb703L,0x1c66ace9fab8f8f9L,0x9190e7bf0f688545L,
-        0x36695f2f7ad75316L,0x6674f106c6d6a5c6L,0x000000000000016bL } },
-    /* 4 << 378 */
-    { { 0x18caff50efbf6b21L,0x0eeb65ec51f2ba1dL,0x2cd8a43f296c458bL,
-        0x04d795b29747ceabL,0x52b0bca6dc306c57L,0x39fe8ad517ec9c28L,
-        0xa4a9e3fb81a0cb57L,0xdd6933a9a638d6f5L,0x000000000000017dL },
-      { 0x9893eb50d39ac021L,0x3bf7087339bd296bL,0xa10440a7792dec05L,
-        0x96be97e7a67ad18fL,0xcf2175ae17ae5f6dL,0x70fbb8bf0b6f0503L,
-        0xbb565fadf7a755adL,0x8904f9a093ccfd37L,0x00000000000000f8L } },
-    /* 5 << 378 */
-    { { 0x971b01fc2042af7cL,0x11b2c0307449ebbcL,0xe151578f6c456ea3L,
-        0xc31adfedd9445535L,0x5dc3e787b13a3d98L,0x980db984e1bc2ac0L,
-        0x97f837868ed9752dL,0x0eccc88119cc9947L,0x000000000000010cL },
-      { 0xe7a55af26e4202cfL,0xb38c0786032e736bL,0xe315cca3db912a92L,
-        0xe02fb77c5d424e69L,0xfc196d63cee674b6L,0xd19ffd2edb4f40e4L,
-        0xb9f89932b6e2749cL,0xfa1b8b625345d087L,0x00000000000001d7L } },
-    /* 6 << 378 */
-    { { 0xbbd6b9b6fcb957a9L,0xb8cd2aac28e9a858L,0x16959f6e00533aa4L,
-        0xa81de300f05c87eeL,0xd64c0234e01f1fc6L,0xa35e2db9035bb306L,
-        0xbf57719d17545c33L,0x67cf28a2fe2c9778L,0x00000000000000baL },
-      { 0x747839247b2ee141L,0xb20fd87638107770L,0x38f43f8a115e285dL,
-        0xe4dc2337be44c1aaL,0xc0a9fdabebdb2590L,0x83b1017260412a11L,
-        0xbc0797cb6c8e3144L,0xde47a666ebc61f01L,0x0000000000000060L } },
-    /* 7 << 378 */
-    { { 0x68c60c44993f8222L,0x3242a8afcabf4bf6L,0x6151a88033d5edecL,
-        0xce5e0d4b5b66eb95L,0xd5a8ddd2df34b84fL,0x0a57559677e14d2bL,
-        0x6b8e78f78bdbc216L,0x1f6b94ac13b5a167L,0x00000000000001b6L },
-      { 0x5a252b95aaa7bcc7L,0xb0366a61ee28e333L,0x721a9b24e1fbdb73L,
-        0x4e73cf1cdc60cbf5L,0x7744e830ddbf9b87L,0x0bc943e99d8e60c4L,
-        0x48c37b3ef7aeaeb2L,0xea23eb3ac6610f28L,0x00000000000000dfL } },
-    /* 8 << 378 */
-    { { 0xc7c5d4242b72359fL,0x9aedfa4ed89718f9L,0x74773e4f858b335cL,
-        0xcccf6730b5020d9eL,0x7f2b567baaa8bee0L,0x929b3d35d1d4c7cbL,
-        0xbf1c55591d6602b4L,0x58fd96154782966dL,0x00000000000001c2L },
-      { 0xf87aa9d87095c048L,0x145af97f67c5dc33L,0x1541a34b5808379cL,
-        0xd5be204572f16afcL,0x008a4aa0a10e4d9eL,0xf75936efadb03c27L,
-        0xcda58468a6d93005L,0x1817e5bad0cfa2ccL,0x0000000000000078L } },
-    /* 9 << 378 */
-    { { 0x7fd99a18a2f628e5L,0xeec261701304cb4fL,0xf99f01680146e6aeL,
-        0xf3e3762978f53f23L,0x5fcabd21f138d376L,0x7872711aa084d16eL,
-        0x96911ccd5f3b555aL,0xf959c94ce8c39ed8L,0x00000000000001d6L },
-      { 0x2470f0a5f551f7aaL,0x7eef9b723dd57d82L,0x04110c484b42ac7fL,
-        0x6c1a12a04eb664c8L,0x47f1715711e0fd68L,0x4e51416c90d00893L,
-        0x38843dcf77b01086L,0xab132a0fbda87debL,0x00000000000000aeL } },
-    /* 10 << 378 */
-    { { 0x6258b29f813fbb71L,0x9f43e2a3d4201179L,0x04bce1fd4ae85168L,
-        0xb6919e51b37d3de9L,0x147eea3e85fe635bL,0x56f4e6e7898401b9L,
-        0x711ff12cb0b8a1deL,0xa6fa12cd8720cbd8L,0x00000000000000c1L },
-      { 0x4b5a3c99e8a60e98L,0xd8e57a658a00f03fL,0x91a8dcbbcaebcec6L,
-        0x44b04cf5355e112eL,0xacc706ab9cd62b2dL,0xd24a1f6ff56e7060L,
-        0xd5d6a2b9b0814270L,0x1f19697e0659fb13L,0x00000000000000e8L } },
-    /* 11 << 378 */
-    { { 0x6cd1913f5c97d8d8L,0xab72e99fbb94b154L,0xc288647a9049a264L,
-        0x6e9d0a5ea9bad9afL,0xc2c7f9c684af75dbL,0x171064782b1355e2L,
-        0x8b29dbe3352a6b20L,0x179974899e7c0e22L,0x000000000000011fL },
-      { 0xef8d33f97c34be01L,0x1469347f10b46c03L,0xfd1e25cbdfc7f736L,
-        0xdc1715fd11482a6fL,0x041c0ca1f7afc700L,0x513277296b2e7b33L,
-        0x820b886909015f92L,0x7fd2bd94ba584623L,0x00000000000001a8L } },
-    /* 12 << 378 */
-    { { 0xf669c4582cff741fL,0x558296d0cb12d0f3L,0x4ca064d770be227aL,
-        0x02b8d5cacf89f9f2L,0xb4e066608f1e5a13L,0xa030d85a9c08b765L,
-        0xdfeb77d6922e04e8L,0x65930c729603967aL,0x000000000000015dL },
-      { 0x70cdeaff4ff2e952L,0xbaa81ba88b6332a9L,0xe573d5b4798836fdL,
-        0x5b68b878605c5eccL,0x3f0a6abd47bc37ebL,0x823a54e1dfa7f440L,
-        0x2fc0aa7a5c500937L,0xb97b588c35953c9bL,0x00000000000001abL } },
-    /* 13 << 378 */
-    { { 0x7d789b9087b7dd4fL,0x4976f243c24b301aL,0x0f6198c9640d22cdL,
-        0x7a23eecf5f188165L,0x822ff8c203fe646fL,0xeac1adb321eb3279L,
-        0xd9d1b22e196e1874L,0xd06dc84c8fe3f31bL,0x00000000000001f1L },
-      { 0xcff3200080218f0bL,0xf427e062189bbfe1L,0x11f7040839650e1aL,
-        0x78cf93c09bd7d3abL,0x297ab5cc4bb1dc5cL,0x3cafe6cabdeb897eL,
-        0x38ba64a35508aeceL,0xdfc60e77a99847bbL,0x000000000000013aL } },
-    /* 14 << 378 */
-    { { 0x727469356d9aeddcL,0x0063b3643e937a7eL,0x4451a20aa161dff0L,
-        0xbcb491a8a3e9efb9L,0x878d694f5134d997L,0xed8ee2f3215771a0L,
-        0xe231e6705410f9ccL,0x72716750ec1fea93L,0x000000000000010aL },
-      { 0x254ea4bca45d8095L,0xb3d903725398d742L,0xe51298cff66aedfdL,
-        0xa530fd64c377e046L,0x68b31f366c7f5f39L,0x7e157769c86662bcL,
-        0x8ff3a79cde21fb57L,0xdd498d1d7c37978fL,0x00000000000001dcL } },
-    /* 15 << 378 */
-    { { 0xf72ba696bad7f9f1L,0xef0bbbbfd7bf9dd5L,0x8b8bb6f20e7a7b7aL,
-        0x86de41c7cebdc20aL,0x3be5c2c2b0e47167L,0x2cf82c5efce45a8bL,
-        0xb309beb60f8be277L,0x485f837752133ceeL,0x000000000000019bL },
-      { 0x3f0fdc6f16b88e7aL,0x6e4ead572b6edd43L,0xe1e73101ebf2ff39L,
-        0xbd513613ff830b18L,0x5803953eae63df26L,0xbc4b8e2d0f2a108eL,
-        0x624c2bdb7feb9952L,0x91ce40cc4a8ed81fL,0x000000000000010dL } },
-    /* 16 << 378 */
-    { { 0xd89de8041ba719b6L,0x9a84d6145b7139e2L,0xc2f91c87d16e4f4bL,
-        0x7adcb047bb8175eaL,0x4c301c4b3c2fe568L,0xec7dea0ce6e82790L,
-        0xcc2c78869ce824abL,0xaa0f82dc64e12c47L,0x000000000000016aL },
-      { 0x3c6dca8ea0b4332dL,0xb161c4e9d82dc4dcL,0xfda8729063029487L,
-        0xace5d0b634209806L,0xb8c940b78968ac6eL,0xb61329e9d0c0973fL,
-        0xbcb0a143b1aa99b6L,0x96b831932211ae06L,0x0000000000000057L } },
-    /* 17 << 378 */
-    { { 0xcc654c3af4fab0d0L,0x3a7193d45e93c2bcL,0xdc03184c037e85acL,
-        0x994431edc77bfee2L,0x7f840982a1d69ea6L,0x64144b55732776e9L,
-        0x6dfdd076f3767206L,0x10851baf67f36980L,0x00000000000000a4L },
-      { 0xbc53bbcd0a6119d6L,0x56f7202f83f4b808L,0x9bb6c525fc7d8415L,
-        0x4e2c95178310de3cL,0x571b5e0936d1c854L,0x624cc7f6fabd72e2L,
-        0x71eb58cdd9dc56bfL,0x9d76432a443b8059L,0x00000000000001c5L } },
-    /* 18 << 378 */
-    { { 0xb9118d534b29393bL,0x8bf825e2e9376465L,0xecc73fc2f6b988f1L,
-        0xb0431205a33b16deL,0x91cc2704f5e72a40L,0x072fa1aca15f1e6dL,
-        0x414dfb0e57824766L,0x86360addb12159a2L,0x00000000000000afL },
-      { 0x9dd10faff209743aL,0xcf7178eb7cdd7a84L,0x8e5d30ddc7e5e621L,
-        0x1a6ce1502049e4b0L,0xa18d488715cee376L,0x0db2ce2deb316c23L,
-        0x0941fda5c1b42ea1L,0x895b347c8213b66dL,0x00000000000000feL } },
-    /* 19 << 378 */
-    { { 0x13fca9016d4b4f9cL,0xd76d3bc50fdeff6fL,0xf389e515b1be5101L,
-        0xda9a159ba6ff67a0L,0xabe611a18258a9b7L,0x300fd58ae44d3117L,
-        0xf942ed560729163cL,0x6a9c601afd9b49ceL,0x00000000000001dcL },
-      { 0x01dd23e56a998f6eL,0x1e8e8da62ed942caL,0x141780e73437bc31L,
-        0x5f81d0587b25adacL,0xd166b90f7126e231L,0x9c4af4b145aaf0d3L,
-        0xb3fd98f0f33f7481L,0x98f6cb285307b8d2L,0x0000000000000037L } },
-    /* 20 << 378 */
-    { { 0x39a64d5d2fd93ad6L,0x667ff12d2637e7f1L,0xed31162e5151441bL,
-        0x9abdf9168277e2bbL,0x1b7630f0ec0a5f93L,0x89a828cc5b002930L,
-        0x912428adb246befaL,0x632b0787765dbfe1L,0x000000000000018dL },
-      { 0xebf44ba86693bafaL,0x3ad447318a12bb84L,0xc0e12abb5d02d2fdL,
-        0xccdcbc009ac44290L,0xfcc3f910ea70a61bL,0xcaed56197dbbd680L,
-        0xeca08d0b2d159763L,0x4f51a9af6d9dc6dbL,0x0000000000000095L } },
-    /* 21 << 378 */
-    { { 0x3730726c925f6af8L,0x524421fae7224ab4L,0x1aec24f0a5f4383eL,
-        0x629f850c80fe5b2dL,0x8aaca9471188c165L,0xccff714298ede9e4L,
-        0x43c517b119ab2bb4L,0xcaf6524f70094fd5L,0x00000000000001f6L },
-      { 0xdc1ec8c7ccff9006L,0x2b848d94bd3c886bL,0xf0450380462da9cbL,
-        0x5fc95f0aa7246725L,0xd8c6a8f472969208L,0x47615458614cff26L,
-        0xceb01f21dab37dd7L,0x2d5fc9084a992e5bL,0x0000000000000095L } },
-    /* 22 << 378 */
-    { { 0x0a5c77dddfc1712dL,0x94a283f3cdb8fe3cL,0x9180c2149c7ddf13L,
-        0xc61e53c7fc061c25L,0x3f2d5898ed6b66b0L,0xf956d429f2775780L,
-        0x009936172599b777L,0x275022d3315c4538L,0x000000000000006cL },
-      { 0x09ffdfe9389149f1L,0xdf706504130dcff6L,0xd5e9e831a43853f6L,
-        0xcb16e7db2c76d906L,0xfa644e731a6023bbL,0x93ccda7c56319253L,
-        0x0f36a540e75c969aL,0xe5824f21d1c63fc4L,0x00000000000001f1L } },
-    /* 23 << 378 */
-    { { 0x12a31002e3beda68L,0xae12c484bc59084cL,0x21f82d81a6320c77L,
-        0x82a9e0e6c37dd1e5L,0x672d57b4396dc114L,0xde55fbfb692cad7fL,
-        0x58613e19cea6fcb1L,0x6c1ac62e9322e880L,0x00000000000000c6L },
-      { 0x92578cedb2d1f22dL,0xdff3a47d86773c2fL,0x6bd302c02edaad87L,
-        0xa320a18615e3ca42L,0x2f12c817bac6dcf9L,0x59fab6f0e98fb56aL,
-        0x378b36fb6afdac5aL,0xb71742e57cba0062L,0x0000000000000141L } },
-    /* 24 << 378 */
-    { { 0x6372245924ff803aL,0x4c6743967c6401e9L,0x322820a88efb71adL,
-        0x49a9bb7e18386499L,0x809f13b4011be153L,0x21ea3bed1caa0e61L,
-        0x062a8eb9cb8a3c34L,0xdad37ca0d371b482L,0x000000000000004dL },
-      { 0x517e7e99425737bdL,0xf0d5129c74652ea7L,0x46e5f98b493390ddL,
-        0x889c952faccd9071L,0xc01d4483732246ddL,0x6e3982ca191b7f2aL,
-        0xef390898ec4ffa9dL,0xac0c56044dcf0ca9L,0x000000000000011dL } },
-    /* 25 << 378 */
-    { { 0xa89e9095f20520f0L,0xb661e4bf9109833aL,0x59a9216a15746d4bL,
-        0x66734a014b9b7b1aL,0x92958d4d87b01cacL,0x1fd10ccd73679175L,
-        0x12a3f35acc92c829L,0x60943f7e876f0493L,0x00000000000001cbL },
-      { 0x8920cfd084536908L,0x27c0cc691195d0b0L,0x8203d7edf0d640ebL,
-        0xc2aa233aa5db5d5cL,0x13dca3e4097a5f7dL,0x95698b5cddbee822L,
-        0x68aa3cfad37f3c60L,0xe481f4454b5db726L,0x00000000000001ccL } },
-    /* 26 << 378 */
-    { { 0x4faf81a13da0fcd3L,0xc4f41b64bf5eedc6L,0x83413747016dba9cL,
-        0x3e386d921053b061L,0xbc1f8c328779267fL,0xfae5180521378daeL,
-        0x4c355e52cf8aed54L,0xbf4cc913379b3965L,0x00000000000001fbL },
-      { 0x9681bfb7b9829287L,0x1f8e11d1d0a0cab4L,0x5eabefb67b24dd7aL,
-        0x49d30515db2856bfL,0xb7fdc303403cf7b4L,0x319eb33d9de58853L,
-        0x7c0a5c445949bdfdL,0xa4de3e0f2cc2f57eL,0x00000000000000d5L } },
-    /* 27 << 378 */
-    { { 0xcc57d8f66ee81af4L,0x0853a12ac61b41b4L,0x1c2547e7fe3ce741L,
-        0x5c804f085be4d27fL,0x470ef59f6b35897cL,0xa0ac230bf6f2a082L,
-        0xdae8427f0e65b7a4L,0xc72903cbe4637dc2L,0x0000000000000170L },
-      { 0xcaf13ad329899253L,0x4ac375937ff415acL,0xeca18182a3e41fefL,
-        0xce65d25d560f469bL,0xea0fd26a373b6eb3L,0x0261286e9b094b32L,
-        0x93f9f0b4d6c2e004L,0x6cca5edad8c82ceeL,0x000000000000010fL } },
-    /* 28 << 378 */
-    { { 0xf0b9ede34dd2d2d3L,0xb06079398c4d1ceeL,0x1ca4ec570611df8fL,
-        0x7f32d19753b914d6L,0x99b6f882dfa4df49L,0xfbe161cfb265f518L,
-        0xc6db288e40c76bbcL,0xc8970e3f281437b1L,0x0000000000000139L },
-      { 0x9d76d4a51a18db0aL,0x59e76809238445c6L,0xa0f52e646a48deaeL,
-        0x3692a8a8338904d4L,0x3fe48d48ba28d02aL,0x9f2130aab958b23dL,
-        0x210a547ecf8cd8e9L,0x46e7623e5179029aL,0x00000000000000bcL } },
-    /* 29 << 378 */
-    { { 0x53f5f5178569de0bL,0x4e6537efa3b8228bL,0x08bfd7df2c494a3eL,
-        0xa3bcb0835d18c56aL,0xe4af9a2015abd36aL,0x09e5e04722ae49d3L,
-        0xc8e36b51c397412eL,0x29196125dfd6ffdcL,0x0000000000000037L },
-      { 0x6693d42066e82af2L,0x4fb5ac25fadfecf4L,0xb164f341bc2eda30L,
-        0x04f0da03df7e18e9L,0x53e083ed285c2522L,0x2f841c4607496d5fL,
-        0x747ed61b427e3224L,0x42d48a2449331c47L,0x0000000000000090L } },
-    /* 30 << 378 */
-    { { 0x85e622f707cff9c0L,0xb8f17575de26c2c4L,0xaa599c8cbd1f2537L,
-        0xa43898660f10a87dL,0xd884accdd54bd70dL,0x4cb6081af85b6a22L,
-        0x795d0348af6068caL,0x2fa1f312111fb967L,0x00000000000001c6L },
-      { 0x80ed98b42ce0216aL,0x11debd5b76a91579L,0xe6e2957b8b468ee6L,
-        0x4342a477d5b0f947L,0xea4dce18e48f5922L,0x52271ff6d5e930f7L,
-        0x957be36854819139L,0xd46357cc2613a69cL,0x0000000000000055L } },
-    /* 31 << 378 */
-    { { 0x2110cec0704bb446L,0x5227cdf087881081L,0x471af5acf3bba746L,
-        0xc4c1c63bddaa6a2eL,0x411d5b30c65b5847L,0x428e1d0e0b7a1558L,
-        0x2b3ee41fa104910eL,0x6dfe7d92a5cb24d1L,0x0000000000000071L },
-      { 0x2d6421d20c322db5L,0x3da59b47ec01fd37L,0x0297ffe5359e020fL,
-        0x772575eb9679d700L,0x22d11608e029b068L,0x6f2151099c5d9d69L,
-        0x23ee93a156e9b96aL,0x3dd497407cf5309dL,0x000000000000011fL } },
-    /* 32 << 378 */
-    { { 0xbe58970d503cfe9aL,0x72000a862dd620a9L,0x5825b2836d0ef833L,
-        0xb88d53b7c706f2c7L,0x5f7df7cd0501f0f7L,0xf1fd2e3b2fa3b809L,
-        0xf3afd9fb557798c9L,0x9254426ab970a87dL,0x0000000000000135L },
-      { 0x577560bee8947e84L,0xc60b998cb0f49a8cL,0x81d18bef9829431bL,
-        0xeaa5fa385f48ada5L,0xba2cb72612db61afL,0xfa9de7ddf3d26bbeL,
-        0x97876d0626881c14L,0xaec866638c84185dL,0x000000000000015bL } },
-    /* 33 << 378 */
-    { { 0x8e48e4e19306d591L,0x4b6d69bfe9712645L,0x7247afac5d8aee55L,
-        0xddf6c68c41f8fc2bL,0x084113863c7c87c0L,0x120957078b0f0c59L,
-        0x46947fbebefc7642L,0x863bdf60f346ed41L,0x00000000000000cbL },
-      { 0x75b2e77916cf6d59L,0x4e9533e6bbea42ffL,0xdce016328f701e08L,
-        0xba39be402e0bc080L,0xa2f9af3ae20f673fL,0x40267291822b60a5L,
-        0xbc77e4c4dbc55825L,0xd05a9f0c76e1abf0L,0x00000000000000a5L } },
-    /* 34 << 378 */
-    { { 0x63fa956e2881ab6bL,0x5f97abe5a6d783f0L,0x344bdf96bcb29243L,
-        0x0472af080c53dc0fL,0x548e9be3e496461eL,0xe42405b45c491e0eL,
-        0x511c368dad995038L,0x8598ee29b972eb7eL,0x000000000000019dL },
-      { 0x0fdaeeaaa63dbc35L,0xe5afbb55acd56541L,0xeb3f3ef7dcfa1178L,
-        0x8ef2f4777f100925L,0xbd0f868ae3e055ebL,0x375cec42990b7aa7L,
-        0xd9208d18c2d32362L,0xdfa689dd976f791aL,0x00000000000000c7L } },
-    /* 35 << 378 */
-    { { 0x6f5a60e4fb6e4091L,0xe2350a12bb9d8f61L,0xc03c9d59633d52daL,
-        0xcf0b5d046e9e386eL,0x3ec86484059f0bfdL,0x26f396363c158dedL,
-        0x608edd54a4550c89L,0x6cb66b6cb7317194L,0x00000000000000c1L },
-      { 0x1cc8c7fdab732b3eL,0xf1855941bc3597f7L,0xcadcddc4802f2f45L,
-        0x95a6da93f7af2141L,0xe555f720ed61d1aaL,0x2a080de97297d73aL,
-        0x8e9cd2c7d3e8e814L,0xfb38e2637857c2b6L,0x000000000000015bL } },
-    /* 36 << 378 */
-    { { 0xc988f588852cd09dL,0x67d21418af218601L,0xda5f50ec0c10a857L,
-        0x504418a30e2b2960L,0x9f44ea6bf4038971L,0x6b5d406a2e458d2dL,
-        0xfc240795801e5fa5L,0x0356185cf7584734L,0x0000000000000102L },
-      { 0x7a948fd177a57d4fL,0x5de3afba2fbb8782L,0x1ae44706bcffc674L,
-        0xb97083b5563f5c74L,0xa91850575466ebd5L,0xf9c3a26cea623a4bL,
-        0xc917551994105039L,0xa570c1c1819c3cdaL,0x0000000000000075L } },
-    /* 37 << 378 */
-    { { 0x46dc6fa89638c421L,0x4cf437b157d0f402L,0x6c0b0445701342c8L,
-        0xf0b14b15d6de77a9L,0x0330a9ea2c12d1f0L,0x7ac4e03e350b8b49L,
-        0x332483357702f7f0L,0x24c3fa9da7f3df83L,0x0000000000000134L },
-      { 0x40137a2bf88c7b4bL,0x00fa0f35cc5d6687L,0x873e236070c137a3L,
-        0xbe8cf5ee9f32b2e5L,0x818f219f5482134bL,0x6c068d2515968a1dL,
-        0x7426988417e92272L,0x8754eee4604a22f4L,0x000000000000004fL } },
-    /* 38 << 378 */
-    { { 0xee6b7f37fad88237L,0x2d162f469c14454aL,0xd67666908adaa0c2L,
-        0x7aad29a762504b81L,0x550d67ce1623cf44L,0x7d50d506ae816ec1L,
-        0x56d5a4f9ffac6535L,0x0bde908295e83917L,0x0000000000000177L },
-      { 0x56a58061dd9c907aL,0xd9d7c49ecd4c54bcL,0x4a9907a4bc6a0d7aL,
-        0xeb86db82f6346080L,0xab70905fd6cc22b6L,0xe14a687600342763L,
-        0xc033b0ad1dfee808L,0x2396008039a9c5dfL,0x0000000000000089L } },
-    /* 39 << 378 */
-    { { 0xf1f290a881e90f0aL,0x458336c79f36c486L,0xa956a20dce22f976L,
-        0x027fc962a8516eeaL,0x7e14bad2c9b08021L,0x698bfa124cc598ddL,
-        0x4bcf3d871d01279eL,0x1b94b7b30114d592L,0x00000000000001bdL },
-      { 0x02fc0a2093157584L,0x92faf06480300f42L,0xb05d7c3f5318f4dfL,
-        0x1fa3eb6f3723e3edL,0x94aac7051da5cedbL,0x50d945d9cc65e3d4L,
-        0x651a7b0c7daa7bf6L,0x4e497b4681a86469L,0x0000000000000052L } },
-    /* 40 << 378 */
-    { { 0x297e708e61fbdc72L,0xf59c64fb4dcb9e90L,0x4a61f848814f38e2L,
-        0x081dabdced48623fL,0x7ca592c953b0cfe1L,0x1462ce03c049d136L,
-        0xb5642b78b47bd071L,0x99e3adbb87d24f68L,0x00000000000001dcL },
-      { 0x643879618e44f3b7L,0xc1910e8c3aa42510L,0x45de7844b07adfc5L,
-        0xdb7910a633804208L,0x77d0ec7574be91e4L,0x3e015cfce842cac5L,
-        0x11c32fa6554fec82L,0x7c43fc38829dc4ccL,0x0000000000000062L } },
-    /* 41 << 378 */
-    { { 0x02ee8b2122993f93L,0x4223000d4723ef89L,0x1c6bdfbfc16af026L,
-        0x116239f3ddb9aadfL,0x14eeb9730c4acc54L,0xf50134a6ffea830cL,
-        0x9ac616a5f1f1d7feL,0x33ffb2cf33eadfeeL,0x00000000000001f7L },
-      { 0x68c32c5dc98eb88eL,0x258448994073d0f5L,0x885f35f066b25598L,
-        0x8410c3f9269b7cdfL,0xee851ec9fb4d1244L,0xd94cf16a0f45f2d9L,
-        0x18846fd1320d195bL,0x31093265cbb27bf2L,0x0000000000000158L } },
-    /* 42 << 378 */
-    { { 0x36f55d29067f0144L,0x31518706a7088a9bL,0x58c145700c4992a7L,
-        0x38d22933424edaf8L,0x75e07014c6ebc015L,0x153a99adc1b7c05bL,
-        0x94ab96cb56b197f9L,0x86645eeeb5eea03dL,0x000000000000001fL },
-      { 0x5f97f0b5125f3db1L,0x981e52e815dc479dL,0x7ba639b09f915ec4L,
-        0x5c27dc763e5a1a0aL,0x350c904109dcfd90L,0xf571c49b5507f709L,
-        0xfa19d576fda7d982L,0x2b60baf9b4533fd6L,0x0000000000000182L } },
-    /* 43 << 378 */
-    { { 0x3fa53846346c78afL,0x3ad12e905ed12162L,0xcecabd5a086ef430L,
-        0xdcc55887eaeef2deL,0x47ef2f7bcd688b2aL,0xd4c09587a1d916a7L,
-        0x0959a988121ec022L,0xf419bde5980a39d9L,0x00000000000001faL },
-      { 0xfed8228e2d3ca021L,0xdb264c8a05dd7141L,0x637f4aa24e4d3e80L,
-        0x49ce73f1be791a76L,0xa9a2d7b25eeabfc5L,0x4961a76bd9e26135L,
-        0xa9af174a2caa9899L,0x8cfe47a6f2b4ec6fL,0x000000000000016fL } },
-    /* 44 << 378 */
-    { { 0x3c3814b8a3acdb65L,0x42cea8683ac121c9L,0x95ccdca1554edbd9L,
-        0xc8127847badd4e7aL,0x8249a372c95fe784L,0x1e5998d520661224L,
-        0xf88a1a0815019264L,0x501ba0a9619de345L,0x00000000000000bbL },
-      { 0x27bce70edabd6eccL,0xbdbf47ad41144962L,0x949d92fd302c2f1fL,
-        0x7ee6077edac7d399L,0x4b1ca3ab70cbd239L,0xbe03cf169c08640cL,
-        0x67d91ddae90bb15cL,0x989110bf3584fe3fL,0x0000000000000033L } },
-    /* 45 << 378 */
-    { { 0x1ca61c2dd76f0dc8L,0xa128cf5611e0f9f6L,0xfe51323b25502465L,
-        0x13ab91d00bc94de6L,0x28079c8f3b1e6a02L,0x38d9d80583cc5869L,
-        0xd6a83dc6dd952429L,0x37bb912864101dadL,0x0000000000000028L },
-      { 0x86036ada8abaa4f2L,0x8f29ab0d2138c5c1L,0x50ae84e55a3f84bdL,
-        0xc1cbb22a565e767bL,0x9b9f37f45a6bd205L,0xad2a69778bb3fbb5L,
-        0x53dbbc715b169cc1L,0x8695b45396820288L,0x0000000000000166L } },
-    /* 46 << 378 */
-    { { 0x957c58ab585f2470L,0x78c7130743ec2283L,0x3c996caae6b95670L,
-        0x6361761891d24b79L,0xe08b5b76a4281338L,0x77269a7a2091999aL,
-        0x83e93389d6fac12bL,0x4599815c57805e7eL,0x00000000000000efL },
-      { 0xddcafd581b749d60L,0xea0911b95dd775ceL,0xb375a06039909bbbL,
-        0x9e821684d7a4a2a4L,0xc1f34df74d520003L,0x427a57eafda0d68cL,
-        0x92e8fd75768380feL,0xc70e584b69988733L,0x0000000000000083L } },
-    /* 47 << 378 */
-    { { 0xbcdc8a861fc73886L,0xbce7b5b885f4eabfL,0xd536699712d0b54fL,
-        0x76ab760e8ac35fafL,0x5da79c8b25cb3d53L,0x435013bd284b22b0L,
-        0x7a9059fffb9c2d44L,0xc8c98a74c8283091L,0x00000000000000faL },
-      { 0xd68585686a560d41L,0x21648ff9f86d0cadL,0x79bae93500f23e11L,
-        0x92b6a5633f41bfe6L,0x1ca24a5ea6ff9d19L,0x12138d86b3a31dbdL,
-        0x7a593f3c4180e5f6L,0x7a93e4a3f75d9718L,0x00000000000001aeL } },
-    /* 48 << 378 */
-    { { 0x77d57155881b7b9aL,0x41639a4746101b26L,0x06edc878203c9899L,
-        0xe4ac1d9648d8ec5aL,0x7cec08752db1051dL,0xaf9facf257c860a9L,
-        0x94ad13ccfa3dd49dL,0x853273184e345924L,0x00000000000000e9L },
-      { 0x9956ad2c84311ec6L,0x3d494579bfb208a2L,0xaa60bb0ed8ccd0a5L,
-        0x6d3d4df518418197L,0x56386035884b2cb1L,0x7a104900464eebecL,
-        0x0785d58b72ebaddcL,0xf5ad930908356589L,0x0000000000000191L } },
-    /* 49 << 378 */
-    { { 0x9cd32d496a0eb239L,0xffc5d2115f947b28L,0xd8fc9f9147a7c456L,
-        0x0aa962f8dabfa006L,0xde49f418f9dc0c43L,0x019ab5542bf89f6eL,
-        0x1feafd6ce086e756L,0x640de15457b70d2fL,0x00000000000001eaL },
-      { 0xa5b450dfb341f2e8L,0x2b3b8dc21fa4d7ecL,0xfe158c5b65700970L,
-        0xc76f0c6c14a4d28cL,0x22b2faa32a1c0cfbL,0x63df95e94f73de9bL,
-        0x649ebafd52ce6fceL,0x1e1e64ad89f379c8L,0x0000000000000128L } },
-    /* 50 << 378 */
-    { { 0xcd7ec65fe314b91dL,0x794c5c9db6d1882eL,0x3be845c193805243L,
-        0x442f9269a76572cbL,0x6a284b3606390457L,0x5017a685566b2b8dL,
-        0x3c429a7e068147d7L,0xe6e676dc3d7d6573L,0x000000000000000dL },
-      { 0xb0e3e213d011d3d7L,0x000fc6342254ec45L,0xe1ae05778f4dba98L,
-        0x051781505eb4cfe7L,0xf48317f98c099058L,0x4aad616562e46888L,
-        0x8b24c7fae08df65cL,0xc6fdaf0725f0f3bfL,0x00000000000001aeL } },
-    /* 51 << 378 */
-    { { 0x54b4c7c446b8ad3bL,0xa20b60629f0c5ef3L,0x6bfd32c40430b0bcL,
-        0x6a9e2a3514c0b78eL,0x0de18d29d1bc6260L,0x9e69f8b6dcacf599L,
-        0xf46879ae0342f0d4L,0x3a97c39069b78c8cL,0x00000000000000e3L },
-      { 0x0d979410c49c5e32L,0xc8ea1cec45e6c311L,0x535c6afae971af26L,
-        0x2d1dfd6cecf4a950L,0x542ddbffbb1970d2L,0x8e8a91100eb842aaL,
-        0x5b8b960b6529ed29L,0x6783066072a2a6ceL,0x00000000000000cbL } },
-    /* 52 << 378 */
-    { { 0xa58e52d8f7a4d317L,0xaf23bf92dc6f7aecL,0x70121c821c520880L,
-        0xf68499f37bc182b5L,0x0edc4e6fb02b3e34L,0x4378badce425564dL,
-        0x3b74b05fe75eb0bcL,0x5a234bae599d4d45L,0x000000000000011bL },
-      { 0x3094e3c091572efbL,0xc370662f6f509233L,0xc741ef37beb6af1eL,
-        0x5e1d62655bf3bbd6L,0x39044bc61029591dL,0x05ff006b7c1724f3L,
-        0xde62a8fca492bb41L,0x9682c9ebd3f4a832L,0x0000000000000159L } },
-    /* 53 << 378 */
-    { { 0x06101e47154beb06L,0x8a47bae12dd56ba5L,0x976db80f6a6e6cbbL,
-        0x301b4afc4cb3e0c5L,0xdd64084a266c37a9L,0xa07718a2cb920e87L,
-        0x9ddf6bc5d55d3754L,0xaaedcf9b5f737e92L,0x00000000000000dbL },
-      { 0x635303c5597c9f7dL,0x1808eca68f6f1955L,0x4ab48d642f11e00dL,
-        0xa458c021206d04abL,0xa008af7312ba62a0L,0x5eeaf4ca985ad01dL,
-        0x1bcc70a06bfde38bL,0x2e6677736abc5c8cL,0x000000000000009bL } },
-    /* 54 << 378 */
-    { { 0x989800d0d51106fcL,0x414919311337369cL,0x1789e03117476c07L,
-        0xc38797d77a766687L,0x1eca11cde24df708L,0xe7932afec333cebfL,
-        0x521256dc587ca6d4L,0x175eeb6278afc48bL,0x000000000000019dL },
-      { 0x9bcc1e605a409618L,0xb09ed90848452cb0L,0xc5b18a20839bb71fL,
-        0x1137bdbf58d1f0ebL,0x4a020da2d9349073L,0x86cb98f90426e19aL,
-        0x734d928504ee89f2L,0x2f82c2c9578df861L,0x00000000000001ffL } },
-    /* 55 << 378 */
-    { { 0xe119b7ec4dc900efL,0x35ef1e2ee7f6b120L,0x6c02b0384a8f5961L,
-        0x8b99d41eea69e482L,0xe43de7767de16897L,0x48c7f64aef564cc0L,
-        0xfa0d48d3b3691c55L,0x27688e1d0cebe168L,0x000000000000012dL },
-      { 0x192bab59f1e8aa56L,0xd9bce84222664c4bL,0x73dee69a5fbb90dfL,
-        0x973907e9678eec7cL,0xa1568020dcefce7cL,0xf0a37f14c72b6736L,
-        0x3c5ce56d115d70abL,0x4c444963700cde74L,0x0000000000000027L } },
-    /* 56 << 378 */
-    { { 0xb32047f1686b8e76L,0xc292c8960fead8feL,0xf552fe3f3d1bab8cL,
-        0xdaa248af483f96f7L,0x2ada20d3b898320aL,0xc0e0325ce0ee1e67L,
-        0x4769dc2e72f55358L,0x33cb916bbf19057bL,0x00000000000000ffL },
-      { 0xc1673b3e8a2a8023L,0x39484339b3d830bbL,0x91f2b0f7fee1a7e1L,
-        0x0e2da8d5eeac1c7fL,0xaa77624c0292b469L,0x0a57d873d551849dL,
-        0x6c78f50f595c052eL,0x33be2fc03744d368L,0x0000000000000000L } },
-    /* 57 << 378 */
-    { { 0x2a44d59cb95bfbc7L,0x02721445757b2e4cL,0x9a35c0d0c4ba0fd1L,
-        0x588679287bbf16cdL,0xb250c3b6cd5c4373L,0x1334f593a72dc1ecL,
-        0xc729aec7e9dd1186L,0x7d783ee76442117fL,0x000000000000006bL },
-      { 0x94d753e01d0c3d58L,0x3c96b6b638fff1d0L,0x0165d4cf9f22aedcL,
-        0x565ce447eb09ecb2L,0x916ab8c27d1b5fc8L,0x759049861fe28f47L,
-        0xdc0172730766822fL,0x295b6799ba9ddf82L,0x00000000000000c2L } },
-    /* 58 << 378 */
-    { { 0xeb2dc700fd394524L,0xfeac25e1d144a193L,0x9b9e20d4d700de34L,
-        0xb7de3dcdcae6c578L,0xd2b130fc64b8c44eL,0x2f38b9c6c0a24c78L,
-        0xbc0c4d2339c51692L,0x09fc3bb7f0a87c29L,0x00000000000001eaL },
-      { 0xc0146d59288a18cbL,0x0390fff82057898aL,0xf50646cc1a248697L,
-        0x2866b5786190c9bbL,0x2179a3e5f18b0d82L,0xa1467d4b6d1550d5L,
-        0x3f764ac4a485f508L,0x713e87e7b16d9964L,0x0000000000000038L } },
-    /* 59 << 378 */
-    { { 0xb78b208d153147d8L,0xbb8fda83f5aba599L,0xa17bebf0692f8e10L,
-        0xea3ce68fe2f61fd7L,0xce34d743f27289ebL,0xf8dc8834a6ed4d37L,
-        0x7823bdc45a72a376L,0x84253be985ccab89L,0x000000000000001bL },
-      { 0xc52b1b18edd17c50L,0x855aa457278702eeL,0xa4df8b06f0d89cc4L,
-        0x9711592b7d65576fL,0x75ddf111029ef7e8L,0x66e25d8b3d858f44L,
-        0x61753b0680ca5a3cL,0x40b270c67025f431L,0x0000000000000026L } },
-    /* 60 << 378 */
-    { { 0xbc3f4c479d702e02L,0x6a06f96d86c216d1L,0x9469cef28c2dc6f3L,
-        0x753d64d2c98d9271L,0x7c7ec13b051508c9L,0x7b94098d95fd48e2L,
-        0x724358006bb4f8d3L,0x01d3f3d188eee18aL,0x0000000000000039L },
-      { 0x764baacf1a6a057dL,0x7d880282f7326213L,0x37c2394043d2615bL,
-        0x7e09836a6eef57deL,0x3f7e265cd790bbf6L,0x10025e4549a4f757L,
-        0x515d51bbdcb5b373L,0x05699be5f534f5fbL,0x000000000000005eL } },
-    /* 61 << 378 */
-    { { 0x7edb67b24d9df16eL,0xbeb1fd5b9697647eL,0x47a1a16ea9c068ccL,
-        0x2c834cb2b36fc492L,0x120019eb5e7d068fL,0x34074d5a2e4afc37L,
-        0xc2e75a089febffadL,0xf789c01d12a0b113L,0x00000000000000ecL },
-      { 0x7cc8481c4f63e95dL,0xb6f5e67341ec8492L,0x4feee2f212d6bbaeL,
-        0xc60be12a62737198L,0xce48ba8d9388c8aaL,0x7e6b28eed47186dcL,
-        0xd62fb8a0145ae15dL,0xb08e7f37a6edd2adL,0x00000000000000b3L } },
-    /* 62 << 378 */
-    { { 0xc9101947f1a2cfc7L,0xe3b88442fe8ff8b9L,0x61ba92f3ab98fcceL,
-        0x58bb6747b2128502L,0x91ea81ead23a937eL,0x8d0846ad6a138d6cL,
-        0x9d4b901e5ec186c5L,0xe2cf1d36f0cf52fdL,0x00000000000000a8L },
-      { 0x3cd95aa50fe009e3L,0x933f220bc246d7faL,0x325b953ec0d3f179L,
-        0x366196e9d25f08d1L,0x1b47a8966b247f04L,0x7e304fe85044a3b6L,
-        0xce4199cc201f4438L,0xd816ed7de850cf8aL,0x00000000000001e2L } },
-    /* 63 << 378 */
-    { { 0x8052bcc2eafde3c6L,0xd80dca3e9b9351c6L,0x957a0b78e510ec55L,
-        0x6cf7a4d7d0f3d49cL,0xb55b5ed2e3708855L,0x94ce53a450515ef5L,
-        0x752e68fdcccde771L,0x95b49c5d4b31604eL,0x000000000000009bL },
-      { 0xed84542a33b84ba0L,0x41656dafcf833a49L,0x60eb8d9113262619L,
-        0xd351476cda206701L,0x67d4bb1c5e340587L,0x9a8ae0da903f6673L,
-        0x5801b4bb90cff4e4L,0x6a4aa36bf8cf6d47L,0x000000000000002dL } },
-    /* 64 << 378 */
-    { { 0x442ebf300bcf3b88L,0x4b863857dc5bfd2bL,0x632a1056c50960c2L,
-        0xdbf49444c9d74020L,0x335f464b78287d19L,0x0cf8d5c75c490a63L,
-        0x4f9d9bd7d7d2d2c6L,0x1490fb61ad52d8a9L,0x00000000000000ebL },
-      { 0x42aabe7434a088dbL,0x871248c89e5b69eeL,0x7d624d6e55a87edbL,
-        0x81bc0bcfbaee4473L,0xf450c5ad9559a1b0L,0xa604379cdf4c738cL,
-        0x36b304e210ec0574L,0x948a50d38d8cf3d9L,0x000000000000018eL } },
-    /* 0 << 385 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 385 */
-    { { 0xc6ecf2f55565eb6eL,0x05e894602b260a3dL,0x459e260432c54616L,
-        0xfbf40aab47dd43acL,0x54d5949f9ad0b934L,0x992295a5cea0eef4L,
-        0x8a5af63cd5520b7aL,0x536ae69fa7f1ffddL,0x000000000000017bL },
-      { 0xddd868a73f0bc9f5L,0xb33a39d1bb82dc6dL,0x878d8aa048953ce8L,
-        0xf2a35ce29802f566L,0xa2b9188a07f25b60L,0xd01fed060933ca89L,
-        0x89013fce3114f728L,0x8128fdbe87828fadL,0x0000000000000054L } },
-    /* 2 << 385 */
-    { { 0xf20e17f13f9fa837L,0x0f66494807db1380L,0x5bcdc63187f0c342L,
-        0x56c64eccbd3f369bL,0x5e2dd96811c76666L,0x77a37823dc4303ecL,
-        0xa88173a174b208cfL,0x1c6268951af41e96L,0x00000000000001c5L },
-      { 0x72da351465467b39L,0xa97a3735ce45abdbL,0xa1cb4a2cc98eee0cL,
-        0x03dd02d494c63a07L,0xd22b087a3b2689f6L,0x5a50b83c3043678eL,
-        0x069adf5f844a417cL,0xa9eb7a19983fcfc1L,0x00000000000000c6L } },
-    /* 3 << 385 */
-    { { 0x4abf6de480e0c811L,0xfb0db238cf33e5aeL,0x3f65131865638f5aL,
-        0x93e5d62e41078c4bL,0x53ec3d90b4b44d9bL,0x9fe564607ddcf3b9L,
-        0x4714385079848b05L,0xbd3495a99e60315dL,0x0000000000000144L },
-      { 0x90409b61670bedefL,0xf0b1baf0b61f1014L,0xed3ccb5ccc4ad55fL,
-        0x391b2125ebc6a449L,0x9f49ab65c399ddd3L,0xf7706ca403eddc81L,
-        0xe42d1379579211fdL,0x9452b0d11ede88c3L,0x00000000000001fbL } },
-    /* 4 << 385 */
-    { { 0x984da95de0ea0baeL,0x7769cffa3ab813baL,0x02fd64a784cc8b68L,
-        0x138655f25ea90ed5L,0x71074c7c40b410c4L,0xf3971b004a05f173L,
-        0x113d8242d36b4f4dL,0x63bd460f4cdd1b0eL,0x000000000000015bL },
-      { 0x26bfaf816db9fe99L,0x001943c40a3c3a72L,0x258eccec8adf321fL,
-        0x8bf97f30f50d775cL,0xa7b60597e6899fbfL,0x622bf2cb49eabd50L,
-        0x9ff457e9b19e9649L,0x607570fde2dbb651L,0x000000000000010aL } },
-    /* 5 << 385 */
-    { { 0xf878768dc39ebd2dL,0xb1b035621b3a6b46L,0xe72832d029c2b56dL,
-        0x218d6d25056bd4caL,0x612ca701aec98ff1L,0xe163cfb4087e18faL,
-        0x87de2193c2bec7a0L,0xd4021463b488ad62L,0x0000000000000063L },
-      { 0x0edd28a4b8a8a68fL,0xf1ffbbca57379793L,0x35148b571e59f460L,
-        0x05e012671c86cefcL,0x8a9be0b60125bc67L,0xe7e5a7b6ba39760cL,
-        0x6f2c362f681eeb77L,0x6da71b8a21896363L,0x00000000000001f6L } },
-    /* 6 << 385 */
-    { { 0xeef26ae3c25300f5L,0x8bbffbbfb5cd52d2L,0xc6883fe52008ae5eL,
-        0xd9c9a0c8e2b01d57L,0x9acae3b306c31ab5L,0x7b2f19eb43b0c30bL,
-        0x95d3152ab1298985L,0x4794f0ec5f12ff03L,0x00000000000000a7L },
-      { 0x3bdefa96ef21ba62L,0x3b32556422a57592L,0x573f6bb2555fba4fL,
-        0x732ad6b3bae1a0fbL,0xfc41bc29a2761ee0L,0x621784f7aba990f9L,
-        0xd4ba1ab2e48a868bL,0x66312db4d1399b20L,0x00000000000001d9L } },
-    /* 7 << 385 */
-    { { 0x8049507015ff7901L,0x1478179a05613016L,0x59efd46ca8be1593L,
-        0xbd1f8e76113933ccL,0x09e6abf36992abb5L,0xc95822eca1d045e8L,
-        0x7436d5981f6c515cL,0x8d7c824f1bbfbeb2L,0x00000000000000e4L },
-      { 0x7d026a123aa9274aL,0x830bfca50bd883d5L,0xea9b5934fbf1bcd7L,
-        0xbf8c71836b06d84bL,0x4c0885bc205fea9cL,0x5fed94ad4cff3b03L,
-        0xd9f7b8f98be81d5dL,0x64d908c6893fa1b5L,0x000000000000007cL } },
-    /* 8 << 385 */
-    { { 0x51318ac974ba879aL,0x23723b6da68b584cL,0xa7872bf002ac441eL,
-        0x1e0c8fd665c7b9f4L,0xe8e3bc24b893449dL,0x2e83c6b8f06e02a6L,
-        0xba754c0178d50ef5L,0x7c6c06ef2c547c38L,0x0000000000000132L },
-      { 0xabbfe4266dee6431L,0x2d51aac612fd88eaL,0xc6f215251c83591eL,
-        0x85c550e59ee42180L,0xe1a4297da8cd1c50L,0x28f07cf6b55723cfL,
-        0xbede788e4113977bL,0x8c7572fcbedaeeabL,0x00000000000001abL } },
-    /* 9 << 385 */
-    { { 0x60221dac8c4046d7L,0xb29cba0533e800a3L,0xadcc3238ade5ecb5L,
-        0x7c31f4169d44fbb1L,0x404d9db9fb584dceL,0x7fb5b64fb56640c3L,
-        0xac38556d5e0e529dL,0xafa97e58214dd3d2L,0x000000000000008dL },
-      { 0xa24be8f4a0417228L,0x0b7b8efb5859d256L,0x70a6c4f46d40f4d3L,
-        0x02c765814b0aa0daL,0x353a45a5197e7128L,0xf9bd691dbb79a5f7L,
-        0xb428835a81ff0839L,0x89031e1bf8d35083L,0x0000000000000062L } },
-    /* 10 << 385 */
-    { { 0x92ad8865b1b131e3L,0xa2d8e77b3103a569L,0xd081c2a22d46d978L,
-        0x7f1757fe957e5123L,0x258ebe578c2f4a29L,0x67dff774bb023960L,
-        0x348ace6f79bb89e6L,0xaa23d41e5297feeeL,0x00000000000000adL },
-      { 0xbe8697e4a856e349L,0x2d3107c7e737bc92L,0x19b99e2f3e58c73fL,
-        0x11837e89c5062b4dL,0xc2a68bd6f73092e8L,0x80babf047dbc2becL,
-        0xfac9c42fe03d29beL,0xb7e929a3aca6ac1dL,0x0000000000000035L } },
-    /* 11 << 385 */
-    { { 0x8c4765f47229f2cfL,0xc8572c7d29c7e408L,0xf7bcff0b98553b8fL,
-        0xbd8e805c1c3e85c1L,0xb2d8dc14369c9dbcL,0x63b17347afd0ed33L,
-        0xb3f90b99d2d47136L,0xf1fadf5488ebb89fL,0x0000000000000052L },
-      { 0xe04cd6862e48f6b6L,0xf76ec1fa7a543a03L,0x20b50eebf9327d53L,
-        0xd9309aa39cce80c1L,0x3997de2cb01adc78L,0xf4a8fcb0aa455bcfL,
-        0xae359685f0199eafL,0xc8bc160985a31115L,0x00000000000001e8L } },
-    /* 12 << 385 */
-    { { 0xcbfda2506cdfcf62L,0x53113f8f15d70806L,0x4cf4b5dce80c79e6L,
-        0x14c33f38b5232e2cL,0xce68bf8a96819808L,0xff81633abec13a2dL,
-        0x969a055f1f77912aL,0x82aedb5c17822f63L,0x00000000000001bbL },
-      { 0x69352a3bdb5017a0L,0xc3ece4982392bd59L,0xdca599bd1b712201L,
-        0xed41a64f4b6bb033L,0x99b107acea5c5ac2L,0x504405d0322c3dbfL,
-        0x5fbbedce26ed81c2L,0xccbc266dcce08f72L,0x000000000000008fL } },
-    /* 13 << 385 */
-    { { 0x4dc83ee2d1ae29fdL,0xbaa31bd4bafce02eL,0xfa74ddcf5d8f2ed3L,
-        0x14b7d53567047459L,0x66b98c8706389572L,0x8215c3ab0a7617b7L,
-        0xd14796ab06956b2bL,0xc80fd323b54dabacL,0x0000000000000130L },
-      { 0x7400113068d54d81L,0x11823157d23ea02eL,0xaba5c32f9bb04c0aL,
-        0x0f99a803a3c680e4L,0x05264fe5ef58a7d6L,0x67e9f52cd303758dL,
-        0x4242203dcd5c1e1fL,0x98bea8cf604d23d4L,0x00000000000001ddL } },
-    /* 14 << 385 */
-    { { 0xc261b128c9294e78L,0x7e683d7ab56d383cL,0xa2af179eaec454d9L,
-        0xb6fa2f8e64f12f29L,0xc0f33050e8ab3d63L,0x333793a2bd5691eaL,
-        0x5db823fc3b368830L,0xf546d32a6a84ada1L,0x00000000000001c4L },
-      { 0x43664d6eac1380a1L,0x2c04be94f4f0f52eL,0xb9371f7f106b47daL,
-        0x110a17dc191734f1L,0x9dc73cb428b143e7L,0xfa1c936f7fd60d8bL,
-        0x7bf9010f2b6073d9L,0x1bb64c7ebece22e1L,0x0000000000000119L } },
-    /* 15 << 385 */
-    { { 0x25fbd37a93744747L,0x33a9d3b70c1a7fcaL,0x989f96796ae94f7fL,
-        0xe2106d35e67bf578L,0x07fc53faf949bd10L,0xa8157d4460c12a97L,
-        0x075634bf35cebe07L,0x71e2a9cdb340fcbdL,0x0000000000000121L },
-      { 0x1ffb67f0c2e6d92fL,0xbb9c28bc18900dbcL,0x3fe4feedc24b9a66L,
-        0x28e9362d04596798L,0x10ba62895c8dc108L,0xe68c61d13a1458d0L,
-        0x13d1e0ad364d8338L,0x123d93809d04965bL,0x0000000000000140L } },
-    /* 16 << 385 */
-    { { 0x72916be74e6df03bL,0xb14241ed090a7b6fL,0xec0532fbcf5e6f43L,
-        0x750cd95b680383c6L,0x2892d449c7cd9543L,0xf0550587d5d3ad9bL,
-        0x3b330694e9c29c0dL,0x6fa03173bfe6860dL,0x0000000000000111L },
-      { 0x6d55b870ab75c854L,0x156f9a4002f049f7L,0x72e2093bfa48732aL,
-        0x4ba2d6cb9a3c272dL,0x58102be5d89ba292L,0x4074f320b3c5c3b0L,
-        0xb478c05ee462c677L,0xebd4978f97182fe6L,0x0000000000000182L } },
-    /* 17 << 385 */
-    { { 0xae41de76e2896c2aL,0x1b2602cc3c601237L,0x9ae2e0c9af035deeL,
-        0x209a883c726c6673L,0x9a58dd920a725ff4L,0x4f8eceb3832a10e3L,
-        0x6c4d809c573317f8L,0x9121d8eac82c2a4cL,0x00000000000000cbL },
-      { 0xadff98fb9601c342L,0x2d42a3a3bae085d2L,0x5cf981d50ac42277L,
-        0xcc545cb079b74c44L,0x1adec8675675aa3bL,0x78603cb5b8e8ddb4L,
-        0xe48875e3002ae8bfL,0x6839bf245e1cb314L,0x00000000000000bbL } },
-    /* 18 << 385 */
-    { { 0xf8fae13deca4dddaL,0x671c8c158c52a92dL,0x5cb3ecc642bbc3c4L,
-        0x2ce7feeb00cf0233L,0xd7c0cb28aa604a63L,0x4a16938b01f87be7L,
-        0x17016645164102ecL,0xb8909311c9d1539bL,0x00000000000000b0L },
-      { 0x9567501142c22cc8L,0xc848925de932f6a0L,0xe4e700a4cd544b40L,
-        0x026bbe7378d519e3L,0x90b7fb394152421aL,0x4e53739aec641e36L,
-        0x481b7945122113b7L,0x49f3857d6b608fabL,0x00000000000001f5L } },
-    /* 19 << 385 */
-    { { 0xacef52d7c680deb3L,0x5387587420059de0L,0x1644e4b1f12a16d1L,
-        0xc1fbfe45c593cdcfL,0x4408421f5d780052L,0xbc641892768b8368L,
-        0x026a2b172ca3e625L,0x25d8c18e8294dd5eL,0x000000000000004aL },
-      { 0xf32800d6f856d7a9L,0x9c00ffb281a1f59fL,0xd4140fa9178c667aL,
-        0x7f1e6c729c9e0df2L,0x5f77c3089371c816L,0x38e375d72850e31cL,
-        0xfbf767e334b9cb0cL,0x69d86303ea279d88L,0x00000000000000b8L } },
-    /* 20 << 385 */
-    { { 0x6d3407e582d09cebL,0xc82381149c2bbfb3L,0x2305405592b91258L,
-        0x8c29220ab1b79073L,0x6e2cb5dd0dc5de61L,0xc93055237d359d6fL,
-        0x73cd337ac477e64fL,0x86a3f9fd7e8a066bL,0x00000000000001bcL },
-      { 0x0da1223f1b1fc70dL,0xc3d2d816b3c73ba0L,0x3a52c249c299cb6cL,
-        0xdd532fb9d7dfefa6L,0x2709093b148749ddL,0x920933d71472abd4L,
-        0x5cbbb77a1e9c9913L,0x582303e159854987L,0x00000000000001feL } },
-    /* 21 << 385 */
-    { { 0xd952ed9293f30e54L,0xf2283ddb40dfd445L,0x081f0864238b3390L,
-        0xf19b4cdf2a2746daL,0xa3328cb41ad23d9bL,0xdadef9c990130bc0L,
-        0xc12002c460008b07L,0xde3d9eb4c595f30eL,0x0000000000000022L },
-      { 0xfe6ef607efd5a387L,0x4cf4797c5e1e8932L,0x8f86442f05605d18L,
-        0xff1f353769eb95f0L,0x79fb4e69e1868299L,0xb39a34470ce7a27aL,
-        0x4c9b1dc040717364L,0xd6b2243f73ee2b9cL,0x0000000000000115L } },
-    /* 22 << 385 */
-    { { 0x1df547c1006a1b02L,0x75d489d5d0ae81b3L,0xd41b67c625b28229L,
-        0x4032ac036d8b9daaL,0x274a3d504296baaaL,0xbbc28a28b538dd5fL,
-        0xcf1f5a62d4df39dfL,0x56a0cad5d4f636b0L,0x0000000000000142L },
-      { 0x09732bfacd4a1f6fL,0x00b7aeb0011da78cL,0x2c967709103ab2f8L,
-        0x47d6805e9f83ec41L,0x67ded88e17c4818bL,0x81d03ea39249a058L,
-        0x5fd3a0fa51bce6abL,0xeb113e83c0a0c60eL,0x00000000000000f2L } },
-    /* 23 << 385 */
-    { { 0xcacc5334dbf7ffafL,0x481e6074e8597feeL,0x22aaa02633a987d6L,
-        0x77e8e0fe6243bb61L,0x786b31ce6f7f8afcL,0x438f8b23c3bfd839L,
-        0x86b7cfbfb8cfe3c6L,0xf996706fa357ffdbL,0x0000000000000184L },
-      { 0x0c3da18e104c5c98L,0x34545c356f3e682eL,0x4f1af92d2894962bL,
-        0x009941c8e16a8ea8L,0x6af6deca88a739f4L,0x846dccbc81b41d5dL,
-        0x867b168b1c5ffc95L,0x58edec94a80e7d65L,0x0000000000000111L } },
-    /* 24 << 385 */
-    { { 0x32c0cf8f2b1148ccL,0x881d8c7cc2086aa9L,0x6b25daf57c9fd47bL,
-        0xbfbb7226cd5ec48bL,0xf2b79deb9f2307baL,0x03d30de55fcfb278L,
-        0x4b2d3a4671ef137bL,0x4e4a24b1cad4495cL,0x0000000000000173L },
-      { 0x363160471ecfc10cL,0x8a4ac3bd75c27aadL,0x6fd1abefca6f6103L,
-        0x6ab15369b741c7ccL,0xdb25d3cd86719621L,0xe0d34a98ee85249bL,
-        0x25beecea370efc6aL,0x7d8a2ffca2cefbf6L,0x0000000000000057L } },
-    /* 25 << 385 */
-    { { 0x2b88e77fedb6e29dL,0x900de27858445e1dL,0x522be722d81ee6b2L,
-        0xb9847465d06e0e28L,0x395dc5cc82b6650eL,0x3fd0468d0c60d859L,
-        0x6aa7a4fff3820f0fL,0xb90a772a88d99f9cL,0x00000000000001dfL },
-      { 0xe2befebb447ef8b9L,0x24f508533c891b0eL,0xa8aa0aaa3230c6eeL,
-        0xa73632633dd77107L,0x46e85896920f93c1L,0xf72d7453b2104594L,
-        0xe5a8f1c909ceb433L,0xd2b8190067e39bb2L,0x0000000000000168L } },
-    /* 26 << 385 */
-    { { 0x1493570cf66b1750L,0x50fa5ae6f33cd4bfL,0xfbe2a3ecf561f917L,
-        0x4b258b77bf898f7fL,0x02d1ec70beac2642L,0x564b6272573b8580L,
-        0x8feedbf9ac5126d0L,0xd28fef1ae3a6f0e2L,0x00000000000000c2L },
-      { 0x75b483070a7958fbL,0x38a08c5c739a7ebcL,0x2fbd9f56e113feddL,
-        0x99aeade0627d745bL,0x333b1f30c79028d5L,0x4d2b246a3ac98d41L,
-        0x27bbeec3a17ca8a6L,0xd112ea7715c67437L,0x000000000000006fL } },
-    /* 27 << 385 */
-    { { 0x0605b9c712740e86L,0xdb6fb159ee416603L,0x1f40031e378c94c8L,
-        0x9e927ae7e0c09055L,0xfb48258a00745eeeL,0x17a704069ead3088L,
-        0x5e2bde8a82fa07ebL,0xcf976c7ddc554a08L,0x00000000000000e2L },
-      { 0x999adaffe0db5952L,0xab1e9977d27441b2L,0x866e1f16e9f1eeb0L,
-        0x72c71bd9ddbd25bfL,0xedd79e2a7b597c62L,0xc6f23d50844b5124L,
-        0x0709f4d02bd5cd8fL,0x5073c53ac01ec73dL,0x0000000000000196L } },
-    /* 28 << 385 */
-    { { 0x225e32b66f12962fL,0x65011534fcab5e88L,0x862db9d870ef87d3L,
-        0x4d97fd3e79bbd513L,0x142eccbffb7fb6dbL,0x9e775e1506e8b3acL,
-        0x6f6d15237bb36a4aL,0xd9b2a0b0c852c087L,0x0000000000000001L },
-      { 0x9fbaa9b411ee4180L,0xc87d89aabe044a8eL,0x60d2115a9d92fa69L,
-        0xf8e31c6d7ba7b5ebL,0x9932329bb6df0134L,0x6c01970a3bc69b2aL,
-        0x6737c958226ddb54L,0x3093ac432e11e8a2L,0x00000000000000acL } },
-    /* 29 << 385 */
-    { { 0xd55aab0baff63fb4L,0x157c404a98f804d9L,0x9093d56a62ac263cL,
-        0x8b2a1a6b7a1d63deL,0xdbb15dd256b07744L,0x53d216cc32950c7dL,
-        0xbd3ba7f922f29864L,0xaee5533c0b98ed47L,0x00000000000000aaL },
-      { 0x09e3a1ebc42105f9L,0x1bf3123ae34db19bL,0xed30f15386624ffaL,
-        0x591b7778c2514f17L,0xdd3df3dcc880f93eL,0x97d5affb755e1411L,
-        0x9465d5cd7316c386L,0xafe559200ce1ed81L,0x0000000000000161L } },
-    /* 30 << 385 */
-    { { 0xc5fdf2cd62f1c1fcL,0xb0646997d3c5ca15L,0xf1c45742869d0aaaL,
-        0x1a9c6f309fad74f5L,0x093dcb0c3c18f5cdL,0x00d14f2fc8ca593dL,
-        0x3f70f7e63c4f17a2L,0x39881e1d95d3df06L,0x0000000000000035L },
-      { 0x7afff24c258658e9L,0x5a4cacfcbade261fL,0xfe7767120735bba4L,
-        0x85ba530a9c82c1f3L,0x5769e18fe973b899L,0x18db2bc75e4fcfcdL,
-        0x9333ceae8e06e55aL,0x458767f2aac217feL,0x000000000000018aL } },
-    /* 31 << 385 */
-    { { 0x7dfd1fd9ca2c4cc8L,0x5f1a04ed9f267faeL,0x444c8449586d471bL,
-        0x02f37da060b87610L,0x6eaadf6d90b1267cL,0x6424f0e60c425c19L,
-        0xead76c1e5979d19dL,0x97135c570b5654ccL,0x00000000000001cfL },
-      { 0xfec92d05477c6636L,0xb5480096c82d5536L,0xe44d98c2c2f86198L,
-        0x86c2ec24cc6a078dL,0x7b95096318833141L,0x7dc32105e34fc08bL,
-        0xc28892a13971cbb6L,0x463463058d0debb6L,0x000000000000007bL } },
-    /* 32 << 385 */
-    { { 0x70148a3a1b27f40bL,0x4ce48c61b7c6cc7fL,0xf6ee8026e7beaad3L,
-        0x37eaec76d11ab074L,0x060f2ede99c1a334L,0xe9ce92e469150184L,
-        0xf90e484852d73bb0L,0x0436a9bf01b5ae4dL,0x00000000000001abL },
-      { 0x3f83381640d46948L,0x318236b2fc39fcccL,0x8835b602122bcc3fL,
-        0xa430b37b965ac801L,0xf448ea0fbd0585fdL,0x49e52f74252bb5dfL,
-        0x810768ae1085ace7L,0xa8ceb3299242e43fL,0x0000000000000189L } },
-    /* 33 << 385 */
-    { { 0xbb72e5ce86bb6ae3L,0x749128972db25cfeL,0xb7c395b6f4e593d4L,
-        0x372cf85ccdd2d6eaL,0x445a6b38d1b19db9L,0xe2f1c5aff02db1e5L,
-        0xf40284f827342884L,0xd719e46f7ff61a12L,0x0000000000000193L },
-      { 0x85eef4cd0c3e37e9L,0xdaab82657d012a8cL,0x53fd0cdf23c548daL,
-        0xc34d267335e40658L,0x2632c0ec6bead888L,0x56b52a6c28040011L,
-        0xa61cba5662cd9b3aL,0xd6c1e7a395ba9887L,0x00000000000000caL } },
-    /* 34 << 385 */
-    { { 0x0f3c881065ae1e9fL,0x799b5a9cf0ffafdaL,0xb34a3084f57f8537L,
-        0x457b247d9712dd17L,0xfd397b692a860504L,0xbb9d2244c382e2faL,
-        0x183b9ddbc05020bfL,0x6f191b5ad4db7efbL,0x00000000000000ffL },
-      { 0x4939abecf2576b34L,0x6e5798a1eeec4778L,0xc3df13c2b3b7580aL,
-        0xdff5b312ac675c29L,0x778a0194555b2cb1L,0xf9cae67a3f92285dL,
-        0x97ce17b1d7de701fL,0x8a9fd15db49e90c7L,0x000000000000010dL } },
-    /* 35 << 385 */
-    { { 0x3a7f3f9d32ef9964L,0xe88455e705b4501eL,0x068b8e3e93d07babL,
-        0xdc8519791ecf38a9L,0xa62a62579f9d6f8cL,0x7ac87da256aa5868L,
-        0xa40029a323a119deL,0x2e49e7d41bc4b0b8L,0x00000000000001e1L },
-      { 0x927eadf7c6307f61L,0x2dfa993d9c5dee17L,0xa5797580174f907eL,
-        0xc72b1db10a1a1a63L,0x138d2381a926cd5fL,0xdbe05d6d4c571edaL,
-        0x2d7239fa034e513dL,0xf768ed948d94b578L,0x000000000000003cL } },
-    /* 36 << 385 */
-    { { 0x222bc61f3aa3ae2bL,0x0b4319f85d0a7022L,0x57b1ba9af02709c2L,
-        0xc67d4a2175d1c7a2L,0x57f3c2dd4dbde7afL,0xe0540e677f154d4dL,
-        0xd326611a854758c8L,0x76d36182953b2828L,0x00000000000001b8L },
-      { 0xcaac624b594e7756L,0x29d87d7566978fb3L,0x7db2834f1a86fec9L,
-        0xc3fdaa53e1e61a46L,0x3247175b496c598cL,0x2a3665e118def4f0L,
-        0x7f16bd2286744f3fL,0x1d857a5588d6bb31L,0x00000000000001cdL } },
-    /* 37 << 385 */
-    { { 0x18e8c833b3916e3bL,0x50322ed8a25a77a8L,0x24a82c230f33743dL,
-        0xd72d2a918dc8941fL,0x97ec76addc5e62c5L,0x37f2aeaee2b1f956L,
-        0x0404f85aa5a4cdf7L,0x2731e35189098b68L,0x00000000000001eeL },
-      { 0xdcd6fb17be2d5536L,0xb6e4ddfd2a940f5bL,0x8f9be7ace6efc7aaL,
-        0x0c3dc0406bc2863fL,0x9e250a533e9db65bL,0x565400b82775b5f2L,
-        0xfbc78c75fbf0a926L,0xfd96db6c14630b19L,0x000000000000012dL } },
-    /* 38 << 385 */
-    { { 0xd1d64c7e70cb0e6fL,0x997708567217b5b6L,0x037f050cb96d710fL,
-        0x5c378b693989e449L,0x45f5ae2c0daa4766L,0xf536e14e7cdc17e5L,
-        0xc2e3f81a4a1e7c0eL,0x5e72b0196a5b8147L,0x000000000000005dL },
-      { 0xe084cdca97933356L,0xf687802de0f5495fL,0x04ef1478fb3f21ddL,
-        0x896ba7f3fcd00810L,0x066c5f0935f6ca88L,0x537e6a61c9437172L,
-        0x335f7cd8ad6a9893L,0xd94e13ac3666f7abL,0x0000000000000192L } },
-    /* 39 << 385 */
-    { { 0x9e5d42e974d23a2dL,0x65600770d82bc0e1L,0x398a0086f26aa51eL,
-        0xf9af5ca91cb33414L,0xafade7f67627615bL,0x9b292aa17f2615cfL,
-        0x5807fead310e94a6L,0x1e448d4bdd2d85c3L,0x000000000000003cL },
-      { 0x4f7f2205a8ed0e39L,0x314a4f3372c1bf70L,0x75555231cf595b09L,
-        0x3e7a57821100fbcfL,0x8f5e0ca34ab8ef49L,0x26e8382b2cb0db78L,
-        0x0712983ead48e8d2L,0x0b8c06c41c943b28L,0x0000000000000022L } },
-    /* 40 << 385 */
-    { { 0xe929b729504f8b28L,0xe706657cb887ef71L,0xb4bd5cda0b83db33L,
-        0x465187f0e761913cL,0xbd632bd6040b98afL,0xd82bf2af91c37379L,
-        0xcc1058b15380aec9L,0x243967a1c506f0bdL,0x00000000000000d1L },
-      { 0xb298442687d73c34L,0x5ffa94ea46cbe44aL,0x5814a34f20ddb255L,
-        0x8ea5436889b68f69L,0xe21603b0d26b66c6L,0x4695dff2320b6862L,
-        0xa5d5332742d53e67L,0xf17df48aa5931fd7L,0x00000000000001bbL } },
-    /* 41 << 385 */
-    { { 0x04c70f3885087978L,0xcd12cce53c8b44acL,0xfd4f376998f7c502L,
-        0x5aff3f2f98e9d246L,0xb3f2d8a82e0cb01eL,0x3f858b53fe4d8812L,
-        0x0b389f33abaf289cL,0xc9bcac4d85e783d8L,0x0000000000000158L },
-      { 0x93e51ba7c3bdb05fL,0x9043397744508070L,0x52617f035d615383L,
-        0xc2c4e23fad138cfaL,0xb701a0c9d06ba79aL,0x48a3165417ef47fcL,
-        0x495700fb2da06186L,0x15cef318fdd26d70L,0x00000000000001afL } },
-    /* 42 << 385 */
-    { { 0x9d3e388e0cd836e5L,0xc974d434ae7e8fa6L,0xceff33a84b7dfae6L,
-        0x27a8202db4d988c2L,0xf74ea8b2ce5a2905L,0x28b4c3d397a229e5L,
-        0x00c1ef677089a383L,0xf9a5cea3f47e577aL,0x0000000000000186L },
-      { 0x44edeb76bec9adcaL,0xbf02c338c5ffafb3L,0xa48a7dad4e0fcb0fL,
-        0x73665bd816a050a0L,0x102f101b93a18024L,0x9fbc6810f7ce9939L,
-        0x18723d426cef653eL,0x54d4b68723015f50L,0x000000000000007dL } },
-    /* 43 << 385 */
-    { { 0x645853a6e2304ce7L,0x6d6f5d6885f9b592L,0x3eca27a281bb3a8cL,
-        0x6cc8c8de108b3b50L,0x586b66bb96537c56L,0xfa80528910974d25L,
-        0xc040c8cf9654df6dL,0xc97f68c367879489L,0x0000000000000080L },
-      { 0xd38c57c16d2eec2fL,0x306846d4f6ea3d15L,0x2ff350501539a565L,
-        0xb45d32a19a8932e4L,0x23bf0d184fcbdd72L,0x12fd080596cd132aL,
-        0x7ff6b0e56bf400f6L,0x9c7d3dad7052b488L,0x000000000000006cL } },
-    /* 44 << 385 */
-    { { 0x5ab5af9029ea9024L,0x62586bb3faa25d87L,0xd43ef6de49148521L,
-        0xffaab71343df6049L,0xc0aed310f00e3fdbL,0xe028fc70c33b556eL,
-        0xf32399e91b8997a2L,0x1194cdd91f8f2427L,0x00000000000001e4L },
-      { 0x8d750b3d3951d0bfL,0x85ecbe512ba1a463L,0x46486edb52e64beaL,
-        0xb66ae34e7ba482abL,0x6d57cca5622a95faL,0xbec47b1e8417d830L,
-        0x740b9a5887cf80ddL,0xa6618207870a8a2eL,0x000000000000015dL } },
-    /* 45 << 385 */
-    { { 0x8a5916f00aa91c51L,0xa976e99375eff325L,0xa8408bc54ae87723L,
-        0x489d2e43f775bf8bL,0xdde2904c56c8ba33L,0x37550da29db2b339L,
-        0x1dc50f82a347dce2L,0x9499d24128c84734L,0x0000000000000051L },
-      { 0x3167754dddbca30dL,0x8a8577969acb20aeL,0x79980c5bd6bb103aL,
-        0x12849fa2f6ad7a1dL,0x84d5a7c0e6a33774L,0xa909f1a10580739bL,
-        0x97a40113e7b102dbL,0x070a98179145c800L,0x00000000000000caL } },
-    /* 46 << 385 */
-    { { 0xbe7c607599d8558bL,0x0822198ba470d7bcL,0x8134516f9b7f5084L,
-        0x5ca862b58ca39d9eL,0xfff8c52dc7bd24f6L,0xdcb06ff955cc6708L,
-        0x7ed3263cbd8b69ffL,0xa789da086cb08d57L,0x0000000000000017L },
-      { 0x7370cbd65877a86dL,0xbef9b4d34365e6e2L,0x73af11d1ff8243faL,
-        0x041c0263639a4178L,0x1907fd7305d03c9aL,0xaf28c8a796ecf611L,
-        0x073e51bc9586b05aL,0xb601e442e8c2096bL,0x00000000000000f8L } },
-    /* 47 << 385 */
-    { { 0x1194c0915f1b4c5eL,0x1d9f3b7afb88b9e2L,0x3bbc16c0a0f8b8ffL,
-        0x2c750d1b3c524bb5L,0xa463b2158ed71219L,0x3732bfcb948322daL,
-        0xe8cd027a3d667adeL,0x13d77bd8189f2eeeL,0x00000000000001e5L },
-      { 0x6adeab389ea63cbfL,0x4cc00ec1873d9cfdL,0x91206bd9dde3e73fL,
-        0x673213982af25a9bL,0xdd29fbc0c7c128faL,0x07e8deda5044c8fbL,
-        0x555612ea3dd8c690L,0xe56de5e753bf04e0L,0x0000000000000199L } },
-    /* 48 << 385 */
-    { { 0xa63bbec0976e030dL,0x7a81ce08e65327efL,0x0ac6397fa7c90248L,
-        0x14ef2887488f9ba1L,0xb2b47a2f497add24L,0xa86a385740274de2L,
-        0x25acdb8c12374808L,0x96f4ef892c57a8b1L,0x0000000000000050L },
-      { 0x3a8d6bfb85199966L,0x78bf5c36fbf35493L,0x8f1db78b5bd8876bL,
-        0xb8ea47b6b2becda0L,0x5decd86d13992438L,0xc0abe6d250dc68c1L,
-        0x85b05da73eaca155L,0xf8095622b1bd9e0bL,0x0000000000000104L } },
-    /* 49 << 385 */
-    { { 0xf17044b942b59f11L,0x716b5bccf9bc1552L,0xcdb5e87eaa109cdaL,
-        0xb4b8bb4a0a21bde7L,0x56914afb00ddf7a2L,0xd9ad9a5b7a0a7463L,
-        0x8cee2a803b0b3482L,0x2bed5feebf03e4feL,0x00000000000001c6L },
-      { 0x410ab42537a1cb27L,0x9811d04052ac89caL,0x04597789c9d044f3L,
-        0x85209250bb67711bL,0xfd886ffc3c39b579L,0xdf3e4df20a8bfdf4L,
-        0x6d2e6d431ca33a7bL,0x8e3aa535624713f5L,0x0000000000000140L } },
-    /* 50 << 385 */
-    { { 0x77f51e0c0442a7c7L,0x500c2b2ca9e3b607L,0x0ee098290847e5deL,
-        0x20349adb09354cdbL,0x6b55b08cc2d79e4dL,0xdcb3401e13d8863aL,
-        0x7baaec44aaf4e45dL,0xe52e2d8030e3684dL,0x000000000000015dL },
-      { 0x400371c05c87ddbfL,0xb6e45175f64b1914L,0x47b78ec27d6647d7L,
-        0xd1b8a05f3eff6489L,0xbf7d56859a637fb3L,0x0928b2419e67d5ddL,
-        0xdcd099e5146112d0L,0x5835194e38fa6f30L,0x000000000000004aL } },
-    /* 51 << 385 */
-    { { 0x994334489930200eL,0x57d680aeca0c5cb5L,0x500b59d823868cf4L,
-        0x8a0c2ca2b5702fd9L,0x365864638d68cb48L,0x99d533d4fe2bd373L,
-        0x76e5f84a8fdccef4L,0xf7a3adeac157857dL,0x00000000000001e1L },
-      { 0x9f89da8738e35a2dL,0xad503f99a5791c04L,0xeb04432cd0b1f650L,
-        0xbb49f73c9de86969L,0x8029aec67728cdc2L,0x668e0a8ea7b3de2aL,
-        0x316e9e0d920d8b5fL,0xd212034d5aafe07bL,0x00000000000000e8L } },
-    /* 52 << 385 */
-    { { 0x97ad23c88762dc4cL,0x20968d0f2d1c69afL,0xe2632e0a129c000cL,
-        0x29f88599dc732336L,0xa44c59d4bac2d80cL,0x0cf8411a987353b2L,
-        0xdcc28c77f498d31eL,0x78b5352a88cd769cL,0x00000000000000edL },
-      { 0xb0e90a4ebfdb4f02L,0xfe9de895a3128446L,0x5e56391e08215646L,
-        0xca6dd28866fa22d0L,0x72eeff81542c7c9bL,0xd6c39a86d59415d4L,
-        0x7b25916353a292afL,0x202fe2b6e8975c78L,0x00000000000001c2L } },
-    /* 53 << 385 */
-    { { 0x9806bd85cbec6480L,0xba6a35c617677c63L,0xfbb6db2a810128dfL,
-        0x88738bb1e9051fcbL,0x9e84681e40f5e477L,0xb8c311c61481f032L,
-        0x9e9a7bef01715e80L,0x281e49e5f705aa5aL,0x0000000000000004L },
-      { 0x9b309b2de678ef56L,0x3debc468f3faf55bL,0x46746951f0341856L,
-        0x001ba8e5718dd586L,0x05ea65aa9144640cL,0x7e7a5e4f9362e2e0L,
-        0xc16935252a9bfa2dL,0x8a8a985a2220ef82L,0x0000000000000022L } },
-    /* 54 << 385 */
-    { { 0x9f3090354dbc1eb3L,0x7c6d6a66748a3ab1L,0x76e43bf83c4a32cdL,
-        0x0556dab29283b2c5L,0xbb92ce2099abd7c0L,0x32c8445805611ce6L,
-        0x351c209534d866adL,0xb812b2e4c8c7f664L,0x0000000000000080L },
-      { 0xdfe378b30e2a92feL,0xe32b3be4077bd06bL,0xa07a0268acec79efL,
-        0xbf50bf0d53a8e15fL,0x2d5cc452ad111c55L,0x9c9138f202874227L,
-        0x2a5c81a2332546beL,0x3dce449a895ef21aL,0x00000000000001d5L } },
-    /* 55 << 385 */
-    { { 0xa63fb2af30833554L,0x54e207774ceef45aL,0x28daaccf9a93de1aL,
-        0x8b71ff06448451c5L,0xfd21f9ee3deb0b23L,0xcfe45600d9f7168cL,
-        0x60de95282235c182L,0xe30cebba4656a139L,0x0000000000000101L },
-      { 0xfc656b2211b55f1bL,0xa13bba09c477a553L,0x66fd4c2893274502L,
-        0x9b86a1fd1a24b861L,0xb6afd1ffe2a47053L,0x6c0769ff48df1e95L,
-        0x2b3b730d1b63f97aL,0xbec1276691aac5a4L,0x0000000000000144L } },
-    /* 56 << 385 */
-    { { 0x1b50fa628d00da24L,0x98c7ac500a0590bcL,0xc33c9f7f6c101946L,
-        0x653848c30c4eaf7dL,0x7ab38c79dc892656L,0x2ce0ae53420316ceL,
-        0x9df9a0087012d563L,0x130cd5656d51bd57L,0x00000000000000b7L },
-      { 0x21a2c95078ffe5efL,0xbc330a097b991b38L,0xc5151e1b2d4a375bL,
-        0x70a29d1080c0f67aL,0x2e75a55f2247b284L,0xc95a638058f332f1L,
-        0x0d7a5242a8fe1cc9L,0xc0b1176ca712a8ceL,0x0000000000000035L } },
-    /* 57 << 385 */
-    { { 0xe534d7e5b1b6b3a6L,0x442cc9a460e15a20L,0xb5b505780fc877d3L,
-        0xef21ffca4c062301L,0xd29e142d0a3457fcL,0xdd64c344ceadc8c1L,
-        0xb590679cb14c251dL,0x3fe76f10ab9b3856L,0x00000000000001e3L },
-      { 0xf136f66e27ca4c20L,0x7146348c84d4b0e8L,0x5d75318419adb36bL,
-        0xa7218c7b88ceb93cL,0x2df7eeaa837ee73cL,0x026cdcf3914bf563L,
-        0xf3f3d1a4997d9514L,0x16dbbf9d40ba713eL,0x000000000000019bL } },
-    /* 58 << 385 */
-    { { 0x0e9c00daa1923d11L,0xa4a935ba9e9a0e88L,0x235a9253ca54fc63L,
-        0x392920afdbd25679L,0x856d174652a57c44L,0xc3504988fb239f6bL,
-        0xa907f9f71cd72a71L,0x2925f0ced9f5d416L,0x000000000000011cL },
-      { 0x208bb07c7c23fe95L,0xb042893810ca84d3L,0xd0b3bf252f00bfa4L,
-        0x34cb8007cd3bbac7L,0xc08e0a6ab206c13eL,0x1462ec66991968dfL,
-        0x409af523c0694b39L,0x8ee92b86a076f928L,0x0000000000000078L } },
-    /* 59 << 385 */
-    { { 0xc9d7fc5dbd1a3ebdL,0x231bb307a5f1851fL,0xc749aba7d0d7e150L,
-        0xebe287d36a97cf7cL,0xa7bbcbfaa5236547L,0xb20cff6656a38e46L,
-        0x9483da01fe570880L,0xc9445f539dade10eL,0x000000000000018bL },
-      { 0xabb59e65fbfc603cL,0xe47b710ffaf6b799L,0xfe3b4ef8bb3471eaL,
-        0x6b525a9fa2deb2bbL,0x66e384c3b6f775e6L,0x0edcc15e3ae04586L,
-        0xb1ece91a0177a763L,0xdf3e41341824cecdL,0x000000000000008dL } },
-    /* 60 << 385 */
-    { { 0xc0f0454dd75aecf9L,0xdc6c13e10d80a3a1L,0xfcf9387eaa843e19L,
-        0x062744c75f9e673fL,0x4930360b8a9a5169L,0xfca298466dfc67caL,
-        0x4b177efcff3e9788L,0x40f92ea72d8232d1L,0x000000000000003eL },
-      { 0xc9ebe2461dab3098L,0xaee9d337a007be6eL,0x9e3a204cf11e73a6L,
-        0x7827ccd7f46edd7cL,0x5c602ab2c4a2c4fbL,0xef03efa28ab96392L,
-        0x22ebf4f017be24eeL,0x0b1dd25cd235301dL,0x00000000000001b5L } },
-    /* 61 << 385 */
-    { { 0x92b6122d364ef40aL,0x0f469c7408803dfcL,0xbb3f660c5008d200L,
-        0x2e4d68e12a330a19L,0x276981d7235df9d4L,0x420bc1c3a23c3b5eL,
-        0x2a0d705524eb5212L,0x576d86d23001513dL,0x00000000000001deL },
-      { 0x6afb220edab35c28L,0x405c936730584725L,0x5a57996203793bc2L,
-        0x7d3538be9fd9bfafL,0x416ce5282511c844L,0x846db71687796d79L,
-        0xf682f8faa73a6974L,0x0b2913aafdd19bbcL,0x00000000000000d0L } },
-    /* 62 << 385 */
-    { { 0x70db7f0c58ddd6edL,0x773c028cdbf9b863L,0xa04ef8b00cfdcb7cL,
-        0x513684b8a4a65e38L,0xb60cf9c1508347a2L,0x54635f38bde9bcbeL,
-        0x0b41f76ee79fc803L,0x6334d72bf373f10dL,0x0000000000000009L },
-      { 0x4cb3f53a0d2bc647L,0xa89a0ae94301232aL,0xacc6701961d28592L,
-        0x82718dd4fa93ad0dL,0x845908b550eed143L,0x7f66caf46403a023L,
-        0x003fdaae32636684L,0x776946a19c27c09fL,0x00000000000000d1L } },
-    /* 63 << 385 */
-    { { 0x1da47097240362a1L,0x30e9b0ff5b43cb0bL,0x5dd728da4f3db2c0L,
-        0x0027f719ffe4271dL,0xf1adecee13577480L,0xf6bf7133b47c7e12L,
-        0x1af855ba8221a9f7L,0x88896c19d53e3940L,0x000000000000004fL },
-      { 0xd07fee83edddb456L,0x362604d7f71a3cb9L,0x040220eda3c197fcL,
-        0x7abad6759101be2cL,0x618e46cbeaab7424L,0x05c1a27e57e4b841L,
-        0x197916805b141498L,0x37ed04403de4c4cdL,0x00000000000000feL } },
-    /* 64 << 385 */
-    { { 0x7b0373e4fd998a0aL,0x0bddac80c37e7937L,0xb979fdca8eeccc27L,
-        0x150c3141e82b945aL,0xcf88a830cebf1156L,0x649c7c1abbef5c8fL,
-        0x3199e1c5f10104eaL,0x31e4fd39898b7fd0L,0x000000000000011dL },
-      { 0xc24063de449bcd85L,0xb0cc16e1b96fef39L,0xfa391388b2f631b2L,
-        0xd39c21b41f4a449bL,0xd036cb3135f5045aL,0x58a0729c367f428dL,
-        0x7dde830655c42fb9L,0xd14ab2fef68c64faL,0x0000000000000163L } },
-    /* 0 << 392 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 392 */
-    { { 0x5663f565a308e123L,0x91a48983157c2290L,0x222f7f93c054408aL,
-        0xd8694963b839a520L,0x864b491dd314da50L,0xa315d96ed675cc09L,
-        0x32964930390531b6L,0x9387671921e11f6eL,0x00000000000001d0L },
-      { 0x20f4598e0c3477faL,0x14c758b4ccf7f114L,0x0c83f642051b875eL,
-        0x14ab1b501b290e7dL,0x99f812c7f1b18fa8L,0xaa60f39988ca8e75L,
-        0x00de2bd0b9c6c5f7L,0x765da97328703a2aL,0x0000000000000015L } },
-    /* 2 << 392 */
-    { { 0x05a704cc2934ed82L,0x647089fb989edd8cL,0xe0b239d40ce7c62dL,
-        0x4c892ea6105a5effL,0xa519395fd5ed6b04L,0x806c7003509ed794L,
-        0x882e9886e70ce5c4L,0x50730ca1ff01f6a9L,0x0000000000000088L },
-      { 0x90a78a16dbcc5484L,0xc1ab078cfd454b50L,0x6f488252cb09e525L,
-        0xdd663f53e19b2ed7L,0x16b10da1a67bf59cL,0xb47f6b9536bb770aL,
-        0x6bdc8428777b2bceL,0xcd02ae3d561553f8L,0x0000000000000017L } },
-    /* 3 << 392 */
-    { { 0x06ba35c1ee2f1290L,0xec34093fd403d1e7L,0xc1b8ed8fa659075eL,
-        0xea322ad8bfe99020L,0x3b7a95d8d5148b86L,0x979d99bec2cd9adeL,
-        0x89a6a55285dba94cL,0xa5b7e51be090e6a7L,0x0000000000000120L },
-      { 0x033b73ceaf82552aL,0x8c98e0b55ca604c1L,0x177a92e5533addf7L,
-        0x6eab8277ed1ad360L,0x05937e24bfb8e3e1L,0x4193e5cfd061128aL,
-        0x4f781b5dfc1326fcL,0x74403eb19d0056bfL,0x00000000000001f1L } },
-    /* 4 << 392 */
-    { { 0x36da34d11edc1498L,0x7ba9673c18d4c455L,0x9acd94ff724eb3fdL,
-        0x5db71c7ad31cfbc2L,0x64357011d49a2214L,0x80b6101f0aae0c21L,
-        0xeffec6209853d1f0L,0xf928ed94eda4fb5bL,0x00000000000001bcL },
-      { 0x0031c5cce3db108eL,0x2663b3aa5110eb67L,0xc0432c4f3b2d50c5L,
-        0xe5b812ab3d94b4fcL,0x031fcbe4e9828d03L,0x048dec907a08492dL,
-        0x7420a4edea50d639L,0x0bd4bdd076eef289L,0x000000000000015fL } },
-    /* 5 << 392 */
-    { { 0xe7718e9bdf3566ecL,0x2acd4c45d1d77e5eL,0xc78694add9787985L,
-        0xc7c600c5f645c923L,0xcd1e697ac393f54bL,0x7928ed5b20054d6eL,
-        0xd3c839e03cafeabfL,0xbfaafdcec46a4425L,0x0000000000000196L },
-      { 0x6baeeca1e1804d34L,0x6996db6c70aa5e48L,0x24e11983b9577c2eL,
-        0x3966f9a104335832L,0x5654cbdd50889c2aL,0xee86177f32df0deaL,
-        0x7e9c591df8d76ecfL,0x57de93bfddbac362L,0x0000000000000022L } },
-    /* 6 << 392 */
-    { { 0x78709a5ca92d6561L,0x36b5d1f10880bc8eL,0xf980cebc0af2078aL,
-        0x4b5e964a14edaab5L,0xd526f78563afd322L,0xf5a9d4c668e17240L,
-        0x0c420e2819fc5026L,0x3327540903459b12L,0x0000000000000157L },
-      { 0xae433226c4d6bb5dL,0x5e39057b13ea6565L,0xeb7729af7aaf08e1L,
-        0xa74c0ed7012567f2L,0x65b64576b6e89abeL,0x6b025e87f2498699L,
-        0xbc92a03cc229c0f1L,0xc54da03b0f1f67c7L,0x000000000000001dL } },
-    /* 7 << 392 */
-    { { 0xeb525fbb07d2778eL,0x4cd96634c965143eL,0xb2ea802d742e1fcbL,
-        0xa2f1ec4c75bc3cd4L,0xe778f1e1125ebaf8L,0xc700e4e4650b81ebL,
-        0x66d593a59c841f1bL,0x4da417578d2984c9L,0x00000000000000a1L },
-      { 0x6e9ed77d57d4a16eL,0xefb8f94c1c1696aeL,0xf2961d2c8acbc2a6L,
-        0x8fc9352de1d5de1fL,0x786158d1a7b8579cL,0x3ab33268fdcbac8aL,
-        0xf237b433d583ed20L,0x3edcc184e4c10d57L,0x00000000000000cdL } },
-    /* 8 << 392 */
-    { { 0x8ec9a4151e96a885L,0xc95ec1ef7e63cb24L,0x8a77bef7c506a04dL,
-        0x4e4dd4100ad06b3fL,0xc2eb62e4dc28fd42L,0x7cb2239454040fabL,
-        0x74a3429a64595d06L,0x05983dfa26fd26d9L,0x0000000000000151L },
-      { 0x56acb9c1291ba5b5L,0x9967485f11c55994L,0xfc8eeb0bb23cd929L,
-        0x0fe8db6b39d78fb1L,0x3d7281e846f04210L,0xe7f29c805d9fe1f9L,
-        0x2ea28b7ef78b31a2L,0x594d39ee4dfe2d5fL,0x0000000000000087L } },
-    /* 9 << 392 */
-    { { 0x67f5679c7c9beac4L,0x985a78336230b567L,0xa250d8de064e4738L,
-        0xb8bfbdd3b564700eL,0x087bf9e82e14ad7dL,0x4cf9220aa0317fafL,
-        0x6614ae6eb05bc341L,0x1deff5d59e41105fL,0x00000000000000feL },
-      { 0x8b47d53a03966619L,0x72d5b26cbff94109L,0xdfc37d1510b76762L,
-        0x669e715664b09f94L,0x16e999e2d3fb006bL,0x3e5aa52b6aa4487fL,
-        0x8bfd7f5533c1350aL,0x68ff6cd44e72ea36L,0x0000000000000161L } },
-    /* 10 << 392 */
-    { { 0x450eccbf95b7cf7aL,0xdf3b7da8b44af149L,0x373e6b4f40c25b44L,
-        0xf9db1d32e6c86b87L,0x02466d20439af230L,0x17bd88275830bba4L,
-        0xf8f5e1805aef36c3L,0x6986ab02b7ed8e89L,0x0000000000000173L },
-      { 0x5c05151d51fe4224L,0x824fbd0f5576ccb6L,0xbe14d2f8e1751932L,
-        0xc608e4c367fa6561L,0x4fa94021a856141fL,0x752b95bdda4ab1a8L,
-        0xf4d032c295439524L,0x408521c03a8e1267L,0x00000000000000faL } },
-    /* 11 << 392 */
-    { { 0x9b7d1f3bfc0f4a8bL,0x7a8f0b0f5ccb978bL,0x00d61c73d3415ae8L,
-        0xf46d7b22c6aede9dL,0x1fc2937114822df1L,0xe3e1d4675f740f97L,
-        0x3a7e3ba3b9159596L,0xf99ca1a803b5ec47L,0x0000000000000029L },
-      { 0x04243bdfbb5ccd4eL,0x055a49f78802bd75L,0x51f2d40a306ea61eL,
-        0xa70666ecda558bdcL,0x92ae69d13e523a23L,0x98055b32c4ef7644L,
-        0x3748d45e0e228566L,0x9c4991a170bae7d8L,0x0000000000000106L } },
-    /* 12 << 392 */
-    { { 0x6502b92cbb5c5c05L,0x85d920e3bfbe8363L,0x7a2aba0d6e2b1eb1L,
-        0xc02768187c1e4e5fL,0x8eed0e03e426684eL,0x164e869178e5d42eL,
-        0x606a3a5498aa47a7L,0x2350730d0b830942L,0x0000000000000148L },
-      { 0x5e1965a01d104b08L,0x7e28dadd373e0f14L,0x77b7c36fac533cceL,
-        0x8c2d1096e00217beL,0x016538a1ae057a93L,0x2fb0bf1e5a58f3dfL,
-        0x0e6a5e9d9785d24cL,0xb945866bd5a89bfaL,0x00000000000000a7L } },
-    /* 13 << 392 */
-    { { 0x143510e9fe207454L,0xb0fd9824bbf845f0L,0x39c13279e8bf1a9eL,
-        0x75fa89a10feca613L,0x2c66a7eb825a3dd7L,0x9c2b32c8b26368aeL,
-        0xf92e1aaaf619a005L,0x4de668fdaaccfca3L,0x000000000000012bL },
-      { 0xa92801b445cfcf06L,0xfbd77f9cf74d70ddL,0x1e47198c6340644dL,
-        0xffba0b1f6b4dae22L,0xe48cb9bbc7b899dfL,0xa2f0ece2c71b8b4aL,
-        0x5d9815e62a173ebeL,0xb9b11bc50e9906daL,0x000000000000011aL } },
-    /* 14 << 392 */
-    { { 0x55ac3726fe2a7478L,0xe94f2031e30ff599L,0x469519bd10936c6dL,
-        0x878d1fc50515a43dL,0x187f4315806e0b6fL,0xe03dc8bb2772ffa8L,
-        0x32b48a444a6b058bL,0xea5822f35164ec93L,0x00000000000000a0L },
-      { 0x5c617856737160e6L,0xc9c64cd423c701eaL,0xfbaeb50175437eb9L,
-        0x99422e75de99481aL,0x0f222393795537c5L,0xf7a2094923a1c0c7L,
-        0x5e14e523f71edde9L,0xe03bfb13c7ec1652L,0x0000000000000099L } },
-    /* 15 << 392 */
-    { { 0x592528bcb0d0888aL,0x32b7ca4dcabde573L,0xa25e1b62404f7268L,
-        0xa3da442d16381bf7L,0x62caeaaf5d6acdc7L,0xc9f64cd37e764a4fL,
-        0x297687a84e48f5cdL,0xb315f2345e2d02a9L,0x0000000000000012L },
-      { 0x4f91c00520acaebcL,0x61ce683cdb8cbfe4L,0x22a4efd555ee34ceL,
-        0xf8d7d3ca64516080L,0x38d087a027af0007L,0xdda0dfb2e0de0ef0L,
-        0x7e0601f0f4c91376L,0x23d16e102ebd6270L,0x0000000000000141L } },
-    /* 16 << 392 */
-    { { 0x1bd8ce7b5a53c22bL,0x78733fcd7cab446aL,0xc44ca4e248acb394L,
-        0xa9888b1ea38c790fL,0x36afb6eb15c34237L,0xb913b8a8fb702063L,
-        0x34b77cc5917508faL,0xa931d7a7f9e4732bL,0x0000000000000050L },
-      { 0xa90a429056d21d18L,0x8266630755b410a1L,0xb4684a8b894a6b05L,
-        0x8a1ade63828cf75cL,0x4fb2f85a127702a3L,0x83ff7d05adf7b709L,
-        0x1d3f5a92a68d1db6L,0x243ce1dbc093cd5cL,0x00000000000000f5L } },
-    /* 17 << 392 */
-    { { 0x747050b4dc1f408bL,0xf1aa5f1cf0e53056L,0xfcd32b5db55215c2L,
-        0x83e780e2a643d3d0L,0x10c32cd4a683aa1aL,0xb566a42ef274f385L,
-        0xa94cdfc13c628a9fL,0x3a4dd494f28cf4d5L,0x00000000000000b4L },
-      { 0xd12f1ca48707dd0dL,0xc250d375379846d5L,0xb3d1f3e6cf8f7906L,
-        0x828c0769504ef581L,0xd8ddb5fb91ed0a99L,0xb53dad6bfe27e621L,
-        0xec6e3cd22a31b15eL,0x402c5dee5cd9ba0cL,0x0000000000000160L } },
-    /* 18 << 392 */
-    { { 0x39b44df663e47f96L,0x2c7206891f130336L,0x5543679012acc921L,
-        0x2944066a5d875d70L,0xb6ba5ecab637f3dfL,0x69c8cadc79abbfd9L,
-        0x359753d5bcef620eL,0x1caf0d9bbd2e9239L,0x0000000000000116L },
-      { 0x2412742cd051ae6fL,0xc8cb1cac54d13ad9L,0x19bdf52082ff17ddL,
-        0x7310001c46f5ae00L,0x9f6dae8cefcb214cL,0xe3afc3481ac29d5dL,
-        0x6162b535843d1a4aL,0xb25ff812e5174c3dL,0x0000000000000015L } },
-    /* 19 << 392 */
-    { { 0x2f2a4ecf475c5d3fL,0x012f076856a9da6aL,0x2d35ab720eb73946L,
-        0x50aefcb5af90f132L,0x8ad439af4c3ab322L,0x70d8e68b3cca3e59L,
-        0xff7ca8f5f7498297L,0xbb166b54aa99e5ccL,0x000000000000011cL },
-      { 0x08dd12eae174eb28L,0xca75bd49a8a34a97L,0x262fc207883d05e7L,
-        0x6372076829e98b07L,0x6434261d442c2457L,0x6cf09b54ec47cd5eL,
-        0x6e4d2a8b5ed4b6d3L,0x6950403c677585bfL,0x00000000000000d4L } },
-    /* 20 << 392 */
-    { { 0xe8bf0d2b9a86c296L,0x56b947a575d4fd5aL,0x7364354793941d37L,
-        0x493899e4728c0b10L,0xa0d636a76ca7e1ebL,0x083f811e16ce84a2L,
-        0x9602ad8b90bb012eL,0xb1c8808cfd7d4057L,0x00000000000000feL },
-      { 0xae262388f65f859aL,0x220164e04c8e2cf4L,0x7e1f59f2639a7befL,
-        0x7777613522bd2b24L,0x191b18530b92201dL,0x9ebf0a3d99fdf0d4L,
-        0xc250ea2f792cdf64L,0x9da499827937b250L,0x00000000000001dbL } },
-    /* 21 << 392 */
-    { { 0xe95372547eec5ab8L,0x20854600dc649495L,0xb2c454502060a38fL,
-        0x074640c83b17ef7dL,0xc2ba81afeafd02b0L,0x76b5593495c308ccL,
-        0x1be30f525d9c01c7L,0x00fb296b0c089ee6L,0x000000000000011eL },
-      { 0xcab278f10884bcb4L,0x81ed4c3515bdd541L,0x69cc0e14f5766a2eL,
-        0xee19b33ffa305dc2L,0x0e66612c3941336aL,0x2d70aea0df5046faL,
-        0x70ede44f5562d06cL,0x92a66c0bebd8019aL,0x000000000000014dL } },
-    /* 22 << 392 */
-    { { 0x7aef7245579e8701L,0xdddc870d737fd8ceL,0x4e4ad894eadbb996L,
-        0x135b46160dfab3d7L,0x0433d57dcd7250b0L,0x4d3f5f9db0292ed0L,
-        0x639e7722eceba527L,0xcd5b2c428487b3c5L,0x00000000000000e9L },
-      { 0xb1bdb67698d0936aL,0xaefe0fffc847c8efL,0x9f1c085f612bd61dL,
-        0x148a96673d232e56L,0x5374bb9deeed1322L,0xb79378900e4302d0L,
-        0x0c269a4be256e409L,0xf0c659b70315057cL,0x0000000000000129L } },
-    /* 23 << 392 */
-    { { 0x71ee59406a722275L,0x523a7e2bfa97bb09L,0x8cea508a21648596L,
-        0x655546cf43160a2eL,0x715fd019b704209fL,0xc906616600197d39L,
-        0xe176a99d7419b773L,0x8a8170e25ce68d76L,0x00000000000000a5L },
-      { 0xfb511b500b8abc3cL,0x6e8474d977a2cb0aL,0x849c55ee2037f989L,
-        0x92e102d9d072d371L,0x90c88a1edd72df80L,0xaffc59588c3725d7L,
-        0x92c20b445eb10063L,0x871b18dac2eb294bL,0x0000000000000129L } },
-    /* 24 << 392 */
-    { { 0xfaf6bd70ac57cb84L,0x32c242073eb61ae3L,0x5986ce0e7c9b61c6L,
-        0x9b36f045f1733320L,0xe4dd9d839f8948c0L,0xebe72911a8a90ea5L,
-        0xd34cb93e2d84d142L,0x787753d11c55d53fL,0x00000000000001beL },
-      { 0x48c0229aa2df0ca9L,0xbc42db5394660967L,0x4b209e4061935318L,
-        0xcf7e4981898ae70dL,0xa42c59694dfb5d28L,0x2ccb13a68e4a6d4cL,
-        0x77bb58626c36976cL,0x7b44f5ab71676ff4L,0x00000000000001b4L } },
-    /* 25 << 392 */
-    { { 0x2a3b21f19fd42b97L,0x388249b469e250e6L,0x7226d729f01c879eL,
-        0xe588203b9e652254L,0xc6fb3b1a846a5090L,0x2dca87ce9a2a242dL,
-        0xaca5c8fa7dc5f4adL,0x65334ff212ea5d25L,0x00000000000000bdL },
-      { 0xc1039e12cc6df18bL,0xb13ab3c2d6a89d34L,0x8573f608686ab623L,
-        0xb34720f8b0a4c351L,0xb42c5a677841be0aL,0xcd53d55f37b5ce15L,
-        0x99d97165e3cc80d3L,0x3c2a9a9ddb06c07eL,0x0000000000000091L } },
-    /* 26 << 392 */
-    { { 0x67dc211ce9a3ea9cL,0x292af224222b2a93L,0x818fb79cfe0f90b4L,
-        0x379d01c415628e38L,0x48a83503ad420127L,0x9ee9b705ea2b1a5eL,
-        0x0430fcdeff6e68d2L,0x3045e6fb6b148eafL,0x00000000000001acL },
-      { 0x9bba4b09d469ed6eL,0x95ac0bbe3cf66944L,0x109546371c2ed0d1L,
-        0x21ece32632403941L,0xc4a8ba03051a64beL,0xb00e5c8aa214703aL,
-        0xce818fb8ef7fa7a8L,0xc9b56befadb9488eL,0x0000000000000178L } },
-    /* 27 << 392 */
-    { { 0x7ad60105c31e7fc6L,0xf361576465d266f6L,0x5608c43e884a8482L,
-        0xdfdf8db35cb2ba2aL,0xee76eb6488c0d22bL,0xf9ee20f3c433d719L,
-        0x09ab2833bef67b85L,0x632230924b54aee4L,0x000000000000009cL },
-      { 0x5d63b8e97bbae00fL,0xb6348d60cfba1a43L,0xe080feba8eace1dbL,
-        0xfc3847f6d9166854L,0x0cf910826edf4f5eL,0xb8cd7739571167c9L,
-        0xcbc05dbd10dd80a2L,0x2a0ee01733e69b2aL,0x0000000000000129L } },
-    /* 28 << 392 */
-    { { 0x64c9253b379d2951L,0xe87333890586cd59L,0xce8eb9b4f6c64aa0L,
-        0xd7a88646774ad3b7L,0x36b395a03dabf772L,0xd7d57f5b8f6f0f7cL,
-        0x58773e9a09a83d1eL,0xb3abd1a2ee22a9a8L,0x00000000000000bfL },
-      { 0xd93010a338b8f550L,0xb2690375f35c0da4L,0x53a4d7c4f484121eL,
-        0x11cb900504509d4dL,0x03f191749f6fa703L,0xb0fe84994edbc279L,
-        0xd5d6975d38260010L,0xd7dd640ee6be46cdL,0x00000000000000e6L } },
-    /* 29 << 392 */
-    { { 0x7cc7d5e9bd89d3a9L,0x60d8204cc9dd7b17L,0x50ade1349d0542c6L,
-        0xbc5be5f2b686ea56L,0xc092f3447f75b822L,0x352363f1339b6094L,
-        0x7e59acc4f04ee90fL,0x4dacc4a31f72da27L,0x000000000000008aL },
-      { 0xe176a7be926af1d7L,0x2c9765fdceddaca9L,0x66708097b7d745caL,
-        0x58469ef977ac7fdaL,0xff4993d33433d277L,0x6b648ba00477ce72L,
-        0xa49cc8d961ca75eaL,0x052cd69af501a8acL,0x0000000000000166L } },
-    /* 30 << 392 */
-    { { 0x2f13fe842dd5e903L,0x339f67a10e555b76L,0x0d2f153c003c2ee6L,
-        0xba0a0aae38f0fb43L,0x11b61a8eef9b72eaL,0xc7f6eca2a5c4597dL,
-        0x0e72636cc732b509L,0x939553ecb7247071L,0x0000000000000075L },
-      { 0x759b4d18978c6c82L,0x232c43fac9b34e44L,0xacdc159177608f47L,
-        0xae6056b93087fbb7L,0x000ca7db5c3883eeL,0x58de6f66140170e2L,
-        0x95a29345ae255893L,0x6913fa78e7508854L,0x0000000000000068L } },
-    /* 31 << 392 */
-    { { 0x2c05d35ab3259931L,0x180318ee63243888L,0xe370c069e4a6d4acL,
-        0x9a0e73d8115a7552L,0xb136040f3024b20dL,0x9ec6cce3c9b71921L,
-        0x8240506569597e99L,0xad8cb3569f38ae91L,0x000000000000006fL },
-      { 0x056452385fc41873L,0xc5444c3e434b2df6L,0xcdaf76b3280c0eafL,
-        0xf5e96a0627548836L,0x7642c921768eb175L,0x309ecc1fc140592fL,
-        0xb46b3c8a55537f8fL,0x215fd24153c7570cL,0x000000000000015aL } },
-    /* 32 << 392 */
-    { { 0x8b3dc3d04aae7354L,0x9ccbf6ce4a8f62b0L,0xb3713c0060c73a7eL,
-        0xf6f73585349ec6a0L,0xa995a64cfc30467fL,0x877334fefad776d0L,
-        0x84588e41b236dcf3L,0xdcfdb088e9ccbd7dL,0x0000000000000181L },
-      { 0x188db860fb36e7aeL,0xe7a0df8df45ea4ffL,0x110245ac5ca6f9f7L,
-        0xd4c3509d7a7031afL,0xf4aa648f34df0623L,0x462aa9497e664bd5L,
-        0x415012b4e2f0138fL,0xec3dafa01c60732aL,0x00000000000000beL } },
-    /* 33 << 392 */
-    { { 0x892947c065b8343dL,0x04d4c1f54cc89339L,0xec0a8dadc9f713feL,
-        0x49a1bdcd7e8cb36fL,0x8416e0725de9db7cL,0xe9d7856a814f2889L,
-        0x00bcd25858d9931fL,0x77622d851e6d5f7aL,0x00000000000001d4L },
-      { 0x8d1d7219651ec975L,0x5d20520ede8d13a2L,0x62d8bd2acb73a5e7L,
-        0x56596d73d791eeb1L,0xfe714aa9c07a2a30L,0x2829967735f34560L,
-        0xc1f5477576599af2L,0x599f6db4c2e97737L,0x00000000000000daL } },
-    /* 34 << 392 */
-    { { 0xe27b3464824eaeeaL,0x2358f6ad5393879bL,0xa7df34d4710fb8f7L,
-        0x833df1e070a35060L,0x0713f8dc37a6da75L,0x5c1f9b86d569678eL,
-        0x5388bf51316a4a10L,0x3533b4196499c876L,0x000000000000005aL },
-      { 0x072045e7f7b0bb1eL,0xfea6dad18806fff0L,0x145700a9967aeedaL,
-        0x7d1daf361c1fd04aL,0xa59fd9c4ba6c47f0L,0x9869b04f2051bc10L,
-        0x922a2c62ed765e5cL,0xc45f00694fe8bc2fL,0x00000000000000d5L } },
-    /* 35 << 392 */
-    { { 0x7d73bb35ae7cd284L,0x95a93265f13cfebeL,0x35311175966ae16bL,
-        0xdc7930b274e48e72L,0x81501ccbf7575898L,0x7999582f6a37a35dL,
-        0x88d4ab111c496f5dL,0xd25f44e7a36d1b34L,0x0000000000000147L },
-      { 0x64ab3239231cfc02L,0x75e653046357d94bL,0xd0f90974d95dd829L,
-        0xabf69128f4dfded3L,0x3cca87402a85856eL,0x1c555726610324c7L,
-        0x46bba522508ec0bdL,0xbf2610b1479a9c93L,0x000000000000014fL } },
-    /* 36 << 392 */
-    { { 0xe1299139f1586f70L,0xd5cb2c10053083dfL,0x9e0ce9829ea052f5L,
-        0x87de595b0efc851fL,0x4cccf7ae98742defL,0x87cfa3788548d910L,
-        0x8ef7bc8e1a6128b7L,0xa605315051d38f20L,0x0000000000000047L },
-      { 0xd0797eddc7635909L,0x1eb856cb63113d00L,0xa2a965c95725aedaL,
-        0x5eaa6eef217ab755L,0x4ada3e4af55bfed5L,0xe4d945933792f0d8L,
-        0x19ea0a3b27ea0947L,0xe90121ad54aa8a99L,0x000000000000007eL } },
-    /* 37 << 392 */
-    { { 0xf2a647cdb728d429L,0x45a1d210eb7133bcL,0x4c8f934b6b83916fL,
-        0x3b98f81e522dd12eL,0x454884a7d6e86fbfL,0x160c65f88689d7e7L,
-        0x9069c27d763c2796L,0xf1405b86fc31e096L,0x0000000000000137L },
-      { 0xb0be8cff6fb3901eL,0xa7a916b0da1ac91aL,0x7c097b23b344f479L,
-        0x6b3aa54eb469472fL,0x8f10c2209edf3457L,0xe485ee25d6189cf5L,
-        0x01c0af56cb45ae2aL,0x16c2ecb7d3a5d9f5L,0x0000000000000004L } },
-    /* 38 << 392 */
-    { { 0x6caa8e9aab24a11fL,0x918618de7f998abdL,0x51ab05a0fa2efd0cL,
-        0xc5db63b47afd5f5fL,0x40ddd9d21671f863L,0xdf21f123e8979929L,
-        0xf964fdaa753f5f9aL,0xa6bc6ee1ac869b60L,0x0000000000000036L },
-      { 0x9ec7b5223fb9e363L,0x9cc1db429d4a17e5L,0xf6abb7fa2490da7aL,
-        0x284023565a5d5231L,0x31c197bad7698b7bL,0x78e3957ee443b4a6L,
-        0x6f747898b809dcacL,0x2cb14df9bc50dc28L,0x00000000000000e1L } },
-    /* 39 << 392 */
-    { { 0x087ae31a39de4487L,0x83eea765449ccd69L,0x4646830a781c8c19L,
-        0x9cdece343b0c1627L,0x82837fda35c2820fL,0x942160f96db9709dL,
-        0xd5d5c0d1874cbdebL,0xf6985f955a058b33L,0x00000000000001a0L },
-      { 0xce8987ae2e31c2f3L,0xf46bc0faeb414481L,0xd6d762899fa9260bL,
-        0xbc302bed030e8a9bL,0xa520f637eba41851L,0x51304e88eecb96ffL,
-        0x41e7a0102072ad97L,0xf7bd7e56c4794837L,0x000000000000019bL } },
-    /* 40 << 392 */
-    { { 0xc2587d72e962529eL,0xd3dac5d00c872ab9L,0x44187663c75c725cL,
-        0x2e65d5ab3d496338L,0x01ca52de8b23156fL,0xa7ebba10d035e4ccL,
-        0xb99dfaa0e871449dL,0x6248c81952b0dd58L,0x00000000000001ddL },
-      { 0x304d544909a0b2b6L,0x193afec00bb26682L,0x00425a2bba188995L,
-        0xd4fc292d04bee432L,0xa56de92439190f47L,0x184b59fbac7e0841L,
-        0xb2462d3ed4c24d7dL,0x6df3cff0827e5144L,0x0000000000000053L } },
-    /* 41 << 392 */
-    { { 0x750a3237cd83b337L,0xfa69ee5897a42787L,0xf38484d92bcd0f21L,
-        0x727e6ceb1ed6eac1L,0x29cd75e4647cca9aL,0xcab25ca99b2e130dL,
-        0xd347c8ae544b56afL,0x236188fa97bbcf15L,0x000000000000016aL },
-      { 0xd353f1b2c35b0afdL,0x5f81b2112df1ee19L,0x3a17334ebfef60b2L,
-        0xf9c53718327923a6L,0xf7fb02d5bba0cddcL,0xaecae9e4533d5c93L,
-        0x3e46f95af2acd6b6L,0xd5e4a5b1aff88b82L,0x00000000000000dcL } },
-    /* 42 << 392 */
-    { { 0x836c879be603487cL,0xc176b372be67aeefL,0xb16c1c093916ed2cL,
-        0xa19f57d1b738de42L,0x19fcdaa9b53fd0d0L,0x4503028c6c65898fL,
-        0x068d459d2a6eba9dL,0x230f913208ae7045L,0x000000000000016aL },
-      { 0x3e3021c260587627L,0xb845066f0a548829L,0xeb7646754d68e59cL,
-        0x7c83af0ba57fd160L,0x41cbc6dd06cfd9b3L,0xa7c211a7c2ac70a7L,
-        0xa97550d867a3cebbL,0x805d0a4b3463d8b3L,0x0000000000000146L } },
-    /* 43 << 392 */
-    { { 0x255df4920aef0552L,0x94df45d226aa07b0L,0xaf376f26633252a5L,
-        0x8264ded59ce08ed0L,0x21195ce9e61e9dbdL,0x012afc4b431f8103L,
-        0xce45e41bb0d6a41bL,0x16dc53f7e44539f8L,0x0000000000000189L },
-      { 0xfe21cebd1fa28378L,0xb1e3d1f305fb6ff7L,0x39b11a3701779f3dL,
-        0x6cdeb0844103ef71L,0x63c18cbb4421b84fL,0x1b2b98a84c2217bdL,
-        0xa219ed87720f56deL,0xde0857ad049a4d99L,0x0000000000000082L } },
-    /* 44 << 392 */
-    { { 0x1d09b95369c3d17dL,0xa867a21dd4d01ba2L,0x9871762c3828b992L,
-        0xe3cda568f6da70c2L,0x68c327a254227c8bL,0xddd426509c5e4075L,
-        0xee64acb06241b455L,0x63ab87f677bf9d01L,0x00000000000001c3L },
-      { 0x94f1514cde039bafL,0x0eee405d1d6d7285L,0x221b6b65199243d9L,
-        0xe1ef5cd2e3b17599L,0xd2e0a39b3856f606L,0x920a00121b433750L,
-        0xd7daeaa074d9b72dL,0xcb1206d333ef5d80L,0x00000000000000e4L } },
-    /* 45 << 392 */
-    { { 0xd79bfda671b41f80L,0x4e2adbae09635317L,0xdd1e0c89d5137b55L,
-        0xac6035369d901bb6L,0xf7d994e2875b6bd0L,0x4493e365ac6726b5L,
-        0xcb1b9b1a021fd3bdL,0xa22ba13d4673338aL,0x000000000000018bL },
-      { 0x6d613468f89eb756L,0x8c13c6accaca507cL,0xb066bbb54f35674bL,
-        0x44f03d0c34fd9ee7L,0x44158ea1798b5c9eL,0x5c340cd7e85265edL,
-        0x69ffabc8a643874eL,0x4b84dc1fe1f23e59L,0x0000000000000145L } },
-    /* 46 << 392 */
-    { { 0xce3e4f6f3537a3b6L,0x2a548acae4be3890L,0x7d257a739c6f309fL,
-        0x517b74e62188a544L,0x92dc6544c008b28fL,0xcb56ac9408dd8b68L,
-        0xd9f11fe9935a4ae9L,0xad4d23a2a1dcf178L,0x000000000000006eL },
-      { 0x1498f1e4e17213f0L,0xd0519b28c758cd28L,0x22057e5f11edd1c3L,
-        0x533378fe26560bb4L,0x15a266a251beeb5fL,0x49d6d63b32a25673L,
-        0xdd62ccbdf0100cdbL,0x872a3d87c5eadae3L,0x0000000000000007L } },
-    /* 47 << 392 */
-    { { 0xb529a755894cd820L,0x7ac841f79aef3e4aL,0x2639532a82c12ceaL,
-        0xa107d5768457ba7dL,0x08cc2140624c6ce4L,0xc75a2afd83169cafL,
-        0x692f8acb9178032bL,0x8835d7e399fdab3eL,0x00000000000000f2L },
-      { 0xcf248e4d21fefeb0L,0x7a5d84be645aab81L,0xa1692e0b81b8aa2cL,
-        0x06c5eb427bb653f7L,0xda8e28a27c4d70c9L,0xf13e2010d45a9397L,
-        0xab9054ad78f1ab45L,0x80453fc864bc5f43L,0x00000000000001acL } },
-    /* 48 << 392 */
-    { { 0xf77afc9ec1f9124fL,0x010af17a5d958392L,0xa9aa7d55eeb66cb6L,
-        0xb41570ca816dea76L,0xb2138d58a983b39cL,0x0fd404cfcd6cbaa5L,
-        0x29c1f2fd40c224ccL,0x1e263cab99c23815L,0x00000000000000e0L },
-      { 0x371cd0937649d2ffL,0x7c79d3cc02038ff9L,0xef3261855ca5e1b9L,
-        0x1beb030be02c0478L,0x134d0c94f859fd4aL,0xa767faa5ee41b919L,
-        0x8d957aacd5d9e3c5L,0x4b1c1deb191fca35L,0x0000000000000175L } },
-    /* 49 << 392 */
-    { { 0xf5232405e8e50647L,0xb61e0f313bba4ef0L,0x0a5328116f05e31bL,
-        0xe3b1d72b683d197fL,0xbd55f76bb72d36f2L,0x2645e034ab6bfa34L,
-        0xd94ce3b970f52ddcL,0x83e891a2470c7338L,0x00000000000000ddL },
-      { 0xe53e6361797af474L,0x9d94b01e8e09f9f9L,0x8e23416db8099125L,
-        0x8f3abc4c8ef378a1L,0x0da6e3fef861c054L,0xe9d3638b203190feL,
-        0x5dce7db98c12ac92L,0x8dd8a61cb8335d65L,0x00000000000001aeL } },
-    /* 50 << 392 */
-    { { 0x0df313e10d732decL,0x0667dd1e5229a7a4L,0x78efd49555c31c0cL,
-        0x554c55303735e643L,0x3b29c30758c97feeL,0x7da349bf85e2c6f5L,
-        0x982f2be25cb9ce70L,0x39274c84c0441b24L,0x0000000000000100L },
-      { 0x77e9356c2307d25bL,0x2e81d63615ed7120L,0xa39ba7a3e3143227L,
-        0x153addc96bcece22L,0xdeebf6c01983ffb1L,0xb5f2d60e43d43f1dL,
-        0x8340038620d8e424L,0xd127aeddf6f0e03cL,0x0000000000000164L } },
-    /* 51 << 392 */
-    { { 0xdcf0cd6a73ccae26L,0x4e52859e04a8a411L,0x085570403909f6beL,
-        0x1aeb429cdd5f5f1fL,0x83c8410392fd6de9L,0x45a05c6efd051de2L,
-        0x334d659ab6a36a9eL,0x9775761ac86254bfL,0x00000000000001d0L },
-      { 0xbb498a7e7ef71b31L,0x54320c2a87a1a905L,0x308a31e5b01357e7L,
-        0x115312b91ec5af64L,0xe3add38ecaff60f0L,0xdd257d552ac78ec5L,
-        0x0e0b29616ac51787L,0xf7537bdd2f9e42fbL,0x0000000000000050L } },
-    /* 52 << 392 */
-    { { 0xb6018ff0078f7ff8L,0xc9a3c8112ae4ec18L,0x974c8b824dbc5b54L,
-        0x323120b429c8b8b7L,0x04c883d798439a31L,0x1ddaaccbbcd28a10L,
-        0xb22b548cb61251c6L,0x2cda48d6c6154ca5L,0x000000000000013aL },
-      { 0xe783d50d03857e72L,0x0cb1de54fe7e9d44L,0x608cd3398526e99fL,
-        0xb9d4ef4ec00cf265L,0x37c326a39eaef59cL,0x435851a4046d5b54L,
-        0xf4813c30147da907L,0xdb37c0b9ecfdd94dL,0x00000000000000f9L } },
-    /* 53 << 392 */
-    { { 0x9f97d529526acd82L,0xbea14de9698d81a8L,0x1da65dfe087fdd78L,
-        0x162991819e331cb6L,0x1770cd3351ed1f90L,0x2241947f48d1fff3L,
-        0x8048c4b872e59f7cL,0xd4c7c70884441c30L,0x00000000000000ffL },
-      { 0xcc713a4b9a697e4eL,0xa066a6de4c19b3dbL,0xab7c9dad5ca3148bL,
-        0x8806b0223699de2aL,0x8d2c17b13c648f2dL,0xc39af0f9a3d21b8cL,
-        0x91f94812fa66eebeL,0x74178170791cae62L,0x00000000000001dfL } },
-    /* 54 << 392 */
-    { { 0x60e7c5987a182f35L,0x60a81db4abc6a786L,0xa067c36017995827L,
-        0x4d1b77557880874dL,0x79a8c6235b3e98d0L,0x0301653a9ae9e287L,
-        0x32be063279f6a138L,0xf8d8c8ed410d08d5L,0x00000000000001b5L },
-      { 0x2b071af2a699c790L,0xa8d0fde78eae615cL,0x76c4cd7340ce53bfL,
-        0x7c36a3f742866824L,0x870e41145d8103bfL,0x1804432af7b9f5c6L,
-        0x755a6755da7a89f1L,0xed97487081c30af9L,0x00000000000000a1L } },
-    /* 55 << 392 */
-    { { 0xc713ff085d801301L,0xf291ca368d9b4f05L,0xb3705a12e497df3bL,
-        0x375e1513870fa5afL,0x1bedb38c4d5d9664L,0x418429ed114386c5L,
-        0x7e3be1187561f279L,0xc7253d1a4481b482L,0x00000000000001b8L },
-      { 0xf5ab88cab54466aeL,0x2dae1aa5a2485564L,0x1c5fb396c500fd73L,
-        0x056e87292af65306L,0xb7b4568100a94c1cL,0xd6401f60194f2a01L,
-        0x526b81492fad156bL,0xa59af828a8705811L,0x0000000000000115L } },
-    /* 56 << 392 */
-    { { 0x7ff87b1828b89234L,0x575b28532190da3bL,0x6cb04cf22920f908L,
-        0xe32b0d0ea76a9361L,0x027f1c53b013a013L,0x77e8e27c2aaf2e7fL,
-        0x3893cb0fa11e5652L,0xb166780751a15388L,0x0000000000000185L },
-      { 0x25c5deff91ed25b2L,0x08e728a029e55ce0L,0x7b1d2010d66015ceL,
-        0x73f667cefeb85d6cL,0x9f9d44e01d9437eeL,0x67a6af17f0ca5a45L,
-        0x187111cc3ef07297L,0xfb461da6e1bf1374L,0x000000000000011cL } },
-    /* 57 << 392 */
-    { { 0x8bca57126c0c1111L,0x3c2a9c8f3987bdfcL,0x195b1886f65f43a6L,
-        0x5edb9cbca9a638d2L,0x1431220ace7b35feL,0x67d81dc8b9c9e116L,
-        0xa7ac26bb4fd8d442L,0x36ed9544c1404219L,0x00000000000000cfL },
-      { 0xe7d51488f0454b54L,0x116abfb6322e62ddL,0xb1f5e4f6001cdbf0L,
-        0x9bd7a0abcd63aeaeL,0x47c74ae592cdc9cbL,0x227b9e3eca320f47L,
-        0xfa2f9090db249cf3L,0x5b61134f5b7d7aeeL,0x0000000000000185L } },
-    /* 58 << 392 */
-    { { 0x43f9e01159567749L,0xa8d74c0c892a23d2L,0xa2a6b93c4bf3e620L,
-        0xd89ed75630144479L,0xe5959b544c80c6bcL,0xa347e101c7491d8fL,
-        0x4c15de92a7b7e26fL,0x6abeeb069eb0ff29L,0x000000000000012eL },
-      { 0x5140f873047e9fd5L,0x95b33ace83629d83L,0xbf2e419db7778fc5L,
-        0x6312ed5f27390d18L,0x786b21f5b52a1899L,0x440713779eba3860L,
-        0x4a5c36d9bf4ba461L,0xe456c1a900bda888L,0x0000000000000157L } },
-    /* 59 << 392 */
-    { { 0x1447b2045e0c66c3L,0x29de6f26ef30a205L,0xde1a4c88ce42e500L,
-        0x5e3b0fd1142dc812L,0xa09c32a50c08edb8L,0xff98ab9bee677bebL,
-        0xfe7f349438e3e89aL,0xc8cdfca112d9eb21L,0x00000000000000a3L },
-      { 0x08002f8e769eaac4L,0x4e6619127e091da0L,0x4f251942d82a7ee4L,
-        0x04224eebaddda269L,0x52263b35de1b38faL,0xa5bf36c7afeb716eL,
-        0x37a49608b7bed189L,0x6adfba3c0e29dfa1L,0x00000000000001bfL } },
-    /* 60 << 392 */
-    { { 0x40081916318060c8L,0xa156d0f0ba050c4bL,0x8dc9db0e2b261fa1L,
-        0x68193be8df24d4d3L,0xbbe73d7801ab2aefL,0x0b5476e951f96cf0L,
-        0x596e6ffcb23a6db3L,0x19c3aa46328c3923L,0x0000000000000125L },
-      { 0x4dd42ff66a2f1ee0L,0xf18649df63cbc446L,0xcc5e8e48ad36c42dL,
-        0xb5d4fa7bbea9ed49L,0xe416534f32b06489L,0x94451bdceeb06919L,
-        0x7ce63f1bda8c40e5L,0x7c5eb653de02e8bcL,0x0000000000000166L } },
-    /* 61 << 392 */
-    { { 0x2b1881b9ddf7ab7fL,0x273489fcd43adb7cL,0x4f3bced12fe87555L,
-        0x67ce19731b543d67L,0x7eb827d4fb21a673L,0x2c874f363c90ce65L,
-        0x63771809ae3661f0L,0x25e81e55185e86efL,0x00000000000000d4L },
-      { 0x75cb5647a9b46abaL,0xe2d43a0498398ae2L,0x082e5804f8448dd1L,
-        0xb6b5fbf01effa351L,0x8b4e95a375ee0d01L,0x06330f8cd78e5cfcL,
-        0xbcc0fb586ad576ecL,0xc22b7b8e85b758baL,0x000000000000010bL } },
-    /* 62 << 392 */
-    { { 0xdc394f862b10c060L,0x7f3635c2f1d68dd6L,0x3b34936258a2aefcL,
-        0x588c1a8631e77678L,0x6b1049c678fc729dL,0x45a9ba71868947e0L,
-        0xe9942ba2cca46979L,0x3d7cb195075f93c6L,0x0000000000000038L },
-      { 0x33d8da16edb3b71fL,0x42573533d151ca7dL,0xb104ef742e4faffdL,
-        0x3f9371862391eaa9L,0xa30cd9a391847e30L,0x9f51fc0894616135L,
-        0x62f836fed3dfb130L,0x8ded8ab1d7469a7bL,0x00000000000001f1L } },
-    /* 63 << 392 */
-    { { 0x1d872ee0919b82d0L,0xbb4d27900009b3eeL,0x3b7329e978baf440L,
-        0x8263e55cb963f90aL,0xdbc7ce8a45acfd70L,0xbab362ce2b929345L,
-        0x9c781d6df934b89dL,0x15e751c458e6ccb7L,0x0000000000000075L },
-      { 0x96c9fc5853add358L,0xf7cecd0bdb680749L,0x65ebb93796cf3096L,
-        0x87a7f1a067509825L,0x5425deef814d4898L,0x654213dbde0f2f8fL,
-        0x958c4db48148c6f8L,0xa910a27703d86f8bL,0x0000000000000141L } },
-    /* 64 << 392 */
-    { { 0x1379b176e80649c8L,0xaa0c2dc8b7fdb132L,0x3f3050ef1134ffd2L,
-        0x28d4e288d4a76f0cL,0x22ca05f7cd9b7f91L,0x9174bee06e7b9ee5L,
-        0xc0ddc6356b341cb3L,0x1cd07d05eea9da0eL,0x00000000000000bdL },
-      { 0x423ec36bbbaa1df4L,0x33ccc8ade74c741eL,0x598d466249b5cd06L,
-        0xd8bfc7e58fa121cbL,0x2cbe86b991bec4baL,0xbf1fe841e8453f40L,
-        0xa35ff85d392592b5L,0x8de9f3df9c5807b2L,0x00000000000000fcL } },
-    /* 0 << 399 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 399 */
-    { { 0x40f66d1915b26e6aL,0xfd654e8a64400d78L,0xe408365366ad9de7L,
-        0xa64ca69b686c1b2eL,0x698749ffa80066e2L,0x197528a4b76196c5L,
-        0x2bcfcf647bf835dfL,0x1a83fe8460e478bfL,0x0000000000000020L },
-      { 0x948f3e0ac46d1075L,0x3ccd3dc1e5c05fcfL,0x11b825b26414eb04L,
-        0x2b7a9a5521e3f864L,0x2a24f5706daba159L,0x51900d4ade3eb61eL,
-        0xaddc9096a6a6766bL,0x357eabf9e9dc3b6bL,0x000000000000007cL } },
-    /* 2 << 399 */
-    { { 0xf5c1a4c690185363L,0x15f58fd920c04ed5L,0xa7b46e0ce913a1b2L,
-        0x1e7167c636f1d8c5L,0xf4fe6bfebf5fcfb1L,0xc46faf10a6c2027bL,
-        0x45d593004e1f12f4L,0x46bcc87312185485L,0x00000000000000caL },
-      { 0x7c5180716432c12bL,0xb7e004ad90ae7556L,0xdf847160d8532693L,
-        0x4d8c7b8aa18b3802L,0x90e2504596872af8L,0xe69d4894aecb6fadL,
-        0x6ddaa06c17d0fe85L,0x49f1a466340c3528L,0x00000000000000d9L } },
-    /* 3 << 399 */
-    { { 0xc6994861edb77a32L,0xc0f2710e201b6740L,0x11783a64ccf36bb4L,
-        0x1630e8ffe0b5e3f2L,0xd2491b8b26aad4b6L,0x3256836112f7b4b7L,
-        0x99a8959b60726313L,0x3cec4f7d4a40d4b4L,0x000000000000011fL },
-      { 0x47cbbf961233c171L,0x1ea33d4222a94a13L,0xb5d248d864606917L,
-        0x6a7bb04e94261f36L,0x701e50e4b981ece8L,0x8d98d5f9f1f36171L,
-        0x13e58d4a2fb6d9e1L,0x9c02d71bdbf4e167L,0x00000000000000a6L } },
-    /* 4 << 399 */
-    { { 0x64782a476da18f9eL,0xb89e0b654a496e02L,0x437a49f6501c3a88L,
-        0xae9ea08748a19f6eL,0xa787948b346d2069L,0xa6b9a3f1532eed3dL,
-        0x728ab35e8ad26937L,0x3cf24801041f4f43L,0x00000000000001b0L },
-      { 0x5e272327cbbab58eL,0xe4a3c5f9f8705ffbL,0x2edc1c8eedd26ee4L,
-        0x1bd46ff5f26d033fL,0xcc566431d87192fcL,0x03c7e40611764c8aL,
-        0xebb80e34882a69abL,0x7a7f694361a08d84L,0x000000000000011eL } },
-    /* 5 << 399 */
-    { { 0xd0861f01b67232e5L,0x3205675cbdf5cb99L,0x2a44e3cf1cfea92bL,
-        0x1eb229f3cd5c6e38L,0x81f6ebd18862b582L,0x352be0bf4d434531L,
-        0xc8516209d530e407L,0x4f591cd009b02235L,0x00000000000001a0L },
-      { 0x8b5483211f7e7b7cL,0x566ba99cc0ef1651L,0x3c01398da82de656L,
-        0x91efd970cc222c87L,0x5dbe62201a5c5157L,0x777a9fa3a2c60991L,
-        0xe77e3a4db85f488bL,0xdfb3c629f1b3b74dL,0x0000000000000057L } },
-    /* 6 << 399 */
-    { { 0x68f4a4e058b77137L,0xd8a34e67f12f5bbfL,0x1781240f1e0619c2L,
-        0x44495373498328bdL,0x98e9f61a545b7d41L,0x767db401602a0c48L,
-        0xe138e5e8806301deL,0x65a3883b4b21aa89L,0x000000000000012dL },
-      { 0x647b00780423fe94L,0x424f483ffd276310L,0xaca222fbd6a06303L,
-        0x47162acbffa52c17L,0x7ae0c5019de267feL,0x998dc9bb667a30c8L,
-        0x988cf192af48c727L,0x0a270986dfa23a3fL,0x00000000000001fcL } },
-    /* 7 << 399 */
-    { { 0xc0de0a4647a483d7L,0x0946aa731afeca92L,0x2c67c9fb91e66640L,
-        0xf3b518e6ebd0a936L,0x8eb8587c263a1c1dL,0x900d28a75c6581b5L,
-        0x50591d7a71723e84L,0x47f2689834a99ff8L,0x000000000000016eL },
-      { 0x52fa5964e25d2f04L,0x0e347f610f4fb57eL,0x4bef23dcbdeed9f3L,
-        0x212f5df4432fedd3L,0xde891c950211bb33L,0x13ed4284567558bdL,
-        0xa113c3552c283e9fL,0xa06260f73e48dd8bL,0x000000000000003cL } },
-    /* 8 << 399 */
-    { { 0x5c9209c1c4646439L,0xceb6698586c5d6bdL,0xa5f5225829e415b4L,
-        0x18fff2c1e95d2a27L,0x21d464f1be40c8d9L,0x11b4696e059828cfL,
-        0x5c1f73c570f76aecL,0x6019fadb273e3f5bL,0x000000000000012cL },
-      { 0x6d1ff5913eefab44L,0xf913524cba2986b4L,0x96fc0b7a290dcf2aL,
-        0xf9e7ab52061df2a2L,0x66401173d47330a6L,0xff2aca188b9f749fL,
-        0x8d4ac80f1ab42ac3L,0x10ec329ea1378039L,0x00000000000001aaL } },
-    /* 9 << 399 */
-    { { 0xc06dc058c4f1cb73L,0x739370439ab6fb16L,0xb663bdf55f7fa374L,
-        0x8f5e3b3839fa047cL,0xf517fb9ad860a576L,0xcb414b9bd755537fL,
-        0xe86864ea508a12c8L,0x49a663b4cdaab9daL,0x0000000000000029L },
-      { 0x9e4da7f330251bfaL,0xb084b69fac60f268L,0x15b981fb93903a9cL,
-        0xa6905f206dcadc57L,0x81e961cf5050b9b0L,0xc583b4e4f6646d47L,
-        0xe30e25dcfbc96082L,0x8c92e5d8f0b0ffc1L,0x000000000000000dL } },
-    /* 10 << 399 */
-    { { 0xa5fc51ef9c1d86ccL,0x66a9b8980b3faad3L,0x96c73c2521d124edL,
-        0x392440db050626ceL,0x02bfb1ac50a4a12aL,0xc70a30741742ddddL,
-        0xf1f9daa647fe811dL,0xd4baa6b1fb3ce6ccL,0x000000000000016eL },
-      { 0x09042d7509d96ce7L,0x4c92ce693315f77aL,0x4992b1f9a9c0d9f6L,
-        0x7c0ffbacd18ec980L,0x53d205dca008ab38L,0xf0a098f7c908481dL,
-        0x2bffd3630ba397beL,0xca36e99f49003f86L,0x00000000000000a2L } },
-    /* 11 << 399 */
-    { { 0xd239593542d95daaL,0xdcda6a94ea334140L,0x9c27790794a62966L,
-        0xc61b5734f86dfd3eL,0xd943aea70796fd19L,0xaca22cf206f55e66L,
-        0x55372159c0b75487L,0xc7b6b1d2d1244fdcL,0x00000000000001e3L },
-      { 0x13f187feb3b5b131L,0x8620e1362bcd4cccL,0xe68718297f061f4fL,
-        0xcb04eeb2f4a85e13L,0x4a93fccba0f352beL,0xe2ecabd9b9d84a8dL,
-        0x7183cdc20b9058d5L,0xbf25cd935d8dda50L,0x0000000000000168L } },
-    /* 12 << 399 */
-    { { 0xa074fdb7be4badb6L,0x97b054950df5f046L,0x5a3f64e4eac3a8b1L,
-        0xafc5e0132971faa1L,0xe6d4ae36568e4a3aL,0xeb0324bb97479a2aL,
-        0x2dcaf3d866a2c69bL,0x9f9b5551813f21eeL,0x00000000000000fdL },
-      { 0xea8f05c8a13d686cL,0xf27edb763bdbd1deL,0xb2e5fd405c65b0f4L,
-        0x5e959c016cbd964fL,0x02ccb301dbc193a1L,0x34ca7ed9013b972dL,
-        0x7191cd287ede3f2fL,0x1d07f45798bf4e0cL,0x0000000000000057L } },
-    /* 13 << 399 */
-    { { 0xe0b1685c5ebfc951L,0xa517e7a232c59513L,0x9a6282865780ed11L,
-        0x499d70c775533b55L,0x593ee20b020f6027L,0x63a5ee05f683a38dL,
-        0xf672f073150476ecL,0x621c8f9616caa574L,0x0000000000000094L },
-      { 0xf0da17c319bf3540L,0x77043ebd6e05c870L,0xf32446b727a4416aL,
-        0x2ef699c612d04df5L,0xdd3cfd1f324cbf7eL,0x0171a41f631b06ceL,
-        0xd12b01852e95d511L,0x043cb48ffd0c0078L,0x0000000000000174L } },
-    /* 14 << 399 */
-    { { 0x284e98f320f12986L,0x3112bf24749ea8d5L,0x5fc7a2c42782914dL,
-        0xb2f7c229d94786afL,0x4b17bcaec7158280L,0xa139d563e6189a46L,
-        0x9c72e9c583cc9173L,0x5cd5a6a0be56b6a8L,0x00000000000001a5L },
-      { 0x51f0e802235a8051L,0x153dc987c4c5fb7cL,0xb549e9c79868a706L,
-        0x717390089bdf5c1fL,0x0d04f60cccbec99bL,0xde66c9617f4bd294L,
-        0xa787d95e51156724L,0x7ce4b4a5ae12b9b3L,0x0000000000000091L } },
-    /* 15 << 399 */
-    { { 0xbcb9c82f32d7d93bL,0x1bfdfba7dce386e9L,0xc05d039a3f8b5ca9L,
-        0x58c78e8e299b0f53L,0x1baa1781e60cbd19L,0x8fb6ae0db0eeb838L,
-        0xf26dfec46483aeedL,0x01b7456091303d67L,0x00000000000000ccL },
-      { 0x39567f445ceae83dL,0x9a407eacf43d8eabL,0x361a32025ab1a391L,
-        0x1c532e29d43e2092L,0x558d4fb789f04a1eL,0x0fe9497d2017914aL,
-        0xe96b05380171fd50L,0xc9b0b3ffeff1c1d7L,0x0000000000000044L } },
-    /* 16 << 399 */
-    { { 0xe7f35808fb6618bdL,0x6abb67e1732ef576L,0xaccabb44cd0bfd8aL,
-        0x176ffa9183459746L,0xcc12958585b88b2aL,0x28d94486fff151ceL,
-        0xf55fca164c84bb00L,0x07cbc8419c3a42b6L,0x00000000000000c6L },
-      { 0x488400d078788c39L,0x15ebb100d8eb1fdcL,0x58decae3bdc05f72L,
-        0x3bfda4a75d56a2cfL,0x7ea3f8ec5ae6701eL,0x652e7e0b3aaacab3L,
-        0x267d275228609228L,0x52ddc983912efd7eL,0x0000000000000029L } },
-    /* 17 << 399 */
-    { { 0x4a33ff03ff5fa227L,0x12b266a45dfb4bb5L,0x18ad0812a77d3789L,
-        0x316275f3135e8b73L,0xb8aeba2e1aaaa211L,0x30578d2fb9d962a9L,
-        0xf8b00f02cb534bc9L,0xb935149cdf535572L,0x00000000000000a4L },
-      { 0xf8d93fe1793528c0L,0xea0a5bcdaa631367L,0x7a221948dfb0e4e5L,
-        0xeab2e52a857da8f2L,0x80f72c632657a647L,0x24118aa3a1509961L,
-        0x1131400950388917L,0x9ff6d9f6a085a80aL,0x000000000000006cL } },
-    /* 18 << 399 */
-    { { 0x0ce0f89f0356ef50L,0xd8cdf51e37f24a9aL,0xd0720e9bd237fd55L,
-        0x20b75973aeb71292L,0x0d6efb23e42b2758L,0x0fcbdd568721aecaL,
-        0x11658ce90fda8ae5L,0x23a4d576700782d9L,0x00000000000001acL },
-      { 0x77fc6f2f903bb623L,0x36710ba75b2a0237L,0x4ea518d1d55a12f4L,
-        0x0c0509e14c95dee0L,0x67e240784bf6c59fL,0xa9bd12b5c925e26fL,
-        0x5865b6c38fabdba8L,0xc6e3433b33b34605L,0x0000000000000101L } },
-    /* 19 << 399 */
-    { { 0x273d761d557caec5L,0xd8de3470242043c4L,0xfc9eec9d6293eef2L,
-        0xa671ef1786203aafL,0xf38b26fe7f44eb34L,0x40c0286ed1ecc573L,
-        0x3ebb5cf5dc14b363L,0x5b2c33762e1dfe45L,0x00000000000001b1L },
-      { 0x836149c9bd11c412L,0x49c3837653342417L,0x4c93a91757fa625dL,
-        0x529ab0965445be81L,0xd172a7c5803a04c3L,0x0c47e6b365873d1bL,
-        0xdcb189bda095bddeL,0x9bc935372caf25cfL,0x0000000000000071L } },
-    /* 20 << 399 */
-    { { 0x8287592e80c0e648L,0x79cfe5b529ce1a05L,0xbc2ed6c732859038L,
-        0x076334f7af367139L,0xe13e55593a592211L,0x94d5548847f87368L,
-        0x15d99113a2f1b6f2L,0x2bc0ebe9ff79885cL,0x0000000000000171L },
-      { 0x68eedbb2ae127d70L,0xadf3485597ae5d0bL,0x02e40ba8d1f6dc0cL,
-        0x46cf4b8f3e7a23c4L,0x111958025626c5cdL,0xde32666e1c728ee6L,
-        0x2c594c77bf2d8b70L,0x3dcf58bb1469bbd0L,0x00000000000001cbL } },
-    /* 21 << 399 */
-    { { 0x7b9d09c5567ced39L,0xf2c277bc10de6fecL,0xd48b924b423b4942L,
-        0x21f49c8bb147ebacL,0x45ce05f0003eef62L,0x291f77ada2b01ea3L,
-        0x754bbb867bf14c9dL,0x2abeb1fedb8f0b77L,0x0000000000000115L },
-      { 0x8de7419c48073c55L,0x540008c26fbb1768L,0x579ae6d9610d5a83L,
-        0x7c2f90d43ca9c514L,0xf5bb5df4e078dcfdL,0x02cec780eae4e114L,
-        0x5c4d230feb0c66f8L,0xce73ffc6c28bf3d5L,0x000000000000005fL } },
-    /* 22 << 399 */
-    { { 0x548235d6da309336L,0xdc058555d0ce4b03L,0x8103a260117d9fb1L,
-        0x7aac6ea7962fbeaeL,0xdf219bc75f9f7c6fL,0xdb529bd239755a22L,
-        0x7b68e00472676f34L,0x99590caac5011f75L,0x0000000000000027L },
-      { 0x8b591dde80e9bfe7L,0x510daa29259b4046L,0xa6f4c61f41cfdbd2L,
-        0x6934a20ef175b862L,0x2a73244068cd3951L,0xcf3ca559d119730aL,
-        0xb8aa2298df77ebfaL,0x8b85cd46f78ece91L,0x000000000000015cL } },
-    /* 23 << 399 */
-    { { 0x6f71753a499b06afL,0xe9d09e3f7221545bL,0x366a725173e4aa15L,
-        0x1cf56688a241d729L,0x45f261b6b7beb74bL,0xb17277cd0d48498fL,
-        0x7009afd203d67414L,0x26ebcdc5e9405ce7L,0x000000000000004aL },
-      { 0xc72b4a31cf1b5cadL,0x047ec0b68676686cL,0x3485799fc8b8098bL,
-        0x62a31effc762e262L,0xf1402ccb07ea3b86L,0x6138f07fd91931f0L,
-        0xa1b2834870baec3eL,0xe8735d8406e9de6bL,0x00000000000000d5L } },
-    /* 24 << 399 */
-    { { 0x5419ed9ae06fb3cfL,0xb454c6fb8e703ea5L,0x9670af86ac4c2649L,
-        0x365e43f40db43887L,0x1ada3d8f00c320b4L,0x1d00cbe5aaffe3d9L,
-        0x1e99987d211142b4L,0xb98381f79cb8bb86L,0x00000000000001bcL },
-      { 0xdd2388378b1718b2L,0xa8cb957e532daa33L,0x20a55f673b041a83L,
-        0x973207121b075250L,0x5a70aa65b7ef4b51L,0xa33056613865f77fL,
-        0x96bd1a89bd8a4303L,0x507d7779fdc197c0L,0x0000000000000048L } },
-    /* 25 << 399 */
-    { { 0x1fa5ad1177a5fbecL,0x8c566037b8b5655bL,0x52848f491321baecL,
-        0x8305e20227f02ff4L,0xedada23bc276f11dL,0xba94317f8acd1abdL,
-        0x8b125970e3edbcfaL,0x75e021d50f5643c8L,0x0000000000000042L },
-      { 0x9ed9e1e313be597eL,0xe271c2a6b74be691L,0xe249fdff2e52b57dL,
-        0xae84ab19d18031b9L,0x7135760af49f27f3L,0x3c4775cc1cc28c5fL,
-        0x49165948fdf0f394L,0xee56522b240d7f13L,0x00000000000000e3L } },
-    /* 26 << 399 */
-    { { 0x16aad8d873f397e2L,0x8cda09d440bb988bL,0xe351cd2da881cd6dL,
-        0xb92fdda9c9a6fd41L,0x2298efad3932267aL,0x76546625a099bb25L,
-        0xdc48a34858230b71L,0xd98ecaccc6ed085bL,0x0000000000000107L },
-      { 0xe3bd2de5dc95f5d1L,0xb890da1f2e2c2366L,0x7c6226a1c4f26cc0L,
-        0xfc1f77bf00356c62L,0x0c8e11f7d87ee6f9L,0x84cc68aa0af9a4a1L,
-        0x70eb714ace01ea76L,0xdc9e3c696ecdbdc4L,0x00000000000001faL } },
-    /* 27 << 399 */
-    { { 0xd3eba8f103dc76a9L,0x92dcb80109d7c9f2L,0x09a3edfb224325ddL,
-        0x78d9b818c87e4b16L,0xbe607e9788d33a3cL,0xdf01263e152e6cf7L,
-        0x49fd31ccb308c83cL,0xed94b658d68d6a82L,0x0000000000000161L },
-      { 0xbaad071e181669a3L,0x5f2e0a1dd54676d3L,0x96ea8e3e4a9ae061L,
-        0x0d2e0ee8ba5bf8faL,0xc1892fe007bb010fL,0xa538bead73632f75L,
-        0x6d794924378c2631L,0xa7c065460205723aL,0x0000000000000185L } },
-    /* 28 << 399 */
-    { { 0xc7f26a2fd5434124L,0x7629d62516380451L,0x8513932307858144L,
-        0xfa1d44bd4627a0a0L,0xebd1be26b90a996bL,0x57baf49237f94e07L,
-        0xabe9cf16d5ee67b3L,0x5ab3cb065fce9c53L,0x00000000000000c0L },
-      { 0x38a153713faee0a0L,0xfc98c0dfa1142d0cL,0x9320556353001436L,
-        0x73acbb7da63e615bL,0x8204c993414da94bL,0x2fd26bc2e8622aebL,
-        0x86a1eb1826467b86L,0xca554d782bd1a581L,0x0000000000000044L } },
-    /* 29 << 399 */
-    { { 0xe33762396cdd9921L,0x4398b198c6386361L,0x05002343551040a8L,
-        0x0a82fca0be2ad7bbL,0x727e2d5f3c1acb10L,0xfcb0c12d4af46347L,
-        0x01782a40ea661ccbL,0x6f1f3e45a49bea1cL,0x0000000000000123L },
-      { 0x3ee55592961c0cf4L,0x15cb90c37c19abf7L,0xad4e930d2ee5a6a0L,
-        0x75b054aa3fa249ecL,0xcea656d85d005c47L,0xcab95ea1be507dbcL,
-        0xda131e43dddfa969L,0xd508e708dfc6e136L,0x0000000000000149L } },
-    /* 30 << 399 */
-    { { 0x01fd929d48d5f1fbL,0x5fb11462724ad844L,0x29442573707ace9eL,
-        0x38b790bcdef7dbd1L,0xb33eef7dd77c1c89L,0x952246e9f8b1403cL,
-        0x11ab7ec0e78d9efeL,0x538af4c702c22634L,0x00000000000000aaL },
-      { 0x3827660d04c6eb59L,0x62a02de83cd9597bL,0x57fa76f246ece58bL,
-        0x03b9fb533c21145eL,0x9e04ec45fa60662dL,0xc28cc184944a4a44L,
-        0xf26c1df341ff380bL,0x6d48b57c13c7f613L,0x00000000000000d1L } },
-    /* 31 << 399 */
-    { { 0x971d5a7b786009e9L,0x846c3469783fdd9aL,0xd9a307cfb335a7b2L,
-        0xd583b59ef86adb9eL,0x17dbcbe05b432839L,0xc67e7b0a35c6d202L,
-        0xc617810a0d50e1daL,0x9c291e5b64bfda1aL,0x0000000000000129L },
-      { 0xcf6a1382ee444a83L,0x073decbf249c2c46L,0x974ad0d3b59b9474L,
-        0xbfc44aa8440132b1L,0x9f959f7d692ea2ceL,0x6653be0fc93ef496L,
-        0x8ed05d4c0b087a60L,0xdcc0c8ba573f0e2eL,0x0000000000000080L } },
-    /* 32 << 399 */
-    { { 0xfed9b067e2eca03cL,0x34ff6f2aeb3230b2L,0xda83b96a31bc82beL,
-        0x3b138d2ccc89c862L,0xf4a27aeeebd59505L,0x29df153a8bb49ddaL,
-        0x2dffec4650a555baL,0xc899108d0fec5d80L,0x00000000000000bfL },
-      { 0xc834e65988da1a0fL,0xb9bfba08eebe47a8L,0xf59d33937b3a2b73L,
-        0xffc7cb5d8decf4e4L,0x72477dd583dc5f4eL,0x0a59e11e43ac64ebL,
-        0xda8aa16ccb10a6abL,0xe571ec8c3759c37cL,0x0000000000000047L } },
-    /* 33 << 399 */
-    { { 0x2890f4b93d32bc1cL,0xf4e8332ac455d6e5L,0x7b1523c8c4d7c367L,
-        0xd5006acba60d5778L,0xf958872021f34b5dL,0x8c36c23628d1d74fL,
-        0xdd2ad5092d0b0f17L,0x1a895017b66a2e02L,0x000000000000014cL },
-      { 0xfe2eb1a11d8ec07eL,0x7d755399215e9267L,0x3cf9b914891f82b5L,
-        0x0a77198f79aeb59dL,0xd71d06ce0acc8e55L,0x911f149d3b3c4c20L,
-        0x86f130115d124fe4L,0x6972ef3ede4f5d98L,0x0000000000000084L } },
-    /* 34 << 399 */
-    { { 0x57459abcecbf10acL,0x2d399838f2c3c306L,0x6467c2753f9b1181L,
-        0x58edac9c040e0722L,0x80cb5d10f23a50c7L,0x6db0315b304aab12L,
-        0x7b662c951cbc56faL,0x421b1f244eaa55d6L,0x000000000000019aL },
-      { 0x0bd62b3f5c87fd33L,0xf309039dd7b12051L,0x155dee7fff9da505L,
-        0x66ed5fe9e35d68fbL,0x5b9829227cd99f55L,0x1de7e5f1cebe48cfL,
-        0x44308df3b0e2e114L,0xb2e026d92735bc27L,0x00000000000000d8L } },
-    /* 35 << 399 */
-    { { 0xa0f27eff25c2b290L,0x5496d39c3c7b110fL,0x96d99f277f278d2fL,
-        0xc73da2d2f5de1a83L,0x77ad34919fe0a789L,0xa2a7bdc8f2e23c14L,
-        0xbc162cebd10ff276L,0xdea043e2ce028697L,0x0000000000000121L },
-      { 0x909a4e1aa11a8d73L,0x985baa0e46b89908L,0x2054d790ac720559L,
-        0xb6b4e53a1f8067faL,0x39b49b6b1e143560L,0xe96e6562581d42e0L,
-        0x7a540841b920ef30L,0x34edae19ff2eccb2L,0x0000000000000196L } },
-    /* 36 << 399 */
-    { { 0xf4c48d376d17d9b5L,0x714b38acd9b7c9e8L,0xb332763c8e59bd23L,
-        0x704ec12ed64f9bc6L,0xef738ab2c472c08eL,0x39d182692313abb9L,
-        0x64b05426cd80c265L,0x0dc6c228345afb94L,0x00000000000001d2L },
-      { 0x7d51410b7a9c096aL,0x3acb41805f7d6f9aL,0x10559f44ecd13fc8L,
-        0xfa6f5288446a07cbL,0x2799b503ded0e010L,0xdc865f094fad1e65L,
-        0xf1de127e0e77baffL,0x25f090228bad6efcL,0x0000000000000198L } },
-    /* 37 << 399 */
-    { { 0x6e9dad7a10b10723L,0x4528b97a9561e0a4L,0xf6ce779cef7aa977L,
-        0xd0a07355c09f82f6L,0xa519f70c6f5a96aaL,0x09917e5a0aa6d4ceL,
-        0x261a96d028994835L,0x28e78eb2ec9a5868L,0x00000000000001e3L },
-      { 0x60efc88871882100L,0x795ce82f5fe4b377L,0x8e805c686f587d64L,
-        0x3cd8bb97cae577abL,0xdfa751c31d8417c8L,0x940341deec17e1b7L,
-        0x3e87a1fc1135e1a0L,0x94f8a8931cbee12dL,0x00000000000001c3L } },
-    /* 38 << 399 */
-    { { 0xf257b5cd9cec713fL,0x928b215a0356f001L,0xb2c44dd22b0a2d42L,
-        0x62055ba191c318deL,0x0e298611dfc58d1eL,0x8840d79c383da28cL,
-        0x324e3dcfb18554bfL,0xea84bee97fabced0L,0x0000000000000041L },
-      { 0xafef969437baed5eL,0xc04bdf2c2f5a6cfaL,0xf75197c07eb37653L,
-        0xe5b011b029cdd976L,0x1f41be962c254ae4L,0xcc771ab718829595L,
-        0xd1215bef12f64b06L,0x5e970494117f72fdL,0x000000000000016bL } },
-    /* 39 << 399 */
-    { { 0x83bb6de40bcda6cbL,0x90f2fbdc1e5fb277L,0x0f6f3261119a1e8dL,
-        0x7f6434f8dc73b93aL,0x8a1b958a9158b9c6L,0x43fb60a45ce9133bL,
-        0x9bd5bb0284d86dc4L,0x1e3a7ca06872b101L,0x00000000000000bcL },
-      { 0x8d2d115f230c41bfL,0x1e7df5d4916b43b7L,0x3815b3c724d94d99L,
-        0xb463eb11ef11894dL,0xccf7ca983c63af75L,0x0bffd871dbaac87eL,
-        0x267db8678dbe5699L,0xfe97d927bf6cff8bL,0x000000000000000eL } },
-    /* 40 << 399 */
-    { { 0xe32ddade157a2ae6L,0xcfc8bf7c0e6e08e9L,0x35f750f3bc2e3f23L,
-        0xbfa297a200d897acL,0xf3283590b52421c5L,0x1f2b851222bf59afL,
-        0x7f63809d62e5d037L,0xc33dc13581ee5e5eL,0x0000000000000022L },
-      { 0x04b006db4bff94b5L,0x373fdb9ab2cee9beL,0x39e63eb4cb8d9886L,
-        0x4b371662202592c1L,0x1f5f94a4f6935600L,0x6f7103c47eefd53cL,
-        0x0db5f837a02bf79fL,0x29cb566178a72ceaL,0x000000000000004cL } },
-    /* 41 << 399 */
-    { { 0x34338894e3f3888fL,0xcd26ba945a0ca66bL,0xef170a1c666f902bL,
-        0x34f0dd0554012d0fL,0x4c8744603ff21e0dL,0xfdfa53e5f2384339L,
-        0xdd11e707557da25aL,0x9cdc67f0075996ebL,0x000000000000009dL },
-      { 0xbe8e6f5910ed53a7L,0xcee1132182822051L,0x3bc4f5f9b57cdbe0L,
-        0xa83b5947d318ec78L,0xc841ef967a0a6d8bL,0x689ee84e011639c6L,
-        0xf07f99d813ee15cfL,0xc49549ad5a0ea35bL,0x00000000000001b8L } },
-    /* 42 << 399 */
-    { { 0x4f2333e5efc1df8cL,0xbd1683fbcf67e9a5L,0x8c867003532ed940L,
-        0x8178b176f39d6717L,0x789e5a65e8865f2fL,0xa288918433099d45L,
-        0x136d38ce4d8936faL,0x3920c375950ac39bL,0x000000000000005fL },
-      { 0x33bcf75a182da275L,0x3b42095667577d3aL,0xe6dd20f8f6767c3aL,
-        0x8dab007359b27062L,0x5186bec68f34af3cL,0xf084043d42d72626L,
-        0x50fbd81a90cd4665L,0xb932207e385b29f3L,0x00000000000000ccL } },
-    /* 43 << 399 */
-    { { 0x3e2481ddcca46795L,0x2ad212182d2f1511L,0xe81633a7aea3821bL,
-        0x60ed6123ca636678L,0x2af841042b8c035eL,0xe4c0875e9f7cd940L,
-        0xeeb262546d649c9aL,0x9c1dba6f70179ed5L,0x00000000000001c5L },
-      { 0x1acf2025e719d7e0L,0x27ac0cb7bca64a98L,0x1a4f58f5f9a54bc0L,
-        0x3c2fc7016a743761L,0xa916ab7a0767dd6aL,0x8953314117fdfe8fL,
-        0x5eef51dc4a7d6265L,0x1a1890e548920a64L,0x0000000000000177L } },
-    /* 44 << 399 */
-    { { 0x7772aad1a323089bL,0x1c3eba0a917ff79cL,0x8b9da0870fc8b113L,
-        0xbe669dc94e5c0c10L,0x3ad27c13cac54859L,0xdb835b140cfda5f2L,
-        0xfca9e3fef20ee2dfL,0x80870761674b7ebeL,0x0000000000000167L },
-      { 0x788ed1db4356cc9dL,0xaa557f015b5c9608L,0x62c22482cd869134L,
-        0xd0ec45740dff5303L,0x3df51b9f5389ca31L,0x59a6e53145b54873L,
-        0xe6052b072df10bc5L,0xcb7107d41f4cd861L,0x000000000000018fL } },
-    /* 45 << 399 */
-    { { 0x24d270b0a2c5f6cfL,0x97246482f54bdbe0L,0x2b71247a8ae3277bL,
-        0x3273c1c9a45552f9L,0x6187912dda706e75L,0xc43665644e2903a3L,
-        0x9243d5b29348f72eL,0xfb5aac5ba7b876e9L,0x0000000000000070L },
-      { 0xe9b247659aab621cL,0x378e7c849cff96f7L,0x794aea34d6ebe2d4L,
-        0x4eadc9d51661a8d9L,0x48c7c8058a105436L,0xcd852b6dd8d196c5L,
-        0x40a4c838d2c05f91L,0x60b4425eab562273L,0x000000000000008fL } },
-    /* 46 << 399 */
-    { { 0x68143217fc5598cbL,0x55f45fe3ecb8be5bL,0xdc707a143627496fL,
-        0x5a60f85e9665cf29L,0xbfa30147a13782ccL,0xcecb4dc9e6496833L,
-        0xa712fe79bd9761a5L,0xcbfbb56a078c3e11L,0x0000000000000030L },
-      { 0xb0a421291e0066d8L,0x23f10112fdd822f2L,0xb83cbe5147e7d2afL,
-        0xf5d65634852e2252L,0x6223702b277cc79bL,0x1bb298814b2433f5L,
-        0xf8ba03fcca6ccb00L,0x0859156462e0a22fL,0x000000000000000dL } },
-    /* 47 << 399 */
-    { { 0x2b6f7947ec51092cL,0xacd21ef95149fc12L,0x5f45cff7fb65ce50L,
-        0x1f51d19eed597402L,0x8b5ddce12b9e93a9L,0xd47f7ace6c0ec08bL,
-        0x7e2e638e2f64a0d8L,0x734b83b65e71988aL,0x000000000000014bL },
-      { 0x4f6e691930b08bf1L,0x7dce78e400390037L,0x22ff88f758d11de7L,
-        0x758620d621202d1fL,0xb94a535664939469L,0x17da7341acee471cL,
-        0x2d37a341fd2310eeL,0xa8601bc372a3c4eeL,0x0000000000000078L } },
-    /* 48 << 399 */
-    { { 0xc0c5b4a6fd219d25L,0x52c7f6ed058ff8a7L,0x1fe69b86b6e0acfdL,
-        0xd1e3e73b52a447c1L,0x31537c0968054dfbL,0xc312a9a53edbbcf9L,
-        0x893237de8b0f13bfL,0x1784bade6ea4ce95L,0x0000000000000191L },
-      { 0x112af36812489269L,0x49acfb797f0d7098L,0x94f9883080743844L,
-        0x46a890ed1c9b2deeL,0x7874e2973b42178dL,0x026f247f131ffe31L,
-        0x9f9e06e01658f803L,0x8beebca7b4c25ec0L,0x00000000000000ddL } },
-    /* 49 << 399 */
-    { { 0xff25d39a56fcbb0fL,0xf3167cd6767aff46L,0x0d149e1fe37f1498L,
-        0x5cc5476e4ef8353dL,0xf483af728a100b6aL,0xdff90a5a5e61a9ccL,
-        0xef06ad071b8683c9L,0x1a51a840f21160b5L,0x00000000000000c5L },
-      { 0x0cf4a4f250535795L,0x6465217feb140724L,0x39b30eb481336b95L,
-        0x4d6808ed2ff959b5L,0xd2cbd262102f0eb9L,0x81a05ea2401e2b5cL,
-        0x1c88cf3f90e33b3eL,0x0e5da177bf342b81L,0x00000000000001f0L } },
-    /* 50 << 399 */
-    { { 0x692d5ad031e4d9f9L,0x404aeda94c975f59L,0x774d5f574567894cL,
-        0x9384a6d394c384b5L,0x5640862431f1ade9L,0xc7fec784ec664a1cL,
-        0x1855d29dd8daa744L,0x215688b92cb5ac77L,0x00000000000001baL },
-      { 0x941ccf2069ed9766L,0xbe0bc408bb264b33L,0xaf690b685fc53f91L,
-        0x2d3d6a0d402b1ca7L,0x15f7858d0d0bbad4L,0xd4107f9a09001d66L,
-        0x5d39101058f42888L,0x6dbab76e1957a5e3L,0x00000000000001aeL } },
-    /* 51 << 399 */
-    { { 0x45213613b7e2c6ecL,0x40eba404231a4131L,0xb6fefe73a732bae9L,
-        0xa1e9bbf5dad5d26aL,0xd4292e9b3754d63cL,0xfa2f7d163b4afd0aL,
-        0x101c23ab45993a58L,0xef2e6c2e76be32b6L,0x00000000000000a7L },
-      { 0x39ab0b2e91c2102dL,0x08c2853a38a0dc87L,0x0bf44cb5fc98a8c2L,
-        0x3944bcc04053d1dcL,0xc58245c95a4c6921L,0x727b1481097fd198L,
-        0x65aeacda0fd2d648L,0x39f714eab57be657L,0x000000000000010aL } },
-    /* 52 << 399 */
-    { { 0x63b6bb80bd8a172bL,0xa4fcf17c5dbcddfaL,0x20d9c687abd07afaL,
-        0xd2c3d30414609e55L,0x54f385032006d72eL,0x26b914c24df39b12L,
-        0x27f45ab386f0c497L,0x3dcc1ec688f50651L,0x0000000000000073L },
-      { 0xdeb2636533f06be4L,0xfcf1a35db48f3d92L,0x7fe1fd3af7cc2a73L,
-        0x41ca3e11e6aa5884L,0x164881a8cdc21e13L,0x8cad911a03484874L,
-        0x767521e9e9c3025dL,0xde97f814218da4baL,0x00000000000000d6L } },
-    /* 53 << 399 */
-    { { 0xd3ecaad9f421e457L,0xa1343944abcd6bdaL,0x5e3976b4ef498da9L,
-        0xb3b59e1df3f12ba3L,0x07bfc03c8e4490c0L,0xd5fa985d5b53f101L,
-        0x715822a34bbf7797L,0xbd2d7345fe9453b0L,0x0000000000000147L },
-      { 0xee1ec3a72f095506L,0x1fcc2581a4577097L,0x8c650b965b1bb6c7L,
-        0xc19686238a67baedL,0x6105e80775b944f9L,0x45b830e0d8ad554cL,
-        0x4bebdb941e52e028L,0x5fb560dfd302d75dL,0x00000000000001e1L } },
-    /* 54 << 399 */
-    { { 0x41cdf0a8090e62c4L,0xc203cf661a389c50L,0x08873cd92fb0e7b4L,
-        0xfb7d8fd2849e2c3cL,0xbf0ecf0abf15a0daL,0xcff06a5ba3288614L,
-        0x3ea4f678a5a1bd6bL,0xd07f4fea5a0b447eL,0x00000000000001e9L },
-      { 0x7bde418b0072eb53L,0xc497b7d7c895370cL,0x360c81eebfb58e0cL,
-        0x4db855d7ca0d8993L,0x21da05101cffe5c2L,0x4e6c55e431da01b2L,
-        0xab33e450a177a1caL,0x4e024158c8d9d072L,0x00000000000000c7L } },
-    /* 55 << 399 */
-    { { 0xf01997349c89c37fL,0x422e2013e23346feL,0x872234bc0fa240cfL,
-        0x073c9ec935c98044L,0xc5f576844da45c45L,0xd9f227f2e036eaffL,
-        0xd624bcb8753152bdL,0x63adde436cdfed8eL,0x000000000000004fL },
-      { 0x6ed39da2e48f14f6L,0x7e044ac48399ed5fL,0x3d32aa1ccadb8a57L,
-        0xb17680e165432f64L,0xd1ac87201062afbaL,0x2977e3c2ea64a181L,
-        0x3c50ec594f5ebbd5L,0x06d71e4b8c0f88e2L,0x0000000000000116L } },
-    /* 56 << 399 */
-    { { 0xb3329e3168581a3aL,0x432c15f5e718d540L,0x50fb0773b5405fb7L,
-        0xd422287361b9c0e3L,0x3a53d3dbae54be89L,0xb7f9d1e582601b93L,
-        0x33d9cabdaefe244dL,0x90c3764d347640a4L,0x00000000000001d1L },
-      { 0x8e0fbf2c912d5804L,0x3b9f0ab36fd05d70L,0xdd8c3192b7d09ac8L,
-        0xf44cab3e47c16785L,0x7de9fd5b35549cfeL,0x38dfdf50eb615262L,
-        0x57e912f224dc69caL,0x69f6970490ea604aL,0x0000000000000199L } },
-    /* 57 << 399 */
-    { { 0x4687247eabad6418L,0x4f83495ac51d51ffL,0xfce781bec0aef136L,
-        0x8abed322580cb513L,0xb85782d6a24589daL,0xb8f7c3ad9c8640c8L,
-        0xa669aef661539d62L,0x9379601cb4477f5aL,0x00000000000001b7L },
-      { 0x332b9e9b0f7d41a3L,0xe7bcdba572f306caL,0xed16c9e3263c7286L,
-        0x5e47df68f8fe3510L,0xf0d18d39e3726bd2L,0xacb28a51274ae3f8L,
-        0xd0de1a497de215c6L,0x4b050057a1b3fd99L,0x000000000000014fL } },
-    /* 58 << 399 */
-    { { 0xc060c814721192ccL,0x1f3185a112876e37L,0x114f15d65821223eL,
-        0x391814b09bd49029L,0x21cb9042f69f5c98L,0x9788e3395a9b2f4aL,
-        0x7b0dfabe54926a1aL,0xbcfa4d6051cd489cL,0x000000000000014bL },
-      { 0x19829a11c90ff321L,0xf6ca593932b21fe7L,0x6d858a7cf4f5aae5L,
-        0x0dca676f9e7b2f50L,0x000990c44b9f09d5L,0x5b89da9c85dfbfe2L,
-        0x3d5e0e8eabe8b3c1L,0x1346693456230753L,0x0000000000000006L } },
-    /* 59 << 399 */
-    { { 0x850d86e94937892bL,0x07fee7bb2443a2b3L,0x33ba4ac4e1cb6357L,
-        0x9d14b81d36923302L,0xe15ac9c895ada402L,0x567bfcd1ac08b951L,
-        0xded4973cab9f0cc8L,0x3b9d665fbe68ffd1L,0x000000000000019aL },
-      { 0x58fbfb85882a8c22L,0x1d20051a57a91ae7L,0xa817c3921ffb42d0L,
-        0xa547264cbd43f75dL,0x5c2c5689eaf301f5L,0x9a6180df6567fe83L,
-        0x3f0b7e47edbc4659L,0x3a74b5825cca8bd2L,0x00000000000000d1L } },
-    /* 60 << 399 */
-    { { 0x8a8d4ca6d8dd2438L,0xd4f4c7bae21c7f82L,0x2146e9df4456d737L,
-        0x99e44513b7846ee4L,0xa1c33ee7dbe655f3L,0x3f9e32737648952eL,
-        0xb2ab63292d2542faL,0xbbd56f29ab7433d8L,0x00000000000000d8L },
-      { 0x9324ab77baf53306L,0x41c9e3370caf808eL,0x29ba5468377d0a1eL,
-        0x20d49c30208ae032L,0x9ed653f68abe7fa3L,0xf31a73b7496e497bL,
-        0x88f1357835532c73L,0x7ae79b0e55591f20L,0x00000000000001f8L } },
-    /* 61 << 399 */
-    { { 0x830254cde199ec6fL,0x0faa16580c6aad81L,0x37a327a5fcd2e4e5L,
-        0xb414910976c46adfL,0x944b4fb9218ba402L,0x4abcc3e5c5df6891L,
-        0x578b24b904111a63L,0xf2d5e4003e278bbaL,0x0000000000000032L },
-      { 0x857d53702414469bL,0x94d6f875d8b14839L,0x83561fe4c13ba3e5L,
-        0x87995be649f39edaL,0x0438cd3e7a4cdaefL,0x56fc49eaa9282dc2L,
-        0x1e7e40c6786edabbL,0x6d7f686a469d086cL,0x000000000000006cL } },
-    /* 62 << 399 */
-    { { 0x73a04d03a28b455fL,0xc84e719cbf57585cL,0xd6d9911fd35e53e1L,
-        0x331034c059f94f9cL,0xadb8fdd3875393a0L,0x3be757f899a478c0L,
-        0x4a62214fe02466a7L,0x18913f0488f2c28bL,0x00000000000001a2L },
-      { 0x952c4e67ff257bf8L,0xf85960a2b4000ba2L,0xb767ebc447e9be29L,
-        0xb4cb73f318047110L,0x2f53d6f5cecc7f40L,0x6d4f9956feaae016L,
-        0x1e8432279badee98L,0x568ef329a23ddf3aL,0x0000000000000141L } },
-    /* 63 << 399 */
-    { { 0x3a99f756c26395e6L,0x4bfbc2e0527eb51eL,0x2e37039c79f00878L,
-        0x78e08d275e6b1e6dL,0x6f6f335145d74f43L,0xbcc475bfc6a9906cL,
-        0x5c60a9a9b8a7301bL,0x0204a0a3d640cb3aL,0x000000000000002aL },
-      { 0xd378e362c2ba81fbL,0x110becf374d1d5d9L,0x14fb5720abb529c2L,
-        0x923d0d28d9b58c66L,0x59d4651aeab145c9L,0x5a9178553c90bf08L,
-        0x5b33d118c24717b3L,0x5142b895dc818c38L,0x0000000000000164L } },
-    /* 64 << 399 */
-    { { 0xb4c4ac143ffe4858L,0x3d9c1b48baab1296L,0xb28b5f0a5791e378L,
-        0x3aa34de82a5d32caL,0x8e90308ae76fb3f0L,0xb74a7ed3c85d002bL,
-        0x48a246ab65840cd3L,0xc8494718771d3f2cL,0x00000000000001b8L },
-      { 0xb3f57d14a28da023L,0xdbc8b8d91d078f91L,0xfa5f5a7aba67f27fL,
-        0x4908adc3fc60df70L,0x4fcdd3e0618486cfL,0x2e725571eb3c5855L,
-        0xdafd1ef5c5d9dd01L,0x806554ee19b9cfb7L,0x0000000000000125L } },
-    /* 0 << 406 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 406 */
-    { { 0xc5f56d18fdb2dd1dL,0xcb31387972b373e7L,0x2fbfa499d85c69fcL,
-        0x49ef4e5504211367L,0x307a9a329f9f852bL,0x00be68013d586d9aL,
-        0x6ab9c6709bea9584L,0xbcb478e24b06f588L,0x00000000000001faL },
-      { 0xb6d095562b1e18c4L,0x2af8b9233a783993L,0xafcf8ae678ca9e44L,
-        0x9139a8376cfec34bL,0xce8cd219583ef0dbL,0x8bf49e56abe307edL,
-        0x89ba853be83c9968L,0xc5694a20008b52d3L,0x0000000000000063L } },
-    /* 2 << 406 */
-    { { 0xc3974b7675276d10L,0xb6e1836c07bb3d19L,0x2b1ba75db1619e9eL,
-        0x1e89c2bd5c4a2ebfL,0x4c2ef54b7285eb6eL,0xba22a605df72938aL,
-        0x51152a2657474591L,0x70c745ff997713f2L,0x000000000000006bL },
-      { 0xa7ab63790835db88L,0x2a6d5526753370f0L,0x157e790a4b2e4edcL,
-        0x0b56220a911f4047L,0xdedaa43bd7c0fb09L,0xc6ff25e35a31e2daL,
-        0x6b0ee7bfa78ab4a8L,0xcbafb78836d00945L,0x0000000000000165L } },
-    /* 3 << 406 */
-    { { 0x537b5f578e6ee46fL,0xf204223120f5b371L,0xaa0921a6b9156758L,
-        0x8e7aa4907ae36aacL,0xdbbfc95da650c738L,0x652cc382eb9c38f2L,
-        0x224f35e15f0d2472L,0x7768c4358367e668L,0x00000000000000a6L },
-      { 0xe0d7b3cfdaef3c5fL,0x4dad6270a0c5684aL,0x24b2fca0e9360710L,
-        0xfd91b89a3e763d1fL,0x822b00bff598fd98L,0xdab869207bca6f89L,
-        0x34db8325c7996505L,0x6e88215523f32f05L,0x0000000000000060L } },
-    /* 4 << 406 */
-    { { 0xbca656eb512e743fL,0xcd94fc24ba4f85ecL,0xf4383ad0048bdf6fL,
-        0xdb10e381587f47a6L,0x47f244e7da3ec391L,0x5f337e380c33624bL,
-        0x9259425f82a3c375L,0x509e56c3f276bf73L,0x0000000000000014L },
-      { 0x2d65148dd94cb899L,0xcac386303b28185eL,0xa36bb7bde102adb5L,
-        0xa1e7e0b5ff3fffb6L,0xc842ceace628e1afL,0x8e6dfa7c8647613eL,
-        0xeafd758584ade38bL,0x7c4c0b0a00188d5eL,0x0000000000000151L } },
-    /* 5 << 406 */
-    { { 0xecb8fc22d872682eL,0xcee69ae9a340ad2eL,0x8aab065f725233efL,
-        0x3314af1015860444L,0xafea039307d4218cL,0x83860c75b56d7265L,
-        0x045d08732f402749L,0xc14d6ebb50676c29L,0x000000000000011cL },
-      { 0x7018485cecc303f1L,0x2c88f82b189755b4L,0xa7d21cd59574649bL,
-        0xff5ce29da5c77fd2L,0xf06a468a58da370dL,0x50d800934a5fd275L,
-        0xcba539d8b69ee483L,0x170868f7f2ee3b38L,0x00000000000001bfL } },
-    /* 6 << 406 */
-    { { 0x21f9e41cf53fcab5L,0x7bf9f35165adec42L,0x6b26bbd558bb94cfL,
-        0x3f786272c6324c08L,0xc4a2eac0f2b7a273L,0xa13f661eac22a668L,
-        0x68b9afc47fe9399dL,0x1b92202959664de3L,0x000000000000009cL },
-      { 0x17c1b9a418a2fe9dL,0x2ba8744435cbdc79L,0xf4a4e0ce0b5f43b1L,
-        0xcf17bf66e7569a01L,0xca184ac9c510d6eaL,0xb90fa4fc1c25e88eL,
-        0xde8a6e1935d88156L,0x1546d7b58d8dc62bL,0x0000000000000122L } },
-    /* 7 << 406 */
-    { { 0xba45c8f36c94382bL,0xc1be84a34e796905L,0xa70a60a281b19d43L,
-        0x5a333dd0a47323edL,0x7b28b6af0b27ff7eL,0x35c03b9fdea38355L,
-        0xb95af1386ae6bcf1L,0xc9ef2a5a2b8ab4d0L,0x00000000000001adL },
-      { 0x324116b7e42a4135L,0xe6f37e6ce3fd98a2L,0x9fd3f19f7c76568eL,
-        0x22b20731515dc1b8L,0x9723434fdb8e80ddL,0x60e6c8e242232789L,
-        0x9716ad2c04d7423cL,0x66529fe435216302L,0x000000000000010bL } },
-    /* 8 << 406 */
-    { { 0xe5d4defb5b3e313bL,0xa821692c272ac52dL,0x63e8db0d853d75ebL,
-        0xe135b25b774da98dL,0x5019813bc0ea0962L,0xa03d6d8f93d92bddL,
-        0x63ad9b320ec90c8fL,0x674e973c21967233L,0x000000000000002eL },
-      { 0x6cfdfea798494014L,0xb9f9c0ce4f03d4bcL,0xb30273db8a4cde4eL,
-        0x81dfaa1b3c413325L,0xf7bc31e7b3964d85L,0xf73996c8fa47fcd0L,
-        0x1d5fe418a94e35b2L,0x7cd3986e9fa4f44bL,0x000000000000017eL } },
-    /* 9 << 406 */
-    { { 0x1b7980a57834d697L,0x9a3aa459c73206aeL,0xe10df0f1912aafe1L,
-        0x3c252699cd81194fL,0x11c78b3f5fa93a50L,0x88c38a165c535f44L,
-        0x33b2a6c905dc99e8L,0xf9a8a90d1ea49641L,0x00000000000001a2L },
-      { 0x96a8c21569486979L,0x97f6097999b6ccb9L,0xfe3df60d18d3f89eL,
-        0x83dfff4ef064bd18L,0x49b4057d54fcb9f0L,0xeab1e88c3f088687L,
-        0xa1765be041072587L,0xf99b2779acf46728L,0x000000000000012eL } },
-    /* 10 << 406 */
-    { { 0x8128204a9a214c96L,0x0e0a82b44882a079L,0x33e5d6b9b27a35b4L,
-        0xab4c56c097462902L,0xe54b628e5b19e791L,0xdf29b1f5d64e8065L,
-        0x6a2862e6ade36f00L,0xcba66d7ddf61110eL,0x0000000000000107L },
-      { 0x76cc421fda5c2464L,0x0c4f2a6322f3528dL,0x2eeb70f2c54214f3L,
-        0x58be1b09eb798dedL,0x2415a2c156bb8dc1L,0xf9c7fd5ca298c0b0L,
-        0xdc7d1ae628082c59L,0xc4ec983d05a44844L,0x0000000000000192L } },
-    /* 11 << 406 */
-    { { 0xa04e47c0c9ed9d3aL,0xed1a5bfaec3716ccL,0xe70c47c1a2e4d7f0L,
-        0x05931685553e5305L,0xa90e6d16c73eb2d4L,0x17058be63459f194L,
-        0xcf1b93fa0e76af5aL,0xbe38213c93f26b0dL,0x0000000000000009L },
-      { 0xa56996c75a0f2a52L,0x9fe2e1846badad6fL,0x64a6ae0d70ff96cbL,
-        0x835954857b77aa01L,0x9910099ceeda6f38L,0x64b3d7f42c333e54L,
-        0x6b13aeb23721114fL,0x791d073c90ca8602L,0x000000000000018bL } },
-    /* 12 << 406 */
-    { { 0x72b023245e3f9a6fL,0xc889374508defdb5L,0xab7235362acd0af4L,
-        0x7ce916a85d02baceL,0xb2abe9dd96314ae6L,0x6b664d88cc74749eL,
-        0x59f417bea5595e97L,0xe77f2e3b52ef341aL,0x000000000000003cL },
-      { 0x1f57cebbe3aa5b6dL,0x870522a68901cd97L,0x926ce7d957cf5e3aL,
-        0x2d8fc69331e15a34L,0xc3a756ad009b6274L,0x498748f3f82857a8L,
-        0x7b27d095b5531159L,0xe2783284c7e359a7L,0x0000000000000082L } },
-    /* 13 << 406 */
-    { { 0xc09185da7e0f6976L,0xd8a1091ec4a3a6c3L,0x7f7a1bdf331817e9L,
-        0x95893105a21b71e6L,0x529b76e0031bc2c0L,0x899c9c15f486e501L,
-        0xa1c9b18f67318b39L,0x2c05bb6aadc3ac81L,0x0000000000000087L },
-      { 0xf051133eb2a8d83bL,0x8b7c0690cecad4bfL,0xcdc32d5c3836511cL,
-        0xf17df7ec1fde03acL,0x65dae2a3603ce6cdL,0x7711a540f1ccc60aL,
-        0x391a3d1b3d8a3950L,0x640a6d5ab3cf9141L,0x0000000000000148L } },
-    /* 14 << 406 */
-    { { 0xcfe4526c7deb11f7L,0x67b27a2787647f71L,0x07eca87da3dfbbb1L,
-        0x6173cd9ab9440d12L,0x0ca8bb2b40f2e74dL,0x3d83a719d740cbe1L,
-        0x0fc562e81d080dcdL,0x16cb8f6f65d8140bL,0x0000000000000117L },
-      { 0x505508d0e8ddf98aL,0xe0d08e494e83c1ccL,0x24215a4d2db487d7L,
-        0x5b91a9b5a9d15e5eL,0xb4d85a71e56eb130L,0x0e03cbc65d7390a2L,
-        0xb43f2613963f58cfL,0x1cb92acaf93a024eL,0x00000000000001d8L } },
-    /* 15 << 406 */
-    { { 0x0b93b131dbe1d1eeL,0xef971fbcfe0effe4L,0xaf4b85c708d49697L,
-        0x497ffb799eb46f2aL,0xb35cd96addc0ccebL,0xd5a55094303e4c0cL,
-        0x3af23c7d86e7b58eL,0xaaed08ec9efb4691L,0x0000000000000099L },
-      { 0xe9dd554da84a6620L,0x87891bcd36fa1b27L,0x8f0d90c7e8344fa9L,
-        0x8342943413b112a7L,0xbc8d11749c77efcfL,0x8a33437af15a8f25L,
-        0x664c7908683b532eL,0x374dc6569c90903fL,0x0000000000000129L } },
-    /* 16 << 406 */
-    { { 0x78d9e7f446045461L,0x841c793e7430d61eL,0xf77b63b8dd245666L,
-        0x4b39bdd5844f837fL,0xce7bb287ab70f0f5L,0xef4b6aa274b7cbc6L,
-        0x9821f978981fdf5cL,0xb63e67a8e506a31cL,0x000000000000012eL },
-      { 0x1d2296041fc1da54L,0xa5b7e873d0c4b6bdL,0xeb72b87bf59127b7L,
-        0x8db0f3859fbc54b7L,0x534ebf9461462a53L,0x97099e7580b9d20bL,
-        0x0ed2d96a88aaa712L,0x415ca08a6a1b85d7L,0x0000000000000091L } },
-    /* 17 << 406 */
-    { { 0xb379144aeb469a20L,0xc5437f8f1cbea72aL,0x7728e8b42b9ec8acL,
-        0x606e8adf8a15a0e9L,0x8d8e962ac004f3a3L,0xd5df086da85ebf2cL,
-        0xd33bcdaafb6dcbb0L,0x0fdb0c9f07f2cc3eL,0x00000000000001e6L },
-      { 0xce44c6c293c2da62L,0x378521fae38bba04L,0x82a8e500db763d85L,
-        0xe78e38955ed8824fL,0x8fbaa40d1538bad9L,0x868f1eba0248ad8aL,
-        0xa6c1a139cd968348L,0xd2778c4b0a2b9761L,0x000000000000002eL } },
-    /* 18 << 406 */
-    { { 0x48e4c0f3361ae7cdL,0x6b7984948046cd5cL,0x12f157df00f16183L,
-        0x3597a186c382bdb3L,0xcd0b5a6b021194ebL,0xc207ed009af8a87aL,
-        0xe4393bc184dc124aL,0x11f71411e91afc32L,0x000000000000015fL },
-      { 0x579a5046c1866867L,0xd866aa1655c785e3L,0x2f76a8d43cf758adL,
-        0x32ac9a89b0d31de5L,0x4962fdef2a973d93L,0xd7187c2b4ac6ff65L,
-        0x7b1c92bfee83ecebL,0xa56863b534638002L,0x0000000000000053L } },
-    /* 19 << 406 */
-    { { 0x25efb568dfc25ec5L,0xd1189d0e1b0e7079L,0x5072903088a9eb91L,
-        0xd590fca710d3bcabL,0xf9c0a5d7df6bea0bL,0x0bf708746efeb1beL,
-        0x42747b384fb6a9a7L,0x2f14f557f56a702eL,0x0000000000000156L },
-      { 0xb9090e1e348c7f6bL,0x922e69d7d7496d2dL,0x6349d2ca92bf15e0L,
-        0x94de29b2129013e6L,0x6e89ee99ec7bb7b1L,0x68ee23481ac1ffb8L,
-        0x60be6017a20aa6baL,0x91a224fc79b16d91L,0x00000000000001b3L } },
-    /* 20 << 406 */
-    { { 0x039c81f5b6501dc3L,0xbeaed737d507075bL,0x080ba34a5c367a46L,
-        0x06a583c5ecd54633L,0x2085119b20eff4cbL,0x26f27b7aa193a015L,
-        0xa2dd99c937b34fb1L,0x99227938fff66c7fL,0x0000000000000107L },
-      { 0xee87c18e1cec40f8L,0x760e880d65532da1L,0x78d00f69be9ed489L,
-        0xf61114948cc9be51L,0x79d826abaafd71e2L,0x831bc3059f39cd9fL,
-        0xfffebc7ec214629cL,0xab14a5cdc0a202e7L,0x0000000000000083L } },
-    /* 21 << 406 */
-    { { 0x85252463481afc74L,0x7b71451828c701eaL,0xc439fd69861bf548L,
-        0x071f8693e3d11f33L,0x6225ebd572e2305dL,0x4ef519ad0d1f6093L,
-        0x1b0453e06ca1c580L,0xb7319f2fb740aabeL,0x00000000000001c8L },
-      { 0xf21d026d84604fd4L,0x1b1b306011b08033L,0x649ad1d36fd4ad38L,
-        0x33f1d68714abb62aL,0x0e7f376997abee33L,0x530e818370a2952bL,
-        0x98a0a545fc905c8aL,0xe6ec2b5559af7273L,0x000000000000007aL } },
-    /* 22 << 406 */
-    { { 0x6cf8f7069c217921L,0xc42e41d7b075c03bL,0x6375246a68982f40L,
-        0x8669580151954ce8L,0xf5310da9a3a60bedL,0x0abca274b68cc2a2L,
-        0xc0ec033b6851665eL,0xb783a62aa463f268L,0x000000000000008aL },
-      { 0x262a839eacc800edL,0x23a464a8b7a47436L,0x48a5d2ba302d2f36L,
-        0xdcc0964d853ccb63L,0x326373ba856a8728L,0x135e2dfce81f2a09L,
-        0x75387e9ce2d61167L,0x2d4026dd77466495L,0x000000000000018bL } },
-    /* 23 << 406 */
-    { { 0x15f1ae548997be68L,0x90aa75ea279fae38L,0x8e6704c0bf52607eL,
-        0xdbdd9e471515aebbL,0x3f13153cfb9d9d6dL,0x6783f0c749f2b830L,
-        0x933ddbd70938f0f2L,0x8c4b834cd7669424L,0x00000000000000a9L },
-      { 0x195637299d946809L,0x9946ba9bbc29db9cL,0x6f9e27fb6cb8b988L,
-        0x3294b03efccfc99eL,0x33374610f7141a54L,0x28f868ffc7673c30L,
-        0x43dc3427bb2c289bL,0x029e076fb96395c0L,0x00000000000001e5L } },
-    /* 24 << 406 */
-    { { 0xc1b7a8f704de7536L,0x4b9e69438570da46L,0x7724c0c2337106bdL,
-        0x6f1367d3054b2f07L,0xd7d30e2004200225L,0xd722d2ff8573567cL,
-        0x3b1a8a31741d03aeL,0x41474e1b878ff79aL,0x0000000000000059L },
-      { 0x3ce983c9fcf8a2fbL,0xe3c71ed67940d19eL,0x7347af8b434df786L,
-        0xa187aa1d08d0762aL,0x618fc81d48cc16f9L,0xfecc62573b0e7f5dL,
-        0xcb1f9e26fe7d47e5L,0x9ddb1566ce3918a5L,0x0000000000000047L } },
-    /* 25 << 406 */
-    { { 0xa7bf65565cdd5de1L,0xd91a3b5ad0299c7dL,0x34ad344fb621c69bL,
-        0x0eaa0119ff537f66L,0xd06eaa83437158b3L,0xc8ef03821b5a588bL,
-        0xc42cdd179a13f8c3L,0xb8bc70a25e7488b7L,0x0000000000000152L },
-      { 0xb571425067a283dfL,0x71221b8349a9b640L,0x84b743d5e5009d45L,
-        0xc7150aa8fc207d0cL,0x5146ec3777f5ee74L,0x64856c0e9cd38d8eL,
-        0x3c6544b4ada269a4L,0x3321ddf10a505d47L,0x0000000000000083L } },
-    /* 26 << 406 */
-    { { 0x679fec081ac21f3aL,0x8e69d49664fd0330L,0x4d520cf622381900L,
-        0xfe8843f23cdada22L,0x9ae1a7245fc715c4L,0x2551beb61c16d5d7L,
-        0x6feb8481d00fcf9cL,0xcaa2b375c91e52b7L,0x0000000000000184L },
-      { 0x24be593ab64e1524L,0x4e1cee9d7332b856L,0x131c5e6a797daf76L,
-        0xc663eb2e75ce3e6cL,0x03ef6a7909834ac9L,0x7d7aa414c52b3350L,
-        0xd66cb98f1430ff4dL,0x8aa042bdd5ceed07L,0x0000000000000084L } },
-    /* 27 << 406 */
-    { { 0x5c157e7b6deb0864L,0xf9d82ac58bbf2f15L,0x8078defe946d3ad0L,
-        0x0202531b76b4ef19L,0x91b204164639bde2L,0x266d4ddbabeb6f8aL,
-        0x099e2d193c697956L,0x622d9fc056634b3cL,0x00000000000000fdL },
-      { 0xb40778e6a1d7b58eL,0xe7e73d837e8f2b8aL,0x1079ead85b307ff5L,
-        0x6edaef3415ec5733L,0xf0af7d8875239c59L,0x2c12598569c78449L,
-        0x0ddb52fddbdb0499L,0x3659ab877726d11bL,0x00000000000000a9L } },
-    /* 28 << 406 */
-    { { 0x810305ab4f244783L,0x99471c5a0e2c1a83L,0xbb3beeb39bd2ba8dL,
-        0xe7fe7b929c189a01L,0x0f5a31c9667f8683L,0x28ee1a59fb7bfbb0L,
-        0x4cb86e098e14240eL,0x47039ec29bab970cL,0x0000000000000183L },
-      { 0x09b761f8f4ea7190L,0x5b109e93637f19c3L,0xe40aa435edd588d7L,
-        0x6b25737881a3b4aeL,0xf5b5cc60591f5caeL,0x2e787d34811b80feL,
-        0x28be1db7b0d84075L,0x2579d623a4db6982L,0x00000000000000b8L } },
-    /* 29 << 406 */
-    { { 0xebfd47a0f3c9663cL,0x5bd6c124fcc1ebacL,0x7a72f2629e4fbc0cL,
-        0x8e12014b04da3327L,0x1644293ff16aee24L,0x51c99ce93d9cbff4L,
-        0x3e202a2905ac2f77L,0xdc053a471a547c46L,0x00000000000000b5L },
-      { 0x33432716d62c57c5L,0xb6a806d7fd1c2525L,0x8fad574efa0879bdL,
-        0xb155c4592f8f0fb0L,0x1164655e58d81213L,0xe11727e694a07b4fL,
-        0xff4b7575c7036122L,0xcb353944c198f11aL,0x00000000000000a8L } },
-    /* 30 << 406 */
-    { { 0x0aba20f753d66edaL,0xa3aeae3b7e525dfeL,0x7b988a6199e675dbL,
-        0x944ca69614798f05L,0x42277a4775fddd0fL,0x281cc5692e466789L,
-        0x3292cdab72d85db1L,0xdfff0593e12591ecL,0x0000000000000079L },
-      { 0x1c2f7a8c0b87e726L,0xc9c4e2867c08d0f1L,0x7244fb70add49ccfL,
-        0x2f9a917876dce245L,0x60d895eb97836a0fL,0x97fdb433fbcd00e2L,
-        0x83017090f2aacd14L,0x292faa800e939a1dL,0x00000000000001dbL } },
-    /* 31 << 406 */
-    { { 0x5a7a6424e3f6f82cL,0xbd371425726aed2fL,0x2f56a6db5da92b20L,
-        0x40dea40847e9f8e5L,0xd214c17ba447c6d6L,0xfc2fc25418e56c61L,
-        0xf21df2b42ba5ffabL,0x38ed181e0c4b74d7L,0x0000000000000116L },
-      { 0xcc7b32aa60988f29L,0x86934d213fb6f043L,0x2f3259e3a7e17064L,
-        0xdd355633aae0132bL,0x6b351d3f58a51724L,0x174aa7de5d3513b9L,
-        0x5ffb74678e5b7018L,0xcfc563cd0b563426L,0x000000000000012dL } },
-    /* 32 << 406 */
-    { { 0x48a6060b5244adf3L,0x196c42f99f9c1646L,0x1dea9fac3946d4dbL,
-        0x30563642183c46daL,0xe5c58915c9e4a634L,0x3e71b542cce36f63L,
-        0x4d91d55c39eaada5L,0xd3f5af0f1c43907fL,0x00000000000000c4L },
-      { 0x1152f1413080db73L,0x3d5031a2b4bda7abL,0x0df9c2bcd0f0daf0L,
-        0xaf4aa1f30d01895aL,0xfe8281302b137acdL,0xfcdbfefff072eda7L,
-        0x8f3e313911d578dfL,0x37d9ce5b92662c8eL,0x0000000000000086L } },
-    /* 33 << 406 */
-    { { 0x87e7f88cc5bed943L,0xfd2e6b03aad8bc5eL,0xf24d94389e249c9aL,
-        0xe47161cb7c008e8cL,0x19d22f2831d8c40cL,0x0671ba709fffd96aL,
-        0x31a6f3ad74d609e7L,0xf90ddf84b6905c30L,0x000000000000009eL },
-      { 0x404c5574e9f17126L,0xafd37819604fb843L,0x4d1d2b92b00db9eaL,
-        0x4a242643a7ecb8e1L,0x23c70b6e8b66b49dL,0xcbd1e9f75995098dL,
-        0x62ee997d643f5b38L,0x2c7285da63549975L,0x000000000000007bL } },
-    /* 34 << 406 */
-    { { 0x70bd76a983f34ba3L,0x372227ca7eca3199L,0x4cc896ce4e57aed0L,
-        0x142d290f0ddd2f05L,0x867a1f6fd6612f3eL,0xcf2e8ca14ebc7530L,
-        0x1d15b0252bdf257dL,0x1b6ea850fcb53380L,0x0000000000000110L },
-      { 0x38c505c3e561bf5eL,0xb5c5b048ae44566cL,0x902051d06c45aaa1L,
-        0x619fec981ea9caacL,0xec4ca3f013e5e007L,0x899d203208bc5341L,
-        0x5869d8e09361ca4bL,0x1850a711fe357cd8L,0x000000000000014cL } },
-    /* 35 << 406 */
-    { { 0xe9d78d73c5fe4cb1L,0x65d4973e63669b5bL,0xf8f26e6758db5d06L,
-        0x1fe46740a5bea178L,0x22e30d273d9d53efL,0xf9c3e1132d740fdeL,
-        0x0eaf2c3782ad4253L,0x1c0a8f57afffe82fL,0x0000000000000083L },
-      { 0xe04ad02fea374c3bL,0xbfebd3637e1ae7deL,0x2f496f966970176fL,
-        0x10eb48976106472bL,0x9ab8cc2922481fc5L,0x806a32fb795e47dfL,
-        0x3920421e8a79c1aeL,0x17c4253868d45930L,0x000000000000009aL } },
-    /* 36 << 406 */
-    { { 0x164a9e29d07b0d60L,0x7d9325bc4a4ced37L,0x389846410a22ea31L,
-        0xc33e1fc1659c12aeL,0x7609475678cc3ad9L,0x3c30033a4cf14874L,
-        0x6c7ed92d23f58493L,0x0040c6d99a41b806L,0x00000000000000c8L },
-      { 0xe9652d66a4f89d26L,0x97aca7ae1e56daa6L,0xa1650f15b8b76045L,
-        0x2f2338b3fc159585L,0x9af48930f243cf7fL,0xdd333c3d923de549L,
-        0x415a035f3083991dL,0x0257bcf5b8f179d8L,0x00000000000001b8L } },
-    /* 37 << 406 */
-    { { 0x785ceb0e60a23046L,0x06693923da26f777L,0x4cfd41e2f6347cc4L,
-        0x375228c909f95926L,0x5f3dff336d32813bL,0x3becb638dd9b1ce3L,
-        0x7e9b3e1160c02110L,0xc46e496d72e500fdL,0x0000000000000003L },
-      { 0x15d186e9c39eede8L,0x00d45c82e2cbe492L,0xcb0430b0e656d2edL,
-        0x52592855cbf91059L,0xed3f498d7ebbb6c0L,0xf537912d8c448093L,
-        0xd02e28094a50080aL,0xde023ed27507fb99L,0x00000000000001c9L } },
-    /* 38 << 406 */
-    { { 0x9189e6492b66dcb3L,0xbd9d89446e0a16c1L,0x7183787c8fbf21b9L,
-        0x48b9a986c84a07e0L,0xc7951767bd3f75ceL,0xfd74f40c709029ebL,
-        0x8e0d48faee163d0fL,0x583247acea13c411L,0x0000000000000029L },
-      { 0x544713627200e61fL,0x43a5caa69151f221L,0x88e1d04480dfe2d7L,
-        0xe166419a814a432fL,0x47d7a7324998873eL,0x06abfc47d649229aL,
-        0x38759e7b790a1bb9L,0x2aade3423d87e983L,0x0000000000000083L } },
-    /* 39 << 406 */
-    { { 0x814f5c1eed4cb90eL,0xc27974eb37f64e46L,0x1ab1171566cd615eL,
-        0x27e7e0d98a254731L,0x1756745a1520a956L,0x4a8d601258af427dL,
-        0x430761eb1c0eee1bL,0x6bbfb93438874a9fL,0x00000000000000d7L },
-      { 0x9f48d4ca3a8603b8L,0xdedd50492e5be7c0L,0xe088e3bdf54289d5L,
-        0x0a3ee65da44290e6L,0x8ab9a318bb9114a0L,0xbbb8fc213ba90e93L,
-        0xbd87016b28aa8d97L,0xf467d852c050a231L,0x00000000000000d7L } },
-    /* 40 << 406 */
-    { { 0xfe306ca855a073ebL,0x35543d282dcab16bL,0xd66bc457a45d0b9cL,
-        0x3fdc1cc24be414daL,0x781093ded7d9bb1aL,0x6b5f2c375d2031a6L,
-        0x9b6b4ba38a23513fL,0x6fe788858f5a91f0L,0x0000000000000188L },
-      { 0x0f952fdeaa340993L,0x860ad393381382b9L,0xf0f1878aa611333cL,
-        0x9d53e1f9fe29f16fL,0xc371ba5fa0d105e9L,0xedf4adf826128fd8L,
-        0x4f4e22ffdaeb10c8L,0x0d27b149d9544e7aL,0x000000000000009aL } },
-    /* 41 << 406 */
-    { { 0x384e080421facdb7L,0x6c8b7244e2b7b131L,0x05f1dd47ad8a4fe3L,
-        0xeb2e048dd4649216L,0x9f1bc2b7ec853458L,0x386f3d5798115589L,
-        0x8c02c32e6fd93252L,0xd1a9526bbd686fe7L,0x00000000000000cdL },
-      { 0x0a4bc5e2a6384682L,0x8281608a042b55caL,0xa41505532a528bb0L,
-        0x96b9f2e72217abd8L,0x9f019996e3251a18L,0x7aa51a6a79a88c6fL,
-        0x90d8c8ad98fa880fL,0x2dd166cf45076ac6L,0x00000000000000e6L } },
-    /* 42 << 406 */
-    { { 0x7ba7b06a5826d6caL,0x42257d9c430621c6L,0xe5dc2c8f02dcf96cL,
-        0x1b63d8ce16550605L,0x9e6341345cde8df3L,0xf9781f21809d18a4L,
-        0x2de5477650c12248L,0x915e036c94f60a0aL,0x0000000000000149L },
-      { 0xe8a91619a2d29974L,0x67a70872b420db3aL,0xb24abe92e50beb4aL,
-        0x760b7119dc0a98c1L,0x1519d8aea70e0dc1L,0x33f102a2679c49e2L,
-        0x5123d8c2c1c358a8L,0xc928fda8bb7899a4L,0x00000000000001b9L } },
-    /* 43 << 406 */
-    { { 0xd2601167ad233a91L,0xc8d9884dcdc5862fL,0x01a22fe0a648ba05L,
-        0xbb3b9e3c515c1511L,0x18c06c97ea8c7464L,0xf20adb09be2c8395L,
-        0xb2f3dd6d371f7631L,0x2e4fe2c91fa77646L,0x0000000000000128L },
-      { 0x9732c4edfed3264cL,0x81acaedb4d287a1cL,0x736e2ee565d0497dL,
-        0xe8b4f6fa9ca05e5fL,0x76f8565567f63d25L,0x3622850f9569a822L,
-        0x4213d66b43a8a078L,0xc601ed61e323d282L,0x0000000000000185L } },
-    /* 44 << 406 */
-    { { 0xc0135e27beb6745bL,0x1fa3e9d57ac01e8bL,0xa713ccd34efaa6adL,
-        0x6b82414232492fa1L,0x1e3dc6b3c5a1550aL,0xe3c7ea75429f42c3L,
-        0x93f0cadbd1d97acaL,0x7b23ee53f7091927L,0x00000000000001afL },
-      { 0x708dc83aecb37a50L,0x802e69b38f9edcaaL,0x02abcd3cc66d3a68L,
-        0x814ec38b1101afaaL,0x20e5d950a1b52623L,0x0ac6ea5fd4dd624eL,
-        0xab26008227a0c3b4L,0x577f5ca09368736bL,0x000000000000001fL } },
-    /* 45 << 406 */
-    { { 0x6d42774c21bf0842L,0x2a4da71bd4d1ea75L,0xc2cedd0cf4d653b0L,
-        0x7d94db7211d82f3dL,0xfaf1ca20a8c32913L,0x9b0c6b3563841938L,
-        0x1ddacce9cf9b706cL,0xb204884772b2c899L,0x00000000000000b9L },
-      { 0x4e7adf267aedf83bL,0x8ded9b05be0cdec7L,0xe5f546d3b5c0649dL,
-        0x270504c8e19891ddL,0xa92e7b14a7261c10L,0xd14be6d3b8f9ebccL,
-        0x7a89d993eccfecebL,0x4ce0afa5ae754f25L,0x0000000000000074L } },
-    /* 46 << 406 */
-    { { 0xcb677986904f5312L,0xe7d62adb29dfabc6L,0x93e4e87b3e4e42beL,
-        0x19bca6264069b407L,0x328eab93ad8142e1L,0x2e7c1a5d52672bedL,
-        0xa5fd1db730aef66bL,0x12ac39b7fb19bf54L,0x00000000000001beL },
-      { 0x01c76a76b5b5ec2cL,0x64de1b6a0861dab1L,0x3258296d637140a4L,
-        0xbda2cb733b3679c1L,0x0041da437024d813L,0x4303794de9a0ce74L,
-        0xf8ee8193c0529c15L,0x53feedc587074b7fL,0x0000000000000115L } },
-    /* 47 << 406 */
-    { { 0xa6ba5b160c617119L,0x204e68fb438beefeL,0x7a20a3972ada8708L,
-        0xdedf232d508368bbL,0xe096d0bc104f521bL,0x7a6b16d711269c40L,
-        0x55d4ed46914143d9L,0xba5c71c427d395ecL,0x00000000000000caL },
-      { 0xa821bc5010cb008aL,0x48052c133adc6d77L,0xd0408c0f53ba3178L,
-        0xd60edcdef9fbd6c5L,0x3cfa4536eeebb802L,0xcababb7b03709682L,
-        0x13ee6a48bce9c097L,0xbd0ef6510d1b0bebL,0x00000000000001d8L } },
-    /* 48 << 406 */
-    { { 0x57b087c3722f09b6L,0x1702ccf501659998L,0xf3e88554769ff3b4L,
-        0x0ceaa311b9b58b5fL,0x3200928faf05be70L,0xd7254305405c2f75L,
-        0xd48bc6c28cff9a05L,0xc951c65d71aaf653L,0x00000000000001e0L },
-      { 0xb1c60c62e06a762bL,0x95d42294d121d094L,0x16b88a5dd0a2ec1bL,
-        0xe5baf8f2f27ab833L,0x81982eb5a7742d30L,0x0244c5595e8d4a52L,
-        0xae2e0d639ff0933bL,0xcac9c143c0641fdcL,0x00000000000000dfL } },
-    /* 49 << 406 */
-    { { 0x0729d23aaf7d4710L,0xcc26cbbed18d4ee5L,0xbbad9a780031ac64L,
-        0x4cf6f0857d9c26d5L,0x4f7a82d40d1a7532L,0xbe268e66d13e2a2dL,
-        0x14bae8a771bdd2ceL,0x3c3d7fae6b5df00bL,0x000000000000008bL },
-      { 0xee205513e5ea848eL,0x3b6a3e27dd421986L,0x21485c6e461b7f1bL,
-        0xa62bc7b5b14b5037L,0xd6372abf560b7bafL,0xaa6228c9c962a69cL,
-        0xdf2b172bb089d815L,0x7d1775058d97fc0fL,0x0000000000000167L } },
-    /* 50 << 406 */
-    { { 0x1b2752ec9c586918L,0xb3fb67c153a201efL,0x105199bdd73f0eb0L,
-        0xae01712810aeafdfL,0x1426b2b52a519a78L,0x68e86c5a1ea4f48cL,
-        0x98699970a6f22d9cL,0xc80564d51a9de939L,0x0000000000000000L },
-      { 0x41f8c7fc85bb70b5L,0x4bdf510c78874a6cL,0x836e36477192332fL,
-        0xe71580260d3877cbL,0x76eab30d9db5fe34L,0x5cf92e6aacafab64L,
-        0x9dfe39041fedad0eL,0xa9be6419c83bcb00L,0x00000000000001d2L } },
-    /* 51 << 406 */
-    { { 0xef6dd59eb9490407L,0x40b3ffc7cce5657cL,0x303b86892997c881L,
-        0x10ba288bac9e88b3L,0x0598dc047e06cbddL,0x6b6070f9b8f3fdc5L,
-        0x1b6e0bf0bf167eb0L,0x832f256f61823b3aL,0x0000000000000066L },
-      { 0xcaa38eb16ba2d1a7L,0x0e9eb2b5e34c102fL,0x45d0a0412f3f191fL,
-        0x1883b65b78e42f37L,0x106790f4b3d340d5L,0x5bbca96e950faf87L,
-        0xa5b7401125d0e75bL,0xbf6a2e4aa9a5b37eL,0x000000000000004aL } },
-    /* 52 << 406 */
-    { { 0x66cb0db47c4f8f4eL,0x81ae6d75fc21f5f6L,0x19e8fb8714951a87L,
-        0x52ecee54602c5224L,0x50a823a8e408b25eL,0x32aad7d9e372c922L,
-        0x80a117c8e03a5ce6L,0x9b62059c2ca7f6b5L,0x00000000000001b2L },
-      { 0xc50397739d676975L,0x6959c6b5becfc0f0L,0x7b73318a43d30b32L,
-        0x0c0aac5b6048cafdL,0x77f3201dba7d3c59L,0xa5a05d3e09004fddL,
-        0x711b1b17ada3810bL,0x0b9f7679a6eb6d1eL,0x000000000000017bL } },
-    /* 53 << 406 */
-    { { 0xb111d5049113f1d0L,0xaca7880f301363d8L,0xd1a3a3a0715d0296L,
-        0x7c7131450ef65ed6L,0x66eaa22b454a687dL,0x3818b9757349a9fbL,
-        0x5062a36e0d2022d4L,0x528e46da2ff88497L,0x000000000000010fL },
-      { 0x32a84b8a5de50ae0L,0x76263a196884f659L,0xfd8bb04c315d19aaL,
-        0x949d5c4b8c484043L,0xa6b46b769af8ac6dL,0x30ceb799b23ae2b3L,
-        0x0ea36685daf44f51L,0xebf5489e57d1f2cbL,0x0000000000000179L } },
-    /* 54 << 406 */
-    { { 0x72ba03aae5c32db9L,0x674c55738d0d3eecL,0x80208af9ccce2df7L,
-        0xa35d4b811c853818L,0x9c9e525e4027990fL,0x1d4307391f2d304fL,
-        0x557a34c0e56780b1L,0xd88631e7384f416dL,0x00000000000001dcL },
-      { 0xe13dbdcc305ed92cL,0x7344f3ebfb1445b9L,0xe84a2541d10d4b7bL,
-        0xc0063b826bc03673L,0xa46a733bf4f6b339L,0xa6c0138431320032L,
-        0x3b6f5b9634212c42L,0x445752ddb9601168L,0x00000000000000b5L } },
-    /* 55 << 406 */
-    { { 0xebcab29ffe8e565bL,0x7b04357f43480e76L,0x153ea7357ce43f36L,
-        0x04ce126da3cf5166L,0x3eb43a6e0f412fffL,0x4ede4ce058733496L,
-        0xe90b4291aec2250bL,0x35811220bc4b63d6L,0x000000000000005fL },
-      { 0x2a1d458659ff9b9aL,0x61d60d77a684082cL,0x3bcdaeb53ca06170L,
-        0xe5793487801582c8L,0x73754dacbdc327b7L,0x4e9f7a1aa91091d6L,
-        0xb1dcf63b688c3076L,0xf781dda2a455387dL,0x00000000000001a7L } },
-    /* 56 << 406 */
-    { { 0x3f28171bd3179895L,0x91ec9bdd6470fbe0L,0xd6713024aa1ab0a3L,
-        0xbdb9e60388393838L,0x29c6d976170ffe51L,0xb415ce2c20c85e4eL,
-        0xc816b042aa9a7f5aL,0x0f7257df41dcb044L,0x0000000000000139L },
-      { 0x16044c1463dbe97cL,0xc36a41e8dca02de3L,0x7c9403766849e580L,
-        0x77b372d1d1bf053bL,0x539e249d175c2a6aL,0xebd056bbf0e17332L,
-        0xf7b71bf6e62c02a3L,0x8e8636d754ee354cL,0x000000000000014aL } },
-    /* 57 << 406 */
-    { { 0x23975ca006ea445dL,0xc8c0af23792afff3L,0x648b22a1089f7960L,
-        0x38be1485789e86a1L,0x09c7f82c8e403792L,0x00e6a9750da77f58L,
-        0x89ff11bfbbabdde6L,0xdd065345ccf6e66aL,0x0000000000000017L },
-      { 0x8c47de427496b1c2L,0x4c7e85508ad8e562L,0x27bf92564ec11ed0L,
-        0x0764d014f7290f77L,0x02a78a70c49b97deL,0xa88a1ccf1ddbbd5bL,
-        0xe42270462e9e274aL,0xba580882466c1d4fL,0x0000000000000159L } },
-    /* 58 << 406 */
-    { { 0xcc1838a04d0dec13L,0x2d4bdfbc97bd2484L,0x3f6defdb8e61f25eL,
-        0x7f6f45104ea8dedaL,0x013f14a40425fa58L,0x956254689d7d619bL,
-        0x5115c63b5bda4f78L,0xea1900e7fa6e1bf0L,0x00000000000001d0L },
-      { 0xa17989e0363fe2daL,0x2cfd22dfca53cb24L,0x45f91d59881a474eL,
-        0x0e4ab11250329824L,0x8ac28370b72739d1L,0x1b310d913b6d9b75L,
-        0x6ec4da965c56e9e9L,0x0671aae0ffc656cbL,0x0000000000000042L } },
-    /* 59 << 406 */
-    { { 0xb3ab40eb790b8e7eL,0x8eb63013d4788dceL,0xbccc0ef6934a5525L,
-        0x680e70c725f88ec4L,0xd485afdbdb65760bL,0x5d426a75efc322d2L,
-        0x0f83571f2e4bf148L,0x91ccb5dabbec6361L,0x0000000000000169L },
-      { 0xd8887e8d1c57d73cL,0x236b0f805f5fd2d4L,0xb63c2775875a5803L,
-        0x414fc01a4a8803ecL,0x52d5e443d98a3657L,0x18a2f004211e0a47L,
-        0x692f1862d077952dL,0xebb3821e3543f3b3L,0x000000000000002dL } },
-    /* 60 << 406 */
-    { { 0xc543163d23d30fa4L,0x45cc53a2b32b27c9L,0x894b9ca07953c4b4L,
-        0xaabba057bba613a7L,0xc50371ae6ccbb39dL,0x610cdcf53fd4f3c3L,
-        0xad08443a19a9d357L,0xabf74787d519c9cdL,0x0000000000000076L },
-      { 0x4ee3a817e5502ae4L,0x7ab2462d8b39a71dL,0xd6736eabfcfe642bL,
-        0x77479bae25c914e3L,0x95fb92af2a14e2c0L,0xcd33464758bd112cL,
-        0x3165b9a35bc0ed8bL,0x980f3176d89bf952L,0x000000000000006fL } },
-    /* 61 << 406 */
-    { { 0xcce789470c205347L,0x2cdc9548317b0bb3L,0x91761877eb18287eL,
-        0x5da4b78d6fe20d46L,0xaa5a0e4c56abc91cL,0x20d5e538f880504fL,
-        0xc8b49ff54cf760dcL,0x84ce19efc16bc484L,0x0000000000000055L },
-      { 0x26ddf4fc8277a9a9L,0x1084e9e795284106L,0x4ae96058d6f31a98L,
-        0x8768d94c4ca76957L,0xabe0c7dc4291c752L,0x742e8a5c902ed035L,
-        0xb19d63427e0da040L,0x8340b9aae19b885eL,0x0000000000000089L } },
-    /* 62 << 406 */
-    { { 0x1db573165a1c76bfL,0xff18d5ec4afc3851L,0x2c1949939579a536L,
-        0x18b565e4bbffa98dL,0x446f6b2146c634e5L,0x7c8e557e54f8c188L,
-        0x0bd678caf2a2547fL,0x3898e9617c679a91L,0x0000000000000195L },
-      { 0xc9629fbf5b94cca3L,0x4f2c7c0bc3a4b9fbL,0xb497be19d7c9194fL,
-        0x7342f77aef265586L,0xaacd585fdb0e0ce7L,0xa4cc7b4bf17cef46L,
-        0x72e0c651d630df1bL,0x39514c9d4e7fd042L,0x0000000000000163L } },
-    /* 63 << 406 */
-    { { 0xf81da77e080bdb19L,0x42e0d16218eff3daL,0xaecdeb9ed5246df2L,
-        0x4bb5a16667f90950L,0x9eea36f3914df6afL,0x92f0cc9b6bd50255L,
-        0xe1756a88acf4b34aL,0xa30cabc40a3069a1L,0x00000000000000ddL },
-      { 0xc407225c59098bcbL,0x957308996d9a4295L,0xb4e208abe995c4f4L,
-        0x42560e5040f907e8L,0x0e6c38dbc174276cL,0x2360c05488cff7dfL,
-        0x31e7aa6539f892a2L,0x4ffde5e9b9592227L,0x000000000000009bL } },
-    /* 64 << 406 */
-    { { 0xf7593760e63885d6L,0xce5054bb86e546caL,0x5910ad526e9567b2L,
-        0xe812cf7be420aff3L,0x266049fd904e9676L,0x42d0e2ab2c8b34adL,
-        0xf79f8f91a4382f29L,0xf8cde3ed41d531deL,0x0000000000000035L },
-      { 0xe514497fb16cc1f3L,0xbc044f39627db2f6L,0x76fa5148a1fa2bdcL,
-        0xcf7eb72e5fe3fd7aL,0x83236c11ee3d45e6L,0xa02d7e92c4eddb54L,
-        0xcfb5bb894d4982a5L,0xee6ac2a27c217ea5L,0x00000000000000bdL } },
-    /* 0 << 413 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 413 */
-    { { 0x1e5e42932f3cdb19L,0x9920316787214e3bL,0xba80fbfe93d885a3L,
-        0x58f3ecacb25a2700L,0x2c4a14d369f5d172L,0x478313d4816ebaf0L,
-        0x41018d31c93f7738L,0x5db7131e06ac6002L,0x00000000000001b4L },
-      { 0xa5d3687295b8edbcL,0x47931810945b9473L,0xea5b3ffea82c5f49L,
-        0x5ed84f08f491bc9bL,0x1492e5349b3b994dL,0x4788372dda6c1225L,
-        0xfda4521440022d06L,0xfb0bcf49fbca3d03L,0x00000000000000a5L } },
-    /* 2 << 413 */
-    { { 0x8a4af8ae25144121L,0xd89467b7ec215026L,0x3ab6cb7fe013fba2L,
-        0xc15a056935f18f1eL,0x8bd48a1d70933beaL,0x6a40474a5b8c61f6L,
-        0xad967b15b5158afcL,0x119a0ee96d7f6e5fL,0x000000000000010bL },
-      { 0x895e3e94a548551eL,0xfcfe2882eb65fa7eL,0xafa1800f3582920bL,
-        0x5cda388ebf58e02eL,0xe7aad6f7fb270f11L,0x95a2636fb7e27667L,
-        0xdec591d7a3be4195L,0xde0e7440808c1315L,0x00000000000001b5L } },
-    /* 3 << 413 */
-    { { 0x57b9da073a771403L,0xde6ee702ab21fe58L,0x60d32de6843aacabL,
-        0xe522b9569064dfbbL,0xb4b429207ea0dcadL,0x4222697aa3f46a45L,
-        0x1557d30b3be7a95bL,0x712ca7479fa83859L,0x0000000000000153L },
-      { 0x162516d415fb1ac0L,0x44b19cb0ee7be87aL,0xce8815eb3d9d86b1L,
-        0xce8f13f957331615L,0x78e8539ef71faac1L,0x29154b098e5ca8bcL,
-        0x45b36262312e4c96L,0x2e03ee8680940f73L,0x00000000000001c2L } },
-    /* 4 << 413 */
-    { { 0xe95ab9e7ef05ef2dL,0x29ec067ffd5cc417L,0x67c10bc739402b0aL,
-        0x109f7d511e9ca8acL,0x0b10550bf8efe529L,0x0bf3624cf18c8decL,
-        0x42f686f33746474aL,0x0f8a831140052446L,0x00000000000001f4L },
-      { 0x56303452329ed806L,0x1d80c752654f22d9L,0xf41fe1729f61f3ecL,
-        0x7d4ad71e0cd5fe42L,0xffda94addd164da0L,0x260a2bdf7f19c583L,
-        0x8e8673245d6229daL,0x1d13d05c2fc87ae8L,0x00000000000000baL } },
-    /* 5 << 413 */
-    { { 0x5750d281b1734753L,0x0146bc94d4a13019L,0x44c6f69714e0f6a7L,
-        0xbe893e5aed528e03L,0x1e980b908750b50aL,0x7edaf7fca9de6cc1L,
-        0x093cd32faee636cfL,0x293d801a61a0b0deL,0x00000000000000d6L },
-      { 0x154f8d1810a54f0eL,0x8a0e70ea4a976afaL,0xb2fe0d041d2e4d9aL,
-        0xc6c5afbc6229b256L,0x8d0ca0e734bc3bc8L,0x93d5a4cf47a7a58fL,
-        0x5413ec8faa6e0b8fL,0x1df389c48d831011L,0x0000000000000099L } },
-    /* 6 << 413 */
-    { { 0xe4f52ec5ba7dcf59L,0x345c1385d5dba9c9L,0x67084813d49a6201L,
-        0x0c8c4fc84ee78000L,0xbe78c6a4e17b9868L,0x6698156608377738L,
-        0x1afdbf526012a726L,0xa884b8f7d2127133L,0x00000000000001a0L },
-      { 0xa4aa47b66590bde1L,0x32398ff9823ee7cdL,0x3f1f7e49967c860fL,
-        0x0ac197d796a0e601L,0xfc6a28c6e61a3207L,0xbe5cb223fbe09f61L,
-        0xe83db350d54bd1b9L,0x44334c2baca898f2L,0x0000000000000024L } },
-    /* 7 << 413 */
-    { { 0xdc7ed009b224af29L,0xc73de9d40e9acb64L,0x81fba2d377629ec2L,
-        0x2f41756aa44ae9b4L,0x7c839101311c713aL,0x608ec3d486c4c015L,
-        0x6a8379c0ee544e59L,0xecd19a437a67b442L,0x0000000000000062L },
-      { 0x05112f63cad5be69L,0x9b97a7f150c4e5d0L,0x8744e98ae7e2d407L,
-        0x9359564016ab7f96L,0x87dcf03cdb24a32bL,0x2f9216bbabf80ae0L,
-        0x38dc2b86701a21e2L,0x60a15b35e64ec8ddL,0x000000000000005cL } },
-    /* 8 << 413 */
-    { { 0x141838bf8fe6f511L,0x8e9ff343ee745e2eL,0x71da9fd502325306L,
-        0xa527b9baf0d0d68eL,0xce19b22c31144649L,0xca9b778b0bfaa46cL,
-        0x66e689a76ce31145L,0xed43460dd8d1da21L,0x00000000000000bfL },
-      { 0x241323f7c1669168L,0x9934b3de79b94b5aL,0xd332c1a2d9f9a406L,
-        0xbe3ebe21e4a49eacL,0x4a00648e678be3edL,0xc9f534eaff09db31L,
-        0x2de774065efdd859L,0x2c218cd800f5c7a5L,0x0000000000000152L } },
-    /* 9 << 413 */
-    { { 0xb1f44e10e8216c49L,0x8242ce59391c90c6L,0xbd3ec80b1e6415dfL,
-        0x8055d00e364ed350L,0xc0499dd8eecef27cL,0x6fd2d8c71658459dL,
-        0xaff8a01800a6c15aL,0xa2f028d8406e8a9aL,0x00000000000001a0L },
-      { 0xc752503f42bd3f43L,0x87e708599710bbddL,0xcda119c090e6eed2L,
-        0xf1a7a1b2596ec879L,0x479f3fec24fd1933L,0x717a613abb82f79dL,
-        0xaae73616faf9c1b5L,0x865e91b7cf129fbfL,0x00000000000001c2L } },
-    /* 10 << 413 */
-    { { 0x9a111bb32120bf4eL,0x18c2fc772458882eL,0x0c3480d8e24ebc99L,
-        0x1832974652cc401eL,0xb424bd884fd6a487L,0x5838dc6a822adf42L,
-        0xf5a46a3cdb196a29L,0xce7baaade6640b4dL,0x00000000000000e0L },
-      { 0x231ac4cdc62a4ac7L,0xa25cea601851842aL,0x5ad82748d7a79770L,
-        0x8fbffa6ebb164240L,0xb64ecaea85db52c0L,0x4ed71ef3b05a83a0L,
-        0xb1a5c366f87d6991L,0x52f4a0043ccb2067L,0x00000000000001b1L } },
-    /* 11 << 413 */
-    { { 0x4d6fd5b3a11c9d5bL,0x423db5f508656d72L,0xb0f9e57833051a59L,
-        0xa6e49ec8797e73aaL,0xd2c1bf6eccc0d215L,0x4b3dd3e2d320576eL,
-        0x317f7ca5d773e88dL,0xc37a7f0f5f88be68L,0x0000000000000114L },
-      { 0x033fd47e1b2e6090L,0x297dbc0e211a3ba1L,0x8808924481671ba6L,
-        0xd2f3670ba568cc06L,0xf41dff3d58ff526cL,0xd9ce52f41a33b324L,
-        0x2e0d362c12adc150L,0x8da85adff5f36b5fL,0x000000000000000cL } },
-    /* 12 << 413 */
-    { { 0x876382e3b6899299L,0x0b4845d3c420faf5L,0x6e09254c04b364c6L,
-        0xdbf5ee2fc3ee3781L,0x518c5aaff1a2f07bL,0x48e496f4e09ca02bL,
-        0x325878764d599f03L,0xedf96e075a7941bfL,0x000000000000005bL },
-      { 0x38dd2793981bdbc6L,0x9b21020129395b8aL,0x924ded1bd1678774L,
-        0x7a77150735ded04eL,0x2275228145c78fe2L,0x8e500fde9ce86720L,
-        0x5998350640caf83eL,0x38ff8869b773ada9L,0x0000000000000173L } },
-    /* 13 << 413 */
-    { { 0xe8ff5ac6ed7cf572L,0x7f686a590f1e28a2L,0x62427eac20faa4deL,
-        0xb6209fe31ad4d13dL,0xd2e05eb22ffba92bL,0x2c9345eae68093a7L,
-        0x281b99996eec4207L,0x7ea83de8e452091aL,0x0000000000000123L },
-      { 0x923bd3311639d5d4L,0x68c713339a8bf71eL,0x4d9d8d20c6a51254L,
-        0x81954588c3eeaf0cL,0x5cab2bcdb7fc166cL,0x0375c8b7c95eddfbL,
-        0xaa864a1f451c9fc1L,0x0c658f1f7b744928L,0x0000000000000058L } },
-    /* 14 << 413 */
-    { { 0xef5c1e91a73432dbL,0xdf98b1e4b4f36c7eL,0x68b70bc8d61583a3L,
-        0x0c8264e2ed0b2c62L,0x2b2c0770ea80cdbaL,0xf057643161bb4804L,
-        0x66e3ebbbc240ceceL,0xf34eada0354bd699L,0x00000000000001c0L },
-      { 0x6134da4fd4514eabL,0xff414ddaca338f1fL,0x588506f10fc1b9aaL,
-        0x5bb66b45bb21daf2L,0x093354525824998dL,0x2c9c4959a8e47c78L,
-        0xf7e6339c6269c6c0L,0x5551260b237e9835L,0x00000000000000c5L } },
-    /* 15 << 413 */
-    { { 0xf4f12f1396123090L,0x471d20baf841a4f6L,0x2086017985371d0fL,
-        0xe655cf99bb77de97L,0x246595b0761430d0L,0x4361b05f54503716L,
-        0xebdb356a33210d4fL,0xc429076db67e1961L,0x0000000000000072L },
-      { 0x3a611d84c57d8e8fL,0xc0bc94ea1b749a8dL,0xd8ce81683a51b900L,
-        0xd595034f38d06f25L,0xc649def4bfc48667L,0x755726c0ee42d04eL,
-        0x100a8ceff26eff8aL,0x6d43ef9ff86d056bL,0x0000000000000112L } },
-    /* 16 << 413 */
-    { { 0xfe1b039aefd5cf86L,0xc7fbca26c0945b5aL,0x6b30e2e0887a27a1L,
-        0x0883a38be7cc98d9L,0xa646c35bfb2138f5L,0x735769df74f0c200L,
-        0x9fcdf60a2ab20e1dL,0x4e0acc801f2e11dcL,0x000000000000013aL },
-      { 0x00caf22515abd8eaL,0xe5f47384cb2e6e92L,0xa9186f93be14ff19L,
-        0x4620d2c916ca5bb6L,0x22d4fc0ebddde27bL,0xd6f04a09a1c81269L,
-        0x25d65811fac277d4L,0x803293db322ab775L,0x00000000000001e4L } },
-    /* 17 << 413 */
-    { { 0xb3ebf1380ba381bcL,0x7289d26e159f83acL,0xd45884b4642425deL,
-        0x644daeecebfd5e89L,0x22c6df37f5f65270L,0x376b8127b6bcf3aaL,
-        0xbda049d4f4ec524fL,0xfd412add737fba08L,0x00000000000001ecL },
-      { 0x060c42cd0ffa17fcL,0xf6e37fbf8b4e9a97L,0x7681530396b17356L,
-        0x92c4519627ef9df3L,0xd048c276a0fb6660L,0xb69785e8b4f971c5L,
-        0x6f2a394cfc90d573L,0x2ff151e18d0558cbL,0x000000000000011cL } },
-    /* 18 << 413 */
-    { { 0x7a118320596008e4L,0x7f469890b45b8849L,0xd05018829fd8988dL,
-        0xdba0b02ec8fc3c87L,0xc10a7d57333e0ac7L,0x63c960014e554169L,
-        0xbbde212e773150ebL,0xb654d3d86d7967aaL,0x000000000000017bL },
-      { 0x8e3087977a2e5d76L,0x8e58379ea352086cL,0x8f9c8c8c4797c0a5L,
-        0x329c35097c491506L,0xe43fc3699312118fL,0x0d96ba0101989af1L,
-        0x60b3e701d8dd5e74L,0xe2954b8011364c68L,0x000000000000018bL } },
-    /* 19 << 413 */
-    { { 0x89318598abb6095eL,0xf838078254f1abd2L,0xbcc578dd4150e804L,
-        0x751c7bdf9c394104L,0x563688d2b10220b8L,0x8f371472362c10faL,
-        0x28e0a341ff5248b0L,0xe79232df6b59cfb1L,0x0000000000000025L },
-      { 0xc7fae1d695e6f9bfL,0xfd2bc6d21b4cb12dL,0x1a67033c7a9fcb6cL,
-        0xe2741449e7f5f237L,0x7bf33fb4c5e0cd46L,0x2bb0a260011b6c96L,
-        0x55b14f8b11c51582L,0x861b24259938fe56L,0x000000000000000eL } },
-    /* 20 << 413 */
-    { { 0xbb34d7849d0d6a8eL,0x181372ae5249d4aaL,0x70542a6f2a73950fL,
-        0x74b04f0ccdf2e96dL,0xfd9cae5b3fecace5L,0x22fb4d8d19fb6b62L,
-        0x3252d045e69c55fdL,0x7290f7fac2bc4211L,0x0000000000000148L },
-      { 0x10d8e574ec7e23eeL,0x8d6c5a23c7a555e7L,0xd583c8aa140a4f49L,
-        0x0de3c0d4f10191c9L,0x985e0201d4d1e937L,0xb5dee6abc3a7e70fL,
-        0xc212b74b44de1f4dL,0x1f745d35ef35b040L,0x00000000000001fcL } },
-    /* 21 << 413 */
-    { { 0x622c60244c78f076L,0x6aeae9383019aef8L,0xdbb4d128ff3e8a56L,
-        0xeedc83ec8eff26c1L,0x3cfe10dfe4beda18L,0xeb555398b2972b48L,
-        0xb79caa949ebce9fcL,0xb0425e6716bc49b2L,0x000000000000007dL },
-      { 0xe7d34bbe0e8a5400L,0x5f50f6422d2e374cL,0xaaa6e26d82100013L,
-        0xa79dfb31cb6bd0d0L,0x81573d70aca0982bL,0xeedac6643d0964ceL,
-        0xf1b12fb1a8f4ea97L,0xf9885103b636c8e3L,0x00000000000001e6L } },
-    /* 22 << 413 */
-    { { 0x6a3f3b0cf066b354L,0x58cc7cfecdf5d33fL,0x299206fb3b7bbe62L,
-        0x590ee606197b5384L,0x09ca781aa8bf219fL,0xd2bb936cc54c6d12L,
-        0x3053151291abf037L,0x5d04db05244e2825L,0x00000000000001faL },
-      { 0x31e28fef6017bd41L,0x44fc27841c446006L,0x6265b3097dfb20a1L,
-        0xb460776dd6aebeb7L,0x3c2abf087b9a1601L,0xac3464126c7f692fL,
-        0x8fef9006b988eb33L,0xad7ea2997832d27dL,0x0000000000000053L } },
-    /* 23 << 413 */
-    { { 0xd5d2fa1109089d81L,0xb4399d888abd7968L,0xc1716638eb869300L,
-        0xd993cdb9e1cd6275L,0x241d4c2ab8310dd0L,0x031e500abe369875L,
-        0x5a6ed301297c9a3bL,0xf2435b9230b41f99L,0x00000000000000c2L },
-      { 0x08100d2cdf2c3657L,0xa6ac7c13b29b6405L,0xc3a7b5461f343164L,
-        0x8fd10a6b9665ca07L,0xfbfeed84171e0f50L,0xa7d5c01d4f409d69L,
-        0xdb8be8f366209239L,0x68e69ee888fa3ee3L,0x00000000000001f4L } },
-    /* 24 << 413 */
-    { { 0x323e1b7f0a823516L,0x8f4e9152673254f7L,0x5e5d719041599b9cL,
-        0x96bfba24a1198accL,0xb1b6e75bbbfcd72cL,0xfd5955f2f4894626L,
-        0x109edfea898bbbfdL,0xd36929041f468074L,0x000000000000016aL },
-      { 0x089d12a99bb7d749L,0x893ebf254ffc33d9L,0x6ed72c609097ff49L,
-        0x9291e1eeb4e1d91dL,0x0dbfe58272a07882L,0xac41065fbe0636ecL,
-        0x43d74f8bf4234bd5L,0x01bfb0850a28fdefL,0x00000000000000b5L } },
-    /* 25 << 413 */
-    { { 0x01eebda491b42f54L,0x891ca7438f8e24d8L,0x98ff0a26d2362d60L,
-        0x82147d21085b187bL,0x469ab10225f97fb1L,0xc404bd2bd0280e20L,
-        0x292592698ecdb68eL,0x570b7a92d5f50c44L,0x000000000000010fL },
-      { 0x381f68256c856631L,0x4c3d2172fb2c1f40L,0xc1beda5173da2dfdL,
-        0x442095377d9d1ad6L,0xe94807503a33e01dL,0x697d86895fcfeaa8L,
-        0x5d933887a8b9155aL,0x2582c294d2a8f48bL,0x0000000000000064L } },
-    /* 26 << 413 */
-    { { 0x03ba5094920b66a3L,0x65239fc4ebe42bebL,0x68c63f3dc4ce1efeL,
-        0x33084ea54ad8b52aL,0x28873c93b9e33e89L,0x00d6e65e1410a1ecL,
-        0x21cc87d07e79c97fL,0x32bb9986b1277db9L,0x00000000000000daL },
-      { 0x659619b4c1ae88c5L,0xef1b0ea112d24497L,0xc0646672983fec9aL,
-        0xb105138fb42b7079L,0xe0a6eccec2900a1eL,0x5e2eac870b094635L,
-        0x8750a30ab8659fc0L,0xc3aa9a0f9b73a020L,0x0000000000000024L } },
-    /* 27 << 413 */
-    { { 0xf6cd90c7b7e01593L,0x3c0e6245c0096352L,0xb55ed8331cf5a335L,
-        0x480e68de18962d59L,0x83d09d6992f059beL,0xcbd11b027f28d3deL,
-        0xdc5b2e864e26e34cL,0x66e2f6e9eac14dddL,0x00000000000000bfL },
-      { 0x1c0928fba612de24L,0x407a55a5d1db9f9bL,0xa64ea668b6f50f0aL,
-        0x7d1c14e9ede7c9d9L,0xef7fb4b775353ab5L,0x7cc7e66146f1bc70L,
-        0x73dc29babf7e44d5L,0x26b2e00643e6f0beL,0x0000000000000146L } },
-    /* 28 << 413 */
-    { { 0x3463165d755e8efdL,0x96650fb2ac359a78L,0x1059dde3f00748afL,
-        0x0e20212f58e38d2fL,0xda345fe4debdfa10L,0xdf920bc8667e54c1L,
-        0x03953f8ba4dfa4edL,0xc7638154ebb27882L,0x0000000000000110L },
-      { 0x950085ee132434eaL,0x8a2bdab57120a652L,0x28ded0be42ab161bL,
-        0x9b55dc39bf1c6faaL,0x71e94dc9261ea91bL,0xe52990b0c6996959L,
-        0x62bd7c41582570a0L,0x61d8fc99be597471L,0x00000000000001deL } },
-    /* 29 << 413 */
-    { { 0x6dab19378a42408dL,0xc005cc1ff3a80b5aL,0x0a1030f0b8a2cb36L,
-        0x171576f06fc3169aL,0x0b7dc150952294e9L,0xf506b4c3053cf79cL,
-        0x417ca443c70ed2aeL,0x80bbc72684c09424L,0x0000000000000113L },
-      { 0x6ecc2c85cfe818a1L,0x9610f7d24e78801bL,0x8c33fe9336b49aa4L,
-        0x10eda040e5b58e18L,0xd58d1b7b2a8213fcL,0x4db6dc12d932602dL,
-        0xb3a161343b1df67eL,0x734f2ef4b1746724L,0x00000000000000a0L } },
-    /* 30 << 413 */
-    { { 0x37ab4d79ce269559L,0x80ffc5068ba6574dL,0xbcddc7871b2a6d07L,
-        0x8d2f43928c76de3aL,0xfd6347a2f6c3616fL,0x2c47372d5d8a2a7dL,
-        0x246d8873d86e2015L,0x265dc733e339dc8cL,0x0000000000000172L },
-      { 0xa0c9d81159538718L,0x0f7fb3fc26e1da06L,0xa5aaacf82c28577cL,
-        0xfd956a4de59804bfL,0x2046deb77de0e903L,0x7388e7374774c173L,
-        0xcce82ee06107d1aaL,0x2c3d2f51b2eca2deL,0x000000000000012cL } },
-    /* 31 << 413 */
-    { { 0x4294d5f39a9fc27fL,0xfca710b946c678aaL,0x34fbc512549d8927L,
-        0x918de41068015dd0L,0x7c2cf8de5260a6f3L,0x4b248ddb0523096aL,
-        0x7b8493dcb1a42b11L,0x5fe79c0650631110L,0x000000000000016cL },
-      { 0x3dd89707a7ed1ec3L,0xfcc8bb190042f593L,0xedfd3f0813a4e462L,
-        0x33ea61fa56ec2b76L,0x56cd7669dd665c93L,0x62ea3ebdcd19b6eeL,
-        0xa312ca02426ceb4fL,0x7b3645d0137b2440L,0x00000000000001a6L } },
-    /* 32 << 413 */
-    { { 0x9d0dbabb1ec238d2L,0x3f6c4af337e67e7eL,0xf7a6b09464dec6e9L,
-        0x1f53fd502c2724ccL,0x5f333d4751bcaa0cL,0x63cc89baebae3589L,
-        0x2b90af90f0632831L,0x8f6af6cd4d18cfd3L,0x00000000000001ceL },
-      { 0x8b34e44576940e65L,0x264a0d8fc1c34c11L,0xd433303f4120afc2L,
-        0x240a12d6f7e738b8L,0x574fa7156e921883L,0x6b2bb33c02d74e8cL,
-        0x7b193e240fe8e9b8L,0xbe954bad506cc6d4L,0x000000000000011eL } },
-    /* 33 << 413 */
-    { { 0x63299f8ad1979cd4L,0x76ce11cd53a8f2ceL,0x8f5247314756f0e4L,
-        0xb360ef86d6312ae0L,0x26b6aa23146945f7L,0xfc5e0b3453c2b57eL,
-        0x41cf74a99e4fa20eL,0xbc94194f872c03ecL,0x0000000000000179L },
-      { 0x30c171bd96d3ac18L,0x6a93906b7a26ef90L,0x60f1820bf5a6d675L,
-        0x2abec262860a7536L,0x82a44ef7a356d631L,0xa00527c8dd13a5b5L,
-        0x009955617328996bL,0x8e004ab9a0e8f5ddL,0x00000000000000faL } },
-    /* 34 << 413 */
-    { { 0x591f47c9c2db5c7bL,0x83799ff638afcd10L,0x02aca0a07a4fbfe6L,
-        0xe2cf1215d818414dL,0x46330ef3f9419a89L,0xe57b3b7dfcacb608L,
-        0xe2af0b7111de170cL,0xb3dae14ca9f7cb22L,0x0000000000000001L },
-      { 0xf518e5500ae03740L,0xaf9575680d43e335L,0xf341260f5fda61ddL,
-        0xf7fabc68d815ff6bL,0x446f516f11bba091L,0x7b6a7a028c2cbe3aL,
-        0x3ef55ec98ead682fL,0xfa11057b08472496L,0x0000000000000105L } },
-    /* 35 << 413 */
-    { { 0x2ef8dcb991d78c71L,0xea57b096b79b7989L,0xd9cf5cb49b8be524L,
-        0x692d270c0fa151a8L,0xfdd28e1b32b69968L,0xcd3323ae8d8d1e47L,
-        0xfa44d78f4c086337L,0x756f8b1c42359ab6L,0x00000000000000a9L },
-      { 0x5d2941884498e4d3L,0x486cc3fb4a2e8a97L,0xb3629ceb4420f08bL,
-        0x23cb3922a710733cL,0x17ad6e1a321478b0L,0xfe521732df1ff995L,
-        0xdc11dffc4dffeff1L,0x5ae4b2e2957afd54L,0x00000000000001f1L } },
-    /* 36 << 413 */
-    { { 0x4b597ec0dba12c57L,0xb3b2dc7de1fc4b5dL,0x4752e40f15050e90L,
-        0x1fd86c1acda9bff2L,0x5a398964f73d82ccL,0x1f59263b323ec620L,
-        0x350c881919bf5ae6L,0x6736c9f029ecb6c0L,0x000000000000003fL },
-      { 0x4c7f061a627720abL,0xc5011823b7be99bcL,0x5ad5f70496a77f9bL,
-        0x9843b728a8f8d2d5L,0x82d03acee3a8b30cL,0xd03952fe2b786acbL,
-        0xe01b07d58d17f32aL,0x21a6c2baa479b6f1L,0x0000000000000156L } },
-    /* 37 << 413 */
-    { { 0xbd4996a6408964b4L,0xd39f56b289c25effL,0x4b58c175a1935189L,
-        0xeeeb51b457351b32L,0xbad2424c58c15022L,0x88532ce5e3ac5df4L,
-        0x297db1951a613b42L,0xa9826d4bc9b4b0f6L,0x00000000000001faL },
-      { 0xf487960c57881c0fL,0x1b67319734f10432L,0x484f2a40f6a2141fL,
-        0xfb9e8fd2449bdb38L,0x088d6e6184f4e1adL,0x93b7cb1a2e4ac094L,
-        0x855999084b9fb3bbL,0x6f601e992f3be966L,0x00000000000000e6L } },
-    /* 38 << 413 */
-    { { 0x24993c953bb81c62L,0x93e513dfff3eb22eL,0xf23a18b7b756ddd6L,
-        0xa6cfc668247dea49L,0xc2aa1665cd3a8b9dL,0xb5a556189fa99e24L,
-        0x615682b309f23beaL,0x1d669c5bc44b4017L,0x00000000000000a8L },
-      { 0x605339e218b6f759L,0x624202ff67b89ad5L,0x679698559145a96dL,
-        0x6ddb181c7e1ba76aL,0x437631e06eb22bbfL,0x41c8c70078e93567L,
-        0xee67a9ae5e3003f0L,0xeadb9626981a58dfL,0x00000000000001a2L } },
-    /* 39 << 413 */
-    { { 0x47340a8dff6e5e58L,0x597caab368c8ad6dL,0xde8c32ae6b628a7cL,
-        0x694f8cf92168a60bL,0xe41264649434c688L,0x4849f57ba8be6f19L,
-        0x5ed6e3517879dbf8L,0xeaabde98d33e7390L,0x00000000000000b5L },
-      { 0xde51fff7393a3029L,0x40930f72b285d593L,0x6cd65dc0ee41a1bfL,
-        0x77c5681d80dfeed0L,0x8f33ecee8afd229dL,0x137a4d675cf8d15cL,
-        0xa7855f8aa67e504aL,0xb9a6700bb52b6c48L,0x000000000000012fL } },
-    /* 40 << 413 */
-    { { 0x4054b365d1a4a65eL,0xfa395e2aa04b2f59L,0x1c6c3b41bf63d17aL,
-        0xa639fb26abe2aad0L,0x008f81600c9a565dL,0xf5efa9e691061e61L,
-        0x7731c2f76e881f7fL,0x3623cd7c9074b4aaL,0x0000000000000016L },
-      { 0x20ba924b1037873eL,0x7b7107acabcfd34eL,0xb492ebb905e13406L,
-        0x6dcc3342f08fd2faL,0x08f3a1d364126080L,0x8fb54869fb5bf009L,
-        0x5e66163282442dcdL,0xbab2d8dd5c21d62aL,0x000000000000003dL } },
-    /* 41 << 413 */
-    { { 0x526bab49e03531dbL,0x6c2eb8722e649aacL,0x96751e97a364a699L,
-        0xcfffdf6e00d01fc2L,0x40861a4b3d572fa7L,0xfccb951f606b2b3fL,
-        0xf8659daa1950c2bbL,0xb436a4638af98008L,0x00000000000000e9L },
-      { 0x35d0267b9b0b76eaL,0xc4c6961226bd292cL,0x098afee2f060dd93L,
-        0xc7cbd9c79843bd5eL,0x137f8b62152e8229L,0x81825a8462142fffL,
-        0x5b25f6e808d3a5a4L,0xdaab67c3384476afL,0x0000000000000058L } },
-    /* 42 << 413 */
-    { { 0x989bda89821ccd3eL,0xeddc91644cdc3d8dL,0x6a06cd546cf20b6fL,
-        0xf53d75fcb49b3f50L,0x18e2b09f8e214907L,0xff1c4a578857d58fL,
-        0xd2ea3b54af88ce82L,0xc40ea7f424289152L,0x000000000000010cL },
-      { 0x6e9760861ae764a2L,0x79aa8d11fad90855L,0x4e04c7c51ac4067dL,
-        0x4e48d0714b54abd3L,0xc15e12f487c57ef4L,0xcf0dc49e73dea84aL,
-        0x87d2022055e54611L,0x20aa68d70b68bb26L,0x000000000000017dL } },
-    /* 43 << 413 */
-    { { 0x90ddc3205b3c6e1cL,0xaa2d087cbff4a8c1L,0xbdb8dcf2062349a6L,
-        0x06b762825d602038L,0x9f0411cf6739dce2L,0x603ecc513feeaa4fL,
-        0x8b86e3803aba1b86L,0xfdbeff61e0da26dbL,0x0000000000000050L },
-      { 0xd403b2587366a1ebL,0xfdd4afc3fe7e6844L,0xc55a20ed2e8391dfL,
-        0x31d85dd7c875e460L,0x50afaf2183d6c41fL,0x0ddb52a859e9a2b0L,
-        0x5481ec9d971ed465L,0xdd22f0619de7c8d1L,0x000000000000011dL } },
-    /* 44 << 413 */
-    { { 0xa62823964d464d88L,0x4723b946caeab8f1L,0xe68a25c31a3f1da7L,
-        0xb8c1bae54696044bL,0x7cdc5fa6c27e2468L,0xd54c65dc55d7b1c5L,
-        0x9fe5872486b67022L,0xe4e5bf99be39934fL,0x0000000000000069L },
-      { 0x1e79773b464a3c68L,0xbbdccc3899fcf4caL,0xa3023f20e69d9927L,
-        0x39de0edb203fce2aL,0xebfd0e18fab9a998L,0x14b7b1e1bc60d079L,
-        0xfa9a20add10760c5L,0x5050fd3e820f2a0eL,0x00000000000000a8L } },
-    /* 45 << 413 */
-    { { 0x4d4028e3962d3e22L,0x221795bb8df85019L,0x3e93eba3b7f3dda7L,
-        0x18d2aa25ba5f7d48L,0x5811dbcf5b36ec49L,0x74878d24bec9449bL,
-        0xb331d19575d88654L,0x68d14252ee93f20fL,0x00000000000001f6L },
-      { 0x4c3947ef517f4d8fL,0xac81ff08fd781b82L,0xa8183a60afd02499L,
-        0xf11fcac98cbf1552L,0x639c9edd2464822eL,0xa6a0974551617891L,
-        0xf475d74536c25dc9L,0x0e2df3059e3de853L,0x0000000000000133L } },
-    /* 46 << 413 */
-    { { 0xc412881ffe8e6e27L,0xad72506e12423bbaL,0x557e822a887695eeL,
-        0x42741b0e91b1f6c8L,0xcd108283790a1959L,0x526c066463986f8eL,
-        0x7b3c480388675baaL,0x7c7a94618d2b8f28L,0x000000000000012bL },
-      { 0xf3b31c681f34e4e2L,0xe27f6de0d22cec8eL,0x3cb7d2770a843a7dL,
-        0xab143cbe02ae4431L,0x9b786935cce27ca6L,0x63c73cde9c515282L,
-        0x0b6854a1f1ef32f1L,0x843fc37eb5d08cddL,0x00000000000001e8L } },
-    /* 47 << 413 */
-    { { 0x81d165c841a1e954L,0xba30ab7ad97a9a90L,0xebe7c890998f67d2L,
-        0x972185aa63216872L,0xf9859ed7eb4ff20dL,0x13dcc62399e6f6a8L,
-        0x5d2cf8ce47a6b661L,0x2260e1445fa93eaeL,0x000000000000004dL },
-      { 0x062cb12721186595L,0x15bb3dad9cdbfe1aL,0xad2bae7b944c54b3L,
-        0x0dfa4da0ba724aacL,0x6b342cc6bfe51025L,0x4d8bf909d9c2630bL,
-        0xb374c6c6131de964L,0x475e6872835f73c1L,0x00000000000000e1L } },
-    /* 48 << 413 */
-    { { 0xc296b1f684c1985aL,0x971547c5aa4f7132L,0xe3705e1183e168cfL,
-        0x8d00e588c935a3deL,0x853154235262789bL,0x46f2c2ca005f7c35L,
-        0xfbfbadd217ea733eL,0xb32a38b6c9e496a6L,0x00000000000000d8L },
-      { 0xa82e95e5cec8d3f9L,0x8a1efca3e378be9dL,0x6e114d078080d874L,
-        0x514dc754fb9c056aL,0x5781be8966ef6c48L,0x0586bd3834b1ebe3L,
-        0x0e31b44f8a8b161eL,0x20c2b78ad4d62dd5L,0x00000000000001dbL } },
-    /* 49 << 413 */
-    { { 0x97a8c5a9870c8cf3L,0xe01acc6f904f3673L,0x42ee78a16905580cL,
-        0x237eb3fb4e2f3c90L,0xab1806eabe2deba1L,0xf2b6643f66c68eb3L,
-        0x75e0a1d4a509adf3L,0x7a7dfcb64779af07L,0x000000000000000eL },
-      { 0x951ef5e34263b572L,0xe203f49b636a5067L,0x8d229b333377c5f1L,
-        0xd3427aa4c030994eL,0xdc7861d91a84d51cL,0x6454562f195e282cL,
-        0x74a7c351f6882e78L,0x4eaefb0f0798f8c2L,0x000000000000018eL } },
-    /* 50 << 413 */
-    { { 0x2b2188b680f1f0b3L,0xefed65ae394debd7L,0xbeda0fe75d7c51b5L,
-        0x3989a2b6cd0db074L,0x0f5406253d9437f6L,0xf58203c70c0169a0L,
-        0x400e35e9bbc38332L,0x3ea9b7a961baeca4L,0x00000000000001b1L },
-      { 0x58cc97c45059b23bL,0x8f5e67fccf7bd0e2L,0x6baec2aedfc1882fL,
-        0xa0f796283aa69ec4L,0xed7986f2a6d520cfL,0x5fa28f4ac454e929L,
-        0x5835f87541151c50L,0xa3d1fdce3143de1eL,0x000000000000002fL } },
-    /* 51 << 413 */
-    { { 0xea6629b82b899daeL,0xb372b86257edbb50L,0x053f9c62cd45f9f8L,
-        0x395c0f8529604bb2L,0x24100041a1e9e16aL,0xd89d20d72b979b9cL,
-        0x4ff39f96845213e8L,0x077d286e70ca9f63L,0x00000000000001d5L },
-      { 0xa250b87c56f1bcacL,0x9d71c979886fd8b6L,0x079a52682c052432L,
-        0x80d965ccbce043bdL,0xb7590694806ee3e3L,0xa829475e77f75c78L,
-        0x6311b404667c2bffL,0x88343a1c8aa15256L,0x000000000000012fL } },
-    /* 52 << 413 */
-    { { 0x10e4b5a2ad1c282eL,0x6f768a2376e6a2a4L,0xd92b73cdcb93da72L,
-        0x477c839eecc382a3L,0x761d18d5a70b8e5cL,0xd09779d2270ba0e8L,
-        0xc2c8eedfb2ea6bbfL,0xeadbb724599593b9L,0x0000000000000026L },
-      { 0x6eb0aa1c8ec01fdfL,0x3dc88cd0b3ded71eL,0x8c4bcd807bc58ea5L,
-        0xea9404def976a709L,0x97e33a53d73a2a75L,0x8c20e2ea165b3e6fL,
-        0x4193a051ef0c6a5bL,0x1edf6f8c3fb398d6L,0x0000000000000016L } },
-    /* 53 << 413 */
-    { { 0xa1718bfdb4a3de01L,0xe962902ea830bb59L,0xf25d70441a38302dL,
-        0x285917cd4c16cb5aL,0x0b86ce611be8e2e7L,0xb1f2900c6e96d268L,
-        0x18d5185e834190f9L,0x96c4db4bdacbe228L,0x00000000000000afL },
-      { 0x7b57f2eeec9822c2L,0x36ceebfd9b46f49dL,0xb11fa678043a7394L,
-        0x75a9f067e86cb17dL,0xd13a22746e1185b4L,0xa7137a6a24b92829L,
-        0x30f74cfc2edb7707L,0xaa14984f56fca5beL,0x00000000000001eeL } },
-    /* 54 << 413 */
-    { { 0x85d2856b0231dafaL,0xd7fabb5108028fbbL,0xca0066e8602a5eb9L,
-        0xc6d7512e885466e4L,0xe5d1fea841615e58L,0xa2de9d5f996b2a88L,
-        0x0cbd9831554a3c32L,0xabb8d9cbd675917eL,0x000000000000003dL },
-      { 0x10fd5eb68255009fL,0x47fd9bb733d24399L,0x4a4d9629ac5cd8b4L,
-        0xae5aa75cbb1b9747L,0xa6f7516e98397c51L,0x38d011e92ed7e028L,
-        0x3e2e3a3357c86547L,0x13f713fa701e9db9L,0x0000000000000122L } },
-    /* 55 << 413 */
-    { { 0x2662f1810115f051L,0x7e2fe420aa76e71aL,0xe198883adf6a9851L,
-        0x9e4698fb250b8ce0L,0xa9c27caec73858a0L,0xba746550df3344aeL,
-        0xc7c7a7a7a6e81567L,0x942c6f66e35727b5L,0x0000000000000187L },
-      { 0x08a018d6e8a4fbddL,0xfc08d2fd6798242aL,0x093b8894b21316baL,
-        0x4320f88aea4ef1adL,0x28fe97c8e6141abbL,0x50ad5c65d21bc6d8L,
-        0x0840a2a4473c5901L,0x20297e1baf604adcL,0x00000000000000a7L } },
-    /* 56 << 413 */
-    { { 0xea6e467aaeb0d0f0L,0x9fa030d9eb5ee813L,0x9be99873515cdbf8L,
-        0xe608db63a805d16aL,0x5e6255dd9ce2f64bL,0x2d88fb427418bb31L,
-        0x147c74fee7ac60bfL,0x34df0171672b0f90L,0x000000000000004dL },
-      { 0x6c1f267177f1f4feL,0xf64d4242138fa188L,0x55ab5ddd4c0097caL,
-        0x354bb5f3bdbdb465L,0xad6142d579060e68L,0xd9adc1101017b5fbL,
-        0x656ffc3a9f510299L,0x568945bd741ebe49L,0x000000000000009fL } },
-    /* 57 << 413 */
-    { { 0x3b3b40ee0d593a59L,0xd8655c25b704b4d9L,0x58d47bae4ce690aeL,
-        0xe99ebb1f44bfd996L,0x5039cb719e993a47L,0x0e30fe78f47ed3a0L,
-        0xf73f450b5bd344f2L,0x35a41fc7ca7179a1L,0x0000000000000053L },
-      { 0xc9b89a7d4b94e4a7L,0xf84e3eae978f1d58L,0x18ac261b1ea29601L,
-        0x004424d32d91713eL,0x61bfe2f4e594f2ecL,0x444d234da62b8403L,
-        0x77c35ae6dc6b4b34L,0x75fbae457da07a2aL,0x00000000000000deL } },
-    /* 58 << 413 */
-    { { 0x42c072b856afffc1L,0xecf5aac3405b1205L,0xe64a6af0f8f4c098L,
-        0xb29e488cc9cdf82fL,0xa859c42dabc487e7L,0xfe6bd7e9464bdd74L,
-        0xdee72074eafd8d10L,0xa9da876d40f4074fL,0x0000000000000020L },
-      { 0x733dfb9a970d4e05L,0x1560161d4e08df26L,0xadf0d94e3675567fL,
-        0x0e063d520703fd74L,0x91f7dfdb32500e7dL,0x4d20c3881456db62L,
-        0x49311bdb8b5ddfe7L,0x6e844794f76e2067L,0x0000000000000071L } },
-    /* 59 << 413 */
-    { { 0x31c81bd38d139215L,0xb2e03ba0aa31ea08L,0xe8e0824db68f165aL,
-        0xfea377926694a8d8L,0x3f967e438274eb91L,0xe4bd0c82cca1557aL,
-        0x1daa85547bcd3067L,0xd3334fc48baaaa35L,0x0000000000000141L },
-      { 0x9281ae374fe8c1f5L,0x91fe949cdc284160L,0xb50a91b15fc70688L,
-        0xbffd0e40b7ec7809L,0x2ec95feacf809d19L,0xbfa250a6f70c5c78L,
-        0x3c3111505dccc3e7L,0xd2d9107cbddae7f0L,0x0000000000000136L } },
-    /* 60 << 413 */
-    { { 0x30a7aebd85a53d34L,0xf42e79a34ffe774dL,0x60e6bbffd567b09cL,
-        0x30c427bee46a553eL,0x3083088d3ef4ab24L,0xa2959e2b8411405aL,
-        0x72732346f6ec7452L,0x260a48eb44d2b722L,0x00000000000001c9L },
-      { 0xb5f775e0b1160f42L,0xd7b0ebb4266a2d91L,0xf66d1fec455c9e75L,
-        0xbb3adc9e66d89a69L,0x0c49158dd66a3216L,0x5eab18da51e0df4bL,
-        0xc008165e7ca542dbL,0x6007ee56065967f6L,0x00000000000001afL } },
-    /* 61 << 413 */
-    { { 0x3e43fea8d59d042dL,0x826f5eccd135dcddL,0x937fac11e783cd85L,
-        0xe514de033495a28fL,0x16da07dc0217f127L,0xdd4edb0f9f1049e6L,
-        0xf4bab49015317cc4L,0x8a4d5834510edce9L,0x0000000000000048L },
-      { 0x3daca528a6ab3760L,0x4a210108aa22cdb0L,0x8f7d2289cd53851dL,
-        0x494ff277eaf66a0dL,0x406301d01b33a9d5L,0x1993932f8d87f67eL,
-        0x20ae660e73829af3L,0x3bb045bf23729097L,0x00000000000000eeL } },
-    /* 62 << 413 */
-    { { 0x3131547bdda780aaL,0xec4bbfd7618a818bL,0x06a9305b376c9580L,
-        0x7af0133e4068efa0L,0x089725c5c0dd9815L,0x41620e90380fc678L,
-        0x3e93df46704179fdL,0x350b0a9f498b064aL,0x00000000000001c4L },
-      { 0x46d40dfd908a6651L,0xe872529e45405cb1L,0x71f9883ba68ee627L,
-        0x77732ecd56e0c803L,0xcab27f558c00c613L,0xd74f55bc6d431b96L,
-        0x84426040a332bb37L,0x9f1aca8ac247e7adL,0x00000000000001f4L } },
-    /* 63 << 413 */
-    { { 0xd491491efd080c64L,0xfb48d7df52544552L,0x2dc3bca98e495dc7L,
-        0x4a82f1464dd3d735L,0xcd7034f325427421L,0xf25d1072fc1e5323L,
-        0x1d90639574c48551L,0xd3383ab8d11bc0e8L,0x00000000000001eaL },
-      { 0x9b2bcccbe3d16f54L,0xa1f4b6eb85354b8cL,0x4c6a0456950886a1L,
-        0xa36a9009f5394ac9L,0xcfd0a2a221950a10L,0xf4ca275ede4cff54L,
-        0xe755c08c693839a3L,0x4f04cd6185190443L,0x0000000000000190L } },
-    /* 64 << 413 */
-    { { 0x61d252da63d7540bL,0x5977687dba87605eL,0x53be7d04f8f3558eL,
-        0x76c4c49c99f1aaf0L,0x129e0bffce8bf731L,0xcdde32a166a1555bL,
-        0xedb9e9e5d4bc5b6aL,0x675b5d1252bc3c6fL,0x0000000000000130L },
-      { 0xfb3dabae91b491f4L,0xef1967c39ea0b6d1L,0xb68a0e75e6370d8eL,
-        0x6dd017fce2ffb7b5L,0x7e3dc82606d66169L,0x802b269056271658L,
-        0x117a4ee3c3da3c9fL,0x80bb9fcf167d09afL,0x00000000000000d0L } },
-    /* 0 << 420 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 420 */
-    { { 0x73a6ba3810a8c4fbL,0x5153d959ecc93e5dL,0x7ca58012b59e9871L,
-        0xedc0dbefafd442f1L,0xb9050a22b9cf7691L,0x3d1e96fe464d017dL,
-        0x541781a482074dcaL,0xedce0db38b355413L,0x000000000000006bL },
-      { 0x1a13e3eeae2b39c2L,0xc431081d3c218179L,0x5cbc14c1ae68b7c6L,
-        0xcf2559bb9005a304L,0x14d7c1e92ec7aed5L,0x5c379bfe1e2e2f0dL,
-        0xfc33e4d2886f0cf9L,0x2f14e7d0ac4e1d17L,0x0000000000000071L } },
-    /* 2 << 420 */
-    { { 0x27e639c92c82d5c0L,0x035527b8104b9d44L,0xd0a7f3c88a17be05L,
-        0x3c529b91813cb246L,0x296074b2b8e54b08L,0x660118578dca703cL,
-        0xfa30e9de41606a8dL,0x2652c08c9ad1d94aL,0x000000000000006eL },
-      { 0x09724ba6d42d26b2L,0xc0a02c2e25eecab7L,0xb004174845e7fb83L,
-        0x24e80b604503354eL,0x4f3045f9da55516dL,0x97d76335cc7b2627L,
-        0xc8bfd79bb380f10fL,0x987396522becbc27L,0x0000000000000146L } },
-    /* 3 << 420 */
-    { { 0x9394910f0093fd88L,0xff7760d2547fc3e1L,0x7b81fcf5a904c24eL,
-        0x120a558dfd80644cL,0xfad07009a715d6fcL,0x24bd3ad8abf6246fL,
-        0x7c5b04c779c968a7L,0xc7df9266108ad586L,0x00000000000000d3L },
-      { 0xe37db2e0b655b6e1L,0x0a029277568c6373L,0x0bd0526f428a6b69L,
-        0x54bd7b9b3d4f3847L,0x42caca2fcb6bd60fL,0x657b0f1f6d10bfa6L,
-        0x97f9f99d0fef238dL,0x93171b4dcc3795a8L,0x000000000000009dL } },
-    /* 4 << 420 */
-    { { 0x83fa275b0ddd2ba9L,0x71f5b43dbaddbdeeL,0xb67814112244290bL,
-        0x075580601244c56cL,0xfdd85cce2ce4fc6bL,0x7fc52dace53b1502L,
-        0x3243b95255a68467L,0x06ef6a6540900cefL,0x000000000000009fL },
-      { 0x562d06ac65457f82L,0x9dbd63519a9e8e58L,0x0d218265496d9349L,
-        0x940bf3f4a218ec30L,0x1e9c0aa3d605883dL,0x2cb9bcc6427f8a5cL,
-        0xba3119b23685376cL,0xfc2c2f0df0c5783fL,0x00000000000000dcL } },
-    /* 5 << 420 */
-    { { 0xb7b63d0fa73a1aa4L,0xfadba5955532ec0fL,0x19a61405ff9e47d6L,
-        0xd9a44ef1aa210afcL,0xcab8bd2c3c3e2b07L,0xdd8f8d154e1428a8L,
-        0xa5eabcc591f63ff2L,0x7dd9635666f368c9L,0x000000000000018aL },
-      { 0xb35c9e17d84c056dL,0x0f27cd01eddff5deL,0x855c10a92c0d1066L,
-        0xc7aee7feb4bfb648L,0x9f9d978d5803338bL,0xfca5a25f4f4f2b95L,
-        0x9d5d5fbfadf37f8aL,0x13482b1e5059c65cL,0x00000000000001a4L } },
-    /* 6 << 420 */
-    { { 0x6e95a3aefda1ffdfL,0xc4014ebcea5aed3bL,0x915719f862b64816L,
-        0x2ea08a71de90b2f6L,0xd2b45d301b4836dfL,0x5647580021840212L,
-        0x169110f6ffca7e1aL,0xb32ee8a9f5f43dfdL,0x00000000000001bbL },
-      { 0x7ba4dcd71962c792L,0x539fabac5fddda2dL,0x48913d37cfc7b6c2L,
-        0xaa2e0fb009d93b9fL,0xa625455b63f79f1eL,0x0f26f80b7c45060aL,
-        0xdba77c6793ee96fbL,0x54ba37408711afcbL,0x00000000000001eeL } },
-    /* 7 << 420 */
-    { { 0x95da54447500f10aL,0x6935ca2aa6b14d2aL,0x58f4555c30dc9660L,
-        0x949ec82aac954b30L,0x94027576e7fa5c4dL,0x035d525a21960c7fL,
-        0xe3ed1e66c2092c76L,0xbd151aa3df9779a1L,0x000000000000012cL },
-      { 0xda7d7c3de59368feL,0xb4c240648ddce4fcL,0x05360bf847eb7a34L,
-        0xe0889804700d30fdL,0x99e1add207f447f6L,0x30e5b7574a4e8762L,
-        0xee9f06953329b2fdL,0xbb6fd0fc6894a597L,0x00000000000001a6L } },
-    /* 8 << 420 */
-    { { 0xb70f255cee12880eL,0x0fcff02402831c27L,0xd92706fe87241978L,
-        0x75c7a550fb475daaL,0x128971bb889e3be2L,0x032c8d2651f95444L,
-        0xabe4d7dd7251b1c7L,0x8c903fae332e627cL,0x00000000000001faL },
-      { 0xd00f7bfc32b6fc85L,0x33ebf5c256e1cd16L,0x0cb224fd42b24457L,
-        0xfd0d2136a0ec189cL,0x4718b1736cce225dL,0x403528f6e04d9e2dL,
-        0xc7312b00e6e6e81dL,0x3d146f6002202a72L,0x00000000000001b1L } },
-    /* 9 << 420 */
-    { { 0x1a20556e1034bea2L,0xd717d9172be51df5L,0xe95f091286ac317dL,
-        0xf3923fbec1304ee3L,0x3f763629e240f768L,0xcbf933bcc8c2af96L,
-        0x0e7cbef612c667f3L,0x6f01599295d25e69L,0x000000000000012fL },
-      { 0xf941627f4b56bdafL,0x06ee3b59eec4ed47L,0xb2c0882e4d951b00L,
-        0xf5304c7c8652dbcdL,0xf59e2884a6245127L,0x2f9752c14e4444a4L,
-        0x91d5fa7af8ded8f5L,0xe5bde5985c3a5632L,0x000000000000003dL } },
-    /* 10 << 420 */
-    { { 0xd9e55a11a0d1be9cL,0x4c3bfaf24c1c1b10L,0xb0d8ba7d2e8bdca5L,
-        0xd67631c3e2b2f07eL,0xa7bc810f085dc2acL,0x0df53d51ea54ed35L,
-        0x09cf707235ba17f4L,0xd6bd518ebe70853dL,0x000000000000004aL },
-      { 0xa7cd3940b78c4776L,0x9ba0f564e9be7ca5L,0xc40944c61c45432eL,
-        0x44fff573472b1abcL,0x80ebafa1c1ec6836L,0xff7eb86e0c55f71fL,
-        0x20c8e2695b805b7cL,0xdf0e571b16aa5eefL,0x0000000000000199L } },
-    /* 11 << 420 */
-    { { 0xb765a24b2af340d9L,0x958178050b487cdeL,0xf2b88c2cf47f322aL,
-        0x7fa33ce51ee6fa6cL,0x98002c9a11a0096eL,0x5507eb0bbb6e514dL,
-        0x7b3dd65c1a52bdceL,0x80a29cc867bdeb7fL,0x0000000000000069L },
-      { 0x0cdc241d6d7c8921L,0xb1506bfc039a455fL,0x14ecf2f7ee18c2bfL,
-        0x3317ba71027f00feL,0x2c12d6706662fd91L,0xe9cedbfd87d5376fL,
-        0x3e0f51b5b3bc972bL,0x2450c347b2c1a068L,0x00000000000001e7L } },
-    /* 12 << 420 */
-    { { 0x484732401f8815a7L,0x46168826199e1b61L,0xbb9a52bc07807f97L,
-        0x7b3824d9ba31351cL,0x67cd58b460a2da3cL,0x0d99d6d621957903L,
-        0x7c3380d37b459b99L,0xdd0a602353b07588L,0x000000000000010cL },
-      { 0xebc49bc0ab2213b8L,0x540f6fc558615ccaL,0xe873ee56d8bc64cfL,
-        0xaed30c80ffe085b5L,0x03d39214d0de645dL,0xc6ec44b959f64e2bL,
-        0xffafef87c7f37e31L,0xef7985a21ea39c70L,0x0000000000000159L } },
-    /* 13 << 420 */
-    { { 0xcddb65c37f55b79aL,0x6e26c45f5d85b33eL,0x111919ceb1470acaL,
-        0x7aa294e0e6c06007L,0x35207de63c009509L,0xcf119448ddd0c472L,
-        0xc01bf29c3c05546dL,0xadf8465854126fe9L,0x0000000000000054L },
-      { 0x2c13d69dfef83427L,0xe539c2da0960af28L,0xbe374a8297ccc699L,
-        0x8020d224523d7f91L,0xdab7f7d6531b6154L,0x37ae51127cfaaf1bL,
-        0xb5e3e2036f69e8a9L,0x4291b0454b708b58L,0x00000000000000e9L } },
-    /* 14 << 420 */
-    { { 0x4c085162a78092beL,0xcf80206180d90634L,0x95c122b69f81ff39L,
-        0x5c936cacaf784312L,0x9f4796ae350bde15L,0x0fd2eacad138a2f3L,
-        0x5764f1cec825ae43L,0xc9b9d5ec9b4f1332L,0x00000000000001adL },
-      { 0x3049e55456c15c19L,0x61c0dd81e3fcab36L,0x2132d9b2376e573bL,
-        0x875184b1c05ee74cL,0xc37f8e51a427b9e5L,0x6a2fb427e6c5b9d5L,
-        0xcf13c1ef7b754328L,0x146447f8d1749292L,0x00000000000001e3L } },
-    /* 15 << 420 */
-    { { 0xeb3388479418ced8L,0x68f55b32506ed21cL,0xccdb0bd335ec2dfdL,
-        0x63b075e8b65f515eL,0xd3d07af8f6905524L,0xad5a170ad1589131L,
-        0x97ffc56d61582a3cL,0xf15add9a34c2d2e4L,0x00000000000000e0L },
-      { 0x79d0330ef5d91b62L,0xf3e8f69ce46eb580L,0x1b5ea4a8067e7599L,
-        0x425084336b335559L,0x85863c2eb4ad41bdL,0x9572cd16aa1db8fdL,
-        0x55756be84f205835L,0x82ed485f53de8f6aL,0x0000000000000049L } },
-    /* 16 << 420 */
-    { { 0x7d6e42404e1080a4L,0x5cf6c427e1adb078L,0xe74ec6033d594e28L,
-        0xc0185404bdf853f2L,0x287d94dec3335717L,0xf735656ac3179807L,
-        0xd356f2bf604e93f7L,0xb1fdc2f2cbe27815L,0x0000000000000151L },
-      { 0x7b17e356da1d3ea1L,0x0ed57d7ea7af9610L,0x4a6ac3e53ae89c0eL,
-        0xc8f722b85f82b4a3L,0x453d5a4a7f0850faL,0xd6f79d237b3ac4a3L,
-        0xe1c9dfc20dbae800L,0x56e4f0f5c4b9258eL,0x00000000000001caL } },
-    /* 17 << 420 */
-    { { 0xe80852c1ddc395faL,0xe58da639cf6e9427L,0x2d80ef4ccf9f6f4fL,
-        0xfc2bc3b9469f9ec9L,0x90dd2047b5059098L,0xbc7dc5b8a38a135dL,
-        0xba7a504e14d5187dL,0x1e5cea620bf39092L,0x000000000000016dL },
-      { 0x71afc93587e487e0L,0x5ecc86b7ef01d44fL,0x0987add313d2d4e4L,
-        0xf64716e189b1c583L,0x2ef8a366b9927a7fL,0x83bf2fb6a43e9f9cL,
-        0x16f2b1856dfd62d8L,0x0720e52aeae049a7L,0x0000000000000027L } },
-    /* 18 << 420 */
-    { { 0xb372ca6459f57bf1L,0xd71dd5777941180cL,0x71685edf4e9ff4caL,
-        0xe587c1c10ea50561L,0xa8807733b4de6fa7L,0x37fd0baaf54d261bL,
-        0xbd41723b63d60c25L,0x1db8a7d40ee723b6L,0x00000000000001d2L },
-      { 0x4ed434f57731688eL,0xcd0b204990872443L,0xf1cf19d6f08bcd59L,
-        0x0a2421868d0e3d48L,0x05071d83631b9d75L,0xe6c824d71f5ea438L,
-        0xee72e77f733eab36L,0xa2edb32480653b67L,0x00000000000000efL } },
-    /* 19 << 420 */
-    { { 0x3c66f086179844eaL,0xa6a8ea1bd3130343L,0x392cdad799fc9f0bL,
-        0x3394632e63b0b646L,0x29bf4836f7748943L,0xff18e250c24214deL,
-        0x6758a91d0c636fd6L,0xd2cc47e168fee4d3L,0x000000000000013bL },
-      { 0xd6d1f413ef6d4af9L,0x0092046fc87c16e4L,0x93d8aa9f3ce6f5d9L,
-        0x8f7642089eeb6b0dL,0xb40ff54c3cf6b39eL,0xafa404ed994e9d85L,
-        0xe0aaa8228a7a8b6fL,0x74e6a937fd01cbb6L,0x00000000000000c6L } },
-    /* 20 << 420 */
-    { { 0xf52e68cc04a4640fL,0x469ce7167a073c4bL,0x3ef46bb0bba28a24L,
-        0xb963bc66d966a270L,0x5195fa9dcac49906L,0x3265912718c2f3bbL,
-        0x5bb5b809a43a8d57L,0x654653503806ba70L,0x0000000000000163L },
-      { 0xb3ddf2d683ef27eaL,0xc490dbad6a698a1fL,0xa13676175dbef692L,
-        0x2a41f99f4a8d7af3L,0x3a6ed906f7cd77e5L,0xc842b863533e5cfcL,
-        0xc098708ee1bec806L,0x9c21e280e32088cfL,0x0000000000000000L } },
-    /* 21 << 420 */
-    { { 0x8404d82c0f06d9bcL,0x547289a5294acf16L,0xb468ae64c502621dL,
-        0x985c267fb3b353a2L,0x4e11dd3e5721f0b2L,0x2f5cd568ce1a24f1L,
-        0x1dedf5ebb5fb7148L,0x42a82389c1626fbcL,0x0000000000000110L },
-      { 0x8543730601bfc317L,0x7f7784a2e5cae3adL,0xf3dacc6469be54d6L,
-        0x038528a3c9d9e32fL,0xf98309683a6f6357L,0xf325307d3f837cfeL,
-        0xe805afa33af3d0c6L,0x275272065252e357L,0x0000000000000078L } },
-    /* 22 << 420 */
-    { { 0x0aaa344b99371256L,0x0a066fe2d37c69aaL,0xdf78a35d25e09230L,
-        0x53c1bd11d8dc7960L,0x02a2444bc9fce3efL,0xad94f6321b02c0f9L,
-        0x827e0e363ab86bb1L,0x378fd466c7c1a0a4L,0x00000000000000ffL },
-      { 0x94780574032e1eeaL,0xc220064001cb9b20L,0xa27c53bbaa195a72L,
-        0x41cfa39c1fd255aeL,0x0727c31a99f3b693L,0xea608501ae941816L,
-        0xf6f564d91ffecb1bL,0x78a17e5e5f980bddL,0x0000000000000188L } },
-    /* 23 << 420 */
-    { { 0x8bb946e2dfa393a4L,0x08fb2f81f615c758L,0x1db09d68b2e74865L,
-        0x470d784d3fb6b0f4L,0xd7e9135501b6735bL,0x8b7d570a051cba9dL,
-        0xfc3e0b2c70b205c5L,0x06869d5e1e7cbb3aL,0x00000000000001adL },
-      { 0x55ca4fd936ef4edbL,0x69d852beecc47c2cL,0x1bb04f285c5b235aL,
-        0xbc4ab04d098a7ba8L,0xcc8ac9027b5f540eL,0xf538468155d8047bL,
-        0xe494d2587ade6e54L,0x7f6619105cd2e315L,0x0000000000000134L } },
-    /* 24 << 420 */
-    { { 0x9f89d5bb56aa4115L,0x63fbfdcac2d35218L,0x595276045879b205L,
-        0x546e9805863191fdL,0x01d6bb2b492bbed9L,0x837d7e9c73daa6dcL,
-        0x3d3a90f2363a7a49L,0xb50a603d703ec617L,0x0000000000000160L },
-      { 0xc7d60aa51d767edeL,0x78b275545178ee0eL,0x45d33bfbc598f46aL,
-        0xdb05f976bf59b320L,0x4d4d3206f704d3a5L,0x883fada582590e40L,
-        0xe9369fe09ef9a17eL,0xc1d11e068661cad5L,0x000000000000009dL } },
-    /* 25 << 420 */
-    { { 0x76b3e52bd80b2b0eL,0x1ddeab08d57b3e26L,0xadeee95e05d4095cL,
-        0x8a441ed876b470c5L,0xb40ea63b598bb942L,0x7a69955764e9311fL,
-        0xf41e2dbda3b34c65L,0x36041d213038b04cL,0x00000000000001a0L },
-      { 0xa8630639aff87e50L,0xcf330929a9050224L,0xe1343f8f9555f24fL,
-        0x7b2b57fd4486e5beL,0x901a1fa3892f8985L,0x48ecf1c0ba0578f9L,
-        0x062036a458c5803bL,0x64db8ad3d495e812L,0x00000000000000b5L } },
-    /* 26 << 420 */
-    { { 0xd828a1eea7cd3d7cL,0xa39918741c46e505L,0x2907f22b977a89dfL,
-        0x1a97284ea8bda785L,0x3be00be53e2c7eb8L,0xa09b9df661392237L,
-        0xad6d2e582734a180L,0x9c8fad43f305fea8L,0x00000000000001b1L },
-      { 0xdf8354b4d3157befL,0x1bbbb2ea3fff9736L,0xd875650ab541b7d2L,
-        0xa219b4ff11f808dfL,0x8fddc92292b811e6L,0x8ae8e5e556e34e2fL,
-        0x9c90ed9d431f2ef4L,0xb83c8e8d6e5aeb06L,0x0000000000000033L } },
-    /* 27 << 420 */
-    { { 0xab542a3bec6d5a30L,0xf3a89c0cbcedbe21L,0x06d93f10f42b171fL,
-        0xc05c30b19b2f005bL,0x4402de5b488c69b1L,0xc4fb5dac03bff7ceL,
-        0x8cd55dad7ab06022L,0x52af902df9b2cfafL,0x0000000000000193L },
-      { 0x16f1519f32e721a4L,0x868f20628f21c68dL,0xd0af3d8f1d1b6568L,
-        0x476cabdc0655b4e2L,0x180bc7c910912bd7L,0xccbe77e248758e83L,
-        0x5248fe84c984174fL,0xe69a6bcc64f9eeb5L,0x0000000000000073L } },
-    /* 28 << 420 */
-    { { 0xf736440000feca1dL,0x037b3d49852c31b8L,0xea78fd256c6687b5L,
-        0x2ebe2e7bf447b783L,0x654f16b156d7f1a6L,0x8f71c03583b9bec7L,
-        0x26211de5f46e3a73L,0x64c26d1d9d823907L,0x00000000000000d4L },
-      { 0xf055c6a0dd7faf2eL,0x0f98d13a2ca825c0L,0x539a62a67bc8d8dbL,
-        0xadc25a49b69842dcL,0x8a5f304557914947L,0x9c8541cfdc1ddb47L,
-        0x9e133348f4ec01faL,0xd0fe103be3eba2fdL,0x00000000000000c1L } },
-    /* 29 << 420 */
-    { { 0x5b1d13ec418a83dfL,0xe9288a19dd578685L,0x8c90adfff1199fd2L,
-        0x535f7ff5c9dfea76L,0x2bc4a3dbf0846631L,0x36a1bd74a6b94ae2L,
-        0x5c61d3a32c51a655L,0xf03d31519da1a40bL,0x0000000000000118L },
-      { 0x4deee9fda7c44cecL,0x4d3cba4911e4cca1L,0xeb066f59b33266dfL,
-        0x45b3856fb3d19c6eL,0x3ac917f0cc142930L,0x8d067ea4a5cc182aL,
-        0x1dbbb1c652ee009cL,0xd5769d6027ff54c7L,0x0000000000000110L } },
-    /* 30 << 420 */
-    { { 0xa15a7bbf8eefad48L,0xe6e89e742651197fL,0xa61a3e84bd94ed51L,
-        0x0d244f552b588bf5L,0x65a05bcd083d4e00L,0x439c2e1c135d813fL,
-        0x48e05e558b3ffcb7L,0x215bb215254e73dfL,0x000000000000010cL },
-      { 0x240758f78096e07dL,0xd60bf24f18137989L,0x0b8be39738a3a7f1L,
-        0xad8e978490bed9d6L,0x292131c39b75ec5aL,0x1159fdc879cc4fdeL,
-        0x42fa8c1f64454a70L,0xc8c4d18461a34ddbL,0x0000000000000053L } },
-    /* 31 << 420 */
-    { { 0xf64f3d95dfb33552L,0x4f52fde0ae6e4644L,0x43ae88ccd887707cL,
-        0x0873f0578ffac488L,0x39fae3481d00f41eL,0x9f0f2187f47c974aL,
-        0x5e63a28114aa2ad1L,0xe12e811cc6985285L,0x0000000000000196L },
-      { 0xab5ae9ccac35731eL,0x8967bfb5bed4d30cL,0x92ae61f5c2ed4d32L,
-        0xde3ec6960ad912a8L,0xc931c7b5cf649a14L,0x5588d02492043e7bL,
-        0x19c4fe955cc40a0fL,0x9709c5ab8e76d659L,0x000000000000018aL } },
-    /* 32 << 420 */
-    { { 0xc3c84fd2b5f54682L,0x3488244e32c3a3d6L,0x08c89d9ec1f6e2a1L,
-        0x9a8aadac957ef7deL,0x0a54f7fa07cca3e8L,0x42ad7295ba97bb36L,
-        0xd82cae54871ae976L,0x0eb9357204bf46d8L,0x000000000000009cL },
-      { 0x2a3aa55f45ae741dL,0x9b2168b79034b489L,0x66c66f0921f91264L,
-        0x6823b0fb70703195L,0x5e43efad96e215b9L,0xe1940d5a4ca42901L,
-        0x792cdc63294ccde6L,0x5be5af8a4446ebb1L,0x00000000000000b8L } },
-    /* 33 << 420 */
-    { { 0x34fc69cbeb2f5277L,0xc7e5637326425593L,0xb0a2de928f05fc88L,
-        0x143963814468bb18L,0x926b5160a3b0a9d2L,0x8af3d2af44487fc9L,
-        0xf93e45cc3bea6d12L,0x6a8eaa6a97905e78L,0x0000000000000184L },
-      { 0xe3d982841f13bdd8L,0x8a93c07ad628c0c2L,0x12ff398667d10ab3L,
-        0x9de71f1a25b30544L,0x4193e07914788cedL,0xa297bf3b8979e06fL,
-        0xaaf8e7c8a5c33e4fL,0x996bad366c986dbbL,0x0000000000000192L } },
-    /* 34 << 420 */
-    { { 0x3cc8f593e5967354L,0x6526ed4871aed083L,0x6ed8306e8209df3fL,
-        0x3b6811db26d0cc40L,0xfecb44243ef4bfc4L,0x7b1d0c977c380292L,
-        0x5f8d1053f3155334L,0xd5a6671d57606f5fL,0x000000000000018aL },
-      { 0x91a333f78ca15d85L,0xe401daa9ccaff56bL,0xecfc424a3642272bL,
-        0x293bac7dc265dabaL,0x3728937d35176032L,0x32095630b8dc5e90L,
-        0xa7e40a33fa3238b2L,0x800e51aed54ae7b0L,0x0000000000000112L } },
-    /* 35 << 420 */
-    { { 0x5e9ddc946cfe150dL,0xe80cdf7de931ae6dL,0xd653e42269e75084L,
-        0x5f2457112d80bb7eL,0xdf34a45bbaa1ff31L,0x4aa1544db4555a76L,
-        0xbe131a26420ba11cL,0xeef42ea9df8e840cL,0x0000000000000075L },
-      { 0x0954b8900447d3b2L,0xb56748258273dd87L,0x4e475be49554e8abL,
-        0x9565d985123d94dbL,0x5c2d1bcec2abae12L,0xe74826e441d39436L,
-        0x0a61e8d6e5c430daL,0xa6db3e630f131767L,0x000000000000012bL } },
-    /* 36 << 420 */
-    { { 0x48ac5636f221fa1aL,0x8b75f29afa87732aL,0xa56becb1ba0db0ceL,
-        0x372230897daf8fc9L,0xe2569a163d2f2365L,0x52509c3fe5a4b5a5L,
-        0x78158611cfa993eaL,0x9935db074f0642b2L,0x0000000000000099L },
-      { 0xbef1547fa883def9L,0x5ea9d1b0c3ffcd28L,0x4aa992f9e8cd0500L,
-        0xc259eb625a46f7beL,0x242f5516e7d4212bL,0x7abf19ecd6fbd446L,
-        0xc95987380d54d6a5L,0x5622a0476a7b5e9bL,0x0000000000000190L } },
-    /* 37 << 420 */
-    { { 0x0f55ed468bf89a5eL,0x1cfc2ac48952261fL,0x9c3c347ee4cba9c5L,
-        0xc308a0f46c3adde6L,0x01054a9145571f72L,0x1cd4829193982030L,
-        0x74fc84ff51306753L,0xdab8cd4e8cfdaa2fL,0x00000000000001a3L },
-      { 0xa224dad5cded7237L,0x49d51a129bdf65aaL,0x09a36334a4f5586cL,
-        0xba0faddf2ae77a6bL,0x07b748b72f29e747L,0x9623f46e3478ff8eL,
-        0x518b3bbe8b3af3d8L,0xc4fee8ad78840f15L,0x000000000000017aL } },
-    /* 38 << 420 */
-    { { 0x5650b564bd61ce2bL,0x7eaef69224f299e2L,0x2a0df96fe6d4489cL,
-        0x812d43518ce9d28dL,0x0815a72b59e9646fL,0xd7c2973b017708e9L,
-        0xbb2ff9abd4d799b6L,0x2801293e04228a85L,0x0000000000000120L },
-      { 0x509c20ae3c5f9553L,0x0b59b77c393ba611L,0x2635f780da2c8feeL,
-        0x8f2a267b41f93f7aL,0xff6659a7537ae88bL,0x9a224d7a7fa76913L,
-        0x191113ed42cad3dcL,0x0fc807e43f06db46L,0x000000000000015eL } },
-    /* 39 << 420 */
-    { { 0xc1ce03c9b0f7ddc4L,0xe9c3a1f6b5545247L,0x45e0feb9c1c782f7L,
-        0xe2c1170d5fa69f36L,0x155bf55e15407d53L,0x54d33d0902d578d2L,
-        0xf566ec081442a6ddL,0x4a144739f67fe9abL,0x00000000000001edL },
-      { 0xfb449e2032d83f99L,0x3efebd58fbbaf71fL,0xbeae9abcf8b67d53L,
-        0x64c6c39a442e271aL,0xed0b3ffbd8510f0aL,0x778a250b882c28cbL,
-        0x8924bca243ed493eL,0xffbe451e7e1b7b11L,0x00000000000001bdL } },
-    /* 40 << 420 */
-    { { 0x75b27730fe4c5bdbL,0x00613beabd678c1eL,0xb12a8fe817d6e608L,
-        0x5c6ce1ae0158785fL,0x72f9e5dc1ed9f069L,0xde5caa848a05f3d6L,
-        0xccfb76716536f0b2L,0xe7378e81b634be60L,0x0000000000000045L },
-      { 0x61d85c77f724dd8aL,0x91b6e75dcbe10dadL,0x382bab75adeb3740L,
-        0xafa638046b3b344cL,0x136d755fe8d2f35cL,0x45416ba496ee3d72L,
-        0x92533b2be175a63dL,0x51facb6560cbc9c8L,0x000000000000001fL } },
-    /* 41 << 420 */
-    { { 0xa9020bb2bf0ca667L,0x2433b9c5d9660317L,0xde04b705f3de0b9aL,
-        0x46fd25b653ec2cd6L,0x0448e5dd4960b51aL,0x4c06d6a16721a33fL,
-        0x19f91ed6655171b5L,0xe5974b3f78df179aL,0x000000000000002eL },
-      { 0x77b2230d27199e71L,0x3a655385f30abd35L,0xf5e630e34fcdf51dL,
-        0xd65f90c494535658L,0x01b3c3083f9ebddcL,0x209f2e378f886a9fL,
-        0xc6145c12d24b1178L,0x1431a5087dc07344L,0x0000000000000119L } },
-    /* 42 << 420 */
-    { { 0xee3406d1e638a4aaL,0xd688467a2fffd8d4L,0xe56cbf66141afb81L,
-        0xa3b39278d2093407L,0x4e0e475b63f0a6a5L,0x0cde9be59e82370bL,
-        0xb20476e7f6a08824L,0xc9193506ccbbb74cL,0x00000000000000caL },
-      { 0xe4d9074c6fa10c37L,0x4519eecae5095ad7L,0xfc5f4e21a6b9417dL,
-        0x14bafee71076f557L,0xf6999f8b3b0d7e6cL,0x0fff28293d147610L,
-        0x9db346f7c1dde148L,0xc3648d0cbb06be0cL,0x00000000000000adL } },
-    /* 43 << 420 */
-    { { 0xd9b2900c41e98124L,0x535389b81e5e8d0eL,0x1eafd301052df92aL,
-        0x6fb1af8781c04ce8L,0xbf53896454faf2a5L,0xa6d771c9c33d4cd5L,
-        0x3cbc0b99b7985721L,0xa8fc80fb4bffec76L,0x000000000000001bL },
-      { 0x669d9031eb22ffc9L,0xff1d9af297694f7eL,0xa9583293f7b30304L,
-        0x8c0ec270de3e2e04L,0x6e6490c9ac3051afL,0xe554e8fdb77d165cL,
-        0x2fe899dbd7547c9fL,0xbcd900fc5d034decL,0x00000000000001ccL } },
-    /* 44 << 420 */
-    { { 0xcd1ed5190f67298eL,0xbd6ec57814d77ae9L,0x6d8b2ab4f38a5da3L,
-        0x55d9555be9a51909L,0xc4988f443f290779L,0x403297f645c00586L,
-        0x1df14102017a5468L,0x81aba58618d98daeL,0x00000000000000e8L },
-      { 0x8fccd75d3d78fc68L,0x727adeed26fb1966L,0x1e7cd41598a17cb8L,
-        0xba026b83de88062cL,0xc11e4bfe933e04c7L,0xece90a097abd303aL,
-        0xf09a827b0b73aa6bL,0x31e7471f9fe9d6deL,0x000000000000005eL } },
-    /* 45 << 420 */
-    { { 0x65d2e86156ac524bL,0xa0f398c44dbd7a05L,0xb51e471f247e0ebaL,
-        0x6fb7515e1cd2b3c5L,0x8d4129cc4019d508L,0x1523c52fe21dad33L,
-        0xe929492f2319f582L,0x76c5862899d946d3L,0x0000000000000160L },
-      { 0x4cc4e9553641774aL,0x469e1d4c39518dd0L,0x679e1cf2dbb4dd35L,
-        0x5a34378a7e756f2cL,0x09fe4915534df7d3L,0xbf6a2c47eb2dd58eL,
-        0x073d3889e26761b2L,0xa6edc4da1ba2ad04L,0x0000000000000133L } },
-    /* 46 << 420 */
-    { { 0xa43aa7fb067722b4L,0xc7bd872e2d19638eL,0x04d8838d6683f1acL,
-        0x6df5e4441167542eL,0x7aa48da719d4b02fL,0x81f9fd58f6237d71L,
-        0x91f5815c17ba998eL,0xb9613d178d8d72faL,0x00000000000000a7L },
-      { 0xf529d3986a6a407fL,0x6d22899caccae345L,0xd126146a563863dfL,
-        0xec3241f617f1f2efL,0xe09a57205e69f591L,0x8ef992d3c00ffad8L,
-        0x872822af82dd79dcL,0xa8cc65a6adf02b46L,0x00000000000001e3L } },
-    /* 47 << 420 */
-    { { 0x67777d056c680d36L,0xcee0e9eb765a8da6L,0x8e18422e2410bd23L,
-        0x087b9b2bd73057baL,0xf6ed0c4373a435b8L,0xbae2117c0aa2620fL,
-        0xb97d1cb5d9ba7028L,0x417aa6bec3f20528L,0x00000000000001d8L },
-      { 0xa6daa33f114871ffL,0x889c853e69e3c506L,0xfb5cef1de42b8ed3L,
-        0x249b0fe7e2ec351fL,0xbb94de883fcae45dL,0xfbfa5c9f3a94cc20L,
-        0xb80b5bba253c1736L,0xb23924460770b8ccL,0x0000000000000171L } },
-    /* 48 << 420 */
-    { { 0xc7d454186a52747dL,0x034cb6d1523d74d6L,0x073a404e0e2b859bL,
-        0x9a38e6d89345da73L,0x4c4771d5c7fdcce3L,0xaee8c00c025c1423L,
-        0x10c94e72d7203e0cL,0xea9f58bb4547289cL,0x000000000000000aL },
-      { 0x030c1df531b952a7L,0x8177a6e11d47e37eL,0x9e2222b0de6f3c0eL,
-        0x1ed75c871399560fL,0x9b818c5d829af1e8L,0x75c7751945db80a1L,
-        0xfac13445d73c446aL,0x91a2741362844292L,0x0000000000000027L } },
-    /* 49 << 420 */
-    { { 0xcb7db4ccc19e2d86L,0x829ccd00df87335cL,0x8d2d73e940ed4392L,
-        0x926cdff5b78c8289L,0x1c76f094e7cc750eL,0xadeb089fa3a6923dL,
-        0x1d1946c3167dc508L,0xca796f6852a57472L,0x00000000000000baL },
-      { 0x94ba42d7a1526724L,0xee549d5ca5fd1158L,0x9e5da9d47645a4d0L,
-        0x05d4d6efcdd6a638L,0x5619dcf729ddb41fL,0x34ae766d98d04e6bL,
-        0x125b901956b51686L,0x5127a0b08ce76994L,0x00000000000000fcL } },
-    /* 50 << 420 */
-    { { 0x8040cbe83e0a2ad9L,0x8be1ff91e6cf93d6L,0x03b887834d371ee5L,
-        0xd70eb00752a3f93aL,0xc3cdb6cfd333a1a4L,0x5edbb599b8f27078L,
-        0x339236a4e1faa8f0L,0x70c8fb9a461463d7L,0x000000000000014fL },
-      { 0xd55dbd41033fc6e4L,0xb53ee32b3a7e3f55L,0x2274a2d905b7e980L,
-        0x9b037c48b27fa57bL,0xb0584718ce3683cbL,0xfe230ee62cfae448L,
-        0xe3f0c7eb7fdef3bfL,0x5c3af24ba17e64d1L,0x000000000000016fL } },
-    /* 51 << 420 */
-    { { 0xe08921a1d2295f2dL,0x7b16da7bc2d62e51L,0xab35c918b7fa9ea8L,
-        0x809eb392dc39f49cL,0xf094f0be00be5695L,0x1a7d60ef782f29ebL,
-        0xf0a9dd07968759d0L,0xdff0d6565ada0b06L,0x000000000000014fL },
-      { 0x0875da554d4c798fL,0xbe726982435ee34eL,0x1e880746a069c9e9L,
-        0x0ea957f7eb120213L,0x5f88c63e19f064ebL,0xe07a2047c8a7d994L,
-        0xafd33fef4aeb2130L,0x4b7ad49154e880eaL,0x00000000000000ceL } },
-    /* 52 << 420 */
-    { { 0xf090e674c02453a8L,0x95c5135eb672a218L,0x5cfa269b7ad4f0b4L,
-        0x35da68b2c36c7952L,0xa8fbb5981f48b8f3L,0xbe2cf8255897269aL,
-        0x503c997f3d216a5dL,0x365f223401fba58dL,0x000000000000008aL },
-      { 0xac2cc265454cbfadL,0x36c3406228c1232aL,0x55d6f9f6d9c91dc5L,
-        0x7ee8f96e911d7488L,0x7f9b42d548f93862L,0xd6e242b2add639dcL,
-        0x03131280d2d1eba6L,0xaa3096d2db5b01c7L,0x000000000000009dL } },
-    /* 53 << 420 */
-    { { 0xce23ccbc11c799f0L,0xb09e370e6d8105a7L,0x05002372a187616aL,
-        0xc34d46e4f41c6585L,0x365fdffff1641b50L,0xd78b6bd5d5283ee4L,
-        0xd5855eced0d84ea5L,0xf3490e30a484c1d3L,0x0000000000000093L },
-      { 0x03d85dfff30302e3L,0x800f89f9fbcd54feL,0x75a431e4a8a7bb3aL,
-        0x46a785f87b30b1ecL,0xe90e2b361de5152cL,0xb5b65fcde4ed0df0L,
-        0xd8682ed77fd1e92cL,0x805419c72392b876L,0x0000000000000177L } },
-    /* 54 << 420 */
-    { { 0x036072e3602365d6L,0x0eb6814b499d5b3aL,0x02dabe21585e81b9L,
-        0xe58f4a6353272f40L,0x442c5511aed0d19aL,0x8c880c028d85cbd2L,
-        0x187265ff24a978b1L,0xcdd62d82452fcf0bL,0x000000000000014eL },
-      { 0x8142a2909cd1eeedL,0xeb03b362317c3443L,0x7814dac5d2cf66e1L,
-        0x3d24c15dcdd1a642L,0x1579027d89e46eb8L,0x25bc682cc0c6830fL,
-        0x952370e314712b5dL,0x579a2c0fa50221c1L,0x0000000000000071L } },
-    /* 55 << 420 */
-    { { 0x3a88a023b129f90aL,0xaf0c62ef2525b31aL,0x89e75e13756fc51dL,
-        0xb3ae0d9d7e69c4ffL,0xf8cd4b08756c7379L,0xbfb1d6468d905b47L,
-        0x35b759f3abfd39c6L,0x67ec7a6a8607a1fcL,0x0000000000000053L },
-      { 0x524ec8171b34aa5eL,0xcf1f37cbcce1b38dL,0xdab23e703413c644L,
-        0x4463a1e986c8f8fcL,0xfbb14a202b600686L,0x98b964a57c7bbd38L,
-        0x1fe6c9397c1dce81L,0x5ae65ee42a9950afL,0x00000000000000bdL } },
-    /* 56 << 420 */
-    { { 0xcf77ab4e7c68e159L,0x941498eb23a412baL,0xddd4b9272ac19495L,
-        0x516bfa1b32e1f686L,0xcd8eb8a8702d0649L,0xf0563debe4f963a0L,
-        0x1bf5e540fcd5127bL,0x0d588b6454eaa78fL,0x00000000000001f0L },
-      { 0xfa0dcab27de22d97L,0xc5760a0f5f48ea48L,0x0f8b46db3d33e0e8L,
-        0xa7a1f86fac66a28bL,0xbf23e7cb64923dfaL,0x8a7bdc180ee51801L,
-        0xd4d0d78ef5ffe76dL,0x54edfe409408a217L,0x00000000000000aeL } },
-    /* 57 << 420 */
-    { { 0x55f79f5cb58dd212L,0xf4801c93dc1260adL,0x658b2bf530175013L,
-        0x5d2a2e5fb90c6463L,0x8adcc6414c2f1448L,0xf4fc68fc1898dc30L,
-        0x04b471f888c1b9f0L,0xe70fe4ba798487fdL,0x00000000000000fdL },
-      { 0x24ccae8d0d4d95d4L,0x3be4976338fc4b49L,0x9586e6997912aedcL,
-        0xb3aa52bfb74cc6b2L,0xd96d0f460cc9b267L,0xf02f4f5a27bfd74aL,
-        0xb23ab22c46682e37L,0x9fefdfba01157990L,0x00000000000001fbL } },
-    /* 58 << 420 */
-    { { 0xc90121b8f156217bL,0xaaf825757939b674L,0xf60bf6a8dda00f0aL,
-        0x5d5e16d8eafba2edL,0xe920fa52f2b9d2b9L,0x4128025e7b9fd078L,
-        0x9abb0d5d331b9fdbL,0xaecee7f1b6dad1b1L,0x000000000000003fL },
-      { 0x4441c32ff77c8fe4L,0x3896a2fa0b254727L,0x2fa20f175bf54dabL,
-        0xaef65731d543e3feL,0x2fd6c568ba9dd36bL,0xcf4d161a1fa960f2L,
-        0xdb09ef161aa90dd4L,0xcec37c14a86b9292L,0x00000000000000f1L } },
-    /* 59 << 420 */
-    { { 0xd9f6ad7dad254f14L,0xf94afff19d0754d7L,0xc7fcf1aa7390a63fL,
-        0x3e1401b4dafaca98L,0x23119a5fb1b00455L,0x2748906273ba24dfL,
-        0x1786deafa8263814L,0x147175799fc6cbbbL,0x000000000000017fL },
-      { 0x79696e9e66467ce5L,0xbf7b7b6a3df74e9aL,0x9f13032837bfea44L,
-        0x63fac8d5afcbe8dfL,0x0b3aea515eca7aa6L,0x77a62c62deeb47b2L,
-        0x0afe2fa8ed28a210L,0x1a7e4b557e34cfc2L,0x0000000000000146L } },
-    /* 60 << 420 */
-    { { 0x2d1c3c48a6c00b46L,0x8e2190ddd2e6f87aL,0x3a98a1d1a272ae2eL,
-        0x38ee3366d3fe5d39L,0x57fc9b50c56eaf4aL,0x8593e95fc6fe6f1cL,
-        0xae51c967e1d59d7eL,0x2a5dbf23f599aa76L,0x00000000000001deL },
-      { 0xaedd9ccf7307c238L,0xb26cc95d943b18afL,0x58338caf644bef84L,
-        0xdae311b916f04018L,0x6ba2c14073b20692L,0x7d1e2f7269fcd5dfL,
-        0xf9a0763ce750776cL,0x17496ac5f959c158L,0x00000000000001b5L } },
-    /* 61 << 420 */
-    { { 0x6cd44056369b1126L,0x76163c1b5053300bL,0x9ea62d1ee93928b5L,
-        0xb19ad078adeb0c1eL,0x0df14acad93446b9L,0xbeb6ed1725011b4eL,
-        0xb1cb0790181ae9ebL,0x39777187d2012ffdL,0x0000000000000084L },
-      { 0x7017109513039577L,0xf2401d4a070d136dL,0xe313554aa0841a4eL,
-        0x0fa389e5e8d0c631L,0x2ddd35cd89da61a3L,0x0baa99b9c6d8d4b8L,
-        0xc10864df82dbd5cfL,0x45d1a07927e73c87L,0x000000000000014fL } },
-    /* 62 << 420 */
-    { { 0x2b23cfa513f0114fL,0x150fd33dbc4f0b34L,0x12c3170a9ad79bb6L,
-        0x46d0cb95b1beb85bL,0xfb7ffa77416e67a0L,0x342c023411484398L,
-        0x7a141e512f2b0cbfL,0xb78b3cfa27ab4f9bL,0x000000000000010bL },
-      { 0xb5e185cacd2372daL,0x6c10c435389aafc8L,0xf00d3d16deebb0a3L,
-        0x15de86422e5f7c40L,0xe3855c8935e337bbL,0x400e20877cfc7e5aL,
-        0x8ee2550c2e37e8b1L,0xd0621db2323e0fb9L,0x0000000000000083L } },
-    /* 63 << 420 */
-    { { 0xa8116eb9db8f861cL,0xf130b16a474aad84L,0xaa22dbec029b6996L,
-        0xd71690ff74108051L,0xc18b20fbc8203260L,0x4768ee8e652d96b6L,
-        0x6533a2229ca212b8L,0x282f0d5a448c7ce1L,0x0000000000000155L },
-      { 0x8dcbf8c7a62c88b9L,0x899d99fa49028cc9L,0x6b585197d1d43367L,
-        0xf977bac51bc4e9beL,0x9a829b1ce9a20a04L,0x2ae79e6892febd86L,
-        0x688bf2ee19feb821L,0x3e7f2232c81dfa25L,0x00000000000001f1L } },
-    /* 64 << 420 */
-    { { 0x3d239c6b6a81c377L,0xbf4d092e7bcf552fL,0x3d2af909abd2cae8L,
-        0x3d5ae04cebef1533L,0x9c57ddd8c7d656ceL,0xa345ac44c552693eL,
-        0xc66e8710b604ff42L,0x5743b43318cb68b4L,0x0000000000000170L },
-      { 0x2ae332c9427e80c7L,0xc3c529d4dcaed647L,0x1d1a183473f44043L,
-        0x4f5155d63b71f27dL,0x4239074473ee7e4cL,0xb23433b84e09e697L,
-        0x9a4264daa60c57c2L,0xa7f72ff8486992ebL,0x00000000000000b7L } },
-    /* 0 << 427 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 427 */
-    { { 0x1352b764a2839e80L,0x61a50d9716058b22L,0xbd02c6879d6ae08dL,
-        0x1349ee8b6679516fL,0x3d7e69c9bc4c2fa2L,0x4c2e12a10d24e1fcL,
-        0xc69535a147436039L,0xa477f86b0ca25c70L,0x000000000000011dL },
-      { 0x756e379c2a4c1871L,0x4d0b08b35943df83L,0xd8a9b302cd8f5abbL,
-        0x53865d1e8c240617L,0xd422a9b114a2e093L,0xbdbc3d7d03014fdfL,
-        0xa4c8b35a11578dd8L,0xe4427ef87a3afbc1L,0x00000000000001c1L } },
-    /* 2 << 427 */
-    { { 0x8af346c57d874400L,0xd9e98cb571098f45L,0xdb40081079565740L,
-        0x0f7625ebed9a7dcfL,0x5d1415d0c93d2542L,0xf87f74b4688d0692L,
-        0x9fa2e31b9f648523L,0x4e505024cb387129L,0x0000000000000006L },
-      { 0xe2087f9c446e7206L,0x60f69447b48bb585L,0xda3658622020bbf2L,
-        0xc8a263673cd51256L,0x8cc663b1c62f7c5eL,0xc86d4165e72bbd20L,
-        0xffce9039aac68be3L,0x6c6c747cc3c360a8L,0x00000000000001d4L } },
-    /* 3 << 427 */
-    { { 0xa74637fe39b2b1cbL,0xe81e51e9f280efdeL,0x450ba9ae6356c12aL,
-        0x0d23bf43d9768f5cL,0x686e344b1c4fa118L,0x3b6f0edf9ecf4874L,
-        0xf51830635a22fdd0L,0x6ef7d57de9ae039aL,0x0000000000000046L },
-      { 0xa6a7f6f54fa66238L,0xd61028909787026dL,0x12e10e29801cc4bfL,
-        0x660a4c82e98a16b5L,0xc22e4d53415ec2e6L,0x4c0ac2c10e64c2faL,
-        0x2d2d2bc87c576994L,0x843f23adfaafdf3cL,0x000000000000009fL } },
-    /* 4 << 427 */
-    { { 0x290e4ff1781f48a0L,0x020d9e3d66d6f7ebL,0x1c0da98e084d19d4L,
-        0x42c64660030dd190L,0x996602dd29aa0eb8L,0x7719fb105d0d86e5L,
-        0xe20032629145140aL,0xd2dc210c97e687a2L,0x00000000000001e3L },
-      { 0xe704ecdb18c76449L,0x30a4377044131380L,0xaec3cf4b372cf9a8L,
-        0x4033c8c03df882a5L,0xa5e23683969af81fL,0xf42c5b9580263b3aL,
-        0xbff4ed559323c9c4L,0xa1d992b800ef132eL,0x0000000000000100L } },
-    /* 5 << 427 */
-    { { 0xc9701a1591849a47L,0x05a00e8ceb572ad1L,0x0d5062393cf6f9dcL,
-        0x6434131bb421b5ceL,0x1142248aa0c289e7L,0x9b5a89d75735da7fL,
-        0xbf8377d6e3ff625eL,0x076cc0af36a7fa2eL,0x0000000000000173L },
-      { 0x8e8aab15aa837baeL,0x96c61e2b389fb0b3L,0xe4f00866954a8633L,
-        0x9db8fd3f8311855fL,0x317810367e76eae0L,0x4633933d1aeb3b62L,
-        0xc47a2dc1cec925d4L,0xae1c392369aa084bL,0x0000000000000002L } },
-    /* 6 << 427 */
-    { { 0xad854bde1842eb75L,0x52d44a39fd913403L,0xde2d5fdd964bf528L,
-        0x00fc48b0be2d138fL,0x497778287968e858L,0x326f8a6379b5f778L,
-        0xb093b6d8026ee753L,0x36bd9300067c336fL,0x00000000000000b7L },
-      { 0xf63d269d3d3b0373L,0x7fd4555e8901ce7aL,0xfeb8a5abf0c00754L,
-        0x2b855524d1e4f38aL,0xeb245c9a10593ea9L,0x8d0428915303ae29L,
-        0xcc86c4617be4ec45L,0xd05d843bb1a35c03L,0x00000000000001a0L } },
-    /* 7 << 427 */
-    { { 0x2c5034d201ceebebL,0xe55562ee8a5f5149L,0x72de18472b04dec6L,
-        0x59f580cc12742363L,0xefc95b49fe90504cL,0x1f7355ee93d13fb9L,
-        0x2ea3bb73ec8811e6L,0x8f5c272a92208e52L,0x0000000000000068L },
-      { 0xeba0c66dc7f8b064L,0xda096db86441a58eL,0x345dce44b56dd9d4L,
-        0x4adfaf2326fd92a4L,0x35c0f9a74a8d2df2L,0xa2a0f0cf8a6afa89L,
-        0x05a14a6862097318L,0xb10a3b7dd8a0bf21L,0x00000000000000dcL } },
-    /* 8 << 427 */
-    { { 0x4a3ba7d35a80eea6L,0xafabc45f138ed8a4L,0x8500a36b08955eb2L,
-        0x3d6b2ec617a6c2afL,0x23470f5958d5e66dL,0x5db86555a1df0eacL,
-        0x3a2e16179974c9bcL,0x08480d1eb4dfe2e6L,0x00000000000001d8L },
-      { 0x89ec8a91c3dca584L,0x6c06d419f2aac2beL,0x427cea3ca57e58c9L,
-        0x54ae1a697b0b1b12L,0x40b5c77e3965ce2bL,0x3223c7e53ce07598L,
-        0xc2df893146948ff6L,0xfd997c8655d12af0L,0x0000000000000155L } },
-    /* 9 << 427 */
-    { { 0xcdba58e2ed6d1a95L,0x345e6a00b4ca1bdaL,0x1c65f4f8b08907d1L,
-        0x99506f0ad15a285cL,0x602479cf8c31df19L,0x935e607397b6aa05L,
-        0x57d3627e1d814bf3L,0x4161619e26d070f0L,0x0000000000000085L },
-      { 0x5ef502f18fefd13fL,0xc0a551ba2241012fL,0x655978a86c235318L,
-        0xf708895cca82f195L,0xdf32de1a7c5dc00aL,0x53014f9711d92fa8L,
-        0xcae56947517ce815L,0x58e0469551904244L,0x0000000000000014L } },
-    /* 10 << 427 */
-    { { 0x615a13d91bf64aabL,0xad0c56a0ee125e48L,0x5622df0d2f1ab618L,
-        0x7331c9b97e465f36L,0xe9f79f235e69238fL,0xe71d8ade22200715L,
-        0x0f2c7539c1111751L,0x0a3e1894b9287b5eL,0x0000000000000172L },
-      { 0x20e9e6d2311c0623L,0x2d2ea9d91cc824f0L,0x4f188539344e1b73L,
-        0x468983b4a32ce555L,0x5a610f7ab185efc3L,0xa65ed115dff9f69bL,
-        0x61f20b69f79d8be4L,0xa496802121d50124L,0x0000000000000036L } },
-    /* 11 << 427 */
-    { { 0x6e2e5357dec7c016L,0x4331a55e19d6b3bdL,0x03e618cbb8047f97L,
-        0xcacb5933d8cd8c09L,0x0121db5bae62c20dL,0x7347fc4d471bd47bL,
-        0x1dbed250b2369abcL,0x1385da8b0b503a86L,0x0000000000000184L },
-      { 0x05b1de38c3dbed55L,0xb9e877fc80818aecL,0x28143964ac119fb7L,
-        0xce773a4ccc648a43L,0x1f71b5d4d0138213L,0x0029fab77e42530eL,
-        0x789aefc3fa18d353L,0xd6a441614d6b5903L,0x000000000000007aL } },
-    /* 12 << 427 */
-    { { 0xf393bdb41c4e903aL,0x7c7be529356e8b65L,0x17cb86bb5b85085bL,
-        0xda6493819224b373L,0x53b88eb810832b05L,0xfc02cb4798c0250aL,
-        0xf46c49940f0221ecL,0x28376e37eac2ffc9L,0x000000000000002dL },
-      { 0x2f6c2ff9afc8827cL,0x12ff0f5917ef8723L,0xac1aa2d22455917dL,
-        0xad3764b0f8910f17L,0x5d4a355c3bdf893dL,0x7387c7a3eeee0b8fL,
-        0x9b3e2f884356038eL,0xf4affafdc75003b5L,0x00000000000001aaL } },
-    /* 13 << 427 */
-    { { 0xc1e3b4605aaf5b29L,0x81e82a8aae180dafL,0xf37efa0d445e87c0L,
-        0x599a537e16e6330cL,0x85bc6d9706c410f0L,0x28d5a15fb362500aL,
-        0x2ff92fb621b87c85L,0xebba633facf33979L,0x0000000000000105L },
-      { 0x7fc199a9dec8dbeeL,0xef2e49ebc489b71aL,0xd7f6fce89a528946L,
-        0x169d0a2ef358dc52L,0x6a61d2c891922c6cL,0xd2aef478e59327faL,
-        0x6def24948ef04d83L,0x253711d72f66173aL,0x0000000000000092L } },
-    /* 14 << 427 */
-    { { 0xd7de8cd0fc9be442L,0x0a52e40fc9dde6a1L,0x05a4ff641c7149bcL,
-        0xcc966d0d5f2f3aa5L,0x5ece6a196e2d25cdL,0xcd0a1086f6441a77L,
-        0x1c27360085904d79L,0x44a59f2ecf8c85acL,0x00000000000000aaL },
-      { 0x266fa397db6bfcdeL,0xf68d7a368bf6394fL,0x0d19162214a079d4L,
-        0x3fc59bd33f93fde7L,0x9edbb13e691c417fL,0x50a5045a4b6d9aa9L,
-        0xf5f738d8a35b9642L,0xd0fab4f3471d4f3cL,0x000000000000013aL } },
-    /* 15 << 427 */
-    { { 0xdf87750b40973d15L,0xbaf02e703fa8caecL,0x7020957bc8144da8L,
-        0xaf4275cbd2578871L,0xe669df8d0500056dL,0xa432b1d84391f122L,
-        0x576be73ea4c4e08dL,0x63de36a3db2e9164L,0x0000000000000025L },
-      { 0x5e3a636c0af7f448L,0x7abe9a07bd788577L,0x6a39bb248b212db0L,
-        0x1d99e0a5aa72098cL,0x75df398dc0ed5bccL,0x730e175316ac1e36L,
-        0x5029aa6376079634L,0x30538a42216528faL,0x000000000000004fL } },
-    /* 16 << 427 */
-    { { 0x85c4bd23ad5b7e60L,0x9a21b0b0f41a63b8L,0x368399f11991539dL,
-        0x67f2c9217b2b3b1aL,0x7dc0513338b4a267L,0x3ebee98741104a8fL,
-        0xe73da9a9f8687167L,0x04b9f294155f4eb5L,0x000000000000007fL },
-      { 0x1adb7a1453dcbf7eL,0xfbc526ae08b7789eL,0x004fbf8fa1f9c5cdL,
-        0x7ca3ff9b48b46608L,0x08a90d3083829a47L,0x90a442adfe3c66daL,
-        0x36d2d6bd4c69b3fbL,0xd5307e6b67675cc3L,0x000000000000000aL } },
-    /* 17 << 427 */
-    { { 0x8523cc86f38cc458L,0x6f95b125c82eb162L,0xde7e9372e4770eb9L,
-        0x20f67d244ffcff31L,0x88c19b6d857e009eL,0xa6e94060846c385bL,
-        0x9b4a3fcbf5f6e292L,0xfd730d62d494452dL,0x0000000000000053L },
-      { 0xf1d11d02d9c01d92L,0xbee1f672d81f0bacL,0x43333ad7d8fa5d6cL,
-        0x3ea8f6fe8014dbc4L,0xe69afa5323c7799fL,0x1a60df1e437b3c02L,
-        0x3449cba2fdfeb094L,0x79636fbbe1d7af5aL,0x00000000000001bdL } },
-    /* 18 << 427 */
-    { { 0x38d50ae2b1340c26L,0x98d9a11bbd6c48bdL,0x71342c9d2a770fb2L,
-        0x641b25aad42c16b6L,0x9b9caa6900a7b958L,0xb2e0f3d21c6f21faL,
-        0xcaa3c0854ebdff9eL,0x907443377ff33500L,0x00000000000000a5L },
-      { 0x680bfb3c9295497eL,0xcd4c1cc25be8f97dL,0xfe7dee3bcb911f56L,
-        0xabbdfd216980d877L,0xc134efd566109f84L,0x83200bc03adbce88L,
-        0x1ae3359ddecbf40aL,0x4f63adbe2135d328L,0x00000000000000aaL } },
-    /* 19 << 427 */
-    { { 0x0afeb995ee429693L,0x1a1793aed33c2875L,0x3011c348aff376dcL,
-        0xe14d4d40fa291a4dL,0x2bc85ccc328ce212L,0x51afc390ca16ac0dL,
-        0x7f1f2524cea3c7a8L,0xfad2721775fcaef7L,0x00000000000001f3L },
-      { 0x23419bb74f5163b4L,0xe4520607ab546931L,0xb6f171a4246b5851L,
-        0xf6f00f0a4c8e6602L,0x4a84dc07f25bba45L,0x9f1eff155959d040L,
-        0x686a15867d49ceadL,0xec9e5a8da8990689L,0x0000000000000173L } },
-    /* 20 << 427 */
-    { { 0xd35b9e3138ccdc36L,0x193d19235b283364L,0x3f11086716ac2730L,
-        0xc858771ef63f67b4L,0xfa465ba5426ad999L,0x2f23aeb634208c28L,
-        0x1804c3f488e3b573L,0xd40adabed5865046L,0x000000000000018fL },
-      { 0x43f3fab933b8a100L,0x854d92b7b1bdaae0L,0x71b54f79564bdc47L,
-        0x45a21a1a1a5ba2b9L,0x34e2636ab2f40276L,0x30a97302e43c1e12L,
-        0x1c8b46c36422eed8L,0x788d649283623652L,0x0000000000000055L } },
-    /* 21 << 427 */
-    { { 0x9fe3e597bad87407L,0xbcc2af4e9450ec40L,0x45a510949f71d8dfL,
-        0x5209eee4afaf3e95L,0x029c59ab77b5c348L,0x16f2acc25e10ee90L,
-        0x640a7d135b710171L,0x51eff75a282ebe98L,0x00000000000001f0L },
-      { 0x38626ea764fe09f8L,0x8503a9d745408d36L,0xeff27b96d1a3ecf8L,
-        0x549fbb5cd78b52d2L,0x95215d10884f4653L,0x2d1fdb98b1ae33ebL,
-        0x0e0cd5f91008a6a2L,0x43c9181326d87e9cL,0x0000000000000031L } },
-    /* 22 << 427 */
-    { { 0x13cc8a3798a740faL,0xc99aa3ed2632ece5L,0xeaaeecd6b9e1c72bL,
-        0x3aec5c4956487374L,0x89a403cc14674797L,0xca0ea19a6e0c69ecL,
-        0x86b528a68ed9f435L,0x06be957dbce563b4L,0x000000000000005dL },
-      { 0x35d9c838ca34abfbL,0x0dd8cb6d4f813c5eL,0xaac57a0356dfecfdL,
-        0x0f11909337223e93L,0x5f8781c95b447b8eL,0xab2f96c0ed13b66bL,
-        0xd38636ebe3af9074L,0x296c578268da2b8aL,0x00000000000000e1L } },
-    /* 23 << 427 */
-    { { 0x4a1ed69265e97671L,0xcda466e2890bce4fL,0x3dd5210c31b4d676L,
-        0x7061885e97026fe6L,0x5f50b6f7541cdf81L,0x1c1c3fd8fcdec849L,
-        0x77e19a9781cedc49L,0x35c05a1359b27262L,0x000000000000016cL },
-      { 0xe74e401b05aba6e3L,0x1da6d83aaca696c5L,0x6e9d07b3549455e5L,
-        0x5a121ee1c7dcb5d0L,0x34346781d46f00c7L,0x534b1136ecacb619L,
-        0xf196cbf3b24e6e3eL,0x7a31c822aecc0b23L,0x000000000000011eL } },
-    /* 24 << 427 */
-    { { 0xdfd43ebda9f23142L,0x707183f61ace42feL,0x2db54733954f2170L,
-        0x1a10e785e3a33da2L,0xef315020b848d1cdL,0x179454ce5ecdc048L,
-        0x845369cf13e1aee8L,0xb924faa0b536990dL,0x0000000000000012L },
-      { 0xecf9a0ef7d22a7b1L,0xc8dc42e20e95f354L,0x2db31a2ff194a767L,
-        0x31063e42b67924efL,0xebc3ca6c48537ba1L,0xc59746eba8363616L,
-        0x6c45f60203d2c783L,0xefc327471e59fd7eL,0x00000000000001a0L } },
-    /* 25 << 427 */
-    { { 0x38709b4b8eb4707eL,0xa07de12525ca12f8L,0x0cd83aa26c2d4220L,
-        0xb916ea38f1853536L,0x8d2d7f602bcb2378L,0xc7f353c265863a3bL,
-        0xef8293aab05aa95dL,0xc99ce91fdb80d1c3L,0x0000000000000077L },
-      { 0x66feb65f5751344eL,0x89587ddf80016cccL,0x9732106be14e338fL,
-        0xa0cd0f26164039f5L,0x3a4ac3f1c656cfdbL,0xe91d606cef332647L,
-        0x7c8dfb2328e19b43L,0x6d94937494d26529L,0x000000000000006eL } },
-    /* 26 << 427 */
-    { { 0x393a7dcbd3c3aa79L,0x8a3a2240a23c9656L,0xdbc3a5f8cf3eefeeL,
-        0x128e5df243801f53L,0x2915bd679f3b1e81L,0x9c317104741c8852L,
-        0xdad2c02867107eb1L,0x17c5c24994300eacL,0x00000000000000ddL },
-      { 0x8e33383090087c9cL,0x3b477580533f2a2cL,0xb6395d04a0b8fc27L,
-        0xe16f86d626ac5091L,0x376968721370dd63L,0x17277a7f0dbda08bL,
-        0x7cc056e800825ec2L,0xa37c952239724e7bL,0x000000000000002dL } },
-    /* 27 << 427 */
-    { { 0x16df84f88cdcb3d8L,0x08e2203eaa095d0eL,0x60356444b912565dL,
-        0xdb9fa32bdf68d347L,0x37a7a24fddb99999L,0xbec968d30327527dL,
-        0x9ced58e7e0d299c0L,0x3ec26b36eb40f891L,0x00000000000001a4L },
-      { 0x51fe548e3cbcb1dbL,0x9c7b645212019828L,0xafece3855d8853f8L,
-        0xa5b7e31c373f3ce3L,0xfe574de1a56827e6L,0x6b717d575b124f35L,
-        0x3478142156048b07L,0x2d0f9a599d2a86c8L,0x0000000000000131L } },
-    /* 28 << 427 */
-    { { 0xa8d55ba1f6f83320L,0xe7493496c4ee60d0L,0x55a0e10fe16bb4e8L,
-        0x7da768acaf161711L,0xeea132c0be96a3b5L,0x4a09ffff7fb41dcaL,
-        0xbd69c04713f6bf90L,0x4aeb854a82509b35L,0x0000000000000156L },
-      { 0xcb9c060d70f0c260L,0x91fab0dbf52f971dL,0xd2fac4c89dbcd806L,
-        0x92f23fa3266b3438L,0x01bb7d4b56ad0784L,0x0216d0acc864ea06L,
-        0x8c126be50b55df14L,0x9541a18baa2a1f85L,0x00000000000000fbL } },
-    /* 29 << 427 */
-    { { 0x10ed68cf51480510L,0xfa750fc26cccef7eL,0xc0a95e54120622e6L,
-        0xa7b8a3eb98cb5878L,0x67b9482d47b7a85aL,0x7ccc6eaafec17f20L,
-        0x0556723dce3e75baL,0x3e047342181e55baL,0x000000000000006fL },
-      { 0x58094d0329e6c93fL,0x3fc1c1fa454c358aL,0x303c9624fe9d019bL,
-        0xfec90ff16d018035L,0xf15f05418266f9bdL,0xf3fdb456cacd7be8L,
-        0xdf7d1fc03dd66192L,0x2b9617b8c3f9acddL,0x0000000000000027L } },
-    /* 30 << 427 */
-    { { 0x3f8344d51426b278L,0x8f7ddf8a9a9b479bL,0x1a964eb3c669901cL,
-        0x6fa4cd8fcaccb2c3L,0x65facc3706e7ad1fL,0xf29ffbb490a7f25aL,
-        0x3d1ad490e68a505eL,0x5a5cd3fa88d6e4e6L,0x00000000000000baL },
-      { 0x9ca4b1fbb503a9c8L,0x94938bf8ad8685f3L,0xe9c8fb4af178c339L,
-        0xbfc000d25ed5928fL,0x7b8b0f6ee7298bf4L,0x46c7096a7fba0571L,
-        0xde65dc553dd656a8L,0xee6b622341a31a9dL,0x0000000000000196L } },
-    /* 31 << 427 */
-    { { 0x17deaa271ffd501eL,0x2376a41b0d4ff4daL,0x35928095d8cf506bL,
-        0x1b4ccb2aa9312ac8L,0xd971fc980fc0131bL,0xff85e073c4e30e91L,
-        0x82420dfdf59f79d9L,0x81961c5f5d12f268L,0x00000000000000bfL },
-      { 0xa3167cadbc31557aL,0x5e3000588089f9cbL,0xf3b49fcaf6ada736L,
-        0xcf3a28d0502a7f0fL,0x547068bd5e020aa5L,0x9a8d88ed5537e4fbL,
-        0xfe8a3d5693f0d6adL,0xf8e02f75d71aa5a6L,0x00000000000000c6L } },
-    /* 32 << 427 */
-    { { 0xa66cccc8d6e1bd72L,0x1ea4e9214ae2fa5cL,0x66775af22d021fa7L,
-        0x6d711dfb2a4c4677L,0xddaae8bb5ae380b3L,0x53158994600f11fcL,
-        0xfeb122dbda94d443L,0x7cbf1afadffc21ddL,0x0000000000000006L },
-      { 0x03cfa731834bf891L,0x4e016085630b8032L,0x90cf9b5949db4d96L,
-        0x96fd2614335c9dddL,0xc02145108e3b98fbL,0x6ded06331da2ea2fL,
-        0x2bda6d769d0ead76L,0x4ba00e99f3e4fbf2L,0x0000000000000169L } },
-    /* 33 << 427 */
-    { { 0x92de07fbfbf8e53fL,0x73ac4f82b63807fcL,0xcc4f442b27affccbL,
-        0x2d62daf18bb57cefL,0xa7d49c8d70519e9aL,0x0c4b3d051b5b5b71L,
-        0xa157cc8f70d64bd3L,0xd127d42ce74f2b2aL,0x00000000000001cfL },
-      { 0x79eb99c7cb079cc9L,0xbdc25d7fb011154dL,0x872b357c399ce92cL,
-        0x3e6cddea714f21cdL,0x9f6164964b06671bL,0xb1830b11fb8072d4L,
-        0xf2fa236813044f12L,0x1ac80049e95ad608L,0x000000000000010dL } },
-    /* 34 << 427 */
-    { { 0x9269dc702740d740L,0xff34da75c999e65bL,0xff47227b44d3a050L,
-        0xa32b5a8c6930d914L,0x06a3fa67b194ccf2L,0x21f0ff632045ff06L,
-        0x76f08dc2f25f41baL,0x0effecd5071e60bfL,0x00000000000001ccL },
-      { 0x509f29ba52771829L,0x9c992d40f2b740d5L,0xd62799bdfa7f8244L,
-        0xb403785ce16a20e6L,0xe1a98c8c9e156027L,0x0d397dcdc18b859fL,
-        0xbac3cb83c9d70388L,0xc5316eadfb7d5568L,0x00000000000000f3L } },
-    /* 35 << 427 */
-    { { 0xc856f24cf4a0af77L,0x43161834b585a74aL,0xaa1b75e173f7cb2dL,
-        0x8349aa98061aefbcL,0x2e5847d2c610cfd9L,0xf1e0b1d393bd106bL,
-        0x6d239a5e14efc60fL,0xe7a6418f1e30dbfbL,0x00000000000001cbL },
-      { 0x8258a5df6955a0b2L,0x832126776e90817eL,0x63a78ff5110e989eL,
-        0x84dbefcc96ab15e3L,0x7d0a08c003ac922dL,0xbba5ae39a50d0bbcL,
-        0xe480626e9c7466f2L,0x278bc8daaa73d0feL,0x000000000000005fL } },
-    /* 36 << 427 */
-    { { 0x2df7a47e6a625873L,0x30bf6394d0cc5aedL,0x44f942da51af3189L,
-        0x2b700239ea2b12f4L,0xb5aea5e8e9af1742L,0x948b6b30dd4d5386L,
-        0x5eca1a7bab06b047L,0x19ab42c24f3f2baeL,0x000000000000013bL },
-      { 0x903986b0f22488a3L,0x9ccce9ec066ff5deL,0x8149450d08e6babbL,
-        0x176b2286cd8884f1L,0xa328bdd3c05b78d6L,0xdbaf8ea4d0b14a6cL,
-        0x139734eca2e92cecL,0x453c8e96dfbee5b5L,0x0000000000000049L } },
-    /* 37 << 427 */
-    { { 0x3e36dae1b3de3ea9L,0x4d67dc22b1048176L,0x9c3f39b27ca60a49L,
-        0xd4a75e25f7600352L,0x03dc181cd298be2fL,0x18ae60f43016d93dL,
-        0x871f677ca3a7aeaaL,0x1977f85af92c5d38L,0x0000000000000055L },
-      { 0xa51c1634692bb41eL,0xca455e9dc37c90ddL,0xf48be721c7a8731dL,
-        0xaa030d88b9da10cdL,0x35029fd9ed039c9eL,0xb3d2e1e89423f362L,
-        0x555246ed4ee59557L,0x292a8be6905a0decL,0x0000000000000088L } },
-    /* 38 << 427 */
-    { { 0xbfe67c557a8d10f9L,0x1e8167b2f54e78dbL,0x01cdca1f4234bfe6L,
-        0xbbd9a3acd655fafdL,0x02bf164c7854f6f2L,0x8241f9ff52ce9fc5L,
-        0x2fc147122689e156L,0x527855adbd0e10cbL,0x0000000000000143L },
-      { 0x8adcba30f57d2022L,0x95093ae15fc652deL,0x4d830641ad841830L,
-        0x702148f87da2878eL,0xf47d81009531f234L,0xd6391216ee253ee4L,
-        0x99e201a00732fabbL,0x693327a7a11d3ef4L,0x0000000000000037L } },
-    /* 39 << 427 */
-    { { 0x257b2c08a87a1545L,0xe1e118548a4a4ccbL,0x099d563158109e59L,
-        0xe395c06560d8cf6dL,0x2da7e6dbdac91c22L,0x113bd02ee0632099L,
-        0xcc7111b98d953366L,0xb76e6af3a5983204L,0x0000000000000047L },
-      { 0x0c44689c7bbce3a7L,0x26bc71a8fcb6c961L,0xf34027d8f31cdad5L,
-        0x1fddc33cd929cc3cL,0xeb5682a0eb37a1ccL,0x4755ba0df7ec039dL,
-        0x0a94d4aaf33d0836L,0x19e00d7947a72a04L,0x000000000000016dL } },
-    /* 40 << 427 */
-    { { 0x2cf3b1fa322864adL,0xe2206b9b9e3f46a3L,0x76348b0f41d0ce6aL,
-        0xd41b3ed8a4325cccL,0x9d9ccbb21d3405a8L,0x65abee1b7f11ee03L,
-        0xd977c7ab0aa890a0L,0x220e26661a890787L,0x0000000000000052L },
-      { 0x136e9c9769519db4L,0x2e563a4757f5ccccL,0xad3a43887feb68ecL,
-        0x5e71644ebca01b85L,0x45a4cd156a97b3f3L,0x3c8779307e5e79cdL,
-        0xf104f21a4ff32d62L,0x656dca67ee2e827dL,0x00000000000001c5L } },
-    /* 41 << 427 */
-    { { 0x538e141005d2dce4L,0xc517290ecb65b292L,0x171cde90f26b5fcaL,
-        0x0f58cb2f09e7a385L,0xe0c681b758c62021L,0x0f7f0891acc7ceeaL,
-        0xe8edc977a5872183L,0x073a1069d7756934L,0x00000000000000a5L },
-      { 0xbc2a3fc512d27ad9L,0x0207f142076be131L,0xa72fea2658f61ae5L,
-        0xb74a4667c5878639L,0x08b02b75d3027808L,0x06cc19d64340d00fL,
-        0x957bc371e56573d7L,0x97f805cca8bb03c9L,0x00000000000001f6L } },
-    /* 42 << 427 */
-    { { 0x942815d76ea3d821L,0x8881dd1046468a84L,0x30aeb26b67e28444L,
-        0xcc1f79d53d0d7f04L,0xe66ba1e36db5fadbL,0x307dc24b821415f6L,
-        0x3ca98ae0f143a003L,0x461e517a9e4c0596L,0x000000000000010cL },
-      { 0xf6873034c32523baL,0xacf66d608fc9f270L,0xa7bbe4df9e29d4b8L,
-        0x06382f3fe4866269L,0xd02b5fe55bd0878cL,0x313d61815536ac79L,
-        0x4ef5bc9b92c66a64L,0xdf2cb0b4c6507408L,0x0000000000000108L } },
-    /* 43 << 427 */
-    { { 0xe64eab7050f2ad0aL,0xb0836a25989d3480L,0x646266df62a0e974L,
-        0xe31a0fcd0786a00bL,0xeb3ce16c8d094173L,0xe027c0361b383372L,
-        0x4b98279927e50720L,0xe1be59ddd0db5c1cL,0x0000000000000191L },
-      { 0x251b4415aa8b2696L,0x7c76e719cd241ccfL,0xa927921cd20b8c2cL,
-        0x3bab44460e5395caL,0x085f53b8b4f6fd5eL,0xfdc7d362585747a4L,
-        0xe01aa6f8b49df12eL,0x98b64a06cd96102eL,0x000000000000013cL } },
-    /* 44 << 427 */
-    { { 0x97cb33b1a4555f7dL,0x43df1ab01b9e2de5L,0x786a7bb7783d728dL,
-        0xcecfdcdc0ed18d15L,0x1d7d0ef878175e9fL,0x688a6a93ae2d03e3L,
-        0x86370b065f8b6e9eL,0x430bbf48dbd9c4faL,0x00000000000000f7L },
-      { 0x2edf29360f7eb5a7L,0xf5420a13cf6ad480L,0xda6ab6be65d089f6L,
-        0x596de3a24a8d9ab7L,0xae767579b2c581aaL,0xaab09d434572bb0bL,
-        0x112a1f2b4928b1f5L,0x38e069e2f93ad7a1L,0x0000000000000021L } },
-    /* 45 << 427 */
-    { { 0x941ca2415ca5585bL,0xd923343df644f5f8L,0x71a7d718b18c3e17L,
-        0xed8dd0de99436ddbL,0xe1fac7baba2f9c39L,0x34358aaef116190eL,
-        0x403bac20e41c6b1dL,0xabc6637b3b26b4f4L,0x000000000000007eL },
-      { 0xd117748197fb706fL,0xe41b34db815019bfL,0xb5228a6772199b3aL,
-        0xf022c6474d89f217L,0x00696885d7150cf3L,0x1f655091377a6789L,
-        0x6cf689158649e629L,0x3219372d4b28e7efL,0x0000000000000171L } },
-    /* 46 << 427 */
-    { { 0x2fb27dbb68b4cf14L,0x83cf08a47542d4c2L,0xedea4b048059f2e3L,
-        0x1222f64a6f67d4a5L,0x1d790b02e6c04450L,0xcfe52ec5cf4dc563L,
-        0xb42d56e9a5fa0b1aL,0x2ef31effc3d864f0L,0x00000000000001c4L },
-      { 0xd62492da6114eaf0L,0x04f4c8d4d40afeddL,0xfaca6c0a08af05adL,
-        0x7171982cce26c849L,0xa7bc880548e683a7L,0xc150763774d06896L,
-        0x0f49ea72c3fcef58L,0x8c32076913cf0f49L,0x00000000000001f5L } },
-    /* 47 << 427 */
-    { { 0xaf181e82985582d4L,0xcdcd966e4e992b86L,0xfb5402b6a35ca1b2L,
-        0xf74d80512add6ba5L,0xb7895c4f41091b8cL,0xde51f53e3a6355afL,
-        0x050164b1ed0a60ebL,0xcd62660cbd2047c7L,0x000000000000015fL },
-      { 0x38f3d8571cbd7da3L,0x24586de2b9f659bdL,0xd8110d99860eb4a7L,
-        0x44464b4562cf6fbbL,0x7eed4e2a0144bba3L,0x3e54c13af303cbfbL,
-        0x30ac8c5f15d1fa60L,0x64450110a92fa2aeL,0x0000000000000035L } },
-    /* 48 << 427 */
-    { { 0xb24539ba81c69120L,0x04505ebccfb6ad04L,0xc834374bfb3dab0bL,
-        0x1387d634c6993dd4L,0xc2e664886b2f12dbL,0x96ddf76e8b1f1c7aL,
-        0x0af8836d0c73112eL,0x60fc8d5c87471da5L,0x0000000000000160L },
-      { 0xbb469810eaf8f9a1L,0x578f6ab463f8ee9dL,0xc94a65ed62b399f4L,
-        0x7dbe97209ed6026dL,0x33fb692d4dd7fec0L,0x1809935aec02996dL,
-        0xeb564aa5b4362311L,0x7721c318a6eaa32cL,0x00000000000000f4L } },
-    /* 49 << 427 */
-    { { 0x6fe34646132b6d6cL,0xe8ad45578b5df74bL,0x5edbe10544181a9cL,
-        0x876ad5acade27e8eL,0x709d9c087a2bc939L,0x8e3fc5dcaf2cc6faL,
-        0x69f278e6f034d895L,0x76f09ec5c27e1c76L,0x00000000000001bfL },
-      { 0x4cc16808db60bb50L,0x8783bcabc0049677L,0x26987cfac55833d9L,
-        0x68a244380dcdb1c2L,0x7c83c14a42bb8497L,0x6b582da63e47412aL,
-        0x3b7e4b7eceb07167L,0x6b8a30351c1bb2e8L,0x00000000000000a9L } },
-    /* 50 << 427 */
-    { { 0x7fc67685987b0150L,0xa8abf2f762b4cd90L,0x115c21725726f489L,
-        0x861ab367948a78f9L,0xbfb4d3a1804286c7L,0xa4512b172771cb85L,
-        0x48d255811beb89b0L,0xbe78f826daa51a26L,0x000000000000014cL },
-      { 0xe2829f61644031e8L,0x80de3e3475877fdeL,0xbcb6bf9527c7a40cL,
-        0xc823751734abfa0cL,0xc476ed04d4a33668L,0x715393764f9017b7L,
-        0x085bb25f90ecddf7L,0xe63273c0a6f3dbd0L,0x00000000000000feL } },
-    /* 51 << 427 */
-    { { 0x06a48d0bbf507ffeL,0x59caa8e90b047e91L,0xa10f715478b708dfL,
-        0xee72692a5cb625c7L,0x1fec6d20c83e6aaaL,0xcfba2c7a3532329eL,
-        0x83970bffa919b5eeL,0xbe15513c6a2a46c1L,0x00000000000001d6L },
-      { 0xfa14892670cb9e0dL,0xa56e8b43ad374337L,0x7d18381ec20e39c8L,
-        0xc7022ca35b739c55L,0xe8d0c9d08ec3667cL,0xf7ee5edaf4244d4aL,
-        0x501af624a2c20c8aL,0x55699815ee5cccc3L,0x000000000000011dL } },
-    /* 52 << 427 */
-    { { 0xa2d0161263e5d445L,0x318c60fb81a2b810L,0x4564edf6ab744edfL,
-        0x21cbb72b7129260aL,0x7ab39feca9d01ee0L,0x9b4d0991aad2d43aL,
-        0x5bf41341e8c8f5dbL,0x61002ceb83ee50daL,0x000000000000017dL },
-      { 0x94b575db1c891b7aL,0x348538dcb7f8b85dL,0x91503a10c1877296L,
-        0x9ff573b2503b002bL,0x4886698ecbd46aa7L,0x6564266de31a6020L,
-        0xfa1da81ee61a1eb7L,0x2df2b1604e03554dL,0x00000000000001e0L } },
-    /* 53 << 427 */
-    { { 0xf8a6c112818062f9L,0x8d08a4ddb301afb9L,0x6d7305c20b074bc5L,
-        0x279f7e4c3470f4bdL,0x59f3f94b6e8c4a0dL,0x680a11913e917609L,
-        0xdd6758459621dd8aL,0x1ab73dc00bc5e395L,0x00000000000000d8L },
-      { 0x2dd9e1385f223a32L,0x4d87bf99ccdf9a1fL,0x8a67b8908a2f1b38L,
-        0x329c08b5969b592fL,0x9f15de53e70135edL,0x537ad5329408ce34L,
-        0x00f468c6d91dd253L,0x07514043d47da37eL,0x0000000000000138L } },
-    /* 54 << 427 */
-    { { 0x26144feeeb6e7d44L,0xa3d0e47b419d7a27L,0xc97f088e22e55c60L,
-        0x611ff17696306002L,0x5be12ad9e06949d3L,0xa044ae3d199da892L,
-        0x3e45377b9337f515L,0x6c3d1a82b9c008f3L,0x00000000000000ceL },
-      { 0x7576e2901950a782L,0x0f137065091e8675L,0x32b05e3c59703452L,
-        0x0ea85fa33e8a80aaL,0xad2e35276f9bff8dL,0x50cbed34efae1927L,
-        0xb7dc26ee13ac433eL,0x42b282472925f0ddL,0x000000000000011cL } },
-    /* 55 << 427 */
-    { { 0x2e49ba37ff3d2c8eL,0x8b7eb6db17f31cdaL,0x81fe046de11d97c9L,
-        0xed15756eda082707L,0x685e44031195a75aL,0x56e7aab54492062eL,
-        0x5ca5797e3a978f5fL,0x4591a8bdeca382e2L,0x0000000000000097L },
-      { 0x4fb2fb61ee14d996L,0x4723a61f5803e9a0L,0xed2c32c01740f872L,
-        0x9cfb2e942c46e342L,0xf664be63842b362aL,0x4ab1e9d06d396a61L,
-        0xb0930e94a2fe10a7L,0xdc17d952a8fe6f70L,0x0000000000000110L } },
-    /* 56 << 427 */
-    { { 0x586c6846413b14edL,0x936bb2927edcbc73L,0x893e795583cf2054L,
-        0x386a770bab5def06L,0xe753fc8a28830523L,0x3e651f83a9e5952cL,
-        0x42c2d31ebddb4b3eL,0xb9ebb8c23d9485e4L,0x0000000000000130L },
-      { 0xd0f7512dfdd9c07eL,0xdb9b61d37c17370bL,0x1d5542e40e023630L,
-        0xd7367ec1e751a8b2L,0x3ee2c75913e4ec75L,0x331c85fa9cb027a4L,
-        0x9b1d0f016fc9c60bL,0x7e6a19cf34080c71L,0x0000000000000142L } },
-    /* 57 << 427 */
-    { { 0xe6bb0584e75480b4L,0xb3a154d2cc7fb34aL,0xb297a7260d5ac90bL,
-        0x46cd0c4f19075d40L,0xc3375c6733a6825cL,0x64904deac9512c02L,
-        0x4f17c760ce09f4e9L,0xde401d3cf301d829L,0x00000000000000adL },
-      { 0x89155ce8d39f2376L,0x39a8df112371e03fL,0x65d702536fee325bL,
-        0x54ff235708ed7dfbL,0xc19258ca932476b6L,0x13cc49b26dfeddf1L,
-        0xa2b26c3c850f96daL,0xde83c98d86e4d2fcL,0x000000000000002dL } },
-    /* 58 << 427 */
-    { { 0xc4f1693f0af0d7d1L,0x04df4ffe075feb82L,0x4f818a9543f8745bL,
-        0x3f8bdedd8c94b232L,0xa4af5aa35314fd6eL,0xf4911b6bc3ca1b45L,
-        0x9924adf319e2f569L,0xa7794358dd09e72dL,0x000000000000006dL },
-      { 0x4f87908e973ff83fL,0xcac68ed2bbcb94e6L,0x99c8c1d8689acda0L,
-        0xb0d9d2a9e581b37dL,0x413d1edfe1ec4002L,0x1585f1cce9fabb62L,
-        0xbbeff8aca026d8f9L,0xfee19657d13ced0fL,0x00000000000001faL } },
-    /* 59 << 427 */
-    { { 0x2b24b3c019ce885aL,0xb53de0cbb854a17fL,0x9a0df03ecf26c32dL,
-        0xe6e276ff18141773L,0x29033b53711c8b3cL,0x367c7c6827b85921L,
-        0x8a0f8999c6f4439eL,0x7dabbad4a3d38307L,0x00000000000001a1L },
-      { 0x88b4790caaaabfb9L,0x39726e9aee90a6c2L,0xbc324a8c2a08e052L,
-        0x5044c686f2835310L,0xb4b2ee401a62e2a6L,0xb5bb8ea4715a09faL,
-        0x4ba0b1caa2406da1L,0xee2a9ea4066a2a26L,0x00000000000000b7L } },
-    /* 60 << 427 */
-    { { 0x244f7e0c14c92774L,0x0e07d01007243141L,0xc07fc4185d862fe2L,
-        0x052eb9b39eff52e1L,0xa39dcf3e79cb7730L,0xd4bc1e0ada1a0cd7L,
-        0xcbcbed4ed398b073L,0x466686ba732f9530L,0x0000000000000110L },
-      { 0x67d348f78f15b8cdL,0xa681bab6d8cca9bfL,0x5dea910aba84678aL,
-        0xb89d861524525de1L,0x7536a8e711faeef7L,0xcb049dfaaeeb1f92L,
-        0x647de8ded21f0b55L,0xc2e8852ffb9fd11aL,0x00000000000000b8L } },
-    /* 61 << 427 */
-    { { 0x53e4c63ab7849f04L,0x065e74bdc84a5960L,0x4c437df833b4638aL,
-        0x3e8046b785eb9a9aL,0xbf96115d5136388aL,0x7682edd57d6ea4beL,
-        0x4939f243b3c638fcL,0x71d0774fb46c9fadL,0x000000000000012eL },
-      { 0xe57fa566f6f9843fL,0xfc6102e7f9b4659eL,0x51279da3ee351e88L,
-        0x1913f351622fb01dL,0x5a1ada08ec899057L,0xca36809acf2110feL,
-        0x58afbe7f68df1b01L,0x025adf57f30e4d6eL,0x00000000000000b7L } },
-    /* 62 << 427 */
-    { { 0x66de14604a32d769L,0x7085c561b00b7baaL,0xf3781f27ca887f70L,
-        0x067b88390f609588L,0x4dde43f9de1aa960L,0xdf0d5c73246e1756L,
-        0xfb7e6cf0e32b6b74L,0x832383085785f432L,0x000000000000017eL },
-      { 0x85244d7e30556b4fL,0x7d7ae5c25f2b01dfL,0x6d217088afca87aaL,
-        0xcce2eb33c6746f35L,0xa214db754c48ee16L,0x7075d0059af9c236L,
-        0x05acfa551dcb066cL,0x51808254399e0cadL,0x000000000000002bL } },
-    /* 63 << 427 */
-    { { 0x37140db02c17ece8L,0x67c86862a2f14a31L,0x8661ca8b7f2ebba1L,
-        0x44ea992a1592fbe6L,0x23c0aa41dbb650d2L,0x7e3b31be84e08d74L,
-        0xdc2437d958374fe6L,0x7080a4802a00d6dfL,0x0000000000000084L },
-      { 0xcf036b4f784a660cL,0x368783d64202a5eaL,0x70f9ea976ab86497L,
-        0x10e443598d9be8d3L,0x804e0b878e0a9738L,0x7251be8c013faba3L,
-        0xbf2df4fc39e0f147L,0x0b31ef1115f25948L,0x000000000000000cL } },
-    /* 64 << 427 */
-    { { 0x5fbf73adee70e781L,0x29a81e4f67793cf9L,0xd7e9ccdf80bf503eL,
-        0x6c06d49cd6edda9dL,0xc33c7ee6d96e70f7L,0x30d7d644ef6114b1L,
-        0x0615b576ab81af49L,0x56b8af445a09a31fL,0x0000000000000076L },
-      { 0x32e0b33475cac764L,0x0b123da0dc2d7e31L,0x67d72e7ad11b58eaL,
-        0x93165a21961098edL,0x4ae95e5add1d2b8cL,0xc26794a07ee3715fL,
-        0x6887f532cd333782L,0x67e608d5af37aedeL,0x0000000000000179L } },
-    /* 0 << 434 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 434 */
-    { { 0xac333e4aecfa8831L,0x9d08f6ef8a6d6e93L,0xf2eed835ea97fb6aL,
-        0xddf44417070c46f2L,0x1e3159bf37694ea3L,0xb0c4319c8b7d6a05L,
-        0x0abc757261f314fbL,0x0057f6c701a6047eL,0x00000000000001e7L },
-      { 0x204cb3dd6af8283bL,0x4eedfa1644ab9ea7L,0x79f1569993b7d9e5L,
-        0xaac8f0c7d29dcc8aL,0xe293fd274800f5e5L,0x6ec0a739e22da004L,
-        0x8cbee62fb903094cL,0x86dcb1fda88c3bceL,0x00000000000001ccL } },
-    /* 2 << 434 */
-    { { 0x3a44dde085f45eddL,0xc543bb6498309156L,0x82d1ce827597d0d0L,
-        0xb2dc0f228106ca3eL,0x66f394472c3a313aL,0xd8f6fcdaa6cf2e03L,
-        0xed6e0e279e6bf40bL,0x7dcd3a305b9a41afL,0x0000000000000095L },
-      { 0x0a870cec12be5b78L,0x912c21c51406e140L,0x977417fdd5e13ca1L,
-        0x9edbae8ab9e21e28L,0x9fce45ea13b2f069L,0x25bd760b84f3cbf2L,
-        0x29e0c3ce2489fd01L,0xe16d31c1ec62a766L,0x0000000000000061L } },
-    /* 3 << 434 */
-    { { 0x9badc953ab98f2bfL,0x867b5f5e6f45ec55L,0x36c30111539ab291L,
-        0xc663fbe74feeef3cL,0xb2da1de355213dd8L,0x2c3e4a54a8f58884L,
-        0x2c2794c713f166adL,0x1b31c3a69bb7b65bL,0x000000000000018eL },
-      { 0x1a866f47b06e4f37L,0xbbe067a17a609c0dL,0x83073920151f64fbL,
-        0x899421eebba549b1L,0xa2145adf91f21d16L,0xbd5f420952c37c74L,
-        0xbf18214c7c7afc51L,0x917e6547b69ba831L,0x000000000000013eL } },
-    /* 4 << 434 */
-    { { 0x6985bbd6ee32e2ffL,0xe69f0f223c35a00bL,0xb1abb4ae0ede3c1bL,
-        0xa3d7ecde93d96532L,0x69eae2594f693cabL,0x52e38b65fe3665f9L,
-        0x17664e93f2fa7a85L,0xe1a2febfa5300907L,0x0000000000000000L },
-      { 0xbb35ef0ca538774aL,0xac9aa3ce2b28e6fbL,0x57e02d060a801edbL,
-        0x6977544394847324L,0xb526bb1929dd0a3bL,0xaed93900c468815fL,
-        0x3eb1b9b2221df814L,0xe421e27ad9472dafL,0x00000000000000b9L } },
-    /* 5 << 434 */
-    { { 0x86c72d693a4d1314L,0x8a0b4b5a5c7db07eL,0xb77d353706fde68fL,
-        0xcb5446077f5e412aL,0xb399cf67eebefcd0L,0x8b1f0e0a274fa0ddL,
-        0xbf0e6dc875a8fa65L,0x1c405959c78432ebL,0x00000000000000cdL },
-      { 0x50aef83472b78101L,0xf4477ba98ad40428L,0xffafa24a11d9b90aL,
-        0x41b8927e81c56505L,0x0f9920639e742b07L,0x1e7d380631dbf256L,
-        0xd4c41bf666ba635aL,0x895bd3de14246d32L,0x0000000000000179L } },
-    /* 6 << 434 */
-    { { 0x4ca733dff28aebc3L,0x408d980ed8f0c8feL,0x64cff1fd113fe1beL,
-        0x3ecc3e9706c2bdc4L,0xfa7cd864c6e6802eL,0x728c7528d9975387L,
-        0x96ae9f3bd6abcb5fL,0x24a5251a89ee857bL,0x000000000000009fL },
-      { 0xe49c9cc6c5a6f9b0L,0xdd026901c60fb1c2L,0xc0c58dacc212b65bL,
-        0xf2ea35783677c2b2L,0x7d2c7e6de6ca86aeL,0x8ca90cffdc0561a1L,
-        0xa4e849704061a2ebL,0x852086dafe948ce5L,0x0000000000000135L } },
-    /* 7 << 434 */
-    { { 0x64d982d29e4a102cL,0x4526200619d68225L,0xce9edcab495a7a30L,
-        0x49255fd1405baf0eL,0xd9e98392b5055fa9L,0x5deb038d3910964fL,
-        0x3c53120d8c7d1e1aL,0x4690a6be39ee8dbcL,0x000000000000003dL },
-      { 0xcbd6c1035f941144L,0x0cc8a7b3d72dba80L,0x09d89abc286785b6L,
-        0x7f545c4c4d52dde7L,0x1f0b173d3212b0c7L,0xc82280472dacdc27L,
-        0xd9a295be16301255L,0x75cf7419ed5f40ecL,0x000000000000005dL } },
-    /* 8 << 434 */
-    { { 0x823a3093dcc0c55dL,0x48e4f42c8667bd82L,0x6483b8acdd036949L,
-        0x0d3f6e52154b38e9L,0x713a6450cb96db0aL,0x791efd97ac907250L,
-        0xe491a5192130c99cL,0x333277e57df593fdL,0x00000000000000ceL },
-      { 0x4deb4d72d7d90a84L,0x7f39203ea13778c5L,0x2308cd8a7bb79168L,
-        0x470cef35a710bd28L,0x6db6b1a213ba5c45L,0xe35b95dde9e55ec1L,
-        0x68f023ab7819af5bL,0x50d449896770441fL,0x0000000000000187L } },
-    /* 9 << 434 */
-    { { 0x4710bb318de4fd4eL,0x169135edf00d87afL,0x36bd504900a94292L,
-        0x90c1c9c2ee73e959L,0x604cdf4c627461f3L,0xf123980795d64fa6L,
-        0xa60a3fb61f64ccc9L,0xdff7fc6e358d52d3L,0x00000000000001d6L },
-      { 0xa97592eec296e9a0L,0xcfda4984fbc367ffL,0xa22077102957a911L,
-        0x596f1f66ca8ec572L,0x7bb35c4f4723310bL,0xb8f39027336b3010L,
-        0x4c2ad1f39d1bfbccL,0x99f721ababd1e48aL,0x0000000000000103L } },
-    /* 10 << 434 */
-    { { 0x761d77943135f08aL,0xc8ea69f3c9ff4b0bL,0x3a427a226d6f567cL,
-        0x4f8fbd235866181cL,0x4ab492868b5a14d5L,0x2cf7fb42ad46afe0L,
-        0xfe411657b6759dc7L,0x9610138134a7b11bL,0x00000000000001b4L },
-      { 0x1c306fff2d0bc15bL,0x23830bab33793532L,0x959e8e6406ebcd49L,
-        0x8ed9b284f60bceb3L,0x7d9c5d2acba1b607L,0x8aa698e5ea1a280eL,
-        0x75025662502aa440L,0xe1b6a557d8462948L,0x000000000000004eL } },
-    /* 11 << 434 */
-    { { 0x1bcd8a7db6ef3dafL,0x12c9d413f4253275L,0xba8941d2eff8e698L,
-        0x3c29be9700772aabL,0x4d3932bc466ddc96L,0x9d8f7ea612b8dbceL,
-        0x54b26ab2e90a0e8bL,0x28ecc5262ab562e3L,0x00000000000001d0L },
-      { 0xef47706ebc52c73fL,0x88ac550f31ca0b88L,0xefc0b9993f371074L,
-        0xf757ea265a09d4dbL,0x4f614d7d4eca4514L,0x3b597b46bc70e805L,
-        0x5f65ff72861a04c5L,0xa2fa0cd6a07d93a0L,0x00000000000000cdL } },
-    /* 12 << 434 */
-    { { 0xfd2c6ba8c03c8a93L,0x6287baae255a51a6L,0x6cde095efc336858L,
-        0x668c6f54acb5fb8cL,0x26b65582568a5789L,0xd51684effcfeb7baL,
-        0xb5d91d3d8dfe63fdL,0xd366cae7560188b9L,0x00000000000001c6L },
-      { 0x587d06cc9844367eL,0x527a075f589d9acaL,0xd581ad9f4f88ccdbL,
-        0x3499e8073a56ca59L,0x50b8b14dd6328d96L,0x9b06ce845936a744L,
-        0xab46f398e693da36L,0x4c5e0d9abc55f498L,0x00000000000001e0L } },
-    /* 13 << 434 */
-    { { 0x35e6f3aeedd8cdd5L,0xe7d1f84e3c70eda1L,0x2fa8a57c99601b6bL,
-        0xf4cd235a499f2353L,0x9200190c848ec0f4L,0xd8e57c44524a27b7L,
-        0x5a32ea3b935a4f48L,0xd31839aa14181ffaL,0x00000000000001ffL },
-      { 0xe60c02142be2e8d7L,0x4149c75ebc31b48bL,0x87917bef8716d826L,
-        0x70259495ce66f29bL,0x457f892b3868150dL,0x8f604f018c143012L,
-        0x802b15781b1338e7L,0xb8e25cdbe0d1d962L,0x0000000000000116L } },
-    /* 14 << 434 */
-    { { 0x8f89563d4f5a170bL,0x9b4bedca2a08933eL,0x270d697123bf430bL,
-        0x589177b13db77dcdL,0x2c7fe43654015de9L,0xa190fe6f76847478L,
-        0x161fb872744696e7L,0xa272a78c692f59d0L,0x00000000000000deL },
-      { 0xdd80e1522a95538aL,0x2d9da36b70fe17caL,0xfe5bfe5823144f73L,
-        0xd3239a7c02c3a576L,0x01efa88bd359a33dL,0xe6af55f7269d3166L,
-        0x15e3f06e0b135041L,0x20be0cf9492369fdL,0x00000000000000bfL } },
-    /* 15 << 434 */
-    { { 0x76c2738f4e339d8bL,0x2f6527a787c02e91L,0xc39a95b131e5a030L,
-        0x8a733cc6c748a0f8L,0xd9ddf3065851fca7L,0x0cc640146e2fa015L,
-        0x39d03d51fd0aa84fL,0xaaaa83861c8f6581L,0x0000000000000138L },
-      { 0x750194db2640d9c0L,0x3415c97add9e522bL,0x002ae6be920d5398L,
-        0xf544445d80534cabL,0x3c62a5dc6f30a7c8L,0x26b9e329a45929c2L,
-        0x7675e5d566978e76L,0x905599fbb8d851c6L,0x0000000000000198L } },
-    /* 16 << 434 */
-    { { 0x6cdf7285e8cf496bL,0xa27becaee1460283L,0x0291e5e3a8331004L,
-        0x436d8dea957e58fcL,0x52ade5768f6a37b3L,0x4c31e9eb08ca0bf7L,
-        0xd918c8a0547bb960L,0x85ceb1004394f6d3L,0x000000000000007bL },
-      { 0xf796100862db1e32L,0x875fa000c20f8b1eL,0xbd4bb865e621e53eL,
-        0x9346c7c57235cf42L,0x8ae88a5692cd8c70L,0x06b82e3ac68ab6d4L,
-        0xd0dea99a736a6b71L,0xa54ceaa48c6a1235L,0x000000000000012dL } },
-    /* 17 << 434 */
-    { { 0x0fa6807fc5da532bL,0x55d9934a4ff8c1faL,0x2eb4a07eebdcf033L,
-        0x4b02434624189b33L,0x2ac6561b755eb9fbL,0xaea6cd0ad3eb3456L,
-        0xa36e3823c15ba5acL,0x94b73998c83d3098L,0x00000000000001e0L },
-      { 0x7fc341f11f8b078cL,0x713203356df305b0L,0x37a2030430ec9e60L,
-        0x7999cd74c660bafaL,0x7521e720ec45a6f7L,0x6fa8a84d4fb05d84L,
-        0x16e0315c1f4f5dfcL,0xdd5cfcc90cd47592L,0x000000000000008fL } },
-    /* 18 << 434 */
-    { { 0x7ca1ffa7541e8082L,0x00f359827383faaaL,0x04a27995ddbea281L,
-        0x11cb61e87b84e2aeL,0xb22cabebc2411c38L,0x684f6d0266eb6691L,
-        0x712d6e1f4d7d1723L,0x5717734104bda106L,0x00000000000000e4L },
-      { 0x72616b593feb0af8L,0x6e76d929924cd70aL,0xf6d917784239138dL,
-        0xfa7bd85f84918a4eL,0xb90ba79df7073d27L,0x4edf2a217e42f694L,
-        0xb4840c74e1064c54L,0xdbcefd0b133a8f82L,0x00000000000000d9L } },
-    /* 19 << 434 */
-    { { 0x74207ef458e13084L,0x64cd272b775520dcL,0xfd6c279b16d75480L,
-        0x0de0dfa321b58672L,0xd156b0bdaa4fe111L,0xa006bb34bdc41a5bL,
-        0x586bb1e3f7423cb5L,0x39ffa18d5c61fd49L,0x000000000000011eL },
-      { 0xe3f73412ec60c0b7L,0x7a6bc1434ab8bd9aL,0x935d3e7ac11d433eL,
-        0x1559ebf9dc6e4b07L,0x6a4fbf74d1ff2ce8L,0x58526dc6fa40bacbL,
-        0x36abb094c5a9d599L,0x4ce17b30e5b1452bL,0x00000000000000cfL } },
-    /* 20 << 434 */
-    { { 0x14de106989b694f7L,0xfa202a91453ed74eL,0x19344093b7c462b0L,
-        0xddb9f1159d5f7733L,0x6110f1cd6e71efcbL,0xe9dbc336d27d9f95L,
-        0xd9b29e011ba3bb66L,0x7b218536a9677cf4L,0x0000000000000178L },
-      { 0x7fe687840eafdb07L,0xde335a451c0d642fL,0x11b4b98a208d5237L,
-        0x53f2c20236b0801dL,0xf07f20935cde08e1L,0x5e0e5d3a0f34078dL,
-        0xf1fc7f3480286b22L,0x4c305a8bc48e9216L,0x00000000000000f4L } },
-    /* 21 << 434 */
-    { { 0xd6df42236705ed72L,0x370df16b66596b1dL,0xcfd44ffd24fd4817L,
-        0x3d6143cddc924183L,0x26b486833c93f868L,0x54926c39c19a83d5L,
-        0x3d07a6ae95119375L,0xb882bdf8d83bcc99L,0x0000000000000034L },
-      { 0x3cffe30d64e14848L,0x0dec1cdaa7c2b18aL,0x22757d5836be59cdL,
-        0x7ddacf11d39f6627L,0x83237713e4a0e59fL,0x755523683e890a59L,
-        0x6473baf3ff8e3c4aL,0xf8a58f623318c5f3L,0x000000000000013aL } },
-    /* 22 << 434 */
-    { { 0x3fb7ab81dd8b0441L,0x9b12b4f4080198a6L,0x765ab538611543c5L,
-        0xd1b6ca116043b1e1L,0xe8e0c15a1e579bbcL,0xc9005a7fb00fd558L,
-        0xb0ee75168c91ddfcL,0x85c607eb8506ec71L,0x00000000000000daL },
-      { 0xf9016a2cc0ae0796L,0x1cc194908bddc9bfL,0xb49f46aff31a5da5L,
-        0x172441592beef5bfL,0xd8596e0bb4e4021aL,0x272d8334936dbec1L,
-        0x6b819cc236552640L,0xf6bf179cdf801f6aL,0x000000000000018dL } },
-    /* 23 << 434 */
-    { { 0x2ae917945ba71ac1L,0x8812d26b5fb18507L,0x50d7c5af4e8f8ab4L,
-        0xcbab980b252f505bL,0x53ef95460538a252L,0xbaa38f3b2c7e3061L,
-        0x6227e7032ced0186L,0x3eff1b0b81e073ccL,0x0000000000000184L },
-      { 0xcb8042e53e110191L,0x8b718b8d844874b5L,0xec43894e2c55ef49L,
-        0x089d49b33c1b5249L,0x431cfb0951502463L,0xbd443d7152d52366L,
-        0x6d21c0b3b0e9dce1L,0xca17c72c4b785911L,0x00000000000000ceL } },
-    /* 24 << 434 */
-    { { 0xdb8a02d18294cc29L,0x6aca02ec9a9a5709L,0xee2b10e6d554c17cL,
-        0x29aa181881c661ccL,0xbe522af71fd10eaeL,0x3c4bb5242b5589f7L,
-        0x5a5600b1681236a9L,0xf7ffd0917f235a88L,0x0000000000000007L },
-      { 0xfdfb09268ad17511L,0xc8964821ba2b0a60L,0xa6edc26433608d96L,
-        0xd98937de18d1b857L,0x0feecaad85a5a3b9L,0x567bbb021f102192L,
-        0x89147837441b4a0aL,0xaa4716104e0f3d86L,0x00000000000001b9L } },
-    /* 25 << 434 */
-    { { 0x93f9cccf7863976aL,0xfdbab5361c91781eL,0x6774ae57904d212eL,
-        0x6cbfac24eb9ead07L,0xbd90380ba53968deL,0x0fde4f3a0a3b43b9L,
-        0x4c738cf2096efa0cL,0x1a3a02b223c171f1L,0x00000000000001d6L },
-      { 0xecd4893c71151a16L,0xb6a710f6c733301aL,0x28758b01587eec91L,
-        0xb131f8b73bcdc933L,0xd5f86b40871cd739L,0x2ee24f351b13cde0L,
-        0x743cf511dc7a4ae4L,0x88f47ad7177a75e7L,0x00000000000000c1L } },
-    /* 26 << 434 */
-    { { 0xfd8ed032796edb60L,0x24d59d721ecab1efL,0x34dfd046f4ff8f0cL,
-        0x8606b5075706fce9L,0xc97ed07d35c5b36bL,0x7f4f2338c412e11bL,
-        0xd071191ded311016L,0x2df826748840bf8bL,0x0000000000000192L },
-      { 0x9225258095905d12L,0xae0da381a714a1f6L,0x59c89c85914bcea5L,
-        0x625501930a6928b0L,0xdeaa1009b4cc872cL,0x1c66457791b860e9L,
-        0xe52c89f4cd323335L,0x1b163d294211ab43L,0x0000000000000082L } },
-    /* 27 << 434 */
-    { { 0xc9e03c6c0eb94372L,0x8a373721b3f7a044L,0xb81c3b953e48abc0L,
-        0xb4a8a4b733c5a6f5L,0x5e4f35752c6ffb15L,0x369c3d68d3cd8567L,
-        0xad684b69cd922456L,0xfc195cb8ca0961abL,0x0000000000000083L },
-      { 0xb54609c5e604a834L,0x028b402f975cb6a1L,0xd61cec8482493224L,
-        0xc0d930d5d339794aL,0xb86c38891b9a3b61L,0x7d2eff3793827f00L,
-        0x7ff8c2bf9ab658a2L,0xe7f3aea8cfdd8fc3L,0x0000000000000156L } },
-    /* 28 << 434 */
-    { { 0xe030feb9814abc1cL,0xaa7ef7427387fcfdL,0x134e4ea847e5ce93L,
-        0xce9f3cb52949ffb0L,0xa83252a83e11a1c5L,0x2b308229ba0f2644L,
-        0x1eb76fb7ea75a292L,0x0d9bd36b73cf1481L,0x0000000000000021L },
-      { 0x45bdd68dc50e223bL,0xc6a83635a6c0be76L,0xaa61ea3fc0e1f910L,
-        0x7ad38095e8fd27fbL,0x2deaa3b2796c8efeL,0x9ad0a578d099bcdaL,
-        0x5819856a2a953ea1L,0x2b7b7793593d3e2dL,0x00000000000000ddL } },
-    /* 29 << 434 */
-    { { 0x5d863e60fd21235eL,0x1737c3f3325a1732L,0x6d933847ccc5bf11L,
-        0x00a192d493e00d81L,0x89a45bfac2c643ceL,0x02a13ad00765649dL,
-        0x26458f12fa509f47L,0x74c8aa2d16f09353L,0x000000000000013dL },
-      { 0x3fb91bb9f034a301L,0xc374e95b48dd0af7L,0xe1b0cc306d83c081L,
-        0xbbd70743e19f9a52L,0xd036958d37f45c9aL,0x02e6c68263326db0L,
-        0x65b7b79941872949L,0xa2e9e2dc4a5cd039L,0x000000000000016bL } },
-    /* 30 << 434 */
-    { { 0x68dc9f921bdf35d8L,0x037282cfa1a62dc9L,0xdca2ce576cb7d912L,
-        0xd565f7f06dd74592L,0x33e5cd32c2cf6a12L,0x86e50fbbd1ce584eL,
-        0xdec9cac5a91b3424L,0xb0c5e080b9b711e9L,0x0000000000000170L },
-      { 0x76d0834ade8dc323L,0xc7c54d2e20e86b82L,0x262b43488d8a41f7L,
-        0x35d84018b7751aebL,0xbf41d90a5e4cb30cL,0x3561f5f7c0cd08eeL,
-        0x0da722077b161b52L,0x6dae1a62cd604660L,0x0000000000000169L } },
-    /* 31 << 434 */
-    { { 0x8a4f3392d8eac947L,0x6c5c77fb762e311fL,0x29873696050f18eeL,
-        0x1736f47d8bf20331L,0x6a7e4e5256b5a106L,0xabdc39f8b502e6deL,
-        0x92d66f5e192b6aaeL,0x81266111e45b2f7bL,0x0000000000000038L },
-      { 0x12c3d68218222288L,0x2619aee789444667L,0x15c4af7dde3e55b6L,
-        0x3ea45634f3cf8dd1L,0xa4ec538f4dea2c6aL,0x8a5698ec39ce9315L,
-        0x3748d917aeb0b056L,0x1698cc83705362a5L,0x0000000000000007L } },
-    /* 32 << 434 */
-    { { 0x88fbc549470d7e36L,0xf091232ae079762fL,0x8e84ce7e027a4477L,
-        0x21e570dfb704f424L,0x51e89ca1d36fc205L,0x52451d98cb04c0f3L,
-        0x4233a3569a256b13L,0x42f33c2422636d07L,0x0000000000000186L },
-      { 0x88d6f4d60445345aL,0x8b03b9f60c2faa71L,0xa45ab219c3baf6d7L,
-        0x67c7eba1b9beb6d6L,0x3eb7beb99c8fcf22L,0xb35dfc4371d9a1aeL,
-        0xc1204af558436e2fL,0x543e4f318dd710f6L,0x0000000000000096L } },
-    /* 33 << 434 */
-    { { 0x4e2ab19ccecc8f96L,0x4b5b98ba2dc2c44cL,0x0b69cf0a14cf2ddcL,
-        0x109772e225a59fbdL,0x14e18ca6dc1ce60cL,0x8d542628d9b88c07L,
-        0x088494bb355c86c7L,0x6ead45471c0ca228L,0x00000000000001bdL },
-      { 0xcac21f389be7431dL,0xd238795012a91cbdL,0xa719bcba717b6555L,
-        0x5df1906c4b27ec0aL,0x489f2341704016b9L,0x7a6b8295439665b3L,
-        0xd48a672f6bd0e2d9L,0x7c109dfc85d4da53L,0x0000000000000062L } },
-    /* 34 << 434 */
-    { { 0x95923905c4e86d59L,0x03d679ea822fe184L,0xd620a19613200a7eL,
-        0x9e83b378747e1eb6L,0x39596aa1709c1988L,0xcc66a5db1570d652L,
-        0x3e97c888759f7faaL,0x7a97227391133073L,0x000000000000009fL },
-      { 0x044c93fdf39e6260L,0x152909941bb2cfa6L,0xcb1274af09a76fc4L,
-        0x430e3da16de5dad0L,0xc91bf14c1fb5f32fL,0xc2b6692c0587e533L,
-        0xd318416f41343775L,0x55ab5e96b0acf93dL,0x0000000000000098L } },
-    /* 35 << 434 */
-    { { 0xb847386fa177d3dcL,0x06d3c04864062f50L,0xe818655887c6c7f0L,
-        0xc72485a20bbe2d45L,0x36e906749ebc1de9L,0x02ea3f0a95c940b8L,
-        0x32502e0f9de384a7L,0x412d534093bc0c9dL,0x00000000000000a3L },
-      { 0x234b35877cbee5d8L,0xc8b3c8b7715bd276L,0x64efc64eede0417aL,
-        0x76fd0880130a4b05L,0x7629e3ac5d8dc2f6L,0x3d1bb123377d965cL,
-        0x672bac542c2bd073L,0xd6de18f0763028d5L,0x00000000000000deL } },
-    /* 36 << 434 */
-    { { 0x8c0fbbd4799716a6L,0xcc051818aa53a2afL,0xbca333e86044b4d4L,
-        0x119f4ff585c795f0L,0x4b480cb57ea3cadeL,0xced7fb1dc4c1c28fL,
-        0xcb53655dccc703ceL,0x1fe0b7538c5540d0L,0x00000000000001ccL },
-      { 0xd937f3957c5bc459L,0xb6756328ad67f0a0L,0x3a5bc8d0fe7c0533L,
-        0x796ac0b0e4565f1eL,0x8377d5884913c2c0L,0x2faa11ac7d65704aL,
-        0xe207ffd25e625bdeL,0xbf3d689068bd440aL,0x0000000000000147L } },
-    /* 37 << 434 */
-    { { 0x36917a0fc5d50ee8L,0xf67584a91182034cL,0x6e3f6816ddab541fL,
-        0x252c3846fb4383f3L,0xd486c56a79135f2bL,0x5cf7ae823a7b6256L,
-        0xc903396746135cd4L,0xfa78d00cc9fdfe0dL,0x0000000000000007L },
-      { 0xaa198a27acef8834L,0xbc5b9d6f97b2f05fL,0x9f0aba712c3f6799L,
-        0x11990d450c5baaabL,0xee42d800d468664cL,0x5d20517f8cd348edL,
-        0x4e5cd17de02cc9e5L,0x2cc4892c040e5585L,0x00000000000000b4L } },
-    /* 38 << 434 */
-    { { 0xd9bda3f36d9412caL,0x759172bde7d5a033L,0x9162350fe29748cdL,
-        0xea7e260f7ce78177L,0x6630e96465a27eb5L,0x2745ab185575a078L,
-        0x197118fac60ec2b2L,0xcfdc1b2b7b511ae9L,0x00000000000001e4L },
-      { 0x3f09c640ee1c385eL,0x64473a006dbb4205L,0x6bed5856526fa99bL,
-        0xfd8ca51fdce3dcc1L,0x5f5bf3dfc76817deL,0xc19d1b50e480b4b7L,
-        0x1028a8009198a639L,0xd505d500a57b69ecL,0x000000000000009bL } },
-    /* 39 << 434 */
-    { { 0xf9a3263685b14170L,0xfaaea08426db6ffbL,0x84a477d90e115823L,
-        0x922ce22b3f333890L,0xc0386be7cd7d2d74L,0x10ea11cc30d0eb44L,
-        0x85207d417dbb318dL,0x7194658ad2411ca4L,0x0000000000000039L },
-      { 0xdb898a4506da169eL,0x0aa090c2467b64c3L,0x2cd2e8360970b9fdL,
-        0xaa6c8478f176f199L,0x176a0fc397e78d6fL,0x70e4e4b0f93e0f7dL,
-        0x184642658f26159aL,0xc7cbb454e455ffd3L,0x0000000000000058L } },
-    /* 40 << 434 */
-    { { 0x2f7b339b2b037a05L,0xe42f3e95c499d10aL,0x0160d72e07be03b4L,
-        0x153548a37a4601d1L,0xb0fc5c52ea960842L,0x275739870fe92d67L,
-        0x4c0862b5dea7eac0L,0xcd613cde55b71eb2L,0x0000000000000023L },
-      { 0x28530abf98a98d28L,0x85a1af53cb349226L,0xdf816addeea21f09L,
-        0xa9b60f768c0d127eL,0x508a88e61a151e50L,0x25ac746c3d750f33L,
-        0x5011a102a225271aL,0x3b5029b548113215L,0x0000000000000037L } },
-    /* 41 << 434 */
-    { { 0x38c9b635309d5353L,0xcb77df72ff53eabfL,0xe116962d62804686L,
-        0x6949fbe02faf8d17L,0x7899699b97f3100aL,0xcf94c761b8ef13fbL,
-        0xbca74d760416373dL,0x4ca1c8e9b9562432L,0x0000000000000068L },
-      { 0xed281e63efb5a925L,0x67e0fa020dd70085L,0x01ca8b2cc32e60e8L,
-        0xa78c502dcacbb1a5L,0x8cf30c5145222199L,0x306de139ace8b1b5L,
-        0x3614b36b961f8addL,0xe3ee448a204661cfL,0x00000000000000f4L } },
-    /* 42 << 434 */
-    { { 0xed6f4f24b9102544L,0xf209b09d85d70bd4L,0xd7e7b9b1c727863bL,
-        0xa52ecaaf946895adL,0x4128d7380b92132aL,0x02b9b836f0afd5ebL,
-        0xbff72d5e25e0c7ddL,0x67eabf0bae65295cL,0x00000000000001aaL },
-      { 0x210820f484bb95b5L,0xd5e78b484e691cc3L,0x6ac799475179f470L,
-        0xf1bafa8f493c2266L,0xd772f2b402acc5caL,0x25c600fff28c1f86L,
-        0xe57413f85ba4a90bL,0x1040f65dc9237b57L,0x000000000000008bL } },
-    /* 43 << 434 */
-    { { 0x721a88c5f4a96867L,0x1a6f08e0c7e3964aL,0x0c702afe5874917cL,
-        0x3660b192488af1a6L,0x4cb5255f1d7d5ca9L,0x1f31efeb4121bb44L,
-        0x6853d58c5cc7c475L,0xe222fcb5a50c5a86L,0x0000000000000104L },
-      { 0xa10d5a0167ca5d9eL,0xa5000c01b40801afL,0x7621eed07bad8270L,
-        0x36a455c869afadccL,0xe7659c2588f3d64aL,0x2e81486da9d2e3f5L,
-        0x4a64f4cf9dd9834aL,0x32a3821eeb0c3985L,0x0000000000000176L } },
-    /* 44 << 434 */
-    { { 0x32269c1bdc9fc49bL,0xad26e06e9fc27f50L,0x40d2a97d6b4e84a9L,
-        0x736b98d4910ef791L,0xc48559b078702918L,0xb38b860861be6975L,
-        0xcc86b5ac35b00e9cL,0xf06c1fb5335d2dcfL,0x0000000000000177L },
-      { 0x24bfe015658a4588L,0xbcf3af27ab32678aL,0x55e6b2e160abc5b8L,
-        0x55fb213b917c8360L,0x9e981ed52f427c30L,0x43665885c4fab94cL,
-        0xbf8864fac0afabe4L,0xcabd2939cee3a355L,0x00000000000000fcL } },
-    /* 45 << 434 */
-    { { 0x3501e6801439c78bL,0x45a176bc14dee0d4L,0x5d33c48ecdc93ed4L,
-        0xca8d913e0f11febeL,0xf9553c9ae595b009L,0xc546040165fd9c88L,
-        0x1d88fd1c067148d3L,0x05d5e73168c32d38L,0x00000000000000ebL },
-      { 0x57df5f2ac01721c8L,0x46eea36794fc35b6L,0x1a80221d3532fe8dL,
-        0x58a569de2fe6110bL,0xd58d99cb9d006486L,0x01a70beac7d58257L,
-        0x0f7676b2d56eb44eL,0xb503c4212bb311c9L,0x00000000000001dbL } },
-    /* 46 << 434 */
-    { { 0x48b2eb5bb8f016ccL,0xe1f7acad2889fcbfL,0xe2fbd9c195de450fL,
-        0xa2ae397601759f50L,0x03e182f9966abb7bL,0x6b87622f15f8b8a8L,
-        0x8234b5a6559f8478L,0xc3eac3da12e79b2aL,0x000000000000014eL },
-      { 0x98d557a4bf09ce09L,0xfe2e1a6e9b890fd4L,0x773b8fee056880b1L,
-        0xb7df5bfa733d34d7L,0x9ae1466b7dc667edL,0x1f3c57ef1db24478L,
-        0xcf7a87b31c706e65L,0x52bf0e2a08204e04L,0x0000000000000108L } },
-    /* 47 << 434 */
-    { { 0x12dcc5ed7de6a415L,0xc2d54417adf91247L,0xa5b6b79c9cd65815L,
-        0xc89a400c59c0db1bL,0xb11b7522837951e2L,0xf50d64cba967c6d2L,
-        0xed1de5b667ad5dbdL,0xb0188dfbdfdf950fL,0x000000000000006cL },
-      { 0xe590422636ce4973L,0x62d15372ee9e7e8eL,0xe03a02160bc5bf10L,
-        0x594b360ec424638cL,0x9631644a46e4980eL,0xb4c6d0935ce887f0L,
-        0x34e073072af0a673L,0xd1c705e7cd22b648L,0x0000000000000076L } },
-    /* 48 << 434 */
-    { { 0x83fe2ac97051ea31L,0xa76b3ac1b39476f3L,0xee45d2e03e2433edL,
-        0x606db8a30d999a0bL,0x12be94ba99c5c5b2L,0xe2231745695b061fL,
-        0x0aff87140392ef4cL,0xbdc82de6e03641b7L,0x0000000000000172L },
-      { 0xc9a067a61e4ddb23L,0x924466e6c5fe49e1L,0x56c25e66498a09a8L,
-        0x2ff93349603dd109L,0x6173e4ef0cfe1653L,0x486c08b8861e5694L,
-        0x675b2d4e4460ca71L,0x9ac71cb2dd05403bL,0x00000000000001f0L } },
-    /* 49 << 434 */
-    { { 0x594bee43add1ffa3L,0x81b3f78384ba86a8L,0x4d4d314504753e0cL,
-        0x86918b199618ea5dL,0x4342ac93de51e92cL,0xedc80f689d28bd5eL,
-        0x4d3cffa667558269L,0x8d61908adbd3cef6L,0x000000000000011bL },
-      { 0x4b24dc12ddfdca3dL,0x27f4baafe5dcba84L,0xf6a5bb67d4f24194L,
-        0x704e87a577187a98L,0xd69baff3c81d6027L,0xf0695b948d86bf10L,
-        0xb60137a1a2c69accL,0x0854af7a4dd76e60L,0x000000000000007dL } },
-    /* 50 << 434 */
-    { { 0x28c546ab91960c2fL,0x6c1382d2d67d35b5L,0xf1fd4ece5c68d954L,
-        0x2dadd781a99cf73fL,0xa97a79671519360eL,0x87392a02f36e5f39L,
-        0xd3ba240d4d75be7dL,0x1ec49cacecaf25eaL,0x0000000000000087L },
-      { 0x8aa2388cf7daf8baL,0xf19bb702c9b04b01L,0xacc01044bc682431L,
-        0x3d7bfffca43a6b52L,0x73468005d108c945L,0x6ca56166f402b740L,
-        0xbda45ddecd486b57L,0x9f26b50036456623L,0x000000000000005aL } },
-    /* 51 << 434 */
-    { { 0x5248a930a805fa39L,0xafa9a623ee9049b6L,0x32d8272bf57b62caL,
-        0xc57c6742ac33b6adL,0xe67e374781628ffbL,0x12efe0414055d283L,
-        0x85c2388a6afc546bL,0x3e7454dd2325904fL,0x00000000000000dfL },
-      { 0x27113ea3bad0b4a3L,0x23c3a6b6c7bb4233L,0xeaebb97bacb43960L,
-        0x751bf53c12765e44L,0x5a5843830c3d1a27L,0xc6e8bc1baa75a625L,
-        0x1cc8684bb84e4b2fL,0xcca40425c687f410L,0x000000000000017aL } },
-    /* 52 << 434 */
-    { { 0xeefc28baa0c707cbL,0x610a0bf5b5e8a4b1L,0xd74559f39b53d25eL,
-        0xb987896d504c5e8bL,0xae65dd137b25a6b9L,0x967698fecf659983L,
-        0xa10cf8fc302cb07bL,0xc116f1c94447f110L,0x000000000000019aL },
-      { 0xca833c3f74b590eeL,0x6099ad10a90703dbL,0x1b05eb478dc0a094L,
-        0x8e611a9ffd61f58bL,0x220f8e3cb6376b63L,0xd3ef40d06276c206L,
-        0xb496ed2c80be240cL,0xcc1e4fee4c62d68fL,0x00000000000001e9L } },
-    /* 53 << 434 */
-    { { 0x0aa9cafcfb53fdb6L,0x9bc4068864ad41f1L,0x89f2ed95361e5281L,
-        0x93721ee2d3ebc5c5L,0x099676e1059cbaf0L,0x32034ec33ba1925fL,
-        0xa372ccabe58c5408L,0x4198c3ba3a1925acL,0x00000000000000eaL },
-      { 0xd573dd0472e39b81L,0xbd53680227fb43eeL,0xb4a9b13773ac68b2L,
-        0xecc58184afc54cd5L,0x0f4ef62140216af3L,0x37a4d9e63ab7f116L,
-        0x7c3b8e87fc8e3ff0L,0x7860d91b2112304fL,0x00000000000000f9L } },
-    /* 54 << 434 */
-    { { 0x8b8684e1d9f5da59L,0xc52ddfcb3bbccec8L,0xf37f477d0614edf9L,
-        0xa6f89b1dfbf73c9bL,0x65e2b9fdbd39f9f3L,0x9b027ba9bd91c4ceL,
-        0x4178ae818da1ecd5L,0xe926bc1bf8108614L,0x000000000000003dL },
-      { 0x9b622c1d398d43a0L,0x56774237f050f68aL,0x599aa2b9c376824aL,
-        0x8e56adb3e4f31fbeL,0x62af9ad61d87cfb6L,0x2340d1df8baee620L,
-        0x378bbe281fd803a0L,0xfb8fee939543c614L,0x000000000000005aL } },
-    /* 55 << 434 */
-    { { 0x771a68f7d2aa178aL,0xb95ab9c4b8c86d0dL,0xc305c165d1780b7dL,
-        0x495d129eebede15fL,0xf84a588398216869L,0xf5bf03808faecf27L,
-        0x3a6f8a73c8709373L,0x49cc5d0f53b3905dL,0x0000000000000046L },
-      { 0x170add44ffbb3294L,0x723db04c457403f2L,0x0f6c3750bc22011dL,
-        0x56e0e96571df11c9L,0x9a9d1508fa898187L,0x35699de6bde2d196L,
-        0x5c63eef632409db2L,0x4041e690bdd73fd7L,0x00000000000000ddL } },
-    /* 56 << 434 */
-    { { 0xbae333cec37cc3eeL,0xf3c270f736721328L,0x42ca9e1c3e762919L,
-        0xe58208bda33ea0c4L,0x659c9e0588a736a2L,0xe4aafabff2ce2fd5L,
-        0x6c42985d2fc82799L,0xa83e18ea7bcaca5dL,0x0000000000000074L },
-      { 0xa94f77548e8fd835L,0x2d730134babc4dd1L,0xdf79c84dd9fd0a30L,
-        0x642756577b1061cdL,0xa8a2a2dcdfb545c5L,0xbd5248e2b32e562cL,
-        0x09c33229db76e132L,0x70f63a074ff616ffL,0x000000000000005fL } },
-    /* 57 << 434 */
-    { { 0xea1693d10689fb01L,0xeef647104d87521dL,0x382fc26cd4fe6b97L,
-        0xc179b949f19e86b8L,0xe3084066a88d4985L,0x9e590678bf8727baL,
-        0x23cf020a5de7c97aL,0xca99cdefd686a87bL,0x0000000000000183L },
-      { 0xd268f2d96478339bL,0x54a2403255ea7d66L,0x85f864bdc95560c2L,
-        0x86abfd934597c282L,0x1279888901f25eebL,0x1a9d8482c2eb4653L,
-        0xb1312836217a63faL,0xc33f92ee8f733178L,0x0000000000000196L } },
-    /* 58 << 434 */
-    { { 0xa0d7c4edaded1585L,0x8d4ea04dbf7fb3faL,0xb25ba60333e42c20L,
-        0x660a0b5a73d754b5L,0xb84c5639c6a35d0fL,0x7efc0030cf59e3c0L,
-        0x32417038868c3823L,0xd0e71cc934586091L,0x00000000000001bcL },
-      { 0x9b28a972202e4521L,0x5846906ce6d90c80L,0xd3d25ef2b38d46cfL,
-        0xcebe3581c209c445L,0xb36008a1d1a0e99fL,0x21f0df426da9da35L,
-        0x5f5f088dcf6b4935L,0xc6eeb3a8447a39cbL,0x0000000000000187L } },
-    /* 59 << 434 */
-    { { 0x85ef589cda7fff0cL,0xbb7d2d187aaac2c9L,0x62da1c79861a01c1L,
-        0x20c960dfa6a290c3L,0xe3e5fa87b841bb53L,0x56f776ed030b234cL,
-        0xe3ea771922aee8c3L,0x562e9d08df60618eL,0x0000000000000003L },
-      { 0xaa56fbb1be6ba82cL,0x052d23638f908eb6L,0xd0f896afd5cfa9deL,
-        0x1c90749369f1787eL,0x634393c8e73e153eL,0x6d1a88b10383a7f4L,
-        0x9e56e70c59aeb927L,0x43f825ccce34cb9fL,0x0000000000000096L } },
-    /* 60 << 434 */
-    { { 0x6a2d32b0f3338f86L,0x4a5c3db2c9710433L,0xd298f3b0a5f68f1aL,
-        0xae78b804732d40d5L,0x860d74d8dc109412L,0x0f3d42ce2c898732L,
-        0x63e5cb193d321599L,0x796c17cf1462a77eL,0x000000000000003cL },
-      { 0xbb71e1b917837e4bL,0x9711dff889cf36deL,0xdf6c0a2ab1fd56b7L,
-        0x6f07fdd1d7e8e866L,0xecfc1ba5b4f1bd81L,0x4ac6b88a29db023bL,
-        0x2bb7f22a6de37b7cL,0x86e37d902c35fa00L,0x0000000000000113L } },
-    /* 61 << 434 */
-    { { 0x5126634734a859fcL,0xf9f2b2e478f47a8aL,0xd8391cff0044a94bL,
-        0x6f2eb81f2357b297L,0x1c4f2bbbc7ef458bL,0x3a1d92225e46dc98L,
-        0xf97b3e71727a61f8L,0x8edeab095546e3caL,0x000000000000014dL },
-      { 0x8cc6143e4b4de1e6L,0x78fcfad7fc1524c6L,0xc805ef2343fca983L,
-        0x37753cf32b7fb591L,0x8269ad972df94bfdL,0x2768ac2617382c88L,
-        0x28767bc5589bd8f7L,0x7d96d75f12aecb9aL,0x00000000000000f6L } },
-    /* 62 << 434 */
-    { { 0x8460354fb970b064L,0x4da9baa59ad28208L,0x81f9b7fb546876e0L,
-        0xee7368f787933e9fL,0x95f61bae3d91b713L,0x29ecf884ab29d102L,
-        0x61a68fc2ba02eeb7L,0x2a62ecc38eecd5a5L,0x000000000000017cL },
-      { 0xcca8a64d65fc05daL,0x04e1b84433befb34L,0xc799d13c1aaaa85dL,
-        0x431d1495bb40bffdL,0xfb991dce7dd23e02L,0x9944de58a4ce9e1dL,
-        0xf5ca8246b3b4700eL,0xa2307905364d87f4L,0x000000000000015cL } },
-    /* 63 << 434 */
-    { { 0xfad3776ab2c1d16aL,0xd0885428474617b3L,0x09f73d4268c33a2dL,
-        0x0a00131a4f77e376L,0x92cb3f114947663fL,0xbae96a84fed01f57L,
-        0xb5b55e2bba697677L,0x6f1a684cc671ff81L,0x0000000000000088L },
-      { 0x1f41fe2e1931053bL,0x9745971032a2249eL,0x180bcd1c3c403728L,
-        0x422195462474f7fbL,0x7917cd1812f67c1cL,0xfab12214316ab5b2L,
-        0x6415634ac6d0c5bdL,0x0ecd28b49e499fc3L,0x000000000000011eL } },
-    /* 64 << 434 */
-    { { 0xa0f946b34c7f31f1L,0x122b97ec004b810dL,0x98f876d1831a9cb2L,
-        0x6690030aaebd922bL,0x12a235d1a21b0412L,0x5ced8104e097208fL,
-        0x049b33ed49d32fb6L,0x2e88d76287b187ebL,0x000000000000007fL },
-      { 0x08801d4eaeaaa0d2L,0x3b052b0a6fc2830aL,0x4e02318f6fef40c1L,
-        0x5a24478a06f38abbL,0xc90c53926dedd4f3L,0x402e4a9eff07397bL,
-        0xde13d7bff1bdec37L,0x8a363ccb727eb837L,0x000000000000014dL } },
-    /* 0 << 441 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 441 */
-    { { 0xa749f2661accb5d0L,0x8ee12c7ebcc9460eL,0xf3a52fdf3d25e73cL,
-        0x187bbe7100c5540fL,0xcdcc3cc1561beb89L,0xe54df2b48eacfcabL,
-        0xbe6d1874cda02530L,0xbb717f8fd072a684L,0x00000000000000bbL },
-      { 0x79de2d6504bd7407L,0xd8ae0921ccea6b74L,0x358cf798695de295L,
-        0x004e73b2b81c02a2L,0xd252441e9e6caea2L,0x557f228caaaf568bL,
-        0x6f92ec1d357d9e37L,0x31efd9bfe91fd306L,0x00000000000000dfL } },
-    /* 2 << 441 */
-    { { 0x650e3a2694a7efd8L,0x0e18083dc739b54fL,0x4ef3232e9367e306L,
-        0x2de3d70cf0838edbL,0x1364e843ca8715d2L,0x854dca361c25b1c8L,
-        0x73c011bcbc117070L,0xe83bd36f051286e9L,0x000000000000019bL },
-      { 0xf1226611c0f59bfdL,0xb910f5b64287520cL,0xa408790bffcdbb02L,
-        0x9d56f34d1a0bc553L,0x1530c726ce9a67a7L,0x96f5fa25dce794f5L,
-        0xd5a224c8077377aaL,0x2e9d8e98d016e05dL,0x0000000000000093L } },
-    /* 3 << 441 */
-    { { 0x3e884116e71bedebL,0xc43114f0d8e683d2L,0xc65277b4709db235L,
-        0x135e623363401611L,0x5e6cc4ca4ceccd3cL,0x9d481fa0f73e6e64L,
-        0xd52236235c253aecL,0xd60d849991f70b82L,0x00000000000001c4L },
-      { 0x5db01dd6632f8eb2L,0xc4695bbfa948669bL,0x143ae7567fef1ac0L,
-        0x3958cd3f21487ff3L,0x00c79f337da2ec59L,0xce54451e07f9a8bdL,
-        0xfc1017fb62f7eea0L,0x6bb256b462f0f204L,0x0000000000000008L } },
-    /* 4 << 441 */
-    { { 0x3e9a969a777a2dd1L,0xa928fca6f0b88aa3L,0x7282de355f56eec8L,
-        0x6fc69cd1076833b3L,0xb082ae0411751566L,0x09a31956ceee94fcL,
-        0x6d3a6221158a2cb5L,0xb29c6ae7788752efL,0x0000000000000105L },
-      { 0x44ee879abd125523L,0x8297eaa04e8990b5L,0x9deee7c4d7723740L,
-        0x3c6037179a8bf178L,0xa851306b1207191fL,0x13eee334bebcb461L,
-        0xc13d695eb8cce34cL,0xf3f594a50ff4755bL,0x0000000000000196L } },
-    /* 5 << 441 */
-    { { 0xd370ca154611d4ddL,0xdca296e58f40e4ecL,0xc2c0a54fbb7413e0L,
-        0x99064624c90f6194L,0xfa357ce2798e03acL,0xf782d7099c6ba76fL,
-        0xc3718575129fbaf7L,0x9275ddcf09ad3f74L,0x000000000000016aL },
-      { 0x6ee77b4cc4919031L,0xb09eec783947c6c5L,0xbd8f2eb86a83f5bcL,
-        0x2584dfcffbfd128eL,0x11f97bd08c68c3adL,0x157420d05f2133d1L,
-        0x8f3c1815d1dd4835L,0x11e09e8f326d9859L,0x000000000000015dL } },
-    /* 6 << 441 */
-    { { 0xbe0ae36cd038af41L,0xc3e663659074c082L,0xf3a754972111b39fL,
-        0x853840556be5e224L,0xe6a841a8fdc29253L,0x6f242df76886082cL,
-        0x4de2664606880770L,0xa8d7ab3e57695441L,0x0000000000000105L },
-      { 0x452fa47042fb45c1L,0xcd54e43102d65857L,0xf6439594c6aa1fcaL,
-        0x910ff5bfca2c8838L,0x5db4b1df093db021L,0xc6c529725d06ce9fL,
-        0xed40a0482981de06L,0x394308e642e75708L,0x00000000000000a5L } },
-    /* 7 << 441 */
-    { { 0x1140d1b13f7e1b85L,0xe5d9542e558f5a89L,0xf01590081347e2eeL,
-        0xf4140adaa83cd3eeL,0x1388e29d1f9958dfL,0x177f13dff1d926eaL,
-        0x5aac4c2037209003L,0x46bed0a6cb9e0456L,0x0000000000000165L },
-      { 0x635535b494312d7aL,0x662149bfa396a95dL,0xb23c59dd4348ab81L,
-        0xa059d555cf24fb7dL,0x3dc39dbfbe9011a6L,0x7e11b9d98d1ed5a6L,
-        0xde503b26a1fb4b12L,0x04d12ec729aa2854L,0x00000000000000ceL } },
-    /* 8 << 441 */
-    { { 0xbf07e90d8114885dL,0x76d513b29f39a562L,0xd98ae4f77e5446a1L,
-        0x7e3314e96264b6c0L,0xe634dee76f3a7560L,0x1dfa2392a08d539eL,
-        0x45764812bdae3c53L,0x858b836fd824e9acL,0x000000000000003eL },
-      { 0x9bdd0365e324ea11L,0x9625d01b1117cdc2L,0x491ea6427f6c259cL,
-        0x61b79486125826f0L,0x573debc818a56486L,0xe224dd3b0d31132aL,
-        0x075c3bf780be8263L,0x0eced67ab84a07faL,0x000000000000010eL } },
-    /* 9 << 441 */
-    { { 0xe937531c77ee5e92L,0x2a248ed6cde38019L,0x9d56715bf16bcb1bL,
-        0xb232a0b13682fee6L,0x50adcfb76062ba66L,0x853ecaafc15a8617L,
-        0xe2ae82eafbf86cb2L,0x2387b9e996e5d5d9L,0x0000000000000126L },
-      { 0x2c949e78d1ad4cedL,0x2dbb570f7e1df51aL,0xb3b00e4a1f09cb9dL,
-        0xd50d45499ddc5774L,0x22bc724199ed1407L,0x0c6b49fea2462565L,
-        0xb7ea7261ad2bb7a2L,0x14edf03146fa95baL,0x00000000000000aaL } },
-    /* 10 << 441 */
-    { { 0x0c0d310cf9039efdL,0x954127e0be623269L,0x2c8de379ad37d5f1L,
-        0xc88058c24ae1e101L,0x953cced393612558L,0x6f795799562ff195L,
-        0x04b43800f75dc91fL,0xc388110878a305a3L,0x0000000000000023L },
-      { 0x3a910a199d0e636bL,0x8fd231dea9233a03L,0x61c5a3511799791bL,
-        0x0f6e33cf24e1aa4aL,0x99fcbe6d24c1749fL,0x6d6dc4ff29e84e10L,
-        0xdfd3919445a30b2cL,0x551811cf3d438976L,0x0000000000000042L } },
-    /* 11 << 441 */
-    { { 0x19fa754692c76a06L,0x09b44b739cdf4192L,0xdd474e2429a471ffL,
-        0xb33d4b633c1f2efbL,0x352bb3c87b6ba5bbL,0x33be999f7a25c837L,
-        0x455849c9708753a5L,0x4bebf7228c356712L,0x0000000000000082L },
-      { 0x491c083d1c932272L,0x53e741ac7902ce78L,0x3e913b13cc553480L,
-        0x28d36b5162b46cafL,0xdaa8df3ec5c92702L,0x1b8ce0face5b521eL,
-        0xc3a12ef4346a9c86L,0xa88531c1af543e95L,0x00000000000001b4L } },
-    /* 12 << 441 */
-    { { 0x225c4d89218083c9L,0xc8ca7c0bd951e863L,0xc48c23d1ae8d2aedL,
-        0x2e5a185d12f3fdbfL,0xd459188cb12bf51fL,0x42707a3376a84f56L,
-        0xe647d5ba0c5646f1L,0xa18986803140e000L,0x0000000000000132L },
-      { 0xdf3b68773acdacf7L,0x2e2ce1ead81dab2fL,0xd3a3397dffa2aa06L,
-        0xcc9192cb2a580c69L,0xc171c2ba6291b080L,0xa886917af908ea1eL,
-        0xd49b41cab0ee690eL,0x53d75ee28a4699a0L,0x0000000000000055L } },
-    /* 13 << 441 */
-    { { 0xad0120df46dc9f05L,0x9dece9ccd80e1f06L,0xb55d9ea96661d61aL,
-        0x3bcc804d06e86dc4L,0x711a39a0a1fd8a7fL,0x5dc5752e514bb596L,
-        0xbd07dc9cdc01996bL,0x745d1b95166bb5c5L,0x000000000000009cL },
-      { 0x896d26ee45568558L,0x995524f1c875e781L,0xdd27fb7f85ae1606L,
-        0x6d2a995ab6ce93a4L,0xfdde5c2a6bfab47aL,0x6cf168956a8f8625L,
-        0xf36f40b9c9697605L,0xd85528d7a2ac13adL,0x0000000000000123L } },
-    /* 14 << 441 */
-    { { 0x245c6974e996e859L,0x18140823357fffc4L,0xbbeaf2d9268c0e61L,
-        0x84c491bf1ec3a60aL,0x92519cd3932c2143L,0x2f8026a50e9c23bbL,
-        0xb3ea1321fad88c26L,0x253e9873ca612741L,0x00000000000001afL },
-      { 0x96ac89af04eb167cL,0x1d51ede280839911L,0x0ea85b4126be1ea8L,
-        0x2d788d0d3e5c6fd0L,0xc0565fec84fef7ffL,0x605449368a5337f4L,
-        0x8eebabc69bfcd3e4L,0x0e0fb4da4a66bbf1L,0x0000000000000059L } },
-    /* 15 << 441 */
-    { { 0xd3bf69da0970051dL,0x93f43d8c436c6222L,0xe07658e68ef8f7aaL,
-        0x0644fc85e0da692dL,0x5b21003afa44ed0cL,0x7a63520b55fd30cdL,
-        0x2e494a11c200c9f1L,0xa3c6951d20e8ddaaL,0x000000000000007bL },
-      { 0x4af75dab2fc74e40L,0x1413b04a35e18492L,0x3a5ca7ae646c012aL,
-        0xdf45e095444c9da3L,0x28ad4ce37723586cL,0xe7d27e128baf9d42L,
-        0x41f7f06f8ec93610L,0x0636c501c7c2f47bL,0x000000000000000aL } },
-    /* 16 << 441 */
-    { { 0x486d3c489c4cd8ddL,0x2ceed6f8f7e8160bL,0xfb38315da76fc3c5L,
-        0x521ac7bb7863c459L,0x17252331576f783dL,0xf0fcaaf23e6d4bcaL,
-        0x8db1cffce6f8e385L,0x2e2ef7f478c49eebL,0x000000000000001aL },
-      { 0xa3c3c341f690d5aaL,0xc14cffb041e05923L,0x2c7e4bcba2c02f22L,
-        0x79352516c38aafe2L,0x67bf3709daf3e5f9L,0xfd7c30a974d2aad4L,
-        0xb46886878b971591L,0x7adf565ab5f34fd8L,0x0000000000000132L } },
-    /* 17 << 441 */
-    { { 0xc6f3ddbf3ee1b1b6L,0x3ae199de367775f7L,0x869e3f277b5c2062L,
-        0x01adf55de699e103L,0x6fa9b9ca3efcf30eL,0x60babac333616bd0L,
-        0x619cb20628f783fbL,0x0d5cc6775ed241ffL,0x0000000000000124L },
-      { 0x7906ac2d14876366L,0x5182e7f2bc304f89L,0x2252436f2139416bL,
-        0x80955cfe62bb6596L,0xa097c5da2ccc76c8L,0xbe48d244b6a4de18L,
-        0x4a6ab624ffe47914L,0xca10c376f974a0a3L,0x00000000000001f9L } },
-    /* 18 << 441 */
-    { { 0x8fbb3cd7496cb13eL,0x107cdb9a258b584bL,0x5d0e6918a848ca32L,
-        0x73891c7cbcd21ce5L,0x3ea57b2c791d65dcL,0x6c5e0cd6d9b5669dL,
-        0xd81229f8f1321da6L,0x8b9972dfb0b17706L,0x00000000000001e3L },
-      { 0x8939d7a7d6e10f59L,0xe160bd16cbbe5271L,0x3348b4f04fbb8a8eL,
-        0x147e36393fd01b59L,0xbcc1210d7ee93c4fL,0x949ce71dfc4dd8e6L,
-        0x1436c0f549890833L,0x4cdcee717273ac5fL,0x000000000000019bL } },
-    /* 19 << 441 */
-    { { 0x512a10934e9a039aL,0xb6470fb2e0c95392L,0x7dba72fa82400a70L,
-        0xd3dd821930685212L,0xcbfb1de9ac7a38d6L,0x4146c087c670cf2cL,
-        0xee1e0ca179e513c0L,0x1b5015d74d53c35eL,0x00000000000001fdL },
-      { 0x601cc1e63cf7333cL,0xf1f4c134f785b4caL,0xbd1aa34463f3fdacL,
-        0x221f0a2573056a6aL,0x197d6ab8e6aba28aL,0xbc0019e0a3d17004L,
-        0xd18a3b87825d6d76L,0x5178300e5f4e4796L,0x0000000000000072L } },
-    /* 20 << 441 */
-    { { 0xd01fff9dcc045310L,0x937dcc6f352c1840L,0xb17d2b6f355c78afL,
-        0x42e3d467a1b4c507L,0x9007d976d1ec1c6cL,0x04e44bd51c604ac7L,
-        0xac5f6d35f3c28e52L,0x6f9382f57c78a5e7L,0x0000000000000197L },
-      { 0x8f6894774e717f2cL,0xc59589f0279c36e0L,0xe4b11ec19dac55aaL,
-        0x37ecce34b2301ce6L,0x396745a27ab894dcL,0xbae3de55fcf34e70L,
-        0x3f670dd62158968bL,0x9b8ef31efc1f9ab2L,0x00000000000001b0L } },
-    /* 21 << 441 */
-    { { 0x89402e7a36636861L,0x0e121ba28da879c7L,0x824ec11d9caa72c4L,
-        0xb03d625b90ee0713L,0x16b477525af76e3dL,0x314d2daffc116c0dL,
-        0x00e42bbcca591142L,0xebd124bc2a28d332L,0x00000000000000c7L },
-      { 0xfbb0938305f3a77bL,0x5478a7d2fa1f96c8L,0x2f04b86dcbab30deL,
-        0xaf1c81f41d38bcaeL,0x873794acb0e3391eL,0xe5234d10d1ba629aL,
-        0x7854ab94fdb4901fL,0x447d05a5f48ba9e2L,0x00000000000001bdL } },
-    /* 22 << 441 */
-    { { 0xb3dfccf01d967d35L,0xa68315ea3f71108fL,0x928e15c2837a8c3dL,
-        0x6f2114c3085d00efL,0x77d86e5e1a86a583L,0x3d97e64935f597cbL,
-        0x9c729cbcfb5a4d92L,0x7c99562d7d946695L,0x000000000000011eL },
-      { 0x41632d38aabbfae3L,0x48793078c835493cL,0x8e90be311d5f8e61L,
-        0xa09b5add33bda788L,0x3dd23a2e80c7b31fL,0x9a46ee40f7657031L,
-        0x7b4d15e30b070becL,0xf2071f44878a2010L,0x00000000000001eaL } },
-    /* 23 << 441 */
-    { { 0x06cfb330d10147efL,0xe756da6b749d4ad2L,0xf6fcb9200f956530L,
-        0x7c3bdafe04cdc530L,0xc89aae334e3f46f9L,0x0dce363962eaae49L,
-        0x267909518d9133a2L,0x0f27bbe5e46de833L,0x0000000000000087L },
-      { 0x8cf40e37bfe09ceaL,0x09cc65b1e1f4df2dL,0xf964911777cb793aL,
-        0x78e249ee3fbc5ea1L,0x305049579084b235L,0xc008de498a39b17fL,
-        0x6e0117bc4ac4f445L,0x34fa696658aac50fL,0x000000000000001bL } },
-    /* 24 << 441 */
-    { { 0x82e9010daffbd971L,0xab6fea0bc7ac3199L,0x8d38894050383d27L,
-        0xc37ab3b3be775398L,0x8ef10af154bf74aaL,0xa1c39ed452aeaf9bL,
-        0xcd2b6ee670f42d7aL,0xcb57643738a53a34L,0x0000000000000087L },
-      { 0x5a1416996f80e03fL,0x0d7a7ab1408678e3L,0x33db44d87d279aa8L,
-        0x25e82c9032a33193L,0xc68f43737fa96201L,0x4e2fbe8a1c15c8c4L,
-        0x5b5ce8055429a403L,0x1dc2f304f6543e19L,0x00000000000000d0L } },
-    /* 25 << 441 */
-    { { 0xfd27036f6249d4a0L,0x80732c4c05aaaf64L,0x13a02ccb3aa41caeL,
-        0xd2d117204bac8ecfL,0x33b4f7e4e0b47969L,0xe9719c3634ffcd7eL,
-        0x0b5584bef041a2bcL,0xad35638388240cd1L,0x000000000000008cL },
-      { 0x4597cab65d253821L,0x136b4eea8621290eL,0x1a053fee74cfbd39L,
-        0x38390a30e8ce29f9L,0x85008d8de17589d6L,0xc9a9b0bf3a55618cL,
-        0x21247a63adcf68f9L,0x6353a40ac8eaa840L,0x0000000000000072L } },
-    /* 26 << 441 */
-    { { 0x2a84edeb611dbd82L,0x928512d7250d7b4cL,0x26101f84bfe2aa8bL,
-        0x2e79ff22920044b1L,0x2e23d451e99667cbL,0xfef41352f63db866L,
-        0x17db59799385090bL,0xee24e159c43db739L,0x00000000000000feL },
-      { 0x3a23eb35c2fc1ff6L,0x2ecd2057897f8b11L,0x0b94433b2cfc90d8L,
-        0x625b69a8345d638fL,0x04830925115fbab8L,0xc73ec42631db6ec8L,
-        0x7bff020d32aa0c57L,0xf097aa60d3ae8c0cL,0x0000000000000001L } },
-    /* 27 << 441 */
-    { { 0x8261b41492e7787cL,0x46a920b300919d6eL,0x0a5ac766ca0174d7L,
-        0x2dd5584380d01c6dL,0x27104845253c74dbL,0x2e86fc89511c661cL,
-        0xc24fe84d2d4623ccL,0xfed49394f8d720f0L,0x0000000000000084L },
-      { 0xe3246ec04a711e6dL,0x5aaec97fcb25754fL,0x33571e67eb2598fcL,
-        0x90f4667029ad653eL,0x3885ac625aacd507L,0x9c7106c4000bf4aeL,
-        0xdfd9bec142352fbeL,0x0cd94630dcd3b524L,0x000000000000003eL } },
-    /* 28 << 441 */
-    { { 0x265e7e144a61c8cfL,0x7108ac8e9c01168dL,0x8c00c591c1db0c2fL,
-        0x4fd76164c7eb2880L,0xee207ae8072c9afeL,0xf291ac662af4f872L,
-        0xd556354e38e6ceb5L,0xd1ff944a901b9c88L,0x00000000000001a2L },
-      { 0xf058a1e5ea374b44L,0xcdd1f0b7d282af39L,0x5095378c3ba681b3L,
-        0x2da2db904e8befbfL,0xd73223a361edb289L,0x305ec380221d18bcL,
-        0x5b191c1ca45ed6b2L,0xf28be70a0e63d2a1L,0x000000000000005eL } },
-    /* 29 << 441 */
-    { { 0x293d2e8a6dd376faL,0x400a186e9918b3c5L,0x693265b7a7483fc8L,
-        0x0f38d5e1dba14394L,0xfcad07b3d554e653L,0x9536e6a909d37398L,
-        0x0c20469422b5fb0cL,0x4d22c2e77593be0cL,0x000000000000016cL },
-      { 0x320a27ff4e8770f9L,0x341f5628e9b27b2dL,0x13c713b8d7797f73L,
-        0xac4636d2bd4289a6L,0xc6cd28cf096621efL,0xe866b2e9f1dddce5L,
-        0x36872e001add8506L,0x7a82493c1835b90fL,0x00000000000001a0L } },
-    /* 30 << 441 */
-    { { 0x0efb34abc520c268L,0x2ef017b00b3ae7a8L,0xd8ba2baef1f916ceL,
-        0x495b8a2801a2e8bbL,0x76c86a31e37fe26bL,0xbdddbdcd2787c00eL,
-        0xc2d98c35f431de88L,0x7642a3382953f309L,0x0000000000000112L },
-      { 0x10436513df59f330L,0x2a63f6ca21d133ffL,0x01f2b7e8d8e16c98L,
-        0xacab87a5b3b1c312L,0xff9c344c37aec499L,0xabe46f7b4afed453L,
-        0x826c9894c1feed8cL,0xb89d0a04aa543610L,0x00000000000000fdL } },
-    /* 31 << 441 */
-    { { 0x85d18171c9e4a7cbL,0x54d525b7d2a22758L,0x1abc342ccd696c36L,
-        0x812a42651c781fa1L,0xbcbc450635f8c1b1L,0x97c302369fb7c9d6L,
-        0x705db3f328bb1e6fL,0x24bdcfb4a6df36e9L,0x0000000000000107L },
-      { 0x09eaef27e74ec8e7L,0x367427963e1028f1L,0x6e525404023c3e4cL,
-        0x0c8eca526ede11eeL,0x502e86b6184a8d28L,0xcf8ba9d9125dce7fL,
-        0xd4e534c610b11eccL,0xc9a33890effe448bL,0x0000000000000116L } },
-    /* 32 << 441 */
-    { { 0x074092b0518c2b4eL,0x4efd0358226849ecL,0x384ec468c8582d0fL,
-        0x6348e93a1b6530ecL,0x752f051586723e53L,0xc0124a0a18b6d228L,
-        0x8e61db8af16144b5L,0xa3b3bcdbc57ad828L,0x0000000000000096L },
-      { 0x7b5eaac0d5d72677L,0xc6a4fd2fc826acdcL,0x06f1269583835c84L,
-        0x287eb11866c70474L,0x824e4c576fb32f64L,0x6aab90483326b6d2L,
-        0xefef96e49dddf339L,0x8e113990df13705dL,0x00000000000000feL } },
-    /* 33 << 441 */
-    { { 0xe2accf1d679c7a0bL,0xd91d0623370058d5L,0x838dfaf51c44effbL,
-        0x478d6317c891c192L,0x9a1d69833bcdbdf2L,0xa2adcb29206a78daL,
-        0xf032d6439ecf90b5L,0x998eeb68b6f4b66aL,0x00000000000000ffL },
-      { 0x3ce5d445246d19c5L,0xafeef35bf2be8053L,0x1cd93d149c3354f6L,
-        0xab8d758584c1d532L,0x67887e7fd06af98bL,0xdae0dd587ecc066eL,
-        0x37f0c7cd24990908L,0x2a9a78c654a855f5L,0x000000000000017aL } },
-    /* 34 << 441 */
-    { { 0x14518e8d2e7f1be7L,0xddf58460b39604b7L,0xb9b7abcc97a83cffL,
-        0xc23ed4b77e595bfcL,0xb83200b68301e5caL,0x593a1e9dc5460472L,
-        0x344bb417a4aa1ee2L,0x7e005a7b53932656L,0x00000000000000c0L },
-      { 0x0d7d26803f56e1f2L,0x22f567b107fff8aeL,0x99b49f32be054a82L,
-        0xa94832d6275528d9L,0x997fdac4842ed9cdL,0x476353ac85fd9ec5L,
-        0x515f0503ca503c68L,0x9571eec431a59bf2L,0x000000000000001cL } },
-    /* 35 << 441 */
-    { { 0xf5b648deca4167daL,0x3f3046dd2c8f0e2eL,0xc4e0c6b4038d24c8L,
-        0x3c16985789b7da6bL,0x4d3649863cfe2320L,0x2fe23040c895aad8L,
-        0x786f1a119f4272abL,0xf91aa91a9fb42f8bL,0x00000000000001e9L },
-      { 0x93e6c70ea114a55bL,0xa6a07aaaf46f5649L,0x3ac845724b626a02L,
-        0x63d936001650bd78L,0x80ef98cb58064535L,0x3994f55051c8d7b8L,
-        0xdac64abc01b4971bL,0x1165fb7be97d3193L,0x0000000000000051L } },
-    /* 36 << 441 */
-    { { 0x79f135f005771675L,0x398910e27008ba42L,0x72f9a899e2cfb304L,
-        0x0e7448ed51bf359cL,0x814a9f6453d82f6dL,0x02cc1df8cc0bd057L,
-        0x03a77c0a754becd3L,0xde0385b37427d79eL,0x000000000000013fL },
-      { 0xc3aedfb3b5cf64bcL,0xba344d912f11967eL,0xd269443db9dfc1a2L,
-        0x1ab57001a5a70140L,0x414cf58ef408fe92L,0x7b9adfb6d890280eL,
-        0x705bb16539242a3bL,0x66db67486bad4596L,0x0000000000000150L } },
-    /* 37 << 441 */
-    { { 0x2c3cd5a0108c9893L,0x8a240794bac6cc23L,0xaeeb36df823fe6fbL,
-        0x9c2476d068aab363L,0x8b9d9703c0cc02fdL,0xa8e483fdb8d2a4ccL,
-        0x0e3cb987fb774e3bL,0xedd76b875f1f80c4L,0x0000000000000036L },
-      { 0xd7ee3e4719615126L,0x2afa7e8df5547692L,0xe7d92c2f2133f245L,
-        0x3005e6e925c73cdbL,0x3efc8169ab362edcL,0xdb546c5d06b3dc8fL,
-        0xcb75f0d88067855aL,0x03189f39698a4373L,0x000000000000010aL } },
-    /* 38 << 441 */
-    { { 0x77f6a34facbfb019L,0x0bd1100e4518a2ccL,0x96b927d7ca8c27e2L,
-        0x5ada2880718c432bL,0x09765ed620641c90L,0x6e516e8b3f7090c3L,
-        0xb27c6c5f5bbe4811L,0x0268577d3b1eab5aL,0x0000000000000187L },
-      { 0x8da5cea7c1571bf7L,0x6c28d100cb30dfe8L,0x94f462ac40839b28L,
-        0x84e174469893e5e6L,0x632d3f321f4e932cL,0xa791cf199cb57b35L,
-        0x17cfc8606d58252aL,0x8b93b8cf95d09a97L,0x00000000000001b4L } },
-    /* 39 << 441 */
-    { { 0x3406f11d524f9da8L,0x162475082c9d9f83L,0xcd6306049ad35aecL,
-        0x4a06fd2a9377e247L,0xaedf8263836a2ea5L,0x2e23b143be771b59L,
-        0x53a8aebc67330056L,0x6a01eb9620b8fbd7L,0x0000000000000164L },
-      { 0xac3ffdedaea4e0b8L,0x15c59c69ad153673L,0xcee2f459856f7af1L,
-        0x654725f8f84e2d29L,0x36ce53ad68875b2fL,0x5fecc9d05e8dd247L,
-        0x9fd2d8b73100f3caL,0xcd28d36c030be688L,0x000000000000001fL } },
-    /* 40 << 441 */
-    { { 0x75605b034319c263L,0x887fdfbb9e4740e2L,0xde488a31d43f9b89L,
-        0xb0e691668e84f79cL,0x8ad2cf6570a03015L,0x20c0c8a49151cb55L,
-        0x9c4d58100538315fL,0x18b7eb2712204fa8L,0x00000000000001c0L },
-      { 0x2701f40ccd3d6255L,0xb6302374684db0fbL,0x1934bd385986c5a4L,
-        0x277ca623ac3eb927L,0x1f8e83f33c9260caL,0x1d42b0b1cdd488c6L,
-        0x03dd506202069bedL,0x1edf5be80713fb4cL,0x000000000000012dL } },
-    /* 41 << 441 */
-    { { 0xbd340554f68cd488L,0x5ba629fe4c4e9de7L,0xbf0904b5598a592aL,
-        0x090d3b7797f22215L,0x35271f6f32f10ce9L,0x5ba1143f4ee5ff39L,
-        0xeca98e4948f5e741L,0x312c71324d4fc387L,0x000000000000005dL },
-      { 0x9a42c0a19f83c1ceL,0x070c9ff00c8a3828L,0x8c0ec42d1a0dfae4L,
-        0xeb0739df69b7ea10L,0x19e3841e3fda056eL,0x967531161e991eabL,
-        0xf304dfd98ce9c7bcL,0x3ef71431a70d2876L,0x0000000000000002L } },
-    /* 42 << 441 */
-    { { 0x1b85459bf86e2a23L,0xd7b46e148126f294L,0x547e1e6613227f84L,
-        0xe520b291a8600d75L,0x8836425dca9aefb9L,0xfb12993c3089b09eL,
-        0x38e644f9963654d8L,0x115bfcb733b309adL,0x00000000000000e1L },
-      { 0xed33a090771004f4L,0xc97174545f405e28L,0x055b8e0e983ff84eL,
-        0x43b21455945a54afL,0xf5ece9981da15a4cL,0x0135baaddbb0512bL,
-        0x09832d2c97dbecc2L,0x142102fad396c4e1L,0x0000000000000022L } },
-    /* 43 << 441 */
-    { { 0x56c6e12ff218d75eL,0x82ae876717040ba5L,0xde953898ec9ae18dL,
-        0x74801498c973dc1aL,0xb8fe18b74ddfbe5eL,0xcc2fabfc221a12f0L,
-        0xdf3d3ce3095717b2L,0x063315b301674069L,0x0000000000000166L },
-      { 0xbb0b8502a5d6015fL,0x0319da6b3267e7eeL,0x8a3f055b330a7d42L,
-        0x24633fbb578d3e0fL,0x42b3d57732d001e9L,0x6b4bd31841c3de6fL,
-        0xf67e14de7674f280L,0x872c31500945d653L,0x0000000000000113L } },
-    /* 44 << 441 */
-    { { 0x79dc032fd1ddcb83L,0x9502a00f09f7b95bL,0xcea6cdc8719ad453L,
-        0xe631629a13c95a17L,0x6e0bd6783e242b36L,0xd5a4ce6070adda24L,
-        0xeb16526ecf9c3e3bL,0x6b56885de376134dL,0x0000000000000046L },
-      { 0xcefbb6e0ee1a7e20L,0x55931c877bbba16fL,0xbef858780527496bL,
-        0xefe470f2fc66b0ebL,0x10170d9f357e9f6aL,0xdc427c1534bcabf8L,
-        0xa2fafe51543ad6c4L,0x9a3ca5f80bac368fL,0x000000000000003aL } },
-    /* 45 << 441 */
-    { { 0x6f7e38cb4a64ba29L,0x0274530761def10bL,0x4a7875c1777d5a43L,
-        0xe8288a8a30046b61L,0xcd56398ef4e306c4L,0x13546b98f0619a51L,
-        0x7d5b477d91c8e36eL,0xad040ea782ee4243L,0x00000000000001b4L },
-      { 0x3bd14037cebf5073L,0xc9278b5deb3e67f6L,0x0a6920c3c29f3e6eL,
-        0x98866c9e93420540L,0xfd3ad7f76b32119dL,0x1a6a91e1261778f9L,
-        0xa97267d7a571a92dL,0x8b2ba189dc9a6d11L,0x00000000000000a7L } },
-    /* 46 << 441 */
-    { { 0x8d51e510e5ca5d70L,0x2d5791140c52c1b5L,0x82eb4358c0cb0f63L,
-        0x8f2f681264a008a8L,0x58a8e17648b6cb17L,0xa9471be2b8a072d7L,
-        0xbacadbb5268eb661L,0xd461695702720623L,0x000000000000006aL },
-      { 0x1087e596bf609130L,0xcfdadd188556e863L,0x5352546b03f39394L,
-        0xb427f549781817f6L,0x67901c47b7016c1eL,0xfa4bdbad16c8cb78L,
-        0x17210e07e949f687L,0xfa9d5907476f0c79L,0x0000000000000035L } },
-    /* 47 << 441 */
-    { { 0x328e727f9b8c2326L,0x7012c2200d0a3acbL,0x282ccb9b33f31c09L,
-        0x90c088dfe8610f6aL,0xda4af662c6723acaL,0x60a4df7eb50061c2L,
-        0xc523af09bf77cd76L,0x58c1d1d6440105b3L,0x0000000000000048L },
-      { 0x608a3ccb2ebf4a7cL,0xdc6f70652e90faefL,0x5af50c8330229489L,
-        0x2ae1f05a455c5d97L,0x04e6c953ef78a185L,0x64bfebe30e773105L,
-        0xb4e9e049b897d690L,0x324bccaf6141dd22L,0x00000000000001edL } },
-    /* 48 << 441 */
-    { { 0x3fe0adaca4c2a3f0L,0xe8679478929e1f33L,0x4779b883705b8214L,
-        0x00776735e23c0cffL,0xf663f8158f766bd9L,0xaab22b6bc30b548aL,
-        0x089032b0d56597daL,0xd72918f251d92e66L,0x000000000000004cL },
-      { 0x152af75d026ccd7fL,0x9e12b11ddc3e849eL,0x5d6f7b8664244b05L,
-        0xbc9c468b1d80629bL,0xa14ed1a1f2f109c9L,0x49e6d42cab8403f8L,
-        0xbfe90229e34a6f68L,0xecec84484234d819L,0x0000000000000101L } },
-    /* 49 << 441 */
-    { { 0x35fe58b55f58fe63L,0xd274d4931f30f4f7L,0xc54580b42d20dcbbL,
-        0x8a45c948af35249fL,0x7b282280b07c25e0L,0xae3d9c8104da51d4L,
-        0xf0c972129f58356aL,0xaf7b07f069e61c0fL,0x00000000000001b3L },
-      { 0x194629861f68b78cL,0x6f8829503105a795L,0xfbd30e3501f044eaL,
-        0x6df976b2f89de7f1L,0x83d9fcee5548ff7aL,0x45975517820607e9L,
-        0xd30cfc72254a1342L,0x9886898289c44b4fL,0x00000000000000a5L } },
-    /* 50 << 441 */
-    { { 0x500057ba7e564993L,0xd7526cfb59e53d40L,0xb633fe53c5af2433L,
-        0x18e8adb2dc8a9738L,0x6f81b8dc6b666052L,0x1d2f08b8451c8fa7L,
-        0x7bfdc1f3d8f33d9fL,0xd07b2ed6d86f41b4L,0x0000000000000005L },
-      { 0xc652298baaf2a31cL,0x9bae8c281463ddaeL,0x54a4159ae1af0d62L,
-        0x61b847dae074c303L,0xde70d48e4f1a52bbL,0x0b208a372feb1c68L,
-        0xc2b2b3a4963d5fd7L,0x05ca95d478706fffL,0x000000000000003fL } },
-    /* 51 << 441 */
-    { { 0x7a722f7f0095970cL,0xc5f0befac60f55dbL,0xc5afa461df29f5ecL,
-        0xf01bbf1161ac1f57L,0xdc6ec1e80bc3b86dL,0x321a34a437f04963L,
-        0xdb0512a25c6ed011L,0xa104cdabac1a345bL,0x000000000000003aL },
-      { 0xe9a1eca87437f0aeL,0x54ef25424d949bf6L,0xca3300f0039a9770L,
-        0x648c20a304bdae20L,0x3655df9fbeb0d46eL,0xfcf7a10c95f888e5L,
-        0x1e19fef16e669132L,0xced02e38218c93bdL,0x00000000000001d8L } },
-    /* 52 << 441 */
-    { { 0x366152e3aa65ddbfL,0xfc53f8af6a5fe671L,0xc7cad59195c7f6abL,
-        0xe9c3b6d552052ed7L,0x31c94766e4b302ccL,0x2bcb7ddf7477506eL,
-        0x0cfae42e86ee3dd5L,0x1de11cf355923fa9L,0x00000000000001f3L },
-      { 0x43018d98df6d337aL,0x1f679cebc484673bL,0x341c38cc6acce244L,
-        0xa732e5782edf01b3L,0x8d0b29601551ae1bL,0x0dbaec30509d1fcfL,
-        0x5655b3dc5c9679abL,0x45b3c31b63161444L,0x00000000000000f3L } },
-    /* 53 << 441 */
-    { { 0xc4ec1f1acc4d57ecL,0x7c006c3aa3f8581eL,0x94f683110ccebe4fL,
-        0xfece2dbd68be3d0aL,0x51affa5406d27f4bL,0x3bb8b836fbec32aaL,
-        0x908bbbeab2a0e297L,0xcb7ebbf201196d89L,0x0000000000000078L },
-      { 0x0e3185e9ce461e7dL,0xd6931227013e20abL,0x64313c538c85e000L,
-        0x00fea6dbff7cbb26L,0xb8bed8fa5b26b6e2L,0x91bf6292dba94d45L,
-        0x6816ab5998d8c01aL,0x01a52687eab4002bL,0x0000000000000033L } },
-    /* 54 << 441 */
-    { { 0xf6a61a467f854608L,0x5e7417c80bcf85b0L,0x9000efbc1cde2bf0L,
-        0x2ef0c39edf86fd2eL,0xf494697a18a12510L,0x425c1fd09ed7398cL,
-        0x0bdcf04f27afee20L,0xbc353a89282a8863L,0x0000000000000161L },
-      { 0x7f643929a58a4e6bL,0xe899530b7ce61fa8L,0x8d07cf175ffa47f4L,
-        0x572269977e217444L,0x789a6625526bf412L,0x656ad4358df93bc2L,
-        0xc6d0fb0b46868e2cL,0xccfaf97090b50ea3L,0x00000000000000dfL } },
-    /* 55 << 441 */
-    { { 0x1dad0dade6860303L,0xd9126836c7e91c97L,0x9855fb600feec65fL,
-        0x5ad336976c9564e7L,0x81a2f362d8548916L,0x642b4014ee4a88fdL,
-        0x9c23de5ee3e3e988L,0x19c510415a0e4881L,0x000000000000015aL },
-      { 0x27f5a80c00aaf668L,0x296827e796728192L,0x165a649e4e124c4eL,
-        0x3268bb940f8e937dL,0x69f171678b9d4987L,0x3ce36b905e06f20eL,
-        0x97287b68cbbd791bL,0xc1a6fd4c18564d91L,0x0000000000000181L } },
-    /* 56 << 441 */
-    { { 0x8c466ec6afa6274eL,0x935ac8e6e57d9338L,0x3ffe008e7b5ca188L,
-        0xffd8ba41dfbb530aL,0x9504dbc067d0b3e8L,0x95ebde8c622f0b00L,
-        0x984bc63c209c6309L,0xb2bdaf4a6b23d9dbL,0x00000000000001f8L },
-      { 0x248363240e2bb6e9L,0xcef90f5c65cc3116L,0x4c71c80816bbf8ddL,
-        0x0d6ccbc38de8d626L,0x6e51fc2960c000d7L,0x1e3116e3dfff70d3L,
-        0xf3d91182dd570c6eL,0xf02fbb1b6827d006L,0x0000000000000191L } },
-    /* 57 << 441 */
-    { { 0xc81bd2b8decb7c02L,0x956e27a4b894def6L,0x0311fa9403356805L,
-        0x0e13ccd322aae58cL,0x0196f20f3ac70b3eL,0x7d4bb4e1a7b2c93cL,
-        0x10fb01386510c50dL,0xd031b898e8f926c1L,0x000000000000003fL },
-      { 0xf46543b5f8f5dc8aL,0x4233ee03e330d2b5L,0x1c13f707c81f39f7L,
-        0xb5894eec28d508e9L,0x0ce78fe7eaaa453cL,0x4ee0ea5a0b2c7d8cL,
-        0xc96edb248034a086L,0xd935778349cd9be2L,0x00000000000000a0L } },
-    /* 58 << 441 */
-    { { 0x871955d28b93f569L,0xf05605295a48b689L,0x0820a8aa467e5891L,
-        0x7a4f5cb3f58b25d1L,0xc94ed47f8587a84eL,0xa99cd056fe982ec2L,
-        0x371cbf3fd1d06d5fL,0x491d9acaf90440a1L,0x0000000000000179L },
-      { 0x9df7fa8740a5fe24L,0x942fe6b1d96d3e57L,0x0f21d3127c7497f8L,
-        0x7a28f02bb1685a0bL,0x45264d84fdb0e456L,0x08b20dbf95f14f94L,
-        0xf36dbdd57b299fa9L,0x644f73a96dd0a74aL,0x0000000000000136L } },
-    /* 59 << 441 */
-    { { 0x4e0aa1cac34f2a7dL,0xd00ee2d1c4678255L,0xc74603ad187fc9f6L,
-        0x6aab1d2ece9d3267L,0xb74dd371f511fcb5L,0x8b822e5c8836ab61L,
-        0xc504820cb338d04fL,0x247e13889d12238fL,0x000000000000012fL },
-      { 0x421d4c327f6e0a6bL,0x82a8854ba04228dfL,0x6003515d12b7fe81L,
-        0xabe47e71d0a397feL,0x59feb1eb6aaca148L,0x45bd603375a8831dL,
-        0xd4612d5917d1ccb3L,0x1b89ba9c74ee1027L,0x0000000000000042L } },
-    /* 60 << 441 */
-    { { 0x03e7026b3fc38c51L,0x43eb0760581918a8L,0x2229030dfb2b26dbL,
-        0x178bb4bca8973dfeL,0x79204ab49902d625L,0x9dfd5966e57d8747L,
-        0xcae096fd8b664963L,0xc3b1fc25fb1dc64cL,0x00000000000001d6L },
-      { 0x7f136d66e577916bL,0x11834be442bf8511L,0xbdc623e83428bb9bL,
-        0x14f10cad49c2d303L,0xd2e47e509dd1bcbbL,0x79bb7eb356290215L,
-        0x7a2500b36d356e99L,0x6d01df1e1f30e17dL,0x0000000000000158L } },
-    /* 61 << 441 */
-    { { 0xf99cd5725ba74517L,0x93baaf6e166dcce8L,0xac938b88601599d6L,
-        0x30f247f47404a032L,0xeb3d46c03b10dbb2L,0x414e0218371dd7faL,
-        0xf1164440ef4849faL,0x86420604faf4e6d6L,0x000000000000005aL },
-      { 0x3376a08ebc96ecfeL,0xec288c773697c3ddL,0x6f6c6e24447a27a4L,
-        0x31711e8947104345L,0x21a2e7cb8188d79cL,0x4e0ea8809c2385b1L,
-        0x59d2c5af1e7a9f39L,0x644fe4e08e884dcfL,0x00000000000000a7L } },
-    /* 62 << 441 */
-    { { 0x7c8c7f684dd64f0cL,0xc7820e341855ce9dL,0x1544117d323f6ce5L,
-        0xcb768820e373e48aL,0x464428b73c3c4c90L,0x4cd0e1ceaae35437L,
-        0xd25046831ceb2a4cL,0x0e3338ccdf439915L,0x000000000000017bL },
-      { 0x865ba7db6618c759L,0xca0a323710e77d05L,0x9d13842b2b28085fL,
-        0xf941b5fa9fea876fL,0x041d0845e6d70255L,0x4c1a7d64428b57ccL,
-        0x33f6bd2429ebd1a4L,0xe80522479a17c0d0L,0x00000000000000e4L } },
-    /* 63 << 441 */
-    { { 0x267820c97c2cf8a4L,0xaf23c49e7d43b5b6L,0xe83af4497452297dL,
-        0x406618b2ddbb37c2L,0xfa481044f0cfb99bL,0x237d923c37e98319L,
-        0xdbdc034a9ab1956fL,0x30ec502ebd6f3826L,0x0000000000000176L },
-      { 0xe63ad325815972a5L,0x1f1cd2b8cfd1b1e1L,0xcc91e37e0c0b11acL,
-        0xbc62347cbcc8f659L,0xb6a838e80fc52227L,0x1975db004cfa70bdL,
-        0x7c4bd8bca73d6fe5L,0xef91ced9ad2e5c83L,0x0000000000000029L } },
-    /* 64 << 441 */
-    { { 0x560ed5e263840645L,0xac6c9d02b99ffe18L,0x0510a7b7bf7b7fe0L,
-        0xe1dc108356aec190L,0x29b4ad9527581115L,0xa8021a6026a12461L,
-        0xfbbccee845144aa0L,0x2c93ced8ded40b1cL,0x00000000000001e3L },
-      { 0x2c841a6ef3fb0d14L,0xe8b8b8ecb1f67b7cL,0xbd4c9a2219e26083L,
-        0xece8dc33c1c6a093L,0xfb47210f948aeae7L,0x98a8b0211569c5fcL,
-        0xc92cb9c7399c9d0eL,0xdaa97144b0f6f23aL,0x0000000000000145L } },
-    /* 0 << 448 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 448 */
-    { { 0x6d7eedc48f69079eL,0xf02e8e404f03b92fL,0xdf751116cb76b181L,
-        0xc255eb2c234c1925L,0xaf997d5ea94af9b2L,0x797f3df0d1374a41L,
-        0x357fd20b23986cdaL,0xf1caccda1540adb8L,0x000000000000007dL },
-      { 0x2a04363cc01605a9L,0x0d7cc0d87d7d1e54L,0x0515eb70a0f9fd2bL,
-        0x725d12a9bb4ec5e8L,0xd1b5b8a33a6eb09aL,0xb6c836b187027d7bL,
-        0xf4773322aaf9cd03L,0x2fb3354e2500c647L,0x0000000000000081L } },
-    /* 2 << 448 */
-    { { 0x83da529b41750b74L,0x9e431a5c76e28bf5L,0x225e2eb97fde2491L,
-        0x951e2cede7c469bcL,0x35f384caf0e10c32L,0xb8ed4a312b1aadbcL,
-        0xd39393ba7b797492L,0xc82685f847597f4bL,0x00000000000000c9L },
-      { 0xb04e1261436e2563L,0xdc3e83052de3e4e7L,0xa32102bdee3dbbf4L,
-        0xdfb5378945f15efbL,0x34904b0b6246965eL,0xcd645c46aac06ca8L,
-        0xd4e3f322358398f3L,0xaebfe7c7a54f3311L,0x00000000000001f3L } },
-    /* 3 << 448 */
-    { { 0xff2fa49cf2afae47L,0xa2c86068f9f2b257L,0x73dd56a446cb76eeL,
-        0xbffb9f017dc0a64cL,0x0ee2b60d44b4a4eeL,0x49939f0837c5959fL,
-        0xb302fcd178603de3L,0x03c2a2204017c122L,0x00000000000000a7L },
-      { 0x48acda9757413107L,0xbd8f584d4c01caf8L,0x38f448a71ac29755L,
-        0xcc3884836d29bf3eL,0x15c4baf974401fedL,0x7826e5cd9023bc05L,
-        0xc7a70d094f459413L,0x1de803c631896429L,0x00000000000000b8L } },
-    /* 4 << 448 */
-    { { 0xabb0d91dcef34144L,0xbc5903fa42b2a8bbL,0xe279ef5638e4c5faL,
-        0xb3416e9e6d5b04ebL,0x447819187bb923ceL,0x58fefa212914a3a4L,
-        0xb0456b2ee2c19f36L,0x176361bbe92c1e50L,0x00000000000000b3L },
-      { 0xbc56a1af824fde34L,0x33bfbfb3098a50fcL,0x6e720f55ab9cfa73L,
-        0xf1e104b908e4dfa2L,0xb96b8abd77865b2fL,0x69eb257aa36740d1L,
-        0xd73b946d26a50f43L,0x588e4a1470cd91e7L,0x000000000000007aL } },
-    /* 5 << 448 */
-    { { 0xd1da41a113dc8b45L,0xf4886d248a639b8dL,0xf3431ccedef9c5c3L,
-        0xae07317d8c204a2fL,0xcbbd49a1f3d6383aL,0x43d3593229bbe61eL,
-        0x6bfa06099643a1a8L,0x391499b22005a71fL,0x0000000000000188L },
-      { 0x40774a7e79d0771bL,0x31987151595038a1L,0xff6df557c48b5063L,
-        0x26c03269c3751769L,0x660c36ced2d0ce99L,0x71378e21d3d79ea0L,
-        0x7b2ec7ea30be88eaL,0x1b342d41eaed0f73L,0x000000000000016dL } },
-    /* 6 << 448 */
-    { { 0x0f1b2a0ee2c08642L,0xc110227519fbfff6L,0x3e49142104574825L,
-        0x058232d599552fdfL,0xa83f1a2f0e083797L,0x7c387d90860acbcdL,
-        0x7d8440d7d59d4ffeL,0x45111fc778f12d73L,0x00000000000000a5L },
-      { 0x77acf98e28e9b450L,0x0823b735a8129a6eL,0x1abaa0f98d1f0ef3L,
-        0xc2fb1108dec36172L,0x4d486fd4855585e0L,0x27d002549d440b52L,
-        0xc2b556135b964bacL,0x251ad413a29f6fdeL,0x0000000000000142L } },
-    /* 7 << 448 */
-    { { 0x47de9d47e138d37eL,0x7387f3693e7e1c87L,0x9c00813e0a48af71L,
-        0x9df47c63e8829fcdL,0x7dc7c04819e24a68L,0x3d1823e16942e130L,
-        0x2f4440ffa2cd6199L,0xebf60be098168aa8L,0x0000000000000049L },
-      { 0x989690073b5f346cL,0x00a0ecf9b79ae683L,0x1b6f0ddbf8fb676fL,
-        0xd536d3717998c836L,0xe1dbda549c4bc7cdL,0x2b752ca371e12239L,
-        0xd633d0eec296c03dL,0x548b37c59f6a0015L,0x000000000000003fL } },
-    /* 8 << 448 */
-    { { 0x6ed1bbb76ed0892bL,0x4921306bb788bef7L,0x7200d473bf3cdbdbL,
-        0xf1cb448feefdce6cL,0x199b07a2836591b0L,0x804ff00948fc6659L,
-        0x697600593b8f405aL,0x14755be59ef63732L,0x0000000000000103L },
-      { 0xd0a6d1b323383b1aL,0x50c7e33bae42ca1eL,0x564b46552563bd12L,
-        0x48640d21fe7baf1eL,0x6a0b495ef7717825L,0x9e4ad9aec7df9fc0L,
-        0x4ceea6a6e038e19eL,0xea0e3bf8010887deL,0x00000000000001ddL } },
-    /* 9 << 448 */
-    { { 0x4da845a0a4851434L,0x75176aa6ec7c655cL,0xcb64f9e9f093c7daL,
-        0xf80504e644bf8c6eL,0x13958864001ac4a3L,0x067e1167de28fbb9L,
-        0x0ee319d6708782ddL,0x90e661f3f0a8a799L,0x00000000000001c5L },
-      { 0xa161caa15db20757L,0x2adaf4e05350825aL,0x5e2bd35abcc582c0L,
-        0x9989c8fe71a3bc28L,0x454827e228898a24L,0xa7108d022fd729feL,
-        0xeb2b76ad8c310f5cL,0xeafd847e634c3d7eL,0x00000000000001aeL } },
-    /* 10 << 448 */
-    { { 0x46e47ecff0136b5cL,0xf17ab7f6344965a0L,0xf3faf3b354e24a42L,
-        0xee7c7b5b6e7035e7L,0x78529226908afe39L,0x440aefb22e64eef4L,
-        0x08ac260a1849e45bL,0x7203a8f76fc7bc4fL,0x00000000000000a9L },
-      { 0xf36d34eb171f3c98L,0x4a2e2716e65bea70L,0xa7387fbbf8f31760L,
-        0x9e33161eb9cc24f3L,0x808d8d2957715f35L,0x5bca0410150ba9fbL,
-        0xe8823a72d019f4a9L,0x5e14abe756165147L,0x00000000000001d7L } },
-    /* 11 << 448 */
-    { { 0xd7f60f17d77089e3L,0xb68b3c61a10cb23fL,0x72a83575094e8bd2L,
-        0xd9a28d29915a575dL,0xb30e811f211c2f4bL,0x3a62fcf658119ebfL,
-        0xb692e3bb679eaa2aL,0x2375e13c3fe29c8aL,0x0000000000000069L },
-      { 0xd613b9ea2b8b53c8L,0x6ad8d6eeaefe8d7cL,0x25163969b1d6fb5bL,
-        0x6b37519e76a6f0d4L,0x8fc9208359eaa8eaL,0xd2a15a1d560539cfL,
-        0x35d7a7b70f7e555cL,0x590426c042a30fbbL,0x000000000000015aL } },
-    /* 12 << 448 */
-    { { 0xdc6fd0b27ff5fdd9L,0x663c5481fab729baL,0xf70938531fde9e82L,
-        0x293d27fa71f684c1L,0xc05cb3d07fcf66fcL,0x709d86ba11cd0445L,
-        0x1cd6d595497fa0b1L,0x5eabd8a0d47408ffL,0x00000000000000c6L },
-      { 0x001ea477b6b64713L,0x148f2b5049fa00dcL,0x00106f97efce2ec6L,
-        0xaca11586e205cc9cL,0x60d70881a6d874acL,0x37dd5c14d29f29c1L,
-        0x586ac6c8e11191b1L,0x96470f229677b2d0L,0x00000000000001eaL } },
-    /* 13 << 448 */
-    { { 0x179058303a7f3608L,0x172de35e26f0fc61L,0x323d2d7334d7c1a1L,
-        0x464cd498aec45adfL,0xc4f38d5062ae054fL,0x3f016202a66711e2L,
-        0xd105f907e8d33e40L,0x3a102b6a75225100L,0x00000000000000fdL },
-      { 0xc754a811dd02719aL,0xe4a5ea1f4bcc6cefL,0x3d64cba45fcc954dL,
-        0xefe41b2c12cf1ec0L,0xa8e5b613969c79ceL,0x42e6fb9b288a3a37L,
-        0x1c9e65a6aac4dca8L,0x160703b36bd7bc54L,0x000000000000013fL } },
-    /* 14 << 448 */
-    { { 0x4888c71de2f66bcaL,0x548a0a8f8ade3531L,0x0162233c6638686fL,
-        0x4d2c6af83c30e52cL,0x62124a0fc19a0df8L,0xfce8188dcc7c56f3L,
-        0x6da68920b8b77752L,0x370dc630b622bf61L,0x0000000000000044L },
-      { 0xe3072dc65b51fb0dL,0xa06bd9c232cc673bL,0xe374dd3e991c7eb1L,
-        0x1052bbee887d8d76L,0x9b43d6dd897746d0L,0xfb7797ed6cc50b4fL,
-        0x83d30a082bf11803L,0x24d36df97d78f93fL,0x00000000000000efL } },
-    /* 15 << 448 */
-    { { 0x0158728662e9c602L,0xe3f31aa9c7803839L,0xecd16d810cea9177L,
-        0xe203943e82b139b5L,0xcdae675da59ea3aeL,0xacafc1fd79b0b7afL,
-        0x1f3ff6b96d0e87efL,0x3c52993bd84b4b55L,0x0000000000000172L },
-      { 0xc8fcf451415e906cL,0xf25cc44fcc223afcL,0xa0fb3f66f80c4a7dL,
-        0x6c936445ebeec08eL,0x35215495a50739c8L,0x9c197b15d8322e65L,
-        0xe263f119ecc81fb0L,0xeeea2e6f37bd4d5aL,0x0000000000000148L } },
-    /* 16 << 448 */
-    { { 0xd7c0efa36ea09a93L,0x95f69e09fb01c2b3L,0x021b1721d43150e2L,
-        0x39ff07e05879bc51L,0x0dd73c326cf50ce3L,0x9d69d32a5758870fL,
-        0x5df4cc8c1c0e91d9L,0x0033508815df54abL,0x0000000000000182L },
-      { 0xbb656a89f2dc12f5L,0x6c4a32bb5c46fcf4L,0xf324462c70e7a152L,
-        0x4b1d509a1f7eaad2L,0x3da87fa776e51583L,0x9a435e2019fc86ccL,
-        0xb97d3f449eab8de3L,0xc56c7c988f92304bL,0x00000000000000a8L } },
-    /* 17 << 448 */
-    { { 0x46beca92c9464906L,0x620775e18f2f81e0L,0x767f4266c5771682L,
-        0x6c6dde810bbc65ecL,0xfd8fabfbc405cc39L,0x5d9b8d18643e0d72L,
-        0x30303e19109ea8dfL,0xefea4ab30929cd4bL,0x00000000000000a6L },
-      { 0x993ca142b25badb6L,0xb647dc6d2880eb4eL,0x2d6e2faa551f13fcL,
-        0x444f2ea3ba3e00d7L,0x3c89c8af62c6bf24L,0x1e2b1b9993ff5675L,
-        0x9f2809305dbdf81cL,0xa0c0b2c11618ab5eL,0x0000000000000076L } },
-    /* 18 << 448 */
-    { { 0x8814ee08f2ff8ee7L,0xed9db8fd0c8aca2bL,0x36967aed6b8d81d3L,
-        0x1a937d3f5cf2ff0aL,0xbedf97c9461382b2L,0x29bf2b30aa5a5388L,
-        0xa5b6918fa8796dfbL,0x76662a2b2df5c39bL,0x0000000000000050L },
-      { 0xb8157fbbb44fc79fL,0x17c3ad0b40212b26L,0x06bfa618e49dee6eL,
-        0x81a338f1422b2017L,0x200f6dcd203fb523L,0xa904931782a544bcL,
-        0x9d12fa1489795453L,0x92997d54910f9258L,0x00000000000000d4L } },
-    /* 19 << 448 */
-    { { 0x958450c54ec281fcL,0x5cf3bd6193c614acL,0x99919178a2759a65L,
-        0x256015282dc88c30L,0xf3a2766a8f15f90eL,0x12362084c8a6e56cL,
-        0x4359fa34ee82faf9L,0x492b73c91c03100fL,0x0000000000000000L },
-      { 0x1467c71469f444baL,0xe10379562d904cd4L,0xabc81c9a648ab04eL,
-        0x4c0ad4f7910123e9L,0x7bfb6a0943b8ac8eL,0xb51f3de73934362dL,
-        0x70d304aba030cab7L,0x577cebb04e8b0148L,0x000000000000009dL } },
-    /* 20 << 448 */
-    { { 0xe16f41aa44be78bdL,0xb5436f21e014c4aeL,0x9711718156ea17d7L,
-        0x77eb089b37c05237L,0xde53fd3bf974ea0dL,0x27c4c2e9c84daec0L,
-        0xa7c70452639b53a2L,0xab34cef9122cac08L,0x00000000000001cdL },
-      { 0x45942b2b520fed74L,0xe339e2ec18185e32L,0xef29fc70799a5848L,
-        0x81cd214092bc0623L,0x56f9ba7d7502fd5eL,0x8c0c55507d06b23fL,
-        0x4835f4e6f6780730L,0xe0c0adc9f3b8b6a4L,0x0000000000000078L } },
-    /* 21 << 448 */
-    { { 0x93c6329431a43160L,0x19f6aa9bf70fdafaL,0x74922f2451c93c44L,
-        0x2771a1d8a482a3bcL,0xdab23427ffc50d8fL,0xb06ca094a3138e86L,
-        0xdef003634bc843a1L,0xd6bf9e1228d99dc8L,0x000000000000014cL },
-      { 0xc618a4c3d49e9c02L,0x202558298a891299L,0x8acb42a297e53ed0L,
-        0x012a299092167efcL,0xfde4d81cc425cb45L,0xa7a4f2b788705295L,
-        0x958260fb365f6d39L,0x24d12f9c7281e7d2L,0x0000000000000039L } },
-    /* 22 << 448 */
-    { { 0x51fbbf5fdb40af14L,0x0e795ad376869107L,0x353827bd99d8accbL,
-        0x41b9b0f3f0a03c54L,0xdf2e0c6ea3a0f1bcL,0x80c2b91e83d84847L,
-        0x28240a87333924fcL,0x0cc6dc8139166ac9L,0x000000000000019bL },
-      { 0x150e42b72c3c6ba1L,0x165bafd96b10b2d6L,0x990f141114a18123L,
-        0xe89b21600746c897L,0xfbc4fc51f7efda9fL,0xf2e2285526fc48e5L,
-        0x95ea0ba212346b4bL,0xfc5b414977e223ceL,0x0000000000000186L } },
-    /* 23 << 448 */
-    { { 0x0be0a5de07a16d69L,0x9ef32d03e11ca186L,0xccda2049a9ffe33eL,
-        0x3470ac5a4b670afeL,0x8770a1ef74a0d67bL,0xe7011ca9df62093eL,
-        0xe08c557ac48bddc9L,0xd458493937876750L,0x00000000000001f9L },
-      { 0x8a93b565a84fca82L,0x4db14cc9c6be1ba6L,0x06cf1b331830b8d7L,
-        0x048707b3eb991fd7L,0x005ef51378b92e81L,0x444b5dbbbf444785L,
-        0x158fec89923f5885L,0x2a681a4a1900dfb9L,0x00000000000000abL } },
-    /* 24 << 448 */
-    { { 0x22a96092b0fef65aL,0x75400e255b4b6264L,0x2d6bf21fcf25cbb8L,
-        0x2fd07e1c9289dbf3L,0xe56e840c6814e503L,0x15063366005f14d4L,
-        0xf156222e66516b79L,0x56d9d1fbf5167303L,0x000000000000002bL },
-      { 0x9c095b7cbe93ea4eL,0xbc26271f7eff54ceL,0xfdca10ae48cb19cdL,
-        0x7c582ed41967cc71L,0xd5de0048870d2bd6L,0x92973e875914e7cfL,
-        0x56e0b7a321edd49bL,0x1bea592023d39a84L,0x00000000000001d3L } },
-    /* 25 << 448 */
-    { { 0x830fb6b0b22e2bddL,0xeecc9175ec46dddeL,0xbc5653dc92ba4ea2L,
-        0xda57d028df0f6920L,0x0b6373b613d599b4L,0xe3408fbe5a64be7aL,
-        0x835d777666ee7d46L,0x2410f0dcd60a8af2L,0x0000000000000116L },
-      { 0x74a4658a92a29714L,0xf8a8f1fe844af49bL,0x15d77ccca2b02157L,
-        0xa33511645b5c9343L,0x2bd68a266e54c8c5L,0x88d773dd041c6279L,
-        0x4aee4590d6a3c00fL,0xa1697b605166b43bL,0x00000000000000fdL } },
-    /* 26 << 448 */
-    { { 0x08757c74ec97eeeaL,0x27e8eb74fd3c52b8L,0x2809524d010a4f7eL,
-        0xc9e0dd4a1377b31aL,0x9cb226d1e082c564L,0x901073ed5af132e3L,
-        0x8ce944c8188dfe5fL,0x347892858c5260a5L,0x00000000000000c1L },
-      { 0xe363f14e1cc9ba1aL,0xd4d8c73f194037afL,0xc9b307c79c2f34d7L,
-        0xf02b5ddb947966b6L,0xbaa7d2e0b7ff7f37L,0x78c228d0f6991d25L,
-        0x9bd96a4c0aa5bae4L,0x93155e7c16f862c3L,0x000000000000019dL } },
-    /* 27 << 448 */
-    { { 0x3a730ac01ccc9a22L,0xe876db8a07b71c34L,0x5a4aa392fe69aae3L,
-        0x502aa22d9db171d2L,0x7c5fb005ad0f33ebL,0x5a2169a88c3bec21L,
-        0x76efaee9781c7629L,0xfb933efd72fb60dfL,0x00000000000000b8L },
-      { 0x1d4fca2eb1e91e17L,0x7187a86f864fd2a9L,0x896e3acbd37c6e14L,
-        0xb10aef2d42cb0645L,0x5c0c4b235e72c54aL,0xec0ae29ed1e2f299L,
-        0xb72c7f4c77e91c26L,0x41c241c4f37a54f7L,0x00000000000000a8L } },
-    /* 28 << 448 */
-    { { 0xca49e4056736b7a8L,0xbae02b57f438c9a8L,0x871ecf1d8dd5bd49L,
-        0x46b05ef1974903f5L,0x549128c348aa1a22L,0xe8f8d085ef5b4439L,
-        0x62fbea2fefee9906L,0xecd06f55c49261ffL,0x00000000000000f8L },
-      { 0x603a56fe1def19d6L,0x48d65f1d3e4cf99eL,0x6b92c5694559a51cL,
-        0xd133cca108c45240L,0x9656a7c46c134b2fL,0x7e407c2907d6c7f7L,
-        0xc346409adbb7cdf8L,0x4ebc0b91eec47250L,0x00000000000000aeL } },
-    /* 29 << 448 */
-    { { 0x04b789f81da8a341L,0x81827ac482bac9afL,0x85a2510cc0a342a4L,
-        0xe3d17837200d2557L,0xf951b01ff55cceb7L,0xa00d66f41472e87aL,
-        0xfe101e3e0a0b1ff6L,0xfc4b05f60f9e8587L,0x0000000000000173L },
-      { 0xd64fdd33fbea0ce4L,0x8aa0680aedb5fcdfL,0x78876c00e08cda89L,
-        0x9c3424f9034f2cbcL,0xea7170d1a86845c8L,0xd36a89c084650b43L,
-        0xfa5ef9e6ab2a83ccL,0x0458b4b756c03914L,0x000000000000000cL } },
-    /* 30 << 448 */
-    { { 0xef816b5cbca24a14L,0xe56ef49d80999021L,0x5724b7fc5984a0c4L,
-        0xdf9250fc23c4f692L,0x05b5d16a4a329eceL,0x389dd3268f017928L,
-        0x49cce29d7376ef1fL,0xd005fcf9adbb3387L,0x00000000000000ddL },
-      { 0xf7d7a2da1919ee1bL,0x99312ba17108fc88L,0x6e0fd013819b2ab5L,
-        0xac6dde9ca0415b09L,0x76aa7ad61116cb56L,0xa4164cb64d7e2873L,
-        0x25a4982b00d5204bL,0x3d528fb42ca1bc08L,0x000000000000011eL } },
-    /* 31 << 448 */
-    { { 0x7eaa6f4f202177aaL,0x407c3797edda27a9L,0xd1cc20254d51d733L,
-        0xc7950454c1c04a95L,0xb657108ffbb858fdL,0x6068f5a94b7af32dL,
-        0xbe741bb72701b289L,0xe786ab377dca6c64L,0x00000000000001f8L },
-      { 0x9f04d1950f884ecaL,0x036589956f965937L,0x62e3afa42c33ebc6L,
-        0xa2b8ba656f0e5fbbL,0x798f812abbc0c7c6L,0x7cc29ea1537a5d81L,
-        0xccd03bf8f1509aafL,0x3cf256c590799937L,0x000000000000013fL } },
-    /* 32 << 448 */
-    { { 0x30b495ff9b09ac83L,0x7767e8a105d9c9ebL,0xb15ecb0a1690a79eL,
-        0xa7b87cce1b301763L,0xc6849deaf28b14d2L,0x16d0b1585e5c94f2L,
-        0xbfda45241aee3ca8L,0xe52961635d737c3eL,0x00000000000001f1L },
-      { 0x339f76cc589b8ae6L,0xa133954ae02ea428L,0xf11e77f7980481acL,
-        0x890c3c2c87596275L,0xe0cfdace80b79bf7L,0x0031db26a3e3906bL,
-        0xedf2e3dda1c31197L,0x888f12192bc3f1a4L,0x000000000000006fL } },
-    /* 33 << 448 */
-    { { 0xfa11efb73c598a06L,0x1a9de85eaf29fc12L,0x9e436a4a3a85a95eL,
-        0x169c615c9e3c41d4L,0x2b29db6bf79e4c98L,0x22a26e1e1a467ad5L,
-        0x14e86abf782ac769L,0xfeed751a0e260ce6L,0x00000000000001e9L },
-      { 0xd4355ffdfe99690eL,0x186ec88dcf7d461dL,0x8422a8fed2d736f2L,
-        0x18f55e53ad868624L,0x1020ec9fbc659311L,0x86ddcc05affee0adL,
-        0x06931cb237608917L,0x850013ff1ef526c7L,0x000000000000002cL } },
-    /* 34 << 448 */
-    { { 0x125c5fab85fdc7f1L,0x78c6271112df7083L,0x2fd974779a17dfc1L,
-        0xafce9bff8de8fb96L,0x7a45cc8723fd724fL,0xfd1522f2de2fe1f5L,
-        0xbc1eceafbe939d20L,0xe8f9b64c5d35cbe2L,0x00000000000001a1L },
-      { 0xcebe167b4e9edaf5L,0xc40095abd68c6c3eL,0x5cbd305e44500fa1L,
-        0x52d56df841fc36ecL,0xc6dcaf21a267407eL,0xbef96b050a0d5c0eL,
-        0xd6cca309cf13700cL,0xe1efd83734b2d474L,0x00000000000000eaL } },
-    /* 35 << 448 */
-    { { 0x47d2bcbb3a59d179L,0x84c060960c814989L,0x25021261b2543f3cL,
-        0x5a894a77824a6674L,0xa80055cff8a90d72L,0xb67da52c3bbd3840L,
-        0x41b6cf441d172937L,0xaecb4a0fd0c7f2f9L,0x0000000000000184L },
-      { 0x4112abfdadec6f45L,0xec2292fd5af997b9L,0xec81483ea66da6b0L,
-        0x2d788ca6bf6e9369L,0xee6d66d64c9df525L,0x652248dfc233275eL,
-        0x26ab55ff60d792dbL,0xed6c78699d30d510L,0x00000000000000e3L } },
-    /* 36 << 448 */
-    { { 0x2827f5a2cfacc519L,0xfa201f6328fe5462L,0xd12ba386e76d1ed1L,
-        0x4eecc04b3f1857b2L,0xab2d2292bac8e16cL,0x94ff8f3ddc3f22dbL,
-        0x63248a3603b56f1cL,0x391de5d28c4539e2L,0x0000000000000100L },
-      { 0x58dda167baea3e6eL,0xc9c93a6d88e1646aL,0x16c540b124b20d76L,
-        0x9cfbc92113a036b6L,0x2c3b07ec6322b9ccL,0x88c8cdf43f0fcf9aL,
-        0xfd62cb99da598c89L,0xd6a4bbf8fa164bd8L,0x0000000000000146L } },
-    /* 37 << 448 */
-    { { 0xc393c42ce88d83acL,0x5c8b69266733c944L,0xda086abbca3012b9L,
-        0xff283a9b5acae577L,0x61bd875c3059cf58L,0x994aa16617621d60L,
-        0x519f8cd8be49f68bL,0x3a0a9a9e98e2cb2dL,0x0000000000000154L },
-      { 0xf9b9bd45dc4fa221L,0x0ace7ab384d38b83L,0x88d9fc2be55c1c3cL,
-        0x84905b18c6565620L,0x55c76c803bf25fe7L,0x96c9375fcd06b977L,
-        0xf890bfe99ce18390L,0xa6d94dbb19361d60L,0x0000000000000001L } },
-    /* 38 << 448 */
-    { { 0x708f272f49cf39c0L,0x10a48d4cc2ee3fa0L,0xab1e16f901c642baL,
-        0xb5eedde41983ee46L,0xe3c55cd6899e461dL,0x23000eba18d744d0L,
-        0x2276e90d9eca5818L,0x28ba08fea79959bdL,0x0000000000000174L },
-      { 0x19c844006e8985cfL,0x8c47325f19c95cd8L,0x8ce8f9be8cc20f75L,
-        0x5c1f05f4ccbe5f74L,0xc7611000293f57a9L,0xdf4273f284dad825L,
-        0xd90562d63ba6f844L,0x70362280592e0687L,0x00000000000000d3L } },
-    /* 39 << 448 */
-    { { 0xff33e72ebc72e5fbL,0xbf62bd87e7d6882aL,0xda5147fdb89aef99L,
-        0xb6f32dbd17a2f509L,0x9bd0eddfb286a468L,0xdd4d1b28b31307b0L,
-        0x4866ded9c76ded47L,0x22513a3a1ab2e1a8L,0x00000000000000ebL },
-      { 0x89e2f77acc1225a9L,0x6557eb9ce8a4d6a7L,0xd06696e55d2b30d3L,
-        0xffdbd1fa38241fb1L,0xece18f786da9b3a1L,0xc7be81d7f3778b45L,
-        0x551942079c94ba90L,0x4a4151d863583b90L,0x0000000000000165L } },
-    /* 40 << 448 */
-    { { 0x482c4b824cb11206L,0x2201973cda6ac67fL,0x90df76215995d743L,
-        0xee362af67e7b155dL,0x7f3893b65997d300L,0x9cb6280f48c1f500L,
-        0x334dcc96c04921e6L,0xd657696028bcbad5L,0x0000000000000182L },
-      { 0x9dd406cb615b1c61L,0x7de33627d9cd2e7bL,0x7bb1260c8775b9c3L,
-        0x8660e68e17b15699L,0x679fda73ed79d75fL,0x10d1c3e755a10c2fL,
-        0xc4a3f01c652e4c33L,0x34c91d58b7c42d3eL,0x000000000000002bL } },
-    /* 41 << 448 */
-    { { 0x9747a5bd85fa2a0dL,0xe15ad21ed11886aeL,0x2eef7ba93a2651f0L,
-        0x9e77aa5962686644L,0x9e7b79d4fb694bafL,0x3a430ea7a6b0849aL,
-        0xfb6f511c8c34f2b0L,0xd5c58ed10140425dL,0x0000000000000166L },
-      { 0x98c16d41e9539297L,0x287e5e5f403d122aL,0x52ded89abda5f4e9L,
-        0xa541ea800d429eb4L,0x763796a0dd2eb689L,0x5e35cb2d2001730fL,
-        0xfe0f4cade305badfL,0xd110a0cf2ee75cc5L,0x0000000000000029L } },
-    /* 42 << 448 */
-    { { 0x516e69a0c5a71125L,0x998a22f25c95ad7aL,0x8a14544f648f80ccL,
-        0xa59f36584ed65117L,0x4b5a92a85dd7e675L,0xd262307ac9fa87afL,
-        0x936957f30fdc3362L,0x994f83054b783d0bL,0x000000000000006bL },
-      { 0x56d8d538ab411cbbL,0x6c3be61485d78e8dL,0x4234020c833fc8e1L,
-        0xe4fdbf97b41ed949L,0x8c36618c0f3a1f2fL,0xe7dae0ee58f49465L,
-        0xe5b2b939b6a95411L,0x822fe9e126a6e121L,0x0000000000000094L } },
-    /* 43 << 448 */
-    { { 0x9cebe2a9d059f7d5L,0xb4c8f6deabc86eafL,0x7dacabf6c6e5ffdcL,
-        0xd8b22f229922c453L,0x676154f2174ea57dL,0x4d7ce6fdf9819e39L,
-        0xb19bc1bbd47ebfc5L,0x24383cd04709da01L,0x00000000000000abL },
-      { 0x8d5e8f8a3cb2e7eaL,0x2899be2733d8d462L,0x5e6e982153eb2879L,
-        0x04637531a17178c2L,0x8ce508f1f4495e86L,0xbbcc3223935c7f1eL,
-        0x72c33d4fd2e53b1cL,0x3f02c919bab47cdbL,0x0000000000000056L } },
-    /* 44 << 448 */
-    { { 0xf25929a379c36058L,0x6d0eaa35a743c8a3L,0x24943137c5850310L,
-        0xb78fcdc74d01efb0L,0xdf7a2cbd2a5e9f3cL,0x6d8c2cb9df226a5fL,
-        0x32f82caaedfffa33L,0xb520a44381c3f37fL,0x000000000000018dL },
-      { 0x477f91b7e71efa02L,0x9bdb34a93e3ca801L,0x29bdb247fbaa8273L,
-        0x1094b513dd94b717L,0x97c93aa247d54bfaL,0x8899075c84807d06L,
-        0x6cb0824b57f6ae04L,0x5d1def90e6c92379L,0x00000000000001a0L } },
-    /* 45 << 448 */
-    { { 0xa9abb86dc72edfbfL,0x976e9021ac090215L,0x045277f4e22e6e61L,
-        0xc7659062b8e5caa4L,0xfb951c4a8313d948L,0x5cf7b980aab03d43L,
-        0x638ad72853011671L,0x8982856158bf9edcL,0x00000000000000b6L },
-      { 0xa9f8e9d5670893a0L,0x950c5bd4695bfd4dL,0x9385ed198b1c6915L,
-        0xe65fea3ce8a000c3L,0xf115e65f45299c03L,0x5ea19e3260785ed1L,
-        0x68335fb1829d2dc5L,0x486ac0a949a1c2d0L,0x00000000000001baL } },
-    /* 46 << 448 */
-    { { 0xd1b72ef8e18d7e88L,0xe97656fb4c48d545L,0x72f28d05eb70cd01L,
-        0xace95a386825c358L,0xfa20240fed25cc72L,0x4bcd0bba8fc571c9L,
-        0xa8a77a6940165a4fL,0xaa0d24d5f1a5e08aL,0x0000000000000046L },
-      { 0xb2704a1a257cb8cbL,0x0606229140b7acd7L,0x3fced7fc0418bc8fL,
-        0x1d063bf612b0ffd4L,0x7f35d6845b8c2990L,0x11d5f9a3e8035f81L,
-        0xa8eb0824708300e7L,0x8bbae009cdff1bddL,0x00000000000001d8L } },
-    /* 47 << 448 */
-    { { 0xc98465cf1e099827L,0x231b39ff67a1f512L,0xb71a173966598bdaL,
-        0xaec36ef7b70b4422L,0x6115ba31fc2de257L,0x2caff11ae2fe1837L,
-        0xd1e8fe55a0aab548L,0xdbc7863b19ef5f6eL,0x0000000000000011L },
-      { 0xde6a08d39bd49a13L,0xa9b22ee15b3da1eaL,0x69f16ae2b6f6a425L,
-        0x81647bfef93b2684L,0xb20f7c385a5214b6L,0x9f3e7078d7dee661L,
-        0xd03efad577719f99L,0x58a09d6e42df766dL,0x0000000000000020L } },
-    /* 48 << 448 */
-    { { 0xba0a5d23dc831ac0L,0xcf0fe6fcbd41cfa5L,0x11d490d3adee7925L,
-        0xa8c359fc491d988aL,0xb97a48a53ff98345L,0x6c8ac5f21b8bb845L,
-        0xa9c9f2a85f157746L,0x79125887cf6ad9a4L,0x00000000000001aaL },
-      { 0x3dc5db89e8469532L,0xa9610220639df36bL,0x5806f730828bababL,
-        0x5ad5e58f60ef0fbeL,0xbcdfe863aad0a654L,0x818cdc6134f936daL,
-        0x3b6839b4d47dd376L,0x80db0098be99035fL,0x000000000000002aL } },
-    /* 49 << 448 */
-    { { 0x57e66d8002ac31a1L,0x7cfa3c5249aa4fa7L,0xfa49bed0cbe9b21eL,
-        0x52cb15789db98c26L,0x1d47d195301a3fe4L,0xdeb6e083d69b7093L,
-        0x1f5ff8447d4af7a7L,0x1d5de0701e12a92dL,0x0000000000000035L },
-      { 0xd78224473e451fa1L,0x604c458c535301ecL,0x25c9c867dd8c2390L,
-        0x1810f8d0aa93f0a7L,0xc2210ddb316fefb5L,0x25a94d5b68af35f8L,
-        0x53300a3e4a46f220L,0x53cd0eff6567eb3cL,0x0000000000000107L } },
-    /* 50 << 448 */
-    { { 0x463a0c31858ac43fL,0xf4549a21501dc385L,0x349e94abe9aa4f09L,
-        0x3e0650cb6df0e53eL,0x266d445b8a31d2d6L,0xe9bcccfe8740fae4L,
-        0x2497641bf4678f4cL,0x1399e0a702904c35L,0x00000000000001f4L },
-      { 0x2b3fa40fe14ed6faL,0x6cfd3a80a2d6adfaL,0x69b4e928f0fd74f4L,
-        0xc1392f2469c56022L,0xfa22fb98a24b1facL,0x5f69d1a2a25757a0L,
-        0xabd01cd5c5482128L,0x8c45115297d5a39eL,0x00000000000000adL } },
-    /* 51 << 448 */
-    { { 0xb0dcdad079443d3dL,0x2d9a42fe3a52d58fL,0x7955958903b2d65dL,
-        0xf1b0c12f8a0b9cd0L,0xbd734262222bdb0fL,0xb035bc18d2f0707cL,
-        0xaa3516119c456cf1L,0x46f91b9228a7d3fcL,0x000000000000018cL },
-      { 0x32b8a62934c1eda1L,0x0ecc02bd130644a8L,0x23d8ce282bfee465L,
-        0xbb8a3ed82e8997bbL,0xc46d3480432ff8c3L,0xfc2ebc497233d495L,
-        0xe55621e587b0b6f9L,0x928ca258af75145bL,0x0000000000000129L } },
-    /* 52 << 448 */
-    { { 0xf49c63f00ddef055L,0x48aa7a19d452b85eL,0x2e25071477b7fa65L,
-        0x214846773c8ecc33L,0x0bb90b9b9f3eaf10L,0x37b1620414c4c51dL,
-        0xc872bb78a1a5a425L,0x9346566a2f80d134L,0x00000000000000c4L },
-      { 0x68ac1057a1a2f1bdL,0x12c6c5bcfd33db61L,0x99298470a35fa26dL,
-        0x54af5dbf7dfb15c5L,0xca576278357de229L,0x003d3219872e6db0L,
-        0xbf3420e5722a6d5eL,0xe3256c9ec29eaf3fL,0x0000000000000024L } },
-    /* 53 << 448 */
-    { { 0x1bf4838b2a29f47fL,0xfbdc24b3518d9454L,0x75a3de3cf8240b38L,
-        0x6da0b6f7893631d1L,0xdfa309cac90586f7L,0xaf89f6d1801d0c3fL,
-        0x37544bb8ccddc955L,0x8b20db078bbcf759L,0x000000000000014aL },
-      { 0x3ad9424106b6601bL,0xf26564e2d069e9c7L,0x9370b0d5417b0b98L,
-        0x572bdd32e88921edL,0x2468cb1b6b12f081L,0xabedc7f96d585c3dL,
-        0xdd6625e6956519e4L,0x39d98d7bd3896f1cL,0x0000000000000012L } },
-    /* 54 << 448 */
-    { { 0xb8bdf12a5e0dafd5L,0xc84b1a43242f9295L,0x7b2ce3ced23a98f3L,
-        0xddc3cd517ac86f66L,0x53c1528aa5228de5L,0x8d1ff4e4ba69123fL,
-        0x32f4bc01b5ce90d4L,0xad5158cc8cb1409eL,0x00000000000001f6L },
-      { 0xb5ffd15aab839bdaL,0xd4652cb2f6c03850L,0x5ed9ea35ba6cdf1aL,
-        0x6963ebc45529204aL,0x7f5c0d7f3cbe2e09L,0xf7aa9f58878afde6L,
-        0x078e5e24e9c780a6L,0x78da0aee78a975adL,0x00000000000001c5L } },
-    /* 55 << 448 */
-    { { 0x071cf98df7134d20L,0x707f5869578e1b0aL,0x07a11e13a0c74aedL,
-        0x1c32de4466086da0L,0x0ce4c3dc156e6365L,0x3ca495174ca4ea96L,
-        0x929409321b049f10L,0xcdc6c5e45549420bL,0x00000000000001d5L },
-      { 0x11092c8b111881e5L,0xfd4467c943845ac7L,0x43a474e99b0dccc1L,
-        0xb3eb7612ed69f0cbL,0xc5ea3915e920a3faL,0xa80778f17580cc78L,
-        0x58bf893d588d51bcL,0x3ea95a47c036844fL,0x000000000000018cL } },
-    /* 56 << 448 */
-    { { 0x5f8fb091c8a11088L,0xc528c08244a8e84dL,0x2a38b398f419ab48L,
-        0x3e6a4d574f9e3fffL,0x84dbeb5e0f91941aL,0xa5d2364e8df0b630L,
-        0xbd79a9f578edc885L,0x20cca408771efab1L,0x000000000000000fL },
-      { 0x92c00dd612581153L,0x76a00a16d160483aL,0xc5f2f97ef8b8c8cfL,
-        0x9c51e9949039fc0aL,0x9ae8239115a1e161L,0x611f60f3f04c80b7L,
-        0x7ddee53b5930f39fL,0x139e22293734c045L,0x0000000000000169L } },
-    /* 57 << 448 */
-    { { 0x492a0d612b8f7df4L,0x9e5938bfdaddc812L,0x270ed13acd3591a1L,
-        0x96c535ad5b526ef5L,0x3fe87cb1c08417a5L,0x535abbcbcafeb810L,
-        0x682cfa1029bb9f46L,0x5cb429b34e142fe8L,0x00000000000000ffL },
-      { 0x3daac71ed0634825L,0xcf6e237fe85711fdL,0x804f34c977556d5bL,
-        0xe34f12c3f521b81eL,0x9f4c137f292e32a0L,0x3a8a1ccac9694a76L,
-        0x6e2378c78c3b70deL,0xbe0f52a6c07fe2ccL,0x00000000000000d8L } },
-    /* 58 << 448 */
-    { { 0x118fab8d79a79a9cL,0xbc2c9888bd218b46L,0x4ea3bd8c096a5354L,
-        0x75a99a2783850578L,0x2498a867b61ed37dL,0xd99eca87a1b4d8cbL,
-        0x78069810e502e8c5L,0xe124a2b0c1ee2bc0L,0x00000000000000f7L },
-      { 0x0fb991f57ea8324fL,0x5d03f2fc1b2fa900L,0xd7aecc39a2afaf48L,
-        0x6f5834408f8eae4eL,0xcbaf72380821726bL,0x5bac3a5826891763L,
-        0xb032fffce3476ef7L,0x5cbb984b60c21791L,0x0000000000000037L } },
-    /* 59 << 448 */
-    { { 0xa2cdcf6fc7a6656cL,0x3890d3dd2a668d45L,0x234f2e594925e5c5L,
-        0xee308962c91f5611L,0xa5c2244dafd2a34cL,0xe1f87b4883b55aa4L,
-        0x073efb988e8d2151L,0xf5a2060add8c1fd4L,0x000000000000010fL },
-      { 0xb36704d4f67f4c92L,0x5187b6fa3cf744ebL,0xe9e542fd24e4a727L,
-        0x80e7047c49cfad5fL,0x289d555413901f7fL,0xb3aa2b678638b4c1L,
-        0xf849ebf97ec3d745L,0xbf3ae59d9d645f83L,0x00000000000000ddL } },
-    /* 60 << 448 */
-    { { 0x62e3e3726899a80aL,0x84d09be49df44b97L,0x6e05ba9f147b7cc7L,
-        0xdbc7ebb4786f89e1L,0x59bd342f5fd35148L,0x74ff10abf21cd7bdL,
-        0xe9adec9a4963a567L,0xdf49024bbcf19942L,0x000000000000016aL },
-      { 0x583ad342e4e67976L,0x384f24864b4036acL,0x2d1de0460fded50aL,
-        0x5979c2d3231e9f33L,0x4357f19a6f1f6362L,0x03dc0490c7206d38L,
-        0x0a809b04d1f6a3d0L,0xb86a36390dad4ae4L,0x00000000000001f7L } },
-    /* 61 << 448 */
-    { { 0x4a43f2f8ab33fe25L,0x9b5f5c47cd37c48bL,0x9638182e53cd35b8L,
-        0x15080c5a2a01d11eL,0xa2ad1d1681cbdad0L,0x4d368c121388f3d9L,
-        0xa52874d32b5fca12L,0x3144ef491c9937e7L,0x00000000000001e4L },
-      { 0xaf4c873c1bef2db1L,0x854dbb8b41802396L,0x04ed772d8a107858L,
-        0xc302309c9922bb22L,0x8934bf22f903f12fL,0x1895a13453ac5388L,
-        0x4e3a136f9795b063L,0x132201f7ed77451cL,0x00000000000000cfL } },
-    /* 62 << 448 */
-    { { 0x3af5f35a9f1ead38L,0x2251fb919de293edL,0x35e60ce0549a3799L,
-        0x2daca779449e2012L,0xfbe464d153de4a11L,0xfc18cb66fec4b981L,
-        0xcdcc49d118082f41L,0xe06054d362025456L,0x0000000000000008L },
-      { 0x5402f1bd9bd9602bL,0x2f1c926627c3b232L,0x06b4503e2de448d5L,
-        0xbbeede93092ef103L,0x266cb7d16ba9f227L,0xaca181901b3802f8L,
-        0x358cf8b0902424a3L,0x03288ff4cfc7b845L,0x00000000000001e4L } },
-    /* 63 << 448 */
-    { { 0xd647fd5243cd6708L,0x3f6caa7ce80ca7a4L,0x446fbd00d53a4555L,
-        0x50e707aaf87efc06L,0x6194ffea631474abL,0xe59478e2846b6fd2L,
-        0x589039414b8854f7L,0x3b3c679daccf580bL,0x0000000000000034L },
-      { 0x3388ccd6d6d55e6dL,0x4f1e9f0c878cd970L,0xc2f128f4c7501b77L,
-        0x69d023525f9082d3L,0x350954abbe02b4baL,0x1d5f5bc828f937dbL,
-        0x9b01373dc36b85acL,0x0f3810828be8c7d0L,0x000000000000001fL } },
-    /* 64 << 448 */
-    { { 0x394cdaf5af579e74L,0x892cb4839f0656a6L,0x0ecd401f3e8e1495L,
-        0x655f01524caf97c0L,0x9712d15881912568L,0xd16e997a89dbdb52L,
-        0xeec17a551a8c4097L,0xbc19e865322bbb31L,0x000000000000003dL },
-      { 0x6b181fb67cfb9654L,0x3afdca352d651201L,0x19d26af461453278L,
-        0xeba73d693ebeaf7eL,0x39f7171e1832e1e3L,0x84b46c0e31a9f559L,
-        0xaea096cdd89db3c3L,0x193c91e76c409761L,0x00000000000001fdL } },
-    /* 0 << 455 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 455 */
-    { { 0xfb24c5b4c56caae5L,0x3855473b71a1a7f6L,0x225a79370cf6ff1dL,
-        0x3cdb0634b5ace9e5L,0x46de798d26b6384fL,0xf1ede134ebc11704L,
-        0xe80e4e37554519f9L,0x812e76db6349eebfL,0x0000000000000179L },
-      { 0xb0b69f323b354956L,0x27c782ecfc0d2a5dL,0x2bb2ebefa0dff80fL,
-        0xae8e58262c887ac2L,0x2e4886170ca3bf38L,0x77b1b7b434c9e517L,
-        0x5d42ca18db708de3L,0xc1b0482a4305eac5L,0x0000000000000091L } },
-    /* 2 << 455 */
-    { { 0x4331cdcdd6a37babL,0x67b8913785c741c8L,0xaeffcbdb4fc72389L,
-        0xcc12e59a1c7ae6ddL,0x4a35540bee1e838bL,0x6148fb60ecd3e84dL,
-        0x7319e868b2290730L,0x4321baae4de5208bL,0x0000000000000160L },
-      { 0x10c813e987717bb9L,0xd9e1f5a8cfb9252aL,0x0983c1f7d7bde47cL,
-        0x7446023b5474e52dL,0x1f189de81941b518L,0x1997c69bb425810aL,
-        0xe15b5f1e58bca332L,0x715da4c949092985L,0x0000000000000076L } },
-    /* 3 << 455 */
-    { { 0x384e3f6f58451e49L,0xaeb80f831e31dd0dL,0x4533e3674b9d5a8dL,
-        0x531d29f192c91343L,0x3ad61300badb78f7L,0x9430ca90b88c7e34L,
-        0xb29faff5d04c4cb7L,0xd1d5172032b962a8L,0x0000000000000037L },
-      { 0x15e09965dec37027L,0xd2cb9e7ef367e0baL,0x64c02f1bee17c9d0L,
-        0x64a78127eb7a74d4L,0x94bd3d97e2733ab3L,0xefbac0a22548d742L,
-        0x1834dd09691ced31L,0x5cd623906f6cbf38L,0x0000000000000193L } },
-    /* 4 << 455 */
-    { { 0x3e5927537600c9f1L,0x115da68ae4653acaL,0xa83d3cdea21c03b3L,
-        0x5821515780477c90L,0x876e0150c43df921L,0x176767d6410801f2L,
-        0x95e1b6c9b0b638edL,0xcda8e401979e84c6L,0x000000000000001eL },
-      { 0x5500c69c85cb274fL,0x5f2d975bde004d59L,0xcd545d2aa005b4deL,
-        0x4d3d02ae4e3b1b94L,0x53e64ccdb8ec522bL,0xacc3386f12efbb9eL,
-        0xc8f529c21cbd540fL,0x8428942d2f854a91L,0x0000000000000182L } },
-    /* 5 << 455 */
-    { { 0x52ac93ab9d106cc0L,0x6ade3bb2a1a00a39L,0xa6de45cbfe378be1L,
-        0x77ad40dcd0670c0dL,0xf86878493a2759c5L,0x483cea2b331d66d3L,
-        0xbf7da5e30c0a8a8fL,0xb6ae584ae13ed38bL,0x000000000000011dL },
-      { 0x80e9d0a253710983L,0xf52a813a2499bdeeL,0x3abc9538b0a63f6fL,
-        0x1abbdb5e88454852L,0x42562c99b16c6366L,0xb320389a1fe20061L,
-        0x3dc5368a0aafe965L,0x22165cb8786c4c36L,0x00000000000001a0L } },
-    /* 6 << 455 */
-    { { 0x2cda398733430edbL,0x7f0593f8ee487eb9L,0xe458e275d8765895L,
-        0x45c2e09311be3df5L,0x32545b1e51450f54L,0xf35bc1ee49d52cfaL,
-        0x59b8b719da91cec2L,0x4426171bab7fe631L,0x0000000000000135L },
-      { 0x17c4e11ce00a5618L,0x7a6ff5b1fe8be941L,0x72e91c8c2c90c5d3L,
-        0x9f45087980cfdf98L,0xb0d5d0d106ce62fbL,0xd9deb71557fa7188L,
-        0xf1d09702ac85d50bL,0x65ab22b5a170e75eL,0x000000000000018cL } },
-    /* 7 << 455 */
-    { { 0x8dad33f0dc5d94abL,0xf4db966bfac13747L,0x8a77811c06e37e4eL,
-        0xf9363ed30c3604e7L,0x90756e243ba7fce8L,0x3696963496b80bedL,
-        0xee684c2077d60148L,0xa5c2fb34655054d6L,0x000000000000015bL },
-      { 0xc3add12d16926ab2L,0x05ec8eafff3a3fb8L,0x0d04206ee9427d91L,
-        0xbeb4f190129e73b0L,0x17261339c4d688a5L,0x24dad00d6ed53db0L,
-        0x2528c44d45319ea2L,0x934c89cf849c5440L,0x0000000000000018L } },
-    /* 8 << 455 */
-    { { 0x92c099d20bec2201L,0x364fa15ab67ff463L,0xfb32ffd0b02f7e0bL,
-        0x5b57f9939d4c9f2aL,0xba5f437e4996b151L,0x961bd5fc431462e9L,
-        0x1fda019fdcd39411L,0x8ff5288eccdfbe62L,0x00000000000000ddL },
-      { 0x43f49a318ef349acL,0xe4f5a626301bae8fL,0x945e6a62d2681847L,
-        0x8ef66b51857c09beL,0xdaff64743f15435dL,0x215793cd3db84e5dL,
-        0xb2044d4bab1bb6c2L,0x4c7ac000580855ceL,0x00000000000001b8L } },
-    /* 9 << 455 */
-    { { 0xa136b9c582159046L,0x140057f04c4ead62L,0x8ca6289ebc981d19L,
-        0x4d649954c7decb99L,0xe5a5dd22865132baL,0x997c4359c0ac595dL,
-        0x0de89fbab741c450L,0x88ff00d621eaec9cL,0x00000000000000c4L },
-      { 0x588c3562c9825937L,0x36715b023cee8780L,0x2a36c31fbc044ec4L,
-        0x3122c43ddc1830c2L,0x502d3747d0ad0521L,0x0154ba8f1f2a32daL,
-        0x81ba266bb3b79bb3L,0x20f1812f498a41f2L,0x00000000000001b3L } },
-    /* 10 << 455 */
-    { { 0x52bea9dbc2a1b7edL,0x7844cd85e0d786e2L,0x17168d7a4d565a2eL,
-        0x1213c72b155affb4L,0x26a4857d606a308eL,0x6f0560d6b55b0018L,
-        0x7c8549e874e1b9cdL,0x322ba0629deeec3dL,0x00000000000001cfL },
-      { 0x0a7016b8f59fd1d3L,0xa81ce2f8aeebdf96L,0x3ac89a8a0f7e145aL,
-        0x3fe8a38d70351907L,0xa636fd48bf10697aL,0x4c0f860d7f93878cL,
-        0x546e63f5957d25e3L,0x1fd01e4a1df8262aL,0x00000000000001baL } },
-    /* 11 << 455 */
-    { { 0x247a1ac087e07d2eL,0xb3ba31de267cec57L,0x70c28376dfdff923L,
-        0xa5b0933e98010a4aL,0xe8a5384f36233cf8L,0x629f4df7bb8d7c34L,
-        0x08d3ce1f86e72077L,0x42d10ace698660b6L,0x00000000000000bbL },
-      { 0xcb6f4d27db329183L,0x702ddbde1d7d2f87L,0x3b33b2b0efbfd731L,
-        0xecbd887c8623c86dL,0x33cb70623a026857L,0x37e317913b7ed919L,
-        0x51936c18079f2a15L,0x7118bad7bc8668cfL,0x000000000000002cL } },
-    /* 12 << 455 */
-    { { 0x37e766a6c64f9c9bL,0x6cf5e0b616c4ce5aL,0x31a2b1e27bbe708eL,
-        0xf784a55291e24f0fL,0x1cdf807a1fd25709L,0x2669d80270ced72fL,
-        0x79e4492dd49751dfL,0x7fe014d87e7f3162L,0x00000000000000b4L },
-      { 0xe0a2be33ada43f51L,0xbc88356945f6e16cL,0xb3d2248ec5873251L,
-        0xd1118266e3f9b61fL,0xc427e30bf6d1dd12L,0x43f0925b0d8313a1L,
-        0x729dfe2a39edf59dL,0x7189f5a4ff4b7293L,0x00000000000000b1L } },
-    /* 13 << 455 */
-    { { 0x39502a01368c3556L,0xb35130c9e9123869L,0xe3134618586c2e0fL,
-        0xdd3442cf24f259d3L,0xf57c35ec40687844L,0xe90532e576f52793L,
-        0x55fc2464359633b4L,0xcae06ebd1dbc4636L,0x00000000000000b1L },
-      { 0x5489517f5b600d27L,0xc219eb240984d56eL,0x7b016f7ed9384e65L,
-        0xfb57337cb879d9a8L,0xb449a322baf2c015L,0x023817267f138634L,
-        0x1368bf27c9b321fcL,0x6385cb06247247faL,0x0000000000000004L } },
-    /* 14 << 455 */
-    { { 0xe4ea02cf8f3110b8L,0xfed60231de50a1e9L,0x62bda5e80a8fe01aL,
-        0x882f5313ade31339L,0x30102cb926f12837L,0xbbfcd761c1851e44L,
-        0x6e1c5d2b073b2ae5L,0x1542324c357ad561L,0x00000000000000faL },
-      { 0xa8eac464c37d1a01L,0x8e5b465daeedd902L,0x7f7b68f5fdaf7257L,
-        0xd88a2cf6b4badb28L,0xe0dfde89e4102b12L,0x9ed8dab7ab851c47L,
-        0xbb44bd5db4865d1eL,0x0c6d69d57f2f666aL,0x000000000000004bL } },
-    /* 15 << 455 */
-    { { 0xf1db7612f8af29f4L,0x0da52d90eec6ab10L,0xd16bfb69b851b5f3L,
-        0x8c660efa6c961596L,0x3f6f6951bea2c3ebL,0xfdf53cb06ee47dd0L,
-        0x305e36d03805cb39L,0xb02da6181c1bebf2L,0x00000000000001b0L },
-      { 0xfefb61ddd5edce86L,0x2f7081225cd97a1eL,0x120d97f785787836L,
-        0x10ba1b5da5c3f3feL,0xbf2320827474dcf2L,0x94f2cfe21431647cL,
-        0xcf6e137c7d9e88bcL,0x77f6796bcb8d5d69L,0x00000000000001d0L } },
-    /* 16 << 455 */
-    { { 0x9fb0a0d27a2ae93eL,0x89c9dfa314d3224aL,0xe70f39ef1ec1ea92L,
-        0x8c7c0024ad2dfd78L,0xc285ed1c3c5b7c09L,0xce6436d11fb27511L,
-        0x65f427ade3d07577L,0x22ae30d26827554fL,0x00000000000001dbL },
-      { 0x35ab2a33fe772f97L,0xb26d3f9db6b12767L,0x0a55e68e6c9da0fcL,
-        0xb481a8f865d2662bL,0xa670cb04ed1fc69aL,0x77e568a7f1c98c0cL,
-        0x85c30516952db9e8L,0x8a4ea765f15c664aL,0x000000000000012aL } },
-    /* 17 << 455 */
-    { { 0x24b51a35aef7687cL,0x77bcd6cd1d943eabL,0xf969c9d01f866f56L,
-        0xf7027c8e59f4f482L,0x1261f7e83e164d3cL,0x41ca85ec8188b6c7L,
-        0x6958934e4e646b45L,0x26a31442b45b4318L,0x00000000000001a5L },
-      { 0xffa95fba76172fe7L,0x8f3bf348c7dfc41fL,0x7b47ee9d9a3249b5L,
-        0x91b2331ee3041b11L,0xa8e47621c81d85ffL,0x69c6e66a7d34d69dL,
-        0x746f8fa00228f5a7L,0x49b1ab297ad79030L,0x0000000000000117L } },
-    /* 18 << 455 */
-    { { 0x3346c5da3b8d5865L,0xf9e603778f785ca1L,0xcd7267d26d5dc885L,
-        0x96ddf769d69ccfafL,0x2d6dbb25d9594959L,0xa04cb2836b6f3992L,
-        0x1a525509f70ba665L,0xd92bb7dc62535572L,0x0000000000000089L },
-      { 0x11ced4d3d325263cL,0x7722335f67a97800L,0xc5a85f2dffdb96cbL,
-        0x1f96d41972f44be4L,0xc1d49b3ab9261115L,0x0e5855b52419b535L,
-        0xd30bc50e4ba83be2L,0xc32fc472bf33f0dcL,0x00000000000001eaL } },
-    /* 19 << 455 */
-    { { 0xd22d064fd55dd06cL,0x8c131707554e5c06L,0xd0834b1c5ab31d71L,
-        0x068e97c08a8ec55dL,0xb354b9fbf2c24393L,0x68526695f43824caL,
-        0xeca17949714f7eb9L,0x3bac155a28673581L,0x000000000000016bL },
-      { 0xd623a454e1405449L,0x6f6344968257e0a5L,0x48a6f559686924d4L,
-        0x183eafd0b335dae6L,0xb0016fca611ff16dL,0x415cb8b78b736901L,
-        0x5613c8cb24ce9cd5L,0x923c4567f82c8007L,0x00000000000001b3L } },
-    /* 20 << 455 */
-    { { 0x5c720be258ab3605L,0x2820c97e11919f9aL,0xa4bc44dbebae5562L,
-        0x8d6d08d350fb9167L,0xde7d84ec8006e434L,0xb6e321bd9a42fff2L,
-        0x70071b01de4127fdL,0xbb67a667f73c64a0L,0x000000000000013fL },
-      { 0xfb25e553f31d98b8L,0x70c787fbe10132d0L,0xf28de5cf258b7508L,
-        0x709924fbf8b95916L,0x78ee0fef73060a42L,0x94eba1441ca70596L,
-        0x1d9405604113ad0eL,0x6ebaeb9d5eb59b5eL,0x00000000000001deL } },
-    /* 21 << 455 */
-    { { 0x8f3c34038513ad8eL,0x23d1068ce02335e8L,0x4df15aa26c8c07faL,
-        0xc8c79d63208b6e5cL,0x3baba1b5694025f4L,0x7537c5fcfc644cfdL,
-        0x67a988643eddd726L,0x5e802190290837ccL,0x00000000000000faL },
-      { 0xc972581abbdecc67L,0x1d388e42d42df1edL,0xa36e26d73014b6bfL,
-        0x68e7d409c17eb104L,0x1fba2f37c9bd416cL,0xa70c61d86280285eL,
-        0x1cca0fba92a82faeL,0x6b7f1886957ab120L,0x0000000000000156L } },
-    /* 22 << 455 */
-    { { 0xd55a28a7dc10eb96L,0xad0d50f0b772c881L,0xe1574305f391a2ccL,
-        0x0406799baf3c73f6L,0xadb82a35b80d865dL,0xc4aa10c63e74ddb2L,
-        0x0f9fa673a31c89b4L,0x134b2949ab05eb58L,0x0000000000000101L },
-      { 0xd3718bcacd00f753L,0xa01c7f4c5581cdc6L,0x25e7432b8ae54a23L,
-        0x9f1f4be4a8864359L,0x2578e281ba8918f6L,0x3df9ca3b8527e2adL,
-        0xcf13344198b23373L,0x32ad0ce945d70a62L,0x000000000000010bL } },
-    /* 23 << 455 */
-    { { 0xebf15c12cd6df125L,0xf8742bede0c3bb09L,0x7400e7b42949e0acL,
-        0x25ebe2a5b908bebcL,0x06c181ac9088df95L,0x17250bead541a8aaL,
-        0x3b57a812cae85f6eL,0x675f0f006d47478dL,0x00000000000000dbL },
-      { 0xff41c2f7a425450dL,0x7e448c6ef6b5814aL,0xc18ac9561125f917L,
-        0xc9b09818cf6dc728L,0x0ffb8f8ba74b6314L,0xbd600655ccdd3a35L,
-        0x5abf65d02dc8b7d4L,0x3ab6cecdb06470ceL,0x00000000000001e7L } },
-    /* 24 << 455 */
-    { { 0x4fb8b429f594dbfeL,0xc57ec74f3702a306L,0xa88664eb38a5e224L,
-        0x03bd2d507529c812L,0xb4890478fee034deL,0x77840108a3b354aeL,
-        0xffb76cdc93f4eb36L,0x0c211ef043c4667aL,0x00000000000000eaL },
-      { 0xc3e39ee2336294afL,0xc13f4a278b47f0bdL,0x90c93312fe8d9430L,
-        0x23e4f98c8899a8b5L,0x4e623a41007c34a9L,0x22f9e5d9bad91217L,
-        0xdace8fffcc6f1916L,0x49cdd45f2be203b1L,0x0000000000000166L } },
-    /* 25 << 455 */
-    { { 0xd62f4e0bf838c030L,0x5ee8619eff5e4c04L,0x573f6322f2ae5f65L,
-        0xf521755a815f196aL,0x52ddf3b992e013edL,0x9b1832f75789e543L,
-        0xb79c173b1aa8ee89L,0x6387e6de7a2a6291L,0x0000000000000141L },
-      { 0x2851d4792e19982dL,0xb824811991e95866L,0x986123011f6a3323L,
-        0xc3acf6105e17b5efL,0x3fc21269157bf97bL,0xacb8c9fe75aaf98aL,
-        0x6b4d228c3c3bdfa3L,0x4baf44ceabe5622bL,0x0000000000000189L } },
-    /* 26 << 455 */
-    { { 0xa8228eb3494ec6d4L,0xf4c3f2df66e6036dL,0x4a0bcbe1987742cfL,
-        0xc95b99a8e26fc56aL,0xc97d73eabc55ac05L,0x4ed64770e346b78aL,
-        0x3be208dfff5ba2d8L,0xdd2b3048d9de7d1cL,0x0000000000000134L },
-      { 0xba1c047088c3bbb7L,0xec2a0e1b7a3f7f2dL,0x6714b1767a37c017L,
-        0xf37978ebfca5dcd1L,0xe12941486fe75a3dL,0x563cb5467b5a6d85L,
-        0x730a871ae6255730L,0x0526e4aa06b13c50L,0x00000000000000b0L } },
-    /* 27 << 455 */
-    { { 0xe6e5671391d9ff3dL,0xde573dad43ff0f2bL,0xff2b0f78ead1ef3aL,
-        0x65d277c1a953c752L,0x86b27d0729c92783L,0x115d71bbaac092adL,
-        0x49abda98f48e8e98L,0x4a8dd8b689b41f8eL,0x00000000000000e9L },
-      { 0x3cb6410a0ba5dbe6L,0x59714ff58f9c260aL,0x76c17272988b3f5fL,
-        0x82cb77d8e171e7d7L,0x736ad952e19f1172L,0x4440cf6ffc6650a3L,
-        0x1dedd658fd78e3b5L,0x44cf2b3b8e33297eL,0x00000000000001a4L } },
-    /* 28 << 455 */
-    { { 0x71eb9485fb8547b3L,0xaf1da3442e086ab2L,0x6dbd491639614d0cL,
-        0x612a6ca365e06d5dL,0x2707f1b2e07c53ffL,0x790f26d549783b98L,
-        0xa940f16e94bad8e8L,0x2e1a7bcadb6ca03aL,0x00000000000000b6L },
-      { 0x3546c7ffccafca6bL,0x63272d70e14ce7d3L,0x27bf1e92de8a95b7L,
-        0xa8f658b4e40923ffL,0xe7e7d90319aaa4c2L,0x31419704616938f0L,
-        0x60badb4c73607bafL,0xf5a8c9f71a7f8968L,0x000000000000009eL } },
-    /* 29 << 455 */
-    { { 0xe8a1be53f7cf8076L,0x835d75075ed17febL,0xdd4e7d82a137d007L,
-        0x034b4a4ebec4128cL,0x97a6e77869848477L,0xf5f497447b7cd22eL,
-        0x7ebcd6f2e4ae90c3L,0x639a23d313d1fe20L,0x000000000000009cL },
-      { 0x63a94a750b5a12eaL,0x5ed1316535a18dbeL,0x108f40b1250766a5L,
-        0x0699fd0f3be758a6L,0xef0651edf555cef4L,0xc7cddb0991e0d002L,
-        0xd812e01ecc15cb77L,0x45a3ead3ae02880cL,0x000000000000016eL } },
-    /* 30 << 455 */
-    { { 0xd958953f38053cfeL,0xd0dca4087982a66eL,0xd1e7e8ffedf296d7L,
-        0x89403f2546c71095L,0xf9dd442a2197e27eL,0x04c09109a1856828L,
-        0xe0f10851c30471fcL,0x9845881cc5fbddfdL,0x0000000000000024L },
-      { 0x296b2075de6d1a79L,0x31700b8125baf333L,0x7eacd4191e723113L,
-        0xe296b9124dd7b2f2L,0xec4a609c3284a3d7L,0x20d5b58c0edcd7dfL,
-        0x4ae17e8562a0a946L,0x05db3034acd03e7bL,0x0000000000000037L } },
-    /* 31 << 455 */
-    { { 0xe117f7c6c77ec006L,0x52aa819720d4293eL,0xa513494e12cb1789L,
-        0x6bc91133c8458cfaL,0xef421ded0667ad04L,0x383dbeb1edea9c8cL,
-        0xd47d49b59db7b079L,0xa39d6cb4a990d3b3L,0x000000000000013fL },
-      { 0xc7d38b61e69c3f9aL,0x851ecd8f6b0830b7L,0x8a4086e71e5c2abeL,
-        0x3a717b444f21af8cL,0x15b162ef29f03bd4L,0x046ebf9d8bff7773L,
-        0xdaf386f8c226205fL,0x3b6c08c60f50c5c5L,0x0000000000000098L } },
-    /* 32 << 455 */
-    { { 0x6ad03106c4dd900cL,0x8227fb5d7ca08923L,0x2e3c1e7f863ba5d9L,
-        0x5f76d6bfb5be20d0L,0x841dc1d29492569aL,0xfda5b20e47e0dc0dL,
-        0x65aba1062d720dc5L,0x9eab8ffb03e6765eL,0x0000000000000046L },
-      { 0x32d92252497da0c6L,0xa2d4c8b1beb7b1f1L,0xede29968f01c7409L,
-        0xad902eb5da06607fL,0x2c60236c5c1e7d9eL,0x51f51ddd17a3b1f0L,
-        0xb71b393f40ab7cb8L,0x710fc9f9a16ac6bdL,0x00000000000001ccL } },
-    /* 33 << 455 */
-    { { 0x17a9f511c817a522L,0x43a3b550007aece4L,0x96a038d0c081e0b5L,
-        0xbe555f9fabc7c9fbL,0x3d97da9bd3f2d813L,0x924e5ed26daa6206L,
-        0x6060389e149fdfb2L,0x63405c57e663161fL,0x000000000000012cL },
-      { 0x1d535749a4996c62L,0x154d702fb7d9b367L,0x0683f9a7958437ecL,
-        0xed90375c67c11730L,0x25ec469479487577L,0x63d81f9ff945815dL,
-        0x62fa26f1ad0df408L,0x443de5eb41432e39L,0x00000000000000a0L } },
-    /* 34 << 455 */
-    { { 0x9a7ae6cf1937fbdfL,0xe520bc25b3b127d6L,0xbecbb9ad3f934c09L,
-        0x4eea4a4bad3dfdb0L,0x44a3e5454d6092d7L,0x79f2a6084b131c63L,
-        0xacdc5157338e48b2L,0x5895180b31633996L,0x0000000000000034L },
-      { 0x53d6e9a967add219L,0xdbda58e57a0acb39L,0x2beb62a9a501e4fcL,
-        0x09ae642eb8bcd189L,0xd99bd74cd3070382L,0x818602ea5fa033d6L,
-        0x2c7a8b66bd6174efL,0xc528911ad73d7039L,0x0000000000000107L } },
-    /* 35 << 455 */
-    { { 0xb097a9c2f6574536L,0x01dfb1ead319bb2eL,0x919b41fd10b8126cL,
-        0xd387f3fadafc4fccL,0xf07fe9237b4b8b0dL,0xaca2f681bfdbb170L,
-        0x2e229073a14a8bbcL,0x1e583333a004c3e1L,0x0000000000000121L },
-      { 0xe9c44b5713153005L,0x74f67017e0319549L,0x893b54f0aaafa8d1L,
-        0x61f414ef72b64577L,0xebe1f4aa89e38aecL,0xeebee7400152e2c0L,
-        0x63822c46e22b96e1L,0x8145b880f9e04ea4L,0x00000000000001f6L } },
-    /* 36 << 455 */
-    { { 0x70f229cbb6f71f93L,0x527c300f096b2a6dL,0x7eb15fc35d2b2a1eL,
-        0x073037886bf3f2b3L,0x09f662c4d861d407L,0xd56f054e95f869cbL,
-        0x2bff96ccdb9ac292L,0xee2d64d25e9b133dL,0x000000000000014fL },
-      { 0x5369672b2305675fL,0xeeee27df7c52d654L,0x3e3f0183901109b6L,
-        0xf71689afd656a411L,0x7c3d84abc38b5e62L,0xcea0ef8521a746b3L,
-        0xc5bcfd6af0d2c28aL,0x90cb94f6898a7fa9L,0x00000000000001c9L } },
-    /* 37 << 455 */
-    { { 0xaba2f77640133b1aL,0x9114351127a6fef9L,0x31687b81884480c7L,
-        0x6c7052c84c380de0L,0x7dfebacf0c44050dL,0x29a6e20b301d0518L,
-        0x83f7b2ef05e760cfL,0xa7761fa0e4c7bda3L,0x00000000000001f3L },
-      { 0x5e81cf8f5f22a316L,0x0eb5cd7a5b6e2718L,0x311f1e41a7c3b19fL,
-        0xfc878ca8e0c1b8adL,0x9ba4b865dce88c89L,0x42170861e7a6c11dL,
-        0xc302bd176a3c551eL,0x981f282f0b95bda8L,0x00000000000001c5L } },
-    /* 38 << 455 */
-    { { 0x45e81509e8e44c3bL,0xb45241a79f5ecaa8L,0x07e66b9bb2dcacc3L,
-        0x40043c9c19768addL,0xbc8029652dd99cf9L,0xfab3cdfb005a5e9eL,
-        0x36e1d42bed774e95L,0x76967c78d3e4bd9aL,0x000000000000002bL },
-      { 0xfbae6c36ce44de1aL,0x0fc8f7010721ad16L,0xde6105a31dd0cfc6L,
-        0xb7a3f2c209ad74b6L,0x516e7cf8fcf82cecL,0xd836e0e6b5552158L,
-        0x3eb895880579b9dfL,0x2fc2edd075f65cb0L,0x000000000000005fL } },
-    /* 39 << 455 */
-    { { 0x209fd86fc4137737L,0x34bf527b978a68f4L,0x567eb20b0524f6b9L,
-        0x86c410e79eea1c80L,0x97dee397954cc697L,0xc18b5bd59a84dd36L,
-        0x2a2da3a7ee023a11L,0x86a285102dbc351bL,0x0000000000000093L },
-      { 0xfbcf67f59f2e22b7L,0xfd1c4381e2309b87L,0x70afab784b2ef658L,
-        0x97e54cad9d17cb2fL,0xb0c6b4df35aa6422L,0x83fa36a31237f048L,
-        0x9ad8104a331e9c53L,0x8bb00b123d97ab25L,0x00000000000001b4L } },
-    /* 40 << 455 */
-    { { 0x918afde6dd0f65e6L,0x667ac91da60ee85fL,0x0b1a2ad0f5ff339dL,
-        0x3a6125964b0cfab3L,0xaa581d090d017c03L,0xbeddacc0fb5e501cL,
-        0x55b8408587c6b6c1L,0x00f407609e6153d0L,0x000000000000010fL },
-      { 0x205043e2c8e8cb57L,0x3d3727c5823a3034L,0x23370101d9e5df15L,
-        0xf731c40fc5114c53L,0x8e75d60430a82cc0L,0xd37ccfb8121c66f7L,
-        0xedf7a2a6c8593bd5L,0xbbf51d6535e1fb10L,0x00000000000001deL } },
-    /* 41 << 455 */
-    { { 0xa17bb177dc0e1ef8L,0xf584de3446ed722bL,0x4b0603607255afe5L,
-        0x6d3f576ca596d508L,0x48631ef184744e19L,0xd46c50ad0ef56fe3L,
-        0x6ddb4398ea9feb8dL,0x5657e597d644bcb2L,0x000000000000005eL },
-      { 0x70c62c4674ceb129L,0xaa4fb4f7f7dc52e2L,0x0d4c8ffe05ec9b3cL,
-        0x99df5287e6ec0a63L,0x3113604225242ecdL,0xcd6a183fe5a9f9d5L,
-        0xd637a75ce46032a7L,0x3d1a48b60ab918b9L,0x000000000000003bL } },
-    /* 42 << 455 */
-    { { 0xc171893ab62f6307L,0x79d5af9085ab06e0L,0x9c3679f3599351c4L,
-        0x736031906d60ff6eL,0x2c98c205c5148a73L,0xe81ca4cb9f935ffbL,
-        0x5101448879df55ceL,0x10d3424ab4c0e674L,0x000000000000014dL },
-      { 0x00aeb5cbe469eef0L,0x07c01cfc0f37d3e4L,0x4e267bc688ced992L,
-        0x237d6f19027453a6L,0x6ce9a46ca02dff38L,0xb48c2de3e9b59a51L,
-        0xf35d0e66ddf74ad1L,0x86f7437185cd3698L,0x000000000000000aL } },
-    /* 43 << 455 */
-    { { 0x263bf75377aee0e3L,0x5b295858c1eedb82L,0x5331a56b952329a5L,
-        0x48a0796cf6a59c36L,0xe85f29551b055becL,0xf93e92e2d0dbccc0L,
-        0x3ef186a50aa5763aL,0xb29991763e1eaa92L,0x0000000000000038L },
-      { 0xf79fdc4de38ccabaL,0xe7b0c6558caf6844L,0x296cce34714fcdd3L,
-        0x1a48345621cfec87L,0x2a8312d2358e9594L,0x610e6381a0afd4dfL,
-        0x89e6492a8e1029e6L,0x21374b02a785d5a7L,0x000000000000015dL } },
-    /* 44 << 455 */
-    { { 0x2861a30eb68c0635L,0xc2129da0128d086cL,0x71851e3d95fb00d8L,
-        0x6be824592c8800ceL,0x5521a722ce3a6551L,0x695af21cf0572143L,
-        0x1b01ba0f9a2b9d06L,0xc7a637ebc61d4109L,0x0000000000000176L },
-      { 0xde540faa89107147L,0xa69764f80cc6d6dcL,0x81569f23de0c90d9L,
-        0x517113424a2222f3L,0x0c490876bbbe9e08L,0xb218ae1da3475159L,
-        0x0eadae96c8e51833L,0x7993eb897570ca6fL,0x0000000000000003L } },
-    /* 45 << 455 */
-    { { 0xe9d8cf2d8785a41cL,0x36959f1c8d4f1dcaL,0xb0f16556f44c8f0cL,
-        0xf788aaac699f6e69L,0x8abb277294c578f9L,0x8c38c394dfc06c9eL,
-        0xdfafe95575442f3cL,0x2d9e16378435de99L,0x000000000000007dL },
-      { 0x774db458e4ef85edL,0x198e3637ea0e6694L,0xa5e77830e40e988aL,
-        0x180c3b5b74b081e6L,0xa39ebb6fe5bc23f9L,0x5c98492369c1387bL,
-        0x0d9d7416587975baL,0x424b5201488c1367L,0x00000000000001ecL } },
-    /* 46 << 455 */
-    { { 0xff5a55c214efd7e6L,0x1adca75e365a094dL,0xafa2b130605e96adL,
-        0x4aaf11849898ced8L,0x5599ad68f50c7414L,0x94be391326bd2eabL,
-        0x54ec8fa2f0cb23abL,0xf5920c89b6d8b96dL,0x000000000000012fL },
-      { 0x017d7945611261a3L,0x542c34269a3b84e9L,0xe2f9e3b19aa43757L,
-        0x75f2e88847f67da4L,0x64eb39e58eeee318L,0xdd8fb1eab23b0d46L,
-        0x0971767d60e07045L,0xf8c25ba53967eedfL,0x0000000000000036L } },
-    /* 47 << 455 */
-    { { 0x7ac23ed5462ca57aL,0x859f1e17b839657cL,0xfd9e2e325a5e48a8L,
-        0x45bbd738aeeb1b7aL,0x1786362c8e2b75c2L,0xcb5a7415854623e0L,
-        0x1b71ca28e753b2d4L,0x92dfa281fb021727L,0x0000000000000070L },
-      { 0x0af516c1c9ffa091L,0x42980007ddbf8d4fL,0x3a9df51f9a67fae2L,
-        0xa984f61c8383e456L,0x6eba62bcde9db2f5L,0x612efdba5b905e6cL,
-        0xfe1e383995aae128L,0x75a64613ed632571L,0x0000000000000015L } },
-    /* 48 << 455 */
-    { { 0x2ada7940334d380eL,0x02f067bd7076d98fL,0xbe6af9ceb6975322L,
-        0x1d145ee3dc8fec6aL,0xa222be87758076e9L,0x1a8e5d43b84e9fedL,
-        0x137692d4ddf34cbbL,0x6dfdb9297eae4ae1L,0x00000000000001d2L },
-      { 0x7e231c00d1551943L,0xcc44391628a2f7e0L,0xeecf6cb476040912L,
-        0x6d4c14e8be5a22d9L,0xf90d649d3282241dL,0xb5419dc2e561a554L,
-        0x4b69138e82ab84efL,0x5224b9b561afd072L,0x00000000000000adL } },
-    /* 49 << 455 */
-    { { 0xce08fcf6d04171b8L,0x4470ba5dab720d25L,0x2e7666ad5071f025L,
-        0x15f9107c0490cfbfL,0x03786dfbf7edec5aL,0xa3ab26f2371f6194L,
-        0x665c2e17943af89cL,0x181c21f31c3493cfL,0x00000000000000a3L },
-      { 0x9a689ec87ca04084L,0xbc10f3e5a1b7ad4fL,0x3848a05d0e4629c1L,
-        0x5d1524e1594465a3L,0xe73e3208939b6dfeL,0x394cab75dcea7042L,
-        0x4e6325fcf6c3716fL,0x68a3e3ed7796be72L,0x0000000000000176L } },
-    /* 50 << 455 */
-    { { 0x599cd0ec19878894L,0xe7143cbef201ce5eL,0x10da3714a5fb9cf7L,
-        0x1c9122b2773764c3L,0x4635467e2027dfaaL,0x891a7d9dcd55ed99L,
-        0xf343aec526f12cdaL,0x12c08f3a438e2784L,0x0000000000000179L },
-      { 0x8e2ef2fe5bae4783L,0x9d7cef170232cbbaL,0x083db67c52253a59L,
-        0x37e59d4263da345dL,0xa8e574ea3d0d079cL,0x86ef4870a66d7cc2L,
-        0xe52c34274734a3c0L,0xbb6fbdb41bcd144dL,0x00000000000001d3L } },
-    /* 51 << 455 */
-    { { 0xa00168b412379ad3L,0xa2868b5b4a48c0e5L,0x3e403c86504a9c17L,
-        0x75b6907209543de1L,0xb75b42c499043a93L,0xa2e009d45e566fb8L,
-        0x11d754e0a583b69dL,0xbe0fa1b4de63df49L,0x000000000000015aL },
-      { 0x612814a12c6aae03L,0x408b7372915e29d1L,0x61f61e12e73428dcL,
-        0x2085d678f7e77717L,0xb1029211f963b36cL,0x25bd69c89327c6e2L,
-        0x7dd7d1a1c981dcbaL,0x2d539c7ce37c6a61L,0x0000000000000022L } },
-    /* 52 << 455 */
-    { { 0x8d21680e0728f4ffL,0xf7fcafebd3f8ff89L,0xd2d0f396fc6b6546L,
-        0x8cf7d514e633a609L,0xeec1ab0faa3e51acL,0x0a48bf23f0f80226L,
-        0x4cac2e1fc760431cL,0xcfdea2348ed7cb1aL,0x00000000000000d1L },
-      { 0xe9f93bca5750470cL,0x152b0ce438fc7e24L,0x1ef36c9ed4a355beL,
-        0x749ecc7dc9cca53dL,0x4ef6355437f7c108L,0xd52c4ba48aedf964L,
-        0x8b7ea74c64626574L,0x932ea2a11b2b87f5L,0x0000000000000164L } },
-    /* 53 << 455 */
-    { { 0x9ff3327685f612fdL,0xdf4f0b6dc3c52e70L,0xa1a1e4a964bb28a6L,
-        0x36d03f2ef1d7d1c3L,0x713fb6f44ae93407L,0x0c2663100ec30593L,
-        0x66aca9e329b5d9c3L,0x7d37a8fc0a1def97L,0x000000000000000cL },
-      { 0x98796288fb425696L,0xff1a6d29cfefe3a4L,0xcfa5943801fd64baL,
-        0x6a4024ce28438b13L,0x7f2c7ef6301c73c1L,0x5157f61082d44729L,
-        0x9cba0eb974e95fbaL,0x2af6f3c9da31cc7eL,0x0000000000000164L } },
-    /* 54 << 455 */
-    { { 0xff6f5774e9c6175cL,0xb2021f132c173fc7L,0xc83a71f46216e5f5L,
-        0x92cdfd754c193206L,0xde732cde4d22b91bL,0x4cc370e5d7a01b58L,
-        0xbfa177b448ea185eL,0xbf12228870f5f0acL,0x000000000000017bL },
-      { 0xd724f42f8316c8efL,0x6905c0c0ac459200L,0xab0cbe91dbc7be67L,
-        0xf06b9cbae5fef79aL,0xd7a0f1a2cb237962L,0xf69b237bb47d05aeL,
-        0x8a81d536c2c53527L,0x51225080b0f26302L,0x00000000000001d5L } },
-    /* 55 << 455 */
-    { { 0xfea9cc0820d402a1L,0x509a70ebc76080f2L,0x7580e94558aa7d0fL,
-        0x6471e00c8d610043L,0xf7c55c9f0fb867ecL,0x7d6d03dd6b89866dL,
-        0x3fc18d3420c4eff8L,0xe3dbea145d1d2313L,0x0000000000000179L },
-      { 0xb2c10b3c736797f4L,0x9c095e9dd5fb62feL,0x743ddb07edfd0c2eL,
-        0xa8800366fa8d5851L,0x29347e8eb6cfa213L,0x42ad89046c7c633dL,
-        0xed00235329db442aL,0xad54d66623a2dc5bL,0x000000000000003aL } },
-    /* 56 << 455 */
-    { { 0x2ebae39103bd7a6fL,0x13ff72a0140373b3L,0xa5b141a530872b9cL,
-        0x61ac67b5d9c814ceL,0x6e6ab6920438b9b0L,0x6f4aa29364f88c78L,
-        0x72d11944e9552beeL,0x7d9f109277e33318L,0x0000000000000054L },
-      { 0x1c5268b29acfdd22L,0x228c8fc024fac5bbL,0x016752ec0ec7ed62L,
-        0xd8ef13a7b5a87ec9L,0x9bc2ae729b4b08cbL,0xd893fd89557487eeL,
-        0xafa93167c5392bc1L,0xd9c4fb99ab6145d8L,0x000000000000005eL } },
-    /* 57 << 455 */
-    { { 0x1149336e72ac95d1L,0x4c91f13b36a6036bL,0x225902f97996e931L,
-        0xc909dad12d1a49cbL,0xa04dd8823e602465L,0xaa74cf8f81ad983bL,
-        0x763f241dc0602498L,0x01e44d072ee437faL,0x00000000000000a4L },
-      { 0xb3db828d8f95d8d9L,0xe9b27a3e4450b812L,0x52d0967e11b19723L,
-        0xbd50c86ce35c5c80L,0xdb536850b0b1f3efL,0xf5ac19c371efd402L,
-        0x54bef49e59cd819bL,0x290ad09a7465ee11L,0x0000000000000082L } },
-    /* 58 << 455 */
-    { { 0x8c81d20117796415L,0x96df8961a41a5c87L,0x2f683ed593038a8eL,
-        0x716a79c9ed5e731fL,0xe68ef96066ac1e81L,0xc9bebccec524da56L,
-        0xf4b5d4a9177bbe84L,0x6ce36c9ce6186b68L,0x000000000000014eL },
-      { 0x161dc2e2883dff67L,0x51307f27eb431a89L,0xde5d4eb546e62c45L,
-        0x8fe6dd46e534d7ccL,0x36425cca2c53c201L,0x415b963968c204e7L,
-        0x89e7bdcd9f23732dL,0xfe64f5cfe68f1042L,0x0000000000000173L } },
-    /* 59 << 455 */
-    { { 0x5435603769b30790L,0x51ed00912f5b77d6L,0x6b54b15b131a7282L,
-        0x211ad378cbd36a8cL,0x34c16f4bed3eecbbL,0xc24f076bd9171627L,
-        0xd886847908657939L,0x244ec1baafebdba7L,0x0000000000000192L },
-      { 0x1b800e47fd724355L,0xcaa24c65dcc4bcf3L,0xeaa8571a7e3df4ecL,
-        0x2dcdbb0c5958fc6eL,0x2b1576b4cdd587e0L,0xf4e38c6cf3704941L,
-        0xe8e9bc2cc74de3a0L,0xd8594532fa4c5a2dL,0x00000000000000c7L } },
-    /* 60 << 455 */
-    { { 0x1a2de621d3f97283L,0x6490069191ca7921L,0x8ccc97d8fc69ccc1L,
-        0xae42e47f82a38371L,0x6903459a7e1d913eL,0x195ce6e4a78938d8L,
-        0x166416eb2712a0d2L,0xfc643243186b4b06L,0x000000000000019bL },
-      { 0xd54ca42aeee3a04dL,0x2d541413d5efca8eL,0x49115fe689fbe015L,
-        0xbf27d2678dd0851dL,0xbe50e034bc0281a7L,0x3f4e7ff1ca2d692dL,
-        0xd14dce191ca3c7b1L,0x27f9941a395f0b98L,0x00000000000001b4L } },
-    /* 61 << 455 */
-    { { 0xeef667b0e59502baL,0x7004ebb230c2dc42L,0x7dde5dc19816002fL,
-        0xcabedadd130cdbe2L,0xd3e313886b61a332L,0x9361770331e77c39L,
-        0xe152f854d2e9a54cL,0xf692b0e0409b7761L,0x000000000000006bL },
-      { 0xcdf2a769675db132L,0x9cf60fb4c021c4b5L,0x85ae29ccc6f8ab53L,
-        0x3f2604555d8ba929L,0xf12440613a526ab4L,0x07f6786582d7e4a0L,
-        0x1ee6dc4a196b3b01L,0x63d990fbfe1ddb4fL,0x00000000000000a2L } },
-    /* 62 << 455 */
-    { { 0x1582b86eb4498ac2L,0xf11f80e2ee605f5fL,0xb7c8dc4e60dcd7f9L,
-        0x2a06825b4b80356fL,0x41bb0da77e959943L,0xc0d5e398b4590db2L,
-        0xcb3232f28756eab9L,0x9d4ceef76e88c536L,0x00000000000001e5L },
-      { 0x73935b8f4dcbc4afL,0x5695ec670d9f27f0L,0x53a03172d530386bL,
-        0x51b1e293a6e98f81L,0x1ad5c0e0dc3e5b39L,0xa5414a2128acb62bL,
-        0x96a450f791d1f852L,0x398f2a08aa5db342L,0x000000000000014bL } },
-    /* 63 << 455 */
-    { { 0x25e1f974e7957ba7L,0x2926ba4a36f165afL,0x92eada47e14be343L,
-        0xc7acd9f7d2eb5160L,0xf2f1c7004a2f58e3L,0x991e3726c2d83bf9L,
-        0x3526d6bb8b367f2aL,0xad87a25e2365148fL,0x000000000000010aL },
-      { 0x04bb40a8f2902a8cL,0x69316b4a004e47eeL,0xaf8f683e1259c9dbL,
-        0x36f36eff9ce6b2c9L,0x061325ecb4327f6fL,0x4d8a6a22ba5f20a6L,
-        0x7ac29df33e3eab51L,0x0cb65295d4063ef3L,0x000000000000009dL } },
-    /* 64 << 455 */
-    { { 0x8a3e381ccdcd741bL,0x2c5acc0b14e8f964L,0x209d040429621441L,
-        0xd27a65cb2995c3b4L,0x3a776ff06ec13968L,0xa2d95ca7db4f8a0bL,
-        0xfdbc547d6c04ea3bL,0x30ba75a8db40f58cL,0x00000000000001adL },
-      { 0xf6406a6b84115d90L,0x7d2e26ac0f228b65L,0x1e17672b9029a8abL,
-        0xeaa84d813ecf05fbL,0x9e16e91db5f5b798L,0x7287dbd5e978749dL,
-        0x85880f457fe092aaL,0x80b3126c514afdcaL,0x00000000000000e0L } },
-    /* 0 << 462 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 462 */
-    { { 0xadbf4f9faf2ed12fL,0xce1d19e4f380fd8aL,0x0957bdb5a39e81aeL,
-        0xf9833321626ef6bcL,0x110ae5ea0cf5b28dL,0xab15945020392cd4L,
-        0x67c498876bc67855L,0xce7e5938a3fd61c6L,0x000000000000004aL },
-      { 0x59c5b9ef28c7dea9L,0xd02f95ba0a6a7184L,0x034dc2578202769cL,
-        0x213b0b0894dd6896L,0x03730b7fb5dea95aL,0xfe243ed0617ca889L,
-        0x16cf4d17fb1ba052L,0xd8691d6b226f96daL,0x00000000000001c0L } },
-    /* 2 << 462 */
-    { { 0x15a257c527a668abL,0xa437f499c920d8dfL,0x297b6764d4cd271aL,
-        0xcbedd33b87ce8d52L,0x4ab3b76110385c75L,0xca68612323436b58L,
-        0x44d5a94d8d52f4e5L,0xd125e021605bba0eL,0x000000000000001eL },
-      { 0x578cd28335e40c74L,0x898f4684244ea58eL,0x158ae785154fc334L,
-        0x466c1c29d8d62231L,0xef781790c48b1013L,0x7a902e83c3253275L,
-        0xd0aab751b1aeae85L,0x89248d120ecd9b0eL,0x00000000000000e7L } },
-    /* 3 << 462 */
-    { { 0x92e5bc5c8c7671dcL,0x0eda1a20215e6b5fL,0x158462923104e97dL,
-        0xd0513d5868bfd00cL,0x3439d9cdbd88796aL,0xb3d0c7919ec37b3dL,
-        0x8e0ac88900c49d4fL,0x3ee90cb4441e1f08L,0x0000000000000079L },
-      { 0x24c36d60fe7e66eeL,0xff0aae245f990abbL,0x78308e0d041b19c4L,
-        0xecaa1b05c7ed7c0eL,0xd1d45e1cd86c1272L,0xff74e3e91b7ddd34L,
-        0x17b6d9984948d333L,0x1d2c2bae12ead07aL,0x00000000000000c2L } },
-    /* 4 << 462 */
-    { { 0xe12d8922cd5f918fL,0xec7c176349f73f1bL,0xcc5a3a14c744eb3dL,
-        0x2b96f342782dbda1L,0x87284905ab68dde4L,0x647354b9e720668aL,
-        0xe07da694739c4393L,0xbae499bf2cc145f9L,0x00000000000001aeL },
-      { 0x74eeeaa477c16db0L,0x297624e8eb22ce92L,0x9d3944bc45098c91L,
-        0x6ff31fa0fa4dc50cL,0x3c7fb6dacc40c211L,0x74d95dec96b4cd1cL,
-        0x829423dba6388941L,0xaa2b7d45fc3123b5L,0x0000000000000119L } },
-    /* 5 << 462 */
-    { { 0x90a1a0ec3f49a005L,0xacb7506b94508ef3L,0x3e44866b8af044beL,
-        0x00240490deda67cdL,0x88a83372b773399aL,0x84c5c9ab2969b007L,
-        0x9fab80da8cc3eb59L,0x55b3ceef0472347bL,0x00000000000001b7L },
-      { 0x886acce0c83ffd24L,0xcba2aa08a61f2f61L,0xf4ff7cecbc7ab151L,
-        0xc825c0ae23a23bb1L,0x4bbe707cd3b316b7L,0xcab4a987ca9bbd00L,
-        0x4cb9d017a4741041L,0x3e5014b4718db768L,0x00000000000000b1L } },
-    /* 6 << 462 */
-    { { 0x3f614850400ed29aL,0x6ff097c0d252cdb3L,0xafbeb6cb589c3201L,
-        0x0f900ae78d3782d5L,0x69902554ce4bfee8L,0x91d1ce3e51965228L,
-        0x61c93b4ae8630088L,0x066dbdd793d1c0beL,0x00000000000001adL },
-      { 0xf65ac289fc255d76L,0x1ad9d35d122e0cd0L,0x3b29d3fe4f08dde9L,
-        0xa1a3a083d1829c0eL,0xc7500da1469b3ce2L,0x8cba6c9931ea259dL,
-        0x6724d90dc78af820L,0x0be3b075170d6e15L,0x00000000000000dfL } },
-    /* 7 << 462 */
-    { { 0x108c69d8ffdb2cdfL,0x95008e039022f9dcL,0x9206904662c29258L,
-        0xc388264486233b0bL,0x79862fb5f196c059L,0xe47b071f515c7d8bL,
-        0x019d7c9a96ef0fb7L,0xef99e754d21aa1a0L,0x0000000000000068L },
-      { 0xfb114e4348013bcfL,0xd510664864739742L,0x4a4f811b623625f2L,
-        0x7f36f16b9c64ea5fL,0xe829e645bd173948L,0xfde730475af3200aL,
-        0x8bbe62cffc337d06L,0x98549a55c985b1aeL,0x00000000000001b7L } },
-    /* 8 << 462 */
-    { { 0x404216db33849ba6L,0x7979ab027b42813fL,0xb0cabf29117e27aaL,
-        0x3e449cb65a0ab76dL,0x34efba77460b6964L,0x7553e0a66fead00bL,
-        0x8ac8857116963cf0L,0x01716cbe017ad9d1L,0x00000000000001f8L },
-      { 0x30cfe5c1d21fbd36L,0xc7a0e466df1fe3b4L,0xca38fd1cc8ea2c29L,
-        0xde2e20394e54630fL,0x3b152ec3885b124fL,0x704a1d76d39818c8L,
-        0x0e74a9825207d2c2L,0x2b2dc7c8ec4d71a5L,0x00000000000001f8L } },
-    /* 9 << 462 */
-    { { 0x4e5c2656a20ee12dL,0xc4beb2bbf38239bdL,0x8911466401e32b71L,
-        0x9282668c52808f4bL,0x99825c89586715f7L,0x73e4d0b0f6760accL,
-        0xf24743d27956e8dbL,0x219289ab9074bb3bL,0x0000000000000147L },
-      { 0x0ce42484e18d70c0L,0x865b0a12ed9a8b42L,0xe9e2c3a206e2060dL,
-        0x11ad93e462d02433L,0xf9faceca382d0deaL,0x13fdae7bc2f70442L,
-        0xd5ecf82693862d21L,0x3286fd7361440676L,0x00000000000000d1L } },
-    /* 10 << 462 */
-    { { 0x9059c13b115d7186L,0x42c5cbffaee2253fL,0xb326c80627914590L,
-        0xd78cd2604c197c2eL,0x076b4d3c84d14e78L,0xc75fba4cbe666d35L,
-        0xe564935922126692L,0x62773e9a1d415c9aL,0x0000000000000144L },
-      { 0x39518f5ffba49366L,0x15a2865a6a82670eL,0xe6e08537e05bc13fL,
-        0xd69de2c00bf3f3a0L,0x75096c76d362830eL,0xf3744a2e0177a66aL,
-        0x3de2a9ddc9baf0e6L,0x3c0f980fb6d810d5L,0x00000000000001b4L } },
-    /* 11 << 462 */
-    { { 0xcc94284db189ddb8L,0xb485dd3e810cb5b3L,0x7962589cac622d13L,
-        0x66d67d6807da5abfL,0x159b0de064fac523L,0xfb87c9e036ee4172L,
-        0x8efdd2605f67a45cL,0x967626223addee84L,0x0000000000000185L },
-      { 0x612588e0207d2d04L,0xfcea78b33a859390L,0x73e90526997cba0eL,
-        0x805d7844afdcc542L,0xc3f76999e81e478bL,0x9cdebd300a4966e3L,
-        0xbf267a7251a2070aL,0x36c52bf4cd0f0a22L,0x000000000000006dL } },
-    /* 12 << 462 */
-    { { 0x01ef33cf16e0f612L,0xbccc51c3eeb7a33dL,0xcc35c1e346a12c50L,
-        0xd2151223b915b370L,0xb03030143aff625fL,0xb7e34e67b76ed5c4L,
-        0xd5b48e2210b988f7L,0x5edada0557f1882fL,0x00000000000001eeL },
-      { 0x70919a6126a93c88L,0x2729baf111491a74L,0x895470b5541b2e39L,
-        0x88e52a03c85fef39L,0x605d48085b35ad5aL,0x3203783c87561036L,
-        0xac1c8568546e9de2L,0x61c5703c62d3bc75L,0x0000000000000192L } },
-    /* 13 << 462 */
-    { { 0x0f55f94ed641f8ddL,0xb2dec9ebc1daf64eL,0x5bcf6cb3f70c3974L,
-        0xc0e4304c24e93de0L,0xf3d5cea7b59b116dL,0x34a1d943e9dfdb47L,
-        0x908d0e134f9d468aL,0x52b536cb61c837e5L,0x00000000000000d2L },
-      { 0xff2678be174d1c4dL,0x952da2e880b4eb5cL,0x474b27b13e739143L,
-        0xfc9871cd70a02e7eL,0xcfd72308c6d5fbdaL,0x0a9812e6ecee2813L,
-        0x1461ce73b4f29fc9L,0x2f643e82c08cc647L,0x0000000000000131L } },
-    /* 14 << 462 */
-    { { 0xc1ab1a2af439f3f8L,0xc1aaac5405a1ec00L,0x5df5d950abab5451L,
-        0x13114abf23f29c1fL,0x0cdd9aade17cf9b0L,0xd16efb64b78fcf8cL,
-        0x9fd47a7ac0d274b0L,0x9bab71c2fa1da55cL,0x0000000000000095L },
-      { 0xdccdab46293e406aL,0x40e3b0cc310ece4dL,0xd18c09e52463ace2L,
-        0x65122363364dc7ffL,0x77fc1848657b65f0L,0x422392cfc4011670L,
-        0x382cd9ee2bb61fa4L,0xdcb156d14558bb3eL,0x000000000000003bL } },
-    /* 15 << 462 */
-    { { 0x8e96bef0dccad82aL,0x0ff19a8e4919f552L,0x9dd5e116498d3dc5L,
-        0x5d25b8a36173057dL,0xdbef9c9586f15c1aL,0x445d807d6f12eaa2L,
-        0xe494386943108eceL,0x5736908d88b2f68eL,0x00000000000001eaL },
-      { 0x9757f44fbc6b53c9L,0x61faaf06c2072e4eL,0x9fba7b4bd5ac4681L,
-        0x130e8e184ecba083L,0x9c12e614b297edbfL,0x746c82a360efb65eL,
-        0xb42ca8c31cfe64c2L,0xaabb762ffac5abb1L,0x00000000000001b7L } },
-    /* 16 << 462 */
-    { { 0x493d8a3fce43380aL,0x27d1657b1511e823L,0xf09125a7e6112eceL,
-        0xafd3f48218c2ddc1L,0xc1207ac1602ab092L,0x22fdfe83f80fe3f9L,
-        0x736ad27ff479c304L,0xd1fc1905784ca960L,0x000000000000008fL },
-      { 0xe87798d27fb35409L,0x86b0257161cffd40L,0x12d991f963058303L,
-        0xef9e933e033f10c9L,0x8221774cb298a118L,0x95dcfd1080dc2858L,
-        0x83747d7168bfaa1fL,0x03567035a213129bL,0x00000000000001dcL } },
-    /* 17 << 462 */
-    { { 0xeeaaf96644dfbf9bL,0x86df2b8af44c56c0L,0x2bf28ec1976c6682L,
-        0x50c5528dcb7a8ff3L,0xcf2be4a643420ec8L,0x4c214e8984341eedL,
-        0x7b65e1aa232ab304L,0x02622feebbffdf3aL,0x0000000000000077L },
-      { 0x907131fff1637afdL,0x51693f9b107885e0L,0x7035ec8c41aee9aeL,
-        0xa45531d5f94a191fL,0xf3556642188aa104L,0x58aee7a7d7992ed8L,
-        0xc1bde242750e9e10L,0xa2bee7d8b6ac4e78L,0x00000000000000edL } },
-    /* 18 << 462 */
-    { { 0x7ff30e30b92acd78L,0xf64e2e1e397f204eL,0x85ceca93595a69aeL,
-        0x82d987dd4dfec414L,0x41e53688f2448e97L,0x9024642e5a064c46L,
-        0x706066f5e60807e3L,0xa8743118e8cea80aL,0x0000000000000167L },
-      { 0x3a88f81b112ee142L,0x1d43947513e86304L,0x73ce796df75c9d7fL,
-        0xfa5edc926cc4a9ddL,0x2b1bbc20981ed026L,0xb632ae87c6a7a48cL,
-        0x27425c2d622960f3L,0x4501465610fc0860L,0x0000000000000072L } },
-    /* 19 << 462 */
-    { { 0xd10883102f412cedL,0xeafe72656e718a1cL,0xb632786f6f5a00a5L,
-        0xfb0909685048cf77L,0xf80eaeceeb8fc82fL,0x3a6ecdf3610279c9L,
-        0xefa7c7b42855c157L,0x46a8af036abf4d8eL,0x000000000000011fL },
-      { 0x492ffe9726805929L,0x1619613e41e559e7L,0x97e9a4f38e33bd9aL,
-        0x9ad49693091798d5L,0x356bebd74653b12cL,0xfcc7f27e9fcfd552L,
-        0x5ed9331c742cd38dL,0x1645ed1198af87e3L,0x0000000000000088L } },
-    /* 20 << 462 */
-    { { 0x15aea420d5ac5d48L,0x6e11bf30178c5a77L,0x01f1180d2651dee6L,
-        0xd7602ed459e7a8f6L,0x5d3ec901de3746deL,0x314d1580e2400304L,
-        0x08f8259265f15588L,0x22e8ff88d9ffe64cL,0x00000000000001d2L },
-      { 0xf3f23abc99e0f136L,0xef5d94840f1ae78cL,0x616e957ff6e34ca1L,
-        0xe2e237b080b7054aL,0x7987761592baa214L,0xcd321299dd291296L,
-        0xf9b74adb20d8bcf6L,0xefcf323631661404L,0x00000000000000e6L } },
-    /* 21 << 462 */
-    { { 0x91e0a5c0c94fba83L,0x367b5806dc42c01fL,0xe88e6ae4b4373ef2L,
-        0x3f51875cd7874231L,0xcfcb6890f984b4a4L,0x8da4e461d4276ba2L,
-        0xe47110934f261c73L,0xf8e578b314cbc501L,0x000000000000005bL },
-      { 0xea568d5507f17331L,0x4a2e61fe70a5e9ceL,0x1df72d8e970cba01L,
-        0xd03d5d92c8f4777aL,0xde53ef7f2e2d88f7L,0x32e0862d4fab2632L,
-        0xbd0feb3e82194583L,0x2f2def128b4b82d7L,0x000000000000004eL } },
-    /* 22 << 462 */
-    { { 0xba8ee1394fa0962aL,0x0f568c5be733014eL,0x5a16b363ffb66b9fL,
-        0xcf83600ddb746ec8L,0xaa67a3d2e6bc9390L,0x801fa15f8930fcddL,
-        0xfb374cf0005c0eafL,0x66552348ffad00ebL,0x000000000000006eL },
-      { 0xb8529088874d7ed9L,0x64a7e8e0843ddc7aL,0x26a9496205980ec7L,
-        0x6e219d44341b4fa3L,0xe07b2068161ef467L,0xe6d89d6d3e504a9aL,
-        0xf473ae9c290f40dbL,0x250a539ef51dcc67L,0x0000000000000018L } },
-    /* 23 << 462 */
-    { { 0x8f3d851cbc598deaL,0x95c3f4fb968d82cdL,0xb406ff2f644e4030L,
-        0x8b084b6cfb0c34c7L,0x978c1241d9b9337cL,0xdd156dc3d2d630b2L,
-        0x976b5a2df1795879L,0x5a188835753b7f8eL,0x000000000000013aL },
-      { 0xeb5df8ff0100cfd2L,0xbf96012da14b7ddeL,0x9228c2c593a9a2f4L,
-        0x66ea58ffc695a320L,0x5c370488bebf78ceL,0x14c0ab834750ca0bL,
-        0x0beb6f8e8fc91786L,0x714eb7802291fce2L,0x00000000000001eeL } },
-    /* 24 << 462 */
-    { { 0xeaa89410f084380fL,0x9491f70e458ab9e4L,0x6b6772051d8ec684L,
-        0x1a9fc7951ef7e9edL,0xc47e84efb05c41efL,0xee377f78c6014e09L,
-        0x91d14a75521171ebL,0x1b11fbbc32361217L,0x0000000000000111L },
-      { 0xf789cc6ba63bc7a1L,0xbbd74f359393b5cbL,0xb43ff6170bb024a4L,
-        0x73800410a844508cL,0x93a28632c5468780L,0xc96c62e52aefa8c1L,
-        0xa500ce0b7df9b61fL,0xb59527f2369f304aL,0x0000000000000172L } },
-    /* 25 << 462 */
-    { { 0x8674334a8ccadedfL,0x2d016c2b11f6012aL,0x4ec4ee5ac3a12902L,
-        0x26217299b221e73bL,0xdf28bb47a5f9357aL,0x3676902cba35c37bL,
-        0x90e2f3cd24232740L,0xa30b34e8d62d95beL,0x00000000000000bdL },
-      { 0x1671d5affeef8af1L,0xbcd9d2aa4c3a31f3L,0xa38ec0bab0adaed1L,
-        0xa2cf817f0bd7172dL,0xa30940a00f887402L,0xba1b3af828713fe4L,
-        0xb837467dd1b89a24L,0x13361a345c6d8b94L,0x0000000000000103L } },
-    /* 26 << 462 */
-    { { 0x3f3f51f3dc8fbec3L,0xe7b0c2ea83a6a2b8L,0xcbf7b399a2b70075L,
-        0x74e2302823ca18faL,0x0c1600f1e46c6cddL,0x5434852363af7990L,
-        0x10506b67950245b6L,0x9d277adb7ecb14fdL,0x00000000000000dfL },
-      { 0x9f8cd4536be91611L,0x362a07d783e99454L,0x9e89aa5e1065da40L,
-        0xf7f67219c5087c27L,0x1a0dd1c0a36553f4L,0xcb8da38dfbbc5aaaL,
-        0xd43603bfe8784073L,0x9354aa7e0acbeb25L,0x00000000000000fcL } },
-    /* 27 << 462 */
-    { { 0xa7f369b6a543148bL,0x08eb19b28b24443fL,0xca61b0501b1d7de5L,
-        0xa17e2e434d630122L,0x77ece0be0b065578L,0x85337244b4997376L,
-        0xac8d2abab970ee48L,0x724afcfed85c9efdL,0x00000000000000a2L },
-      { 0xaba323225c2cb2b7L,0x63f1f3f64757f00fL,0xf1be3eff90e18446L,
-        0x3e5a2a9a9a238a61L,0xfbb3e075a135b254L,0x7187eb847361e1e6L,
-        0x340db506c881addfL,0xcb356eac5468e658L,0x00000000000000b0L } },
-    /* 28 << 462 */
-    { { 0x68b81be9052d2ea5L,0xeadfb53105294d6eL,0xcd41f773a3258647L,
-        0xf6b1c867d70fd9d0L,0x9a89cc017be523e7L,0x2499d793487ebf56L,
-        0xc82cefe8c0d072a2L,0x91c2bfbbe82cb4f8L,0x0000000000000105L },
-      { 0xd705cf5a6705dce5L,0xfcbe204e4462a67cL,0x5e198bc3430d627fL,
-        0xe13da562e765991fL,0xb6cfca287032c5f8L,0x0868d9ab1783308aL,
-        0xc5b628c6c8050c8cL,0x243e2ec13a93a8deL,0x0000000000000139L } },
-    /* 29 << 462 */
-    { { 0x98d6256c20245960L,0x457d105137b7415aL,0x0cb5d0dc767184c0L,
-        0x8652a67b5bde6afaL,0x42679642e838bb0dL,0x0b577bc7178558efL,
-        0x1e03da5c14212285L,0xa591ff706f6c2a33L,0x0000000000000031L },
-      { 0x49a0d6f9f68489d7L,0x87763a7005cbcc01L,0x7843af2c848170ceL,
-        0x9f7c25bea45226c2L,0xfe56752466707eecL,0xea029f2f0db1412aL,
-        0x4f2c2e5d93a8d4f9L,0x405015ba0b3b9910L,0x000000000000013bL } },
-    /* 30 << 462 */
-    { { 0xa4dcc51572a88c35L,0x132016d41a8ac7d6L,0x65acb09f7a272350L,
-        0xc77cc6401ff191caL,0x3fa4c8e460673588L,0x4770229b646a14f3L,
-        0x8dbfb85fd19872edL,0x0fade56dd7f01b99L,0x000000000000019aL },
-      { 0xbd59629410a943ffL,0x74b893733857ba32L,0xd22c2856fc1ff38aL,
-        0xa8f2aa31b1c6c561L,0x033a7f8b5d322178L,0x3efb1ee6a075bde1L,
-        0xd9ff5d90aff85287L,0x1c909307f8075ebfL,0x00000000000001e8L } },
-    /* 31 << 462 */
-    { { 0xd8e925414f766448L,0x06618fed856b424eL,0x25293a2cc4774117L,
-        0x0fe866dedcd89015L,0xd06fe1e1625164bdL,0xa5be1bcaca21865fL,
-        0xa15048438449a87dL,0x1342fd55911a905dL,0x0000000000000069L },
-      { 0xf90da038d98d58c1L,0x69444f7f114e147cL,0x42211c1da866632cL,
-        0x78828291b657d2c1L,0x014c0cb987bb87f0L,0xed3d697194d14553L,
-        0x5b9df642dbbedc15L,0xcb94c1f3ff65dc9bL,0x00000000000001dbL } },
-    /* 32 << 462 */
-    { { 0x461c1512910f4978L,0x8ca7f0dd63d2ec28L,0xda9297d2607ce3c5L,
-        0x592ba13f81bb2dbbL,0x157d4ac7f740c331L,0x1d5311e782c49ae7L,
-        0x5c3046713bec9a94L,0xd81fa25b0a23ab8dL,0x00000000000001eeL },
-      { 0x6d8c6efaf51614ffL,0x20cfd353868b4fbcL,0x9b9dba152201aac2L,
-        0x6bbd8ded8d1900d7L,0x6ca3e71afa946925L,0x7381e45aa0c3735aL,
-        0xcd9db7a2b93d4feeL,0xae40115145bdce69L,0x00000000000001bbL } },
-    /* 33 << 462 */
-    { { 0xa6dbe971dda4b355L,0x8f07b76adbb73b5aL,0x1aa44431454114d1L,
-        0xbc540435c1036c8cL,0x79b688ef916b6533L,0x47a020d49bf029e2L,
-        0xa669d577c093a75cL,0x734c102c6a6c09b3L,0x0000000000000184L },
-      { 0xc90106c15b9211b4L,0xf076663eef5e999bL,0x50143616d8aaa415L,
-        0x62e33d915dfa07afL,0xd0bbb32724d176b2L,0x091bb80a291db76fL,
-        0xddfe277c8c809e75L,0x4c890027e3160b27L,0x0000000000000063L } },
-    /* 34 << 462 */
-    { { 0x30f1ef52ad35c0c9L,0x612892843c67bce8L,0x139970fcd128fe01L,
-        0xf5b1d3cf33cc222fL,0x972e134b9547e5eeL,0x5d32f64d19aecc5aL,
-        0x5172742be7c61b95L,0xd64abb911323f811L,0x000000000000005cL },
-      { 0x16463fb98f92a5bbL,0xd32f5194b1fc0a53L,0xf36b396b4bfefde2L,
-        0x83eec78ac9f4aa74L,0x1e4f3f25af333f1bL,0xc5f9a8710407544eL,
-        0xe2268d05367d93f1L,0x6634b2c450c02febL,0x00000000000000a6L } },
-    /* 35 << 462 */
-    { { 0x4dab3300137a409aL,0x045e43dd13a206c0L,0xea9f0e00a76a7c9cL,
-        0xcdddc2b562c647a7L,0xaf673bf31d6f043dL,0x7d16a2d372adb549L,
-        0xe25427e8edd38a7fL,0x090e5b177a9e105aL,0x000000000000010fL },
-      { 0x2f64bf1100d25195L,0x6439c231eed4846dL,0xad6c59f7318ab661L,
-        0xb9883d0585cb9b6cL,0x646d32e70d3f1dfaL,0x8165416abd4a686eL,
-        0x4b7f45101d638a74L,0x4d3d143be8dae5c7L,0x0000000000000094L } },
-    /* 36 << 462 */
-    { { 0xb20d7fef01dd7411L,0x9f9a104047aa41c0L,0x37677f41aaedbfb3L,
-        0xe3e23e4722350c64L,0x93964e8a30ff0ceaL,0x956a88124b5b4758L,
-        0x6bad595e7552aff2L,0x0de81b3d2b93308bL,0x0000000000000199L },
-      { 0x64899c662f0bd592L,0x41616275f3969762L,0x8cfc9ddac434793aL,
-        0xeeeba2d4cdf048f3L,0x6f2d05b12b87e0c5L,0x1abf46121bf8117bL,
-        0x674deca6b630a10aL,0x061cca5779acde0dL,0x000000000000006eL } },
-    /* 37 << 462 */
-    { { 0xbf73223a615df738L,0xb0f9d8e26e8ee169L,0x7f7aaed7a4f7f685L,
-        0x7e16553a207bca3dL,0x29893c7c9342b6dfL,0x6a4b16aa6e7f48e4L,
-        0x4ea7fa828eb3893eL,0x53e4146d6dc5de8aL,0x000000000000004bL },
-      { 0x51549c3a9eceaebcL,0xf7484acb280d64edL,0xa5a7b9319947daccL,
-        0x949b17ca4b59849aL,0x52689f53bd033b58L,0x23696fa3f648f6d2L,
-        0x1081e1fb55ab3259L,0xb240a833ece6561aL,0x00000000000001f2L } },
-    /* 38 << 462 */
-    { { 0x000b7bdfb3e1b3beL,0x612d3ff2b5bc3fb2L,0xa3d0960b093edcadL,
-        0x3b256f3bb671e1faL,0x97c8e0f576a1f2faL,0x7ed1db11a5c9641aL,
-        0xb46ccc7d006051bcL,0x932c2d1a403a21c8L,0x0000000000000063L },
-      { 0x81a9d8e2ad21fcacL,0x1a1ad119061dc386L,0x1cfdb59dd2c66b25L,
-        0x80a2f73d5b1d3223L,0xd214b239a132a94aL,0xfd263d6816369c47L,
-        0x511bfed818c54c13L,0xdb57736c68a9b65cL,0x0000000000000044L } },
-    /* 39 << 462 */
-    { { 0x254c45f5fc8a16bfL,0x0998c4a73e0e13feL,0x3678d827444e685fL,
-        0x7e81038b391118bbL,0x1b49935aa752e752L,0x3c3d9ce4e799cad9L,
-        0xed9bc30f2b1b2569L,0x8e4faddb0dd293c2L,0x00000000000001f0L },
-      { 0xf6d16e3934933756L,0x5949198eab748e09L,0x5e5accbad4b3d3fcL,
-        0xa96f70b6f0177d5fL,0x226abfa1a0e50e79L,0x8ea06e063323f2adL,
-        0xb05b8c59c31da2faL,0x7cd44db8c6e09ee3L,0x0000000000000135L } },
-    /* 40 << 462 */
-    { { 0x19f565b51420debdL,0x9a19ab6e5291fe77L,0xd729fff2b428ae74L,
-        0xe237994c6d8256beL,0xb74f543cd93d3e98L,0xc460e7cfd599c9ffL,
-        0x6bd6d31f7924ebf9L,0xad07316cceacb2b2L,0x00000000000001e6L },
-      { 0x1436f3231735fe0bL,0x2e13910896a8983fL,0xb18c48fc100cdb54L,
-        0xd777496c81e38ca4L,0x9dbc2d4457bba02eL,0x0b5949a121c1d384L,
-        0xd1cdb9b170e6d68dL,0xc6b803539621e4c9L,0x0000000000000164L } },
-    /* 41 << 462 */
-    { { 0x6da3a967d08f917eL,0x090db6a01bdb8109L,0xd087e8ad559a4ee1L,
-        0x5e3104faf6af44a6L,0x15104cf52a8bbfbcL,0x5af76555ef32bd3aL,
-        0x165a9153f38429cbL,0x03ff29aa3eaa52d2L,0x00000000000000a9L },
-      { 0xb841ae420ca5f75aL,0xd119e95ff2f4063dL,0xbe45f4d88e1dcd37L,
-        0x56ca9d99446b1fe3L,0x1c796119161e7c84L,0x91b1ea75a6098a52L,
-        0xa2248d4a4c94a9c7L,0x4b86cac0e9cb5d3cL,0x00000000000001e5L } },
-    /* 42 << 462 */
-    { { 0x8970aacb2a4748e7L,0x6887665163ba1e04L,0x08e1037e56a8f850L,
-        0x88edd5d94a14780cL,0xf85dc5e2d01fb425L,0x41ea90dd96ebecf4L,
-        0x052996e99442c9f3L,0x3ca7dddba5fcdb15L,0x0000000000000034L },
-      { 0xd541059044b9fc63L,0x9f546de20a523dfbL,0xe1d18513d39a6bcbL,
-        0x830c4a77e61b66c3L,0xdf0da6545a4d1d7cL,0x620c1d84287aba62L,
-        0xa0941743ba971acdL,0x28b96fff367a1d57L,0x0000000000000075L } },
-    /* 43 << 462 */
-    { { 0x0125e7cb3d67d593L,0x948900e272eb89e6L,0x4cf465978810287dL,
-        0x086d2b5bc21c7406L,0x996874adcf082ce7L,0xb72176f2b8523d29L,
-        0x6be04d3184c4a83dL,0xe407ada12517a615L,0x00000000000001deL },
-      { 0x35ef6a5d0d931f5fL,0x55f15fdd69c1db16L,0x43d2e66069c6bfc8L,
-        0xb67513ea8993e68eL,0xd0591d864892844fL,0xc530cb5925b1216dL,
-        0xbc971e9a92a1390bL,0x5ad3d777b5efa5d7L,0x00000000000000beL } },
-    /* 44 << 462 */
-    { { 0x8aa2fd3a0324bbaaL,0xfb02da2e28cb3ea1L,0x938876146493b3fdL,
-        0x68c6a8a4da6d66b5L,0x31477d83222398fcL,0x9498701a98da59d1L,
-        0x73eafd532bdd61a1L,0x6dea3d8cd8b1b1bcL,0x000000000000005eL },
-      { 0x30d3c83a929e403eL,0xffd69ca5c2c1881eL,0x36e2dd8f21383e3aL,
-        0xc0702450c42cd33bL,0xdc2ba2ae01146955L,0x74ae932a3060efd3L,
-        0x1f01d81b1f96136cL,0xed2a00caa434d7d4L,0x0000000000000121L } },
-    /* 45 << 462 */
-    { { 0x1aa3adde98e3be01L,0x11b63a1782d4a9a6L,0x48452f3d8f8d8fd7L,
-        0xa83c3daffd794b08L,0x9cc7138f1149204eL,0xbac5f41644e190a0L,
-        0x1b835e8d2533b4b8L,0x1486716a654cf4e9L,0x000000000000013fL },
-      { 0xbb1300a807389decL,0xf4d28849eab42f87L,0x0cbde28ea8e39949L,
-        0x3837fddab7a80ec2L,0xee970327aa8141f1L,0xc204fa0442caaee8L,
-        0xe516c2275a08d44fL,0x7b706f80ff20b54fL,0x000000000000017dL } },
-    /* 46 << 462 */
-    { { 0x96c595d04345853aL,0xe761a852cdbb2404L,0x2a83d0fab05cd025L,
-        0x067908543d1728d6L,0x0cc868e988564b8dL,0x72a369ffe715f13bL,
-        0x4a09518266b3aea0L,0xe4498f3188a89d31L,0x0000000000000186L },
-      { 0x669bd0b549234ea0L,0xee783a18c484a4f8L,0x1219541596adeaf0L,
-        0xb1b395886a1084e2L,0x9c553221983d47a4L,0x97bd48e4e145793aL,
-        0xee9bc1d4d465ffb1L,0x81a0e9d512deb77dL,0x0000000000000189L } },
-    /* 47 << 462 */
-    { { 0xff7a3b81c38382d0L,0x0e47569c54b9c17eL,0x9d9bb42f06eed152L,
-        0x0f584d32ba6d6964L,0x1a73edeef6aafa41L,0x1a9ae3e5b4442b3aL,
-        0xa70e0e98592269a5L,0xa91be178c77cb2f9L,0x00000000000001c1L },
-      { 0xcc0528718ca1e18dL,0xa2f8ec2d89bc1ec0L,0xa4f2de28a1dd1f74L,
-        0x93f7e481a49289f5L,0xcedad21b51007754L,0x5b2cfc40f9df77aeL,
-        0x77d5bd687e39e15eL,0xe3d5331f241cc064L,0x0000000000000195L } },
-    /* 48 << 462 */
-    { { 0x90d2dcf1251fe06aL,0x4a9e61312213edb2L,0xa86cc889db34c6beL,
-        0xc7c9ef492fc20da6L,0x62831aa947aad9d8L,0xb8ef1f7f79aa0e99L,
-        0x4d8254a91e016254L,0xaaeb6757c5cea077L,0x000000000000011dL },
-      { 0xa8f5e18502f4709bL,0x3cc2096d28f8fd0cL,0x6d384ee1bbabbcdbL,
-        0xaa16805edc2fdc58L,0xd5a61658a4d13408L,0xae9c4071255c1b61L,
-        0x1588a828a6436d33L,0x0e07bad24e74d1a7L,0x00000000000000c5L } },
-    /* 49 << 462 */
-    { { 0x6940796af899523eL,0x94846b1d315ec56fL,0x025781d6859d96c5L,
-        0xe016820639653920L,0xf4ec2f4e51ad51d9L,0x225ee1b72ec9bcffL,
-        0xdeb2e6d76317aad0L,0xcee9b056541569b7L,0x00000000000001b9L },
-      { 0x2c60d275d2a7a25fL,0x09200147306bb343L,0x8b3bdbf0178a2c60L,
-        0x1abb7417cc0cb699L,0x50f8f8200976f08cL,0xbf142ef66273fba0L,
-        0x1eea00f53268f7abL,0x141ecaa300cfd5dcL,0x000000000000003cL } },
-    /* 50 << 462 */
-    { { 0x6f522b1b2190c116L,0x77a85bf90072e3f0L,0x7bbb62f976b08b4eL,
-        0xab4878bd0c4970b8L,0x758b6e91dd7752ecL,0x3979894756baec80L,
-        0xc8860bb4aea97d48L,0xfc446d97154895f4L,0x00000000000001b3L },
-      { 0x8d8f9950072c678dL,0x3b46c8529ace0a49L,0x356b87c69f2f64c6L,
-        0x2f0e47accf59cf99L,0x73c0fea460efde36L,0x64ea7c7f00aa8852L,
-        0xb6f020820d9b7b8aL,0x1edc53d62f92a2a8L,0x0000000000000057L } },
-    /* 51 << 462 */
-    { { 0x8d66caaa357071a4L,0x635b07527ee00192L,0x517a6792c818c034L,
-        0xf93830a391d08486L,0x1368f7b673d5b938L,0x077f9d50cb4ebfa5L,
-        0x8a7855ecce5a34dfL,0xffa4063f122de424L,0x0000000000000171L },
-      { 0x1410dc66ab6a99feL,0xfa2c782485c80476L,0x4fa85fa6b00bd91bL,
-        0x9fa465c2e83c2beaL,0x866e4cd18c657a22L,0x0c49aaa1995f77e7L,
-        0xf7e5521b2b0e30c9L,0xdac4d4b507f7b749L,0x0000000000000128L } },
-    /* 52 << 462 */
-    { { 0x3ac08717b8501555L,0x884c3347812fbee3L,0xa934580777363609L,
-        0xdb4de6841aede158L,0x6d3850ea6312d55aL,0xd4247574a47c5a6eL,
-        0xb5cd31b2047c8ebfL,0xcca5ed851d8cefe6L,0x0000000000000124L },
-      { 0x4afe51372a51a7cdL,0xd28b0d5de510ba3bL,0x1ac5ade85d1c1d2bL,
-        0xddecd8024d330dddL,0x7f03c6419259bc0fL,0x9901f74bb3cc0e2aL,
-        0x997b76d0adee582fL,0x4562419478dff0f3L,0x00000000000000adL } },
-    /* 53 << 462 */
-    { { 0x0a05118e4f11ecf4L,0x0f0df5d498d05869L,0x0703359921333009L,
-        0xcfcd5c427de5b677L,0xdcec94971bb48849L,0xab4f855137e51f02L,
-        0x0ff5e9dc686f1e15L,0xce51572a73711fd2L,0x0000000000000053L },
-      { 0xedc9c0318dc19110L,0xf701cf6e9516787bL,0xef8846d98b359d47L,
-        0x59c48207309176deL,0x2b820298bda74af1L,0xbfdaf25de022e2ddL,
-        0x906a64e0a21e66dcL,0x35b661b622569e50L,0x000000000000002fL } },
-    /* 54 << 462 */
-    { { 0x3d2a23547d37e036L,0x15fa6258b069c547L,0x971084595a585197L,
-        0xa1ffc74e71f550fbL,0x1fd862279a2a1355L,0xeebca426540f8363L,
-        0x9511a7b70357d4f4L,0xf55a55a2786a3114L,0x000000000000005dL },
-      { 0x4d95d924d2dfc1dcL,0x02bea96358f88b67L,0xb29bb82aa213c829L,
-        0x5c334c6c4fb103c7L,0x1788c6f3237b3fdfL,0xe04ca128ff38a49bL,
-        0x657435fcec49e78aL,0x86cb93b2b77ff94fL,0x00000000000000d1L } },
-    /* 55 << 462 */
-    { { 0x09336b9eb22a4bc2L,0xe5b69e8454d2cd44L,0x21f75483f29260f4L,
-        0x95aeabdb24e2ab76L,0xb2d234334ee7e921L,0xb989e4477eb10e8bL,
-        0x11f2aca492c511a1L,0x2fa2108fb4411745L,0x00000000000001c5L },
-      { 0x9ba0fa7de8e834d5L,0xcde5ab91e5fb25ccL,0x064eba31b24855ccL,
-        0xe6c909ff648d6e5aL,0x937bb03c03acf9a0L,0x2e8988a3193b5fc2L,
-        0x670a1f72fc822accL,0xdbf52ce2aee811a1L,0x00000000000000b5L } },
-    /* 56 << 462 */
-    { { 0x0261a6571304c934L,0x86e5b425f4254d3dL,0xd6b8c7293330a402L,
-        0x67ee96544281090dL,0x3056a9113a1d5fbfL,0x7dfc3e9e98494b38L,
-        0x12c53a18777cea04L,0x2cc4ffec23165e61L,0x0000000000000005L },
-      { 0xf16c1e271d3c8db7L,0xc4954310ab46ca93L,0x1a5a066b158cfe00L,
-        0x62b499a9f192e1feL,0x0c9a5e489a9bb573L,0x2907b4fb630008c1L,
-        0x9c832da019ae083aL,0x6159daa1c26961f7L,0x00000000000001f5L } },
-    /* 57 << 462 */
-    { { 0x73cf6f1f0a7cff9dL,0x5990e7855d970d95L,0xb0a27227d43818a1L,
-        0x8416719cc806298dL,0x9b9c4684a499cd3dL,0x80e188e59dae634fL,
-        0x96d56fd6999b8803L,0x25747b11714423c0L,0x000000000000000fL },
-      { 0x109847c5145aa843L,0xb4610155b5c2d75cL,0x9193c45dd9014b50L,
-        0x8102f8118a050159L,0x46c50351e1d9e3b2L,0xb7992a3b0535b00fL,
-        0x416cc678dafb0a88L,0xda1554890526c87eL,0x00000000000000cfL } },
-    /* 58 << 462 */
-    { { 0x3b96330d5a106b1eL,0x4261e39e301af093L,0x96b81a66369534d3L,
-        0xea444b4a97b9861dL,0x19a98ade47fae332L,0xb540c85ebf30cbf7L,
-        0xbd205dd1bd6a3c2aL,0x53606fc7d30e5984L,0x0000000000000193L },
-      { 0x43f3560d4cc4d643L,0xd02e6d1ed892f3afL,0x410d637e8680b671L,
-        0x91cc5b1bb60494edL,0x6a19cc7f1044ee62L,0x378962fc56a89c1aL,
-        0x4c9eb689adadce81L,0x4f9ffad100d88194L,0x0000000000000147L } },
-    /* 59 << 462 */
-    { { 0xef4f9fa755ae6dccL,0xec7bf270f1f5304cL,0x2bc4d7a9401b4a40L,
-        0xd0cd7b680044f20fL,0x0e0e7f8dd324e238L,0x2c13feb72fcdc80eL,
-        0xf1a695f47f4d3dbfL,0x931c17b7233a8395L,0x0000000000000048L },
-      { 0x3e5b9691f598ebb0L,0xf343309a57eacadaL,0x5ff3a06acce81fccL,
-        0x2bbd1f7dfad4a66cL,0xa3185537e78d466fL,0x69121af74d50571bL,
-        0xce3f6351d8d90fbaL,0x2e89c90e992614dcL,0x00000000000001e1L } },
-    /* 60 << 462 */
-    { { 0xbf9c09d3e9b072d5L,0x627e64871aceaf57L,0x21938240829175eeL,
-        0x781ea3f25bc4d226L,0x996532aca6726027L,0x567da8151177e922L,
-        0x9b3fec8aee0ea637L,0x793f1038091eeef4L,0x00000000000000deL },
-      { 0x30a23a7581d2a890L,0x41f22a0c973e9ba3L,0xda3e78685c1a136bL,
-        0xbe524c93084420d6L,0x53518e4026661908L,0x7bd7c768fa169b4bL,
-        0x0477e8834709e45cL,0x41b66d3827ed78a7L,0x00000000000001a0L } },
-    /* 61 << 462 */
-    { { 0xf684635ac1aff7f3L,0x815ad1a840c52364L,0x1aa44c22ee68d865L,
-        0xd4ccb5a9d42e7c4cL,0x280ee2b19a67bd2eL,0x8eb3e67583e89a28L,
-        0x7adfd31240147486L,0x5297a92c030f6dbdL,0x0000000000000074L },
-      { 0x93f574b97ddac781L,0xb60f1f78431eb598L,0x76ce97fd505b1c12L,
-        0xf129e08ef9584629L,0x99d5c2eb189756f2L,0x077576da3f376986L,
-        0xebac685cf932a27dL,0x22bf40db85bfc6b6L,0x00000000000000c4L } },
-    /* 62 << 462 */
-    { { 0x1d9044cd1279e866L,0x124f41d1376eb5c4L,0x5ea4fb8d97030140L,
-        0x38339643a1412be1L,0x5dc984b181b0ca10L,0x3caca47205353734L,
-        0x6cc45d1cc111cd9cL,0x27abce536b44e337L,0x00000000000001a8L },
-      { 0xde5d6867c8beb49dL,0x1fe2ba1f6e6747d7L,0x0c6ea670fec38d24L,
-        0x28b701a08091cf52L,0xca72ca34ef2c8462L,0xd6e8d3fd9fb18624L,
-        0xbb1c102467c9700bL,0xb78362320eeea37dL,0x0000000000000118L } },
-    /* 63 << 462 */
-    { { 0xd32c1d2cc13c0d24L,0x03a69200a8085693L,0xf18102e90989d81aL,
-        0x0d57994b8af284d3L,0x54a3c55b2ac803f0L,0xc43f6f5ae4601c43L,
-        0xb3184a8f59c5c667L,0xd8052c20a179b319L,0x00000000000000fbL },
-      { 0x78b9d9197a9af989L,0x5df6c709c925390cL,0xb442eaf5e4846e5bL,
-        0x680158b4316ff4e8L,0x528f587fa99e1dc6L,0x3788609a6fb34357L,
-        0xbb9ea9c9d901d43dL,0x09cb2dae346643c0L,0x00000000000001ceL } },
-    /* 64 << 462 */
-    { { 0x2bf35f94ab7a841fL,0xdcbda33878e3fb0dL,0xb913947aa0195f98L,
-        0xc8e30a9c4370e51dL,0x8a403e1ff0e558eeL,0x7dd167c4606db1dcL,
-        0xaa343cbe5827ef91L,0x1404f2d6aace0f43L,0x00000000000001acL },
-      { 0xdfe19ea53db1c500L,0xdd04717148ef4a56L,0x38ab939eb9a5ec76L,
-        0x8f2d56855648f852L,0x7f81313f2726f67eL,0x41cf3794f68f54bbL,
-        0x9d400e52de14d6ecL,0xc046fda14c9eb1baL,0x000000000000008aL } },
-    /* 0 << 469 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 469 */
-    { { 0x563f57ff87744684L,0xd8f2f1476562ce2cL,0xbf323b07ce7b4b70L,
-        0x67b2111a9098ed36L,0x0c8a85c10b687259L,0x23a569d745d51e50L,
-        0x6643f19b88d97057L,0x1eab273a875181d0L,0x000000000000013eL },
-      { 0xbd33de9418a1bffbL,0x3edd0df89700ac60L,0x3757dbeb61839145L,
-        0xd31a9aab1a59a97cL,0xcaffafa2faf790ebL,0x9f36c13414676e8bL,
-        0xef6eda5b18545787L,0x806a74c509ac46a4L,0x000000000000005dL } },
-    /* 2 << 469 */
-    { { 0xe6b236300de2a07cL,0x64d219926e52ba0eL,0xe5786eda68d1e768L,
-        0xad163f8ecb6a04f5L,0x5a09908a101039e2L,0x8708327611a5f49eL,
-        0x231d61fb5446a61aL,0x39e98ad1e7ddbba8L,0x0000000000000185L },
-      { 0x54ca5f0f3861f6e7L,0x0e0f1667d20d86e6L,0xcf229fd613d9adaeL,
-        0xc8852aedc488ec9fL,0xfee0c03dee1061e2L,0x7167271a35298521L,
-        0xf4fcf268fc0cfd1cL,0x645a9d2fdf809af6L,0x0000000000000057L } },
-    /* 3 << 469 */
-    { { 0x38c2b6bca021ca92L,0x715f2bf72d1c900fL,0x79d4428f5dce0826L,
-        0x7466180355b0f95aL,0x59d9ba60059f6b0cL,0xa3a157eb1cad0687L,
-        0xcb4e3f7aeacfd2e4L,0xdea5cbcb1e36ad17L,0x0000000000000090L },
-      { 0x49b0c5be4040f60eL,0xd354d658cadc11bbL,0xb17f1aa48b5ab35fL,
-        0x09956859856bdc09L,0x4bdd06fff18da95bL,0xbf66d16d235e890aL,
-        0x57d83d0076201868L,0x0bb0291f91e1a0c3L,0x00000000000000e6L } },
-    /* 4 << 469 */
-    { { 0x7a6b3fcb3b407efcL,0x05f6d0a3063ced31L,0x4a79c880f3f03bf3L,
-        0x94181fff7a1438c8L,0x47fa4e4956106ed0L,0xaa97355dfaf7201fL,
-        0x1264069e02f7c119L,0xf702c7f04d06b273L,0x0000000000000187L },
-      { 0x368dcb7ae7e258bfL,0x5f8a64eae8e4597bL,0x98bbcf2b6f13bcceL,
-        0xc00c8e627d099f3aL,0x4803c4005e326891L,0x229deec9342badbbL,
-        0x3b810a6f49e0992cL,0xfb55c6cd63758695L,0x000000000000002fL } },
-    /* 5 << 469 */
-    { { 0x07da16efbb07562bL,0xb7f9c5dbde14c8a6L,0xe687783fb79d420bL,
-        0x14fec271567ceec8L,0xd765d3336d608c4bL,0x70e67e3a92960599L,
-        0x24060de6d9a5a16bL,0xadc2fcf91c6f83b5L,0x000000000000014aL },
-      { 0xb78d9ad205aaecb1L,0x8e984114bcdeedc1L,0x0bd480509394336bL,
-        0xfb533f263a0aea2cL,0x6308aa76b8c58b3cL,0x80124d89f64d3a4fL,
-        0x58064b407bc9e04dL,0x64e21d55adbeb1b6L,0x00000000000001bfL } },
-    /* 6 << 469 */
-    { { 0xe0096d0f5c98771eL,0x05c2327096228ce9L,0xb38f45accbc9c99cL,
-        0xf44d39cbb7abd830L,0x583a57461600275bL,0xe7911b696bd758e9L,
-        0x54545d59b691c578L,0x0b03c85c8394c30eL,0x000000000000002aL },
-      { 0x988ac22042c8fe20L,0xde56a00b7832fc78L,0x8ea363bae0cd6d15L,
-        0xfdcaee21cf51cea7L,0x104bd64ccfee6e76L,0xd9a935a575e0cdddL,
-        0x775cbdf5da1bdc5cL,0x019215c361758097L,0x0000000000000113L } },
-    /* 7 << 469 */
-    { { 0x26ad960425b64fa7L,0x65d59abea783eacdL,0xa2c81fe86f55f993L,
-        0xdb6068b8fed6d301L,0x52f76e9add95612bL,0xce2060f002858a68L,
-        0x369c2092ff3912cdL,0xdc2d072aeac4c085L,0x0000000000000117L },
-      { 0xf6142267de8e4075L,0x74ffa58005e07abeL,0x13331f5dbec8999fL,
-        0x08c7046124188d1dL,0x63a12765a9375cd0L,0x5afe946f3b9f95caL,
-        0x2ced26b921e69960L,0x614458d7512f10cfL,0x00000000000000f4L } },
-    /* 8 << 469 */
-    { { 0x02fb84fd5f7abaeaL,0xa238ad04e991e445L,0x0d9b2d417c972addL,
-        0xac2439f9478c558aL,0xc3c78a2c1ec86ed8L,0x3735839b2d3b2f29L,
-        0x259728d450317454L,0x7b53a9cbe2377abaL,0x0000000000000179L },
-      { 0x95f44add5e4846ceL,0x85d2a8e87211225eL,0xcbf0abd8091a6646L,
-        0x9d8b3475102deeaaL,0xe2a0a4ab602ba91cL,0xa6276d7f131de0d4L,
-        0xbb90d1175f215c70L,0x49a60e3e07e3aa82L,0x0000000000000019L } },
-    /* 9 << 469 */
-    { { 0xeb40bcc4be860ee5L,0x47622caebabd1dbbL,0x5b4881286df7411eL,
-        0xbb0a57dc8e4ae017L,0xdecd1b251a27c9ebL,0x9c33044ebd3d1b20L,
-        0xd9e1d80e3205ffddL,0xa5f51d61a07581caL,0x0000000000000096L },
-      { 0x51a3a0a4441ea9b2L,0x0034263f805898deL,0x20ffe434628e71e1L,
-        0x51b50e3897075cf1L,0x556732f72ae952c2L,0xcae37d27433977e5L,
-        0xa79160c2bde9cfafL,0x2dd6cce9b25d68e5L,0x000000000000014fL } },
-    /* 10 << 469 */
-    { { 0xc5edbc6f85e4dc22L,0xc5933f26efc6be8eL,0xfd818a793f5edbf6L,
-        0x09af29cde4c05b4bL,0x386ed43c5cb088d5L,0xa50a8e572fbfa65dL,
-        0xfc3e90492effb79bL,0x8aced5f19883127dL,0x00000000000001e0L },
-      { 0x8aa6a432b05205a4L,0x7d5100c71ab38cdcL,0xed0d59ae9f026787L,
-        0xf9812b5d04497c3bL,0x66ed8c8cfbcc0dbdL,0x9597f83779f6138cL,
-        0x076883cd899808c8L,0x9884a305f4024d9dL,0x0000000000000118L } },
-    /* 11 << 469 */
-    { { 0x87d449701c005da6L,0x109fc435e49f09ceL,0x3070e9b5df09fb82L,
-        0x6627c2c8fb79e375L,0x23c488d5aacf7040L,0xf7d96b62c4f9bd5bL,
-        0x54e5c4d917734569L,0x02d5cee9240dce26L,0x0000000000000152L },
-      { 0xb4f24ee03d62aa32L,0x41ebe4e11051470dL,0xfc3a01594ef1cf93L,
-        0x80efd898e64e8687L,0xd9b3993e8daa3365L,0xc0de82692618ee26L,
-        0x461447cb4c5e1d3eL,0xa28313e53e23eb2eL,0x000000000000016dL } },
-    /* 12 << 469 */
-    { { 0xd898aad7aa89f44eL,0xa62a2d93c518f791L,0x6acbea45ad2d934eL,
-        0x4dedeab78d3bd1f7L,0x072894788c0ff7e9L,0x11a995f7e6828443L,
-        0xf0c92ed4d44b4181L,0xb7440b69416d7dd7L,0x0000000000000121L },
-      { 0xe800b3c21e920c11L,0x5c7dc454e9d3af72L,0xb2211645283116e5L,
-        0x71675dff4ad35006L,0x2a8783eb5231dea8L,0xf79c777c659a3cb6L,
-        0x1e8eadecee43df0aL,0x7ba45eb224be6f96L,0x0000000000000001L } },
-    /* 13 << 469 */
-    { { 0x4044fb9aa0e53379L,0xd71b9050787f853cL,0xd87e57ee44779c58L,
-        0x5f3009e4470fb0ebL,0x378b1a209941a1c6L,0xa677ef62504924faL,
-        0x7be3f1274b7545a1L,0x3ff5508eb5960cd7L,0x00000000000000f2L },
-      { 0x4cef6ffac4fc4869L,0x6898cb2900c32214L,0xdd8345ec9f931b5fL,
-        0xd0a51e6c1777d16dL,0x4e3f7a028833256bL,0xf2eec60d0be037ddL,
-        0x8ebf92143a28cb07L,0xfe94e5812e9a7bd7L,0x00000000000000f0L } },
-    /* 14 << 469 */
-    { { 0x9cfd0d70379920ffL,0x5b138849a7d11592L,0xfa3e1debda21ceb3L,
-        0x65a7da37afbce19cL,0xad36c1e2ac24e4d2L,0xe82248727b2f4c24L,
-        0x6b62f348d52a2de0L,0xf6e56f5762566193L,0x0000000000000018L },
-      { 0x5231f0dff354e7b4L,0x677e082ce7a8c0c9L,0x8d3b59ca91e10de4L,
-        0xc8b5d573099d1495L,0x33ace8529f6dc625L,0x78bba7b132668cb4L,
-        0x20f626184a9b0c01L,0x641ba19c9de82920L,0x0000000000000078L } },
-    /* 15 << 469 */
-    { { 0x701b527393cf6217L,0x1cb48f663555e29bL,0x22181c63c8f9bf06L,
-        0x12da892bdc0c2b3cL,0x57522bc3cf766a0dL,0x521ffabc04f79b89L,
-        0x1d10e64ec217b9a3L,0xf613de04359f3d30L,0x000000000000006fL },
-      { 0xeb657ed419c0bf3dL,0xa9ccee58bb8fd14dL,0x27bc141e9e50598dL,
-        0x6b5e14c593fc9ab0L,0xd050fbb65ae50f0eL,0xf9f8760fa0521b92L,
-        0x1ff8bff96c853693L,0xbe061e788df6d469L,0x000000000000010bL } },
-    /* 16 << 469 */
-    { { 0xcb30076118e71dd8L,0x01d2684604886b27L,0x22871d7b7cc1d69eL,
-        0x1d138a47d0b3caf9L,0x53aeb97400a7c0b0L,0x712aa1a2262f9366L,
-        0x58c84da46bcae07aL,0x521b7dbcae8708b5L,0x0000000000000045L },
-      { 0x03bd36438d3cd884L,0x20a737ee1d62a335L,0x37e1775f904f5c53L,
-        0xb76783dd3baa91fdL,0x7c5521189a84e971L,0xd085796e4488ede7L,
-        0xb418e7085068d6dcL,0x4417e81ae5275a73L,0x00000000000000d2L } },
-    /* 17 << 469 */
-    { { 0x81c12b63e30e72b8L,0x354fe20db4ad0c2cL,0x3bd33ee584fb3da9L,
-        0x80c265beab0605a9L,0x4652ec39d3ab432bL,0x85b6357af4ac355aL,
-        0x824d9e895096834cL,0x5b6886fce0e0bd26L,0x00000000000000a7L },
-      { 0x9747dd8b530ba303L,0xca95b8cff5a8cf9eL,0xcf0766268c2ca53fL,
-        0xd62aa41a2f2b99fcL,0x21b4c001ead7300dL,0x536b0a59e026d010L,
-        0xcb625f1b66ca8331L,0xcb613a3a56b6f938L,0x00000000000000ceL } },
-    /* 18 << 469 */
-    { { 0x1e26efcad3dad3b5L,0xc3f580c0ec404efeL,0x63e4f54bba07fc5fL,
-        0x2c208d6c1655cb23L,0xb10a1a18e482f788L,0x7f6fd02dcd7f89f3L,
-        0x5411e0380743db4cL,0x0e22bd76ce4efb17L,0x00000000000000a2L },
-      { 0x873c0af60d01af74L,0x2f4a0ec9ba060e1aL,0xded0dfbdaf48d8baL,
-        0x5d2b528d780ec754L,0x42a02e2dbadf7060L,0x90d1c9a037ba2665L,
-        0xb002f7c4a1007a96L,0xfff6be26355ad02aL,0x000000000000008dL } },
-    /* 19 << 469 */
-    { { 0x0bd4a3f0f9bb7cfbL,0x8d61b1c4087487ccL,0x9fc2ea4af9c93934L,
-        0x77ae38d82326e828L,0x0c0ae32cd531fc73L,0x46b6a9c04b35fa57L,
-        0x36798f1570f76923L,0x3941fd5cf13b2b6bL,0x0000000000000047L },
-      { 0xfa79c31c97ad3427L,0xae83362f4b6a8c6aL,0x19da33c36893337fL,
-        0x15d666fcd8edfad6L,0x378ad97ba6648fe5L,0xba2d4463ff23dd7cL,
-        0x687e42e6868e99d5L,0xf6c5d9dd88f69974L,0x000000000000000fL } },
-    /* 20 << 469 */
-    { { 0x14d14f636b330a4eL,0xf943c489289430d8L,0xc220f9b3dacb5aa6L,
-        0x5f64ce3dbbdbc661L,0x32bdc1d5ebf6d100L,0x6d2cefa026f8304eL,
-        0x55bc066635196423L,0x099f19e813c68f56L,0x000000000000017aL },
-      { 0xf8898c0067fd6808L,0xc9fcdd64aedb5d38L,0x141911bc93ecf107L,
-        0x7e2034093432891cL,0xdd9f385e1b9f5f0eL,0x61b231e96f97e818L,
-        0xec1dd4b9e8cc8371L,0x4e0a1cb9f44505a4L,0x0000000000000127L } },
-    /* 21 << 469 */
-    { { 0x929bafeded53c5e0L,0x14ddb02139df049fL,0x06226f149b246597L,
-        0xf60eb64085bee3faL,0x37606f309b15a907L,0xf5b90ecde7fbb734L,
-        0x038410daf9e730afL,0x4e2ee195f5d72e08L,0x0000000000000134L },
-      { 0x461c2d552cebcef1L,0xa43f38b5a32863ddL,0xfc3a8ded6b8d3365L,
-        0x03b48889360f80bdL,0xd22be91598cbea9dL,0xc32a9ab72557b88aL,
-        0x2ce4a476ae78f249L,0xae5831e640f9bf03L,0x0000000000000095L } },
-    /* 22 << 469 */
-    { { 0x41b796bf4796af15L,0x177d42f351a325a2L,0x487f3715601c15d9L,
-        0x15ca3b1b40649c1fL,0xb06abca7f36a5e64L,0x14bad851e4b57bafL,
-        0x2d42059d1862f500L,0xd2bf6d28db084902L,0x0000000000000186L },
-      { 0x128345b83e7774bcL,0x4598fe8563520a7aL,0x444316e72587d345L,
-        0xc44643f03c926f91L,0x1ee021d93f3cfca1L,0xf5c84920bda26ccaL,
-        0x673620287af1bb9cL,0xe05d4e740075bde9L,0x0000000000000061L } },
-    /* 23 << 469 */
-    { { 0xedd410e397f8467fL,0xf16210b41a5ccaa8L,0x2f078b037f73dd71L,
-        0x2c2a5f448e99ae3cL,0xb2bf1970b7dfc8fbL,0xf37185b250883783L,
-        0x7d5412a36a24e693L,0x18ee647497be701aL,0x00000000000001b1L },
-      { 0xdf6b6594435265b4L,0x876e6a7a9004e6a7L,0xe3ac6f6873cf7ae0L,
-        0x965460544bda6cceL,0x84e762aca94218f7L,0x06425f2496b3336bL,
-        0x569da13247d63056L,0xb4cb63d0b2d5a789L,0x0000000000000135L } },
-    /* 24 << 469 */
-    { { 0xee2ca82b76f521d5L,0x404c95b98d54184cL,0x7ef78330d43e178eL,
-        0xed67f94305f36bd2L,0xd734f6b845f09837L,0x8760f0f7bd8f5a29L,
-        0x2e7cf02112059285L,0x8d0be801ec54d3afL,0x00000000000000a6L },
-      { 0x51ba60c971042440L,0xea9c35ae614a4512L,0x006bbca51d410f81L,
-        0x3d31ac431170157dL,0x69b0be25fc7e723bL,0x6da152ba38276789L,
-        0xbe486c0593492808L,0x3fd119d980afa598L,0x000000000000008cL } },
-    /* 25 << 469 */
-    { { 0x8c94532ffb7677d0L,0x397f7f18f8a5be84L,0x94356c7499cce279L,
-        0xb334201593980d55L,0xbf6ef9d18cb8520aL,0xfb28b68edd535916L,
-        0x9cb149ed4dd8cc9bL,0xb97ea42aa9e2c064L,0x0000000000000035L },
-      { 0x9171a89ad37f9c82L,0xddc272092d5c7bf1L,0xadc3af681b9e94b7L,
-        0x613f81ca5682caf4L,0xaedd0d66e3453e90L,0x651161a92971b9f3L,
-        0x0399d25284688cecL,0x40d177e41be785fcL,0x00000000000000a7L } },
-    /* 26 << 469 */
-    { { 0x6871be7478d0c1f5L,0xf6c364f7456a1d88L,0xee53602c1666ff19L,
-        0x8b0a05995621622eL,0x8937537341feb4d2L,0xf34622cf94a0e8f0L,
-        0xeb9e1ee76efcc350L,0x1312f3a350063323L,0x0000000000000055L },
-      { 0x2fc73efe356883d3L,0x62a03b106d884fb7L,0x901bc04d7cabf01cL,
-        0x2511c5e129ebb711L,0xf94d884739bf842cL,0xe50486da63edc964L,
-        0x8cb348db60b10d7fL,0xe29a998c08ede95bL,0x0000000000000174L } },
-    /* 27 << 469 */
-    { { 0x3f8ddcd46347473cL,0xc61ed0f9a7e239f6L,0x45dbea9289ccadc2L,
-        0x2c5683f3cef07a9bL,0x51df4da3df13c487L,0xd78c61c30a089e81L,
-        0x47302b22831fa26aL,0xe3a79e8940504a7bL,0x0000000000000088L },
-      { 0x16d3f12ba4b11470L,0xa70377ad6ea07a36L,0x959342d5cc15cad5L,
-        0x1fd7d8cd8e4d42b7L,0x70696e3cb694988aL,0x7c73847433e52d9fL,
-        0xe96d5471c41dc241L,0x49cb9b9ca6f8eb8cL,0x00000000000001a7L } },
-    /* 28 << 469 */
-    { { 0x29dac47503b83778L,0x13fdb36b56f8223fL,0x15108cf7b189bf97L,
-        0x04cb678c3d959be9L,0xbfb72511cddec7cdL,0xd255fb17b2a649f7L,
-        0xe7b7616ff0210128L,0x49891af158674716L,0x00000000000001dbL },
-      { 0x5fa647c585e511daL,0xe6d774239b517adfL,0x131596649e9e0ed5L,
-        0x6a090a1234cbf60cL,0xc213cfe51b5cd8e9L,0x152c5434d7236d27L,
-        0xfc7df774944f90c9L,0xb1890bc9c119589bL,0x0000000000000167L } },
-    /* 29 << 469 */
-    { { 0x9b16f2144a14d787L,0x1036d9fa52079b2aL,0xa83ff9ecce07e344L,
-        0xddfeb66c46311e85L,0xbf554a70cfb9513fL,0x467bab678b31b889L,
-        0xdfae7a0fe9372329L,0xe4f2f5917e51c8f8L,0x00000000000001f2L },
-      { 0xc486a286d75feb83L,0x69c676f3087f2443L,0xbfb329c2ad4f54e1L,
-        0x301e122a09a7f840L,0xdc1ed7aab169543eL,0x3ae1310799c64627L,
-        0xdfbfa25ca5c949fbL,0x6eb39e641b020190L,0x00000000000000e5L } },
-    /* 30 << 469 */
-    { { 0x4d98b2ac32d8dbe8L,0xace115d91cc99ad7L,0xb8f9b3315543aef7L,
-        0x7d65d76b79819d68L,0xe70fa04ca7b35f9cL,0xf0679fe75fbe62b6L,
-        0x8e878e2f00de3fc4L,0x1a90ed223a42887dL,0x00000000000000caL },
-      { 0xd80cbfe401063d2dL,0x6cdc0a2c27cf1c3aL,0x447c49dcc0141542L,
-        0x98f2ec0c0cb0cf80L,0x07549703ff297bd2L,0x833c79f2a23585e4L,
-        0x4224adb3ddf0936fL,0xecb57a5a699ea6eaL,0x0000000000000018L } },
-    /* 31 << 469 */
-    { { 0x56e17019ff059f29L,0x002581359d92fa55L,0xfc9b7a6925777d70L,
-        0x9870806ae3f5ce87L,0x99e086f26d73ecc3L,0x3b2e4d9fa35841dcL,
-        0x485817f1b62ce114L,0x0bac63bdb5c1be62L,0x000000000000018eL },
-      { 0xcffa5dc1b9ac6c2bL,0xc3a26fdd56f9eb8aL,0xcaef1a4f3898781fL,
-        0x426a86c5a8cd88d0L,0x1716fd7cab614e6eL,0xe12c9101c06bbbb7L,
-        0x63e9171f62757ef1L,0x4cec09acd1f320f6L,0x00000000000001a4L } },
-    /* 32 << 469 */
-    { { 0x099c2888d6c5b0b9L,0xe35ce1381ffe8a3bL,0x133c35ca74939411L,
-        0x13521b322ff27ae3L,0xbde73625f760a06eL,0x199340715ee54408L,
-        0x69db07e102f9b217L,0x1389c23586a5e6a5L,0x0000000000000112L },
-      { 0xcf5b0e89ca1aa74fL,0x0cfa76325d844ccfL,0x04be199c65c3286fL,
-        0x483e0ff9d204e249L,0x9df8ce9704c424b5L,0xe35cda3ec05c0793L,
-        0x8a595df3f2798180L,0x7522b808fbe7f5c9L,0x000000000000009cL } },
-    /* 33 << 469 */
-    { { 0xcadd02a27d7784aeL,0xcce86dfea7fcf493L,0x87cd6f95bdc14ad8L,
-        0x27d2fe24611512f7L,0x9bc408a777dfbb5eL,0x9cb1f6603e961625L,
-        0x08542ccc1c253a6aL,0x1ec8713fa541f855L,0x00000000000000edL },
-      { 0xc358a687448cd884L,0xb75d140050d6ba88L,0x137a7569196b52c7L,
-        0x0cc62c0712f61a5aL,0xaa3653cf8d2497abL,0x9c79351e5d45d412L,
-        0xecababc65af55894L,0xc409198b52097ed1L,0x00000000000001c6L } },
-    /* 34 << 469 */
-    { { 0x0e472757f7011a71L,0xcebb0eba09da90e8L,0x933ee6b4aef7b7d2L,
-        0x0d2e742cb68ae8c6L,0xf373fc3f32de83bfL,0x0b51f343d249eaa0L,
-        0xef0bd45abab03af6L,0x965b8fefa1c07e8cL,0x00000000000000cbL },
-      { 0x571817f5ed0017b4L,0x6aee829608047226L,0xf4334820a389806fL,
-        0x2e0c2dab167c885fL,0x2c1894f48d6c34fbL,0xcba4358013ce3154L,
-        0x816b7e7132649e05L,0x3b02046e20aebd59L,0x000000000000019dL } },
-    /* 35 << 469 */
-    { { 0xa949bdcc0216439dL,0x72e5adadad102c3fL,0xaa9183ba0af396b9L,
-        0x41a83eacadac5678L,0xda7577495ea96f88L,0xac27f511f7e5d25fL,
-        0xbc92e35389a6c9eeL,0x472b947c1dd5234dL,0x00000000000001c9L },
-      { 0x1c9d64a4fcb14344L,0xa6d842b3c98a85e8L,0x1b4fb2636cd3f69cL,
-        0xc484dcfa2189d8c3L,0xe4e45792e280a9eeL,0x65da8ef6202443b7L,
-        0x2ee30251e71dd154L,0xf650203adea3ba9dL,0x000000000000016eL } },
-    /* 36 << 469 */
-    { { 0x0fd34803710bfda8L,0x697671fd37d08a77L,0x61590350952da84aL,
-        0x6355b6ef4eaffb94L,0xa654647f3712f7deL,0xf7d3db844bf5551dL,
-        0x803b4b6f92e47512L,0x2dac8ff69e3838c8L,0x0000000000000109L },
-      { 0x55e242b9515c2e04L,0x6802de1d9eead096L,0x3e2098970399ca1cL,
-        0x62dd1077a4ef1ac0L,0xb89f5b0c24e1d439L,0x8ff7dc3093678ea4L,
-        0x9858576394713929L,0xc14b25abdc8d0a7fL,0x0000000000000042L } },
-    /* 37 << 469 */
-    { { 0x7e70f8794d7f6f2bL,0x419829cc4a31a41aL,0xb4eeaa99324fd76dL,
-        0x95c37844d200095dL,0x95873b642c3e8cf4L,0x9fc8600ff3733834L,
-        0x13ea6eba7403564cL,0x2d4f9ec2f93389fbL,0x00000000000000d6L },
-      { 0x4e0f87b3220667ecL,0xbe666aacc0f871aaL,0xe22ba2305c46c0a9L,
-        0x3f7f397cc2fb5d1bL,0x701ca7f8a310ab98L,0xf561043c97da4402L,
-        0x9d7d99c7dc5e2e08L,0x854db674bbd1ff7eL,0x0000000000000065L } },
-    /* 38 << 469 */
-    { { 0x48b0c44b10fbb232L,0x23efcb9474bb12cfL,0x2283fd4289254aaaL,
-        0xf824e6cfafc254f8L,0xcaac3118aebd820eL,0x9a69ec62a1e6b686L,
-        0x50ccc5245df7b70eL,0x2bf74a2119c0ef11L,0x0000000000000097L },
-      { 0x1cb448466450f3d1L,0x316968226ff2a91cL,0xa32c75e1e3e83f42L,
-        0x45cdb5ddc766d607L,0x44e4f4644405a2eaL,0x1ce0895a2af43ed5L,
-        0x546bcf8f5d4fabddL,0x2ae184db680ad728L,0x00000000000001eaL } },
-    /* 39 << 469 */
-    { { 0xf873545aadd1bb8aL,0x6df75855b3381916L,0x85a46959282f5600L,
-        0x7f63ee00cab1b8d7L,0x61d5dc47e3960f89L,0x2ec0164befcfb0d7L,
-        0x05fe38cf325dbeaaL,0x786e7fa34b0292e5L,0x000000000000008bL },
-      { 0x29c1395fce8b30e7L,0x0aaff0c90c3ea317L,0x3b0ef202a4dfab3eL,
-        0x675cd59aac01dacfL,0x8a22b232aebb8ca6L,0x552271b7f28586ddL,
-        0x2a23a56dfd03890bL,0xbdc3ca28de16b4e5L,0x00000000000000eeL } },
-    /* 40 << 469 */
-    { { 0x14596043e92e85b5L,0xe3caa4f1309bcc86L,0x0946eecd6a004131L,
-        0xa8f39a0a5d559370L,0x2907f0fb9dd39852L,0xd26639c2b3624b6cL,
-        0xb45f0d32034709b8L,0x0ae962d48065c9d8L,0x0000000000000144L },
-      { 0x3de036a5d521ed0eL,0x5ce0990022e88bedL,0x2170357d527f6be6L,
-        0x7cc9e9ff5b47a6c2L,0x801ff33b9748eb94L,0xcb3961d6372d1840L,
-        0xc3db0b3bbda53a97L,0xfff1a0789bd74f00L,0x0000000000000127L } },
-    /* 41 << 469 */
-    { { 0xe2beef9875c4e3d5L,0x6e2985be41385dfcL,0x3dc139491d5be62cL,
-        0x421ad84a59db88a2L,0xe290f65ef1cd9c62L,0x8cad81dd031fdf5aL,
-        0x2ffff38b7a70772bL,0xdbcae403aed61b17L,0x000000000000003aL },
-      { 0x685cff22a6961366L,0x46543384b061a17aL,0x1d93260699b2b99dL,
-        0x115b73e62486c41dL,0x6cbea3427fea8a8cL,0x21e238b85fb70622L,
-        0x13df7dc40dadf79dL,0x89b2c737bb4fed33L,0x0000000000000008L } },
-    /* 42 << 469 */
-    { { 0xe470a3f68811f377L,0x8389beb00236aa7dL,0xf0f6c917982f42daL,
-        0xa8d017fca5e6a3dfL,0x00a281a86f6c2422L,0x5a713942a6cdb487L,
-        0x4a1b57083f4d0029L,0x64d0114ab2000863L,0x0000000000000145L },
-      { 0x842dd8a0569a9ca2L,0xb55b007b3b347c48L,0xba12f822b3667837L,
-        0x67579db2bbe1a4b3L,0xee34c780b2ee7cd0L,0x08c9f20244fcd799L,
-        0x592790de609495baL,0x6c279b065fb8bc01L,0x000000000000009bL } },
-    /* 43 << 469 */
-    { { 0xd9ec089d45a61664L,0x6adda151ef4d7edfL,0x788c96573e74cdaaL,
-        0x2b73df110162a42eL,0x70fa479627178991L,0xc028dde06b7360eeL,
-        0x683cb8de527692e6L,0xb06c972e4039737bL,0x00000000000000aaL },
-      { 0x6ecd795e03cf1545L,0x4cb6ef7ca49d14f6L,0xe7d26ea24c9f0793L,
-        0x74f86a00c5bb3a0cL,0x2f029188b022a7c1L,0x1f5a67a5d11a7ac5L,
-        0xac81b2fe6a5724bbL,0x8c149f3d175d86e0L,0x000000000000019fL } },
-    /* 44 << 469 */
-    { { 0xec1c52dfbcd98d89L,0x311fa61f10eefe3bL,0xc46f60f85e624ea6L,
-        0x30c2171be17a2b62L,0xb12102e30b8729aeL,0x8be6c0ceb4723895L,
-        0xde06c2aaee640520L,0xa71ec10da86e11baL,0x0000000000000051L },
-      { 0x73019b3097a7bd73L,0xa01007744052d44aL,0x52cd660f34686dd3L,
-        0xd02b71fee0879244L,0x8efc04c0f2266eeeL,0x1ee192c7b71ba925L,
-        0xa6d63f084408ef54L,0x23adc3915c77390fL,0x000000000000003cL } },
-    /* 45 << 469 */
-    { { 0x84ba05e3bd62d818L,0xfa9746922dfb9f05L,0x6b15453937718201L,
-        0xa6624bf9106687d4L,0xe09a44c3d9f29e00L,0x87d2e4bc137d2f83L,
-        0xff90b283b9b00e40L,0xcfb6978b87df7a57L,0x0000000000000129L },
-      { 0x4aa5e02c503bd70cL,0xc985efc743315974L,0x61e2ef6999fd881dL,
-        0x8ddec42d5c84dcd1L,0x4eb1d068f6d37ccfL,0x39e186198b84a79fL,
-        0xf3924d7f4a78ec0eL,0xbb702e055c90b885L,0x00000000000001e1L } },
-    /* 46 << 469 */
-    { { 0x2885ea42d044abd7L,0x13f7e9191c8843b4L,0xae0401519f420498L,
-        0x8829dba445329e31L,0xd1a19fcf17754079L,0x367b6764c564ea64L,
-        0x5f27569de885a386L,0x660bc6bb97b48147L,0x000000000000000bL },
-      { 0x5936d68d04ab459dL,0xe45234d817c2a65bL,0xd76cb1fef46a84eeL,
-        0xc310f74af3bcd4a2L,0x605f3f125c2dacf8L,0x3e533d128bef904dL,
-        0xd389dd9b76ea5518L,0x7fb8d72eebce15a8L,0x00000000000001bcL } },
-    /* 47 << 469 */
-    { { 0x1b39356dadbcad10L,0x611d06efd2c02a3eL,0xce5b763a4c497670L,
-        0x48fc1378ab055283L,0x46b39cb9678c2c83L,0x03a783b393eb7d11L,
-        0x72b6d5f8f5a13b37L,0xe69316dfa85fe503L,0x00000000000001b7L },
-      { 0xabf89b61520f51b5L,0x93e7cdc45db81dc7L,0xc4be33eef9ee3d28L,
-        0xe1e43f98d5983740L,0x8f37e5a35ad31353L,0x97083b97a896a61eL,
-        0xd117eb5e292c0624L,0xba08108c874f328dL,0x0000000000000081L } },
-    /* 48 << 469 */
-    { { 0xb758f2cd23509208L,0xd4f7af5088ba1557L,0x8ff26bbde472d9feL,
-        0x071723868960ac4aL,0xf63e404e9025de52L,0x05053c3fcacbca10L,
-        0x55ad71f0e90cdfb2L,0x25d5716580e65089L,0x0000000000000125L },
-      { 0x5de6508419a94651L,0x9aa2dbc01bf9c999L,0xc97a237737d94752L,
-        0x9963d33ca4d21f9cL,0x679f837fd92c494aL,0x1876a9cc69fc4047L,
-        0x028e4edfca690225L,0xa49474168359a44bL,0x000000000000004bL } },
-    /* 49 << 469 */
-    { { 0xade71ac8fea31c97L,0xcc8f381103919f2eL,0x066d7a1c0fd575abL,
-        0x5c1bb1f252a3e9d5L,0x830ae9819689a600L,0xac9bb5b66763b7c2L,
-        0x40db293aab2e1ad9L,0x8f0de39f530fa624L,0x00000000000000cfL },
-      { 0xc963031f35628945L,0x9a2e7f3e99ea6df7L,0x8b759a2fd3491ee5L,
-        0x88136e3f009653aaL,0x48198194c5239084L,0x9fef1f19e4af6853L,
-        0x42cd9f4adaab6571L,0xd834784943ac38daL,0x000000000000010bL } },
-    /* 50 << 469 */
-    { { 0x77b95920abd07a42L,0x66ae951e1b05f9d9L,0xa0b29e1f1b845797L,
-        0x460087bdea66fa1eL,0xfca234ff973965e8L,0x4ef0d58742218113L,
-        0xbb90f9c0e58e2ba6L,0x2106ece57a1ded9eL,0x0000000000000004L },
-      { 0xa9d190182787b7aeL,0xb127a7d318cc1c8dL,0x46455feadf775a3fL,
-        0x4bc1973ab91f6f24L,0x2941ac6d1a3e4cbdL,0xedc8328bf1740029L,
-        0xe4068b2e54ed0273L,0xa7228a7e8c23a1d4L,0x000000000000019aL } },
-    /* 51 << 469 */
-    { { 0x957939dae7894375L,0x1b2775f257816ca9L,0xf67d7c380004bfe9L,
-        0x4582ae0821eb8de4L,0x55df582abcbb4aa4L,0x30e5b50b16723f24L,
-        0x91f672daa350f89dL,0xb77fe0544be6380fL,0x0000000000000117L },
-      { 0x1710653ceeb1c98cL,0xf82be08c6ae35cc8L,0xdbcdf1421680e596L,
-        0x2032b7410227e6c9L,0xe478bd37f07adb40L,0xc8b549c8aecc5475L,
-        0xff5f364c7ba0a27fL,0x654355061768ee6bL,0x0000000000000042L } },
-    /* 52 << 469 */
-    { { 0x22fe2e191a3ccdfdL,0x55f8139c13a8c7cfL,0xedc73b1c01e0f56eL,
-        0x5a9c1968a3fec725L,0x782182d6f8ae2cd5L,0x5f66b8c17f9f64b4L,
-        0x17a2bb332c101e97L,0x187ef5a232a96850L,0x0000000000000197L },
-      { 0x5d5fb38747d1be1bL,0x3713edbf1de57442L,0xb04956d328a92374L,
-        0x9c92546515debd61L,0x0e0f52fec13defccL,0x891c71261307bbbdL,
-        0xa772556bc296d5aaL,0xd7eb1d8ea8f6b37fL,0x000000000000018dL } },
-    /* 53 << 469 */
-    { { 0xf241efe3e318cb2aL,0x03033711ac571aa6L,0xe3efeeae1b42ad11L,
-        0x49bed2b2dcf40cd9L,0x3c9fd4976f2832c9L,0x598a96e609c7dc68L,
-        0xfbf270ecf5686223L,0x3c0871ee7cbf72a3L,0x00000000000001e3L },
-      { 0x477eda86b7fefe1aL,0xd36256c26d037d5eL,0xb0df707391f39886L,
-        0xbf2c97fbaa590f83L,0x7b8e2aa452150aefL,0x1d0fcc93482aeb90L,
-        0x5086665c90256ba7L,0x90a4de3f64e6ee28L,0x00000000000000e3L } },
-    /* 54 << 469 */
-    { { 0x9880edbb634779f8L,0xa78c28e60c979f1dL,0xe94854d81204dd29L,
-        0xf4a09ef365453269L,0x8015c054bc074682L,0x3648356358d5013eL,
-        0x0d2b20adf0cf4a28L,0xb96421ac0a192c94L,0x000000000000017dL },
-      { 0x923b881f9418af47L,0x5f86d74cd0744d6dL,0x9bbc2f0317c2ede0L,
-        0x2ff3016d4d7f81f2L,0xf7e99bdc588dd88bL,0x60988dfd36e09430L,
-        0x7fcd2c1911cc41eeL,0x7dbb6444436063b6L,0x00000000000001bbL } },
-    /* 55 << 469 */
-    { { 0x13a7925b4f357fe8L,0x54250aaab46ba080L,0x6b75101f52792018L,
-        0xc1f2737f27e87303L,0x8496a09b7abc0687L,0x36a23d44f65d79fcL,
-        0x1079339f87d831eeL,0x529ae62aa07364ecL,0x00000000000001caL },
-      { 0x2742ce4c81b0623aL,0x513a65fa584a9f69L,0xe5b6b1ece25bd3f5L,
-        0x1a6a7359d5883ef7L,0xd5a90c6dec6efe65L,0x5db42aea38802659L,
-        0x31671373bff583dfL,0x9fccd94f6920e040L,0x00000000000000dfL } },
-    /* 56 << 469 */
-    { { 0xcc51cb4b1aa88055L,0x55c2dfc46dac9c77L,0x4e0019affb5e8de9L,
-        0xd686f86dd0d60937L,0xfe4bcb522f3ac7dbL,0x102adf661cbd8b5bL,
-        0xfe830c11f89ad228L,0xb635e0e1969b169bL,0x00000000000001a6L },
-      { 0x6b51c9abd5b1c229L,0x1d2912be9ee262caL,0x6208f3dd838c6d6eL,
-        0xc3b9a9e5d6e11544L,0xb88e99336a2696e9L,0x81b5b9c8ea9d3206L,
-        0xa7f2f30243123369L,0xbb51e48673bc3a3bL,0x0000000000000113L } },
-    /* 57 << 469 */
-    { { 0xdd0f189b4c77e727L,0xfe4cd2f6d9bd0fe2L,0x6454e3cd94c2a526L,
-        0xdff102f317ad2166L,0x461734c46191e95cL,0x04cc3f496c830f05L,
-        0xa8740c863dd2ed7bL,0x5dca654622703431L,0x0000000000000019L },
-      { 0xa80ffaa51518d57eL,0x9e1fcde11f48dd75L,0xb0498a4b829f4b88L,
-        0x4823bb28b7f05dd1L,0xd9c6f5d262938b03L,0x4d1660c414d15f13L,
-        0x444a74a0a0fd9a40L,0xd764f15e3770cf5fL,0x000000000000014eL } },
-    /* 58 << 469 */
-    { { 0x7c62a8d4146c122cL,0xe575b2ca1799b0a5L,0xe5195dae1b06ffeeL,
-        0x5f0dc83a847f27fcL,0xcc10735305898b9dL,0x7f2ef8ec4713c3b5L,
-        0x653844ca4760afe0L,0xc6d972950f6152b1L,0x0000000000000065L },
-      { 0x996a0d1a59bd137bL,0x6511d7685abb04b7L,0xb916dc2f78ef48c9L,
-        0xf46d1bf3de129423L,0x3f7f3de897ac10d1L,0xa37c5c11676afc7dL,
-        0x39dbdf85d2671f5fL,0x2b5607945657c0f2L,0x0000000000000088L } },
-    /* 59 << 469 */
-    { { 0xb24089fa6d540d96L,0x77c1e4b018a57d1fL,0x1c62eb46e056b93cL,
-        0xb98bc55624e9658fL,0xf225c49850aaadb8L,0x9843ca5ece753e67L,
-        0x27f231f12c66df92L,0x9825c25b34934cb3L,0x000000000000001dL },
-      { 0xf92f334c84795c3dL,0xc1f54e7b36b19eb7L,0xe891a3cc496b86deL,
-        0x405cac982f43e3a1L,0x319c8569e8d9c821L,0x8ce93789ca7db1bdL,
-        0xa4a4227155c7920dL,0xf63a98e73fb59f04L,0x0000000000000088L } },
-    /* 60 << 469 */
-    { { 0x3d9e327a3dffaccdL,0x23e7de91b57be47cL,0x34af6490996a4df3L,
-        0x9024fdcd23d46ef7L,0x9b55c37bef6749e8L,0xcc0e2ea4750217ccL,
-        0x9c0aa3a54f07fee1L,0x678db2f28154dfc2L,0x0000000000000007L },
-      { 0x3ca56f0f1355da47L,0x7ab6eb7d4cc64fbcL,0xd68b2467a367d8dcL,
-        0x908dadb995cbc15fL,0x0694c136c5ca5ea6L,0xc444772432837dbeL,
-        0xb29f989c23df02d4L,0x43a6d58a7d60fe91L,0x0000000000000103L } },
-    /* 61 << 469 */
-    { { 0xaf60ddd4fd331e77L,0xdb2b23b6e4bda275L,0x50de018692fabaf2L,
-        0x18f4ee1e439f1467L,0x1d6ad1c55f41e1d8L,0x1870539a6185d956L,
-        0xa469cd954b7c195bL,0x0512eee3a8f71640L,0x00000000000000c0L },
-      { 0x649527de55b56f56L,0xb6c666f14fa873e2L,0x8c12fcc042440b9bL,
-        0xe44ce0c97ddb3192L,0x5c9d67f0c5e1f50fL,0x4d2e9d041c957109L,
-        0xece745bf334a3f13L,0x4c0fdc639473d8cfL,0x00000000000001b9L } },
-    /* 62 << 469 */
-    { { 0x214dd24ea5dda3ffL,0x4423c61b58d48ab1L,0xed596e642546d55cL,
-        0x3e0c6b0726ca41edL,0x47b13e973bd71b9cL,0xdca94741169e56c3L,
-        0x6c380c7598078a65L,0x364caeb1ab093024L,0x00000000000001ecL },
-      { 0xf5dd2e474ea3d662L,0xaadb18becc01369cL,0xbedca5296be99116L,
-        0x4dca80e0934f07a8L,0x99adb72766b0b50cL,0xb478a6f79766ca8eL,
-        0x771ac1e2d3573d18L,0x0c64c745619fd002L,0x000000000000014bL } },
-    /* 63 << 469 */
-    { { 0x1ff694760c4e06f6L,0x00e69af1532a26ceL,0xf86f1f52c6b2dd00L,
-        0xfdf77e8a92114d6dL,0xf5d2ac406197eb57L,0x66465d59ca274247L,
-        0x708608a82c41da24L,0x3f3d3a4afc46e7dcL,0x000000000000000bL },
-      { 0xbf456142b8e1680aL,0xe98df23e3d5d3376L,0x4e0c78faea79d6a5L,
-        0x1e7cfeb16436e15fL,0xf7ba6fef589b8115L,0x1cee877d7b5d2271L,
-        0x1a9a5e2faa96639aL,0x1b756ea93bd35dc4L,0x0000000000000171L } },
-    /* 64 << 469 */
-    { { 0x5ea6d7ec70be25d7L,0x7123951418497519L,0x86ec4211661279b0L,
-        0x3c673364d41deb71L,0xc7f5bf951884db68L,0x17eb082e77ecec04L,
-        0xec159bb14ccef5a8L,0x630d61dcee69d948L,0x0000000000000130L },
-      { 0x0d0db8b4c1a69df7L,0x28590b46cfc11acfL,0x5137b85bb19d5a7dL,
-        0x6069874da376813aL,0x871126092ab28149L,0xddc1900069e6d09cL,
-        0x7b3544c70114f9bbL,0xae2d081fe842291eL,0x0000000000000110L } },
-    /* 0 << 476 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 476 */
-    { { 0xc7cc50fb09b5947bL,0xe166a9afd5eae02fL,0x47c7953fda349c90L,
-        0xc3d4bcae21c0984dL,0xcee13c2f45ff2419L,0x334cc1f147780ddcL,
-        0x21381fb6f1157180L,0x28ff4f86eaede87bL,0x000000000000017dL },
-      { 0x10c72b8260e096a3L,0xc73306ec5ff796baL,0xb3f60666fecc17ecL,
-        0xb9e0d51f46f82c8dL,0x6cbe5c7e296da50cL,0x87cb11044fa6c1ceL,
-        0x5d5e0f6d491f9b8bL,0x187baf6970eb3d18L,0x0000000000000103L } },
-    /* 2 << 476 */
-    { { 0x2fafc73f189a0360L,0xe08428f1a68509e8L,0x4700e3eb3a2af597L,
-        0x143c0bf14b298188L,0x9fb03775f0b9b8f6L,0x7c9e5a3a2653d193L,
-        0x41109c62d1f8ab93L,0x8ad7cb71434536b8L,0x0000000000000073L },
-      { 0x82c43b2daa844eddL,0xad5be7ac3cafb62dL,0x8dd99c5b4a5b4b0cL,
-        0x2a11dc4131c113aaL,0xe62332e93390e968L,0xa912cdea4b073b39L,
-        0xbb0b8141bc11cb2cL,0x504272d1c9dca239L,0x000000000000007fL } },
-    /* 3 << 476 */
-    { { 0xde0324030689ca3fL,0x4584fd9714fd0202L,0xbea63186c84bfe39L,
-        0x0e579aadaba48f51L,0xcda28545c1a4c309L,0x33629507fd645c90L,
-        0x0c77cd5627b58e13L,0x4d84313664dda00fL,0x000000000000016cL },
-      { 0x281cddf1e91a439cL,0xaedc15d538bf386bL,0xf2f22343f35ea657L,
-        0xf9fe82ea18a01f1fL,0x04f9f4730b5a27bdL,0xd296626d025df338L,
-        0x45b950ba633dca68L,0xeeef58ad19f73b2eL,0x0000000000000008L } },
-    /* 4 << 476 */
-    { { 0xd92a04c26573f504L,0xb69c2dbb85de7ce9L,0xb2b82853a2a36153L,
-        0x2899bd376af7feb5L,0x301805e5433c9010L,0x5bed8acab616d5dfL,
-        0xc8afda4270e4b63eL,0x496eb13248cce468L,0x0000000000000103L },
-      { 0x6ebcd0500973771cL,0x6377d971474e651bL,0x7d0a936b0f6dea19L,
-        0xf7cf4fce0aeaf504L,0xcee2076c170c2fbaL,0x158448263af78646L,
-        0x67737e06e27f2225L,0xdfff84af4601bd5bL,0x00000000000000c1L } },
-    /* 5 << 476 */
-    { { 0x035d0a019df3894bL,0xfcfb77c6c2f36a07L,0x04957358c9319662L,
-        0x52fb2c650e0fbe5bL,0x26d1fb01cf3ebed5L,0x3a417dc06f338b83L,
-        0xfb234b48d11a9621L,0xbba96393db3f5cbbL,0x00000000000000d1L },
-      { 0x78b95f1495129ff9L,0x10504de14d5f0abeL,0xe8c7250d3f4dde14L,
-        0x20c04ab4ea00ac99L,0xfaed11686eb2143bL,0x23e32bf4544284b5L,
-        0x0512a28dbad3acb7L,0xaa1926aa86d008a6L,0x0000000000000192L } },
-    /* 6 << 476 */
-    { { 0x81f919bc75e0a1f7L,0x89de5dd7cd6a017dL,0x14d88451c9a96fcfL,
-        0xf3f61d046c5b2967L,0xd21b7e9c453a4189L,0x18e9c74dc8b7bf46L,
-        0xf8903f4f63921ee6L,0x1cabb3f025060de5L,0x000000000000006aL },
-      { 0xf15cd5c8c291f1cbL,0x26c8a484d0311e2dL,0x1e5d93b9d9e366c1L,
-        0xb037cbdd812fd505L,0x8614127c0c567514L,0x4125bc9b4256930aL,
-        0x84f62f976a0a82acL,0x5b12e21e8dbd5c67L,0x0000000000000192L } },
-    /* 7 << 476 */
-    { { 0xbe5764c9caf7fff7L,0x16cc873d6d606b04L,0x6a6f20784268cdfbL,
-        0x06cd7ce627bd5738L,0x532d5c4242e47936L,0x704f0b2a7d0f8758L,
-        0x6046d9f36d2e977aL,0x53feb41a1327c874L,0x00000000000000fbL },
-      { 0x9425b4d1013ef2beL,0x98b50c6e98a45194L,0xbf181a2b9df34265L,
-        0x39c40ce4c2de575cL,0x6757daeb883b4dccL,0xcb224d4bf8b5efbcL,
-        0x2dcf10aeed49a2a0L,0x9c1fff7a9ffda898L,0x00000000000000ecL } },
-    /* 8 << 476 */
-    { { 0x7d2636053e0c991eL,0xee3ed571275db80fL,0xf20cf648561dd429L,
-        0xed7ea515f12bddc2L,0xb84130bd0a544f33L,0xd56fb7297832d23aL,
-        0x728ebeec0bbd7452L,0x6006394d28216463L,0x00000000000000d2L },
-      { 0x43b5561b228b41f1L,0x90eba77819b17767L,0xca1ac49ea2533ac2L,
-        0x23b080f75ee9175aL,0x98a9470773a70bb7L,0x4ca74d0815cecbebL,
-        0x5141db56b4a97b7cL,0x758fe34ef1450caeL,0x0000000000000111L } },
-    /* 9 << 476 */
-    { { 0xd2b17efdc9bf0c9bL,0x79352df94a3175e0L,0xde19af86841b5f46L,
-        0xd2bdefc98317fe9fL,0x4349c726a5ae3bc1L,0x9991211e43cad229L,
-        0x3245ce6ef16a1f19L,0xb7a43c99f6b0a022L,0x0000000000000027L },
-      { 0xa0d43e88bfdd7fa5L,0xb9fdb126a56aef59L,0xe36fedb3eb1646b9L,
-        0xc2a5b17fb2d25b2aL,0xd1db0f0f7526ee70L,0x526e46c6739fe3b6L,
-        0x5cfa3185a6320001L,0x908282721717cee8L,0x0000000000000054L } },
-    /* 10 << 476 */
-    { { 0x61ed6a7f6e9e6e88L,0x0456d4c464e89e5aL,0xea5fc9d8f9e17ed0L,
-        0x2dc7dfafcb542d12L,0xca40f95c8c90f19dL,0x347f0c9f375c2872L,
-        0x3a5e1ff600f96cd2L,0xe3442888a9fb6359L,0x00000000000000f9L },
-      { 0x16e56ae6a6743465L,0xc9e24ada478dfe6fL,0x298ff6dfe42d5813L,
-        0xfacb1cf51531c516L,0x9b778fde097be036L,0xaa17ea655155b221L,
-        0x8fad7e57c8266064L,0xcbb079a05536759fL,0x000000000000013aL } },
-    /* 11 << 476 */
-    { { 0xbc23aeb2d1fc50f7L,0x5a63b2379b184c0cL,0xbc43ff0ee6794086L,
-        0x64713b62031f0138L,0x3db4b0bd81da7dacL,0x4d6a996b36d6fb58L,
-        0x6b064df122b4e62aL,0x0612931c7f6b9cbeL,0x00000000000001c8L },
-      { 0x55503228462bbc5cL,0x5651ec3a244999ccL,0x93b5b3d709872c80L,
-        0x8cf163af070882c7L,0x7a2923223b30afe3L,0x8d92b4aaee45a4faL,
-        0x94646bd3697a47b4L,0x99bde8f96423023bL,0x00000000000001feL } },
-    /* 12 << 476 */
-    { { 0xb627fdfbc0062d02L,0xa527c2db7c3ecc6eL,0xbd959f5d49faa954L,
-        0x5e110744f6c6a3c9L,0x40f10e096d3907ebL,0xa94e585ee27341f6L,
-        0x8f0e11851cb56481L,0x0f687b831cec3022L,0x00000000000001b3L },
-      { 0x5f8c166d962a12d0L,0x00b41edad2445d5fL,0x2b259ccee9690a54L,
-        0xe4bdac1d6bfe61bdL,0x30cf14bcf51dc15bL,0x43e72573c600759bL,
-        0x0bea781ff86f10c8L,0x3259d6086a363f83L,0x00000000000000c1L } },
-    /* 13 << 476 */
-    { { 0xc288ee74cdf30f6cL,0xa8fa52b3d8b19859L,0x1ff94a3023f725acL,
-        0xf02bef5b58b44ec1L,0x0af81bdfb862bec6L,0xcb19979d38d65bb7L,
-        0x4469bcf7c662adf9L,0x6f29e33195e8305fL,0x00000000000000bcL },
-      { 0x72244e292093d379L,0x590c16a0ec9d9897L,0xc635439ee45d50c3L,
-        0x5b5562779b40b375L,0x9c9c449643d0381eL,0xd61c59c2378d8002L,
-        0xf0811d15ac014d42L,0x37da2de58afa297cL,0x00000000000000f3L } },
-    /* 14 << 476 */
-    { { 0xdd15b8890006da10L,0x415306bf6643193fL,0x79036f1f242d9d57L,
-        0x6c9d5588b36f9ecdL,0x58305c8bf19d2f9eL,0x383d6245f5c17b58L,
-        0x9c6af8d8640cabedL,0xe8d10e728adb59ddL,0x00000000000001d5L },
-      { 0x5490f2f98e99708cL,0x5373965efdd3f754L,0xade0363389e6bff2L,
-        0x59d82f758ea6e9dcL,0x3ddb97148ca95fb3L,0x25bc3b9a85713ed3L,
-        0x0b118e05090cf1b8L,0xd95ea9cfc707cd92L,0x0000000000000028L } },
-    /* 15 << 476 */
-    { { 0x73bbc51cec9886f0L,0x6d91832d76c9105aL,0x3a4938ff7734de0dL,
-        0x68613d279f71510fL,0xecc8b09f9c201233L,0x2b426b0d02f20792L,
-        0x917bab5133f87aebL,0x21014269b921e7e8L,0x0000000000000139L },
-      { 0x366b3a8b91a3cef2L,0xbf63ed9910bba815L,0x98143ae944329e33L,
-        0x7bf47db912c92e6fL,0x3e298e35de7bf2e6L,0x517d6a51770daa8dL,
-        0x80a04c0e85e292c7L,0x252aac413a6ce0a0L,0x000000000000009dL } },
-    /* 16 << 476 */
-    { { 0x62a1f73e3fbadc57L,0xeabf4b68b1ba2d35L,0x711d7f6376f3bde7L,
-        0x162f5183b31c3fb3L,0x0dcd66fed7d716f7L,0x6e1dbb78e46816d9L,
-        0x532831b8f833a6f7L,0x64191ccb4cfed0cfL,0x0000000000000190L },
-      { 0xdb3763396d7824adL,0x6b948aefb16a391bL,0x2d174fd64ae9013eL,
-        0x9b5c22ee16a57de2L,0x3bfed1da9e857a25L,0x635187a64d644bbdL,
-        0x94786e3a6fe288acL,0x827c8b03ece25962L,0x0000000000000092L } },
-    /* 17 << 476 */
-    { { 0xdb67687a67d36ad4L,0x3d1af6ac40f1e687L,0x2c71a3ddae798682L,
-        0x645140cad7a2071fL,0xc3517c50eb0d963fL,0x355c6438ab08414eL,
-        0x4cc8ac9e0180c6cbL,0x561c7ca326fbc369L,0x000000000000006fL },
-      { 0x0342d1496e7e396dL,0x5a5cd24a1ba4fac5L,0xdaee6359a50d62beL,
-        0x05d3140c9f8ec814L,0x1468a0a3faaf4476L,0x57b01227507375b4L,
-        0x4577d26211476222L,0x6b9ff34821fcaf64L,0x0000000000000169L } },
-    /* 18 << 476 */
-    { { 0x053b265090739d6cL,0x81b004bd712093bfL,0x7f50af875afe50a8L,
-        0x9b5ffb5e616741b8L,0x681137aceb3c3a6dL,0x69b12c2245ec1c2eL,
-        0x43bf3b334d35bbdeL,0xd78593fe2a340a3cL,0x00000000000000d1L },
-      { 0x995af65a2422397bL,0x832b654bd1e5f2efL,0xdbde76cee8f57027L,
-        0xbf107d39ac9d310aL,0x028a3faf7ef5943cL,0x2a51126a9db46e73L,
-        0xaaf481c0b65d02dfL,0x6c0678a8cdd9a840L,0x00000000000001abL } },
-    /* 19 << 476 */
-    { { 0x7509b5b0a968ac0fL,0xd55260f8c75e5f25L,0xb517c59a16a4515fL,
-        0x85e826661c3270d8L,0xf42ef8d3b92dcd94L,0x0cf375adc36f162dL,
-        0x4335872c0da09278L,0xe1256b6a06d898e1L,0x000000000000011cL },
-      { 0xbed033f087f764ceL,0x55e48707aed0398eL,0x721335dc155cc588L,
-        0x97b2e056d98215c1L,0x6348051fb6149163L,0x005844d2ea832fe4L,
-        0xec5b0eb5c8d9470fL,0xd89a66da78fa2054L,0x000000000000019fL } },
-    /* 20 << 476 */
-    { { 0x4fe79ab617384010L,0x0113f08cf667c198L,0xacb83a5dc1b7d603L,
-        0x3894655a113e8492L,0x4198a4dda53d7e23L,0x4154cb63a659d9b2L,
-        0x87dc05902048cc45L,0x75bd93c9c871f14aL,0x000000000000017cL },
-      { 0xc5d2c8571c27cd43L,0x63c9590620c15abaL,0xb7338ea047b68435L,
-        0xa328b780f45c64d9L,0x5830791649070f2eL,0x00fcabc4434c1e1bL,
-        0x49af9ad69c28099eL,0xf45e8e264cb91946L,0x000000000000012aL } },
-    /* 21 << 476 */
-    { { 0xa566513cd10f4d45L,0x96be203262cf6caeL,0x3c901109bed653c4L,
-        0xc9ddc6f5c9e6aac3L,0xd71c7f5cdf7736dfL,0x8e668bacc14d30f1L,
-        0x8472c592082aa9f9L,0xa956d0c59e379045L,0x000000000000009dL },
-      { 0x2a30d8f689f409f5L,0x959721c74f2040f2L,0x4f2e28eccab44c6eL,
-        0xd03ad278fa69fdbdL,0xf23605b67d5434e3L,0x5b23a0fb99dfd293L,
-        0xbc9005f5cd1aa7b2L,0x9b380071de406705L,0x000000000000003eL } },
-    /* 22 << 476 */
-    { { 0x9cd76d418f852e50L,0xe53ef54d74e73fedL,0x719560097ff71362L,
-        0x7063bd9fb11e07eaL,0x612e763de01438fbL,0xec67b225fea1f881L,
-        0x689a7e7f935b985bL,0x32110c564098c919L,0x0000000000000052L },
-      { 0xa6f57214c1811d27L,0x72f18b108b658477L,0x24c30d8cf4eeab7bL,
-        0xaa6d60131c6f8ab5L,0xea6b996378dba5ceL,0xdb404acebca2295eL,
-        0xfe583aab514c8334L,0x6497bb4d15394b37L,0x00000000000000acL } },
-    /* 23 << 476 */
-    { { 0x199de705d09dce53L,0x3677a5add36a0a45L,0x1f052544a09d949cL,
-        0x79cd422fda21efadL,0x01669ab6f92c9479L,0xec05bcd94b070ffdL,
-        0x78cd06d3915dd773L,0x657eac7820febb9eL,0x0000000000000078L },
-      { 0xdbc2430b4f4fde91L,0xd68c37e8d9330002L,0xe37f66a0a1ca0636L,
-        0x42420f8b219f789dL,0xddaae3cfc9391916L,0x964b9ea1de5040b8L,
-        0xba0d5701f5637d90L,0x2433cff430254a91L,0x0000000000000136L } },
-    /* 24 << 476 */
-    { { 0x19427f7c3a0dd44fL,0x2422033f899cb9bbL,0xca5616531c414cdaL,
-        0x2a6dd24ff611151cL,0x785ac036cb1ae063L,0x523c8d8947ed9de5L,
-        0xa73e893cd2a988cbL,0x2c3013cce4b8ed7dL,0x00000000000001a6L },
-      { 0x4eecf37e9d92a8f3L,0x5e624fc1a23ca927L,0x4093ed7b54675ceaL,
-        0x0ab770fc3071943fL,0x2d70962e31069eeaL,0xb1f1c5acae0038d5L,
-        0x1b3164d04aa60fcfL,0x941eb6e60de4061fL,0x00000000000000daL } },
-    /* 25 << 476 */
-    { { 0x3dd4ee8e19a73314L,0xfe0237c31ee71340L,0x304ef3c4dabd8295L,
-        0xa470f16e2b0e401fL,0x9b9b18bda90af043L,0x16879d527d4b1066L,
-        0xa64163238a3d7f8dL,0xaa9ccc7e65ace4acL,0x0000000000000026L },
-      { 0x57dfdb26efd2582aL,0x31a4cbd5816472adL,0x3696706110bc7c16L,
-        0x5a4b9b40653ced98L,0xdb6ebf15a0a04521L,0x7837ec24873b5291L,
-        0xa7e51a29a5790ea5L,0x4fe225932c1f90a3L,0x00000000000000a7L } },
-    /* 26 << 476 */
-    { { 0xe04751fd84b60e15L,0x907bdd54dfdb9fc8L,0xde29491fccea9731L,
-        0x08b53084558b3469L,0x932829537bf3fe60L,0x9542d0cc571d9a75L,
-        0x3e280110dcd0424dL,0x1c653fd7f1fffe62L,0x00000000000000ecL },
-      { 0x0fe3420222f47f20L,0xc55aa305727b5ca5L,0xda700ec9cb053631L,
-        0x5b540840d29a3db8L,0xa3215fb991f76098L,0xfd43d98f587dce0cL,
-        0xaf9356d4b0186f34L,0x42fae7d342631c7cL,0x00000000000001d5L } },
-    /* 27 << 476 */
-    { { 0x809a4ee19e29d9bcL,0xca98f3eb866d85ddL,0x8b012a73c6076d52L,
-        0x2d3c172d25f44794L,0x9c51f8b7aaba69c6L,0x0d8418773aaf1dfdL,
-        0x9f8d5aea3aca08b2L,0x2d259c4d82594f4bL,0x000000000000016bL },
-      { 0xbb8f9a9ec0d718f2L,0x6731472692f7dd58L,0x30d7fb584429c13bL,
-        0xbbb606d88a6127bcL,0x40e9739fe02e8f49L,0xc14feea8cd2d0037L,
-        0xd08e46c31c288befL,0xad94174d58456ddbL,0x000000000000004fL } },
-    /* 28 << 476 */
-    { { 0x918ddc53c03584e2L,0x63792fc32a8e3474L,0x8f62970f8d6bf25aL,
-        0xa865f2e231898fe8L,0x39dc06d1ded08fd0L,0xee1d4e6f603536e0L,
-        0xcd4951727a60552fL,0x427b8e9eb63f05a9L,0x0000000000000045L },
-      { 0x2229440303fced47L,0xec0db4da27fc6286L,0x0ec8947b4f7f7b5fL,
-        0xea2cae19d7dbce85L,0x9bcf3f58900d2b20L,0xc8688ae67529f727L,
-        0xd45e9ee17169208dL,0x1b6c3acc1513e205L,0x0000000000000080L } },
-    /* 29 << 476 */
-    { { 0xc9ea814896361293L,0x7e8dc3b2cbe8593fL,0x133f210f3a9b8cb6L,
-        0x90a01852e96e46b4L,0x5075484c849ce67fL,0xb452de9c8e5b2fc1L,
-        0x0a3a41c03efc8f60L,0x2466d6310970d1beL,0x0000000000000056L },
-      { 0x3ef2e84ffc6a068bL,0xe878a857b90a37d2L,0x983320953070a043L,
-        0x3a884fcd9a96f4a2L,0x023ece985cfe8c13L,0x5d397f8566a6e2bcL,
-        0x566cb17a6e325e8cL,0x8583e930d325b396L,0x00000000000001b7L } },
-    /* 30 << 476 */
-    { { 0xe4e1585378ad5c40L,0x88bb989adac2b22aL,0x0640a72813d25937L,
-        0x453c268adc17fe6cL,0x1405015ffff90425L,0x6df4af98c282227aL,
-        0xe903cd7dcd424986L,0x3a642d65ddbe81a6L,0x000000000000009fL },
-      { 0xf69256ff0b072bbeL,0x025e83d594792f5dL,0xfae73b56e1a0d4c8L,
-        0x41b4794fd773135cL,0xbf533baefa6a7c6eL,0x8d10d72c9370e86cL,
-        0xaf4005bb45c5b34fL,0xc929d758bc34a7d8L,0x0000000000000149L } },
-    /* 31 << 476 */
-    { { 0x4595f8cce9d67ceaL,0x6943ca4166942ca4L,0x53b1cac7945ab052L,
-        0xc6c82175cf0ab86cL,0xabf93f532f16a36eL,0x29a01d58ccc0db55L,
-        0x71cc7e2b2e389be1L,0xef5bd8ce5f396997L,0x00000000000001e9L },
-      { 0x2344a22bfd5a46d3L,0x0e4804a34e184097L,0xb24186d5ae5021caL,
-        0x7688f016081e9625L,0xb42d53683dbc5299L,0xeb8db964fc0f984dL,
-        0xb4ef82a2421e1f8cL,0x1af0710a07050a74L,0x00000000000001caL } },
-    /* 32 << 476 */
-    { { 0x027f4ff2d35b5acdL,0x0e0fec359eee8cafL,0xa99aa6e2544c2a44L,
-        0x0548945fa9de5ee3L,0x02ee7fb3c4c5263fL,0x3fae05eec75a400dL,
-        0x50ecff533640dfc6L,0xe57c180fc0cecb87L,0x00000000000000c2L },
-      { 0x22b3504387ba8e83L,0x6c47f5d21c652199L,0x2ec15d3d19f3260dL,
-        0xcf9e5050e95faea6L,0x7adc35cca4f5d193L,0xa7b0f1f33ddee652L,
-        0xdfb751246e213c07L,0xe33a115a7946ddc3L,0x000000000000009fL } },
-    /* 33 << 476 */
-    { { 0xbad8626ba00b3223L,0x28f525c1276bf50eL,0x5473d3efd0d599f9L,
-        0x8327c435483a8f1cL,0x0d6bd8e891b88a89L,0x3ed2f18bb691fa7aL,
-        0x4bb37c999089f2dcL,0x7872a7d971139d0fL,0x0000000000000073L },
-      { 0x5075c85dce1794aeL,0xc677297b24378c22L,0x9f7ff8617d981d06L,
-        0xdff027c8defa63c3L,0xebe3157882b6ae41L,0xad2afc54c16e74baL,
-        0x29f51ea9c2b7ede2L,0x8af4f36efdc2ad9dL,0x00000000000000eaL } },
-    /* 34 << 476 */
-    { { 0xaeedb8fff0380ebdL,0xb4c5f02397de16e4L,0x6d48399034558657L,
-        0x7c35f8d58dde237cL,0xf6476a21ade8cc2fL,0x610f9504bf380f9cL,
-        0x66d63301ba054ee0L,0x2f1bcb891340be68L,0x000000000000019bL },
-      { 0x4a514ab9bfab6e8bL,0x6602369b2eb7baf6L,0x6642e1f1c7c4bd05L,
-        0xaf22b1bfc31de5beL,0xac45bff337ba8dfeL,0xd3d3be278a0f3484L,
-        0x39ad805e35d3e9cbL,0x5cad4328fc61a017L,0x00000000000000a1L } },
-    /* 35 << 476 */
-    { { 0xb485946aa3d8dfadL,0x1e0ef60f4d09e4edL,0x2465fb251f947cd4L,
-        0x86ac22024f26eb6bL,0x1ef5a7e60ade65acL,0x7e9e1e9ad1343201L,
-        0xaac3955c7be0aaf2L,0x59c532f852752348L,0x0000000000000136L },
-      { 0x502f0d9b95d6df86L,0x695153fdc8819108L,0x46488395b504460bL,
-        0x0dd02f9d7f9bedf1L,0xd03f5b64be406a37L,0x81ca920f0d3f5fa5L,
-        0xabc154fa56564543L,0xf7e482f6ad9dd5cbL,0x00000000000001c5L } },
-    /* 36 << 476 */
-    { { 0xed7c87484052967dL,0x539e1bc034ec54e2L,0x45a999801315ccc6L,
-        0x6ebab37dfd3c16fdL,0x35c88fd9776a636aL,0x1d5074b9545a61bbL,
-        0xe13c2ef55e5fa705L,0x161fe458b33824eeL,0x00000000000000f3L },
-      { 0x6e403b0577aa5135L,0xf830daa6bc413029L,0x778b4c30533435acL,
-        0xd8436f9421a4dbf3L,0xfb75c9677ef5d437L,0xbf31e122f1c93e89L,
-        0xeba1e3bc524a71d9L,0x68458dac4b75e86cL,0x000000000000006fL } },
-    /* 37 << 476 */
-    { { 0x6f4f3dd0662499e4L,0x52fc1991d3366014L,0xf3e18982832a72b8L,
-        0x139e6a0aa61c4ed6L,0x30f28391fc271a46L,0x0567b845d969103fL,
-        0xa37f178406ccbc6bL,0xef56b5fda5093031L,0x00000000000001deL },
-      { 0x1254563e29bdc854L,0x51dffa0a17e7bfeeL,0xeb23b7b813055a8eL,
-        0x6a0c00672f115b69L,0xfde42254f5451cf4L,0xfad70d3250091f5cL,
-        0x8e3344f7169ff7dfL,0x509c843aa437d427L,0x0000000000000195L } },
-    /* 38 << 476 */
-    { { 0x34a512a52212da86L,0x35e49c33dc085fa5L,0x67559f2c3268fb8fL,
-        0x5a0e4c28fa04bd3eL,0xcc71661f406b00b9L,0x10b53ac137f6f369L,
-        0x322427439de56f17L,0x50992ef21074232dL,0x0000000000000086L },
-      { 0x2710c0242e9778bbL,0x6a445e195e6730f9L,0xe9db7c6b182bcf75L,
-        0xcc2c0c169cff3237L,0x38495c929e91016bL,0x14a3999b65c4b494L,
-        0xb94667e0ab92f8ddL,0xc52df245a2e4dddcL,0x00000000000000a7L } },
-    /* 39 << 476 */
-    { { 0x24b43f0449465931L,0xe9846e833c923c39L,0x640cf800272924aaL,
-        0xc9b6037cebb88275L,0x3e920427a1656018L,0x7cb62370b8f85c77L,
-        0xa9df472ad4347c6bL,0xe438aa66e042c30aL,0x0000000000000031L },
-      { 0x853f201d6011ebd8L,0x065d9edd4ce480a2L,0xc2eabdfcee6a18d9L,
-        0x9a03831d83905426L,0x09d2b3fc3a039862L,0x75040f7227c291b3L,
-        0x77dcba094598435dL,0x1391704ac9b9e54dL,0x000000000000018fL } },
-    /* 40 << 476 */
-    { { 0x0cfe94974ad63b91L,0x39411a2cadcc08d6L,0x198aa66d98605b89L,
-        0x0c1153da708841cbL,0x7edd21f29e46a446L,0xa45f38dce62221fbL,
-        0x9cf28ee83580482bL,0x06aeba1fa674e7a4L,0x000000000000015aL },
-      { 0x38e7fd4db449387fL,0x6179190109421a33L,0x65c1a5844fe13330L,
-        0x6fbf269567144a82L,0xa06241c4d40afbe0L,0x9af35b88eff6a461L,
-        0x001b6b24e2be2435L,0xf1ec4414905dddc1L,0x000000000000000fL } },
-    /* 41 << 476 */
-    { { 0x00de445f7006f9feL,0x0786824e311bf00dL,0x8206644605c0fce0L,
-        0x25cc4fd9905278f0L,0x1882ee6eaa7c33ffL,0xcd1577bc651cdc8dL,
-        0xd31936e360161788L,0x9ab9852fc5fa4f46L,0x0000000000000170L },
-      { 0xc3979e72c25c1871L,0xe6ab079252c82442L,0xa1da5c25e8949acbL,
-        0xd91b3d9bf02b7d0eL,0x54fa0575516699a2L,0x8efb5dfc11397f0aL,
-        0xa694a0446f27a9ddL,0xd776b8b7635f3527L,0x000000000000009eL } },
-    /* 42 << 476 */
-    { { 0x18ceeb27896f7815L,0x2e6a7298196a8bdeL,0x3a104d3eacbe43a9L,
-        0xcc207227823bbaa8L,0x6d905c49f492f53aL,0xe6ff675f6839c256L,
-        0x0458eb94c0dd385bL,0x0fdda10a3f558bdaL,0x00000000000000c3L },
-      { 0xaf516cffa8da33b6L,0x1ed91b01df22270bL,0xb11f0c5561393addL,
-        0x44c5ae29d31390f1L,0x5b2b530a894ae78fL,0x4dbdca81df45dc47L,
-        0x5f0834c94e3827d0L,0x302a6a06ea2a27c6L,0x00000000000001d3L } },
-    /* 43 << 476 */
-    { { 0xbd2cdcafcbac1d22L,0x8b67a628bbf18095L,0x8360fbd4b99755deL,
-        0xaa3c1abd36b6a3d7L,0x90258eccaa6f0471L,0x75df5700a954109eL,
-        0x6ed4ac78486b2593L,0xb456ccbf8b51a370L,0x00000000000000d0L },
-      { 0xa6aa0ad865cf6c0aL,0x3b1965ac95863b68L,0x129262647c831811L,
-        0xb02283d73e9eed94L,0x7314ae01b2126091L,0x39219a7287aa13ddL,
-        0x2ee49375c32a59baL,0xcb689e7335851c67L,0x0000000000000109L } },
-    /* 44 << 476 */
-    { { 0x75c28be714a5265aL,0x8dd13c72b4c7802dL,0x26d2cee7c8d89192L,
-        0x83c5d55d24272316L,0x882f4e1c4c5b6041L,0x477bbf51d3237af9L,
-        0x929ad1da89e4635aL,0x462e54e4440dcf82L,0x0000000000000115L },
-      { 0x92e86b7bd6710cc8L,0x9ae2cb4c210a3bdbL,0x5e366b0765cc970fL,
-        0xe0c9c82b7713075fL,0x4fe46ed1410513e1L,0x655944acf5b5edc8L,
-        0x328afb24e3986180L,0x2c86c170ec210c87L,0x00000000000001afL } },
-    /* 45 << 476 */
-    { { 0xdf078ff3615fae7bL,0xbd1e1ff130dfd4aaL,0xb5acc56700ef9988L,
-        0xc8deb6c5e593e61dL,0x9705431612ce76fdL,0x466d5faedc8235fdL,
-        0xa7887816e3802e8bL,0x8c477b7168cee998L,0x00000000000000caL },
-      { 0xf7f7097b7146d6d2L,0xbf5012c5ede058c0L,0xf093ce34a1cd690aL,
-        0x6412920239deeba9L,0xfad016ef45d0ec64L,0xb8006ac513ce1bc2L,
-        0x519ff55a527f8971L,0x8203739fdf660805L,0x00000000000000d2L } },
-    /* 46 << 476 */
-    { { 0x589116a0f1e8c56fL,0x6ea85ed6cd20d5b0L,0x5f1f5d6832ad1f37L,
-        0xf98c761eba7ec611L,0xf5295fcd103f1f7aL,0x26b7bb746cd41f07L,
-        0xd8ab44aaa0d20471L,0xbf4002f4cac0098dL,0x0000000000000182L },
-      { 0xc6e82ac8c6c269e5L,0x5140dd2468160d85L,0x98e7440ceaed9d4fL,
-        0x72eb1107ba61a8c7L,0xced4753f28c51ea0L,0xfbae3303b6a8c96dL,
-        0x2b03bdff7c3e52e5L,0xefe149227825d3dbL,0x000000000000002bL } },
-    /* 47 << 476 */
-    { { 0x42359d455c79dd95L,0xc58e19f927540084L,0x430f0e5278fe7d63L,
-        0x16a8589a0faf615dL,0x3839b8a7503a9f7fL,0x0310ebe623e6b6b5L,
-        0x2c585bbb62de235eL,0x91cdb04da2d3388eL,0x0000000000000035L },
-      { 0x31b09c074ccae626L,0xbad7e2a38eb5fd2bL,0x609f75e05bed3b8cL,
-        0x61ae6c2b8b23d6a9L,0x7f9c74bb2b493455L,0xa7ca5bb0beb78ac5L,
-        0xb2413a13d4af6a09L,0x23169f3e554697ddL,0x00000000000000baL } },
-    /* 48 << 476 */
-    { { 0x6e965255ef4b1b98L,0x3f63b6bd8ba97bf6L,0xc6cacadb19bb0ba0L,
-        0x9f88f0c83c8edcc4L,0x3a2d4bc51a489aceL,0xaa3075b75529bb67L,
-        0xcdb0c4d6ffbbd2bfL,0x4a3b41d33a568fd4L,0x0000000000000146L },
-      { 0x46442711effa56aeL,0x941858d847acc062L,0x9480d79c7434d565L,
-        0xa92e885943322eccL,0x650cd6de5f82931eL,0x4ef5d48397876156L,
-        0x04ca704aaaf946f4L,0x75258aac0a95e02cL,0x0000000000000132L } },
-    /* 49 << 476 */
-    { { 0x2544f5d10856d9fcL,0x29678dabe80f610dL,0x0987e134066ea695L,
-        0xa208023070fe1ac3L,0xc65df557fb51ba2bL,0x60a2d5693320b29dL,
-        0xd097f83de67d902dL,0x7f92f3d3d76522f8L,0x000000000000005fL },
-      { 0x7ecc057cbd6ff176L,0x5abcb1d0d907062dL,0xc49f4bed9fd1bcf9L,
-        0x4042dd6399c27c6eL,0x1b1a7480a867644fL,0x8d65632c49d3134dL,
-        0x6f31a12a548695a9L,0xa0abbea7be0ed228L,0x0000000000000170L } },
-    /* 50 << 476 */
-    { { 0x16e0e933c494da37L,0x3018f05aa75b90ceL,0xa382c38aa8dffc72L,
-        0x66775c45f105047bL,0xd4f234b08929555fL,0xfc5c829646525c45L,
-        0xf65136353442a793L,0xcf862712fbdc67ebL,0x00000000000001adL },
-      { 0xa1afce91c8e7f888L,0x23a79d7eefd25a7bL,0x36d5b89881e2f333L,
-        0x4e9f1db4e12880deL,0x4ae2df6b6ea83f9eL,0x3dacb4b7f81caaf5L,
-        0x03d46680fb01b238L,0x3b6ef2c1077e2c41L,0x0000000000000104L } },
-    /* 51 << 476 */
-    { { 0xb5549eaaade2d6e8L,0xecee8b8177078851L,0x75f43854e0913393L,
-        0x5752bf7208c25924L,0xcf0f36aa1873d036L,0x6fb99df52d814f28L,
-        0x12fcade24f4460c7L,0x1f39dfc0d1ff8940L,0x0000000000000073L },
-      { 0xc4821f9e1f3474cdL,0x52eae506d410f535L,0xe5fdda1f337122f1L,
-        0x7436c966551d7704L,0xb1315a9b7e5d83ebL,0xb47b7fa163dbe687L,
-        0x9de3f163e1ad5528L,0x4eab78571865d6caL,0x00000000000001e9L } },
-    /* 52 << 476 */
-    { { 0x4e989dfe03410c9dL,0x33cba247a0b9dc26L,0x00a287260ec09c0fL,
-        0x5ef32ea9166a3d1bL,0x11acc0b22efa02c9L,0x78780ccbc37bb3a9L,
-        0x80695d7957cd294dL,0x2d2fcf8d22a843baL,0x00000000000001e3L },
-      { 0x01b2f4a035455b91L,0x0501fad5292c8300L,0x1d2c358027a13460L,
-        0xc58b09314cdbe18cL,0xa00615bb09c40371L,0xc07dc42a31e3bb1eL,
-        0xb85f8730f5bd0e84L,0x9f6fbbfff41772afL,0x0000000000000030L } },
-    /* 53 << 476 */
-    { { 0xd09c91bc77553a15L,0x361e49601bd5da39L,0xd3980e9f72042f3aL,
-        0xfcd4543d671a9b4bL,0xe0f776a8a6acfc0bL,0xca99229a69a5624aL,
-        0x831862aaa1f64885L,0x5883a7af179436caL,0x000000000000019dL },
-      { 0xc40411817d06a8c9L,0x8a0941ef8965fae2L,0x6150d992eb25d71bL,
-        0xfbaf356ee2350cd8L,0x5cffc7c6a439b155L,0xc3566052a70c21ecL,
-        0x9d4432847f016d22L,0x30295f053f58948bL,0x00000000000000ecL } },
-    /* 54 << 476 */
-    { { 0x6f279f62ede689e7L,0x9b66e05622e958e0L,0xbf0df539b143ca4cL,
-        0x945ffe3c094f5f2bL,0x425a9a9008dcd6e5L,0xef36de89a6fbae42L,
-        0x9e5291e573bb2760L,0x93b5925a57d1173aL,0x0000000000000183L },
-      { 0x4dda1a9760968355L,0x7c45e7440760b638L,0xa80c805f102af8e2L,
-        0x3b784e7d0d1802b6L,0xae9196a070c07c40L,0xdec2da01ef7d0af9L,
-        0x0159c65e60349221L,0xea3091d6801d78d6L,0x0000000000000080L } },
-    /* 55 << 476 */
-    { { 0xa09d33ba8c2aa8bbL,0xa73e2da2a4db5575L,0x62caaad1556990feL,
-        0xdaffaed72d31b382L,0x8504f2e08be1f79cL,0x15f8630b9a60fca3L,
-        0xa2ac9180540630ccL,0x1190d92dd7720e42L,0x00000000000000d9L },
-      { 0x208070c9c36d06deL,0x1b195581806e6fc5L,0xe358e901b6f52524L,
-        0xdc2bebf342ab3a2eL,0x4825f836a7a28526L,0x64ea6668c0a29d15L,
-        0x8c66792927af62bbL,0x3b9b031889fd3214L,0x000000000000005eL } },
-    /* 56 << 476 */
-    { { 0xa901a71312538fe5L,0xce0c9871f2f66dccL,0x05e90fbadbfa8c57L,
-        0x82626b4d4a84065aL,0x95101f3bcec2fdc0L,0x00fedbd1c2389459L,
-        0xc38e00945c1ce6acL,0x07d68900b4ef5efcL,0x00000000000001c7L },
-      { 0xbee9a6aacab8c27bL,0x5a8c52d998486109L,0x68351a08da2cf44fL,
-        0x83e72bad29e7f1a4L,0xf6397648b1220a5cL,0x791fb8c6230e46b3L,
-        0xab83c6386b1dfa43L,0x8b7d1b711d99ac55L,0x00000000000000f8L } },
-    /* 57 << 476 */
-    { { 0x765aa8e7876c772bL,0xe6843325b5b97f6eL,0xfe9fd6c58ab54c16L,
-        0xd6a1e62441d8de82L,0x42a5842800260cb5L,0x407b0e42520aab9fL,
-        0x039d551ec8ce6af2L,0xa884cf26f0a5f4d6L,0x0000000000000155L },
-      { 0xc32e89bf69c53346L,0xeaabbd18c5e05a39L,0x88520159b89c3d28L,
-        0x9d7431d255e2270eL,0x6a27c977c289dff5L,0xfcd3b6da33729f3dL,
-        0x30a1e20283c7398bL,0x19f5f537da4e5125L,0x00000000000001dfL } },
-    /* 58 << 476 */
-    { { 0xd6b1be19b2227e11L,0x089708a5103e4640L,0x234103f813d0eaa9L,
-        0xcad17afd3fe18f65L,0x86b69be58933c95fL,0x3cb944820cbde5b2L,
-        0x63ef96ce553e46ecL,0xfcc54f027ee7ab01L,0x00000000000001edL },
-      { 0x6c85f7c1b24788e5L,0x3b7135a7ed618715L,0x7cbeed1899453d4fL,
-        0x2494a201ee56ea6fL,0x718327b3cff78c9cL,0x0b51a87c87f006c6L,
-        0x0da34203f2a2a6e4L,0xdef43eb70f3d8ddbL,0x0000000000000118L } },
-    /* 59 << 476 */
-    { { 0x5660ef89fca5e4dbL,0x147cb2c562b1adafL,0x656e8f4565f6200dL,
-        0xed790c437415cb36L,0xe9edf21257aa09adL,0xbc19c5fc95d36d02L,
-        0x43f17f8678de47e7L,0x2850fe7691b3b0c6L,0x00000000000001f9L },
-      { 0x5d9cf8962551c84dL,0x66bba935edaea8e2L,0xa8ad879ddd2adb96L,
-        0x332b3b65a8ecffc5L,0x598adbd76449ab1bL,0x92d14bb3e3ab3305L,
-        0x5288b2dff02d0b51L,0x63556a666aa36025L,0x000000000000008aL } },
-    /* 60 << 476 */
-    { { 0x26693bfd33fd2555L,0xc6ffca6e0d7d3eebL,0x3df570919647dcb9L,
-        0x05ee7744cd5235acL,0x4f33bcbd0acccf3fL,0x10ff4e69e5176e6aL,
-        0x059a1dbefd230eecL,0x1589dce81c63e145L,0x00000000000001d0L },
-      { 0x283ef53ad892bae1L,0x25787ebb1e7b35adL,0xe4d612fe84ddaa2bL,
-        0x1350f60986da9a4aL,0x0daf1a86d28940d9L,0xb58efecedc742269L,
-        0xb316aea1c05daa85L,0xfc0c48a1c8adb92fL,0x00000000000000caL } },
-    /* 61 << 476 */
-    { { 0xc8e460eb5db3df35L,0x4a3b8c99fc914e7fL,0xf8352c30e961adfeL,
-        0x2c2fe81b2f9c30f6L,0x3f8d9d32676a3d21L,0x663e1dea77a990a5L,
-        0x54974a741998b5f5L,0x78968bd0304b02c2L,0x00000000000001afL },
-      { 0xf07c9eb52479b8baL,0x90a4eb34b2f78c13L,0x8d4c1421d769cdf8L,
-        0xc2ff257feac177e7L,0x5a7f84c740363d1bL,0x845c7d87cf3e6f23L,
-        0x0801827661f1cc24L,0xa6f875b23bf25783L,0x000000000000019cL } },
-    /* 62 << 476 */
-    { { 0xf9fefec9d7a4cf66L,0x38ce98608bfc8387L,0xd72acfec1c10d914L,
-        0xc98c23e6f2daea2fL,0x9395abfe41cec6a9L,0xedde92f2ecab3380L,
-        0x403c12cfece67cd5L,0xdc77f38e72ef3b83L,0x000000000000015cL },
-      { 0x05d31e27bdbfeae2L,0xeed3521c3cbc6102L,0xdae5b97d85b16c89L,
-        0x2211c4770d03349eL,0x8de8a13fd5f6ba3cL,0x769676f194a76b70L,
-        0xd7487982a0097db3L,0x39c43746da241827L,0x00000000000000cdL } },
-    /* 63 << 476 */
-    { { 0x5c311656b5797336L,0xe90cb3caa840d076L,0x20bbd61e2cf37453L,
-        0xa0d0e7e30487e7aaL,0x56ab5c950c73dd7cL,0xd239c650a42de3c7L,
-        0xf6bcaab92e59b709L,0xfcd8f1277623641cL,0x0000000000000162L },
-      { 0x6025552300cd2ba8L,0x95be73bfe5ad4751L,0xac7188bc800a9c4bL,
-        0x7f30bcb9e920f752L,0xc9b970f03e122bbdL,0xb95efc15eb82e5bfL,
-        0xed09e0d7aecce9f3L,0xa75e92cdb123af88L,0x000000000000002cL } },
-    /* 64 << 476 */
-    { { 0x7aaa8f37d3cb8e9fL,0x8f3b48a91a73d853L,0x783ebbe7ef285a53L,
-        0x4f9d97291c3ef389L,0x130f276c6453da69L,0x76683273834facedL,
-        0x026a3722af5af17cL,0xd588aa37f08a5e50L,0x000000000000016dL },
-      { 0x81b6610bbbdc76b3L,0x406785dd563a6902L,0xe0755f6ced775283L,
-        0x08d6c84753b16d0aL,0x48ebb570654f906aL,0x3f0c62b7184b373cL,
-        0xd6bb91b6314d776aL,0xab9bfb3a224744a7L,0x000000000000012fL } },
-    /* 0 << 483 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 483 */
-    { { 0x5abd70212d7e7be5L,0x5ae72dd6b01cca76L,0xba2a179499fa6345L,
-        0xbd22d699b5d0cb9bL,0xde336adffce9c6b9L,0x602dc43cfb816436L,
-        0x9d86318f33b17e66L,0x43f8ee75dcdd628dL,0x00000000000000e6L },
-      { 0x1bf13bba3d223930L,0xd77bbb123b6b0034L,0xa4ea21c4be34bac8L,
-        0x95e5f221aab61589L,0xb4494eb79d411c28L,0xa423c6f5cbe6faa1L,
-        0xab882ee7a6e4e735L,0xb36eacdb546545b3L,0x00000000000000c2L } },
-    /* 2 << 483 */
-    { { 0x651b47c813b42e63L,0xe705441316bee2b6L,0xdcf60ca386a71ac0L,
-        0xabddb357e3baf787L,0x99d631d181a2db2dL,0x3f1e3c7fc8c9b834L,
-        0x3b30fa1861adf4d7L,0xd1d8d98014b9f46bL,0x0000000000000139L },
-      { 0xae6f6b72f6af1252L,0x0fc583984ff8a00bL,0x1b2c0cc5a81fd641L,
-        0xbdcaabe6e68b6fbaL,0xd1af82fe70b14e44L,0xe9c35419e55ce735L,
-        0x3c83d9dc01dcefb9L,0x42604200fb5824c9L,0x000000000000011fL } },
-    /* 3 << 483 */
-    { { 0x83b863c448455ab7L,0x76d7a946b45ec4d2L,0x3a26946f1a9dbb92L,
-        0x3912023daae7ac94L,0xa55fdf4ab43e7baaL,0x0b84464b5164d35bL,
-        0xdafbaecd58ac3925L,0xcf5aa8cb1f7b30bdL,0x0000000000000089L },
-      { 0xb3fa2268858cb669L,0xd325b4a6074aafacL,0xe364297587e39973L,
-        0x1d9aac78d8125423L,0x205ae65940a7d2d6L,0x102e8f88220f449bL,
-        0x5b98b50f429d6d97L,0xef341ac978674bafL,0x000000000000002dL } },
-    /* 4 << 483 */
-    { { 0xc4c1d5064d245501L,0xc7c62e341083602aL,0xd5d6895961f152c7L,
-        0x3b142866906e6f00L,0xfa4d7aec3468335bL,0x6c36da5cf4687f7fL,
-        0x6643389b0dc658daL,0x99cb5866d8447de8L,0x0000000000000037L },
-      { 0x0fecfbab807a703eL,0xeca0bd01ee68c875L,0x375589c920d8bdd0L,
-        0xc0fbd62f14025692L,0xbf5a0c1ee6b70d27L,0xf9630aed9cbbb1aeL,
-        0x9776abebba99b392L,0x883c8b53c97978c6L,0x0000000000000095L } },
-    /* 5 << 483 */
-    { { 0xe79aa3fb79b1fd27L,0xf4613c54cb46f207L,0x9a56f2c3b0a5bcd7L,
-        0xf6ce188a5ecd38d4L,0xfd52c36f90250becL,0x182bd1b97d054438L,
-        0xb1401bdf2586edc0L,0xe147512afa989224L,0x0000000000000044L },
-      { 0x68fea57855a2d55cL,0x547f9129b57a7470L,0x4627c2ca8df3b0d9L,
-        0x4ef699bee8aad7cfL,0x62677d53f996c4f1L,0x7f79982e924cf349L,
-        0xbd5db9da4d785216L,0x2554390fe96df8acL,0x00000000000000baL } },
-    /* 6 << 483 */
-    { { 0x753ce74ae22f1171L,0xae29377f15f959eeL,0x90d8c9c5dace4bdcL,
-        0x45f210f7ab4dcffcL,0x32135e10e1283166L,0x23a0610932072197L,
-        0x4d3cccb74d767572L,0xccdc43a3807a50d1L,0x00000000000000e5L },
-      { 0x6a5534206880d712L,0x92b60f04dd80c4cbL,0xf3538ba2dcc9d35dL,
-        0xd3166fafd0787305L,0xd2a1b177b7d68560L,0x847aaf905e9f7915L,
-        0x210046e55b83cc7aL,0xd26ce0bdb4964926L,0x0000000000000179L } },
-    /* 7 << 483 */
-    { { 0x2a569603208e6bcfL,0x8d08f4df9f8f8597L,0xc13bef95f9d62574L,
-        0xc17f7fae4fdec97bL,0x7810ce14a511c162L,0x10fa0d23941c7cd4L,
-        0x2f41e9f76aff6e68L,0x70665ea2ffb8f648L,0x000000000000000aL },
-      { 0x0b5f267fff4baad5L,0xf1f79c10cb85a780L,0xd2003dee61e33305L,
-        0xda556c2fbc3b90cdL,0xbb799f45e116a936L,0xc6183fd80ce85ebeL,
-        0x57b3224fa035eef6L,0xf6840485e96bc901L,0x00000000000001baL } },
-    /* 8 << 483 */
-    { { 0xdcbfbb8be5f5826eL,0x31fbd1c02954969bL,0x452c254d09536e44L,
-        0x6b733e3b36cd821cL,0x8fdfe02f2d8260f9L,0x26163d810e2a44e3L,
-        0x23e435a33e2e3a4fL,0xcd8529b5777baa61L,0x00000000000001c0L },
-      { 0x634dd97aa246d14eL,0xdfed13a7d443a978L,0x4668e97a8752bec5L,
-        0x1f52f42826a0f8e7L,0x0d69a760308ddff1L,0x54602bf7591ed51eL,
-        0x223e342b3bbab1b8L,0x1cf905cbd5003ef7L,0x0000000000000132L } },
-    /* 9 << 483 */
-    { { 0x070339e46d0ba610L,0x57de05dccb0e3fccL,0xb4f1cd37d61a1266L,
-        0x92ca341caa4f2316L,0x4ae641fc258976faL,0xdb7cb7cb079c8bcfL,
-        0x88c11cb58ec68df1L,0x42cb801909df9b8bL,0x0000000000000198L },
-      { 0x3cd7238e57aded5eL,0x0773bd3cf50528f0L,0x4c2b4f24c93b6753L,
-        0xcbd40a940481c43dL,0xf37fc077262905a7L,0xf079fd24bcc8664cL,
-        0x6e7453fd34a874d0L,0x41d6bcfaae635cd9L,0x00000000000000f7L } },
-    /* 10 << 483 */
-    { { 0xdebd96ecded7931aL,0x409a230cdfdb9955L,0x0eae02d5b65c48e6L,
-        0x3ab3dff83515edc3L,0x0440a0c53d119f82L,0x7601d278f7b8048fL,
-        0x3e0da58153655d73L,0xa04162f342c66d32L,0x00000000000000b9L },
-      { 0xdc305022e0d030b2L,0xb812c6a1af7d339eL,0xf845455f91973a30L,
-        0x3a40c4d454ade939L,0x7d5b0f691e0972bfL,0x7eadf7a28839861aL,
-        0x87a2e7067d36e5a8L,0xa25554c5d13c7670L,0x0000000000000055L } },
-    /* 11 << 483 */
-    { { 0x2f313869d8f59e86L,0xab16466f00c93e40L,0x534952a8f5901890L,
-        0x597b8bbfd3e7e334L,0x2a1d5909bf2e93e8L,0x74910268a78e52c2L,
-        0x3c2077e0e09c8fbcL,0x36e2b7500dd6ec37L,0x0000000000000168L },
-      { 0x21c2d362c58660b7L,0xcf97b440205ece90L,0x81e5da200af6629aL,
-        0x285fd88ad30ea06dL,0x9da2d653cf67478fL,0x6cb24c21fc1128d3L,
-        0xc32d0dc119cc5d3aL,0xffc4fcd6ca1c7866L,0x0000000000000113L } },
-    /* 12 << 483 */
-    { { 0xfc6e3abd7e791a5fL,0x8b60a8b7394f9865L,0xf07f164cb0f31984L,
-        0x3b0f7be135fbcdd5L,0xfa914a53c372e0ecL,0x6142002a0392f749L,
-        0x8f7ddc3b952ccab5L,0xcec17ddfa5e85e1dL,0x00000000000001a1L },
-      { 0x376e182e3bfb6450L,0x34275e3b5874742eL,0xc6c3bbc436fd4d5bL,
-        0xd5359a5f17024a3fL,0x690901d1be783d99L,0xd98f0714be92b949L,
-        0xd7ff8e0ffa44b971L,0xae0b1ea4a248a978L,0x00000000000000a5L } },
-    /* 13 << 483 */
-    { { 0xf6f8b353b1fa4f9dL,0xbc0ae01304d67400L,0x95e7d657984c5864L,
-        0x6e6799c1923cd2bfL,0xa98f35f7c07c86a9L,0x5149ab912c79f53eL,
-        0xb8219f4e278fa756L,0xfc6562d707de4775L,0x000000000000007eL },
-      { 0x92731c6de48adba4L,0x479c5d6bec0f7335L,0x8cf900f0a1d5e919L,
-        0x4bf6c08bfc45f29dL,0xee14bfe8c59cdc1dL,0x134bf2088cb8a93bL,
-        0x8d9f4d2221f26bfeL,0x602528a79bebee86L,0x00000000000000f4L } },
-    /* 14 << 483 */
-    { { 0x8ec2bc822c79e1e7L,0xec5c692cffb8b4d4L,0xa0d4d5090846b9f3L,
-        0x41eaccac33456629L,0x43e23429d484f510L,0x0bf959d35018896dL,
-        0xa817bfedf257daf3L,0xcd04bc49a1fb8e26L,0x00000000000000bcL },
-      { 0xda060441d92bced4L,0x278c04c95d4ef4f0L,0x8b6f0231396b753dL,
-        0xf68caa504533e041L,0x49d2f5f1d52bc9bcL,0x83ac55150141e329L,
-        0x453951c6c866b038L,0x09b032d479acdc69L,0x0000000000000196L } },
-    /* 15 << 483 */
-    { { 0x067e44283cbbdce6L,0xb8ebf52529eab785L,0xc28bb79079474bdcL,
-        0xc29cfe635c83856dL,0xd95ac7b911322ac1L,0x8e3d2b8879c119f1L,
-        0x9870c2c572896608L,0x2adcb4c763374d0cL,0x000000000000005bL },
-      { 0x2dd8023e63551e79L,0x5ae537db0a8e6116L,0x4fd274598917909cL,
-        0x5e805e1cb79a58c9L,0x12d0b7a853b21d48L,0xf80dca62cba9f1baL,
-        0xf90fe39681b2231fL,0x552083b960bab640L,0x0000000000000170L } },
-    /* 16 << 483 */
-    { { 0x1ae0819be9933309L,0xdf8bdb84232a74bfL,0xe0cd42ac756981f5L,
-        0x658128186734b942L,0x6b63d0a2f4accf5fL,0x4dc5d87a55294162L,
-        0x0ba927b230bc9a8aL,0xcdaae01ed8e36a78L,0x000000000000013bL },
-      { 0xbb632bfe8e1f565fL,0x29ebfdda53e94443L,0x1f98a0d3e10d165bL,
-        0x9f82830c637c795fL,0x3b33128740e0c47bL,0x8940d375f4bee639L,
-        0x05cc4dc38b8ad839L,0x3b4d9dbe10d505eaL,0x0000000000000117L } },
-    /* 17 << 483 */
-    { { 0x7549c45aa2216b1aL,0x221596f16518866eL,0x4f8ca3c1fe5fd8e9L,
-        0xb78df22a96363b34L,0xd189cef05ae37982L,0xc157b84591a02318L,
-        0xe1b74e4197511a4aL,0x5877f96c53320c2fL,0x0000000000000025L },
-      { 0x12689dc6861c57bfL,0x598b361ad283a108L,0x939b82fb7fa13a89L,
-        0x311cca2a36cfe81dL,0xec335b17bab0c07eL,0x440b8c5c65642a12L,
-        0x813884de04a2ed28L,0x7d19429e87290a2bL,0x0000000000000069L } },
-    /* 18 << 483 */
-    { { 0x5753bbb8a848cf13L,0x82b32a43d90c938dL,0x7f5770d7e6faa6e2L,
-        0xc7cbcaf37d684cbcL,0xcf943b1b2e7b48a1L,0xd1a7ee6f8d5c5321L,
-        0x1ab34e2d15cc06dcL,0x27d2cfbb74b5a5cdL,0x000000000000006eL },
-      { 0x022c5255ad3c3bf9L,0x3026a8b4f744d697L,0x5cfb32d674b6a2ceL,
-        0x8df70a0b5e50e51fL,0x8c9156a9ace784b5L,0x2efad6cd487c3a9bL,
-        0xf5e804c0aa2cec88L,0x5780cc59f9bd480cL,0x0000000000000035L } },
-    /* 19 << 483 */
-    { { 0x89c3d30477369722L,0xae2ecb09201a68c2L,0x8d5769fecab6da8cL,
-        0x6782778b33aa7ec0L,0xc74ec1254fc65e80L,0x72cc87bf6bdfc390L,
-        0xc8689471ddc0391fL,0x6f58f3f3482baac6L,0x00000000000001e2L },
-      { 0x27ccce608b129566L,0x41008f6064f9fa40L,0x2aa9067f4fa0a001L,
-        0xa1f2ba9a46716791L,0x2d4d15cf3a5e32e4L,0xdc75218aa4f0884bL,
-        0x349e45bfcf86c131L,0x1e11015c3228a631L,0x00000000000001aeL } },
-    /* 20 << 483 */
-    { { 0xf240d36be4ab3d55L,0x7acb5bf0593c4a6fL,0xb7456194130fdfbcL,
-        0x3d3af6220ec1bca5L,0x14a5cbd878b4f4deL,0xde12e1cd6c32e96dL,
-        0x5063ff425b7bce8fL,0x37efaca1003dc72aL,0x00000000000001b0L },
-      { 0x4274de57ccda7e54L,0xff66c962086c6d20L,0xca33121d4c9071d9L,
-        0x97b4200b3e732b5eL,0xec371b1543208ba0L,0xf6aaeaece25d09ffL,
-        0x226e14d2e18bab6eL,0xda5464f9459a3df6L,0x0000000000000130L } },
-    /* 21 << 483 */
-    { { 0x017af4517f7b8b0fL,0x0dfc68bca4a49a70L,0x789e4ac8e231f9d6L,
-        0x20db8ef6065ede81L,0xb739cb55d638a77dL,0x79d863e1184c2b26L,
-        0xca7312bbc0240acbL,0xf300fb15d3645326L,0x00000000000001beL },
-      { 0x1d991e4e459dc169L,0x7000c7d42cd45ebeL,0x96e9b26038f97f29L,
-        0x0c3f5c5fddb39121L,0xabdfe949839ccf8fL,0xa5c2a20559df3d2eL,
-        0x39295c3c114de48aL,0xbf438537678d7b4eL,0x0000000000000158L } },
-    /* 22 << 483 */
-    { { 0x9e96ebde76178c94L,0xb30646eb53081e92L,0xb2541cf8f47b37ceL,
-        0xf5899b4a72cdfe16L,0xe86f9bebbc9855dfL,0xcd97de762a3c7176L,
-        0xe792c9ccad4af521L,0xf4efad3de059fcecL,0x0000000000000153L },
-      { 0xad541c6a53a88fbbL,0x817ceac1fb7c79b5L,0xa4a04dac7daa33c6L,
-        0xfa09f56ff3d2d674L,0x9f53ef31eec7d069L,0xad1e5af49211cd93L,
-        0x0ff0a6dc959d77d0L,0xcb232def76ed9affL,0x000000000000002eL } },
-    /* 23 << 483 */
-    { { 0x9d7f958a886f6543L,0x0cfd178d4b11f4f2L,0xbccf93cb83966213L,
-        0xa733d7f47868f2bbL,0x35b2cefc80a83472L,0x791fd530e3108c17L,
-        0xd8b2fc0e8366c15eL,0x4aa1a7a237d4c1f1L,0x000000000000014dL },
-      { 0x965850c704d1e2acL,0x0cb5a3c0a6d83cc9L,0x1e354634a97bdc9eL,
-        0xc40e3a6cc4361defL,0xf5383a2d1945be19L,0xe2b5c363e4245615L,
-        0x685cd8c1716af301L,0xb0817184a59dc09cL,0x000000000000005cL } },
-    /* 24 << 483 */
-    { { 0x9134dac8966dd7c6L,0xb53909cb72bfde57L,0xa06f7191d2a4fae0L,
-        0xb22a5d860d8aded5L,0x9b0869337ba88547L,0x6a027da5ca1b3e75L,
-        0x55e8542182831df6L,0x52811cacca4fd543L,0x00000000000001d1L },
-      { 0x9184b34252d1a260L,0x046f70f2d4ae87f3L,0x75f0132452052638L,
-        0x9476a1609a4e8cadL,0x1485632621396b03L,0x381f263ff5af85aeL,
-        0x8e77b921f7010305L,0x7fab4d8838f30a00L,0x0000000000000072L } },
-    /* 25 << 483 */
-    { { 0x1ba8c7879deee4caL,0x0de11c34b39ac162L,0xe3c13cf606577091L,
-        0x4afa40f1069ce9c3L,0x8c4c9362c9588cb5L,0x70cefa89fd8388d2L,
-        0x5b93bd0bae70801dL,0xbf19651b29e3f773L,0x0000000000000173L },
-      { 0xcc716100d6635a0bL,0x785ab9e497770cd3L,0x97ad8f05f2d3d0f4L,
-        0x9153f661210b85efL,0x6ea72d9be05e09b7L,0x674d169512a35919L,
-        0x734afc5174d1756fL,0x685d097d4e4a7d3bL,0x000000000000011aL } },
-    /* 26 << 483 */
-    { { 0x586a5a4f92f845ffL,0x4181e8bf433b9969L,0x8ca665031bb30e35L,
-        0xddb8880029ef7c76L,0x91ec943993a91394L,0xa102438734acf11fL,
-        0xb31bab71e3a99420L,0x46671df0823803acL,0x0000000000000182L },
-      { 0x4311612323967817L,0x10bcc7e1d83add78L,0x5cb65ce01b4d7ea3L,
-        0xc204e7395fc7aacfL,0x138fd0eb0df86632L,0x5a7f3bf92920e7aeL,
-        0x323b55da74fb04a2L,0x87a1cd2dcf6b4579L,0x0000000000000105L } },
-    /* 27 << 483 */
-    { { 0x99426408c2095c41L,0x77924d94d2203699L,0x63282e3b8ad5282cL,
-        0x0e342f0a9c3dddd2L,0x0ab9c156579aa49dL,0xfd67a28d49baf18eL,
-        0x9dec1fc0f0ff38bcL,0x2120dfdf91e8bd79L,0x0000000000000038L },
-      { 0xc33a4e7791297f43L,0x90d0ca4fd1d21410L,0xf5e6111862b0ce45L,
-        0xc99e5063601631abL,0x3d22412ec894eb2cL,0x78ce86202ddc8d51L,
-        0x38961c0bdfc1a41aL,0x2b435857e1b449f2L,0x0000000000000190L } },
-    /* 28 << 483 */
-    { { 0x7df95a3c1b3f5cf1L,0x3b30e0f2ea0077fcL,0x733880b50aabcc34L,
-        0x2050bc2701193010L,0x2dd36def5c80fe3eL,0xf2e14b2be8e228d6L,
-        0xf13a348574802ebdL,0xf08bb1ef17f57cb1L,0x0000000000000087L },
-      { 0x4f81dad0a662456aL,0x8c645bb185f5b388L,0xa39acf0e19503f7aL,
-        0x214d1956d7530999L,0x2dfb62dec339d2aaL,0x9c54f1a27a04264aL,
-        0xde5e1fa9bb74e313L,0x3fb024216dcdac67L,0x00000000000000b0L } },
-    /* 29 << 483 */
-    { { 0x23b886a9393c3fe7L,0x7408b94f4b1b33b0L,0x01c0254af542525eL,
-        0x4ce60b318ddf1982L,0x97a6fee7ddee6485L,0xa2f7d7b2a99f2778L,
-        0xe685a50bbaa0ffe9L,0xbb82afef930aaf29L,0x00000000000000d2L },
-      { 0x32e878790644ee4eL,0xf736c70517d83725L,0x44c56e15b3b2e87aL,
-        0xd3eec9133baeb44dL,0xbc10fa0741ad6c2dL,0x26c8d0c696115e03L,
-        0x8d826950a411254cL,0xdde6af743abd2faaL,0x00000000000001bbL } },
-    /* 30 << 483 */
-    { { 0x28702dc496ab1d1bL,0x2dbd79460dc11ba4L,0x0956696b883faf9fL,
-        0xcdb23f5f227932d1L,0x34957d5e0de851edL,0x40065b9ed930f741L,
-        0x1be825122138d1e5L,0xb9f0d75934c7c9b7L,0x00000000000001e3L },
-      { 0xbaf4143b567ead92L,0x5eef3357fb9cc866L,0x4095892ccb122a8bL,
-        0xa3e50ae814b8aa9fL,0x72024c42376f6b0bL,0x6c63ee2ddae219e2L,
-        0xbba101782069c115L,0x3ba8834d7f96def1L,0x000000000000015dL } },
-    /* 31 << 483 */
-    { { 0x2f7beb7f56438c0cL,0x42a16fa2ab4f67d3L,0xbc8d85f6e40ce460L,
-        0x3428e0fb2f34378dL,0xea54de6ddc41a2f3L,0x5ccf4b0d17ba5e5aL,
-        0xe27843c9abf87924L,0xcf117ea6101dab80L,0x0000000000000082L },
-      { 0xc340c90e1e82611fL,0xb894452a8e4173a1L,0x9a4b787ab9afa27cL,
-        0x417736a5d0f14693L,0x5f1a49924ae95026L,0x1206bbd394734633L,
-        0x5dede89ad6f4a4c9L,0xb766440df1f24b1dL,0x00000000000001a6L } },
-    /* 32 << 483 */
-    { { 0x8dd33d1c66bc31a5L,0x80a074959d19c1c0L,0xda13c485e03a1ee5L,
-        0x316d85f968acfd38L,0x8617c80d0d9d6273L,0x6ddebb71f94d5f22L,
-        0x1c3452038efd0a44L,0x7ca0b4067b3746e3L,0x000000000000007bL },
-      { 0xbec7b15087436d56L,0x07cf1192a01f6c04L,0x047b37f6f73971b0L,
-        0x7e7d8b9b5ae1f9d4L,0x0e311b4fca1a9900L,0x5dc55f3d6a81fb38L,
-        0xe257401a2956af04L,0x90c2ad09f66ae95fL,0x000000000000016bL } },
-    /* 33 << 483 */
-    { { 0x6f3e5a621a735a98L,0xf17c344e4c0f9811L,0x0985657887068d99L,
-        0x3c9e47d0fdd2aac0L,0x9ef34869797f8a14L,0xbb27f6da4ee23bbfL,
-        0x51b7f59c213596cfL,0x60aed74c54a4b339L,0x000000000000012fL },
-      { 0xbc361782384a09baL,0x6fb5c273ea0b54d1L,0x41d2c9755423bc32L,
-        0x5938aef020a6d38dL,0x07e0841a132dc550L,0x0b8fe98196944602L,
-        0x77ce11d1eff12314L,0x13b30d3f01450ca9L,0x0000000000000127L } },
-    /* 34 << 483 */
-    { { 0x6167ce3b4c38b2f0L,0x78bfe46ccf1a74b9L,0x40519177b17eb1c4L,
-        0x5379831fa2ea88f5L,0xc7aa54520f90d032L,0x1b77f1a1b1ad4c9bL,
-        0x1456a598aa55a518L,0x638b62720114002aL,0x00000000000000afL },
-      { 0x2c04235caac99882L,0xbf34e8dd41d65ef0L,0x49e51a8c79af103bL,
-        0xce352f3a901a1a57L,0x00e123f6a49e5646L,0x351a25801d22efc8L,
-        0x883f53b385bbb439L,0x7ad4f5539780ce59L,0x00000000000000afL } },
-    /* 35 << 483 */
-    { { 0x317db0ef6b43f86dL,0x187e452ec376cdd6L,0x1ee31d29b1c17bc5L,
-        0xf0c4ae43e8a19f7bL,0x71525f553e9bc311L,0xe948de7a66d91aafL,
-        0x947a0c70638f5b34L,0x8affa837e7c40657L,0x00000000000000e6L },
-      { 0xc76f3535c3acf132L,0x6066128710d80c77L,0x55db52e39cfad0bfL,
-        0x9d65e598c72d88a7L,0xffe8b7d5a016cceaL,0x73cd6e7bfcc198bbL,
-        0x90142e63f7277c8aL,0x73d673ffedace584L,0x000000000000009eL } },
-    /* 36 << 483 */
-    { { 0xfa1c0bda6a639f04L,0x0d34fc8850a3c441L,0x0e2d322ad15965adL,
-        0x700433af853b1f5dL,0xce7454a25cafcb5aL,0x2201bc0473b16a2fL,
-        0xc178af49986e01feL,0x00383c44f4196a72L,0x00000000000000c1L },
-      { 0x26951af44027cbd8L,0x0a64b5bd58133d67L,0x55c70f8bf9edd0ebL,
-        0x43762ee7c4ebeb49L,0x5d5b9d8b33a6b1c1L,0x1446f8bcbdc002f1L,
-        0xab85db78ce19c7e4L,0x4daf43d163f0ad8eL,0x00000000000001b8L } },
-    /* 37 << 483 */
-    { { 0x3afd28b85d94ef9fL,0x81257a58c3177e20L,0x38dfaf6c65eb35a5L,
-        0xe6f3ef64288e980aL,0xb97158885cedaa77L,0xe99de3f8a7eb0cdbL,
-        0x81059e958eac3ddeL,0xf37c0a32c9c83c67L,0x00000000000001faL },
-      { 0x1823b2fcd4f70ceeL,0x57762228e9c5bd49L,0xa17f38348a42a86bL,
-        0x1cb50d437b41063aL,0x12a24600639b5b82L,0x70cead17dc2a9befL,
-        0x8604e4aa0bcaa435L,0x8425f4b68890b5c5L,0x0000000000000059L } },
-    /* 38 << 483 */
-    { { 0x9b9bed42938f1c9eL,0x3d20941e97fd1135L,0x441f7e6ef64abe42L,
-        0x1def7b3f0e07fdd7L,0xcc052cc7ba19fac0L,0xad9a823b94b5a3e5L,
-        0x76a1332af3b3bf6bL,0xe7f4dea925d8294bL,0x000000000000008bL },
-      { 0x1327bf2381bf2ae5L,0xda8af8f9c5ae36bcL,0x5a03be7b253aa57eL,
-        0x16c4d1e0d8673996L,0xdf37a5c5ade6c913L,0x326cea3193cd3c79L,
-        0xd5bfca3f8b2ce002L,0xde1ef94ad2966ee8L,0x000000000000016eL } },
-    /* 39 << 483 */
-    { { 0xe848a22c8a20f973L,0x7d4838938707d89dL,0x743e47af3a602f42L,
-        0xa793999ee80346e6L,0x70c2abb4072cf57dL,0x10de7dd0f254926cL,
-        0xac0465d0b3f05ba4L,0x37222ff549ebdf47L,0x00000000000000adL },
-      { 0x84a14bc688843ac5L,0x251de0ffa7cc807bL,0x81df07af0e43fdfdL,
-        0x6b799a7269b2f867L,0xa4a0f81fe9f40220L,0xa4d91dc17e0d6fbdL,
-        0xec9940f238cb4a33L,0xb802f2e17771ac3dL,0x00000000000000c4L } },
-    /* 40 << 483 */
-    { { 0x82fb9f71437c9b3cL,0x8f892941aa7bbbd8L,0x8c0f30acb4aef227L,
-        0xbcddb282afb0ffd0L,0xd6ac26bf9835b70cL,0x2a2483ff28422e87L,
-        0x3839a2cbbffd1ff1L,0xa3c660355b9cd379L,0x000000000000006bL },
-      { 0xe6dc8fb8e50a7d38L,0xdca90512836bfcc1L,0x7688a1b3e4e9ce06L,
-        0x1740f1a5f17e5457L,0x697380917ded4120L,0x33d97aa918814d34L,
-        0x530cfc7af7927f48L,0xe6d6c9ec929172b2L,0x00000000000001b0L } },
-    /* 41 << 483 */
-    { { 0x428216a6c2b89eaaL,0x80af7400c889421bL,0xdbf3e6d5ab483733L,
-        0xa174a26fc80b04a0L,0xf43d9f300a0a9600L,0xf6bc9b055a36c398L,
-        0xeec10bbaaecb2d9bL,0x4b6343a90db85b00L,0x000000000000019bL },
-      { 0x8f3b5dc05b69a5fbL,0xfe36ce3f962d1949L,0xb1ed23e1b901c965L,
-        0xa27d8354310d5c7aL,0x8d8cd709cf1c8261L,0xde318e922ec59425L,
-        0xcd74892887cdd65cL,0xd5000ab0cc3df271L,0x0000000000000145L } },
-    /* 42 << 483 */
-    { { 0x70d80c68accc8cddL,0xf18270444d36dae4L,0x1de1d63c5c1b23dcL,
-        0x3f692f0db6af112dL,0x90be5f8cd1627389L,0x269bcd96e3cb096eL,
-        0xdb3da141e52f7191L,0x020fd372236f6719L,0x0000000000000026L },
-      { 0x32d2aa912e6b5359L,0xc69d58b61355b897L,0x019f986593f03d9dL,
-        0xcd3ab51998cc76f4L,0x0a8d4dabe1f31d9bL,0x13fb607b605b601aL,
-        0x3412ab49d1b0a857L,0x9d4f6cc56a59c8e9L,0x0000000000000024L } },
-    /* 43 << 483 */
-    { { 0xa4ff17fb90aa8d12L,0x4b11676ffe3b60e5L,0x4b6736d5520b491eL,
-        0x111ed0242549df91L,0xcd9a9f14e120c6a2L,0xe9a1ab1a16e281bcL,
-        0xa8c787c8464e5043L,0x7b8ba81beb71f3faL,0x000000000000008aL },
-      { 0x9b0a74f9ee5f33f4L,0x1387695a7e5e34afL,0x378e761f008494b0L,
-        0xa9497876b556e962L,0xaa58debd121a018fL,0x97f52405a924e778L,
-        0x432f362dcd07aedfL,0xab22f4c6f814c3caL,0x00000000000001cfL } },
-    /* 44 << 483 */
-    { { 0x75a95d201ba19e5aL,0xc4ac280da7814129L,0x39d17e5a0053757dL,
-        0x8b5fe8f5c29a489eL,0x2616039717aace25L,0x561c8f439652ddaaL,
-        0x61822a50f5c95227L,0x072f8e5dc007cc38L,0x0000000000000152L },
-      { 0x9ff7313cc50fad23L,0x8092be14bb03aff1L,0x922d11fc480cb8dcL,
-        0x9c2524ddf22d2e95L,0x5b2ab1f4f8672817L,0xb77fe4669b52a810L,
-        0x09ad0883f510b41aL,0x302b7c261b4138d2L,0x000000000000013fL } },
-    /* 45 << 483 */
-    { { 0x18e8c1d2b312d646L,0x00e3253bceda36afL,0x45d2d5d0752540a0L,
-        0x87a38fc7a3d85d35L,0x2c3862aefd90f76cL,0x5af9307c79fe8ba8L,
-        0x35214c7c8d686649L,0xa7fba7f225ef82e4L,0x00000000000001faL },
-      { 0x66014ff18124515aL,0xde9da3353fced30cL,0xac96a6ac7f50e6ddL,
-        0x0f96e01a39abdad2L,0x67a39cb6b46bae57L,0x596edccd2fc272dfL,
-        0x4ebdfecfb15ca893L,0x3e5f5903e0b3c942L,0x000000000000006aL } },
-    /* 46 << 483 */
-    { { 0xb17ba42760f48d19L,0xa4ef46ab969dcc37L,0xee09b13a004629c2L,
-        0x7936d9b1947f6795L,0x7b0167f8ed153962L,0xb3dd551c1b18a245L,
-        0xb15372159f7517f8L,0x3f6cdd5d9f9aa1ebL,0x000000000000018eL },
-      { 0xf72f53d22ff0201cL,0xf072228ac9d861c2L,0xe35876de8febce56L,
-        0x5fc283033c8f7bffL,0xa12b0a81d2893b8bL,0x57ded7bde89263f6L,
-        0x81494bfcabb2822bL,0xdb399fa9f2c8ec57L,0x00000000000000dfL } },
-    /* 47 << 483 */
-    { { 0xaefa7fb0808cd5d5L,0xe80f21e484884ca0L,0x9d0486cfae65b5faL,
-        0x4b54c759e8168cc8L,0xfd1c1a068ddd9c6aL,0x8c04efb02a8d8bebL,
-        0x33d61fb78b5ab913L,0x4fafce55715f0cedL,0x00000000000000e6L },
-      { 0xb9c352f46c0d348fL,0xc60a94bb45bc984dL,0x9f743556605c71a8L,
-        0x176de676067997e0L,0x7ddd2aec7d72394cL,0x3de5a535411ef5c2L,
-        0x818a2fb45e052585L,0xadf2f7ea83ce38d1L,0x000000000000018bL } },
-    /* 48 << 483 */
-    { { 0x15f956694d4a5461L,0x56f1b9232775dac2L,0xa4f77a80b3028c01L,
-        0x4c7c09f84a216681L,0x1469e858444401beL,0x9bbe83c5f4fd909fL,
-        0x3f52c7eb914d3efdL,0x769e218db97ccb6dL,0x00000000000001b4L },
-      { 0xca757e3b80dd9fbcL,0x741fee50f5fe9f79L,0x8a7bb30cbab00224L,
-        0xa33bcefe4ec16137L,0x62d0604c2fdaf3e9L,0xad66f9f66d7376b3L,
-        0xca856f8d02c9ab0dL,0xaad774a6df87aa79L,0x00000000000000e3L } },
-    /* 49 << 483 */
-    { { 0xf446887e5b80ef17L,0xeef1494d936989d3L,0x6058c0405f82a6f1L,
-        0x6f97d2f5624c5294L,0x4772ad1a59e08502L,0x41ca4882993ec149L,
-        0x4890ef7309e3ec9eL,0xe1843ede041133feL,0x000000000000012bL },
-      { 0x42d78ebb7b2f37e1L,0xd130e9a18b4ea8c7L,0x002cc021fa9d9adbL,
-        0xf26e382454996fd5L,0x206eda2db4ee2ad9L,0x95e069ea3a1147e9L,
-        0x8f1ce0085798b869L,0x96f99e7fc24b7809L,0x0000000000000131L } },
-    /* 50 << 483 */
-    { { 0x74bc731aa521a2dfL,0x2a7dad589ca35915L,0x24ba1b555ce46968L,
-        0x1c00375723481711L,0xd1b381c6e1986244L,0xb2c4710846b9c4c0L,
-        0x11ef4e90a2ed3152L,0x4c1c7086f0863dafL,0x000000000000003eL },
-      { 0x795131fe66eb30a2L,0x0ea3589b94b68f85L,0xdc7e3fd070ef34d4L,
-        0x14a5499a44df4e9fL,0x9b340e60a69e2691L,0x91c5e50752f35777L,
-        0x7582716785c69903L,0x547f96ecd8536e21L,0x00000000000001a3L } },
-    /* 51 << 483 */
-    { { 0x96fe0761a501282dL,0x79bd2cbe04a97c94L,0xb2445622206c0bf9L,
-        0xfa2bd5260a8c8b82L,0xc22acd0c7aa2cd47L,0xd541785b67bd2672L,
-        0x5644081f97b909d2L,0x97ba1dd70779b879L,0x000000000000003dL },
-      { 0x3586ceff5a15e6adL,0x347005ce76b70d67L,0xafe431e24ae4b2b5L,
-        0x6de0cdb6183abbf0L,0xca058f19fb220de0L,0xb6284b1d1e1dbd82L,
-        0x81c3068ccde36a43L,0xf45a2d76aebf2615L,0x0000000000000197L } },
-    /* 52 << 483 */
-    { { 0x2fed71ab13191ef0L,0x4d093b4bcbc0201fL,0x04d6d7b64e54b64bL,
-        0x335641e3afaeeab7L,0x36a8bf03f565f906L,0xe0a1162706db040aL,
-        0xfa9564f345ce75e7L,0x62220cd0d1651390L,0x0000000000000172L },
-      { 0xb86f0816fe6efb3aL,0xbe06aa2752ca0a50L,0xfe5aff01ca6a34bcL,
-        0xf1d3f54920f73725L,0x16db75d8f822f3e8L,0x3aac55a586dea1b2L,
-        0xb4e6e8f2e6a3437cL,0xa8239de5f86343ecL,0x00000000000001bfL } },
-    /* 53 << 483 */
-    { { 0x8d18bf08a3bf7997L,0x391cf08b6fade171L,0x7991a05de5ca321cL,
-        0x23ece7ee451ce87eL,0xa6362e03a977f619L,0xade9302513907e13L,
-        0xd91cc1f52e2e9088L,0x44e5824df58e5620L,0x00000000000000baL },
-      { 0xf8e7816527b063b9L,0xbe43d2c36eb79697L,0xcf36bc31c97e543bL,
-        0xb2051af018cd43abL,0x9ed9341dcdd344e4L,0x30701b2957da9489L,
-        0xdad39c53f3b5d5ddL,0xa2116edac4c47541L,0x0000000000000047L } },
-    /* 54 << 483 */
-    { { 0xdeb91f90da9ab6daL,0xcb56bf2e406a3cd9L,0x58b62e487e8b0b3eL,
-        0x48b2605634436be3L,0xd6cbd675edbbccf2L,0x84ca877854f9a5d2L,
-        0xb63f26c8f06dc3e5L,0x9d447a727c79478bL,0x00000000000000c8L },
-      { 0xbe4c5f568720253cL,0xd4079cf2a66930ecL,0x262b2dd86742b311L,
-        0xf72c0a9437c98222L,0xb375cb9908db8f62L,0x034efaa36502ab48L,
-        0x2f679b5720420bffL,0x0834c67ae890bc7cL,0x00000000000000acL } },
-    /* 55 << 483 */
-    { { 0x2f056bb90280425eL,0xc045a362804b751fL,0x8267e19fb9b62232L,
-        0xd25162b3f6b83e5aL,0x4bd3f73c52872a79L,0xbea0f70e2c4d8454L,
-        0x93630251bdc7bb71L,0x62421c79d6eb5964L,0x0000000000000152L },
-      { 0xc6ef31326a4c9b1fL,0x10407eace4383f40L,0x40efa08cf6ba160aL,
-        0x61931947438f0e09L,0x083519fa2b79a0ccL,0x1323a71d85b17aafL,
-        0x3c745547b5841d46L,0xd3b26e8bb60d1f8fL,0x000000000000013cL } },
-    /* 56 << 483 */
-    { { 0xbc02d7b5a958b119L,0xa924be8546b327caL,0x5964c5e9b0a46409L,
-        0xac8450ca97d92118L,0x693b41b24e926688L,0x03099cabb8d094b0L,
-        0x02b779c117d76963L,0x92e5b73f8eb4ddc8L,0x00000000000000a8L },
-      { 0x36c561713f20d59dL,0x12f7a1815115b8b4L,0xf6e1be6845535c8dL,
-        0x7706701a41ec92d7L,0x7569d232e849b822L,0xf6adae238fe67de8L,
-        0xe43d347c6d2f8982L,0x734a8be36cc683e1L,0x00000000000000a0L } },
-    /* 57 << 483 */
-    { { 0x715334a7e1a910e1L,0xa92a800408ac113eL,0x8bb38d39d14c4a79L,
-        0xfbc37ee2a2f2932bL,0x3e57033229575dceL,0xeafb135a22021b9bL,
-        0x72efc8661066b3ebL,0x03b2dbf7b7719907L,0x000000000000014dL },
-      { 0x7e7331c7f6d4e630L,0x1e13582ade86bf74L,0x18907e4bc3b9eed0L,
-        0x79374dc6003080b7L,0xcbf4f614c62cd738L,0xccd41e459f20a97bL,
-        0x96f32f37ffcf7fc3L,0xd1e204949781c875L,0x0000000000000035L } },
-    /* 58 << 483 */
-    { { 0x9643c5266c6ea0b3L,0x4702ff43bd69bee2L,0x2670cb7e6cc182faL,
-        0xe98e50f972705286L,0xbec3b5a84fdd27e1L,0x72f1a20be3ef8bfcL,
-        0x918033ccd2ba4245L,0x0e41de68e1b00b7eL,0x0000000000000127L },
-      { 0xc0ed8187396b5808L,0xca20ef18132aab1aL,0xfbb1f99a81240c77L,
-        0x2e7e99c89dc5003dL,0xe0bf0f3d599c63d9L,0x5caf5b2cf267734aL,
-        0xa22e005dcd02332aL,0x4e905dc503980512L,0x0000000000000096L } },
-    /* 59 << 483 */
-    { { 0xd2169049caab35deL,0x6c5528742823e046L,0x9a79cc29108047a6L,
-        0x97bbf70d9d8ede4eL,0x977167668212110cL,0x33e99c39371101edL,
-        0x09d4af70ecaba866L,0x3d862acf46064375L,0x00000000000001acL },
-      { 0xac064f7c335c3c36L,0x6407ec11432968baL,0x440593247aaaddd5L,
-        0x3d2a9b26f25718f9L,0x03aa5c73ce3da559L,0x40154af74b8098cfL,
-        0x14ef244fc84d6eb4L,0xce11d75ca4fb0dffL,0x00000000000001a8L } },
-    /* 60 << 483 */
-    { { 0xdf396a64435e6567L,0x515561def1b4f6f0L,0xa2f3488c17f354c4L,
-        0xa93b55f2015e8c9fL,0xba4caa85f6e40c57L,0x540a0df42dc22395L,
-        0x09d3208e4d93e932L,0x53902eee0a578b7aL,0x0000000000000123L },
-      { 0x431a21ddaa811b87L,0xf7dfaa57e535f1f4L,0x76ec86761a516854L,
-        0x914cdc51a55047d5L,0x8ca17868e13643f4L,0x2e0d6bbe3507d525L,
-        0x614677534be4b04cL,0x66fa0a07d060337dL,0x00000000000000b0L } },
-    /* 61 << 483 */
-    { { 0x6d505ed813aee1c7L,0xadb253ecb510cac1L,0x799dc47e52df92e0L,
-        0xe4a6f8667e721b9cL,0xcc769496928e3833L,0x77f90f407b701ed8L,
-        0xad4605cb6c36f3d9L,0x396b31b5fd3dcf33L,0x0000000000000129L },
-      { 0x01a28e7ce5e1e93bL,0x72105a72947e6131L,0x1ced05353a4700e4L,
-        0x3a2868be782e5b4cL,0x4b8a224e7e1f4bf0L,0xc984bd6aeb002e28L,
-        0x75ff62558ae5757aL,0x573907a8f4b0f10eL,0x00000000000000a0L } },
-    /* 62 << 483 */
-    { { 0x7435bf81b0aba4d2L,0x2f9cf230a9304dc5L,0x8d2a2f7efef7bca2L,
-        0x6a7bc8be83196a5eL,0xf1307d2a3fc22eadL,0x40ec9e45e1063531L,
-        0x663d9867fefecd17L,0x0b271efb3c0bbb6bL,0x00000000000001c7L },
-      { 0x7c694979933db66bL,0x962d1c3acae9cbc9L,0xbbaa0d5b73298f99L,
-        0x950dde19bf0c7515L,0x3689529e6f23e672L,0xe9ba0a528e7c9720L,
-        0x98841855b3d3fb27L,0x9fb4812a1b62a7e0L,0x0000000000000026L } },
-    /* 63 << 483 */
-    { { 0xffc68ca0becea497L,0x67aad6d19361196bL,0xf73b3170f64ff2eeL,
-        0xd6cd04b308cf964eL,0x6f025d2f2af74054L,0x6a75708d110f5de6L,
-        0x459a54092f314ddbL,0x8b546498a68bdd6bL,0x0000000000000053L },
-      { 0x2ecc3c54d94ad9c3L,0xb4aa6c1674d8ee26L,0xab443dd9a6e38149L,
-        0x1fa9aa6983111140L,0x416ce37bb0d97e03L,0xb4058478f2437c90L,
-        0x8fca985139e81813L,0x0a0454b3c956b700L,0x00000000000000a4L } },
-    /* 64 << 483 */
-    { { 0xa949016c027effaaL,0xd4fb4288e691a213L,0xd18a53b17fcdfd96L,
-        0x6808bf4c0ce4cac9L,0x7e7dc551bed1f520L,0xb84f242f2db78ffeL,
-        0x7e6d15d34261fdbdL,0x836f8254a8ffc498L,0x00000000000000f0L },
-      { 0x029233daabe4e4f2L,0x9617f000d0327536L,0x444fdc65de62e889L,
-        0xf9170a9969512dc4L,0xa37edb8d4e765028L,0x7c003ad00852dc5dL,
-        0x628756447cdf14efL,0x87ae7bb59b509913L,0x00000000000000a5L } },
-    /* 0 << 490 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 490 */
-    { { 0x51199e42088a01d8L,0xa9c970190e6c6197L,0xcc8bba8aec9f00dfL,
-        0xdb0e728aa3534e0aL,0x4f130e04b74d62e5L,0x3e26abba0368bf53L,
-        0xf97571a599d4743fL,0x64863a87c7eb2500L,0x000000000000003aL },
-      { 0x0cbb2434a3d02698L,0x3c37545572eb32aeL,0xf8555f578806b951L,
-        0x11215434ce2dbe0aL,0xf0d7a7f00470fb38L,0xc4e0ad472707cb8eL,
-        0x4caef200c03c9c3eL,0x5ba3893846612de4L,0x00000000000001b2L } },
-    /* 2 << 490 */
-    { { 0x4f3c3bc3a1e703a9L,0x134edac80f4d9e8bL,0x55da5480fe4727cdL,
-        0xa8f98d584c37a7b2L,0x06bc173cc5f9592aL,0xd1f2103c5220ee93L,
-        0x956efef67acf01bbL,0x55746c426c878b89L,0x00000000000001a2L },
-      { 0x1927395435dd9b7bL,0xb81ef6482a61252bL,0x508f2cb818236f94L,
-        0x655ec86d31b04f92L,0xdc06ce6a381743aeL,0x46059e3637e92347L,
-        0x6dac815fbe6a29d8L,0x4b4fcf720b369888L,0x0000000000000181L } },
-    /* 3 << 490 */
-    { { 0xf8106d6fdb1a83c1L,0xc55816668a3b992fL,0x30be609761e65036L,
-        0xb7e260eded1ad38fL,0xe51ec351f98254fcL,0xfd1e301827f9210fL,
-        0xc209ab2533522612L,0xf68c7a487baaa1d8L,0x000000000000007cL },
-      { 0x6677dc5814fc9ff1L,0xe57b02bb6a95a729L,0xf520b6157618c694L,
-        0x61b4174f60b020afL,0xa0f2cb83185d0531L,0x647a5daa640f434cL,
-        0x1b1ea4352d853d74L,0x222ea56cd31bcdceL,0x00000000000001bdL } },
-    /* 4 << 490 */
-    { { 0x6106402972e2518aL,0xfacd33fa7b5fbfc1L,0xd50f77717632ad67L,
-        0xba8688071f0d2282L,0xacacd91104d90803L,0xf94b3e0f51496ee8L,
-        0xfb8a5406ece3c365L,0x96f5c5e7620400f2L,0x0000000000000109L },
-      { 0x7389f3dd36988cbaL,0x4ab5c460762ca5f4L,0x9b96cf82b5cf8989L,
-        0x2ffa0db5158a4c79L,0xb5821b1a3a3d24f4L,0x17771cb7f8c464d0L,
-        0x9ffd764662c59a09L,0x0eefa35fdc162385L,0x00000000000001e1L } },
-    /* 5 << 490 */
-    { { 0x020e0b3723563c41L,0x51cb4e065011a829L,0xd4ce6fbaac22f4c8L,
-        0x953bdb3db2415370L,0x316a668da8bbc065L,0x6b97ad5dee418011L,
-        0xc595b7d16c4bab89L,0xd5a5e27163504ba4L,0x0000000000000104L },
-      { 0x9325755d1808ab7cL,0x89bae8ad5bc9c781L,0x690f475bbe6cfdb1L,
-        0x12c3ce21a07a4c3fL,0xf71a959da04a872fL,0xcf877db397297763L,
-        0xc7549bfa18e0c680L,0x98e9a6092fc07c3cL,0x000000000000001eL } },
-    /* 6 << 490 */
-    { { 0x9a672f1d10413087L,0x411e1e5bf1f3ff42L,0xe82c5986273d35f7L,
-        0x92e879a6b685dbadL,0xdecbf5453ddb51bbL,0x9ff90e3a39eec3d5L,
-        0x08a257ea40810789L,0x62bf063097c15f38L,0x00000000000000a0L },
-      { 0xadbc2699525f4599L,0x431b2afdef56cc0eL,0xbbf0c5497df748d6L,
-        0xf68f2e050031a3d8L,0x30e5621f74d09f61L,0xfac58606bf9b7376L,
-        0x83216950be2ea8e4L,0xf039db24af8340a5L,0x0000000000000187L } },
-    /* 7 << 490 */
-    { { 0x741ab54678b66b18L,0x1c5f59b4e9fa653aL,0x9e0085be4e2c1d9eL,
-        0x69c5ed9c89b83f53L,0xee80d5102b74ebf3L,0xf1ac08ba53fdaee3L,
-        0x89551a3689f58574L,0x55298a412d97b54aL,0x000000000000000bL },
-      { 0xc12b2160a54c169eL,0x557ac5fad1ba765dL,0x8fc94a99af6d1ff0L,
-        0x01ffeb4f50587c6eL,0x030b43f838ef4acbL,0x0f9f1e53091d7b0fL,
-        0x2a6e11c6edd00a6aL,0x6a611260fa85f47aL,0x00000000000000a8L } },
-    /* 8 << 490 */
-    { { 0xfa050bbd035b25a2L,0x2a14076e36ee92fbL,0x3e95a7eb2f514218L,
-        0x8a67615dea3b77d3L,0xe2764f071da9263eL,0x47bbf1ff92b51d79L,
-        0x82cd065659df9eacL,0xc80bb0f05e020e6fL,0x00000000000000b2L },
-      { 0x7dac49e7a7560919L,0x7238fa6ec82b9da0L,0x3ffcf645ff7cacecL,
-        0x72087198be9302ceL,0x13094b5c513ba920L,0x8cca51f343eb77deL,
-        0xeffe0e7d60b89283L,0x036368bfdf9075deL,0x000000000000019dL } },
-    /* 9 << 490 */
-    { { 0xae445f227b4593b8L,0xef35356ad4842ce6L,0x2db43c86bf3bac89L,
-        0x414690ed7dc182c6L,0x84a514a50ae14289L,0x5ecc2b3c805b103fL,
-        0x0bd5f847fad21f5bL,0xee1dd686b358a036L,0x0000000000000000L },
-      { 0x22052b302fee1645L,0x84910ab0d993b563L,0x58431b24c62691faL,
-        0x0d573a5ad696d720L,0xdf3b69ed9c571a76L,0xef2bdca8814c3185L,
-        0x35e2a1ce22a6530dL,0xc3d59a8c72873a48L,0x000000000000013aL } },
-    /* 10 << 490 */
-    { { 0xea12baba36c07770L,0x7149b07d7aa338dcL,0x7dd392b45d156c18L,
-        0x84a12f7cc4365ee0L,0xb44e45db4084be8cL,0x5d54b2fd5fe57a77L,
-        0x302ac5bb71c43590L,0xe66a79c59fde373eL,0x0000000000000134L },
-      { 0x2bfd7beab5bca463L,0x928522e5980a8823L,0x00a2c869b924694aL,
-        0xdd8a185649d07554L,0x16b0b4c34cec885cL,0x37f1fc54599c8460L,
-        0x7d27418a7d607e4aL,0x8fb68d5ebd28f94aL,0x000000000000004cL } },
-    /* 11 << 490 */
-    { { 0x9f19c16c46720d7aL,0xf378e65e2c7603f1L,0x4767d22438b49a6fL,
-        0x54745d098b03e0e9L,0x4b04b342d735cda5L,0x4f2b0ea305c600f4L,
-        0xa951a8762c6442daL,0x306df593775e0120L,0x0000000000000114L },
-      { 0x626a917bf58d9acaL,0xcb451ec176b10f78L,0x93da7a771559c731L,
-        0x7fbec23ebbdac761L,0x5fdd3a75a36dfd28L,0xbf715077d53ec252L,
-        0x0b7d2f675fe204ecL,0xe2d696507278bc38L,0x0000000000000008L } },
-    /* 12 << 490 */
-    { { 0x2ff0f1cbea39d3beL,0xa756a96ec7f3195bL,0x1dfbdedfdeb42713L,
-        0x7cb9e1be4a87567aL,0x64541aa30d2cec73L,0x8eec22690a0327b0L,
-        0x967b1bc10c157f20L,0x2a6f1a402d8969e0L,0x0000000000000181L },
-      { 0x42547f4cc471c0cbL,0xb990b1a2815ef0f1L,0x672398cbfbc29aabL,
-        0xfb7e649b104ac38fL,0xf0ba1354e9cf1e5aL,0xb0c191da2cd48a07L,
-        0x1fc70fcdb41854f5L,0xf11295462504091bL,0x0000000000000195L } },
-    /* 13 << 490 */
-    { { 0xac46f9b5cb50100dL,0x515da1b65497f79aL,0x5e5cd6053fdc142cL,
-        0x40b22f9fd29696b7L,0x6f54de30d431a575L,0xf031047cc22eccdfL,
-        0xb93ab0eb3686ff2fL,0x2916ce36d93d864bL,0x0000000000000060L },
-      { 0x09309e3b78bcbe2dL,0xedaa63647012435cL,0xadca8f2837274001L,
-        0xaf2ddf5fb46f8b32L,0x1cee73d6478e7979L,0x76de95d86428aba3L,
-        0x13e5f39308dd313eL,0xcff92fc04cf616f8L,0x00000000000001b5L } },
-    /* 14 << 490 */
-    { { 0x3546089d84333088L,0x60abe80c5c2a72d2L,0x1c1c8e6a1698cfadL,
-        0xcd2fcdddc6364862L,0x858e2049539275c2L,0xf238daa1d1452d8eL,
-        0x6c50daa23fe94cbeL,0xebaf801da026f28aL,0x00000000000001f5L },
-      { 0x28bdb6603bf45e6dL,0x44465513fedab00eL,0x0a86e5a08f0bf163L,
-        0x6d14d86fc43eca4fL,0x0c6eaaad4aebdd05L,0xb974e68bd4a58166L,
-        0x7208623eb468b01cL,0x56cf14ab87826367L,0x000000000000009aL } },
-    /* 15 << 490 */
-    { { 0x51531ee8e746180bL,0x43121900720c9cb4L,0x2e2dd6ab3e0d0ed3L,
-        0xd8c964b4d1bb19beL,0x693688ccbf410642L,0x5cc38a4f81ef0113L,
-        0xe4564abcafc1e72aL,0xdf8f203c9c2ebf93L,0x0000000000000099L },
-      { 0xea13eb46763e5b3bL,0x945069aa4cc61cddL,0x3758dc5ce40e7f01L,
-        0x7ec20717b8a812aaL,0xbc5492e988dd7752L,0x993eb9cc2d7336f1L,
-        0xe10cbab49e4ff77aL,0xd4ca5b63e32f8934L,0x0000000000000197L } },
-    /* 16 << 490 */
-    { { 0xb8a3f6bda1bd56ccL,0x3b8f16bd2e598d13L,0x304cd218dc92bf6dL,
-        0xec30d12dac0b947eL,0xf7fa65eccf12510bL,0x9c45d10c7f2df1dbL,
-        0xaf49aac9cc89cbbdL,0x7771c58aa3936ff0L,0x0000000000000141L },
-      { 0x486b202acd4e00aaL,0xd4ce59c3e9cc0cffL,0xdc299e6110dcc4f2L,
-        0x64f83481559569cbL,0x005fda65297ad136L,0x929eb2207cad3258L,
-        0xfd85773d62647bf0L,0x776fbaff177af6a3L,0x00000000000001a4L } },
-    /* 17 << 490 */
-    { { 0xe79e46cd5fc30347L,0x674285a267e94f51L,0xd31d7d420c5dd942L,
-        0x7172dd7f3a511c36L,0x765b80b7db09bf5cL,0x5c13a3197e80a403L,
-        0xbc4af3e874c08746L,0xe103ca58fd80a7f5L,0x0000000000000025L },
-      { 0x8ca87d3999ca3f40L,0x9db2fd4e540cb22dL,0x757103a3d792fc7eL,
-        0xffe2bc304dd1afbcL,0x9d12a8273ed96ed3L,0x2e3ce176b658113cL,
-        0x95938a67fc9f6e7fL,0x9794212ca41fb2ddL,0x00000000000001d4L } },
-    /* 18 << 490 */
-    { { 0xd361033049be3163L,0xa62047a34d55201bL,0x6a4e87786f886ff0L,
-        0x604ce4c96b10def2L,0x786a6da1db90c42dL,0xb8d75e55c29e737cL,
-        0x1c19c2d0b9a6bf51L,0xe444d64f8fc3a7a8L,0x00000000000000d4L },
-      { 0x7853870ac196ee6eL,0x1be278b5c127bc47L,0xdcb5a00c50ac1962L,
-        0x37bd8ee5ff0e97bcL,0x88847dbd1907b331L,0x66c67e868ec11029L,
-        0x0e664bb33a23b51dL,0x3b9552ac67489da6L,0x0000000000000185L } },
-    /* 19 << 490 */
-    { { 0xb21548262e25f5c0L,0xd2ec6bc2992d921eL,0x2dc4a7a869093ae0L,
-        0xfa7d331b63a7e7daL,0x625d366c96e835f2L,0x796cd894f83cce59L,
-        0x296bd295152b78f7L,0xaa68fb2b0807b951L,0x0000000000000150L },
-      { 0x7f6be3866d0cd79dL,0x04e17e832b100dc2L,0x34edaf1a36c37de2L,
-        0xaee7d6ac66758307L,0x0cd64d977e13f95dL,0x94ec5730a07f1e19L,
-        0x5bd6888ac4aa4311L,0xc81682ecfd0c4555L,0x00000000000000b1L } },
-    /* 20 << 490 */
-    { { 0x49082b82f794bfedL,0x090ad58da7508ba4L,0x016c6c61abf36de8L,
-        0x69744e76c17d97e8L,0x64ba471f5087cce7L,0x45bac2bbf3fd22daL,
-        0x1bbc08f0e8f6671eL,0x6e45905d268427beL,0x000000000000007cL },
-      { 0xfdc632d4d810ab70L,0x2d68f73cf9546668L,0xf506ef8b178148abL,
-        0x95db78df162c23c7L,0x4df86cb933dbae55L,0xe47825b77d81edc1L,
-        0xbe78419056e1496eL,0xd707fa3a48f497ecL,0x0000000000000008L } },
-    /* 21 << 490 */
-    { { 0x02255e039c52c74fL,0x9d3fcbd7f200eb00L,0x16aa73a9acbf4abbL,
-        0x70e1ca461687653aL,0x2756e86c3bab9f5aL,0x4443f19c6e3180d7L,
-        0xf6da43fedebf5b52L,0x8c4901ec7788d048L,0x0000000000000172L },
-      { 0xb9d9e5d51277636aL,0x0277a4d11a31a1f7L,0x5f4b0a7c948ccda6L,
-        0x1548a1eb9a6c4ddeL,0x8ccec5bceb7e26b2L,0x955a00b8ae69a2f1L,
-        0x4cf07abc10fc1875L,0xebcffdabf4395ff8L,0x000000000000013fL } },
-    /* 22 << 490 */
-    { { 0xac56388e6483d8a4L,0xfdfe4569e227c038L,0x450294e22eb72fabL,
-        0x88409dce0fe1329bL,0x29fcce43fe7f2e69L,0xde4876f54b1a398eL,
-        0x3801bc1a201ae634L,0x0fb643e1c7b52ec9L,0x0000000000000126L },
-      { 0xa11b43e67ca49857L,0x23d4c95c7a771e14L,0xbe8fcfac9bae2b51L,
-        0x777f2e78be5a50fcL,0xb8cb4c6fcb75d302L,0x270687f1d494af8dL,
-        0xb2c986981e494043L,0x2b6e60e78a8179f4L,0x00000000000000b0L } },
-    /* 23 << 490 */
-    { { 0xe6bdf3b488959264L,0x5542a7fd644ce746L,0x63ab33f2dce11936L,
-        0x3553de8e474efdefL,0x8af61691c83e85a7L,0xc884742bd56fe2c5L,
-        0x3f040aca37f03427L,0xb60c9b41263319d9L,0x00000000000001daL },
-      { 0x2c57b645883caaf9L,0xcf22170bd9ae6a66L,0xd9df329915b5c403L,
-        0x9a8e8a4aa5c81461L,0x48a6ea41145a6d0dL,0x82539f6ad425ace1L,
-        0x79d9a233ad3a89f9L,0xc7f8856bdc08a1e9L,0x00000000000000b4L } },
-    /* 24 << 490 */
-    { { 0xc2ec5aee77528da4L,0x3c8c6f50b12e7da5L,0xe36d0b4775e8fd04L,
-        0x49affce87e0189c5L,0x2c23922de166e234L,0x44f5033a7e52c62fL,
-        0x1d3b1a480e1dd67dL,0xc530693580ff9f3aL,0x000000000000012fL },
-      { 0xfacfb18bf94695a9L,0xda2ea3903a8c9298L,0xf8a29d06b18c310aL,
-        0x10bee839046bd445L,0xa78643a0094093bcL,0x77cd1796a2c10fcaL,
-        0x5fcfed6a5ac6c799L,0x8331b5b782907caeL,0x00000000000000a7L } },
-    /* 25 << 490 */
-    { { 0x782b00c9ff08cd68L,0x3bebf3ecb5c82844L,0x0db519c634fbe0edL,
-        0xc6d0b96b80968dd2L,0xca8a16449fd14732L,0xdbc7ba82770939aaL,
-        0x57b96f47947233f8L,0x94cc0ccd686cb7d3L,0x0000000000000092L },
-      { 0xa1ec820aaecee40fL,0x81fee315a9e2e645L,0x4794883f242620acL,
-        0x68adbdd9890be143L,0x1dceec7b76458c1dL,0x90737afab7c270a6L,
-        0x640520d1c504fec9L,0x7db9a04721283767L,0x000000000000014dL } },
-    /* 26 << 490 */
-    { { 0xdc7ea260fb335eecL,0xf4fb771645e4162fL,0x83083490caf2fe89L,
-        0x236f08720175995cL,0x36111ad435504affL,0x0071b03ff342248aL,
-        0xafa645143c794f89L,0x81caa96447a160d2L,0x00000000000000e1L },
-      { 0x3dbacd20ac902e52L,0xf65e2a91a533f9c5L,0x6cb5952b31b56177L,
-        0xb9d864204aed174bL,0xdad31e286f481fd0L,0x47018a784b45b876L,
-        0x2de43a62934e6063L,0x8893fc2e48f73becL,0x000000000000018bL } },
-    /* 27 << 490 */
-    { { 0xf3a63c14bdae5604L,0xe11ed2086d3e10efL,0x10639e5e6021fbffL,
-        0x6b6f4e5d76c3b6f2L,0x153e9ad8ae20d93dL,0xa0d205d3a3c51052L,
-        0x84802526d77f38d5L,0xd14890d7bf780614L,0x00000000000001c3L },
-      { 0x9aa8671588be4774L,0xa877900f0edbc5e3L,0x1106cd8a0231c6c9L,
-        0x2a08b3dc26146217L,0xa98a1202f7041571L,0x2352cf2fec9e24dfL,
-        0x990d2feb89c59932L,0xaca88d14d00fbc45L,0x00000000000001b9L } },
-    /* 28 << 490 */
-    { { 0x9a9d1b1914198957L,0x09272b36b8b27468L,0xa8adb29478d8695eL,
-        0xb2a77ef928e6b551L,0xb92c59a171983bbdL,0xae27218037661116L,
-        0x8aedb3dd9058858fL,0x2ea5bebd716b7a4dL,0x0000000000000188L },
-      { 0x43bcd03eb534ac3fL,0x0a3a64298d025a80L,0x3e6a0674dcaa5ea0L,
-        0xa0b446922a7bed53L,0x962c45437d1d2fdcL,0x4651ccf2e3ec4a2cL,
-        0xaa08f169a883b3f8L,0xbcd939e4513a5d60L,0x00000000000001b8L } },
-    /* 29 << 490 */
-    { { 0x3ebb07d66165d930L,0x8e91d5450ae51c2eL,0x3583819e644fcafcL,
-        0xa50fc18d091544e9L,0xc0d83ac6d906526bL,0x8dda11369adafa5eL,
-        0x641ec76d47b69511L,0x4a8c8b3c9b78be9bL,0x00000000000001d4L },
-      { 0x9bf7a595b578fba5L,0xd19f5d5b35363b48L,0x59ffc205b60d4397L,
-        0x566d5dc8405a1ad8L,0x6fefa0d077eb44b3L,0xe541d6ce224d90b8L,
-        0x2ed4482e17f7feb9L,0x7f19a002fa2bcbbcL,0x0000000000000027L } },
-    /* 30 << 490 */
-    { { 0x547c70b4548ca6d2L,0xd6a7a51ebce5664dL,0x92e8ccd00472cd19L,
-        0xbb32b3050441f3e0L,0x9ba8b75a17a40be2L,0x544c456d08adeea8L,
-        0x37972d606ad0417aL,0x812b7c83d87711afL,0x00000000000000f2L },
-      { 0xdc0584d5f57681f0L,0x4a450ce001727532L,0xbeeb07d401eb264eL,
-        0x0d6b72c444f15915L,0xebf41a6f2ce8922fL,0xf342d770f71b84a9L,
-        0x45e38af44fa730c9L,0xc65be7b2ae916caeL,0x0000000000000168L } },
-    /* 31 << 490 */
-    { { 0x346422ccd8be3ef4L,0x78e55bbd6b6397c3L,0x1122c7c23eb94d9fL,
-        0xe335c88d6ebd1011L,0x5d69022902d6a508L,0x32404617bae4b52eL,
-        0x4105738dbe1bbbf4L,0x4633d69992bb6653L,0x000000000000007fL },
-      { 0xecdb3d91f642459dL,0xda072b00b406bec3L,0x15c08fda4b06ff3bL,
-        0x8a66e8cdafcfb908L,0x4f142a2cb4892aabL,0xf6c64b9220d47b2bL,
-        0xfdf4c62737194064L,0xd8ab8881d881142aL,0x00000000000000bcL } },
-    /* 32 << 490 */
-    { { 0xaf9bf352b2648196L,0x00a9569d042fe760L,0x43854e69b9d94444L,
-        0xa01a26456e3392b7L,0x43d8ae3686c0702cL,0xb658edeedd0f9617L,
-        0x0676b0ef8b270ab3L,0x71ceba8f02072f7cL,0x00000000000001daL },
-      { 0xaf1b398d4d9bc7bbL,0xe6f033c930e4a71eL,0x38919b421c8d3fd5L,
-        0x4dca8a1f31065bb9L,0xba5a637e0bd4bea3L,0x30f886eb9a42d432L,
-        0x1e7c0fa3000fcd13L,0x9dffac1d7299786bL,0x00000000000000daL } },
-    /* 33 << 490 */
-    { { 0x9c6981caa81142f7L,0xfda7dbd4fd156b03L,0xb55db395f9ad1b37L,
-        0xd7614d623bc530f7L,0x0cdae9d22c905663L,0xbf9d97cec181cc24L,
-        0x84e1995a0462b7d2L,0x02eb429532ed0544L,0x000000000000016dL },
-      { 0x37f3da4c8f85488bL,0xdd74c11700010fdfL,0xd73da972faa1b459L,
-        0xcfa6099fc4fee2aaL,0x831e38705c0b914aL,0x0c7e3a8fd4a13005L,
-        0x4b0c86e03a3d633cL,0x9c104f0720231bfaL,0x00000000000001d1L } },
-    /* 34 << 490 */
-    { { 0x2c6420ccdc38445bL,0xf8636ca67fa9a5cdL,0x4222168ede7cafe0L,
-        0xbf9f6254f0e34b77L,0xdfcc8d0688f9e0ecL,0x06d3252d988e02aeL,
-        0x56557b2ce3609068L,0xc4d157a4b96068e1L,0x0000000000000032L },
-      { 0xf1135648cf72d12fL,0x37e911e5811b868cL,0x2cb5772f4b7bcabbL,
-        0xddf409b0c02c026aL,0xdfcb7373a6c344d6L,0x2b71c0dedf718cfeL,
-        0x8107675ff9043a2bL,0xc4cdb35c04f0f193L,0x00000000000000d0L } },
-    /* 35 << 490 */
-    { { 0x677701ccd5a7e191L,0xab23235dd26500eeL,0x0802b5f4f83e8885L,
-        0x0113e7f2072026edL,0x343f785ff5757027L,0xcf49e2e57b6406ecL,
-        0x5fe76f7dd846655aL,0x13a05fec06dd0b73L,0x00000000000001c9L },
-      { 0x3ced3cbe8b640e13L,0x945068dbd6b72e95L,0x2181cee07981bb0aL,
-        0xdf3fb0d3fe9aca7fL,0x4b29a06f1a49a253L,0x4f29456252436f51L,
-        0x50798afd75f5ae8eL,0xeb4fb55d4b0e21c9L,0x00000000000001cfL } },
-    /* 36 << 490 */
-    { { 0x35900c17f31f03e4L,0xd46ab57ecacb20d0L,0x346e2e7d1f2ec957L,
-        0xcc002ceded3e9556L,0x34af851dd2729afcL,0x38f4c7007ef8ad10L,
-        0x9383b41e2514f43aL,0x41f5a0c43156a417L,0x00000000000000c9L },
-      { 0x0430eb170573cf6eL,0x75cc52b227b7f3d0L,0xa0306601a0c813bdL,
-        0x202894d4bf1a5bc9L,0xaa87196d9ce7d613L,0x23a3fb14644485acL,
-        0x5d9b9f3ae9854099L,0x76d3383791c4b3daL,0x000000000000007bL } },
-    /* 37 << 490 */
-    { { 0x7be352469c44d309L,0x864ae27e8f4e2484L,0x9f457a4f3af5a594L,
-        0xf215103c858aec93L,0x792d6a3f138244e1L,0x6bb16e51920ab210L,
-        0x2560020ece573467L,0x2d6e20b5bc565058L,0x000000000000011dL },
-      { 0x429c2f1cb8826bb4L,0xfb092daa14d953aeL,0x70d6a39a9ea3076bL,
-        0x8bbad6153bc68687L,0x1f429219a3f6d0b1L,0xe335739bd50a3ca8L,
-        0xfb76e216b8f25500L,0x55e606b970172ee4L,0x000000000000009eL } },
-    /* 38 << 490 */
-    { { 0xfbdc60f37bf5b26cL,0xe42fed785e165d3dL,0x8eae9ace8103041eL,
-        0x68c8d798e97cbf71L,0x4d7dc5156fbd8c5aL,0xa047cf13f473bce5L,
-        0xc7e18565a71c679cL,0x12c321ccfaae7237L,0x00000000000000daL },
-      { 0x896bf0d3e357c359L,0xb05051dcd83f4e44L,0x2cacb7bf71a73589L,
-        0x7418b85011c1aa4eL,0xf5780ebd98f16d37L,0x01ea234502b2e8acL,
-        0xc4210ee8ca205ac8L,0x4e166dcb055d8862L,0x0000000000000077L } },
-    /* 39 << 490 */
-    { { 0x4926e24e5b63b15eL,0xfb0ad1e7ccca4dc5L,0x13c006d3529ecf40L,
-        0x03ef68cb6fd4c202L,0x56267eb15fce340aL,0x116fb062ca544956L,
-        0xc318e26a69799c4fL,0xe700e63ac7b0e582L,0x00000000000001cdL },
-      { 0x492f4fc30a8acdc6L,0x58dbc159ca8e09a4L,0x837eff9405a42e25L,
-        0x2ab5849271b0ae77L,0xbbc2c2541b9eae08L,0xf7ce5295b6fd5969L,
-        0x7358028beaee4711L,0xb2b7233552b004d5L,0x0000000000000046L } },
-    /* 40 << 490 */
-    { { 0x295b183393dc69c5L,0x8eb4b6ab3c37e07aL,0xa6e07d0f04408713L,
-        0x2cc845f2c69254d1L,0x93f7aee14396112eL,0x44c963cc55c306dbL,
-        0x7e18cecdd5eab009L,0x4397a27ff9a2c2d3L,0x00000000000001e2L },
-      { 0xadb5af020031c31dL,0xe273ade87aa7656bL,0x3c97406a8cf07d6cL,
-        0x348d729e460e4aafL,0xae24daeeb2373a39L,0xef275cb1b3b2264aL,
-        0x947252cfed43148eL,0x4237243e33c44033L,0x0000000000000105L } },
-    /* 41 << 490 */
-    { { 0x6a9270fdb51c81c3L,0xd9e2b1e12e4b9a01L,0x303aa12d63918a66L,
-        0xf5128af5ef62e4c4L,0x91518d003bdbfe66L,0xe877b72a2e705e37L,
-        0x5825aef41e608e82L,0xdb47715ea274cdfbL,0x00000000000000bcL },
-      { 0x8e760b7fbc4f794aL,0xfed90cdb13aa043bL,0x2e34fab55f258013L,
-        0xba455f09e6282952L,0xb2a41de10be69b3fL,0x6a1d3f45312ba3f5L,
-        0xd92e0895e78874c2L,0x77439f3ab99cb460L,0x00000000000001c5L } },
-    /* 42 << 490 */
-    { { 0xad16ea1a15f7f16eL,0x7536eaeaf0d41825L,0xc8db9cb5e341f9caL,
-        0x4f565eb5627278b9L,0x2016945238adfec5L,0x754261a91855a678L,
-        0x8b8e9eb9b6341562L,0x55119faaecb6f837L,0x00000000000000aeL },
-      { 0x06bd4c7f758c138bL,0x859730874ae4e99dL,0xfeb70bbc6eba9b30L,
-        0xb5e394a4d593b54eL,0xc54ceab4e18068aeL,0xd9d13043702dad7eL,
-        0xa822afc22d6a1621L,0xebce87fe99b2c7edL,0x0000000000000057L } },
-    /* 43 << 490 */
-    { { 0x210636ee6e2f194eL,0x653d19cccd3aa630L,0x1211c87bc72f054cL,
-        0xaadb7dd07de52f23L,0x3ac4892a014a9826L,0xfc871d728c3dfe32L,
-        0x453434ea1acc75ebL,0x15668e025611b7a1L,0x0000000000000060L },
-      { 0x1e4c1d7254f88188L,0x06891c05992e686cL,0xb8b93008914cae00L,
-        0x2e1a4ca56e494b72L,0x63a4fdaa50f56be5L,0x9059e7c4b2d616c6L,
-        0x586aee6d4bda7608L,0x90428414735778caL,0x00000000000001f1L } },
-    /* 44 << 490 */
-    { { 0x3aedec9f37932307L,0xc90ba7cc3c278c5cL,0x2172d22004be1c8aL,
-        0x9d9943b37ce8e3f3L,0xbfec2077211548bcL,0x938e1d2f1d011ee4L,
-        0xac9bb9d5f14f2246L,0x44152b2dad89a636L,0x0000000000000182L },
-      { 0xee7da6c1c7e6c8a8L,0x3c6d8dbf61fd9a43L,0xbf8daaec74a9c52fL,
-        0xf71e888e9bfad08dL,0xb16028e58aad6006L,0x203343ca89a9ef88L,
-        0xb218490db9b624adL,0x8b7ba480d01f5fa5L,0x00000000000000e0L } },
-    /* 45 << 490 */
-    { { 0x36196133272975fbL,0x01384c75cb6a974aL,0x7fa975c36340a057L,
-        0xc24df57784a3583dL,0x2da75192bb84c62cL,0xf1f3a70b14579cf1L,
-        0xd50474daa2e588a4L,0x4aabd6d26f1e9de5L,0x000000000000018cL },
-      { 0x76e60ea6fab24b05L,0xf42bbbd2df7d817eL,0x3520cef607b34b07L,
-        0x2def153d9996c9c2L,0x179dce6195252be7L,0x34a49977959fb4f2L,
-        0xbb05b0c6414e4630L,0x582b85ee8e51ba0bL,0x000000000000010aL } },
-    /* 46 << 490 */
-    { { 0xb3f85e6bdcb0257fL,0x9f7c94610db3ae5aL,0xd1309e33f7db50ceL,
-        0xe6be4681d69ff6cdL,0xabcfb97f45b3e25cL,0x611bde5acf2cbfa2L,
-        0xcbebd63d8a0ee819L,0x84f589922a881952L,0x00000000000001daL },
-      { 0x375d99a15eafd5b1L,0x1624edfd343c8399L,0xcb922ca0486cb49eL,
-        0xda5bf79afb059ddbL,0xfbd112db909e0533L,0xe45142308e9322c1L,
-        0x4e4484879fe403eaL,0x90fa5474a20f933bL,0x0000000000000148L } },
-    /* 47 << 490 */
-    { { 0x2f0d4c3b48d8f2cfL,0xe7c0c77e31ac3990L,0x8ecc391aaa04fe9cL,
-        0x6de447a596d400f8L,0x1e4e295ef1a240d8L,0x68850f917621d6d9L,
-        0x56018d58316c4b1fL,0x814b364b00c15d95L,0x00000000000001acL },
-      { 0x5bef4d63f3de314fL,0x396301ec89c3021cL,0x248f51e95efc1e80L,
-        0x1e9acc4af7b3209fL,0x17094679973357c4L,0x7ce6f1b39506621eL,
-        0x564fd1c1b2bdc480L,0x574423eb3a4c1975L,0x0000000000000177L } },
-    /* 48 << 490 */
-    { { 0x7078a5f8c793fc62L,0x5ed9d1d57dfa971bL,0xe1f701b4a25cdee9L,
-        0x362b88524b57f87eL,0x2448012320869233L,0x025ff4771481f116L,
-        0x3ca9f2f68a6275deL,0x562666c7da246190L,0x0000000000000086L },
-      { 0xb5cb110004d25dafL,0xc869f7b3748d3d45L,0xa68f07320c847ab3L,
-        0xe03e1ae202c1d0a9L,0xb4f46c5ec2a80ef6L,0x79b46f90606e1371L,
-        0x0bc1f2a0a728979aL,0x9e8f17833037fe72L,0x00000000000001a1L } },
-    /* 49 << 490 */
-    { { 0x92c876eaba57a5ecL,0x91b9ccc35f0a0aaaL,0x6a208e24040313faL,
-        0xbac2e28d87983b26L,0x5956ba23851ee137L,0x6efec8e850c067c9L,
-        0x7bd5118ae2dc92d8L,0xc88977760dd4481fL,0x000000000000002eL },
-      { 0x170d9e4bebf66902L,0x7dc58ca4351c94c8L,0xf0338c8a9f4bf58bL,
-        0x54dab2aea52e0c73L,0x0f4a6a5177eda7a7L,0x5356635827e03485L,
-        0xa43fa520a87f96d9L,0x8b82a2dc026c86a0L,0x00000000000001e5L } },
-    /* 50 << 490 */
-    { { 0x9a17a22e28c209c3L,0x4c3776f5275c7b6dL,0x2b78c520e4b62488L,
-        0xef7cf9ba8b99989dL,0x540c3a11a7883805L,0x314401635fcc1197L,
-        0x27a51e77406245d2L,0xfeb5c66a87da3cc5L,0x00000000000000adL },
-      { 0x2406a28ff97dc5c0L,0xc44de6717cc0304bL,0xd8b8c3a7a893730eL,
-        0x1755fec500c14fcfL,0x34e16a56e61a6b56L,0x936f471d8469199dL,
-        0xeee12092ddfd51c6L,0x912b3141617a3645L,0x0000000000000112L } },
-    /* 51 << 490 */
-    { { 0xe68216c4acabfc0bL,0x575047098206f7b7L,0xeeacfd72278d0fd6L,
-        0x26009914125b3bffL,0xf2c4d59974430c62L,0xa883c18c6576fecdL,
-        0xe8c29e2b58f5c1abL,0x19715f47d63f80ebL,0x0000000000000136L },
-      { 0xf1fbd8413907f8e8L,0x3b6d0ee100b6840bL,0x582779a8e7ea2006L,
-        0x24d05b01c79c4ba1L,0xc11c23d1e48ed567L,0x31ca1d96ca92fcd6L,
-        0xfbae1fdfdc9f7647L,0x47d7d61d94549301L,0x0000000000000035L } },
-    /* 52 << 490 */
-    { { 0x31da39dbb68cf907L,0xb02e9060d1e99729L,0xadd55a9689bb1507L,
-        0xecc7856a4b5470a1L,0x40a83460eab8cb1fL,0x1c1f3c112b2c9159L,
-        0x7b97b58f7883ff7aL,0xe7e97a4abde1caa7L,0x0000000000000139L },
-      { 0xfa1da9d4b8ecc0d1L,0xe6212df16e7641b3L,0x828c55c6ebb36f6aL,
-        0x5b7ead1609d6a861L,0xdb35a05fc2844248L,0x3c5089b2776dd2cbL,
-        0x2b6595bfed9eb5b0L,0xbddfaf004d176cc9L,0x000000000000008fL } },
-    /* 53 << 490 */
-    { { 0xbcd382ebea56a75aL,0x53e072c1532eddfbL,0xf9e876e05394a791L,
-        0x8d1b21bc90cd2760L,0xf1dfbd70d35c0c7fL,0x5f974acd25822227L,
-        0xb7f59ce3ad8a5cbbL,0xdf4c1e5a5266c9abL,0x00000000000000d7L },
-      { 0x49c8ff4e5896a558L,0x38da671d1b3eec29L,0xe8ad9b620128778aL,
-        0x99478bf41d53b8daL,0xe0196e99b521a1c4L,0x9075689f5ed4551dL,
-        0xa89983aed3b8db57L,0xbf2e18e0920ed9beL,0x00000000000000b8L } },
-    /* 54 << 490 */
-    { { 0x0f498b6bab33f9d8L,0x4ad288a62ccfc0fbL,0x7115968d312aaf15L,
-        0x3c01241a2ecffcc8L,0x80f841855f6704e8L,0xbfec176e279033b9L,
-        0xa72fec76e9634860L,0xb3b673afafa844ccL,0x000000000000009eL },
-      { 0x0c0409d7f67aa5c3L,0x06d70f351f87efb6L,0xb203904279578f67L,
-        0xd72c5ae7d4a73775L,0x15146ae382883850L,0x368d7af83f25050aL,
-        0x1fbedcfc4025b2b7L,0xb75fc92f5ab52601L,0x00000000000001f8L } },
-    /* 55 << 490 */
-    { { 0xbcea48fce7f90fefL,0x2948f00104a5cad2L,0x741f5fd7381f63c2L,
-        0x2480d66320c40d0cL,0xcc71dd56fa3933c6L,0x32537996b42aaccfL,
-        0x2058a90ec1de949fL,0x8cddb8a4337c3d9cL,0x0000000000000118L },
-      { 0xbec707c69f6d7d34L,0x3961a86455e2adacL,0x6ef452a7e74039a5L,
-        0xc7dc50b0ad925d03L,0x9abece09b0c3266bL,0x7099d99a9bed8b60L,
-        0xcf86e9b4dddc307fL,0x4b55f07acff68c17L,0x00000000000001d5L } },
-    /* 56 << 490 */
-    { { 0x3e39683dcd351b10L,0xe16197210a895f34L,0x252e80da411d3459L,
-        0x1cf1f5433456c4a8L,0x7d561558fbe9379bL,0xb851ccfa95445524L,
-        0x63047f7cd73af554L,0x9414829ccd036021L,0x0000000000000138L },
-      { 0x1a267c2a72c27112L,0xa663014f7031c061L,0x6c342632bdb60991L,
-        0xeabab7ce0d230b20L,0x0bb0e281c3bae5dbL,0xc46b86b7d63a462bL,
-        0x1964d38cb34aeafdL,0xc165169bb2548043L,0x00000000000001e1L } },
-    /* 57 << 490 */
-    { { 0x0069f78595054d41L,0x1915d067ffb41edfL,0xd2a26117106803ecL,
-        0x01aee38f45acc15fL,0xc17f9a13e5e0ca69L,0x9650dd183b3c005eL,
-        0x80dcb7b979ea11a4L,0x8016e13f161b05b1L,0x0000000000000005L },
-      { 0xc34447de63240c80L,0x7055b0885924cfd7L,0x0827c7ddbd76a15aL,
-        0x2c0986b73aa18316L,0xa6c6a88f2ac32019L,0x0738b1b3cf9a7941L,
-        0x7b55ebfc25337538L,0x533fcc0a015f8678L,0x000000000000014eL } },
-    /* 58 << 490 */
-    { { 0x1a96801aadb8bfe3L,0xe75278daf390769aL,0xcb8de5149bc85577L,
-        0x26d506ca59959b5eL,0x134f13278a3ecd50L,0x990cb7b3bf13e3c4L,
-        0xd2c83b2625b4cab7L,0x762f5e88306fda07L,0x00000000000001f4L },
-      { 0x4c07d7fbada306d4L,0x4bec248d3e507275L,0xd2e58fd9b23246baL,
-        0x9cd7d608419a7944L,0x85b076b56ff066e8L,0x75815995ad21887fL,
-        0x898f9f2d778e8eb2L,0xda74a1c47d16b4e7L,0x000000000000010bL } },
-    /* 59 << 490 */
-    { { 0x5a99a36a89e67b6eL,0x6a9fadb934faa0e1L,0xbff8efff81886662L,
-        0x6d30dbba5e4281dbL,0x793e30fec50c8b7bL,0xcd8b5ca3d31f298bL,
-        0xc3618e2f8b3ab7b9L,0x6d9afdddb566cbf6L,0x0000000000000192L },
-      { 0x588a45bf8c86b790L,0xe384791ccbcc0262L,0x94dcfb139220da30L,
-        0x0a11742af8a98f9dL,0x8b32affa180b4e5eL,0x009e3017900f981bL,
-        0xdc0cdb67077045ebL,0x6370593425e84b0bL,0x00000000000000deL } },
-    /* 60 << 490 */
-    { { 0xd8a907f1495af650L,0xbcb3f6e27a3ac35dL,0x1aced00f606706adL,
-        0x8ce32c00a2e1cf9dL,0x1e0e979705f91cacL,0xab21e96b9e98af3aL,
-        0x92f4e6dbbbe3c415L,0xfd9b407646c929afL,0x0000000000000097L },
-      { 0x5da0209deee8423fL,0xa22af5cf098eeb14L,0x5e379be216e722beL,
-        0xe06cda5b9680b5acL,0x832c5aeb311d0269L,0x7471c5d7e4943d03L,
-        0x148e2ef20776d3ecL,0x658a17b50c51efc3L,0x00000000000001f2L } },
-    /* 61 << 490 */
-    { { 0x661c9b4356ddaea0L,0x293c59e2922d963eL,0xc4cde92daaebd3afL,
-        0xab071b5f1d039ea1L,0x001a3455800846aaL,0xed60d946be47068eL,
-        0xae57d28e81e38d14L,0xc1ebaf7aea1b4b13L,0x00000000000000d7L },
-      { 0x813636f2f6189471L,0x18081bb61053facfL,0x5df021c61a72f2bdL,
-        0x95867c61e6221fb5L,0x98230da20f68c36aL,0xf8a71504bb930cb1L,
-        0xc66f68c49206110aL,0x6d859d5b4a9704b4L,0x0000000000000107L } },
-    /* 62 << 490 */
-    { { 0x945527c00753ebb0L,0x58d67d3c66168307L,0x0ec55d7dcc6d285eL,
-        0x53f3f9edfd180ff3L,0x862c163e841badf8L,0x3a283e8fe6405388L,
-        0x1f21be3ca83e0e8aL,0xc8be2fba8d854e58L,0x000000000000015eL },
-      { 0x9f10d5bcb68293e1L,0x634a08d72787aaceL,0x29edab8649be3cd9L,
-        0xbdaa11c791666966L,0x42a13787d7f98440L,0xbeca84bfcccbc458L,
-        0x7c9e9a69a565c2eeL,0x1a0af783e8b2bb1cL,0x00000000000001d9L } },
-    /* 63 << 490 */
-    { { 0xab166e77803ef03eL,0x02c155561695a136L,0x0d569bf059f0a685L,
-        0x71c9d373fe7d3aa6L,0xb0560c7ae92b0c1fL,0x0f31f03af89493abL,
-        0x9a403a9f2e67af99L,0x39d67688b84fd6dfL,0x0000000000000079L },
-      { 0xa1544f774f550f0fL,0x4dde151021bdfcabL,0xb20ff20adc61a321L,
-        0xd7762640a6b40f30L,0x1ceca244750f159fL,0xebdcad0d46ce6583L,
-        0xae45629873f0b152L,0xa7d11d19be995716L,0x0000000000000141L } },
-    /* 64 << 490 */
-    { { 0x0ce1f2d1945039acL,0x1d1e6504fdf94d41L,0xf36eafd58752d630L,
-        0x24477f7fefbf0132L,0xae8fba2cc02bf85bL,0x53a24ca8eb510e61L,
-        0xeadbc7f79c2c453dL,0xcfdbc9dc310eda46L,0x00000000000001a9L },
-      { 0xfbf287c8d8f82b51L,0xb7ca60967f0ecadaL,0x1dc411b715242666L,
-        0xebf82d6c3dc6ed96L,0x8f82229dd0a92b49L,0x75a6a4a79dac585aL,
-        0x443ae75ec839248aL,0x4defb89f1ba7c9c3L,0x00000000000001b5L } },
-    /* 0 << 497 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 497 */
-    { { 0x20e2fe1972925756L,0x4815ae3332ce7832L,0x183d90c3eb8f4eb7L,
-        0x0e088af52a8045d9L,0xf8232956da04790fL,0xc24661b5ea0118c0L,
-        0xe4152695a72924a6L,0xffcb277840ab56b7L,0x0000000000000120L },
-      { 0x1c766208aae9af57L,0x21769dda239689e7L,0x9dc2194a235ecf56L,
-        0x930e993fcf83a067L,0xb6725ad332913e2aL,0x09bd9ff9fc942b50L,
-        0xdfb47d67600d426dL,0x4cc06c589def7175L,0x000000000000003bL } },
-    /* 2 << 497 */
-    { { 0x9c3f082939926493L,0x6bf1089ee3d0f530L,0x3e91285d7d7d5b4cL,
-        0xd8d70f1b02bb958aL,0xe4b0e8c1bdbd2b6eL,0xea70f1079239f187L,
-        0xd30f4ada27d37ca6L,0x0358f6b3c88eda99L,0x000000000000010cL },
-      { 0x8957ea97e385ac45L,0x707e7445b4ff3d17L,0x4a6d4dc840a361cfL,
-        0xd086353b13aae7dbL,0xd856f4c9a478b479L,0xf687400f4d7cf67dL,
-        0xfa3000b6ce52336bL,0x805459d7d0b88a94L,0x00000000000001ecL } },
-    /* 3 << 497 */
-    { { 0x96632b75abe029fdL,0x38280dbd57aaa853L,0x2a49ff1956556bf7L,
-        0x76af8029017ad9e7L,0xe231979265ea6edfL,0x71b0793c9cbb4069L,
-        0x1f89d54df62d86ddL,0x48601cbd52809190L,0x0000000000000116L },
-      { 0x825a9ec295f5317cL,0x9af044995b568f34L,0x0a74e92670c96172L,
-        0xa87fcc849cbe4ca2L,0x409e58c017b5587bL,0xae221d81686599f1L,
-        0xdb87c25e9b04ae84L,0x2a847873f9a49cb1L,0x000000000000019aL } },
-    /* 4 << 497 */
-    { { 0xe862a17bbeb4f9f1L,0x5e701369310c4b65L,0x01ef66253377f678L,
-        0x56157709da8beb61L,0x7ca21b049ef7da41L,0x9f776dac88e486a6L,
-        0x53dd04cf8aed6f6cL,0x4a7df43e953c2d95L,0x0000000000000158L },
-      { 0xe5bc0ded1fcc4484L,0xb337eb4eef6d0e8aL,0x02208b42dabf0d9eL,
-        0xe64c8529467bfc55L,0x0cf409592e141810L,0xa34af9d656fa0badL,
-        0xf3471d5a5345141cL,0x89a7a82c1ff7597eL,0x000000000000014eL } },
-    /* 5 << 497 */
-    { { 0x3fe4077368245bb9L,0x89a284bba3626a8bL,0x73c190915a9d7ff6L,
-        0x8e3baf6fcef0b5ebL,0xe3d8006921aa008aL,0xaa3f179932b686a5L,
-        0xd20cfb52eb1ea953L,0xd62b692f360c2ac8L,0x0000000000000050L },
-      { 0xb1b8bf37f4c933e6L,0x090d3bdd5af935bcL,0x8e4854d2ad9d74e0L,
-        0x5b38d8eba00bf5f8L,0x837582475f478824L,0x5c7e2413f71a8d3aL,
-        0x955642770665c873L,0x37d95026d1f7a638L,0x000000000000013fL } },
-    /* 6 << 497 */
-    { { 0x10459adc9fae827dL,0xb9c6d71d622dae77L,0x8d379015bed58a7eL,
-        0xe6b71390b90143c2L,0x08eb29c40a8985f3L,0x30c331ff08db169eL,
-        0xbe336067077fcc98L,0xaf6477724e16c914L,0x00000000000000bcL },
-      { 0x1836d521e134601fL,0x8365f5c7a58ceda3L,0xc4c114f6a6fe142fL,
-        0x4651388d461a4d3bL,0x1b4cf10a639f7948L,0x140f9efd361665e3L,
-        0x436f20b0c743b8c7L,0x4e1d732d710cc0a6L,0x0000000000000186L } },
-    /* 7 << 497 */
-    { { 0xbd6db523c85a0848L,0x987c70fddacb2b06L,0x3dbaa519b16e9914L,
-        0x14205aef40b2923dL,0x5d09323ec1d161dbL,0xa68b68850e462298L,
-        0x0eecab4fdb91ceb8L,0x10ff0480339fb226L,0x0000000000000099L },
-      { 0x4bfe6f364def0c94L,0x21b3cd30ae7c0ceeL,0x2396ba6610b510caL,
-        0x2c9b665184b52fbfL,0x25e93bef7a84e6afL,0x83846a6623f7a204L,
-        0xf5eb2e3e5da84c02L,0x73e65cc62c870984L,0x00000000000000a3L } },
-    /* 8 << 497 */
-    { { 0x4270a7973c80f820L,0xe1455e1cd8e3db55L,0xfc7d04b5c31eea36L,
-        0x86d4b43d8237619eL,0xca90fead5696ac8bL,0xd1df350dbe0a5d49L,
-        0x844e818faea06270L,0xfa19b70bd89cc1dcL,0x00000000000000fbL },
-      { 0xbae72ff552fe816fL,0x7b5d9e529a5a3747L,0x7a7eadcca689a68aL,
-        0x18dec239330ba649L,0xafc49e4ceb30bd8fL,0x2504271680c1a715L,
-        0x4d5aafffbf6e92d9L,0x94af51fb7577cc4fL,0x00000000000001b9L } },
-    /* 9 << 497 */
-    { { 0xbb49e8054732030bL,0x0829d482bd03cd5fL,0xb9a6136c5f6950e0L,
-        0xfc781907dd4f9182L,0x9b4141a166ec206aL,0x3577a8fe18a46639L,
-        0xd1aadfcc28960c88L,0x0b13bc74f4dd4d20L,0x0000000000000142L },
-      { 0x99edf0c678898705L,0x9177bd2fb71bce68L,0xe0ce6c6305ba1470L,
-        0xab99c6573f5fe41cL,0x437f2df7367dd373L,0x240fe1bf4d543d1fL,
-        0xd4f2abbfc0ddf245L,0xf230491ad6da4440L,0x00000000000001e0L } },
-    /* 10 << 497 */
-    { { 0xeb2ac3780ca7c04aL,0x6503ef0d2c07f4ddL,0x25f353f3eab6a53dL,
-        0x53d58f68879a37d4L,0xc63460daf7a73064L,0xf6d94b623ebc4da3L,
-        0xd32258dbc810cff9L,0x3aaa05f66f1b0c2aL,0x00000000000000ddL },
-      { 0xb16bf6925cdb2275L,0x3de2596915cdac6bL,0x9e073ef027ab70e2L,
-        0xe343955416e91fc5L,0xbf3afa34b457e4b9L,0x4f7538f76659f402L,
-        0x0eee4ca52c76dd2aL,0x4d756cfb8c55212cL,0x000000000000014dL } },
-    /* 11 << 497 */
-    { { 0x909a8cb6915e964cL,0xba20835036b97440L,0xa316b2e155cffb24L,
-        0x86b2afd21b6c690eL,0x8d3121b8ef32a58eL,0x243e5a3755faf21bL,
-        0x86a70ccd48e1eb3fL,0x7fb7ab7b856482a1L,0x000000000000017dL },
-      { 0x9c565882ab37df1aL,0x2c2e3f640ceb193eL,0xde7462f66fa488a9L,
-        0x9505158bc0a49496L,0xf8c7087263ed98fcL,0x90d169ed35962a1aL,
-        0x9c5a71216e74e666L,0xd0276edf3a407e03L,0x0000000000000005L } },
-    /* 12 << 497 */
-    { { 0xd8e41426a9df462dL,0xb74954b0ed2c3482L,0xa89b9b49cd400ca3L,
-        0x300d10c3ca71c044L,0x6a7d6d0c3f027519L,0xbff329d8daab84adL,
-        0x9df171a25a1bd3caL,0x4d3ac287f908de36L,0x0000000000000155L },
-      { 0x3c39aaacf399d7fbL,0x155af8e309b50490L,0xf1c274c44e8b235bL,
-        0x80dc35149732546aL,0x17bf13806555e151L,0xc41ea61064ee4231L,
-        0x997707e1a29c4555L,0x7c29fdf3658270b8L,0x0000000000000039L } },
-    /* 13 << 497 */
-    { { 0x4470a10c15b5487fL,0x59e0034abf2901ebL,0xa004882f96f26b66L,
-        0xf0747b1f55ac9ec0L,0x00b2726126587c55L,0x08a8217ef3a868f2L,
-        0xc138619039ab6420L,0x75a2f37063ef87ffL,0x000000000000015dL },
-      { 0x31e93fe5ca9cf04aL,0x86cea3141ab48f4eL,0x61576808902a3aa7L,
-        0xdb2d78c451cebc3aL,0xb20d8a8239946890L,0xff048d9292b61791L,
-        0x87a1e8d88e48280cL,0x09921ba4db22a5e1L,0x00000000000001aeL } },
-    /* 14 << 497 */
-    { { 0xf4390ba3fa83b37cL,0xcb3a94f06e227864L,0xd13f93362d54afc0L,
-        0x734b02866bf22e28L,0x027d32d36ecd5c60L,0xb7c8a2936ea8017fL,
-        0x9001729bbbfee411L,0xedc83e030bc69acbL,0x0000000000000042L },
-      { 0xc848406df076c0ffL,0xa7a5157da1258854L,0xe68222a851655acbL,
-        0xd63300044c79c785L,0x4bae7f1b974690d6L,0x934fac86bb32fc1fL,
-        0x8ebf3a73e88a72d7L,0xadac779440b91c50L,0x00000000000001f1L } },
-    /* 15 << 497 */
-    { { 0x3b64a126b7335d8dL,0x2961ee1ba9248dddL,0x640c9146e01dbb47L,
-        0x0b7a2164c2ff9613L,0x5056eb03fdbd4002L,0x0ccaec0a02c765a2L,
-        0x20064fd4a46f0c72L,0x0f0710b082b4ef91L,0x0000000000000067L },
-      { 0xff5d6b7ce04b5b0bL,0xfba3d44ac1f15aecL,0x89765ae5ce66d753L,
-        0x65b3330be6e0a598L,0xd5f357987e388524L,0x1fedce600b10eceaL,
-        0xa49a65d453659065L,0x685a55643162e5ebL,0x00000000000001edL } },
-    /* 16 << 497 */
-    { { 0x513a0c6260637ab1L,0x4a25bee092c5b308L,0xcd3dde9265d8b6a4L,
-        0xce8ece9b60ea70d4L,0x289b7557af5d779fL,0x1df029a4ff6459cfL,
-        0xd00ac6d5ce09288bL,0x9a9f96859a9f5b92L,0x000000000000006fL },
-      { 0x18cb0922b5b63cd8L,0xd4753ff126fd1c21L,0xa4d1f3571080dac9L,
-        0x7fe4f3ac24de88c3L,0x4ba767da3e60655cL,0xaf4a647436c75e45L,
-        0x4854eb2195f2505fL,0x831446cffe3b33efL,0x000000000000016dL } },
-    /* 17 << 497 */
-    { { 0x4fc3ceb50d704c8bL,0x76277d00511f43f0L,0x81319fed1acdcf62L,
-        0x9e45ed07c9e7557aL,0x57486b5372a27c01L,0x37dde1bf44718054L,
-        0xf299012b5f67b6d2L,0xf611272d52b4570aL,0x0000000000000119L },
-      { 0x4e9f26295623b9e1L,0x5e63fd62e8c47729L,0x31c312230ecddef0L,
-        0x5ab7172a2ddf7e5dL,0x916a08f99de4622dL,0xf70f248bc8f3a4bcL,
-        0xe90e066fcce7573eL,0x4a8d09745854a217L,0x00000000000001a7L } },
-    /* 18 << 497 */
-    { { 0x35ce884eef326466L,0x12ea07254fd35784L,0xa8eda224b6c12e71L,
-        0xcd4088a98fca4b4fL,0x2c65668458e0c8fdL,0xa1992c076c3e0026L,
-        0x4585191b0de1ff73L,0x41e41c18b945e9d5L,0x000000000000015bL },
-      { 0x95d265696d686841L,0xc3b5ec5b7c82209eL,0x708412906b2f6dd1L,
-        0x62711988377ec7f0L,0xc5a41362f8044572L,0x5c152ddc6c97a652L,
-        0x315a403c78043e3fL,0x00f750863cae2d02L,0x0000000000000041L } },
-    /* 19 << 497 */
-    { { 0x69eaa031e84a32efL,0xf64318511f18bdb0L,0x45a72bae00ea0ec0L,
-        0xa58114764f8cd7e5L,0xa2d4f720df207a7cL,0x10f9d9582e4b3929L,
-        0x1919647cafd9a331L,0x932093227bb3b2d1L,0x000000000000002bL },
-      { 0x1a489aa9999524adL,0x461e5e8f47ccbca6L,0xb112fa557218dd85L,
-        0x8d6a44e90f5f41bcL,0x8b5dc510de9a654cL,0xe03a3eb28069bb7aL,
-        0xe4c8200320045ff5L,0x683271bdfa37db56L,0x0000000000000085L } },
-    /* 20 << 497 */
-    { { 0x3bf023ad4af30875L,0x618ff68809817545L,0x07d4ead2451da716L,
-        0x794aa49829eb0835L,0xbd59562f42924bccL,0xafcf72eb72e399c9L,
-        0x8bf1a1a963e80b19L,0xbf8bee820f4c4aa8L,0x0000000000000161L },
-      { 0x020961f55448c727L,0xa703507a4eb32427L,0xe1778e68d45d8b76L,
-        0xe649604ffad79eb2L,0x61f41e6254ad0127L,0x0b54947fa01b89d7L,
-        0x5642af5b120716e9L,0xd9aafd3ed0876d5cL,0x000000000000004fL } },
-    /* 21 << 497 */
-    { { 0x24b368c4c9fc49d8L,0x5901a2196ffababbL,0x2b27398ff8d51ee7L,
-        0x7bbbafa1e07890acL,0x4e54902636dc7e93L,0xb9b7f2be5c0aa112L,
-        0x4ef4a83c5f948620L,0x851400c7ba7ecc64L,0x00000000000001e1L },
-      { 0x8e5ca181b6067620L,0x5793d961496faf2cL,0x8ac484364996f453L,
-        0x8df70948137517bfL,0x90cf159779458200L,0x949c38c4aca5b183L,
-        0x319b3c666211c917L,0x57bf88e3500ca01aL,0x0000000000000098L } },
-    /* 22 << 497 */
-    { { 0x78811b6e05fddb66L,0x5658f3a212a3cc05L,0x5b35c76238f7cbe2L,
-        0x57f36fb154f22cdeL,0x4a825341f83dca4cL,0x87e1c04e42965f1fL,
-        0x2791df2518daad8dL,0x14132863a8944d8eL,0x0000000000000194L },
-      { 0x41bb6a0bc1925507L,0x045af8dcd773e57eL,0x19c14986fff5e4c3L,
-        0xdc7c96ca0f7586c0L,0xf37a6e7b439c87c4L,0x1e4e93876e166cffL,
-        0x2111c8ab6872cc08L,0xc078f60d86c301fcL,0x00000000000001d6L } },
-    /* 23 << 497 */
-    { { 0xd79e9b9fa38e1f16L,0xc8ee2fbd74b510ffL,0x9be3175ac09d14f6L,
-        0x417030d3d350614bL,0xb90492c8d8dd55f7L,0x00bd5e70d09ee667L,
-        0x144eab3f9c4f5197L,0xa066177fd1ad6d51L,0x0000000000000149L },
-      { 0x20db4c6c0879aa61L,0x5ff9dc7d1071725aL,0x1d80ccd2b39e07feL,
-        0x3bd60188b3f048d7L,0x5f60142b994c914eL,0x5e858454058ef641L,
-        0x02e1e4a5ff4ae974L,0xc5f4e021399f23b0L,0x00000000000000e1L } },
-    /* 24 << 497 */
-    { { 0x8e1a6c2f3e0bef3fL,0xb715403e14018b23L,0xefc99827613f0c37L,
-        0x92437b5613170a30L,0xe84cbe8f9468e300L,0xe69b08f14bab3970L,
-        0xfcb78f771558e9d6L,0xc0140529af25ed50L,0x000000000000017eL },
-      { 0xff3fa668168134c6L,0x46e8edc72bcc2e99L,0xbbebb21c86bfbf06L,
-        0x6b7d6159f204dd32L,0x75bb85ec1fc7e40aL,0x0f3e1043ad14c187L,
-        0x44187117000a86baL,0x556420bb13d09defL,0x0000000000000177L } },
-    /* 25 << 497 */
-    { { 0x554448c0fba3377fL,0xe136db9d3902cdbaL,0xd47511ebad6e52e8L,
-        0x7339fa6cd9b3e28dL,0xb7642d4a6ca6868dL,0x943007ad8c8fde03L,
-        0x9cc9807a123d09e7L,0x841e97739beae0eeL,0x00000000000001cfL },
-      { 0xe7a94fa8789a0156L,0x76bbe08089619245L,0x0a7314b211444aa3L,
-        0x8984ef43d2639f78L,0xd5a4a5e517699a5aL,0x6c3988ba314c3535L,
-        0x7c82b93ebfc25e87L,0x857f7c3cba2d2b98L,0x0000000000000039L } },
-    /* 26 << 497 */
-    { { 0x7426610eae8eb2f9L,0x2e63e518ed0157abL,0xf4cf1d37ec0141d1L,
-        0x1fa5a97754c8a497L,0x90e2750c50f7cbc3L,0x2465f6e651392c9fL,
-        0x9d19fff295ceed17L,0x13020fb3d3023087L,0x00000000000000faL },
-      { 0x56de6ae0065bf7eaL,0x793e1c385c37fa6bL,0xff3c043b4b74f191L,
-        0x8d7ad72faf2ea8a7L,0xe606b3fde9a85535L,0x6167d112c411751cL,
-        0xe594b53785ed0344L,0x5d10ae657197503dL,0x000000000000000dL } },
-    /* 27 << 497 */
-    { { 0xd75d6bcc525a4ba7L,0x75831970ff5192dbL,0x2881fed46ebf94b9L,
-        0x9287616b74c60c34L,0xbca8e1929750259cL,0x5f06620d9cce8056L,
-        0x88a1cdbdec42039bL,0xd2d7f35782851092L,0x0000000000000194L },
-      { 0x6f7297c9e99faef8L,0xce5aefa067ca905bL,0x8aea3927825cf9abL,
-        0xc61c45a46c6b844bL,0x218b1a55c21688ebL,0x84f51d90b50e00c0L,
-        0xab5528156920a836L,0x19900cfa6be8182eL,0x0000000000000125L } },
-    /* 28 << 497 */
-    { { 0xe27b7fffcdfd27a0L,0x081213e1de02dddfL,0x0506179a90c68515L,
-        0x91f33ddac6979fdbL,0x7a7b766f6c075aeeL,0xf5e9f6bf4f16c84dL,
-        0xa1502a0ec8fb6599L,0xba8682718ed8bdb3L,0x0000000000000182L },
-      { 0xcd8039b45e609153L,0x45112e760e819341L,0xc2dc373c023ea208L,
-        0xe45a2f499dba881cL,0x50b2e55ad8dee4dfL,0xd15b89ba99ccc4e8L,
-        0x943358a9fa42dc9dL,0x73659482f0193e0bL,0x00000000000000d9L } },
-    /* 29 << 497 */
-    { { 0x99aad65bbb3bb203L,0xe0310f2e07991fe0L,0x528a081533b4e15cL,
-        0x342e836e408a61c5L,0x7cfb0b0fe062a87fL,0xee028eecbd81b770L,
-        0xdb3ba8f9f978510fL,0xd5a19a2c8beac70fL,0x0000000000000052L },
-      { 0xc7cc2ec1a4e6baedL,0xf1f5e6088ede29c6L,0x9ab7a0251f2a4e0aL,
-        0x0938e50c2216f6fcL,0xd3fbf3a2d36da4dcL,0x14eb4e27d87198d4L,
-        0xef09f9566a7d394eL,0x82f28f877059da0aL,0x000000000000005fL } },
-    /* 30 << 497 */
-    { { 0x39e766d6fc267beeL,0x21eaa063a51bef4aL,0x04b31088d5b1da6cL,
-        0xa9fb47bdb21fa3e9L,0x2f50eb96cbd14de7L,0x14de2d69f6109a85L,
-        0x00dd17255716845aL,0xb8edfda66e70389aL,0x00000000000001bfL },
-      { 0x1032c9f212d25839L,0xee5027717e862a70L,0xabb31c0594b14062L,
-        0xd9ab09d45d063501L,0x96ff13a5130e8e50L,0xa6c8803b27ba8876L,
-        0xd2e3e7f07dfbbefeL,0x9d2e5ac4eb8ec9eaL,0x0000000000000026L } },
-    /* 31 << 497 */
-    { { 0xe9d412ef1bbceb78L,0xfcf978bd208b992aL,0x6a53da6f703e13e1L,
-        0xaf8956f7a8424181L,0x81a70a68e97cb9e6L,0xed0fbc16341b2d69L,
-        0x70cf66385192869eL,0xbf9dd960f5a0dd0bL,0x00000000000000b8L },
-      { 0xee6e26feea5c7ed1L,0x81c271315321b93bL,0xc66fa92b7608aba7L,
-        0xb63345cbeeef7219L,0x4ae5e8c22895ec0dL,0xeeb3fb467f3b6e74L,
-        0xeaff7601191adf9bL,0x44eab56470dc9ef1L,0x000000000000010dL } },
-    /* 32 << 497 */
-    { { 0xedbb59dca9aff80cL,0xb32f9f1d305107ccL,0x7a0de3d199d4d1f8L,
-        0x701b04850637729eL,0x13d85cc4b86c08afL,0xfe4b62a8cd43b0e7L,
-        0xba8ba3f38a012627L,0xa589240b2168bdf6L,0x0000000000000073L },
-      { 0x028c8c11d8f16b56L,0xff6f2aa753816648L,0x677b98ab29bbd5abL,
-        0x492513b8221f17f2L,0x828fa4baa5eca5aaL,0x15b65b2b560d8196L,
-        0x737cdf4377fe2f2dL,0xcb1bc918c044cc80L,0x0000000000000138L } },
-    /* 33 << 497 */
-    { { 0x0c11966e4353dc79L,0xf39bf5ae84b26b86L,0x9b07118314d565e4L,
-        0xaa9f8c5664977731L,0x12340d1b899b8932L,0x81b43cd0222df038L,
-        0xebacd57fa96f4f7dL,0xd38b93c8e704f11aL,0x000000000000019bL },
-      { 0x485e1ba6836402e1L,0x6f34201901bd178aL,0xf342b57ed7c7d3d6L,
-        0xceb499c57de7c78bL,0xf3be5233a4ad7926L,0x217081dd11cc5b51L,
-        0xc0f92f053c9437d8L,0x38b2b045c0e420bfL,0x0000000000000124L } },
-    /* 34 << 497 */
-    { { 0x82c834ecced14849L,0x35a0e1c96e2ad702L,0x9bce8fc925afa4afL,
-        0x0c78ec0dff85e7caL,0x754f5c1a18db20caL,0xf112798679e6b204L,
-        0xb5148832e6a42b51L,0x9db5ac23ecbdf889L,0x0000000000000180L },
-      { 0x4d07cefb65b7214cL,0x7ef0f7670a8db016L,0x2f7db6ecc9f8d9c4L,
-        0x754299113c619d3bL,0xf8c6e1ea36619891L,0xc016f4c409d50a59L,
-        0xe36545e182b52f78L,0xed17d9dbbacaf6d2L,0x0000000000000052L } },
-    /* 35 << 497 */
-    { { 0x5d1c2189b589ab22L,0xd05f29db8f8c11bbL,0x445edffb8eff8657L,
-        0x3fdad8e54cbc6627L,0x1ee7e60dd2a3383cL,0x7e31b910991ad078L,
-        0x65bd80d5b1a278fbL,0x352d10928e03512cL,0x000000000000000aL },
-      { 0xc726086490b1b600L,0x4d4152ece639a6ddL,0xbd35547f41c4017bL,
-        0xa1d24f1cf1c023eaL,0x8a536e83e7d8082bL,0x8689dd3fbf567013L,
-        0x3c3538ae5cea1147L,0x9ab19fa10c5438c3L,0x0000000000000136L } },
-    /* 36 << 497 */
-    { { 0xe364461feceb36f5L,0xa2c2b4407c5572d3L,0x30e788e4db92e5a2L,
-        0xf3efe8fa6d4ad73cL,0x621f4fd368d3b7b1L,0x0bd9693c3fb46615L,
-        0x52da482fd34f2a58L,0x888f46b79880fd28L,0x00000000000000d0L },
-      { 0x8a0ec5cf1a628d9aL,0x7205caf0c8e29f23L,0x274d619a16f112beL,
-        0x79041e561bf69ac1L,0x5b17ee9cc5ef616cL,0xa66c9d83bf671d10L,
-        0x7bf826d41abdf2ddL,0xfb3391f2135cc6d5L,0x00000000000000e5L } },
-    /* 37 << 497 */
-    { { 0xe7bddcc19fcd4762L,0xb029f4697c5390ddL,0x98ef31963fac7209L,
-        0x4840f8f3513e4762L,0xb6e1f35152698b01L,0x699aba9e4bc640dcL,
-        0x9ea16ea460648961L,0xe6a218fc9a46a0a2L,0x00000000000001c1L },
-      { 0x27371dd1727b38f8L,0x338bed65e0b7a0ecL,0x2e333657c0ba0c0fL,
-        0xc6e7f81340196865L,0x87158160bb8bbb34L,0x179fbf852dce1880L,
-        0xe3b4f4ef9f2c7923L,0x73795470316d5fa5L,0x0000000000000020L } },
-    /* 38 << 497 */
-    { { 0x19712908cce1861fL,0x0359fd743717f4efL,0x9a092879bd3a53e2L,
-        0x97aa8533f6854d5cL,0xc4163cb6d12cf988L,0x80025aec03691f95L,
-        0xb62cf9e5276fcea3L,0xf1ed5103e50af5b5L,0x0000000000000114L },
-      { 0xcc7c15357ba70e60L,0xdbc285f899e1824dL,0x2bb06046666906d3L,
-        0xefdb9e5ecbd68ec3L,0xaccfb9c45061c150L,0xc0107ff714434399L,
-        0x3ee3636f3e9f6b0aL,0x23b13a8fc2a10c8cL,0x0000000000000162L } },
-    /* 39 << 497 */
-    { { 0x995ac8a670b17352L,0x7cf059b2d9d4f826L,0xa82b0722bf98b787L,
-        0x1532410d612d9a79L,0x75668bc2b44ae70fL,0x63cc756cbaf63a0fL,
-        0x5499dfcf97a52695L,0x541e7a68c40906e7L,0x000000000000002bL },
-      { 0xc02c4aac17f7b128L,0x9c456b93a171c241L,0x931d09919b48b980L,
-        0x52cccfad3e0c0ed6L,0xf23004085968a6e5L,0x93a8b420bd3d48a6L,
-        0xb3ca08bda2bd79d3L,0xe02f0782d018ad6fL,0x000000000000014fL } },
-    /* 40 << 497 */
-    { { 0xf0fa90d83b50a230L,0xdd15885ffd95910fL,0x4105a4e148038a64L,
-        0x2f69d817ae07fcd1L,0x0536353fd0484f76L,0xb3beb1eeb8d64baaL,
-        0x2ff37ff558adc510L,0x5677b99149f78e1fL,0x00000000000001b0L },
-      { 0xe22bf1ce43b8275eL,0x5ec18f04b7bc2931L,0xcb53d3e0f01fa620L,
-        0x49db793f9587e525L,0x7f1e4ca35c884f2dL,0x5ad4e4c459437624L,
-        0xa1e3329f4994207aL,0xe4cb938f88594aefL,0x00000000000001ceL } },
-    /* 41 << 497 */
-    { { 0x68609efdc4fbbccbL,0x55975ca04dc6e8ccL,0x54f541b358d63323L,
-        0x6564edb1bc8620afL,0xbe0e1fb6bc6a6d58L,0x78d76d4cc87ed075L,
-        0xe4942b1c177dcb48L,0x382da425ff82d99bL,0x000000000000001eL },
-      { 0xe06e7855568fded1L,0x560b408d0a5c74deL,0x7b77bbb3945fc598L,
-        0xa8c08370cfe47a88L,0xb0616cd18fb375ecL,0x2a0b5ad9ad76d748L,
-        0xd30413703f493011L,0xa69e11003e55d3cbL,0x00000000000000a4L } },
-    /* 42 << 497 */
-    { { 0x7fecf0a771bdf609L,0x3c77f17427388d48L,0xd8a52ea544c38321L,
-        0x5132ddff7ff0262eL,0xdd5b822ebe8e4bcdL,0x2e4ab4a7c6632ea0L,
-        0x58056a95d5597f97L,0x99b300e1b6f7252fL,0x000000000000005bL },
-      { 0x2bb664009a2f2222L,0xe57e826211c55fc9L,0xd9b16efe6529c0aaL,
-        0x2d86e6845811abd9L,0xcaf181305148e5ecL,0xc049a71a5bdfb7b4L,
-        0xa11cd09454df8687L,0xd598e94d69b7f051L,0x00000000000000b7L } },
-    /* 43 << 497 */
-    { { 0x74d7cb89a20d45d0L,0x88bcd5d4b12515adL,0x1faeb941f345ea8dL,
-        0x999006026ef7c319L,0xdeec886fb57ca7e1L,0x8db761df7067b2d9L,
-        0xb2e6ae1ab260579cL,0x64e68265cb5a69eaL,0x00000000000001c7L },
-      { 0x6f3bb54959212b50L,0x821d528591a39e68L,0x1e218e8723df1378L,
-        0xc9ea11eed526496cL,0xca9a1e7dcd9e2d41L,0x3204aad9b1d36251L,
-        0x99e0255efb37b606L,0xd1284e4d5a48ed5dL,0x0000000000000191L } },
-    /* 44 << 497 */
-    { { 0xf1c9da6a27ad2ec5L,0xfd11d5bedb7fb650L,0xa0ed1c2d92df8304L,
-        0x5b74a2fff7e7e732L,0x6cc6fae21e467b7dL,0x8f630f200311f271L,
-        0xcfeaa597c30da635L,0xeef29453958354c7L,0x000000000000014fL },
-      { 0xb228c7be4e6c4c35L,0x4f8071a6ec861995L,0xec449886cad11591L,
-        0x521916a7d12c188fL,0xfe72b9341387b0bcL,0x5c68a3203b91d2aeL,
-        0xf5726b473e702af5L,0x07251e98f461f30bL,0x00000000000000a9L } },
-    /* 45 << 497 */
-    { { 0x535fb2d6ca7b48ceL,0x002b9584f7d6cc4fL,0x52f45ad33a95248cL,
-        0x7501b7a02ea66d7eL,0x9feb38ab7345a8acL,0x4a90561945016598L,
-        0x1e0b2082228eb380L,0xcfacf4979a84068fL,0x0000000000000148L },
-      { 0xe41b7cb46b84c609L,0x8acb9f4520274dcdL,0xa965f88974d7d8a1L,
-        0x9143c0be2ea1e86dL,0x8efcc7e8ec08a1b0L,0xa10dceafa60bea94L,
-        0x38a2118b077b69f8L,0x9f3b1129ec56b981L,0x000000000000009bL } },
-    /* 46 << 497 */
-    { { 0xcc62a4fd61016fa8L,0x34ba576fbcf14171L,0x4f276a77b50a1ac1L,
-        0x55b7c1f3dbf3ec85L,0xddf585ff68176817L,0x09f83a7f463b7850L,
-        0x23001f87d980c554L,0xd119b8c6d12ea1f6L,0x000000000000015bL },
-      { 0x3ca9eef95c1b985dL,0x11c46468ec7fa0d8L,0xc91bf9bb7b7e67e5L,
-        0x2f745795894a4c24L,0xe927075a2d6f2a3cL,0x16334965df569634L,
-        0x95e8b1156cf5f8d2L,0xb1498e3675502a1cL,0x0000000000000147L } },
-    /* 47 << 497 */
-    { { 0x8bbde2c84b59597aL,0x2cf819ee0ecf18f3L,0x98960e16463a1dd5L,
-        0x69ac53598837c406L,0x375c963416a0917bL,0x5688d330d9b9a5b7L,
-        0xc204410d1cbcef2cL,0xaa89d49bc57e3a50L,0x00000000000001c4L },
-      { 0x314671e4520b4cddL,0xae039a6c4844a7f3L,0x8504d47e7244c720L,
-        0x23761b887653a33bL,0xa019334b492e2ce9L,0x238325d889d81fd3L,
-        0xab0d048b2a6d5e42L,0xa279aee301f953d3L,0x0000000000000143L } },
-    /* 48 << 497 */
-    { { 0x00a2ad7eaafd5467L,0xa8290d94f9741f30L,0x6173f2e7a3d3adc7L,
-        0x0ad6ab5468875a74L,0x48e49f0324328133L,0x2d2d704a19e27e19L,
-        0x3bd63d36de1ed374L,0xdebc4384c0ac7774L,0x0000000000000195L },
-      { 0xeabafce86fd61140L,0xef8c38af22938df5L,0x407c6d243c98d287L,
-        0x75bc698685564dd7L,0x240a470c4c9d6c14L,0x9cdc41ff8aeca79eL,
-        0xcf08acaee1dd8f22L,0x2d99cbe50d69225aL,0x00000000000000dfL } },
-    /* 49 << 497 */
-    { { 0xa7c51b21072d7fdeL,0x527140744830f224L,0xf2bcee38e86c8630L,
-        0x2ae48a3607a11ce1L,0x5d88a9a479f6305bL,0xe2cc312d9e125713L,
-        0x90af98b3735bbaaeL,0xf5c2758b2a9a7a92L,0x000000000000008dL },
-      { 0xd0b7dcbbca0b4267L,0x462becdeb843a792L,0x5f0837cabbfd7278L,
-        0x4033b03b9db29327L,0x19050f0d9a038b59L,0x920cf7fbbcad1171L,
-        0x2b588f590ae5890fL,0xa0d6a15e8c69264dL,0x000000000000006eL } },
-    /* 50 << 497 */
-    { { 0x256d92b449692cd8L,0x16f7806ac8753022L,0xdfc975c9ad8910a9L,
-        0x291e020a38d4c11eL,0xa2bf3aafcd6bc9dfL,0x93188d8b6859ced2L,
-        0xf9a0f5634267273aL,0x1f02826bd0aca382L,0x0000000000000037L },
-      { 0x7d4e7d11495e0018L,0x69a51736af7093d8L,0x9cb0839c29b16fecL,
-        0x2bd6421bed5e6623L,0x29fb37de288b50d3L,0x046755a28942d297L,
-        0x7b68173a922a5964L,0x13ae2a14617887a4L,0x00000000000000ffL } },
-    /* 51 << 497 */
-    { { 0x37f2f1bd1008aa59L,0xebbe4ee8d7877405L,0x6534b8205e1dfa69L,
-        0xffd83302ab461e03L,0x220833bf46370ac6L,0x0c809ad6ed94ac0fL,
-        0xe9b985e776abecf9L,0xcb9f63a464052dd1L,0x000000000000008aL },
-      { 0x16a0502cc177e4f5L,0xb2021209c8a5268eL,0x89d764aeccb9dc38L,
-        0xc0971fe940f39ed6L,0x1692bb66210ff610L,0x7c43540c6b860ad0L,
-        0xc27a870f92c90811L,0x0af5c7b08874ba9aL,0x000000000000000bL } },
-    /* 52 << 497 */
-    { { 0x0c160909c0fddb5bL,0x20b497a4723ded94L,0x5798938ff2559f5fL,
-        0x1f08e0b26fd8f7c6L,0x91734f0ea9ea8a83L,0x190d5cd5fd9ec96fL,
-        0x0039942a156842a1L,0xf2dd3eeb57f5b843L,0x00000000000001ddL },
-      { 0x8fbf191fc432fde3L,0xccc105d79b2e7247L,0x13e19408d412c84dL,
-        0xd109e1b8955eb313L,0x32248ed7d485a078L,0x6f869288f7d20534L,
-        0x16335bb41aadb56dL,0x156ee1e9c93ea83bL,0x0000000000000079L } },
-    /* 53 << 497 */
-    { { 0x6b27600514d5cf52L,0x26d3dd2557bf242dL,0xfcb2ad25e77b65aeL,
-        0xa2696c484496d9d8L,0x40fb884bbed1711aL,0x5ab56199af6676e3L,
-        0x3489a42d1d50bc5dL,0x267f4b1a5dd94b04L,0x000000000000000dL },
-      { 0xd0cb67206cd4c268L,0x7a304e3241bd7e32L,0xe9e0393e3385b3b0L,
-        0xc5af909585f2bf82L,0x5e6518cd54b9fa71L,0xb0a424955fea5182L,
-        0x51454d1a5db5447cL,0x78d932d27470d4e9L,0x000000000000013bL } },
-    /* 54 << 497 */
-    { { 0x4fa2b894e601946aL,0x7fe34aecc58937c0L,0x0ece9764fb14315bL,
-        0xe99a9966ad9c094cL,0x1b6c9df4c2636283L,0xab8675e311af1698L,
-        0x5089ae244644775fL,0xf61c9b6ad97a729eL,0x0000000000000146L },
-      { 0x9708305696c187d2L,0xce73fe18ef43b92fL,0x9430722d10aa21e7L,
-        0xe6678192d9d6566fL,0x20774c5d8c1b282dL,0x18d835b6a31caaa9L,
-        0x5f0210647dc2591cL,0xe78685554b424eeaL,0x00000000000000c8L } },
-    /* 55 << 497 */
-    { { 0x5af375ed01d68e46L,0xaa1a3ae3693092efL,0x0fb33f563388045dL,
-        0xe142b8de023fbb2fL,0x20abf7183d17e8a8L,0xbe65e5a0c20f91fbL,
-        0x387c242d053bc18cL,0x7aeef64a0e658156L,0x000000000000014fL },
-      { 0x8f4db305913dcd07L,0xdb17ccfdc527b72cL,0x5cb063552d09ad07L,
-        0x9af5f2abf21ac13fL,0x76960c0cb12dfa2dL,0x0091281b7edbfb4cL,
-        0xe6bb97f288dbd682L,0xfb0ec5e6d6444d47L,0x000000000000012cL } },
-    /* 56 << 497 */
-    { { 0xcd2cdd2e734c5662L,0x086508dd52fcd5a2L,0xd1789e1f65545779L,
-        0xa3e5a37a3ebf0e2eL,0xa648b51121f33614L,0xc1b816d4000154beL,
-        0x7d9c4292a8f82a71L,0xf0f81cb86f43867bL,0x000000000000001bL },
-      { 0x1fe1f9962b51c7d5L,0x5c77e78006a54f1cL,0x79dc60e2dcfa901bL,
-        0x2c548507bbd1244eL,0x59cce9c315ca7601L,0x2ec825718f106b96L,
-        0xc1ebcf8df5dc4e24L,0xb785ee5f1448c529L,0x00000000000000d5L } },
-    /* 57 << 497 */
-    { { 0x3bf38b30bdd410d9L,0x1418a30dfbac23c4L,0x9bd796936f78ea59L,
-        0xc439273c741242f5L,0xb82a4e2943963c86L,0x7da09c8b0c12438dL,
-        0xc4f95cbc28340db6L,0xb5d5f1b32ee06cc3L,0x00000000000000c3L },
-      { 0x68715c7d4916e9f8L,0x762df94538b674f1L,0xd2cd99ba52df5f98L,
-        0xbdc945e1a4ed2f3dL,0x2470084a3226802cL,0xf2198726336db006L,
-        0x281c597cb7580370L,0x152de2640a85f991L,0x0000000000000076L } },
-    /* 58 << 497 */
-    { { 0x6a2a065186b12001L,0x85e1b44db31c50f1L,0xb529629443af7c4bL,
-        0xb17bcd8ff5f5d300L,0x886b618135999ea7L,0x1e7b5f91221fab4dL,
-        0x5e542fe3e0933741L,0x8480aafe1c2cf270L,0x000000000000014cL },
-      { 0xd0d34bb30eb3e31aL,0xdba2b2f352cefa30L,0xdccdf0c8be98f160L,
-        0x06a9e3f7c6700364L,0x751a1bf37b35ae43L,0xef2b6388718b6c06L,
-        0xcae98c2a20384ab3L,0x6d888903192eea76L,0x0000000000000017L } },
-    /* 59 << 497 */
-    { { 0xdaed4f22f9c98384L,0x54a1d279de9d7aa7L,0xdad853c369e40ef9L,
-        0xed2d7bcc72c325b2L,0xd4917c6ccac877c1L,0x8b1ab23c20238c1eL,
-        0x82238d3d304f3c1bL,0x0c40a679c838bc69L,0x00000000000000d9L },
-      { 0xd8c865944347dc9fL,0x7b5ec837488b47f6L,0x4e13c2451871b524L,
-        0xfcc994a13ab456ebL,0x25d937b72a177a59L,0x149f53800e48d935L,
-        0x27a91603d014aa99L,0x0da2ba0f7132ac64L,0x00000000000001b8L } },
-    /* 60 << 497 */
-    { { 0x0e040aa82121e195L,0xc5c6b8ebe60295fbL,0x6373b8e834e041adL,
-        0xee6f882377096ac9L,0x9725bc9eb85d2c70L,0x72adf47e6c4bc9e7L,
-        0xd4927a8002819598L,0x6888aba6a37d446bL,0x00000000000001dbL },
-      { 0x06bf993746fc5462L,0x301d1031e41eaeb5L,0xf7db3c5128914430L,
-        0x0fcdd9a2b00293b3L,0xb2cbbcf0a1adf14fL,0xc5da67fe89c9b883L,
-        0x2f06cac6303fb018L,0x3b56905f892a426eL,0x00000000000001e6L } },
-    /* 61 << 497 */
-    { { 0x7351dfd061af0e72L,0x8c0280a7c4ce075fL,0xdc7bcf53d2b4d750L,
-        0x302914d4a13c3af3L,0xad93d8e6eb3856e3L,0xac0833fd710879ddL,
-        0xa18ecda6b53eade5L,0x8857fc9d4a68e884L,0x00000000000001b7L },
-      { 0xcf85f1cdaa81a0ddL,0x115857a3492a9569L,0x44815c1fd4e35cd7L,
-        0x00ea5f0f3910e239L,0x526bf994ab96b0ceL,0x73e9c0578a5314e2L,
-        0xa77a5d00a17ebb49L,0xfaa340bba606f00cL,0x0000000000000032L } },
-    /* 62 << 497 */
-    { { 0xecd039c8b79b0b50L,0x3e979b0d7669260dL,0x9f4a0105a2946901L,
-        0x9108708a15e67e45L,0x947bb04c64fd7c28L,0xa5575a2d0b583d41L,
-        0x8e63253dd6b1f55fL,0xa61f3c5f117fc622L,0x000000000000013bL },
-      { 0x499d5c08dca3362cL,0x1e6712a4655bc057L,0xcee49de8531b83bcL,
-        0x26be0a09a3cce725L,0xe3a9b79f0de01b60L,0xcd70dd0de7e3f04fL,
-        0xd7d6cb72b1a3e8aaL,0x9eef0dc3addcaaf9L,0x00000000000001e9L } },
-    /* 63 << 497 */
-    { { 0xc272ae2e41f1a555L,0x60d289f28ec78c74L,0xec1ec46cc2733581L,
-        0x9b5e503e1072df26L,0x20ef9df8dd04b6c1L,0x3f912a7e098645abL,
-        0xaa73fe18f541328cL,0x15319a5c09b4185cL,0x0000000000000031L },
-      { 0x0ed3c388229ef248L,0x73fd903ccc1aac19L,0x4fd6dab3c863e1efL,
-        0x9dd6b78894ceda3bL,0x8056b1eaf09fc3c1L,0x4c69a9ca6985a660L,
-        0x7054de2ef0c22c86L,0x6ab6c43a9688cf95L,0x00000000000001a7L } },
-    /* 64 << 497 */
-    { { 0xbf2b204cdb0e34f0L,0x177ee402b55297cfL,0x1008722a0905589dL,
-        0x92be4754965ef825L,0x4ce902bdeeef76a6L,0x55b910714f318009L,
-        0x96beae611484b98fL,0x5d84b61535b88659L,0x000000000000015aL },
-      { 0x43c74ce31d78d96aL,0x131fbc58a17753baL,0x4e430af6dc789aacL,
-        0x31f38805e9af4951L,0x834de4aaa61cbb24L,0x8437617ef678c74aL,
-        0x411e5009e030372eL,0xbe15903ca2047bcfL,0x000000000000001aL } },
-    /* 0 << 504 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 504 */
-    { { 0xfc5ba8d59da7bb54L,0x29f3e817a7c7fbcbL,0x31a34412a40ad3fcL,
-        0xe17b93692d1711b0L,0x41c7bc1716ee6505L,0x5feecffd3d1db8caL,
-        0xcbb9337802f9e04eL,0xaeb67b8b091db41eL,0x0000000000000187L },
-      { 0x611fe09d4c695615L,0x087334f6323b6dccL,0xf7bd51bbd53bcfdcL,
-        0x98ab5c925a8bcdb4L,0xe7e9d273cccd6f6aL,0x2582b21924b4a3eaL,
-        0xf8fea0e3f22c4405L,0x42c0f700d3e5a701L,0x000000000000006dL } },
-    /* 2 << 504 */
-    { { 0xe9f67439cf6368a6L,0xf570101a4c1c8628L,0xf3cce189c652a95dL,
-        0x85a1af6b75cedbf5L,0x8b7f513d68d0ffbcL,0xc71778fb136394beL,
-        0xd0e7f981d99c9f74L,0x6a4ae0f46471443bL,0x000000000000018eL },
-      { 0x702bf6631f3f2c6dL,0xc1233cdecedad859L,0xa8ea4a8398c674eaL,
-        0x338b3334f3c423c5L,0xbea2bbf7dc103dc3L,0xd49c4a620fbd8a4cL,
-        0xa73566de57b93da1L,0x0ad24597f56838b4L,0x0000000000000127L } },
-    /* 3 << 504 */
-    { { 0x38e5b06f76f468b8L,0xeab47690c79fa86dL,0x990e59de6ef8cd4aL,
-        0x826c78e86884d059L,0x951732fe341b20f7L,0xf249fae4449ddae6L,
-        0x32c4b1e5a30a08afL,0x79fb2cab15be777bL,0x0000000000000027L },
-      { 0x1c65411bc3f609d4L,0x4a8ec1376194fa7eL,0x025dd9caa41c5f89L,
-        0x878f8d01e9d5aa4bL,0x34c9e12e0f364d3bL,0x5f4403d0344cf712L,
-        0xe66bb7825bea60c3L,0x4dc50e44d40e673aL,0x0000000000000125L } },
-    /* 4 << 504 */
-    { { 0x104e0c37f8cb0cdfL,0xba344bc4b934f03fL,0xf963fc250a5aa9d6L,
-        0x8bbf6e9e662e69cbL,0x5b9945c916fca9b1L,0x6805abd3682c739fL,
-        0x3d1ee371c3f18432L,0x4708b55c05e69189L,0x00000000000001e8L },
-      { 0x9682d9d3143ec89cL,0x519a8b7ab2b5914fL,0x7fb197f1fa9d63c6L,
-        0x6c4d61eed19fd1d8L,0x3a2a488ed637793dL,0x1dbb1b1a1ffc620dL,
-        0x66eab0524b551244L,0x290e50fd434c6cc1L,0x00000000000000cfL } },
-    /* 5 << 504 */
-    { { 0x4515da106221c6f8L,0xbf5fd8e5bd34caf6L,0x9174ad19c7a869a1L,
-        0x3e327c1357152ef1L,0x58656b31222cbbe4L,0x111892141c4191efL,
-        0xa5e5ad3eb7143ec8L,0xe0646afa4536e2fdL,0x00000000000000e9L },
-      { 0xb13d24486d16bae5L,0x42431b34af57b380L,0xcafe41015e097fd6L,
-        0x5f794cd6e5b0937fL,0x4de1813d55270a50L,0xca0a5c09b660bc2bL,
-        0x08f20f6b76579886L,0x21268e682ada1c30L,0x00000000000000b1L } },
-    /* 6 << 504 */
-    { { 0x9793778b98c439d0L,0x79788f592af8ce86L,0xc1520a86146d0c4fL,
-        0x541063da596b5b59L,0x47823a1e9eba6471L,0x7f66a3891d23923fL,
-        0x4b23c930452ecbdbL,0x40c7d3dde30657beL,0x00000000000000f0L },
-      { 0xb63d974a77d535c7L,0x2e16ac32ca31932fL,0x68da3cd12b8664b1L,
-        0xc895a61fcee5478dL,0x34bbac9042c0ac31L,0x5cdbd70da3267f5eL,
-        0x8b4d75beb4a7ae31L,0x1555caf3f43c9c86L,0x0000000000000039L } },
-    /* 7 << 504 */
-    { { 0x50714fb3c0d037f7L,0x071bfa5b8c050618L,0x7f1798269d15e2f1L,
-        0x2081039729e730faL,0x7948c181b45794d1L,0xc8fbdee3171227acL,
-        0x1faa467045da4e9cL,0x565405c00d3fe74bL,0x000000000000007cL },
-      { 0x353fc94a3f42236aL,0x684a11c27bc40d6cL,0x182ca3af52826e75L,
-        0x7b24ecccd4058f7fL,0x6cadb9ba82386f7bL,0xeebcdeb53567d0eaL,
-        0x904fd55c1e8c8ce2L,0x43fd20db6b578b37L,0x00000000000000a5L } },
-    /* 8 << 504 */
-    { { 0x842e5742310be81bL,0x9cd6a5ac815531f2L,0x1c8179b837f9f02fL,
-        0x009cfa294fac713bL,0x091f5101d2aa2c79L,0x70360695ef9256c6L,
-        0xd8d52d11fad0a22aL,0xf395fef240ff5ee7L,0x00000000000001abL },
-      { 0xfbd0e2d746cccde9L,0x8e8a81f7f8d82fe8L,0x63bb8ce1c0766bf2L,
-        0x917ba75ac70e96e5L,0x2baf9fa493d4d0feL,0xa203f382c28324d4L,
-        0x36385f59b1b2c7d3L,0x746bce122c80ee37L,0x00000000000001e1L } },
-    /* 9 << 504 */
-    { { 0xec99f07e8b313476L,0x9856c5b352530de1L,0x08ca437cf2693956L,
-        0x990f6a868f4122aaL,0xa36c9d84d76bb2abL,0x6004fbbf1e657ef9L,
-        0x6c64f52f4108d873L,0xe3e589a670224f93L,0x00000000000001a4L },
-      { 0xae219487d6132691L,0xb26711505bb911e5L,0xcdd0bc5f15177196L,
-        0xb093aae02605fd89L,0x26d1c416c319a26eL,0xe8916e3d6ef59cb6L,
-        0xb05a13d56e79807dL,0x8a178214c039cd95L,0x00000000000000b6L } },
-    /* 10 << 504 */
-    { { 0x7282c91615fead87L,0xbc1aaf596565472fL,0x5a7bbfc458b387f5L,
-        0x665eb3b16defa8e5L,0x1944cfc86da1ca94L,0x41aaff4d2a2de565L,
-        0x4497cdbab7311f8cL,0x129ecc29f2264d67L,0x00000000000000e5L },
-      { 0xa0e20df230229efbL,0x7c4e6966bf174745L,0xe96f0ab07c0177fcL,
-        0x221d8cb684fd2c4fL,0xccf21ec330689b70L,0xd7daa585f24cf84cL,
-        0xccc2582b438b0f34L,0x6940385ed02cce0bL,0x000000000000011fL } },
-    /* 11 << 504 */
-    { { 0x6e985fdcf7286539L,0xbf44ae0526699adfL,0xbfe83f9d751da127L,
-        0x7df2f5c0d22871d2L,0x61a184da09f210a7L,0x69b4001a9e56e9bcL,
-        0x3f48dc50f5801782L,0x114fb0a2e0bc2f08L,0x000000000000002bL },
-      { 0x44eb8f92011d6de8L,0x3e0fe24320df8124L,0x494b83e071b8153aL,
-        0x6b50c1e31cbc91e6L,0x260d1694b8f14373L,0xf12e1b9298782cd5L,
-        0xb8bc2afe7211a9deL,0x3604c2396ebbad8bL,0x0000000000000123L } },
-    /* 12 << 504 */
-    { { 0x5f9a4772e44f4ddbL,0xff089398a0479feeL,0xc7984a9a309c362dL,
-        0xc8858f6c2ecf134dL,0xfc9c56401a56d029L,0xd77e773207b47628L,
-        0x36bb84d6d5d61144L,0x8d6e8e0df628bb09L,0x0000000000000171L },
-      { 0xfd69c84a1b585b76L,0x2fe3fc195bfe6558L,0x9365c43c978729f7L,
-        0x3bea9b49b368b24aL,0xb6fef7db69a7b390L,0xc85c1d51848bd710L,
-        0x7b3a49fa90bbc984L,0xd65e2e2d651df377L,0x00000000000001bbL } },
-    /* 13 << 504 */
-    { { 0xe8eaa2b093ee1688L,0xab51392f1bd7b754L,0x70faaf847f0113f0L,
-        0x0b68566cccdfa903L,0xbd54a08c9114d07dL,0x4370af4a2eb3d473L,
-        0x6f5596b430650b8eL,0x1d9d998ebdaeebbbL,0x000000000000009bL },
-      { 0x1e07aab3eb570ca0L,0x6cc5717883d78d65L,0x5c13b03927e07ba1L,
-        0x4a8db7258593acf1L,0xf2fbba8b4560970bL,0xa7ee45fb79fe5510L,
-        0x8defa4ec7df14edaL,0x664e0d14f6249cacL,0x000000000000005aL } },
-    /* 14 << 504 */
-    { { 0xfe6bc737ba913d04L,0x5356a7c0e8d667f3L,0x71d72789c6a981fdL,
-        0x7b33cccc1d45cea8L,0xec69e42ad2f757c8L,0x3e228959a5590d96L,
-        0xc04189aa63be779eL,0x2649054dc984b85aL,0x0000000000000188L },
-      { 0x332af6f228fb3abdL,0xe8de53e45031c4cfL,0x881f78f7363bb9f8L,
-        0xffd28eaa31d76d0fL,0xf618633502723c25L,0xcc4d0074e497dd32L,
-        0x7c24a1c114be4804L,0xfefeea3e5150ca3dL,0x00000000000000b7L } },
-    /* 15 << 504 */
-    { { 0x93d8a6cc1cba39aeL,0xc09391f078b306ebL,0xc50192796bbe7209L,
-        0xae87581b69c4000fL,0xaaca7f02e29cde0cL,0xf495236787d2f7b9L,
-        0x831f4d68d01d00d5L,0x17c135acbae32d64L,0x000000000000002aL },
-      { 0xe83e6bbefa7a973eL,0xaa3d68978ed040daL,0xb2915bb0b7726a22L,
-        0x84c84815c39a8a47L,0x42fb407eb29908b3L,0x9a5be91841b90531L,
-        0xd534b5ce6025ec50L,0x56f74c30bd08106dL,0x00000000000000acL } },
-    /* 16 << 504 */
-    { { 0x312dc896a3a2be76L,0x9e77c0c361da109bL,0xb1c5379dbf0993beL,
-        0x9272b9e8b7bcc4ddL,0x5437f62509337d54L,0x5c897a61cf735302L,
-        0x368e21ca002db288L,0x33197cc1184aee4aL,0x00000000000001afL },
-      { 0x76ec7312e5c35f69L,0x6832a65ac07874d4L,0x398dab5ac121e8c9L,
-        0xf88aa2c897b47c38L,0xfc77e1c007678cf3L,0x7327a90f345a9b89L,
-        0x267417a049240b3eL,0x3aa3ea97e3912921L,0x0000000000000116L } },
-    /* 17 << 504 */
-    { { 0x16517bb959607b44L,0x58608704772ed61bL,0x32fef9718443087dL,
-        0x9f12aefdc264831eL,0x2c40d8ec3f264eaeL,0x958ef2e1822e53fdL,
-        0xb4538e5fa48195deL,0x5af48f9e914ed410L,0x000000000000019dL },
-      { 0x6495c1c2ac7152deL,0xd4f608df5b546ddeL,0x91ae22e465f6c27dL,
-        0xf35827bfd2b14d0fL,0xdd6bb7ba3ef928d6L,0xcdb8ffc3fe3f1e15L,
-        0x7d86649006bf8de0L,0x23bccaed54c4f18bL,0x00000000000000faL } },
-    /* 18 << 504 */
-    { { 0x34a26ac92efd1575L,0xd3cdf9b63ddc81daL,0x54f503deb2b82effL,
-        0x76470a9ae9dd4f78L,0x4cdda269f255e55fL,0x4a41053e48c647ffL,
-        0x2034a1a932ab5322L,0xad82c6c2573c0345L,0x0000000000000083L },
-      { 0x9bb0cb5cc498d833L,0x7593917eee4055e6L,0xe3d6061ad2555ed9L,
-        0x16a5ed5c5fedc448L,0x6ce815f86f54029dL,0x844b1cb950a4ef2dL,
-        0x80f5a634cd8ee69fL,0x94429987738e45afL,0x000000000000009aL } },
-    /* 19 << 504 */
-    { { 0x6b26293c55373725L,0x44d86d44d9b7d4d2L,0x63bb25dd8c19dcdfL,
-        0xed80dfdf15e7ee04L,0x0d41bb216778dd90L,0x2247af2ff3835136L,
-        0x4661b4c1c2b2770dL,0x97c716acebf37b12L,0x00000000000000ffL },
-      { 0xbce5ea8d1257f979L,0xef5854b4cc612fabL,0x484669d15cf5f330L,
-        0x036ff03ac916d5c7L,0x199255965a0316e8L,0x527fa32eef2b4e43L,
-        0x35b5691a24cc4432L,0xbc3f392ba525aa00L,0x00000000000000e9L } },
-    /* 20 << 504 */
-    { { 0x6be6e36a4e67687dL,0x769be7472011695bL,0x7874176fbdc16d7dL,
-        0xe1d4d7112ecfd4d9L,0xcf6d7df697d9c412L,0x55f8bd12161eeafeL,
-        0x2771d1072a331bceL,0x8f5e36f2560bc2d8L,0x00000000000001edL },
-      { 0xda8a3b0ae614739aL,0x5a6beb773bbf6fa2L,0x9998ec8de200b58bL,
-        0x35b43df935407009L,0xe1417a07ede69a33L,0x655b564015528691L,
-        0xe358cd067124064aL,0xf9274d0801093150L,0x0000000000000165L } },
-    /* 21 << 504 */
-    { { 0x0833c14b828446b5L,0xb5eb590f3df9e196L,0x1ecd9d2eaa99ebc2L,
-        0xf09914d0f3d5ee35L,0xed839373970b266fL,0x47cdf5303cbbe599L,
-        0x53aae86c3c9d6be5L,0x48397114d01a4f2fL,0x00000000000000bbL },
-      { 0x49a7d8895bd1e0edL,0x7529cb4958c666c4L,0x93dd25d1d5ede656L,
-        0x6e221d6536276585L,0xcd09546ffa0d3db0L,0x4d4eaa62fe48abeaL,
-        0xf0ec27945bc60c2aL,0x2955763602052899L,0x00000000000000adL } },
-    /* 22 << 504 */
-    { { 0xea3bdb8c7886dba1L,0x59aa2a6c8d15be37L,0x17527731f8bc12e3L,
-        0xd61af3db387439e9L,0xc21f6203738ae818L,0x13d3ed72d0333648L,
-        0xcec655779c9e07c4L,0x58d6b0692a992bddL,0x000000000000006dL },
-      { 0x81abbd9c660424f8L,0x38d2ee2d29992dd6L,0x483a59bbe9f85330L,
-        0x5efa6313f18f1b3dL,0x93a79facf698990dL,0xf9ed5f5b3c66a3e5L,
-        0x99a61ee05582b82dL,0x5630acce3ba9602dL,0x00000000000000c8L } },
-    /* 23 << 504 */
-    { { 0x6711c3b83bc0738bL,0x1a48588a747bb955L,0x64cd7a5d64fa3ea8L,
-        0xd63b165af7ac67e6L,0x019bad5ab2a7d054L,0x13d53c68a775a2bbL,
-        0xac13f9da74aab4e2L,0xbe3d79dd84f166f0L,0x00000000000001a1L },
-      { 0x5d591f141d79ec2aL,0x310a04bcf86e3b5eL,0x3219ccae81f9ba7fL,
-        0x3058a5646f69a5d8L,0xba6d658a17b969ebL,0x04d9596f48efab07L,
-        0x47608a070cf8472aL,0x443c8a3f122ffa4aL,0x00000000000001b6L } },
-    /* 24 << 504 */
-    { { 0x372fa55f96c43863L,0x7395007ecbdc87d3L,0x77261a297e9a1418L,
-        0x9009f7081fe5569dL,0x43644eecf3186f12L,0xab5348754d413313L,
-        0x7d795ade94cdd269L,0xb9c7bcce390cb5baL,0x0000000000000061L },
-      { 0x70e879398b2a76c7L,0xcf9a990b4d0a94d8L,0xd8bf89e734eb7c11L,
-        0xe2b79ff8f33be326L,0x62f7f2e73ccd3327L,0x6e64a25cb871bc98L,
-        0x0fd70684f42448dbL,0x162769cc7f3e6d46L,0x0000000000000098L } },
-    /* 25 << 504 */
-    { { 0x929dec7dda33404cL,0x68dd0e8c9b6afedeL,0x610dbd629e32f8aaL,
-        0xad0a251f30192ce9L,0x6b9aeb4328e01611L,0x9c984eecb9d4a292L,
-        0xb53bec5485ebd1a3L,0x765ae5798458714eL,0x0000000000000116L },
-      { 0x622071df31ed5307L,0x38945da1f6fa8116L,0xe1e1d1f3ca229eaaL,
-        0xf8959af5acf489e5L,0x0816a41eb2abe438L,0xb00f3a2e251aa88eL,
-        0x6aae71efe018e553L,0x2cdc74d817357be4L,0x00000000000000aaL } },
-    /* 26 << 504 */
-    { { 0x9767c342cd3915b8L,0x52206babc8b72893L,0xbe65a1ce6c589a4dL,
-        0x69e29cc876ef527bL,0x8d656d54b58e124fL,0x0e645dfdaa0b6624L,
-        0x89808ac8e7f38d9dL,0xed9ea95e458a43ffL,0x000000000000001dL },
-      { 0xbff236387d49f886L,0x20d403d22a2ed0f3L,0x7755c59da90909d0L,
-        0xecd97f616c5555a5L,0x815f269fa6ec5bd8L,0xe2cd2c32d3ec306eL,
-        0xee1816903d1a8ddfL,0x94e7e62fecf72211L,0x0000000000000003L } },
-    /* 27 << 504 */
-    { { 0x5d3d66768d1f4d27L,0x12f0837d7b1cd52eL,0xebc608c48838c280L,
-        0x66689d737564013dL,0xe48e496f630cae1bL,0x8693853fef551190L,
-        0x9db620a86f7855d3L,0x51bc8e485658469dL,0x00000000000000f3L },
-      { 0x55fb173c5ae32677L,0x287c372d09d83dc1L,0x5faea3396768dc7aL,
-        0x3f0b476886a95fa8L,0xfd22197742d617b6L,0xe12ab48537728980L,
-        0x5f458000fecafdc6L,0x86f0eaa95ba83a8eL,0x0000000000000065L } },
-    /* 28 << 504 */
-    { { 0x71f1dfa99806b3cdL,0xed41b6d4f784cfbdL,0x1e803f9dd8f8bb61L,
-        0x4106986517cb357dL,0x2f389dd4d4040c02L,0x27693585e59684b7L,
-        0xfd400b8e04e1c8cdL,0xff53e1e1a9c47d96L,0x0000000000000193L },
-      { 0x358de8b359771fb2L,0x87ec3a6fa7e440eeL,0xde6391d307c30cbeL,
-        0xcf9116cc866e2bc3L,0x293676994011f5caL,0x1303ce2c9f52929fL,
-        0x85e2c0ab4dedfcfeL,0x612d08a650f8610bL,0x00000000000000f3L } },
-    /* 29 << 504 */
-    { { 0xa143f0e16750e3aeL,0xda58596363f7e043L,0xc393fb468a82e2dbL,
-        0x152e78159c18b33aL,0x07690241c322bfd1L,0xb7d34430f9a7c039L,
-        0x30a02eacd91a3b33L,0x0333b1c5fe1f5e15L,0x00000000000001f7L },
-      { 0x892ecd1b3a10dff1L,0xecac73e2d7792032L,0xda8792e443089985L,
-        0xe921f6f77e8b9e6cL,0xad5ca8d078844200L,0xd08b2c0ec4902474L,
-        0xfa5928ee76ecb1c4L,0xa6f32e2284703e74L,0x00000000000001faL } },
-    /* 30 << 504 */
-    { { 0x6b83ceef1e86021fL,0xc4500e85fe4f727aL,0x45a925374e43e89cL,
-        0xf73d7392cc6c3522L,0x3f7d2f0484cbe016L,0x02584521b02203aeL,
-        0x901c127550206becL,0x0c55c247de3580efL,0x0000000000000198L },
-      { 0x7fd8681dba78f98aL,0x5084bad583d1e7a9L,0xd6024a7bf5fed50cL,
-        0x9605ea57ae4b56ddL,0xc2bb29d60451b3e5L,0x339a6c82b1280ec7L,
-        0x5711b1280c3cf155L,0x20308f7a86c613f1L,0x0000000000000188L } },
-    /* 31 << 504 */
-    { { 0xbd43c00d79623d05L,0x8d6020e28c78137aL,0x38c6c2126fb0dd3bL,
-        0x9cdf9293666d2d43L,0x0f0d17dd3331b5daL,0x9e3fc10de29bf866L,
-        0xdc2b1a910c04d32aL,0x94f8f744755315e1L,0x000000000000009aL },
-      { 0x4dce110b54f9068cL,0x2584dfc82e106069L,0xebc73668a694f59eL,
-        0x4610b4b2512ecff4L,0x6afdf6064cd507f0L,0xf7b208d6fda16ccbL,
-        0xfa72234c123b45ceL,0x474e7152c4e7c78cL,0x000000000000016eL } },
-    /* 32 << 504 */
-    { { 0x11771bfc92e6cd70L,0xf5bd487f65c65a34L,0x1b3cb720081b98d1L,
-        0x32485ec4026b378fL,0xe3c71a99529c1313L,0xc85bde7d3526ef07L,
-        0xa85c138b84e3dbebL,0xe6e886afa239b5a7L,0x00000000000000f4L },
-      { 0xf65240a56e2040feL,0x1596f10816af1685L,0x20b38d3eb90b3a9cL,
-        0x81a30feb9c3fdf7aL,0x04031bb33731c3bfL,0xadfe3fb3ad2b6d6eL,
-        0x243b36230fee06e0L,0x2bc6df9225d016e6L,0x0000000000000053L } },
-    /* 33 << 504 */
-    { { 0x6aacd1b33a694c8eL,0xda4292439920facdL,0x8eeaf582b2d8d80bL,
-        0xa03afa0b32a1c52eL,0xab7822fea3b16c64L,0x415e3dfd85cd40a4L,
-        0xba75e4d576958759L,0xec9a95e88e58d2eaL,0x00000000000000a7L },
-      { 0xa096ee7bbebf8902L,0x799d6979afd1460dL,0xd1b8d605ebc51254L,
-        0xb077aa8e1c2cb180L,0xc31759f4f8fd1e58L,0x704f588bdd1bcd8aL,
-        0xc22ab0d67ddf1e1dL,0x8f5d78d3968074beL,0x00000000000001b2L } },
-    /* 34 << 504 */
-    { { 0xc5daabcd932ff166L,0x7f5eea67a8d77d4aL,0x3d6d04eeb62e5ee7L,
-        0x4736983815707ed7L,0x05738964e8183517L,0x3537ccc50255f489L,
-        0x156ef32d9b13c129L,0xc2a62d7eb3002c45L,0x00000000000001a2L },
-      { 0x37e128bda21b49cbL,0xd2bb496ef8dea102L,0xba43bd9cd8814cbfL,
-        0xcc475dfa3707a908L,0xa86675a1ef5c5c74L,0x321544dd25ba90fbL,
-        0x65ebc4bbe77d6fd6L,0xdd5e75955fcf3feaL,0x0000000000000070L } },
-    /* 35 << 504 */
-    { { 0x6c474c2718234b72L,0x3631873d1ba8afc2L,0x4fff947bfc6cd2d0L,
-        0x91a95c6aa6187a12L,0xc18812d51a5161ceL,0xf8182c4728ba5591L,
-        0xfa08a35ae05abb0bL,0x49a5f3a0f3fc003aL,0x000000000000003cL },
-      { 0x1f2fc52f0253b00bL,0xdce041369e3ebd22L,0x6b326cbb0b545102L,
-        0xe06e27cfc2b15e4bL,0x96294d881cb480fdL,0x62add48fc24a99c3L,
-        0x8b5f2549ebbc3afeL,0xf7108acacd6c9533L,0x000000000000011cL } },
-    /* 36 << 504 */
-    { { 0xe928f1ace4606931L,0x2fb928a4fc874afeL,0x87ed3480ac730690L,
-        0x18c8bac63f3b5593L,0x870d817bba8f50c7L,0x37b17f1e1dc4f816L,
-        0x14ac19394828b6d8L,0xb66131579f7594fbL,0x0000000000000055L },
-      { 0x59887289d3e0d261L,0x2e38efc348aee80aL,0x8362fe6d1c19065cL,
-        0x714d078031d57631L,0xd38e42dd96f0ad85L,0x2ba3990c16bb603eL,
-        0xc79e2fcf756396a7L,0x3897420f536c1994L,0x00000000000001ebL } },
-    /* 37 << 504 */
-    { { 0xa7d5782fa86ba30cL,0xfe671190e309d5a5L,0x2b8d391effa437d8L,
-        0xccf1231d4ed20668L,0xcb2e725ba841c8ccL,0x8551c6a6d12c0043L,
-        0x40b6efb484751314L,0x4cd15f5ec044b80eL,0x000000000000004bL },
-      { 0x3d0f897b73ea15ccL,0xa5d6c44dacae986dL,0x82b035b4e098f68bL,
-        0x2e004b3153e48458L,0x4033ced959c997e8L,0x45fb094539c64c7dL,
-        0x244ba9c3d1ac61b4L,0xe05fdc81367bdaafL,0x0000000000000083L } },
-    /* 38 << 504 */
-    { { 0xc7a406be012b5684L,0x1652b7ff5d60f261L,0xc2d4d16178843bc5L,
-        0x3f50380e1a1955bfL,0xb2d8f5d2368f254bL,0x14b0b3f931c0c910L,
-        0x7587bd7a099232e9L,0xf29fea7c7a379369L,0x0000000000000014L },
-      { 0x92c5844ae54bc692L,0x0798175cf2c3171fL,0x177ef51601a94811L,
-        0xe5632d4aaad297a0L,0x7069e9fe58584a58L,0x6eb4de9187428d96L,
-        0x8354ca18d1679a12L,0xd296dc08a7660684L,0x0000000000000025L } },
-    /* 39 << 504 */
-    { { 0x1a42f1615e99315eL,0x84762c55407122fbL,0xc46bc953c8d0f1a5L,
-        0x2523a0261be38aa8L,0x274145a1b36d1ab8L,0xc0d9a5f585c407a8L,
-        0xa8b0e1afd8dfec41L,0x8c5bb30851100703L,0x00000000000000dbL },
-      { 0x843a2657aae55c46L,0xc92b3449d905af3aL,0x6ac9ef1d9775d9ddL,
-        0xf6c822000e3b1212L,0x85f51f8cdce6fe66L,0x5349a598c92594b4L,
-        0x6f61700302270118L,0x70f2c99de38d8200L,0x000000000000006dL } },
-    /* 40 << 504 */
-    { { 0xd636d4c4da43d267L,0xa3b87528e75bbb4aL,0xa60189a1f2246ad7L,
-        0xe8904e536635c4e7L,0xbf1af52d8a2dcd98L,0x7b93a05344fac70aL,
-        0x8bb6fc09d73a81a4L,0x05536fb265f165fbL,0x00000000000000cfL },
-      { 0xe366e5dacb409af6L,0x755696bfff43ee63L,0x3a97d43e3709ed1cL,
-        0x644438f85e58f866L,0xdebd5495e8fe5577L,0x6e84a3b5375bfa1bL,
-        0x987b5dd1202c78b0L,0xfc3e4908b822d808L,0x0000000000000150L } },
-    /* 41 << 504 */
-    { { 0x73ecabcf3acbb512L,0x9533fc1e8997573cL,0x5d5c5e92f163c949L,
-        0x525a58a51ee35ab5L,0xbbd9e4986db9fa29L,0xf3233214954015cdL,
-        0x710635f82ae6ad57L,0xe2dc148513b93e37L,0x00000000000001b6L },
-      { 0x0b972426c062c228L,0xf68356f3c831fedaL,0xdbca88e0294d3418L,
-        0xa0b2ccfb74891390L,0x15a50844452848bcL,0x3d40a30bf020c354L,
-        0x78654b100f743e38L,0x5830b682071e5c54L,0x0000000000000024L } },
-    /* 42 << 504 */
-    { { 0xdc7e268751b64c15L,0xd64e9963851661d3L,0x6dd6e61155c36ceaL,
-        0xc9dda78f95af04eaL,0x0e36204b717529d6L,0x18307d7b1a934b4dL,
-        0x9a2d9ccab18f8a3eL,0xbef73bc2a39cfa59L,0x0000000000000014L },
-      { 0x0ea74fcba1a4ca75L,0xea6233eedca12c9aL,0xd189f92afec9fb84L,
-        0x4b60da2d2d6bc935L,0xec09409fae1a492bL,0x2eaf3c6a96ecef1aL,
-        0xbd5744de79cc9c96L,0x137f9e124b817ef3L,0x00000000000001b5L } },
-    /* 43 << 504 */
-    { { 0x501c4b77a206d5d0L,0xeb9e35026823bdb1L,0x9c630625e12d89b0L,
-        0xe907a0599c9efd7cL,0x2fd286f722eacdd9L,0x6816d3af1bbf7f70L,
-        0xf28d01cd148540fcL,0x494b69af35e1db97L,0x00000000000000b5L },
-      { 0x27a04d983ee774f8L,0x7429986edfe44dc9L,0xe9ced611c5d67f13L,
-        0x3064c8278e8f1883L,0xe355a38fc6690faaL,0x8f46002a56ae4f60L,
-        0x2a02daedda54740cL,0xb7c3b9dad082c12eL,0x0000000000000182L } },
-    /* 44 << 504 */
-    { { 0x0a6349315830d60dL,0xd8eb73b8bbe24eeaL,0x0e5c491d01d78f8fL,
-        0x6a64025fc3741449L,0x3cd080c70e2ed20dL,0x2daabc21d2898b84L,
-        0x66dc0235f4c36524L,0x9327c374780d6ea5L,0x0000000000000180L },
-      { 0x3d37d86133febf4dL,0xc14534786988a93cL,0x3f74774eec0ab171L,
-        0xa3404c1e3cfac694L,0x045db8c32f3b022eL,0x8eabe9f35c01b893L,
-        0x61d83f12a7ed9fa8L,0x99bcee45a35d2628L,0x0000000000000005L } },
-    /* 45 << 504 */
-    { { 0x762ef77032a8e116L,0xd143a6c5fdcb778bL,0xda97c9de66b5309aL,
-        0x30a842f58e90a23eL,0x49c70a68e1a6b687L,0xc075044167230ac7L,
-        0x95a702baf0cd790aL,0x40a23752b7e6f3f6L,0x00000000000000efL },
-      { 0x7ad3f0231b216453L,0x8848cf889478adf8L,0xb59a0b8a73ffc8a6L,
-        0x3890a4b18886ef88L,0x01f563b7721c750aL,0x27200ccef586d6a6L,
-        0x3a00ef84acb996e1L,0xaf308a0d87ae84faL,0x0000000000000082L } },
-    /* 46 << 504 */
-    { { 0xed73a960cecaf2c6L,0xe3e2fc9f72f3e432L,0xe342c3c4b43440a3L,
-        0xcffcd0b38eb23a04L,0x97c0e69ae0230013L,0x8240dd50988f4aa3L,
-        0x450801c0934df0e7L,0x2ae8732d8b5e1134L,0x0000000000000185L },
-      { 0x88e7c72895bdb2feL,0x8b89c3a481110a0aL,0xd5c325dc38403b6dL,
-        0x8c9981cf462fb4caL,0x8d8ee77b4bc4127eL,0x66f0849209dd6dd8L,
-        0xae3c2cf2156f42e3L,0x05a9a2f7624bcdd3L,0x0000000000000188L } },
-    /* 47 << 504 */
-    { { 0x4b2cede9736d1080L,0xf3493b40f7a20cedL,0xd2ae2b575506f48aL,
-        0xbf15b5f1b26852fdL,0xbabf030c296d9bdeL,0xca059522434de93fL,
-        0x05e285648bfbf1f2L,0x6f3025ec7358ef2aL,0x00000000000000f6L },
-      { 0xf58301b7edfb2019L,0x66fd8abe39bc999dL,0xde69e5c9fa32955fL,
-        0xa238f72ae59bc937L,0x895f843786635c79L,0x26699c76bfaf8f08L,
-        0xc17214b9136b91b5L,0x362d2e7465ecc70cL,0x0000000000000113L } },
-    /* 48 << 504 */
-    { { 0x29d30ccfdba3263aL,0x3ddec6f458f319d0L,0x6859be59aa8889deL,
-        0xd21b5a3f37e57788L,0x0bc2f50b8e56e5f0L,0xb76d24e42b8c2b6dL,
-        0xd7b4c5575731d66fL,0x59d33a6e8a0e50a1L,0x00000000000001e3L },
-      { 0x4decdb8e57dc5e0bL,0xe1fd10aed8e33978L,0xbc70d10b17f26c32L,
-        0x15026720a9d2255dL,0x68a1e644fb625ffaL,0xdd3dca9f0b24bb44L,
-        0x3a192d90f8932bc0L,0x0f7120b476268713L,0x00000000000000d5L } },
-    /* 49 << 504 */
-    { { 0x40b536383a312500L,0x3583ad2393dd5ce9L,0x9edc8f2c2a6c32bfL,
-        0x331d9f888a7af41aL,0x8c2e24be679248b8L,0xfaaddcec55d3d6baL,
-        0x5389eeb3d7f4b6f2L,0xcfba884a6dbc261eL,0x000000000000009bL },
-      { 0xd297f9d412c86f42L,0xb1efdde1bf731999L,0x83e2c8ec1c74c90dL,
-        0x25172953e1a86c88L,0xe085e66d3ad7c757L,0x6a4205165f2264acL,
-        0xfec41f5ae94c09d2L,0x7b04d8889fc2520eL,0x00000000000000d3L } },
-    /* 50 << 504 */
-    { { 0x780729c7cc378344L,0x57e5492132481eabL,0xed30489faeff7f7fL,
-        0x915fbf7ce5f1c7e5L,0xa447efaf62b8497eL,0xfa764a3273aa8012L,
-        0xb1a75f1ec5f79a73L,0x904bbface55412abL,0x00000000000000feL },
-      { 0xedf27e0035d70f3dL,0x7403d8160c686661L,0x780f88caf8226941L,
-        0x0f3dba77374750dbL,0x22f036ec463ef54bL,0x05c98a11b4bcd349L,
-        0x0b9c1e1066c6c48cL,0xf97542e3aa4d23d8L,0x00000000000001ddL } },
-    /* 51 << 504 */
-    { { 0x8eb6298bd1c2340fL,0xa69b2a078c93effbL,0xa0fff41717e5cac5L,
-        0x4dbda6416788219cL,0x67ff5f5b77ee2712L,0x798d318757e8c5e9L,
-        0xcac3a4211adcedfaL,0xb77a995db508dd1dL,0x00000000000000ecL },
-      { 0xf5fabda250f13f9eL,0x2d3248164ab98a01L,0xef848f30862ec877L,
-        0xdccc661edb74997aL,0x6f1f9efcccc7a331L,0x03d6e862bc776e7aL,
-        0xd178f910bdea3158L,0xb6608ef07b9f535eL,0x00000000000000c6L } },
-    /* 52 << 504 */
-    { { 0xea95917775247610L,0xc03f4326d5528775L,0x8d46289b5b48a156L,
-        0x9447bc35cdcd8d8eL,0xc5688f26210bbfa1L,0x539bc76734f83af5L,
-        0x371c1bf9804413d9L,0xd38c342187de862eL,0x000000000000001bL },
-      { 0xb2a00040b183085eL,0x43f284af2524738cL,0x361c7e8eb6834e75L,
-        0xfe4ea9ff720b8af1L,0x87c7eac60299f9b7L,0x7f6f668ea0c54c54L,
-        0xe4e14938275b843eL,0xbf786cd0274de49fL,0x000000000000009bL } },
-    /* 53 << 504 */
-    { { 0x7b47c51e6e8c29baL,0xe8b5828112556021L,0x7b9996154cccd41eL,
-        0x80829cb5a6bd4f11L,0x8165e02b4261a0a9L,0x94c3b0b10516943aL,
-        0xb81de83d0a6c224dL,0x91d8d20a87625a2bL,0x00000000000001b6L },
-      { 0x3f36fec901bee5b2L,0x9f393611070292c9L,0xd54c6d895f498ab5L,
-        0x398e1f9042264500L,0xbbfaaf64ca95ca7cL,0x6cd5062414ab92a7L,
-        0x44ac4b76fb688987L,0x7bd8192888a78c22L,0x0000000000000077L } },
-    /* 54 << 504 */
-    { { 0x90ff1fe8d54b0174L,0xb2ebfbb8684f403aL,0x30d99502f405689fL,
-        0xd5ccc821baa34800L,0xdf3b996ca272984bL,0xe27f1378e9d1ef86L,
-        0x0a411e3fadf082d3L,0x54a704968bbf2c2aL,0x00000000000001d7L },
-      { 0x08cd18eaba4c82e3L,0x5487015aafe09e1fL,0x4036ec0feb49e0edL,
-        0xe5c93ba052d7820bL,0x6abbbbf084b8e6c0L,0x9303cf2644072ab0L,
-        0xe680096617b73ea2L,0xd0910a6b92c47ac1L,0x000000000000001dL } },
-    /* 55 << 504 */
-    { { 0x07c321cd72888b9dL,0xffdbfd2032dfac5fL,0x18e938cb5e246911L,
-        0x01e54403d22c20d9L,0x8a61ba0678040df9L,0x29b01d78b68c8c8fL,
-        0x52a16c436254a93bL,0xfe54503959f8cef2L,0x0000000000000133L },
-      { 0x9af34c9a1c33772aL,0x0c558a079c3fbb98L,0x91c66b9709f6ec94L,
-        0xdd67fd474a98dcddL,0xe6e210db396eacafL,0x14b35f752518c8d3L,
-        0x5094c31a411c5a07L,0x80aa1b8a6623c16dL,0x00000000000001bfL } },
-    /* 56 << 504 */
-    { { 0x9aa63d02cdcf2ceaL,0x5723ddf40c02861fL,0xe2642a0fb5f899a2L,
-        0x2066e595ff9a8295L,0x09a1e790cab91b8dL,0x01ce51d5dd4de2dfL,
-        0x661e1d8ba91a7c90L,0xad71031cabcc182aL,0x0000000000000002L },
-      { 0x374339b7290a7058L,0x42e89d09a15f4303L,0x8ec108f35cf10478L,
-        0xc13a2d048f10111eL,0x98a8386ba87259eaL,0x2039e70ef38794edL,
-        0x5d142439e8b922faL,0xf9af7e06caa6f96fL,0x000000000000010aL } },
-    /* 57 << 504 */
-    { { 0x04879dfe6a2ed236L,0x77038ae59d6d8c40L,0x2bd91ed47b88661bL,
-        0x7d66fdd1efec46eaL,0xc25adcbe1c315781L,0xc26b39782b2936f5L,
-        0xe88f1265bd9c530bL,0xdf6dc2bfadd1306eL,0x00000000000000ddL },
-      { 0xb105f92eb6bf1010L,0xff5971d686b2fb4eL,0x57dcbd9c796d21d9L,
-        0xca5e8768c6ca78a2L,0xd45c6f483a77d271L,0x87510561077977e3L,
-        0x50a4d3b1f03a3df7L,0x6d6487051a921d24L,0x00000000000001d8L } },
-    /* 58 << 504 */
-    { { 0xeefdb850013f564dL,0x10005fb12555de7fL,0xa2974fb059b20bc5L,
-        0x12544629137bfcb1L,0x8825f36f940b7f02L,0x628241621e47d20dL,
-        0xcf8c26e06e353253L,0x9abafc166e5e0754L,0x00000000000000b1L },
-      { 0xbde39c9a360d199fL,0x51dbeeca981c811fL,0x221f8008941f52acL,
-        0xf807c3dd0759984aL,0xa8fe7157b30a65e2L,0x4e3a799cd1894cacL,
-        0xf4b935eb2164eb00L,0x6c3792c0bdce96feL,0x0000000000000014L } },
-    /* 59 << 504 */
-    { { 0x1fd42bbda9198a11L,0xacddf8f2753687f0L,0x43d36ae6608ff4a8L,
-        0x216457684c59d30bL,0x93bcac7770397bbdL,0x8e90bc116c01a663L,
-        0x95771938531cc0e4L,0x2075e6e5ba8ec166L,0x0000000000000115L },
-      { 0x06c9883d44df0f72L,0xcba38ada86240567L,0x8b1d6a7a6765cca4L,
-        0xba76644c5013d624L,0x4e1261cb40b8f5fdL,0x0d0f9598c47fbe89L,
-        0x6ab7a704f44977e6L,0xd07aa31acc08c06bL,0x000000000000006aL } },
-    /* 60 << 504 */
-    { { 0x7b8418f213402889L,0xc8b3b1fbffc1d05bL,0xc3746149da384c02L,
-        0x3ea1be4b2491f86eL,0x694ebec1df96386bL,0x16e114752f4f39abL,
-        0xa042cdd70b357d4cL,0xc769a1b67fa71919L,0x0000000000000077L },
-      { 0xa51c483cabd2c768L,0x1cf05c6c7b0db8d0L,0x8ae60ab9eb16bb67L,
-        0xd2d75ed8531d5cd3L,0x5e9c20a46c476eceL,0x794a41fc8209e94fL,
-        0x0da3bd97c01ab9f8L,0x83682c72b3a18c74L,0x000000000000013bL } },
-    /* 61 << 504 */
-    { { 0x6dfdecfaed5deee9L,0x09adb9fae0897b6aL,0x9291b38089b471d0L,
-        0x2f2df6bfd95ba0b4L,0xbc44d08fb5564882L,0x2217b76cda298b3bL,
-        0x3cd6025f972f3b35L,0x9f6daa7db04ed8c2L,0x000000000000005dL },
-      { 0xb08ea52022feb51aL,0x40dde4545059e8f9L,0x47d16db04a9e1b07L,
-        0x47d4d1d19faa1affL,0xcc720686bd48f06dL,0xce3ffd573ce5f368L,
-        0x03789475048a878cL,0x163c7421eb4ac6c4L,0x0000000000000088L } },
-    /* 62 << 504 */
-    { { 0x097575c0b0812157L,0xb6c24f4ccdf6b760L,0x8ae073f297c5e905L,
-        0xfde1488d6ca3a648L,0xb758040f8987147cL,0x6f894fdd869e28f3L,
-        0x123cc1be7110e0c8L,0x039fa2bee9e9a359L,0x000000000000010dL },
-      { 0x92986cb50a63a55cL,0xb7669237de5e1cfdL,0xd6a1c865196de727L,
-        0x10345506215d79beL,0xa398a1557075f3ccL,0x82fdd1af7bfa5d76L,
-        0xe8e47652a81532acL,0xe5a95521bff4cc65L,0x000000000000003eL } },
-    /* 63 << 504 */
-    { { 0x9b578eaff318749eL,0xf68770442b6052c7L,0xb3d507b51cb82483L,
-        0x25504c1ca62c3df6L,0x57caf5be0a74d81eL,0x09fa69a1666c57ecL,
-        0xdf66521cb8e4c36bL,0x02a68a2f0dd04c8eL,0x00000000000000b0L },
-      { 0x928aa60db5b35d53L,0x10e8be306c50bae7L,0x361aaed1f0adf725L,
-        0x01168db479a6b055L,0xb9e4511c0bc87e60L,0xbae0e9bff45879e4L,
-        0xe55823837ab6e8e5L,0x4bcb4072658c5b05L,0x00000000000001dcL } },
-    /* 64 << 504 */
-    { { 0xfa5944257d7d3912L,0x208af690f57dc595L,0xa277e9808287e9a5L,
-        0xfe15c6e2d556fa0bL,0x4b4612ee81a8260cL,0x6e171bd7cda05ab2L,
-        0xc417d3d1de584e28L,0xaff5e9b98eff9ff5L,0x0000000000000188L },
-      { 0xb0700568c6c3151aL,0xccd55dc01f049293L,0x7c6e61ab443d10a0L,
-        0x9c2c964b0a4546a9L,0xf470d97e7fa4474dL,0x378d416f74b749fdL,
-        0xc821766f1d9fea8fL,0x71c9fab02e3d8dd9L,0x0000000000000027L } },
-    /* 0 << 511 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 511 */
-    { { 0xbba0d1f988468571L,0x4b15325d14edf415L,0xba40ad2e5b315437L,
-        0x4cce24b45214deb0L,0x33ccc948f3217ca3L,0xc9a387c88d2d7d56L,
-        0x19c908921569445eL,0x6b925ff0c50a9417L,0x00000000000001afL },
-      { 0x55fcfc767fa33215L,0x2b7b66383e2b25b5L,0xb765a15b602d0860L,
-        0xefdebace1a252b65L,0x8117e367f315947eL,0xbdd3a76a501fa6a2L,
-        0x0f224474f4b0cc16L,0x694e2254515f0dcbL,0x000000000000013eL } },
-    /* 2 << 511 */
-    { { 0x22b8eccb56b092a2L,0x0a47d70e736ea9aaL,0x3eefc772d64a7d08L,
-        0x85408cecbb2e0f14L,0x73047afd285cb70eL,0x1732f01663297a2aL,
-        0x4dfe656a4cf37eacL,0x147d6d66c0ec357bL,0x00000000000000c7L },
-      { 0x1f3e59103c115125L,0x0d2d18fcbfb07241L,0x5d6aa860ba4b009dL,
-        0x8d0d9368806ff8edL,0xcc5ca3701a05c049L,0x7bf21caee9ab4c41L,
-        0x6632c3e0001d5ccaL,0x3a4f99b6b60e5593L,0x0000000000000008L } },
-    /* 3 << 511 */
-    { { 0x67f918a4e83a74c7L,0xb5b93d318aeeb8daL,0x04f033bddf8b5ab2L,
-        0x8625cb2864df3389L,0xeeec07936b2c8470L,0x7af4facc85a3edf6L,
-        0x3c591c09ce38c9fdL,0x56714b52dc84e5aaL,0x000000000000000dL },
-      { 0xa6fa0f8d93455dfcL,0x9436150e130b8d9fL,0xf87d15ea9c4e016cL,
-        0x9845852f510467aaL,0xe512bdcfb63d9a99L,0x820a8b737c6c01ffL,
-        0x30dcf512698b9654L,0x3917e6a8bc52d8e3L,0x0000000000000062L } },
-    /* 4 << 511 */
-    { { 0xaed7666ae6b2853fL,0xa1fc0332be96140bL,0xb99a5dc81c1e38b1L,
-        0x56194675f38c5243L,0x16c6f80e80d38681L,0x1117841314205f46L,
-        0xd2dc67bc6ee03089L,0x5e18245ed3dad965L,0x00000000000001e3L },
-      { 0x389e59cafda7741eL,0xf341d649259e4dcbL,0xec15d27a260b32b0L,
-        0xf3a1a08207640ceaL,0x15ac31456e811313L,0xb9027ce47cf68896L,
-        0xb43e4fd77008a356L,0x541aa5b4640c2c60L,0x00000000000001c3L } },
-    /* 5 << 511 */
-    { { 0x9a29c770d75994f6L,0x324345412f6c1df7L,0x8339d6aef2b285a4L,
-        0x8bb1ff0a6feaab2dL,0x8f9137cbcc3a0a42L,0x19e09b7c1e385985L,
-        0x8ca610ef45e2f771L,0x8482833a4b37ae8fL,0x000000000000003eL },
-      { 0xa305da774a619736L,0x9f3bb1d47475f158L,0x5b30ac0741aa2ff4L,
-        0x19963057a9bfc2f6L,0x89a3d94d1f12dadbL,0xb5da354359d81991L,
-        0xcaa559b88668161fL,0x2cbb1a1af8ddae34L,0x000000000000006cL } },
-    /* 6 << 511 */
-    { { 0x3c32f4e34cb99695L,0x0db56646c1241e0cL,0xa4cea13b28515d66L,
-        0x1c8f63975f3ab5dcL,0xd466a1b34defd3ebL,0xcdbb66b5e6d860d2L,
-        0x26fc2fd5fe87183eL,0x02d81a03d18233a9L,0x00000000000000d2L },
-      { 0xdc570644caa08959L,0x7791cc35cf763c20L,0x3c0dc132272a1068L,
-        0xd7ad702cc8a74578L,0x7689c46eada1d72cL,0xbfc2e06f2b8b4369L,
-        0xde85e36ec0bbd6c4L,0xd879e086f9849084L,0x0000000000000077L } },
-    /* 7 << 511 */
-    { { 0x35702db34e0b5199L,0xbb02636c273c5fdeL,0xf73cabb563fc329fL,
-        0x1a280b288c1addefL,0x4844dcd4422f07d6L,0xdd6851167518acd7L,
-        0x9ff8c1efd2bd73e5L,0x9465a3b26afb5416L,0x0000000000000194L },
-      { 0x1d68a6e413b729ccL,0x10758206a54e8db6L,0x20f8fbba9708de79L,
-        0x1c5eefd2c1abd968L,0x3c7742c2525f1fe4L,0x3175190b2c612f17L,
-        0x4020af7742207e24L,0xde4bed37fa5fa6c2L,0x00000000000001a9L } },
-    /* 8 << 511 */
-    { { 0xef192aeddba16581L,0xff1342112e8db0fdL,0x32551c61bdca8d0dL,
-        0x96e1ff06c55b9aa3L,0xa211b1107e4c635fL,0x2708e5427c4b6b4aL,
-        0x70ff7c3fa6575526L,0xd26e2db636092ec8L,0x00000000000001aeL },
-      { 0x1fafd3c2533251d0L,0x1602462d8a9a439dL,0xc057595a1cc5af27L,
-        0xa27197f3be839c9aL,0x03c1cc4bbfc1318aL,0xb78c7b7f34d0a378L,
-        0x0f9d754e161b4257L,0x8dcf43cbf355d916L,0x0000000000000194L } },
-    /* 9 << 511 */
-    { { 0x9181244f3e0d4347L,0xb189acf795b45d19L,0x8877efde70a55c91L,
-        0x924b0d70c1d9c777L,0x7c3a5a49b703ad70L,0x72c4fad3e44f1b1eL,
-        0xc1efa48525544d96L,0x1f6ee5617af50683L,0x000000000000000eL },
-      { 0x518630dd1fa2e8dcL,0x3507130b38be0359L,0x989190f52993ccfcL,
-        0x793361df738a29bbL,0x44700a46d43eebf6L,0x03622bdca60b214bL,
-        0x956992cddd6703c9L,0xd85935a3d7ee66dcL,0x0000000000000148L } },
-    /* 10 << 511 */
-    { { 0x51df490ddc3577ecL,0x6d8a70e97e28be3eL,0xd87a7ed31de95e73L,
-        0xf97c968da6c7086eL,0xc47b64dc6b4afe00L,0x489f1d988b432676L,
-        0x9f2b7996f72c2153L,0x4acd5ae8f820af70L,0x00000000000001a9L },
-      { 0xa5cc854bd7263fcfL,0x7bd94b2f864febf7L,0xb3def0ff9460c5d4L,
-        0x5f0766b5042d47b5L,0x9e8484f28ae51b32L,0x26ec4ea6f8c729e7L,
-        0xf279d7336c2ad315L,0xb2d22e6edac3e8d0L,0x00000000000000f6L } },
-    /* 11 << 511 */
-    { { 0xc9b6366728cbdea1L,0x6920862b9e8756dcL,0xd522608028c90b04L,
-        0x52f9c421f5bde803L,0xe075ad1141b5ce80L,0x2aeee7e51c04e56dL,
-        0xcc6053a428eb7657L,0xb523d16d4cfcb113L,0x0000000000000041L },
-      { 0x33028ceb6e812f6eL,0x654b5ffcc2cc46ceL,0xc9d28de56f143379L,
-        0x6ce0fd8343a626dbL,0xbcc0a10be9fdcf7eL,0x50b2f0747119a936L,
-        0x91b1782d11f4af5cL,0x7472e053ed0b5481L,0x00000000000001edL } },
-    /* 12 << 511 */
-    { { 0xb2b4d4085967b43cL,0xc660c6c1f35923d2L,0x696d9140a27fde01L,
-        0xfcd766eb259432a9L,0x6831fde1cad2a4e0L,0xa157be88928838eaL,
-        0x4b31c1d6791d2740L,0xf1958bba850a1760L,0x0000000000000085L },
-      { 0x23a6800ed777e0d8L,0x84d2780d71cb04d2L,0x691076f7d7a8f688L,
-        0xcff1a453e2237b7fL,0xb1d9dd8f0a9037d4L,0xface3a31d9199814L,
-        0xff7bfc81da563993L,0xa0f655abc61dd36eL,0x0000000000000111L } },
-    /* 13 << 511 */
-    { { 0x9199785a30677670L,0xc74d3404c0ade42eL,0x8ce0d96b0613519fL,
-        0x3c7c64533e40200cL,0x02cd19101dbe0935L,0x0c37218968cc3a24L,
-        0x51887d02a1588133L,0x33757613c105adcfL,0x0000000000000032L },
-      { 0x74a955d103f1fa25L,0x518b2de6fb22b0d7L,0xfa48229fdfe08961L,
-        0x47df7eebb4cb58d9L,0x5b9c683f4601e92aL,0x4a3a2c3f81d5dfd8L,
-        0x15d6b44f4a5c99edL,0x6646f77e020eb968L,0x00000000000001c5L } },
-    /* 14 << 511 */
-    { { 0x43c5bdf15d73ed9aL,0xe3766738e71c6e7fL,0x625cb8c43947ea97L,
-        0xadf7ccc082241ba7L,0x629f45b307329130L,0x9cfac1748d0c281aL,
-        0x92069e577d14ca06L,0xca121495dc9f83a5L,0x00000000000000cfL },
-      { 0xf4e6da377de97fccL,0xd3a271b7025d39dfL,0xbf2ebfe8389e12eaL,
-        0xf434f29932f184f2L,0xfbc3ccb9366ef539L,0x4e159cdacdef4a8fL,
-        0xc311bd82b0f0bb8eL,0x380b2eb1779669adL,0x00000000000000b8L } },
-    /* 15 << 511 */
-    { { 0xfdaa86c09b3aac40L,0x7dad3911133885d4L,0x09897075e7c6b586L,
-        0x79f816ab78daf275L,0x914786aab75eab7aL,0x7713bfd59584eaa4L,
-        0xa7e01a7440496a4bL,0x165c6601831641c8L,0x000000000000010cL },
-      { 0x73be34b6f05c5a20L,0x7ef7738886b6d280L,0x872cfe9eaa2fc4c6L,
-        0xa56cb3513c57c990L,0x7b533f43964fd18fL,0x036822e86d1c2d7eL,
-        0xf59ffb19ddce594aL,0x823a71fd3d012d0dL,0x00000000000001f3L } },
-    /* 16 << 511 */
-    { { 0x9a0062d31c2df559L,0xc130a85d2d4e9996L,0xb226e6cf370a02f6L,
-        0x3fa94ade7386b10fL,0xddec1e75d4576547L,0x0251109d1dba7f8fL,
-        0x9a3f5313c3a003a9L,0x4742778bab26e65eL,0x0000000000000094L },
-      { 0x828ca5adfb997e14L,0x3826b0be65001ed7L,0x53fb9cd3cfec55a5L,
-        0x53e96d2831a1b7e7L,0xb5cbfde924f2dfb5L,0x3a26a665e944f4a4L,
-        0xd637639834e527b2L,0x709e156dedadf5b8L,0x000000000000018aL } },
-    /* 17 << 511 */
-    { { 0x35cf82a447dc8eecL,0x321037e6a09222b5L,0x27a2eded92b90121L,
-        0x27f5b4de081ba487L,0xc7855daee753515dL,0x4454e808f3591d41L,
-        0xb0b1bac6d009559eL,0x89b3ca825e2e4cd7L,0x00000000000001e9L },
-      { 0xb84d611afe9e0356L,0x1c90bc63e04ffc14L,0xf6a8250546133950L,
-        0x95c570d8599722d8L,0x6bda993379908046L,0xde91eb54417a3742L,
-        0xb87c0e1adedebb29L,0xe1a3b0370fc4207fL,0x0000000000000166L } },
-    /* 18 << 511 */
-    { { 0x412eb9d00d3825aeL,0xed91e11c20b658ebL,0x0da403aee6918918L,
-        0x8ec67ea3b084b920L,0xa213aa3a1f3d3ff2L,0x21dfb5519efc3cadL,
-        0x30ee2a8a19845c68L,0x07b47d281835550aL,0x00000000000000b6L },
-      { 0xb3ef46192657bec2L,0x607d10122cc2c528L,0xa86d31edc07db93eL,
-        0xc07b3da980c25cf2L,0x5c56cd075c83c1f7L,0xf32a98b3a0d7ea59L,
-        0x5f1e6fe10cef77c1L,0xfad8a85ec5b5a9b7L,0x00000000000001d5L } },
-    /* 19 << 511 */
-    { { 0x31a101bb4067b430L,0x5c825d7d1311d821L,0xcd7b3b4589274960L,
-        0x3d1a68f1f9774bd2L,0xb0807f2674397634L,0xa36f44f5f95f9f93L,
-        0x55f6d9fbd1943507L,0x2f86208dec85260fL,0x00000000000001c9L },
-      { 0x3dc94ef8f634d6fdL,0xb924b8297d89b934L,0x2479d0aa6b8f4da3L,
-        0xd6c651f63d5f8200L,0x43215c18aa04ae4aL,0x76dcb5b5408f7727L,
-        0xae66f252907a0f8eL,0xf528e4222387bab1L,0x0000000000000046L } },
-    /* 20 << 511 */
-    { { 0xab146802bc0d4745L,0xf767df8ffe603917L,0x2bbae80c1988e88dL,
-        0x69e9c7e1cfde1857L,0x25a609f58a7c8c60L,0x46bcbd1b57cf84d4L,
-        0x89ae0be245c52763L,0x13482d1d98558305L,0x000000000000003aL },
-      { 0x66ac9ee936a3d944L,0x6822ce1171ec895fL,0x8c5f2551938d1792L,
-        0x7d5157bcdc481d3bL,0x0aab532d63fa5debL,0xad1fb55b99adbfe7L,
-        0x5338d6ca9fcc46deL,0x84b2a63bae3aa998L,0x000000000000018eL } },
-    /* 21 << 511 */
-    { { 0xb2dcb83ac5a10aa8L,0x93a449f901878026L,0x91f2d986f475e7a7L,
-        0xc6a6be5fdd461273L,0x8dcbd0524f0e65daL,0x48d908800b3a8247L,
-        0xd0306f8630fc4481L,0xa4ed5cbd7f05a36aL,0x00000000000001edL },
-      { 0xe6a4688114185d74L,0xd20cfe6e0d17aaa9L,0x48b5ebf4b67cbf53L,
-        0x00ed88d0eca0b0e5L,0xa184ea8a01795a9eL,0x2a26f41a8b1e4ab4L,
-        0x1640fbfcf7e86bf4L,0x49379fd35b08a012L,0x0000000000000160L } },
-    /* 22 << 511 */
-    { { 0x220024890128270fL,0x60df1294574584f3L,0x80da07d1339afaa1L,
-        0x49cb3fb54873bbe5L,0x5e274ce99e32907eL,0x2ab695c69c2bd23bL,
-        0x63a53145084084b6L,0x881ea559b7c43b59L,0x00000000000000faL },
-      { 0x3d9de6ffec7f7938L,0x1b40e323c53223bdL,0x2b6f33785d3fce2bL,
-        0x5a16083f94bf2ff0L,0x4da0ae8fc30458b5L,0x743dfc12f0d0b1c2L,
-        0xffe8b8591863d312L,0x1fcba995114da460L,0x0000000000000065L } },
-    /* 23 << 511 */
-    { { 0x0ef498c2fda0bc58L,0x84f03c51e18d1f4eL,0xada00b832b89b834L,
-        0x2ac43953cbf7d8fdL,0x8a7a37ddec0eba45L,0x24ed7dcfadafee4dL,
-        0x2e900677c0a554d5L,0xc961ce69f179b0c6L,0x00000000000000c5L },
-      { 0x21769ee979d32556L,0x14c417fb317b715dL,0xa2848ec69b034410L,
-        0x651c9465f29126dcL,0x08446de16d88dbd4L,0x3b03622149b26d96L,
-        0x2d9102293b1512a3L,0xc909f04560ab613aL,0x0000000000000032L } },
-    /* 24 << 511 */
-    { { 0x119638ae44d87d78L,0x8980cddeff77f891L,0xb001aa0f2e3c9f32L,
-        0x8cc959d96c93b9a3L,0x3889ddd42516f042L,0x390fb5c1b2d34007L,
-        0xa39b106f093e4a57L,0xcb1856652168bca7L,0x0000000000000015L },
-      { 0x85adb26d33e39fbfL,0x68b6c5946ed3932cL,0x320813886ff4fb12L,
-        0x24b50dda14c7e9f7L,0x3e84edee6eb8db2cL,0x0d0879a304222282L,
-        0xd091b141db79827fL,0x41c1ea1c63d30563L,0x00000000000000c5L } },
-    /* 25 << 511 */
-    { { 0x33b7058ab3cb6db3L,0xe247bc85c826ca4dL,0x430cecac23018f67L,
-        0x2d633897b9e1fe93L,0x93de63d283b8bac6L,0x84deea4de2294567L,
-        0x9116e7bfd9d60cf1L,0x32715396bb9627e7L,0x0000000000000020L },
-      { 0x49452782bbea6240L,0xa0247a9b29a23527L,0x7576093c9e6ad610L,
-        0x3d7cce9ba983807cL,0x3cae59f6e5b737c7L,0xec383fbf5090c8caL,
-        0x3c09262f7fb72ae4L,0x3cd1a9d116ad7cceL,0x00000000000000a7L } },
-    /* 26 << 511 */
-    { { 0x394547b643684ad6L,0x27c93a87a4efc0b7L,0x97914b633832c7ecL,
-        0x89291edd995801b4L,0x1b7e633b9ed8dfb4L,0xa2a21e650cf5637cL,
-        0x4afebef08428be9aL,0x527fc65f42269b08L,0x000000000000011bL },
-      { 0x30099375278302baL,0x0b15cc9a6b1ade38L,0x6b6ad14ea4bb5288L,
-        0xc0dbbe3f6425657eL,0xa611247f7bc91657L,0x0ff0aa026ba54b82L,
-        0xa695a6941a44fa38L,0x7ff5f88e2e491f15L,0x000000000000005fL } },
-    /* 27 << 511 */
-    { { 0x98fbc213d8430bb6L,0x785226503a768732L,0xc44c1313c77b0847L,
-        0x61de63d2a21a8f5cL,0xc57d7ad64ee27d3cL,0x0d70a8414f19405fL,
-        0x696647aa7f6721ecL,0x067d6891c409e1e9L,0x0000000000000025L },
-      { 0x4188632f2b8f5085L,0x8e9b1a3789693e29L,0xd12668d218a2eb06L,
-        0xf3aed630596b2ef8L,0x1f8368bbc0589c86L,0x4722d8261eb0b305L,
-        0x797cf073488c1be0L,0x835aba08032ba315L,0x0000000000000154L } },
-    /* 28 << 511 */
-    { { 0x6994d68d7acdb128L,0xea6c1bcaf3e42194L,0x45b4e1e5c14a3782L,
-        0xc1d3ff5ca5089907L,0xc7d8b8bab2ecc0c8L,0x5756897b8af09517L,
-        0x54248bc42d37631bL,0x4ec2b153748dc34dL,0x0000000000000018L },
-      { 0x0be76102bcd4b8f5L,0xf59b6d2fae1fbc73L,0x3a82d42614de6312L,
-        0x603fd1ba99d221deL,0x31371c44349ada8dL,0xecb2cfab22e3eea0L,
-        0x5134413e744a9e46L,0x1d91fe459e0de97eL,0x0000000000000042L } },
-    /* 29 << 511 */
-    { { 0xbe0d267fabe7ca12L,0x00aa0e5de45c1440L,0x3f943a133936bcebL,
-        0xbe7e6ee2c10a5afaL,0x9a05de6433854a57L,0xd2635265bd538c38L,
-        0x2d8b1ee1bc23b270L,0x1b817b956662d16dL,0x000000000000005bL },
-      { 0x0b34b0d6993f32abL,0xd29e841ca594d824L,0x659f13d59ae853cdL,
-        0x50bd99b1f134a1ebL,0x96185d6777657f3bL,0x9866e7a14b16d264L,
-        0xd6f7f2ac20d2efc8L,0x27030aa51ea5a842L,0x00000000000000c1L } },
-    /* 30 << 511 */
-    { { 0xca2a69328e4c1bb9L,0x5406d95b89a810adL,0x181690a007059605L,
-        0xf6b80571db36c201L,0xcdb7ceefc0da0fb1L,0x0e0f2c08382dd238L,
-        0x530c9a2e943fd3d9L,0xc14d7c55a5f3e1f4L,0x000000000000005fL },
-      { 0x38c5afdfccf6ebc7L,0x9f2e2d25f0d0c1b8L,0xcb96d5873af9bf69L,
-        0x150f940c89391daaL,0x5d80c9765901c338L,0xca2c7c5f7134a0b6L,
-        0x615abd199a37b224L,0x03504959e2b8790aL,0x0000000000000067L } },
-    /* 31 << 511 */
-    { { 0x99d98ce9c151c763L,0x45d75a156c9f8403L,0x398ca5858ad4d96cL,
-        0x5aea77ac7ab5a6e2L,0x31daacac60ca3cd8L,0x0be70a0c33089a45L,
-        0x37d11b417ae57ec8L,0x0daa79b92b36c7a1L,0x00000000000000fcL },
-      { 0x86fe4b66e6bfbeedL,0x471e1284dbc755aeL,0x93f985d974ad1658L,
-        0xfc9301d7c5cfe717L,0xcdfec01a08b28faeL,0x38a8a97d15684b4cL,
-        0xef3c8e4da413cd92L,0xa3a9ea581f848825L,0x0000000000000038L } },
-    /* 32 << 511 */
-    { { 0x1d45c5c8dd04afceL,0xce141a50bbd9c392L,0x44ca5fa5c9e0fc05L,
-        0x4b9496ff60ccfb3cL,0xbe260bc6db5552a6L,0xa0eabfdd7d3a7a09L,
-        0xe9cc06ae1c77c1f9L,0xfa792d042aabee9eL,0x00000000000001dbL },
-      { 0xf2224e6f72765171L,0x3f9ea54811b89e04L,0x1e07c6eb138f1a43L,
-        0xd9b61817621f1f7eL,0x08e851aa2f69af1aL,0x3e75da6fc0d63f32L,
-        0x49a72d31f0f0d74dL,0xfccfc561c516a10cL,0x000000000000009fL } },
-    /* 33 << 511 */
-    { { 0x50f7e4f10a927e25L,0x21a09f957b043982L,0xe57eb5d0a7f4ae19L,
-        0xaa5f21c688c23fa0L,0x345eb906b671a416L,0x3f75a771e1cd246eL,
-        0xdcb1400211d9833bL,0xcf9f9effd4757fadL,0x0000000000000027L },
-      { 0x8cc47957a51fbfd0L,0xf2f7514db21b49dcL,0x342c1525b167a27fL,
-        0xd9189df73bfe544bL,0xf1e992d72ef945cfL,0xbdb74deff88ba1f9L,
-        0xfd978291b82afc9fL,0x64c2d06b8072b2ccL,0x000000000000004eL } },
-    /* 34 << 511 */
-    { { 0x02b8ce6504071b42L,0x846c0eca3f395d37L,0x5f02aa27aa3c2f7dL,
-        0x6812ff735c5b86fdL,0x617425a2fed24a25L,0x8c4aa371a388dc78L,
-        0x866aabc850041de7L,0x8634b3cbd1ff9bdeL,0x0000000000000193L },
-      { 0x0b64b43ea717f98aL,0xfc2f70a8c9b0fe04L,0x00811a41e3545cc7L,
-        0xe073c45bc396da28L,0x56fe07f4905ade48L,0xb123dab359ca3c9bL,
-        0x155282356f0803e0L,0xd66e80e281b40eb2L,0x0000000000000141L } },
-    /* 35 << 511 */
-    { { 0xe6df057a87307af0L,0x57673587e4a49774L,0xb4626535243828f5L,
-        0x74f829480d6b51b3L,0xcb1c59f43de3f59dL,0x34e8ac234df85c57L,
-        0x363c7f11a6d0c631L,0x050904e0163f8845L,0x00000000000000ecL },
-      { 0xa2d31e7ae522c580L,0x2192828a1418a8e4L,0x8bf7419f81f5c03bL,
-        0x610522a6cf674c6eL,0xd038897d6b1d1b0cL,0x3ecb81e6b9a1192aL,
-        0x0e88a8d53e80564bL,0x395f9bf85d76c33cL,0x0000000000000032L } },
-    /* 36 << 511 */
-    { { 0x5390df114314f744L,0x545733637f8ff5eeL,0x22442fa33849bbf4L,
-        0x1c462aadb46045f4L,0x2b0758050817d8a3L,0xffd73fc3f5669e27L,
-        0x546917fa1aa20f00L,0xb7143ce6713fb9a7L,0x00000000000000b5L },
-      { 0xa4c372206dd0bf11L,0x52731f73af632b4bL,0x7c309663118ea369L,
-        0x076a35880a8a687bL,0x07e93992e0a835c4L,0x7e5f1bbd4bea801cL,
-        0x3b3f6fdc83bc661aL,0xdb55c7e2364cf3a1L,0x0000000000000039L } },
-    /* 37 << 511 */
-    { { 0x4f6b908de90be946L,0xe1f9650ffb405564L,0x1db8139fdd3a7d6bL,
-        0x71d6a50705d77cd1L,0x3b858f748f73a748L,0x217b6c7d9298eb99L,
-        0xbb713b613fca2518L,0x676e6f89d0dea256L,0x000000000000016cL },
-      { 0x05c293ef29c8372aL,0xd3f26db950326885L,0x66177b402cea076cL,
-        0x5e590103c94a3e60L,0x12f5268c5f24c0e7L,0x79cb7296cd30051dL,
-        0xc7c9b49b4b77f8fdL,0x8a19a8c92fa04a11L,0x0000000000000002L } },
-    /* 38 << 511 */
-    { { 0x22401bc6535dfb08L,0x893c44e95b4abfddL,0x3ea62c91a4e38edbL,
-        0x5b2bc290ca12f3ffL,0xec707dd69051cbf2L,0xb07a24f8e229c022L,
-        0x30ef2af96883d74eL,0x2ff30fbdcb8b1f4aL,0x0000000000000108L },
-      { 0xdeda6c35fb49ddd0L,0xcbd14fcfe75c49cfL,0x1e4bc372ab2fbcccL,
-        0x9b3a3efac145242fL,0x6ce05f8162c39e2bL,0xa5bc8d92adbfae6aL,
-        0x171424988855b100L,0x29892ee2b0f012b1L,0x0000000000000056L } },
-    /* 39 << 511 */
-    { { 0xeeb9875d19d809c6L,0x8dd24196e2064977L,0xabf1f5c25807f8cdL,
-        0x317fcb9d75d9af79L,0x0bd27847641a0dd7L,0x52fdf8fddfc25539L,
-        0x0bb20880b72d79b4L,0x7403cab9b050f06dL,0x000000000000008cL },
-      { 0x39ac8805f83224eeL,0xe74625294c06d65cL,0x9dd00df370d5aae3L,
-        0x8ddaf294a460289eL,0xaad00c0b8c2b12c8L,0x897fb3d5c570bcabL,
-        0x7f069c7b7d06c691L,0x40f5a2d2f44b375fL,0x0000000000000147L } },
-    /* 40 << 511 */
-    { { 0x66fba7b2e7441cb4L,0x9703fa4d0edf3396L,0xff524baf4f3a5b75L,
-        0x9a8f25db1d173b34L,0x29d81a1a1cdb278aL,0x4cffa124a410cdeeL,
-        0x5388c4036feec1d2L,0xcd9411a470cc643fL,0x00000000000000cfL },
-      { 0x7b229e6550e05667L,0x3175d10dbbdddf46L,0x9dfefe2390b31338L,
-        0xf97db78253a89eeaL,0xcb8acd29da67068cL,0x61c34b5725f19838L,
-        0x856cf76a6c605d31L,0xf4ae77b201effc73L,0x00000000000000d0L } },
-    /* 41 << 511 */
-    { { 0xaf3cf777a26b8056L,0x5c43dd61241360a6L,0x58b083c67fdb2f60L,
-        0xd2e7c4c8d351c4e3L,0x3dd61d56f94892e7L,0x195876a7e8995a49L,
-        0x01a0a17dabe083d9L,0x52beb3136552590eL,0x0000000000000066L },
-      { 0x1a3347effc405688L,0x26bd6de805ecb62cL,0x857d636da52f40baL,
-        0x58a784783188a7a7L,0xe0ea2b9cfce84abfL,0x2fdf6d3e5a673decL,
-        0xa18d4112bde7405cL,0x4271c5f9c015e112L,0x000000000000010bL } },
-    /* 42 << 511 */
-    { { 0xf370ed52a459ca74L,0x7cf21ea4025cd3f2L,0xf925a200a1bbac0aL,
-        0x3abcad9afbc36076L,0x10ff56a08e382f60L,0x2f72b3e29adb35bfL,
-        0x57e668316c2a7131L,0x6201c63b1cfb3b53L,0x00000000000001e6L },
-      { 0x6fc57e654e3919cdL,0x5d34bc0e789ab429L,0x0f1401b897c4f56bL,
-        0x1ab6888a8678c37cL,0x90c07e9d168f4c19L,0x9c4fbaadf2f7efa0L,
-        0xd917c926142b5340L,0xd92f2667a5ca3f5dL,0x0000000000000173L } },
-    /* 43 << 511 */
-    { { 0xc8625d648fa89b66L,0xd7a2e7ef484c0085L,0x296d5cec57a26972L,
-        0x624e03edc087e675L,0x3eaedbd4bcc8ccf4L,0x24267aa04f5cab98L,
-        0x494f2a3554d6a0c3L,0x4782932db4554a33L,0x00000000000001deL },
-      { 0xf2ea212c17c4784aL,0xdbfc5551c152619cL,0x2643df61118f875dL,
-        0x6577ff540fb8865dL,0x2653fc8fabd035f6L,0xc1ae1c669ed7ef7bL,
-        0x4d602fb24a25ccd2L,0x6391a7332afe8120L,0x00000000000001e8L } },
-    /* 44 << 511 */
-    { { 0x04b2f9f2ccbe7de0L,0x8870c0dae6c58facL,0x69fceb5b23174377L,
-        0x8f1ad157f12131c8L,0x3e925501ee3048cdL,0x96a0b31e386d5003L,
-        0x586a530340e9c76eL,0x517d83e314857a31L,0x0000000000000115L },
-      { 0x4d02d42902d8ecbbL,0x68b811f62e9c8238L,0xe213c3949310f7b5L,
-        0x200ec52ba8d8187eL,0xd80c192da0fb4110L,0x35c985ff7c450678L,
-        0x43577470db1e8f13L,0x6810ef036900807cL,0x000000000000012eL } },
-    /* 45 << 511 */
-    { { 0x379ee09f103bd6f9L,0xc6455764cd4b3d01L,0x785ac6571d53dda2L,
-        0xb6c194c93eba3017L,0x6aec6839ee84180fL,0xc94dff5ad09c51bdL,
-        0x933c64be4038c3caL,0xfb3e230565c87b9fL,0x0000000000000077L },
-      { 0x04b71ef8ac8ab240L,0x6a16d0e5193fd7e0L,0x86fcef220c40a10dL,
-        0x28228cc910f211c4L,0x5ede88e706ae9d8fL,0x67067909a5f0e8feL,
-        0xad79f0c8df338ba8L,0xe39836048ee0c62eL,0x00000000000001f7L } },
-    /* 46 << 511 */
-    { { 0x7d703295f5e4f7f8L,0xc3fdc161143af599L,0x25ae8c6d10a6b4ecL,
-        0x8f3ffce44eda9576L,0xa2383338f649674fL,0x38642f550eb3892eL,
-        0xeabb7046f0cb8779L,0x57dabaa2dee84d91L,0x0000000000000154L },
-      { 0xbb850ab36173a285L,0xbca5655928b6fb38L,0x8e3428380df79eeeL,
-        0xe52853dffecc7940L,0x792e753ad9dd12adL,0x7e2cb3406420ebd6L,
-        0xb585ab566d827017L,0x2dc2202c5a41aa40L,0x000000000000008eL } },
-    /* 47 << 511 */
-    { { 0x23845c7c715a4da2L,0xb337c0ba6e0aff7aL,0x41b68812f9a9f520L,
-        0x4a10ab9bad1a5c83L,0xd8fcea40ccc1a37cL,0x51d69fdfb25a1b3eL,
-        0x83ce07a3022b27b1L,0x762e56c9f29621f0L,0x0000000000000017L },
-      { 0xc193077f19482f39L,0xcd5eeec001d3bf64L,0xb2d5f8a51d7e8890L,
-        0xf63d9476672f223eL,0x6cee15df7c3f98abL,0x17e3a150da97838eL,
-        0xcedd10e73c50762eL,0x22d5f479795cd480L,0x000000000000018cL } },
-    /* 48 << 511 */
-    { { 0xf854e6e695c41349L,0xe7d4dcb0476ad721L,0xcaf79afb764dcaecL,
-        0x99a065a2e85595acL,0xcb613dd111beed86L,0x1ec36351b5a4d300L,
-        0xa1acae740f8b5580L,0x6d6bd5a7708071a2L,0x00000000000001a9L },
-      { 0xfcac06c11f4f15a1L,0x75a9003c1050adf6L,0x61b71ef7ea874ec8L,
-        0x0de589f5ba499bebL,0xc1470e300d93fee4L,0xc981a814d175ce74L,
-        0x2549b4a3bc96e422L,0x14d44f006728ed6aL,0x0000000000000085L } },
-    /* 49 << 511 */
-    { { 0x798a73bec4e4028bL,0x6388051a3353c08cL,0x028b0677e9ede279L,
-        0xcc3d488cf6339bcdL,0x87c818187e5ccd8cL,0x4e7186598c7b25c7L,
-        0x4196e50586f7ef16L,0x9b107e634d57b458L,0x0000000000000061L },
-      { 0x4d6c0c1fef82fb6eL,0x8c244a96888b56dcL,0x8b464d425577066bL,
-        0xf7ecc8ca8261ddb0L,0x3570d8a77002aa15L,0x8e694bd46197aea4L,
-        0xff32a72d301d8b31L,0x8e7f4f8ce64abfd9L,0x000000000000008cL } },
-    /* 50 << 511 */
-    { { 0x4192297482a6c06dL,0x5d74d871af00d803L,0x8d08becbbb060085L,
-        0x73c0f98f88c68d5fL,0x57ab930e1eee2808L,0x58bce0b0994c1dedL,
-        0x84b44834720f64a7L,0x026e1e6cb2fbd380L,0x0000000000000001L },
-      { 0x80b288943d2bd6f1L,0xdecf8fc035fca89dL,0xae9673adc3dbebccL,
-        0x52b2a6114c7205c0L,0xbf9efb9567a057eeL,0x55e70e9e8da648dcL,
-        0x4497e043e39ba91dL,0x12b586111fccb6d0L,0x0000000000000143L } },
-    /* 51 << 511 */
-    { { 0x1375591eb29c6942L,0x558b9028695298ffL,0xd72d549d7f26580fL,
-        0x499eb5853b5c56a0L,0x2f077d8fb9ce1359L,0x1262a69d0d7ba25cL,
-        0xbf740566f77d49ddL,0xb61e1de4089024f2L,0x0000000000000031L },
-      { 0x9600de6a5cea3678L,0x369af7f9e5016941L,0x4ed8550d502f6ecbL,
-        0x6dc1c264ad1f1bbbL,0x9f0c69ee1f11dae6L,0xb5f7f9e25a6587b8L,
-        0x4213ef97bc54eabeL,0xbe9a1fda336d54a4L,0x0000000000000079L } },
-    /* 52 << 511 */
-    { { 0xbc149ee5e49ef413L,0x39b60fa4d360cf79L,0x2e8d787ba5ac8562L,
-        0x49c84eb7f42102ebL,0x648e9db745aaaa29L,0xc425b3d214ab53acL,
-        0x76ae3baa7dc413f2L,0xd2d1545197d30a00L,0x00000000000001fbL },
-      { 0xdc8dee9ab8b66612L,0xa4158d3140baa079L,0xad72d22df0cba4fcL,
-        0x8086cf0dbf8743a7L,0xd3f991da2520bd39L,0x97506e140f96e56cL,
-        0x552b394be00ac04fL,0x51565a258066c1ffL,0x0000000000000046L } },
-    /* 53 << 511 */
-    { { 0x6c3d617801a96295L,0x43814219fd3c708aL,0x5c897caed13c8708L,
-        0x9f5aeb293f89dd2eL,0x9b939a34a97dfc4eL,0x6ab7bf493c11ac17L,
-        0xe4361a842a64d18aL,0x4e403a2ce2e79fe2L,0x000000000000018eL },
-      { 0x799b8d70aa46cf1cL,0x6c2ea52272cbe39fL,0xbe454c9d7f37d359L,
-        0x4d467bcf8dc10196L,0xb2ff7e3b3592d9c8L,0xeea5653d9533501fL,
-        0xd5ffd9b567a4b6f9L,0xfde6e9228a137ffeL,0x000000000000001aL } },
-    /* 54 << 511 */
-    { { 0x1e3ce488a047b061L,0xbc63c1934dd0b80bL,0x215eb936521502deL,
-        0x9783e9936f19aa62L,0x619021eb9f16efd8L,0xec8ec3c5369a3bf0L,
-        0x1676e68515ae4400L,0xe53e62515b175359L,0x00000000000001a7L },
-      { 0xdfa54a3b97edcc3aL,0x09008a0bf05833c1L,0x977fd92b8a8da5aaL,
-        0xf7fad1857cfe5d6dL,0xe2fa47a6dc11ca11L,0x24bd7530d9ebf4bfL,
-        0x7cebf5a35680963fL,0x4fb7ab14c8665ef7L,0x0000000000000005L } },
-    /* 55 << 511 */
-    { { 0x7e11d9fb45a8dc00L,0x3d5367616a5d6065L,0xe6e07b82e29c3187L,
-        0x4bec2dd98770e1b7L,0x68475bdfcd079a33L,0x16b08e0e6e3f02d2L,
-        0xed11161910a457f2L,0xb0e36f686f05051aL,0x000000000000005fL },
-      { 0xc0029dee068f8671L,0xc4040ef2ff0a6398L,0x87250bb6bc66c114L,
-        0x76a6bb7afcc07b67L,0x8bc7c85758b6b874L,0x83aac6467921d89cL,
-        0x134f5777e7990ddbL,0xb1b5da6baf81c59fL,0x0000000000000024L } },
-    /* 56 << 511 */
-    { { 0x49e0ca1c42892d9aL,0x5b0338a5f1dd866dL,0x9f891dc9ebce0673L,
-        0x9956c1820b302606L,0x2957d2bb088fc616L,0x1ac5570417b75077L,
-        0x5f5910069b67b533L,0x1bf9b4bd69acf0dbL,0x00000000000001dcL },
-      { 0x46de5fe669353a7cL,0xc4ad8307318c6934L,0x155bb477e235ca27L,
-        0xea4bdc8302c92a8dL,0x71120f8c44755470L,0x84db9f10d607e3f1L,
-        0xaa26e77d2f3256c9L,0x33a5a253d015112dL,0x000000000000007aL } },
-    /* 57 << 511 */
-    { { 0x20aec1362116051eL,0xffe2bc551b94c19dL,0xd91e5b74fb20a2f4L,
-        0x08e0eb8f1f337f79L,0x74358d40020a9b71L,0x6c116399a54a0ff8L,
-        0xe6090ccb58499d38L,0x52b4fbfff1be7a36L,0x00000000000001f2L },
-      { 0xe6139d12f1cb27f3L,0x5320639cc84a439eL,0xb9d97a6f588c93dcL,
-        0x47fe72529320567cL,0x978d888735525e0eL,0x9c71616fab85c178L,
-        0x97b0f1a987dd691fL,0x8000752a1ea5c4d1L,0x000000000000017aL } },
-    /* 58 << 511 */
-    { { 0x018d394f82f47082L,0x5c3822d7194a5bcbL,0xcbaa36177f696c2eL,
-        0xa479f542c7ee38baL,0x02ffb8f005e0bee0L,0x96e989ab54c7af79L,
-        0xdc095377118fec7eL,0x1889c6bf473a5d75L,0x00000000000001bbL },
-      { 0xc23dff30186f12dfL,0x2c1e5b533938ea78L,0xf84dec6083271f8bL,
-        0x400b2677699a9bf1L,0x71e646bf1763cb95L,0x049bd5253dc8bd13L,
-        0xca6987502cebc746L,0xe5faa8e720df2537L,0x000000000000011bL } },
-    /* 59 << 511 */
-    { { 0x5795aaa1d72a699eL,0x6ff9310c36c48097L,0xef3f26293739ff45L,
-        0x6963009f1b69c613L,0xe589566bf41adbc2L,0x8519ded7ad44ff6aL,
-        0x962ea751d15b222bL,0xe6fa540cfcca0dddL,0x0000000000000070L },
-      { 0xedab4d678df09693L,0x764b38f4a3f32f76L,0x2acd5a3b31b914ceL,
-        0x1233395075acb244L,0xced00b66c3e58eb8L,0xe3689850bc11b028L,
-        0x94f3e782819636a8L,0x8c95e7bb036dd494L,0x00000000000000c7L } },
-    /* 60 << 511 */
-    { { 0x37439521cea7af22L,0x74ab19d02610baf9L,0xef7e24aa2c3ac33dL,
-        0x3b42932bc1eae083L,0x91478ba263b52bceL,0x125d1d70532e30b3L,
-        0x67ceccc80ae01dddL,0x74c6bb6376afb79fL,0x00000000000001edL },
-      { 0xfc4cc8c83a4adb6bL,0x2e4071bef2fc358aL,0xd81bdde4d9c36d33L,
-        0xd2a33e71c35dc1ccL,0x24eba4f21c1a3d49L,0x04f116a9177f3f5eL,
-        0xd63a542d1eab2502L,0x2fc261c6ba83beb5L,0x00000000000000c5L } },
-    /* 61 << 511 */
-    { { 0xdb557ff48802382fL,0xeae38177f1567c96L,0xa9dbea24f20baedcL,
-        0xce9397baee7504ccL,0xa4442b0a42df93b4L,0x3d7fc49deee5363eL,
-        0x9ee9c35c98da97b1L,0x5d01da6517432d14L,0x0000000000000036L },
-      { 0xf420abf84f2df80eL,0x99f61a31dd55807fL,0x3fc70210891bdc0cL,
-        0x6c61798be047b64dL,0xc154a33bf7ac51e8L,0x5f3b12819fdfc99aL,
-        0x43046ba63397a668L,0xe140dbe79e0355fcL,0x0000000000000156L } },
-    /* 62 << 511 */
-    { { 0xa0c1806642c1f473L,0xbcf0d250eda4e7d2L,0x1cd8ef91b57c4d80L,
-        0x16d95785698e4de7L,0x9239a410825f5b62L,0xba5862c29c45add9L,
-        0xf7f39ffcc844573dL,0xbc4bb8be6d3c4492L,0x00000000000001d2L },
-      { 0x918841a7413d3afaL,0xd46614bf35d3c789L,0xd31164d43ae4637fL,
-        0x62ec57268c2d1641L,0x54745b91bd87cd4fL,0xe3a32720b8ed340eL,
-        0xfffbaeaff90a1288L,0xc61ae40a5c850d7fL,0x00000000000000a9L } },
-    /* 63 << 511 */
-    { { 0x77ecdd788ded8d98L,0x5c4f7da4f3a901caL,0x3f93175b91c2a241L,
-        0x4c0b8664749141d4L,0x6961df53fc600db2L,0x6aee2d3b899f23e4L,
-        0x4396c817fc67b9a2L,0x71043f9a1c33877aL,0x000000000000017dL },
-      { 0x67d33824044cb54dL,0x8623a36b7b85049cL,0x88bfdcb338c9d75bL,
-        0xb861f7b06c3dbb25L,0xd539f69f52a24d72L,0x60428e5b5dc11fa1L,
-        0x3ee93ffb4f13f4ffL,0x04018a96e18516d9L,0x0000000000000101L } },
-    /* 64 << 511 */
-    { { 0x41b3eb86bc1bd2eeL,0x71e8430c50368484L,0xb214e9cbf2b93ad3L,
-        0x13f89335138e0ebfL,0xec96c9c25e690118L,0xde786d182c22cd4cL,
-        0x5b1554abe819e310L,0x399bfab4d01892d1L,0x00000000000000c5L },
-      { 0x2efaee912005a9f2L,0x9cb43e2eb39471d0L,0x0b0d1b565ceb35c2L,
-        0x3bff194056825120L,0xad49b05739a0dd54L,0x35dec8af0e83d425L,
-        0x50b91634687d1ac8L,0x2fb0d9e42f25a98dL,0x000000000000007dL } },
-    /* 0 << 518 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 518 */
-    { { 0x58333c8c9c13146eL,0x213c8896d5d37a5dL,0x18e2132d8fd07282L,
-        0x606e8133cd7d66c7L,0x21c19a128743874bL,0xe375d1f56dd96309L,
-        0xe0c48d6d3e1d629cL,0xed6ada6cdee22453L,0x000000000000015cL },
-      { 0xea1c974547b194a6L,0xdd549898850241e9L,0x0e225368407cb796L,
-        0x17b59edb427ad8d3L,0x08d4629ec43f0a43L,0x27f4063d5201d0a4L,
-        0xf6e1518fa5003274L,0xb6196e3ea3286e2cL,0x00000000000001b8L } },
-    /* 2 << 518 */
-    { { 0x593cf4108e41277fL,0x3ae7db6e925c9d91L,0x68519ca7a37a388eL,
-        0xa93a2e815bd94e48L,0x2b8cdbac00ef816fL,0x6fc3cae6eb2796f5L,
-        0x253fe0d4f8dedde4L,0x38405b3095ecc14fL,0x0000000000000092L },
-      { 0x27a7d0f67882df12L,0x14b3264246332549L,0xb8d8c3e6eda10498L,
-        0x6861e53c2aa1cc1aL,0xf2bd03e3a37d7254L,0x175c04f6d78b5623L,
-        0xb3d5202f0b18c14fL,0x30b9b0f6967f2b7bL,0x000000000000012fL } },
-    /* 3 << 518 */
-    { { 0x3b770280731e2b92L,0xd8c7870c7ee974f8L,0xd6fe928343da91b3L,
-        0x563cad012b7968b3L,0x48333ac2d845b648L,0xf1753bdbc02af5d4L,
-        0x48cf506f04a647afL,0xac9f1d5bddcd3a9aL,0x00000000000000fcL },
-      { 0xf9b4124bcb40d52dL,0xc39a85654cb0ab5bL,0xeee9291114c56558L,
-        0xd5182186ff5602fbL,0x32d3441623f351ffL,0xde81de053e387e04L,
-        0x19b6666948aa0ac1L,0x4cd3b987782c2ca2L,0x000000000000018cL } },
-    /* 4 << 518 */
-    { { 0x61829972ce8f9a17L,0x2d21913ce0fda47eL,0x84cb9da252466c05L,
-        0xfcc4eaab9fd85710L,0xab1ec5412f56fb90L,0xbb435bec6a231d4aL,
-        0xe1fffeaee16d3c47L,0xa7db02840f023a36L,0x000000000000002dL },
-      { 0x7259e71938d77a9eL,0xcd2278b1a3661199L,0xcf7fdf77bf6dfc59L,
-        0x6265f9cb96a2b632L,0x1365e44a4eb09c8aL,0xc1ac30542b23bf87L,
-        0x3161a2c05aaec208L,0x1af3a61455db8ae9L,0x0000000000000098L } },
-    /* 5 << 518 */
-    { { 0x60e8e4d3ea396a57L,0xa56c78e0378519fdL,0x783fd1661fd3ee35L,
-        0xf465f7d7174f5564L,0x6e3d2bd397a58ecaL,0x9ddc5d888ed910a7L,
-        0x46b9f89cc0b9158cL,0x1d6995655fae4fa7L,0x0000000000000033L },
-      { 0x8475d7fc10440e6dL,0x048d912b8c257698L,0x536c9062e7c97954L,
-        0x067523a8d0f61df0L,0xfd233e353e97f9fbL,0x38b8db0ed3613d1aL,
-        0xd071e57d61810f87L,0x1f4d1b2e97415a56L,0x000000000000018bL } },
-    /* 6 << 518 */
-    { { 0x129f3f88a1e73627L,0x4d4f1e3abc64f2ebL,0x365c51c94a97ebd4L,
-        0xa681acfc1c60b2b8L,0x98bda6049c22ac9fL,0xc337336f7a3c06d8L,
-        0xb706c685153282dfL,0x4217adc8eb1ce0feL,0x00000000000001f7L },
-      { 0x1d147cd08ca52a15L,0x2fb7fa8e6c45139bL,0x36db6e625c7ec355L,
-        0x603450e0f1b9c840L,0x46181b26f6f43cf9L,0xbe2fa18c68c6844bL,
-        0xc6eb676678305319L,0x47ccf36ff7f05252L,0x00000000000000f4L } },
-    /* 7 << 518 */
-    { { 0x765a6a6afc884a2eL,0xb079d52bbabdf029L,0x9441e6f06f3b9515L,
-        0x524cc31db56d96ddL,0xd9129ecef245efaaL,0x48c3b03bc906f1d2L,
-        0xb2f379fff6334489L,0xea50ce556c3d05beL,0x00000000000001daL },
-      { 0xa23e9095a8b173f3L,0x1163236c0cae0acaL,0xbad7a4ced2fe7ed3L,
-        0xc96b59a64397acc1L,0xa330281002b1f51fL,0xabe9c10cf3c0800fL,
-        0xc0480be858f37470L,0xbc4b63ae0678686fL,0x000000000000000dL } },
-    /* 8 << 518 */
-    { { 0x82e051426b4c3f67L,0x830492593fc34315L,0x2b17027d972d1c60L,
-        0x650bd0df06941699L,0xc960bca9bf06dea4L,0xc9b131eef6bf6453L,
-        0xc7865c906e2a0bd0L,0xffb964e05d5f6799L,0x0000000000000033L },
-      { 0x32db85f6e9fa9189L,0x3f0deb0eb5544031L,0x848456bd704e30bdL,
-        0xade1bb0e862032ccL,0x8deae33afcf305adL,0x918cea68c089cd96L,
-        0xea115fb805a4a146L,0x978f3a2f3633d8a2L,0x0000000000000083L } },
-    /* 9 << 518 */
-    { { 0x62982ababf590757L,0x112fefd670d2e25eL,0xd6f63c34ed861469L,
-        0x626af4f7f78223d9L,0xd26df9887581ae71L,0x884869f820b93f27L,
-        0x5308341576b8e53bL,0x42c0e46f9225dabdL,0x000000000000005dL },
-      { 0xe6610850fd4f594dL,0xe4be8fa1fd6f9d30L,0x5f5f5c2d554a978dL,
-        0x91ba562503eff7b1L,0x278af3e2c0b61678L,0xdcec232f4bc1b63aL,
-        0x05d3b83ce67e86e2L,0x2e7cfb29b15ea746L,0x0000000000000120L } },
-    /* 10 << 518 */
-    { { 0x868efb5c1517a09bL,0x20bfbd8722919dbcL,0x11bf475b6e776274L,
-        0xef04a4135ade4e48L,0xe5b721d41702befaL,0x6613ef46c010811aL,
-        0x8a70cf720286df5bL,0x31a364139961089fL,0x00000000000000cdL },
-      { 0x0ff8f787313062e8L,0x6a9c58a1c7c7876bL,0x3767da6e73cfd9bfL,
-        0x59569e705f92c89fL,0xd2b5ae8f16d2a77eL,0xe287323d9756a091L,
-        0x4f40fefcb0114e2eL,0x5a51851d8f4adeb4L,0x00000000000000f0L } },
-    /* 11 << 518 */
-    { { 0x5037561bac8ebe24L,0xe7ee25348366bd2aL,0x772837d6841bae82L,
-        0x08eb7b46e0ff68c5L,0x8c92b3f60c31b9dcL,0xf87d90b768dc21e4L,
-        0xa6c7c9d70770b025L,0x53c3c5f384510727L,0x0000000000000047L },
-      { 0xde80f1b74569f57bL,0xf3d6318e62b8842dL,0xfa2eb7e2c819f5f8L,
-        0x0faa86691d96d0daL,0xf45e324d3751f6f7L,0xb12f32807a8f2951L,
-        0xc455c3d540edba34L,0xc4624175f5c78269L,0x00000000000000fcL } },
-    /* 12 << 518 */
-    { { 0x93012bbdb3f18230L,0x69b59c81be563374L,0x0fccc9418fbd8070L,
-        0xb2e3e5fddd353c6dL,0x290f2d4065dce413L,0xb79d87416598620eL,
-        0x855eca8c0cfa916cL,0x45029ea197efebb1L,0x0000000000000051L },
-      { 0x7c09eef390438baeL,0x898440c59ec6217dL,0x89f1331330d90670L,
-        0x1588728726ae644cL,0x353e5bfae83d85f0L,0xe8f21860456b1253L,
-        0xeb0fedeacc75e379L,0x215ac25219348cecL,0x0000000000000057L } },
-    /* 13 << 518 */
-    { { 0xc4fc152cdf7adcf8L,0xf1731d853aac8ef5L,0x755b049dd1463ed9L,
-        0xb2584ead794d041dL,0xc6cbad77a4598004L,0x1baf02531eb28df8L,
-        0x972ea8693d442d21L,0xcf1de4ab9d17f0c7L,0x000000000000002fL },
-      { 0x175ee1ac772076f6L,0x8afe0a0b98a219bfL,0x23350b21cf7072b6L,
-        0x255372ec66d6bfcdL,0xc0e878e4ca347854L,0x45943a9fc266b8c5L,
-        0x8e0b70f802304611L,0x7c1914054c1a0ad8L,0x0000000000000129L } },
-    /* 14 << 518 */
-    { { 0xb009865603ff1b77L,0x0c3e56c816d480dfL,0x03cb7430b25b7ef4L,
-        0xc1a1d84f29530ba1L,0x91ea3813a687e8a3L,0x36d765625e955cf5L,
-        0x9791cbeb9871c033L,0x25ed155b29271a7eL,0x0000000000000046L },
-      { 0x0201ae83b863fe15L,0x577c28d5533caf59L,0xa000a53862886d5eL,
-        0xe400a338683c5322L,0x4dbecfe561107162L,0xaa3a88bcbb5603f4L,
-        0x48714504ec53c8aaL,0xc5c8b13a63f8c036L,0x00000000000001beL } },
-    /* 15 << 518 */
-    { { 0xa1ba19f667cf8ca1L,0x71b5032e6aefd0b4L,0xeee3be6cc1649bc2L,
-        0x630e7b8664949a27L,0x5c9b815b9f8d970aL,0x582c63862439a25aL,
-        0xe2acb5564443a504L,0x8ce90b34e50d00ffL,0x0000000000000004L },
-      { 0xd96814912a56ca70L,0x39d0c795ed552ae7L,0xf666288a8d6c3cefL,
-        0x71fb44903f030a8dL,0x20a8dbdf22b5414dL,0xcfc31a6ac244c07aL,
-        0xf6cba0448ef206e9L,0xe2987b8b8f2d974aL,0x000000000000004eL } },
-    /* 16 << 518 */
-    { { 0xfd4abdb4f6f04de3L,0x2d3399bb2708b32fL,0xe3f7a82fae7ea987L,
-        0x63f0093e11c3b0b2L,0x4e771ccb50e1dc6cL,0xed3655479b91c6a3L,
-        0x97c1fd0b332028a9L,0xe8199fe24a65acb3L,0x0000000000000137L },
-      { 0xff2f102fed4f5410L,0xe2ec543cbed8c3c0L,0x7c79a798d4bbff64L,
-        0x5baa5d12bd61bebaL,0xa4766859accb68ddL,0x79fe67260f18b724L,
-        0xfbaa1890c404245dL,0xebae71de1e4be8eeL,0x000000000000016fL } },
-    /* 17 << 518 */
-    { { 0x7a581bdc7e2afe12L,0x8cff83cf14fb3fd1L,0xcba840cc429779e8L,
-        0xf7bd183f9e5201e8L,0xc2c4a1a9fd6d9790L,0x9da08423ef26b1bfL,
-        0x5291a5eee224c1f9L,0xd2fef1565468dfdfL,0x00000000000000ceL },
-      { 0xccae68d1f8e2c083L,0x2b020fcdb6a2be21L,0x0369059c53f70413L,
-        0x1e7d130d80ff6c07L,0x3a0bcee3ae669b29L,0x2f8501f7a3d96b7aL,
-        0x37a337a485e110a0L,0x5496623a30441bd0L,0x0000000000000022L } },
-    /* 18 << 518 */
-    { { 0x66a32a2ff9805932L,0x2ec549c5bef0740bL,0x4e144029127ed87fL,
-        0x34f547eab1728cafL,0x89a0c9026066be92L,0x2acf5a05f15277a9L,
-        0x78de46f40120d365L,0xe9b87d4a61f5eed1L,0x0000000000000163L },
-      { 0x2f0c42289ff30d07L,0xc2f06ed849a8b586L,0x08d431a31b47a0e0L,
-        0x9b88a9bb1e3ef583L,0xc9ca97883a415e81L,0x321cd03e6b091374L,
-        0xb176a99a65091a1bL,0x1be3de61e7dc0e5aL,0x0000000000000120L } },
-    /* 19 << 518 */
-    { { 0xedda4f501a0ce34eL,0x92df6948bf73ec51L,0xc28a8e4c1a72e03cL,
-        0x2af289b610e4eb04L,0x07c600e6b91a74a4L,0x4bb54ad4f0b6a952L,
-        0x13c1236dd1de5b10L,0xb8e9c19bf544bbbbL,0x00000000000001c7L },
-      { 0xe7b10240b7f3dff6L,0xb54fa2387ef42552L,0x928e15bbde030c69L,
-        0x86839d49beeb87f9L,0xc72c04e8fe6a4e35L,0x0bd28b2333a42b3dL,
-        0x78c05d19cf75a3b7L,0x57db32cb05bedd16L,0x00000000000001b1L } },
-    /* 20 << 518 */
-    { { 0x895a36231bdd31fcL,0x3ff4b814a499d99fL,0x3b0b3bc1ae8418daL,
-        0x3f6e8a895eaaa723L,0xf4f87e1303adbdf0L,0x989fcecd01852f42L,
-        0x6dcaf5eda4426bc1L,0x36f55efea43a2bbcL,0x00000000000000ffL },
-      { 0xc7180d5818832a17L,0x47d76d9329c58f84L,0xe54eca936eb5288aL,
-        0x4e7a0ae6621c57b6L,0x475c9919cdad70afL,0x5e0d5c8613d73c3cL,
-        0xee24c9f315db8108L,0x80ff5e2c286ddbdbL,0x000000000000002bL } },
-    /* 21 << 518 */
-    { { 0xe6bb9caf41166535L,0xee910574729bbb65L,0x196bc7188a30dbcbL,
-        0xf5c06afb6b669532L,0x95a6445352798e9dL,0x54310e3293028bb3L,
-        0x2c980460a192c5e2L,0x3e71aa09f1d44ba5L,0x000000000000004fL },
-      { 0x0189f4680f956b70L,0x5d67b04a8f6b209bL,0xf82daa27b3529f92L,
-        0xc4e8d5d18d611d16L,0xc0824d25adcbbbc4L,0xa3151a908a4b37a5L,
-        0x570c39a5eb1b3b77L,0x4e04c57294a2bcddL,0x00000000000000c4L } },
-    /* 22 << 518 */
-    { { 0x817eebab56b577a7L,0x0a56039bdf679d07L,0x66bf1a96f0d319e5L,
-        0xfe007b76ba26cee6L,0x55836ee4d1a82640L,0x2b123a6f568d16a7L,
-        0xc55d3c2bd51ce671L,0x1e0eece0277b1fd7L,0x0000000000000074L },
-      { 0x32629cda26a51b9eL,0xff08209c84140e1eL,0x6b6333578da237ebL,
-        0x33c6765e901d98e4L,0xa3e1409a633fa3b5L,0xa44024d2365a82c2L,
-        0x1f90df3aed9a4771L,0x22a587e4ab00783fL,0x00000000000001d3L } },
-    /* 23 << 518 */
-    { { 0x013713ea9be05096L,0x3843a8fdf3f844efL,0x1e5b0c16555986bdL,
-        0x873570a4fe2ddef4L,0xdbd38a931534c642L,0x2cfb55c0dd37641bL,
-        0xa022f3cf4c9cc92cL,0x8e68f725fec4ae5dL,0x000000000000011aL },
-      { 0x174fd4dfda88abadL,0x471a712bbd3638c8L,0x78120e3fc36f3380L,
-        0x0d306f6e4f257b7cL,0x3b5d78fcc2c7e110L,0xce9f9636a954a62cL,
-        0xaa64c8d8bbf8bb14L,0x11f083636854bbd1L,0x00000000000001f8L } },
-    /* 24 << 518 */
-    { { 0x2e6ad1a9871f197cL,0x0af63210b4a58092L,0xcb9252c242a3b0faL,
-        0x06dbc3149d528c5bL,0xdc5216150601bb88L,0x9db07c32aa3178b4L,
-        0xbb13186bc4212f12L,0x18bdfe06eef4e9b1L,0x000000000000011fL },
-      { 0xf7e64b81713bbfa1L,0x26344818b932b514L,0x3316dd2ae7ca294aL,
-        0x4b266d272f30f1cbL,0xa2642af20de790f7L,0xcb11421279d5abfeL,
-        0x780790487785c36eL,0x8b8a691d9db40ab5L,0x00000000000001bbL } },
-    /* 25 << 518 */
-    { { 0xa6f7435bfa4bffebL,0xd6e291f42bfa469aL,0x58f691c576f06844L,
-        0x46c100d0ebbb4c34L,0x9c11ffde0a546878L,0x0236adb05accddeeL,
-        0x2b5adb70a872847cL,0x75592f462320b5c4L,0x0000000000000173L },
-      { 0xc0a19f24fddf6f87L,0x6abf006e83e9fbd2L,0x0af2d4414bf49193L,
-        0xe97288f52a6dcd30L,0xb13a5e18156a6b6eL,0x250d944ec97de15fL,
-        0x542ce0281d12789dL,0x7f18a27398252875L,0x0000000000000084L } },
-    /* 26 << 518 */
-    { { 0xe082423c26ee9683L,0x26a715041594a61fL,0x137bbd6e6ef85629L,
-        0x2e75b833bf8e7d4aL,0x8912d175a0bf520fL,0x197a7b40d35ab75dL,
-        0x55a51a2208213620L,0x9319af9f0a9a003eL,0x00000000000000a3L },
-      { 0x82740b1ad685067bL,0xd727f51e66fec58eL,0x7f230a384522eac5L,
-        0x9b2472ae2422eea7L,0xacb24446168e9049L,0x995eaf82f8b24133L,
-        0xd4d63051f8b37f7bL,0xb36021bc4d003ccaL,0x00000000000000e5L } },
-    /* 27 << 518 */
-    { { 0x0ea8d0af43da1485L,0x229bd2eee356a58eL,0x766352201eae3818L,
-        0xb1cc532299644ed3L,0x2b29d1889fe0cc0eL,0xbce5b5e6303000ffL,
-        0xb035f61989e0f826L,0x510c51d80e591febL,0x0000000000000187L },
-      { 0x7b2b6f57c1e35d21L,0xbe7100b1b78bcf87L,0x7a4dcd2b1764611eL,
-        0xc3abd1efe0659593L,0xdee37f042bd73310L,0x83d81872a65875a4L,
-        0x324574a77b7a1222L,0xcb0d36670b9b276aL,0x0000000000000108L } },
-    /* 28 << 518 */
-    { { 0x971696469a44620fL,0x3523058dfcfa2ea4L,0x8c3e30d1167c4c8dL,
-        0xf3de3d61e93a3a6aL,0x56e42c97642614f1L,0x3c9c8d2480cc3dceL,
-        0x68d62a528ce9a9d8L,0x482041d2df7be32aL,0x0000000000000127L },
-      { 0xeb4439ea67c7fd4bL,0x350117320a384db6L,0x19f9a3382046f5d4L,
-        0x5dbf9fcc72cacc46L,0x732caa319bb26921L,0xcd7c2088ca05b118L,
-        0x6c815494dbc0ca1bL,0x5334afab825890f6L,0x0000000000000053L } },
-    /* 29 << 518 */
-    { { 0xb38b3455cf0b627cL,0x9e5ecaf020af8835L,0x5e15ceeeea2dd64eL,
-        0xb99b86fad1f8ee12L,0x87af57750227a645L,0x0ee3dab2f604b581L,
-        0x473b2504e5187026L,0x00b2e9d3e92eae4dL,0x000000000000013eL },
-      { 0x609dd618331d29eeL,0x38cd2b0b4b99e2fbL,0xde71fb3f9242cff0L,
-        0x67ac8f5862f6689eL,0x0a99984caefeabbeL,0x6f5dfca538b281acL,
-        0x4a2a46d24dcbc8a0L,0xd595b07e6fed4a26L,0x000000000000016dL } },
-    /* 30 << 518 */
-    { { 0xff258a5138d1847dL,0x713ef4bd7f5e74f6L,0xe56ce9e3e0a0f09aL,
-        0x88f07760772a9159L,0xbc42bf932fb37fc9L,0xb8d9041cf0f2cba3L,
-        0x59dae6249a50cf7cL,0xb7546cb5920f1729L,0x0000000000000145L },
-      { 0xe310812c92011458L,0x9ef42383f158e9beL,0xb3b060fe5311f175L,
-        0x29af47ec20c5da5aL,0xd75668ccc0381df5L,0x6cdb1a0cf1bf133eL,
-        0x6abfb17042c02d7cL,0xf5984d2fd856c84bL,0x0000000000000169L } },
-    /* 31 << 518 */
-    { { 0xbaf9ebcc00544abaL,0x250f8366fe960dcfL,0xa0d3d15d76c4500aL,
-        0x858ea0e985f1322eL,0x443d0aadeaffd468L,0xda9043a709256191L,
-        0x4b83a0035aa2afa6L,0xed05f5bffe5f1395L,0x0000000000000004L },
-      { 0x50934ea9608abffcL,0x1299ef11a883495cL,0xb72333689792ef29L,
-        0xc7074a39f05483b7L,0x06ef2784274fa92bL,0x64e7feb67c864a48L,
-        0xf5fac1f878ca9ce3L,0x595b60d700b935dbL,0x0000000000000033L } },
-    /* 32 << 518 */
-    { { 0xdcd089e5c0f8abecL,0x2d11032081f91ec5L,0x244cef5d8d76055eL,
-        0x7202652d1c9bdd43L,0x396ebf25643f3ca7L,0x811a3695c983ac57L,
-        0x7d1f29a41e6e64caL,0x7cb13cec80827ae1L,0x00000000000000c5L },
-      { 0x16b59e9c2d5c560bL,0x18b069a09dd105e4L,0xb7fc826bb6bc0c3fL,
-        0xf6ab6c7485ea8193L,0x9c768ea01c4cdc7eL,0xa7a149b4d223cca5L,
-        0xa54dafdc8789b618L,0x2656cb46b17328c0L,0x0000000000000100L } },
-    /* 33 << 518 */
-    { { 0xe6ce0ca2ccc0b2a1L,0x3d569ba1cd0023f7L,0x41aecfdb81bb3a84L,
-        0x51d0e514bc37ca47L,0xcd8ea6a433b95775L,0x4bc287d36a213c69L,
-        0x25543e3133ecd721L,0x73b370fd37ccf58aL,0x00000000000001f8L },
-      { 0xc5f14160b6d87edcL,0xd2ad1fce324d39f3L,0x252c0755b8f7bbf5L,
-        0x9a0f47dec97f5775L,0x1d026aebd617bfd4L,0x63ba7c6abc086d63L,
-        0x6dc68bf907845053L,0x5a1ba87296198bb4L,0x00000000000000efL } },
-    /* 34 << 518 */
-    { { 0x71710160519269efL,0xf17dec367f1d6361L,0xf6dd6e7fcf9de894L,
-        0x9f85f14c98a3c278L,0xbf7a86440e5e618bL,0xfbbea240f4f1a389L,
-        0xc762aca8fedf3526L,0xec54e3323a3a1b77L,0x00000000000001daL },
-      { 0x1852de066a518668L,0xd05e9eef6cfab15dL,0xb13386cd6b10958bL,
-        0x793f12b5144bb551L,0x3ec0f36514ff524cL,0xc642095686e2cb96L,
-        0x926456f12381598bL,0xc5508ab0e8c1e2ddL,0x000000000000008dL } },
-    /* 35 << 518 */
-    { { 0x308b59c8e3990529L,0x58f149af2d350a55L,0x6b5f70129bf20ff0L,
-        0x07c324620658a155L,0xcace2e408f753462L,0xf9616b76e31fc89bL,
-        0xad31cff4b6013839L,0xdf2c921ab244102bL,0x000000000000015eL },
-      { 0xb8b3e02b30f6f32aL,0x072935e1835853fbL,0xd7d687c87364fa89L,
-        0x5109c823998e7aceL,0x9e821b0ba8d3f444L,0x75d6211efe652482L,
-        0x690314094b3f5025L,0xf8bf959ff42e9c5cL,0x000000000000002aL } },
-    /* 36 << 518 */
-    { { 0x7ea34b836dd01befL,0xc36e2120effab7a5L,0x1357672fb8845894L,
-        0x7f462c580162aa61L,0xb00958815bae0512L,0x55e27b8ef30be373L,
-        0x3b0b6882a1a367bfL,0x9177f7351f66d95fL,0x00000000000001c0L },
-      { 0xeef0eba1bfbe7524L,0x0cf73ed68025aa0dL,0xae531a884d9267fcL,
-        0x29042ea6a78a045dL,0xecebf42adb2582cfL,0x041babdc566d1be1L,
-        0x55c1d466cfe83774L,0x751c932b40e305abL,0x0000000000000162L } },
-    /* 37 << 518 */
-    { { 0x59d2d2af2193cc13L,0x0321329b5b8746b1L,0x5afef594d22686f7L,
-        0xb66fa579bf1807c2L,0xe3233a19a636faa9L,0x7e39da2f7c82dc5cL,
-        0x24967121715dbaddL,0x0010e24a686dd74cL,0x0000000000000055L },
-      { 0xaf5aa87ac1ab62b3L,0xdaec05ece1a7d955L,0x87e93b656fadda7cL,
-        0x12393f01825da2a4L,0x08ee17429d2b4552L,0xd83408c0f9e092fdL,
-        0x17e78cccf594ebb8L,0x26a3963bff074050L,0x000000000000012cL } },
-    /* 38 << 518 */
-    { { 0x43015ef7328a8d9aL,0xff26649d8c81d304L,0xfeba7112e6c1da31L,
-        0x0303b542f80a8273L,0xaff964a4d5d19085L,0x4060a313fce30f5bL,
-        0x85a6401a3f081f0eL,0x7aa4d2dacc3420a0L,0x000000000000008eL },
-      { 0x3d81528e43a2e0baL,0x749c5e9b3b58a1ceL,0x16e5014642f8c0e0L,
-        0x82223528dacd54e0L,0xe40c5e2bac8d0aabL,0x2e9c3c61230895d8L,
-        0x1644c4f2646b2a74L,0x2eafbc8ea5310192L,0x0000000000000159L } },
-    /* 39 << 518 */
-    { { 0xc16ec56246c1b5b8L,0x677befb255de0e93L,0x764c01d2d18a1543L,
-        0x4b979f483926716aL,0x9be5e4238be326dfL,0x147f78a5b3a2af6eL,
-        0x75629177f36fef7bL,0x3a96d62f01823e00L,0x00000000000000e8L },
-      { 0x286128a697b62907L,0x48c2f245fdb9850bL,0xe233637ed229d254L,
-        0xfb4df7ec5ae54770L,0x387dc9882a0a3a7cL,0x604f12b1f105eb2eL,
-        0x398f6905bef07679L,0x5083751a2d7f18b0L,0x0000000000000012L } },
-    /* 40 << 518 */
-    { { 0xad32e836a56a26ebL,0xad1e697d62485f0eL,0x4cd629607caa8694L,
-        0xdbab5d8129e36b0dL,0x6588f4fb48b7bd27L,0x19c33f2c0923c25fL,
-        0x0a630f121df8f0cfL,0xfeefce53333c63e9L,0x0000000000000045L },
-      { 0x241237a74ae15886L,0x5d11a892c355d430L,0x67ceab2fba945fa6L,
-        0xdb2b516730eaa436L,0x6f9cb6cd2cc960f3L,0x3419806b09e68210L,
-        0x52059822c4cd6e7fL,0xd0bdda660229c0c9L,0x000000000000018dL } },
-    /* 41 << 518 */
-    { { 0xec861da3ab5d5cf0L,0xc7af1e4ad923888dL,0xe0c32502daab79acL,
-        0xf178cf648a4086bbL,0x9a99b8ffd5c7079fL,0x0a2df19d05819dc9L,
-        0x12e792933db59087L,0xc125b64b6ce54c4bL,0x0000000000000102L },
-      { 0xf1961f714feacf50L,0xf969a84656d8ccd6L,0xa1efae3d911b043eL,
-        0xf62c80e1692f7287L,0xc117caea48a190a4L,0x0777c46d14839864L,
-        0x2899245a5a1d7208L,0x489b93c85e329852L,0x0000000000000105L } },
-    /* 42 << 518 */
-    { { 0x67d06d04789228a4L,0x51788e82bdc230afL,0xb7dcd90b32e890c4L,
-        0x1e5d0a7db5d4c8f4L,0x0a9e15ce595e67fdL,0x90b3c15dcf4e9fd4L,
-        0x49753038242e113dL,0xebadd5b8a2416549L,0x0000000000000118L },
-      { 0x45821571dfe7fc21L,0x1363988e803172ffL,0xc5a06b7ae06df609L,
-        0x24aaabec5b40db00L,0x6871707a9340097cL,0x47b919267335f997L,
-        0x785da39e65bde875L,0xf47f662e7fef2231L,0x0000000000000047L } },
-    /* 43 << 518 */
-    { { 0x84be109c1190402cL,0x66ecab5ef20a1cafL,0x1a4e611f0fa6f66cL,
-        0x195629f2aaf23b97L,0xd813525d7ebe9a01L,0x8f628e487ee7212eL,
-        0xb12fdfb811fce1e9L,0x94ed86ec2d2f395bL,0x00000000000001b6L },
-      { 0xaa6a3e5e3b167bccL,0xd70639961f5d7a11L,0xe4017cb2f17395a8L,
-        0xeaff0282476d9f46L,0x1831263f6eb0ac26L,0x04ac0c75bd7aec11L,
-        0x5e0d613a027c01fcL,0x2f4d1bd35bb6ae43L,0x00000000000001caL } },
-    /* 44 << 518 */
-    { { 0x08a92760d317c60cL,0x730d73839529b4b8L,0xfcf81c9d1a050f05L,
-        0x6b2cb8059f9e8bf5L,0xd7d7c79e30ff7124L,0x572a3a7f7206c662L,
-        0xe2052b8c4915d988L,0xa685a31e3d6cf04cL,0x0000000000000183L },
-      { 0x14408f423e71c584L,0x8f24d13415998073L,0x1ec3ad1995f62f3cL,
-        0xf2d8ea1803f06c8dL,0x8ddc0fd6087730a5L,0x7755ed4b280b7d59L,
-        0x26c885dbba67938cL,0x2559753627e81374L,0x000000000000013cL } },
-    /* 45 << 518 */
-    { { 0xfaff0f70b8eed132L,0x45e36c7d284499edL,0x0cb980c3774b8605L,
-        0x217eb3dc7c70ffa7L,0xc0f46f96c3c4a55bL,0x88d3b5cf8c437e4fL,
-        0x7cfcbf0e650eaf40L,0xad4698af733e59daL,0x000000000000017fL },
-      { 0x8b8c1f42717f2813L,0xaf5b8b163b4c78a2L,0x88db88f5c15667ffL,
-        0xf9c0433c0e0eff6cL,0xb9aab9524af85387L,0xfdc7d7932bde3019L,
-        0xdceb1293eb5d10baL,0xa7ee9901c53209e9L,0x00000000000001e2L } },
-    /* 46 << 518 */
-    { { 0x02c71a57c628f1c9L,0xd6b1756a6a8b91c6L,0xc5bec6323a95cbaeL,
-        0x788e2eb0d9409c68L,0x086d6859d7c3fbabL,0x3be49bdb1b498ad5L,
-        0x63f6e76e47bc20aaL,0x3b8aaea41745e23aL,0x0000000000000126L },
-      { 0xbdc9b39f76962e66L,0xad6828ee49abdb3dL,0x6fcb091222df1a3dL,
-        0x1efa4c062f1370b5L,0xff596ee1630b67e7L,0x03e4620cc21c76ffL,
-        0x2cb83ef480982394L,0x65937797baa10144L,0x000000000000002cL } },
-    /* 47 << 518 */
-    { { 0xd09c1c996956b64dL,0xa7fd39df54e71d6dL,0xb63b0c76d813eb3cL,
-        0xe6da21e09a7ccfe9L,0x1d15005aa5502e51L,0xd5358b4110306e2fL,
-        0x6abc6b4667ef79a8L,0x9b5b0ad67c7376efL,0x0000000000000055L },
-      { 0x31bf44b672e5d085L,0x561698e245ee9faeL,0x207d7fe17f532f76L,
-        0xde53af5d389577bbL,0x931929f2a9530967L,0x428e13ee8099f9c1L,
-        0xa20e4bfeabb6b4e6L,0x87d77ad792e6c4b7L,0x0000000000000165L } },
-    /* 48 << 518 */
-    { { 0xa779463d63ea6586L,0x055ac074f5dd2077L,0x5e63875b2be5d611L,
-        0x8261be993b1c53bbL,0x86137b7ba28e14b3L,0xf706d3c77e729ef5L,
-        0xb30413db74902555L,0xed91b88c4e15d0feL,0x00000000000000edL },
-      { 0x0cbbfb03cee5f36bL,0xb210122bb6bab7f4L,0xffa46c283d0cf2fcL,
-        0xa42293e28c05ff89L,0x014f499fa5642b7eL,0x80db63809c6e0d8aL,
-        0xa819787c51d901c9L,0x17662fa8a3201327L,0x0000000000000154L } },
-    /* 49 << 518 */
-    { { 0xdb65de61d1446dc2L,0xa3bdc9d05d8a4c19L,0x2701196f5c624bafL,
-        0x9bda0a41ef24ce3dL,0x9fb34528041c3b08L,0x7b5dbbf4242a51caL,
-        0x336ce5613766cfd8L,0x172c43d2641e0b85L,0x000000000000002eL },
-      { 0x996f146778312bf1L,0x3b4e1fd7426ce268L,0xcbb357014b673861L,
-        0x30c2caa09146cb8eL,0x9b4a4587e6a8d053L,0x6b1a1c3f252a928cL,
-        0xcce378f9f163f641L,0x82a416d80ce8fe1dL,0x00000000000000b2L } },
-    /* 50 << 518 */
-    { { 0x09dc0454add144caL,0x281f6fd9cd8ab4aeL,0xaf4cfdfcb0f1c86aL,
-        0x439e1747e494b168L,0x3e49a5b3e4c400b5L,0x9757873935ded33aL,
-        0xab59dd9ec2a6a22aL,0x4922cb7ceac1e123L,0x00000000000001b7L },
-      { 0xccd8982904d455c4L,0xffafdce83923bdd5L,0xd2a6a8fcbf1c6558L,
-        0xd17a45eaf484c27bL,0x2c39c953d970815fL,0x8fb6670af00d8f91L,
-        0x62182f42a31b339cL,0x5cc40112d38c0768L,0x000000000000012aL } },
-    /* 51 << 518 */
-    { { 0xb308f945331cb928L,0x602999521379ba9fL,0x20f27b4cd0fa31adL,
-        0x88eb30063b553ecfL,0x5c19d8c07231e4bbL,0x9c5844dbc4b5961eL,
-        0x9a5e28be582da2d3L,0x4d9a6de0e85fbb1bL,0x00000000000001dfL },
-      { 0xc22621adab9cc6e0L,0x4679d909c4d8e5e2L,0x917e8cff3e8c3c9eL,
-        0xd9b13e821a1925d6L,0x0c173503c81d5d3bL,0x8cb10799e7e3931eL,
-        0xa1e340b7315c7107L,0x0337254e99f39258L,0x000000000000013dL } },
-    /* 52 << 518 */
-    { { 0x525c70348e080aa6L,0xfb65650b703a31d0L,0xb3c9fc909708778bL,
-        0x712babdd5c0de950L,0x2336b614cf922a9cL,0xc9c01fdb2d1541ccL,
-        0x3b0b5acdda984124L,0xc16edb3e5ca5237eL,0x0000000000000031L },
-      { 0x16d195dcba96a3b1L,0xaeb795135b2d839eL,0xff7ca75c3f468379L,
-        0x195ebf452f7a4eccL,0x368bf1ac2cba9fc8L,0x282778c5ad79da65L,
-        0x1ae709a382204582L,0x60da306180e162fcL,0x00000000000000a7L } },
-    /* 53 << 518 */
-    { { 0xc5c076fd98c1993dL,0x7c963fe6af6e50a2L,0x39921d140591b832L,
-        0xaf817e598e6e78b6L,0x7d20b47053141d98L,0x80209dde2675b748L,
-        0x9784d850f911da2eL,0x10d14b67cc679952L,0x0000000000000024L },
-      { 0xf6f7b8551a80d7cdL,0x68fb06ce0d84480fL,0x9d0df3bf450048d6L,
-        0x14848bbe6d416a5aL,0x3191edc563436e69L,0x53daff59f90fac77L,
-        0x331714fb6c2043f8L,0xb67695bf641cb68fL,0x00000000000001bbL } },
-    /* 54 << 518 */
-    { { 0x2568730c4e5e6dbdL,0x81765faf80c64f5cL,0xbf19f28c6c1e36c7L,
-        0x0530e9a6294bd1c2L,0x80e2e102e4043658L,0x0af1e3845ac951ddL,
-        0x37d8ca04a7cc44b8L,0xf767884a3d138475L,0x0000000000000189L },
-      { 0x8ab296a48ae43c93L,0xc0bda5e841f22f63L,0xb61e12430abf701fL,
-        0xa2d6b5360284b234L,0xb417271d9c8e1f29L,0x9377f53ad346e17bL,
-        0xc9410ca7a8843d62L,0x1d304904fe0dd739L,0x0000000000000118L } },
-    /* 55 << 518 */
-    { { 0x42e9239b9ab2b245L,0x2d966c1a1f9e9cddL,0xa2798c7ef19af9a5L,
-        0xde254ef83c79337eL,0x07c5da22f1db6f95L,0x50875be600a3c98cL,
-        0x2bfa5c26b48438f3L,0xb0ad90e5ab0a8365L,0x00000000000000c1L },
-      { 0x83161fcd3bd1626eL,0xa7863bf855e209d5L,0x9d6ecef0d103b98bL,
-        0x885bdf21f0c55498L,0xbe3cc09af953d02cL,0x7fe7985326d91204L,
-        0x9016e8e4f2f0e08aL,0x051fa6822376d502L,0x0000000000000001L } },
-    /* 56 << 518 */
-    { { 0xcab77140311cc347L,0xab8125d2c64bb9ebL,0x834317210e447719L,
-        0x1b072b94ad7f9bc5L,0xdb70c295ccff1aa9L,0x174b731e8969d354L,
-        0x70c0a462f5761c43L,0x14790895dff9a408L,0x000000000000006eL },
-      { 0xefc566d58f909123L,0x2775b7a810896ca6L,0xfe6927ca0b71973bL,
-        0x40babac2b4c9929aL,0x9610d5214bd6f041L,0x82b6d9da8f075949L,
-        0xcb2129e21e7a406cL,0x85389f05106af2acL,0x00000000000000cbL } },
-    /* 57 << 518 */
-    { { 0x30525170711ceca4L,0x754f1f1fba0c3956L,0x5d7049a8c91b73f8L,
-        0xda62d9a77e22f0b1L,0xcd64a052ed6bda8eL,0x174eca531b83dc5dL,
-        0xb4d7576bd3a8c49bL,0x172d6c7526d15902L,0x00000000000000f7L },
-      { 0x88267b378585b54eL,0x8715a8b010b85121L,0xc944f85d6db0be9eL,
-        0x6ca6dec0e92656b0L,0xa141e7cb217c6ed3L,0xd12f342527240ab2L,
-        0x8529f959942ffa5dL,0x4a1a975915792f32L,0x00000000000001c4L } },
-    /* 58 << 518 */
-    { { 0xfb2ad1ae78825be2L,0xb9c0cfcb5f9f377eL,0xb4cd68b823ec81dfL,
-        0xe48d71227620fa13L,0xf0292c9ccfeafd26L,0xd9e5e727625273a6L,
-        0x7aaf3da42a9aafd3L,0x072f0f48a3df15deL,0x000000000000009eL },
-      { 0x623b2ce93036834dL,0x85e00d655518c1c9L,0xcdb55dcfda8ec9c0L,
-        0xe4cfb058df8e18e1L,0xb10fe1db3f381211L,0x26a05c013c5387ddL,
-        0x6860765d2cd4e482L,0xada5d4823d37a01fL,0x0000000000000018L } },
-    /* 59 << 518 */
-    { { 0xe08a1d582f54610aL,0x0aa2efe66ea27082L,0xf32250e8475f591aL,
-        0x38be597af2bdfed6L,0xf13a28e9717532d1L,0xc01feb0de7c1df76L,
-        0xdb9be38e8b96c944L,0xf0700bfe26ea3f6dL,0x000000000000016dL },
-      { 0x963cd0aa82274bcdL,0xc1ed66e6de2ab836L,0x81c6f2e2cc08c42dL,
-        0xed9224a1e00d896eL,0x0ebe4ff069747a38L,0x2e70f9a40130a3a7L,
-        0xeb9cc3eb55451096L,0xa84de8cfa12cec75L,0x0000000000000145L } },
-    /* 60 << 518 */
-    { { 0x28b801584810ce1dL,0xa18f01cf9cd2a530L,0x3f882662bbacc56bL,
-        0x25a09082c8de9031L,0xee333f92c75a3487L,0xc3f231d78c93dc3cL,
-        0x6d53379ad94c4907L,0x1176368211f2d227L,0x00000000000001acL },
-      { 0x137ae216ab84de42L,0xbc00a7c1e4ee4c73L,0x8a42aeb8fc12b03cL,
-        0x9a717ff1cf6a0950L,0x18cbebe30158b96cL,0x0184646550953719L,
-        0x2c73bd13194fdb1eL,0xbd52a1cf3b0d2c34L,0x0000000000000022L } },
-    /* 61 << 518 */
-    { { 0x5da94915f61f7493L,0x661d3e6efe554d0dL,0x1853f3fd93d6395eL,
-        0x917faaca248a6a8fL,0x31e81318e038ae34L,0xd2cf0cefafe38491L,
-        0x49a2e5083c999b79L,0xd5ba94f8a42b9ea7L,0x000000000000000cL },
-      { 0x0bf5a0fd34c430a3L,0x4cb5013ee01f0d5cL,0x7ea690e6337f036cL,
-        0x128d92118d55e026L,0x1d2e25df6ab8ed2dL,0x95e530878237cd22L,
-        0xba3649ec2875bcd7L,0x6b2be67f654dcff2L,0x00000000000001f2L } },
-    /* 62 << 518 */
-    { { 0x421f3e959e2146f0L,0x3a7b0161b2e052acL,0xefd12db1a6cb7e61L,
-        0x887566316bd4bed8L,0x8bc563448c568736L,0xd0ae1019a26bac6bL,
-        0x678f366193311795L,0x11bc3650f625f4a2L,0x00000000000001a8L },
-      { 0x50c943cc23ab8aa1L,0x6aaba8bf2d3b3339L,0x6727f7ffac79f93eL,
-        0x130c2153cba525a4L,0x6759f8f842058fc0L,0x356b182901c30b3bL,
-        0x0bd3aa809078f323L,0x70cd052134621f20L,0x0000000000000071L } },
-    /* 63 << 518 */
-    { { 0xf124aa8bfa466654L,0xf48e0a111882da37L,0x57ea7b2bd0aa1f09L,
-        0x1936fe19589bd6a7L,0xe9f2fb054bd7d150L,0x390250f71df9add6L,
-        0xd69670f24f8651e8L,0xbc7b1bf3e03566c0L,0x00000000000000c4L },
-      { 0xc3b757b4b30e6c6bL,0xdb2c75c2e95c319bL,0x2790396f3aab64b1L,
-        0x9709df8df6768599L,0xc2a91d3204ced567L,0x561cef3c43ead6e4L,
-        0xea56fb57983d1f3eL,0x2f15dfabc0b397f3L,0x0000000000000076L } },
-    /* 64 << 518 */
-    { { 0xcd6151c20e6a4eceL,0x884e5e75a2840752L,0xa6752672c41b64b7L,
-        0x7585f7cbd5cd2b79L,0xac8f7a1c892fb84dL,0xfdb20c7432a80f6fL,
-        0xaec2531339c7ecfeL,0xc84d7c5c93b1e75bL,0x000000000000011bL },
-      { 0x30ab00a3bc363066L,0xd9a0ab44d371d11cL,0x13697c6aab047490L,
-        0x1adffb54a57574cdL,0x753eafa0e548b99bL,0x51abf774a7f0df39L,
-        0xe8fab02c903eaee9L,0xdf2f5e8af7542020L,0x00000000000000faL } },
-};
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_521 v[75];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_ecc_recode_7_9(k, v);
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        i = 74;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_65_9(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_65_9(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_521_proj_point_add_qz1_9(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_521_map_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_add_only_9(r, NULL, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, km);
-
-            err = sp_521_ecc_mulmod_base_9(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_9(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_9(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-static void sp_521_add_one_9(sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x1, x2, [%[a], 0]\n\t"
-        "adds	x1, x1, #1\n\t"
-        "ldr	x3, [%[a], 16]\n\t"
-        "adcs	x2, x2, xzr\n\t"
-        "ldr	x4, [%[a], 24]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "stp	x1, x2, [%[a], 0]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "stp	x3, x4, [%[a], 16]\n\t"
-        "ldp	x1, x2, [%[a], 32]\n\t"
-        "adcs	x1, x1, xzr\n\t"
-        "ldr	x3, [%[a], 48]\n\t"
-        "adcs	x2, x2, xzr\n\t"
-        "ldr	x4, [%[a], 56]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "stp	x1, x2, [%[a], 32]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "stp	x3, x4, [%[a], 48]\n\t"
-        "ldr	x1, [%[a], 64]\n\t"
-        "adcs	x1, x1, xzr\n\t"
-        "str	x1, [%[a], 64]\n\t"
-        :
-        : [a] "r" (a)
-        : "memory", "x1", "x2", "x3", "x4", "cc"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 9, buf, (int)sizeof(buf));
-            if (sp_521_cmp_9(k, p521_order2) <= 0) {
-                sp_521_add_one_9(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 9);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_9(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_9(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_9(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_9(point->x) || sp_521_iszero_9(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-    sp_digit k[9];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_9(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_9(ctx->point->x) ||
-                    sp_521_iszero_9(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_9(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_9(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    a[j++] = r[8] >> 8;
-    a[j++] = r[8] >> 0;
-    for (i = 7; i >= 0; i--, j += 8) {
-        __asm__ __volatile__ (
-            "ldr	x4, [%[r]]\n\t"
-        #ifdef LITTLE_ENDIAN_ORDER
-            "rev	x4, x4\n\t"
-        #endif
-            "str	x4, [%[a]]\n\t"
-            :
-            : [r] "r" (r + i), [a] "r" (a + j)
-            : "memory", "x4"
-        );
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, priv);
-        sp_521_point_from_ecc_point_9(point, pub);
-            err = sp_521_ecc_mulmod_9(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_9(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-    };
-    sp_digit k[9];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 9, priv);
-            sp_521_point_from_ecc_point_9(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_9(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_9(r, a, b);
-    sp_521_mont_reduce_order_9(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word64 p521_order_minus_2[9] = {
-    0xbb6fb71e91386407U,0x3bb5c9b8899c47aeU,0x7fcc0148f709a5d0U,
-    0x51868783bf2f966bU,0xfffffffffffffffaU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0x00000000000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word64 p521_order_low[5] = {
-    0xbb6fb71e91386407U,0x3bb5c9b8899c47aeU,0x7fcc0148f709a5d0U,
-    0x51868783bf2f966bU,0xfffffffffffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_9(r, a);
-    sp_521_mont_reduce_order_9(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_9(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_9(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_9_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_9_ctx;
-static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_9_ctx* ctx = (sp_521_mont_inv_order_9_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 9);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_9(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_9(t, t);
-        if ((p521_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_9(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_9(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_9(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_9(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_9(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_9(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_9(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_9(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_9(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_9(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_9(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_9(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_9(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_9(t2, t2);
-        if ((p521_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_9(t2, t2);
-    sp_521_mont_mul_order_9(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_9(k, k, p521_norm_order);
-    err = sp_521_mod_9(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_9(k);
-
-        /* kInv = 1/k mod order */
-            sp_521_mont_inv_order_9(kInv, k, tmp);
-        sp_521_norm_9(kInv);
-
-        /* s = r * x + e */
-            sp_521_mul_9(x, x, r);
-        err = sp_521_mod_9(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_9(x);
-        carry = sp_521_add_9(s, e, x);
-        sp_521_cond_sub_9(s, s, p521_order, 0 - carry);
-        sp_521_norm_9(s);
-        c = sp_521_cmp_9(s, p521_order);
-        sp_521_cond_sub_9(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(s);
-
-        /* s = s * k^-1 mod order */
-            sp_521_mont_mul_order_9(s, s, kInv);
-        sp_521_norm_9(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 9);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 9;
-        k = e + 4 * 9;
-        r = e + 6 * 9;
-        tmp = e + 8 * 9;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_9(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 9, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_521_ecc_mulmod_base_9(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 9U);
-            sp_521_norm_9(r);
-            c = sp_521_cmp_9(r, p521_order);
-            sp_521_cond_sub_9(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_9(r);
-
-            if (!sp_521_iszero_9(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 9, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 9, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_9(e, e, 7);
-                }
-
-                err = sp_521_calc_s_9(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_9(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_521_mont_inv_order_9_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*9];
-    sp_digit x[2*9];
-    sp_digit k[2*9];
-    sp_digit r[2*9];
-    sp_digit tmp[3 * 2*9];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_9(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 9, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 9U);
-        sp_521_norm_9(ctx->r);
-        c = sp_521_cmp_9(ctx->r, p521_order);
-        sp_521_cond_sub_9(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 9, priv);
-        sp_521_from_bin(ctx->e, 9, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_9(ctx->e, ctx->e, 7);
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_9(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_9(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_9(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_9(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_9(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_9(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_521_norm_9(ctx->x);
-        carry = sp_521_add_9(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_9(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_9(ctx->s);
-        c = sp_521_cmp_9(ctx->s, p521_order);
-        sp_521_cond_sub_9(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_9(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_9(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_9(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 9U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-static void sp_521_div2_mod_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	x3, [%[a], 0]\n\t"
-        "ldr	x4, [%[a], 8]\n\t"
-        "ldr	x5, [%[a], 16]\n\t"
-        "ldr	x6, [%[a], 24]\n\t"
-        "ldr	x7, [%[a], 32]\n\t"
-        "ldr	x8, [%[a], 40]\n\t"
-        "ldr	x9, [%[a], 48]\n\t"
-        "ldr	x10, [%[a], 56]\n\t"
-        "ldr	x11, [%[a], 64]\n\t"
-        "ldr	x12, [%[m], 0]\n\t"
-        "ldr	x13, [%[m], 8]\n\t"
-        "ldr	x14, [%[m], 16]\n\t"
-        "ldr	x15, [%[m], 24]\n\t"
-        "ldr	x16, [%[m], 32]\n\t"
-        "ldr	x17, [%[m], 40]\n\t"
-        "ldr	x19, [%[m], 48]\n\t"
-        "ldr	x20, [%[m], 56]\n\t"
-        "ldr	x21, [%[m], 64]\n\t"
-        "ands	x22, x3, 1\n\t"
-        "b.eq	1f\n\t"
-        "adds	x3, x3, x12\n\t"
-        "adcs	x4, x4, x13\n\t"
-        "adcs	x5, x5, x14\n\t"
-        "adcs	x6, x6, x15\n\t"
-        "adcs	x7, x7, x16\n\t"
-        "adcs	x8, x8, x17\n\t"
-        "adcs	x9, x9, x19\n\t"
-        "adcs	x10, x10, x20\n\t"
-        "adcs	x11, x11, x21\n\t"
-        "cset	x22, cs\n\t"
-        "\n1:\n\t"
-        "extr	x3, x4, x3, 1\n\t"
-        "extr	x4, x5, x4, 1\n\t"
-        "extr	x5, x6, x5, 1\n\t"
-        "extr	x6, x7, x6, 1\n\t"
-        "extr	x7, x8, x7, 1\n\t"
-        "extr	x8, x9, x8, 1\n\t"
-        "extr	x9, x10, x9, 1\n\t"
-        "extr	x10, x11, x10, 1\n\t"
-        "extr	x11, x22, x11, 1\n\t"
-        "str	x3, [%[r], 0]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "str	x6, [%[r], 24]\n\t"
-        "str	x7, [%[r], 32]\n\t"
-        "str	x8, [%[r], 40]\n\t"
-        "str	x9, [%[r], 48]\n\t"
-        "str	x10, [%[r], 56]\n\t"
-        "str	x11, [%[r], 64]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
-    );
-}
-
-static int sp_521_num_bits_64_9(sp_digit n)
-{
-    int64_t r = -1;
-
-    __asm__ __volatile__ (
-        "mov	x1, 64\n\t"
-        "clz	%[r], %[n]\n\t"
-        "sub	%[r], x1, %[r]"
-        : [r] "+r" (r)
-        : [n] "r" (n)
-        : "x1"
-    );
-
-    return (int)(r + 1);
-}
-
-static int sp_521_num_bits_9(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i=8; i>=0; i--) {
-        if (a[i] != 0) {
-            r = sp_521_num_bits_64_9(a[i]);
-            r += i * 64;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[9];
-    sp_digit v[9];
-    sp_digit b[9];
-    sp_digit d[9];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_521_num_bits_9(u);
-    vt = sp_521_num_bits_9(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_521_rshift1_9(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_521_rshift1_9(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_521_rshift1_9(v, v);
-            sp_521_div2_mod_9(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_9(u, v) >= 0))) {
-            sp_521_sub_9(u, u, v);
-            o = sp_521_sub_9(b, b, d);
-            if (o != 0)
-                sp_521_add_9(b, b, m);
-            ut = sp_521_num_bits_9(u);
-
-            do {
-                sp_521_rshift1_9(u, u);
-                sp_521_div2_mod_9(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_521_sub_9(v, v, u);
-            o = sp_521_sub_9(d, d, b);
-            if (o != 0)
-                sp_521_add_9(d, d, m);
-            vt = sp_521_num_bits_9(v);
-
-            do {
-                sp_521_rshift1_9(v, v);
-                sp_521_div2_mod_9(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-
-        sp_521_proj_point_add_9(p1, p1, p2, tmp);
-    if (sp_521_iszero_9(p1->z)) {
-        if (sp_521_iszero_9(p1->x) && sp_521_iszero_9(p1->y)) {
-                sp_521_proj_point_dbl_9(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_9(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_521_mul_9(s, s, p521_norm_order);
-        err = sp_521_mod_9(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_9(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_521_mont_inv_order_9(s, s, tmp);
-            sp_521_mont_mul_order_9(u1, u1, s);
-            sp_521_mont_mul_order_9(u2, u2, s);
-        }
-#else
-        {
-            sp_521_mont_mul_order_9(u1, u1, s);
-            sp_521_mont_mul_order_9(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_521_ecc_mulmod_base_9(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_9(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_9(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_9(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_9(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 9);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 9;
-        s   = u1 + 4 * 9;
-        tmp = u1 + 6 * 9;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 9, hash, (int)hashLen);
-        sp_521_from_mp(u2, 9, rm);
-        sp_521_from_mp(s, 9, sm);
-        sp_521_from_mp(p2->x, 9, pX);
-        sp_521_from_mp(p2->y, 9, pY);
-        sp_521_from_mp(p2->z, 9, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_9(u1, u1, 7);
-        }
-
-        err = sp_521_calc_vfy_point_9(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 9, rm);
-        err = sp_521_mod_mul_norm_9(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_521_mont_sqr_9(p1->z, p1->z, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_9(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 9, rm);
-            carry = sp_521_add_9(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_9(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_9(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_9(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_521_mont_mul_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_9(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_521_mont_inv_order_9_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_9_ctx dbl_ctx;
-        sp_521_proj_point_add_9_ctx add_ctx;
-    };
-    sp_digit u1[2*9];
-    sp_digit u2[2*9];
-    sp_digit s[2*9];
-    sp_digit tmp[2*9 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 9, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 9, rm);
-        sp_521_from_mp(ctx->s, 9, sm);
-        sp_521_from_mp(ctx->p2.x, 9, pX);
-        sp_521_from_mp(ctx->p2.y, 9, pY);
-        sp_521_from_mp(ctx->p2.z, 9, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_9(ctx->u1, ctx->u1, 7);
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_9(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_9(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_9(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_9(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_9(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_9(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_9(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_9_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 9, rm);
-        err = sp_521_mod_mul_norm_9(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_9(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_9(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 9, rm);
-            carry = sp_521_add_9(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_9(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_9(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_9(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_9(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_9(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 9 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 9 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 9;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_9(t1, point->y);
-        (void)sp_521_mod_9(t1, t1, p521_mod);
-        sp_521_sqr_9(t2, point->x);
-        (void)sp_521_mod_9(t2, t2, p521_mod);
-        sp_521_mul_9(t2, t2, point->x);
-        (void)sp_521_mod_9(t2, t2, p521_mod);
-        sp_521_mont_sub_9(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_9(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 9, pX);
-        sp_521_from_mp(pub->y, 9, pY);
-        sp_521_from_bin(pub->z, 9, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_9(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 9);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 9, pX);
-        sp_521_from_mp(pub->y, 9, pY);
-        sp_521_from_bin(pub->z, 9, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 9, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_9(pub->x) != 0) &&
-            (sp_521_iszero_9(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_9(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_9(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_9(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_521_ecc_mulmod_9(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_9(p->x) == 0) ||
-                             (sp_521_iszero_9(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_521_ecc_mulmod_base_9(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_9(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_9(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        sp_521_from_mp(q->x, 9, qX);
-        sp_521_from_mp(q->y, 9, qY);
-        sp_521_from_mp(q->z, 9, qZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-        q->infinity = sp_521_iszero_9(q->x) &
-                      sp_521_iszero_9(q->y);
-
-            sp_521_proj_point_add_9(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-
-            sp_521_proj_point_dbl_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-
-            sp_521_map_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word64 p521_sqrt_power[9] = {
-    0x0000000000000000,0x0000000000000000,0x0000000000000000,
-    0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000,
-    0x0000000000000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_9(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 9);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64)))
-                    sp_521_mont_mul_9(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 9);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 9);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 9;
-
-        sp_521_from_mp(x, 9, xm);
-        err = sp_521_mod_mul_norm_9(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_521_mont_sqr_9(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_9(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_9(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_9(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_9(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 9, 0, 9U * sizeof(sp_digit));
-        sp_521_mont_reduce_9(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_9(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 16];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 16];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 16];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_1024_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[a], 0]\n\t"
-        "ldp	x10, x11, [%[a], 16]\n\t"
-        "ldp	x12, x13, [%[a], 32]\n\t"
-        "ldp	x14, x15, [%[a], 48]\n\t"
-        "ldp	x16, x17, [%[b], 0]\n\t"
-        "ldp	x19, x20, [%[b], 16]\n\t"
-        "ldp	x21, x22, [%[b], 32]\n\t"
-        "ldp	x23, x24, [%[b], 48]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul	x3, x8, x16\n\t"
-        "umulh	x4, x8, x16\n\t"
-        "str	x3, [%[r]]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul	x6, x8, x17\n\t"
-        "umulh	x7, x8, x17\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul	x6, x9, x16\n\t"
-        "adc	x5, xzr, x7\n\t"
-        "umulh	x7, x9, x16\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul	x6, x8, x19\n\t"
-        "umulh	x7, x8, x19\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul	x6, x9, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x17\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul	x6, x10, x16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul	x6, x8, x20\n\t"
-        "umulh	x7, x8, x20\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul	x6, x9, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x19\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul	x6, x10, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul	x6, x11, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[4]\n\t"
-        "mul	x6, x8, x21\n\t"
-        "umulh	x7, x8, x21\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul	x6, x9, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x20\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul	x6, x10, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul	x6, x11, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[0]\n\t"
-        "mul	x6, x12, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[0] * B[5]\n\t"
-        "mul	x6, x8, x22\n\t"
-        "umulh	x7, x8, x22\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[1] * B[4]\n\t"
-        "mul	x6, x9, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x9, x21\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul	x6, x10, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul	x6, x11, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[1]\n\t"
-        "mul	x6, x12, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[0]\n\t"
-        "mul	x6, x13, x16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x16\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[0] * B[6]\n\t"
-        "mul	x6, x8, x23\n\t"
-        "umulh	x7, x8, x23\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[1] * B[5]\n\t"
-        "mul	x6, x9, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x9, x22\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[2] * B[4]\n\t"
-        "mul	x6, x10, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x10, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul	x6, x11, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[2]\n\t"
-        "mul	x6, x12, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[1]\n\t"
-        "mul	x6, x13, x17\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x17\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[0]\n\t"
-        "mul	x6, x14, x16\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[0] * B[7]\n\t"
-        "mul	x6, x8, x24\n\t"
-        "umulh	x7, x8, x24\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[1] * B[6]\n\t"
-        "mul	x6, x9, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x9, x23\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[2] * B[5]\n\t"
-        "mul	x6, x10, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x10, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[3] * B[4]\n\t"
-        "mul	x6, x11, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x11, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[3]\n\t"
-        "mul	x6, x12, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[2]\n\t"
-        "mul	x6, x13, x19\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x19\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[1]\n\t"
-        "mul	x6, x14, x17\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x17\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[0]\n\t"
-        "mul	x6, x15, x16\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x16\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[1] * B[7]\n\t"
-        "mul	x6, x9, x24\n\t"
-        "umulh	x7, x9, x24\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[2] * B[6]\n\t"
-        "mul	x6, x10, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x10, x23\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[3] * B[5]\n\t"
-        "mul	x6, x11, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x11, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[4] * B[4]\n\t"
-        "mul	x6, x12, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x12, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[3]\n\t"
-        "mul	x6, x13, x20\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x20\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[2]\n\t"
-        "mul	x6, x14, x19\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x19\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[1]\n\t"
-        "mul	x6, x15, x17\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x17\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[2] * B[7]\n\t"
-        "mul	x6, x10, x24\n\t"
-        "umulh	x7, x10, x24\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[3] * B[6]\n\t"
-        "mul	x6, x11, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x11, x23\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[4] * B[5]\n\t"
-        "mul	x6, x12, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x12, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[5] * B[4]\n\t"
-        "mul	x6, x13, x21\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x13, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[3]\n\t"
-        "mul	x6, x14, x20\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[2]\n\t"
-        "mul	x6, x15, x19\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x19\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[3] * B[7]\n\t"
-        "mul	x6, x11, x24\n\t"
-        "umulh	x7, x11, x24\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[4] * B[6]\n\t"
-        "mul	x6, x12, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x12, x23\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[5] * B[5]\n\t"
-        "mul	x6, x13, x22\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x13, x22\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[6] * B[4]\n\t"
-        "mul	x6, x14, x21\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x14, x21\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[3]\n\t"
-        "mul	x6, x15, x20\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x20\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[4] * B[7]\n\t"
-        "mul	x6, x12, x24\n\t"
-        "umulh	x7, x12, x24\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[5] * B[6]\n\t"
-        "mul	x6, x13, x23\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x13, x23\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[6] * B[5]\n\t"
-        "mul	x6, x14, x22\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x14, x22\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "#  A[7] * B[4]\n\t"
-        "mul	x6, x15, x21\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, x15, x21\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adc	x4, x4, xzr\n\t"
-        "#  A[5] * B[7]\n\t"
-        "mul	x6, x13, x24\n\t"
-        "umulh	x7, x13, x24\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[6] * B[6]\n\t"
-        "mul	x6, x14, x23\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x14, x23\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "#  A[7] * B[5]\n\t"
-        "mul	x6, x15, x22\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "umulh	x7, x15, x22\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "#  A[6] * B[7]\n\t"
-        "mul	x6, x14, x24\n\t"
-        "umulh	x7, x14, x24\n\t"
-        "adds	x4, x4, x6\n\t"
-        "#  A[7] * B[6]\n\t"
-        "mul	x6, x15, x23\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "umulh	x7, x15, x23\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "#  A[7] * B[7]\n\t"
-        "mul	x6, x15, x24\n\t"
-        "umulh	x7, x15, x24\n\t"
-        "adds	x5, x5, x6\n\t"
-        "adc	x3, x3, x7\n\t"
-        "stp	x5, x3, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "cc"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * All registers version.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp       x21, x22, [%[a], 0]\n\t"
-        "ldp       x23, x24, [%[a], 16]\n\t"
-        "ldp       x25, x26, [%[a], 32]\n\t"
-        "ldp       x27, x28, [%[a], 48]\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul       x6, x21, x22\n\t"
-        "umulh     x7, x21, x22\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul       x4, x21, x23\n\t"
-        "umulh     x5, x21, x23\n\t"
-        "adds  x7, x7, x4\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul       x4, x21, x24\n\t"
-        "adc   x8, xzr, x5\n\t"
-        "umulh     x5, x21, x24\n\t"
-        "adds  x8, x8, x4\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul       x4, x22, x23\n\t"
-        "adc   x9, xzr, x5\n\t"
-        "umulh     x5, x22, x23\n\t"
-        "adds  x8, x8, x4\n\t"
-        "#  A[0] * A[4]\n\t"
-        "mul       x4, x21, x25\n\t"
-        "adcs   x9, x9, x5\n\t"
-        "umulh     x5, x21, x25\n\t"
-        "adc     x10, xzr, xzr\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul       x4, x22, x24\n\t"
-        "adc   x10, x10, x5\n\t"
-        "umulh     x5, x22, x24\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[0] * A[5]\n\t"
-        "mul       x4, x21, x26\n\t"
-        "adcs   x10, x10, x5\n\t"
-        "umulh     x5, x21, x26\n\t"
-        "adc     x11, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[1] * A[4]\n\t"
-        "mul       x4, x22, x25\n\t"
-        "adc   x11, x11, x5\n\t"
-        "umulh     x5, x22, x25\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul       x4, x23, x24\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x23, x24\n\t"
-        "adc     x12, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[0] * A[6]\n\t"
-        "mul       x4, x21, x27\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x21, x27\n\t"
-        "adc     x12, x12, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[1] * A[5]\n\t"
-        "mul       x4, x22, x26\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x22, x26\n\t"
-        "adc     x13, xzr, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[2] * A[4]\n\t"
-        "mul       x4, x23, x25\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x23, x25\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[0] * A[7]\n\t"
-        "mul       x4, x21, x28\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x21, x28\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[1] * A[6]\n\t"
-        "mul       x4, x22, x27\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x22, x27\n\t"
-        "adc     x14, xzr, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[2] * A[5]\n\t"
-        "mul       x4, x23, x26\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x23, x26\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[3] * A[4]\n\t"
-        "mul       x4, x24, x25\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x24, x25\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[1] * A[7]\n\t"
-        "mul       x4, x22, x28\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x22, x28\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[2] * A[6]\n\t"
-        "mul       x4, x23, x27\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x23, x27\n\t"
-        "adc     x15, xzr, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[3] * A[5]\n\t"
-        "mul       x4, x24, x26\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x24, x26\n\t"
-        "adc     x15, x15, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[2] * A[7]\n\t"
-        "mul       x4, x23, x28\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x23, x28\n\t"
-        "adc     x15, x15, xzr\n\t"
-        "adds  x14, x14, x4\n\t"
-        "#  A[3] * A[6]\n\t"
-        "mul       x4, x24, x27\n\t"
-        "adcs   x15, x15, x5\n\t"
-        "umulh     x5, x24, x27\n\t"
-        "adc     x16, xzr, xzr\n\t"
-        "adds  x14, x14, x4\n\t"
-        "#  A[4] * A[5]\n\t"
-        "mul       x4, x25, x26\n\t"
-        "adcs   x15, x15, x5\n\t"
-        "umulh     x5, x25, x26\n\t"
-        "adc     x16, x16, xzr\n\t"
-        "adds  x14, x14, x4\n\t"
-        "#  A[3] * A[7]\n\t"
-        "mul       x4, x24, x28\n\t"
-        "adcs   x15, x15, x5\n\t"
-        "umulh     x5, x24, x28\n\t"
-        "adc     x16, x16, xzr\n\t"
-        "adds  x15, x15, x4\n\t"
-        "#  A[4] * A[6]\n\t"
-        "mul       x4, x25, x27\n\t"
-        "adcs   x16, x16, x5\n\t"
-        "umulh     x5, x25, x27\n\t"
-        "adc     x17, xzr, xzr\n\t"
-        "adds  x15, x15, x4\n\t"
-        "#  A[4] * A[7]\n\t"
-        "mul       x4, x25, x28\n\t"
-        "adcs   x16, x16, x5\n\t"
-        "umulh     x5, x25, x28\n\t"
-        "adc     x17, x17, xzr\n\t"
-        "adds  x16, x16, x4\n\t"
-        "#  A[5] * A[6]\n\t"
-        "mul       x4, x26, x27\n\t"
-        "adcs   x17, x17, x5\n\t"
-        "umulh     x5, x26, x27\n\t"
-        "adc     x19, xzr, xzr\n\t"
-        "adds  x16, x16, x4\n\t"
-        "#  A[5] * A[7]\n\t"
-        "mul       x4, x26, x28\n\t"
-        "adcs   x17, x17, x5\n\t"
-        "umulh     x5, x26, x28\n\t"
-        "adc     x19, x19, xzr\n\t"
-        "adds  x17, x17, x4\n\t"
-        "#  A[6] * A[7]\n\t"
-        "mul       x4, x27, x28\n\t"
-        "adcs   x19, x19, x5\n\t"
-        "umulh     x5, x27, x28\n\t"
-        "adc     x20, xzr, xzr\n\t"
-        "adds  x19, x19, x4\n\t"
-        "adc   x20, x20, x5\n\t"
-        "# Double\n\t"
-        "adds	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "adcs	x12, x12, x12\n\t"
-        "adcs	x13, x13, x13\n\t"
-        "adcs	x14, x14, x14\n\t"
-        "adcs	x15, x15, x15\n\t"
-        "adcs	x16, x16, x16\n\t"
-        "adcs	x17, x17, x17\n\t"
-        "adcs	x19, x19, x19\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul       x5, x21, x21\n\t"
-        "adcs	x20, x20, x20\n\t"
-        "umulh     x2, x21, x21\n\t"
-        "cset  x21, cs\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul       x3, x22, x22\n\t"
-        "adds	x6, x6, x2\n\t"
-        "umulh     x4, x22, x22\n\t"
-        "adcs	x7, x7, x3\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul       x2, x23, x23\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "umulh     x3, x23, x23\n\t"
-        "adcs	x9, x9, x2\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul       x4, x24, x24\n\t"
-        "adcs	x10, x10, x3\n\t"
-        "umulh     x2, x24, x24\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "#  A[4] * A[4]\n\t"
-        "mul       x3, x25, x25\n\t"
-        "adcs	x12, x12, x2\n\t"
-        "umulh     x4, x25, x25\n\t"
-        "adcs	x13, x13, x3\n\t"
-        "#  A[5] * A[5]\n\t"
-        "mul       x2, x26, x26\n\t"
-        "adcs	x14, x14, x4\n\t"
-        "umulh     x3, x26, x26\n\t"
-        "adcs	x15, x15, x2\n\t"
-        "#  A[6] * A[6]\n\t"
-        "mul       x4, x27, x27\n\t"
-        "adcs	x16, x16, x3\n\t"
-        "umulh     x2, x27, x27\n\t"
-        "adcs	x17, x17, x4\n\t"
-        "#  A[7] * A[7]\n\t"
-        "mul       x3, x28, x28\n\t"
-        "adcs	x19, x19, x2\n\t"
-        "umulh     x4, x28, x28\n\t"
-        "adcs	x20, x20, x3\n\t"
-        "stp	x5, x6, [%[r], 0]\n\t"
-        "adc	x21, x21, x4\n\t"
-        "stp	x7, x8, [%[r], 16]\n\t"
-        "stp	x9, x10, [%[r], 32]\n\t"
-        "stp	x11, x12, [%[r], 48]\n\t"
-        "stp	x13, x14, [%[r], 64]\n\t"
-        "stp	x15, x16, [%[r], 80]\n\t"
-        "stp	x17, x19, [%[r], 96]\n\t"
-        "stp	x20, x21, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Add digit to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_1024_add_word_8(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adds	x3, x3, %[b]\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x3, x3, xzr\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a], 0]\n\t"
-        "ldp	x6, x7, [%[b], 0]\n\t"
-        "subs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 16]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 0]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 16]\n\t"
-        "ldp	x2, x3, [%[a], 32]\n\t"
-        "ldp	x6, x7, [%[b], 32]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 48]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 32]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 48]\n\t"
-        "ldp	x2, x3, [%[a], 64]\n\t"
-        "ldp	x6, x7, [%[b], 64]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 80]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 64]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 80]\n\t"
-        "ldp	x2, x3, [%[a], 96]\n\t"
-        "ldp	x6, x7, [%[b], 96]\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x4, x5, [%[a], 112]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a], 96]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a], 112]\n\t"
-        "csetm	%[a], cc\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-
-    return (sp_digit)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "adds	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "adc	%[r], xzr, xzr\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_1024_cond_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[16];
-    sp_digit a1[8];
-    sp_digit b1[8];
-    sp_digit* z2 = r + 16;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_1024_add_8(a1, a, &a[8]);
-    cb = sp_1024_add_8(b1, b, &b[8]);
-    u  = ca & cb;
-
-    sp_1024_mul_8(z2, &a[8], &b[8]);
-    sp_1024_mul_8(z0, a, b);
-    sp_1024_mul_8(z1, a1, b1);
-
-    u += sp_1024_sub_in_place_16(z1, z0);
-    u += sp_1024_sub_in_place_16(z1, z2);
-    u += sp_1024_cond_add_8(z1 + 8, z1 + 8, a1, 0 - cb);
-    u += sp_1024_cond_add_8(z1 + 8, z1 + 8, b1, 0 - ca);
-
-    u += sp_1024_add_16(r + 8, r + 8, z1);
-    (void)sp_1024_add_word_8(r + 24, r + 24, u);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 16;
-    sp_digit z1[16];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 8;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 8);
-
-    mask = sp_1024_sub_8(a1, a, &a[8]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_1024_sub_8(a1, p1, p2);
-
-    sp_1024_sqr_8(z2, &a[8]);
-    sp_1024_sqr_8(z0, a);
-    sp_1024_sqr_8(z1, a1);
-
-    u = 0;
-    u -= sp_1024_sub_in_place_16(z1, z2);
-    u -= sp_1024_sub_in_place_16(z1, z0);
-    u += sp_1024_sub_in_place_16(r + 8, z1);
-    sp_1024_add_word_8(r + 24, r + 24, u);
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_digit tmp[32];
-
-    __asm__ __volatile__ (
-        "mov	x5, xzr\n\t"
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 120\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[b], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 128\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 240\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    sp_digit tmp[32];
-
-    __asm__ __volatile__ (
-        "mov	x6, xzr\n\t"
-        "mov	x7, xzr\n\t"
-        "mov	x8, xzr\n\t"
-        "mov	x5, xzr\n\t"
-        "\n1:\n\t"
-        "subs	x3, x5, 120\n\t"
-        "csel	x3, xzr, x3, cc\n\t"
-        "sub	x4, x5, x3\n\t"
-        "\n2:\n\t"
-        "cmp	x4, x3\n\t"
-        "b.eq	4f\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "ldr	x11, [%[a], x4]\n\t"
-        "mul	x9, x10, x11\n\t"
-        "umulh	x10, x10, x11\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "b.al	5f\n\t"
-        "\n4:\n\t"
-        "ldr	x10, [%[a], x3]\n\t"
-        "mul	x9, x10, x10\n\t"
-        "umulh	x10, x10, x10\n\t"
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "\n5:\n\t"
-        "add	x3, x3, #8\n\t"
-        "sub	x4, x4, #8\n\t"
-        "cmp	x3, 128\n\t"
-        "b.eq	3f\n\t"
-        "cmp	x3, x4\n\t"
-        "b.gt	3f\n\t"
-        "cmp	x3, x5\n\t"
-        "b.le	2b\n\t"
-        "\n3:\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        "mov	x6, x7\n\t"
-        "mov	x7, x8\n\t"
-        "mov	x8, #0\n\t"
-        "add	x5, x5, #8\n\t"
-        "cmp	x5, 240\n\t"
-        "b.le	1b\n\t"
-        "str	x6, [%[r], x5]\n\t"
-        :
-        : [r] "r" (tmp), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    XMEMCPY(r, tmp, sizeof(tmp));
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[16] = {
-    0x666d807afea85febL,0x80c5df10ac7ace87L,0xfce3e82389857db0L,
-    0x9f94d6af56971f1fL,0xa7cf3c521c3c09aaL,0xb6aff4a831852a82L,
-    0x512ac5cd65681ce1L,0xe26c6487326b4cd4L,0x356d27f4a666a6d0L,
-    0xe791b39ff7c88a19L,0x228730d531a59cb0L,0xf40aab27e2fc0f1bL,
-    0xbe9ae358b3e01a2eL,0x416c0ce19cb48261L,0x65c61198dad0657aL,
-    0x997abb1f0a563fdaL
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[16] = {
-    0x99927f850157a015L,0x7f3a20ef53853178L,0x031c17dc767a824fL,
-    0x606b2950a968e0e0L,0x5830c3ade3c3f655L,0x49500b57ce7ad57dL,
-    0xaed53a329a97e31eL,0x1d939b78cd94b32bL,0xca92d80b5999592fL,
-    0x186e4c60083775e6L,0xdd78cf2ace5a634fL,0x0bf554d81d03f0e4L,
-    0x41651ca74c1fe5d1L,0xbe93f31e634b7d9eL,0x9a39ee67252f9a85L,
-    0x668544e0f5a9c025L
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x290420077c8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[16] = {
-    0xd99b601ebfaa17fbL,0x203177c42b1eb3a1L,0xff38fa08e2615f6cL,
-    0xa7e535abd5a5c7c7L,0xa9f3cf14870f026aL,0x6dabfd2a0c614aa0L,
-    0x144ab173595a0738L,0x389b1921cc9ad335L,0x4d5b49fd2999a9b4L,
-    0x39e46ce7fdf22286L,0xc8a1cc354c69672cL,0xbd02aac9f8bf03c6L,
-    0x6fa6b8d62cf8068bL,0x905b0338672d2098L,0x9971846636b4195eL,
-    0x265eaec7c2958ff6L
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0x880dc8abeae63895L,0x80ec46c4967e0979L,0xee9163a5b63f73ecL,
-        0xd5cfb4cc80728d87L,0xa7c1514dba66910dL,0xa702c3397a60de74L,
-        0x337c86548b72f2e1L,0x9760af765dd5bccbL,0x718bd9e7406ce890L,
-        0x43d5f22cdb9dfa55L,0xab10db9030b09e10L,0xb5edb6c0f6ce2308L,
-        0x98b2f204b6ff7cbfL,0x2b1a2fd60aec69c6L,0x0a7990053ed9b52aL,
-        0x53fc09ee332c29adL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x75573fd71bef16d7L,0xadb9b5706a67dcdeL,0x80bdad5ad5bb4636L,
-        0x13515ad7e9cb99a9L,0x492d979fc5a4d5f2L,0xac6f1e80164aa989L,
-        0xcad696b5b7652fe0L,0x70dae117ad547c6cL,0x416cff0ca9e032b9L,
-        0x6b598ccf9a140b2eL,0xe7f7f5e5f0de55f6L,0xf5ea69f4654ec2b9L,
-        0x3d778d821e141178L,0xd3e8201602990696L,0xf9f1f0533634a135L,
-        0x0a8249063f6009f1L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x10, %[a], 128\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldp	x4, x5, [%[a], #16]\n\t"
-        "ldp	x6, x7, [%[b]], #16\n\t"
-        "sbcs	x2, x2, x6\n\t"
-        "ldp	x8, x9, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "stp	x2, x3, [%[a]], #16\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x4, x5, [%[a]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x10\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static sp_digit sp_1024_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "csetm	%[c], cc\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 128\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-#else
-    __asm__ __volatile__ (
-
-        "ldp	x5, x7, [%[b], 0]\n\t"
-        "ldp	x11, x12, [%[b], 16]\n\t"
-        "ldp	x4, x6, [%[a], 0]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "subs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 0]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 16]\n\t"
-        "ldp	x5, x7, [%[b], 32]\n\t"
-        "ldp	x11, x12, [%[b], 48]\n\t"
-        "ldp	x4, x6, [%[a], 32]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 32]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 48]\n\t"
-        "ldp	x5, x7, [%[b], 64]\n\t"
-        "ldp	x11, x12, [%[b], 80]\n\t"
-        "ldp	x4, x6, [%[a], 64]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 64]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 80]\n\t"
-        "ldp	x5, x7, [%[b], 96]\n\t"
-        "ldp	x11, x12, [%[b], 112]\n\t"
-        "ldp	x4, x6, [%[a], 96]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "and	x7, x7, %[m]\n\t"
-        "sbcs	x4, x4, x5\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "sbcs	x6, x6, x7\n\t"
-        "and	x12, x12, %[m]\n\t"
-        "sbcs	x9, x9, x11\n\t"
-        "stp	x4, x6, [%[r], 96]\n\t"
-        "sbcs	x10, x10, x12\n\t"
-        "stp	x9, x10, [%[r], 112]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x6", "x5", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return (sp_digit)r;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 128\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "adc	%[c], xzr, xzr\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-static void sp_1024_mul_d_16(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldr	x8, [%[a]]\n\t"
-        "mul	x5, %[b], x8\n\t"
-        "umulh	x3, %[b], x8\n\t"
-        "mov	x4, xzr\n\t"
-        "str	x5, [%[r]]\n\t"
-        "mov	x5, xzr\n\t"
-        "mov	x9, #8\n\t"
-        "1:\n\t"
-        "ldr	x8, [%[a], x9]\n\t"
-        "mul	x6, %[b], x8\n\t"
-        "umulh	x7, %[b], x8\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "str	x3, [%[r], x9]\n\t"
-        "mov	x3, x4\n\t"
-        "mov	x4, x5\n\t"
-        "mov	x5, #0\n\t"
-        "add	x9, x9, #8\n\t"
-        "cmp	x9, 128\n\t"
-        "b.lt	1b\n\t"
-        "str	x3, [%[r], 128]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "# A[0] * B\n\t"
-        "ldp	x9, x10, [%[a]]\n\t"
-        "mul	x3, %[b], x9\n\t"
-        "umulh	x4, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "# A[1] * B\n\t"
-        "str	x3, [%[r]]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[2] * B\n\t"
-        "ldp	x9, x10, [%[a], 16]\n\t"
-        "str	x4, [%[r], 8]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[3] * B\n\t"
-        "str	x5, [%[r], 16]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[4] * B\n\t"
-        "ldp	x9, x10, [%[a], 32]\n\t"
-        "str	x3, [%[r], 24]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[5] * B\n\t"
-        "str	x4, [%[r], 32]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[6] * B\n\t"
-        "ldp	x9, x10, [%[a], 48]\n\t"
-        "str	x5, [%[r], 40]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[7] * B\n\t"
-        "str	x3, [%[r], 48]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[8] * B\n\t"
-        "ldp	x9, x10, [%[a], 64]\n\t"
-        "str	x4, [%[r], 56]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[9] * B\n\t"
-        "str	x5, [%[r], 64]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[10] * B\n\t"
-        "ldp	x9, x10, [%[a], 80]\n\t"
-        "str	x3, [%[r], 72]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[11] * B\n\t"
-        "str	x4, [%[r], 80]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[12] * B\n\t"
-        "ldp	x9, x10, [%[a], 96]\n\t"
-        "str	x5, [%[r], 88]\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x5, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "# A[13] * B\n\t"
-        "str	x3, [%[r], 96]\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "mov	x3, xzr\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x5, xzr, xzr\n\t"
-        "adds	x4, x4, x6\n\t"
-        "# A[14] * B\n\t"
-        "ldp	x9, x10, [%[a], 112]\n\t"
-        "str	x4, [%[r], 104]\n\t"
-        "adcs	x5, x5, x7\n\t"
-        "mul	x6, %[b], x9\n\t"
-        "mov	x4, xzr\n\t"
-        "umulh	x7, %[b], x9\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x5, x5, x6\n\t"
-        "# A[15] * B\n\t"
-        "str	x5, [%[r], 112]\n\t"
-        "mul	x6, %[b], x10\n\t"
-        "adcs	x3, x3, x7\n\t"
-        "umulh	x7, %[b], x10\n\t"
-        "adc	x4, xzr, xzr\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x4, x4, x7\n\t"
-        "stp	x3, x4, [%[r], 120]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#endif
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * Assumes divisor has highest bit set.
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- */
-static sp_digit div_1024_word_16(sp_digit d1, sp_digit d0, sp_digit div)
-{
-    __asm__ __volatile__ (
-        "lsr	x8, %[div], 32\n\t"
-        "add	x5, x8, 1\n\t"
-
-        "udiv	x3, %[d1], x5\n\t"
-        "lsl	x7, %[div], 32\n\t"
-        "movz	x9, #1, lsl 32\n\t"
-        "lsl	x6, x3, 32\n\t"
-        "mul	x4, %[div], x6\n\t"
-        "umulh	x3, %[div], x6\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "cmp	%[d1], x5\n\t"
-        "cset	x9, ge\n\t"
-        "csetm	x10, ge\n\t"
-        "lsl	x9, x9, #32\n\t"
-        "and	x7, x7, x10\n\t"
-        "and	x8, x8, x10\n\t"
-        "subs	%[d0], %[d0], x7\n\t"
-        "add	x6, x6, x9\n\t"
-        "sbc	%[d1], %[d1], x8\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv	x3, x3, x5\n\t"
-        "add	x6, x6, x3\n\t"
-        "mul	x4, %[div], x3\n\t"
-        "umulh	x3, %[div], x3\n\t"
-        "subs	%[d0], %[d0], x4\n\t"
-        "sbc	%[d1], %[d1], x3\n\t"
-
-        "extr	x3, %[d1], %[d0], 32\n\t"
-
-        "udiv   x3, x3, x5\n\t"
-        "add    x6, x6, x3\n\t"
-        "mul    x4, %[div], x3\n\t"
-        "sub    %[d0], %[d0], x4\n\t"
-
-        "udiv	x3, %[d0], %[div]\n\t"
-        "add	%[d1], x6, x3\n\t"
-
-        : [d1] "+r" (d1), [d0] "+r" (d0)
-        : [div] "r" (div)
-        : "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "mov	x10, #16\n\t"
-        "add	%[a], %[a], #112\n\t"
-        "add	%[b], %[b], #112\n\t"
-        "1:\n\t"
-        "ldp	x6, x7, [%[a]], -16\n\t"
-        "ldp	x8, x9, [%[b]], -16\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x10, x10, #2\n\t"
-        "b.ne	1b\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-#else
-    __asm__ __volatile__ (
-        "mov	x3, #0\n\t"
-        "mov	x2, #-1\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "ldp	x8, x9, [%[b], 112]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 96]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "ldp	x8, x9, [%[b], 80]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 64]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "ldp	x8, x9, [%[b], 48]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 32]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "ldp	x8, x9, [%[b], 16]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "ldp	x6, x7, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x7, x7, x9\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "subs	x6, x6, x8\n\t"
-        "csel	x4, x2, xzr, lo\n\t"
-        "csetm	x5, eq\n\t"
-        "orr	x3, x3, x4\n\t"
-        "and	x2, x2, x5\n\t"
-        "cmp	x2, #0\n\t"
-        "cset	%[a], eq\n\t"
-        "orr	%[a], %[a], x3\n\t"
-        : [a] "+r" (a)
-        : [b] "r" (b)
-        : "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
-    );
-#endif
-
-    return (sp_int64)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[32], t2[17];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[15];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 16);
-    r1 = sp_1024_cmp_16(&t1[16], d) >= 0;
-    sp_1024_cond_sub_16(&t1[16], &t1[16], d, (sp_digit)0 - r1);
-    for (i = 15; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[16 + i] == div);
-        sp_digit hi = t1[16 + i] + mask;
-        r1 = div_1024_word_16(hi, t1[16 + i - 1], div);
-        r1 |= mask;
-
-        sp_1024_mul_d_16(t2, d, r1);
-        t1[16 + i] += sp_1024_sub_in_place_16(&t1[i], t2);
-        t1[16 + i] -= t2[16];
-        sp_1024_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_1024_add_16(&t1[i], &t1[i], t2);
-        sp_1024_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_1024_add_16(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_1024_cmp_16(t1, d) >= 0;
-    sp_1024_cond_sub_16(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_mod_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_1024_div_16(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_mul_16(r, a, p1024_norm_mod);
-    return sp_1024_mod_16(r, r, m);
-}
-
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_16(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_16(heap, sp, p) sp_1024_point_new_ex_16((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_16(heap, sp, p) sp_1024_point_new_ex_16((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_16(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_16(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 16, pm->x);
-    sp_1024_from_mp(p->y, 16, pm->y);
-    sp_1024_from_mp(p->z, 16, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 16);
-        r->used = 16;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 16; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 16; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_16(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_copy_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[r], 0]\n\t"
-        "ldp	x5, x6, [%[a], 0]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "ldp	x3, x4, [%[r], 16]\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[r], 32]\n\t"
-        "ldp	x5, x6, [%[a], 32]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "ldp	x3, x4, [%[r], 48]\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[r], 64]\n\t"
-        "ldp	x5, x6, [%[a], 64]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "ldp	x3, x4, [%[r], 80]\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[r], 96]\n\t"
-        "ldp	x5, x6, [%[a], 96]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "ldp	x3, x4, [%[r], 112]\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "eor	x5, x5, x3\n\t"
-        "eor	x6, x6, x4\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "and	x6, x6, %[m]\n\t"
-        "eor	x3, x3, x5\n\t"
-        "eor	x4, x4, x6\n\t"
-        "stp	x3, x4, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "cc"
-    );
-}
-
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x12, x13, [%[a], 0]\n\t"
-        "ldp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x16, x17, [%[a], 32]\n\t"
-        "ldp	x19, x20, [%[a], 48]\n\t"
-        "ldp	x21, x22, [%[a], 64]\n\t"
-        "ldp	x23, x24, [%[a], 80]\n\t"
-        "ldp	x25, x26, [%[a], 96]\n\t"
-        "ldp	x27, x28, [%[a], 112]\n\t"
-        "mov	x3, xzr\n\t"
-        "# i = 0..15\n\t"
-        "mov	x4, 16\n\t"
-        "\n1:\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mul	x9, %[mp], x12\n\t"
-        "# a[i+0] += m[0] * mu\n\t"
-        "ldp	x10, x11, [%[m], 0]\n\t"
-        "mul	x7, x10, x9\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x12, x12, x7\n\t"
-        "# a[i+1] += m[1] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "mul	x7, x11, x9\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x12, x13, x7\n\t"
-        "# a[i+2] += m[2] * mu\n\t"
-        "ldp	x11, x10, [%[m], 16]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x12, x12, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x13, x14, x7\n\t"
-        "# a[i+3] += m[3] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x13, x13, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x14, x15, x7\n\t"
-        "# a[i+4] += m[4] * mu\n\t"
-        "ldp	x11, x10, [%[m], 32]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x14, x14, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x15, x16, x7\n\t"
-        "# a[i+5] += m[5] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x15, x15, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x16, x17, x7\n\t"
-        "# a[i+6] += m[6] * mu\n\t"
-        "ldp	x11, x10, [%[m], 48]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x16, x16, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x17, x19, x7\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x17, x17, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x19, x20, x7\n\t"
-        "# a[i+8] += m[8] * mu\n\t"
-        "ldp	x11, x10, [%[m], 64]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x19, x19, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x20, x21, x7\n\t"
-        "# a[i+9] += m[9] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x20, x20, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x21, x22, x7\n\t"
-        "# a[i+10] += m[10] * mu\n\t"
-        "ldp	x11, x10, [%[m], 80]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x21, x21, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x22, x23, x7\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x22, x22, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x23, x24, x7\n\t"
-        "# a[i+12] += m[12] * mu\n\t"
-        "ldp	x11, x10, [%[m], 96]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x23, x23, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x24, x25, x7\n\t"
-        "# a[i+13] += m[13] * mu\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x24, x24, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x25, x26, x7\n\t"
-        "# a[i+14] += m[14] * mu\n\t"
-        "ldp	x11, x10, [%[m], 112]\n\t"
-        "adc	x5, x8, xzr\n\t"
-        "adds	x25, x25, x6\n\t"
-        "mul	x7, x11, x9\n\t"
-        "adc	x5, x5, xzr\n\t"
-        "umulh	x8, x11, x9\n\t"
-        "adds	x26, x27, x7\n\t"
-        "# a[i+15] += m[15] * mu\n\t"
-        "ldr	x10, [%[m], 120]\n\t"
-        "adc	x6, x8, xzr\n\t"
-        "adds	x26, x26, x5\n\t"
-        "mul	x7, x10, x9\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "umulh	x8, x10, x9\n\t"
-        "adds	x6, x6, x7\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adc	x3, xzr, xzr\n\t"
-        "adds	x27, x28, x6\n\t"
-        "ldr	x28, [%[a], 128]\n\t"
-        "adcs	x28, x28, x8\n\t"
-        "adc	x3, x3, xzr\n\t"
-        "subs	x4, x4, 1\n\t"
-        "add	%[a], %[a], 8\n\t"
-        "b.ne	1b\n\t"
-        "# Create mask\n\t"
-        "subs	x11, x10, x28\n\t"
-        "neg	x3, x3\n\t"
-        "sbc	x11, x11, x11\n\t"
-        "orr	x3, x3, x11\n\t"
-        "mov	x9, %[a]\n\t"
-        "sub	%[a], %[a], 128\n\t"
-        "# Subtract masked modulus\n\t"
-        "ldp	x4, x5, [%[m], 0]\n\t"
-        "ldp	x6, x7, [%[m], 16]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "subs	x12, x12, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x13, x13, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x14, x14, x6\n\t"
-        "stp	x12, x13, [%[a], 0]\n\t"
-        "sbcs	x15, x15, x7\n\t"
-        "stp	x14, x15, [%[a], 16]\n\t"
-        "ldp	x4, x5, [%[m], 32]\n\t"
-        "ldp	x6, x7, [%[m], 48]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x16, x16, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x17, x17, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x19, x19, x6\n\t"
-        "stp	x16, x17, [%[a], 32]\n\t"
-        "sbcs	x20, x20, x7\n\t"
-        "stp	x19, x20, [%[a], 48]\n\t"
-        "ldp	x4, x5, [%[m], 64]\n\t"
-        "ldp	x6, x7, [%[m], 80]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x21, x21, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x22, x22, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x23, x23, x6\n\t"
-        "stp	x21, x22, [%[a], 64]\n\t"
-        "sbcs	x24, x24, x7\n\t"
-        "stp	x23, x24, [%[a], 80]\n\t"
-        "ldp	x4, x5, [%[m], 96]\n\t"
-        "ldp	x6, x7, [%[m], 112]\n\t"
-        "and	x4, x4, x3\n\t"
-        "and	x5, x5, x3\n\t"
-        "sbcs	x25, x25, x4\n\t"
-        "and	x6, x6, x3\n\t"
-        "sbcs	x26, x26, x5\n\t"
-        "and	x7, x7, x3\n\t"
-        "sbcs	x27, x27, x6\n\t"
-        "stp	x25, x26, [%[a], 96]\n\t"
-        "sbcs	x28, x28, x7\n\t"
-        "stp	x27, x28, [%[a], 112]\n\t"
-        : [a] "+r" (a), [mp] "+r" (mp)
-        : [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
-    );
-
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_16(r, a, b);
-    sp_1024_mont_reduce_16(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_16(r, a);
-    sp_1024_mont_reduce_16(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_16(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 16];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 16 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 16);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_16(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_16(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 16);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_16(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_16(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_16(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_1024_norm_16(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_int64 n;
-
-    sp_1024_mont_inv_16(t1, p->z, t + 2*16);
-
-    sp_1024_mont_sqr_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_16(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 16, 0, sizeof(sp_digit) * 16U);
-    sp_1024_mont_reduce_16(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_16(r->x, p1024_mod);
-    sp_1024_cond_sub_16(r->x, r->x, p1024_mod, (sp_digit)~(n >> 63));
-    sp_1024_norm_16(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_16(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 16, 0, sizeof(sp_digit) * 16U);
-    sp_1024_mont_reduce_16(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_16(r->y, p1024_mod);
-    sp_1024_cond_sub_16(r->y, r->y, p1024_mod, (sp_digit)~(n >> 63));
-    sp_1024_norm_16(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp       x4, x5, [%[a], 0]\n\t"
-        "ldp       x6, x7, [%[a], 16]\n\t"
-        "ldp       x8, x9, [%[a], 32]\n\t"
-        "ldp       x10, x11, [%[a], 48]\n\t"
-        "ldp       x12, x13, [%[a], 64]\n\t"
-        "ldp       x14, x15, [%[a], 80]\n\t"
-        "ldp       x16, x17, [%[a], 96]\n\t"
-        "ldp       x19, x20, [%[a], 112]\n\t"
-        "ldp       x21, x22, [%[b], 0]\n\t"
-        "ldp       x23, x24, [%[b], 16]\n\t"
-        "adds      x4, x4, x21\n\t"
-        "adcs      x5, x5, x22\n\t"
-        "adcs      x6, x6, x23\n\t"
-        "adcs      x7, x7, x24\n\t"
-        "ldp       x21, x22, [%[b], 32]\n\t"
-        "ldp       x23, x24, [%[b], 48]\n\t"
-        "adcs      x8, x8, x21\n\t"
-        "adcs      x9, x9, x22\n\t"
-        "adcs      x10, x10, x23\n\t"
-        "adcs      x11, x11, x24\n\t"
-        "ldp       x21, x22, [%[b], 64]\n\t"
-        "ldp       x23, x24, [%[b], 80]\n\t"
-        "adcs      x12, x12, x21\n\t"
-        "adcs      x13, x13, x22\n\t"
-        "adcs      x14, x14, x23\n\t"
-        "adcs      x15, x15, x24\n\t"
-        "ldp       x21, x22, [%[b], 96]\n\t"
-        "ldp       x23, x24, [%[b], 112]\n\t"
-        "adcs      x16, x16, x21\n\t"
-        "adcs      x17, x17, x22\n\t"
-        "adcs      x19, x19, x23\n\t"
-        "adcs      x20, x20, x24\n\t"
-        "csetm x25, cs\n\t"
-        "ldr   x21, [%[m], 120]\n\t"
-        "subs  x21, x21, x20\n\t"
-        "csetm x21, cc\n\t"
-        "orr   x25, x25, x21\n\t"
-        "ldp     x21, x22, [%[m], 0]\n\t"
-        "ldp     x23, x24, [%[m], 16]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "subs    x4, x4, x21\n\t"
-        "sbcs    x5, x5, x22\n\t"
-        "sbcs    x6, x6, x23\n\t"
-        "sbcs    x7, x7, x24\n\t"
-        "ldp     x21, x22, [%[m], 32]\n\t"
-        "ldp     x23, x24, [%[m], 48]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x8, x8, x21\n\t"
-        "sbcs    x9, x9, x22\n\t"
-        "sbcs    x10, x10, x23\n\t"
-        "sbcs    x11, x11, x24\n\t"
-        "ldp     x21, x22, [%[m], 64]\n\t"
-        "ldp     x23, x24, [%[m], 80]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x12, x12, x21\n\t"
-        "sbcs    x13, x13, x22\n\t"
-        "sbcs    x14, x14, x23\n\t"
-        "sbcs    x15, x15, x24\n\t"
-        "ldp     x21, x22, [%[m], 96]\n\t"
-        "ldp     x23, x24, [%[m], 112]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x16, x16, x21\n\t"
-        "sbcs    x17, x17, x22\n\t"
-        "sbcs    x19, x19, x23\n\t"
-        "sbc     x20, x20, x24\n\t"
-        "stp       x4, x5, [%[r], 0]\n\t"
-        "stp       x6, x7, [%[r], 16]\n\t"
-        "stp       x8, x9, [%[r], 32]\n\t"
-        "stp       x10, x11, [%[r], 48]\n\t"
-        "stp       x12, x13, [%[r], 64]\n\t"
-        "stp       x14, x15, [%[r], 80]\n\t"
-        "stp       x16, x17, [%[r], 96]\n\t"
-        "stp       x19, x20, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "cc"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp       x4, x5, [%[a], 0]\n\t"
-        "ldp       x6, x7, [%[a], 16]\n\t"
-        "ldp       x8, x9, [%[a], 32]\n\t"
-        "ldp       x10, x11, [%[a], 48]\n\t"
-        "ldp       x12, x13, [%[a], 64]\n\t"
-        "ldp       x14, x15, [%[a], 80]\n\t"
-        "ldp       x16, x17, [%[a], 96]\n\t"
-        "ldp       x19, x20, [%[a], 112]\n\t"
-        "adds        x4, x4, x4\n\t"
-        "adcs        x5, x5, x5\n\t"
-        "adcs        x6, x6, x6\n\t"
-        "adcs        x7, x7, x7\n\t"
-        "adcs        x8, x8, x8\n\t"
-        "adcs        x9, x9, x9\n\t"
-        "adcs        x10, x10, x10\n\t"
-        "adcs        x11, x11, x11\n\t"
-        "adcs        x12, x12, x12\n\t"
-        "adcs        x13, x13, x13\n\t"
-        "adcs        x14, x14, x14\n\t"
-        "adcs        x15, x15, x15\n\t"
-        "adcs        x16, x16, x16\n\t"
-        "adcs        x17, x17, x17\n\t"
-        "adcs        x19, x19, x19\n\t"
-        "adcs        x20, x20, x20\n\t"
-        "csetm x25, cs\n\t"
-        "ldr   x21, [%[m], 120]\n\t"
-        "subs  x21, x21, x20\n\t"
-        "csetm x21, cc\n\t"
-        "orr   x25, x25, x21\n\t"
-        "ldp     x21, x22, [%[m], 0]\n\t"
-        "ldp     x23, x24, [%[m], 16]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "subs    x4, x4, x21\n\t"
-        "sbcs    x5, x5, x22\n\t"
-        "sbcs    x6, x6, x23\n\t"
-        "sbcs    x7, x7, x24\n\t"
-        "ldp     x21, x22, [%[m], 32]\n\t"
-        "ldp     x23, x24, [%[m], 48]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x8, x8, x21\n\t"
-        "sbcs    x9, x9, x22\n\t"
-        "sbcs    x10, x10, x23\n\t"
-        "sbcs    x11, x11, x24\n\t"
-        "ldp     x21, x22, [%[m], 64]\n\t"
-        "ldp     x23, x24, [%[m], 80]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x12, x12, x21\n\t"
-        "sbcs    x13, x13, x22\n\t"
-        "sbcs    x14, x14, x23\n\t"
-        "sbcs    x15, x15, x24\n\t"
-        "ldp     x21, x22, [%[m], 96]\n\t"
-        "ldp     x23, x24, [%[m], 112]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x16, x16, x21\n\t"
-        "sbcs    x17, x17, x22\n\t"
-        "sbcs    x19, x19, x23\n\t"
-        "sbc     x20, x20, x24\n\t"
-        "stp       x4, x5, [%[r], 0]\n\t"
-        "stp       x6, x7, [%[r], 16]\n\t"
-        "stp       x8, x9, [%[r], 32]\n\t"
-        "stp       x10, x11, [%[r], 48]\n\t"
-        "stp       x12, x13, [%[r], 64]\n\t"
-        "stp       x14, x15, [%[r], 80]\n\t"
-        "stp       x16, x17, [%[r], 96]\n\t"
-        "stp       x19, x20, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "cc"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp       x4, x5, [%[a], 0]\n\t"
-        "ldp       x6, x7, [%[a], 16]\n\t"
-        "ldp       x8, x9, [%[a], 32]\n\t"
-        "ldp       x10, x11, [%[a], 48]\n\t"
-        "ldp       x12, x13, [%[a], 64]\n\t"
-        "ldp       x14, x15, [%[a], 80]\n\t"
-        "ldp       x16, x17, [%[a], 96]\n\t"
-        "ldp       x19, x20, [%[a], 112]\n\t"
-        "adds        x4, x4, x4\n\t"
-        "adcs        x5, x5, x5\n\t"
-        "adcs        x6, x6, x6\n\t"
-        "adcs        x7, x7, x7\n\t"
-        "adcs        x8, x8, x8\n\t"
-        "adcs        x9, x9, x9\n\t"
-        "adcs        x10, x10, x10\n\t"
-        "adcs        x11, x11, x11\n\t"
-        "adcs        x12, x12, x12\n\t"
-        "adcs        x13, x13, x13\n\t"
-        "adcs        x14, x14, x14\n\t"
-        "adcs        x15, x15, x15\n\t"
-        "adcs        x16, x16, x16\n\t"
-        "adcs        x17, x17, x17\n\t"
-        "adcs        x19, x19, x19\n\t"
-        "adcs        x20, x20, x20\n\t"
-        "csetm x25, cs\n\t"
-        "ldr   x21, [%[m], 120]\n\t"
-        "subs  x21, x21, x20\n\t"
-        "csetm x21, cc\n\t"
-        "orr   x25, x25, x21\n\t"
-        "ldp     x21, x22, [%[m], 0]\n\t"
-        "ldp     x23, x24, [%[m], 16]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "subs    x4, x4, x21\n\t"
-        "sbcs    x5, x5, x22\n\t"
-        "sbcs    x6, x6, x23\n\t"
-        "sbcs    x7, x7, x24\n\t"
-        "ldp     x21, x22, [%[m], 32]\n\t"
-        "ldp     x23, x24, [%[m], 48]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x8, x8, x21\n\t"
-        "sbcs    x9, x9, x22\n\t"
-        "sbcs    x10, x10, x23\n\t"
-        "sbcs    x11, x11, x24\n\t"
-        "ldp     x21, x22, [%[m], 64]\n\t"
-        "ldp     x23, x24, [%[m], 80]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x12, x12, x21\n\t"
-        "sbcs    x13, x13, x22\n\t"
-        "sbcs    x14, x14, x23\n\t"
-        "sbcs    x15, x15, x24\n\t"
-        "ldp     x21, x22, [%[m], 96]\n\t"
-        "ldp     x23, x24, [%[m], 112]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x16, x16, x21\n\t"
-        "sbcs    x17, x17, x22\n\t"
-        "sbcs    x19, x19, x23\n\t"
-        "sbc     x20, x20, x24\n\t"
-        "ldp       x21, x22, [%[a], 0]\n\t"
-        "ldp       x23, x24, [%[a], 16]\n\t"
-        "adds      x4, x4, x21\n\t"
-        "adcs      x5, x5, x22\n\t"
-        "adcs      x6, x6, x23\n\t"
-        "adcs      x7, x7, x24\n\t"
-        "ldp       x21, x22, [%[a], 32]\n\t"
-        "ldp       x23, x24, [%[a], 48]\n\t"
-        "adcs      x8, x8, x21\n\t"
-        "adcs      x9, x9, x22\n\t"
-        "adcs      x10, x10, x23\n\t"
-        "adcs      x11, x11, x24\n\t"
-        "ldp       x21, x22, [%[a], 64]\n\t"
-        "ldp       x23, x24, [%[a], 80]\n\t"
-        "adcs      x12, x12, x21\n\t"
-        "adcs      x13, x13, x22\n\t"
-        "adcs      x14, x14, x23\n\t"
-        "adcs      x15, x15, x24\n\t"
-        "ldp       x21, x22, [%[a], 96]\n\t"
-        "ldp       x23, x24, [%[a], 112]\n\t"
-        "adcs      x16, x16, x21\n\t"
-        "adcs      x17, x17, x22\n\t"
-        "adcs      x19, x19, x23\n\t"
-        "adcs      x20, x20, x24\n\t"
-        "csetm x25, cs\n\t"
-        "ldr   x21, [%[m], 120]\n\t"
-        "subs  x21, x21, x20\n\t"
-        "csetm x21, cc\n\t"
-        "orr   x25, x25, x21\n\t"
-        "ldp     x21, x22, [%[m], 0]\n\t"
-        "ldp     x23, x24, [%[m], 16]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "subs    x4, x4, x21\n\t"
-        "sbcs    x5, x5, x22\n\t"
-        "sbcs    x6, x6, x23\n\t"
-        "sbcs    x7, x7, x24\n\t"
-        "ldp     x21, x22, [%[m], 32]\n\t"
-        "ldp     x23, x24, [%[m], 48]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x8, x8, x21\n\t"
-        "sbcs    x9, x9, x22\n\t"
-        "sbcs    x10, x10, x23\n\t"
-        "sbcs    x11, x11, x24\n\t"
-        "ldp     x21, x22, [%[m], 64]\n\t"
-        "ldp     x23, x24, [%[m], 80]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x12, x12, x21\n\t"
-        "sbcs    x13, x13, x22\n\t"
-        "sbcs    x14, x14, x23\n\t"
-        "sbcs    x15, x15, x24\n\t"
-        "ldp     x21, x22, [%[m], 96]\n\t"
-        "ldp     x23, x24, [%[m], 112]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "sbcs    x16, x16, x21\n\t"
-        "sbcs    x17, x17, x22\n\t"
-        "sbcs    x19, x19, x23\n\t"
-        "sbc     x20, x20, x24\n\t"
-        "stp       x4, x5, [%[r], 0]\n\t"
-        "stp       x6, x7, [%[r], 16]\n\t"
-        "stp       x8, x9, [%[r], 32]\n\t"
-        "stp       x10, x11, [%[r], 48]\n\t"
-        "stp       x12, x13, [%[r], 64]\n\t"
-        "stp       x14, x15, [%[r], 80]\n\t"
-        "stp       x16, x17, [%[r], 96]\n\t"
-        "stp       x19, x20, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "cc"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp       x4, x5, [%[a], 0]\n\t"
-        "ldp       x6, x7, [%[a], 16]\n\t"
-        "ldp       x8, x9, [%[a], 32]\n\t"
-        "ldp       x10, x11, [%[a], 48]\n\t"
-        "ldp       x12, x13, [%[a], 64]\n\t"
-        "ldp       x14, x15, [%[a], 80]\n\t"
-        "ldp       x16, x17, [%[a], 96]\n\t"
-        "ldp       x19, x20, [%[a], 112]\n\t"
-        "ldp       x21, x22, [%[b], 0]\n\t"
-        "ldp       x23, x24, [%[b], 16]\n\t"
-        "subs      x4, x4, x21\n\t"
-        "sbcs      x5, x5, x22\n\t"
-        "sbcs      x6, x6, x23\n\t"
-        "sbcs      x7, x7, x24\n\t"
-        "ldp       x21, x22, [%[b], 32]\n\t"
-        "ldp       x23, x24, [%[b], 48]\n\t"
-        "sbcs      x8, x8, x21\n\t"
-        "sbcs      x9, x9, x22\n\t"
-        "sbcs      x10, x10, x23\n\t"
-        "sbcs      x11, x11, x24\n\t"
-        "ldp       x21, x22, [%[b], 64]\n\t"
-        "ldp       x23, x24, [%[b], 80]\n\t"
-        "sbcs      x12, x12, x21\n\t"
-        "sbcs      x13, x13, x22\n\t"
-        "sbcs      x14, x14, x23\n\t"
-        "sbcs      x15, x15, x24\n\t"
-        "ldp       x21, x22, [%[b], 96]\n\t"
-        "ldp       x23, x24, [%[b], 112]\n\t"
-        "sbcs      x16, x16, x21\n\t"
-        "sbcs      x17, x17, x22\n\t"
-        "sbcs      x19, x19, x23\n\t"
-        "sbcs      x20, x20, x24\n\t"
-        "csetm x25, cc\n\t"
-        "ldp     x21, x22, [%[m], 0]\n\t"
-        "ldp     x23, x24, [%[m], 16]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "adds    x4, x4, x21\n\t"
-        "adcs    x5, x5, x22\n\t"
-        "adcs    x6, x6, x23\n\t"
-        "adcs    x7, x7, x24\n\t"
-        "ldp     x21, x22, [%[m], 32]\n\t"
-        "ldp     x23, x24, [%[m], 48]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "adcs    x8, x8, x21\n\t"
-        "adcs    x9, x9, x22\n\t"
-        "adcs    x10, x10, x23\n\t"
-        "adcs    x11, x11, x24\n\t"
-        "ldp     x21, x22, [%[m], 64]\n\t"
-        "ldp     x23, x24, [%[m], 80]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "adcs    x12, x12, x21\n\t"
-        "adcs    x13, x13, x22\n\t"
-        "adcs    x14, x14, x23\n\t"
-        "adcs    x15, x15, x24\n\t"
-        "ldp     x21, x22, [%[m], 96]\n\t"
-        "ldp     x23, x24, [%[m], 112]\n\t"
-        "and     x21, x21, x25\n\t"
-        "and     x22, x22, x25\n\t"
-        "and     x23, x23, x25\n\t"
-        "and     x24, x24, x25\n\t"
-        "adcs    x16, x16, x21\n\t"
-        "adcs    x17, x17, x22\n\t"
-        "adcs    x19, x19, x23\n\t"
-        "adc     x20, x20, x24\n\t"
-        "stp       x4, x5, [%[r], 0]\n\t"
-        "stp       x6, x7, [%[r], 16]\n\t"
-        "stp       x8, x9, [%[r], 32]\n\t"
-        "stp       x10, x11, [%[r], 48]\n\t"
-        "stp       x12, x13, [%[r], 64]\n\t"
-        "stp       x14, x15, [%[r], 80]\n\t"
-        "stp       x16, x17, [%[r], 96]\n\t"
-        "stp       x19, x20, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "cc"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_1024_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	x8, #0\n\t"
-        "1:\n\t"
-        "adds	%[c], %[c], #-1\n\t"
-        "ldr	x4, [%[a], x8]\n\t"
-        "ldr	x5, [%[b], x8]\n\t"
-        "and	x5, x5, %[m]\n\t"
-        "adcs	x4, x4, x5\n\t"
-        "cset	%[c], cs\n\t"
-        "str	x4, [%[r], x8]\n\t"
-        "add	x8, x8, #8\n\t"
-        "cmp	x8, 128\n\t"
-        "b.lt	1b\n\t"
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x8", "x9", "x10", "x11", "x12", "cc"
-    );
-
-    return c;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static sp_digit sp_1024_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    __asm__ __volatile__ (
-
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 0]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 16]\n\t"
-        "ldp	x8, x9, [%[b], 32]\n\t"
-        "ldp	x10, x11, [%[b], 48]\n\t"
-        "ldp	x4, x5, [%[a], 32]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 48]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 32]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 48]\n\t"
-        "ldp	x8, x9, [%[b], 64]\n\t"
-        "ldp	x10, x11, [%[b], 80]\n\t"
-        "ldp	x4, x5, [%[a], 64]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 80]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 64]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 80]\n\t"
-        "ldp	x8, x9, [%[b], 96]\n\t"
-        "ldp	x10, x11, [%[b], 112]\n\t"
-        "ldp	x4, x5, [%[a], 96]\n\t"
-        "and	x8, x8, %[m]\n\t"
-        "ldp	x6, x7, [%[a], 112]\n\t"
-        "and	x9, x9, %[m]\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "and	x10, x10, %[m]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "and	x11, x11, %[m]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "stp	x4, x5, [%[r], 96]\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "stp	x6, x7, [%[r], 112]\n\t"
-        "cset	%[r], cs\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return (sp_digit)r;
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-static void sp_1024_rshift1_16(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldp	x2, x3, [%[a]]\n\t"
-        "ldr	x3, [%[a], 8]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 16]\n\t"
-        "str	x2, [%[r], 0]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 24]\n\t"
-        "str	x3, [%[r], 8]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "ldr	x3, [%[a], 32]\n\t"
-        "str	x4, [%[r], 16]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 40]\n\t"
-        "str	x2, [%[r], 24]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 48]\n\t"
-        "str	x3, [%[r], 32]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "ldr	x3, [%[a], 56]\n\t"
-        "str	x4, [%[r], 40]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 64]\n\t"
-        "str	x2, [%[r], 48]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 72]\n\t"
-        "str	x3, [%[r], 56]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "ldr	x3, [%[a], 80]\n\t"
-        "str	x4, [%[r], 64]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 88]\n\t"
-        "str	x2, [%[r], 72]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 96]\n\t"
-        "str	x3, [%[r], 80]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "ldr	x3, [%[a], 104]\n\t"
-        "str	x4, [%[r], 88]\n\t"
-        "extr	x2, x3, x2, #1\n\t"
-        "ldr	x4, [%[a], 112]\n\t"
-        "str	x2, [%[r], 96]\n\t"
-        "extr	x3, x4, x3, #1\n\t"
-        "ldr	x2, [%[a], 120]\n\t"
-        "str	x3, [%[r], 104]\n\t"
-        "extr	x4, x2, x4, #1\n\t"
-        "lsr	x2, x2, #1\n\t"
-        "stp	x4, x2, [%[r], 112]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "x2", "x3", "x4", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_1024_cond_add_16(r, a, m, 0 - (a[0] & 1));
-    sp_1024_rshift1_16(r, r);
-    r[15] |= o << 63;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_16(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_16(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_16(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_16(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_16(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_16(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_16(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_16(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_16(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_16(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_16(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_16(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_16(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_16(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_16(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_16(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_16(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_16(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_16_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_16_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_16_ctx* ctx = (sp_1024_proj_point_dbl_16_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_16_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*16;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_16(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_16(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_16(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_16(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_16(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_16(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_16(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_16(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_16(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_16(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_16(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_16(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_16(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_16(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*16;
-    sp_digit* b = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t2 = t + 8*16;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_16(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_16(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_16(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_16(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_16(t2, b, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_16(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_16(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_16(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_16(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_16(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_16(t2, b, p1024_mod);
-    sp_1024_mont_sub_16(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_16(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_16(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_16(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_16(y, y, p1024_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_16(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_16(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_16(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*16;
-    sp_digit* t2 = t + 4*16;
-    sp_digit* t3 = t + 6*16;
-    sp_digit* t4 = t + 8*16;
-    sp_digit* t5 = t + 10*16;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_16(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_16(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_16(t2, t1) &
-            sp_1024_cmp_equal_16(t4, t3)) {
-        sp_1024_proj_point_dbl_16(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_16(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_16(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_16(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_16(t3, y, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_16(y, y, x, p1024_mod);
-        sp_1024_mont_mul_16(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_16_ctx {
-    int state;
-    sp_1024_proj_point_dbl_16_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_16_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_16_ctx* ctx = (sp_1024_proj_point_add_16_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_16_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*16;
-        ctx->t2 = t + 4*16;
-        ctx->t3 = t + 6*16;
-        ctx->t4 = t + 8*16;
-        ctx->t5 = t + 10*16;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_16(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_16(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_16(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_16(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_16(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_16(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_16(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_16(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_16(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_16(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_16(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_16(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_16(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_16(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_16(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_16(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_16(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_16(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_16(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_16(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_16(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_16(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
-        const sp_point_1024* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*16;
-    sp_digit* b = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t2 = t + 8*16;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<16; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<16; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<16; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_16(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_16(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(w, w, p1024_mod, p1024_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_16(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_16(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_16(t2, b, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_16(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_16(t1, t1, p1024_mod, p1024_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_16(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, y, t1, p1024_mod);
-        /* Y = Y/2 */
-        sp_1024_mont_div2_16(r[j].y, y, p1024_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra,
-        sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t1, xa, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_16(t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t4, t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_16(t3, t3, ya, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-    /* H = U2 - U1 */
-    sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-    /* RS = S2 + S1 */
-    sp_1024_mont_add_16(t6, t4, t3, p1024_mod);
-    /* R = S2 - S1 */
-    sp_1024_mont_sub_16(t4, t4, t3, p1024_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_1024_mont_mul_16(za, za, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(za, za, t2, p1024_mod, p1024_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_1024_mont_sqr_16(xa, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(xs, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(ya, t1, t5, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(xa, xa, t5, p1024_mod);
-    sp_1024_mont_sub_16(xs, xs, t5, p1024_mod);
-    sp_1024_mont_dbl_16(t1, ya, p1024_mod);
-    sp_1024_mont_sub_16(xa, xa, t1, p1024_mod);
-    sp_1024_mont_sub_16(xs, xs, t1, p1024_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_16(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_16(ya, ya, xa, p1024_mod);
-    sp_1024_mont_mul_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(t6, p1024_mod, t6, p1024_mod);
-    sp_1024_mont_mul_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t5, t5, t3, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(ya, ya, t5, p1024_mod);
-    sp_1024_mont_sub_16(ys, ys, t5, p1024_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_1024 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_1024;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_16_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_16_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<147; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 16)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 16) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_16_7[y];
-        v[i].neg = recode_neg_16_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 7 bits. (Add-Sub variation.)
- * Calculate 0..64 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 65+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 16 * 37);
-    sp_point_1024* rt = NULL;
-    sp_point_1024* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_1024 v[147];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 65+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 16 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 65;
-        p  = t + 65+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_16(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t[1].y, g->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t[1].z, g->z, p1024_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[64]  */
-        sp_1024_proj_point_dbl_n_store_16(t, &t[ 1], 6, 1, tmp);
-        sp_1024_proj_point_add_16(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[ 6], &t[ 3], tmp);
-        sp_1024_proj_point_add_sub_16(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[10], &t[ 5], tmp);
-        sp_1024_proj_point_add_sub_16(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[12], &t[ 6], tmp);
-        sp_1024_proj_point_dbl_16(&t[14], &t[ 7], tmp);
-        sp_1024_proj_point_add_sub_16(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[18], &t[ 9], tmp);
-        sp_1024_proj_point_add_sub_16(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[20], &t[10], tmp);
-        sp_1024_proj_point_dbl_16(&t[22], &t[11], tmp);
-        sp_1024_proj_point_add_sub_16(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[24], &t[12], tmp);
-        sp_1024_proj_point_dbl_16(&t[26], &t[13], tmp);
-        sp_1024_proj_point_add_sub_16(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[28], &t[14], tmp);
-        sp_1024_proj_point_dbl_16(&t[30], &t[15], tmp);
-        sp_1024_proj_point_add_sub_16(&t[31], &t[29], &t[30], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[34], &t[17], tmp);
-        sp_1024_proj_point_add_sub_16(&t[35], &t[33], &t[34], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[36], &t[18], tmp);
-        sp_1024_proj_point_dbl_16(&t[38], &t[19], tmp);
-        sp_1024_proj_point_add_sub_16(&t[39], &t[37], &t[38], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[40], &t[20], tmp);
-        sp_1024_proj_point_dbl_16(&t[42], &t[21], tmp);
-        sp_1024_proj_point_add_sub_16(&t[43], &t[41], &t[42], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[44], &t[22], tmp);
-        sp_1024_proj_point_dbl_16(&t[46], &t[23], tmp);
-        sp_1024_proj_point_add_sub_16(&t[47], &t[45], &t[46], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[48], &t[24], tmp);
-        sp_1024_proj_point_dbl_16(&t[50], &t[25], tmp);
-        sp_1024_proj_point_add_sub_16(&t[51], &t[49], &t[50], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[52], &t[26], tmp);
-        sp_1024_proj_point_dbl_16(&t[54], &t[27], tmp);
-        sp_1024_proj_point_add_sub_16(&t[55], &t[53], &t[54], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[56], &t[28], tmp);
-        sp_1024_proj_point_dbl_16(&t[58], &t[29], tmp);
-        sp_1024_proj_point_add_sub_16(&t[59], &t[57], &t[58], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[60], &t[30], tmp);
-        sp_1024_proj_point_dbl_16(&t[62], &t[31], tmp);
-        sp_1024_proj_point_add_sub_16(&t[63], &t[61], &t[62], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_1024_ecc_recode_7_16(k, v);
-
-        i = 146;
-        XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_1024));
-        for (--i; i>=0; i--) {
-            sp_1024_proj_point_dbl_n_16(rt, 7, tmp);
-            XMEMCPY(p, &t[v[i].i], sizeof(sp_point_1024));
-            sp_1024_mont_sub_16(negy, p1024_mod, p->y, p1024_mod);
-            sp_1024_norm_16(negy);
-            sp_1024_cond_copy_16(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_1024_proj_point_add_16(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_16(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[16];
-    sp_digit y[16];
-} sp_table_entry_1024;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*16;
-    sp_digit* t6 = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t4 = t + 8*16;
-    sp_digit* t5 = t + 10*16;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_16(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_16(p->x, t2) &
-            sp_1024_cmp_equal_16(p->y, t4)) {
-        sp_1024_proj_point_dbl_16(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_16(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_16(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_16(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_16(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_16(t5, t3, p1024_mod);
-        sp_1024_mont_sub_16(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_16(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_16(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-    sp_digit* tmp = t + 4 * 16;
-
-    sp_1024_mont_inv_16(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_16(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_16(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_16(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_16(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_16(t, 128, tmp);
-            sp_1024_proj_to_affine_16(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_16(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_16(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 16 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 16 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_16(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_16(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_16(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[16];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[16];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_16(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_16(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 16 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 16 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_16(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_16(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 16);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 16, km);
-        sp_1024_point_from_ecc_point_16(point, gm);
-
-            err = sp_1024_ecc_mulmod_16(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xbf9c7ec6e0162bc2L,0xddecc6e310a89289L,0x5d599df09e499d81L,
-        0x9a96ea286d358218L,0x01aec7d370c5f8dbL,0xe72e49958cf5d066L,
-        0xc2e7297d3e91d7f8L,0x8621db92da9f2f5aL,0x4b26c8675a5679edL,
-        0x233385df2c56aac1L,0xb88e74d4c6a13f99L,0x1214b173ffa8ec11L,
-        0xa0386a271f3f9fefL,0xbd9b1b4ec0e7b44eL,0xafe528dceecd3496L,
-        0x8dfff96a1c49f80bL },
-      { 0xb4a4753ac03c0c83L,0x68e69d18abcdcd75L,0xe3839b88f775b649L,
-        0x803f949abf58f352L,0x5f702679bd0bc15cL,0x85bf5d168ff298c2L,
-        0x3f6ebd98c6c7976eL,0x20618af445e3e1b4L,0x67d5598e54e64093L,
-        0xb047283b504fed9eL,0x450cabfd70d87517L,0x47d628bf3f5addbeL,
-        0x0037ef3078cb4ccaL,0x4e148d3c6b1c4908L,0xe256d3294fcfd837L,
-        0x2aa1207bde3c01f3L } },
-    /* 2 */
-    { { 0xa95b6dae01900955L,0xa5dc9cc1ceb4656dL,0x50c78907e72fe95bL,
-        0xa1ae5447a040c334L,0x911913707952ea6eL,0x54ff73436d097305L,
-        0xa4db0074bda4d10fL,0xfd5306f191644070L,0x14b9fe738b24522cL,
-        0x1468dad67849f762L,0x87b29a18b0dcd2e4L,0xadd7f1a15e1ad492L,
-        0x9ac63a81dbba2a1aL,0x01379c5b81223379L,0xf402b2f0b0e53bc8L,
-        0x8c3eb27f0bf13b61L },
-      { 0x9a4ad3e1e513696fL,0x0350ba5c18c81ffaL,0x1e2fc1363c033d13L,
-        0x53da6e7117a531bcL,0x42ec64901aed610dL,0xd33e8df7e99ff567L,
-        0xe4aad73e3deed12aL,0xd983b465180f4debL,0x99365269502f30b4L,
-        0x7e2799aba8918d7fL,0x0ffe84b6700fc79aL,0x7b4400d640bfd8c2L,
-        0xc3a21d215d2641bdL,0x79839442c32621cbL,0xace6500bb1401e83L,
-        0x7bf4163e251c4310L } },
-    /* 3 */
-    { { 0x1c174f88e3fd589eL,0xdb501790df974a03L,0xd09623e33e70549fL,
-        0x8d091eff15924f34L,0xeef79cadf9b65ac5L,0xd2cc42623f69c2cfL,
-        0x817d903252cd82bcL,0xacf4f4d9a5f1ddddL,0xd06126355011b6bdL,
-        0x9f74490d2ed140c9L,0x64092e8c4db686d2L,0x225eef16776b0fccL,
-        0x0e8c01e9df16aeb6L,0x6283674184bbd82aL,0x757574e28956e337L,
-        0x9871edc6705a7f07L },
-      { 0xbd0b76d5776535f7L,0x5214d6022635b3b8L,0xc0c25ad99d216f64L,
-        0xfd4df3a75515bf75L,0x24a625bc5e9f1675L,0x3c35efb7406873e7L,
-        0xef5c9a33bb2e5c4aL,0xa971b35e806b198aL,0x9f5c0ca5a3c690edL,
-        0xa8d5dd898e1e2341L,0x4cecbcce955ad9e4L,0x2ecf4407248d3416L,
-        0x1abb381145c0af6eL,0x3f4bee821c780fffL,0xd14df768c272ed57L,
-        0x397ed10a371637adL } },
-    /* 4 */
-    { { 0xcf3e0bb2755c2a27L,0xd38e42f959585c44L,0x46b13e0f19285e60L,
-        0xc3ecd0c076273d0fL,0x7800f085193c569aL,0xf04e74ab4351818aL,
-        0x9258aa388496363bL,0x8456617cb8c894feL,0x8bc62aaa2af969a0L,
-        0x66c2280b5a4668d9L,0xbc9df58ea992f4faL,0x5db0b7d93f401e99L,
-        0xe0614fe1c4c38c0eL,0xd531151c2ccdf6b3L,0x1c7575ece143b618L,
-        0x40247985df9398a4L },
-      { 0xfba251788f055746L,0xc5ba00400ab1e6e0L,0xe1b194fbac292697L,
-        0x771521195b4f4740L,0x250091d09bb7ba54L,0x7a674861b9a139a4L,
-        0xba8413b3f353aa7eL,0xafe771922443ceeeL,0x14468d363847bbd0L,
-        0x61f79ff63da4942dL,0x1563a1c1d425b456L,0x3c270fcd75ff4630L,
-        0x42072090eb2802c9L,0x68f0cdcbc85c7004L,0xca4372fbfa032e74L,
-        0x1a6fd1e6c8b79d80L } },
-    /* 5 */
-    { { 0x967a901a8d5116a3L,0x0b844394b2f5f47fL,0xe39ad45260ebaf3bL,
-        0x1e1be61760ccfc0cL,0xac07e3d2cc3f53f2L,0xdd838e0e1ed11bb6L,
-        0x454753071c15b0c2L,0x70dd4748920fe5b8L,0x1a20be2de471896dL,
-        0x3c3fad8a59276c7cL,0x026a1cc3c886ee07L,0x9fdb6f376e831ac4L,
-        0x26a35d1aac501d65L,0x0ae9890540da8574L,0x65dde0a4abd734e5L,
-        0x29b7d4dc15614750L },
-      { 0x44b3c2cbcbf4e20bL,0x1c3f548f58cc44c5L,0x39809b545b0cac1fL,
-        0x0c0f02b500f80621L,0xe612b890066905e0L,0x8f158ed78350188cL,
-        0xc01dc4583f5576b2L,0x29803272a45492e0L,0x77a5623a0ff92443L,
-        0xd12a2b0029d0dc41L,0xb41254592780e87aL,0x1ebcf9030d53f272L,
-        0xbae6ea4024301e8dL,0x1e5f3f2fa37d0798L,0x9342c31022b4126cL,
-        0x5d0928025382497eL } },
-    /* 6 */
-    { { 0x583a2b7eff2f780dL,0x34d26820d7d76b1dL,0xe3c3284786f74aecL,
-        0x0fd4221210823febL,0x227e417efb5e7bf4L,0x510d49b6a568f8cdL,
-        0x53bce7d61781bbecL,0x9cfe3f222f3718b7L,0x7f44e89fd9de6c1fL,
-        0xf1cc553f3fac9b55L,0x9d2d0846e6f300bcL,0x976c82a29f0ae6b1L,
-        0xe63dbf5e24b8bbe0L,0x4cac7f45973a5aa7L,0xc6eb623784dd33c7L,
-        0x0a26e434142fee5dL },
-      { 0x8081339facaa9a08L,0x40f311055246ece1L,0x892c817061393747L,
-        0x8d8d4103242f02e1L,0x482bfd203b5de98aL,0x89ef946b5abbe952L,
-        0xb8d218b937698249L,0xd5268e8966617c7aL,0x962e75518b7d2b91L,
-        0x2c5c7973fe8d67c3L,0x42e3150a2b017c51L,0x6f4e5ebcc1a29469L,
-        0xa39910ce531c7083L,0xaf4f6eb4b77b9e50L,0x68cbb175da120ad0L,
-        0x19497c61b92636ecL } },
-    /* 7 */
-    { { 0x6920b0c6417659a8L,0xc77ab9c792cb28ffL,0x55b67180b687797fL,
-        0x4caf58c1e7759363L,0x5155bdb65561b186L,0x2e64e355780f4946L,
-        0xeb0ac9b7229a8b20L,0x88594d782571bd60L,0x5dcc0939e3fa78f9L,
-        0x7b8b48302ac2d379L,0x505fbf60b90f1444L,0xac610e813ce4b3c1L,
-        0x39a4f27ad59b5c18L,0x5fa339737cea0222L,0xe578730b8dff1c7bL,
-        0x96b91b8b517bf7a6L },
-      { 0xc1a991f49aac087cL,0xce62f74e6cfdb28dL,0x08d6ff9a5f7600d6L,
-        0xd781cd04f917f9c9L,0x7796f5f63de52dbfL,0xe7db64e02ed72180L,
-        0x0f0876f66fa4137dL,0x3271ee643ca1f716L,0xcb9b20587c4ab8a3L,
-        0xcba1710739481047L,0xdf9a190d598c5c37L,0x0cb6e72a6f20e125L,
-        0xa3142204f4f2902dL,0x42d28cb97ce2dcfbL,0xdf261b8aa3d3c351L,
-        0x73f3d315cffc249dL } },
-    /* 8 */
-    { { 0x5d86855be6fd3673L,0x309b70af9d214b7bL,0x8d332f90dcc46cd3L,
-        0xe553c015595510deL,0x5746a09638c1251cL,0xcd7cea5b85cc1bc9L,
-        0x4ffa1468002eba8fL,0x10a3cb7022fcd77cL,0xb6999dfbc4ea05e3L,
-        0x3375a0d04efa756eL,0x4d90279edced5fd8L,0x48192403251fd56eL,
-        0xe87633a482a4c5f1L,0x3170d1301b34105bL,0x93998b0f7247e578L,
-        0x88934f64436ba1faL },
-      { 0xf09f43b04713eabcL,0x4ca7dd91accdc517L,0x27daa63bef13ca7cL,
-        0x8b2e5a7a2588184bL,0x0a8cb612d95dc269L,0x346975a2e1f2f14cL,
-        0x1f29b8ede172935cL,0xc3cbfd6ed40bc1e3L,0xd3f46b3f132623daL,
-        0xc115be6dfb0b7681L,0x5e31c34556da4344L,0xa7c63f18a8e43d98L,
-        0x55cb20834bddb4eaL,0xb16a0c384a54f58cL,0x74eacca246fd69d9L,
-        0x0d1898bb153548e1L } },
-    /* 9 */
-    { { 0x4ea73461e35ef043L,0x107b67d93496b564L,0xd62c173bd0f83a3cL,
-        0xfad4b03851d29c35L,0x3f42882a71b1c1a4L,0x5d2bcf6654b43b9eL,
-        0xc77b15aa2abdf543L,0x5cb38a80dabe3dc1L,0x15fda0aea481673bL,
-        0x86996b4de7b90ebeL,0x84f87e252bc8f3d8L,0xaded03d637c4e424L,
-        0xe5ede666d7a7afd8L,0x80dd95a2a1ccb93aL,0xa55cfd2546fba391L,
-        0x2bdab1dc46f82e60L },
-      { 0x7a4de22bfa6fed61L,0xca458aa5cc8dd94eL,0x3e372df1071222f5L,
-        0x06a4b44fe5aff377L,0xbc2d0ba74a738e6dL,0x1a470e1d5f31f136L,
-        0x77ff933ae102a911L,0x8b380a50310c7885L,0x9f3c0228783fc5acL,
-        0xec66892544725d06L,0x878f0e165ac84221L,0x9a3af1afcfda6e8aL,
-        0x0183ed3778cd2abaL,0x32cdbd60826d0eaeL,0xb3234661cbee6415L,
-        0x353eb892b9c10120L } },
-    /* 10 */
-    { { 0xc8fdcad610b5521eL,0x1a11b44052e702f0L,0x6302680d8ffda49cL,
-        0xcdb9654acbf36badL,0x7b58ce114c10a2d7L,0x1e5d1f7de630e7e0L,
-        0x8cbe3d7d6760a813L,0xeb35866b6480d77fL,0x58728cf37f036219L,
-        0xdd5865ed42a8a757L,0x283f1f1d906a2870L,0x79e23fa4a51f906bL,
-        0xf2ac6e83543b20a8L,0x4f0b6379b81e7754L,0x57fbc0d4840016eeL,
-        0x8da20771e621b67dL },
-      { 0x3c855004ecce65ecL,0x76d10d1fb748185eL,0x64be7bca78797ad2L,
-        0x43444db077e54aadL,0x17b6b0c9be0df0ffL,0x8fc4256c055086a4L,
-        0xf952c43bfd74d5a3L,0x501e005a01c4edb8L,0xd5172dfc4a57e328L,
-        0xdb40ce4e535d6ee3L,0xbaef1e5c0c650918L,0xe85145e7857561fcL,
-        0xe468536a34a224c6L,0x69a8e2270ec0e0a2L,0xb3f52247242b03fcL,
-        0x862f55e2c3bebd5fL } },
-    /* 11 */
-    { { 0x2d6a390f226049feL,0xcc92a578dcbbc9fbL,0xa52feca497634fb7L,
-        0x2b340cb63dea5893L,0xa39f338a2a49e916L,0x26b2df3d949e41f3L,
-        0xc71c7cdb065a7e40L,0x4a9b84a0468281a2L,0x63eeb503731eeecaL,
-        0xe6d0913476cbb725L,0x0cf979a9b94a678cL,0xb44d8c3b808fd9f1L,
-        0xe60da613e0afc5b9L,0x52dce7de3ea5be69L,0x3a5d6864dc1ee74fL,
-        0x71ab28913bc80790L },
-      { 0xcf618fc43b5b60adL,0x0afb5e304a0c3184L,0xd22381ccbc403302L,
-        0x33cf8953db1c0c66L,0x9c994e4da6112a8dL,0xd7aae2c3d1967a86L,
-        0xc28d54935b7acd29L,0x8075bd136c9a57fbL,0xc9c0373e9c8427f9L,
-        0x2cbca18d193225f5L,0x73777d13442c018cL,0xebe5ed47fbb3a727L,
-        0x70437d491962dc18L,0xf39c1e092dc08806L,0x03e9c6f715fff35cL,
-        0x8d087bb65e360a65L } },
-    /* 12 */
-    { { 0xbe2123023fdc1844L,0x6eca27ef105eac56L,0x2183a606f168a348L,
-        0x295f807de1d7a4cbL,0x7246a6327ef5d43eL,0xae143205c77025c7L,
-        0x4bdfc7caf3484e3eL,0xec939895df52c075L,0x82e655f6d7a9cac0L,
-        0x985dfe208baeddb0L,0x79c817e4527de731L,0x30ce0fbc313de1eaL,
-        0x9df95b89cc4f6cbbL,0xf2aedf1ef5bb20cdL,0xfc1e0a891a8cfb01L,
-        0x225ed34a63edb7ecL },
-      { 0x3e13154dbabb1a85L,0xd3d8dae71e6a565aL,0xd3217d56ab4b100fL,
-        0xd44d934eebc78e1aL,0x0215321b48e73d37L,0xbbc90bfa201e43cbL,
-        0x3c23f1d027500905L,0x2a2e5000c86691a1L,0x08b2bad26065841cL,
-        0x15d41caf30026b60L,0x1712c2f45276ce61L,0x01c4c3e715932ffbL,
-        0x7894e13d6a74caf2L,0x02d6f5df0c0537a4L,0xa8fb7602c2b1c97eL,
-        0x612b60e5d0887c7bL } },
-    /* 13 */
-    { { 0xefd495cfba245d6bL,0x5cf0cbb7a2ce3ff6L,0x24da2ac0dff5feeeL,
-        0x90c914f8cf28c6a3L,0x72fdb50d4308a56bL,0x03dbf77913d72034L,
-        0xcfa5ec91822ac9e9L,0x0dde73c83aea3e81L,0x545ba96266289139L,
-        0xa52f648bca6acbd3L,0xff6f276e98a0683aL,0x2536d3aca378ed52L,
-        0x353c2c54885ac1d9L,0xcaff52da00bc84a7L,0x3971f81c37684167L,
-        0x0f7334e1d2d7986eL },
-      { 0xafbb5c836596067eL,0x33e54e1938c19806L,0x8285d96739cb0dccL,
-        0x2b53f43d424035f9L,0x38c531f8dfef9095L,0x90fbe8e4db0f571aL,
-        0x9a0c1ed2a39ca787L,0x2fecc1d6606f2620L,0x9dc890b172b7cb4aL,
-        0xc33ca6fbccbb7868L,0xd1b11082fe73ee49L,0x590b7d17fcb66c48L,
-        0x9356b0a686e14573L,0x75d682c4053ead85L,0xb2ae55fac54d30fbL,
-        0x67636a72f8aee949L } },
-    /* 14 */
-    { { 0x638063bcb91d6beaL,0xae263a2e923ecb96L,0x9d7b0992c627aca6L,
-        0xc6ed001a77af9e7eL,0x9214accf24aafebbL,0xa3564b9678055a90L,
-        0x00999b1ce027499dL,0xe413a4e1e46a06a5L,0xa05d13f62e51efe7L,
-        0x35e87d349ba843beL,0x0a6338253183159eL,0x6023e8ba54601923L,
-        0x9b107721b7fd1cf2L,0x46b5542bfdf2fd53L,0xb314f4f81c18af38L,
-        0x086f987660ac8965L },
-      { 0x767019548cbb9850L,0x6210b730a20d2c8cL,0x4084d0575335670cL,
-        0x3ecdc5950324baeaL,0x607fc5f2c76ee9b4L,0xf393d00f440ffa64L,
-        0xe01117962dc1463cL,0xf00b82519c7725e7L,0x35e607365bd1d186L,
-        0xf3d8554c2cf72aacL,0xb4dd0fdeefa3497dL,0xd712268cf646ad11L,
-        0x07c20afb9f7b8eadL,0x630969d4fc06dfe5L,0x76b7df1c7245549aL,
-        0x681f9403e61ae810L } },
-    /* 15 */
-    { { 0x7cad5163c9a0623bL,0xdbf8295767fab8d4L,0x2ccab0ec81af7c7cL,
-        0x469e38c8e966d5c2L,0x34430d52f0d4e41cL,0x426075a2a52b359cL,
-        0x242dd3e333bd0127L,0xcda3f6359fed2341L,0x4df33730d7d52ffaL,
-        0x5fff56f07640c3efL,0x4783c21c1bbde57cL,0xd8784a2aeb8bb336L,
-        0x1ec7c533ead08405L,0x4b7f1423f9b62bd4L,0x5543145c7075d4afL,
-        0x0c9de94aba60590aL },
-      { 0x8ed7273595d5682bL,0x711c42832ec276edL,0xd1f4aed58b36a0d2L,
-        0x62ab40c48498a88fL,0x58c8fc624480f451L,0x8bc8ca4bb79cffe2L,
-        0x90ab583c701a359dL,0xaee31a733fd5d15dL,0x02a5597bc912333cL,
-        0x1019cae4b6c3e3c2L,0xe513042c29938088L,0x0e00283df47c8199L,
-        0x90d68e58f2a00e92L,0x69e2df41a775ae3bL,0xb8d2eca5871c30b2L,
-        0x733dca0ebb1de396L } },
-    /* 16 */
-    { { 0xf5b495d04b59213aL,0xca6720398d70200eL,0x4bcb09a62b6771c1L,
-        0x26adeed42b9eb0cbL,0xeb5447548cdba212L,0x0e1abfcdf08890d1L,
-        0x52509963698e46b4L,0xe1bff0b082e9c138L,0xa189e4cd51099a71L,
-        0x2360c9bcc9b91cc7L,0x9bd4d7dc137ec4beL,0xd0356521d1519f6eL,
-        0xbf5f6d78cf832503L,0xe43010318deea2b4L,0xc3132494ef4c319cL,
-        0x2ab3bd470f1fa7d7L },
-      { 0x5753b680922c9fbbL,0x869e7dc80f16c6d1L,0x83445135bac16efcL,
-        0x4326a3b4846d1d9bL,0xb517fee3b2d62c21L,0x6905afa20b292ad5L,
-        0x2a57131a2cadac13L,0xcd904d8febdbca8dL,0xdfeda86f3f365fb2L,
-        0x7097b208dc7eaa1cL,0x89a35a84a45e77c0L,0x417a062ccf5d118eL,
-        0x3c0c04a81f6e99e8L,0xc44704b0ba7a087dL,0x6f8a27d13ea22ad2L,
-        0x93a4b4164c27d229L } },
-    /* 17 */
-    { { 0xd4271bc11f1efb7aL,0xae4e68e633fccc0dL,0x9d9bc8f1b11f50a8L,
-        0x5430398faf076089L,0x45e242fb443d0e03L,0x73ec2519f6e3d4c1L,
-        0xab70f790ba9bad09L,0xde612ad5f9add10fL,0xb837e54e14e942b4L,
-        0x175a56d3ddb8b68aL,0xe85b233c1ac2a408L,0xf8ff6c30f0c80f94L,
-        0x4b7f3fb7898db4f9L,0xa2c6044f45a7dcddL,0xf3abb2f6fe3d3895L,
-        0x342ce0d732ee7763L },
-      { 0xeb261394cf491b1fL,0xdcaaeed71909e395L,0xdcc4055a9fe4dbeaL,
-        0x17a6611d493d604dL,0xba445a3a1ce5ebefL,0xe82e2858e3989cb5L,
-        0xb96f428283f58406L,0x99877b99a156cf55L,0xaf906a664e166a0eL,
-        0xcea1d353b2976d13L,0xefc16f2736c61a01L,0xdb04c433b0f55d86L,
-        0x3cb4b2698eb34c01L,0x38d07f782ae60280L,0x43ac3bcb43be3ec5L,
-        0x455f4af3e156fd20L } },
-    /* 18 */
-    { { 0xc057f262754ec21cL,0x3eacd4c9e3a1ba38L,0x3a0210d1116c1fe9L,
-        0xe4ea4e94eacc8ab6L,0x31c00c9aea6f32caL,0x5cb6239d86b975ceL,
-        0x654d5d8ca14ea1e9L,0x230d31f45067fc8bL,0x48bb90cb6355fecbL,
-        0x78f81ecedc172e8eL,0x288380a8cb006737L,0x19b02e01e162d012L,
-        0x0e087a06c5af145cL,0xf04dc8b7b72dc354L,0xf70ef2148de3c066L,
-        0x4f14824313009fb7L },
-      { 0x5e004fce6e2055e2L,0x89e247ea86c32067L,0x4ebcbd955f9daaa2L,
-        0xd15f212fceb7f63bL,0x5ecc5c1f863784a0L,0x53b3800b75760251L,
-        0xeb9301c38a6a2954L,0x0f16ba18a13cdd19L,0x8313d251887c2d24L,
-        0xf99235859a9413f6L,0x423405e6fe3fd7c5L,0x678aeb3416e0ee05L,
-        0x1f3be7bb3fadaab0L,0x7901fa2c82884471L,0xc950db304d662ff6L,
-        0x74d5d2d43c01170bL } },
-    /* 19 */
-    { { 0xa3002dc02b5bfe11L,0x0733410d52d321e7L,0x15920f659679ba89L,
-        0x0e248c14685b236eL,0x8cfab594346f6040L,0x9f57afb740c717f0L,
-        0x0dbab28c66044576L,0x0fa099689cdc3247L,0x41e02ae2c230ed05L,
-        0x0d961554e45bef74L,0x9688a982ce4d7b6fL,0xfadefac75e62d22eL,
-        0xaf1512a6bd2cba28L,0x78868e62be7c749fL,0x88048d81ae9f5a6bL,
-        0x6b1a5442c5857a29L },
-      { 0x9f5ab9ad43242066L,0x0afef1b52ccca2aeL,0xb1b43ec7988edc4eL,
-        0x0d0c00f10341b0d5L,0x4d68b8f7b50aab37L,0x9a8e4e6ff3a64a99L,
-        0x198338fb7f1a684eL,0x8bc0e748351a0f5cL,0x2cacf2cddac44515L,
-        0xc14d39995e9ff76bL,0x54a01b3f16393055L,0x6ac3eea5888d8376L,
-        0xb84d9a9a723277b1L,0x99132691e11dbbbfL,0x597717aeabb67178L,
-        0x4c2135268bb14ac8L } },
-    /* 20 */
-    { { 0x2e6fe0a695532833L,0xabca228ed626d067L,0x22aef3d9649e73bdL,
-        0x2083a87af03c4c0cL,0xe954e75d35169b45L,0x577509ee74506a89L,
-        0x49cb276e2aeacf90L,0x08275d77fa409f91L,0x61eb6f3df0bbd6b9L,
-        0x948202cbe4132704L,0x35f3fc21b1c498b1L,0x76c68ba8361fee59L,
-        0xa18cbbd950e051f3L,0x2384a879318e7042L,0x292abead80dd1e8bL,
-        0x65713c295c37c334L },
-      { 0xdccca8e9ceb77b9aL,0x2f97e72723b69469L,0xc76abee6a01d6b28L,
-        0x3925203d5abecdfeL,0x8944808229290d70L,0xf9931424b0314438L,
-        0x04209df17cd447c3L,0x7c6f2059c855c827L,0xd97d786256c0e069L,
-        0x5a9db6fe412d94c4L,0x19a64591994c41ddL,0x12348aa1c89e21a3L,
-        0xd6904b50c6a03f0eL,0x55c15156a616feacL,0x4e36d1b57cc7693bL,
-        0x6b0e996c3bae3c38L } },
-    /* 21 */
-    { { 0x32789fabcceced00L,0x3237e71ae5b7aa66L,0x87b2e2692ddebcdfL,
-        0xb7245120b61dad8fL,0xe11e5e48d35f803cL,0xfb4df5d798e50f0dL,
-        0x60ee68b4bcd2ab92L,0x98ab2f5c1ce3363dL,0x15ba39da7cd42647L,
-        0x1a6572eb83f4fb3fL,0x0f77de88e56f08dbL,0x1743761e172562c2L,
-        0xbe349ff88a58f0f4L,0xe04da71b84d1d6e2L,0x368f03429e9ff3b4L,
-        0x4022a205678223f8L },
-      { 0x527bbd0583847375L,0x3ae56b623f451af0L,0x6198f24d4b2c7f18L,
-        0xee323f5b4525b98dL,0xa9d8d39a0e0884b5L,0xd005d7f6fb12c776L,
-        0xd71c483e708bc154L,0x8ca6fd28742541bcL,0x0af3dccdf8397ddbL,
-        0xb80d31253eccf243L,0xc743a10858d81b8dL,0x3f48eb2171391f68L,
-        0x493aff8833bb657fL,0x1d15ed6607e47e31L,0x10159b11e08279f6L,
-        0x312179cb24a6a956L } },
-    /* 22 */
-    { { 0xa94cc3ca07615ac2L,0x85865e64121ad581L,0xae47616fa7986b79L,
-        0x395a40eb9d5e0f1dL,0xa91432643d9457eaL,0x8de6d6a3fa2865d9L,
-        0x0771db961014ae8cL,0x77a7cce6976a87cbL,0xa7de42e1143a0f60L,
-        0xe203cc09d993d934L,0x9201869398ec4c3dL,0xd77546d83a25df4bL,
-        0x0ad9eb4762b02d6bL,0xfaaaf208d05a7189L,0x5238181f431221bbL,
-        0x417d6c78733511eaL },
-      { 0x3cbd81b70e91e9a8L,0x73340418c370d6b3L,0x825db10a8eaa2373L,
-        0x8f2b09e46c7d6756L,0xe288ee9b94c33dedL,0xcd8426bb1695e3fbL,
-        0xa6176c86dce9e888L,0x3f4c89226165e362L,0x514e411f6063fb09L,
-        0x6907ac20c8f9e04cL,0xcef7469cdfd2ad61L,0xba30bae48452199aL,
-        0x3068129312ac3462L,0x011be873c92d482dL,0xff4cbf89e8330995L,
-        0x02189d52d1470a0aL } },
-    /* 23 */
-    { { 0x73e419dd92599c69L,0x5b94221b7fec32caL,0xb2bf9bd209bbfbfdL,
-        0x61ea97a463ed895bL,0x6609146b3f486f79L,0xbd1c7a05fd141a39L,
-        0xc79ec8cf83d64135L,0x7f8fd42f9883507bL,0xafcb53b717b3d027L,
-        0x86658dcd67ca5a21L,0xa6a6c0accd149786L,0x16f3d70e34b95067L,
-        0x371208e3df44958cL,0xd2dd64e6ec280212L,0x33b2c4ab30782c71L,
-        0x7bbf8abd521176faL },
-      { 0xbe9e4aafa78b981aL,0x788b4e36304ec828L,0x0c45cf393959dea3L,
-        0x70a9bdd3240b39c7L,0x499cd7dd28383b7dL,0x30690b2e307a1026L,
-        0x2262d598ee92f1b3L,0xc62d77deb4725a48L,0xa16f25bc7bc3aa0eL,
-        0x62dd8b65d15ef7faL,0xd979221d0b96d68fL,0xb92885c3a00f1906L,
-        0xfa476b9beb74c740L,0x217ddbb5c7576222L,0xc2782c305788504fL,
-        0x860d096cf812716bL } },
-    /* 24 */
-    { { 0xfebc337d4d79bbf9L,0x5d53eab869f74f80L,0xff36a09533104d53L,
-        0x2ab820da196f8b97L,0x961d3d1f75ce6909L,0xb197ec0404683754L,
-        0xa68ce1bf93a6cb9bL,0x503456ffc5f021a3L,0xb50a2db18940ffdbL,
-        0x77c50f8fef004209L,0xd635d17704965875L,0x725766d98bb8770aL,
-        0x8e19b028a078e53eL,0x364d4ccaf9fc8378L,0x1a3df411f0dd39a0L,
-        0x7e80e44203adf920L },
-      { 0x4b5f8a57539a1ddfL,0xd248e7aeee486562L,0x1c7b491d816021e1L,
-        0x2e7b871bfd36d2c4L,0xda38b5040aec00d9L,0xf28276126193f1b3L,
-        0x69c3fe86fb1f78d6L,0x56c8b786e827ac33L,0x1687f6c73487c8f7L,
-        0xab8f221719dee5bcL,0x04e8473fff399418L,0xf384c014a9027c80L,
-        0x9967be9aaa1d2e28L,0x869686d3e065eef1L,0x737c6b08c7bd837cL,
-        0x5dcab5d19e8bd863L } },
-    /* 25 */
-    { { 0x0784283a9a7d772bL,0x6b49e525e540959bL,0x546bb00886414ab5L,
-        0xd44481629d74b2a9L,0x267890ad203b0b1bL,0x1e7a82bcc8d3f86bL,
-        0x1352bfb5d85a83c7L,0xf29f16e3fad07ccfL,0xc02a63b841e0c43fL,
-        0x904f22c56b379fefL,0x19d8a653b1244f26L,0x6635b6df3a28bdeaL,
-        0x18b68851f6d455ceL,0x74ac28189cff3735L,0xad40f9df8b2cbdabL,
-        0x08cc2d9eadc9d498L },
-      { 0x2e6a6866c170c84bL,0xbb989e8b5a49a484L,0x7b0e00e0d04c8992L,
-        0x55ad347861b3a423L,0x3c952450b0d01899L,0xe3922155e3100cb3L,
-        0x19265b6ef03276d0L,0x0fe8595a76d42b53L,0x0a96dee0fc6353b6L,
-        0x761e0dc8246f893eL,0x4ec902bef0a74cbaL,0x610086843fdfad9bL,
-        0x5d6a60e44fdb6975L,0x3f53aac87ef7590aL,0xd29e6be012870a37L,
-        0x991fadc155aa55b0L } },
-    /* 26 */
-    { { 0x82bc4b0fb4844ffeL,0x7392271460f8b871L,0x8ac000e24ce3f1f3L,
-        0xf0d548b4163519ecL,0x7aaf842b88288b5fL,0x9e8b0c4c2bdc9a70L,
-        0xa06d51524ba5fd67L,0xd0b1afa0f93cdec3L,0x280955badf89f8f0L,
-        0x86cbe92deea32c92L,0x0cae3f993fe05be4L,0xf2607095fa6919aaL,
-        0x0f54741e6e0f1b8bL,0x2aed1f7430ecf988L,0x9296f76b734991d7L,
-        0x66cf8d28259f0fe9L },
-      { 0x9b01905b226f5868L,0xc102e88c16909e9eL,0x2bd089164a37eb54L,
-        0xf72253e8c9816323L,0x37f84e9d86bac53cL,0x2e352454afeaaaf7L,
-        0x67c86f772ca0046eL,0x86bce50e6663372eL,0xf6a3a960b6950a04L,
-        0x61f994d7fc1aba93L,0x1957c12bc1326e6eL,0x9b658fe42e56b005L,
-        0x9cd297fc8592740cL,0x7654ce9b177f26a5L,0xaaa699dba79d2ebbL,
-        0x5fca0c5a0ecb6448L } },
-    /* 27 */
-    { { 0xe26e25f3569a6663L,0x09597ee7e6aa4ca7L,0x25a4cda68d18b80cL,
-        0x450602b522926730L,0x9af5f65007387209L,0xfeeedb3426733a53L,
-        0x0f5ce76886572951L,0x872a360b8398ae9aL,0x60347a802b30f6c3L,
-        0xd2113b231a162158L,0x6fd9cf92ee6c6decL,0x85f0a5a85cbcf9e6L,
-        0xd7a5a6e42ba3fe84L,0xaafe672051ecd727L,0xe09c6bb2a2081a10L,
-        0x657acbf0b973b0b4L },
-      { 0x3130466fc274c8d4L,0x4276517630a994d1L,0x217258ca7079435fL,
-        0x44850406eb897a06L,0xf38dfeee561ee130L,0x11f4facfaa1778bbL,
-        0x765c6617b9abb9e9L,0xb135499bd8f10932L,0xc0eb6337a73b9159L,
-        0xf2c1ccf16f7e8b6aL,0x5b32c03a187def53L,0x89ad1d49830b9c62L,
-        0x1735eae32f10e538L,0xb1cbd9c29d5f55bcL,0x42428c47e539db0dL,
-        0x3d2da412c852b3bbL } },
-    /* 28 */
-    { { 0x97702b6e871f2865L,0x56cb639f142920d6L,0x328522a045b58611L,
-        0xf3943ad1f3b13812L,0xe6c2200a712206e8L,0xc2890e5aa34d59eaL,
-        0xab52fd40f6b7f759L,0xf522c8de180bf567L,0x181e97b2accee396L,
-        0xe0375819c4ea5cbbL,0x0d9985e8ab51d3efL,0xe26c96cabcb50fd8L,
-        0xfb9d6b1397e1c80dL,0x582b1814f796357dL,0x89a7822107f4c7fbL,
-        0x02aeef2dc0357e61L },
-      { 0x2ba7926f2c7ec9beL,0x292f307e7258b201L,0x74e62a10c6fa6b4aL,
-        0x80c08549e2bcc5abL,0xb4160db87bb8c073L,0xd5ef0529329f194dL,
-        0x0eb8da146dda4a9cL,0x0b5d43d215ea23d1L,0x6cebef02fc34bfaeL,
-        0xacd364d0848757a7L,0xc14013682d34cca3L,0x09ca67421d2d95e2L,
-        0xc3fd1d6e786eaa28L,0x9eb1136da2965fecL,0x48871baac0779203L,
-        0x6b446c014b15aeb0L } },
-    /* 29 */
-    { { 0xc819eb2e25e8fe80L,0x2b5f790698238a17L,0xd6f1e99681e41849L,
-        0x58ad8ad698ea6d45L,0x5bae5ad4bfd02e40L,0x016dc327a812416dL,
-        0x8b31a985a3347ca1L,0x0b4da61082a65391L,0x1cb91b2db48c35fbL,
-        0x9e96817cd2aaf8c4L,0x1a630483cdfdcdc0L,0x7055936112b69254L,
-        0x5fdcd712f8a2a097L,0x59ab623a35cc5281L,0x30c8ebe0932b6095L,
-        0x8613424bb08e052fL },
-      { 0x28902063b2231d8aL,0xb0f62329d9a61667L,0xaafa0fe7071a9f27L,
-        0x6bcd8960603f047eL,0x118cca76fd92a1c3L,0x3414e62b71d483b6L,
-        0xa123ccddba705262L,0x1a576437fd9b5c5aL,0xa5301bc24c8d0fa3L,
-        0x96f0ad44102427cdL,0x0e6fb5e0d3aa6c02L,0xcd8c4880072a3996L,
-        0x4dafca12840d3fadL,0x29f4ca3dde91d541L,0x0037c5988441734dL,
-        0x86333a999ccfe57cL } },
-    /* 30 */
-    { { 0xd213a751ecf53b40L,0xcff2c6f22f78a542L,0x0f59f0e2f13ae56dL,
-        0x91f8ccbf0e61748eL,0x0aadecb9d72c4145L,0x6b2ed8524c9cdcb7L,
-        0x8e00b72c1eaffc70L,0x89b24285aa728102L,0xaa7ea7e0b679cafaL,
-        0x5d2b8c264f0a6f6fL,0x7ed7b1730e804397L,0x5a93eb45c8573049L,
-        0xc92bf5d40986e93eL,0x526b5a9c6a20c0afL,0x0adf47c9b99dc3afL,
-        0x12b25fe2ba202cc9L },
-      { 0x09b8d78a33eea395L,0xc7a93618f633fc5cL,0x7e821629270eceefL,
-        0x524779b8c628ed0cL,0x91db5ca1a1d68939L,0x8626e18e586edc90L,
-        0xfe023e8bfeb3f3bfL,0x6279fde10250171cL,0xe52ec7dc55e172deL,
-        0x445e8695c6d4ca45L,0x42de3878bdbc10f1L,0x2b114de86fc3835eL,
-        0x9faba4567e10b652L,0x4111d82a390e78feL,0x576b61c2aedf0acaL,
-        0x216279a974accb74L } },
-    /* 31 */
-    { { 0xc14cdabf4047f747L,0x03ca233dc1315a1eL,0x59e7cbd340e5d0a7L,
-        0x1fd0c4e9bb413869L,0x189d08b10f01fbd8L,0x50449c42a76b823dL,
-        0x81c224a1398b00a1L,0x08084e4f8e8179e4L,0xfd8af994698e41e9L,
-        0x1e30e37c5610bf2eL,0x4e6a043fa7d2790fL,0x9d96e60cb3195388L,
-        0xe75f986d03799dfdL,0x3b4a8f11f8ff902fL,0xfa9453787588416eL,
-        0x20683e3f9827535eL },
-      { 0xcb582e26d0378878L,0x9e214c23a7945787L,0x13d000bf8f6688b3L,
-        0x7548d4f540515270L,0x7113c15d40111f5dL,0x3bf5a526a8bff902L,
-        0xbda6b0109b4945ccL,0x83dcc74ebc2f3a05L,0x2aef628443efdfa1L,
-        0xd2e60ee9565c5bf4L,0x4f0fa10d592f243aL,0x6ae58b321bc3bf51L,
-        0x813b086860576a74L,0x0bc023f84d73081aL,0x9fd03aa032dcee59L,
-        0x5e416bf527d6c795L } },
-    /* 32 */
-    { { 0x24313760026cc23cL,0xf819aaeeb5b29058L,0xa92272f8c5d2ee17L,
-        0x8048e7cbee5cc402L,0xdbc7d6ee77def07dL,0x61d69244f6af821eL,
-        0x5f7966ed996cbb89L,0xf81b17ea96a155a4L,0xb2d9ef7003f3ed56L,
-        0x5e6e5906e882a5b2L,0x86fa1072ae947180L,0x34d9fc51658c76f4L,
-        0x9f603dc0cb035aa0L,0xb7b39feb75be6481L,0xca87554acf04a9efL,
-        0x4ff682ec87b4fde3L },
-      { 0x3125627fd0a10ad5L,0x7fd45c72968e6f45L,0x2981bd6b806a1163L,
-        0xb92de1cdde5033e3L,0x3b44b45ebf4f8988L,0xca1b9896dae7e1dcL,
-        0x52166e5a0778d878L,0x82d472bea5116847L,0xfbdd382af2895445L,
-        0x22ed16025d6ec4c9L,0x3614eb1cb6552b02L,0x63c5df73a1e6210fL,
-        0xe9160285021a74a7L,0xa44ca400c65cbd4dL,0x48cb187e0f15e299L,
-        0x51eb818e3402507cL } },
-    /* 33 */
-    { { 0x1fc1d178b92100abL,0xdf2e3d609605b839L,0x12a7c255b71e59d0L,
-        0x3f8b667514fcbe04L,0x0e8a393559fd06afL,0x5632650212020d07L,
-        0x6696fcd1528e7be5L,0x6588514b0c7b7654L,0x0cd80f8c5912a5b5L,
-        0x8bafef04f324cb7fL,0x6b53eecfc6da3d75L,0xedef48d831d1df2fL,
-        0xf336b96573812b6dL,0xc82eae4aee626031L,0x300abd32d244f09bL,
-        0x8b0af95531d9647fL },
-      { 0xb770180a2e603544L,0x2b573ac3221acd9eL,0x3a17f66562407032L,
-        0xad3e74adb89abc3dL,0x8a3d2e3ad793225aL,0x457bba04ef02564bL,
-        0x8875652ffc2dd2b5L,0xd2905d15e67143e8L,0x6d884b4202e48d70L,
-        0x06f99219c7636a57L,0xa8dc342135e378dfL,0x95c1d73d10c64a02L,
-        0xcd6a4ececc157a66L,0xbadcc1c88e24a354L,0x8024f1b29839329dL,
-        0x5363e5494da48ad0L } },
-    /* 34 */
-    { { 0x1f5523b7e23fc641L,0xfe54e72f86667063L,0x294a15f58e009d2fL,
-        0xf203997f8c57f5e1L,0xa229724cb16d64dcL,0x697be4fd4baa2ffbL,
-        0x3f507e460a6e8ed6L,0x0afe3a5d78508536L,0xeeef6cdd95408208L,
-        0x701fd889f2c4237cL,0x496d883a5c385253L,0xe25c67ed72a212f1L,
-        0x4b4167831ff78fcdL,0xe9967004c16f4146L,0xfa45c3a1c45b0697L,
-        0x633340183fbd30c3L },
-      { 0x39c9a0cca2fbbbceL,0x876f6e5caa0cb744L,0x9ce6010e3438ece3L,
-        0x0aad148e13802d82L,0x9c3e5c609cd45a1bL,0x875cb8597bcfc1e0L,
-        0xb19ff790d8584dd0L,0x2598b81ed81c2a2bL,0x118bdf2f02be07e3L,
-        0x074fc8eeb9765ce9L,0x125e9d88b24f95aeL,0x3bb12cdc0c98f09dL,
-        0x4a6aee07a0b74b27L,0x4723d2f9c08077ceL,0x959447d6bea8026fL,
-        0x93a7075c16280b73L } },
-    /* 35 */
-    { { 0x26bbefe2715b27f9L,0xa935a5e22a280923L,0x5ddf23affd58a26aL,
-        0x54c83e167c138694L,0x44799bc9892a2153L,0x4e6e47109b8d09f5L,
-        0xc63af616d588ea68L,0x5e896706883ab1b6L,0x3c1393a03d209336L,
-        0xd02f292192c23ddaL,0xab70cb7adcf6ea43L,0x12434ea8791559e1L,
-        0x040680db6d70ff0bL,0x1a10fe522832ba45L,0xd69f9c08e5f0cb8fL,
-        0x1a7422ac44b141fdL },
-      { 0xc3a9dd2e9f40b675L,0x2a7c6603fcc71f39L,0x18939a611948e342L,
-        0x8f3b6158ed0ab484L,0xa3aa7d97ee31ca6bL,0xbc1e865ef7a8db63L,
-        0x315f8c092c7c62e4L,0xa260788f9f5c6d0fL,0xb18331294b6f3ec5L,
-        0x73adbcd636b4d849L,0x66e14890bc699a9bL,0xbf3790d82a1175e7L,
-        0x7f43605afc53ca4fL,0x577f6c4787ff6091L,0x827c7552600c82b6L,
-        0x0944d6309d25599cL } },
-    /* 36 */
-    { { 0xcfdeb63ee6ab9620L,0xdff4fa6d786cd808L,0x145edd82456320b3L,
-        0x2ae5f862c4943915L,0x9508e813b73b3f87L,0x3bd805f3e52f97a9L,
-        0xf71b5c28c9829b62L,0xb394c70e86e0cefcL,0x534fb1a923bdb36eL,
-        0xd64f5862dbe27e5aL,0xbae23df383ab6169L,0xdd6df1b127c828cbL,
-        0x1901899f3a307a8aL,0x36cc8659811ddf66L,0xa3cb777479943b77L,
-        0x7d89f3836fd86576L },
-      { 0xf8564242c9f92b2bL,0x700c6a75c46e32bdL,0x93e768b77f99a5c5L,
-        0xb6efe85803149568L,0xbbfe8a19c2ce6709L,0x721a3b1bee6ec493L,
-        0x26eeeea9c371c28dL,0xd798115e15177e1dL,0xd7bf3bceb068a5a5L,
-        0xdf8da22046d2b4b2L,0x3df0995b59be9dfcL,0xc96897bc77640b79L,
-        0xce0cf4c25a2bd3c5L,0x16f45d6e89afe744L,0xb53f3acb3a8509bbL,
-        0x449af81f63f2a6e6L } },
-    /* 37 */
-    { { 0xc2fcf132a16d9377L,0x9ab377b37e1a2f9eL,0x72e1a12e86d19ae5L,
-        0xd2b12e66d013bbb1L,0x0972e055cb5f66baL,0xd11de1c0399eab50L,
-        0xc1f314fdc65f5ec2L,0xfc3118418a9ff593L,0xdf73c1ece05246e6L,
-        0xc28d13631625056dL,0x30a9dbd76fb25e19L,0x049ed244845cd2d7L,
-        0xc779b83fd36e852dL,0x85a35fc7f68c8a83L,0x299bf1e1c95e8033L,
-        0x0e8617c320891af5L },
-      { 0x5372060267c81b5cL,0x2fa89dcde737873cL,0x2a7430b0a8144fd0L,
-        0x3006c5a726208c83L,0x4e066660d8ea40f5L,0x9dd025f9896413a4L,
-        0xbdf380cc46b9149fL,0x801566190a125cc2L,0x04d6a3b752793c37L,
-        0xb60013746b7a62f2L,0xa9cfe268585d5978L,0xdcad0cb88395fe66L,
-        0xbab468fc46b261f6L,0xca0ef5ef9d9d9218L,0xc507d4a85e452402L,
-        0x6f4404f1326cf687L } },
-    /* 38 */
-    { { 0xa3e1920b4febd3ffL,0xca6234d8fdfd2bbaL,0xb7d1af2ae19a9829L,
-        0x23de1610c6f5bc20L,0xe204dbf3daa39ca9L,0x2a2de9b86d8c70abL,
-        0x272e0c377c9d370bL,0x80914c06e565510eL,0xb611e7a857cbb6b0L,
-        0x076fc6efd8266a6eL,0xdfac34ee3095801cL,0x69ff40a2b9e24063L,
-        0xa7ba31a9787aa5c5L,0x0e4d1fdf33c70cd2L,0x903e31326895f074L,
-        0x905771f87fb671e2L },
-      { 0x5199ba0da4062beeL,0x18e7238c94d7d9f9L,0xf53f29bc1e0922c0L,
-        0xde9b2a81b12d855fL,0x649f3eed6d68ca29L,0x64adfc34c50c097fL,
-        0x81964ab99db398a0L,0x00d59c477a587224L,0x09fea39674c5903aL,
-        0x6aafd8ee15043dd0L,0xc5721a6e5f1ecc20L,0xb6d6a4830db9b7b4L,
-        0x06ffc61766c8d52aL,0x3de241d6acc82a27L,0x0605f05227f2f7a8L,
-        0x6a22953b6404deccL } },
-    /* 39 */
-    { { 0x92452d8f74fce389L,0x059634c02afa5564L,0x9377ccbbf0ed7825L,
-        0x89f4045b37718e0dL,0x11074e7d9fa69a4dL,0x5d70bb077295b0baL,
-        0xb22d54adf107ede6L,0x5c39a3d8a1a29c7bL,0x37236c02d795e3abL,
-        0xf7282d002b589951L,0x5e2265be5790bee2L,0x91e0ea11a8e65ea2L,
-        0x0e71a7086001cebdL,0x16900f5a2c1c5402L,0xc3b2d5c0357f6981L,
-        0x528c9ea0619e3427L },
-      { 0x1edc86b45f26c577L,0xf80747089438bd45L,0x2dfe1013792582a7L,
-        0xe08eaca0de1e569fL,0x5f952efa9a55a356L,0xa4d80b53e4976216L,
-        0xd2b65855cd5d71f2L,0x246704bf66cea3f0L,0x193f641f492323caL,
-        0xa681855c9adb1325L,0x86d522ce2d19d652L,0x53609f105b82ed7bL,
-        0x3b0f00948e150d29L,0x23ad8bfb0b13e891L,0xcbb1556cf794b449L,
-        0x200f9093738bcf57L } },
-    /* 40 */
-    { { 0xf9b22fc58388387fL,0xcf26f17028e883c5L,0x447cab90d1b7973cL,
-        0x8d5d4ea2f6ec9171L,0x2e16f498c30cdbc0L,0xdc92910c48623c2bL,
-        0xeb1491b030dbc545L,0x631deb2e14de21b0L,0x04a210662fe830f4L,
-        0xa4c6979c379c1f3fL,0x8a732b68fb06a795L,0x3a44327a1619dfa9L,
-        0x91a307d38dbe2c9bL,0x939bc8d203989feaL,0x3daabaf20f4a331fL,
-        0x5c307e98dd0f55dcL },
-      { 0xbbc4e0c435b233daL,0xe3d2908522f6f985L,0x99dd2d21a8b02468L,
-        0x978f40e9a96916e7L,0x0327d86c614bccedL,0x95e95502b290762cL,
-        0x0ffd2197a879f2edL,0xc436513750e0bd33L,0x26c3148a0827c4c4L,
-        0xc79812a83fcfc0b2L,0xc3d8d17e31928589L,0x8b572cfe8830f42dL,
-        0x7cd9ff924b07f83fL,0x331ca9500a51148fL,0xd0c539684c59f9acL,
-        0x1df16dfac1434785L } },
-    /* 41 */
-    { { 0xcc7bb4ac68bcacc3L,0x06ded34f430f58cfL,0xc59f9f4fd461855aL,
-        0xf549199445c9f0bcL,0xdc5f7ec64375c892L,0x1b8708f13c85983aL,
-        0xb32a5cc482fcd087L,0xefdcdc352d6b4c0fL,0x4bb24f048ac6fb2dL,
-        0x5982d4f533906471L,0x162eb52fb83a3ac4L,0x7130df282337a223L,
-        0xdce7b802cbc3dbd3L,0x8b3959592467ac0eL,0x21d3d2e81b56717eL,
-        0x729a7f5046512617L },
-      { 0x874ed1aa8420f90aL,0x6368e19e0fe4c855L,0xb62d4aaab0be74afL,
-        0x76fcc4808ca60ca9L,0xf310b5a57645a867L,0x131bac9bddb1b24cL,
-        0xef77d71d2dea5b44L,0x4706d21072fcc64eL,0x29b92691673d77f0L,
-        0x22e00bf3e89e0663L,0x472d0cd374077d40L,0x3e21040d829232e2L,
-        0x2f916dfb38dc8533L,0x48bbb59b14b8f667L,0x19de9f4ad44be19dL,
-        0x7f6d3649232d9d5cL } },
-    /* 42 */
-    { { 0x3bd064de6e794819L,0x5a6b694ef82ebda1L,0x1f017fe0b91e2804L,
-        0x190d31f307a43cd2L,0x6c26f226630433e9L,0xba488aa70abfdcb4L,
-        0x418d9085a46411c0L,0x1b934fe6bffb5880L,0x75d1e237e200f849L,
-        0xdf04d63fa55413dbL,0xe216ed75e23b3f77L,0xa05866cb0f91bd30L,
-        0x84c395d97729c509L,0xec97e188452ab2d7L,0x8cb7c1f90093d686L,
-        0x2d032395628f086cL },
-      { 0xa81c94074a44b4c5L,0xb9846879cc702c98L,0xcb502287ceb0dc97L,
-        0x303011266e3aa321L,0xc0ac8763e4c256c2L,0x65034d20e55b4845L,
-        0xaa96a040f240f35bL,0x046d26d37cf7eedcL,0x62a5a8e13b810656L,
-        0x86044b9783d70c2bL,0x2fbaff8859e4da8fL,0x929d901a5457f5d1L,
-        0xd29e1eb2b531b757L,0x214dabdc9e4e9739L,0x5bd724fc4eaa9bd9L,
-        0x734c12b31ef9bb9bL } },
-    /* 43 */
-    { { 0x98fe3c2e92f9b086L,0x4641b93eb3fd4544L,0x47ce208b5c02c65cL,
-        0x8a52dca1c4f03242L,0xb5ec17d9679d29f6L,0x11d2fed09406f5f4L,
-        0x260f63dc0d9ba811L,0xde2b056f15472a3fL,0x1b170d9f007290e6L,
-        0xa2e23e8db6b5c8f9L,0x345a2839cf34c3eeL,0x9bdc54611b973ee2L,
-        0x65bda6c2bb24d1c5L,0x97d52ba33c6141a1L,0x47bb16129d2eb201L,
-        0x7c558a8721fbe49fL },
-      { 0xb9485a523f350fecL,0x016678c56a38d4c0L,0x8ef346a20d5aa64dL,
-        0xb85daa02d96da2e4L,0x845ec4ea4f647b3cL,0xc0d1a6ca0d5e946cL,
-        0x41d8d1c14fa9f4abL,0x43972cc59c8b1303L,0x67e1f48d434ffbfbL,
-        0x350ce93a819d2318L,0x49f530906ddef23fL,0x3c2e6cf9200cf12cL,
-        0x42691cc1640432fcL,0xbfff74b472496b52L,0x44527c9f020a97beL,
-        0x34cd7dca7b3c4348L } },
-    /* 44 */
-    { { 0xf031761a59e7fe87L,0xb1eae31a0047cd72L,0x27902e68fae30f62L,
-        0xa666f48db71db143L,0x75ee66780e0038f4L,0x3b45ac6702bdd76dL,
-        0x0d2fb828a0d6cd5cL,0x27ce7f1d9d8c5b11L,0x141fe0e4120b5e96L,
-        0x95a1b984b9267c37L,0x5206e589d60312cdL,0x1867342eda549356L,
-        0x374520b9070c74acL,0x2703cbb59557b0b3L,0xf621f59ca6ed8c14L,
-        0x7ceb1cc2abf7b887L },
-      { 0x0647a5bbdb7fd65bL,0xd8d45cc036c9457cL,0xc6da99db9e12718aL,
-        0xed1dbbf4e93a7fb1L,0x4512c95cbd1566a1L,0x4861ba00dbc0c919L,
-        0x3c6cc2989e7f5269L,0x671961500941aaaeL,0xbfcf5d0fc8c538e3L,
-        0xad6e9929a25a551fL,0x9071098517ca0f26L,0x743b78eafa89ef7eL,
-        0x39d5ea3171ab4549L,0x7442f3f3e6d1c36dL,0x25a683e0059d568dL,
-        0x1f629a99227ced5cL } },
-    /* 45 */
-    { { 0x8925ddace45a1c3eL,0x72d2936541f7545fL,0x45622fcb37e7f828L,
-        0x882345133e4c79d2L,0x5dffaf849c2645d6L,0x3078f4dd994802b9L,
-        0x566927f09d339fa0L,0x9a500a1e9fd91dccL,0xce0081800ab0abd7L,
-        0xd97135a38194e5dfL,0x9e87630798adf088L,0x3baf01b89a45a2a7L,
-        0x6fed6154788b4399L,0x980e5722e77a997dL,0xaac90ffa2a378eedL,
-        0x4a75fda28bd805a2L },
-      { 0xd09a8fbb55e74cbcL,0x737738cefab18f25L,0x0fc23ad69764ec3aL,
-        0xc5a7d35be7e0ad31L,0xe75e068ee481cc9bL,0xf0c2ea993d4aec34L,
-        0xf1324fe80d4a63c4L,0x5dbb7c1699b0592cL,0x442d674da7e0f46bL,
-        0x5a5d66c7a300faeaL,0xe83dc8213333ac83L,0x70ef812e8c408496L,
-        0x96e1dcb699ef5fc1L,0x6e2b771b1734e862L,0x04629cdc583507d8L,
-        0x5819f9ae23d8179aL } },
-    /* 46 */
-    { { 0xd99691216aa78811L,0xf64ee8f42103e7c3L,0xddf0107022b9e698L,
-        0xe6001f9e4f582cdeL,0x24a608af2ecfac1aL,0x6ef4c78406393009L,
-        0x5262eae6ebf72911L,0xddbd0af58c4ee5a0L,0x875aff90ecd87bc7L,
-        0x2fddb34c6f24f114L,0x48104281e865f172L,0x95692426886c1b9aL,
-        0x6f5f32089ef4231fL,0xaf587acfd0a7e82eL,0xd65719179ac395c8L,
-        0x7459603c1364a750L },
-      { 0x1c2475bff41ae519L,0x34401fb14af8f251L,0x70ddfcd2aefb2c3dL,
-        0x9b2d385b51cdaf08L,0x8531c2568208bb19L,0x16c89df64c33f3f6L,
-        0xc23cfa9924571769L,0x2339b51e86d010baL,0x08db0e8d22638313L,
-        0xf769e17900fedeb7L,0x3fd96dcba3687ef1L,0xcd046b2391476475L,
-        0xf3ff20640c45c8ddL,0xefd167bdb8343d78L,0x493ccb6d4b77ee90L,
-        0x33025513b3cf7b45L } },
-    /* 47 */
-    { { 0x36f0046935eaaca1L,0x0c384b7589119102L,0xcb375665e6d2954cL,
-        0xcb9199b9b1e9d6d7L,0x75852349c29c2757L,0x89cbd1bab8e738d0L,
-        0x9b8dbe905923a427L,0xa237793e18fe1889L,0xa4271757a742e083L,
-        0x8c4979d24eebd613L,0x40325054d4f2cf77L,0xa3b8a091958705deL,
-        0x1b191bd933d999baL,0xbafefba43b0fee1eL,0xb3bad1843facdf14L,
-        0x9328adb04387561cL },
-      { 0xabe84e80f906b872L,0x705523a078262665L,0xd89c6a7e3398ccf7L,
-        0x2fab551df55b5323L,0xa0578eca0554dea8L,0xef26523d375589cdL,
-        0xd8fd6242864ad750L,0x93f27fc5178fe1feL,0x7b3e6f309df87422L,
-        0x2862e49e3750d054L,0x7d90c6b25dc038a1L,0xc1a1ae2284db682bL,
-        0x47f3dab79881930aL,0x30e6bd52baf3e0a4L,0x0680025bf62d25c5L,
-        0x0aa1f3cfadd0d5e7L } },
-    /* 48 */
-    { { 0xa982219022a10453L,0xdd1eb91c2a03a10bL,0xafbb5d9596646f3bL,
-        0xa58de344f38b6fc6L,0xce47c3e5b8cfca1dL,0xfcd8e16d0f70da04L,
-        0xac44349bda262ed6L,0x9320d87bc56e2f8eL,0x9ce3ea0819138e58L,
-        0xa5862dffa2b236c0L,0x6b0f9a5c8e7efb0dL,0x4b53432b16ac78ebL,
-        0x6ff43105709b51afL,0x08e236f88f519628L,0x1f93f176eed403adL,
-        0x559337e09636545eL },
-      { 0x30ddf738d8fd807aL,0xf4e0ec9dab131222L,0x14a2f4db625afbc3L,
-        0xd5b706049f12f895L,0xb46f3c23ac3044fdL,0x1b232d1ff540148fL,
-        0x61b458f539b4e554L,0xf694b24a0dd70b75L,0x0fc64299289581d9L,
-        0xc05d49beee5fe22dL,0x7af3447f6a18bf63L,0xe96a1dc27f1929d6L,
-        0x6afe6028c1551e8cL,0x27dacaf32b5d4fa2L,0x4a1631bc545c2cb4L,
-        0x930070f9b0c914d3L } },
-    /* 49 */
-    { { 0xd2f32c5e69a9bc05L,0x0a5c19c6589c4b73L,0x095c9e5e94665f9cL,
-        0x8ab0f293bcfb4c39L,0xb90708771ddb7c31L,0x894e965866b38048L,
-        0xf19a90cf606bd9bdL,0xcc1d58dfb6fd2d69L,0x886dcc4e461d8a69L,
-        0xc455c277f9ce4831L,0x749a5996765f8a82L,0x2ffc668cc3badc8dL,
-        0x380183969112cdabL,0xa98795c3b243c7cbL,0x8775f310010a2224L,
-        0x043a2141587b5e14L },
-      { 0x7bbe9dbc3a873752L,0xee1493f42f442feeL,0x981ca2c8c18c2181L,
-        0x00ce3090e29769e7L,0xb4626ac8de768c5fL,0x33e9ce4634d7677eL,
-        0xf89c2cade0fa94e6L,0x04f5cc1141f5b5bfL,0x2565f7362228c12cL,
-        0xf1bf706a0c05cce5L,0x5d07ffffbe487c4fL,0x3ec43c09a499f1a4L,
-        0x4f4e79bb98d94800L,0x8a335a16073f12f8L,0x4bb5eaf70f970d6dL,
-        0x18d0747bf24d0ae8L } },
-    /* 50 */
-    { { 0x58d3c77c84601fafL,0xc9465be2af1c1f72L,0xff626798d116d806L,
-        0x3996c0c6d5b0d93cL,0x2fa1ad755ec6723aL,0x966a814403ba5349L,
-        0xdc4c94222ac34d8aL,0xddf471deed675865L,0xd8aca597953d528fL,
-        0xb2e463b524ebf67dL,0x258248717e25b4d3L,0x23c5adba43159daaL,
-        0x5458f9c683357540L,0xcf685da7f938b1a6L,0x981a4fdacefed231L,
-        0x711093ed08bb5e59L },
-      { 0x12aa3fc6401f161aL,0xf7358560974c5e87L,0x4aa252fb17b5df82L,
-        0xb0b82b07a48e6299L,0x0023415729dd847dL,0xf1e54d004529c5a6L,
-        0xcc1c539e6d98f538L,0x36162b5328d3abcbL,0x75a379382a84f0cdL,
-        0xf717a81b4dee7484L,0x16cf35fb4c23bf1bL,0x7fd1c29f787e8b3eL,
-        0xb7da7e6859b79ab0L,0x072100a085f6c60bL,0x31840159e7ed48b5L,
-        0x17898bda4d9c97d4L } },
-    /* 51 */
-    { { 0xcd8483d8ae1b8cf8L,0x323d4b42e9a28856L,0x7633584f204a4bc2L,
-        0x4e0b2228ca7a69faL,0x8afbda8bf757bab2L,0x85b240886cc5f9caL,
-        0x47fb4813d41a95c3L,0x3f1bc53cc2aabe6bL,0xf22cda3f1ad1599dL,
-        0x1b2ec081c31ea9b1L,0x048f304b01614ac1L,0xce31cee9c6afa7abL,
-        0x55af76334140dc3dL,0x84b7ab37dce8abbaL,0x50de7648c7cf3efeL,
-        0x73a88dcf15356ab2L },
-      { 0x3f86828806e83b39L,0x477a44139f44037dL,0xf9058b0f17dbc841L,
-        0x2db64f4f54d17549L,0xa23cea6af2307ffeL,0x393efd554f126261L,
-        0x2f4e658a10f37f26L,0xa4437ce3f4ee1e35L,0x64ef42a7a93cde8bL,
-        0x1debc9f4939aa901L,0x44223d6a3d7b5cd4L,0x789a6a11f88a3accL,
-        0x56fb9df82c608a2dL,0xe79db8e3bbf56c06L,0x73c56af2668fa300L,
-        0x52f32b17ae396a1eL } },
-    /* 52 */
-    { { 0x56f524c1e714f71aL,0xc1be12629add8519L,0xad9189d865cadbe3L,
-        0xd88bf5c85a0fb649L,0x9efa6a9221d192d9L,0xe3fe83896f724b6fL,
-        0xec3fae24b250119cL,0x4b6af9f62ae0d3c0L,0x8fceba0bd619624dL,
-        0x7dc3092b2fdb6e3aL,0xc91da3763263cd29L,0x30c0761ef95c43bdL,
-        0x89136400cdeb44d9L,0xfd7dce8443c0d31dL,0x78fec3b19871899fL,
-        0x79e14d28efdf58c1L },
-      { 0xe38222359bb40c55L,0x0a27202d0ed07a42L,0x48e6c1a94838c1f4L,
-        0x2b5f24a7d864a78eL,0x7e7f140a0c6c55c9L,0xe62c104ace12d508L,
-        0x9b0a1a7ec11b1e10L,0xfd8a275fafbb3dd5L,0xdff354fe9a3b6b30L,
-        0x5a105d9e46602a01L,0x3d371b4d93bb65f7L,0xda5cbf0b0f82fdebL,
-        0x4601229bde468545L,0x505e10b9c73d517eL,0x77cfa541672ff492L,
-        0x0d8ec28a99566ce2L } },
-    /* 53 */
-    { { 0x014cf73ecbeee995L,0xb2eb88bcd491e80cL,0x615a6cadd9aba5d4L,
-        0x2f7d46339304c84dL,0xba0501d28ab03c9aL,0xc8f723de91babb94L,
-        0xc885f97750405772L,0xb5e1d2b3c7fcb094L,0x61ee7995df96c71aL,
-        0xb8c8daab3464499eL,0xdb425ddd5f607932L,0x70251ca1b1243587L,
-        0x26d7d3be9fc74340L,0x8c179310c902ac89L,0x72522c154559a74fL,
-        0x86001e27c3734afcL },
-      { 0x13b00ba5e7693947L,0x6478641e012c062bL,0xe1a438e0e85490a8L,
-        0x5173dbbfd9574d5eL,0x9532eb8c9bd3ba61L,0x1f41bcb85f3ea075L,
-        0xac1cc2478cbb92b9L,0x0f34648e1ef901b4L,0xdd929d1ed2b3b2eeL,
-        0x470f1eabc3d75bfcL,0x5cdbc6f7139cf4d2L,0xcd86454df0424953L,
-        0x1e07981247fcb383L,0xb9f209b417df930cL,0x4225fc31114ebc00L,
-        0x020591cb347946c1L } },
-    /* 54 */
-    { { 0xe3003721275e0af4L,0x721141efe78a4a4bL,0x666cfcf6d1757485L,
-        0x5fa1d737168e659eL,0x263e3e540e2842eeL,0xadecc3d4948bd5f6L,
-        0x019de03d246b104aL,0xf8a9e903f343d818L,0xcb57ba4a5b0c0d31L,
-        0x8246c50651e2765fL,0x80c5751f6519bf67L,0x5f05c200f2119a01L,
-        0x7e6487b87821d4f4L,0x262f94aa261c3a06L,0x56cfe48972146052L,
-        0x5119985fa1df05efL },
-      { 0x5819497db18586c0L,0x004415d6c6eeaa62L,0x7c6a46b697cda28bL,
-        0x9a149b287c194594L,0xb56369fa4ed3a506L,0x7092aa6643c94cb4L,
-        0x55bce73aa9e9eee2L,0x34bb287077893509L,0x8af95fb006eb5326L,
-        0x87cd03239638f485L,0x293762685ba75bf8L,0xf32d6f3d9d42d581L,
-        0xa4cad57465c6d64dL,0x985f50fbb2cded41L,0xcf34ce0e9006a067L,
-        0x59eaf26558a57f9aL } },
-    /* 55 */
-    { { 0x7b407efb6ec3876fL,0x780c6123f0f48648L,0x2abb56ffbf893039L,
-        0x9592eaa045a91ab0L,0xce5b84d778811b82L,0x86a71a341f9f3fc9L,
-        0xc17fdd86f0e7e13bL,0x88ed8297655a0880L,0x75d6dc7481d5e666L,
-        0xeffc9df61d171797L,0x36ad4c8de3f79e1fL,0xdb15317d2046192eL,
-        0x78c9fa7a274fda62L,0x04ec924f82dd9914L,0x059d1e383a64971cL,
-        0x3b4450ea2620bbfbL },
-      { 0x3db7a955c776dcdbL,0x35c4a57c81c8ba47L,0xae285003505760fbL,
-        0xe3e80691b3aec353L,0x380335be47117be5L,0xe1c47e3a056ccf61L,
-        0x253cfdeb33977916L,0x3decdfbaf5cb7ee1L,0xf3c9794f7cf4b704L,
-        0x2401680c9ff81462L,0x4e440e11be3daa9fL,0xc5d0437769f91d8aL,
-        0x4106c7a8cb5e9c5dL,0x191909a133b7d24dL,0xe893c8383764b4a2L,
-        0x4a7fe30cc429b614L } },
-    /* 56 */
-    { { 0xe78f3a702455c7c5L,0x5b7636e870157754L,0xf32c45247623262cL,
-        0x2c98b11e1bc780c7L,0xd48eaeac915ed877L,0xbb04d3c0199265f4L,
-        0x6b52b19bcfa5200fL,0xc46a098193ea3fe8L,0xd82c733dba758059L,
-        0xd324bbd61896aaccL,0xac09a2fcce8ecd51L,0x529918fd02fc44b3L,
-        0xf0c45e4aaaa1784bL,0x35626340fe22085cL,0x53cbb676c50c7d61L,
-        0x83fa1ea365126b23L },
-      { 0x60ac86da10ccc646L,0x2ce0637f7b0451e9L,0xbbbcf6308a088610L,
-        0x23c1901920349982L,0x707fc39cfc0bcda0L,0x7f4d1f151bd4fd7dL,
-        0xd6a64e7444713bbbL,0x57bdc676c5ac9e60L,0x456c530337b61169L,
-        0xd3451396dcf40a1dL,0xf3edec254997d2c7L,0x534ae9a4c2c4a739L,
-        0x1401397e6a6ad2e2L,0x20769d4d23e95f81L,0xcee007c6de98fabfL,
-        0x61409779931c51e0L } },
-    /* 57 */
-    { { 0x3ddb32db15156623L,0x68137fbcab7a67c2L,0x26011f506f19e3c2L,
-        0x34218b0289924c61L,0x492a0b0fc6804c1cL,0xd65be706afaae6a7L,
-        0x3b13d23e0d01be61L,0x44545b47f87f4c69L,0xd42236e204dc1aa3L,
-        0x6135261d3c5161ecL,0x1eb46a63bd88bc07L,0x78c6d8361599d720L,
-        0xf6955fe169baf0f3L,0x467eebd617072820L,0x2f1b8a2a3e3a340aL,
-        0x636dac762d0b5f88L },
-      { 0x94280db9b4c80af3L,0x9a189cd14e3892abL,0x26e702e0d1477ddcL,
-        0xe91aee3868f9f14fL,0x2864f63a80baa0b2L,0xacd81f738b714a29L,
-        0x30e1b870c5fe7cb6L,0x883ea1c3b10837fdL,0x2da279536b20489fL,
-        0x3aeb2a6858a2da5fL,0xe2330bf203a8fa14L,0xb5c488b5dc70b1c4L,
-        0x0a78c4d9299678f4L,0x233bd09825df675cL,0x37b5c0767b67d368L,
-        0x2f6dbdfe4d0bef3fL } },
-    /* 58 */
-    { { 0x2f8472fd2e4da7c7L,0x708cfc91ae677932L,0x364af08a3dc268e2L,
-        0x0f10dfe0799a2424L,0xef912d5871d58bffL,0x6bf35dfc988962e6L,
-        0x28b96fa95f47ea0aL,0x734a79eaaad308c1L,0x957303379f437bbaL,
-        0x002cbd8e6cf54f75L,0x47606dcfe7632eecL,0x404b5ecb53193104L,
-        0x0ae0897c0acf729dL,0x89628b863bddf1deL,0xeced154ef87d7448L,
-        0x5cb6e197458d5d4eL },
-      { 0x98cef197008c75edL,0x7cf49d3ef6eeaaf8L,0x1d6f9e021875e96dL,
-        0xfcec2cfedd9b0d8aL,0x38a61cfeb9576daaL,0x10003f3936a7dbb8L,
-        0xb37c386823b814f4L,0x9fb66dcbb80e3153L,0x9e7e2eba059847a8L,
-        0xa4ec63fd35a72770L,0x311f3d91fc9e0ed0L,0x3c1dc094d515baa4L,
-        0x75a06ebca08cd4e3L,0xab6172382ed5eeaaL,0x2e82bbb0e1f52c1fL,
-        0x2149d6305175d6e5L } },
-    /* 59 */
-    { { 0xee1a8e6f5f9311f6L,0xc97e3c9fbabc1f85L,0x4fa7c52eb494209aL,
-        0x04c2f51c19774fe1L,0x5cefd1228555844fL,0xb53862a3b5873ab3L,
-        0x768efdd6cbed19fcL,0xcdc12479ee58469aL,0x11237e313d80c09cL,
-        0xdd74a290c044c28cL,0x9ee6517abd47e287L,0xc2421228ad0ffeefL,
-        0x4273088f818d281fL,0xebc744bc43ec0de1L,0x5b26eccfb415bd73L,
-        0x14e2f350cb07c26cL },
-      { 0x548d2a104216946bL,0x6e801f077a4bd92dL,0x5996d0a343695160L,
-        0x0f1b5c2f63a197c9L,0x79da3c4f061f77c9L,0x1c1cd63493ff7b22L,
-        0x5e61b650a234123fL,0x826b34c5f284033cL,0x718b90e8c2f34214L,
-        0xa5f35620ae806ec5L,0xa2fae345e324a9b4L,0x8c0bb95e8b53cb51L,
-        0xc94f6ac2f9965778L,0x07ec607d6b9def32L,0x63bf1dbad0ed8f27L,
-        0x58537e02dcb61e4fL } },
-    /* 60 */
-    { { 0x1f64b06464f80ba2L,0xe8e055e70559a45bL,0xc3262b34f1f4b634L,
-        0xef4f7d5fde8c8482L,0x9d55dea0c30c780aL,0x1740afb9cfa1e693L,
-        0x2cfe6a667460c34bL,0xf66959411187c1eeL,0x1382f2775f974d94L,
-        0x1ca0ace4004549ebL,0xf8244b3fbabded02L,0xc36f4d064e3653eaL,
-        0xeab9f0dcc55c5f83L,0xd93b9cefacebce90L,0x16658e7219061425L,
-        0x4857835f82d7970dL },
-      { 0xdcd525bcd2576210L,0x9f378aa7d51b5443L,0xfe97bf171bd83994L,
-        0x930d0f63f38ac621L,0xaf8f2c17818408ccL,0x2692c87e260f53f6L,
-        0x0ee45407db0a75e4L,0x0ec47ae5ffdb1b37L,0x769129dc7aa6a44bL,
-        0xb6f932b22e40b75dL,0xe06764d095ef3b77L,0x28fd47f568bc63e8L,
-        0xd18104949c0014c0L,0x90e2d3fdd7995d8eL,0xeb39a05d6c2a85afL,
-        0x6c0277bda21f3128L } },
-    /* 61 */
-    { { 0xe41b7086b509e7efL,0x8842ec7b3d7f9f91L,0xcd285f945526b88bL,
-        0x6e44e064051dd0abL,0x90198c10774f1cebL,0x6ecabe98123e661bL,
-        0x4481113632f647d9L,0x1dd82b4526c52aeeL,0xd650907f939dc9d5L,
-        0xbd5eeef2fcd455bfL,0x7815a4dd8d2e5d7cL,0x5ad4ec9288bc9f2aL,
-        0xc6f10d0b57a3b322L,0xe8d0c1e720b9cbdbL,0x5a0b071a9b774ee8L,
-        0x3067bc9af22fcf8fL },
-      { 0xe0e589f2b7ca9326L,0x17a106fdb1224f63L,0xb2354521747a57bdL,
-        0x2614982d62b0882eL,0x7f3af5444391ffcfL,0x1aaa337ba84e440dL,
-        0x28ea37b0941bb071L,0xa957dcb42e4a7f54L,0xe7ab662c1a6ad5fbL,
-        0xd135e381f7c36a20L,0x42e7980c9baa0b6bL,0x4237030c94e4671fL,
-        0x24cc63ff8b0922e3L,0xd10d5279445a589fL,0xbb99d316a870ff6cL,
-        0x390c83caa996c195L } },
-    /* 62 */
-    { { 0x50d3fa82ffc4a73fL,0x2665d6353bd53303L,0x80a06f8a264bb77dL,
-        0x81c04a6e22d73d84L,0x2409cff50323b8aaL,0x31dce2178c4c4d5aL,
-        0x374aa80e0c0f9c19L,0x0b25a38700186bb8L,0xd0b77a10aaf1487fL,
-        0x15f39ad5ab498de1L,0x92e32da61aa0c116L,0x228e3dbd96e25ce8L,
-        0xb57c88dc5e8646d1L,0x672b1164267b1c68L,0x5d0d807f600bdec5L,
-        0x3ea4007d223e573aL },
-      { 0xd76debd0a595d0a3L,0xa6bd76cbaff0b3b4L,0xbf2c154f9b1bdb97L,
-        0x62b19ab44c714c71L,0xc9bf33b9221af663L,0x23d87c498c941ef6L,
-        0x255804c3d79f0f6dL,0x6f1a10052a7acbc1L,0x5dab79d9550528afL,
-        0xfd77a6f0c8d16213L,0x40508b6dde5e1029L,0xd95ac0f2f95da12bL,
-        0x8860af71758a8ba1L,0x0b194c837160c8fbL,0xa40e6c80ce004d34L,
-        0x09f82a176b14aaa0L } },
-    /* 63 */
-    { { 0x60abe588c21366dcL,0x729c0a4faf75daf9L,0x70501fd9acb93ed4L,
-        0xb97e744e87a16d70L,0xa42e0a7a98e7361bL,0x1acdaff228b54cf3L,
-        0xf087ccbbb7bd9078L,0xda6f3983663250e7L,0x66d693eebaf07c09L,
-        0x79baf4c38cbaf157L,0x5a984e07dfca99d0L,0xab4d3247f26d8dabL,
-        0x4d0be7017eba36f9L,0x37bb9e650e8dd216L,0x72aa4e24531c4f03L,
-        0x77d1e984b753d85aL },
-      { 0xd9373239d8e62367L,0x3361848bb9820cf1L,0x00c7e3445a9c97c4L,
-        0x9a0ec9ae14f960fcL,0xcf41f0cf740474b5L,0xa5eede8fece065d5L,
-        0xb1de5a4e9e808610L,0x17c44ae4ae0cf75dL,0x2fa563236b148d0bL,
-        0x64fa740fd29ff2dcL,0xc605eb8a88cb212eL,0xf2c771ad6a863016L,
-        0x6d6112e7607b4c17L,0xfe90ec0740d49785L,0x599be18be256e0e5L,
-        0x4e6eabecca54adb0L } },
-    /* 64 */
-    { { 0x950323d3fb99cfe6L,0x7b09bc26c9334178L,0x64111e417cbdfb6fL,
-        0x9114174489a75760L,0x4c633df910919cb0L,0x715fc7c7396bfd2fL,
-        0x8ca195128cab62dbL,0x306724734db81aacL,0xe67a246bb4c4c54aL,
-        0xd77ea0fabf229646L,0x5bed15f1fa5b5d70L,0xa5686da5c2f192f3L,
-        0xdecac72a7f6690adL,0x0c4af2a2caa50b7dL,0xf44631c16049ad2fL,
-        0x325d279604ecf056L },
-      { 0xee11fb554848c144L,0x4e062925b6a7af32L,0x125b68e1369e0f9aL,
-        0xad9bdae6ca53b21eL,0xf50d605c2e98ea1bL,0xbdb9e1539f2fa395L,
-        0x4570e32de91532f5L,0x810698ae46a250d7L,0x7fd9546cad9d9145L,
-        0xabf6772111e97a5eL,0xca29f7d5249f82e9L,0xa9c539a99851df63L,
-        0xfd84d54b71d0e3e5L,0xd1e0459c041d2b56L,0xceb3eb6efd80096aL,
-        0x19d48546e32a79d3L } },
-    /* 65 */
-    { { 0xfe19ee8fb540f5e5L,0x86d2a52f04e68d17L,0xd2320db0adbdc871L,
-        0xa83ad5a8d03a7fc8L,0x54bf83c708bcb916L,0x092133ea2e51e840L,
-        0xbce38424cb52dddfL,0xd5c7be4031063583L,0xc1ebb9df458e3176L,
-        0xafb19639bc4dabbfL,0x36350fe4c05725a8L,0xac4a063484e1cd24L,
-        0xadf73154c145b8deL,0x0aa6dd9eb3483237L,0xa3345c3dcbff2720L,
-        0x1b3ace6cb4e453b0L },
-      { 0x0343e5e990a8bdc5L,0xa203bf9d6306a089L,0x98489a358e48520eL,
-        0xbd17debede7d1d06L,0x8fafa6d75f795d3fL,0xa4ceb630387b0a3fL,
-        0xe0166b32ffddeafaL,0xa2fe20547e764e02L,0x55ab9824e871f304L,
-        0xa2bd36bb952ec45eL,0x7b4c1484a90d20caL,0x5319f38775bcfb53L,
-        0x34238a4a6982c4e5L,0xa2bb61c7a102921dL,0x1e061b64db3ab17eL,
-        0x538ec33e192f0a14L } },
-    /* 66 */
-    { { 0x193496fea19b56cfL,0x663d77f47bb99acdL,0x8f04afa857d0a881L,
-        0xcced3da2082835fdL,0x7e21faed5d82cec7L,0x6e175b99f8009c85L,
-        0xd9c6e31b2d05a307L,0x96948d4a81487d82L,0x86ebd3f2d46f6655L,
-        0x86851aa8773ccc49L,0x3e220f228b1640a6L,0x9f06e3a841a20b75L,
-        0x2cfffe5e90ac0a6fL,0xf5a9b1da8ebeb3fbL,0x2587d9976e08e2c9L,
-        0x6fd6029803e9f401L },
-      { 0x54709f8d8eb7516aL,0x83058a74bdc598abL,0xd234dd9887e801ceL,
-        0xfd0f9d90d17b8a96L,0xaa1e549f6e90f6abL,0x2496ff805a7ed55bL,
-        0x0d9f657a6c254c19L,0x3cdea49cb8962575L,0xb685a3f02dff27deL,
-        0x3c50e7fddb8bc04bL,0x904ff0ff987236b0L,0x494298fdbb0d5055L,
-        0x34b3386de14be8d0L,0x7ad34e9c7c3d30d6L,0x1f2b32bde159fdd9L,
-        0x84cfa23cc761e5c0L } },
-    /* 67 */
-    { { 0x13bc11eb8b99b964L,0x8e280c0a58e2fc47L,0x870fbc49d4c9a54bL,
-        0x37a334a2bf6e20faL,0xee583d0dd7c88cfaL,0x05e029a8ef4af1daL,
-        0x6d55e2340c2ef8a6L,0x61b6fdfe209e9b62L,0x3b1dad26bb8e080fL,
-        0x5adbc1629392fc1aL,0x02ac0fe60aae3f4eL,0x8d99801ac2bf4d5bL,
-        0x2333f93fc282fed2L,0x16dcb10cb52db33fL,0x09f90f84c55752e7L,
-        0x287d4c51c84a0d8eL },
-      { 0x5fa582010e9867daL,0x614589b31a874cdaL,0x005e27c5fbdee22eL,
-        0xe357fef5e612bda8L,0x4e0dbedf2d3635f9L,0x62be70e46f125a86L,
-        0xa09b98840d94a2e5L,0x7eb99a1528b5e5d1L,0x21b9416e751028b5L,
-        0x1b137fd7e06d2cc4L,0x6fa1f517fea09845L,0x3ba1e966ffcecbd7L,
-        0xd4c89a4a832f453eL,0x07b1e2afeca68fa1L,0xd0fb44534bd395a3L,
-        0x0132a3dcd8ef9e13L } },
-    /* 68 */
-    { { 0xe53c7785576374c2L,0xe60526d184727040L,0x8a066dc8228ca044L,
-        0x1fe1c1b2f1ce1313L,0x2aeec832cdeb0c5dL,0xa75966999cbf826fL,
-        0xcd188e81de77a589L,0xe5ce0fe0118d1254L,0xa142a9840790b86aL,
-        0xe28f043f39ac28ceL,0x4eef829087de5804L,0x83c31b32f639a8c5L,
-        0xd70454a75887794fL,0xca635d5018b1b391L,0xcefea07631d9c795L,
-        0x13cbee76b6f8aa25L },
-      { 0x79cabe0f8d3f34f3L,0xbda9c31ca3617fe3L,0xb26dee23dd9426a1L,
-        0xe9dd9627f29c9104L,0x033eb169e2c6cd3bL,0x8a73f492fcba2196L,
-        0x92e37e0bb858c83cL,0xe4f2aca623b3fbb7L,0x8101fb1e64be00a2L,
-        0x91a7826a948f6448L,0x414067b4907260e7L,0xf774aa50e30bb835L,
-        0xf922ca80c999c06eL,0x6b8635b90ba08511L,0xbf936b5c25fa04f0L,
-        0x4e0a1adae02e8967L } },
-    /* 69 */
-    { { 0x00ca66708ba29c4dL,0xc08240ce22988094L,0x21c5ca6716dda752L,
-        0x689c0e45abbbfa34L,0x1d7545fd3ed28b72L,0x5f221198d7c56ab4L,
-        0x4b3d8f7438759d65L,0x93490dfb8fe50b89L,0xb641f5d7e80eba16L,
-        0x7b0da5eb79acb537L,0xab6b14970c1d5e5eL,0x2338e68da5da429aL,
-        0xe010c4372f6d2f25L,0x226f16d26530f3a7L,0xefb0f7b6cbef08bcL,
-        0x733e30d99f99c999L },
-      { 0xecfe1582a42a38f9L,0xaec2d58e4730b500L,0x2ee2f2a7de976b2cL,
-        0xf0539db5a969c1bbL,0x31954168fcecdb4aL,0xf2f7348ae7a8e902L,
-        0x1d58d7cc3121541fL,0x5d25b75c2202ae52L,0xdea9965af40835a7L,
-        0x3feb6a41529b4e46L,0x5c97fb6fbd27ad9bL,0xd87554c0261f900bL,
-        0xb43031d904d5b19eL,0x33d5e9b8cb219b9cL,0x7a43d4923ee00bcfL,
-        0x56facb39b79a5c0cL } },
-    /* 70 */
-    { { 0x019165a2a3018bfaL,0x100c6b249ffad984L,0xbbf1b1f655341a9bL,
-        0xe6bd1d9725dc4cc9L,0x52850ed52bfffe60L,0x24e992cc7e5509abL,
-        0xff6c502e4ceb59f1L,0x2f0b35731aa7d148L,0xe90c1ddde7e3aa46L,
-        0xbaec9f45d1142880L,0x475cfd2665be5dd5L,0x83abb14e1febce13L,
-        0x6aba482980942d30L,0x1e1b235d297e82c8L,0xb771cdbe50d8218dL,
-        0x88599266d94d6cbbL },
-      { 0x08847290155ccaf2L,0x8679ebc77c5b773eL,0xa88b2dd1b2dd08edL,
-        0x960a180e87d475dbL,0x80fdb6b76694d02aL,0x3e8758c93f3f9e96L,
-        0xbda3f6fa4ad836c4L,0x9400c58132fb387dL,0x25a785422550200fL,
-        0x2a97c351776ecf18L,0x03ebf46e566db59aL,0x4743a28026545edaL,
-        0xed169d84cf74ab44L,0xbaab931d88cb3f69L,0x70ae932cd8257196L,
-        0x797224a6a0c09719L } },
-    /* 71 */
-    { { 0x632923f8441f3567L,0xc11c31682e24bf1dL,0x4b97726bb7671fffL,
-        0x601746a77a5e1a22L,0x53dddea03addb417L,0x57867a3c7f59b846L,
-        0xb012a98756cd7ff7L,0x1bd5fec9f19ba9a8L,0x750379a2f8306748L,
-        0x7763445dab8c05d1L,0x5d7f441b7903f42aL,0xc011674da903e46dL,
-        0x1b1d3c4dadd126c1L,0xa2752aac61455b40L,0x4da42a68555c356eL,
-        0x3ff09c15d820852cL },
-      { 0x4c0a1bcef9cb7784L,0xaec539bc2422f305L,0x5f40f9fd0c414aa7L,
-        0xd3aa316cffd42bc4L,0x42f5a4c32f358e15L,0x00bdcd9ed6e27682L,
-        0x069f789ff8a5eceeL,0x8078018e05e14f5dL,0x2bb3e4938b40c741L,
-        0x5dbc8c1d7917f72dL,0xe0eea664cc57150cL,0xa25ecc5ac3fa8920L,
-        0x3c21b0f51c797164L,0x8f09a2f2634ad16bL,0x8e730fc558391d9aL,
-        0x47ef18054fdfae4cL } },
-    /* 72 */
-    { { 0x9965f3d13da285e4L,0xba7d4dba3a01e3f4L,0x4738413a61214ad0L,
-        0xd3b7d53522397549L,0xa53dbdcf5a730b92L,0x3130d92b332d165dL,
-        0x44a2854182f97ef4L,0xbf62221c44dce1b6L,0xbba138587e2a0ec9L,
-        0x33f32c8dcbfad998L,0x409e5f3fb5fed44bL,0x5c328c65c66217bbL,
-        0xb00db69ffcdf71a9L,0xa23c2a21b8920788L,0xf8ab28e63ae6464bL,
-        0x1a6b6e9cb8de0861L },
-      { 0xaf6ec2b606af77aaL,0x2e60f5cda887f065L,0x87d214009f498c56L,
-        0xdb595b59fcbaaf4bL,0x0fb592a1271ab855L,0xa0ce10e5d4349b0cL,
-        0x9d6187d8887d8c9cL,0x03ee95f9154bd6dbL,0x8fe532135d06c999L,
-        0xf4a7bc30fb6a64d0L,0x3d22af0d66a4cb60L,0x16952cef5d37367cL,
-        0x6f0ea734997d8e55L,0xb447c70f731732d0L,0x00ab3034a9cb3942L,
-        0x79dd018028510fd0L } },
-    /* 73 */
-    { { 0x04e0033a3ac7424eL,0xdb06b68860fda4d0L,0x236a9766bcb772fbL,
-        0x294a8e2bf297cda4L,0x4b0aab85db013c6eL,0x3d2aec988723a3adL,
-        0x0cae32cd13c84a6bL,0x21888f5e70ec169eL,0x739633bd42a88262L,
-        0x68ac792e7b60d9b8L,0x89f2b72210769fe1L,0x8f3fcfe6d24bed34L,
-        0xd35efb88a3eb24aaL,0xddecfa3f484c706bL,0x7cc119a9929ece0dL,
-        0x87e5ad458d405436L },
-      { 0xba99aa9d7d1000a7L,0x8b94affcae823833L,0xc8229628dfb83dc5L,
-        0x2f59fe11845a418dL,0xa8b970f85d417054L,0x8918c26572b71581L,
-        0xe4ef477dc0d1dd17L,0xb50b4cf33afad7c0L,0x21baea7901870a5bL,
-        0xc77087f9bb3a2868L,0x7857531e124a59cdL,0xed74c26f57f43239L,
-        0xd5f5ae250164c94aL,0x6608b7e2f094bf74L,0xf4cdb5bafdceea32L,
-        0x0b712519990cc045L } },
-    /* 74 */
-    { { 0x5a290ca188d5c64dL,0x0596d749a7492534L,0xa04b0d3d2a00e925L,
-        0x082cd02ccaf7b66bL,0x912b50c2ecdded83L,0x813ce9deff31646eL,
-        0x62ae70c7c75fff95L,0x6f6852e07e2a4615L,0x320fd7d003804fd1L,
-        0xb1a2a4dd8218e8d9L,0x4918a6fbafc645d7L,0xfb080fa1e8d9fdbeL,
-        0x33d4d08a4470b6eeL,0xd2ba20776d974ef7L,0x8ecb95a769dae5d2L,
-        0x7a3f423a7d69596dL },
-      { 0x362d2ca69a929387L,0xabdb7581cb1c1fffL,0xd892ec9f7e51b6cbL,
-        0xee8d86323a4e131fL,0x4680e3f15bd87561L,0xe3a597e1d4e7e732L,
-        0x3cc72b7c5581fefeL,0xf3e77f8aca8cae0bL,0xfcc7d7dc5e2fd4afL,
-        0xdd3a455221355b79L,0x546b24f2a2c07177L,0x415b532d0689621fL,
-        0x2be9af513f78163eL,0x27d63b9b33d7ed21L,0xab019ef296802943L,
-        0x2da5fc551623faf4L } },
-    /* 75 */
-    { { 0x62429cf3c8a5c600L,0xa7a80c223fe33e7cL,0x9ffda7400a57ddcbL,
-        0xd1ae156d925b0c74L,0x097a43f96b100eb0L,0x169e945cef943c81L,
-        0xa1f734e51128cf24L,0x04387c4a419f0133L,0xc007868b01044024L,
-        0xe5416abf90359cf2L,0xf9c76fee478d54e3L,0x66219da642a2173eL,
-        0x61e031569fe30141L,0xa0ff5ce393ef247eL,0x811792ba072b6592L,
-        0x855f021970c854d3L },
-      { 0x61fbfb6c847314c4L,0x97906155eb45b96aL,0x7102e1466ba2afacL,
-        0xed51f975ab949781L,0x9d2f5b17c110c4feL,0x7ac8ce70aff57667L,
-        0xe7366a216eb244e7L,0xdd1bbcec551c65c7L,0xb525060ae1a859deL,
-        0x7a0481748ba7d2e7L,0xe1a2c541ab8ea8c4L,0x6e7824c36fdff078L,
-        0x79b49fc714874b04L,0x22ae337f06b1f733L,0x1c3521926f8fe6cfL,
-        0x292236cf525d0797L } },
-    /* 76 */
-    { { 0xcdb8d80a7d8b29dcL,0xd17a202408ea648aL,0x7db12c5eae92be91L,
-        0x1f347d18fda72fbcL,0x11374b409e760c6fL,0x7361e8f1d8e38d91L,
-        0x7714be9d739ac1f4L,0xc1f9701cb4df5c4eL,0xd9138ed86f72cae1L,
-        0x1c7fe1f76ad180c4L,0xf8c185be9e2dbf9cL,0x835db2697c70c44dL,
-        0xf997cfeab0d15b5fL,0x5101445a61e6545eL,0x16b0688425184e5eL,
-        0x7cfac3597521e7aaL },
-      { 0x811821673c0bc53aL,0x84b5ede37e751367L,0x3ca255fda3657a18L,
-        0x096abbf4ba1fdd98L,0x9ce8369fc5da77d8L,0xf27b9ae7aab342c5L,
-        0x06c91bd6972059f1L,0xee0dab30914ecfe9L,0xbb647fbb93f53f12L,
-        0x30c38a7affa57e0eL,0x517d06ef9f2ad607L,0x49728d87bb99dcc9L,
-        0xb0034af1446080a1L,0xcc810c3f12b9c17dL,0x7225f14f772a22a0L,
-        0x6ce3dc7f1ddf82bdL } },
-    /* 77 */
-    { { 0xc07cd835a4397830L,0x4dd9290cf4733306L,0xdd35d3a829989e8cL,
-        0x79902559563d8152L,0xf278d911e87de61bL,0x9c7340c71024e35cL,
-        0x2d4444614a0d0e59L,0x63e7608ff32626a1L,0x627a37e9c4c9baa9L,
-        0x0c56dc5176fffd25L,0xcb6defc8cef2a1cdL,0xcbcc0d56efc559d9L,
-        0xe45f3fc5041cb692L,0xcd05c239e5161e09L,0x2a731ee95c3b559cL,
-        0x85151122a3d0a16dL },
-      { 0x782d033586ff19e2L,0xc2c60daa1da28603L,0xb2e78cfe557c7eedL,
-        0xa8f6f9841bc4e8b0L,0xcc1f9b4b3df35c67L,0x96e136034764462aL,
-        0xbf910b977c7ae0b0L,0x27c7f30551435956L,0xc14db15cf631eae5L,
-        0xa51d61427e69b34cL,0xdec828515fc12ff2L,0xfcceae13fb887162L,
-        0xda332ac1de1488bdL,0xa20374e22ee3e74cL,0x597ea1a1f0ae069cL,
-        0x8b1159f277bdec04L } },
-    /* 78 */
-    { { 0x4af71a442f961d30L,0xbdf968a87ac7248fL,0xd32df87cb1a906cdL,
-        0x00c10e2604abf925L,0xb8711759b9f04d4cL,0x00d54e60939705daL,
-        0xf7587433c9f80849L,0x2e9abade6a7a2375L,0x5676d47894ac17acL,
-        0x4ca0525bc202d99cL,0x95b8bcadabfae73dL,0x2371ed383405991bL,
-        0x2b69e47a458a99c3L,0x7cac0b182b78c866L,0x6ceaa79be0232c7cL,
-        0x0bd86433588f7459L },
-      { 0xdea1a8b47e734189L,0x52c5ac88cfe5fa17L,0x444a4d4e11437664L,
-        0xc2522308af9e9750L,0x78b1d0c3d30c6b3bL,0x2edae5f04c6df477L,
-        0x53131d9a2ee88dd7L,0xc4e380eeacc93e34L,0xd499b1aca8db0e8eL,
-        0x77348c167f5d49d7L,0xc96632571556ccd7L,0x65ce0e8c2611d13dL,
-        0x2c95fe66b5a2fdccL,0x266988328658faa1L,0xda87d1f431c32c98L,
-        0x46650598fcd91907L } },
-    /* 79 */
-    { { 0x4c6c13cc6b4a5efaL,0xc481989b1d07b265L,0x10b966ce8bdc69c0L,
-        0xf54cfaa22c2531d4L,0xcb5f1808cad0a100L,0xbeb52538ee5da449L,
-        0xa6240085bedd83ccL,0xe792dacfd6255c78L,0x883719062062058fL,
-        0x96615e83ed1658c1L,0x4b549b277d28d542L,0xeaf127db83b75df3L,
-        0x4f60df6d17fbb942L,0xd08631dbf6f7c930L,0x17c38f986018789fL,
-        0x0c43574ab9a9280cL },
-      { 0x76eb324c1d20cad0L,0x90decb098c61108aL,0xa6e9d39c6f06d36dL,
-        0x6cd978babc0da197L,0x5948b1c0507ac5ceL,0x2bd47164c5497eb5L,
-        0x2a9c4c0f4d5914e3L,0x772c5046a759f03cL,0xe7d7328a69ac847eL,
-        0xa8d57d0c3048b330L,0xe60034e040f7baceL,0x823d9193a85f1790L,
-        0xa6e9b66c5c859736L,0x22ca2c7a679e1022L,0x00e7a19c09023fa4L,
-        0x324999f12726d5b9L } },
-    /* 80 */
-    { { 0x667eaed67c834915L,0x9f77aa6abc5eb64dL,0x729ebcb625d62011L,
-        0x0aee24f2699fd9c2L,0xe1eb58742b8d4f6cL,0x7f12710c14c976d6L,
-        0x91390335f6d9ea65L,0x668b704906b50064L,0x65969a0e0876ee4fL,
-        0xf901bf3f2f9d9360L,0xfb1a8651b499e3ceL,0x80b953fbf2dbcaaaL,
-        0x312cc566973b06b6L,0x3534d9c33af36c64L,0xe4463a5210ffd815L,
-        0x57ea2b4bf18c2b91L },
-      { 0x00f5e1628aa0f2f2L,0x8c7e75c50e46bcaaL,0x97ab479aa4a2c42dL,
-        0xb4f308ea14baa202L,0xa901bd146943cc2eL,0xbb125feeeed58804L,
-        0x6502c8f99d180f7cL,0xe53539191580c61cL,0x7e27806927101ee3L,
-        0x7a0a40a1faa72717L,0x32edce024c75b153L,0xda23660b538f1c22L,
-        0x4d511e98be307d2eL,0x24276e409baee0b4L,0xa78c39277ff1f307L,
-        0x60480b46ea7935c9L } },
-    /* 81 */
-    { { 0x31087d663872ece3L,0x5f29be7d955b70f8L,0xb50b4fc79cf95bb8L,
-        0xbae3b58ddbffa621L,0x0e61d280e022ba5dL,0x78ae51174181449cL,
-        0x0b132840cf555485L,0x800ed1b6b8ce0b0eL,0x35dffdd578d5de3dL,
-        0xf7e4237469a56b47L,0xd5e323698d910ae7L,0xb6ff52a06313c7c7L,
-        0x5a2fe20da92de9e5L,0x41b347d3d12110bbL,0xc5905edb40c16f23L,
-        0x0774a0d39a8f88ccL },
-      { 0x3ae181abe3b6c106L,0x4ebe163f8de150b7L,0xcf75b82f6f354836L,
-        0xaa0d20633ac7ac16L,0x5c680668291722afL,0x73941e6111545553L,
-        0x17127e38bf5de3f7L,0x32cfdf031afb41daL,0xc6893c9187bc8663L,
-        0x75046744a62c9c99L,0x96866e2d962c1947L,0x489ec8df378cdf4cL,
-        0x3a60709b3407fa32L,0xd37d2159551290d1L,0x9623d303bab92273L,
-        0x081519542432014bL } },
-    /* 82 */
-    { { 0xf9236d89fb7b2108L,0x3ecc83ccad75f9aaL,0xf7c72b15b4e1da11L,
-        0x552aeaef0315c362L,0x11e140edf272fe3fL,0x99d79bf687843ee8L,
-        0xce6b54fd1d9bb25bL,0xb20b0e215b1bad74L,0x54a0214f5b84c90dL,
-        0x459bbf52fca6cec9L,0xe363c48d9e4df76fL,0x3045f84ed64cf17eL,
-        0x8402a167f62ada48L,0x2c9e1bf36a74ca01L,0xe8cf9d41f691c42dL,
-        0x5abf2178c2c4b874L },
-      { 0x4777966bf3b3bccdL,0x0047e0f0be3e0caaL,0xcb8383b38c7d5043L,
-        0xe77e3baf946fd5fcL,0x79baa785e9ec0e87L,0xd83c557cc8a18d25L,
-        0x9b96e5af25befcfeL,0x4f05d15e98c71b61L,0x081f991a77e62da1L,
-        0x1c6ec781cbaa3821L,0x7522f65de54d9bfbL,0xf5d0557344ed1430L,
-        0x3035b31f95cafddaL,0x47e67f436378f5bfL,0x029f7cad5270b9d9L,
-        0x15ad15874d916a48L } },
-    /* 83 */
-    { { 0x00de2eceaa588ae4L,0x552ebc58a371a232L,0xd00ea93471230444L,
-        0xafbfa67de4b1832dL,0x29216341b689e843L,0x1f96bbbd61f4e2e8L,
-        0x9542068404c29dc5L,0xc7fe382742317fd1L,0xe0a0aec663483162L,
-        0xfc2b94d10700184fL,0x07219973fe1fbd85L,0x648b6ab1fb074352L,
-        0x23bbdaadc46e5392L,0x0db8dd1f00fa56ffL,0x104815eb866725f6L,
-        0x3f9c4cca52e81963L },
-      { 0xff36b29732ce637eL,0x81a15f2df5d25cddL,0x1a1d052d8b02ad97L,
-        0x2e5f3bbccfbab3e9L,0x60d2cbd7614eeb75L,0xd4491843cd5a793aL,
-        0x2242cf75cdba2144L,0xa20705e788b99766L,0x64e12cc0ec77e132L,
-        0xb1c14df6b61a9b05L,0x8fd97f0474825b5aL,0x956048213da31223L,
-        0xde4867274d30c70dL,0xbcab8f151c12ee69L,0x5dc638b4668d893dL,
-        0x6479dad6223f574bL } },
-    /* 84 */
-    { { 0x569044f3b05f2b26L,0xb35a294a80b9f76cL,0x8839fe284290f6aeL,
-        0x761cfb23026a5877L,0x768926b62e5ff9c3L,0xbae6cd200b11c576L,
-        0xdc85775672a03efeL,0x0cae074ae1bad63aL,0x3fe491a1d709d99cL,
-        0x76c5ded66501d9c1L,0x1da6eca1c32aeff7L,0x50849d55c57683e8L,
-        0x9e392e9cdf98d847L,0xfad7982f64d9a564L,0xf7c3bdb7a37b98b2L,
-        0x1fe09f94f0860497L },
-      { 0x49a7eaae7648cc63L,0x13ea251167cfa714L,0xfc8b923c653f4559L,
-        0xd957619b81a16e86L,0x0c7e804b3c864674L,0xfc88134a1616599aL,
-        0x366ea9690a652328L,0x415329604bc9029eL,0xef9e1994ae2aad2bL,
-        0x9e2a8c527f10bef5L,0x73dcb586c67bf860L,0xf61a43fa844cc25dL,
-        0xd74e7eea74eb3653L,0xf3356706dd240f02L,0xeec7694cfd83bcb4L,
-        0x4de95786db62526aL } },
-    /* 85 */
-    { { 0x4867d3153deac2f7L,0xa084778ab61d9a8eL,0xf3b76f960ab7b2d5L,
-        0x00b30056cfdf4f79L,0xd0701e1531ab8f4bL,0x07f948d59c779d01L,
-        0x7c994ebc82675371L,0x1104d4ee48bad4c0L,0x798ce0b5bfc9d058L,
-        0xc7ca898d309fa80bL,0x0244f225acb33eafL,0xd51e8dfc5b2f3175L,
-        0x3e49ba6ba4d7be34L,0x1760f4c7bda02b43L,0x37e36a7e4435275aL,
-        0x1c94418be636980cL },
-      { 0x43a2131309dc1414L,0x060765fc43c93537L,0x6ff3207adf5f79ceL,
-        0x6f18b1fa85d4cfcaL,0xf5c4272e63e995abL,0x121a09e4a82b3002L,
-        0x82b65d1b97147f16L,0x4993c20c20a7fe26L,0x99c9cb98e6716726L,
-        0x5a02d673feb440a0L,0x3f3fa9e1251b4bc5L,0x75dbc474a05338eaL,
-        0x3cb4044b7b09f6cbL,0x6767da1880434609L,0x97851422098ceac2L,
-        0x611bfbb2b55235baL } },
-    /* 86 */
-    { { 0xbdbaa55ef00ad2a1L,0x29efa85e14a290d7L,0x3b4a4768e92b1694L,
-        0x67111bcd11ec8130L,0x0e42570288bd27b2L,0xf28cf2a3d9a03c06L,
-        0xbb7c8d2df318884aL,0xe2ea1462e3aaeb20L,0x3353580443b85d77L,
-        0x81ee4482554ee9bdL,0xeb2eee9ee6aa198fL,0x7a5aa804c26c5944L,
-        0xa0ef2da582ab167cL,0x5a2ab47602fe21a5L,0x169cb3b83370298eL,
-        0x86e6c5440eb3aa8dL },
-      { 0xede033210b793d9bL,0xf79fade11ddb5eceL,0xf73fda9268930b64L,
-        0x06aad97dfe4fd1b2L,0x073a5b1d92a4dc88L,0x8af8cbd8bc976d75L,
-        0x60b4abb163ce26c0L,0x9c8300a9dcb1fb06L,0x335a594cda95b3d3L,
-        0x1f97d7d4b37eac87L,0xa3d2eba220eefaabL,0x3258c906f3e828c8L,
-        0xc832616f85ab7781L,0x725971928c28b617L,0xcd7196bc3233b82dL,
-        0x83867eb919fa126dL } },
-    /* 87 */
-    { { 0x774fe73e22474edbL,0x2a7663941a84e1aeL,0x270329ad9c6dd6e3L,
-        0x00c4a41514f8bf5dL,0x3ce2ea37d2267b90L,0x1275301511d24faeL,
-        0x7c14d854263a1b78L,0x20c8401b1ae0b206L,0xf32a011b081f49fcL,
-        0x1e8123fb959c6df8L,0xa328dc7c800e1d06L,0x5876a37824259a9aL,
-        0x23ada8b5b7ef6c37L,0x023f6b6ea93d4c9fL,0x89f5414dffb6389fL,
-        0x4b26bba2e628b39eL },
-      { 0xd30b1cb45d318454L,0x123b749fd7436cb6L,0x3110c726568a7461L,
-        0xc85de1231c84fd1eL,0xa5f8d6e608403d55L,0x395b6e139b1fabf8L,
-        0xfe6d68c33cfedce0L,0x1d90381f94b91110L,0xf0a8ea812dcc6eb7L,
-        0x59e804137e90ca2bL,0xbeb5fc07c8a25c5aL,0x009c253a5d84663cL,
-        0x00b15073910b6a7cL,0x8607da4c4108f8d5L,0x02c3d9c3cb901e65L,
-        0x4d697bc52c9615c6L } },
-    /* 88 */
-    { { 0xe0db1ef0efa8fb40L,0x29021c5b5ba3989cL,0xa8d6fb15809d19dfL,
-        0x6b787b734c1219e1L,0x6417e16814ef05e2L,0x449342db8f9796e2L,
-        0x2f878a5ebf84421bL,0xe71916d7e94a4536L,0x9818bba3ae119693L,
-        0xec674be95768804eL,0x0a26074cf8424f8aL,0xdbc93b9d466ce6abL,
-        0xb3f15a98c920078bL,0x9d10fd0d3870f1a3L,0xa61241d9e4e785a7L,
-        0x76ca87a1e6c8cd80L },
-      { 0x4357fb56e02e48b7L,0xfbd14b13cc09e9c6L,0xdb5f243524069cf0L,
-        0xf878165c2c3b01a9L,0xe549e7c4e6956dadL,0xf2fe9538bbd60b68L,
-        0x952f856b059dc653L,0xd3f60225b377fe9bL,0x6a0c7328bfe908c4L,
-        0xce6aa2d3bc8f5f2dL,0xf721344324425050L,0x17e1266a3d3b3ce5L,
-        0x75b5e43fc1677512L,0x1592706237fb894aL,0x152607532be3e375L,
-        0x27e7f2c66da3b7beL } },
-    /* 89 */
-    { { 0x638f65ade6a15883L,0xd4a7e68c66afdb33L,0x6207b6abd3f12de5L,
-        0x1c6ff95037b87810L,0xc0d44cb264acf6d3L,0x163ac601f2be78c2L,
-        0x1c63cc5a1636980eL,0x3e92cfe895c9349bL,0x7738e0d841ec7220L,
-        0x6169d7642d5fa961L,0x2aa776c1c3e028e9L,0x93dc5646b16d5409L,
-        0xa0b27fb5706df4d9L,0x9e991170ce9c6b97L,0xea8e42be53c85f40L,
-        0x02e9643783246528L },
-      { 0x91540addae78ea1fL,0x51a1b74d7b670e96L,0xf9936441f7006826L,
-        0x8f97d6ea7d7520c7L,0x0faa6a0269ce12e1L,0x2590aca879208342L,
-        0x7a48386375614436L,0x07c6149ef381408fL,0x733bf584d7853406L,
-        0x8761b0109abbb6f7L,0xe4eb249ff528a09aL,0x08781ed82e00ae3cL,
-        0x864c1b252178effaL,0xcc1e62a29d513a7eL,0xedb8b94e1919062fL,
-        0x739f53da4f16527dL } },
-    /* 90 */
-    { { 0x7a5f4a88924adc5fL,0x95646c16a818f56dL,0x0ec491297795f954L,
-        0x2b48753dd19c5400L,0x16fa236b205912b4L,0x6b3d65f3e87a4946L,
-        0xa7174a01045fd066L,0xb635031312a5e140L,0xa79c4b44a96b8623L,
-        0x7a339d659ab003d5L,0xc72f30c63826f31aL,0xb4e7390c6f7090cdL,
-        0x59ac6c36906ebe24L,0x39a7f06dbba4505aL,0x839991e1c58c413aL,
-        0x020c23ffa20e0e84L },
-      { 0x120e4adaafc74661L,0x37bbcf63277fc065L,0x41049cf6b6dce799L,
-        0x5b8d6b537b161ba1L,0x22218431a9610fb2L,0xde9ec9d1dfdde769L,
-        0xd32bfa4d42d80630L,0x3885702a6244df4bL,0xcdedd1ed45592dfbL,
-        0x0e1df45bfb4e01b8L,0x8f4bded286e215b0L,0x809354876a937e6aL,
-        0x415278ba8130f723L,0xc6dc469238a821f8L,0x2207b119fd8b4f8aL,
-        0x76e7bf53f9269cefL } },
-    /* 91 */
-    { { 0x5f12842827ebd187L,0x8d3320abb65aadbbL,0xb042765a72258695L,
-        0xda3f33f98f0986abL,0x411807a7aebff503L,0x25c776ca825f71a5L,
-        0xc0de7bedff7df24bL,0xda8b0f42165f1fb4L,0x5f3ff737731f3ae3L,
-        0x4cd1d7e7193e0a52L,0x8df84aa3b6b3ba46L,0xba84b897aa1f3782L,
-        0x6e7960cce7733ac7L,0x4d46d6ab50981a21L,0x1ec12c257cbb80edL,
-        0x79e7ad272b96ef09L },
-      { 0x3cd970dc8f30caaeL,0x85cabcf10a6ebef4L,0x63c1863ec714616dL,
-        0x1c50db0b519e3a98L,0xf39b896364cb13d6L,0xdf67d81f22547b69L,
-        0x7157abb9d67db0ccL,0xccca25ba889491b7L,0xf689207c7a27e0dcL,
-        0x34ae8fbe0fd43281L,0xa5d91f735720ec09L,0xb2f61909cdfd7bedL,
-        0x1ec102324a039e32L,0xd3c3d65edb0d8fdcL,0x32c916c84fe5005dL,
-        0x7f8c37ac4c0bea94L } },
-    /* 92 */
-    { { 0x33ec1e5443ac05e5L,0xda4a4da4cd8d3825L,0x86d88c0b88bf9e2bL,
-        0x34d71dd0b53811dcL,0x655040d2a3c3aba4L,0x2bc40949b61611beL,
-        0x1c2d426e279a4fa0L,0x535a5aa23b065ac3L,0xdaa8a32fc52ea890L,
-        0x5a5deca79fddad22L,0x911f05fd2ab3b26fL,0x5dace7dbf37cd81eL,
-        0x0e0e44e790d16b8cL,0x15e68aede4f5894eL,0xafe04999fc92a74fL,
-        0x1d7703aa970e7c2fL },
-      { 0xa8a4c81d3f0062a9L,0xe31eb2b8d96a20baL,0x66dd98df864bd101L,
-        0xba05f5924413b614L,0x51a67a0de9a555f8L,0xacc2f0972e4b52d1L,
-        0xab5daaec7184ab23L,0xce08b43e7c7f691bL,0x520e530b76c427f4L,
-        0x7d352069e423ebdcL,0x6b5e39e834df14ceL,0x3dcbf295446305acL,
-        0x682cb2e1fe34cdc1L,0xd4ac45d1111f5afbL,0xc5ef63cd47f296f9L,
-        0x0a2c40ec93c20871L } },
-    /* 93 */
-    { { 0x09bc384faf5747dbL,0x3bad6086c06ab86bL,0xa406882e9e7c1547L,
-        0x2d5326d155977abfL,0x063a9a05da81deb0L,0x9a86e4a7524b6111L,
-        0x1402f87a4ab2eb90L,0x7d0721d4d5c600baL,0x1a2fd9a9f289fdbfL,
-        0xf5dce66decde6f07L,0x62171277dab9fa73L,0x6d2dc49f6c474babL,
-        0xdc017e1f76eed033L,0xb97175c04da825d3L,0x6c297e3d54b05e43L,
-        0x2efb454656c9c87eL },
-      { 0xa4712b008b21c064L,0xd186fe424a70629eL,0x6435b3409b74f0afL,
-        0x6965aa437ec9e629L,0xdda14673c4c60d08L,0x0b656670bf3057aaL,
-        0x7f05e8403ce86f60L,0xc05073a904401a16L,0x16b1e638294e607eL,
-        0x2078325269cf7046L,0x2941141be8ce7d3aL,0xd38ad8d37577053dL,
-        0xdba68fb3caa6630dL,0xecbeaff1e9504350L,0x9f5166d51d2d760bL,
-        0x337532ce462891e4L } },
-    /* 94 */
-    { { 0x3f1118533a00bb9bL,0x2d2ffbae45f66685L,0x9ae11a85d4aee24dL,
-        0x18ba1e1b0341856eL,0xa9ac81782731349fL,0xc13dfd4a545715b5L,
-        0xa5f7423c5daad2eaL,0x30a483b9535b76a7L,0x92e9ada4ff873e9bL,
-        0x15662d84723a1055L,0xb935497b8edac4e0L,0x61b6441a39d8fa70L,
-        0x1541d75640d1589fL,0x62994237f0a05f0aL,0xfd8b00346bb28908L,
-        0x192a2b5dd4cd32bfL },
-      { 0x63576628365ced07L,0x029f32fb05de1d1fL,0x6d17b9bcbf40a7aaL,
-        0x1b1b2a089bb50a47L,0x9389abbb795a6278L,0x52cff60fb34fc19bL,
-        0xf3ab9492387d8739L,0xa8f053e66920ccd6L,0x3ef2dd4b63a9b4f0L,
-        0x9ab0ede151e82129L,0xafba0c0b0838bfa1L,0x2bd5a7ac9ffc11beL,
-        0x058bfd9595cc0878L,0x686d48a3f8c2f0c6L,0xc33abaaf1d9b31baL,
-        0x632e22893bc0c268L } },
-    /* 95 */
-    { { 0x1c851d2015a1cccaL,0x4efe290c7e522bc3L,0x0b741d5518eab053L,
-        0xae656197bc85e217L,0xae13141e01cf8b29L,0x2e2cb59366948478L,
-        0xeb57bb0fc31bd8aeL,0xdecef5d6c264e788L,0x6fa856cc9cb96d86L,
-        0x2db16813279183daL,0xf03f3820383d796aL,0x58a456ff1d0c6fedL,
-        0x255898058a6abd9bL,0x339f52c583f96f19L,0xcf6ded8fda7e9ea7L,
-        0x68c3d9c15d1ccd45L },
-      { 0x67e26265e6b392b7L,0xcec1d9bf775d9509L,0xe16abcd4d76514f7L,
-        0xd86f59b20de72e1cL,0xa66e43cd1adfb033L,0xdb34434005e457ccL,
-        0xb67a79165681daa2L,0xc32e7babf0114731L,0x066fe16ed3b1e961L,
-        0x924e298ef63d26e6L,0x9bea0dd8541add6dL,0xef9500df9982f971L,
-        0x5c876e63c5f076acL,0x55e12ae5b23d396bL,0x09efbb362ec6747aL,
-        0x8f2055ee233286a5L } },
-    /* 96 */
-    { { 0x4a4ab9e3b82c1af0L,0xfc65e9e7f2cae264L,0x4feaac0a60187d46L,
-        0x27d3f335e393b363L,0x9c9f7c00819bacceL,0x3f7418b5b8aa6611L,
-        0xffa94557372aae95L,0x937d78048db38589L,0xd10c86df6f1fbc1cL,
-        0x48aebd89a2f0a0ceL,0xae5d5fa2367439ebL,0x103a6a0b3f17d2d8L,
-        0xf233f68a411d9894L,0x7fece8b3218b67a2L,0x0422540f2319bf06L,
-        0x1292c8c9340d322eL },
-      { 0xf5eb55870386463dL,0xd4bbc2b20371d97fL,0x1b3645710b819c5aL,
-        0x0cbb42d6cf04ad41L,0x5d819c7666939ec1L,0x8745ac13a01847e7L,
-        0x4f704b021c7232e4L,0x2c9e58a0acb05780L,0x9523b8b3b561e295L,
-        0x3384df0079f9ba35L,0x78231fc21eaa9628L,0xa2eac54f8aea2b90L,
-        0x8075ed7730d1c263L,0xacb44ed5fb339000L,0x92546ac2f011293aL,
-        0x7c78762beb821764L } },
-    /* 97 */
-    { { 0xb8f7d6fb067902b6L,0xb2823a43d1735980L,0x062cfb1259741dddL,
-        0x6e391b074033f95cL,0x3831d0a368589b8cL,0xe3474d49522290f2L,
-        0x4dab14d6222e1f3aL,0x8f00fcde53f08d39L,0x559917ae707f28f5L,
-        0x166aa0ba068e607cL,0x602713e7d7e1f824L,0x7c2555404d6a328fL,
-        0x0d2e32649890cd2aL,0xf2207944eca0b20aL,0x5c98dc0752f4e09cL,
-        0x69403504d84de81dL },
-      { 0xf8b7b366e5407206L,0x1ecf54cf0d88fa8cL,0x6fefe548f7272e6fL,
-        0xd653137281ab4468L,0x52cb5f0e4e474408L,0x9e426b3a6490737fL,
-        0x2576c19b4980d071L,0x91f346280f272cafL,0x78e60a4f468f31c9L,
-        0x8776a32990844d89L,0x8a55700cb951582bL,0xab1af36514b1adbfL,
-        0x22ebff92fbd343efL,0x32f9fb01b7d81f34L,0xad850e06ba6b30e1L,
-        0x6da9e027bc5f9546L } },
-    /* 98 */
-    { { 0x21eee4c25c9490ceL,0xa96ec4a30df68381L,0xe6c607e0a4a9368eL,
-        0xd8b0492a4bc262f3L,0x0846a210460c34ffL,0xf7ff7a6428df33cdL,
-        0x10c5504421827612L,0x9d25fce9149bcd01L,0x725611cdcfc613dcL,
-        0x159f7e8897f51ce5L,0x3fa3bf314e8c08b5L,0xea15611575e7538fL,
-        0xd1e0a95191c84020L,0x0d2268bacf02ad0aL,0xa04c6ac4058b8e5fL,
-        0x773b40b9b3515912L },
-      { 0x00ff2cdc3631cfd2L,0x14c4c2d3807737bcL,0xd600616a338a5270L,
-        0xd0e3306db32cabdeL,0x336738eaa70b17caL,0xf2f4aa8d79f353eeL,
-        0x712f6ad9576f3ad3L,0xe427985289b2bce0L,0x05d8f94dda92ca30L,
-        0x9891d475d8492dd9L,0x3e06a5ca4d15e4bdL,0x4725d4eb254eabbdL,
-        0x31394acec0ed513cL,0x7e0f9859bbfaae6cL,0xdc125546833fd137L,
-        0x12b46385c56c4f75L } },
-    /* 99 */
-    { { 0x810dbebd932951deL,0x96959d425aa69c94L,0x5fc49c04ecb2f08dL,
-        0xac74f0cc2250b82cL,0x96a439a53aec4e1dL,0xc33cab9a90499acdL,
-        0x2fccde6654d9b3afL,0xf4af285c3863ae8bL,0x2373373e46febf88L,
-        0x751d672c3c9ab7edL,0xc1c51130fe12020cL,0xad82402f52f3e56eL,
-        0x3489ab7aa4a64a81L,0x0a1fb661d9f163f2L,0x17c69be10e553317L,
-        0x61c1935e7d88d417L },
-      { 0x2e722d9b3492ae43L,0x1ef89d950538f05aL,0xae77e588200aab63L,
-        0x2872c120eba4b117L,0x5c2432c83a461cb8L,0x315b3434cb938f26L,
-        0x05bf2ac58c4c7dc0L,0xd2e501dd596b378dL,0xa8506c9fcb890c30L,
-        0x3d0af4617c361f0cL,0x21f7b7185a35cbaeL,0xbd1035f1f3fc0138L,
-        0x74628af58b248edfL,0x8d6421d048c9cae0L,0x75e3da392ca18773L,
-        0x27ad0df271d3db94L } },
-    /* 100 */
-    { { 0x9e3bda79305b5aedL,0x2c67d4a45998d6a7L,0xc855e1d30f7eb700L,
-        0xc18a7e9e147d1c44L,0x3ea99618c89540edL,0xa53be20a7e6bfd20L,
-        0xc9487e64ecc14437L,0x7297920734ef85c6L,0xfa0d4e71d5e1ebd5L,
-        0xfda2b1e64d48d6b6L,0x782a1e0566e200d4L,0x2a3c70da5a5366a1L,
-        0xfe3fbd2b1a473738L,0xd7ef8c067fe020e8L,0xec686fdeeacfb665L,
-        0x5d9b5e276dd1542fL },
-      { 0x3637c5a5cb3e472eL,0x2153d92730a1405eL,0x009992e5b4498558L,
-        0x18f00ccdf39a0851L,0x26237c11b5c6c560L,0x418ed4081343540eL,
-        0xfef7cbf07e7f3184L,0xecd92366bf48576bL,0x1b75be1abc94c91aL,
-        0x8e1778de4a162276L,0xc52e57d3c5c6bcb8L,0x5cc382c75ab71858L,
-        0xe12c2c283f6e39f9L,0x4c7e0ef2d62735fcL,0xe071deb1835a5996L,
-        0x24f891cdcbb8c766L } },
-    /* 101 */
-    { { 0x24ef60bf6778c1e2L,0xff49c03d00d5be5cL,0xec11986e2f01a09fL,
-        0x59a728a4ae096e58L,0xaabbcedb7077984cL,0xfb473bd2870ca5a5L,
-        0x8c928c614de30e3dL,0x3fae7f9a4f67abcaL,0x83c2b2ebec21a9cfL,
-        0xafa70d629cd9b5deL,0xadeaea59c60b18dfL,0xd5fef7be4049b54cL,
-        0xfceebc766dd310e3L,0x7748efe38f6321ccL,0xfe9c32b118ee8af5L,
-        0x863ac3cfd42df612L },
-      { 0x0a36fca7b85a2fe2L,0xf3e70d08ee429dc6L,0x8c9ba209141c3944L,
-        0x306a810667272a0aL,0xe69a1555f968bd06L,0xb86f7e47153c603dL,
-        0x9706614aef56e4faL,0xc0dc36b898780b4cL,0x43657fe23a1d3263L,
-        0x01f97a86435522c9L,0xd91897f6edfef679L,0xebbe31d46daa17a0L,
-        0x6f17910085accfbdL,0xe0da6e328f9fc1deL,0x1c9d53dbe1e7142cL,
-        0x3e3f1b1e8b86725aL } },
-    /* 102 */
-    { { 0xb7ea15c07b7fbf05L,0x992f11b61f1a3882L,0xc9ddd95ad1dcd1bcL,
-        0x31f5b7faad0f7e8bL,0x2936e5ebfca7ab79L,0x30f417dc19a55be6L,
-        0x1f6f4e4343cde554L,0x971f5e6582f044bfL,0x73c3b8e44288c408L,
-        0x61aac59fb807f575L,0xa64ee2dd818b58f0L,0x6f7a0a6097a3b0d3L,
-        0x8b85ecc80394b058L,0x9a059474bfb3517dL,0x89ad5977a79c3f06L,
-        0x81208ed8700a8025L },
-      { 0x1093509914c4ce37L,0xf34bb843a1aa48a6L,0x86007024580d58e8L,
-        0x6db42c49b375b8baL,0xac365524ed3bde83L,0x5521e1b4649233b6L,
-        0xbc7cc5d564dd946fL,0x9c14b035bfb5b6aeL,0x7f22ba180146c1a3L,
-        0x0b62fbbc872214f5L,0x3acfd7f7b4921764L,0x5ff10da1cb4d6df1L,
-        0x660e262062600a91L,0x7ac7da9d81d9167fL,0x6e8e260cb6e7a199L,
-        0x44383fb880deb3c2L } },
-    /* 103 */
-    { { 0xe107f01de44f9af6L,0x36381a4d8cb1fa1cL,0xe65be3ecfb7dd493L,
-        0xd0b8435a26a8839fL,0xee60f9153ec789d8L,0xe25fea502bcc5e1fL,
-        0x0477c0c57e44a81cL,0x349e9f83230ba5b8L,0xdd42f32fde180dd9L,
-        0x8b039eaf64a3d11cL,0x80ef884ebeb7083aL,0x288e60c4f12742cbL,
-        0x44156cc5720a0262L,0xcd547de67253b77fL,0x9829a6eca6013a59L,
-        0x8aee708f0d548445L },
-      { 0x18f22d9c32c54409L,0xa9ebfa4675ebaac4L,0x90e2e92886284981L,
-        0xd0201f6f6b3a8e0cL,0xc973016cbd77641eL,0xf926f2f070170575L,
-        0x4984048ffec0ce01L,0xbf696211f319d304L,0x74b5c844c91a88c4L,
-        0x4c40fbcee0030a82L,0xbed67525e4f6d521L,0xaf7e47cc29d67d1eL,
-        0xfa307db8c21d3536L,0x56b6c46abbb29405L,0xf059a7e3033e805fL,
-        0x970f61fe6096a5a0L } },
-    /* 104 */
-    { { 0x1bc53d231bec8e4aL,0x8809ac1435a6034cL,0x4ee081da509e464dL,
-        0x496ae1fd8a488235L,0xa1ae9863325864b6L,0xbaca13e974cd069fL,
-        0x3738cc58b1d8a6b4L,0x5fa71f58e76b9da4L,0xc919be88c7eb16fbL,
-        0xf5c8f13fad4e429dL,0x4583b6712499f9edL,0xbce20115a10d8bd7L,
-        0xf66d76055790bb7eL,0x9316aede482b78ddL,0xe0d8fb2d75f855faL,
-        0x404b5b945a7dcca7L },
-      { 0xf9ee682a517a15c7L,0xaae4cfbcef880202L,0xcee2c1395106a354L,
-        0x5de60192170febe7L,0x589e39fd73d0c54bL,0x195c71358c9092b7L,
-        0xcb7ed53f0a7bfe5fL,0x2bd9242af61cc979L,0x8d2ef16c5395f7d9L,
-        0x0d4ac1ca70b32f09L,0xa587526d52d185c1L,0x2932b04a942d6195L,
-        0xfe25a979a500b0acL,0x5fa1f4ae562fd230L,0x60f55af220da253cL,
-        0x7faa11b583146002L } },
-    /* 105 */
-    { { 0xb0ba4f0c6e402149L,0x3584cc1d963cc119L,0x7740dc1aa6527476L,
-        0x3f77ff75c95715f2L,0xb2f234ad3f89fb0eL,0x55159032ef9be3ffL,
-        0xfc9fb21d04237e82L,0xeb2eff38a153ed93L,0x89d53ae010041d13L,
-        0xcf2e545b7f1bd828L,0xdd4a27ce43953ea5L,0x00d2e5d4d85e75c8L,
-        0xeb93ed62241be1c3L,0x1e53f25f0242032dL,0xb9957636c3a4e701L,
-        0x14b63a52ed98febfL },
-      { 0x7610b55371c43336L,0x19dfd4a623a4824bL,0x7b97a2e00286051bL,
-        0x86abbb9c8f5f1edbL,0x67a57d779b67daadL,0x8ace506dcd5ffafbL,
-        0x85da9f9589ac3c63L,0x081cbaa875a3d150L,0x03353d8fe9346ed2L,
-        0xb2ab61f1a1f9a02dL,0xb0cb09373a659c71L,0xb7e0e30b4f5df8a1L,
-        0x77c4c741eb7d5a1dL,0x8f046c9c728e5cf0L,0x32dd0bc7f7c171acL,
-        0x02485873836d2655L } },
-    /* 106 */
-    { { 0xcd40dd2375a4cd8dL,0x132ca43397bcba78L,0x30c5cd84258d61f5L,
-        0x0a7ec059da1e8e68L,0x07a8f1711d65d40aL,0x869e655ef4350d76L,
-        0xb98ce6f05983ae42L,0x7b61391d9d8bebd0L,0x3a529e25b1ba5d49L,
-        0x46f732e91f6b2cf6L,0xbd66ec6a3fa3b629L,0x397950ecc3ef0ed2L,
-        0xee9008cb5f08b476L,0xfd6be425965a0e2eL,0x78ed513c1177bc87L,
-        0x6798cedffe512daeL },
-      { 0x49e3f8fd1b97c5c6L,0x39fbab3e78c3b33fL,0x4427441240f595baL,
-        0x174225b95d7d4376L,0x880b3fcc79c44777L,0xdc3aca833296b245L,
-        0x55913df71734e184L,0xa4db23d39c934472L,0xcebb3733d1420a11L,
-        0xb9d20cf9f3608bdcL,0xa618acf630cfe13fL,0x75f06b315f30874cL,
-        0x506efe7f9f0005a5L,0x8aaea78c01bfc9dbL,0xf9179255f78e7c41L,
-        0x3ea7aed252e96395L } },
-    /* 107 */
-    { { 0x98617e045b06ae25L,0xbcac148dcb5750efL,0x91ea2f0e604c2ba2L,
-        0x00c19f6b76b78975L,0x79b9b6d0651da181L,0xf3225bebc945705bL,
-        0x30b435f35c005bf1L,0x440b4482bc24d86dL,0x2b8f0996d6373777L,
-        0x65fd6c561c44b4dcL,0xe9405ee630906999L,0x19ff092408aa1ec1L,
-        0xeef3246a3d2f2895L,0x016c3765bc746797L,0x62d2569fd0705f7eL,
-        0x6a8ad39c05250044L },
-      { 0xe45f020d46be7282L,0x9405afed21380f12L,0x4cdca5bdd5da6ad0L,
-        0xc2d6f1847f8be61eL,0x20132953596b8178L,0x8d3b1e7b7a8df954L,
-        0x757c61bb39572b4dL,0xd749b57b80cc3b56L,0x9590ff9337b3ffecL,
-        0x39bbb653145dc94dL,0x70c1c6062335e573L,0x9c2e72d7f763febaL,
-        0x4768e424cc61b732L,0x777d2fa6aa73f2caL,0xdee4dbaac5cb58cdL,
-        0x1a1811799cfae1aaL } },
-    /* 108 */
-    { { 0x6f6ff62f77575ed0L,0x18f14fa97d1da99bL,0x2e72aefb69efd7f6L,
-        0xc45ab4cbddc28633L,0xb0e20d48586c5834L,0xd397011a39775dd8L,
-        0x0130c808f4134498L,0x2d408ebaf5115ed8L,0xc506a05c0260ded9L,
-        0x9e5b736219cab911L,0x4cf508c6e8693a86L,0x4e71245fcc773617L,
-        0x2f71aa1f95d89ca3L,0x4bba7c6a607bbc98L,0xf3a515e7212b7fd2L,
-        0x7d2ddc759230f5a8L },
-      { 0x3d05816d4ed2cae8L,0x4cf6bc7db9c00377L,0xc23e98e6646b08d4L,
-        0xf9ee6c614b9c0180L,0xe11c9a13ef9179c1L,0xa5b6147e8ed9688aL,
-        0x7afeb648d06670a7L,0xd670333c17685275L,0xa89dd96975f9e8f2L,
-        0xbb57228d37a68adeL,0x21a05d5e454cb186L,0x4810158f063dd550L,
-        0x92dd4f084cb6caf3L,0x70c4d8527854abe7L,0x845969dc6e729d76L,
-        0x5a52f87ab1bf40baL } },
-    /* 109 */
-    { { 0xed019e9109ecacbdL,0x6544023d7b89bdeaL,0x7cc51f0b5707371eL,
-        0x14832b0416c8e217L,0xb1aa668281259ab5L,0x6e100f9223e361d4L,
-        0xe593eee9e3a95c2aL,0x699b6bbd16c10e26L,0xad4878739473a13fL,
-        0xf1c14dc5b274987cL,0x57dc00752559e2e9L,0x8449849dc3d47ad2L,
-        0x83df278add527793L,0x770e3ec8eefd5b99L,0x2ae5844676bd02a0L,
-        0x17f027643e705ffeL },
-      { 0xdda4010d29abea1fL,0x636b96952407ac4cL,0x96a601290433218bL,
-        0xf221fc3b163d534aL,0x05ba15beccc20565L,0x1238e54d96285577L,
-        0x1b144257878804d3L,0x96fbf304a89a9fe4L,0xc8a7f06c4be642b1L,
-        0xdd1a20e86e2b085eL,0x8f7f27c2ff4a591dL,0xc17b0753a4a343b8L,
-        0x684b1e88bb173d4dL,0x3accea443dc07bbeL,0xdb15c88d4c441d77L,
-        0x0ef0309a53e5957eL } },
-    /* 110 */
-    { { 0x4fc25721fa8e5b60L,0x646938ad691c0bb2L,0xe46d4b760b0a2248L,
-        0x863f9ac27de16877L,0x503bb6ef2721c630L,0xf8c199df0b67fb02L,
-        0x78c1ed72e07abd39L,0xcf9deb7bb32f0ddaL,0xaff726f06c3c89f3L,
-        0xb7008b2d1972225aL,0x8f5a61174f145f5cL,0x4e0e6f8c457c4f37L,
-        0x8bbdaa441c453c64L,0x57be326da6e92c80L,0xa9bc3fd95d773561L,
-        0x3d3b6cc6bb37b72aL },
-      { 0x6e6f12cc9722c880L,0x3a1b6ae7286b6889L,0xba1cc09bad2fafecL,
-        0xad64ad7a43bb8befL,0xa5af6a0097c3f4c3L,0x2afcb0d9c353a91bL,
-        0xca13fcab69ccbf6bL,0x699a1391f2abc190L,0x2dbd554223a247e5L,
-        0xe206180f95488d9aL,0xba9e7bff1244cc3cL,0x29297abe87d3a365L,
-        0x4054fa38fa4ca5e2L,0xb390623d67be1b6cL,0x1fa67c5778f41a44L,
-        0x2e946e43c7b544e7L } },
-    /* 111 */
-    { { 0x2980fddfc60934aeL,0x2c3e7eff164206d1L,0xf75e7f96416ed75aL,
-        0xfac60cf35cd0b2dcL,0xddc4bece1faad87bL,0x753fa87c9849e5ddL,
-        0xc5d516a32c1bf1aeL,0x565dbea814732b4bL,0x007ebe3ace48696bL,
-        0x40ca74d6cdb97694L,0x3f5cd27065e4e7beL,0x74847c013aac4ebcL,
-        0x6762e03443d6c3a1L,0x690d8c95467a076aL,0x768d78d61eda677dL,
-        0x0997ce550181d8c2L },
-      { 0x9297746c965a0b81L,0x48b58be6e5e12dfaL,0x5573b3c4715f437fL,
-        0xe425e907b565c459L,0x4f43f5121582797cL,0xe5dafa6f8ea5474fL,
-        0x2aeb8fbe13de04acL,0xed7f95f0e8a07c83L,0x3e012a6e662c09feL,
-        0xbf96e9b8c742cf17L,0x8ea5759ae28a1c45L,0x475941b45cf4e2f3L,
-        0x7dd3c02df901a019L,0xe7a4deea70916b2eL,0x50b272b52fa9b988L,
-        0x96f9f09fd0917fe6L } },
-    /* 112 */
-    { { 0x78e8aac42c310a96L,0x32a98303f7a2a734L,0xc46ca83d23962207L,
-        0xad131e6ed9541280L,0x5791fc5e2cabe911L,0x50cb77eb841b6c68L,
-        0xaff93dea3d3c8878L,0x06541f1df1007bceL,0x4ee729c255cdf1fdL,
-        0xe0f71317323e3972L,0xa2de7a41ad4d08c1L,0xa9912abfa35e22bfL,
-        0xa050122b89b03325L,0x8b9e51f406514d4eL,0x423c7aad79d3e0abL,
-        0x71998e2640b8fea5L },
-      { 0x40140fcdceb6ed78L,0x653cf37718534516L,0x0450b65ae8d60dccL,
-        0xce6c1a769dac55f8L,0x8a96a92dae05686cL,0x2fe4476212712562L,
-        0x747bcb50a4f39425L,0xf0ec6ff2fc531fc2L,0xc97c344710fe9ff0L,
-        0xfb4887839c792cffL,0x552c5248026fb019L,0x4001a29cd804c290L,
-        0x742b5ad835c8ca73L,0xc3781f176ee5dfa0L,0xca6b85f03dfa4ab1L,
-        0x8389941a0b0d32acL } },
-    /* 113 */
-    { { 0xc0f062a2de067dffL,0xd4f32690bcb80162L,0x98cd990d0707a2bdL,
-        0x5afc63b8fae4a391L,0x684f1b7bb32ad814L,0xb0a2dce2f199dfb1L,
-        0x2260e17f48f25848L,0x7393db00c2d5e862L,0x9e88f854338cf171L,
-        0x0067942902acf522L,0x19157cb86835af3dL,0x2faa6f92b8a2614cL,
-        0x04ff95f5134ec46cL,0xcf00626efb7a8135L,0x454b3d05b37a4704L,
-        0x1fbfda312694ec25L },
-      { 0xfdebb657c8f69c77L,0x92a8278ba3df88faL,0x463b5571c1fb78b4L,
-        0xd2066a1a11c71a33L,0x10c88143089958b0L,0xb975c7e0cf9d67a6L,
-        0xdaa5d20873037b8fL,0x5ee5005d40bf5861L,0x300e6ce77dba69a9L,
-        0x893c3cb3c962cc74L,0x0ac986294cf84055L,0x0a7ef63a225c9d70L,
-        0xfe184869b91e47e8L,0x1b9d7deb8c2f84beL,0x67788915c0e278bfL,
-        0x4f9488cac426f19eL } },
-    /* 114 */
-    { { 0x610dfcd4dd51b8ceL,0x0857927836230e80L,0xedc7ff1c36599562L,
-        0x905ead4be2cae877L,0xa1c325d9e7967608L,0x3e39edddbd38926cL,
-        0xda92c8685f6f0a4eL,0xe16f800af47a0fa4L,0x50b4db5be5f60aabL,
-        0x3665412f983853d3L,0x64b622509b79789cL,0xea5600584e0e72b2L,
-        0xabbd4901e555c2bbL,0x378419a717292e11L,0x6e0b5aaae174218fL,
-        0x688e06848f796b92L },
-      { 0xcdfef641313b8f64L,0xaef11b7b942c7462L,0x067cfb775c0d8abdL,
-        0x608ea5f0af4041a9L,0x23d5bd826935210fL,0x5ab904fc27917a08L,
-        0x85dbb1fe45d22d21L,0xc3d5e5094d36159fL,0xaebb528e1d39b8f2L,
-        0xdd5ca828f44acef0L,0x24209adf20c57a54L,0x5742b43378f95f44L,
-        0xd11fa7d9a9337d37L,0xd66a0c09c64cfdb7L,0x56e55b8f9bb817ecL,
-        0x1723c7e3e4c41265L } },
-    /* 115 */
-    { { 0x9a6486d8dc8b43f3L,0xfc3e0e6126409e68L,0x1889c437d9b46003L,
-        0x3a8503356284ec7bL,0x5a3665c46a9dbaeaL,0x7bf6941de978933cL,
-        0x1ed5a51069341490L,0x664a7b7a8cb8002dL,0x603f76e460ed0a59L,
-        0xc3e06ba31f4ebf27L,0x296ced41f2c38a7fL,0x2ac18f79cf1db08aL,
-        0xc919e882cde7a3b6L,0x15e77d29dbf68b06L,0x21978baa4e947cb5L,
-        0x84bf542b7630993aL },
-      { 0xc1decda9e364f21eL,0x0d6cf345012e557eL,0xba246848588f90e1L,
-        0x9f6dda4be3b104b8L,0x6bf7a346e3aef57aL,0x210299fee8327ea9L,
-        0xaa99f487da95e6c7L,0x24ff813ed2cdf645L,0xd1dbb2d28bd414b8L,
-        0x065101afcafa1a61L,0x7d9f4b9a9cdebda4L,0xaf41b395e41039e4L,
-        0xe3e9e6bac50adf42L,0x4f2133ae341e9e49L,0x4968c0f3cb157f23L,
-        0x383f827bda068153L } },
-    /* 116 */
-    { { 0x2ec46a216583ff4cL,0x4e645a294ad709e7L,0xdc66e9cfc04ca12aL,
-        0x82f128f49160a7e5L,0xbfb227b1569c762eL,0xf80c7963c2edb8e7L,
-        0xa7dafe0649a0f688L,0xb7e417542d14b8ccL,0x3a0c5c5386de40beL,
-        0xf0d052861db79331L,0xb902ce69fbfe071bL,0x61e46956210e9903L,
-        0xfaef874ef703ebb8L,0xf668947edd5f78b6L,0x6fe865475af5ea3aL,
-        0x3b121f1543f94625L },
-      { 0x5b26e847659275e9L,0x47581cfd6d0fce50L,0x55f5cbfd8aa3f1efL,
-        0x1e7be315e484e60eL,0xd8f1a20ffe9698e4L,0x25d46da97ab04784L,
-        0xa526db75834cdb3eL,0x1fd408d98d08a009L,0xfc004b205b5ca816L,
-        0x5b3e3bb365e4bbe8L,0xf50cc125759bb6efL,0xf05fa817c2fac737L,
-        0x9ee102d2d273951aL,0x2a8e540bfecb3367L,0x673446fb2a6a515fL,
-        0x5505e1d137290c83L } },
-    /* 117 */
-    { { 0x0c3014a1d15e68a6L,0x6f9f0b2664dd35e5L,0x18c3742d03ad67f9L,
-        0x74818c0ed2c14484L,0xc51811690d41a3cbL,0x65c8c83fc49f3e9eL,
-        0x9b260c612c279386L,0xf6086faeced04e9cL,0xa7b2ccebfd7c4758L,
-        0x4b3c313390297fd8L,0xca8264e809701ac8L,0x9f976a87508b3762L,
-        0x5d582714983a8dfeL,0x350d2669d9d598e9L,0x85cb89cb0f6fd348L,
-        0x617d80d4a574317cL },
-      { 0x4cef267e70022b67L,0x80536bb53768b94aL,0x3153a566d2784462L,
-        0x49054d4438243919L,0x8d11e1725df78c4aL,0x9b252a71d5a1e35aL,
-        0x07866c808171e31dL,0x0a8501db1b38a00eL,0x2ed932b8ce770236L,
-        0xa2d776098edaf7d0L,0x3aee5dabb93006e9L,0xfaffc8c4bbfeb036L,
-        0x077b96784e21b38bL,0x491fc59fdca8e069L,0x3f624f550e938471L,
-        0x5156f5087cd1780bL } },
-    /* 118 */
-    { { 0x58234e220206e8d0L,0xf5f6f5d47f15af32L,0xafab7289d638950fL,
-        0x66ec4d097d4495f4L,0xad890c5d68da80a9L,0xe4aa092064f8a36bL,
-        0x799e257e0f4d5c5fL,0x44c677ae24495e31L,0x720387b3a5b8e352L,
-        0x703790f475a287b9L,0x54895cc5c3c1f2f7L,0xb8680f9b41a7fa41L,
-        0xfcd47458b00b008bL,0x149cc838ba6473cbL,0x78ed5f7aac9be19aL,
-        0x5254599cb33765baL },
-      { 0x08739679a21b54c4L,0x029ece2ab6497d9dL,0xf14f1a92c8488640L,
-        0xae48dcffe9fa79d9L,0x14b911c246c208dbL,0x5ab0fbf2dae3f69eL,
-        0x180ac87ed1edb838L,0x146fd718188586bbL,0x210eb6545467cbd0L,
-        0xaa2394081667cfeeL,0xdb125c1ab73d1a60L,0xde685300881c1cbeL,
-        0xfe34c71337c30232L,0xc6c6070e6f3c8d18L,0x07e365bab4af4e83L,
-        0x22f0a7eddcf82b45L } },
-    /* 119 */
-    { { 0xe262791fea7f1b7fL,0x9c3d8c5ddcff09d4L,0x86c2a9c339c7dc58L,
-        0x4dad40174276e8c0L,0x0a918f59e9fe1d56L,0xb8d796702aa810c9L,
-        0xeb7a88364aa5cdc4L,0xfc4c23bbe7afa72eL,0x4dbb5c9e4ac86908L,
-        0x37e390136a0c7e6fL,0x855d700149c218d2L,0xe475bc6794b324a2L,
-        0xc98a8dc66287a071L,0x395a299b5fb4323cL,0xe186c3ee0c0389e9L,
-        0x79f81e6f16734c46L },
-      { 0x83f2c1f3364f3c4eL,0x536b2ac51367e14bL,0x44a6dcfc5933e43dL,
-        0x34e5947510d961feL,0x08234ece7e3f2aaeL,0xcb92e00abdea7f25L,
-        0x1efba4f0a791a124L,0xc2086fd21192d53aL,0xfec0d0fcb51c8af6L,
-        0x48d1b2cadc0f1b5fL,0xb07a388f812dbe19L,0x40873a6adedbdd45L,
-        0xbc2a1268d702589aL,0xbbf6e3a817e27b64L,0x73ee56636d386e85L,
-        0x442ecd379de7c000L } },
-    /* 120 */
-    { { 0xb4cd1ae68a2f90a6L,0xf277d41d6f5ad0ccL,0x6a3828c4401d4b8eL,
-        0xe817a134d8376631L,0x142b758df5e1124bL,0x25fbc69dfd6b95e4L,
-        0xa30c9f5fd74a9e3eL,0x5ac0f163d89663ceL,0x32a9eef70ce6386dL,
-        0x7a690ea5d8ed5544L,0x5de23ff09889427aL,0x75ad36a5eaaced58L,
-        0x3514a6c1d3e18465L,0x3d9162c37f093910L,0x5c10add9e33d56e8L,
-        0x85176b7306aa691eL },
-      { 0xa32110fa28a21e38L,0x97b6379d5773d538L,0xd3697bbf2d020dc4L,
-        0x59177593961833cdL,0x6d7045fae5fa8516L,0x3390f29a786ab5d2L,
-        0xac0bda30dc4f5b70L,0xcca0240adcc615c6L,0x8e1f1702c5146d91L,
-        0xceb472d0a72cef87L,0x848407080b669ba1L,0x79b08f9d7e61aa0aL,
-        0x388160be4669560bL,0x23935c2d948eb71eL,0xd7fd83c09431590cL,
-        0x8ab154bb6e5768b3L } },
-    /* 121 */
-    { { 0x28686003353c4a96L,0x4e5c60e8905cd835L,0xbd5913648f66f8ccL,
-        0xb6b80b989faccf9eL,0xbc1c1faee32639e5L,0x2f6396d2278aadebL,
-        0x00a796d01898202dL,0x18ab548f3a474835L,0xacd056c3b31b0e3eL,
-        0x15ba68dd0164512dL,0x203836d94b03f3bcL,0xd64eca6bd8f206c5L,
-        0x931a361e9f1779b6L,0xd82690fc52ab34a8L,0x342bb8e092922e22L,
-        0x1bfcdd84e00b02a9L },
-      { 0x310b9a4375a365d9L,0xd4ade15e08d8fb03L,0x9c9753d7d742df83L,
-        0xcf7309d4de318742L,0x1228e2123360ace0L,0x1043d238f7669643L,
-        0xfc2adbedf90f5a53L,0x41d64cb77b5f9397L,0x5200b30ac446d010L,
-        0xc3c8642d231720feL,0xfcc0122db9aa2075L,0x856e3b12041eae47L,
-        0x4586445568c876a4L,0x1a1c7842233606b1L,0x9b766d1f227757bfL,
-        0x25b78a3bf7b9d4f1L } },
-    /* 122 */
-    { { 0x90835718156707ceL,0x9bdc23984314f90aL,0x017c885a8be57dbdL,
-        0xd4bba225ad63a4b8L,0x5ce71b8615aacffdL,0x5f26647572954722L,
-        0x0a80f1f74f0ad3ddL,0x010538a3fc352ed7L,0xf8a640454203c6caL,
-        0x2b2c7a88330c73b4L,0xb3433ee602dcac1bL,0x2e0499cfed2b17c7L,
-        0x9f8681a4bd6329c7L,0x3897994636fadc37L,0xdc5650c892b7895bL,
-        0x70ab957065a51cf0L },
-      { 0x46778ec47b585d93L,0xca6d3610a633fe4eL,0x21da154e4ea0311aL,
-        0xaf22190bbd64002fL,0x9e633ac7d91cb7a9L,0xed13c31fee6837d7L,
-        0xda4a07d71616ee8aL,0xd78a27323afcd616L,0xc06696e5ba14d694L,
-        0x733754d74df58420L,0xe85e504e2778e3c9L,0x3055aa0c55b5a5c2L,
-        0x313df5388a3acb5cL,0x5896acb52a088edaL,0xfc8842a084c85ddeL,
-        0x5fec9f7951dde6beL } },
-    /* 123 */
-    { { 0x5ebc2c7cfe519f99L,0xe396bd80e5410353L,0xaded94028a3988f3L,
-        0x1c03b735d601bda1L,0xfd30203614ce64acL,0x5837ebe901240290L,
-        0xcaaea1a3a554097dL,0xdce73d25b0b88139L,0x35ed412becb090b9L,
-        0x99029ff7d63dab3cL,0x555437d9062db071L,0x277d2f5642a4c11dL,
-        0x477fa64524fc9109L,0x7b12e9b72799254dL,0x7ad2ae22d84c618cL,
-        0x0a8d5663ce8ed195L },
-      { 0x43ac51630a21fde1L,0xcfcf5dd66903d849L,0x6d2499ee5fdd6281L,
-        0x4dedc6f077a49a34L,0x46bda2c02875c06fL,0xd0e0e0f6347b8046L,
-        0x1058169b5e67836fL,0xc961912ade8a8042L,0xdf3fea0aa93b3d32L,
-        0x9f138edb0c576bc5L,0x7971ad6ed8d37e47L,0xeab85739cce5e7cbL,
-        0x88a4b4341d202b40L,0x5d842557e3a1fd26L,0x872fabd5b3a86f91L,
-        0x95b934936aa4629fL } },
-    /* 124 */
-    { { 0x9998a70199f951deL,0x8fade596f058db45L,0x4d479c1ef3d03dd3L,
-        0x6e928d5d33b141d3L,0x9a465800acfe8a40L,0xd108ad2fc1cefa3dL,
-        0x64b96921e013726eL,0xb9b6a6b68e83bb9fL,0x29f1e6dc1242e544L,
-        0xd3f8f6762f65966bL,0xa34dd0965e105b41L,0xd4e9139a16011e1cL,
-        0xeea4dc682515541bL,0x6f8030acc822166dL,0xbdc7ae1d31d16124L,
-        0x2e25ef51621afa7dL },
-      { 0x2533cf8fdd8e7357L,0x333ba218eaceddb8L,0x68e3e31d0784d2acL,
-        0x1c927f36f2804ae2L,0x01433d2277e7ad7eL,0x0b401cf0587f78a0L,
-        0x9dfcf036aa0027aeL,0xc9e46c8b1d9a46b5L,0xaa6de4861f288d32L,
-        0xdd56da2f1b8a043dL,0x346230e5f2d0bb56L,0x19f0b6e419defb56L,
-        0x55ec37cd21d2c874L,0x3dbf0397b70e45b3L,0xf0862a8dac7ce852L,
-        0x87979ea7e141f3d6L } },
-    /* 125 */
-    { { 0x9b7e7b3f7f1c747fL,0x151a4c1dc6e63369L,0x4273ff70b372dba0L,
-        0xca6d2234d3ee54feL,0x12fc8e0cd33cae0fL,0x273285385dd6f10cL,
-        0xc86f3fbdf01a9cf9L,0x5322677fe36cae91L,0x39a700332fefea44L,
-        0x2c9ca328ce8af217L,0xc0256776f6a731f4L,0xc687b3df66a96813L,
-        0x194aab128db2eda8L,0xde30dc5aeec4febdL,0xc052236a979241b2L,
-        0x3ec98802c23d4c16L },
-      { 0x0f9e760c4072f74dL,0xe78eb0deab594059L,0xdb3dea40c9b009c2L,
-        0x47e875f038b59ae5L,0xf40eb4362b4daa06L,0x9a6a4f92090f3788L,
-        0xefebe9afedbfaf8bL,0xf87f96a59867e256L,0x1e6fed2375ab6aebL,
-        0x17f2782a3fdb13cbL,0x5102c71e70fa2621L,0x5d2b06ecfd4c0dbeL,
-        0x537cc26830347297L,0x8dbf5e2b2b67e780L,0x2f633f3aba25da32L,
-        0x3e9315e8efaec914L } },
-    /* 126 */
-    { { 0x9255cfa5239a9ea9L,0x20f3c6900be33a62L,0x759eeb4b9cb642bdL,
-        0x3316c54600bae718L,0x874a76d5f3410f84L,0x123b502e90f129b6L,
-        0xadc8f9a812851f1cL,0xf57b764a1b62408cL,0x116ec01f1a80777bL,
-        0x746ecef21f0ddc5cL,0x3c49d47ce5a6a5a7L,0x1e15dbe706e955baL,
-        0x629c0c79b45d79b0L,0x11278308778d1087L,0x22585dc78c6a22d7L,
-        0x2ed02a0d0a682791L },
-      { 0x530434164daa2682L,0x0e26d32b01359625L,0x449c834abd867097L,
-        0x11a19d2bee77ae2eL,0x39bd529a3af6c169L,0x36cca5c05cd61054L,
-        0x6370a59bdc6c0fe1L,0xca420d27b93d5135L,0xd8730d45554c451aL,
-        0xebd258c996cdebf2L,0x0cb1b990a50f9a05L,0x69a8c97a7b0f0151L,
-        0x2cc36d3411d217e1L,0xf117688a752f75e8L,0x1db01394a09b2a61L,
-        0x14627844a9efd7ddL } },
-    /* 127 */
-    { { 0x6bca3aed232803cfL,0xc1e4398b9a96ff34L,0xcaf6757f74ab788bL,
-        0xc3a53e007e68c04dL,0x5f969c195cb7cd20L,0xf28b65a6dc068bcaL,
-        0xe3ca01d31d863032L,0x9b733b8187808e14L,0xb5d704d9efe618beL,
-        0x276f3542b01b946dL,0xe057e19efbedddbfL,0x7d182f2b903275ceL,
-        0x3cdc5f77880f7bc6L,0xd6f03d3f78476c14L,0x035f5557a9ba5072L,
-        0x7acb57b6b4029628L },
-      { 0xd241356944e6b07cL,0x451c4cc9e1c7345dL,0x407444d8e273b9fbL,
-        0xfe496079b88e34fcL,0x77d184cff152776dL,0x6d1033b9c742299cL,
-        0x29a0a68477bf2897L,0x59ffdf10ee8f0420L,0x4e17146c44bb56d6L,
-        0x831d06c2fb9ae855L,0xb2cb82dbd93e7cd5L,0x83381c463c96b607L,
-        0x06aed2517549e2a8L,0xef97891c774a21d4L,0xae9807c78675fbddL,
-        0x6a5a05b96363516cL } },
-    /* 128 */
-    { { 0x92e71ea66a8f4f33L,0xf2fc6fc64dea8f4aL,0xd356252cfee88461L,
-        0x59b0a83e08954d08L,0x5bd68c23468ab766L,0x40281357900f8d04L,
-        0x181c19c052b867aeL,0x986a516918764c41L,0xcb01dfae13575d24L,
-        0x17269ae5593677b7L,0xf6d1702546dc9b19L,0x8de68499c40097c8L,
-        0x76df0032259c407bL,0x4091aad917d29d8bL,0xa7f46d214a7ab5f6L,
-        0x688054b470ece48cL },
-      { 0xf0d168aa51a5b86cL,0x2437e4d895777247L,0xae844076f1720329L,
-        0x0a7ac87d9647a54eL,0x1e597a4b0405622cL,0xedefe5c6f0a79f2fL,
-        0xaf3ef0c24d55156dL,0x917fb04eef047cf6L,0x3792799f54b62137L,
-        0x875ea32f314be0b8L,0xe157c65b0c466b0cL,0xd28c90ce7e218978L,
-        0xb90fc3bacde587afL,0xdd32d71c8b877bedL,0x3b432200ca8e10cdL,
-        0x0021f419d94f6e53L } },
-    /* 129 */
-    { { 0x2191122c43519d26L,0xbdafac1d40a51845L,0xcc6f71e9548bb89fL,
-        0x9ef3375c16844bf9L,0xe7789f79178e8d55L,0x04f599b61f8be1c5L,
-        0x8088c99a2cbbde40L,0x8939a260893206c9L,0xa1ae4bfffcd30851L,
-        0x664cb3fee08feafeL,0x61f38099ff14aabcL,0x0d8394cc2a841ef9L,
-        0x75fad8ad17f01db6L,0x6fc345766debb773L,0x1e716b05a4252512L,
-        0x7985588029e1ed9fL },
-      { 0xa2cb3aaa95106473L,0x95fafa415a61da04L,0xfd3c9362539563c0L,
-        0xbaa4809195312b87L,0x6c7e7582bf885c76L,0x70f6dab6230c78d5L,
-        0x8ce3051c7747440dL,0x6dbebd14ffdb6186L,0xb0e041fa190e4096L,
-        0xba10c4666ee62e2aL,0x93d57e2a74f333d6L,0x006aadc4fe7b9b66L,
-        0xfaf72f6c06d2837dL,0x318cc5e6910741eaL,0x9c50260965692477L,
-        0x95d823c31d0fb08dL } },
-    /* 130 */
-    { { 0x6aeebd86140528a5L,0xf268c2ba53979bc8L,0xb1bc9b8a4ec144abL,
-        0x1efabb0d82a7d7edL,0xf12c70d14e0118d8L,0x31607168a1c1558eL,
-        0x33e428b7e4b7e73eL,0x6317663783aec9ddL,0x5172ffbee12ac35cL,
-        0x37df0bfbbc17b2a4L,0x4212f870741f812aL,0x3dcecbdbe2888f9cL,
-        0xa9dc15aa756ca55dL,0xf31918ecb9028e41L,0x7ede02856aeadb03L,
-        0x0e2708d578654f54L },
-      { 0x2270cc53cde20f88L,0x9338272c5f5b1039L,0x5042e19e5dcb1dbfL,
-        0x4b3de219b72d74c1L,0x16c49a8b2aaaaa55L,0x008443e5bba86ba6L,
-        0xee6bcd7220cf1695L,0x59ffac6ba89abd11L,0x2831217bf115639dL,
-        0xe4d28af2f34cba52L,0xf27f03e70727a906L,0x6842c79f69017766L,
-        0xcb3469bd7a81123eL,0x48c0f346a42973b8L,0xfc5784a623990dbdL,
-        0x0d3dab3bfb299678L } },
-    /* 131 */
-    { { 0x8f8376e6ce29c3ccL,0xcb0507ecf016cbc6L,0xdebff9965e394ce1L,
-        0x24fc526f73c50d41L,0x4edd5a542d16ce3dL,0xbb37bdd991c13141L,
-        0xe3442ef2e33a8606L,0x2ae90337c0629da8L,0x57faec64592ab331L,
-        0x1a938997d82b857bL,0xad6c8cb9a3373176L,0x82595de29086751fL,
-        0xa81e97fb18c17196L,0xe4f48a13bf697357L,0xa1387c2e5cb89f69L,
-        0x530b4eeb5874b426L },
-      { 0xe9f275a1bab7b5aeL,0xbb69dc4d03a57bf4L,0xc974dc4aa45c505bL,
-        0x726369f3416ac402L,0x735e4e78aed985dcL,0x0548d879cdd446a1L,
-        0x84ceb0699e16b02aL,0xf73f6fa4789b11a6L,0x6aa0c41fb2a4e784L,
-        0xb1f7690293a9b697L,0x814cce00f03a8ab2L,0x64cb255b844d66c1L,
-        0xb794e7d630952201L,0xe052d4e43da32271L,0x5278b2e708b6a4d9L,
-        0x9094255280c6577fL } },
-    /* 132 */
-    { { 0xd269a14d0d5b4c2fL,0x2b8fc59b5c8a649cL,0x95becb3ab0e37d4aL,
-        0xfda1a7689111037eL,0x5810e05a94e35322L,0xa24dcc12a178fafcL,
-        0x5c2c63b28e3dce62L,0x995c3f179452c444L,0x35330ec342d45161L,
-        0xa025a60ab4ef8129L,0x854932528bae9c13L,0x25d1a606e2e3caf8L,
-        0xd44091ab3649bf47L,0xc7d0afbf704ec5f1L,0x27bd1d62bd8b3333L,
-        0x50570111cfe616f5L },
-      { 0xd0084acef534356bL,0x9df1de054b4b0fbcL,0x021afe05cee04dc1L,
-        0x64bde688361b78e1L,0xa324fcc7ef78d38bL,0xfeb372ceeb0a5e4eL,
-        0xef04fcb365811996L,0x7dce5d505eb0ab4eL,0x1e29b588238c586eL,
-        0xde5e3197bcd80037L,0x8bf5e4514806b9cfL,0x4330968bd18e67abL,
-        0x26a7d04ef9f63fadL,0xa1c7f123b5c18bb4L,0x485b848225dce22cL,
-        0x8ff0b36fd540e79fL } },
-    /* 133 */
-    { { 0x99f2e2f43ff42cffL,0xa3c19f9d1c35317cL,0xdb749392aba1b545L,
-        0x84232b054afa9a32L,0x0b855d46d7dcd436L,0x8ac35e2045cf9915L,
-        0xd7cf22c7f001a218L,0x057d35aeed408305L,0x25a4a519553ccfcdL,
-        0x5e56579393e2b939L,0xa20332b03422ec27L,0x9b09005e3ac53958L,
-        0x628051a379e9b163L,0xb4a0dc09fc6618d6L,0x9e0e857f6748e7afL,
-        0x71b28eeec577d63eL },
-      { 0x4942b0cd99726bf8L,0x1290a3b91c208f3cL,0xfd7290e7b0598eaaL,
-        0xc6a7791fa25a9128L,0x2d33db24c037d7daL,0xc21efeb070e2837bL,
-        0xbf70d96ee3dae2a0L,0x43ed819185076027L,0x4aeb0aa84d4ad7e3L,
-        0xbc75101fe8c5b74cL,0xdbfb2a6ead26ebddL,0xba8120686b78aa4eL,
-        0xc94aa8f2e1159848L,0x0d10d9db3eba5c4eL,0xce7fec476318295aL,
-        0x7294711a330d925aL } },
-    /* 134 */
-    { { 0xfce4590432bbd495L,0x330f4dd1be54973fL,0x006bee1d5d9c3f4eL,
-        0x40ee607859ba7204L,0xc194fd3f42c2c768L,0xa0e76b12e9fe88beL,
-        0x17cddddbec2b0210L,0x689d436b00811ec7L,0xa6a6ba37284be9e4L,
-        0xabc395b2007d4114L,0xf8cdf9f30f11e744L,0xc5febec8e9396402L,
-        0x8a751743eeb46285L,0x99bf8782c6e0d137L,0x3965e170beb292e3L,
-        0x001c39d85801fd5fL },
-      { 0xf4805cb9da4a0912L,0xd27cb76a4410bca4L,0xef3dcb8eec71d65bL,
-        0x780fbb2b4816849aL,0xef6a7026a8b24635L,0x15625c8812c44e68L,
-        0x624c232c4d7a74a8L,0x81a770374b1631e4L,0x04e4f7f1db917c2eL,
-        0x1d0465fd1f61ed95L,0xb1048049cbde6e3dL,0x637ce0c1d7131fcfL,
-        0x22e4dbc28ada4715L,0xf7530c5cace99726L,0xa0160dccee287450L,
-        0x9132e670bb91af13L } },
-    /* 135 */
-    { { 0x8057efe27996099dL,0xb72344dba06e608cL,0xeb4a8740d0958588L,
-        0xe53daf0679e5aee9L,0xc9560a9a908a2fadL,0x7f4be131107e706aL,
-        0x6d5f3d9b2830246aL,0xa5f8e8da27cca3e6L,0xeb51dca64c28f292L,
-        0x4cfa310ef31dfd78L,0x92e0c7c22ca073e5L,0x102f1694a40da683L,
-        0x16bb07cc750d38fcL,0x703e83e2badae035L,0xea93c066b4d3c9ddL,
-        0x7d0b03e579940ed1L },
-      { 0x5fe7ea304dd94c63L,0x57ef01c5738b0b3aL,0x9534a78ca14e6b4bL,
-        0x07622cdea5353276L,0xaf696a077c22d006L,0x733c18867d46b209L,
-        0x9654ccbb626c2b4aL,0xa098d3a1a84f3c4cL,0x3596f9ed2d734b74L,
-        0xdfd3021a5d551c90L,0xe2ba7d2f1ec5123fL,0xf9726925b2c1aa39L,
-        0xd2e75d0ef8eb2927L,0xfaba712e19192a6fL,0xa606b43a9b83e50eL,
-        0x31b1782fdab5de60L } },
-    /* 136 */
-    { { 0x878dba454034db92L,0xa39779018f34dc4dL,0x8d004f2edf754c33L,
-        0xeaa5954acd563a88L,0xa29d6c89bb5ffad1L,0xa8adf655b0d8bdb8L,
-        0xf7fb842d8cdbdb47L,0xb72e3a0380d3205bL,0xc335b0b27cac7ca9L,
-        0xffc60bcbd8a5475dL,0x736f7719eba4d25fL,0x3d901c380c50fca6L,
-        0x1fdacf7b80c01900L,0x75cf658f5681f84dL,0x57a7e6345cefbbc1L,
-        0x6fc0fbe53e07ed1fL },
-      { 0x496d116bb81b0e5fL,0xd82dd2a52ac853b8L,0x357e22d4327387f0L,
-        0x3e332a84ba912c59L,0x8b71c64349d5dcc1L,0x0c982ee9438d85d3L,
-        0x90b9553cbf7fcd4eL,0x2cb39bbc38fed5e3L,0xa2c67c9c5ac42903L,
-        0xebf21217bf07da55L,0x55ac05ada0b9e4eeL,0x10bb12c28ee9e0c6L,
-        0x5cf3aee548bb6e3fL,0x4ae7269c8b046e91L,0xcb266012aa0e553fL,
-        0x701935a1a94c8fc8L } },
-    /* 137 */
-    { { 0xde58d41da4626deaL,0x25ef66ca15b9039fL,0x99a810a43164e65bL,
-        0x9fe6daad748cfccfL,0x7ab9a6bd2f142fa9L,0xa4cba1685d471796L,
-        0x12d30b366bc3a39bL,0x1f46a5dc8bf45076L,0xb868e5291421ac0eL,
-        0x7a68620659bba1c4L,0x2b4b552eda698b90L,0x5039dcd4e5453707L,
-        0x42a07a9e9e90165fL,0xa838fff3d7d45dfcL,0x41991e5a3b5ceb30L,
-        0x6c961ec8969ca600L },
-      { 0x703bdc1bc4e7eb46L,0xd6bac557596c7b48L,0x4f9917cd66afd74dL,
-        0x56355105656ce6f3L,0x3d1fb50c32497175L,0xfda6783e63effb2dL,
-        0xbd79f1f3eefaa2bdL,0xa4efbe5417af9ef7L,0x6cef64625a55b7a4L,
-        0x116f32381a713304L,0xdb2a2a7fb95625a3L,0x6a0aa43a0b027e96L,
-        0x458fe5d24832b3bcL,0x523418df5adfaac0L,0xc05a89cbc49e7f9aL,
-        0x830883d869e24b53L } },
-    /* 138 */
-    { { 0x959b1c6202557389L,0x5fe5ce97adefc0bcL,0x893bbe7f8330f383L,
-        0x27e0c6af16cfb81eL,0x6f64e65bd04428fdL,0x53de9245b79e6182L,
-        0x08a313c1487e11caL,0x65cec3b9445bce93L,0x33bc0314d67ed49eL,
-        0x69f36b2430782352L,0xd78e5daf93ad31d2L,0xf2682b70c780890cL,
-        0x7015c34f9e45efe9L,0x135d4ba4e6cbafeaL,0x43a378a47e3fcc6cL,
-        0x2376f97f96638f8cL },
-      { 0x0a6e1ec0ae575b99L,0x7e14cb4f81b970dcL,0xf00a3824d3a73947L,
-        0x0b4b9c81fb235a9dL,0x8d15115f5bf62944L,0xcfd35b431e165d7aL,
-        0x5d12fea2b2ee3e3bL,0x629984a6f5182e7bL,0x4e43e2f3c365d08eL,
-        0x9932709130f36e72L,0x698b4a00fd345401L,0x23c4fd0ebaf96dceL,
-        0xa60ba0ae23675554L,0x51bdac2db0325784L,0x8ab4190a215464a1L,
-        0x8c4616616bf10296L } },
-    /* 139 */
-    { { 0xeffca2582d1f36a5L,0x0eded2b2894c5f2dL,0x35a5cdb843ced84fL,
-        0x290f8982db0e3b9bL,0xcce0eaf00719a112L,0xd0e657e439a362d6L,
-        0x5516a55d62697e47L,0x269e1f778e636514L,0x5e3dedcbd50269bcL,
-        0xecec2300441c57c5L,0xdb83f31cc705578dL,0x1bdefb731e489eabL,
-        0x20b678cf395fcdb4L,0x908cf91cff9db001L,0xcbebc6f455f52cc8L,
-        0x155ea622b4c61162L },
-      { 0x94be2f1f876fa42eL,0xab5e87497fadeee7L,0x692e70f538c865afL,
-        0x16e99b84df8059b0L,0x0ceb606e8b5a7ac9L,0xced233572d463d2bL,
-        0x2d0f26232a9a09a0L,0x2529998c3861fbdfL,0x711888a7c1be310bL,
-        0x9b1229c50d8aade3L,0xdbcf9b783b13533dL,0x3ca746f8ff029708L,
-        0xa5a013a1da83ef88L,0x8e904d184ab28444L,0x2fe84b3dbcbd4abaL,
-        0x8f570f24259058c3L } },
-    /* 140 */
-    { { 0xdeb66c8a2ca9c508L,0x2dc5bec269d6b780L,0x16d6126688ead600L,
-        0x61841b9749d72614L,0x41e40e6cce472e6fL,0xada242641fa7a876L,
-        0x45b9fd33cc3997a0L,0xb25e8fa97c15dcf4L,0x0124ceb212e9629dL,
-        0x3a8c72c67db3d956L,0x8e2ded2b7c1a7844L,0x94ab09c66dd027ffL,
-        0xf89a057d7e7a2bc6L,0xad8bf226cf70c763L,0x4cb268e7c8a26212L,
-        0x3d171e87b2c44c1dL },
-      { 0x382ac16e8ce49820L,0x24ee45e2c0c44dc9L,0x0ec6791273e858c4L,
-        0x918cb25c46327cf9L,0x43e3876bc6159c1fL,0xb6b6e0e037545cb3L,
-        0x64b839ab5d12347eL,0x72e09274a300d541L,0x26ab28e6881c1169L,
-        0x4a580fffeb75a843L,0x0a5802ca359120dfL,0x7fee82d03209f4a3L,
-        0xb518016b8e6a9380L,0xb99c6c70c2ee11caL,0x16105af1ab9d4ec7L,
-        0x234e98f834cd9004L } },
-    /* 141 */
-    { { 0xff43520814db9cdaL,0x99cfdc4796adec90L,0x843aaa6faf458b6dL,
-        0x3f1f7415743eaa31L,0x915e192e61735d81L,0x3441a22d0ac595d5L,
-        0x704bbf67c044bc8dL,0x2f960471be23a236L,0xcc32638815d1d557L,
-        0x9410230b76b1dd94L,0xf2e5439f0c1c8a67L,0x56b141ac833c910dL,
-        0x467c999f865b84dfL,0x1b0251fa21f02b7bL,0xde5b526096216950L,
-        0x6a2130e3ce3a1e93L },
-      { 0xd21b67a04b3ca1a7L,0xaf42ed5300c0ce80L,0x22ccd368932cf07aL,
-        0x36523a815c25c35aL,0xecdd39588dd04d06L,0x73da3502b2f93a3bL,
-        0x4c5e0c3cd5e5b530L,0xef9f548613268777L,0xed87fefc1e742292L,
-        0x6d9ac29ea24e5edeL,0x08abc9f033849f1aL,0xb09b229240f23905L,
-        0x6791072c7f934353L,0x102a6381e6aeb550L,0x3ee0740996feb870L,
-        0x34f06faa9c4d2830L } },
-    /* 142 */
-    { { 0x869dc79f2348f005L,0x9b5c5d71df4920b1L,0xfd1b57ca6dee64a4L,
-        0x21b7f734e82a4fb4L,0x637cb834b9578366L,0xc934101b7d287d96L,
-        0x1590f8ac0392ecabL,0x280dc3737f75f4e3L,0x8b36f50f6a61ac62L,
-        0x74f58304a65568daL,0x80d792a9d930870aL,0x6d17b192fc8895ccL,
-        0x498392fa4914939fL,0xaf36027dd41d5b9eL,0x452d79e25caa82b5L,
-        0x764d47b1f4115d1aL },
-      { 0x5df22303a2ee8b9cL,0x1b9f72d385dfcd48L,0x6b42b98310813a37L,
-        0xe28c523b3de741f5L,0x0857625af303bb5bL,0x926f299aac9bf9afL,
-        0x21beac080d445b34L,0x6a523a02d6ba2c0eL,0xe302a1b17fce2864L,
-        0x4516a235e300c1eaL,0x4543736a7b4a9311L,0xd3c0b9e8c0cc89f7L,
-        0x0481904f40ed88deL,0x4f269b563cb7fc70L,0x09a1d53a321b9738L,
-        0x1c0dd9c3230a3810L } },
-    /* 143 */
-    { { 0xffaa1f67c46a7d9aL,0x64743334bedf91ccL,0x45833a7447a42f2eL,
-        0x67980051241ffaa9L,0x70979a84335efe6bL,0x5f0613f5f08b2403L,
-        0x6bb22fcd64f211dcL,0xe1b8b2a3a0572cfcL,0x19e0eb417950a14aL,
-        0xe634bb293eb6cd4cL,0x31a04b25470a25ffL,0xa41f7ac9a3d15a0aL,
-        0xefed85ecbf2fede9L,0x1f581f5f81b94a00L,0xaa3996b09ef4a15cL,
-        0x52d8be39b06041bcL },
-      { 0xbd1536f6fd631a2fL,0x91fae7f0b351a8dcL,0xd1a590c79b126212L,
-        0x52d4875f2bd0f435L,0x9aedb6d392b0ea70L,0x0bd0abdcb83ab89eL,
-        0x827a106289fe192cL,0x6566a960102a0bdaL,0xda083037ce036814L,
-        0x30bed79f58639405L,0x972019b6dbca8df9L,0x89201286efdaa3f5L,
-        0xb337b9965236b892L,0x11d3e38e28fc2e73L,0x70787f41880e8da3L,
-        0x6cff6367dae4a45dL } },
-    /* 144 */
-    { { 0xbd3d0433f89a8bb4L,0x42144c3393b98f71L,0x82b616c803470a2dL,
-        0x98fcc757e5da089eL,0x542354ef7bf5fda6L,0x1885c2539ebd34ccL,
-        0x2e20b285bec5dd0dL,0xe71bbbe1782a1bcaL,0x959ded309b854ef0L,
-        0x172499798997fa6aL,0x50cf8fa8d81f3c45L,0xa9a3b51760c11152L,
-        0xc9b0ef7decf845eaL,0xc9339e23b9fed11bL,0xc93e9c5c28256080L,
-        0x1d2c8217613ec1e7L },
-      { 0x7381347d987cfc93L,0x047603bbf187f810L,0x3fa6bc9d1250ca31L,
-        0x480091e0bb055bf3L,0xbdf95f1a3a3af87cL,0xe2687770140540abL,
-        0x998df730d7fe045bL,0xb398135fb723bc2dL,0xac230f8c15ebec46L,
-        0xe08e18305f5561c0L,0x7c0fbf4cda60a47fL,0x06e95c24e16d4bfcL,
-        0x7416349574617e92L,0x397198694ae0c20eL,0xfe2693122131e2b6L,
-        0x25486e360a537722L } },
-    /* 145 */
-    { { 0x618795ca53572806L,0xb2c89449656968e1L,0x149c2c973fb323aeL,
-        0xfb15de26409bc7d6L,0xa90cda72c79121b3L,0x6d2fa14e204cabbbL,
-        0xcbcda6f791604125L,0x25086261b435f947L,0xdb686c38c282eb10L,
-        0x51016d62f1a791cbL,0x6b1c7ed161a2266cL,0x26780666271d74a6L,
-        0xb5ffeda1824287a4L,0xcbe503ffbbe4f0f3L,0xd7f7f0beb9482a74L,
-        0x751b2358088493f1L },
-      { 0xd597b9d6e9c9be68L,0x1794b5c467d10c6cL,0xa88cdc3d7762b2f4L,
-        0x6d94a63aa1b44e11L,0xfb0bbbb9aaa8eca8L,0xf4b0f2d0c963d87fL,
-        0xb753062c5dc7075dL,0xfed726ac49933989L,0x5da6063857f9ccdeL,
-        0x221c392a75f8c766L,0xcd264d955dc672caL,0x7004ff22b66ecc8dL,
-        0xfb1aa9ae18a458baL,0xea9644df8babd653L,0xa9378e802ba0de7cL,
-        0x144cc12dca2c6c75L } },
-    /* 146 */
-    { { 0x593a0a1d2989aa3aL,0xd83f228359e6e64dL,0xe938b0cbd32e732eL,
-        0xf4c464c53c3cb249L,0x9750a5f8f89ea6acL,0x467e5bbf346cfc32L,
-        0xc9bfab9d37b2b809L,0xf8eb74533b339c6dL,0x3fe01fbe3b766deeL,
-        0xb3154254ef6aea27L,0x555c3df27be61b10L,0x70fb6d81dd818488L,
-        0xda1af3a4bbe714f9L,0x575f20179d18f693L,0xdc08fc6b2465b839L,
-        0x874ecf336b84a951L },
-      { 0x624af83ebbb3f6beL,0xf578fbb908bb423dL,0x5623b0bad7873527L,
-        0xc3659bd8a62e0442L,0x2903b167fe236f79L,0x55a430c6e53f26a6L,
-        0x222547ae3ad712cfL,0xb73890d776eb272bL,0x95b4f70b3d628df9L,
-        0x9f0e13b053eae4acL,0x5b4f5138e7f2174eL,0x75482cf998dbae17L,
-        0x2b69bbde44518480L,0x4f279652cafef15cL,0xa0a3ef2bb6bcaf19L,
-        0x31fb8581ce4c634fL } },
-    /* 147 */
-    { { 0x398306d1615cd607L,0x680c9faaaa32c3a6L,0xe87a705b7779131dL,
-        0x1031013a36708b00L,0x814fa0e19445297fL,0x70c5583aa6a79b56L,
-        0x03039cbf4b16bed4L,0x18a7ca8daaaaf8d3L,0xf33159e75cdb68a5L,
-        0xdea0e738d23814faL,0xeb3527188d0f4f9fL,0xb0b76609dcdff032L,
-        0x65ba8ea93d48338bL,0x18044d8255dd507aL,0x844a223e4a4a50b4L,
-        0x9832300018e19e54L },
-      { 0x28a2102757f3d5a6L,0xffce56486e8cadcdL,0x9590381b02551f3bL,
-        0xb26cc64f935ebdf1L,0x60611291c083aa6eL,0xcd988a6688e4cf41L,
-        0x581c3f73dd53b1b5L,0x78c804a977fc621dL,0x31874330fadca2faL,
-        0xf7008da4c83ccf02L,0xc4122a1da79a4707L,0x9a8e0d3f4a915eb5L,
-        0xa2de157dd0123660L,0x45ef43b265ead2a0L,0xd0a22ade188db285L,
-        0x8abbe39e922e0caaL } },
-    /* 148 */
-    { { 0xb44469053a2d2f01L,0xd27c31935dc6685cL,0x6a908bbf1d74a027L,
-        0x01da350f5b50ec1dL,0x1d3dd45e3f3c2e26L,0xf66e11d0b836ee92L,
-        0x7e03908f474b979cL,0x19e7c5b998b87834L,0xa741d3febd3d1de9L,
-        0x63c68e8d1ef6059bL,0x9b9ff9393674e247L,0x1d7d53e73e7e67f6L,
-        0x698dc326aee9e248L,0x52f23edab3bd984cL,0xf95e31b06f8fe8a7L,
-        0x0f15b4d0c3d0ba95L },
-      { 0x8f2f6635790a8d85L,0x51bffbaee2595af1L,0xd15b7ec624b51287L,
-        0x7639b6ab3234715dL,0x0cdd52992bc5441dL,0x54800ea4f6d05833L,
-        0x21efd752f6d6e360L,0xc0b7ffe519290613L,0xb68a5825eea898cdL,
-        0xecedba9222982266L,0x678a91b0bbd06bb2L,0xb2436dc04bb6b0cbL,
-        0xcf7a99e7caf8ea98L,0xb92d0e6e71aa05bbL,0xbf8d0471f5993eb1L,
-        0x515db37820385ddbL } },
-    /* 149 */
-    { { 0xee43eaaa6f5bef22L,0x952d269820348712L,0x1e4c484e7a3af6c6L,
-        0x18d434c69a8c9403L,0x63e5d7415001899aL,0x5238dbbcfe8ea40cL,
-        0xca6cc8d296798721L,0x73db6aee04acbde8L,0xbf69328db7f993ceL,
-        0xa3f79bbfad45e334L,0x8c51ec937c1f1630L,0x4907325f9b00a6deL,
-        0x49e6acb412d82bc3L,0x5901b36d0ec59fc9L,0xcb09b7109cf34e3bL,
-        0x2de0487e1abf4c02L },
-      { 0x18b722f38dd9d484L,0x833493937c77baccL,0x58dbb8f193d92b8aL,
-        0x80d78d508e3fac25L,0xf0500981745f4a7dL,0xd072bfed877cc29dL,
-        0x67abf8f2c30a89f8L,0x92c567ea9a0820d7L,0x425ab12e8a3a5738L,
-        0xc162faebf055521bL,0xee1c4f26b94ea5e9L,0x1e4149943d71e546L,
-        0x258183b843e8be1dL,0x44917c82ef9eae0bL,0x6813a45773874a30L,
-        0x6f6ac071cc42f86eL } },
-    /* 150 */
-    { { 0xd38822ad4dd6e3b1L,0xfc78e1ccad620869L,0xe78438452cacde80L,
-        0x121cc14aa8469fe3L,0x8e8f3da7e67e8ef2L,0xdb83d16e4d347448L,
-        0x3ba1dd98798631f4L,0xdfab59770a4c4c17L,0x1f0a13063edc701fL,
-        0x4649d6016cd8ff28L,0x2267230bbcc55bc9L,0x02a19c605760412aL,
-        0xc719d5f1328faef6L,0x27cb969ef67eaad9L,0xf342530e719bafb5L,
-        0x6e2c24ccff5a82cbL },
-      { 0x6313024badaf8793L,0x944bccf1035c948eL,0xe9a066b7953500bfL,
-        0x7991a9461d116765L,0x95addb2e9fd93c78L,0x05d2c037e92e5495L,
-        0xcb145b189f03e5cfL,0x81ae48ca95aa1f72L,0x203f2702135a6e4fL,
-        0x2bcef5a249b2a7d5L,0x0687a90002d7f2a3L,0x2f7d32286c6745b0L,
-        0x3da8a87586507305L,0xbe38b8842e8dc58fL,0x6b48bf34dbf11185L,
-        0x5af7fd0d97c08f91L } },
-    /* 151 */
-    { { 0x55f9b950f4a224a5L,0x41904574cc50273aL,0x34f81330643f1fd5L,
-        0x996801bb0e50f783L,0x866d740389581712L,0xdb9a405da4091d36L,
-        0xf1e379df16a46fe7L,0x8d04a93f83bf9168L,0xae4c833532b20bcaL,
-        0x99d334b1f72a1c10L,0x8fbc9977d8195db4L,0xcaeb3dfffba14b5dL,
-        0x60fef02276daf476L,0x4b948dfedb5b72f4L,0x5185c925b6dfb062L,
-        0x27a9c3819609d4aeL },
-      { 0x73c37346f12a93afL,0x028b707c5536634dL,0x8efa58d5498193d1L,
-        0x4f83a5ccef21b69dL,0x05cbb0a3a788a0e2L,0x0103178165b13c98L,
-        0xfea20e582b73784cL,0xdf9713a0e50361f2L,0x31449a0fd0cc22d9L,
-        0x183752e77c5e2e1bL,0x6e44d6bdb67044cfL,0x012dde95733e177aL,
-        0x68b4966908ee2c23L,0xd9bb05411f5f1949L,0x95182c716acd886fL,
-        0x1c690694fbde9244L } },
-    /* 152 */
-    { { 0x5db67d173a880026L,0x89c4f0a0125d95f2L,0x290505513f6cb7a4L,
-        0x3eb231d15cbbdca5L,0xf8cffc99972bcbd3L,0xcb4ef4d4ad55a03aL,
-        0x944d47ca22867c2fL,0x96d885480ead1aa5L,0x76a57cf8cbc8b045L,
-        0xdfe5844b005e55a0L,0x5e9e7e191d18a097L,0x957a26e852923c74L,
-        0xd0867b797f5db339L,0x2553408e63bed0c8L,0x1596e5d5689ad23cL,
-        0x7b8c13d6a504c339L },
-      { 0x2fc43aad52fb6901L,0x1c0313f916ca253bL,0x1475830a515aadc6L,
-        0xc93d19267f577dc2L,0x26e52e8ef723c0ddL,0x2f1e0eb83eb9f6daL,
-        0x9979de82f180376dL,0x43e28ecbb0834939L,0x9a2d51dca39c38e7L,
-        0x6e6063a9a8e3f6b5L,0x4cf1da3a4b9b3270L,0x6e5348a2d2f8915dL,
-        0x5e75e3e050507912L,0xaeffce5720d383faL,0x1d6d53cc8fd2fb29L,
-        0x0e3c3ef6696f4cd0L } },
-    /* 153 */
-    { { 0x3bc337c121ee1d83L,0x97e08f6d787b7788L,0xbf709fcc138fa4ceL,
-        0xbaf77647a0348e58L,0x04f8babca55e672dL,0x0ed2919d7d5ec5ddL,
-        0x8ce64bff33e99218L,0xac09fc5724b059afL,0x506831f9dc5e32baL,
-        0x26a22677465af6a9L,0x3c5efe66c97f1ff8L,0x1515e0d6bc6087fdL,
-        0xb1a39c5eaa8edc6bL,0x3dd816bb0e79ed29L,0x6cc13769bc3788b8L,
-        0x463098e3c092a51cL },
-      { 0x3a6408c7c8bd0fa7L,0xd1764311ce6bde49L,0xe315e108283ef7beL,
-        0x8213cc7799b5d938L,0xaf7f158145a49a6bL,0xd00fdb0fe529e4d1L,
-        0x55d38f77ce66c9d6L,0xb4f7ccc01bd4b952L,0x8d975b49af71f986L,
-        0x12b59fcbcd64d00aL,0x1860e504a5a3bad7L,0x6d9760442b5c89f1L,
-        0xfed0c6597a3e231fL,0x58114c33178cba92L,0xe2e74c066698e11eL,
-        0x7f8fd093a348b85aL } },
-    /* 154 */
-    { { 0xf24592cac19428afL,0x192a1c813a308665L,0x42589812e30bbd7fL,
-        0x10db0723836c6bb9L,0x9c7a41e9598e4987L,0x8aff179e6ead6f4bL,
-        0x70f8f9b975862c44L,0x6b3b02376f21983eL,0x25d83e9b98e65152L,
-        0x3b2d26a8d751218aL,0x9508281a9d6f1da6L,0x8df78d05a5a81f74L,
-        0xd79ee559e4687471L,0x2060ca576787d8ccL,0x427a84ffa8476c95L,
-        0x87b64c51e6435131L },
-      { 0x87f46f654b30d3c4L,0xcdec4c5c23b4ef14L,0xb3b7476663ca4d68L,
-        0x1df34269cf3fb56dL,0xd4f139c40fd7d46aL,0xa3b7c7c76a69a8bdL,
-        0xee56b4c9cbadd7d2L,0xb28ff342ac942334L,0x0046fdfa786f1da3L,
-        0xce5d149cb700c82eL,0xca30ef8150966597L,0x44a20609fcff4bddL,
-        0x0f2f65e744925268L,0xe5b6552cd4021f38L,0x77ea9c2a042dbbd0L,
-        0x8c95267cd9c062f5L } },
-    /* 155 */
-    { { 0x6655032e5fc1abb1L,0x2215af5412fe4743L,0xfd65756029f05ef5L,
-        0xb0e73325dc191be9L,0x7ab3c65ec08639b0L,0x67507f511c3e6673L,
-        0x638befc3c8615555L,0x5d0188cf42f0c4adL,0x843a301cd896186dL,
-        0x045603f7b2c6741eL,0xf7545c0cfa3cd1d0L,0xf612affd4a40672eL,
-        0x56197c9f45b9e8ddL,0xb453237d87922d74L,0xbf132e3a4b2d59bfL,
-        0x8afa1b73b84a6a16L },
-      { 0x6b3596eae793ac70L,0x4c94ef8eeef6dd10L,0x926b4fa270422e40L,
-        0xc8c71dcee9e5d763L,0x352fcb70f512aadfL,0x1b7ba138a883975fL,
-        0x57991390058c3b13L,0x9692092a97740fd1L,0x19ad945b160b0697L,
-        0xbc63438810837ab2L,0x76ee11c4f174bb71L,0x6111bfc1ab1b80ebL,
-        0xbc82bac870ec458aL,0xeee60127312d3325L,0xb4118b1ab240adc8L,
-        0x672111912b5a093cL } },
-    /* 156 */
-    { { 0x91e99306f55cf9bfL,0x9b045308a46b96d9L,0xae3c1e1d9e7a65dfL,
-        0x453cb151c731bcbbL,0x14be5227a4d58a61L,0x39dac92297c74cc2L,
-        0x4d0f7a45822e00d6L,0xafeb1d51c62b03dfL,0xbb1dc3a4baa18b2dL,
-        0x7f3c7178df2b74f0L,0xfcd328a6896b6a33L,0xe95ed4541dce055fL,
-        0x97fbc76b6a4e2b87L,0xe5ec67f1fa59dce9L,0x052368accc0367c1L,
-        0x7c86391654e4a3feL },
-      { 0x55e94b5eca7388cfL,0x17cc0a60c0335d38L,0x9b69b78b616f85baL,
-        0x705d02ef10122980L,0x565a6e801cfd0a79L,0xeb74a96d7d1ee352L,
-        0x5c8832ed427b9dadL,0x96ea8528e6d5330fL,0x30d8862b18d24ee8L,
-        0x9cd38ed59ff939f7L,0x690fc9a201060252L,0xc62d88b82303b3ffL,
-        0xfc42d7a4dd52b469L,0x06f8dfa28cad2d93L,0x5023609060920438L,
-        0x32582758fce855adL } },
-    /* 157 */
-    { { 0xeb20e45f359e8c60L,0xc71bb8a5364ca186L,0x02b15071dff8e110L,
-        0x074e91d34c93e578L,0xc0326e00b829d0d8L,0x3c192258626a83faL,
-        0x387a64d5fb29a09eL,0xcaaa3d34e5ac5c82L,0x8ed685e5ada2da29L,
-        0x92720267eb29650eL,0xf7184b19763802f3L,0x23f5dd0edf6b1aeaL,
-        0xbe1fa34725e6125dL,0xd6287f9d0c872a1aL,0x49aa93d2ac57c3afL,
-        0x1a4e6a715bda7656L },
-      { 0x1a126ede554d1267L,0x37f945331cd02b48L,0xd70af04cce31fb1dL,
-        0xcf410b0b097dc012L,0x930e1d1736c7b6c5L,0x902fee41c6891085L,
-        0x349ba4a779fb638fL,0xa16c5821acd6f8dfL,0xfb3b83c12e076aceL,
-        0x6b8d033be501d14dL,0x0593d45220f2d2daL,0x3752526d99df1880L,
-        0xca32351c9feb33a6L,0xd91343bc1f6ef456L,0xc74857db35b9dc8aL,
-        0x856a7c9385b4e832L } },
-    /* 158 */
-    { { 0xa007d0020d0a5583L,0x2f1301ddeda4658aL,0x91c0796434d939beL,
-        0xa0cb6780a70c0836L,0xc0b4df95be81e540L,0x6cbbcd345d4ac8b8L,
-        0x57c52ed054756239L,0xcac2dca41805ceb6L,0x915ee6ab79344255L,
-        0x366def3124c9a2a6L,0xbd3b962f8c12c674L,0xaab64f1b7dbb7c3bL,
-        0x3c0e4553e22bb95bL,0x2408febac4c63b74L,0x3ca773122a4da631L,
-        0x62889084c636da40L },
-      { 0xa457fd538cb8d208L,0x7a8f8009543f06d4L,0xb66de154f2eff2abL,
-        0xfddb28ebf72517e7L,0x0149fe66f9389d2cL,0x79e8773fd85b88ceL,
-        0x452e090b0ba543f7L,0xdeb9b5cfb0b03fc0L,0x3113448a6c5ed77bL,
-        0x3609f3cf8ffc0372L,0x2bc9c46d5c1b4c4aL,0xe66f3bf38fa59be9L,
-        0x1396bf5fcdb02691L,0xf1ec59d4009f88f9L,0xc29034562ad9dfe3L,
-        0x79d8122c5ada4d58L } },
-    /* 159 */
-    { { 0x14d4e4ceaa529507L,0x056a081474655d00L,0xc0d30a384f0fc474L,
-        0x8a8203ea3443cb8eL,0x33c62fb097f1728dL,0x8a38dcfdb520ef52L,
-        0xa0f90d5d7cac9d3eL,0x28a7b0bf873cea50L,0xd115ae3a6c6c41cbL,
-        0xa35171daa13812c1L,0x25d4bba5624d507eL,0x91dad2897e98f42fL,
-        0xffd6b1e996a41371L,0xd46c2125b69e5b77L,0xc7d2b42420c4f707L,
-        0x2ab3af958142557aL },
-      { 0x86ca074c6a5372a6L,0x728fb83e56292ba7L,0x745596dc77741cf5L,
-        0x70b4cea1520ef49dL,0x1472fe3461e46472L,0xf4d6bd663fb8ac5dL,
-        0x46e52cc9c10bc071L,0x28794efe371a3461L,0xa4850718276fe877L,
-        0xedad57739bef5ab4L,0x24c2d9ff3f15c815L,0x188950e58f8395c3L,
-        0xbae4099680b6a855L,0x4f53e22c8a8803e1L,0xaf233f61039d25eeL,
-        0x07db2c35250409caL } },
-    /* 160 */
-    { { 0xc7f3b8db037d4703L,0xe83708dfc5f488b9L,0x1fba830f8471d402L,
-        0xa55ee8d25a2faae9L,0xc2e5bf105404fc1eL,0x647d5027aa2d5651L,
-        0x37a53c0c7ebaf5f9L,0x7adf0bb295b30abfL,0x5a62e1fed64c93baL,
-        0x7ffc18c0e2ef4a78L,0x139dd9d94d2cd04fL,0x253fbab75ea0af02L,
-        0x7c8100ea0fef9acfL,0x74c5384dc8615aa7L,0xcb28682d9fe52069L,
-        0x08b6ca8fcf7dd759L },
-      { 0xe04e5bea036c3b5aL,0x387261027f9f2b4bL,0xa9fca57029797c0fL,
-        0x1656180b82879ea3L,0x153389bb607f0ddfL,0x99a1223c67b0e087L,
-        0x0d1808ec9d897fc7L,0x9470711a916edf19L,0xf8f52f2b07217118L,
-        0x5d8b29ffd18888b6L,0xef1e22c54cc6f900L,0xc4036165eb24877fL,
-        0xfda9523335479525L,0xd622a4216861468aL,0x5d043b0774faba08L,
-        0x2c337b020d31a7d2L } },
-    /* 161 */
-    { { 0x7b2305bcea22fa65L,0xbe183ef4d159f63aL,0x3473d87d3f35923fL,
-        0xb27fb306c11d7753L,0x702e7e6b2a054cffL,0x3ce9f97caf185619L,
-        0x835502434e7d51c5L,0xa63e3d82f356ac5bL,0x867b7caad7645131L,
-        0xee85e6afa671fc9dL,0x3b985ede2b07cd77L,0x07d598b0ffda5193L,
-        0xb10eca39a942dc36L,0x17f3dcee506218a9L,0x3d94e8d106b7d5caL,
-        0x509b2634ed8831c9L },
-      { 0xb1b9414e48caed54L,0x77a78c6ccbf51e97L,0xa4688c8d4de9b258L,
-        0x0024137c91ee3d78L,0xa68f9234e30ee64cL,0x573255bc88190d78L,
-        0x41e8e05fba80690bL,0x50038d84ec354f4cL,0xb18f02d6dfa52816L,
-        0xc47f9007ccb63fdaL,0x29d480fbe98ae455L,0x4ac45d225d0e319dL,
-        0xd06f3575026db719L,0x733b9e202c3587b9L,0x224839922c317727L,
-        0x1592d5a754bb8752L } },
-    /* 162 */
-    { { 0x5778d9a2cf7453f0L,0xaffb899aed83c1f0L,0xae6506d3e0a82ba7L,
-        0x32c84e1aea3d5081L,0x9ad528c0810aa38bL,0xb1fdb020bd37d041L,
-        0x78d6cbe1d06ce41fL,0xd287f0f02e74b7f6L,0xf5cd2575c43bb022L,
-        0x6d28f2f3f81a71b3L,0xe65bb1f5c633e7f4L,0x32e5fc1cc4fc580eL,
-        0xcd55539fbb7b07a5L,0xb5a94471c3caaf3aL,0xb958bdf44cc22d2dL,
-        0x1614bdbd77a2777cL },
-      { 0x4c1f0230ed0ab04dL,0xae347b006e2082eaL,0x9f10bc63c42c5b5fL,
-        0xb0539e6fde019935L,0xd89bd4e765dd0825L,0x92260fefbbceda16L,
-        0x8aaa755ce62aca32L,0xed762fa95ec82c5fL,0x99e64c0118650768L,
-        0x57dd6245c92e348cL,0x0db88a7731ea6d68L,0xef0012ab07b44736L,
-        0xb9356b94171d70feL,0xe68b062803f891b0L,0x3a54a53ab79c20a2L,
-        0x489656c7b00b0728L } },
-    /* 163 */
-    { { 0xe43649ba71353c25L,0x517f27a113f67e24L,0x10bd333a1c1eb9e3L,
-        0x94e1c05c78e29bf9L,0x84fe7d974743f15dL,0x9c87490890da2df0L,
-        0x82403fa753673be1L,0x7ebf5db41baea1b1L,0xcfe0ae3524180eadL,
-        0x1d15873fc2f50c3fL,0x16851ad670661cd9L,0x802968d9a51e8c2cL,
-        0xe7d1a9cde0161099L,0x2b153c89a8a7ea56L,0x6d41b78906e3c498L,
-        0x082bb2e9d6769dcbL },
-      { 0x6180ef46c4d6615fL,0xfc629dc101b9829cL,0xde222ec00fb264caL,
-        0xc5457e0610ecc2c4L,0x95ce599f1eea2c4dL,0x0433fa728f9c5b2cL,
-        0xee035462cd6310f9L,0x84c57c3bce2e2253L,0x6c8ec31a96d87e44L,
-        0x30bfe393a452c5a7L,0xc592b140a047b235L,0x7bd8be18c018545eL,
-        0x794e01075c178c46L,0x484719462e23005bL,0x2665e237622a54f3L,
-        0x36451a46901c9042L } },
-    /* 164 */
-    { { 0x17802d1819893e71L,0xa1765d8b539a2082L,0xfc6aea012302ecfcL,
-        0x8d4cf51b365bf59dL,0x87741d720d232a80L,0xac343eb318e80427L,
-        0x553ecb2fe74739ecL,0xaeca79a81a8b07caL,0x089ff32256f4ab3aL,
-        0x5e95d7293fa1d1f7L,0x260569aef62a9a16L,0x5e776232aa08ddc2L,
-        0x93fabec31b7bb54aL,0x48a20956743d56e7L,0x749cdb12eb0ebeffL,
-        0x705307a469b8fcf1L },
-      { 0x7a8e4c04e488310bL,0x12726e325325cd7bL,0x5d0fd8b04983efacL,
-        0x796e552c02ddb913L,0x0eeca3f777b9685cL,0x9b766e89b15f24a3L,
-        0x7c2736d648efc979L,0x3d619685a8021c6cL,0xfe33e278a0b2f1eaL,
-        0x95c69879b676d6b0L,0xa07473191af4e0beL,0xa2fab5f136c4ee55L,
-        0x6938b8ff59e5f3b9L,0x1e114da439cafe6eL,0xc9595ec36a6ad120L,
-        0x80f79bd057e62aecL } },
-    /* 165 */
-    { { 0x3cef42a760af09b3L,0x3c016ebd933dfe14L,0x720cf1e0ed85eaa8L,
-        0xd4f5e99fceaa3bc9L,0x7216b9d2b7106f97L,0x65f34c36c9668ad2L,
-        0xa8fb82bc5b0c651fL,0x20f42f1cf2fda4deL,0xeb31ab2cd21f659eL,
-        0xb7a776c7a13d1618L,0xec44102238662be5L,0xc825da70cad08e0bL,
-        0x99299079022c0180L,0x7623bda02aef9ffdL,0xde84f4f3f5c58b50L,
-        0x5f5a5da4d824ff19L },
-      { 0x5737257e7e8311dcL,0xdef94f51466cf136L,0xa73e1645b05ca21aL,
-        0x38ea9b3c02e4ab37L,0x7760eac98579165bL,0xdffdd047c24b01a4L,
-        0x188d4fd13fb95584L,0xfaac38b825548bdaL,0x1a79a6f059e9dcacL,
-        0x983f720f09a2700fL,0x8cbba554fb8a7e48L,0x38a1996847a1fad5L,
-        0x118565475abd6b5eL,0x75113d31f3716ec2L,0x1391e7814212907bL,
-        0x5319c8010dc15889L } },
-    /* 166 */
-    { { 0x2320136e6b61c3afL,0x1d40f2de07b4bb68L,0x651dee7f380c97f0L,
-        0xa978ba706a8c313aL,0x22c587d62011ca10L,0x48bba218ab1f445bL,
-        0x8c5eaf07e50444e6L,0x5549f02a442fccf9L,0x2564746f3d80493dL,
-        0x42d24f6179c04591L,0x1600fa18abdc8887L,0x5cb8600aded38f8fL,
-        0xa4bf9b90923aeb46L,0xd63fee351e1c578aL,0xf3c9c5acebb9ea14L,
-        0x3d13314df11a4ff0L },
-      { 0xe5cc662db4513d1eL,0xde78a8c5d55952bdL,0xe8a37a3fe7f86d0aL,
-        0xca2d12a47a04f0c5L,0x4c6696e42e25d06cL,0x52614698b2136071L,
-        0xf4d2701b89f6e1cbL,0xaafd617780efd95eL,0xe6d73ac4c5bb6907L,
-        0x49e874ac420db35aL,0x11631de4f2751fa0L,0xb29f7336a1fa2eddL,
-        0x4c406864b7fd794dL,0x73cb21d3e22f92a6L,0xeae904e62043cc76L,
-        0x67f28a9fb322c6adL } },
-    /* 167 */
-    { { 0x7c17b258ca148ab5L,0xb9a1976fb3c60051L,0xea260698c8f28df9L,
-        0x87b2cc74e8d45017L,0x372573290578a422L,0x81d5ee2517bec732L,
-        0xd7411fcf1d48bbc4L,0x46217e6b487f5cfeL,0xcb007ac541eb8e1bL,
-        0xc41c57a6e05a00c8L,0x1f954d2bd2f9fa99L,0x370bd5db40941cadL,
-        0xe487879c3829509dL,0x4c1375525ceca5eeL,0xe8ef7fa4fd3efb9eL,
-        0x5ff091741bd1bdb2L },
-      { 0x791912a4579c6632L,0xbb19a44fb8a20815L,0xf4f97b84535639d3L,
-        0xe57e2bcbbc3c9bceL,0x122b3f2bf19e6410L,0x1f0189da1357d9adL,
-        0x675573bb79e5ff66L,0x444e5c98ef2f3c4cL,0xd6f61e2004d10731L,
-        0x0dfa366fac75d635L,0x9fc47c862c854f23L,0xc04ae43e0ad0850bL,
-        0x5ce94f642f720c32L,0x67efae65a753bc9dL,0xc27d30d3b0373a63L,
-        0x6681013a29721646L } },
-    /* 168 */
-    { { 0x1385d913e84509dfL,0xe978beddcf339376L,0x2df425d33423a148L,
-        0x43fa0ae3ee8cb579L,0xf015369d31c4553cL,0x05cf08bbdfbf1d48L,
-        0xadff4be69444244aL,0x01635f81a35dda33L,0x085c8949e76fab7cL,
-        0x4bd7fcde16737783L,0xfd8cb52ca254f8d2L,0x62168a66413ec985L,
-        0xf2db97417a9026ccL,0x3962ee5650e1e1b7L,0xbee0a346d3beffdeL,
-        0x3b35b72f0bdfab1fL },
-      { 0xbff8de9f535c3749L,0x23c1f20f8add9c48L,0xa975b37bc8f8f663L,
-        0x2529e475e8f3ae49L,0xc32f10d51d5e2628L,0x5ac0d29767862f1dL,
-        0x13c79338854cbe36L,0x48f004ef4b67e462L,0xfa37a150e5d10ee1L,
-        0x4974778dd28288a0L,0x96830a66cfb73f4dL,0x9f44401307804952L,
-        0x8233c7099760b694L,0x8340cca525b75c99L,0x3f62e40bc771f99cL,
-        0x47d0a1ebcd95c685L } },
-    /* 169 */
-    { { 0x266f4fff652811f1L,0xeaacaa9362ef3002L,0x6c387a5550cba0caL,
-        0xa350142a007f5467L,0xc7fd102a202f2673L,0x5daee57033dc6e65L,
-        0x60682ec3064a63d9L,0x46cf0bb0462b251eL,0x0e030ca55da936e7L,
-        0xc87a60f2434265b5L,0x9637b2bb69b4e8f5L,0x601fb58c7ad7770aL,
-        0x1f2147f6ed3a15a6L,0x05b47d5e2995e961L,0xcb0ca9b383213a16L,
-        0x8f4b614a4995a85cL },
-      { 0x5aa8ec194b4eb3c1L,0x8c549ac420323a70L,0x00d493224f6cc6aaL,
-        0x0e53b9bb45f9a5a3L,0xe46ef1100897abbbL,0xfe873e57d7acd7d0L,
-        0x7cfccfe50f7cb588L,0x0ea53d65c85557d1L,0xfdd9eb447288f2e2L,
-        0xab2dedfac0eb68a8L,0x5822147008603a0cL,0x6946468900feb06cL,
-        0x804cf5bf25e5caacL,0xd85598589fc91ae9L,0xed9378b173c45eaeL,
-        0x8f942d02524c9801L } },
-    /* 170 */
-    { { 0x1f1ec3028e845808L,0xc302bffab77abfc5L,0x26afd4b9f8d97dc7L,
-        0x3d3a83c43aac594bL,0xe3b74bd1674d94dcL,0x4464b737caa5911cL,
-        0x62925773871c2cd2L,0x419f24853b4440feL,0xdda6a0f3e052ad7dL,
-        0x645280d6846c86c0L,0xa25689faf8324f42L,0xc74ad1e807cf117aL,
-        0x5626dea08ddc9db7L,0x52620373966fc85dL,0xe0ad57c3f3b1eb53L,
-        0x38300252949c1acbL },
-      { 0xa0ef5a405e744723L,0xdb5bcf751ae08481L,0xabfad8ccfec1f76fL,
-        0xfba5d831fab37fc6L,0xbe39e248c8fedb78L,0xa5cfad5fad93f310L,
-        0x747fdb1e913d5c24L,0x052a47c94518b7f5L,0x9e208d6c7cfb4327L,
-        0xb135cb9c70e538beL,0x363527595bb17916L,0xa2c078805b3106c7L,
-        0xd2d42a06c209bb06L,0xb525b471d3c504adL,0xc9f4b368822ce034L,
-        0x15f18796eb4185a5L } },
-    /* 171 */
-    { { 0x094dea060aee4684L,0x42b21f067cdbdbc8L,0xa439e149b1931319L,
-        0xea4bdd4181a7dba6L,0xc62137063c2ae80fL,0xb58b096712823dc2L,
-        0x7443d515832611b1L,0x2e16f83113c20384L,0x0ce204d62bd992d2L,
-        0x499dbcd6f419388bL,0x492ded1d1d3778c7L,0x9d5bd74fc5ddae73L,
-        0xd4813d52994b6259L,0x191d9cf60e86ca68L,0x562179eaf3e9c2acL,
-        0x6146f1f39fee1238L },
-      { 0xbd06d33e078e2aa6L,0x693af7f79dee9265L,0xd56e0f81daa40e84L,
-        0x05fbbb889b9a407eL,0xdcf44adcede99519L,0x7f71f8d3092dba39L,
-        0x675b5da54231774bL,0x7456a251a5f605ebL,0x9031d4af87a39a9eL,
-        0xdb43000605b474bdL,0xbda5dbf2b665aa91L,0x5d1a3df56631eeb4L,
-        0x028149ef62377c58L,0x2e1af4e9685d0bffL,0xe0ea087582a465deL,
-        0x95543f9e06bd0050L } },
-    /* 172 */
-    { { 0xf7cbc6f485d7c6efL,0xcad8084d63b1bc24L,0xdf90ce88bf8cba62L,
-        0x98e4b686b455c192L,0x6146b8d5774fc6edL,0x70e2389e7ae20077L,
-        0x5241c47961c22529L,0x7d2215103884e5f5L,0xd6d20ce217e28273L,
-        0xe3119f514f2674f8L,0x8545905570c011dbL,0xdfab75d9fcfb760eL,
-        0x9546362a9e8c2a19L,0x4b6d3f8a4a7d4b27L,0xa5c87104ee5d698cL,
-        0x6db434782ba296ffL },
-      { 0x064864935c3f0d95L,0x8917db824e748895L,0xf73fdf626b2f3e44L,
-        0xc60edc542b7f574bL,0xbe1c09a2af732723L,0x7d34669d7cad114cL,
-        0x9646600a321aaff9L,0xb94e2bbaed0cd61cL,0x866e1a41dec4750eL,
-        0xa1be990db1a89f58L,0xc39e4d6cf2759693L,0x11cfb780c0e0dddfL,
-        0xf0afcd7fd99c8a41L,0xcebffadb6e1c3050L,0x4f3981b096d2c6e4L,
-        0x07a791e72ae27a94L } },
-    /* 173 */
-    { { 0xe70e90471e9f0300L,0xe0253ad9bccdf904L,0x51c0289dff053078L,
-        0xf1ef092eae893462L,0x2c90a91aa4846845L,0x1946eda0f1dad4b4L,
-        0xf07650f333df67b2L,0xc6e988db0b15a014L,0x72e0c66eb542f0f9L,
-        0x5d4b6311e0c0378fL,0x548badaaae86950dL,0x6801638db35f1c8fL,
-        0x129e3216944d1ad4L,0x9951bac840471d32L,0x03cc29f385e94ddeL,
-        0x6d6acc2e4543ecacL },
-      { 0xeb999e9557b2d299L,0x3a2bcd9be3d721cdL,0x2e60384fbb4cb444L,
-        0xae177709dc060faaL,0x74f0e6d38c987cdeL,0x9a237cf81076fbedL,
-        0x69af15137983fbffL,0x6c3f7a1d323f9584L,0x3e21cacf6db64398L,
-        0x7cd8134f96703d92L,0x0755898fb8393f76L,0x1b5b28bc2e825222L,
-        0xb78799c17924aa7cL,0x1db378f281427a8aL,0xd5a451b1ff289492L,
-        0x79d182123d3c46eeL } },
-    /* 174 */
-    { { 0x1a3edff9109d5589L,0xded52eb4029b4499L,0x13eb9d30b4b54adfL,
-        0x4f9214c1a27bff67L,0x4c817ee767f0f460L,0xbadf8d83c3a50e28L,
-        0xc5dc03c994026237L,0x5f29581b966647c1L,0x10b6a0898a0687f3L,
-        0xae787cec31634517L,0x2001dba562e75188L,0x55d4e1a745e2c3fbL,
-        0xbfcacdebb67d3395L,0xa1a0af9cbc6842eeL,0x50590a2b3e88580bL,
-        0x73104491a784cdc8L },
-      { 0x44ca2cdf2648d676L,0x9a85eca54f1b12b1L,0x1b9dac942980e1ebL,
-        0xf30d37091ac8aa89L,0x73072ab7c719e195L,0xba518c822f703797L,
-        0xac090e14ac0067f6L,0x0e6cfc708dcd2927L,0x4f5889e221e7da63L,
-        0xb4aaa40b8371c7c6L,0x1f9dabe28f7878c9L,0xf78aed6bd84caf3fL,
-        0x3c39dd079e0e1d92L,0x680be5fb122424dcL,0xf41b214d0bdc0099L,
-        0x6a8f8fc95180c54fL } },
-    /* 175 */
-    { { 0x62a1ed6353235132L,0x1db233f159dba88bL,0x85625452291efdd8L,
-        0xc7505297b25111aeL,0xb5921af91d701bd8L,0xb4d05d729774f45dL,
-        0x6e3d4c5ef18e73ffL,0x897d985f899b3038L,0x8a9c30fbc89b1558L,
-        0x3c92d1a34d13181cL,0x292e86ba2223320eL,0xcf2454c201ceed02L,
-        0x27a45f74583f309fL,0x75a6102cad0fd1a3L,0xdb4f45d2cb9c7538L,
-        0x4752d8c1db283fd7L },
-      { 0x514d6cead5dff4d5L,0x74cd5fdb45a827f4L,0x1070a60c4fc7135eL,
-        0xdec0bb781be5778eL,0x271e12cd58dc6b08L,0xb765089b54bc2496L,
-        0x6ddf2c63619098acL,0xfd6ebac667528832L,0xeaa2d025c2508af1L,
-        0x13c2cda84dcfc1f0L,0x1c7836a845510be0L,0x3904688d1a886801L,
-        0x643132aaafaf2545L,0x496855772830a88dL,0x569491ca8744b470L,
-        0x3a6518f375fb8552L } },
-    /* 176 */
-    { { 0xaaa8ed50224042a0L,0x6cb4e3b02452f1e6L,0xedca5f4c768211d8L,
-        0x4e0fe3f9ef4d5d3fL,0x33a8e2a4522d46e5L,0x5998e21ff1446775L,
-        0x1496c50ef592d01bL,0x69104c2f83a67739L,0x28670bcb472bbf00L,
-        0x8ea883b2503177bdL,0xc5d8bc057d2712a2L,0x41ef9317b439c994L,
-        0x9801d3a8dcda1affL,0xd686eeb57038f6fbL,0xe80c5cd0fbfbf820L,
-        0x540ac363edc25817L },
-      { 0xa71969a9fe7f43dfL,0xe66538082c1b9e4cL,0xad9677d8859c2917L,
-        0xbaca954596aa4404L,0x0e9d855fff1297daL,0x1f61897b22aea7deL,
-        0x96edccfd36f13f8eL,0x627d307016e200dfL,0x729f0736c98988a4L,
-        0x95e25e6097f231d2L,0xaf7f221bf6048752L,0xd66826094019b299L,
-        0x1d99de0926b4b1d9L,0xec47cf661acdd7a3L,0x4de9f2b36ebe15e9L,
-        0x17db32ecfa16974fL } },
-    /* 177 */
-    { { 0x75ef69196cf40599L,0x7ea10dfb00c020eaL,0x3da5ae7bfcaaf679L,
-        0x0d663ca388ddd678L,0x5a21f8fe255bcfcdL,0xe9c3f538e344bc7eL,
-        0x35f62b1d548e0632L,0x654f242543c6e64dL,0xc755a7a626993627L,
-        0xa3b7c5f7b0f41324L,0x05697f793a2180f3L,0x6cf85fb11e81675bL,
-        0x6d3cdb35e53428f5L,0xe3aa159152d28b02L,0xa8470255f7a3fb78L,
-        0x460bd01ba194445dL },
-      { 0xbc34dc23c24d8077L,0x82f4b5804c720d2cL,0xa29da9116f5d1ffeL,
-        0x578af52092783ce2L,0xe29f51abb5904af3L,0x46c570d7f7aa1190L,
-        0x4a522fba571bddf0L,0xbf4e2a06ae89bb51L,0x799b35cc59f3444dL,
-        0xc302836726cc2557L,0x94a4e985afcec177L,0xadaf7dcb7c36cbd0L,
-        0xed31b78775d39077L,0x52d6904f2d3e24bcL,0xc5ca26691f95421bL,
-        0x7d342c3c1734878dL } },
-    /* 178 */
-    { { 0xe5cf2c0a11fd127fL,0x66d36bb8119e4c5eL,0x621ab2526ef56ac3L,
-        0x30cfeaeee5430675L,0x2ede27d2ac3e9619L,0x6413513af8fce671L,
-        0x6159c61b075f4c3dL,0xd447efe959069d98L,0xaf8d6f68ea76aea9L,
-        0xac5dc61b0f5bd164L,0xdbab446e1e88bb98L,0x618b8b161ba92320L,
-        0xa0eafb3c78989865L,0x0c7abcc2c08b7e82L,0x10f09b6e20d160bbL,
-        0x5be0afa68e4c63a7L },
-      { 0x82ab6d381bbbf49cL,0x3e09ce498c0703feL,0xeca58b5de10f4263L,
-        0xd9cc6581da5a4532L,0x07e18876f618f7b7L,0x0419a5e3250f7fe7L,
-        0xbb1a9e90de6b86beL,0x584a7deb37359169L,0x38eb34895149db2cL,
-        0x14546a33b0ebabb8L,0x0067f0b0c2f88a92L,0xbde0dfe70a2db019L,
-        0xba51b06cc63e6f3eL,0xa19127b9e9206fadL,0xe4eb5e87fe80dc0aL,
-        0x1e6fccf5d4de30aeL } },
-    /* 179 */
-    { { 0xb57dff66aa8ac924L,0x06e9ad31c298b3e8L,0xd140e32965fb080cL,
-        0x7dab211d1d95c93fL,0x6d68d8428a180caaL,0x1a929408a20ded69L,
-        0xa815175338df461fL,0xff5604ae60eae932L,0x901b9e497dae4c0bL,
-        0x4573a97fde262e89L,0xed69d9a4f1084983L,0x8ffa022f64724f1dL,
-        0xd5f1c2e4ea85a15fL,0x4c626ce901453794L,0x80440cd6bf0907ddL,
-        0x4522d4615ddaa837L },
-      { 0x8895f079ebfbe7c5L,0x30ea1ded84ef3446L,0x716a9eb6d4a1ab96L,
-        0x1a4a5d2250a30c68L,0x5a16631c0043bbaaL,0xbd1075025010e5f5L,
-        0xbffe3e9d3d8c0556L,0x31b30b1807772419L,0x90ff7ef084b82297L,
-        0x00c37d75f21a18c3L,0x18d0a635565bb8f8L,0xbac1da2a45e3bcebL,
-        0x1c38e90c23f0b08dL,0xf1ba1aa25fbc5ac5L,0x09d5256bdda71fc6L,
-        0x346501a96d7e40baL } },
-    /* 180 */
-    { { 0x86be448ccc2b0f1dL,0xe3eb45c9ac4c3703L,0x5387f65d9fc96bbfL,
-        0xcef3c4e95ae27fdaL,0xa008f7761bc18089L,0xf374a08422ca18a1L,
-        0xee88284253b73371L,0xcb6fc6d87cc09354L,0x8489ec1b61496d6bL,
-        0xa92c29b949e325c4L,0x15c6ca527bdec166L,0x95444eeedcea2813L,
-        0x34683eb33a21154fL,0x8fb26f98d39061cfL,0xc3b08aa806c940bbL,
-        0x7c1d42cfe554c96dL },
-      { 0x766e703fdc110aa7L,0xab7b79d7f362e378L,0xd259c75d5aadca3cL,
-        0x2a6eca7960be3373L,0xf4744a4b06c4e8ffL,0xb2842ccef3b705bfL,
-        0x1a3af5aaae304b53L,0x7bbfa2011b2d31b8L,0xc4ba6eba4bee88d9L,
-        0x2d3565ce565cb839L,0x24808696daf7ece8L,0x2c7ccce7e6959745L,
-        0xefd6eb3ce94f9837L,0x0a33b4cf3811a326L,0x14203f43fffa93a6L,
-        0x031e982873c31d90L } },
-    /* 181 */
-    { { 0x4fefecfc765a17ffL,0xa09f3888d1290a65L,0xbf265c46938da038L,
-        0x4bb6145da169ad46L,0x33cf821423a62fe8L,0x562df571abc860a5L,
-        0xbf2a90fa815c38c4L,0x45ba1d6e17eda875L,0x799d881a946fa5e1L,
-        0x6c1be784b90f5a3bL,0x0910a37cb10ff52aL,0xc38c1fe4a4f4fd36L,
-        0xc3180fc58e2d3ba0L,0x3e2ff050b17a6187L,0x3a00059b943a35c2L,
-        0x494d3645a28cc51cL },
-      { 0x398426b64ba021f8L,0xd14c9083796deb6cL,0x6d2e53957e36c762L,
-        0x8f556eca751cf216L,0xdaca1e0019b24a19L,0x47887da44b20c2aeL,
-        0x93ed4ccdff41a733L,0x8d717c445c7c0cd7L,0xcc48634a91bf7009L,
-        0xa1f146f93b59bbafL,0xdd38bb39e5624f15L,0x96d41aad303f8443L,
-        0x6b670f034bf104fcL,0x0503f9ed29706582L,0x768e1f47b34200f5L,
-        0x3cfdcc5ebbd4c6f3L } },
-    /* 182 */
-    { { 0x536c2a86b523e13dL,0x1014a4582920d0a0L,0x3d52b478e7571296L,
-        0x057460667eb51beaL,0x709f786187b0e919L,0x028aed88686888e8L,
-        0x79a809d7d94afcd4L,0x50c6032fe2129af3L,0x75e4be72983c4082L,
-        0x98331bbb7ab3be8eL,0xd31a032cb618c728L,0x36dd85a13f59c4a4L,
-        0xdbece345ed4f61e2L,0xba7aaccd1e571715L,0x138c58da64a1ebd7L,
-        0x89296d0f3d1aeea1L },
-      { 0xb165288fcca82c97L,0x26c6c12d1427e8dcL,0x66a94f074c3edda9L,
-        0x94600e1eeaa01ebeL,0x14abce7c30f5e86dL,0x741d7020cb456a31L,
-        0xab05aa13279f42c2L,0x70b60fafd4238468L,0xa18efec1318d39e6L,
-        0xeb07f1ac8920b318L,0x01e3cba8d8399e03L,0x65f8932e3c81a301L,
-        0xae8bca7dccc667d8L,0xcee1ae79a268607cL,0x3182e64ccac0a12cL,
-        0x9233a2f72b1a4c54L } },
-    /* 183 */
-    { { 0x717e8df60acbee17L,0x0f0959c25c24fcdcL,0x46f09887e54ffcb0L,
-        0xb993decad285116bL,0x0bfaa4f8bba1fa51L,0x9c9249efd0f2183eL,
-        0xf93cb35896847779L,0x284bfb7f2322d421L,0x40cc709ad42af009L,
-        0xc69f22749bb1d615L,0x76f50b3a717c3c6aL,0x8b21e985bb9c5eebL,
-        0x58fb19aea4783b5fL,0x04c86b9b52e1c3e7L,0xaca59092f2971ac8L,
-        0x2bb26a6921ed8291L },
-      { 0x98a3443515f81416L,0x086e72e7aaff5bb4L,0x3d1f64de0317261cL,
-        0x31c0786c5c0a1cfeL,0x542ea4d8b3683401L,0x2f77273a1a39b4cdL,
-        0x14fe7ee1cbef27f1L,0xee7fc09e16bb27dcL,0xc0dccc17410e5dc7L,
-        0xa34667421943b3ddL,0x92934b603f31c1b7L,0x0186ded9c22c1070L,
-        0xa37ee8ba799f966bL,0x0f3bfcb4249b0893L,0xbae614472e92d4deL,
-        0x937cb3f8e196eb08L } },
-    /* 184 */
-    { { 0x57c0e77c16fbfdceL,0xea034cc9c98d4cc0L,0xe7606d7242572d20L,
-        0x9861b55c0019a83cL,0x80ba2803f1597162L,0x0f4141dd05a0fd7bL,
-        0x8865913b4b0daaa2L,0xe6685746aa3848ecL,0x16d15a5a3e0485d2L,
-        0x81c0c7743b6905ddL,0xcec31b7d818af2baL,0x80d8f194d2b74b78L,
-        0xca659db2543e2f28L,0x31b83a7d9fb07c1cL,0x86537fdc1f1048c0L,
-        0x4d57bb0778586a11L },
-      { 0xbc4b768a53b396b6L,0xbc8b24c493b51dacL,0x33e511eba30ae1b3L,
-        0x893bbd95945147c5L,0x6cc86031179fe3ceL,0x34b0a1673f920bd4L,
-        0xb32912eb6b256160L,0xbc69a2a49d168d83L,0xb4949e7aef0dd128L,
-        0x2613419a872699e1L,0x06c58477bf21376bL,0xe55b1909a4f97147L,
-        0x63d6eb757b9b745fL,0xb5365b2908df3c85L,0x0e257e4355fcfae3L,
-        0x1067c118979f2aa8L } },
-    /* 185 */
-    { { 0xc845508432bf8883L,0x4755286a6fd06667L,0xd70b0f8f77c2335dL,
-        0x678e60da2f4a2c94L,0xa468d8acd118acf5L,0xce93830bbf5b90d9L,
-        0xea4b1c74ed4e9104L,0xac67316d27776ea4L,0xb98ad75c361bab12L,
-        0xc323d48299122451L,0x26440220530a43aeL,0x3a44532e3292d5a5L,
-        0xdb48694b5fecf1bcL,0xe4e0516ec667b8b8L,0xb3aa595fa4306adeL,
-        0x7e4f7091f34e9725L },
-      { 0x3f3816e9b7f70919L,0x765216ed16b003f5L,0x46c6cff4778c99e5L,
-        0xe6a5abe830a51810L,0xef6f49e645e728dbL,0x6fdd73eacaccefd6L,
-        0xec394e6f8c37f3f7L,0x73320802b6407fc3L,0x988e8f7a96625cbdL,
-        0x832923637cabfb00L,0x258ba9df407f359aL,0xff01aee5ccbfae50L,
-        0xfbeaeacefe251813L,0x9c69f16183f1cba1L,0x512c58ad9eadcdb5L,
-        0x2ae49cd46ccce8bdL } },
-    /* 186 */
-    { { 0x1239b0e3c40849f2L,0x5136a4cda441098cL,0x61535a99e547f649L,
-        0x92e4bdc47a9bbac6L,0x195a164653547af6L,0x85ecb3198b47a74aL,
-        0x278553fc9de6a2b2L,0x471c038a0e2ba52dL,0x12ba1b8835bcba93L,
-        0xd4bf50da6f31eca2L,0xd146e3f6802b32c6L,0x0c9c01313c64c8c4L,
-        0xad30f12deed21297L,0x9b75bffb9c68530fL,0x23c0ad3e8918de51L,
-        0x180e9d52a73771b7L },
-      { 0xc316542f29ab77b0L,0xdd411d9cf7aee628L,0x044c0685353c2f40L,
-        0x638dc7e44b0ae4cfL,0xa092418595fc266fL,0x639da671fd2feb7dL,
-        0x56858ed55ea39798L,0x7a694f3158f3832aL,0xa94233c6d316d831L,
-        0x2fcacb2630a35a7bL,0xfef8f7ddf1ff713bL,0x8b9b452559eee2f3L,
-        0xd1b4f91b156d064aL,0x177866c22f5cfcfcL,0x12bc25663777eb41L,
-        0x21ca6f3cd8ab85b4L } },
-    /* 187 */
-    { { 0x0e162b13a3e66635L,0x1ef20a2b2a9f76afL,0xab473a3046db3356L,
-        0x0840bd777802bb8dL,0x5b6baf5ea699b44cL,0xc6e119001b2207f1L,
-        0xe5de16a9790b0105L,0x22b12f15db67f004L,0x185fad458a025d25L,
-        0xbccf6953df0a1142L,0x4c42129bf45034c0L,0x0f7404001c277bffL,
-        0x6e440b4c280a9e18L,0x767de8f5842aa2b4L,0x3de20ab805e8d94fL,
-        0x5aff585920227635L },
-      { 0x805acd20a8458e40L,0x5a5557d8149732bdL,0xc70741315f1ca72dL,
-        0x7f2e269c952b5323L,0x5c5925566494fadfL,0x153b7acd1a7d2666L,
-        0xa6df063d86fe2865L,0x1e91db1357d53b6bL,0x9195bb89e93ead01L,
-        0x3d71e1af2963bfe6L,0xfab2b9c288278886L,0x778366923b859b6fL,
-        0x6e695174f7029dd1L,0xc79878767b984561L,0x64fb4f1d5907d849L,
-        0x3eab7e1c88d8a977L } },
-    /* 188 */
-    { { 0xc73a94b652e5718bL,0xe3aefa54f4cee1e9L,0x654e9e63553eedeaL,
-        0xf2541e1b5f3aca1aL,0xd71294890d083316L,0x7965af63fb7f950eL,
-        0xd8fc9e0dc74e3e4aL,0xb4ee48d2eaf79ebcL,0xa458a86a8b7787e6L,
-        0xd8c7621ff7cceaf0L,0x8228eeffdf67980dL,0x210d4742f9106727L,
-        0x91f63501b07e3629L,0x441761c67971e29dL,0xc0ccc65f03a3b8a5L,
-        0x3491da4f38e09544L },
-      { 0x6706d046cb062eaeL,0xee7db7355d08776dL,0x80de8052292315d2L,
-        0x40785662c402bbdbL,0x5f93525c26ed3337L,0x6cea14d67d568ed3L,
-        0x916a118966888b1eL,0x0fbd52055dc71675L,0x833d1077e4575df2L,
-        0x4e93100aec092335L,0x2f9e1d016cd85389L,0xeebd372543226368L,
-        0x401d172b1ba4cfd7L,0x377dab9d574c5838L,0xaeaa695880d517deL,
-        0x0c843dfd6ad15a18L } },
-    /* 189 */
-    { { 0x455811ffc9373300L,0x1c39332a99fdc300L,0xe19bb81c353cb655L,
-        0x774b924a96a83d27L,0xcbfc8fcbb2ee3f1aL,0xaf278ec4010d56c7L,
-        0x6fde682fe0abaf79L,0x7566d0727339aebfL,0xbd35ad5d71205db6L,
-        0xb5bbe6947051c9d0L,0x577db480d3a3067cL,0x2c70ff54572d7530L,
-        0xe8615aece06d853dL,0x71999ccb05abfb5dL,0xeeefc96bea0a8ed7L,
-        0x2dcc469d35f6df69L },
-      { 0xcca6cd06c65f0e77L,0xddcc7980bd71b14aL,0xb6221f8b3c93cc00L,
-        0xddfcd5b3ae8cbf57L,0xbc92973f76f8e63fL,0xe9848a3406e132b7L,
-        0x4cc59a03d51ec9e2L,0x9c9d32bb3a33081aL,0x0012105280e8466bL,
-        0xc2b0032a1bbe7295L,0xdbfc657224938448L,0xe972a0ceb6bba0ffL,
-        0xf60c0a4fc0a94802L,0xf62c41cc599d8bc7L,0x820c96ee312da0b8L,
-        0x5a1a65dbcdbdf9fcL } },
-    /* 190 */
-    { { 0xbfba691a42485684L,0x613116b929c470c9L,0xb4b01971e62a0519L,
-        0xf3245aa65ff499daL,0xc2ef87f4a5238effL,0xc16dc6bacc9d5515L,
-        0x5a7f227e2dbdacacL,0x8dedaac4a9bbaecbL,0xff308a6d2e7c9885L,
-        0x4c6f2fc2e6895593L,0x3655f285177e0611L,0xa63e8d06300b1beeL,
-        0xbed0ce7913c17b54L,0xca4abe35c4974262L,0xf4b44a17bc4e4037L,
-        0x5ae95099efe5fbd9L },
-      { 0x122e5ee7804f7455L,0x341a499722066682L,0x97d24c317795e333L,
-        0x12f4123ce48efcedL,0xe8738d9219fbc21cL,0xbb3bdc610663a3aeL,
-        0x3603d8c28593a6dbL,0x926227f2e3c1ac75L,0xfea92ac05eaae519L,
-        0x5b596f0bfd6812acL,0x3ce7e844fc2a82dcL,0x3840481a63522b27L,
-        0x836088b152867895L,0x21ffb7cc26588688L,0x0ca331612f4a7cacL,
-        0x4110667ea3edd298L } },
-    /* 191 */
-    { { 0x81830357c2d04b63L,0x3fc5a34df4929a18L,0xc73bf6da22d195dfL,
-        0x14df2f89cb432473L,0x345afe5ce997f138L,0xd8e3f5f98b9604f4L,
-        0xad7942e950c10ae5L,0xcefd5447eed25ff3L,0xbf68e51e0e73c0ccL,
-        0x5b1ad591ab54fa4cL,0x8bbc110512b61c8cL,0xbb932913b5abf760L,
-        0xdb1231be01e79649L,0xd0a83e91040ccbe7L,0x3dde426f90a96db9L,
-        0x1cceb64534df11eaL },
-      { 0x2d210c4f0c6d0f55L,0x6cadf61b9c673c9dL,0xdd7f9919a9ce3fbbL,
-        0x135f494c93b063e4L,0x580bdb3c145a93beL,0x4d8723320f52ef7cL,
-        0x74d876e88814bb6aL,0x4f6f723ac7a97deeL,0x7de2b8f03e3cd833L,
-        0x6162f082ae720270L,0xe88ec2d4ddfa486eL,0xd965c8598d3a17c6L,
-        0x62e59e543980171aL,0x0ab6285dbbef6b22L,0x3cf451954d48b203L,
-        0x1f1752334ea25ea3L } },
-    /* 192 */
-    { { 0x808a765b3467ea91L,0x3f4632eefd2d9c45L,0x7b75dc6d9cf2bc6fL,
-        0xefc8d240359813aeL,0x23ecb209e44cbd8dL,0x59ba10e321525622L,
-        0xfa14d9343f1ee19aL,0xdf97c21bfb0c48f7L,0xc4e62890ea30d437L,
-        0xb286e2a4651475c2L,0x291f01e4126672a5L,0x9c6fda5c31aab3b8L,
-        0xb7277a5ae17d22ecL,0xbd88ed83914f0badL,0xd0b05d1b6a2392e1L,
-        0x4cb8af9065893c2bL },
-      { 0xa2b02057bb4b1953L,0x4ce08b44f597f6eeL,0x854f5d9b5e6412c8L,
-        0x1913262db3cd4919L,0x902762e46e42bb5dL,0x8355c8e6d78e7f60L,
-        0x8efaa82438b6c16cL,0xd0173790e550f618L,0x118af462e57d778eL,
-        0xa16ad5e8715b4714L,0x900596c341dea4f9L,0x2a957c32280ca610L,
-        0x2faee800374c65a1L,0xdb10512750080414L,0x8c1db931ff080fa1L,
-        0x486a5c25d79878fcL } },
-    /* 193 */
-    { { 0x0521e213941b4f36L,0xbaacfb14f803b4f9L,0xfdf1e22e52a54ba8L,
-        0xacfabbba8fe4796cL,0xae0788db58dbacb6L,0xdf98d736c19dfa51L,
-        0x155c286a35a716eeL,0xbe7d46769c86461bL,0x50b6380f63a64a5eL,
-        0x14b419149f609262L,0x0919a7d0a2dfc5b3L,0xc454da55cef466acL,
-        0x93fa4a246986aaecL,0x5090b17171a49cedL,0x602f1d6cc1fa75adL,
-        0x5d269f8978e4c054L },
-      { 0x3a74030c14920419L,0x0845d86890968739L,0x81b994c4eeb70fa6L,
-        0xabcaa06dd9fc5bcbL,0x06539427f58f8f2dL,0x35c85f67b1dc52aaL,
-        0x5a7d8d722c911baaL,0x4041005caec2d834L,0xb5868a447a8e5347L,
-        0x04ee180b8de512c3L,0x4daa66e5211168ebL,0xc0bd5dab2317cd8aL,
-        0xa1d4185d61164df6L,0xacedca261dbad7c9L,0x0fe4b5ac09b02683L,
-        0x8ac9995a26d9550fL } },
-    /* 194 */
-    { { 0xb2c8dc9b2640a39dL,0x21ff0b38ede0c9f9L,0x74f469bda1ecba0aL,
-        0x8a902ccd080d0417L,0xe956fa32f4994604L,0x348f85cf9776ab15L,
-        0xc21fc6ee0066f492L,0x35b1ebfefeeef367L,0x7804581c4613e5edL,
-        0xcbdfe8e6ea6ba071L,0xddfcaa32950d73edL,0xc97479361da48889L,
-        0xce867c8cdbaffbd1L,0xd267431f1cbaeae7L,0x68255045897912c8L,
-        0x0c7c1ddcd7ea1e4dL },
-      { 0x53aa30cc1ce963a7L,0x7352f64cc4c5fadeL,0x2b9aa2f82828afbfL,
-        0x64273c56ca212107L,0xaadd765485a576dcL,0x6196ac3e90b5c77cL,
-        0x20d43e9fd1aaf39bL,0xfc392062cd05cbc4L,0x141638724c0ff2fdL,
-        0xcf32b8d82ae821e6L,0x5f58f9433fa7a3f0L,0xaebf1d2df644ca92L,
-        0x0c0615631918a75fL,0x7989b5ed6b876118L,0xbf342445ad412441L,
-        0x24ffc9ae1df633abL } },
-    /* 195 */
-    { { 0x89fcdc0593c7cb2bL,0xc1243b95590053fbL,0x601debcf6182343cL,
-        0x364546ef66c18a63L,0xa5290701ec913287L,0xc35b8026f9788c31L,
-        0x852b862a92d1f7d7L,0x1809cb050aa79728L,0x897d467ca3cb2005L,
-        0xf20c77c09ef5b946L,0xc3372c42f2241984L,0xda053e0df35bb206L,
-        0xbc26c6d0a9c140b5L,0x61cfcc0ccb56fb33L,0x1c3cf9ef299b3968L,
-        0x89e4d3d140621ba4L },
-      { 0xd35e80e7a45a9be3L,0xc4daa57807356fbdL,0x0186d62eb967bc2fL,
-        0xa702679e47cd16e3L,0xca2f1c025f30ce9bL,0xf1205b461f864f50L,
-        0x7fd6d79785061d66L,0x47edc4f68a08809eL,0x5dac04499a4d3ae2L,
-        0xf844664a6d1f9da8L,0x9f30ce84d7a83a71L,0xe9382baceaac33f1L,
-        0x1f033831948622abL,0xb037a4baf7681eb2L,0xd156a90899a1b5c7L,
-        0x675d3e6fe6f1d0fbL } },
-    /* 196 */
-    { { 0xd9767ffd707193e5L,0xe478aa91810358e5L,0x5634f9ff328d8ef7L,
-        0x913a0ee86dbbd9a7L,0x379b29687e215686L,0x903f410a89d9da38L,
-        0xd9f8d7b91b1334d2L,0x9fe74229bd82efb5L,0xdb568b623803c778L,
-        0x93e9a350d3d25344L,0x559c35b0724497e8L,0xc472d436a169e23bL,
-        0x09864632cc5b4c69L,0x9f6d759d83c7f531L,0xa91cf1db1e497888L,
-        0x5f7f92fe60af1a4bL },
-      { 0xf18a1cc60545167eL,0x55ee2e02affa88e0L,0x24cdff51432a7bcfL,
-        0x7382da42a7510866L,0xe894c11f40511af7L,0xaa4e4e312aaf1423L,
-        0x8c3d36f0f63dd2aeL,0xfc5c9550d7660635L,0x0125373137ea7eabL,
-        0x2a5cd59839b950f6L,0x95a0f60140e63442L,0x905e238ef2ac7045L,
-        0x44bacc0e446b0f73L,0x4cd4206ec448578aL,0x367b1aaaa5bd7803L,
-        0x25beced90a2b458dL } },
-    /* 197 */
-    { { 0x079a73820c33a8fbL,0xcfbf6cd10f25dc1dL,0x4ffc73f8c6d482b6L,
-        0x3e51f18c07bf844aL,0xa7651236599162f0L,0xac59a74e14013811L,
-        0x957a6865e55018a0L,0xe1ec51bde3ca09b1L,0xbc0c7eb3a960253fL,
-        0xe83bfd147de03f84L,0xc0540ed152fbdb09L,0x6ba52eddcea15ec1L,
-        0xf3d30ed54b261307L,0x9bd7bae8e8397206L,0xf20d8692096373aaL,
-        0x0a616a4bc3b0bf63L },
-      { 0x2075f3ed6e1339c9L,0x7afaa072bf8b00a6L,0xdfafec82bccd9b47L,
-        0x4713158f00ca54c7L,0x449102f138bc31aeL,0xaf98f158310dfc8aL,
-        0xc9ef207559e954d4L,0xe8021af9c527a0c4L,0x6e8012777a192023L,
-        0x635f538c7fb02377L,0x5df1974fe8c9e951L,0x0287faed15cc9097L,
-        0xfa0728f0f7a5115cL,0x90dbfbe60fac623dL,0xa8d40fd40311ba09L,
-        0x876d154e07c6464cL } },
-    /* 198 */
-    { { 0xd3a4d6d2c2d3ea8aL,0x36be681ba842600eL,0xc53f100de4070672L,
-        0xe3e5b6fe6a7d7a7bL,0x6e6994f95d5e1a83L,0x07cacd2276097c2aL,
-        0x12d98dbaa6791011L,0xddfc4461102e0e24L,0x4815dbc2d493272aL,
-        0x7e38e64ba9436696L,0x4960eb1a32b2bf90L,0xda457525d928e28bL,
-        0x72f75b392a077c9eL,0x27760cbb7fd61d00L,0xaf235d1b0f4b1456L,
-        0x3040c23be76d1700L },
-      { 0xb10dc55b4efa9a70L,0xd4de414f53e86610L,0x3d95c11309f8a27fL,
-        0x505109a506661d3cL,0xcaa2994a60eb513eL,0x3ee415371e7d338bL,
-        0x4fd145fc4651e71fL,0x51bbf838cbc313b4L,0xb039e0781eb92150L,
-        0xe8696b4414bf5ac7L,0x2d6671888be0d48cL,0xbe93b2f5dd8f2b6fL,
-        0xc1dfd1e7eb8a7f8aL,0x862b3dd990f751c5L,0x1eb1ad58a32a74beL,
-        0x5486d79a1ebbc9a2L } },
-    /* 199 */
-    { { 0xcb2e34ffa1359e13L,0x202d8dbf28196051L,0xe95e023d23564b5eL,
-        0xfb1340b642f6ac12L,0x543ba852b653725dL,0x81aedcd68d2466adL,
-        0xbf780224547c728bL,0x559f8a119569fb65L,0x505b7a62dfb22ec9L,
-        0x071075409eed5e52L,0x9c899288299f6f11L,0xa7d692613db6f8c7L,
-        0x30eb7fb3b3ca79a9L,0xcab99bb8fb2160b0L,0xd2012568d28b409aL,
-        0x380f1b0f5ac45f8bL },
-      { 0xc0b99e6be6a0068fL,0x4b67cf2ac8a73753L,0xa6c9a548b2faeb7cL,
-        0x7f417f99340260c3L,0x8ee56855cc0f739eL,0xf08b510f780949daL,
-        0xb1770fc28d5c6effL,0xb4f5abeefd96a7bbL,0xa07b1136f2665a2aL,
-        0x2fb380a4b601dcf9L,0xcc803614162becc6L,0x3498fb96ee6b83b3L,
-        0xea9b0fd6a8c17eebL,0x5834b5baa177efc2L,0x929044f55b110b3eL,
-        0x4abeddedebd7285eL } },
-    /* 200 */
-    { { 0x3355e1b9700ef376L,0xd56e5d9a66cdabffL,0xb3dc257547e87646L,
-        0x28f44b8a00f79369L,0x08c32b1ea0c52e29L,0x5a78de123729b392L,
-        0x4184519ab26d239dL,0x23f6b4b7e0ce4a6bL,0x235f6f8aacb2a9f9L,
-        0xbb8bc454e2064a59L,0x37efd0341bf3062eL,0x6bac683b94dff6f9L,
-        0xc3364b1e8aa7fa06L,0x0616772ace0b3745L,0x46f08d08d1e3fb0fL,
-        0x6a20abb318e132d3L },
-      { 0xea8310166a85cbc7L,0xd0990946934f9aa7L,0xc2211088e778f1b3L,
-        0x7ea4ff8f2247b799L,0xb3171d71454484ceL,0x294039494f98c364L,
-        0x5da911f397df1458L,0xa6b5809309439116L,0x75f9509a174238bcL,
-        0xfeb518218209758dL,0xae0c6021a47925d0L,0x0e946694af8a315eL,
-        0xae7af8a36bad04b7L,0x44c15e7ff072447dL,0x5184668aa5456ffeL,
-        0x45e353a7bf36b977L } },
-    /* 201 */
-    { { 0x7605676493092f71L,0xeb66b6c2f5b92d71L,0x9db3149be2c8b6c5L,
-        0xf62f583a20c0363eL,0x688acd3303cd7097L,0x85d0c0f8ebb916acL,
-        0x1bf7462c84c19b0eL,0xc76ed5f97c4a6ad1L,0xec8b88bad119f369L,
-        0x59b8371bebe50b83L,0x0cc69508866706a6L,0x531c75a3f8373d2cL,
-        0x4e1cd3a32a5a02fbL,0xe8274778da39a1d0L,0xedfc5bbb75da333eL,
-        0x15941f24ca79bd36L },
-      { 0x42e8c0f8a77dd512L,0xa91b59a71dc365f6L,0xe80d14cd08753862L,
-        0x1624230dd272facaL,0xeea3ec164027cb5aL,0xc1700b59c1ef9f03L,
-        0xd411c1270da3148dL,0x801ee448c4181af1L,0xedf285599e3a900bL,
-        0x5d67b0bd0d09affdL,0xd839df968b370024L,0x3b6307e0e6f836b8L,
-        0x5382e588bd3201c9L,0x636d8a6b7a1d02bbL,0x70b7db76968641e9L,
-        0x6d17c34a118fad03L } },
-    /* 202 */
-    { { 0xcf608841c181c99bL,0xb65dc901c87bdcafL,0xb460b4473720dabeL,
-        0x4c79c3965377515bL,0xd447f22e0a96c277L,0x0d9521302ac0f440L,
-        0x8330b26bc90583adL,0xe25e977a928904a0L,0x1deaffd985c50b18L,
-        0xcf4dbcb7a5ad5f6aL,0xcbcd0019c8a37ed5L,0x7846dd901e9850b6L,
-        0x1ac8194ab0b8e605L,0xb972857134132f90L,0x4ce9f149f56ee28bL,
-        0x1ab9b5a43e9e1d4eL },
-      { 0x206dab92314fa7a3L,0xcc4af0f0478ff963L,0x4cce1713904d9fdbL,
-        0xac20a2eb12c045feL,0x44fc5478fd8f6d7dL,0x886e72c5ca7b6ffaL,
-        0x7fa4529b6fd6f758L,0x4df1d1b192a820d5L,0x3d812f9f2789f149L,
-        0x9842f083aabb53d2L,0x2648539b2a03ab32L,0x631ce090b1512502L,
-        0xe1294d15731f6bd5L,0xb229361d9436e634L,0x8c4281c43ca966afL,
-        0x24b34956c21ab3edL } },
-    /* 203 */
-    { { 0x49bdcb86659824e2L,0x6dc4ce484e13e74cL,0xa4c01a266bbe1eeaL,
-        0x47b2b8e71e3ec457L,0x7e8b15e02f5a8e4bL,0xe81eb6e6e333530dL,
-        0xacba369e17a45202L,0x81241431d70e4c9fL,0xc190af4b3e12beb8L,
-        0x5327052311f486fdL,0x9f6c41e129fb2bceL,0xbe6287ebb70f6c08L,
-        0x1479850a3feb4477L,0xfcfdfb119bcf18bbL,0x925c292fda80d040L,
-        0x212d65e57e3c5bf9L },
-      { 0x23adb386ca15cf08L,0x4dfa4ac481e172ebL,0x9d1dbf934d42d0c0L,
-        0xd9cf607374404dc7L,0x60508441e932bfcdL,0x9ae910ca1c682a98L,
-        0x9528fc1841ac1cc0L,0xe6a120aedbbed630L,0x94e0e1ec30ccf250L,
-        0xfe84ba54e58bbf2fL,0xc66d0b4f9faa4415L,0x0c58f1e7ecee7ce5L,
-        0x7a1d43eb6fa6873aL,0x96c6c5a0399f1348L,0xe6ef9aaae6727ab7L,
-        0x66afa5549a5c2447L } },
-    /* 204 */
-    { { 0xda5aaba8c980e91dL,0xa93cf5096ac98efaL,0xb0990e0a8da32662L,
-        0x01d215300081453eL,0x2bb0d33e3d71de84L,0x465f6d803e19a012L,
-        0x5902ff4c78a838e7L,0x74e2afb71931348cL,0xa49327579cfb057bL,
-        0x761ea6423ad03f8fL,0xb7d4c24558ffa40aL,0xb5e9c0d977a87e30L,
-        0xd1c5edbac9c84d26L,0xeca8839a3d1963a0L,0xbc6f2f35ebf6bf0dL,
-        0x01ef06310d58abdfL },
-      { 0x2bf903163ecdcbb0L,0x19e2d72827c1c955L,0x9e5270309575c930L,
-        0x0dc1c5a996983930L,0xef9f80ff7cd082dfL,0xcd915075df97e051L,
-        0xf286fffe9cc61b55L,0x352db38f80f24cc4L,0xed9b99ec36523ae3L,
-        0x109a8ca810b104a9L,0xc2700fe7305203adL,0x2a2ee24e769400f5L,
-        0xd595d399ee0c452cL,0x0ab75d6af7f02a41L,0x341080990db730b7L,
-        0x0e4f5ffd5e8d1202L } },
-    /* 205 */
-    { { 0xbd1c64440ff14c38L,0x9a5b59faaece11f2L,0xaa4605a722af6330L,
-        0xddc9f65a82af24eeL,0xf4ee4bfeeb9a1159L,0x2463d07674e84eafL,
-        0x88cbe1e00e0baaceL,0x7ca568ead5fabdcbL,0xbd80d524c57eb99dL,
-        0x9c46572ce9be9873L,0x918a1dcd7300b85eL,0x4922131240f54176L,
-        0xf7e324ffb5b14236L,0x40dda5012434f16aL,0x08833421a133d97cL,
-        0x33d411610876f020L },
-      { 0x7531a36b9878e5ecL,0x5de3e32146918232L,0xd15f9a33d0a30464L,
-        0x734c1b87aa173659L,0xac2094a2f925d4feL,0x43c965a1c262b0f4L,
-        0x759c903e447d5cbcL,0x92af215e05239300L,0xfffb6d5f1f593f34L,
-        0x65943b4bc3cddb5fL,0x9d03a29cbfdd5408L,0x8f7cda6b198d76c0L,
-        0xc0790a22c0f27b59L,0xba557a848cb58ccfL,0x5922052d76c54fdcL,
-        0x2d3de7aa47b6b466L } },
-    /* 206 */
-    { { 0xaade746265add3b7L,0xe5888f35abf24c2aL,0xd41549cae1a57d93L,
-        0x0e22e18e2c76f7bfL,0x67f288eabe3202b3L,0xb79a66ba1d1d0f0aL,
-        0x0e0ab7492881ad18L,0x7d424086c7adb0e9L,0x870c32c52842132fL,
-        0x858477f158f9a09eL,0x422a9372ec025589L,0xbe428c5ca5098777L,
-        0x45b7956457660058L,0x6c7fc631957f37cfL,0x8b7023ddd6316289L,
-        0x47003bb65b1c12a6L },
-      { 0xd99401c1c91c1c96L,0xaa5dcdf927a12970L,0x3ab92e17c3c29107L,
-        0x26fce8f7a3fe4710L,0xb0d09d5e4ee998eeL,0xafa622048e3a41f8L,
-        0xb1c012a5a26ca506L,0x2c6f734c99b57252L,0x1093d79f512f7fe1L,
-        0x2f30906eacee19a6L,0x6bff8381056d1ea6L,0x61c75856eff35f21L,
-        0x6e07e978c1ad2224L,0x2cca6ca16b20fde8L,0xab4d6d2d633fe81bL,
-        0x73dff504b06a2ce6L } },
-    /* 207 */
-    { { 0x8b615805d8e20fb8L,0x7c6873e482b533f0L,0x5205f00156a854caL,
-        0x87fec6accb369211L,0x1fa3c0ecc7f092b7L,0x5b36647ee845fe4cL,
-        0xd4781e85f8b1f112L,0xc65268398b0f1a6fL,0xceeb8c6cdcb8eb92L,
-        0x133f0ead8e5f6d52L,0x31883e23c8d934dcL,0x214ed5bd428ac45aL,
-        0xf77ca492dbbfca85L,0xdf4113fe07e5ae13L,0x63e4a0d272ab05fbL,
-        0x7544d0b77148f535L },
-      { 0x4fe8d13480797aceL,0x216d6aa0af86d97eL,0xdbf0a688ef5a68fcL,
-        0x18b26f459f9b2684L,0x52fefcfa8999d2fcL,0xd5af8d8262423955L,
-        0x8f123469f63a3780L,0x2933454fdcd4feafL,0xba8018b7a73b5d09L,
-        0x9af1f276e5552c18L,0xc5d4773dff26bb1cL,0x9ef4941006dd4f44L,
-        0xad8f12f95f39ba49L,0x5767f6dcf66ca4f2L,0xba8773f17922f59aL,
-        0x220081eac1e42d49L } },
-    /* 208 */
-    { { 0x3043d573ba37a0baL,0x05a431bcdd176df6L,0x03322cfcc42070f7L,
-        0x5cabd30e67c2d109L,0x362c95decbf8bcfaL,0xd767d2777787b10bL,
-        0x612c915e6ec05e64L,0x9e669631ce69c30eL,0x27c9dd8f682e2635L,
-        0x79021f1295ffcc38L,0x06a8ee798a2adca2L,0x8e00e7844b5d500aL,
-        0x87746fc78d80d6c5L,0x246053be915f10ccL,0x844e328b219f6fd8L,
-        0x620541ac11bd3733L },
-      { 0x0f7fd382509e5a29L,0x8748d7d0b432531eL,0x8f749354cd3883b9L,
-        0xc6b8ac748bfbb17aL,0xa4616a6605f2d2c5L,0xb3d966251bcb1b83L,
-        0xcf7531042fee265aL,0xc70d73fbdb225058L,0x1211d434f0c2d556L,
-        0x862061d854b259b3L,0xffe4606dc42b3f7dL,0x4c5c8585e86a4949L,
-        0x04ddcc8b160eedacL,0x1804ce67568e2420L,0x91f3855a42141656L,
-        0x7f378198f932be97L } },
-    /* 209 */
-    { { 0x9a374bdadfa6639aL,0x0cbd48d402ab7391L,0x5c5ef23647031e2dL,
-        0xb49ee2bcd0599d1fL,0xd285eb60e0d38443L,0xdbbea92f269392e8L,
-        0x91455fbfb8bc538fL,0xae259ff1e469b768L,0xc1cecb1f41de5682L,
-        0xc876f0719952d1aeL,0x1ce25181e7bf7446L,0xcb93ad86282ad2f1L,
-        0x8fa3cd316ba4ef67L,0xfce68a04e507aa3eL,0xced74170a61bb608L,
-        0x6de716b3f6ac10d0L },
-      { 0xd4e58d04172d6dc5L,0xbed2cde66397c65cL,0x7ae77e180c9eb4e8L,
-        0x5627546875fa2edbL,0x4b30324ea91e6738L,0x6023a856235c8b2eL,
-        0x9df6d6c2a8f92887L,0xec2c185ff6f5e8b5L,0x7892e12b3ad5748aL,
-        0x7aebb4f2d54aefbcL,0x14915448ee868821L,0xa26c5f71b1d9bd5bL,
-        0xe5ccd1662ff00df7L,0xebc99f17b95b1deeL,0x909836163fe1f774L,
-        0x51f90830bb3d25b0L } },
-    /* 210 */
-    { { 0x49376fa1f2922461L,0xdbb1b1c31650d0d1L,0x92b91c330dd8608dL,
-        0x3e612c4b36b89906L,0xe1977b0bdf560052L,0xf8afff70636a2545L,
-        0xcda7d27811723d8eL,0x0b0bc4bb81bde7baL,0x3cb080b2ed2a578eL,
-        0x5bda0d0d171b2e02L,0xf6df38cf941bb9aeL,0x85dd81dbc14a65c5L,
-        0x7f98c82dc19dd98eL,0xc613747f52206f93L,0x9e13a2c25f5bbe78L,
-        0x5eed218e0aa34be7L },
-      { 0xe156575401d4dc0bL,0xa1ae5f27f566bb07L,0xe985ebebb82225d5L,
-        0x5f3ad21c1189ec6bL,0x17da518cecce4d9dL,0xc84a2d3ed6b65b59L,
-        0x7f9881758ffa771cL,0x50d6ae122ac69a7aL,0xcb7f30b1c6e6846dL,
-        0x8c023a605bd0bb13L,0x9a10fecdd73f2407L,0x8c5158cce5f0a996L,
-        0xd26bf615bd8f5806L,0xaf32ea87915a46e1L,0xeaf74e810287d308L,
-        0x8c14ba06a6264254L } },
-    /* 211 */
-    { { 0x0c877895b17ee201L,0xc05aa47188e57a77L,0x19c3e76397822456L,
-        0x0be6f8c0c9c3ba1dL,0xfe85f4ffb4389ebeL,0x538bccce0ce7fbb6L,
-        0x876eab2a65266c64L,0x5c9ac690cf9a3842L,0x9f5cf3b1ccc8f981L,
-        0xfa17be6a9cf687deL,0xfcfc10fc83835c15L,0x086b0fdb150ef2ebL,
-        0x9f97ecd9884a52e6L,0x416e6fa2b0cd1eb8L,0xe2bd15993ecc03baL,
-        0x645c0a5deabb165eL },
-      { 0xd94c420550aa7e31L,0xaec8df0c2f851da5L,0x996469093c726e6aL,
-        0x72dbdc362619bf9aL,0x1b4260e0e253fbd5L,0x97c259fb8c709e06L,
-        0xfabf7cbbcddaec5bL,0xb4d5e8b1e4b703e9L,0x1b06e56e0734efddL,
-        0x02d4a4f91f55f8a5L,0x7f8608ba3f565c8dL,0x822f47d2816d1d94L,
-        0x0cc361565ce7b136L,0xe46ee5ef31d04242L,0xb2a65f70683567f6L,
-        0x27e9ff40d2fa6c91L } },
-    /* 212 */
-    { { 0x75251893d7e952e7L,0x15b30583c735bf18L,0x732b599296fe0491L,
-        0x27451858806d2fcaL,0x71ab76a01b885ed9L,0xbdce9d976d9f55ecL,
-        0x3da60b2048f2ba9cL,0x6977c086592b132bL,0xb6dca9cb099051d7L,
-        0xd9c2ab23d188ae25L,0x9f469f3fe20aaf3dL,0xdbd1f7cf5aad74d0L,
-        0x3d5efe5c22a9eb3bL,0x8c5edfa2137010c4L,0xada2217b57870260L,
-        0x4feee5673dac9776L },
-      { 0x30e18d52b5d3d780L,0x4dadb5d307166744L,0x320d386e5a742156L,
-        0x5d8c290e8d6bbb86L,0x981a43232d263dd1L,0x33d0e7ca98984636L,
-        0x5138784da519acb1L,0x832e3fabdddc81ffL,0xfc2785943199a43aL,
-        0x5b4cabcf32743163L,0x9fa010bd74f94fa7L,0xc28a743d5694a627L,
-        0xc1d2a888cb657a24L,0x7eef2503e86a25eaL,0xed11a5d304c561ffL,
-        0x4fe818e79c9ede0eL } },
-    /* 213 */
-    { { 0x00252c9d7fc1c7ffL,0xa9bd419d9fa89ad1L,0xc93a124a4064e9ccL,
-        0x384cbcb843942eccL,0x004c21fd8749695bL,0x69c81d9f421165bfL,
-        0xe2325628dde01102L,0xec9374575a9b004dL,0xfb3346bff6dcfc21L,
-        0xac4da64b4d372c7dL,0xcecb7ad3f20494e2L,0x562c41b5e867c150L,
-        0x299395cec2b723d8L,0xc91adfc57ee53231L,0xe06f1161f10b6597L,
-        0x81915529b74d3ffcL },
-      { 0x8ec124316ed9d4eeL,0x3dffa154689aff01L,0x4aba349f2a89a3f4L,
-        0x2db1e8e2d467efb2L,0x18dea354039102e2L,0x422ab853e52f082bL,
-        0x7130a2c1ed36dd47L,0xca60e86d0295d1eeL,0xe6ac68087c7f5ad3L,
-        0x0f83cecfde864658L,0x72e66c21461d1265L,0xfeef4150bd385099L,
-        0x0f183f3aa6632289L,0x275454be792dc795L,0x2744c11b11367702L,
-        0x7d06bcc7e8ea6ef3L } },
-    /* 214 */
-    { { 0x892859427090212fL,0x691b7d4c5521e844L,0x4c038422be2dbb92L,
-        0x317721edbd81f880L,0xc136cbeeac89bc36L,0x4f71b60b7b8f004dL,
-        0x269132d04e218ab8L,0xb0e2496ee6cc814dL,0x0b2ce31775fadc15L,
-        0x82e3c08466d223c5L,0x9721caa64c612f8bL,0x59a751eba4b65355L,
-        0x3433aad5c7d3d9d1L,0x1e61b9d2e80d4246L,0x149f655ffc673caaL,
-        0x48b52b99d0f9cb92L },
-      { 0xa3915399efdc05beL,0xde70db1813e095e9L,0x447862e9cddb3fdaL,
-        0xa2b031621a009451L,0x4b27980c23920ea3L,0xac5394f1a23b8febL,
-        0x163f72563e5616d4L,0xaa0ff93fb714219aL,0xd26f96d293d62474L,
-        0xdd212ea87dcfe276L,0xab27bf2f47038d15L,0xe58c8325f418168eL,
-        0xe3704222b32a989aL,0xa3694390bfc9f13bL,0xf16e26060d0684adL,
-        0x17c0de879d8c76ecL } },
-    /* 215 */
-    { { 0xbca5f453dcc01958L,0x7d9459541ce88393L,0x5e6350a1561f5b6dL,
-        0x291c3c867e2d36bcL,0xf6c7ed84a5ac3a6cL,0x7913c40bd98006cdL,
-        0xf78bb0875671ec3bL,0x1c928f6eb43e89a9L,0xfdf28df3ae1ea1edL,
-        0x62bba5b1b924b2b5L,0x491d27051a116e05L,0x08ec02b7167ed3e3L,
-        0xe291cf7b5bc0b046L,0x30e501698c5d7f59L,0x0c7c350df5c799b7L,
-        0x6862b9e20ac6e1d7L },
-      { 0x56c6f4e79ffa1f64L,0xfed6a91aa1e24349L,0xe9a0ee0ccdb75232L,
-        0xbfc90b370322d607L,0x29480ad2462fef87L,0xfc214969c2bfcf34L,
-        0x6e5211e0a539e38fL,0x2a59ec2612a5149cL,0x195fe212d706b532L,
-        0xf77fb108e99c8429L,0x74ceaea35dc80482L,0xa5a6030bbd92d298L,
-        0xad42dca5aaea15eeL,0xd6ac3bc74987109cL,0xc64e1c40290af649L,
-        0x5093fa2d51f8de6cL } },
-    /* 216 */
-    { { 0xc4cf32804c2d553bL,0xdc1abe223b966c29L,0x556a549c2296914aL,
-        0xd8c9f8b5999976c9L,0xc22c57bd776e83f3L,0x4f2942ab7c85ec57L,
-        0xef3407e56e2c61f5L,0xf005e8caf213db48L,0x470c853df32698c7L,
-        0xe6f488d7cac0a54bL,0xb6bd6bed60b7501eL,0xf0103106714a4bd9L,
-        0x5285bc3b6e098894L,0xec06741af5f92a00L,0x32f16426ef7ef24aL,
-        0x12f9c44d6c77a438L },
-      { 0x1951e96483313a1cL,0x98edd3da33c58b37L,0x4edbbf52c7ac4044L,
-        0x866ca6f70dcb5ee8L,0xec0ae8f56dd422f8L,0x1077bc540661ec2eL,
-        0x6d39913ad422523cL,0xd105e1e858e7cb3eL,0x47c9397fc979bb45L,
-        0x3221d4a90997b592L,0x0ef628a3e8952fe7L,0xd08d58274e946241L,
-        0x64cbed0f59780f40L,0x13d7c22708e110ecL,0xd186d8667679b1a3L,
-        0x02f75e4e26ae1d18L } },
-    /* 217 */
-    { { 0x1b637ebf47f307d7L,0x6b644a6ad0141477L,0x82a33d652e05a80cL,
-        0xc8f1a0f3fed07b31L,0xc09ee7f93696e597L,0xcdaa7ec3c7ffc01eL,
-        0x549f88fef8f373b9L,0xc88d1961c3bb8989L,0xd92a4fe9dfcaa7b7L,
-        0x12ff9ee23ae4ab20L,0xf5aea641f5ecb1a5L,0xe769237fe32fb47dL,
-        0x96a5c42025d085c0L,0xdc91255826c755a2L,0x580b985f9bce9723L,
-        0x72b1b56663961941L },
-      { 0x9d708a08790e5558L,0x985360410689af80L,0xe85e7b8a42313b5fL,
-        0xe6ba129255a49d1aL,0x5e76c4b0ac371b0bL,0x58504f39938e6e19L,
-        0x8dd4142260ae9a21L,0xd8b04e9b968485ceL,0xf94c4ba5887efe43L,
-        0x11268e67f11c5e73L,0x92623e28cf6b99c4L,0xf2d0aaa87a0a9662L,
-        0xb266772a4ca02ed3L,0x68ee8e4e2d63b551L,0xcdebb2992e78b5b5L,
-        0x5df19216e17225adL } },
-    /* 218 */
-    { { 0x20027e1e8df2e7e3L,0xb183cc68d8da07deL,0xce35ba694b4ae694L,
-        0x896d97df3ca62e88L,0x3de4713b52efed2cL,0xd006c40e26bd084fL,
-        0x1e9b71bbfc81923bL,0x9991c7b61aacc6b0L,0x650c93648f656840L,
-        0x138561d187f47524L,0x610f2b11bffd3ca2L,0x96915faffa191418L,
-        0x8f1236de955e5309L,0x613cbeeaa1872d79L,0x7f7b44ea66a2a48bL,
-        0x452265c2e0a89c32L },
-      { 0x4ad5ec7925430010L,0xcac786ffebd090c0L,0xa5f9f4ff20a9d3f5L,
-        0xfcbf4112a3edc65fL,0x8824839c0cf3eb11L,0xb8dd6d4e8aa5b700L,
-        0xe2271dfdb7568ab8L,0xe43ec373b744560eL,0x78eaf9261cf75296L,
-        0x1809ae0e3fa96d9bL,0x0b312d2ddc25dfd5L,0x6b8f78b46bab7711L,
-        0x069efc8db5ecf1e4L,0xc1952bae609fecaaL,0x43e302ed5f4dbde1L,
-        0x14b02bf91e078555L } },
-    /* 219 */
-    { { 0x2c71c768b87e5b57L,0x0bcc78f7f531a557L,0x4ff93f8bf7597dc8L,
-        0xb28e026d139e175fL,0x6b83b727cb94ca6cL,0x2eafe3b20079f7fcL,
-        0x2aca54decf3bd170L,0x17c4133c6af0dc6cL,0xbea1e665ccf5e35eL,
-        0xa6691a48345505c6L,0x2633abd0e6100b89L,0x966c6706c17d0388L,
-        0x7aefffbe1a0cf90cL,0x4d847be7d0add64cL,0xd49bcdfbaea2aa46L,
-        0x85e07e742cc7d0a5L },
-      { 0x23aae0a60bc25bcaL,0x6e8e55f1e44f64ecL,0xe1e696d8b607b773L,
-        0xaa90a746d3005909L,0x072b1ccd2cbc4990L,0x0d0fe6c6c68e2f5dL,
-        0x920ec5f053e28ec9L,0x79b21fb4f0040cc1L,0xa7375bd3fcc4a2c7L,
-        0xf5f5def9e1bac7ddL,0xdc315d7935c0f8d3L,0x7117c1702cacd318L,
-        0x6f2823c4e926f71cL,0x38db58bbed02f39aL,0xe5b492317db69323L,
-        0x0964039f8d49f430L } },
-    /* 220 */
-    { { 0x21774f1656999ebaL,0x3d8ee287b1de6305L,0xd81af726de0b2669L,
-        0x374469393f8942a1L,0xbcf6b615ea03e13cL,0xd30c0c3594e273cfL,
-        0x4fd33a56c6725c56L,0xa57534ada8be97a2L,0x799242a67c22a251L,
-        0x4e51bdb59d0c5c49L,0xd7cd76ccc6a42768L,0x914097acd426bf59L,
-        0x59404a2c66e9beb2L,0x4738fe985c96e3e9L,0xbcbb3e0eaad666d0L,
-        0x626b0fd263bc5e56L },
-      { 0x47217dbae1a1ec42L,0xaa6ae7dbab5acc50L,0xb7e1ab1e865331d1L,
-        0xb84530703d30126fL,0x280649e0dee61851L,0x8806f4a3ea689544L,
-        0x4bbe43adcb56f632L,0x036b9bdabcaff94fL,0x0d941e65bd0637beL,
-        0x82179d44686f3abbL,0x1486912caad6afd6L,0x9a3b891eff7e1534L,
-        0x88c426ceeb86fd96L,0xb56e6a81117928c3L,0x933e713596399e00L,
-        0x09bbddd9a17b6ac1L } },
-    /* 221 */
-    { { 0x75e39c1de4fd3673L,0xf880d9d1a65c8e07L,0x4725c1dc7289c7feL,
-        0x5b6735ee3529d200L,0xc1f8f2ed3c747af3L,0x5cf3998f912efdf5L,
-        0xed72261849859c39L,0x23793a2f0e69795dL,0x8a6ab8d686b1d2a7L,
-        0x00c815de22a882e4L,0xbe77d6fcf9db8d7eL,0x0886fb3202267547L,
-        0xb62687d449c10edcL,0x9f1c3e177c83ed4cL,0xe6d5d7f05af366eaL,
-        0x2eaa01b8d1efad24L },
-      { 0x5e47fb701f357c74L,0x93085c4aa9e3b794L,0x4f0987336e85a905L,
-        0xf53808ffbe0244c9L,0x91dddf93a3b5660dL,0x8b76377bf3b95ed6L,
-        0x91b911b7bb3920d4L,0x7ccf08bf86a13cf3L,0x53ed8f97ea018e58L,
-        0xb1ea434378c55194L,0x8e6adde9e0d2d5a6L,0xfc2b248f9b96259aL,
-        0x96ebceaeeef17dddL,0xf694b443557f9c85L,0x48cd150f07d5bba8L,
-        0x02d31de9b4c1986bL } },
-    /* 222 */
-    { { 0xa6bb9e1ede79499dL,0xf6ca8ff8fd0fc2adL,0xbec0f8e81a7d9356L,
-        0xbc3d1c9fe8f06327L,0x805c72173b300bebL,0x00420a08413c181bL,
-        0x9e9a167ef0ca9d01L,0x076c909d1aeeddd6L,0x64a1997f8e3a8a72L,
-        0x3ce7f7a7a77b429eL,0xaac0fbf45c94d3e9L,0xf37694a7e6d48407L,
-        0xf56679e2a91921e7L,0xf23fe0f3ee1dbbd6L,0xc7917566cbf9fa99L,
-        0x965860f2e0f4d765L },
-      { 0xe734702b7fa5f79cL,0x930bd4265af2d26dL,0x45bd8b986c73e0ceL,
-        0x7dbe7bed4ee44a2dL,0xc129e024956c8a1aL,0x6fdc05ac77cdf80eL,
-        0x70a6ba2b589ca59bL,0xfc484021999825afL,0x1d284b547a23f0b6L,
-        0xb1da10a428a0a8afL,0xb1eb1b312b2af6d8L,0xf051443a33935ee3L,
-        0x7a07eb268effa6ecL,0x16ee4086d662654cL,0x7a7bc5014549ee4cL,
-        0x650810321fa98a52L } },
-    /* 223 */
-    { { 0x49f0e460b67ed9b2L,0x0cda0fd0c36d93d2L,0xbb5963e988c75e1cL,
-        0x757bbe93614bc0c9L,0x9a9b88019a768605L,0xa8b7e2af48edc544L,
-        0x9e77ed9eb51a5985L,0xdd025274ebbf024cL,0x598b62881545c636L,
-        0x39bdaed04800dba0L,0x7fc2013981e2a23aL,0xdc66fd5c550cb4f2L,
-        0xad27032fb52068c7L,0xc9a0bcae8169fa15L,0x60606f213a7ca8a2L,
-        0x982950469862652fL },
-      { 0x3e3746002e11c128L,0x80dfae5d0e6dca7eL,0xe44016e2d9552264L,
-        0xf65f88f2880b7143L,0xca3d28d4526b881cL,0xf9c59dd1dfb86afeL,
-        0x548860c24c74f958L,0xd06ea43c9cb69f4fL,0x5343c9ae7334ececL,
-        0x5cc2ccd635329713L,0xa95ff4035f3a6c0cL,0x2e01a1ccb372653bL,
-        0x31510fdfa250523dL,0xeee538e2a6227eb2L,0xeadfc8a0ca23cd10L,
-        0x4b7e6e1b3e78f54bL } },
-    /* 224 */
-    { { 0x79c9076fdb5f928bL,0xe6250bb6b7347cecL,0x54b67798ac00ec41L,
-        0x900d20ba9d9619c7L,0xed42c0d059e4343fL,0x3df39e85451935d7L,
-        0x2639118264f701ceL,0xce8f2554e1f87aacL,0xfddd678965f91aaaL,
-        0x96cd163fa324539fL,0x5c815f2c4bace995L,0xd78c8c2aa94f9ea5L,
-        0x7ab2aff4ef24e455L,0xf0ed64091cddc26aL,0x954a420b00ca2822L,
-        0x0611c4c5d3297658L },
-      { 0xf192001ca9e81829L,0xded3332008a282ccL,0x0bfd7de18f9ded9bL,
-        0x6793ac0db7889003L,0xbb00d91d3577a5ddL,0xe17a23a7802d3c2bL,
-        0xff95f88cfb549014L,0x7cd1bf4bc71b6e07L,0x2e3b24a023588c8bL,
-        0x9b5335b8a4112076L,0x2481c05ec4056d30L,0x55c7410ce916a1b5L,
-        0xbbe03271850179f4L,0x15e6c177b3cd1208L,0x509a24c090cbfe50L,
-        0x820795291c108566L } },
-    /* 225 */
-    { { 0x5d2d3cff1c7d353eL,0xd5e7eccd7de0ce3bL,0xb4b1075f6ca87635L,
-        0xda8404e025f9ad3eL,0x6b963e89205cb5aeL,0x9e5ee0d809f221a1L,
-        0xd64c85d9ea41aca4L,0x6a46c4e934442a34L,0xac6ff97e3cf655a4L,
-        0x76565c1ee5417d7cL,0x681009a9eebf9c4cL,0x95b61d3988da6388L,
-        0x6402b46af6b472c6L,0x1fde51650b7f1171L,0x94f8f273be0c05e3L,
-        0x7487b036a88344a7L },
-      { 0xa860e5759c3e2370L,0x19d58193f8048719L,0x3a0dbf3ca6e2f9aaL,
-        0xb6c7e9596144719bL,0xa9049c74deffec21L,0x8ba064b23f50cebfL,
-        0xb12822c049a1de15L,0xb654b7d9b1d527f2L,0xc470859d0ffd0430L,
-        0x37c74a674f05446bL,0xe553251ba3add995L,0x4a3ed6cbe33533b5L,
-        0x2f2f44d027e419ceL,0x2d84ee82a5d1b979L,0xcc76b123db6fa69fL,
-        0x834f85c521fa3bddL } },
-    /* 226 */
-    { { 0x329347c12ce9b31aL,0x1d88522afe3fb3b7L,0x4bcefb4d52ff90fdL,
-        0x53b173862b1a081dL,0x538c11ba2a411f08L,0x7895b93c141b603aL,
-        0x2993b9aab10bd741L,0xccbbd04609912986L,0x669fafb0eea0aba5L,
-        0xd484462235661897L,0x4a63b89c367ffa54L,0xcbad5d1d1c3478daL,
-        0xc5339227aa6034f7L,0x0e6d705fe61b1391L,0xdd14b660f74ff515L,
-        0x639d8b0a5332b54cL },
-      { 0xfa423162162217cdL,0x2e0e4a2a811c28e6L,0x68d9ce1821766dc0L,
-        0x51263739046a06efL,0x44eea231dde92101L,0x0607c8f2114298d3L,
-        0x27f272ba63d957e9L,0xe7ce80cca5e8cae1L,0x5816ebe224f7a63fL,
-        0x4dece5a789673e34L,0x13756a22536babd4L,0x644d61aee3bf77afL,
-        0x60b2bf6e2bcf98bcL,0x3b0b59f329fa962cL,0xb0769a1aabb50023L,
-        0x409031360c75402cL } },
-    /* 227 */
-    { { 0x84d2873a1670433fL,0xc9394df625493dfcL,0xeb05a19a80fcf89eL,
-        0xe39e4310db297616L,0x50742dc9d9e63046L,0xf31ad8c81de9ca9eL,
-        0x86aabf94fb7b1d0dL,0x36cda27a1b3c82d1L,0xfb1a2ef439702d84L,
-        0x280bfddc46081299L,0xe4b2b48dd2396238L,0x2db2c2f37b3c9353L,
-        0xd5b5b31712fb8a69L,0xf9b87a3b08180474L,0xd85909861e952578L,
-        0x80668eedf37a2bc8L },
-      { 0xe2edcd35b39a0249L,0xaf230cd4b2f8aeaeL,0x295b15e47223df05L,
-        0xbb66982ae0e937f4L,0x019d2b728cbc9162L,0x5c512ae9cf49dca1L,
-        0x11b491a7630f07b4L,0x48d4f34ca03874e9L,0xc1fd0ea644cb7433L,
-        0x13f79ae1f95b30c3L,0x40362d4ded8b60acL,0x9e8314ff61ead81cL,
-        0xed600dd4498c3d28L,0x5fcb1c19c2521702L,0x592329fc3a9c1f33L,
-        0x046775481bde6ce9L } },
-    /* 228 */
-    { { 0xee3de56e39233c96L,0x868c409c80737eafL,0xacae11bd201abc68L,
-        0x0f2cea9b2b486205L,0xe32387e16f19056cL,0xea75365aa5dc2a41L,
-        0x76c29acc12b4be86L,0xa01fcab78d63294dL,0x81dbe88b0cab9f24L,
-        0x76646e5bf414c054L,0xfe111893cb96b7aaL,0xb649f5b17664e097L,
-        0xa196422e53fcf5a9L,0x5978c9bd0b7ff634L,0xb5feb38e3c229895L,
-        0x038a49fb0833c456L },
-      { 0x35e3818c13e93257L,0x14cebc9da612741bL,0x4f6e92497caac06bL,
-        0x82278e333daa1116L,0xe7cc565e4de2034aL,0xbb7dc95f0a1ba630L,
-        0x81dd9f2366956fbdL,0xc63e6319bb132dd6L,0x6e22b022fc241337L,
-        0x238481937e8beb1cL,0x83b1994dd8c938acL,0xb54cfacaa6bb5644L,
-        0x1a7cd44e06f91807L,0x1dd439bba8f8d9f3L,0x660c2a787f74a8e6L,
-        0x4bb76e22121b5660L } },
-    /* 229 */
-    { { 0x7a151e8ae6354817L,0x33d494eaf038b438L,0x4c86c68885958986L,
-        0x721538271dcbac12L,0xf487af8cc0edad06L,0xad33051fe500e5d6L,
-        0x0a711b1bd6e47f55L,0xa68709a78c746ad5L,0x27f172626402f35eL,
-        0xc6d08efafb30c130L,0x9ef1c041c06c7497L,0xd0c74ecedcc3e2daL,
-        0x30c5f96e092e1073L,0x0f1393cf2aa12b74L,0x245840162107eb02L,
-        0x8843d25f7b76f98bL },
-      { 0x4e1501dcedb2a83eL,0xbcfe8fb02bb8d724L,0x09020659d925df62L,
-        0x3c715dcf42ab6fc3L,0x73c05055a0f09dfdL,0x126745d8e3590aeaL,
-        0x5382f4d876ff749eL,0xfc69feefa920c663L,0xde1602119fd711caL,
-        0x4219c3bd9075c4d5L,0x3800cbd13ded6bf2L,0x8c7ea0eb6263a116L,
-        0x35bd79587d264c37L,0x56e22e457159c98cL,0x71bf2a2dfa7373b5L,
-        0x0503f9398935c949L } },
-    /* 230 */
-    { { 0x65addc6671dad4f6L,0x238e4889024bea1bL,0xfb76c8e2f605d3ddL,
-        0x13d5f5deb0d96b89L,0xe0b5ba356601b2cbL,0xe37d491d83e3d254L,
-        0xe8860423240c8ea7L,0x374182f3e91c99baL,0x26c2caf9a87ad919L,
-        0x4b13040af574f295L,0x5b9bced1944000a3L,0x4ccc57be06df42e7L,
-        0x22e8ec504bd1089dL,0x0c53177adddbb500L,0x690d31d29ecfeadbL,
-        0x735778fe176668f9L },
-      { 0x0f86ee3e843c1137L,0x3c1c42fa3f0b73cdL,0x0e75679d8ab20e3aL,
-        0x6f95f1f416242faeL,0x7b88e11c39b092e4L,0x1629403e4c236ac0L,
-        0x66105f412dac02e6L,0x74dc28a7862e0632L,0x2118ffb2f3b23c8dL,
-        0x1182417c0745ffbfL,0x49b55a044c05711eL,0x2c665b74cefbe4deL,
-        0x1cc4c01d97bf7107L,0xb2ca06dac54f0676L,0xfc599daa7450d0f8L,
-        0x52e637a61a3182a1L } },
-    /* 231 */
-    { { 0x481700f16bebc6dbL,0x4a6b45dbf9503d92L,0xc715cd3c5d153919L,
-        0x942a1c05e5ad2abcL,0x36a82433ab7b466fL,0xba413bedba13918bL,
-        0x698a562490f4e6ceL,0xbb720da6f3f1f3caL,0x2116d41d63471ab3L,
-        0xe00d2227303d3609L,0x7fd4cc00463ba69eL,0xac609e4d62845fd1L,
-        0x63603b2c80adc9c7L,0xbf16fc9a45fafbcaL,0x41007f7fc4bc94abL,
-        0x7c916b4fa74b1698L },
-      { 0xc1026f9178bac2d4L,0x8a2e80982601a875L,0xad2f276e0073d640L,
-        0x443610c4fcc1fb88L,0x5727b822ca6b291fL,0x0645532c88ec60fcL,
-        0x51e48899ed9ad48bL,0x841b48b5f543f103L,0xa6ccb1bed591ceebL,
-        0xfc4adf0f9dcf5a8bL,0x3a7ca020b347ddb4L,0xaa1accc2cb44c521L,
-        0x773b68280527c0c4L,0xaa374c107023cf50L,0x733d10006b74c926L,
-        0x1ff3916f77a8d07cL } },
-    /* 232 */
-    { { 0xaa218fe4f997939dL,0x3d4dfbbb791583b3L,0xb3a7b5da87f7560bL,
-        0xa9c028015da92c98L,0xe1eb4aad46666f4aL,0x2eb17a5114ce9dd7L,
-        0xf46a66a4ef8f3076L,0x900b45c6810e546eL,0xf7af22584baf04ddL,
-        0x3cc1c8725c84d42fL,0x3093f2258e4c83deL,0x62fade41170d88b2L,
-        0xe19612e4ac076e44L,0xf48d734632dd141bL,0xc1b1f759925e34daL,
-        0x19ed1a56072b90c9L },
-      { 0x9cf7fcde6c735473L,0xaab88e676003bc3eL,0x12187cbcfb199bb8L,
-        0xbb7304419accccbdL,0x214aff3cb0f65459L,0x6aec81a36f926282L,
-        0xaa82cb329f9d20b8L,0x82f3f90f5773cc90L,0x4af60e6bf62257e1L,
-        0xf18b44bfbd4762dfL,0x3948b129db970753L,0xc6e920e97c22c18eL,
-        0x393d620857be97adL,0xe8d7382c46b637f9L,0xf6625ccbf1fed1d5L,
-        0x6f31e0f968681599L } },
-    /* 233 */
-    { { 0xc45afe5582b8f204L,0xac0441b6d358b54aL,0x7213e7bfacd5f5edL,
-        0x1914c70b139bcd93L,0x714b458196dbcbb0L,0xe9297d351ed35d21L,
-        0x8f6408376a3e1f20L,0x150a8a9d2f3cd705L,0xfb36e801dcdd9f6dL,
-        0x5a54eb655cf56d82L,0x7610500c92aa5a21L,0xd10d0ae23b089f03L,
-        0x491b2079c42b66e8L,0x4af1ae3d0eee8d48L,0x137e4c2841556f45L,
-        0x875e330863d8a7e6L },
-      { 0xdc80fddcaf6c0accL,0xd5ad1e66bb1e7c08L,0xdc717ae1828585adL,
-        0xbdc54340275c7da6L,0xf4b4c852d26b9e15L,0x5f0a1fbf6a05fa50L,
-        0xc6f81e47817bcb32L,0x2cbd432870ff2e1dL,0x8a24901667c7f7fcL,
-        0xd045acb7b585a6c4L,0x2e972ad44666c057L,0xc74d87cfe6d7d63dL,
-        0xf7067d870e274144L,0xb2ca157a8b2584aeL,0x495c5bfb75f0fdebL,
-        0x5abb0581f386e009L } },
-    /* 234 */
-    { { 0x8be62d2bf0c97f57L,0x0fe04871962f28c7L,0xc548a46747b50abbL,
-        0xf6b26e0344fa09edL,0xfd44c6e3ab05a96eL,0xedb0032c70e6ae82L,
-        0x28bd402bd7e4899dL,0x43f2e9639b7c11c2L,0x0ec3fc0ece913716L,
-        0x769b8bc902fd0f8cL,0x9d9cb3aa7cabc3acL,0xe88a889206924cc9L,
-        0xa51461aa42609014L,0xc7f4aa8b962e79e0L,0x4ef0210a8b1b3e80L,
-        0x705446801bfee4bcL },
-      { 0xfab3d713121901c1L,0xe90a2627fead54aaL,0x64f6d285bc08ba23L,
-        0x8d99301536ec227eL,0x99a16ab906c191abL,0x86b1cf5bf649ce2cL,
-        0x5920675966be3a80L,0x18836279ccba2cf0L,0x2c157b87eff53486L,
-        0xbfac98964b223af2L,0xcd0fd4f00aae7a57L,0xdaddb94063218a80L,
-        0x3844bb79df88f14eL,0xc1b3e3d4b71ed9fdL,0x6c634a13d6205036L,
-        0x6f56aecfb8680a6bL } },
-    /* 235 */
-    { { 0xb01dc803d9205c5dL,0x68955f7d67123929L,0x3debbffd9d9b6565L,
-        0xb844395ed3b1acfeL,0x04328b216094eeffL,0x6631ffa822991febL,
-        0x0dde66e6190dd075L,0x75b03c55e8577c05L,0x6c91ce5f91722407L,
-        0x9a288a408ebb3a3fL,0x1d376f8a058a1396L,0xf3a594579a6e0676L,
-        0x103029c57b71d288L,0x0843f428b44c30c0L,0xd8e6aff8730e0b9cL,
-        0x7b6be8114ed644adL },
-      { 0x3ec38e4a3d3aa54eL,0x10233943d83d509aL,0xf84aa621243955e2L,
-        0x29104717f51d3d44L,0x62d2442c7eca4e37L,0x8c5a523d85fa55deL,
-        0xc6f5ccda851da1b5L,0x044bcaa820001468L,0xf7501e68e01702e0L,
-        0xf0819359e6a0acecL,0x33dda6adac0ef0b2L,0x97aeedc8fd964f01L,
-        0x48dacd0e530b90d8L,0x4c5fad6fb84122ebL,0x2284ec1ed700a1deL,
-        0x86f9a835dbca5474L } },
-    /* 236 */
-    { { 0x0e1d9055450cc69fL,0x50eb14bcc9edf98fL,0x1bb94e77ee7eba01L,
-        0x5f7a6737998f8e53L,0x588384e31b16eef0L,0xbb928723d85c5e15L,
-        0xfe51e345cbd952aaL,0xc5d0ee287e241674L,0xfdc146ef100182f0L,
-        0x0f739e92e7f5be2cL,0x501ab3afb656bd3eL,0xb1552dde5168e289L,
-        0x940dfe31b8ee104aL,0x42923603c4304475L,0x9306f114c460a913L,
-        0x5bfa9faf03b51f86L },
-      { 0x2a23f52c107b258eL,0x989e82bbd66341dcL,0x54a3ced8823cff1aL,
-        0xf45b7794719b491fL,0x898c22182433dfb8L,0x0f9dd91cc49250eeL,
-        0x50c2a2ae4fa17655L,0xf7aa1ce42c327f45L,0x13a15ad6583b1e41L,
-        0x9aa0d5a5a1bfad9eL,0x9b1caa288e1fbdcdL,0xaf9283b6915f7f87L,
-        0xc10e4e0c87e81a1eL,0x04fdca561080d296L,0x6acc961612755bd8L,
-        0x1b1266aa828feedaL } },
-    /* 237 */
-    { { 0x4ebc0a00774ee49cL,0x776f6852cb6237d7L,0xfc0544ac5df938a3L,
-        0xc3388ec8b6fbfbbdL,0x84ac8bcd745f2eaeL,0xa9c56609b1ece937L,
-        0x656fb6ac7de8fa13L,0x5f8ded74a532b871L,0xab0d428baa889f09L,
-        0x43b27f2810b7aec2L,0x26426e1efeecb34cL,0x44431b6b9e89c2dbL,
-        0xaac4bc5d39211090L,0x926f73684fd81058L,0x452fa691471ef60eL,
-        0x33517fdb218d7a23L },
-      { 0xa9c33f46593c4a36L,0xac69d71836b1a9eeL,0x55a20c1d4277beecL,
-        0x3e8ca24e7e4f179cL,0x57373369d46d88a2L,0x71ceb1cc730702f8L,
-        0x8b184d9735eed574L,0x7f4517a20704cec2L,0x7f129d18d7062a53L,
-        0x07a4571bb1d77e1cL,0x774ac3098350d8b2L,0x27b2919f61fab8efL,
-        0xa7c4cc13b5dd801bL,0xe7e6255b1434591fL,0x349937b85a3592b3L,
-        0x31fac63d30c77549L } },
-    /* 238 */
-    { { 0x2ee8cf1b04913fb6L,0x7e4013501769a6b3L,0x790ebb71783e61f0L,
-        0x1e5107f9e27f2ffeL,0x124ba67fedaf89bfL,0x189200e1e58de68dL,
-        0x962732a36df5abeeL,0x72cc37cfacbeb4aaL,0xb0c5fa96e93c5a76L,
-        0x4c2a317cde63393bL,0x97f65e67830b2d6cL,0x4afc35041be5b96aL,
-        0x0bf40a60730ce66dL,0x96a1ba799340d84fL,0x3ee1825407626b08L,
-        0x01db35db7ab0cbf5L },
-      { 0x6e0fbc2dac0efee2L,0x8406ebcdd71dbb45L,0xe72bde3e19b69abeL,
-        0x49cb7e6137e01822L,0xcbb8c01c11458b4cL,0x420b4847687c5d63L,
-        0x1847dfa1454c6776L,0xbede911dd1839d18L,0x1b9dc9c9278df046L,
-        0x294bd62b881a336cL,0x7f09687993e77adcL,0x7ac9066543ce3ba7L,
-        0x148695fd7764eefcL,0xe0c20f0b9ac465cfL,0x636e8d28a6e2cdb1L,
-        0x7b6ba98cd755341dL } },
-    /* 239 */
-    { { 0xcb1d9e03c1881ab4L,0x19c25d55b3168c88L,0xa82d3d47282364ceL,
-        0x95994390f161aa24L,0x7838bc00e1ebb2c9L,0x8fd5dfccbdec7a75L,
-        0x4dd203c24ff7220aL,0x5ec173b30efeff48L,0x99f1d2b316428b35L,
-        0xc06bd9e5056e813fL,0x929172bac0b319f1L,0x6ae0e384fd223b15L,
-        0xbd01059e98d091edL,0x6b3168e4a654648eL,0x2211447f3375e798L,
-        0x47e8101971eb4508L },
-      { 0x7045d45abc8c290dL,0xa33d1355810fb33aL,0x2baf009246fbbf2fL,
-        0xacff3f1b385c7cd9L,0xc5b150ece161985cL,0xc6ee0a7f2a888748L,
-        0x9d888c8e5e88dcc8L,0x4dd735f2ccb86443L,0xcc1e13b73c40f6f2L,
-        0xfc3a25fff3fed691L,0x4cb43b17257ee5c7L,0xaa654f93f32db135L,
-        0x44f58d0a02dff2d3L,0x78e3f188a8ca6394L,0x39646ccef3e86697L,
-        0x785b1902e0dce87bL } },
-    /* 240 */
-    { { 0xfcce2361a92f9a20L,0xb7bdca879d64540eL,0xd4739a851d00d7c5L,
-        0x067ac8dc2e97c926L,0x2aea3ffe78da6a8bL,0x6828bf5463c51b69L,
-        0x76f1c4797155141aL,0xf4bcbef63977d810L,0x75bc4949541bce7aL,
-        0xe01f4066d17041a5L,0xd282d5bd87755eafL,0x6e2107dd59e7ae80L,
-        0xaa56e166382ab36fL,0x65ee8ef6b9d1d634L,0x99a2160ace4ed844L,
-        0x6557c367b7712c27L },
-      { 0x561b0268d75b6e52L,0xb0813640118d0e89L,0xcff533306a2eb1aeL,
-        0x4e4622266d090894L,0xbb351227b5fc1d48L,0x9365ea0757a3062dL,
-        0x4caca37bd66e2dc5L,0x220d7d23b9095887L,0x9c0fd3938c4473bfL,
-        0xadff370a6787da4fL,0xef0aebccd057f4b8L,0x205e744c1173f33aL,
-        0xb8d1f0a5925a26b4L,0xa9364f49722fbbfdL,0xc891ae778227d284L,
-        0x15c40d04a0e08ab4L } },
-    /* 241 */
-    { { 0x9baf169a2a0e18d1L,0x9971c0174c0327c2L,0xd81a323f7bc262ceL,
-        0x2099db8d818ff379L,0x663f663d4cd3c330L,0xef5325c3011a0553L,
-        0x9cd70bdcf980a470L,0xe64452d11c9ed070L,0xafbf43f4ac676e13L,
-        0x97bec0a6ae85c2a5L,0x2faae550470490c4L,0x0ab97a87491e6ba9L,
-        0x4055f537aafa9914L,0xfc95adbb36726557L,0x646343b9d119d6bfL,
-        0x788e94a09d341e37L },
-      { 0x053a6fe59c53461aL,0x75ec897e08e3b6edL,0xa8f5d2f30768d939L,
-        0x9bd6bff6cc213d4fL,0x590c7b4105b0147cL,0x20a3628b7c7b8169L,
-        0xc66a086e5bce78e9L,0x3dd4d2824dec1d8fL,0x890acf44c19dcce9L,
-        0x6632d875d8435a7eL,0x590167c1ea6381b2L,0xb2259797f0dcc128L,
-        0x91a612b446f8d463L,0x42185d78c15efa39L,0xdf55ec37119f6788L,
-        0x91b19cc6780dea93L } },
-    /* 242 */
-    { { 0xebf2709dcb5d8b80L,0x03b96182fc35660eL,0xb873d991055ef969L,
-        0xd1ea4b4de47c4342L,0xcc4b9244d54f8867L,0x93b1a2cafd8d77efL,
-        0x068d24e7e8c1f563L,0x5f5fabb649973056L,0x83248c500542374fL,
-        0xc36de2b53f38e913L,0xed07e8eb7bb680beL,0x964813d7d8f313b5L,
-        0x7bb6a069afd2d392L,0xc06d848e0848a31aL,0x6867fb2fe4f0c325L,
-        0x3c2ba834067343afL },
-      { 0xab62d7759d3ad63bL,0x3f9cab9759e0eb1fL,0x70332a633885e117L,
-        0xf22cafcee20b2f9eL,0xb529ba7e49eca947L,0x249542166228d88dL,
-        0x80ea23ec39239561L,0x1b8907e7d4370644L,0x4b7fa455563e4e44L,
-        0xcca9829eb2a4b0faL,0xd0a720a448060792L,0x8ccdda0c246991ceL,
-        0x37a2325b348d086bL,0x566ed509f60aee13L,0x3d30e091147f253fL,
-        0x1fa627a5c1073bd8L } },
-    /* 243 */
-    { { 0xa11222a242478fd4L,0xacf4c6f1670b2000L,0xf71bb04f8359c6deL,
-        0x618e28297b93cdbcL,0x96e1bae3230db60bL,0xf17fd3b4965b3b29L,
-        0xa58639c6bc7055ddL,0xc3ea92ed4b817d7fL,0x9082b2a6d23b08a4L,
-        0x8471228adc17010eL,0x753b9e4620e89d97L,0xcf7e4f9703ff77c9L,
-        0x6c3f82452bbe60e5L,0x9e432cbcb80e017dL,0x150a5acdc0a45edbL,
-        0x67b8bd054798743eL },
-      { 0xe66079b4f4797cf7L,0xe31c998ad03fde02L,0x5aa3763a54caaef1L,
-        0x64d9a1fef7649711L,0x7ce0dc73af29b1a7L,0x6661b083fb66ca93L,
-        0xbf4d74fe32fb6a78L,0x25f6ef09df00a561L,0x2bc4383f831d1159L,
-        0x6d5cc10c536bde37L,0xd4945f9f882cc65bL,0x81f48f13451a99b8L,
-        0x140161cd6bac11a4L,0x9d94d4edf18a4a0aL,0x65363165a467a824L,
-        0x74297aa9a4c9aedfL } },
-    /* 244 */
-    { { 0xc49758a4e21124baL,0x99bd8198a87ffbd2L,0x45fbcdd13d6638a8L,
-        0x94645ff815f7bf76L,0x5fa6736fc4e6d57eL,0x1eae647592e61db9L,
-        0x79575c0ccbdf944aL,0xa3d1304725b31d74L,0x7881df224cab5ae6L,
-        0x8dbfd2991a2887f2L,0x23d07590a26ac459L,0x2e589852d8661d4aL,
-        0x37b5c13b8a0140f7L,0x0f94199e3fb3782aL,0x722aa0591bc14e90L,
-        0x89aab7bad55bbb12L },
-      { 0x8b345a96d656bdc7L,0x43bdc8afe176cd3bL,0xd69518b632d64c43L,
-        0xfcf364a779b82b41L,0x907b344effb0cf82L,0xf3d0c83c5101287bL,
-        0xe9f26a5934cd90efL,0xe5f5aaf207082b5cL,0x4eb72c75ece7c165L,
-        0xe9590a81be986cd6L,0xfeef498fff1536aaL,0x04560243a8263d5eL,
-        0x940be14f54ae872bL,0xbee7bcc9e3207686L,0xd496a27dc1bc4d7aL,
-        0x002dc2975940ab46L } },
-    /* 245 */
-    { { 0xee533937b69d60c3L,0x260be552fe972755L,0xb11fb78dc0c725a6L,
-        0x6982c27ecab2e7c2L,0x4bceedd9ee2322cbL,0x952b19ed122704f7L,
-        0x2df4c285854a6165L,0xba40b5bf7b192485L,0xfcbca9500119f52aL,
-        0x7467d1cbe5add86fL,0x9bf536fbd9d0f2c1L,0x3c296e34b8d4ebc9L,
-        0x0495f8f405a81317L,0x8c59e8d673335f76L,0x0b53d324e0542122L,
-        0x4d5645353c3bda73L },
-      { 0x7322f8007e5c0877L,0x481b43e60ca9a764L,0x231f4f4ba2c12716L,
-        0x09596857ed3136c2L,0xae82632238db30deL,0x652fad4099908ebcL,
-        0x0b8d1814af0d231eL,0x2680c54b09cbc349L,0xfd4562f34bf3bf8eL,
-        0x2985090b092b595fL,0xe6f39ca45e15fc34L,0x70175191bc378168L,
-        0x906944b3845a4a87L,0xacc6d74a82a1541aL,0xadc9bab3b155c8b4L,
-        0x1f2f89ce77306c62L } },
-    /* 246 */
-    { { 0x8253ef419affefdfL,0x05d7ece54cf9256bL,0x377002f2b444e483L,
-        0xb189755fcba5471fL,0xc88483cbd5cbe015L,0x254f7c696a0b8429L,
-        0x18850bd461f3f61dL,0x7ba210890a247157L,0x35abbc2ed92eeb0dL,
-        0xfb56cabe965dec89L,0x9da23724bc55684aL,0xd8ba396f6a7a7492L,
-        0xfcb90db72ef4ba46L,0xdd234fe09909b27aL,0xbdf3c16476f4366eL,
-        0x09c8097f17e50d47L },
-      { 0x6a04b14060050c07L,0xc29e831843a8e37eL,0xcb9429b2bb55e41fL,
-        0xed2fea5a2ce60e3aL,0xdc7b1ff3db9d82f4L,0x48ebecc3687d37faL,
-        0x79153e32ecb07539L,0x6a60054f57075692L,0x3871cd0c800759baL,
-        0x17a7386f30922df1L,0x4e9fc59e83357b7cL,0x1d26b3a939415186L,
-        0x912a0222d34db889L,0x6672fcf459fcdb71L,0x5a3f268d44ff3036L,
-        0x6f113ed36911e16cL } },
-    /* 247 */
-    { { 0x52a9df591836f1c9L,0xfa6519f54232307dL,0x8406c7015ded285aL,
-        0x0a1545caaf627f75L,0xae1111eeace0417dL,0xfb28bdf6a6113443L,
-        0xde9ef0ab52dbcbcbL,0xe9dc181b7813e658L,0x0b1dabdb99127225L,
-        0x5f0598e322814c59L,0x5c3b966ed934ee7eL,0x4eb84edab99ba4bfL,
-        0xb2919a343c1b55e7L,0xa9addb4994aa860fL,0x1b7220dff6811ff6L,
-        0x6636a23bd1a183e2L },
-      { 0xdf5d5a2d20587283L,0x0b3822c9ef07fc5dL,0x1786bd550ef6de38L,
-        0x163cf90725d1671dL,0x74bf971f1cdb1defL,0x5749e8300842fc4aL,
-        0x0e2edbc727f854f7L,0xbb27bbdabce24acbL,0xc1b19cec05bed08dL,
-        0xaada123ef7c904bcL,0x02429f1bd89982dbL,0x49d3616e65f6e632L,
-        0xa3789fa8ee59fd32L,0x160ba3bafe9f29f5L,0x0f2d3b61af5378a0L,
-        0x7aeecc7673c2a6f8L } },
-    /* 248 */
-    { { 0xf3a4757cdc43b0dbL,0x3d8a4e8598119cadL,0xf8095bf64616c156L,
-        0x3e2a07bc4f533e97L,0xa982436739cfc5adL,0x18a6ba3acd68052cL,
-        0xbd60e5908a1cec66L,0xae3841a502b1b695L,0x986dff12190a195bL,
-        0x2df2beacad31fd9bL,0x7d893224cc728f7bL,0xc38ea7380cf0a992L,
-        0xa8439a80586a44eaL,0xede7f7f01615f03cL,0x4824990827a1f885L,
-        0x28ec4006b78a7645L },
-      { 0xe1820c2ea2fe0009L,0xe11ba5d2f13874e9L,0x97522454c524db52L,
-        0x4d4774267fede529L,0x01d3419a9b2500d4L,0xce08a4921869244bL,
-        0xba169023dd1be1b9L,0x242c3e5432a301e0L,0x9b56f7ba70906788L,
-        0xf0ad2a09c74a8cc4L,0x99cd1841d76f9439L,0xeddafe0b621fb60eL,
-        0x056bee54bc397634L,0x4653f860ff7f0a84L,0x6bd4876f2011c0afL,
-        0x134f4cc70c9525c3L } },
-    /* 249 */
-    { { 0x9621a3ece938dff4L,0x7d101a7b486a79a3L,0xf2c4ef97de950537L,
-        0xf3184099e65d87dbL,0xb89c7ffb373b8cfaL,0x68baa505e842916eL,
-        0xa790fd094ebea764L,0x679df6d4e592892bL,0x2023331cfcfed741L,
-        0x0bf4efd29880ff21L,0x7ca78dddd0344501L,0x2cb09ecb342858c8L,
-        0x9e5eb6dc2575487aL,0x50675a15ebcb0491L,0x09d2e74f7381d471L,
-        0x6ea3782983d3d6f4L },
-      { 0xc65c094b4e5cc40aL,0x7a2e3f6a1af37dfbL,0xef677e9df9026e44L,
-        0xb7878c9593880f53L,0x4aa30b077f644aa9L,0xa0c516832f208c3cL,
-        0x7c0277ae658d663bL,0xef0b3c38ae1d9130L,0x302f37a7695c3ea4L,
-        0xe004c1c56a0c5e0dL,0x9fd495c420cbcf9fL,0x706d5b9d568a0e7cL,
-        0x8b225dff59286454L,0x527d44658d9a709cL,0x47c558da87c08d68L,
-        0x606ee6e6bb4ef07dL } },
-    /* 250 */
-    { { 0x02d99fc757c621f6L,0x292e40c17fe83d48L,0x1bdfc7a19ef199b0L,
-        0x78a04102e62c7666L,0x16cda370e6738753L,0xbc81974d1e3a65afL,
-        0x19742048f78fe209L,0xc83a058abf5981c6L,0xf26b24349c89702dL,
-        0x988b2f1e9d1a678aL,0x472bf9b0ff29ae29L,0xa143e3981d7cf5ecL,
-        0x9c9d7e45b268ddd8L,0x166cda555fc4ff76L,0x6044cdf0a4aa7673L,
-        0x49dba6f7e9148707L },
-      { 0x20e47fb2a758e37aL,0xaf6b31d72d8eaf66L,0x352ad5f96f9c2210L,
-        0x0093f72790efc32bL,0x435c99dc41e4b264L,0xbfa878e005b15795L,
-        0x99c520a40e673575L,0xca68259487eea759L,0x029f7b81f12a348bL,
-        0xa547cc182aa2ce35L,0xa11d874bead5e2c5L,0x9af0349b55682cdfL,
-        0xf86ebfea8bbe8e66L,0x3dab8782f55394abL,0x458bf797ebc8eb8fL,
-        0x4890a7a49b7de78cL } },
-    /* 251 */
-    { { 0xd72996898da995f6L,0xd39eaae7ec6156efL,0x6959040c356a82d5L,
-        0xb2046b21c135bcfeL,0xea720b640f595c78L,0x02824efae7c5fb40L,
-        0x97d8fd4c0edb3bfcL,0x12f0290579f24ebeL,0x16fc47cf187ea6b9L,
-        0xc219fd27789d5c23L,0x233a6b6c89263eccL,0x823634b28b6d30a6L,
-        0xca352e25c9b33680L,0x9388d6ca40c77456L,0xf8e55b0b3c92065bL,
-        0x5c17474b02439a76L },
-      { 0xd888e7c28aaccab5L,0x18027836aaced05bL,0x185b877dccec0f65L,
-        0x93cadc1c125c2882L,0x45df540a67fdc54cL,0x4f3c86e2c2788a33L,
-        0x3e874469e3a0fa2cL,0xc59daa47273983cfL,0x3063c48b4a96d8a5L,
-        0xc38d2bcfc2e58915L,0x90e78b8784e428c3L,0x900a292cf0c4fd53L,
-        0xb7f92db7941e6005L,0x956792416ca53a1cL,0x35f6f31db1ab0fa7L,
-        0x5d675eb47b58408cL } },
-    /* 252 */
-    { { 0xaeee1a77870c6025L,0xfc4a23b791a2dfcaL,0x7b0e60c4386b64c4L,
-        0xd5d5b17de5ae72b1L,0x6dfc88ac9eefa212L,0x4feaefbed4038b96L,
-        0x099ac3568e2d2eccL,0x548ea612012af207L,0x4ffed9db89c31218L,
-        0x1c1e91c4e0e67331L,0x009bb64faf8300e0L,0x8780501c6773c3beL,
-        0xe0cd6edec08219faL,0x7c055e07f81b06ffL,0x82b63f9ce080b36fL,
-        0x02fccbaf0a9feca3L },
-      { 0x9991d4d1b47cac61L,0x2e9d1687ab86e12cL,0x8c6855ec2b94f042L,
-        0xca40051948e648e5L,0x9ba91fb2ef89ac57L,0x4f4192061be792cdL,
-        0x82d221cbbd0f1e15L,0x062eb13bfc444019L,0xf3a97c3299790fdcL,
-        0x4e796d946067a64bL,0xc46dd3006d23775aL,0x8672c4d5ed7f0f23L,
-        0x821851dc3b4f63d7L,0x50a3ae0cd26273f2L,0x800e58fceac60f6fL,
-        0x56f1e45613845545L } },
-    /* 253 */
-    { { 0x01ccb3f632c24f3bL,0x99eb1c7f06d817e6L,0x8dc640bb6aa26776L,
-        0x7838affe0845d5e0L,0xf34fecb1f81a79a8L,0x6a2e282d3e6819b0L,
-        0xc4b977ce8237a4b8L,0x0f46b3db87636439L,0xa465f54097970497L,
-        0xd7e087628791be43L,0x00220b6c34198ec6L,0x57b38637093d94bbL,
-        0x84012e1629d690b2L,0x02ec9db520aad1a4L,0xafee2fc685dc34e3L,
-        0x911d193625500cf8L },
-      { 0x13b1bd58f5e5af5bL,0xa7ca263b7b6a22a7L,0xab6bec4df3af2adcL,
-        0x16651e59a04420bdL,0x3b448b3b4ba36c11L,0x3c62bfcdff424310L,
-        0xde15c4a5f1a96cbbL,0xbe0ad8a1e4d1f980L,0x812bd14e36673a3aL,
-        0x40303af69212acddL,0x8f6dab9c576095ceL,0x7df1882a107f5ca5L,
-        0xb903e63c8896a3b0L,0xf5048544d863b3f0L,0x5e5019b9c09887deL,
-        0x2be744fea0f53865L } },
-    /* 254 */
-    { { 0x054cd05f5b50f324L,0xb9b1eb241ea3c7a2L,0x4a858a5c7ff8e6b7L,
-        0xd83902feec040882L,0x72b26494d0cba9bdL,0xd0176f90b29c9e1eL,
-        0x05d4eb02cebadb81L,0x874405b1372b8bfcL,0x5c41288179ead190L,
-        0xd44a3dd3ec2b48cdL,0x84499a773f4d5033L,0xb37b38cd564c3a09L,
-        0x80e99497f42e803bL,0xc07b47a0b8f518b2L,0xc710e3c53568fde4L,
-        0x735f542fcead0e7aL },
-      { 0xcaa9a17138380039L,0xadfafe17f74d19c8L,0x92d4393eccbc1a8bL,
-        0x3c5dbf39fe029705L,0x4552b5ab930e9b36L,0x7ee630322afd494aL,
-        0x826a9ad73f02ac43L,0x98c5356299356298L,0x0c869f877342bb39L,
-        0xd7510020e4f9b79aL,0x6361d1a4d34789a9L,0xf0ded5bacfa85637L,
-        0x407ee73f88ac07e4L,0xfac7d03f09ef1cbdL,0x25d697cb4d475badL,
-        0x1e984c9d14bd399eL } },
-    /* 255 */
-    { { 0xc76d05614850c817L,0xb08a5b193489812dL,0x7273d1545e58cbbeL,
-        0x8900b5fa4be61e5aL,0xaa088691d7aeb8e1L,0xe66666afd35a3d4bL,
-        0x38a2c19957ec7d3dL,0xa0648e8f668d6f5cL,0x1f9fc92c7adc1746L,
-        0x23a116c0843065c3L,0x36370a2061e6ae69L,0x626c37362aa47e73L,
-        0x540c25f2deff6d84L,0x9804824ccdbed2d4L,0x4b5bfce0039a9492L,
-        0x6c474a5676942e01L },
-      { 0x3aeb9a417d88e3a1L,0x105d3c88c484742aL,0xe59de8d13fe61131L,
-        0x148f5b6b1a869e8bL,0x7a8abc59aa75d90aL,0x2f0c9bc762146013L,
-        0x43faa747c3824cd9L,0x81763a186a5d0b92L,0xbbc341bc9bcbaebcL,
-        0xe1813160f745d1ddL,0xa53ce52db75ce5f4L,0x15eae66cd50de4c2L,
-        0x5ed8996c75d7656dL,0xe4ff5711c4ca552aL,0x215e985a3c5305b4L,
-        0x6b258954fa1ba2ceL } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_16(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_16(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 16);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 16, km);
-
-            err = sp_1024_ecc_mulmod_base_16(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 16 + 16 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16 + 16 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 16;
-
-        sp_1024_from_mp(k, 16, km);
-        sp_1024_point_from_ecc_point_16(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_16(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_16(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_16(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_1024_ecc_mulmod_base_16(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_1024_proj_point_add_16(point, point, addP, tmp);
-
-        if (map) {
-                sp_1024_map_16(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 16);
-    int err = MP_OKAY;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_16(point, gm);
-            err = sp_1024_gen_stripe_table_16(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 16);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 16, km);
-        sp_1024_point_from_ecc_point_16(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-            err = sp_1024_ecc_mulmod_stripe_16(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_16(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_16(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_16(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_16(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_16(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_16(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_16(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_16(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_16(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_16(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_16(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit tx[2 * 16];
-    sp_digit ty[2 * 16];
-    sp_digit b[2 * 16];
-    sp_digit e[2 * 16];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 16 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 16 * 2;
-        ty = td + 37 * 16 * 2;
-        b  = td + 38 * 16 * 2;
-        e  = td + 39 * 16 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 16, base);
-        sp_1024_from_mp(e, 16, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 16);
-        sp_1024_mul_16(b, b, p1024_norm_mod);
-        err = sp_1024_mod_16(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 16);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_16(tx, ty, t);
-            if ((e[i / 64] >> (i % 64)) & 1) {
-                sp_1024_proj_mul_qx1_16(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_16(tx, tx, t);
-
-        XMEMSET(tx + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_16(r, tx, ty);
-        err = sp_1024_mod_16(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][16] = {
-    { 0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L },
-    { 0x170a46d2335c1685L, 0xeac9e971e1007a58L, 0x40e8f3df43ca4a73L,
-      0x2646f81582642475L, 0x3af49bb4b36576d1L, 0xd89e2d1472bf1afbL,
-      0x27be882c2fd151e6L, 0xaddedc858f88717cL, 0xd6d859bf16ac6c6fL,
-      0x0e741a1b2d8eae58L, 0x6faf7a0061c1f30dL, 0x66dbd09a9b67e096L,
-      0x21f11c067d3b4f7dL, 0x6152ba02c727c98eL, 0xafd58891e86cb221L,
-      0x59e93c6a6bd3baf4L },
-    { 0xe54dd36f71dd4594L, 0xbbc9cc9f00aef1e6L, 0x9ea5a44ea19f6530L,
-      0x8588aa993f520928L, 0x9753794c8f5c1418L, 0x118bd792c11399faL,
-      0xb9bd3afdf5cb6ab5L, 0x813d1cb22ecb9652L, 0xfd45626740389813L,
-      0x51f7119b4ac8431cL, 0xdd9f6a910a180eb6L, 0x13946d179f7bfa2eL,
-      0x16f1863150a9d0d9L, 0x5f19c20d6f8373d3L, 0xbe85ac6a9b6a52b9L,
-      0x63ef187b74f62e03L },
-    { 0x7c376b7f016f45e7L, 0x1c1bdb572bec82f8L, 0x7392f741ce429b60L,
-      0x6fdbf0a2c7afd81dL, 0xbda41b1f7241098bL, 0x5b407474bb60f8cfL,
-      0x933e0d41b330bc4dL, 0xae182830733fa3beL, 0xa0ed299b0f5c6cd1L,
-      0x7ff3354e3f9860c8L, 0xb136098615559c41L, 0xab0cb63c129f85cbL,
-      0x682ecc4947685fbeL, 0x505e8ec2eb199633L, 0x90dcc794ddac2cdaL,
-      0x4fe6791cf192da23L },
-    { 0x94a423d505e8733cL, 0xcc845e651d5717c1L, 0x237c7e88e961b322L,
-      0x0c4471c6db4181ccL, 0x00c875e2713bd721L, 0x9dfde9edb2c17b09L,
-      0x430a6de5e88ceaf6L, 0xaaa7a61a7b81cea6L, 0xea52d026233f98d5L,
-      0xb55efdd060689a9aL, 0x30cfa7ce5cac4aabL, 0xfa4db1148e950761L,
-      0x309570c44e9a1e52L, 0x18c21f611a040170L, 0x555d1ffebe78d9d2L,
-      0x04482a18561db297L },
-    { 0xe7758ac273d486d8L, 0x8169f94661cdc1e7L, 0x723c99fc2188ab4fL,
-      0xa0e54f02f3373630L, 0x560bee25bd8c2260L, 0x28fc307c4531bc60L,
-      0xd6f21f1a7e44feb5L, 0xc8e4499c57128d37L, 0x963b053ed7b2ea45L,
-      0x40c27a0432a3d222L, 0x5b51854d35459668L, 0x66e1a49fd73557e9L,
-      0x0d267fd98692077aL, 0xfa1350d3e7342702L, 0x1a9c3f2568ccdb44L,
-      0x833a0ff8dedbf89fL },
-    { 0xa8c419c7ab376b76L, 0x3b7294f327d0f0ccL, 0xe56bb9e2a90c514dL,
-      0x931ba51ea62575a6L, 0x56fee07b098c0a88L, 0x04be5aeeb4c16a2aL,
-      0xe513350be6eb260bL, 0x339edad6a1d5c270L, 0xf366ed59e9dbadd1L,
-      0x4213be882dd06ec0L, 0x22d639c8cb1187dbL, 0x1fec95e1d8a1058aL,
-      0x03f73ea6a2b744f1L, 0x741fd51af4f05c0cL, 0x2e2df95a85f811a0L,
-      0x692b3ce3eb24965fL },
-    { 0x0ce6cb72d2a127b4L, 0x66a46ea58f92816fL, 0x43ecf46347a37616L,
-      0x163d9a01e0ab96eeL, 0xc8145c6db2edbe8cL, 0x2f426cae4de4e665L,
-      0x174d0b4074e252f9L, 0x54c240d77d2af831L, 0x581fa3973d652936L,
-      0x05b9491ca09d4695L, 0x8c4e85335452643cL, 0x32d64331d4128327L,
-      0x6447903870361f25L, 0x774191b189ef09f2L, 0xc0cf0aaf81de5fe0L,
-      0x333e430af40042d6L },
-    { 0x5df04de4cf26d3b7L, 0x57a77306b53f79beL, 0xa4013c5f1808b664L,
-      0xef291ea485037360L, 0x1ffc9d7d0b061037L, 0xd9d04dd965c913bbL,
-      0x948a37aff13b8587L, 0xb5443483fe3ee755L, 0x3fc21e7404631386L,
-      0xb3a104e5cddeb58cL, 0x94fe18626572cd52L, 0xeb9a71a115aaa408L,
-      0x8adc6fe5459ea462L, 0xbb18d1754aeb02a3L, 0xae1276362f7791d1L,
-      0x10e8b31dd6bbd708L },
-    { 0xb87f03e53ed9f1afL, 0x03ad247756676166L, 0x38dcd63074ce15b8L,
-      0x1877e2b026b1e85bL, 0xb1654d171af99c15L, 0x9782e9e49382547aL,
-      0x6dc7fc7c26d55ef5L, 0x9038f95d2fbeb54cL, 0xfe590dfe036c0357L,
-      0xcfcb6eae4fdc3f7fL, 0xcb1fbc54f35e1a88L, 0x3c8e1db2da0a5568L,
-      0x9a87393f5b6f5557L, 0x38646b32e7ac0a06L, 0xfd261c832a8495abL,
-      0x6485524c0cdcc4bcL },
-    { 0x1abfb3e2c4a6ff2aL, 0x2aa03fba35a6428aL, 0x884227f089aff742L,
-      0x2337883aba5dbd93L, 0x38186ae9d2a182cbL, 0xb9f0764d49a01f05L,
-      0x92411feb917b1e7aL, 0x700b1903570cbb5bL, 0x5d5181d5b914be7cL,
-      0x135c44371981182dL, 0x32758d24574b9997L, 0xa650a8f5632d28b2L,
-      0x24078bacfa383f09L, 0x6546a60c00a33d80L, 0xa4061c7a2df8b449L,
-      0x1f76f3f2f234563cL },
-    { 0x9aa2c14344c436b0L, 0x790705561f69c87aL, 0x35f3117b5f6db2dfL,
-      0x85761f41ed56ba82L, 0xf831464f7d0afa48L, 0xa99f29153adce71eL,
-      0xb27bf693116b7488L, 0xa98a5a8c9bb9443aL, 0x7f8780262ee5fde8L,
-      0x3a6f93dd1812acb7L, 0xaf92a4ccdc84bc92L, 0x3c2562aff1d4995aL,
-      0xfd9fc33c04ed899dL, 0xc028ca944ed2a538L, 0xd0f367bb049ea726L,
-      0x04924ffb3d108e05L },
-    { 0x06548e3dc673562fL, 0xd3b33025e2eae48cL, 0xe61fd32b5e1c6977L,
-      0x424e20646ebe557bL, 0x767391c041d6e18eL, 0x4b8ebb8e14d7e95bL,
-      0x4ae8b7d420991b8cL, 0xf8a0df66e01290d3L, 0xc97e24a3925e5f4eL,
-      0x79a7b2cb1508272aL, 0xb40b072e25072661L, 0xdad9e1829062fa49L,
-      0x8780a784f3c53bceL, 0x58a82b769f142799L, 0x08cd849cc1468426L,
-      0x4dfce809c380ae35L },
-    { 0x45069cb2d527b780L, 0xd52da015977930ddL, 0x10cc600be27d0263L,
-      0x34102c26bb2d1b2bL, 0x4c652623554adf3cL, 0xd689138245f0ff47L,
-      0x83fa8cc5ca916e7cL, 0x1e10f139d15c8d8aL, 0xf173dc2e81dc56b3L,
-      0x7fcecb045c4ed9baL, 0x307fd7d847d01228L, 0x24a571539f3a532fL,
-      0x59e9e81de2153c22L, 0xc562595de428a408L, 0xdc7daff89339bd23L,
-      0x0d075908b8a06802L },
-    { 0x870af2a7de085f2aL, 0x88fcd24fbe99b2e5L, 0x88c0d26159ca413bL,
-      0x1f02a2e48559f851L, 0x83b96021f622da0dL, 0x5c05c2f56dca3615L,
-      0x0148cf1c7910c682L, 0x392f2896272695beL, 0x883d0bb5a8d64ef6L,
-      0xef0d22441cfcbc52L, 0xf5dafcec526117e5L, 0xb68612b9f04928e9L,
-      0x283f744d393f2e2aL, 0xfbeed7ed700c1151L, 0xf2cde215a4360dfeL,
-      0x24fa961c2f08535aL },
-    { 0x0767db3f616df7f6L, 0x643057d8fbd90326L, 0x174daa906e82d544L,
-      0x2284f345689643dbL, 0x18b191dfcc89a060L, 0xbab46af4d6c27d12L,
-      0x5a57f486c9895145L, 0xc03214e9cc942f9eL, 0x273e1c8f41950158L,
-      0x8ceb759f39ad43abL, 0x5e1b8b7fe50ee173L, 0xf635b1fc8f4d7d4eL,
-      0x8eff77e3755603f3L, 0x201f61d17752fa60L, 0x94d7a03d4a6fb6e1L,
-      0x371cc23dfc4f0114L },
-    { 0x289b115dda90c351L, 0x6d196ebf364d9c06L, 0x77a89202f650b31bL,
-      0xcc28c1646f57642fL, 0xdc4f7e3608100127L, 0x8836cd08dc4c807bL,
-      0x1280f156e00240f2L, 0x3f9a6d7899cb3953L, 0x40a494d33a802038L,
-      0x45697e91e87d3474L, 0x70d97d0726dde24aL, 0x06f6a58d7640c30eL,
-      0x03c2c0e85ba6e6c6L, 0x330f6a7af1bc13e8L, 0x3e602e4fc9f4d78fL,
-      0x92b6bca00c80fb7fL },
-    { 0x2e3d5c835f00822eL, 0x0e825712b8b16f12L, 0x81c329c492b0a330L,
-      0x6b4e32ada7cc1954L, 0x0bee9cee1bb1413fL, 0xedfb7baa4a92ca27L,
-      0xcd472afaea3b9153L, 0xe8f09e7e00f0c0f9L, 0xa4e1d8725cdebb70L,
-      0xfe2bae084a9b63b6L, 0xf40141b83fd58f65L, 0xd7ec5edaa3b62759L,
-      0x9aaf6e67790e3088L, 0x215ad8301f277e31L, 0xe7db4b98cf33871cL,
-      0x71ff62c94f02f89dL },
-    { 0xaa4c71022a4a84d9L, 0xe2ee4acd5ebc71e6L, 0x3b11a8a5f1cd6578L,
-      0x83f5ef9ffff120a5L, 0xa4c598e109e65033L, 0xe1e9f990ca044180L,
-      0x8b832d46f59828c1L, 0x753f28a033af536bL, 0x92edc4b1b6d4f68aL,
-      0xedde692a72ccd1f0L, 0xd3aa0f7dd2226432L, 0x38dbb63ea3d2661cL,
-      0xf1e19fc6fdc37ddaL, 0x6c18b35084ef6b4cL, 0xe6a83fe9df1bba69L,
-      0x40fd47e75f958273L },
-    { 0x5b88b746267140a4L, 0x6dbbfc1eeab6f2fbL, 0xdd9ec88e69862548L,
-      0x69beeba12eb6efc2L, 0xcfc2214a8ac8ff88L, 0x95d5c96eb5a21950L,
-      0x93389c054171fb69L, 0x2d85d4521b468337L, 0x14d68a084113425cL,
-      0xe52c0139ec6c2174L, 0x20cf0b97f730084dL, 0x1ac16a261f578aa3L,
-      0x18b9fab3f9b6ae43L, 0x68d82111d854a695L, 0x0b334d98dffbe286L,
-      0x5b1c1157e639338cL },
-    { 0x90edaab172b6bb8fL, 0x8dc64ed202fc92c2L, 0xf42ba3c5fe694c73L,
-      0x316dc65fcb54dce4L, 0xcb2d66a3632420dcL, 0x16e706e7056dcf94L,
-      0x2809c764a4f32c9dL, 0xab18d830ea6edca8L, 0x4fd1ace681c65f57L,
-      0x1f91651c7da12c10L, 0x0ac3bd66c7791a48L, 0xb6ad1cf4785e67a3L,
-      0xe4d3fc44da0fd591L, 0xce1648016e1c6344L, 0x84de9cb833e50ab3L,
-      0x963ab83aa756eef4L },
-    { 0x944b47d8df4ea5a3L, 0x965688155cfe45feL, 0xd16e7d588a3c3564L,
-      0x84e55b3ee7c99e15L, 0x3fee204df55071bcL, 0x71006f2904057dceL,
-      0xfe8c390dbba75570L, 0x3645bcb63319adacL, 0x8189e8b07c20bfd8L,
-      0x8e5509697d7d9578L, 0x037d1321b99f4e3bL, 0x011b2521a60cfb6aL,
-      0x66594aaa837382daL, 0xc89b91fd83c1dc07L, 0x6b82b899076b9884L,
-      0x443480fcbe45c558L },
-    { 0xf8ffffb49114221aL, 0x4aec4f2e3e857a7aL, 0x42e2d0e40fa54787L,
-      0xef3e6b31d6f96152L, 0xb2296537fbfe9b77L, 0xc2a9d0f2fb43a86aL,
-      0x241284ed24572ac6L, 0xa3868917e721ba7bL, 0xdbef7c00c117a78dL,
-      0x38149071d31605acL, 0xc2dada9e065a8ee9L, 0xd5b138d8c442be82L,
-      0x9b6c224bf6d72b58L, 0xb9d355cf8eb03e6dL, 0xab6d1eb0a1700371L,
-      0x97118a88cffaa7ebL },
-    { 0xbf9c59a2cdecb5d8L, 0x8083c81ba93a6866L, 0x24e0dd8104774fbfL,
-      0xe779a3caa02070b4L, 0x9d352fbb0fbfb781L, 0xa8b0d8203ef2a1c4L,
-      0xb858637b14b3e501L, 0x5ba70a498a882ff2L, 0xa27300833b06efa5L,
-      0xa42c02f4102fee2aL, 0xe4e762998a0223a5L, 0xdba2ba2685c3fc72L,
-      0x554fe763fe52eae7L, 0x30b5405a270f45f6L, 0xd56a177aa573387cL,
-      0x17c0778d4b71fa82L },
-    { 0x0e6dff1d2735e37bL, 0xc9884e56656ec572L, 0xa2f5ac9d9ebba978L,
-      0x40fa4518ba09f3c4L, 0x8c3fa177f5b04377L, 0xa1a1decd967a2ecaL,
-      0x768bca700528bd40L, 0xf224952b18691c4aL, 0x16e12c45e86d5fd5L,
-      0x7a0d915737859a6aL, 0x723f4309a0ffce0eL, 0x5a8db79ba96cc9a3L,
-      0x6dd12ae01ad23a38L, 0x9ffec3a1e2bf5d84L, 0xd6ce84e1a452ed66L,
-      0x1219d5c8571fe4c6L },
-    { 0x43eaa67f262969ebL, 0x3a3ab39d2f03e773L, 0xe6127e5157bb0909L,
-      0x0f82b0ed8d150274L, 0xffffcad8e580bdbdL, 0x51d3d075a9743e6bL,
-      0x1484bdb18bac11d6L, 0x95cd9990eb24c388L, 0x216a61d07fac67c6L,
-      0x4308f762a04e6b87L, 0x2865dd61cba57cc8L, 0x3c296b0dd234a07aL,
-      0x76f928393a0793f9L, 0x70b57e1f0be29eceL, 0x1314a82f7e626f42L,
-      0x2c8d7ab2d657f230L },
-    { 0x67cf58920825e4d6L, 0xdf51eaa56ef83b44L, 0x63e665d81310108dL,
-      0x229f89f58dd0963fL, 0x8c4b14dd9df6436aL, 0x99dae469d45ebba7L,
-      0x118aab775a4df381L, 0xda8978bd29e37febL, 0x69ced5aaaca2d7efL,
-      0x6c98d05dc67d6a8aL, 0x7474bf0d77f84a34L, 0xd4428b2eed8cd59aL,
-      0xb0fd1cd5d1d398fbL, 0x596013db94a20b11L, 0x96eb705a1b404c44L,
-      0x2299d2774b09d958L },
-    { 0x5b9cd58dc64397e6L, 0xac198f1ebf6dd31eL, 0x5866d8e13e9f1db2L,
-      0x405ae2878fcdc68cL, 0xa4b280cde53c01fdL, 0xdc963f2d411db5f6L,
-      0xed5d5189bec4f8a0L, 0x336fd13d916ee98bL, 0x6925b1b3042df48eL,
-      0x0cf56291ace0074eL, 0xe8d38b4825317e95L, 0xc7ad1d2b821c446bL,
-      0x71c44135f0b65934L, 0x971b736f52ca0d50L, 0xaf9ffa5727b46c26L,
-      0x21ac67791936618eL },
-    { 0xab420e3f2d7fbcd2L, 0x1272247397bdfc18L, 0x492033f84df5d4b4L,
-      0x6fcd42363807b7d3L, 0xdfc19b09b33c3625L, 0x13d6f375a0f22814L,
-      0x70978a59037c19b8L, 0x4f3989970ff27b9cL, 0xfc0e1a45615a4389L,
-      0xffa3496a3e602f74L, 0xc3f1c431b261ca1cL, 0x612211dbee0164cdL,
-      0x30463ee4e7f7be9fL, 0x015f7e7892c2e1bbL, 0x663d88d624483a56L,
-      0x0e8ec1e70e62d9d8L },
-    { 0xa88ccc298a0878ddL, 0x99ac175d6640071aL, 0x90344820a5173617L,
-      0x316d023edd58a315L, 0x30785bd488d221a1L, 0xb74b3de7959c48e3L,
-      0x42ee03824c67a771L, 0x59ef6cdde0b91453L, 0x7830ae289b237e91L,
-      0xe1847a4c495d8325L, 0x67b1217ed0773666L, 0x58192c86a294a325L,
-      0x76aa0f56864d8326L, 0xe2a2bd12f4b13e5bL, 0xd850c1c01b6b73fdL,
-      0x653a795f5d103635L },
-    { 0xcfe2898550dcb199L, 0xb35b8e5e7fa02b60L, 0xbca7d7c3c97603d0L,
-      0xb0e5288d27f131b5L, 0x3aa704dee2b12d52L, 0xe206b1d81db725c7L,
-      0x0b12839ac5d1b113L, 0x14f970cbdb45d763L, 0xc997f93eb2125e8eL,
-      0xbd75739cee7daa26L, 0x46ecbd3f1fef20e9L, 0xf994a1147c6a42b1L,
-      0xd289eb4f27fb0fd1L, 0x11186d319a40da4bL, 0x083f65a5fb9d7976L,
-      0x30dfc47bd444675eL },
-    { 0xbcfc5ae29eaadfe8L, 0x25027e54b4d4e812L, 0xab0702df8b533561L,
-      0xa2b9c20456a6a214L, 0xb1a3df7a3059068eL, 0xa3514b219883110fL,
-      0xb7be2336c4b78e1cL, 0x17073ce63e2f6984L, 0x86e114a62ddf7ac6L,
-      0x276192bf07d7c3c8L, 0x5da69e0beb1ae289L, 0x983af17525184939L,
-      0x9ac52a4d407a3aa0L, 0x1535c7daae0fe218L, 0xe16fe872397f2501L,
-      0x572a591f54c212cfL },
-    { 0x4966841909a5553aL, 0x3f054318327733bcL, 0xf9ceb4b23eefd690L,
-      0xbd3cbf9bf22126d4L, 0x6d9671c02fed9578L, 0xbba597ceca0306d8L,
-      0xb705ed613d674fe5L, 0xf1d3622b67f33f76L, 0x15bcf3c611cb8c31L,
-      0xa38467dce53d1aa9L, 0x902fe929f908ab43L, 0x6e3e499d8d15767aL,
-      0x8142db5c90afd07bL, 0x120c6fbc6c8b190eL, 0x80c8655324919a4eL,
-      0x65c2cbe1d8c82c3cL },
-    { 0x684cda20a660bb63L, 0x27dc3b0a86e86245L, 0x76472cf66ba0eed7L,
-      0x79c162e5679dd158L, 0xb688427708452d44L, 0x829bc6b3413f579eL,
-      0x92ea15ec95011770L, 0x5e34e30047738183L, 0x8c3ca34973e1d2f1L,
-      0xa5c4f1dc229bd3deL, 0x783eff1b94ef7ed3L, 0x46db738ddfae7a1aL,
-      0x4353d72e1a099852L, 0x2533ad58a0dcf4abL, 0xd80550160e7888b9L,
-      0x831440d53ba77f66L },
-    { 0xf43e2e32f611b2daL, 0x5d066e29d0fa46acL, 0xe897f3e8820b3c0dL,
-      0xc45c28e61d3e44f0L, 0x929d7f66dfd27a66L, 0x735b860a101e8517L,
-      0xea3fce983de078ddL, 0xc9977db5638ce11aL, 0x0488382f48536b3bL,
-      0x7e0c7a3c64cadfc6L, 0x3cd17f7f82147b71L, 0xe95663cc1b411e3eL,
-      0x5739ac8f985fb46dL, 0x385399cdbcf119caL, 0x4a985a70e15a2815L,
-      0x504c3a8a6d5f4566L },
-    { 0x00b55283b8fa53c7L, 0x985cff38509474e3L, 0x234d241c437ce25fL,
-      0x29832430e5a129edL, 0x6ad38956aabcc674L, 0xa2dc001d7ee81ee1L,
-      0x4c23c6b6670b2702L, 0xb35e567ea6e8a3bbL, 0xbc70b3cea69673eaL,
-      0x85a7a9c3e6e28eacL, 0x2ae684de5537b7daL, 0x5ecac3e56de937dcL,
-      0xbf2ea6c9f8430422L, 0x38caf7d077fdc520L, 0xc27af0b169f56addL,
-      0x496e4699c71d21d2L },
-    { 0xba14fc829fa93467L, 0xc2e376840eb2a614L, 0x659bcfaf4833e09bL,
-      0xbc8597523686bdccL, 0x40bfd08081f3216aL, 0xc463bda617c081b8L,
-      0xbd01fa86bb04793bL, 0x5a21ece62cd640c5L, 0x97bf6a542203d5c4L,
-      0xceb40edc951167b7L, 0xd67aacaf765ba268L, 0x8ba0d9e9aeab51f9L,
-      0xc14b215eb0d6863aL, 0x354cdcdbe5f06952L, 0x4f2b5ccfcb3744b5L,
-      0x1338917313037fe8L },
-    { 0xee68064045003cd1L, 0xfdac17bc44ae2ac6L, 0x4bcd419fde8e5314L,
-      0x81e34eb9c7cea95cL, 0xbb57762d38f37e01L, 0xecc4cfb0260990c8L,
-      0x0bc493f950a34a7bL, 0x68074172543304efL, 0xaec0fcb26bc8aa2aL,
-      0x9e7a9b463b45fea5L, 0x4bb2952e55fbdbacL, 0x50f0c0a60485dff4L,
-      0x02c5104d4dea4796L, 0xd2cefa09695e3a02L, 0x4c8102b46da1f345L,
-      0x422eb573f3833fbdL },
-    { 0xac592eb6a6ad3f47L, 0xb0861f6d9714ba0eL, 0x57c1e91907281459L,
-      0xcf7c94e264ea5803L, 0x725376ac54b12723L, 0xf2a6ba41dafb736aL,
-      0xc89e8920cba03cdcL, 0xf2e20cb45b0fd3adL, 0x26ea5a54d66059feL,
-      0xee63fa8b889df8bcL, 0x40f1c7e166a3f2bfL, 0x09febc9c747312e1L,
-      0x7d19b9c2727999ffL, 0xa9fbbb4cb7fd2b05L, 0xcfba27d7a0da2dc6L,
-      0x368541cf2c252582L },
-    { 0x510d3c9e22799d37L, 0x1b677de5acfa333aL, 0x4e6ae18f080f795bL,
-      0x69b53c2aafc8dfc2L, 0x797541b60e842dc2L, 0xd5a6f2afac067fe8L,
-      0xd0208a03bd07d877L, 0x34b473f0654be2f2L, 0xe67c102af515e23eL,
-      0xb00dbf9d2ac1af48L, 0xe264fa41b6a13d00L, 0x1669786a97e94c11L,
-      0x09d8cf2d86a586f4L, 0x073bf869c7f927e9L, 0xb89778802241a566L,
-      0x59a5bf5922261334L },
-    { 0xe9d1c91e81347191L, 0x186c1abceb969972L, 0x07888767a9d46a7fL,
-      0xda93cfccdaa7d397L, 0x08bee9f1d91b9aa0L, 0x8267fd78f8dd3c6cL,
-      0xf93860d094228100L, 0x6a6a71aadadb47fbL, 0x9caa06b7a6156f8aL,
-      0xaa1b05e039848bc9L, 0x36ddc2372aaa9135L, 0x77e7e079b13f3bd1L,
-      0x8d0b5cbe4acc5f4dL, 0x04da45f8984cfd36L, 0xf14ef618d3d3e0f8L,
-      0x467564c143eb799cL },
-    { 0x8d725904b6fff5d7L, 0x037f33af92dc4752L, 0x9095d5756d20b8aaL,
-      0x32235fc143baec39L, 0xa2feb4af68a2b9b0L, 0x61c5031894d35c61L,
-      0xac92b6a2ea877486L, 0x8eb48b15011bc6f3L, 0xa28fe128c79edcb2L,
-      0x9f71bc0ca5d2a006L, 0xf31677322f15b850L, 0xfe8d728c7a036218L,
-      0x068f39cb4f81e09eL, 0x1773f0167b7c50d9L, 0x0d0f7adbed6a1e03L,
-      0x8a0dee164ee984d5L },
-    { 0x504991bf47366e6fL, 0xb8084d9fe86c3005L, 0x14c4c751a40cce36L,
-      0xbbb46aa63f1961e2L, 0x56a785f940445e43L, 0xdb8d1b57c91e215fL,
-      0x6a8e453ec7ee808dL, 0xc0367ef8bbaa1e8cL, 0x310d91f1e3e18109L,
-      0xf97cfd0e7e20a2c3L, 0xf1e80c84554cc277L, 0xe89bbc1d7b628403L,
-      0x7778a9663fe0a17cL, 0x9e9db19fc1f00073L, 0x2ce7fe7db6f6bed2L,
-      0x7b04b5d2ee97ce23L },
-    { 0x5b546bc782c5faf8L, 0x1a734c5e8eb81097L, 0x3d566861e77851e0L,
-      0x833a1013e956d51fL, 0xc7351731c3c3c37cL, 0x607738fbe0c148ecL,
-      0x2ec6f0bbe1bbef41L, 0x0aa2ac6ecfa51857L, 0x072902d766e3adf0L,
-      0xcd4d5089c622d6e3L, 0x3ae21b23a6dd802fL, 0xe5465a5533886372L,
-      0xd85119a0a8d81822L, 0x4f14d0323786977aL, 0x515b081c9c7b272cL,
-      0x1c6a95a4c99be31cL },
-    { 0xa6b14ad5c2821363L, 0x829c18234d17de1cL, 0xaef5d2c4ccade848L,
-      0xf412ab3982489e27L, 0x92c9c098f081d927L, 0x6f87bdf475cbad1fL,
-      0xf4aadab81a1d9fb1L, 0x475a7923b75f3b76L, 0x99dd0ad6dbbba8feL,
-      0x836f61644b70ab45L, 0x2a46488134bd9af1L, 0x5c91226eba9abda3L,
-      0x4cec8709e65625fbL, 0xd4b3919e0818e4beL, 0xa5c09c8414f6879cL,
-      0x72708a0230a864c9L },
-    { 0x4f33c0b1f34a466cL, 0xa1bae09c7f9d45baL, 0xd70f0fee0e28785cL,
-      0x824c714690880881L, 0xe2416c2abb043da3L, 0x733da713cec6f432L,
-      0x2b590649c9793e1cL, 0xdb62d5b0b35c9365L, 0x355eb6e23e5c1b2aL,
-      0xcfe8b5cebb16b515L, 0x9e081869f709691cL, 0xc865f9fb61a85bd5L,
-      0xf169d3ccfae103f7L, 0x9525c47373467e9dL, 0x7db55c0b43695113L,
-      0x7491c74c73265d21L },
-    { 0x312ed5bf80d2b94dL, 0x1b8ac633ba4b260bL, 0xac86c58cd62219a1L,
-      0x317ccf6baeb82c8eL, 0x2dfb29ee59ef9cedL, 0xdaa7d898e42bcd5aL,
-      0x93e295c85974b201L, 0x69e75784d9fc5adcL, 0xd6c4709f012aa3baL,
-      0x1fda9f37c85d3cb9L, 0xe5487e25d3dd4abdL, 0x00fd4b010b3ba22eL,
-      0xcb591493c6e8dcbbL, 0xb7329fabbce68664L, 0x6829d1c268906b76L,
-      0x8bcfd3e574176841L },
-    { 0x06882734d3c8c314L, 0x95f0b2f111870833L, 0xb937f7c3c068ba16L,
-      0x5365e0d877924787L, 0x15527e5e1f992227L, 0x0a06964827dffd4fL,
-      0xd58b3df22f586389L, 0x83446b896af20eadL, 0x09d7970b50746257L,
-      0xd9e8d2064022a691L, 0xd1e5f8af671ec379L, 0x6f542509057fe91eL,
-      0xf14dda8152890418L, 0xbd78010e1db932adL, 0x3e18d1e4905a9378L,
-      0x53cadcf7bd37ab49L },
-    { 0x1bb5edf75e53d0ffL, 0xd886606c888abf67L, 0x6491b0f812206d15L,
-      0xb3018345e22b6a33L, 0xaba6794bb173b317L, 0x8c1e58677dc9e595L,
-      0x4e106482239624d1L, 0x61752e59da55dd53L, 0x018b4eab9e42879cL,
-      0xcaf6784b491f2bedL, 0x3dcdb9d21e79429eL, 0x3694148510f26224L,
-      0x106f190aa650ec5cL, 0x7542a5aeb69a9760L, 0x69bd75e9c32d1046L,
-      0x90849964bf8c62b1L },
-    { 0xb1390cf65a93c661L, 0x184862649db5f056L, 0x92a93a9da51a1788L,
-      0x1b0cbb8f6772de9aL, 0x6e67febd7c71487cL, 0xf9b4382d4e62423eL,
-      0x96fda50ebb5a42f8L, 0xc921b3376089a4f2L, 0x49d32d7b875ec516L,
-      0xbd86d2cac410124bL, 0xf6862209c421fb7aL, 0x3e1949abf6b7de33L,
-      0xcdee18f0e93c9268L, 0xd4edbd5e08dc4cc0L, 0xc2b75be473580d22L,
-      0x3d7f6ffa468cd7e8L },
-    { 0xea7b290cdffbd5d1L, 0x9d759da6970338dfL, 0x56680b0890feedc9L,
-      0xbc690af542dce68eL, 0x8519df2bb2ae4d82L, 0x5612467f7f195b60L,
-      0x659a342cd83c21f4L, 0x55771bf555651633L, 0x5fc68935548ba562L,
-      0xb54192039492f23aL, 0x567528e39c9c6017L, 0x3f064ed4511e6019L,
-      0x303f9eb91d16a555L, 0x3e18c4fd2254abeeL, 0x40994d6ffd434e7cL,
-      0x8fb12d3f6dde74e6L },
-    { 0x6c6381a2293cb7a4L, 0x453e09f0b87b7e4dL, 0x4f212823078ac3efL,
-      0xe89ffad0578cae91L, 0x4a2b696a716ba4ddL, 0x14681a14f6f580a0L,
-      0x1358f97b4c2f1307L, 0x878969962932fb89L, 0x29dd850a268a5af7L,
-      0xaf771f6dfe239f83L, 0x5f20fd2e4f47499dL, 0x9b643e77867ca0e9L,
-      0xe7858ecd375981ecL, 0xbe946a5919ab1c97L, 0x4f9303a206ff3453L,
-      0x3fcc673175d237b1L },
-    { 0x509debd5df21f920L, 0xfaf70e1fc1401b90L, 0x2429cbfd95a64aafL,
-      0xf21208552c37a122L, 0x1d4c93f47deb926bL, 0x12f3e4c09fb3f1dcL,
-      0x56085a595b51bc46L, 0x2a2f5d62f10fdbd2L, 0x60dd62cfdf0cb3c2L,
-      0x154424a36b0f254bL, 0xc3a5a05d564612b7L, 0xbebe30cfa1f5249cL,
-      0x24ec69037e62a188L, 0x75f0fbacaf429939L, 0xd41345dcb3fa8685L,
-      0x645146fdc7151c34L },
-    { 0xecec633aba1924f9L, 0xbba6f136006326e1L, 0x203757ac7e50fc17L,
-      0xca531919ef3d8e00L, 0x9545a6aa51dc5a74L, 0x6e21d58fd31412b8L,
-      0x01bc30057bb1d000L, 0xf1789c696ed1a9c3L, 0x7af2d35f9858fa48L,
-      0x434d09b98197be85L, 0x1dc0775529aa265dL, 0xcad03be7c058fa80L,
-      0x92d70a9f54ba14ceL, 0x6dc785056c050a74L, 0x2a7ca4a94d005ddaL,
-      0x448d3d72abfb9f2eL },
-    { 0xdc56f14529b33989L, 0x868351bca9ae815aL, 0xb3f456134b074414L,
-      0x955ce42a3cd9f33bL, 0x13ade4ec5ff6e4a3L, 0xd3aac715a50eaa91L,
-      0x0c61ec995666efdfL, 0x108a28b8f6a4470aL, 0x402ef584e54844c9L,
-      0xb825b162d0e2f337L, 0x3dcd131fb46f7cbcL, 0x208178ec96f2fd89L,
-      0x4d8c5d6725928c78L, 0x285a33df9963c459L, 0x72497175d92a309fL,
-      0x76881479cb7019a5L },
-    { 0xba43a11491767eedL, 0x5e11b9ad92bf65dbL, 0xe8a22ce003a5e21aL,
-      0x636044212a335415L, 0xc2c563b44a9ead62L, 0x4bc06264a0b2aee5L,
-      0x75b8d5758bf2e1d7L, 0x1cff0ee7d08a265dL, 0x17914e1db0b712a7L,
-      0xc35925d04b18692dL, 0xde253f4c56cce815L, 0xa479241c9fff0e3aL,
-      0x50b9d06eddabed19L, 0x6713526059fae506L, 0xf37600fb532ce180L,
-      0x670eb01c5e5a8626L },
-    { 0xdf73c0af73cdbb43L, 0xcf08ecc57f2431adL, 0x917805412a1a3845L,
-      0x69a104f29224ddf1L, 0x4352f38dbeac7effL, 0xfc3b3b4e7c2d1322L,
-      0xa69e9430b5e4b476L, 0x7d932340975a46f0L, 0x8093899e5d64eeceL,
-      0x7b821250db2345e9L, 0x235529327f4b796bL, 0x2ee9cc154bb90b1fL,
-      0x1fa9c8f59112f7d6L, 0x2d0f2f981cbaae32L, 0xb77f03660075166aL,
-      0x504852e7635dff27L },
-    { 0x2f0f3ce5a2f392faL, 0x326c076aec6c9078L, 0xad01de9284baaaf6L,
-      0xb01b16d3cbe8e993L, 0x71305c242d950908L, 0xc66fd6173853af38L,
-      0x7735140ed3c429a0L, 0x8a31b12a1fabf027L, 0xa0530002058b3177L,
-      0xabffd9fca9c7deb9L, 0xd05ef69be8667d30L, 0x2f3a7308e9a9e13fL,
-      0x3f4c9a19b91eae9cL, 0x50d0cee7618ce6c4L, 0xfb24dc405240f8b0L,
-      0x992fe151f7e90cc4L },
-    { 0x4454db3138f197aaL, 0xa4ded69d87872f98L, 0x97b427b044f0a828L,
-      0x9821e1aea31e48c6L, 0xe38cb09fdd98efecL, 0x20b84fa8480cb3aeL,
-      0xba5bb4a847475573L, 0xa9be080acd50e96bL, 0xc4451e9cef103550L,
-      0x626ee75fc441325cL, 0x6eea5e9838a5e33dL, 0x7321beb9a2b0abd2L,
-      0xca92e4849b6082a9L, 0x1dc8168a992bcc2aL, 0x134ecf4b9c8eb9fbL,
-      0x5a68bfa84c5b71e0L },
-    { 0xb4ff3b45ff0a2bfbL, 0xd105fff95502f8b0L, 0x14de58855b1c0c26L,
-      0xed16865b0d3b9d04L, 0x2f5a2453026d3917L, 0x6a22f493f4db3c0eL,
-      0x4871548ae2418f2eL, 0x6ab363a8509bef61L, 0x91ca1e3ab8cbbbecL,
-      0x71e0dc984011a396L, 0xff982e0a0d5ca577L, 0xeb40b04581897bc1L,
-      0x4bc24a46085ad5e7L, 0xd15c8fa0a6337b7cL, 0x56ce6ef7bef1628fL,
-      0x78acfdf99f5ef439L },
-    { 0x45bf7f15f8520189L, 0x954202a0c77f61c4L, 0x39edc6b9dfa22e1bL,
-      0xd2d602671f4a3487L, 0xcd9339294814cc52L, 0xde76a12405e9f123L,
-      0xe2306ea0ae36b6f7L, 0x53815218b83a58e0L, 0x9862bb76a041231aL,
-      0xe8da253cbf31be71L, 0x2dfc533237de861fL, 0xf25c93f690ae4890L,
-      0x66bcb8f08baa6ed2L, 0x6f10ae0f908b4a29L, 0x8cb4b48cb061c949L,
-      0x0ad92d73d075a366L },
-    { 0xbfb95fedc2ca548aL, 0x4778c62080cd89abL, 0xbe99154b3466c280L,
-      0xea3be093d4be8902L, 0x847b799513e681edL, 0xf22a8f4b02f40161L,
-      0x3ef2cb4d4aeb7fe8L, 0x9adc5151b3aed5f6L, 0xec1ccfd198c31163L,
-      0xdc2ac17ba3d7d88fL, 0x08fa64d346421097L, 0x5ebf80b794b90bcfL,
-      0x1b78b4ba0b50a9ebL, 0x1a4fe934279aa66bL, 0x8ef4dcaf075b3cedL,
-      0x95bbd8a070a6e9aeL },
-    { 0x59f92495e614bbd0L, 0x7567a887b823e363L, 0xe247c9ecfc1bd6a7L,
-      0x2bfaaf478e835c42L, 0x314ef4e0aade066aL, 0x072baa635c16d336L,
-      0xfa429c71e2f0e389L, 0xcac1e5d0bd07d90fL, 0x69ff35ea514f5c04L,
-      0x893053fcc0554ec1L, 0xab1d86b72a35947fL, 0xe29fb0602aebe487L,
-      0xa0a10d6ddfb9cf21L, 0xad147059f20dfcf5L, 0x480dc66fb8867a2aL,
-      0x375a884fc125a919L },
-    { 0x178cbe2e1217f7eaL, 0x1a161e2a875c6dabL, 0xf7707ec01bdb1a54L,
-      0x678864a0e4fd73caL, 0xbaebc664d13a0d86L, 0x40325f99c8d30668L,
-      0xb93ed9c92f1c5950L, 0xfdf36763541e0667L, 0xfd97fbb0b91a6763L,
-      0x26aa69ea6079c9a0L, 0xc7303c801eaa8c47L, 0xdec75c81afa63c55L,
-      0x01cdcde24fd12adbL, 0x9fe0dda71968838aL, 0x66bb093b38415379L,
-      0x268d818b08cb84ecL },
-    { 0x73dae35841580555L, 0x4fc32e67473d103bL, 0x240c1013beccc1abL,
-      0xda4099f2b24ee9deL, 0x37b0cb5b9fa8e066L, 0xb5ae04e46438d7eeL,
-      0x7f7d31642b720140L, 0x86ef4edb339e4a78L, 0xa5e77eed3a7d8375L,
-      0x883fad37bd707c2eL, 0x816b633a0f979189L, 0xe24c028a2e7a208eL,
-      0x1171fe3c4435516aL, 0x3eb93b334f5f2bf5L, 0x8419ed4b01b53a56L,
-      0x8b02735c056ca44bL },
-    { 0xb89bb464e1019195L, 0x1de4c026f3fc28c1L, 0xac120e6e2bfc3b21L,
-      0xec71bc5a91bdf92fL, 0x485d7ab40d995bc9L, 0x97c6768ee6491ffeL,
-      0xd9552d19afbce265L, 0xbae6c7fe8e1b76c2L, 0x167d8281d7e3ad1bL,
-      0x3e149af95e989734L, 0xd1f0024c8a0c8182L, 0xf571ffdbc3006c0dL,
-      0xb32ecf7e58773d4cL, 0x5822a782fd3540d8L, 0x5ab45c3f04365042L,
-      0x400e3aa04b4d85feL },
-    { 0x473216495e46e4a2L, 0x37a2ed6424136074L, 0x659223b1c60ec77dL,
-      0x5e13aac3e5e0ac2eL, 0xda17c41bc5107ab7L, 0x65b22ec973c253dbL,
-      0xff3867b8a5012296L, 0xfed660d50621a99bL, 0xa3c28506c89fc3f5L,
-      0x3ed350b9f16451a7L, 0x27c3e03267cb586fL, 0xc807c779967185b1L,
-      0x09c157d44a13009bL, 0x362f7647adaf1f4dL, 0x4a42b9acf3a6a198L,
-      0x131c3da28da6e039L },
-    { 0x4a785ff1a7da83baL, 0xf415b425d04f4436L, 0x7c0899bdec03f812L,
-      0xc58d411a80f5f4a2L, 0x3d32d610fda251b9L, 0x99bb4504cd3b2f32L,
-      0x198c444bf4c2083cL, 0x60c261af730e83fdL, 0x060ca4dfcb02db90L,
-      0x0ff7838b9df1e7c8L, 0x6b79cf97c4c690c9L, 0x131514d75d75f154L,
-      0xa7c074f11cb0e8ffL, 0xb920aac1b2c17615L, 0xde8098ad44aa0ff0L,
-      0x71d1a46a34545ce9L },
-    { 0x76178f76fa1b382eL, 0xa0d8ecc3772dda0dL, 0xaa5aab2ac5d4d130L,
-      0x27d38ba48d72622cL, 0xc5410db6ca3bed06L, 0xf637a588793ceccfL,
-      0x1f65dafd6e65e3d7L, 0xc3b44a8560a45641L, 0x0f47b3a84f78540bL,
-      0x824fdadd5e4d60f6L, 0xd8ccf90c17d3b6d5L, 0x008eabdf325fc13aL,
-      0x3e90d7163648fab9L, 0x3964ff3a24c52d4bL, 0xb95cc416533d0acbL,
-      0x6cd2699f1167f521L },
-    { 0x2d8c0b3b12f4f3acL, 0xb03dcfe299d1bdfbL, 0x540034f830f37326L,
-      0x22dd68937c5a8c82L, 0xeb7093d0cd8f1442L, 0x892795a7585742f2L,
-      0xe15f282c087adaddL, 0x7bbdc74916ab7b5eL, 0xd30fe40ba58acbb4L,
-      0x0de417ebe2bac39bL, 0x4b4b19a6c61a04bcL, 0x9338c34df2735569L,
-      0xe8f0374230ab196fL, 0xfa2efcb86c88c965L, 0x19eee274c7eeb826L,
-      0x327c063fda345dc2L },
-    { 0xab399eff5b47cd53L, 0xbbe9869d1943aefeL, 0xe64ecc7b1402a866L,
-      0xc3e7c2aab1c25a16L, 0xc4216b79022de271L, 0xe58dfcc8366d6a5fL,
-      0xd159509eda813336L, 0x370400f2130bfb7cL, 0x1be4e05993b48780L,
-      0x0623a1fe39f3cd22L, 0x72aa22b2eecb4f87L, 0x1af4c4966c27b83bL,
-      0x7a42a94bda5fa5bfL, 0x9afba82248b01af2L, 0xeb6b9d2a3670112cL,
-      0x020f19d1c0df6856L },
-    { 0x37051a86a4dbba20L, 0xb618ebc6db1de5c5L, 0x9a780a19e6525840L,
-      0x9440302dd2bccc4dL, 0xe9ff023d10285a24L, 0x3b937ee33a486268L,
-      0xe37ee2f24cd61147L, 0x79fbbfd3a3d057cfL, 0x5fba16d3ccddefceL,
-      0x916058ec5b231727L, 0x47699ebe720c3adbL, 0x262743868b4f6bbaL,
-      0x54b0092af18a0770L, 0x99d090ebacca1160L, 0xf757e1ff0c888f60L,
-      0x79e72720b0050544L },
-    { 0x632acf252820a239L, 0xb1a3974eaae6b310L, 0xd61fd6ba48c0a1dfL,
-      0xd2453c395a3ee7aaL, 0x548455a0b980446dL, 0x9f29d97bde16676fL,
-      0xf252ca0c789375a1L, 0xe961af3e7743a985L, 0x70c79c5666cdbd8dL,
-      0x14a3854ecbc538f9L, 0x58daa73aa126851cL, 0xe9b5bb452a9f558cL,
-      0x37af7f83fbd15e05L, 0xa448792738a1939dL, 0xe428b2b59511a056L,
-      0x001d3ce37015846dL },
-    { 0xd6be36b9e145b1d7L, 0xf3e3938a009c5664L, 0x2e562e7de7c0f6dbL,
-      0x951044e6c343f539L, 0xa5ab62b8d90897b1L, 0xb1a1f70b512f797cL,
-      0x91cdd754750f28e4L, 0xb4c80e2fffb8165dL, 0x65ed39c7594d02b3L,
-      0xcc12a49d56833edcL, 0xe73694bcf3693a18L, 0x34cc134afcd2c404L,
-      0x071bd5fc11d40194L, 0x05759047fc585e46L, 0xb3280360790b7a04L,
-      0x4bb8c6fc40afc684L },
-    { 0x3120e2ddfd0f8796L, 0x6968a40db133c9deL, 0xfea366c0a9369c6eL,
-      0x37e5b6d66007273bL, 0x39e4ecf08cb81439L, 0x487fe9cd9febc005L,
-      0xeb8af4440199b53cL, 0x2f124e3b293519ebL, 0x860c218ac82c9c16L,
-      0xacd1d6f2709dc590L, 0x5696d54536d50529L, 0xc03f5df959120bfcL,
-      0x99a3e88d10ffa690L, 0xd4f9cfa56c432827L, 0x2e8fea9e9a135d89L,
-      0x3699a881b6a77e78L },
-    { 0x5bca33721eb1c64dL, 0xe9cf3a2df1d28154L, 0xb7e2e9b36537106fL,
-      0x06c171514f7cbf4dL, 0xcbde416e2058b37fL, 0x82c53a7e8834e9c5L,
-      0x94dbdfe2e9ac3a75L, 0x795ec6cbc5e67c02L, 0x8c23c25f1426a80dL,
-      0xee2cd20d6a8d4f9fL, 0x838daa54d3b7c235L, 0xb9e08ec03d7a4d52L,
-      0xca9475e9781cb473L, 0x7271f39e5ec31caaL, 0x1df08e9f82535187L,
-      0x4f3a4b03208aff8bL },
-    { 0x0f7b81071ed095f8L, 0x23e37fa6da226d4eL, 0x8b0f9852afb36d1dL,
-      0xb114634e07d8e311L, 0xb9634a97e3e0f16eL, 0x2454bb9c421eec37L,
-      0xb4ecd5dbd72b21c1L, 0xf96038686df20d7cL, 0x9f5359fddf86e0a2L,
-      0xc43d54fa5ac488aaL, 0x56d714abd1049df4L, 0x13152b3eb020607aL,
-      0x49be1c187a02325eL, 0x44f24f4a52ae84dbL, 0x9e525c030b5a7b80L,
-      0x6d874446a6d179fdL },
-    { 0xd29d07aabe9a42f5L, 0x1fd5316c3781ccc8L, 0x71a75a6d9dc69ea1L,
-      0x4e19e0df88fee91aL, 0x99c2b4dcf8d44f12L, 0x05f6df9231ae94e4L,
-      0x27fba876cf28ccc2L, 0x6e1a0f01f57f7cebL, 0xe03f1f34f3fd3b74L,
-      0xa0edc4a742c1d213L, 0x5caac2707deb8580L, 0x0f5d791faf0848bcL,
-      0x17f514ad07ac759dL, 0x95a39734904fc531L, 0x95a4aca97bb70f3dL,
-      0x3cf384c9ff9c5609L },
-    { 0x700506bace1fc9e3L, 0x49721742676b0399L, 0x2b4a1b8de72bf7b3L,
-      0xca8602a879b209f7L, 0x90580b90ce26a8e1L, 0x1ef339b7fe24f39aL,
-      0xb6c5d991629362e1L, 0x51174e1a577b24f4L, 0xf380fcb505e451e9L,
-      0xf4d97afb148321bdL, 0x099806bb747e5d2aL, 0x85525d65be99a608L,
-      0x264828d9d455e820L, 0x8c8c5405d8560a65L, 0x3c67e73c71030770L,
-      0x2b248850ee73df26L },
-    { 0x2173cde68541159fL, 0x78224c184fb410b2L, 0x07a286191f2ca1c7L,
-      0x52c207d6a8b23e40L, 0x071a0210a6b2344aL, 0xdb0e587cb5ed2945L,
-      0x6c56b8ef810fcc6cL, 0x1248c58f62d843b9L, 0x4b90363d74c66975L,
-      0x6348f7f2e66c66f6L, 0xb2f9d441c126bcbeL, 0xac07f2a373ce49e8L,
-      0x52486758e81b0df0L, 0xa108b54d1d4621d1L, 0x17261ece74414a1cL,
-      0x938b3bcc6a3ac215L },
-    { 0xa9e4a16be4ded340L, 0x8e65fb2a80e88036L, 0x97089606dcd73acbL,
-      0x1c3a0434aaa657a9L, 0xf304fc5849101b06L, 0xe60fb61ada0bb64cL,
-      0x818c2aecf5542df5L, 0x7402057656f76d5fL, 0xb566b79092533d97L,
-      0xae4655e574d6eb5fL, 0x60f7a1b5a55b44b7L, 0x7970179b93747ea5L,
-      0x8ae7e0e8f2dace56L, 0x9847460784e83c06L, 0x24e8c9ed15307341L,
-      0x6cff58a5d9e89d6bL },
-    { 0x508c01b003e51f68L, 0xe1d1f2251d2fe7d6L, 0xf7998d0b09bd8805L,
-      0x255e907a03e415b7L, 0xd148467d607d9798L, 0x055c3b1e9b453896L,
-      0x35001013809f50f4L, 0xfbbb2fa6d0233fdcL, 0x0b680b0aff1820b8L,
-      0xb1d404dc38d317e0L, 0x133d5444ccc8c7dfL, 0x7fa847e66ec13f84L,
-      0xc33f83d8046e2e48L, 0x3c627fc54863b3acL, 0x5f67f8aaeb936af7L,
-      0x5fe4ac8f31b79327L },
-    { 0x581aa4bf8b6f401eL, 0x05db12a3ad5c7ed4L, 0x7b0187266fb07b4aL,
-      0xfdd11f049c22bcd4L, 0x5454a7d469371c95L, 0x066c55fb99a46eafL,
-      0x18637c7c7fef96d0L, 0xbafc1d346b83e95cL, 0x55c3859300bb42dcL,
-      0xdd8dec2b34e7e712L, 0x69c9cfb0b184cee8L, 0x8dcc0c4249a27864L,
-      0x290d95f22010f2e7L, 0x86e254c96977a420L, 0x20931c89eb2abdadL,
-      0x81377164121c0548L },
-    { 0x6266b25e9c5a8edfL, 0x6e1388c21078a7adL, 0x5f02737d4876eedfL,
-      0x242fa7f962744617L, 0x3e2cfbd9b385382aL, 0xbadad7b102f71befL,
-      0x562abcfa677d0a92L, 0x573ebd1751fdff34L, 0xd7f658527c250c78L,
-      0xe0cf16eec47ca896L, 0x8ccd79b067622c9eL, 0x31fc5882f8f2c075L,
-      0x9232b37ea6008515L, 0x4d7bb36182e8c5baL, 0xbf24735cd2f146feL,
-      0x79c280ee9cd2db98L },
-    { 0xbdcc8203f2b48122L, 0xa8c04916b04ac48eL, 0xacf064dc9fc4885eL,
-      0xab83899782c1001cL, 0x7339e721676de250L, 0x17aa5aea8e1ab820L,
-      0x24d28ca06bc14b2eL, 0x570c5bb7816b6230L, 0x6c51235ccee6b606L,
-      0x1b2bf89f183eae42L, 0x3e3af3c69c66274bL, 0xe0b04426b51e38bcL,
-      0x26dbc58e73e40e3bL, 0x3f9dd578b5be5be4L, 0x9fd9f79152c8f408L,
-      0x758073a4a9e3ff4fL },
-    { 0x7d27b0578691ca22L, 0xf206bfd613a2a1b6L, 0xe84bd385ac795413L,
-      0xc5d18a2a75536607L, 0x2e166de7c8a0e24cL, 0x56d5750c3c474dbdL,
-      0xdef444c11366843aL, 0x14646e53cf4b8432L, 0x4bc0d030a9fd9783L,
-      0xbda4c824297ee203L, 0x3d0b10bffd7be6c7L, 0x2d21647608c7f3ffL,
-      0x06e52599b4fd4c45L, 0xfbab9fa149e9e104L, 0x9342a7fa8661d32dL,
-      0x3f3e3458faf66aa8L },
-    { 0x51ec35af951597aaL, 0xb677d4ac49df64ebL, 0x0276cd9c9bf4eff5L,
-      0x423eca49515a2935L, 0x8a696553fd9bb9c3L, 0xf99ee9dfede1f09cL,
-      0xb8fa2956199e5f98L, 0xb763875835292c32L, 0x8734eddcfc40e81bL,
-      0xd82d5e9f65457d95L, 0xc8ee323e30c78d2bL, 0xe77b2e4cc1433d67L,
-      0x56d9f8073c8314aeL, 0x441eede22a0e2f63L, 0x1e9e17ed6c48295eL,
-      0x640d20c434c294efL },
-    { 0x4e9a0b8e3284d513L, 0x074c3545f315053aL, 0xb36e740745acd52aL,
-      0xd80bdcfc1de50db7L, 0x8d9d47dc2549fc46L, 0x29b6ef13303f07a8L,
-      0x4e461aca6d4ad4c2L, 0xca8e351dfc9f1b73L, 0x8bc4094d57460e65L,
-      0xb6302b330f32d367L, 0x69a074b6285742e8L, 0xdfe52b11876c29c3L,
-      0xf39e4609912bd17aL, 0x8ee40d66349aa639L, 0xb968902ac72e05c1L,
-      0x0f9c1ca8c0d92816L },
-    { 0x1ebbaab367433df3L, 0xb6aa534715d3628cL, 0x13a320d897f0c5ccL,
-      0x72c918cb65e408f9L, 0x4b638854d5373451L, 0x731399a30b4dca09L,
-      0xcf2567300a3b1326L, 0x5ea60dfa6608b388L, 0x58ad74b07b290dfdL,
-      0x83202789d7694f9bL, 0x48593db8b6630fb1L, 0x3db47f70c65e3eafL,
-      0x63949c913e7263f8L, 0x9b9acec6e6e6ff33L, 0x34bd9ba7098a8240L,
-      0x7e31c12f45d36ec5L },
-    { 0xbe281d680dfd2dd7L, 0x1efacb0024ab61d8L, 0xb9c3005f94431f97L,
-      0x660c8dfa959cb3bcL, 0xfdd5fc30cffbb406L, 0x7a4631be7969a10dL,
-      0x336e309ede13fd1bL, 0x76b3bfadfc947076L, 0xfa91925ddcc72223L,
-      0x741f0d73156c4ee1L, 0x4f64ee410e2b3747L, 0x86be92d3efc4d93cL,
-      0xc53b7e03fc4fbb2eL, 0xac196cf5337ca1bbL, 0x4de41a307e23ba60L,
-      0x1a219c45326d5357L },
-    { 0xfdcf7ef8aa4db0bcL, 0x2e2318067b6c9963L, 0xc26390673d8a192fL,
-      0xc0cec2e2ffdc7771L, 0x997c8e35a2fc0edbL, 0x78e10ec182cc6043L,
-      0xfd0de2cb2b0c8120L, 0x4d6c457f69e57f8eL, 0x953e69b25b53f1c3L,
-      0x422a330ac4f89cb8L, 0x92ff232995566be6L, 0x73cd502d437442d1L,
-      0xf04ce590bea69403L, 0x6ac1537ef8030662L, 0xe02bcf77b6d0bf93L,
-      0x17aaa999bc90192fL },
-    { 0x0d3d56438e55db2eL, 0x835dee433b946851L, 0x1a1440e55b88462fL,
-      0xa6ff3b35ea17e27cL, 0x23f99c36dd95f7a9L, 0x7217fdd9bdd672cfL,
-      0xf400ac1edd2045c0L, 0x94b55c874ff06b25L, 0x0a44a0e50e4a49beL,
-      0xe8925e91b43b6813L, 0x78bedde1214f96c5L, 0x0f456a4c0f97fa97L,
-      0xa28fd86ba5bfd267L, 0x3b4b2d8fbe7608efL, 0xfbd5ff8c226474bcL,
-      0x6b282af0a5f3b24aL },
-    { 0x78fc025f6341a595L, 0x591c38d6a445e28cL, 0x72bd6e3deb446842L,
-      0x3f9466d375547833L, 0x911414d3083e16c4L, 0x145d946695a7acb4L,
-      0x102ddf098fd2fb64L, 0x2a2b2d2d0bfd87b1L, 0x69e9be5c59455088L,
-      0xee378bf4a80245deL, 0x80b0bd68b2306b0eL, 0x76a545c6c2be9f3dL,
-      0x429d167b4802c245L, 0x13e644272b412dfbL, 0xb664f529ee8d9762L,
-      0x6d4f5d2354706ebfL },
-    { 0x35c8f2b600ba9f88L, 0xfdc807e07bb6d0bfL, 0x0a126d42b3b81e5bL,
-      0x335ce6cea7ac781eL, 0x3e308e6ff37dcba6L, 0x028dca6263c96487L,
-      0x72eba57e8818434dL, 0xa9e3d59f79b78a26L, 0xd2f0a7dd2f07aea3L,
-      0xe0fe467824d05f74L, 0xb20851700116deb6L, 0x9c2a5e9258f37580L,
-      0xe78bd7a574070bb3L, 0x551fc872b9977d90L, 0x6eda93c440db81b4L,
-      0x4aaf0b4fd65d34adL },
-    { 0x9bef25063514c7afL, 0xb09e7dadbc181eadL, 0xef3cae878fa3ec58L,
-      0xd8dbfab5173b8685L, 0xb2490fc0921d32ddL, 0x4eef386b8bd9c466L,
-      0xc1cdd52fa061dbdbL, 0x64de989a25bc04dbL, 0x06f9836b85728636L,
-      0x11a5a8048be44aa0L, 0x16dede4e097018c7L, 0x72aec577b2c11fb1L,
-      0x144dade1a721ecd9L, 0xf99c526bd6ebf3a9L, 0xa1d4165b1c2e14d7L,
-      0x8b2cbd3982bc6337L },
-    { 0x28ec1bf28a52e991L, 0x0ba202f6cf9d42ecL, 0x8307d130c634ea45L,
-      0x3fc257b3c5762b9cL, 0xbd3298d1487c2a2dL, 0xca14f1a7a319488aL,
-      0xc70ca93b06ba06d2L, 0x9aa3f4b3ee405e89L, 0xcc64eeb335deeae7L,
-      0xd155f57803bf1d4cL, 0x041ec0b545616bfdL, 0x23df80e6086e33f6L,
-      0x399a79c8f0243cf5L, 0x86c2824e874ccd58L, 0x220eeaec8fc5c831L,
-      0x57e283047dbe3670L },
-    { 0x6e60b698fbcdf666L, 0xbdd06a998bebb1d2L, 0x4044adba80498436L,
-      0xd76bf75e522bc88dL, 0x655c4b9b28423b20L, 0x65c0f49253398a72L,
-      0x76d4f2b70ca37601L, 0x469899252030fa5aL, 0x96b37e87b6054705L,
-      0xef96f73153de1b2fL, 0x5ecbbc8cad54ef05L, 0xeb289d0aa93617b0L,
-      0x3ac0fbd57cba217dL, 0xd0d3cb5619d4a2d7L, 0xe8bee9d4c91d6063L,
-      0x4f12e037696ffda6L },
-    { 0x4ccfa42215f1a610L, 0x804a5c553786519aL, 0x1246a45473838134L,
-      0xfa15b4844b284e2aL, 0x36464c65146d1320L, 0xfb6ba88c70a8a0faL,
-      0x74e7cee793c4804eL, 0x8c34d22cb95ae16aL, 0x9d9ed89ff9c1d4ddL,
-      0x61a0866d32025371L, 0x45b232b29bd6444aL, 0xf888e92cf277bab1L,
-      0x73e69c6ea9448b02L, 0x1a496ea95b521ecbL, 0xa8f78ea75858afb2L,
-      0x83d2333eb1266f91L },
-    { 0x1c63328867b478d7L, 0xa1ee1ae150a2fc9cL, 0x05b6ab3018d2241bL,
-      0x69f1f288893cd696L, 0x159d6660a8117a87L, 0xe812011970e73d77L,
-      0x528fef0093f55f0aL, 0xb3978db8d854dfb2L, 0xd6b43ef6f45d9fbbL,
-      0x17de4bfed5bee397L, 0xa01e0f596bf76dadL, 0x28b2280e3d40754cL,
-      0x8edb6122f8e86ef3L, 0x8226b6afb7d1e586L, 0x463532152f40a55bL,
-      0x7362f13ec5a31621L },
-    { 0x792eb27c73c0c430L, 0x8cc0a65fa51c3657L, 0x50a5ceced2194f1bL,
-      0x18945688814b4947L, 0xbbf0a81a4b6fbbf4L, 0x376f4f58f0aa8608L,
-      0xd9361d683987795eL, 0xb6510cd8e3a8d0d5L, 0x63e2fdbfb6c1a455L,
-      0x2c91154eaec891f9L, 0x0eb1e715ff568f64L, 0xe7af9cd72f2b399eL,
-      0x1fc39bac89f0bf0bL, 0xf0861d9290983695L, 0xd9b16f02da0a20a8L,
-      0x2f10693fa38c0eadL },
-    { 0x07a6ce910c06ded2L, 0xf974842f2fd9087bL, 0xe468bfd6a9f635a6L,
-      0x04b618911ed60626L, 0x1fb2f89f369ee548L, 0x9cbd1113dc96a201L,
-      0x6759acfe10d633acL, 0x64ba66fc8faa629eL, 0xa686ae4947f38283L,
-      0x828c3a05d59cda99L, 0x7c7afb1408ea2f6eL, 0x2551c8e4af3953c8L,
-      0x5b53d2799daa9e4fL, 0x1eff68d4ad6f1940L, 0x2775dbdd96437cdbL,
-      0x985f83e44fe7a043L },
-    { 0x89603c16eaf45294L, 0x70131160c24b5751L, 0x4c11201839d6b52dL,
-      0x7079cf02ed943340L, 0x0c5b028b74f41b68L, 0x3dc3f0769c8ac1e1L,
-      0x5ac5eea3f8b24f0eL, 0xee6684bae34c5c22L, 0xa5259e639abc452aL,
-      0xb07d2cd1e9df45ccL, 0x07019c931a443cfaL, 0x68fddaa992c003b3L,
-      0x2d9f179c0d8cbc2eL, 0xbbf15a6f1e781ca7L, 0x54d779d550dcc799L,
-      0x0c88e5400fe962f1L },
-    { 0x84f71a6ae8f44357L, 0xf75b4bf63a3cab6aL, 0x334c9d9e5aebc680L,
-      0xcecaf0848a753ef2L, 0xe28014c1075e3c8eL, 0xbb9d5a38f74f8d3aL,
-      0x75988464b80e32aeL, 0x7b328e6ff2bc3792L, 0xebbb1fafeed0e197L,
-      0x674eac955a33065aL, 0x8c19fd8f922dbce8L, 0x8c17ae85987b907aL,
-      0x89f336273b3a2cd7L, 0xebaea019fa87772fL, 0x4e5de4993a25ced6L,
-      0x8e2560b8af110715L },
-    { 0x56d3746c3141aba6L, 0x45a1079fbab2cf9eL, 0xb63828319cdd27c7L,
-      0x222376329dfd950eL, 0x1e0b15cd3a9408ffL, 0x49a80200b1160118L,
-      0x2719db5da383bba7L, 0x6078340a651046d5L, 0x8929d4de97523b1fL,
-      0x4040345c8e0a28abL, 0x61275ac20adf09c7L, 0xb41ab2652331d611L,
-      0x230cc77c5391ca50L, 0x88be0c928f922315L, 0xfef3d92b92fd9a29L,
-      0x59005f228324f2e5L },
-    { 0x6bb1750c3c4c1c74L, 0xbe73aac0e966fb79L, 0x85a75d9266c5973fL,
-      0x8c97f9323a8656b6L, 0x2b7043b150446cdeL, 0x548916f73ff3897fL,
-      0x913dd01cb18b72b2L, 0xd0a751f1488c0de6L, 0x191757148558ca58L,
-      0x9771430144a663daL, 0x2df190acb0e08618L, 0x0080fc0cf39ead9cL,
-      0x0085ac6e17382da1L, 0xe97918513262a338L, 0xe4495936b43bae8dL,
-      0x57a78e26d783df6eL },
-    { 0x161b346f40dbddd8L, 0x2b49a9279410c3acL, 0x8c5427831886cf3bL,
-      0x72df323233b93debL, 0x9c8d59f540df579dL, 0xe5d7a67dc20ef500L,
-      0xc46b391867f08643L, 0xecfa2445ad96adc3L, 0x658f589b0c4544d0L,
-      0xe6ec9301e08417d7L, 0x6ca5ef6ac454e288L, 0x4191048fac0f462dL,
-      0x852407d808d8a036L, 0xb4c533a7f6d35b7eL, 0x3251e4128f6ada87L,
-      0x1ca370c581c472e8L },
-    { 0x94bd5171a801b68aL, 0x7312879cfd1998b3L, 0x4905aabf41163202L,
-      0xb5fe87f4f5b01fdbL, 0x78de523a9cda128bL, 0x0bf161a1c7bd31f7L,
-      0xb5decfd023904c35L, 0x224b2882e188f12dL, 0x0dd2801df99dae74L,
-      0xcad467b508cd1cd2L, 0x6c311c3dc0867e39L, 0x71a117202b425072L,
-      0x83bf464e2efd9003L, 0x53d0448a1dbd3b03L, 0x32db52f4e6265baaL,
-      0x2584b34c4c33ac79L },
-    { 0x3cb863892aeec688L, 0xa5e740ba45fbe523L, 0x422e71f7fd60b5f8L,
-      0x455d185c4874913dL, 0x04c2bb36fa17d80dL, 0x3f271854ac054524L,
-      0x76dd3045a8b9a657L, 0x2e42c3e162ee7cc8L, 0x002667064df6c7d0L,
-      0x5927dd51dc7cb488L, 0x6b3faabe187897e0L, 0xfe6ad22ef2d5737cL,
-      0xafb60269ff51a9ffL, 0xe1c8354569807baaL, 0xacddb6ff951ca49aL,
-      0x7e8113743f9ab085L },
-    { 0xad722a8b830a88b1L, 0x91918ea8ce1117e1L, 0x3e02d0b80409b47dL,
-      0xb53812d36c46d1d3L, 0x2fd09db0e589669cL, 0x9845cd0615b0cd5eL,
-      0x0c1c155a2386c453L, 0xda774de5f5ff43cbL, 0xbb076b98e391c0cdL,
-      0x97d71eff5004f286L, 0x23e0b46caeec0bfeL, 0xe453866732a1ad94L,
-      0xfe0c9f81396da422L, 0x6376c1a263db2bfeL, 0x001c7918ba56fa91L,
-      0x436b8c64df8485a6L },
-    { 0x88117e9d8ab764bcL, 0xdfa61e94a077df84L, 0x5a7765d30c18eebdL,
-      0x548916affc9451dcL, 0x01a52e33071a347aL, 0x633b95deb23b41dfL,
-      0xdd7d68c943c8c286L, 0xe4f9d41e18d97068L, 0x79908b908c92799dL,
-      0xe614148ed47394a3L, 0xe5018517cd51e53fL, 0x5060075e0243dcb6L,
-      0xe5dcde6217954405L, 0x6f7c90e1537da5ffL, 0x1df7aae40768cb66L,
-      0x5266ca9e6dbe95e1L },
-    { 0x84ddee6d1386b3dbL, 0xf9e4af5a7c38e540L, 0xb3418440eb04f49dL,
-      0x2138a1e8fde5a4fdL, 0x3e6e692430257cfcL, 0x3519c6e319fd70c1L,
-      0x8f34e17486c31ff0L, 0xf1e298fd940ce1e8L, 0x6fb8cb1d14960d7cL,
-      0x207c13472b2f3bffL, 0x899a20b4146ef8ffL, 0x7dec362b7bd3e220L,
-      0xa975044e626bea27L, 0x0f32b4494fb4cb67L, 0xc17a09201fc6703aL,
-      0x41f325b99cd84a2bL },
-    { 0x312ed513ce2843a4L, 0xe748498e00728afcL, 0xa8ef28224d864ce5L,
-      0x34064704a620083bL, 0x5905e1d94bed338dL, 0x2a578cb5063e7b38L,
-      0x98276d96289e7bb9L, 0xdfe2dc47f17b7341L, 0x5923521f1dac8944L,
-      0x3db6d28d23400aa7L, 0xc647705ea761ba43L, 0x8947ba6d9bfd07ddL,
-      0x00f2e3ac242ca8fdL, 0x49ef4670eb8c3468L, 0x7db3d37bd9aa18fdL,
-      0x56b30fb6e58cea9eL },
-    { 0x07ecdcaacd80a428L, 0x7af922dc8732c891L, 0x20d887983ada441fL,
-      0x3bed9a44924b008aL, 0x2123533cb2e81c3aL, 0xc34e407565f807d3L,
-      0x0bfaefa51f2faecbL, 0x78b634a5ade8a88dL, 0xc4e0b7f894392a91L,
-      0x3092237790bb1cd8L, 0xdea9b4faf87204aeL, 0x3edf81f585d3cd83L,
-      0x58f88c51c6523a79L, 0xe472fb8b17c0d969L, 0x899081e5dccf7f07L,
-      0x1353cc5758bdd146L },
-    { 0x28a5649739bf6e18L, 0x59e8b5a2649b89c7L, 0x8d9434a0dce8b8e7L,
-      0xd935bf512047040cL, 0x2ab3a1646a7b8e82L, 0xf1583ed627f81294L,
-      0x8416a7e072d67297L, 0x49685d86cd39e42bL, 0x8a797fc7958ddbadL,
-      0xa558f928155ce6deL, 0x75f4e570f8a36235L, 0xbc69cfc052877ae5L,
-      0x8f4193a9a6b16ebdL, 0x8d1df43cbb1cc1f1L, 0x723a830e5a21e789L,
-      0x3ec2185df451df58L },
-    { 0xb9d4c7d71f0bc2d7L, 0x6982c6cc6e51d412L, 0x92e02d93a09f80f6L,
-      0xb7dd2d25047ae09cL, 0x3503149f37f351f9L, 0x69d49ce1c77850beL,
-      0x60242acb12f0d2c8L, 0xba188c567bc28b9dL, 0x8e40612106bc0550L,
-      0xb0d84b1f8d7d4329L, 0xb4a67ae7d38951e0L, 0xb527c57b8bc97607L,
-      0xbc93c5f35497aa72L, 0x5f1de8cc39bdd666L, 0x3087dc5ce9d447a3L,
-      0x89b356b6a211abe5L },
-    { 0xed6db0afdfdcc837L, 0x0fb80baaa871b7a9L, 0x413abfc91c1d4b72L,
-      0xf5b56bf7adac9e5cL, 0x5664a2da8b8657a3L, 0x11b04f720e41d94eL,
-      0x63e11d2637433658L, 0xee628ecef426daeaL, 0x011619c9cb162dc2L,
-      0x9cf5817f87648643L, 0xe1bb97025584bc86L, 0x2cc27cef00bf7928L,
-      0x4ef3a80edc60eee5L, 0x7e1202be87adc2f9L, 0x656f18e08a0d4f52L,
-      0x39c4f10d57c5d126L },
-    { 0xb3a9b68ce88aecd3L, 0x555b0918a518aa9dL, 0xedc1cdad4bd4ee54L,
-      0x79b68b6702068d84L, 0x7dac80d0811ac72dL, 0x6d1e6d35a81a0a78L,
-      0xc841e9ea3bd16283L, 0xa7bc1775894c4444L, 0xf2b63725f1aa1202L,
-      0xbec7767ec7d4c556L, 0x2817ebb3d46ff51bL, 0xfde5be8d73f7e339L,
-      0x44c6c9775aed24c4L, 0x0b9a1707b6e579cfL, 0xcff164789069fbccL,
-      0x414b542d49152b00L },
-    { 0x33c31e58606e173bL, 0x5b7f4e1b90e6713aL, 0x425fb512debb20afL,
-      0xc788c61705120e70L, 0x3ef056029013e4ecL, 0x9f9d35ac81c6e6d7L,
-      0xe131e88f9450690aL, 0x708f9b3244af082eL, 0xb2e4d66c1ba2aea9L,
-      0xaf1f4a6e740db29cL, 0x74ab9248d1843007L, 0x13338ef8ed556a6cL,
-      0xf48e623e270d17a6L, 0x3c7362fa9608f5bfL, 0x43977874444e8515L,
-      0x52678d6ae00b8b2aL },
-    { 0x5dff1c59df36aeb4L, 0x52d6653ca92bc0abL, 0x0e03f496927a5f81L,
-      0x8509d4142dfd491fL, 0x258c2c52a571f89bL, 0x2bd6180493334485L,
-      0x1a33e94f3f7d9e09L, 0xfab418d32c1bf906L, 0xf39c490e5aa5695cL,
-      0x0e41196ef6d2d7ffL, 0x3ecd40750f7948a9L, 0x4b58f9b2d3053b4fL,
-      0xb8ee842a5d9974c9L, 0x23a59c1dbf22f682L, 0x045ac614c8efcea6L,
-      0x7040ba5bc10ceeddL },
-    { 0x2c364f81515a1a96L, 0x31a63503184327e0L, 0x0a0966501ad93d4fL,
-      0x9d7694f1273b6173L, 0x8886d876d2cda9d2L, 0x1e01a7422814c177L,
-      0x3492276b8667696bL, 0x2fd4f0c65b25f006L, 0x6527349ffb294c4aL,
-      0xc1fe0d8ade1d336fL, 0xaf9a23e8e7e3860eL, 0x97d2b721b774c31eL,
-      0xfac3e5824365784aL, 0xff2dff4e70f4eaa3L, 0x3d281e1afe873248L,
-      0x9043a6d60bd1c9c1L },
-    { 0x1511a0fe766c7937L, 0x1b2ded5cabbc3be3L, 0x2ac160cce00888acL,
-      0x928754bd616200f3L, 0xb801c83d34a2ea06L, 0x8ad7a03a9cbe106fL,
-      0x996b0822cedfcd94L, 0xc3c3463ae4069880L, 0xfb12ea4df597f663L,
-      0x2c8d383440c92af9L, 0x79bc85c64e8da154L, 0x95771fa2db4e801aL,
-      0x7bd2c1381e3579b2L, 0xe45c75dfffaad078L, 0xb0760a3cb73eac46L,
-      0x26362b483a125f35L },
-    { 0x25c68d28eefc3e89L, 0x2d0ee87769e9ee71L, 0x8b07bb86af5e4b75L,
-      0xdb709072cb86b333L, 0xfd3d20eaff552bacL, 0xa5eeb2b14c0da1e9L,
-      0x391f688a44f97145L, 0x21fbd3101e06d485L, 0x45e4f2a5bea9cd49L,
-      0x7b60d464a7bf21daL, 0x193f88c8054d5471L, 0x5ace53d1bee0f2e9L,
-      0x92c26563c1439273L, 0x9c86e0b296c6b5eeL, 0x452fe23109ff59baL,
-      0x2e952b20555c935eL },
-    { 0x2a846bcad75f886eL, 0xe68a5dbed43dfc58L, 0x103e45b6007b1b86L,
-      0x580e2ec9355ff2b5L, 0xbc702f26a263ecc9L, 0x2835b386181e5e33L,
-      0x025113ec6c122076L, 0xa5c26e3a7fbd856dL, 0x8ef83fb39d6ebcb1L,
-      0x7aaa53f2a44d2fa8L, 0x7c14ef3353b1fa97L, 0xff604a1117559a30L,
-      0x2bcd96b0b09377e0L, 0xa5c14896db2f0273L, 0x1c0a84c9eb53ef06L,
-      0x1236d01730378e4bL },
-    { 0xd7481c8fc084373bL, 0x29ae4768646097aeL, 0x1300dfa0613bc34bL,
-      0x3712714c934bc2b0L, 0x865246290e2be7e2L, 0x554fbb9fed010800L,
-      0xf0ec0b3842314576L, 0x65baf594330a3282L, 0x3bdde1a8706ef817L,
-      0x7d2c727dba7530e9L, 0xbb0c5d6674cc95cbL, 0xb3fcd3652438906dL,
-      0x19881941d14658f3L, 0xe616f5556c97f0e9L, 0x353c2d854b9ec7eaL,
-      0x02a48014620cb56eL },
-    { 0x11d6d23d506ccd38L, 0x229a1c549059baa6L, 0x717c9c2769d011c5L,
-      0xe87e1b46d828937dL, 0xf5d63bbb83835083L, 0xf0a7b427aadac258L,
-      0x99ab26bd9f154d1fL, 0xdec0ffbf8ec955fdL, 0xee957c6749fcb880L,
-      0x32395dee1e0114deL, 0x192a64b7369f46c7L, 0x4304466091eb2599L,
-      0xbe2da887a2e8c3daL, 0xa44e2c25c3556d18L, 0x31390414b55f75f3L,
-      0x1d8bde6f8f217fe0L },
-    { 0x03cd39f8a2028924L, 0x6e54f19cb06ecb9fL, 0x862bbcb7d6f05846L,
-      0xdbe067165a060776L, 0x9397c97ab10fec10L, 0xf42138266f1bb65cL,
-      0x414deccba672ba38L, 0x594d4d43f88b05e6L, 0x7993f57aac94d4d1L,
-      0x74fc2a6abfb17638L, 0xd8196b5bb6fc655aL, 0xdc375c84ee8d2139L,
-      0xb9b00a02360d3a26L, 0xb36ed35cdeb93b87L, 0xf565b28bcc83209eL,
-      0x349c6943c61013c1L },
-    { 0xd1b394444de6c88aL, 0xd5c2c4714700207eL, 0xb6f458a221c2b780L,
-      0x749f75640850993eL, 0x400ba579baef0c18L, 0x2d742938737c70f0L,
-      0xc5a8e2ec21467ebfL, 0x243a666e5337f453L, 0xc991f1c7ed0bd50aL,
-      0x3a7f3e90f4bd1f91L, 0x96089e8a5f0e129bL, 0xd0d3a17707389635L,
-      0x9cf842d527182ac9L, 0x211952990817c5c2L, 0xa32f327e87255769L,
-      0x056587ab89c2d8faL },
-    { 0x008562ed1ce4733dL, 0x5faff7cb98e51444L, 0x5f03021fa9ab46b9L,
-      0x89494c5eb61a8c13L, 0x57c9503636b35976L, 0x6be84c8f2ac2d2f6L,
-      0x0e5b34d89bd2703eL, 0xc4ad918f7e872abbL, 0xc2a89e9fc4052ee1L,
-      0xc2caee3f3190b51eL, 0x58fd14376fff254fL, 0x6f3c0d68883e0972L,
-      0x63d0a0e90fb15438L, 0xc438764bf6caae00L, 0x815f15653f1d0f6cL,
-      0x1b87f2edb86cdbdeL },
-    { 0x35792bbb2b0b15b1L, 0xa3e4b5a7ce6ba779L, 0xfbacffd9dd8f3779L,
-      0x005450bdc298d1efL, 0x0e3f5556c47031c6L, 0x0770f07a95d68066L,
-      0xce3e84e02d1052c2L, 0xb050791e7aa8cc54L, 0x4d621e73ba3223a3L,
-      0x87b9b94d39632990L, 0x8df9cb477eb8056dL, 0xe2430de8edfca0ccL,
-      0x374bf4169712a0caL, 0xbe3f3c7788848a99L, 0xb22b87b1c4a3e59eL,
-      0x8e0227c43e95bc23L },
-    { 0x000e22a83210964dL, 0xdccd5df5ff056eebL, 0x02173a1fdaf1ead7L,
-      0xd02833e067cdcae3L, 0x1cc574cb8bdcc90cL, 0x86eca7143224b4f5L,
-      0xd00e603abb3f8298L, 0xb98ece1b0c1a8debL, 0x228a46e4378c261dL,
-      0xc6f9dd0da6165e5dL, 0xb3ae38994b7ef0e2L, 0x3a3c16b3bda9f306L,
-      0x5e9a26d338a084dbL, 0x528e59935394e950L, 0x848ecb114ea206bcL,
-      0x14b15ab540545d6eL },
-    { 0x0f6d86c9664c59a2L, 0x3dfe2be160fd7aa5L, 0x33f9b5699072cb8eL,
-      0x5f2325d98176a7e0L, 0x79a0d4e74587080bL, 0xa4ee0def0d5d4e05L,
-      0xc0ad9ffac87b28e1L, 0xd6f18d2f3f09b4eeL, 0xcc896ae7292e9d87L,
-      0xca88953d6094763cL, 0xdbee97a818fbf9faL, 0xdf20e0e94b63d701L,
-      0xcbba6e3047ea722fL, 0xce57e1ca612b571fL, 0x1e16ac76009a55f5L,
-      0x742bbed8c4389e2eL },
-    { 0x23ea86dcc1dc2c73L, 0x4bbbfd5bc1643abfL, 0x07f8fa1f24d8ca1fL,
-      0xde68a6e08cb5cac7L, 0x7d54c64b54e66a7dL, 0x789dba22a9b7ad78L,
-      0x4d88d540e364ab94L, 0xc8c2e02d1f72e011L, 0x4c82605746e2a278L,
-      0xe6c35bb34b187c7dL, 0xed8b3dfeeb8fe0c9L, 0xb6bc34e87d11e415L,
-      0xb3908bbfb865c7f9L, 0x717d1ce6e1ecc17cL, 0x151e3308f7cdd69bL,
-      0x97bd5a14b5c94124L },
-    { 0xe01c62fe81e82861L, 0x703d4b6ddd42c40eL, 0x7e52e55be65e91e5L,
-      0xb8b493745abbbfddL, 0xb4f15f52c72a45f4L, 0xce8435a8550f29d8L,
-      0x9df76b9b582de75fL, 0x52e84c5fa20c8b96L, 0xaf77d2d10a8a0af4L,
-      0x0389bbd8ca6013c3L, 0xb0d9b9ba26f8305fL, 0xf053e8480cec8b9aL,
-      0x4d63367affabda18L, 0x50f53be4a6424c2aL, 0xf892c58c864fba2eL,
-      0x317c6d3148cc5469L },
-    { 0x0c3525b02cb7d42bL, 0x55240bc9310facaeL, 0x8d5d2022ff20408fL,
-      0x6b01402fe0c10ea0L, 0x7fbef68a718eb23dL, 0xa0146b5a41252a19L,
-      0x59afce48110e0d6eL, 0xe9a1d27f022de181L, 0x6db96d16dc3f49daL,
-      0xfc1ae3f5efbe4008L, 0xf9d70641eccbc11cL, 0x49022279525f8636L,
-      0x3769796ac2763c30L, 0x9cc3483c1d90630bL, 0x451651f0ee3d3f17L,
-      0x6ae597399da0b8fdL },
-    { 0x57b13bc7bff4d2eeL, 0x2075422930b173d8L, 0xb6254bd50794936cL,
-      0x1d5f232a5efd55beL, 0xc06f4a854e0c3389L, 0xcf2c5b598e61f944L,
-      0xc564861ffd5f87b7L, 0xee261fb15a2afa4cL, 0xb0ff72262d97a774L,
-      0x1a89ae22d6cf007aL, 0x28880534d346f214L, 0x8fe73bff97b6497eL,
-      0x8a8595b2fa2afffcL, 0x9ef9cf3ef151a726L, 0xa84ee5f1e744b82bL,
-      0x6649048dbc63fe72L },
-    { 0x91b7bb781e8b760dL, 0xd47b0bd825aadaa0L, 0x81493d9ffab5226fL,
-      0x4a6dd226bffc148eL, 0x5a032f8aa29be3dbL, 0x318dbc7034b0ab0bL,
-      0xdcccbfb57d654868L, 0x8506ab379c581e46L, 0x09136a6e2830ece2L,
-      0x48b79356cf6c80c7L, 0xfa176377ef6b1e86L, 0x2c9c1cc183f0f1c9L,
-      0x96f0526d16abedddL, 0x3e0e98e2a93b0de4L, 0x6f2d7ada0f13873aL,
-      0x4eb93b5cf3fa49ecL },
-    { 0xbd89f7e5e11fae32L, 0xd13d74f5c4023f51L, 0x1b0014df491c3f6fL,
-      0x1d849a57555279b7L, 0xbb9e889705ba0068L, 0x82222419c13ca2caL,
-      0xafbbb685fd33676fL, 0x931c3f5275878a2aL, 0x12aeefefef3d5173L,
-      0x189a5cc8bd8a6878L, 0x82cffdb3d99f0c16L, 0xbf565406a19d48b6L,
-      0x5605e223e9c6c4e0L, 0x53e781de86804172L, 0xcdf5c90bc7001cc8L,
-      0x2b582d937c043f68L },
-    { 0xa1165c8281abc2aeL, 0xa73380f5e2b69ecaL, 0xc097b3d207fff66fL,
-      0x5d60382654776506L, 0xdcbac9f3b57fa21cL, 0x78750db4c98dbdd5L,
-      0x85e21103d9eff32aL, 0xceed172c2f11c41cL, 0xa8e392649e348c09L,
-      0x71cb936b831eddfbL, 0x915c3d06f50864a3L, 0xfe8e33cde93acfcdL,
-      0x4bee10d7b3f2f7aaL, 0xc1d8eb48eb7cee9aL, 0x4fa49ce3fa574afdL,
-      0x78615109862db4c0L },
-    { 0x3fe3f4807ae72c21L, 0x631aa144fd0f0da5L, 0xc76ee1e8f8c3a454L,
-      0x379ae09451b4f1abL, 0x2a3a4397d7cdbb24L, 0x7a14cffe82bd5fcdL,
-      0xbbe4ed12f427ef5aL, 0x9b0a43ee284d3ccfL, 0x57b78b938eec6e1eL,
-      0x18d404e467b8e87bL, 0x0c8adc0534374c20L, 0x643736055428deb5L,
-      0xb4d80ec0c3afa2cfL, 0x6d51f93c3aa956f9L, 0x9f9a28ab84161c68L,
-      0x540b6bb76bc9c025L },
-    { 0x04e1734c321d315dL, 0x4ef56612d86e05d0L, 0xeafae145bba8cd81L,
-      0x1fb07a49acdc789aL, 0x6a21e9ad5877570fL, 0x2e4a837eb9bc53deL,
-      0x436db2931d6298ebL, 0x43afbc78ea362f45L, 0x2a973d97aabf6585L,
-      0xdce7dabe0c924d60L, 0xf69d98f07cadf0e9L, 0xe0b505a175020538L,
-      0x3db7d1a34461cd29L, 0xe1c287765e20e818L, 0x2ca2586752dd50f6L,
-      0x897cab1492e0388cL },
-    { 0x59ed38130d8bab8aL, 0xc11d364ca438200aL, 0x0687bf2c40581415L,
-      0x86ad0d3a7ac89674L, 0x44928105b97411a0L, 0x74984b11f383371cL,
-      0x70d2ed840d1a831eL, 0xd883628b6c912fe0L, 0x44f8f7fb14fa88d2L,
-      0x564f2a4dcf0ac93eL, 0x82f629aaa6c24fa6L, 0xab906ba3bf6cd949L,
-      0x2c822e6720a5182dL, 0x2ff47dac30eb93a5L, 0xdc62c4a4fff673aaL,
-      0x64b00763476b0ec5L },
-    { 0x1e3f533eb3c9a404L, 0xb1db7f73b7ef9952L, 0xc7f13e296c253693L,
-      0x7ce7f4c40738eed4L, 0xccfd3b33ce26cad0L, 0xd878493501ec5cf1L,
-      0x3f8fc09ddc084e01L, 0x217cab32c39b5acfL, 0x42daf0bb9ef5551cL,
-      0xfbc76f56e1217a95L, 0x80178b12c237002aL, 0x0b52c39fb070a293L,
-      0xe3925153576ca964L, 0x2555942419d68e36L, 0x291fb82c09e50e84L,
-      0x7dd22ea66618ed8cL },
-    { 0x7ffe844b49cbb3bfL, 0xde0cc7045562fb25L, 0x1e6ee5379f5a845aL,
-      0x956d7f26e51277fcL, 0x2c75d4b930635718L, 0x39a1489296957f34L,
-      0x8cf4eb3282e5742bL, 0x6b0d3ddd83247b72L, 0x67a9f633201a4237L,
-      0x416403c11414a485L, 0x60afd447b6f6a916L, 0x95f94930dac6f790L,
-      0x685ff94bbd3b9d82L, 0x5c8f98fc51cadf0fL, 0x9559c88ab13b7489L,
-      0x31377c665f18fcc8L },
-    { 0x35c5de097dcfb35fL, 0x2dccca9f01cc36f8L, 0x7e93e85d7576cb63L,
-      0x0c2dd48af7b4b375L, 0x9d95cd4fb09a19b5L, 0x752ed15971bfe607L,
-      0x439880cf2596dad2L, 0xe52efb5369e90a6fL, 0x4409766303d3e60aL,
-      0xfcf364faa95070e0L, 0xd8f993b605624dd2L, 0xb35a982400d5e467L,
-      0xe289d0240c8f4524L, 0xef45423c648a0179L, 0x3a5fd695587edabdL,
-      0x3dacc50ca11e5271L },
-    { 0xcb3e4f946499ae4cL, 0xa46dcbe17053c527L, 0x807f5ce9be782e8aL,
-      0xb6c64d28d8481e45L, 0xf35e4518aa286fd0L, 0xf7b7b9badf1cdb49L,
-      0xf3fb6210aec23eafL, 0x0a9ba385b9bfd2fbL, 0xe51a0d538807f3a0L,
-      0x7ab24404b17b2842L, 0x6fd57687f9dd9f0aL, 0xcd1efdb4f3e9df64L,
-      0x5dd2df7a60df194dL, 0xbed3f2c3e069df05L, 0x469b756123248a31L,
-      0x866949e1694744f7L },
-    { 0x3a9a0da53f4ab07aL, 0x2cd6f333f54a6fbfL, 0x0c92e921b23cf290L,
-      0xc9581c3e848e3d58L, 0x93af1fbdd3b218abL, 0x38598ea1066cb4d7L,
-      0x5001394e990c03a0L, 0x3b664b1e7d0877b5L, 0xd79db1bbd74c7091L,
-      0x852d44354e2d5dd0L, 0x0d2b841b3329db82L, 0xfa844eb07b96d480L,
-      0x37a50569c295dc46L, 0xc2d3837394f7ec4eL, 0xdc3884ff5b083177L,
-      0x574352b88b1fa598L },
-    { 0xed2193f70d5d7ce9L, 0x3c19fd260b487eafL, 0x7c44ab597be65fd0L,
-      0xdd9da86078270d56L, 0x8a84ec00baa70198L, 0x2ec27e49285985dfL,
-      0x996ccaf0de2028d8L, 0x4e7648c761c2201dL, 0xa96335bc091c19ebL,
-      0x253a3a69f0d6782bL, 0x3f204340d2946493L, 0x444521a1099f6873L,
-      0x5fcbcc096996011aL, 0x3884d5d8f853a94eL, 0x2418c624d3b6a3a1L,
-      0x3e431af206ae3c4fL },
-    { 0xf967d93983d381f1L, 0x36501aaed0c033c3L, 0xbf3af4d054410768L,
-      0xa86d15985093a6d3L, 0x43ae0741d92f2900L, 0xfeb2afa636f0b755L,
-      0xd090a6a3aa456d6fL, 0x336a4fdaaefdb646L, 0xfd1bfe441a942f7dL,
-      0x7fc2a3ed851ee41eL, 0x4f1c968611e935c5L, 0xcd57766653bbb343L,
-      0xf26931baad896c2aL, 0x8a0fbbd186bbfa41L, 0x1c3d7d82a203cef1L,
-      0x6dad3f15e2664d35L },
-    { 0xd1940b7d12ec35a1L, 0x6219c5b6e7dfb128L, 0x2cc278c6f13321d5L,
-      0x5e76904a33c58eb6L, 0x15090f55d9903c43L, 0x061bc926c3d96a19L,
-      0x974a9f038c0acba7L, 0x7a4140217198b21bL, 0xb069599df8958c6fL,
-      0x517f2f1dbebd0129L, 0x1109a613df3a8dc3L, 0x08e58448672375c5L,
-      0x56590ba49383d2d3L, 0xfc3ee7c60bff837cL, 0xc87a539027d2d55fL,
-      0x2438e9d45f517a3fL },
-    { 0xc4a453088815af3cL, 0xe55f1a32f3c9bed5L, 0xaef1cdc997b65ddfL,
-      0x61c61d9412e51eb5L, 0xbd0dac54e63f2490L, 0x6f14429cd0b3e231L,
-      0xf737c3c2f1da6010L, 0x7150e04b6bbc4fb1L, 0x205b4c891be281cbL,
-      0xf1b4633cd7701f5bL, 0x8b33ef462a513490L, 0xddb47c7368f1f7f2L,
-      0xf4ada511bd416b67L, 0x9d2a97cdff795bb3L, 0x00a8b7b296200e67L,
-      0x13f39011afe30e01L },
-    { 0x3dd296ef7bd0c827L, 0x506110f34a29ff46L, 0xf87930681c9a515aL,
-      0xde8d8045268bca77L, 0xcbb83024998045dfL, 0x3f90d71068c0e584L,
-      0x2a838ca8263b6062L, 0x293bb5e7535c5d0bL, 0xceea99d556415110L,
-      0xfe311ad01bbda005L, 0x2497e0bfa4d8d018L, 0x33dd77a01cf2b866L,
-      0xbc075b73d8c4ba8bL, 0x298466d4722b7bc9L, 0x17a7ce24cbda1b0bL,
-      0x458d4b6b680703b6L },
-    { 0x8a26a20e4d54d8b2L, 0x05a5696e4d320a0dL, 0x698b5858f994f700L,
-      0x7a4adc3c2f6549a8L, 0x1812e8193694d00dL, 0x46b9b000730402bdL,
-      0xe10a1449a1b36410L, 0xeae95ea599230220L, 0x3efc2e9b1b4820c3L,
-      0xfe5b5cb585c9eb8aL, 0x21ae031997847064L, 0x68ef0b708f27d49fL,
-      0x3259ef182f72556bL, 0x00ae0457624db01aL, 0x628e3b065668f95cL,
-      0x5f13f5fab6fbbf91L },
-    { 0x7c6ed9ae3a9b0dc6L, 0xaea1bde96f883ec8L, 0xea66bf88ea8b3677L,
-      0xdefa6abc9a66e3abL, 0xc4d3317b68217ffdL, 0xf741c8f2290df05cL,
-      0x1f0fdf177d11674eL, 0xfdf0ece7c35989caL, 0x0eed92df6b9c482dL,
-      0x73713e6655bf1ca7L, 0x90acb29025cec99cL, 0x37c9e3a2e803e69cL,
-      0x7c0a3c5317713a1aL, 0x350dc5656f5a174dL, 0x11625a4405f802f6L,
-      0x2196495da37ba4a2L },
-    { 0x00cb2fd313142680L, 0xab9e91d765d14cf4L, 0xc6a0ceabdfe2669eL,
-      0xbeefce580ae22bc5L, 0x3c2b7986cb6ec250L, 0x84adb1a2d738f1ffL,
-      0x9709bc28516ec8ecL, 0xf36931298e8f7db5L, 0xc48efc6b95b197f9L,
-      0x9ff109529aaaa404L, 0x2c3c8cbd144154b0L, 0x33ef7bc3427f3435L,
-      0x04a17940d21897c1L, 0x5aa0c47d6ce548a0L, 0x2971cea73d56fa62L,
-      0x93ad0eb004475f08L },
-    { 0x7a0b6967988a9963L, 0x61e477f76515e8ddL, 0x6274e3863b6b50f2L,
-      0x63a9b8d5d33922deL, 0x3c38d3fb687a5b3dL, 0x18f6f09c1302e323L,
-      0x254c05c3e02fcccfL, 0xc04ed0b726e662f7L, 0x1d5646b8143fe079L,
-      0xef8a9448c9016c8cL, 0xe5674c4bf823d797L, 0x0586f72fbccde451L,
-      0xc5fc88d54417eadeL, 0x2b952209576e588dL, 0x4408dd425844d1f9L,
-      0x73f8c3f0ea41c034L },
-    { 0x89534fc85df763ddL, 0x3b1427f33ac71836L, 0x0db5be176e8f15a0L,
-      0x1d390944cb20888eL, 0x7804c9ad857caea6L, 0xaa584428519f7bf3L,
-      0x626eecf1293aa8cfL, 0x749e0d98ea36a015L, 0xefff6dae3321edcdL,
-      0x963deea628b791ccL, 0xa14e05522d16e361L, 0xa2e058fcb15ae206L,
-      0x0f268745fca325e4L, 0x7cf9d40721341a8aL, 0xdfed25d97caa51b8L,
-      0x0108ae39adbedd75L },
-    { 0x54d178f3a9e88f63L, 0xaa05b11eab0c7325L, 0x773a53e6e261d8a6L,
-      0x24db7dae8d0b91c8L, 0xde10b073e9bb004dL, 0xfc8befe754e3090bL,
-      0x16af05990cc69c89L, 0xddc838039d59511aL, 0xc3f65b9946c5dafcL,
-      0xfbbe4be81ee0a599L, 0x88891e36fb3a9b17L, 0x0c9aad75445dad00L,
-      0xdffc46abd5097e1fL, 0x8848089bac85a4e1L, 0x348bb42fa0c45233L,
-      0x807c06d8eb13c1dfL },
-    { 0x00a969ec98ee0ef6L, 0xba9d54838bb7b7afL, 0x24484c92a02f8fdbL,
-      0x7bdb201a8b70557cL, 0xe59343e460ad1af2L, 0x53a9a942998c95fbL,
-      0x974db3deda861d3bL, 0xce1525c9ed399c0eL, 0x89b56881f72109bdL,
-      0x08ff7d15998211a4L, 0x5df76b3aef0f275aL, 0x93f180f7fa2f358bL,
-      0xaac4ffcfc39b0634L, 0x2692c62617583b53L, 0xb2fdfa36b55399fcL,
-      0x16424c6c99607a61L },
-    { 0x5dd65c55dd2744a9L, 0x2544c1c2fe3af418L, 0x32c82e99efe8b089L,
-      0x30b7ab25a9df691aL, 0x983845509be99674L, 0xbcecd258caf2d122L,
-      0x88ae4098bcc77272L, 0xd43961414b8efa0cL, 0x44ff67b9ed64d12cL,
-      0xa9e655e42e7f3404L, 0x3d16fc4545b0e9ebL, 0x474a3e14f03ded28L,
-      0xa3c9adffacccb85cL, 0x3dfe6bc17253a51bL, 0xdddaf4b9fb5831b1L,
-      0x5544e602a4f4478aL },
-    { 0x897c5313baa80b4fL, 0x0122716f63bdc8efL, 0xae2742db7b42c5a8L,
-      0xe9d9e1e90883308cL, 0x352c8c3f2d341ab1L, 0x163d0500ed945870L,
-      0x8349dd73c290d9d8L, 0x2053c5e01f6c7d29L, 0x83107446cb42033cL,
-      0x76c88bd209d09af1L, 0xd0f70e6eb2794681L, 0x720b59de19b1b540L,
-      0x80b7ecdc22994b43L, 0xc1a4cdce2dec53cfL, 0xdd7d3edd1ed60f42L,
-      0x5735995ce241d261L },
-    { 0xdc4ba3fba0237056L, 0x6856c16433ab3388L, 0xc01eebbd271ec612L,
-      0xabdeb033e3031becL, 0x4eee44196118a1f5L, 0xec4974215b600f33L,
-      0x1b7185cf08868773L, 0x7b0c46cd7c1b7dfdL, 0xd143b2da4a4c5e89L,
-      0xdb9a5984bb1ff94dL, 0xac3904e4c9cf3465L, 0xf8729bc0eace64c9L,
-      0x5cc22821768ad99aL, 0xbbd3b0818a9540c2L, 0xe468ed5f049a6917L,
-      0x885486df3ec45ef0L },
-    { 0x6a942c934bdff464L, 0x3db2719f25a7b451L, 0xccb0070b325be324L,
-      0x2055a31b19fe3339L, 0xaca69ae8241ee8ffL, 0x7607dd0855ef8defL,
-      0x9e24960f1a1b73c6L, 0xbcb0e8a271d36810L, 0x29e11aa26885e6b9L,
-      0x98b5d0ab185eae19L, 0x1a0b96e40f81f91cL, 0x4d0e8bcf994fc503L,
-      0x33d81697f119d6e0L, 0x29083287aaa4ce0cL, 0xc5dd4d3ec91ff9d7L,
-      0x31cecfe8d4ab962dL },
-    { 0x437bfd9afc8b21e8L, 0xe5dd32b3b19436dfL, 0xfe5902d4921c36a0L,
-      0x8e9de84da3d0fa90L, 0x9663e6ad5bb523bdL, 0x9800a23faecd6975L,
-      0x1009c0d9b4fbb59cL, 0x839aa7bdc9d20ff1L, 0xf502f66decd6fa3dL,
-      0x480ed4fbc5516ca9L, 0x65ffa5f66c742ac4L, 0x2b7c7945ff3252f8L,
-      0x72fefc0575d9cb3dL, 0x11b0863bd6d6f1d2L, 0x5d8f3cf09a6a4ec3L,
-      0x6961b46ada2547b3L },
-    { 0xd07b587ecb35e2acL, 0x1ed5546b57af14d9L, 0xeca17a5bdb28a04cL,
-      0xa1f91d44709d54f0L, 0xa6e719fd9c6f400eL, 0x4e4b88edfb8ce190L,
-      0xf9781edd246e3fd2L, 0xd67120e6b655af5dL, 0xda782d1d93413ca7L,
-      0x697e20a29707fa21L, 0x1eb51f3254e84123L, 0x2e254d9e36051f9fL,
-      0xddaec42b73ce5be9L, 0x89a9a32ecd3f794fL, 0x1964e22f0781aad9L,
-      0x6a63a90c53755212L },
-    { 0x76554e003d7acbbbL, 0x2c01668ab74f6108L, 0xe4a29672388c519bL,
-      0x016677143eb94d4fL, 0x086a3cdf0cd6d2f6L, 0xf86580217b370f7fL,
-      0x658880c15a4d3e7cL, 0xd6ed58165ba3f4a1L, 0xabcc78135ca471ddL,
-      0x809bf074e844a576L, 0xa53a81b36ea502eaL, 0xc20b93070e021ed3L,
-      0x8c27f8928617f165L, 0xa54764468235cd0bL, 0xffc89ffd82552961L,
-      0x51ed4a22d151d90eL },
-    { 0x37d6963a449701b4L, 0xea8d91a3bb27caf2L, 0x3ef9be15b572965fL,
-      0x75a7a055db50bf7dL, 0xfd67480ece643b9bL, 0xf2a60d2d6ceb5d5eL,
-      0x68fc320c5ed7c897L, 0x41c53cf628ce685fL, 0x0e29711f7106615eL,
-      0x7a87213823500eccL, 0xaf0a92606c29fe48L, 0x93df3f2ae1ef9712L,
-      0x0d5f6fb1d2d169bfL, 0xeb7afe2674a9793cL, 0x4173d94ae9f49256L,
-      0x2d6951bc2b8b5ce5L },
-    { 0xdd007d9f904e222eL, 0x333f248f86f4e109L, 0xd4994e8b8f429eeeL,
-      0x29573415cfc77518L, 0x6e7fea3a0b0f42f1L, 0xc795cb7dc2743519L,
-      0x820a8f66711e71a0L, 0x83d95d9c2b874f55L, 0xd4b64d78e70e1627L,
-      0x924353f58b92a742L, 0x322048b1447b5e6dL, 0x0bad730cbcf931a0L,
-      0x75c4d089a7af2268L, 0x464904c1b83b93f9L, 0xa24eba02165b3aeeL,
-      0x65c48e78e08cc5f0L },
-    { 0x1a1c73cede222c22L, 0x5683d8cdfcea23b4L, 0x0301cb14b2143b06L,
-      0x284adf8f59fcec77L, 0xfb1c581c31204cefL, 0xf54d3eee94735107L,
-      0xdbf67f0b4d3188c0L, 0x76a3f2d110f18d12L, 0x3809fa2807d3e013L,
-      0xf06f0a4625e7ece0L, 0xd82867edb2895d2eL, 0xe106f48908b0553aL,
-      0xe2280fa6ef245445L, 0x402d5785a8d9a3cbL, 0xf63dd9ffd438ba2dL,
-      0x36b5cd2c7a6b226fL },
-    { 0x87ff4e20545679a7L, 0x64d80b414520c750L, 0x90a357fa9b459cd8L,
-      0xa19eaf39c85af1a3L, 0x0d475d798d935a5eL, 0x74501983781a678aL,
-      0x748397790cc2e810L, 0xc6a21d112f412244L, 0x8d0e85f936a51a37L,
-      0xff50151eeaa74df8L, 0x14e182a793cf99c4L, 0x45593df1376a9ab6L,
-      0x18f73caf522389ffL, 0xd27cc960f7445e8aL, 0x0692f4c539a51dc8L,
-      0x08d7c144db39bfd8L },
-    { 0x809c0d963ecca773L, 0x87ea9192d48c2156L, 0xf0eccd74db6bd641L,
-      0x773123742a678cdfL, 0x7a966d8bd1587b7eL, 0xf3c1a1016130a4c6L,
-      0x7cc6e8385fce17bdL, 0x95e95bb8a8de7aa4L, 0x3fe1e8b5898308e3L,
-      0x0197243ee347694aL, 0xf3fe9c42bb0cd2bfL, 0xb59052640f9b2b49L,
-      0x4c385e8bc7367d1fL, 0x1d3050aeb5ee147bL, 0x8e2c387904004ad9L,
-      0x5f2aa8eebab70202L },
-    { 0xe208d4641266524bL, 0xb7bf3880d0a19f66L, 0xa5aa685eda106ebfL,
-      0x0a69e8d3e642dd46L, 0xef349c61c682e4d6L, 0x26f6ee3b0fcb534cL,
-      0x7daba12705eb67b8L, 0x2babb27e18be05f6L, 0x959afcba8e2d85d1L,
-      0xedcf2d1ae2d9d386L, 0x59dc52e61ea6f06eL, 0xc28278b4866e5ae8L,
-      0xd9ff034002bcd3c7L, 0xe884ac76784be82fL, 0xa316498083c9f224L,
-      0x62501a98b46ff949L },
-    { 0x563f7d9aad264086L, 0xca6a33dba5e0e4bdL, 0xe82530028c8d3d67L,
-      0xa288dac846e64b19L, 0xfa3c919720aa4536L, 0x8130c9b0ed553eacL,
-      0x622806e02ea8abd3L, 0x52fbf54dceccfe77L, 0xbd9a8e314f0d1b70L,
-      0x519d2133d59b1741L, 0xfd74101c9a6fea8aL, 0xd1acf7a0b5c4eb10L,
-      0x78499b7391f9da5eL, 0xabaa4c49c0dea586L, 0xcc9c5f73a1f3531aL,
-      0x497b15fefd3fc665L },
-    { 0x8a56cbaaf45568e9L, 0xf491a0fec7192a6fL, 0xdbb03dd39ab2539aL,
-      0xc86522f84ac37da9L, 0x8c8cdba202a0f5b4L, 0x8109fc75a29c539fL,
-      0x9cd06d31ca90f02eL, 0x8f31f0443e216dbfL, 0x99aa68acba3ebd91L,
-      0x2a80d0d242c007f4L, 0xdd8dffbf86a9b7ceL, 0x405d3e84d6308edcL,
-      0xdafa33fe068012caL, 0xc2eebd13edea1071L, 0xb7ae7e5c2ff637e6L,
-      0x18d46a6c9e514cb7L },
-    { 0x868cbb22a78b7802L, 0x0745ddb2497cbaf4L, 0xc4eb2f3e42ae8addL,
-      0xac0abcdab4ceb4e4L, 0x2e0d8325a325fd40L, 0x6cfe057113ac7345L,
-      0x7407a788b14171b9L, 0x70eb06036da7a52bL, 0xab0b36f9d85176acL,
-      0x14109d297c2954f3L, 0x370de9c8dcd705adL, 0x3f0db5cd7bb5e751L,
-      0x45f93d41a06e708cL, 0x10d54f8a7e93050dL, 0x69e6f8e45a38fef9L,
-      0x55044601d3f62e40L },
-    { 0xd1c5c91006cb9cc9L, 0x542074d741d00014L, 0x7cd8663e11236fb8L,
-      0x39721ffe29ad5f82L, 0x1d21fbfa2951fc83L, 0x1cde06e7400d144fL,
-      0x9042596b91792e6bL, 0x3365c8e529ad5166L, 0xe2220e859aeefe98L,
-      0xbcb5318970c2aee3L, 0x477ca3db9ff100bcL, 0x27074176f532973fL,
-      0xa12118ac9a2bd01bL, 0xf34252093dd79f93L, 0x563a8ff7c6f5d7dbL,
-      0x0da313fcd7b0ec4fL },
-    { 0x37125a8c15aa2557L, 0xca21d70c00893e9cL, 0x4871399467b8a823L,
-      0x0d3e9a747cb0042aL, 0x2d2bf4ffc9e2ce18L, 0xd5531a0d049aeac2L,
-      0x4d29a616f03d0660L, 0x473d50d61f1b7f00L, 0x3af0ecbbca3de50cL,
-      0xe2959bea09c28f27L, 0x6d7c2ea0f8704664L, 0xadfae4e1731083efL,
-      0x50940c26941c2554L, 0x44167410a1162d03L, 0x620230d81e82290eL,
-      0x63630be8db414accL },
-    { 0xbf8d52228a7d2e41L, 0x49e75823eb62f879L, 0x1b4d33dd6c402d89L,
-      0x883e04d6de2c59adL, 0xbf3f38f449b9dc38L, 0x9d997d18b4b70c4cL,
-      0x1f69b20c13cea045L, 0xca3d702558e2606dL, 0x3d4fd977261d1b79L,
-      0x56aeafa85a1436faL, 0x369b3e98bb443c07L, 0xfce5186ce558f6beL,
-      0xeb0cd478f8ac8f89L, 0x68074f37d5e5aa72L, 0x295845c068544eb0L,
-      0x306a9871f16688edL },
-    { 0xbc451e9d634ec136L, 0x1edf27ca0e6f658fL, 0xa9be0152c0db4120L,
-      0x87b6ef20c5bfee67L, 0x352832389a2d6023L, 0x60e564d8c7afb899L,
-      0x4af22bc00ac9c2deL, 0x28e6f63182a9d22bL, 0xc075c701f532701bL,
-      0xf6d418f882075f91L, 0xf9fa628d1beaa511L, 0x551e7a176e72a13dL,
-      0x9306215b77f4c01cL, 0x71aba73193c9d588L, 0x6443ebe058e57cd4L,
-      0x2833ac41e8103e37L },
-    { 0x7e564b868da5ec5cL, 0xac3d9da81c08db24L, 0x9d7c1f0b8c57a728L,
-      0x3512afe79d343dc2L, 0xb438e4cffdc60339L, 0x7d5a2700dcfa1941L,
-      0xd5f323f827320449L, 0x1b87a58e1393c6e6L, 0xecb68bd104baa431L,
-      0xc09c1c5a4722b4d7L, 0xf42faa97206b5faaL, 0xe1dcbcd69976327eL,
-      0x655ba9e4087787d9L, 0xbd59c757de5c0191L, 0x673020ed0bcf3538L,
-      0x120cd454a49d6303L },
-    { 0xebfdb8f4cab0f9eeL, 0xbc003ef02cce58eeL, 0x9b6a68415a8d0665L,
-      0x642ed3a69b957774L, 0x3de487f04721ab5cL, 0xef2ff38021a4f0d3L,
-      0xbd16f55829dbddcdL, 0x2ef05b4b0e93dff2L, 0xde1faa120bc9aec1L,
-      0x66dae2c2d467fa92L, 0x758daf645eb33e34L, 0xa67ad9f68f0103cbL,
-      0x151f693a9be02430L, 0xd5698496eb4054bcL, 0x8ef1677e7019336eL,
-      0x021cfd167fdeea3eL },
-    { 0x5c73715fdf5c36f3L, 0x703bde37d64ad254L, 0x55368d10f2cf7713L,
-      0x1e5ec7b70f3993c8L, 0xfdb16776304ae4caL, 0x0d8f717e3d3bb18bL,
-      0x5267073f66343d5aL, 0xfaeb52ef156008b5L, 0xb97ad5f9224a470fL,
-      0xaf86e391ed2ab51aL, 0xdc0c7e579974302cL, 0xc88fa817fd0ae28aL,
-      0x807c22dfbf8ed59cL, 0x5dedc231eb128bb6L, 0x71edcd9ca20595a3L,
-      0x07265b46c73cf78eL },
-    { 0x73dd99f0bd66232fL, 0xc59aaf89c4027716L, 0xaf826dfa5b860fc4L,
-      0x239ea8aa7a943f3bL, 0x0e0e1b1a523c428dL, 0x55ea0e3a6973b95aL,
-      0xea399caa2557753bL, 0xf8adf72f06957b1fL, 0x0389f3413bd34302L,
-      0x333f27d0f8a43a97L, 0xcd9c0c08adaf796fL, 0x6dcca49b49c12aa2L,
-      0xdd88deee7a0ac6e9L, 0x8f47575d0644080eL, 0x6e9d667d0cc2f4bdL,
-      0x36c5754b31d1496cL },
-    { 0x9120046ef323d84bL, 0xa69911227e789c4fL, 0x4b0eaf4e921b8055L,
-      0x6339844a8079974eL, 0xc905466a740f8c79L, 0x1c18d0f7cd6def49L,
-      0x5297da6b4b23e4baL, 0x1c09dff3c41800c5L, 0x6c49075b37ef6777L,
-      0xa94c3a4050513dedL, 0x3d6742e96b0b1705L, 0xc0784494c48af5aeL,
-      0x40c01532c95822deL, 0xa2ddade5c164d94fL, 0xfc8a8ac9a2975eb5L,
-      0x06fbf8611946944eL },
-    { 0x2d65338e3f45aa97L, 0xd83b58c81d040febL, 0x05fef59b0fdef8b9L,
-      0x7beb071ae4d7417cL, 0x982b61f5b30a1a23L, 0x4c5f2a2afb65bd03L,
-      0xe40abc9d5cbf6bf3L, 0x422c326df06612a5L, 0xc921e69d9571ae28L,
-      0x7c88b10b23d3434eL, 0x96d2e9579da07933L, 0x833d46a13619cf4dL,
-      0xd9d19653d95eefa1L, 0x2a7d8411a03e8f0eL, 0x5e64295304bb5ab1L,
-      0x5e9ca0fd1f0fa9eaL },
-    { 0x5bd54571197c5dc4L, 0xe2da40bfe78a95a2L, 0x65fb9efcffdb0eb2L,
-      0xe952dc2c0d17467cL, 0xc1fc9c7bc758c6a3L, 0xfc79562cd4034a9aL,
-      0x26e36fbe61f64b56L, 0x6adc4b9e1e84728bL, 0x7f165fd3a8f9ac8aL,
-      0x7bc93a4503e3e013L, 0xeacc5513656478e3L, 0xd3391717064ddc77L,
-      0x75b318dc76936914L, 0x69b1f1c7362424a6L, 0x8cc2045b49955f34L,
-      0x940622b3c6836af8L },
-    { 0x4710ccb70d997973L, 0x3b29625dd3f8f115L, 0x8cf0c4d55b97abd5L,
-      0xc6321e0a673e14a5L, 0x0541af9d3d262246L, 0xde6d87546fc83b11L,
-      0x47e97da8f01652a4L, 0x0f82b3a6ad9802b6L, 0x69aa4075ae9c44b2L,
-      0xaf3f5de2ced2bf77L, 0x1ef1ea8a497a40daL, 0x2e0f86083c23ba9cL,
-      0xd8a998a4f190a2c8L, 0xe2b49c8ccfde3368L, 0xb9f49824bde6bd71L,
-      0x80bb1664785bedb6L },
-    { 0x05e575fefd145cb5L, 0x155ee561ac5e6883L, 0x461e70cf8793b273L,
-      0x9f1553de133b2338L, 0x2fb9e0c3a2a7ba07L, 0xc3bfd6a83e7086faL,
-      0xb6ba85008bb4cb93L, 0x0b66d78976f82dbdL, 0x7d5a6ff654eb49ffL,
-      0xcd65d2371f20b322L, 0x79ea49c254e29cdcL, 0x64975963cb118ff9L,
-      0x969598ddcc58000bL, 0x95107918110c779cL, 0xedfc154863b85a35L,
-      0x077ba5ea41212350L },
-    { 0x0b3a38d3cdd86f61L, 0x431214450502a0abL, 0x1912edc5806d0272L,
-      0x01dc1f988a32f10fL, 0xbb1d31d10e80c760L, 0xd46ec7e5f464e8b3L,
-      0xd569af369abf49eeL, 0x9d286ea72cdade77L, 0x2be7020d45ad5920L,
-      0xabe5236e6299ae7fL, 0xc93179bdd3f55c07L, 0x8138995a52350e80L,
-      0x0901265caff07586L, 0x5b3c81b2f4739653L, 0xbaf7581d9bc77d21L,
-      0x6b2006df4591a2e2L },
-    { 0xb2fe50a8965b1bc1L, 0x931f536a962bb4fdL, 0xd5718d33000e7f99L,
-      0x84728f2553d5125eL, 0x4f8a6184d2125cafL, 0x54f1a701357f679eL,
-      0x70a9f40c1531c05aL, 0x10d0cb976fa8b775L, 0xb476f41e9dc12ce9L,
-      0x5c8d7a752755f894L, 0xd6c12e10625741a4L, 0x262a6fb8c917b16cL,
-      0x24d116e638d6b0a0L, 0x849540c032c38e83L, 0x855b911c66868afcL,
-      0x53217ea6bd26b550L },
-    { 0xfc840473259f52b4L, 0x968da9cbe621146cL, 0x964eb85ecacbd26eL,
-      0xab7daa2de4a54344L, 0x6dc3b848381a4ff7L, 0xa07a96b341c815efL,
-      0xc4fae9e8c3d4b1e1L, 0x0f938d1e42ce9ea8L, 0xa727dacc35cc052fL,
-      0xc81e01c9e9a06f07L, 0xa9e08dcb4a6d65a1L, 0xf8e2d1736044a9a6L,
-      0x99893dd0f2bd295bL, 0xa08d3379f9781b12L, 0x64bd600161830ac2L,
-      0x0386931ed9adbeefL },
-    { 0xd0d7abb3d09885a5L, 0xed9d2b67e355bb07L, 0x3bc238cf536ebaedL,
-      0x61ca2e78699ce4d6L, 0x354ff447111594cdL, 0x55cbe70903316ad2L,
-      0x418679fd49fff5c4L, 0x75bacd750f9c6c40L, 0x677edc882972721aL,
-      0x82596887e5ef502fL, 0x459e9367bf320e0eL, 0x81ce36ef8bbdccb2L,
-      0x1ba097fcb766863dL, 0xcd3a21d6d58c6db8L, 0x0e4967cdb4a8748bL,
-      0x2caaf74915041c20L },
-    { 0x44f980066ed20424L, 0xb3e4ea2322471545L, 0x268ed1a5781a8c86L,
-      0x48d0ab757ae5b70bL, 0x6ca8b320356d3982L, 0x9ce8e6812df31fa4L,
-      0xb909d232d925dcf2L, 0x302c8f78f56723deL, 0x11725d69abac96f9L,
-      0x656a47ca57d1a170L, 0x6bb5d511c18a2be7L, 0xb56e45f1ad50d9d9L,
-      0x36e886e270b05518L, 0xc7c71f3d09d8ff91L, 0x65a1bbe29350361eL,
-      0x86d7f53245fe3bd8L },
-    { 0x99f16eb6b0bf719aL, 0xb69750988bc3d913L, 0xfae50e5226cd01b4L,
-      0xd3e3ac5490898d1cL, 0x4da3b9db887ec666L, 0x58300644fbea45b8L,
-      0x369f3bd98355b058L, 0x0fb239a8579bcc13L, 0x4f5b45396e2bd811L,
-      0x007f3baf24198fd2L, 0x68a676db8837d51dL, 0x68eeea62eae75b16L,
-      0x5ffe5f943db6083cL, 0x52c94d0f7d836c5aL, 0x5a4c3c6fcbc1ff85L,
-      0x682a55e386c0b4ddL },
-    { 0xc8f235a4587495aaL, 0x2276026c34c7245dL, 0xd6ae0cc5b75a46e3L,
-      0x890d3965ecc3e5e7L, 0x1b13342f14296629L, 0xc89927e68a877227L,
-      0x1543f27e2324a68bL, 0x6c44768449cdc21aL, 0x9bc7fd4f1452d0acL,
-      0x2cc30a31ff4b045cL, 0x415d46a0852f7611L, 0xad737052c6fdd7a6L,
-      0xdcecc3ab7b4c7c91L, 0xd2cdf01b7688d70cL, 0x054f2542e40d3905L,
-      0x02227fa6fefe4dcdL },
-    { 0x1805efd9b751948bL, 0x8efeed46fdfd225dL, 0xcb128e094f2c8b22L,
-      0x9d1090bf96f7c5e5L, 0x0959d044b4cbeca0L, 0x21c955f98e08cb04L,
-      0xbc1f279d68fa4fceL, 0xb021e14e0710ae9aL, 0x64d16e9f881167f4L,
-      0xf5a5c22ebbc9f1a5L, 0x5f3716dfe3420eeaL, 0x971eb915d5c4e843L,
-      0x64fc55fc28ffba81L, 0x3427e54d7dd37578L, 0x446e6a6215ebc7d0L,
-      0x547e249a29269778L },
-    { 0x4706868aa1ffda27L, 0xb4e6cdcc7955cf50L, 0xf65151e10a63f3d8L,
-      0x5b4127ea9de5e70aL, 0x3d2c09baf9342823L, 0x18c99d83aa2f7d51L,
-      0xa0c5bb1dddeec025L, 0x7ffddf8403dcf1ceL, 0xe57e4d29616fdedaL,
-      0xd24565697932a1f0L, 0x7475e0e83191d4e3L, 0x3479bea1c220218bL,
-      0xfceb5c908bcb2505L, 0x1c685cea3c6132e6L, 0xc42dc745bfe6c1ebL,
-      0x45a41cc0d2b08eeaL },
-    { 0x3ea9b2c74dbbf0e1L, 0x41ff962fa17cf70eL, 0xdc1ea7585eeb4c66L,
-      0x4f5412d2a9beb17eL, 0x2c9e4f52a285741aL, 0x93df7da4984fd11fL,
-      0xb2afbddc0df3184eL, 0x96323d252421e375L, 0xc87be1e449df781eL,
-      0x145601ed3d589beaL, 0x0f0bd9bd28fff6ddL, 0x2d3259d48a0f298cL,
-      0x362d7a77d88e6944L, 0xa84c06b6b6ac2af6L, 0xba850ac9d087da02L,
-      0x128763c942ee40c8L },
-    { 0x29a80f07acbac178L, 0x7cc2004434b08f6eL, 0xe9631d1470feded2L,
-      0xb2115da386615767L, 0x7c75f5c4cb088548L, 0x5b29d2139a2e8e03L,
-      0xfe9fda668b881752L, 0x3f1d8d88c1de7ebcL, 0xb476565e03218123L,
-      0x07365561b1c995f3L, 0x2160cb18b13eb71bL, 0x7e8da51399b3a0ebL,
-      0x5e8ca1f9b20fcd74L, 0x6a7e0067b4126d72L, 0x1e8204b768bb637fL,
-      0x75e96bccfc4f74d2L },
-    { 0x189d1fdc0d19716eL, 0xdf5850587c384525L, 0x64a846d1ea987d2aL,
-      0x12b6bf836c07150fL, 0x91d85d464d6fd5b7L, 0xa97888364f53f55fL,
-      0x60083bd881509129L, 0xa7672683ea876f48L, 0xe80b2e7ac15b2489L,
-      0x985ef8d242d1d992L, 0x9c57b029cf3de492L, 0xfe02f83cb1487627L,
-      0xaeba4fe48ae5b687L, 0x8a86f09b5d6b8196L, 0xd88f566ba16e523dL,
-      0x309a6e9aba268949L },
-    { 0xef27ee50bdfbe97aL, 0x1a5fe70fb8c50c4dL, 0xcc7beb017fe09f5cL,
-      0x8fa15a85bed36cc5L, 0xc0c3acdb7550ed3aL, 0xc581ef87eb908681L,
-      0xa15b3362c49d5ccbL, 0x0fbb17141fa264e8L, 0x267f8d8f8e1eee88L,
-      0xd31ccfd621c2b63dL, 0x924dbe7d53be7efdL, 0xd42e877fdb2a358aL,
-      0xcf9673c775d68ac1L, 0xe35978fd714fea55L, 0xeeb366535769b202L,
-      0x0458258ad7593789L },
-    { 0x5df71a74a042dbdfL, 0x2d4058575779dfa2L, 0x0e66cba70d2e6657L,
-      0x285d6745ca2e892eL, 0xf56a8def0f0e6b5fL, 0xe0ee851da30767c3L,
-      0x98c0565843346b9cL, 0xb35fce26d6b3c742L, 0xc0895bff39777e00L,
-      0x83c8f6a6e7b6d886L, 0xbee148434f02904bL, 0x7f74915b2e84ec34L,
-      0xbaaf663c96d10991L, 0x004b8757e41facc0L, 0xa2b880e56f86c029L,
-      0x53f4a3e095b77358L },
-    { 0x11bb08ce89fc48e7L, 0xba60c577afab5aebL, 0xf06bcbf8a0c1cb5aL,
-      0x7d2efaea79757cb6L, 0xe26d90b176319160L, 0x42aa1ab62b77b7a9L,
-      0x38eec0cd285df2bfL, 0xd35947f5f3a8f7f0L, 0x97c8dc0efc1cb5b5L,
-      0xfeb8cca0c45845cfL, 0x16e8d989249e26f2L, 0x7c264e6d483ed89aL,
-      0x13a3f14551d91073L, 0x8501562e305e99f0L, 0xaaf98d746908d563L,
-      0x0a99e653d723d236L },
-    { 0x23536f46abbc0559L, 0xc163067b9aa1a160L, 0x229fd2290c1681b5L,
-      0x61254be11378e907L, 0xc60ff57aab793a2dL, 0xa6f2df8b466552dbL,
-      0x9ad318938c170a36L, 0xc5cd9abe29b74d9aL, 0xcf747273f7848523L,
-      0xc126a93a0d0e3063L, 0xfe2021e34248e3d8L, 0xd97343ee8323ddfaL,
-      0x9f768775332639e7L, 0x9650fc3175325548L, 0xb595dbd13eebf7eaL,
-      0x3a95cb45010fcbc0L },
-    { 0x954e68cb39d7ff2eL, 0x8dd1cb4bc1d5c48fL, 0x02a92c777169438aL,
-      0x7965c0b091cad8ceL, 0x0c5798ab32cd08d2L, 0x1a5bc3c3a6902bdaL,
-      0x545d09255186d218L, 0xf0077cdbd27e64dbL, 0x0157caa48cd092daL,
-      0x2a2fa3a024532ab3L, 0xa5fb639b41ccaba3L, 0x01702dc14744aee6L,
-      0x485bb436cdba93daL, 0x93597f66329784f1L, 0x5d713c1ddad672c3L,
-      0x366d222e030b7245L },
-    { 0xd50b4875573ea5b2L, 0x0fce401ba90da44dL, 0x7b53fa657a1a0310L,
-      0x722a80a5cf114460L, 0x0b8ebf05a538bf49L, 0xae141147d32acd21L,
-      0x6692712c7b5ad07dL, 0x6dc5fee73f48ca07L, 0x98ed14992b8a78d8L,
-      0x4e8b3145dd2f1759L, 0x43408de15f971b8eL, 0x055ea6ddadf1b368L,
-      0x4bb76e73e5932b7eL, 0x44287153d30893fdL, 0x173dccd20661bfdaL,
-      0x9072ba9979defd25L },
-    { 0x474de4dd9620ea39L, 0xfbf1649fc831cee8L, 0x0b0e8bb1cd3a9c43L,
-      0x6a38286f3f3df1d5L, 0x4ed072b38f0ec9b3L, 0xa6e4c987729c09e3L,
-      0xea3e8ac68ad12242L, 0x6ae0e22bfbdfa5baL, 0x56171ecfb0a0f592L,
-      0x33b2886d6b871f8dL, 0x6b19bea935e11bdaL, 0x4d815a407f0f153fL,
-      0x7e608d977d6c02eeL, 0x7e8f23d9b6a88f46L, 0x26ac9652439d1654L,
-      0x8d92c6bd35546c29L },
-    { 0xb3e0d7ceabeb0ff7L, 0xfbe352543e0e42f8L, 0x57d1b226de808499L,
-      0x9ece2e1f1cd44bc3L, 0x1245adbc435cfee1L, 0x874ee840f93f581cL,
-      0x916a779cbda0b947L, 0xabcc815afa57ae0aL, 0x97adec2df0a621b0L,
-      0xbe6a502b81f90bdcL, 0x54bf9de153bde63dL, 0xa88fdabf78884c25L,
-      0x30aa52b1cbbb5470L, 0xf805396c29053ef5L, 0x8d43d8988dd827eaL,
-      0x4e4bec175c1ae5c0L },
-    { 0xbf8483a2fcc09676L, 0x457c4a3f19ea9a94L, 0xa6852ef3d702a5ddL,
-      0xe7915fd2843fe7d8L, 0x644bba9816e35158L, 0x8d1b95d09ed746f0L,
-      0x47704581b90af0b5L, 0x0bd4bc6bd4fd135eL, 0xa6dce067b4e833a5L,
-      0x2c0e8f30ff56a9a1L, 0xa9c80800ec2c63feL, 0x449c20a598f508a8L,
-      0x02b94cb33292813aL, 0x647e3d28ec7e81a2L, 0x72e67d1ab4877677L,
-      0x7a4aa3f56f9ded24L },
-    { 0x559ef1bae27a0045L, 0xdc812d4fb242cb50L, 0x23a478e439cf8d24L,
-      0x97544fc59b3f9c54L, 0x5ac68132affa1fcfL, 0x74f8fee034a2c83bL,
-      0x96cc640fcd3f4bb7L, 0x775dce9db0512ea6L, 0x67dca19dcdce381eL,
-      0xc1eeb3f3a9d3fe55L, 0x38e0bf421a19274fL, 0x15992fb428d69b12L,
-      0x48fcebde9fd09df8L, 0xdc9dfa4fb41ab5dfL, 0x0cbd7dc8c0a269c5L,
-      0x60282a7bf7f0ade1L },
-    { 0x7c07e538dceea2e7L, 0x38a322c83c42061dL, 0x676828f94f1f6516L,
-      0xf21b69fbc7776a10L, 0xc63a3417b5e6b405L, 0x4c99f25891a7b642L,
-      0x38692ca82cad1440L, 0xf1e82ffe00869bcdL, 0xc30b714e16fe466aL,
-      0x5fb742f919019138L, 0xe90166d00fa516aeL, 0x5550f7acd8c73a43L,
-      0x2d6a407dfbc5c372L, 0xe47a753968cc39edL, 0x3fd286d94a5fbe70L,
-      0x5f4ae9c723c6b942L },
-    { 0xd96a2dda53f4d561L, 0x286d45d016da1992L, 0x449a01fbfdd4b051L,
-      0x25488a0d9f2195eaL, 0xc4151b0aa37661b3L, 0xb98c471ef9e5ee02L,
-      0xa4bca86ea8658817L, 0xbbcadb877a68fc0aL, 0x88b346496b7366a9L,
-      0x32ee98d415661c2dL, 0xf5b3b4c6c901420cL, 0xa23527352f2752afL,
-      0x2f64ce73510e4d9cL, 0x939a7f26aca4aa80L, 0x9cd3e291401aa503L,
-      0x92a01423dc46afd2L },
-    { 0xe9f24be11c2f7dbdL, 0xda8c900fb7d527faL, 0x963e25bb8648f128L,
-      0x9ab713e248141941L, 0xe87f7d017a6756fbL, 0x274dd85e058d90bdL,
-      0x823fee7a82566abdL, 0x9f6230d774240195L, 0x04579f2cacb5e46eL,
-      0x2a22626316a4c87eL, 0x9ca19a43d99b0857L, 0x86dc2ba3e488789eL,
-      0xf960b5b99406c3bdL, 0x6f2c428b8960957eL, 0x90748706161c515bL,
-      0x0fc8fe1eaa88cb9bL },
-    { 0x68ae1bedfeb90f2dL, 0xf393bb3ca48b1559L, 0x2be62f9cf64e9635L,
-      0x354c2410f8be75c2L, 0xbd7ea7035e6f7529L, 0xc264868e162cab31L,
-      0xb1391e70c860f3ffL, 0xdf367c751d89837eL, 0xe150b6b42bf32941L,
-      0x95e8f46e78c1318fL, 0x2b3f1daba2c4b160L, 0xc6ccf5ce701afbf3L,
-      0x3ad275305e8874c5L, 0x39285e515dc6dcbeL, 0x3c954d86d99892ddL,
-      0x2d0ba862dfd3789fL },
-    { 0xeacd8ee8b472e1afL, 0xeb354eaeb76abbccL, 0x9b520bf8d0d93fbdL,
-      0xfccd60d7fe6fc706L, 0xa9353ddea4ee2f39L, 0x5eb0925e9a81e51eL,
-      0xee334da1d1366777L, 0xc1d28c9fd5354d69L, 0xb977175592a5ed54L,
-      0x5d3e367fb7f70d81L, 0x7be7eecaa933ae7aL, 0x264cf1f9e23cfbb7L,
-      0x0d129f4a89497681L, 0x705375a409b6235bL, 0xccf64c7548a376daL,
-      0x963c87124d41dbfcL },
-    { 0xbae290cbde36a814L, 0x9bdb0195733b12b5L, 0x0ebad867f77fe0e1L,
-      0x0a7d19fd29720ceaL, 0x434d76519029ec72L, 0x856aff17bb51911eL,
-      0xd0a25d9ad80a7f60L, 0xffca86aff848c106L, 0x53e8bdf943ad749cL,
-      0xfb9e0284e3e696bbL, 0x3eb6630aeeee4215L, 0x9d8fbb9e2ecf3c63L,
-      0x71da4ffa4e00c0c0L, 0xb296be595d57beacL, 0x1751fbada8cec7efL,
-      0x2d03eb3cff55d7bdL },
-    { 0xeb16925f04f2ec1dL, 0xa878f2760d147ee2L, 0x442df604aad9d9e0L,
-      0x891df44b3f71035bL, 0xc28272b38cb95d5bL, 0x6f14efb55ee8ed23L,
-      0xf3c4460f13b0f3e3L, 0x889f9bd76bd7335eL, 0x889ee771f755ba6eL,
-      0x626984feed219b6cL, 0x2d44c737ec2ee411L, 0xb94385a263efcd37L,
-      0xd909321b6637826bL, 0xc24f8a793ee6b7a7L, 0xa3ca8d24a7cf61b7L,
-      0x842e40c1c54bacd9L },
-    { 0x5a268ed6a661d843L, 0x02328cca4f5b30cdL, 0x16e6fed11311e177L,
-      0x690decb4c6695967L, 0xbdac5bf657b2e280L, 0x827f82ca1efe42d0L,
-      0xc554ec0aca5fca2fL, 0xac5276c1dde45506L, 0xb7f4cb08e3077513L,
-      0x8caf6d9acc8797ccL, 0xd59648140d9332d2L, 0xcc6ae297285a409fL,
-      0x7773c2a56223d093L, 0x2d5266ac5128fc09L, 0xa596b7cbbc31fe6cL,
-      0x0e63319acac91328L },
-    { 0xb5cd2fadf0360ac2L, 0x86b660de285e605aL, 0x82c6cf10e25b9b14L,
-      0x9d5fa38daa9ac554L, 0x3dfcf1b8526c070eL, 0x0379a96b3fccc52dL,
-      0xe3659c290bfcc7f5L, 0x5b1a3db569d3e6a1L, 0xb41528b59b7b42d5L,
-      0x934defa49c22a006L, 0x90f380189b4ce3b6L, 0xb073bc04b3abaf32L,
-      0x27a5a222ff8389e2L, 0x0b7a9d51ffa5a35bL, 0x4939ecef28e1a7c2L,
-      0x88839da21872705aL },
-    { 0x56b66c30701ce29aL, 0x3acaf12658981d50L, 0xd4dafc0c105f9f21L,
-      0xfee571e6373e3d13L, 0xe7269c86fa2ee3caL, 0xf5cca64add20385aL,
-      0x217f27573000e9acL, 0xc934db470e7273efL, 0x4294f4f7355b6776L,
-      0x1faa36b96fc05180L, 0x8f88b1dbb052190bL, 0x35791b90e9eaef52L,
-      0xf37fb2ebdb681b90L, 0x39d0a51d4415c369L, 0xfc59cca71d2e21c9L,
-      0x64128cfea1f50c26L },
-    { 0xf03678a2e8f5b0b5L, 0x5c7e249cd340f059L, 0x4144044193ca7cecL,
-      0x075ca346bc83af98L, 0xf39f0033faa8bbb0L, 0x3d18f0edf38230f7L,
-      0x78dff00cd448f345L, 0x849228c0d51aa475L, 0xdd4e270830c928d1L,
-      0xc66ba6868f12cfd3L, 0x091049db88b3a206L, 0xd865d059016dae01L,
-      0x4599e905e253e37dL, 0x322cf0c27ce9871bL, 0x014f54da174a132eL,
-      0x93634a09bdabcbdaL },
-    { 0x62826b27a9a2e304L, 0xc57e1866c1a4c124L, 0x913ab83222381710L,
-      0x7e9b6b85a9847cfeL, 0x29655cf12b5f46fdL, 0x7295572b8038e66dL,
-      0xe4cba6016fa95eabL, 0xbbc11071b9deda81L, 0x97f0009a3f1cf61eL,
-      0x5372777b373e0cfbL, 0x302f909cd139d63bL, 0x1ed672da4f87d78eL,
-      0x362077a3b4048763L, 0xc408c32d9dcc22b2L, 0x4b4c5bf226deeee7L,
-      0x266cb467bc06357eL },
-    { 0x6faa4154b56363e8L, 0x4b4fd0783c1aa4dbL, 0x14358dde2b9e6597L,
-      0x5b34ae3efa004b84L, 0xcf44b2ecf19911a6L, 0x55caa833a536bf78L,
-      0x606e1eb98870dc95L, 0xe3c3287d09f3511dL, 0x68b2f4eb9d5cf364L,
-      0xc154e89263ab8c9eL, 0x1548828ec36ab611L, 0x0932bfcba1b7d120L,
-      0x7ee7b5bc5315b8d7L, 0x782fd0d1f7473ac1L, 0xbcb029a83c8f2af3L,
-      0x4b1d5a1b52454ee1L },
-    { 0x12fe517463d52c0cL, 0x3735525e188c099dL, 0x5c621563360e3956L,
-      0x88b3f1caacfa5a43L, 0x90123a0a797e8107L, 0xba31f6b5b15e080aL,
-      0xd7de5e12fca3dadaL, 0x3287361b0df511c8L, 0x7cc800d465757d4eL,
-      0x10810f3d5207ec91L, 0x0d4e56f130eea0e3L, 0xbbf7ee133ea5a2ecL,
-      0x6fc07762be6abbd0L, 0xc831fdce120bf619L, 0xe07439fab622d42aL,
-      0x8186b93f508e4b27L },
-    { 0xc619d15409312867L, 0x7e042c05bfaf7db4L, 0xc1cf16681f5f5ddaL,
-      0x50aa5057a4fc3d82L, 0xed30ed65ce68b8feL, 0xecb01c0bbeb4d644L,
-      0x7b5dc444831c0497L, 0x351e6a009b7d9b1cL, 0x4bb863b9d9477c91L,
-      0xaba6589105d4110aL, 0x30086cf443580b7aL, 0xb139c07690be357eL,
-      0x12bfff1a27b5214eL, 0x79cfc6d722c3ab57L, 0x4743de57f34a9bfaL,
-      0x0bf97e97c9ee2b2aL },
-    { 0x96ec4ec8dda19e96L, 0x54ce18ea6c306e8bL, 0x7e83612b65f6918aL,
-      0x1ac6f68b0d9a0d99L, 0x98a697a462fdcc09L, 0x65ce25f195bc3e13L,
-      0x1896ecdab3939730L, 0x9eb81a0f32f12806L, 0xd3d7416e1d2dc7dfL,
-      0xe22c7976ad473599L, 0x3de37a9a9f5ef439L, 0x6b7ac0ab9e69d94eL,
-      0xe6bfa9e00a9d0bc8L, 0x576a870d5676f120L, 0x3bd91bb4feaac23fL,
-      0x8fe5482c3e40aabbL },
-    { 0x85ae67c2ce9a4d1eL, 0x4c3eb8034f1d2038L, 0x5c6c8f3a25d06192L,
-      0x803de0ad308fb41cL, 0x9961f5bce71c294eL, 0xdc62078df02eb0daL,
-      0xc87ef515b64ae8b6L, 0x69679f1e50b4d18fL, 0xc5c009a152199f43L,
-      0xa7d484be0f640a5fL, 0x4c918bb123dab566L, 0xa67c114c64275d2cL,
-      0x95a913b9cad2ded6L, 0x189ed18b6b4b5c8dL, 0x4aeb6206b42d3bf6L,
-      0x3928c669bbc8bc3fL },
-    { 0xde4bea4adacb4b64L, 0x03f62a44f26179a1L, 0xf3aac94e7a9112a4L,
-      0x90448fbdd36f331eL, 0x426042bc407b85c4L, 0x5ad8a5962121b77bL,
-      0x31674a4f67cee984L, 0x7fae8bbe4e3b2f0dL, 0x681df6dda7c930ebL,
-      0xadeefa98c259d0d4L, 0x1b14d9e6bea1c1fdL, 0x3baadc8b21d405d1L,
-      0xf01dff9373892754L, 0x81c35b3ef071cde4L, 0x1704d2e19150d0d9L,
-      0x6ccc888f355134f6L },
-    { 0xf8d36f0e7ad7504cL, 0xbca3265ff7959dddL, 0x0dcd1edefede67aaL,
-      0x1276f4cebaebf32fL, 0x6825a6e6014edcfcL, 0x0b8c1a8299ad8eb7L,
-      0x312024a909b8ce1eL, 0xcb8fd98b9cbd351aL, 0xa4841378fab1e8beL,
-      0x17ed0f5d3973cacfL, 0xa17e1484259d5254L, 0x53d5b84374b91393L,
-      0x8f792b211aca3ce9L, 0x035ff110c8c0f815L, 0x6afa6357ad4ed7bdL,
-      0x2f151980b26faef9L },
-    { 0x0c8631da29d2d439L, 0x121fbbc2bc039955L, 0x3e5a97926c05b75bL,
-      0x6d6cf4c0b6ce47ecL, 0xbaaa17679d88c658L, 0x031db9e7f3355a17L,
-      0x8381e3d80aef5a85L, 0xc71db29015a31bdfL, 0x638f6b749498fd7dL,
-      0x44edf3f913beeef6L, 0xe6173271f4ab67b3L, 0x3a202c70fd22df11L,
-      0xf7be0389205c4e92L, 0x1c219085a8eb9920L, 0x6c805ce8beb54aaaL,
-      0x354b05b70ac58d65L },
-    { 0x7171e2367a9170e9L, 0x01eec42d4cad50cdL, 0xffbe824f3cddccfbL,
-      0xa73e8ce3a66cae1aL, 0xb7138a7f965c7d01L, 0x00058e3f5c3d971eL,
-      0x52591ac32ff0a72bL, 0xa32fb5bcbbbce76fL, 0xf3241ab8a9f81a18L,
-      0xf31d3332eca68630L, 0x847af9fc4482f13bL, 0x6196e217a4681be2L,
-      0x9938f932e55efcf9L, 0x3e7dacb870acc705L, 0xd41be893cf09fac2L,
-      0x48dc55c4ae3523a1L },
-    { 0x8e623826a5092193L, 0xe46ec3626898970cL, 0x2f1356af25c9eb41L,
-      0x4178064083c7d245L, 0x982def6797d00e38L, 0x382eb6e7a512151cL,
-      0x154e10778af58869L, 0x187070758a51cf02L, 0xcdeba9f771313c58L,
-      0x5d67b973ba155904L, 0x851c9f4b1d0d7b3aL, 0x19f29d718b8af2cdL,
-      0xcb94ccff986b8d62L, 0x8725e24bb93b9c33L, 0x405ce4c566e38c68L,
-      0x5f6a8edd0b6dc021L },
-    { 0x83704ca58f9a8690L, 0x3f3697662f76a407L, 0xfbc12d8c69201028L,
-      0x4cd58f16bce3a4cfL, 0x7804664a04aab26dL, 0x005cfbba4ea457a8L,
-      0x537951b3b8a59794L, 0x4ca2b9e44fe1f739L, 0xe4428acddf325797L,
-      0x648da3420ea243dbL, 0xcce6562bf43ce01eL, 0x840f0421f27db490L,
-      0x156ccb708bfb7cf0L, 0x9b33480d5a8797d3L, 0x2e12e07a9eb814bbL,
-      0x1ca65072ca7f87acL },
-    { 0xfbb321cf2b9d25a0L, 0x66affdca40a746dbL, 0xc1c1530e59e368b5L,
-      0x56ed1ea47d80068fL, 0x9b74d8fe5647dd68L, 0x1d96b50789b78da8L,
-      0x39b752438bbe3391L, 0xef8d443e0d858c5fL, 0x4dd2db499646aa34L,
-      0x7fad3bd1e667543cL, 0xd0d710c068980985L, 0x9f7aff3249facabaL,
-      0x055dec1c14f9a192L, 0xaca663991fb307a1L, 0xac44fd9135ffff64L,
-      0x462cafb6cbad3ceeL },
-    { 0x1660a647de3237ddL, 0x95f735cc82b87404L, 0xf7879f59ddfa55f8L,
-      0x15ef043e726b914aL, 0x1875393d1c93e298L, 0xa1a2be746ef18331L,
-      0x4e7e8dfc25a9a12bL, 0xdfefc97da9c3917fL, 0xbc875d030a2ebe41L,
-      0x0f75d235a732d1ccL, 0x06fee7fed9baa6d3L, 0xaa784fab65f48576L,
-      0x23155e22513f83c0L, 0xd2fb77183e8f9d13L, 0x2a291503b546eafdL,
-      0x1293c98c6cd93608L },
-    { 0x7278125149d53b77L, 0xa6ab403d96eafac7L, 0xb7d7c7db4a36b711L,
-      0x8238c70887e771c1L, 0x495f6abf33b37522L, 0xb0b0289c8c87530dL,
-      0xca83cb86e77b111aL, 0xbe1c0fb8a1bd189eL, 0x58cfb2fb1ae9d7c7L,
-      0xd05c23c54940c3e8L, 0x16e79e4174ad9107L, 0xa0a47f05064e7142L,
-      0xc6929cd4fdfd614fL, 0xedb2584c3946988bL, 0x73e4b5f3e46f8fb1L,
-      0x53b79aa168ea94baL },
-    { 0x216fafce44bbb6a1L, 0xd3a5bba067821728L, 0xef1e4b30a9dd939aL,
-      0x022eaf3df19efafeL, 0xfed5abce7b4ec014L, 0x64968ee6512c6738L,
-      0x2311986929fe89a2L, 0x0d539d8d47397c05L, 0x6400bc54234596c4L,
-      0xb9287f585346611dL, 0x04099903c9d5da0fL, 0xe5ef4997c83af2a8L,
-      0xc89dc01b328151e1L, 0x150fb4a958401104L, 0x40a6f7d5f3872c9dL,
-      0x8290d6d156c2e833L },
-    { 0xf84637c6d8546946L, 0xda134a3969ec57faL, 0xd42359a4d789007eL,
-      0xb42557fe0dc7b809L, 0xe62ae52d2d6784a9L, 0xa2714ca60bcadb5fL,
-      0xcc208de633aafca5L, 0x2380ed5ced967811L, 0x6e6b55e9db321660L,
-      0x1bead02ca675235aL, 0x51cc6ef9b33fa0e1L, 0xfd223e26f06a2a08L,
-      0x00f332e1ec47b3cfL, 0x459f297ba0aa984eL, 0x6fa1d969ee952e14L,
-      0x506ef1ab304fabb0L },
-    { 0x11b4eb2735bff163L, 0x7130b96fea9fa984L, 0x66aceb3f9deb27ceL,
-      0xa2daf1a59dd1c3d5L, 0xf5090a7ea73075aaL, 0x36a6af39e3071b58L,
-      0xa28d633ddf73ad9cL, 0xdd354cacbdc89a16L, 0xdfea3423d4dcbc3cL,
-      0x6eec74d2379d92d1L, 0xe14a456f8eed6765L, 0xfabe7743fa8feb1fL,
-      0x1404ccf8b98fcbc7L, 0x6ccd2fbff71a706eL, 0xdaaf3fdb4d85c678L,
-      0x415b7dbf15200344L },
-    { 0x970105867d8377a7L, 0x068a3d68cb803272L, 0xfd67d289f03a4c32L,
-      0x4bc7095d93c8f290L, 0x712fa13ce9e5a2b8L, 0xfc6ac6c60feb9f3bL,
-      0x0cda36d96e0e54c2L, 0x4549975186320a01L, 0xf9318c9197f00f11L,
-      0x01dc4c3fe6936508L, 0x769a2ef985f068aaL, 0x3522cef0a2b5511cL,
-      0x006965edb4122e05L, 0xfce0fafcc175d43fL, 0x525dc9bdec831d59L,
-      0x1ec314f1af58879dL },
-    { 0x0663feef2c8310c2L, 0xaa7e14da457e3f74L, 0x392b10fce5346887L,
-      0xcde4a38f637ec2c5L, 0x50773320b542f8dfL, 0x341302f9f7de1711L,
-      0x018b1c63ae4b9bc6L, 0xf001c46edd2f9e6fL, 0xd3bb0a9726eccfa0L,
-      0xa931b99d7746e0c7L, 0xe0c8b6f7f5875aecL, 0xbb32f17c96939c82L,
-      0x765135d23de5a664L, 0x71936cb452abfa6bL, 0xad5cc08f2dc105deL,
-      0x17e91d127fff5788L },
-    { 0xbe92ced3b7e051caL, 0xc644d4fd19c776d4L, 0xc8ab4b520086784bL,
-      0x3ea66227ce9d6b31L, 0x395249a3d289e9c7L, 0x54509e65d12a19eeL,
-      0xa7bd46928c365aecL, 0x354997e477963e0eL, 0x0d765957b599732dL,
-      0x99584aeb91d4a3b6L, 0x6e653ea41deb3e28L, 0xca7c98ed572571dfL,
-      0xf301a38fb18ae1f9L, 0x1629f7c263f7b97eL, 0xdf242282afc4a0d5L,
-      0x118f3b4b3ddd0c01L },
-    { 0x74a0a0a87ad4762bL, 0x1aef84da8c58d175L, 0x16ff49604cf76d86L,
-      0xc0be87867e60d98bL, 0x83637ffb3ecc1dbaL, 0xc244a6095dd6147aL,
-      0xa3e178345b0846e5L, 0x735eb686e77a4c05L, 0x5bc18b4fdf758695L,
-      0x15618d0b1bdfe52fL, 0x878ecc0d00715ba1L, 0x1dbdbd1ac2dd617fL,
-      0x21d2b63121b61710L, 0x22ce8a7944f593c2L, 0x3b9b536a44f17024L,
-      0x01d0a67c8d03e727L },
-    { 0x7b9642361e46533cL, 0xe9477990fb88c2aeL, 0x019b5d16a42c4a18L,
-      0x7135e81dd83c7a45L, 0x74a69bdd4cb663e3L, 0x7b67ecdbe76c0d63L,
-      0x03d5452111e68da6L, 0x596cceb5d2e8650aL, 0xcd572dfd2af03b37L,
-      0x52364ba1fabd5952L, 0x7f47d456b4ed8569L, 0x5ad8b572c950d5d4L,
-      0xcadd2dfa486e2f84L, 0xdd527b43c56bb044L, 0xc9adba24997c08e6L,
-      0x1b625b067da6320fL },
-    { 0x44dfaa7b4fd8446dL, 0xc01b2f01af6febebL, 0xbf444388fe8838b5L,
-      0xf33c434fbba9758bL, 0x2b971cba87156bc9L, 0x6b245e5c1f49098bL,
-      0x87dcb5342b41c5ddL, 0xdb1f80c634d852d7L, 0x6d6e32582433da34L,
-      0xf66820653f7df0c2L, 0xc4ca567c360cb365L, 0x321faac29826656aL,
-      0x13f5ca6fbf069768L, 0x15397921a7076639L, 0xbdf143288400736eL,
-      0x333eca9619fc948dL },
-    { 0x23337948ac775d81L, 0x38c2518fd41dbbcaL, 0x623c7a4fbcfce948L,
-      0xaad3623654703fe7L, 0x2b3a13a413fb3b5bL, 0x5db3565a7f5c01f0L,
-      0xd72408dc52359661L, 0x5a17f8e51d616e91L, 0x90c16eebcb25b999L,
-      0xf35e8cf13393743eL, 0x987da74ae54b64a7L, 0x557b322a65cd449dL,
-      0x765082a537e7b15dL, 0x4d25c742f2cd134fL, 0xae9d9c074ccf0746L,
-      0x72fc21108728d135L },
-    { 0xa906b203f96004c8L, 0xd83f95cf458055ffL, 0xd77d586755f35909L,
-      0x4a9ea6fbe550c8eeL, 0x91c8cca955a06081L, 0x4a1fee78bce82062L,
-      0xeb9ade069a3df85eL, 0xfbbdcf0c7d3de666L, 0x228a391b5d336d51L,
-      0x760f8d285c2ffc3cL, 0x1ee48de32f7b165bL, 0x03803d8456177040L,
-      0xe573f6489deff9a0L, 0xe1a2738ea17e35a4L, 0x238ef17c8840a6c6L,
-      0x480946f8b11ed92dL },
-    { 0x84c747a8fd71f119L, 0x19e65c5e53eb3695L, 0x0e2f67866298587aL,
-      0x48a48899ab18d6f4L, 0xa1a99024c630b8c0L, 0x849750962caaf892L,
-      0xc8869abae20fd624L, 0x3b72b04d6c2b7dd4L, 0xe2775eb60992f7d0L,
-      0x0089c06e7d06e684L, 0xcb3b4361e4bbd007L, 0xa1ae666b4ba846e4L,
-      0xc01c2eb246464d9eL, 0xf86f2be6c1f8539fL, 0x16e8e8aecf68afc7L,
-      0x8dab61fdc7386902L },
-    { 0x42a5c903d54d1d45L, 0xacd4297eff4f9ba2L, 0x2d88b52034d478b4L,
-      0x35b2ba2b08c4621aL, 0xd3d239bb34865402L, 0x1de76aed911f32e6L,
-      0x877f8bcf3f06fdc2L, 0x802714c19ec51502L, 0xa10444eba590700dL,
-      0x8694229f31dcc957L, 0x5ece77abb8169fedL, 0x55be8a152caf080eL,
-      0x3eb21b14cbd7cef1L, 0x9def7ad167b97ee1L, 0xe03ca879118f690cL,
-      0x6f77e62df99b29e7L },
-    { 0xa271bdede40bbf59L, 0x177ba4536401aad6L, 0x1755e03573541cd1L,
-      0x3465b4664b71b02fL, 0x22eb7113a813359fL, 0x9792a8fd6f38eac7L,
-      0x11aa012fff3bf3b5L, 0x99aafabff85c3fbfL, 0x91e0a2ef06c0cc42L,
-      0x314d5d57773b7b3aL, 0xae5e2e76d669840aL, 0x861360732e5a8be6L,
-      0xee6d7578c1cf5580L, 0x2344e00f68bed102L, 0x799d78868184f0ebL,
-      0x63819c91c3d2cf80L },
-    { 0xca5392e17884b073L, 0x9ec3a1fceb1267eaL, 0x3d07f5f0907038a7L,
-      0xcb2ac07ce4c47b70L, 0xf96664ee1bf96b91L, 0xebf575892aea4fbfL,
-      0x5aabf391fade6500L, 0xc5b3376f171d1204L, 0x1ff60c51a0d3d81aL,
-      0x10b2cfe7976a844bL, 0xe131cc9abda6125aL, 0xe0fc16d34ebd453eL,
-      0xc0d0319a504b6bc1L, 0xe43a0be70a2f8cabL, 0xc80afeec55e49b47L,
-      0x67d48d128265d7eeL },
-    { 0x068d59a7ea2d56d6L, 0xd71abd0e27480a63L, 0x6bd11db0ae7366cdL,
-      0xfbb639ca07204ebcL, 0x89a242e7f77e6293L, 0xdee7ca2b75ba8c3dL,
-      0x472ddc3d64a2f9a8L, 0x84229df47561a010L, 0x95f62c85c5b649d4L,
-      0xfdd56b1b4dc927cdL, 0xfe8bb1205ee60596L, 0x3efcaa50abf29401L,
-      0xd4900d0f10d1c184L, 0x2cf113a928b01df5L, 0xa3d7ebc31f0e43f5L,
-      0x27950e38e8384dc7L },
-    { 0xeab21ff0e1d0fa79L, 0x4b9fd033048b5de9L, 0x4c9346892fe374cbL,
-      0xbb4827fa4eb21f6bL, 0x46716f79a925e7e7L, 0x1442bf367dd4c531L,
-      0x2073954cd2e96ddfL, 0x4e0141ae8502aa89L, 0x8ee00e1a8eef6cc9L,
-      0x55ce84915880cdafL, 0xff3aba5c69628046L, 0x335cc4f85d15dfbfL,
-      0xa7f0440c9f684f25L, 0xae80453fbb1e5bd8L, 0xa1c99813ff2225abL,
-      0x54ff788479b25d71L },
-    { 0x27c6ee30de40b068L, 0x9226465be6f3a51eL, 0xe24a4604fa3b21f6L,
-      0x50a5a5adc0418115L, 0xe32854418df90d2bL, 0xbb74e58fdcb0c00fL,
-      0xc68f1b3b4a2c08e3L, 0x339df0810ccd9ec9L, 0x915362dcb786ea9fL,
-      0x28945e31c955aeadL, 0xd6a2c01d8b6a6c6bL, 0x069e82dc3678a427L,
-      0x1787550028c9302cL, 0x8acda9659fa101e6L, 0x4e4e4573ee30b286L,
-      0x8adbad853f1830feL },
-    { 0x060ae11f0969d524L, 0xf42fdaf7f39bcc79L, 0x3cec67667cc1fcc2L,
-      0x456b9cf2e2336d4fL, 0x6aa1f5de8e1c0f7fL, 0xcdbc2ad20984fb0eL,
-      0x4090cfa61b464b28L, 0x40d86f301243f3efL, 0x95b16ccccd5e87e7L,
-      0x403f168c3026cd41L, 0xdbe386cb816c0730L, 0x14eb86f358407a1dL,
-      0xf588b4f81717e1afL, 0xb75c41a666cbc96cL, 0xf342c1aa027e71c1L,
-      0x73930036c0945e5fL },
-    { 0x954f757d22cdaf42L, 0x788b591df4181aabL, 0x8b986819f5514f25L,
-      0x69642e08f18fd5bcL, 0x92b305d1022ceb91L, 0x1715903e6a4f6985L,
-      0x4bd7d69d61179caeL, 0xdacdfd5dd29c01aaL, 0x705ddd5ad91108ccL,
-      0x434ac7b164ac8f15L, 0x61a514e1b524632fL, 0x45b9e61b731fc447L,
-      0xcf561348e0961b31L, 0x9c28a96773eaf223L, 0x5bd10182aa7c99d3L,
-      0x8bc6ec4ae42965e2L },
-    { 0xd096e5c0e7f2a32bL, 0xff54800c09388a30L, 0x06fe437c401e360cL,
-      0x6655fc9cbb6054a6L, 0x510e18608457aa6eL, 0xa0acfca22b29b2b7L,
-      0x732483e351b7da61L, 0xe31471ee6be6c8caL, 0xe565431c8b65c9a1L,
-      0xfc9ac3b948d65cbbL, 0xd308fc21ae9b2aa8L, 0xd6a7df0daa60aa6aL,
-      0x2844d96a982fc0d4L, 0xab012c2c5847a4d7L, 0x2b3c8f71dceb8955L,
-      0x8e85437dbe9c7e15L },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit tx[2 * 16];
-    sp_digit ty[2 * 16];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 16 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 16 * 2;
-        ty = td + 37 * 16 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 16);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 16);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_16(tx, ty, t);
-            sp_1024_proj_mul_qx1_16(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_16(tx, tx, t);
-        sp_1024_mont_mul_16(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_16(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_16(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_16(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_16(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_16(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_16(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_16(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_16(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_16(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    sp_1024_mont_inv_16(t1, p->z, t2);
-    sp_1024_mont_sqr_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 16);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 16;
-    sp_digit* pz2 = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* l   = t +  8 * 16;
-    sp_digit* ty  = t + 10 * 16;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_16(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_16(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_16(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_16(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_16(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_16(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_16(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_16(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_16(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_16(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_16(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_16(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_16(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_16(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_16(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_16(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_16(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_16(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_16(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_16(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* h   = t +  8 * 16;
-    sp_digit* r   = t + 10 * 16;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_16(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_16(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_16(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_16(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_16(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_16(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_16(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_16(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_16(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_16(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_16(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_16(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_16(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_16(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_16(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_16(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_16(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_16(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_16(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_16(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit qx_px[2 * 16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_16(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 16 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 16 * 2;
-        vy    = td + 37 * 16 * 2;
-        qx_px = td + 38 * 16 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-
-        sp_1024_mont_add_16(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_16(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 64] >> (i % 64)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_16(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        sp_1024_proj_sqr_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_16(vx, vx, t);
-        sp_1024_mont_mul_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_16(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 16;
-    sp_digit* rx = t +  4 * 16;
-    sp_digit* ry = t +  6 * 16;
-    sp_digit* h  = t +  8 * 16;
-    sp_digit* r  = t + 10 * 16;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_16(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_16(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_16(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_16(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_16(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_16(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_16(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_16(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_16(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_16(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_16(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_16(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_16(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_16(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_16(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_16(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_16(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_16(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_16(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_16(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_16(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_16(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_16(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_16(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_16(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_16(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_16(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_16(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 16;
-    sp_digit* pz2 = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* l   = t +  8 * 16;
-    sp_digit* ty  = t + 10 * 16;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_16(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_16(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_16(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_16(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_16(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_16(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_16(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_16(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_16(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_16(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_16(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_16(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_16(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_16(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_16(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_16(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_16(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_16(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_16(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_16(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[32];
-    sp_digit (*pre_vy)[32];
-    sp_digit (*pre_nvy)[32];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit pre_vx[16][32];
-    sp_digit pre_vy[16][32];
-    sp_digit pre_nvy[16][32];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_16(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 16 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 16 * 2;
-        vy      = td + 37 * 16 * 2;
-        pre_vx  = (sp_digit(*)[32])(td + 38 * 16 * 2);
-        pre_vy  = (sp_digit(*)[32])(td + 54 * 16 * 2);
-        pre_nvy = (sp_digit(*)[32])(td + 70 * 16 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 16 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 16);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_mont_sub_16(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_accumulate_line_dbl_16(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 16);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 16);
-            sp_1024_proj_mul_16(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_16(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_16(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 16);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 16);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_16(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_16(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_16(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_16(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        sp_1024_proj_sqr_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_16(vx, vx, t);
-        sp_1024_mont_mul_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_16(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 16;
-    sp_digit* t2 = t + 34 * 2 * 16;
-    sp_digit* l  = t + 35 * 2 * 16;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_16(l, py, p1024_mod);
-    sp_1024_mont_inv_16(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_16(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_16(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_16(t2, t1, p1024_mod);
-    sp_1024_mont_add_16(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_16(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_16(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_16(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 16);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 16);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_16(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 16;
-    sp_digit* c  = t + 34 * 2 * 16;
-    sp_digit* l  = t + 35 * 2 * 16;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_16(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_16(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_16(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_16(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_16(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_16(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_16(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_16(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 16);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 16);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_16(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 16;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_16(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_16(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_16(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_16(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 16 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 16 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_16(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_16(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_16(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_16(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_16(c, c, t);
-            sp_1024_mont_map_16(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_16(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_16(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_16(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_16(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_16(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_16(c, c, neg, t);
-                sp_1024_mont_map_16(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_16(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_16(c, c, t);
-                sp_1024_mont_map_16(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(neg, 1, NULL);
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[32];
-    sp_digit (*pre_vy)[32];
-    sp_digit (*pre_nvy)[32];
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit pre_vx[16][32];
-    sp_digit pre_vy[16][32];
-    sp_digit pre_nvy[16][32];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 16 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 16 * 2;
-        vy      = td + 37 * 16 * 2;
-        pre_vx  = (sp_digit(*)[32])(td + 38 * 16 * 2);
-        pre_vy  = (sp_digit(*)[32])(td + 54 * 16 * 2);
-        pre_nvy = (sp_digit(*)[32])(td + 70 * 16 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 16);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_mont_sub_16(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_accumulate_line_dbl_16(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 16);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 16);
-            sp_1024_proj_mul_16(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_16(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_16(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 16);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 16);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 16);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_16(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_16(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_16(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        sp_1024_proj_sqr_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_16(vx, vx, t);
-        sp_1024_mont_mul_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    sp_int64 nl = n;
-    sp_int64 bytes = size * 8;
-
-    __asm__ __volatile__ (
-        "add	x4, %[a], %[n]\n\t"
-        "mov	x5, %[r]\n\t"
-        "sub	x4, x4, 8\n\t"
-        "subs	x6, %[n], 8\n\t"
-        "mov	x7, xzr\n\t"
-        "b.lt	2f\n\t"
-        /* Put in multiples of 8 bytes. */
-        "1:\n\t"
-        "ldr	x8, [x4], -8\n\t"
-        "subs	x6, x6, 8\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "rev	x8, x8\n\t"
-    #endif
-        "str	x8, [x5], 8\n\t"
-        "add	x7, x7, 8\n\t"
-        "b.ge	1b\n\t"
-        "2:\n\t"
-        "cmp	x6, -7\n\t"
-        "b.lt	20f\n\t"
-        /* Put in less than 8 bytes. */
-    #ifdef LITTLE_ENDIAN_ORDER
-        "str	xzr, [x5]\n\t"
-    #else
-        "str	xzr, [x5], 7\n\t"
-    #endif
-        "add	x7, x7, 8\n\t"
-        "add	x4, x4, 7\n\t"
-        "b.eq	17f\n\t"
-        "cmp	x6, -5\n\t"
-        "b.lt	16f\n\t"
-        "b.eq	15f\n\t"
-        "cmp	x6, -3\n\t"
-        "b.lt	14f\n\t"
-        "b.eq	13f\n\t"
-        "cmp	x6, -2\n\t"
-        "b.eq	12f\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "12:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "13:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "14:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "15:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "16:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "17:\n\t"
-        "ldrb	w8, [x4], -1\n\t"
-    #ifdef LITTLE_ENDIAN_ORDER
-        "strb	w8, [x5], 1\n\t"
-    #else
-        "strb	w8, [x5], -1\n\t"
-    #endif
-        "20:\n\t"
-        "add	x5, %[r], x7\n\t"
-        "subs	x7, %[size], x7\n\t"
-        "b.eq	30f\n\t"
-        /* Zero out remaining words. */
-        "21:\n\t"
-        "subs	x7, x7, 8\n\t"
-        "str	xzr, [x5], 8\n\t"
-        "b.gt	21b\n\t"
-        "30:\n\t"
-        :
-        : [r] "r" (r), [size] "r" (bytes), [a] "r" (a), [n] "r" (nl)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "cc"
-    );
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 16 * 4);
-    sp_digit* t2 = NULL;
-    sp_int64 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 16 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 16;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_16(t1, point->y);
-        (void)sp_1024_mod_16(t1, t1, p1024_mod);
-        sp_1024_sqr_16(t2, point->x);
-        (void)sp_1024_mod_16(t2, t2, p1024_mod);
-        sp_1024_mul_16(t2, t2, point->x);
-        (void)sp_1024_mod_16(t2, t2, p1024_mod);
-        sp_1024_mont_sub_16(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_16(t1, p1024_mod);
-        sp_1024_cond_sub_16(t1, t1, p1024_mod, (sp_digit)~(n >> 63));
-        sp_1024_norm_16(t1);
-        if (!sp_1024_iszero_16(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 16, pX);
-        sp_1024_from_mp(pub->y, 16, pY);
-        sp_1024_from_bin(pub->z, 16, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_16(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 16);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 16, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 16, pX);
-        sp_1024_from_mp(pub->y, 16, pY);
-        sp_1024_from_bin(pub->z, 16, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 16, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_16(pub->x) != 0) &&
-            (sp_1024_iszero_16(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_16(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_16(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_16(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_1024_ecc_mulmod_16(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_16(p->x) == 0) ||
-                             (sp_1024_iszero_16(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_1024_ecc_mulmod_base_16(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_16(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_16(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_SP_ARM64_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_armthumb.c b/src/ssl/wolfssl/wolfcrypt/sp_armthumb.c
deleted file mode 100644
index 98516b901..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_armthumb.c
+++ /dev/null
@@ -1,216958 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifdef WOLFSSL_SP_ARM_THUMB_ASM
-#define SP_PRINT_NUM(var, name, total, words, bits)         \
-    do {                                                    \
-        int ii;                                             \
-        fprintf(stderr, name "=0x");                        \
-        for (ii = (((bits) + 31) / 32) - 1; ii >= 0; ii--)  \
-            fprintf(stderr, SP_PRINT_FMT, (var)[ii]);       \
-        fprintf(stderr, "\n");                              \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                             \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                             \
-    fprintf(stderr, name "=%d\n", var)
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_64(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 63; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_64(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_64(a)
-
-#ifndef WOLFSSL_SP_SMALL
-#ifndef WOLFSSL_SP_LARGE_CODE
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[8 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #32\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_2048_mul_8_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #28\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_2048_mul_8_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_2048_mul_8_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_2048_mul_8_mul_%=\n\t"
-        "\n"
-    "L_sp_2048_mul_8_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #56\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_2048_mul_8_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        "mov	r8, %[r]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[0] * B[0]\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r3, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r3, r6, r3\n\t"
-#elif defined(__clang__)
-        "muls	r3, r6\n\t"
-#else
-        "mul	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r6, #16\n\t"
-#else
-        "lsr	r4, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "movs	r5, #0\n\t"
-        "str	r3, [sp]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        "#  A[2] * B[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[0] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        "#  A[0] * B[3]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        "#  A[4] * B[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[0] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        "#  A[0] * B[5]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        "#  A[6] * B[0]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[0] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        "#  A[0] * B[7]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        "#  A[7] * B[1]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[2] * B[7]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * B[3]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[4] * B[7]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * B[5]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[6] * B[7]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_word_8(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[16];
-    sp_digit a1[8];
-    sp_digit b1[8];
-    sp_digit* z2 = r + 16;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_8(a1, a, &a[8]);
-    cb = sp_2048_add_8(b1, b, &b[8]);
-    u  = ca & cb;
-
-    sp_2048_mul_8(z2, &a[8], &b[8]);
-    sp_2048_mul_8(z0, a, b);
-    sp_2048_mul_8(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(z1, z2);
-    sp_2048_mask_8(a1, a1, 0 - cb);
-    u += sp_2048_add_8(z1 + 8, z1 + 8, a1);
-    sp_2048_mask_8(b1, b1, 0 - ca);
-    u += sp_2048_add_8(z1 + 8, z1 + 8, b1);
-
-    u += sp_2048_add_16(r + 8, r + 8, z1);
-    (void)sp_2048_add_word_8(r + 24, r + 24, u);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_word_16(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_16(a1, a, &a[16]);
-    cb = sp_2048_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_2048_mul_16(z2, &a[16], &b[16]);
-    sp_2048_mul_16(z0, a, b);
-    sp_2048_mul_16(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(z1, z2);
-    sp_2048_mask_16(a1, a1, 0 - cb);
-    u += sp_2048_add_16(z1 + 16, z1 + 16, a1);
-    sp_2048_mask_16(b1, b1, 0 - ca);
-    u += sp_2048_add_16(z1 + 16, z1 + 16, b1);
-
-    u += sp_2048_add_32(r + 16, r + 16, z1);
-    (void)sp_2048_add_word_16(r + 48, r + 48, u);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_word_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[64];
-    sp_digit a1[32];
-    sp_digit b1[32];
-    sp_digit* z2 = r + 64;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_32(a1, a, &a[32]);
-    cb = sp_2048_add_32(b1, b, &b[32]);
-    u  = ca & cb;
-
-    sp_2048_mul_32(z2, &a[32], &b[32]);
-    sp_2048_mul_32(z0, a, b);
-    sp_2048_mul_32(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_64(z1, z0);
-    u += sp_2048_sub_in_place_64(z1, z2);
-    sp_2048_mask_32(a1, a1, 0 - cb);
-    u += sp_2048_add_32(z1 + 32, z1 + 32, a1);
-    sp_2048_mask_32(b1, b1, 0 - ca);
-    u += sp_2048_add_32(z1 + 32, z1 + 32, b1);
-
-    u += sp_2048_add_64(r + 32, r + 32, z1);
-    (void)sp_2048_add_word_32(r + 96, r + 96, u);
-}
-
-#ifndef WOLFSSL_SP_LARGE_CODE
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0x40\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_2048_sqr_8_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #28\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_2048_sqr_8_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_2048_sqr_8_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_2048_sqr_8_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_8_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_2048_sqr_8_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #32\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_2048_sqr_8_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_2048_sqr_8_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_2048_sqr_8_mul_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_8_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #56\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_2048_sqr_8_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #60\n\t"
-        "\n"
-    "L_sp_2048_sqr_8_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_2048_sqr_8_store_%=\n\t"
-        "movs	r6, #0x40\n\t"
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        "mov	r8, %[r]\n\t"
-        "mov	r9, %[a]\n\t"
-        "movs	%[r], #0\n\t"
-        "ldm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "mov	r10, r2\n\t"
-        "mov	r11, r3\n\t"
-        "mov	r12, r4\n\t"
-        "mov	lr, r5\n\t"
-        "mov	%[a], r9\n\t"
-        "#  A[0] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r7, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-        "movs	r2, r5\n\t"
-        "movs	r3, r6\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "muls	r2, r2\n\t"
-#else
-        "mul	r2, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "muls	r3, r3\n\t"
-#else
-        "mul	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "str	r2, [sp]\n\t"
-        "#  A[1] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        "#  A[2] * A[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * A[1]\n\t"
-        "mov	r7, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        "#  A[2] * A[1]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        "#  A[4] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[3] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[2] * A[2]\n\t"
-        "mov	r7, r12\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        "#  A[3] * A[2]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #20]\n\t"
-        "#  A[6] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * A[3]\n\t"
-        "mov	r7, lr\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #24]\n\t"
-        "#  A[4] * A[3]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[5] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[6] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[7] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #28]\n\t"
-        "#  A[7] * A[1]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	%[a], #16\n\t"
-        "add	%[a], %[a], r9\n\t"
-        "ldm	%[a]!, {r5, r6}\n\t"
-        "mov	r10, r5\n\t"
-        "mov	r11, r6\n\t"
-        "ldm	%[a]!, {r5, r6}\n\t"
-        "mov	r12, r5\n\t"
-        "mov	lr, r6\n\t"
-        "mov	%[a], r9\n\t"
-        "#  A[5] * A[4]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #8]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * A[3]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[6] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[5] * A[5]\n\t"
-        "mov	r7, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[6] * A[5]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * A[5]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * A[6]\n\t"
-        "mov	r7, r12\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * A[6]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[7] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 16;
-    sp_digit z1[16];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 8;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 8);
-
-    mask = sp_2048_sub_8(a1, a, &a[8]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_8(a1, p1, p2);
-
-    sp_2048_sqr_8(z2, &a[8]);
-    sp_2048_sqr_8(z0, a);
-    sp_2048_sqr_8(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_16(z1, z2);
-    u -= sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(r + 8, z1);
-    sp_2048_add_word_8(r + 24, r + 24, u);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 16;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_2048_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_16(a1, p1, p2);
-
-    sp_2048_sqr_16(z2, &a[16]);
-    sp_2048_sqr_16(z0, a);
-    sp_2048_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_32(z1, z2);
-    u -= sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(r + 16, z1);
-    sp_2048_add_word_16(r + 48, r + 48, u);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 64;
-    sp_digit z1[64];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 32;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 32);
-
-    mask = sp_2048_sub_32(a1, a, &a[32]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_32(a1, p1, p2);
-
-    sp_2048_sqr_32(z2, &a[32]);
-    sp_2048_sqr_32(z0, a);
-    sp_2048_sqr_32(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_64(z1, z2);
-    u -= sp_2048_sub_in_place_64(z1, z0);
-    u += sp_2048_sub_in_place_64(r + 32, z1);
-    sp_2048_add_word_32(r + 96, r + 96, u);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, #1\n\t"
-#else
-        "add	r4, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r4\n\t"
-#else
-        "add	r6, r6, r4\n\t"
-#endif
-        "\n"
-    "L_sp_2048_add_64_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_2048_add_64_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, r5\n\t"
-#else
-        "add	r7, r7, r5\n\t"
-#endif
-        "\n"
-    "L_sp_2048_sub_in_place_64_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_2048_sub_in_place_64_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[64 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_2048_mul_64_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0xfc\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_2048_mul_64_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_2048_mul_64_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_2048_mul_64_mul_%=\n\t"
-        "\n"
-    "L_sp_2048_mul_64_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xf9\n\t"
-#else
-        "add	r6, r6, #0xf9\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_2048_mul_64_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0xfc\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_2048_sqr_64_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_2048_sqr_64_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_2048_sqr_64_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_2048_sqr_64_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_2048_sqr_64_mul_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xf9\n\t"
-#else
-        "add	r6, r6, #0xf9\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_2048_sqr_64_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #0xfd\n\t"
-#else
-        "add	r3, r3, #0xfd\n\t"
-#endif
-        "\n"
-    "L_sp_2048_sqr_64_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_2048_sqr_64_store_%=\n\t"
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x80\n\t"
-#else
-        "add	r6, r6, #0x80\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-        "\n"
-    "L_sp_2048_add_32_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_2048_add_32_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0x80\n\t"
-#else
-        "add	r7, r7, #0x80\n\t"
-#endif
-        "\n"
-    "L_sp_2048_sub_in_place_32_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_2048_sub_in_place_32_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[32 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0x80\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_2048_mul_32_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0x7c\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_2048_mul_32_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_2048_mul_32_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_2048_mul_32_mul_%=\n\t"
-        "\n"
-    "L_sp_2048_mul_32_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xf8\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_2048_mul_32_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0x7c\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_2048_sqr_32_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_2048_sqr_32_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0x80\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_2048_sqr_32_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_2048_sqr_32_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_2048_sqr_32_mul_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xf8\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_2048_sqr_32_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0xfc\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_2048_sqr_32_store_%=\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_2048_mul_d_64_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_2048_mul_d_64_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 32);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_32(r, m);
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x80\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_2048_cond_sub_32_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_2048_cond_sub_32_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#define sp_2048_mont_reduce_order_64   sp_2048_mont_reduce_64
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0x7c\n\t"
-        "movs	r6, #0x80\n\t"
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_32_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_32_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
-        "# a[i+31] += m[31] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[31] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[31] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0x7c\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_2048_mont_reduce_32_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #0x80\n\t"
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_2048_mont_reduce_32_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_2048_mont_reduce_32_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_32(r, a, b);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_32(r, a);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #0x80\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_2048_mul_d_32_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_2048_mul_d_32_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_2048_word_32_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_2048_word_32_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0x7c\n\t"
-        "\n"
-    "L_sp_2048_cmp_32_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_2048_cmp_32_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_2048_cmp_32(&t1[32], d) >= 0;
-    sp_2048_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_2048_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_32(t1, d) >= 0;
-    sp_2048_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_2048_div_32(a, m, NULL, r);
-    return ret;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 64);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 64);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_32(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 64);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_64(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_2048_cond_sub_64_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_2048_cond_sub_64_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#define sp_2048_mont_reduce_order_64   sp_2048_mont_reduce_64
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0xfc\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_64_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_2048_mont_reduce_64_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
-        "# a[i+63] += m[63] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[63] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[63] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0xfc\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_2048_mont_reduce_64_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, #1\n\t"
-#else
-        "add	r4, r4, #1\n\t"
-#endif
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_2048_mont_reduce_64_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_2048_mont_reduce_64_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_64(r, a, b);
-    sp_2048_mont_reduce_64(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_64(r, a);
-    sp_2048_mont_reduce_64(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r5\n\t"
-#else
-        "add	r6, r6, r5\n\t"
-#endif
-        "\n"
-    "L_sp_2048_sub_64_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_2048_sub_64_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_2048_word_64_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_2048_word_64_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    for (i = 63; i > 0; i--) {
-        if (t1[i + 64] != d[i])
-            break;
-    }
-    if (t1[i + 64] >= d[i]) {
-        sp_2048_sub_in_place_64(&t1[64], d);
-    }
-    for (i = 63; i >= 0; i--) {
-        if (t1[64 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_2048_word_64(t1[64 + i], t1[64 + i - 1], div);
-        }
-
-        sp_2048_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_2048_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        if (t1[64 + i] != 0) {
-            t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], d);
-            if (t1[64 + i] != 0)
-                t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 63; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_2048_sub_64(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 64);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_2048_div_64_cond(a, m, NULL, r);
-    return ret;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<64; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 64; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0xfc\n\t"
-        "\n"
-    "L_sp_2048_cmp_64_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_2048_cmp_64_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    r1 = sp_2048_cmp_64(&t1[64], d) >= 0;
-    sp_2048_cond_sub_64(&t1[64], &t1[64], d, (sp_digit)0 - r1);
-    for (i = 63; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[64 + i] == div);
-        sp_digit hi = t1[64 + i] + mask;
-        r1 = div_2048_word_64(hi, t1[64 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_2048_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        sp_2048_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], t2);
-        sp_2048_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_64(t1, d) >= 0;
-    sp_2048_cond_sub_64(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_2048_div_64(a, m, NULL, r);
-    return ret;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 128);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 128);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_64(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_64(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_64(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_64(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_64(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_64(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_64(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_64(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 64 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 256 ||
-                                                     mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 64;
-        r = a + 64 * 2;
-        m = r + 64 * 2;
-
-        sp_2048_from_bin(ah, 64, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 64, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_2048_mont_sqr_64(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_2048_mont_mul_64(r, r, ah, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_64(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_2048_sqr_64(r, ah);
-                err = sp_2048_mod_64_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_2048_mul_64(r, ah, r);
-                err = sp_2048_mod_64_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 64);
-                for (i--; i >= 0; i--) {
-                    sp_2048_mont_sqr_64(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_64(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-                sp_2048_mont_reduce_64(r, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_64(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x80\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_2048_cond_add_32_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_2048_cond_add_32_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 64 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 64 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 64;
-        m = a + 128;
-        r = a;
-
-        sp_2048_from_bin(a, 64, in, inLen);
-        sp_2048_from_mp(d, 64, dm);
-        sp_2048_from_mp(m, 64, mm);
-        err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 64, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 32 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 256 || mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 64 * 2;
-        q = p + 32;
-        qi = dq = dp = q + 32;
-        tmpa = qi + 32;
-        tmpb = tmpa + 64;
-        r = a;
-
-        sp_2048_from_bin(a, 64, in, inLen);
-        sp_2048_from_mp(p, 32, pm);
-        sp_2048_from_mp(q, 32, qm);
-        sp_2048_from_mp(dp, 32, dpm);
-
-        err = sp_2048_mod_exp_32(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(dq, 32, dqm);
-        err = sp_2048_mod_exp_32(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_32(tmpa, tmpb);
-        c += sp_2048_cond_add_32(tmpa, tmpa, p, c);
-        sp_2048_cond_add_32(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 32, qim);
-        sp_2048_mul_32(tmpa, tmpa, qi);
-        err = sp_2048_mod_32(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_32(tmpa, q, tmpa);
-        XMEMSET(&tmpb[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_add_64(r, tmpb, tmpa);
-
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 64);
-        r->used = 64;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 64, base);
-        sp_2048_from_mp(e, 64, exp);
-        sp_2048_from_mp(m, 64, mod);
-
-        err = sp_2048_mod_exp_64(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-/* Lefy shift a by n bits into r. (r = a << n)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * n  Integer representing number of bits to shift.
- */
-static void sp_2048_lshift_64(sp_digit* r, const sp_digit* a, byte n)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #31\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, %[n]\n\t"
-#else
-        "sub	r7, r7, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #0xc0\n\t"
-#else
-        "add	%[a], %[a], #0xc0\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #0xc0\n\t"
-#else
-        "add	%[r], %[r], #0xc0\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r4, #1\n\t"
-#else
-        "lsr	r5, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, r7\n\t"
-#else
-        "lsr	r5, r5, r7\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 193);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 193, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 128;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_2048_lshift_64(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_lshift_64(r, r, y);
-            sp_2048_mul_d_64(tmp, norm, r[64]);
-            r[64] = 0;
-            o = sp_2048_add_64(r, r, tmp);
-            sp_2048_cond_sub_64(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 64, base);
-        sp_2048_from_bin(e, 64, exp, expLen);
-        sp_2048_from_mp(m, 64, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2 && m[63] == (sp_digit)-1)
-            err = sp_2048_mod_exp_2_64(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_2048_mod_exp_64(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-        for (i=0; i<256 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[64];
-    sp_digit e[32];
-    sp_digit m[32];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_mp(e, 32, exp);
-        sp_2048_from_mp(m, 32, mod);
-
-        err = sp_2048_mod_exp_32(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 32, 0, sizeof(*r) * 32U);
-        err = sp_2048_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_96(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 95; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_96(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_96(a)
-
-#ifndef WOLFSSL_SP_SMALL
-#ifndef WOLFSSL_SP_LARGE_CODE
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[12 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #48\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_3072_mul_12_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #44\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_3072_mul_12_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_3072_mul_12_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_3072_mul_12_mul_%=\n\t"
-        "\n"
-    "L_sp_3072_mul_12_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x58\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_3072_mul_12_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "sub	sp, sp, #48\n\t"
-        "mov	r8, %[r]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[0] * B[0]\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r3, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r3, r6, r3\n\t"
-#elif defined(__clang__)
-        "muls	r3, r6\n\t"
-#else
-        "mul	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r6, #16\n\t"
-#else
-        "lsr	r4, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "movs	r5, #0\n\t"
-        "str	r3, [sp]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        "#  A[2] * B[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[0] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        "#  A[0] * B[3]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        "#  A[4] * B[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[0] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        "#  A[0] * B[5]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        "#  A[6] * B[0]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[0] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        "#  A[0] * B[7]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        "#  A[8] * B[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[0] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #32]\n\t"
-        "#  A[0] * B[9]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #36]\n\t"
-        "#  A[10] * B[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[0] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #40]\n\t"
-        "#  A[0] * B[11]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #44]\n\t"
-        "#  A[11] * B[1]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[2] * B[11]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * B[3]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[4] * B[11]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * B[5]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[6] * B[11]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * B[7]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #72]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[8] * B[11]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #76]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * B[9]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #80]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[10] * B[11]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #84]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_word_12(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<12; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-    r[9] = a[9] & m;
-    r[10] = a[10] & m;
-    r[11] = a[11] & m;
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[24];
-    sp_digit a1[12];
-    sp_digit b1[12];
-    sp_digit* z2 = r + 24;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_12(a1, a, &a[12]);
-    cb = sp_3072_add_12(b1, b, &b[12]);
-    u  = ca & cb;
-
-    sp_3072_mul_12(z2, &a[12], &b[12]);
-    sp_3072_mul_12(z0, a, b);
-    sp_3072_mul_12(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(z1, z2);
-    sp_3072_mask_12(a1, a1, 0 - cb);
-    u += sp_3072_add_12(z1 + 12, z1 + 12, a1);
-    sp_3072_mask_12(b1, b1, 0 - ca);
-    u += sp_3072_add_12(z1 + 12, z1 + 12, b1);
-
-    u += sp_3072_add_24(r + 12, r + 12, z1);
-    (void)sp_3072_add_word_12(r + 36, r + 36, u);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_word_24(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<24; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[48];
-    sp_digit a1[24];
-    sp_digit b1[24];
-    sp_digit* z2 = r + 48;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_24(a1, a, &a[24]);
-    cb = sp_3072_add_24(b1, b, &b[24]);
-    u  = ca & cb;
-
-    sp_3072_mul_24(z2, &a[24], &b[24]);
-    sp_3072_mul_24(z0, a, b);
-    sp_3072_mul_24(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(z1, z2);
-    sp_3072_mask_24(a1, a1, 0 - cb);
-    u += sp_3072_add_24(z1 + 24, z1 + 24, a1);
-    sp_3072_mask_24(b1, b1, 0 - ca);
-    u += sp_3072_add_24(z1 + 24, z1 + 24, b1);
-
-    u += sp_3072_add_48(r + 24, r + 24, z1);
-    (void)sp_3072_add_word_24(r + 72, r + 72, u);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_word_48(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[96];
-    sp_digit a1[48];
-    sp_digit b1[48];
-    sp_digit* z2 = r + 96;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_48(a1, a, &a[48]);
-    cb = sp_3072_add_48(b1, b, &b[48]);
-    u  = ca & cb;
-
-    sp_3072_mul_48(z2, &a[48], &b[48]);
-    sp_3072_mul_48(z0, a, b);
-    sp_3072_mul_48(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_96(z1, z0);
-    u += sp_3072_sub_in_place_96(z1, z2);
-    sp_3072_mask_48(a1, a1, 0 - cb);
-    u += sp_3072_add_48(z1 + 48, z1 + 48, a1);
-    sp_3072_mask_48(b1, b1, 0 - ca);
-    u += sp_3072_add_48(z1 + 48, z1 + 48, b1);
-
-    u += sp_3072_add_96(r + 48, r + 48, z1);
-    (void)sp_3072_add_word_48(r + 144, r + 144, u);
-}
-
-#ifndef WOLFSSL_SP_LARGE_CODE
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0x60\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_3072_sqr_12_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #44\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_3072_sqr_12_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_3072_sqr_12_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_3072_sqr_12_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_12_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_3072_sqr_12_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #48\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_3072_sqr_12_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_3072_sqr_12_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_3072_sqr_12_mul_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_12_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x58\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_3072_sqr_12_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0x5c\n\t"
-        "\n"
-    "L_sp_3072_sqr_12_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_3072_sqr_12_store_%=\n\t"
-        "movs	r6, #0x60\n\t"
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "sub	sp, sp, #48\n\t"
-        "mov	r8, %[r]\n\t"
-        "mov	r9, %[a]\n\t"
-        "movs	%[r], #0\n\t"
-        "ldm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "mov	r10, r2\n\t"
-        "mov	r11, r3\n\t"
-        "mov	r12, r4\n\t"
-        "mov	lr, r5\n\t"
-        "mov	%[a], r9\n\t"
-        "#  A[0] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r7, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-        "movs	r2, r5\n\t"
-        "movs	r3, r6\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "muls	r2, r2\n\t"
-#else
-        "mul	r2, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "muls	r3, r3\n\t"
-#else
-        "mul	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "str	r2, [sp]\n\t"
-        "#  A[1] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        "#  A[2] * A[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * A[1]\n\t"
-        "mov	r7, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        "#  A[2] * A[1]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        "#  A[4] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[3] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[2] * A[2]\n\t"
-        "mov	r7, r12\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        "#  A[3] * A[2]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #20]\n\t"
-        "#  A[6] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * A[3]\n\t"
-        "mov	r7, lr\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #24]\n\t"
-        "#  A[4] * A[3]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[5] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[6] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[7] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #28]\n\t"
-        "#  A[8] * A[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #32]\n\t"
-        "#  A[5] * A[4]\n\t"
-        "movs	r4, #0\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #36]\n\t"
-        "#  A[10] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[9] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[8] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[7] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[6] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[5] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #40]\n\t"
-        "#  A[6] * A[5]\n\t"
-        "movs	r3, #0\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #44]\n\t"
-        "#  A[11] * A[1]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	%[a], #32\n\t"
-        "add	%[a], %[a], r9\n\t"
-        "ldm	%[a]!, {r5, r6}\n\t"
-        "mov	r10, r5\n\t"
-        "mov	r11, r6\n\t"
-        "ldm	%[a]!, {r5, r6}\n\t"
-        "mov	r12, r5\n\t"
-        "mov	lr, r6\n\t"
-        "mov	%[a], r9\n\t"
-        "#  A[7] * A[6]\n\t"
-        "movs	r2, #0\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[8] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[9] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[10] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[11] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #8]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[3]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[8] * A[7]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[5]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[10] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[9] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[8] * A[8]\n\t"
-        "mov	r7, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[9] * A[8]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[7]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[9]\n\t"
-        "mov	r7, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #72]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[10] * A[9]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[11] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #76]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[9]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[10]\n\t"
-        "mov	r7, r12\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[10]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #84]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #88]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 24;
-    sp_digit z1[24];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 12;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 12);
-
-    mask = sp_3072_sub_12(a1, a, &a[12]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_12(a1, p1, p2);
-
-    sp_3072_sqr_12(z2, &a[12]);
-    sp_3072_sqr_12(z0, a);
-    sp_3072_sqr_12(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_24(z1, z2);
-    u -= sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(r + 12, z1);
-    sp_3072_add_word_12(r + 36, r + 36, u);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 48;
-    sp_digit z1[48];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 24;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 24);
-
-    mask = sp_3072_sub_24(a1, a, &a[24]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_24(a1, p1, p2);
-
-    sp_3072_sqr_24(z2, &a[24]);
-    sp_3072_sqr_24(z0, a);
-    sp_3072_sqr_24(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_48(z1, z2);
-    u -= sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(r + 24, z1);
-    sp_3072_add_word_24(r + 72, r + 72, u);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 96;
-    sp_digit z1[96];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 48;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 48);
-
-    mask = sp_3072_sub_48(a1, a, &a[48]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_48(a1, p1, p2);
-
-    sp_3072_sqr_48(z2, &a[48]);
-    sp_3072_sqr_48(z0, a);
-    sp_3072_sqr_48(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_96(z1, z2);
-    u -= sp_3072_sub_in_place_96(z1, z0);
-    u += sp_3072_sub_in_place_96(r + 48, z1);
-    sp_3072_add_word_48(r + 144, r + 144, u);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, #0x81\n\t"
-#else
-        "add	r4, r4, #0x81\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r4\n\t"
-#else
-        "add	r6, r6, r4\n\t"
-#endif
-        "\n"
-    "L_sp_3072_add_96_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_3072_add_96_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #0x81\n\t"
-#else
-        "add	r5, r5, #0x81\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, r5\n\t"
-#else
-        "add	r7, r7, r5\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sub_in_place_96_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_3072_sub_in_place_96_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[96 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x81\n\t"
-#else
-        "add	r6, r6, #0x81\n\t"
-#endif
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_3072_mul_96_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x7d\n\t"
-#else
-        "add	r6, r6, #0x7d\n\t"
-#endif
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_3072_mul_96_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_3072_mul_96_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_3072_mul_96_mul_%=\n\t"
-        "\n"
-    "L_sp_3072_mul_96_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xf8\n\t"
-#else
-        "add	r6, r6, #0xf8\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_3072_mul_96_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x7d\n\t"
-#else
-        "add	r6, r6, #0x7d\n\t"
-#endif
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_3072_sqr_96_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_3072_sqr_96_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x81\n\t"
-#else
-        "add	r6, r6, #0x81\n\t"
-#endif
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_3072_sqr_96_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_3072_sqr_96_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_3072_sqr_96_mul_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xf8\n\t"
-#else
-        "add	r6, r6, #0xf8\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_3072_sqr_96_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #8\n\t"
-#else
-        "lsl	r3, r3, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #0xfc\n\t"
-#else
-        "add	r3, r3, #0xfc\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sqr_96_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_3072_sqr_96_store_%=\n\t"
-        "movs	r6, #3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xc0\n\t"
-#else
-        "add	r6, r6, #0xc0\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-        "\n"
-    "L_sp_3072_add_48_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_3072_add_48_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0xc0\n\t"
-#else
-        "add	r7, r7, #0xc0\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sub_in_place_48_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_3072_sub_in_place_48_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[48 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0xc0\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_3072_mul_48_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0xbc\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_3072_mul_48_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_3072_mul_48_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_3072_mul_48_mul_%=\n\t"
-        "\n"
-    "L_sp_3072_mul_48_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x79\n\t"
-#else
-        "add	r6, r6, #0x79\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_3072_mul_48_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x81\n\t"
-#else
-        "add	r6, r6, #0x81\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0xbc\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_3072_sqr_48_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_3072_sqr_48_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0xc0\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_3072_sqr_48_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_3072_sqr_48_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_3072_sqr_48_mul_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x79\n\t"
-#else
-        "add	r6, r6, #0x79\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_3072_sqr_48_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #0x7d\n\t"
-#else
-        "add	r3, r3, #0x7d\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sqr_48_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_3072_sqr_48_store_%=\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x81\n\t"
-#else
-        "add	r6, r6, #0x81\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x81\n\t"
-#else
-        "add	r6, r6, #0x81\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_3072_mul_d_96_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_3072_mul_d_96_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 48);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_48(r, m);
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0xc0\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_3072_cond_sub_48_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_3072_cond_sub_48_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#define sp_3072_mont_reduce_order_96   sp_3072_mont_reduce_96
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0xbc\n\t"
-        "movs	r6, #0xc0\n\t"
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_48_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_48_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
-        "# a[i+47] += m[47] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[47] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[47] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0xbc\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_3072_mont_reduce_48_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #0xc0\n\t"
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_3072_mont_reduce_48_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_3072_mont_reduce_48_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_48(r, a, b);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_48(r, a);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #0xc0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_3072_mul_d_48_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_3072_mul_d_48_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_3072_word_48_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_3072_word_48_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0xbc\n\t"
-        "\n"
-    "L_sp_3072_cmp_48_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_3072_cmp_48_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[96], t2[49];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    r1 = sp_3072_cmp_48(&t1[48], d) >= 0;
-    sp_3072_cond_sub_48(&t1[48], &t1[48], d, (sp_digit)0 - r1);
-    for (i = 47; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[48 + i] == div);
-        sp_digit hi = t1[48 + i] + mask;
-        r1 = div_3072_word_48(hi, t1[48 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_48(t1, d) >= 0;
-    sp_3072_cond_sub_48(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_3072_div_48(a, m, NULL, r);
-    return ret;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 96);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 96);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_48(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_48(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_48(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_48(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_48(t[20], t[10], m, mp);
-        sp_3072_mont_mul_48(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_48(t[22], t[11], m, mp);
-        sp_3072_mont_mul_48(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_48(t[24], t[12], m, mp);
-        sp_3072_mont_mul_48(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_48(t[26], t[13], m, mp);
-        sp_3072_mont_mul_48(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_48(t[28], t[14], m, mp);
-        sp_3072_mont_mul_48(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_48(t[30], t[15], m, mp);
-        sp_3072_mont_mul_48(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 96);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_96(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #0x81\n\t"
-#else
-        "add	r5, r5, #0x81\n\t"
-#endif
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_3072_cond_sub_96_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_3072_cond_sub_96_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#define sp_3072_mont_reduce_order_96   sp_3072_mont_reduce_96
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #0x7d\n\t"
-#else
-        "add	r5, r5, #0x7d\n\t"
-#endif
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x81\n\t"
-#else
-        "add	r6, r6, #0x81\n\t"
-#endif
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_96_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_3072_mont_reduce_96_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
-        "# a[i+95] += m[95] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[95] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[95] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #0x7d\n\t"
-#else
-        "add	r3, r3, #0x7d\n\t"
-#endif
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_3072_mont_reduce_96_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, #0x81\n\t"
-#else
-        "add	r4, r4, #0x81\n\t"
-#endif
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_3072_mont_reduce_96_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_3072_mont_reduce_96_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_96(r, a, b);
-    sp_3072_mont_reduce_96(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_96(r, a);
-    sp_3072_mont_reduce_96(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #0x81\n\t"
-#else
-        "add	r5, r5, #0x81\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r5\n\t"
-#else
-        "add	r6, r6, r5\n\t"
-#endif
-        "\n"
-    "L_sp_3072_sub_96_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_3072_sub_96_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_3072_word_96_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_3072_word_96_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[192], t2[97];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[95];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 96);
-    for (i = 95; i > 0; i--) {
-        if (t1[i + 96] != d[i])
-            break;
-    }
-    if (t1[i + 96] >= d[i]) {
-        sp_3072_sub_in_place_96(&t1[96], d);
-    }
-    for (i = 95; i >= 0; i--) {
-        if (t1[96 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_3072_word_96(t1[96 + i], t1[96 + i - 1], div);
-        }
-
-        sp_3072_mul_d_96(t2, d, r1);
-        t1[96 + i] += sp_3072_sub_in_place_96(&t1[i], t2);
-        t1[96 + i] -= t2[96];
-        if (t1[96 + i] != 0) {
-            t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], d);
-            if (t1[96 + i] != 0)
-                t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 95; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_3072_sub_96(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 96);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_3072_div_96_cond(a, m, NULL, r);
-    return ret;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<96; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 96; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x7d\n\t"
-#else
-        "add	r6, r6, #0x7d\n\t"
-#endif
-        "\n"
-    "L_sp_3072_cmp_96_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_3072_cmp_96_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[192], t2[97];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[95];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 96);
-    r1 = sp_3072_cmp_96(&t1[96], d) >= 0;
-    sp_3072_cond_sub_96(&t1[96], &t1[96], d, (sp_digit)0 - r1);
-    for (i = 95; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[96 + i] == div);
-        sp_digit hi = t1[96 + i] + mask;
-        r1 = div_3072_word_96(hi, t1[96 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_96(t2, d, r1);
-        t1[96 + i] += sp_3072_sub_in_place_96(&t1[i], t2);
-        t1[96 + i] -= t2[96];
-        sp_3072_mask_96(t2, d, t1[96 + i]);
-        t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], t2);
-        sp_3072_mask_96(t2, d, t1[96 + i]);
-        t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_96(t1, d) >= 0;
-    sp_3072_cond_sub_96(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_3072_div_96(a, m, NULL, r);
-    return ret;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 192);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 192;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 96U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_96(t[1] + 96, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_96(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 96, a, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_96(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_96(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_96(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_96(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_96(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_96(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 96);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_mont_mul_96(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 192);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 192;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 96U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_96(t[1] + 96, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_96(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 96, a, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_96(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_96(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_96(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_96(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_96(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_96(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_96(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_96(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_96(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_96(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_96(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_96(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_96(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_96(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 96);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_mont_mul_96(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 96 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 384 ||
-                                                     mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 96 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 96;
-        r = a + 96 * 2;
-        m = r + 96 * 2;
-
-        sp_3072_from_bin(ah, 96, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 96, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_3072_mont_sqr_96(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_3072_mont_mul_96(r, r, ah, m, mp);
-
-                for (i = 95; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_96(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_3072_sqr_96(r, ah);
-                err = sp_3072_mod_96_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_3072_mul_96(r, ah, r);
-                err = sp_3072_mod_96_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 96);
-                for (i--; i >= 0; i--) {
-                    sp_3072_mont_sqr_96(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_96(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[96], 0, sizeof(sp_digit) * 96);
-                sp_3072_mont_reduce_96(r, m, mp);
-
-                for (i = 95; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_96(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0xc0\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_3072_cond_add_48_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_3072_cond_add_48_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 96 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 96 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 96;
-        m = a + 192;
-        r = a;
-
-        sp_3072_from_bin(a, 96, in, inLen);
-        sp_3072_from_mp(d, 96, dm);
-        sp_3072_from_mp(m, 96, mm);
-        err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 96, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 48 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 384 || mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 48 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 96 * 2;
-        q = p + 48;
-        qi = dq = dp = q + 48;
-        tmpa = qi + 48;
-        tmpb = tmpa + 96;
-        r = a;
-
-        sp_3072_from_bin(a, 96, in, inLen);
-        sp_3072_from_mp(p, 48, pm);
-        sp_3072_from_mp(q, 48, qm);
-        sp_3072_from_mp(dp, 48, dpm);
-
-        err = sp_3072_mod_exp_48(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(dq, 48, dqm);
-        err = sp_3072_mod_exp_48(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_3072_sub_in_place_48(tmpa, tmpb);
-        c += sp_3072_cond_add_48(tmpa, tmpa, p, c);
-        sp_3072_cond_add_48(tmpa, tmpa, p, c);
-
-        sp_3072_from_mp(qi, 48, qim);
-        sp_3072_mul_48(tmpa, tmpa, qi);
-        err = sp_3072_mod_48(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_48(tmpa, q, tmpa);
-        XMEMSET(&tmpb[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_add_96(r, tmpb, tmpa);
-
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 48 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 96);
-        r->used = 96;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 96; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 96; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[192];
-    sp_digit e[96];
-    sp_digit m[96];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 96, base);
-        sp_3072_from_mp(e, 96, exp);
-        sp_3072_from_mp(m, 96, mod);
-
-        err = sp_3072_mod_exp_96(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-/* Lefy shift a by n bits into r. (r = a << n)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * n  Integer representing number of bits to shift.
- */
-static void sp_3072_lshift_96(sp_digit* r, const sp_digit* a, byte n)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #31\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, %[n]\n\t"
-#else
-        "sub	r7, r7, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #0xff\n\t"
-#else
-        "add	%[a], %[a], #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #0xff\n\t"
-#else
-        "add	%[r], %[r], #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #0x41\n\t"
-#else
-        "add	%[a], %[a], #0x41\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #0x41\n\t"
-#else
-        "add	%[r], %[r], #0x41\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r4, #1\n\t"
-#else
-        "lsr	r5, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, r7\n\t"
-#else
-        "lsr	r5, r5, r7\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "str	r5, [%[r]]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 289);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 289, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 192;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_3072_lshift_96(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_lshift_96(r, r, y);
-            sp_3072_mul_d_96(tmp, norm, r[96]);
-            r[96] = 0;
-            o = sp_3072_add_96(r, r, tmp);
-            sp_3072_cond_sub_96(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[192];
-    sp_digit e[96];
-    sp_digit m[96];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 96, base);
-        sp_3072_from_bin(e, 96, exp, expLen);
-        sp_3072_from_mp(m, 96, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2 && m[95] == (sp_digit)-1)
-            err = sp_3072_mod_exp_2_96(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_3072_mod_exp_96(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-        for (i=0; i<384 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[96];
-    sp_digit e[48];
-    sp_digit m[48];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_mp(e, 48, exp);
-        sp_3072_from_mp(m, 48, mod);
-
-        err = sp_3072_mod_exp_48(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 48, 0, sizeof(*r) * 48U);
-        err = sp_3072_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_128(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 127; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_128(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_128(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_add_word_64(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[128];
-    sp_digit a1[64];
-    sp_digit b1[64];
-    sp_digit* z2 = r + 128;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_64(a1, a, &a[64]);
-    cb = sp_2048_add_64(b1, b, &b[64]);
-    u  = ca & cb;
-
-    sp_2048_mul_64(z2, &a[64], &b[64]);
-    sp_2048_mul_64(z0, a, b);
-    sp_2048_mul_64(z1, a1, b1);
-
-    u += sp_4096_sub_in_place_128(z1, z0);
-    u += sp_4096_sub_in_place_128(z1, z2);
-    sp_2048_mask_64(a1, a1, 0 - cb);
-    u += sp_2048_add_64(z1 + 64, z1 + 64, a1);
-    sp_2048_mask_64(b1, b1, 0 - ca);
-    u += sp_2048_add_64(z1 + 64, z1 + 64, b1);
-
-    u += sp_4096_add_128(r + 64, r + 64, z1);
-    (void)sp_4096_add_word_64(r + 192, r + 192, u);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 128;
-    sp_digit z1[128];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 64;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 64);
-
-    mask = sp_2048_sub_64(a1, a, &a[64]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_64(a1, p1, p2);
-
-    sp_2048_sqr_64(z2, &a[64]);
-    sp_2048_sqr_64(z0, a);
-    sp_2048_sqr_64(z1, a1);
-
-    u = 0;
-    u -= sp_4096_sub_in_place_128(z1, z2);
-    u -= sp_4096_sub_in_place_128(z1, z0);
-    u += sp_4096_sub_in_place_128(r + 64, z1);
-    sp_4096_add_word_64(r + 192, r + 192, u);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, #8\n\t"
-#else
-        "lsl	r4, r4, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r4\n\t"
-#else
-        "add	r6, r6, r4\n\t"
-#endif
-        "\n"
-    "L_sp_4096_add_128_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_4096_add_128_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-        "movs	r5, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #8\n\t"
-#else
-        "lsl	r5, r5, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, r5\n\t"
-#else
-        "add	r7, r7, r5\n\t"
-#endif
-        "\n"
-    "L_sp_4096_sub_in_place_128_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_4096_sub_in_place_128_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[128 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_4096_mul_128_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xfd\n\t"
-#else
-        "add	r6, r6, #0xfd\n\t"
-#endif
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_4096_mul_128_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_4096_mul_128_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_4096_mul_128_mul_%=\n\t"
-        "\n"
-    "L_sp_4096_mul_128_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xf8\n\t"
-#else
-        "add	r6, r6, #0xf8\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_4096_mul_128_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xfd\n\t"
-#else
-        "add	r6, r6, #0xfd\n\t"
-#endif
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_4096_sqr_128_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_4096_sqr_128_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_4096_sqr_128_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_4096_sqr_128_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_4096_sqr_128_mul_%=\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xf8\n\t"
-#else
-        "add	r6, r6, #0xf8\n\t"
-#endif
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_4096_sqr_128_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #8\n\t"
-#else
-        "lsl	r3, r3, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #0xfc\n\t"
-#else
-        "add	r3, r3, #0xfc\n\t"
-#endif
-        "\n"
-    "L_sp_4096_sqr_128_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_4096_sqr_128_store_%=\n\t"
-        "movs	r6, #4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_4096_mul_d_128_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_4096_mul_d_128_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 128);
-
-    /* r = 2^n mod m */
-    sp_4096_sub_in_place_128(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #8\n\t"
-#else
-        "lsl	r5, r5, #8\n\t"
-#endif
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_4096_cond_sub_128_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_4096_cond_sub_128_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#define sp_4096_mont_reduce_order_128   sp_4096_mont_reduce_128
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #0xfd\n\t"
-#else
-        "add	r5, r5, #0xfd\n\t"
-#endif
-        "movs	r6, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_4096_mont_reduce_128_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_4096_mont_reduce_128_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
-        "# a[i+127] += m[127] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[127] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[127] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #0xfd\n\t"
-#else
-        "add	r3, r3, #0xfd\n\t"
-#endif
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_4096_mont_reduce_128_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, #8\n\t"
-#else
-        "lsl	r4, r4, #8\n\t"
-#endif
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_4096_mont_reduce_128_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_4096_mont_reduce_128_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_128(r, a, b);
-    sp_4096_mont_reduce_128(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_128(r, a);
-    sp_4096_mont_reduce_128(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r5, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #8\n\t"
-#else
-        "lsl	r5, r5, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r5\n\t"
-#else
-        "add	r6, r6, r5\n\t"
-#endif
-        "\n"
-    "L_sp_4096_sub_128_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_4096_sub_128_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_4096_word_128_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_4096_word_128_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[256], t2[129];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[127];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 128);
-    for (i = 127; i > 0; i--) {
-        if (t1[i + 128] != d[i])
-            break;
-    }
-    if (t1[i + 128] >= d[i]) {
-        sp_4096_sub_in_place_128(&t1[128], d);
-    }
-    for (i = 127; i >= 0; i--) {
-        if (t1[128 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_4096_word_128(t1[128 + i], t1[128 + i - 1], div);
-        }
-
-        sp_4096_mul_d_128(t2, d, r1);
-        t1[128 + i] += sp_4096_sub_in_place_128(&t1[i], t2);
-        t1[128 + i] -= t2[128];
-        if (t1[128 + i] != 0) {
-            t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], d);
-            if (t1[128 + i] != 0)
-                t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 127; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_4096_sub_128(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 128);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_4096_div_128_cond(a, m, NULL, r);
-    return ret;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<128; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 128; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xfd\n\t"
-#else
-        "add	r6, r6, #0xfd\n\t"
-#endif
-        "\n"
-    "L_sp_4096_cmp_128_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_4096_cmp_128_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[256], t2[129];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[127];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 128);
-    r1 = sp_4096_cmp_128(&t1[128], d) >= 0;
-    sp_4096_cond_sub_128(&t1[128], &t1[128], d, (sp_digit)0 - r1);
-    for (i = 127; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[128 + i] == div);
-        sp_digit hi = t1[128 + i] + mask;
-        r1 = div_4096_word_128(hi, t1[128 + i - 1], div);
-        r1 |= mask;
-
-        sp_4096_mul_d_128(t2, d, r1);
-        t1[128 + i] += sp_4096_sub_in_place_128(&t1[i], t2);
-        t1[128 + i] -= t2[128];
-        sp_4096_mask_128(t2, d, t1[128 + i]);
-        t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], t2);
-        sp_4096_mask_128(t2, d, t1[128 + i]);
-        t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_4096_cmp_128(t1, d) >= 0;
-    sp_4096_cond_sub_128(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_4096_div_128(a, m, NULL, r);
-    return ret;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 256);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 256;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 128U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_128(t[1] + 128, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_128(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 128, a, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_128(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_128(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_128(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_128(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_128(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_128(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 128);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_mont_mul_128(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 256);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 256;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 128U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_128(t[1] + 128, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_128(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 128, a, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_128(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_128(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_128(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_128(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_128(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_128(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_128(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_128(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_128(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_128(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_128(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_128(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_128(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_128(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 128);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_mont_mul_128(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 128 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 512 ||
-                                                     mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 128 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 128;
-        r = a + 128 * 2;
-        m = r + 128 * 2;
-
-        sp_4096_from_bin(ah, 128, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 128, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_4096_mont_sqr_128(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_4096_mont_mul_128(r, r, ah, m, mp);
-
-                for (i = 127; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_128(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_4096_sqr_128(r, ah);
-                err = sp_4096_mod_128_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_4096_mul_128(r, ah, r);
-                err = sp_4096_mod_128_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 128);
-                for (i--; i >= 0; i--) {
-                    sp_4096_mont_sqr_128(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_128(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[128], 0, sizeof(sp_digit) * 128);
-                sp_4096_mont_reduce_128(r, m, mp);
-
-                for (i = 127; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_128(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_4096_cond_add_64_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_4096_cond_add_64_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 128 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 128 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 128;
-        m = a + 256;
-        r = a;
-
-        sp_4096_from_bin(a, 128, in, inLen);
-        sp_4096_from_mp(d, 128, dm);
-        sp_4096_from_mp(m, 128, mm);
-        err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 128, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 64 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 512 || mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 128 * 2;
-        q = p + 64;
-        qi = dq = dp = q + 64;
-        tmpa = qi + 64;
-        tmpb = tmpa + 128;
-        r = a;
-
-        sp_4096_from_bin(a, 128, in, inLen);
-        sp_4096_from_mp(p, 64, pm);
-        sp_4096_from_mp(q, 64, qm);
-        sp_4096_from_mp(dp, 64, dpm);
-
-        err = sp_2048_mod_exp_64(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(dq, 64, dqm);
-        err = sp_2048_mod_exp_64(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_64(tmpa, tmpb);
-        c += sp_4096_cond_add_64(tmpa, tmpa, p, c);
-        sp_4096_cond_add_64(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 64, qim);
-        sp_2048_mul_64(tmpa, tmpa, qi);
-        err = sp_2048_mod_64(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_64(tmpa, q, tmpa);
-        XMEMSET(&tmpb[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_add_128(r, tmpb, tmpa);
-
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 64 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 128);
-        r->used = 128;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 128; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 128; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[256];
-    sp_digit e[128];
-    sp_digit m[128];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 128, base);
-        sp_4096_from_mp(e, 128, exp);
-        sp_4096_from_mp(m, 128, mod);
-
-        err = sp_4096_mod_exp_128(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-/* Lefy shift a by n bits into r. (r = a << n)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * n  Integer representing number of bits to shift.
- */
-static void sp_4096_lshift_128(sp_digit* r, const sp_digit* a, byte n)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #31\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, %[n]\n\t"
-#else
-        "sub	r7, r7, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #0xff\n\t"
-#else
-        "add	%[a], %[a], #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #0xff\n\t"
-#else
-        "add	%[r], %[r], #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #0xc1\n\t"
-#else
-        "add	%[a], %[a], #0xc1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #0xc1\n\t"
-#else
-        "add	%[r], %[r], #0xc1\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r4, #1\n\t"
-#else
-        "lsr	r5, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, r7\n\t"
-#else
-        "lsr	r5, r5, r7\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "str	r3, [%[r]]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 385);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 385, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 256;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_4096_lshift_128(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_lshift_128(r, r, y);
-            sp_4096_mul_d_128(tmp, norm, r[128]);
-            r[128] = 0;
-            o = sp_4096_add_128(r, r, tmp);
-            sp_4096_cond_sub_128(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[256];
-    sp_digit e[128];
-    sp_digit m[128];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 128, base);
-        sp_4096_from_bin(e, 128, exp, expLen);
-        sp_4096_from_mp(m, 128, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2 && m[127] == (sp_digit)-1)
-            err = sp_4096_mod_exp_2_128(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_4096_mod_exp_128(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-        for (i=0; i<512 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 8];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 8];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 8];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[8] = {
-    0xffffffff,0xffffffff,0xffffffff,0x00000000,0x00000000,0x00000000,
-    0x00000001,0xffffffff
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[8] = {
-    0x00000001,0x00000000,0x00000000,0xffffffff,0xffffffff,0xffffffff,
-    0xfffffffe,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[8] = {
-    0xfc632551,0xf3b9cac2,0xa7179e84,0xbce6faad,0xffffffff,0xffffffff,
-    0x00000000,0xffffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[8] = {
-    0xfc63254f,0xf3b9cac2,0xa7179e84,0xbce6faad,0xffffffff,0xffffffff,
-    0x00000000,0xffffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[8] = {
-    0x039cdaaf,0x0c46353d,0x58e8617b,0x43190552,0x00000000,0x00000000,
-    0xffffffff,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0xee00bc4f;
-#endif
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0xd898c296,0xf4a13945,0x2deb33a0,0x77037d81,0x63a440f2,0xf8bce6e5,
-        0xe12c4247,0x6b17d1f2,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x37bf51f5,0xcbb64068,0x6b315ece,0x2bce3357,0x7c0f9e16,0x8ee7eb4a,
-        0xfe1a7f9b,0x4fe342e2,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[8] = {
-    0x27d2604b,0x3bce3c3e,0xcc53b0f6,0x651d06b0,0x769886bc,0xb3ebbd55,
-    0xaa3a93e7,0x5ac635d8
-};
-#endif
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[8 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #32\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_256_mul_8_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #28\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_256_mul_8_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_256_mul_8_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_256_mul_8_mul_%=\n\t"
-        "\n"
-    "L_sp_256_mul_8_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #56\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_256_mul_8_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0x40\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_256_sqr_8_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #28\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_256_sqr_8_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_256_sqr_8_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_256_sqr_8_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_256_sqr_8_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_256_sqr_8_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #32\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_256_sqr_8_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_256_sqr_8_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_256_sqr_8_mul_%=\n\t"
-        "\n"
-    "L_sp_256_sqr_8_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #56\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_256_sqr_8_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #60\n\t"
-        "\n"
-    "L_sp_256_sqr_8_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_256_sqr_8_store_%=\n\t"
-        "movs	r6, #0x40\n\t"
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #32\n\t"
-#else
-        "add	r6, r6, #32\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-        "\n"
-    "L_sp_256_add_8_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_256_add_8_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- */
-static int sp_256_mod_mul_norm_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int64_t t[8];
-    int64_t a64[8];
-    int64_t o;
-
-    (void)m;
-
-    a64[0] = a[0];
-    a64[1] = a[1];
-    a64[2] = a[2];
-    a64[3] = a[3];
-    a64[4] = a[4];
-    a64[5] = a[5];
-    a64[6] = a[6];
-    a64[7] = a[7];
-
-    /*  1  1  0 -1 -1 -1 -1  0 */
-    t[0] = 0 + a64[0] + a64[1] - a64[3] - a64[4] - a64[5] - a64[6];
-    /*  0  1  1  0 -1 -1 -1 -1 */
-    t[1] = 0 + a64[1] + a64[2] - a64[4] - a64[5] - a64[6] - a64[7];
-    /*  0  0  1  1  0 -1 -1 -1 */
-    t[2] = 0 + a64[2] + a64[3] - a64[5] - a64[6] - a64[7];
-    /* -1 -1  0  2  2  1  0 -1 */
-    t[3] = 0 - a64[0] - a64[1] + 2 * a64[3] + 2 * a64[4] + a64[5] - a64[7];
-    /*  0 -1 -1  0  2  2  1  0 */
-    t[4] = 0 - a64[1] - a64[2] + 2 * a64[4] + 2 * a64[5] + a64[6];
-    /*  0  0 -1 -1  0  2  2  1 */
-    t[5] = 0 - a64[2] - a64[3] + 2 * a64[5] + 2 * a64[6] + a64[7];
-    /* -1 -1  0  0  0  1  3  2 */
-    t[6] = 0 - a64[0] - a64[1] + a64[5] + 3 * a64[6] + 2 * a64[7];
-    /*  1  0 -1 -1 -1 -1  0  3 */
-    t[7] = 0 + a64[0] - a64[2] - a64[3] - a64[4] - a64[5] + 3 * a64[7];
-
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    o     = t[7] >> 32; t[7] &= 0xffffffff;
-    t[0] += o;
-    t[3] -= o;
-    t[6] -= o;
-    t[7] += o;
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    o     = t[7] >> 32; t[7] &= 0xffffffff;
-    t[0] += o;
-    t[3] -= o;
-    t[6] -= o;
-    t[7] += o;
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    r[0] = (sp_digit)t[0];
-    r[1] = (sp_digit)t[1];
-    r[2] = (sp_digit)t[2];
-    r[3] = (sp_digit)t[3];
-    r[4] = (sp_digit)t[4];
-    r[5] = (sp_digit)t[5];
-    r[6] = (sp_digit)t[6];
-    r[7] = (sp_digit)t[7];
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_8(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 8, pm->x);
-    sp_256_from_mp(p->y, 8, pm->y);
-    sp_256_from_mp(p->z, 8, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 8);
-        r->used = 8;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 8; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 8; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    (void)mp;
-    (void)m;
-
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r1, #0\n\t"
-        "# i = 0\n\t"
-        "mov	r8, r2\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_8_mod_%=:\n\t"
-        "movs	r4, #0\n\t"
-        "# mu = a[i] * 1 (mp) = a[i]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "# a[i+0] += -1 * mu\n\t"
-        "movs	r5, r3\n\t"
-        "str	r4, [%[a]]\n\t"
-        "# a[i+1] += -1 * mu\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	r4, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r2\n\t"
-#else
-        "sbc	r4, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r2\n\t"
-#else
-        "adc	r4, r2\n\t"
-#endif
-        "str	r5, [%[a], #4]\n\t"
-        "# a[i+2] += -1 * mu\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "movs	r5, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r3\n\t"
-#else
-        "sub	r4, r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r2\n\t"
-#else
-        "sbc	r5, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r2\n\t"
-#else
-        "adc	r5, r2\n\t"
-#endif
-        "str	r4, [%[a], #8]\n\t"
-        "# a[i+3] += 0 * mu\n\t"
-        "ldr	r6, [%[a], #12]\n\t"
-        "movs	r4, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r2\n\t"
-#else
-        "adc	r4, r2\n\t"
-#endif
-        "str	r5, [%[a], #12]\n\t"
-        "# a[i+4] += 0 * mu\n\t"
-        "ldr	r6, [%[a], #16]\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r2\n\t"
-#else
-        "adc	r5, r2\n\t"
-#endif
-        "str	r4, [%[a], #16]\n\t"
-        "# a[i+5] += 0 * mu\n\t"
-        "ldr	r6, [%[a], #20]\n\t"
-        "movs	r4, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r2\n\t"
-#else
-        "adc	r4, r2\n\t"
-#endif
-        "str	r5, [%[a], #20]\n\t"
-        "# a[i+6] += 1 * mu\n\t"
-        "ldr	r6, [%[a], #24]\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r3\n\t"
-#else
-        "add	r4, r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r2\n\t"
-#else
-        "adc	r5, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r2\n\t"
-#else
-        "adc	r5, r2\n\t"
-#endif
-        "str	r4, [%[a], #24]\n\t"
-        "# a[i+7] += -1 * mu\n\t"
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adds	r4, r1, r3\n\t"
-#else
-    #ifdef __clang__
-        "adds	r4, r1, r3\n\t"
-    #else
-        "add	r4, r1, r3\n\t"
-    #endif
-#endif
-        "movs	r1, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r2\n\t"
-#else
-        "sbc	r4, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r1, r2\n\t"
-#else
-        "sbc	r1, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r5, [%[a], #28]\n\t"
-        "str	r4, [%[a], #32]\n\t"
-        "# i += 1\n\t"
-        "movs	r6, #4\n\t"
-        "add	r8, r8, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "movs	r6, #32\n\t"
-        "cmp	r8, r6\n\t"
-        "blt	L_sp_256_mont_reduce_8_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #32\n\t"
-#else
-        "sub	%[a], %[a], #32\n\t"
-#endif
-        "movs	r3, r1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r1, r1, #1\n\t"
-#else
-        "sub	r1, r1, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r1, r1\n\t"
-#else
-        "mvn	r1, r1\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "ldr	r6, [%[a], #40]\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r1\n\t"
-#else
-        "sub	r5, r5, r1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r1\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r1\n\t"
-#else
-        "sbc	r4, r1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r1\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r1\n\t"
-#else
-        "sbc	r6, r1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r2\n\t"
-#else
-        "sbc	r7, r2\n\t"
-#endif
-        "str	r5, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "str	r6, [%[a], #8]\n\t"
-        "str	r7, [%[a], #12]\n\t"
-        "ldr	r5, [%[a], #48]\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "ldr	r6, [%[a], #56]\n\t"
-        "ldr	r7, [%[a], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r2\n\t"
-#else
-        "sbc	r5, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r2\n\t"
-#else
-        "sbc	r4, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r3\n\t"
-#else
-        "sbc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r1\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r1\n\t"
-#else
-        "sbc	r7, r1\n\t"
-#endif
-        "str	r5, [%[a], #16]\n\t"
-        "str	r4, [%[a], #20]\n\t"
-        "str	r6, [%[a], #24]\n\t"
-        "str	r7, [%[a], #28]\n\t"
-        : [a] "+l" (a)
-        :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #28\n\t"
-        "movs	r6, #32\n\t"
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_order_8_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_256_mont_reduce_order_8_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-        "# a[i+7] += m[7] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[7] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[7] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #28\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_256_mont_reduce_order_8_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #32\n\t"
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_256_mont_reduce_order_8_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_256_mont_reduce_order_8_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mul_8(r, a, b);
-    sp_256_mont_reduce_8(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_256_sqr_8(r, a);
-    sp_256_mont_reduce_8(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_8(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_8(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word32 p256_mod_minus_2[8] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0x00000000U,0x00000000U,0x00000000U,
-    0x00000001U,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 8);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_8(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_256_mont_mul_8(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 8);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 8;
-    sp_digit* t3 = td + 4 * 8;
-    /* 0x2 */
-    sp_256_mont_sqr_8(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_8(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_8(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_8(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_8(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_8(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_8(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_8(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_8(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_8(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_8(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_8(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_8(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #28\n\t"
-        "\n"
-    "L_sp_256_cmp_8_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_256_cmp_8_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_256_norm_8(a)
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #32\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_256_cond_sub_8_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_256_cond_sub_8_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_int32 n;
-
-    sp_256_mont_inv_8(t1, p->z, t + 2*8);
-
-    sp_256_mont_sqr_8(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_8(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 8, 0, sizeof(sp_digit) * 8U);
-    sp_256_mont_reduce_8(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_8(r->x, p256_mod);
-    sp_256_cond_sub_8(r->x, r->x, p256_mod, (sp_digit)~(n >> 31));
-    sp_256_norm_8(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_8(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 8, 0, sizeof(sp_digit) * 8U);
-    sp_256_mont_reduce_8(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_8(r->y, p256_mod);
-    sp_256_cond_sub_8(r->y, r->y, p256_mod, (sp_digit)~(n >> 31));
-    sp_256_norm_8(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    (void)m;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[b], #8]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[b], #16]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "mov	r8, r4\n\t"
-        "mov	r9, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[b], #24]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "mov	r10, r4\n\t"
-        "mov	r11, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-        "movs	r6, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #1\n\t"
-#else
-        "sub	r3, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r7, #0\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r3\n\t"
-#else
-        "sub	r4, r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r3\n\t"
-#else
-        "sbc	r5, r3\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r3\n\t"
-#else
-        "sbc	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "mov	r4, r8\n\t"
-        "mov	r5, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "mov	r4, r10\n\t"
-        "mov	r5, r11\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r3\n\t"
-#else
-        "sbc	r5, r3\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    (void)m;
-    __asm__ __volatile__ (
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r4\n\t"
-#else
-        "add	r4, r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r8, r4\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r10, r6\n\t"
-        "mov	r11, r7\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r7, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-        "movs	r2, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #1\n\t"
-#else
-        "sub	r3, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r3\n\t"
-#else
-        "sub	r4, r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r3\n\t"
-#else
-        "sbc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r3\n\t"
-#else
-        "sbc	r6, r3\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "str	r6, [%[r], #8]\n\t"
-        "ldr	r4, [%[r], #12]\n\t"
-        "mov	r5, r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r7\n\t"
-#else
-        "sbc	r6, r7\n\t"
-#endif
-        "str	r4, [%[r], #12]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-        "str	r6, [%[r], #20]\n\t"
-        "mov	r4, r10\n\t"
-        "mov	r5, r11\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r2\n\t"
-#else
-        "sbc	r4, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r3\n\t"
-#else
-        "sbc	r5, r3\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    (void)m;
-    __asm__ __volatile__ (
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[a], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r6\n\t"
-#else
-        "add	r6, r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-        "mov	r8, r4\n\t"
-        "mov	r9, r5\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r2\n\t"
-#else
-        "adc	r2, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-        "mov	r10, r2\n\t"
-        "mov	r11, r3\n\t"
-        "mov	r12, r4\n\t"
-        "mov	lr, r5\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-        "movs	r4, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #1\n\t"
-#else
-        "sub	r3, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r3\n\t"
-#else
-        "sub	r6, r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r3\n\t"
-#else
-        "sbc	r7, r3\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r3\n\t"
-#else
-        "sbc	r2, r3\n\t"
-#endif
-        "mov	r8, r2\n\t"
-        "mov	r2, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r5\n\t"
-#else
-        "sbc	r2, r5\n\t"
-#endif
-        "mov	r9, r2\n\t"
-        "mov	r2, r10\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r5\n\t"
-#else
-        "sbc	r2, r5\n\t"
-#endif
-        "mov	r10, r2\n\t"
-        "mov	r2, r11\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r5\n\t"
-#else
-        "sbc	r2, r5\n\t"
-#endif
-        "mov	r11, r2\n\t"
-        "mov	r2, r12\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-        "mov	r12, r2\n\t"
-        "mov	r2, lr\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r3\n\t"
-#else
-        "sbc	r2, r3\n\t"
-#endif
-        "mov	lr, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r2\n\t"
-#else
-        "add	r6, r6, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r3\n\t"
-#else
-        "adc	r7, r3\n\t"
-#endif
-        "ldr	r2, [%[a], #8]\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "mov	r4, r8\n\t"
-        "mov	r5, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r4\n\t"
-#else
-        "adc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-        "mov	r8, r2\n\t"
-        "mov	r9, r3\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "mov	r4, r10\n\t"
-        "mov	r5, r11\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r4\n\t"
-#else
-        "adc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-        "mov	r10, r2\n\t"
-        "mov	r11, r3\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "mov	r4, r12\n\t"
-        "mov	r5, lr\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r4\n\t"
-#else
-        "adc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-        "mov	r12, r2\n\t"
-        "mov	lr, r3\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-        "movs	r4, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #1\n\t"
-#else
-        "sub	r3, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r3\n\t"
-#else
-        "sub	r6, r6, r3\n\t"
-#endif
-        "str	r6, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r3\n\t"
-#else
-        "sbc	r7, r3\n\t"
-#endif
-        "str	r7, [%[r], #4]\n\t"
-        "mov	r2, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r3\n\t"
-#else
-        "sbc	r2, r3\n\t"
-#endif
-        "str	r2, [%[r], #8]\n\t"
-        "mov	r2, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r5\n\t"
-#else
-        "sbc	r2, r5\n\t"
-#endif
-        "str	r2, [%[r], #12]\n\t"
-        "mov	r2, r10\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r5\n\t"
-#else
-        "sbc	r2, r5\n\t"
-#endif
-        "str	r2, [%[r], #16]\n\t"
-        "mov	r2, r11\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r5\n\t"
-#else
-        "sbc	r2, r5\n\t"
-#endif
-        "str	r2, [%[r], #20]\n\t"
-        "mov	r2, r12\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-        "str	r2, [%[r], #24]\n\t"
-        "mov	r2, lr\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r3\n\t"
-#else
-        "sbc	r2, r3\n\t"
-#endif
-        "str	r2, [%[r], #28]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    (void)m;
-    __asm__ __volatile__ (
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[b], #8]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[b], #16]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "mov	r8, r4\n\t"
-        "mov	r9, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[b], #24]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "mov	r10, r4\n\t"
-        "mov	r11, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r3, #31\n\t"
-#else
-        "lsr	r7, r3, #31\n\t"
-#endif
-        "movs	r6, #0\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r3\n\t"
-#else
-        "add	r4, r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r3\n\t"
-#else
-        "adc	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "mov	r4, r8\n\t"
-        "mov	r5, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "mov	r4, r10\n\t"
-        "mov	r5, r11\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    (void)m;
-    __asm__ __volatile__ (
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #31\n\t"
-#else
-        "lsl	r6, r6, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #31\n\t"
-#else
-        "lsr	r6, r6, #31\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-        "movs	r6, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #31\n\t"
-#else
-        "lsr	r5, r5, #31\n\t"
-#endif
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r4\n\t"
-#else
-        "adc	r3, r4\n\t"
-#endif
-        "str	r2, [%[r]]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r4\n\t"
-#else
-        "adc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "str	r2, [%[r], #8]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "str	r2, [%[r], #16]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r4\n\t"
-#else
-        "adc	r3, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #31\n\t"
-#else
-        "lsl	r6, r6, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r2, #1\n\t"
-#else
-        "lsr	r4, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #31\n\t"
-#else
-        "lsl	r2, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r3\n\t"
-#else
-        "orr	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "movs	r6, r2\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r2, [%[r], #16]\n\t"
-        "ldr	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r2, #1\n\t"
-#else
-        "lsr	r4, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #31\n\t"
-#else
-        "lsl	r2, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r3\n\t"
-#else
-        "orr	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "movs	r6, r2\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r2, [%[r], #8]\n\t"
-        "ldr	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r2, #1\n\t"
-#else
-        "lsr	r4, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #31\n\t"
-#else
-        "lsl	r2, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r3\n\t"
-#else
-        "orr	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "movs	r6, r2\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r2, [%[r]]\n\t"
-        "ldr	r3, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r2, #1\n\t"
-#else
-        "lsr	r4, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r3\n\t"
-#else
-        "orr	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
-    );
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_8(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_8(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_8(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_8(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_8(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_8(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_8(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_8(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_8(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_8(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_8(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_8(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_8(x, x, y, p256_mod);
-    /* Y = Y - X */
-    sp_256_mont_sub_8(y, y, x, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_8(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_8_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_8_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*8;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_8(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_8(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_8(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_8(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_8(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_8(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_8(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_8(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_8(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_8(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_8(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_8(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_8(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_8(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_8(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*8;
-    sp_digit* t2 = t + 4*8;
-    sp_digit* t3 = t + 6*8;
-    sp_digit* t4 = t + 8*8;
-    sp_digit* t5 = t + 10*8;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_8(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_8(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_8(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_8(t2, t1) &
-            sp_256_cmp_equal_8(t4, t3)) {
-        sp_256_proj_point_dbl_8(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_8(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(x, x, t5, p256_mod);
-        sp_256_mont_mul_8(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_8(t3, y, p256_mod);
-        sp_256_mont_sub_8(x, x, t3, p256_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_8_ctx {
-    int state;
-    sp_256_proj_point_dbl_8_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_8_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_8_ctx* ctx = (sp_256_proj_point_add_8_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*8;
-        ctx->t2 = t + 4*8;
-        ctx->t3 = t + 6*8;
-        ctx->t4 = t + 8*8;
-        ctx->t5 = t + 10*8;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_8(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_8(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_8(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_8(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_8(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_8(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_8(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_8(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_8(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_8(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_8(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_8(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_8(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_8(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_8(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_8(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_8(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_8(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_8(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_8(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_256_mont_dbl_8(ctx->t3, ctx->y, p256_mod);
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->t3, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_8(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 256 doubles.
- * 76 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_point_256* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_256, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_256, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_256_mod_mul_norm_8(t[1].x, g->x, p256_mod);
-        (void)sp_256_mod_mul_norm_8(t[1].y, g->y, p256_mod);
-        (void)sp_256_mod_mul_norm_8(t[1].z, g->z, p256_mod);
-        t[1].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_256_proj_point_add_8(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_256_proj_point_add_8(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_256_proj_point_add_8(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 6;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_16_8(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_256));
-        }
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_16_8(p, t, y);
-                p->infinity = !y;
-                sp_256_proj_point_add_8(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_256_proj_point_add_8(rt, rt, &t[y], tmp);
-            }
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 8 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_256, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_256, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*8;
-    sp_digit* b = t + 4*8;
-    sp_digit* t1 = t + 6*8;
-    sp_digit* t2 = t + 8*8;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_8(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_8(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_8(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_8(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_8(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_8(t2, b, p256_mod);
-        sp_256_mont_sub_8(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_8(t2, b, x, p256_mod);
-        sp_256_mont_dbl_8(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_8(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_8(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_8(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_8(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_8(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_8(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_dbl_8(t2, b, p256_mod);
-    sp_256_mont_sub_8(x, x, t2, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_sub_8(t2, b, x, p256_mod);
-    sp_256_mont_dbl_8(b, t2, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_8(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_8(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_8(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_8(y, y, p256_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_8(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 8;
-    sp_digit* tmp = t + 4 * 8;
-
-    sp_256_mont_inv_8(t1, a->z, tmp);
-
-    sp_256_mont_sqr_8(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_8(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[8];
-    sp_digit y[8];
-} sp_table_entry_256;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*8;
-    sp_digit* t6 = t + 4*8;
-    sp_digit* t1 = t + 6*8;
-    sp_digit* t4 = t + 8*8;
-    sp_digit* t5 = t + 10*8;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_8(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_8(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_8(p->x, t2) &
-            sp_256_cmp_equal_8(p->y, t4)) {
-        sp_256_proj_point_dbl_8(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_8(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
-        sp_256_mont_dbl_8(t5, t3, p256_mod);
-        sp_256_mont_sub_8(x, t2, t5, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_8(t3, t3, x, p256_mod);
-        sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 64 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_8(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_8(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_8(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_256_proj_point_dbl_n_8(t, 64, tmp);
-            sp_256_proj_to_affine_8(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_8(t, s1, s2, tmp);
-                sp_256_proj_to_affine_8(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_16_8(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 8 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 63;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 64;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_16_8(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=62; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 64;
-            }
-
-            sp_256_proj_point_dbl_8(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_16_8(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_8(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[8];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[8];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_8(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_8(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_8(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_8(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 32 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_8(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_8(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_8(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_8(t, 32, tmp);
-            sp_256_proj_to_affine_8(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_8(t, s1, s2, tmp);
-                sp_256_proj_to_affine_8(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_256_8(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 8 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 31;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 32;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_256_8(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 32;
-            }
-
-            sp_256_proj_point_dbl_8(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_256_8(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_8(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[8];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[8];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_8(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_8(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_8(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_8(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(point, gm);
-
-            err = sp_256_ecc_mulmod_8(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 8 + 8 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8 + 8 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 8;
-
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(point, gm);
-        sp_256_point_from_ecc_point_8(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_8(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_8(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 64 between points.
- */
-static const sp_table_entry_256 p256_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x79e730d4,0x5fedb601,0x75ba95fc,0x77622510,0x79fb732b,
-        0xa53755c6,0x18905f76 },
-      { 0xce95560a,0xddf25357,0xba19e45c,0x8b4ab8e4,0xdd21f325,0xd2e88688,
-        0x25885d85,0x8571ff18 } },
-    /* 2 */
-    { { 0x16a0d2bb,0x4f922fc5,0x1a623499,0x0d5cc16c,0x57c62c8b,0x9241cf3a,
-        0xfd1b667f,0x2f5e6961 },
-      { 0xf5a01797,0x5c15c70b,0x60956192,0x3d20b44d,0x071fdb52,0x04911b37,
-        0x8d6f0f7b,0xf648f916 } },
-    /* 3 */
-    { { 0xe137bbbc,0x9e566847,0x8a6a0bec,0xe434469e,0x79d73463,0xb1c42761,
-        0x133d0015,0x5abe0285 },
-      { 0xc04c7dab,0x92aa837c,0x43260c07,0x573d9f4c,0x78e6cc37,0x0c931562,
-        0x6b6f7383,0x94bb725b } },
-    /* 4 */
-    { { 0xbfe20925,0x62a8c244,0x8fdce867,0x91c19ac3,0xdd387063,0x5a96a5d5,
-        0x21d324f6,0x61d587d4 },
-      { 0xa37173ea,0xe87673a2,0x53778b65,0x23848008,0x05bab43e,0x10f8441e,
-        0x4621efbe,0xfa11fe12 } },
-    /* 5 */
-    { { 0x2cb19ffd,0x1c891f2b,0xb1923c23,0x01ba8d5b,0x8ac5ca8e,0xb6d03d67,
-        0x1f13bedc,0x586eb04c },
-      { 0x27e8ed09,0x0c35c6e5,0x1819ede2,0x1e81a33c,0x56c652fa,0x278fd6c0,
-        0x70864f11,0x19d5ac08 } },
-    /* 6 */
-    { { 0xd2b533d5,0x62577734,0xa1bdddc0,0x673b8af6,0xa79ec293,0x577e7c9a,
-        0xc3b266b1,0xbb6de651 },
-      { 0xb65259b3,0xe7e9303a,0xd03a7480,0xd6a0afd3,0x9b3cfc27,0xc5ac83d1,
-        0x5d18b99b,0x60b4619a } },
-    /* 7 */
-    { { 0x1ae5aa1c,0xbd6a38e1,0x49e73658,0xb8b7652b,0xee5f87ed,0x0b130014,
-        0xaeebffcd,0x9d0f27b2 },
-      { 0x7a730a55,0xca924631,0xddbbc83a,0x9c955b2f,0xac019a71,0x07c1dfe0,
-        0x356ec48d,0x244a566d } },
-    /* 8 */
-    { { 0xf4f8b16a,0x56f8410e,0xc47b266a,0x97241afe,0x6d9c87c1,0x0a406b8e,
-        0xcd42ab1b,0x803f3e02 },
-      { 0x04dbec69,0x7f0309a8,0x3bbad05f,0xa83b85f7,0xad8e197f,0xc6097273,
-        0x5067adc1,0xc097440e } },
-    /* 9 */
-    { { 0xc379ab34,0x846a56f2,0x841df8d1,0xa8ee068b,0x176c68ef,0x20314459,
-        0x915f1f30,0xf1af32d5 },
-      { 0x5d75bd50,0x99c37531,0xf72f67bc,0x837cffba,0x48d7723f,0x0613a418,
-        0xe2d41c8b,0x23d0f130 } },
-    /* 10 */
-    { { 0xd5be5a2b,0xed93e225,0x5934f3c6,0x6fe79983,0x22626ffc,0x43140926,
-        0x7990216a,0x50bbb4d9 },
-      { 0xe57ec63e,0x378191c6,0x181dcdb2,0x65422c40,0x0236e0f6,0x41a8099b,
-        0x01fe49c3,0x2b100118 } },
-    /* 11 */
-    { { 0x9b391593,0xfc68b5c5,0x598270fc,0xc385f5a2,0xd19adcbb,0x7144f3aa,
-        0x83fbae0c,0xdd558999 },
-      { 0x74b82ff4,0x93b88b8e,0x71e734c9,0xd2e03c40,0x43c0322a,0x9a7a9eaf,
-        0x149d6041,0xe6e4c551 } },
-    /* 12 */
-    { { 0x80ec21fe,0x5fe14bfe,0xc255be82,0xf6ce116a,0x2f4a5d67,0x98bc5a07,
-        0xdb7e63af,0xfad27148 },
-      { 0x29ab05b3,0x90c0b6ac,0x4e251ae6,0x37a9a83c,0xc2aade7d,0x0a7dc875,
-        0x9f0e1a84,0x77387de3 } },
-    /* 13 */
-    { { 0xa56c0dd7,0x1e9ecc49,0x46086c74,0xa5cffcd8,0xf505aece,0x8f7a1408,
-        0xbef0c47e,0xb37b85c0 },
-      { 0xcc0e6a8f,0x3596b6e4,0x6b388f23,0xfd6d4bbf,0xc39cef4e,0xaba453fa,
-        0xf9f628d5,0x9c135ac8 } },
-    /* 14 */
-    { { 0x95c8f8be,0x0a1c7294,0x3bf362bf,0x2961c480,0xdf63d4ac,0x9e418403,
-        0x91ece900,0xc109f9cb },
-      { 0x58945705,0xc2d095d0,0xddeb85c0,0xb9083d96,0x7a40449b,0x84692b8d,
-        0x2eee1ee1,0x9bc3344f } },
-    /* 15 */
-    { { 0x42913074,0x0d5ae356,0x48a542b1,0x55491b27,0xb310732a,0x469ca665,
-        0x5f1a4cc1,0x29591d52 },
-      { 0xb84f983f,0xe76f5b6b,0x9f5f84e1,0xbe7eef41,0x80baa189,0x1200d496,
-        0x18ef332c,0x6376551f } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_8(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 32 between points.
- */
-static const sp_table_entry_256 p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x79e730d4,0x5fedb601,0x75ba95fc,0x77622510,0x79fb732b,
-        0xa53755c6,0x18905f76 },
-      { 0xce95560a,0xddf25357,0xba19e45c,0x8b4ab8e4,0xdd21f325,0xd2e88688,
-        0x25885d85,0x8571ff18 } },
-    /* 2 */
-    { { 0x4147519a,0x20288602,0x26b372f0,0xd0981eac,0xa785ebc8,0xa9d4a7ca,
-        0xdbdf58e9,0xd953c50d },
-      { 0xfd590f8f,0x9d6361cc,0x44e6c917,0x72e9626b,0x22eb64cf,0x7fd96110,
-        0x9eb288f3,0x863ebb7e } },
-    /* 3 */
-    { { 0x5cdb6485,0x7856b623,0x2f0a2f97,0x808f0ea2,0x4f7e300b,0x3e68d954,
-        0xb5ff80a0,0x00076055 },
-      { 0x838d2010,0x7634eb9b,0x3243708a,0x54014fbb,0x842a6606,0xe0e47d39,
-        0x34373ee0,0x83087761 } },
-    /* 4 */
-    { { 0x16a0d2bb,0x4f922fc5,0x1a623499,0x0d5cc16c,0x57c62c8b,0x9241cf3a,
-        0xfd1b667f,0x2f5e6961 },
-      { 0xf5a01797,0x5c15c70b,0x60956192,0x3d20b44d,0x071fdb52,0x04911b37,
-        0x8d6f0f7b,0xf648f916 } },
-    /* 5 */
-    { { 0xe137bbbc,0x9e566847,0x8a6a0bec,0xe434469e,0x79d73463,0xb1c42761,
-        0x133d0015,0x5abe0285 },
-      { 0xc04c7dab,0x92aa837c,0x43260c07,0x573d9f4c,0x78e6cc37,0x0c931562,
-        0x6b6f7383,0x94bb725b } },
-    /* 6 */
-    { { 0x720f141c,0xbbf9b48f,0x2df5bc74,0x6199b3cd,0x411045c4,0xdc3f6129,
-        0x2f7dc4ef,0xcdd6bbcb },
-      { 0xeaf436fd,0xcca6700b,0xb99326be,0x6f647f6d,0x014f2522,0x0c0fa792,
-        0x4bdae5f6,0xa361bebd } },
-    /* 7 */
-    { { 0x597c13c7,0x28aa2558,0x50b7c3e1,0xc38d635f,0xf3c09d1d,0x07039aec,
-        0xc4b5292c,0xba12ca09 },
-      { 0x59f91dfd,0x9e408fa4,0xceea07fb,0x3af43b66,0x9d780b29,0x1eceb089,
-        0x701fef4b,0x53ebb99d } },
-    /* 8 */
-    { { 0xb0e63d34,0x4fe7ee31,0xa9e54fab,0xf4600572,0xd5e7b5a4,0xc0493334,
-        0x06d54831,0x8589fb92 },
-      { 0x6583553a,0xaa70f5cc,0xe25649e5,0x0879094a,0x10044652,0xcc904507,
-        0x02541c4f,0xebb0696d } },
-    /* 9 */
-    { { 0xac1647c5,0x4616ca15,0xc4cf5799,0xb8127d47,0x764dfbac,0xdc666aa3,
-        0xd1b27da3,0xeb2820cb },
-      { 0x6a87e008,0x9406f8d8,0x922378f3,0xd87dfa9d,0x80ccecb2,0x56ed2e42,
-        0x55a7da1d,0x1f28289b } },
-    /* 10 */
-    { { 0x3b89da99,0xabbaa0c0,0xb8284022,0xa6f2d79e,0xb81c05e8,0x27847862,
-        0x05e54d63,0x337a4b59 },
-      { 0x21f7794a,0x3c67500d,0x7d6d7f61,0x207005b7,0x04cfd6e8,0x0a5a3781,
-        0xf4c2fbd6,0x0d65e0d5 } },
-    /* 11 */
-    { { 0xb5275d38,0xd9d09bbe,0x0be0a358,0x4268a745,0x973eb265,0xf0762ff4,
-        0x52f4a232,0xc23da242 },
-      { 0x0b94520c,0x5da1b84f,0xb05bd78e,0x09666763,0x94d29ea1,0x3a4dcb86,
-        0xc790cff1,0x19de3b8c } },
-    /* 12 */
-    { { 0x26c5fe04,0x183a716c,0x3bba1bdb,0x3b28de0b,0xa4cb712c,0x7432c586,
-        0x91fccbfd,0xe34dcbd4 },
-      { 0xaaa58403,0xb408d46b,0x82e97a53,0x9a697486,0x36aaa8af,0x9e390127,
-        0x7b4e0f7f,0xe7641f44 } },
-    /* 13 */
-    { { 0xdf64ba59,0x7d753941,0x0b0242fc,0xd33f10ec,0xa1581859,0x4f06dfc6,
-        0x052a57bf,0x4a12df57 },
-      { 0x9439dbd0,0xbfa6338f,0xbde53e1f,0xd3c24bd4,0x21f1b314,0xfd5e4ffa,
-        0xbb5bea46,0x6af5aa93 } },
-    /* 14 */
-    { { 0x10c91999,0xda10b699,0x2a580491,0x0a24b440,0xb8cc2090,0x3e0094b4,
-        0x66a44013,0x5fe3475a },
-      { 0xf93e7b4b,0xb0f8cabd,0x7c23f91a,0x292b501a,0xcd1e6263,0x42e889ae,
-        0xecfea916,0xb544e308 } },
-    /* 15 */
-    { { 0x16ddfdce,0x6478c6e9,0xf89179e6,0x2c329166,0x4d4e67e1,0x4e8d6e76,
-        0xa6b0c20b,0xe0b6b2bd },
-      { 0xbb7efb57,0x0d312df2,0x790c4007,0x1aac0dde,0x679bc944,0xf90336ad,
-        0x25a63774,0x71c023de } },
-    /* 16 */
-    { { 0xbfe20925,0x62a8c244,0x8fdce867,0x91c19ac3,0xdd387063,0x5a96a5d5,
-        0x21d324f6,0x61d587d4 },
-      { 0xa37173ea,0xe87673a2,0x53778b65,0x23848008,0x05bab43e,0x10f8441e,
-        0x4621efbe,0xfa11fe12 } },
-    /* 17 */
-    { { 0x2cb19ffd,0x1c891f2b,0xb1923c23,0x01ba8d5b,0x8ac5ca8e,0xb6d03d67,
-        0x1f13bedc,0x586eb04c },
-      { 0x27e8ed09,0x0c35c6e5,0x1819ede2,0x1e81a33c,0x56c652fa,0x278fd6c0,
-        0x70864f11,0x19d5ac08 } },
-    /* 18 */
-    { { 0x309a4e1f,0x1e99f581,0xe9270074,0xab7de71b,0xefd28d20,0x26a5ef0b,
-        0x7f9c563f,0xe7c0073f },
-      { 0x0ef59f76,0x1f6d663a,0x20fcb050,0x669b3b54,0x7a6602d4,0xc08c1f7a,
-        0xc65b3c0a,0xe08504fe } },
-    /* 19 */
-    { { 0xa031b3ca,0xf098f68d,0xe6da6d66,0x6d1cab9e,0x94f246e8,0x5bfd81fa,
-        0x5b0996b4,0x78f01882 },
-      { 0x3a25787f,0xb7eefde4,0x1dccac9b,0x8016f80d,0xb35bfc36,0x0cea4877,
-        0x7e94747a,0x43a773b8 } },
-    /* 20 */
-    { { 0xd2b533d5,0x62577734,0xa1bdddc0,0x673b8af6,0xa79ec293,0x577e7c9a,
-        0xc3b266b1,0xbb6de651 },
-      { 0xb65259b3,0xe7e9303a,0xd03a7480,0xd6a0afd3,0x9b3cfc27,0xc5ac83d1,
-        0x5d18b99b,0x60b4619a } },
-    /* 21 */
-    { { 0x1ae5aa1c,0xbd6a38e1,0x49e73658,0xb8b7652b,0xee5f87ed,0x0b130014,
-        0xaeebffcd,0x9d0f27b2 },
-      { 0x7a730a55,0xca924631,0xddbbc83a,0x9c955b2f,0xac019a71,0x07c1dfe0,
-        0x356ec48d,0x244a566d } },
-    /* 22 */
-    { { 0xeacf1f96,0x6db0394a,0x024c271c,0x9f2122a9,0x82cbd3b9,0x2626ac1b,
-        0x3581ef69,0x45e58c87 },
-      { 0xa38f9dbc,0xd3ff479d,0xe888a040,0xa8aaf146,0x46e0bed7,0x945adfb2,
-        0xc1e4b7a4,0xc040e21c } },
-    /* 23 */
-    { { 0x6f8117b6,0x847af000,0x73a35433,0x651969ff,0x1d9475eb,0x482b3576,
-        0x682c6ec7,0x1cdf5c97 },
-      { 0x11f04839,0x7db775b4,0x48de1698,0x7dbeacf4,0xb70b3219,0xb2921dd1,
-        0xa92dff3d,0x046755f8 } },
-    /* 24 */
-    { { 0xbce8ffcd,0xcc8ac5d2,0x2fe61a82,0x0d53c48b,0x7202d6c7,0xf6f16172,
-        0x3b83a5f3,0x046e5e11 },
-      { 0xd8007f01,0xe7b8ff64,0x5af43183,0x7fb1ef12,0x35e1a03c,0x045c5ea6,
-        0x303d005b,0x6e0106c3 } },
-    /* 25 */
-    { { 0x88dd73b1,0x48c73584,0x995ed0d9,0x7670708f,0xc56a2ab7,0x38385ea8,
-        0xe901cf1f,0x442594ed },
-      { 0x12d4b65b,0xf8faa2c9,0x96c90c37,0x94c2343b,0x5e978d1f,0xd326e4a1,
-        0x4c2ee68e,0xa796fa51 } },
-    /* 26 */
-    { { 0x823addd7,0x359fb604,0xe56693b3,0x9e2a6183,0x3cbf3c80,0xf885b78e,
-        0xc69766e9,0xe4ad2da9 },
-      { 0x8e048a61,0x357f7f42,0xc092d9a0,0x082d198c,0xc03ed8ef,0xfc3a1af4,
-        0xc37b5143,0xc5e94046 } },
-    /* 27 */
-    { { 0x2be75f9e,0x476a538c,0xcb123a78,0x6fd1a9e8,0xb109c04b,0xd85e4df0,
-        0xdb464747,0x63283daf },
-      { 0xbaf2df15,0xce728cf7,0x0ad9a7f4,0xe592c455,0xe834bcc3,0xfab226ad,
-        0x1981a938,0x68bd19ab } },
-    /* 28 */
-    { { 0x1887d659,0xc08ead51,0xb359305a,0x3374d5f4,0xcfe74fe3,0x96986981,
-        0x3c6fdfd6,0x495292f5 },
-      { 0x1acec896,0x4a878c9e,0xec5b4484,0xd964b210,0x664d60a7,0x6696f7e2,
-        0x26036837,0x0ec7530d } },
-    /* 29 */
-    { { 0xad2687bb,0x2da13a05,0xf32e21fa,0xa1f83b6a,0x1dd4607b,0x390f5ef5,
-        0x64863f0b,0x0f6207a6 },
-      { 0x0f138233,0xbd67e3bb,0x272aa718,0xdd66b96c,0x26ec88ae,0x8ed00407,
-        0x08ed6dcf,0xff0db072 } },
-    /* 30 */
-    { { 0x4c95d553,0x749fa101,0x5d680a8a,0xa44052fd,0xff3b566f,0x183b4317,
-        0x88740ea3,0x313b513c },
-      { 0x08d11549,0xb402e2ac,0xb4dee21c,0x071ee10b,0x47f2320e,0x26b987dd,
-        0x86f19f81,0x2d3abcf9 } },
-    /* 31 */
-    { { 0x815581a2,0x4c288501,0x632211af,0x9a0a6d56,0x0cab2e99,0x19ba7a0f,
-        0xded98cdf,0xc036fa10 },
-      { 0xc1fbd009,0x29ae08ba,0x06d15816,0x0b68b190,0x9b9e0d8f,0xc2eb3277,
-        0xb6d40194,0xa6b2a2c4 } },
-    /* 32 */
-    { { 0x6d3549cf,0xd433e50f,0xfacd665e,0x6f33696f,0xce11fcb4,0x695bfdac,
-        0xaf7c9860,0x810ee252 },
-      { 0x7159bb2c,0x65450fe1,0x758b357b,0xf7dfbebe,0xd69fea72,0x2b057e74,
-        0x92731745,0xd485717a } },
-    /* 33 */
-    { { 0xf0cb5a98,0x11741a8a,0x1f3110bf,0xd3da8f93,0xab382adf,0x1994e2cb,
-        0x2f9a604e,0x6a6045a7 },
-      { 0xa2b2411d,0x170c0d3f,0x510e96e0,0xbe0eb83e,0x8865b3cc,0x3bcc9f73,
-        0xf9e15790,0xd3e45cfa } },
-    /* 34 */
-    { { 0xe83f7669,0xce1f69bb,0x72877d6b,0x09f8ae82,0x3244278d,0x9548ae54,
-        0xe3c2c19c,0x207755de },
-      { 0x6fef1945,0x87bd61d9,0xb12d28c3,0x18813cef,0x72df64aa,0x9fbcd1d6,
-        0x7154b00d,0x48dc5ee5 } },
-    /* 35 */
-    { { 0xf7e5a199,0x123790bf,0x989ccbb7,0xe0efb8cf,0x0a519c79,0xc27a2bfe,
-        0xdff6f445,0xf2fb0aed },
-      { 0xf0b5025f,0x41c09575,0x40fa9f22,0x550543d7,0x380bfbd0,0x8fa3c8ad,
-        0xdb28d525,0xa13e9015 } },
-    /* 36 */
-    { { 0xa2b65cbc,0xf9f7a350,0x2a464226,0x0b04b972,0xe23f07a1,0x265ce241,
-        0x1497526f,0x2bf0d6b0 },
-      { 0x4b216fb7,0xd3d4dd3f,0xfbdda26a,0xf7d7b867,0x6708505c,0xaeb7b83f,
-        0x162fe89f,0x42a94a5a } },
-    /* 37 */
-    { { 0xeaadf191,0x5846ad0b,0x25a268d7,0x0f8a4890,0x494dc1f6,0xe8603050,
-        0xc65ede3d,0x2c2dd969 },
-      { 0x93849c17,0x6d02171d,0x1da250dd,0x460488ba,0x3c3a5485,0x4810c706,
-        0x42c56dbc,0xf437fa1f } },
-    /* 38 */
-    { { 0x4a0f7dab,0x6aa0d714,0x1776e9ac,0x0f049793,0xf5f39786,0x52c0a050,
-        0x54707aa8,0xaaf45b33 },
-      { 0xc18d364a,0x85e37c33,0x3e497165,0xd40b9b06,0x15ec5444,0xf4171681,
-        0xf4f272bc,0xcdf6310d } },
-    /* 39 */
-    { { 0x8ea8b7ef,0x7473c623,0x85bc2287,0x08e93518,0x2bda8e34,0x41956772,
-        0xda9e2ff2,0xf0d008ba },
-      { 0x2414d3b1,0x2912671d,0xb019ea76,0xb3754985,0x453bcbdb,0x5c61b96d,
-        0xca887b8b,0x5bd5c2f5 } },
-    /* 40 */
-    { { 0xf49a3154,0xef0f469e,0x6e2b2e9a,0x3e85a595,0xaa924a9c,0x45aaec1e,
-        0xa09e4719,0xaa12dfc8 },
-      { 0x4df69f1d,0x26f27227,0xa2ff5e73,0xe0e4c82c,0xb7a9dd44,0xb9d8ce73,
-        0xe48ca901,0x6c036e73 } },
-    /* 41 */
-    { { 0x0f6e3138,0x5cfae12a,0x25ad345a,0x6966ef00,0x45672bc5,0x8993c64b,
-        0x96afbe24,0x292ff658 },
-      { 0x5e213402,0xd5250d44,0x4392c9fe,0xf6580e27,0xda1c72e8,0x097b397f,
-        0x311b7276,0x644e0c90 } },
-    /* 42 */
-    { { 0xa47153f0,0xe1e421e1,0x920418c9,0xb86c3b79,0x705d7672,0x93bdce87,
-        0xcab79a77,0xf25ae793 },
-      { 0x6d869d0c,0x1f3194a3,0x4986c264,0x9d55c882,0x096e945e,0x49fb5ea3,
-        0x13db0a3e,0x39b8e653 } },
-    /* 43 */
-    { { 0xb6fd2e59,0x37754200,0x9255c98f,0x35e2c066,0x0e2a5739,0xd9dab21a,
-        0x0f19db06,0x39122f2f },
-      { 0x03cad53c,0xcfbce1e0,0xe65c17e3,0x225b2c0f,0x9aa13877,0x72baf1d2,
-        0xce80ff8d,0x8de80af8 } },
-    /* 44 */
-    { { 0x207bbb76,0xafbea8d9,0x21782758,0x921c7e7c,0x1c0436b1,0xdfa2b74b,
-        0x2e368c04,0x87194906 },
-      { 0xa3993df5,0xb5f928bb,0xf3b3d26a,0x639d75b5,0x85b55050,0x011aa78a,
-        0x5b74fde1,0xfc315e6a } },
-    /* 45 */
-    { { 0xe8d6ecfa,0x561fd41a,0x1aec7f86,0x5f8c44f6,0x4924741d,0x98452a7b,
-        0xee389088,0xe6d4a7ad },
-      { 0x4593c75d,0x60552ed1,0xdd271162,0x70a70da4,0x7ba2c7db,0xd2aede93,
-        0x9be2ae57,0x35dfaf9a } },
-    /* 46 */
-    { { 0xaa736636,0x6b956fcd,0xae2cab7e,0x09f51d97,0x0f349966,0xfb10bf41,
-        0x1c830d2b,0x1da5c7d7 },
-      { 0x3cce6825,0x5c41e483,0xf9573c3b,0x15ad118f,0xf23036b8,0xa28552c7,
-        0xdbf4b9d6,0x7077c0fd } },
-    /* 47 */
-    { { 0x46b9661c,0xbf63ff8d,0x0d2cfd71,0xa1dfd36b,0xa847f8f7,0x0373e140,
-        0xe50efe44,0x53a8632e },
-      { 0x696d8051,0x0976ff68,0xc74f468a,0xdaec0c95,0x5e4e26bd,0x62994dc3,
-        0x34e1fcc1,0x028ca76d } },
-    /* 48 */
-    { { 0xfc9877ee,0xd11d47dc,0x801d0002,0xc8b36210,0x54c260b6,0xd002c117,
-        0x6962f046,0x04c17cd8 },
-      { 0xb0daddf5,0x6d9bd094,0x24ce55c0,0xbea23575,0x72da03b5,0x663356e6,
-        0xfed97474,0xf7ba4de9 } },
-    /* 49 */
-    { { 0xebe1263f,0xd0dbfa34,0x71ae7ce6,0x55763735,0x82a6f523,0xd2440553,
-        0x52131c41,0xe31f9600 },
-      { 0xea6b6ec6,0xd1bb9216,0x73c2fc44,0x37a1d12e,0x89d0a294,0xc10e7eac,
-        0xce34d47b,0xaa3a6259 } },
-    /* 50 */
-    { { 0x36f3dcd3,0xfbcf9df5,0xd2bf7360,0x6ceded50,0xdf504f5b,0x491710fa,
-        0x7e79daee,0x2398dd62 },
-      { 0x6d09569e,0xcf4705a3,0x5149f769,0xea0619bb,0x35f6034c,0xff9c0377,
-        0x1c046210,0x5717f5b2 } },
-    /* 51 */
-    { { 0x21dd895e,0x9fe229c9,0x40c28451,0x8e518500,0x1d637ecd,0xfa13d239,
-        0x0e3c28de,0x660a2c56 },
-      { 0xd67fcbd0,0x9cca88ae,0x0ea9f096,0xc8472478,0x72e92b4d,0x32b2f481,
-        0x4f522453,0x624ee54c } },
-    /* 52 */
-    { { 0xd897eccc,0x09549ce4,0x3f9880aa,0x4d49d1d9,0x043a7c20,0x723c2423,
-        0x92bdfbc0,0x4f392afb },
-      { 0x7de44fd9,0x6969f8fa,0x57b32156,0xb66cfbe4,0x368ebc3c,0xdb2fa803,
-        0xccdb399c,0x8a3e7977 } },
-    /* 53 */
-    { { 0x06c4b125,0xdde1881f,0xf6e3ca8c,0xae34e300,0x5c7a13e9,0xef6999de,
-        0x70c24404,0x3888d023 },
-      { 0x44f91081,0x76280356,0x5f015504,0x3d9fcf61,0x632cd36e,0x1827edc8,
-        0x18102336,0xa5e62e47 } },
-    /* 54 */
-    { { 0x2facd6c8,0x1a825ee3,0x54bcbc66,0x699c6354,0x98df9931,0x0ce3edf7,
-        0x466a5adc,0x2c4768e6 },
-      { 0x90a64bc9,0xb346ff8c,0xe4779f5c,0x630a6020,0xbc05e884,0xd949d064,
-        0xf9e652a0,0x7b5e6441 } },
-    /* 55 */
-    { { 0x1d28444a,0x2169422c,0xbe136a39,0xe996c5d8,0xfb0c7fce,0x2387afe5,
-        0x0c8d744a,0xb8af73cb },
-      { 0x338b86fd,0x5fde83aa,0xa58a5cff,0xfee3f158,0x20ac9433,0xc9ee8f6f,
-        0x7f3f0895,0xa036395f } },
-    /* 56 */
-    { { 0xa10f7770,0x8c73c6bb,0xa12a0e24,0xa6f16d81,0x51bc2b9f,0x100df682,
-        0x875fb533,0x4be36b01 },
-      { 0x9fb56dbb,0x9226086e,0x07e7a4f8,0x306fef8b,0x66d52f20,0xeeaccc05,
-        0x1bdc00c0,0x8cbc9a87 } },
-    /* 57 */
-    { { 0xc0dac4ab,0xe131895c,0x712ff112,0xa874a440,0x6a1cee57,0x6332ae7c,
-        0x0c0835f8,0x44e7553e },
-      { 0x7734002d,0x6d503fff,0x0b34425c,0x9d35cb8b,0x0e8738b5,0x95f70276,
-        0x5eb8fc18,0x470a683a } },
-    /* 58 */
-    { { 0x90513482,0x81b761dc,0x01e9276a,0x0287202a,0x0ce73083,0xcda441ee,
-        0xc63dc6ef,0x16410690 },
-      { 0x6d06a2ed,0xf5034a06,0x189b100b,0xdd4d7745,0xab8218c9,0xd914ae72,
-        0x7abcbb4f,0xd73479fd } },
-    /* 59 */
-    { { 0x5ad4c6e5,0x7edefb16,0x5b06d04d,0x262cf08f,0x8575cb14,0x12ed5bb1,
-        0x0771666b,0x816469e3 },
-      { 0x561e291e,0xd7ab9d79,0xc1de1661,0xeb9daf22,0x135e0513,0xf49827eb,
-        0xf0dd3f9c,0x0a36dd23 } },
-    /* 60 */
-    { { 0x41d5533c,0x098d32c7,0x8684628f,0x7c5f5a9e,0xe349bd11,0x39a228ad,
-        0xfdbab118,0xe331dfd6 },
-      { 0x6bcc6ed8,0x5100ab68,0xef7a260e,0x7160c3bd,0xbce850d7,0x9063d9a7,
-        0x492e3389,0xd3b4782a } },
-    /* 61 */
-    { { 0xf3821f90,0xa149b6e8,0x66eb7aad,0x92edd9ed,0x1a013116,0x0bb66953,
-        0x4c86a5bd,0x7281275a },
-      { 0xd3ff47e5,0x503858f7,0x61016441,0x5e1616bc,0x7dfd9bb1,0x62b0f11a,
-        0xce145059,0x2c062e7e } },
-    /* 62 */
-    { { 0x0159ac2e,0xa76f996f,0xcbdb2713,0x281e7736,0x08e46047,0x2ad6d288,
-        0x2c4e7ef1,0x282a35f9 },
-      { 0xc0ce5cd2,0x9c354b1e,0x1379c229,0xcf99efc9,0x3e82c11e,0x992caf38,
-        0x554d2abd,0xc71cd513 } },
-    /* 63 */
-    { { 0x09b578f4,0x4885de9c,0xe3affa7a,0x1884e258,0x59182f1f,0x8f76b1b7,
-        0xcf47f3a3,0xc50f6740 },
-      { 0x374b68ea,0xa9c4adf3,0x69965fe2,0xa406f323,0x85a53050,0x2f86a222,
-        0x212958dc,0xb9ecb3a7 } },
-    /* 64 */
-    { { 0xf4f8b16a,0x56f8410e,0xc47b266a,0x97241afe,0x6d9c87c1,0x0a406b8e,
-        0xcd42ab1b,0x803f3e02 },
-      { 0x04dbec69,0x7f0309a8,0x3bbad05f,0xa83b85f7,0xad8e197f,0xc6097273,
-        0x5067adc1,0xc097440e } },
-    /* 65 */
-    { { 0xc379ab34,0x846a56f2,0x841df8d1,0xa8ee068b,0x176c68ef,0x20314459,
-        0x915f1f30,0xf1af32d5 },
-      { 0x5d75bd50,0x99c37531,0xf72f67bc,0x837cffba,0x48d7723f,0x0613a418,
-        0xe2d41c8b,0x23d0f130 } },
-    /* 66 */
-    { { 0xf41500d9,0x857ab6ed,0xfcbeada8,0x0d890ae5,0x89725951,0x52fe8648,
-        0xc0a3fadd,0xb0288dd6 },
-      { 0x650bcb08,0x85320f30,0x695d6e16,0x71af6313,0xb989aa76,0x31f520a7,
-        0xf408c8d2,0xffd3724f } },
-    /* 67 */
-    { { 0xb458e6cb,0x53968e64,0x317a5d28,0x992dad20,0x7aa75f56,0x3814ae0b,
-        0xd78c26df,0xf5590f4a },
-      { 0xcf0ba55a,0x0fc24bd3,0x0c778bae,0x0fc4724a,0x683b674a,0x1ce9864f,
-        0xf6f74a20,0x18d6da54 } },
-    /* 68 */
-    { { 0xd5be5a2b,0xed93e225,0x5934f3c6,0x6fe79983,0x22626ffc,0x43140926,
-        0x7990216a,0x50bbb4d9 },
-      { 0xe57ec63e,0x378191c6,0x181dcdb2,0x65422c40,0x0236e0f6,0x41a8099b,
-        0x01fe49c3,0x2b100118 } },
-    /* 69 */
-    { { 0x9b391593,0xfc68b5c5,0x598270fc,0xc385f5a2,0xd19adcbb,0x7144f3aa,
-        0x83fbae0c,0xdd558999 },
-      { 0x74b82ff4,0x93b88b8e,0x71e734c9,0xd2e03c40,0x43c0322a,0x9a7a9eaf,
-        0x149d6041,0xe6e4c551 } },
-    /* 70 */
-    { { 0x1e9af288,0x55f655bb,0xf7ada931,0x647e1a64,0xcb2820e5,0x43697e4b,
-        0x07ed56ff,0x51e00db1 },
-      { 0x771c327e,0x43d169b8,0x4a96c2ad,0x29cdb20b,0x3deb4779,0xc07d51f5,
-        0x49829177,0xe22f4241 } },
-    /* 71 */
-    { { 0x635f1abb,0xcd45e8f4,0x68538874,0x7edc0cb5,0xb5a8034d,0xc9472c1f,
-        0x52dc48c9,0xf709373d },
-      { 0xa8af30d6,0x401966bb,0xf137b69c,0x95bf5f4a,0x9361c47e,0x3966162a,
-        0xe7275b11,0xbd52d288 } },
-    /* 72 */
-    { { 0x9c5fa877,0xab155c7a,0x7d3a3d48,0x17dad672,0x73d189d8,0x43f43f9e,
-        0xc8aa77a6,0xa0d0f8e4 },
-      { 0xcc94f92d,0x0bbeafd8,0x0c4ddb3a,0xd818c8be,0xb82eba14,0x22cc65f8,
-        0x946d6a00,0xa56c78c7 } },
-    /* 73 */
-    { { 0x0dd09529,0x2962391b,0x3daddfcf,0x803e0ea6,0x5b5bf481,0x2c77351f,
-        0x731a367a,0xd8befdf8 },
-      { 0xfc0157f4,0xab919d42,0xfec8e650,0xf51caed7,0x02d48b0a,0xcdf9cb40,
-        0xce9f6478,0x854a68a5 } },
-    /* 74 */
-    { { 0x63506ea5,0xdc35f67b,0xa4fe0d66,0x9286c489,0xfe95cd4d,0x3f101d3b,
-        0x98846a95,0x5cacea0b },
-      { 0x9ceac44d,0xa90df60c,0x354d1c3a,0x3db29af4,0xad5dbabe,0x08dd3de8,
-        0x35e4efa9,0xe4982d12 } },
-    /* 75 */
-    { { 0xc34cd55e,0x23104a22,0x2680d132,0x58695bb3,0x1fa1d943,0xfb345afa,
-        0x16b20499,0x8046b7f6 },
-      { 0x38e7d098,0xb533581e,0xf46f0b70,0xd7f61e8d,0x44cb78c4,0x30dea9ea,
-        0x9082af55,0xeb17ca7b } },
-    /* 76 */
-    { { 0x76a145b9,0x1751b598,0xc1bc71ec,0xa5cf6b0f,0x392715bb,0xd3e03565,
-        0xfab5e131,0x097b00ba },
-      { 0x565f69e1,0xaa66c8e9,0xb5be5199,0x77e8f75a,0xda4fd984,0x6033ba11,
-        0xafdbcc9e,0xf95c747b } },
-    /* 77 */
-    { { 0xbebae45e,0x558f01d3,0xc4bc6955,0xa8ebe9f0,0xdbc64fc6,0xaeb705b1,
-        0x566ed837,0x3512601e },
-      { 0xfa1161cd,0x9336f1e1,0x4c65ef87,0x328ab8d5,0x724f21e5,0x4757eee2,
-        0x6068ab6b,0x0ef97123 } },
-    /* 78 */
-    { { 0x54ca4226,0x02598cf7,0xf8642c8e,0x5eede138,0x468e1790,0x48963f74,
-        0x3b4fbc95,0xfc16d933 },
-      { 0xe7c800ca,0xbe96fb31,0x2678adaa,0x13806331,0x6ff3e8b5,0x3d624497,
-        0xb95d7a17,0x14ca4af1 } },
-    /* 79 */
-    { { 0xbd2f81d5,0x7a4771ba,0x01f7d196,0x1a5f9d69,0xcad9c907,0xd898bef7,
-        0xf59c231d,0x4057b063 },
-      { 0x89c05c0a,0xbffd82fe,0x1dc0df85,0xe4911c6f,0xa35a16db,0x3befccae,
-        0xf1330b13,0x1c3b5d64 } },
-    /* 80 */
-    { { 0x80ec21fe,0x5fe14bfe,0xc255be82,0xf6ce116a,0x2f4a5d67,0x98bc5a07,
-        0xdb7e63af,0xfad27148 },
-      { 0x29ab05b3,0x90c0b6ac,0x4e251ae6,0x37a9a83c,0xc2aade7d,0x0a7dc875,
-        0x9f0e1a84,0x77387de3 } },
-    /* 81 */
-    { { 0xa56c0dd7,0x1e9ecc49,0x46086c74,0xa5cffcd8,0xf505aece,0x8f7a1408,
-        0xbef0c47e,0xb37b85c0 },
-      { 0xcc0e6a8f,0x3596b6e4,0x6b388f23,0xfd6d4bbf,0xc39cef4e,0xaba453fa,
-        0xf9f628d5,0x9c135ac8 } },
-    /* 82 */
-    { { 0x84e35743,0x32aa3202,0x85a3cdef,0x320d6ab1,0x1df19819,0xb821b176,
-        0xc433851f,0x5721361f },
-      { 0x71fc9168,0x1f0db36a,0x5e5c403c,0x5f98ba73,0x37bcd8f5,0xf64ca87e,
-        0xe6bb11bd,0xdcbac3c9 } },
-    /* 83 */
-    { { 0x4518cbe2,0xf01d9968,0x9c9eb04e,0xd242fc18,0xe47feebf,0x727663c7,
-        0x2d626862,0xb8c1c89e },
-      { 0xc8e1d569,0x51a58bdd,0xb7d88cd0,0x563809c8,0xf11f31eb,0x26c27fd9,
-        0x2f9422d4,0x5d23bbda } },
-    /* 84 */
-    { { 0x95c8f8be,0x0a1c7294,0x3bf362bf,0x2961c480,0xdf63d4ac,0x9e418403,
-        0x91ece900,0xc109f9cb },
-      { 0x58945705,0xc2d095d0,0xddeb85c0,0xb9083d96,0x7a40449b,0x84692b8d,
-        0x2eee1ee1,0x9bc3344f } },
-    /* 85 */
-    { { 0x42913074,0x0d5ae356,0x48a542b1,0x55491b27,0xb310732a,0x469ca665,
-        0x5f1a4cc1,0x29591d52 },
-      { 0xb84f983f,0xe76f5b6b,0x9f5f84e1,0xbe7eef41,0x80baa189,0x1200d496,
-        0x18ef332c,0x6376551f } },
-    /* 86 */
-    { { 0x562976cc,0xbda5f14e,0x0ef12c38,0x22bca3e6,0x6cca9852,0xbbfa3064,
-        0x08e2987a,0xbdb79dc8 },
-      { 0xcb06a772,0xfd2cb5c9,0xfe536dce,0x38f475aa,0x7c2b5db8,0xc2a3e022,
-        0xadd3c14a,0x8ee86001 } },
-    /* 87 */
-    { { 0xa4ade873,0xcbe96981,0xc4fba48c,0x7ee9aa4d,0x5a054ba5,0x2cee2899,
-        0x6f77aa4b,0x92e51d7a },
-      { 0x7190a34d,0x948bafa8,0xf6bd1ed1,0xd698f75b,0x0caf1144,0xd00ee6e3,
-        0x0a56aaaa,0x5182f86f } },
-    /* 88 */
-    { { 0x7a4cc99c,0xfba6212c,0x3e6d9ca1,0xff609b68,0x5ac98c5a,0x5dbb27cb,
-        0x4073a6f2,0x91dcab5d },
-      { 0x5f575a70,0x01b6cc3d,0x6f8d87fa,0x0cb36139,0x89981736,0x165d4e8c,
-        0x97974f2b,0x17a0cedb } },
-    /* 89 */
-    { { 0x076c8d3a,0x38861e2a,0x210f924b,0x701aad39,0x13a835d9,0x94d0eae4,
-        0x7f4cdf41,0x2e8ce36c },
-      { 0x037a862b,0x91273dab,0x60e4c8fa,0x01ba9bb7,0x33baf2dd,0xf9645388,
-        0x34f668f3,0xf4ccc6cb } },
-    /* 90 */
-    { { 0xf1f79687,0x44ef525c,0x92efa815,0x7c595495,0xa5c78d29,0xe1231741,
-        0x9a0df3c9,0xac0db488 },
-      { 0xdf01747f,0x86bfc711,0xef17df13,0x592b9358,0x5ccb6bb5,0xe5880e4f,
-        0x94c974a2,0x95a64a61 } },
-    /* 91 */
-    { { 0xc15a4c93,0x72c1efda,0x82585141,0x40269b73,0x16cb0bad,0x6a8dfb1c,
-        0x29210677,0x231e54ba },
-      { 0x8ae6d2dc,0xa70df917,0x39112918,0x4d6aa63f,0x5e5b7223,0xf627726b,
-        0xd8a731e1,0xab0be032 } },
-    /* 92 */
-    { { 0x8d131f2d,0x097ad0e9,0x3b04f101,0x637f09e3,0xd5e9a748,0x1ac86196,
-        0x2cf6a679,0xf1bcc880 },
-      { 0xe8daacb4,0x25c69140,0x60f65009,0x3c4e4055,0x477937a6,0x591cc8fc,
-        0x5aebb271,0x85169469 } },
-    /* 93 */
-    { { 0xf1dcf593,0xde35c143,0xb018be3b,0x78202b29,0x9bdd9d3d,0xe9cdadc2,
-        0xdaad55d8,0x8f67d9d2 },
-      { 0x7481ea5f,0x84111656,0xe34c590c,0xe7d2dde9,0x05053fa8,0xffdd43f4,
-        0xc0728b5d,0xf84572b9 } },
-    /* 94 */
-    { { 0x97af71c9,0x5e1a7a71,0x7a736565,0xa1449444,0x0e1d5063,0xa1b4ae07,
-        0x616b2c19,0xedee2710 },
-      { 0x11734121,0xb2f034f5,0x4a25e9f0,0x1cac6e55,0xa40c2ecf,0x8dc148f3,
-        0x44ebd7f4,0x9fd27e9b } },
-    /* 95 */
-    { { 0xf6e2cb16,0x3cc7658a,0xfe5919b6,0xe3eb7d2c,0x168d5583,0x5a8c5816,
-        0x958ff387,0xa40c2fb6 },
-      { 0xfedcc158,0x8c9ec560,0x55f23056,0x7ad804c6,0x9a307e12,0xd9396704,
-        0x7dc6decf,0x99bc9bb8 } },
-    /* 96 */
-    { { 0x927dafc6,0x84a9521d,0x5c09cd19,0x52c1fb69,0xf9366dde,0x9d9581a0,
-        0xa16d7e64,0x9abe210b },
-      { 0x48915220,0x480af84a,0x4dd816c6,0xfa73176a,0x1681ca5a,0xc7d53987,
-        0x87f344b0,0x7881c257 } },
-    /* 97 */
-    { { 0xe0bcf3ff,0x93399b51,0x127f74f6,0x0d02cbc5,0xdd01d968,0x8fb465a2,
-        0xa30e8940,0x15e6e319 },
-      { 0x3e0e05f4,0x646d6e0d,0x43588404,0xfad7bddc,0xc4f850d3,0xbe61c7d1,
-        0x191172ce,0x0e55facf } },
-    /* 98 */
-    { { 0xf8787564,0x7e9d9806,0x31e85ce6,0x1a331721,0xb819e8d6,0x6b0158ca,
-        0x6fe96577,0xd73d0976 },
-      { 0x1eb7206e,0x42483425,0xc618bb42,0xa519290f,0x5e30a520,0x5dcbb859,
-        0x8f15a50b,0x9250a374 } },
-    /* 99 */
-    { { 0xbe577410,0xcaff08f8,0x5077a8c6,0xfd408a03,0xec0a63a4,0xf1f63289,
-        0xc1cc8c0b,0x77414082 },
-      { 0xeb0991cd,0x05a40fa6,0x49fdc296,0xc1ca0866,0xb324fd40,0x3a68a3c7,
-        0x12eb20b9,0x8cb04f4d } },
-    /* 100 */
-    { { 0x6906171c,0xb1c2d055,0xb0240c3f,0x9073e9cd,0xd8906841,0xdb8e6b4f,
-        0x47123b51,0xe4e429ef },
-      { 0x38ec36f4,0x0b8dd53c,0xff4b6a27,0xf9d2dc01,0x879a9a48,0x5d066e07,
-        0x3c6e6552,0x37bca2ff } },
-    /* 101 */
-    { { 0xdf562470,0x4cd2e3c7,0xc0964ac9,0x44f272a2,0x80c793be,0x7c6d5df9,
-        0x3002b22a,0x59913edc },
-      { 0x5750592a,0x7a139a83,0xe783de02,0x99e01d80,0xea05d64f,0xcf8c0375,
-        0xb013e226,0x43786e4a } },
-    /* 102 */
-    { { 0x9e56b5a6,0xff32b0ed,0xd9fc68f9,0x0750d9a6,0x597846a7,0xec15e845,
-        0xb7e79e7a,0x8638ca98 },
-      { 0x0afc24b2,0x2f5ae096,0x4dace8f2,0x05398eaf,0xaecba78f,0x3b765dd0,
-        0x7b3aa6f0,0x1ecdd36a } },
-    /* 103 */
-    { { 0x6c5ff2f3,0x5d3acd62,0x2873a978,0xa2d516c0,0xd2110d54,0xad94c9fa,
-        0xd459f32d,0xd85d0f85 },
-      { 0x10b11da3,0x9f700b8d,0xa78318c4,0xd2c22c30,0x9208decd,0x556988f4,
-        0xb4ed3c62,0xa04f19c3 } },
-    /* 104 */
-    { { 0xed7f93bd,0x087924c8,0x392f51f6,0xcb64ac5d,0x821b71af,0x7cae330a,
-        0x5c0950b0,0x92b2eeea },
-      { 0x85b6e235,0x85ac4c94,0x2936c0f0,0xab2ca4a9,0xe0508891,0x80faa6b3,
-        0x5834276c,0x1ee78221 } },
-    /* 105 */
-    { { 0xe63e79f7,0xa60a2e00,0xf399d906,0xf590e7b2,0x6607c09d,0x9021054a,
-        0x57a6e150,0xf3f2ced8 },
-      { 0xf10d9b55,0x200510f3,0xd8642648,0x9d2fcfac,0xe8bd0e7c,0xe5631aa7,
-        0x3da3e210,0x0f56a454 } },
-    /* 106 */
-    { { 0x1043e0df,0x5b21bffa,0x9c007e6d,0x6c74b6cc,0xd4a8517a,0x1a656ec0,
-        0x1969e263,0xbd8f1741 },
-      { 0xbeb7494a,0x8a9bbb86,0x45f3b838,0x1567d46f,0xa4e5a79a,0xdf7a12a7,
-        0x30ccfa09,0x2d1a1c35 } },
-    /* 107 */
-    { { 0x506508da,0x192e3813,0xa1d795a7,0x336180c4,0x7a9944b3,0xcddb5949,
-        0xb91fba46,0xa107a65e },
-      { 0x0f94d639,0xe6d1d1c5,0x8a58b7d7,0x8b4af375,0xbd37ca1c,0x1a7c5584,
-        0xf87a9af2,0x183d760a } },
-    /* 108 */
-    { { 0x0dde59a4,0x29d69711,0x0e8bef87,0xf1ad8d07,0x4f2ebe78,0x229b4963,
-        0xc269d754,0x1d44179d },
-      { 0x8390d30e,0xb32dc0cf,0x0de8110c,0x0a3b2753,0x2bc0339a,0x31af1dc5,
-        0x9606d262,0x771f9cc2 } },
-    /* 109 */
-    { { 0x85040739,0x99993e77,0x8026a939,0x44539db9,0xf5f8fc26,0xcf40f6f2,
-        0x0362718e,0x64427a31 },
-      { 0x85428aa8,0x4f4f2d87,0xebfb49a8,0x7b7adc3f,0xf23d01ac,0x201b2c6d,
-        0x6ae90d6d,0x49d9b749 } },
-    /* 110 */
-    { { 0x435d1099,0xcc78d8bc,0x8e8d1a08,0x2adbcd4e,0x2cb68a41,0x02c2e2a0,
-        0x3f605445,0x9037d81b },
-      { 0x074c7b61,0x7cdbac27,0x57bfd72e,0xfe2031ab,0x596d5352,0x61ccec96,
-        0x7cc0639c,0x08c3de6a } },
-    /* 111 */
-    { { 0xf6d552ab,0x20fdd020,0x05cd81f1,0x56baff98,0x91351291,0x06fb7c3e,
-        0x45796b2f,0xc6909442 },
-      { 0x41231bd1,0x17b3ae9c,0x5cc58205,0x1eac6e87,0xf9d6a122,0x208837ab,
-        0xcafe3ac0,0x3fa3db02 } },
-    /* 112 */
-    { { 0x05058880,0xd75a3e65,0x643943f2,0x7da365ef,0xfab24925,0x4147861c,
-        0xfdb808ff,0xc5c4bdb0 },
-      { 0xb272b56b,0x73513e34,0x11b9043a,0xc8327e95,0xf8844969,0xfd8ce37d,
-        0x46c2b6b5,0x2d56db94 } },
-    /* 113 */
-    { { 0xff46ac6b,0x2461782f,0x07a2e425,0xd19f7926,0x09a48de1,0xfafea3c4,
-        0xe503ba42,0x0f56bd9d },
-      { 0x345cda49,0x137d4ed1,0x816f299d,0x821158fc,0xaeb43402,0xe7c6a54a,
-        0x1173b5f1,0x4003bb9d } },
-    /* 114 */
-    { { 0xa0803387,0x3b8e8189,0x39cbd404,0xece115f5,0xd2877f21,0x4297208d,
-        0xa07f2f9e,0x53765522 },
-      { 0xa8a4182d,0xa4980a21,0x3219df79,0xa2bbd07a,0x1a19a2d4,0x674d0a2e,
-        0x6c5d4549,0x7a056f58 } },
-    /* 115 */
-    { { 0x9d8a2a47,0x646b2558,0xc3df2773,0x5b582948,0xabf0d539,0x51ec000e,
-        0x7a1a2675,0x77d482f1 },
-      { 0x87853948,0xb8a1bd95,0x6cfbffee,0xa6f817bd,0x80681e47,0xab6ec057,
-        0x2b38b0e4,0x4115012b } },
-    /* 116 */
-    { { 0x6de28ced,0x3c73f0f4,0x9b13ec47,0x1d5da760,0x6e5c6392,0x61b8ce9e,
-        0xfbea0946,0xcdf04572 },
-      { 0x6c53c3b0,0x1cb3c58b,0x447b843c,0x97fe3c10,0x2cb9780e,0xfb2b8ae1,
-        0x97383109,0xee703dda } },
-    /* 117 */
-    { { 0xff57e43a,0x34515140,0xb1b811b8,0xd44660d3,0x8f42b986,0x2b3b5dff,
-        0xa162ce21,0x2a0ad89d },
-      { 0x6bc277ba,0x64e4a694,0xc141c276,0xc788c954,0xcabf6274,0x141aa64c,
-        0xac2b4659,0xd62d0b67 } },
-    /* 118 */
-    { { 0x2c054ac4,0x39c5d87b,0xf27df788,0x57005859,0xb18128d6,0xedf7cbf3,
-        0x991c2426,0xb39a23f2 },
-      { 0xf0b16ae5,0x95284a15,0xa136f51b,0x0c6a05b1,0xf2700783,0x1d63c137,
-        0xc0674cc5,0x04ed0092 } },
-    /* 119 */
-    { { 0x9ae90393,0x1f4185d1,0x4a3d64e6,0x3047b429,0x9854fc14,0xae0001a6,
-        0x0177c387,0xa0a91fc1 },
-      { 0xae2c831e,0xff0a3f01,0x2b727e16,0xbb76ae82,0x5a3075b4,0x8f12c8a1,
-        0x9ed20c41,0x084cf988 } },
-    /* 120 */
-    { { 0xfca6becf,0xd98509de,0x7dffb328,0x2fceae80,0x4778e8b9,0x5d8a15c4,
-        0x73abf77e,0xd57955b2 },
-      { 0x31b5d4f1,0x210da79e,0x3cfa7a1c,0xaa52f04b,0xdc27c20b,0xd4d12089,
-        0x02d141f1,0x8e14ea42 } },
-    /* 121 */
-    { { 0xf2897042,0xeed50345,0x43402c4a,0x8d05331f,0xc8bdfb21,0xc8d9c194,
-        0x2aa4d158,0x597e1a37 },
-      { 0xcf0bd68c,0x0327ec1a,0xab024945,0x6d4be0dc,0xc9fe3e84,0x5b9c8d7a,
-        0x199b4dea,0xca3f0236 } },
-    /* 122 */
-    { { 0x6170bd20,0x592a10b5,0x6d3f5de7,0x0ea897f1,0x44b2ade2,0xa3363ff1,
-        0x309c07e4,0xbde7fd7e },
-      { 0xb8f5432c,0x516bb6d2,0xe043444b,0x210dc1cb,0xf8f95b5a,0x3db01e6f,
-        0x0a7dd198,0xb623ad0e } },
-    /* 123 */
-    { { 0x60c7b65b,0xa75bd675,0x23a4a289,0xab8c5590,0xd7b26795,0xf8220fd0,
-        0x58ec137b,0xd6aa2e46 },
-      { 0x5138bb85,0x10abc00b,0xd833a95c,0x8c31d121,0x1702a32e,0xb24ff00b,
-        0x2dcc513a,0x111662e0 } },
-    /* 124 */
-    { { 0xefb42b87,0x78114015,0x1b6c4dff,0xbd9f5d70,0xa7d7c129,0x66ecccd7,
-        0x94b750f8,0xdb3ee1cb },
-      { 0xf34837cf,0xb26f3db0,0xb9578d4f,0xe7eed18b,0x7c56657d,0x5d2cdf93,
-        0x52206a59,0x886a6442 } },
-    /* 125 */
-    { { 0x65b569ea,0x3c234cfb,0xf72119c1,0x20011141,0xa15a619e,0x8badc85d,
-        0x018a17bc,0xa70cf4eb },
-      { 0x8c4a6a65,0x224f97ae,0x0134378f,0x36e5cf27,0x4f7e0960,0xbe3a609e,
-        0xd1747b77,0xaa4772ab } },
-    /* 126 */
-    { { 0x7aa60cc0,0x67676131,0x0368115f,0xc7916361,0xbbc1bb5a,0xded98bb4,
-        0x30faf974,0x611a6ddc },
-      { 0xc15ee47a,0x30e78cbc,0x4e0d96a5,0x2e896282,0x3dd9ed88,0x36f35adf,
-        0x16429c88,0x5cfffaf8 } },
-    /* 127 */
-    { { 0x9b7a99cd,0xc0d54cff,0x843c45a1,0x7bf3b99d,0x62c739e1,0x038a908f,
-        0x7dc1994c,0x6e5a6b23 },
-      { 0x0ba5db77,0xef8b454e,0xacf60d63,0xb7b8807f,0x76608378,0xe591c0c6,
-        0x242dabcc,0x481a238d } },
-    /* 128 */
-    { { 0x35d0b34a,0xe3417bc0,0x8327c0a7,0x440b386b,0xac0362d1,0x8fb7262d,
-        0xe0cdf943,0x2c41114c },
-      { 0xad95a0b1,0x2ba5cef1,0x67d54362,0xc09b37a8,0x01e486c9,0x26d6cdd2,
-        0x42ff9297,0x20477abf } },
-    /* 129 */
-    { { 0x18d65dbf,0x2f75173c,0x339edad8,0x77bf940e,0xdcf1001c,0x7022d26b,
-        0xc77396b6,0xac66409a },
-      { 0xc6261cc3,0x8b0bb36f,0x190e7e90,0x213f7bc9,0xa45e6c10,0x6541ceba,
-        0xcc122f85,0xce8e6975 } },
-    /* 130 */
-    { { 0xbc0a67d2,0x0f121b41,0x444d248a,0x62d4760a,0x659b4737,0x0e044f1d,
-        0x250bb4a8,0x08fde365 },
-      { 0x848bf287,0xaceec3da,0xd3369d6e,0xc2a62182,0x92449482,0x3582dfdc,
-        0x565d6cd7,0x2f7e2fd2 } },
-    /* 131 */
-    { { 0xc3770fa7,0xae4b92db,0x379043f9,0x095e8d5c,0x17761171,0x54f34e9d,
-        0x907702ae,0xc65be92e },
-      { 0xf6fd0a40,0x2758a303,0xbcce784b,0xe7d822e3,0x4f9767bf,0x7ae4f585,
-        0xd1193b3a,0x4bff8e47 } },
-    /* 132 */
-    { { 0x00ff1480,0xcd41d21f,0x0754db16,0x2ab8fb7d,0xbbe0f3ea,0xac81d2ef,
-        0x5772967d,0x3e4e4ae6 },
-      { 0x3c5303e6,0x7e18f36d,0x92262397,0x3bd9994b,0x1324c3c0,0x9ed70e26,
-        0x58ec6028,0x5388aefd } },
-    /* 133 */
-    { { 0x5e5d7713,0xad1317eb,0x75de49da,0x09b985ee,0xc74fb261,0x32f5bc4f,
-        0x4f75be0e,0x5cf908d1 },
-      { 0x8e657b12,0x76043510,0xb96ed9e6,0xbfd421a5,0x8970ccc2,0x0e29f51f,
-        0x60f00ce2,0xa698ba40 } },
-    /* 134 */
-    { { 0xef748fec,0x73db1686,0x7e9d2cf9,0xe6e755a2,0xce265eff,0x630b6544,
-        0x7aebad8d,0xb142ef8a },
-      { 0x17d5770a,0xad31af9f,0x2cb3412f,0x66af3b67,0xdf3359de,0x6bd60d1b,
-        0x58515075,0xd1896a96 } },
-    /* 135 */
-    { { 0x33c41c08,0xec5957ab,0x5468e2e1,0x87de94ac,0xac472f6c,0x18816b73,
-        0x7981da39,0x267b0e0b },
-      { 0x8e62b988,0x6e554e5d,0x116d21e7,0xd8ddc755,0x3d2a6f99,0x4610faf0,
-        0xa1119393,0xb54e287a } },
-    /* 136 */
-    { { 0x178a876b,0x0a0122b5,0x085104b4,0x51ff96ff,0x14f29f76,0x050b31ab,
-        0x5f87d4e6,0x84abb28b },
-      { 0x8270790a,0xd5ed439f,0x85e3f46b,0x2d6cb59d,0x6c1e2212,0x75f55c1b,
-        0x17655640,0xe5436f67 } },
-    /* 137 */
-    { { 0x2286e8d5,0x53f9025e,0x864453be,0x353c95b4,0xe408e3a0,0xd832f5bd,
-        0x5b9ce99e,0x0404f68b },
-      { 0xa781e8e5,0xcad33bde,0x163c2f5b,0x3cdf5018,0x0119caa3,0x57576960,
-        0x0ac1c701,0x3a4263df } },
-    /* 138 */
-    { { 0x9aeb596d,0xc2965ecc,0x023c92b4,0x01ea03e7,0x2e013961,0x4704b4b6,
-        0x905ea367,0x0ca8fd3f },
-      { 0x551b2b61,0x92523a42,0x390fcd06,0x1eb7a89c,0x0392a63e,0xe7f1d2be,
-        0x4ddb0c33,0x96dca264 } },
-    /* 139 */
-    { { 0x387510af,0x203bb43a,0xa9a36a01,0x846feaa8,0x2f950378,0xd23a5770,
-        0x3aad59dc,0x4363e212 },
-      { 0x40246a47,0xca43a1c7,0xe55dd24d,0xb362b8d2,0x5d8faf96,0xf9b08604,
-        0xd8bb98c4,0x840e115c } },
-    /* 140 */
-    { { 0x1023e8a7,0xf12205e2,0xd8dc7a0b,0xc808a8cd,0x163a5ddf,0xe292a272,
-        0x30ded6d4,0x5e0d6abd },
-      { 0x7cfc0f64,0x07a721c2,0x0e55ed88,0x42eec01d,0x1d1f9db2,0x26a7bef9,
-        0x2945a25a,0x7dea48f4 } },
-    /* 141 */
-    { { 0xe5060a81,0xabdf6f1c,0xf8f95615,0xe79f9c72,0x06ac268b,0xcfd36c54,
-        0xebfd16d1,0xabc2a2be },
-      { 0xd3e2eac7,0x8ac66f91,0xd2dd0466,0x6f10ba63,0x0282d31b,0x6790e377,
-        0x6c7eefc1,0x4ea35394 } },
-    /* 142 */
-    { { 0x5266309d,0xed8a2f8d,0x81945a3e,0x0a51c6c0,0x578c5dc1,0xcecaf45a,
-        0x1c94ffc3,0x3a76e689 },
-      { 0x7d7b0d0f,0x9aace8a4,0x8f584a5f,0x963ace96,0x4e697fbe,0x51a30c72,
-        0x465e6464,0x8212a10a } },
-    /* 143 */
-    { { 0xcfab8caa,0xef7c61c3,0x0e142390,0x18eb8e84,0x7e9733ca,0xcd1dff67,
-        0x599cb164,0xaa7cab71 },
-      { 0xbc837bd1,0x02fc9273,0xc36af5d7,0xc06407d0,0xf423da49,0x17621292,
-        0xfe0617c3,0x40e38073 } },
-    /* 144 */
-    { { 0xa7bf9b7c,0xf4f80824,0x3fbe30d0,0x365d2320,0x97cf9ce3,0xbfbe5320,
-        0xb3055526,0xe3604700 },
-      { 0x6cc6c2c7,0x4dcb9911,0xba4cbee6,0x72683708,0x637ad9ec,0xdcded434,
-        0xa3dee15f,0x6542d677 } },
-    /* 145 */
-    { { 0x7b6c377a,0x3f32b6d0,0x903448be,0x6cb03847,0x20da8af7,0xd6fdd3a8,
-        0x09bb6f21,0xa6534aee },
-      { 0x1035facf,0x30a1780d,0x9dcb47e6,0x35e55a33,0xc447f393,0x6ea50fe1,
-        0xdc9aef22,0xf3cb672f } },
-    /* 146 */
-    { { 0x3b55fd83,0xeb3719fe,0x875ddd10,0xe0d7a46c,0x05cea784,0x33ac9fa9,
-        0xaae870e7,0x7cafaa2e },
-      { 0x1d53b338,0x9b814d04,0xef87e6c6,0xe0acc0a0,0x11672b0f,0xfb93d108,
-        0xb9bd522e,0x0aab13c1 } },
-    /* 147 */
-    { { 0xd2681297,0xddcce278,0xb509546a,0xcb350eb1,0x7661aaf2,0x2dc43173,
-        0x847012e9,0x4b91a602 },
-      { 0x72f8ddcf,0xdcff1095,0x9a911af4,0x08ebf61e,0xc372430e,0x48f4360a,
-        0x72321cab,0x49534c53 } },
-    /* 148 */
-    { { 0xf07b7e9d,0x83df7d71,0x13cd516f,0xa478efa3,0x6c047ee3,0x78ef264b,
-        0xd65ac5ee,0xcaf46c4f },
-      { 0x92aa8266,0xa04d0c77,0x913684bb,0xedf45466,0xae4b16b0,0x56e65168,
-        0x04c6770f,0x14ce9e57 } },
-    /* 149 */
-    { { 0x965e8f91,0x99445e3e,0xcb0f2492,0xd3aca1ba,0x90c8a0a0,0xd31cc70f,
-        0x3e4c9a71,0x1bb708a5 },
-      { 0x558bdd7a,0xd5ca9e69,0x018a26b1,0x734a0508,0x4c9cf1ec,0xb093aa71,
-        0xda300102,0xf9d126f2 } },
-    /* 150 */
-    { { 0xaff9563e,0x749bca7a,0xb49914a0,0xdd077afe,0xbf5f1671,0xe27a0311,
-        0x729ecc69,0x807afcb9 },
-      { 0xc9b08b77,0x7f8a9337,0x443c7e38,0x86c3a785,0x476fd8ba,0x85fafa59,
-        0x6568cd8c,0x751adcd1 } },
-    /* 151 */
-    { { 0x10715c0d,0x8aea38b4,0x8f7697f7,0xd113ea71,0x93fbf06d,0x665eab14,
-        0x2537743f,0x29ec4468 },
-      { 0xb50bebbc,0x3d94719c,0xe4505422,0x399ee5bf,0x8d2dedb1,0x90cd5b3a,
-        0x92a4077d,0xff9370e3 } },
-    /* 152 */
-    { { 0xc6b75b65,0x59a2d69b,0x266651c5,0x4188f8d5,0x3de9d7d2,0x28a9f33e,
-        0xa2a9d01a,0x9776478b },
-      { 0x929af2c7,0x8852622d,0x4e690923,0x334f5d6d,0xa89a51e9,0xce6cc7e5,
-        0xac2f82fa,0x74a6313f } },
-    /* 153 */
-    { { 0xb75f079c,0xb2f4dfdd,0x18e36fbb,0x85b07c95,0xe7cd36dd,0x1b6cfcf0,
-        0x0ff4863d,0xab75be15 },
-      { 0x173fc9b7,0x81b367c0,0xd2594fd0,0xb90a7420,0xc4091236,0x15fdbf03,
-        0x0b4459f6,0x4ebeac2e } },
-    /* 154 */
-    { { 0x5c9f2c53,0xeb6c5fe7,0x8eae9411,0xd2522011,0xf95ac5d8,0xc8887633,
-        0x2c1baffc,0xdf99887b },
-      { 0x850aaecb,0xbb78eed2,0x01d6a272,0x9d49181b,0xb1cdbcac,0x978dd511,
-        0x779f4058,0x27b040a7 } },
-    /* 155 */
-    { { 0xf73b2eb2,0x90405db7,0x8e1b2118,0xe0df8508,0x5962327e,0x501b7152,
-        0xe4cfa3f5,0xb393dd37 },
-      { 0x3fd75165,0xa1230e7b,0xbcd33554,0xd66344c2,0x0f7b5022,0x6c36f1be,
-        0xd0463419,0x09588c12 } },
-    /* 156 */
-    { { 0x02601c3b,0xe086093f,0xcf5c335f,0xfb0252f8,0x894aff28,0x955cf280,
-        0xdb9f648b,0x81c879a9 },
-      { 0xc6f56c51,0x040e687c,0x3f17618c,0xfed47169,0x9059353b,0x44f88a41,
-        0x5fc11bc4,0xfa0d48f5 } },
-    /* 157 */
-    { { 0xe1608e4d,0xbc6e1c9d,0x3582822c,0x010dda11,0x157ec2d7,0xf6b7ddc1,
-        0xb6a367d6,0x8ea0e156 },
-      { 0x2383b3b4,0xa354e02f,0x3f01f53c,0x69966b94,0x2de03ca5,0x4ff6632b,
-        0xfa00b5ac,0x3f5ab924 } },
-    /* 158 */
-    { { 0x59739efb,0x337bb0d9,0xe7ebec0d,0xc751b0f4,0x411a67d1,0x2da52dd6,
-        0x2b74256e,0x8bc76887 },
-      { 0x82d3d253,0xa5be3b72,0xf58d779f,0xa9f679a1,0xe16767bb,0xa1cac168,
-        0x60fcf34f,0xb386f190 } },
-    /* 159 */
-    { { 0x2fedcfc2,0x31f3c135,0x62f8af0d,0x5396bf62,0xe57288c2,0x9a02b4ea,
-        0x1b069c4d,0x4cb460f7 },
-      { 0x5b8095ea,0xae67b4d3,0x6fc07603,0x92bbf859,0xb614a165,0xe1475f66,
-        0x95ef5223,0x52c0d508 } },
-    /* 160 */
-    { { 0x15339848,0x231c210e,0x70778c8d,0xe87a28e8,0x6956e170,0x9d1de661,
-        0x2bb09c0b,0x4ac3c938 },
-      { 0x6998987d,0x19be0551,0xae09f4d6,0x8b2376c4,0x1a3f933d,0x1de0b765,
-        0xe39705f4,0x380d94c7 } },
-    /* 161 */
-    { { 0x81542e75,0x01a355aa,0xee01b9b7,0x96c724a1,0x624d7087,0x6b3a2977,
-        0xde2637af,0x2ce3e171 },
-      { 0xf5d5bc1a,0xcfefeb49,0x2777e2b5,0xa655607e,0x9513756c,0x4feaac2f,
-        0x0b624e4d,0x2e6cd852 } },
-    /* 162 */
-    { { 0x8c31c31d,0x3685954b,0x5bf21a0c,0x68533d00,0x75c79ec9,0x0bd7626e,
-        0x42c69d54,0xca177547 },
-      { 0xf6d2dbb2,0xcc6edaff,0x174a9d18,0xfd0d8cbd,0xaa4578e8,0x875e8793,
-        0x9cab2ce6,0xa976a713 } },
-    /* 163 */
-    { { 0x93fb353d,0x0a651f1b,0x57fcfa72,0xd75cab8b,0x31b15281,0xaa88cfa7,
-        0x0a1f4999,0x8720a717 },
-      { 0x693e1b90,0x8c3e8d37,0x16f6dfc3,0xd345dc0b,0xb52a8742,0x8ea8d00a,
-        0xc769893c,0x9719ef29 } },
-    /* 164 */
-    { { 0x58e35909,0x820eed8d,0x33ddc116,0x9366d8dc,0x6e205026,0xd7f999d0,
-        0xe15704c1,0xa5072976 },
-      { 0xc4e70b2e,0x002a37ea,0x6890aa8a,0x84dcf657,0x645b2a5c,0xcd71bf18,
-        0xf7b77725,0x99389c9d } },
-    /* 165 */
-    { { 0x7ada7a4b,0x238c08f2,0xfd389366,0x3abe9d03,0x766f512c,0x6b672e89,
-        0x202c82e4,0xa88806aa },
-      { 0xd380184e,0x6602044a,0x126a8b85,0xa8cb78c4,0xad844f17,0x79d670c0,
-        0x4738dcfe,0x0043bffb } },
-    /* 166 */
-    { { 0x36d5192e,0x8d59b5dc,0x4590b2af,0xacf885d3,0x11601781,0x83566d0a,
-        0xba6c4866,0x52f3ef01 },
-      { 0x0edcb64d,0x3986732a,0x8068379f,0x0a482c23,0x7040f309,0x16cbe5fa,
-        0x9ef27e75,0x3296bd89 } },
-    /* 167 */
-    { { 0x454d81d7,0x476aba89,0x51eb9b3c,0x9eade7ef,0x81c57986,0x619a21cd,
-        0xaee571e9,0x3b90febf },
-      { 0x5496f7cb,0x9393023e,0x7fb51bc4,0x55be41d8,0x99beb5ce,0x03f1dd48,
-        0x9f810b18,0x6e88069d } },
-    /* 168 */
-    { { 0xb43ea1db,0xce37ab11,0x5259d292,0x0a7ff1a9,0x8f84f186,0x851b0221,
-        0xdefaad13,0xa7222bea },
-      { 0x2b0a9144,0xa2ac78ec,0xf2fa59c5,0x5a024051,0x6147ce38,0x91d1eca5,
-        0xbc2ac690,0xbe94d523 } },
-    /* 169 */
-    { { 0x0b226ce7,0x72f4945e,0x967e8b70,0xb8afd747,0x85a6c63e,0xedea46f1,
-        0x9be8c766,0x7782defe },
-      { 0x3db38626,0x760d2aa4,0x76f67ad1,0x460ae787,0x54499cdb,0x341b86fc,
-        0xa2892e4b,0x03838567 } },
-    /* 170 */
-    { { 0x79ec1a0f,0x2d8daefd,0xceb39c97,0x3bbcd6fd,0x58f61a95,0xf5575ffc,
-        0xadf7b420,0xdbd986c4 },
-      { 0x15f39eb7,0x81aa8814,0xb98d976c,0x6ee2fcf5,0xcf2f717d,0x5465475d,
-        0x6860bbd0,0x8e24d3c4 } },
-    /* 171 */
-    { { 0x9a587390,0x749d8e54,0x0cbec588,0x12bb194f,0xb25983c6,0x46e07da4,
-        0x407bafc8,0x541a99c4 },
-      { 0x624c8842,0xdb241692,0xd86c05ff,0x6044c12a,0x4f7fcf62,0xc59d14b4,
-        0xf57d35d1,0xc0092c49 } },
-    /* 172 */
-    { { 0xdf2e61ef,0xd3cc75c3,0x2e1b35ca,0x7e8841c8,0x909f29f4,0xc62d30d1,
-        0x7286944d,0x75e40634 },
-      { 0xbbc237d0,0xe7d41fc5,0xec4f01c9,0xc9537bf0,0x282bd534,0x91c51a16,
-        0xc7848586,0x5b7cb658 } },
-    /* 173 */
-    { { 0x8a28ead1,0x964a7084,0xfd3b47f6,0x802dc508,0x767e5b39,0x9ae4bfd1,
-        0x8df097a1,0x7ae13eba },
-      { 0xeadd384e,0xfd216ef8,0xb6b2ff06,0x0361a2d9,0x4bcdb5f3,0x204b9878,
-        0xe2a8e3fd,0x787d8074 } },
-    /* 174 */
-    { { 0x757fbb1c,0xc5e25d6b,0xca201deb,0xe47bddb2,0x6d2233ff,0x4a55e9a3,
-        0x9ef28484,0x5c222819 },
-      { 0x88315250,0x773d4a85,0x827097c1,0x21b21a2b,0xdef5d33f,0xab7c4ea1,
-        0xbaf0f2b0,0xe45d37ab } },
-    /* 175 */
-    { { 0x28511c8a,0xd2df1e34,0xbdca6cd3,0xebb229c8,0x627c39a7,0x578a71a7,
-        0x84dfb9d3,0xed7bc122 },
-      { 0x93dea561,0xcf22a6df,0xd48f0ed1,0x5443f18d,0x5bad23e8,0xd8b86140,
-        0x45ca6d27,0xaac97cc9 } },
-    /* 176 */
-    { { 0xa16bd00a,0xeb54ea74,0xf5c0bcc1,0xd839e9ad,0x1f9bfc06,0x092bb7f1,
-        0x1163dc4e,0x318f97b3 },
-      { 0xc30d7138,0xecc0c5be,0xabc30220,0x44e8df23,0xb0223606,0x2bb7972f,
-        0x9a84ff4d,0xfa41faa1 } },
-    /* 177 */
-    { { 0xa6642269,0x4402d974,0x9bb783bd,0xc81814ce,0x7941e60b,0x398d38e4,
-        0x1d26e9e2,0x38bb6b2c },
-      { 0x6a577f87,0xc64e4a25,0xdc11fe1c,0x8b52d253,0x62280728,0xff336abf,
-        0xce7601a5,0x94dd0905 } },
-    /* 178 */
-    { { 0xde93f92a,0x156cf7dc,0x89b5f315,0xa01333cb,0xc995e750,0x02404df9,
-        0xd25c2ae9,0x92077867 },
-      { 0x0bf39d44,0xe2471e01,0x96bb53d7,0x5f2c9020,0x5c9c3d8f,0x4c44b7b3,
-        0xd29beb51,0x81e8428b } },
-    /* 179 */
-    { { 0xc477199f,0x6dd9c2ba,0x6b5ecdd9,0x8cb8eeee,0xee40fd0e,0x8af7db3f,
-        0xdbbfa4b1,0x1b94ab62 },
-      { 0xce47f143,0x44f0d8b3,0x63f46163,0x51e623fc,0xcc599383,0xf18f270f,
-        0x055590ee,0x06a38e28 } },
-    /* 180 */
-    { { 0xb3355b49,0x2e5b0139,0xb4ebf99b,0x20e26560,0xd269f3dc,0xc08ffa6b,
-        0x83d9d4f8,0xa7b36c20 },
-      { 0x1b3e8830,0x64d15c3a,0xa89f9c0b,0xd5fceae1,0xe2d16930,0xcfeee4a2,
-        0xa2822a20,0xbe54c6b4 } },
-    /* 181 */
-    { { 0x8d91167c,0xd6cdb3df,0xe7a6625e,0x517c3f79,0x346ac7f4,0x7105648f,
-        0xeae022bb,0xbf30a5ab },
-      { 0x93828a68,0x8e7785be,0x7f3ef036,0x5161c332,0x592146b2,0xe11b5feb,
-        0x2732d13a,0xd1c820de } },
-    /* 182 */
-    { { 0x9038b363,0x043e1347,0x6b05e519,0x58c11f54,0x6026cad1,0x4fe57abe,
-        0x68a18da3,0xb7d17bed },
-      { 0xe29c2559,0x44ca5891,0x5bfffd84,0x4f7a0376,0x74e46948,0x498de4af,
-        0x6412cc64,0x3997fd5e } },
-    /* 183 */
-    { { 0x8bd61507,0xf2074682,0x34a64d2a,0x29e132d5,0x8a8a15e3,0xffeddfb0,
-        0x3c6c13e8,0x0eeb8929 },
-      { 0xa7e259f8,0xe9b69a3e,0xd13e7e67,0xce1db7e6,0xad1fa685,0x277318f6,
-        0xc922b6ef,0x228916f8 } },
-    /* 184 */
-    { { 0x0a12ab5b,0x959ae25b,0x957bc136,0xcc11171f,0xd16e2b0c,0x8058429e,
-        0x6e93097e,0xec05ad1d },
-      { 0xac3f3708,0x157ba5be,0x30b59d77,0x31baf935,0x118234e5,0x47b55237,
-        0x7ff11b37,0x7d314156 } },
-    /* 185 */
-    { { 0xf6dfefab,0x7bd9c05c,0xdcb37707,0xbe2f2268,0x3a38bb95,0xe53ead97,
-        0x9bc1d7a3,0xe9ce66fc },
-      { 0x6f6a02a1,0x75aa1576,0x60e600ed,0x38c087df,0x68cdc1b9,0xf8947f34,
-        0x72280651,0xd9650b01 } },
-    /* 186 */
-    { { 0x5a057e60,0x504b4c4a,0x8def25e4,0xcbccc3be,0x17c1ccbd,0xa6353208,
-        0x804eb7a2,0x14d6699a },
-      { 0xdb1f411a,0x2c8a8415,0xf80d769c,0x09fbaf0b,0x1c2f77ad,0xb4deef90,
-        0x0d43598a,0x6f4c6841 } },
-    /* 187 */
-    { { 0x96c24a96,0x8726df4e,0xfcbd99a3,0x534dbc85,0x8b2ae30a,0x3c466ef2,
-        0x61189abb,0x4c4350fd },
-      { 0xf855b8da,0x2967f716,0x463c38a1,0x41a42394,0xeae93343,0xc37e1413,
-        0x5a3118b5,0xa726d242 } },
-    /* 188 */
-    { { 0x948c1086,0xdae6b3ee,0xcbd3a2e1,0xf1de503d,0x03d022f3,0x3f35ed3f,
-        0xcc6cf392,0x13639e82 },
-      { 0xcdafaa86,0x9ac938fb,0x2654a258,0xf45bc5fb,0x45051329,0x1963b26e,
-        0xc1a335a3,0xca9365e1 } },
-    /* 189 */
-    { { 0x4c3b2d20,0x3615ac75,0x904e241b,0x742a5417,0xcc9d071d,0xb08521c4,
-        0x970b72a5,0x9ce29c34 },
-      { 0x6d3e0ad6,0x8cc81f73,0xf2f8434c,0x8060da9e,0x6ce862d9,0x35ed1d1a,
-        0xab42af98,0x48c4abd7 } },
-    /* 190 */
-    { { 0x40c7485a,0xd221b0cc,0xe5274dbf,0xead455bb,0x9263d2e8,0x493c7698,
-        0xf67b33cb,0x78017c32 },
-      { 0x930cb5ee,0xb9d35769,0x0c408ed2,0xc0d14e94,0x272f1a4d,0xf8b7bf55,
-        0xde5c1c04,0x53cd0454 } },
-    /* 191 */
-    { { 0x5d28ccac,0xbcd585fa,0x005b746e,0x5f823e56,0xcd0123aa,0x7c79f0a1,
-        0xd3d7fa8f,0xeea465c1 },
-      { 0x0551803b,0x7810659f,0x7ce6af70,0x6c0b599f,0x29288e70,0x4195a770,
-        0x7ae69193,0x1b6e42a4 } },
-    /* 192 */
-    { { 0xf67d04c3,0x2e80937c,0x89eeb811,0x1e312be2,0x92594d60,0x56b5d887,
-        0x187fbd3d,0x0224da14 },
-      { 0x0c5fe36f,0x87abb863,0x4ef51f5f,0x580f3c60,0xb3b429ec,0x964fb1bf,
-        0x42bfff33,0x60838ef0 } },
-    /* 193 */
-    { { 0x7e0bbe99,0x432cb2f2,0x04aa39ee,0x7bda44f3,0x9fa93903,0x5f497c7a,
-        0x2d331643,0x636eb202 },
-      { 0x93ae00aa,0xfcfd0e61,0x31ae6d2f,0x875a00fe,0x9f93901c,0xf43658a2,
-        0x39218bac,0x8844eeb6 } },
-    /* 194 */
-    { { 0x6b3bae58,0x114171d2,0x17e39f3e,0x7db3df71,0x81a8eada,0xcd37bc7f,
-        0x51fb789e,0x27ba83dc },
-      { 0xfbf54de5,0xa7df439f,0xb5fe1a71,0x7277030b,0xdb297a48,0x42ee8e35,
-        0x87f3a4ab,0xadb62d34 } },
-    /* 195 */
-    { { 0xa175df2a,0x9b1168a2,0x618c32e9,0x082aa04f,0x146b0916,0xc9e4f2e7,
-        0x75e7c8b2,0xb990fd76 },
-      { 0x4df37313,0x0829d96b,0xd0b40789,0x1c205579,0x78087711,0x66c9ae4a,
-        0x4d10d18d,0x81707ef9 } },
-    /* 196 */
-    { { 0x03d6ff96,0x97d7cab2,0x0d843360,0x5b851bfc,0xd042db4b,0x268823c4,
-        0xd5a8aa5c,0x3792daea },
-      { 0x941afa0b,0x52818865,0x42d83671,0xf3e9e741,0x5be4e0a7,0x17c82527,
-        0x94b001ba,0x5abd635e } },
-    /* 197 */
-    { { 0x0ac4927c,0x727fa84e,0xa7c8cf23,0xe3886035,0x4adca0df,0xa4bcd5ea,
-        0x846ab610,0x5995bf21 },
-      { 0x829dfa33,0xe90f860b,0x958fc18b,0xcaafe2ae,0x78630366,0x9b3baf44,
-        0xd483411e,0x44c32ca2 } },
-    /* 198 */
-    { { 0xe40ed80c,0xa74a97f1,0x31d2ca82,0x5f938cb1,0x7c2d6ad9,0x53f2124b,
-        0x8082a54c,0x1f2162fb },
-      { 0x720b173e,0x7e467cc5,0x085f12f9,0x40e8a666,0x4c9d65dc,0x8cebc20e,
-        0xc3e907c9,0x8f1d402b } },
-    /* 199 */
-    { { 0xfbc4058a,0x4f592f9c,0x292f5670,0xb15e14b6,0xbc1d8c57,0xc55cfe37,
-        0x926edbf9,0xb1980f43 },
-      { 0x32c76b09,0x98c33e09,0x33b07f78,0x1df5279d,0x863bb461,0x6f08ead4,
-        0x37448e45,0x2828ad9b } },
-    /* 200 */
-    { { 0xc4cf4ac5,0x696722c4,0xdde64afb,0xf5ac1a3f,0xe0890832,0x0551baa2,
-        0x5a14b390,0x4973f127 },
-      { 0x322eac5d,0xe59d8335,0x0bd9b568,0x5e07eef5,0xa2588393,0xab36720f,
-        0xdb168ac7,0x6dac8ed0 } },
-    /* 201 */
-    { { 0xeda835ef,0xf7b545ae,0x1d10ed51,0x4aa113d2,0x13741b09,0x035a65e0,
-        0x20b9de4c,0x4b23ef59 },
-      { 0x3c4c7341,0xe82bb680,0x3f58bc37,0xd457706d,0xa51e3ee8,0x73527863,
-        0xddf49a4e,0x4dd71534 } },
-    /* 202 */
-    { { 0x95476cd9,0xbf944672,0xe31a725b,0x648d072f,0xfc4b67e0,0x1441c8b8,
-        0x2f4a4dbb,0xfd317000 },
-      { 0x8995d0e1,0x1cb43ff4,0x0ef729aa,0x76e695d1,0x41798982,0xe0d5f976,
-        0x9569f365,0x14fac58c } },
-    /* 203 */
-    { { 0xf312ae18,0xad9a0065,0xfcc93fc9,0x51958dc0,0x8a7d2846,0xd9a14240,
-        0x36abda50,0xed7c7651 },
-      { 0x25d4abbc,0x46270f1a,0xf1a113ea,0x9b5dd8f3,0x5b51952f,0xc609b075,
-        0x4d2e9f53,0xfefcb7f7 } },
-    /* 204 */
-    { { 0xba119185,0xbd09497a,0xaac45ba4,0xd54e8c30,0xaa521179,0x492479de,
-        0x87e0d80b,0x1801a57e },
-      { 0xfcafffb0,0x073d3f8d,0xae255240,0x6cf33c0b,0x5b5fdfbc,0x781d763b,
-        0x1ead1064,0x9f8fc11e } },
-    /* 205 */
-    { { 0x5e69544c,0x1583a171,0xf04b7813,0x0eaf8567,0x278a4c32,0x1e22a8fd,
-        0x3d3a69a9,0xa9d3809d },
-      { 0x59a2da3b,0x936c2c2c,0x1895c847,0x38ccbcf6,0x63d50869,0x5e65244e,
-        0xe1178ef7,0x3006b9ae } },
-    /* 206 */
-    { { 0xc9eead28,0x0bb1f2b0,0x89f4dfbc,0x7eef635d,0xb2ce8939,0x074757fd,
-        0x45f8f761,0x0ab85fd7 },
-      { 0x3e5b4549,0xecda7c93,0x97922f21,0x4be2bb5c,0xb43b8040,0x261a1274,
-        0x11e942c2,0xb122d675 } },
-    /* 207 */
-    { { 0x66a5ae7a,0x3be607be,0x76adcbe3,0x01e703fa,0x4eb6e5c5,0xaf904301,
-        0x097dbaec,0x9f599dc1 },
-      { 0x0ff250ed,0x6d75b718,0x349a20dc,0x8eb91574,0x10b227a3,0x425605a4,
-        0x8a294b78,0x7d5528e0 } },
-    /* 208 */
-    { { 0x20c26def,0xf0f58f66,0x582b2d1e,0x025585ea,0x01ce3881,0xfbe7d79b,
-        0x303f1730,0x28ccea01 },
-      { 0x79644ba5,0xd1dabcd1,0x06fff0b8,0x1fc643e8,0x66b3e17b,0xa60a76fc,
-        0xa1d013bf,0xc18baf48 } },
-    /* 209 */
-    { { 0x5dc4216d,0x34e638c8,0x206142ac,0x00c01067,0x95f5064a,0xd453a171,
-        0xb7a9596b,0x9def809d },
-      { 0x67ab8d2c,0x41e8642e,0x6237a2b6,0xb4240433,0x64c4218b,0x7d506a6d,
-        0x68808ce5,0x0357f8b0 } },
-    /* 210 */
-    { { 0x4cd2cc88,0x8e9dbe64,0xf0b8f39d,0xcc61c28d,0xcd30a0c8,0x4a309874,
-        0x1b489887,0xe4a01add },
-      { 0xf57cd8f9,0x2ed1eeac,0xbd594c48,0x1b767d3e,0x7bd2f787,0xa7295c71,
-        0xce10cc30,0x466d7d79 } },
-    /* 211 */
-    { { 0x9dada2c7,0x47d31892,0x8f9aa27d,0x4fa0a6c3,0x820a59e1,0x90e4fd28,
-        0x451ead1a,0xc672a522 },
-      { 0x5d86b655,0x30607cc8,0xf9ad4af1,0xf0235d3b,0x571172a6,0x99a08680,
-        0xf2a67513,0x5e3d64fa } },
-    /* 212 */
-    { { 0x9b3b4416,0xaa6410c7,0xeab26d99,0xcd8fcf85,0xdb656a74,0x5ebff74a,
-        0xeb8e42fc,0x6c8a7a95 },
-      { 0xb02a63bd,0x10c60ba7,0x8b8f0047,0x6b2f2303,0x312d90b0,0x8c6c3738,
-        0xad82ca91,0x348ae422 } },
-    /* 213 */
-    { { 0x5ccda2fb,0x7f474663,0x8e0726d2,0x22accaa1,0x492b1f20,0x85adf782,
-        0xd9ef2d2e,0xc1074de0 },
-      { 0xae9a65b3,0xfcf3ce44,0x05d7151b,0xfd71e4ac,0xce6a9788,0xd4711f50,
-        0xc9e54ffc,0xfbadfbdb } },
-    /* 214 */
-    { { 0x20a99363,0x1713f1cd,0x6cf22775,0xb915658f,0x24d359b2,0x968175cd,
-        0x83716fcd,0xb7f976b4 },
-      { 0x5d6dbf74,0x5758e24d,0x71c3af36,0x8d23bafd,0x0243dfe3,0x48f47760,
-        0xcafcc805,0xf4d41b2e } },
-    /* 215 */
-    { { 0xfdabd48d,0x51f1cf28,0x32c078a4,0xce81be36,0x117146e9,0x6ace2974,
-        0xe0160f10,0x180824ea },
-      { 0x66e58358,0x0387698b,0xce6ca358,0x63568752,0x5e41e6c5,0x82380e34,
-        0x83cf6d25,0x67e5f639 } },
-    /* 216 */
-    { { 0xcf4899ef,0xf89ccb8d,0x9ebb44c0,0x949015f0,0xb2598ec9,0x546f9276,
-        0x04c11fc6,0x9fef789a },
-      { 0x53d2a071,0x6d367ecf,0xa4519b09,0xb10e1a7f,0x611e2eef,0xca6b3fb0,
-        0xa99c4e20,0xbc80c181 } },
-    /* 217 */
-    { { 0xe5eb82e6,0x972536f8,0xf56cb920,0x1a484fc7,0x50b5da5e,0xc78e2171,
-        0x9f8cdf10,0x49270e62 },
-      { 0xea6b50ad,0x1a39b7bb,0xa2388ffc,0x9a0284c1,0x8107197b,0x5403eb17,
-        0x61372f7f,0xd2ee52f9 } },
-    /* 218 */
-    { { 0x88e0362a,0xd37cd285,0x8fa5d94d,0x442fa8a7,0xa434a526,0xaff836e5,
-        0xe5abb733,0xdfb478be },
-      { 0x673eede6,0xa91f1ce7,0x2b5b2f04,0xa5390ad4,0x5530da2f,0x5e66f7bf,
-        0x08df473a,0xd9a140b4 } },
-    /* 219 */
-    { { 0x6e8ea498,0x0e0221b5,0x3563ee09,0x62347829,0x335d2ade,0xe06b8391,
-        0x623f4b1a,0x760c058d },
-      { 0xc198aa79,0x0b89b58c,0xf07aba7f,0xf74890d2,0xfde2556a,0x4e204110,
-        0x8f190409,0x7141982d } },
-    /* 220 */
-    { { 0x4d4b0f45,0x6f0a0e33,0x392a94e1,0xd9280b38,0xb3c61d5e,0x3af324c6,
-        0x89d54e47,0x3af9d1ce },
-      { 0x20930371,0xfd8f7981,0x21c17097,0xeda2664c,0xdc42309b,0x0e9545dc,
-        0x73957dd6,0xb1f815c3 } },
-    /* 221 */
-    { { 0x89fec44a,0x84faa78e,0x3caa4caf,0xc8c2ae47,0xc1b6a624,0x691c807d,
-        0x1543f052,0xa41aed14 },
-      { 0x7d5ffe04,0x42435399,0x625b6e20,0x8bacb2df,0x87817775,0x85d660be,
-        0x86fb60ef,0xd6e9c1dd } },
-    /* 222 */
-    { { 0xc6853264,0x3aa2e97e,0xe2304a0b,0x771533b7,0xb8eae9be,0x1b912bb7,
-        0xae9bf8c2,0x9c9c6e10 },
-      { 0xe030b74c,0xa2309a59,0x6a631e90,0x4ed7494d,0xa49b79f2,0x89f44b23,
-        0x40fa61b6,0x566bd596 } },
-    /* 223 */
-    { { 0xc18061f3,0x066c0118,0x7c83fc70,0x190b25d3,0x27273245,0xf05fc8e0,
-        0xf525345e,0xcf2c7390 },
-      { 0x10eb30cf,0xa09bceb4,0x0d77703a,0xcfd2ebba,0x150ff255,0xe842c43a,
-        0x8aa20979,0x02f51755 } },
-    /* 224 */
-    { { 0xaddb7d07,0x396ef794,0x24455500,0x0b4fc742,0xc78aa3ce,0xfaff8eac,
-        0xe8d4d97d,0x14e9ada5 },
-      { 0x2f7079e2,0xdaa480a1,0xe4b0800e,0x45baa3cd,0x7838157d,0x01765e2d,
-        0x8e9d9ae8,0xa0ad4fab } },
-    /* 225 */
-    { { 0x4a653618,0x0bfb7621,0x31eaaa5f,0x1872813c,0x44949d5e,0x1553e737,
-        0x6e56ed1e,0xbcd530b8 },
-      { 0x32e9c47b,0x169be853,0xb50059ab,0xdc2776fe,0x192bfbb4,0xcdba9761,
-        0x6979341d,0x909283cf } },
-    /* 226 */
-    { { 0x76e81a13,0x67b00324,0x62171239,0x9bee1a99,0xd32e19d6,0x08ed361b,
-        0xace1549a,0x35eeb7c9 },
-      { 0x7e4e5bdc,0x1280ae5a,0xb6ceec6e,0x2dcd2cd3,0x6e266bc1,0x52e4224c,
-        0x448ae864,0x9a8b2cf4 } },
-    /* 227 */
-    { { 0x09d03b59,0xf6471bf2,0xb65af2ab,0xc90e62a3,0xebd5eec9,0xff7ff168,
-        0xd4491379,0x6bdb60f4 },
-      { 0x8a55bc30,0xdadafebc,0x10097fe0,0xc79ead16,0x4c1e3bdd,0x42e19741,
-        0x94ba08a9,0x01ec3cfd } },
-    /* 228 */
-    { { 0xdc9485c2,0xba6277eb,0x22fb10c7,0x48cc9a79,0x70a28d8a,0x4f61d60f,
-        0x475464f6,0xd1acb1c0 },
-      { 0x26f36612,0xd26902b1,0xe0618d8b,0x59c3a44e,0x308357ee,0x4df8a813,
-        0x405626c2,0x7dcd079d } },
-    /* 229 */
-    { { 0xf05a4b48,0x5ce7d4d3,0x37230772,0xadcd2952,0x812a915a,0xd18f7971,
-        0x377d19b8,0x0bf53589 },
-      { 0x6c68ea73,0x35ecd95a,0x823a584d,0xc7f3bbca,0xf473a723,0x9fb674c6,
-        0xe16686fc,0xd28be4d9 } },
-    /* 230 */
-    { { 0x38fa8e4b,0x5d2b9906,0x893fd8fc,0x559f186e,0x436fb6fc,0x3a6de2aa,
-        0x510f88ce,0xd76007aa },
-      { 0x523a4988,0x2d10aab6,0x74dd0273,0xb455cf44,0xa3407278,0x7f467082,
-        0xb303bb01,0xf2b52f68 } },
-    /* 231 */
-    { { 0x9835b4ca,0x0d57eafa,0xbb669cbc,0x2d2232fc,0xc6643198,0x8eeeb680,
-        0xcc5aed3a,0xd8dbe98e },
-      { 0xc5a02709,0xcba9be3f,0xf5ba1fa8,0x30be68e5,0xf10ea852,0xfebd43cd,
-        0xee559705,0xe01593a3 } },
-    /* 232 */
-    { { 0xea75a0a6,0xd3e5af50,0x57858033,0x512226ac,0xd0176406,0x6fe6d50f,
-        0xaeb8ef06,0xafec07b1 },
-      { 0x80bb0a31,0x7fb99567,0x37309aae,0x6f1af3cc,0x01abf389,0x9153a15a,
-        0x6e2dbfdd,0xa71b9354 } },
-    /* 233 */
-    { { 0x18f593d2,0xbf8e12e0,0xa078122b,0xd1a90428,0x0ba4f2ad,0x150505db,
-        0x628523d9,0x53a2005c },
-      { 0xe7f2b935,0x07c8b639,0xc182961a,0x2bff975a,0x7518ca2c,0x86bceea7,
-        0x3d588e3d,0xbf47d19b } },
-    /* 234 */
-    { { 0xdd7665d5,0x672967a7,0x2f2f4de5,0x4e303057,0x80d4903f,0x144005ae,
-        0x39c9a1b6,0x001c2c7f },
-      { 0x69efc6d6,0x143a8014,0x7bc7a724,0xc810bdaa,0xa78150a4,0x5f65670b,
-        0x86ffb99b,0xfdadf8e7 } },
-    /* 235 */
-    { { 0xffc00785,0xfd38cb88,0x3b48eb67,0x77fa7591,0xbf368fbc,0x0454d055,
-        0x5aa43c94,0x3a838e4d },
-      { 0x3e97bb9a,0x56166329,0x441d94d9,0x9eb93363,0x0adb2a83,0x515591a6,
-        0x873e1da3,0x3cdb8257 } },
-    /* 236 */
-    { { 0x7de77eab,0x137140a9,0x41648109,0xf7e1c50d,0xceb1d0df,0x762dcad2,
-        0xf1f57fba,0x5a60cc89 },
-      { 0x40d45673,0x80b36382,0x5913c655,0x1b82be19,0xdd64b741,0x057284b8,
-        0xdbfd8fc0,0x922ff56f } },
-    /* 237 */
-    { { 0xc9a129a1,0x1b265dee,0xcc284e04,0xa5b1ce57,0xcebfbe3c,0x04380c46,
-        0xf6c5cd62,0x72919a7d },
-      { 0x8fb90f9a,0x298f453a,0x88e4031b,0xd719c00b,0x796f1856,0xe32c0e77,
-        0x3624089a,0x5e791780 } },
-    /* 238 */
-    { { 0x7f63cdfb,0x5c16ec55,0xf1cae4fd,0x8e6a3571,0x560597ca,0xfce26bea,
-        0xe24c2fab,0x4e0a5371 },
-      { 0xa5765357,0x276a40d3,0x0d73a2b4,0x3c89af44,0x41d11a32,0xb8f370ae,
-        0xd56604ee,0xf5ff7818 } },
-    /* 239 */
-    { { 0x1a09df21,0xfbf3e3fe,0xe66e8e47,0x26d5d28e,0x29c89015,0x2096bd0a,
-        0x533f5e64,0xe41df0e9 },
-      { 0xb3ba9e3f,0x305fda40,0x2604d895,0xf2340ceb,0x7f0367c7,0x0866e192,
-        0xac4f155f,0x8edd7d6e } },
-    /* 240 */
-    { { 0x0bfc8ff3,0xc9a1dc0e,0xe936f42f,0x14efd82b,0xcca381ef,0x67016f7c,
-        0xed8aee96,0x1432c1ca },
-      { 0x70b23c26,0xec684829,0x0735b273,0xa64fe873,0xeaef0f5a,0xe389f6e5,
-        0x5ac8d2c6,0xcaef480b } },
-    /* 241 */
-    { { 0x75315922,0x5245c978,0x3063cca5,0xd8295171,0xb64ef2cb,0xf3ce60d0,
-        0x8efae236,0xd0ba177e },
-      { 0xb1b3af60,0x53a9ae8f,0x3d2da20e,0x1a796ae5,0xdf9eef28,0x01d63605,
-        0x1c54ae16,0xf31c957c } },
-    /* 242 */
-    { { 0x49cc4597,0xc0f58d52,0xbae0a028,0xdc5015b0,0x734a814a,0xefc5fc55,
-        0x96e17c3a,0x013404cb },
-      { 0xc9a824bf,0xb29e2585,0x001eaed7,0xd593185e,0x61ef68ac,0x8d6ee682,
-        0x91933e6c,0x6f377c4b } },
-    /* 243 */
-    { { 0xa8333fd2,0x9f93bad1,0x5a2a95b8,0xa8930202,0xeaf75ace,0x211e5037,
-        0xd2d09506,0x6dba3e4e },
-      { 0xd04399cd,0xa48ef98c,0xe6b73ade,0x1811c66e,0xc17ecaf3,0x72f60752,
-        0x3becf4a7,0xf13cf342 } },
-    /* 244 */
-    { { 0xa919e2eb,0xceeb9ec0,0xf62c0f68,0x83a9a195,0x7aba2299,0xcfba3bb6,
-        0x274bbad3,0xc83fa9a9 },
-      { 0x62fa1ce0,0x0d7d1b0b,0x3418efbf,0xe58b60f5,0x52706f04,0xbfa8ef9e,
-        0x5d702683,0xb49d70f4 } },
-    /* 245 */
-    { { 0xfad5513b,0x914c7510,0xb1751e2d,0x05f32eec,0xd9fb9d59,0x6d850418,
-        0x0c30f1cf,0x59cfadbb },
-      { 0x55cb7fd6,0xe167ac23,0x820426a3,0x249367b8,0x90a78864,0xeaeec58c,
-        0x354a4b67,0x5babf362 } },
-    /* 246 */
-    { { 0xee424865,0x37c981d1,0xf2e5577f,0x8b002878,0xb9e0c058,0x702970f1,
-        0x9026c8f0,0x6188c6a7 },
-      { 0xd0f244da,0x06f9a19b,0xfb080873,0x1ecced5c,0x9f213637,0x35470f9b,
-        0xdf50b9d9,0x993fe475 } },
-    /* 247 */
-    { { 0x9b2c3609,0x68e31cdf,0x2c46d4ea,0x84eb19c0,0x9a775101,0x7ac9ec1a,
-        0x4c80616b,0x81f76466 },
-      { 0x75fbe978,0x1d7c2a5a,0xf183b356,0x6743fed3,0x501dd2bf,0x838d1f04,
-        0x5fe9060d,0x564a812a } },
-    /* 248 */
-    { { 0xfa817d1d,0x7a5a64f4,0xbea82e0f,0x55f96844,0xcd57f9aa,0xb5ff5a0f,
-        0x00e51d6c,0x226bf3cf },
-      { 0x2f2833cf,0xd6d1a9f9,0x4f4f89a8,0x20a0a35a,0x8f3f7f77,0x11536c49,
-        0xff257836,0x68779f47 } },
-    /* 249 */
-    { { 0x73043d08,0x79b0c1c1,0x1fc020fa,0xa5446774,0x9a6d26d0,0xd3767e28,
-        0xeb092e0b,0x97bcb0d1 },
-      { 0xf32ed3c3,0x2ab6eaa8,0xb281bc48,0xc8a4f151,0xbfa178f3,0x4d1bf4f3,
-        0x0a784655,0xa872ffe8 } },
-    /* 250 */
-    { { 0xa32b2086,0xb1ab7935,0x8160f486,0xe1eb710e,0x3b6ae6be,0x9bd0cd91,
-        0xb732a36a,0x02812bfc },
-      { 0xcf605318,0xa63fd7ca,0xfdfd6d1d,0x646e5d50,0x2102d619,0xa1d68398,
-        0xfe5396af,0x07391cc9 } },
-    /* 251 */
-    { { 0x8b80d02b,0xc50157f0,0x62877f7f,0x6b8333d1,0x78d542ae,0x7aca1af8,
-        0x7e6d2a08,0x355d2adc },
-      { 0x287386e1,0xb41f335a,0xf8e43275,0xfd272a94,0xe79989ea,0x286ca2cd,
-        0x7c2a3a79,0x3dc2b1e3 } },
-    /* 252 */
-    { { 0x04581352,0xd689d21c,0x376782be,0x0a00c825,0x9fed701f,0x203bd590,
-        0x3ccd846b,0xc4786910 },
-      { 0x24c768ed,0x5dba7708,0x6841f657,0x72feea02,0x6accce0e,0x73313ed5,
-        0xd5bb4d32,0xccc42968 } },
-    /* 253 */
-    { { 0x3d7620b9,0x94e50de1,0x5992a56a,0xd89a5c8a,0x675487c9,0xdc007640,
-        0xaa4871cf,0xe147eb42 },
-      { 0xacf3ae46,0x274ab4ee,0x50350fbe,0xfd4936fb,0x48c840ea,0xdf2afe47,
-        0x080e96e3,0x239ac047 } },
-    /* 254 */
-    { { 0x2bfee8d4,0x481d1f35,0xfa7b0fec,0xce80b5cf,0x2ce9af3c,0x105c4c9e,
-        0xf5f7e59d,0xc55fa1a3 },
-      { 0x8257c227,0x3186f14e,0x342be00b,0xc5b1653f,0xaa904fb2,0x09afc998,
-        0xd4f4b699,0x094cd99c } },
-    /* 255 */
-    { { 0xd703beba,0x8a981c84,0x32ceb291,0x8631d150,0xe3bd49ec,0xa445f2c9,
-        0x42abad33,0xb90a30b6 },
-      { 0xb4a5abf9,0xb465404f,0x75db7603,0x004750c3,0xca35d89f,0x6f9a42cc,
-        0x1b7924f7,0x019f8b9a } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_8(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, km);
-
-            err = sp_256_ecc_mulmod_base_8(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 8 + 8 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8 + 8 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 8;
-
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_8(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_8(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_8(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_add_one_8(sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #1\n\t"
-        "ldr	r1, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r1, r1, r2\n\t"
-#else
-        "add	r1, r1, r2\n\t"
-#endif
-        "movs	r2, #0\n\t"
-        "str	r1, [%[a]]\n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #4]\n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #8]\n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #12]\n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #16]\n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #20]\n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #24]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #28]\n\t"
-        : [a] "+l" (a)
-        :
-        : "memory", "r1", "r2", "cc"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 8, buf, (int)sizeof(buf));
-            if (sp_256_cmp_8(k, p256_order2) <= 0) {
-                sp_256_add_one_8(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 8);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_8(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_8(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_8(point->x) || sp_256_iszero_8(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-    sp_digit k[8];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_8(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_8(ctx->point->x) ||
-                    sp_256_iszero_8(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_8(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_8(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 7; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, priv);
-        sp_256_point_from_ecc_point_8(point, pub);
-            err = sp_256_ecc_mulmod_8(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_8(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-    };
-    sp_digit k[8];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 8, priv);
-            sp_256_point_from_ecc_point_8(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_8(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #32\n\t"
-#else
-        "add	r7, r7, #32\n\t"
-#endif
-        "\n"
-    "L_sp_256_sub_in_place_8_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_256_sub_in_place_8_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #32\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_256_mul_d_8_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_256_mul_d_8_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_256_word_8_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_256_word_8_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[16], t2[9];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[7];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 8);
-    r1 = sp_256_cmp_8(&t1[8], d) >= 0;
-    sp_256_cond_sub_8(&t1[8], &t1[8], d, (sp_digit)0 - r1);
-    for (i = 7; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[8 + i] == div);
-        sp_digit hi = t1[8 + i] + mask;
-        r1 = div_256_word_8(hi, t1[8 + i - 1], div);
-        r1 |= mask;
-
-        sp_256_mul_d_8(t2, d, r1);
-        t1[8 + i] += sp_256_sub_in_place_8(&t1[i], t2);
-        t1[8 + i] -= t2[8];
-        sp_256_mask_8(t2, d, t1[8 + i]);
-        t1[8 + i] += sp_256_add_8(&t1[i], &t1[i], t2);
-        sp_256_mask_8(t2, d, t1[8 + i]);
-        t1[8 + i] += sp_256_add_8(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_256_cmp_8(t1, d) >= 0;
-    sp_256_cond_sub_8(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_256_div_8(a, m, NULL, r);
-    return ret;
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_256_mul_8(r, a, b);
-    sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word32 p256_order_minus_2[8] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU,0xffffffffU,0xffffffffU,
-    0x00000000U,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[4] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a)
-{
-    sp_256_sqr_8(r, a);
-    sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_256_mont_sqr_order_8(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_8(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_mont_inv_order_8_ctx {
-    int state;
-    int i;
-} sp_256_mont_inv_order_8_ctx;
-static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_mont_inv_order_8_ctx* ctx = (sp_256_mont_inv_order_8_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 8);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_8(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 8U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 8);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_8(t, t);
-        if ((p256_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 8U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 8;
-    sp_digit* t3 = td + 4 * 8;
-    int i;
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_8(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_8(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_8(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_8(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_8(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_8(t, t2, t3);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_8(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_8(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_8(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_8(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_8(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    sp_256_mont_sqr_order_8(t2, t2);
-    sp_256_mont_mul_order_8(t2, t2, a);
-    sp_256_mont_sqr_n_order_8(t2, t2, 5);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    for (i=121; i>=112; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_8(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_8(k, k, p256_norm_order);
-    err = sp_256_mod_8(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_8(k);
-
-        /* kInv = 1/k mod order */
-            sp_256_mont_inv_order_8(kInv, k, tmp);
-        sp_256_norm_8(kInv);
-
-        /* s = r * x + e */
-            sp_256_mul_8(x, x, r);
-        err = sp_256_mod_8(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_8(x);
-        carry = sp_256_add_8(s, e, x);
-        sp_256_cond_sub_8(s, s, p256_order, 0 - carry);
-        sp_256_norm_8(s);
-        c = sp_256_cmp_8(s, p256_order);
-        sp_256_cond_sub_8(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(s);
-
-        /* s = s * k^-1 mod order */
-            sp_256_mont_mul_order_8(s, s, kInv);
-        sp_256_norm_8(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 8);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 8;
-        k = e + 4 * 8;
-        r = e + 6 * 8;
-        tmp = e + 8 * 8;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_8(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 8, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_256_ecc_mulmod_base_8(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 8U);
-            sp_256_norm_8(r);
-            c = sp_256_cmp_8(r, p256_order);
-            sp_256_cond_sub_8(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_8(r);
-
-            if (!sp_256_iszero_8(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 8, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 8, hash, (int)hashLen);
-
-                err = sp_256_calc_s_8(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_8(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 8, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-        sp_256_mont_inv_order_8_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*8];
-    sp_digit x[2*8];
-    sp_digit k[2*8];
-    sp_digit r[2*8];
-    sp_digit tmp[3 * 2*8];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_8(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 8, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 8U);
-        sp_256_norm_8(ctx->r);
-        c = sp_256_cmp_8(ctx->r, p256_order);
-        sp_256_cond_sub_8(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 8, priv);
-        sp_256_from_bin(ctx->e, 8, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_8(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_8(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_8(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_8_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_8(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_8(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_8(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_256_norm_8(ctx->x);
-        carry = sp_256_add_8(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_8(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_8(ctx->s);
-        c = sp_256_cmp_8(ctx->s, p256_order);
-        sp_256_cond_sub_8(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_8(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_8(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_8(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 8U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #32\n\t"
-#else
-        "add	r6, r6, #32\n\t"
-#endif
-        "\n"
-    "L_sp_256_sub_8_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_256_sub_8_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Right shift a by 1 bit into r. (r = a >> 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "str	r2, [%[r], #24]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-static void sp_256_div2_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r7, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r7, r7, #31\n\t"
-#else
-        "lsl	r7, r7, #31\n\t"
-#endif
-        "beq	L_sp_256_div2_mod_8_no_add_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #31\n\t"
-#else
-        "lsr	r7, r7, #31\n\t"
-#endif
-        "ldr	r5, [%[m]]\n\t"
-        "ldr	r6, [%[m], #4]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "str	r3, [%[r]]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[m], #8]\n\t"
-        "ldr	r6, [%[m], #12]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "str	r3, [%[r], #8]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "ldr	r5, [%[m], #16]\n\t"
-        "ldr	r6, [%[m], #20]\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "str	r3, [%[r], #16]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "ldr	r5, [%[m], #24]\n\t"
-        "ldr	r6, [%[m], #28]\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "movs	r7, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r7, r7, #31\n\t"
-#else
-        "lsl	r7, r7, #31\n\t"
-#endif
-        "b	L_sp_256_div2_mod_8_div2_%=\n\t"
-        "\n"
-    "L_sp_256_div2_mod_8_no_add_%=:\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "\n"
-    "L_sp_256_div2_mod_8_div2_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, #31\n\t"
-#else
-        "lsl	r4, r4, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r4\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r4\n\t"
-#else
-        "orr	r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "orrs	r6, r7\n\t"
-#else
-        "orr	r6, r7\n\t"
-#endif
-        "movs	r7, r3\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "str	r6, [%[r], #28]\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, #31\n\t"
-#else
-        "lsl	r4, r4, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r4\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r4\n\t"
-#else
-        "orr	r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "orrs	r6, r7\n\t"
-#else
-        "orr	r6, r7\n\t"
-#endif
-        "movs	r7, r3\n\t"
-        "str	r5, [%[r], #16]\n\t"
-        "str	r6, [%[r], #20]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, #31\n\t"
-#else
-        "lsl	r4, r4, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r4\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r4\n\t"
-#else
-        "orr	r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "orrs	r6, r7\n\t"
-#else
-        "orr	r6, r7\n\t"
-#endif
-        "movs	r7, r3\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #1\n\t"
-#else
-        "lsr	r5, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, #31\n\t"
-#else
-        "lsl	r4, r4, #31\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r4\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r4\n\t"
-#else
-        "orr	r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "orrs	r6, r7\n\t"
-#else
-        "orr	r6, r7\n\t"
-#endif
-        "str	r5, [%[r]]\n\t"
-        "str	r6, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-}
-
-static int sp_256_num_bits_8(sp_digit* a)
-{
-    static const byte sp_num_bits_table[256] = {
-        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-    };
-    const byte* table = sp_num_bits_table;
-    __asm__ __volatile__ (
-        "movs	r6, #0xff\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_7_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_93_%=\n\t"
-        "movs	r2, #0xf8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_93_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_92_%=\n\t"
-        "movs	r2, #0xf0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_92_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_91_%=\n\t"
-        "movs	r2, #0xe8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_91_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_90_%=\n\t"
-        "movs	r2, #0xe0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_90_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_7_%=:\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_6_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_83_%=\n\t"
-        "movs	r2, #0xd8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_83_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_82_%=\n\t"
-        "movs	r2, #0xd0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_82_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_81_%=\n\t"
-        "movs	r2, #0xc8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_81_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_80_%=\n\t"
-        "movs	r2, #0xc0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_80_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_6_%=:\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_5_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_73_%=\n\t"
-        "movs	r2, #0xb8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_73_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_72_%=\n\t"
-        "movs	r2, #0xb0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_72_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_71_%=\n\t"
-        "movs	r2, #0xa8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_71_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_70_%=\n\t"
-        "movs	r2, #0xa0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_70_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_5_%=:\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_4_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_63_%=\n\t"
-        "movs	r2, #0x98\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_63_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_62_%=\n\t"
-        "movs	r2, #0x90\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_62_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_61_%=\n\t"
-        "movs	r2, #0x88\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_61_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_60_%=\n\t"
-        "movs	r2, #0x80\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_60_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_4_%=:\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_3_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_53_%=\n\t"
-        "movs	r2, #0x78\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_53_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_52_%=\n\t"
-        "movs	r2, #0x70\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_52_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_51_%=\n\t"
-        "movs	r2, #0x68\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_51_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_50_%=\n\t"
-        "movs	r2, #0x60\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_50_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_3_%=:\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_2_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_43_%=\n\t"
-        "movs	r2, #0x58\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_43_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_42_%=\n\t"
-        "movs	r2, #0x50\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_42_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_41_%=\n\t"
-        "movs	r2, #0x48\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_41_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_40_%=\n\t"
-        "movs	r2, #0x40\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_40_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_2_%=:\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_256_num_bits_8_1_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_33_%=\n\t"
-        "movs	r2, #56\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_33_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_32_%=\n\t"
-        "movs	r2, #48\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_32_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_31_%=\n\t"
-        "movs	r2, #40\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_31_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_30_%=\n\t"
-        "movs	r2, #32\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_30_%=:\n\t"
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_1_%=:\n\t"
-        "ldr	r3, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_23_%=\n\t"
-        "movs	r2, #24\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_23_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_22_%=\n\t"
-        "movs	r2, #16\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_22_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_21_%=\n\t"
-        "movs	r2, #8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_21_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_256_num_bits_8_20_%=\n\t"
-        "movs	r2, #0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_256_num_bits_8_9_%=\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_20_%=:\n\t"
-        "\n"
-    "L_sp_256_num_bits_8_9_%=:\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [table] "+l" (table)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[8];
-    sp_digit v[8];
-    sp_digit b[8];
-    sp_digit d[8];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_256_num_bits_8(u);
-    vt = sp_256_num_bits_8(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_256_rshift1_8(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_256_rshift1_8(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_256_rshift1_8(v, v);
-            sp_256_div2_mod_8(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
-            sp_256_sub_8(u, u, v);
-            o = sp_256_sub_8(b, b, d);
-            if (o != 0)
-                sp_256_add_8(b, b, m);
-            ut = sp_256_num_bits_8(u);
-
-            do {
-                sp_256_rshift1_8(u, u);
-                sp_256_div2_mod_8(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_256_sub_8(v, v, u);
-            o = sp_256_sub_8(d, d, b);
-            if (o != 0)
-                sp_256_add_8(d, d, m);
-            vt = sp_256_num_bits_8(v);
-
-            do {
-                sp_256_rshift1_8(v, v);
-                sp_256_div2_mod_8(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-
-        sp_256_proj_point_add_8(p1, p1, p2, tmp);
-    if (sp_256_iszero_8(p1->z)) {
-        if (sp_256_iszero_8(p1->x) && sp_256_iszero_8(p1->y)) {
-                sp_256_proj_point_dbl_8(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_256_mod_inv_8(s, s, p256_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_256_mul_8(s, s, p256_norm_order);
-        err = sp_256_mod_8(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_8(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_256_mont_inv_order_8(s, s, tmp);
-            sp_256_mont_mul_order_8(u1, u1, s);
-            sp_256_mont_mul_order_8(u2, u2, s);
-        }
-#else
-        {
-            sp_256_mont_mul_order_8(u1, u1, s);
-            sp_256_mont_mul_order_8(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_256_ecc_mulmod_base_8(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_8(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_8(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_8(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 8);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 8;
-        s   = u1 + 4 * 8;
-        tmp = u1 + 6 * 8;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 8, hash, (int)hashLen);
-        sp_256_from_mp(u2, 8, rm);
-        sp_256_from_mp(s, 8, sm);
-        sp_256_from_mp(p2->x, 8, pX);
-        sp_256_from_mp(p2->y, 8, pY);
-        sp_256_from_mp(p2->z, 8, pZ);
-
-        err = sp_256_calc_vfy_point_8(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 8, rm);
-        err = sp_256_mod_mul_norm_8(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_256_mont_sqr_8(p1->z, p1->z, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_8(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_8(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 8, rm);
-            carry = sp_256_add_8(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_8(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_8(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_8(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_256_mont_mul_8(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_8(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-        sp_256_mont_inv_order_8_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_8_ctx dbl_ctx;
-        sp_256_proj_point_add_8_ctx add_ctx;
-    };
-    sp_digit u1[2*8];
-    sp_digit u2[2*8];
-    sp_digit s[2*8];
-    sp_digit tmp[2*8 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 8, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 8, rm);
-        sp_256_from_mp(ctx->s, 8, sm);
-        sp_256_from_mp(ctx->p2.x, 8, pX);
-        sp_256_from_mp(ctx->p2.y, 8, pY);
-        sp_256_from_mp(ctx->p2.z, 8, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_8(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_8(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_8(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_8_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_8(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_8(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_8(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_8(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_8_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 8, rm);
-        err = sp_256_mod_mul_norm_8(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_8(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_8(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_8(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 8, rm);
-            carry = sp_256_add_8(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_8(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_8(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_8(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_8(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_8(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_8(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 8 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 8 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 8;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_8(t1, point->y);
-        (void)sp_256_mod_8(t1, t1, p256_mod);
-        sp_256_sqr_8(t2, point->x);
-        (void)sp_256_mod_8(t2, t2, p256_mod);
-        sp_256_mul_8(t2, t2, point->x);
-        (void)sp_256_mod_8(t2, t2, p256_mod);
-        sp_256_mont_sub_8(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_8(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 8, pX);
-        sp_256_from_mp(pub->y, 8, pY);
-        sp_256_from_bin(pub->z, 8, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_8(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 8);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 8, pX);
-        sp_256_from_mp(pub->y, 8, pY);
-        sp_256_from_bin(pub->z, 8, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 8, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_8(pub->x) != 0) &&
-            (sp_256_iszero_8(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_8(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_8(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_8(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_256_ecc_mulmod_8(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_8(p->x) == 0) ||
-                             (sp_256_iszero_8(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_8(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_8(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        sp_256_from_mp(q->x, 8, qX);
-        sp_256_from_mp(q->y, 8, qY);
-        sp_256_from_mp(q->z, 8, qZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-        q->infinity = sp_256_iszero_8(q->x) &
-                      sp_256_iszero_8(q->y);
-
-            sp_256_proj_point_add_8(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-
-            sp_256_proj_point_dbl_8(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-
-            sp_256_map_8(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_8(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 8);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 8;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_8(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_8(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_8(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_8(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_8(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_8(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_8(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_8(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_8(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_8(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 8);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 8;
-
-        sp_256_from_mp(x, 8, xm);
-        err = sp_256_mod_mul_norm_8(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_8(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_8(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_8(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_8(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_8(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 8, 0, 8U * sizeof(sp_digit));
-        sp_256_mont_reduce_8(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_8(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 12];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 12];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 12];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[12] = {
-    0xffffffff,0x00000000,0x00000000,0xffffffff,0xfffffffe,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[12] = {
-    0x00000001,0xffffffff,0xffffffff,0x00000000,0x00000001,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[12] = {
-    0xccc52973,0xecec196a,0x48b0a77a,0x581a0db2,0xf4372ddf,0xc7634d81,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[12] = {
-    0xccc52971,0xecec196a,0x48b0a77a,0x581a0db2,0xf4372ddf,0xc7634d81,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[12] = {
-    0x333ad68d,0x1313e695,0xb74f5885,0xa7e5f24d,0x0bc8d220,0x389cb27e,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0xe88fdc45;
-#endif
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x72760ab7,0x3a545e38,0xbf55296c,0x5502f25d,0x82542a38,0x59f741e0,
-        0x8ba79b98,0x6e1d3b62,0xf320ad74,0x8eb1c71e,0xbe8b0537,0xaa87ca22,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x90ea0e5f,0x7a431d7c,0x1d7e819d,0x0a60b1ce,0xb5f0b8c0,0xe9da3113,
-        0x289a147c,0xf8f41dbd,0x9292dc29,0x5d9e98bf,0x96262c6f,0x3617de4a,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[12] = {
-    0xd3ec2aef,0x2a85c8ed,0x8a2ed19d,0xc656398d,0x5013875a,0x0314088f,
-    0xfe814112,0x181d9c6e,0xe3f82d19,0x988e056b,0xe23ee7e4,0xb3312fa7
-};
-#endif
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[12 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #48\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_384_mul_12_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #44\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_384_mul_12_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_384_mul_12_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_384_mul_12_mul_%=\n\t"
-        "\n"
-    "L_sp_384_mul_12_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x58\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_384_mul_12_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0x60\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_384_sqr_12_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #44\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_384_sqr_12_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_384_sqr_12_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_384_sqr_12_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_384_sqr_12_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_384_sqr_12_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #48\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_384_sqr_12_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_384_sqr_12_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_384_sqr_12_mul_%=\n\t"
-        "\n"
-    "L_sp_384_sqr_12_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x58\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_384_sqr_12_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0x5c\n\t"
-        "\n"
-    "L_sp_384_sqr_12_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_384_sqr_12_store_%=\n\t"
-        "movs	r6, #0x60\n\t"
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #48\n\t"
-#else
-        "add	r6, r6, #48\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-        "\n"
-    "L_sp_384_add_12_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_384_add_12_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 12);
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + (int64_t)a[0] + (int64_t)a[8] + (int64_t)a[9] - (int64_t)a[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - (int64_t)a[0] + (int64_t)a[1] - (int64_t)a[8] + (int64_t)a[10] + (int64_t)a[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - (int64_t)a[1] + (int64_t)a[2] - (int64_t)a[9] + (int64_t)a[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + (int64_t)a[0] - (int64_t)a[2] + (int64_t)a[3] + (int64_t)a[8] + (int64_t)a[9] - (int64_t)a[10] - (int64_t)a[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + (int64_t)a[0] + (int64_t)a[1] - (int64_t)a[3] + (int64_t)a[4] + (int64_t)a[8] + 2 * (int64_t)a[9] + (int64_t)a[10] -  2 * (int64_t)a[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + (int64_t)a[1] + (int64_t)a[2] - (int64_t)a[4] + (int64_t)a[5] + (int64_t)a[9] + 2 * (int64_t)a[10] + (int64_t)a[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + (int64_t)a[2] + (int64_t)a[3] - (int64_t)a[5] + (int64_t)a[6] + (int64_t)a[10] + 2 * (int64_t)a[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + (int64_t)a[3] + (int64_t)a[4] - (int64_t)a[6] + (int64_t)a[7] + (int64_t)a[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + (int64_t)a[4] + (int64_t)a[5] - (int64_t)a[7] + (int64_t)a[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + (int64_t)a[5] + (int64_t)a[6] - (int64_t)a[8] + (int64_t)a[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + (int64_t)a[6] + (int64_t)a[7] - (int64_t)a[9] + (int64_t)a[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + (int64_t)a[7] + (int64_t)a[8] - (int64_t)a[10] + (int64_t)a[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = (sp_digit)t[0];
-        r[1] = (sp_digit)t[1];
-        r[2] = (sp_digit)t[2];
-        r[3] = (sp_digit)t[3];
-        r[4] = (sp_digit)t[4];
-        r[5] = (sp_digit)t[5];
-        r[6] = (sp_digit)t[6];
-        r[7] = (sp_digit)t[7];
-        r[8] = (sp_digit)t[8];
-        r[9] = (sp_digit)t[9];
-        r[10] = (sp_digit)t[10];
-        r[11] = (sp_digit)t[11];
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_12(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 12, pm->x);
-    sp_384_from_mp(p->y, 12, pm->y);
-    sp_384_from_mp(p->z, 12, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 12);
-        r->used = 12;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 12; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 12; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #48\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_384_cond_sub_12_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_384_cond_sub_12_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#define sp_384_mont_reduce_order_12   sp_384_mont_reduce_12
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #44\n\t"
-        "movs	r6, #48\n\t"
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_384_mont_reduce_12_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_384_mont_reduce_12_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
-        "# a[i+11] += m[11] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[11] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[11] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #44\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_384_mont_reduce_12_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #48\n\t"
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_384_mont_reduce_12_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_384_mont_reduce_12_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_12(r, a, b);
-    sp_384_mont_reduce_12(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_12(r, a);
-    sp_384_mont_reduce_12(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_12(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_12(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word32 p384_mod_minus_2[12] = {
-    0xfffffffdU,0x00000000U,0x00000000U,0xffffffffU,0xfffffffeU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 12);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_12(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_384_mont_mul_12(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 12);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 12;
-    sp_digit* t3 = td + 4 * 12;
-    sp_digit* t4 = td + 6 * 12;
-    sp_digit* t5 = td + 8 * 12;
-
-    /* 0x2 */
-    sp_384_mont_sqr_12(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_12(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_12(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_12(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_12(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_12(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_12(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_12(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_12(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_12(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_12(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_12(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_12(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_12(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_12(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #44\n\t"
-        "\n"
-    "L_sp_384_cmp_12_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_384_cmp_12_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_384_norm_12(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_int32 n;
-
-    sp_384_mont_inv_12(t1, p->z, t + 2*12);
-
-    sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_12(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 12, 0, sizeof(sp_digit) * 12U);
-    sp_384_mont_reduce_12(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_12(r->x, p384_mod);
-    sp_384_cond_sub_12(r->x, r->x, p384_mod, (sp_digit)~(n >> 31));
-    sp_384_norm_12(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_12(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 12, 0, sizeof(sp_digit) * 12U);
-    sp_384_mont_reduce_12(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_12(r->y, p384_mod);
-    sp_384_cond_sub_12(r->y, r->y, p384_mod, (sp_digit)~(n >> 31));
-    sp_384_norm_12(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_add_12(r, a, b);
-    sp_384_cond_sub_12(r, r, m, 0 - o);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_add_12(r, a, a);
-    sp_384_cond_sub_12(r, r, m, 0 - o);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_add_12(r, a, a);
-    sp_384_cond_sub_12(r, r, m, 0 - o);
-    o = sp_384_add_12(r, r, a);
-    sp_384_cond_sub_12(r, r, m, 0 - o);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #48\n\t"
-#else
-        "add	r6, r6, #48\n\t"
-#endif
-        "\n"
-    "L_sp_384_sub_12_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_384_sub_12_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #48\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_384_cond_add_12_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_384_cond_add_12_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_sub_12(r, a, b);
-    sp_384_cond_add_12(r, r, m, o);
-}
-
-/* Right shift a by 1 bit into r. (r = a >> 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "str	r3, [%[r], #40]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_cond_add_12(r, a, m, 0 - (a[0] & 1));
-    sp_384_rshift1_12(r, r);
-    r[11] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_12(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_12(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_12(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_12(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_12(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_12(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_12(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_12(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_12(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_12(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_12(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_12(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_12(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_12(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_12(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_12_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_12_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*12;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_12(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_12(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_12(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_12(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_12(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_12(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_12(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_12(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_12(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_12(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_12(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_12(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_12(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_12(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_12(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*12;
-    sp_digit* t2 = t + 4*12;
-    sp_digit* t3 = t + 6*12;
-    sp_digit* t4 = t + 8*12;
-    sp_digit* t5 = t + 10*12;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_12(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_12(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_12(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_12(t2, t1) &
-            sp_384_cmp_equal_12(t4, t3)) {
-        sp_384_proj_point_dbl_12(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_12(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(x, x, t5, p384_mod);
-        sp_384_mont_mul_12(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_12(t3, y, p384_mod);
-        sp_384_mont_sub_12(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_12_ctx {
-    int state;
-    sp_384_proj_point_dbl_12_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_12_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_12_ctx* ctx = (sp_384_proj_point_add_12_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*12;
-        ctx->t2 = t + 4*12;
-        ctx->t3 = t + 6*12;
-        ctx->t4 = t + 8*12;
-        ctx->t5 = t + 10*12;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_12(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_12(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_12(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_12(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_12(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_12(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_12(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_12(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_12(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_12(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_12(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_12(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_12(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_12(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_12(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_12(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_12(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_12(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_12(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_12(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_12(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_12(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 384 doubles.
- * 108 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    sp_point_384* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_384, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_384, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_384_mod_mul_norm_12(t[1].x, g->x, p384_mod);
-        (void)sp_384_mod_mul_norm_12(t[1].y, g->y, p384_mod);
-        (void)sp_384_mod_mul_norm_12(t[1].z, g->z, p384_mod);
-        t[1].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_384_proj_point_add_12(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_384_proj_point_add_12(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_384_proj_point_add_12(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 10;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_16_12(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_384));
-        }
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_16_12(p, t, y);
-                p->infinity = !y;
-                sp_384_proj_point_add_12(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_384_proj_point_add_12(rt, rt, &t[y], tmp);
-            }
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 12 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_384, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_384, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*12;
-    sp_digit* b = t + 4*12;
-    sp_digit* t1 = t + 6*12;
-    sp_digit* t2 = t + 8*12;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_12(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_12(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_12(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_12(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_12(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_12(t2, b, p384_mod);
-        sp_384_mont_sub_12(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_12(t2, b, x, p384_mod);
-        sp_384_mont_dbl_12(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_12(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_12(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_12(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_12(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_12(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_12(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_12(t2, b, p384_mod);
-    sp_384_mont_sub_12(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_12(t2, b, x, p384_mod);
-    sp_384_mont_dbl_12(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_12(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_12(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_12(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_12(y, y, p384_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_12(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 12;
-    sp_digit* tmp = t + 4 * 12;
-
-    sp_384_mont_inv_12(t1, a->z, tmp);
-
-    sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_12(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[12];
-    sp_digit y[12];
-} sp_table_entry_384;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*12;
-    sp_digit* t6 = t + 4*12;
-    sp_digit* t1 = t + 6*12;
-    sp_digit* t4 = t + 8*12;
-    sp_digit* t5 = t + 10*12;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_12(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_12(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_12(p->x, t2) &
-            sp_384_cmp_equal_12(p->y, t4)) {
-        sp_384_proj_point_dbl_12(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_12(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_12(t5, t3, p384_mod);
-        sp_384_mont_sub_12(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_12(t3, t3, x, p384_mod);
-        sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 96 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_12(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_12(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_12(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_384_proj_point_dbl_n_12(t, 96, tmp);
-            sp_384_proj_to_affine_12(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_12(t, s1, s2, tmp);
-                sp_384_proj_to_affine_12(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_16_12(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^96, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 12 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 95;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 96;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_16_12(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=94; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 96;
-            }
-
-            sp_384_proj_point_dbl_12(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_16_12(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_12(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[12];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[12];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_12(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_12(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_12(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_12(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 48 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_12(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_12(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_12(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_384_proj_point_dbl_n_12(t, 48, tmp);
-            sp_384_proj_to_affine_12(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_12(t, s1, s2, tmp);
-                sp_384_proj_to_affine_12(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_256_12(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 12 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 47;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 48;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_256_12(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=46; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 48;
-            }
-
-            sp_384_proj_point_dbl_12(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_256_12(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_12(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[12];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[12];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_12(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_12(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_12(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_12(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(point, gm);
-
-            err = sp_384_ecc_mulmod_12(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 12 + 12 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12 + 12 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 12;
-
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(point, gm);
-        sp_384_point_from_ecc_point_12(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_12(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_12(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 96 between points.
- */
-static const sp_table_entry_384 p384_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x49c0b528,0x3dd07566,0xa0d6ce38,0x20e378e2,0x541b4d6e,0x879c3afc,
-        0x59a30eff,0x64548684,0x614ede2b,0x812ff723,0x299e1513,0x4d3aadc2 },
-      { 0x4b03a4fe,0x23043dad,0x7bb4a9ac,0xa1bfa8bf,0x2e83b050,0x8bade756,
-        0x68f4ffd9,0xc6c35219,0x3969a840,0xdd800226,0x5a15c5e9,0x2b78abc2 } },
-    /* 2 */
-    { { 0xf26feef9,0x24480c57,0x3a0e1240,0xc31a2694,0x273e2bc7,0x735002c3,
-        0x3ef1ed4c,0x8c42e9c5,0x7f4948e8,0x028babf6,0x8a978632,0x6a502f43 },
-      { 0xb74536fe,0xf5f13a46,0xd8a9f0eb,0x1d218bab,0x37232768,0x30f36bcc,
-        0x576e8c18,0xc5317b31,0x9bbcb766,0xef1d57a6,0xb3e3d4dc,0x917c4930 } },
-    /* 3 */
-    { { 0xe349ddd0,0x11426e2e,0x9b2fc250,0x9f117ef9,0xec0174a6,0xff36b480,
-        0x18458466,0x4f4bde76,0x05806049,0x2f2edb6d,0x19dfca92,0x8adc75d1 },
-      { 0xb7d5a7ce,0xa619d097,0xa34411e9,0x874275e5,0x0da4b4ef,0x5403e047,
-        0x77901d8f,0x2ebaafd9,0xa747170f,0x5e63ebce,0x7f9d8036,0x12a36944 } },
-    /* 4 */
-    { { 0x2f9fbe67,0x378205de,0x7f728e44,0xc4afcb83,0x682e00f1,0xdbcec06c,
-        0x114d5423,0xf2a145c3,0x7a52463e,0xa01d9874,0x7d717b0a,0xfc0935b1 },
-      { 0xd4d01f95,0x9653bc4f,0x9560ad34,0x9aa83ea8,0xaf8e3f3f,0xf77943dc,
-        0xe86fe16e,0x70774a10,0xbf9ffdcf,0x6b62e6f1,0x588745c9,0x8a72f39e } },
-    /* 5 */
-    { { 0x2341c342,0x73ade4da,0xea704422,0xdd326e54,0x3741cef3,0x336c7d98,
-        0x59e61549,0x1eafa00d,0xbd9a3efd,0xcd3ed892,0xc5c6c7e4,0x03faf26c },
-      { 0x3045f8ac,0x087e2fcf,0x174f1e73,0x14a65532,0xfe0af9a7,0x2cf84f28,
-        0x2cdc935b,0xddfd7a84,0x6929c895,0x4c0f117b,0x4c8bcfcc,0x356572d6 } },
-    /* 6 */
-    { { 0x3f3b236f,0xfab08607,0x81e221da,0x19e9d41d,0x3927b428,0xf3f6571e,
-        0x7550f1f6,0x4348a933,0xa85e62f0,0x7167b996,0x7f5452bf,0x62d43759 },
-      { 0xf2955926,0xd85feb9e,0x6df78353,0x440a561f,0x9ca36b59,0x389668ec,
-        0xa22da016,0x052bf1a1,0xf6093254,0xbdfbff72,0xe22209f3,0x94e50f28 } },
-    /* 7 */
-    { { 0x3062e8af,0x90b2e5b3,0xe8a3d369,0xa8572375,0x201db7b1,0x3fe1b00b,
-        0xee651aa2,0xe926def0,0xb9b10ad7,0x6542c9be,0xa2fcbe74,0x098e309b },
-      { 0xfff1d63f,0x779deeb3,0x20bfd374,0x23d0e80a,0x8768f797,0x8452bb3b,
-        0x1f952856,0xcf75bb4d,0x29ea3faa,0x8fe6b400,0x81373a53,0x12bd3e40 } },
-    /* 8 */
-    { { 0x16973cf4,0x070d34e1,0x7e4f34f7,0x20aee08b,0x5eb8ad29,0x269af9b9,
-        0xa6a45dda,0xdde0a036,0x63df41e0,0xa18b528e,0xa260df2a,0x03cc71b2 },
-      { 0xa06b1dd7,0x24a6770a,0x9d2675d3,0x5bfa9c11,0x96844432,0x73c1e2a1,
-        0x131a6cf0,0x3660558d,0x2ee79454,0xb0289c83,0xc6d8ddcd,0xa6aefb01 } },
-    /* 9 */
-    { { 0x01ab5245,0xba1464b4,0xc48d93ff,0x9b8d0b6d,0x93ad272c,0x939867dc,
-        0xae9fdc77,0xbebe085e,0x894ea8bd,0x73ae5103,0x39ac22e1,0x740fc89a },
-      { 0x28e23b23,0x5e28b0a3,0xe13104d0,0x2352722e,0xb0a2640d,0xf4667a18,
-        0x49bb37c3,0xac74a72e,0xe81e183a,0x79f734f0,0x3fd9c0eb,0xbffe5b6c } },
-    /* 10 */
-    { { 0x00623f3b,0x03cf2922,0x5f29ebff,0x095c7111,0x80aa6823,0x42d72247,
-        0x7458c0b0,0x044c7ba1,0x0959ec20,0xca62f7ef,0xf8ca929f,0x40ae2ab7 },
-      { 0xa927b102,0xb8c5377a,0xdc031771,0x398a86a0,0xc216a406,0x04908f9d,
-        0x918d3300,0xb423a73a,0xe0b94739,0x634b0ff1,0x2d69f697,0xe29de725 } },
-    /* 11 */
-    { { 0x8435af04,0x744d1400,0xfec192da,0x5f255b1d,0x336dc542,0x1f17dc12,
-        0x636a68a8,0x5c90c2a7,0x7704ca1e,0x960c9eb7,0x6fb3d65a,0x9de8cf1e },
-      { 0x511d3d06,0xc60fee0d,0xf9eb52c7,0x466e2313,0x206b0914,0x743c0f5f,
-        0x2191aa4d,0x42f55bac,0xffebdbc2,0xcefc7c8f,0xe6e8ed1c,0xd4fa6081 } },
-    /* 12 */
-    { { 0x98683186,0x867db639,0xddcc4ea9,0xfb5cf424,0xd4f0e7bd,0xcc9a7ffe,
-        0x7a779f7e,0x7c57f71c,0xd6b25ef2,0x90774079,0xb4081680,0x90eae903 },
-      { 0x0ee1fceb,0xdf2aae5e,0xe86c1a1f,0x3ff1da24,0xca193edf,0x80f587d6,
-        0xdc9b9d6a,0xa5695523,0x85920303,0x7b840900,0xba6dbdef,0x1efa4dfc } },
-    /* 13 */
-    { { 0xe0540015,0xfbd838f9,0xc39077dc,0x2c323946,0xad619124,0x8b1fb9e6,
-        0x0ca62ea8,0x9612440c,0x2dbe00ff,0x9ad9b52c,0xae197643,0xf52abaa1 },
-      { 0x2cac32ad,0xd0e89894,0x62a98f91,0xdfb79e42,0x276f55cb,0x65452ecf,
-        0x7ad23e12,0xdb1ac0d2,0xde4986f0,0xf68c5f6a,0x82ce327d,0x389ac37b } },
-    /* 14 */
-    { { 0xb8a9e8c9,0xcd96866d,0x5bb8091e,0xa11963b8,0x045b3cd2,0xc7f90d53,
-        0x80f36504,0x755a72b5,0x21d3751c,0x46f8b399,0x53c193de,0x4bffdc91 },
-      { 0xb89554e7,0xcd15c049,0xf7a26be6,0x353c6754,0xbd41d970,0x79602370,
-        0x12b176c0,0xde16470b,0x40c8809d,0x56ba1175,0xe435fb1e,0xe2db35c3 } },
-    /* 15 */
-    { { 0x6328e33f,0xd71e4aab,0xaf8136d1,0x5486782b,0x86d57231,0x07a4995f,
-        0x1651a968,0xf1f0a5bd,0x76803b6d,0xa5dc5b24,0x42dda935,0x5c587cbc },
-      { 0xbae8b4c0,0x2b6cdb32,0xb1331138,0x66d1598b,0x5d7e9614,0x4a23b2d2,
-        0x74a8c05d,0x93e402a6,0xda7ce82e,0x45ac94e6,0xe463d465,0xeb9f8281 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^96, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_12(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 48 between points.
- */
-static const sp_table_entry_384 p384_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x49c0b528,0x3dd07566,0xa0d6ce38,0x20e378e2,0x541b4d6e,0x879c3afc,
-        0x59a30eff,0x64548684,0x614ede2b,0x812ff723,0x299e1513,0x4d3aadc2 },
-      { 0x4b03a4fe,0x23043dad,0x7bb4a9ac,0xa1bfa8bf,0x2e83b050,0x8bade756,
-        0x68f4ffd9,0xc6c35219,0x3969a840,0xdd800226,0x5a15c5e9,0x2b78abc2 } },
-    /* 2 */
-    { { 0x2b0c535b,0x29864753,0x70506296,0x90dd6953,0x216ab9ac,0x038cd6b4,
-        0xbe12d76a,0x3df9b7b7,0x5f347bdb,0x13f4d978,0x13e94489,0x222c5c9c },
-      { 0x2680dc64,0x5f8e796f,0x58352417,0x120e7cb7,0xd10740b8,0x254b5d8a,
-        0x5337dee6,0xc38b8efb,0x94f02247,0xf688c2e1,0x6c25bc4c,0x7b5c75f3 } },
-    /* 3 */
-    { { 0x9edffea5,0xe26a3cc3,0x37d7e9fc,0x35bbfd1c,0x9bde3ef6,0xf0e7700d,
-        0x1a538f5a,0x0380eb47,0x05bf9eb3,0x2e9da8bb,0x1a460c3e,0xdbb93c73 },
-      { 0xf526b605,0x37dba260,0xfd785537,0x95d4978e,0xed72a04a,0x24ed793a,
-        0x76005b1a,0x26948377,0x9e681f82,0x99f557b9,0xd64954ef,0xae5f9557 } },
-    /* 4 */
-    { { 0xf26feef9,0x24480c57,0x3a0e1240,0xc31a2694,0x273e2bc7,0x735002c3,
-        0x3ef1ed4c,0x8c42e9c5,0x7f4948e8,0x028babf6,0x8a978632,0x6a502f43 },
-      { 0xb74536fe,0xf5f13a46,0xd8a9f0eb,0x1d218bab,0x37232768,0x30f36bcc,
-        0x576e8c18,0xc5317b31,0x9bbcb766,0xef1d57a6,0xb3e3d4dc,0x917c4930 } },
-    /* 5 */
-    { { 0xe349ddd0,0x11426e2e,0x9b2fc250,0x9f117ef9,0xec0174a6,0xff36b480,
-        0x18458466,0x4f4bde76,0x05806049,0x2f2edb6d,0x19dfca92,0x8adc75d1 },
-      { 0xb7d5a7ce,0xa619d097,0xa34411e9,0x874275e5,0x0da4b4ef,0x5403e047,
-        0x77901d8f,0x2ebaafd9,0xa747170f,0x5e63ebce,0x7f9d8036,0x12a36944 } },
-    /* 6 */
-    { { 0x4fc52870,0x28f9c07a,0x1a53a961,0xce0b3748,0x0e1828d9,0xd550fa18,
-        0x6adb225a,0xa24abaf7,0x6e58a348,0xd11ed0a5,0x948acb62,0xf3d811e6 },
-      { 0x4c61ed22,0x8618dd77,0x80b47c9d,0x0bb747f9,0xde6b8559,0x22bf796f,
-        0x680a21e9,0xfdfd1c6d,0x2af2c9dd,0xc0db1577,0xc1e90f3d,0xa09379e6 } },
-    /* 7 */
-    { { 0xe085c629,0x386c66ef,0x095bc89a,0x5fc2a461,0x203f4b41,0x1353d631,
-        0x7e4bd8f5,0x7ca1972b,0xa7df8ce9,0xb077380a,0xee7e4ea3,0xd8a90389 },
-      { 0xe7b14461,0x1bc74dc7,0x0c9c4f78,0xdc2cb014,0x84ef0a10,0x52b4b3a6,
-        0x20327fe2,0xbde6ea5d,0x660f9615,0xb71ec435,0xb8ad8173,0xeede5a04 } },
-    /* 8 */
-    { { 0x893b9a2d,0x5584cbb3,0x00850c5d,0x820c660b,0x7df2d43d,0x4126d826,
-        0x0109e801,0xdd5bbbf0,0x38172f1c,0x85b92ee3,0xf31430d9,0x609d4f93 },
-      { 0xeadaf9d6,0x1e059a07,0x0f125fb0,0x70e6536c,0x560f20e7,0xd6220751,
-        0x7aaf3a9a,0xa59489ae,0x64bae14e,0x7b70e2f6,0x76d08249,0x0dd03701 } },
-    /* 9 */
-    { { 0x8510521f,0x4cc13be8,0xf724cc17,0x87315ba9,0x353dc263,0xb49d83bb,
-        0x0c279257,0x8b677efe,0xc93c9537,0x510a1c1c,0xa4702c99,0x33e30cd8 },
-      { 0x2208353f,0xf0ffc89d,0xced42b2b,0x0170fa8d,0x26e2a5f5,0x090851ed,
-        0xecb52c96,0x81276455,0x7fe1adf4,0x0646c4e1,0xb0868eab,0x513f047e } },
-    /* 10 */
-    { { 0xdf5bdf53,0xc07611f4,0x58b11a6d,0x45d331a7,0x1c4ee394,0x58965daf,
-        0x5a5878d1,0xba8bebe7,0x82dd3025,0xaecc0a18,0xa923eb8b,0xcf2a3899 },
-      { 0xd24fd048,0xf98c9281,0x8bbb025d,0x841bfb59,0xc9ab9d53,0xb8ddf8ce,
-        0x7fef044e,0x538a4cb6,0x23236662,0x092ac21f,0x0b66f065,0xa919d385 } },
-    /* 11 */
-    { { 0x85d480d8,0x3db03b40,0x1b287a7d,0x8cd9f479,0x4a8f3bae,0x8f24dc75,
-        0x3db41892,0x482eb800,0x9c56e0f5,0x38bf9eb3,0x9a91dc6f,0x8b977320 },
-      { 0x7209cfc2,0xa31b05b2,0x05b2db70,0x4c49bf85,0xd619527b,0x56462498,
-        0x1fac51ba,0x3fe51039,0xab4b8342,0xfb04f55e,0x04c6eabf,0xc07c10dc } },
-    /* 12 */
-    { { 0xdb32f048,0xad22fe4c,0x475ed6df,0x5f23bf91,0xaa66b6cb,0xa50ce0c0,
-        0xf03405c0,0xdf627a89,0xf95e2d6a,0x3674837d,0xba42e64e,0x081c95b6 },
-      { 0xe71d6ceb,0xeba3e036,0x6c6b0271,0xb45bcccf,0x0684701d,0x67b47e63,
-        0xe712523f,0x60f8f942,0x5cd47adc,0x82423472,0x87649cbb,0x83027d79 } },
-    /* 13 */
-    { { 0x3615b0b8,0xb3929ea6,0xa54dac41,0xb41441fd,0xb5b6a368,0x8995d556,
-        0x167ef05e,0xa80d4529,0x6d25a27f,0xf6bcb4a1,0x7bd55b68,0x210d6a4c },
-      { 0x25351130,0xf3804abb,0x903e37eb,0x1d2df699,0x084c25c8,0x5f201efc,
-        0xa1c68e91,0x31a28c87,0x563f62a5,0x81dad253,0xd6c415d4,0x5dd6de70 } },
-    /* 14 */
-    { { 0x846612ce,0x29f470fd,0xda18d997,0x986f3eec,0x2f34af86,0x6b84c161,
-        0x46ddaf8b,0x5ef0a408,0xe49e795f,0x14405a00,0xaa2f7a37,0x5f491b16 },
-      { 0xdb41b38d,0xc7f07ae4,0x18fbfcaa,0xef7d119e,0x14443b19,0x3a18e076,
-        0x79a19926,0x4356841a,0xe2226fbe,0x91f4a91c,0x3cc88721,0xdc77248c } },
-    /* 15 */
-    { { 0xe4b1ec9d,0xd570ff1a,0xe7eef706,0x21d23e0e,0xca19e086,0x3cde40f4,
-        0xcd4bb270,0x7d6523c4,0xbf13aa6c,0x16c1f06c,0xd14c4b60,0x5aa7245a },
-      { 0x44b74de8,0x37f81467,0x620a934e,0x839e7a17,0xde8b1aa1,0xf74d14e8,
-        0xf30d75e2,0x8789fa51,0xc81c261e,0x09b24052,0x33c565ee,0x654e2678 } },
-    /* 16 */
-    { { 0x2f9fbe67,0x378205de,0x7f728e44,0xc4afcb83,0x682e00f1,0xdbcec06c,
-        0x114d5423,0xf2a145c3,0x7a52463e,0xa01d9874,0x7d717b0a,0xfc0935b1 },
-      { 0xd4d01f95,0x9653bc4f,0x9560ad34,0x9aa83ea8,0xaf8e3f3f,0xf77943dc,
-        0xe86fe16e,0x70774a10,0xbf9ffdcf,0x6b62e6f1,0x588745c9,0x8a72f39e } },
-    /* 17 */
-    { { 0x2341c342,0x73ade4da,0xea704422,0xdd326e54,0x3741cef3,0x336c7d98,
-        0x59e61549,0x1eafa00d,0xbd9a3efd,0xcd3ed892,0xc5c6c7e4,0x03faf26c },
-      { 0x3045f8ac,0x087e2fcf,0x174f1e73,0x14a65532,0xfe0af9a7,0x2cf84f28,
-        0x2cdc935b,0xddfd7a84,0x6929c895,0x4c0f117b,0x4c8bcfcc,0x356572d6 } },
-    /* 18 */
-    { { 0x7d8c1bba,0x7ecbac01,0x90b0f3d5,0x6058f9c3,0xf6197d0f,0xaee116e3,
-        0x4033b128,0xc4dd7068,0xc209b983,0xf084dba6,0x831dbc4a,0x97c7c2cf },
-      { 0xf96010e8,0x2f4e61dd,0x529faa17,0xd97e4e20,0x69d37f20,0x4ee66660,
-        0x3d366d72,0xccc139ed,0x13488e0f,0x690b6ee2,0xf3a6d533,0x7cad1dc5 } },
-    /* 19 */
-    { { 0xda57a41f,0x660a9a81,0xec0039b6,0xe74a0412,0x5e1dad15,0x42343c6b,
-        0x46681d4c,0x284f3ff5,0x63749e89,0xb51087f1,0x6f9f2f13,0x070f23cc },
-      { 0x5d186e14,0x542211da,0xfddb0dff,0x84748f37,0xdb1f4180,0x41a3aab4,
-        0xa6402d0e,0x25ed667b,0x02f58355,0x2f2924a9,0xfa44a689,0x5844ee7c } },
-    /* 20 */
-    { { 0x3f3b236f,0xfab08607,0x81e221da,0x19e9d41d,0x3927b428,0xf3f6571e,
-        0x7550f1f6,0x4348a933,0xa85e62f0,0x7167b996,0x7f5452bf,0x62d43759 },
-      { 0xf2955926,0xd85feb9e,0x6df78353,0x440a561f,0x9ca36b59,0x389668ec,
-        0xa22da016,0x052bf1a1,0xf6093254,0xbdfbff72,0xe22209f3,0x94e50f28 } },
-    /* 21 */
-    { { 0x3062e8af,0x90b2e5b3,0xe8a3d369,0xa8572375,0x201db7b1,0x3fe1b00b,
-        0xee651aa2,0xe926def0,0xb9b10ad7,0x6542c9be,0xa2fcbe74,0x098e309b },
-      { 0xfff1d63f,0x779deeb3,0x20bfd374,0x23d0e80a,0x8768f797,0x8452bb3b,
-        0x1f952856,0xcf75bb4d,0x29ea3faa,0x8fe6b400,0x81373a53,0x12bd3e40 } },
-    /* 22 */
-    { { 0x104cbba5,0xc023780d,0xfa35dd4c,0x6207e747,0x1ca9b6a3,0x35c23928,
-        0x97987b10,0x4ff19be8,0x8022eee8,0xb8476bbf,0xd3bbe74d,0xaa0a4a14 },
-      { 0x187d4543,0x20f94331,0x79f6e066,0x32153870,0xac7e82e1,0x83b0f74e,
-        0x828f06ab,0xa7748ba2,0xc26ef35f,0xc5f0298a,0x8e9a7dbd,0x0f0c5070 } },
-    /* 23 */
-    { { 0xdef029dd,0x0c5c244c,0x850661b8,0x3dabc687,0xfe11d981,0x9992b865,
-        0x6274dbad,0xe9801b8f,0x098da242,0xe54e6319,0x91a53d08,0x9929a91a },
-      { 0x35285887,0x37bffd72,0xf1418102,0xbc759425,0xfd2e6e20,0x9280cc35,
-        0xfbc42ee5,0x735c600c,0x8837619a,0xb7ad2864,0xa778c57b,0xa3627231 } },
-    /* 24 */
-    { { 0x91361ed8,0xae799b5c,0x6c63366c,0x47d71b75,0x1b265a6a,0x54cdd521,
-        0x98d77b74,0xe0215a59,0xbab29db0,0x4424d9b7,0x7fd9e536,0x8b0ffacc },
-      { 0x37b5d9ef,0x46d85d12,0xbfa91747,0x5b106d62,0x5f99ba2d,0xed0479f8,
-        0x1d104de4,0x0e6f3923,0x25e8983f,0x83a84c84,0xf8105a70,0xa9507e0a } },
-    /* 25 */
-    { { 0x14cf381c,0xf6c68a6e,0xc22e31cc,0xaf9d27bd,0xaa8a5ccb,0x23568d4d,
-        0xe338e4d2,0xe431eec0,0x8f52ad1f,0xf1a828fe,0xe86acd80,0xdb6a0579 },
-      { 0x4507832a,0x2885672e,0x887e5289,0x73fc275f,0x05610d08,0x65f80278,
-        0x075ff5b0,0x8d9b4554,0x09f712b5,0x3a8e8fb1,0x2ebe9cf2,0x39f0ac86 } },
-    /* 26 */
-    { { 0x4c52edf5,0xd8fabf78,0xa589ae53,0xdcd737e5,0xd791ab17,0x94918bf0,
-        0xbcff06c9,0xb5fbd956,0xdca46d45,0xf6d3032e,0x41a3e486,0x2cdff7e1 },
-      { 0x61f47ec8,0x6674b3ba,0xeef84608,0x8a882163,0x4c687f90,0xa257c705,
-        0xf6cdf227,0xe30cb2ed,0x7f6ea846,0x2c4c64ca,0xcc6bcd3c,0x186fa17c } },
-    /* 27 */
-    { { 0x1dfcb91e,0x48a3f536,0x646d358a,0x83595e13,0x91128798,0xbd15827b,
-        0x2187757a,0x3ce612b8,0x61bd7372,0x873150a1,0xb662f568,0xf4684530 },
-      { 0x401896f6,0x8833950b,0x77f3e090,0xe11cb89a,0x48e7f4a5,0xb2f12cac,
-        0xf606677e,0x313dd769,0x16579f93,0xfdcf08b3,0x46b8f22b,0x6429cec9 } },
-    /* 28 */
-    { { 0xbb75f9a4,0x4984dd54,0x29d3b570,0x4aef06b9,0x3d6e4c1e,0xb5f84ca2,
-        0xb083ef35,0x24c61c11,0x392ca9ff,0xce4a7392,0x6730a800,0x865d6517 },
-      { 0x722b4a2b,0xca3dfe76,0x7b083e0e,0x12c04bf9,0x1b86b8a5,0x803ce5b5,
-        0x6a7e3e0c,0x3fc7632d,0xc81adbe4,0xc89970c2,0x120e16b1,0x3cbcd3ad } },
-    /* 29 */
-    { { 0xec30ce93,0xfbfb4cc7,0xb72720a2,0x10ed6c7d,0x47b55500,0xec675bf7,
-        0x333ff7c3,0x90725903,0x5075bfc0,0xc7c3973e,0x07acf31b,0xb049ecb0 },
-      { 0x4f58839c,0xb4076eaf,0xa2b05e4f,0x101896da,0xab40c66e,0x3f6033b0,
-        0xc8d864ba,0x19ee9eeb,0x47bf6d2a,0xeb6cf155,0xf826477d,0x8e5a9663 } },
-    /* 30 */
-    { { 0xf7fbd5e1,0x69e62fdd,0x76912b1d,0x38ecfe54,0xd1da3bfb,0x845a3d56,
-        0x1c86f0d4,0x0494950e,0x3bc36ce8,0x83cadbf9,0x4fccc8d1,0x41fce572 },
-      { 0x8332c144,0x05f939c2,0x0871e46e,0xb17f248b,0x66e8aff6,0x3d8534e2,
-        0x3b85c629,0x1d06f1dc,0xa3131b73,0xdb06a32e,0x8b3f64e5,0xf295184d } },
-    /* 31 */
-    { { 0x36ddc103,0xd9653ff7,0x95ef606f,0x25f43e37,0xfe06dce8,0x09e301fc,
-        0x30b6eebf,0x85af2341,0x0ff56b20,0x79b12b53,0xfe9a3c6b,0x9b4fb499 },
-      { 0x51d27ac2,0x0154f892,0x56ca5389,0xd33167e3,0xafc065a6,0x7828ec1f,
-        0x7f746c9b,0x0959a258,0x0c44f837,0xb18f1be3,0xc4132fdb,0xa7946117 } },
-    /* 32 */
-    { { 0x5e3c647b,0xc0426b77,0x8cf05348,0xbfcbd939,0x172c0d3d,0x31d312e3,
-        0xee754737,0x5f49fde6,0x6da7ee61,0x895530f0,0xe8b3a5fb,0xcf281b0a },
-      { 0x41b8a543,0xfd149735,0x3080dd30,0x41a625a7,0x653908cf,0xe2baae07,
-        0xba02a278,0xc3d01436,0x7b21b8f8,0xa0d0222e,0xd7ec1297,0xfdc270e9 } },
-    /* 33 */
-    { { 0xbc7f41d6,0x00873c0c,0x1b7ad641,0xd976113e,0x238443fb,0x2a536ff4,
-        0x41e62e45,0x030d00e2,0x5f545fc6,0x532e9867,0x8e91208c,0xcd033108 },
-      { 0x9797612c,0xd1a04c99,0xeea674e2,0xd4393e02,0xe19742a1,0xd56fa69e,
-        0x85f0590e,0xdd2ab480,0x48a2243d,0xa5cefc52,0x54383f41,0x48cc67b6 } },
-    /* 34 */
-    { { 0xfc14ab48,0x4e50430e,0x26706a74,0x195b7f4f,0xcc881ff6,0x2fe8a228,
-        0xd945013d,0xb1b968e2,0x4b92162b,0x936aa579,0x364e754a,0x4fb766b7 },
-      { 0x31e1ff7f,0x13f93bca,0xce4f2691,0x696eb5ca,0xa2b09e02,0xff754bf8,
-        0xe58e3ff8,0x58f13c9c,0x1678c0b0,0xb757346f,0xa86692b3,0xd54200db } },
-    /* 35 */
-    { { 0x6dda1265,0x9a030bbd,0xe89718dd,0xf7b4f3fc,0x936065b8,0xa6a4931f,
-        0x5f72241c,0xbce72d87,0x65775857,0x6cbb51cb,0x4e993675,0xc7161815 },
-      { 0x2ee32189,0xe81a0f79,0x277dc0b2,0xef2fab26,0xb71f469f,0x9e64f6fe,
-        0xdfdaf859,0xb448ce33,0xbe6b5df1,0x3f5c1c4c,0x1de45f7b,0xfb8dfb00 } },
-    /* 36 */
-    { { 0x4d5bb921,0xc7345fa7,0x4d2b667e,0x5c7e04be,0x282d7a3e,0x47ed3a80,
-        0x7e47b2a4,0x5c2777f8,0x08488e2e,0x89b3b100,0xb2eb5b45,0x9aad77c2 },
-      { 0xdaac34ae,0xd681bca7,0x26afb326,0x2452e4e5,0x41a1ee14,0x0c887924,
-        0xc2407ade,0x743b04d4,0xfc17a2ac,0xcb5e999b,0x4a701a06,0x4dca2f82 } },
-    /* 37 */
-    { { 0x1127bc1a,0x68e31ca6,0x17ead3be,0xa3edd59b,0xe25f5a15,0x67b6b645,
-        0xa420e15e,0x76221794,0x4b1e872e,0x794fd83b,0xb2dece1b,0x7cab3f03 },
-      { 0xca9b3586,0x7119bf15,0x4d250bd7,0xa5545924,0xcc6bcf24,0x173633ea,
-        0xb1b6f884,0x9bd308c2,0x447d38c3,0x3bae06f5,0xf341fe1c,0x54dcc135 } },
-    /* 38 */
-    { { 0x943caf0d,0x56d3598d,0x225ff133,0xce044ea9,0x563fadea,0x9edf6a7c,
-        0x73e8dc27,0x632eb944,0x3190dcab,0x814b467e,0x6dbb1e31,0x2d4f4f31 },
-      { 0xa143b7ca,0x8d69811c,0xde7cf950,0x4ec1ac32,0x37b5fe82,0x223ab5fd,
-        0x9390f1d9,0xe82616e4,0x75804610,0xabff4b20,0x875b08f0,0x11b9be15 } },
-    /* 39 */
-    { { 0x3bbe682c,0x4ae31a3d,0x74eef2dd,0xbc7c5d26,0x3c47dd40,0x92afd10a,
-        0xc14ab9e1,0xec7e0a3b,0xb2e495e4,0x6a6c3dd1,0x309bcd85,0x085ee5e9 },
-      { 0x8c2e67fd,0xf381a908,0xe261eaf2,0x32083a80,0x96deee15,0x0fcd6a49,
-        0x5e524c79,0xe3b8fb03,0x1d5b08b9,0x8dc360d9,0x7f26719f,0x3a06e2c8 } },
-    /* 40 */
-    { { 0x7237cac0,0x5cd9f5a8,0x43586794,0x93f0b59d,0xe94f6c4e,0x4384a764,
-        0xb62782d3,0x8304ed2b,0xcde06015,0x0b8db8b3,0x5dbe190f,0x4336dd53 },
-      { 0x92ab473a,0x57443553,0xbe5ed046,0x031c7275,0x21909aa4,0x3e78678c,
-        0x99202ddb,0x4ab7e04f,0x6977e635,0x2648d206,0x093198be,0xd427d184 } },
-    /* 41 */
-    { { 0x0f9b5a31,0x822848f5,0xbaadb62a,0xbb003468,0x3357559c,0x233a0472,
-        0x79aee843,0x49ef6880,0xaeb9e1e3,0xa89867a0,0x1f6f9a55,0xc151931b },
-      { 0xad74251e,0xd264eb0b,0x4abf295e,0x37b9b263,0x04960d10,0xb600921b,
-        0x4da77dc0,0x0de53dbc,0xd2b18697,0x01d9bab3,0xf7156ddf,0xad54ec7a } },
-    /* 42 */
-    { { 0x79efdc58,0x8e74dc35,0x4ff68ddb,0x456bd369,0xd32096a5,0x724e74cc,
-        0x386783d0,0xe41cff42,0x7c70d8a4,0xa04c7f21,0xe61a19a2,0x41199d2f },
-      { 0x29c05dd2,0xd389a3e0,0xe7e3fda9,0x535f2a6b,0x7c2b4df8,0x26ecf72d,
-        0xfe745294,0x678275f4,0x9d23f519,0x6319c9cc,0x88048fc4,0x1e05a02d } },
-    /* 43 */
-    { { 0xd4d5ffe8,0x75cc8e2e,0xdbea17f2,0xf8bb4896,0xcee3cb4a,0x35059790,
-        0xa47c6165,0x4c06ee85,0x92935d2f,0xf98fff25,0x32ffd7c7,0x34c4a572 },
-      { 0xea0376a2,0xc4b14806,0x4f115e02,0x2ea5e750,0x1e55d7c0,0x532d76e2,
-        0xf31044da,0x68dc9411,0x71b77993,0x9272e465,0x93a8cfd5,0xadaa38bb } },
-    /* 44 */
-    { { 0x7d4ed72a,0x4bf0c712,0xba1f79a3,0xda0e9264,0xf4c39ea4,0x48c0258b,
-        0x2a715138,0xa5394ed8,0xbf06c660,0x4af511ce,0xec5c37cd,0xfcebceef },
-      { 0x779ae8c1,0xf23b75aa,0xad1e606e,0xdeff59cc,0x22755c82,0xf3f526fd,
-        0xbb32cefd,0x64c5ab44,0x915bdefd,0xa96e11a2,0x1143813e,0xab19746a } },
-    /* 45 */
-    { { 0xec837d7d,0x43c78585,0xb8ee0ba4,0xca5b6fbc,0xd5dbb5ee,0x34e924d9,
-        0xbb4f1ca5,0x3f4fa104,0x398640f7,0x15458b72,0xd7f407ea,0x4231faa9 },
-      { 0xf96e6896,0x53e0661e,0xd03b0f9d,0x554e4c69,0x9c7858d1,0xd4fcb07b,
-        0x52cb04fa,0x7e952793,0x8974e7f7,0x5f5f1574,0x6b6d57c8,0x2e3fa558 } },
-    /* 46 */
-    { { 0x6a9951a8,0x42cd4803,0x42792ad0,0xa8b15b88,0xabb29a73,0x18e8bcf9,
-        0x409933e8,0xbfd9a092,0xefb88dc4,0x760a3594,0x40724458,0x14418863 },
-      { 0x99caedc7,0x162a56ee,0x91d101c9,0x8fb12ecd,0x393202da,0xea671967,
-        0xa4ccd796,0x1aac8c4a,0x1cf185a8,0x7db05036,0x8cfd095a,0x0c9f86cd } },
-    /* 47 */
-    { { 0x10b2a556,0x9a728147,0x327b70b2,0x767ca964,0x5e3799b7,0x04ed9e12,
-        0x22a3eb2a,0x6781d2dc,0x0d9450ac,0x5bd116eb,0xa7ebe08a,0xeccac1fc },
-      { 0xdc2d6e94,0xde68444f,0x35ecf21b,0x3621f429,0x29e03a2c,0x14e2d543,
-        0x7d3e7f0a,0x53e42cd5,0x73ed00b9,0xbba26c09,0xc57d2272,0x00297c39 } },
-    /* 48 */
-    { { 0xb8243a7d,0x3aaaab10,0x8fa58c5b,0x6eeef93e,0x9ae7f764,0xf866fca3,
-        0x61ab04d3,0x64105a26,0x03945d66,0xa3578d8a,0x791b848c,0xb08cd3e4 },
-      { 0x756d2411,0x45edc5f8,0xa755128c,0xd4a790d9,0x49e5f6a0,0xc2cf0963,
-        0xf649beaa,0xc66d267d,0x8467039e,0x3ce6d968,0x42f7816f,0x50046c6b } },
-    /* 49 */
-    { { 0x66425043,0x92ae1602,0xf08db890,0x1ff66afd,0x8f162ce5,0x386f5a7f,
-        0xfcf5598f,0x18d2dea0,0x1a8ca18e,0x78372b3a,0x8cd0e6f7,0xdf0d20eb },
-      { 0x75bb4045,0x7edd5e1d,0xb96d94b7,0x252a47ce,0x2c626776,0xbdb29358,
-        0x40dd1031,0x853c3943,0x7d5f47fd,0x9dc9becf,0xbae4044a,0x27c2302f } },
-    /* 50 */
-    { { 0x8f2d49ce,0x2d1d208a,0x162df0a2,0x0d91aa02,0x09a07f65,0x9c5cce87,
-        0x84339012,0xdf07238b,0x419442cd,0x5028e2c8,0x72062aba,0x2dcbd358 },
-      { 0xe4680967,0xb5fbc3cb,0x9f92d72c,0x2a7bc645,0x116c369d,0x806c76e1,
-        0x3177e8d8,0x5c50677a,0x4569df57,0x753739eb,0x36c3f40b,0x2d481ef6 } },
-    /* 51 */
-    { { 0xfea1103e,0x1a2d39fd,0x95f81b17,0xeaae5592,0xf59b264a,0xdbd0aa18,
-        0xcb592ee0,0x90c39c1a,0x9750cca3,0xdf62f80d,0xdf97cc6c,0xda4d8283 },
-      { 0x1e201067,0x0a6dd346,0x69fb1f6b,0x1531f859,0x1d60121f,0x4895e552,
-        0x4c041c91,0x0b21aab0,0xbcc1ccf8,0x9d896c46,0x3141bde7,0xd24da3b3 } },
-    /* 52 */
-    { { 0x53b0a354,0x575a0537,0x0c6ddcd8,0x392ff2f4,0x56157b94,0x0b8e8cff,
-        0x3b1b80d1,0x073e57bd,0x3fedee15,0x2a75e0f0,0xaa8e6f19,0x752380e4 },
-      { 0x6558ffe9,0x1f4e227c,0x19ec5415,0x3a348618,0xf7997085,0xab382d5e,
-        0xddc46ac2,0x5e6deaff,0xfc8d094c,0xe5144078,0xf60e37c6,0xf674fe51 } },
-    /* 53 */
-    { { 0xaf63408f,0x6fb87ae5,0xcd75a737,0xa39c36a9,0xcf4c618d,0x7833313f,
-        0xf034c88d,0xfbcd4482,0x39b35288,0x4469a761,0x66b5d9c9,0x77a711c5 },
-      { 0x944f8d65,0x4a695dc7,0x161aaba8,0xe6da5f65,0x24601669,0x8654e9c3,
-        0x28ae7491,0xbc8b93f5,0x8f5580d8,0x5f1d1e83,0xcea32cc8,0x8ccf9a1a } },
-    /* 54 */
-    { { 0x7196fee2,0x28ab110c,0x874c8945,0x75799d63,0x29aedadd,0xa2629348,
-        0x2be88ff4,0x9714cc7b,0xd58d60d6,0xf71293cf,0x32a564e9,0xda6b6cb3 },
-      { 0x3dd821c2,0xf43fddb1,0x90dd323d,0xf2f2785f,0x048489f8,0x91246419,
-        0xd24c6749,0x61660f26,0xc803c15c,0x961d9e8c,0xfaadc4c9,0x631c6158 } },
-    /* 55 */
-    { { 0xfd752366,0xacf2ebe0,0x139be88b,0xb93c340e,0x0f20179e,0x98f66485,
-        0xff1da785,0x14820254,0x4f85c16e,0x5278e276,0x7aab1913,0xa246ee45 },
-      { 0x53763b33,0x43861eb4,0x45c0bc0d,0xc49f03fc,0xad6b1ea1,0xafff16bc,
-        0x6fd49c99,0xce33908b,0xf7fde8c3,0x5c51e9bf,0xff142c5e,0x076a7a39 } },
-    /* 56 */
-    { { 0x9e338d10,0x04639dfe,0xf42b411b,0x8ee6996f,0xa875cef2,0x960461d1,
-        0x95b4d0ba,0x1057b6d6,0xa906e0bc,0x27639252,0xe1c20f8a,0x2c19f09a },
-      { 0xeef4c43d,0x5b8fc3f0,0x07a84aa9,0xe2e1b1a8,0x835d2bdb,0x5f455528,
-        0x207132dd,0x0f4aee4d,0x3907f675,0xe9f8338c,0x0e0531f0,0x7a874dc9 } },
-    /* 57 */
-    { { 0x97c27050,0x84b22d45,0x59e70bf8,0xbd0b8df7,0x79738b9b,0xb4d67405,
-        0xcd917c4f,0x47f4d5f5,0x13ce6e33,0x9099c4ce,0x521d0f8b,0x942bfd39 },
-      { 0xa43b566d,0x5028f0f6,0x21bff7de,0xaf6e8669,0xc44232cd,0x83f6f856,
-        0xf915069a,0x65680579,0xecfecb85,0xd12095a2,0xdb01ba16,0xcf7f06ae } },
-    /* 58 */
-    { { 0x8ef96c80,0x0f56e3c4,0x3ddb609c,0xd521f2b3,0x7dc1450d,0x2be94102,
-        0x02a91fe2,0x2d21a071,0x1efa37de,0x2e6f74fa,0x156c28a1,0x9a9a90b8 },
-      { 0x9dc7dfcb,0xc54ea9ea,0x2c2c1d62,0xc74e66fc,0x49d3e067,0x9f23f967,
-        0x54dd38ad,0x1c7c3a46,0x5946cee3,0xc7005884,0x45cc045d,0x89856368 } },
-    /* 59 */
-    { { 0xfce73946,0x29da7cd4,0x23168563,0x8f697db5,0xcba92ec6,0x8e235e9c,
-        0x9f91d3ea,0x55d4655f,0xaa50a6cd,0xf3689f23,0x21e6a1a0,0xdcf21c26 },
-      { 0x61b818bf,0xcffbc82e,0xda47a243,0xc74a2f96,0x8bc1a0cf,0x234e980a,
-        0x7929cb6d,0xf35fd6b5,0xefe17d6c,0x81468e12,0x58b2dafb,0xddea6ae5 } },
-    /* 60 */
-    { { 0x7e787b2e,0x294de887,0x39a9310d,0x258acc1f,0xac14265d,0x92d9714a,
-        0x708b48a0,0x18b5591c,0xe1abbf71,0x27cc6bb0,0x568307b9,0xc0581fa3 },
-      { 0xf24d4d58,0x9e0f58a3,0xe0ce2327,0xfebe9bb8,0x9d1be702,0x91fd6a41,
-        0xfacac993,0x9a7d8a45,0x9e50d66d,0xabc0a08c,0x06498201,0x02c342f7 } },
-    /* 61 */
-    { { 0x157bdbc2,0xccd71407,0xad0e1605,0x72fa89c6,0xb92a015f,0xb1d3da2b,
-        0xa0a3fe56,0x8ad9e7cd,0x24f06737,0x160edcbd,0x61275be6,0x79d4db33 },
-      { 0x5f3497c4,0xd3d31fd9,0x04192fb0,0x8cafeaee,0x13a50af3,0xe13ca745,
-        0x8c85aae5,0x18826167,0x9eb556ff,0xce06cea8,0xbdb549f3,0x2eef1995 } },
-    /* 62 */
-    { { 0x50596edc,0x8ed7d3eb,0x905243a2,0xaa359362,0xa4b6d02b,0xa212c2c2,
-        0xc4fbec68,0x611fd727,0xb84f733d,0x8a0b8ff7,0x5f0daf0e,0xd85a6b90 },
-      { 0xd4091cf7,0x60e899f5,0x2eff2768,0x4fef2b67,0x10c33964,0xc1f195cb,
-        0x93626a8f,0x8275d369,0x0d6c840a,0xc77904f4,0x7a868acd,0x88d8b7fd } },
-    /* 63 */
-    { { 0x7bd98425,0x85f23723,0xc70b154e,0xd4463992,0x96687a2e,0xcbb00ee2,
-        0xc83214fd,0x905fdbf7,0x13593684,0x2019d293,0xef51218e,0x0428c393 },
-      { 0x981e909a,0x40c7623f,0x7be192da,0x92513385,0x4010907e,0x48fe480f,
-        0x3120b459,0xdd7a187c,0xa1fd8f3c,0xc9d7702d,0xe358efc5,0x66e4753b } },
-    /* 64 */
-    { { 0x16973cf4,0x070d34e1,0x7e4f34f7,0x20aee08b,0x5eb8ad29,0x269af9b9,
-        0xa6a45dda,0xdde0a036,0x63df41e0,0xa18b528e,0xa260df2a,0x03cc71b2 },
-      { 0xa06b1dd7,0x24a6770a,0x9d2675d3,0x5bfa9c11,0x96844432,0x73c1e2a1,
-        0x131a6cf0,0x3660558d,0x2ee79454,0xb0289c83,0xc6d8ddcd,0xa6aefb01 } },
-    /* 65 */
-    { { 0x01ab5245,0xba1464b4,0xc48d93ff,0x9b8d0b6d,0x93ad272c,0x939867dc,
-        0xae9fdc77,0xbebe085e,0x894ea8bd,0x73ae5103,0x39ac22e1,0x740fc89a },
-      { 0x28e23b23,0x5e28b0a3,0xe13104d0,0x2352722e,0xb0a2640d,0xf4667a18,
-        0x49bb37c3,0xac74a72e,0xe81e183a,0x79f734f0,0x3fd9c0eb,0xbffe5b6c } },
-    /* 66 */
-    { { 0xc6a2123f,0xb1a358f5,0xfe28df6d,0x927b2d95,0xf199d2f9,0x89702753,
-        0x1a3f82dc,0x0a73754c,0x777affe1,0x063d029d,0xdae6d34d,0x5439817e },
-      { 0x6b8b83c4,0xf7979eef,0x9d945682,0x615cb214,0xc5e57eae,0x8f0e4fac,
-        0x113047dd,0x042b89b8,0x93f36508,0x888356dc,0x5fd1f32f,0xbf008d18 } },
-    /* 67 */
-    { { 0x4e8068db,0x8012aa24,0xa5729a47,0xc72cc641,0x43f0691d,0x3c33df2c,
-        0x1d92145f,0xfa057347,0xb97f7946,0xaefc0f2f,0x2f8121bf,0x813d75cb },
-      { 0x4383bba6,0x05613c72,0xa4224b3f,0xa924ce70,0x5f2179a6,0xe59cecbe,
-        0x79f62b61,0x78e2e8aa,0x53ad8079,0x3ac2cc3b,0xd8f4fa96,0x55518d71 } },
-    /* 68 */
-    { { 0x00623f3b,0x03cf2922,0x5f29ebff,0x095c7111,0x80aa6823,0x42d72247,
-        0x7458c0b0,0x044c7ba1,0x0959ec20,0xca62f7ef,0xf8ca929f,0x40ae2ab7 },
-      { 0xa927b102,0xb8c5377a,0xdc031771,0x398a86a0,0xc216a406,0x04908f9d,
-        0x918d3300,0xb423a73a,0xe0b94739,0x634b0ff1,0x2d69f697,0xe29de725 } },
-    /* 69 */
-    { { 0x8435af04,0x744d1400,0xfec192da,0x5f255b1d,0x336dc542,0x1f17dc12,
-        0x636a68a8,0x5c90c2a7,0x7704ca1e,0x960c9eb7,0x6fb3d65a,0x9de8cf1e },
-      { 0x511d3d06,0xc60fee0d,0xf9eb52c7,0x466e2313,0x206b0914,0x743c0f5f,
-        0x2191aa4d,0x42f55bac,0xffebdbc2,0xcefc7c8f,0xe6e8ed1c,0xd4fa6081 } },
-    /* 70 */
-    { { 0xb0ab9645,0xb5e405d3,0xd5f1f711,0xaeec7f98,0x585c2a6e,0x8ad42311,
-        0x512c6944,0x045acb9e,0xa90db1c6,0xae106c4e,0x898e6563,0xb89f33d5 },
-      { 0x7fed2ce4,0x43b07cd9,0xdd815b20,0xf9934e17,0x0a81a349,0x6778d4d5,
-        0x52918061,0x9e616ade,0xd7e67112,0xfa06db06,0x88488091,0x1da23cf1 } },
-    /* 71 */
-    { { 0x42f2c4b5,0x821c46b3,0x66059e47,0x931513ef,0x66f50cd1,0x7030ae43,
-        0x43e7b127,0x43b536c9,0x5fca5360,0x006258cf,0x6b557abf,0xe4e3ee79 },
-      { 0x24c8b22f,0xbb6b3900,0xfcbf1054,0x2eb5e2c1,0x567492af,0x937b18c9,
-        0xacf53957,0xf09432e4,0x1dbf3a56,0x585f5a9d,0xbe0887cf,0xf86751fd } },
-    /* 72 */
-    { { 0x9d10e0b2,0x157399cb,0x60dc51b7,0x1c0d5956,0x1f583090,0x1d496b8a,
-        0x88590484,0x6658bc26,0x03213f28,0x88c08ab7,0x7ae58de4,0x8d2e0f73 },
-      { 0x486cfee6,0x9b79bc95,0xe9e5bc57,0x036a26c7,0xcd8ae97a,0x1ad03601,
-        0xff3a0494,0x06907f87,0x2c7eb584,0x078f4bbf,0x7e8d0a5a,0xe3731bf5 } },
-    /* 73 */
-    { { 0xe1cd0abe,0x72f2282b,0x87efefa2,0xd4f9015e,0x6c3834bd,0x9d189806,
-        0xb8a29ced,0x9c8cdcc1,0xfee82ebc,0x0601b9f4,0x7206a756,0x371052bc },
-      { 0x46f32562,0x76fa1092,0x17351bb4,0xdaad534c,0xb3636bb5,0xc3d64c37,
-        0x45d54e00,0x038a8c51,0x32c09e7c,0x301e6180,0x95735151,0x9764eae7 } },
-    /* 74 */
-    { { 0xcbd5256a,0x8791b19f,0x6ca13a3b,0x4007e0f2,0x4cf06904,0x03b79460,
-        0xb6c17589,0xb18a9c22,0x81d45908,0xa1cb7d7d,0x21bb68f1,0x6e13fa9d },
-      { 0xa71e6e16,0x47183c62,0xe18749ed,0x5cf0ef8e,0x2e5ed409,0x2c9c7f9b,
-        0xe6e117e1,0x042eeacc,0x13fb5a7f,0xb86d4816,0xc9e5feb1,0xea1cf0ed } },
-    /* 75 */
-    { { 0xcea4cc9b,0x6e6573c9,0xafcec8f3,0x5417961d,0xa438b6f6,0x804bf02a,
-        0xdcd4ea88,0xb894b03c,0x3799571f,0xd0f807e9,0x862156e8,0x3466a7f5 },
-      { 0x56515664,0x51e59acd,0xa3c5eb0b,0x55b0f93c,0x6a4279db,0x84a06b02,
-        0xc5fae08e,0x5c850579,0xa663a1a2,0xcf07b8db,0xf46ffc8d,0x49a36bbc } },
-    /* 76 */
-    { { 0x46d93106,0xe47f5acc,0xaa897c9c,0x65b7ade0,0x12d7e4be,0x37cf4c94,
-        0xd4b2caa9,0xa2ae9b80,0xe60357a3,0x5e7ce09c,0xc8ecd5f9,0x29f77667 },
-      { 0xa8a0b1c5,0xdf6868f5,0x62978ad8,0x240858cf,0xdc0002a1,0x0f7ac101,
-        0xffe9aa05,0x1d28a9d7,0x5b962c97,0x744984d6,0x3d28c8b2,0xa8a7c00b } },
-    /* 77 */
-    { { 0xae11a338,0x7c58a852,0xd1af96e7,0xa78613f1,0x5355cc73,0x7e9767d2,
-        0x792a2de6,0x6ba37009,0x124386b2,0x7d60f618,0x11157674,0xab09b531 },
-      { 0x98eb9dd0,0x95a04841,0x15070328,0xe6c17acc,0x489c6e49,0xafc6da45,
-        0xbb211530,0xab45a60a,0x7d7ea933,0xc58d6592,0x095642c6,0xa3ef3c65 } },
-    /* 78 */
-    { { 0xdf010879,0x89d420e9,0x39576179,0x9d25255d,0xe39513b6,0x9cdefd50,
-        0xd5d1c313,0xe4efe45b,0x3f7af771,0xc0149de7,0x340ab06b,0x55a6b4f4 },
-      { 0xebeaf771,0xf1325251,0x878d4288,0x2ab44128,0x18e05afe,0xfcd5832e,
-        0xcc1fb62b,0xef52a348,0xc1c4792a,0x2bd08274,0x877c6dc7,0x345c5846 } },
-    /* 79 */
-    { { 0xbea65e90,0xde15ceb0,0x2416d99c,0x0987f72b,0xfd863dec,0x44db578d,
-        0xac6a3578,0xf617b74b,0xdb48e999,0x9e62bd7a,0xeab1a1be,0x877cae61 },
-      { 0x3a358610,0x23adddaa,0x325e2b07,0x2fc4d6d1,0x1585754e,0x897198f5,
-        0xb392b584,0xf741852c,0xb55f7de1,0x9927804c,0x1aa8efae,0xe9e6c4ed } },
-    /* 80 */
-    { { 0x98683186,0x867db639,0xddcc4ea9,0xfb5cf424,0xd4f0e7bd,0xcc9a7ffe,
-        0x7a779f7e,0x7c57f71c,0xd6b25ef2,0x90774079,0xb4081680,0x90eae903 },
-      { 0x0ee1fceb,0xdf2aae5e,0xe86c1a1f,0x3ff1da24,0xca193edf,0x80f587d6,
-        0xdc9b9d6a,0xa5695523,0x85920303,0x7b840900,0xba6dbdef,0x1efa4dfc } },
-    /* 81 */
-    { { 0xe0540015,0xfbd838f9,0xc39077dc,0x2c323946,0xad619124,0x8b1fb9e6,
-        0x0ca62ea8,0x9612440c,0x2dbe00ff,0x9ad9b52c,0xae197643,0xf52abaa1 },
-      { 0x2cac32ad,0xd0e89894,0x62a98f91,0xdfb79e42,0x276f55cb,0x65452ecf,
-        0x7ad23e12,0xdb1ac0d2,0xde4986f0,0xf68c5f6a,0x82ce327d,0x389ac37b } },
-    /* 82 */
-    { { 0xf8e60f5b,0x511188b4,0x48aa2ada,0x7fe67015,0x381abca2,0xdb333cb8,
-        0xdaf3fc97,0xb15e6d9d,0x36aabc03,0x4b24f6eb,0x72a748b4,0xc59789df },
-      { 0x29cf5279,0x26fcb8a5,0x01ad9a6c,0x7a3c6bfc,0x4b8bac9b,0x866cf88d,
-        0x9c80d041,0xf4c89989,0x70add148,0xf0a04241,0x45d81a41,0x5a02f479 } },
-    /* 83 */
-    { { 0xc1c90202,0xfa5c877c,0xf8ac7570,0xd099d440,0xd17881f7,0x428a5b1b,
-        0x5b2501d7,0x61e267db,0xf2e4465b,0xf889bf04,0x76aa4cb8,0x4da3ae08 },
-      { 0xe3e66861,0x3ef0fe26,0x3318b86d,0x5e772953,0x747396df,0xc3c35fbc,
-        0x439ffd37,0x5115a29c,0xb2d70374,0xbfc4bd97,0x56246b9d,0x088630ea } },
-    /* 84 */
-    { { 0xb8a9e8c9,0xcd96866d,0x5bb8091e,0xa11963b8,0x045b3cd2,0xc7f90d53,
-        0x80f36504,0x755a72b5,0x21d3751c,0x46f8b399,0x53c193de,0x4bffdc91 },
-      { 0xb89554e7,0xcd15c049,0xf7a26be6,0x353c6754,0xbd41d970,0x79602370,
-        0x12b176c0,0xde16470b,0x40c8809d,0x56ba1175,0xe435fb1e,0xe2db35c3 } },
-    /* 85 */
-    { { 0x6328e33f,0xd71e4aab,0xaf8136d1,0x5486782b,0x86d57231,0x07a4995f,
-        0x1651a968,0xf1f0a5bd,0x76803b6d,0xa5dc5b24,0x42dda935,0x5c587cbc },
-      { 0xbae8b4c0,0x2b6cdb32,0xb1331138,0x66d1598b,0x5d7e9614,0x4a23b2d2,
-        0x74a8c05d,0x93e402a6,0xda7ce82e,0x45ac94e6,0xe463d465,0xeb9f8281 } },
-    /* 86 */
-    { { 0xfecf5b9b,0x34e0f9d1,0xf206966a,0xa115b12b,0x1eaa0534,0x5591cf3b,
-        0xfb1558f9,0x5f0293cb,0x1bc703a5,0x1c8507a4,0x862c1f81,0x92e6b81c },
-      { 0xcdaf24e3,0xcc9ebc66,0x72fcfc70,0x68917ecd,0x8157ba48,0x6dc9a930,
-        0xb06ab2b2,0x5d425c08,0x36e929c4,0x362f8ce7,0x62e89324,0x09f6f57c } },
-    /* 87 */
-    { { 0xd29375fb,0x1c7d6b78,0xe35d1157,0xfabd851e,0x4243ea47,0xf6f62dcd,
-        0x8fe30b0f,0x1dd92460,0xffc6e709,0x08166dfa,0x0881e6a7,0xc6c4c693 },
-      { 0xd6a53fb0,0x20368f87,0x9eb4d1f9,0x38718e9f,0xafd7e790,0x03f08acd,
-        0x72fe2a1c,0x0835eb44,0x88076e5d,0x7e050903,0xa638e731,0x538f765e } },
-    /* 88 */
-    { { 0xc2663b4b,0x0e0249d9,0x47cd38dd,0xe700ab5b,0x2c46559f,0xb192559d,
-        0x4bcde66d,0x8f9f74a8,0x3e2aced5,0xad161523,0x3dd03a5b,0xc155c047 },
-      { 0x3be454eb,0x346a8799,0x83b7dccd,0x66ee94db,0xab9d2abe,0x1f6d8378,
-        0x7733f355,0x4a396dd2,0xf53553c2,0x419bd40a,0x731dd943,0xd0ead98d } },
-    /* 89 */
-    { { 0xec142408,0x908e0b0e,0x4114b310,0x98943cb9,0x1742b1d7,0x03dbf7d8,
-        0x693412f4,0xd270df6b,0x8f69e20c,0xc5065494,0x697e43a1,0xa76a90c3 },
-      { 0x4624825a,0xe0fa3384,0x8acc34c2,0x82e48c0b,0xe9a14f2b,0x7b24bd14,
-        0x4db30803,0x4f5dd5e2,0x932da0a3,0x0c77a9e7,0x74c653dc,0x20db90f2 } },
-    /* 90 */
-    { { 0x0e6c5fd9,0x261179b7,0x6c982eea,0xf8bec123,0xd4957b7e,0x47683338,
-        0x0a72f66a,0xcc47e664,0x1bad9350,0xbd54bf6a,0xf454e95a,0xdfbf4c6a },
-      { 0x6907f4fa,0x3f7a7afa,0x865ca735,0x7311fae0,0x2a496ada,0x24737ab8,
-        0x15feb79b,0x13e425f1,0xa1b93c21,0xe9e97c50,0x4ddd3eb5,0xb26b6eac } },
-    /* 91 */
-    { { 0x2a2e5f2b,0x81cab9f5,0xbf385ac4,0xf93caf29,0xc909963a,0xf4bf35c3,
-        0x74c9143c,0x081e7300,0xc281b4c5,0x3ea57fa8,0x9b340741,0xe497905c },
-      { 0x55ab3cfb,0xf556dd8a,0x518db6ad,0xd444b96b,0x5ef4b955,0x34f5425a,
-        0xecd26aa3,0xdda7a3ac,0xda655e97,0xb57da11b,0xc2024c70,0x02da3eff } },
-    /* 92 */
-    { { 0x6481d0d9,0xe24b0036,0x818fdfe2,0x3740dbe5,0x190fda00,0xc1fc1f45,
-        0x3cf27fde,0x329c9280,0x6934f43e,0x7435cb53,0x7884e8fe,0x2b505a5d },
-      { 0x711adcc9,0x6cfcc6a6,0x531e21e1,0xf034325c,0x9b2a8a99,0xa2f4a967,
-        0x3c21bdff,0x9d5f3842,0x31b57d66,0xb25c7811,0x0b8093b9,0xdb5344d8 } },
-    /* 93 */
-    { { 0xae50a2f5,0x0d72e667,0xe4a861d1,0x9b7f8d8a,0x330df1cb,0xa129f70f,
-        0xe04fefc3,0xe90aa5d7,0xe72c3ae1,0xff561ecb,0xcdb955fa,0x0d8fb428 },
-      { 0xd7663784,0xd2235f73,0x7e2c456a,0xc05baec6,0x2adbfccc,0xe5c292e4,
-        0xefb110d5,0x4fd17988,0xd19d49f3,0x27e57734,0x84f679fe,0x188ac4ce } },
-    /* 94 */
-    { { 0xa796c53e,0x7ee344cf,0x0868009b,0xbbf6074d,0x474a1295,0x1f1594f7,
-        0xac11632d,0x66776edc,0x04e2fa5a,0x1862278b,0xc854a89a,0x52665cf2 },
-      { 0x8104ab58,0x7e376464,0x7204fd6d,0x16775913,0x44ea1199,0x86ca06a5,
-        0x1c9240dd,0xaa3f765b,0x24746149,0x5f8501a9,0xdcd251d7,0x7b982e30 } },
-    /* 95 */
-    { { 0xc15f3060,0xe44e9efc,0xa87ebbe6,0x5ad62f2e,0xc79500d4,0x36499d41,
-        0x336fa9d1,0xa66d6dc0,0x5afd3b1f,0xf8afc495,0xe5c9822b,0x1d8ccb24 },
-      { 0x79d7584b,0x4031422b,0xea3f20dd,0xc54a0580,0x958468c5,0x3f837c8f,
-        0xfbea7735,0x3d82f110,0x7dffe2fc,0x679a8778,0x20704803,0x48eba63b } },
-    /* 96 */
-    { { 0xdf46e2f6,0x89b10d41,0x19514367,0x13ab57f8,0x1d469c87,0x067372b9,
-        0x4f6c5798,0x0c195afa,0x272c9acf,0xea43a12a,0x678abdac,0x9dadd8cb },
-      { 0xe182579a,0xcce56c6b,0x2d26c2d8,0x86febadb,0x2a44745c,0x1c668ee1,
-        0x98dc047a,0x580acd86,0x51b9ec2d,0x5a2b79cc,0x4054f6a0,0x007da608 } },
-    /* 97 */
-    { { 0x17b00dd0,0x9e3ca352,0x0e81a7a6,0x046779cb,0xd482d871,0xb999fef3,
-        0xd9233fbc,0xe6f38134,0xf48cd0e0,0x112c3001,0x3c6c66ae,0x934e7576 },
-      { 0xd73234dc,0xb44d4fc3,0x864eafc1,0xfcae2062,0x26bef21a,0x843afe25,
-        0xf3b75fdf,0x61355107,0x794c2e6b,0x8367a5aa,0x8548a372,0x3d2629b1 } },
-    /* 98 */
-    { { 0x437cfaf8,0x6230618f,0x2032c299,0x5b8742cb,0x2293643a,0x949f7247,
-        0x09464f79,0xb8040f1a,0x4f254143,0x049462d2,0x366c7e76,0xabd6b522 },
-      { 0xd5338f55,0x119b392b,0x01495a0c,0x1a80a9ce,0xf8d7537e,0xf3118ca7,
-        0x6bf4b762,0xb715adc2,0xa8482b6c,0x24506165,0x96a7c84d,0xd958d7c6 } },
-    /* 99 */
-    { { 0xbdc21f31,0x9ad8aa87,0x8063e58c,0xadb3cab4,0xb07dd7b8,0xefd86283,
-        0x1be7c6b4,0xc7b9b762,0x015582de,0x2ef58741,0x299addf3,0xc970c52e },
-      { 0x22f24d66,0x78f02e2a,0x74cc100a,0xefec1d10,0x09316e1a,0xaf2a6a39,
-        0x5849dd49,0xce7c2205,0x96bffc4c,0x9c1fe75c,0x7ba06ec0,0xcad98fd2 } },
-    /* 100 */
-    { { 0xb648b73e,0xed76e2d0,0x1cfd285e,0xa9f92ce5,0x2ed13de1,0xa8c86c06,
-        0xa5191a93,0x1d3a574e,0x1ad1b8bf,0x385cdf8b,0x47d2cfe3,0xbbecc28a },
-      { 0x69cec548,0x98d326c0,0xf240a0b2,0x4f5bc1dd,0x29057236,0x241a7062,
-        0xc68294a4,0x0fc6e9c5,0xa319f17a,0x4d04838b,0x9ffc1c6f,0x8b612cf1 } },
-    /* 101 */
-    { { 0x4c3830eb,0x9bb0b501,0x8ee0d0c5,0x3d08f83c,0x79ba9389,0xa4a62642,
-        0x9cbc2914,0x5d5d4044,0x074c46f0,0xae9eb83e,0x74ead7d6,0x63bb758f },
-      { 0xc6bb29e0,0x1c40d2ea,0x4b02f41e,0x95aa2d87,0x53cb199a,0x92989175,
-        0x51584f6d,0xdd91bafe,0x31a1aaec,0x3715efb9,0x46780f9e,0xc1b6ae5b } },
-    /* 102 */
-    { { 0x42772f41,0xcded3e4b,0x3bcb79d1,0x3a700d5d,0x80feee60,0x4430d50e,
-        0xf5e5d4bb,0x444ef1fc,0xe6e358ff,0xc660194f,0x6a91b43c,0xe68a2f32 },
-      { 0x977fe4d2,0x5842775c,0x7e2a41eb,0x78fdef5c,0xff8df00e,0x5f3bec02,
-        0x5852525d,0xf4b840cd,0x4e6988bd,0x0870483a,0xcc64b837,0x39499e39 } },
-    /* 103 */
-    { { 0xb08df5fe,0xfc05de80,0x63ba0362,0x0c12957c,0xd5cf1428,0xea379414,
-        0x54ef6216,0xc559132a,0xb9e65cf8,0x33d5f12f,0x1695d663,0x09c60278 },
-      { 0x61f7a2fb,0x3ac1ced4,0xd4f5eeb8,0xdd838444,0x8318fcad,0x82a38c6c,
-        0xe9f1a864,0x315be2e5,0x442daf47,0x317b5771,0x95aa5f9e,0x81b5904a } },
-    /* 104 */
-    { { 0x8b21d232,0x6b6b1c50,0x8c2cba75,0x87f3dbc0,0xae9f0faf,0xa7e74b46,
-        0xbb7b8079,0x036a0985,0x8d974a25,0x4f185b90,0xd9af5ec9,0x5aa7cef0 },
-      { 0x57dcfffc,0xe0566a70,0xb8453225,0x6ea311da,0x23368aa9,0x72ea1a8d,
-        0x48cd552d,0xed9b2083,0xc80ea435,0xb987967c,0x6c104173,0xad735c75 } },
-    /* 105 */
-    { { 0xcee76ef4,0xaea85ab3,0xaf1d2b93,0x44997444,0xeacb923f,0x0851929b,
-        0x51e3bc0c,0xb080b590,0x59be68a2,0xc4ee1d86,0x64b26cda,0xf00de219 },
-      { 0xf2e90d4d,0x8d7fb5c0,0x77d9ec64,0x00e219a7,0x5d1c491c,0xc4e6febd,
-        0x1a8f4585,0x080e3754,0x48d2af9c,0x4a9b86c8,0xb6679851,0x2ed70db6 } },
-    /* 106 */
-    { { 0x586f25cb,0xaee44116,0xa0fcf70f,0xf7b6861f,0x18a350e8,0x55d2cd20,
-        0x92dc286f,0x861bf3e5,0x6226aba7,0x9ab18ffa,0xa9857b03,0xd15827be },
-      { 0x92e6acef,0x26c1f547,0xac1fbac3,0x422c63c8,0xfcbfd71d,0xa2d8760d,
-        0xb2511224,0x35f6a539,0x048d1a21,0xbaa88fa1,0xebf999db,0x49f1abe9 } },
-    /* 107 */
-    { { 0xf7492b73,0x16f9f4f4,0xcb392b1a,0xcf28ec1e,0x69ca6ffc,0x45b130d4,
-        0xb72efa58,0x28ba8d40,0x5ca066f5,0xace987c7,0x4ad022eb,0x3e399246 },
-      { 0x752555bb,0x63a2d84e,0x9c2ae394,0xaaa93b4a,0xc89539ca,0xcd80424e,
-        0xaa119a99,0x6d6b5a6d,0x379f2629,0xbd50334c,0xef3cc7d3,0x899e925e } },
-    /* 108 */
-    { { 0xbf825dc4,0xb7ff3651,0x40b9c462,0x0f741cc4,0x5cc4fb5b,0x771ff5a9,
-        0x47fd56fe,0xcb9e9c9b,0x5626c0d3,0xbdf053db,0xf7e14098,0xa97ce675 },
-      { 0x6c934f5e,0x68afe5a3,0xccefc46f,0x6cd5e148,0xd7a88586,0xc7758570,
-        0xdd558d40,0x49978f5e,0x64ae00c1,0xa1d5088a,0xf1d65bb2,0x58f2a720 } },
-    /* 109 */
-    { { 0x3e4daedb,0x66fdda4a,0x65d1b052,0x38318c12,0x4c4bbf5c,0x28d910a2,
-        0x78a9cd14,0x762fe5c4,0xd2cc0aee,0x08e5ebaa,0xca0c654c,0xd2cdf257 },
-      { 0x08b717d2,0x48f7c58b,0x386cd07a,0x3807184a,0xae7d0112,0x3240f626,
-        0xc43917b0,0x03e9361b,0x20aea018,0xf261a876,0x7e1e6372,0x53f556a4 } },
-    /* 110 */
-    { { 0x2f512a90,0xc84cee56,0x1b0ea9f1,0x24b3c004,0xe26cc1ea,0x0ee15d2d,
-        0xf0c9ef7d,0xd848762c,0xd5341435,0x1026e9c5,0xfdb16b31,0x8f5b73dc },
-      { 0xd2c75d95,0x1f69bef2,0xbe064dda,0x8d33d581,0x57ed35e6,0x8c024c12,
-        0xc309c281,0xf8d435f9,0xd6960193,0xfd295061,0xe9e49541,0x66618d78 } },
-    /* 111 */
-    { { 0x8ce382de,0x571cfd45,0xde900dde,0x175806ee,0x34aba3b5,0x61849965,
-        0xde7aec95,0xe899778a,0xff4aa97f,0xe8f00f6e,0x010b0c6d,0xae971cb5 },
-      { 0x3af788f1,0x1827eebc,0xe413fe2d,0xd46229ff,0x4741c9b4,0x8a15455b,
-        0xf8e424eb,0x5f02e690,0xdae87712,0x40a1202e,0x64944f6d,0x49b3bda2 } },
-    /* 112 */
-    { { 0x035b2d69,0xd63c6067,0x6bed91b0,0xb507150d,0x7afb39b2,0x1f35f82f,
-        0x16012b66,0xb9bd9c01,0xed0a5f50,0x00d97960,0x2716f7c9,0xed705451 },
-      { 0x127abdb4,0x1576eff4,0xf01e701c,0x6850d698,0x3fc87e2f,0x9fa7d749,
-        0xb0ce3e48,0x0b6bcc6f,0xf7d8c1c0,0xf4fbe1f5,0x02719cc6,0xcf75230e } },
-    /* 113 */
-    { { 0x722d94ed,0x6761d6c2,0x3718820e,0xd1ec3f21,0x25d0e7c6,0x65a40b70,
-        0xbaf3cf31,0xd67f830e,0xb93ea430,0x633b3807,0x0bc96c69,0x17faa0ea },
-      { 0xdf866b98,0xe6bf3482,0xa9db52d4,0x205c1ee9,0xff9ab869,0x51ef9bbd,
-        0x75eeb985,0x3863dad1,0xd3cf442a,0xef216c3b,0xf9c8e321,0x3fb228e3 } },
-    /* 114 */
-    { { 0x0760ac07,0x94f9b70c,0x9d79bf4d,0xf3c9ccae,0xc5ffc83d,0x73cea084,
-        0xdc49c38e,0xef50f943,0xbc9e7330,0xf467a2ae,0x44ea7fba,0x5ee534b6 },
-      { 0x03609e7f,0x20cb6272,0x62fdc9f0,0x09844355,0x0f1457f7,0xaf5c8e58,
-        0xb4b25941,0xd1f50a6c,0x2ec82395,0x77cb247c,0xda3dca33,0xa5f3e1e5 } },
-    /* 115 */
-    { { 0x7d85fa94,0x023489d6,0x2db9ce47,0x0ba40537,0xaed7aad1,0x0fdf7a1f,
-        0x9a4ccb40,0xa57b0d73,0x5b18967c,0x48fcec99,0xb7274d24,0xf30b5b6e },
-      { 0xc81c5338,0x7ccb4773,0xa3ed6bd0,0xb85639e6,0x1d56eada,0x7d9df95f,
-        0x0a1607ad,0xe256d57f,0x957574d6,0x6da7ffdc,0x01c7a8c4,0x65f84046 } },
-    /* 116 */
-    { { 0xcba1e7f1,0x8d45d0cb,0x02b55f64,0xef0a08c0,0x17e19892,0x771ca31b,
-        0x4885907e,0xe1843ecb,0x364ce16a,0x67797ebc,0x8df4b338,0x816d2b2d },
-      { 0x39aa8671,0xe870b0e5,0xc102b5f5,0x9f0db3e4,0x1720c697,0x34296659,
-        0x613c0d2a,0x0ad4c89e,0x418ddd61,0x1af900b2,0xd336e20e,0xe087ca72 } },
-    /* 117 */
-    { { 0xaba10079,0x222831ff,0x6d64fff2,0x0dc5f87b,0x3e8cb330,0x44547907,
-        0x702a33fb,0xe815aaa2,0x5fba3215,0x338d6b2e,0x79f549c8,0x0f7535cb },
-      { 0x2ee95923,0x471ecd97,0xc6d1c09f,0x1e868b37,0xc666ef4e,0x2bc7b8ec,
-        0x808a4bfc,0xf5416589,0x3fbc4d2e,0xf23e9ee2,0x2d75125b,0x4357236c } },
-    /* 118 */
-    { { 0xba9cdb1b,0xfe176d95,0x2f82791e,0x45a1ca01,0x4de4cca2,0x97654af2,
-        0x5cc4bcb9,0xbdbf9d0e,0xad97ac0a,0xf6a7df50,0x61359fd6,0xc52112b0 },
-      { 0x4f05eae3,0x696d9ce3,0xe943ac2b,0x903adc02,0x0848be17,0xa9075347,
-        0x2a3973e5,0x1e20f170,0x6feb67e9,0xe1aacc1c,0xe16bc6b9,0x2ca0ac32 } },
-    /* 119 */
-    { { 0xef871eb5,0xffea12e4,0xa8bf0a7a,0x94c2f25d,0x78134eaa,0x4d1e4c2a,
-        0x0360fb10,0x11ed16fb,0x85fc11be,0x4029b6db,0xf4d390fa,0x5e9f7ab7 },
-      { 0x30646612,0x5076d72f,0xdda1d0d8,0xa0afed1d,0x85a1d103,0x29022257,
-        0x4e276bcd,0xcb499e17,0x51246c3d,0x16d1da71,0x589a0443,0xc72d56d3 } },
-    /* 120 */
-    { { 0xdae5bb45,0xdf5ffc74,0x261bd6dc,0x99068c4a,0xaa98ec7b,0xdc0afa7a,
-        0xf121e96d,0xedd2ee00,0x1414045c,0x163cc7be,0x335af50e,0xb0b1bbce },
-      { 0x01a06293,0xd440d785,0x6552e644,0xcdebab7c,0x8c757e46,0x48cb8dbc,
-        0x3cabe3cb,0x81f9cf78,0xb123f59a,0xddd02611,0xeeb3784d,0x3dc7b88e } },
-    /* 121 */
-    { { 0xc4741456,0xe1b8d398,0x6032a121,0xa9dfa902,0x1263245b,0x1cbfc86d,
-        0x5244718c,0xf411c762,0x05b0fc54,0x96521d54,0xdbaa4985,0x1afab46e },
-      { 0x8674b4ad,0xa75902ba,0x5ad87d12,0x486b43ad,0x36e0d099,0x72b1c736,
-        0xbb6cd6d6,0x39890e07,0x59bace4e,0x8128999c,0x7b535e33,0xd8da430b } },
-    /* 122 */
-    { { 0xc6b75791,0x39f65642,0x21806bfb,0x050947a6,0x1362ef84,0x0ca3e370,
-        0x8c3d2391,0x9bc60aed,0x732e1ddc,0x9b488671,0xa98ee077,0x12d10d9e },
-      { 0x3651b7dc,0xb6f2822d,0x80abd138,0x6345a5ba,0x472d3c84,0x62033262,
-        0xacc57527,0xd54a1d40,0x424447cb,0x6ea46b3a,0x2fb1a496,0x5bc41057 } },
-    /* 123 */
-    { { 0xa751cd0e,0xe70c57a3,0xeba3c7d6,0x190d8419,0x9d47d55a,0xb1c3bee7,
-        0xf912c6d8,0xda941266,0x407a6ad6,0x12e9aacc,0x6e838911,0xd6ce5f11 },
-      { 0x70e1f2ce,0x063ca97b,0x8213d434,0xa3e47c72,0x84df810a,0xa016e241,
-        0xdfd881a4,0x688ad7b0,0xa89bf0ad,0xa37d99fc,0xa23c2d23,0xd8e3f339 } },
-    /* 124 */
-    { { 0x750bed6f,0xbdf53163,0x83e68b0a,0x808abc32,0x5bb08a33,0x85a36627,
-        0x6b0e4abe,0xf72a3a0f,0xfaf0c6ad,0xf7716d19,0x5379b25f,0x22dcc020 },
-      { 0xf9a56e11,0x7400bf8d,0x56a47f21,0x6cb8bad7,0x7a6eb644,0x7c97176f,
-        0xd1f5b646,0xe8fd84f7,0x44ddb054,0x98320a94,0x1dde86f5,0x07071ba3 } },
-    /* 125 */
-    { { 0x98f8fcb9,0x6fdfa0e5,0x94d0d70c,0x89cec8e0,0x106d20a8,0xa0899397,
-        0xba8acc9c,0x915bfb9a,0x5507e01c,0x1370c94b,0x8a821ffb,0x83246a60 },
-      { 0xbe3c378f,0xa8273a9f,0x35a25be9,0x7e544789,0x4dd929d7,0x6cfa4972,
-        0x365bd878,0x987fed9d,0x5c29a7ae,0x4982ac94,0x5ddd7ec5,0x4589a5d7 } },
-    /* 126 */
-    { { 0xa95540a9,0x9fabb174,0x0162c5b0,0x7cfb886f,0xea3dee18,0x17be766b,
-        0xe88e624c,0xff7da41f,0x8b919c38,0xad0b71eb,0xf31ff9a9,0x86a522e0 },
-      { 0x868bc259,0xbc8e6f72,0x3ccef9e4,0x6130c638,0x9a466555,0x09f1f454,
-        0x19b2bfb4,0x8e6c0f09,0x0ca7bb22,0x945c46c9,0x4dafb67b,0xacd87168 } },
-    /* 127 */
-    { { 0x10c53841,0x090c72ca,0x55a4fced,0xc20ae01b,0xe10234ad,0x03f7ebd5,
-        0x85892064,0xb3f42a6a,0xb4a14722,0xbdbc30c0,0x8ca124cc,0x971bc437 },
-      { 0x517ff2ff,0x6f79f46d,0xecba947b,0x6a9c96e2,0x62925122,0x5e79f2f4,
-        0x6a4e91f1,0x30a96bb1,0x2d4c72da,0x1147c923,0x5811e4df,0x65bc311f } },
-    /* 128 */
-    { { 0x139b3239,0x87c7dd7d,0x4d833bae,0x8b57824e,0x9fff0015,0xbcbc4878,
-        0x909eaf1a,0x8ffcef8b,0xf1443a78,0x9905f4ee,0xe15cbfed,0x020dd4a2 },
-      { 0xa306d695,0xca2969ec,0xb93caf60,0xdf940cad,0x87ea6e39,0x67f7fab7,
-        0xf98c4fe5,0x0d0ee10f,0xc19cb91e,0xc646879a,0x7d1d7ab4,0x4b4ea50c } },
-    /* 129 */
-    { { 0x7a0db57e,0x19e40945,0x9a8c9702,0xe6017cad,0x1be5cff9,0xdbf739e5,
-        0xa7a938a2,0x3646b3cd,0x68350dfc,0x04511085,0x56e098b5,0xad3bd6f3 },
-      { 0xee2e3e3e,0x935ebabf,0x473926cb,0xfbd01702,0x9e9fb5aa,0x7c735b02,
-        0x2e3feff0,0xc52a1b85,0x046b405a,0x9199abd3,0x39039971,0xe306fcec } },
-    /* 130 */
-    { { 0x23e4712c,0xd6d9aec8,0xc3c198ee,0x7ca8376c,0x31bebd8a,0xe6d83187,
-        0xd88bfef3,0xed57aff3,0xcf44edc7,0x72a645ee,0x5cbb1517,0xd4e63d0b },
-      { 0xceee0ecf,0x98ce7a1c,0x5383ee8e,0x8f012633,0xa6b455e8,0x3b879078,
-        0xc7658c06,0xcbcd3d96,0x0783336a,0x721d6fe7,0x5a677136,0xf21a7263 } },
-    /* 131 */
-    { { 0x9586ba11,0x19d8b3cd,0x8a5c0480,0xd9e0aeb2,0x2230ef5c,0xe4261dbf,
-        0x02e6bf09,0x095a9dee,0x80dc7784,0x8963723c,0x145157b1,0x5c97dbaf },
-      { 0x4bc4503e,0x97e74434,0x85a6b370,0x0fb1cb31,0xcd205d4b,0x3e8df2be,
-        0xf8f765da,0x497dd1bc,0x6c988a1a,0x92ef95c7,0x64dc4cfa,0x3f924baa } },
-    /* 132 */
-    { { 0x7268b448,0x6bf1b8dd,0xefd79b94,0xd4c28ba1,0xe4e3551f,0x2fa1f8c8,
-        0x5c9187a9,0x769e3ad4,0x40326c0d,0x28843b4d,0x50d5d669,0xfefc8094 },
-      { 0x90339366,0x30c85bfd,0x5ccf6c3a,0x4eeb56f1,0x28ccd1dc,0x0e72b149,
-        0xf2ce978e,0x73ee85b5,0x3165bb23,0xcdeb2bf3,0x4e410abf,0x8106c923 } },
-    /* 133 */
-    { { 0x7d02f4ee,0xc8df0161,0x18e21225,0x8a781547,0x6acf9e40,0x4ea895eb,
-        0x6e5a633d,0x8b000cb5,0x7e981ffb,0xf31d86d5,0x4475bc32,0xf5c8029c },
-      { 0x1b568973,0x764561ce,0xa62996ec,0x2f809b81,0xda085408,0x9e513d64,
-        0xe61ce309,0xc27d815d,0x272999e0,0x0da6ff99,0xfead73f7,0xbd284779 } },
-    /* 134 */
-    { { 0x9b1cdf2b,0x6033c2f9,0xbc5fa151,0x2a99cf06,0x12177b3b,0x7d27d259,
-        0xc4485483,0xb1f15273,0x102e2297,0x5fd57d81,0xc7f6acb7,0x3d43e017 },
-      { 0x3a70eb28,0x41a8bb0b,0x3e80b06b,0x67de2d8e,0x70c28de5,0x09245a41,
-        0xa7b26023,0xad7dbcb1,0x2cbc6c1e,0x70b08a35,0x9b33041f,0xb504fb66 } },
-    /* 135 */
-    { { 0xf97a27c2,0xa8e85ab5,0xc10a011b,0x6ac5ec8b,0xffbcf161,0x55745533,
-        0x65790a60,0x01780e85,0x99ee75b0,0xe451bf85,0x39c29881,0x8907a63b },
-      { 0x260189ed,0x76d46738,0x47bd35cb,0x284a4436,0x20cab61e,0xd74e8c40,
-        0x416cf20a,0x6264bf8c,0x5fd820ce,0xfa5a6c95,0xf24bb5fc,0xfa7154d0 } },
-    /* 136 */
-    { { 0x9b3f5034,0x18482cec,0xcd9e68fd,0x962d445a,0x95746f23,0x266fb1d6,
-        0x58c94a4b,0xc66ade5a,0xed68a5b6,0xdbbda826,0x7ab0d6ae,0x05664a4d },
-      { 0x025e32fc,0xbcd4fe51,0xa96df252,0x61a5aebf,0x31592a31,0xd88a07e2,
-        0x98905517,0x5d9d94de,0x5fd440e7,0x96bb4010,0xe807db4c,0x1b0c47a2 } },
-    /* 137 */
-    { { 0x08223878,0x5c2a6ac8,0xe65a5558,0xba08c269,0x9bbc27fd,0xd22b1b9b,
-        0x72b9607d,0x919171bf,0xe588dc58,0x9ab455f9,0x23662d93,0x6d54916e },
-      { 0x3b1de0c1,0x8da8e938,0x804f278f,0xa84d186a,0xd3461695,0xbf4988cc,
-        0xe10eb0cb,0xf5eae3be,0xbf2a66ed,0x1ff8b68f,0xc305b570,0xa68daf67 } },
-    /* 138 */
-    { { 0x44b2e045,0xc1004cff,0x4b1c05d4,0x91b5e136,0x88a48a07,0x53ae4090,
-        0xea11bb1a,0x73fb2995,0x3d93a4ea,0x32048570,0x3bfc8a5f,0xcce45de8 },
-      { 0xc2b3106e,0xaff4a97e,0xb6848b4f,0x9069c630,0xed76241c,0xeda837a6,
-        0x6cc3f6cf,0x8a0daf13,0x3da018a8,0x199d049d,0xd9093ba3,0xf867c6b1 } },
-    /* 139 */
-    { { 0x56527296,0xe4d42a56,0xce71178d,0xae26c73d,0x6c251664,0x70a0adac,
-        0x5dc0ae1d,0x813483ae,0xdaab2daf,0x7574eacd,0xc2d55f4f,0xc56b52dc },
-      { 0x95f32923,0x872bc167,0x5bdd2a89,0x4be17581,0xa7699f00,0x9b57f1e7,
-        0x3ac2de02,0x5fcd9c72,0x92377739,0x83af3ba1,0xfc50b97f,0xa64d4e2b } },
-    /* 140 */
-    { { 0x0e552b40,0x2172dae2,0xd34d52e8,0x62f49725,0x07958f98,0x7930ee40,
-        0x751fdd74,0x56da2a90,0xf53e48c3,0xf1192834,0x8e53c343,0x34d2ac26 },
-      { 0x13111286,0x1073c218,0xda9d9827,0x201dac14,0xee95d378,0xec2c29db,
-        0x1f3ee0b1,0x9316f119,0x544ce71c,0x7890c9f0,0x27612127,0xd77138af } },
-    /* 141 */
-    { { 0x3b4ad1cd,0x78045e6d,0x4aa49bc1,0xcd86b94e,0xfd677a16,0x57e51f1d,
-        0xfa613697,0xd9290935,0x34f4d893,0x7a3f9593,0x5d5fcf9b,0x8c9c248b },
-      { 0x6f70d4e9,0x9f23a482,0x63190ae9,0x17273454,0x5b081a48,0x4bdd7c13,
-        0x28d65271,0x1e2de389,0xe5841d1f,0x0bbaaa25,0x746772e5,0xc4c18a79 } },
-    /* 142 */
-    { { 0x593375ac,0x10ee2681,0x7dd5e113,0x4f3288be,0x240f3538,0x9a97b2fb,
-        0x1de6b1e2,0xfa11089f,0x1351bc58,0x516da562,0x2dfa85b5,0x573b6119 },
-      { 0x6cba7df5,0x89e96683,0x8c28ab40,0xf299be15,0xad43fcbf,0xe91c9348,
-        0x9a1cefb3,0xe9bbc7cc,0x738b2775,0xc8add876,0x775eaa01,0x6e3b1f2e } },
-    /* 143 */
-    { { 0xb677788b,0x0365a888,0x3fd6173c,0x634ae8c4,0x9e498dbe,0x30498761,
-        0xc8f779ab,0x08c43e6d,0x4c09aca9,0x068ae384,0x2018d170,0x2380c70b },
-      { 0xa297c5ec,0xcf77fbc3,0xca457948,0xdacbc853,0x336bec7e,0x3690de04,
-        0x14eec461,0x26bbac64,0x1f713abf,0xd1c23c7e,0xe6fd569e,0xf08bbfcd } },
-    /* 144 */
-    { { 0x84770ee3,0x5f8163f4,0x744a1706,0x0e0c7f94,0xe1b2d46d,0x9c8f05f7,
-        0xd01fd99a,0x417eafe7,0x11440e5b,0x2ba15df5,0x91a6fbcf,0xdc5c552a },
-      { 0xa270f721,0x86271d74,0xa004485b,0x32c0a075,0x8defa075,0x9d1a87e3,
-        0xbf0d20fe,0xb590a7ac,0x8feda1f5,0x430c41c2,0x58f6ec24,0x454d2879 } },
-    /* 145 */
-    { { 0x7c525435,0x52b7a635,0x37c4bdbc,0x3d9ef57f,0xdffcc475,0x2bb93e9e,
-        0x7710f3be,0xf7b8ba98,0x21b727de,0x42ee86da,0x2e490d01,0x55ac3f19 },
-      { 0xc0c1c390,0x487e3a6e,0x446cde7b,0x036fb345,0x496ae951,0x089eb276,
-        0x71ed1234,0xedfed4d9,0x900f0b46,0x661b0dd5,0x8582f0d3,0x11bd6f1b } },
-    /* 146 */
-    { { 0x076bc9d1,0x5cf9350f,0xcf3cd2c3,0x15d903be,0x25af031c,0x21cfc8c2,
-        0x8b1cc657,0xe0ad3248,0x70014e87,0xdd9fb963,0x297f1658,0xf0f3a5a1 },
-      { 0xf1f703aa,0xbb908fba,0x2f6760ba,0x2f9cc420,0x66a38b51,0x00ceec66,
-        0x05d645da,0x4deda330,0xf7de3394,0xb9cf5c72,0x1ad4c906,0xaeef6502 } },
-    /* 147 */
-    { { 0x7a19045d,0x0583c8b1,0xd052824c,0xae7c3102,0xff6cfa58,0x2a234979,
-        0x62c733c0,0xfe9dffc9,0x9c0c4b09,0x3a7fa250,0x4fe21805,0x516437bb },
-      { 0xc2a23ddb,0x9454e3d5,0x289c104e,0x0726d887,0x4fd15243,0x8977d918,
-        0x6d7790ba,0xc559e73f,0x465af85f,0x8fd3e87d,0x5feee46b,0xa2615c74 } },
-    /* 148 */
-    { { 0x4335167d,0xc8d607a8,0xe0f5c887,0x8b42d804,0x398d11f9,0x5f9f13df,
-        0x20740c67,0x5aaa5087,0xa3d9234b,0x83da9a6a,0x2a54bad1,0xbd3a5c4e },
-      { 0x2db0f658,0xdd13914c,0x5a3f373a,0x29dcb66e,0x5245a72b,0xbfd62df5,
-        0x91e40847,0x19d18023,0xb136b1ae,0xd9df74db,0x3f93bc5b,0x72a06b6b } },
-    /* 149 */
-    { { 0xad19d96f,0x6da19ec3,0xfb2a4099,0xb342daa4,0x662271ea,0x0e61633a,
-        0xce8c054b,0x3bcece81,0x8bd62dc6,0x7cc8e061,0xee578d8b,0xae189e19 },
-      { 0xdced1eed,0x73e7a25d,0x7875d3ab,0xc1257f0a,0x1cfef026,0x2cb2d5a2,
-        0xb1fdf61c,0xd98ef39b,0x24e83e6c,0xcd8e6f69,0xc7b7088b,0xd71e7076 } },
-    /* 150 */
-    { { 0x9d4245bf,0x33936830,0x2ac2953b,0x22d96217,0x56c3c3cd,0xb3bf5a82,
-        0x0d0699e8,0x50c9be91,0x8f366459,0xec094463,0x513b7c35,0x6c056dba },
-      { 0x045ab0e3,0x687a6a83,0x445c9295,0x8d40b57f,0xa16f5954,0x0f345048,
-        0x3d8f0a87,0x64b5c639,0x9f71c5e2,0x106353a2,0x874f0dd4,0xdd58b475 } },
-    /* 151 */
-    { { 0x62230c72,0x67ec084f,0x481385e3,0xf14f6cca,0x4cda7774,0xf58bb407,
-        0xaa2dbb6b,0xe15011b1,0x0c035ab1,0xd488369d,0x8245f2fd,0xef83c24a },
-      { 0x9fdc2538,0xfb57328f,0x191fe46a,0x79808293,0x32ede548,0xe28f5c44,
-        0xea1a022c,0x1b3cda99,0x3df2ec7f,0x39e639b7,0x760e9a18,0x77b6272b } },
-    /* 152 */
-    { { 0xa65d56d5,0x2b1d51bd,0x7ea696e0,0x3a9b71f9,0x9904f4c4,0x95250ecc,
-        0xe75774b7,0x8bc4d6eb,0xeaeeb9aa,0x0e343f8a,0x930e04cb,0xc473c1d1 },
-      { 0x064cd8ae,0x282321b1,0x5562221c,0xf4b4371e,0xd1bf1221,0xc1cc81ec,
-        0xe2c8082f,0xa52a07a9,0xba64a958,0x350d8e59,0x6fb32c9a,0x29e4f3de } },
-    /* 153 */
-    { { 0xba89aaa5,0x0aa9d56c,0xc4c6059e,0xf0208ac0,0xbd6ddca4,0x7400d9c6,
-        0xf2c2f74a,0xb384e475,0xb1562dd3,0x4c1061fc,0x2e153b8d,0x3924e248 },
-      { 0x849808ab,0xf38b8d98,0xa491aa36,0x29bf3260,0x88220ede,0x85159ada,
-        0xbe5bc422,0x8b47915b,0xd7300967,0xa934d72e,0x2e515d0d,0xc4f30398 } },
-    /* 154 */
-    { { 0x1b1de38b,0xe3e9ee42,0x42636760,0xa124e25a,0x90165b1a,0x90bf73c0,
-        0x146434c5,0x21802a34,0x2e1fa109,0x54aa83f2,0xed9c51e9,0x1d4bd03c },
-      { 0x798751e6,0xc2d96a38,0x8c3507f5,0xed27235f,0xc8c24f88,0xb5fb80e2,
-        0xd37f4f78,0xf873eefa,0xf224ba96,0x7229fd74,0x9edd7149,0x9dcd9199 } },
-    /* 155 */
-    { { 0x4e94f22a,0xee9f81a6,0xf71ec341,0xe5609892,0xa998284e,0x6c818ddd,
-        0x3b54b098,0x9fd47295,0x0e8a7cc9,0x47a6ac03,0xb207a382,0xde684e5e },
-      { 0x2b6b956b,0x4bdd1ecd,0xf01b3583,0x09084414,0x55233b14,0xe2f80b32,
-        0xef5ebc5e,0x5a0fec54,0xbf8b29a2,0x74cf25e6,0x7f29e014,0x1c757fa0 } },
-    /* 156 */
-    { { 0xeb0fdfe4,0x1bcb5c4a,0xf0899367,0xd7c649b3,0x05bc083b,0xaef68e3f,
-        0xa78aa607,0x57a06e46,0x21223a44,0xa2136ecc,0x52f5a50b,0x89bd6484 },
-      { 0x4455f15a,0x724411b9,0x08a9c0fd,0x23dfa970,0x6db63bef,0x7b0da4d1,
-        0xfb162443,0x6f8a7ec1,0xe98284fb,0xc1ac9cee,0x33566022,0x085a582b } },
-    /* 157 */
-    { { 0xec1f138a,0x15cb61f9,0x668f0c28,0x11c9a230,0xdf93f38f,0xac829729,
-        0x4048848d,0xcef25698,0x2bba8fbf,0x3f686da0,0x111c619a,0xed5fea78 },
-      { 0xd6d1c833,0x9b4f73bc,0x86e7bf80,0x50951606,0x042b1d51,0xa2a73508,
-        0x5fb89ec2,0x9ef6ea49,0x5ef8b892,0xf1008ce9,0x9ae8568b,0x78a7e684 } },
-    /* 158 */
-    { { 0x10470cd8,0x3fe83a7c,0xf86df000,0x92734682,0xda9409b5,0xb5dac06b,
-        0x94939c5f,0x1e7a9660,0x5cc116dc,0xdec6c150,0x66bac8cc,0x1a52b408 },
-      { 0x6e864045,0x5303a365,0x9139efc1,0x45eae72a,0x6f31d54f,0x83bec646,
-        0x6e958a6d,0x2fb4a86f,0x4ff44030,0x6760718e,0xe91ae0df,0x008117e3 } },
-    /* 159 */
-    { { 0x384310a2,0x5d5833ba,0x1fd6c9fc,0xbdfb4edc,0x849c4fb8,0xb9a4f102,
-        0x581c1e1f,0xe5fb239a,0xd0a9746d,0xba44b2e7,0x3bd942b9,0x78f7b768 },
-      { 0xc87607ae,0x076c8ca1,0xd5caaa7e,0x82b23c2e,0x2763e461,0x6a581f39,
-        0x3886df11,0xca8a5e4a,0x264e7f22,0xc87e90cf,0x215cfcfc,0x04f74870 } },
-    /* 160 */
-    { { 0x141d161c,0x5285d116,0x93c4ed17,0x67cd2e0e,0x7c36187e,0x12c62a64,
-        0xed2584ca,0xf5329539,0x42fbbd69,0xc4c777c4,0x1bdfc50a,0x107de776 },
-      { 0xe96beebd,0x9976dcc5,0xa865a151,0xbe2aff95,0x9d8872af,0x0e0a9da1,
-        0xa63c17cc,0x5e357a3d,0xe15cc67c,0xd31fdfd8,0x7970c6d8,0xc44bbefd } },
-    /* 161 */
-    { { 0x4c0c62f1,0x703f83e2,0x4e195572,0x9b1e28ee,0xfe26cced,0x6a82858b,
-        0xc43638fa,0xd381c84b,0xa5ba43d8,0x94f72867,0x10b82743,0x3b4a783d },
-      { 0x7576451e,0xee1ad7b5,0x14b6b5c8,0xc3d0b597,0xfcacc1b8,0x3dc30954,
-        0x472c9d7b,0x55df110e,0x02f8a328,0x97c86ed7,0x88dc098f,0xd0433413 } },
-    /* 162 */
-    { { 0x2ca8f2fe,0x1a60d152,0x491bd41f,0x61640948,0x58dfe035,0x6dae29a5,
-        0x278e4863,0x9a615bea,0x9ad7c8e5,0xbbdb4477,0x2ceac2fc,0x1c706630 },
-      { 0x99699b4b,0x5e2b54c6,0x239e17e8,0xb509ca6d,0xea063a82,0x728165fe,
-        0xb6a22e02,0x6b5e609d,0xb26ee1df,0x12813905,0x439491fa,0x07b9f722 } },
-    /* 163 */
-    { { 0x48ff4e49,0x1592ec14,0x6d644129,0x3e4e9f17,0x1156acc0,0x7acf8288,
-        0xbb092b0b,0x5aa34ba8,0x7d38393d,0xcd0f9022,0xea4f8187,0x416724dd },
-      { 0xc0139e73,0x3c4e641c,0x91e4d87d,0xe0fe46cf,0xcab61f8a,0xedb3c792,
-        0xd3868753,0x4cb46de4,0x20f1098a,0xe449c21d,0xf5b8ea6e,0x5e5fd059 } },
-    /* 164 */
-    { { 0x75856031,0x7fcadd46,0xeaf2fbd0,0x89c7a4cd,0x7a87c480,0x1af523ce,
-        0x61d9ae90,0xe5fc1095,0xbcdb95f5,0x3fb5864f,0xbb5b2c7d,0xbeb5188e },
-      { 0x3ae65825,0x3d1563c3,0x0e57d641,0x116854c4,0x1942ebd3,0x11f73d34,
-        0xc06955b3,0x24dc5904,0x995a0a62,0x8a0d4c83,0x5d577b7d,0xfb26b86d } },
-    /* 165 */
-    { { 0xc686ae17,0xc53108e7,0xd1c1da56,0x9090d739,0x9aec50ae,0x4583b013,
-        0xa49a6ab2,0xdd9a088b,0xf382f850,0x28192eea,0xf5fe910e,0xcc8df756 },
-      { 0x9cab7630,0x877823a3,0xfb8e7fc1,0x64984a9a,0x364bfc16,0x5448ef9c,
-        0xc44e2a9a,0xbbb4f871,0x435c95e9,0x901a41ab,0xaaa50a06,0xc6c23e5f } },
-    /* 166 */
-    { { 0x9034d8dd,0xb78016c1,0x0b13e79b,0x856bb44b,0xb3241a05,0x85c6409a,
-        0x2d78ed21,0x8d2fe19a,0x726eddf2,0xdcc7c26d,0x25104f04,0x3ccaff5f },
-      { 0x6b21f843,0x397d7edc,0xe975de4c,0xda88e4dd,0x4f5ab69e,0x5273d396,
-        0x9aae6cc0,0x537680e3,0x3e6f9461,0xf749cce5,0x957bffd3,0x021ddbd9 } },
-    /* 167 */
-    { { 0x777233cf,0x7b64585f,0x0942a6f0,0xfe6771f6,0xdfe6eef0,0x636aba7a,
-        0x86038029,0x63bbeb56,0xde8fcf36,0xacee5842,0xd4a20524,0x48d9aa99 },
-      { 0x0da5e57a,0xcff7a74c,0xe549d6c9,0xc232593c,0xf0f2287b,0x68504bcc,
-        0xbc8360b5,0x6d7d098d,0x5b402f41,0xeac5f149,0xb87d1bf1,0x61936f11 } },
-    /* 168 */
-    { { 0xb8153a9d,0xaa9da167,0x9e83ecf0,0xa49fe3ac,0x1b661384,0x14c18f8e,
-        0x38434de1,0x61c24dab,0x283dae96,0x3d973c3a,0x82754fc9,0xc99baa01 },
-      { 0x4c26b1e3,0x477d198f,0xa7516202,0x12e8e186,0x362addfa,0x386e52f6,
-        0xc3962853,0x31e8f695,0x6aaedb60,0xdec2af13,0x29cf74ac,0xfcfdb4c6 } },
-    /* 169 */
-    { { 0xcca40298,0x6b3ee958,0xf2f5d195,0xc3878153,0xed2eae5b,0x0c565630,
-        0x3a697cf2,0xd089b37e,0xad5029ea,0xc2ed2ac7,0x0f0dda6a,0x7e5cdfad },
-      { 0xd9b86202,0xf98426df,0x4335e054,0xed1960b1,0x3f14639e,0x1fdb0246,
-        0x0db6c670,0x17f709c3,0x773421e1,0xbfc687ae,0x26c1a8ac,0x13fefc4a } },
-    /* 170 */
-    { { 0x7ffa0a5f,0xe361a198,0xc63fe109,0xf4b26102,0x6c74e111,0x264acbc5,
-        0x77abebaf,0x4af445fa,0x24cddb75,0x448c4fdd,0x44506eea,0x0b13157d },
-      { 0x72e9993d,0x22a6b159,0x85e5ecbe,0x2c3c57e4,0xfd83e1a1,0xa673560b,
-        0xc3b8c83b,0x6be23f82,0x40bbe38e,0x40b13a96,0xad17399b,0x66eea033 } },
-    /* 171 */
-    { { 0xb4c6c693,0x49fc6e95,0x36af7d38,0xefc735de,0x35fe42fc,0xe053343d,
-        0x6a9ab7c3,0xf0aa427c,0x4a0fcb24,0xc79f0436,0x93ebbc50,0x16287243 },
-      { 0x16927e1e,0x5c3d6bd0,0x673b984c,0x40158ed2,0x4cd48b9a,0xa7f86fc8,
-        0x60ea282d,0x1643eda6,0xe2a1beed,0x45b393ea,0x19571a94,0x664c839e } },
-    /* 172 */
-    { { 0x27eeaf94,0x57745750,0xea99e1e7,0x2875c925,0x5086adea,0xc127e7ba,
-        0x86fe424f,0x765252a0,0x2b6c0281,0x1143cc6c,0xd671312d,0xc9bb2989 },
-      { 0x51acb0a5,0x880c337c,0xd3c60f78,0xa3710915,0x9262b6ed,0x496113c0,
-        0x9ce48182,0x5d25d9f8,0xb3813586,0x53b6ad72,0x4c0e159c,0x0ea3bebc } },
-    /* 173 */
-    { { 0xc5e49bea,0xcaba450a,0x7c05da59,0x684e5415,0xde7ac36c,0xa2e9cab9,
-        0x2e6f957b,0x4ca79b5f,0x09b817b1,0xef7b0247,0x7d89df0f,0xeb304990 },
-      { 0x46fe5096,0x508f7307,0x2e04eaaf,0x695810e8,0x3512f76c,0x88ef1bd9,
-        0x3ebca06b,0x77661351,0xccf158b7,0xf7d4863a,0x94ee57da,0xb2a81e44 } },
-    /* 174 */
-    { { 0x6d53e6ba,0xff288e5b,0x14484ea2,0xa90de1a9,0xed33c8ec,0x2fadb60c,
-        0x28b66a40,0x579d6ef3,0xec24372d,0x4f2dd6dd,0x1d66ec7d,0xe9e33fc9 },
-      { 0x039eab6e,0x110899d2,0x3e97bb5e,0xa31a667a,0xcfdce68e,0x6200166d,
-        0x5137d54b,0xbe83ebae,0x4800acdf,0x085f7d87,0x0c6f8c86,0xcf4ab133 } },
-    /* 175 */
-    { { 0x931e08fb,0x03f65845,0x1506e2c0,0x6438551e,0x9c36961f,0x5791f0dc,
-        0xe3dcc916,0x68107b29,0xf495d2ca,0x83242374,0x6ee5895b,0xd8cfb663 },
-      { 0xa0349b1b,0x525e0f16,0x4a0fab86,0x33cd2c6c,0x2af8dda9,0x46c12ee8,
-        0x71e97ad3,0x7cc424ba,0x37621eb0,0x69766ddf,0xa5f0d390,0x95565f56 } },
-    /* 176 */
-    { { 0x1a0f5e94,0xe0e7bbf2,0x1d82d327,0xf771e115,0xceb111fa,0x10033e3d,
-        0xd3426638,0xd269744d,0x00d01ef6,0xbdf2d9da,0xa049ceaf,0x1cb80c71 },
-      { 0x9e21c677,0x17f18328,0x19c8f98b,0x6452af05,0x80b67997,0x35b9c5f7,
-        0x40f8f3d4,0x5c2e1cbe,0x66d667ca,0x43f91656,0xcf9d6e79,0x9faaa059 } },
-    /* 177 */
-    { { 0x0a078fe6,0x8ad24618,0x464fd1dd,0xf6cc73e6,0xc3e37448,0x4d2ce34d,
-        0xe3271b5f,0x624950c5,0xefc5af72,0x62910f5e,0xaa132bc6,0x8b585bf8 },
-      { 0xa839327f,0x11723985,0x4aac252f,0x34e2d27d,0x6296cc4e,0x402f59ef,
-        0x47053de9,0x00ae055c,0x28b4f09b,0xfc22a972,0xfa0c180e,0xa9e86264 } },
-    /* 178 */
-    { { 0xbc310ecc,0x0b7b6224,0x67fa14ed,0x8a1a74f1,0x7214395c,0x87dd0960,
-        0xf5c91128,0xdf1b3d09,0x86b264a8,0x39ff23c6,0x3e58d4c5,0xdc2d49d0 },
-      { 0xa9d6f501,0x2152b7d3,0xc04094f7,0xf4c32e24,0xd938990f,0xc6366596,
-        0x94fb207f,0x084d078f,0x328594cb,0xfd99f1d7,0xcb2d96b3,0x36defa64 } },
-    /* 179 */
-    { { 0x13ed7cbe,0x4619b781,0x9784bd0e,0x95e50015,0x2c7705fe,0x2a32251c,
-        0x5f0dd083,0xa376af99,0x0361a45b,0x55425c6c,0x1f291e7b,0x812d2cef },
-      { 0x5fd94972,0xccf581a0,0xe56dc383,0x26e20e39,0x63dbfbf0,0x0093685d,
-        0x36b8c575,0x1fc164cc,0x390ef5e7,0xb9c5ab81,0x26908c66,0x40086beb } },
-    /* 180 */
-    { { 0x37e3c115,0xe5e54f79,0xc1445a8a,0x69b8ee8c,0xb7659709,0x79aedff2,
-        0x1b46fbe6,0xe288e163,0xd18d7bb7,0xdb4844f0,0x48aa6424,0xe0ea23d0 },
-      { 0xf3d80a73,0x714c0e4e,0x3bd64f98,0x87a0aa9e,0x2ec63080,0x8844b8a8,
-        0x255d81a3,0xe0ac9c30,0x455397fc,0x86151237,0x2f820155,0x0b979464 } },
-    /* 181 */
-    { { 0x4ae03080,0x127a255a,0x580a89fb,0x232306b4,0x6416f539,0x04e8cd6a,
-        0x13b02a0e,0xaeb70dee,0x4c09684a,0xa3038cf8,0x28e433ee,0xa710ec3c },
-      { 0x681b1f7d,0x77a72567,0x2fc28170,0x86fbce95,0xf5735ac8,0xd3408683,
-        0x6bd68e93,0x3a324e2a,0xc027d155,0x7ec74353,0xd4427177,0xab60354c } },
-    /* 182 */
-    { { 0xef4c209d,0x32a5342a,0x08d62704,0x2ba75274,0xc825d5fe,0x4bb4af6f,
-        0xd28e7ff1,0x1c3919ce,0xde0340f6,0x1dfc2fdc,0x29f33ba9,0xc6580baf },
-      { 0x41d442cb,0xae121e75,0x3a4724e4,0x4c7727fd,0x524f3474,0xe556d6a4,
-        0x785642a2,0x87e13cc7,0xa17845fd,0x182efbb1,0x4e144857,0xdcec0cf1 } },
-    /* 183 */
-    { { 0xe9539819,0x1cb89541,0x9d94dbf1,0xc8cb3b4f,0x417da578,0x1d353f63,
-        0x8053a09e,0xb7a697fb,0xc35d8b78,0x8d841731,0xb656a7a9,0x85748d6f },
-      { 0xc1859c5d,0x1fd03947,0x535d22a2,0x6ce965c1,0x0ca3aadc,0x1966a13e,
-        0x4fb14eff,0x9802e41d,0x76dd3fcd,0xa9048cbb,0xe9455bba,0x89b182b5 } },
-    /* 184 */
-    { { 0x43360710,0xd777ad6a,0x55e9936b,0x841287ef,0x04a21b24,0xbaf5c670,
-        0x35ad86f1,0xf2c0725f,0xc707e72e,0x338fa650,0xd8883e52,0x2bf8ed2e },
-      { 0xb56e0d6a,0xb0212cf4,0x6843290c,0x50537e12,0x98b3dc6f,0xd8b184a1,
-        0x0210b722,0xd2be9a35,0x559781ee,0x407406db,0x0bc18534,0x5a78d591 } },
-    /* 185 */
-    { { 0xd748b02c,0x4d57aa2a,0xa12b3b95,0xbe5b3451,0x64711258,0xadca7a45,
-        0x322153db,0x597e091a,0x32eb1eab,0xf3271006,0x2873f301,0xbd9adcba },
-      { 0x38543f7f,0xd1dc79d1,0x921b1fef,0x00022092,0x1e5df8ed,0x86db3ef5,
-        0x9e6b944a,0x888cae04,0x791a32b4,0x71bd29ec,0xa6d1c13e,0xd3516206 } },
-    /* 186 */
-    { { 0x55924f43,0x2ef6b952,0x4f9de8d5,0xd2f401ae,0xadc68042,0xfc73e8d7,
-        0x0d9d1bb4,0x627ea70c,0xbbf35679,0xc3bb3e3e,0xd882dee4,0x7e8a254a },
-      { 0xb5924407,0x08906f50,0xa1ad444a,0xf14a0e61,0x65f3738e,0xaa0efa21,
-        0xae71f161,0xd60c7dd6,0xf175894d,0x9e8390fa,0x149f4c00,0xd115cd20 } },
-    /* 187 */
-    { { 0xa52abf77,0x2f2e2c1d,0x54232568,0xc2a0dca5,0x54966dcc,0xed423ea2,
-        0xcd0dd039,0xe48c93c7,0x176405c7,0x1e54a225,0x70d58f2e,0x1efb5b16 },
-      { 0x94fb1471,0xa751f9d9,0x67d2941d,0xfdb31e1f,0x53733698,0xa6c74eb2,
-        0x89a0f64a,0xd3155d11,0xa4b8d2b6,0x4414cfe4,0xf7a8e9e3,0x8d5a4be8 } },
-    /* 188 */
-    { { 0x52669e98,0x5c96b4d4,0x8fd42a03,0x4547f922,0xd285174e,0xcf5c1319,
-        0x064bffa0,0x805cd1ae,0x246d27e7,0x50e8bc4f,0xd5781e11,0xf89ef98f },
-      { 0xdee0b63f,0xb4ff95f6,0x222663a4,0xad850047,0x4d23ce9c,0x02691860,
-        0x50019f59,0x3e5309ce,0x69a508ae,0x27e6f722,0x267ba52c,0xe9376652 } },
-    /* 189 */
-    { { 0xc0368708,0xa04d289c,0x5e306e1d,0xc458872f,0x33112fea,0x76fa23de,
-        0x6efde42e,0x718e3974,0x1d206091,0xf0c98cdc,0x14a71987,0x5fa3ca62 },
-      { 0xdcaa9f2a,0xeee8188b,0x589a860d,0x312cc732,0xc63aeb1f,0xf9808dd6,
-        0x4ea62b53,0x70fd43db,0x890b6e97,0x2c2bfe34,0xfa426aa6,0x105f863c } },
-    /* 190 */
-    { { 0xb38059ad,0x0b29795d,0x90647ea0,0x5686b77e,0xdb473a3e,0xeff0470e,
-        0xf9b6d1e2,0x278d2340,0xbd594ec7,0xebbff95b,0xd3a7f23d,0xf4b72334 },
-      { 0xa5a83f0b,0x2a285980,0x9716a8b3,0x0786c41a,0x22511812,0x138901bd,
-        0xe2fede6e,0xd1b55221,0xdf4eb590,0x0806e264,0x762e462e,0x6c4c897e } },
-    /* 191 */
-    { { 0xb4b41d9d,0xd10b905f,0x4523a65b,0x826ca466,0xb699fa37,0x535bbd13,
-        0x73bc8f90,0x5b9933d7,0xcd2118ad,0x9332d61f,0xd4a65fd0,0x158c693e },
-      { 0xe6806e63,0x4ddfb2a8,0xb5de651b,0xe31ed3ec,0x819bc69a,0xf9460e51,
-        0x2c76b1f8,0x6229c0d6,0x901970a3,0xbb78f231,0x9cee72b8,0x31f3820f } },
-    /* 192 */
-    { { 0xc09e1c72,0xe931caf2,0x12990cf4,0x0715f298,0x943262d8,0x33aad81d,
-        0x73048d3f,0x5d292b7a,0xdc7415f6,0xb152aaa4,0x0fd19587,0xc3d10fd9 },
-      { 0x75ddadd0,0xf76b35c5,0x1e7b694c,0x9f5f4a51,0xc0663025,0x2f1ab7eb,
-        0x920260b0,0x01c9cc87,0x05d39da6,0xc4b1f61a,0xeb4a9c4e,0x6dcd76c4 } },
-    /* 193 */
-    { { 0xfdc83f01,0x0ba0916f,0x9553e4f9,0x354c8b44,0xffc5e622,0xa6cc511a,
-        0xe95be787,0xb954726a,0x75b41a62,0xcb048115,0xebfde989,0xfa2ae6cd },
-      { 0x0f24659a,0x6376bbc7,0x4c289c43,0x13a999fd,0xec9abd8b,0xc7134184,
-        0xa789ab04,0x28c02bf6,0xd3e526ec,0xff841ebc,0x640893a8,0x442b191e } },
-    /* 194 */
-    { { 0xfa2b6e20,0x4cac6c62,0xf6d69861,0x97f29e9b,0xbc96d12d,0x228ab1db,
-        0x5e8e108d,0x6eb91327,0x40771245,0xd4b3d4d1,0xca8a803a,0x61b20623 },
-      { 0xa6a560b1,0x2c2f3b41,0x3859fcf4,0x879e1d40,0x024dbfc3,0x7cdb5145,
-        0x3bfa5315,0x55d08f15,0xaa93823a,0x2f57d773,0xc6a2c9a2,0xa97f259c } },
-    /* 195 */
-    { { 0xe58edbbb,0xc306317b,0x79dfdf13,0x25ade51c,0x16d83dd6,0x6b5beaf1,
-        0x1dd8f925,0xe8038a44,0xb2a87b6b,0x7f00143c,0xf5b438de,0xa885d00d },
-      { 0xcf9e48bd,0xe9f76790,0xa5162768,0xf0bdf9f0,0xad7b57cb,0x0436709f,
-        0xf7c15db7,0x7e151c12,0x5d90ee3b,0x3514f022,0x2c361a8d,0x2e84e803 } },
-    /* 196 */
-    { { 0x563ec8d8,0x2277607d,0xe3934cb7,0xa661811f,0xf58fd5de,0x3ca72e7a,
-        0x62294c6a,0x7989da04,0xf6bbefe9,0x88b3708b,0x53ed7c82,0x0d524cf7 },
-      { 0x2f30c073,0x69f699ca,0x9dc1dcf3,0xf0fa264b,0x05f0aaf6,0x44ca4568,
-        0xd19b9baf,0x0f5b23c7,0xeabd1107,0x39193f41,0x2a7c9b83,0x9e3e10ad } },
-    /* 197 */
-    { { 0xd4ae972f,0xa90824f0,0xc6e846e7,0x43eef02b,0x29d2160a,0x7e460612,
-        0xfe604e91,0x29a178ac,0x4eb184b2,0x23056f04,0xeb54cdf4,0x4fcad55f },
-      { 0xae728d15,0xa0ff96f3,0xc6a00331,0x8a2680c6,0x7ee52556,0x5f84cae0,
-        0xc5a65dad,0x5e462c3a,0xe2d23f4f,0x5d2b81df,0xc5b1eb07,0x6e47301b } },
-    /* 198 */
-    { { 0xaf8219b9,0x77411d68,0x51b1907a,0xcb883ce6,0x101383b5,0x25c87e57,
-        0x982f970d,0x9c7d9859,0x118305d2,0xaa6abca5,0x9013a5db,0x725fed2f },
-      { 0xababd109,0x487cdbaf,0x87586528,0xc0f8cf56,0x8ad58254,0xa02591e6,
-        0xdebbd526,0xc071b1d1,0x961e7e31,0x927dfe8b,0x9263dfe1,0x55f895f9 } },
-    /* 199 */
-    { { 0xb175645b,0xf899b00d,0xb65b4b92,0x51f3a627,0xb67399ef,0xa2f3ac8d,
-        0xe400bc20,0xe717867f,0x1967b952,0x42cc9020,0x3ecd1de1,0x3d596751 },
-      { 0xdb979775,0xd41ebcde,0x6a2e7e88,0x99ba61bc,0x321504f2,0x039149a5,
-        0x27ba2fad,0xe7dc2314,0xb57d8368,0x9f556308,0x57da80a7,0x2b6d16c9 } },
-    /* 200 */
-    { { 0x279ad982,0x84af5e76,0x9c8b81a6,0x9bb4c92d,0x0e698e67,0xd79ad44e,
-        0x265fc167,0xe8be9048,0x0c3a4ccc,0xf135f7e6,0xb8863a33,0xa0a10d38 },
-      { 0xd386efd9,0xe197247c,0xb52346c2,0x0eefd3f9,0x78607bc8,0xc22415f9,
-        0x508674ce,0xa2a8f862,0xc8c9d607,0xa72ad09e,0x50fa764f,0xcd9f0ede } },
-    /* 201 */
-    { { 0xd1a46d4d,0x063391c7,0x9eb01693,0x2df51c11,0x849e83de,0xc5849800,
-        0x8ad08382,0x48fd09aa,0xaa742736,0xa405d873,0xe1f9600c,0xee49e61e },
-      { 0x48c76f73,0xd76676be,0x01274b2a,0xd9c100f6,0x83f8718d,0x110bb67c,
-        0x02fc0d73,0xec85a420,0x744656ad,0xc0449e1e,0x37d9939b,0x28ce7376 } },
-    /* 202 */
-    { { 0x44544ac7,0x97e9af72,0xba010426,0xf2c658d5,0xfb3adfbd,0x732dec39,
-        0xa2df0b07,0xd12faf91,0x2171e208,0x8ac26725,0x5b24fa54,0xf820cdc8 },
-      { 0x94f4cf77,0x307a6eea,0x944a33c6,0x18c783d2,0x0b741ac5,0x4b939d4c,
-        0x3ffbb6e4,0x1d7acd15,0x7a255e44,0x06a24858,0xce336d50,0x14fbc494 } },
-    /* 203 */
-    { { 0x51584e3c,0x9b920c0c,0xf7e54027,0xc7733c59,0x88422bbe,0xe24ce139,
-        0x523bd6ab,0x11ada812,0xb88e6def,0xde068800,0xfe8c582d,0x7b872671 },
-      { 0x7de53510,0x4e746f28,0xf7971968,0x492f8b99,0x7d928ac2,0x1ec80bc7,
-        0x432eb1b5,0xb3913e48,0x32028f6e,0xad084866,0x8fc2f38b,0x122bb835 } },
-    /* 204 */
-    { { 0x3b0b29c3,0x0a9f3b1e,0x4fa44151,0x837b6432,0x17b28ea7,0xb9905c92,
-        0x98451750,0xf39bc937,0xce8b6da1,0xcd383c24,0x010620b2,0x299f57db },
-      { 0x58afdce3,0x7b6ac396,0x3d05ef47,0xa15206b3,0xb9bb02ff,0xa0ae37e2,
-        0x9db3964c,0x107760ab,0x67954bea,0xe29de9a0,0x431c3f82,0x446a1ad8 } },
-    /* 205 */
-    { { 0x5c6b8195,0xc6fecea0,0xf49e71b9,0xd744a7c5,0x177a7ae7,0xa8e96acc,
-        0x358773a7,0x1a05746c,0x37567369,0xa4162146,0x87d1c971,0xaa0217f7 },
-      { 0x77fd3226,0x61e9d158,0xe4f600be,0x0f6f2304,0x7a6dff07,0xa9c4cebc,
-        0x09f12a24,0xd15afa01,0x8c863ee9,0x2bbadb22,0xe5eb8c78,0xa28290e4 } },
-    /* 206 */
-    { { 0x3e9de330,0x55b87fa0,0x195c145b,0x12b26066,0xa920bef0,0xe08536e0,
-        0x4d195adc,0x7bff6f2c,0x945f4187,0x7f319e9d,0xf892ce47,0xf9848863 },
-      { 0x4fe37657,0xd0efc1d3,0x5cf0e45a,0x3c58de82,0x8b0ccbbe,0x626ad21a,
-        0xaf952fc5,0xd2a31208,0xeb437357,0x81791995,0x98e95d4f,0x5f19d30f } },
-    /* 207 */
-    { { 0x0e6865bb,0x72e83d9a,0xf63456a6,0x22f5af3b,0x463c8d9e,0x409e9c73,
-        0xdfe6970e,0x40e9e578,0x711b91ca,0x876b6efa,0x942625a3,0x895512cf },
-      { 0xcb4e462b,0x84c8eda8,0x4412e7c8,0x84c0154a,0xceb7b71f,0x04325db1,
-        0x66f70877,0x1537dde3,0x1992b9ac,0xf3a09399,0xd498ae77,0xa7316606 } },
-    /* 208 */
-    { { 0xcad260f5,0x13990d2f,0xeec0e8c0,0x76c3be29,0x0f7bd7d5,0x7dc5bee0,
-        0xefebda4b,0x9be167d2,0x9122b87e,0xcce3dde6,0x82b5415c,0x75a28b09 },
-      { 0xe84607a6,0xf6810bcd,0x6f4dbf0d,0xc6d58128,0x1b4dafeb,0xfead577d,
-        0x066b28eb,0x9bc440b2,0x8b17e84b,0x53f1da97,0xcda9a575,0x0459504b } },
-    /* 209 */
-    { { 0x329e5836,0x13e39a02,0xf717269d,0x2c9e7d51,0xf26c963b,0xc5ac58d6,
-        0x79967bf5,0x3b0c6c43,0x55908d9d,0x60bbea3f,0xf07c9ad1,0xd84811e7 },
-      { 0x5bd20e4a,0xfe7609a7,0x0a70baa8,0xe4325dd2,0xb3600386,0x3711f370,
-        0xd0924302,0x97f9562f,0x4acc4436,0x040dc0c3,0xde79cdd4,0xfd6d725c } },
-    /* 210 */
-    { { 0xcf13eafb,0xb3efd0e3,0x5aa0ae5f,0x21009cbb,0x79022279,0xe480c553,
-        0xb2fc9a6d,0x755cf334,0x07096ae7,0x8564a5bf,0xbd238139,0xddd649d0 },
-      { 0x8a045041,0xd0de10b1,0xc957d572,0x6e05b413,0x4e0fb25c,0x5c5ff806,
-        0x641162fb,0xd933179b,0xe57439f9,0x42d48485,0x8a8d72aa,0x70c5bd0a } },
-    /* 211 */
-    { { 0x97bdf646,0xa7671738,0xab329f7c,0xaa1485b4,0xf8f25fdf,0xce3e11d6,
-        0xc6221824,0x76a3fc7e,0xf3924740,0x045f281f,0x96d13a9a,0x24557d4e },
-      { 0xdd4c27cd,0x875c804b,0x0f5c7fea,0x11c5f0f4,0xdc55ff7e,0xac8c880b,
-        0x1103f101,0x2acddec5,0xf99faa89,0x38341a21,0xce9d6b57,0xc7b67a2c } },
-    /* 212 */
-    { { 0x8e357586,0x9a0d724f,0xdf648da0,0x1d7f4ff5,0xfdee62a5,0x9c3e6c9b,
-        0x0389b372,0x0499cef0,0x98eab879,0xe904050d,0x6c051617,0xe8eef1b6 },
-      { 0xc37e3ca9,0xebf5bfeb,0xa4e0b91d,0x7c5e946d,0x2c4bea28,0x79097314,
-        0xee67b2b7,0x81f6c109,0xdafc5ede,0xaf237d9b,0x2abb04c7,0xd2e60201 } },
-    /* 213 */
-    { { 0x8a4f57bf,0x6156060c,0xff11182a,0xf9758696,0x6296ef00,0x8336773c,
-        0xff666899,0x9c054bce,0x719cd11c,0xd6a11611,0xdbe1acfa,0x9824a641 },
-      { 0xba89fd01,0x0b7b7a5f,0x889f79d8,0xf8d3b809,0xf578285c,0xc5e1ea08,
-        0xae6d8288,0x7ac74536,0x7521ef5f,0x5d37a200,0xb260a25d,0x5ecc4184 } },
-    /* 214 */
-    { { 0xa708c8d3,0xddcebb19,0xc63f81ec,0xe63ed04f,0x11873f95,0xd045f5a0,
-        0x79f276d5,0x3b5ad544,0x425ae5b3,0x81272a3d,0x10ce1605,0x8bfeb501 },
-      { 0x888228bf,0x4233809c,0xb2aff7df,0x4bd82acf,0x0cbd4a7f,0x9c68f180,
-        0x6b44323d,0xfcd77124,0x891db957,0x60c0fcf6,0x04da8f7f,0xcfbb4d89 } },
-    /* 215 */
-    { { 0x3b26139a,0x9a6a5df9,0xb2cc7eb8,0x3e076a83,0x5a964bcd,0x47a8e82d,
-        0xb9278d6b,0x8a4e2a39,0xe4443549,0x93506c98,0xf1e0d566,0x06497a8f },
-      { 0x2b1efa05,0x3dee8d99,0x45393e33,0x2da63ca8,0xcf0579ad,0xa4af7277,
-        0x3236d8ea,0xaf4b4639,0x32b617f5,0x6ccad95b,0xb88bb124,0xce76d8b8 } },
-    /* 216 */
-    { { 0x083843dc,0x63d2537a,0x1e4153b4,0x89eb3514,0xea9afc94,0x5175ebc4,
-        0x8ed1aed7,0x7a652580,0xd85e8297,0x67295611,0xb584b73d,0x8dd2d68b },
-      { 0x0133c3a4,0x237139e6,0x4bd278ea,0x9de838ab,0xc062fcd9,0xe829b072,
-        0x63ba8706,0x70730d4f,0xd3cd05ec,0x6080483f,0x0c85f84d,0x872ab5b8 } },
-    /* 217 */
-    { { 0x999d4d49,0xfc0776d3,0xec3f45e7,0xa3eb59de,0x0dae1fc1,0xbc990e44,
-        0xa15371ff,0x33596b1e,0x9bc7ab25,0xd447dcb2,0x35979582,0xcd5b63e9 },
-      { 0x77d1ff11,0xae3366fa,0xedee6903,0x59f28f05,0xa4433bf2,0x6f43fed1,
-        0xdf9ce00e,0x15409c9b,0xaca9c5dc,0x21b5cded,0x82d7bdb4,0xf9f33595 } },
-    /* 218 */
-    { { 0x9422c792,0x95944378,0xc958b8bf,0x239ea923,0xdf076541,0x4b61a247,
-        0xbb9fc544,0x4d29ce85,0x0b424559,0x9a692a67,0x0e486900,0x6e0ca5a0 },
-      { 0x85b3bece,0x6b79a782,0xc61f9892,0x41f35e39,0xae747f82,0xff82099a,
-        0xd0ca59d6,0x58c8ae3f,0x99406b5f,0x4ac930e2,0x9df24243,0x2ce04eb9 } },
-    /* 219 */
-    { { 0x1ac37b82,0x4366b994,0x25b04d83,0xff0c728d,0x19c47b7c,0x1f551361,
-        0xbeff13e7,0xdbf2d5ed,0xe12a683d,0xf78efd51,0x989cf9c4,0x82cd85b9 },
-      { 0xe0cb5d37,0xe23c6db6,0x72ee1a15,0x818aeebd,0x28771b14,0x8212aafd,
-        0x1def817d,0x7bc221d9,0x9445c51f,0xdac403a2,0x12c3746b,0x711b0517 } },
-    /* 220 */
-    { { 0x5ea99ecc,0x0ed9ed48,0xb8cab5e1,0xf799500d,0xb570cbdc,0xa8ec87dc,
-        0xd35dfaec,0x52cfb2c2,0x6e4d80a4,0x8d31fae2,0xdcdeabe5,0xe6a37dc9 },
-      { 0x1deca452,0x5d365a34,0x0d68b44e,0x09a5f8a5,0xa60744b1,0x59238ea5,
-        0xbb4249e9,0xf2fedc0d,0xa909b2e3,0xe395c74e,0x39388250,0xe156d1a5 } },
-    /* 221 */
-    { { 0x47181ae9,0xd796b3d0,0x44197808,0xbaf44ba8,0x34cf3fac,0xe6933094,
-        0xc3bd5c46,0x41aa6ade,0xeed947c6,0x4fda75d8,0x9ea5a525,0xacd9d412 },
-      { 0xd430301b,0x65cc55a3,0x7b52ea49,0x3c9a5bcf,0x159507f0,0x22d319cf,
-        0xde74a8dd,0x2ee0b9b5,0x877ac2b6,0x20c26a1e,0x92e7c314,0x387d73da } },
-    /* 222 */
-    { { 0x8cd3fdac,0x13c4833e,0x332e5b8e,0x76fcd473,0xe2fe1fd3,0xff671b4b,
-        0x5d98d8ec,0x4d734e8b,0x514bbc11,0xb1ead3c6,0x7b390494,0xd14ca858 },
-      { 0x5d2d37e9,0x95a443af,0x00464622,0x73c6ea73,0x15755044,0xa44aeb4b,
-        0xfab58fee,0xba3f8575,0xdc680a6f,0x9779dbc9,0x7b37ddfc,0xe1ee5f5a } },
-    /* 223 */
-    { { 0x12d29f46,0xcd0b4648,0x0ed53137,0x93295b0b,0x80bef6c9,0xbfe26094,
-        0x54248b00,0xa6565788,0x80e7f9c4,0x69c43fca,0xbe141ea1,0x2190837b },
-      { 0xa1b26cfb,0x875e159a,0x7affe852,0x90ca9f87,0x92ca598e,0x15e6550d,
-        0x1938ad11,0xe3e0945d,0x366ef937,0xef7636bb,0xb39869e5,0xb6034d0b } },
-    /* 224 */
-    { { 0x26d8356e,0x4d255e30,0xd314626f,0xf83666ed,0xd0c8ed64,0x421ddf61,
-        0x26677b61,0x96e473c5,0x9e9b18b3,0xdad4af7e,0xa9393f75,0xfceffd4a },
-      { 0x11c731d5,0x843138a1,0xb2f141d9,0x05bcb3a1,0x617b7671,0x20e1fa95,
-        0x88ccec7b,0xbefce812,0x90f1b568,0x582073dc,0x1f055cb7,0xf572261a } },
-    /* 225 */
-    { { 0x36973088,0xf3148277,0x86a9f980,0xc008e708,0xe046c261,0x1b795947,
-        0xca76bca0,0xdf1e6a7d,0x71acddf0,0xabafd886,0x1364d8f4,0xff7054d9 },
-      { 0xe2260594,0x2cf63547,0xd73b277e,0x468a5372,0xef9bd35e,0xc7419e24,
-        0x24043cc3,0x2b4a1c20,0x890b39cd,0xa28f047a,0x46f9a2e3,0xdca2cea1 } },
-    /* 226 */
-    { { 0x53277538,0xab788736,0xcf697738,0xa734e225,0x6b22e2c1,0x66ee1d1e,
-        0xebe1d212,0x2c615389,0x02bb0766,0xf36cad40,0x3e64f207,0x120885c3 },
-      { 0x90fbfec2,0x59e77d56,0xd7a574ae,0xf9e781aa,0x5d045e53,0x801410b0,
-        0xa91b5f0e,0xd3b5f0aa,0x7fbb3521,0xb3d1df00,0xc72bee9a,0x11c4b33e } },
-    /* 227 */
-    { { 0x83c3a7f3,0xd32b9832,0x88d8a354,0x8083abcf,0x50f4ec5a,0xdeb16404,
-        0x641e2907,0x18d747f0,0xf1bbf03e,0x4e8978ae,0x88a0cd89,0x932447dc },
-      { 0xcf3d5897,0x561e0feb,0x13600e6d,0xfc3a682f,0xd16a6b73,0xc78b9d73,
-        0xd29bf580,0xe713fede,0x08d69e5c,0x0a225223,0x1ff7fda4,0x3a924a57 } },
-    /* 228 */
-    { { 0xb4093bee,0xfb64554c,0xa58c6ec0,0xa6d65a25,0x43d0ed37,0x4126994d,
-        0x55152d44,0xa5689a51,0x284caa8d,0xb8e5ea8c,0xd1f25538,0x33f05d4f },
-      { 0x1b615d6e,0xe0fdfe09,0x705507da,0x2ded7e8f,0x17bbcc80,0xdd5631e5,
-        0x267fd11f,0x4f87453e,0xff89d62d,0xc6da723f,0xe3cda21d,0x55cbcae2 } },
-    /* 229 */
-    { { 0x6b4e84f3,0x336bc94e,0x4ef72c35,0x72863031,0xeeb57f99,0x6d85fdee,
-        0xa42ece1b,0x7f4e3272,0x36f0320a,0x7f86cbb5,0x923331e6,0xf09b6a2b },
-      { 0x56778435,0x21d3ecf1,0x8323b2d2,0x2977ba99,0x1704bc0f,0x6a1b57fb,
-        0x389f048a,0xd777cf8b,0xac6b42cd,0x9ce2174f,0x09e6c55a,0x404e2bff } },
-    /* 230 */
-    { { 0x204c5ddb,0x9b9b135e,0x3eff550e,0x9dbfe044,0xec3be0f6,0x35eab4bf,
-        0x0a43e56f,0x8b4c3f0d,0x0e73f9b3,0x4c1c6673,0x2c78c905,0x92ed38bd },
-      { 0xa386e27c,0xc7003f6a,0xaced8507,0xb9c4f46f,0x59df5464,0xea024ec8,
-        0x429572ea,0x4af96152,0xe1fc1194,0x279cd5e2,0x281e358c,0xaa376a03 } },
-    /* 231 */
-    { { 0x3cdbc95c,0x07859223,0xef2e337a,0xaae1aa6a,0x472a8544,0xc040108d,
-        0x8d037b7d,0x80c853e6,0x8c7eee24,0xd221315c,0x8ee47752,0x195d3856 },
-      { 0xdacd7fbe,0xd4b1ba03,0xd3e0c52b,0x4b5ac61e,0x6aab7b52,0x68d3c052,
-        0x660e3fea,0xf0d7248c,0x3145efb4,0xafdb3f89,0x8f40936d,0xa73fd9a3 } },
-    /* 232 */
-    { { 0xbb1b17ce,0x891b9ef3,0xc6127f31,0x14023667,0x305521fd,0x12b2e58d,
-        0xe3508088,0x3a47e449,0xff751507,0xe49fc84b,0x5310d16e,0x4023f722 },
-      { 0xb73399fa,0xa608e5ed,0xd532aa3e,0xf12632d8,0x845e8415,0x13a2758e,
-        0x1fc2d861,0xae4b6f85,0x339d02f2,0x3879f5b1,0x80d99ebd,0x446d22a6 } },
-    /* 233 */
-    { { 0x4be164f1,0x0f502302,0x88b81920,0x8d09d2d6,0x984aceff,0x514056f1,
-        0x75e9e80d,0xa5c4ddf0,0xdf496a93,0x38cb47e6,0x38df6bf7,0x899e1d6b },
-      { 0xb59eb2a6,0x69e87e88,0x9b47f38b,0x280d9d63,0x3654e955,0x599411ea,
-        0x969aa581,0xcf8dd4fd,0x530742a7,0xff5c2baf,0x1a373085,0xa4391536 } },
-    /* 234 */
-    { { 0xa8a4bdd2,0x6ace72a3,0xb68ef702,0xc656cdd1,0x90c4dad8,0xd4a33e7e,
-        0x9d951c50,0x4aece08a,0x085d68e6,0xea8005ae,0x6f7502b8,0xfdd7a7d7 },
-      { 0x98d6fa45,0xce6fb0a6,0x1104eb8c,0x228f8672,0xda09d7dc,0xd23d8787,
-        0x2ae93065,0x5521428b,0xea56c366,0x95faba3d,0x0a88aca5,0xedbe5039 } },
-    /* 235 */
-    { { 0xbfb26c82,0xd64da0ad,0x952c2f9c,0xe5d70b3c,0xf7e77f68,0xf5e8f365,
-        0x08f2d695,0x7234e002,0xd12e7be6,0xfaf900ee,0x4acf734e,0x27dc6934 },
-      { 0xc260a46a,0x80e4ff5e,0x2dc31c28,0x7da5ebce,0xca69f552,0x485c5d73,
-        0x69cc84c2,0xcdfb6b29,0xed6d4eca,0x031c5afe,0x22247637,0xc7bbf4c8 } },
-    /* 236 */
-    { { 0x49fe01b2,0x9d5b72c7,0x793a91b8,0x34785186,0xcf460438,0xa3ba3c54,
-        0x3ab21b6f,0x73e8e43d,0xbe57b8ab,0x50cde8e0,0xdd204264,0x6488b3a7 },
-      { 0xdddc4582,0xa9e398b3,0x5bec46fe,0x1698c1a9,0x156d3843,0x7f1446ef,
-        0x770329a2,0x3fd25dd8,0x2c710668,0x05b1221a,0xa72ee6cf,0x65b2dc2a } },
-    /* 237 */
-    { { 0xcd021d63,0x21a885f7,0xfea61f08,0x3f344b15,0xc5cf73e6,0xad5ba6dd,
-        0x227a8b23,0x154d0d8f,0xdc559311,0x9b74373c,0x98620fa1,0x4feab715 },
-      { 0x7d9ec924,0x5098938e,0x6d47e550,0x84d54a5e,0x1b617506,0x1a2d1bdc,
-        0x615868a4,0x99fe1782,0x3005a924,0x171da780,0x7d8f79b6,0xa70bf5ed } },
-    /* 238 */
-    { { 0xfe2216c5,0x0bc1250d,0x7601b351,0x2c37e250,0xd6f06b7e,0xb6300175,
-        0x8bfeb9b7,0x4dde8ca1,0xb82f843d,0x4f210432,0xb1ac0afd,0x8d70e2f9 },
-      { 0xaae91abb,0x25c73b78,0x863028f2,0x0230dca3,0xe5cf30b7,0x8b923ecf,
-        0x5506f265,0xed754ec2,0x729a5e39,0x8e41b88c,0xbabf889b,0xee67cec2 } },
-    /* 239 */
-    { { 0x1be46c65,0xe183acf5,0xe7565d7a,0x9789538f,0xd9627b4e,0x87873391,
-        0x9f1d9187,0xbf4ac4c1,0x4691f5c8,0x5db99f63,0x74a1fb98,0xa68df803 },
-      { 0xbf92b5fa,0x3c448ed1,0x3e0bdc32,0xa098c841,0x79bf016c,0x8e74cd55,
-        0x115e244d,0x5df0d09c,0x3410b66e,0x9418ad01,0x17a02130,0x8b6124cb } },
-    /* 240 */
-    { { 0xc26e3392,0x425ec3af,0xa1722e00,0xc07f8470,0xe2356b43,0xdcc28190,
-        0xb1ef59a6,0x4ed97dff,0xc63028c1,0xc22b3ad1,0x68c18988,0x070723c2 },
-      { 0x4cf49e7d,0x70da302f,0x3f12a522,0xc5e87c93,0x18594148,0x74acdd1d,
-        0xca74124c,0xad5f73ab,0xd69fd478,0xe72e4a3e,0x7b117cc3,0x61593868 } },
-    /* 241 */
-    { { 0xa9aa0486,0x7b7b9577,0xa063d557,0x6e41fb35,0xda9047d7,0xb017d5c7,
-        0x68a87ba9,0x8c748280,0xdf08ad93,0xab45fa5c,0x4c288a28,0xcd9fb217 },
-      { 0x5747843d,0x59544642,0xa56111e3,0x34d64c6c,0x4bfce8d5,0x12e47ea1,
-        0x6169267f,0x17740e05,0xeed03fb5,0x5c49438e,0x4fc3f513,0x9da30add } },
-    /* 242 */
-    { { 0xccfa5200,0xc4e85282,0x6a19b13d,0x2707608f,0xf5726e2f,0xdcb9a53d,
-        0xe9427de5,0x612407c9,0xd54d582a,0x3e5a17e1,0x655ae118,0xb99877de },
-      { 0x015254de,0x6f0e972b,0xf0a6f7c5,0x92a56db1,0xa656f8b2,0xd297e4e1,
-        0xad981983,0x99fe0052,0x07cfed84,0xd3652d2f,0x843c1738,0xc784352e } },
-    /* 243 */
-    { { 0x7e9b2d8a,0x6ee90af0,0x57cf1964,0xac8d7018,0x71f28efc,0xf6ed9031,
-        0x6812b20e,0x7f70d5a9,0xf1c61eee,0x27b557f4,0xc6263758,0xf1c9bd57 },
-      { 0x2a1a6194,0x5cf7d014,0x1890ab84,0xdd614e0b,0x0e93c2a6,0x3ef9de10,
-        0xe0cd91c5,0xf98cf575,0x14befc32,0x504ec0c6,0x6279d68c,0xd0513a66 } },
-    /* 244 */
-    { { 0xa859fb6a,0xa8eadbad,0xdb283666,0xcf8346e7,0x3e22e355,0x7b35e61a,
-        0x99639c6b,0x293ece2c,0x56f241c8,0xfa0162e2,0xbf7a1dda,0xd2e6c7b9 },
-      { 0x40075e63,0xd0de6253,0xf9ec8286,0x2405aa61,0x8fe45494,0x2237830a,
-        0x364e9c8c,0x4fd01ac7,0x904ba750,0x4d9c3d21,0xaf1b520b,0xd589be14 } },
-    /* 245 */
-    { { 0x4662e53b,0x13576a4f,0xf9077676,0x35ec2f51,0x97c0af97,0x66297d13,
-        0x9e598b58,0xed3201fe,0x5e70f604,0x49bc752a,0xbb12d951,0xb54af535 },
-      { 0x212c1c76,0x36ea4c2b,0xeb250dfd,0x18f5bbc7,0x9a0a1a46,0xa0d466cc,
-        0xdac2d917,0x52564da4,0x8e95fab5,0x206559f4,0x9ca67a33,0x7487c190 } },
-    /* 246 */
-    { { 0xdde98e9c,0x75abfe37,0x2a411199,0x99b90b26,0xdcdb1f7c,0x1b410996,
-        0x8b3b5675,0xab346f11,0xf1f8ae1e,0x04852193,0x6b8b98c1,0x1ec4d227 },
-      { 0x45452baa,0xba3bc926,0xacc4a572,0x387d1858,0xe51f171e,0x9478eff6,
-        0x931e1c00,0xf357077d,0xe54c8ca8,0xffee77cd,0x551dc9a4,0xfb4892ff } },
-    /* 247 */
-    { { 0x2db8dff8,0x5b1bdad0,0x5a2285a2,0xd462f4fd,0xda00b461,0x1d6aad8e,
-        0x41306d1b,0x43fbefcf,0x6a13fe19,0x428e86f3,0x17f89404,0xc8b2f118 },
-      { 0xf0d51afb,0x762528aa,0x549b1d06,0xa3e2fea4,0xea3ddf66,0x86fad8f2,
-        0x4fbdd206,0x0d9ccc4b,0xc189ff5a,0xcde97d4c,0x199f19a6,0xc36793d6 } },
-    /* 248 */
-    { { 0x51b85197,0xea38909b,0xb4c92895,0xffb17dd0,0x1ddb3f3f,0x0eb0878b,
-        0xc57cf0f2,0xb05d28ff,0x1abd57e2,0xd8bde2e7,0xc40c1b20,0x7f2be28d },
-      { 0x299a2d48,0x6554dca2,0x8377982d,0x5130ba2e,0x1071971a,0x8863205f,
-        0x7cf2825d,0x15ee6282,0x03748f2b,0xd4b6c57f,0x430385a0,0xa9e3f4da } },
-    /* 249 */
-    { { 0x83fbc9c6,0x33eb7cec,0x4541777e,0x24a311c7,0x4f0767fc,0xc81377f7,
-        0x4ab702da,0x12adae36,0x2a779696,0xb7fcb6db,0x01cea6ad,0x4a6fb284 },
-      { 0xcdfc73de,0x5e8b1d2a,0x1b02fd32,0xd0efae8d,0xd81d8519,0x3f99c190,
-        0xfc808971,0x3c18f7fa,0x51b7ae7b,0x41f713e7,0xf07fc3f8,0x0a4b3435 } },
-    /* 250 */
-    { { 0x019b7d2e,0x7dda3c4c,0xd4dc4b89,0x631c8d1a,0x1cdb313c,0x5489cd6e,
-        0x4c07bb06,0xd44aed10,0x75f000d1,0x8f97e13a,0xdda5df4d,0x0e9ee64f },
-      { 0x3e346910,0xeaa99f3b,0xfa294ad7,0x622f6921,0x0d0b2fe9,0x22aaa20d,
-        0x1e5881ba,0x4fed2f99,0xc1571802,0x9af3b2d6,0xdc7ee17c,0x919e67a8 } },
-    /* 251 */
-    { { 0x76250533,0xc724fe4c,0x7d817ef8,0x8a2080e5,0x172c9751,0xa2afb0f4,
-        0x17c0702e,0x9b10cdeb,0xc9b7e3e9,0xbf3975e3,0x1cd0cdc5,0x206117df },
-      { 0xbe05ebd5,0xfb049e61,0x16c782c0,0xeb0bb55c,0xab7fed09,0x13a331b8,
-        0x632863f0,0xf6c58b1d,0x4d3b6195,0x6264ef6e,0x9a53f116,0x92c51b63 } },
-    /* 252 */
-    { { 0x288b364d,0xa57c7bc8,0x7b41e5c4,0x4a562e08,0x698a9a11,0x699d21c6,
-        0xf3f849b9,0xa4ed9581,0x9eb726ba,0xa223eef3,0xcc2884f9,0x13159c23 },
-      { 0x3a3f4963,0x73931e58,0x0ada6a81,0x96500389,0x5ab2950b,0x3ee8a1c6,
-        0x775fab52,0xeedf4949,0x4f2671b6,0x63d652e1,0x3c4e2f55,0xfed4491c } },
-    /* 253 */
-    { { 0xf4eb453e,0x335eadc3,0xcadd1a5b,0x5ff74b63,0x5d84a91a,0x6933d0d7,
-        0xb49ba337,0x9ca3eeb9,0xc04c15b8,0x1f6facce,0xdc09a7e4,0x4ef19326 },
-      { 0x3dca3233,0x53d2d324,0xa2259d4b,0x0ee40590,0x5546f002,0x18c22edb,
-        0x09ea6b71,0x92429801,0xb0e91e61,0xaada0add,0x99963c50,0x5fe53ef4 } },
-    /* 254 */
-    { { 0x90c28c65,0x372dd06b,0x119ce47d,0x1765242c,0x6b22fc82,0xc041fb80,
-        0xb0a7ccc1,0x667edf07,0x1261bece,0xc79599e7,0x19cff22a,0xbc69d9ba },
-      { 0x13c06819,0x009d77cd,0xe282b79d,0x635a66ae,0x225b1be8,0x4edac4a6,
-        0x524008f9,0x57d4f4e4,0xb056af84,0xee299ac5,0x3a0bc386,0xcc38444c } },
-    /* 255 */
-    { { 0xcd4c2356,0x490643b1,0x750547be,0x740a4851,0xd4944c04,0x643eaf29,
-        0x299a98a0,0xba572479,0xee05fdf9,0x48b29f16,0x089b2d7b,0x33fb4f61 },
-      { 0xa950f955,0x86704902,0xfedc3ddf,0x97e1034d,0x05fbb6a2,0x211320b6,
-        0x432299bb,0x23d7b93f,0x8590e4a3,0x1fe1a057,0xf58c0ce6,0x8e1d0586 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_12(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, km);
-
-            err = sp_384_ecc_mulmod_base_12(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 12 + 12 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12 + 12 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 12;
-
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_12(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_12(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_12(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_add_one_12(sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #1\n\t"
-        "ldr	r1, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r1, r1, r2\n\t"
-#else
-        "add	r1, r1, r2\n\t"
-#endif
-        "movs	r2, #0\n\t"
-        "str	r1, [%[a]]\n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #4]\n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #8]\n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #12]\n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #16]\n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #20]\n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #24]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #28]\n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #32]\n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #36]\n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #40]\n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #44]\n\t"
-        : [a] "+l" (a)
-        :
-        : "memory", "r1", "r2", "cc"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 12, buf, (int)sizeof(buf));
-            if (sp_384_cmp_12(k, p384_order2) <= 0) {
-                sp_384_add_one_12(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 12);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_12(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_12(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_12(point->x) || sp_384_iszero_12(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-    sp_digit k[12];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_12(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_12(ctx->point->x) ||
-                    sp_384_iszero_12(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_12(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_12(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 11; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, priv);
-        sp_384_point_from_ecc_point_12(point, pub);
-            err = sp_384_ecc_mulmod_12(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_12(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-    };
-    sp_digit k[12];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 12, priv);
-            sp_384_point_from_ecc_point_12(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_12(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #48\n\t"
-#else
-        "add	r7, r7, #48\n\t"
-#endif
-        "\n"
-    "L_sp_384_sub_in_place_12_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_384_sub_in_place_12_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #48\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_384_mul_d_12_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_384_mul_d_12_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_384_word_12_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_384_word_12_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<12; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-    r[9] = a[9] & m;
-    r[10] = a[10] & m;
-    r[11] = a[11] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[24], t2[13];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[11];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 12);
-    r1 = sp_384_cmp_12(&t1[12], d) >= 0;
-    sp_384_cond_sub_12(&t1[12], &t1[12], d, (sp_digit)0 - r1);
-    for (i = 11; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[12 + i] == div);
-        sp_digit hi = t1[12 + i] + mask;
-        r1 = div_384_word_12(hi, t1[12 + i - 1], div);
-        r1 |= mask;
-
-        sp_384_mul_d_12(t2, d, r1);
-        t1[12 + i] += sp_384_sub_in_place_12(&t1[i], t2);
-        t1[12 + i] -= t2[12];
-        sp_384_mask_12(t2, d, t1[12 + i]);
-        t1[12 + i] += sp_384_add_12(&t1[i], &t1[i], t2);
-        sp_384_mask_12(t2, d, t1[12 + i]);
-        t1[12 + i] += sp_384_add_12(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_384_cmp_12(t1, d) >= 0;
-    sp_384_cond_sub_12(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_384_div_12(a, m, NULL, r);
-    return ret;
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_12(r, a, b);
-    sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word32 p384_order_minus_2[12] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word32 p384_order_low[6] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_12(r, a);
-    sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_12(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_12(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_12_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_12_ctx;
-static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_12_ctx* ctx = (sp_384_mont_inv_order_12_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 12);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_12(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 12U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 12);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_12(t, t);
-        if ((p384_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 12U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 12;
-    sp_digit* t3 = td + 4 * 12;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_12(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_12(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_12(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_12(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_12(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_12(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_12(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_12(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_12(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_12(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_12(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_12(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_12(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_12(t2, t2);
-        if ((p384_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_12(t2, t2);
-    sp_384_mont_mul_order_12(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_12(k, k, p384_norm_order);
-    err = sp_384_mod_12(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_12(k);
-
-        /* kInv = 1/k mod order */
-            sp_384_mont_inv_order_12(kInv, k, tmp);
-        sp_384_norm_12(kInv);
-
-        /* s = r * x + e */
-            sp_384_mul_12(x, x, r);
-        err = sp_384_mod_12(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_12(x);
-        carry = sp_384_add_12(s, e, x);
-        sp_384_cond_sub_12(s, s, p384_order, 0 - carry);
-        sp_384_norm_12(s);
-        c = sp_384_cmp_12(s, p384_order);
-        sp_384_cond_sub_12(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(s);
-
-        /* s = s * k^-1 mod order */
-            sp_384_mont_mul_order_12(s, s, kInv);
-        sp_384_norm_12(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 12);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 12;
-        k = e + 4 * 12;
-        r = e + 6 * 12;
-        tmp = e + 8 * 12;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_12(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 12, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_384_ecc_mulmod_base_12(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 12U);
-            sp_384_norm_12(r);
-            c = sp_384_cmp_12(r, p384_order);
-            sp_384_cond_sub_12(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_12(r);
-
-            if (!sp_384_iszero_12(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 12, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 12, hash, (int)hashLen);
-
-                err = sp_384_calc_s_12(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_12(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 12, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-        sp_384_mont_inv_order_12_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*12];
-    sp_digit x[2*12];
-    sp_digit k[2*12];
-    sp_digit r[2*12];
-    sp_digit tmp[3 * 2*12];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_12(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 12, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 12U);
-        sp_384_norm_12(ctx->r);
-        c = sp_384_cmp_12(ctx->r, p384_order);
-        sp_384_cond_sub_12(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 12, priv);
-        sp_384_from_bin(ctx->e, 12, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_12(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_12(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_12(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_12_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_12(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_12(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_12(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_384_norm_12(ctx->x);
-        carry = sp_384_add_12(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_12(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_12(ctx->s);
-        c = sp_384_cmp_12(ctx->s, p384_order);
-        sp_384_cond_sub_12(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_12(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_12(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_12(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 12U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-static void sp_384_div2_mod_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r3, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-        "beq	L_sp_384_div2_mod_12_no_add_%=\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-        "b	L_sp_384_div2_mod_12_div2_%=\n\t"
-        "\n"
-    "L_sp_384_div2_mod_12_no_add_%=:\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "\n"
-    "L_sp_384_div2_mod_12_div2_%=:\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #8]\n\t"
-        "str	r4, [%[r]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #12]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #16]\n\t"
-        "str	r7, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #20]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #28]\n\t"
-        "str	r7, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #32]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #36]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #40]\n\t"
-        "str	r7, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #44]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r3\n\t"
-#else
-        "orr	r7, r3\n\t"
-#endif
-        "str	r5, [%[r], #40]\n\t"
-        "str	r7, [%[r], #44]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-static int sp_384_num_bits_12(sp_digit* a)
-{
-    static const byte sp_num_bits_table[256] = {
-        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-    };
-    const byte* table = sp_num_bits_table;
-    __asm__ __volatile__ (
-        "movs	r6, #0xff\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_11_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_133_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x79\n\t"
-#else
-        "add	r2, r2, #0x79\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_133_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_132_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x71\n\t"
-#else
-        "add	r2, r2, #0x71\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_132_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_131_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x69\n\t"
-#else
-        "add	r2, r2, #0x69\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_131_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_130_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x61\n\t"
-#else
-        "add	r2, r2, #0x61\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_130_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_11_%=:\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_10_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_123_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x59\n\t"
-#else
-        "add	r2, r2, #0x59\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_123_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_122_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x51\n\t"
-#else
-        "add	r2, r2, #0x51\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_122_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_121_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x49\n\t"
-#else
-        "add	r2, r2, #0x49\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_121_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_120_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x41\n\t"
-#else
-        "add	r2, r2, #0x41\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_120_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_10_%=:\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_9_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_113_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #57\n\t"
-#else
-        "add	r2, r2, #57\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_113_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_112_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #49\n\t"
-#else
-        "add	r2, r2, #49\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_112_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_111_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #41\n\t"
-#else
-        "add	r2, r2, #41\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_111_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_110_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #33\n\t"
-#else
-        "add	r2, r2, #33\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_110_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_9_%=:\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_8_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_103_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #25\n\t"
-#else
-        "add	r2, r2, #25\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_103_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_102_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #17\n\t"
-#else
-        "add	r2, r2, #17\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_102_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_101_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #9\n\t"
-#else
-        "add	r2, r2, #9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_101_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_100_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #1\n\t"
-#else
-        "add	r2, r2, #1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_100_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_8_%=:\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_7_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_93_%=\n\t"
-        "movs	r2, #0xf8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_93_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_92_%=\n\t"
-        "movs	r2, #0xf0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_92_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_91_%=\n\t"
-        "movs	r2, #0xe8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_91_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_90_%=\n\t"
-        "movs	r2, #0xe0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_90_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_7_%=:\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_6_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_83_%=\n\t"
-        "movs	r2, #0xd8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_83_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_82_%=\n\t"
-        "movs	r2, #0xd0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_82_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_81_%=\n\t"
-        "movs	r2, #0xc8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_81_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_80_%=\n\t"
-        "movs	r2, #0xc0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_80_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_6_%=:\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_5_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_73_%=\n\t"
-        "movs	r2, #0xb8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_73_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_72_%=\n\t"
-        "movs	r2, #0xb0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_72_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_71_%=\n\t"
-        "movs	r2, #0xa8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_71_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_70_%=\n\t"
-        "movs	r2, #0xa0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_70_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_5_%=:\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_4_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_63_%=\n\t"
-        "movs	r2, #0x98\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_63_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_62_%=\n\t"
-        "movs	r2, #0x90\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_62_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_61_%=\n\t"
-        "movs	r2, #0x88\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_61_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_60_%=\n\t"
-        "movs	r2, #0x80\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_60_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_4_%=:\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_3_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_53_%=\n\t"
-        "movs	r2, #0x78\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_53_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_52_%=\n\t"
-        "movs	r2, #0x70\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_52_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_51_%=\n\t"
-        "movs	r2, #0x68\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_51_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_50_%=\n\t"
-        "movs	r2, #0x60\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_50_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_3_%=:\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_2_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_43_%=\n\t"
-        "movs	r2, #0x58\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_43_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_42_%=\n\t"
-        "movs	r2, #0x50\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_42_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_41_%=\n\t"
-        "movs	r2, #0x48\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_41_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_40_%=\n\t"
-        "movs	r2, #0x40\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_40_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_2_%=:\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_384_num_bits_12_1_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_33_%=\n\t"
-        "movs	r2, #56\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_33_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_32_%=\n\t"
-        "movs	r2, #48\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_32_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_31_%=\n\t"
-        "movs	r2, #40\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_31_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_30_%=\n\t"
-        "movs	r2, #32\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_30_%=:\n\t"
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_1_%=:\n\t"
-        "ldr	r3, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_23_%=\n\t"
-        "movs	r2, #24\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_23_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_22_%=\n\t"
-        "movs	r2, #16\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_22_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_21_%=\n\t"
-        "movs	r2, #8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_21_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_384_num_bits_12_20_%=\n\t"
-        "movs	r2, #0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_384_num_bits_12_13_%=\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_20_%=:\n\t"
-        "\n"
-    "L_sp_384_num_bits_12_13_%=:\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [table] "+l" (table)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[12];
-    sp_digit v[12];
-    sp_digit b[12];
-    sp_digit d[12];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_384_num_bits_12(u);
-    vt = sp_384_num_bits_12(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_384_rshift1_12(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_384_rshift1_12(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_384_rshift1_12(v, v);
-            sp_384_div2_mod_12(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
-            sp_384_sub_12(u, u, v);
-            o = sp_384_sub_12(b, b, d);
-            if (o != 0)
-                sp_384_add_12(b, b, m);
-            ut = sp_384_num_bits_12(u);
-
-            do {
-                sp_384_rshift1_12(u, u);
-                sp_384_div2_mod_12(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_384_sub_12(v, v, u);
-            o = sp_384_sub_12(d, d, b);
-            if (o != 0)
-                sp_384_add_12(d, d, m);
-            vt = sp_384_num_bits_12(v);
-
-            do {
-                sp_384_rshift1_12(v, v);
-                sp_384_div2_mod_12(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-
-        sp_384_proj_point_add_12(p1, p1, p2, tmp);
-    if (sp_384_iszero_12(p1->z)) {
-        if (sp_384_iszero_12(p1->x) && sp_384_iszero_12(p1->y)) {
-                sp_384_proj_point_dbl_12(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_12(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_384_mul_12(s, s, p384_norm_order);
-        err = sp_384_mod_12(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_12(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_384_mont_inv_order_12(s, s, tmp);
-            sp_384_mont_mul_order_12(u1, u1, s);
-            sp_384_mont_mul_order_12(u2, u2, s);
-        }
-#else
-        {
-            sp_384_mont_mul_order_12(u1, u1, s);
-            sp_384_mont_mul_order_12(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_384_ecc_mulmod_base_12(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_12(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_12(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_12(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 12);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 12;
-        s   = u1 + 4 * 12;
-        tmp = u1 + 6 * 12;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 12, hash, (int)hashLen);
-        sp_384_from_mp(u2, 12, rm);
-        sp_384_from_mp(s, 12, sm);
-        sp_384_from_mp(p2->x, 12, pX);
-        sp_384_from_mp(p2->y, 12, pY);
-        sp_384_from_mp(p2->z, 12, pZ);
-
-        err = sp_384_calc_vfy_point_12(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 12, rm);
-        err = sp_384_mod_mul_norm_12(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_384_mont_sqr_12(p1->z, p1->z, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_12(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_12(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 12, rm);
-            carry = sp_384_add_12(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_12(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_12(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_12(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_384_mont_mul_12(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_12(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-        sp_384_mont_inv_order_12_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_12_ctx dbl_ctx;
-        sp_384_proj_point_add_12_ctx add_ctx;
-    };
-    sp_digit u1[2*12];
-    sp_digit u2[2*12];
-    sp_digit s[2*12];
-    sp_digit tmp[2*12 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 12, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 12, rm);
-        sp_384_from_mp(ctx->s, 12, sm);
-        sp_384_from_mp(ctx->p2.x, 12, pX);
-        sp_384_from_mp(ctx->p2.y, 12, pY);
-        sp_384_from_mp(ctx->p2.z, 12, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_12(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_12(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_12(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_12_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_12(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_12(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_12(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_12(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_12_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 12, rm);
-        err = sp_384_mod_mul_norm_12(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_12(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_12(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_12(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 12, rm);
-            carry = sp_384_add_12(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_12(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_12(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_12(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_12(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_12(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_12(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 12 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 12 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 12;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_12(t1, point->y);
-        (void)sp_384_mod_12(t1, t1, p384_mod);
-        sp_384_sqr_12(t2, point->x);
-        (void)sp_384_mod_12(t2, t2, p384_mod);
-        sp_384_mul_12(t2, t2, point->x);
-        (void)sp_384_mod_12(t2, t2, p384_mod);
-        sp_384_mont_sub_12(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_12(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 12, pX);
-        sp_384_from_mp(pub->y, 12, pY);
-        sp_384_from_bin(pub->z, 12, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_12(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 12);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 12, pX);
-        sp_384_from_mp(pub->y, 12, pY);
-        sp_384_from_bin(pub->z, 12, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 12, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_12(pub->x) != 0) &&
-            (sp_384_iszero_12(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_12(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_12(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_12(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_384_ecc_mulmod_12(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_12(p->x) == 0) ||
-                             (sp_384_iszero_12(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_12(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_12(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        sp_384_from_mp(q->x, 12, qX);
-        sp_384_from_mp(q->y, 12, qY);
-        sp_384_from_mp(q->z, 12, qZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-        q->infinity = sp_384_iszero_12(q->x) &
-                      sp_384_iszero_12(q->y);
-
-            sp_384_proj_point_add_12(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-
-            sp_384_proj_point_dbl_12(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-
-            sp_384_map_12(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_12(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 12);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 12;
-        t3 = t1 + 4 * 12;
-        t4 = t1 + 6 * 12;
-        t5 = t1 + 8 * 12;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_12(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_12(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_12(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_12(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_12(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_12(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_12(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_12(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_12(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_12(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_12(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_12(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_12(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_12(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_12(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_12(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_12(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_12(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 12);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 12;
-
-        sp_384_from_mp(x, 12, xm);
-        err = sp_384_mod_mul_norm_12(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_384_mont_sqr_12(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_12(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_12(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_12(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_12(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 12, 0, 12U * sizeof(sp_digit));
-        sp_384_mont_reduce_12(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_12(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 17];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 17];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 17];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[17] = {
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[17] = {
-    0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[17] = {
-    0x91386409,0xbb6fb71e,0x899c47ae,0x3bb5c9b8,0xf709a5d0,0x7fcc0148,
-    0xbf2f966b,0x51868783,0xfffffffa,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[17] = {
-    0x91386407,0xbb6fb71e,0x899c47ae,0x3bb5c9b8,0xf709a5d0,0x7fcc0148,
-    0xbf2f966b,0x51868783,0xfffffffa,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[17] = {
-    0x6ec79bf7,0x449048e1,0x7663b851,0xc44a3647,0x08f65a2f,0x8033feb7,
-    0x40d06994,0xae79787c,0x00000005,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x79a995c7;
-#endif
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[17] = {
-    0x6b503f00,0xef451fd4,0x3d2c34f1,0x3573df88,0x3bb1bf07,0x1652c0bd,
-    0xec7e937b,0x56193951,0x8ef109e1,0xb8b48991,0x99b315f3,0xa2da725b,
-    0xb68540ee,0x929a21a0,0x8e1c9a1f,0x953eb961,0x00000051
-};
-#endif
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[17 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0x44\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_521_mul_17_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0x40\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_521_mul_17_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_521_mul_17_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_521_mul_17_mul_%=\n\t"
-        "\n"
-    "L_sp_521_mul_17_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x80\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_521_mul_17_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0x88\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_521_sqr_17_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0x40\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_521_sqr_17_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_521_sqr_17_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_521_sqr_17_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_521_sqr_17_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_521_sqr_17_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0x44\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_521_sqr_17_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_521_sqr_17_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_521_sqr_17_mul_%=\n\t"
-        "\n"
-    "L_sp_521_sqr_17_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x80\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_521_sqr_17_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0x84\n\t"
-        "\n"
-    "L_sp_521_sqr_17_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_521_sqr_17_store_%=\n\t"
-        "movs	r6, #0x88\n\t"
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x44\n\t"
-#else
-        "add	r6, r6, #0x44\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-        "\n"
-    "L_sp_521_add_17_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_521_add_17_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-        "str	r3, [%[r]]\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)m;
-
-    if (r != a) {
-        XMEMCPY(r, a, 17 * sizeof(sp_digit));
-    }
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_17(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 17, pm->x);
-    sp_521_from_mp(p->y, 17, pm->y);
-    sp_521_from_mp(p->z, 17, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 17);
-        r->used = 17;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 17; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 17; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x44\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_521_cond_sub_17_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_521_cond_sub_17_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    (void)mp;
-    (void)m;
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x44\n\t"
-        "mov	r6, sp\n\t"
-        "movs	r5, #0x40\n\t"
-        "movs	r7, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, r5\n\t"
-#else
-        "add	r7, r7, r5\n\t"
-#endif
-        "ldm	r7!, {r1, r2, r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #23\n\t"
-#else
-        "lsl	r5, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #9\n\t"
-#else
-        "lsr	r1, r1, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r1, r5\n\t"
-#else
-        "orr	r1, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #23\n\t"
-#else
-        "lsl	r5, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #9\n\t"
-#else
-        "lsr	r2, r2, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #23\n\t"
-#else
-        "lsl	r5, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "stm	r6!, {r1, r2, r3}\n\t"
-        "movs	r1, r4\n\t"
-        "ldm	r7!, {r2, r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #23\n\t"
-#else
-        "lsl	r5, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #9\n\t"
-#else
-        "lsr	r1, r1, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r1, r5\n\t"
-#else
-        "orr	r1, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #23\n\t"
-#else
-        "lsl	r5, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #9\n\t"
-#else
-        "lsr	r2, r2, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #23\n\t"
-#else
-        "lsl	r5, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "stm	r6!, {r1, r2, r3}\n\t"
-        "movs	r1, r4\n\t"
-        "ldm	r7!, {r2, r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #23\n\t"
-#else
-        "lsl	r5, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #9\n\t"
-#else
-        "lsr	r1, r1, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r1, r5\n\t"
-#else
-        "orr	r1, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #23\n\t"
-#else
-        "lsl	r5, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #9\n\t"
-#else
-        "lsr	r2, r2, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #23\n\t"
-#else
-        "lsl	r5, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "stm	r6!, {r1, r2, r3}\n\t"
-        "movs	r1, r4\n\t"
-        "ldm	r7!, {r2, r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #23\n\t"
-#else
-        "lsl	r5, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #9\n\t"
-#else
-        "lsr	r1, r1, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r1, r5\n\t"
-#else
-        "orr	r1, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #23\n\t"
-#else
-        "lsl	r5, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #9\n\t"
-#else
-        "lsr	r2, r2, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #23\n\t"
-#else
-        "lsl	r5, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "stm	r6!, {r1, r2, r3}\n\t"
-        "movs	r1, r4\n\t"
-        "ldm	r7!, {r2, r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #23\n\t"
-#else
-        "lsl	r5, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #9\n\t"
-#else
-        "lsr	r1, r1, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r1, r5\n\t"
-#else
-        "orr	r1, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #23\n\t"
-#else
-        "lsl	r5, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #9\n\t"
-#else
-        "lsr	r2, r2, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #23\n\t"
-#else
-        "lsl	r5, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "stm	r6!, {r1, r2, r3}\n\t"
-        "movs	r1, r4\n\t"
-        "ldm	r7!, {r2}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #23\n\t"
-#else
-        "lsl	r5, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #9\n\t"
-#else
-        "lsr	r1, r1, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r1, r5\n\t"
-#else
-        "orr	r1, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #9\n\t"
-#else
-        "lsr	r2, r2, #9\n\t"
-#endif
-        "stm	r6!, {r1, r2}\n\t"
-        "ldr	r1, [%[a], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r1, r1, #23\n\t"
-#else
-        "lsl	r1, r1, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r1, r1, #23\n\t"
-#else
-        "lsr	r1, r1, #23\n\t"
-#endif
-        "mov	r8, r1\n\t"
-        "mov	r7, sp\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldm	r7!, {r4, r5, r6}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r1, r1, r4\n\t"
-#else
-        "add	r1, r1, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldm	r7!, {r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r4\n\t"
-#else
-        "adc	r1, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldm	r7!, {r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r4\n\t"
-#else
-        "adc	r1, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldm	r7!, {r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r4\n\t"
-#else
-        "adc	r1, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldm	r7!, {r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r4\n\t"
-#else
-        "adc	r1, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldm	r7!, {r4, r5}\n\t"
-        "mov	r2, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r4\n\t"
-#else
-        "adc	r1, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r2, #9\n\t"
-#else
-        "lsr	r6, r2, #9\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #23\n\t"
-#else
-        "lsl	r2, r2, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #23\n\t"
-#else
-        "lsr	r2, r2, #23\n\t"
-#endif
-        "stm	%[a]!, {r1, r2}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x44\n\t"
-#else
-        "sub	%[a], %[a], #0x44\n\t"
-#endif
-        "movs	r5, #0\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r1, r1, r6\n\t"
-#else
-        "add	r1, r1, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r5\n\t"
-#else
-        "adc	r1, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r5\n\t"
-#else
-        "adc	r1, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r5\n\t"
-#else
-        "adc	r1, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r5\n\t"
-#else
-        "adc	r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[a]!, {r1, r2, r3, r4}\n\t"
-        "ldr	r1, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r5\n\t"
-#else
-        "adc	r1, r5\n\t"
-#endif
-        "stm	%[a]!, {r1}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x44\n\t"
-#else
-        "sub	%[a], %[a], #0x44\n\t"
-#endif
-        "add	sp, sp, #0x44\n\t"
-        : [a] "+l" (a)
-        :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-}
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0x40\n\t"
-        "movs	r6, #0x44\n\t"
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r6, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-        "movs	r6, #1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #8\n\t"
-#else
-        "lsl	r6, r6, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0xff\n\t"
-#else
-        "add	r6, r6, #0xff\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "\n"
-    "L_sp_521_mont_reduce_order_17_nomask_%=:\n\t"
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "\n"
-    "L_sp_521_mont_reduce_order_17_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-        "# a[i+16] += m[16] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[16] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[16] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0x40\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_521_mont_reduce_order_17_mod_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #23\n\t"
-#else
-        "lsl	r6, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #9\n\t"
-#else
-        "lsr	r4, r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #23\n\t"
-#else
-        "lsl	r6, r5, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #9\n\t"
-#else
-        "lsr	r5, r5, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r4, [%[a], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r3, #23\n\t"
-#else
-        "lsl	r6, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r5, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #23\n\t"
-#else
-        "lsl	r6, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #9\n\t"
-#else
-        "lsr	r4, r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r3, [%[a], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #23\n\t"
-#else
-        "lsl	r6, r5, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #9\n\t"
-#else
-        "lsr	r5, r5, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r4, [%[a], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r3, #23\n\t"
-#else
-        "lsl	r6, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r5, [%[a], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #23\n\t"
-#else
-        "lsl	r6, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #9\n\t"
-#else
-        "lsr	r4, r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r3, [%[a], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #23\n\t"
-#else
-        "lsl	r6, r5, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #9\n\t"
-#else
-        "lsr	r5, r5, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r4, [%[a], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r3, #23\n\t"
-#else
-        "lsl	r6, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r5, [%[a], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #23\n\t"
-#else
-        "lsl	r6, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #9\n\t"
-#else
-        "lsr	r4, r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r3, [%[a], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #23\n\t"
-#else
-        "lsl	r6, r5, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #9\n\t"
-#else
-        "lsr	r5, r5, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r4, [%[a], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r3, #23\n\t"
-#else
-        "lsl	r6, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r5, [%[a], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #23\n\t"
-#else
-        "lsl	r6, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #9\n\t"
-#else
-        "lsr	r4, r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r3, [%[a], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #23\n\t"
-#else
-        "lsl	r6, r5, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #9\n\t"
-#else
-        "lsr	r5, r5, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r4, [%[a], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r3, #23\n\t"
-#else
-        "lsl	r6, r3, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #9\n\t"
-#else
-        "lsr	r3, r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #64]\n\t"
-        "str	r5, [%[a], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #23\n\t"
-#else
-        "lsl	r6, r4, #23\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #9\n\t"
-#else
-        "lsr	r4, r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "str	r3, [%[a], #64]\n\t"
-        "movs	r7, r4\n\t"
-        "str	r4, [%[a], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #9\n\t"
-#else
-        "lsr	r7, r7, #9\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #0x44\n\t"
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_521_mont_reduce_order_17_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_521_mont_reduce_order_17_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mul_17(r, a, b);
-    sp_521_mont_reduce_17(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_521_sqr_17(r, a);
-    sp_521_mont_reduce_17(r, m, mp);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_17(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_17(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word32 p521_mod_minus_2[17] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 17);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_521_mont_mul_17(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 17);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 17;
-    sp_digit* t3 = td + 4 * 17;
-
-    /* 0x2 */
-    sp_521_mont_sqr_17(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_17(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_17(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_17(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_17(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_17(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_17(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_17(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_17(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_17(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_17(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_17(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0x40\n\t"
-        "\n"
-    "L_sp_521_cmp_17_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_521_cmp_17_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_521_norm_17(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_int32 n;
-
-    sp_521_mont_inv_17(t1, p->z, t + 2*17);
-
-    sp_521_mont_sqr_17(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_17(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 17, 0, sizeof(sp_digit) * 17U);
-    sp_521_mont_reduce_17(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_17(r->x, p521_mod);
-    sp_521_cond_sub_17(r->x, r->x, p521_mod, (sp_digit)~(n >> 31));
-    sp_521_norm_17(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_17(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 17, 0, sizeof(sp_digit) * 17U);
-    sp_521_mont_reduce_17(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_17(r->y, p521_mod);
-    sp_521_cond_sub_17(r->y, r->y, p521_mod, (sp_digit)~(n >> 31));
-    sp_521_norm_17(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "ldm	%[b]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "movs	r7, #1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r7, r7, #8\n\t"
-#else
-        "lsl	r7, r7, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0xff\n\t"
-#else
-        "add	r7, r7, #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[m], r4, #9\n\t"
-#else
-        "lsr	%[m], r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "ands	r4, r7\n\t"
-#else
-        "and	r4, r7\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[m]\n\t"
-#else
-        "add	r4, r4, %[m]\n\t"
-#endif
-        "movs	%[m], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[m]\n\t"
-#else
-        "adc	r5, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r6, %[m]\n\t"
-#else
-        "adc	r6, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[m]\n\t"
-#else
-        "adc	r7, %[m]\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[m]\n\t"
-#else
-        "adc	r4, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[m]\n\t"
-#else
-        "adc	r5, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r6, %[m]\n\t"
-#else
-        "adc	r6, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[m]\n\t"
-#else
-        "adc	r7, %[m]\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[m]\n\t"
-#else
-        "adc	r4, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[m]\n\t"
-#else
-        "adc	r5, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r6, %[m]\n\t"
-#else
-        "adc	r6, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[m]\n\t"
-#else
-        "adc	r7, %[m]\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[m]\n\t"
-#else
-        "adc	r4, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[m]\n\t"
-#else
-        "adc	r5, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r6, %[m]\n\t"
-#else
-        "adc	r6, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[m]\n\t"
-#else
-        "adc	r7, %[m]\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[m]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[m]\n\t"
-#else
-        "adc	r4, %[m]\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-        "movs	r7, #1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r7, r7, #8\n\t"
-#else
-        "lsl	r7, r7, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0xff\n\t"
-#else
-        "add	r7, r7, #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[m], r3, #9\n\t"
-#else
-        "lsr	%[m], r3, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        "movs	r7, #0\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[m]\n\t"
-#else
-        "add	r3, r3, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x44\n\t"
-#else
-        "sub	%[a], %[a], #0x44\n\t"
-#endif
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r3\n\t"
-#else
-        "add	r5, r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-        "ldr	r6, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-        "stm	%[r]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "ldr	r5, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r3\n\t"
-#else
-        "adc	r5, r3\n\t"
-#endif
-        "movs	r7, #1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r7, r7, #8\n\t"
-#else
-        "lsl	r7, r7, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0xff\n\t"
-#else
-        "add	r7, r7, #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[m], r5, #9\n\t"
-#else
-        "lsr	%[m], r5, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "ands	r5, r7\n\t"
-#else
-        "and	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        "movs	r7, #0\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[m]\n\t"
-#else
-        "add	r3, r3, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "ldr	r5, [%[r], #8]\n\t"
-        "ldr	r6, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r7\n\t"
-#else
-        "adc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldr	r3, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-        "stm	%[r]!, {r3}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r7}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4}\n\t"
-        "ldm	%[b]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "movs	r7, #1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r7, r7, #8\n\t"
-#else
-        "lsl	r7, r7, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0xff\n\t"
-#else
-        "add	r7, r7, #0xff\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "asrs	%[m], r4, #9\n\t"
-#else
-        "asr	%[m], r4, #9\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "ands	r4, r7\n\t"
-#else
-        "and	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	%[m], %[m]\n\t"
-#else
-        "neg	%[m], %[m]\n\t"
-#endif
-        "stm	%[r]!, {r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        "movs	r7, #0\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, %[m]\n\t"
-#else
-        "sub	r4, r4, %[m]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r7\n\t"
-#else
-        "sbc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r7\n\t"
-#else
-        "sbc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r7\n\t"
-#else
-        "sbc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r7\n\t"
-#else
-        "sbc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r7\n\t"
-#else
-        "sbc	r6, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5, r6}\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r7\n\t"
-#else
-        "sbc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "stm	%[r]!, {r4, r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x44\n\t"
-#else
-        "sub	%[r], %[r], #0x44\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x44\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_521_cond_add_17_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_521_cond_add_17_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Right shift a by 1 bit into r. (r = a >> 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "str	r2, [%[r], #60]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_521_cond_add_17(r, a, m, 0 - (a[0] & 1));
-    sp_521_rshift1_17(r, r);
-    r[16] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_17(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_17(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_17(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_17(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_17(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_17(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_17(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_17(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_17(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_17(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_17(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_17(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_17(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_17(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_17(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_17_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_17_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*17;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_17(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_17(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_17(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_17(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_17(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_17(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_17(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_17(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_17(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_17(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_17(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_17(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_17(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_17(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_17(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*17;
-    sp_digit* t2 = t + 4*17;
-    sp_digit* t3 = t + 6*17;
-    sp_digit* t4 = t + 8*17;
-    sp_digit* t5 = t + 10*17;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_17(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_17(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_17(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_17(t2, t1) &
-            sp_521_cmp_equal_17(t4, t3)) {
-        sp_521_proj_point_dbl_17(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_17(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(x, x, t5, p521_mod);
-        sp_521_mont_mul_17(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_17(t3, y, p521_mod);
-        sp_521_mont_sub_17(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_17_ctx {
-    int state;
-    sp_521_proj_point_dbl_17_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_17_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_17_ctx* ctx = (sp_521_proj_point_add_17_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*17;
-        ctx->t2 = t + 4*17;
-        ctx->t3 = t + 6*17;
-        ctx->t4 = t + 8*17;
-        ctx->t5 = t + 10*17;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_17(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_17(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_17(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_17(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_17(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_17(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_17(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_17(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_17(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_17(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_17(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_17(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_17(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_17(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_17(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_17(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_17(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_17(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_17(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_17(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_17(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_17(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    r->z[12] = 0;
-    r->z[13] = 0;
-    r->z[14] = 0;
-    r->z[15] = 0;
-    r->z[16] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-        r->z[12] |= mask & table[i].z[12];
-        r->z[13] |= mask & table[i].z[13];
-        r->z[14] |= mask & table[i].z[14];
-        r->z[15] |= mask & table[i].z[15];
-        r->z[16] |= mask & table[i].z[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 521 doubles.
- * 143 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_point_521* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_521, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_521, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_521_mod_mul_norm_17(t[1].x, g->x, p521_mod);
-        (void)sp_521_mod_mul_norm_17(t[1].y, g->y, p521_mod);
-        (void)sp_521_mod_mul_norm_17(t[1].z, g->z, p521_mod);
-        t[1].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_521_proj_point_add_17(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_521_proj_point_add_17(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_521_proj_point_add_17(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 15;
-        n = k[i+1] << 0;
-        c = 5;
-        y = (int)(n >> 5);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_16_17(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_521));
-        }
-        n <<= 27;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n = (k[i+1] << 31) | (k[i] >> 1);
-                i--;
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_16_17(p, t, y);
-                p->infinity = !y;
-                sp_521_proj_point_add_17(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
-            }
-        }
-        y = k[0] & 0x1;
-        sp_521_proj_point_dbl_17(rt, rt, tmp);
-        sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 17 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_521, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_521, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*17;
-    sp_digit* b = t + 4*17;
-    sp_digit* t1 = t + 6*17;
-    sp_digit* t2 = t + 8*17;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_17(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_17(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_17(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_17(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_17(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_17(t2, b, p521_mod);
-        sp_521_mont_sub_17(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_17(t2, b, x, p521_mod);
-        sp_521_mont_dbl_17(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_17(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_17(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_17(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_17(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_17(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_17(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_17(t2, b, p521_mod);
-    sp_521_mont_sub_17(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_17(t2, b, x, p521_mod);
-    sp_521_mont_dbl_17(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_17(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_17(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_17(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_17(y, y, p521_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_17(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 17;
-    sp_digit* tmp = t + 4 * 17;
-
-    sp_521_mont_inv_17(t1, a->z, tmp);
-
-    sp_521_mont_sqr_17(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_17(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[17];
-    sp_digit y[17];
-} sp_table_entry_521;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*17;
-    sp_digit* t6 = t + 4*17;
-    sp_digit* t1 = t + 6*17;
-    sp_digit* t4 = t + 8*17;
-    sp_digit* t5 = t + 10*17;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_17(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_17(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_17(p->x, t2) &
-            sp_521_cmp_equal_17(p->y, t4)) {
-        sp_521_proj_point_dbl_17(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_17(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_17(t5, t3, p521_mod);
-        sp_521_mont_sub_17(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_17(t3, t3, x, p521_mod);
-        sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 130 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_17(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_17(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_17(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_521_proj_point_dbl_n_17(t, 131, tmp);
-            sp_521_proj_to_affine_17(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_17(t, s1, s2, tmp);
-                sp_521_proj_to_affine_17(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_16_17(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^130, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 17 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 130;
-        for (j=0; j<4 && x<521; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 131;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_16_17(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=129; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4 && x<521; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 131;
-            }
-
-            sp_521_proj_point_dbl_17(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_16_17(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_17(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[17];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[17];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_17(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_17(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_17(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_17(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 65 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_17(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_17(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_17(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_521_proj_point_dbl_n_17(t, 66, tmp);
-            sp_521_proj_to_affine_17(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_17(t, s1, s2, tmp);
-                sp_521_proj_to_affine_17(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_256_17(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 17 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 65;
-        for (j=0; j<8 && x<521; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 66;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_256_17(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=64; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8 && x<521; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 66;
-            }
-
-            sp_521_proj_point_dbl_17(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_256_17(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_17(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[17];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[17];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_17(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_17(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_17(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_17(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(point, gm);
-
-            err = sp_521_ecc_mulmod_17(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 17 + 17 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17 + 17 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 17;
-
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(point, gm);
-        sp_521_point_from_ecc_point_17(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_17(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_17(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 131 between points.
- */
-static const sp_table_entry_521 p521_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6 },
-      { 0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118 } },
-    /* 2 */
-    { { 0x66fd07ca,0x1036eb9b,0x6b7fb490,0x6ca52cc1,0xd3e0c270,0x512e973e,
-        0x73d92d11,0x889980bf,0xa4005eea,0x38b4cfe4,0x8ceb4313,0xb6f992cc,
-        0x6daf7c23,0xd0ac2f8d,0xe32a93cb,0x1ccfbf17,0x000000c2 },
-      { 0x2f508cca,0x7bd9d6f1,0x595a72af,0xe82d7171,0x97512873,0x25d02976,
-        0x8cf39fbc,0xefc1de8b,0x9a1237f4,0x25e6b77f,0xd4d98b5d,0x9f3b73e7,
-        0xeccb07fe,0xe1fda62b,0x625350cf,0xdb813b03,0x00000014 } },
-    /* 3 */
-    { { 0x9b27bd61,0x415a1c9b,0x606854d6,0x74522753,0x92e73538,0x9e331ef4,
-        0x817e7a6d,0x0b3dba85,0x49ac273b,0x55c4bd53,0xfcb5417f,0xad42c78d,
-        0x92e08d38,0x528998b9,0xcc1914cc,0x14c2fff6,0x000000c1 },
-      { 0x767e9645,0x35b26fb0,0xc5e5a659,0x162b512f,0xcc47fbb8,0xa6e03696,
-        0x0a29a69b,0x732db065,0xd56bdf5d,0x058a74ed,0x25c858d9,0x4b7b60a0,
-        0xbd43373d,0x17f8a6d4,0xedf610b4,0x7b968f51,0x0000011f } },
-    /* 4 */
-    { { 0x1bc0fa77,0x5f56b5a4,0x64fd36f5,0x6cdd6bb5,0x8a5b7c7f,0xd0ac68b5,
-        0x09919ef9,0x4a92d9bf,0x71c3c520,0xc305e12b,0xdb699aee,0x554a9d1c,
-        0x61f54643,0x7fde0077,0x479115ce,0x99c13124,0x00000039 },
-      { 0xc271ac2d,0x25f890e1,0x94b370ac,0x1353ccd3,0x744d4011,0xc7b5adf6,
-        0xbe378127,0x9ccd7687,0x06c4e3cd,0xa8489b5c,0x305505f9,0x1945580a,
-        0x4ab3b12b,0x07190a20,0x1534ea4d,0x0ff53eb1,0x00000159 } },
-    /* 5 */
-    { { 0x91798548,0x877d4edd,0x031d657a,0xc43c7b25,0xfab18a04,0x47603671,
-        0xf670b476,0x7e39e7f2,0xb02fcc03,0xf7b76431,0x877f46f5,0x7c5662f3,
-        0x1c8b0c61,0x5bf8327e,0x4a8be322,0xe9cdb353,0x000001ae },
-      { 0x9d264420,0xa2d7092e,0x533ff3db,0x1f970352,0x99b5b52e,0x31dd232b,
-        0x850f45e9,0x8a9ce16b,0xc3011849,0x01c99023,0xc8e9301e,0x4bc30989,
-        0xcd95f64c,0x77a4de70,0x1026f289,0xbc8797bb,0x000000d7 } },
-    /* 6 */
-    { { 0x2be9edf8,0x98ea0934,0xfcb98199,0x6c2f3132,0xfaf83aeb,0xf579893d,
-        0xc73fda0f,0x858e87bb,0x7a0b9d1c,0xd3c0b3fb,0x71ee68b1,0x21fe6305,
-        0x66aa6f16,0x5bf8f01f,0xbca825ed,0x30934c99,0x000000d1 },
-      { 0x913022f2,0xe4309850,0xde5b80ce,0xfdc336c9,0x8b6130ef,0xb716d689,
-        0xa758d2f4,0x8a58b405,0xaa5cbc1c,0x98879df8,0xc12ce0bb,0x847cfd06,
-        0x8c02ff3c,0xa1006360,0x3438695b,0x836e906a,0x00000136 } },
-    /* 7 */
-    { { 0x259ce02d,0xac8fe351,0xdae5e0f7,0xa506da0c,0xf043421d,0x77b56e98,
-        0xa1647490,0xe0d041c7,0x9cb90101,0xe41f0789,0xda3e72e6,0x29bbf572,
-        0x04a14df0,0x6b635c47,0xe81ef5d3,0x56873f58,0x000001dd },
-      { 0x5cf9e33f,0x77abe79e,0x0a1117fd,0x91aab581,0xcbac2fe1,0x11edf3b1,
-        0xd72113b7,0xef43e017,0x06b74002,0xf9ad685c,0x8fbd3b1a,0x7e6370ce,
-        0x42f73a82,0x550dd50b,0xc5e64a9b,0x8f2146be,0x000001f2 } },
-    /* 8 */
-    { { 0x2934ed82,0x05a704cc,0x989edd8c,0x647089fb,0x0ce7c62d,0xe0b239d4,
-        0x105a5eff,0x4c892ea6,0xd5ed6b04,0xa519395f,0x509ed794,0x806c7003,
-        0xe70ce5c4,0x882e9886,0xff01f6a9,0x50730ca1,0x00000088 },
-      { 0xdbcc5484,0x90a78a16,0xfd454b50,0xc1ab078c,0xcb09e525,0x6f488252,
-        0xe19b2ed7,0xdd663f53,0xa67bf59c,0x16b10da1,0x36bb770a,0xb47f6b95,
-        0x777b2bce,0x6bdc8428,0x561553f8,0xcd02ae3d,0x00000017 } },
-    /* 9 */
-    { { 0x1579d15a,0x1e3633a0,0x3e98cd1f,0x574f0c23,0xc60f4f99,0x45969dca,
-        0x49fb9f24,0x10062c93,0xd378f640,0xd29a29d7,0xd7d48c2f,0xec941760,
-        0x31fbea5c,0xf0591c59,0xb40f9ebf,0xd6173e6b,0x00000063 },
-      { 0x5a984a72,0x220f4f39,0x32510f26,0x9a3f82ce,0x8c069a1d,0xf3d04c76,
-        0x69a21e57,0xf1d6d891,0xdc4db601,0x6b96b30b,0x64dcf3e0,0x71eeb728,
-        0xc7caaff3,0x6f80c483,0x571b66e4,0x45533092,0x000000b0 } },
-    /* 10 */
-    { { 0x87140dad,0x49ae4521,0x57e2803e,0xda73032b,0x026ea20a,0x13f5e5eb,
-        0x6e00afb9,0x2d54c4b0,0x7a150474,0x4393b92b,0x13f1a7da,0xb5b41bf8,
-        0x02b5867a,0x6d786907,0xaf2ea4d1,0x5193a9ac,0x000001b3 },
-      { 0xa6b186cb,0x2a1563f7,0xe28e57b6,0x73a70a44,0x78fc8a1d,0xd7c4fc6d,
-        0xdf3d6d99,0x4c9b4581,0x1e373aab,0x544f5249,0xe913498e,0xe99434a2,
-        0xc4700f4c,0x30159749,0xe5142766,0xb8ef02cc,0x000001d0 } },
-    /* 11 */
-    { { 0xb9e6ffc9,0xe99805a6,0xf74d977b,0x1a357f05,0x5c9941bc,0xc8ddef31,
-        0xcbe842e7,0x4b6d66ca,0xa20dc12d,0x84e1f75f,0x5f0c02fc,0x8b1b2c50,
-        0x037b493d,0x3fa1889e,0x95705046,0x720bd9e0,0x000001c2 },
-      { 0x93ab9309,0x1a1f3378,0x226a8f94,0xe05a30a2,0x4045f1bd,0x2c01a52d,
-        0xab5f5115,0xf42e8fd5,0x0c05fecf,0x954d1d09,0x8d0650d3,0x47e964d1,
-        0x3c860801,0x6866fa5d,0x5abbb4af,0xac2fecbf,0x0000012c } },
-    /* 12 */
-    { { 0xe5537747,0x846dc3d2,0x1f5f9f46,0xe28e00df,0x3f31e42d,0x041af624,
-        0x256af225,0x4948947f,0xff4f9550,0x3896c61a,0x34bb5a3e,0xcb40c773,
-        0xeceafacc,0xb9becb07,0x4d45e83e,0xfe29f049,0x000001aa },
-      { 0x6b5578db,0x83fb71b3,0x0a710526,0x3017f115,0x5f220d77,0x189ec946,
-        0x48465e68,0xba87ae07,0x70e0cbea,0x1da474d5,0x2b2ba7c5,0xb92cb0a6,
-        0x8b1fb7e2,0x35cb356d,0x2cc8cb18,0x1155296a,0x0000000f } },
-    /* 13 */
-    { { 0x6ed0f604,0x7f9c9d9b,0xcb49c6d7,0x765e43e9,0xae9be5ca,0x03c4dd67,
-        0x405aed36,0x5480888b,0x920ccddb,0x3a69ebb2,0x03f0c7cc,0x44ec0573,
-        0xce89b026,0x158e2437,0x4f179a17,0x86795029,0x0000003a },
-      { 0x9f193dd9,0xf7854032,0xdcc158a9,0x531e4068,0x3642b1a5,0x774171bf,
-        0xc1e53aa3,0x12b4920f,0xfd87478d,0xd1c5fb53,0xa7cba7ca,0x48958c58,
-        0x3f66f2c7,0x375b2cb2,0x598899bd,0x1b510d0f,0x000001b8 } },
-    /* 14 */
-    { { 0x52007e41,0xfe96299d,0xcd708dcd,0x997140b5,0xf655f6fa,0xe9294eed,
-        0xd58b839d,0x7701d45d,0xb6f77cdb,0x5dbdf5ad,0x95a572f0,0x265189f4,
-        0xb3515e7b,0xc162794e,0x72655e0b,0xbfb571e0,0x00000168 },
-      { 0xbda82a6b,0xf0d2b863,0x390a9cc7,0x3df5b283,0x700fcd7b,0xbab9995a,
-        0xfa4e6c06,0xc01ef0af,0x76a392d4,0x10a98513,0x955392f0,0xa7e3fc72,
-        0x1d7a8550,0x8e3c0128,0x361898a8,0xcbca551a,0x0000010f } },
-    /* 15 */
-    { { 0x3ab71115,0xc8a4cd40,0xbcb9b55b,0xb783170d,0xabd9b426,0x1be20f6a,
-        0x5377b714,0x32d2ea64,0x6b358bbf,0xda342480,0x6e202211,0x782bc800,
-        0xaa27c499,0xf80974c4,0x50341cde,0xc2e66fa9,0x0000004e },
-      { 0x24ae60c3,0x082cb95b,0x83ad7484,0xd4b80af4,0x6205256b,0x84b739ce,
-        0xae1fe063,0x616f505e,0x342f218f,0xef14ea68,0x64a01186,0x2b17d66c,
-        0x50858bce,0x60e889ce,0xd5881005,0xdb046c59,0x000001e1 } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^130, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_17(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 66 between points.
- */
-static const sp_table_entry_521 p521_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6 },
-      { 0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118 } },
-    /* 2 */
-    { { 0x0f0ccb51,0x80398667,0x3654974a,0xb87e1d01,0xb2b29ed9,0x7f58cf21,
-        0xa3add337,0x06c0e9aa,0xe9d08ffb,0xf13b35d0,0x96761627,0xdd8bf44c,
-        0x758a3ef4,0xa4a18c14,0xa0043adb,0x96a576dd,0x0000013e },
-      { 0x632d95a3,0x2bde24f8,0x4c524829,0x79f15ef1,0x9bdaba19,0xaadd863e,
-        0xa962b707,0xdde053f4,0x14258d98,0xc598a2de,0x061c235c,0x9fa5a19d,
-        0xe8ffd32c,0x0ed46510,0xef78ceac,0x2aea9dd1,0x00000185 } },
-    /* 3 */
-    { { 0xeaaf1fe3,0xd0a91dd8,0x4400b52b,0x0db38662,0x21abf0d2,0xff6a06a9,
-        0xa768c940,0x9412879a,0x9a1eec37,0xf3791abc,0x2738343c,0xc913fbe6,
-        0xe222abc1,0x728b42ab,0x2b9ef313,0x874c0a86,0x00000157 },
-      { 0xe6f03d49,0x0ac8f184,0x1e48be03,0xa9c357e4,0x815cbdef,0x02ce5ef3,
-        0x5fd8dc3c,0x7a41c7ab,0xfaeb109d,0x4bef67c9,0xa84f4d38,0x2f98cca1,
-        0x672f0aae,0x7e03d47d,0x1d58968b,0x24b1ab58,0x00000007 } },
-    /* 4 */
-    { { 0xdf9314e0,0x904f2d4b,0xe7a00aac,0xdaae850d,0x582efb03,0x79231083,
-        0xec7fe6d2,0x80f1c283,0x199d74a8,0x2d5b3996,0x395007e7,0x5f120b9b,
-        0x4773f03e,0x30d23773,0x3b78b686,0xf4c19273,0x00000121 },
-      { 0xfa8b51f0,0xf103ff6d,0x40e2bdf0,0xae7afb51,0x83254171,0x1130380e,
-        0xcda10d95,0xe83501b8,0x4f3a8c01,0x1057771e,0xac807069,0x8f52196a,
-        0xa5623821,0x3609b0aa,0x94a0a7f1,0x8c257906,0x000001db } },
-    /* 5 */
-    { { 0xb2c0958d,0x300370cc,0x69a7b387,0x89aef166,0x480c9b38,0x2792f3cf,
-        0xfab3e149,0x0b2984f2,0x50748967,0x9751e436,0xad33db2a,0x9cab99d5,
-        0xb44a4daa,0x4d945d32,0x16c77325,0xa26cca52,0x0000000a },
-      { 0xf9e66d18,0xcdbe1d41,0xaa117e7a,0x80aeef96,0xddb0d24b,0x053214a2,
-        0x5c98b7bf,0x6dcfb227,0xdfd3c848,0x613e7436,0x3ca4d52c,0x6e703fa1,
-        0x18551e64,0x0c8e2977,0xbfa8527d,0xf5e90eac,0x000001c6 } },
-    /* 6 */
-    { { 0x4ab2d58f,0xa2c2f1e7,0x2a097802,0xc1bbf82c,0x770bb76a,0x6583eb24,
-        0x5667f7bd,0x8e4ed9ed,0xfd96897e,0xd8c01d86,0x3fbe0f15,0x66395a13,
-        0xd99cdcb1,0x51e4f39d,0x720deb25,0xde08424a,0x00000082 },
-      { 0x60ea91af,0x97aa53b2,0x7a31dfdd,0xa4384af7,0x5cd09bbe,0xcd82f239,
-        0xf30058e1,0x997c19da,0xe5c78e97,0x443b60c6,0x575b1845,0xfaae9b5f,
-        0x08c2ce16,0x5ce86f33,0x4f63fa86,0x983ce58f,0x00000073 } },
-    /* 7 */
-    { { 0x8217609d,0xaee93131,0x2412fc00,0x7f8a9dd4,0x286c6329,0xe117e64c,
-        0x7bf1c65e,0xcc3782d6,0x8d03eee5,0xe8c144db,0x9ab93799,0x01acacb2,
-        0xb07784c7,0x215eb1b5,0x1affcd87,0x2c409fa8,0x000000f8 },
-      { 0x378139a4,0x007d3766,0xb55bea93,0xc6d969eb,0x68c8bc9d,0xc7c60d6f,
-        0x5f93f242,0x844e8461,0x741717d9,0x8461ca2a,0xf0bf120e,0x8e930e79,
-        0x6b5699d7,0xe1554a02,0x6a4fb6de,0xe69c7702,0x0000007d } },
-    /* 8 */
-    { { 0x4bee80d7,0x61b51bb0,0x7692de69,0x0e1f6a1f,0xa0ebc3bd,0x8379e46c,
-        0x930644f0,0x1c0bffa7,0x390db077,0x97c67b87,0xfada1ce9,0x095c33e1,
-        0xac54b512,0x3c500add,0xd3118656,0xc231d360,0x000000b0 },
-      { 0x39bcab2f,0x06289298,0x64dd220a,0xc0c06780,0x763dc2a0,0x062f6084,
-        0x1938c3e3,0x88e9da73,0x52e46eb9,0x69be8f2d,0x6a5de0fd,0xe55c8d2d,
-        0xdb2c0e26,0xf3a3fd63,0x1e4bff57,0x899c6d9f,0x0000014a } },
-    /* 9 */
-    { { 0xec05ce88,0x9ff6e3a1,0xb6afd202,0xf8fc2496,0x6fbeb007,0x0b9d2077,
-        0xeebded40,0xb50ec0bd,0x693700f7,0xaef97742,0x3f7b030e,0x806e37a1,
-        0x1b901f77,0x5cf17d17,0xca95ae0f,0x9036e5df,0x00000159 },
-      { 0x000e8e0c,0x00af64b5,0x06fb4df9,0xd3f2ae04,0x449f23ba,0x5f61da67,
-        0x255b25a9,0x0ca91842,0x8e33c650,0xfa6af3e6,0xc2c027c1,0x14373c00,
-        0x972840a5,0x99f3cda1,0xd0e84240,0x98c62b79,0x000000e7 } },
-    /* 10 */
-    { { 0xae4d0f28,0xe8c7c4a8,0x566d006e,0x3a8a55ef,0x066e4023,0x37985f65,
-        0x5d321b76,0x8deccab5,0xb8351b07,0x38b966d6,0x57d548ab,0x2e889e53,
-        0xe631ab0b,0x7a9e8e2f,0xe75c537b,0x45c60f95,0x00000059 },
-      { 0x7867d79c,0xbca27d34,0x81c81980,0x7f460b15,0x976b8c51,0x7ec2d9ab,
-        0x61b91ed9,0xfcd04486,0xd9c1d15f,0x730a7a25,0xf94c9db9,0x8a2cf259,
-        0x5dec5a3b,0x8e784b87,0x3e5131ee,0x06252607,0x00000004 } },
-    /* 11 */
-    { { 0xf1631bba,0xdee04e5c,0x156f4524,0x40e6c1df,0xe4c30990,0x06603f30,
-        0x6b6abec7,0xdb649a43,0xf6b94f6e,0x354f509c,0x36b7e0b5,0x7fecf469,
-        0xba1e6dd2,0xa7a7107e,0x689450ca,0x889edac5,0x00000022 },
-      { 0xd05596f2,0x9012916e,0xb023cb8b,0xe3901dac,0xe7d4abe1,0x2501d3ec,
-        0xa9c90313,0xb2815040,0xc6d146d0,0x9dbcd3f1,0x74ee1896,0x6fa1d5b1,
-        0xa91226fb,0x49aea161,0xb8a80984,0x754ceedf,0x00000154 } },
-    /* 12 */
-    { { 0x4270b2f0,0xb64e27b0,0xbf4d74d7,0x84b34e48,0x0c2722ba,0xb186be8b,
-        0x9ff9b71c,0xf54a589d,0x34fd6bc4,0x9887e4df,0x7412f49d,0xb7c669fd,
-        0x77f89d16,0x4008d9bb,0xc902e074,0xafb9426b,0x000001cf },
-      { 0x662935ca,0xcca4f2d1,0x997dcc46,0x2847c703,0x353c79f8,0xc089e9e5,
-        0x5215f0f4,0x9ed8d989,0x80911b9d,0x59cf08bc,0x6de27aa3,0x4b03540e,
-        0xf69e320d,0x52f4d63e,0x94ef193b,0xa0217fd6,0x000000e6 } },
-    /* 13 */
-    { { 0x74214780,0xb77de627,0x207459ea,0xca066817,0xe9c7fb01,0xf78579b7,
-        0xd6d4b7c7,0xe55548c1,0xa66caa39,0x45756190,0x98505a4f,0xf8141b03,
-        0x4c8864eb,0xa5ca0d7c,0x9e129d3f,0xbf8af950,0x00000053 },
-      { 0x85285092,0xbc9b29d8,0x8eed5e5f,0x82f31daa,0xf618aab9,0x9c33690e,
-        0xd2626ed1,0x0eee14f4,0x07ed8e09,0x4229570b,0x8736d040,0x1977920e,
-        0xede7d01d,0x47ee25ff,0xbc7ab73b,0x3c921c3a,0x000001b9 } },
-    /* 14 */
-    { { 0xa08b2b14,0x0b6a07cc,0xbf174c7f,0xaa978deb,0xc40cb2a4,0x291cb828,
-        0x90adc838,0x95c78272,0x8c1edde6,0x08da8b2a,0x90fbd220,0x741ceb2f,
-        0x322db94e,0x5f89c9e5,0xb73c548e,0x18266085,0x0000007d },
-      { 0x2defd012,0x69ebf82a,0x5a1537ef,0x01ecb094,0x3ef0811d,0x3c557535,
-        0xb2bd4dea,0x59c882a7,0x7bf969c8,0x00a1f972,0x0b25ad1b,0x063adf5e,
-        0xf2536005,0x4c1ff306,0x4112fe18,0x8e515bec,0x00000117 } },
-    /* 15 */
-    { { 0xefe3d3d5,0x9314787f,0x9d897227,0x29e76f65,0xe0b6acf5,0x15c77ed1,
-        0x1c5e8dd9,0x9c2b7b20,0x5f5667af,0x788038f1,0xf3576ef4,0xf38c766f,
-        0x0040154a,0x9f0623c8,0xde883b53,0x47d3c44b,0x00000096 },
-      { 0xde1b21a4,0x32075638,0x571081c1,0xbb6399c1,0x75c03599,0x322e6067,
-        0xade60cf5,0x5c7fde7f,0xefc19059,0x1b195440,0xdd7b3960,0x7e70ac8c,
-        0x6a6fa73e,0x4aa5a83d,0x63080764,0x34f8cfac,0x00000042 } },
-    /* 16 */
-    { { 0x286492ad,0xee31e71a,0x65f86ac4,0x08f3de44,0xda713cb4,0xe89700d4,
-        0xa86b7104,0x7ad0f5e9,0x2572c161,0xd9a62e4f,0x25cc1c99,0x77d223ef,
-        0x3b962e0c,0xedff6961,0x81d8b205,0x818d28f3,0x0000008e },
-      { 0x8cdf1f60,0x721231cf,0x6717760f,0x8b640f2b,0xe045a403,0xbe726f8c,
-        0x0370689f,0x422285dc,0x72ea0dcb,0x7196bf8f,0xc8086623,0xa16f7855,
-        0xc326fe48,0xd4e19fc7,0x8f68bf44,0xfdbc856e,0x0000013e } },
-    /* 17 */
-    { { 0xe6a3ace5,0xde34d04f,0x896191c1,0x0dbb603e,0xf75ed0f4,0xb4dc0007,
-        0x95b259b5,0x15e0e6bc,0x2615f020,0xdfbcba66,0xd31ea3f8,0xb2ec5433,
-        0x103ff824,0x42b0b0e4,0xc480332e,0x19315060,0x00000111 },
-      { 0x045452f1,0x9997ea28,0x71f3f73b,0x80b678cf,0x41e9328e,0x4a52bddc,
-        0xe6af1c23,0xb7f2656e,0xb44215e7,0xc43805b9,0xf0a4028b,0x3aa734f2,
-        0x422476e2,0xe3c72479,0x68c60cf7,0x6dc2e8b0,0x000001f1 } },
-    /* 18 */
-    { { 0xfffc0de5,0xbcdfae6f,0xab4a5f24,0xa801814f,0xea2aa8dd,0x19013658,
-        0xda4f0441,0xf3b1caf5,0x34100611,0xf24b9cdb,0x96e0cf88,0x48c324ed,
-        0x23055c82,0x4b7ea334,0x89092e29,0x6e835b64,0x000001d3 },
-      { 0x07372f27,0x7eb77ae7,0x83bae19a,0x4779b4fa,0x65429ebb,0xa175dae1,
-        0xfc03ef3f,0x942ec266,0x6991c7c4,0x0e5fc6a9,0x56253d3c,0xa0f61e4f,
-        0xde74e738,0x7a11ff58,0x624de919,0x60524cd4,0x00000002 } },
-    /* 19 */
-    { { 0x01342e08,0x45b5d0ca,0xb749f0af,0x509ed4f0,0x6529d804,0xeb5502d9,
-        0x6d80359c,0x5eb087db,0x4c384800,0xeaa66a87,0xc75a8784,0xe972c7a0,
-        0x6874317e,0x8c169e21,0xe5c9fbf4,0x81c556e0,0x0000014f },
-      { 0xe120674d,0x26b0b12b,0x219f00ac,0xc6bf09b9,0xd658caa6,0x1e1e732d,
-        0x8292d99e,0xc771c5af,0x25fdbf80,0x5d813529,0x3666c37d,0xe61bd798,
-        0x1d0df680,0x8dac946a,0xc39f0983,0x58dcf684,0x0000009f } },
-    /* 20 */
-    { { 0x7b7dc837,0x14169102,0xb50eb1c4,0x2d719754,0xd7e6741b,0x04f4092a,
-        0xbc824a38,0x1d0a7f1d,0xc8e20bcf,0x570b2056,0xda181db0,0x6732e3b9,
-        0x0a7b508a,0x7880636e,0xc9f70492,0x11af502c,0x00000045 },
-      { 0xc56f4ffa,0x0b820d94,0xc4f0c0fa,0x1c6205a2,0xa1a0606a,0x99f33d4e,
-        0x79b316fb,0x1bab6466,0xe4f240fc,0x05aa0852,0x92d7dc43,0x22539b78,
-        0x06e3c073,0x03657f12,0xcedb6633,0x28405280,0x00000059 } },
-    /* 21 */
-    { { 0x4397760c,0x90d08711,0x1c9fcd06,0xb9020b76,0x987e24f7,0xc7fec7fa,
-        0x522335a0,0x0e33b8a0,0xae21ca10,0x73dbeafd,0x3b032220,0x458c060a,
-        0xee145da6,0x9b9c73b8,0x27ff62ef,0x31c661e5,0x000000aa },
-      { 0x81430b5e,0xaf518eb0,0x50ee0d69,0xb32f9cea,0xaa6ebe8b,0x0ecdb0b5,
-        0x9fe1d689,0x1f15f7f2,0x1a59cc9a,0xce5d68f3,0x08ab2a63,0xf4d67994,
-        0x4347ce54,0xe85b1cef,0x286d0776,0x8ff423c0,0x00000176 } },
-    /* 22 */
-    { { 0x33dcec23,0x8564104c,0xcdd07519,0xbaf0d61b,0x4c4f309a,0x486daf51,
-        0xde488715,0xf01bc8f5,0xd3539ba3,0xddd6baf1,0x3a3be8ec,0xbb7e665d,
-        0xcb5d865f,0xf919dac3,0xf12149a0,0xfe203da3,0x00000173 },
-      { 0x78d4a3d1,0x043ae9a1,0x865316d8,0xa4d5cf58,0x41176463,0xeaf026c0,
-        0xf84afa44,0x316c638f,0xffea422d,0x512f2397,0x6622b613,0x691eaa04,
-        0x97e7068d,0x48856ea3,0xf4a1b33c,0x42d1b2e3,0x000001b5 } },
-    /* 23 */
-    { { 0x1f487402,0xf51b2d5e,0x7aaf1dd5,0xe36016e6,0x6da9c20a,0x1eb3f1f5,
-        0xece45bfd,0x25b7d361,0x027a9e18,0x42db0633,0xe8411649,0xbf228777,
-        0x458773d0,0xf5fce0c4,0x2dd7a5f0,0xb2b3151d,0x0000001f },
-      { 0xfbaa096a,0x102773e8,0xe093a878,0x152726eb,0x2c7f1781,0x5c53cd07,
-        0xab5dca76,0x38d3dfd0,0x87ef2d4a,0xbb4a7d85,0xb7eb11c2,0x5c9c2013,
-        0x0b6da22f,0x5e353c34,0xa325ecad,0x846d50a5,0x00000039 } },
-    /* 24 */
-    { { 0x1677df58,0x76da7736,0x1cb50d6c,0x364bd567,0x0a080ff2,0x0443c7d7,
-        0x86532430,0xa0a85429,0xc35101e7,0x82002dd2,0x48c5cd76,0xbebc6143,
-        0xca6cf13f,0xff1591ae,0x98bf8dc0,0x91c7c2e6,0x000000fb },
-      { 0x12de14d5,0x6a7c5cad,0x6561c822,0xbc448c5f,0x7cdbb3da,0x9f8de430,
-        0xc76811d7,0x9c58f011,0x75462049,0x1e89806e,0xc9a74e49,0xe52ad0a2,
-        0xb2be37c3,0x2034685c,0x0a0bc72d,0x7a863245,0x000000ec } },
-    /* 25 */
-    { { 0x8a86786e,0x33818c21,0x2137e2c8,0xed537f74,0xa7e6eb20,0x5d9690d1,
-        0x5cdc4803,0x9790ec70,0x24f7bd75,0x469162c8,0x4e1f0f14,0x09e7ef9d,
-        0xce9915ca,0xd30c128b,0x6c71226f,0x810145f6,0x0000002d },
-      { 0xb71d87e5,0x312749f5,0x7b02ceda,0x25f3b141,0xe0baff16,0x02456d2e,
-        0xfcae6627,0x97f7b3a9,0x37bd985f,0x0d6ebf8f,0x7fa6d0c1,0x20aa81b9,
-        0x21f2f137,0xb29f1a01,0x5cc0ddb1,0xe326a2f8,0x0000003d } },
-    /* 26 */
-    { { 0x38c2ee78,0x26f3398b,0xa75a0bee,0x40c3d101,0x565a7f8e,0x35a31706,
-        0x04019e5d,0xd12985e3,0xb8174b6e,0x21e2a642,0xaf80a52a,0x25a15ee8,
-        0x8518d80e,0x5d1e0fe6,0x04f6ea9a,0x8cbbc138,0x00000084 },
-      { 0xdfd45169,0x76828690,0x59d3e8d0,0x38d7e098,0xcdb8bfc2,0x23758811,
-        0x162cf648,0x8499547a,0xb4d15b8c,0x494bab3b,0xc60499a6,0x822cbc57,
-        0xa8a1cfed,0xac43224e,0x57c6598b,0x43563469,0x000000d9 } },
-    /* 27 */
-    { { 0x68271323,0x2b069253,0x49cd04d7,0x24d9e0a8,0x2b31cc7d,0xaae35fbf,
-        0x57a3e361,0x44f64b4f,0x0294e856,0x14904686,0x43ced4ae,0xddc82ee7,
-        0x7e2cda47,0xcb92a6a5,0xbfc1f968,0x989c42ef,0x0000013f },
-      { 0xb8651600,0xbed98bdf,0x7a3cfaee,0x8c363434,0x35b1a226,0x93a12543,
-        0xd5825507,0x558da7dd,0x852eb1e9,0xa5173b23,0x2295f545,0xdf5ae585,
-        0x6646d101,0xe546e2ef,0x5d89f862,0xf7e16a2c,0x000001fa } },
-    /* 28 */
-    { { 0xc7ec136d,0x0d746c8e,0xcd11351b,0xf8e1d827,0xf187a116,0x764a3ad3,
-        0x136e8465,0x2f1b968f,0x850983c2,0xd41aa294,0xbe717259,0x2123ecc4,
-        0x763c149c,0xdcdcab52,0x1022b82d,0xa7f50b18,0x0000016d },
-      { 0x0ca5e258,0xf99e532d,0x97b62a7b,0xa148ad17,0xc77fddef,0x8d0a242e,
-        0x74f9b6c4,0x58518bcd,0x7fd122d4,0xc53b30b8,0xfb50b2d7,0xbb8cd193,
-        0xbc01aae9,0x1a169aee,0x1de26e09,0x7e49b10a,0x000001c5 } },
-    /* 29 */
-    { { 0x21210716,0x2cabe675,0x07e02400,0x81a296a3,0x8c83795b,0x94afc11d,
-        0xdd9efa6a,0x68f20334,0x677d686f,0x5be2f9eb,0xbf5ce275,0x6a13f277,
-        0xb9757c5c,0xf7d92241,0xc74f4b8c,0x70c3d2f4,0x00000132 },
-      { 0x8d209aa4,0xf9c8609c,0xdb2b5436,0x46f413a2,0x2992345d,0x96b72d1a,
-        0x9487c34f,0x186f2aeb,0xb440a375,0x4fa72176,0x7da5358e,0x3a420936,
-        0xff25b310,0xf11eade3,0x505d60b8,0x9a570153,0x000001a9 } },
-    /* 30 */
-    { { 0x6e7495bb,0xae151393,0x490879d1,0xebd2fd28,0x29fd76fc,0x9c232b0b,
-        0xc60e721c,0xa1a0d49b,0x517a09e2,0x9f582b83,0x9d8badf8,0xac37809e,
-        0x0ad48bb4,0x4aa4de9e,0xcb6cc487,0xfd041312,0x00000027 },
-      { 0xead4fb6d,0xc05502ee,0x0a602cbe,0x760c25ed,0xbd7f4a07,0x58ba6841,
-        0x54edce14,0xc28b6032,0x0397614c,0xb9d41e39,0x181eed93,0x4221b71d,
-        0x332d4b0b,0xd010e3c2,0xdab0e419,0xdfe58a27,0x00000096 } },
-    /* 31 */
-    { { 0x7debd24e,0x4cd6fcd6,0x9ae2b075,0xbe3fca60,0xf217c26c,0xa7d8c22e,
-        0xb9620e3f,0xd42d03e0,0xc7f9f87d,0x634bf216,0x8972ffee,0x22b1ec53,
-        0xd60d3e77,0x83a957c1,0x0f6a537e,0xedfe5f86,0x00000162 },
-      { 0xf0ea20b8,0x40a05400,0x1d796900,0x2872ac7e,0x0edb0cac,0x7765a5c9,
-        0xb62939a7,0x9df5b930,0xaf2cb708,0xf78a676e,0x52febc12,0x030732bf,
-        0xba190ad3,0x3a6640de,0x93e7e341,0x36eae15f,0x000000d5 } },
-    /* 32 */
-    { { 0xa1c88f3c,0x6c6119f6,0x2ec6944a,0x924e5fec,0x5742ff2a,0x4c8aac60,
-        0xddb22c7c,0x60adde1e,0xfa5d25bb,0x9728938c,0xec117de0,0xfa5ac4f7,
-        0x482929c1,0x41f35ab7,0x0afd95f5,0xd1c4e8f9,0x00000180 },
-      { 0xa7cd8358,0x2fc4e73d,0xf2a1c920,0x39361a57,0xad94d288,0xf6f2f130,
-        0x2b6a78e2,0xe37e2466,0x79c262cd,0x0babff8b,0x61b597b9,0x6cae01ef,
-        0xa60d4e64,0x9c1e33f0,0xdd01f845,0x52a42280,0x0000000e } },
-    /* 33 */
-    { { 0x0f013755,0x72d640a4,0xfb8380e9,0x0b6dce77,0x7eb64b31,0x2789ce79,
-        0x93ca5a36,0x8e704b0b,0x58bdffc9,0x18c360ff,0xb230c372,0x53b1f323,
-        0x5a7385d1,0xd6b39088,0x56b93bf7,0x071130f5,0x0000004a },
-      { 0xfeef3f88,0x29a2096b,0xb82b3945,0x22eba869,0x872664a7,0x7fe2184a,
-        0x858ff942,0xa0dc0ba1,0x7490c9da,0x33799eb5,0x81588ce8,0x1d356f62,
-        0xa7b2cee2,0x7dd9bc7f,0xa3cfaee9,0x1e61a4e8,0x000000d2 } },
-    /* 34 */
-    { { 0xe9068656,0xec5db629,0x9fede4df,0x623bd70c,0xfcd45546,0xc78ad5bd,
-        0x6291a741,0xf7981dd2,0x761e688e,0x3ac53d92,0x55b9272f,0x6a96892a,
-        0x06546fec,0x4217e7b8,0xab9e2f56,0x793c03cb,0x0000015e },
-      { 0x6eff39be,0x08fd9543,0xdbff4f68,0x5a1af07e,0xb0241616,0x83d47abd,
-        0xd4798029,0x37c5d2fd,0x60b2e6fb,0x9d86d978,0xce8db998,0xe3e3284e,
-        0xd868b9bb,0x9f049eb5,0x9dad18b3,0x3b3e8a78,0x0000018e } },
-    /* 35 */
-    { { 0xe51e61f0,0x57026c56,0x307f2757,0xdddbcaa3,0xb1aeaf41,0x92a026eb,
-        0xe2d7f5ba,0xa33e937c,0xbc5ead91,0x1f7cc01e,0x2e46807d,0x90ab665d,
-        0x53419519,0xc2a44f55,0x79664049,0x099c1ca6,0x000000aa },
-      { 0x8f97e387,0xb561a909,0x45e1dd69,0xf6051778,0x7ff1d6ab,0x1ffa512b,
-        0xd09a9c89,0x42da55a4,0xd2282e2b,0x5e5a7c71,0xe74185ad,0xdfa5a203,
-        0xea0baeff,0x19b1369d,0x1ecc0a16,0xa5eef914,0x000001a3 } },
-    /* 36 */
-    { { 0x7a573b81,0x2af20d0a,0x66194cef,0x7eac1ca8,0x0b711c34,0xef0d2d8d,
-        0xba099d42,0x6aea016c,0x5067a8ca,0xa6609d28,0x7a1351ef,0x6a52c600,
-        0xb11c2634,0xdab85818,0xbb1c033c,0xf17fa45d,0x00000121 },
-      { 0xfc3279d6,0x9fb8b87a,0xc201f1e1,0xe30e76ab,0x806c21dd,0x02af6a83,
-        0xc63f824f,0xeafd7e2b,0x46bd1a53,0x7b074e26,0xa2139164,0xcd6f4931,
-        0xc172d9bf,0xab2cfd39,0x4db59cf1,0x62f3eb4b,0x0000010a } },
-    /* 37 */
-    { { 0xe0689a1b,0xe402de36,0x7dcafe72,0x9dccc9fd,0x255d0bfb,0xe4dead7e,
-        0x4ada04d9,0xd7ee87ee,0xbfd2e774,0x5a85039e,0x770b2b9b,0x282c6657,
-        0xba103bba,0xa7aca826,0xc7cd5071,0xac7028ba,0x0000011a },
-      { 0x680c8f04,0x2e61d39c,0xb48b3b5e,0x2f09c4cc,0x95744f3c,0x131609bd,
-        0xaaccb593,0x6d72e4b4,0x5adfb209,0xdb7060ca,0x1fd3eccf,0xc67d9e43,
-        0xe1752a73,0x1487a26f,0x64d0857c,0x3d953663,0x000001e3 } },
-    /* 38 */
-    { { 0x4cec9e7f,0xe664506b,0x30aab98f,0xa44564b4,0x173fa284,0x5e1b501f,
-        0x15c97472,0xe7b7bd7e,0x82dec033,0xd6cc67a8,0x0a63b762,0x1fe2e934,
-        0x3f8e2fcd,0x3a084e1b,0x9ae6e752,0xccce4da8,0x000000fd },
-      { 0xc12fd820,0x0797f8ee,0x96da4733,0x325f892a,0x55997bf4,0x597d241d,
-        0x02b753cf,0x3aef35ac,0xf677ceba,0x8a73f95d,0xd1bbac6c,0x5b2892b7,
-        0xcc5278b0,0x90751583,0xa47f45f6,0x2f5ed53f,0x0000001c } },
-    /* 39 */
-    { { 0xab40b79c,0x3914165e,0x25b489a8,0xbfb6eed8,0x8a6c107f,0xda136b7d,
-        0x8e01f28b,0xd431db8b,0xa4d79907,0x84e5d0dd,0xa471e685,0x69a91472,
-        0x98376ff8,0x58d06969,0xc46311fd,0xce369b74,0x00000006 },
-      { 0x1add1452,0x6c0773d1,0xed8e9a2a,0x2e4e9c95,0xca15a40c,0xe8ff8e32,
-        0xaf62f18f,0x3fcb7d36,0xeec9484b,0x2ca336ee,0x3b20405b,0xa4d6e7a9,
-        0x956d8352,0x6d90d031,0xd9ca03e7,0xdd375603,0x000000e5 } },
-    /* 40 */
-    { { 0x8b481bf7,0xcc5f297d,0x2a13383c,0x06a2a3e4,0xdc40b96c,0x9e14528c,
-        0x1189da3c,0x9a2bf35f,0x6cd57fa7,0xb8adb989,0x9357d32b,0xc1a4935c,
-        0xc2d76fad,0x51fb2580,0x24f23de1,0x98721eb4,0x000001ba },
-      { 0x52a4b397,0x8c02daaf,0x0d0b4e54,0xc3c5f4cc,0x7b7e79cd,0x29be4db3,
-        0xb33970b6,0xf34336ec,0x92808c7f,0xed3dcb7c,0x02288db1,0xec290eff,
-        0xe96ed59a,0x2a479d51,0x76d8fa5f,0x9d7ed870,0x00000092 } },
-    /* 41 */
-    { { 0xe660043c,0xd8edaf0b,0x016e074d,0x84aa2ccb,0xe2cc3b3d,0x9d2368e7,
-        0x5c269fc4,0x47b50130,0x3de33e36,0xd0194ee1,0x789ca504,0xdb3361b9,
-        0x984db11d,0x8cd51833,0xc8ec92f0,0xd5b801ec,0x000000c6 },
-      { 0x47ab9887,0x33f91c15,0x6b5ab011,0x2f285e2a,0x133fc818,0x9b734e5a,
-        0x38d8692c,0x5c435a74,0x43282e81,0x3c92b47c,0x9c7bcdaa,0x191231f5,
-        0x4d158c86,0x3ae425c3,0xc5a23cca,0x7f568feb,0x00000011 } },
-    /* 42 */
-    { { 0xbf5caa87,0x8ccbd9d5,0x68dd8c9d,0x17bfc60f,0xc7d4dede,0x63eb4dbb,
-        0x8270b5bf,0xbf6e5945,0xcc098fe7,0x887137a5,0x05d7b8f5,0xca5eb687,
-        0x4b25a533,0x4b7deeee,0x4a700a6c,0x8e045c32,0x000000ef },
-      { 0x70cf52bc,0x160c1c92,0x90cc6298,0x4bf3f63a,0xbf3028fb,0x5fff421c,
-        0x523beff1,0x0a8102d7,0x8b9ce105,0xff3309a3,0x06621b1e,0x8e9da4d0,
-        0xcc0a7807,0x9775f89f,0x00178612,0x59044865,0x000000eb } },
-    /* 43 */
-    { { 0xebbd33ec,0x8a6664fd,0xce5ad579,0x0cf9a660,0x50fb56ed,0xecd06c05,
-        0x1d5aaa6e,0xb4ca5fad,0x948a7f07,0x36daee5b,0xefe1c11a,0xd2e37887,
-        0x91d2544b,0x41f61ac4,0x2bffd8ea,0x49df7071,0x000000be },
-      { 0x65acdb56,0x60e2f1f5,0x5e5e5bde,0xf2f13c84,0xe17a0412,0xb97fd354,
-        0xd9c93bef,0x8a2867cf,0x25a957e4,0x9ca9d16b,0x4a18635f,0x1f55c19b,
-        0x8d26ae71,0x9b3868f5,0x4c94541d,0xac448041,0x00000000 } },
-    /* 44 */
-    { { 0xd4ad38db,0x6c1bcf89,0x3d714511,0x1180f381,0xcb70243a,0x5b4c2759,
-        0x163a716c,0x5dd64d63,0x13648bdb,0xbbd2efea,0xe4de9969,0xa47187f9,
-        0xe2de8c45,0x65de6912,0x4bdad0a7,0xe075f29c,0x00000048 },
-      { 0x5e4dd88d,0x00335474,0x80577afc,0x18283638,0x227288f7,0xe4b35c01,
-        0xe68989de,0xd008fd91,0xcd3f71ba,0x42142315,0x3e4da1e2,0x5cb023ff,
-        0xb5662bb1,0x7e6b9c35,0x7fb04fe5,0x143f4165,0x00000072 } },
-    /* 45 */
-    { { 0x26f40f2c,0xb06b046c,0x6cd7c31d,0xbd5d246c,0x1953a9b7,0xaaa56270,
-        0x8f00436f,0x5ac929b8,0x21d0660d,0x1937392c,0x9bd6dbe6,0xd279ed15,
-        0xd17c43f9,0x377c4d5a,0xb8fcd025,0x800eda50,0x00000179 },
-      { 0x36132f31,0xb88ddc0b,0x2ade73a3,0x6f8f4f01,0x203de2b9,0x38859ec3,
-        0x231b6533,0xedb03814,0xa14093ca,0xad08cd20,0x5c2be2f9,0xb9f86d44,
-        0xf6ebc09f,0xfd3d9532,0x1aef478d,0x757b5899,0x0000013d } },
-    /* 46 */
-    { { 0x580f894b,0x7d9ad100,0xd925e46f,0xb612488a,0x2e5a6865,0x45497e14,
-        0x17f9a813,0xc86e1053,0xf8a33541,0xd8aa820a,0x7a66d578,0xa6790660,
-        0x5f758e23,0x47df60ae,0xa7f8ab5c,0xcadd4c90,0x00000107 },
-      { 0x6764ad0e,0x356b044f,0x250189b3,0xf69fe0e1,0x5f14db6a,0x2deaca62,
-        0x1bd77d54,0xe9f2779f,0x5cfa895c,0x979911f2,0xb6f19ac3,0xd4e94ced,
-        0x01af44b1,0xc3533417,0x50c727f5,0xcac43fff,0x0000003b } },
-    /* 47 */
-    { { 0x83c1d4cf,0x1742951c,0xb245c34f,0xe03791d0,0x9c2dcc71,0xea8f8ef6,
-        0x2a310767,0x2ea57a29,0xb12948bd,0x255b46bb,0x0feaeb83,0x2adc1e09,
-        0x449abf59,0xa0d2d18c,0xc4a8a689,0x9e8c9ff5,0x00000019 },
-      { 0xeb28171a,0xc9f7b9cd,0xd576987b,0xefd78403,0x22ff824c,0x58b4f3bf,
-        0xbf333cc5,0xee09b393,0xb01ceb72,0xebff83a2,0x220299cd,0x5bb34c45,
-        0x66ebf751,0xa3c3e8a0,0x49d05cf3,0x5dee07bb,0x000001a6 } },
-    /* 48 */
-    { { 0xb114257b,0x09a958d6,0xd4975e30,0x729afd41,0x3aae7b11,0x072879b5,
-        0xedd1ac83,0x0791b093,0x1eb67975,0xcfefc7d1,0xe2675b4a,0x0e54bd37,
-        0x8d69517f,0x89a62d7e,0x202109a3,0x96f805d8,0x0000006b },
-      { 0x57b5f9f4,0x4815d517,0x405b44d1,0xe5c9e436,0xe4870160,0x3442dde0,
-        0x1ef6b3f8,0x953fef95,0xf7497faf,0x919e4cf5,0x016ef0b7,0x24e3cc4d,
-        0x2512eeed,0xfc5caa87,0xa3bd1703,0xf1ba4029,0x000001b6 } },
-    /* 49 */
-    { { 0x529252ac,0x2a668435,0x74e7b0d8,0x3da626c0,0xe0be86ab,0x55080cc1,
-        0x4ed5dc53,0x534a53f7,0x0cd41fd0,0xa9eff140,0x5674891c,0x0e7c945c,
-        0xec53b5ad,0xdea4b895,0x15150988,0xefc67bef,0x000001ff },
-      { 0x306033fd,0x988dc109,0xf36875d9,0x1b287979,0xe3c335c5,0x4d39af26,
-        0x124e29d6,0xa47259fd,0xc41dbdfc,0x5d60c570,0x0cc0d895,0x06224b61,
-        0xeea8ff86,0xa041d4e5,0xae4d8707,0x2920e15c,0x000001fd } },
-    /* 50 */
-    { { 0xcd67da85,0x66d15f0c,0x5ac54a15,0xae98b6f4,0xf1ac71c3,0x2f05e021,
-        0x47559224,0x1feb2226,0x66e856dc,0x2a2f1561,0x6fb4ba47,0x65eb1456,
-        0xa29d920b,0x34688bd2,0xf9d4cb9b,0x943ce86e,0x00000061 },
-      { 0xaac91174,0xb4696218,0x41dd9234,0x85b519ec,0x9f0763a4,0xb7efadf2,
-        0x712c8b33,0x98517f27,0xb0538630,0xa02e7ec3,0x1ff3e3e4,0x46bc45bb,
-        0x29496486,0x46ae896f,0xebd2b93f,0x2aeb1649,0x00000146 } },
-    /* 51 */
-    { { 0xe8e4d3c3,0x1f34f41f,0x5bb7e9db,0xc80d87ff,0xd910b579,0xf0216c0a,
-        0xb87349ae,0x2a24b761,0x2b0a6cc0,0x054bc528,0xaf2d1957,0x3b4c7029,
-        0xadbe6cdd,0x0e4b90e2,0x26060a34,0x8e774f81,0x000000cf },
-      { 0x2e229950,0x3c7f9dbc,0xd9f82b70,0xab11f846,0xf10c05f3,0x2b7ad9a3,
-        0x0f1820ca,0x203ead4f,0xccbfb332,0x51dbcbc8,0x066706f1,0x3bd9caf0,
-        0x06059d5e,0x5a39be25,0xdcafe64e,0x984387c8,0x0000014c } },
-    /* 52 */
-    { { 0x8e011531,0x708a757f,0xc3dcd57c,0x7f45b172,0xc2d99e29,0xa8eac9fd,
-        0xb93b6415,0x9d4ee81f,0xa5488e86,0xa5833b54,0x0bb7ab70,0xddd561c3,
-        0xb3bdf3a9,0xb5bda384,0x1ddf332b,0xf909f8e0,0x00000124 },
-      { 0xab41e782,0xc5b8aa84,0x851ddb87,0x1de20126,0x99482bd2,0xf49baa7d,
-        0xf4b6413b,0x05963deb,0x7cd1e224,0xed369fbb,0x1bad60ee,0xdcf495dd,
-        0x892e30ed,0xeb475693,0xaf0a212d,0xaaf11bd8,0x0000010b } },
-    /* 53 */
-    { { 0x16ec64e2,0x71460174,0x7d7c6ebe,0xbfd14acf,0x668b7176,0x1e3504a3,
-        0x741b041c,0x72e3f3f3,0x2d3b67b0,0x651fa54a,0xe57d928d,0x623edca3,
-        0x72c8f419,0x29b74e8b,0x327abaef,0x3d99cb47,0x00000038 },
-      { 0xda342a3f,0x808dd0b3,0xdef4a954,0x12002462,0xeab5a860,0x1b1c642e,
-        0x06e54b6d,0x5e1e2a05,0x10c6cf1a,0x9ba1710f,0x0f903cd0,0x334fc366,
-        0x134166f5,0x969e0001,0x155c4353,0xfaa26074,0x000000fa } },
-    /* 54 */
-    { { 0x712de285,0xc85cd0e6,0x869f5dc5,0xcd2ff8b0,0xdf4ed389,0x372a2b92,
-        0x55b99c84,0x63524d30,0xe07a0033,0x46fef5a2,0xd6e09493,0x0a2c82da,
-        0x72a8952b,0xb3626621,0xaf217eb6,0x9afcb188,0x0000002c },
-      { 0x9a64c5b5,0xd3b9d476,0x44c4cfe1,0xa0d8d5de,0x11c6dbff,0x560858ef,
-        0x41c14aed,0xce1d978f,0x35efe854,0x251f9e72,0x0474575d,0xf9d0c14c,
-        0xbda89c03,0x0d2c838e,0x36cc9dc0,0xa25f040b,0x0000016f } },
-    /* 55 */
-    { { 0x9cad682d,0xb23d9dea,0x46369391,0x87acb1b3,0x5c0f24d7,0x9f5c1988,
-        0xd41883ce,0xdff62fc7,0x53555e46,0xd1ab29df,0x891cda05,0x569b1cb2,
-        0x52c633ed,0xdb14dbc4,0x2a345428,0x1acbb86c,0x00000194 },
-      { 0x24db8127,0xd86a70c8,0x41b7cf5b,0x84a6563f,0xb908d9b4,0x8d84dabe,
-        0x899c260a,0xaaeaae63,0x44436957,0x13ed6b2b,0xd0a92c8d,0x3bc94f99,
-        0xd04bcb97,0x978f2e2b,0x716a565f,0x56a388ef,0x00000074 } },
-    /* 56 */
-    { { 0x96fc1f77,0x6082dfe4,0x1347ad6a,0xb04c435f,0x25ebe457,0xf42694dc,
-        0xb6f764aa,0x64a17069,0x04d83da1,0xe03873d5,0xe0c82330,0xb0b9db52,
-        0xd4239b3e,0x9886b34e,0x598814da,0x76587f2a,0x0000016a },
-      { 0xebc71a5d,0x6918f8e8,0x85405233,0x49141a42,0xc182cbcc,0xd63f09cc,
-        0xe09057a7,0x4afe59d3,0xe239d8eb,0xe633db0d,0xfd9494b2,0xbac8582d,
-        0x4704fd61,0x8b915a41,0xfceaefd9,0xe0866a9d,0x0000010e } },
-    /* 57 */
-    { { 0x52e07a4d,0x2b50c470,0xe5d745d0,0x7f6d38b8,0xe1af1226,0xb414c47c,
-        0x39c505f7,0x03e4b44b,0x86f739be,0x59f3d795,0xe7c2f1bc,0xca19bca7,
-        0xc063fad4,0x1c51c01e,0x7f428afb,0xda3937a5,0x00000080 },
-      { 0x102369fa,0xe9d8ca9d,0x706c0e35,0xe009bffb,0x96b55d80,0x2e0a19a7,
-        0xac0d094c,0xda0e42de,0x787c187a,0x6c1be2c5,0x9cfa04b6,0x6d4ae2cc,
-        0x76577340,0x5b0cea60,0xc7c96285,0x2d525245,0x000000d8 } },
-    /* 58 */
-    { { 0xae93de69,0x6dcb238c,0x3bfdae9b,0x4963c833,0xe8b79836,0x33c81f4d,
-        0xae8bf8ae,0xe13a2244,0x4c3ebacc,0x0bc6e786,0x555a5ad6,0xa837a53c,
-        0xbc7e9459,0x875d8d35,0xf9f46fcd,0xb3705534,0x0000001f },
-      { 0x7fb974a1,0x78e9270c,0xe9ed2481,0x23448fa0,0x64bffbd4,0x14166c3d,
-        0xd79f4b3c,0xa05aa443,0x3b9f32a0,0xd855a4f1,0xac90235e,0x4bebcf8d,
-        0x8db52b48,0x65849987,0xe48d09d1,0xaa4d59f1,0x00000183 } },
-    /* 59 */
-    { { 0xdbffad9f,0xee585d75,0xf419d8fc,0x64df6174,0xe6c69345,0x6f73bf59,
-        0x83d59b0c,0xb80793d1,0x929c8950,0x6baf4fc3,0x29962bab,0xbd445a95,
-        0xeaa91273,0x52b61945,0x3d1c785b,0x4fccdfff,0x000001be },
-      { 0x7cb2857f,0x05c384d9,0x06b7abf4,0x4cf83058,0x43ace6b2,0xf528dd17,
-        0xbc43d6b6,0x2c7b8fa2,0x14e564b9,0x8f0e28bf,0xd2b9f01a,0x1b69bc73,
-        0x3dd383e6,0xab8beb40,0x9791946b,0xaccea0c5,0x000000ae } },
-    /* 60 */
-    { { 0x0163c2de,0x9a68baee,0xeb2768a4,0xc42d0b2b,0xffdae767,0x5686f124,
-        0x0aaca943,0x926da5d5,0xe01091cf,0x699c34ce,0x5324becd,0x3d254540,
-        0x4193a0a9,0x1b6b58f1,0xd611cc9d,0xf144925e,0x0000014f },
-      { 0xc1ed9259,0x7f61a60c,0x2f1d5a7f,0x1be37aa3,0x07aef431,0x0384713d,
-        0x4e6fa7ba,0x99f33d49,0x8bd3730c,0x43928c16,0x5b9557dc,0x73cf8ccf,
-        0xd1a2bee5,0x0bc6d460,0x83b15610,0x27cd1943,0x00000145 } },
-    /* 61 */
-    { { 0x3427af4e,0x4be65135,0x310d937d,0x2e6c0bb1,0xcaa671c3,0xbd8ea76a,
-        0xd3a9c376,0x9d7b3fd4,0x471709aa,0x124ce863,0x018051c0,0x225ce41d,
-        0xf9e8ee1c,0x5489284f,0x535c4ec8,0x22d829c9,0x0000013d },
-      { 0xa1b15e02,0x6b01ed9d,0x301e5868,0x1d092bac,0x5764135b,0xbfa7a183,
-        0x6f7159a4,0xc0ee59b7,0x18090d0d,0x9171a051,0xb8052196,0x5c1531bb,
-        0x20927904,0x740930fc,0x76337685,0x963b48cc,0x00000008 } },
-    /* 62 */
-    { { 0xf4aaaed5,0x0fe8b620,0xfe871ee8,0x1068de7d,0xfebfcb4b,0x2b22030f,
-        0xc3a2155b,0xd4dfbee7,0x2769b805,0xa7a26a8c,0x6d39eaf0,0x377de770,
-        0xf615f032,0xf1a92447,0x42d9b731,0xa1b81a84,0x0000012a },
-      { 0xb1152e8f,0x299e67d0,0x92b5e14c,0x2e773d97,0xf1cb57a2,0xe0d81073,
-        0xbf1da4a2,0x03af0a9c,0xc22b449a,0x169b160e,0xdd2d7d1d,0xb82c1ac8,
-        0xbfc98ee4,0x7508aca6,0xe3cbea15,0x54992440,0x00000150 } },
-    /* 63 */
-    { { 0xa13a4602,0x70004a0a,0xd0d2c60e,0x505c71a3,0xa6d79bc5,0xa4fe2463,
-        0xd54d9df4,0xe878eb3a,0x73d3c7b8,0x7ecca907,0x244ecfa5,0x5b3bb278,
-        0xb124d179,0x8a30f61f,0x4f632af0,0x5b7e5001,0x00000115 },
-      { 0x9ef0021a,0x62c42ecc,0xf856c9d4,0x58017fd7,0x2e6478bc,0x10e243b8,
-        0x1505a4db,0xaf074669,0x4cd7eea5,0xd9bb0a1c,0xd52aed0a,0xe8ba39a2,
-        0xb549f09d,0x0747449a,0x9e57fa64,0xd5c8f7bd,0x0000013f } },
-    /* 64 */
-    { { 0x5a53c22b,0x1bd8ce7b,0x7cab446a,0x78733fcd,0x48acb394,0xc44ca4e2,
-        0xa38c790f,0xa9888b1e,0x15c34237,0x36afb6eb,0xfb702063,0xb913b8a8,
-        0x917508fa,0x34b77cc5,0xf9e4732b,0xa931d7a7,0x00000050 },
-      { 0x56d21d18,0xa90a4290,0x55b410a1,0x82666307,0x894a6b05,0xb4684a8b,
-        0x828cf75c,0x8a1ade63,0x127702a3,0x4fb2f85a,0xadf7b709,0x83ff7d05,
-        0xa68d1db6,0x1d3f5a92,0xc093cd5c,0x243ce1db,0x000000f5 } },
-    /* 65 */
-    { { 0xd37d7891,0x8fc183c3,0xfd865eca,0x17b50149,0x8f218441,0x0f6e43d6,
-        0x5a07f658,0xaf51ec25,0xad303202,0x8fe5a6cb,0x10676ef5,0x95de68f3,
-        0xca4e000c,0x7508e31f,0x77735254,0x783e5a95,0x00000159 },
-      { 0x2e537ad9,0xbc1db571,0x35be9cf7,0x5e87112d,0xd57f9bcb,0xbb522b48,
-        0xa8b3cbc7,0x1eff7890,0xe5ecdb5c,0x4f306e11,0x3387e7ed,0x30da8392,
-        0x72321e3d,0x4d91fcf4,0xe412a67c,0x8487bb62,0x0000009f } },
-    /* 66 */
-    { { 0x8cb8e08e,0x86f5f80f,0x2496fed6,0x7cfd2c41,0x60b7dcdf,0x0061b743,
-        0x57f4d05f,0x4dbaffdf,0x458061f2,0xb1993c2a,0x9de994c4,0x6c6ca8d0,
-        0x2747e062,0xef70d24d,0xb9995cbc,0xd4e5d4e3,0x000000ff },
-      { 0xc6f40077,0x3171e245,0x0723e506,0x1592e045,0x6a6bfd88,0x35c86f7e,
-        0x6d9d9ce0,0xba0959d1,0x3eb5770c,0x2e7f8fe8,0xc40d63dd,0x58eb0881,
-        0xeb9e4419,0x56333bda,0x3afd1f4d,0xfb0397df,0x00000034 } },
-    /* 67 */
-    { { 0xb358815c,0x7b84e05e,0xe41087d9,0x3abcb2d4,0x07f05d7a,0x87a75889,
-        0x7a9d481c,0x350778d5,0x42d64cbd,0x9d34cff8,0xccf289fe,0x0859cd5a,
-        0xdd2b2c6e,0x8372d591,0x18b40b62,0xc06d482e,0x0000006b },
-      { 0xda4ed375,0xd10695a0,0x298daaea,0x51baf588,0xf4b7092c,0xb028a1b4,
-        0x7a335b35,0x8ab87dae,0x0567efd8,0xa7359362,0x3320c374,0x7a49fc10,
-        0xa3558b30,0x737acac4,0x4c0fce9b,0xd30696a3,0x0000001e } },
-    /* 68 */
-    { { 0xbd3902fe,0xd9550ab0,0x86a9d3b3,0x9bba4b4b,0x975cac37,0x3a59e0a9,
-        0x333605dc,0x045e8731,0x1afc2c58,0xf2c598c2,0xeef9cbf1,0x81ff8d6f,
-        0x9bf83c42,0x82bed5d0,0x528131d5,0x9d1d9d5b,0x00000157 },
-      { 0x5519258e,0x687da305,0x027de2a8,0x73f539f9,0xd6a230d6,0x69fa9747,
-        0x5f5d1684,0xab1aeb23,0x5f7e41f5,0x5bbfe947,0x16a7feb3,0xbd546abb,
-        0xe16d5187,0x2afbd4e8,0xbcc953dd,0x7437be13,0x00000160 } },
-    /* 69 */
-    { { 0xee9755a3,0x55f165a9,0xb82c9ab1,0x0c8d5a1a,0xab6b97e6,0x65a1e45a,
-        0xab05e271,0x3004cdb0,0x6db0830f,0x9e0c3b52,0x75acbdeb,0xaae1ec1a,
-        0x761e8498,0x413d4484,0xb1b9c62e,0x589e09bb,0x000001e9 },
-      { 0x9c72258d,0x67512081,0x5c1593d4,0x61dcd734,0x91c11fdb,0x6c627a7b,
-        0x8857908e,0xd1d3e9bf,0x530bc68e,0x9aac06fe,0x6b5b44ff,0x125c16bb,
-        0xdb90edd5,0x38860bb6,0xfbbedb5c,0x96fe8b08,0x000001aa } },
-    /* 70 */
-    { { 0xf257c0f8,0x323a5dd8,0xdd3a10d9,0x4884dc92,0xbbb8ce03,0x03f379ce,
-        0xa47262a9,0x6217ad53,0x52e06c6d,0xa1df2017,0xc32428cd,0xf5b723e0,
-        0x2c30c62c,0x1e5d3889,0x477f82cc,0xd9a90f1f,0x000001fd },
-      { 0x1763ab59,0x830d27ba,0x723783e9,0xcf27d93e,0x945968aa,0x81558264,
-        0x1700d5d5,0x63251a32,0x03146d9f,0xcf6bbe73,0xe65bf0f2,0x6cdcf455,
-        0x632323fb,0x80aa00ce,0xd96a4744,0x6e49e62c,0x00000149 } },
-    /* 71 */
-    { { 0x40574c09,0xbeff0b7e,0x3fe80e96,0xb76f2643,0xeb237d91,0x0b3bd352,
-        0x7edc3102,0x3c0c62b7,0x424a36dc,0xf989394b,0x7c6c435e,0xe9ea64c2,
-        0xe388d076,0x2dfc21c4,0xa4e69e4b,0xcc3852f6,0x00000139 },
-      { 0xbb096b91,0x5238a3ff,0x73d8d43e,0xee72c9e5,0x8c577558,0xc116db11,
-        0xdc47d4b4,0x54ec89d2,0x42e1955f,0x2006dd35,0x7437475c,0x004aed6a,
-        0x2bee9041,0xc1ddc32a,0xed9332c9,0x597417a2,0x000001fb } },
-    /* 72 */
-    { { 0x859bae66,0x3c0f1981,0x845d7c1b,0xab48e9b1,0x452a3c1e,0xc6ce9c03,
-        0xff810339,0x2384a00c,0x5f98d6fe,0xcd7ede11,0x38a0dd5b,0xf7a00e3d,
-        0x3c7e1c06,0x56dd948a,0x8e53a61f,0x9d21a7d1,0x000000d0 },
-      { 0x880eb3fb,0xf9cfdbaf,0x5e83f7c9,0x64cfd297,0xa28a74b4,0x61ba7d6f,
-        0xdfb13e03,0xb8200d5f,0x232a6128,0x03bc8f4b,0x81a8d86e,0xd1fb92c2,
-        0x706d6ea7,0x68675fae,0xefab18c2,0x9b08608a,0x0000011d } },
-    /* 73 */
-    { { 0xbbd2f539,0x17cf6146,0x76e26ba2,0x96052fc0,0xd4be4a67,0x36821d18,
-        0x9f3f39a8,0x8f823422,0x433f873a,0x68b846b9,0x716f4568,0x7a1d3f36,
-        0x2fd47750,0xdf603e28,0x6975e226,0x77cb02c5,0x00000003 },
-      { 0x8c01dd59,0xf275add3,0xb9c1a37a,0x9c213a9e,0x4dfc5403,0x690ad104,
-        0x07ee0d86,0x202ee206,0x661fc40e,0x896ede95,0xd0b02f56,0x6b4d7398,
-        0xe5af1a24,0xccb96991,0xc13f7125,0xd5c281af,0x0000009f } },
-    /* 74 */
-    { { 0xd7073a5a,0xc858c54b,0x861eac7d,0x87c81a5c,0xe720201a,0x51f84a39,
-        0x40e003ce,0x952a9f8e,0x58f199de,0x76bdc4ab,0xd56cc02b,0x1cf12322,
-        0x83f162f3,0xb6634e63,0x8f969e11,0x84c017ee,0x00000169 },
-      { 0x5c89f1fa,0xf1f43362,0xb697b078,0x4a02a630,0x4b05b7f4,0x33311e5c,
-        0x4fede4cc,0xa7ccae51,0x4b025aa4,0x0d26e874,0xf84db7ad,0x7d5b77bb,
-        0xf571c1fe,0x39ef1aa8,0x418ccd20,0x65eba928,0x0000018d } },
-    /* 75 */
-    { { 0x8abb2537,0xa37866ab,0x65b3096f,0x14ac4cbb,0x2a428ad3,0x827fa7ed,
-        0x10e9e196,0x95d19f62,0x89801b4e,0x31eb97a0,0xaae8b823,0xaae77a62,
-        0x5f5c9642,0x9693d62a,0x3e368b84,0xff5bfe97,0x000000ad },
-      { 0x492b0dee,0xa3efae21,0x9602c2ce,0x2143e9ee,0x6f3b99e5,0x21367c99,
-        0xe93b8f59,0xdd78b2b0,0x1064c13e,0x8d541c38,0xf5738e7a,0xe6b970da,
-        0x8373b1a4,0xaf6ecc16,0x74ae208f,0xdbfa3f4f,0x00000180 } },
-    /* 76 */
-    { { 0x907a6aa0,0xb024621a,0x407879f6,0xef56cb68,0x8168a934,0x44c38b68,
-        0x9b9a9048,0x70d638d3,0x82541f20,0x6968caa0,0x1fc88b50,0x0c597053,
-        0xaf635784,0x5564ded5,0xc4d494cf,0xe7e898c7,0x00000097 },
-      { 0x6b6ebb2f,0xe1dc98d9,0x7aa9e126,0x292a17fc,0xfa2a2c68,0xb60f0fdb,
-        0xb2e1851b,0x9c63270c,0x81ca4cfe,0x898db265,0xb11959d5,0x94082638,
-        0xa54b8d19,0xe44f308e,0x44e63094,0x96399eb8,0x000000d6 } },
-    /* 77 */
-    { { 0xb83769ee,0xfa00f362,0x3efc4cb3,0x72d040ac,0x57abd687,0xc3933889,
-        0x940a7128,0x62264425,0xec242a31,0x909c4c8f,0x65a1a551,0xd1e48f1e,
-        0x049c2172,0x68bd70f1,0x709b7fd4,0xc8692d2b,0x00000041 },
-      { 0xdf816784,0x4e388aa1,0x01be75ce,0x4a58c8a5,0x02a67812,0x9b49dffb,
-        0xeda721e0,0xa73299e0,0xe67a65ec,0x8a0bd1f5,0x856c71b6,0xd81e91e8,
-        0xc005aa30,0x37aee2f4,0x0595bbf2,0xd9400750,0x00000073 } },
-    /* 78 */
-    { { 0x010c0ef3,0xa912ac4a,0x4e81b1a0,0x0e654bd8,0x4f353509,0x8f0563dc,
-        0xb47d189a,0x10dc41f3,0xf238c09c,0x122edd06,0xc41acf67,0x224c16af,
-        0x83758520,0x1ccb9334,0x2275ae6f,0x1a4b5f29,0x00000127 },
-      { 0x3ce688b5,0x792fd473,0xdca9c68b,0x14566d37,0x541711d0,0xfce9326e,
-        0x3cc341a8,0xe3ba14ee,0x2122c11f,0x6b8ab4cc,0xf5d379b5,0xc0fa763b,
-        0xf1522f91,0x95e2d2ae,0x31cf95a5,0xd4e21b3d,0x000000ac } },
-    /* 79 */
-    { { 0x1d8e061a,0x4013a779,0xacc84a30,0x62707e70,0xeb2f636a,0x6ac08266,
-        0x77b25c9d,0xe917ea21,0x70ff35cf,0xddb78bbd,0x041898be,0x5008db2b,
-        0xce0ae445,0x0f58a4fc,0x2257d0e7,0xed092397,0x00000043 },
-      { 0xe2e129e6,0x2cad77b3,0x0f1be4d7,0xfb8c4a87,0x20056333,0xaee50dff,
-        0x2a691543,0xbc2658c1,0xb8fe2640,0x95dc0cca,0x1965a0af,0x694eb584,
-        0xedd1d99e,0x7d3baa53,0x8a1edc87,0x2df13b20,0x00000083 } },
-    /* 80 */
-    { { 0xd181c3f2,0xfead2247,0xf337b23f,0x915d35be,0x74890672,0xdb4cfcba,
-        0xfda7a3a1,0xe4f70d8f,0x79275686,0x226b6419,0x6ff1f79e,0xe8040863,
-        0xcf5fa4e8,0x98e84b39,0xd8a09f60,0x57aa0be9,0x000000da },
-      { 0x4efcea66,0xd40cecf5,0xafc76fae,0x98df2aec,0xc91585a8,0x63f19a48,
-        0x13f00aa5,0xb111bda7,0x44b5cb9f,0x6687afab,0x652620d1,0xc6d5fb12,
-        0xbacb35ab,0xaf953f1b,0xff94c4d2,0x99709370,0x000000ed } },
-    /* 81 */
-    { { 0x68b54c89,0xac9f56e0,0xce737c22,0x08ecc17d,0xab089b53,0x208ee83f,
-        0x543fbd1b,0xb0f3a129,0x844dd706,0x1b204cf8,0xdec2e40d,0x80975c89,
-        0x9399914a,0x08b011ae,0x74674df7,0x6b4ba170,0x00000017 },
-      { 0x8fdfc175,0x71216ea9,0x7e0f5b0c,0x77b7fc63,0xceb33a34,0x88d0285f,
-        0x0223eab7,0xb679814f,0x51c6d922,0x9078720b,0x9c13f51d,0x5859d5a4,
-        0xfaed60b5,0xe69f850b,0x6d0ccab2,0x2499a844,0x0000005c } },
-    /* 82 */
-    { { 0x73e7bcf1,0x41d581fb,0xdd3c17be,0x16dde61c,0xfa199fd9,0xc62997ec,
-        0xc159db97,0x1a758873,0x64132830,0x4ed77896,0x2942a918,0x9672ce89,
-        0x816ba4bb,0xf3ee4587,0xce54dd7f,0x4fb7a148,0x00000123 },
-      { 0xf009be8c,0xf05d80af,0x78df1ba1,0x62e938d7,0x312de620,0xa7e22e84,
-        0x6070c4b9,0x48d29e7f,0xa1b5da37,0x5cd9c3eb,0xa4717453,0x1e51bd2f,
-        0x56ab9e67,0x94098ab0,0x49f7c6a1,0xbb584abc,0x00000049 } },
-    /* 83 */
-    { { 0x1ea470f7,0xa9f25530,0xe9254e30,0xa01bf808,0x71a0038d,0x098569ea,
-        0x5913ca87,0x0d2b2ee1,0xb8281fdb,0xae17004b,0x118e5c2a,0xdb5c6eb0,
-        0x1fa943ab,0xa56ac64c,0x1a92d501,0x1aaf6477,0x00000053 },
-      { 0x06345730,0x9679ef49,0x846f37c2,0x946aaa4e,0x1a7c3aab,0xf81726b0,
-        0x8166df4e,0xcb808da2,0x4e04dc3e,0xe9fb3fc2,0x76ec19b4,0x9e0b61db,
-        0xeed6d13e,0x6e7f665e,0x86a75384,0x70ed8c07,0x000000e5 } },
-    /* 84 */
-    { { 0x108ce13f,0x66456e58,0x0e397813,0xb5bfc58d,0xea3949e9,0x04b6a84b,
-        0x75af667d,0xea9b66bc,0xa891566b,0x7cb4d6dc,0xbf61595a,0x1b3cecf0,
-        0x002e2520,0x4312c73d,0x6135a5fa,0x81d76898,0x0000014b },
-      { 0x841078ec,0x4047bc25,0x179c454d,0x75aa9c96,0x4851f8fc,0x6a160609,
-        0xce34091f,0x998d4e3e,0x88e54102,0x9a9f6704,0x5da8ac5e,0xbf280f88,
-        0x8fec230c,0xc64caca0,0x5094b775,0x0ac864b0,0x0000002b } },
-    /* 85 */
-    { { 0x8f5daf7f,0x6b606e39,0x10927506,0x48385489,0x08c58a72,0xa2255c5c,
-        0xc90f3ee3,0x2f362fd0,0x08795f02,0xc9633af4,0x0425f5aa,0x71710bd1,
-        0xec06dbfb,0xc2017e05,0xc1b8bbcd,0xd9c7dc82,0x000001c8 },
-      { 0x18b8bed9,0x7db41fdf,0xe3a23125,0xe9483308,0x7291c4bb,0xbcf91de7,
-        0x41448aaf,0x9b0b972b,0xc44da462,0x95dfc633,0x01bf50a2,0x90b9c463,
-        0x869e3131,0x18b66f77,0x121baad9,0xa8a4e2fa,0x000000f5 } },
-    /* 86 */
-    { { 0xca0251ea,0x8ca55109,0x27a6c9b0,0xf2aeed8b,0x5620f528,0x901a8beb,
-        0xae13fc56,0x9a8421e8,0x85993c07,0x1349f1c4,0x0d1ab0d7,0x29e08359,
-        0xaeb5d909,0x96e2929b,0xf599a66f,0x96c2f1f8,0x000000ce },
-      { 0x12be8bd7,0xe4bc4b51,0x3c67e99b,0xf4846a0f,0x4d3a3864,0xd89cc7d3,
-        0x73f43981,0x1f647112,0x26dce567,0xc32bc324,0xf02b096b,0xf7134ebf,
-        0x0d0682b7,0x5604f00b,0xe3ce8b59,0xfd23d7ea,0x0000011c } },
-    /* 87 */
-    { { 0xa27689a6,0xf89646cc,0x5564172b,0xd6a7dc43,0xb57cbfcc,0x30bda48e,
-        0x5b1adfe5,0x9b11fffb,0x711d8bf4,0x9f2d80db,0xb70e5a5b,0xe879fdf0,
-        0x6bd18a1d,0x97534183,0x8cbfd504,0xc8c526bd,0x00000114 },
-      { 0xef7388bd,0xd5fe725b,0xe7ffaea7,0xf1c3dbdf,0x7e6de2ac,0x78395b89,
-        0x9ebf1bfb,0x81a72c9a,0x69785146,0x65265707,0xf52670af,0x3925ecd9,
-        0x83d57d48,0x437bcdd2,0xc80ecb02,0xb5d732a7,0x000001ce } },
-    /* 88 */
-    { { 0xcfd376d7,0xa7f9fcce,0xa66b084d,0x6b4eab3e,0xd5b91bd8,0x6ac90d08,
-        0x8aa304d8,0xaa3d5b7e,0x7f866a4f,0x27f3d42b,0xbb813ae1,0x95d19fa8,
-        0xe34a9206,0xd38798d7,0xa32c1cdd,0xdf7c0a69,0x00000073 },
-      { 0x38315b16,0xbe2c01bb,0x9e18c8f9,0x1daa7c89,0x08b6b853,0xa3d43fb4,
-        0x68092a81,0xb159e48c,0x836faad4,0x77e93d9e,0xa4699730,0xd4ed6361,
-        0x6297e476,0x569cb3f6,0xe7811fa6,0xb69d8183,0x00000185 } },
-    /* 89 */
-    { { 0xab9cb764,0x18f27eb3,0x8ebc1d6d,0xbbbefc21,0x0479aa79,0x47760ddb,
-        0x09e542f5,0xb4d16d24,0xbc699b96,0xe35c38d1,0x8c8d8c8a,0x13b2ae25,
-        0x67a3a45d,0x8579c152,0x6c554c04,0x773b7357,0x000000d9 },
-      { 0x0218c299,0x9620a473,0x99f78a33,0x69be29b3,0x484f414f,0x4684a009,
-        0x9a2ca4d4,0xb2c74937,0x68db7ab3,0x09c0773e,0x935c357f,0x6181f059,
-        0x8b7de3f2,0x0931303d,0xe0fb6e08,0xf3effcd0,0x00000060 } },
-    /* 90 */
-    { { 0xb25d6530,0x723c14be,0x9a97d40f,0x5e015b39,0xfbf7f622,0x209c3c4b,
-        0x14b4f0f1,0x83d8c59c,0x3f7e8ecf,0xcf002fde,0x1eb1ef0f,0x35d353c9,
-        0x201f0c60,0x394c42a5,0x7be8ee34,0x787128ab,0x000001b5 },
-      { 0xb70110cd,0xa0937d3a,0x477911b5,0xe0fa4efc,0xc53a4c19,0xc6acaf5b,
-        0x38d509f2,0xbd3010f3,0xe54ac1c6,0x3ee2a82b,0xe4f2a3bf,0x31ea67c3,
-        0xf089c7b9,0x7a4ca66e,0x34a2362f,0x5bda2c4f,0x000000b0 } },
-    /* 91 */
-    { { 0xd1f575cd,0xb424a071,0xa5237182,0x15693b01,0x9a2c9d40,0x14133602,
-        0x9c914a60,0x50c4348b,0x095b31c1,0x9024573d,0x22fd4962,0x6f975fd2,
-        0xe210b277,0xa1704886,0x6dba937b,0xac29b813,0x000001f6 },
-      { 0x775da491,0x09edef55,0x2b6aad82,0x25953f9e,0x1bb40d5b,0x6696a106,
-        0x4d5127d8,0xcfc45311,0x81ead062,0x2f21dca9,0xaf3b7123,0x3f3e4f07,
-        0x9646f20d,0x12cd06b8,0x6910f5bb,0x24136369,0x0000015e } },
-    /* 92 */
-    { { 0x3ecfc44e,0x0c844fd0,0x5043b3d5,0x4095f2c8,0xc9bd059a,0x9a5fe7db,
-        0xf65becdf,0x239328fa,0xa67961cd,0xe3102471,0xbbb5dfdd,0xea9e39bf,
-        0x133dc5ba,0x8022b6d0,0x5f12c379,0xbed7aa9b,0x00000141 },
-      { 0xfd94d941,0x096f0059,0x7d4ff018,0xfc6e9f00,0x779f05e3,0xe63af598,
-        0x00483c99,0x4c40f0b3,0x72a19870,0x04d2feef,0x464a4a71,0xdb773b5b,
-        0x49367f1e,0x00b6770f,0x2a9fbd2a,0x4f7e0301,0x00000169 } },
-    /* 93 */
-    { { 0x8a9095fd,0x0df5dd73,0xd3ce857a,0xc4b7a021,0xe5edc767,0x90aa796b,
-        0x180a0808,0x56497eff,0x66f10aab,0xb9856e1f,0x39879766,0x31298824,
-        0x3ba80601,0x61748cf7,0x555da929,0x07d9076c,0x00000012 },
-      { 0x1c44394d,0x0b049a01,0x0ce49e45,0xf5f25ef7,0xb1694265,0x1e3a09f0,
-        0x109b33f8,0x2c5bd9fe,0xa30932e4,0x07f2a43f,0xc6cf8af2,0x736abfca,
-        0xf3366722,0xadf7fa04,0xfa9d26b0,0x2f1e92fb,0x000000e0 } },
-    /* 94 */
-    { { 0x63be4d4a,0x9524e4a6,0x66f3cc91,0x1fa57bed,0x7e7a7ccd,0xdd7c93fa,
-        0x88c5d1d3,0x70e8cf6a,0x3f251f1e,0xb257997a,0xe3554cf5,0x0a5ec58e,
-        0x065a7109,0x68d268d7,0x085089ea,0x7c23d4d2,0x0000004c },
-      { 0xbd52d132,0x63ae575b,0x38c81cc5,0x0fb8daa7,0xe4e63b99,0x096a6e51,
-        0xb239d387,0x51d6b366,0xa5d49fed,0xed5f8874,0x43a8c07a,0x025091d9,
-        0xe4686ae2,0x100f845a,0x7eb4ef5a,0x1af59d74,0x000001c2 } },
-    /* 95 */
-    { { 0xdd441308,0x5f7bc01e,0x86308890,0x0dc34944,0x759611cd,0x2af38a74,
-        0x4c23ce66,0x11a71261,0xf8bafed2,0x37f317b5,0x4c93e079,0x4efbb9ff,
-        0x8ecc52cf,0x880f0edd,0xddc9d82a,0x480cdd2c,0x00000028 },
-      { 0xc3f807ac,0xe8f1ca0d,0xbd070549,0x6a3e4fc2,0x91f8bb6c,0xad3d0a14,
-        0x3d6dfacd,0xe3ee1cfd,0x5fb46ffb,0xee46b1b9,0x7dd5cfbc,0x5207b3ac,
-        0xb1b8e8b7,0xd580c0d9,0xc7bdd11a,0x52c669f4,0x00000084 } },
-    /* 96 */
-    { { 0xc0ace6d5,0xa42b4747,0xbe7287ad,0xd5acb64b,0x89bc2614,0xf3304899,
-        0xff05c71e,0x817fe836,0xd35ac450,0x772eb246,0x375a9c3c,0x7f5fc216,
-        0xcbc0d6fd,0xfb6f9e1a,0x720e9733,0x7643c315,0x0000009a },
-      { 0xf3845ccf,0x4b2216b4,0x90bc05bd,0x9c174e80,0xd6049037,0x7a550c74,
-        0x6358c806,0xbd7220a1,0xaa677b6d,0x838f9c41,0x66e2e08e,0x37332c19,
-        0x496f6da5,0xb032875e,0x9c30630d,0x52b274cf,0x0000000c } },
-    /* 97 */
-    { { 0x8ea58beb,0x6ec2e782,0x3665fa48,0x2b404c1d,0x20b40ff0,0x546d5fad,
-        0x29d3e6a5,0xfb5df7b6,0x66c81991,0xf186846d,0x6e2cfe3e,0xbe690bde,
-        0x1410d16b,0x97aeb9a0,0xbacc8e92,0x59d81548,0x000000cb },
-      { 0xbaf66a23,0xd905d3ad,0x40dfb081,0xc3337387,0x4b00f432,0x6d5535de,
-        0x07d3a03e,0xe17fe8e8,0x066bca80,0x29544ff7,0xbadffa55,0x60c2b96c,
-        0x45a26ea4,0x9f018d94,0x24a34ffc,0xd5438167,0x0000011e } },
-    /* 98 */
-    { { 0xbd7f8a61,0x62a873fb,0xbbe580bb,0x5e18cd71,0x667f6980,0xfd5c9eb3,
-        0x571d3dc0,0xab8d4f61,0x783f9bc8,0xe2e45215,0x24398b14,0x36c3774b,
-        0x74d811b5,0x2db4a363,0x2debe3c3,0x9f7f1297,0x00000138 },
-      { 0x798fefb2,0xbb97f21c,0x107baa72,0x9c76fcb5,0xfadbb568,0x12fbf760,
-        0xd33ea6c5,0x1a648be7,0x236134a5,0x412a2993,0x8985893b,0x4a3d8169,
-        0x3e66ada4,0x6144958f,0x7687b457,0xb4dfc79b,0x00000140 } },
-    /* 99 */
-    { { 0x7abe5bb9,0x83b14570,0xe51d81be,0xae0cbfd8,0xc9827aff,0x20dadf49,
-        0xa687b554,0xc3a72548,0xeeb41733,0x080263fb,0xd3827c63,0x7014fdc3,
-        0xb5e3b70e,0x7d018f84,0xfbcf7168,0x1d483e00,0x00000015 },
-      { 0x6b578aa3,0x154e3c7c,0xd3043dae,0x511ce9b5,0xb6008101,0x55f89e9b,
-        0xf405ac6f,0x4ec31112,0x2008ac7b,0x7e66a4d8,0x25c52fa6,0x73c00d39,
-        0x8acac2eb,0xee1b9998,0x60b57453,0xdfa31d95,0x0000008f } },
-    /* 100 */
-    { { 0x251cf8d8,0xcc74a0e0,0x041f2bd2,0xd4d8949d,0x33ebce52,0x0b734a49,
-        0x5c5bcdae,0xe1ac5f51,0x16200b93,0xd3ecdfcc,0xa793736e,0x2506a266,
-        0xea6e6940,0x585a1c8b,0x9190f935,0x081cdd53,0x0000000e },
-      { 0x53e28412,0x055f9956,0xdb27164b,0x0d1526f2,0x1df3adc7,0xcd5625eb,
-        0xdd35dedd,0xd2c453ca,0xa838ffe2,0xed442849,0x5c0ce589,0xad20c137,
-        0xbd99b609,0x2d5fba81,0x622efb07,0x5be41dcc,0x000001ad } },
-    /* 101 */
-    { { 0x8f850756,0x563af667,0x52f3b597,0x86d37aae,0x796842f5,0x10d38a53,
-        0xf743f997,0xcdaaf99f,0x93f1a8ba,0x2fa755e5,0x409f7cd9,0x1af04e15,
-        0xd6d0650b,0x63bf9a0a,0x55abfd9a,0x67b1cead,0x0000000e },
-      { 0xb5f43178,0x3660a8e0,0x9cc35b33,0x56bd412d,0x880f6808,0x3d7bfa63,
-        0x2e622c71,0x7f372d66,0x6ff82445,0xad7b7be7,0x8db04e51,0x0f2bde80,
-        0x4bd15c8d,0xe1e781fe,0xb8e502f2,0x1f475bfb,0x00000194 } },
-    /* 102 */
-    { { 0xd63543ec,0x79482bf9,0xa117ef3e,0x985cb67c,0x160ccc63,0x8ac50638,
-        0x729bdc1e,0x556cbed5,0xa22686df,0xd62ed97d,0xc81eb77c,0xb124cb5f,
-        0x72fa2ed9,0x4d7b4f66,0x78335b96,0x60b29aa7,0x00000172 },
-      { 0xa43df7c6,0x21bfc7b6,0xbc20706c,0x85acac23,0x345d9580,0xeb6f37bc,
-        0xa32a08bc,0x9d8f20d2,0xd1953c5e,0xf08924f6,0xc4f680d0,0x7d25d7c6,
-        0x2de9912c,0x64e6a237,0x52ce644c,0xda1c06c4,0x000000eb } },
-    /* 103 */
-    { { 0x411dd110,0x26677c5c,0x2c991c4a,0x0d6787aa,0xa45666d6,0x53be6a41,
-        0xc15f9f15,0x73e716aa,0x0e0cc7b2,0xa93b863f,0x2a624ab0,0xa4057117,
-        0x1a39c260,0xe5e7656e,0x2ef6f130,0xaf8d78b5,0x00000046 },
-      { 0x70f38dff,0x796214b1,0x123a1105,0x3e35d828,0x957ed812,0x046a44d4,
-        0x0da60161,0x618fa9ba,0x54f84413,0xe7cdd2a5,0x19ea95ab,0xf1c2563e,
-        0xcb2a30b4,0xc4459e14,0x61ff9aa9,0xc748add6,0x00000183 } },
-    /* 104 */
-    { { 0x9de58caf,0x32981f39,0x8753ea64,0x05bb80fd,0x2d119486,0xc83f9f24,
-        0x03eeb00a,0xf490cf06,0x7c73d79c,0x4037f251,0x724d461b,0x844209fd,
-        0x272420cf,0x6b03f6d2,0xb3438fa2,0x6f4bd29e,0x00000152 },
-      { 0xc389e51c,0x964d034a,0x6db7d98e,0xacda55e9,0xe913c583,0xb2ae97de,
-        0xfeb03440,0x0793077b,0x9d461e29,0xaa16e378,0x043bf8be,0xb0a67533,
-        0xba7d8c3f,0x9d749a42,0x6bb925dc,0x7c41e6d6,0x000000ec } },
-    /* 105 */
-    { { 0xc5da8398,0x2e9b345d,0xbb38c430,0xbc66841f,0x7c3bb47a,0xce3ac562,
-        0x738d2cdd,0x8fbeb12b,0x68731185,0xd4bc2ad7,0xbbd4f4f4,0x9521db1c,
-        0xfe4e1b0e,0x2a690cae,0x7bfebe3e,0x375215eb,0x00000194 },
-      { 0x2edfd661,0x4cb234f1,0xed52c1f4,0x0149984e,0xd8f8f98c,0x32d27260,
-        0x7be38590,0xfe76e4e4,0x95e8b672,0x5435873d,0xf2b00e82,0x916c397f,
-        0xbad61eb8,0x3b9bf705,0xae131bbe,0x7ee90182,0x00000000 } },
-    /* 106 */
-    { { 0x93fbcb5c,0xd36fea9e,0x9fa8529b,0x382be583,0xfd611ba0,0x0b243125,
-        0xcd8a2637,0xa59ae37f,0x3d8d4704,0xab78c60e,0x44c41b79,0x1bac243d,
-        0xeda49cc5,0xc4001fea,0x83dc7e9f,0x988ea44a,0x000000f6 },
-      { 0xf077f79e,0x4d90caa4,0xd9e2590d,0xf4d17601,0xd21b4b77,0x11debbb3,
-        0x9037e1b6,0x031b3f60,0x135becf0,0xf113ed82,0xf2903dda,0xf6c01379,
-        0xa6f19296,0x36bde7ca,0x9dbbad85,0x57d3b684,0x0000006c } },
-    /* 107 */
-    { { 0x9abfccb0,0x963fee38,0xb9676e63,0x6c6e2a24,0x84ba6d27,0xf8768f02,
-        0x465853d1,0xc38ba3ba,0x1b8ab9b6,0x6e3ab36d,0x47a07331,0x01fc9742,
-        0x25233f32,0xfdd41718,0xac61de7a,0x4dacfa81,0x00000021 },
-      { 0xeaa3198c,0x365a9f37,0xfc8b99d5,0xcbe8a345,0xd4f5ecbc,0xa427f12a,
-        0x0c237514,0xe841ff60,0x28a27b05,0x5d9e8c5a,0x62859ff3,0x2d377444,
-        0xea8bde37,0x1c0460ff,0x29cf5bf8,0x0a0e49a1,0x00000181 } },
-    /* 108 */
-    { { 0x45843c3e,0x688203af,0xaabebae7,0x4601e303,0x624df62b,0x397b08f3,
-        0xd21e5aa8,0x5687348a,0x9a242b0e,0x2cf12c73,0x32a76c6d,0xc848ed01,
-        0xf52751a2,0xb72aa1c2,0x92c02d05,0xb63296c3,0x000000f3 },
-      { 0xc6f3d1f0,0xce4b42ad,0x2f532b94,0x2f0dcc53,0x83443d9c,0x57813335,
-        0xdc8dd9cb,0xb50118ee,0xee87192f,0x3039e1a5,0x557419c2,0x9977267d,
-        0x30f96b0c,0x462efa4c,0x3cd3c35a,0x454fb796,0x000001f7 } },
-    /* 109 */
-    { { 0x9d153926,0x10f28194,0x82b57548,0x42e28c91,0x509e94c9,0x4b423b30,
-        0xde9d6b57,0xc5acc52a,0x8b3ca314,0xaa746c39,0xc63d5bc5,0x0f4ea307,
-        0xe1ccc989,0x425553a2,0xf76d9194,0x271198bf,0x0000008e },
-      { 0x3c8e672b,0xc7900e46,0x3f2dfc27,0x703675cd,0xaf2163c9,0x704951f7,
-        0x7aceaab0,0x74d69908,0x7e8d2369,0x482f21a9,0x813dc115,0xdcfbc1dc,
-        0x04f6cd13,0x0ce2bc80,0x82bfaff2,0x2a54662c,0x0000003f } },
-    /* 110 */
-    { { 0x1588a8bc,0x0dcf41e6,0x210c52cb,0x6f48cd0e,0x758e7a45,0x338562bd,
-        0x48b9b957,0x1600d54b,0xa6b89b9e,0x461df80b,0x098cc82f,0xf7fd4f17,
-        0x14977147,0x167f01cd,0x6116c5f9,0xb1338511,0x00000048 },
-      { 0x5d2617f0,0xdeb76333,0x6ecb8606,0x3f9a5772,0x1b91fce9,0xa93c032d,
-        0x6c84b997,0xf7a4388b,0x823ca5be,0xbfe80225,0x35a32f6b,0x6f19c028,
-        0xe3cb5c58,0xf26cd5ad,0x6d0c1dd9,0x7f5ddc77,0x000001e7 } },
-    /* 111 */
-    { { 0x6ee764c9,0x3c9feec8,0xb07c82cc,0xd1bec836,0xa005b142,0x6bf1b2e6,
-        0x29e8a5ea,0x70ef51a3,0x3ffe241c,0x517d298e,0x72966c28,0xbb389e28,
-        0x2c7acc76,0x3a2da8a9,0x732a21b5,0x902c9126,0x0000004a },
-      { 0x8f7ce110,0x96c51b9c,0xaeb036f1,0xdcc33a87,0x0a6a59e2,0x82695098,
-        0xe78db500,0xceaf26a7,0xc95bb030,0x82f3c384,0x24c42f42,0x6dd6e9f7,
-        0x70ac4a0a,0x768dde29,0x03d22efc,0x4aedce4b,0x0000016f } },
-    /* 112 */
-    { { 0xeded03c0,0x077f032a,0x588ddd4d,0x2684a052,0x9a85be0f,0x6d09bc4f,
-        0xe0b9b6bb,0xbdda0c7f,0xf2fb5887,0x19689c7e,0xec3cce7e,0xf8a96960,
-        0x768d2ae5,0xb043d9d5,0xdb21219a,0x29c8081b,0x00000068 },
-      { 0xde59f006,0x6bf872fa,0xcb97ef5a,0xc2b9ffc6,0x58ae7ef8,0x371915db,
-        0xf4ccaa1f,0xc2e23ca1,0x89c27cc4,0x1af8c60e,0xc86bdcc6,0xeee5d7e7,
-        0x9bd8de43,0x9225b47f,0x4b24f08b,0x53e7f463,0x000000b4 } },
-    /* 113 */
-    { { 0xe3048bda,0x54c496d0,0x43c3de4e,0xe2b67499,0x4c2d509e,0xac2049f7,
-        0x543c5089,0xb01f691e,0x105a365b,0xcd9960a3,0x78b17049,0x34d93ffe,
-        0xf82c9467,0x029f99b3,0x0161a755,0x785c5ea2,0x00000091 },
-      { 0x953dbdb6,0xb455f978,0x97eca19f,0xea9e84d9,0x36d4d75a,0x473bd029,
-        0xc15276fa,0xa9c17ca8,0x47c76356,0x9cf66133,0x039738d2,0x4a68360b,
-        0x69733609,0xd3e430a8,0xe2b27f21,0x0ae532de,0x000001b4 } },
-    /* 114 */
-    { { 0x5164cb8b,0x68110e82,0x2552a67d,0x6979af4f,0x8d185527,0xe10d6d0e,
-        0xfb64eac4,0xcf6c5787,0xac424592,0x8408163b,0xfce0d810,0x5d8fff37,
-        0xda84c15c,0x8b284e49,0x32663ec9,0xed805567,0x00000010 },
-      { 0x51f3ee9e,0x106f4030,0xb38adf1e,0x2e8e3ee9,0xa13d6449,0xd3c87a6e,
-        0x80e1abb1,0x27b49f45,0x0bfd7298,0xc283d179,0xafc7a35f,0x8fe50fa5,
-        0xade3ad4f,0x773da545,0xd9a21df2,0x78bfaae4,0x000001f8 } },
-    /* 115 */
-    { { 0xabad5678,0xae60d8e8,0xe600c25b,0x0afa72ce,0x4c288e21,0xb9d4e0b4,
-        0xd254cf9f,0x64447f76,0x959e2ba5,0x1fb36bc4,0x2961132c,0x393c44d7,
-        0xfc140f19,0xd7a8881f,0x8d096648,0x27a86128,0x00000091 },
-      { 0x8a9e690c,0xb536c021,0xeab4fa15,0x85dcc521,0xb00ee54c,0x09af4423,
-        0xaf3a8e48,0xb3793525,0xb7731d85,0xe1f36308,0x141cfb55,0xb5361d78,
-        0xeffc4529,0xea41f29e,0x9f7d2634,0xcf5755b1,0x000000e8 } },
-    /* 116 */
-    { { 0xd212b398,0x01edb80d,0xd53dd373,0xd0396181,0x8a52fa95,0x0e086047,
-        0xa7825e6d,0xad1e6432,0x330ece4f,0xe0185bc5,0xb078936f,0x508f7313,
-        0x9e7f6ea3,0x1dc982fd,0xd5556b60,0xdbf3a602,0x000000e8 },
-      { 0x279e05bc,0xc3763234,0xf44453d3,0x7f5f40ec,0x7fa30793,0x310c5f4d,
-        0x108d7e22,0x5cffad36,0xc2a98bbc,0xf2f01ef3,0xd7d47f80,0x30ab1719,
-        0xa9b22e1c,0x7bc9f918,0xe834df94,0xf53dc52a,0x000001f9 } },
-    /* 117 */
-    { { 0xc183f89b,0xf266b49e,0x5f5806d4,0xd3fb5f02,0x94ec3080,0xd30a42b5,
-        0x371cd917,0x4b6b1940,0xb7f7e26d,0xf7541aab,0x2d5b7b64,0xe55269eb,
-        0x7f8036c5,0x0e1a85c1,0xda5f2675,0xa0ff0f22,0x000001ce },
-      { 0x3a8e11f8,0x602bd56a,0xf5f9ab54,0x29864021,0x0ccc92d7,0xc6742c5a,
-        0x523f650b,0xd64569e6,0xf7fabfb4,0xc8e4681b,0xc3c9e6cb,0xb4275947,
-        0x38f5ff20,0x2b3952d5,0x1f04aea2,0x818f8e38,0x000001b0 } },
-    /* 118 */
-    { { 0xe50d90f0,0x3be5bffa,0xf5011cdc,0x4cb3b11b,0xa691dfac,0xe10ca711,
-        0x4ea1a773,0x62ec211d,0xe586eeb6,0x5a979ebb,0xa0c2f1fd,0x4df16ab1,
-        0xc57bbfea,0xfe9e3f7e,0x5ae526f6,0x1b05960e,0x0000015e },
-      { 0x8630e62e,0x1c8e04a5,0x6447e1b7,0x3d00310e,0x43b4447a,0xcf1e6b61,
-        0x7462e7a3,0x92abb851,0x0002724d,0x8309ea08,0xe45296df,0x1d805d70,
-        0x3d4ed812,0x0f3849b3,0x6834d44e,0x2d6bffbc,0x00000096 } },
-    /* 119 */
-    { { 0x48e07711,0xd13fe58d,0xd270a3b2,0x70f83648,0x8cdff04c,0x1517892d,
-        0x51411f14,0x15bb6578,0x3e4f8a55,0x6c31cd90,0x0413362f,0x73f87152,
-        0xeca06d4d,0x2fe025ee,0x954e317f,0x32a6e417,0x000000ad },
-      { 0x69d147df,0x7e38c63f,0x710bf37b,0xb69bb06e,0x28d514de,0xb94debef,
-        0x8d11c3d9,0x4b2307fb,0x0385c604,0x3b369df9,0xe7800e83,0x68ea2f49,
-        0x7d501c1c,0xf028b258,0x5cef7818,0x97078221,0x00000055 } },
-    /* 120 */
-    { { 0x54c1d751,0x10c351db,0xba0f9512,0x81445301,0xbfdc8bed,0xa77eb34f,
-        0xcf23680a,0x498d8138,0xe04f2860,0x928c14a4,0x16a5b6da,0x96192dba,
-        0x5f9a9103,0x49dea95b,0x01724102,0x80dd4578,0x00000085 },
-      { 0x0e09221c,0xe9072500,0xf21de056,0x62e05b21,0xe0e60950,0x448cafa1,
-        0x6f775129,0x657fb97b,0xf1f34aca,0x5d2991bd,0x49ff15d6,0xa66cd5ac,
-        0xd049ec79,0xdc1d6897,0xe72baea8,0x388fca84,0x00000067 } },
-    /* 121 */
-    { { 0xa6ef1dd3,0x6520b49d,0x3ba6cd76,0x391a045e,0xf33d5f48,0x9c84980a,
-        0xef07474a,0xe53cf5b2,0x78bfb1ea,0xa35b2e9a,0xeda906fa,0xeca97fd6,
-        0x1b9f2cf4,0xf1a93789,0x3ab28589,0x66753369,0x0000010d },
-      { 0x73691faf,0x5b510496,0xd57ec618,0xdc73d3a9,0x930a8525,0x7e2921bb,
-        0x40b05b69,0x094f571e,0x413bedca,0x5e96a017,0x8d1a6b98,0x9e7d4f72,
-        0x3eade8b7,0x55143fda,0xd16e454d,0x859b8444,0x000000fb } },
-    /* 122 */
-    { { 0x7c667aaf,0x7c22083e,0x4a91ccba,0x33545cb9,0x8ca0e94a,0xca1e9931,
-        0xe4eaa0c7,0xc3afff23,0x42f56844,0xa21ac436,0x60d52d0b,0xfcc68a8b,
-        0x6a9301d4,0x401a585b,0x907abce1,0x547f762c,0x000000a3 },
-      { 0xfbe260ce,0x63dd3ed3,0x80dc01fa,0x2717752d,0x6f1da3e4,0xd5fab75d,
-        0x5261f10e,0x5f16864a,0xd20cd6bb,0xbe7b1f63,0x221ac656,0x9d638c10,
-        0x673b918e,0x3137b8f6,0x4ada2fb8,0x23eb4438,0x00000174 } },
-    /* 123 */
-    { { 0x2a1fbcf4,0x194e27c4,0x5facd5ee,0x4c0d285b,0x915e6607,0x75c2ebdd,
-        0xef0a6a9a,0x1e696510,0x067cf458,0x13c5afa1,0x7bee1fba,0x2be013c1,
-        0xdad279e7,0x85a406d6,0x5142cf59,0x0042951d,0x00000031 },
-      { 0xa22bbc45,0x6a735ec1,0x7f56f4d8,0x4ee5391a,0x236001de,0x305af9d0,
-        0xaa2f8d25,0xa8b21851,0x187db78a,0x0e2c36d8,0xa1a888c3,0xcfcc083f,
-        0xbd3e7d5b,0xb91dab7f,0xf4fdd023,0x62d85460,0x000000f4 } },
-    /* 124 */
-    { { 0x4972d703,0xf568ba02,0x39098a03,0xfc44ca1d,0xae28c855,0xe9b8e542,
-        0x5b1b4536,0x4fd4f360,0x4c7f7e48,0x2e08b07b,0x2230823d,0x042f3b98,
-        0x1889fd13,0xc9ffd313,0xc6c68359,0x56af0652,0x000001bb },
-      { 0x06e0f16a,0xedbf05e2,0xd74644a5,0xfc1ac2fa,0x0f92c71a,0xe59a0a98,
-        0x36c800a1,0x13ae37d7,0x236178dc,0x5f20efc6,0x2b46ef10,0x443a58b8,
-        0x442509e4,0xc9517dcf,0x640ed9b0,0x7d0bb415,0x00000166 } },
-    /* 125 */
-    { { 0x3d22842d,0x3aa30a61,0xb3c4ece0,0x8c6e00f5,0x6df82b79,0x8764cf87,
-        0x78d208c5,0xda92d86d,0xe788854a,0x0a52d391,0xa59b0994,0x499b26fb,
-        0x04c5fc9a,0x5dc133ad,0x34e3f134,0xa5c09269,0x000001dd },
-      { 0xfad6d673,0x6f0dcac2,0x00f3b3fe,0x6d8fdf05,0x631756e9,0xece71941,
-        0x0a4d80e3,0x3990f493,0x31d13001,0xf2aca936,0x75581638,0xee91966c,
-        0xe6dd5679,0x6df0f574,0xccd71cda,0xbe124868,0x00000111 } },
-    /* 126 */
-    { { 0x475cc1b4,0xf644c726,0x2b73978c,0x915fc2f9,0x0e3d7eb7,0x65a7e6d1,
-        0xf40c38e0,0xbb44e21a,0xe1ad24fc,0x988662b9,0xc35606e5,0x270ba4dd,
-        0x1a4f93f7,0xc3834a2c,0x3362a4d7,0x93d0c9a2,0x00000021 },
-      { 0xf769fd7f,0xe2cb7b8c,0x89a213b9,0x1815da97,0x6b910fef,0x7b4f8c56,
-        0x26931438,0x2088b309,0x925b37c0,0x477b71bd,0x26a640e5,0xa049a921,
-        0xfd21c6ef,0xd3ddf1bd,0x232a56b2,0x9b5f9d7d,0x00000064 } },
-    /* 127 */
-    { { 0x679a9c35,0xd640adf8,0xcb74d796,0xcdad98e3,0x5f8e9daf,0x464b8ebb,
-        0xad4a073c,0x4738614e,0x2edde557,0xbd86c0ee,0x576ce0b9,0x77331738,
-        0x4095fb96,0x9b5d3327,0xee09aead,0x72f0aeb3,0x00000136 },
-      { 0x64e54ba5,0xa388c76d,0xdc474d21,0x63fe7af1,0xb2a77081,0x7fa3e9d1,
-        0xde1240ad,0x0447b49e,0xc720303a,0xd9f64b66,0xe6bd0213,0xb1c78029,
-        0x0aa03ea5,0x1caf1c70,0x3bb85d2b,0x179180eb,0x00000103 } },
-    /* 128 */
-    { { 0xaf2ed12f,0xadbf4f9f,0xf380fd8a,0xce1d19e4,0xa39e81ae,0x0957bdb5,
-        0x626ef6bc,0xf9833321,0x0cf5b28d,0x110ae5ea,0x20392cd4,0xab159450,
-        0x6bc67855,0x67c49887,0xa3fd61c6,0xce7e5938,0x0000004a },
-      { 0x28c7dea9,0x59c5b9ef,0x0a6a7184,0xd02f95ba,0x8202769c,0x034dc257,
-        0x94dd6896,0x213b0b08,0xb5dea95a,0x03730b7f,0x617ca889,0xfe243ed0,
-        0xfb1ba052,0x16cf4d17,0x226f96da,0xd8691d6b,0x000001c0 } },
-    /* 129 */
-    { { 0xbf8015c2,0xaa2edf3f,0xc49502d8,0xe7f8236d,0xa6a43157,0xe890f6e0,
-        0xa2d04b0c,0x318ef325,0xa809dbab,0x9cc0668d,0xda67ca21,0xdd26937a,
-        0x83febc49,0x8f27c12c,0x3c9b9844,0x87b3db2f,0x00000029 },
-      { 0xfd2e3dc7,0x37e7aed0,0x7415fd55,0x498e8bdb,0x58a45f25,0xfc0d6c9a,
-        0x209c85d0,0x83d5baba,0xd579e1ee,0x31ec8dc6,0xa502bfed,0x1f4cad0b,
-        0x1f41bef1,0xc432e6ce,0xbbffca65,0x3b10afaa,0x00000191 } },
-    /* 130 */
-    { { 0x53053af7,0xbd9f7df0,0xb28a1cf4,0x60304765,0x7ce90438,0x441778fc,
-        0xac8c5ddd,0x8fbed36e,0xfb59ec61,0x27b1313b,0xa1b1becf,0x9d2656ff,
-        0x945973a9,0x334e1345,0xc362b595,0x3261888c,0x0000018c },
-      { 0xaa7f6ff8,0xf413a414,0x3fab7c7a,0x092aeb88,0x7cc307ba,0xfa1d886b,
-        0x2346100e,0xdc81c125,0x02140c93,0x93d4d273,0xe6104835,0xa1ed7e3c,
-        0xdf1795f3,0xe2b91ecf,0x369ed416,0x160dc11a,0x00000191 } },
-    /* 131 */
-    { { 0x8b57d7cc,0x9a72f46e,0x4bf02386,0x3140b0e5,0x05b3a91d,0x886c396e,
-        0xa4ec26e0,0x1b9ab3a9,0xc50f58e9,0x742feaeb,0x55e26af0,0x1592c608,
-        0xbb1cd9f7,0x943cd476,0xc7f02c89,0x3ed97fd4,0x0000017c },
-      { 0xe6d54964,0x53b02503,0xc6a318c0,0xd9bd1162,0x9cc28c22,0x18ff6cf4,
-        0x03534640,0xa45c7840,0xb4cc0668,0x8ea3335e,0xf42dbe03,0x7ad727f8,
-        0xfdf6c3cd,0xb157e911,0xec992d76,0xa7f894c9,0x000001b3 } },
-    /* 132 */
-    { { 0xaf09ea77,0x91e6e397,0x75dc25c5,0x26a760b9,0xb94a197b,0x8c040c08,
-        0xb68ce619,0x041baca8,0x5bd23564,0xa19a0d15,0xd977b33f,0x86ca5b94,
-        0xe5fbd029,0xf31f87f8,0xb1901f99,0xf76c55a6,0x000000b8 },
-      { 0x3846ec9f,0x175bf8c3,0x9deaca46,0xf462205c,0xa3108df0,0x92cb5ec0,
-        0xcfaed928,0x879db283,0x65049fb2,0x477dc004,0x96ee5031,0x48d24bac,
-        0x56adce45,0xa7db6b16,0xab1c684f,0x0110cdab,0x000000fc } },
-    /* 133 */
-    { { 0x4d308bf2,0x151b66d8,0xd6638004,0x99013c9f,0xfd383bf9,0x6892df92,
-        0x3ffc8efc,0xa10efd84,0x313ea287,0x527e316c,0x3a0df740,0x8ef6e3cd,
-        0xf6ebd2a1,0xcb96e430,0xa70ee4ce,0xc1ebecf2,0x0000018c },
-      { 0x1a70404c,0x80d14ad7,0xf9ce2a30,0x6ad21dd0,0x3aa3e072,0xb94cbcde,
-        0x6363a690,0x0ab59611,0xc6b1e2b4,0xe70bff45,0x66ceec5b,0x1296dd0b,
-        0x747757c0,0xd4cb2a74,0x3d7d91e8,0x08988ca6,0x000000aa } },
-    /* 134 */
-    { { 0xf8db0396,0xaa2dcfca,0xb422da76,0xe8ae8f37,0x96485724,0x652f8349,
-        0x7bf1493f,0xf647c3c4,0xb0247a4e,0x8b600b46,0x7aebda8e,0xabf3e439,
-        0xa7958df0,0x2e1d231f,0xf881bab2,0x38e692b1,0x000000ef },
-      { 0x26cf3047,0x1f3c1689,0x59539858,0xdad14f94,0x293f20b6,0xfde85d1c,
-        0xf57abb17,0x2ea5436e,0x1794de38,0x0d1a8ffc,0x2bfecd2f,0x9ba508e2,
-        0xdb786042,0x110f0a7f,0x7cde31f8,0x2ade6f64,0x00000196 } },
-    /* 135 */
-    { { 0xfec78898,0xc996a537,0xde0fa77f,0x0b39de72,0xd34cb08f,0xf6d076ac,
-        0xda78d353,0xacd8bb82,0xa0392cc1,0x5fe804d3,0xe581549d,0xab7adede,
-        0xc067c6d9,0x883901a0,0x4ed93f37,0x5855ffa2,0x00000191 },
-      { 0xbf9ebef3,0x29570e36,0xdf4b3177,0xe21046a5,0xa6816b5c,0xf9b89a95,
-        0x288d0e11,0xadf39281,0x3979159a,0xd6baabe5,0x5c8fabb2,0x411afee0,
-        0xe5c7af10,0xf192c3af,0xd7dce37b,0xaa72e81c,0x000000f7 } },
-    /* 136 */
-    { { 0x16c386ee,0x20fa3c0f,0xd4c09839,0xb33b0469,0x876a3136,0x79e0d722,
-        0x3c406c06,0x343c0a92,0x4debe27d,0xef220e3e,0x196f00ea,0x09d7b1e1,
-        0x24a9dcff,0x4a0f5dd8,0x99c1d085,0x53582ec5,0x000001e2 },
-      { 0x5138c7ed,0xcc8ef262,0x6547f88d,0xdec43194,0xdd0a9488,0x2b6e53ad,
-        0x8257ebdc,0xeb9f1efa,0x1f08c989,0xc583c6eb,0x40163768,0xf1736911,
-        0xdbc20e3d,0x6282ff8b,0x9cbd514e,0x26b81005,0x000000d5 } },
-    /* 137 */
-    { { 0xa0025949,0x2449522f,0x0bbd8945,0xb26d888f,0xe637216f,0x33442f5f,
-        0x472827f6,0xd8ec3b64,0x99fc2681,0x91d8a1a3,0x68c7710d,0x6d232ead,
-        0xe51b2762,0x8e5bfe2f,0xfd109fa7,0x0f9f4fed,0x00000004 },
-      { 0x6b4a05e0,0x1952ea51,0xf21c78eb,0xcb0d48ee,0x1997dfdb,0x64d36619,
-        0x8b4c21fd,0x0d11b204,0xbe92303a,0xa6f569b6,0x78c5e809,0x2b8f6096,
-        0x36805d8e,0x7226b5ab,0xdb349ca2,0xd6cff180,0x000001bd } },
-    /* 138 */
-    { { 0x943cc612,0xa49f8576,0x832b31c7,0xc914319e,0xcccadebd,0x9225e297,
-        0xb0619821,0x4918fb42,0x25b1cc7c,0xaccb3084,0xa646e5f0,0x751d3347,
-        0x590e3e22,0xeafb4aae,0x2c4a0008,0x82146038,0x00000151 },
-      { 0xbf96a461,0x3c2481db,0xb52a3ba4,0x51c122e9,0x464db08b,0x21c2858e,
-        0x6d6a081d,0xb1014b78,0xf533cef7,0x167d3ed4,0x81545f7c,0x6cfb3294,
-        0x449b7b9f,0xea46d31c,0x9621c299,0xcfad7613,0x00000081 } },
-    /* 139 */
-    { { 0x478a7f0e,0xef796327,0xde17705d,0x914183e2,0x572117e8,0xd24a26df,
-        0xb7cd52cf,0x3cdb1b09,0xad83c160,0x9e42b9fb,0x709ef8c9,0x6971d2ea,
-        0x8ee54ccd,0x1894fc5b,0x34a520fc,0xf757b4e5,0x000000fc },
-      { 0x86b62347,0x5a5518cc,0x7bc2a928,0xec51c9d2,0x2966727f,0x2eea2b05,
-        0x0ae43e6f,0xbc8a8e3a,0x05ca066b,0x80535b5e,0x8833986d,0x91ffcdb1,
-        0x32374cdd,0x2f4a5bba,0x0d202243,0x08763a49,0x00000124 } },
-    /* 140 */
-    { { 0x4efac14d,0xe498b972,0xa79a9d3c,0xb6f4bf8d,0xd6e07c29,0x0f1e8dbd,
-        0x71771538,0xfac30cfd,0x71b03263,0x4c91ed22,0x19b455f5,0xbf938335,
-        0x127092bf,0x76a5e789,0xb4813bd9,0xa97674e1,0x00000128 },
-      { 0x583e5924,0x29b63c41,0x8f171d06,0x61f9aff1,0xab227a28,0x2b45b3cd,
-        0x8a11ab70,0x939d5dda,0xe8db6971,0x2bfb47b0,0x0ec10805,0x562379df,
-        0x24ce1801,0xaf5a6481,0x34f94aba,0x8d98c434,0x00000150 } },
-    /* 141 */
-    { { 0xcfffc80f,0xdea9fe73,0xd43473f6,0xe23e2e9b,0xc9d37ba7,0x27fb3ed3,
-        0x7a3fc357,0x733766d2,0x8e04a03d,0xd0db4cf3,0x2bbe0f43,0x8ce01752,
-        0xda986f4f,0xd87eb719,0x2fe6b037,0x6d1b50ae,0x00000153 },
-      { 0xda40bab1,0x371f5def,0x9b2bda63,0x07d6a8af,0x0d4aca87,0x5e8a5c89,
-        0x643ff8ab,0x4d72f0ff,0x4bf8ec2f,0x9c4c10d9,0x0eb93e22,0x36b0eaba,
-        0x1d2dfd01,0xbc4b0e8f,0x9d34a082,0x9f252e5a,0x00000142 } },
-    /* 142 */
-    { { 0x7d0e7020,0x4affd4c1,0xb5482168,0x9b169aaa,0x588f348f,0xdbe01708,
-        0x885986bb,0xdaebf6ff,0x15f9c381,0xb33987f5,0x04a94a7b,0x7e455f2c,
-        0xa0ed6849,0x39a41442,0x1ef7798c,0x1c1ad4a6,0x00000154 },
-      { 0x072709c4,0x7647b628,0x8810e5fe,0xb330d68b,0xe92e0f63,0xd1bd8874,
-        0xf8bea9ba,0x144e4fb9,0x8318981a,0xc15afc18,0xb68c6a07,0xe19c5c82,
-        0x36e00b66,0x858c57a2,0x07cb7aec,0x9b255110,0x00000011 } },
-    /* 143 */
-    { { 0xc887027d,0x121ced27,0x2bfab286,0x6050f335,0x19d511e2,0x6e373c1c,
-        0x7f4c69f5,0x02d4c3a9,0x25226bb4,0xe6f356af,0x83e7ac30,0x3b9011c3,
-        0x33d8fdfb,0x43b0c23d,0xaf2ea363,0xa8c390f7,0x0000000b },
-      { 0x7e851bac,0xc430c3d6,0xa5f544fc,0x8991c389,0x67fba061,0x006bbc64,
-        0x97cbdbf4,0xd49d024e,0x7734adad,0x4539b7dd,0x28cb6d2a,0x90ba8f9f,
-        0x4de4b3ad,0x7a921830,0xa7b96928,0xb28732ef,0x0000006a } },
-    /* 144 */
-    { { 0x22ed5986,0x71dab52d,0x58533e06,0xdeee627a,0xcf155fe3,0xe8fee37a,
-        0x7ae8b132,0xcd61490d,0x34a08b94,0x2706e185,0xf9c15c30,0xa85ffd52,
-        0x51a5ad46,0xd5a224f3,0x54d700bb,0x44d1b6d5,0x000001e6 },
-      { 0x862e4e9c,0x96830686,0x48763fe4,0xfe5cd76c,0xc0839caa,0x60309679,
-        0x8d83d62d,0xc0e4cbeb,0x11bc4ae2,0x911e254e,0x64fca062,0x96a0d7c8,
-        0xe9a27045,0xf5785dd5,0xf3e0412c,0x2f4677d0,0x000001be } },
-    /* 145 */
-    { { 0xab01a6dc,0x4c0012dd,0xae1adb69,0x391bd6c1,0xb9b05079,0x3ae7daec,
-        0x62a1061f,0xc2714f9e,0xa96536b7,0x71978ee7,0x5e17654b,0xeec11bd0,
-        0xefab3dd4,0xc71166e0,0x87edbf61,0x0f7aa572,0x000001d7 },
-      { 0x51eb5932,0x26ea6f7d,0x5f882ca4,0x354ea0aa,0x7739f7dc,0x175b6097,
-        0x9be57934,0xd335192a,0x78545ecc,0x9801f423,0x7b643c9d,0x32b8e256,
-        0x23e3abec,0xb9411dd7,0xcf1c6509,0x656dea68,0x000000ee } },
-    /* 146 */
-    { { 0xa0890deb,0x4d38e140,0xbceb84bd,0xbf7bd87d,0xba041dec,0x51f0ff72,
-        0xa6820be9,0xafeec70a,0x8c486298,0x755190a3,0xe7010ec4,0xecdba558,
-        0x8c7879b1,0xced91db8,0xef5e215c,0x08de3e4c,0x0000014c },
-      { 0x16266da2,0x9c1534ed,0x7b4c9009,0x9ce322eb,0x69927688,0x37decaef,
-        0x05c2844d,0x6525097f,0x1ac519ab,0xd23b7e13,0x65a3cc86,0x682ebb72,
-        0x628c4575,0x0c531db9,0x73805373,0x2e00e8b8,0x000000be } },
-    /* 147 */
-    { { 0x57ed32e9,0x3807c800,0x7c024997,0x427e40cf,0xabb54830,0x58506abb,
-        0xce820bf4,0x5649776f,0xb2c43e81,0xb5353293,0xcfef6648,0x671e8353,
-        0x903bdca5,0x27217d3f,0xa813fd79,0x40a9c109,0x000001dc },
-      { 0x3db21a38,0x6beaa6c3,0xd73ef7e4,0xcae222e1,0xbd1d507f,0x1ff684e7,
-        0x587a77ab,0xf5bac664,0x0c64a4d6,0x58c74f62,0x6a7c378a,0x4ca837d9,
-        0x3e42e409,0xf43df531,0xfb49e14f,0x8a9a4347,0x0000013f } },
-    /* 148 */
-    { { 0x992f8923,0x85ab4edf,0x6fd209f3,0xe24aa5e0,0x1b1340ee,0x27be9b87,
-        0x91e0bb40,0x2957d11f,0xf3d4c62c,0x425afad2,0xc7ff7aaf,0x2d231286,
-        0x0114cbe9,0x96412b2b,0xc3e23529,0x6706a231,0x0000019f },
-      { 0x225c02af,0x06b3bbd2,0x3fa3e98d,0x53ebc166,0xb84f482e,0xa6df2b75,
-        0x2bfc55df,0x912b4521,0x512a73da,0x30bdbd40,0x3d53eaa4,0xac0f43d9,
-        0x0c27fd53,0xfc358fe4,0x919424b4,0x2cb183be,0x000000a3 } },
-    /* 149 */
-    { { 0x3fa6a746,0xe39b0c2d,0x1d5a24a8,0xe84a7922,0x78cdf2b5,0x70a58914,
-        0x30666cb3,0x8a88067d,0xf6d71d06,0xb09a709e,0x0065d184,0x50007a3e,
-        0xb8dc9448,0x7046af4b,0xc65493ac,0x2b6a3129,0x000001fd },
-      { 0xe45f2771,0xd3d5d5bd,0xf432ed95,0x8542b08a,0xf232a6bb,0x2ecd40fb,
-        0xe8beccb2,0x0fcb6143,0xbf8e247f,0xcecc513a,0x8da3039b,0x955d56f7,
-        0x56c2a0df,0x9157c619,0x3031fe2a,0xa6d35cbf,0x0000018c } },
-    /* 150 */
-    { { 0xbe0c4923,0xdd800b1b,0x6902907b,0x046ae740,0x957bd0c7,0x2398b37f,
-        0x9655f8b8,0xaa8e1a9d,0x500f4150,0xcd2927fa,0x202e7aee,0x826a9c6d,
-        0x9f29692e,0xb4cf58b3,0xbf41577c,0x3093868c,0x0000011f },
-      { 0x333ed442,0xadcb5e7a,0x906fef7b,0xae5c8e2f,0x3d98f228,0x2d9b0123,
-        0x7ffe125c,0x4632f2da,0xba231835,0x59487731,0x12d2c512,0xa0caae5b,
-        0x9857d9c4,0xbf00e658,0x54f200f6,0xc5d10086,0x00000172 } },
-    /* 151 */
-    { { 0x2fc283e0,0x58954046,0x7ee0880e,0xf7633984,0xb7fd1622,0xfaf1b40e,
-        0xf598c5ed,0xecf5151e,0x7e00d9bb,0x6b4d92f7,0xa8c43fd4,0x7543e3b3,
-        0x6511d1d2,0x3994e12c,0xaf05b6d3,0xdd841a1d,0x000000c6 },
-      { 0x23b991ad,0x23da17e0,0x71fba514,0xaab2b213,0x0ddc1879,0xb417ec5a,
-        0x5f63acdc,0x173bc8ad,0x1e2a7d50,0x2fcf5210,0x6106d008,0x63373fd0,
-        0x7db012cf,0x1e8211de,0x576545ef,0xa07766d9,0x0000018c } },
-    /* 152 */
-    { { 0xaf80dfaf,0x8e4347b9,0x9c4667f3,0xa80b631f,0x6ddbc238,0x6ff1db26,
-        0xaa8718a0,0x6161e365,0xaf31c35f,0xe7f7ac90,0xfc6846e8,0xc03831d1,
-        0x684175b4,0x1e669d10,0x934b731a,0x6da9d620,0x000000c7 },
-      { 0xa3e4e78b,0x981f597b,0x55099f9a,0x2c14dedc,0x93088c61,0xbf373995,
-        0x9b207458,0x7c568307,0xa2276900,0xc4440c47,0xf7e6daf3,0xb6df23c8,
-        0x42929103,0x4f662c25,0x8b3b7963,0xf4ea6db1,0x000000f9 } },
-    /* 153 */
-    { { 0xced36049,0xc669eb88,0xf41b99f8,0x87a4ffe1,0x6a72e108,0x690b7563,
-        0x65a0bb8a,0x67dd6a8c,0x96e42955,0x42cf8c58,0x1aabffad,0x5286b5f3,
-        0x8f6f26a4,0x1f7dfaf2,0x0e1ae503,0xc5d9e0ac,0x00000120 },
-      { 0xacc10da7,0xafbee3ff,0x944946e5,0x67e2d5f9,0x3c4220ff,0x8ec17e86,
-        0xbd6f632e,0xfe6f7414,0xc3fc9ef4,0x4a9e3c0f,0x03bfb870,0x25ff3cba,
-        0xbb03342d,0x18fd3600,0x0050cd2e,0x1e63e753,0x000001ac } },
-    /* 154 */
-    { { 0x8f3d6a02,0xdd83d07c,0x7ef4d0d1,0x71fc143c,0xd4c7af61,0xca994bf0,
-        0x827c5cf0,0xc8a93e98,0x2b697882,0x4a102c7b,0x8a55e8ba,0x633c87d5,
-        0xcc2d64f0,0x1ae8822f,0x986d01fc,0x2ce9b53f,0x000001c1 },
-      { 0x95dc1b79,0x859639fd,0x3f4e616a,0x2728f754,0xede2fb9f,0x6e703c4c,
-        0xd50fae9e,0x042f7680,0xc2d530ed,0x0546bc3b,0xcdd598ac,0x00a4006b,
-        0xe1294910,0x3f3286c9,0xb6bf9629,0x77782255,0x00000146 } },
-    /* 155 */
-    { { 0xe30c98fe,0xaf81421e,0xfc2cd705,0xdeb0feb0,0x14df6ad2,0x9b2c4ca6,
-        0x9ba314e8,0xd38134de,0x4f04b16d,0xa443deb8,0xf07f8ca8,0xfc556ee0,
-        0x3a4f3917,0x3c1c83bb,0xb1adcd41,0x8397dd24,0x00000199 },
-      { 0xdf4781e6,0xca01e17e,0x46f1f901,0x32d7c319,0xb53090da,0xa227a613,
-        0xa7c8c607,0x2495b1dc,0xddc69709,0x1cf2fbee,0x45608098,0x1d3d82bb,
-        0x085134d7,0xcfcddda3,0x96798c41,0x3dd171b5,0x000000d2 } },
-    /* 156 */
-    { { 0xd4dd7e96,0x97a40f84,0x8409fc0c,0x7114c8ea,0xa9d11393,0xc56f29e6,
-        0x8fd8c6d6,0x3b606621,0x00269e7c,0xad3baa86,0x05929d5f,0x1413c6b0,
-        0x222e365b,0xc1ad7e40,0x4798aaec,0x6a82621a,0x000001d3 },
-      { 0xc1003c81,0xaeac45c4,0xf43d8602,0x9ef9ef5a,0x60f77469,0x36a65f5e,
-        0xbf5d2858,0xf312e7ab,0xc84acef1,0x2f53ec81,0x9d248b52,0x63e32ca2,
-        0x81e65c60,0xfe9aa7c5,0x52841973,0xe3686c9a,0x00000017 } },
-    /* 157 */
-    { { 0x9e90de99,0x0b2efe65,0xad05ab63,0xbe4485bc,0xe14e4892,0xc48a6a52,
-        0x22628687,0x2ad85430,0x5eb3db54,0x261f0e95,0xd45e5841,0x48e81863,
-        0x8ed75739,0xcfe1ce0f,0x7d84ade4,0xbd6f1ff5,0x0000003f },
-      { 0xd1bf968c,0xd43711dd,0x48dfa472,0xd558d7cd,0xe425a566,0x49f09223,
-        0x5c26d041,0x0cf83338,0x7c2c1743,0xbe7b81f1,0x5143d9d9,0xe3bdc33e,
-        0x94fd3fae,0xf385ac35,0x9fd1811a,0x7551cf42,0x00000113 } },
-    /* 158 */
-    { { 0x20193bb2,0x4928f55b,0x7310b872,0x96e579d0,0xd345d276,0x5ee06309,
-        0xa871868a,0x9a43e432,0x11038683,0x28c113e1,0xa332f108,0x8286ecf3,
-        0x0385cbb4,0x3348aa37,0xef158daf,0x698ffcaa,0x000000c6 },
-      { 0xf6908745,0xa044c54a,0x6a3353fb,0xa6b336e4,0xd561e821,0x694c2852,
-        0x3634917f,0x1b297970,0x81f61315,0x6e1023b9,0xef46a5ef,0x6817dc2b,
-        0x8e114f7f,0x93dea0af,0xed72c5bf,0xc3cf3cd5,0x00000136 } },
-    /* 159 */
-    { { 0x7b080de4,0xbb8799ab,0xd69d8396,0x3b8f781d,0x986f8f63,0x76b42aaa,
-        0xa54bc5ca,0x5d74c038,0xa9c2fbb9,0x76fcb605,0x80178930,0x8451b440,
-        0x9d286f0d,0x40f00c38,0x0c543263,0x3038e952,0x0000014c },
-      { 0x6977aad9,0xc94bc381,0xd7087be3,0xadbfd082,0x875fed08,0x06d0820c,
-        0x345656fc,0xe1ce84d4,0x0fd6dd4e,0x71c4d8e0,0x6a5fab40,0x23338b22,
-        0x0baeeb6f,0xd477eac1,0x5f80c26c,0xe4db08bb,0x00000078 } },
-    /* 160 */
-    { { 0x1078342a,0x0111d12a,0x559a1064,0x0534725e,0x0fd3ffdd,0xea459d59,
-        0x06f0ac1f,0xcf694a9f,0x3e19bc69,0xf6d24adb,0xb9ddcd00,0x3ce38f5e,
-        0xb632dd4e,0x38400f66,0xe15e1c55,0xcab8fdfb,0x00000085 },
-      { 0x8d09422f,0x0a943f6b,0x0f988c3b,0x17d29756,0x2ef2e4d9,0x55a441fa,
-        0x35f7c13f,0x6743523b,0xedaad3ff,0x274d3407,0x9347242d,0x59411435,
-        0x3bb8615d,0x1cb27301,0xbd7794cd,0xa0437004,0x0000007d } },
-    /* 161 */
-    { { 0x2d712c44,0x824b99a6,0xa6962577,0x148368f8,0xd65e2287,0x8ed68432,
-        0x6f5bc5f8,0x14028306,0x4ec3479d,0xe6cf3121,0x9326db70,0x96db6f44,
-        0xca32936b,0xca5ac098,0x2fea21af,0x69e248c7,0x0000004d },
-      { 0xa71269fb,0x0aa89092,0x18650b60,0x2f6bdba8,0x9fb55db2,0x1d9cc2a3,
-        0x6311e9d0,0x0fceb0df,0x90ac2c1d,0x6faeb79c,0xcb1f372a,0x2393b222,
-        0xbc8c4193,0x62a6f3df,0x2fe8e674,0x9dea30b2,0x00000001 } },
-    /* 162 */
-    { { 0x12b3118b,0x7df689ac,0x6cb6ea56,0xd06ee39d,0x187cd978,0xcfcc22c2,
-        0x8d537d87,0xb985b681,0xe9f56db2,0x75845152,0x5e098c15,0x0f839871,
-        0x3b212cd2,0xbe96a5c8,0xd9ac1c47,0x3dda0338,0x000001fb },
-      { 0xcfa0a9b8,0xf06b7fe0,0xe22dcf75,0x9478bac7,0x136887c8,0xf3815e04,
-        0x914c54bc,0xed811dde,0x0f51ea64,0xc8c24160,0x4c870577,0x63914d83,
-        0xa8abbcb4,0xed24e552,0x2644f52e,0x9e5eb9e8,0x00000001 } },
-    /* 163 */
-    { { 0x66d52313,0x1f65a04e,0x4d3f72bd,0xfd694545,0xa6b7ae11,0x2bc0ddaf,
-        0x571ab247,0x921f79d8,0xae5a8d68,0xd4c5f966,0xaec5ce13,0xfde17716,
-        0xb764bd39,0x70e6eda4,0x990d6783,0xffe94085,0x000001ef },
-      { 0xd88f92e8,0xf3fa0e27,0x9c77123c,0xa21ef0fd,0x89274dba,0x6259974c,
-        0xb9ba2762,0xd4cfa4a5,0x46ebcaf6,0x10c909d2,0x8f8e2870,0x0317a10d,
-        0x453aeea2,0xb0771de1,0x68c6b0a3,0xdf0c4791,0x000000ea } },
-    /* 164 */
-    { { 0x4c854477,0x11bc1e48,0x8638e47c,0x2bec25b4,0x869c54d9,0x43d4e02b,
-        0xbe1e7ed2,0xe318de32,0x6b460c4a,0xf5471eb0,0xaa426afe,0x38ae7bf3,
-        0xd8452dc1,0x23ae26dd,0x5782de9d,0x9d3fc1d5,0x00000164 },
-      { 0x0ade1979,0xd87cae31,0x3b4bc728,0xa847041d,0x56c3c9be,0x38923c40,
-        0xd74ae467,0x36fe182a,0xecbe49ae,0x92bff6f4,0xdc41f9f5,0x6680db80,
-        0xe4630715,0x35bac06f,0xd6d07307,0x6d68b4c7,0x000000c0 } },
-    /* 165 */
-    { { 0x854dfcf2,0xdbe22be7,0xa6ae3bd0,0xee21a7df,0xa521ec46,0xf4633ad1,
-        0x41a9484c,0xee94527a,0x2aa123f3,0x1145eb9b,0xcae3ca92,0x5634a82a,
-        0xfc85d925,0xe176aca0,0x19082d8c,0x504cf7fc,0x00000078 },
-      { 0x3799793c,0xd74ce7c4,0xb5519fb5,0x74ddd618,0x95ff9808,0x2cf6df93,
-        0xb8bf61e6,0x00ea45d1,0xdcfcf54f,0x26863613,0x030035b0,0x67423b76,
-        0x4028a9cb,0x9fbc7534,0x051a077e,0x7b52ce37,0x000000f4 } },
-    /* 166 */
-    { { 0x96bec962,0xebf7d8ad,0x17e0107a,0xd1cc81f6,0x214e1058,0x64c44509,
-        0x42394c9f,0x6c298c43,0x1a660513,0xd910052d,0x90df8243,0xc3643754,
-        0xfe5cdea4,0x2313be1e,0xd27fb7b1,0x249a60f7,0x00000076 },
-      { 0x1cf593a0,0x74975838,0x8364c59e,0x0c9ceefb,0xe05c9991,0x2f5a1333,
-        0x421808e3,0x30ea5e1f,0x4f5e8f4f,0x56fb3a4f,0xb6c0cb47,0x2cae6e2e,
-        0x08bdcc6a,0x60b307fd,0x0ff8c117,0xee17901c,0x0000001a } },
-    /* 167 */
-    { { 0x89aa9e14,0xc048336b,0xf676700f,0x66634271,0x906b6980,0x4daa0433,
-        0xebb7ab23,0x30247ee1,0xeb59a053,0x969b4aa7,0x8000f4d5,0xd78ef825,
-        0x46026b5b,0xe5db38eb,0x7d6856c4,0x06a43e5d,0x0000003b },
-      { 0xed2a0ee7,0xaa0ae838,0xf16e8813,0x04bbe528,0x4ea64137,0x8ab6df5c,
-        0x06e29867,0x5be80cb6,0xf459ed2b,0xf19b1b72,0x1761521a,0x7a9cce4d,
-        0xaa516f3b,0x39aff994,0xb3416925,0x97d92e86,0x00000007 } },
-    /* 168 */
-    { { 0x5af3a8ca,0x25aeede1,0xa5c351ec,0x33924782,0xf93ec080,0x41e7a3fb,
-        0xe6f425b4,0xb04f93c4,0x81e76009,0xe4ec12ec,0x5180ffc6,0x797366d4,
-        0x0e0aef3a,0xd293cbb5,0x68d71d91,0xa1496944,0x00000061 },
-      { 0x675a67a1,0xf52c541c,0x8f5fe906,0x67d38d30,0xf6be988e,0x2a70bccc,
-        0x18589886,0xae03ecbe,0x7067045b,0xecd02616,0x10ca8d96,0x1facdd99,
-        0x30c0735d,0x7aa10a82,0x3328f21c,0x2a27e554,0x00000015 } },
-    /* 169 */
-    { { 0xe6057e27,0x3dd609e0,0xc7a454da,0x87e8b6a7,0x1f32dd5b,0xff599145,
-        0xd0ef51e2,0xea397a88,0x25567546,0xc49866a1,0x3228b480,0xea45c8b1,
-        0xdd01997a,0x3dbe0e77,0xc51867d2,0x0e2ea28f,0x000001f8 },
-      { 0x69d0820b,0x6295412d,0x1ea65a18,0x03173127,0xeb06380d,0xc27c8221,
-        0x75fe9706,0x7ffd4efc,0x5a71d250,0x7b396a57,0xc7cb7543,0x61c80051,
-        0xad4dbee3,0xe07db4d7,0x9b192d45,0x1c7481f4,0x00000143 } },
-    /* 170 */
-    { { 0x08e1cc4d,0x5eab2d04,0xad2dc1ee,0xe93758d3,0x5c9c7393,0x0ceb7dfe,
-        0xd3379683,0x530d86a9,0xe24f86d7,0xef5283ca,0xf0b1bb0b,0xab5d1a64,
-        0x54db4e3c,0x96aabc1f,0x3bc00c59,0x3e3d87cc,0x00000144 },
-      { 0x1d60e7b0,0xe50a8213,0x5d33d018,0xfc9b629b,0xfd05338d,0xc54aee42,
-        0xe821c6ea,0x0678f2c0,0x06ac09cb,0xe5c9d75f,0x53018df6,0x83357513,
-        0x0bf8c667,0x81ca6fac,0x9d0ae2dd,0x7fc8020e,0x000000e1 } },
-    /* 171 */
-    { { 0x1baaa5eb,0x8add4741,0x79bd8036,0x02cbb759,0xcdffed22,0xd8680c40,
-        0x4e091141,0x1c23a8f0,0x20748b87,0x65d141ed,0x659e9289,0x586a1575,
-        0x5006dbfe,0x7c68d7cd,0x22569a74,0xda0ad0df,0x00000148 },
-      { 0x7f9069d7,0xc8fcc5db,0x5c0531a4,0x2487d245,0xe9a2db3a,0xc5ab4899,
-        0xb4fe9720,0x52bfd538,0xd27f35e4,0x73a04ca4,0xee2dac93,0x7cbbc549,
-        0xff3ee7e2,0x0287229d,0x28da9360,0x3179878d,0x000000d0 } },
-    /* 172 */
-    { { 0x3b66c047,0x89b7e9bb,0x602a3e1d,0x22e65869,0xc8db9c00,0x44f82297,
-        0xd08a74a3,0x0e76aca3,0xfcd398de,0xfbf1a71d,0x8320e66a,0x2fbb6eaa,
-        0x179c9fc5,0xa82d0ebc,0x4e7ab2b4,0x4e00cf6f,0x0000000f },
-      { 0x4890c439,0x424c0e9a,0xbc35a6b2,0x37564a2b,0xd9b7497d,0x95a4479d,
-        0x612de942,0xa1ff3f0d,0xe60d0033,0x358627fc,0x522417da,0x815da8c0,
-        0xef6b8385,0x506104d4,0xf16e96aa,0x800728d2,0x00000120 } },
-    /* 173 */
-    { { 0xab039042,0x976f2372,0x9fa084ed,0x10e6978c,0x58bec143,0xd03fdd2f,
-        0xfe2045c3,0x3200c101,0xb0a5a928,0xe6868f7a,0xe61faff8,0x26c95d1d,
-        0xb7b12265,0xa1e20127,0xc2a5ed17,0x8e63dd78,0x00000089 },
-      { 0x22bba4ee,0xbb6533da,0xf496a574,0x3eff6397,0x14f2a6b9,0x409329f7,
-        0x1dfdd73f,0xa08248bd,0x69bca1b1,0x62f33f2e,0xba2e0327,0x9a177e64,
-        0x75ddf741,0xbc50e993,0x4a56bd1c,0xb87a979f,0x00000095 } },
-    /* 174 */
-    { { 0x67c1f177,0xe83736a9,0x600133c9,0x1b6d3508,0x6eac9a5b,0x9424bb92,
-        0xc27ef31c,0x7a9c01a6,0x122b4870,0xad93bba5,0x9d1ac985,0x9eb94e2a,
-        0xd53f175b,0x511c0206,0x5102d914,0xd13eb252,0x000000b1 },
-      { 0x675a1171,0xcfe7dbeb,0x16c0d2b1,0xb228295c,0x057c88ca,0x8db25b5a,
-        0xd300e9cf,0x73ea9e96,0x269552eb,0xb0e0037f,0x9e0f98df,0xea9d035c,
-        0xd290480f,0x860e49b8,0xc036b319,0xa35e9512,0x00000037 } },
-    /* 175 */
-    { { 0x8f00df48,0xc56729ee,0x11ac8304,0xb89ca7b6,0x8b3a8123,0x497a57f9,
-        0xc21ca3ea,0xe0431b19,0xe2bb3ce7,0x45a73deb,0xadc77819,0x2f86cc2b,
-        0xe5eb3df1,0x5ff005e4,0xdd27dcf0,0xf955dd7a,0x0000005e },
-      { 0x00ee402f,0xe0c22ffa,0x3b30bb4c,0x5b335e2a,0x643cb101,0x542551d0,
-        0x3cd19688,0xc6183f45,0xf0be54b4,0xc6664f22,0x4c20cde4,0xa5f4cfee,
-        0x80a4c475,0xdcaa972f,0x59111ed9,0xde4af200,0x0000019c } },
-    /* 176 */
-    { { 0xd771f428,0x9e9d0bc8,0xe43ca382,0x3ac1ecd9,0xeb93acf0,0x8d5ee480,
-        0x065a2a3f,0x16232f81,0x2f0b8a73,0x1fc04faa,0x025474a2,0x4a8df7e7,
-        0x3bb15f6f,0x51ac4ff2,0xe0950e52,0x66e21b73,0x0000006b },
-      { 0x67a41dee,0x59c98480,0x7b3e2b3f,0x2cfa95ae,0x891454e1,0x54d98386,
-        0xeefca6a4,0xf0dddbdf,0x11e9cb75,0x5f691b24,0xfef208c3,0xa9b9e766,
-        0x18b33cf6,0xe8df1000,0xd1c174a9,0xb8a55ac9,0x000001c4 } },
-    /* 177 */
-    { { 0x5c4cccb8,0xa99f5862,0x2ef4d3ef,0x70bf5209,0x89efc878,0x28f4e576,
-        0xda14206e,0xa2366f96,0x7c52107d,0x90331a00,0xd4a0f0f0,0x478d4cea,
-        0x472a47b0,0xb2899ee2,0x64207549,0xae96534e,0x00000110 },
-      { 0xcced05b0,0x2cc1d655,0x01759543,0xabac3f09,0x8e577cd7,0xbaeb70a4,
-        0x40e98d6d,0x84b00893,0x603d24f1,0x26983653,0x2572173d,0x6e145883,
-        0x611141de,0x1d348b26,0xefa27f34,0xe52257dc,0x0000006b } },
-    /* 178 */
-    { { 0xc947e655,0x92678f33,0x08923795,0xff0fb76a,0x790239d1,0xb2dfe745,
-        0x3cdbb7ce,0xea087492,0x05f6d41c,0x21326db9,0x79dc5588,0x5b1ae9ae,
-        0xe9c31702,0xe145340c,0xa2c38a9c,0x07502c29,0x000000c3 },
-      { 0xc156ace2,0x0c124f11,0x79ff2529,0x2c170fe7,0x6e1171b2,0x60df9a81,
-        0x55de2797,0xa19bca83,0x7c6cc79d,0x1ad927ea,0x1d61f770,0x28590112,
-        0x261c06bb,0xfe80c826,0xaa2642bb,0x4050d338,0x0000015e } },
-    /* 179 */
-    { { 0xeaad87bc,0xc9397829,0x81e84cbd,0xe0ac9367,0x6ade4fde,0xb579c24d,
-        0x690d7f56,0x50b9aba5,0xd14fb0b9,0xf09b29d3,0x25a0e7b6,0xd0684f23,
-        0x606f4ff3,0x0514e9d3,0xe8ad733b,0xe63bdd26,0x00000077 },
-      { 0xe0d25c6d,0x0afd06ec,0x00ba2dcf,0xdd90021a,0x8c5bb398,0x1b025770,
-        0x198ff8fc,0x077f06d8,0xb7e2cd68,0x87d50ff1,0x263a3572,0xef75e057,
-        0xfa925a9a,0xbf257892,0x739d0e95,0x847d3df0,0x00000111 } },
-    /* 180 */
-    { { 0xfec82924,0x52ab9cc7,0xa7220d69,0x1c76dd69,0xa06ef0e2,0xa63527de,
-        0x27183904,0xab3e51c2,0x716807c8,0xf4db35ea,0x748f1246,0x8f3ede0a,
-        0x41156095,0xf1493644,0x874b38de,0x5f6583d1,0x000000f7 },
-      { 0x0b927eb7,0xa39189e1,0xc2e2f127,0xa87c6359,0x7fe966f4,0x0b72c233,
-        0x105e5585,0x102b8382,0xe58c39f9,0x63fee006,0x991b5329,0x3f052ee3,
-        0xcbaff97b,0x7f5b854c,0x5f805060,0x935e5f6c,0x0000016a } },
-    /* 181 */
-    { { 0xdfd88d38,0xf19a0355,0xc549df40,0x555cd8e3,0x04d006e1,0x322729e3,
-        0xfd0b0ce6,0xf16b706c,0x35f2ad31,0xf156dc09,0xf7a3df9f,0xb30c5213,
-        0xa55e5fb5,0x9f29cc92,0x2b858da2,0xa0ecfdd4,0x00000144 },
-      { 0x52658a92,0xb5c115df,0xc4281616,0xbce3ed17,0x7fd92a91,0xa5595f70,
-        0x9cd5d896,0x663c8bfd,0x5a9472b1,0x0776343f,0xb033e1bd,0x14e44ca8,
-        0x1e5c02fb,0x27a1c986,0xcc4ffb32,0xece0f2c4,0x000001b5 } },
-    /* 182 */
-    { { 0x31211943,0x17127bab,0x5684325c,0x44a8cac6,0xd855fc3e,0xd2fe0b88,
-        0xce91eea5,0x47abab0c,0x78ec7d12,0x5d23ddc4,0x0cd9fefa,0xa3986de7,
-        0x82655766,0x32c7b867,0xeeaec7fa,0x3e54018b,0x00000087 },
-      { 0xb38d17c1,0xc96e86f2,0x71fa040d,0x9cbfbd0c,0xf88499cb,0xe111ab79,
-        0xf71ec80b,0x1d47c5ce,0x46c89692,0xacaa3bc1,0x3d316331,0x5f921c0e,
-        0xe768765b,0x31fa081e,0x41eff270,0xd5dafd5f,0x000000fe } },
-    /* 183 */
-    { { 0x4cda1348,0x8af10b9d,0x25c3013a,0xb0769fd2,0x8957c22b,0x450aa5b1,
-        0xf5acf1c4,0x5cafd6c7,0x9fef8029,0xcf71a140,0xee089f5d,0xe12029f5,
-        0x0fbd2ba8,0x9752a8fb,0x6f70cb58,0x61e2275f,0x00000090 },
-      { 0x1fbda16a,0xb70a4ac5,0xf1dfa2a2,0x79910e79,0xd9945f6f,0xba2ce132,
-        0xeb4ba4ef,0x450d59ae,0x4bf2d53d,0x6a8e09b3,0xe620c7a8,0x76010204,
-        0x0a53c6f4,0x63f8943d,0x87eaf56a,0x14c91d19,0x00000132 } },
-    /* 184 */
-    { { 0x490d66c3,0xe54fb120,0xa0dc8204,0xeaed7328,0x04b4294d,0xba014c38,
-        0x31ddc467,0x3f2fa2ab,0x8342ed11,0x70ff55ea,0x23034e0e,0xb18da72f,
-        0xbd8ae3c1,0xadc30dbe,0x3e945a02,0x179bdf6f,0x0000009c },
-      { 0x7484c26f,0x46c928ef,0xef2adbb1,0x206b7db1,0x3f58dda7,0x0887f548,
-        0x4bc7edb6,0xfde4e20c,0x975cafdc,0x484d121d,0x86beec20,0xc5b59670,
-        0xa6d6db67,0xb579aa88,0x41187488,0x22c6d87e,0x00000015 } },
-    /* 185 */
-    { { 0xc471d4ae,0x0a890757,0x43a1da76,0xfef4b1a5,0x6aa701a1,0xb892b182,
-        0x59c65f93,0xbf4d4e52,0xd789df35,0x923af929,0x0b79c3f2,0x3ccb46c6,
-        0xcf4cf130,0x95582ce7,0x257f0ec4,0x7da081b4,0x0000011c },
-      { 0x9aeef274,0xf92c6ae5,0x1437c083,0xe6c5bf4f,0xe13c86af,0xaa74b023,
-        0x2a225360,0xd21dace6,0x22589fa5,0xb3d572b8,0xdfa74b0f,0x3d4a3916,
-        0xb12891a9,0xe76cd8dc,0x59f4cfbd,0xa0391a3f,0x0000019a } },
-    /* 186 */
-    { { 0x203fc3f1,0x054ba69e,0x62106a29,0x09168ccb,0xaad5fa9f,0xb0818540,
-        0xbff7ed6f,0xecb8f20e,0xbef94afd,0x2c80a618,0xb0abd1db,0xe25d8ca0,
-        0x028e0a7c,0x75e67a41,0xd6e95b9a,0xdd7662dd,0x000001b2 },
-      { 0xf289d7ee,0x87dff279,0xeea2205c,0x4d755d59,0xc18adac6,0xaeb0fd54,
-        0x7ec01019,0x3a8c46cf,0xb48d70a4,0x6fc90e7e,0x10b39ef8,0x965c53c1,
-        0x38545a20,0x455777cc,0x57dd023e,0xa33430f7,0x0000016e } },
-    /* 187 */
-    { { 0x0ff53d2c,0xfa9f3949,0xb00349b9,0x8dc91596,0xd5997967,0xf10a5014,
-        0xa8a6b78a,0x4dd72dab,0x8b517b10,0xef5de540,0xa6d39be0,0x142b90bc,
-        0xeda17f70,0xcaeaa3e9,0x06b31118,0xa01689d6,0x0000016d },
-      { 0xf46afff7,0xea6ca563,0x34a5e5f3,0x3945c7ba,0xaa998fd8,0xc1ffe4c8,
-        0xb63f535e,0x42a60146,0xd1f509e5,0x50816888,0x9f8cd0db,0xd1918daa,
-        0x78a36772,0x6505e6bb,0x9cc6dc66,0x4ab03a81,0x000001ef } },
-    /* 188 */
-    { { 0xd376d986,0x06089d14,0xa2dc35b0,0xd0f4e077,0x53ff2c86,0x1c11709a,
-        0x123c3fc8,0xfef4ba45,0x1b656fc2,0x852cd5a7,0x1fefa8bb,0xb57c7489,
-        0x48110b77,0x8f05383e,0x52c5a129,0x4b55d3ad,0x0000004c },
-      { 0xf3827633,0x5110cff3,0xe00afe96,0x086784d5,0x3ead32fa,0xcb387882,
-        0x2b91cd86,0x3dcf4d16,0xe6f3638a,0x078b6a58,0xe8b7fd42,0x33792112,
-        0xee5683e7,0x6964044d,0x28e28433,0x3b84210f,0x00000122 } },
-    /* 189 */
-    { { 0xc3ebeb27,0x6c28a9a9,0x3ef590f8,0xd7bcdcb5,0x4dae7f37,0xe88a2e11,
-        0x726ea7c9,0x033522e4,0x8c141388,0x99d50386,0x61621575,0x59b1aeca,
-        0xfcc564d8,0x719fcfeb,0x1aeb8e36,0x3a577af1,0x00000043 },
-      { 0x6feba922,0xc3f26ce0,0x475a5693,0x5f6c83ee,0x28bf378e,0x7f796740,
-        0xbdc3f6f1,0xd2a5e368,0xa6ed90ae,0x3d034a0a,0x4a47cbd5,0x3b1c3a4c,
-        0x4dce2bc8,0xa4f0aa6e,0x74ca00eb,0x97c7af43,0x000001c0 } },
-    /* 190 */
-    { { 0x79c28de7,0x00377178,0xab9c330c,0x617aa2aa,0x66bc61eb,0x43081826,
-        0x4d78b504,0xe0b5b5cf,0x9870fc72,0xd76a752d,0xd40b7bc5,0x3b4689f5,
-        0x87f2d03a,0xa97fd867,0xfd6060a9,0x6ab7b5ee,0x000001c0 },
-      { 0xffb71704,0xe99eadb1,0x390fe3b1,0x436e58bb,0xab4f19aa,0xeecab82c,
-        0xe0f3d9dc,0xda492dfa,0x6e20ad12,0x2a0f54bd,0x7dbbd262,0xaf89fa0f,
-        0xe8d2eb54,0xdcc50a1a,0xef7d0758,0x9799f816,0x000000b7 } },
-    /* 191 */
-    { { 0x104f98cc,0x9ec46462,0x72aedeae,0x45115922,0x7e62186f,0x7ae93dd0,
-        0x8d6d69b6,0xd17ce026,0xfd43a8f3,0xb5347608,0x7c0ab797,0xe87f1c13,
-        0x139f991d,0x3bf597a8,0xe547e0d6,0xe293a85b,0x0000008d },
-      { 0x8ef668b1,0x0982add3,0x611c9764,0xc54e6b2d,0x1c1d4263,0x3ce76b12,
-        0xeff64e73,0x3134b28e,0x2871612a,0xaf71a9ac,0xba093594,0x31c88af2,
-        0xba9108e8,0x0b649112,0x5cf437da,0x8febc5c5,0x00000113 } },
-    /* 192 */
-    { { 0xc4a2daa2,0x7e9ca589,0x400f608c,0x18ea703c,0xd5175103,0x6f8cd058,
-        0x4abb6f29,0x26493472,0x94296ab4,0x0be553e1,0xac51657d,0x9af9398f,
-        0x4f880ea8,0xe232deec,0x67b1e1b1,0x2f81761e,0x00000137 },
-      { 0x3a20f662,0x51014bc7,0x49ed9502,0x1fb7e77c,0xb62b9652,0x89f5096f,
-        0xa2e8d37e,0x3a659c67,0x5804170e,0x0f2b2a26,0x9ed50a34,0x1674fce6,
-        0xfdc3c00f,0xaaa4537e,0x4ce99d93,0xf3c3bfda,0x00000198 } },
-    /* 193 */
-    { { 0x81614189,0xbab1f5cd,0x24b259f7,0xc7d56c45,0x45fb415e,0xc7baa4b2,
-        0x7af6bef9,0x302bc8dc,0x74b48e82,0x91b770e0,0x9b6d1b1f,0x4a1336e0,
-        0xe6680c97,0x285c1357,0xc7ccb625,0x59bcb813,0x0000012d },
-      { 0x7c019927,0xddad83b4,0x630dfd5b,0xe10f2667,0x31e05d23,0x15dbec5a,
-        0x456ac460,0x2aa6e5fa,0x243cac82,0x46956529,0x4dc8c9e9,0xc69c9c7f,
-        0xe24a4065,0xadb27e09,0xae41301b,0xdfa7a34e,0x000001cc } },
-    /* 194 */
-    { { 0x59cb1a7d,0x176a864d,0x6aefb8ee,0x4d864ca3,0x1c22b0d8,0x0ee83acb,
-        0xd980df1d,0x7e80a6eb,0x7f94ced9,0xf582acc4,0x3a72c115,0xa29cd123,
-        0xc7107bb7,0xce12a2a8,0x4ed80a30,0x0229ca56,0x00000150 },
-      { 0x2f1c180b,0x9774bad5,0xd749aa10,0xd08be998,0x56dbd1ba,0x978c48ab,
-        0x0afbea9a,0x6ed3e3e4,0x153dc5fc,0x8a8be97b,0x9be93ed0,0xadc7f095,
-        0x2cee23bd,0x8d242908,0xdc2729de,0x417523c6,0x00000016 } },
-    /* 195 */
-    { { 0x6c14a31e,0x74eeccf1,0xb2de3c2d,0x488e2534,0x7cec43c3,0xf9bb3599,
-        0x916ac936,0x4210459d,0x9f7e4400,0x71d15c02,0x44553583,0x8c9c7c12,
-        0xec94a467,0xcc97548d,0x3167bad9,0x4ca67818,0x0000014e },
-      { 0x8d0312bf,0x033af055,0x54161e66,0xbd1bf4f5,0xfa41781d,0x259945a7,
-        0x00eef1d5,0x33494da8,0x79c3b8d0,0x6c505ec0,0x1c9f6e69,0x70ae1ade,
-        0x76830aaa,0x0288f0c1,0xa62a060c,0x7f4cfe3b,0x0000000c } },
-    /* 196 */
-    { { 0x057d6006,0x0d8b447d,0xfd71c8b0,0x38b976e6,0xabcf40f5,0x5e77e029,
-        0xf103a783,0x13bee386,0x5e472c4b,0x20a6ac20,0x31fcb194,0x43b045f6,
-        0xc00abf49,0xe5dc1d9f,0xa5556b79,0x28c0bc70,0x000001b5 },
-      { 0x8a8640b8,0xba9d07ee,0xd0e34012,0x25611023,0xbe24ae89,0xc7ce655b,
-        0xfa579dcd,0xe358e524,0x377bbfe5,0x57ce2715,0x3c0947e4,0x64651c6c,
-        0xf4a97826,0x5fbd8d50,0xe2e1c15a,0x6fcdd28f,0x0000008d } },
-    /* 197 */
-    { { 0x5c7202c8,0xb564a2f6,0x5a54b0d8,0x7d634052,0x1434fbf5,0x8414d672,
-        0x1d9830a3,0x8114215e,0x5ef0fbe1,0xc7a758d5,0xe6f57f9f,0x5705dcf8,
-        0xd92269d3,0x5dd49a56,0xbdb49f97,0x8f015d7a,0x000000f1 },
-      { 0xb4799ce6,0x07131110,0x2cbcb7db,0x35bbfb99,0xf7ba21e2,0xc1f00c9f,
-        0xb18f49fe,0x009d6913,0xabcf959b,0x8da61951,0x0d42146e,0x0e687213,
-        0xae5f23f1,0x55832817,0x9ae7386b,0xc9b5bb68,0x00000143 } },
-    /* 198 */
-    { { 0x48c74424,0x423328db,0xd19cb2eb,0x32616e11,0x40d6e217,0xe534192a,
-        0x0cbdc752,0xdd83a94c,0xd733bb01,0x5c623050,0x5b7a4520,0xcd0d631a,
-        0x9a4011c8,0xccdc0a25,0x646e7cd5,0x22f112cc,0x000001e6 },
-      { 0x3e1e4c4b,0x47d6e29a,0x9fb1548a,0xd5f82538,0x4fd3e319,0x7e3705b5,
-        0x0a08b966,0x8c4ce59a,0xd8cbe8db,0xbca749e7,0xaeec3d75,0xcc4496ea,
-        0x8a1a313d,0x17dc723a,0x8ceb9360,0x250ff77a,0x000001a5 } },
-    /* 199 */
-    { { 0xfe29bd79,0xa55a0726,0x4f990b34,0x6574a810,0xaad56983,0x6906946d,
-        0x50d41fef,0x0e580ab9,0x6e6f7f45,0xbc75b514,0xf0f3718a,0x508cc97b,
-        0xa5634087,0x51ba2ca4,0xe64d8910,0x75c39077,0x00000172 },
-      { 0xf77ca6bd,0xf37cccaf,0xbdb18df5,0xe0a0df41,0x019e01f7,0x9f46cff8,
-        0xaa65d72b,0xbe4f3d44,0x6e3663e9,0x7822d8ac,0x3ef9db6d,0x5f37f922,
-        0xabe4a9aa,0x7f0ad39d,0xf69cc8ba,0xa0a57c70,0x00000098 } },
-    /* 200 */
-    { { 0x00fd5286,0xd9c50cf4,0x72a4b03c,0x1ea5b9d5,0x051ae73e,0xf5e60f9e,
-        0x951b3824,0xfe9b5142,0x9fb4d667,0xb034b2d0,0xedc50856,0x4b537a80,
-        0x8cb0022e,0x69ee1012,0x6a548aee,0x7c8b9e5c,0x000000ed },
-      { 0xd933619b,0x746007bc,0x2b9dfe19,0x0ce7668e,0xcc6e2a2e,0xa9eed5d3,
-        0x7eebf32f,0x35a14f5f,0x67cc4f64,0x75cb898d,0x7850c16c,0xcb2185fc,
-        0x45f79c96,0x09874a76,0x27db4744,0x7468f8ae,0x00000139 } },
-    /* 201 */
-    { { 0xc88684f6,0xc5de68ad,0x619a7dbf,0x7c1edaab,0xb27a18f5,0x258d1735,
-        0x8ecd89eb,0xb27e7b65,0xd879f7ea,0x3d8889c6,0x67d5befb,0xa8fdc96d,
-        0x37bad73c,0xc84d86ae,0xce8e56d7,0xc7e91976,0x000001a4 },
-      { 0x6319ffa6,0x5001a540,0x134ec04c,0x0cae64ec,0xd541242c,0x1f69a96c,
-        0xbf2caeee,0x9da259ee,0x28bee805,0x88e7978c,0xb8e890e4,0xe9484beb,
-        0xfb227fd9,0x0e5246d0,0x625d6318,0x8be2a54a,0x000001b7 } },
-    /* 202 */
-    { { 0xf472f13a,0xa223554a,0x5733e91c,0xfac993b7,0x96c168a2,0x26afe9f0,
-        0x4b127535,0x7cfe761d,0xe77070ca,0x84301873,0xc7e7cdf6,0x66b6aaad,
-        0xa1562ed4,0xda2dd5ea,0x39faf8d8,0xa81a2e00,0x00000016 },
-      { 0x4e3de3bf,0xa880759c,0x52f3088a,0x0c1e2e11,0xaa7eba5b,0xcb2ded9a,
-        0x9f9c11ca,0x4c65d553,0xb0dc5c19,0x0ab9bd87,0xca3f4b61,0xd32f8c96,
-        0x28cb5f9f,0x49842fcc,0xb90e21df,0x31ae27cc,0x000000f4 } },
-    /* 203 */
-    { { 0x6a0ccd0a,0x3b2a0a0d,0x5993b555,0xa3eeec82,0x9de672a6,0xb13486fd,
-        0x0da05dcf,0x8d9c5148,0x6739874d,0xc4aa444d,0xe29a35c9,0xd9cf35b2,
-        0x89177ead,0xd6bd9b5f,0x2a0470a1,0x9af0f59d,0x000001d6 },
-      { 0xba7535fd,0xb2f844c7,0xa842ff39,0x45bd4c3d,0xe951974b,0x5fe149ed,
-        0xfd4453ec,0x6982e997,0xe6c37c0e,0xa63f705d,0xd2c3ef6a,0x09b0f6a9,
-        0x1776a8d6,0xbedd3586,0xede11b78,0x4048a46a,0x00000176 } },
-    /* 204 */
-    { { 0x51a251d1,0xa47c6ee5,0x0d279dfd,0xbef4bf12,0xec518a28,0x4c2d538c,
-        0x3880be6e,0x1b2b7887,0x1be9b20b,0xc69ccf8e,0x3796a19e,0xe41dfeae,
-        0xfb50bdea,0x25676fc9,0x03e180c0,0x8b815a05,0x0000016a },
-      { 0x53f5ef65,0x2ca085f6,0x77b25105,0x61dfbbf9,0xa3346fe6,0x88ea87e3,
-        0x1b95f7ef,0x25ddfdee,0x5b65eaec,0x22074e69,0x4c2e023b,0x11869a15,
-        0x42e83bb5,0x8601b577,0xfa877e7d,0x1464652c,0x00000015 } },
-    /* 205 */
-    { { 0x57fa58f1,0x250853c8,0x4ca4c670,0xb58a4e68,0x1b81f40d,0x07b96d0a,
-        0x558e8cbd,0xa4651e10,0x42e388cf,0x1a64046e,0x44436088,0x51b0d539,
-        0xe26b8fd0,0xc2bf35b3,0x5702cfce,0x4ae78709,0x000000fd },
-      { 0xdf53d498,0x3c79bc29,0x1137f624,0x4cf31c4e,0x17a3cedf,0x93b6856c,
-        0x6cd9115d,0x2461131c,0x9228cddb,0xab30a453,0x8d202bf1,0xe97757b6,
-        0xe6108612,0xa666de7c,0x4f6026b4,0xc200fe65,0x00000051 } },
-    /* 206 */
-    { { 0xb1a2b4b5,0xea96103c,0x843c0968,0x98dccbfe,0x986ffb5b,0x6a37072d,
-        0x169d3ac2,0x2fa07af2,0x771371f1,0x8bb85b9a,0xe7c299ef,0xeae10d34,
-        0xe2372efc,0x3d4bdc69,0x8dd856f1,0x378df75d,0x00000039 },
-      { 0xde7ff5d9,0x31e902ff,0x325a09ca,0x0e9a85d2,0xf4192fcd,0xd71b93a6,
-        0x15b076b3,0xf52a5737,0x6e711d1c,0xd726aa86,0x2c292819,0x0b61b1df,
-        0xc8015de6,0x224e575c,0x18b79e47,0x68e893e1,0x000001dc } },
-    /* 207 */
-    { { 0x6ffeda73,0xb7924ff9,0xa0da2018,0xe709f406,0xf89584df,0x368e20ea,
-        0x8355a040,0x0095112e,0xfd777d7c,0x259d4528,0x2bf8f2c8,0xb0c49565,
-        0x44c5311b,0x7f631928,0x8466d9d5,0x698d0e4f,0x000000d5 },
-      { 0x015d204d,0xe10d64fa,0x6dd10c53,0x7b626bfa,0xa7698c94,0x087f8e63,
-        0x05337a56,0x525a6547,0xdf5c782f,0x558e2244,0x855fbaff,0x48aa1e41,
-        0x47ee3830,0x48f2218e,0x138463d3,0xf2523959,0x0000004d } },
-    /* 208 */
-    { { 0xd8695310,0x76f4fd69,0x7e8768ea,0xe28eb09f,0xe0d532a8,0x039c1812,
-        0xc572ac79,0xdda67744,0x785d6293,0x1f9800e0,0x3da76bb2,0x2bfe2a5a,
-        0xa2bc7217,0x6ed15b90,0xd1788a8e,0xd80e61bf,0x0000004c },
-      { 0x16730056,0xb9f40370,0xdced3d43,0x46f45fef,0x1aa50742,0x0afd763c,
-        0xff92ae73,0x21e5c652,0x1bb2063f,0x6ef0830d,0x12d22540,0x18306ecc,
-        0x1f15001c,0x4edd9b3a,0xc0cc5424,0xe4eb25b8,0x000001f4 } },
-    /* 209 */
-    { { 0xa1db5c18,0xed61a714,0x7677074c,0x9454e61e,0x7bf685de,0xe970fbe5,
-        0xd2145be5,0x221b0c53,0xee49a5f2,0xb931881b,0x14b11d03,0x00b91afa,
-        0x3ec22137,0xc6aefe49,0x526200af,0x50554e94,0x0000013c },
-      { 0x7364c92e,0xd42c45e7,0x735218e8,0xe0500265,0x84d3f3c5,0xd281da02,
-        0xdbf7646b,0x312f8424,0x485f304f,0xe1a88f2a,0x1127a513,0x583f5631,
-        0x1a60e0bc,0xed7950c7,0x4b7b70a4,0x92855e10,0x000000c6 } },
-    /* 210 */
-    { { 0x644614e7,0x8d06185c,0x4749a424,0x2e906cae,0x2587e528,0x585412ea,
-        0xd12857cd,0x3763990a,0xba5593b5,0x770c7f70,0xdd5d2a46,0xc2cf6dc4,
-        0x3b69a1ba,0x564da456,0x187895da,0x639f7e14,0x000001c8 },
-      { 0xf8589620,0x05c96b02,0x41e44054,0x2fe468a3,0x096ad09c,0xbf22da11,
-        0x9c652aee,0xbc73c298,0x547e1b8f,0xcdef9f8b,0x977dbf73,0x7073785a,
-        0x7e13552d,0x0a92a1aa,0x3a393d3f,0x22761140,0x0000015b } },
-    /* 211 */
-    { { 0x1fbfaf32,0x89a5a7b0,0xbe661d21,0x5c5a62d0,0xf5e3b44d,0x47970f5e,
-        0xf43bbf62,0x3ea001ed,0x260ae5a0,0xa8e74285,0x2697c62c,0xeb899ebd,
-        0x751a7643,0x36a003e6,0xba0725a6,0xef178c51,0x000000ea },
-      { 0x9bd51f28,0xaacf8e9f,0xa8712044,0x39febbdb,0x5bfc8365,0x8780ad3a,
-        0x10e6f08f,0x408a34cd,0x8241ab0e,0x8104ca10,0x98a662a1,0x843e71ce,
-        0x232048d6,0x9dce8514,0x1cf3d187,0x5cba23be,0x000001fa } },
-    /* 212 */
-    { { 0x2973a15c,0x2fe8c9d2,0xd42979f3,0x66fec8dd,0x0b6afb3e,0x39af4a39,
-        0xab65ef22,0x0bb1e436,0x66c5fcdb,0x8f26201e,0x5af4870b,0x3cffe8a3,
-        0x2bb44e24,0x65ae286f,0x51dd1722,0xda2e283a,0x00000114 },
-      { 0xc1e3d708,0x4a9c9a56,0x1cb0efa6,0x4fe62d3f,0x97e87540,0xf0702984,
-        0x3cea46fa,0x138b7d6b,0x83886263,0x0780634e,0x71c30909,0x27e84280,
-        0xe5838647,0xf0af79d7,0xb236a267,0xc1b86582,0x00000104 } },
-    /* 213 */
-    { { 0xa526c894,0x32ff09ed,0x14ac7d23,0x95abf120,0x3cd92934,0xb6f94dcd,
-        0x92e6b556,0xffaaeb12,0x1036c31b,0x193796ea,0x707ff32e,0xa9d237e7,
-        0x829d67b8,0xd65a5b0d,0xdb29248b,0x48edb556,0x000001b3 },
-      { 0xded46575,0x6ee9f9b2,0xffa69acf,0x496ca08a,0xf16d37d1,0xd5aeb3a1,
-        0x789e5d01,0x4a507db1,0xc827cc45,0x05e2ce29,0x2964e677,0x29b6e4a5,
-        0x4c0e46f2,0x0563b0ba,0x4bc46485,0xe75c2448,0x000000a3 } },
-    /* 214 */
-    { { 0xd2f6615d,0x0fcb476f,0xd98da9a9,0x4b7f9b78,0xd2bdf107,0xe2fddf1c,
-        0x9b956f31,0x2bda3086,0xb596eadf,0xf3cca2f7,0x355b2538,0x91c09f8b,
-        0xc6c846db,0x46f3f6f3,0x2a14642e,0x9bb9398e,0x000001ff },
-      { 0xa17bd645,0x5118d4f5,0xdbd6d552,0x57033eab,0x734d0957,0x007e86fc,
-        0x5f53c435,0x98ca065f,0xfd27dd19,0x9949d9bf,0x6952d1ca,0xddc4e304,
-        0x81ac101c,0x84cab4fb,0x4a56b007,0x46d079f9,0x00000003 } },
-    /* 215 */
-    { { 0xa6bfdedd,0x95eb8e4f,0x7a74c6f9,0x993a285e,0x3d09a252,0x8bd5d4d1,
-        0x19a5f767,0xeaa10be6,0x0cebb340,0xd3db083e,0x1dbf7a83,0xc633a78b,
-        0xc30f23e1,0x2664bc3e,0x07a08379,0x6630f8f1,0x000001c9 },
-      { 0xdef86a80,0xbbf4cb4b,0x3f8259ab,0x1fa4ec78,0x609532c8,0xa4bf7604,
-        0x8b909e92,0x71bb7acc,0x17884160,0xca1d7317,0xca1ab928,0x7f7f14be,
-        0x5f8455a5,0xbfea016e,0xbf21e899,0x7b8c76b9,0x0000002d } },
-    /* 216 */
-    { { 0x4b9f8e7d,0x46860563,0x63fc58a8,0x201176b7,0x2feed68a,0xe7a5da7e,
-        0x65183190,0xcc67763e,0xe9377ad6,0x7d7d0102,0x77032321,0xccfc4720,
-        0x534bb505,0x573ee031,0x0f1a2769,0x1bf1ef8c,0x000000f3 },
-      { 0x0c935667,0x635f5c4b,0x060d2b8b,0x74152c39,0x37c3a574,0xeffaac2e,
-        0x0b72e0cd,0xfd5fcc4c,0xf4f60247,0xb743f9b9,0x79e16f33,0x05c2e354,
-        0x3074ef9c,0xa2234c47,0x495aace3,0x4092f279,0x00000124 } },
-    /* 217 */
-    { { 0xb30f9170,0x5bfd7851,0x37fce5b1,0x715aa1e9,0x928437b9,0xcffd55e0,
-        0xc32f1273,0x88acd259,0x48be1e34,0x5a145cf2,0x7a5bc62b,0x3a340860,
-        0x18156f46,0x6296eb15,0x2774e1c3,0x397fad19,0x000001e7 },
-      { 0x9c8225b5,0x362f99f4,0x46b77c4d,0x33efce49,0x8541e91b,0x451df530,
-        0x38f3d693,0x0bd2d934,0xe727b54e,0x0b5de2d6,0x7622d940,0x42d929c2,
-        0x56f6a94b,0x36ace723,0xfccaf205,0x64a18cd5,0x00000044 } },
-    /* 218 */
-    { { 0xaba95d63,0x8dbe0aab,0x7b4b346d,0x92780c61,0x0e0d8142,0x6430f863,
-        0xb56ef04c,0x875be02a,0x785e3633,0xc28feb95,0xc12c93e4,0xd5401795,
-        0xe36f82a3,0x89ff51c1,0x10eeafd6,0x3c48c895,0x0000016b },
-      { 0xd4f064be,0x79287eba,0x54ebda99,0x1a77d555,0x623727ea,0x46745ef2,
-        0x89f366c6,0xa911f591,0xc59d6ebd,0x7e5435cd,0x7524d213,0x3a84daea,
-        0x4395b38d,0xc7b1dd1c,0x1a823c49,0xca13e704,0x0000001c } },
-    /* 219 */
-    { { 0x874d64b0,0x6399860c,0x1653ce0c,0x3375b092,0xeaa11986,0x16700000,
-        0x621cd15d,0x62c67909,0x77d70dcd,0xbe1d7dd6,0x305bd4cd,0xeff0f270,
-        0x362f8f30,0x076ec621,0x7e445b78,0x81204816,0x000001d8 },
-      { 0x161f9758,0x81749a0e,0xa3c4fce2,0xe60915fe,0x911dd8af,0xf537ce41,
-        0x79a51a09,0xfe36a8ac,0x2ca5cf8e,0x67fb54b4,0xe49057f5,0x1bdcae07,
-        0xa4244b64,0xb71ff0c5,0x4b606583,0x4815a536,0x00000106 } },
-    /* 220 */
-    { { 0xef39cc39,0x78c69c3e,0xfa6356d1,0x98304564,0x412fb990,0xbd3c3542,
-        0x79dbb2a5,0xa1d531d3,0xe7e75e3d,0x4865f188,0x0b0147b1,0x2dac4e22,
-        0x33d29ab0,0xf59e51ca,0x37b074ef,0xc964f7fe,0x000000f1 },
-      { 0x0e301262,0x7080c0a6,0x5390a22d,0x9a458060,0xcc8a9029,0xda677f9a,
-        0x14c0f1c2,0xdfae9057,0x6e66d9f7,0x3665ff16,0x47846924,0xc866dd8c,
-        0xc4cc307c,0xc5afe98f,0xe0bf50e4,0x60e3ba63,0x00000039 } },
-    /* 221 */
-    { { 0x959ecdb3,0x1a785136,0xf9e959be,0x289af617,0xcde0dc88,0x5145b2b8,
-        0x7c079e15,0xfe9070b0,0x50e22415,0xf77f04d3,0x358d6d42,0xb3ab7372,
-        0xba7b629a,0x14fd41b9,0x7400fd25,0x7b32d80e,0x00000193 },
-      { 0x7147886f,0xe5d80d4d,0x576c81ca,0xe08ced61,0x642717bb,0xe14e8692,
-        0xabb4bd21,0x9dcdf198,0x6530308b,0x658be646,0xd99d19c7,0xfbf192da,
-        0x304ab126,0x55a3d1b3,0xfa24de31,0x943f4be5,0x0000000e } },
-    /* 222 */
-    { { 0x7fe9ea48,0xc5424058,0x61b57486,0xaf24f825,0x78719740,0x9d2c413c,
-        0x70eb874d,0x27a9be79,0xb62ba3aa,0x43fef8e0,0x2c1bf0ac,0x0a23f286,
-        0x4af130e1,0x51c276f3,0xae55cebf,0xf6cd1e9a,0x00000185 },
-      { 0x40369093,0x24defa7f,0x58581e0a,0x11f1d9d6,0xe512ed9e,0x9900bf33,
-        0xed120896,0xbf8a8459,0x8b73c399,0x8324555e,0x8f6f54fe,0x54a30569,
-        0x3c252355,0x2a9d6da5,0x2a093b31,0xe6a6f904,0x0000016a } },
-    /* 223 */
-    { { 0x152cdd35,0xb2e123c9,0x86402ef1,0xae6e43a8,0xb9ce5bd5,0x892bf0df,
-        0x75804914,0xb4acb84a,0xf502eec2,0x8c7f55ff,0xaa33ef4e,0x9c8a7b93,
-        0xfd9d2001,0x06b10357,0x0ba3bceb,0x3e319ff0,0x00000027 },
-      { 0xabe360a3,0x182c2f77,0xadfefca6,0x57ef5c84,0x650b6fcc,0x9a4f0ca6,
-        0xaaf0b202,0x3f4f8e56,0xa24ef156,0x5c8508a0,0x1ea45f13,0xd8f62fd9,
-        0x28036dbe,0xf2c923a0,0x1a4d103b,0x4a9ca4c0,0x0000018a } },
-    /* 224 */
-    { { 0x5448e339,0x2a3fb798,0x18a39976,0xde8770cf,0x7a69170c,0x1160574d,
-        0x2b6067ac,0x4bb05c59,0x848138ab,0xde0d2db0,0x4909e794,0x149dab92,
-        0x790315f7,0x83a336b6,0xa335a258,0xcd9074d9,0x0000013c },
-      { 0xac1b784d,0xe839c5e0,0xee527ae1,0xab65c8c6,0xa1c88ec0,0xd3c86146,
-        0x46c1bf58,0x2201f790,0x3fda502a,0x71cec627,0x225b9065,0xff3f88eb,
-        0xc556dfcd,0x6c1f0c98,0x484fa5cc,0xaa3222aa,0x000000ac } },
-    /* 225 */
-    { { 0xc9b4dfd6,0x17e74bc3,0xf8e76293,0x25ba8053,0x9d8c3520,0x0307dc05,
-        0xb85a20b4,0x1c9036cc,0x23871359,0xf2c63f0a,0xca95fb4e,0x1a99d9d8,
-        0x9850c6c6,0x3d7c4f39,0x68299668,0x162969c9,0x00000169 },
-      { 0xcb63ee53,0x7d13c267,0x75eac353,0x67b12e61,0x191abfca,0xb3369a11,
-        0xee1af69f,0x5ad0649d,0x11dc11e7,0x4d7a6f00,0xdb9f9765,0x80f030b8,
-        0xf0ab1332,0xa20001a3,0x39d8cc62,0xe17c98d2,0x00000194 } },
-    /* 226 */
-    { { 0x1d8fe898,0x720d80b4,0x32184534,0x8d7a28b7,0x04f21740,0xf1f3c385,
-        0x166aa6af,0x5d381cd5,0xcc560e35,0x9cde6084,0x5e61e2cd,0xcb041f0a,
-        0xd9b4951a,0x621116f5,0x7ee2ac2c,0x509e16d3,0x000000c4 },
-      { 0x2c6fd79e,0xb82a20c4,0x3af78b0e,0x95b7ee4e,0xbad819ca,0x3d9b63c1,
-        0x98552569,0x10d674de,0xf9c19d0f,0x17de64b2,0x47c5e6a9,0xa03fabaf,
-        0x2ce2db6f,0x858bc4ad,0x1fc9d18e,0x76c2380a,0x000000c9 } },
-    /* 227 */
-    { { 0xb064f114,0x91171ef8,0x4f2f0f4c,0x83cb1565,0x57b262b7,0x30525854,
-        0x0f34936c,0x468c6701,0x99a41fed,0xef26d2fe,0xa7f7f6a9,0xf6da2267,
-        0xa01bfc1b,0x2563b8db,0xc340ed40,0x14b36c85,0x0000000e },
-      { 0x25db67e6,0x5e57e264,0x7f2e905f,0x85df4e89,0x026c4268,0x7832e514,
-        0x3e875093,0x312be262,0x3c538691,0x856b5bd8,0x95734f9d,0x5b1cae55,
-        0xd5aa4861,0x5a07bfe2,0xce8abb58,0x7a4c96f0,0x000001d0 } },
-    /* 228 */
-    { { 0x523aa2e9,0x7bf54d05,0xed3d0860,0xc8841e0c,0x7f9bfb69,0x5683f6e2,
-        0x162bdf85,0xdcb07f44,0x07b0dcc9,0x62d17839,0x657a536e,0xa2cbb8ab,
-        0x7cf47d3c,0x98b9a0d2,0x5eea6370,0xff154d68,0x000001f2 },
-      { 0x56b232ac,0x568b768a,0x3f2a52ab,0x4e8d6e36,0x8837fc60,0xbae87a16,
-        0xd10a7691,0xebc58a83,0xf9455fbe,0xad5e4af0,0x7d654e2e,0x1a20d6c3,
-        0xda7c8255,0x8c40fcb9,0x60d9b931,0x6d7b3cd7,0x000000b2 } },
-    /* 229 */
-    { { 0xbb2eaf45,0x7b090c3e,0x62ffb92f,0xed24d91c,0xa736f23d,0xbf2a3ea4,
-        0x6ff0fde3,0xb5b99ebd,0xca1102f5,0xbca2b55d,0x07e032a8,0xf6203cd8,
-        0xa8bf17a8,0x5410b448,0xe1dc55b1,0xb86660a7,0x00000109 },
-      { 0x02a2fbd8,0xb148b1da,0x3b22e8a5,0xfed85e8b,0x8712b509,0x1378a0e4,
-        0xc6a3e516,0x68560148,0x1633b503,0x7100921c,0x25512711,0x93925143,
-        0x07d31047,0x7b4931d2,0x8542e0bb,0x623e722b,0x000000ea } },
-    /* 230 */
-    { { 0x24972688,0x084823d3,0x003f5762,0x58b83c12,0x6d0d4528,0x194d6690,
-        0x2c6f747e,0x84219584,0x0146d89a,0xc8f8a2e9,0x7451bbc2,0x29ec1de7,
-        0xf7f284fa,0xf622b6b8,0x7b71e44f,0x83f1dbe9,0x00000060 },
-      { 0x999dd56b,0x99649333,0x97a47de9,0x2cfac0ba,0xbbe8fb20,0x6660d8ae,
-        0xf61d7bca,0x47c29dd8,0x85adc14d,0x6f5fb51d,0x4f9fd41c,0xe65ac788,
-        0xff513e6c,0x1ce69dd4,0xffe59d3e,0x1ace591e,0x00000023 } },
-    /* 231 */
-    { { 0xa9fda771,0x2e67a438,0x8663100e,0x626f652c,0xe133f23b,0xdfb19e48,
-        0x035d2d1f,0x599f88f2,0x8d13e878,0x1723a112,0xfb51ce07,0x890aa292,
-        0xbbd9ba82,0xe5f3a70e,0x374514b4,0xdde82673,0x00000155 },
-      { 0xd6f59a95,0x08b2b77e,0x02020420,0x93f853e3,0xebac7797,0x52252ac1,
-        0xb56b6676,0x6ecdcb99,0x9722a500,0x4abdb9f9,0x04e2bad0,0x26210f3f,
-        0x3034dd4d,0x0ca5a0ff,0xdac0b80d,0x333d8080,0x00000041 } },
-    /* 232 */
-    { { 0x35a85a06,0xe8510709,0x42ef1b44,0x4e166e76,0xa07b3a6d,0x84a90b71,
-        0x30329e6a,0xd6dd6c00,0x3d555259,0x20c4ba65,0x6f8ad05e,0xee3b26af,
-        0x2ab4cccd,0x20e3d541,0xa9406424,0x79798934,0x000001bd },
-      { 0x8e0c7ff0,0xf2a1d184,0x9543b340,0xbae85efc,0xf51d318b,0xe96431ae,
-        0x75878fa6,0xe5d3ed4e,0xc2895f52,0x4d2a29db,0x1f11067c,0x3af27877,
-        0x9e7f4ee5,0x6ccde964,0xa56d74da,0x35188da1,0x00000192 } },
-    /* 233 */
-    { { 0x03d310ed,0xb0832120,0x987b0311,0xd20ee8cc,0x84c558a8,0x9e549d26,
-        0xb7167ec8,0x5e25f3ce,0x4bf55bb5,0xacf114f4,0x061c9017,0x819edc77,
-        0xdeb343c0,0x759a44e6,0x04c9b5ed,0x58df9f7e,0x00000078 },
-      { 0x3bf13222,0x4fa47ebb,0xea07da11,0x1e451dcd,0xc0d8242f,0x1be9fac3,
-        0x36eb871e,0x93257d4d,0xbea3190d,0xf49e775a,0x4ebe2b33,0x406d191f,
-        0x0c110096,0x67aac53c,0xd381ac78,0x5215cf8b,0x000001f4 } },
-    /* 234 */
-    { { 0xfa493b79,0x387e8a8e,0x4eb1c2ac,0xb20e270b,0x9ff22320,0x9f393fa0,
-        0xa91c393d,0x5ee1baae,0x138a8d96,0xdeda961a,0x97bd50e4,0x69ab238c,
-        0x2363c8e0,0xff68d48a,0xce4c4c16,0xaf8e00e5,0x00000158 },
-      { 0xcfc509a1,0x6ccdcf06,0xc26cc075,0x60f411ef,0x4d9c57f0,0x6d0cdfd6,
-        0x32e99cac,0xa9514853,0x8b8e9510,0x58f9ab3d,0xb10dc3fd,0xa7e98709,
-        0x75ef3509,0x8390843d,0x5a9312c7,0x28ccc9d0,0x000001b6 } },
-    /* 235 */
-    { { 0xe341463f,0x1d934f00,0x150da7a0,0x14c8a6ce,0x4109553f,0xdb4860fc,
-        0xa93f4a91,0xc23bde5a,0x2cd58067,0x9f47c787,0x8433dc80,0x1d330054,
-        0x75a32a7d,0x0c0be7f9,0x88c75da9,0x08b777d5,0x0000012e },
-      { 0x61a10d37,0xdfc12817,0x5c50f5a5,0xed7b6181,0x79477c60,0x28af95db,
-        0x33c5310b,0xa0aa2b77,0x53118267,0x905faab8,0x6b41959f,0xf40e9816,
-        0x16b37784,0x9ccb4252,0x69866acc,0x6835d77c,0x000000c5 } },
-    /* 236 */
-    { { 0x2b450a66,0xe9d714cb,0x7dbfdc14,0x1318885c,0xb466a0c0,0x655a8d85,
-        0x5bdfc1a6,0x02a21e99,0xe67792d1,0x7a0d7c98,0xb550a797,0x2a01bb57,
-        0x5d74d337,0x42c46233,0x88dad495,0x7be4e1c0,0x0000008b },
-      { 0x95812273,0x1873b03f,0xee3f757f,0x2e26ed32,0x6da6217a,0x2c710eae,
-        0x261d9f4f,0x9b50b574,0xb7c1da2d,0x43971fa9,0xc4a85de7,0x22c4fb87,
-        0xec22137b,0xf72c3451,0x77ba1926,0x1345668c,0x00000173 } },
-    /* 237 */
-    { { 0x8a3ba183,0x3e3e8c7a,0xfe389fa7,0x4e8cebbb,0x0f9ba60f,0x8ea44687,
-        0xcb601a83,0x55176e35,0x12e52db4,0xf90bdc26,0x8f712bf1,0x95f9e459,
-        0xbea054cd,0x9bd3200f,0xdd5fd40b,0x2cf19bf6,0x0000017a },
-      { 0x66736feb,0x71cf6ca2,0xde7cfe2f,0xbde86f49,0xfc290563,0xc60abce8,
-        0x726b6e4f,0xaae8a3ce,0x3f29235b,0xd2382445,0x650ffa5e,0xa4b557f5,
-        0x113ef744,0xa1453e54,0x3e426dd2,0x7c676a53,0x000001b0 } },
-    /* 238 */
-    { { 0x35d96872,0xf5e603f2,0x3fa5b8ca,0xab1a23cc,0xe988dc5f,0x5459871b,
-        0xd430c0bd,0xe32e8489,0x764d9cc3,0x7ec269e0,0xf2c0c40d,0xf7238212,
-        0x887b83b4,0x2d946183,0x2f18a411,0x281fa671,0x00000010 },
-      { 0x64858b37,0x8028048f,0x357de5d9,0xe0e149af,0x619ebb18,0xb2218791,
-        0x9f2b0ba0,0x210200b3,0x1039cbae,0x5a87eae6,0x39579d1d,0x4efdcddb,
-        0x2788515e,0x1b388eaa,0xc81878aa,0x1a552c3c,0x0000002c } },
-    /* 239 */
-    { { 0x0ea723dc,0x7ac7f500,0x42b15231,0x0a5f04f4,0xbe885c86,0x63d49445,
-        0xff119702,0x61f9993f,0xc4c58cea,0xc3fba45c,0xb9cd6036,0xe6d151e6,
-        0x57b923bb,0x75a3ab15,0xceb2fd46,0x4ec07c52,0x00000147 },
-      { 0xed88239d,0xc46a3d32,0x835ae694,0x0d1b8ae6,0x9feeb2e7,0xf4fde325,
-        0x43bc0bb5,0x223bf71c,0x8f62a705,0x3cd220b7,0x9fe799a5,0x2224860e,
-        0x24ab7f93,0xd8558703,0xb594958b,0x8e0f7330,0x0000010f } },
-    /* 240 */
-    { { 0x3c67d520,0xaf35c7bb,0x23fca9ec,0xd8f4958b,0x8bbaa808,0x0778f194,
-        0x2135e8ae,0x418c30ce,0xc888eff7,0xcdd8d9a9,0xf73144ab,0x72075df0,
-        0x4506a534,0xb549c895,0x5fbb7fc5,0x4ef38979,0x0000011c },
-      { 0x43f5e698,0x3fe2c9ac,0xe38a5e3a,0xce77fcbc,0x3089c2e1,0x6d05c90e,
-        0xac1d5801,0x5a74f3ff,0x381b9d2a,0xaeeda220,0xf5f3960b,0xd958b143,
-        0x0db7abbe,0x65ffd051,0x7a05b718,0x8e97e680,0x000000ce } },
-    /* 241 */
-    { { 0x8ce86a83,0x2251e61b,0xbf7e7160,0x8604159f,0x48f03377,0xfc127dd7,
-        0x45052242,0x87cb2c37,0x934ea09b,0xbd4950f4,0xc4679441,0x5146c403,
-        0x23ba416a,0xe8ad4710,0xaf638eb1,0x89b81a60,0x000001b3 },
-      { 0xe8150c69,0xe699934e,0xe27c14bc,0x74f75908,0x6a0194ff,0x5dc0a891,
-        0x1bd51b76,0x38f49d32,0x18779630,0x6bc3305e,0xfd3b4a68,0xfe2f3fbf,
-        0xd7caf189,0x1409b377,0x9b8f109b,0x029ea13b,0x000001b3 } },
-    /* 242 */
-    { { 0x25a2fd88,0xef7938d2,0xceba0603,0x890f2f7c,0xd7a6dff4,0x4c3e1c80,
-        0x2883f986,0x00c78f36,0x998e5305,0xed92b592,0x325ddc73,0x018a8f1b,
-        0xd5d3708a,0x6dffd987,0x0d1f28bb,0xdcd3554f,0x00000059 },
-      { 0x23a74e7d,0x17c6e41d,0x5db32df6,0x94b61ebe,0x9e7ffa0b,0x3c2fffa7,
-        0x2ebb7a0d,0x473662b7,0x01adf9c3,0xa86415ee,0x54679264,0x1502c326,
-        0x2fa09c57,0x16911349,0x24749086,0x897f34aa,0x00000195 } },
-    /* 243 */
-    { { 0xabadc253,0x4845d359,0xc797c95e,0xe054b92c,0x9a218212,0x22a9b5bd,
-        0xa52b8827,0x9bb80a5e,0x2e61c676,0xea38e78e,0x08b0f8b3,0xfb274b1a,
-        0xdb9d854c,0xb6aa42e3,0x56012d73,0x8ba22523,0x00000163 },
-      { 0x75c8c576,0x7cec0e6f,0xe4bc7dd2,0xabb20e7c,0x69d80726,0x0958a0c8,
-        0x8a023eb7,0xa908c66a,0x76110b15,0xca9f50ea,0x186f61a6,0x668c9994,
-        0x2a0a69d8,0x9ddf22ed,0xbbf8a10f,0xbfee1897,0x000001e0 } },
-    /* 244 */
-    { { 0x48319e4f,0x26d86818,0x5a586fa0,0x6be6f6b5,0x26713265,0xbef5d886,
-        0x98529cfa,0xac252ac5,0x62b29cfb,0xe7cc45f1,0xa2a6358d,0xee050609,
-        0x2940ac70,0xf7cb9ca4,0xa885b1f0,0xfb44aaec,0x000001ad },
-      { 0xe798678e,0x66b7a936,0x99540438,0xca01e103,0x816860b7,0xf2491e37,
-        0xb745d857,0xeeffd483,0xa4705ed6,0x5dbb3628,0xb2a5d0f7,0x57d68d49,
-        0x2389fee3,0xd1a8529a,0x1a7fd686,0xdbbc2549,0x000001ad } },
-    /* 245 */
-    { { 0x969686a3,0xe10cba20,0xe3c053f5,0x308b1c55,0x26f47102,0x1712b134,
-        0x49033038,0x1f9165b1,0x2d01527b,0x45b72017,0xaa9a34e2,0x6fcf6647,
-        0xb0be35c8,0x51f54b94,0x5a15e382,0xfccb22a5,0x000000e3 },
-      { 0x5b4dc0be,0xaa71e4ec,0xdb1cd5c4,0xbb136248,0x046e1007,0xf36bff43,
-        0xda9c99a3,0x5a6806d7,0x8349bc50,0x9cbfc6ee,0xe13e0850,0x26871e73,
-        0x67f448c1,0x5e6aa227,0x2da7baf9,0xba77787c,0x000001b9 } },
-    /* 246 */
-    { { 0xc5a73375,0x1abe58ee,0x7a8ac438,0x175df69d,0xceca835a,0x2cf3150a,
-        0xf507d30f,0xb87b0609,0xc60b0424,0x9ae53a2b,0x410f90ec,0x4931e182,
-        0xadd689bb,0x452c7d0f,0x47631a8e,0xab453491,0x00000013 },
-      { 0x8c84f3af,0xaf2dd856,0x1baae33e,0x829dc092,0x8b96b070,0x46542a85,
-        0xe8a82516,0x42260d40,0x5c35322b,0xb9e5edac,0x39eda0d2,0xbca79560,
-        0xb962b90a,0x86bd07c6,0xb1ec5302,0x2e22dac7,0x0000010a } },
-    /* 247 */
-    { { 0x239d8f0a,0x665fc09d,0xab8a1021,0x92b2e03c,0x0173477b,0xe4369768,
-        0x8e361604,0xab38ed9f,0x9eb061be,0x79b0091d,0x3e845670,0xcd422654,
-        0x2fe1a2e0,0xa0f77ec7,0x760a030f,0x1d242162,0x00000093 },
-      { 0xf8646bc3,0xfa9f834c,0x40ae96f9,0x7df94a52,0x379177d1,0x901c3890,
-        0xffeb66cd,0x9dfd0644,0x77b92465,0x81aec2ec,0xcd981d4f,0x2df3b7f2,
-        0xf377b093,0xc9bc3f69,0xdd859d8b,0xdaef34f3,0x00000125 } },
-    /* 248 */
-    { { 0xa2c123bc,0xac08451b,0x0818fa54,0xd1e83a68,0x98957b8a,0x56dd5702,
-        0xf0f12f16,0xcc7f2e34,0x0a9fa14d,0x1f6a9c33,0xb2fe782c,0xefc9a2bb,
-        0x709f54dd,0xd319c697,0xd6460a53,0x0b8238cb,0x000001dc },
-      { 0x44dfb6f6,0xf6492901,0x6e401d26,0x270d7cb4,0x48537ad8,0x1a70a40e,
-        0x70d8dbd9,0x84d661b5,0xf170d58b,0xca27223a,0x6344e1d2,0xeeb4cf14,
-        0xab9de1fa,0x2255fc95,0xdbdc5ea7,0xcd6e110a,0x000001f8 } },
-    /* 249 */
-    { { 0x78b8a0a7,0x2a57c6b9,0xe833edea,0x24b4aeb6,0x4bd13fe7,0x9e4617c1,
-        0xfc2e8ee4,0xc4186888,0xfb147eef,0x8d398a49,0x2e662cfb,0xe9f191f1,
-        0x958ba2ec,0x61872289,0x00b8d50d,0xbd6d0f1b,0x0000002d },
-      { 0x24c93cc9,0x895cfdfe,0xb9e718e7,0x29ed7780,0x38baf7eb,0x01c8ba58,
-        0x4ddcbf69,0x0225387e,0xa180d6bb,0x64b250bf,0xc947c7c2,0x6d68e548,
-        0x9923f3cd,0x82a7b632,0x2d103cd2,0xb8f03613,0x0000000f } },
-    /* 250 */
-    { { 0x8cd9d494,0x8198b3f0,0x94f4f9f3,0x9b2065b9,0x3c738fa9,0x7664a220,
-        0xd8d229cb,0x199f4c14,0xc51c54b3,0xddad75c4,0xd213a332,0x9a32ce0b,
-        0x888c7b2f,0xf3a21085,0x5b1ff20a,0x6defa362,0x000000d1 },
-      { 0x19a296eb,0x44e00548,0xd1a91313,0x1d94ff15,0xfeaa454f,0xd7dead2b,
-        0x4d40bd7f,0xae65a803,0x1801a4af,0x604f147e,0xa5e0de77,0x983048f9,
-        0xff572ca0,0xa3b19ca5,0x1821d117,0xa237dba7,0x000000e0 } },
-    /* 251 */
-    { { 0x91630ee8,0xedbabf84,0x05eb5301,0xde6589c2,0xa051f47b,0x9f7d2b2d,
-        0x212bbe81,0xaeaa9f96,0x94292124,0xdced3d5e,0xf4435e5b,0x691f5b89,
-        0x9411f66f,0x19604c33,0x4356f0da,0xb7fc09ca,0x000000e6 },
-      { 0xf74f811c,0x1294e413,0xdf8d8ddb,0x1a42d831,0x963418c9,0x27f57217,
-        0x88ebcdec,0x5fde5218,0xea305bc9,0xfdd5e06e,0xac668b61,0xed1e6088,
-        0xeb811861,0x333af016,0x15ddcebc,0x5ecb192d,0x000001c9 } },
-    /* 252 */
-    { { 0xe0bde442,0x927b37a3,0x66f7a73e,0xe0543fe8,0x8ed10c2e,0xd30d9d20,
-        0xa6617a32,0xaf79c341,0xd1d5cf8b,0xe7367870,0xe3abcf8b,0x02d0dce9,
-        0x772b5e7b,0xfe23d2dd,0x1ffc70c5,0x29fceea0,0x0000010b },
-      { 0x62d803ff,0x31bcae4d,0xdbc306a9,0x93ee913f,0xd8c10662,0xaf1de7ab,
-        0xe7a6d658,0xd485782a,0x102f4e06,0x9126592e,0x136fafe6,0x91a3127f,
-        0x88371213,0x46b93440,0xa31e1634,0x53bb4380,0x000000ba } },
-    /* 253 */
-    { { 0xca5636b0,0x62e517fc,0x6aba15c7,0x4296e021,0x212e7b2d,0x5aa8fd7c,
-        0x5717ad84,0x9517ce6d,0x98b2f357,0xe762b85b,0xdf59b07c,0x42f996b5,
-        0xf37ef6f0,0xf3732abb,0x4542b489,0xa5d145ea,0x0000015d },
-      { 0xaa7f6e3f,0x1e77c55e,0xaa4a05bc,0x3f4d99a7,0x45828227,0xa56d7d77,
-        0x77b748fb,0xdb0895fb,0x0629f5d1,0x1c484cce,0x359803fb,0xf5b1c90a,
-        0x1720b8d0,0x43ac4f29,0x72ac13f2,0x8c10bfe8,0x000000e9 } },
-    /* 254 */
-    { { 0xc06c4fd6,0x9d1c4785,0xd25c2b9d,0xbf4b9025,0xd4982f24,0x04135eb1,
-        0xba4fef2b,0x3ab3edc2,0x98de07ab,0x55a5239f,0x096f4b7d,0xd5fc49ab,
-        0x3844c815,0xc50a2960,0x15676b2b,0xdb1148d0,0x00000047 },
-      { 0x10f3bad9,0xc49f9cc5,0x022901d4,0x490888fc,0xc47b44df,0x917a55eb,
-        0xf39f2b68,0x20b2ebc6,0x04e9962a,0x0c58e3af,0x573dd5b7,0x52ab7c1b,
-        0xa329f76c,0x2b54add6,0x82f4ca3b,0x59dad1eb,0x00000108 } },
-    /* 255 */
-    { { 0xa182d1ad,0x662c4128,0x20916c45,0x7751796e,0xba681647,0xa7704272,
-        0xb92c85c1,0xfac8b0fa,0xaefb2e07,0x207ab2df,0x7861b32d,0xc73530a0,
-        0x88aed145,0x63dbed65,0x0a53a49d,0x547bcdca,0x000000bd },
-      { 0x87056b51,0xa7c1382f,0x130f9912,0xc3d91edb,0xd3805b42,0xf7c7de46,
-        0xfd31a995,0x456101eb,0xcd3fb8aa,0x1efd22b4,0x9eb17bce,0xfe391df7,
-        0x616c0c32,0xb4d4c0c6,0x711beef4,0x19f023be,0x00000112 } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_17(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, km);
-
-            err = sp_521_ecc_mulmod_base_17(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 17 + 17 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17 + 17 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 17;
-
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_17(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_17(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_17(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_add_one_17(sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #1\n\t"
-        "ldr	r1, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r1, r1, r2\n\t"
-#else
-        "add	r1, r1, r2\n\t"
-#endif
-        "movs	r2, #0\n\t"
-        "str	r1, [%[a]]\n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #4]\n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #8]\n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #12]\n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #16]\n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #20]\n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #24]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #28]\n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #32]\n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #36]\n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #40]\n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #44]\n\t"
-        "ldr	r1, [%[a], #48]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #48]\n\t"
-        "ldr	r1, [%[a], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #52]\n\t"
-        "ldr	r1, [%[a], #56]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #56]\n\t"
-        "ldr	r1, [%[a], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #60]\n\t"
-        "ldr	r1, [%[a], #64]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r1, r1, r2\n\t"
-#elif defined(__clang__)
-        "adcs	r1, r2\n\t"
-#else
-        "adc	r1, r2\n\t"
-#endif
-        "str	r1, [%[a], #64]\n\t"
-        : [a] "+l" (a)
-        :
-        : "memory", "r1", "r2", "cc"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 17, buf, (int)sizeof(buf));
-            if (sp_521_cmp_17(k, p521_order2) <= 0) {
-                sp_521_add_one_17(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 17);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_17(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_17(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_17(point->x) || sp_521_iszero_17(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-    sp_digit k[17];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_17(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_17(ctx->point->x) ||
-                    sp_521_iszero_17(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_17(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_17(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    a[j++] = r[16] >> 8;
-    a[j++] = r[16] >> 0;
-    for (i = 15; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, priv);
-        sp_521_point_from_ecc_point_17(point, pub);
-            err = sp_521_ecc_mulmod_17(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_17(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-    };
-    sp_digit k[17];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 17, priv);
-            sp_521_point_from_ecc_point_17(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_17(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Right shift a by n bits into r. (r = a >> n)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * n  Integer representing number of bits to shift.
- */
-static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #32\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r7, r7, %[n]\n\t"
-#else
-#ifdef __clang__
-        "subs	r7, r7, %[n]\n\t"
-#else
-        "sub	r7, r7, %[n]\n\t"
-#endif
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, %[n]\n\t"
-#else
-        "lsr	r3, r3, %[n]\n\t"
-#endif
-        "movs	r6, r4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, %[n]\n\t"
-#else
-        "lsr	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, %[n]\n\t"
-#else
-        "lsr	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "movs	r6, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, %[n]\n\t"
-#else
-        "lsr	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "movs	r6, r4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, %[n]\n\t"
-#else
-        "lsr	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, %[n]\n\t"
-#else
-        "lsr	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "movs	r6, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, %[n]\n\t"
-#else
-        "lsr	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "movs	r6, r4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, %[n]\n\t"
-#else
-        "lsr	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, %[n]\n\t"
-#else
-        "lsr	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "movs	r6, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, %[n]\n\t"
-#else
-        "lsr	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "movs	r6, r4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, %[n]\n\t"
-#else
-        "lsr	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, %[n]\n\t"
-#else
-        "lsr	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "movs	r6, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, %[n]\n\t"
-#else
-        "lsr	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "movs	r6, r4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, %[n]\n\t"
-#else
-        "lsr	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, %[n]\n\t"
-#else
-        "lsr	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "movs	r6, r3\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, %[n]\n\t"
-#else
-        "lsr	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #64]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "movs	r6, r4\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, %[n]\n\t"
-#else
-        "lsr	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, r7\n\t"
-#else
-        "lsl	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "str	r3, [%[r], #60]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Lefy shift a by n bits into r. (r = a << n)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * n  Integer representing number of bits to shift.
- */
-static void sp_521_lshift_17(sp_digit* r, const sp_digit* a, byte n)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #31\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, %[n]\n\t"
-#else
-        "sub	r7, r7, %[n]\n\t"
-#endif
-        "ldr	r4, [%[a], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r4, #1\n\t"
-#else
-        "lsr	r5, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, r7\n\t"
-#else
-        "lsr	r5, r5, r7\n\t"
-#endif
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r5, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r5, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "str	r3, [%[r]]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Lefy shift a by n bits into r. (r = a << n)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * n  Integer representing number of bits to shift.
- */
-static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #31\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, %[n]\n\t"
-#else
-        "sub	r7, r7, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #0x80\n\t"
-#else
-        "add	%[a], %[a], #0x80\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #0x80\n\t"
-#else
-        "add	%[r], %[r], #0x80\n\t"
-#endif
-        "ldr	r4, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r4, #1\n\t"
-#else
-        "lsr	r5, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, r7\n\t"
-#else
-        "lsr	r5, r5, r7\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r5, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a]]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #0x40\n\t"
-#else
-        "sub	%[a], %[a], #0x40\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[r], %[r], #0x40\n\t"
-#else
-        "sub	%[r], %[r], #0x40\n\t"
-#endif
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r3, #1\n\t"
-#else
-        "lsr	r6, r3, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, %[n]\n\t"
-#else
-        "lsl	r3, r3, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #1\n\t"
-#else
-        "lsr	r6, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, %[n]\n\t"
-#else
-        "lsl	r5, r5, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r6\n\t"
-#else
-        "orr	r3, r6\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r4, #1\n\t"
-#else
-        "lsr	r6, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r4, r4, %[n]\n\t"
-#else
-        "lsl	r4, r4, %[n]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, r7\n\t"
-#else
-        "lsr	r6, r6, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0x40\n\t"
-#else
-        "add	r7, r7, #0x40\n\t"
-#endif
-        "\n"
-    "L_sp_521_sub_in_place_17_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_521_sub_in_place_17_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldr	r4, [%[b]]\n\t"
-        "ldr	r2, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-        "str	r2, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #0x44\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_521_mul_d_17_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_521_mul_d_17_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_521_word_17_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_521_word_17_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<17; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-    r[16] = a[16] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[35];
-    sp_digit t2[18];
-    sp_digit sd[18];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-    div = (d[16] << 23) | (d[15] >> 9);
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 17);
-    r1 = sp_521_cmp_17(&t1[17], d) >= 0;
-    sp_521_cond_sub_17(&t1[17], &t1[17], d, (sp_digit)0 - r1);
-    sp_521_lshift_17(sd, d, 23);
-    sp_521_lshift_34(t1, t1, 23);
-
-    for (i = 16; i >= 0; i--) {
-        sp_digit hi = t1[17 + i] - (t1[17 + i] == div);
-        r1 = div_521_word_17(hi, t1[17 + i - 1], div);
-
-        sp_521_mul_d_17(t2, sd, r1);
-        t1[17 + i] += sp_521_sub_in_place_17(&t1[i], t2);
-        t1[17 + i] -= t2[17];
-        sp_521_mask_17(t2, sd, t1[17 + i]);
-        t1[17 + i] += sp_521_add_17(&t1[i], &t1[i], t2);
-        sp_521_mask_17(t2, sd, t1[17 + i]);
-        t1[17 + i] += sp_521_add_17(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_521_cmp_17(t1, sd) >= 0;
-    sp_521_cond_sub_17(r, t1, sd, (sp_digit)0 - r1);
-    sp_521_rshift_17(r, r, 23);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_521_div_17(a, m, NULL, r);
-    return ret;
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_17(r, a, b);
-    sp_521_mont_reduce_order_17(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word32 p521_order_minus_2[17] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word32 p521_order_low[9] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_17(r, a);
-    sp_521_mont_reduce_order_17(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_17(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_17(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_17_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_17_ctx;
-static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_17_ctx* ctx = (sp_521_mont_inv_order_17_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 17);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_17(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 17U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 17);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_17(t, t);
-        if ((p521_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 17U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 17;
-    sp_digit* t3 = td + 4 * 17;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_17(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_17(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_17(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_17(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_17(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_17(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_17(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_17(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_17(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_17(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_17(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_17(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_17(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_17(t2, t2);
-        if ((p521_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_17(t2, t2);
-    sp_521_mont_mul_order_17(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_17(k, k, p521_norm_order);
-    err = sp_521_mod_17(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_17(k);
-
-        /* kInv = 1/k mod order */
-            sp_521_mont_inv_order_17(kInv, k, tmp);
-        sp_521_norm_17(kInv);
-
-        /* s = r * x + e */
-            sp_521_mul_17(x, x, r);
-        err = sp_521_mod_17(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_17(x);
-        carry = sp_521_add_17(s, e, x);
-        sp_521_cond_sub_17(s, s, p521_order, 0 - carry);
-        sp_521_norm_17(s);
-        c = sp_521_cmp_17(s, p521_order);
-        sp_521_cond_sub_17(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(s);
-
-        /* s = s * k^-1 mod order */
-            sp_521_mont_mul_order_17(s, s, kInv);
-        sp_521_norm_17(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 17);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 17;
-        k = e + 4 * 17;
-        r = e + 6 * 17;
-        tmp = e + 8 * 17;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_17(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 17, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_521_ecc_mulmod_base_17(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 17U);
-            sp_521_norm_17(r);
-            c = sp_521_cmp_17(r, p521_order);
-            sp_521_cond_sub_17(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_17(r);
-
-            if (!sp_521_iszero_17(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 17, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 17, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_17(e, e, 7);
-                }
-
-                err = sp_521_calc_s_17(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_17(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 17, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-        sp_521_mont_inv_order_17_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*17];
-    sp_digit x[2*17];
-    sp_digit k[2*17];
-    sp_digit r[2*17];
-    sp_digit tmp[3 * 2*17];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_17(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 17, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 17U);
-        sp_521_norm_17(ctx->r);
-        c = sp_521_cmp_17(ctx->r, p521_order);
-        sp_521_cond_sub_17(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 17, priv);
-        sp_521_from_bin(ctx->e, 17, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_17(ctx->e, ctx->e, 7);
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_17(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_17(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_17(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_17_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_17(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_17(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_17(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_521_norm_17(ctx->x);
-        carry = sp_521_add_17(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_17(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_17(ctx->s);
-        c = sp_521_cmp_17(ctx->s, p521_order);
-        sp_521_cond_sub_17(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_17(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_17(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_17(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 17U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x44\n\t"
-#else
-        "add	r6, r6, #0x44\n\t"
-#endif
-        "\n"
-    "L_sp_521_sub_17_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_521_sub_17_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "str	r3, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-static void sp_521_div2_mod_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r3, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-        "beq	L_sp_521_div2_mod_17_no_add_%=\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "ldr	r6, [%[m], #48]\n\t"
-        "ldr	r7, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "ldr	r6, [%[m], #56]\n\t"
-        "ldr	r7, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "ldr	r6, [%[m], #64]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r3, r3, #31\n\t"
-#else
-        "lsl	r3, r3, #31\n\t"
-#endif
-        "b	L_sp_521_div2_mod_17_div2_%=\n\t"
-        "\n"
-    "L_sp_521_div2_mod_17_no_add_%=:\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "\n"
-    "L_sp_521_div2_mod_17_div2_%=:\n\t"
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #8]\n\t"
-        "str	r4, [%[r]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #12]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #16]\n\t"
-        "str	r7, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #20]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #28]\n\t"
-        "str	r7, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #32]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #36]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #40]\n\t"
-        "str	r7, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #44]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #52]\n\t"
-        "str	r7, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-        "ldr	r7, [%[r], #56]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r7, #31\n\t"
-#else
-        "lsl	r6, r7, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #1\n\t"
-#else
-        "lsr	r7, r7, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r6\n\t"
-#else
-        "orr	r5, r6\n\t"
-#endif
-        "ldr	r4, [%[r], #60]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r4, #31\n\t"
-#else
-        "lsl	r6, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r6\n\t"
-#else
-        "orr	r7, r6\n\t"
-#endif
-        "ldr	r5, [%[r], #64]\n\t"
-        "str	r7, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r5, #31\n\t"
-#else
-        "lsl	r6, r5, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #1\n\t"
-#else
-        "lsr	r5, r5, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r6\n\t"
-#else
-        "orr	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "orrs	r5, r3\n\t"
-#else
-        "orr	r5, r3\n\t"
-#endif
-        "str	r4, [%[r], #60]\n\t"
-        "str	r5, [%[r], #64]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-static int sp_521_num_bits_17(sp_digit* a)
-{
-    static const byte sp_num_bits_table[256] = {
-        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-    };
-    const byte* table = sp_num_bits_table;
-    __asm__ __volatile__ (
-        "movs	r6, #0xff\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_16_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_183_%=\n\t"
-        "movs	r2, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #8\n\t"
-#else
-        "lsl	r2, r2, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #24\n\t"
-#else
-        "add	r2, r2, #24\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_183_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_182_%=\n\t"
-        "movs	r2, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #8\n\t"
-#else
-        "lsl	r2, r2, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #16\n\t"
-#else
-        "add	r2, r2, #16\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_182_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_181_%=\n\t"
-        "movs	r2, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #8\n\t"
-#else
-        "lsl	r2, r2, #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #8\n\t"
-#else
-        "add	r2, r2, #8\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_181_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_180_%=\n\t"
-        "movs	r2, #2\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r2, r2, #8\n\t"
-#else
-        "lsl	r2, r2, #8\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_180_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_16_%=:\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_15_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_173_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xf9\n\t"
-#else
-        "add	r2, r2, #0xf9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_173_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_172_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xf1\n\t"
-#else
-        "add	r2, r2, #0xf1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_172_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_171_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xe9\n\t"
-#else
-        "add	r2, r2, #0xe9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_171_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_170_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xe1\n\t"
-#else
-        "add	r2, r2, #0xe1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_170_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_15_%=:\n\t"
-        "ldr	r3, [%[a], #56]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_14_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_163_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xd9\n\t"
-#else
-        "add	r2, r2, #0xd9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_163_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_162_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xd1\n\t"
-#else
-        "add	r2, r2, #0xd1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_162_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_161_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xc9\n\t"
-#else
-        "add	r2, r2, #0xc9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_161_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_160_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xc1\n\t"
-#else
-        "add	r2, r2, #0xc1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_160_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_14_%=:\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_13_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_153_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xb9\n\t"
-#else
-        "add	r2, r2, #0xb9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_153_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_152_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xb1\n\t"
-#else
-        "add	r2, r2, #0xb1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_152_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_151_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xa9\n\t"
-#else
-        "add	r2, r2, #0xa9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_151_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_150_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0xa1\n\t"
-#else
-        "add	r2, r2, #0xa1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_150_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_13_%=:\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_12_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_143_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x99\n\t"
-#else
-        "add	r2, r2, #0x99\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_143_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_142_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x91\n\t"
-#else
-        "add	r2, r2, #0x91\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_142_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_141_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x89\n\t"
-#else
-        "add	r2, r2, #0x89\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_141_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_140_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x81\n\t"
-#else
-        "add	r2, r2, #0x81\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_140_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_12_%=:\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_11_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_133_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x79\n\t"
-#else
-        "add	r2, r2, #0x79\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_133_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_132_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x71\n\t"
-#else
-        "add	r2, r2, #0x71\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_132_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_131_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x69\n\t"
-#else
-        "add	r2, r2, #0x69\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_131_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_130_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x61\n\t"
-#else
-        "add	r2, r2, #0x61\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_130_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_11_%=:\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_10_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_123_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x59\n\t"
-#else
-        "add	r2, r2, #0x59\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_123_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_122_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x51\n\t"
-#else
-        "add	r2, r2, #0x51\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_122_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_121_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x49\n\t"
-#else
-        "add	r2, r2, #0x49\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_121_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_120_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #0x41\n\t"
-#else
-        "add	r2, r2, #0x41\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_120_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_10_%=:\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_9_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_113_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #57\n\t"
-#else
-        "add	r2, r2, #57\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_113_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_112_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #49\n\t"
-#else
-        "add	r2, r2, #49\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_112_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_111_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #41\n\t"
-#else
-        "add	r2, r2, #41\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_111_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_110_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #33\n\t"
-#else
-        "add	r2, r2, #33\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_110_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_9_%=:\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_8_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_103_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #25\n\t"
-#else
-        "add	r2, r2, #25\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_103_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_102_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #17\n\t"
-#else
-        "add	r2, r2, #17\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_102_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_101_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #9\n\t"
-#else
-        "add	r2, r2, #9\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_101_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_100_%=\n\t"
-        "movs	r2, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, #1\n\t"
-#else
-        "add	r2, r2, #1\n\t"
-#endif
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_100_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_8_%=:\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_7_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_93_%=\n\t"
-        "movs	r2, #0xf8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_93_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_92_%=\n\t"
-        "movs	r2, #0xf0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_92_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_91_%=\n\t"
-        "movs	r2, #0xe8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_91_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_90_%=\n\t"
-        "movs	r2, #0xe0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_90_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_7_%=:\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_6_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_83_%=\n\t"
-        "movs	r2, #0xd8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_83_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_82_%=\n\t"
-        "movs	r2, #0xd0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_82_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_81_%=\n\t"
-        "movs	r2, #0xc8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_81_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_80_%=\n\t"
-        "movs	r2, #0xc0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_80_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_6_%=:\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_5_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_73_%=\n\t"
-        "movs	r2, #0xb8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_73_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_72_%=\n\t"
-        "movs	r2, #0xb0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_72_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_71_%=\n\t"
-        "movs	r2, #0xa8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_71_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_70_%=\n\t"
-        "movs	r2, #0xa0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_70_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_5_%=:\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_4_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_63_%=\n\t"
-        "movs	r2, #0x98\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_63_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_62_%=\n\t"
-        "movs	r2, #0x90\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_62_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_61_%=\n\t"
-        "movs	r2, #0x88\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_61_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_60_%=\n\t"
-        "movs	r2, #0x80\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_60_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_4_%=:\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_3_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_53_%=\n\t"
-        "movs	r2, #0x78\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_53_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_52_%=\n\t"
-        "movs	r2, #0x70\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_52_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_51_%=\n\t"
-        "movs	r2, #0x68\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_51_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_50_%=\n\t"
-        "movs	r2, #0x60\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_50_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_3_%=:\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_2_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_43_%=\n\t"
-        "movs	r2, #0x58\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_43_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_42_%=\n\t"
-        "movs	r2, #0x50\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_42_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_41_%=\n\t"
-        "movs	r2, #0x48\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_41_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_40_%=\n\t"
-        "movs	r2, #0x40\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_40_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_2_%=:\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "cmp	r3, #0\n\t"
-        "beq	L_sp_521_num_bits_17_1_%=\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_33_%=\n\t"
-        "movs	r2, #56\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_33_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_32_%=\n\t"
-        "movs	r2, #48\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_32_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_31_%=\n\t"
-        "movs	r2, #40\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_31_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_30_%=\n\t"
-        "movs	r2, #32\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_30_%=:\n\t"
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_1_%=:\n\t"
-        "ldr	r3, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #24\n\t"
-#else
-        "lsr	r5, r3, #24\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_23_%=\n\t"
-        "movs	r2, #24\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_23_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #16\n\t"
-#else
-        "lsr	r5, r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_22_%=\n\t"
-        "movs	r2, #16\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_22_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r3, #8\n\t"
-#else
-        "lsr	r5, r3, #8\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_21_%=\n\t"
-        "movs	r2, #8\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_21_%=:\n\t"
-        "movs	r5, r3\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "ands	r5, r6\n\t"
-#else
-        "and	r5, r6\n\t"
-#endif
-        "cmp	r5, #0\n\t"
-        "beq	L_sp_521_num_bits_17_20_%=\n\t"
-        "movs	r2, #0\n\t"
-        "ldrb	r4, [%[table], r5]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r4\n\t"
-#else
-        "add	r2, r2, r4\n\t"
-#endif
-        "b	L_sp_521_num_bits_17_18_%=\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_20_%=:\n\t"
-        "\n"
-    "L_sp_521_num_bits_17_18_%=:\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [table] "+l" (table)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[17];
-    sp_digit v[17];
-    sp_digit b[17];
-    sp_digit d[17];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_521_num_bits_17(u);
-    vt = sp_521_num_bits_17(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_521_rshift1_17(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_521_rshift1_17(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_521_rshift1_17(v, v);
-            sp_521_div2_mod_17(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
-            sp_521_sub_17(u, u, v);
-            o = sp_521_sub_17(b, b, d);
-            if (o != 0)
-                sp_521_add_17(b, b, m);
-            ut = sp_521_num_bits_17(u);
-
-            do {
-                sp_521_rshift1_17(u, u);
-                sp_521_div2_mod_17(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_521_sub_17(v, v, u);
-            o = sp_521_sub_17(d, d, b);
-            if (o != 0)
-                sp_521_add_17(d, d, m);
-            vt = sp_521_num_bits_17(v);
-
-            do {
-                sp_521_rshift1_17(v, v);
-                sp_521_div2_mod_17(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-
-        sp_521_proj_point_add_17(p1, p1, p2, tmp);
-    if (sp_521_iszero_17(p1->z)) {
-        if (sp_521_iszero_17(p1->x) && sp_521_iszero_17(p1->y)) {
-                sp_521_proj_point_dbl_17(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            p1->x[12] = 0;
-            p1->x[13] = 0;
-            p1->x[14] = 0;
-            p1->x[15] = 0;
-            p1->x[16] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_17(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_521_mul_17(s, s, p521_norm_order);
-        err = sp_521_mod_17(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_17(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_521_mont_inv_order_17(s, s, tmp);
-            sp_521_mont_mul_order_17(u1, u1, s);
-            sp_521_mont_mul_order_17(u2, u2, s);
-        }
-#else
-        {
-            sp_521_mont_mul_order_17(u1, u1, s);
-            sp_521_mont_mul_order_17(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_521_ecc_mulmod_base_17(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_17(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_17(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_17(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 17);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 17;
-        s   = u1 + 4 * 17;
-        tmp = u1 + 6 * 17;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 17, hash, (int)hashLen);
-        sp_521_from_mp(u2, 17, rm);
-        sp_521_from_mp(s, 17, sm);
-        sp_521_from_mp(p2->x, 17, pX);
-        sp_521_from_mp(p2->y, 17, pY);
-        sp_521_from_mp(p2->z, 17, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_17(u1, u1, 7);
-        }
-
-        err = sp_521_calc_vfy_point_17(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 17, rm);
-        err = sp_521_mod_mul_norm_17(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_521_mont_sqr_17(p1->z, p1->z, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_17(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_17(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 17, rm);
-            carry = sp_521_add_17(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_17(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_17(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_17(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_521_mont_mul_17(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_17(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-        sp_521_mont_inv_order_17_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_17_ctx dbl_ctx;
-        sp_521_proj_point_add_17_ctx add_ctx;
-    };
-    sp_digit u1[2*17];
-    sp_digit u2[2*17];
-    sp_digit s[2*17];
-    sp_digit tmp[2*17 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 17, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 17, rm);
-        sp_521_from_mp(ctx->s, 17, sm);
-        sp_521_from_mp(ctx->p2.x, 17, pX);
-        sp_521_from_mp(ctx->p2.y, 17, pY);
-        sp_521_from_mp(ctx->p2.z, 17, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_17(ctx->u1, ctx->u1, 7);
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_17(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_17(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_17(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_17_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_17(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_17(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_17(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_17(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_17_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 17, rm);
-        err = sp_521_mod_mul_norm_17(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_17(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_17(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_17(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 17, rm);
-            carry = sp_521_add_17(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_17(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_17(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_17(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_17(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_17(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_17(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 17 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 17 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 17;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_17(t1, point->y);
-        (void)sp_521_mod_17(t1, t1, p521_mod);
-        sp_521_sqr_17(t2, point->x);
-        (void)sp_521_mod_17(t2, t2, p521_mod);
-        sp_521_mul_17(t2, t2, point->x);
-        (void)sp_521_mod_17(t2, t2, p521_mod);
-        sp_521_mont_sub_17(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_17(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 17, pX);
-        sp_521_from_mp(pub->y, 17, pY);
-        sp_521_from_bin(pub->z, 17, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_17(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 17);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 17, pX);
-        sp_521_from_mp(pub->y, 17, pY);
-        sp_521_from_bin(pub->z, 17, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 17, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_17(pub->x) != 0) &&
-            (sp_521_iszero_17(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_17(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_17(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_17(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_521_ecc_mulmod_17(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_17(p->x) == 0) ||
-                             (sp_521_iszero_17(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_521_ecc_mulmod_base_17(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_17(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_17(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        sp_521_from_mp(q->x, 17, qX);
-        sp_521_from_mp(q->y, 17, qY);
-        sp_521_from_mp(q->z, 17, qZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-        q->infinity = sp_521_iszero_17(q->x) &
-                      sp_521_iszero_17(q->y);
-
-            sp_521_proj_point_add_17(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-
-            sp_521_proj_point_dbl_17(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-
-            sp_521_map_17(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word32 p521_sqrt_power[17] = {
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_17(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 17);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32)))
-                    sp_521_mont_mul_17(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 17);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 17);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 17, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 17;
-
-        sp_521_from_mp(x, 17, xm);
-        err = sp_521_mod_mul_norm_17(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_521_mont_sqr_17(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_17(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_17(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_17(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_17(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 17, 0, 17U * sizeof(sp_digit));
-        sp_521_mont_reduce_17(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_17(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 32];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 32];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 32];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifndef WOLFSSL_SP_SMALL
-#ifndef WOLFSSL_SP_LARGE_CODE
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[16 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0x40\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_1024_mul_16_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #60\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_1024_mul_16_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_1024_mul_16_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_1024_mul_16_mul_%=\n\t"
-        "\n"
-    "L_sp_1024_mul_16_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x78\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_1024_mul_16_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        "mov	r8, %[r]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[0] * B[0]\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r3, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r3, r6, r3\n\t"
-#elif defined(__clang__)
-        "muls	r3, r6\n\t"
-#else
-        "mul	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r6, #16\n\t"
-#else
-        "lsr	r4, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "movs	r5, #0\n\t"
-        "str	r3, [sp]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #4]\n\t"
-        "#  A[2] * B[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[0] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #8]\n\t"
-        "#  A[0] * B[3]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #12]\n\t"
-        "#  A[4] * B[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[0] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #16]\n\t"
-        "#  A[0] * B[5]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #20]\n\t"
-        "#  A[6] * B[0]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[0] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #24]\n\t"
-        "#  A[0] * B[7]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #28]\n\t"
-        "#  A[8] * B[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[0] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #32]\n\t"
-        "#  A[0] * B[9]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #36]\n\t"
-        "#  A[10] * B[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[0] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #40]\n\t"
-        "#  A[0] * B[11]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #44]\n\t"
-        "#  A[12] * B[0]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[0] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #48]\n\t"
-        "#  A[0] * B[13]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #52]\n\t"
-        "#  A[14] * B[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[2] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[1] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[0] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r5, [sp, #56]\n\t"
-        "#  A[0] * B[15]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a]]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[1] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[2] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[12] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[13] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[14] * B[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[15] * B[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b]]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "str	r3, [sp, #60]\n\t"
-        "#  A[15] * B[1]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #4]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[3] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[2] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #4]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[2] * B[15]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #8]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * B[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[15] * B[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #8]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[3]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #12]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[14] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[13] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[12] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[6] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[5] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[4] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[3] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #12]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #72]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[4] * B[15]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * B[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[15] * B[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #16]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #76]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[5]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #20]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #80]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[6] * B[15]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[7] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[8] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[12] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[13] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[14] * B[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[15] * B[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #24]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #84]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[7]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #28]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #88]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[8] * B[15]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * B[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[15] * B[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #32]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[9]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #36]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[14] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[13] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[12] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[11] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[10] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[9] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #96]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[10] * B[15]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * B[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[15] * B[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #40]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #100]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[11]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #44]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #104]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[12] * B[15]\n\t"
-        "movs	r5, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[13] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[14] * B[13]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "#  A[15] * B[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #48]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #108]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[13]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #52]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #112]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[14] * B[15]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[15] * B[14]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #56]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r7\n\t"
-#else
-        "add	r5, r5, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * B[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "ldr	%[b], [%[b], #60]\n\t"
-        "uxth	r6, %[a]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[a], #16\n\t"
-#else
-        "lsr	r6, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #120]\n\t"
-        "str	r4, [%[r], #124]\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "pop	{r3, r4, r5, r6}\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-#ifndef WOLFSSL_SP_LARGE_CODE
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0x80\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_1024_sqr_16_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #60\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_1024_sqr_16_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_1024_sqr_16_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_1024_sqr_16_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_1024_sqr_16_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_1024_sqr_16_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0x40\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_1024_sqr_16_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_1024_sqr_16_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_1024_sqr_16_mul_%=\n\t"
-        "\n"
-    "L_sp_1024_sqr_16_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0x78\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_1024_sqr_16_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0x7c\n\t"
-        "\n"
-    "L_sp_1024_sqr_16_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_1024_sqr_16_store_%=\n\t"
-        "movs	r6, #0x80\n\t"
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        "mov	r8, %[r]\n\t"
-        "mov	r9, %[a]\n\t"
-        "movs	%[r], #0\n\t"
-        "ldm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "mov	r10, r2\n\t"
-        "mov	r11, r3\n\t"
-        "mov	r12, r4\n\t"
-        "mov	lr, r5\n\t"
-        "mov	%[a], r9\n\t"
-        "#  A[0] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r7, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-        "movs	r2, r5\n\t"
-        "movs	r3, r6\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "muls	r2, r2\n\t"
-#else
-        "mul	r2, r2\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "muls	r3, r3\n\t"
-#else
-        "mul	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "str	r2, [sp]\n\t"
-        "#  A[1] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #4]\n\t"
-        "#  A[2] * A[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[1] * A[1]\n\t"
-        "mov	r7, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #8]\n\t"
-        "#  A[2] * A[1]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #12]\n\t"
-        "#  A[4] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[3] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[2] * A[2]\n\t"
-        "mov	r7, r12\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #16]\n\t"
-        "#  A[3] * A[2]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #20]\n\t"
-        "#  A[6] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[5] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[4] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[3] * A[3]\n\t"
-        "mov	r7, lr\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #24]\n\t"
-        "#  A[4] * A[3]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #16]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[5] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[6] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[7] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #28]\n\t"
-        "#  A[8] * A[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[6] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[5] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[4] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #32]\n\t"
-        "#  A[5] * A[4]\n\t"
-        "movs	r4, #0\n\t"
-        "ldr	%[a], [%[a], #20]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #36]\n\t"
-        "#  A[10] * A[0]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[9] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[8] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[7] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[6] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[5] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #40]\n\t"
-        "#  A[6] * A[5]\n\t"
-        "movs	r3, #0\n\t"
-        "ldr	%[a], [%[a], #24]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #44]\n\t"
-        "#  A[12] * A[0]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[8] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[7] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[6] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #48]\n\t"
-        "#  A[7] * A[6]\n\t"
-        "movs	r2, #0\n\t"
-        "ldr	%[a], [%[a], #28]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[8] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[9] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[10] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[11] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[12] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[13] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "str	r3, [sp, #52]\n\t"
-        "#  A[14] * A[0]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[9] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[8] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[7] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "str	r4, [sp, #56]\n\t"
-        "#  A[8] * A[7]\n\t"
-        "movs	r4, #0\n\t"
-        "ldr	%[a], [%[a], #32]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * A[1]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[15] * A[0]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "str	r2, [sp, #60]\n\t"
-        "#  A[15] * A[1]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "ldr	%[a], [%[a], #60]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[14] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r12\n\t"
-        "ldr	%[a], [%[a], #56]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[13] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-        "ldr	%[a], [%[a], #52]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[12] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "ldr	%[a], [%[a], #48]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[11] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[10] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[9] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[8] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	%[a], #48\n\t"
-        "add	%[a], %[a], r9\n\t"
-        "ldm	%[a]!, {r5, r6}\n\t"
-        "mov	r10, r5\n\t"
-        "mov	r11, r6\n\t"
-        "ldm	%[a]!, {r5, r6}\n\t"
-        "mov	r12, r5\n\t"
-        "mov	lr, r6\n\t"
-        "mov	%[a], r9\n\t"
-        "#  A[9] * A[8]\n\t"
-        "movs	r3, #0\n\t"
-        "ldr	%[a], [%[a], #36]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * A[3]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[15] * A[2]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #8]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[3]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[11] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[10] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[9] * A[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #72]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[10] * A[9]\n\t"
-        "movs	r2, #0\n\t"
-        "ldr	%[a], [%[a], #40]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[11] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[12] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[13] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[14] * A[5]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[15] * A[4]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #16]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #76]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[5]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[12] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[11] * A[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #36]\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[10] * A[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[11] * A[10]\n\t"
-        "movs	r4, #0\n\t"
-        "ldr	%[a], [%[a], #44]\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * A[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #36]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * A[7]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[15] * A[6]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #84]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[7]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[14] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[13] * A[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #36]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[12] * A[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #40]\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[11] * A[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #88]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[12] * A[11]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r10\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * A[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #40]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * A[9]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #36]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[15] * A[8]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[9]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #36]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[14] * A[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #40]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[13] * A[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[12] * A[12]\n\t"
-        "mov	r7, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #96]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[13] * A[12]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r11\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[14] * A[11]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[15] * A[10]\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #40]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #100]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[11]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[14] * A[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "#  A[13] * A[13]\n\t"
-        "mov	r7, r11\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #104]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[14] * A[13]\n\t"
-        "movs	r4, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], r12\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "#  A[15] * A[12]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r10\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #108]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[13]\n\t"
-        "movs	r2, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, r11\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "#  A[14] * A[14]\n\t"
-        "mov	r7, r12\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r], #112]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[14]\n\t"
-        "movs	r3, #0\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[a], lr\n\t"
-        "uxth	r5, %[a]\n\t"
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r2, %[r]\n\t"
-#else
-        "adc	r2, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[a], #16\n\t"
-#else
-        "lsr	r5, %[a], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r6\n\t"
-#else
-        "add	r2, r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "uxth	r6, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r2, r2, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r2, r6\n\t"
-#else
-        "adc	r2, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r3, %[r]\n\t"
-#else
-        "adc	r3, %[r]\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r4, [%[r], #116]\n\t"
-        "movs	%[r], #0\n\t"
-        "#  A[15] * A[15]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	r7, lr\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r5\n\t"
-#else
-        "mul	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r7, #16\n\t"
-#else
-        "lsr	r6, r7, #16\n\t"
-#endif
-        "uxth	r5, r7\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #15\n\t"
-#else
-        "lsr	r6, r5, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #17\n\t"
-#else
-        "lsl	r5, r5, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r5\n\t"
-#else
-        "add	r2, r2, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-        "mov	%[r], r8\n\t"
-        "str	r2, [%[r], #120]\n\t"
-        "str	r3, [%[r], #124]\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        "pop	{r2, r3, r4, r5}\n\t"
-        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_add_word_16(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r5, #0\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, %[b]\n\t"
-#else
-        "add	r3, r3, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r4\n\t"
-#else
-        "sub	r2, r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-        "ldm	%[b]!, {r4, r5}\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r4\n\t"
-#else
-        "sbc	r2, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "stm	%[a]!, {r2, r3}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[a], %[a], %[a]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[a], %[a]\n\t"
-#else
-        "sbc	%[a], %[a]\n\t"
-#endif
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r5\n\t"
-#else
-        "adc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "movs	%[r], #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	%[r], %[r]\n\t"
-#else
-        "adc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_1024_add_16(a1, a, &a[16]);
-    cb = sp_1024_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_1024_mul_16(z2, &a[16], &b[16]);
-    sp_1024_mul_16(z0, a, b);
-    sp_1024_mul_16(z1, a1, b1);
-
-    u += sp_1024_sub_in_place_32(z1, z0);
-    u += sp_1024_sub_in_place_32(z1, z2);
-    sp_1024_mask_16(a1, a1, 0 - cb);
-    u += sp_1024_add_16(z1 + 16, z1 + 16, a1);
-    sp_1024_mask_16(b1, b1, 0 - ca);
-    u += sp_1024_add_16(z1 + 16, z1 + 16, b1);
-
-    u += sp_1024_add_32(r + 16, r + 16, z1);
-    (void)sp_1024_add_word_16(r + 48, r + 48, u);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit* zero = z1 + 16;
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_1024_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_1024_sub_16(a1, p1, p2);
-
-    sp_1024_sqr_16(z2, &a[16]);
-    sp_1024_sqr_16(z0, a);
-    sp_1024_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_1024_sub_in_place_32(z1, z2);
-    u -= sp_1024_sub_in_place_32(z1, z0);
-    u += sp_1024_sub_in_place_32(r + 16, z1);
-    sp_1024_add_word_16(r + 48, r + 48, u);
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit t[32 * 2];
-    sp_digit* tmp = t;
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[tmp]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r10, %[b]\n\t"
-        "movs	r6, #0x80\n\t"
-        "add	r6, r6, r9\n\t"
-        "mov	r12, r6\n\t"
-        "\n"
-    "L_sp_1024_mul_32_words_%=:\n\t"
-        "movs	%[tmp], #0\n\t"
-        "movs	r5, #0\n\t"
-        "movs	r6, #0x7c\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	%[b], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], %[a]\n\t"
-#else
-        "sub	%[b], %[b], %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	%[b], %[b], r10\n\t"
-        "\n"
-    "L_sp_1024_mul_32_mul_%=:\n\t"
-        "# Multiply Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[tmp]\n\t"
-#else
-        "adc	r4, %[tmp]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [%[b]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "ldrh	r7, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[tmp]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[tmp]\n\t"
-#else
-        "adc	r5, %[tmp]\n\t"
-#endif
-        "# Multiply Done\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[b], %[b], #4\n\t"
-#else
-        "sub	%[b], %[b], #4\n\t"
-#endif
-        "cmp	%[a], r12\n\t"
-        "beq	L_sp_1024_mul_32_done_mul_%=\n\t"
-        "mov	r6, r8\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "ble	L_sp_1024_mul_32_mul_%=\n\t"
-        "\n"
-    "L_sp_1024_mul_32_done_mul_%=:\n\t"
-        "mov	%[tmp], r11\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xf8\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_1024_mul_32_words_%=\n\t"
-        "str	r3, [%[tmp], r7]\n\t"
-        "mov	%[a], r9\n\t"
-        "mov	%[b], r10\n\t"
-        : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "movs	r5, #0\n\t"
-        "mov	r8, r3\n\t"
-        "mov	r11, %[r]\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r6, r6\n\t"
-#else
-        "neg	r6, r6\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        "mov	r10, sp\n\t"
-        "mov	r9, %[a]\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_words_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r6, #0x7c\n\t"
-        "mov	%[a], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r6\n\t"
-#else
-        "sub	%[a], %[a], r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r6, r6\n\t"
-#else
-        "mvn	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	%[a], %[a], r6\n\t"
-#elif defined(__clang__)
-        "ands	%[a], r6\n\t"
-#else
-        "and	%[a], r6\n\t"
-#endif
-        "mov	r2, r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, %[a]\n\t"
-#else
-        "sub	r2, r2, %[a]\n\t"
-#endif
-        "add	%[a], %[a], r9\n\t"
-        "add	r2, r2, r9\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_mul_%=:\n\t"
-        "cmp	r2, %[a]\n\t"
-        "beq	L_sp_1024_sqr_32_sqr_%=\n\t"
-        "# Multiply * 2: Start\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r7, [r2]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r7, #16\n\t"
-#else
-        "lsr	r7, r7, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldrh	r7, [r2]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Multiply * 2: Done\n\t"
-        "bal	L_sp_1024_sqr_32_done_sqr_%=\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_sqr_%=:\n\t"
-        "mov	r12, r2\n\t"
-        "ldr	r2, [%[a]]\n\t"
-        "# Square: Start\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r6\n\t"
-#else
-        "mul	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r7\n\t"
-#else
-        "mul	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r2, #16\n\t"
-#else
-        "lsr	r7, r2, #16\n\t"
-#endif
-        "uxth	r6, r2\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #15\n\t"
-#else
-        "lsr	r7, r6, #15\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #17\n\t"
-#else
-        "lsl	r6, r6, #17\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# Square: Done\n\t"
-        "mov	r2, r12\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_done_sqr_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, #4\n\t"
-#else
-        "sub	r2, r2, #4\n\t"
-#endif
-        "movs	r6, #0x80\n\t"
-        "add	r6, r6, r9\n\t"
-        "cmp	%[a], r6\n\t"
-        "beq	L_sp_1024_sqr_32_done_mul_%=\n\t"
-        "cmp	%[a], r2\n\t"
-        "bgt	L_sp_1024_sqr_32_done_mul_%=\n\t"
-        "mov	r7, r8\n\t"
-        "add	r7, r7, r9\n\t"
-        "cmp	%[a], r7\n\t"
-        "ble	L_sp_1024_sqr_32_mul_%=\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_done_mul_%=:\n\t"
-        "mov	%[r], r10\n\t"
-        "mov	r7, r8\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "mov	r8, r7\n\t"
-        "movs	r6, #0xf8\n\t"
-        "cmp	r7, r6\n\t"
-        "ble	L_sp_1024_sqr_32_words_%=\n\t"
-        "mov	%[a], r9\n\t"
-        "str	r3, [%[r], r7]\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	%[a], r10\n\t"
-        "movs	r3, #0xfc\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_store_%=:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, #4\n\t"
-#else
-        "sub	r3, r3, #4\n\t"
-#endif
-        "bge	L_sp_1024_sqr_32_store_%=\n\t"
-        "movs	r6, #0xff\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #1\n\t"
-#else
-        "add	r6, r6, #1\n\t"
-#endif
-        "add	sp, sp, r6\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
-    );
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[32] = {
-    0xfea85feb,0x666d807a,0xac7ace87,0x80c5df10,0x89857db0,0xfce3e823,
-    0x56971f1f,0x9f94d6af,0x1c3c09aa,0xa7cf3c52,0x31852a82,0xb6aff4a8,
-    0x65681ce1,0x512ac5cd,0x326b4cd4,0xe26c6487,0xa666a6d0,0x356d27f4,
-    0xf7c88a19,0xe791b39f,0x31a59cb0,0x228730d5,0xe2fc0f1b,0xf40aab27,
-    0xb3e01a2e,0xbe9ae358,0x9cb48261,0x416c0ce1,0xdad0657a,0x65c61198,
-    0x0a563fda,0x997abb1f
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[32] = {
-    0x0157a015,0x99927f85,0x53853178,0x7f3a20ef,0x767a824f,0x031c17dc,
-    0xa968e0e0,0x606b2950,0xe3c3f655,0x5830c3ad,0xce7ad57d,0x49500b57,
-    0x9a97e31e,0xaed53a32,0xcd94b32b,0x1d939b78,0x5999592f,0xca92d80b,
-    0x083775e6,0x186e4c60,0xce5a634f,0xdd78cf2a,0x1d03f0e4,0x0bf554d8,
-    0x4c1fe5d1,0x41651ca7,0x634b7d9e,0xbe93f31e,0x252f9a85,0x9a39ee67,
-    0xf5a9c025,0x668544e0
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x7c8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[32] = {
-    0xbfaa17fb,0xd99b601e,0x2b1eb3a1,0x203177c4,0xe2615f6c,0xff38fa08,
-    0xd5a5c7c7,0xa7e535ab,0x870f026a,0xa9f3cf14,0x0c614aa0,0x6dabfd2a,
-    0x595a0738,0x144ab173,0xcc9ad335,0x389b1921,0x2999a9b4,0x4d5b49fd,
-    0xfdf22286,0x39e46ce7,0x4c69672c,0xc8a1cc35,0xf8bf03c6,0xbd02aac9,
-    0x2cf8068b,0x6fa6b8d6,0x672d2098,0x905b0338,0x36b4195e,0x99718466,
-    0xc2958ff6,0x265eaec7
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0xeae63895,0x880dc8ab,0x967e0979,0x80ec46c4,0xb63f73ec,0xee9163a5,
-        0x80728d87,0xd5cfb4cc,0xba66910d,0xa7c1514d,0x7a60de74,0xa702c339,
-        0x8b72f2e1,0x337c8654,0x5dd5bccb,0x9760af76,0x406ce890,0x718bd9e7,
-        0xdb9dfa55,0x43d5f22c,0x30b09e10,0xab10db90,0xf6ce2308,0xb5edb6c0,
-        0xb6ff7cbf,0x98b2f204,0x0aec69c6,0x2b1a2fd6,0x3ed9b52a,0x0a799005,
-        0x332c29ad,0x53fc09ee,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x1bef16d7,0x75573fd7,0x6a67dcde,0xadb9b570,0xd5bb4636,0x80bdad5a,
-        0xe9cb99a9,0x13515ad7,0xc5a4d5f2,0x492d979f,0x164aa989,0xac6f1e80,
-        0xb7652fe0,0xcad696b5,0xad547c6c,0x70dae117,0xa9e032b9,0x416cff0c,
-        0x9a140b2e,0x6b598ccf,0xf0de55f6,0xe7f7f5e5,0x654ec2b9,0xf5ea69f4,
-        0x1e141178,0x3d778d82,0x02990696,0xd3e82016,0x3634a135,0xf9f1f053,
-        0x3f6009f1,0x0a824906,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r7, %[a]\n\t"
-        "movs	r2, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #0x80\n\t"
-#else
-        "add	r7, r7, #0x80\n\t"
-#endif
-        "\n"
-    "L_sp_1024_sub_in_place_32_words_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r2\n\t"
-#else
-        "sub	r5, r5, r2\n\t"
-#endif
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r2, r2, r2\n\t"
-#elif defined(__clang__)
-        "sbcs	r2, r2\n\t"
-#else
-        "sbc	r2, r2\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #8\n\t"
-#else
-        "add	%[a], %[a], #8\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #8\n\t"
-#else
-        "add	%[b], %[b], #8\n\t"
-#endif
-        "cmp	%[a], r7\n\t"
-        "bne	L_sp_1024_sub_in_place_32_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x80\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_1024_cond_sub_32_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_1024_cond_sub_32_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x80\n\t"
-#else
-        "add	r6, r6, #0x80\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, #1\n\t"
-#else
-        "sub	r7, r7, #1\n\t"
-#endif
-        "\n"
-    "L_sp_1024_add_32_word_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r5\n\t"
-#else
-        "adc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "movs	r3, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_1024_add_32_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, #0x80\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, %[a]\n\t"
-#else
-        "add	r6, r6, %[a]\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "mov	r9, r6\n\t"
-        "movs	r3, #0\n\t"
-        "movs	r4, #0\n\t"
-        "\n"
-    "L_sp_1024_mul_d_32_%=:\n\t"
-        "movs	%[r], #0\n\t"
-        "movs	r5, #0\n\t"
-        "# A[] * B\n\t"
-        "ldrh	r6, [%[a]]\n\t"
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r7\n\t"
-#else
-        "add	r3, r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r4, %[r]\n\t"
-#else
-        "adc	r4, %[r]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "ldr	r6, [%[a]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r6, #16\n\t"
-#else
-        "lsr	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, %[b], #16\n\t"
-#else
-        "lsr	r7, %[b], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r7, r6, r7\n\t"
-#elif defined(__clang__)
-        "muls	r7, r6\n\t"
-#else
-        "mul	r7, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r7\n\t"
-#else
-        "add	r4, r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "uxth	r7, %[b]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r7, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r7\n\t"
-#else
-        "mul	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r7, r6, #16\n\t"
-#else
-        "lsr	r7, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r6, r6, #16\n\t"
-#else
-        "lsl	r6, r6, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, %[r]\n\t"
-#elif defined(__clang__)
-        "adcs	r5, %[r]\n\t"
-#else
-        "adc	r5, %[r]\n\t"
-#endif
-        "# A[] * B - Done\n\t"
-        "mov	%[r], r8\n\t"
-        "str	r3, [%[r]]\n\t"
-        "movs	r3, r4\n\t"
-        "movs	r4, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-        "mov	r8, %[r]\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_1024_mul_d_32_%=\n\t"
-        "str	r3, [%[r]]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-}
-
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    __asm__ __volatile__ (
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[div], #1\n\t"
-#else
-        "lsr	r5, %[div], #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, #1\n\t"
-#else
-        "add	r5, r5, #1\n\t"
-#endif
-        "mov	r8, %[d0]\n\t"
-        "mov	r9, %[d1]\n\t"
-        "# Do top 32\n\t"
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-        "movs	r4, #29\n\t"
-        "\n"
-    "L_div_1024_word_32_loop_%=:\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d0], %[d0], #1\n\t"
-#else
-        "lsl	%[d0], %[d0], #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	%[d1], %[d1], %[d1]\n\t"
-#elif defined(__clang__)
-        "adcs	%[d1], %[d1]\n\t"
-#else
-        "adc	%[d1], %[d1]\n\t"
-#endif
-        "movs	r6, r5\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, %[d1]\n\t"
-#else
-        "sub	r6, r6, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "ands	r6, r5\n\t"
-#else
-        "and	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r6\n\t"
-#else
-        "sub	%[d1], %[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, #1\n\t"
-#else
-        "sub	r4, r4, #1\n\t"
-#endif
-        "bpl	L_div_1024_word_32_loop_%=\n\t"
-        "movs	r7, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r3\n\t"
-#else
-        "add	r3, r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #1\n\t"
-#else
-        "add	r3, r3, #1\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[d1], %[d1], r4\n\t"
-#else
-        "sub	%[d1], %[d1], r4\n\t"
-#endif
-        "movs	r4, %[d1]\n\t"
-        "mov	%[d1], r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[d1], %[d1], r5\n\t"
-#elif defined(__clang__)
-        "sbcs	%[d1], r5\n\t"
-#else
-        "sbc	%[d1], r5\n\t"
-#endif
-        "movs	r5, %[d1]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "# r * div - Start\n\t"
-        "uxth	%[d1], r3\n\t"
-        "uxth	r4, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r4, %[d1], r4\n\t"
-#elif defined(__clang__)
-        "muls	r4, %[d1]\n\t"
-#else
-        "mul	r4, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[div], #16\n\t"
-#else
-        "lsr	r6, %[div], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, %[d1], #16\n\t"
-#else
-        "lsr	r5, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	%[d1], r3, #16\n\t"
-#else
-        "lsr	%[d1], r3, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, %[d1], r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, %[d1]\n\t"
-#else
-        "mul	r6, %[d1]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r6\n\t"
-#else
-        "add	r5, r5, r6\n\t"
-#endif
-        "uxth	r6, %[div]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	%[d1], r6, %[d1]\n\t"
-#elif defined(__clang__)
-        "muls	%[d1], r6\n\t"
-#else
-        "mul	%[d1], r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[d1], #16\n\t"
-#else
-        "lsr	r6, %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	%[d1], %[d1], #16\n\t"
-#else
-        "lsl	%[d1], %[d1], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, %[d1]\n\t"
-#else
-        "add	r4, r4, %[d1]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "# r * div - Done\n\t"
-        "mov	%[d1], r8\n\t"
-        "mov	r6, r9\n\t"
-#ifdef WOLFSSL_KEIL
-        "subs	r4, %[d1], r4\n\t"
-#else
-#ifdef __clang__
-        "subs	r4, %[d1], r4\n\t"
-#else
-        "sub	r4, %[d1], r4\n\t"
-#endif
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r5\n\t"
-#else
-        "sbc	r6, r5\n\t"
-#endif
-        "movs	r5, r6\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-        "movs	r6, %[div]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r6\n\t"
-#else
-        "sbc	r6, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r6\n\t"
-#else
-        "sub	r3, r3, r6\n\t"
-#endif
-        "movs	%[d1], r3\n\t"
-        : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
-    );
-    return (word32)(size_t)d1;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r2, #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r3, r3\n\t"
-#else
-        "mvn	r3, r3\n\t"
-#endif
-        "movs	r6, #0x7c\n\t"
-        "\n"
-    "L_sp_1024_cmp_32_words_%=:\n\t"
-        "ldr	r7, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-        "movs	r4, r7\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r2, r2, r7\n\t"
-#else
-        "add	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r2, r2, r7\n\t"
-#else
-        "sub	r2, r2, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "mvns	r7, r7\n\t"
-#else
-        "mvn	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "ands	r3, r7\n\t"
-#else
-        "and	r3, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, #4\n\t"
-#else
-        "sub	r6, r6, #4\n\t"
-#endif
-        "bge	L_sp_1024_cmp_32_words_%=\n\t"
-        "movs	%[a], r2\n\t"
-        : [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_1024_cmp_32(&t1[32], d) >= 0;
-    sp_1024_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_1024_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_1024_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_1024_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_1024_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_1024_add_32(&t1[i], &t1[i], t2);
-        sp_1024_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_1024_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_1024_cmp_32(t1, d) >= 0;
-    sp_1024_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int ret;
-    ret = sp_1024_div_32(a, m, NULL, r);
-    return ret;
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_mul_32(r, a, p1024_norm_mod);
-    return sp_1024_mod_32(r, r, m);
-}
-
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_32(heap, sp, p) sp_1024_point_new_ex_32((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_32(heap, sp, p) sp_1024_point_new_ex_32((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_32(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 32, pm->x);
-    sp_1024_from_mp(p->y, 32, pm->y);
-    sp_1024_from_mp(p->z, 32, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 32);
-        r->used = 32;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#define sp_1024_mont_reduce_order_32   sp_1024_mont_reduce_32
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "movs	r7, #0\n\t"
-        "mov	r8, %[mp]\n\t"
-        "mov	r12, r7\n\t"
-        "mov	lr, %[m]\n\t"
-        "mov	r9, %[a]\n\t"
-        "mov	r11, %[a]\n\t"
-        "movs	r5, #0x7c\n\t"
-        "movs	r6, #0x80\n\t"
-        "add	r9, r9, r5\n\t"
-        "add	r11, r11, r6\n\t"
-        "\n"
-    "L_sp_1024_mont_reduce_32_mod_%=:\n\t"
-        "movs	r7, #0\n\t"
-        "movs	r4, #0\n\t"
-        "# a[i] += m[0] * mu\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "# mu = a[i] * mp\n\t"
-        "mov	r5, r8\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r3, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r3\n\t"
-#else
-        "mul	r5, r3\n\t"
-#endif
-        "mov	r10, r5\n\t"
-        "# Multiply m[0] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[0] and mu - Done\n\t"
-        "\n"
-    "L_sp_1024_mont_reduce_32_word_%=:\n\t"
-        "# a[i+j] += m[j] * mu\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldm	%[m]!, {%[mp]}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r4\n\t"
-#else
-        "add	r3, r3, r4\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-        "# Multiply m[j] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r7\n\t"
-#else
-        "adc	r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r5\n\t"
-#else
-        "add	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-        "# Multiply m[j] and mu - Done\n\t"
-        "stm	%[a]!, {r3}\n\t"
-        "cmp	%[a], r9\n\t"
-        "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
-        "# a[i+31] += m[31] * mu\n\t"
-        "ldr	%[mp], [%[m]]\n\t"
-        "mov	r3, r12\n\t"
-        "# Multiply m[31] and mu - Start\n\t"
-        "mov	r5, r10\n\t"
-        "uxth	r6, %[mp]\n\t"
-        "uxth	r5, r5\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r7\n\t"
-#else
-        "adc	r3, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "mov	r5, r10\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, %[mp], #16\n\t"
-#else
-        "lsr	r6, %[mp], #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r5, r5, #16\n\t"
-#else
-        "lsr	r5, r5, #16\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "muls	r6, r5, r6\n\t"
-#elif defined(__clang__)
-        "muls	r6, r5\n\t"
-#else
-        "mul	r6, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, r6\n\t"
-#else
-        "add	r3, r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "uxth	r6, %[mp]\n\t"
-#ifdef WOLFSSL_KEIL
-        "muls	r5, r6, r5\n\t"
-#elif defined(__clang__)
-        "muls	r5, r6\n\t"
-#else
-        "mul	r5, r6\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r6, r5, #16\n\t"
-#else
-        "lsr	r6, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r5, #16\n\t"
-#else
-        "lsl	r5, r5, #16\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r5\n\t"
-#else
-        "add	r4, r4, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r6\n\t"
-#else
-        "adc	r3, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "# Multiply m[31] and mu - Done\n\t"
-        "ldr	r5, [%[a]]\n\t"
-        "ldr	r6, [%[a], #4]\n\t"
-        "movs	%[mp], #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r3\n\t"
-#else
-        "adc	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, %[mp]\n\t"
-#elif defined(__clang__)
-        "adcs	r7, %[mp]\n\t"
-#else
-        "adc	r7, %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5, r6}\n\t"
-        "# i += 1\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], #4\n\t"
-#else
-        "sub	%[a], %[a], #4\n\t"
-#endif
-        "movs	r3, #0x7c\n\t"
-        "mov	r9, %[a]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r3\n\t"
-#else
-        "sub	%[a], %[a], r3\n\t"
-#endif
-        "mov	r12, r7\n\t"
-        "mov	%[m], lr\n\t"
-        "cmp	r11, %[a]\n\t"
-        "bgt	L_sp_1024_mont_reduce_32_mod_%=\n\t"
-        "ldr	r5, [%[m], #124]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r7, r7\n\t"
-#else
-        "neg	r7, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r5\n\t"
-#else
-        "sbc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r7, r5\n\t"
-#else
-        "orr	r7, r5\n\t"
-#endif
-        "# Subtract masked modulus\n\t"
-        "movs	r4, #0x80\n\t"
-        "movs	%[mp], #0\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	%[a], %[a], r4\n\t"
-#else
-        "sub	%[a], %[a], r4\n\t"
-#endif
-#ifndef WOLFSSL_SP_LARGE_CODE
-        "\n"
-    "L_sp_1024_mont_reduce_32_sub_mask_%=:\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-        "movs	r5, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, %[mp]\n\t"
-#else
-        "sub	r5, r5, %[mp]\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[mp], %[mp], %[mp]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[mp], %[mp]\n\t"
-#else
-        "sbc	%[mp], %[mp]\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r3, r3, #4\n\t"
-#else
-        "add	r3, r3, #4\n\t"
-#endif
-        "cmp	r3, r4\n\t"
-        "blt	L_sp_1024_mont_reduce_32_sub_mask_%=\n\t"
-#else /* WOLFSSL_SP_LARGE_CODE */
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r6\n\t"
-#else
-        "sub	r5, r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-        "ldm	%[m]!, {r6}\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r7\n\t"
-#elif defined(__clang__)
-        "ands	r6, r7\n\t"
-#else
-        "and	r6, r7\n\t"
-#endif
-        "ldr	r5, [%[a], r4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-        "stm	%[a]!, {r5}\n\t"
-#endif /* WOLFSSL_SP_LARGE_CODE */
-        : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
-    );
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_32(r, a, b);
-    sp_1024_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_32(r, a);
-    sp_1024_mont_reduce_32(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 32];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 32 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 32);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_32(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_32(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 32);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_32(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_32(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_32(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_1024_norm_32(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_int32 n;
-
-    sp_1024_mont_inv_32(t1, p->z, t + 2*32);
-
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_32(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 32, 0, sizeof(sp_digit) * 32U);
-    sp_1024_mont_reduce_32(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_32(r->x, p1024_mod);
-    sp_1024_cond_sub_32(r->x, r->x, p1024_mod, (sp_digit)~(n >> 31));
-    sp_1024_norm_32(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_32(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 32, 0, sizeof(sp_digit) * 32U);
-    sp_1024_mont_reduce_32(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_32(r->y, p1024_mod);
-    sp_1024_cond_sub_32(r->y, r->y, p1024_mod, (sp_digit)~(n >> 31));
-    sp_1024_norm_32(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[b], #8]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[b], #16]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[b], #24]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[b], #32]\n\t"
-        "ldr	r7, [%[b], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "ldr	r6, [%[b], #40]\n\t"
-        "ldr	r7, [%[b], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "ldr	r6, [%[b], #48]\n\t"
-        "ldr	r7, [%[b], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "ldr	r6, [%[b], #56]\n\t"
-        "ldr	r7, [%[b], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "ldr	r5, [%[a], #68]\n\t"
-        "ldr	r6, [%[b], #64]\n\t"
-        "ldr	r7, [%[b], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[a], #72]\n\t"
-        "ldr	r5, [%[a], #76]\n\t"
-        "ldr	r6, [%[b], #72]\n\t"
-        "ldr	r7, [%[b], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "ldr	r6, [%[b], #80]\n\t"
-        "ldr	r7, [%[b], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[a], #88]\n\t"
-        "ldr	r5, [%[a], #92]\n\t"
-        "ldr	r6, [%[b], #88]\n\t"
-        "ldr	r7, [%[b], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[a], #96]\n\t"
-        "ldr	r5, [%[a], #100]\n\t"
-        "ldr	r6, [%[b], #96]\n\t"
-        "ldr	r7, [%[b], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "ldr	r5, [%[a], #108]\n\t"
-        "ldr	r6, [%[b], #104]\n\t"
-        "ldr	r7, [%[b], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "ldr	r5, [%[a], #116]\n\t"
-        "ldr	r6, [%[b], #112]\n\t"
-        "ldr	r7, [%[b], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[a], #120]\n\t"
-        "ldr	r5, [%[a], #124]\n\t"
-        "ldr	r6, [%[b], #120]\n\t"
-        "ldr	r7, [%[b], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        "movs	%[b], #0\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[b], %[b], %[b]\n\t"
-#elif defined(__clang__)
-        "adcs	%[b], %[b]\n\t"
-#else
-        "adc	%[b], %[b]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r7, r7, r5\n\t"
-#else
-        "sub	r7, r7, r5\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	%[b], %[b]\n\t"
-#else
-        "neg	%[b], %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r7\n\t"
-#else
-        "sbc	r7, r7\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	%[b], %[b], r7\n\t"
-#elif defined(__clang__)
-        "orrs	%[b], r7\n\t"
-#else
-        "orr	%[b], r7\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[r], #32]\n\t"
-        "ldr	r5, [%[r], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[r], #40]\n\t"
-        "ldr	r5, [%[r], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[r], #48]\n\t"
-        "ldr	r5, [%[r], #52]\n\t"
-        "ldr	r6, [%[m], #48]\n\t"
-        "ldr	r7, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[r], #56]\n\t"
-        "ldr	r5, [%[r], #60]\n\t"
-        "ldr	r6, [%[m], #56]\n\t"
-        "ldr	r7, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[r], #64]\n\t"
-        "ldr	r5, [%[r], #68]\n\t"
-        "ldr	r6, [%[m], #64]\n\t"
-        "ldr	r7, [%[m], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[r], #72]\n\t"
-        "ldr	r5, [%[r], #76]\n\t"
-        "ldr	r6, [%[m], #72]\n\t"
-        "ldr	r7, [%[m], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[r], #80]\n\t"
-        "ldr	r5, [%[r], #84]\n\t"
-        "ldr	r6, [%[m], #80]\n\t"
-        "ldr	r7, [%[m], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[r], #88]\n\t"
-        "ldr	r5, [%[r], #92]\n\t"
-        "ldr	r6, [%[m], #88]\n\t"
-        "ldr	r7, [%[m], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[r], #96]\n\t"
-        "ldr	r5, [%[r], #100]\n\t"
-        "ldr	r6, [%[m], #96]\n\t"
-        "ldr	r7, [%[m], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[r], #104]\n\t"
-        "ldr	r5, [%[r], #108]\n\t"
-        "ldr	r6, [%[m], #104]\n\t"
-        "ldr	r7, [%[m], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[r], #112]\n\t"
-        "ldr	r5, [%[r], #116]\n\t"
-        "ldr	r6, [%[m], #112]\n\t"
-        "ldr	r7, [%[m], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[r], #120]\n\t"
-        "ldr	r5, [%[r], #124]\n\t"
-        "ldr	r6, [%[m], #120]\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r4\n\t"
-#else
-        "add	r4, r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "str	r6, [%[r], #24]\n\t"
-        "str	r7, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[a], #40]\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "str	r6, [%[r], #40]\n\t"
-        "str	r7, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "ldr	r6, [%[a], #56]\n\t"
-        "ldr	r7, [%[a], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "str	r6, [%[r], #56]\n\t"
-        "str	r7, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "ldr	r5, [%[a], #68]\n\t"
-        "ldr	r6, [%[a], #72]\n\t"
-        "ldr	r7, [%[a], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "str	r6, [%[r], #72]\n\t"
-        "str	r7, [%[r], #76]\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "ldr	r6, [%[a], #88]\n\t"
-        "ldr	r7, [%[a], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "str	r6, [%[r], #88]\n\t"
-        "str	r7, [%[r], #92]\n\t"
-        "ldr	r4, [%[a], #96]\n\t"
-        "ldr	r5, [%[a], #100]\n\t"
-        "ldr	r6, [%[a], #104]\n\t"
-        "ldr	r7, [%[a], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "str	r6, [%[r], #104]\n\t"
-        "str	r7, [%[r], #108]\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "ldr	r5, [%[a], #116]\n\t"
-        "ldr	r6, [%[a], #120]\n\t"
-        "ldr	r7, [%[a], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "str	r6, [%[r], #120]\n\t"
-        "str	r7, [%[r], #124]\n\t"
-        "movs	r3, #0\n\t"
-        "ldr	r4, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r7\n\t"
-#else
-        "sub	r4, r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r3, r3\n\t"
-#else
-        "neg	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r4\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r4\n\t"
-#else
-        "orr	r3, r4\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[r], #32]\n\t"
-        "ldr	r5, [%[r], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[r], #40]\n\t"
-        "ldr	r5, [%[r], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[r], #48]\n\t"
-        "ldr	r5, [%[r], #52]\n\t"
-        "ldr	r6, [%[m], #48]\n\t"
-        "ldr	r7, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[r], #56]\n\t"
-        "ldr	r5, [%[r], #60]\n\t"
-        "ldr	r6, [%[m], #56]\n\t"
-        "ldr	r7, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[r], #64]\n\t"
-        "ldr	r5, [%[r], #68]\n\t"
-        "ldr	r6, [%[m], #64]\n\t"
-        "ldr	r7, [%[m], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[r], #72]\n\t"
-        "ldr	r5, [%[r], #76]\n\t"
-        "ldr	r6, [%[m], #72]\n\t"
-        "ldr	r7, [%[m], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[r], #80]\n\t"
-        "ldr	r5, [%[r], #84]\n\t"
-        "ldr	r6, [%[m], #80]\n\t"
-        "ldr	r7, [%[m], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[r], #88]\n\t"
-        "ldr	r5, [%[r], #92]\n\t"
-        "ldr	r6, [%[m], #88]\n\t"
-        "ldr	r7, [%[m], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[r], #96]\n\t"
-        "ldr	r5, [%[r], #100]\n\t"
-        "ldr	r6, [%[m], #96]\n\t"
-        "ldr	r7, [%[m], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[r], #104]\n\t"
-        "ldr	r5, [%[r], #108]\n\t"
-        "ldr	r6, [%[m], #104]\n\t"
-        "ldr	r7, [%[m], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[r], #112]\n\t"
-        "ldr	r5, [%[r], #116]\n\t"
-        "ldr	r6, [%[m], #112]\n\t"
-        "ldr	r7, [%[m], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[r], #120]\n\t"
-        "ldr	r5, [%[r], #124]\n\t"
-        "ldr	r6, [%[m], #120]\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r4\n\t"
-#else
-        "add	r4, r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "str	r6, [%[r], #24]\n\t"
-        "str	r7, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[a], #40]\n\t"
-        "ldr	r7, [%[a], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "str	r6, [%[r], #40]\n\t"
-        "str	r7, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "ldr	r6, [%[a], #56]\n\t"
-        "ldr	r7, [%[a], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "str	r6, [%[r], #56]\n\t"
-        "str	r7, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "ldr	r5, [%[a], #68]\n\t"
-        "ldr	r6, [%[a], #72]\n\t"
-        "ldr	r7, [%[a], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "str	r6, [%[r], #72]\n\t"
-        "str	r7, [%[r], #76]\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "ldr	r6, [%[a], #88]\n\t"
-        "ldr	r7, [%[a], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "str	r6, [%[r], #88]\n\t"
-        "str	r7, [%[r], #92]\n\t"
-        "ldr	r4, [%[a], #96]\n\t"
-        "ldr	r5, [%[a], #100]\n\t"
-        "ldr	r6, [%[a], #104]\n\t"
-        "ldr	r7, [%[a], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "str	r6, [%[r], #104]\n\t"
-        "str	r7, [%[r], #108]\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "ldr	r5, [%[a], #116]\n\t"
-        "ldr	r6, [%[a], #120]\n\t"
-        "ldr	r7, [%[a], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r5\n\t"
-#else
-        "adc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r6\n\t"
-#else
-        "adc	r6, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r7\n\t"
-#else
-        "adc	r7, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "str	r6, [%[r], #120]\n\t"
-        "str	r7, [%[r], #124]\n\t"
-        "movs	r3, #0\n\t"
-        "ldr	r4, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r7\n\t"
-#else
-        "sub	r4, r4, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r3, r3\n\t"
-#else
-        "neg	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r4\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r4\n\t"
-#else
-        "orr	r3, r4\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[r], #32]\n\t"
-        "ldr	r5, [%[r], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[r], #40]\n\t"
-        "ldr	r5, [%[r], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[r], #48]\n\t"
-        "ldr	r5, [%[r], #52]\n\t"
-        "ldr	r6, [%[m], #48]\n\t"
-        "ldr	r7, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[r], #56]\n\t"
-        "ldr	r5, [%[r], #60]\n\t"
-        "ldr	r6, [%[m], #56]\n\t"
-        "ldr	r7, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[r], #64]\n\t"
-        "ldr	r5, [%[r], #68]\n\t"
-        "ldr	r6, [%[m], #64]\n\t"
-        "ldr	r7, [%[m], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[r], #72]\n\t"
-        "ldr	r5, [%[r], #76]\n\t"
-        "ldr	r6, [%[m], #72]\n\t"
-        "ldr	r7, [%[m], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[r], #80]\n\t"
-        "ldr	r5, [%[r], #84]\n\t"
-        "ldr	r6, [%[m], #80]\n\t"
-        "ldr	r7, [%[m], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[r], #88]\n\t"
-        "ldr	r5, [%[r], #92]\n\t"
-        "ldr	r6, [%[m], #88]\n\t"
-        "ldr	r7, [%[m], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[r], #96]\n\t"
-        "ldr	r5, [%[r], #100]\n\t"
-        "ldr	r6, [%[m], #96]\n\t"
-        "ldr	r7, [%[m], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[r], #104]\n\t"
-        "ldr	r5, [%[r], #108]\n\t"
-        "ldr	r6, [%[m], #104]\n\t"
-        "ldr	r7, [%[m], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[r], #112]\n\t"
-        "ldr	r5, [%[r], #116]\n\t"
-        "ldr	r6, [%[m], #112]\n\t"
-        "ldr	r7, [%[m], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[r], #120]\n\t"
-        "ldr	r5, [%[r], #124]\n\t"
-        "ldr	r6, [%[m], #120]\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, r3\n\t"
-#elif defined(__clang__)
-        "ands	r6, r3\n\t"
-#else
-        "and	r6, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, r3\n\t"
-#elif defined(__clang__)
-        "ands	r7, r3\n\t"
-#else
-        "and	r7, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[r]]\n\t"
-        "ldr	r7, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, r4\n\t"
-#else
-        "add	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r]]\n\t"
-        "str	r7, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[r], #16]\n\t"
-        "ldr	r7, [%[r], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #16]\n\t"
-        "str	r7, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[r], #24]\n\t"
-        "ldr	r7, [%[r], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #24]\n\t"
-        "str	r7, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[r], #32]\n\t"
-        "ldr	r7, [%[r], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #32]\n\t"
-        "str	r7, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "ldr	r6, [%[r], #40]\n\t"
-        "ldr	r7, [%[r], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #40]\n\t"
-        "str	r7, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "ldr	r6, [%[r], #48]\n\t"
-        "ldr	r7, [%[r], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #48]\n\t"
-        "str	r7, [%[r], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "ldr	r6, [%[r], #56]\n\t"
-        "ldr	r7, [%[r], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #56]\n\t"
-        "str	r7, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "ldr	r5, [%[a], #68]\n\t"
-        "ldr	r6, [%[r], #64]\n\t"
-        "ldr	r7, [%[r], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #64]\n\t"
-        "str	r7, [%[r], #68]\n\t"
-        "ldr	r4, [%[a], #72]\n\t"
-        "ldr	r5, [%[a], #76]\n\t"
-        "ldr	r6, [%[r], #72]\n\t"
-        "ldr	r7, [%[r], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #72]\n\t"
-        "str	r7, [%[r], #76]\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "ldr	r6, [%[r], #80]\n\t"
-        "ldr	r7, [%[r], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #80]\n\t"
-        "str	r7, [%[r], #84]\n\t"
-        "ldr	r4, [%[a], #88]\n\t"
-        "ldr	r5, [%[a], #92]\n\t"
-        "ldr	r6, [%[r], #88]\n\t"
-        "ldr	r7, [%[r], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #88]\n\t"
-        "str	r7, [%[r], #92]\n\t"
-        "ldr	r4, [%[a], #96]\n\t"
-        "ldr	r5, [%[a], #100]\n\t"
-        "ldr	r6, [%[r], #96]\n\t"
-        "ldr	r7, [%[r], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #96]\n\t"
-        "str	r7, [%[r], #100]\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "ldr	r5, [%[a], #108]\n\t"
-        "ldr	r6, [%[r], #104]\n\t"
-        "ldr	r7, [%[r], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #104]\n\t"
-        "str	r7, [%[r], #108]\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "ldr	r5, [%[a], #116]\n\t"
-        "ldr	r6, [%[r], #112]\n\t"
-        "ldr	r7, [%[r], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #112]\n\t"
-        "str	r7, [%[r], #116]\n\t"
-        "ldr	r4, [%[a], #120]\n\t"
-        "ldr	r5, [%[a], #124]\n\t"
-        "ldr	r6, [%[r], #120]\n\t"
-        "ldr	r7, [%[r], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r6, r4\n\t"
-#else
-        "adc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "adcs	r7, r5\n\t"
-#else
-        "adc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #120]\n\t"
-        "str	r7, [%[r], #124]\n\t"
-        "movs	r3, #0\n\t"
-        "ldr	r5, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "adcs	r3, r3\n\t"
-#else
-        "adc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r7\n\t"
-#else
-        "sub	r5, r5, r7\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "negs	r3, r3\n\t"
-#else
-        "neg	r3, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r5\n\t"
-#else
-        "sbc	r5, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r6, [%[r]]\n\t"
-        "ldr	r7, [%[r], #4]\n\t"
-        "ldr	r4, [%[m]]\n\t"
-        "ldr	r5, [%[m], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r6, r6, r4\n\t"
-#else
-        "sub	r6, r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r]]\n\t"
-        "str	r7, [%[r], #4]\n\t"
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-        "ldr	r4, [%[m], #8]\n\t"
-        "ldr	r5, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-        "ldr	r6, [%[r], #16]\n\t"
-        "ldr	r7, [%[r], #20]\n\t"
-        "ldr	r4, [%[m], #16]\n\t"
-        "ldr	r5, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #16]\n\t"
-        "str	r7, [%[r], #20]\n\t"
-        "ldr	r6, [%[r], #24]\n\t"
-        "ldr	r7, [%[r], #28]\n\t"
-        "ldr	r4, [%[m], #24]\n\t"
-        "ldr	r5, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #24]\n\t"
-        "str	r7, [%[r], #28]\n\t"
-        "ldr	r6, [%[r], #32]\n\t"
-        "ldr	r7, [%[r], #36]\n\t"
-        "ldr	r4, [%[m], #32]\n\t"
-        "ldr	r5, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #32]\n\t"
-        "str	r7, [%[r], #36]\n\t"
-        "ldr	r6, [%[r], #40]\n\t"
-        "ldr	r7, [%[r], #44]\n\t"
-        "ldr	r4, [%[m], #40]\n\t"
-        "ldr	r5, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #40]\n\t"
-        "str	r7, [%[r], #44]\n\t"
-        "ldr	r6, [%[r], #48]\n\t"
-        "ldr	r7, [%[r], #52]\n\t"
-        "ldr	r4, [%[m], #48]\n\t"
-        "ldr	r5, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #48]\n\t"
-        "str	r7, [%[r], #52]\n\t"
-        "ldr	r6, [%[r], #56]\n\t"
-        "ldr	r7, [%[r], #60]\n\t"
-        "ldr	r4, [%[m], #56]\n\t"
-        "ldr	r5, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #56]\n\t"
-        "str	r7, [%[r], #60]\n\t"
-        "ldr	r6, [%[r], #64]\n\t"
-        "ldr	r7, [%[r], #68]\n\t"
-        "ldr	r4, [%[m], #64]\n\t"
-        "ldr	r5, [%[m], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #64]\n\t"
-        "str	r7, [%[r], #68]\n\t"
-        "ldr	r6, [%[r], #72]\n\t"
-        "ldr	r7, [%[r], #76]\n\t"
-        "ldr	r4, [%[m], #72]\n\t"
-        "ldr	r5, [%[m], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #72]\n\t"
-        "str	r7, [%[r], #76]\n\t"
-        "ldr	r6, [%[r], #80]\n\t"
-        "ldr	r7, [%[r], #84]\n\t"
-        "ldr	r4, [%[m], #80]\n\t"
-        "ldr	r5, [%[m], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #80]\n\t"
-        "str	r7, [%[r], #84]\n\t"
-        "ldr	r6, [%[r], #88]\n\t"
-        "ldr	r7, [%[r], #92]\n\t"
-        "ldr	r4, [%[m], #88]\n\t"
-        "ldr	r5, [%[m], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #88]\n\t"
-        "str	r7, [%[r], #92]\n\t"
-        "ldr	r6, [%[r], #96]\n\t"
-        "ldr	r7, [%[r], #100]\n\t"
-        "ldr	r4, [%[m], #96]\n\t"
-        "ldr	r5, [%[m], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #96]\n\t"
-        "str	r7, [%[r], #100]\n\t"
-        "ldr	r6, [%[r], #104]\n\t"
-        "ldr	r7, [%[r], #108]\n\t"
-        "ldr	r4, [%[m], #104]\n\t"
-        "ldr	r5, [%[m], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #104]\n\t"
-        "str	r7, [%[r], #108]\n\t"
-        "ldr	r6, [%[r], #112]\n\t"
-        "ldr	r7, [%[r], #116]\n\t"
-        "ldr	r4, [%[m], #112]\n\t"
-        "ldr	r5, [%[m], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #112]\n\t"
-        "str	r7, [%[r], #116]\n\t"
-        "ldr	r6, [%[r], #120]\n\t"
-        "ldr	r7, [%[r], #124]\n\t"
-        "ldr	r4, [%[m], #120]\n\t"
-        "ldr	r5, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r4, r4, r3\n\t"
-#elif defined(__clang__)
-        "ands	r4, r3\n\t"
-#else
-        "and	r4, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r5, r5, r3\n\t"
-#elif defined(__clang__)
-        "ands	r5, r3\n\t"
-#else
-        "and	r5, r3\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r6, r6, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r6, r4\n\t"
-#else
-        "sbc	r6, r4\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r7, r7, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r7, r5\n\t"
-#else
-        "sbc	r7, r5\n\t"
-#endif
-        "str	r6, [%[r], #120]\n\t"
-        "str	r7, [%[r], #124]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "ldr	r7, [%[b], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r4, r4, r6\n\t"
-#else
-        "sub	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-        "ldr	r6, [%[b], #8]\n\t"
-        "ldr	r7, [%[b], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-        "ldr	r6, [%[b], #16]\n\t"
-        "ldr	r7, [%[b], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-        "ldr	r6, [%[b], #24]\n\t"
-        "ldr	r7, [%[b], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "ldr	r5, [%[a], #36]\n\t"
-        "ldr	r6, [%[b], #32]\n\t"
-        "ldr	r7, [%[b], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "ldr	r5, [%[a], #44]\n\t"
-        "ldr	r6, [%[b], #40]\n\t"
-        "ldr	r7, [%[b], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "ldr	r5, [%[a], #52]\n\t"
-        "ldr	r6, [%[b], #48]\n\t"
-        "ldr	r7, [%[b], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "ldr	r5, [%[a], #60]\n\t"
-        "ldr	r6, [%[b], #56]\n\t"
-        "ldr	r7, [%[b], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "ldr	r5, [%[a], #68]\n\t"
-        "ldr	r6, [%[b], #64]\n\t"
-        "ldr	r7, [%[b], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[a], #72]\n\t"
-        "ldr	r5, [%[a], #76]\n\t"
-        "ldr	r6, [%[b], #72]\n\t"
-        "ldr	r7, [%[b], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "ldr	r5, [%[a], #84]\n\t"
-        "ldr	r6, [%[b], #80]\n\t"
-        "ldr	r7, [%[b], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[a], #88]\n\t"
-        "ldr	r5, [%[a], #92]\n\t"
-        "ldr	r6, [%[b], #88]\n\t"
-        "ldr	r7, [%[b], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[a], #96]\n\t"
-        "ldr	r5, [%[a], #100]\n\t"
-        "ldr	r6, [%[b], #96]\n\t"
-        "ldr	r7, [%[b], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "ldr	r5, [%[a], #108]\n\t"
-        "ldr	r6, [%[b], #104]\n\t"
-        "ldr	r7, [%[b], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "ldr	r5, [%[a], #116]\n\t"
-        "ldr	r6, [%[b], #112]\n\t"
-        "ldr	r7, [%[b], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[a], #120]\n\t"
-        "ldr	r5, [%[a], #124]\n\t"
-        "ldr	r6, [%[b], #120]\n\t"
-        "ldr	r7, [%[b], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r7\n\t"
-#else
-        "sbc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[b], %[b], %[b]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[b], %[b]\n\t"
-#else
-        "sbc	%[b], %[b]\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[r], #32]\n\t"
-        "ldr	r5, [%[r], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[r], #40]\n\t"
-        "ldr	r5, [%[r], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[r], #48]\n\t"
-        "ldr	r5, [%[r], #52]\n\t"
-        "ldr	r6, [%[m], #48]\n\t"
-        "ldr	r7, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[r], #56]\n\t"
-        "ldr	r5, [%[r], #60]\n\t"
-        "ldr	r6, [%[m], #56]\n\t"
-        "ldr	r7, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[r], #64]\n\t"
-        "ldr	r5, [%[r], #68]\n\t"
-        "ldr	r6, [%[m], #64]\n\t"
-        "ldr	r7, [%[m], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[r], #72]\n\t"
-        "ldr	r5, [%[r], #76]\n\t"
-        "ldr	r6, [%[m], #72]\n\t"
-        "ldr	r7, [%[m], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[r], #80]\n\t"
-        "ldr	r5, [%[r], #84]\n\t"
-        "ldr	r6, [%[m], #80]\n\t"
-        "ldr	r7, [%[m], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[r], #88]\n\t"
-        "ldr	r5, [%[r], #92]\n\t"
-        "ldr	r6, [%[m], #88]\n\t"
-        "ldr	r7, [%[m], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[r], #96]\n\t"
-        "ldr	r5, [%[r], #100]\n\t"
-        "ldr	r6, [%[m], #96]\n\t"
-        "ldr	r7, [%[m], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[r], #104]\n\t"
-        "ldr	r5, [%[r], #108]\n\t"
-        "ldr	r6, [%[m], #104]\n\t"
-        "ldr	r7, [%[m], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[r], #112]\n\t"
-        "ldr	r5, [%[r], #116]\n\t"
-        "ldr	r6, [%[m], #112]\n\t"
-        "ldr	r7, [%[m], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[r], #120]\n\t"
-        "ldr	r5, [%[r], #124]\n\t"
-        "ldr	r6, [%[m], #120]\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        "movs	r6, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	%[b], %[b], r6\n\t"
-#elif defined(__clang__)
-        "adcs	%[b], r6\n\t"
-#else
-        "adc	%[b], r6\n\t"
-#endif
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-        "ldr	r6, [%[m]]\n\t"
-        "ldr	r7, [%[m], #4]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r4, r4, r6\n\t"
-#else
-        "add	r4, r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-        "ldr	r6, [%[m], #8]\n\t"
-        "ldr	r7, [%[m], #12]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-        "ldr	r6, [%[m], #16]\n\t"
-        "ldr	r7, [%[m], #20]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-        "ldr	r6, [%[m], #24]\n\t"
-        "ldr	r7, [%[m], #28]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-        "ldr	r4, [%[r], #32]\n\t"
-        "ldr	r5, [%[r], #36]\n\t"
-        "ldr	r6, [%[m], #32]\n\t"
-        "ldr	r7, [%[m], #36]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #32]\n\t"
-        "str	r5, [%[r], #36]\n\t"
-        "ldr	r4, [%[r], #40]\n\t"
-        "ldr	r5, [%[r], #44]\n\t"
-        "ldr	r6, [%[m], #40]\n\t"
-        "ldr	r7, [%[m], #44]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #40]\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "ldr	r4, [%[r], #48]\n\t"
-        "ldr	r5, [%[r], #52]\n\t"
-        "ldr	r6, [%[m], #48]\n\t"
-        "ldr	r7, [%[m], #52]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #48]\n\t"
-        "str	r5, [%[r], #52]\n\t"
-        "ldr	r4, [%[r], #56]\n\t"
-        "ldr	r5, [%[r], #60]\n\t"
-        "ldr	r6, [%[m], #56]\n\t"
-        "ldr	r7, [%[m], #60]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #56]\n\t"
-        "str	r5, [%[r], #60]\n\t"
-        "ldr	r4, [%[r], #64]\n\t"
-        "ldr	r5, [%[r], #68]\n\t"
-        "ldr	r6, [%[m], #64]\n\t"
-        "ldr	r7, [%[m], #68]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #64]\n\t"
-        "str	r5, [%[r], #68]\n\t"
-        "ldr	r4, [%[r], #72]\n\t"
-        "ldr	r5, [%[r], #76]\n\t"
-        "ldr	r6, [%[m], #72]\n\t"
-        "ldr	r7, [%[m], #76]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #72]\n\t"
-        "str	r5, [%[r], #76]\n\t"
-        "ldr	r4, [%[r], #80]\n\t"
-        "ldr	r5, [%[r], #84]\n\t"
-        "ldr	r6, [%[m], #80]\n\t"
-        "ldr	r7, [%[m], #84]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #80]\n\t"
-        "str	r5, [%[r], #84]\n\t"
-        "ldr	r4, [%[r], #88]\n\t"
-        "ldr	r5, [%[r], #92]\n\t"
-        "ldr	r6, [%[m], #88]\n\t"
-        "ldr	r7, [%[m], #92]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #88]\n\t"
-        "str	r5, [%[r], #92]\n\t"
-        "ldr	r4, [%[r], #96]\n\t"
-        "ldr	r5, [%[r], #100]\n\t"
-        "ldr	r6, [%[m], #96]\n\t"
-        "ldr	r7, [%[m], #100]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #96]\n\t"
-        "str	r5, [%[r], #100]\n\t"
-        "ldr	r4, [%[r], #104]\n\t"
-        "ldr	r5, [%[r], #108]\n\t"
-        "ldr	r6, [%[m], #104]\n\t"
-        "ldr	r7, [%[m], #108]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #104]\n\t"
-        "str	r5, [%[r], #108]\n\t"
-        "ldr	r4, [%[r], #112]\n\t"
-        "ldr	r5, [%[r], #116]\n\t"
-        "ldr	r6, [%[m], #112]\n\t"
-        "ldr	r7, [%[m], #116]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #112]\n\t"
-        "str	r5, [%[r], #116]\n\t"
-        "ldr	r4, [%[r], #120]\n\t"
-        "ldr	r5, [%[r], #124]\n\t"
-        "ldr	r6, [%[m], #120]\n\t"
-        "ldr	r7, [%[m], #124]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[b]\n\t"
-#else
-        "and	r6, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "ands	r7, r7, %[b]\n\t"
-#elif defined(__clang__)
-        "ands	r7, %[b]\n\t"
-#else
-        "and	r7, %[b]\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r6\n\t"
-#else
-        "adc	r4, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r7\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r7\n\t"
-#else
-        "adc	r5, r7\n\t"
-#endif
-        "str	r4, [%[r], #120]\n\t"
-        "str	r5, [%[r], #124]\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "cc"
-    );
-}
-
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x80\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_1024_cond_add_32_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_1024_cond_add_32_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Right shift a by 1 bit into r. (r = a >> 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
-{
-    __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r]]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #68]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #72]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #76]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #80]\n\t"
-        "str	r2, [%[r], #72]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #84]\n\t"
-        "str	r3, [%[r], #76]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #88]\n\t"
-        "str	r4, [%[r], #80]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #92]\n\t"
-        "str	r2, [%[r], #84]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #96]\n\t"
-        "str	r3, [%[r], #88]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #100]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #104]\n\t"
-        "str	r2, [%[r], #96]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #108]\n\t"
-        "str	r3, [%[r], #100]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #112]\n\t"
-        "str	r4, [%[r], #104]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "ldr	r4, [%[a], #116]\n\t"
-        "str	r2, [%[r], #108]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r4, #31\n\t"
-#else
-        "lsl	r5, r4, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r4, r4, #1\n\t"
-#else
-        "lsr	r4, r4, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r3, r5\n\t"
-#else
-        "orr	r3, r5\n\t"
-#endif
-        "ldr	r2, [%[a], #120]\n\t"
-        "str	r3, [%[r], #112]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r2, #31\n\t"
-#else
-        "lsl	r5, r2, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r2, r2, #1\n\t"
-#else
-        "lsr	r2, r2, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r4, r5\n\t"
-#else
-        "orr	r4, r5\n\t"
-#endif
-        "ldr	r3, [%[a], #124]\n\t"
-        "str	r4, [%[r], #116]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsls	r5, r3, #31\n\t"
-#else
-        "lsl	r5, r3, #31\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "lsrs	r3, r3, #1\n\t"
-#else
-        "lsr	r3, r3, #1\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "orrs	r2, r2, r5\n\t"
-#elif defined(__clang__)
-        "orrs	r2, r5\n\t"
-#else
-        "orr	r2, r5\n\t"
-#endif
-        "str	r2, [%[r], #120]\n\t"
-        "str	r3, [%[r], #124]\n\t"
-        : [r] "+l" (r), [a] "+l" (a)
-        :
-        : "memory", "r2", "r3", "r4", "r5", "cc"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-SP_NOINLINE static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_1024_cond_add_32(r, a, m, 0 - (a[0] & 1));
-    sp_1024_rshift1_32(r, r);
-    r[31] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_32(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_32(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_32(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_32(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_32(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_32(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_32(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_32(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_32(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_32(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_32(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_32(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_32(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_32(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_32_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_32_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_32_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*32;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_32(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_32(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_32(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_32(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_32(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_32(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_32(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_32(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_32(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_32(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_32(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_32(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_32(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16]) | (a[17] ^ b[17]) |
-            (a[18] ^ b[18]) | (a[19] ^ b[19]) | (a[20] ^ b[20]) |
-            (a[21] ^ b[21]) | (a[22] ^ b[22]) | (a[23] ^ b[23]) |
-            (a[24] ^ b[24]) | (a[25] ^ b[25]) | (a[26] ^ b[26]) |
-            (a[27] ^ b[27]) | (a[28] ^ b[28]) | (a[29] ^ b[29]) |
-            (a[30] ^ b[30]) | (a[31] ^ b[31])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_32(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16] | a[17] | a[18] | a[19] | a[20] | a[21] | a[22] | a[23] |
-            a[24] | a[25] | a[26] | a[27] | a[28] | a[29] | a[30] | a[31]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_32(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*32;
-    sp_digit* t2 = t + 4*32;
-    sp_digit* t3 = t + 6*32;
-    sp_digit* t4 = t + 8*32;
-    sp_digit* t5 = t + 10*32;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_32(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_32(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_32(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_32(t2, t1) &
-            sp_1024_cmp_equal_32(t4, t3)) {
-        sp_1024_proj_point_dbl_32(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_32(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_32(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_32(t3, y, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_32(y, y, x, p1024_mod);
-        sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_32_ctx {
-    int state;
-    sp_1024_proj_point_dbl_32_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_32_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_32_ctx* ctx = (sp_1024_proj_point_add_32_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_32_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*32;
-        ctx->t2 = t + 4*32;
-        ctx->t3 = t + 6*32;
-        ctx->t4 = t + 8*32;
-        ctx->t5 = t + 10*32;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_32(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_32(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_32(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_32(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_32(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_32(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_32(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_32(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_32(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_32(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_32(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_32(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_32(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_32(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_32(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_32(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_32(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_32(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_32(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_32(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_32(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_32(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 1024 doubles.
- * 268 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 37);
-    sp_point_1024* rt = NULL;
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_1024_mod_mul_norm_32(t[1].x, g->x, p1024_mod);
-        (void)sp_1024_mod_mul_norm_32(t[1].y, g->y, p1024_mod);
-        (void)sp_1024_mod_mul_norm_32(t[1].z, g->z, p1024_mod);
-        t[1].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_1024_proj_point_add_32(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_1024_proj_point_add_32(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_1024_proj_point_add_32(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 30;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-        XMEMCPY(rt, &t[y], sizeof(sp_point_1024));
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_add_32(rt, rt, &t[y], tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 32 * 37, heap,
-        DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_1024, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*32;
-    sp_digit* b = t + 4*32;
-    sp_digit* t1 = t + 6*32;
-    sp_digit* t2 = t + 8*32;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_32(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_32(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_32(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_32(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_32(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_32(t2, b, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_32(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_32(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_32(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_32(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_32(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_32(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_32(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_32(t2, b, p1024_mod);
-    sp_1024_mont_sub_32(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_32(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_32(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_32(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_32(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_32(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_32(y, y, p1024_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_32(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-    sp_digit* tmp = t + 4 * 32;
-
-    sp_1024_mont_inv_32(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_32(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[32];
-    sp_digit y[32];
-} sp_table_entry_1024;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*32;
-    sp_digit* t6 = t + 4*32;
-    sp_digit* t1 = t + 6*32;
-    sp_digit* t4 = t + 8*32;
-    sp_digit* t5 = t + 10*32;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_32(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_32(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_32(p->x, t2) &
-            sp_1024_cmp_equal_32(p->y, t4)) {
-        sp_1024_proj_point_dbl_32(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_32(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_32(t5, t3, p1024_mod);
-        sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 256 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_32(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_32(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_32(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_1024_proj_point_dbl_n_32(t, 256, tmp);
-            sp_1024_proj_to_affine_32(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_32(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_32(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^256, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 32 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 255;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 256;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=254; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 256;
-            }
-
-            sp_1024_proj_point_dbl_32(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_32(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[32];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[32];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_32(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_32(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_32(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_32(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_32(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_32(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_32(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_32(t, 128, tmp);
-            sp_1024_proj_to_affine_32(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_32(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_32(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 32 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_32(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_32(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[32];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[32];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_32(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_32(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_32(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_32(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(point, gm);
-
-            err = sp_1024_ecc_mulmod_32(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 256 between points.
- */
-static const sp_table_entry_1024 p1024_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xe0162bc2,0xbf9c7ec6,0x10a89289,0xddecc6e3,0x9e499d81,0x5d599df0,
-        0x6d358218,0x9a96ea28,0x70c5f8db,0x01aec7d3,0x8cf5d066,0xe72e4995,
-        0x3e91d7f8,0xc2e7297d,0xda9f2f5a,0x8621db92,0x5a5679ed,0x4b26c867,
-        0x2c56aac1,0x233385df,0xc6a13f99,0xb88e74d4,0xffa8ec11,0x1214b173,
-        0x1f3f9fef,0xa0386a27,0xc0e7b44e,0xbd9b1b4e,0xeecd3496,0xafe528dc,
-        0x1c49f80b,0x8dfff96a },
-      { 0xc03c0c83,0xb4a4753a,0xabcdcd75,0x68e69d18,0xf775b649,0xe3839b88,
-        0xbf58f352,0x803f949a,0xbd0bc15c,0x5f702679,0x8ff298c2,0x85bf5d16,
-        0xc6c7976e,0x3f6ebd98,0x45e3e1b4,0x20618af4,0x54e64093,0x67d5598e,
-        0x504fed9e,0xb047283b,0x70d87517,0x450cabfd,0x3f5addbe,0x47d628bf,
-        0x78cb4cca,0x0037ef30,0x6b1c4908,0x4e148d3c,0x4fcfd837,0xe256d329,
-        0xde3c01f3,0x2aa1207b } },
-    /* 2 */
-    { { 0x755c2a27,0xcf3e0bb2,0x59585c44,0xd38e42f9,0x19285e60,0x46b13e0f,
-        0x76273d0f,0xc3ecd0c0,0x193c569a,0x7800f085,0x4351818a,0xf04e74ab,
-        0x8496363b,0x9258aa38,0xb8c894fe,0x8456617c,0x2af969a0,0x8bc62aaa,
-        0x5a4668d9,0x66c2280b,0xa992f4fa,0xbc9df58e,0x3f401e99,0x5db0b7d9,
-        0xc4c38c0e,0xe0614fe1,0x2ccdf6b3,0xd531151c,0xe143b618,0x1c7575ec,
-        0xdf9398a4,0x40247985 },
-      { 0x8f055746,0xfba25178,0x0ab1e6e0,0xc5ba0040,0xac292697,0xe1b194fb,
-        0x5b4f4740,0x77152119,0x9bb7ba54,0x250091d0,0xb9a139a4,0x7a674861,
-        0xf353aa7e,0xba8413b3,0x2443ceee,0xafe77192,0x3847bbd0,0x14468d36,
-        0x3da4942d,0x61f79ff6,0xd425b456,0x1563a1c1,0x75ff4630,0x3c270fcd,
-        0xeb2802c9,0x42072090,0xc85c7004,0x68f0cdcb,0xfa032e74,0xca4372fb,
-        0xc8b79d80,0x1a6fd1e6 } },
-    /* 3 */
-    { { 0x8d5116a3,0x967a901a,0xb2f5f47f,0x0b844394,0x60ebaf3b,0xe39ad452,
-        0x60ccfc0c,0x1e1be617,0xcc3f53f2,0xac07e3d2,0x1ed11bb6,0xdd838e0e,
-        0x1c15b0c2,0x45475307,0x920fe5b8,0x70dd4748,0xe471896d,0x1a20be2d,
-        0x59276c7c,0x3c3fad8a,0xc886ee07,0x026a1cc3,0x6e831ac4,0x9fdb6f37,
-        0xac501d65,0x26a35d1a,0x40da8574,0x0ae98905,0xabd734e5,0x65dde0a4,
-        0x15614750,0x29b7d4dc },
-      { 0xcbf4e20b,0x44b3c2cb,0x58cc44c5,0x1c3f548f,0x5b0cac1f,0x39809b54,
-        0x00f80621,0x0c0f02b5,0x066905e0,0xe612b890,0x8350188c,0x8f158ed7,
-        0x3f5576b2,0xc01dc458,0xa45492e0,0x29803272,0x0ff92443,0x77a5623a,
-        0x29d0dc41,0xd12a2b00,0x2780e87a,0xb4125459,0x0d53f272,0x1ebcf903,
-        0x24301e8d,0xbae6ea40,0xa37d0798,0x1e5f3f2f,0x22b4126c,0x9342c310,
-        0x5382497e,0x5d092802 } },
-    /* 4 */
-    { { 0x4b59213a,0xf5b495d0,0x8d70200e,0xca672039,0x2b6771c1,0x4bcb09a6,
-        0x2b9eb0cb,0x26adeed4,0x8cdba212,0xeb544754,0xf08890d1,0x0e1abfcd,
-        0x698e46b4,0x52509963,0x82e9c138,0xe1bff0b0,0x51099a71,0xa189e4cd,
-        0xc9b91cc7,0x2360c9bc,0x137ec4be,0x9bd4d7dc,0xd1519f6e,0xd0356521,
-        0xcf832503,0xbf5f6d78,0x8deea2b4,0xe4301031,0xef4c319c,0xc3132494,
-        0x0f1fa7d7,0x2ab3bd47 },
-      { 0x922c9fbb,0x5753b680,0x0f16c6d1,0x869e7dc8,0xbac16efc,0x83445135,
-        0x846d1d9b,0x4326a3b4,0xb2d62c21,0xb517fee3,0x0b292ad5,0x6905afa2,
-        0x2cadac13,0x2a57131a,0xebdbca8d,0xcd904d8f,0x3f365fb2,0xdfeda86f,
-        0xdc7eaa1c,0x7097b208,0xa45e77c0,0x89a35a84,0xcf5d118e,0x417a062c,
-        0x1f6e99e8,0x3c0c04a8,0xba7a087d,0xc44704b0,0x3ea22ad2,0x6f8a27d1,
-        0x4c27d229,0x93a4b416 } },
-    /* 5 */
-    { { 0x1f1efb7a,0xd4271bc1,0x33fccc0d,0xae4e68e6,0xb11f50a8,0x9d9bc8f1,
-        0xaf076089,0x5430398f,0x443d0e03,0x45e242fb,0xf6e3d4c1,0x73ec2519,
-        0xba9bad09,0xab70f790,0xf9add10f,0xde612ad5,0x14e942b4,0xb837e54e,
-        0xddb8b68a,0x175a56d3,0x1ac2a408,0xe85b233c,0xf0c80f94,0xf8ff6c30,
-        0x898db4f9,0x4b7f3fb7,0x45a7dcdd,0xa2c6044f,0xfe3d3895,0xf3abb2f6,
-        0x32ee7763,0x342ce0d7 },
-      { 0xcf491b1f,0xeb261394,0x1909e395,0xdcaaeed7,0x9fe4dbea,0xdcc4055a,
-        0x493d604d,0x17a6611d,0x1ce5ebef,0xba445a3a,0xe3989cb5,0xe82e2858,
-        0x83f58406,0xb96f4282,0xa156cf55,0x99877b99,0x4e166a0e,0xaf906a66,
-        0xb2976d13,0xcea1d353,0x36c61a01,0xefc16f27,0xb0f55d86,0xdb04c433,
-        0x8eb34c01,0x3cb4b269,0x2ae60280,0x38d07f78,0x43be3ec5,0x43ac3bcb,
-        0xe156fd20,0x455f4af3 } },
-    /* 6 */
-    { { 0x95532833,0x2e6fe0a6,0xd626d067,0xabca228e,0x649e73bd,0x22aef3d9,
-        0xf03c4c0c,0x2083a87a,0x35169b45,0xe954e75d,0x74506a89,0x577509ee,
-        0x2aeacf90,0x49cb276e,0xfa409f91,0x08275d77,0xf0bbd6b9,0x61eb6f3d,
-        0xe4132704,0x948202cb,0xb1c498b1,0x35f3fc21,0x361fee59,0x76c68ba8,
-        0x50e051f3,0xa18cbbd9,0x318e7042,0x2384a879,0x80dd1e8b,0x292abead,
-        0x5c37c334,0x65713c29 },
-      { 0xceb77b9a,0xdccca8e9,0x23b69469,0x2f97e727,0xa01d6b28,0xc76abee6,
-        0x5abecdfe,0x3925203d,0x29290d70,0x89448082,0xb0314438,0xf9931424,
-        0x7cd447c3,0x04209df1,0xc855c827,0x7c6f2059,0x56c0e069,0xd97d7862,
-        0x412d94c4,0x5a9db6fe,0x994c41dd,0x19a64591,0xc89e21a3,0x12348aa1,
-        0xc6a03f0e,0xd6904b50,0xa616feac,0x55c15156,0x7cc7693b,0x4e36d1b5,
-        0x3bae3c38,0x6b0e996c } },
-    /* 7 */
-    { { 0xcceced00,0x32789fab,0xe5b7aa66,0x3237e71a,0x2ddebcdf,0x87b2e269,
-        0xb61dad8f,0xb7245120,0xd35f803c,0xe11e5e48,0x98e50f0d,0xfb4df5d7,
-        0xbcd2ab92,0x60ee68b4,0x1ce3363d,0x98ab2f5c,0x7cd42647,0x15ba39da,
-        0x83f4fb3f,0x1a6572eb,0xe56f08db,0x0f77de88,0x172562c2,0x1743761e,
-        0x8a58f0f4,0xbe349ff8,0x84d1d6e2,0xe04da71b,0x9e9ff3b4,0x368f0342,
-        0x678223f8,0x4022a205 },
-      { 0x83847375,0x527bbd05,0x3f451af0,0x3ae56b62,0x4b2c7f18,0x6198f24d,
-        0x4525b98d,0xee323f5b,0x0e0884b5,0xa9d8d39a,0xfb12c776,0xd005d7f6,
-        0x708bc154,0xd71c483e,0x742541bc,0x8ca6fd28,0xf8397ddb,0x0af3dccd,
-        0x3eccf243,0xb80d3125,0x58d81b8d,0xc743a108,0x71391f68,0x3f48eb21,
-        0x33bb657f,0x493aff88,0x07e47e31,0x1d15ed66,0xe08279f6,0x10159b11,
-        0x24a6a956,0x312179cb } },
-    /* 8 */
-    { { 0xfb99cfe6,0x950323d3,0xc9334178,0x7b09bc26,0x7cbdfb6f,0x64111e41,
-        0x89a75760,0x91141744,0x10919cb0,0x4c633df9,0x396bfd2f,0x715fc7c7,
-        0x8cab62db,0x8ca19512,0x4db81aac,0x30672473,0xb4c4c54a,0xe67a246b,
-        0xbf229646,0xd77ea0fa,0xfa5b5d70,0x5bed15f1,0xc2f192f3,0xa5686da5,
-        0x7f6690ad,0xdecac72a,0xcaa50b7d,0x0c4af2a2,0x6049ad2f,0xf44631c1,
-        0x04ecf056,0x325d2796 },
-      { 0x4848c144,0xee11fb55,0xb6a7af32,0x4e062925,0x369e0f9a,0x125b68e1,
-        0xca53b21e,0xad9bdae6,0x2e98ea1b,0xf50d605c,0x9f2fa395,0xbdb9e153,
-        0xe91532f5,0x4570e32d,0x46a250d7,0x810698ae,0xad9d9145,0x7fd9546c,
-        0x11e97a5e,0xabf67721,0x249f82e9,0xca29f7d5,0x9851df63,0xa9c539a9,
-        0x71d0e3e5,0xfd84d54b,0x041d2b56,0xd1e0459c,0xfd80096a,0xceb3eb6e,
-        0xe32a79d3,0x19d48546 } },
-    /* 9 */
-    { { 0xb540f5e5,0xfe19ee8f,0x04e68d17,0x86d2a52f,0xadbdc871,0xd2320db0,
-        0xd03a7fc8,0xa83ad5a8,0x08bcb916,0x54bf83c7,0x2e51e840,0x092133ea,
-        0xcb52dddf,0xbce38424,0x31063583,0xd5c7be40,0x458e3176,0xc1ebb9df,
-        0xbc4dabbf,0xafb19639,0xc05725a8,0x36350fe4,0x84e1cd24,0xac4a0634,
-        0xc145b8de,0xadf73154,0xb3483237,0x0aa6dd9e,0xcbff2720,0xa3345c3d,
-        0xb4e453b0,0x1b3ace6c },
-      { 0x90a8bdc5,0x0343e5e9,0x6306a089,0xa203bf9d,0x8e48520e,0x98489a35,
-        0xde7d1d06,0xbd17debe,0x5f795d3f,0x8fafa6d7,0x387b0a3f,0xa4ceb630,
-        0xffddeafa,0xe0166b32,0x7e764e02,0xa2fe2054,0xe871f304,0x55ab9824,
-        0x952ec45e,0xa2bd36bb,0xa90d20ca,0x7b4c1484,0x75bcfb53,0x5319f387,
-        0x6982c4e5,0x34238a4a,0xa102921d,0xa2bb61c7,0xdb3ab17e,0x1e061b64,
-        0x192f0a14,0x538ec33e } },
-    /* 10 */
-    { { 0x576374c2,0xe53c7785,0x84727040,0xe60526d1,0x228ca044,0x8a066dc8,
-        0xf1ce1313,0x1fe1c1b2,0xcdeb0c5d,0x2aeec832,0x9cbf826f,0xa7596699,
-        0xde77a589,0xcd188e81,0x118d1254,0xe5ce0fe0,0x0790b86a,0xa142a984,
-        0x39ac28ce,0xe28f043f,0x87de5804,0x4eef8290,0xf639a8c5,0x83c31b32,
-        0x5887794f,0xd70454a7,0x18b1b391,0xca635d50,0x31d9c795,0xcefea076,
-        0xb6f8aa25,0x13cbee76 },
-      { 0x8d3f34f3,0x79cabe0f,0xa3617fe3,0xbda9c31c,0xdd9426a1,0xb26dee23,
-        0xf29c9104,0xe9dd9627,0xe2c6cd3b,0x033eb169,0xfcba2196,0x8a73f492,
-        0xb858c83c,0x92e37e0b,0x23b3fbb7,0xe4f2aca6,0x64be00a2,0x8101fb1e,
-        0x948f6448,0x91a7826a,0x907260e7,0x414067b4,0xe30bb835,0xf774aa50,
-        0xc999c06e,0xf922ca80,0x0ba08511,0x6b8635b9,0x25fa04f0,0xbf936b5c,
-        0xe02e8967,0x4e0a1ada } },
-    /* 11 */
-    { { 0x8ba29c4d,0x00ca6670,0x22988094,0xc08240ce,0x16dda752,0x21c5ca67,
-        0xabbbfa34,0x689c0e45,0x3ed28b72,0x1d7545fd,0xd7c56ab4,0x5f221198,
-        0x38759d65,0x4b3d8f74,0x8fe50b89,0x93490dfb,0xe80eba16,0xb641f5d7,
-        0x79acb537,0x7b0da5eb,0x0c1d5e5e,0xab6b1497,0xa5da429a,0x2338e68d,
-        0x2f6d2f25,0xe010c437,0x6530f3a7,0x226f16d2,0xcbef08bc,0xefb0f7b6,
-        0x9f99c999,0x733e30d9 },
-      { 0xa42a38f9,0xecfe1582,0x4730b500,0xaec2d58e,0xde976b2c,0x2ee2f2a7,
-        0xa969c1bb,0xf0539db5,0xfcecdb4a,0x31954168,0xe7a8e902,0xf2f7348a,
-        0x3121541f,0x1d58d7cc,0x2202ae52,0x5d25b75c,0xf40835a7,0xdea9965a,
-        0x529b4e46,0x3feb6a41,0xbd27ad9b,0x5c97fb6f,0x261f900b,0xd87554c0,
-        0x04d5b19e,0xb43031d9,0xcb219b9c,0x33d5e9b8,0x3ee00bcf,0x7a43d492,
-        0xb79a5c0c,0x56facb39 } },
-    /* 12 */
-    { { 0x7c834915,0x667eaed6,0xbc5eb64d,0x9f77aa6a,0x25d62011,0x729ebcb6,
-        0x699fd9c2,0x0aee24f2,0x2b8d4f6c,0xe1eb5874,0x14c976d6,0x7f12710c,
-        0xf6d9ea65,0x91390335,0x06b50064,0x668b7049,0x0876ee4f,0x65969a0e,
-        0x2f9d9360,0xf901bf3f,0xb499e3ce,0xfb1a8651,0xf2dbcaaa,0x80b953fb,
-        0x973b06b6,0x312cc566,0x3af36c64,0x3534d9c3,0x10ffd815,0xe4463a52,
-        0xf18c2b91,0x57ea2b4b },
-      { 0x8aa0f2f2,0x00f5e162,0x0e46bcaa,0x8c7e75c5,0xa4a2c42d,0x97ab479a,
-        0x14baa202,0xb4f308ea,0x6943cc2e,0xa901bd14,0xeed58804,0xbb125fee,
-        0x9d180f7c,0x6502c8f9,0x1580c61c,0xe5353919,0x27101ee3,0x7e278069,
-        0xfaa72717,0x7a0a40a1,0x4c75b153,0x32edce02,0x538f1c22,0xda23660b,
-        0xbe307d2e,0x4d511e98,0x9baee0b4,0x24276e40,0x7ff1f307,0xa78c3927,
-        0xea7935c9,0x60480b46 } },
-    /* 13 */
-    { { 0x3872ece3,0x31087d66,0x955b70f8,0x5f29be7d,0x9cf95bb8,0xb50b4fc7,
-        0xdbffa621,0xbae3b58d,0xe022ba5d,0x0e61d280,0x4181449c,0x78ae5117,
-        0xcf555485,0x0b132840,0xb8ce0b0e,0x800ed1b6,0x78d5de3d,0x35dffdd5,
-        0x69a56b47,0xf7e42374,0x8d910ae7,0xd5e32369,0x6313c7c7,0xb6ff52a0,
-        0xa92de9e5,0x5a2fe20d,0xd12110bb,0x41b347d3,0x40c16f23,0xc5905edb,
-        0x9a8f88cc,0x0774a0d3 },
-      { 0xe3b6c106,0x3ae181ab,0x8de150b7,0x4ebe163f,0x6f354836,0xcf75b82f,
-        0x3ac7ac16,0xaa0d2063,0x291722af,0x5c680668,0x11545553,0x73941e61,
-        0xbf5de3f7,0x17127e38,0x1afb41da,0x32cfdf03,0x87bc8663,0xc6893c91,
-        0xa62c9c99,0x75046744,0x962c1947,0x96866e2d,0x378cdf4c,0x489ec8df,
-        0x3407fa32,0x3a60709b,0x551290d1,0xd37d2159,0xbab92273,0x9623d303,
-        0x2432014b,0x08151954 } },
-    /* 14 */
-    { { 0xb05f2b26,0x569044f3,0x80b9f76c,0xb35a294a,0x4290f6ae,0x8839fe28,
-        0x026a5877,0x761cfb23,0x2e5ff9c3,0x768926b6,0x0b11c576,0xbae6cd20,
-        0x72a03efe,0xdc857756,0xe1bad63a,0x0cae074a,0xd709d99c,0x3fe491a1,
-        0x6501d9c1,0x76c5ded6,0xc32aeff7,0x1da6eca1,0xc57683e8,0x50849d55,
-        0xdf98d847,0x9e392e9c,0x64d9a564,0xfad7982f,0xa37b98b2,0xf7c3bdb7,
-        0xf0860497,0x1fe09f94 },
-      { 0x7648cc63,0x49a7eaae,0x67cfa714,0x13ea2511,0x653f4559,0xfc8b923c,
-        0x81a16e86,0xd957619b,0x3c864674,0x0c7e804b,0x1616599a,0xfc88134a,
-        0x0a652328,0x366ea969,0x4bc9029e,0x41532960,0xae2aad2b,0xef9e1994,
-        0x7f10bef5,0x9e2a8c52,0xc67bf860,0x73dcb586,0x844cc25d,0xf61a43fa,
-        0x74eb3653,0xd74e7eea,0xdd240f02,0xf3356706,0xfd83bcb4,0xeec7694c,
-        0xdb62526a,0x4de95786 } },
-    /* 15 */
-    { { 0x3deac2f7,0x4867d315,0xb61d9a8e,0xa084778a,0x0ab7b2d5,0xf3b76f96,
-        0xcfdf4f79,0x00b30056,0x31ab8f4b,0xd0701e15,0x9c779d01,0x07f948d5,
-        0x82675371,0x7c994ebc,0x48bad4c0,0x1104d4ee,0xbfc9d058,0x798ce0b5,
-        0x309fa80b,0xc7ca898d,0xacb33eaf,0x0244f225,0x5b2f3175,0xd51e8dfc,
-        0xa4d7be34,0x3e49ba6b,0xbda02b43,0x1760f4c7,0x4435275a,0x37e36a7e,
-        0xe636980c,0x1c94418b },
-      { 0x09dc1414,0x43a21313,0x43c93537,0x060765fc,0xdf5f79ce,0x6ff3207a,
-        0x85d4cfca,0x6f18b1fa,0x63e995ab,0xf5c4272e,0xa82b3002,0x121a09e4,
-        0x97147f16,0x82b65d1b,0x20a7fe26,0x4993c20c,0xe6716726,0x99c9cb98,
-        0xfeb440a0,0x5a02d673,0x251b4bc5,0x3f3fa9e1,0xa05338ea,0x75dbc474,
-        0x7b09f6cb,0x3cb4044b,0x80434609,0x6767da18,0x098ceac2,0x97851422,
-        0xb55235ba,0x611bfbb2 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^256, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_32(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xe0162bc2,0xbf9c7ec6,0x10a89289,0xddecc6e3,0x9e499d81,0x5d599df0,
-        0x6d358218,0x9a96ea28,0x70c5f8db,0x01aec7d3,0x8cf5d066,0xe72e4995,
-        0x3e91d7f8,0xc2e7297d,0xda9f2f5a,0x8621db92,0x5a5679ed,0x4b26c867,
-        0x2c56aac1,0x233385df,0xc6a13f99,0xb88e74d4,0xffa8ec11,0x1214b173,
-        0x1f3f9fef,0xa0386a27,0xc0e7b44e,0xbd9b1b4e,0xeecd3496,0xafe528dc,
-        0x1c49f80b,0x8dfff96a },
-      { 0xc03c0c83,0xb4a4753a,0xabcdcd75,0x68e69d18,0xf775b649,0xe3839b88,
-        0xbf58f352,0x803f949a,0xbd0bc15c,0x5f702679,0x8ff298c2,0x85bf5d16,
-        0xc6c7976e,0x3f6ebd98,0x45e3e1b4,0x20618af4,0x54e64093,0x67d5598e,
-        0x504fed9e,0xb047283b,0x70d87517,0x450cabfd,0x3f5addbe,0x47d628bf,
-        0x78cb4cca,0x0037ef30,0x6b1c4908,0x4e148d3c,0x4fcfd837,0xe256d329,
-        0xde3c01f3,0x2aa1207b } },
-    /* 2 */
-    { { 0x01900955,0xa95b6dae,0xceb4656d,0xa5dc9cc1,0xe72fe95b,0x50c78907,
-        0xa040c334,0xa1ae5447,0x7952ea6e,0x91191370,0x6d097305,0x54ff7343,
-        0xbda4d10f,0xa4db0074,0x91644070,0xfd5306f1,0x8b24522c,0x14b9fe73,
-        0x7849f762,0x1468dad6,0xb0dcd2e4,0x87b29a18,0x5e1ad492,0xadd7f1a1,
-        0xdbba2a1a,0x9ac63a81,0x81223379,0x01379c5b,0xb0e53bc8,0xf402b2f0,
-        0x0bf13b61,0x8c3eb27f },
-      { 0xe513696f,0x9a4ad3e1,0x18c81ffa,0x0350ba5c,0x3c033d13,0x1e2fc136,
-        0x17a531bc,0x53da6e71,0x1aed610d,0x42ec6490,0xe99ff567,0xd33e8df7,
-        0x3deed12a,0xe4aad73e,0x180f4deb,0xd983b465,0x502f30b4,0x99365269,
-        0xa8918d7f,0x7e2799ab,0x700fc79a,0x0ffe84b6,0x40bfd8c2,0x7b4400d6,
-        0x5d2641bd,0xc3a21d21,0xc32621cb,0x79839442,0xb1401e83,0xace6500b,
-        0x251c4310,0x7bf4163e } },
-    /* 3 */
-    { { 0xe3fd589e,0x1c174f88,0xdf974a03,0xdb501790,0x3e70549f,0xd09623e3,
-        0x15924f34,0x8d091eff,0xf9b65ac5,0xeef79cad,0x3f69c2cf,0xd2cc4262,
-        0x52cd82bc,0x817d9032,0xa5f1dddd,0xacf4f4d9,0x5011b6bd,0xd0612635,
-        0x2ed140c9,0x9f74490d,0x4db686d2,0x64092e8c,0x776b0fcc,0x225eef16,
-        0xdf16aeb6,0x0e8c01e9,0x84bbd82a,0x62836741,0x8956e337,0x757574e2,
-        0x705a7f07,0x9871edc6 },
-      { 0x776535f7,0xbd0b76d5,0x2635b3b8,0x5214d602,0x9d216f64,0xc0c25ad9,
-        0x5515bf75,0xfd4df3a7,0x5e9f1675,0x24a625bc,0x406873e7,0x3c35efb7,
-        0xbb2e5c4a,0xef5c9a33,0x806b198a,0xa971b35e,0xa3c690ed,0x9f5c0ca5,
-        0x8e1e2341,0xa8d5dd89,0x955ad9e4,0x4cecbcce,0x248d3416,0x2ecf4407,
-        0x45c0af6e,0x1abb3811,0x1c780fff,0x3f4bee82,0xc272ed57,0xd14df768,
-        0x371637ad,0x397ed10a } },
-    /* 4 */
-    { { 0x755c2a27,0xcf3e0bb2,0x59585c44,0xd38e42f9,0x19285e60,0x46b13e0f,
-        0x76273d0f,0xc3ecd0c0,0x193c569a,0x7800f085,0x4351818a,0xf04e74ab,
-        0x8496363b,0x9258aa38,0xb8c894fe,0x8456617c,0x2af969a0,0x8bc62aaa,
-        0x5a4668d9,0x66c2280b,0xa992f4fa,0xbc9df58e,0x3f401e99,0x5db0b7d9,
-        0xc4c38c0e,0xe0614fe1,0x2ccdf6b3,0xd531151c,0xe143b618,0x1c7575ec,
-        0xdf9398a4,0x40247985 },
-      { 0x8f055746,0xfba25178,0x0ab1e6e0,0xc5ba0040,0xac292697,0xe1b194fb,
-        0x5b4f4740,0x77152119,0x9bb7ba54,0x250091d0,0xb9a139a4,0x7a674861,
-        0xf353aa7e,0xba8413b3,0x2443ceee,0xafe77192,0x3847bbd0,0x14468d36,
-        0x3da4942d,0x61f79ff6,0xd425b456,0x1563a1c1,0x75ff4630,0x3c270fcd,
-        0xeb2802c9,0x42072090,0xc85c7004,0x68f0cdcb,0xfa032e74,0xca4372fb,
-        0xc8b79d80,0x1a6fd1e6 } },
-    /* 5 */
-    { { 0x8d5116a3,0x967a901a,0xb2f5f47f,0x0b844394,0x60ebaf3b,0xe39ad452,
-        0x60ccfc0c,0x1e1be617,0xcc3f53f2,0xac07e3d2,0x1ed11bb6,0xdd838e0e,
-        0x1c15b0c2,0x45475307,0x920fe5b8,0x70dd4748,0xe471896d,0x1a20be2d,
-        0x59276c7c,0x3c3fad8a,0xc886ee07,0x026a1cc3,0x6e831ac4,0x9fdb6f37,
-        0xac501d65,0x26a35d1a,0x40da8574,0x0ae98905,0xabd734e5,0x65dde0a4,
-        0x15614750,0x29b7d4dc },
-      { 0xcbf4e20b,0x44b3c2cb,0x58cc44c5,0x1c3f548f,0x5b0cac1f,0x39809b54,
-        0x00f80621,0x0c0f02b5,0x066905e0,0xe612b890,0x8350188c,0x8f158ed7,
-        0x3f5576b2,0xc01dc458,0xa45492e0,0x29803272,0x0ff92443,0x77a5623a,
-        0x29d0dc41,0xd12a2b00,0x2780e87a,0xb4125459,0x0d53f272,0x1ebcf903,
-        0x24301e8d,0xbae6ea40,0xa37d0798,0x1e5f3f2f,0x22b4126c,0x9342c310,
-        0x5382497e,0x5d092802 } },
-    /* 6 */
-    { { 0xff2f780d,0x583a2b7e,0xd7d76b1d,0x34d26820,0x86f74aec,0xe3c32847,
-        0x10823feb,0x0fd42212,0xfb5e7bf4,0x227e417e,0xa568f8cd,0x510d49b6,
-        0x1781bbec,0x53bce7d6,0x2f3718b7,0x9cfe3f22,0xd9de6c1f,0x7f44e89f,
-        0x3fac9b55,0xf1cc553f,0xe6f300bc,0x9d2d0846,0x9f0ae6b1,0x976c82a2,
-        0x24b8bbe0,0xe63dbf5e,0x973a5aa7,0x4cac7f45,0x84dd33c7,0xc6eb6237,
-        0x142fee5d,0x0a26e434 },
-      { 0xacaa9a08,0x8081339f,0x5246ece1,0x40f31105,0x61393747,0x892c8170,
-        0x242f02e1,0x8d8d4103,0x3b5de98a,0x482bfd20,0x5abbe952,0x89ef946b,
-        0x37698249,0xb8d218b9,0x66617c7a,0xd5268e89,0x8b7d2b91,0x962e7551,
-        0xfe8d67c3,0x2c5c7973,0x2b017c51,0x42e3150a,0xc1a29469,0x6f4e5ebc,
-        0x531c7083,0xa39910ce,0xb77b9e50,0xaf4f6eb4,0xda120ad0,0x68cbb175,
-        0xb92636ec,0x19497c61 } },
-    /* 7 */
-    { { 0x417659a8,0x6920b0c6,0x92cb28ff,0xc77ab9c7,0xb687797f,0x55b67180,
-        0xe7759363,0x4caf58c1,0x5561b186,0x5155bdb6,0x780f4946,0x2e64e355,
-        0x229a8b20,0xeb0ac9b7,0x2571bd60,0x88594d78,0xe3fa78f9,0x5dcc0939,
-        0x2ac2d379,0x7b8b4830,0xb90f1444,0x505fbf60,0x3ce4b3c1,0xac610e81,
-        0xd59b5c18,0x39a4f27a,0x7cea0222,0x5fa33973,0x8dff1c7b,0xe578730b,
-        0x517bf7a6,0x96b91b8b },
-      { 0x9aac087c,0xc1a991f4,0x6cfdb28d,0xce62f74e,0x5f7600d6,0x08d6ff9a,
-        0xf917f9c9,0xd781cd04,0x3de52dbf,0x7796f5f6,0x2ed72180,0xe7db64e0,
-        0x6fa4137d,0x0f0876f6,0x3ca1f716,0x3271ee64,0x7c4ab8a3,0xcb9b2058,
-        0x39481047,0xcba17107,0x598c5c37,0xdf9a190d,0x6f20e125,0x0cb6e72a,
-        0xf4f2902d,0xa3142204,0x7ce2dcfb,0x42d28cb9,0xa3d3c351,0xdf261b8a,
-        0xcffc249d,0x73f3d315 } },
-    /* 8 */
-    { { 0xe6fd3673,0x5d86855b,0x9d214b7b,0x309b70af,0xdcc46cd3,0x8d332f90,
-        0x595510de,0xe553c015,0x38c1251c,0x5746a096,0x85cc1bc9,0xcd7cea5b,
-        0x002eba8f,0x4ffa1468,0x22fcd77c,0x10a3cb70,0xc4ea05e3,0xb6999dfb,
-        0x4efa756e,0x3375a0d0,0xdced5fd8,0x4d90279e,0x251fd56e,0x48192403,
-        0x82a4c5f1,0xe87633a4,0x1b34105b,0x3170d130,0x7247e578,0x93998b0f,
-        0x436ba1fa,0x88934f64 },
-      { 0x4713eabc,0xf09f43b0,0xaccdc517,0x4ca7dd91,0xef13ca7c,0x27daa63b,
-        0x2588184b,0x8b2e5a7a,0xd95dc269,0x0a8cb612,0xe1f2f14c,0x346975a2,
-        0xe172935c,0x1f29b8ed,0xd40bc1e3,0xc3cbfd6e,0x132623da,0xd3f46b3f,
-        0xfb0b7681,0xc115be6d,0x56da4344,0x5e31c345,0xa8e43d98,0xa7c63f18,
-        0x4bddb4ea,0x55cb2083,0x4a54f58c,0xb16a0c38,0x46fd69d9,0x74eacca2,
-        0x153548e1,0x0d1898bb } },
-    /* 9 */
-    { { 0xe35ef043,0x4ea73461,0x3496b564,0x107b67d9,0xd0f83a3c,0xd62c173b,
-        0x51d29c35,0xfad4b038,0x71b1c1a4,0x3f42882a,0x54b43b9e,0x5d2bcf66,
-        0x2abdf543,0xc77b15aa,0xdabe3dc1,0x5cb38a80,0xa481673b,0x15fda0ae,
-        0xe7b90ebe,0x86996b4d,0x2bc8f3d8,0x84f87e25,0x37c4e424,0xaded03d6,
-        0xd7a7afd8,0xe5ede666,0xa1ccb93a,0x80dd95a2,0x46fba391,0xa55cfd25,
-        0x46f82e60,0x2bdab1dc },
-      { 0xfa6fed61,0x7a4de22b,0xcc8dd94e,0xca458aa5,0x071222f5,0x3e372df1,
-        0xe5aff377,0x06a4b44f,0x4a738e6d,0xbc2d0ba7,0x5f31f136,0x1a470e1d,
-        0xe102a911,0x77ff933a,0x310c7885,0x8b380a50,0x783fc5ac,0x9f3c0228,
-        0x44725d06,0xec668925,0x5ac84221,0x878f0e16,0xcfda6e8a,0x9a3af1af,
-        0x78cd2aba,0x0183ed37,0x826d0eae,0x32cdbd60,0xcbee6415,0xb3234661,
-        0xb9c10120,0x353eb892 } },
-    /* 10 */
-    { { 0x10b5521e,0xc8fdcad6,0x52e702f0,0x1a11b440,0x8ffda49c,0x6302680d,
-        0xcbf36bad,0xcdb9654a,0x4c10a2d7,0x7b58ce11,0xe630e7e0,0x1e5d1f7d,
-        0x6760a813,0x8cbe3d7d,0x6480d77f,0xeb35866b,0x7f036219,0x58728cf3,
-        0x42a8a757,0xdd5865ed,0x906a2870,0x283f1f1d,0xa51f906b,0x79e23fa4,
-        0x543b20a8,0xf2ac6e83,0xb81e7754,0x4f0b6379,0x840016ee,0x57fbc0d4,
-        0xe621b67d,0x8da20771 },
-      { 0xecce65ec,0x3c855004,0xb748185e,0x76d10d1f,0x78797ad2,0x64be7bca,
-        0x77e54aad,0x43444db0,0xbe0df0ff,0x17b6b0c9,0x055086a4,0x8fc4256c,
-        0xfd74d5a3,0xf952c43b,0x01c4edb8,0x501e005a,0x4a57e328,0xd5172dfc,
-        0x535d6ee3,0xdb40ce4e,0x0c650918,0xbaef1e5c,0x857561fc,0xe85145e7,
-        0x34a224c6,0xe468536a,0x0ec0e0a2,0x69a8e227,0x242b03fc,0xb3f52247,
-        0xc3bebd5f,0x862f55e2 } },
-    /* 11 */
-    { { 0x226049fe,0x2d6a390f,0xdcbbc9fb,0xcc92a578,0x97634fb7,0xa52feca4,
-        0x3dea5893,0x2b340cb6,0x2a49e916,0xa39f338a,0x949e41f3,0x26b2df3d,
-        0x065a7e40,0xc71c7cdb,0x468281a2,0x4a9b84a0,0x731eeeca,0x63eeb503,
-        0x76cbb725,0xe6d09134,0xb94a678c,0x0cf979a9,0x808fd9f1,0xb44d8c3b,
-        0xe0afc5b9,0xe60da613,0x3ea5be69,0x52dce7de,0xdc1ee74f,0x3a5d6864,
-        0x3bc80790,0x71ab2891 },
-      { 0x3b5b60ad,0xcf618fc4,0x4a0c3184,0x0afb5e30,0xbc403302,0xd22381cc,
-        0xdb1c0c66,0x33cf8953,0xa6112a8d,0x9c994e4d,0xd1967a86,0xd7aae2c3,
-        0x5b7acd29,0xc28d5493,0x6c9a57fb,0x8075bd13,0x9c8427f9,0xc9c0373e,
-        0x193225f5,0x2cbca18d,0x442c018c,0x73777d13,0xfbb3a727,0xebe5ed47,
-        0x1962dc18,0x70437d49,0x2dc08806,0xf39c1e09,0x15fff35c,0x03e9c6f7,
-        0x5e360a65,0x8d087bb6 } },
-    /* 12 */
-    { { 0x3fdc1844,0xbe212302,0x105eac56,0x6eca27ef,0xf168a348,0x2183a606,
-        0xe1d7a4cb,0x295f807d,0x7ef5d43e,0x7246a632,0xc77025c7,0xae143205,
-        0xf3484e3e,0x4bdfc7ca,0xdf52c075,0xec939895,0xd7a9cac0,0x82e655f6,
-        0x8baeddb0,0x985dfe20,0x527de731,0x79c817e4,0x313de1ea,0x30ce0fbc,
-        0xcc4f6cbb,0x9df95b89,0xf5bb20cd,0xf2aedf1e,0x1a8cfb01,0xfc1e0a89,
-        0x63edb7ec,0x225ed34a },
-      { 0xbabb1a85,0x3e13154d,0x1e6a565a,0xd3d8dae7,0xab4b100f,0xd3217d56,
-        0xebc78e1a,0xd44d934e,0x48e73d37,0x0215321b,0x201e43cb,0xbbc90bfa,
-        0x27500905,0x3c23f1d0,0xc86691a1,0x2a2e5000,0x6065841c,0x08b2bad2,
-        0x30026b60,0x15d41caf,0x5276ce61,0x1712c2f4,0x15932ffb,0x01c4c3e7,
-        0x6a74caf2,0x7894e13d,0x0c0537a4,0x02d6f5df,0xc2b1c97e,0xa8fb7602,
-        0xd0887c7b,0x612b60e5 } },
-    /* 13 */
-    { { 0xba245d6b,0xefd495cf,0xa2ce3ff6,0x5cf0cbb7,0xdff5feee,0x24da2ac0,
-        0xcf28c6a3,0x90c914f8,0x4308a56b,0x72fdb50d,0x13d72034,0x03dbf779,
-        0x822ac9e9,0xcfa5ec91,0x3aea3e81,0x0dde73c8,0x66289139,0x545ba962,
-        0xca6acbd3,0xa52f648b,0x98a0683a,0xff6f276e,0xa378ed52,0x2536d3ac,
-        0x885ac1d9,0x353c2c54,0x00bc84a7,0xcaff52da,0x37684167,0x3971f81c,
-        0xd2d7986e,0x0f7334e1 },
-      { 0x6596067e,0xafbb5c83,0x38c19806,0x33e54e19,0x39cb0dcc,0x8285d967,
-        0x424035f9,0x2b53f43d,0xdfef9095,0x38c531f8,0xdb0f571a,0x90fbe8e4,
-        0xa39ca787,0x9a0c1ed2,0x606f2620,0x2fecc1d6,0x72b7cb4a,0x9dc890b1,
-        0xccbb7868,0xc33ca6fb,0xfe73ee49,0xd1b11082,0xfcb66c48,0x590b7d17,
-        0x86e14573,0x9356b0a6,0x053ead85,0x75d682c4,0xc54d30fb,0xb2ae55fa,
-        0xf8aee949,0x67636a72 } },
-    /* 14 */
-    { { 0xb91d6bea,0x638063bc,0x923ecb96,0xae263a2e,0xc627aca6,0x9d7b0992,
-        0x77af9e7e,0xc6ed001a,0x24aafebb,0x9214accf,0x78055a90,0xa3564b96,
-        0xe027499d,0x00999b1c,0xe46a06a5,0xe413a4e1,0x2e51efe7,0xa05d13f6,
-        0x9ba843be,0x35e87d34,0x3183159e,0x0a633825,0x54601923,0x6023e8ba,
-        0xb7fd1cf2,0x9b107721,0xfdf2fd53,0x46b5542b,0x1c18af38,0xb314f4f8,
-        0x60ac8965,0x086f9876 },
-      { 0x8cbb9850,0x76701954,0xa20d2c8c,0x6210b730,0x5335670c,0x4084d057,
-        0x0324baea,0x3ecdc595,0xc76ee9b4,0x607fc5f2,0x440ffa64,0xf393d00f,
-        0x2dc1463c,0xe0111796,0x9c7725e7,0xf00b8251,0x5bd1d186,0x35e60736,
-        0x2cf72aac,0xf3d8554c,0xefa3497d,0xb4dd0fde,0xf646ad11,0xd712268c,
-        0x9f7b8ead,0x07c20afb,0xfc06dfe5,0x630969d4,0x7245549a,0x76b7df1c,
-        0xe61ae810,0x681f9403 } },
-    /* 15 */
-    { { 0xc9a0623b,0x7cad5163,0x67fab8d4,0xdbf82957,0x81af7c7c,0x2ccab0ec,
-        0xe966d5c2,0x469e38c8,0xf0d4e41c,0x34430d52,0xa52b359c,0x426075a2,
-        0x33bd0127,0x242dd3e3,0x9fed2341,0xcda3f635,0xd7d52ffa,0x4df33730,
-        0x7640c3ef,0x5fff56f0,0x1bbde57c,0x4783c21c,0xeb8bb336,0xd8784a2a,
-        0xead08405,0x1ec7c533,0xf9b62bd4,0x4b7f1423,0x7075d4af,0x5543145c,
-        0xba60590a,0x0c9de94a },
-      { 0x95d5682b,0x8ed72735,0x2ec276ed,0x711c4283,0x8b36a0d2,0xd1f4aed5,
-        0x8498a88f,0x62ab40c4,0x4480f451,0x58c8fc62,0xb79cffe2,0x8bc8ca4b,
-        0x701a359d,0x90ab583c,0x3fd5d15d,0xaee31a73,0xc912333c,0x02a5597b,
-        0xb6c3e3c2,0x1019cae4,0x29938088,0xe513042c,0xf47c8199,0x0e00283d,
-        0xf2a00e92,0x90d68e58,0xa775ae3b,0x69e2df41,0x871c30b2,0xb8d2eca5,
-        0xbb1de396,0x733dca0e } },
-    /* 16 */
-    { { 0x4b59213a,0xf5b495d0,0x8d70200e,0xca672039,0x2b6771c1,0x4bcb09a6,
-        0x2b9eb0cb,0x26adeed4,0x8cdba212,0xeb544754,0xf08890d1,0x0e1abfcd,
-        0x698e46b4,0x52509963,0x82e9c138,0xe1bff0b0,0x51099a71,0xa189e4cd,
-        0xc9b91cc7,0x2360c9bc,0x137ec4be,0x9bd4d7dc,0xd1519f6e,0xd0356521,
-        0xcf832503,0xbf5f6d78,0x8deea2b4,0xe4301031,0xef4c319c,0xc3132494,
-        0x0f1fa7d7,0x2ab3bd47 },
-      { 0x922c9fbb,0x5753b680,0x0f16c6d1,0x869e7dc8,0xbac16efc,0x83445135,
-        0x846d1d9b,0x4326a3b4,0xb2d62c21,0xb517fee3,0x0b292ad5,0x6905afa2,
-        0x2cadac13,0x2a57131a,0xebdbca8d,0xcd904d8f,0x3f365fb2,0xdfeda86f,
-        0xdc7eaa1c,0x7097b208,0xa45e77c0,0x89a35a84,0xcf5d118e,0x417a062c,
-        0x1f6e99e8,0x3c0c04a8,0xba7a087d,0xc44704b0,0x3ea22ad2,0x6f8a27d1,
-        0x4c27d229,0x93a4b416 } },
-    /* 17 */
-    { { 0x1f1efb7a,0xd4271bc1,0x33fccc0d,0xae4e68e6,0xb11f50a8,0x9d9bc8f1,
-        0xaf076089,0x5430398f,0x443d0e03,0x45e242fb,0xf6e3d4c1,0x73ec2519,
-        0xba9bad09,0xab70f790,0xf9add10f,0xde612ad5,0x14e942b4,0xb837e54e,
-        0xddb8b68a,0x175a56d3,0x1ac2a408,0xe85b233c,0xf0c80f94,0xf8ff6c30,
-        0x898db4f9,0x4b7f3fb7,0x45a7dcdd,0xa2c6044f,0xfe3d3895,0xf3abb2f6,
-        0x32ee7763,0x342ce0d7 },
-      { 0xcf491b1f,0xeb261394,0x1909e395,0xdcaaeed7,0x9fe4dbea,0xdcc4055a,
-        0x493d604d,0x17a6611d,0x1ce5ebef,0xba445a3a,0xe3989cb5,0xe82e2858,
-        0x83f58406,0xb96f4282,0xa156cf55,0x99877b99,0x4e166a0e,0xaf906a66,
-        0xb2976d13,0xcea1d353,0x36c61a01,0xefc16f27,0xb0f55d86,0xdb04c433,
-        0x8eb34c01,0x3cb4b269,0x2ae60280,0x38d07f78,0x43be3ec5,0x43ac3bcb,
-        0xe156fd20,0x455f4af3 } },
-    /* 18 */
-    { { 0x754ec21c,0xc057f262,0xe3a1ba38,0x3eacd4c9,0x116c1fe9,0x3a0210d1,
-        0xeacc8ab6,0xe4ea4e94,0xea6f32ca,0x31c00c9a,0x86b975ce,0x5cb6239d,
-        0xa14ea1e9,0x654d5d8c,0x5067fc8b,0x230d31f4,0x6355fecb,0x48bb90cb,
-        0xdc172e8e,0x78f81ece,0xcb006737,0x288380a8,0xe162d012,0x19b02e01,
-        0xc5af145c,0x0e087a06,0xb72dc354,0xf04dc8b7,0x8de3c066,0xf70ef214,
-        0x13009fb7,0x4f148243 },
-      { 0x6e2055e2,0x5e004fce,0x86c32067,0x89e247ea,0x5f9daaa2,0x4ebcbd95,
-        0xceb7f63b,0xd15f212f,0x863784a0,0x5ecc5c1f,0x75760251,0x53b3800b,
-        0x8a6a2954,0xeb9301c3,0xa13cdd19,0x0f16ba18,0x887c2d24,0x8313d251,
-        0x9a9413f6,0xf9923585,0xfe3fd7c5,0x423405e6,0x16e0ee05,0x678aeb34,
-        0x3fadaab0,0x1f3be7bb,0x82884471,0x7901fa2c,0x4d662ff6,0xc950db30,
-        0x3c01170b,0x74d5d2d4 } },
-    /* 19 */
-    { { 0x2b5bfe11,0xa3002dc0,0x52d321e7,0x0733410d,0x9679ba89,0x15920f65,
-        0x685b236e,0x0e248c14,0x346f6040,0x8cfab594,0x40c717f0,0x9f57afb7,
-        0x66044576,0x0dbab28c,0x9cdc3247,0x0fa09968,0xc230ed05,0x41e02ae2,
-        0xe45bef74,0x0d961554,0xce4d7b6f,0x9688a982,0x5e62d22e,0xfadefac7,
-        0xbd2cba28,0xaf1512a6,0xbe7c749f,0x78868e62,0xae9f5a6b,0x88048d81,
-        0xc5857a29,0x6b1a5442 },
-      { 0x43242066,0x9f5ab9ad,0x2ccca2ae,0x0afef1b5,0x988edc4e,0xb1b43ec7,
-        0x0341b0d5,0x0d0c00f1,0xb50aab37,0x4d68b8f7,0xf3a64a99,0x9a8e4e6f,
-        0x7f1a684e,0x198338fb,0x351a0f5c,0x8bc0e748,0xdac44515,0x2cacf2cd,
-        0x5e9ff76b,0xc14d3999,0x16393055,0x54a01b3f,0x888d8376,0x6ac3eea5,
-        0x723277b1,0xb84d9a9a,0xe11dbbbf,0x99132691,0xabb67178,0x597717ae,
-        0x8bb14ac8,0x4c213526 } },
-    /* 20 */
-    { { 0x95532833,0x2e6fe0a6,0xd626d067,0xabca228e,0x649e73bd,0x22aef3d9,
-        0xf03c4c0c,0x2083a87a,0x35169b45,0xe954e75d,0x74506a89,0x577509ee,
-        0x2aeacf90,0x49cb276e,0xfa409f91,0x08275d77,0xf0bbd6b9,0x61eb6f3d,
-        0xe4132704,0x948202cb,0xb1c498b1,0x35f3fc21,0x361fee59,0x76c68ba8,
-        0x50e051f3,0xa18cbbd9,0x318e7042,0x2384a879,0x80dd1e8b,0x292abead,
-        0x5c37c334,0x65713c29 },
-      { 0xceb77b9a,0xdccca8e9,0x23b69469,0x2f97e727,0xa01d6b28,0xc76abee6,
-        0x5abecdfe,0x3925203d,0x29290d70,0x89448082,0xb0314438,0xf9931424,
-        0x7cd447c3,0x04209df1,0xc855c827,0x7c6f2059,0x56c0e069,0xd97d7862,
-        0x412d94c4,0x5a9db6fe,0x994c41dd,0x19a64591,0xc89e21a3,0x12348aa1,
-        0xc6a03f0e,0xd6904b50,0xa616feac,0x55c15156,0x7cc7693b,0x4e36d1b5,
-        0x3bae3c38,0x6b0e996c } },
-    /* 21 */
-    { { 0xcceced00,0x32789fab,0xe5b7aa66,0x3237e71a,0x2ddebcdf,0x87b2e269,
-        0xb61dad8f,0xb7245120,0xd35f803c,0xe11e5e48,0x98e50f0d,0xfb4df5d7,
-        0xbcd2ab92,0x60ee68b4,0x1ce3363d,0x98ab2f5c,0x7cd42647,0x15ba39da,
-        0x83f4fb3f,0x1a6572eb,0xe56f08db,0x0f77de88,0x172562c2,0x1743761e,
-        0x8a58f0f4,0xbe349ff8,0x84d1d6e2,0xe04da71b,0x9e9ff3b4,0x368f0342,
-        0x678223f8,0x4022a205 },
-      { 0x83847375,0x527bbd05,0x3f451af0,0x3ae56b62,0x4b2c7f18,0x6198f24d,
-        0x4525b98d,0xee323f5b,0x0e0884b5,0xa9d8d39a,0xfb12c776,0xd005d7f6,
-        0x708bc154,0xd71c483e,0x742541bc,0x8ca6fd28,0xf8397ddb,0x0af3dccd,
-        0x3eccf243,0xb80d3125,0x58d81b8d,0xc743a108,0x71391f68,0x3f48eb21,
-        0x33bb657f,0x493aff88,0x07e47e31,0x1d15ed66,0xe08279f6,0x10159b11,
-        0x24a6a956,0x312179cb } },
-    /* 22 */
-    { { 0x07615ac2,0xa94cc3ca,0x121ad581,0x85865e64,0xa7986b79,0xae47616f,
-        0x9d5e0f1d,0x395a40eb,0x3d9457ea,0xa9143264,0xfa2865d9,0x8de6d6a3,
-        0x1014ae8c,0x0771db96,0x976a87cb,0x77a7cce6,0x143a0f60,0xa7de42e1,
-        0xd993d934,0xe203cc09,0x98ec4c3d,0x92018693,0x3a25df4b,0xd77546d8,
-        0x62b02d6b,0x0ad9eb47,0xd05a7189,0xfaaaf208,0x431221bb,0x5238181f,
-        0x733511ea,0x417d6c78 },
-      { 0x0e91e9a8,0x3cbd81b7,0xc370d6b3,0x73340418,0x8eaa2373,0x825db10a,
-        0x6c7d6756,0x8f2b09e4,0x94c33ded,0xe288ee9b,0x1695e3fb,0xcd8426bb,
-        0xdce9e888,0xa6176c86,0x6165e362,0x3f4c8922,0x6063fb09,0x514e411f,
-        0xc8f9e04c,0x6907ac20,0xdfd2ad61,0xcef7469c,0x8452199a,0xba30bae4,
-        0x12ac3462,0x30681293,0xc92d482d,0x011be873,0xe8330995,0xff4cbf89,
-        0xd1470a0a,0x02189d52 } },
-    /* 23 */
-    { { 0x92599c69,0x73e419dd,0x7fec32ca,0x5b94221b,0x09bbfbfd,0xb2bf9bd2,
-        0x63ed895b,0x61ea97a4,0x3f486f79,0x6609146b,0xfd141a39,0xbd1c7a05,
-        0x83d64135,0xc79ec8cf,0x9883507b,0x7f8fd42f,0x17b3d027,0xafcb53b7,
-        0x67ca5a21,0x86658dcd,0xcd149786,0xa6a6c0ac,0x34b95067,0x16f3d70e,
-        0xdf44958c,0x371208e3,0xec280212,0xd2dd64e6,0x30782c71,0x33b2c4ab,
-        0x521176fa,0x7bbf8abd },
-      { 0xa78b981a,0xbe9e4aaf,0x304ec828,0x788b4e36,0x3959dea3,0x0c45cf39,
-        0x240b39c7,0x70a9bdd3,0x28383b7d,0x499cd7dd,0x307a1026,0x30690b2e,
-        0xee92f1b3,0x2262d598,0xb4725a48,0xc62d77de,0x7bc3aa0e,0xa16f25bc,
-        0xd15ef7fa,0x62dd8b65,0x0b96d68f,0xd979221d,0xa00f1906,0xb92885c3,
-        0xeb74c740,0xfa476b9b,0xc7576222,0x217ddbb5,0x5788504f,0xc2782c30,
-        0xf812716b,0x860d096c } },
-    /* 24 */
-    { { 0x4d79bbf9,0xfebc337d,0x69f74f80,0x5d53eab8,0x33104d53,0xff36a095,
-        0x196f8b97,0x2ab820da,0x75ce6909,0x961d3d1f,0x04683754,0xb197ec04,
-        0x93a6cb9b,0xa68ce1bf,0xc5f021a3,0x503456ff,0x8940ffdb,0xb50a2db1,
-        0xef004209,0x77c50f8f,0x04965875,0xd635d177,0x8bb8770a,0x725766d9,
-        0xa078e53e,0x8e19b028,0xf9fc8378,0x364d4cca,0xf0dd39a0,0x1a3df411,
-        0x03adf920,0x7e80e442 },
-      { 0x539a1ddf,0x4b5f8a57,0xee486562,0xd248e7ae,0x816021e1,0x1c7b491d,
-        0xfd36d2c4,0x2e7b871b,0x0aec00d9,0xda38b504,0x6193f1b3,0xf2827612,
-        0xfb1f78d6,0x69c3fe86,0xe827ac33,0x56c8b786,0x3487c8f7,0x1687f6c7,
-        0x19dee5bc,0xab8f2217,0xff399418,0x04e8473f,0xa9027c80,0xf384c014,
-        0xaa1d2e28,0x9967be9a,0xe065eef1,0x869686d3,0xc7bd837c,0x737c6b08,
-        0x9e8bd863,0x5dcab5d1 } },
-    /* 25 */
-    { { 0x9a7d772b,0x0784283a,0xe540959b,0x6b49e525,0x86414ab5,0x546bb008,
-        0x9d74b2a9,0xd4448162,0x203b0b1b,0x267890ad,0xc8d3f86b,0x1e7a82bc,
-        0xd85a83c7,0x1352bfb5,0xfad07ccf,0xf29f16e3,0x41e0c43f,0xc02a63b8,
-        0x6b379fef,0x904f22c5,0xb1244f26,0x19d8a653,0x3a28bdea,0x6635b6df,
-        0xf6d455ce,0x18b68851,0x9cff3735,0x74ac2818,0x8b2cbdab,0xad40f9df,
-        0xadc9d498,0x08cc2d9e },
-      { 0xc170c84b,0x2e6a6866,0x5a49a484,0xbb989e8b,0xd04c8992,0x7b0e00e0,
-        0x61b3a423,0x55ad3478,0xb0d01899,0x3c952450,0xe3100cb3,0xe3922155,
-        0xf03276d0,0x19265b6e,0x76d42b53,0x0fe8595a,0xfc6353b6,0x0a96dee0,
-        0x246f893e,0x761e0dc8,0xf0a74cba,0x4ec902be,0x3fdfad9b,0x61008684,
-        0x4fdb6975,0x5d6a60e4,0x7ef7590a,0x3f53aac8,0x12870a37,0xd29e6be0,
-        0x55aa55b0,0x991fadc1 } },
-    /* 26 */
-    { { 0xb4844ffe,0x82bc4b0f,0x60f8b871,0x73922714,0x4ce3f1f3,0x8ac000e2,
-        0x163519ec,0xf0d548b4,0x88288b5f,0x7aaf842b,0x2bdc9a70,0x9e8b0c4c,
-        0x4ba5fd67,0xa06d5152,0xf93cdec3,0xd0b1afa0,0xdf89f8f0,0x280955ba,
-        0xeea32c92,0x86cbe92d,0x3fe05be4,0x0cae3f99,0xfa6919aa,0xf2607095,
-        0x6e0f1b8b,0x0f54741e,0x30ecf988,0x2aed1f74,0x734991d7,0x9296f76b,
-        0x259f0fe9,0x66cf8d28 },
-      { 0x226f5868,0x9b01905b,0x16909e9e,0xc102e88c,0x4a37eb54,0x2bd08916,
-        0xc9816323,0xf72253e8,0x86bac53c,0x37f84e9d,0xafeaaaf7,0x2e352454,
-        0x2ca0046e,0x67c86f77,0x6663372e,0x86bce50e,0xb6950a04,0xf6a3a960,
-        0xfc1aba93,0x61f994d7,0xc1326e6e,0x1957c12b,0x2e56b005,0x9b658fe4,
-        0x8592740c,0x9cd297fc,0x177f26a5,0x7654ce9b,0xa79d2ebb,0xaaa699db,
-        0x0ecb6448,0x5fca0c5a } },
-    /* 27 */
-    { { 0x569a6663,0xe26e25f3,0xe6aa4ca7,0x09597ee7,0x8d18b80c,0x25a4cda6,
-        0x22926730,0x450602b5,0x07387209,0x9af5f650,0x26733a53,0xfeeedb34,
-        0x86572951,0x0f5ce768,0x8398ae9a,0x872a360b,0x2b30f6c3,0x60347a80,
-        0x1a162158,0xd2113b23,0xee6c6dec,0x6fd9cf92,0x5cbcf9e6,0x85f0a5a8,
-        0x2ba3fe84,0xd7a5a6e4,0x51ecd727,0xaafe6720,0xa2081a10,0xe09c6bb2,
-        0xb973b0b4,0x657acbf0 },
-      { 0xc274c8d4,0x3130466f,0x30a994d1,0x42765176,0x7079435f,0x217258ca,
-        0xeb897a06,0x44850406,0x561ee130,0xf38dfeee,0xaa1778bb,0x11f4facf,
-        0xb9abb9e9,0x765c6617,0xd8f10932,0xb135499b,0xa73b9159,0xc0eb6337,
-        0x6f7e8b6a,0xf2c1ccf1,0x187def53,0x5b32c03a,0x830b9c62,0x89ad1d49,
-        0x2f10e538,0x1735eae3,0x9d5f55bc,0xb1cbd9c2,0xe539db0d,0x42428c47,
-        0xc852b3bb,0x3d2da412 } },
-    /* 28 */
-    { { 0x871f2865,0x97702b6e,0x142920d6,0x56cb639f,0x45b58611,0x328522a0,
-        0xf3b13812,0xf3943ad1,0x712206e8,0xe6c2200a,0xa34d59ea,0xc2890e5a,
-        0xf6b7f759,0xab52fd40,0x180bf567,0xf522c8de,0xaccee396,0x181e97b2,
-        0xc4ea5cbb,0xe0375819,0xab51d3ef,0x0d9985e8,0xbcb50fd8,0xe26c96ca,
-        0x97e1c80d,0xfb9d6b13,0xf796357d,0x582b1814,0x07f4c7fb,0x89a78221,
-        0xc0357e61,0x02aeef2d },
-      { 0x2c7ec9be,0x2ba7926f,0x7258b201,0x292f307e,0xc6fa6b4a,0x74e62a10,
-        0xe2bcc5ab,0x80c08549,0x7bb8c073,0xb4160db8,0x329f194d,0xd5ef0529,
-        0x6dda4a9c,0x0eb8da14,0x15ea23d1,0x0b5d43d2,0xfc34bfae,0x6cebef02,
-        0x848757a7,0xacd364d0,0x2d34cca3,0xc1401368,0x1d2d95e2,0x09ca6742,
-        0x786eaa28,0xc3fd1d6e,0xa2965fec,0x9eb1136d,0xc0779203,0x48871baa,
-        0x4b15aeb0,0x6b446c01 } },
-    /* 29 */
-    { { 0x25e8fe80,0xc819eb2e,0x98238a17,0x2b5f7906,0x81e41849,0xd6f1e996,
-        0x98ea6d45,0x58ad8ad6,0xbfd02e40,0x5bae5ad4,0xa812416d,0x016dc327,
-        0xa3347ca1,0x8b31a985,0x82a65391,0x0b4da610,0xb48c35fb,0x1cb91b2d,
-        0xd2aaf8c4,0x9e96817c,0xcdfdcdc0,0x1a630483,0x12b69254,0x70559361,
-        0xf8a2a097,0x5fdcd712,0x35cc5281,0x59ab623a,0x932b6095,0x30c8ebe0,
-        0xb08e052f,0x8613424b },
-      { 0xb2231d8a,0x28902063,0xd9a61667,0xb0f62329,0x071a9f27,0xaafa0fe7,
-        0x603f047e,0x6bcd8960,0xfd92a1c3,0x118cca76,0x71d483b6,0x3414e62b,
-        0xba705262,0xa123ccdd,0xfd9b5c5a,0x1a576437,0x4c8d0fa3,0xa5301bc2,
-        0x102427cd,0x96f0ad44,0xd3aa6c02,0x0e6fb5e0,0x072a3996,0xcd8c4880,
-        0x840d3fad,0x4dafca12,0xde91d541,0x29f4ca3d,0x8441734d,0x0037c598,
-        0x9ccfe57c,0x86333a99 } },
-    /* 30 */
-    { { 0xecf53b40,0xd213a751,0x2f78a542,0xcff2c6f2,0xf13ae56d,0x0f59f0e2,
-        0x0e61748e,0x91f8ccbf,0xd72c4145,0x0aadecb9,0x4c9cdcb7,0x6b2ed852,
-        0x1eaffc70,0x8e00b72c,0xaa728102,0x89b24285,0xb679cafa,0xaa7ea7e0,
-        0x4f0a6f6f,0x5d2b8c26,0x0e804397,0x7ed7b173,0xc8573049,0x5a93eb45,
-        0x0986e93e,0xc92bf5d4,0x6a20c0af,0x526b5a9c,0xb99dc3af,0x0adf47c9,
-        0xba202cc9,0x12b25fe2 },
-      { 0x33eea395,0x09b8d78a,0xf633fc5c,0xc7a93618,0x270eceef,0x7e821629,
-        0xc628ed0c,0x524779b8,0xa1d68939,0x91db5ca1,0x586edc90,0x8626e18e,
-        0xfeb3f3bf,0xfe023e8b,0x0250171c,0x6279fde1,0x55e172de,0xe52ec7dc,
-        0xc6d4ca45,0x445e8695,0xbdbc10f1,0x42de3878,0x6fc3835e,0x2b114de8,
-        0x7e10b652,0x9faba456,0x390e78fe,0x4111d82a,0xaedf0aca,0x576b61c2,
-        0x74accb74,0x216279a9 } },
-    /* 31 */
-    { { 0x4047f747,0xc14cdabf,0xc1315a1e,0x03ca233d,0x40e5d0a7,0x59e7cbd3,
-        0xbb413869,0x1fd0c4e9,0x0f01fbd8,0x189d08b1,0xa76b823d,0x50449c42,
-        0x398b00a1,0x81c224a1,0x8e8179e4,0x08084e4f,0x698e41e9,0xfd8af994,
-        0x5610bf2e,0x1e30e37c,0xa7d2790f,0x4e6a043f,0xb3195388,0x9d96e60c,
-        0x03799dfd,0xe75f986d,0xf8ff902f,0x3b4a8f11,0x7588416e,0xfa945378,
-        0x9827535e,0x20683e3f },
-      { 0xd0378878,0xcb582e26,0xa7945787,0x9e214c23,0x8f6688b3,0x13d000bf,
-        0x40515270,0x7548d4f5,0x40111f5d,0x7113c15d,0xa8bff902,0x3bf5a526,
-        0x9b4945cc,0xbda6b010,0xbc2f3a05,0x83dcc74e,0x43efdfa1,0x2aef6284,
-        0x565c5bf4,0xd2e60ee9,0x592f243a,0x4f0fa10d,0x1bc3bf51,0x6ae58b32,
-        0x60576a74,0x813b0868,0x4d73081a,0x0bc023f8,0x32dcee59,0x9fd03aa0,
-        0x27d6c795,0x5e416bf5 } },
-    /* 32 */
-    { { 0x026cc23c,0x24313760,0xb5b29058,0xf819aaee,0xc5d2ee17,0xa92272f8,
-        0xee5cc402,0x8048e7cb,0x77def07d,0xdbc7d6ee,0xf6af821e,0x61d69244,
-        0x996cbb89,0x5f7966ed,0x96a155a4,0xf81b17ea,0x03f3ed56,0xb2d9ef70,
-        0xe882a5b2,0x5e6e5906,0xae947180,0x86fa1072,0x658c76f4,0x34d9fc51,
-        0xcb035aa0,0x9f603dc0,0x75be6481,0xb7b39feb,0xcf04a9ef,0xca87554a,
-        0x87b4fde3,0x4ff682ec },
-      { 0xd0a10ad5,0x3125627f,0x968e6f45,0x7fd45c72,0x806a1163,0x2981bd6b,
-        0xde5033e3,0xb92de1cd,0xbf4f8988,0x3b44b45e,0xdae7e1dc,0xca1b9896,
-        0x0778d878,0x52166e5a,0xa5116847,0x82d472be,0xf2895445,0xfbdd382a,
-        0x5d6ec4c9,0x22ed1602,0xb6552b02,0x3614eb1c,0xa1e6210f,0x63c5df73,
-        0x021a74a7,0xe9160285,0xc65cbd4d,0xa44ca400,0x0f15e299,0x48cb187e,
-        0x3402507c,0x51eb818e } },
-    /* 33 */
-    { { 0xb92100ab,0x1fc1d178,0x9605b839,0xdf2e3d60,0xb71e59d0,0x12a7c255,
-        0x14fcbe04,0x3f8b6675,0x59fd06af,0x0e8a3935,0x12020d07,0x56326502,
-        0x528e7be5,0x6696fcd1,0x0c7b7654,0x6588514b,0x5912a5b5,0x0cd80f8c,
-        0xf324cb7f,0x8bafef04,0xc6da3d75,0x6b53eecf,0x31d1df2f,0xedef48d8,
-        0x73812b6d,0xf336b965,0xee626031,0xc82eae4a,0xd244f09b,0x300abd32,
-        0x31d9647f,0x8b0af955 },
-      { 0x2e603544,0xb770180a,0x221acd9e,0x2b573ac3,0x62407032,0x3a17f665,
-        0xb89abc3d,0xad3e74ad,0xd793225a,0x8a3d2e3a,0xef02564b,0x457bba04,
-        0xfc2dd2b5,0x8875652f,0xe67143e8,0xd2905d15,0x02e48d70,0x6d884b42,
-        0xc7636a57,0x06f99219,0x35e378df,0xa8dc3421,0x10c64a02,0x95c1d73d,
-        0xcc157a66,0xcd6a4ece,0x8e24a354,0xbadcc1c8,0x9839329d,0x8024f1b2,
-        0x4da48ad0,0x5363e549 } },
-    /* 34 */
-    { { 0xe23fc641,0x1f5523b7,0x86667063,0xfe54e72f,0x8e009d2f,0x294a15f5,
-        0x8c57f5e1,0xf203997f,0xb16d64dc,0xa229724c,0x4baa2ffb,0x697be4fd,
-        0x0a6e8ed6,0x3f507e46,0x78508536,0x0afe3a5d,0x95408208,0xeeef6cdd,
-        0xf2c4237c,0x701fd889,0x5c385253,0x496d883a,0x72a212f1,0xe25c67ed,
-        0x1ff78fcd,0x4b416783,0xc16f4146,0xe9967004,0xc45b0697,0xfa45c3a1,
-        0x3fbd30c3,0x63334018 },
-      { 0xa2fbbbce,0x39c9a0cc,0xaa0cb744,0x876f6e5c,0x3438ece3,0x9ce6010e,
-        0x13802d82,0x0aad148e,0x9cd45a1b,0x9c3e5c60,0x7bcfc1e0,0x875cb859,
-        0xd8584dd0,0xb19ff790,0xd81c2a2b,0x2598b81e,0x02be07e3,0x118bdf2f,
-        0xb9765ce9,0x074fc8ee,0xb24f95ae,0x125e9d88,0x0c98f09d,0x3bb12cdc,
-        0xa0b74b27,0x4a6aee07,0xc08077ce,0x4723d2f9,0xbea8026f,0x959447d6,
-        0x16280b73,0x93a7075c } },
-    /* 35 */
-    { { 0x715b27f9,0x26bbefe2,0x2a280923,0xa935a5e2,0xfd58a26a,0x5ddf23af,
-        0x7c138694,0x54c83e16,0x892a2153,0x44799bc9,0x9b8d09f5,0x4e6e4710,
-        0xd588ea68,0xc63af616,0x883ab1b6,0x5e896706,0x3d209336,0x3c1393a0,
-        0x92c23dda,0xd02f2921,0xdcf6ea43,0xab70cb7a,0x791559e1,0x12434ea8,
-        0x6d70ff0b,0x040680db,0x2832ba45,0x1a10fe52,0xe5f0cb8f,0xd69f9c08,
-        0x44b141fd,0x1a7422ac },
-      { 0x9f40b675,0xc3a9dd2e,0xfcc71f39,0x2a7c6603,0x1948e342,0x18939a61,
-        0xed0ab484,0x8f3b6158,0xee31ca6b,0xa3aa7d97,0xf7a8db63,0xbc1e865e,
-        0x2c7c62e4,0x315f8c09,0x9f5c6d0f,0xa260788f,0x4b6f3ec5,0xb1833129,
-        0x36b4d849,0x73adbcd6,0xbc699a9b,0x66e14890,0x2a1175e7,0xbf3790d8,
-        0xfc53ca4f,0x7f43605a,0x87ff6091,0x577f6c47,0x600c82b6,0x827c7552,
-        0x9d25599c,0x0944d630 } },
-    /* 36 */
-    { { 0xe6ab9620,0xcfdeb63e,0x786cd808,0xdff4fa6d,0x456320b3,0x145edd82,
-        0xc4943915,0x2ae5f862,0xb73b3f87,0x9508e813,0xe52f97a9,0x3bd805f3,
-        0xc9829b62,0xf71b5c28,0x86e0cefc,0xb394c70e,0x23bdb36e,0x534fb1a9,
-        0xdbe27e5a,0xd64f5862,0x83ab6169,0xbae23df3,0x27c828cb,0xdd6df1b1,
-        0x3a307a8a,0x1901899f,0x811ddf66,0x36cc8659,0x79943b77,0xa3cb7774,
-        0x6fd86576,0x7d89f383 },
-      { 0xc9f92b2b,0xf8564242,0xc46e32bd,0x700c6a75,0x7f99a5c5,0x93e768b7,
-        0x03149568,0xb6efe858,0xc2ce6709,0xbbfe8a19,0xee6ec493,0x721a3b1b,
-        0xc371c28d,0x26eeeea9,0x15177e1d,0xd798115e,0xb068a5a5,0xd7bf3bce,
-        0x46d2b4b2,0xdf8da220,0x59be9dfc,0x3df0995b,0x77640b79,0xc96897bc,
-        0x5a2bd3c5,0xce0cf4c2,0x89afe744,0x16f45d6e,0x3a8509bb,0xb53f3acb,
-        0x63f2a6e6,0x449af81f } },
-    /* 37 */
-    { { 0xa16d9377,0xc2fcf132,0x7e1a2f9e,0x9ab377b3,0x86d19ae5,0x72e1a12e,
-        0xd013bbb1,0xd2b12e66,0xcb5f66ba,0x0972e055,0x399eab50,0xd11de1c0,
-        0xc65f5ec2,0xc1f314fd,0x8a9ff593,0xfc311841,0xe05246e6,0xdf73c1ec,
-        0x1625056d,0xc28d1363,0x6fb25e19,0x30a9dbd7,0x845cd2d7,0x049ed244,
-        0xd36e852d,0xc779b83f,0xf68c8a83,0x85a35fc7,0xc95e8033,0x299bf1e1,
-        0x20891af5,0x0e8617c3 },
-      { 0x67c81b5c,0x53720602,0xe737873c,0x2fa89dcd,0xa8144fd0,0x2a7430b0,
-        0x26208c83,0x3006c5a7,0xd8ea40f5,0x4e066660,0x896413a4,0x9dd025f9,
-        0x46b9149f,0xbdf380cc,0x0a125cc2,0x80156619,0x52793c37,0x04d6a3b7,
-        0x6b7a62f2,0xb6001374,0x585d5978,0xa9cfe268,0x8395fe66,0xdcad0cb8,
-        0x46b261f6,0xbab468fc,0x9d9d9218,0xca0ef5ef,0x5e452402,0xc507d4a8,
-        0x326cf687,0x6f4404f1 } },
-    /* 38 */
-    { { 0x4febd3ff,0xa3e1920b,0xfdfd2bba,0xca6234d8,0xe19a9829,0xb7d1af2a,
-        0xc6f5bc20,0x23de1610,0xdaa39ca9,0xe204dbf3,0x6d8c70ab,0x2a2de9b8,
-        0x7c9d370b,0x272e0c37,0xe565510e,0x80914c06,0x57cbb6b0,0xb611e7a8,
-        0xd8266a6e,0x076fc6ef,0x3095801c,0xdfac34ee,0xb9e24063,0x69ff40a2,
-        0x787aa5c5,0xa7ba31a9,0x33c70cd2,0x0e4d1fdf,0x6895f074,0x903e3132,
-        0x7fb671e2,0x905771f8 },
-      { 0xa4062bee,0x5199ba0d,0x94d7d9f9,0x18e7238c,0x1e0922c0,0xf53f29bc,
-        0xb12d855f,0xde9b2a81,0x6d68ca29,0x649f3eed,0xc50c097f,0x64adfc34,
-        0x9db398a0,0x81964ab9,0x7a587224,0x00d59c47,0x74c5903a,0x09fea396,
-        0x15043dd0,0x6aafd8ee,0x5f1ecc20,0xc5721a6e,0x0db9b7b4,0xb6d6a483,
-        0x66c8d52a,0x06ffc617,0xacc82a27,0x3de241d6,0x27f2f7a8,0x0605f052,
-        0x6404decc,0x6a22953b } },
-    /* 39 */
-    { { 0x74fce389,0x92452d8f,0x2afa5564,0x059634c0,0xf0ed7825,0x9377ccbb,
-        0x37718e0d,0x89f4045b,0x9fa69a4d,0x11074e7d,0x7295b0ba,0x5d70bb07,
-        0xf107ede6,0xb22d54ad,0xa1a29c7b,0x5c39a3d8,0xd795e3ab,0x37236c02,
-        0x2b589951,0xf7282d00,0x5790bee2,0x5e2265be,0xa8e65ea2,0x91e0ea11,
-        0x6001cebd,0x0e71a708,0x2c1c5402,0x16900f5a,0x357f6981,0xc3b2d5c0,
-        0x619e3427,0x528c9ea0 },
-      { 0x5f26c577,0x1edc86b4,0x9438bd45,0xf8074708,0x792582a7,0x2dfe1013,
-        0xde1e569f,0xe08eaca0,0x9a55a356,0x5f952efa,0xe4976216,0xa4d80b53,
-        0xcd5d71f2,0xd2b65855,0x66cea3f0,0x246704bf,0x492323ca,0x193f641f,
-        0x9adb1325,0xa681855c,0x2d19d652,0x86d522ce,0x5b82ed7b,0x53609f10,
-        0x8e150d29,0x3b0f0094,0x0b13e891,0x23ad8bfb,0xf794b449,0xcbb1556c,
-        0x738bcf57,0x200f9093 } },
-    /* 40 */
-    { { 0x8388387f,0xf9b22fc5,0x28e883c5,0xcf26f170,0xd1b7973c,0x447cab90,
-        0xf6ec9171,0x8d5d4ea2,0xc30cdbc0,0x2e16f498,0x48623c2b,0xdc92910c,
-        0x30dbc545,0xeb1491b0,0x14de21b0,0x631deb2e,0x2fe830f4,0x04a21066,
-        0x379c1f3f,0xa4c6979c,0xfb06a795,0x8a732b68,0x1619dfa9,0x3a44327a,
-        0x8dbe2c9b,0x91a307d3,0x03989fea,0x939bc8d2,0x0f4a331f,0x3daabaf2,
-        0xdd0f55dc,0x5c307e98 },
-      { 0x35b233da,0xbbc4e0c4,0x22f6f985,0xe3d29085,0xa8b02468,0x99dd2d21,
-        0xa96916e7,0x978f40e9,0x614bcced,0x0327d86c,0xb290762c,0x95e95502,
-        0xa879f2ed,0x0ffd2197,0x50e0bd33,0xc4365137,0x0827c4c4,0x26c3148a,
-        0x3fcfc0b2,0xc79812a8,0x31928589,0xc3d8d17e,0x8830f42d,0x8b572cfe,
-        0x4b07f83f,0x7cd9ff92,0x0a51148f,0x331ca950,0x4c59f9ac,0xd0c53968,
-        0xc1434785,0x1df16dfa } },
-    /* 41 */
-    { { 0x68bcacc3,0xcc7bb4ac,0x430f58cf,0x06ded34f,0xd461855a,0xc59f9f4f,
-        0x45c9f0bc,0xf5491994,0x4375c892,0xdc5f7ec6,0x3c85983a,0x1b8708f1,
-        0x82fcd087,0xb32a5cc4,0x2d6b4c0f,0xefdcdc35,0x8ac6fb2d,0x4bb24f04,
-        0x33906471,0x5982d4f5,0xb83a3ac4,0x162eb52f,0x2337a223,0x7130df28,
-        0xcbc3dbd3,0xdce7b802,0x2467ac0e,0x8b395959,0x1b56717e,0x21d3d2e8,
-        0x46512617,0x729a7f50 },
-      { 0x8420f90a,0x874ed1aa,0x0fe4c855,0x6368e19e,0xb0be74af,0xb62d4aaa,
-        0x8ca60ca9,0x76fcc480,0x7645a867,0xf310b5a5,0xddb1b24c,0x131bac9b,
-        0x2dea5b44,0xef77d71d,0x72fcc64e,0x4706d210,0x673d77f0,0x29b92691,
-        0xe89e0663,0x22e00bf3,0x74077d40,0x472d0cd3,0x829232e2,0x3e21040d,
-        0x38dc8533,0x2f916dfb,0x14b8f667,0x48bbb59b,0xd44be19d,0x19de9f4a,
-        0x232d9d5c,0x7f6d3649 } },
-    /* 42 */
-    { { 0x6e794819,0x3bd064de,0xf82ebda1,0x5a6b694e,0xb91e2804,0x1f017fe0,
-        0x07a43cd2,0x190d31f3,0x630433e9,0x6c26f226,0x0abfdcb4,0xba488aa7,
-        0xa46411c0,0x418d9085,0xbffb5880,0x1b934fe6,0xe200f849,0x75d1e237,
-        0xa55413db,0xdf04d63f,0xe23b3f77,0xe216ed75,0x0f91bd30,0xa05866cb,
-        0x7729c509,0x84c395d9,0x452ab2d7,0xec97e188,0x0093d686,0x8cb7c1f9,
-        0x628f086c,0x2d032395 },
-      { 0x4a44b4c5,0xa81c9407,0xcc702c98,0xb9846879,0xceb0dc97,0xcb502287,
-        0x6e3aa321,0x30301126,0xe4c256c2,0xc0ac8763,0xe55b4845,0x65034d20,
-        0xf240f35b,0xaa96a040,0x7cf7eedc,0x046d26d3,0x3b810656,0x62a5a8e1,
-        0x83d70c2b,0x86044b97,0x59e4da8f,0x2fbaff88,0x5457f5d1,0x929d901a,
-        0xb531b757,0xd29e1eb2,0x9e4e9739,0x214dabdc,0x4eaa9bd9,0x5bd724fc,
-        0x1ef9bb9b,0x734c12b3 } },
-    /* 43 */
-    { { 0x92f9b086,0x98fe3c2e,0xb3fd4544,0x4641b93e,0x5c02c65c,0x47ce208b,
-        0xc4f03242,0x8a52dca1,0x679d29f6,0xb5ec17d9,0x9406f5f4,0x11d2fed0,
-        0x0d9ba811,0x260f63dc,0x15472a3f,0xde2b056f,0x007290e6,0x1b170d9f,
-        0xb6b5c8f9,0xa2e23e8d,0xcf34c3ee,0x345a2839,0x1b973ee2,0x9bdc5461,
-        0xbb24d1c5,0x65bda6c2,0x3c6141a1,0x97d52ba3,0x9d2eb201,0x47bb1612,
-        0x21fbe49f,0x7c558a87 },
-      { 0x3f350fec,0xb9485a52,0x6a38d4c0,0x016678c5,0x0d5aa64d,0x8ef346a2,
-        0xd96da2e4,0xb85daa02,0x4f647b3c,0x845ec4ea,0x0d5e946c,0xc0d1a6ca,
-        0x4fa9f4ab,0x41d8d1c1,0x9c8b1303,0x43972cc5,0x434ffbfb,0x67e1f48d,
-        0x819d2318,0x350ce93a,0x6ddef23f,0x49f53090,0x200cf12c,0x3c2e6cf9,
-        0x640432fc,0x42691cc1,0x72496b52,0xbfff74b4,0x020a97be,0x44527c9f,
-        0x7b3c4348,0x34cd7dca } },
-    /* 44 */
-    { { 0x59e7fe87,0xf031761a,0x0047cd72,0xb1eae31a,0xfae30f62,0x27902e68,
-        0xb71db143,0xa666f48d,0x0e0038f4,0x75ee6678,0x02bdd76d,0x3b45ac67,
-        0xa0d6cd5c,0x0d2fb828,0x9d8c5b11,0x27ce7f1d,0x120b5e96,0x141fe0e4,
-        0xb9267c37,0x95a1b984,0xd60312cd,0x5206e589,0xda549356,0x1867342e,
-        0x070c74ac,0x374520b9,0x9557b0b3,0x2703cbb5,0xa6ed8c14,0xf621f59c,
-        0xabf7b887,0x7ceb1cc2 },
-      { 0xdb7fd65b,0x0647a5bb,0x36c9457c,0xd8d45cc0,0x9e12718a,0xc6da99db,
-        0xe93a7fb1,0xed1dbbf4,0xbd1566a1,0x4512c95c,0xdbc0c919,0x4861ba00,
-        0x9e7f5269,0x3c6cc298,0x0941aaae,0x67196150,0xc8c538e3,0xbfcf5d0f,
-        0xa25a551f,0xad6e9929,0x17ca0f26,0x90710985,0xfa89ef7e,0x743b78ea,
-        0x71ab4549,0x39d5ea31,0xe6d1c36d,0x7442f3f3,0x059d568d,0x25a683e0,
-        0x227ced5c,0x1f629a99 } },
-    /* 45 */
-    { { 0xe45a1c3e,0x8925ddac,0x41f7545f,0x72d29365,0x37e7f828,0x45622fcb,
-        0x3e4c79d2,0x88234513,0x9c2645d6,0x5dffaf84,0x994802b9,0x3078f4dd,
-        0x9d339fa0,0x566927f0,0x9fd91dcc,0x9a500a1e,0x0ab0abd7,0xce008180,
-        0x8194e5df,0xd97135a3,0x98adf088,0x9e876307,0x9a45a2a7,0x3baf01b8,
-        0x788b4399,0x6fed6154,0xe77a997d,0x980e5722,0x2a378eed,0xaac90ffa,
-        0x8bd805a2,0x4a75fda2 },
-      { 0x55e74cbc,0xd09a8fbb,0xfab18f25,0x737738ce,0x9764ec3a,0x0fc23ad6,
-        0xe7e0ad31,0xc5a7d35b,0xe481cc9b,0xe75e068e,0x3d4aec34,0xf0c2ea99,
-        0x0d4a63c4,0xf1324fe8,0x99b0592c,0x5dbb7c16,0xa7e0f46b,0x442d674d,
-        0xa300faea,0x5a5d66c7,0x3333ac83,0xe83dc821,0x8c408496,0x70ef812e,
-        0x99ef5fc1,0x96e1dcb6,0x1734e862,0x6e2b771b,0x583507d8,0x04629cdc,
-        0x23d8179a,0x5819f9ae } },
-    /* 46 */
-    { { 0x6aa78811,0xd9969121,0x2103e7c3,0xf64ee8f4,0x22b9e698,0xddf01070,
-        0x4f582cde,0xe6001f9e,0x2ecfac1a,0x24a608af,0x06393009,0x6ef4c784,
-        0xebf72911,0x5262eae6,0x8c4ee5a0,0xddbd0af5,0xecd87bc7,0x875aff90,
-        0x6f24f114,0x2fddb34c,0xe865f172,0x48104281,0x886c1b9a,0x95692426,
-        0x9ef4231f,0x6f5f3208,0xd0a7e82e,0xaf587acf,0x9ac395c8,0xd6571917,
-        0x1364a750,0x7459603c },
-      { 0xf41ae519,0x1c2475bf,0x4af8f251,0x34401fb1,0xaefb2c3d,0x70ddfcd2,
-        0x51cdaf08,0x9b2d385b,0x8208bb19,0x8531c256,0x4c33f3f6,0x16c89df6,
-        0x24571769,0xc23cfa99,0x86d010ba,0x2339b51e,0x22638313,0x08db0e8d,
-        0x00fedeb7,0xf769e179,0xa3687ef1,0x3fd96dcb,0x91476475,0xcd046b23,
-        0x0c45c8dd,0xf3ff2064,0xb8343d78,0xefd167bd,0x4b77ee90,0x493ccb6d,
-        0xb3cf7b45,0x33025513 } },
-    /* 47 */
-    { { 0x35eaaca1,0x36f00469,0x89119102,0x0c384b75,0xe6d2954c,0xcb375665,
-        0xb1e9d6d7,0xcb9199b9,0xc29c2757,0x75852349,0xb8e738d0,0x89cbd1ba,
-        0x5923a427,0x9b8dbe90,0x18fe1889,0xa237793e,0xa742e083,0xa4271757,
-        0x4eebd613,0x8c4979d2,0xd4f2cf77,0x40325054,0x958705de,0xa3b8a091,
-        0x33d999ba,0x1b191bd9,0x3b0fee1e,0xbafefba4,0x3facdf14,0xb3bad184,
-        0x4387561c,0x9328adb0 },
-      { 0xf906b872,0xabe84e80,0x78262665,0x705523a0,0x3398ccf7,0xd89c6a7e,
-        0xf55b5323,0x2fab551d,0x0554dea8,0xa0578eca,0x375589cd,0xef26523d,
-        0x864ad750,0xd8fd6242,0x178fe1fe,0x93f27fc5,0x9df87422,0x7b3e6f30,
-        0x3750d054,0x2862e49e,0x5dc038a1,0x7d90c6b2,0x84db682b,0xc1a1ae22,
-        0x9881930a,0x47f3dab7,0xbaf3e0a4,0x30e6bd52,0xf62d25c5,0x0680025b,
-        0xadd0d5e7,0x0aa1f3cf } },
-    /* 48 */
-    { { 0x22a10453,0xa9822190,0x2a03a10b,0xdd1eb91c,0x96646f3b,0xafbb5d95,
-        0xf38b6fc6,0xa58de344,0xb8cfca1d,0xce47c3e5,0x0f70da04,0xfcd8e16d,
-        0xda262ed6,0xac44349b,0xc56e2f8e,0x9320d87b,0x19138e58,0x9ce3ea08,
-        0xa2b236c0,0xa5862dff,0x8e7efb0d,0x6b0f9a5c,0x16ac78eb,0x4b53432b,
-        0x709b51af,0x6ff43105,0x8f519628,0x08e236f8,0xeed403ad,0x1f93f176,
-        0x9636545e,0x559337e0 },
-      { 0xd8fd807a,0x30ddf738,0xab131222,0xf4e0ec9d,0x625afbc3,0x14a2f4db,
-        0x9f12f895,0xd5b70604,0xac3044fd,0xb46f3c23,0xf540148f,0x1b232d1f,
-        0x39b4e554,0x61b458f5,0x0dd70b75,0xf694b24a,0x289581d9,0x0fc64299,
-        0xee5fe22d,0xc05d49be,0x6a18bf63,0x7af3447f,0x7f1929d6,0xe96a1dc2,
-        0xc1551e8c,0x6afe6028,0x2b5d4fa2,0x27dacaf3,0x545c2cb4,0x4a1631bc,
-        0xb0c914d3,0x930070f9 } },
-    /* 49 */
-    { { 0x69a9bc05,0xd2f32c5e,0x589c4b73,0x0a5c19c6,0x94665f9c,0x095c9e5e,
-        0xbcfb4c39,0x8ab0f293,0x1ddb7c31,0xb9070877,0x66b38048,0x894e9658,
-        0x606bd9bd,0xf19a90cf,0xb6fd2d69,0xcc1d58df,0x461d8a69,0x886dcc4e,
-        0xf9ce4831,0xc455c277,0x765f8a82,0x749a5996,0xc3badc8d,0x2ffc668c,
-        0x9112cdab,0x38018396,0xb243c7cb,0xa98795c3,0x010a2224,0x8775f310,
-        0x587b5e14,0x043a2141 },
-      { 0x3a873752,0x7bbe9dbc,0x2f442fee,0xee1493f4,0xc18c2181,0x981ca2c8,
-        0xe29769e7,0x00ce3090,0xde768c5f,0xb4626ac8,0x34d7677e,0x33e9ce46,
-        0xe0fa94e6,0xf89c2cad,0x41f5b5bf,0x04f5cc11,0x2228c12c,0x2565f736,
-        0x0c05cce5,0xf1bf706a,0xbe487c4f,0x5d07ffff,0xa499f1a4,0x3ec43c09,
-        0x98d94800,0x4f4e79bb,0x073f12f8,0x8a335a16,0x0f970d6d,0x4bb5eaf7,
-        0xf24d0ae8,0x18d0747b } },
-    /* 50 */
-    { { 0x84601faf,0x58d3c77c,0xaf1c1f72,0xc9465be2,0xd116d806,0xff626798,
-        0xd5b0d93c,0x3996c0c6,0x5ec6723a,0x2fa1ad75,0x03ba5349,0x966a8144,
-        0x2ac34d8a,0xdc4c9422,0xed675865,0xddf471de,0x953d528f,0xd8aca597,
-        0x24ebf67d,0xb2e463b5,0x7e25b4d3,0x25824871,0x43159daa,0x23c5adba,
-        0x83357540,0x5458f9c6,0xf938b1a6,0xcf685da7,0xcefed231,0x981a4fda,
-        0x08bb5e59,0x711093ed },
-      { 0x401f161a,0x12aa3fc6,0x974c5e87,0xf7358560,0x17b5df82,0x4aa252fb,
-        0xa48e6299,0xb0b82b07,0x29dd847d,0x00234157,0x4529c5a6,0xf1e54d00,
-        0x6d98f538,0xcc1c539e,0x28d3abcb,0x36162b53,0x2a84f0cd,0x75a37938,
-        0x4dee7484,0xf717a81b,0x4c23bf1b,0x16cf35fb,0x787e8b3e,0x7fd1c29f,
-        0x59b79ab0,0xb7da7e68,0x85f6c60b,0x072100a0,0xe7ed48b5,0x31840159,
-        0x4d9c97d4,0x17898bda } },
-    /* 51 */
-    { { 0xae1b8cf8,0xcd8483d8,0xe9a28856,0x323d4b42,0x204a4bc2,0x7633584f,
-        0xca7a69fa,0x4e0b2228,0xf757bab2,0x8afbda8b,0x6cc5f9ca,0x85b24088,
-        0xd41a95c3,0x47fb4813,0xc2aabe6b,0x3f1bc53c,0x1ad1599d,0xf22cda3f,
-        0xc31ea9b1,0x1b2ec081,0x01614ac1,0x048f304b,0xc6afa7ab,0xce31cee9,
-        0x4140dc3d,0x55af7633,0xdce8abba,0x84b7ab37,0xc7cf3efe,0x50de7648,
-        0x15356ab2,0x73a88dcf },
-      { 0x06e83b39,0x3f868288,0x9f44037d,0x477a4413,0x17dbc841,0xf9058b0f,
-        0x54d17549,0x2db64f4f,0xf2307ffe,0xa23cea6a,0x4f126261,0x393efd55,
-        0x10f37f26,0x2f4e658a,0xf4ee1e35,0xa4437ce3,0xa93cde8b,0x64ef42a7,
-        0x939aa901,0x1debc9f4,0x3d7b5cd4,0x44223d6a,0xf88a3acc,0x789a6a11,
-        0x2c608a2d,0x56fb9df8,0xbbf56c06,0xe79db8e3,0x668fa300,0x73c56af2,
-        0xae396a1e,0x52f32b17 } },
-    /* 52 */
-    { { 0xe714f71a,0x56f524c1,0x9add8519,0xc1be1262,0x65cadbe3,0xad9189d8,
-        0x5a0fb649,0xd88bf5c8,0x21d192d9,0x9efa6a92,0x6f724b6f,0xe3fe8389,
-        0xb250119c,0xec3fae24,0x2ae0d3c0,0x4b6af9f6,0xd619624d,0x8fceba0b,
-        0x2fdb6e3a,0x7dc3092b,0x3263cd29,0xc91da376,0xf95c43bd,0x30c0761e,
-        0xcdeb44d9,0x89136400,0x43c0d31d,0xfd7dce84,0x9871899f,0x78fec3b1,
-        0xefdf58c1,0x79e14d28 },
-      { 0x9bb40c55,0xe3822235,0x0ed07a42,0x0a27202d,0x4838c1f4,0x48e6c1a9,
-        0xd864a78e,0x2b5f24a7,0x0c6c55c9,0x7e7f140a,0xce12d508,0xe62c104a,
-        0xc11b1e10,0x9b0a1a7e,0xafbb3dd5,0xfd8a275f,0x9a3b6b30,0xdff354fe,
-        0x46602a01,0x5a105d9e,0x93bb65f7,0x3d371b4d,0x0f82fdeb,0xda5cbf0b,
-        0xde468545,0x4601229b,0xc73d517e,0x505e10b9,0x672ff492,0x77cfa541,
-        0x99566ce2,0x0d8ec28a } },
-    /* 53 */
-    { { 0xcbeee995,0x014cf73e,0xd491e80c,0xb2eb88bc,0xd9aba5d4,0x615a6cad,
-        0x9304c84d,0x2f7d4633,0x8ab03c9a,0xba0501d2,0x91babb94,0xc8f723de,
-        0x50405772,0xc885f977,0xc7fcb094,0xb5e1d2b3,0xdf96c71a,0x61ee7995,
-        0x3464499e,0xb8c8daab,0x5f607932,0xdb425ddd,0xb1243587,0x70251ca1,
-        0x9fc74340,0x26d7d3be,0xc902ac89,0x8c179310,0x4559a74f,0x72522c15,
-        0xc3734afc,0x86001e27 },
-      { 0xe7693947,0x13b00ba5,0x012c062b,0x6478641e,0xe85490a8,0xe1a438e0,
-        0xd9574d5e,0x5173dbbf,0x9bd3ba61,0x9532eb8c,0x5f3ea075,0x1f41bcb8,
-        0x8cbb92b9,0xac1cc247,0x1ef901b4,0x0f34648e,0xd2b3b2ee,0xdd929d1e,
-        0xc3d75bfc,0x470f1eab,0x139cf4d2,0x5cdbc6f7,0xf0424953,0xcd86454d,
-        0x47fcb383,0x1e079812,0x17df930c,0xb9f209b4,0x114ebc00,0x4225fc31,
-        0x347946c1,0x020591cb } },
-    /* 54 */
-    { { 0x275e0af4,0xe3003721,0xe78a4a4b,0x721141ef,0xd1757485,0x666cfcf6,
-        0x168e659e,0x5fa1d737,0x0e2842ee,0x263e3e54,0x948bd5f6,0xadecc3d4,
-        0x246b104a,0x019de03d,0xf343d818,0xf8a9e903,0x5b0c0d31,0xcb57ba4a,
-        0x51e2765f,0x8246c506,0x6519bf67,0x80c5751f,0xf2119a01,0x5f05c200,
-        0x7821d4f4,0x7e6487b8,0x261c3a06,0x262f94aa,0x72146052,0x56cfe489,
-        0xa1df05ef,0x5119985f },
-      { 0xb18586c0,0x5819497d,0xc6eeaa62,0x004415d6,0x97cda28b,0x7c6a46b6,
-        0x7c194594,0x9a149b28,0x4ed3a506,0xb56369fa,0x43c94cb4,0x7092aa66,
-        0xa9e9eee2,0x55bce73a,0x77893509,0x34bb2870,0x06eb5326,0x8af95fb0,
-        0x9638f485,0x87cd0323,0x5ba75bf8,0x29376268,0x9d42d581,0xf32d6f3d,
-        0x65c6d64d,0xa4cad574,0xb2cded41,0x985f50fb,0x9006a067,0xcf34ce0e,
-        0x58a57f9a,0x59eaf265 } },
-    /* 55 */
-    { { 0x6ec3876f,0x7b407efb,0xf0f48648,0x780c6123,0xbf893039,0x2abb56ff,
-        0x45a91ab0,0x9592eaa0,0x78811b82,0xce5b84d7,0x1f9f3fc9,0x86a71a34,
-        0xf0e7e13b,0xc17fdd86,0x655a0880,0x88ed8297,0x81d5e666,0x75d6dc74,
-        0x1d171797,0xeffc9df6,0xe3f79e1f,0x36ad4c8d,0x2046192e,0xdb15317d,
-        0x274fda62,0x78c9fa7a,0x82dd9914,0x04ec924f,0x3a64971c,0x059d1e38,
-        0x2620bbfb,0x3b4450ea },
-      { 0xc776dcdb,0x3db7a955,0x81c8ba47,0x35c4a57c,0x505760fb,0xae285003,
-        0xb3aec353,0xe3e80691,0x47117be5,0x380335be,0x056ccf61,0xe1c47e3a,
-        0x33977916,0x253cfdeb,0xf5cb7ee1,0x3decdfba,0x7cf4b704,0xf3c9794f,
-        0x9ff81462,0x2401680c,0xbe3daa9f,0x4e440e11,0x69f91d8a,0xc5d04377,
-        0xcb5e9c5d,0x4106c7a8,0x33b7d24d,0x191909a1,0x3764b4a2,0xe893c838,
-        0xc429b614,0x4a7fe30c } },
-    /* 56 */
-    { { 0x2455c7c5,0xe78f3a70,0x70157754,0x5b7636e8,0x7623262c,0xf32c4524,
-        0x1bc780c7,0x2c98b11e,0x915ed877,0xd48eaeac,0x199265f4,0xbb04d3c0,
-        0xcfa5200f,0x6b52b19b,0x93ea3fe8,0xc46a0981,0xba758059,0xd82c733d,
-        0x1896aacc,0xd324bbd6,0xce8ecd51,0xac09a2fc,0x02fc44b3,0x529918fd,
-        0xaaa1784b,0xf0c45e4a,0xfe22085c,0x35626340,0xc50c7d61,0x53cbb676,
-        0x65126b23,0x83fa1ea3 },
-      { 0x10ccc646,0x60ac86da,0x7b0451e9,0x2ce0637f,0x8a088610,0xbbbcf630,
-        0x20349982,0x23c19019,0xfc0bcda0,0x707fc39c,0x1bd4fd7d,0x7f4d1f15,
-        0x44713bbb,0xd6a64e74,0xc5ac9e60,0x57bdc676,0x37b61169,0x456c5303,
-        0xdcf40a1d,0xd3451396,0x4997d2c7,0xf3edec25,0xc2c4a739,0x534ae9a4,
-        0x6a6ad2e2,0x1401397e,0x23e95f81,0x20769d4d,0xde98fabf,0xcee007c6,
-        0x931c51e0,0x61409779 } },
-    /* 57 */
-    { { 0x15156623,0x3ddb32db,0xab7a67c2,0x68137fbc,0x6f19e3c2,0x26011f50,
-        0x89924c61,0x34218b02,0xc6804c1c,0x492a0b0f,0xafaae6a7,0xd65be706,
-        0x0d01be61,0x3b13d23e,0xf87f4c69,0x44545b47,0x04dc1aa3,0xd42236e2,
-        0x3c5161ec,0x6135261d,0xbd88bc07,0x1eb46a63,0x1599d720,0x78c6d836,
-        0x69baf0f3,0xf6955fe1,0x17072820,0x467eebd6,0x3e3a340a,0x2f1b8a2a,
-        0x2d0b5f88,0x636dac76 },
-      { 0xb4c80af3,0x94280db9,0x4e3892ab,0x9a189cd1,0xd1477ddc,0x26e702e0,
-        0x68f9f14f,0xe91aee38,0x80baa0b2,0x2864f63a,0x8b714a29,0xacd81f73,
-        0xc5fe7cb6,0x30e1b870,0xb10837fd,0x883ea1c3,0x6b20489f,0x2da27953,
-        0x58a2da5f,0x3aeb2a68,0x03a8fa14,0xe2330bf2,0xdc70b1c4,0xb5c488b5,
-        0x299678f4,0x0a78c4d9,0x25df675c,0x233bd098,0x7b67d368,0x37b5c076,
-        0x4d0bef3f,0x2f6dbdfe } },
-    /* 58 */
-    { { 0x2e4da7c7,0x2f8472fd,0xae677932,0x708cfc91,0x3dc268e2,0x364af08a,
-        0x799a2424,0x0f10dfe0,0x71d58bff,0xef912d58,0x988962e6,0x6bf35dfc,
-        0x5f47ea0a,0x28b96fa9,0xaad308c1,0x734a79ea,0x9f437bba,0x95730337,
-        0x6cf54f75,0x002cbd8e,0xe7632eec,0x47606dcf,0x53193104,0x404b5ecb,
-        0x0acf729d,0x0ae0897c,0x3bddf1de,0x89628b86,0xf87d7448,0xeced154e,
-        0x458d5d4e,0x5cb6e197 },
-      { 0x008c75ed,0x98cef197,0xf6eeaaf8,0x7cf49d3e,0x1875e96d,0x1d6f9e02,
-        0xdd9b0d8a,0xfcec2cfe,0xb9576daa,0x38a61cfe,0x36a7dbb8,0x10003f39,
-        0x23b814f4,0xb37c3868,0xb80e3153,0x9fb66dcb,0x059847a8,0x9e7e2eba,
-        0x35a72770,0xa4ec63fd,0xfc9e0ed0,0x311f3d91,0xd515baa4,0x3c1dc094,
-        0xa08cd4e3,0x75a06ebc,0x2ed5eeaa,0xab617238,0xe1f52c1f,0x2e82bbb0,
-        0x5175d6e5,0x2149d630 } },
-    /* 59 */
-    { { 0x5f9311f6,0xee1a8e6f,0xbabc1f85,0xc97e3c9f,0xb494209a,0x4fa7c52e,
-        0x19774fe1,0x04c2f51c,0x8555844f,0x5cefd122,0xb5873ab3,0xb53862a3,
-        0xcbed19fc,0x768efdd6,0xee58469a,0xcdc12479,0x3d80c09c,0x11237e31,
-        0xc044c28c,0xdd74a290,0xbd47e287,0x9ee6517a,0xad0ffeef,0xc2421228,
-        0x818d281f,0x4273088f,0x43ec0de1,0xebc744bc,0xb415bd73,0x5b26eccf,
-        0xcb07c26c,0x14e2f350 },
-      { 0x4216946b,0x548d2a10,0x7a4bd92d,0x6e801f07,0x43695160,0x5996d0a3,
-        0x63a197c9,0x0f1b5c2f,0x061f77c9,0x79da3c4f,0x93ff7b22,0x1c1cd634,
-        0xa234123f,0x5e61b650,0xf284033c,0x826b34c5,0xc2f34214,0x718b90e8,
-        0xae806ec5,0xa5f35620,0xe324a9b4,0xa2fae345,0x8b53cb51,0x8c0bb95e,
-        0xf9965778,0xc94f6ac2,0x6b9def32,0x07ec607d,0xd0ed8f27,0x63bf1dba,
-        0xdcb61e4f,0x58537e02 } },
-    /* 60 */
-    { { 0x64f80ba2,0x1f64b064,0x0559a45b,0xe8e055e7,0xf1f4b634,0xc3262b34,
-        0xde8c8482,0xef4f7d5f,0xc30c780a,0x9d55dea0,0xcfa1e693,0x1740afb9,
-        0x7460c34b,0x2cfe6a66,0x1187c1ee,0xf6695941,0x5f974d94,0x1382f277,
-        0x004549eb,0x1ca0ace4,0xbabded02,0xf8244b3f,0x4e3653ea,0xc36f4d06,
-        0xc55c5f83,0xeab9f0dc,0xacebce90,0xd93b9cef,0x19061425,0x16658e72,
-        0x82d7970d,0x4857835f },
-      { 0xd2576210,0xdcd525bc,0xd51b5443,0x9f378aa7,0x1bd83994,0xfe97bf17,
-        0xf38ac621,0x930d0f63,0x818408cc,0xaf8f2c17,0x260f53f6,0x2692c87e,
-        0xdb0a75e4,0x0ee45407,0xffdb1b37,0x0ec47ae5,0x7aa6a44b,0x769129dc,
-        0x2e40b75d,0xb6f932b2,0x95ef3b77,0xe06764d0,0x68bc63e8,0x28fd47f5,
-        0x9c0014c0,0xd1810494,0xd7995d8e,0x90e2d3fd,0x6c2a85af,0xeb39a05d,
-        0xa21f3128,0x6c0277bd } },
-    /* 61 */
-    { { 0xb509e7ef,0xe41b7086,0x3d7f9f91,0x8842ec7b,0x5526b88b,0xcd285f94,
-        0x051dd0ab,0x6e44e064,0x774f1ceb,0x90198c10,0x123e661b,0x6ecabe98,
-        0x32f647d9,0x44811136,0x26c52aee,0x1dd82b45,0x939dc9d5,0xd650907f,
-        0xfcd455bf,0xbd5eeef2,0x8d2e5d7c,0x7815a4dd,0x88bc9f2a,0x5ad4ec92,
-        0x57a3b322,0xc6f10d0b,0x20b9cbdb,0xe8d0c1e7,0x9b774ee8,0x5a0b071a,
-        0xf22fcf8f,0x3067bc9a },
-      { 0xb7ca9326,0xe0e589f2,0xb1224f63,0x17a106fd,0x747a57bd,0xb2354521,
-        0x62b0882e,0x2614982d,0x4391ffcf,0x7f3af544,0xa84e440d,0x1aaa337b,
-        0x941bb071,0x28ea37b0,0x2e4a7f54,0xa957dcb4,0x1a6ad5fb,0xe7ab662c,
-        0xf7c36a20,0xd135e381,0x9baa0b6b,0x42e7980c,0x94e4671f,0x4237030c,
-        0x8b0922e3,0x24cc63ff,0x445a589f,0xd10d5279,0xa870ff6c,0xbb99d316,
-        0xa996c195,0x390c83ca } },
-    /* 62 */
-    { { 0xffc4a73f,0x50d3fa82,0x3bd53303,0x2665d635,0x264bb77d,0x80a06f8a,
-        0x22d73d84,0x81c04a6e,0x0323b8aa,0x2409cff5,0x8c4c4d5a,0x31dce217,
-        0x0c0f9c19,0x374aa80e,0x00186bb8,0x0b25a387,0xaaf1487f,0xd0b77a10,
-        0xab498de1,0x15f39ad5,0x1aa0c116,0x92e32da6,0x96e25ce8,0x228e3dbd,
-        0x5e8646d1,0xb57c88dc,0x267b1c68,0x672b1164,0x600bdec5,0x5d0d807f,
-        0x223e573a,0x3ea4007d },
-      { 0xa595d0a3,0xd76debd0,0xaff0b3b4,0xa6bd76cb,0x9b1bdb97,0xbf2c154f,
-        0x4c714c71,0x62b19ab4,0x221af663,0xc9bf33b9,0x8c941ef6,0x23d87c49,
-        0xd79f0f6d,0x255804c3,0x2a7acbc1,0x6f1a1005,0x550528af,0x5dab79d9,
-        0xc8d16213,0xfd77a6f0,0xde5e1029,0x40508b6d,0xf95da12b,0xd95ac0f2,
-        0x758a8ba1,0x8860af71,0x7160c8fb,0x0b194c83,0xce004d34,0xa40e6c80,
-        0x6b14aaa0,0x09f82a17 } },
-    /* 63 */
-    { { 0xc21366dc,0x60abe588,0xaf75daf9,0x729c0a4f,0xacb93ed4,0x70501fd9,
-        0x87a16d70,0xb97e744e,0x98e7361b,0xa42e0a7a,0x28b54cf3,0x1acdaff2,
-        0xb7bd9078,0xf087ccbb,0x663250e7,0xda6f3983,0xbaf07c09,0x66d693ee,
-        0x8cbaf157,0x79baf4c3,0xdfca99d0,0x5a984e07,0xf26d8dab,0xab4d3247,
-        0x7eba36f9,0x4d0be701,0x0e8dd216,0x37bb9e65,0x531c4f03,0x72aa4e24,
-        0xb753d85a,0x77d1e984 },
-      { 0xd8e62367,0xd9373239,0xb9820cf1,0x3361848b,0x5a9c97c4,0x00c7e344,
-        0x14f960fc,0x9a0ec9ae,0x740474b5,0xcf41f0cf,0xece065d5,0xa5eede8f,
-        0x9e808610,0xb1de5a4e,0xae0cf75d,0x17c44ae4,0x6b148d0b,0x2fa56323,
-        0xd29ff2dc,0x64fa740f,0x88cb212e,0xc605eb8a,0x6a863016,0xf2c771ad,
-        0x607b4c17,0x6d6112e7,0x40d49785,0xfe90ec07,0xe256e0e5,0x599be18b,
-        0xca54adb0,0x4e6eabec } },
-    /* 64 */
-    { { 0xfb99cfe6,0x950323d3,0xc9334178,0x7b09bc26,0x7cbdfb6f,0x64111e41,
-        0x89a75760,0x91141744,0x10919cb0,0x4c633df9,0x396bfd2f,0x715fc7c7,
-        0x8cab62db,0x8ca19512,0x4db81aac,0x30672473,0xb4c4c54a,0xe67a246b,
-        0xbf229646,0xd77ea0fa,0xfa5b5d70,0x5bed15f1,0xc2f192f3,0xa5686da5,
-        0x7f6690ad,0xdecac72a,0xcaa50b7d,0x0c4af2a2,0x6049ad2f,0xf44631c1,
-        0x04ecf056,0x325d2796 },
-      { 0x4848c144,0xee11fb55,0xb6a7af32,0x4e062925,0x369e0f9a,0x125b68e1,
-        0xca53b21e,0xad9bdae6,0x2e98ea1b,0xf50d605c,0x9f2fa395,0xbdb9e153,
-        0xe91532f5,0x4570e32d,0x46a250d7,0x810698ae,0xad9d9145,0x7fd9546c,
-        0x11e97a5e,0xabf67721,0x249f82e9,0xca29f7d5,0x9851df63,0xa9c539a9,
-        0x71d0e3e5,0xfd84d54b,0x041d2b56,0xd1e0459c,0xfd80096a,0xceb3eb6e,
-        0xe32a79d3,0x19d48546 } },
-    /* 65 */
-    { { 0xb540f5e5,0xfe19ee8f,0x04e68d17,0x86d2a52f,0xadbdc871,0xd2320db0,
-        0xd03a7fc8,0xa83ad5a8,0x08bcb916,0x54bf83c7,0x2e51e840,0x092133ea,
-        0xcb52dddf,0xbce38424,0x31063583,0xd5c7be40,0x458e3176,0xc1ebb9df,
-        0xbc4dabbf,0xafb19639,0xc05725a8,0x36350fe4,0x84e1cd24,0xac4a0634,
-        0xc145b8de,0xadf73154,0xb3483237,0x0aa6dd9e,0xcbff2720,0xa3345c3d,
-        0xb4e453b0,0x1b3ace6c },
-      { 0x90a8bdc5,0x0343e5e9,0x6306a089,0xa203bf9d,0x8e48520e,0x98489a35,
-        0xde7d1d06,0xbd17debe,0x5f795d3f,0x8fafa6d7,0x387b0a3f,0xa4ceb630,
-        0xffddeafa,0xe0166b32,0x7e764e02,0xa2fe2054,0xe871f304,0x55ab9824,
-        0x952ec45e,0xa2bd36bb,0xa90d20ca,0x7b4c1484,0x75bcfb53,0x5319f387,
-        0x6982c4e5,0x34238a4a,0xa102921d,0xa2bb61c7,0xdb3ab17e,0x1e061b64,
-        0x192f0a14,0x538ec33e } },
-    /* 66 */
-    { { 0xa19b56cf,0x193496fe,0x7bb99acd,0x663d77f4,0x57d0a881,0x8f04afa8,
-        0x082835fd,0xcced3da2,0x5d82cec7,0x7e21faed,0xf8009c85,0x6e175b99,
-        0x2d05a307,0xd9c6e31b,0x81487d82,0x96948d4a,0xd46f6655,0x86ebd3f2,
-        0x773ccc49,0x86851aa8,0x8b1640a6,0x3e220f22,0x41a20b75,0x9f06e3a8,
-        0x90ac0a6f,0x2cfffe5e,0x8ebeb3fb,0xf5a9b1da,0x6e08e2c9,0x2587d997,
-        0x03e9f401,0x6fd60298 },
-      { 0x8eb7516a,0x54709f8d,0xbdc598ab,0x83058a74,0x87e801ce,0xd234dd98,
-        0xd17b8a96,0xfd0f9d90,0x6e90f6ab,0xaa1e549f,0x5a7ed55b,0x2496ff80,
-        0x6c254c19,0x0d9f657a,0xb8962575,0x3cdea49c,0x2dff27de,0xb685a3f0,
-        0xdb8bc04b,0x3c50e7fd,0x987236b0,0x904ff0ff,0xbb0d5055,0x494298fd,
-        0xe14be8d0,0x34b3386d,0x7c3d30d6,0x7ad34e9c,0xe159fdd9,0x1f2b32bd,
-        0xc761e5c0,0x84cfa23c } },
-    /* 67 */
-    { { 0x8b99b964,0x13bc11eb,0x58e2fc47,0x8e280c0a,0xd4c9a54b,0x870fbc49,
-        0xbf6e20fa,0x37a334a2,0xd7c88cfa,0xee583d0d,0xef4af1da,0x05e029a8,
-        0x0c2ef8a6,0x6d55e234,0x209e9b62,0x61b6fdfe,0xbb8e080f,0x3b1dad26,
-        0x9392fc1a,0x5adbc162,0x0aae3f4e,0x02ac0fe6,0xc2bf4d5b,0x8d99801a,
-        0xc282fed2,0x2333f93f,0xb52db33f,0x16dcb10c,0xc55752e7,0x09f90f84,
-        0xc84a0d8e,0x287d4c51 },
-      { 0x0e9867da,0x5fa58201,0x1a874cda,0x614589b3,0xfbdee22e,0x005e27c5,
-        0xe612bda8,0xe357fef5,0x2d3635f9,0x4e0dbedf,0x6f125a86,0x62be70e4,
-        0x0d94a2e5,0xa09b9884,0x28b5e5d1,0x7eb99a15,0x751028b5,0x21b9416e,
-        0xe06d2cc4,0x1b137fd7,0xfea09845,0x6fa1f517,0xffcecbd7,0x3ba1e966,
-        0x832f453e,0xd4c89a4a,0xeca68fa1,0x07b1e2af,0x4bd395a3,0xd0fb4453,
-        0xd8ef9e13,0x0132a3dc } },
-    /* 68 */
-    { { 0x576374c2,0xe53c7785,0x84727040,0xe60526d1,0x228ca044,0x8a066dc8,
-        0xf1ce1313,0x1fe1c1b2,0xcdeb0c5d,0x2aeec832,0x9cbf826f,0xa7596699,
-        0xde77a589,0xcd188e81,0x118d1254,0xe5ce0fe0,0x0790b86a,0xa142a984,
-        0x39ac28ce,0xe28f043f,0x87de5804,0x4eef8290,0xf639a8c5,0x83c31b32,
-        0x5887794f,0xd70454a7,0x18b1b391,0xca635d50,0x31d9c795,0xcefea076,
-        0xb6f8aa25,0x13cbee76 },
-      { 0x8d3f34f3,0x79cabe0f,0xa3617fe3,0xbda9c31c,0xdd9426a1,0xb26dee23,
-        0xf29c9104,0xe9dd9627,0xe2c6cd3b,0x033eb169,0xfcba2196,0x8a73f492,
-        0xb858c83c,0x92e37e0b,0x23b3fbb7,0xe4f2aca6,0x64be00a2,0x8101fb1e,
-        0x948f6448,0x91a7826a,0x907260e7,0x414067b4,0xe30bb835,0xf774aa50,
-        0xc999c06e,0xf922ca80,0x0ba08511,0x6b8635b9,0x25fa04f0,0xbf936b5c,
-        0xe02e8967,0x4e0a1ada } },
-    /* 69 */
-    { { 0x8ba29c4d,0x00ca6670,0x22988094,0xc08240ce,0x16dda752,0x21c5ca67,
-        0xabbbfa34,0x689c0e45,0x3ed28b72,0x1d7545fd,0xd7c56ab4,0x5f221198,
-        0x38759d65,0x4b3d8f74,0x8fe50b89,0x93490dfb,0xe80eba16,0xb641f5d7,
-        0x79acb537,0x7b0da5eb,0x0c1d5e5e,0xab6b1497,0xa5da429a,0x2338e68d,
-        0x2f6d2f25,0xe010c437,0x6530f3a7,0x226f16d2,0xcbef08bc,0xefb0f7b6,
-        0x9f99c999,0x733e30d9 },
-      { 0xa42a38f9,0xecfe1582,0x4730b500,0xaec2d58e,0xde976b2c,0x2ee2f2a7,
-        0xa969c1bb,0xf0539db5,0xfcecdb4a,0x31954168,0xe7a8e902,0xf2f7348a,
-        0x3121541f,0x1d58d7cc,0x2202ae52,0x5d25b75c,0xf40835a7,0xdea9965a,
-        0x529b4e46,0x3feb6a41,0xbd27ad9b,0x5c97fb6f,0x261f900b,0xd87554c0,
-        0x04d5b19e,0xb43031d9,0xcb219b9c,0x33d5e9b8,0x3ee00bcf,0x7a43d492,
-        0xb79a5c0c,0x56facb39 } },
-    /* 70 */
-    { { 0xa3018bfa,0x019165a2,0x9ffad984,0x100c6b24,0x55341a9b,0xbbf1b1f6,
-        0x25dc4cc9,0xe6bd1d97,0x2bfffe60,0x52850ed5,0x7e5509ab,0x24e992cc,
-        0x4ceb59f1,0xff6c502e,0x1aa7d148,0x2f0b3573,0xe7e3aa46,0xe90c1ddd,
-        0xd1142880,0xbaec9f45,0x65be5dd5,0x475cfd26,0x1febce13,0x83abb14e,
-        0x80942d30,0x6aba4829,0x297e82c8,0x1e1b235d,0x50d8218d,0xb771cdbe,
-        0xd94d6cbb,0x88599266 },
-      { 0x155ccaf2,0x08847290,0x7c5b773e,0x8679ebc7,0xb2dd08ed,0xa88b2dd1,
-        0x87d475db,0x960a180e,0x6694d02a,0x80fdb6b7,0x3f3f9e96,0x3e8758c9,
-        0x4ad836c4,0xbda3f6fa,0x32fb387d,0x9400c581,0x2550200f,0x25a78542,
-        0x776ecf18,0x2a97c351,0x566db59a,0x03ebf46e,0x26545eda,0x4743a280,
-        0xcf74ab44,0xed169d84,0x88cb3f69,0xbaab931d,0xd8257196,0x70ae932c,
-        0xa0c09719,0x797224a6 } },
-    /* 71 */
-    { { 0x441f3567,0x632923f8,0x2e24bf1d,0xc11c3168,0xb7671fff,0x4b97726b,
-        0x7a5e1a22,0x601746a7,0x3addb417,0x53dddea0,0x7f59b846,0x57867a3c,
-        0x56cd7ff7,0xb012a987,0xf19ba9a8,0x1bd5fec9,0xf8306748,0x750379a2,
-        0xab8c05d1,0x7763445d,0x7903f42a,0x5d7f441b,0xa903e46d,0xc011674d,
-        0xadd126c1,0x1b1d3c4d,0x61455b40,0xa2752aac,0x555c356e,0x4da42a68,
-        0xd820852c,0x3ff09c15 },
-      { 0xf9cb7784,0x4c0a1bce,0x2422f305,0xaec539bc,0x0c414aa7,0x5f40f9fd,
-        0xffd42bc4,0xd3aa316c,0x2f358e15,0x42f5a4c3,0xd6e27682,0x00bdcd9e,
-        0xf8a5ecee,0x069f789f,0x05e14f5d,0x8078018e,0x8b40c741,0x2bb3e493,
-        0x7917f72d,0x5dbc8c1d,0xcc57150c,0xe0eea664,0xc3fa8920,0xa25ecc5a,
-        0x1c797164,0x3c21b0f5,0x634ad16b,0x8f09a2f2,0x58391d9a,0x8e730fc5,
-        0x4fdfae4c,0x47ef1805 } },
-    /* 72 */
-    { { 0x3da285e4,0x9965f3d1,0x3a01e3f4,0xba7d4dba,0x61214ad0,0x4738413a,
-        0x22397549,0xd3b7d535,0x5a730b92,0xa53dbdcf,0x332d165d,0x3130d92b,
-        0x82f97ef4,0x44a28541,0x44dce1b6,0xbf62221c,0x7e2a0ec9,0xbba13858,
-        0xcbfad998,0x33f32c8d,0xb5fed44b,0x409e5f3f,0xc66217bb,0x5c328c65,
-        0xfcdf71a9,0xb00db69f,0xb8920788,0xa23c2a21,0x3ae6464b,0xf8ab28e6,
-        0xb8de0861,0x1a6b6e9c },
-      { 0x06af77aa,0xaf6ec2b6,0xa887f065,0x2e60f5cd,0x9f498c56,0x87d21400,
-        0xfcbaaf4b,0xdb595b59,0x271ab855,0x0fb592a1,0xd4349b0c,0xa0ce10e5,
-        0x887d8c9c,0x9d6187d8,0x154bd6db,0x03ee95f9,0x5d06c999,0x8fe53213,
-        0xfb6a64d0,0xf4a7bc30,0x66a4cb60,0x3d22af0d,0x5d37367c,0x16952cef,
-        0x997d8e55,0x6f0ea734,0x731732d0,0xb447c70f,0xa9cb3942,0x00ab3034,
-        0x28510fd0,0x79dd0180 } },
-    /* 73 */
-    { { 0x3ac7424e,0x04e0033a,0x60fda4d0,0xdb06b688,0xbcb772fb,0x236a9766,
-        0xf297cda4,0x294a8e2b,0xdb013c6e,0x4b0aab85,0x8723a3ad,0x3d2aec98,
-        0x13c84a6b,0x0cae32cd,0x70ec169e,0x21888f5e,0x42a88262,0x739633bd,
-        0x7b60d9b8,0x68ac792e,0x10769fe1,0x89f2b722,0xd24bed34,0x8f3fcfe6,
-        0xa3eb24aa,0xd35efb88,0x484c706b,0xddecfa3f,0x929ece0d,0x7cc119a9,
-        0x8d405436,0x87e5ad45 },
-      { 0x7d1000a7,0xba99aa9d,0xae823833,0x8b94affc,0xdfb83dc5,0xc8229628,
-        0x845a418d,0x2f59fe11,0x5d417054,0xa8b970f8,0x72b71581,0x8918c265,
-        0xc0d1dd17,0xe4ef477d,0x3afad7c0,0xb50b4cf3,0x01870a5b,0x21baea79,
-        0xbb3a2868,0xc77087f9,0x124a59cd,0x7857531e,0x57f43239,0xed74c26f,
-        0x0164c94a,0xd5f5ae25,0xf094bf74,0x6608b7e2,0xfdceea32,0xf4cdb5ba,
-        0x990cc045,0x0b712519 } },
-    /* 74 */
-    { { 0x88d5c64d,0x5a290ca1,0xa7492534,0x0596d749,0x2a00e925,0xa04b0d3d,
-        0xcaf7b66b,0x082cd02c,0xecdded83,0x912b50c2,0xff31646e,0x813ce9de,
-        0xc75fff95,0x62ae70c7,0x7e2a4615,0x6f6852e0,0x03804fd1,0x320fd7d0,
-        0x8218e8d9,0xb1a2a4dd,0xafc645d7,0x4918a6fb,0xe8d9fdbe,0xfb080fa1,
-        0x4470b6ee,0x33d4d08a,0x6d974ef7,0xd2ba2077,0x69dae5d2,0x8ecb95a7,
-        0x7d69596d,0x7a3f423a },
-      { 0x9a929387,0x362d2ca6,0xcb1c1fff,0xabdb7581,0x7e51b6cb,0xd892ec9f,
-        0x3a4e131f,0xee8d8632,0x5bd87561,0x4680e3f1,0xd4e7e732,0xe3a597e1,
-        0x5581fefe,0x3cc72b7c,0xca8cae0b,0xf3e77f8a,0x5e2fd4af,0xfcc7d7dc,
-        0x21355b79,0xdd3a4552,0xa2c07177,0x546b24f2,0x0689621f,0x415b532d,
-        0x3f78163e,0x2be9af51,0x33d7ed21,0x27d63b9b,0x96802943,0xab019ef2,
-        0x1623faf4,0x2da5fc55 } },
-    /* 75 */
-    { { 0xc8a5c600,0x62429cf3,0x3fe33e7c,0xa7a80c22,0x0a57ddcb,0x9ffda740,
-        0x925b0c74,0xd1ae156d,0x6b100eb0,0x097a43f9,0xef943c81,0x169e945c,
-        0x1128cf24,0xa1f734e5,0x419f0133,0x04387c4a,0x01044024,0xc007868b,
-        0x90359cf2,0xe5416abf,0x478d54e3,0xf9c76fee,0x42a2173e,0x66219da6,
-        0x9fe30141,0x61e03156,0x93ef247e,0xa0ff5ce3,0x072b6592,0x811792ba,
-        0x70c854d3,0x855f0219 },
-      { 0x847314c4,0x61fbfb6c,0xeb45b96a,0x97906155,0x6ba2afac,0x7102e146,
-        0xab949781,0xed51f975,0xc110c4fe,0x9d2f5b17,0xaff57667,0x7ac8ce70,
-        0x6eb244e7,0xe7366a21,0x551c65c7,0xdd1bbcec,0xe1a859de,0xb525060a,
-        0x8ba7d2e7,0x7a048174,0xab8ea8c4,0xe1a2c541,0x6fdff078,0x6e7824c3,
-        0x14874b04,0x79b49fc7,0x06b1f733,0x22ae337f,0x6f8fe6cf,0x1c352192,
-        0x525d0797,0x292236cf } },
-    /* 76 */
-    { { 0x7d8b29dc,0xcdb8d80a,0x08ea648a,0xd17a2024,0xae92be91,0x7db12c5e,
-        0xfda72fbc,0x1f347d18,0x9e760c6f,0x11374b40,0xd8e38d91,0x7361e8f1,
-        0x739ac1f4,0x7714be9d,0xb4df5c4e,0xc1f9701c,0x6f72cae1,0xd9138ed8,
-        0x6ad180c4,0x1c7fe1f7,0x9e2dbf9c,0xf8c185be,0x7c70c44d,0x835db269,
-        0xb0d15b5f,0xf997cfea,0x61e6545e,0x5101445a,0x25184e5e,0x16b06884,
-        0x7521e7aa,0x7cfac359 },
-      { 0x3c0bc53a,0x81182167,0x7e751367,0x84b5ede3,0xa3657a18,0x3ca255fd,
-        0xba1fdd98,0x096abbf4,0xc5da77d8,0x9ce8369f,0xaab342c5,0xf27b9ae7,
-        0x972059f1,0x06c91bd6,0x914ecfe9,0xee0dab30,0x93f53f12,0xbb647fbb,
-        0xffa57e0e,0x30c38a7a,0x9f2ad607,0x517d06ef,0xbb99dcc9,0x49728d87,
-        0x446080a1,0xb0034af1,0x12b9c17d,0xcc810c3f,0x772a22a0,0x7225f14f,
-        0x1ddf82bd,0x6ce3dc7f } },
-    /* 77 */
-    { { 0xa4397830,0xc07cd835,0xf4733306,0x4dd9290c,0x29989e8c,0xdd35d3a8,
-        0x563d8152,0x79902559,0xe87de61b,0xf278d911,0x1024e35c,0x9c7340c7,
-        0x4a0d0e59,0x2d444461,0xf32626a1,0x63e7608f,0xc4c9baa9,0x627a37e9,
-        0x76fffd25,0x0c56dc51,0xcef2a1cd,0xcb6defc8,0xefc559d9,0xcbcc0d56,
-        0x041cb692,0xe45f3fc5,0xe5161e09,0xcd05c239,0x5c3b559c,0x2a731ee9,
-        0xa3d0a16d,0x85151122 },
-      { 0x86ff19e2,0x782d0335,0x1da28603,0xc2c60daa,0x557c7eed,0xb2e78cfe,
-        0x1bc4e8b0,0xa8f6f984,0x3df35c67,0xcc1f9b4b,0x4764462a,0x96e13603,
-        0x7c7ae0b0,0xbf910b97,0x51435956,0x27c7f305,0xf631eae5,0xc14db15c,
-        0x7e69b34c,0xa51d6142,0x5fc12ff2,0xdec82851,0xfb887162,0xfcceae13,
-        0xde1488bd,0xda332ac1,0x2ee3e74c,0xa20374e2,0xf0ae069c,0x597ea1a1,
-        0x77bdec04,0x8b1159f2 } },
-    /* 78 */
-    { { 0x2f961d30,0x4af71a44,0x7ac7248f,0xbdf968a8,0xb1a906cd,0xd32df87c,
-        0x04abf925,0x00c10e26,0xb9f04d4c,0xb8711759,0x939705da,0x00d54e60,
-        0xc9f80849,0xf7587433,0x6a7a2375,0x2e9abade,0x94ac17ac,0x5676d478,
-        0xc202d99c,0x4ca0525b,0xabfae73d,0x95b8bcad,0x3405991b,0x2371ed38,
-        0x458a99c3,0x2b69e47a,0x2b78c866,0x7cac0b18,0xe0232c7c,0x6ceaa79b,
-        0x588f7459,0x0bd86433 },
-      { 0x7e734189,0xdea1a8b4,0xcfe5fa17,0x52c5ac88,0x11437664,0x444a4d4e,
-        0xaf9e9750,0xc2522308,0xd30c6b3b,0x78b1d0c3,0x4c6df477,0x2edae5f0,
-        0x2ee88dd7,0x53131d9a,0xacc93e34,0xc4e380ee,0xa8db0e8e,0xd499b1ac,
-        0x7f5d49d7,0x77348c16,0x1556ccd7,0xc9663257,0x2611d13d,0x65ce0e8c,
-        0xb5a2fdcc,0x2c95fe66,0x8658faa1,0x26698832,0x31c32c98,0xda87d1f4,
-        0xfcd91907,0x46650598 } },
-    /* 79 */
-    { { 0x6b4a5efa,0x4c6c13cc,0x1d07b265,0xc481989b,0x8bdc69c0,0x10b966ce,
-        0x2c2531d4,0xf54cfaa2,0xcad0a100,0xcb5f1808,0xee5da449,0xbeb52538,
-        0xbedd83cc,0xa6240085,0xd6255c78,0xe792dacf,0x2062058f,0x88371906,
-        0xed1658c1,0x96615e83,0x7d28d542,0x4b549b27,0x83b75df3,0xeaf127db,
-        0x17fbb942,0x4f60df6d,0xf6f7c930,0xd08631db,0x6018789f,0x17c38f98,
-        0xb9a9280c,0x0c43574a },
-      { 0x1d20cad0,0x76eb324c,0x8c61108a,0x90decb09,0x6f06d36d,0xa6e9d39c,
-        0xbc0da197,0x6cd978ba,0x507ac5ce,0x5948b1c0,0xc5497eb5,0x2bd47164,
-        0x4d5914e3,0x2a9c4c0f,0xa759f03c,0x772c5046,0x69ac847e,0xe7d7328a,
-        0x3048b330,0xa8d57d0c,0x40f7bace,0xe60034e0,0xa85f1790,0x823d9193,
-        0x5c859736,0xa6e9b66c,0x679e1022,0x22ca2c7a,0x09023fa4,0x00e7a19c,
-        0x2726d5b9,0x324999f1 } },
-    /* 80 */
-    { { 0x7c834915,0x667eaed6,0xbc5eb64d,0x9f77aa6a,0x25d62011,0x729ebcb6,
-        0x699fd9c2,0x0aee24f2,0x2b8d4f6c,0xe1eb5874,0x14c976d6,0x7f12710c,
-        0xf6d9ea65,0x91390335,0x06b50064,0x668b7049,0x0876ee4f,0x65969a0e,
-        0x2f9d9360,0xf901bf3f,0xb499e3ce,0xfb1a8651,0xf2dbcaaa,0x80b953fb,
-        0x973b06b6,0x312cc566,0x3af36c64,0x3534d9c3,0x10ffd815,0xe4463a52,
-        0xf18c2b91,0x57ea2b4b },
-      { 0x8aa0f2f2,0x00f5e162,0x0e46bcaa,0x8c7e75c5,0xa4a2c42d,0x97ab479a,
-        0x14baa202,0xb4f308ea,0x6943cc2e,0xa901bd14,0xeed58804,0xbb125fee,
-        0x9d180f7c,0x6502c8f9,0x1580c61c,0xe5353919,0x27101ee3,0x7e278069,
-        0xfaa72717,0x7a0a40a1,0x4c75b153,0x32edce02,0x538f1c22,0xda23660b,
-        0xbe307d2e,0x4d511e98,0x9baee0b4,0x24276e40,0x7ff1f307,0xa78c3927,
-        0xea7935c9,0x60480b46 } },
-    /* 81 */
-    { { 0x3872ece3,0x31087d66,0x955b70f8,0x5f29be7d,0x9cf95bb8,0xb50b4fc7,
-        0xdbffa621,0xbae3b58d,0xe022ba5d,0x0e61d280,0x4181449c,0x78ae5117,
-        0xcf555485,0x0b132840,0xb8ce0b0e,0x800ed1b6,0x78d5de3d,0x35dffdd5,
-        0x69a56b47,0xf7e42374,0x8d910ae7,0xd5e32369,0x6313c7c7,0xb6ff52a0,
-        0xa92de9e5,0x5a2fe20d,0xd12110bb,0x41b347d3,0x40c16f23,0xc5905edb,
-        0x9a8f88cc,0x0774a0d3 },
-      { 0xe3b6c106,0x3ae181ab,0x8de150b7,0x4ebe163f,0x6f354836,0xcf75b82f,
-        0x3ac7ac16,0xaa0d2063,0x291722af,0x5c680668,0x11545553,0x73941e61,
-        0xbf5de3f7,0x17127e38,0x1afb41da,0x32cfdf03,0x87bc8663,0xc6893c91,
-        0xa62c9c99,0x75046744,0x962c1947,0x96866e2d,0x378cdf4c,0x489ec8df,
-        0x3407fa32,0x3a60709b,0x551290d1,0xd37d2159,0xbab92273,0x9623d303,
-        0x2432014b,0x08151954 } },
-    /* 82 */
-    { { 0xfb7b2108,0xf9236d89,0xad75f9aa,0x3ecc83cc,0xb4e1da11,0xf7c72b15,
-        0x0315c362,0x552aeaef,0xf272fe3f,0x11e140ed,0x87843ee8,0x99d79bf6,
-        0x1d9bb25b,0xce6b54fd,0x5b1bad74,0xb20b0e21,0x5b84c90d,0x54a0214f,
-        0xfca6cec9,0x459bbf52,0x9e4df76f,0xe363c48d,0xd64cf17e,0x3045f84e,
-        0xf62ada48,0x8402a167,0x6a74ca01,0x2c9e1bf3,0xf691c42d,0xe8cf9d41,
-        0xc2c4b874,0x5abf2178 },
-      { 0xf3b3bccd,0x4777966b,0xbe3e0caa,0x0047e0f0,0x8c7d5043,0xcb8383b3,
-        0x946fd5fc,0xe77e3baf,0xe9ec0e87,0x79baa785,0xc8a18d25,0xd83c557c,
-        0x25befcfe,0x9b96e5af,0x98c71b61,0x4f05d15e,0x77e62da1,0x081f991a,
-        0xcbaa3821,0x1c6ec781,0xe54d9bfb,0x7522f65d,0x44ed1430,0xf5d05573,
-        0x95cafdda,0x3035b31f,0x6378f5bf,0x47e67f43,0x5270b9d9,0x029f7cad,
-        0x4d916a48,0x15ad1587 } },
-    /* 83 */
-    { { 0xaa588ae4,0x00de2ece,0xa371a232,0x552ebc58,0x71230444,0xd00ea934,
-        0xe4b1832d,0xafbfa67d,0xb689e843,0x29216341,0x61f4e2e8,0x1f96bbbd,
-        0x04c29dc5,0x95420684,0x42317fd1,0xc7fe3827,0x63483162,0xe0a0aec6,
-        0x0700184f,0xfc2b94d1,0xfe1fbd85,0x07219973,0xfb074352,0x648b6ab1,
-        0xc46e5392,0x23bbdaad,0x00fa56ff,0x0db8dd1f,0x866725f6,0x104815eb,
-        0x52e81963,0x3f9c4cca },
-      { 0x32ce637e,0xff36b297,0xf5d25cdd,0x81a15f2d,0x8b02ad97,0x1a1d052d,
-        0xcfbab3e9,0x2e5f3bbc,0x614eeb75,0x60d2cbd7,0xcd5a793a,0xd4491843,
-        0xcdba2144,0x2242cf75,0x88b99766,0xa20705e7,0xec77e132,0x64e12cc0,
-        0xb61a9b05,0xb1c14df6,0x74825b5a,0x8fd97f04,0x3da31223,0x95604821,
-        0x4d30c70d,0xde486727,0x1c12ee69,0xbcab8f15,0x668d893d,0x5dc638b4,
-        0x223f574b,0x6479dad6 } },
-    /* 84 */
-    { { 0xb05f2b26,0x569044f3,0x80b9f76c,0xb35a294a,0x4290f6ae,0x8839fe28,
-        0x026a5877,0x761cfb23,0x2e5ff9c3,0x768926b6,0x0b11c576,0xbae6cd20,
-        0x72a03efe,0xdc857756,0xe1bad63a,0x0cae074a,0xd709d99c,0x3fe491a1,
-        0x6501d9c1,0x76c5ded6,0xc32aeff7,0x1da6eca1,0xc57683e8,0x50849d55,
-        0xdf98d847,0x9e392e9c,0x64d9a564,0xfad7982f,0xa37b98b2,0xf7c3bdb7,
-        0xf0860497,0x1fe09f94 },
-      { 0x7648cc63,0x49a7eaae,0x67cfa714,0x13ea2511,0x653f4559,0xfc8b923c,
-        0x81a16e86,0xd957619b,0x3c864674,0x0c7e804b,0x1616599a,0xfc88134a,
-        0x0a652328,0x366ea969,0x4bc9029e,0x41532960,0xae2aad2b,0xef9e1994,
-        0x7f10bef5,0x9e2a8c52,0xc67bf860,0x73dcb586,0x844cc25d,0xf61a43fa,
-        0x74eb3653,0xd74e7eea,0xdd240f02,0xf3356706,0xfd83bcb4,0xeec7694c,
-        0xdb62526a,0x4de95786 } },
-    /* 85 */
-    { { 0x3deac2f7,0x4867d315,0xb61d9a8e,0xa084778a,0x0ab7b2d5,0xf3b76f96,
-        0xcfdf4f79,0x00b30056,0x31ab8f4b,0xd0701e15,0x9c779d01,0x07f948d5,
-        0x82675371,0x7c994ebc,0x48bad4c0,0x1104d4ee,0xbfc9d058,0x798ce0b5,
-        0x309fa80b,0xc7ca898d,0xacb33eaf,0x0244f225,0x5b2f3175,0xd51e8dfc,
-        0xa4d7be34,0x3e49ba6b,0xbda02b43,0x1760f4c7,0x4435275a,0x37e36a7e,
-        0xe636980c,0x1c94418b },
-      { 0x09dc1414,0x43a21313,0x43c93537,0x060765fc,0xdf5f79ce,0x6ff3207a,
-        0x85d4cfca,0x6f18b1fa,0x63e995ab,0xf5c4272e,0xa82b3002,0x121a09e4,
-        0x97147f16,0x82b65d1b,0x20a7fe26,0x4993c20c,0xe6716726,0x99c9cb98,
-        0xfeb440a0,0x5a02d673,0x251b4bc5,0x3f3fa9e1,0xa05338ea,0x75dbc474,
-        0x7b09f6cb,0x3cb4044b,0x80434609,0x6767da18,0x098ceac2,0x97851422,
-        0xb55235ba,0x611bfbb2 } },
-    /* 86 */
-    { { 0xf00ad2a1,0xbdbaa55e,0x14a290d7,0x29efa85e,0xe92b1694,0x3b4a4768,
-        0x11ec8130,0x67111bcd,0x88bd27b2,0x0e425702,0xd9a03c06,0xf28cf2a3,
-        0xf318884a,0xbb7c8d2d,0xe3aaeb20,0xe2ea1462,0x43b85d77,0x33535804,
-        0x554ee9bd,0x81ee4482,0xe6aa198f,0xeb2eee9e,0xc26c5944,0x7a5aa804,
-        0x82ab167c,0xa0ef2da5,0x02fe21a5,0x5a2ab476,0x3370298e,0x169cb3b8,
-        0x0eb3aa8d,0x86e6c544 },
-      { 0x0b793d9b,0xede03321,0x1ddb5ece,0xf79fade1,0x68930b64,0xf73fda92,
-        0xfe4fd1b2,0x06aad97d,0x92a4dc88,0x073a5b1d,0xbc976d75,0x8af8cbd8,
-        0x63ce26c0,0x60b4abb1,0xdcb1fb06,0x9c8300a9,0xda95b3d3,0x335a594c,
-        0xb37eac87,0x1f97d7d4,0x20eefaab,0xa3d2eba2,0xf3e828c8,0x3258c906,
-        0x85ab7781,0xc832616f,0x8c28b617,0x72597192,0x3233b82d,0xcd7196bc,
-        0x19fa126d,0x83867eb9 } },
-    /* 87 */
-    { { 0x22474edb,0x774fe73e,0x1a84e1ae,0x2a766394,0x9c6dd6e3,0x270329ad,
-        0x14f8bf5d,0x00c4a415,0xd2267b90,0x3ce2ea37,0x11d24fae,0x12753015,
-        0x263a1b78,0x7c14d854,0x1ae0b206,0x20c8401b,0x081f49fc,0xf32a011b,
-        0x959c6df8,0x1e8123fb,0x800e1d06,0xa328dc7c,0x24259a9a,0x5876a378,
-        0xb7ef6c37,0x23ada8b5,0xa93d4c9f,0x023f6b6e,0xffb6389f,0x89f5414d,
-        0xe628b39e,0x4b26bba2 },
-      { 0x5d318454,0xd30b1cb4,0xd7436cb6,0x123b749f,0x568a7461,0x3110c726,
-        0x1c84fd1e,0xc85de123,0x08403d55,0xa5f8d6e6,0x9b1fabf8,0x395b6e13,
-        0x3cfedce0,0xfe6d68c3,0x94b91110,0x1d90381f,0x2dcc6eb7,0xf0a8ea81,
-        0x7e90ca2b,0x59e80413,0xc8a25c5a,0xbeb5fc07,0x5d84663c,0x009c253a,
-        0x910b6a7c,0x00b15073,0x4108f8d5,0x8607da4c,0xcb901e65,0x02c3d9c3,
-        0x2c9615c6,0x4d697bc5 } },
-    /* 88 */
-    { { 0xefa8fb40,0xe0db1ef0,0x5ba3989c,0x29021c5b,0x809d19df,0xa8d6fb15,
-        0x4c1219e1,0x6b787b73,0x14ef05e2,0x6417e168,0x8f9796e2,0x449342db,
-        0xbf84421b,0x2f878a5e,0xe94a4536,0xe71916d7,0xae119693,0x9818bba3,
-        0x5768804e,0xec674be9,0xf8424f8a,0x0a26074c,0x466ce6ab,0xdbc93b9d,
-        0xc920078b,0xb3f15a98,0x3870f1a3,0x9d10fd0d,0xe4e785a7,0xa61241d9,
-        0xe6c8cd80,0x76ca87a1 },
-      { 0xe02e48b7,0x4357fb56,0xcc09e9c6,0xfbd14b13,0x24069cf0,0xdb5f2435,
-        0x2c3b01a9,0xf878165c,0xe6956dad,0xe549e7c4,0xbbd60b68,0xf2fe9538,
-        0x059dc653,0x952f856b,0xb377fe9b,0xd3f60225,0xbfe908c4,0x6a0c7328,
-        0xbc8f5f2d,0xce6aa2d3,0x24425050,0xf7213443,0x3d3b3ce5,0x17e1266a,
-        0xc1677512,0x75b5e43f,0x37fb894a,0x15927062,0x2be3e375,0x15260753,
-        0x6da3b7be,0x27e7f2c6 } },
-    /* 89 */
-    { { 0xe6a15883,0x638f65ad,0x66afdb33,0xd4a7e68c,0xd3f12de5,0x6207b6ab,
-        0x37b87810,0x1c6ff950,0x64acf6d3,0xc0d44cb2,0xf2be78c2,0x163ac601,
-        0x1636980e,0x1c63cc5a,0x95c9349b,0x3e92cfe8,0x41ec7220,0x7738e0d8,
-        0x2d5fa961,0x6169d764,0xc3e028e9,0x2aa776c1,0xb16d5409,0x93dc5646,
-        0x706df4d9,0xa0b27fb5,0xce9c6b97,0x9e991170,0x53c85f40,0xea8e42be,
-        0x83246528,0x02e96437 },
-      { 0xae78ea1f,0x91540add,0x7b670e96,0x51a1b74d,0xf7006826,0xf9936441,
-        0x7d7520c7,0x8f97d6ea,0x69ce12e1,0x0faa6a02,0x79208342,0x2590aca8,
-        0x75614436,0x7a483863,0xf381408f,0x07c6149e,0xd7853406,0x733bf584,
-        0x9abbb6f7,0x8761b010,0xf528a09a,0xe4eb249f,0x2e00ae3c,0x08781ed8,
-        0x2178effa,0x864c1b25,0x9d513a7e,0xcc1e62a2,0x1919062f,0xedb8b94e,
-        0x4f16527d,0x739f53da } },
-    /* 90 */
-    { { 0x924adc5f,0x7a5f4a88,0xa818f56d,0x95646c16,0x7795f954,0x0ec49129,
-        0xd19c5400,0x2b48753d,0x205912b4,0x16fa236b,0xe87a4946,0x6b3d65f3,
-        0x045fd066,0xa7174a01,0x12a5e140,0xb6350313,0xa96b8623,0xa79c4b44,
-        0x9ab003d5,0x7a339d65,0x3826f31a,0xc72f30c6,0x6f7090cd,0xb4e7390c,
-        0x906ebe24,0x59ac6c36,0xbba4505a,0x39a7f06d,0xc58c413a,0x839991e1,
-        0xa20e0e84,0x020c23ff },
-      { 0xafc74661,0x120e4ada,0x277fc065,0x37bbcf63,0xb6dce799,0x41049cf6,
-        0x7b161ba1,0x5b8d6b53,0xa9610fb2,0x22218431,0xdfdde769,0xde9ec9d1,
-        0x42d80630,0xd32bfa4d,0x6244df4b,0x3885702a,0x45592dfb,0xcdedd1ed,
-        0xfb4e01b8,0x0e1df45b,0x86e215b0,0x8f4bded2,0x6a937e6a,0x80935487,
-        0x8130f723,0x415278ba,0x38a821f8,0xc6dc4692,0xfd8b4f8a,0x2207b119,
-        0xf9269cef,0x76e7bf53 } },
-    /* 91 */
-    { { 0x27ebd187,0x5f128428,0xb65aadbb,0x8d3320ab,0x72258695,0xb042765a,
-        0x8f0986ab,0xda3f33f9,0xaebff503,0x411807a7,0x825f71a5,0x25c776ca,
-        0xff7df24b,0xc0de7bed,0x165f1fb4,0xda8b0f42,0x731f3ae3,0x5f3ff737,
-        0x193e0a52,0x4cd1d7e7,0xb6b3ba46,0x8df84aa3,0xaa1f3782,0xba84b897,
-        0xe7733ac7,0x6e7960cc,0x50981a21,0x4d46d6ab,0x7cbb80ed,0x1ec12c25,
-        0x2b96ef09,0x79e7ad27 },
-      { 0x8f30caae,0x3cd970dc,0x0a6ebef4,0x85cabcf1,0xc714616d,0x63c1863e,
-        0x519e3a98,0x1c50db0b,0x64cb13d6,0xf39b8963,0x22547b69,0xdf67d81f,
-        0xd67db0cc,0x7157abb9,0x889491b7,0xccca25ba,0x7a27e0dc,0xf689207c,
-        0x0fd43281,0x34ae8fbe,0x5720ec09,0xa5d91f73,0xcdfd7bed,0xb2f61909,
-        0x4a039e32,0x1ec10232,0xdb0d8fdc,0xd3c3d65e,0x4fe5005d,0x32c916c8,
-        0x4c0bea94,0x7f8c37ac } },
-    /* 92 */
-    { { 0x43ac05e5,0x33ec1e54,0xcd8d3825,0xda4a4da4,0x88bf9e2b,0x86d88c0b,
-        0xb53811dc,0x34d71dd0,0xa3c3aba4,0x655040d2,0xb61611be,0x2bc40949,
-        0x279a4fa0,0x1c2d426e,0x3b065ac3,0x535a5aa2,0xc52ea890,0xdaa8a32f,
-        0x9fddad22,0x5a5deca7,0x2ab3b26f,0x911f05fd,0xf37cd81e,0x5dace7db,
-        0x90d16b8c,0x0e0e44e7,0xe4f5894e,0x15e68aed,0xfc92a74f,0xafe04999,
-        0x970e7c2f,0x1d7703aa },
-      { 0x3f0062a9,0xa8a4c81d,0xd96a20ba,0xe31eb2b8,0x864bd101,0x66dd98df,
-        0x4413b614,0xba05f592,0xe9a555f8,0x51a67a0d,0x2e4b52d1,0xacc2f097,
-        0x7184ab23,0xab5daaec,0x7c7f691b,0xce08b43e,0x76c427f4,0x520e530b,
-        0xe423ebdc,0x7d352069,0x34df14ce,0x6b5e39e8,0x446305ac,0x3dcbf295,
-        0xfe34cdc1,0x682cb2e1,0x111f5afb,0xd4ac45d1,0x47f296f9,0xc5ef63cd,
-        0x93c20871,0x0a2c40ec } },
-    /* 93 */
-    { { 0xaf5747db,0x09bc384f,0xc06ab86b,0x3bad6086,0x9e7c1547,0xa406882e,
-        0x55977abf,0x2d5326d1,0xda81deb0,0x063a9a05,0x524b6111,0x9a86e4a7,
-        0x4ab2eb90,0x1402f87a,0xd5c600ba,0x7d0721d4,0xf289fdbf,0x1a2fd9a9,
-        0xecde6f07,0xf5dce66d,0xdab9fa73,0x62171277,0x6c474bab,0x6d2dc49f,
-        0x76eed033,0xdc017e1f,0x4da825d3,0xb97175c0,0x54b05e43,0x6c297e3d,
-        0x56c9c87e,0x2efb4546 },
-      { 0x8b21c064,0xa4712b00,0x4a70629e,0xd186fe42,0x9b74f0af,0x6435b340,
-        0x7ec9e629,0x6965aa43,0xc4c60d08,0xdda14673,0xbf3057aa,0x0b656670,
-        0x3ce86f60,0x7f05e840,0x04401a16,0xc05073a9,0x294e607e,0x16b1e638,
-        0x69cf7046,0x20783252,0xe8ce7d3a,0x2941141b,0x7577053d,0xd38ad8d3,
-        0xcaa6630d,0xdba68fb3,0xe9504350,0xecbeaff1,0x1d2d760b,0x9f5166d5,
-        0x462891e4,0x337532ce } },
-    /* 94 */
-    { { 0x3a00bb9b,0x3f111853,0x45f66685,0x2d2ffbae,0xd4aee24d,0x9ae11a85,
-        0x0341856e,0x18ba1e1b,0x2731349f,0xa9ac8178,0x545715b5,0xc13dfd4a,
-        0x5daad2ea,0xa5f7423c,0x535b76a7,0x30a483b9,0xff873e9b,0x92e9ada4,
-        0x723a1055,0x15662d84,0x8edac4e0,0xb935497b,0x39d8fa70,0x61b6441a,
-        0x40d1589f,0x1541d756,0xf0a05f0a,0x62994237,0x6bb28908,0xfd8b0034,
-        0xd4cd32bf,0x192a2b5d },
-      { 0x365ced07,0x63576628,0x05de1d1f,0x029f32fb,0xbf40a7aa,0x6d17b9bc,
-        0x9bb50a47,0x1b1b2a08,0x795a6278,0x9389abbb,0xb34fc19b,0x52cff60f,
-        0x387d8739,0xf3ab9492,0x6920ccd6,0xa8f053e6,0x63a9b4f0,0x3ef2dd4b,
-        0x51e82129,0x9ab0ede1,0x0838bfa1,0xafba0c0b,0x9ffc11be,0x2bd5a7ac,
-        0x95cc0878,0x058bfd95,0xf8c2f0c6,0x686d48a3,0x1d9b31ba,0xc33abaaf,
-        0x3bc0c268,0x632e2289 } },
-    /* 95 */
-    { { 0x15a1ccca,0x1c851d20,0x7e522bc3,0x4efe290c,0x18eab053,0x0b741d55,
-        0xbc85e217,0xae656197,0x01cf8b29,0xae13141e,0x66948478,0x2e2cb593,
-        0xc31bd8ae,0xeb57bb0f,0xc264e788,0xdecef5d6,0x9cb96d86,0x6fa856cc,
-        0x279183da,0x2db16813,0x383d796a,0xf03f3820,0x1d0c6fed,0x58a456ff,
-        0x8a6abd9b,0x25589805,0x83f96f19,0x339f52c5,0xda7e9ea7,0xcf6ded8f,
-        0x5d1ccd45,0x68c3d9c1 },
-      { 0xe6b392b7,0x67e26265,0x775d9509,0xcec1d9bf,0xd76514f7,0xe16abcd4,
-        0x0de72e1c,0xd86f59b2,0x1adfb033,0xa66e43cd,0x05e457cc,0xdb344340,
-        0x5681daa2,0xb67a7916,0xf0114731,0xc32e7bab,0xd3b1e961,0x066fe16e,
-        0xf63d26e6,0x924e298e,0x541add6d,0x9bea0dd8,0x9982f971,0xef9500df,
-        0xc5f076ac,0x5c876e63,0xb23d396b,0x55e12ae5,0x2ec6747a,0x09efbb36,
-        0x233286a5,0x8f2055ee } },
-    /* 96 */
-    { { 0xb82c1af0,0x4a4ab9e3,0xf2cae264,0xfc65e9e7,0x60187d46,0x4feaac0a,
-        0xe393b363,0x27d3f335,0x819bacce,0x9c9f7c00,0xb8aa6611,0x3f7418b5,
-        0x372aae95,0xffa94557,0x8db38589,0x937d7804,0x6f1fbc1c,0xd10c86df,
-        0xa2f0a0ce,0x48aebd89,0x367439eb,0xae5d5fa2,0x3f17d2d8,0x103a6a0b,
-        0x411d9894,0xf233f68a,0x218b67a2,0x7fece8b3,0x2319bf06,0x0422540f,
-        0x340d322e,0x1292c8c9 },
-      { 0x0386463d,0xf5eb5587,0x0371d97f,0xd4bbc2b2,0x0b819c5a,0x1b364571,
-        0xcf04ad41,0x0cbb42d6,0x66939ec1,0x5d819c76,0xa01847e7,0x8745ac13,
-        0x1c7232e4,0x4f704b02,0xacb05780,0x2c9e58a0,0xb561e295,0x9523b8b3,
-        0x79f9ba35,0x3384df00,0x1eaa9628,0x78231fc2,0x8aea2b90,0xa2eac54f,
-        0x30d1c263,0x8075ed77,0xfb339000,0xacb44ed5,0xf011293a,0x92546ac2,
-        0xeb821764,0x7c78762b } },
-    /* 97 */
-    { { 0x067902b6,0xb8f7d6fb,0xd1735980,0xb2823a43,0x59741ddd,0x062cfb12,
-        0x4033f95c,0x6e391b07,0x68589b8c,0x3831d0a3,0x522290f2,0xe3474d49,
-        0x222e1f3a,0x4dab14d6,0x53f08d39,0x8f00fcde,0x707f28f5,0x559917ae,
-        0x068e607c,0x166aa0ba,0xd7e1f824,0x602713e7,0x4d6a328f,0x7c255540,
-        0x9890cd2a,0x0d2e3264,0xeca0b20a,0xf2207944,0x52f4e09c,0x5c98dc07,
-        0xd84de81d,0x69403504 },
-      { 0xe5407206,0xf8b7b366,0x0d88fa8c,0x1ecf54cf,0xf7272e6f,0x6fefe548,
-        0x81ab4468,0xd6531372,0x4e474408,0x52cb5f0e,0x6490737f,0x9e426b3a,
-        0x4980d071,0x2576c19b,0x0f272caf,0x91f34628,0x468f31c9,0x78e60a4f,
-        0x90844d89,0x8776a329,0xb951582b,0x8a55700c,0x14b1adbf,0xab1af365,
-        0xfbd343ef,0x22ebff92,0xb7d81f34,0x32f9fb01,0xba6b30e1,0xad850e06,
-        0xbc5f9546,0x6da9e027 } },
-    /* 98 */
-    { { 0x5c9490ce,0x21eee4c2,0x0df68381,0xa96ec4a3,0xa4a9368e,0xe6c607e0,
-        0x4bc262f3,0xd8b0492a,0x460c34ff,0x0846a210,0x28df33cd,0xf7ff7a64,
-        0x21827612,0x10c55044,0x149bcd01,0x9d25fce9,0xcfc613dc,0x725611cd,
-        0x97f51ce5,0x159f7e88,0x4e8c08b5,0x3fa3bf31,0x75e7538f,0xea156115,
-        0x91c84020,0xd1e0a951,0xcf02ad0a,0x0d2268ba,0x058b8e5f,0xa04c6ac4,
-        0xb3515912,0x773b40b9 },
-      { 0x3631cfd2,0x00ff2cdc,0x807737bc,0x14c4c2d3,0x338a5270,0xd600616a,
-        0xb32cabde,0xd0e3306d,0xa70b17ca,0x336738ea,0x79f353ee,0xf2f4aa8d,
-        0x576f3ad3,0x712f6ad9,0x89b2bce0,0xe4279852,0xda92ca30,0x05d8f94d,
-        0xd8492dd9,0x9891d475,0x4d15e4bd,0x3e06a5ca,0x254eabbd,0x4725d4eb,
-        0xc0ed513c,0x31394ace,0xbbfaae6c,0x7e0f9859,0x833fd137,0xdc125546,
-        0xc56c4f75,0x12b46385 } },
-    /* 99 */
-    { { 0x932951de,0x810dbebd,0x5aa69c94,0x96959d42,0xecb2f08d,0x5fc49c04,
-        0x2250b82c,0xac74f0cc,0x3aec4e1d,0x96a439a5,0x90499acd,0xc33cab9a,
-        0x54d9b3af,0x2fccde66,0x3863ae8b,0xf4af285c,0x46febf88,0x2373373e,
-        0x3c9ab7ed,0x751d672c,0xfe12020c,0xc1c51130,0x52f3e56e,0xad82402f,
-        0xa4a64a81,0x3489ab7a,0xd9f163f2,0x0a1fb661,0x0e553317,0x17c69be1,
-        0x7d88d417,0x61c1935e },
-      { 0x3492ae43,0x2e722d9b,0x0538f05a,0x1ef89d95,0x200aab63,0xae77e588,
-        0xeba4b117,0x2872c120,0x3a461cb8,0x5c2432c8,0xcb938f26,0x315b3434,
-        0x8c4c7dc0,0x05bf2ac5,0x596b378d,0xd2e501dd,0xcb890c30,0xa8506c9f,
-        0x7c361f0c,0x3d0af461,0x5a35cbae,0x21f7b718,0xf3fc0138,0xbd1035f1,
-        0x8b248edf,0x74628af5,0x48c9cae0,0x8d6421d0,0x2ca18773,0x75e3da39,
-        0x71d3db94,0x27ad0df2 } },
-    /* 100 */
-    { { 0x305b5aed,0x9e3bda79,0x5998d6a7,0x2c67d4a4,0x0f7eb700,0xc855e1d3,
-        0x147d1c44,0xc18a7e9e,0xc89540ed,0x3ea99618,0x7e6bfd20,0xa53be20a,
-        0xecc14437,0xc9487e64,0x34ef85c6,0x72979207,0xd5e1ebd5,0xfa0d4e71,
-        0x4d48d6b6,0xfda2b1e6,0x66e200d4,0x782a1e05,0x5a5366a1,0x2a3c70da,
-        0x1a473738,0xfe3fbd2b,0x7fe020e8,0xd7ef8c06,0xeacfb665,0xec686fde,
-        0x6dd1542f,0x5d9b5e27 },
-      { 0xcb3e472e,0x3637c5a5,0x30a1405e,0x2153d927,0xb4498558,0x009992e5,
-        0xf39a0851,0x18f00ccd,0xb5c6c560,0x26237c11,0x1343540e,0x418ed408,
-        0x7e7f3184,0xfef7cbf0,0xbf48576b,0xecd92366,0xbc94c91a,0x1b75be1a,
-        0x4a162276,0x8e1778de,0xc5c6bcb8,0xc52e57d3,0x5ab71858,0x5cc382c7,
-        0x3f6e39f9,0xe12c2c28,0xd62735fc,0x4c7e0ef2,0x835a5996,0xe071deb1,
-        0xcbb8c766,0x24f891cd } },
-    /* 101 */
-    { { 0x6778c1e2,0x24ef60bf,0x00d5be5c,0xff49c03d,0x2f01a09f,0xec11986e,
-        0xae096e58,0x59a728a4,0x7077984c,0xaabbcedb,0x870ca5a5,0xfb473bd2,
-        0x4de30e3d,0x8c928c61,0x4f67abca,0x3fae7f9a,0xec21a9cf,0x83c2b2eb,
-        0x9cd9b5de,0xafa70d62,0xc60b18df,0xadeaea59,0x4049b54c,0xd5fef7be,
-        0x6dd310e3,0xfceebc76,0x8f6321cc,0x7748efe3,0x18ee8af5,0xfe9c32b1,
-        0xd42df612,0x863ac3cf },
-      { 0xb85a2fe2,0x0a36fca7,0xee429dc6,0xf3e70d08,0x141c3944,0x8c9ba209,
-        0x67272a0a,0x306a8106,0xf968bd06,0xe69a1555,0x153c603d,0xb86f7e47,
-        0xef56e4fa,0x9706614a,0x98780b4c,0xc0dc36b8,0x3a1d3263,0x43657fe2,
-        0x435522c9,0x01f97a86,0xedfef679,0xd91897f6,0x6daa17a0,0xebbe31d4,
-        0x85accfbd,0x6f179100,0x8f9fc1de,0xe0da6e32,0xe1e7142c,0x1c9d53db,
-        0x8b86725a,0x3e3f1b1e } },
-    /* 102 */
-    { { 0x7b7fbf05,0xb7ea15c0,0x1f1a3882,0x992f11b6,0xd1dcd1bc,0xc9ddd95a,
-        0xad0f7e8b,0x31f5b7fa,0xfca7ab79,0x2936e5eb,0x19a55be6,0x30f417dc,
-        0x43cde554,0x1f6f4e43,0x82f044bf,0x971f5e65,0x4288c408,0x73c3b8e4,
-        0xb807f575,0x61aac59f,0x818b58f0,0xa64ee2dd,0x97a3b0d3,0x6f7a0a60,
-        0x0394b058,0x8b85ecc8,0xbfb3517d,0x9a059474,0xa79c3f06,0x89ad5977,
-        0x700a8025,0x81208ed8 },
-      { 0x14c4ce37,0x10935099,0xa1aa48a6,0xf34bb843,0x580d58e8,0x86007024,
-        0xb375b8ba,0x6db42c49,0xed3bde83,0xac365524,0x649233b6,0x5521e1b4,
-        0x64dd946f,0xbc7cc5d5,0xbfb5b6ae,0x9c14b035,0x0146c1a3,0x7f22ba18,
-        0x872214f5,0x0b62fbbc,0xb4921764,0x3acfd7f7,0xcb4d6df1,0x5ff10da1,
-        0x62600a91,0x660e2620,0x81d9167f,0x7ac7da9d,0xb6e7a199,0x6e8e260c,
-        0x80deb3c2,0x44383fb8 } },
-    /* 103 */
-    { { 0xe44f9af6,0xe107f01d,0x8cb1fa1c,0x36381a4d,0xfb7dd493,0xe65be3ec,
-        0x26a8839f,0xd0b8435a,0x3ec789d8,0xee60f915,0x2bcc5e1f,0xe25fea50,
-        0x7e44a81c,0x0477c0c5,0x230ba5b8,0x349e9f83,0xde180dd9,0xdd42f32f,
-        0x64a3d11c,0x8b039eaf,0xbeb7083a,0x80ef884e,0xf12742cb,0x288e60c4,
-        0x720a0262,0x44156cc5,0x7253b77f,0xcd547de6,0xa6013a59,0x9829a6ec,
-        0x0d548445,0x8aee708f },
-      { 0x32c54409,0x18f22d9c,0x75ebaac4,0xa9ebfa46,0x86284981,0x90e2e928,
-        0x6b3a8e0c,0xd0201f6f,0xbd77641e,0xc973016c,0x70170575,0xf926f2f0,
-        0xfec0ce01,0x4984048f,0xf319d304,0xbf696211,0xc91a88c4,0x74b5c844,
-        0xe0030a82,0x4c40fbce,0xe4f6d521,0xbed67525,0x29d67d1e,0xaf7e47cc,
-        0xc21d3536,0xfa307db8,0xbbb29405,0x56b6c46a,0x033e805f,0xf059a7e3,
-        0x6096a5a0,0x970f61fe } },
-    /* 104 */
-    { { 0x1bec8e4a,0x1bc53d23,0x35a6034c,0x8809ac14,0x509e464d,0x4ee081da,
-        0x8a488235,0x496ae1fd,0x325864b6,0xa1ae9863,0x74cd069f,0xbaca13e9,
-        0xb1d8a6b4,0x3738cc58,0xe76b9da4,0x5fa71f58,0xc7eb16fb,0xc919be88,
-        0xad4e429d,0xf5c8f13f,0x2499f9ed,0x4583b671,0xa10d8bd7,0xbce20115,
-        0x5790bb7e,0xf66d7605,0x482b78dd,0x9316aede,0x75f855fa,0xe0d8fb2d,
-        0x5a7dcca7,0x404b5b94 },
-      { 0x517a15c7,0xf9ee682a,0xef880202,0xaae4cfbc,0x5106a354,0xcee2c139,
-        0x170febe7,0x5de60192,0x73d0c54b,0x589e39fd,0x8c9092b7,0x195c7135,
-        0x0a7bfe5f,0xcb7ed53f,0xf61cc979,0x2bd9242a,0x5395f7d9,0x8d2ef16c,
-        0x70b32f09,0x0d4ac1ca,0x52d185c1,0xa587526d,0x942d6195,0x2932b04a,
-        0xa500b0ac,0xfe25a979,0x562fd230,0x5fa1f4ae,0x20da253c,0x60f55af2,
-        0x83146002,0x7faa11b5 } },
-    /* 105 */
-    { { 0x6e402149,0xb0ba4f0c,0x963cc119,0x3584cc1d,0xa6527476,0x7740dc1a,
-        0xc95715f2,0x3f77ff75,0x3f89fb0e,0xb2f234ad,0xef9be3ff,0x55159032,
-        0x04237e82,0xfc9fb21d,0xa153ed93,0xeb2eff38,0x10041d13,0x89d53ae0,
-        0x7f1bd828,0xcf2e545b,0x43953ea5,0xdd4a27ce,0xd85e75c8,0x00d2e5d4,
-        0x241be1c3,0xeb93ed62,0x0242032d,0x1e53f25f,0xc3a4e701,0xb9957636,
-        0xed98febf,0x14b63a52 },
-      { 0x71c43336,0x7610b553,0x23a4824b,0x19dfd4a6,0x0286051b,0x7b97a2e0,
-        0x8f5f1edb,0x86abbb9c,0x9b67daad,0x67a57d77,0xcd5ffafb,0x8ace506d,
-        0x89ac3c63,0x85da9f95,0x75a3d150,0x081cbaa8,0xe9346ed2,0x03353d8f,
-        0xa1f9a02d,0xb2ab61f1,0x3a659c71,0xb0cb0937,0x4f5df8a1,0xb7e0e30b,
-        0xeb7d5a1d,0x77c4c741,0x728e5cf0,0x8f046c9c,0xf7c171ac,0x32dd0bc7,
-        0x836d2655,0x02485873 } },
-    /* 106 */
-    { { 0x75a4cd8d,0xcd40dd23,0x97bcba78,0x132ca433,0x258d61f5,0x30c5cd84,
-        0xda1e8e68,0x0a7ec059,0x1d65d40a,0x07a8f171,0xf4350d76,0x869e655e,
-        0x5983ae42,0xb98ce6f0,0x9d8bebd0,0x7b61391d,0xb1ba5d49,0x3a529e25,
-        0x1f6b2cf6,0x46f732e9,0x3fa3b629,0xbd66ec6a,0xc3ef0ed2,0x397950ec,
-        0x5f08b476,0xee9008cb,0x965a0e2e,0xfd6be425,0x1177bc87,0x78ed513c,
-        0xfe512dae,0x6798cedf },
-      { 0x1b97c5c6,0x49e3f8fd,0x78c3b33f,0x39fbab3e,0x40f595ba,0x44274412,
-        0x5d7d4376,0x174225b9,0x79c44777,0x880b3fcc,0x3296b245,0xdc3aca83,
-        0x1734e184,0x55913df7,0x9c934472,0xa4db23d3,0xd1420a11,0xcebb3733,
-        0xf3608bdc,0xb9d20cf9,0x30cfe13f,0xa618acf6,0x5f30874c,0x75f06b31,
-        0x9f0005a5,0x506efe7f,0x01bfc9db,0x8aaea78c,0xf78e7c41,0xf9179255,
-        0x52e96395,0x3ea7aed2 } },
-    /* 107 */
-    { { 0x5b06ae25,0x98617e04,0xcb5750ef,0xbcac148d,0x604c2ba2,0x91ea2f0e,
-        0x76b78975,0x00c19f6b,0x651da181,0x79b9b6d0,0xc945705b,0xf3225beb,
-        0x5c005bf1,0x30b435f3,0xbc24d86d,0x440b4482,0xd6373777,0x2b8f0996,
-        0x1c44b4dc,0x65fd6c56,0x30906999,0xe9405ee6,0x08aa1ec1,0x19ff0924,
-        0x3d2f2895,0xeef3246a,0xbc746797,0x016c3765,0xd0705f7e,0x62d2569f,
-        0x05250044,0x6a8ad39c },
-      { 0x46be7282,0xe45f020d,0x21380f12,0x9405afed,0xd5da6ad0,0x4cdca5bd,
-        0x7f8be61e,0xc2d6f184,0x596b8178,0x20132953,0x7a8df954,0x8d3b1e7b,
-        0x39572b4d,0x757c61bb,0x80cc3b56,0xd749b57b,0x37b3ffec,0x9590ff93,
-        0x145dc94d,0x39bbb653,0x2335e573,0x70c1c606,0xf763feba,0x9c2e72d7,
-        0xcc61b732,0x4768e424,0xaa73f2ca,0x777d2fa6,0xc5cb58cd,0xdee4dbaa,
-        0x9cfae1aa,0x1a181179 } },
-    /* 108 */
-    { { 0x77575ed0,0x6f6ff62f,0x7d1da99b,0x18f14fa9,0x69efd7f6,0x2e72aefb,
-        0xddc28633,0xc45ab4cb,0x586c5834,0xb0e20d48,0x39775dd8,0xd397011a,
-        0xf4134498,0x0130c808,0xf5115ed8,0x2d408eba,0x0260ded9,0xc506a05c,
-        0x19cab911,0x9e5b7362,0xe8693a86,0x4cf508c6,0xcc773617,0x4e71245f,
-        0x95d89ca3,0x2f71aa1f,0x607bbc98,0x4bba7c6a,0x212b7fd2,0xf3a515e7,
-        0x9230f5a8,0x7d2ddc75 },
-      { 0x4ed2cae8,0x3d05816d,0xb9c00377,0x4cf6bc7d,0x646b08d4,0xc23e98e6,
-        0x4b9c0180,0xf9ee6c61,0xef9179c1,0xe11c9a13,0x8ed9688a,0xa5b6147e,
-        0xd06670a7,0x7afeb648,0x17685275,0xd670333c,0x75f9e8f2,0xa89dd969,
-        0x37a68ade,0xbb57228d,0x454cb186,0x21a05d5e,0x063dd550,0x4810158f,
-        0x4cb6caf3,0x92dd4f08,0x7854abe7,0x70c4d852,0x6e729d76,0x845969dc,
-        0xb1bf40ba,0x5a52f87a } },
-    /* 109 */
-    { { 0x09ecacbd,0xed019e91,0x7b89bdea,0x6544023d,0x5707371e,0x7cc51f0b,
-        0x16c8e217,0x14832b04,0x81259ab5,0xb1aa6682,0x23e361d4,0x6e100f92,
-        0xe3a95c2a,0xe593eee9,0x16c10e26,0x699b6bbd,0x9473a13f,0xad487873,
-        0xb274987c,0xf1c14dc5,0x2559e2e9,0x57dc0075,0xc3d47ad2,0x8449849d,
-        0xdd527793,0x83df278a,0xeefd5b99,0x770e3ec8,0x76bd02a0,0x2ae58446,
-        0x3e705ffe,0x17f02764 },
-      { 0x29abea1f,0xdda4010d,0x2407ac4c,0x636b9695,0x0433218b,0x96a60129,
-        0x163d534a,0xf221fc3b,0xccc20565,0x05ba15be,0x96285577,0x1238e54d,
-        0x878804d3,0x1b144257,0xa89a9fe4,0x96fbf304,0x4be642b1,0xc8a7f06c,
-        0x6e2b085e,0xdd1a20e8,0xff4a591d,0x8f7f27c2,0xa4a343b8,0xc17b0753,
-        0xbb173d4d,0x684b1e88,0x3dc07bbe,0x3accea44,0x4c441d77,0xdb15c88d,
-        0x53e5957e,0x0ef0309a } },
-    /* 110 */
-    { { 0xfa8e5b60,0x4fc25721,0x691c0bb2,0x646938ad,0x0b0a2248,0xe46d4b76,
-        0x7de16877,0x863f9ac2,0x2721c630,0x503bb6ef,0x0b67fb02,0xf8c199df,
-        0xe07abd39,0x78c1ed72,0xb32f0dda,0xcf9deb7b,0x6c3c89f3,0xaff726f0,
-        0x1972225a,0xb7008b2d,0x4f145f5c,0x8f5a6117,0x457c4f37,0x4e0e6f8c,
-        0x1c453c64,0x8bbdaa44,0xa6e92c80,0x57be326d,0x5d773561,0xa9bc3fd9,
-        0xbb37b72a,0x3d3b6cc6 },
-      { 0x9722c880,0x6e6f12cc,0x286b6889,0x3a1b6ae7,0xad2fafec,0xba1cc09b,
-        0x43bb8bef,0xad64ad7a,0x97c3f4c3,0xa5af6a00,0xc353a91b,0x2afcb0d9,
-        0x69ccbf6b,0xca13fcab,0xf2abc190,0x699a1391,0x23a247e5,0x2dbd5542,
-        0x95488d9a,0xe206180f,0x1244cc3c,0xba9e7bff,0x87d3a365,0x29297abe,
-        0xfa4ca5e2,0x4054fa38,0x67be1b6c,0xb390623d,0x78f41a44,0x1fa67c57,
-        0xc7b544e7,0x2e946e43 } },
-    /* 111 */
-    { { 0xc60934ae,0x2980fddf,0x164206d1,0x2c3e7eff,0x416ed75a,0xf75e7f96,
-        0x5cd0b2dc,0xfac60cf3,0x1faad87b,0xddc4bece,0x9849e5dd,0x753fa87c,
-        0x2c1bf1ae,0xc5d516a3,0x14732b4b,0x565dbea8,0xce48696b,0x007ebe3a,
-        0xcdb97694,0x40ca74d6,0x65e4e7be,0x3f5cd270,0x3aac4ebc,0x74847c01,
-        0x43d6c3a1,0x6762e034,0x467a076a,0x690d8c95,0x1eda677d,0x768d78d6,
-        0x0181d8c2,0x0997ce55 },
-      { 0x965a0b81,0x9297746c,0xe5e12dfa,0x48b58be6,0x715f437f,0x5573b3c4,
-        0xb565c459,0xe425e907,0x1582797c,0x4f43f512,0x8ea5474f,0xe5dafa6f,
-        0x13de04ac,0x2aeb8fbe,0xe8a07c83,0xed7f95f0,0x662c09fe,0x3e012a6e,
-        0xc742cf17,0xbf96e9b8,0xe28a1c45,0x8ea5759a,0x5cf4e2f3,0x475941b4,
-        0xf901a019,0x7dd3c02d,0x70916b2e,0xe7a4deea,0x2fa9b988,0x50b272b5,
-        0xd0917fe6,0x96f9f09f } },
-    /* 112 */
-    { { 0x2c310a96,0x78e8aac4,0xf7a2a734,0x32a98303,0x23962207,0xc46ca83d,
-        0xd9541280,0xad131e6e,0x2cabe911,0x5791fc5e,0x841b6c68,0x50cb77eb,
-        0x3d3c8878,0xaff93dea,0xf1007bce,0x06541f1d,0x55cdf1fd,0x4ee729c2,
-        0x323e3972,0xe0f71317,0xad4d08c1,0xa2de7a41,0xa35e22bf,0xa9912abf,
-        0x89b03325,0xa050122b,0x06514d4e,0x8b9e51f4,0x79d3e0ab,0x423c7aad,
-        0x40b8fea5,0x71998e26 },
-      { 0xceb6ed78,0x40140fcd,0x18534516,0x653cf377,0xe8d60dcc,0x0450b65a,
-        0x9dac55f8,0xce6c1a76,0xae05686c,0x8a96a92d,0x12712562,0x2fe44762,
-        0xa4f39425,0x747bcb50,0xfc531fc2,0xf0ec6ff2,0x10fe9ff0,0xc97c3447,
-        0x9c792cff,0xfb488783,0x026fb019,0x552c5248,0xd804c290,0x4001a29c,
-        0x35c8ca73,0x742b5ad8,0x6ee5dfa0,0xc3781f17,0x3dfa4ab1,0xca6b85f0,
-        0x0b0d32ac,0x8389941a } },
-    /* 113 */
-    { { 0xde067dff,0xc0f062a2,0xbcb80162,0xd4f32690,0x0707a2bd,0x98cd990d,
-        0xfae4a391,0x5afc63b8,0xb32ad814,0x684f1b7b,0xf199dfb1,0xb0a2dce2,
-        0x48f25848,0x2260e17f,0xc2d5e862,0x7393db00,0x338cf171,0x9e88f854,
-        0x02acf522,0x00679429,0x6835af3d,0x19157cb8,0xb8a2614c,0x2faa6f92,
-        0x134ec46c,0x04ff95f5,0xfb7a8135,0xcf00626e,0xb37a4704,0x454b3d05,
-        0x2694ec25,0x1fbfda31 },
-      { 0xc8f69c77,0xfdebb657,0xa3df88fa,0x92a8278b,0xc1fb78b4,0x463b5571,
-        0x11c71a33,0xd2066a1a,0x089958b0,0x10c88143,0xcf9d67a6,0xb975c7e0,
-        0x73037b8f,0xdaa5d208,0x40bf5861,0x5ee5005d,0x7dba69a9,0x300e6ce7,
-        0xc962cc74,0x893c3cb3,0x4cf84055,0x0ac98629,0x225c9d70,0x0a7ef63a,
-        0xb91e47e8,0xfe184869,0x8c2f84be,0x1b9d7deb,0xc0e278bf,0x67788915,
-        0xc426f19e,0x4f9488ca } },
-    /* 114 */
-    { { 0xdd51b8ce,0x610dfcd4,0x36230e80,0x08579278,0x36599562,0xedc7ff1c,
-        0xe2cae877,0x905ead4b,0xe7967608,0xa1c325d9,0xbd38926c,0x3e39eddd,
-        0x5f6f0a4e,0xda92c868,0xf47a0fa4,0xe16f800a,0xe5f60aab,0x50b4db5b,
-        0x983853d3,0x3665412f,0x9b79789c,0x64b62250,0x4e0e72b2,0xea560058,
-        0xe555c2bb,0xabbd4901,0x17292e11,0x378419a7,0xe174218f,0x6e0b5aaa,
-        0x8f796b92,0x688e0684 },
-      { 0x313b8f64,0xcdfef641,0x942c7462,0xaef11b7b,0x5c0d8abd,0x067cfb77,
-        0xaf4041a9,0x608ea5f0,0x6935210f,0x23d5bd82,0x27917a08,0x5ab904fc,
-        0x45d22d21,0x85dbb1fe,0x4d36159f,0xc3d5e509,0x1d39b8f2,0xaebb528e,
-        0xf44acef0,0xdd5ca828,0x20c57a54,0x24209adf,0x78f95f44,0x5742b433,
-        0xa9337d37,0xd11fa7d9,0xc64cfdb7,0xd66a0c09,0x9bb817ec,0x56e55b8f,
-        0xe4c41265,0x1723c7e3 } },
-    /* 115 */
-    { { 0xdc8b43f3,0x9a6486d8,0x26409e68,0xfc3e0e61,0xd9b46003,0x1889c437,
-        0x6284ec7b,0x3a850335,0x6a9dbaea,0x5a3665c4,0xe978933c,0x7bf6941d,
-        0x69341490,0x1ed5a510,0x8cb8002d,0x664a7b7a,0x60ed0a59,0x603f76e4,
-        0x1f4ebf27,0xc3e06ba3,0xf2c38a7f,0x296ced41,0xcf1db08a,0x2ac18f79,
-        0xcde7a3b6,0xc919e882,0xdbf68b06,0x15e77d29,0x4e947cb5,0x21978baa,
-        0x7630993a,0x84bf542b },
-      { 0xe364f21e,0xc1decda9,0x012e557e,0x0d6cf345,0x588f90e1,0xba246848,
-        0xe3b104b8,0x9f6dda4b,0xe3aef57a,0x6bf7a346,0xe8327ea9,0x210299fe,
-        0xda95e6c7,0xaa99f487,0xd2cdf645,0x24ff813e,0x8bd414b8,0xd1dbb2d2,
-        0xcafa1a61,0x065101af,0x9cdebda4,0x7d9f4b9a,0xe41039e4,0xaf41b395,
-        0xc50adf42,0xe3e9e6ba,0x341e9e49,0x4f2133ae,0xcb157f23,0x4968c0f3,
-        0xda068153,0x383f827b } },
-    /* 116 */
-    { { 0x6583ff4c,0x2ec46a21,0x4ad709e7,0x4e645a29,0xc04ca12a,0xdc66e9cf,
-        0x9160a7e5,0x82f128f4,0x569c762e,0xbfb227b1,0xc2edb8e7,0xf80c7963,
-        0x49a0f688,0xa7dafe06,0x2d14b8cc,0xb7e41754,0x86de40be,0x3a0c5c53,
-        0x1db79331,0xf0d05286,0xfbfe071b,0xb902ce69,0x210e9903,0x61e46956,
-        0xf703ebb8,0xfaef874e,0xdd5f78b6,0xf668947e,0x5af5ea3a,0x6fe86547,
-        0x43f94625,0x3b121f15 },
-      { 0x659275e9,0x5b26e847,0x6d0fce50,0x47581cfd,0x8aa3f1ef,0x55f5cbfd,
-        0xe484e60e,0x1e7be315,0xfe9698e4,0xd8f1a20f,0x7ab04784,0x25d46da9,
-        0x834cdb3e,0xa526db75,0x8d08a009,0x1fd408d9,0x5b5ca816,0xfc004b20,
-        0x65e4bbe8,0x5b3e3bb3,0x759bb6ef,0xf50cc125,0xc2fac737,0xf05fa817,
-        0xd273951a,0x9ee102d2,0xfecb3367,0x2a8e540b,0x2a6a515f,0x673446fb,
-        0x37290c83,0x5505e1d1 } },
-    /* 117 */
-    { { 0xd15e68a6,0x0c3014a1,0x64dd35e5,0x6f9f0b26,0x03ad67f9,0x18c3742d,
-        0xd2c14484,0x74818c0e,0x0d41a3cb,0xc5181169,0xc49f3e9e,0x65c8c83f,
-        0x2c279386,0x9b260c61,0xced04e9c,0xf6086fae,0xfd7c4758,0xa7b2cceb,
-        0x90297fd8,0x4b3c3133,0x09701ac8,0xca8264e8,0x508b3762,0x9f976a87,
-        0x983a8dfe,0x5d582714,0xd9d598e9,0x350d2669,0x0f6fd348,0x85cb89cb,
-        0xa574317c,0x617d80d4 },
-      { 0x70022b67,0x4cef267e,0x3768b94a,0x80536bb5,0xd2784462,0x3153a566,
-        0x38243919,0x49054d44,0x5df78c4a,0x8d11e172,0xd5a1e35a,0x9b252a71,
-        0x8171e31d,0x07866c80,0x1b38a00e,0x0a8501db,0xce770236,0x2ed932b8,
-        0x8edaf7d0,0xa2d77609,0xb93006e9,0x3aee5dab,0xbbfeb036,0xfaffc8c4,
-        0x4e21b38b,0x077b9678,0xdca8e069,0x491fc59f,0x0e938471,0x3f624f55,
-        0x7cd1780b,0x5156f508 } },
-    /* 118 */
-    { { 0x0206e8d0,0x58234e22,0x7f15af32,0xf5f6f5d4,0xd638950f,0xafab7289,
-        0x7d4495f4,0x66ec4d09,0x68da80a9,0xad890c5d,0x64f8a36b,0xe4aa0920,
-        0x0f4d5c5f,0x799e257e,0x24495e31,0x44c677ae,0xa5b8e352,0x720387b3,
-        0x75a287b9,0x703790f4,0xc3c1f2f7,0x54895cc5,0x41a7fa41,0xb8680f9b,
-        0xb00b008b,0xfcd47458,0xba6473cb,0x149cc838,0xac9be19a,0x78ed5f7a,
-        0xb33765ba,0x5254599c },
-      { 0xa21b54c4,0x08739679,0xb6497d9d,0x029ece2a,0xc8488640,0xf14f1a92,
-        0xe9fa79d9,0xae48dcff,0x46c208db,0x14b911c2,0xdae3f69e,0x5ab0fbf2,
-        0xd1edb838,0x180ac87e,0x188586bb,0x146fd718,0x5467cbd0,0x210eb654,
-        0x1667cfee,0xaa239408,0xb73d1a60,0xdb125c1a,0x881c1cbe,0xde685300,
-        0x37c30232,0xfe34c713,0x6f3c8d18,0xc6c6070e,0xb4af4e83,0x07e365ba,
-        0xdcf82b45,0x22f0a7ed } },
-    /* 119 */
-    { { 0xea7f1b7f,0xe262791f,0xdcff09d4,0x9c3d8c5d,0x39c7dc58,0x86c2a9c3,
-        0x4276e8c0,0x4dad4017,0xe9fe1d56,0x0a918f59,0x2aa810c9,0xb8d79670,
-        0x4aa5cdc4,0xeb7a8836,0xe7afa72e,0xfc4c23bb,0x4ac86908,0x4dbb5c9e,
-        0x6a0c7e6f,0x37e39013,0x49c218d2,0x855d7001,0x94b324a2,0xe475bc67,
-        0x6287a071,0xc98a8dc6,0x5fb4323c,0x395a299b,0x0c0389e9,0xe186c3ee,
-        0x16734c46,0x79f81e6f },
-      { 0x364f3c4e,0x83f2c1f3,0x1367e14b,0x536b2ac5,0x5933e43d,0x44a6dcfc,
-        0x10d961fe,0x34e59475,0x7e3f2aae,0x08234ece,0xbdea7f25,0xcb92e00a,
-        0xa791a124,0x1efba4f0,0x1192d53a,0xc2086fd2,0xb51c8af6,0xfec0d0fc,
-        0xdc0f1b5f,0x48d1b2ca,0x812dbe19,0xb07a388f,0xdedbdd45,0x40873a6a,
-        0xd702589a,0xbc2a1268,0x17e27b64,0xbbf6e3a8,0x6d386e85,0x73ee5663,
-        0x9de7c000,0x442ecd37 } },
-    /* 120 */
-    { { 0x8a2f90a6,0xb4cd1ae6,0x6f5ad0cc,0xf277d41d,0x401d4b8e,0x6a3828c4,
-        0xd8376631,0xe817a134,0xf5e1124b,0x142b758d,0xfd6b95e4,0x25fbc69d,
-        0xd74a9e3e,0xa30c9f5f,0xd89663ce,0x5ac0f163,0x0ce6386d,0x32a9eef7,
-        0xd8ed5544,0x7a690ea5,0x9889427a,0x5de23ff0,0xeaaced58,0x75ad36a5,
-        0xd3e18465,0x3514a6c1,0x7f093910,0x3d9162c3,0xe33d56e8,0x5c10add9,
-        0x06aa691e,0x85176b73 },
-      { 0x28a21e38,0xa32110fa,0x5773d538,0x97b6379d,0x2d020dc4,0xd3697bbf,
-        0x961833cd,0x59177593,0xe5fa8516,0x6d7045fa,0x786ab5d2,0x3390f29a,
-        0xdc4f5b70,0xac0bda30,0xdcc615c6,0xcca0240a,0xc5146d91,0x8e1f1702,
-        0xa72cef87,0xceb472d0,0x0b669ba1,0x84840708,0x7e61aa0a,0x79b08f9d,
-        0x4669560b,0x388160be,0x948eb71e,0x23935c2d,0x9431590c,0xd7fd83c0,
-        0x6e5768b3,0x8ab154bb } },
-    /* 121 */
-    { { 0x353c4a96,0x28686003,0x905cd835,0x4e5c60e8,0x8f66f8cc,0xbd591364,
-        0x9faccf9e,0xb6b80b98,0xe32639e5,0xbc1c1fae,0x278aadeb,0x2f6396d2,
-        0x1898202d,0x00a796d0,0x3a474835,0x18ab548f,0xb31b0e3e,0xacd056c3,
-        0x0164512d,0x15ba68dd,0x4b03f3bc,0x203836d9,0xd8f206c5,0xd64eca6b,
-        0x9f1779b6,0x931a361e,0x52ab34a8,0xd82690fc,0x92922e22,0x342bb8e0,
-        0xe00b02a9,0x1bfcdd84 },
-      { 0x75a365d9,0x310b9a43,0x08d8fb03,0xd4ade15e,0xd742df83,0x9c9753d7,
-        0xde318742,0xcf7309d4,0x3360ace0,0x1228e212,0xf7669643,0x1043d238,
-        0xf90f5a53,0xfc2adbed,0x7b5f9397,0x41d64cb7,0xc446d010,0x5200b30a,
-        0x231720fe,0xc3c8642d,0xb9aa2075,0xfcc0122d,0x041eae47,0x856e3b12,
-        0x68c876a4,0x45864455,0x233606b1,0x1a1c7842,0x227757bf,0x9b766d1f,
-        0xf7b9d4f1,0x25b78a3b } },
-    /* 122 */
-    { { 0x156707ce,0x90835718,0x4314f90a,0x9bdc2398,0x8be57dbd,0x017c885a,
-        0xad63a4b8,0xd4bba225,0x15aacffd,0x5ce71b86,0x72954722,0x5f266475,
-        0x4f0ad3dd,0x0a80f1f7,0xfc352ed7,0x010538a3,0x4203c6ca,0xf8a64045,
-        0x330c73b4,0x2b2c7a88,0x02dcac1b,0xb3433ee6,0xed2b17c7,0x2e0499cf,
-        0xbd6329c7,0x9f8681a4,0x36fadc37,0x38979946,0x92b7895b,0xdc5650c8,
-        0x65a51cf0,0x70ab9570 },
-      { 0x7b585d93,0x46778ec4,0xa633fe4e,0xca6d3610,0x4ea0311a,0x21da154e,
-        0xbd64002f,0xaf22190b,0xd91cb7a9,0x9e633ac7,0xee6837d7,0xed13c31f,
-        0x1616ee8a,0xda4a07d7,0x3afcd616,0xd78a2732,0xba14d694,0xc06696e5,
-        0x4df58420,0x733754d7,0x2778e3c9,0xe85e504e,0x55b5a5c2,0x3055aa0c,
-        0x8a3acb5c,0x313df538,0x2a088eda,0x5896acb5,0x84c85dde,0xfc8842a0,
-        0x51dde6be,0x5fec9f79 } },
-    /* 123 */
-    { { 0xfe519f99,0x5ebc2c7c,0xe5410353,0xe396bd80,0x8a3988f3,0xaded9402,
-        0xd601bda1,0x1c03b735,0x14ce64ac,0xfd302036,0x01240290,0x5837ebe9,
-        0xa554097d,0xcaaea1a3,0xb0b88139,0xdce73d25,0xecb090b9,0x35ed412b,
-        0xd63dab3c,0x99029ff7,0x062db071,0x555437d9,0x42a4c11d,0x277d2f56,
-        0x24fc9109,0x477fa645,0x2799254d,0x7b12e9b7,0xd84c618c,0x7ad2ae22,
-        0xce8ed195,0x0a8d5663 },
-      { 0x0a21fde1,0x43ac5163,0x6903d849,0xcfcf5dd6,0x5fdd6281,0x6d2499ee,
-        0x77a49a34,0x4dedc6f0,0x2875c06f,0x46bda2c0,0x347b8046,0xd0e0e0f6,
-        0x5e67836f,0x1058169b,0xde8a8042,0xc961912a,0xa93b3d32,0xdf3fea0a,
-        0x0c576bc5,0x9f138edb,0xd8d37e47,0x7971ad6e,0xcce5e7cb,0xeab85739,
-        0x1d202b40,0x88a4b434,0xe3a1fd26,0x5d842557,0xb3a86f91,0x872fabd5,
-        0x6aa4629f,0x95b93493 } },
-    /* 124 */
-    { { 0x99f951de,0x9998a701,0xf058db45,0x8fade596,0xf3d03dd3,0x4d479c1e,
-        0x33b141d3,0x6e928d5d,0xacfe8a40,0x9a465800,0xc1cefa3d,0xd108ad2f,
-        0xe013726e,0x64b96921,0x8e83bb9f,0xb9b6a6b6,0x1242e544,0x29f1e6dc,
-        0x2f65966b,0xd3f8f676,0x5e105b41,0xa34dd096,0x16011e1c,0xd4e9139a,
-        0x2515541b,0xeea4dc68,0xc822166d,0x6f8030ac,0x31d16124,0xbdc7ae1d,
-        0x621afa7d,0x2e25ef51 },
-      { 0xdd8e7357,0x2533cf8f,0xeaceddb8,0x333ba218,0x0784d2ac,0x68e3e31d,
-        0xf2804ae2,0x1c927f36,0x77e7ad7e,0x01433d22,0x587f78a0,0x0b401cf0,
-        0xaa0027ae,0x9dfcf036,0x1d9a46b5,0xc9e46c8b,0x1f288d32,0xaa6de486,
-        0x1b8a043d,0xdd56da2f,0xf2d0bb56,0x346230e5,0x19defb56,0x19f0b6e4,
-        0x21d2c874,0x55ec37cd,0xb70e45b3,0x3dbf0397,0xac7ce852,0xf0862a8d,
-        0xe141f3d6,0x87979ea7 } },
-    /* 125 */
-    { { 0x7f1c747f,0x9b7e7b3f,0xc6e63369,0x151a4c1d,0xb372dba0,0x4273ff70,
-        0xd3ee54fe,0xca6d2234,0xd33cae0f,0x12fc8e0c,0x5dd6f10c,0x27328538,
-        0xf01a9cf9,0xc86f3fbd,0xe36cae91,0x5322677f,0x2fefea44,0x39a70033,
-        0xce8af217,0x2c9ca328,0xf6a731f4,0xc0256776,0x66a96813,0xc687b3df,
-        0x8db2eda8,0x194aab12,0xeec4febd,0xde30dc5a,0x979241b2,0xc052236a,
-        0xc23d4c16,0x3ec98802 },
-      { 0x4072f74d,0x0f9e760c,0xab594059,0xe78eb0de,0xc9b009c2,0xdb3dea40,
-        0x38b59ae5,0x47e875f0,0x2b4daa06,0xf40eb436,0x090f3788,0x9a6a4f92,
-        0xedbfaf8b,0xefebe9af,0x9867e256,0xf87f96a5,0x75ab6aeb,0x1e6fed23,
-        0x3fdb13cb,0x17f2782a,0x70fa2621,0x5102c71e,0xfd4c0dbe,0x5d2b06ec,
-        0x30347297,0x537cc268,0x2b67e780,0x8dbf5e2b,0xba25da32,0x2f633f3a,
-        0xefaec914,0x3e9315e8 } },
-    /* 126 */
-    { { 0x239a9ea9,0x9255cfa5,0x0be33a62,0x20f3c690,0x9cb642bd,0x759eeb4b,
-        0x00bae718,0x3316c546,0xf3410f84,0x874a76d5,0x90f129b6,0x123b502e,
-        0x12851f1c,0xadc8f9a8,0x1b62408c,0xf57b764a,0x1a80777b,0x116ec01f,
-        0x1f0ddc5c,0x746ecef2,0xe5a6a5a7,0x3c49d47c,0x06e955ba,0x1e15dbe7,
-        0xb45d79b0,0x629c0c79,0x778d1087,0x11278308,0x8c6a22d7,0x22585dc7,
-        0x0a682791,0x2ed02a0d },
-      { 0x4daa2682,0x53043416,0x01359625,0x0e26d32b,0xbd867097,0x449c834a,
-        0xee77ae2e,0x11a19d2b,0x3af6c169,0x39bd529a,0x5cd61054,0x36cca5c0,
-        0xdc6c0fe1,0x6370a59b,0xb93d5135,0xca420d27,0x554c451a,0xd8730d45,
-        0x96cdebf2,0xebd258c9,0xa50f9a05,0x0cb1b990,0x7b0f0151,0x69a8c97a,
-        0x11d217e1,0x2cc36d34,0x752f75e8,0xf117688a,0xa09b2a61,0x1db01394,
-        0xa9efd7dd,0x14627844 } },
-    /* 127 */
-    { { 0x232803cf,0x6bca3aed,0x9a96ff34,0xc1e4398b,0x74ab788b,0xcaf6757f,
-        0x7e68c04d,0xc3a53e00,0x5cb7cd20,0x5f969c19,0xdc068bca,0xf28b65a6,
-        0x1d863032,0xe3ca01d3,0x87808e14,0x9b733b81,0xefe618be,0xb5d704d9,
-        0xb01b946d,0x276f3542,0xfbedddbf,0xe057e19e,0x903275ce,0x7d182f2b,
-        0x880f7bc6,0x3cdc5f77,0x78476c14,0xd6f03d3f,0xa9ba5072,0x035f5557,
-        0xb4029628,0x7acb57b6 },
-      { 0x44e6b07c,0xd2413569,0xe1c7345d,0x451c4cc9,0xe273b9fb,0x407444d8,
-        0xb88e34fc,0xfe496079,0xf152776d,0x77d184cf,0xc742299c,0x6d1033b9,
-        0x77bf2897,0x29a0a684,0xee8f0420,0x59ffdf10,0x44bb56d6,0x4e17146c,
-        0xfb9ae855,0x831d06c2,0xd93e7cd5,0xb2cb82db,0x3c96b607,0x83381c46,
-        0x7549e2a8,0x06aed251,0x774a21d4,0xef97891c,0x8675fbdd,0xae9807c7,
-        0x6363516c,0x6a5a05b9 } },
-    /* 128 */
-    { { 0x6a8f4f33,0x92e71ea6,0x4dea8f4a,0xf2fc6fc6,0xfee88461,0xd356252c,
-        0x08954d08,0x59b0a83e,0x468ab766,0x5bd68c23,0x900f8d04,0x40281357,
-        0x52b867ae,0x181c19c0,0x18764c41,0x986a5169,0x13575d24,0xcb01dfae,
-        0x593677b7,0x17269ae5,0x46dc9b19,0xf6d17025,0xc40097c8,0x8de68499,
-        0x259c407b,0x76df0032,0x17d29d8b,0x4091aad9,0x4a7ab5f6,0xa7f46d21,
-        0x70ece48c,0x688054b4 },
-      { 0x51a5b86c,0xf0d168aa,0x95777247,0x2437e4d8,0xf1720329,0xae844076,
-        0x9647a54e,0x0a7ac87d,0x0405622c,0x1e597a4b,0xf0a79f2f,0xedefe5c6,
-        0x4d55156d,0xaf3ef0c2,0xef047cf6,0x917fb04e,0x54b62137,0x3792799f,
-        0x314be0b8,0x875ea32f,0x0c466b0c,0xe157c65b,0x7e218978,0xd28c90ce,
-        0xcde587af,0xb90fc3ba,0x8b877bed,0xdd32d71c,0xca8e10cd,0x3b432200,
-        0xd94f6e53,0x0021f419 } },
-    /* 129 */
-    { { 0x43519d26,0x2191122c,0x40a51845,0xbdafac1d,0x548bb89f,0xcc6f71e9,
-        0x16844bf9,0x9ef3375c,0x178e8d55,0xe7789f79,0x1f8be1c5,0x04f599b6,
-        0x2cbbde40,0x8088c99a,0x893206c9,0x8939a260,0xfcd30851,0xa1ae4bff,
-        0xe08feafe,0x664cb3fe,0xff14aabc,0x61f38099,0x2a841ef9,0x0d8394cc,
-        0x17f01db6,0x75fad8ad,0x6debb773,0x6fc34576,0xa4252512,0x1e716b05,
-        0x29e1ed9f,0x79855880 },
-      { 0x95106473,0xa2cb3aaa,0x5a61da04,0x95fafa41,0x539563c0,0xfd3c9362,
-        0x95312b87,0xbaa48091,0xbf885c76,0x6c7e7582,0x230c78d5,0x70f6dab6,
-        0x7747440d,0x8ce3051c,0xffdb6186,0x6dbebd14,0x190e4096,0xb0e041fa,
-        0x6ee62e2a,0xba10c466,0x74f333d6,0x93d57e2a,0xfe7b9b66,0x006aadc4,
-        0x06d2837d,0xfaf72f6c,0x910741ea,0x318cc5e6,0x65692477,0x9c502609,
-        0x1d0fb08d,0x95d823c3 } },
-    /* 130 */
-    { { 0x140528a5,0x6aeebd86,0x53979bc8,0xf268c2ba,0x4ec144ab,0xb1bc9b8a,
-        0x82a7d7ed,0x1efabb0d,0x4e0118d8,0xf12c70d1,0xa1c1558e,0x31607168,
-        0xe4b7e73e,0x33e428b7,0x83aec9dd,0x63176637,0xe12ac35c,0x5172ffbe,
-        0xbc17b2a4,0x37df0bfb,0x741f812a,0x4212f870,0xe2888f9c,0x3dcecbdb,
-        0x756ca55d,0xa9dc15aa,0xb9028e41,0xf31918ec,0x6aeadb03,0x7ede0285,
-        0x78654f54,0x0e2708d5 },
-      { 0xcde20f88,0x2270cc53,0x5f5b1039,0x9338272c,0x5dcb1dbf,0x5042e19e,
-        0xb72d74c1,0x4b3de219,0x2aaaaa55,0x16c49a8b,0xbba86ba6,0x008443e5,
-        0x20cf1695,0xee6bcd72,0xa89abd11,0x59ffac6b,0xf115639d,0x2831217b,
-        0xf34cba52,0xe4d28af2,0x0727a906,0xf27f03e7,0x69017766,0x6842c79f,
-        0x7a81123e,0xcb3469bd,0xa42973b8,0x48c0f346,0x23990dbd,0xfc5784a6,
-        0xfb299678,0x0d3dab3b } },
-    /* 131 */
-    { { 0xce29c3cc,0x8f8376e6,0xf016cbc6,0xcb0507ec,0x5e394ce1,0xdebff996,
-        0x73c50d41,0x24fc526f,0x2d16ce3d,0x4edd5a54,0x91c13141,0xbb37bdd9,
-        0xe33a8606,0xe3442ef2,0xc0629da8,0x2ae90337,0x592ab331,0x57faec64,
-        0xd82b857b,0x1a938997,0xa3373176,0xad6c8cb9,0x9086751f,0x82595de2,
-        0x18c17196,0xa81e97fb,0xbf697357,0xe4f48a13,0x5cb89f69,0xa1387c2e,
-        0x5874b426,0x530b4eeb },
-      { 0xbab7b5ae,0xe9f275a1,0x03a57bf4,0xbb69dc4d,0xa45c505b,0xc974dc4a,
-        0x416ac402,0x726369f3,0xaed985dc,0x735e4e78,0xcdd446a1,0x0548d879,
-        0x9e16b02a,0x84ceb069,0x789b11a6,0xf73f6fa4,0xb2a4e784,0x6aa0c41f,
-        0x93a9b697,0xb1f76902,0xf03a8ab2,0x814cce00,0x844d66c1,0x64cb255b,
-        0x30952201,0xb794e7d6,0x3da32271,0xe052d4e4,0x08b6a4d9,0x5278b2e7,
-        0x80c6577f,0x90942552 } },
-    /* 132 */
-    { { 0x0d5b4c2f,0xd269a14d,0x5c8a649c,0x2b8fc59b,0xb0e37d4a,0x95becb3a,
-        0x9111037e,0xfda1a768,0x94e35322,0x5810e05a,0xa178fafc,0xa24dcc12,
-        0x8e3dce62,0x5c2c63b2,0x9452c444,0x995c3f17,0x42d45161,0x35330ec3,
-        0xb4ef8129,0xa025a60a,0x8bae9c13,0x85493252,0xe2e3caf8,0x25d1a606,
-        0x3649bf47,0xd44091ab,0x704ec5f1,0xc7d0afbf,0xbd8b3333,0x27bd1d62,
-        0xcfe616f5,0x50570111 },
-      { 0xf534356b,0xd0084ace,0x4b4b0fbc,0x9df1de05,0xcee04dc1,0x021afe05,
-        0x361b78e1,0x64bde688,0xef78d38b,0xa324fcc7,0xeb0a5e4e,0xfeb372ce,
-        0x65811996,0xef04fcb3,0x5eb0ab4e,0x7dce5d50,0x238c586e,0x1e29b588,
-        0xbcd80037,0xde5e3197,0x4806b9cf,0x8bf5e451,0xd18e67ab,0x4330968b,
-        0xf9f63fad,0x26a7d04e,0xb5c18bb4,0xa1c7f123,0x25dce22c,0x485b8482,
-        0xd540e79f,0x8ff0b36f } },
-    /* 133 */
-    { { 0x3ff42cff,0x99f2e2f4,0x1c35317c,0xa3c19f9d,0xaba1b545,0xdb749392,
-        0x4afa9a32,0x84232b05,0xd7dcd436,0x0b855d46,0x45cf9915,0x8ac35e20,
-        0xf001a218,0xd7cf22c7,0xed408305,0x057d35ae,0x553ccfcd,0x25a4a519,
-        0x93e2b939,0x5e565793,0x3422ec27,0xa20332b0,0x3ac53958,0x9b09005e,
-        0x79e9b163,0x628051a3,0xfc6618d6,0xb4a0dc09,0x6748e7af,0x9e0e857f,
-        0xc577d63e,0x71b28eee },
-      { 0x99726bf8,0x4942b0cd,0x1c208f3c,0x1290a3b9,0xb0598eaa,0xfd7290e7,
-        0xa25a9128,0xc6a7791f,0xc037d7da,0x2d33db24,0x70e2837b,0xc21efeb0,
-        0xe3dae2a0,0xbf70d96e,0x85076027,0x43ed8191,0x4d4ad7e3,0x4aeb0aa8,
-        0xe8c5b74c,0xbc75101f,0xad26ebdd,0xdbfb2a6e,0x6b78aa4e,0xba812068,
-        0xe1159848,0xc94aa8f2,0x3eba5c4e,0x0d10d9db,0x6318295a,0xce7fec47,
-        0x330d925a,0x7294711a } },
-    /* 134 */
-    { { 0x32bbd495,0xfce45904,0xbe54973f,0x330f4dd1,0x5d9c3f4e,0x006bee1d,
-        0x59ba7204,0x40ee6078,0x42c2c768,0xc194fd3f,0xe9fe88be,0xa0e76b12,
-        0xec2b0210,0x17cddddb,0x00811ec7,0x689d436b,0x284be9e4,0xa6a6ba37,
-        0x007d4114,0xabc395b2,0x0f11e744,0xf8cdf9f3,0xe9396402,0xc5febec8,
-        0xeeb46285,0x8a751743,0xc6e0d137,0x99bf8782,0xbeb292e3,0x3965e170,
-        0x5801fd5f,0x001c39d8 },
-      { 0xda4a0912,0xf4805cb9,0x4410bca4,0xd27cb76a,0xec71d65b,0xef3dcb8e,
-        0x4816849a,0x780fbb2b,0xa8b24635,0xef6a7026,0x12c44e68,0x15625c88,
-        0x4d7a74a8,0x624c232c,0x4b1631e4,0x81a77037,0xdb917c2e,0x04e4f7f1,
-        0x1f61ed95,0x1d0465fd,0xcbde6e3d,0xb1048049,0xd7131fcf,0x637ce0c1,
-        0x8ada4715,0x22e4dbc2,0xace99726,0xf7530c5c,0xee287450,0xa0160dcc,
-        0xbb91af13,0x9132e670 } },
-    /* 135 */
-    { { 0x7996099d,0x8057efe2,0xa06e608c,0xb72344db,0xd0958588,0xeb4a8740,
-        0x79e5aee9,0xe53daf06,0x908a2fad,0xc9560a9a,0x107e706a,0x7f4be131,
-        0x2830246a,0x6d5f3d9b,0x27cca3e6,0xa5f8e8da,0x4c28f292,0xeb51dca6,
-        0xf31dfd78,0x4cfa310e,0x2ca073e5,0x92e0c7c2,0xa40da683,0x102f1694,
-        0x750d38fc,0x16bb07cc,0xbadae035,0x703e83e2,0xb4d3c9dd,0xea93c066,
-        0x79940ed1,0x7d0b03e5 },
-      { 0x4dd94c63,0x5fe7ea30,0x738b0b3a,0x57ef01c5,0xa14e6b4b,0x9534a78c,
-        0xa5353276,0x07622cde,0x7c22d006,0xaf696a07,0x7d46b209,0x733c1886,
-        0x626c2b4a,0x9654ccbb,0xa84f3c4c,0xa098d3a1,0x2d734b74,0x3596f9ed,
-        0x5d551c90,0xdfd3021a,0x1ec5123f,0xe2ba7d2f,0xb2c1aa39,0xf9726925,
-        0xf8eb2927,0xd2e75d0e,0x19192a6f,0xfaba712e,0x9b83e50e,0xa606b43a,
-        0xdab5de60,0x31b1782f } },
-    /* 136 */
-    { { 0x4034db92,0x878dba45,0x8f34dc4d,0xa3977901,0xdf754c33,0x8d004f2e,
-        0xcd563a88,0xeaa5954a,0xbb5ffad1,0xa29d6c89,0xb0d8bdb8,0xa8adf655,
-        0x8cdbdb47,0xf7fb842d,0x80d3205b,0xb72e3a03,0x7cac7ca9,0xc335b0b2,
-        0xd8a5475d,0xffc60bcb,0xeba4d25f,0x736f7719,0x0c50fca6,0x3d901c38,
-        0x80c01900,0x1fdacf7b,0x5681f84d,0x75cf658f,0x5cefbbc1,0x57a7e634,
-        0x3e07ed1f,0x6fc0fbe5 },
-      { 0xb81b0e5f,0x496d116b,0x2ac853b8,0xd82dd2a5,0x327387f0,0x357e22d4,
-        0xba912c59,0x3e332a84,0x49d5dcc1,0x8b71c643,0x438d85d3,0x0c982ee9,
-        0xbf7fcd4e,0x90b9553c,0x38fed5e3,0x2cb39bbc,0x5ac42903,0xa2c67c9c,
-        0xbf07da55,0xebf21217,0xa0b9e4ee,0x55ac05ad,0x8ee9e0c6,0x10bb12c2,
-        0x48bb6e3f,0x5cf3aee5,0x8b046e91,0x4ae7269c,0xaa0e553f,0xcb266012,
-        0xa94c8fc8,0x701935a1 } },
-    /* 137 */
-    { { 0xa4626dea,0xde58d41d,0x15b9039f,0x25ef66ca,0x3164e65b,0x99a810a4,
-        0x748cfccf,0x9fe6daad,0x2f142fa9,0x7ab9a6bd,0x5d471796,0xa4cba168,
-        0x6bc3a39b,0x12d30b36,0x8bf45076,0x1f46a5dc,0x1421ac0e,0xb868e529,
-        0x59bba1c4,0x7a686206,0xda698b90,0x2b4b552e,0xe5453707,0x5039dcd4,
-        0x9e90165f,0x42a07a9e,0xd7d45dfc,0xa838fff3,0x3b5ceb30,0x41991e5a,
-        0x969ca600,0x6c961ec8 },
-      { 0xc4e7eb46,0x703bdc1b,0x596c7b48,0xd6bac557,0x66afd74d,0x4f9917cd,
-        0x656ce6f3,0x56355105,0x32497175,0x3d1fb50c,0x63effb2d,0xfda6783e,
-        0xeefaa2bd,0xbd79f1f3,0x17af9ef7,0xa4efbe54,0x5a55b7a4,0x6cef6462,
-        0x1a713304,0x116f3238,0xb95625a3,0xdb2a2a7f,0x0b027e96,0x6a0aa43a,
-        0x4832b3bc,0x458fe5d2,0x5adfaac0,0x523418df,0xc49e7f9a,0xc05a89cb,
-        0x69e24b53,0x830883d8 } },
-    /* 138 */
-    { { 0x02557389,0x959b1c62,0xadefc0bc,0x5fe5ce97,0x8330f383,0x893bbe7f,
-        0x16cfb81e,0x27e0c6af,0xd04428fd,0x6f64e65b,0xb79e6182,0x53de9245,
-        0x487e11ca,0x08a313c1,0x445bce93,0x65cec3b9,0xd67ed49e,0x33bc0314,
-        0x30782352,0x69f36b24,0x93ad31d2,0xd78e5daf,0xc780890c,0xf2682b70,
-        0x9e45efe9,0x7015c34f,0xe6cbafea,0x135d4ba4,0x7e3fcc6c,0x43a378a4,
-        0x96638f8c,0x2376f97f },
-      { 0xae575b99,0x0a6e1ec0,0x81b970dc,0x7e14cb4f,0xd3a73947,0xf00a3824,
-        0xfb235a9d,0x0b4b9c81,0x5bf62944,0x8d15115f,0x1e165d7a,0xcfd35b43,
-        0xb2ee3e3b,0x5d12fea2,0xf5182e7b,0x629984a6,0xc365d08e,0x4e43e2f3,
-        0x30f36e72,0x99327091,0xfd345401,0x698b4a00,0xbaf96dce,0x23c4fd0e,
-        0x23675554,0xa60ba0ae,0xb0325784,0x51bdac2d,0x215464a1,0x8ab4190a,
-        0x6bf10296,0x8c461661 } },
-    /* 139 */
-    { { 0x2d1f36a5,0xeffca258,0x894c5f2d,0x0eded2b2,0x43ced84f,0x35a5cdb8,
-        0xdb0e3b9b,0x290f8982,0x0719a112,0xcce0eaf0,0x39a362d6,0xd0e657e4,
-        0x62697e47,0x5516a55d,0x8e636514,0x269e1f77,0xd50269bc,0x5e3dedcb,
-        0x441c57c5,0xecec2300,0xc705578d,0xdb83f31c,0x1e489eab,0x1bdefb73,
-        0x395fcdb4,0x20b678cf,0xff9db001,0x908cf91c,0x55f52cc8,0xcbebc6f4,
-        0xb4c61162,0x155ea622 },
-      { 0x876fa42e,0x94be2f1f,0x7fadeee7,0xab5e8749,0x38c865af,0x692e70f5,
-        0xdf8059b0,0x16e99b84,0x8b5a7ac9,0x0ceb606e,0x2d463d2b,0xced23357,
-        0x2a9a09a0,0x2d0f2623,0x3861fbdf,0x2529998c,0xc1be310b,0x711888a7,
-        0x0d8aade3,0x9b1229c5,0x3b13533d,0xdbcf9b78,0xff029708,0x3ca746f8,
-        0xda83ef88,0xa5a013a1,0x4ab28444,0x8e904d18,0xbcbd4aba,0x2fe84b3d,
-        0x259058c3,0x8f570f24 } },
-    /* 140 */
-    { { 0x2ca9c508,0xdeb66c8a,0x69d6b780,0x2dc5bec2,0x88ead600,0x16d61266,
-        0x49d72614,0x61841b97,0xce472e6f,0x41e40e6c,0x1fa7a876,0xada24264,
-        0xcc3997a0,0x45b9fd33,0x7c15dcf4,0xb25e8fa9,0x12e9629d,0x0124ceb2,
-        0x7db3d956,0x3a8c72c6,0x7c1a7844,0x8e2ded2b,0x6dd027ff,0x94ab09c6,
-        0x7e7a2bc6,0xf89a057d,0xcf70c763,0xad8bf226,0xc8a26212,0x4cb268e7,
-        0xb2c44c1d,0x3d171e87 },
-      { 0x8ce49820,0x382ac16e,0xc0c44dc9,0x24ee45e2,0x73e858c4,0x0ec67912,
-        0x46327cf9,0x918cb25c,0xc6159c1f,0x43e3876b,0x37545cb3,0xb6b6e0e0,
-        0x5d12347e,0x64b839ab,0xa300d541,0x72e09274,0x881c1169,0x26ab28e6,
-        0xeb75a843,0x4a580fff,0x359120df,0x0a5802ca,0x3209f4a3,0x7fee82d0,
-        0x8e6a9380,0xb518016b,0xc2ee11ca,0xb99c6c70,0xab9d4ec7,0x16105af1,
-        0x34cd9004,0x234e98f8 } },
-    /* 141 */
-    { { 0x14db9cda,0xff435208,0x96adec90,0x99cfdc47,0xaf458b6d,0x843aaa6f,
-        0x743eaa31,0x3f1f7415,0x61735d81,0x915e192e,0x0ac595d5,0x3441a22d,
-        0xc044bc8d,0x704bbf67,0xbe23a236,0x2f960471,0x15d1d557,0xcc326388,
-        0x76b1dd94,0x9410230b,0x0c1c8a67,0xf2e5439f,0x833c910d,0x56b141ac,
-        0x865b84df,0x467c999f,0x21f02b7b,0x1b0251fa,0x96216950,0xde5b5260,
-        0xce3a1e93,0x6a2130e3 },
-      { 0x4b3ca1a7,0xd21b67a0,0x00c0ce80,0xaf42ed53,0x932cf07a,0x22ccd368,
-        0x5c25c35a,0x36523a81,0x8dd04d06,0xecdd3958,0xb2f93a3b,0x73da3502,
-        0xd5e5b530,0x4c5e0c3c,0x13268777,0xef9f5486,0x1e742292,0xed87fefc,
-        0xa24e5ede,0x6d9ac29e,0x33849f1a,0x08abc9f0,0x40f23905,0xb09b2292,
-        0x7f934353,0x6791072c,0xe6aeb550,0x102a6381,0x96feb870,0x3ee07409,
-        0x9c4d2830,0x34f06faa } },
-    /* 142 */
-    { { 0x2348f005,0x869dc79f,0xdf4920b1,0x9b5c5d71,0x6dee64a4,0xfd1b57ca,
-        0xe82a4fb4,0x21b7f734,0xb9578366,0x637cb834,0x7d287d96,0xc934101b,
-        0x0392ecab,0x1590f8ac,0x7f75f4e3,0x280dc373,0x6a61ac62,0x8b36f50f,
-        0xa65568da,0x74f58304,0xd930870a,0x80d792a9,0xfc8895cc,0x6d17b192,
-        0x4914939f,0x498392fa,0xd41d5b9e,0xaf36027d,0x5caa82b5,0x452d79e2,
-        0xf4115d1a,0x764d47b1 },
-      { 0xa2ee8b9c,0x5df22303,0x85dfcd48,0x1b9f72d3,0x10813a37,0x6b42b983,
-        0x3de741f5,0xe28c523b,0xf303bb5b,0x0857625a,0xac9bf9af,0x926f299a,
-        0x0d445b34,0x21beac08,0xd6ba2c0e,0x6a523a02,0x7fce2864,0xe302a1b1,
-        0xe300c1ea,0x4516a235,0x7b4a9311,0x4543736a,0xc0cc89f7,0xd3c0b9e8,
-        0x40ed88de,0x0481904f,0x3cb7fc70,0x4f269b56,0x321b9738,0x09a1d53a,
-        0x230a3810,0x1c0dd9c3 } },
-    /* 143 */
-    { { 0xc46a7d9a,0xffaa1f67,0xbedf91cc,0x64743334,0x47a42f2e,0x45833a74,
-        0x241ffaa9,0x67980051,0x335efe6b,0x70979a84,0xf08b2403,0x5f0613f5,
-        0x64f211dc,0x6bb22fcd,0xa0572cfc,0xe1b8b2a3,0x7950a14a,0x19e0eb41,
-        0x3eb6cd4c,0xe634bb29,0x470a25ff,0x31a04b25,0xa3d15a0a,0xa41f7ac9,
-        0xbf2fede9,0xefed85ec,0x81b94a00,0x1f581f5f,0x9ef4a15c,0xaa3996b0,
-        0xb06041bc,0x52d8be39 },
-      { 0xfd631a2f,0xbd1536f6,0xb351a8dc,0x91fae7f0,0x9b126212,0xd1a590c7,
-        0x2bd0f435,0x52d4875f,0x92b0ea70,0x9aedb6d3,0xb83ab89e,0x0bd0abdc,
-        0x89fe192c,0x827a1062,0x102a0bda,0x6566a960,0xce036814,0xda083037,
-        0x58639405,0x30bed79f,0xdbca8df9,0x972019b6,0xefdaa3f5,0x89201286,
-        0x5236b892,0xb337b996,0x28fc2e73,0x11d3e38e,0x880e8da3,0x70787f41,
-        0xdae4a45d,0x6cff6367 } },
-    /* 144 */
-    { { 0xf89a8bb4,0xbd3d0433,0x93b98f71,0x42144c33,0x03470a2d,0x82b616c8,
-        0xe5da089e,0x98fcc757,0x7bf5fda6,0x542354ef,0x9ebd34cc,0x1885c253,
-        0xbec5dd0d,0x2e20b285,0x782a1bca,0xe71bbbe1,0x9b854ef0,0x959ded30,
-        0x8997fa6a,0x17249979,0xd81f3c45,0x50cf8fa8,0x60c11152,0xa9a3b517,
-        0xecf845ea,0xc9b0ef7d,0xb9fed11b,0xc9339e23,0x28256080,0xc93e9c5c,
-        0x613ec1e7,0x1d2c8217 },
-      { 0x987cfc93,0x7381347d,0xf187f810,0x047603bb,0x1250ca31,0x3fa6bc9d,
-        0xbb055bf3,0x480091e0,0x3a3af87c,0xbdf95f1a,0x140540ab,0xe2687770,
-        0xd7fe045b,0x998df730,0xb723bc2d,0xb398135f,0x15ebec46,0xac230f8c,
-        0x5f5561c0,0xe08e1830,0xda60a47f,0x7c0fbf4c,0xe16d4bfc,0x06e95c24,
-        0x74617e92,0x74163495,0x4ae0c20e,0x39719869,0x2131e2b6,0xfe269312,
-        0x0a537722,0x25486e36 } },
-    /* 145 */
-    { { 0x53572806,0x618795ca,0x656968e1,0xb2c89449,0x3fb323ae,0x149c2c97,
-        0x409bc7d6,0xfb15de26,0xc79121b3,0xa90cda72,0x204cabbb,0x6d2fa14e,
-        0x91604125,0xcbcda6f7,0xb435f947,0x25086261,0xc282eb10,0xdb686c38,
-        0xf1a791cb,0x51016d62,0x61a2266c,0x6b1c7ed1,0x271d74a6,0x26780666,
-        0x824287a4,0xb5ffeda1,0xbbe4f0f3,0xcbe503ff,0xb9482a74,0xd7f7f0be,
-        0x088493f1,0x751b2358 },
-      { 0xe9c9be68,0xd597b9d6,0x67d10c6c,0x1794b5c4,0x7762b2f4,0xa88cdc3d,
-        0xa1b44e11,0x6d94a63a,0xaaa8eca8,0xfb0bbbb9,0xc963d87f,0xf4b0f2d0,
-        0x5dc7075d,0xb753062c,0x49933989,0xfed726ac,0x57f9ccde,0x5da60638,
-        0x75f8c766,0x221c392a,0x5dc672ca,0xcd264d95,0xb66ecc8d,0x7004ff22,
-        0x18a458ba,0xfb1aa9ae,0x8babd653,0xea9644df,0x2ba0de7c,0xa9378e80,
-        0xca2c6c75,0x144cc12d } },
-    /* 146 */
-    { { 0x2989aa3a,0x593a0a1d,0x59e6e64d,0xd83f2283,0xd32e732e,0xe938b0cb,
-        0x3c3cb249,0xf4c464c5,0xf89ea6ac,0x9750a5f8,0x346cfc32,0x467e5bbf,
-        0x37b2b809,0xc9bfab9d,0x3b339c6d,0xf8eb7453,0x3b766dee,0x3fe01fbe,
-        0xef6aea27,0xb3154254,0x7be61b10,0x555c3df2,0xdd818488,0x70fb6d81,
-        0xbbe714f9,0xda1af3a4,0x9d18f693,0x575f2017,0x2465b839,0xdc08fc6b,
-        0x6b84a951,0x874ecf33 },
-      { 0xbbb3f6be,0x624af83e,0x08bb423d,0xf578fbb9,0xd7873527,0x5623b0ba,
-        0xa62e0442,0xc3659bd8,0xfe236f79,0x2903b167,0xe53f26a6,0x55a430c6,
-        0x3ad712cf,0x222547ae,0x76eb272b,0xb73890d7,0x3d628df9,0x95b4f70b,
-        0x53eae4ac,0x9f0e13b0,0xe7f2174e,0x5b4f5138,0x98dbae17,0x75482cf9,
-        0x44518480,0x2b69bbde,0xcafef15c,0x4f279652,0xb6bcaf19,0xa0a3ef2b,
-        0xce4c634f,0x31fb8581 } },
-    /* 147 */
-    { { 0x615cd607,0x398306d1,0xaa32c3a6,0x680c9faa,0x7779131d,0xe87a705b,
-        0x36708b00,0x1031013a,0x9445297f,0x814fa0e1,0xa6a79b56,0x70c5583a,
-        0x4b16bed4,0x03039cbf,0xaaaaf8d3,0x18a7ca8d,0x5cdb68a5,0xf33159e7,
-        0xd23814fa,0xdea0e738,0x8d0f4f9f,0xeb352718,0xdcdff032,0xb0b76609,
-        0x3d48338b,0x65ba8ea9,0x55dd507a,0x18044d82,0x4a4a50b4,0x844a223e,
-        0x18e19e54,0x98323000 },
-      { 0x57f3d5a6,0x28a21027,0x6e8cadcd,0xffce5648,0x02551f3b,0x9590381b,
-        0x935ebdf1,0xb26cc64f,0xc083aa6e,0x60611291,0x88e4cf41,0xcd988a66,
-        0xdd53b1b5,0x581c3f73,0x77fc621d,0x78c804a9,0xfadca2fa,0x31874330,
-        0xc83ccf02,0xf7008da4,0xa79a4707,0xc4122a1d,0x4a915eb5,0x9a8e0d3f,
-        0xd0123660,0xa2de157d,0x65ead2a0,0x45ef43b2,0x188db285,0xd0a22ade,
-        0x922e0caa,0x8abbe39e } },
-    /* 148 */
-    { { 0x3a2d2f01,0xb4446905,0x5dc6685c,0xd27c3193,0x1d74a027,0x6a908bbf,
-        0x5b50ec1d,0x01da350f,0x3f3c2e26,0x1d3dd45e,0xb836ee92,0xf66e11d0,
-        0x474b979c,0x7e03908f,0x98b87834,0x19e7c5b9,0xbd3d1de9,0xa741d3fe,
-        0x1ef6059b,0x63c68e8d,0x3674e247,0x9b9ff939,0x3e7e67f6,0x1d7d53e7,
-        0xaee9e248,0x698dc326,0xb3bd984c,0x52f23eda,0x6f8fe8a7,0xf95e31b0,
-        0xc3d0ba95,0x0f15b4d0 },
-      { 0x790a8d85,0x8f2f6635,0xe2595af1,0x51bffbae,0x24b51287,0xd15b7ec6,
-        0x3234715d,0x7639b6ab,0x2bc5441d,0x0cdd5299,0xf6d05833,0x54800ea4,
-        0xf6d6e360,0x21efd752,0x19290613,0xc0b7ffe5,0xeea898cd,0xb68a5825,
-        0x22982266,0xecedba92,0xbbd06bb2,0x678a91b0,0x4bb6b0cb,0xb2436dc0,
-        0xcaf8ea98,0xcf7a99e7,0x71aa05bb,0xb92d0e6e,0xf5993eb1,0xbf8d0471,
-        0x20385ddb,0x515db378 } },
-    /* 149 */
-    { { 0x6f5bef22,0xee43eaaa,0x20348712,0x952d2698,0x7a3af6c6,0x1e4c484e,
-        0x9a8c9403,0x18d434c6,0x5001899a,0x63e5d741,0xfe8ea40c,0x5238dbbc,
-        0x96798721,0xca6cc8d2,0x04acbde8,0x73db6aee,0xb7f993ce,0xbf69328d,
-        0xad45e334,0xa3f79bbf,0x7c1f1630,0x8c51ec93,0x9b00a6de,0x4907325f,
-        0x12d82bc3,0x49e6acb4,0x0ec59fc9,0x5901b36d,0x9cf34e3b,0xcb09b710,
-        0x1abf4c02,0x2de0487e },
-      { 0x8dd9d484,0x18b722f3,0x7c77bacc,0x83349393,0x93d92b8a,0x58dbb8f1,
-        0x8e3fac25,0x80d78d50,0x745f4a7d,0xf0500981,0x877cc29d,0xd072bfed,
-        0xc30a89f8,0x67abf8f2,0x9a0820d7,0x92c567ea,0x8a3a5738,0x425ab12e,
-        0xf055521b,0xc162faeb,0xb94ea5e9,0xee1c4f26,0x3d71e546,0x1e414994,
-        0x43e8be1d,0x258183b8,0xef9eae0b,0x44917c82,0x73874a30,0x6813a457,
-        0xcc42f86e,0x6f6ac071 } },
-    /* 150 */
-    { { 0x4dd6e3b1,0xd38822ad,0xad620869,0xfc78e1cc,0x2cacde80,0xe7843845,
-        0xa8469fe3,0x121cc14a,0xe67e8ef2,0x8e8f3da7,0x4d347448,0xdb83d16e,
-        0x798631f4,0x3ba1dd98,0x0a4c4c17,0xdfab5977,0x3edc701f,0x1f0a1306,
-        0x6cd8ff28,0x4649d601,0xbcc55bc9,0x2267230b,0x5760412a,0x02a19c60,
-        0x328faef6,0xc719d5f1,0xf67eaad9,0x27cb969e,0x719bafb5,0xf342530e,
-        0xff5a82cb,0x6e2c24cc },
-      { 0xadaf8793,0x6313024b,0x035c948e,0x944bccf1,0x953500bf,0xe9a066b7,
-        0x1d116765,0x7991a946,0x9fd93c78,0x95addb2e,0xe92e5495,0x05d2c037,
-        0x9f03e5cf,0xcb145b18,0x95aa1f72,0x81ae48ca,0x135a6e4f,0x203f2702,
-        0x49b2a7d5,0x2bcef5a2,0x02d7f2a3,0x0687a900,0x6c6745b0,0x2f7d3228,
-        0x86507305,0x3da8a875,0x2e8dc58f,0xbe38b884,0xdbf11185,0x6b48bf34,
-        0x97c08f91,0x5af7fd0d } },
-    /* 151 */
-    { { 0xf4a224a5,0x55f9b950,0xcc50273a,0x41904574,0x643f1fd5,0x34f81330,
-        0x0e50f783,0x996801bb,0x89581712,0x866d7403,0xa4091d36,0xdb9a405d,
-        0x16a46fe7,0xf1e379df,0x83bf9168,0x8d04a93f,0x32b20bca,0xae4c8335,
-        0xf72a1c10,0x99d334b1,0xd8195db4,0x8fbc9977,0xfba14b5d,0xcaeb3dff,
-        0x76daf476,0x60fef022,0xdb5b72f4,0x4b948dfe,0xb6dfb062,0x5185c925,
-        0x9609d4ae,0x27a9c381 },
-      { 0xf12a93af,0x73c37346,0x5536634d,0x028b707c,0x498193d1,0x8efa58d5,
-        0xef21b69d,0x4f83a5cc,0xa788a0e2,0x05cbb0a3,0x65b13c98,0x01031781,
-        0x2b73784c,0xfea20e58,0xe50361f2,0xdf9713a0,0xd0cc22d9,0x31449a0f,
-        0x7c5e2e1b,0x183752e7,0xb67044cf,0x6e44d6bd,0x733e177a,0x012dde95,
-        0x08ee2c23,0x68b49669,0x1f5f1949,0xd9bb0541,0x6acd886f,0x95182c71,
-        0xfbde9244,0x1c690694 } },
-    /* 152 */
-    { { 0x3a880026,0x5db67d17,0x125d95f2,0x89c4f0a0,0x3f6cb7a4,0x29050551,
-        0x5cbbdca5,0x3eb231d1,0x972bcbd3,0xf8cffc99,0xad55a03a,0xcb4ef4d4,
-        0x22867c2f,0x944d47ca,0x0ead1aa5,0x96d88548,0xcbc8b045,0x76a57cf8,
-        0x005e55a0,0xdfe5844b,0x1d18a097,0x5e9e7e19,0x52923c74,0x957a26e8,
-        0x7f5db339,0xd0867b79,0x63bed0c8,0x2553408e,0x689ad23c,0x1596e5d5,
-        0xa504c339,0x7b8c13d6 },
-      { 0x52fb6901,0x2fc43aad,0x16ca253b,0x1c0313f9,0x515aadc6,0x1475830a,
-        0x7f577dc2,0xc93d1926,0xf723c0dd,0x26e52e8e,0x3eb9f6da,0x2f1e0eb8,
-        0xf180376d,0x9979de82,0xb0834939,0x43e28ecb,0xa39c38e7,0x9a2d51dc,
-        0xa8e3f6b5,0x6e6063a9,0x4b9b3270,0x4cf1da3a,0xd2f8915d,0x6e5348a2,
-        0x50507912,0x5e75e3e0,0x20d383fa,0xaeffce57,0x8fd2fb29,0x1d6d53cc,
-        0x696f4cd0,0x0e3c3ef6 } },
-    /* 153 */
-    { { 0x21ee1d83,0x3bc337c1,0x787b7788,0x97e08f6d,0x138fa4ce,0xbf709fcc,
-        0xa0348e58,0xbaf77647,0xa55e672d,0x04f8babc,0x7d5ec5dd,0x0ed2919d,
-        0x33e99218,0x8ce64bff,0x24b059af,0xac09fc57,0xdc5e32ba,0x506831f9,
-        0x465af6a9,0x26a22677,0xc97f1ff8,0x3c5efe66,0xbc6087fd,0x1515e0d6,
-        0xaa8edc6b,0xb1a39c5e,0x0e79ed29,0x3dd816bb,0xbc3788b8,0x6cc13769,
-        0xc092a51c,0x463098e3 },
-      { 0xc8bd0fa7,0x3a6408c7,0xce6bde49,0xd1764311,0x283ef7be,0xe315e108,
-        0x99b5d938,0x8213cc77,0x45a49a6b,0xaf7f1581,0xe529e4d1,0xd00fdb0f,
-        0xce66c9d6,0x55d38f77,0x1bd4b952,0xb4f7ccc0,0xaf71f986,0x8d975b49,
-        0xcd64d00a,0x12b59fcb,0xa5a3bad7,0x1860e504,0x2b5c89f1,0x6d976044,
-        0x7a3e231f,0xfed0c659,0x178cba92,0x58114c33,0x6698e11e,0xe2e74c06,
-        0xa348b85a,0x7f8fd093 } },
-    /* 154 */
-    { { 0xc19428af,0xf24592ca,0x3a308665,0x192a1c81,0xe30bbd7f,0x42589812,
-        0x836c6bb9,0x10db0723,0x598e4987,0x9c7a41e9,0x6ead6f4b,0x8aff179e,
-        0x75862c44,0x70f8f9b9,0x6f21983e,0x6b3b0237,0x98e65152,0x25d83e9b,
-        0xd751218a,0x3b2d26a8,0x9d6f1da6,0x9508281a,0xa5a81f74,0x8df78d05,
-        0xe4687471,0xd79ee559,0x6787d8cc,0x2060ca57,0xa8476c95,0x427a84ff,
-        0xe6435131,0x87b64c51 },
-      { 0x4b30d3c4,0x87f46f65,0x23b4ef14,0xcdec4c5c,0x63ca4d68,0xb3b74766,
-        0xcf3fb56d,0x1df34269,0x0fd7d46a,0xd4f139c4,0x6a69a8bd,0xa3b7c7c7,
-        0xcbadd7d2,0xee56b4c9,0xac942334,0xb28ff342,0x786f1da3,0x0046fdfa,
-        0xb700c82e,0xce5d149c,0x50966597,0xca30ef81,0xfcff4bdd,0x44a20609,
-        0x44925268,0x0f2f65e7,0xd4021f38,0xe5b6552c,0x042dbbd0,0x77ea9c2a,
-        0xd9c062f5,0x8c95267c } },
-    /* 155 */
-    { { 0x5fc1abb1,0x6655032e,0x12fe4743,0x2215af54,0x29f05ef5,0xfd657560,
-        0xdc191be9,0xb0e73325,0xc08639b0,0x7ab3c65e,0x1c3e6673,0x67507f51,
-        0xc8615555,0x638befc3,0x42f0c4ad,0x5d0188cf,0xd896186d,0x843a301c,
-        0xb2c6741e,0x045603f7,0xfa3cd1d0,0xf7545c0c,0x4a40672e,0xf612affd,
-        0x45b9e8dd,0x56197c9f,0x87922d74,0xb453237d,0x4b2d59bf,0xbf132e3a,
-        0xb84a6a16,0x8afa1b73 },
-      { 0xe793ac70,0x6b3596ea,0xeef6dd10,0x4c94ef8e,0x70422e40,0x926b4fa2,
-        0xe9e5d763,0xc8c71dce,0xf512aadf,0x352fcb70,0xa883975f,0x1b7ba138,
-        0x058c3b13,0x57991390,0x97740fd1,0x9692092a,0x160b0697,0x19ad945b,
-        0x10837ab2,0xbc634388,0xf174bb71,0x76ee11c4,0xab1b80eb,0x6111bfc1,
-        0x70ec458a,0xbc82bac8,0x312d3325,0xeee60127,0xb240adc8,0xb4118b1a,
-        0x2b5a093c,0x67211191 } },
-    /* 156 */
-    { { 0xf55cf9bf,0x91e99306,0xa46b96d9,0x9b045308,0x9e7a65df,0xae3c1e1d,
-        0xc731bcbb,0x453cb151,0xa4d58a61,0x14be5227,0x97c74cc2,0x39dac922,
-        0x822e00d6,0x4d0f7a45,0xc62b03df,0xafeb1d51,0xbaa18b2d,0xbb1dc3a4,
-        0xdf2b74f0,0x7f3c7178,0x896b6a33,0xfcd328a6,0x1dce055f,0xe95ed454,
-        0x6a4e2b87,0x97fbc76b,0xfa59dce9,0xe5ec67f1,0xcc0367c1,0x052368ac,
-        0x54e4a3fe,0x7c863916 },
-      { 0xca7388cf,0x55e94b5e,0xc0335d38,0x17cc0a60,0x616f85ba,0x9b69b78b,
-        0x10122980,0x705d02ef,0x1cfd0a79,0x565a6e80,0x7d1ee352,0xeb74a96d,
-        0x427b9dad,0x5c8832ed,0xe6d5330f,0x96ea8528,0x18d24ee8,0x30d8862b,
-        0x9ff939f7,0x9cd38ed5,0x01060252,0x690fc9a2,0x2303b3ff,0xc62d88b8,
-        0xdd52b469,0xfc42d7a4,0x8cad2d93,0x06f8dfa2,0x60920438,0x50236090,
-        0xfce855ad,0x32582758 } },
-    /* 157 */
-    { { 0x359e8c60,0xeb20e45f,0x364ca186,0xc71bb8a5,0xdff8e110,0x02b15071,
-        0x4c93e578,0x074e91d3,0xb829d0d8,0xc0326e00,0x626a83fa,0x3c192258,
-        0xfb29a09e,0x387a64d5,0xe5ac5c82,0xcaaa3d34,0xada2da29,0x8ed685e5,
-        0xeb29650e,0x92720267,0x763802f3,0xf7184b19,0xdf6b1aea,0x23f5dd0e,
-        0x25e6125d,0xbe1fa347,0x0c872a1a,0xd6287f9d,0xac57c3af,0x49aa93d2,
-        0x5bda7656,0x1a4e6a71 },
-      { 0x554d1267,0x1a126ede,0x1cd02b48,0x37f94533,0xce31fb1d,0xd70af04c,
-        0x097dc012,0xcf410b0b,0x36c7b6c5,0x930e1d17,0xc6891085,0x902fee41,
-        0x79fb638f,0x349ba4a7,0xacd6f8df,0xa16c5821,0x2e076ace,0xfb3b83c1,
-        0xe501d14d,0x6b8d033b,0x20f2d2da,0x0593d452,0x99df1880,0x3752526d,
-        0x9feb33a6,0xca32351c,0x1f6ef456,0xd91343bc,0x35b9dc8a,0xc74857db,
-        0x85b4e832,0x856a7c93 } },
-    /* 158 */
-    { { 0x0d0a5583,0xa007d002,0xeda4658a,0x2f1301dd,0x34d939be,0x91c07964,
-        0xa70c0836,0xa0cb6780,0xbe81e540,0xc0b4df95,0x5d4ac8b8,0x6cbbcd34,
-        0x54756239,0x57c52ed0,0x1805ceb6,0xcac2dca4,0x79344255,0x915ee6ab,
-        0x24c9a2a6,0x366def31,0x8c12c674,0xbd3b962f,0x7dbb7c3b,0xaab64f1b,
-        0xe22bb95b,0x3c0e4553,0xc4c63b74,0x2408feba,0x2a4da631,0x3ca77312,
-        0xc636da40,0x62889084 },
-      { 0x8cb8d208,0xa457fd53,0x543f06d4,0x7a8f8009,0xf2eff2ab,0xb66de154,
-        0xf72517e7,0xfddb28eb,0xf9389d2c,0x0149fe66,0xd85b88ce,0x79e8773f,
-        0x0ba543f7,0x452e090b,0xb0b03fc0,0xdeb9b5cf,0x6c5ed77b,0x3113448a,
-        0x8ffc0372,0x3609f3cf,0x5c1b4c4a,0x2bc9c46d,0x8fa59be9,0xe66f3bf3,
-        0xcdb02691,0x1396bf5f,0x009f88f9,0xf1ec59d4,0x2ad9dfe3,0xc2903456,
-        0x5ada4d58,0x79d8122c } },
-    /* 159 */
-    { { 0xaa529507,0x14d4e4ce,0x74655d00,0x056a0814,0x4f0fc474,0xc0d30a38,
-        0x3443cb8e,0x8a8203ea,0x97f1728d,0x33c62fb0,0xb520ef52,0x8a38dcfd,
-        0x7cac9d3e,0xa0f90d5d,0x873cea50,0x28a7b0bf,0x6c6c41cb,0xd115ae3a,
-        0xa13812c1,0xa35171da,0x624d507e,0x25d4bba5,0x7e98f42f,0x91dad289,
-        0x96a41371,0xffd6b1e9,0xb69e5b77,0xd46c2125,0x20c4f707,0xc7d2b424,
-        0x8142557a,0x2ab3af95 },
-      { 0x6a5372a6,0x86ca074c,0x56292ba7,0x728fb83e,0x77741cf5,0x745596dc,
-        0x520ef49d,0x70b4cea1,0x61e46472,0x1472fe34,0x3fb8ac5d,0xf4d6bd66,
-        0xc10bc071,0x46e52cc9,0x371a3461,0x28794efe,0x276fe877,0xa4850718,
-        0x9bef5ab4,0xedad5773,0x3f15c815,0x24c2d9ff,0x8f8395c3,0x188950e5,
-        0x80b6a855,0xbae40996,0x8a8803e1,0x4f53e22c,0x039d25ee,0xaf233f61,
-        0x250409ca,0x07db2c35 } },
-    /* 160 */
-    { { 0x037d4703,0xc7f3b8db,0xc5f488b9,0xe83708df,0x8471d402,0x1fba830f,
-        0x5a2faae9,0xa55ee8d2,0x5404fc1e,0xc2e5bf10,0xaa2d5651,0x647d5027,
-        0x7ebaf5f9,0x37a53c0c,0x95b30abf,0x7adf0bb2,0xd64c93ba,0x5a62e1fe,
-        0xe2ef4a78,0x7ffc18c0,0x4d2cd04f,0x139dd9d9,0x5ea0af02,0x253fbab7,
-        0x0fef9acf,0x7c8100ea,0xc8615aa7,0x74c5384d,0x9fe52069,0xcb28682d,
-        0xcf7dd759,0x08b6ca8f },
-      { 0x036c3b5a,0xe04e5bea,0x7f9f2b4b,0x38726102,0x29797c0f,0xa9fca570,
-        0x82879ea3,0x1656180b,0x607f0ddf,0x153389bb,0x67b0e087,0x99a1223c,
-        0x9d897fc7,0x0d1808ec,0x916edf19,0x9470711a,0x07217118,0xf8f52f2b,
-        0xd18888b6,0x5d8b29ff,0x4cc6f900,0xef1e22c5,0xeb24877f,0xc4036165,
-        0x35479525,0xfda95233,0x6861468a,0xd622a421,0x74faba08,0x5d043b07,
-        0x0d31a7d2,0x2c337b02 } },
-    /* 161 */
-    { { 0xea22fa65,0x7b2305bc,0xd159f63a,0xbe183ef4,0x3f35923f,0x3473d87d,
-        0xc11d7753,0xb27fb306,0x2a054cff,0x702e7e6b,0xaf185619,0x3ce9f97c,
-        0x4e7d51c5,0x83550243,0xf356ac5b,0xa63e3d82,0xd7645131,0x867b7caa,
-        0xa671fc9d,0xee85e6af,0x2b07cd77,0x3b985ede,0xffda5193,0x07d598b0,
-        0xa942dc36,0xb10eca39,0x506218a9,0x17f3dcee,0x06b7d5ca,0x3d94e8d1,
-        0xed8831c9,0x509b2634 },
-      { 0x48caed54,0xb1b9414e,0xcbf51e97,0x77a78c6c,0x4de9b258,0xa4688c8d,
-        0x91ee3d78,0x0024137c,0xe30ee64c,0xa68f9234,0x88190d78,0x573255bc,
-        0xba80690b,0x41e8e05f,0xec354f4c,0x50038d84,0xdfa52816,0xb18f02d6,
-        0xccb63fda,0xc47f9007,0xe98ae455,0x29d480fb,0x5d0e319d,0x4ac45d22,
-        0x026db719,0xd06f3575,0x2c3587b9,0x733b9e20,0x2c317727,0x22483992,
-        0x54bb8752,0x1592d5a7 } },
-    /* 162 */
-    { { 0xcf7453f0,0x5778d9a2,0xed83c1f0,0xaffb899a,0xe0a82ba7,0xae6506d3,
-        0xea3d5081,0x32c84e1a,0x810aa38b,0x9ad528c0,0xbd37d041,0xb1fdb020,
-        0xd06ce41f,0x78d6cbe1,0x2e74b7f6,0xd287f0f0,0xc43bb022,0xf5cd2575,
-        0xf81a71b3,0x6d28f2f3,0xc633e7f4,0xe65bb1f5,0xc4fc580e,0x32e5fc1c,
-        0xbb7b07a5,0xcd55539f,0xc3caaf3a,0xb5a94471,0x4cc22d2d,0xb958bdf4,
-        0x77a2777c,0x1614bdbd },
-      { 0xed0ab04d,0x4c1f0230,0x6e2082ea,0xae347b00,0xc42c5b5f,0x9f10bc63,
-        0xde019935,0xb0539e6f,0x65dd0825,0xd89bd4e7,0xbbceda16,0x92260fef,
-        0xe62aca32,0x8aaa755c,0x5ec82c5f,0xed762fa9,0x18650768,0x99e64c01,
-        0xc92e348c,0x57dd6245,0x31ea6d68,0x0db88a77,0x07b44736,0xef0012ab,
-        0x171d70fe,0xb9356b94,0x03f891b0,0xe68b0628,0xb79c20a2,0x3a54a53a,
-        0xb00b0728,0x489656c7 } },
-    /* 163 */
-    { { 0x71353c25,0xe43649ba,0x13f67e24,0x517f27a1,0x1c1eb9e3,0x10bd333a,
-        0x78e29bf9,0x94e1c05c,0x4743f15d,0x84fe7d97,0x90da2df0,0x9c874908,
-        0x53673be1,0x82403fa7,0x1baea1b1,0x7ebf5db4,0x24180ead,0xcfe0ae35,
-        0xc2f50c3f,0x1d15873f,0x70661cd9,0x16851ad6,0xa51e8c2c,0x802968d9,
-        0xe0161099,0xe7d1a9cd,0xa8a7ea56,0x2b153c89,0x06e3c498,0x6d41b789,
-        0xd6769dcb,0x082bb2e9 },
-      { 0xc4d6615f,0x6180ef46,0x01b9829c,0xfc629dc1,0x0fb264ca,0xde222ec0,
-        0x10ecc2c4,0xc5457e06,0x1eea2c4d,0x95ce599f,0x8f9c5b2c,0x0433fa72,
-        0xcd6310f9,0xee035462,0xce2e2253,0x84c57c3b,0x96d87e44,0x6c8ec31a,
-        0xa452c5a7,0x30bfe393,0xa047b235,0xc592b140,0xc018545e,0x7bd8be18,
-        0x5c178c46,0x794e0107,0x2e23005b,0x48471946,0x622a54f3,0x2665e237,
-        0x901c9042,0x36451a46 } },
-    /* 164 */
-    { { 0x19893e71,0x17802d18,0x539a2082,0xa1765d8b,0x2302ecfc,0xfc6aea01,
-        0x365bf59d,0x8d4cf51b,0x0d232a80,0x87741d72,0x18e80427,0xac343eb3,
-        0xe74739ec,0x553ecb2f,0x1a8b07ca,0xaeca79a8,0x56f4ab3a,0x089ff322,
-        0x3fa1d1f7,0x5e95d729,0xf62a9a16,0x260569ae,0xaa08ddc2,0x5e776232,
-        0x1b7bb54a,0x93fabec3,0x743d56e7,0x48a20956,0xeb0ebeff,0x749cdb12,
-        0x69b8fcf1,0x705307a4 },
-      { 0xe488310b,0x7a8e4c04,0x5325cd7b,0x12726e32,0x4983efac,0x5d0fd8b0,
-        0x02ddb913,0x796e552c,0x77b9685c,0x0eeca3f7,0xb15f24a3,0x9b766e89,
-        0x48efc979,0x7c2736d6,0xa8021c6c,0x3d619685,0xa0b2f1ea,0xfe33e278,
-        0xb676d6b0,0x95c69879,0x1af4e0be,0xa0747319,0x36c4ee55,0xa2fab5f1,
-        0x59e5f3b9,0x6938b8ff,0x39cafe6e,0x1e114da4,0x6a6ad120,0xc9595ec3,
-        0x57e62aec,0x80f79bd0 } },
-    /* 165 */
-    { { 0x60af09b3,0x3cef42a7,0x933dfe14,0x3c016ebd,0xed85eaa8,0x720cf1e0,
-        0xceaa3bc9,0xd4f5e99f,0xb7106f97,0x7216b9d2,0xc9668ad2,0x65f34c36,
-        0x5b0c651f,0xa8fb82bc,0xf2fda4de,0x20f42f1c,0xd21f659e,0xeb31ab2c,
-        0xa13d1618,0xb7a776c7,0x38662be5,0xec441022,0xcad08e0b,0xc825da70,
-        0x022c0180,0x99299079,0x2aef9ffd,0x7623bda0,0xf5c58b50,0xde84f4f3,
-        0xd824ff19,0x5f5a5da4 },
-      { 0x7e8311dc,0x5737257e,0x466cf136,0xdef94f51,0xb05ca21a,0xa73e1645,
-        0x02e4ab37,0x38ea9b3c,0x8579165b,0x7760eac9,0xc24b01a4,0xdffdd047,
-        0x3fb95584,0x188d4fd1,0x25548bda,0xfaac38b8,0x59e9dcac,0x1a79a6f0,
-        0x09a2700f,0x983f720f,0xfb8a7e48,0x8cbba554,0x47a1fad5,0x38a19968,
-        0x5abd6b5e,0x11856547,0xf3716ec2,0x75113d31,0x4212907b,0x1391e781,
-        0x0dc15889,0x5319c801 } },
-    /* 166 */
-    { { 0x6b61c3af,0x2320136e,0x07b4bb68,0x1d40f2de,0x380c97f0,0x651dee7f,
-        0x6a8c313a,0xa978ba70,0x2011ca10,0x22c587d6,0xab1f445b,0x48bba218,
-        0xe50444e6,0x8c5eaf07,0x442fccf9,0x5549f02a,0x3d80493d,0x2564746f,
-        0x79c04591,0x42d24f61,0xabdc8887,0x1600fa18,0xded38f8f,0x5cb8600a,
-        0x923aeb46,0xa4bf9b90,0x1e1c578a,0xd63fee35,0xebb9ea14,0xf3c9c5ac,
-        0xf11a4ff0,0x3d13314d },
-      { 0xb4513d1e,0xe5cc662d,0xd55952bd,0xde78a8c5,0xe7f86d0a,0xe8a37a3f,
-        0x7a04f0c5,0xca2d12a4,0x2e25d06c,0x4c6696e4,0xb2136071,0x52614698,
-        0x89f6e1cb,0xf4d2701b,0x80efd95e,0xaafd6177,0xc5bb6907,0xe6d73ac4,
-        0x420db35a,0x49e874ac,0xf2751fa0,0x11631de4,0xa1fa2edd,0xb29f7336,
-        0xb7fd794d,0x4c406864,0xe22f92a6,0x73cb21d3,0x2043cc76,0xeae904e6,
-        0xb322c6ad,0x67f28a9f } },
-    /* 167 */
-    { { 0xca148ab5,0x7c17b258,0xb3c60051,0xb9a1976f,0xc8f28df9,0xea260698,
-        0xe8d45017,0x87b2cc74,0x0578a422,0x37257329,0x17bec732,0x81d5ee25,
-        0x1d48bbc4,0xd7411fcf,0x487f5cfe,0x46217e6b,0x41eb8e1b,0xcb007ac5,
-        0xe05a00c8,0xc41c57a6,0xd2f9fa99,0x1f954d2b,0x40941cad,0x370bd5db,
-        0x3829509d,0xe487879c,0x5ceca5ee,0x4c137552,0xfd3efb9e,0xe8ef7fa4,
-        0x1bd1bdb2,0x5ff09174 },
-      { 0x579c6632,0x791912a4,0xb8a20815,0xbb19a44f,0x535639d3,0xf4f97b84,
-        0xbc3c9bce,0xe57e2bcb,0xf19e6410,0x122b3f2b,0x1357d9ad,0x1f0189da,
-        0x79e5ff66,0x675573bb,0xef2f3c4c,0x444e5c98,0x04d10731,0xd6f61e20,
-        0xac75d635,0x0dfa366f,0x2c854f23,0x9fc47c86,0x0ad0850b,0xc04ae43e,
-        0x2f720c32,0x5ce94f64,0xa753bc9d,0x67efae65,0xb0373a63,0xc27d30d3,
-        0x29721646,0x6681013a } },
-    /* 168 */
-    { { 0xe84509df,0x1385d913,0xcf339376,0xe978bedd,0x3423a148,0x2df425d3,
-        0xee8cb579,0x43fa0ae3,0x31c4553c,0xf015369d,0xdfbf1d48,0x05cf08bb,
-        0x9444244a,0xadff4be6,0xa35dda33,0x01635f81,0xe76fab7c,0x085c8949,
-        0x16737783,0x4bd7fcde,0xa254f8d2,0xfd8cb52c,0x413ec985,0x62168a66,
-        0x7a9026cc,0xf2db9741,0x50e1e1b7,0x3962ee56,0xd3beffde,0xbee0a346,
-        0x0bdfab1f,0x3b35b72f },
-      { 0x535c3749,0xbff8de9f,0x8add9c48,0x23c1f20f,0xc8f8f663,0xa975b37b,
-        0xe8f3ae49,0x2529e475,0x1d5e2628,0xc32f10d5,0x67862f1d,0x5ac0d297,
-        0x854cbe36,0x13c79338,0x4b67e462,0x48f004ef,0xe5d10ee1,0xfa37a150,
-        0xd28288a0,0x4974778d,0xcfb73f4d,0x96830a66,0x07804952,0x9f444013,
-        0x9760b694,0x8233c709,0x25b75c99,0x8340cca5,0xc771f99c,0x3f62e40b,
-        0xcd95c685,0x47d0a1eb } },
-    /* 169 */
-    { { 0x652811f1,0x266f4fff,0x62ef3002,0xeaacaa93,0x50cba0ca,0x6c387a55,
-        0x007f5467,0xa350142a,0x202f2673,0xc7fd102a,0x33dc6e65,0x5daee570,
-        0x064a63d9,0x60682ec3,0x462b251e,0x46cf0bb0,0x5da936e7,0x0e030ca5,
-        0x434265b5,0xc87a60f2,0x69b4e8f5,0x9637b2bb,0x7ad7770a,0x601fb58c,
-        0xed3a15a6,0x1f2147f6,0x2995e961,0x05b47d5e,0x83213a16,0xcb0ca9b3,
-        0x4995a85c,0x8f4b614a },
-      { 0x4b4eb3c1,0x5aa8ec19,0x20323a70,0x8c549ac4,0x4f6cc6aa,0x00d49322,
-        0x45f9a5a3,0x0e53b9bb,0x0897abbb,0xe46ef110,0xd7acd7d0,0xfe873e57,
-        0x0f7cb588,0x7cfccfe5,0xc85557d1,0x0ea53d65,0x7288f2e2,0xfdd9eb44,
-        0xc0eb68a8,0xab2dedfa,0x08603a0c,0x58221470,0x00feb06c,0x69464689,
-        0x25e5caac,0x804cf5bf,0x9fc91ae9,0xd8559858,0x73c45eae,0xed9378b1,
-        0x524c9801,0x8f942d02 } },
-    /* 170 */
-    { { 0x8e845808,0x1f1ec302,0xb77abfc5,0xc302bffa,0xf8d97dc7,0x26afd4b9,
-        0x3aac594b,0x3d3a83c4,0x674d94dc,0xe3b74bd1,0xcaa5911c,0x4464b737,
-        0x871c2cd2,0x62925773,0x3b4440fe,0x419f2485,0xe052ad7d,0xdda6a0f3,
-        0x846c86c0,0x645280d6,0xf8324f42,0xa25689fa,0x07cf117a,0xc74ad1e8,
-        0x8ddc9db7,0x5626dea0,0x966fc85d,0x52620373,0xf3b1eb53,0xe0ad57c3,
-        0x949c1acb,0x38300252 },
-      { 0x5e744723,0xa0ef5a40,0x1ae08481,0xdb5bcf75,0xfec1f76f,0xabfad8cc,
-        0xfab37fc6,0xfba5d831,0xc8fedb78,0xbe39e248,0xad93f310,0xa5cfad5f,
-        0x913d5c24,0x747fdb1e,0x4518b7f5,0x052a47c9,0x7cfb4327,0x9e208d6c,
-        0x70e538be,0xb135cb9c,0x5bb17916,0x36352759,0x5b3106c7,0xa2c07880,
-        0xc209bb06,0xd2d42a06,0xd3c504ad,0xb525b471,0x822ce034,0xc9f4b368,
-        0xeb4185a5,0x15f18796 } },
-    /* 171 */
-    { { 0x0aee4684,0x094dea06,0x7cdbdbc8,0x42b21f06,0xb1931319,0xa439e149,
-        0x81a7dba6,0xea4bdd41,0x3c2ae80f,0xc6213706,0x12823dc2,0xb58b0967,
-        0x832611b1,0x7443d515,0x13c20384,0x2e16f831,0x2bd992d2,0x0ce204d6,
-        0xf419388b,0x499dbcd6,0x1d3778c7,0x492ded1d,0xc5ddae73,0x9d5bd74f,
-        0x994b6259,0xd4813d52,0x0e86ca68,0x191d9cf6,0xf3e9c2ac,0x562179ea,
-        0x9fee1238,0x6146f1f3 },
-      { 0x078e2aa6,0xbd06d33e,0x9dee9265,0x693af7f7,0xdaa40e84,0xd56e0f81,
-        0x9b9a407e,0x05fbbb88,0xede99519,0xdcf44adc,0x092dba39,0x7f71f8d3,
-        0x4231774b,0x675b5da5,0xa5f605eb,0x7456a251,0x87a39a9e,0x9031d4af,
-        0x05b474bd,0xdb430006,0xb665aa91,0xbda5dbf2,0x6631eeb4,0x5d1a3df5,
-        0x62377c58,0x028149ef,0x685d0bff,0x2e1af4e9,0x82a465de,0xe0ea0875,
-        0x06bd0050,0x95543f9e } },
-    /* 172 */
-    { { 0x85d7c6ef,0xf7cbc6f4,0x63b1bc24,0xcad8084d,0xbf8cba62,0xdf90ce88,
-        0xb455c192,0x98e4b686,0x774fc6ed,0x6146b8d5,0x7ae20077,0x70e2389e,
-        0x61c22529,0x5241c479,0x3884e5f5,0x7d221510,0x17e28273,0xd6d20ce2,
-        0x4f2674f8,0xe3119f51,0x70c011db,0x85459055,0xfcfb760e,0xdfab75d9,
-        0x9e8c2a19,0x9546362a,0x4a7d4b27,0x4b6d3f8a,0xee5d698c,0xa5c87104,
-        0x2ba296ff,0x6db43478 },
-      { 0x5c3f0d95,0x06486493,0x4e748895,0x8917db82,0x6b2f3e44,0xf73fdf62,
-        0x2b7f574b,0xc60edc54,0xaf732723,0xbe1c09a2,0x7cad114c,0x7d34669d,
-        0x321aaff9,0x9646600a,0xed0cd61c,0xb94e2bba,0xdec4750e,0x866e1a41,
-        0xb1a89f58,0xa1be990d,0xf2759693,0xc39e4d6c,0xc0e0dddf,0x11cfb780,
-        0xd99c8a41,0xf0afcd7f,0x6e1c3050,0xcebffadb,0x96d2c6e4,0x4f3981b0,
-        0x2ae27a94,0x07a791e7 } },
-    /* 173 */
-    { { 0x1e9f0300,0xe70e9047,0xbccdf904,0xe0253ad9,0xff053078,0x51c0289d,
-        0xae893462,0xf1ef092e,0xa4846845,0x2c90a91a,0xf1dad4b4,0x1946eda0,
-        0x33df67b2,0xf07650f3,0x0b15a014,0xc6e988db,0xb542f0f9,0x72e0c66e,
-        0xe0c0378f,0x5d4b6311,0xae86950d,0x548badaa,0xb35f1c8f,0x6801638d,
-        0x944d1ad4,0x129e3216,0x40471d32,0x9951bac8,0x85e94dde,0x03cc29f3,
-        0x4543ecac,0x6d6acc2e },
-      { 0x57b2d299,0xeb999e95,0xe3d721cd,0x3a2bcd9b,0xbb4cb444,0x2e60384f,
-        0xdc060faa,0xae177709,0x8c987cde,0x74f0e6d3,0x1076fbed,0x9a237cf8,
-        0x7983fbff,0x69af1513,0x323f9584,0x6c3f7a1d,0x6db64398,0x3e21cacf,
-        0x96703d92,0x7cd8134f,0xb8393f76,0x0755898f,0x2e825222,0x1b5b28bc,
-        0x7924aa7c,0xb78799c1,0x81427a8a,0x1db378f2,0xff289492,0xd5a451b1,
-        0x3d3c46ee,0x79d18212 } },
-    /* 174 */
-    { { 0x109d5589,0x1a3edff9,0x029b4499,0xded52eb4,0xb4b54adf,0x13eb9d30,
-        0xa27bff67,0x4f9214c1,0x67f0f460,0x4c817ee7,0xc3a50e28,0xbadf8d83,
-        0x94026237,0xc5dc03c9,0x966647c1,0x5f29581b,0x8a0687f3,0x10b6a089,
-        0x31634517,0xae787cec,0x62e75188,0x2001dba5,0x45e2c3fb,0x55d4e1a7,
-        0xb67d3395,0xbfcacdeb,0xbc6842ee,0xa1a0af9c,0x3e88580b,0x50590a2b,
-        0xa784cdc8,0x73104491 },
-      { 0x2648d676,0x44ca2cdf,0x4f1b12b1,0x9a85eca5,0x2980e1eb,0x1b9dac94,
-        0x1ac8aa89,0xf30d3709,0xc719e195,0x73072ab7,0x2f703797,0xba518c82,
-        0xac0067f6,0xac090e14,0x8dcd2927,0x0e6cfc70,0x21e7da63,0x4f5889e2,
-        0x8371c7c6,0xb4aaa40b,0x8f7878c9,0x1f9dabe2,0xd84caf3f,0xf78aed6b,
-        0x9e0e1d92,0x3c39dd07,0x122424dc,0x680be5fb,0x0bdc0099,0xf41b214d,
-        0x5180c54f,0x6a8f8fc9 } },
-    /* 175 */
-    { { 0x53235132,0x62a1ed63,0x59dba88b,0x1db233f1,0x291efdd8,0x85625452,
-        0xb25111ae,0xc7505297,0x1d701bd8,0xb5921af9,0x9774f45d,0xb4d05d72,
-        0xf18e73ff,0x6e3d4c5e,0x899b3038,0x897d985f,0xc89b1558,0x8a9c30fb,
-        0x4d13181c,0x3c92d1a3,0x2223320e,0x292e86ba,0x01ceed02,0xcf2454c2,
-        0x583f309f,0x27a45f74,0xad0fd1a3,0x75a6102c,0xcb9c7538,0xdb4f45d2,
-        0xdb283fd7,0x4752d8c1 },
-      { 0xd5dff4d5,0x514d6cea,0x45a827f4,0x74cd5fdb,0x4fc7135e,0x1070a60c,
-        0x1be5778e,0xdec0bb78,0x58dc6b08,0x271e12cd,0x54bc2496,0xb765089b,
-        0x619098ac,0x6ddf2c63,0x67528832,0xfd6ebac6,0xc2508af1,0xeaa2d025,
-        0x4dcfc1f0,0x13c2cda8,0x45510be0,0x1c7836a8,0x1a886801,0x3904688d,
-        0xafaf2545,0x643132aa,0x2830a88d,0x49685577,0x8744b470,0x569491ca,
-        0x75fb8552,0x3a6518f3 } },
-    /* 176 */
-    { { 0x224042a0,0xaaa8ed50,0x2452f1e6,0x6cb4e3b0,0x768211d8,0xedca5f4c,
-        0xef4d5d3f,0x4e0fe3f9,0x522d46e5,0x33a8e2a4,0xf1446775,0x5998e21f,
-        0xf592d01b,0x1496c50e,0x83a67739,0x69104c2f,0x472bbf00,0x28670bcb,
-        0x503177bd,0x8ea883b2,0x7d2712a2,0xc5d8bc05,0xb439c994,0x41ef9317,
-        0xdcda1aff,0x9801d3a8,0x7038f6fb,0xd686eeb5,0xfbfbf820,0xe80c5cd0,
-        0xedc25817,0x540ac363 },
-      { 0xfe7f43df,0xa71969a9,0x2c1b9e4c,0xe6653808,0x859c2917,0xad9677d8,
-        0x96aa4404,0xbaca9545,0xff1297da,0x0e9d855f,0x22aea7de,0x1f61897b,
-        0x36f13f8e,0x96edccfd,0x16e200df,0x627d3070,0xc98988a4,0x729f0736,
-        0x97f231d2,0x95e25e60,0xf6048752,0xaf7f221b,0x4019b299,0xd6682609,
-        0x26b4b1d9,0x1d99de09,0x1acdd7a3,0xec47cf66,0x6ebe15e9,0x4de9f2b3,
-        0xfa16974f,0x17db32ec } },
-    /* 177 */
-    { { 0x6cf40599,0x75ef6919,0x00c020ea,0x7ea10dfb,0xfcaaf679,0x3da5ae7b,
-        0x88ddd678,0x0d663ca3,0x255bcfcd,0x5a21f8fe,0xe344bc7e,0xe9c3f538,
-        0x548e0632,0x35f62b1d,0x43c6e64d,0x654f2425,0x26993627,0xc755a7a6,
-        0xb0f41324,0xa3b7c5f7,0x3a2180f3,0x05697f79,0x1e81675b,0x6cf85fb1,
-        0xe53428f5,0x6d3cdb35,0x52d28b02,0xe3aa1591,0xf7a3fb78,0xa8470255,
-        0xa194445d,0x460bd01b },
-      { 0xc24d8077,0xbc34dc23,0x4c720d2c,0x82f4b580,0x6f5d1ffe,0xa29da911,
-        0x92783ce2,0x578af520,0xb5904af3,0xe29f51ab,0xf7aa1190,0x46c570d7,
-        0x571bddf0,0x4a522fba,0xae89bb51,0xbf4e2a06,0x59f3444d,0x799b35cc,
-        0x26cc2557,0xc3028367,0xafcec177,0x94a4e985,0x7c36cbd0,0xadaf7dcb,
-        0x75d39077,0xed31b787,0x2d3e24bc,0x52d6904f,0x1f95421b,0xc5ca2669,
-        0x1734878d,0x7d342c3c } },
-    /* 178 */
-    { { 0x11fd127f,0xe5cf2c0a,0x119e4c5e,0x66d36bb8,0x6ef56ac3,0x621ab252,
-        0xe5430675,0x30cfeaee,0xac3e9619,0x2ede27d2,0xf8fce671,0x6413513a,
-        0x075f4c3d,0x6159c61b,0x59069d98,0xd447efe9,0xea76aea9,0xaf8d6f68,
-        0x0f5bd164,0xac5dc61b,0x1e88bb98,0xdbab446e,0x1ba92320,0x618b8b16,
-        0x78989865,0xa0eafb3c,0xc08b7e82,0x0c7abcc2,0x20d160bb,0x10f09b6e,
-        0x8e4c63a7,0x5be0afa6 },
-      { 0x1bbbf49c,0x82ab6d38,0x8c0703fe,0x3e09ce49,0xe10f4263,0xeca58b5d,
-        0xda5a4532,0xd9cc6581,0xf618f7b7,0x07e18876,0x250f7fe7,0x0419a5e3,
-        0xde6b86be,0xbb1a9e90,0x37359169,0x584a7deb,0x5149db2c,0x38eb3489,
-        0xb0ebabb8,0x14546a33,0xc2f88a92,0x0067f0b0,0x0a2db019,0xbde0dfe7,
-        0xc63e6f3e,0xba51b06c,0xe9206fad,0xa19127b9,0xfe80dc0a,0xe4eb5e87,
-        0xd4de30ae,0x1e6fccf5 } },
-    /* 179 */
-    { { 0xaa8ac924,0xb57dff66,0xc298b3e8,0x06e9ad31,0x65fb080c,0xd140e329,
-        0x1d95c93f,0x7dab211d,0x8a180caa,0x6d68d842,0xa20ded69,0x1a929408,
-        0x38df461f,0xa8151753,0x60eae932,0xff5604ae,0x7dae4c0b,0x901b9e49,
-        0xde262e89,0x4573a97f,0xf1084983,0xed69d9a4,0x64724f1d,0x8ffa022f,
-        0xea85a15f,0xd5f1c2e4,0x01453794,0x4c626ce9,0xbf0907dd,0x80440cd6,
-        0x5ddaa837,0x4522d461 },
-      { 0xebfbe7c5,0x8895f079,0x84ef3446,0x30ea1ded,0xd4a1ab96,0x716a9eb6,
-        0x50a30c68,0x1a4a5d22,0x0043bbaa,0x5a16631c,0x5010e5f5,0xbd107502,
-        0x3d8c0556,0xbffe3e9d,0x07772419,0x31b30b18,0x84b82297,0x90ff7ef0,
-        0xf21a18c3,0x00c37d75,0x565bb8f8,0x18d0a635,0x45e3bceb,0xbac1da2a,
-        0x23f0b08d,0x1c38e90c,0x5fbc5ac5,0xf1ba1aa2,0xdda71fc6,0x09d5256b,
-        0x6d7e40ba,0x346501a9 } },
-    /* 180 */
-    { { 0xcc2b0f1d,0x86be448c,0xac4c3703,0xe3eb45c9,0x9fc96bbf,0x5387f65d,
-        0x5ae27fda,0xcef3c4e9,0x1bc18089,0xa008f776,0x22ca18a1,0xf374a084,
-        0x53b73371,0xee882842,0x7cc09354,0xcb6fc6d8,0x61496d6b,0x8489ec1b,
-        0x49e325c4,0xa92c29b9,0x7bdec166,0x15c6ca52,0xdcea2813,0x95444eee,
-        0x3a21154f,0x34683eb3,0xd39061cf,0x8fb26f98,0x06c940bb,0xc3b08aa8,
-        0xe554c96d,0x7c1d42cf },
-      { 0xdc110aa7,0x766e703f,0xf362e378,0xab7b79d7,0x5aadca3c,0xd259c75d,
-        0x60be3373,0x2a6eca79,0x06c4e8ff,0xf4744a4b,0xf3b705bf,0xb2842cce,
-        0xae304b53,0x1a3af5aa,0x1b2d31b8,0x7bbfa201,0x4bee88d9,0xc4ba6eba,
-        0x565cb839,0x2d3565ce,0xdaf7ece8,0x24808696,0xe6959745,0x2c7ccce7,
-        0xe94f9837,0xefd6eb3c,0x3811a326,0x0a33b4cf,0xfffa93a6,0x14203f43,
-        0x73c31d90,0x031e9828 } },
-    /* 181 */
-    { { 0x765a17ff,0x4fefecfc,0xd1290a65,0xa09f3888,0x938da038,0xbf265c46,
-        0xa169ad46,0x4bb6145d,0x23a62fe8,0x33cf8214,0xabc860a5,0x562df571,
-        0x815c38c4,0xbf2a90fa,0x17eda875,0x45ba1d6e,0x946fa5e1,0x799d881a,
-        0xb90f5a3b,0x6c1be784,0xb10ff52a,0x0910a37c,0xa4f4fd36,0xc38c1fe4,
-        0x8e2d3ba0,0xc3180fc5,0xb17a6187,0x3e2ff050,0x943a35c2,0x3a00059b,
-        0xa28cc51c,0x494d3645 },
-      { 0x4ba021f8,0x398426b6,0x796deb6c,0xd14c9083,0x7e36c762,0x6d2e5395,
-        0x751cf216,0x8f556eca,0x19b24a19,0xdaca1e00,0x4b20c2ae,0x47887da4,
-        0xff41a733,0x93ed4ccd,0x5c7c0cd7,0x8d717c44,0x91bf7009,0xcc48634a,
-        0x3b59bbaf,0xa1f146f9,0xe5624f15,0xdd38bb39,0x303f8443,0x96d41aad,
-        0x4bf104fc,0x6b670f03,0x29706582,0x0503f9ed,0xb34200f5,0x768e1f47,
-        0xbbd4c6f3,0x3cfdcc5e } },
-    /* 182 */
-    { { 0xb523e13d,0x536c2a86,0x2920d0a0,0x1014a458,0xe7571296,0x3d52b478,
-        0x7eb51bea,0x05746066,0x87b0e919,0x709f7861,0x686888e8,0x028aed88,
-        0xd94afcd4,0x79a809d7,0xe2129af3,0x50c6032f,0x983c4082,0x75e4be72,
-        0x7ab3be8e,0x98331bbb,0xb618c728,0xd31a032c,0x3f59c4a4,0x36dd85a1,
-        0xed4f61e2,0xdbece345,0x1e571715,0xba7aaccd,0x64a1ebd7,0x138c58da,
-        0x3d1aeea1,0x89296d0f },
-      { 0xcca82c97,0xb165288f,0x1427e8dc,0x26c6c12d,0x4c3edda9,0x66a94f07,
-        0xeaa01ebe,0x94600e1e,0x30f5e86d,0x14abce7c,0xcb456a31,0x741d7020,
-        0x279f42c2,0xab05aa13,0xd4238468,0x70b60faf,0x318d39e6,0xa18efec1,
-        0x8920b318,0xeb07f1ac,0xd8399e03,0x01e3cba8,0x3c81a301,0x65f8932e,
-        0xccc667d8,0xae8bca7d,0xa268607c,0xcee1ae79,0xcac0a12c,0x3182e64c,
-        0x2b1a4c54,0x9233a2f7 } },
-    /* 183 */
-    { { 0x0acbee17,0x717e8df6,0x5c24fcdc,0x0f0959c2,0xe54ffcb0,0x46f09887,
-        0xd285116b,0xb993deca,0xbba1fa51,0x0bfaa4f8,0xd0f2183e,0x9c9249ef,
-        0x96847779,0xf93cb358,0x2322d421,0x284bfb7f,0xd42af009,0x40cc709a,
-        0x9bb1d615,0xc69f2274,0x717c3c6a,0x76f50b3a,0xbb9c5eeb,0x8b21e985,
-        0xa4783b5f,0x58fb19ae,0x52e1c3e7,0x04c86b9b,0xf2971ac8,0xaca59092,
-        0x21ed8291,0x2bb26a69 },
-      { 0x15f81416,0x98a34435,0xaaff5bb4,0x086e72e7,0x0317261c,0x3d1f64de,
-        0x5c0a1cfe,0x31c0786c,0xb3683401,0x542ea4d8,0x1a39b4cd,0x2f77273a,
-        0xcbef27f1,0x14fe7ee1,0x16bb27dc,0xee7fc09e,0x410e5dc7,0xc0dccc17,
-        0x1943b3dd,0xa3466742,0x3f31c1b7,0x92934b60,0xc22c1070,0x0186ded9,
-        0x799f966b,0xa37ee8ba,0x249b0893,0x0f3bfcb4,0x2e92d4de,0xbae61447,
-        0xe196eb08,0x937cb3f8 } },
-    /* 184 */
-    { { 0x16fbfdce,0x57c0e77c,0xc98d4cc0,0xea034cc9,0x42572d20,0xe7606d72,
-        0x0019a83c,0x9861b55c,0xf1597162,0x80ba2803,0x05a0fd7b,0x0f4141dd,
-        0x4b0daaa2,0x8865913b,0xaa3848ec,0xe6685746,0x3e0485d2,0x16d15a5a,
-        0x3b6905dd,0x81c0c774,0x818af2ba,0xcec31b7d,0xd2b74b78,0x80d8f194,
-        0x543e2f28,0xca659db2,0x9fb07c1c,0x31b83a7d,0x1f1048c0,0x86537fdc,
-        0x78586a11,0x4d57bb07 },
-      { 0x53b396b6,0xbc4b768a,0x93b51dac,0xbc8b24c4,0xa30ae1b3,0x33e511eb,
-        0x945147c5,0x893bbd95,0x179fe3ce,0x6cc86031,0x3f920bd4,0x34b0a167,
-        0x6b256160,0xb32912eb,0x9d168d83,0xbc69a2a4,0xef0dd128,0xb4949e7a,
-        0x872699e1,0x2613419a,0xbf21376b,0x06c58477,0xa4f97147,0xe55b1909,
-        0x7b9b745f,0x63d6eb75,0x08df3c85,0xb5365b29,0x55fcfae3,0x0e257e43,
-        0x979f2aa8,0x1067c118 } },
-    /* 185 */
-    { { 0x32bf8883,0xc8455084,0x6fd06667,0x4755286a,0x77c2335d,0xd70b0f8f,
-        0x2f4a2c94,0x678e60da,0xd118acf5,0xa468d8ac,0xbf5b90d9,0xce93830b,
-        0xed4e9104,0xea4b1c74,0x27776ea4,0xac67316d,0x361bab12,0xb98ad75c,
-        0x99122451,0xc323d482,0x530a43ae,0x26440220,0x3292d5a5,0x3a44532e,
-        0x5fecf1bc,0xdb48694b,0xc667b8b8,0xe4e0516e,0xa4306ade,0xb3aa595f,
-        0xf34e9725,0x7e4f7091 },
-      { 0xb7f70919,0x3f3816e9,0x16b003f5,0x765216ed,0x778c99e5,0x46c6cff4,
-        0x30a51810,0xe6a5abe8,0x45e728db,0xef6f49e6,0xcaccefd6,0x6fdd73ea,
-        0x8c37f3f7,0xec394e6f,0xb6407fc3,0x73320802,0x96625cbd,0x988e8f7a,
-        0x7cabfb00,0x83292363,0x407f359a,0x258ba9df,0xccbfae50,0xff01aee5,
-        0xfe251813,0xfbeaeace,0x83f1cba1,0x9c69f161,0x9eadcdb5,0x512c58ad,
-        0x6ccce8bd,0x2ae49cd4 } },
-    /* 186 */
-    { { 0xc40849f2,0x1239b0e3,0xa441098c,0x5136a4cd,0xe547f649,0x61535a99,
-        0x7a9bbac6,0x92e4bdc4,0x53547af6,0x195a1646,0x8b47a74a,0x85ecb319,
-        0x9de6a2b2,0x278553fc,0x0e2ba52d,0x471c038a,0x35bcba93,0x12ba1b88,
-        0x6f31eca2,0xd4bf50da,0x802b32c6,0xd146e3f6,0x3c64c8c4,0x0c9c0131,
-        0xeed21297,0xad30f12d,0x9c68530f,0x9b75bffb,0x8918de51,0x23c0ad3e,
-        0xa73771b7,0x180e9d52 },
-      { 0x29ab77b0,0xc316542f,0xf7aee628,0xdd411d9c,0x353c2f40,0x044c0685,
-        0x4b0ae4cf,0x638dc7e4,0x95fc266f,0xa0924185,0xfd2feb7d,0x639da671,
-        0x5ea39798,0x56858ed5,0x58f3832a,0x7a694f31,0xd316d831,0xa94233c6,
-        0x30a35a7b,0x2fcacb26,0xf1ff713b,0xfef8f7dd,0x59eee2f3,0x8b9b4525,
-        0x156d064a,0xd1b4f91b,0x2f5cfcfc,0x177866c2,0x3777eb41,0x12bc2566,
-        0xd8ab85b4,0x21ca6f3c } },
-    /* 187 */
-    { { 0xa3e66635,0x0e162b13,0x2a9f76af,0x1ef20a2b,0x46db3356,0xab473a30,
-        0x7802bb8d,0x0840bd77,0xa699b44c,0x5b6baf5e,0x1b2207f1,0xc6e11900,
-        0x790b0105,0xe5de16a9,0xdb67f004,0x22b12f15,0x8a025d25,0x185fad45,
-        0xdf0a1142,0xbccf6953,0xf45034c0,0x4c42129b,0x1c277bff,0x0f740400,
-        0x280a9e18,0x6e440b4c,0x842aa2b4,0x767de8f5,0x05e8d94f,0x3de20ab8,
-        0x20227635,0x5aff5859 },
-      { 0xa8458e40,0x805acd20,0x149732bd,0x5a5557d8,0x5f1ca72d,0xc7074131,
-        0x952b5323,0x7f2e269c,0x6494fadf,0x5c592556,0x1a7d2666,0x153b7acd,
-        0x86fe2865,0xa6df063d,0x57d53b6b,0x1e91db13,0xe93ead01,0x9195bb89,
-        0x2963bfe6,0x3d71e1af,0x88278886,0xfab2b9c2,0x3b859b6f,0x77836692,
-        0xf7029dd1,0x6e695174,0x7b984561,0xc7987876,0x5907d849,0x64fb4f1d,
-        0x88d8a977,0x3eab7e1c } },
-    /* 188 */
-    { { 0x52e5718b,0xc73a94b6,0xf4cee1e9,0xe3aefa54,0x553eedea,0x654e9e63,
-        0x5f3aca1a,0xf2541e1b,0x0d083316,0xd7129489,0xfb7f950e,0x7965af63,
-        0xc74e3e4a,0xd8fc9e0d,0xeaf79ebc,0xb4ee48d2,0x8b7787e6,0xa458a86a,
-        0xf7cceaf0,0xd8c7621f,0xdf67980d,0x8228eeff,0xf9106727,0x210d4742,
-        0xb07e3629,0x91f63501,0x7971e29d,0x441761c6,0x03a3b8a5,0xc0ccc65f,
-        0x38e09544,0x3491da4f },
-      { 0xcb062eae,0x6706d046,0x5d08776d,0xee7db735,0x292315d2,0x80de8052,
-        0xc402bbdb,0x40785662,0x26ed3337,0x5f93525c,0x7d568ed3,0x6cea14d6,
-        0x66888b1e,0x916a1189,0x5dc71675,0x0fbd5205,0xe4575df2,0x833d1077,
-        0xec092335,0x4e93100a,0x6cd85389,0x2f9e1d01,0x43226368,0xeebd3725,
-        0x1ba4cfd7,0x401d172b,0x574c5838,0x377dab9d,0x80d517de,0xaeaa6958,
-        0x6ad15a18,0x0c843dfd } },
-    /* 189 */
-    { { 0xc9373300,0x455811ff,0x99fdc300,0x1c39332a,0x353cb655,0xe19bb81c,
-        0x96a83d27,0x774b924a,0xb2ee3f1a,0xcbfc8fcb,0x010d56c7,0xaf278ec4,
-        0xe0abaf79,0x6fde682f,0x7339aebf,0x7566d072,0x71205db6,0xbd35ad5d,
-        0x7051c9d0,0xb5bbe694,0xd3a3067c,0x577db480,0x572d7530,0x2c70ff54,
-        0xe06d853d,0xe8615aec,0x05abfb5d,0x71999ccb,0xea0a8ed7,0xeeefc96b,
-        0x35f6df69,0x2dcc469d },
-      { 0xc65f0e77,0xcca6cd06,0xbd71b14a,0xddcc7980,0x3c93cc00,0xb6221f8b,
-        0xae8cbf57,0xddfcd5b3,0x76f8e63f,0xbc92973f,0x06e132b7,0xe9848a34,
-        0xd51ec9e2,0x4cc59a03,0x3a33081a,0x9c9d32bb,0x80e8466b,0x00121052,
-        0x1bbe7295,0xc2b0032a,0x24938448,0xdbfc6572,0xb6bba0ff,0xe972a0ce,
-        0xc0a94802,0xf60c0a4f,0x599d8bc7,0xf62c41cc,0x312da0b8,0x820c96ee,
-        0xcdbdf9fc,0x5a1a65db } },
-    /* 190 */
-    { { 0x42485684,0xbfba691a,0x29c470c9,0x613116b9,0xe62a0519,0xb4b01971,
-        0x5ff499da,0xf3245aa6,0xa5238eff,0xc2ef87f4,0xcc9d5515,0xc16dc6ba,
-        0x2dbdacac,0x5a7f227e,0xa9bbaecb,0x8dedaac4,0x2e7c9885,0xff308a6d,
-        0xe6895593,0x4c6f2fc2,0x177e0611,0x3655f285,0x300b1bee,0xa63e8d06,
-        0x13c17b54,0xbed0ce79,0xc4974262,0xca4abe35,0xbc4e4037,0xf4b44a17,
-        0xefe5fbd9,0x5ae95099 },
-      { 0x804f7455,0x122e5ee7,0x22066682,0x341a4997,0x7795e333,0x97d24c31,
-        0xe48efced,0x12f4123c,0x19fbc21c,0xe8738d92,0x0663a3ae,0xbb3bdc61,
-        0x8593a6db,0x3603d8c2,0xe3c1ac75,0x926227f2,0x5eaae519,0xfea92ac0,
-        0xfd6812ac,0x5b596f0b,0xfc2a82dc,0x3ce7e844,0x63522b27,0x3840481a,
-        0x52867895,0x836088b1,0x26588688,0x21ffb7cc,0x2f4a7cac,0x0ca33161,
-        0xa3edd298,0x4110667e } },
-    /* 191 */
-    { { 0xc2d04b63,0x81830357,0xf4929a18,0x3fc5a34d,0x22d195df,0xc73bf6da,
-        0xcb432473,0x14df2f89,0xe997f138,0x345afe5c,0x8b9604f4,0xd8e3f5f9,
-        0x50c10ae5,0xad7942e9,0xeed25ff3,0xcefd5447,0x0e73c0cc,0xbf68e51e,
-        0xab54fa4c,0x5b1ad591,0x12b61c8c,0x8bbc1105,0xb5abf760,0xbb932913,
-        0x01e79649,0xdb1231be,0x040ccbe7,0xd0a83e91,0x90a96db9,0x3dde426f,
-        0x34df11ea,0x1cceb645 },
-      { 0x0c6d0f55,0x2d210c4f,0x9c673c9d,0x6cadf61b,0xa9ce3fbb,0xdd7f9919,
-        0x93b063e4,0x135f494c,0x145a93be,0x580bdb3c,0x0f52ef7c,0x4d872332,
-        0x8814bb6a,0x74d876e8,0xc7a97dee,0x4f6f723a,0x3e3cd833,0x7de2b8f0,
-        0xae720270,0x6162f082,0xddfa486e,0xe88ec2d4,0x8d3a17c6,0xd965c859,
-        0x3980171a,0x62e59e54,0xbbef6b22,0x0ab6285d,0x4d48b203,0x3cf45195,
-        0x4ea25ea3,0x1f175233 } },
-    /* 192 */
-    { { 0x3467ea91,0x808a765b,0xfd2d9c45,0x3f4632ee,0x9cf2bc6f,0x7b75dc6d,
-        0x359813ae,0xefc8d240,0xe44cbd8d,0x23ecb209,0x21525622,0x59ba10e3,
-        0x3f1ee19a,0xfa14d934,0xfb0c48f7,0xdf97c21b,0xea30d437,0xc4e62890,
-        0x651475c2,0xb286e2a4,0x126672a5,0x291f01e4,0x31aab3b8,0x9c6fda5c,
-        0xe17d22ec,0xb7277a5a,0x914f0bad,0xbd88ed83,0x6a2392e1,0xd0b05d1b,
-        0x65893c2b,0x4cb8af90 },
-      { 0xbb4b1953,0xa2b02057,0xf597f6ee,0x4ce08b44,0x5e6412c8,0x854f5d9b,
-        0xb3cd4919,0x1913262d,0x6e42bb5d,0x902762e4,0xd78e7f60,0x8355c8e6,
-        0x38b6c16c,0x8efaa824,0xe550f618,0xd0173790,0xe57d778e,0x118af462,
-        0x715b4714,0xa16ad5e8,0x41dea4f9,0x900596c3,0x280ca610,0x2a957c32,
-        0x374c65a1,0x2faee800,0x50080414,0xdb105127,0xff080fa1,0x8c1db931,
-        0xd79878fc,0x486a5c25 } },
-    /* 193 */
-    { { 0x941b4f36,0x0521e213,0xf803b4f9,0xbaacfb14,0x52a54ba8,0xfdf1e22e,
-        0x8fe4796c,0xacfabbba,0x58dbacb6,0xae0788db,0xc19dfa51,0xdf98d736,
-        0x35a716ee,0x155c286a,0x9c86461b,0xbe7d4676,0x63a64a5e,0x50b6380f,
-        0x9f609262,0x14b41914,0xa2dfc5b3,0x0919a7d0,0xcef466ac,0xc454da55,
-        0x6986aaec,0x93fa4a24,0x71a49ced,0x5090b171,0xc1fa75ad,0x602f1d6c,
-        0x78e4c054,0x5d269f89 },
-      { 0x14920419,0x3a74030c,0x90968739,0x0845d868,0xeeb70fa6,0x81b994c4,
-        0xd9fc5bcb,0xabcaa06d,0xf58f8f2d,0x06539427,0xb1dc52aa,0x35c85f67,
-        0x2c911baa,0x5a7d8d72,0xaec2d834,0x4041005c,0x7a8e5347,0xb5868a44,
-        0x8de512c3,0x04ee180b,0x211168eb,0x4daa66e5,0x2317cd8a,0xc0bd5dab,
-        0x61164df6,0xa1d4185d,0x1dbad7c9,0xacedca26,0x09b02683,0x0fe4b5ac,
-        0x26d9550f,0x8ac9995a } },
-    /* 194 */
-    { { 0x2640a39d,0xb2c8dc9b,0xede0c9f9,0x21ff0b38,0xa1ecba0a,0x74f469bd,
-        0x080d0417,0x8a902ccd,0xf4994604,0xe956fa32,0x9776ab15,0x348f85cf,
-        0x0066f492,0xc21fc6ee,0xfeeef367,0x35b1ebfe,0x4613e5ed,0x7804581c,
-        0xea6ba071,0xcbdfe8e6,0x950d73ed,0xddfcaa32,0x1da48889,0xc9747936,
-        0xdbaffbd1,0xce867c8c,0x1cbaeae7,0xd267431f,0x897912c8,0x68255045,
-        0xd7ea1e4d,0x0c7c1ddc },
-      { 0x1ce963a7,0x53aa30cc,0xc4c5fade,0x7352f64c,0x2828afbf,0x2b9aa2f8,
-        0xca212107,0x64273c56,0x85a576dc,0xaadd7654,0x90b5c77c,0x6196ac3e,
-        0xd1aaf39b,0x20d43e9f,0xcd05cbc4,0xfc392062,0x4c0ff2fd,0x14163872,
-        0x2ae821e6,0xcf32b8d8,0x3fa7a3f0,0x5f58f943,0xf644ca92,0xaebf1d2d,
-        0x1918a75f,0x0c061563,0x6b876118,0x7989b5ed,0xad412441,0xbf342445,
-        0x1df633ab,0x24ffc9ae } },
-    /* 195 */
-    { { 0x93c7cb2b,0x89fcdc05,0x590053fb,0xc1243b95,0x6182343c,0x601debcf,
-        0x66c18a63,0x364546ef,0xec913287,0xa5290701,0xf9788c31,0xc35b8026,
-        0x92d1f7d7,0x852b862a,0x0aa79728,0x1809cb05,0xa3cb2005,0x897d467c,
-        0x9ef5b946,0xf20c77c0,0xf2241984,0xc3372c42,0xf35bb206,0xda053e0d,
-        0xa9c140b5,0xbc26c6d0,0xcb56fb33,0x61cfcc0c,0x299b3968,0x1c3cf9ef,
-        0x40621ba4,0x89e4d3d1 },
-      { 0xa45a9be3,0xd35e80e7,0x07356fbd,0xc4daa578,0xb967bc2f,0x0186d62e,
-        0x47cd16e3,0xa702679e,0x5f30ce9b,0xca2f1c02,0x1f864f50,0xf1205b46,
-        0x85061d66,0x7fd6d797,0x8a08809e,0x47edc4f6,0x9a4d3ae2,0x5dac0449,
-        0x6d1f9da8,0xf844664a,0xd7a83a71,0x9f30ce84,0xeaac33f1,0xe9382bac,
-        0x948622ab,0x1f033831,0xf7681eb2,0xb037a4ba,0x99a1b5c7,0xd156a908,
-        0xe6f1d0fb,0x675d3e6f } },
-    /* 196 */
-    { { 0x707193e5,0xd9767ffd,0x810358e5,0xe478aa91,0x328d8ef7,0x5634f9ff,
-        0x6dbbd9a7,0x913a0ee8,0x7e215686,0x379b2968,0x89d9da38,0x903f410a,
-        0x1b1334d2,0xd9f8d7b9,0xbd82efb5,0x9fe74229,0x3803c778,0xdb568b62,
-        0xd3d25344,0x93e9a350,0x724497e8,0x559c35b0,0xa169e23b,0xc472d436,
-        0xcc5b4c69,0x09864632,0x83c7f531,0x9f6d759d,0x1e497888,0xa91cf1db,
-        0x60af1a4b,0x5f7f92fe },
-      { 0x0545167e,0xf18a1cc6,0xaffa88e0,0x55ee2e02,0x432a7bcf,0x24cdff51,
-        0xa7510866,0x7382da42,0x40511af7,0xe894c11f,0x2aaf1423,0xaa4e4e31,
-        0xf63dd2ae,0x8c3d36f0,0xd7660635,0xfc5c9550,0x37ea7eab,0x01253731,
-        0x39b950f6,0x2a5cd598,0x40e63442,0x95a0f601,0xf2ac7045,0x905e238e,
-        0x446b0f73,0x44bacc0e,0xc448578a,0x4cd4206e,0xa5bd7803,0x367b1aaa,
-        0x0a2b458d,0x25beced9 } },
-    /* 197 */
-    { { 0x0c33a8fb,0x079a7382,0x0f25dc1d,0xcfbf6cd1,0xc6d482b6,0x4ffc73f8,
-        0x07bf844a,0x3e51f18c,0x599162f0,0xa7651236,0x14013811,0xac59a74e,
-        0xe55018a0,0x957a6865,0xe3ca09b1,0xe1ec51bd,0xa960253f,0xbc0c7eb3,
-        0x7de03f84,0xe83bfd14,0x52fbdb09,0xc0540ed1,0xcea15ec1,0x6ba52edd,
-        0x4b261307,0xf3d30ed5,0xe8397206,0x9bd7bae8,0x096373aa,0xf20d8692,
-        0xc3b0bf63,0x0a616a4b },
-      { 0x6e1339c9,0x2075f3ed,0xbf8b00a6,0x7afaa072,0xbccd9b47,0xdfafec82,
-        0x00ca54c7,0x4713158f,0x38bc31ae,0x449102f1,0x310dfc8a,0xaf98f158,
-        0x59e954d4,0xc9ef2075,0xc527a0c4,0xe8021af9,0x7a192023,0x6e801277,
-        0x7fb02377,0x635f538c,0xe8c9e951,0x5df1974f,0x15cc9097,0x0287faed,
-        0xf7a5115c,0xfa0728f0,0x0fac623d,0x90dbfbe6,0x0311ba09,0xa8d40fd4,
-        0x07c6464c,0x876d154e } },
-    /* 198 */
-    { { 0xc2d3ea8a,0xd3a4d6d2,0xa842600e,0x36be681b,0xe4070672,0xc53f100d,
-        0x6a7d7a7b,0xe3e5b6fe,0x5d5e1a83,0x6e6994f9,0x76097c2a,0x07cacd22,
-        0xa6791011,0x12d98dba,0x102e0e24,0xddfc4461,0xd493272a,0x4815dbc2,
-        0xa9436696,0x7e38e64b,0x32b2bf90,0x4960eb1a,0xd928e28b,0xda457525,
-        0x2a077c9e,0x72f75b39,0x7fd61d00,0x27760cbb,0x0f4b1456,0xaf235d1b,
-        0xe76d1700,0x3040c23b },
-      { 0x4efa9a70,0xb10dc55b,0x53e86610,0xd4de414f,0x09f8a27f,0x3d95c113,
-        0x06661d3c,0x505109a5,0x60eb513e,0xcaa2994a,0x1e7d338b,0x3ee41537,
-        0x4651e71f,0x4fd145fc,0xcbc313b4,0x51bbf838,0x1eb92150,0xb039e078,
-        0x14bf5ac7,0xe8696b44,0x8be0d48c,0x2d667188,0xdd8f2b6f,0xbe93b2f5,
-        0xeb8a7f8a,0xc1dfd1e7,0x90f751c5,0x862b3dd9,0xa32a74be,0x1eb1ad58,
-        0x1ebbc9a2,0x5486d79a } },
-    /* 199 */
-    { { 0xa1359e13,0xcb2e34ff,0x28196051,0x202d8dbf,0x23564b5e,0xe95e023d,
-        0x42f6ac12,0xfb1340b6,0xb653725d,0x543ba852,0x8d2466ad,0x81aedcd6,
-        0x547c728b,0xbf780224,0x9569fb65,0x559f8a11,0xdfb22ec9,0x505b7a62,
-        0x9eed5e52,0x07107540,0x299f6f11,0x9c899288,0x3db6f8c7,0xa7d69261,
-        0xb3ca79a9,0x30eb7fb3,0xfb2160b0,0xcab99bb8,0xd28b409a,0xd2012568,
-        0x5ac45f8b,0x380f1b0f },
-      { 0xe6a0068f,0xc0b99e6b,0xc8a73753,0x4b67cf2a,0xb2faeb7c,0xa6c9a548,
-        0x340260c3,0x7f417f99,0xcc0f739e,0x8ee56855,0x780949da,0xf08b510f,
-        0x8d5c6eff,0xb1770fc2,0xfd96a7bb,0xb4f5abee,0xf2665a2a,0xa07b1136,
-        0xb601dcf9,0x2fb380a4,0x162becc6,0xcc803614,0xee6b83b3,0x3498fb96,
-        0xa8c17eeb,0xea9b0fd6,0xa177efc2,0x5834b5ba,0x5b110b3e,0x929044f5,
-        0xebd7285e,0x4abedded } },
-    /* 200 */
-    { { 0x700ef376,0x3355e1b9,0x66cdabff,0xd56e5d9a,0x47e87646,0xb3dc2575,
-        0x00f79369,0x28f44b8a,0xa0c52e29,0x08c32b1e,0x3729b392,0x5a78de12,
-        0xb26d239d,0x4184519a,0xe0ce4a6b,0x23f6b4b7,0xacb2a9f9,0x235f6f8a,
-        0xe2064a59,0xbb8bc454,0x1bf3062e,0x37efd034,0x94dff6f9,0x6bac683b,
-        0x8aa7fa06,0xc3364b1e,0xce0b3745,0x0616772a,0xd1e3fb0f,0x46f08d08,
-        0x18e132d3,0x6a20abb3 },
-      { 0x6a85cbc7,0xea831016,0x934f9aa7,0xd0990946,0xe778f1b3,0xc2211088,
-        0x2247b799,0x7ea4ff8f,0x454484ce,0xb3171d71,0x4f98c364,0x29403949,
-        0x97df1458,0x5da911f3,0x09439116,0xa6b58093,0x174238bc,0x75f9509a,
-        0x8209758d,0xfeb51821,0xa47925d0,0xae0c6021,0xaf8a315e,0x0e946694,
-        0x6bad04b7,0xae7af8a3,0xf072447d,0x44c15e7f,0xa5456ffe,0x5184668a,
-        0xbf36b977,0x45e353a7 } },
-    /* 201 */
-    { { 0x93092f71,0x76056764,0xf5b92d71,0xeb66b6c2,0xe2c8b6c5,0x9db3149b,
-        0x20c0363e,0xf62f583a,0x03cd7097,0x688acd33,0xebb916ac,0x85d0c0f8,
-        0x84c19b0e,0x1bf7462c,0x7c4a6ad1,0xc76ed5f9,0xd119f369,0xec8b88ba,
-        0xebe50b83,0x59b8371b,0x866706a6,0x0cc69508,0xf8373d2c,0x531c75a3,
-        0x2a5a02fb,0x4e1cd3a3,0xda39a1d0,0xe8274778,0x75da333e,0xedfc5bbb,
-        0xca79bd36,0x15941f24 },
-      { 0xa77dd512,0x42e8c0f8,0x1dc365f6,0xa91b59a7,0x08753862,0xe80d14cd,
-        0xd272faca,0x1624230d,0x4027cb5a,0xeea3ec16,0xc1ef9f03,0xc1700b59,
-        0x0da3148d,0xd411c127,0xc4181af1,0x801ee448,0x9e3a900b,0xedf28559,
-        0x0d09affd,0x5d67b0bd,0x8b370024,0xd839df96,0xe6f836b8,0x3b6307e0,
-        0xbd3201c9,0x5382e588,0x7a1d02bb,0x636d8a6b,0x968641e9,0x70b7db76,
-        0x118fad03,0x6d17c34a } },
-    /* 202 */
-    { { 0xc181c99b,0xcf608841,0xc87bdcaf,0xb65dc901,0x3720dabe,0xb460b447,
-        0x5377515b,0x4c79c396,0x0a96c277,0xd447f22e,0x2ac0f440,0x0d952130,
-        0xc90583ad,0x8330b26b,0x928904a0,0xe25e977a,0x85c50b18,0x1deaffd9,
-        0xa5ad5f6a,0xcf4dbcb7,0xc8a37ed5,0xcbcd0019,0x1e9850b6,0x7846dd90,
-        0xb0b8e605,0x1ac8194a,0x34132f90,0xb9728571,0xf56ee28b,0x4ce9f149,
-        0x3e9e1d4e,0x1ab9b5a4 },
-      { 0x314fa7a3,0x206dab92,0x478ff963,0xcc4af0f0,0x904d9fdb,0x4cce1713,
-        0x12c045fe,0xac20a2eb,0xfd8f6d7d,0x44fc5478,0xca7b6ffa,0x886e72c5,
-        0x6fd6f758,0x7fa4529b,0x92a820d5,0x4df1d1b1,0x2789f149,0x3d812f9f,
-        0xaabb53d2,0x9842f083,0x2a03ab32,0x2648539b,0xb1512502,0x631ce090,
-        0x731f6bd5,0xe1294d15,0x9436e634,0xb229361d,0x3ca966af,0x8c4281c4,
-        0xc21ab3ed,0x24b34956 } },
-    /* 203 */
-    { { 0x659824e2,0x49bdcb86,0x4e13e74c,0x6dc4ce48,0x6bbe1eea,0xa4c01a26,
-        0x1e3ec457,0x47b2b8e7,0x2f5a8e4b,0x7e8b15e0,0xe333530d,0xe81eb6e6,
-        0x17a45202,0xacba369e,0xd70e4c9f,0x81241431,0x3e12beb8,0xc190af4b,
-        0x11f486fd,0x53270523,0x29fb2bce,0x9f6c41e1,0xb70f6c08,0xbe6287eb,
-        0x3feb4477,0x1479850a,0x9bcf18bb,0xfcfdfb11,0xda80d040,0x925c292f,
-        0x7e3c5bf9,0x212d65e5 },
-      { 0xca15cf08,0x23adb386,0x81e172eb,0x4dfa4ac4,0x4d42d0c0,0x9d1dbf93,
-        0x74404dc7,0xd9cf6073,0xe932bfcd,0x60508441,0x1c682a98,0x9ae910ca,
-        0x41ac1cc0,0x9528fc18,0xdbbed630,0xe6a120ae,0x30ccf250,0x94e0e1ec,
-        0xe58bbf2f,0xfe84ba54,0x9faa4415,0xc66d0b4f,0xecee7ce5,0x0c58f1e7,
-        0x6fa6873a,0x7a1d43eb,0x399f1348,0x96c6c5a0,0xe6727ab7,0xe6ef9aaa,
-        0x9a5c2447,0x66afa554 } },
-    /* 204 */
-    { { 0xc980e91d,0xda5aaba8,0x6ac98efa,0xa93cf509,0x8da32662,0xb0990e0a,
-        0x0081453e,0x01d21530,0x3d71de84,0x2bb0d33e,0x3e19a012,0x465f6d80,
-        0x78a838e7,0x5902ff4c,0x1931348c,0x74e2afb7,0x9cfb057b,0xa4932757,
-        0x3ad03f8f,0x761ea642,0x58ffa40a,0xb7d4c245,0x77a87e30,0xb5e9c0d9,
-        0xc9c84d26,0xd1c5edba,0x3d1963a0,0xeca8839a,0xebf6bf0d,0xbc6f2f35,
-        0x0d58abdf,0x01ef0631 },
-      { 0x3ecdcbb0,0x2bf90316,0x27c1c955,0x19e2d728,0x9575c930,0x9e527030,
-        0x96983930,0x0dc1c5a9,0x7cd082df,0xef9f80ff,0xdf97e051,0xcd915075,
-        0x9cc61b55,0xf286fffe,0x80f24cc4,0x352db38f,0x36523ae3,0xed9b99ec,
-        0x10b104a9,0x109a8ca8,0x305203ad,0xc2700fe7,0x769400f5,0x2a2ee24e,
-        0xee0c452c,0xd595d399,0xf7f02a41,0x0ab75d6a,0x0db730b7,0x34108099,
-        0x5e8d1202,0x0e4f5ffd } },
-    /* 205 */
-    { { 0x0ff14c38,0xbd1c6444,0xaece11f2,0x9a5b59fa,0x22af6330,0xaa4605a7,
-        0x82af24ee,0xddc9f65a,0xeb9a1159,0xf4ee4bfe,0x74e84eaf,0x2463d076,
-        0x0e0baace,0x88cbe1e0,0xd5fabdcb,0x7ca568ea,0xc57eb99d,0xbd80d524,
-        0xe9be9873,0x9c46572c,0x7300b85e,0x918a1dcd,0x40f54176,0x49221312,
-        0xb5b14236,0xf7e324ff,0x2434f16a,0x40dda501,0xa133d97c,0x08833421,
-        0x0876f020,0x33d41161 },
-      { 0x9878e5ec,0x7531a36b,0x46918232,0x5de3e321,0xd0a30464,0xd15f9a33,
-        0xaa173659,0x734c1b87,0xf925d4fe,0xac2094a2,0xc262b0f4,0x43c965a1,
-        0x447d5cbc,0x759c903e,0x05239300,0x92af215e,0x1f593f34,0xfffb6d5f,
-        0xc3cddb5f,0x65943b4b,0xbfdd5408,0x9d03a29c,0x198d76c0,0x8f7cda6b,
-        0xc0f27b59,0xc0790a22,0x8cb58ccf,0xba557a84,0x76c54fdc,0x5922052d,
-        0x47b6b466,0x2d3de7aa } },
-    /* 206 */
-    { { 0x65add3b7,0xaade7462,0xabf24c2a,0xe5888f35,0xe1a57d93,0xd41549ca,
-        0x2c76f7bf,0x0e22e18e,0xbe3202b3,0x67f288ea,0x1d1d0f0a,0xb79a66ba,
-        0x2881ad18,0x0e0ab749,0xc7adb0e9,0x7d424086,0x2842132f,0x870c32c5,
-        0x58f9a09e,0x858477f1,0xec025589,0x422a9372,0xa5098777,0xbe428c5c,
-        0x57660058,0x45b79564,0x957f37cf,0x6c7fc631,0xd6316289,0x8b7023dd,
-        0x5b1c12a6,0x47003bb6 },
-      { 0xc91c1c96,0xd99401c1,0x27a12970,0xaa5dcdf9,0xc3c29107,0x3ab92e17,
-        0xa3fe4710,0x26fce8f7,0x4ee998ee,0xb0d09d5e,0x8e3a41f8,0xafa62204,
-        0xa26ca506,0xb1c012a5,0x99b57252,0x2c6f734c,0x512f7fe1,0x1093d79f,
-        0xacee19a6,0x2f30906e,0x056d1ea6,0x6bff8381,0xeff35f21,0x61c75856,
-        0xc1ad2224,0x6e07e978,0x6b20fde8,0x2cca6ca1,0x633fe81b,0xab4d6d2d,
-        0xb06a2ce6,0x73dff504 } },
-    /* 207 */
-    { { 0xd8e20fb8,0x8b615805,0x82b533f0,0x7c6873e4,0x56a854ca,0x5205f001,
-        0xcb369211,0x87fec6ac,0xc7f092b7,0x1fa3c0ec,0xe845fe4c,0x5b36647e,
-        0xf8b1f112,0xd4781e85,0x8b0f1a6f,0xc6526839,0xdcb8eb92,0xceeb8c6c,
-        0x8e5f6d52,0x133f0ead,0xc8d934dc,0x31883e23,0x428ac45a,0x214ed5bd,
-        0xdbbfca85,0xf77ca492,0x07e5ae13,0xdf4113fe,0x72ab05fb,0x63e4a0d2,
-        0x7148f535,0x7544d0b7 },
-      { 0x80797ace,0x4fe8d134,0xaf86d97e,0x216d6aa0,0xef5a68fc,0xdbf0a688,
-        0x9f9b2684,0x18b26f45,0x8999d2fc,0x52fefcfa,0x62423955,0xd5af8d82,
-        0xf63a3780,0x8f123469,0xdcd4feaf,0x2933454f,0xa73b5d09,0xba8018b7,
-        0xe5552c18,0x9af1f276,0xff26bb1c,0xc5d4773d,0x06dd4f44,0x9ef49410,
-        0x5f39ba49,0xad8f12f9,0xf66ca4f2,0x5767f6dc,0x7922f59a,0xba8773f1,
-        0xc1e42d49,0x220081ea } },
-    /* 208 */
-    { { 0xba37a0ba,0x3043d573,0xdd176df6,0x05a431bc,0xc42070f7,0x03322cfc,
-        0x67c2d109,0x5cabd30e,0xcbf8bcfa,0x362c95de,0x7787b10b,0xd767d277,
-        0x6ec05e64,0x612c915e,0xce69c30e,0x9e669631,0x682e2635,0x27c9dd8f,
-        0x95ffcc38,0x79021f12,0x8a2adca2,0x06a8ee79,0x4b5d500a,0x8e00e784,
-        0x8d80d6c5,0x87746fc7,0x915f10cc,0x246053be,0x219f6fd8,0x844e328b,
-        0x11bd3733,0x620541ac },
-      { 0x509e5a29,0x0f7fd382,0xb432531e,0x8748d7d0,0xcd3883b9,0x8f749354,
-        0x8bfbb17a,0xc6b8ac74,0x05f2d2c5,0xa4616a66,0x1bcb1b83,0xb3d96625,
-        0x2fee265a,0xcf753104,0xdb225058,0xc70d73fb,0xf0c2d556,0x1211d434,
-        0x54b259b3,0x862061d8,0xc42b3f7d,0xffe4606d,0xe86a4949,0x4c5c8585,
-        0x160eedac,0x04ddcc8b,0x568e2420,0x1804ce67,0x42141656,0x91f3855a,
-        0xf932be97,0x7f378198 } },
-    /* 209 */
-    { { 0xdfa6639a,0x9a374bda,0x02ab7391,0x0cbd48d4,0x47031e2d,0x5c5ef236,
-        0xd0599d1f,0xb49ee2bc,0xe0d38443,0xd285eb60,0x269392e8,0xdbbea92f,
-        0xb8bc538f,0x91455fbf,0xe469b768,0xae259ff1,0x41de5682,0xc1cecb1f,
-        0x9952d1ae,0xc876f071,0xe7bf7446,0x1ce25181,0x282ad2f1,0xcb93ad86,
-        0x6ba4ef67,0x8fa3cd31,0xe507aa3e,0xfce68a04,0xa61bb608,0xced74170,
-        0xf6ac10d0,0x6de716b3 },
-      { 0x172d6dc5,0xd4e58d04,0x6397c65c,0xbed2cde6,0x0c9eb4e8,0x7ae77e18,
-        0x75fa2edb,0x56275468,0xa91e6738,0x4b30324e,0x235c8b2e,0x6023a856,
-        0xa8f92887,0x9df6d6c2,0xf6f5e8b5,0xec2c185f,0x3ad5748a,0x7892e12b,
-        0xd54aefbc,0x7aebb4f2,0xee868821,0x14915448,0xb1d9bd5b,0xa26c5f71,
-        0x2ff00df7,0xe5ccd166,0xb95b1dee,0xebc99f17,0x3fe1f774,0x90983616,
-        0xbb3d25b0,0x51f90830 } },
-    /* 210 */
-    { { 0xf2922461,0x49376fa1,0x1650d0d1,0xdbb1b1c3,0x0dd8608d,0x92b91c33,
-        0x36b89906,0x3e612c4b,0xdf560052,0xe1977b0b,0x636a2545,0xf8afff70,
-        0x11723d8e,0xcda7d278,0x81bde7ba,0x0b0bc4bb,0xed2a578e,0x3cb080b2,
-        0x171b2e02,0x5bda0d0d,0x941bb9ae,0xf6df38cf,0xc14a65c5,0x85dd81db,
-        0xc19dd98e,0x7f98c82d,0x52206f93,0xc613747f,0x5f5bbe78,0x9e13a2c2,
-        0x0aa34be7,0x5eed218e },
-      { 0x01d4dc0b,0xe1565754,0xf566bb07,0xa1ae5f27,0xb82225d5,0xe985ebeb,
-        0x1189ec6b,0x5f3ad21c,0xecce4d9d,0x17da518c,0xd6b65b59,0xc84a2d3e,
-        0x8ffa771c,0x7f988175,0x2ac69a7a,0x50d6ae12,0xc6e6846d,0xcb7f30b1,
-        0x5bd0bb13,0x8c023a60,0xd73f2407,0x9a10fecd,0xe5f0a996,0x8c5158cc,
-        0xbd8f5806,0xd26bf615,0x915a46e1,0xaf32ea87,0x0287d308,0xeaf74e81,
-        0xa6264254,0x8c14ba06 } },
-    /* 211 */
-    { { 0xb17ee201,0x0c877895,0x88e57a77,0xc05aa471,0x97822456,0x19c3e763,
-        0xc9c3ba1d,0x0be6f8c0,0xb4389ebe,0xfe85f4ff,0x0ce7fbb6,0x538bccce,
-        0x65266c64,0x876eab2a,0xcf9a3842,0x5c9ac690,0xccc8f981,0x9f5cf3b1,
-        0x9cf687de,0xfa17be6a,0x83835c15,0xfcfc10fc,0x150ef2eb,0x086b0fdb,
-        0x884a52e6,0x9f97ecd9,0xb0cd1eb8,0x416e6fa2,0x3ecc03ba,0xe2bd1599,
-        0xeabb165e,0x645c0a5d },
-      { 0x50aa7e31,0xd94c4205,0x2f851da5,0xaec8df0c,0x3c726e6a,0x99646909,
-        0x2619bf9a,0x72dbdc36,0xe253fbd5,0x1b4260e0,0x8c709e06,0x97c259fb,
-        0xcddaec5b,0xfabf7cbb,0xe4b703e9,0xb4d5e8b1,0x0734efdd,0x1b06e56e,
-        0x1f55f8a5,0x02d4a4f9,0x3f565c8d,0x7f8608ba,0x816d1d94,0x822f47d2,
-        0x5ce7b136,0x0cc36156,0x31d04242,0xe46ee5ef,0x683567f6,0xb2a65f70,
-        0xd2fa6c91,0x27e9ff40 } },
-    /* 212 */
-    { { 0xd7e952e7,0x75251893,0xc735bf18,0x15b30583,0x96fe0491,0x732b5992,
-        0x806d2fca,0x27451858,0x1b885ed9,0x71ab76a0,0x6d9f55ec,0xbdce9d97,
-        0x48f2ba9c,0x3da60b20,0x592b132b,0x6977c086,0x099051d7,0xb6dca9cb,
-        0xd188ae25,0xd9c2ab23,0xe20aaf3d,0x9f469f3f,0x5aad74d0,0xdbd1f7cf,
-        0x22a9eb3b,0x3d5efe5c,0x137010c4,0x8c5edfa2,0x57870260,0xada2217b,
-        0x3dac9776,0x4feee567 },
-      { 0xb5d3d780,0x30e18d52,0x07166744,0x4dadb5d3,0x5a742156,0x320d386e,
-        0x8d6bbb86,0x5d8c290e,0x2d263dd1,0x981a4323,0x98984636,0x33d0e7ca,
-        0xa519acb1,0x5138784d,0xdddc81ff,0x832e3fab,0x3199a43a,0xfc278594,
-        0x32743163,0x5b4cabcf,0x74f94fa7,0x9fa010bd,0x5694a627,0xc28a743d,
-        0xcb657a24,0xc1d2a888,0xe86a25ea,0x7eef2503,0x04c561ff,0xed11a5d3,
-        0x9c9ede0e,0x4fe818e7 } },
-    /* 213 */
-    { { 0x7fc1c7ff,0x00252c9d,0x9fa89ad1,0xa9bd419d,0x4064e9cc,0xc93a124a,
-        0x43942ecc,0x384cbcb8,0x8749695b,0x004c21fd,0x421165bf,0x69c81d9f,
-        0xdde01102,0xe2325628,0x5a9b004d,0xec937457,0xf6dcfc21,0xfb3346bf,
-        0x4d372c7d,0xac4da64b,0xf20494e2,0xcecb7ad3,0xe867c150,0x562c41b5,
-        0xc2b723d8,0x299395ce,0x7ee53231,0xc91adfc5,0xf10b6597,0xe06f1161,
-        0xb74d3ffc,0x81915529 },
-      { 0x6ed9d4ee,0x8ec12431,0x689aff01,0x3dffa154,0x2a89a3f4,0x4aba349f,
-        0xd467efb2,0x2db1e8e2,0x039102e2,0x18dea354,0xe52f082b,0x422ab853,
-        0xed36dd47,0x7130a2c1,0x0295d1ee,0xca60e86d,0x7c7f5ad3,0xe6ac6808,
-        0xde864658,0x0f83cecf,0x461d1265,0x72e66c21,0xbd385099,0xfeef4150,
-        0xa6632289,0x0f183f3a,0x792dc795,0x275454be,0x11367702,0x2744c11b,
-        0xe8ea6ef3,0x7d06bcc7 } },
-    /* 214 */
-    { { 0x7090212f,0x89285942,0x5521e844,0x691b7d4c,0xbe2dbb92,0x4c038422,
-        0xbd81f880,0x317721ed,0xac89bc36,0xc136cbee,0x7b8f004d,0x4f71b60b,
-        0x4e218ab8,0x269132d0,0xe6cc814d,0xb0e2496e,0x75fadc15,0x0b2ce317,
-        0x66d223c5,0x82e3c084,0x4c612f8b,0x9721caa6,0xa4b65355,0x59a751eb,
-        0xc7d3d9d1,0x3433aad5,0xe80d4246,0x1e61b9d2,0xfc673caa,0x149f655f,
-        0xd0f9cb92,0x48b52b99 },
-      { 0xefdc05be,0xa3915399,0x13e095e9,0xde70db18,0xcddb3fda,0x447862e9,
-        0x1a009451,0xa2b03162,0x23920ea3,0x4b27980c,0xa23b8feb,0xac5394f1,
-        0x3e5616d4,0x163f7256,0xb714219a,0xaa0ff93f,0x93d62474,0xd26f96d2,
-        0x7dcfe276,0xdd212ea8,0x47038d15,0xab27bf2f,0xf418168e,0xe58c8325,
-        0xb32a989a,0xe3704222,0xbfc9f13b,0xa3694390,0x0d0684ad,0xf16e2606,
-        0x9d8c76ec,0x17c0de87 } },
-    /* 215 */
-    { { 0xdcc01958,0xbca5f453,0x1ce88393,0x7d945954,0x561f5b6d,0x5e6350a1,
-        0x7e2d36bc,0x291c3c86,0xa5ac3a6c,0xf6c7ed84,0xd98006cd,0x7913c40b,
-        0x5671ec3b,0xf78bb087,0xb43e89a9,0x1c928f6e,0xae1ea1ed,0xfdf28df3,
-        0xb924b2b5,0x62bba5b1,0x1a116e05,0x491d2705,0x167ed3e3,0x08ec02b7,
-        0x5bc0b046,0xe291cf7b,0x8c5d7f59,0x30e50169,0xf5c799b7,0x0c7c350d,
-        0x0ac6e1d7,0x6862b9e2 },
-      { 0x9ffa1f64,0x56c6f4e7,0xa1e24349,0xfed6a91a,0xcdb75232,0xe9a0ee0c,
-        0x0322d607,0xbfc90b37,0x462fef87,0x29480ad2,0xc2bfcf34,0xfc214969,
-        0xa539e38f,0x6e5211e0,0x12a5149c,0x2a59ec26,0xd706b532,0x195fe212,
-        0xe99c8429,0xf77fb108,0x5dc80482,0x74ceaea3,0xbd92d298,0xa5a6030b,
-        0xaaea15ee,0xad42dca5,0x4987109c,0xd6ac3bc7,0x290af649,0xc64e1c40,
-        0x51f8de6c,0x5093fa2d } },
-    /* 216 */
-    { { 0x4c2d553b,0xc4cf3280,0x3b966c29,0xdc1abe22,0x2296914a,0x556a549c,
-        0x999976c9,0xd8c9f8b5,0x776e83f3,0xc22c57bd,0x7c85ec57,0x4f2942ab,
-        0x6e2c61f5,0xef3407e5,0xf213db48,0xf005e8ca,0xf32698c7,0x470c853d,
-        0xcac0a54b,0xe6f488d7,0x60b7501e,0xb6bd6bed,0x714a4bd9,0xf0103106,
-        0x6e098894,0x5285bc3b,0xf5f92a00,0xec06741a,0xef7ef24a,0x32f16426,
-        0x6c77a438,0x12f9c44d },
-      { 0x83313a1c,0x1951e964,0x33c58b37,0x98edd3da,0xc7ac4044,0x4edbbf52,
-        0x0dcb5ee8,0x866ca6f7,0x6dd422f8,0xec0ae8f5,0x0661ec2e,0x1077bc54,
-        0xd422523c,0x6d39913a,0x58e7cb3e,0xd105e1e8,0xc979bb45,0x47c9397f,
-        0x0997b592,0x3221d4a9,0xe8952fe7,0x0ef628a3,0x4e946241,0xd08d5827,
-        0x59780f40,0x64cbed0f,0x08e110ec,0x13d7c227,0x7679b1a3,0xd186d866,
-        0x26ae1d18,0x02f75e4e } },
-    /* 217 */
-    { { 0x47f307d7,0x1b637ebf,0xd0141477,0x6b644a6a,0x2e05a80c,0x82a33d65,
-        0xfed07b31,0xc8f1a0f3,0x3696e597,0xc09ee7f9,0xc7ffc01e,0xcdaa7ec3,
-        0xf8f373b9,0x549f88fe,0xc3bb8989,0xc88d1961,0xdfcaa7b7,0xd92a4fe9,
-        0x3ae4ab20,0x12ff9ee2,0xf5ecb1a5,0xf5aea641,0xe32fb47d,0xe769237f,
-        0x25d085c0,0x96a5c420,0x26c755a2,0xdc912558,0x9bce9723,0x580b985f,
-        0x63961941,0x72b1b566 },
-      { 0x790e5558,0x9d708a08,0x0689af80,0x98536041,0x42313b5f,0xe85e7b8a,
-        0x55a49d1a,0xe6ba1292,0xac371b0b,0x5e76c4b0,0x938e6e19,0x58504f39,
-        0x60ae9a21,0x8dd41422,0x968485ce,0xd8b04e9b,0x887efe43,0xf94c4ba5,
-        0xf11c5e73,0x11268e67,0xcf6b99c4,0x92623e28,0x7a0a9662,0xf2d0aaa8,
-        0x4ca02ed3,0xb266772a,0x2d63b551,0x68ee8e4e,0x2e78b5b5,0xcdebb299,
-        0xe17225ad,0x5df19216 } },
-    /* 218 */
-    { { 0x8df2e7e3,0x20027e1e,0xd8da07de,0xb183cc68,0x4b4ae694,0xce35ba69,
-        0x3ca62e88,0x896d97df,0x52efed2c,0x3de4713b,0x26bd084f,0xd006c40e,
-        0xfc81923b,0x1e9b71bb,0x1aacc6b0,0x9991c7b6,0x8f656840,0x650c9364,
-        0x87f47524,0x138561d1,0xbffd3ca2,0x610f2b11,0xfa191418,0x96915faf,
-        0x955e5309,0x8f1236de,0xa1872d79,0x613cbeea,0x66a2a48b,0x7f7b44ea,
-        0xe0a89c32,0x452265c2 },
-      { 0x25430010,0x4ad5ec79,0xebd090c0,0xcac786ff,0x20a9d3f5,0xa5f9f4ff,
-        0xa3edc65f,0xfcbf4112,0x0cf3eb11,0x8824839c,0x8aa5b700,0xb8dd6d4e,
-        0xb7568ab8,0xe2271dfd,0xb744560e,0xe43ec373,0x1cf75296,0x78eaf926,
-        0x3fa96d9b,0x1809ae0e,0xdc25dfd5,0x0b312d2d,0x6bab7711,0x6b8f78b4,
-        0xb5ecf1e4,0x069efc8d,0x609fecaa,0xc1952bae,0x5f4dbde1,0x43e302ed,
-        0x1e078555,0x14b02bf9 } },
-    /* 219 */
-    { { 0xb87e5b57,0x2c71c768,0xf531a557,0x0bcc78f7,0xf7597dc8,0x4ff93f8b,
-        0x139e175f,0xb28e026d,0xcb94ca6c,0x6b83b727,0x0079f7fc,0x2eafe3b2,
-        0xcf3bd170,0x2aca54de,0x6af0dc6c,0x17c4133c,0xccf5e35e,0xbea1e665,
-        0x345505c6,0xa6691a48,0xe6100b89,0x2633abd0,0xc17d0388,0x966c6706,
-        0x1a0cf90c,0x7aefffbe,0xd0add64c,0x4d847be7,0xaea2aa46,0xd49bcdfb,
-        0x2cc7d0a5,0x85e07e74 },
-      { 0x0bc25bca,0x23aae0a6,0xe44f64ec,0x6e8e55f1,0xb607b773,0xe1e696d8,
-        0xd3005909,0xaa90a746,0x2cbc4990,0x072b1ccd,0xc68e2f5d,0x0d0fe6c6,
-        0x53e28ec9,0x920ec5f0,0xf0040cc1,0x79b21fb4,0xfcc4a2c7,0xa7375bd3,
-        0xe1bac7dd,0xf5f5def9,0x35c0f8d3,0xdc315d79,0x2cacd318,0x7117c170,
-        0xe926f71c,0x6f2823c4,0xed02f39a,0x38db58bb,0x7db69323,0xe5b49231,
-        0x8d49f430,0x0964039f } },
-    /* 220 */
-    { { 0x56999eba,0x21774f16,0xb1de6305,0x3d8ee287,0xde0b2669,0xd81af726,
-        0x3f8942a1,0x37446939,0xea03e13c,0xbcf6b615,0x94e273cf,0xd30c0c35,
-        0xc6725c56,0x4fd33a56,0xa8be97a2,0xa57534ad,0x7c22a251,0x799242a6,
-        0x9d0c5c49,0x4e51bdb5,0xc6a42768,0xd7cd76cc,0xd426bf59,0x914097ac,
-        0x66e9beb2,0x59404a2c,0x5c96e3e9,0x4738fe98,0xaad666d0,0xbcbb3e0e,
-        0x63bc5e56,0x626b0fd2 },
-      { 0xe1a1ec42,0x47217dba,0xab5acc50,0xaa6ae7db,0x865331d1,0xb7e1ab1e,
-        0x3d30126f,0xb8453070,0xdee61851,0x280649e0,0xea689544,0x8806f4a3,
-        0xcb56f632,0x4bbe43ad,0xbcaff94f,0x036b9bda,0xbd0637be,0x0d941e65,
-        0x686f3abb,0x82179d44,0xaad6afd6,0x1486912c,0xff7e1534,0x9a3b891e,
-        0xeb86fd96,0x88c426ce,0x117928c3,0xb56e6a81,0x96399e00,0x933e7135,
-        0xa17b6ac1,0x09bbddd9 } },
-    /* 221 */
-    { { 0xe4fd3673,0x75e39c1d,0xa65c8e07,0xf880d9d1,0x7289c7fe,0x4725c1dc,
-        0x3529d200,0x5b6735ee,0x3c747af3,0xc1f8f2ed,0x912efdf5,0x5cf3998f,
-        0x49859c39,0xed722618,0x0e69795d,0x23793a2f,0x86b1d2a7,0x8a6ab8d6,
-        0x22a882e4,0x00c815de,0xf9db8d7e,0xbe77d6fc,0x02267547,0x0886fb32,
-        0x49c10edc,0xb62687d4,0x7c83ed4c,0x9f1c3e17,0x5af366ea,0xe6d5d7f0,
-        0xd1efad24,0x2eaa01b8 },
-      { 0x1f357c74,0x5e47fb70,0xa9e3b794,0x93085c4a,0x6e85a905,0x4f098733,
-        0xbe0244c9,0xf53808ff,0xa3b5660d,0x91dddf93,0xf3b95ed6,0x8b76377b,
-        0xbb3920d4,0x91b911b7,0x86a13cf3,0x7ccf08bf,0xea018e58,0x53ed8f97,
-        0x78c55194,0xb1ea4343,0xe0d2d5a6,0x8e6adde9,0x9b96259a,0xfc2b248f,
-        0xeef17ddd,0x96ebceae,0x557f9c85,0xf694b443,0x07d5bba8,0x48cd150f,
-        0xb4c1986b,0x02d31de9 } },
-    /* 222 */
-    { { 0xde79499d,0xa6bb9e1e,0xfd0fc2ad,0xf6ca8ff8,0x1a7d9356,0xbec0f8e8,
-        0xe8f06327,0xbc3d1c9f,0x3b300beb,0x805c7217,0x413c181b,0x00420a08,
-        0xf0ca9d01,0x9e9a167e,0x1aeeddd6,0x076c909d,0x8e3a8a72,0x64a1997f,
-        0xa77b429e,0x3ce7f7a7,0x5c94d3e9,0xaac0fbf4,0xe6d48407,0xf37694a7,
-        0xa91921e7,0xf56679e2,0xee1dbbd6,0xf23fe0f3,0xcbf9fa99,0xc7917566,
-        0xe0f4d765,0x965860f2 },
-      { 0x7fa5f79c,0xe734702b,0x5af2d26d,0x930bd426,0x6c73e0ce,0x45bd8b98,
-        0x4ee44a2d,0x7dbe7bed,0x956c8a1a,0xc129e024,0x77cdf80e,0x6fdc05ac,
-        0x589ca59b,0x70a6ba2b,0x999825af,0xfc484021,0x7a23f0b6,0x1d284b54,
-        0x28a0a8af,0xb1da10a4,0x2b2af6d8,0xb1eb1b31,0x33935ee3,0xf051443a,
-        0x8effa6ec,0x7a07eb26,0xd662654c,0x16ee4086,0x4549ee4c,0x7a7bc501,
-        0x1fa98a52,0x65081032 } },
-    /* 223 */
-    { { 0xb67ed9b2,0x49f0e460,0xc36d93d2,0x0cda0fd0,0x88c75e1c,0xbb5963e9,
-        0x614bc0c9,0x757bbe93,0x9a768605,0x9a9b8801,0x48edc544,0xa8b7e2af,
-        0xb51a5985,0x9e77ed9e,0xebbf024c,0xdd025274,0x1545c636,0x598b6288,
-        0x4800dba0,0x39bdaed0,0x81e2a23a,0x7fc20139,0x550cb4f2,0xdc66fd5c,
-        0xb52068c7,0xad27032f,0x8169fa15,0xc9a0bcae,0x3a7ca8a2,0x60606f21,
-        0x9862652f,0x98295046 },
-      { 0x2e11c128,0x3e374600,0x0e6dca7e,0x80dfae5d,0xd9552264,0xe44016e2,
-        0x880b7143,0xf65f88f2,0x526b881c,0xca3d28d4,0xdfb86afe,0xf9c59dd1,
-        0x4c74f958,0x548860c2,0x9cb69f4f,0xd06ea43c,0x7334ecec,0x5343c9ae,
-        0x35329713,0x5cc2ccd6,0x5f3a6c0c,0xa95ff403,0xb372653b,0x2e01a1cc,
-        0xa250523d,0x31510fdf,0xa6227eb2,0xeee538e2,0xca23cd10,0xeadfc8a0,
-        0x3e78f54b,0x4b7e6e1b } },
-    /* 224 */
-    { { 0xdb5f928b,0x79c9076f,0xb7347cec,0xe6250bb6,0xac00ec41,0x54b67798,
-        0x9d9619c7,0x900d20ba,0x59e4343f,0xed42c0d0,0x451935d7,0x3df39e85,
-        0x64f701ce,0x26391182,0xe1f87aac,0xce8f2554,0x65f91aaa,0xfddd6789,
-        0xa324539f,0x96cd163f,0x4bace995,0x5c815f2c,0xa94f9ea5,0xd78c8c2a,
-        0xef24e455,0x7ab2aff4,0x1cddc26a,0xf0ed6409,0x00ca2822,0x954a420b,
-        0xd3297658,0x0611c4c5 },
-      { 0xa9e81829,0xf192001c,0x08a282cc,0xded33320,0x8f9ded9b,0x0bfd7de1,
-        0xb7889003,0x6793ac0d,0x3577a5dd,0xbb00d91d,0x802d3c2b,0xe17a23a7,
-        0xfb549014,0xff95f88c,0xc71b6e07,0x7cd1bf4b,0x23588c8b,0x2e3b24a0,
-        0xa4112076,0x9b5335b8,0xc4056d30,0x2481c05e,0xe916a1b5,0x55c7410c,
-        0x850179f4,0xbbe03271,0xb3cd1208,0x15e6c177,0x90cbfe50,0x509a24c0,
-        0x1c108566,0x82079529 } },
-    /* 225 */
-    { { 0x1c7d353e,0x5d2d3cff,0x7de0ce3b,0xd5e7eccd,0x6ca87635,0xb4b1075f,
-        0x25f9ad3e,0xda8404e0,0x205cb5ae,0x6b963e89,0x09f221a1,0x9e5ee0d8,
-        0xea41aca4,0xd64c85d9,0x34442a34,0x6a46c4e9,0x3cf655a4,0xac6ff97e,
-        0xe5417d7c,0x76565c1e,0xeebf9c4c,0x681009a9,0x88da6388,0x95b61d39,
-        0xf6b472c6,0x6402b46a,0x0b7f1171,0x1fde5165,0xbe0c05e3,0x94f8f273,
-        0xa88344a7,0x7487b036 },
-      { 0x9c3e2370,0xa860e575,0xf8048719,0x19d58193,0xa6e2f9aa,0x3a0dbf3c,
-        0x6144719b,0xb6c7e959,0xdeffec21,0xa9049c74,0x3f50cebf,0x8ba064b2,
-        0x49a1de15,0xb12822c0,0xb1d527f2,0xb654b7d9,0x0ffd0430,0xc470859d,
-        0x4f05446b,0x37c74a67,0xa3add995,0xe553251b,0xe33533b5,0x4a3ed6cb,
-        0x27e419ce,0x2f2f44d0,0xa5d1b979,0x2d84ee82,0xdb6fa69f,0xcc76b123,
-        0x21fa3bdd,0x834f85c5 } },
-    /* 226 */
-    { { 0x2ce9b31a,0x329347c1,0xfe3fb3b7,0x1d88522a,0x52ff90fd,0x4bcefb4d,
-        0x2b1a081d,0x53b17386,0x2a411f08,0x538c11ba,0x141b603a,0x7895b93c,
-        0xb10bd741,0x2993b9aa,0x09912986,0xccbbd046,0xeea0aba5,0x669fafb0,
-        0x35661897,0xd4844622,0x367ffa54,0x4a63b89c,0x1c3478da,0xcbad5d1d,
-        0xaa6034f7,0xc5339227,0xe61b1391,0x0e6d705f,0xf74ff515,0xdd14b660,
-        0x5332b54c,0x639d8b0a },
-      { 0x162217cd,0xfa423162,0x811c28e6,0x2e0e4a2a,0x21766dc0,0x68d9ce18,
-        0x046a06ef,0x51263739,0xdde92101,0x44eea231,0x114298d3,0x0607c8f2,
-        0x63d957e9,0x27f272ba,0xa5e8cae1,0xe7ce80cc,0x24f7a63f,0x5816ebe2,
-        0x89673e34,0x4dece5a7,0x536babd4,0x13756a22,0xe3bf77af,0x644d61ae,
-        0x2bcf98bc,0x60b2bf6e,0x29fa962c,0x3b0b59f3,0xabb50023,0xb0769a1a,
-        0x0c75402c,0x40903136 } },
-    /* 227 */
-    { { 0x1670433f,0x84d2873a,0x25493dfc,0xc9394df6,0x80fcf89e,0xeb05a19a,
-        0xdb297616,0xe39e4310,0xd9e63046,0x50742dc9,0x1de9ca9e,0xf31ad8c8,
-        0xfb7b1d0d,0x86aabf94,0x1b3c82d1,0x36cda27a,0x39702d84,0xfb1a2ef4,
-        0x46081299,0x280bfddc,0xd2396238,0xe4b2b48d,0x7b3c9353,0x2db2c2f3,
-        0x12fb8a69,0xd5b5b317,0x08180474,0xf9b87a3b,0x1e952578,0xd8590986,
-        0xf37a2bc8,0x80668eed },
-      { 0xb39a0249,0xe2edcd35,0xb2f8aeae,0xaf230cd4,0x7223df05,0x295b15e4,
-        0xe0e937f4,0xbb66982a,0x8cbc9162,0x019d2b72,0xcf49dca1,0x5c512ae9,
-        0x630f07b4,0x11b491a7,0xa03874e9,0x48d4f34c,0x44cb7433,0xc1fd0ea6,
-        0xf95b30c3,0x13f79ae1,0xed8b60ac,0x40362d4d,0x61ead81c,0x9e8314ff,
-        0x498c3d28,0xed600dd4,0xc2521702,0x5fcb1c19,0x3a9c1f33,0x592329fc,
-        0x1bde6ce9,0x04677548 } },
-    /* 228 */
-    { { 0x39233c96,0xee3de56e,0x80737eaf,0x868c409c,0x201abc68,0xacae11bd,
-        0x2b486205,0x0f2cea9b,0x6f19056c,0xe32387e1,0xa5dc2a41,0xea75365a,
-        0x12b4be86,0x76c29acc,0x8d63294d,0xa01fcab7,0x0cab9f24,0x81dbe88b,
-        0xf414c054,0x76646e5b,0xcb96b7aa,0xfe111893,0x7664e097,0xb649f5b1,
-        0x53fcf5a9,0xa196422e,0x0b7ff634,0x5978c9bd,0x3c229895,0xb5feb38e,
-        0x0833c456,0x038a49fb },
-      { 0x13e93257,0x35e3818c,0xa612741b,0x14cebc9d,0x7caac06b,0x4f6e9249,
-        0x3daa1116,0x82278e33,0x4de2034a,0xe7cc565e,0x0a1ba630,0xbb7dc95f,
-        0x66956fbd,0x81dd9f23,0xbb132dd6,0xc63e6319,0xfc241337,0x6e22b022,
-        0x7e8beb1c,0x23848193,0xd8c938ac,0x83b1994d,0xa6bb5644,0xb54cfaca,
-        0x06f91807,0x1a7cd44e,0xa8f8d9f3,0x1dd439bb,0x7f74a8e6,0x660c2a78,
-        0x121b5660,0x4bb76e22 } },
-    /* 229 */
-    { { 0xe6354817,0x7a151e8a,0xf038b438,0x33d494ea,0x85958986,0x4c86c688,
-        0x1dcbac12,0x72153827,0xc0edad06,0xf487af8c,0xe500e5d6,0xad33051f,
-        0xd6e47f55,0x0a711b1b,0x8c746ad5,0xa68709a7,0x6402f35e,0x27f17262,
-        0xfb30c130,0xc6d08efa,0xc06c7497,0x9ef1c041,0xdcc3e2da,0xd0c74ece,
-        0x092e1073,0x30c5f96e,0x2aa12b74,0x0f1393cf,0x2107eb02,0x24584016,
-        0x7b76f98b,0x8843d25f },
-      { 0xedb2a83e,0x4e1501dc,0x2bb8d724,0xbcfe8fb0,0xd925df62,0x09020659,
-        0x42ab6fc3,0x3c715dcf,0xa0f09dfd,0x73c05055,0xe3590aea,0x126745d8,
-        0x76ff749e,0x5382f4d8,0xa920c663,0xfc69feef,0x9fd711ca,0xde160211,
-        0x9075c4d5,0x4219c3bd,0x3ded6bf2,0x3800cbd1,0x6263a116,0x8c7ea0eb,
-        0x7d264c37,0x35bd7958,0x7159c98c,0x56e22e45,0xfa7373b5,0x71bf2a2d,
-        0x8935c949,0x0503f939 } },
-    /* 230 */
-    { { 0x71dad4f6,0x65addc66,0x024bea1b,0x238e4889,0xf605d3dd,0xfb76c8e2,
-        0xb0d96b89,0x13d5f5de,0x6601b2cb,0xe0b5ba35,0x83e3d254,0xe37d491d,
-        0x240c8ea7,0xe8860423,0xe91c99ba,0x374182f3,0xa87ad919,0x26c2caf9,
-        0xf574f295,0x4b13040a,0x944000a3,0x5b9bced1,0x06df42e7,0x4ccc57be,
-        0x4bd1089d,0x22e8ec50,0xdddbb500,0x0c53177a,0x9ecfeadb,0x690d31d2,
-        0x176668f9,0x735778fe },
-      { 0x843c1137,0x0f86ee3e,0x3f0b73cd,0x3c1c42fa,0x8ab20e3a,0x0e75679d,
-        0x16242fae,0x6f95f1f4,0x39b092e4,0x7b88e11c,0x4c236ac0,0x1629403e,
-        0x2dac02e6,0x66105f41,0x862e0632,0x74dc28a7,0xf3b23c8d,0x2118ffb2,
-        0x0745ffbf,0x1182417c,0x4c05711e,0x49b55a04,0xcefbe4de,0x2c665b74,
-        0x97bf7107,0x1cc4c01d,0xc54f0676,0xb2ca06da,0x7450d0f8,0xfc599daa,
-        0x1a3182a1,0x52e637a6 } },
-    /* 231 */
-    { { 0x6bebc6db,0x481700f1,0xf9503d92,0x4a6b45db,0x5d153919,0xc715cd3c,
-        0xe5ad2abc,0x942a1c05,0xab7b466f,0x36a82433,0xba13918b,0xba413bed,
-        0x90f4e6ce,0x698a5624,0xf3f1f3ca,0xbb720da6,0x63471ab3,0x2116d41d,
-        0x303d3609,0xe00d2227,0x463ba69e,0x7fd4cc00,0x62845fd1,0xac609e4d,
-        0x80adc9c7,0x63603b2c,0x45fafbca,0xbf16fc9a,0xc4bc94ab,0x41007f7f,
-        0xa74b1698,0x7c916b4f },
-      { 0x78bac2d4,0xc1026f91,0x2601a875,0x8a2e8098,0x0073d640,0xad2f276e,
-        0xfcc1fb88,0x443610c4,0xca6b291f,0x5727b822,0x88ec60fc,0x0645532c,
-        0xed9ad48b,0x51e48899,0xf543f103,0x841b48b5,0xd591ceeb,0xa6ccb1be,
-        0x9dcf5a8b,0xfc4adf0f,0xb347ddb4,0x3a7ca020,0xcb44c521,0xaa1accc2,
-        0x0527c0c4,0x773b6828,0x7023cf50,0xaa374c10,0x6b74c926,0x733d1000,
-        0x77a8d07c,0x1ff3916f } },
-    /* 232 */
-    { { 0xf997939d,0xaa218fe4,0x791583b3,0x3d4dfbbb,0x87f7560b,0xb3a7b5da,
-        0x5da92c98,0xa9c02801,0x46666f4a,0xe1eb4aad,0x14ce9dd7,0x2eb17a51,
-        0xef8f3076,0xf46a66a4,0x810e546e,0x900b45c6,0x4baf04dd,0xf7af2258,
-        0x5c84d42f,0x3cc1c872,0x8e4c83de,0x3093f225,0x170d88b2,0x62fade41,
-        0xac076e44,0xe19612e4,0x32dd141b,0xf48d7346,0x925e34da,0xc1b1f759,
-        0x072b90c9,0x19ed1a56 },
-      { 0x6c735473,0x9cf7fcde,0x6003bc3e,0xaab88e67,0xfb199bb8,0x12187cbc,
-        0x9accccbd,0xbb730441,0xb0f65459,0x214aff3c,0x6f926282,0x6aec81a3,
-        0x9f9d20b8,0xaa82cb32,0x5773cc90,0x82f3f90f,0xf62257e1,0x4af60e6b,
-        0xbd4762df,0xf18b44bf,0xdb970753,0x3948b129,0x7c22c18e,0xc6e920e9,
-        0x57be97ad,0x393d6208,0x46b637f9,0xe8d7382c,0xf1fed1d5,0xf6625ccb,
-        0x68681599,0x6f31e0f9 } },
-    /* 233 */
-    { { 0x82b8f204,0xc45afe55,0xd358b54a,0xac0441b6,0xacd5f5ed,0x7213e7bf,
-        0x139bcd93,0x1914c70b,0x96dbcbb0,0x714b4581,0x1ed35d21,0xe9297d35,
-        0x6a3e1f20,0x8f640837,0x2f3cd705,0x150a8a9d,0xdcdd9f6d,0xfb36e801,
-        0x5cf56d82,0x5a54eb65,0x92aa5a21,0x7610500c,0x3b089f03,0xd10d0ae2,
-        0xc42b66e8,0x491b2079,0x0eee8d48,0x4af1ae3d,0x41556f45,0x137e4c28,
-        0x63d8a7e6,0x875e3308 },
-      { 0xaf6c0acc,0xdc80fddc,0xbb1e7c08,0xd5ad1e66,0x828585ad,0xdc717ae1,
-        0x275c7da6,0xbdc54340,0xd26b9e15,0xf4b4c852,0x6a05fa50,0x5f0a1fbf,
-        0x817bcb32,0xc6f81e47,0x70ff2e1d,0x2cbd4328,0x67c7f7fc,0x8a249016,
-        0xb585a6c4,0xd045acb7,0x4666c057,0x2e972ad4,0xe6d7d63d,0xc74d87cf,
-        0x0e274144,0xf7067d87,0x8b2584ae,0xb2ca157a,0x75f0fdeb,0x495c5bfb,
-        0xf386e009,0x5abb0581 } },
-    /* 234 */
-    { { 0xf0c97f57,0x8be62d2b,0x962f28c7,0x0fe04871,0x47b50abb,0xc548a467,
-        0x44fa09ed,0xf6b26e03,0xab05a96e,0xfd44c6e3,0x70e6ae82,0xedb0032c,
-        0xd7e4899d,0x28bd402b,0x9b7c11c2,0x43f2e963,0xce913716,0x0ec3fc0e,
-        0x02fd0f8c,0x769b8bc9,0x7cabc3ac,0x9d9cb3aa,0x06924cc9,0xe88a8892,
-        0x42609014,0xa51461aa,0x962e79e0,0xc7f4aa8b,0x8b1b3e80,0x4ef0210a,
-        0x1bfee4bc,0x70544680 },
-      { 0x121901c1,0xfab3d713,0xfead54aa,0xe90a2627,0xbc08ba23,0x64f6d285,
-        0x36ec227e,0x8d993015,0x06c191ab,0x99a16ab9,0xf649ce2c,0x86b1cf5b,
-        0x66be3a80,0x59206759,0xccba2cf0,0x18836279,0xeff53486,0x2c157b87,
-        0x4b223af2,0xbfac9896,0x0aae7a57,0xcd0fd4f0,0x63218a80,0xdaddb940,
-        0xdf88f14e,0x3844bb79,0xb71ed9fd,0xc1b3e3d4,0xd6205036,0x6c634a13,
-        0xb8680a6b,0x6f56aecf } },
-    /* 235 */
-    { { 0xd9205c5d,0xb01dc803,0x67123929,0x68955f7d,0x9d9b6565,0x3debbffd,
-        0xd3b1acfe,0xb844395e,0x6094eeff,0x04328b21,0x22991feb,0x6631ffa8,
-        0x190dd075,0x0dde66e6,0xe8577c05,0x75b03c55,0x91722407,0x6c91ce5f,
-        0x8ebb3a3f,0x9a288a40,0x058a1396,0x1d376f8a,0x9a6e0676,0xf3a59457,
-        0x7b71d288,0x103029c5,0xb44c30c0,0x0843f428,0x730e0b9c,0xd8e6aff8,
-        0x4ed644ad,0x7b6be811 },
-      { 0x3d3aa54e,0x3ec38e4a,0xd83d509a,0x10233943,0x243955e2,0xf84aa621,
-        0xf51d3d44,0x29104717,0x7eca4e37,0x62d2442c,0x85fa55de,0x8c5a523d,
-        0x851da1b5,0xc6f5ccda,0x20001468,0x044bcaa8,0xe01702e0,0xf7501e68,
-        0xe6a0acec,0xf0819359,0xac0ef0b2,0x33dda6ad,0xfd964f01,0x97aeedc8,
-        0x530b90d8,0x48dacd0e,0xb84122eb,0x4c5fad6f,0xd700a1de,0x2284ec1e,
-        0xdbca5474,0x86f9a835 } },
-    /* 236 */
-    { { 0x450cc69f,0x0e1d9055,0xc9edf98f,0x50eb14bc,0xee7eba01,0x1bb94e77,
-        0x998f8e53,0x5f7a6737,0x1b16eef0,0x588384e3,0xd85c5e15,0xbb928723,
-        0xcbd952aa,0xfe51e345,0x7e241674,0xc5d0ee28,0x100182f0,0xfdc146ef,
-        0xe7f5be2c,0x0f739e92,0xb656bd3e,0x501ab3af,0x5168e289,0xb1552dde,
-        0xb8ee104a,0x940dfe31,0xc4304475,0x42923603,0xc460a913,0x9306f114,
-        0x03b51f86,0x5bfa9faf },
-      { 0x107b258e,0x2a23f52c,0xd66341dc,0x989e82bb,0x823cff1a,0x54a3ced8,
-        0x719b491f,0xf45b7794,0x2433dfb8,0x898c2218,0xc49250ee,0x0f9dd91c,
-        0x4fa17655,0x50c2a2ae,0x2c327f45,0xf7aa1ce4,0x583b1e41,0x13a15ad6,
-        0xa1bfad9e,0x9aa0d5a5,0x8e1fbdcd,0x9b1caa28,0x915f7f87,0xaf9283b6,
-        0x87e81a1e,0xc10e4e0c,0x1080d296,0x04fdca56,0x12755bd8,0x6acc9616,
-        0x828feeda,0x1b1266aa } },
-    /* 237 */
-    { { 0x774ee49c,0x4ebc0a00,0xcb6237d7,0x776f6852,0x5df938a3,0xfc0544ac,
-        0xb6fbfbbd,0xc3388ec8,0x745f2eae,0x84ac8bcd,0xb1ece937,0xa9c56609,
-        0x7de8fa13,0x656fb6ac,0xa532b871,0x5f8ded74,0xaa889f09,0xab0d428b,
-        0x10b7aec2,0x43b27f28,0xfeecb34c,0x26426e1e,0x9e89c2db,0x44431b6b,
-        0x39211090,0xaac4bc5d,0x4fd81058,0x926f7368,0x471ef60e,0x452fa691,
-        0x218d7a23,0x33517fdb },
-      { 0x593c4a36,0xa9c33f46,0x36b1a9ee,0xac69d718,0x4277beec,0x55a20c1d,
-        0x7e4f179c,0x3e8ca24e,0xd46d88a2,0x57373369,0x730702f8,0x71ceb1cc,
-        0x35eed574,0x8b184d97,0x0704cec2,0x7f4517a2,0xd7062a53,0x7f129d18,
-        0xb1d77e1c,0x07a4571b,0x8350d8b2,0x774ac309,0x61fab8ef,0x27b2919f,
-        0xb5dd801b,0xa7c4cc13,0x1434591f,0xe7e6255b,0x5a3592b3,0x349937b8,
-        0x30c77549,0x31fac63d } },
-    /* 238 */
-    { { 0x04913fb6,0x2ee8cf1b,0x1769a6b3,0x7e401350,0x783e61f0,0x790ebb71,
-        0xe27f2ffe,0x1e5107f9,0xedaf89bf,0x124ba67f,0xe58de68d,0x189200e1,
-        0x6df5abee,0x962732a3,0xacbeb4aa,0x72cc37cf,0xe93c5a76,0xb0c5fa96,
-        0xde63393b,0x4c2a317c,0x830b2d6c,0x97f65e67,0x1be5b96a,0x4afc3504,
-        0x730ce66d,0x0bf40a60,0x9340d84f,0x96a1ba79,0x07626b08,0x3ee18254,
-        0x7ab0cbf5,0x01db35db },
-      { 0xac0efee2,0x6e0fbc2d,0xd71dbb45,0x8406ebcd,0x19b69abe,0xe72bde3e,
-        0x37e01822,0x49cb7e61,0x11458b4c,0xcbb8c01c,0x687c5d63,0x420b4847,
-        0x454c6776,0x1847dfa1,0xd1839d18,0xbede911d,0x278df046,0x1b9dc9c9,
-        0x881a336c,0x294bd62b,0x93e77adc,0x7f096879,0x43ce3ba7,0x7ac90665,
-        0x7764eefc,0x148695fd,0x9ac465cf,0xe0c20f0b,0xa6e2cdb1,0x636e8d28,
-        0xd755341d,0x7b6ba98c } },
-    /* 239 */
-    { { 0xc1881ab4,0xcb1d9e03,0xb3168c88,0x19c25d55,0x282364ce,0xa82d3d47,
-        0xf161aa24,0x95994390,0xe1ebb2c9,0x7838bc00,0xbdec7a75,0x8fd5dfcc,
-        0x4ff7220a,0x4dd203c2,0x0efeff48,0x5ec173b3,0x16428b35,0x99f1d2b3,
-        0x056e813f,0xc06bd9e5,0xc0b319f1,0x929172ba,0xfd223b15,0x6ae0e384,
-        0x98d091ed,0xbd01059e,0xa654648e,0x6b3168e4,0x3375e798,0x2211447f,
-        0x71eb4508,0x47e81019 },
-      { 0xbc8c290d,0x7045d45a,0x810fb33a,0xa33d1355,0x46fbbf2f,0x2baf0092,
-        0x385c7cd9,0xacff3f1b,0xe161985c,0xc5b150ec,0x2a888748,0xc6ee0a7f,
-        0x5e88dcc8,0x9d888c8e,0xccb86443,0x4dd735f2,0x3c40f6f2,0xcc1e13b7,
-        0xf3fed691,0xfc3a25ff,0x257ee5c7,0x4cb43b17,0xf32db135,0xaa654f93,
-        0x02dff2d3,0x44f58d0a,0xa8ca6394,0x78e3f188,0xf3e86697,0x39646cce,
-        0xe0dce87b,0x785b1902 } },
-    /* 240 */
-    { { 0xa92f9a20,0xfcce2361,0x9d64540e,0xb7bdca87,0x1d00d7c5,0xd4739a85,
-        0x2e97c926,0x067ac8dc,0x78da6a8b,0x2aea3ffe,0x63c51b69,0x6828bf54,
-        0x7155141a,0x76f1c479,0x3977d810,0xf4bcbef6,0x541bce7a,0x75bc4949,
-        0xd17041a5,0xe01f4066,0x87755eaf,0xd282d5bd,0x59e7ae80,0x6e2107dd,
-        0x382ab36f,0xaa56e166,0xb9d1d634,0x65ee8ef6,0xce4ed844,0x99a2160a,
-        0xb7712c27,0x6557c367 },
-      { 0xd75b6e52,0x561b0268,0x118d0e89,0xb0813640,0x6a2eb1ae,0xcff53330,
-        0x6d090894,0x4e462226,0xb5fc1d48,0xbb351227,0x57a3062d,0x9365ea07,
-        0xd66e2dc5,0x4caca37b,0xb9095887,0x220d7d23,0x8c4473bf,0x9c0fd393,
-        0x6787da4f,0xadff370a,0xd057f4b8,0xef0aebcc,0x1173f33a,0x205e744c,
-        0x925a26b4,0xb8d1f0a5,0x722fbbfd,0xa9364f49,0x8227d284,0xc891ae77,
-        0xa0e08ab4,0x15c40d04 } },
-    /* 241 */
-    { { 0x2a0e18d1,0x9baf169a,0x4c0327c2,0x9971c017,0x7bc262ce,0xd81a323f,
-        0x818ff379,0x2099db8d,0x4cd3c330,0x663f663d,0x011a0553,0xef5325c3,
-        0xf980a470,0x9cd70bdc,0x1c9ed070,0xe64452d1,0xac676e13,0xafbf43f4,
-        0xae85c2a5,0x97bec0a6,0x470490c4,0x2faae550,0x491e6ba9,0x0ab97a87,
-        0xaafa9914,0x4055f537,0x36726557,0xfc95adbb,0xd119d6bf,0x646343b9,
-        0x9d341e37,0x788e94a0 },
-      { 0x9c53461a,0x053a6fe5,0x08e3b6ed,0x75ec897e,0x0768d939,0xa8f5d2f3,
-        0xcc213d4f,0x9bd6bff6,0x05b0147c,0x590c7b41,0x7c7b8169,0x20a3628b,
-        0x5bce78e9,0xc66a086e,0x4dec1d8f,0x3dd4d282,0xc19dcce9,0x890acf44,
-        0xd8435a7e,0x6632d875,0xea6381b2,0x590167c1,0xf0dcc128,0xb2259797,
-        0x46f8d463,0x91a612b4,0xc15efa39,0x42185d78,0x119f6788,0xdf55ec37,
-        0x780dea93,0x91b19cc6 } },
-    /* 242 */
-    { { 0xcb5d8b80,0xebf2709d,0xfc35660e,0x03b96182,0x055ef969,0xb873d991,
-        0xe47c4342,0xd1ea4b4d,0xd54f8867,0xcc4b9244,0xfd8d77ef,0x93b1a2ca,
-        0xe8c1f563,0x068d24e7,0x49973056,0x5f5fabb6,0x0542374f,0x83248c50,
-        0x3f38e913,0xc36de2b5,0x7bb680be,0xed07e8eb,0xd8f313b5,0x964813d7,
-        0xafd2d392,0x7bb6a069,0x0848a31a,0xc06d848e,0xe4f0c325,0x6867fb2f,
-        0x067343af,0x3c2ba834 },
-      { 0x9d3ad63b,0xab62d775,0x59e0eb1f,0x3f9cab97,0x3885e117,0x70332a63,
-        0xe20b2f9e,0xf22cafce,0x49eca947,0xb529ba7e,0x6228d88d,0x24954216,
-        0x39239561,0x80ea23ec,0xd4370644,0x1b8907e7,0x563e4e44,0x4b7fa455,
-        0xb2a4b0fa,0xcca9829e,0x48060792,0xd0a720a4,0x246991ce,0x8ccdda0c,
-        0x348d086b,0x37a2325b,0xf60aee13,0x566ed509,0x147f253f,0x3d30e091,
-        0xc1073bd8,0x1fa627a5 } },
-    /* 243 */
-    { { 0x42478fd4,0xa11222a2,0x670b2000,0xacf4c6f1,0x8359c6de,0xf71bb04f,
-        0x7b93cdbc,0x618e2829,0x230db60b,0x96e1bae3,0x965b3b29,0xf17fd3b4,
-        0xbc7055dd,0xa58639c6,0x4b817d7f,0xc3ea92ed,0xd23b08a4,0x9082b2a6,
-        0xdc17010e,0x8471228a,0x20e89d97,0x753b9e46,0x03ff77c9,0xcf7e4f97,
-        0x2bbe60e5,0x6c3f8245,0xb80e017d,0x9e432cbc,0xc0a45edb,0x150a5acd,
-        0x4798743e,0x67b8bd05 },
-      { 0xf4797cf7,0xe66079b4,0xd03fde02,0xe31c998a,0x54caaef1,0x5aa3763a,
-        0xf7649711,0x64d9a1fe,0xaf29b1a7,0x7ce0dc73,0xfb66ca93,0x6661b083,
-        0x32fb6a78,0xbf4d74fe,0xdf00a561,0x25f6ef09,0x831d1159,0x2bc4383f,
-        0x536bde37,0x6d5cc10c,0x882cc65b,0xd4945f9f,0x451a99b8,0x81f48f13,
-        0x6bac11a4,0x140161cd,0xf18a4a0a,0x9d94d4ed,0xa467a824,0x65363165,
-        0xa4c9aedf,0x74297aa9 } },
-    /* 244 */
-    { { 0xe21124ba,0xc49758a4,0xa87ffbd2,0x99bd8198,0x3d6638a8,0x45fbcdd1,
-        0x15f7bf76,0x94645ff8,0xc4e6d57e,0x5fa6736f,0x92e61db9,0x1eae6475,
-        0xcbdf944a,0x79575c0c,0x25b31d74,0xa3d13047,0x4cab5ae6,0x7881df22,
-        0x1a2887f2,0x8dbfd299,0xa26ac459,0x23d07590,0xd8661d4a,0x2e589852,
-        0x8a0140f7,0x37b5c13b,0x3fb3782a,0x0f94199e,0x1bc14e90,0x722aa059,
-        0xd55bbb12,0x89aab7ba },
-      { 0xd656bdc7,0x8b345a96,0xe176cd3b,0x43bdc8af,0x32d64c43,0xd69518b6,
-        0x79b82b41,0xfcf364a7,0xffb0cf82,0x907b344e,0x5101287b,0xf3d0c83c,
-        0x34cd90ef,0xe9f26a59,0x07082b5c,0xe5f5aaf2,0xece7c165,0x4eb72c75,
-        0xbe986cd6,0xe9590a81,0xff1536aa,0xfeef498f,0xa8263d5e,0x04560243,
-        0x54ae872b,0x940be14f,0xe3207686,0xbee7bcc9,0xc1bc4d7a,0xd496a27d,
-        0x5940ab46,0x002dc297 } },
-    /* 245 */
-    { { 0xb69d60c3,0xee533937,0xfe972755,0x260be552,0xc0c725a6,0xb11fb78d,
-        0xcab2e7c2,0x6982c27e,0xee2322cb,0x4bceedd9,0x122704f7,0x952b19ed,
-        0x854a6165,0x2df4c285,0x7b192485,0xba40b5bf,0x0119f52a,0xfcbca950,
-        0xe5add86f,0x7467d1cb,0xd9d0f2c1,0x9bf536fb,0xb8d4ebc9,0x3c296e34,
-        0x05a81317,0x0495f8f4,0x73335f76,0x8c59e8d6,0xe0542122,0x0b53d324,
-        0x3c3bda73,0x4d564535 },
-      { 0x7e5c0877,0x7322f800,0x0ca9a764,0x481b43e6,0xa2c12716,0x231f4f4b,
-        0xed3136c2,0x09596857,0x38db30de,0xae826322,0x99908ebc,0x652fad40,
-        0xaf0d231e,0x0b8d1814,0x09cbc349,0x2680c54b,0x4bf3bf8e,0xfd4562f3,
-        0x092b595f,0x2985090b,0x5e15fc34,0xe6f39ca4,0xbc378168,0x70175191,
-        0x845a4a87,0x906944b3,0x82a1541a,0xacc6d74a,0xb155c8b4,0xadc9bab3,
-        0x77306c62,0x1f2f89ce } },
-    /* 246 */
-    { { 0x9affefdf,0x8253ef41,0x4cf9256b,0x05d7ece5,0xb444e483,0x377002f2,
-        0xcba5471f,0xb189755f,0xd5cbe015,0xc88483cb,0x6a0b8429,0x254f7c69,
-        0x61f3f61d,0x18850bd4,0x0a247157,0x7ba21089,0xd92eeb0d,0x35abbc2e,
-        0x965dec89,0xfb56cabe,0xbc55684a,0x9da23724,0x6a7a7492,0xd8ba396f,
-        0x2ef4ba46,0xfcb90db7,0x9909b27a,0xdd234fe0,0x76f4366e,0xbdf3c164,
-        0x17e50d47,0x09c8097f },
-      { 0x60050c07,0x6a04b140,0x43a8e37e,0xc29e8318,0xbb55e41f,0xcb9429b2,
-        0x2ce60e3a,0xed2fea5a,0xdb9d82f4,0xdc7b1ff3,0x687d37fa,0x48ebecc3,
-        0xecb07539,0x79153e32,0x57075692,0x6a60054f,0x800759ba,0x3871cd0c,
-        0x30922df1,0x17a7386f,0x83357b7c,0x4e9fc59e,0x39415186,0x1d26b3a9,
-        0xd34db889,0x912a0222,0x59fcdb71,0x6672fcf4,0x44ff3036,0x5a3f268d,
-        0x6911e16c,0x6f113ed3 } },
-    /* 247 */
-    { { 0x1836f1c9,0x52a9df59,0x4232307d,0xfa6519f5,0x5ded285a,0x8406c701,
-        0xaf627f75,0x0a1545ca,0xace0417d,0xae1111ee,0xa6113443,0xfb28bdf6,
-        0x52dbcbcb,0xde9ef0ab,0x7813e658,0xe9dc181b,0x99127225,0x0b1dabdb,
-        0x22814c59,0x5f0598e3,0xd934ee7e,0x5c3b966e,0xb99ba4bf,0x4eb84eda,
-        0x3c1b55e7,0xb2919a34,0x94aa860f,0xa9addb49,0xf6811ff6,0x1b7220df,
-        0xd1a183e2,0x6636a23b },
-      { 0x20587283,0xdf5d5a2d,0xef07fc5d,0x0b3822c9,0x0ef6de38,0x1786bd55,
-        0x25d1671d,0x163cf907,0x1cdb1def,0x74bf971f,0x0842fc4a,0x5749e830,
-        0x27f854f7,0x0e2edbc7,0xbce24acb,0xbb27bbda,0x05bed08d,0xc1b19cec,
-        0xf7c904bc,0xaada123e,0xd89982db,0x02429f1b,0x65f6e632,0x49d3616e,
-        0xee59fd32,0xa3789fa8,0xfe9f29f5,0x160ba3ba,0xaf5378a0,0x0f2d3b61,
-        0x73c2a6f8,0x7aeecc76 } },
-    /* 248 */
-    { { 0xdc43b0db,0xf3a4757c,0x98119cad,0x3d8a4e85,0x4616c156,0xf8095bf6,
-        0x4f533e97,0x3e2a07bc,0x39cfc5ad,0xa9824367,0xcd68052c,0x18a6ba3a,
-        0x8a1cec66,0xbd60e590,0x02b1b695,0xae3841a5,0x190a195b,0x986dff12,
-        0xad31fd9b,0x2df2beac,0xcc728f7b,0x7d893224,0x0cf0a992,0xc38ea738,
-        0x586a44ea,0xa8439a80,0x1615f03c,0xede7f7f0,0x27a1f885,0x48249908,
-        0xb78a7645,0x28ec4006 },
-      { 0xa2fe0009,0xe1820c2e,0xf13874e9,0xe11ba5d2,0xc524db52,0x97522454,
-        0x7fede529,0x4d477426,0x9b2500d4,0x01d3419a,0x1869244b,0xce08a492,
-        0xdd1be1b9,0xba169023,0x32a301e0,0x242c3e54,0x70906788,0x9b56f7ba,
-        0xc74a8cc4,0xf0ad2a09,0xd76f9439,0x99cd1841,0x621fb60e,0xeddafe0b,
-        0xbc397634,0x056bee54,0xff7f0a84,0x4653f860,0x2011c0af,0x6bd4876f,
-        0x0c9525c3,0x134f4cc7 } },
-    /* 249 */
-    { { 0xe938dff4,0x9621a3ec,0x486a79a3,0x7d101a7b,0xde950537,0xf2c4ef97,
-        0xe65d87db,0xf3184099,0x373b8cfa,0xb89c7ffb,0xe842916e,0x68baa505,
-        0x4ebea764,0xa790fd09,0xe592892b,0x679df6d4,0xfcfed741,0x2023331c,
-        0x9880ff21,0x0bf4efd2,0xd0344501,0x7ca78ddd,0x342858c8,0x2cb09ecb,
-        0x2575487a,0x9e5eb6dc,0xebcb0491,0x50675a15,0x7381d471,0x09d2e74f,
-        0x83d3d6f4,0x6ea37829 },
-      { 0x4e5cc40a,0xc65c094b,0x1af37dfb,0x7a2e3f6a,0xf9026e44,0xef677e9d,
-        0x93880f53,0xb7878c95,0x7f644aa9,0x4aa30b07,0x2f208c3c,0xa0c51683,
-        0x658d663b,0x7c0277ae,0xae1d9130,0xef0b3c38,0x695c3ea4,0x302f37a7,
-        0x6a0c5e0d,0xe004c1c5,0x20cbcf9f,0x9fd495c4,0x568a0e7c,0x706d5b9d,
-        0x59286454,0x8b225dff,0x8d9a709c,0x527d4465,0x87c08d68,0x47c558da,
-        0xbb4ef07d,0x606ee6e6 } },
-    /* 250 */
-    { { 0x57c621f6,0x02d99fc7,0x7fe83d48,0x292e40c1,0x9ef199b0,0x1bdfc7a1,
-        0xe62c7666,0x78a04102,0xe6738753,0x16cda370,0x1e3a65af,0xbc81974d,
-        0xf78fe209,0x19742048,0xbf5981c6,0xc83a058a,0x9c89702d,0xf26b2434,
-        0x9d1a678a,0x988b2f1e,0xff29ae29,0x472bf9b0,0x1d7cf5ec,0xa143e398,
-        0xb268ddd8,0x9c9d7e45,0x5fc4ff76,0x166cda55,0xa4aa7673,0x6044cdf0,
-        0xe9148707,0x49dba6f7 },
-      { 0xa758e37a,0x20e47fb2,0x2d8eaf66,0xaf6b31d7,0x6f9c2210,0x352ad5f9,
-        0x90efc32b,0x0093f727,0x41e4b264,0x435c99dc,0x05b15795,0xbfa878e0,
-        0x0e673575,0x99c520a4,0x87eea759,0xca682594,0xf12a348b,0x029f7b81,
-        0x2aa2ce35,0xa547cc18,0xead5e2c5,0xa11d874b,0x55682cdf,0x9af0349b,
-        0x8bbe8e66,0xf86ebfea,0xf55394ab,0x3dab8782,0xebc8eb8f,0x458bf797,
-        0x9b7de78c,0x4890a7a4 } },
-    /* 251 */
-    { { 0x8da995f6,0xd7299689,0xec6156ef,0xd39eaae7,0x356a82d5,0x6959040c,
-        0xc135bcfe,0xb2046b21,0x0f595c78,0xea720b64,0xe7c5fb40,0x02824efa,
-        0x0edb3bfc,0x97d8fd4c,0x79f24ebe,0x12f02905,0x187ea6b9,0x16fc47cf,
-        0x789d5c23,0xc219fd27,0x89263ecc,0x233a6b6c,0x8b6d30a6,0x823634b2,
-        0xc9b33680,0xca352e25,0x40c77456,0x9388d6ca,0x3c92065b,0xf8e55b0b,
-        0x02439a76,0x5c17474b },
-      { 0x8aaccab5,0xd888e7c2,0xaaced05b,0x18027836,0xccec0f65,0x185b877d,
-        0x125c2882,0x93cadc1c,0x67fdc54c,0x45df540a,0xc2788a33,0x4f3c86e2,
-        0xe3a0fa2c,0x3e874469,0x273983cf,0xc59daa47,0x4a96d8a5,0x3063c48b,
-        0xc2e58915,0xc38d2bcf,0x84e428c3,0x90e78b87,0xf0c4fd53,0x900a292c,
-        0x941e6005,0xb7f92db7,0x6ca53a1c,0x95679241,0xb1ab0fa7,0x35f6f31d,
-        0x7b58408c,0x5d675eb4 } },
-    /* 252 */
-    { { 0x870c6025,0xaeee1a77,0x91a2dfca,0xfc4a23b7,0x386b64c4,0x7b0e60c4,
-        0xe5ae72b1,0xd5d5b17d,0x9eefa212,0x6dfc88ac,0xd4038b96,0x4feaefbe,
-        0x8e2d2ecc,0x099ac356,0x012af207,0x548ea612,0x89c31218,0x4ffed9db,
-        0xe0e67331,0x1c1e91c4,0xaf8300e0,0x009bb64f,0x6773c3be,0x8780501c,
-        0xc08219fa,0xe0cd6ede,0xf81b06ff,0x7c055e07,0xe080b36f,0x82b63f9c,
-        0x0a9feca3,0x02fccbaf },
-      { 0xb47cac61,0x9991d4d1,0xab86e12c,0x2e9d1687,0x2b94f042,0x8c6855ec,
-        0x48e648e5,0xca400519,0xef89ac57,0x9ba91fb2,0x1be792cd,0x4f419206,
-        0xbd0f1e15,0x82d221cb,0xfc444019,0x062eb13b,0x99790fdc,0xf3a97c32,
-        0x6067a64b,0x4e796d94,0x6d23775a,0xc46dd300,0xed7f0f23,0x8672c4d5,
-        0x3b4f63d7,0x821851dc,0xd26273f2,0x50a3ae0c,0xeac60f6f,0x800e58fc,
-        0x13845545,0x56f1e456 } },
-    /* 253 */
-    { { 0x32c24f3b,0x01ccb3f6,0x06d817e6,0x99eb1c7f,0x6aa26776,0x8dc640bb,
-        0x0845d5e0,0x7838affe,0xf81a79a8,0xf34fecb1,0x3e6819b0,0x6a2e282d,
-        0x8237a4b8,0xc4b977ce,0x87636439,0x0f46b3db,0x97970497,0xa465f540,
-        0x8791be43,0xd7e08762,0x34198ec6,0x00220b6c,0x093d94bb,0x57b38637,
-        0x29d690b2,0x84012e16,0x20aad1a4,0x02ec9db5,0x85dc34e3,0xafee2fc6,
-        0x25500cf8,0x911d1936 },
-      { 0xf5e5af5b,0x13b1bd58,0x7b6a22a7,0xa7ca263b,0xf3af2adc,0xab6bec4d,
-        0xa04420bd,0x16651e59,0x4ba36c11,0x3b448b3b,0xff424310,0x3c62bfcd,
-        0xf1a96cbb,0xde15c4a5,0xe4d1f980,0xbe0ad8a1,0x36673a3a,0x812bd14e,
-        0x9212acdd,0x40303af6,0x576095ce,0x8f6dab9c,0x107f5ca5,0x7df1882a,
-        0x8896a3b0,0xb903e63c,0xd863b3f0,0xf5048544,0xc09887de,0x5e5019b9,
-        0xa0f53865,0x2be744fe } },
-    /* 254 */
-    { { 0x5b50f324,0x054cd05f,0x1ea3c7a2,0xb9b1eb24,0x7ff8e6b7,0x4a858a5c,
-        0xec040882,0xd83902fe,0xd0cba9bd,0x72b26494,0xb29c9e1e,0xd0176f90,
-        0xcebadb81,0x05d4eb02,0x372b8bfc,0x874405b1,0x79ead190,0x5c412881,
-        0xec2b48cd,0xd44a3dd3,0x3f4d5033,0x84499a77,0x564c3a09,0xb37b38cd,
-        0xf42e803b,0x80e99497,0xb8f518b2,0xc07b47a0,0x3568fde4,0xc710e3c5,
-        0xcead0e7a,0x735f542f },
-      { 0x38380039,0xcaa9a171,0xf74d19c8,0xadfafe17,0xccbc1a8b,0x92d4393e,
-        0xfe029705,0x3c5dbf39,0x930e9b36,0x4552b5ab,0x2afd494a,0x7ee63032,
-        0x3f02ac43,0x826a9ad7,0x99356298,0x98c53562,0x7342bb39,0x0c869f87,
-        0xe4f9b79a,0xd7510020,0xd34789a9,0x6361d1a4,0xcfa85637,0xf0ded5ba,
-        0x88ac07e4,0x407ee73f,0x09ef1cbd,0xfac7d03f,0x4d475bad,0x25d697cb,
-        0x14bd399e,0x1e984c9d } },
-    /* 255 */
-    { { 0x4850c817,0xc76d0561,0x3489812d,0xb08a5b19,0x5e58cbbe,0x7273d154,
-        0x4be61e5a,0x8900b5fa,0xd7aeb8e1,0xaa088691,0xd35a3d4b,0xe66666af,
-        0x57ec7d3d,0x38a2c199,0x668d6f5c,0xa0648e8f,0x7adc1746,0x1f9fc92c,
-        0x843065c3,0x23a116c0,0x61e6ae69,0x36370a20,0x2aa47e73,0x626c3736,
-        0xdeff6d84,0x540c25f2,0xcdbed2d4,0x9804824c,0x039a9492,0x4b5bfce0,
-        0x76942e01,0x6c474a56 },
-      { 0x7d88e3a1,0x3aeb9a41,0xc484742a,0x105d3c88,0x3fe61131,0xe59de8d1,
-        0x1a869e8b,0x148f5b6b,0xaa75d90a,0x7a8abc59,0x62146013,0x2f0c9bc7,
-        0xc3824cd9,0x43faa747,0x6a5d0b92,0x81763a18,0x9bcbaebc,0xbbc341bc,
-        0xf745d1dd,0xe1813160,0xb75ce5f4,0xa53ce52d,0xd50de4c2,0x15eae66c,
-        0x75d7656d,0x5ed8996c,0xc4ca552a,0xe4ff5711,0x3c5305b4,0x215e985a,
-        0xfa1ba2ce,0x6b258954 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_32(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-
-            err = sp_1024_ecc_mulmod_base_32(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 32 + 32 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32 + 32 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 32;
-
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_1024_ecc_mulmod_base_32(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_1024_proj_point_add_32(point, point, addP, tmp);
-
-        if (map) {
-                sp_1024_map_32(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 32);
-    int err = MP_OKAY;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_32(point, gm);
-            err = sp_1024_gen_stripe_table_32(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-            err = sp_1024_ecc_mulmod_stripe_32(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_32(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_32(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_32(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_32(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_32(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_32(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_32(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_32(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_32(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_32(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit tx[2 * 32];
-    sp_digit ty[2 * 32];
-    sp_digit b[2 * 32];
-    sp_digit e[2 * 32];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 32 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 32 * 2;
-        ty = td + 37 * 32 * 2;
-        b  = td + 38 * 32 * 2;
-        e  = td + 39 * 32 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 32, base);
-        sp_1024_from_mp(e, 32, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 32);
-        sp_1024_mul_32(b, b, p1024_norm_mod);
-        err = sp_1024_mod_32(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 32);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_32(tx, ty, t);
-            if ((e[i / 32] >> (i % 32)) & 1) {
-                sp_1024_proj_mul_qx1_32(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_32(tx, tx, t);
-
-        XMEMSET(tx + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_32(r, tx, ty);
-        err = sp_1024_mod_32(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][32] = {
-    { 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000 },
-    { 0x335c1685, 0x170a46d2, 0xe1007a58, 0xeac9e971, 0x43ca4a73,
-      0x40e8f3df, 0x82642475, 0x2646f815, 0xb36576d1, 0x3af49bb4,
-      0x72bf1afb, 0xd89e2d14, 0x2fd151e6, 0x27be882c, 0x8f88717c,
-      0xaddedc85, 0x16ac6c6f, 0xd6d859bf, 0x2d8eae58, 0x0e741a1b,
-      0x61c1f30d, 0x6faf7a00, 0x9b67e096, 0x66dbd09a, 0x7d3b4f7d,
-      0x21f11c06, 0xc727c98e, 0x6152ba02, 0xe86cb221, 0xafd58891,
-      0x6bd3baf4, 0x59e93c6a },
-    { 0x71dd4594, 0xe54dd36f, 0x00aef1e6, 0xbbc9cc9f, 0xa19f6530,
-      0x9ea5a44e, 0x3f520928, 0x8588aa99, 0x8f5c1418, 0x9753794c,
-      0xc11399fa, 0x118bd792, 0xf5cb6ab5, 0xb9bd3afd, 0x2ecb9652,
-      0x813d1cb2, 0x40389813, 0xfd456267, 0x4ac8431c, 0x51f7119b,
-      0x0a180eb6, 0xdd9f6a91, 0x9f7bfa2e, 0x13946d17, 0x50a9d0d9,
-      0x16f18631, 0x6f8373d3, 0x5f19c20d, 0x9b6a52b9, 0xbe85ac6a,
-      0x74f62e03, 0x63ef187b },
-    { 0x016f45e7, 0x7c376b7f, 0x2bec82f8, 0x1c1bdb57, 0xce429b60,
-      0x7392f741, 0xc7afd81d, 0x6fdbf0a2, 0x7241098b, 0xbda41b1f,
-      0xbb60f8cf, 0x5b407474, 0xb330bc4d, 0x933e0d41, 0x733fa3be,
-      0xae182830, 0x0f5c6cd1, 0xa0ed299b, 0x3f9860c8, 0x7ff3354e,
-      0x15559c41, 0xb1360986, 0x129f85cb, 0xab0cb63c, 0x47685fbe,
-      0x682ecc49, 0xeb199633, 0x505e8ec2, 0xddac2cda, 0x90dcc794,
-      0xf192da23, 0x4fe6791c },
-    { 0x05e8733c, 0x94a423d5, 0x1d5717c1, 0xcc845e65, 0xe961b322,
-      0x237c7e88, 0xdb4181cc, 0x0c4471c6, 0x713bd721, 0x00c875e2,
-      0xb2c17b09, 0x9dfde9ed, 0xe88ceaf6, 0x430a6de5, 0x7b81cea6,
-      0xaaa7a61a, 0x233f98d5, 0xea52d026, 0x60689a9a, 0xb55efdd0,
-      0x5cac4aab, 0x30cfa7ce, 0x8e950761, 0xfa4db114, 0x4e9a1e52,
-      0x309570c4, 0x1a040170, 0x18c21f61, 0xbe78d9d2, 0x555d1ffe,
-      0x561db297, 0x04482a18 },
-    { 0x73d486d8, 0xe7758ac2, 0x61cdc1e7, 0x8169f946, 0x2188ab4f,
-      0x723c99fc, 0xf3373630, 0xa0e54f02, 0xbd8c2260, 0x560bee25,
-      0x4531bc60, 0x28fc307c, 0x7e44feb5, 0xd6f21f1a, 0x57128d37,
-      0xc8e4499c, 0xd7b2ea45, 0x963b053e, 0x32a3d222, 0x40c27a04,
-      0x35459668, 0x5b51854d, 0xd73557e9, 0x66e1a49f, 0x8692077a,
-      0x0d267fd9, 0xe7342702, 0xfa1350d3, 0x68ccdb44, 0x1a9c3f25,
-      0xdedbf89f, 0x833a0ff8 },
-    { 0xab376b76, 0xa8c419c7, 0x27d0f0cc, 0x3b7294f3, 0xa90c514d,
-      0xe56bb9e2, 0xa62575a6, 0x931ba51e, 0x098c0a88, 0x56fee07b,
-      0xb4c16a2a, 0x04be5aee, 0xe6eb260b, 0xe513350b, 0xa1d5c270,
-      0x339edad6, 0xe9dbadd1, 0xf366ed59, 0x2dd06ec0, 0x4213be88,
-      0xcb1187db, 0x22d639c8, 0xd8a1058a, 0x1fec95e1, 0xa2b744f1,
-      0x03f73ea6, 0xf4f05c0c, 0x741fd51a, 0x85f811a0, 0x2e2df95a,
-      0xeb24965f, 0x692b3ce3 },
-    { 0xd2a127b4, 0x0ce6cb72, 0x8f92816f, 0x66a46ea5, 0x47a37616,
-      0x43ecf463, 0xe0ab96ee, 0x163d9a01, 0xb2edbe8c, 0xc8145c6d,
-      0x4de4e665, 0x2f426cae, 0x74e252f9, 0x174d0b40, 0x7d2af831,
-      0x54c240d7, 0x3d652936, 0x581fa397, 0xa09d4695, 0x05b9491c,
-      0x5452643c, 0x8c4e8533, 0xd4128327, 0x32d64331, 0x70361f25,
-      0x64479038, 0x89ef09f2, 0x774191b1, 0x81de5fe0, 0xc0cf0aaf,
-      0xf40042d6, 0x333e430a },
-    { 0xcf26d3b7, 0x5df04de4, 0xb53f79be, 0x57a77306, 0x1808b664,
-      0xa4013c5f, 0x85037360, 0xef291ea4, 0x0b061037, 0x1ffc9d7d,
-      0x65c913bb, 0xd9d04dd9, 0xf13b8587, 0x948a37af, 0xfe3ee755,
-      0xb5443483, 0x04631386, 0x3fc21e74, 0xcddeb58c, 0xb3a104e5,
-      0x6572cd52, 0x94fe1862, 0x15aaa408, 0xeb9a71a1, 0x459ea462,
-      0x8adc6fe5, 0x4aeb02a3, 0xbb18d175, 0x2f7791d1, 0xae127636,
-      0xd6bbd708, 0x10e8b31d },
-    { 0x3ed9f1af, 0xb87f03e5, 0x56676166, 0x03ad2477, 0x74ce15b8,
-      0x38dcd630, 0x26b1e85b, 0x1877e2b0, 0x1af99c15, 0xb1654d17,
-      0x9382547a, 0x9782e9e4, 0x26d55ef5, 0x6dc7fc7c, 0x2fbeb54c,
-      0x9038f95d, 0x036c0357, 0xfe590dfe, 0x4fdc3f7f, 0xcfcb6eae,
-      0xf35e1a88, 0xcb1fbc54, 0xda0a5568, 0x3c8e1db2, 0x5b6f5557,
-      0x9a87393f, 0xe7ac0a06, 0x38646b32, 0x2a8495ab, 0xfd261c83,
-      0x0cdcc4bc, 0x6485524c },
-    { 0xc4a6ff2a, 0x1abfb3e2, 0x35a6428a, 0x2aa03fba, 0x89aff742,
-      0x884227f0, 0xba5dbd93, 0x2337883a, 0xd2a182cb, 0x38186ae9,
-      0x49a01f05, 0xb9f0764d, 0x917b1e7a, 0x92411feb, 0x570cbb5b,
-      0x700b1903, 0xb914be7c, 0x5d5181d5, 0x1981182d, 0x135c4437,
-      0x574b9997, 0x32758d24, 0x632d28b2, 0xa650a8f5, 0xfa383f09,
-      0x24078bac, 0x00a33d80, 0x6546a60c, 0x2df8b449, 0xa4061c7a,
-      0xf234563c, 0x1f76f3f2 },
-    { 0x44c436b0, 0x9aa2c143, 0x1f69c87a, 0x79070556, 0x5f6db2df,
-      0x35f3117b, 0xed56ba82, 0x85761f41, 0x7d0afa48, 0xf831464f,
-      0x3adce71e, 0xa99f2915, 0x116b7488, 0xb27bf693, 0x9bb9443a,
-      0xa98a5a8c, 0x2ee5fde8, 0x7f878026, 0x1812acb7, 0x3a6f93dd,
-      0xdc84bc92, 0xaf92a4cc, 0xf1d4995a, 0x3c2562af, 0x04ed899d,
-      0xfd9fc33c, 0x4ed2a538, 0xc028ca94, 0x049ea726, 0xd0f367bb,
-      0x3d108e05, 0x04924ffb },
-    { 0xc673562f, 0x06548e3d, 0xe2eae48c, 0xd3b33025, 0x5e1c6977,
-      0xe61fd32b, 0x6ebe557b, 0x424e2064, 0x41d6e18e, 0x767391c0,
-      0x14d7e95b, 0x4b8ebb8e, 0x20991b8c, 0x4ae8b7d4, 0xe01290d3,
-      0xf8a0df66, 0x925e5f4e, 0xc97e24a3, 0x1508272a, 0x79a7b2cb,
-      0x25072661, 0xb40b072e, 0x9062fa49, 0xdad9e182, 0xf3c53bce,
-      0x8780a784, 0x9f142799, 0x58a82b76, 0xc1468426, 0x08cd849c,
-      0xc380ae35, 0x4dfce809 },
-    { 0xd527b780, 0x45069cb2, 0x977930dd, 0xd52da015, 0xe27d0263,
-      0x10cc600b, 0xbb2d1b2b, 0x34102c26, 0x554adf3c, 0x4c652623,
-      0x45f0ff47, 0xd6891382, 0xca916e7c, 0x83fa8cc5, 0xd15c8d8a,
-      0x1e10f139, 0x81dc56b3, 0xf173dc2e, 0x5c4ed9ba, 0x7fcecb04,
-      0x47d01228, 0x307fd7d8, 0x9f3a532f, 0x24a57153, 0xe2153c22,
-      0x59e9e81d, 0xe428a408, 0xc562595d, 0x9339bd23, 0xdc7daff8,
-      0xb8a06802, 0x0d075908 },
-    { 0xde085f2a, 0x870af2a7, 0xbe99b2e5, 0x88fcd24f, 0x59ca413b,
-      0x88c0d261, 0x8559f851, 0x1f02a2e4, 0xf622da0d, 0x83b96021,
-      0x6dca3615, 0x5c05c2f5, 0x7910c682, 0x0148cf1c, 0x272695be,
-      0x392f2896, 0xa8d64ef6, 0x883d0bb5, 0x1cfcbc52, 0xef0d2244,
-      0x526117e5, 0xf5dafcec, 0xf04928e9, 0xb68612b9, 0x393f2e2a,
-      0x283f744d, 0x700c1151, 0xfbeed7ed, 0xa4360dfe, 0xf2cde215,
-      0x2f08535a, 0x24fa961c },
-    { 0x616df7f6, 0x0767db3f, 0xfbd90326, 0x643057d8, 0x6e82d544,
-      0x174daa90, 0x689643db, 0x2284f345, 0xcc89a060, 0x18b191df,
-      0xd6c27d12, 0xbab46af4, 0xc9895145, 0x5a57f486, 0xcc942f9e,
-      0xc03214e9, 0x41950158, 0x273e1c8f, 0x39ad43ab, 0x8ceb759f,
-      0xe50ee173, 0x5e1b8b7f, 0x8f4d7d4e, 0xf635b1fc, 0x755603f3,
-      0x8eff77e3, 0x7752fa60, 0x201f61d1, 0x4a6fb6e1, 0x94d7a03d,
-      0xfc4f0114, 0x371cc23d },
-    { 0xda90c351, 0x289b115d, 0x364d9c06, 0x6d196ebf, 0xf650b31b,
-      0x77a89202, 0x6f57642f, 0xcc28c164, 0x08100127, 0xdc4f7e36,
-      0xdc4c807b, 0x8836cd08, 0xe00240f2, 0x1280f156, 0x99cb3953,
-      0x3f9a6d78, 0x3a802038, 0x40a494d3, 0xe87d3474, 0x45697e91,
-      0x26dde24a, 0x70d97d07, 0x7640c30e, 0x06f6a58d, 0x5ba6e6c6,
-      0x03c2c0e8, 0xf1bc13e8, 0x330f6a7a, 0xc9f4d78f, 0x3e602e4f,
-      0x0c80fb7f, 0x92b6bca0 },
-    { 0x5f00822e, 0x2e3d5c83, 0xb8b16f12, 0x0e825712, 0x92b0a330,
-      0x81c329c4, 0xa7cc1954, 0x6b4e32ad, 0x1bb1413f, 0x0bee9cee,
-      0x4a92ca27, 0xedfb7baa, 0xea3b9153, 0xcd472afa, 0x00f0c0f9,
-      0xe8f09e7e, 0x5cdebb70, 0xa4e1d872, 0x4a9b63b6, 0xfe2bae08,
-      0x3fd58f65, 0xf40141b8, 0xa3b62759, 0xd7ec5eda, 0x790e3088,
-      0x9aaf6e67, 0x1f277e31, 0x215ad830, 0xcf33871c, 0xe7db4b98,
-      0x4f02f89d, 0x71ff62c9 },
-    { 0x2a4a84d9, 0xaa4c7102, 0x5ebc71e6, 0xe2ee4acd, 0xf1cd6578,
-      0x3b11a8a5, 0xfff120a5, 0x83f5ef9f, 0x09e65033, 0xa4c598e1,
-      0xca044180, 0xe1e9f990, 0xf59828c1, 0x8b832d46, 0x33af536b,
-      0x753f28a0, 0xb6d4f68a, 0x92edc4b1, 0x72ccd1f0, 0xedde692a,
-      0xd2226432, 0xd3aa0f7d, 0xa3d2661c, 0x38dbb63e, 0xfdc37dda,
-      0xf1e19fc6, 0x84ef6b4c, 0x6c18b350, 0xdf1bba69, 0xe6a83fe9,
-      0x5f958273, 0x40fd47e7 },
-    { 0x267140a4, 0x5b88b746, 0xeab6f2fb, 0x6dbbfc1e, 0x69862548,
-      0xdd9ec88e, 0x2eb6efc2, 0x69beeba1, 0x8ac8ff88, 0xcfc2214a,
-      0xb5a21950, 0x95d5c96e, 0x4171fb69, 0x93389c05, 0x1b468337,
-      0x2d85d452, 0x4113425c, 0x14d68a08, 0xec6c2174, 0xe52c0139,
-      0xf730084d, 0x20cf0b97, 0x1f578aa3, 0x1ac16a26, 0xf9b6ae43,
-      0x18b9fab3, 0xd854a695, 0x68d82111, 0xdffbe286, 0x0b334d98,
-      0xe639338c, 0x5b1c1157 },
-    { 0x72b6bb8f, 0x90edaab1, 0x02fc92c2, 0x8dc64ed2, 0xfe694c73,
-      0xf42ba3c5, 0xcb54dce4, 0x316dc65f, 0x632420dc, 0xcb2d66a3,
-      0x056dcf94, 0x16e706e7, 0xa4f32c9d, 0x2809c764, 0xea6edca8,
-      0xab18d830, 0x81c65f57, 0x4fd1ace6, 0x7da12c10, 0x1f91651c,
-      0xc7791a48, 0x0ac3bd66, 0x785e67a3, 0xb6ad1cf4, 0xda0fd591,
-      0xe4d3fc44, 0x6e1c6344, 0xce164801, 0x33e50ab3, 0x84de9cb8,
-      0xa756eef4, 0x963ab83a },
-    { 0xdf4ea5a3, 0x944b47d8, 0x5cfe45fe, 0x96568815, 0x8a3c3564,
-      0xd16e7d58, 0xe7c99e15, 0x84e55b3e, 0xf55071bc, 0x3fee204d,
-      0x04057dce, 0x71006f29, 0xbba75570, 0xfe8c390d, 0x3319adac,
-      0x3645bcb6, 0x7c20bfd8, 0x8189e8b0, 0x7d7d9578, 0x8e550969,
-      0xb99f4e3b, 0x037d1321, 0xa60cfb6a, 0x011b2521, 0x837382da,
-      0x66594aaa, 0x83c1dc07, 0xc89b91fd, 0x076b9884, 0x6b82b899,
-      0xbe45c558, 0x443480fc },
-    { 0x9114221a, 0xf8ffffb4, 0x3e857a7a, 0x4aec4f2e, 0x0fa54787,
-      0x42e2d0e4, 0xd6f96152, 0xef3e6b31, 0xfbfe9b77, 0xb2296537,
-      0xfb43a86a, 0xc2a9d0f2, 0x24572ac6, 0x241284ed, 0xe721ba7b,
-      0xa3868917, 0xc117a78d, 0xdbef7c00, 0xd31605ac, 0x38149071,
-      0x065a8ee9, 0xc2dada9e, 0xc442be82, 0xd5b138d8, 0xf6d72b58,
-      0x9b6c224b, 0x8eb03e6d, 0xb9d355cf, 0xa1700371, 0xab6d1eb0,
-      0xcffaa7eb, 0x97118a88 },
-    { 0xcdecb5d8, 0xbf9c59a2, 0xa93a6866, 0x8083c81b, 0x04774fbf,
-      0x24e0dd81, 0xa02070b4, 0xe779a3ca, 0x0fbfb781, 0x9d352fbb,
-      0x3ef2a1c4, 0xa8b0d820, 0x14b3e501, 0xb858637b, 0x8a882ff2,
-      0x5ba70a49, 0x3b06efa5, 0xa2730083, 0x102fee2a, 0xa42c02f4,
-      0x8a0223a5, 0xe4e76299, 0x85c3fc72, 0xdba2ba26, 0xfe52eae7,
-      0x554fe763, 0x270f45f6, 0x30b5405a, 0xa573387c, 0xd56a177a,
-      0x4b71fa82, 0x17c0778d },
-    { 0x2735e37b, 0x0e6dff1d, 0x656ec572, 0xc9884e56, 0x9ebba978,
-      0xa2f5ac9d, 0xba09f3c4, 0x40fa4518, 0xf5b04377, 0x8c3fa177,
-      0x967a2eca, 0xa1a1decd, 0x0528bd40, 0x768bca70, 0x18691c4a,
-      0xf224952b, 0xe86d5fd5, 0x16e12c45, 0x37859a6a, 0x7a0d9157,
-      0xa0ffce0e, 0x723f4309, 0xa96cc9a3, 0x5a8db79b, 0x1ad23a38,
-      0x6dd12ae0, 0xe2bf5d84, 0x9ffec3a1, 0xa452ed66, 0xd6ce84e1,
-      0x571fe4c6, 0x1219d5c8 },
-    { 0x262969eb, 0x43eaa67f, 0x2f03e773, 0x3a3ab39d, 0x57bb0909,
-      0xe6127e51, 0x8d150274, 0x0f82b0ed, 0xe580bdbd, 0xffffcad8,
-      0xa9743e6b, 0x51d3d075, 0x8bac11d6, 0x1484bdb1, 0xeb24c388,
-      0x95cd9990, 0x7fac67c6, 0x216a61d0, 0xa04e6b87, 0x4308f762,
-      0xcba57cc8, 0x2865dd61, 0xd234a07a, 0x3c296b0d, 0x3a0793f9,
-      0x76f92839, 0x0be29ece, 0x70b57e1f, 0x7e626f42, 0x1314a82f,
-      0xd657f230, 0x2c8d7ab2 },
-    { 0x0825e4d6, 0x67cf5892, 0x6ef83b44, 0xdf51eaa5, 0x1310108d,
-      0x63e665d8, 0x8dd0963f, 0x229f89f5, 0x9df6436a, 0x8c4b14dd,
-      0xd45ebba7, 0x99dae469, 0x5a4df381, 0x118aab77, 0x29e37feb,
-      0xda8978bd, 0xaca2d7ef, 0x69ced5aa, 0xc67d6a8a, 0x6c98d05d,
-      0x77f84a34, 0x7474bf0d, 0xed8cd59a, 0xd4428b2e, 0xd1d398fb,
-      0xb0fd1cd5, 0x94a20b11, 0x596013db, 0x1b404c44, 0x96eb705a,
-      0x4b09d958, 0x2299d277 },
-    { 0xc64397e6, 0x5b9cd58d, 0xbf6dd31e, 0xac198f1e, 0x3e9f1db2,
-      0x5866d8e1, 0x8fcdc68c, 0x405ae287, 0xe53c01fd, 0xa4b280cd,
-      0x411db5f6, 0xdc963f2d, 0xbec4f8a0, 0xed5d5189, 0x916ee98b,
-      0x336fd13d, 0x042df48e, 0x6925b1b3, 0xace0074e, 0x0cf56291,
-      0x25317e95, 0xe8d38b48, 0x821c446b, 0xc7ad1d2b, 0xf0b65934,
-      0x71c44135, 0x52ca0d50, 0x971b736f, 0x27b46c26, 0xaf9ffa57,
-      0x1936618e, 0x21ac6779 },
-    { 0x2d7fbcd2, 0xab420e3f, 0x97bdfc18, 0x12722473, 0x4df5d4b4,
-      0x492033f8, 0x3807b7d3, 0x6fcd4236, 0xb33c3625, 0xdfc19b09,
-      0xa0f22814, 0x13d6f375, 0x037c19b8, 0x70978a59, 0x0ff27b9c,
-      0x4f398997, 0x615a4389, 0xfc0e1a45, 0x3e602f74, 0xffa3496a,
-      0xb261ca1c, 0xc3f1c431, 0xee0164cd, 0x612211db, 0xe7f7be9f,
-      0x30463ee4, 0x92c2e1bb, 0x015f7e78, 0x24483a56, 0x663d88d6,
-      0x0e62d9d8, 0x0e8ec1e7 },
-    { 0x8a0878dd, 0xa88ccc29, 0x6640071a, 0x99ac175d, 0xa5173617,
-      0x90344820, 0xdd58a315, 0x316d023e, 0x88d221a1, 0x30785bd4,
-      0x959c48e3, 0xb74b3de7, 0x4c67a771, 0x42ee0382, 0xe0b91453,
-      0x59ef6cdd, 0x9b237e91, 0x7830ae28, 0x495d8325, 0xe1847a4c,
-      0xd0773666, 0x67b1217e, 0xa294a325, 0x58192c86, 0x864d8326,
-      0x76aa0f56, 0xf4b13e5b, 0xe2a2bd12, 0x1b6b73fd, 0xd850c1c0,
-      0x5d103635, 0x653a795f },
-    { 0x50dcb199, 0xcfe28985, 0x7fa02b60, 0xb35b8e5e, 0xc97603d0,
-      0xbca7d7c3, 0x27f131b5, 0xb0e5288d, 0xe2b12d52, 0x3aa704de,
-      0x1db725c7, 0xe206b1d8, 0xc5d1b113, 0x0b12839a, 0xdb45d763,
-      0x14f970cb, 0xb2125e8e, 0xc997f93e, 0xee7daa26, 0xbd75739c,
-      0x1fef20e9, 0x46ecbd3f, 0x7c6a42b1, 0xf994a114, 0x27fb0fd1,
-      0xd289eb4f, 0x9a40da4b, 0x11186d31, 0xfb9d7976, 0x083f65a5,
-      0xd444675e, 0x30dfc47b },
-    { 0x9eaadfe8, 0xbcfc5ae2, 0xb4d4e812, 0x25027e54, 0x8b533561,
-      0xab0702df, 0x56a6a214, 0xa2b9c204, 0x3059068e, 0xb1a3df7a,
-      0x9883110f, 0xa3514b21, 0xc4b78e1c, 0xb7be2336, 0x3e2f6984,
-      0x17073ce6, 0x2ddf7ac6, 0x86e114a6, 0x07d7c3c8, 0x276192bf,
-      0xeb1ae289, 0x5da69e0b, 0x25184939, 0x983af175, 0x407a3aa0,
-      0x9ac52a4d, 0xae0fe218, 0x1535c7da, 0x397f2501, 0xe16fe872,
-      0x54c212cf, 0x572a591f },
-    { 0x09a5553a, 0x49668419, 0x327733bc, 0x3f054318, 0x3eefd690,
-      0xf9ceb4b2, 0xf22126d4, 0xbd3cbf9b, 0x2fed9578, 0x6d9671c0,
-      0xca0306d8, 0xbba597ce, 0x3d674fe5, 0xb705ed61, 0x67f33f76,
-      0xf1d3622b, 0x11cb8c31, 0x15bcf3c6, 0xe53d1aa9, 0xa38467dc,
-      0xf908ab43, 0x902fe929, 0x8d15767a, 0x6e3e499d, 0x90afd07b,
-      0x8142db5c, 0x6c8b190e, 0x120c6fbc, 0x24919a4e, 0x80c86553,
-      0xd8c82c3c, 0x65c2cbe1 },
-    { 0xa660bb63, 0x684cda20, 0x86e86245, 0x27dc3b0a, 0x6ba0eed7,
-      0x76472cf6, 0x679dd158, 0x79c162e5, 0x08452d44, 0xb6884277,
-      0x413f579e, 0x829bc6b3, 0x95011770, 0x92ea15ec, 0x47738183,
-      0x5e34e300, 0x73e1d2f1, 0x8c3ca349, 0x229bd3de, 0xa5c4f1dc,
-      0x94ef7ed3, 0x783eff1b, 0xdfae7a1a, 0x46db738d, 0x1a099852,
-      0x4353d72e, 0xa0dcf4ab, 0x2533ad58, 0x0e7888b9, 0xd8055016,
-      0x3ba77f66, 0x831440d5 },
-    { 0xf611b2da, 0xf43e2e32, 0xd0fa46ac, 0x5d066e29, 0x820b3c0d,
-      0xe897f3e8, 0x1d3e44f0, 0xc45c28e6, 0xdfd27a66, 0x929d7f66,
-      0x101e8517, 0x735b860a, 0x3de078dd, 0xea3fce98, 0x638ce11a,
-      0xc9977db5, 0x48536b3b, 0x0488382f, 0x64cadfc6, 0x7e0c7a3c,
-      0x82147b71, 0x3cd17f7f, 0x1b411e3e, 0xe95663cc, 0x985fb46d,
-      0x5739ac8f, 0xbcf119ca, 0x385399cd, 0xe15a2815, 0x4a985a70,
-      0x6d5f4566, 0x504c3a8a },
-    { 0xb8fa53c7, 0x00b55283, 0x509474e3, 0x985cff38, 0x437ce25f,
-      0x234d241c, 0xe5a129ed, 0x29832430, 0xaabcc674, 0x6ad38956,
-      0x7ee81ee1, 0xa2dc001d, 0x670b2702, 0x4c23c6b6, 0xa6e8a3bb,
-      0xb35e567e, 0xa69673ea, 0xbc70b3ce, 0xe6e28eac, 0x85a7a9c3,
-      0x5537b7da, 0x2ae684de, 0x6de937dc, 0x5ecac3e5, 0xf8430422,
-      0xbf2ea6c9, 0x77fdc520, 0x38caf7d0, 0x69f56add, 0xc27af0b1,
-      0xc71d21d2, 0x496e4699 },
-    { 0x9fa93467, 0xba14fc82, 0x0eb2a614, 0xc2e37684, 0x4833e09b,
-      0x659bcfaf, 0x3686bdcc, 0xbc859752, 0x81f3216a, 0x40bfd080,
-      0x17c081b8, 0xc463bda6, 0xbb04793b, 0xbd01fa86, 0x2cd640c5,
-      0x5a21ece6, 0x2203d5c4, 0x97bf6a54, 0x951167b7, 0xceb40edc,
-      0x765ba268, 0xd67aacaf, 0xaeab51f9, 0x8ba0d9e9, 0xb0d6863a,
-      0xc14b215e, 0xe5f06952, 0x354cdcdb, 0xcb3744b5, 0x4f2b5ccf,
-      0x13037fe8, 0x13389173 },
-    { 0x45003cd1, 0xee680640, 0x44ae2ac6, 0xfdac17bc, 0xde8e5314,
-      0x4bcd419f, 0xc7cea95c, 0x81e34eb9, 0x38f37e01, 0xbb57762d,
-      0x260990c8, 0xecc4cfb0, 0x50a34a7b, 0x0bc493f9, 0x543304ef,
-      0x68074172, 0x6bc8aa2a, 0xaec0fcb2, 0x3b45fea5, 0x9e7a9b46,
-      0x55fbdbac, 0x4bb2952e, 0x0485dff4, 0x50f0c0a6, 0x4dea4796,
-      0x02c5104d, 0x695e3a02, 0xd2cefa09, 0x6da1f345, 0x4c8102b4,
-      0xf3833fbd, 0x422eb573 },
-    { 0xa6ad3f47, 0xac592eb6, 0x9714ba0e, 0xb0861f6d, 0x07281459,
-      0x57c1e919, 0x64ea5803, 0xcf7c94e2, 0x54b12723, 0x725376ac,
-      0xdafb736a, 0xf2a6ba41, 0xcba03cdc, 0xc89e8920, 0x5b0fd3ad,
-      0xf2e20cb4, 0xd66059fe, 0x26ea5a54, 0x889df8bc, 0xee63fa8b,
-      0x66a3f2bf, 0x40f1c7e1, 0x747312e1, 0x09febc9c, 0x727999ff,
-      0x7d19b9c2, 0xb7fd2b05, 0xa9fbbb4c, 0xa0da2dc6, 0xcfba27d7,
-      0x2c252582, 0x368541cf },
-    { 0x22799d37, 0x510d3c9e, 0xacfa333a, 0x1b677de5, 0x080f795b,
-      0x4e6ae18f, 0xafc8dfc2, 0x69b53c2a, 0x0e842dc2, 0x797541b6,
-      0xac067fe8, 0xd5a6f2af, 0xbd07d877, 0xd0208a03, 0x654be2f2,
-      0x34b473f0, 0xf515e23e, 0xe67c102a, 0x2ac1af48, 0xb00dbf9d,
-      0xb6a13d00, 0xe264fa41, 0x97e94c11, 0x1669786a, 0x86a586f4,
-      0x09d8cf2d, 0xc7f927e9, 0x073bf869, 0x2241a566, 0xb8977880,
-      0x22261334, 0x59a5bf59 },
-    { 0x81347191, 0xe9d1c91e, 0xeb969972, 0x186c1abc, 0xa9d46a7f,
-      0x07888767, 0xdaa7d397, 0xda93cfcc, 0xd91b9aa0, 0x08bee9f1,
-      0xf8dd3c6c, 0x8267fd78, 0x94228100, 0xf93860d0, 0xdadb47fb,
-      0x6a6a71aa, 0xa6156f8a, 0x9caa06b7, 0x39848bc9, 0xaa1b05e0,
-      0x2aaa9135, 0x36ddc237, 0xb13f3bd1, 0x77e7e079, 0x4acc5f4d,
-      0x8d0b5cbe, 0x984cfd36, 0x04da45f8, 0xd3d3e0f8, 0xf14ef618,
-      0x43eb799c, 0x467564c1 },
-    { 0xb6fff5d7, 0x8d725904, 0x92dc4752, 0x037f33af, 0x6d20b8aa,
-      0x9095d575, 0x43baec39, 0x32235fc1, 0x68a2b9b0, 0xa2feb4af,
-      0x94d35c61, 0x61c50318, 0xea877486, 0xac92b6a2, 0x011bc6f3,
-      0x8eb48b15, 0xc79edcb2, 0xa28fe128, 0xa5d2a006, 0x9f71bc0c,
-      0x2f15b850, 0xf3167732, 0x7a036218, 0xfe8d728c, 0x4f81e09e,
-      0x068f39cb, 0x7b7c50d9, 0x1773f016, 0xed6a1e03, 0x0d0f7adb,
-      0x4ee984d5, 0x8a0dee16 },
-    { 0x47366e6f, 0x504991bf, 0xe86c3005, 0xb8084d9f, 0xa40cce36,
-      0x14c4c751, 0x3f1961e2, 0xbbb46aa6, 0x40445e43, 0x56a785f9,
-      0xc91e215f, 0xdb8d1b57, 0xc7ee808d, 0x6a8e453e, 0xbbaa1e8c,
-      0xc0367ef8, 0xe3e18109, 0x310d91f1, 0x7e20a2c3, 0xf97cfd0e,
-      0x554cc277, 0xf1e80c84, 0x7b628403, 0xe89bbc1d, 0x3fe0a17c,
-      0x7778a966, 0xc1f00073, 0x9e9db19f, 0xb6f6bed2, 0x2ce7fe7d,
-      0xee97ce23, 0x7b04b5d2 },
-    { 0x82c5faf8, 0x5b546bc7, 0x8eb81097, 0x1a734c5e, 0xe77851e0,
-      0x3d566861, 0xe956d51f, 0x833a1013, 0xc3c3c37c, 0xc7351731,
-      0xe0c148ec, 0x607738fb, 0xe1bbef41, 0x2ec6f0bb, 0xcfa51857,
-      0x0aa2ac6e, 0x66e3adf0, 0x072902d7, 0xc622d6e3, 0xcd4d5089,
-      0xa6dd802f, 0x3ae21b23, 0x33886372, 0xe5465a55, 0xa8d81822,
-      0xd85119a0, 0x3786977a, 0x4f14d032, 0x9c7b272c, 0x515b081c,
-      0xc99be31c, 0x1c6a95a4 },
-    { 0xc2821363, 0xa6b14ad5, 0x4d17de1c, 0x829c1823, 0xccade848,
-      0xaef5d2c4, 0x82489e27, 0xf412ab39, 0xf081d927, 0x92c9c098,
-      0x75cbad1f, 0x6f87bdf4, 0x1a1d9fb1, 0xf4aadab8, 0xb75f3b76,
-      0x475a7923, 0xdbbba8fe, 0x99dd0ad6, 0x4b70ab45, 0x836f6164,
-      0x34bd9af1, 0x2a464881, 0xba9abda3, 0x5c91226e, 0xe65625fb,
-      0x4cec8709, 0x0818e4be, 0xd4b3919e, 0x14f6879c, 0xa5c09c84,
-      0x30a864c9, 0x72708a02 },
-    { 0xf34a466c, 0x4f33c0b1, 0x7f9d45ba, 0xa1bae09c, 0x0e28785c,
-      0xd70f0fee, 0x90880881, 0x824c7146, 0xbb043da3, 0xe2416c2a,
-      0xcec6f432, 0x733da713, 0xc9793e1c, 0x2b590649, 0xb35c9365,
-      0xdb62d5b0, 0x3e5c1b2a, 0x355eb6e2, 0xbb16b515, 0xcfe8b5ce,
-      0xf709691c, 0x9e081869, 0x61a85bd5, 0xc865f9fb, 0xfae103f7,
-      0xf169d3cc, 0x73467e9d, 0x9525c473, 0x43695113, 0x7db55c0b,
-      0x73265d21, 0x7491c74c },
-    { 0x80d2b94d, 0x312ed5bf, 0xba4b260b, 0x1b8ac633, 0xd62219a1,
-      0xac86c58c, 0xaeb82c8e, 0x317ccf6b, 0x59ef9ced, 0x2dfb29ee,
-      0xe42bcd5a, 0xdaa7d898, 0x5974b201, 0x93e295c8, 0xd9fc5adc,
-      0x69e75784, 0x012aa3ba, 0xd6c4709f, 0xc85d3cb9, 0x1fda9f37,
-      0xd3dd4abd, 0xe5487e25, 0x0b3ba22e, 0x00fd4b01, 0xc6e8dcbb,
-      0xcb591493, 0xbce68664, 0xb7329fab, 0x68906b76, 0x6829d1c2,
-      0x74176841, 0x8bcfd3e5 },
-    { 0xd3c8c314, 0x06882734, 0x11870833, 0x95f0b2f1, 0xc068ba16,
-      0xb937f7c3, 0x77924787, 0x5365e0d8, 0x1f992227, 0x15527e5e,
-      0x27dffd4f, 0x0a069648, 0x2f586389, 0xd58b3df2, 0x6af20ead,
-      0x83446b89, 0x50746257, 0x09d7970b, 0x4022a691, 0xd9e8d206,
-      0x671ec379, 0xd1e5f8af, 0x057fe91e, 0x6f542509, 0x52890418,
-      0xf14dda81, 0x1db932ad, 0xbd78010e, 0x905a9378, 0x3e18d1e4,
-      0xbd37ab49, 0x53cadcf7 },
-    { 0x5e53d0ff, 0x1bb5edf7, 0x888abf67, 0xd886606c, 0x12206d15,
-      0x6491b0f8, 0xe22b6a33, 0xb3018345, 0xb173b317, 0xaba6794b,
-      0x7dc9e595, 0x8c1e5867, 0x239624d1, 0x4e106482, 0xda55dd53,
-      0x61752e59, 0x9e42879c, 0x018b4eab, 0x491f2bed, 0xcaf6784b,
-      0x1e79429e, 0x3dcdb9d2, 0x10f26224, 0x36941485, 0xa650ec5c,
-      0x106f190a, 0xb69a9760, 0x7542a5ae, 0xc32d1046, 0x69bd75e9,
-      0xbf8c62b1, 0x90849964 },
-    { 0x5a93c661, 0xb1390cf6, 0x9db5f056, 0x18486264, 0xa51a1788,
-      0x92a93a9d, 0x6772de9a, 0x1b0cbb8f, 0x7c71487c, 0x6e67febd,
-      0x4e62423e, 0xf9b4382d, 0xbb5a42f8, 0x96fda50e, 0x6089a4f2,
-      0xc921b337, 0x875ec516, 0x49d32d7b, 0xc410124b, 0xbd86d2ca,
-      0xc421fb7a, 0xf6862209, 0xf6b7de33, 0x3e1949ab, 0xe93c9268,
-      0xcdee18f0, 0x08dc4cc0, 0xd4edbd5e, 0x73580d22, 0xc2b75be4,
-      0x468cd7e8, 0x3d7f6ffa },
-    { 0xdffbd5d1, 0xea7b290c, 0x970338df, 0x9d759da6, 0x90feedc9,
-      0x56680b08, 0x42dce68e, 0xbc690af5, 0xb2ae4d82, 0x8519df2b,
-      0x7f195b60, 0x5612467f, 0xd83c21f4, 0x659a342c, 0x55651633,
-      0x55771bf5, 0x548ba562, 0x5fc68935, 0x9492f23a, 0xb5419203,
-      0x9c9c6017, 0x567528e3, 0x511e6019, 0x3f064ed4, 0x1d16a555,
-      0x303f9eb9, 0x2254abee, 0x3e18c4fd, 0xfd434e7c, 0x40994d6f,
-      0x6dde74e6, 0x8fb12d3f },
-    { 0x293cb7a4, 0x6c6381a2, 0xb87b7e4d, 0x453e09f0, 0x078ac3ef,
-      0x4f212823, 0x578cae91, 0xe89ffad0, 0x716ba4dd, 0x4a2b696a,
-      0xf6f580a0, 0x14681a14, 0x4c2f1307, 0x1358f97b, 0x2932fb89,
-      0x87896996, 0x268a5af7, 0x29dd850a, 0xfe239f83, 0xaf771f6d,
-      0x4f47499d, 0x5f20fd2e, 0x867ca0e9, 0x9b643e77, 0x375981ec,
-      0xe7858ecd, 0x19ab1c97, 0xbe946a59, 0x06ff3453, 0x4f9303a2,
-      0x75d237b1, 0x3fcc6731 },
-    { 0xdf21f920, 0x509debd5, 0xc1401b90, 0xfaf70e1f, 0x95a64aaf,
-      0x2429cbfd, 0x2c37a122, 0xf2120855, 0x7deb926b, 0x1d4c93f4,
-      0x9fb3f1dc, 0x12f3e4c0, 0x5b51bc46, 0x56085a59, 0xf10fdbd2,
-      0x2a2f5d62, 0xdf0cb3c2, 0x60dd62cf, 0x6b0f254b, 0x154424a3,
-      0x564612b7, 0xc3a5a05d, 0xa1f5249c, 0xbebe30cf, 0x7e62a188,
-      0x24ec6903, 0xaf429939, 0x75f0fbac, 0xb3fa8685, 0xd41345dc,
-      0xc7151c34, 0x645146fd },
-    { 0xba1924f9, 0xecec633a, 0x006326e1, 0xbba6f136, 0x7e50fc17,
-      0x203757ac, 0xef3d8e00, 0xca531919, 0x51dc5a74, 0x9545a6aa,
-      0xd31412b8, 0x6e21d58f, 0x7bb1d000, 0x01bc3005, 0x6ed1a9c3,
-      0xf1789c69, 0x9858fa48, 0x7af2d35f, 0x8197be85, 0x434d09b9,
-      0x29aa265d, 0x1dc07755, 0xc058fa80, 0xcad03be7, 0x54ba14ce,
-      0x92d70a9f, 0x6c050a74, 0x6dc78505, 0x4d005dda, 0x2a7ca4a9,
-      0xabfb9f2e, 0x448d3d72 },
-    { 0x29b33989, 0xdc56f145, 0xa9ae815a, 0x868351bc, 0x4b074414,
-      0xb3f45613, 0x3cd9f33b, 0x955ce42a, 0x5ff6e4a3, 0x13ade4ec,
-      0xa50eaa91, 0xd3aac715, 0x5666efdf, 0x0c61ec99, 0xf6a4470a,
-      0x108a28b8, 0xe54844c9, 0x402ef584, 0xd0e2f337, 0xb825b162,
-      0xb46f7cbc, 0x3dcd131f, 0x96f2fd89, 0x208178ec, 0x25928c78,
-      0x4d8c5d67, 0x9963c459, 0x285a33df, 0xd92a309f, 0x72497175,
-      0xcb7019a5, 0x76881479 },
-    { 0x91767eed, 0xba43a114, 0x92bf65db, 0x5e11b9ad, 0x03a5e21a,
-      0xe8a22ce0, 0x2a335415, 0x63604421, 0x4a9ead62, 0xc2c563b4,
-      0xa0b2aee5, 0x4bc06264, 0x8bf2e1d7, 0x75b8d575, 0xd08a265d,
-      0x1cff0ee7, 0xb0b712a7, 0x17914e1d, 0x4b18692d, 0xc35925d0,
-      0x56cce815, 0xde253f4c, 0x9fff0e3a, 0xa479241c, 0xddabed19,
-      0x50b9d06e, 0x59fae506, 0x67135260, 0x532ce180, 0xf37600fb,
-      0x5e5a8626, 0x670eb01c },
-    { 0x73cdbb43, 0xdf73c0af, 0x7f2431ad, 0xcf08ecc5, 0x2a1a3845,
-      0x91780541, 0x9224ddf1, 0x69a104f2, 0xbeac7eff, 0x4352f38d,
-      0x7c2d1322, 0xfc3b3b4e, 0xb5e4b476, 0xa69e9430, 0x975a46f0,
-      0x7d932340, 0x5d64eece, 0x8093899e, 0xdb2345e9, 0x7b821250,
-      0x7f4b796b, 0x23552932, 0x4bb90b1f, 0x2ee9cc15, 0x9112f7d6,
-      0x1fa9c8f5, 0x1cbaae32, 0x2d0f2f98, 0x0075166a, 0xb77f0366,
-      0x635dff27, 0x504852e7 },
-    { 0xa2f392fa, 0x2f0f3ce5, 0xec6c9078, 0x326c076a, 0x84baaaf6,
-      0xad01de92, 0xcbe8e993, 0xb01b16d3, 0x2d950908, 0x71305c24,
-      0x3853af38, 0xc66fd617, 0xd3c429a0, 0x7735140e, 0x1fabf027,
-      0x8a31b12a, 0x058b3177, 0xa0530002, 0xa9c7deb9, 0xabffd9fc,
-      0xe8667d30, 0xd05ef69b, 0xe9a9e13f, 0x2f3a7308, 0xb91eae9c,
-      0x3f4c9a19, 0x618ce6c4, 0x50d0cee7, 0x5240f8b0, 0xfb24dc40,
-      0xf7e90cc4, 0x992fe151 },
-    { 0x38f197aa, 0x4454db31, 0x87872f98, 0xa4ded69d, 0x44f0a828,
-      0x97b427b0, 0xa31e48c6, 0x9821e1ae, 0xdd98efec, 0xe38cb09f,
-      0x480cb3ae, 0x20b84fa8, 0x47475573, 0xba5bb4a8, 0xcd50e96b,
-      0xa9be080a, 0xef103550, 0xc4451e9c, 0xc441325c, 0x626ee75f,
-      0x38a5e33d, 0x6eea5e98, 0xa2b0abd2, 0x7321beb9, 0x9b6082a9,
-      0xca92e484, 0x992bcc2a, 0x1dc8168a, 0x9c8eb9fb, 0x134ecf4b,
-      0x4c5b71e0, 0x5a68bfa8 },
-    { 0xff0a2bfb, 0xb4ff3b45, 0x5502f8b0, 0xd105fff9, 0x5b1c0c26,
-      0x14de5885, 0x0d3b9d04, 0xed16865b, 0x026d3917, 0x2f5a2453,
-      0xf4db3c0e, 0x6a22f493, 0xe2418f2e, 0x4871548a, 0x509bef61,
-      0x6ab363a8, 0xb8cbbbec, 0x91ca1e3a, 0x4011a396, 0x71e0dc98,
-      0x0d5ca577, 0xff982e0a, 0x81897bc1, 0xeb40b045, 0x085ad5e7,
-      0x4bc24a46, 0xa6337b7c, 0xd15c8fa0, 0xbef1628f, 0x56ce6ef7,
-      0x9f5ef439, 0x78acfdf9 },
-    { 0xf8520189, 0x45bf7f15, 0xc77f61c4, 0x954202a0, 0xdfa22e1b,
-      0x39edc6b9, 0x1f4a3487, 0xd2d60267, 0x4814cc52, 0xcd933929,
-      0x05e9f123, 0xde76a124, 0xae36b6f7, 0xe2306ea0, 0xb83a58e0,
-      0x53815218, 0xa041231a, 0x9862bb76, 0xbf31be71, 0xe8da253c,
-      0x37de861f, 0x2dfc5332, 0x90ae4890, 0xf25c93f6, 0x8baa6ed2,
-      0x66bcb8f0, 0x908b4a29, 0x6f10ae0f, 0xb061c949, 0x8cb4b48c,
-      0xd075a366, 0x0ad92d73 },
-    { 0xc2ca548a, 0xbfb95fed, 0x80cd89ab, 0x4778c620, 0x3466c280,
-      0xbe99154b, 0xd4be8902, 0xea3be093, 0x13e681ed, 0x847b7995,
-      0x02f40161, 0xf22a8f4b, 0x4aeb7fe8, 0x3ef2cb4d, 0xb3aed5f6,
-      0x9adc5151, 0x98c31163, 0xec1ccfd1, 0xa3d7d88f, 0xdc2ac17b,
-      0x46421097, 0x08fa64d3, 0x94b90bcf, 0x5ebf80b7, 0x0b50a9eb,
-      0x1b78b4ba, 0x279aa66b, 0x1a4fe934, 0x075b3ced, 0x8ef4dcaf,
-      0x70a6e9ae, 0x95bbd8a0 },
-    { 0xe614bbd0, 0x59f92495, 0xb823e363, 0x7567a887, 0xfc1bd6a7,
-      0xe247c9ec, 0x8e835c42, 0x2bfaaf47, 0xaade066a, 0x314ef4e0,
-      0x5c16d336, 0x072baa63, 0xe2f0e389, 0xfa429c71, 0xbd07d90f,
-      0xcac1e5d0, 0x514f5c04, 0x69ff35ea, 0xc0554ec1, 0x893053fc,
-      0x2a35947f, 0xab1d86b7, 0x2aebe487, 0xe29fb060, 0xdfb9cf21,
-      0xa0a10d6d, 0xf20dfcf5, 0xad147059, 0xb8867a2a, 0x480dc66f,
-      0xc125a919, 0x375a884f },
-    { 0x1217f7ea, 0x178cbe2e, 0x875c6dab, 0x1a161e2a, 0x1bdb1a54,
-      0xf7707ec0, 0xe4fd73ca, 0x678864a0, 0xd13a0d86, 0xbaebc664,
-      0xc8d30668, 0x40325f99, 0x2f1c5950, 0xb93ed9c9, 0x541e0667,
-      0xfdf36763, 0xb91a6763, 0xfd97fbb0, 0x6079c9a0, 0x26aa69ea,
-      0x1eaa8c47, 0xc7303c80, 0xafa63c55, 0xdec75c81, 0x4fd12adb,
-      0x01cdcde2, 0x1968838a, 0x9fe0dda7, 0x38415379, 0x66bb093b,
-      0x08cb84ec, 0x268d818b },
-    { 0x41580555, 0x73dae358, 0x473d103b, 0x4fc32e67, 0xbeccc1ab,
-      0x240c1013, 0xb24ee9de, 0xda4099f2, 0x9fa8e066, 0x37b0cb5b,
-      0x6438d7ee, 0xb5ae04e4, 0x2b720140, 0x7f7d3164, 0x339e4a78,
-      0x86ef4edb, 0x3a7d8375, 0xa5e77eed, 0xbd707c2e, 0x883fad37,
-      0x0f979189, 0x816b633a, 0x2e7a208e, 0xe24c028a, 0x4435516a,
-      0x1171fe3c, 0x4f5f2bf5, 0x3eb93b33, 0x01b53a56, 0x8419ed4b,
-      0x056ca44b, 0x8b02735c },
-    { 0xe1019195, 0xb89bb464, 0xf3fc28c1, 0x1de4c026, 0x2bfc3b21,
-      0xac120e6e, 0x91bdf92f, 0xec71bc5a, 0x0d995bc9, 0x485d7ab4,
-      0xe6491ffe, 0x97c6768e, 0xafbce265, 0xd9552d19, 0x8e1b76c2,
-      0xbae6c7fe, 0xd7e3ad1b, 0x167d8281, 0x5e989734, 0x3e149af9,
-      0x8a0c8182, 0xd1f0024c, 0xc3006c0d, 0xf571ffdb, 0x58773d4c,
-      0xb32ecf7e, 0xfd3540d8, 0x5822a782, 0x04365042, 0x5ab45c3f,
-      0x4b4d85fe, 0x400e3aa0 },
-    { 0x5e46e4a2, 0x47321649, 0x24136074, 0x37a2ed64, 0xc60ec77d,
-      0x659223b1, 0xe5e0ac2e, 0x5e13aac3, 0xc5107ab7, 0xda17c41b,
-      0x73c253db, 0x65b22ec9, 0xa5012296, 0xff3867b8, 0x0621a99b,
-      0xfed660d5, 0xc89fc3f5, 0xa3c28506, 0xf16451a7, 0x3ed350b9,
-      0x67cb586f, 0x27c3e032, 0x967185b1, 0xc807c779, 0x4a13009b,
-      0x09c157d4, 0xadaf1f4d, 0x362f7647, 0xf3a6a198, 0x4a42b9ac,
-      0x8da6e039, 0x131c3da2 },
-    { 0xa7da83ba, 0x4a785ff1, 0xd04f4436, 0xf415b425, 0xec03f812,
-      0x7c0899bd, 0x80f5f4a2, 0xc58d411a, 0xfda251b9, 0x3d32d610,
-      0xcd3b2f32, 0x99bb4504, 0xf4c2083c, 0x198c444b, 0x730e83fd,
-      0x60c261af, 0xcb02db90, 0x060ca4df, 0x9df1e7c8, 0x0ff7838b,
-      0xc4c690c9, 0x6b79cf97, 0x5d75f154, 0x131514d7, 0x1cb0e8ff,
-      0xa7c074f1, 0xb2c17615, 0xb920aac1, 0x44aa0ff0, 0xde8098ad,
-      0x34545ce9, 0x71d1a46a },
-    { 0xfa1b382e, 0x76178f76, 0x772dda0d, 0xa0d8ecc3, 0xc5d4d130,
-      0xaa5aab2a, 0x8d72622c, 0x27d38ba4, 0xca3bed06, 0xc5410db6,
-      0x793ceccf, 0xf637a588, 0x6e65e3d7, 0x1f65dafd, 0x60a45641,
-      0xc3b44a85, 0x4f78540b, 0x0f47b3a8, 0x5e4d60f6, 0x824fdadd,
-      0x17d3b6d5, 0xd8ccf90c, 0x325fc13a, 0x008eabdf, 0x3648fab9,
-      0x3e90d716, 0x24c52d4b, 0x3964ff3a, 0x533d0acb, 0xb95cc416,
-      0x1167f521, 0x6cd2699f },
-    { 0x12f4f3ac, 0x2d8c0b3b, 0x99d1bdfb, 0xb03dcfe2, 0x30f37326,
-      0x540034f8, 0x7c5a8c82, 0x22dd6893, 0xcd8f1442, 0xeb7093d0,
-      0x585742f2, 0x892795a7, 0x087adadd, 0xe15f282c, 0x16ab7b5e,
-      0x7bbdc749, 0xa58acbb4, 0xd30fe40b, 0xe2bac39b, 0x0de417eb,
-      0xc61a04bc, 0x4b4b19a6, 0xf2735569, 0x9338c34d, 0x30ab196f,
-      0xe8f03742, 0x6c88c965, 0xfa2efcb8, 0xc7eeb826, 0x19eee274,
-      0xda345dc2, 0x327c063f },
-    { 0x5b47cd53, 0xab399eff, 0x1943aefe, 0xbbe9869d, 0x1402a866,
-      0xe64ecc7b, 0xb1c25a16, 0xc3e7c2aa, 0x022de271, 0xc4216b79,
-      0x366d6a5f, 0xe58dfcc8, 0xda813336, 0xd159509e, 0x130bfb7c,
-      0x370400f2, 0x93b48780, 0x1be4e059, 0x39f3cd22, 0x0623a1fe,
-      0xeecb4f87, 0x72aa22b2, 0x6c27b83b, 0x1af4c496, 0xda5fa5bf,
-      0x7a42a94b, 0x48b01af2, 0x9afba822, 0x3670112c, 0xeb6b9d2a,
-      0xc0df6856, 0x020f19d1 },
-    { 0xa4dbba20, 0x37051a86, 0xdb1de5c5, 0xb618ebc6, 0xe6525840,
-      0x9a780a19, 0xd2bccc4d, 0x9440302d, 0x10285a24, 0xe9ff023d,
-      0x3a486268, 0x3b937ee3, 0x4cd61147, 0xe37ee2f2, 0xa3d057cf,
-      0x79fbbfd3, 0xccddefce, 0x5fba16d3, 0x5b231727, 0x916058ec,
-      0x720c3adb, 0x47699ebe, 0x8b4f6bba, 0x26274386, 0xf18a0770,
-      0x54b0092a, 0xacca1160, 0x99d090eb, 0x0c888f60, 0xf757e1ff,
-      0xb0050544, 0x79e72720 },
-    { 0x2820a239, 0x632acf25, 0xaae6b310, 0xb1a3974e, 0x48c0a1df,
-      0xd61fd6ba, 0x5a3ee7aa, 0xd2453c39, 0xb980446d, 0x548455a0,
-      0xde16676f, 0x9f29d97b, 0x789375a1, 0xf252ca0c, 0x7743a985,
-      0xe961af3e, 0x66cdbd8d, 0x70c79c56, 0xcbc538f9, 0x14a3854e,
-      0xa126851c, 0x58daa73a, 0x2a9f558c, 0xe9b5bb45, 0xfbd15e05,
-      0x37af7f83, 0x38a1939d, 0xa4487927, 0x9511a056, 0xe428b2b5,
-      0x7015846d, 0x001d3ce3 },
-    { 0xe145b1d7, 0xd6be36b9, 0x009c5664, 0xf3e3938a, 0xe7c0f6db,
-      0x2e562e7d, 0xc343f539, 0x951044e6, 0xd90897b1, 0xa5ab62b8,
-      0x512f797c, 0xb1a1f70b, 0x750f28e4, 0x91cdd754, 0xffb8165d,
-      0xb4c80e2f, 0x594d02b3, 0x65ed39c7, 0x56833edc, 0xcc12a49d,
-      0xf3693a18, 0xe73694bc, 0xfcd2c404, 0x34cc134a, 0x11d40194,
-      0x071bd5fc, 0xfc585e46, 0x05759047, 0x790b7a04, 0xb3280360,
-      0x40afc684, 0x4bb8c6fc },
-    { 0xfd0f8796, 0x3120e2dd, 0xb133c9de, 0x6968a40d, 0xa9369c6e,
-      0xfea366c0, 0x6007273b, 0x37e5b6d6, 0x8cb81439, 0x39e4ecf0,
-      0x9febc005, 0x487fe9cd, 0x0199b53c, 0xeb8af444, 0x293519eb,
-      0x2f124e3b, 0xc82c9c16, 0x860c218a, 0x709dc590, 0xacd1d6f2,
-      0x36d50529, 0x5696d545, 0x59120bfc, 0xc03f5df9, 0x10ffa690,
-      0x99a3e88d, 0x6c432827, 0xd4f9cfa5, 0x9a135d89, 0x2e8fea9e,
-      0xb6a77e78, 0x3699a881 },
-    { 0x1eb1c64d, 0x5bca3372, 0xf1d28154, 0xe9cf3a2d, 0x6537106f,
-      0xb7e2e9b3, 0x4f7cbf4d, 0x06c17151, 0x2058b37f, 0xcbde416e,
-      0x8834e9c5, 0x82c53a7e, 0xe9ac3a75, 0x94dbdfe2, 0xc5e67c02,
-      0x795ec6cb, 0x1426a80d, 0x8c23c25f, 0x6a8d4f9f, 0xee2cd20d,
-      0xd3b7c235, 0x838daa54, 0x3d7a4d52, 0xb9e08ec0, 0x781cb473,
-      0xca9475e9, 0x5ec31caa, 0x7271f39e, 0x82535187, 0x1df08e9f,
-      0x208aff8b, 0x4f3a4b03 },
-    { 0x1ed095f8, 0x0f7b8107, 0xda226d4e, 0x23e37fa6, 0xafb36d1d,
-      0x8b0f9852, 0x07d8e311, 0xb114634e, 0xe3e0f16e, 0xb9634a97,
-      0x421eec37, 0x2454bb9c, 0xd72b21c1, 0xb4ecd5db, 0x6df20d7c,
-      0xf9603868, 0xdf86e0a2, 0x9f5359fd, 0x5ac488aa, 0xc43d54fa,
-      0xd1049df4, 0x56d714ab, 0xb020607a, 0x13152b3e, 0x7a02325e,
-      0x49be1c18, 0x52ae84db, 0x44f24f4a, 0x0b5a7b80, 0x9e525c03,
-      0xa6d179fd, 0x6d874446 },
-    { 0xbe9a42f5, 0xd29d07aa, 0x3781ccc8, 0x1fd5316c, 0x9dc69ea1,
-      0x71a75a6d, 0x88fee91a, 0x4e19e0df, 0xf8d44f12, 0x99c2b4dc,
-      0x31ae94e4, 0x05f6df92, 0xcf28ccc2, 0x27fba876, 0xf57f7ceb,
-      0x6e1a0f01, 0xf3fd3b74, 0xe03f1f34, 0x42c1d213, 0xa0edc4a7,
-      0x7deb8580, 0x5caac270, 0xaf0848bc, 0x0f5d791f, 0x07ac759d,
-      0x17f514ad, 0x904fc531, 0x95a39734, 0x7bb70f3d, 0x95a4aca9,
-      0xff9c5609, 0x3cf384c9 },
-    { 0xce1fc9e3, 0x700506ba, 0x676b0399, 0x49721742, 0xe72bf7b3,
-      0x2b4a1b8d, 0x79b209f7, 0xca8602a8, 0xce26a8e1, 0x90580b90,
-      0xfe24f39a, 0x1ef339b7, 0x629362e1, 0xb6c5d991, 0x577b24f4,
-      0x51174e1a, 0x05e451e9, 0xf380fcb5, 0x148321bd, 0xf4d97afb,
-      0x747e5d2a, 0x099806bb, 0xbe99a608, 0x85525d65, 0xd455e820,
-      0x264828d9, 0xd8560a65, 0x8c8c5405, 0x71030770, 0x3c67e73c,
-      0xee73df26, 0x2b248850 },
-    { 0x8541159f, 0x2173cde6, 0x4fb410b2, 0x78224c18, 0x1f2ca1c7,
-      0x07a28619, 0xa8b23e40, 0x52c207d6, 0xa6b2344a, 0x071a0210,
-      0xb5ed2945, 0xdb0e587c, 0x810fcc6c, 0x6c56b8ef, 0x62d843b9,
-      0x1248c58f, 0x74c66975, 0x4b90363d, 0xe66c66f6, 0x6348f7f2,
-      0xc126bcbe, 0xb2f9d441, 0x73ce49e8, 0xac07f2a3, 0xe81b0df0,
-      0x52486758, 0x1d4621d1, 0xa108b54d, 0x74414a1c, 0x17261ece,
-      0x6a3ac215, 0x938b3bcc },
-    { 0xe4ded340, 0xa9e4a16b, 0x80e88036, 0x8e65fb2a, 0xdcd73acb,
-      0x97089606, 0xaaa657a9, 0x1c3a0434, 0x49101b06, 0xf304fc58,
-      0xda0bb64c, 0xe60fb61a, 0xf5542df5, 0x818c2aec, 0x56f76d5f,
-      0x74020576, 0x92533d97, 0xb566b790, 0x74d6eb5f, 0xae4655e5,
-      0xa55b44b7, 0x60f7a1b5, 0x93747ea5, 0x7970179b, 0xf2dace56,
-      0x8ae7e0e8, 0x84e83c06, 0x98474607, 0x15307341, 0x24e8c9ed,
-      0xd9e89d6b, 0x6cff58a5 },
-    { 0x03e51f68, 0x508c01b0, 0x1d2fe7d6, 0xe1d1f225, 0x09bd8805,
-      0xf7998d0b, 0x03e415b7, 0x255e907a, 0x607d9798, 0xd148467d,
-      0x9b453896, 0x055c3b1e, 0x809f50f4, 0x35001013, 0xd0233fdc,
-      0xfbbb2fa6, 0xff1820b8, 0x0b680b0a, 0x38d317e0, 0xb1d404dc,
-      0xccc8c7df, 0x133d5444, 0x6ec13f84, 0x7fa847e6, 0x046e2e48,
-      0xc33f83d8, 0x4863b3ac, 0x3c627fc5, 0xeb936af7, 0x5f67f8aa,
-      0x31b79327, 0x5fe4ac8f },
-    { 0x8b6f401e, 0x581aa4bf, 0xad5c7ed4, 0x05db12a3, 0x6fb07b4a,
-      0x7b018726, 0x9c22bcd4, 0xfdd11f04, 0x69371c95, 0x5454a7d4,
-      0x99a46eaf, 0x066c55fb, 0x7fef96d0, 0x18637c7c, 0x6b83e95c,
-      0xbafc1d34, 0x00bb42dc, 0x55c38593, 0x34e7e712, 0xdd8dec2b,
-      0xb184cee8, 0x69c9cfb0, 0x49a27864, 0x8dcc0c42, 0x2010f2e7,
-      0x290d95f2, 0x6977a420, 0x86e254c9, 0xeb2abdad, 0x20931c89,
-      0x121c0548, 0x81377164 },
-    { 0x9c5a8edf, 0x6266b25e, 0x1078a7ad, 0x6e1388c2, 0x4876eedf,
-      0x5f02737d, 0x62744617, 0x242fa7f9, 0xb385382a, 0x3e2cfbd9,
-      0x02f71bef, 0xbadad7b1, 0x677d0a92, 0x562abcfa, 0x51fdff34,
-      0x573ebd17, 0x7c250c78, 0xd7f65852, 0xc47ca896, 0xe0cf16ee,
-      0x67622c9e, 0x8ccd79b0, 0xf8f2c075, 0x31fc5882, 0xa6008515,
-      0x9232b37e, 0x82e8c5ba, 0x4d7bb361, 0xd2f146fe, 0xbf24735c,
-      0x9cd2db98, 0x79c280ee },
-    { 0xf2b48122, 0xbdcc8203, 0xb04ac48e, 0xa8c04916, 0x9fc4885e,
-      0xacf064dc, 0x82c1001c, 0xab838997, 0x676de250, 0x7339e721,
-      0x8e1ab820, 0x17aa5aea, 0x6bc14b2e, 0x24d28ca0, 0x816b6230,
-      0x570c5bb7, 0xcee6b606, 0x6c51235c, 0x183eae42, 0x1b2bf89f,
-      0x9c66274b, 0x3e3af3c6, 0xb51e38bc, 0xe0b04426, 0x73e40e3b,
-      0x26dbc58e, 0xb5be5be4, 0x3f9dd578, 0x52c8f408, 0x9fd9f791,
-      0xa9e3ff4f, 0x758073a4 },
-    { 0x8691ca22, 0x7d27b057, 0x13a2a1b6, 0xf206bfd6, 0xac795413,
-      0xe84bd385, 0x75536607, 0xc5d18a2a, 0xc8a0e24c, 0x2e166de7,
-      0x3c474dbd, 0x56d5750c, 0x1366843a, 0xdef444c1, 0xcf4b8432,
-      0x14646e53, 0xa9fd9783, 0x4bc0d030, 0x297ee203, 0xbda4c824,
-      0xfd7be6c7, 0x3d0b10bf, 0x08c7f3ff, 0x2d216476, 0xb4fd4c45,
-      0x06e52599, 0x49e9e104, 0xfbab9fa1, 0x8661d32d, 0x9342a7fa,
-      0xfaf66aa8, 0x3f3e3458 },
-    { 0x951597aa, 0x51ec35af, 0x49df64eb, 0xb677d4ac, 0x9bf4eff5,
-      0x0276cd9c, 0x515a2935, 0x423eca49, 0xfd9bb9c3, 0x8a696553,
-      0xede1f09c, 0xf99ee9df, 0x199e5f98, 0xb8fa2956, 0x35292c32,
-      0xb7638758, 0xfc40e81b, 0x8734eddc, 0x65457d95, 0xd82d5e9f,
-      0x30c78d2b, 0xc8ee323e, 0xc1433d67, 0xe77b2e4c, 0x3c8314ae,
-      0x56d9f807, 0x2a0e2f63, 0x441eede2, 0x6c48295e, 0x1e9e17ed,
-      0x34c294ef, 0x640d20c4 },
-    { 0x3284d513, 0x4e9a0b8e, 0xf315053a, 0x074c3545, 0x45acd52a,
-      0xb36e7407, 0x1de50db7, 0xd80bdcfc, 0x2549fc46, 0x8d9d47dc,
-      0x303f07a8, 0x29b6ef13, 0x6d4ad4c2, 0x4e461aca, 0xfc9f1b73,
-      0xca8e351d, 0x57460e65, 0x8bc4094d, 0x0f32d367, 0xb6302b33,
-      0x285742e8, 0x69a074b6, 0x876c29c3, 0xdfe52b11, 0x912bd17a,
-      0xf39e4609, 0x349aa639, 0x8ee40d66, 0xc72e05c1, 0xb968902a,
-      0xc0d92816, 0x0f9c1ca8 },
-    { 0x67433df3, 0x1ebbaab3, 0x15d3628c, 0xb6aa5347, 0x97f0c5cc,
-      0x13a320d8, 0x65e408f9, 0x72c918cb, 0xd5373451, 0x4b638854,
-      0x0b4dca09, 0x731399a3, 0x0a3b1326, 0xcf256730, 0x6608b388,
-      0x5ea60dfa, 0x7b290dfd, 0x58ad74b0, 0xd7694f9b, 0x83202789,
-      0xb6630fb1, 0x48593db8, 0xc65e3eaf, 0x3db47f70, 0x3e7263f8,
-      0x63949c91, 0xe6e6ff33, 0x9b9acec6, 0x098a8240, 0x34bd9ba7,
-      0x45d36ec5, 0x7e31c12f },
-    { 0x0dfd2dd7, 0xbe281d68, 0x24ab61d8, 0x1efacb00, 0x94431f97,
-      0xb9c3005f, 0x959cb3bc, 0x660c8dfa, 0xcffbb406, 0xfdd5fc30,
-      0x7969a10d, 0x7a4631be, 0xde13fd1b, 0x336e309e, 0xfc947076,
-      0x76b3bfad, 0xdcc72223, 0xfa91925d, 0x156c4ee1, 0x741f0d73,
-      0x0e2b3747, 0x4f64ee41, 0xefc4d93c, 0x86be92d3, 0xfc4fbb2e,
-      0xc53b7e03, 0x337ca1bb, 0xac196cf5, 0x7e23ba60, 0x4de41a30,
-      0x326d5357, 0x1a219c45 },
-    { 0xaa4db0bc, 0xfdcf7ef8, 0x7b6c9963, 0x2e231806, 0x3d8a192f,
-      0xc2639067, 0xffdc7771, 0xc0cec2e2, 0xa2fc0edb, 0x997c8e35,
-      0x82cc6043, 0x78e10ec1, 0x2b0c8120, 0xfd0de2cb, 0x69e57f8e,
-      0x4d6c457f, 0x5b53f1c3, 0x953e69b2, 0xc4f89cb8, 0x422a330a,
-      0x95566be6, 0x92ff2329, 0x437442d1, 0x73cd502d, 0xbea69403,
-      0xf04ce590, 0xf8030662, 0x6ac1537e, 0xb6d0bf93, 0xe02bcf77,
-      0xbc90192f, 0x17aaa999 },
-    { 0x8e55db2e, 0x0d3d5643, 0x3b946851, 0x835dee43, 0x5b88462f,
-      0x1a1440e5, 0xea17e27c, 0xa6ff3b35, 0xdd95f7a9, 0x23f99c36,
-      0xbdd672cf, 0x7217fdd9, 0xdd2045c0, 0xf400ac1e, 0x4ff06b25,
-      0x94b55c87, 0x0e4a49be, 0x0a44a0e5, 0xb43b6813, 0xe8925e91,
-      0x214f96c5, 0x78bedde1, 0x0f97fa97, 0x0f456a4c, 0xa5bfd267,
-      0xa28fd86b, 0xbe7608ef, 0x3b4b2d8f, 0x226474bc, 0xfbd5ff8c,
-      0xa5f3b24a, 0x6b282af0 },
-    { 0x6341a595, 0x78fc025f, 0xa445e28c, 0x591c38d6, 0xeb446842,
-      0x72bd6e3d, 0x75547833, 0x3f9466d3, 0x083e16c4, 0x911414d3,
-      0x95a7acb4, 0x145d9466, 0x8fd2fb64, 0x102ddf09, 0x0bfd87b1,
-      0x2a2b2d2d, 0x59455088, 0x69e9be5c, 0xa80245de, 0xee378bf4,
-      0xb2306b0e, 0x80b0bd68, 0xc2be9f3d, 0x76a545c6, 0x4802c245,
-      0x429d167b, 0x2b412dfb, 0x13e64427, 0xee8d9762, 0xb664f529,
-      0x54706ebf, 0x6d4f5d23 },
-    { 0x00ba9f88, 0x35c8f2b6, 0x7bb6d0bf, 0xfdc807e0, 0xb3b81e5b,
-      0x0a126d42, 0xa7ac781e, 0x335ce6ce, 0xf37dcba6, 0x3e308e6f,
-      0x63c96487, 0x028dca62, 0x8818434d, 0x72eba57e, 0x79b78a26,
-      0xa9e3d59f, 0x2f07aea3, 0xd2f0a7dd, 0x24d05f74, 0xe0fe4678,
-      0x0116deb6, 0xb2085170, 0x58f37580, 0x9c2a5e92, 0x74070bb3,
-      0xe78bd7a5, 0xb9977d90, 0x551fc872, 0x40db81b4, 0x6eda93c4,
-      0xd65d34ad, 0x4aaf0b4f },
-    { 0x3514c7af, 0x9bef2506, 0xbc181ead, 0xb09e7dad, 0x8fa3ec58,
-      0xef3cae87, 0x173b8685, 0xd8dbfab5, 0x921d32dd, 0xb2490fc0,
-      0x8bd9c466, 0x4eef386b, 0xa061dbdb, 0xc1cdd52f, 0x25bc04db,
-      0x64de989a, 0x85728636, 0x06f9836b, 0x8be44aa0, 0x11a5a804,
-      0x097018c7, 0x16dede4e, 0xb2c11fb1, 0x72aec577, 0xa721ecd9,
-      0x144dade1, 0xd6ebf3a9, 0xf99c526b, 0x1c2e14d7, 0xa1d4165b,
-      0x82bc6337, 0x8b2cbd39 },
-    { 0x8a52e991, 0x28ec1bf2, 0xcf9d42ec, 0x0ba202f6, 0xc634ea45,
-      0x8307d130, 0xc5762b9c, 0x3fc257b3, 0x487c2a2d, 0xbd3298d1,
-      0xa319488a, 0xca14f1a7, 0x06ba06d2, 0xc70ca93b, 0xee405e89,
-      0x9aa3f4b3, 0x35deeae7, 0xcc64eeb3, 0x03bf1d4c, 0xd155f578,
-      0x45616bfd, 0x041ec0b5, 0x086e33f6, 0x23df80e6, 0xf0243cf5,
-      0x399a79c8, 0x874ccd58, 0x86c2824e, 0x8fc5c831, 0x220eeaec,
-      0x7dbe3670, 0x57e28304 },
-    { 0xfbcdf666, 0x6e60b698, 0x8bebb1d2, 0xbdd06a99, 0x80498436,
-      0x4044adba, 0x522bc88d, 0xd76bf75e, 0x28423b20, 0x655c4b9b,
-      0x53398a72, 0x65c0f492, 0x0ca37601, 0x76d4f2b7, 0x2030fa5a,
-      0x46989925, 0xb6054705, 0x96b37e87, 0x53de1b2f, 0xef96f731,
-      0xad54ef05, 0x5ecbbc8c, 0xa93617b0, 0xeb289d0a, 0x7cba217d,
-      0x3ac0fbd5, 0x19d4a2d7, 0xd0d3cb56, 0xc91d6063, 0xe8bee9d4,
-      0x696ffda6, 0x4f12e037 },
-    { 0x15f1a610, 0x4ccfa422, 0x3786519a, 0x804a5c55, 0x73838134,
-      0x1246a454, 0x4b284e2a, 0xfa15b484, 0x146d1320, 0x36464c65,
-      0x70a8a0fa, 0xfb6ba88c, 0x93c4804e, 0x74e7cee7, 0xb95ae16a,
-      0x8c34d22c, 0xf9c1d4dd, 0x9d9ed89f, 0x32025371, 0x61a0866d,
-      0x9bd6444a, 0x45b232b2, 0xf277bab1, 0xf888e92c, 0xa9448b02,
-      0x73e69c6e, 0x5b521ecb, 0x1a496ea9, 0x5858afb2, 0xa8f78ea7,
-      0xb1266f91, 0x83d2333e },
-    { 0x67b478d7, 0x1c633288, 0x50a2fc9c, 0xa1ee1ae1, 0x18d2241b,
-      0x05b6ab30, 0x893cd696, 0x69f1f288, 0xa8117a87, 0x159d6660,
-      0x70e73d77, 0xe8120119, 0x93f55f0a, 0x528fef00, 0xd854dfb2,
-      0xb3978db8, 0xf45d9fbb, 0xd6b43ef6, 0xd5bee397, 0x17de4bfe,
-      0x6bf76dad, 0xa01e0f59, 0x3d40754c, 0x28b2280e, 0xf8e86ef3,
-      0x8edb6122, 0xb7d1e586, 0x8226b6af, 0x2f40a55b, 0x46353215,
-      0xc5a31621, 0x7362f13e },
-    { 0x73c0c430, 0x792eb27c, 0xa51c3657, 0x8cc0a65f, 0xd2194f1b,
-      0x50a5cece, 0x814b4947, 0x18945688, 0x4b6fbbf4, 0xbbf0a81a,
-      0xf0aa8608, 0x376f4f58, 0x3987795e, 0xd9361d68, 0xe3a8d0d5,
-      0xb6510cd8, 0xb6c1a455, 0x63e2fdbf, 0xaec891f9, 0x2c91154e,
-      0xff568f64, 0x0eb1e715, 0x2f2b399e, 0xe7af9cd7, 0x89f0bf0b,
-      0x1fc39bac, 0x90983695, 0xf0861d92, 0xda0a20a8, 0xd9b16f02,
-      0xa38c0ead, 0x2f10693f },
-    { 0x0c06ded2, 0x07a6ce91, 0x2fd9087b, 0xf974842f, 0xa9f635a6,
-      0xe468bfd6, 0x1ed60626, 0x04b61891, 0x369ee548, 0x1fb2f89f,
-      0xdc96a201, 0x9cbd1113, 0x10d633ac, 0x6759acfe, 0x8faa629e,
-      0x64ba66fc, 0x47f38283, 0xa686ae49, 0xd59cda99, 0x828c3a05,
-      0x08ea2f6e, 0x7c7afb14, 0xaf3953c8, 0x2551c8e4, 0x9daa9e4f,
-      0x5b53d279, 0xad6f1940, 0x1eff68d4, 0x96437cdb, 0x2775dbdd,
-      0x4fe7a043, 0x985f83e4 },
-    { 0xeaf45294, 0x89603c16, 0xc24b5751, 0x70131160, 0x39d6b52d,
-      0x4c112018, 0xed943340, 0x7079cf02, 0x74f41b68, 0x0c5b028b,
-      0x9c8ac1e1, 0x3dc3f076, 0xf8b24f0e, 0x5ac5eea3, 0xe34c5c22,
-      0xee6684ba, 0x9abc452a, 0xa5259e63, 0xe9df45cc, 0xb07d2cd1,
-      0x1a443cfa, 0x07019c93, 0x92c003b3, 0x68fddaa9, 0x0d8cbc2e,
-      0x2d9f179c, 0x1e781ca7, 0xbbf15a6f, 0x50dcc799, 0x54d779d5,
-      0x0fe962f1, 0x0c88e540 },
-    { 0xe8f44357, 0x84f71a6a, 0x3a3cab6a, 0xf75b4bf6, 0x5aebc680,
-      0x334c9d9e, 0x8a753ef2, 0xcecaf084, 0x075e3c8e, 0xe28014c1,
-      0xf74f8d3a, 0xbb9d5a38, 0xb80e32ae, 0x75988464, 0xf2bc3792,
-      0x7b328e6f, 0xeed0e197, 0xebbb1faf, 0x5a33065a, 0x674eac95,
-      0x922dbce8, 0x8c19fd8f, 0x987b907a, 0x8c17ae85, 0x3b3a2cd7,
-      0x89f33627, 0xfa87772f, 0xebaea019, 0x3a25ced6, 0x4e5de499,
-      0xaf110715, 0x8e2560b8 },
-    { 0x3141aba6, 0x56d3746c, 0xbab2cf9e, 0x45a1079f, 0x9cdd27c7,
-      0xb6382831, 0x9dfd950e, 0x22237632, 0x3a9408ff, 0x1e0b15cd,
-      0xb1160118, 0x49a80200, 0xa383bba7, 0x2719db5d, 0x651046d5,
-      0x6078340a, 0x97523b1f, 0x8929d4de, 0x8e0a28ab, 0x4040345c,
-      0x0adf09c7, 0x61275ac2, 0x2331d611, 0xb41ab265, 0x5391ca50,
-      0x230cc77c, 0x8f922315, 0x88be0c92, 0x92fd9a29, 0xfef3d92b,
-      0x8324f2e5, 0x59005f22 },
-    { 0x3c4c1c74, 0x6bb1750c, 0xe966fb79, 0xbe73aac0, 0x66c5973f,
-      0x85a75d92, 0x3a8656b6, 0x8c97f932, 0x50446cde, 0x2b7043b1,
-      0x3ff3897f, 0x548916f7, 0xb18b72b2, 0x913dd01c, 0x488c0de6,
-      0xd0a751f1, 0x8558ca58, 0x19175714, 0x44a663da, 0x97714301,
-      0xb0e08618, 0x2df190ac, 0xf39ead9c, 0x0080fc0c, 0x17382da1,
-      0x0085ac6e, 0x3262a338, 0xe9791851, 0xb43bae8d, 0xe4495936,
-      0xd783df6e, 0x57a78e26 },
-    { 0x40dbddd8, 0x161b346f, 0x9410c3ac, 0x2b49a927, 0x1886cf3b,
-      0x8c542783, 0x33b93deb, 0x72df3232, 0x40df579d, 0x9c8d59f5,
-      0xc20ef500, 0xe5d7a67d, 0x67f08643, 0xc46b3918, 0xad96adc3,
-      0xecfa2445, 0x0c4544d0, 0x658f589b, 0xe08417d7, 0xe6ec9301,
-      0xc454e288, 0x6ca5ef6a, 0xac0f462d, 0x4191048f, 0x08d8a036,
-      0x852407d8, 0xf6d35b7e, 0xb4c533a7, 0x8f6ada87, 0x3251e412,
-      0x81c472e8, 0x1ca370c5 },
-    { 0xa801b68a, 0x94bd5171, 0xfd1998b3, 0x7312879c, 0x41163202,
-      0x4905aabf, 0xf5b01fdb, 0xb5fe87f4, 0x9cda128b, 0x78de523a,
-      0xc7bd31f7, 0x0bf161a1, 0x23904c35, 0xb5decfd0, 0xe188f12d,
-      0x224b2882, 0xf99dae74, 0x0dd2801d, 0x08cd1cd2, 0xcad467b5,
-      0xc0867e39, 0x6c311c3d, 0x2b425072, 0x71a11720, 0x2efd9003,
-      0x83bf464e, 0x1dbd3b03, 0x53d0448a, 0xe6265baa, 0x32db52f4,
-      0x4c33ac79, 0x2584b34c },
-    { 0x2aeec688, 0x3cb86389, 0x45fbe523, 0xa5e740ba, 0xfd60b5f8,
-      0x422e71f7, 0x4874913d, 0x455d185c, 0xfa17d80d, 0x04c2bb36,
-      0xac054524, 0x3f271854, 0xa8b9a657, 0x76dd3045, 0x62ee7cc8,
-      0x2e42c3e1, 0x4df6c7d0, 0x00266706, 0xdc7cb488, 0x5927dd51,
-      0x187897e0, 0x6b3faabe, 0xf2d5737c, 0xfe6ad22e, 0xff51a9ff,
-      0xafb60269, 0x69807baa, 0xe1c83545, 0x951ca49a, 0xacddb6ff,
-      0x3f9ab085, 0x7e811374 },
-    { 0x830a88b1, 0xad722a8b, 0xce1117e1, 0x91918ea8, 0x0409b47d,
-      0x3e02d0b8, 0x6c46d1d3, 0xb53812d3, 0xe589669c, 0x2fd09db0,
-      0x15b0cd5e, 0x9845cd06, 0x2386c453, 0x0c1c155a, 0xf5ff43cb,
-      0xda774de5, 0xe391c0cd, 0xbb076b98, 0x5004f286, 0x97d71eff,
-      0xaeec0bfe, 0x23e0b46c, 0x32a1ad94, 0xe4538667, 0x396da422,
-      0xfe0c9f81, 0x63db2bfe, 0x6376c1a2, 0xba56fa91, 0x001c7918,
-      0xdf8485a6, 0x436b8c64 },
-    { 0x8ab764bc, 0x88117e9d, 0xa077df84, 0xdfa61e94, 0x0c18eebd,
-      0x5a7765d3, 0xfc9451dc, 0x548916af, 0x071a347a, 0x01a52e33,
-      0xb23b41df, 0x633b95de, 0x43c8c286, 0xdd7d68c9, 0x18d97068,
-      0xe4f9d41e, 0x8c92799d, 0x79908b90, 0xd47394a3, 0xe614148e,
-      0xcd51e53f, 0xe5018517, 0x0243dcb6, 0x5060075e, 0x17954405,
-      0xe5dcde62, 0x537da5ff, 0x6f7c90e1, 0x0768cb66, 0x1df7aae4,
-      0x6dbe95e1, 0x5266ca9e },
-    { 0x1386b3db, 0x84ddee6d, 0x7c38e540, 0xf9e4af5a, 0xeb04f49d,
-      0xb3418440, 0xfde5a4fd, 0x2138a1e8, 0x30257cfc, 0x3e6e6924,
-      0x19fd70c1, 0x3519c6e3, 0x86c31ff0, 0x8f34e174, 0x940ce1e8,
-      0xf1e298fd, 0x14960d7c, 0x6fb8cb1d, 0x2b2f3bff, 0x207c1347,
-      0x146ef8ff, 0x899a20b4, 0x7bd3e220, 0x7dec362b, 0x626bea27,
-      0xa975044e, 0x4fb4cb67, 0x0f32b449, 0x1fc6703a, 0xc17a0920,
-      0x9cd84a2b, 0x41f325b9 },
-    { 0xce2843a4, 0x312ed513, 0x00728afc, 0xe748498e, 0x4d864ce5,
-      0xa8ef2822, 0xa620083b, 0x34064704, 0x4bed338d, 0x5905e1d9,
-      0x063e7b38, 0x2a578cb5, 0x289e7bb9, 0x98276d96, 0xf17b7341,
-      0xdfe2dc47, 0x1dac8944, 0x5923521f, 0x23400aa7, 0x3db6d28d,
-      0xa761ba43, 0xc647705e, 0x9bfd07dd, 0x8947ba6d, 0x242ca8fd,
-      0x00f2e3ac, 0xeb8c3468, 0x49ef4670, 0xd9aa18fd, 0x7db3d37b,
-      0xe58cea9e, 0x56b30fb6 },
-    { 0xcd80a428, 0x07ecdcaa, 0x8732c891, 0x7af922dc, 0x3ada441f,
-      0x20d88798, 0x924b008a, 0x3bed9a44, 0xb2e81c3a, 0x2123533c,
-      0x65f807d3, 0xc34e4075, 0x1f2faecb, 0x0bfaefa5, 0xade8a88d,
-      0x78b634a5, 0x94392a91, 0xc4e0b7f8, 0x90bb1cd8, 0x30922377,
-      0xf87204ae, 0xdea9b4fa, 0x85d3cd83, 0x3edf81f5, 0xc6523a79,
-      0x58f88c51, 0x17c0d969, 0xe472fb8b, 0xdccf7f07, 0x899081e5,
-      0x58bdd146, 0x1353cc57 },
-    { 0x39bf6e18, 0x28a56497, 0x649b89c7, 0x59e8b5a2, 0xdce8b8e7,
-      0x8d9434a0, 0x2047040c, 0xd935bf51, 0x6a7b8e82, 0x2ab3a164,
-      0x27f81294, 0xf1583ed6, 0x72d67297, 0x8416a7e0, 0xcd39e42b,
-      0x49685d86, 0x958ddbad, 0x8a797fc7, 0x155ce6de, 0xa558f928,
-      0xf8a36235, 0x75f4e570, 0x52877ae5, 0xbc69cfc0, 0xa6b16ebd,
-      0x8f4193a9, 0xbb1cc1f1, 0x8d1df43c, 0x5a21e789, 0x723a830e,
-      0xf451df58, 0x3ec2185d },
-    { 0x1f0bc2d7, 0xb9d4c7d7, 0x6e51d412, 0x6982c6cc, 0xa09f80f6,
-      0x92e02d93, 0x047ae09c, 0xb7dd2d25, 0x37f351f9, 0x3503149f,
-      0xc77850be, 0x69d49ce1, 0x12f0d2c8, 0x60242acb, 0x7bc28b9d,
-      0xba188c56, 0x06bc0550, 0x8e406121, 0x8d7d4329, 0xb0d84b1f,
-      0xd38951e0, 0xb4a67ae7, 0x8bc97607, 0xb527c57b, 0x5497aa72,
-      0xbc93c5f3, 0x39bdd666, 0x5f1de8cc, 0xe9d447a3, 0x3087dc5c,
-      0xa211abe5, 0x89b356b6 },
-    { 0xdfdcc837, 0xed6db0af, 0xa871b7a9, 0x0fb80baa, 0x1c1d4b72,
-      0x413abfc9, 0xadac9e5c, 0xf5b56bf7, 0x8b8657a3, 0x5664a2da,
-      0x0e41d94e, 0x11b04f72, 0x37433658, 0x63e11d26, 0xf426daea,
-      0xee628ece, 0xcb162dc2, 0x011619c9, 0x87648643, 0x9cf5817f,
-      0x5584bc86, 0xe1bb9702, 0x00bf7928, 0x2cc27cef, 0xdc60eee5,
-      0x4ef3a80e, 0x87adc2f9, 0x7e1202be, 0x8a0d4f52, 0x656f18e0,
-      0x57c5d126, 0x39c4f10d },
-    { 0xe88aecd3, 0xb3a9b68c, 0xa518aa9d, 0x555b0918, 0x4bd4ee54,
-      0xedc1cdad, 0x02068d84, 0x79b68b67, 0x811ac72d, 0x7dac80d0,
-      0xa81a0a78, 0x6d1e6d35, 0x3bd16283, 0xc841e9ea, 0x894c4444,
-      0xa7bc1775, 0xf1aa1202, 0xf2b63725, 0xc7d4c556, 0xbec7767e,
-      0xd46ff51b, 0x2817ebb3, 0x73f7e339, 0xfde5be8d, 0x5aed24c4,
-      0x44c6c977, 0xb6e579cf, 0x0b9a1707, 0x9069fbcc, 0xcff16478,
-      0x49152b00, 0x414b542d },
-    { 0x606e173b, 0x33c31e58, 0x90e6713a, 0x5b7f4e1b, 0xdebb20af,
-      0x425fb512, 0x05120e70, 0xc788c617, 0x9013e4ec, 0x3ef05602,
-      0x81c6e6d7, 0x9f9d35ac, 0x9450690a, 0xe131e88f, 0x44af082e,
-      0x708f9b32, 0x1ba2aea9, 0xb2e4d66c, 0x740db29c, 0xaf1f4a6e,
-      0xd1843007, 0x74ab9248, 0xed556a6c, 0x13338ef8, 0x270d17a6,
-      0xf48e623e, 0x9608f5bf, 0x3c7362fa, 0x444e8515, 0x43977874,
-      0xe00b8b2a, 0x52678d6a },
-    { 0xdf36aeb4, 0x5dff1c59, 0xa92bc0ab, 0x52d6653c, 0x927a5f81,
-      0x0e03f496, 0x2dfd491f, 0x8509d414, 0xa571f89b, 0x258c2c52,
-      0x93334485, 0x2bd61804, 0x3f7d9e09, 0x1a33e94f, 0x2c1bf906,
-      0xfab418d3, 0x5aa5695c, 0xf39c490e, 0xf6d2d7ff, 0x0e41196e,
-      0x0f7948a9, 0x3ecd4075, 0xd3053b4f, 0x4b58f9b2, 0x5d9974c9,
-      0xb8ee842a, 0xbf22f682, 0x23a59c1d, 0xc8efcea6, 0x045ac614,
-      0xc10ceedd, 0x7040ba5b },
-    { 0x515a1a96, 0x2c364f81, 0x184327e0, 0x31a63503, 0x1ad93d4f,
-      0x0a096650, 0x273b6173, 0x9d7694f1, 0xd2cda9d2, 0x8886d876,
-      0x2814c177, 0x1e01a742, 0x8667696b, 0x3492276b, 0x5b25f006,
-      0x2fd4f0c6, 0xfb294c4a, 0x6527349f, 0xde1d336f, 0xc1fe0d8a,
-      0xe7e3860e, 0xaf9a23e8, 0xb774c31e, 0x97d2b721, 0x4365784a,
-      0xfac3e582, 0x70f4eaa3, 0xff2dff4e, 0xfe873248, 0x3d281e1a,
-      0x0bd1c9c1, 0x9043a6d6 },
-    { 0x766c7937, 0x1511a0fe, 0xabbc3be3, 0x1b2ded5c, 0xe00888ac,
-      0x2ac160cc, 0x616200f3, 0x928754bd, 0x34a2ea06, 0xb801c83d,
-      0x9cbe106f, 0x8ad7a03a, 0xcedfcd94, 0x996b0822, 0xe4069880,
-      0xc3c3463a, 0xf597f663, 0xfb12ea4d, 0x40c92af9, 0x2c8d3834,
-      0x4e8da154, 0x79bc85c6, 0xdb4e801a, 0x95771fa2, 0x1e3579b2,
-      0x7bd2c138, 0xffaad078, 0xe45c75df, 0xb73eac46, 0xb0760a3c,
-      0x3a125f35, 0x26362b48 },
-    { 0xeefc3e89, 0x25c68d28, 0x69e9ee71, 0x2d0ee877, 0xaf5e4b75,
-      0x8b07bb86, 0xcb86b333, 0xdb709072, 0xff552bac, 0xfd3d20ea,
-      0x4c0da1e9, 0xa5eeb2b1, 0x44f97145, 0x391f688a, 0x1e06d485,
-      0x21fbd310, 0xbea9cd49, 0x45e4f2a5, 0xa7bf21da, 0x7b60d464,
-      0x054d5471, 0x193f88c8, 0xbee0f2e9, 0x5ace53d1, 0xc1439273,
-      0x92c26563, 0x96c6b5ee, 0x9c86e0b2, 0x09ff59ba, 0x452fe231,
-      0x555c935e, 0x2e952b20 },
-    { 0xd75f886e, 0x2a846bca, 0xd43dfc58, 0xe68a5dbe, 0x007b1b86,
-      0x103e45b6, 0x355ff2b5, 0x580e2ec9, 0xa263ecc9, 0xbc702f26,
-      0x181e5e33, 0x2835b386, 0x6c122076, 0x025113ec, 0x7fbd856d,
-      0xa5c26e3a, 0x9d6ebcb1, 0x8ef83fb3, 0xa44d2fa8, 0x7aaa53f2,
-      0x53b1fa97, 0x7c14ef33, 0x17559a30, 0xff604a11, 0xb09377e0,
-      0x2bcd96b0, 0xdb2f0273, 0xa5c14896, 0xeb53ef06, 0x1c0a84c9,
-      0x30378e4b, 0x1236d017 },
-    { 0xc084373b, 0xd7481c8f, 0x646097ae, 0x29ae4768, 0x613bc34b,
-      0x1300dfa0, 0x934bc2b0, 0x3712714c, 0x0e2be7e2, 0x86524629,
-      0xed010800, 0x554fbb9f, 0x42314576, 0xf0ec0b38, 0x330a3282,
-      0x65baf594, 0x706ef817, 0x3bdde1a8, 0xba7530e9, 0x7d2c727d,
-      0x74cc95cb, 0xbb0c5d66, 0x2438906d, 0xb3fcd365, 0xd14658f3,
-      0x19881941, 0x6c97f0e9, 0xe616f555, 0x4b9ec7ea, 0x353c2d85,
-      0x620cb56e, 0x02a48014 },
-    { 0x506ccd38, 0x11d6d23d, 0x9059baa6, 0x229a1c54, 0x69d011c5,
-      0x717c9c27, 0xd828937d, 0xe87e1b46, 0x83835083, 0xf5d63bbb,
-      0xaadac258, 0xf0a7b427, 0x9f154d1f, 0x99ab26bd, 0x8ec955fd,
-      0xdec0ffbf, 0x49fcb880, 0xee957c67, 0x1e0114de, 0x32395dee,
-      0x369f46c7, 0x192a64b7, 0x91eb2599, 0x43044660, 0xa2e8c3da,
-      0xbe2da887, 0xc3556d18, 0xa44e2c25, 0xb55f75f3, 0x31390414,
-      0x8f217fe0, 0x1d8bde6f },
-    { 0xa2028924, 0x03cd39f8, 0xb06ecb9f, 0x6e54f19c, 0xd6f05846,
-      0x862bbcb7, 0x5a060776, 0xdbe06716, 0xb10fec10, 0x9397c97a,
-      0x6f1bb65c, 0xf4213826, 0xa672ba38, 0x414deccb, 0xf88b05e6,
-      0x594d4d43, 0xac94d4d1, 0x7993f57a, 0xbfb17638, 0x74fc2a6a,
-      0xb6fc655a, 0xd8196b5b, 0xee8d2139, 0xdc375c84, 0x360d3a26,
-      0xb9b00a02, 0xdeb93b87, 0xb36ed35c, 0xcc83209e, 0xf565b28b,
-      0xc61013c1, 0x349c6943 },
-    { 0x4de6c88a, 0xd1b39444, 0x4700207e, 0xd5c2c471, 0x21c2b780,
-      0xb6f458a2, 0x0850993e, 0x749f7564, 0xbaef0c18, 0x400ba579,
-      0x737c70f0, 0x2d742938, 0x21467ebf, 0xc5a8e2ec, 0x5337f453,
-      0x243a666e, 0xed0bd50a, 0xc991f1c7, 0xf4bd1f91, 0x3a7f3e90,
-      0x5f0e129b, 0x96089e8a, 0x07389635, 0xd0d3a177, 0x27182ac9,
-      0x9cf842d5, 0x0817c5c2, 0x21195299, 0x87255769, 0xa32f327e,
-      0x89c2d8fa, 0x056587ab },
-    { 0x1ce4733d, 0x008562ed, 0x98e51444, 0x5faff7cb, 0xa9ab46b9,
-      0x5f03021f, 0xb61a8c13, 0x89494c5e, 0x36b35976, 0x57c95036,
-      0x2ac2d2f6, 0x6be84c8f, 0x9bd2703e, 0x0e5b34d8, 0x7e872abb,
-      0xc4ad918f, 0xc4052ee1, 0xc2a89e9f, 0x3190b51e, 0xc2caee3f,
-      0x6fff254f, 0x58fd1437, 0x883e0972, 0x6f3c0d68, 0x0fb15438,
-      0x63d0a0e9, 0xf6caae00, 0xc438764b, 0x3f1d0f6c, 0x815f1565,
-      0xb86cdbde, 0x1b87f2ed },
-    { 0x2b0b15b1, 0x35792bbb, 0xce6ba779, 0xa3e4b5a7, 0xdd8f3779,
-      0xfbacffd9, 0xc298d1ef, 0x005450bd, 0xc47031c6, 0x0e3f5556,
-      0x95d68066, 0x0770f07a, 0x2d1052c2, 0xce3e84e0, 0x7aa8cc54,
-      0xb050791e, 0xba3223a3, 0x4d621e73, 0x39632990, 0x87b9b94d,
-      0x7eb8056d, 0x8df9cb47, 0xedfca0cc, 0xe2430de8, 0x9712a0ca,
-      0x374bf416, 0x88848a99, 0xbe3f3c77, 0xc4a3e59e, 0xb22b87b1,
-      0x3e95bc23, 0x8e0227c4 },
-    { 0x3210964d, 0x000e22a8, 0xff056eeb, 0xdccd5df5, 0xdaf1ead7,
-      0x02173a1f, 0x67cdcae3, 0xd02833e0, 0x8bdcc90c, 0x1cc574cb,
-      0x3224b4f5, 0x86eca714, 0xbb3f8298, 0xd00e603a, 0x0c1a8deb,
-      0xb98ece1b, 0x378c261d, 0x228a46e4, 0xa6165e5d, 0xc6f9dd0d,
-      0x4b7ef0e2, 0xb3ae3899, 0xbda9f306, 0x3a3c16b3, 0x38a084db,
-      0x5e9a26d3, 0x5394e950, 0x528e5993, 0x4ea206bc, 0x848ecb11,
-      0x40545d6e, 0x14b15ab5 },
-    { 0x664c59a2, 0x0f6d86c9, 0x60fd7aa5, 0x3dfe2be1, 0x9072cb8e,
-      0x33f9b569, 0x8176a7e0, 0x5f2325d9, 0x4587080b, 0x79a0d4e7,
-      0x0d5d4e05, 0xa4ee0def, 0xc87b28e1, 0xc0ad9ffa, 0x3f09b4ee,
-      0xd6f18d2f, 0x292e9d87, 0xcc896ae7, 0x6094763c, 0xca88953d,
-      0x18fbf9fa, 0xdbee97a8, 0x4b63d701, 0xdf20e0e9, 0x47ea722f,
-      0xcbba6e30, 0x612b571f, 0xce57e1ca, 0x009a55f5, 0x1e16ac76,
-      0xc4389e2e, 0x742bbed8 },
-    { 0xc1dc2c73, 0x23ea86dc, 0xc1643abf, 0x4bbbfd5b, 0x24d8ca1f,
-      0x07f8fa1f, 0x8cb5cac7, 0xde68a6e0, 0x54e66a7d, 0x7d54c64b,
-      0xa9b7ad78, 0x789dba22, 0xe364ab94, 0x4d88d540, 0x1f72e011,
-      0xc8c2e02d, 0x46e2a278, 0x4c826057, 0x4b187c7d, 0xe6c35bb3,
-      0xeb8fe0c9, 0xed8b3dfe, 0x7d11e415, 0xb6bc34e8, 0xb865c7f9,
-      0xb3908bbf, 0xe1ecc17c, 0x717d1ce6, 0xf7cdd69b, 0x151e3308,
-      0xb5c94124, 0x97bd5a14 },
-    { 0x81e82861, 0xe01c62fe, 0xdd42c40e, 0x703d4b6d, 0xe65e91e5,
-      0x7e52e55b, 0x5abbbfdd, 0xb8b49374, 0xc72a45f4, 0xb4f15f52,
-      0x550f29d8, 0xce8435a8, 0x582de75f, 0x9df76b9b, 0xa20c8b96,
-      0x52e84c5f, 0x0a8a0af4, 0xaf77d2d1, 0xca6013c3, 0x0389bbd8,
-      0x26f8305f, 0xb0d9b9ba, 0x0cec8b9a, 0xf053e848, 0xffabda18,
-      0x4d63367a, 0xa6424c2a, 0x50f53be4, 0x864fba2e, 0xf892c58c,
-      0x48cc5469, 0x317c6d31 },
-    { 0x2cb7d42b, 0x0c3525b0, 0x310facae, 0x55240bc9, 0xff20408f,
-      0x8d5d2022, 0xe0c10ea0, 0x6b01402f, 0x718eb23d, 0x7fbef68a,
-      0x41252a19, 0xa0146b5a, 0x110e0d6e, 0x59afce48, 0x022de181,
-      0xe9a1d27f, 0xdc3f49da, 0x6db96d16, 0xefbe4008, 0xfc1ae3f5,
-      0xeccbc11c, 0xf9d70641, 0x525f8636, 0x49022279, 0xc2763c30,
-      0x3769796a, 0x1d90630b, 0x9cc3483c, 0xee3d3f17, 0x451651f0,
-      0x9da0b8fd, 0x6ae59739 },
-    { 0xbff4d2ee, 0x57b13bc7, 0x30b173d8, 0x20754229, 0x0794936c,
-      0xb6254bd5, 0x5efd55be, 0x1d5f232a, 0x4e0c3389, 0xc06f4a85,
-      0x8e61f944, 0xcf2c5b59, 0xfd5f87b7, 0xc564861f, 0x5a2afa4c,
-      0xee261fb1, 0x2d97a774, 0xb0ff7226, 0xd6cf007a, 0x1a89ae22,
-      0xd346f214, 0x28880534, 0x97b6497e, 0x8fe73bff, 0xfa2afffc,
-      0x8a8595b2, 0xf151a726, 0x9ef9cf3e, 0xe744b82b, 0xa84ee5f1,
-      0xbc63fe72, 0x6649048d },
-    { 0x1e8b760d, 0x91b7bb78, 0x25aadaa0, 0xd47b0bd8, 0xfab5226f,
-      0x81493d9f, 0xbffc148e, 0x4a6dd226, 0xa29be3db, 0x5a032f8a,
-      0x34b0ab0b, 0x318dbc70, 0x7d654868, 0xdcccbfb5, 0x9c581e46,
-      0x8506ab37, 0x2830ece2, 0x09136a6e, 0xcf6c80c7, 0x48b79356,
-      0xef6b1e86, 0xfa176377, 0x83f0f1c9, 0x2c9c1cc1, 0x16abeddd,
-      0x96f0526d, 0xa93b0de4, 0x3e0e98e2, 0x0f13873a, 0x6f2d7ada,
-      0xf3fa49ec, 0x4eb93b5c },
-    { 0xe11fae32, 0xbd89f7e5, 0xc4023f51, 0xd13d74f5, 0x491c3f6f,
-      0x1b0014df, 0x555279b7, 0x1d849a57, 0x05ba0068, 0xbb9e8897,
-      0xc13ca2ca, 0x82222419, 0xfd33676f, 0xafbbb685, 0x75878a2a,
-      0x931c3f52, 0xef3d5173, 0x12aeefef, 0xbd8a6878, 0x189a5cc8,
-      0xd99f0c16, 0x82cffdb3, 0xa19d48b6, 0xbf565406, 0xe9c6c4e0,
-      0x5605e223, 0x86804172, 0x53e781de, 0xc7001cc8, 0xcdf5c90b,
-      0x7c043f68, 0x2b582d93 },
-    { 0x81abc2ae, 0xa1165c82, 0xe2b69eca, 0xa73380f5, 0x07fff66f,
-      0xc097b3d2, 0x54776506, 0x5d603826, 0xb57fa21c, 0xdcbac9f3,
-      0xc98dbdd5, 0x78750db4, 0xd9eff32a, 0x85e21103, 0x2f11c41c,
-      0xceed172c, 0x9e348c09, 0xa8e39264, 0x831eddfb, 0x71cb936b,
-      0xf50864a3, 0x915c3d06, 0xe93acfcd, 0xfe8e33cd, 0xb3f2f7aa,
-      0x4bee10d7, 0xeb7cee9a, 0xc1d8eb48, 0xfa574afd, 0x4fa49ce3,
-      0x862db4c0, 0x78615109 },
-    { 0x7ae72c21, 0x3fe3f480, 0xfd0f0da5, 0x631aa144, 0xf8c3a454,
-      0xc76ee1e8, 0x51b4f1ab, 0x379ae094, 0xd7cdbb24, 0x2a3a4397,
-      0x82bd5fcd, 0x7a14cffe, 0xf427ef5a, 0xbbe4ed12, 0x284d3ccf,
-      0x9b0a43ee, 0x8eec6e1e, 0x57b78b93, 0x67b8e87b, 0x18d404e4,
-      0x34374c20, 0x0c8adc05, 0x5428deb5, 0x64373605, 0xc3afa2cf,
-      0xb4d80ec0, 0x3aa956f9, 0x6d51f93c, 0x84161c68, 0x9f9a28ab,
-      0x6bc9c025, 0x540b6bb7 },
-    { 0x321d315d, 0x04e1734c, 0xd86e05d0, 0x4ef56612, 0xbba8cd81,
-      0xeafae145, 0xacdc789a, 0x1fb07a49, 0x5877570f, 0x6a21e9ad,
-      0xb9bc53de, 0x2e4a837e, 0x1d6298eb, 0x436db293, 0xea362f45,
-      0x43afbc78, 0xaabf6585, 0x2a973d97, 0x0c924d60, 0xdce7dabe,
-      0x7cadf0e9, 0xf69d98f0, 0x75020538, 0xe0b505a1, 0x4461cd29,
-      0x3db7d1a3, 0x5e20e818, 0xe1c28776, 0x52dd50f6, 0x2ca25867,
-      0x92e0388c, 0x897cab14 },
-    { 0x0d8bab8a, 0x59ed3813, 0xa438200a, 0xc11d364c, 0x40581415,
-      0x0687bf2c, 0x7ac89674, 0x86ad0d3a, 0xb97411a0, 0x44928105,
-      0xf383371c, 0x74984b11, 0x0d1a831e, 0x70d2ed84, 0x6c912fe0,
-      0xd883628b, 0x14fa88d2, 0x44f8f7fb, 0xcf0ac93e, 0x564f2a4d,
-      0xa6c24fa6, 0x82f629aa, 0xbf6cd949, 0xab906ba3, 0x20a5182d,
-      0x2c822e67, 0x30eb93a5, 0x2ff47dac, 0xfff673aa, 0xdc62c4a4,
-      0x476b0ec5, 0x64b00763 },
-    { 0xb3c9a404, 0x1e3f533e, 0xb7ef9952, 0xb1db7f73, 0x6c253693,
-      0xc7f13e29, 0x0738eed4, 0x7ce7f4c4, 0xce26cad0, 0xccfd3b33,
-      0x01ec5cf1, 0xd8784935, 0xdc084e01, 0x3f8fc09d, 0xc39b5acf,
-      0x217cab32, 0x9ef5551c, 0x42daf0bb, 0xe1217a95, 0xfbc76f56,
-      0xc237002a, 0x80178b12, 0xb070a293, 0x0b52c39f, 0x576ca964,
-      0xe3925153, 0x19d68e36, 0x25559424, 0x09e50e84, 0x291fb82c,
-      0x6618ed8c, 0x7dd22ea6 },
-    { 0x49cbb3bf, 0x7ffe844b, 0x5562fb25, 0xde0cc704, 0x9f5a845a,
-      0x1e6ee537, 0xe51277fc, 0x956d7f26, 0x30635718, 0x2c75d4b9,
-      0x96957f34, 0x39a14892, 0x82e5742b, 0x8cf4eb32, 0x83247b72,
-      0x6b0d3ddd, 0x201a4237, 0x67a9f633, 0x1414a485, 0x416403c1,
-      0xb6f6a916, 0x60afd447, 0xdac6f790, 0x95f94930, 0xbd3b9d82,
-      0x685ff94b, 0x51cadf0f, 0x5c8f98fc, 0xb13b7489, 0x9559c88a,
-      0x5f18fcc8, 0x31377c66 },
-    { 0x7dcfb35f, 0x35c5de09, 0x01cc36f8, 0x2dccca9f, 0x7576cb63,
-      0x7e93e85d, 0xf7b4b375, 0x0c2dd48a, 0xb09a19b5, 0x9d95cd4f,
-      0x71bfe607, 0x752ed159, 0x2596dad2, 0x439880cf, 0x69e90a6f,
-      0xe52efb53, 0x03d3e60a, 0x44097663, 0xa95070e0, 0xfcf364fa,
-      0x05624dd2, 0xd8f993b6, 0x00d5e467, 0xb35a9824, 0x0c8f4524,
-      0xe289d024, 0x648a0179, 0xef45423c, 0x587edabd, 0x3a5fd695,
-      0xa11e5271, 0x3dacc50c },
-    { 0x6499ae4c, 0xcb3e4f94, 0x7053c527, 0xa46dcbe1, 0xbe782e8a,
-      0x807f5ce9, 0xd8481e45, 0xb6c64d28, 0xaa286fd0, 0xf35e4518,
-      0xdf1cdb49, 0xf7b7b9ba, 0xaec23eaf, 0xf3fb6210, 0xb9bfd2fb,
-      0x0a9ba385, 0x8807f3a0, 0xe51a0d53, 0xb17b2842, 0x7ab24404,
-      0xf9dd9f0a, 0x6fd57687, 0xf3e9df64, 0xcd1efdb4, 0x60df194d,
-      0x5dd2df7a, 0xe069df05, 0xbed3f2c3, 0x23248a31, 0x469b7561,
-      0x694744f7, 0x866949e1 },
-    { 0x3f4ab07a, 0x3a9a0da5, 0xf54a6fbf, 0x2cd6f333, 0xb23cf290,
-      0x0c92e921, 0x848e3d58, 0xc9581c3e, 0xd3b218ab, 0x93af1fbd,
-      0x066cb4d7, 0x38598ea1, 0x990c03a0, 0x5001394e, 0x7d0877b5,
-      0x3b664b1e, 0xd74c7091, 0xd79db1bb, 0x4e2d5dd0, 0x852d4435,
-      0x3329db82, 0x0d2b841b, 0x7b96d480, 0xfa844eb0, 0xc295dc46,
-      0x37a50569, 0x94f7ec4e, 0xc2d38373, 0x5b083177, 0xdc3884ff,
-      0x8b1fa598, 0x574352b8 },
-    { 0x0d5d7ce9, 0xed2193f7, 0x0b487eaf, 0x3c19fd26, 0x7be65fd0,
-      0x7c44ab59, 0x78270d56, 0xdd9da860, 0xbaa70198, 0x8a84ec00,
-      0x285985df, 0x2ec27e49, 0xde2028d8, 0x996ccaf0, 0x61c2201d,
-      0x4e7648c7, 0x091c19eb, 0xa96335bc, 0xf0d6782b, 0x253a3a69,
-      0xd2946493, 0x3f204340, 0x099f6873, 0x444521a1, 0x6996011a,
-      0x5fcbcc09, 0xf853a94e, 0x3884d5d8, 0xd3b6a3a1, 0x2418c624,
-      0x06ae3c4f, 0x3e431af2 },
-    { 0x83d381f1, 0xf967d939, 0xd0c033c3, 0x36501aae, 0x54410768,
-      0xbf3af4d0, 0x5093a6d3, 0xa86d1598, 0xd92f2900, 0x43ae0741,
-      0x36f0b755, 0xfeb2afa6, 0xaa456d6f, 0xd090a6a3, 0xaefdb646,
-      0x336a4fda, 0x1a942f7d, 0xfd1bfe44, 0x851ee41e, 0x7fc2a3ed,
-      0x11e935c5, 0x4f1c9686, 0x53bbb343, 0xcd577666, 0xad896c2a,
-      0xf26931ba, 0x86bbfa41, 0x8a0fbbd1, 0xa203cef1, 0x1c3d7d82,
-      0xe2664d35, 0x6dad3f15 },
-    { 0x12ec35a1, 0xd1940b7d, 0xe7dfb128, 0x6219c5b6, 0xf13321d5,
-      0x2cc278c6, 0x33c58eb6, 0x5e76904a, 0xd9903c43, 0x15090f55,
-      0xc3d96a19, 0x061bc926, 0x8c0acba7, 0x974a9f03, 0x7198b21b,
-      0x7a414021, 0xf8958c6f, 0xb069599d, 0xbebd0129, 0x517f2f1d,
-      0xdf3a8dc3, 0x1109a613, 0x672375c5, 0x08e58448, 0x9383d2d3,
-      0x56590ba4, 0x0bff837c, 0xfc3ee7c6, 0x27d2d55f, 0xc87a5390,
-      0x5f517a3f, 0x2438e9d4 },
-    { 0x8815af3c, 0xc4a45308, 0xf3c9bed5, 0xe55f1a32, 0x97b65ddf,
-      0xaef1cdc9, 0x12e51eb5, 0x61c61d94, 0xe63f2490, 0xbd0dac54,
-      0xd0b3e231, 0x6f14429c, 0xf1da6010, 0xf737c3c2, 0x6bbc4fb1,
-      0x7150e04b, 0x1be281cb, 0x205b4c89, 0xd7701f5b, 0xf1b4633c,
-      0x2a513490, 0x8b33ef46, 0x68f1f7f2, 0xddb47c73, 0xbd416b67,
-      0xf4ada511, 0xff795bb3, 0x9d2a97cd, 0x96200e67, 0x00a8b7b2,
-      0xafe30e01, 0x13f39011 },
-    { 0x7bd0c827, 0x3dd296ef, 0x4a29ff46, 0x506110f3, 0x1c9a515a,
-      0xf8793068, 0x268bca77, 0xde8d8045, 0x998045df, 0xcbb83024,
-      0x68c0e584, 0x3f90d710, 0x263b6062, 0x2a838ca8, 0x535c5d0b,
-      0x293bb5e7, 0x56415110, 0xceea99d5, 0x1bbda005, 0xfe311ad0,
-      0xa4d8d018, 0x2497e0bf, 0x1cf2b866, 0x33dd77a0, 0xd8c4ba8b,
-      0xbc075b73, 0x722b7bc9, 0x298466d4, 0xcbda1b0b, 0x17a7ce24,
-      0x680703b6, 0x458d4b6b },
-    { 0x4d54d8b2, 0x8a26a20e, 0x4d320a0d, 0x05a5696e, 0xf994f700,
-      0x698b5858, 0x2f6549a8, 0x7a4adc3c, 0x3694d00d, 0x1812e819,
-      0x730402bd, 0x46b9b000, 0xa1b36410, 0xe10a1449, 0x99230220,
-      0xeae95ea5, 0x1b4820c3, 0x3efc2e9b, 0x85c9eb8a, 0xfe5b5cb5,
-      0x97847064, 0x21ae0319, 0x8f27d49f, 0x68ef0b70, 0x2f72556b,
-      0x3259ef18, 0x624db01a, 0x00ae0457, 0x5668f95c, 0x628e3b06,
-      0xb6fbbf91, 0x5f13f5fa },
-    { 0x3a9b0dc6, 0x7c6ed9ae, 0x6f883ec8, 0xaea1bde9, 0xea8b3677,
-      0xea66bf88, 0x9a66e3ab, 0xdefa6abc, 0x68217ffd, 0xc4d3317b,
-      0x290df05c, 0xf741c8f2, 0x7d11674e, 0x1f0fdf17, 0xc35989ca,
-      0xfdf0ece7, 0x6b9c482d, 0x0eed92df, 0x55bf1ca7, 0x73713e66,
-      0x25cec99c, 0x90acb290, 0xe803e69c, 0x37c9e3a2, 0x17713a1a,
-      0x7c0a3c53, 0x6f5a174d, 0x350dc565, 0x05f802f6, 0x11625a44,
-      0xa37ba4a2, 0x2196495d },
-    { 0x13142680, 0x00cb2fd3, 0x65d14cf4, 0xab9e91d7, 0xdfe2669e,
-      0xc6a0ceab, 0x0ae22bc5, 0xbeefce58, 0xcb6ec250, 0x3c2b7986,
-      0xd738f1ff, 0x84adb1a2, 0x516ec8ec, 0x9709bc28, 0x8e8f7db5,
-      0xf3693129, 0x95b197f9, 0xc48efc6b, 0x9aaaa404, 0x9ff10952,
-      0x144154b0, 0x2c3c8cbd, 0x427f3435, 0x33ef7bc3, 0xd21897c1,
-      0x04a17940, 0x6ce548a0, 0x5aa0c47d, 0x3d56fa62, 0x2971cea7,
-      0x04475f08, 0x93ad0eb0 },
-    { 0x988a9963, 0x7a0b6967, 0x6515e8dd, 0x61e477f7, 0x3b6b50f2,
-      0x6274e386, 0xd33922de, 0x63a9b8d5, 0x687a5b3d, 0x3c38d3fb,
-      0x1302e323, 0x18f6f09c, 0xe02fcccf, 0x254c05c3, 0x26e662f7,
-      0xc04ed0b7, 0x143fe079, 0x1d5646b8, 0xc9016c8c, 0xef8a9448,
-      0xf823d797, 0xe5674c4b, 0xbccde451, 0x0586f72f, 0x4417eade,
-      0xc5fc88d5, 0x576e588d, 0x2b952209, 0x5844d1f9, 0x4408dd42,
-      0xea41c034, 0x73f8c3f0 },
-    { 0x5df763dd, 0x89534fc8, 0x3ac71836, 0x3b1427f3, 0x6e8f15a0,
-      0x0db5be17, 0xcb20888e, 0x1d390944, 0x857caea6, 0x7804c9ad,
-      0x519f7bf3, 0xaa584428, 0x293aa8cf, 0x626eecf1, 0xea36a015,
-      0x749e0d98, 0x3321edcd, 0xefff6dae, 0x28b791cc, 0x963deea6,
-      0x2d16e361, 0xa14e0552, 0xb15ae206, 0xa2e058fc, 0xfca325e4,
-      0x0f268745, 0x21341a8a, 0x7cf9d407, 0x7caa51b8, 0xdfed25d9,
-      0xadbedd75, 0x0108ae39 },
-    { 0xa9e88f63, 0x54d178f3, 0xab0c7325, 0xaa05b11e, 0xe261d8a6,
-      0x773a53e6, 0x8d0b91c8, 0x24db7dae, 0xe9bb004d, 0xde10b073,
-      0x54e3090b, 0xfc8befe7, 0x0cc69c89, 0x16af0599, 0x9d59511a,
-      0xddc83803, 0x46c5dafc, 0xc3f65b99, 0x1ee0a599, 0xfbbe4be8,
-      0xfb3a9b17, 0x88891e36, 0x445dad00, 0x0c9aad75, 0xd5097e1f,
-      0xdffc46ab, 0xac85a4e1, 0x8848089b, 0xa0c45233, 0x348bb42f,
-      0xeb13c1df, 0x807c06d8 },
-    { 0x98ee0ef6, 0x00a969ec, 0x8bb7b7af, 0xba9d5483, 0xa02f8fdb,
-      0x24484c92, 0x8b70557c, 0x7bdb201a, 0x60ad1af2, 0xe59343e4,
-      0x998c95fb, 0x53a9a942, 0xda861d3b, 0x974db3de, 0xed399c0e,
-      0xce1525c9, 0xf72109bd, 0x89b56881, 0x998211a4, 0x08ff7d15,
-      0xef0f275a, 0x5df76b3a, 0xfa2f358b, 0x93f180f7, 0xc39b0634,
-      0xaac4ffcf, 0x17583b53, 0x2692c626, 0xb55399fc, 0xb2fdfa36,
-      0x99607a61, 0x16424c6c },
-    { 0xdd2744a9, 0x5dd65c55, 0xfe3af418, 0x2544c1c2, 0xefe8b089,
-      0x32c82e99, 0xa9df691a, 0x30b7ab25, 0x9be99674, 0x98384550,
-      0xcaf2d122, 0xbcecd258, 0xbcc77272, 0x88ae4098, 0x4b8efa0c,
-      0xd4396141, 0xed64d12c, 0x44ff67b9, 0x2e7f3404, 0xa9e655e4,
-      0x45b0e9eb, 0x3d16fc45, 0xf03ded28, 0x474a3e14, 0xacccb85c,
-      0xa3c9adff, 0x7253a51b, 0x3dfe6bc1, 0xfb5831b1, 0xdddaf4b9,
-      0xa4f4478a, 0x5544e602 },
-    { 0xbaa80b4f, 0x897c5313, 0x63bdc8ef, 0x0122716f, 0x7b42c5a8,
-      0xae2742db, 0x0883308c, 0xe9d9e1e9, 0x2d341ab1, 0x352c8c3f,
-      0xed945870, 0x163d0500, 0xc290d9d8, 0x8349dd73, 0x1f6c7d29,
-      0x2053c5e0, 0xcb42033c, 0x83107446, 0x09d09af1, 0x76c88bd2,
-      0xb2794681, 0xd0f70e6e, 0x19b1b540, 0x720b59de, 0x22994b43,
-      0x80b7ecdc, 0x2dec53cf, 0xc1a4cdce, 0x1ed60f42, 0xdd7d3edd,
-      0xe241d261, 0x5735995c },
-    { 0xa0237056, 0xdc4ba3fb, 0x33ab3388, 0x6856c164, 0x271ec612,
-      0xc01eebbd, 0xe3031bec, 0xabdeb033, 0x6118a1f5, 0x4eee4419,
-      0x5b600f33, 0xec497421, 0x08868773, 0x1b7185cf, 0x7c1b7dfd,
-      0x7b0c46cd, 0x4a4c5e89, 0xd143b2da, 0xbb1ff94d, 0xdb9a5984,
-      0xc9cf3465, 0xac3904e4, 0xeace64c9, 0xf8729bc0, 0x768ad99a,
-      0x5cc22821, 0x8a9540c2, 0xbbd3b081, 0x049a6917, 0xe468ed5f,
-      0x3ec45ef0, 0x885486df },
-    { 0x4bdff464, 0x6a942c93, 0x25a7b451, 0x3db2719f, 0x325be324,
-      0xccb0070b, 0x19fe3339, 0x2055a31b, 0x241ee8ff, 0xaca69ae8,
-      0x55ef8def, 0x7607dd08, 0x1a1b73c6, 0x9e24960f, 0x71d36810,
-      0xbcb0e8a2, 0x6885e6b9, 0x29e11aa2, 0x185eae19, 0x98b5d0ab,
-      0x0f81f91c, 0x1a0b96e4, 0x994fc503, 0x4d0e8bcf, 0xf119d6e0,
-      0x33d81697, 0xaaa4ce0c, 0x29083287, 0xc91ff9d7, 0xc5dd4d3e,
-      0xd4ab962d, 0x31cecfe8 },
-    { 0xfc8b21e8, 0x437bfd9a, 0xb19436df, 0xe5dd32b3, 0x921c36a0,
-      0xfe5902d4, 0xa3d0fa90, 0x8e9de84d, 0x5bb523bd, 0x9663e6ad,
-      0xaecd6975, 0x9800a23f, 0xb4fbb59c, 0x1009c0d9, 0xc9d20ff1,
-      0x839aa7bd, 0xecd6fa3d, 0xf502f66d, 0xc5516ca9, 0x480ed4fb,
-      0x6c742ac4, 0x65ffa5f6, 0xff3252f8, 0x2b7c7945, 0x75d9cb3d,
-      0x72fefc05, 0xd6d6f1d2, 0x11b0863b, 0x9a6a4ec3, 0x5d8f3cf0,
-      0xda2547b3, 0x6961b46a },
-    { 0xcb35e2ac, 0xd07b587e, 0x57af14d9, 0x1ed5546b, 0xdb28a04c,
-      0xeca17a5b, 0x709d54f0, 0xa1f91d44, 0x9c6f400e, 0xa6e719fd,
-      0xfb8ce190, 0x4e4b88ed, 0x246e3fd2, 0xf9781edd, 0xb655af5d,
-      0xd67120e6, 0x93413ca7, 0xda782d1d, 0x9707fa21, 0x697e20a2,
-      0x54e84123, 0x1eb51f32, 0x36051f9f, 0x2e254d9e, 0x73ce5be9,
-      0xddaec42b, 0xcd3f794f, 0x89a9a32e, 0x0781aad9, 0x1964e22f,
-      0x53755212, 0x6a63a90c },
-    { 0x3d7acbbb, 0x76554e00, 0xb74f6108, 0x2c01668a, 0x388c519b,
-      0xe4a29672, 0x3eb94d4f, 0x01667714, 0x0cd6d2f6, 0x086a3cdf,
-      0x7b370f7f, 0xf8658021, 0x5a4d3e7c, 0x658880c1, 0x5ba3f4a1,
-      0xd6ed5816, 0x5ca471dd, 0xabcc7813, 0xe844a576, 0x809bf074,
-      0x6ea502ea, 0xa53a81b3, 0x0e021ed3, 0xc20b9307, 0x8617f165,
-      0x8c27f892, 0x8235cd0b, 0xa5476446, 0x82552961, 0xffc89ffd,
-      0xd151d90e, 0x51ed4a22 },
-    { 0x449701b4, 0x37d6963a, 0xbb27caf2, 0xea8d91a3, 0xb572965f,
-      0x3ef9be15, 0xdb50bf7d, 0x75a7a055, 0xce643b9b, 0xfd67480e,
-      0x6ceb5d5e, 0xf2a60d2d, 0x5ed7c897, 0x68fc320c, 0x28ce685f,
-      0x41c53cf6, 0x7106615e, 0x0e29711f, 0x23500ecc, 0x7a872138,
-      0x6c29fe48, 0xaf0a9260, 0xe1ef9712, 0x93df3f2a, 0xd2d169bf,
-      0x0d5f6fb1, 0x74a9793c, 0xeb7afe26, 0xe9f49256, 0x4173d94a,
-      0x2b8b5ce5, 0x2d6951bc },
-    { 0x904e222e, 0xdd007d9f, 0x86f4e109, 0x333f248f, 0x8f429eee,
-      0xd4994e8b, 0xcfc77518, 0x29573415, 0x0b0f42f1, 0x6e7fea3a,
-      0xc2743519, 0xc795cb7d, 0x711e71a0, 0x820a8f66, 0x2b874f55,
-      0x83d95d9c, 0xe70e1627, 0xd4b64d78, 0x8b92a742, 0x924353f5,
-      0x447b5e6d, 0x322048b1, 0xbcf931a0, 0x0bad730c, 0xa7af2268,
-      0x75c4d089, 0xb83b93f9, 0x464904c1, 0x165b3aee, 0xa24eba02,
-      0xe08cc5f0, 0x65c48e78 },
-    { 0xde222c22, 0x1a1c73ce, 0xfcea23b4, 0x5683d8cd, 0xb2143b06,
-      0x0301cb14, 0x59fcec77, 0x284adf8f, 0x31204cef, 0xfb1c581c,
-      0x94735107, 0xf54d3eee, 0x4d3188c0, 0xdbf67f0b, 0x10f18d12,
-      0x76a3f2d1, 0x07d3e013, 0x3809fa28, 0x25e7ece0, 0xf06f0a46,
-      0xb2895d2e, 0xd82867ed, 0x08b0553a, 0xe106f489, 0xef245445,
-      0xe2280fa6, 0xa8d9a3cb, 0x402d5785, 0xd438ba2d, 0xf63dd9ff,
-      0x7a6b226f, 0x36b5cd2c },
-    { 0x545679a7, 0x87ff4e20, 0x4520c750, 0x64d80b41, 0x9b459cd8,
-      0x90a357fa, 0xc85af1a3, 0xa19eaf39, 0x8d935a5e, 0x0d475d79,
-      0x781a678a, 0x74501983, 0x0cc2e810, 0x74839779, 0x2f412244,
-      0xc6a21d11, 0x36a51a37, 0x8d0e85f9, 0xeaa74df8, 0xff50151e,
-      0x93cf99c4, 0x14e182a7, 0x376a9ab6, 0x45593df1, 0x522389ff,
-      0x18f73caf, 0xf7445e8a, 0xd27cc960, 0x39a51dc8, 0x0692f4c5,
-      0xdb39bfd8, 0x08d7c144 },
-    { 0x3ecca773, 0x809c0d96, 0xd48c2156, 0x87ea9192, 0xdb6bd641,
-      0xf0eccd74, 0x2a678cdf, 0x77312374, 0xd1587b7e, 0x7a966d8b,
-      0x6130a4c6, 0xf3c1a101, 0x5fce17bd, 0x7cc6e838, 0xa8de7aa4,
-      0x95e95bb8, 0x898308e3, 0x3fe1e8b5, 0xe347694a, 0x0197243e,
-      0xbb0cd2bf, 0xf3fe9c42, 0x0f9b2b49, 0xb5905264, 0xc7367d1f,
-      0x4c385e8b, 0xb5ee147b, 0x1d3050ae, 0x04004ad9, 0x8e2c3879,
-      0xbab70202, 0x5f2aa8ee },
-    { 0x1266524b, 0xe208d464, 0xd0a19f66, 0xb7bf3880, 0xda106ebf,
-      0xa5aa685e, 0xe642dd46, 0x0a69e8d3, 0xc682e4d6, 0xef349c61,
-      0x0fcb534c, 0x26f6ee3b, 0x05eb67b8, 0x7daba127, 0x18be05f6,
-      0x2babb27e, 0x8e2d85d1, 0x959afcba, 0xe2d9d386, 0xedcf2d1a,
-      0x1ea6f06e, 0x59dc52e6, 0x866e5ae8, 0xc28278b4, 0x02bcd3c7,
-      0xd9ff0340, 0x784be82f, 0xe884ac76, 0x83c9f224, 0xa3164980,
-      0xb46ff949, 0x62501a98 },
-    { 0xad264086, 0x563f7d9a, 0xa5e0e4bd, 0xca6a33db, 0x8c8d3d67,
-      0xe8253002, 0x46e64b19, 0xa288dac8, 0x20aa4536, 0xfa3c9197,
-      0xed553eac, 0x8130c9b0, 0x2ea8abd3, 0x622806e0, 0xceccfe77,
-      0x52fbf54d, 0x4f0d1b70, 0xbd9a8e31, 0xd59b1741, 0x519d2133,
-      0x9a6fea8a, 0xfd74101c, 0xb5c4eb10, 0xd1acf7a0, 0x91f9da5e,
-      0x78499b73, 0xc0dea586, 0xabaa4c49, 0xa1f3531a, 0xcc9c5f73,
-      0xfd3fc665, 0x497b15fe },
-    { 0xf45568e9, 0x8a56cbaa, 0xc7192a6f, 0xf491a0fe, 0x9ab2539a,
-      0xdbb03dd3, 0x4ac37da9, 0xc86522f8, 0x02a0f5b4, 0x8c8cdba2,
-      0xa29c539f, 0x8109fc75, 0xca90f02e, 0x9cd06d31, 0x3e216dbf,
-      0x8f31f044, 0xba3ebd91, 0x99aa68ac, 0x42c007f4, 0x2a80d0d2,
-      0x86a9b7ce, 0xdd8dffbf, 0xd6308edc, 0x405d3e84, 0x068012ca,
-      0xdafa33fe, 0xedea1071, 0xc2eebd13, 0x2ff637e6, 0xb7ae7e5c,
-      0x9e514cb7, 0x18d46a6c },
-    { 0xa78b7802, 0x868cbb22, 0x497cbaf4, 0x0745ddb2, 0x42ae8add,
-      0xc4eb2f3e, 0xb4ceb4e4, 0xac0abcda, 0xa325fd40, 0x2e0d8325,
-      0x13ac7345, 0x6cfe0571, 0xb14171b9, 0x7407a788, 0x6da7a52b,
-      0x70eb0603, 0xd85176ac, 0xab0b36f9, 0x7c2954f3, 0x14109d29,
-      0xdcd705ad, 0x370de9c8, 0x7bb5e751, 0x3f0db5cd, 0xa06e708c,
-      0x45f93d41, 0x7e93050d, 0x10d54f8a, 0x5a38fef9, 0x69e6f8e4,
-      0xd3f62e40, 0x55044601 },
-    { 0x06cb9cc9, 0xd1c5c910, 0x41d00014, 0x542074d7, 0x11236fb8,
-      0x7cd8663e, 0x29ad5f82, 0x39721ffe, 0x2951fc83, 0x1d21fbfa,
-      0x400d144f, 0x1cde06e7, 0x91792e6b, 0x9042596b, 0x29ad5166,
-      0x3365c8e5, 0x9aeefe98, 0xe2220e85, 0x70c2aee3, 0xbcb53189,
-      0x9ff100bc, 0x477ca3db, 0xf532973f, 0x27074176, 0x9a2bd01b,
-      0xa12118ac, 0x3dd79f93, 0xf3425209, 0xc6f5d7db, 0x563a8ff7,
-      0xd7b0ec4f, 0x0da313fc },
-    { 0x15aa2557, 0x37125a8c, 0x00893e9c, 0xca21d70c, 0x67b8a823,
-      0x48713994, 0x7cb0042a, 0x0d3e9a74, 0xc9e2ce18, 0x2d2bf4ff,
-      0x049aeac2, 0xd5531a0d, 0xf03d0660, 0x4d29a616, 0x1f1b7f00,
-      0x473d50d6, 0xca3de50c, 0x3af0ecbb, 0x09c28f27, 0xe2959bea,
-      0xf8704664, 0x6d7c2ea0, 0x731083ef, 0xadfae4e1, 0x941c2554,
-      0x50940c26, 0xa1162d03, 0x44167410, 0x1e82290e, 0x620230d8,
-      0xdb414acc, 0x63630be8 },
-    { 0x8a7d2e41, 0xbf8d5222, 0xeb62f879, 0x49e75823, 0x6c402d89,
-      0x1b4d33dd, 0xde2c59ad, 0x883e04d6, 0x49b9dc38, 0xbf3f38f4,
-      0xb4b70c4c, 0x9d997d18, 0x13cea045, 0x1f69b20c, 0x58e2606d,
-      0xca3d7025, 0x261d1b79, 0x3d4fd977, 0x5a1436fa, 0x56aeafa8,
-      0xbb443c07, 0x369b3e98, 0xe558f6be, 0xfce5186c, 0xf8ac8f89,
-      0xeb0cd478, 0xd5e5aa72, 0x68074f37, 0x68544eb0, 0x295845c0,
-      0xf16688ed, 0x306a9871 },
-    { 0x634ec136, 0xbc451e9d, 0x0e6f658f, 0x1edf27ca, 0xc0db4120,
-      0xa9be0152, 0xc5bfee67, 0x87b6ef20, 0x9a2d6023, 0x35283238,
-      0xc7afb899, 0x60e564d8, 0x0ac9c2de, 0x4af22bc0, 0x82a9d22b,
-      0x28e6f631, 0xf532701b, 0xc075c701, 0x82075f91, 0xf6d418f8,
-      0x1beaa511, 0xf9fa628d, 0x6e72a13d, 0x551e7a17, 0x77f4c01c,
-      0x9306215b, 0x93c9d588, 0x71aba731, 0x58e57cd4, 0x6443ebe0,
-      0xe8103e37, 0x2833ac41 },
-    { 0x8da5ec5c, 0x7e564b86, 0x1c08db24, 0xac3d9da8, 0x8c57a728,
-      0x9d7c1f0b, 0x9d343dc2, 0x3512afe7, 0xfdc60339, 0xb438e4cf,
-      0xdcfa1941, 0x7d5a2700, 0x27320449, 0xd5f323f8, 0x1393c6e6,
-      0x1b87a58e, 0x04baa431, 0xecb68bd1, 0x4722b4d7, 0xc09c1c5a,
-      0x206b5faa, 0xf42faa97, 0x9976327e, 0xe1dcbcd6, 0x087787d9,
-      0x655ba9e4, 0xde5c0191, 0xbd59c757, 0x0bcf3538, 0x673020ed,
-      0xa49d6303, 0x120cd454 },
-    { 0xcab0f9ee, 0xebfdb8f4, 0x2cce58ee, 0xbc003ef0, 0x5a8d0665,
-      0x9b6a6841, 0x9b957774, 0x642ed3a6, 0x4721ab5c, 0x3de487f0,
-      0x21a4f0d3, 0xef2ff380, 0x29dbddcd, 0xbd16f558, 0x0e93dff2,
-      0x2ef05b4b, 0x0bc9aec1, 0xde1faa12, 0xd467fa92, 0x66dae2c2,
-      0x5eb33e34, 0x758daf64, 0x8f0103cb, 0xa67ad9f6, 0x9be02430,
-      0x151f693a, 0xeb4054bc, 0xd5698496, 0x7019336e, 0x8ef1677e,
-      0x7fdeea3e, 0x021cfd16 },
-    { 0xdf5c36f3, 0x5c73715f, 0xd64ad254, 0x703bde37, 0xf2cf7713,
-      0x55368d10, 0x0f3993c8, 0x1e5ec7b7, 0x304ae4ca, 0xfdb16776,
-      0x3d3bb18b, 0x0d8f717e, 0x66343d5a, 0x5267073f, 0x156008b5,
-      0xfaeb52ef, 0x224a470f, 0xb97ad5f9, 0xed2ab51a, 0xaf86e391,
-      0x9974302c, 0xdc0c7e57, 0xfd0ae28a, 0xc88fa817, 0xbf8ed59c,
-      0x807c22df, 0xeb128bb6, 0x5dedc231, 0xa20595a3, 0x71edcd9c,
-      0xc73cf78e, 0x07265b46 },
-    { 0xbd66232f, 0x73dd99f0, 0xc4027716, 0xc59aaf89, 0x5b860fc4,
-      0xaf826dfa, 0x7a943f3b, 0x239ea8aa, 0x523c428d, 0x0e0e1b1a,
-      0x6973b95a, 0x55ea0e3a, 0x2557753b, 0xea399caa, 0x06957b1f,
-      0xf8adf72f, 0x3bd34302, 0x0389f341, 0xf8a43a97, 0x333f27d0,
-      0xadaf796f, 0xcd9c0c08, 0x49c12aa2, 0x6dcca49b, 0x7a0ac6e9,
-      0xdd88deee, 0x0644080e, 0x8f47575d, 0x0cc2f4bd, 0x6e9d667d,
-      0x31d1496c, 0x36c5754b },
-    { 0xf323d84b, 0x9120046e, 0x7e789c4f, 0xa6991122, 0x921b8055,
-      0x4b0eaf4e, 0x8079974e, 0x6339844a, 0x740f8c79, 0xc905466a,
-      0xcd6def49, 0x1c18d0f7, 0x4b23e4ba, 0x5297da6b, 0xc41800c5,
-      0x1c09dff3, 0x37ef6777, 0x6c49075b, 0x50513ded, 0xa94c3a40,
-      0x6b0b1705, 0x3d6742e9, 0xc48af5ae, 0xc0784494, 0xc95822de,
-      0x40c01532, 0xc164d94f, 0xa2ddade5, 0xa2975eb5, 0xfc8a8ac9,
-      0x1946944e, 0x06fbf861 },
-    { 0x3f45aa97, 0x2d65338e, 0x1d040feb, 0xd83b58c8, 0x0fdef8b9,
-      0x05fef59b, 0xe4d7417c, 0x7beb071a, 0xb30a1a23, 0x982b61f5,
-      0xfb65bd03, 0x4c5f2a2a, 0x5cbf6bf3, 0xe40abc9d, 0xf06612a5,
-      0x422c326d, 0x9571ae28, 0xc921e69d, 0x23d3434e, 0x7c88b10b,
-      0x9da07933, 0x96d2e957, 0x3619cf4d, 0x833d46a1, 0xd95eefa1,
-      0xd9d19653, 0xa03e8f0e, 0x2a7d8411, 0x04bb5ab1, 0x5e642953,
-      0x1f0fa9ea, 0x5e9ca0fd },
-    { 0x197c5dc4, 0x5bd54571, 0xe78a95a2, 0xe2da40bf, 0xffdb0eb2,
-      0x65fb9efc, 0x0d17467c, 0xe952dc2c, 0xc758c6a3, 0xc1fc9c7b,
-      0xd4034a9a, 0xfc79562c, 0x61f64b56, 0x26e36fbe, 0x1e84728b,
-      0x6adc4b9e, 0xa8f9ac8a, 0x7f165fd3, 0x03e3e013, 0x7bc93a45,
-      0x656478e3, 0xeacc5513, 0x064ddc77, 0xd3391717, 0x76936914,
-      0x75b318dc, 0x362424a6, 0x69b1f1c7, 0x49955f34, 0x8cc2045b,
-      0xc6836af8, 0x940622b3 },
-    { 0x0d997973, 0x4710ccb7, 0xd3f8f115, 0x3b29625d, 0x5b97abd5,
-      0x8cf0c4d5, 0x673e14a5, 0xc6321e0a, 0x3d262246, 0x0541af9d,
-      0x6fc83b11, 0xde6d8754, 0xf01652a4, 0x47e97da8, 0xad9802b6,
-      0x0f82b3a6, 0xae9c44b2, 0x69aa4075, 0xced2bf77, 0xaf3f5de2,
-      0x497a40da, 0x1ef1ea8a, 0x3c23ba9c, 0x2e0f8608, 0xf190a2c8,
-      0xd8a998a4, 0xcfde3368, 0xe2b49c8c, 0xbde6bd71, 0xb9f49824,
-      0x785bedb6, 0x80bb1664 },
-    { 0xfd145cb5, 0x05e575fe, 0xac5e6883, 0x155ee561, 0x8793b273,
-      0x461e70cf, 0x133b2338, 0x9f1553de, 0xa2a7ba07, 0x2fb9e0c3,
-      0x3e7086fa, 0xc3bfd6a8, 0x8bb4cb93, 0xb6ba8500, 0x76f82dbd,
-      0x0b66d789, 0x54eb49ff, 0x7d5a6ff6, 0x1f20b322, 0xcd65d237,
-      0x54e29cdc, 0x79ea49c2, 0xcb118ff9, 0x64975963, 0xcc58000b,
-      0x969598dd, 0x110c779c, 0x95107918, 0x63b85a35, 0xedfc1548,
-      0x41212350, 0x077ba5ea },
-    { 0xcdd86f61, 0x0b3a38d3, 0x0502a0ab, 0x43121445, 0x806d0272,
-      0x1912edc5, 0x8a32f10f, 0x01dc1f98, 0x0e80c760, 0xbb1d31d1,
-      0xf464e8b3, 0xd46ec7e5, 0x9abf49ee, 0xd569af36, 0x2cdade77,
-      0x9d286ea7, 0x45ad5920, 0x2be7020d, 0x6299ae7f, 0xabe5236e,
-      0xd3f55c07, 0xc93179bd, 0x52350e80, 0x8138995a, 0xaff07586,
-      0x0901265c, 0xf4739653, 0x5b3c81b2, 0x9bc77d21, 0xbaf7581d,
-      0x4591a2e2, 0x6b2006df },
-    { 0x965b1bc1, 0xb2fe50a8, 0x962bb4fd, 0x931f536a, 0x000e7f99,
-      0xd5718d33, 0x53d5125e, 0x84728f25, 0xd2125caf, 0x4f8a6184,
-      0x357f679e, 0x54f1a701, 0x1531c05a, 0x70a9f40c, 0x6fa8b775,
-      0x10d0cb97, 0x9dc12ce9, 0xb476f41e, 0x2755f894, 0x5c8d7a75,
-      0x625741a4, 0xd6c12e10, 0xc917b16c, 0x262a6fb8, 0x38d6b0a0,
-      0x24d116e6, 0x32c38e83, 0x849540c0, 0x66868afc, 0x855b911c,
-      0xbd26b550, 0x53217ea6 },
-    { 0x259f52b4, 0xfc840473, 0xe621146c, 0x968da9cb, 0xcacbd26e,
-      0x964eb85e, 0xe4a54344, 0xab7daa2d, 0x381a4ff7, 0x6dc3b848,
-      0x41c815ef, 0xa07a96b3, 0xc3d4b1e1, 0xc4fae9e8, 0x42ce9ea8,
-      0x0f938d1e, 0x35cc052f, 0xa727dacc, 0xe9a06f07, 0xc81e01c9,
-      0x4a6d65a1, 0xa9e08dcb, 0x6044a9a6, 0xf8e2d173, 0xf2bd295b,
-      0x99893dd0, 0xf9781b12, 0xa08d3379, 0x61830ac2, 0x64bd6001,
-      0xd9adbeef, 0x0386931e },
-    { 0xd09885a5, 0xd0d7abb3, 0xe355bb07, 0xed9d2b67, 0x536ebaed,
-      0x3bc238cf, 0x699ce4d6, 0x61ca2e78, 0x111594cd, 0x354ff447,
-      0x03316ad2, 0x55cbe709, 0x49fff5c4, 0x418679fd, 0x0f9c6c40,
-      0x75bacd75, 0x2972721a, 0x677edc88, 0xe5ef502f, 0x82596887,
-      0xbf320e0e, 0x459e9367, 0x8bbdccb2, 0x81ce36ef, 0xb766863d,
-      0x1ba097fc, 0xd58c6db8, 0xcd3a21d6, 0xb4a8748b, 0x0e4967cd,
-      0x15041c20, 0x2caaf749 },
-    { 0x6ed20424, 0x44f98006, 0x22471545, 0xb3e4ea23, 0x781a8c86,
-      0x268ed1a5, 0x7ae5b70b, 0x48d0ab75, 0x356d3982, 0x6ca8b320,
-      0x2df31fa4, 0x9ce8e681, 0xd925dcf2, 0xb909d232, 0xf56723de,
-      0x302c8f78, 0xabac96f9, 0x11725d69, 0x57d1a170, 0x656a47ca,
-      0xc18a2be7, 0x6bb5d511, 0xad50d9d9, 0xb56e45f1, 0x70b05518,
-      0x36e886e2, 0x09d8ff91, 0xc7c71f3d, 0x9350361e, 0x65a1bbe2,
-      0x45fe3bd8, 0x86d7f532 },
-    { 0xb0bf719a, 0x99f16eb6, 0x8bc3d913, 0xb6975098, 0x26cd01b4,
-      0xfae50e52, 0x90898d1c, 0xd3e3ac54, 0x887ec666, 0x4da3b9db,
-      0xfbea45b8, 0x58300644, 0x8355b058, 0x369f3bd9, 0x579bcc13,
-      0x0fb239a8, 0x6e2bd811, 0x4f5b4539, 0x24198fd2, 0x007f3baf,
-      0x8837d51d, 0x68a676db, 0xeae75b16, 0x68eeea62, 0x3db6083c,
-      0x5ffe5f94, 0x7d836c5a, 0x52c94d0f, 0xcbc1ff85, 0x5a4c3c6f,
-      0x86c0b4dd, 0x682a55e3 },
-    { 0x587495aa, 0xc8f235a4, 0x34c7245d, 0x2276026c, 0xb75a46e3,
-      0xd6ae0cc5, 0xecc3e5e7, 0x890d3965, 0x14296629, 0x1b13342f,
-      0x8a877227, 0xc89927e6, 0x2324a68b, 0x1543f27e, 0x49cdc21a,
-      0x6c447684, 0x1452d0ac, 0x9bc7fd4f, 0xff4b045c, 0x2cc30a31,
-      0x852f7611, 0x415d46a0, 0xc6fdd7a6, 0xad737052, 0x7b4c7c91,
-      0xdcecc3ab, 0x7688d70c, 0xd2cdf01b, 0xe40d3905, 0x054f2542,
-      0xfefe4dcd, 0x02227fa6 },
-    { 0xb751948b, 0x1805efd9, 0xfdfd225d, 0x8efeed46, 0x4f2c8b22,
-      0xcb128e09, 0x96f7c5e5, 0x9d1090bf, 0xb4cbeca0, 0x0959d044,
-      0x8e08cb04, 0x21c955f9, 0x68fa4fce, 0xbc1f279d, 0x0710ae9a,
-      0xb021e14e, 0x881167f4, 0x64d16e9f, 0xbbc9f1a5, 0xf5a5c22e,
-      0xe3420eea, 0x5f3716df, 0xd5c4e843, 0x971eb915, 0x28ffba81,
-      0x64fc55fc, 0x7dd37578, 0x3427e54d, 0x15ebc7d0, 0x446e6a62,
-      0x29269778, 0x547e249a },
-    { 0xa1ffda27, 0x4706868a, 0x7955cf50, 0xb4e6cdcc, 0x0a63f3d8,
-      0xf65151e1, 0x9de5e70a, 0x5b4127ea, 0xf9342823, 0x3d2c09ba,
-      0xaa2f7d51, 0x18c99d83, 0xddeec025, 0xa0c5bb1d, 0x03dcf1ce,
-      0x7ffddf84, 0x616fdeda, 0xe57e4d29, 0x7932a1f0, 0xd2456569,
-      0x3191d4e3, 0x7475e0e8, 0xc220218b, 0x3479bea1, 0x8bcb2505,
-      0xfceb5c90, 0x3c6132e6, 0x1c685cea, 0xbfe6c1eb, 0xc42dc745,
-      0xd2b08eea, 0x45a41cc0 },
-    { 0x4dbbf0e1, 0x3ea9b2c7, 0xa17cf70e, 0x41ff962f, 0x5eeb4c66,
-      0xdc1ea758, 0xa9beb17e, 0x4f5412d2, 0xa285741a, 0x2c9e4f52,
-      0x984fd11f, 0x93df7da4, 0x0df3184e, 0xb2afbddc, 0x2421e375,
-      0x96323d25, 0x49df781e, 0xc87be1e4, 0x3d589bea, 0x145601ed,
-      0x28fff6dd, 0x0f0bd9bd, 0x8a0f298c, 0x2d3259d4, 0xd88e6944,
-      0x362d7a77, 0xb6ac2af6, 0xa84c06b6, 0xd087da02, 0xba850ac9,
-      0x42ee40c8, 0x128763c9 },
-    { 0xacbac178, 0x29a80f07, 0x34b08f6e, 0x7cc20044, 0x70feded2,
-      0xe9631d14, 0x86615767, 0xb2115da3, 0xcb088548, 0x7c75f5c4,
-      0x9a2e8e03, 0x5b29d213, 0x8b881752, 0xfe9fda66, 0xc1de7ebc,
-      0x3f1d8d88, 0x03218123, 0xb476565e, 0xb1c995f3, 0x07365561,
-      0xb13eb71b, 0x2160cb18, 0x99b3a0eb, 0x7e8da513, 0xb20fcd74,
-      0x5e8ca1f9, 0xb4126d72, 0x6a7e0067, 0x68bb637f, 0x1e8204b7,
-      0xfc4f74d2, 0x75e96bcc },
-    { 0x0d19716e, 0x189d1fdc, 0x7c384525, 0xdf585058, 0xea987d2a,
-      0x64a846d1, 0x6c07150f, 0x12b6bf83, 0x4d6fd5b7, 0x91d85d46,
-      0x4f53f55f, 0xa9788836, 0x81509129, 0x60083bd8, 0xea876f48,
-      0xa7672683, 0xc15b2489, 0xe80b2e7a, 0x42d1d992, 0x985ef8d2,
-      0xcf3de492, 0x9c57b029, 0xb1487627, 0xfe02f83c, 0x8ae5b687,
-      0xaeba4fe4, 0x5d6b8196, 0x8a86f09b, 0xa16e523d, 0xd88f566b,
-      0xba268949, 0x309a6e9a },
-    { 0xbdfbe97a, 0xef27ee50, 0xb8c50c4d, 0x1a5fe70f, 0x7fe09f5c,
-      0xcc7beb01, 0xbed36cc5, 0x8fa15a85, 0x7550ed3a, 0xc0c3acdb,
-      0xeb908681, 0xc581ef87, 0xc49d5ccb, 0xa15b3362, 0x1fa264e8,
-      0x0fbb1714, 0x8e1eee88, 0x267f8d8f, 0x21c2b63d, 0xd31ccfd6,
-      0x53be7efd, 0x924dbe7d, 0xdb2a358a, 0xd42e877f, 0x75d68ac1,
-      0xcf9673c7, 0x714fea55, 0xe35978fd, 0x5769b202, 0xeeb36653,
-      0xd7593789, 0x0458258a },
-    { 0xa042dbdf, 0x5df71a74, 0x5779dfa2, 0x2d405857, 0x0d2e6657,
-      0x0e66cba7, 0xca2e892e, 0x285d6745, 0x0f0e6b5f, 0xf56a8def,
-      0xa30767c3, 0xe0ee851d, 0x43346b9c, 0x98c05658, 0xd6b3c742,
-      0xb35fce26, 0x39777e00, 0xc0895bff, 0xe7b6d886, 0x83c8f6a6,
-      0x4f02904b, 0xbee14843, 0x2e84ec34, 0x7f74915b, 0x96d10991,
-      0xbaaf663c, 0xe41facc0, 0x004b8757, 0x6f86c029, 0xa2b880e5,
-      0x95b77358, 0x53f4a3e0 },
-    { 0x89fc48e7, 0x11bb08ce, 0xafab5aeb, 0xba60c577, 0xa0c1cb5a,
-      0xf06bcbf8, 0x79757cb6, 0x7d2efaea, 0x76319160, 0xe26d90b1,
-      0x2b77b7a9, 0x42aa1ab6, 0x285df2bf, 0x38eec0cd, 0xf3a8f7f0,
-      0xd35947f5, 0xfc1cb5b5, 0x97c8dc0e, 0xc45845cf, 0xfeb8cca0,
-      0x249e26f2, 0x16e8d989, 0x483ed89a, 0x7c264e6d, 0x51d91073,
-      0x13a3f145, 0x305e99f0, 0x8501562e, 0x6908d563, 0xaaf98d74,
-      0xd723d236, 0x0a99e653 },
-    { 0xabbc0559, 0x23536f46, 0x9aa1a160, 0xc163067b, 0x0c1681b5,
-      0x229fd229, 0x1378e907, 0x61254be1, 0xab793a2d, 0xc60ff57a,
-      0x466552db, 0xa6f2df8b, 0x8c170a36, 0x9ad31893, 0x29b74d9a,
-      0xc5cd9abe, 0xf7848523, 0xcf747273, 0x0d0e3063, 0xc126a93a,
-      0x4248e3d8, 0xfe2021e3, 0x8323ddfa, 0xd97343ee, 0x332639e7,
-      0x9f768775, 0x75325548, 0x9650fc31, 0x3eebf7ea, 0xb595dbd1,
-      0x010fcbc0, 0x3a95cb45 },
-    { 0x39d7ff2e, 0x954e68cb, 0xc1d5c48f, 0x8dd1cb4b, 0x7169438a,
-      0x02a92c77, 0x91cad8ce, 0x7965c0b0, 0x32cd08d2, 0x0c5798ab,
-      0xa6902bda, 0x1a5bc3c3, 0x5186d218, 0x545d0925, 0xd27e64db,
-      0xf0077cdb, 0x8cd092da, 0x0157caa4, 0x24532ab3, 0x2a2fa3a0,
-      0x41ccaba3, 0xa5fb639b, 0x4744aee6, 0x01702dc1, 0xcdba93da,
-      0x485bb436, 0x329784f1, 0x93597f66, 0xdad672c3, 0x5d713c1d,
-      0x030b7245, 0x366d222e },
-    { 0x573ea5b2, 0xd50b4875, 0xa90da44d, 0x0fce401b, 0x7a1a0310,
-      0x7b53fa65, 0xcf114460, 0x722a80a5, 0xa538bf49, 0x0b8ebf05,
-      0xd32acd21, 0xae141147, 0x7b5ad07d, 0x6692712c, 0x3f48ca07,
-      0x6dc5fee7, 0x2b8a78d8, 0x98ed1499, 0xdd2f1759, 0x4e8b3145,
-      0x5f971b8e, 0x43408de1, 0xadf1b368, 0x055ea6dd, 0xe5932b7e,
-      0x4bb76e73, 0xd30893fd, 0x44287153, 0x0661bfda, 0x173dccd2,
-      0x79defd25, 0x9072ba99 },
-    { 0x9620ea39, 0x474de4dd, 0xc831cee8, 0xfbf1649f, 0xcd3a9c43,
-      0x0b0e8bb1, 0x3f3df1d5, 0x6a38286f, 0x8f0ec9b3, 0x4ed072b3,
-      0x729c09e3, 0xa6e4c987, 0x8ad12242, 0xea3e8ac6, 0xfbdfa5ba,
-      0x6ae0e22b, 0xb0a0f592, 0x56171ecf, 0x6b871f8d, 0x33b2886d,
-      0x35e11bda, 0x6b19bea9, 0x7f0f153f, 0x4d815a40, 0x7d6c02ee,
-      0x7e608d97, 0xb6a88f46, 0x7e8f23d9, 0x439d1654, 0x26ac9652,
-      0x35546c29, 0x8d92c6bd },
-    { 0xabeb0ff7, 0xb3e0d7ce, 0x3e0e42f8, 0xfbe35254, 0xde808499,
-      0x57d1b226, 0x1cd44bc3, 0x9ece2e1f, 0x435cfee1, 0x1245adbc,
-      0xf93f581c, 0x874ee840, 0xbda0b947, 0x916a779c, 0xfa57ae0a,
-      0xabcc815a, 0xf0a621b0, 0x97adec2d, 0x81f90bdc, 0xbe6a502b,
-      0x53bde63d, 0x54bf9de1, 0x78884c25, 0xa88fdabf, 0xcbbb5470,
-      0x30aa52b1, 0x29053ef5, 0xf805396c, 0x8dd827ea, 0x8d43d898,
-      0x5c1ae5c0, 0x4e4bec17 },
-    { 0xfcc09676, 0xbf8483a2, 0x19ea9a94, 0x457c4a3f, 0xd702a5dd,
-      0xa6852ef3, 0x843fe7d8, 0xe7915fd2, 0x16e35158, 0x644bba98,
-      0x9ed746f0, 0x8d1b95d0, 0xb90af0b5, 0x47704581, 0xd4fd135e,
-      0x0bd4bc6b, 0xb4e833a5, 0xa6dce067, 0xff56a9a1, 0x2c0e8f30,
-      0xec2c63fe, 0xa9c80800, 0x98f508a8, 0x449c20a5, 0x3292813a,
-      0x02b94cb3, 0xec7e81a2, 0x647e3d28, 0xb4877677, 0x72e67d1a,
-      0x6f9ded24, 0x7a4aa3f5 },
-    { 0xe27a0045, 0x559ef1ba, 0xb242cb50, 0xdc812d4f, 0x39cf8d24,
-      0x23a478e4, 0x9b3f9c54, 0x97544fc5, 0xaffa1fcf, 0x5ac68132,
-      0x34a2c83b, 0x74f8fee0, 0xcd3f4bb7, 0x96cc640f, 0xb0512ea6,
-      0x775dce9d, 0xcdce381e, 0x67dca19d, 0xa9d3fe55, 0xc1eeb3f3,
-      0x1a19274f, 0x38e0bf42, 0x28d69b12, 0x15992fb4, 0x9fd09df8,
-      0x48fcebde, 0xb41ab5df, 0xdc9dfa4f, 0xc0a269c5, 0x0cbd7dc8,
-      0xf7f0ade1, 0x60282a7b },
-    { 0xdceea2e7, 0x7c07e538, 0x3c42061d, 0x38a322c8, 0x4f1f6516,
-      0x676828f9, 0xc7776a10, 0xf21b69fb, 0xb5e6b405, 0xc63a3417,
-      0x91a7b642, 0x4c99f258, 0x2cad1440, 0x38692ca8, 0x00869bcd,
-      0xf1e82ffe, 0x16fe466a, 0xc30b714e, 0x19019138, 0x5fb742f9,
-      0x0fa516ae, 0xe90166d0, 0xd8c73a43, 0x5550f7ac, 0xfbc5c372,
-      0x2d6a407d, 0x68cc39ed, 0xe47a7539, 0x4a5fbe70, 0x3fd286d9,
-      0x23c6b942, 0x5f4ae9c7 },
-    { 0x53f4d561, 0xd96a2dda, 0x16da1992, 0x286d45d0, 0xfdd4b051,
-      0x449a01fb, 0x9f2195ea, 0x25488a0d, 0xa37661b3, 0xc4151b0a,
-      0xf9e5ee02, 0xb98c471e, 0xa8658817, 0xa4bca86e, 0x7a68fc0a,
-      0xbbcadb87, 0x6b7366a9, 0x88b34649, 0x15661c2d, 0x32ee98d4,
-      0xc901420c, 0xf5b3b4c6, 0x2f2752af, 0xa2352735, 0x510e4d9c,
-      0x2f64ce73, 0xaca4aa80, 0x939a7f26, 0x401aa503, 0x9cd3e291,
-      0xdc46afd2, 0x92a01423 },
-    { 0x1c2f7dbd, 0xe9f24be1, 0xb7d527fa, 0xda8c900f, 0x8648f128,
-      0x963e25bb, 0x48141941, 0x9ab713e2, 0x7a6756fb, 0xe87f7d01,
-      0x058d90bd, 0x274dd85e, 0x82566abd, 0x823fee7a, 0x74240195,
-      0x9f6230d7, 0xacb5e46e, 0x04579f2c, 0x16a4c87e, 0x2a226263,
-      0xd99b0857, 0x9ca19a43, 0xe488789e, 0x86dc2ba3, 0x9406c3bd,
-      0xf960b5b9, 0x8960957e, 0x6f2c428b, 0x161c515b, 0x90748706,
-      0xaa88cb9b, 0x0fc8fe1e },
-    { 0xfeb90f2d, 0x68ae1bed, 0xa48b1559, 0xf393bb3c, 0xf64e9635,
-      0x2be62f9c, 0xf8be75c2, 0x354c2410, 0x5e6f7529, 0xbd7ea703,
-      0x162cab31, 0xc264868e, 0xc860f3ff, 0xb1391e70, 0x1d89837e,
-      0xdf367c75, 0x2bf32941, 0xe150b6b4, 0x78c1318f, 0x95e8f46e,
-      0xa2c4b160, 0x2b3f1dab, 0x701afbf3, 0xc6ccf5ce, 0x5e8874c5,
-      0x3ad27530, 0x5dc6dcbe, 0x39285e51, 0xd99892dd, 0x3c954d86,
-      0xdfd3789f, 0x2d0ba862 },
-    { 0xb472e1af, 0xeacd8ee8, 0xb76abbcc, 0xeb354eae, 0xd0d93fbd,
-      0x9b520bf8, 0xfe6fc706, 0xfccd60d7, 0xa4ee2f39, 0xa9353dde,
-      0x9a81e51e, 0x5eb0925e, 0xd1366777, 0xee334da1, 0xd5354d69,
-      0xc1d28c9f, 0x92a5ed54, 0xb9771755, 0xb7f70d81, 0x5d3e367f,
-      0xa933ae7a, 0x7be7eeca, 0xe23cfbb7, 0x264cf1f9, 0x89497681,
-      0x0d129f4a, 0x09b6235b, 0x705375a4, 0x48a376da, 0xccf64c75,
-      0x4d41dbfc, 0x963c8712 },
-    { 0xde36a814, 0xbae290cb, 0x733b12b5, 0x9bdb0195, 0xf77fe0e1,
-      0x0ebad867, 0x29720cea, 0x0a7d19fd, 0x9029ec72, 0x434d7651,
-      0xbb51911e, 0x856aff17, 0xd80a7f60, 0xd0a25d9a, 0xf848c106,
-      0xffca86af, 0x43ad749c, 0x53e8bdf9, 0xe3e696bb, 0xfb9e0284,
-      0xeeee4215, 0x3eb6630a, 0x2ecf3c63, 0x9d8fbb9e, 0x4e00c0c0,
-      0x71da4ffa, 0x5d57beac, 0xb296be59, 0xa8cec7ef, 0x1751fbad,
-      0xff55d7bd, 0x2d03eb3c },
-    { 0x04f2ec1d, 0xeb16925f, 0x0d147ee2, 0xa878f276, 0xaad9d9e0,
-      0x442df604, 0x3f71035b, 0x891df44b, 0x8cb95d5b, 0xc28272b3,
-      0x5ee8ed23, 0x6f14efb5, 0x13b0f3e3, 0xf3c4460f, 0x6bd7335e,
-      0x889f9bd7, 0xf755ba6e, 0x889ee771, 0xed219b6c, 0x626984fe,
-      0xec2ee411, 0x2d44c737, 0x63efcd37, 0xb94385a2, 0x6637826b,
-      0xd909321b, 0x3ee6b7a7, 0xc24f8a79, 0xa7cf61b7, 0xa3ca8d24,
-      0xc54bacd9, 0x842e40c1 },
-    { 0xa661d843, 0x5a268ed6, 0x4f5b30cd, 0x02328cca, 0x1311e177,
-      0x16e6fed1, 0xc6695967, 0x690decb4, 0x57b2e280, 0xbdac5bf6,
-      0x1efe42d0, 0x827f82ca, 0xca5fca2f, 0xc554ec0a, 0xdde45506,
-      0xac5276c1, 0xe3077513, 0xb7f4cb08, 0xcc8797cc, 0x8caf6d9a,
-      0x0d9332d2, 0xd5964814, 0x285a409f, 0xcc6ae297, 0x6223d093,
-      0x7773c2a5, 0x5128fc09, 0x2d5266ac, 0xbc31fe6c, 0xa596b7cb,
-      0xcac91328, 0x0e63319a },
-    { 0xf0360ac2, 0xb5cd2fad, 0x285e605a, 0x86b660de, 0xe25b9b14,
-      0x82c6cf10, 0xaa9ac554, 0x9d5fa38d, 0x526c070e, 0x3dfcf1b8,
-      0x3fccc52d, 0x0379a96b, 0x0bfcc7f5, 0xe3659c29, 0x69d3e6a1,
-      0x5b1a3db5, 0x9b7b42d5, 0xb41528b5, 0x9c22a006, 0x934defa4,
-      0x9b4ce3b6, 0x90f38018, 0xb3abaf32, 0xb073bc04, 0xff8389e2,
-      0x27a5a222, 0xffa5a35b, 0x0b7a9d51, 0x28e1a7c2, 0x4939ecef,
-      0x1872705a, 0x88839da2 },
-    { 0x701ce29a, 0x56b66c30, 0x58981d50, 0x3acaf126, 0x105f9f21,
-      0xd4dafc0c, 0x373e3d13, 0xfee571e6, 0xfa2ee3ca, 0xe7269c86,
-      0xdd20385a, 0xf5cca64a, 0x3000e9ac, 0x217f2757, 0x0e7273ef,
-      0xc934db47, 0x355b6776, 0x4294f4f7, 0x6fc05180, 0x1faa36b9,
-      0xb052190b, 0x8f88b1db, 0xe9eaef52, 0x35791b90, 0xdb681b90,
-      0xf37fb2eb, 0x4415c369, 0x39d0a51d, 0x1d2e21c9, 0xfc59cca7,
-      0xa1f50c26, 0x64128cfe },
-    { 0xe8f5b0b5, 0xf03678a2, 0xd340f059, 0x5c7e249c, 0x93ca7cec,
-      0x41440441, 0xbc83af98, 0x075ca346, 0xfaa8bbb0, 0xf39f0033,
-      0xf38230f7, 0x3d18f0ed, 0xd448f345, 0x78dff00c, 0xd51aa475,
-      0x849228c0, 0x30c928d1, 0xdd4e2708, 0x8f12cfd3, 0xc66ba686,
-      0x88b3a206, 0x091049db, 0x016dae01, 0xd865d059, 0xe253e37d,
-      0x4599e905, 0x7ce9871b, 0x322cf0c2, 0x174a132e, 0x014f54da,
-      0xbdabcbda, 0x93634a09 },
-    { 0xa9a2e304, 0x62826b27, 0xc1a4c124, 0xc57e1866, 0x22381710,
-      0x913ab832, 0xa9847cfe, 0x7e9b6b85, 0x2b5f46fd, 0x29655cf1,
-      0x8038e66d, 0x7295572b, 0x6fa95eab, 0xe4cba601, 0xb9deda81,
-      0xbbc11071, 0x3f1cf61e, 0x97f0009a, 0x373e0cfb, 0x5372777b,
-      0xd139d63b, 0x302f909c, 0x4f87d78e, 0x1ed672da, 0xb4048763,
-      0x362077a3, 0x9dcc22b2, 0xc408c32d, 0x26deeee7, 0x4b4c5bf2,
-      0xbc06357e, 0x266cb467 },
-    { 0xb56363e8, 0x6faa4154, 0x3c1aa4db, 0x4b4fd078, 0x2b9e6597,
-      0x14358dde, 0xfa004b84, 0x5b34ae3e, 0xf19911a6, 0xcf44b2ec,
-      0xa536bf78, 0x55caa833, 0x8870dc95, 0x606e1eb9, 0x09f3511d,
-      0xe3c3287d, 0x9d5cf364, 0x68b2f4eb, 0x63ab8c9e, 0xc154e892,
-      0xc36ab611, 0x1548828e, 0xa1b7d120, 0x0932bfcb, 0x5315b8d7,
-      0x7ee7b5bc, 0xf7473ac1, 0x782fd0d1, 0x3c8f2af3, 0xbcb029a8,
-      0x52454ee1, 0x4b1d5a1b },
-    { 0x63d52c0c, 0x12fe5174, 0x188c099d, 0x3735525e, 0x360e3956,
-      0x5c621563, 0xacfa5a43, 0x88b3f1ca, 0x797e8107, 0x90123a0a,
-      0xb15e080a, 0xba31f6b5, 0xfca3dada, 0xd7de5e12, 0x0df511c8,
-      0x3287361b, 0x65757d4e, 0x7cc800d4, 0x5207ec91, 0x10810f3d,
-      0x30eea0e3, 0x0d4e56f1, 0x3ea5a2ec, 0xbbf7ee13, 0xbe6abbd0,
-      0x6fc07762, 0x120bf619, 0xc831fdce, 0xb622d42a, 0xe07439fa,
-      0x508e4b27, 0x8186b93f },
-    { 0x09312867, 0xc619d154, 0xbfaf7db4, 0x7e042c05, 0x1f5f5dda,
-      0xc1cf1668, 0xa4fc3d82, 0x50aa5057, 0xce68b8fe, 0xed30ed65,
-      0xbeb4d644, 0xecb01c0b, 0x831c0497, 0x7b5dc444, 0x9b7d9b1c,
-      0x351e6a00, 0xd9477c91, 0x4bb863b9, 0x05d4110a, 0xaba65891,
-      0x43580b7a, 0x30086cf4, 0x90be357e, 0xb139c076, 0x27b5214e,
-      0x12bfff1a, 0x22c3ab57, 0x79cfc6d7, 0xf34a9bfa, 0x4743de57,
-      0xc9ee2b2a, 0x0bf97e97 },
-    { 0xdda19e96, 0x96ec4ec8, 0x6c306e8b, 0x54ce18ea, 0x65f6918a,
-      0x7e83612b, 0x0d9a0d99, 0x1ac6f68b, 0x62fdcc09, 0x98a697a4,
-      0x95bc3e13, 0x65ce25f1, 0xb3939730, 0x1896ecda, 0x32f12806,
-      0x9eb81a0f, 0x1d2dc7df, 0xd3d7416e, 0xad473599, 0xe22c7976,
-      0x9f5ef439, 0x3de37a9a, 0x9e69d94e, 0x6b7ac0ab, 0x0a9d0bc8,
-      0xe6bfa9e0, 0x5676f120, 0x576a870d, 0xfeaac23f, 0x3bd91bb4,
-      0x3e40aabb, 0x8fe5482c },
-    { 0xce9a4d1e, 0x85ae67c2, 0x4f1d2038, 0x4c3eb803, 0x25d06192,
-      0x5c6c8f3a, 0x308fb41c, 0x803de0ad, 0xe71c294e, 0x9961f5bc,
-      0xf02eb0da, 0xdc62078d, 0xb64ae8b6, 0xc87ef515, 0x50b4d18f,
-      0x69679f1e, 0x52199f43, 0xc5c009a1, 0x0f640a5f, 0xa7d484be,
-      0x23dab566, 0x4c918bb1, 0x64275d2c, 0xa67c114c, 0xcad2ded6,
-      0x95a913b9, 0x6b4b5c8d, 0x189ed18b, 0xb42d3bf6, 0x4aeb6206,
-      0xbbc8bc3f, 0x3928c669 },
-    { 0xdacb4b64, 0xde4bea4a, 0xf26179a1, 0x03f62a44, 0x7a9112a4,
-      0xf3aac94e, 0xd36f331e, 0x90448fbd, 0x407b85c4, 0x426042bc,
-      0x2121b77b, 0x5ad8a596, 0x67cee984, 0x31674a4f, 0x4e3b2f0d,
-      0x7fae8bbe, 0xa7c930eb, 0x681df6dd, 0xc259d0d4, 0xadeefa98,
-      0xbea1c1fd, 0x1b14d9e6, 0x21d405d1, 0x3baadc8b, 0x73892754,
-      0xf01dff93, 0xf071cde4, 0x81c35b3e, 0x9150d0d9, 0x1704d2e1,
-      0x355134f6, 0x6ccc888f },
-    { 0x7ad7504c, 0xf8d36f0e, 0xf7959ddd, 0xbca3265f, 0xfede67aa,
-      0x0dcd1ede, 0xbaebf32f, 0x1276f4ce, 0x014edcfc, 0x6825a6e6,
-      0x99ad8eb7, 0x0b8c1a82, 0x09b8ce1e, 0x312024a9, 0x9cbd351a,
-      0xcb8fd98b, 0xfab1e8be, 0xa4841378, 0x3973cacf, 0x17ed0f5d,
-      0x259d5254, 0xa17e1484, 0x74b91393, 0x53d5b843, 0x1aca3ce9,
-      0x8f792b21, 0xc8c0f815, 0x035ff110, 0xad4ed7bd, 0x6afa6357,
-      0xb26faef9, 0x2f151980 },
-    { 0x29d2d439, 0x0c8631da, 0xbc039955, 0x121fbbc2, 0x6c05b75b,
-      0x3e5a9792, 0xb6ce47ec, 0x6d6cf4c0, 0x9d88c658, 0xbaaa1767,
-      0xf3355a17, 0x031db9e7, 0x0aef5a85, 0x8381e3d8, 0x15a31bdf,
-      0xc71db290, 0x9498fd7d, 0x638f6b74, 0x13beeef6, 0x44edf3f9,
-      0xf4ab67b3, 0xe6173271, 0xfd22df11, 0x3a202c70, 0x205c4e92,
-      0xf7be0389, 0xa8eb9920, 0x1c219085, 0xbeb54aaa, 0x6c805ce8,
-      0x0ac58d65, 0x354b05b7 },
-    { 0x7a9170e9, 0x7171e236, 0x4cad50cd, 0x01eec42d, 0x3cddccfb,
-      0xffbe824f, 0xa66cae1a, 0xa73e8ce3, 0x965c7d01, 0xb7138a7f,
-      0x5c3d971e, 0x00058e3f, 0x2ff0a72b, 0x52591ac3, 0xbbbce76f,
-      0xa32fb5bc, 0xa9f81a18, 0xf3241ab8, 0xeca68630, 0xf31d3332,
-      0x4482f13b, 0x847af9fc, 0xa4681be2, 0x6196e217, 0xe55efcf9,
-      0x9938f932, 0x70acc705, 0x3e7dacb8, 0xcf09fac2, 0xd41be893,
-      0xae3523a1, 0x48dc55c4 },
-    { 0xa5092193, 0x8e623826, 0x6898970c, 0xe46ec362, 0x25c9eb41,
-      0x2f1356af, 0x83c7d245, 0x41780640, 0x97d00e38, 0x982def67,
-      0xa512151c, 0x382eb6e7, 0x8af58869, 0x154e1077, 0x8a51cf02,
-      0x18707075, 0x71313c58, 0xcdeba9f7, 0xba155904, 0x5d67b973,
-      0x1d0d7b3a, 0x851c9f4b, 0x8b8af2cd, 0x19f29d71, 0x986b8d62,
-      0xcb94ccff, 0xb93b9c33, 0x8725e24b, 0x66e38c68, 0x405ce4c5,
-      0x0b6dc021, 0x5f6a8edd },
-    { 0x8f9a8690, 0x83704ca5, 0x2f76a407, 0x3f369766, 0x69201028,
-      0xfbc12d8c, 0xbce3a4cf, 0x4cd58f16, 0x04aab26d, 0x7804664a,
-      0x4ea457a8, 0x005cfbba, 0xb8a59794, 0x537951b3, 0x4fe1f739,
-      0x4ca2b9e4, 0xdf325797, 0xe4428acd, 0x0ea243db, 0x648da342,
-      0xf43ce01e, 0xcce6562b, 0xf27db490, 0x840f0421, 0x8bfb7cf0,
-      0x156ccb70, 0x5a8797d3, 0x9b33480d, 0x9eb814bb, 0x2e12e07a,
-      0xca7f87ac, 0x1ca65072 },
-    { 0x2b9d25a0, 0xfbb321cf, 0x40a746db, 0x66affdca, 0x59e368b5,
-      0xc1c1530e, 0x7d80068f, 0x56ed1ea4, 0x5647dd68, 0x9b74d8fe,
-      0x89b78da8, 0x1d96b507, 0x8bbe3391, 0x39b75243, 0x0d858c5f,
-      0xef8d443e, 0x9646aa34, 0x4dd2db49, 0xe667543c, 0x7fad3bd1,
-      0x68980985, 0xd0d710c0, 0x49facaba, 0x9f7aff32, 0x14f9a192,
-      0x055dec1c, 0x1fb307a1, 0xaca66399, 0x35ffff64, 0xac44fd91,
-      0xcbad3cee, 0x462cafb6 },
-    { 0xde3237dd, 0x1660a647, 0x82b87404, 0x95f735cc, 0xddfa55f8,
-      0xf7879f59, 0x726b914a, 0x15ef043e, 0x1c93e298, 0x1875393d,
-      0x6ef18331, 0xa1a2be74, 0x25a9a12b, 0x4e7e8dfc, 0xa9c3917f,
-      0xdfefc97d, 0x0a2ebe41, 0xbc875d03, 0xa732d1cc, 0x0f75d235,
-      0xd9baa6d3, 0x06fee7fe, 0x65f48576, 0xaa784fab, 0x513f83c0,
-      0x23155e22, 0x3e8f9d13, 0xd2fb7718, 0xb546eafd, 0x2a291503,
-      0x6cd93608, 0x1293c98c },
-    { 0x49d53b77, 0x72781251, 0x96eafac7, 0xa6ab403d, 0x4a36b711,
-      0xb7d7c7db, 0x87e771c1, 0x8238c708, 0x33b37522, 0x495f6abf,
-      0x8c87530d, 0xb0b0289c, 0xe77b111a, 0xca83cb86, 0xa1bd189e,
-      0xbe1c0fb8, 0x1ae9d7c7, 0x58cfb2fb, 0x4940c3e8, 0xd05c23c5,
-      0x74ad9107, 0x16e79e41, 0x064e7142, 0xa0a47f05, 0xfdfd614f,
-      0xc6929cd4, 0x3946988b, 0xedb2584c, 0xe46f8fb1, 0x73e4b5f3,
-      0x68ea94ba, 0x53b79aa1 },
-    { 0x44bbb6a1, 0x216fafce, 0x67821728, 0xd3a5bba0, 0xa9dd939a,
-      0xef1e4b30, 0xf19efafe, 0x022eaf3d, 0x7b4ec014, 0xfed5abce,
-      0x512c6738, 0x64968ee6, 0x29fe89a2, 0x23119869, 0x47397c05,
-      0x0d539d8d, 0x234596c4, 0x6400bc54, 0x5346611d, 0xb9287f58,
-      0xc9d5da0f, 0x04099903, 0xc83af2a8, 0xe5ef4997, 0x328151e1,
-      0xc89dc01b, 0x58401104, 0x150fb4a9, 0xf3872c9d, 0x40a6f7d5,
-      0x56c2e833, 0x8290d6d1 },
-    { 0xd8546946, 0xf84637c6, 0x69ec57fa, 0xda134a39, 0xd789007e,
-      0xd42359a4, 0x0dc7b809, 0xb42557fe, 0x2d6784a9, 0xe62ae52d,
-      0x0bcadb5f, 0xa2714ca6, 0x33aafca5, 0xcc208de6, 0xed967811,
-      0x2380ed5c, 0xdb321660, 0x6e6b55e9, 0xa675235a, 0x1bead02c,
-      0xb33fa0e1, 0x51cc6ef9, 0xf06a2a08, 0xfd223e26, 0xec47b3cf,
-      0x00f332e1, 0xa0aa984e, 0x459f297b, 0xee952e14, 0x6fa1d969,
-      0x304fabb0, 0x506ef1ab },
-    { 0x35bff163, 0x11b4eb27, 0xea9fa984, 0x7130b96f, 0x9deb27ce,
-      0x66aceb3f, 0x9dd1c3d5, 0xa2daf1a5, 0xa73075aa, 0xf5090a7e,
-      0xe3071b58, 0x36a6af39, 0xdf73ad9c, 0xa28d633d, 0xbdc89a16,
-      0xdd354cac, 0xd4dcbc3c, 0xdfea3423, 0x379d92d1, 0x6eec74d2,
-      0x8eed6765, 0xe14a456f, 0xfa8feb1f, 0xfabe7743, 0xb98fcbc7,
-      0x1404ccf8, 0xf71a706e, 0x6ccd2fbf, 0x4d85c678, 0xdaaf3fdb,
-      0x15200344, 0x415b7dbf },
-    { 0x7d8377a7, 0x97010586, 0xcb803272, 0x068a3d68, 0xf03a4c32,
-      0xfd67d289, 0x93c8f290, 0x4bc7095d, 0xe9e5a2b8, 0x712fa13c,
-      0x0feb9f3b, 0xfc6ac6c6, 0x6e0e54c2, 0x0cda36d9, 0x86320a01,
-      0x45499751, 0x97f00f11, 0xf9318c91, 0xe6936508, 0x01dc4c3f,
-      0x85f068aa, 0x769a2ef9, 0xa2b5511c, 0x3522cef0, 0xb4122e05,
-      0x006965ed, 0xc175d43f, 0xfce0fafc, 0xec831d59, 0x525dc9bd,
-      0xaf58879d, 0x1ec314f1 },
-    { 0x2c8310c2, 0x0663feef, 0x457e3f74, 0xaa7e14da, 0xe5346887,
-      0x392b10fc, 0x637ec2c5, 0xcde4a38f, 0xb542f8df, 0x50773320,
-      0xf7de1711, 0x341302f9, 0xae4b9bc6, 0x018b1c63, 0xdd2f9e6f,
-      0xf001c46e, 0x26eccfa0, 0xd3bb0a97, 0x7746e0c7, 0xa931b99d,
-      0xf5875aec, 0xe0c8b6f7, 0x96939c82, 0xbb32f17c, 0x3de5a664,
-      0x765135d2, 0x52abfa6b, 0x71936cb4, 0x2dc105de, 0xad5cc08f,
-      0x7fff5788, 0x17e91d12 },
-    { 0xb7e051ca, 0xbe92ced3, 0x19c776d4, 0xc644d4fd, 0x0086784b,
-      0xc8ab4b52, 0xce9d6b31, 0x3ea66227, 0xd289e9c7, 0x395249a3,
-      0xd12a19ee, 0x54509e65, 0x8c365aec, 0xa7bd4692, 0x77963e0e,
-      0x354997e4, 0xb599732d, 0x0d765957, 0x91d4a3b6, 0x99584aeb,
-      0x1deb3e28, 0x6e653ea4, 0x572571df, 0xca7c98ed, 0xb18ae1f9,
-      0xf301a38f, 0x63f7b97e, 0x1629f7c2, 0xafc4a0d5, 0xdf242282,
-      0x3ddd0c01, 0x118f3b4b },
-    { 0x7ad4762b, 0x74a0a0a8, 0x8c58d175, 0x1aef84da, 0x4cf76d86,
-      0x16ff4960, 0x7e60d98b, 0xc0be8786, 0x3ecc1dba, 0x83637ffb,
-      0x5dd6147a, 0xc244a609, 0x5b0846e5, 0xa3e17834, 0xe77a4c05,
-      0x735eb686, 0xdf758695, 0x5bc18b4f, 0x1bdfe52f, 0x15618d0b,
-      0x00715ba1, 0x878ecc0d, 0xc2dd617f, 0x1dbdbd1a, 0x21b61710,
-      0x21d2b631, 0x44f593c2, 0x22ce8a79, 0x44f17024, 0x3b9b536a,
-      0x8d03e727, 0x01d0a67c },
-    { 0x1e46533c, 0x7b964236, 0xfb88c2ae, 0xe9477990, 0xa42c4a18,
-      0x019b5d16, 0xd83c7a45, 0x7135e81d, 0x4cb663e3, 0x74a69bdd,
-      0xe76c0d63, 0x7b67ecdb, 0x11e68da6, 0x03d54521, 0xd2e8650a,
-      0x596cceb5, 0x2af03b37, 0xcd572dfd, 0xfabd5952, 0x52364ba1,
-      0xb4ed8569, 0x7f47d456, 0xc950d5d4, 0x5ad8b572, 0x486e2f84,
-      0xcadd2dfa, 0xc56bb044, 0xdd527b43, 0x997c08e6, 0xc9adba24,
-      0x7da6320f, 0x1b625b06 },
-    { 0x4fd8446d, 0x44dfaa7b, 0xaf6febeb, 0xc01b2f01, 0xfe8838b5,
-      0xbf444388, 0xbba9758b, 0xf33c434f, 0x87156bc9, 0x2b971cba,
-      0x1f49098b, 0x6b245e5c, 0x2b41c5dd, 0x87dcb534, 0x34d852d7,
-      0xdb1f80c6, 0x2433da34, 0x6d6e3258, 0x3f7df0c2, 0xf6682065,
-      0x360cb365, 0xc4ca567c, 0x9826656a, 0x321faac2, 0xbf069768,
-      0x13f5ca6f, 0xa7076639, 0x15397921, 0x8400736e, 0xbdf14328,
-      0x19fc948d, 0x333eca96 },
-    { 0xac775d81, 0x23337948, 0xd41dbbca, 0x38c2518f, 0xbcfce948,
-      0x623c7a4f, 0x54703fe7, 0xaad36236, 0x13fb3b5b, 0x2b3a13a4,
-      0x7f5c01f0, 0x5db3565a, 0x52359661, 0xd72408dc, 0x1d616e91,
-      0x5a17f8e5, 0xcb25b999, 0x90c16eeb, 0x3393743e, 0xf35e8cf1,
-      0xe54b64a7, 0x987da74a, 0x65cd449d, 0x557b322a, 0x37e7b15d,
-      0x765082a5, 0xf2cd134f, 0x4d25c742, 0x4ccf0746, 0xae9d9c07,
-      0x8728d135, 0x72fc2110 },
-    { 0xf96004c8, 0xa906b203, 0x458055ff, 0xd83f95cf, 0x55f35909,
-      0xd77d5867, 0xe550c8ee, 0x4a9ea6fb, 0x55a06081, 0x91c8cca9,
-      0xbce82062, 0x4a1fee78, 0x9a3df85e, 0xeb9ade06, 0x7d3de666,
-      0xfbbdcf0c, 0x5d336d51, 0x228a391b, 0x5c2ffc3c, 0x760f8d28,
-      0x2f7b165b, 0x1ee48de3, 0x56177040, 0x03803d84, 0x9deff9a0,
-      0xe573f648, 0xa17e35a4, 0xe1a2738e, 0x8840a6c6, 0x238ef17c,
-      0xb11ed92d, 0x480946f8 },
-    { 0xfd71f119, 0x84c747a8, 0x53eb3695, 0x19e65c5e, 0x6298587a,
-      0x0e2f6786, 0xab18d6f4, 0x48a48899, 0xc630b8c0, 0xa1a99024,
-      0x2caaf892, 0x84975096, 0xe20fd624, 0xc8869aba, 0x6c2b7dd4,
-      0x3b72b04d, 0x0992f7d0, 0xe2775eb6, 0x7d06e684, 0x0089c06e,
-      0xe4bbd007, 0xcb3b4361, 0x4ba846e4, 0xa1ae666b, 0x46464d9e,
-      0xc01c2eb2, 0xc1f8539f, 0xf86f2be6, 0xcf68afc7, 0x16e8e8ae,
-      0xc7386902, 0x8dab61fd },
-    { 0xd54d1d45, 0x42a5c903, 0xff4f9ba2, 0xacd4297e, 0x34d478b4,
-      0x2d88b520, 0x08c4621a, 0x35b2ba2b, 0x34865402, 0xd3d239bb,
-      0x911f32e6, 0x1de76aed, 0x3f06fdc2, 0x877f8bcf, 0x9ec51502,
-      0x802714c1, 0xa590700d, 0xa10444eb, 0x31dcc957, 0x8694229f,
-      0xb8169fed, 0x5ece77ab, 0x2caf080e, 0x55be8a15, 0xcbd7cef1,
-      0x3eb21b14, 0x67b97ee1, 0x9def7ad1, 0x118f690c, 0xe03ca879,
-      0xf99b29e7, 0x6f77e62d },
-    { 0xe40bbf59, 0xa271bded, 0x6401aad6, 0x177ba453, 0x73541cd1,
-      0x1755e035, 0x4b71b02f, 0x3465b466, 0xa813359f, 0x22eb7113,
-      0x6f38eac7, 0x9792a8fd, 0xff3bf3b5, 0x11aa012f, 0xf85c3fbf,
-      0x99aafabf, 0x06c0cc42, 0x91e0a2ef, 0x773b7b3a, 0x314d5d57,
-      0xd669840a, 0xae5e2e76, 0x2e5a8be6, 0x86136073, 0xc1cf5580,
-      0xee6d7578, 0x68bed102, 0x2344e00f, 0x8184f0eb, 0x799d7886,
-      0xc3d2cf80, 0x63819c91 },
-    { 0x7884b073, 0xca5392e1, 0xeb1267ea, 0x9ec3a1fc, 0x907038a7,
-      0x3d07f5f0, 0xe4c47b70, 0xcb2ac07c, 0x1bf96b91, 0xf96664ee,
-      0x2aea4fbf, 0xebf57589, 0xfade6500, 0x5aabf391, 0x171d1204,
-      0xc5b3376f, 0xa0d3d81a, 0x1ff60c51, 0x976a844b, 0x10b2cfe7,
-      0xbda6125a, 0xe131cc9a, 0x4ebd453e, 0xe0fc16d3, 0x504b6bc1,
-      0xc0d0319a, 0x0a2f8cab, 0xe43a0be7, 0x55e49b47, 0xc80afeec,
-      0x8265d7ee, 0x67d48d12 },
-    { 0xea2d56d6, 0x068d59a7, 0x27480a63, 0xd71abd0e, 0xae7366cd,
-      0x6bd11db0, 0x07204ebc, 0xfbb639ca, 0xf77e6293, 0x89a242e7,
-      0x75ba8c3d, 0xdee7ca2b, 0x64a2f9a8, 0x472ddc3d, 0x7561a010,
-      0x84229df4, 0xc5b649d4, 0x95f62c85, 0x4dc927cd, 0xfdd56b1b,
-      0x5ee60596, 0xfe8bb120, 0xabf29401, 0x3efcaa50, 0x10d1c184,
-      0xd4900d0f, 0x28b01df5, 0x2cf113a9, 0x1f0e43f5, 0xa3d7ebc3,
-      0xe8384dc7, 0x27950e38 },
-    { 0xe1d0fa79, 0xeab21ff0, 0x048b5de9, 0x4b9fd033, 0x2fe374cb,
-      0x4c934689, 0x4eb21f6b, 0xbb4827fa, 0xa925e7e7, 0x46716f79,
-      0x7dd4c531, 0x1442bf36, 0xd2e96ddf, 0x2073954c, 0x8502aa89,
-      0x4e0141ae, 0x8eef6cc9, 0x8ee00e1a, 0x5880cdaf, 0x55ce8491,
-      0x69628046, 0xff3aba5c, 0x5d15dfbf, 0x335cc4f8, 0x9f684f25,
-      0xa7f0440c, 0xbb1e5bd8, 0xae80453f, 0xff2225ab, 0xa1c99813,
-      0x79b25d71, 0x54ff7884 },
-    { 0xde40b068, 0x27c6ee30, 0xe6f3a51e, 0x9226465b, 0xfa3b21f6,
-      0xe24a4604, 0xc0418115, 0x50a5a5ad, 0x8df90d2b, 0xe3285441,
-      0xdcb0c00f, 0xbb74e58f, 0x4a2c08e3, 0xc68f1b3b, 0x0ccd9ec9,
-      0x339df081, 0xb786ea9f, 0x915362dc, 0xc955aead, 0x28945e31,
-      0x8b6a6c6b, 0xd6a2c01d, 0x3678a427, 0x069e82dc, 0x28c9302c,
-      0x17875500, 0x9fa101e6, 0x8acda965, 0xee30b286, 0x4e4e4573,
-      0x3f1830fe, 0x8adbad85 },
-    { 0x0969d524, 0x060ae11f, 0xf39bcc79, 0xf42fdaf7, 0x7cc1fcc2,
-      0x3cec6766, 0xe2336d4f, 0x456b9cf2, 0x8e1c0f7f, 0x6aa1f5de,
-      0x0984fb0e, 0xcdbc2ad2, 0x1b464b28, 0x4090cfa6, 0x1243f3ef,
-      0x40d86f30, 0xcd5e87e7, 0x95b16ccc, 0x3026cd41, 0x403f168c,
-      0x816c0730, 0xdbe386cb, 0x58407a1d, 0x14eb86f3, 0x1717e1af,
-      0xf588b4f8, 0x66cbc96c, 0xb75c41a6, 0x027e71c1, 0xf342c1aa,
-      0xc0945e5f, 0x73930036 },
-    { 0x22cdaf42, 0x954f757d, 0xf4181aab, 0x788b591d, 0xf5514f25,
-      0x8b986819, 0xf18fd5bc, 0x69642e08, 0x022ceb91, 0x92b305d1,
-      0x6a4f6985, 0x1715903e, 0x61179cae, 0x4bd7d69d, 0xd29c01aa,
-      0xdacdfd5d, 0xd91108cc, 0x705ddd5a, 0x64ac8f15, 0x434ac7b1,
-      0xb524632f, 0x61a514e1, 0x731fc447, 0x45b9e61b, 0xe0961b31,
-      0xcf561348, 0x73eaf223, 0x9c28a967, 0xaa7c99d3, 0x5bd10182,
-      0xe42965e2, 0x8bc6ec4a },
-    { 0xe7f2a32b, 0xd096e5c0, 0x09388a30, 0xff54800c, 0x401e360c,
-      0x06fe437c, 0xbb6054a6, 0x6655fc9c, 0x8457aa6e, 0x510e1860,
-      0x2b29b2b7, 0xa0acfca2, 0x51b7da61, 0x732483e3, 0x6be6c8ca,
-      0xe31471ee, 0x8b65c9a1, 0xe565431c, 0x48d65cbb, 0xfc9ac3b9,
-      0xae9b2aa8, 0xd308fc21, 0xaa60aa6a, 0xd6a7df0d, 0x982fc0d4,
-      0x2844d96a, 0x5847a4d7, 0xab012c2c, 0xdceb8955, 0x2b3c8f71,
-      0xbe9c7e15, 0x8e85437d },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit tx[2 * 32];
-    sp_digit ty[2 * 32];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 32 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 32 * 2;
-        ty = td + 37 * 32 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 32);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 32);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_32(tx, ty, t);
-            sp_1024_proj_mul_qx1_32(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_32(tx, tx, t);
-        sp_1024_mont_mul_32(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_32(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_32(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_32(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_32(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_32(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_32(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_32(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    sp_1024_mont_inv_32(t1, p->z, t2);
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 32);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 32;
-    sp_digit* pz2 = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* l   = t +  8 * 32;
-    sp_digit* ty  = t + 10 * 32;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_32(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_32(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_32(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_32(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_32(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_32(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_32(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_32(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_32(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_32(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_32(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_32(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_32(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_32(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_32(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_32(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_32(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* h   = t +  8 * 32;
-    sp_digit* r   = t + 10 * 32;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_32(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_32(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_32(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_32(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_32(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_32(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_32(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_32(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_32(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_32(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_32(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_32(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_32(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_32(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_32(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_32(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_32(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_32(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_32(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_32(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit qx_px[2 * 32];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_32(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 32 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 32 * 2;
-        vy    = td + 37 * 32 * 2;
-        qx_px = td + 38 * 32 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-
-        sp_1024_mont_add_32(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 32] >> (i % 32)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_32(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_32(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 32;
-    sp_digit* rx = t +  4 * 32;
-    sp_digit* ry = t +  6 * 32;
-    sp_digit* h  = t +  8 * 32;
-    sp_digit* r  = t + 10 * 32;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_32(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_32(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_32(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_32(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_32(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_32(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_32(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_32(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_32(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_32(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_32(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_32(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_32(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_32(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_32(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_32(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_32(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_32(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_32(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_32(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_32(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_32(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_32(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_32(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_32(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_32(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_32(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_32(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 32;
-    sp_digit* pz2 = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* l   = t +  8 * 32;
-    sp_digit* ty  = t + 10 * 32;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_32(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_32(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_32(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_32(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_32(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_32(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_32(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_32(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_32(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_32(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_32(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_32(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_32(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_32(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_32(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_32(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_32(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[64];
-    sp_digit (*pre_vy)[64];
-    sp_digit (*pre_nvy)[64];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit pre_vx[16][64];
-    sp_digit pre_vy[16][64];
-    sp_digit pre_nvy[16][64];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_32(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 32 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 32 * 2;
-        vy      = td + 37 * 32 * 2;
-        pre_vx  = (sp_digit(*)[64])(td + 38 * 32 * 2);
-        pre_vy  = (sp_digit(*)[64])(td + 54 * 32 * 2);
-        pre_nvy = (sp_digit(*)[64])(td + 70 * 32 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 32 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 32);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_mont_sub_32(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 32);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 32);
-            sp_1024_proj_mul_32(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_32(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_32(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 32);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 32);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_32(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_32(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_32(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_32(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 32;
-    sp_digit* t2 = t + 34 * 2 * 32;
-    sp_digit* l  = t + 35 * 2 * 32;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_32(l, py, p1024_mod);
-    sp_1024_mont_inv_32(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_32(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_32(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_32(t2, t1, p1024_mod);
-    sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_32(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_32(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_32(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 32);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 32);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 32;
-    sp_digit* c  = t + 34 * 2 * 32;
-    sp_digit* l  = t + 35 * 2 * 32;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_32(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_32(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_32(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_32(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_32(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_32(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_32(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_32(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 32);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 32);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_32(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 32;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_32(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_32(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_32(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_32(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 32 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 32 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_32(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_32(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_32(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_32(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_32(c, c, t);
-            sp_1024_mont_map_32(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_32(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_32(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_32(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_32(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_32(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_32(c, c, neg, t);
-                sp_1024_mont_map_32(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_32(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_32(c, c, t);
-                sp_1024_mont_map_32(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(neg, 1, NULL);
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[64];
-    sp_digit (*pre_vy)[64];
-    sp_digit (*pre_nvy)[64];
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit pre_vx[16][64];
-    sp_digit pre_vy[16][64];
-    sp_digit pre_nvy[16][64];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 32 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 32 * 2;
-        vy      = td + 37 * 32 * 2;
-        pre_vx  = (sp_digit(*)[64])(td + 38 * 32 * 2);
-        pre_vy  = (sp_digit(*)[64])(td + 54 * 32 * 2);
-        pre_nvy = (sp_digit(*)[64])(td + 70 * 32 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 32);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_mont_sub_32(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 32);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 32);
-            sp_1024_proj_mul_32(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_32(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_32(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 32);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 32);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 32);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 32 * 4);
-    sp_digit* t2 = NULL;
-    sp_int32 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 32 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 32;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_32(t1, point->y);
-        (void)sp_1024_mod_32(t1, t1, p1024_mod);
-        sp_1024_sqr_32(t2, point->x);
-        (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        sp_1024_mul_32(t2, t2, point->x);
-        (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_32(t1, p1024_mod);
-        sp_1024_cond_sub_32(t1, t1, p1024_mod, (sp_digit)~(n >> 31));
-        sp_1024_norm_32(t1);
-        if (!sp_1024_iszero_32(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 32, pX);
-        sp_1024_from_mp(pub->y, 32, pY);
-        sp_1024_from_bin(pub->z, 32, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_32(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 32);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 32, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 32, pX);
-        sp_1024_from_mp(pub->y, 32, pY);
-        sp_1024_from_bin(pub->z, 32, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 32, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_32(pub->x) != 0) &&
-            (sp_1024_iszero_32(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_32(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_32(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_32(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_1024_ecc_mulmod_32(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_32(p->x) == 0) ||
-                             (sp_1024_iszero_32(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_1024_ecc_mulmod_base_32(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_32(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_32(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_SP_ARM_THUMB_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_c32.c b/src/ssl/wolfssl/wolfcrypt/sp_c32.c
deleted file mode 100644
index f52cf4485..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_c32.c
+++ /dev/null
@@ -1,51698 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef SP_RSA_PRIVATE_EXP_D
-#define SP_RSA_PRIVATE_EXP_D
-#endif
-
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifndef WOLFSSL_SP_ASM
-#if SP_WORD_SIZE == 32
-#define SP_PRINT_NUM(var, name, total, words, bits)   \
-    do {                                              \
-        int ii;                                       \
-        byte nb[((bits) + 7) / 8];                    \
-        sp_digit _s[words];                           \
-        XMEMCPY(_s, var, sizeof(_s));                 \
-        sp_##total##_norm_##words(_s);                \
-        sp_##total##_to_bin_##words(_s, nb);          \
-        fprintf(stderr, name "=0x");                  \
-        for (ii=0; ii<((bits) + 7) / 8; ii++)         \
-            fprintf(stderr, "%02x", nb[ii]);          \
-        fprintf(stderr, "\n");                        \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                       \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                       \
-    fprintf(stderr, name "=%d\n", var)
-
-#if ((defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && \
-     ((!defined(WC_NO_CACHE_RESISTANT) && \
-       (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
-      (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
-    !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || (defined(WOLFSSL_SP_SMALL) && \
-    defined(WOLFSSL_HAVE_SP_ECC) && (!defined(WOLFSSL_SP_NO_256) || \
-    defined(WOLFSSL_SP_384) || defined(WOLFSSL_SP_521) || \
-    defined(WOLFSSL_SP_1024)))
-/* Mask for address to obfuscate which of the two address will be used. */
-static const size_t addr_mask[2] = { 0, (size_t)-1 };
-#endif
-
-#if defined(WOLFSSL_SP_NONBLOCK) && (!defined(WOLFSSL_SP_NO_MALLOC) || \
-                                     !defined(WOLFSSL_SP_SMALL))
-    #error SP non-blocking requires small and no-malloc (WOLFSSL_SP_SMALL and WOLFSSL_SP_NO_MALLOC)
-#endif
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 21U) {
-            r[j] &= 0x1fffffff;
-            s = 29U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 29
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 28);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 28);
-    }
-#elif DIGIT_BIT > 29
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1fffffff;
-        s = 29U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 29U) <= (word32)DIGIT_BIT) {
-            s += 29U;
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 29) {
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 29 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_72(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<71; i++) {
-        r[i+1] += r[i] >> 29;
-        r[i] &= 0x1fffffff;
-    }
-    j = 2055 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<71 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 29) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 29);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_36(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 35; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 32; i += 8) {
-        a[i+1] += a[i+0] >> 29; a[i+0] &= 0x1fffffff;
-        a[i+2] += a[i+1] >> 29; a[i+1] &= 0x1fffffff;
-        a[i+3] += a[i+2] >> 29; a[i+2] &= 0x1fffffff;
-        a[i+4] += a[i+3] >> 29; a[i+3] &= 0x1fffffff;
-        a[i+5] += a[i+4] >> 29; a[i+4] &= 0x1fffffff;
-        a[i+6] += a[i+5] >> 29; a[i+5] &= 0x1fffffff;
-        a[i+7] += a[i+6] >> 29; a[i+6] &= 0x1fffffff;
-        a[i+8] += a[i+7] >> 29; a[i+7] &= 0x1fffffff;
-    }
-    a[33] += a[32] >> 29; a[32] &= 0x1fffffff;
-    a[34] += a[33] >> 29; a[33] &= 0x1fffffff;
-    a[35] += a[34] >> 29; a[34] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_72(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 71; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 64; i += 8) {
-        a[i+1] += a[i+0] >> 29; a[i+0] &= 0x1fffffff;
-        a[i+2] += a[i+1] >> 29; a[i+1] &= 0x1fffffff;
-        a[i+3] += a[i+2] >> 29; a[i+2] &= 0x1fffffff;
-        a[i+4] += a[i+3] >> 29; a[i+3] &= 0x1fffffff;
-        a[i+5] += a[i+4] >> 29; a[i+4] &= 0x1fffffff;
-        a[i+6] += a[i+5] >> 29; a[i+5] &= 0x1fffffff;
-        a[i+7] += a[i+6] >> 29; a[i+6] &= 0x1fffffff;
-        a[i+8] += a[i+7] >> 29; a[i+7] &= 0x1fffffff;
-    }
-    a[65] += a[64] >> 29; a[64] &= 0x1fffffff;
-    a[66] += a[65] >> 29; a[65] &= 0x1fffffff;
-    a[67] += a[66] >> 29; a[66] &= 0x1fffffff;
-    a[68] += a[67] >> 29; a[67] &= 0x1fffffff;
-    a[69] += a[68] >> 29; a[68] &= 0x1fffffff;
-    a[70] += a[69] >> 29; a[69] &= 0x1fffffff;
-    a[71] += a[70] >> 29; a[70] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_uint64 t0;
-    sp_uint64 t1;
-    sp_digit t[12];
-
-    t0 = ((sp_uint64)a[ 0]) * b[ 0];
-    t1 = ((sp_uint64)a[ 0]) * b[ 1]
-       + ((sp_uint64)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 0]) * b[ 2]
-       + ((sp_uint64)a[ 1]) * b[ 1]
-       + ((sp_uint64)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 0]) * b[ 3]
-       + ((sp_uint64)a[ 1]) * b[ 2]
-       + ((sp_uint64)a[ 2]) * b[ 1]
-       + ((sp_uint64)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 0]) * b[ 4]
-       + ((sp_uint64)a[ 1]) * b[ 3]
-       + ((sp_uint64)a[ 2]) * b[ 2]
-       + ((sp_uint64)a[ 3]) * b[ 1]
-       + ((sp_uint64)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 0]) * b[ 5]
-       + ((sp_uint64)a[ 1]) * b[ 4]
-       + ((sp_uint64)a[ 2]) * b[ 3]
-       + ((sp_uint64)a[ 3]) * b[ 2]
-       + ((sp_uint64)a[ 4]) * b[ 1]
-       + ((sp_uint64)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 0]) * b[ 6]
-       + ((sp_uint64)a[ 1]) * b[ 5]
-       + ((sp_uint64)a[ 2]) * b[ 4]
-       + ((sp_uint64)a[ 3]) * b[ 3]
-       + ((sp_uint64)a[ 4]) * b[ 2]
-       + ((sp_uint64)a[ 5]) * b[ 1]
-       + ((sp_uint64)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 0]) * b[ 7]
-       + ((sp_uint64)a[ 1]) * b[ 6]
-       + ((sp_uint64)a[ 2]) * b[ 5]
-       + ((sp_uint64)a[ 3]) * b[ 4]
-       + ((sp_uint64)a[ 4]) * b[ 3]
-       + ((sp_uint64)a[ 5]) * b[ 2]
-       + ((sp_uint64)a[ 6]) * b[ 1]
-       + ((sp_uint64)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 0]) * b[ 8]
-       + ((sp_uint64)a[ 1]) * b[ 7]
-       + ((sp_uint64)a[ 2]) * b[ 6]
-       + ((sp_uint64)a[ 3]) * b[ 5]
-       + ((sp_uint64)a[ 4]) * b[ 4]
-       + ((sp_uint64)a[ 5]) * b[ 3]
-       + ((sp_uint64)a[ 6]) * b[ 2]
-       + ((sp_uint64)a[ 7]) * b[ 1]
-       + ((sp_uint64)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 0]) * b[ 9]
-       + ((sp_uint64)a[ 1]) * b[ 8]
-       + ((sp_uint64)a[ 2]) * b[ 7]
-       + ((sp_uint64)a[ 3]) * b[ 6]
-       + ((sp_uint64)a[ 4]) * b[ 5]
-       + ((sp_uint64)a[ 5]) * b[ 4]
-       + ((sp_uint64)a[ 6]) * b[ 3]
-       + ((sp_uint64)a[ 7]) * b[ 2]
-       + ((sp_uint64)a[ 8]) * b[ 1]
-       + ((sp_uint64)a[ 9]) * b[ 0];
-    t[ 8] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 0]) * b[10]
-       + ((sp_uint64)a[ 1]) * b[ 9]
-       + ((sp_uint64)a[ 2]) * b[ 8]
-       + ((sp_uint64)a[ 3]) * b[ 7]
-       + ((sp_uint64)a[ 4]) * b[ 6]
-       + ((sp_uint64)a[ 5]) * b[ 5]
-       + ((sp_uint64)a[ 6]) * b[ 4]
-       + ((sp_uint64)a[ 7]) * b[ 3]
-       + ((sp_uint64)a[ 8]) * b[ 2]
-       + ((sp_uint64)a[ 9]) * b[ 1]
-       + ((sp_uint64)a[10]) * b[ 0];
-    t[ 9] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 0]) * b[11]
-       + ((sp_uint64)a[ 1]) * b[10]
-       + ((sp_uint64)a[ 2]) * b[ 9]
-       + ((sp_uint64)a[ 3]) * b[ 8]
-       + ((sp_uint64)a[ 4]) * b[ 7]
-       + ((sp_uint64)a[ 5]) * b[ 6]
-       + ((sp_uint64)a[ 6]) * b[ 5]
-       + ((sp_uint64)a[ 7]) * b[ 4]
-       + ((sp_uint64)a[ 8]) * b[ 3]
-       + ((sp_uint64)a[ 9]) * b[ 2]
-       + ((sp_uint64)a[10]) * b[ 1]
-       + ((sp_uint64)a[11]) * b[ 0];
-    t[10] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 1]) * b[11]
-       + ((sp_uint64)a[ 2]) * b[10]
-       + ((sp_uint64)a[ 3]) * b[ 9]
-       + ((sp_uint64)a[ 4]) * b[ 8]
-       + ((sp_uint64)a[ 5]) * b[ 7]
-       + ((sp_uint64)a[ 6]) * b[ 6]
-       + ((sp_uint64)a[ 7]) * b[ 5]
-       + ((sp_uint64)a[ 8]) * b[ 4]
-       + ((sp_uint64)a[ 9]) * b[ 3]
-       + ((sp_uint64)a[10]) * b[ 2]
-       + ((sp_uint64)a[11]) * b[ 1];
-    t[11] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 2]) * b[11]
-       + ((sp_uint64)a[ 3]) * b[10]
-       + ((sp_uint64)a[ 4]) * b[ 9]
-       + ((sp_uint64)a[ 5]) * b[ 8]
-       + ((sp_uint64)a[ 6]) * b[ 7]
-       + ((sp_uint64)a[ 7]) * b[ 6]
-       + ((sp_uint64)a[ 8]) * b[ 5]
-       + ((sp_uint64)a[ 9]) * b[ 4]
-       + ((sp_uint64)a[10]) * b[ 3]
-       + ((sp_uint64)a[11]) * b[ 2];
-    r[12] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 3]) * b[11]
-       + ((sp_uint64)a[ 4]) * b[10]
-       + ((sp_uint64)a[ 5]) * b[ 9]
-       + ((sp_uint64)a[ 6]) * b[ 8]
-       + ((sp_uint64)a[ 7]) * b[ 7]
-       + ((sp_uint64)a[ 8]) * b[ 6]
-       + ((sp_uint64)a[ 9]) * b[ 5]
-       + ((sp_uint64)a[10]) * b[ 4]
-       + ((sp_uint64)a[11]) * b[ 3];
-    r[13] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 4]) * b[11]
-       + ((sp_uint64)a[ 5]) * b[10]
-       + ((sp_uint64)a[ 6]) * b[ 9]
-       + ((sp_uint64)a[ 7]) * b[ 8]
-       + ((sp_uint64)a[ 8]) * b[ 7]
-       + ((sp_uint64)a[ 9]) * b[ 6]
-       + ((sp_uint64)a[10]) * b[ 5]
-       + ((sp_uint64)a[11]) * b[ 4];
-    r[14] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 5]) * b[11]
-       + ((sp_uint64)a[ 6]) * b[10]
-       + ((sp_uint64)a[ 7]) * b[ 9]
-       + ((sp_uint64)a[ 8]) * b[ 8]
-       + ((sp_uint64)a[ 9]) * b[ 7]
-       + ((sp_uint64)a[10]) * b[ 6]
-       + ((sp_uint64)a[11]) * b[ 5];
-    r[15] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 6]) * b[11]
-       + ((sp_uint64)a[ 7]) * b[10]
-       + ((sp_uint64)a[ 8]) * b[ 9]
-       + ((sp_uint64)a[ 9]) * b[ 8]
-       + ((sp_uint64)a[10]) * b[ 7]
-       + ((sp_uint64)a[11]) * b[ 6];
-    r[16] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 7]) * b[11]
-       + ((sp_uint64)a[ 8]) * b[10]
-       + ((sp_uint64)a[ 9]) * b[ 9]
-       + ((sp_uint64)a[10]) * b[ 8]
-       + ((sp_uint64)a[11]) * b[ 7];
-    r[17] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[ 8]) * b[11]
-       + ((sp_uint64)a[ 9]) * b[10]
-       + ((sp_uint64)a[10]) * b[ 9]
-       + ((sp_uint64)a[11]) * b[ 8];
-    r[18] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[ 9]) * b[11]
-       + ((sp_uint64)a[10]) * b[10]
-       + ((sp_uint64)a[11]) * b[ 9];
-    r[19] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_uint64)a[10]) * b[11]
-       + ((sp_uint64)a[11]) * b[10];
-    r[20] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_uint64)a[11]) * b[11];
-    r[21] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    r[22] = (sp_digit)(t0 & 0x1fffffff);
-    r[23] = (sp_digit)(t0 >> 29);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-    r[ 9] = a[ 9] + b[ 9];
-    r[10] = a[10] + b[10];
-    r[11] = a[11] + b[11];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_12(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 11; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    a[1] += a[0] >> 29; a[0] &= 0x1fffffff;
-    a[2] += a[1] >> 29; a[1] &= 0x1fffffff;
-    a[3] += a[2] >> 29; a[2] &= 0x1fffffff;
-    a[4] += a[3] >> 29; a[3] &= 0x1fffffff;
-    a[5] += a[4] >> 29; a[4] &= 0x1fffffff;
-    a[6] += a[5] >> 29; a[5] &= 0x1fffffff;
-    a[7] += a[6] >> 29; a[6] &= 0x1fffffff;
-    a[8] += a[7] >> 29; a[7] &= 0x1fffffff;
-    a[9] += a[8] >> 29; a[8] &= 0x1fffffff;
-    a[10] += a[9] >> 29; a[9] &= 0x1fffffff;
-    a[11] += a[10] >> 29; a[10] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_24(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 23; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 16; i += 8) {
-        a[i+1] += a[i+0] >> 29; a[i+0] &= 0x1fffffff;
-        a[i+2] += a[i+1] >> 29; a[i+1] &= 0x1fffffff;
-        a[i+3] += a[i+2] >> 29; a[i+2] &= 0x1fffffff;
-        a[i+4] += a[i+3] >> 29; a[i+3] &= 0x1fffffff;
-        a[i+5] += a[i+4] >> 29; a[i+4] &= 0x1fffffff;
-        a[i+6] += a[i+5] >> 29; a[i+5] &= 0x1fffffff;
-        a[i+7] += a[i+6] >> 29; a[i+6] &= 0x1fffffff;
-        a[i+8] += a[i+7] >> 29; a[i+7] &= 0x1fffffff;
-    }
-    a[17] += a[16] >> 29; a[16] &= 0x1fffffff;
-    a[18] += a[17] >> 29; a[17] &= 0x1fffffff;
-    a[19] += a[18] >> 29; a[18] &= 0x1fffffff;
-    a[20] += a[19] >> 29; a[19] &= 0x1fffffff;
-    a[21] += a[20] >> 29; a[20] &= 0x1fffffff;
-    a[22] += a[21] >> 29; a[21] &= 0x1fffffff;
-    a[23] += a[22] >> 29; a[22] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit p0[24];
-    sp_digit p1[24];
-    sp_digit p2[24];
-    sp_digit p3[24];
-    sp_digit p4[24];
-    sp_digit p5[24];
-    sp_digit t0[24];
-    sp_digit t1[24];
-    sp_digit t2[24];
-    sp_digit a0[12];
-    sp_digit a1[12];
-    sp_digit a2[12];
-    sp_digit b0[12];
-    sp_digit b1[12];
-    sp_digit b2[12];
-    (void)sp_2048_add_12(a0, a, &a[12]);
-    sp_2048_norm_12(a0);
-    (void)sp_2048_add_12(b0, b, &b[12]);
-    sp_2048_norm_12(b0);
-    (void)sp_2048_add_12(a1, &a[12], &a[24]);
-    sp_2048_norm_12(a1);
-    (void)sp_2048_add_12(b1, &b[12], &b[24]);
-    sp_2048_norm_12(b1);
-    (void)sp_2048_add_12(a2, a0, &a[24]);
-    sp_2048_norm_12(a1);
-    (void)sp_2048_add_12(b2, b0, &b[24]);
-    sp_2048_norm_12(b2);
-    sp_2048_mul_12(p0, a, b);
-    sp_2048_mul_12(p2, &a[12], &b[12]);
-    sp_2048_mul_12(p4, &a[24], &b[24]);
-    sp_2048_mul_12(p1, a0, b0);
-    sp_2048_mul_12(p3, a1, b1);
-    sp_2048_mul_12(p5, a2, b2);
-    XMEMSET(r, 0, sizeof(*r)*2U*36U);
-    (void)sp_2048_sub_24(t0, p3, p2);
-    (void)sp_2048_sub_24(t1, p1, p2);
-    (void)sp_2048_sub_24(t2, p5, t0);
-    (void)sp_2048_sub_24(t2, t2, t1);
-    sp_2048_norm_24(t2);
-    (void)sp_2048_sub_24(t0, t0, p4);
-    sp_2048_norm_24(t0);
-    (void)sp_2048_sub_24(t1, t1, p0);
-    sp_2048_norm_24(t1);
-    (void)sp_2048_add_24(r, r, p0);
-    (void)sp_2048_add_24(&r[12], &r[12], t1);
-    (void)sp_2048_add_24(&r[24], &r[24], t2);
-    (void)sp_2048_add_24(&r[36], &r[36], t0);
-    (void)sp_2048_add_24(&r[48], &r[48], p4);
-    sp_2048_norm_72(r);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[32] = a[32] + b[32];
-    r[33] = a[33] + b[33];
-    r[34] = a[34] + b[34];
-    r[35] = a[35] + b[35];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_144(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 143; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 136; i += 8) {
-        a[i+1] += a[i+0] >> 29; a[i+0] &= 0x1fffffff;
-        a[i+2] += a[i+1] >> 29; a[i+1] &= 0x1fffffff;
-        a[i+3] += a[i+2] >> 29; a[i+2] &= 0x1fffffff;
-        a[i+4] += a[i+3] >> 29; a[i+3] &= 0x1fffffff;
-        a[i+5] += a[i+4] >> 29; a[i+4] &= 0x1fffffff;
-        a[i+6] += a[i+5] >> 29; a[i+5] &= 0x1fffffff;
-        a[i+7] += a[i+6] >> 29; a[i+6] &= 0x1fffffff;
-        a[i+8] += a[i+7] >> 29; a[i+7] &= 0x1fffffff;
-    }
-    a[137] += a[136] >> 29; a[136] &= 0x1fffffff;
-    a[138] += a[137] >> 29; a[137] &= 0x1fffffff;
-    a[139] += a[138] >> 29; a[138] &= 0x1fffffff;
-    a[140] += a[139] >> 29; a[139] &= 0x1fffffff;
-    a[141] += a[140] >> 29; a[140] &= 0x1fffffff;
-    a[142] += a[141] >> 29; a[141] &= 0x1fffffff;
-    a[143] += a[142] >> 29; a[142] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_72(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[72];
-    sp_digit* a1 = z1;
-    sp_digit b1[36];
-    sp_digit* z2 = r + 72;
-    (void)sp_2048_add_36(a1, a, &a[36]);
-    sp_2048_norm_36(a1);
-    (void)sp_2048_add_36(b1, b, &b[36]);
-    sp_2048_norm_36(b1);
-    sp_2048_mul_36(z2, &a[36], &b[36]);
-    sp_2048_mul_36(z0, a, b);
-    sp_2048_mul_36(z1, a1, b1);
-    (void)sp_2048_sub_72(z1, z1, z2);
-    (void)sp_2048_sub_72(z1, z1, z0);
-    (void)sp_2048_add_72(r + 36, r + 36, z1);
-    sp_2048_norm_144(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_12(sp_digit* r, const sp_digit* a)
-{
-    sp_uint64 t0;
-    sp_uint64 t1;
-    sp_digit t[12];
-
-    t0 =  ((sp_uint64)a[ 0]) * a[ 0];
-    t1 = (((sp_uint64)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 0]) * a[ 2]) * 2
-       +  ((sp_uint64)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 0]) * a[ 3]
-       +  ((sp_uint64)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 0]) * a[ 4]
-       +  ((sp_uint64)a[ 1]) * a[ 3]) * 2
-       +  ((sp_uint64)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 0]) * a[ 5]
-       +  ((sp_uint64)a[ 1]) * a[ 4]
-       +  ((sp_uint64)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 0]) * a[ 6]
-       +  ((sp_uint64)a[ 1]) * a[ 5]
-       +  ((sp_uint64)a[ 2]) * a[ 4]) * 2
-       +  ((sp_uint64)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 0]) * a[ 7]
-       +  ((sp_uint64)a[ 1]) * a[ 6]
-       +  ((sp_uint64)a[ 2]) * a[ 5]
-       +  ((sp_uint64)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 0]) * a[ 8]
-       +  ((sp_uint64)a[ 1]) * a[ 7]
-       +  ((sp_uint64)a[ 2]) * a[ 6]
-       +  ((sp_uint64)a[ 3]) * a[ 5]) * 2
-       +  ((sp_uint64)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 0]) * a[ 9]
-       +  ((sp_uint64)a[ 1]) * a[ 8]
-       +  ((sp_uint64)a[ 2]) * a[ 7]
-       +  ((sp_uint64)a[ 3]) * a[ 6]
-       +  ((sp_uint64)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 0]) * a[10]
-       +  ((sp_uint64)a[ 1]) * a[ 9]
-       +  ((sp_uint64)a[ 2]) * a[ 8]
-       +  ((sp_uint64)a[ 3]) * a[ 7]
-       +  ((sp_uint64)a[ 4]) * a[ 6]) * 2
-       +  ((sp_uint64)a[ 5]) * a[ 5];
-    t[ 9] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 0]) * a[11]
-       +  ((sp_uint64)a[ 1]) * a[10]
-       +  ((sp_uint64)a[ 2]) * a[ 9]
-       +  ((sp_uint64)a[ 3]) * a[ 8]
-       +  ((sp_uint64)a[ 4]) * a[ 7]
-       +  ((sp_uint64)a[ 5]) * a[ 6]) * 2;
-    t[10] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 1]) * a[11]
-       +  ((sp_uint64)a[ 2]) * a[10]
-       +  ((sp_uint64)a[ 3]) * a[ 9]
-       +  ((sp_uint64)a[ 4]) * a[ 8]
-       +  ((sp_uint64)a[ 5]) * a[ 7]) * 2
-       +  ((sp_uint64)a[ 6]) * a[ 6];
-    t[11] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 2]) * a[11]
-       +  ((sp_uint64)a[ 3]) * a[10]
-       +  ((sp_uint64)a[ 4]) * a[ 9]
-       +  ((sp_uint64)a[ 5]) * a[ 8]
-       +  ((sp_uint64)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 3]) * a[11]
-       +  ((sp_uint64)a[ 4]) * a[10]
-       +  ((sp_uint64)a[ 5]) * a[ 9]
-       +  ((sp_uint64)a[ 6]) * a[ 8]) * 2
-       +  ((sp_uint64)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 4]) * a[11]
-       +  ((sp_uint64)a[ 5]) * a[10]
-       +  ((sp_uint64)a[ 6]) * a[ 9]
-       +  ((sp_uint64)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 5]) * a[11]
-       +  ((sp_uint64)a[ 6]) * a[10]
-       +  ((sp_uint64)a[ 7]) * a[ 9]) * 2
-       +  ((sp_uint64)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 6]) * a[11]
-       +  ((sp_uint64)a[ 7]) * a[10]
-       +  ((sp_uint64)a[ 8]) * a[ 9]) * 2;
-    r[16] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 7]) * a[11]
-       +  ((sp_uint64)a[ 8]) * a[10]) * 2
-       +  ((sp_uint64)a[ 9]) * a[ 9];
-    r[17] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[ 8]) * a[11]
-       +  ((sp_uint64)a[ 9]) * a[10]) * 2;
-    r[18] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_uint64)a[ 9]) * a[11]) * 2
-       +  ((sp_uint64)a[10]) * a[10];
-    r[19] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_uint64)a[10]) * a[11]) * 2;
-    r[20] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 =  ((sp_uint64)a[11]) * a[11];
-    r[21] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    r[22] = (sp_digit)(t0 & 0x1fffffff);
-    r[23] = (sp_digit)(t0 >> 29);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a into r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
-{
-    sp_digit p0[24];
-    sp_digit p1[24];
-    sp_digit p2[24];
-    sp_digit p3[24];
-    sp_digit p4[24];
-    sp_digit p5[24];
-    sp_digit t0[24];
-    sp_digit t1[24];
-    sp_digit t2[24];
-    sp_digit a0[12];
-    sp_digit a1[12];
-    sp_digit a2[12];
-    (void)sp_2048_add_12(a0, a, &a[12]);
-    sp_2048_norm_12(a0);
-    (void)sp_2048_add_12(a1, &a[12], &a[24]);
-    sp_2048_norm_12(a1);
-    (void)sp_2048_add_12(a2, a0, &a[24]);
-    sp_2048_norm_12(a2);
-    sp_2048_sqr_12(p0, a);
-    sp_2048_sqr_12(p2, &a[12]);
-    sp_2048_sqr_12(p4, &a[24]);
-    sp_2048_sqr_12(p1, a0);
-    sp_2048_sqr_12(p3, a1);
-    sp_2048_sqr_12(p5, a2);
-    XMEMSET(r, 0, sizeof(*r)*2U*36U);
-    (void)sp_2048_sub_24(t0, p3, p2);
-    (void)sp_2048_sub_24(t1, p1, p2);
-    (void)sp_2048_sub_24(t2, p5, t0);
-    (void)sp_2048_sub_24(t2, t2, t1);
-    sp_2048_norm_24(t2);
-    (void)sp_2048_sub_24(t0, t0, p4);
-    sp_2048_norm_24(t0);
-    (void)sp_2048_sub_24(t1, t1, p0);
-    sp_2048_norm_24(t1);
-    (void)sp_2048_add_24(r, r, p0);
-    (void)sp_2048_add_24(&r[12], &r[12], t1);
-    (void)sp_2048_add_24(&r[24], &r[24], t2);
-    (void)sp_2048_add_24(&r[36], &r[36], t0);
-    (void)sp_2048_add_24(&r[48], &r[48], p4);
-    sp_2048_norm_72(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_72(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[72];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 72;
-    (void)sp_2048_add_36(a1, a, &a[36]);
-    sp_2048_norm_36(a1);
-    sp_2048_sqr_36(z2, &a[36]);
-    sp_2048_sqr_36(z0, a);
-    sp_2048_sqr_36(z1, a1);
-    (void)sp_2048_sub_72(z1, z1, z2);
-    (void)sp_2048_sub_72(z1, z1, z0);
-    (void)sp_2048_add_72(r + 36, r + 36, z1);
-    sp_2048_norm_144(r);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 72; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 72; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_72(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[71]) * b[71];
-    r[143] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 141; k >= 0; k--) {
-        if (k >= 72) {
-            i = k - 71;
-            imax = 71;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint64)a[i]) * b[k - i];
-                }
-                c += lo >> 29;
-                lo &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint64)a[i]) * b[k - i];
-            }
-            c += lo >> 29;
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_72(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[71]) * a[71];
-    r[143] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 141; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 71) {
-            imax = k;
-        }
-        else {
-            imax = 71;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint64 hi;
-
-            hi = c >> 29;
-            c &= 0x1fffffff;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint64)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 29;
-                c &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(hi >> 29);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffff);
-            c <<= 29;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint64)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 58);
-            r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-            c = (c & 0x1fffffff) << 29;
-        }
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[32] = a[32] - b[32];
-    r[33] = a[33] - b[33];
-    r[34] = a[34] - b[34];
-    r[35] = a[35] - b[35];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[35]) * b[35];
-    r[71] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 69; k >= 0; k--) {
-        if (k >= 36) {
-            i = k - 35;
-            imax = 35;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint64)a[i]) * b[k - i];
-                }
-                c += lo >> 29;
-                lo &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint64)a[i]) * b[k - i];
-            }
-            c += lo >> 29;
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[35]) * a[35];
-    r[71] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 69; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 35) {
-            imax = k;
-        }
-        else {
-            imax = 35;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint64 hi;
-
-            hi = c >> 29;
-            c &= 0x1fffffff;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint64)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 29;
-                c &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(hi >> 29);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffff);
-            c <<= 29;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint64)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 58);
-            r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-            c = (c & 0x1fffffff) << 29;
-        }
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x &= 0x1fffffff;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 29) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_72(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 72; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[72] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 72; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[72] = (sp_digit)(t & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_36(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<35; i++) {
-        r[i] = 0x1fffffff;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = 0x1fffffff;
-        r[i + 1] = 0x1fffffff;
-        r[i + 2] = 0x1fffffff;
-        r[i + 3] = 0x1fffffff;
-        r[i + 4] = 0x1fffffff;
-        r[i + 5] = 0x1fffffff;
-        r[i + 6] = 0x1fffffff;
-        r[i + 7] = 0x1fffffff;
-    }
-    r[32] = 0x1fffffff;
-    r[33] = 0x1fffffff;
-    r[34] = 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-    r[35] = 0x1ffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_2048_sub_36(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_2048_cmp_36(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=35; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-#else
-    int i;
-
-    r |= (a[35] - b[35]) & (0 - (sp_digit)1);
-    r |= (a[34] - b[34]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[33] - b[33]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[32] - b[32]) & ~(((sp_digit)0 - r) >> 28);
-    for (i = 24; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 28);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_sub_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[32] = a[32] - (b[32] & m);
-    r[33] = a[33] - (b[33] & m);
-    r[34] = a[34] - (b[34] & m);
-    r[35] = a[35] - (b[35] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[36] += (sp_digit)t;
-#else
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 32; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[32]) + r[32];
-    t[1]  = (tb * a[33]) + r[33];
-    t[2]  = (tb * a[34]) + r[34];
-    t[3]  = (tb * a[35]) + r[35];
-    r[32] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[33] = (sp_digit)(t[1] & 0x1fffffff);
-    t[2] += t[1] >> 29;
-    r[34] = (sp_digit)(t[2] & 0x1fffffff);
-    t[3] += t[2] >> 29;
-    r[35] = (sp_digit)(t[3] & 0x1fffffff);
-    r[36] +=  (sp_digit)(t[3] >> 29);
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 32; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[4] += t[3] >> 29;
-        r[i+4] = (sp_digit)(t[4] & 0x1fffffff);
-        t[5] += t[4] >> 29;
-        r[i+5] = (sp_digit)(t[5] & 0x1fffffff);
-        t[6] += t[5] >> 29;
-        r[i+6] = (sp_digit)(t[6] & 0x1fffffff);
-        t[7] += t[6] >> 29;
-        r[i+7] = (sp_digit)(t[7] & 0x1fffffff);
-        t[0]  = t[7] >> 29;
-    }
-    t[0] += (tb * a[32]) + r[32];
-    t[1]  = (tb * a[33]) + r[33];
-    t[2]  = (tb * a[34]) + r[34];
-    t[3]  = (tb * a[35]) + r[35];
-    r[32] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[33] = (sp_digit)(t[1] & 0x1fffffff);
-    t[2] += t[1] >> 29;
-    r[34] = (sp_digit)(t[2] & 0x1fffffff);
-    t[3] += t[2] >> 29;
-    r[35] = (sp_digit)(t[3] & 0x1fffffff);
-    r[36] +=  (sp_digit)(t[3] >> 29);
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 1024 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_int64 n = a[35] >> 9;
-    n += ((sp_int64)a[36]) << 20;
-
-    for (i = 0; i < 35; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[37 + i]) << 20;
-    }
-    r[35] = (sp_digit)n;
-#else
-    int i;
-    sp_int64 n = a[35] >> 9;
-    n += ((sp_int64)a[36]) << 20;
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 37]) << 20;
-        r[i + 1] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 38]) << 20;
-        r[i + 2] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 39]) << 20;
-        r[i + 3] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 40]) << 20;
-        r[i + 4] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 41]) << 20;
-        r[i + 5] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 42]) << 20;
-        r[i + 6] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 43]) << 20;
-        r[i + 7] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 44]) << 20;
-    }
-    r[32] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[69]) << 20;
-    r[33] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[70]) << 20;
-    r[34] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[71]) << 20;
-    r[35] = (sp_digit)n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[36], 0, sizeof(*r) * 36U);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_2048_norm_36(a + 36);
-
-    for (i=0; i<35; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_2048_mul_add_36(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1ffL);
-    sp_2048_mul_add_36(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-    sp_2048_mont_shift_36(a, a);
-    over = a[35] - m[35];
-    sp_2048_cond_sub_36(a, a, m, ~((over - 1) >> 31));
-    sp_2048_norm_36(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_36(r, a, b);
-    sp_2048_mont_reduce_36(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_36(r, a);
-    sp_2048_mont_reduce_36(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_36(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[36] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 36; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[36] = (sp_digit)(t & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[32] = a[32] + (b[32] & m);
-    r[33] = a[33] + (b[33] & m);
-    r[34] = a[34] + (b[34] & m);
-    r[35] = a[35] + (b[35] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<35; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-#else
-    for (i=0; i<32; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (29 - n)) & 0x1fffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (29 - n)) & 0x1fffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (29 - n)) & 0x1fffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (29 - n)) & 0x1fffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (29 - n)) & 0x1fffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (29 - n)) & 0x1fffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (29 - n)) & 0x1fffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (29 - n)) & 0x1fffffff);
-    }
-    r[32] = (a[32] >> n) | (sp_digit)((a[33] << (29 - n)) & 0x1fffffff);
-    r[33] = (a[33] >> n) | (sp_digit)((a[34] << (29 - n)) & 0x1fffffff);
-    r[34] = (a[34] >> n) | (sp_digit)((a[35] << (29 - n)) & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[35] = a[35] >> n;
-}
-
-static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 29);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 27; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 28) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 29);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 58) - (sp_digit)(d >> 58);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 14) + 1;
-
-    t = (sp_digit)(d >> 28);
-    t = (t / dv) << 14;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_2048_word_div_word_36(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_div_36(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 36 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 36 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 72 + 1;
-        sd = t2 + 36 + 1;
-
-        sp_2048_mul_d_36(sd, d, (sp_digit)1 << 20);
-        sp_2048_mul_d_72(t1, a, (sp_digit)1 << 20);
-        dv = sd[35];
-        t1[36 + 36] += t1[36 + 36 - 1] >> 29;
-        t1[36 + 36 - 1] &= 0x1fffffff;
-        for (i=36; i>=0; i--) {
-            r1 = sp_2048_div_word_36(t1[36 + i], t1[36 + i - 1], dv);
-
-            sp_2048_mul_d_36(t2, sd, r1);
-            (void)sp_2048_sub_36(&t1[i], &t1[i], t2);
-            sp_2048_norm_36(&t1[i]);
-            t1[36 + i] -= t2[36];
-            t1[36 + i] += t1[36 + i - 1] >> 29;
-            t1[36 + i - 1] &= 0x1fffffff;
-            r1 = sp_2048_div_word_36(-t1[36 + i], -t1[36 + i - 1], dv);
-            r1 -= t1[36 + i];
-            sp_2048_mul_d_36(t2, sd, r1);
-            (void)sp_2048_add_36(&t1[i], &t1[i], t2);
-            t1[36 + i] += t1[36 + i - 1] >> 29;
-            t1[36 + i - 1] &= 0x1fffffff;
-        }
-        t1[36 - 1] += t1[36 - 2] >> 29;
-        t1[36 - 2] &= 0x1fffffff;
-        r1 = sp_2048_word_div_word_36(t1[36 - 1], dv);
-
-        sp_2048_mul_d_36(t2, sd, r1);
-        sp_2048_sub_36(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 72U);
-        for (i=0; i<35; i++) {
-            r[i+1] += r[i] >> 29;
-            r[i] &= 0x1fffffff;
-        }
-        sp_2048_cond_add_36(r, r, sd, r[35] >> 31);
-
-        sp_2048_norm_36(r);
-        sp_2048_rshift_36(r, r, 20);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_36(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 72);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 72, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 36 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 36U * 2U);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_36(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 36U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_36(t[1], t[1], norm);
-        err = sp_2048_mod_36(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 36 * 2);
-            sp_2048_mont_sqr_36(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 36 * 2);
-        }
-
-        sp_2048_mont_reduce_36(t[0], m, mp);
-        n = sp_2048_cmp_36(t[0], m);
-        sp_2048_cond_sub_36(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 36 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 72);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 72, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 36 * 2);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_36(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_36(t[1], t[1], norm);
-                err = sp_2048_mod_36(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_36(t[1], a, norm);
-            err = sp_2048_mod_36(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 36 * 2);
-            sp_2048_mont_sqr_36(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 36 * 2);
-        }
-
-        sp_2048_mont_reduce_36(t[0], m, mp);
-        n = sp_2048_cmp_36(t[0], m);
-        sp_2048_cond_sub_36(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 36 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 72) + 72);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 72) + 72, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 72;
-        rt = td + 2304;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_36(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_36(t[1], t[1], norm);
-                err = sp_2048_mod_36(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_36(t[1], a, norm);
-            err = sp_2048_mod_36(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_36(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_36(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_36(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_36(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_36(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_36(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_36(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_36(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_36(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_36(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_36(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_36(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_36(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_36(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_36(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_36(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_36(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_36(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_36(t[20], t[10], m, mp);
-        sp_2048_mont_mul_36(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_36(t[22], t[11], m, mp);
-        sp_2048_mont_mul_36(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_36(t[24], t[12], m, mp);
-        sp_2048_mont_mul_36(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_36(t[26], t[13], m, mp);
-        sp_2048_mont_mul_36(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_36(t[28], t[14], m, mp);
-        sp_2048_mont_mul_36(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_36(t[30], t[15], m, mp);
-        sp_2048_mont_mul_36(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 36) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 27) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 72);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c = 24;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n = e[i--] << 3;
-                c = 5 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-
-            sp_2048_mont_mul_36(rt, rt, t[y], m, mp);
-        }
-
-        sp_2048_mont_reduce_36(rt, m, mp);
-        n = sp_2048_cmp_36(rt, m);
-        sp_2048_cond_sub_36(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 72);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_72(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<70; i++) {
-        r[i] = 0x1fffffff;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 64; i += 8) {
-        r[i + 0] = 0x1fffffff;
-        r[i + 1] = 0x1fffffff;
-        r[i + 2] = 0x1fffffff;
-        r[i + 3] = 0x1fffffff;
-        r[i + 4] = 0x1fffffff;
-        r[i + 5] = 0x1fffffff;
-        r[i + 6] = 0x1fffffff;
-        r[i + 7] = 0x1fffffff;
-    }
-    r[64] = 0x1fffffff;
-    r[65] = 0x1fffffff;
-    r[66] = 0x1fffffff;
-    r[67] = 0x1fffffff;
-    r[68] = 0x1fffffff;
-    r[69] = 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-    r[70] = 0x3ffffL;
-    r[71] = 0;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_2048_sub_72(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_2048_cmp_72(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=71; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-#else
-    int i;
-
-    for (i = 64; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 28);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 28);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_sub_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 72; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_add_72(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 72; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[72] += (sp_digit)t;
-#else
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 68; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[68]) + r[68];
-    t[1]  = (tb * a[69]) + r[69];
-    t[2]  = (tb * a[70]) + r[70];
-    t[3]  = (tb * a[71]) + r[71];
-    r[68] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[69] = (sp_digit)(t[1] & 0x1fffffff);
-    t[2] += t[1] >> 29;
-    r[70] = (sp_digit)(t[2] & 0x1fffffff);
-    t[3] += t[2] >> 29;
-    r[71] = (sp_digit)(t[3] & 0x1fffffff);
-    r[72] +=  (sp_digit)(t[3] >> 29);
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 64; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[4] += t[3] >> 29;
-        r[i+4] = (sp_digit)(t[4] & 0x1fffffff);
-        t[5] += t[4] >> 29;
-        r[i+5] = (sp_digit)(t[5] & 0x1fffffff);
-        t[6] += t[5] >> 29;
-        r[i+6] = (sp_digit)(t[6] & 0x1fffffff);
-        t[7] += t[6] >> 29;
-        r[i+7] = (sp_digit)(t[7] & 0x1fffffff);
-        t[0]  = t[7] >> 29;
-    }
-    t[0] += (tb * a[64]) + r[64];
-    t[1]  = (tb * a[65]) + r[65];
-    t[2]  = (tb * a[66]) + r[66];
-    t[3]  = (tb * a[67]) + r[67];
-    t[4]  = (tb * a[68]) + r[68];
-    t[5]  = (tb * a[69]) + r[69];
-    t[6]  = (tb * a[70]) + r[70];
-    t[7]  = (tb * a[71]) + r[71];
-    r[64] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[65] = (sp_digit)(t[1] & 0x1fffffff);
-    t[2] += t[1] >> 29;
-    r[66] = (sp_digit)(t[2] & 0x1fffffff);
-    t[3] += t[2] >> 29;
-    r[67] = (sp_digit)(t[3] & 0x1fffffff);
-    t[4] += t[3] >> 29;
-    r[68] = (sp_digit)(t[4] & 0x1fffffff);
-    t[5] += t[4] >> 29;
-    r[69] = (sp_digit)(t[5] & 0x1fffffff);
-    t[6] += t[5] >> 29;
-    r[70] = (sp_digit)(t[6] & 0x1fffffff);
-    t[7] += t[6] >> 29;
-    r[71] = (sp_digit)(t[7] & 0x1fffffff);
-    r[72] +=  (sp_digit)(t[7] >> 29);
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_2048_mont_shift_72(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_int64 n = a[70] >> 18;
-    n += ((sp_int64)a[71]) << 11;
-
-    for (i = 0; i < 70; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[72 + i]) << 11;
-    }
-    r[70] = (sp_digit)n;
-#else
-    int i;
-    sp_int64 n = a[70] >> 18;
-    n += ((sp_int64)a[71]) << 11;
-    for (i = 0; i < 64; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 72]) << 11;
-        r[i + 1] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 73]) << 11;
-        r[i + 2] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 74]) << 11;
-        r[i + 3] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 75]) << 11;
-        r[i + 4] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 76]) << 11;
-        r[i + 5] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 77]) << 11;
-        r[i + 6] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 78]) << 11;
-        r[i + 7] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29; n += ((sp_int64)a[i + 79]) << 11;
-    }
-    r[64] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[136]) << 11;
-    r[65] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[137]) << 11;
-    r[66] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[138]) << 11;
-    r[67] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[139]) << 11;
-    r[68] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[140]) << 11;
-    r[69] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[141]) << 11;
-    r[70] = (sp_digit)n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[71], 0, sizeof(*r) * 71U);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_2048_mont_reduce_72(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_2048_norm_72(a + 71);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<70; i++) {
-            mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-            sp_2048_mul_add_72(a+i, m, mu);
-            a[i+1] += a[i] >> 29;
-        }
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffL);
-        sp_2048_mul_add_72(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-    else {
-        for (i=0; i<70; i++) {
-            mu = (sp_digit)(a[i] & 0x1fffffff);
-            sp_2048_mul_add_72(a+i, m, mu);
-            a[i+1] += a[i] >> 29;
-        }
-        mu = (sp_digit)(a[i] & 0x3ffffL);
-        sp_2048_mul_add_72(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    for (i=0; i<70; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_2048_mul_add_72(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffL);
-    sp_2048_mul_add_72(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-#endif
-    sp_2048_mont_shift_72(a, a);
-    over = a[70] - m[70];
-    sp_2048_cond_sub_72(a, a, m, ~((over - 1) >> 31));
-    sp_2048_norm_72(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_72(r, a, b);
-    sp_2048_mont_reduce_72(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_72(r, a);
-    sp_2048_mont_reduce_72(r, m, mp);
-}
-
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_71(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 70; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 64; i += 8) {
-        a[i+1] += a[i+0] >> 29; a[i+0] &= 0x1fffffff;
-        a[i+2] += a[i+1] >> 29; a[i+1] &= 0x1fffffff;
-        a[i+3] += a[i+2] >> 29; a[i+2] &= 0x1fffffff;
-        a[i+4] += a[i+3] >> 29; a[i+3] &= 0x1fffffff;
-        a[i+5] += a[i+4] >> 29; a[i+4] &= 0x1fffffff;
-        a[i+6] += a[i+5] >> 29; a[i+5] &= 0x1fffffff;
-        a[i+7] += a[i+6] >> 29; a[i+6] &= 0x1fffffff;
-        a[i+8] += a[i+7] >> 29; a[i+7] &= 0x1fffffff;
-    }
-    a[65] += a[64] >> 29; a[64] &= 0x1fffffff;
-    a[66] += a[65] >> 29; a[65] &= 0x1fffffff;
-    a[67] += a[66] >> 29; a[66] &= 0x1fffffff;
-    a[68] += a[67] >> 29; a[67] &= 0x1fffffff;
-    a[69] += a[68] >> 29; a[68] &= 0x1fffffff;
-    a[70] += a[69] >> 29; a[69] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_144(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 144; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[144] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 144; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[144] = (sp_digit)(t & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 72; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_72(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_2048_rshift_72(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<71; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-#else
-    for (i=0; i<64; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (29 - n)) & 0x1fffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (29 - n)) & 0x1fffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (29 - n)) & 0x1fffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (29 - n)) & 0x1fffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (29 - n)) & 0x1fffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (29 - n)) & 0x1fffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (29 - n)) & 0x1fffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (29 - n)) & 0x1fffffff);
-    }
-    r[64] = (a[64] >> n) | (sp_digit)((a[65] << (29 - n)) & 0x1fffffff);
-    r[65] = (a[65] >> n) | (sp_digit)((a[66] << (29 - n)) & 0x1fffffff);
-    r[66] = (a[66] >> n) | (sp_digit)((a[67] << (29 - n)) & 0x1fffffff);
-    r[67] = (a[67] >> n) | (sp_digit)((a[68] << (29 - n)) & 0x1fffffff);
-    r[68] = (a[68] >> n) | (sp_digit)((a[69] << (29 - n)) & 0x1fffffff);
-    r[69] = (a[69] >> n) | (sp_digit)((a[70] << (29 - n)) & 0x1fffffff);
-    r[70] = (a[70] >> n) | (sp_digit)((a[71] << (29 - n)) & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[71] = a[71] >> n;
-}
-
-static WC_INLINE sp_digit sp_2048_div_word_72(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 29);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 27; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 28) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 29);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 58) - (sp_digit)(d >> 58);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 14) + 1;
-
-    t = (sp_digit)(d >> 28);
-    t = (t / dv) << 14;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_2048_word_div_word_72(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_div_72(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 72 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 72 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 144 + 1;
-        sd = t2 + 72 + 1;
-
-        sp_2048_mul_d_72(sd, d, (sp_digit)1 << 11);
-        sp_2048_mul_d_144(t1, a, (sp_digit)1 << 11);
-        dv = sd[70];
-        t1[71 + 71] += t1[71 + 71 - 1] >> 29;
-        t1[71 + 71 - 1] &= 0x1fffffff;
-        for (i=71; i>=0; i--) {
-            r1 = sp_2048_div_word_72(t1[71 + i], t1[71 + i - 1], dv);
-
-            sp_2048_mul_d_72(t2, sd, r1);
-            (void)sp_2048_sub_72(&t1[i], &t1[i], t2);
-            sp_2048_norm_71(&t1[i]);
-            t1[71 + i] += t1[71 + i - 1] >> 29;
-            t1[71 + i - 1] &= 0x1fffffff;
-            r1 = sp_2048_div_word_72(-t1[71 + i], -t1[71 + i - 1], dv);
-            r1 -= t1[71 + i];
-            sp_2048_mul_d_72(t2, sd, r1);
-            (void)sp_2048_add_72(&t1[i], &t1[i], t2);
-            t1[71 + i] += t1[71 + i - 1] >> 29;
-            t1[71 + i - 1] &= 0x1fffffff;
-        }
-        t1[71 - 1] += t1[71 - 2] >> 29;
-        t1[71 - 2] &= 0x1fffffff;
-        r1 = sp_2048_word_div_word_72(t1[71 - 1], dv);
-
-        sp_2048_mul_d_72(t2, sd, r1);
-        sp_2048_sub_72(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 144U);
-        for (i=0; i<70; i++) {
-            r[i+1] += r[i] >> 29;
-            r[i] &= 0x1fffffff;
-        }
-        sp_2048_cond_add_72(r, r, sd, r[70] >> 31);
-
-        sp_2048_norm_71(r);
-        sp_2048_rshift_72(r, r, 11);
-        r[71] = 0;
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_mod_72(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_72(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_72(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 144);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 144, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 72 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 72U * 2U);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_72(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_72(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 72U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_72(t[1], t[1], norm);
-        err = sp_2048_mod_72(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_72(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 72 * 2);
-            sp_2048_mont_sqr_72(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 72 * 2);
-        }
-
-        sp_2048_mont_reduce_72(t[0], m, mp);
-        n = sp_2048_cmp_72(t[0], m);
-        sp_2048_cond_sub_72(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 72 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 144);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 144, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 72 * 2);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_72(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_72(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_72(t[1], t[1], norm);
-                err = sp_2048_mod_72(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_72(t[1], a, norm);
-            err = sp_2048_mod_72(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_72(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 72 * 2);
-            sp_2048_mont_sqr_72(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 72 * 2);
-        }
-
-        sp_2048_mont_reduce_72(t[0], m, mp);
-        n = sp_2048_cmp_72(t[0], m);
-        sp_2048_cond_sub_72(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 72 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 144) + 144);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 144) + 144, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 144;
-        rt = td + 2304;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_72(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_72(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_72(t[1], t[1], norm);
-                err = sp_2048_mod_72(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_72(t[1], a, norm);
-            err = sp_2048_mod_72(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_72(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_72(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_72(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_72(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_72(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_72(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_72(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_72(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_72(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_72(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_72(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_72(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_72(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_72(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 72) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 144);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 25;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_2048_mont_sqr_72(rt, rt, m, mp);
-            sp_2048_mont_sqr_72(rt, rt, m, mp);
-            sp_2048_mont_sqr_72(rt, rt, m, mp);
-            sp_2048_mont_sqr_72(rt, rt, m, mp);
-
-            sp_2048_mont_mul_72(rt, rt, t[y], m, mp);
-        }
-
-        sp_2048_mont_reduce_72(rt, m, mp);
-        n = sp_2048_cmp_72(rt, m);
-        sp_2048_cond_sub_72(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 144);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) || */
-       /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 72 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 72 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 72 * 2;
-        m = r + 72 * 2;
-        norm = r;
-
-        sp_2048_from_bin(a, 72, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 72, mm);
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_72(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_72(a, a, norm);
-        err = sp_2048_mod_72(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 72 * 2);
-        for (i--; i>=0; i--) {
-            sp_2048_mont_sqr_72(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_2048_mont_mul_72(r, r, a, m, mp);
-            }
-        }
-        sp_2048_mont_reduce_72(r, m, mp);
-        mp = sp_2048_cmp_72(r, m);
-        sp_2048_cond_sub_72(r, r, m, ~(mp >> 31));
-
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 72 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 72 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 72 * 2;
-        m = r + 72 * 2;
-
-        sp_2048_from_bin(a, 72, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 72, mm);
-
-        if (e[0] == 0x3) {
-            sp_2048_sqr_72(r, a);
-            err = sp_2048_mod_72(r, r, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_72(r, a, r);
-                err = sp_2048_mod_72(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-            sp_2048_mont_norm_72(norm, m);
-
-            sp_2048_mul_72(a, a, norm);
-            err = sp_2048_mod_72(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 144U);
-                for (i--; i>=0; i--) {
-                    sp_2048_mont_sqr_72(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_72(r, r, a, m, mp);
-                    }
-                }
-                sp_2048_mont_reduce_72(r, m, mp);
-                mp = sp_2048_cmp_72(r, m);
-                sp_2048_cond_sub_72(r, r, m, ~(mp >> 31));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 72 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 72 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 72;
-        m = a + 144;
-        r = a;
-
-        sp_2048_from_bin(a, 72, in, inLen);
-        sp_2048_from_mp(d, 72, dm);
-        sp_2048_from_mp(m, 72, mm);
-        err = sp_2048_mod_exp_72(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 72, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 72 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 72 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 72;
-        m = a + 144;
-        r = a;
-
-        sp_2048_from_bin(a, 72, in, inLen);
-        sp_2048_from_mp(d, 72, dm);
-        sp_2048_from_mp(m, 72, mm);
-        err = sp_2048_mod_exp_72(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 72, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 36 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 36 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 72;
-        qi = dq = dp = p + 36;
-        tmpa = qi + 36;
-        tmpb = tmpa + 72;
-        r = a;
-
-        sp_2048_from_bin(a, 72, in, inLen);
-        sp_2048_from_mp(p, 36, pm);
-        sp_2048_from_mp(dp, 36, dpm);
-        err = sp_2048_mod_exp_36(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 36, qm);
-        sp_2048_from_mp(dq, 36, dqm);
-        err = sp_2048_mod_exp_36(tmpb, a, dq, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 36, pm);
-        (void)sp_2048_sub_36(tmpa, tmpa, tmpb);
-        sp_2048_norm_36(tmpa);
-        sp_2048_cond_add_36(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[35] >> 31));
-        sp_2048_cond_add_36(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[35] >> 31));
-        sp_2048_norm_36(tmpa);
-
-        sp_2048_from_mp(qi, 36, qim);
-        sp_2048_mul_36(tmpa, tmpa, qi);
-        err = sp_2048_mod_36(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 36, qm);
-        sp_2048_mul_36(tmpa, p, tmpa);
-        (void)sp_2048_add_72(r, tmpb, tmpa);
-        sp_2048_norm_72(r);
-
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 36 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 36 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 36 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 72 * 2;
-        q = p + 36;
-        dp = q + 36;
-        dq = dp + 36;
-        qi = dq + 36;
-        tmpa = qi + 36;
-        tmpb = tmpa + 72;
-        r = a;
-
-        sp_2048_from_bin(a, 72, in, inLen);
-        sp_2048_from_mp(p, 36, pm);
-        sp_2048_from_mp(q, 36, qm);
-        sp_2048_from_mp(dp, 36, dpm);
-        sp_2048_from_mp(dq, 36, dqm);
-        sp_2048_from_mp(qi, 36, qim);
-
-        err = sp_2048_mod_exp_36(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_2048_mod_exp_36(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_2048_sub_36(tmpa, tmpa, tmpb);
-        sp_2048_norm_36(tmpa);
-        sp_2048_cond_add_36(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[35] >> 31));
-        sp_2048_cond_add_36(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[35] >> 31));
-        sp_2048_norm_36(tmpa);
-        sp_2048_mul_36(tmpa, tmpa, qi);
-        err = sp_2048_mod_36(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_36(tmpa, tmpa, q);
-        (void)sp_2048_add_72(r, tmpb, tmpa);
-        sp_2048_norm_72(r);
-
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 36 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 29
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 71);
-        r->used = 71;
-        mp_clamp(r);
-#elif DIGIT_BIT < 29
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 71; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 29) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 29 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 71; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 29 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 29 - s;
-            }
-            else {
-                s += 29;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 72 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 72 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 72 * 2;
-        m = e + 72;
-        r = b;
-
-        sp_2048_from_mp(b, 72, base);
-        sp_2048_from_mp(e, 72, exp);
-        sp_2048_from_mp(m, 72, mod);
-
-        err = sp_2048_mod_exp_72(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 72U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 72 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 72 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 72 * 2;
-        m = e + 72;
-        r = b;
-
-        sp_2048_from_mp(b, 72, base);
-        sp_2048_from_mp(e, 72, exp);
-        sp_2048_from_mp(m, 72, mod);
-
-        err = sp_2048_mod_exp_72(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 72U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-SP_NOINLINE static void sp_2048_lshift_72(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[72] = a[71] >> (29 - n);
-    for (i=71; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[71];
-    r[72] = s >> (29U - n);
-    s = (sp_int_digit)(a[71]); t = (sp_int_digit)(a[70]);
-    r[71] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[70]); t = (sp_int_digit)(a[69]);
-    r[70] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[69]); t = (sp_int_digit)(a[68]);
-    r[69] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[68]); t = (sp_int_digit)(a[67]);
-    r[68] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[67]); t = (sp_int_digit)(a[66]);
-    r[67] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[66]); t = (sp_int_digit)(a[65]);
-    r[66] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[65]); t = (sp_int_digit)(a[64]);
-    r[65] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[64]); t = (sp_int_digit)(a[63]);
-    r[64] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[63]); t = (sp_int_digit)(a[62]);
-    r[63] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[62]); t = (sp_int_digit)(a[61]);
-    r[62] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[61]); t = (sp_int_digit)(a[60]);
-    r[61] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[60]); t = (sp_int_digit)(a[59]);
-    r[60] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[59]); t = (sp_int_digit)(a[58]);
-    r[59] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[58]); t = (sp_int_digit)(a[57]);
-    r[58] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[57]); t = (sp_int_digit)(a[56]);
-    r[57] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[56]); t = (sp_int_digit)(a[55]);
-    r[56] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[55]); t = (sp_int_digit)(a[54]);
-    r[55] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[54]); t = (sp_int_digit)(a[53]);
-    r[54] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[53]); t = (sp_int_digit)(a[52]);
-    r[53] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[52]); t = (sp_int_digit)(a[51]);
-    r[52] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[51]); t = (sp_int_digit)(a[50]);
-    r[51] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[50]); t = (sp_int_digit)(a[49]);
-    r[50] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[49]); t = (sp_int_digit)(a[48]);
-    r[49] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[48]); t = (sp_int_digit)(a[47]);
-    r[48] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[47]); t = (sp_int_digit)(a[46]);
-    r[47] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[46]); t = (sp_int_digit)(a[45]);
-    r[46] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[45]); t = (sp_int_digit)(a[44]);
-    r[45] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[44]); t = (sp_int_digit)(a[43]);
-    r[44] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[43]); t = (sp_int_digit)(a[42]);
-    r[43] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[42]); t = (sp_int_digit)(a[41]);
-    r[42] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[41]); t = (sp_int_digit)(a[40]);
-    r[41] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[40]); t = (sp_int_digit)(a[39]);
-    r[40] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[39]); t = (sp_int_digit)(a[38]);
-    r[39] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[38]); t = (sp_int_digit)(a[37]);
-    r[38] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[37]); t = (sp_int_digit)(a[36]);
-    r[37] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[36]); t = (sp_int_digit)(a[35]);
-    r[36] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0x1fffffff);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_72(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 217);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 217, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 144;
-        XMEMSET(td, 0, sizeof(sp_digit) * 217);
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_72(norm, m);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 72) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        sp_2048_lshift_72(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 25;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_2048_mont_sqr_72(r, r, m, mp);
-            sp_2048_mont_sqr_72(r, r, m, mp);
-            sp_2048_mont_sqr_72(r, r, m, mp);
-            sp_2048_mont_sqr_72(r, r, m, mp);
-
-            sp_2048_lshift_72(r, r, (byte)y);
-            sp_2048_mul_d_72(tmp, norm, (r[71] << 11) + (r[70] >> 18));
-            r[71] = 0;
-            r[70] &= 0x3ffffL;
-            (void)sp_2048_add_72(r, r, tmp);
-            sp_2048_norm_72(r);
-            o = sp_2048_cmp_72(r, m);
-            sp_2048_cond_sub_72(r, r, m, ~(o >> 31));
-        }
-
-        sp_2048_mont_reduce_72(r, m, mp);
-        n = sp_2048_cmp_72(r, m);
-        sp_2048_cond_sub_72(r, r, m, (sp_digit)~(n >> 31));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 72 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 72 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 72 * 2;
-        m = e + 72;
-        r = b;
-
-        sp_2048_from_mp(b, 72, base);
-        sp_2048_from_bin(e, 72, exp, expLen);
-        sp_2048_from_mp(m, 72, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2U &&
-                (m[70] >> 2) == 0xffffL) {
-            err = sp_2048_mod_exp_2_72(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_2048_mod_exp_72(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_2048
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_72(r, out);
-        *outLen = 256;
-        for (i=0; i<256U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 72U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 36 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 36 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 36 * 2;
-        m = e + 36;
-        r = b;
-
-        sp_2048_from_mp(b, 36, base);
-        sp_2048_from_mp(e, 36, exp);
-        sp_2048_from_mp(m, 36, mod);
-
-        err = sp_2048_mod_exp_36(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 36, 0, sizeof(*r) * 36U);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 72U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 36 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 36 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 36 * 2;
-        m = e + 36;
-        r = b;
-
-        sp_2048_from_mp(b, 36, base);
-        sp_2048_from_mp(e, 36, exp);
-        sp_2048_from_mp(m, 36, mod);
-
-        err = sp_2048_mod_exp_36(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 36, 0, sizeof(*r) * 36U);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 72U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-#ifdef WOLFSSL_SP_SMALL
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 21U) {
-            r[j] &= 0x1fffffff;
-            s = 29U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 29
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 28);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 28);
-    }
-#elif DIGIT_BIT > 29
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1fffffff;
-        s = 29U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 29U) <= (word32)DIGIT_BIT) {
-            s += 29U;
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 29) {
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 29 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_106(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<105; i++) {
-        r[i+1] += r[i] >> 29;
-        r[i] &= 0x1fffffff;
-    }
-    j = 3079 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<106 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 29) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 29);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_53(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 52; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_106(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 105; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_106(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[105]) * b[105];
-    r[211] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 209; k >= 0; k--) {
-        if (k >= 106) {
-            i = k - 105;
-            imax = 105;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint64)a[i]) * b[k - i];
-                }
-                c += lo >> 29;
-                lo &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint64)a[i]) * b[k - i];
-            }
-            c += lo >> 29;
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_106(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[105]) * a[105];
-    r[211] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 209; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 105) {
-            imax = k;
-        }
-        else {
-            imax = 105;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint64 hi;
-
-            hi = c >> 29;
-            c &= 0x1fffffff;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint64)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 29;
-                c &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(hi >> 29);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffff);
-            c <<= 29;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint64)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 58);
-            r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-            c = (c & 0x1fffffff) << 29;
-        }
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x &= 0x1fffffff;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 29) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_106(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 106; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[106] = (sp_digit)t;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_53(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 53; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_53(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<52; i++) {
-        r[i] = 0x1fffffff;
-    }
-    r[52] = 0xfffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_53(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_53(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=52; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_53(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 53; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_53(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 53; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[53] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 52; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[52]) + r[52];
-    r[52] = (sp_digit)(t[0] & 0x1fffffff);
-    r[53] +=  (sp_digit)(t[0] >> 29);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 1536 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_53(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[52] >> 28;
-    n += ((sp_int64)a[53]) << 1;
-
-    for (i = 0; i < 52; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[54 + i]) << 1;
-    }
-    r[52] = (sp_digit)n;
-    XMEMSET(&r[53], 0, sizeof(*r) * 53U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_53(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_53(a + 53);
-
-    for (i=0; i<52; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_3072_mul_add_53(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffffL);
-    sp_3072_mul_add_53(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-    sp_3072_mont_shift_53(a, a);
-    over = a[52] - m[52];
-    sp_3072_cond_sub_53(a, a, m, ~((over - 1) >> 31));
-    sp_3072_norm_53(a);
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_53(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[52]) * b[52];
-    r[105] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 103; k >= 0; k--) {
-        if (k >= 53) {
-            i = k - 52;
-            imax = 52;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint64)a[i]) * b[k - i];
-                }
-                c += lo >> 29;
-                lo &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint64)a[i]) * b[k - i];
-            }
-            c += lo >> 29;
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_53(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_53(r, a, b);
-    sp_3072_mont_reduce_53(r, m, mp);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_53(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[52]) * a[52];
-    r[105] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 103; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 52) {
-            imax = k;
-        }
-        else {
-            imax = 52;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint64 hi;
-
-            hi = c >> 29;
-            c &= 0x1fffffff;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint64)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 29;
-                c &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(hi >> 29);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffff);
-            c <<= 29;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint64)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 58);
-            r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-            c = (c & 0x1fffffff) << 29;
-        }
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_53(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_53(r, a);
-    sp_3072_mont_reduce_53(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_53(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 53; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[53] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_53(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 53; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_53(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 53; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_3072_rshift_53(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<52; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-    r[52] = a[52] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_53(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 29);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 27; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 28) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 29);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 58) - (sp_digit)(d >> 58);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 14) + 1;
-
-    t = (sp_digit)(d >> 28);
-    t = (t / dv) << 14;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_53(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_53(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 53 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 53 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 106 + 1;
-        sd = t2 + 53 + 1;
-
-        sp_3072_mul_d_53(sd, d, (sp_digit)1 << 1);
-        sp_3072_mul_d_106(t1, a, (sp_digit)1 << 1);
-        dv = sd[52];
-        t1[53 + 53] += t1[53 + 53 - 1] >> 29;
-        t1[53 + 53 - 1] &= 0x1fffffff;
-        for (i=53; i>=0; i--) {
-            r1 = sp_3072_div_word_53(t1[53 + i], t1[53 + i - 1], dv);
-
-            sp_3072_mul_d_53(t2, sd, r1);
-            (void)sp_3072_sub_53(&t1[i], &t1[i], t2);
-            sp_3072_norm_53(&t1[i]);
-            t1[53 + i] -= t2[53];
-            t1[53 + i] += t1[53 + i - 1] >> 29;
-            t1[53 + i - 1] &= 0x1fffffff;
-            r1 = sp_3072_div_word_53(-t1[53 + i], -t1[53 + i - 1], dv);
-            r1 -= t1[53 + i];
-            sp_3072_mul_d_53(t2, sd, r1);
-            (void)sp_3072_add_53(&t1[i], &t1[i], t2);
-            t1[53 + i] += t1[53 + i - 1] >> 29;
-            t1[53 + i - 1] &= 0x1fffffff;
-        }
-        t1[53 - 1] += t1[53 - 2] >> 29;
-        t1[53 - 2] &= 0x1fffffff;
-        r1 = sp_3072_word_div_word_53(t1[53 - 1], dv);
-
-        sp_3072_mul_d_53(t2, sd, r1);
-        sp_3072_sub_53(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 106U);
-        for (i=0; i<52; i++) {
-            r[i+1] += r[i] >> 29;
-            r[i] &= 0x1fffffff;
-        }
-        sp_3072_cond_add_53(r, r, sd, r[52] >> 31);
-
-        sp_3072_norm_53(r);
-        sp_3072_rshift_53(r, r, 1);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_53(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_53(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_53(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 106);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 106, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 53 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 53U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_53(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_53(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 53U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_53(t[1], t[1], norm);
-        err = sp_3072_mod_53(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_53(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 53 * 2);
-            sp_3072_mont_sqr_53(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 53 * 2);
-        }
-
-        sp_3072_mont_reduce_53(t[0], m, mp);
-        n = sp_3072_cmp_53(t[0], m);
-        sp_3072_cond_sub_53(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 53 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 106);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 106, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 53 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_53(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_53(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_53(t[1], t[1], norm);
-                err = sp_3072_mod_53(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_53(t[1], a, norm);
-            err = sp_3072_mod_53(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_53(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 53 * 2);
-            sp_3072_mont_sqr_53(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 53 * 2);
-        }
-
-        sp_3072_mont_reduce_53(t[0], m, mp);
-        n = sp_3072_cmp_53(t[0], m);
-        sp_3072_cond_sub_53(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 53 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 106) + 106);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 106) + 106, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 106;
-        rt = td + 3392;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_53(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_53(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_53(t[1], t[1], norm);
-                err = sp_3072_mod_53(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_53(t[1], a, norm);
-            err = sp_3072_mod_53(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_53(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_53(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_53(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_53(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_53(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_53(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_53(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_53(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_53(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_53(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_53(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_53(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_53(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_53(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_53(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_53(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_53(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_53(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_53(t[20], t[10], m, mp);
-        sp_3072_mont_mul_53(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_53(t[22], t[11], m, mp);
-        sp_3072_mont_mul_53(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_53(t[24], t[12], m, mp);
-        sp_3072_mont_mul_53(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_53(t[26], t[13], m, mp);
-        sp_3072_mont_mul_53(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_53(t[28], t[14], m, mp);
-        sp_3072_mont_mul_53(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_53(t[30], t[15], m, mp);
-        sp_3072_mont_mul_53(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 53) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 27) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 106);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c = 24;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n = e[i--] << 3;
-                c = 5 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_3072_mont_sqr_53(rt, rt, m, mp);
-            sp_3072_mont_sqr_53(rt, rt, m, mp);
-            sp_3072_mont_sqr_53(rt, rt, m, mp);
-            sp_3072_mont_sqr_53(rt, rt, m, mp);
-            sp_3072_mont_sqr_53(rt, rt, m, mp);
-
-            sp_3072_mont_mul_53(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_53(rt, m, mp);
-        n = sp_3072_cmp_53(rt, m);
-        sp_3072_cond_sub_53(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 106);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_106(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 106; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_106(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<105; i++) {
-        r[i] = 0x1fffffff;
-    }
-    r[105] = 0x7ffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_106(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_106(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=105; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_106(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 106; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_106(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 106; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[106] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 104; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[104]) + r[104];
-    t[1]  = (tb * a[105]) + r[105];
-    r[104] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[105] = (sp_digit)(t[1] & 0x1fffffff);
-    r[106] +=  (sp_digit)(t[1] >> 29);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 3072 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_106(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[105] >> 27;
-    n += ((sp_int64)a[106]) << 2;
-
-    for (i = 0; i < 105; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[107 + i]) << 2;
-    }
-    r[105] = (sp_digit)n;
-    XMEMSET(&r[106], 0, sizeof(*r) * 106U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_106(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_106(a + 106);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<105; i++) {
-            mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-            sp_3072_mul_add_106(a+i, m, mu);
-            a[i+1] += a[i] >> 29;
-        }
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x7ffffffL);
-        sp_3072_mul_add_106(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-    else {
-        for (i=0; i<105; i++) {
-            mu = (sp_digit)(a[i] & 0x1fffffff);
-            sp_3072_mul_add_106(a+i, m, mu);
-            a[i+1] += a[i] >> 29;
-        }
-        mu = (sp_digit)(a[i] & 0x7ffffffL);
-        sp_3072_mul_add_106(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    for (i=0; i<105; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_3072_mul_add_106(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x7ffffffL);
-    sp_3072_mul_add_106(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-#endif
-    sp_3072_mont_shift_106(a, a);
-    over = a[105] - m[105];
-    sp_3072_cond_sub_106(a, a, m, ~((over - 1) >> 31));
-    sp_3072_norm_106(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_106(r, a, b);
-    sp_3072_mont_reduce_106(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_106(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_106(r, a);
-    sp_3072_mont_reduce_106(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_212(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 212; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[212] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_106(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 106; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_106(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 106; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_3072_rshift_106(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<105; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-    r[105] = a[105] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_106(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 29);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 27; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 28) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 29);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 58) - (sp_digit)(d >> 58);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 14) + 1;
-
-    t = (sp_digit)(d >> 28);
-    t = (t / dv) << 14;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_106(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_106(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 106 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 106 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 212 + 1;
-        sd = t2 + 106 + 1;
-
-        sp_3072_mul_d_106(sd, d, (sp_digit)1 << 2);
-        sp_3072_mul_d_212(t1, a, (sp_digit)1 << 2);
-        dv = sd[105];
-        t1[106 + 106] += t1[106 + 106 - 1] >> 29;
-        t1[106 + 106 - 1] &= 0x1fffffff;
-        for (i=106; i>=0; i--) {
-            r1 = sp_3072_div_word_106(t1[106 + i], t1[106 + i - 1], dv);
-
-            sp_3072_mul_d_106(t2, sd, r1);
-            (void)sp_3072_sub_106(&t1[i], &t1[i], t2);
-            sp_3072_norm_106(&t1[i]);
-            t1[106 + i] -= t2[106];
-            t1[106 + i] += t1[106 + i - 1] >> 29;
-            t1[106 + i - 1] &= 0x1fffffff;
-            r1 = sp_3072_div_word_106(-t1[106 + i], -t1[106 + i - 1], dv);
-            r1 -= t1[106 + i];
-            sp_3072_mul_d_106(t2, sd, r1);
-            (void)sp_3072_add_106(&t1[i], &t1[i], t2);
-            t1[106 + i] += t1[106 + i - 1] >> 29;
-            t1[106 + i - 1] &= 0x1fffffff;
-        }
-        t1[106 - 1] += t1[106 - 2] >> 29;
-        t1[106 - 2] &= 0x1fffffff;
-        r1 = sp_3072_word_div_word_106(t1[106 - 1], dv);
-
-        sp_3072_mul_d_106(t2, sd, r1);
-        sp_3072_sub_106(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 212U);
-        for (i=0; i<105; i++) {
-            r[i+1] += r[i] >> 29;
-            r[i] &= 0x1fffffff;
-        }
-        sp_3072_cond_add_106(r, r, sd, r[105] >> 31);
-
-        sp_3072_norm_106(r);
-        sp_3072_rshift_106(r, r, 2);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_106(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_106(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_106(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 212);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 212, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 106 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 106U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_106(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_106(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 106U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_106(t[1], t[1], norm);
-        err = sp_3072_mod_106(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_106(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 106 * 2);
-            sp_3072_mont_sqr_106(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 106 * 2);
-        }
-
-        sp_3072_mont_reduce_106(t[0], m, mp);
-        n = sp_3072_cmp_106(t[0], m);
-        sp_3072_cond_sub_106(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 106 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 212);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 212, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 106 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_106(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_106(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_106(t[1], t[1], norm);
-                err = sp_3072_mod_106(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_106(t[1], a, norm);
-            err = sp_3072_mod_106(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_106(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 106 * 2);
-            sp_3072_mont_sqr_106(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 106 * 2);
-        }
-
-        sp_3072_mont_reduce_106(t[0], m, mp);
-        n = sp_3072_cmp_106(t[0], m);
-        sp_3072_cond_sub_106(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 106 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 212) + 212);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 212) + 212, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 212;
-        rt = td + 3392;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_106(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_106(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_106(t[1], t[1], norm);
-                err = sp_3072_mod_106(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_106(t[1], a, norm);
-            err = sp_3072_mod_106(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_106(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_106(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_106(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_106(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_106(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_106(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_106(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_106(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_106(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_106(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_106(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_106(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_106(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_106(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 106) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 212);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 25;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_3072_mont_sqr_106(rt, rt, m, mp);
-            sp_3072_mont_sqr_106(rt, rt, m, mp);
-            sp_3072_mont_sqr_106(rt, rt, m, mp);
-            sp_3072_mont_sqr_106(rt, rt, m, mp);
-
-            sp_3072_mont_mul_106(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_106(rt, m, mp);
-        n = sp_3072_cmp_106(rt, m);
-        sp_3072_cond_sub_106(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 212);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 106 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 106 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 106 * 2;
-        m = r + 106 * 2;
-        norm = r;
-
-        sp_3072_from_bin(a, 106, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 106, mm);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_106(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_106(a, a, norm);
-        err = sp_3072_mod_106(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 106 * 2);
-        for (i--; i>=0; i--) {
-            sp_3072_mont_sqr_106(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_3072_mont_mul_106(r, r, a, m, mp);
-            }
-        }
-        sp_3072_mont_reduce_106(r, m, mp);
-        mp = sp_3072_cmp_106(r, m);
-        sp_3072_cond_sub_106(r, r, m, ~(mp >> 31));
-
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 106 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 106 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 106 * 2;
-        m = r + 106 * 2;
-
-        sp_3072_from_bin(a, 106, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 106, mm);
-
-        if (e[0] == 0x3) {
-            sp_3072_sqr_106(r, a);
-            err = sp_3072_mod_106(r, r, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_106(r, a, r);
-                err = sp_3072_mod_106(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-            sp_3072_mont_norm_106(norm, m);
-
-            sp_3072_mul_106(a, a, norm);
-            err = sp_3072_mod_106(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 212U);
-                for (i--; i>=0; i--) {
-                    sp_3072_mont_sqr_106(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_106(r, r, a, m, mp);
-                    }
-                }
-                sp_3072_mont_reduce_106(r, m, mp);
-                mp = sp_3072_cmp_106(r, m);
-                sp_3072_cond_sub_106(r, r, m, ~(mp >> 31));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 106 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 106 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 106;
-        m = a + 212;
-        r = a;
-
-        sp_3072_from_bin(a, 106, in, inLen);
-        sp_3072_from_mp(d, 106, dm);
-        sp_3072_from_mp(m, 106, mm);
-        err = sp_3072_mod_exp_106(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 106, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 106 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 106 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 106;
-        m = a + 212;
-        r = a;
-
-        sp_3072_from_bin(a, 106, in, inLen);
-        sp_3072_from_mp(d, 106, dm);
-        sp_3072_from_mp(m, 106, mm);
-        err = sp_3072_mod_exp_106(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 106, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 53 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 53 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 106;
-        qi = dq = dp = p + 53;
-        tmpa = qi + 53;
-        tmpb = tmpa + 106;
-        r = a;
-
-        sp_3072_from_bin(a, 106, in, inLen);
-        sp_3072_from_mp(p, 53, pm);
-        sp_3072_from_mp(dp, 53, dpm);
-        err = sp_3072_mod_exp_53(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 53, qm);
-        sp_3072_from_mp(dq, 53, dqm);
-        err = sp_3072_mod_exp_53(tmpb, a, dq, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 53, pm);
-        (void)sp_3072_sub_53(tmpa, tmpa, tmpb);
-        sp_3072_norm_53(tmpa);
-        sp_3072_cond_add_53(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[52] >> 31));
-        sp_3072_cond_add_53(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[52] >> 31));
-        sp_3072_norm_53(tmpa);
-
-        sp_3072_from_mp(qi, 53, qim);
-        sp_3072_mul_53(tmpa, tmpa, qi);
-        err = sp_3072_mod_53(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 53, qm);
-        sp_3072_mul_53(tmpa, p, tmpa);
-        (void)sp_3072_add_106(r, tmpb, tmpa);
-        sp_3072_norm_106(r);
-
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 53 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 53 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 53 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 106 * 2;
-        q = p + 53;
-        dp = q + 53;
-        dq = dp + 53;
-        qi = dq + 53;
-        tmpa = qi + 53;
-        tmpb = tmpa + 106;
-        r = a;
-
-        sp_3072_from_bin(a, 106, in, inLen);
-        sp_3072_from_mp(p, 53, pm);
-        sp_3072_from_mp(q, 53, qm);
-        sp_3072_from_mp(dp, 53, dpm);
-        sp_3072_from_mp(dq, 53, dqm);
-        sp_3072_from_mp(qi, 53, qim);
-
-        err = sp_3072_mod_exp_53(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_3072_mod_exp_53(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_3072_sub_53(tmpa, tmpa, tmpb);
-        sp_3072_norm_53(tmpa);
-        sp_3072_cond_add_53(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[52] >> 31));
-        sp_3072_cond_add_53(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[52] >> 31));
-        sp_3072_norm_53(tmpa);
-        sp_3072_mul_53(tmpa, tmpa, qi);
-        err = sp_3072_mod_53(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_53(tmpa, tmpa, q);
-        (void)sp_3072_add_106(r, tmpb, tmpa);
-        sp_3072_norm_106(r);
-
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 53 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 29
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 106);
-        r->used = 106;
-        mp_clamp(r);
-#elif DIGIT_BIT < 29
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 106; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 29) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 29 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 106; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 29 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 29 - s;
-            }
-            else {
-                s += 29;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 106 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 106 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 106 * 2;
-        m = e + 106;
-        r = b;
-
-        sp_3072_from_mp(b, 106, base);
-        sp_3072_from_mp(e, 106, exp);
-        sp_3072_from_mp(m, 106, mod);
-
-        err = sp_3072_mod_exp_106(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 106U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 106 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 106 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 106 * 2;
-        m = e + 106;
-        r = b;
-
-        sp_3072_from_mp(b, 106, base);
-        sp_3072_from_mp(e, 106, exp);
-        sp_3072_from_mp(m, 106, mod);
-
-        err = sp_3072_mod_exp_106(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 106U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-SP_NOINLINE static void sp_3072_lshift_106(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    r[106] = a[105] >> (29 - n);
-    for (i=105; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff);
-    }
-    r[0] = (sp_digit)((a[0] << n) & 0x1fffffff);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_106(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 319);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 319, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 212;
-        XMEMSET(td, 0, sizeof(sp_digit) * 319);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_106(norm, m);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 106) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        sp_3072_lshift_106(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 25;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_3072_mont_sqr_106(r, r, m, mp);
-            sp_3072_mont_sqr_106(r, r, m, mp);
-            sp_3072_mont_sqr_106(r, r, m, mp);
-            sp_3072_mont_sqr_106(r, r, m, mp);
-
-            sp_3072_lshift_106(r, r, (byte)y);
-            sp_3072_mul_d_106(tmp, norm, (r[106] << 2) + (r[105] >> 27));
-            r[106] = 0;
-            r[105] &= 0x7ffffffL;
-            (void)sp_3072_add_106(r, r, tmp);
-            sp_3072_norm_106(r);
-            o = sp_3072_cmp_106(r, m);
-            sp_3072_cond_sub_106(r, r, m, ~(o >> 31));
-        }
-
-        sp_3072_mont_reduce_106(r, m, mp);
-        n = sp_3072_cmp_106(r, m);
-        sp_3072_cond_sub_106(r, r, m, (sp_digit)~(n >> 31));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 106 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 106 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 106 * 2;
-        m = e + 106;
-        r = b;
-
-        sp_3072_from_mp(b, 106, base);
-        sp_3072_from_bin(e, 106, exp, expLen);
-        sp_3072_from_mp(m, 106, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2U &&
-                (m[105] >> 11) == 0xffffL) {
-            err = sp_3072_mod_exp_2_106(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_3072_mod_exp_106(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_3072
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_106(r, out);
-        *outLen = 384;
-        for (i=0; i<384U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 106U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 53 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 53 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 53 * 2;
-        m = e + 53;
-        r = b;
-
-        sp_3072_from_mp(b, 53, base);
-        sp_3072_from_mp(e, 53, exp);
-        sp_3072_from_mp(m, 53, mod);
-
-        err = sp_3072_mod_exp_53(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 53, 0, sizeof(*r) * 53U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 106U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 53 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 53 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 53 * 2;
-        m = e + 53;
-        r = b;
-
-        sp_3072_from_mp(b, 53, base);
-        sp_3072_from_mp(e, 53, exp);
-        sp_3072_from_mp(m, 53, mod);
-
-        err = sp_3072_mod_exp_53(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 53, 0, sizeof(*r) * 53U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 106U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#else
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 20U) {
-            r[j] &= 0xfffffff;
-            s = 28U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 28
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 27);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 27);
-    }
-#elif DIGIT_BIT > 28
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xfffffff;
-        s = 28U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 28U) <= (word32)DIGIT_BIT) {
-            s += 28U;
-            r[j] &= 0xfffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 28) {
-            r[j] &= 0xfffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 28 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_112(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<111; i++) {
-        r[i+1] += r[i] >> 28;
-        r[i] &= 0xfffffff;
-    }
-    j = 3079 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<110 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 28) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 28);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_56(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 48; i += 8) {
-        a[i+1] += a[i+0] >> 28; a[i+0] &= 0xfffffff;
-        a[i+2] += a[i+1] >> 28; a[i+1] &= 0xfffffff;
-        a[i+3] += a[i+2] >> 28; a[i+2] &= 0xfffffff;
-        a[i+4] += a[i+3] >> 28; a[i+3] &= 0xfffffff;
-        a[i+5] += a[i+4] >> 28; a[i+4] &= 0xfffffff;
-        a[i+6] += a[i+5] >> 28; a[i+5] &= 0xfffffff;
-        a[i+7] += a[i+6] >> 28; a[i+6] &= 0xfffffff;
-        a[i+8] += a[i+7] >> 28; a[i+7] &= 0xfffffff;
-    }
-    a[49] += a[48] >> 28; a[48] &= 0xfffffff;
-    a[50] += a[49] >> 28; a[49] &= 0xfffffff;
-    a[51] += a[50] >> 28; a[50] &= 0xfffffff;
-    a[52] += a[51] >> 28; a[51] &= 0xfffffff;
-    a[53] += a[52] >> 28; a[52] &= 0xfffffff;
-    a[54] += a[53] >> 28; a[53] &= 0xfffffff;
-    a[55] += a[54] >> 28; a[54] &= 0xfffffff;
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_55(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 48; i += 8) {
-        a[i+1] += a[i+0] >> 28; a[i+0] &= 0xfffffff;
-        a[i+2] += a[i+1] >> 28; a[i+1] &= 0xfffffff;
-        a[i+3] += a[i+2] >> 28; a[i+2] &= 0xfffffff;
-        a[i+4] += a[i+3] >> 28; a[i+3] &= 0xfffffff;
-        a[i+5] += a[i+4] >> 28; a[i+4] &= 0xfffffff;
-        a[i+6] += a[i+5] >> 28; a[i+5] &= 0xfffffff;
-        a[i+7] += a[i+6] >> 28; a[i+6] &= 0xfffffff;
-        a[i+8] += a[i+7] >> 28; a[i+7] &= 0xfffffff;
-    }
-    a[49] += a[48] >> 28; a[48] &= 0xfffffff;
-    a[50] += a[49] >> 28; a[49] &= 0xfffffff;
-    a[51] += a[50] >> 28; a[50] &= 0xfffffff;
-    a[52] += a[51] >> 28; a[51] &= 0xfffffff;
-    a[53] += a[52] >> 28; a[52] &= 0xfffffff;
-    a[54] += a[53] >> 28; a[53] &= 0xfffffff;
-}
-
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_112(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 104; i += 8) {
-        a[i+1] += a[i+0] >> 28; a[i+0] &= 0xfffffff;
-        a[i+2] += a[i+1] >> 28; a[i+1] &= 0xfffffff;
-        a[i+3] += a[i+2] >> 28; a[i+2] &= 0xfffffff;
-        a[i+4] += a[i+3] >> 28; a[i+3] &= 0xfffffff;
-        a[i+5] += a[i+4] >> 28; a[i+4] &= 0xfffffff;
-        a[i+6] += a[i+5] >> 28; a[i+5] &= 0xfffffff;
-        a[i+7] += a[i+6] >> 28; a[i+6] &= 0xfffffff;
-        a[i+8] += a[i+7] >> 28; a[i+7] &= 0xfffffff;
-    }
-    a[105] += a[104] >> 28; a[104] &= 0xfffffff;
-    a[106] += a[105] >> 28; a[105] &= 0xfffffff;
-    a[107] += a[106] >> 28; a[106] &= 0xfffffff;
-    a[108] += a[107] >> 28; a[107] &= 0xfffffff;
-    a[109] += a[108] >> 28; a[108] &= 0xfffffff;
-    a[110] += a[109] >> 28; a[109] &= 0xfffffff;
-    a[111] += a[110] >> 28; a[110] &= 0xfffffff;
-}
-
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_110(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 104; i += 8) {
-        a[i+1] += a[i+0] >> 28; a[i+0] &= 0xfffffff;
-        a[i+2] += a[i+1] >> 28; a[i+1] &= 0xfffffff;
-        a[i+3] += a[i+2] >> 28; a[i+2] &= 0xfffffff;
-        a[i+4] += a[i+3] >> 28; a[i+3] &= 0xfffffff;
-        a[i+5] += a[i+4] >> 28; a[i+4] &= 0xfffffff;
-        a[i+6] += a[i+5] >> 28; a[i+5] &= 0xfffffff;
-        a[i+7] += a[i+6] >> 28; a[i+6] &= 0xfffffff;
-        a[i+8] += a[i+7] >> 28; a[i+7] &= 0xfffffff;
-    }
-    a[105] += a[104] >> 28; a[104] &= 0xfffffff;
-    a[106] += a[105] >> 28; a[105] &= 0xfffffff;
-    a[107] += a[106] >> 28; a[106] &= 0xfffffff;
-    a[108] += a[107] >> 28; a[107] &= 0xfffffff;
-    a[109] += a[108] >> 28; a[108] &= 0xfffffff;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_14(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_uint64 t0;
-    sp_uint64 t1;
-    sp_digit t[14];
-
-    t0 = ((sp_uint64)a[ 0]) * b[ 0];
-    t1 = ((sp_uint64)a[ 0]) * b[ 1]
-       + ((sp_uint64)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 0]) * b[ 2]
-       + ((sp_uint64)a[ 1]) * b[ 1]
-       + ((sp_uint64)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 0]) * b[ 3]
-       + ((sp_uint64)a[ 1]) * b[ 2]
-       + ((sp_uint64)a[ 2]) * b[ 1]
-       + ((sp_uint64)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 0]) * b[ 4]
-       + ((sp_uint64)a[ 1]) * b[ 3]
-       + ((sp_uint64)a[ 2]) * b[ 2]
-       + ((sp_uint64)a[ 3]) * b[ 1]
-       + ((sp_uint64)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 0]) * b[ 5]
-       + ((sp_uint64)a[ 1]) * b[ 4]
-       + ((sp_uint64)a[ 2]) * b[ 3]
-       + ((sp_uint64)a[ 3]) * b[ 2]
-       + ((sp_uint64)a[ 4]) * b[ 1]
-       + ((sp_uint64)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 0]) * b[ 6]
-       + ((sp_uint64)a[ 1]) * b[ 5]
-       + ((sp_uint64)a[ 2]) * b[ 4]
-       + ((sp_uint64)a[ 3]) * b[ 3]
-       + ((sp_uint64)a[ 4]) * b[ 2]
-       + ((sp_uint64)a[ 5]) * b[ 1]
-       + ((sp_uint64)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 0]) * b[ 7]
-       + ((sp_uint64)a[ 1]) * b[ 6]
-       + ((sp_uint64)a[ 2]) * b[ 5]
-       + ((sp_uint64)a[ 3]) * b[ 4]
-       + ((sp_uint64)a[ 4]) * b[ 3]
-       + ((sp_uint64)a[ 5]) * b[ 2]
-       + ((sp_uint64)a[ 6]) * b[ 1]
-       + ((sp_uint64)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 0]) * b[ 8]
-       + ((sp_uint64)a[ 1]) * b[ 7]
-       + ((sp_uint64)a[ 2]) * b[ 6]
-       + ((sp_uint64)a[ 3]) * b[ 5]
-       + ((sp_uint64)a[ 4]) * b[ 4]
-       + ((sp_uint64)a[ 5]) * b[ 3]
-       + ((sp_uint64)a[ 6]) * b[ 2]
-       + ((sp_uint64)a[ 7]) * b[ 1]
-       + ((sp_uint64)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 0]) * b[ 9]
-       + ((sp_uint64)a[ 1]) * b[ 8]
-       + ((sp_uint64)a[ 2]) * b[ 7]
-       + ((sp_uint64)a[ 3]) * b[ 6]
-       + ((sp_uint64)a[ 4]) * b[ 5]
-       + ((sp_uint64)a[ 5]) * b[ 4]
-       + ((sp_uint64)a[ 6]) * b[ 3]
-       + ((sp_uint64)a[ 7]) * b[ 2]
-       + ((sp_uint64)a[ 8]) * b[ 1]
-       + ((sp_uint64)a[ 9]) * b[ 0];
-    t[ 8] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 0]) * b[10]
-       + ((sp_uint64)a[ 1]) * b[ 9]
-       + ((sp_uint64)a[ 2]) * b[ 8]
-       + ((sp_uint64)a[ 3]) * b[ 7]
-       + ((sp_uint64)a[ 4]) * b[ 6]
-       + ((sp_uint64)a[ 5]) * b[ 5]
-       + ((sp_uint64)a[ 6]) * b[ 4]
-       + ((sp_uint64)a[ 7]) * b[ 3]
-       + ((sp_uint64)a[ 8]) * b[ 2]
-       + ((sp_uint64)a[ 9]) * b[ 1]
-       + ((sp_uint64)a[10]) * b[ 0];
-    t[ 9] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 0]) * b[11]
-       + ((sp_uint64)a[ 1]) * b[10]
-       + ((sp_uint64)a[ 2]) * b[ 9]
-       + ((sp_uint64)a[ 3]) * b[ 8]
-       + ((sp_uint64)a[ 4]) * b[ 7]
-       + ((sp_uint64)a[ 5]) * b[ 6]
-       + ((sp_uint64)a[ 6]) * b[ 5]
-       + ((sp_uint64)a[ 7]) * b[ 4]
-       + ((sp_uint64)a[ 8]) * b[ 3]
-       + ((sp_uint64)a[ 9]) * b[ 2]
-       + ((sp_uint64)a[10]) * b[ 1]
-       + ((sp_uint64)a[11]) * b[ 0];
-    t[10] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 0]) * b[12]
-       + ((sp_uint64)a[ 1]) * b[11]
-       + ((sp_uint64)a[ 2]) * b[10]
-       + ((sp_uint64)a[ 3]) * b[ 9]
-       + ((sp_uint64)a[ 4]) * b[ 8]
-       + ((sp_uint64)a[ 5]) * b[ 7]
-       + ((sp_uint64)a[ 6]) * b[ 6]
-       + ((sp_uint64)a[ 7]) * b[ 5]
-       + ((sp_uint64)a[ 8]) * b[ 4]
-       + ((sp_uint64)a[ 9]) * b[ 3]
-       + ((sp_uint64)a[10]) * b[ 2]
-       + ((sp_uint64)a[11]) * b[ 1]
-       + ((sp_uint64)a[12]) * b[ 0];
-    t[11] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 0]) * b[13]
-       + ((sp_uint64)a[ 1]) * b[12]
-       + ((sp_uint64)a[ 2]) * b[11]
-       + ((sp_uint64)a[ 3]) * b[10]
-       + ((sp_uint64)a[ 4]) * b[ 9]
-       + ((sp_uint64)a[ 5]) * b[ 8]
-       + ((sp_uint64)a[ 6]) * b[ 7]
-       + ((sp_uint64)a[ 7]) * b[ 6]
-       + ((sp_uint64)a[ 8]) * b[ 5]
-       + ((sp_uint64)a[ 9]) * b[ 4]
-       + ((sp_uint64)a[10]) * b[ 3]
-       + ((sp_uint64)a[11]) * b[ 2]
-       + ((sp_uint64)a[12]) * b[ 1]
-       + ((sp_uint64)a[13]) * b[ 0];
-    t[12] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 1]) * b[13]
-       + ((sp_uint64)a[ 2]) * b[12]
-       + ((sp_uint64)a[ 3]) * b[11]
-       + ((sp_uint64)a[ 4]) * b[10]
-       + ((sp_uint64)a[ 5]) * b[ 9]
-       + ((sp_uint64)a[ 6]) * b[ 8]
-       + ((sp_uint64)a[ 7]) * b[ 7]
-       + ((sp_uint64)a[ 8]) * b[ 6]
-       + ((sp_uint64)a[ 9]) * b[ 5]
-       + ((sp_uint64)a[10]) * b[ 4]
-       + ((sp_uint64)a[11]) * b[ 3]
-       + ((sp_uint64)a[12]) * b[ 2]
-       + ((sp_uint64)a[13]) * b[ 1];
-    t[13] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 2]) * b[13]
-       + ((sp_uint64)a[ 3]) * b[12]
-       + ((sp_uint64)a[ 4]) * b[11]
-       + ((sp_uint64)a[ 5]) * b[10]
-       + ((sp_uint64)a[ 6]) * b[ 9]
-       + ((sp_uint64)a[ 7]) * b[ 8]
-       + ((sp_uint64)a[ 8]) * b[ 7]
-       + ((sp_uint64)a[ 9]) * b[ 6]
-       + ((sp_uint64)a[10]) * b[ 5]
-       + ((sp_uint64)a[11]) * b[ 4]
-       + ((sp_uint64)a[12]) * b[ 3]
-       + ((sp_uint64)a[13]) * b[ 2];
-    r[14] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 3]) * b[13]
-       + ((sp_uint64)a[ 4]) * b[12]
-       + ((sp_uint64)a[ 5]) * b[11]
-       + ((sp_uint64)a[ 6]) * b[10]
-       + ((sp_uint64)a[ 7]) * b[ 9]
-       + ((sp_uint64)a[ 8]) * b[ 8]
-       + ((sp_uint64)a[ 9]) * b[ 7]
-       + ((sp_uint64)a[10]) * b[ 6]
-       + ((sp_uint64)a[11]) * b[ 5]
-       + ((sp_uint64)a[12]) * b[ 4]
-       + ((sp_uint64)a[13]) * b[ 3];
-    r[15] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 4]) * b[13]
-       + ((sp_uint64)a[ 5]) * b[12]
-       + ((sp_uint64)a[ 6]) * b[11]
-       + ((sp_uint64)a[ 7]) * b[10]
-       + ((sp_uint64)a[ 8]) * b[ 9]
-       + ((sp_uint64)a[ 9]) * b[ 8]
-       + ((sp_uint64)a[10]) * b[ 7]
-       + ((sp_uint64)a[11]) * b[ 6]
-       + ((sp_uint64)a[12]) * b[ 5]
-       + ((sp_uint64)a[13]) * b[ 4];
-    r[16] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 5]) * b[13]
-       + ((sp_uint64)a[ 6]) * b[12]
-       + ((sp_uint64)a[ 7]) * b[11]
-       + ((sp_uint64)a[ 8]) * b[10]
-       + ((sp_uint64)a[ 9]) * b[ 9]
-       + ((sp_uint64)a[10]) * b[ 8]
-       + ((sp_uint64)a[11]) * b[ 7]
-       + ((sp_uint64)a[12]) * b[ 6]
-       + ((sp_uint64)a[13]) * b[ 5];
-    r[17] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 6]) * b[13]
-       + ((sp_uint64)a[ 7]) * b[12]
-       + ((sp_uint64)a[ 8]) * b[11]
-       + ((sp_uint64)a[ 9]) * b[10]
-       + ((sp_uint64)a[10]) * b[ 9]
-       + ((sp_uint64)a[11]) * b[ 8]
-       + ((sp_uint64)a[12]) * b[ 7]
-       + ((sp_uint64)a[13]) * b[ 6];
-    r[18] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 7]) * b[13]
-       + ((sp_uint64)a[ 8]) * b[12]
-       + ((sp_uint64)a[ 9]) * b[11]
-       + ((sp_uint64)a[10]) * b[10]
-       + ((sp_uint64)a[11]) * b[ 9]
-       + ((sp_uint64)a[12]) * b[ 8]
-       + ((sp_uint64)a[13]) * b[ 7];
-    r[19] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[ 8]) * b[13]
-       + ((sp_uint64)a[ 9]) * b[12]
-       + ((sp_uint64)a[10]) * b[11]
-       + ((sp_uint64)a[11]) * b[10]
-       + ((sp_uint64)a[12]) * b[ 9]
-       + ((sp_uint64)a[13]) * b[ 8];
-    r[20] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[ 9]) * b[13]
-       + ((sp_uint64)a[10]) * b[12]
-       + ((sp_uint64)a[11]) * b[11]
-       + ((sp_uint64)a[12]) * b[10]
-       + ((sp_uint64)a[13]) * b[ 9];
-    r[21] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[10]) * b[13]
-       + ((sp_uint64)a[11]) * b[12]
-       + ((sp_uint64)a[12]) * b[11]
-       + ((sp_uint64)a[13]) * b[10];
-    r[22] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[11]) * b[13]
-       + ((sp_uint64)a[12]) * b[12]
-       + ((sp_uint64)a[13]) * b[11];
-    r[23] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = ((sp_uint64)a[12]) * b[13]
-       + ((sp_uint64)a[13]) * b[12];
-    r[24] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = ((sp_uint64)a[13]) * b[13];
-    r[25] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    r[26] = (sp_digit)(t0 & 0xfffffff);
-    r[27] = (sp_digit)(t0 >> 28);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_14(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-    r[ 9] = a[ 9] + b[ 9];
-    r[10] = a[10] + b[10];
-    r[11] = a[11] + b[11];
-    r[12] = a[12] + b[12];
-    r[13] = a[13] + b[13];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_28(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[24] = a[24] + b[24];
-    r[25] = a[25] + b[25];
-    r[26] = a[26] + b[26];
-    r[27] = a[27] + b[27];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_28(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[24] = a[24] - b[24];
-    r[25] = a[25] - b[25];
-    r[26] = a[26] - b[26];
-    r[27] = a[27] - b[27];
-
-    return 0;
-}
-
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_14(sp_digit* a)
-{
-    a[1] += a[0] >> 28; a[0] &= 0xfffffff;
-    a[2] += a[1] >> 28; a[1] &= 0xfffffff;
-    a[3] += a[2] >> 28; a[2] &= 0xfffffff;
-    a[4] += a[3] >> 28; a[3] &= 0xfffffff;
-    a[5] += a[4] >> 28; a[4] &= 0xfffffff;
-    a[6] += a[5] >> 28; a[5] &= 0xfffffff;
-    a[7] += a[6] >> 28; a[6] &= 0xfffffff;
-    a[8] += a[7] >> 28; a[7] &= 0xfffffff;
-    a[9] += a[8] >> 28; a[8] &= 0xfffffff;
-    a[10] += a[9] >> 28; a[9] &= 0xfffffff;
-    a[11] += a[10] >> 28; a[10] &= 0xfffffff;
-    a[12] += a[11] >> 28; a[11] &= 0xfffffff;
-    a[13] += a[12] >> 28; a[12] &= 0xfffffff;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_28(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[28];
-    sp_digit* a1 = z1;
-    sp_digit b1[14];
-    sp_digit* z2 = r + 28;
-    (void)sp_3072_add_14(a1, a, &a[14]);
-    sp_3072_norm_14(a1);
-    (void)sp_3072_add_14(b1, b, &b[14]);
-    sp_3072_norm_14(b1);
-    sp_3072_mul_14(z2, &a[14], &b[14]);
-    sp_3072_mul_14(z0, a, b);
-    sp_3072_mul_14(z1, a1, b1);
-    (void)sp_3072_sub_28(z1, z1, z2);
-    (void)sp_3072_sub_28(z1, z1, z0);
-    (void)sp_3072_add_28(r + 14, r + 14, z1);
-    sp_3072_norm_56(r);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_56(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 56; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_56(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 56; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_28(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 24; i += 8) {
-        a[i+1] += a[i+0] >> 28; a[i+0] &= 0xfffffff;
-        a[i+2] += a[i+1] >> 28; a[i+1] &= 0xfffffff;
-        a[i+3] += a[i+2] >> 28; a[i+2] &= 0xfffffff;
-        a[i+4] += a[i+3] >> 28; a[i+3] &= 0xfffffff;
-        a[i+5] += a[i+4] >> 28; a[i+4] &= 0xfffffff;
-        a[i+6] += a[i+5] >> 28; a[i+5] &= 0xfffffff;
-        a[i+7] += a[i+6] >> 28; a[i+6] &= 0xfffffff;
-        a[i+8] += a[i+7] >> 28; a[i+7] &= 0xfffffff;
-    }
-    a[25] += a[24] >> 28; a[24] &= 0xfffffff;
-    a[26] += a[25] >> 28; a[25] &= 0xfffffff;
-    a[27] += a[26] >> 28; a[26] &= 0xfffffff;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_56(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[56];
-    sp_digit* a1 = z1;
-    sp_digit b1[28];
-    sp_digit* z2 = r + 56;
-    (void)sp_3072_add_28(a1, a, &a[28]);
-    sp_3072_norm_28(a1);
-    (void)sp_3072_add_28(b1, b, &b[28]);
-    sp_3072_norm_28(b1);
-    sp_3072_mul_28(z2, &a[28], &b[28]);
-    sp_3072_mul_28(z0, a, b);
-    sp_3072_mul_28(z1, a1, b1);
-    (void)sp_3072_sub_56(z1, z1, z2);
-    (void)sp_3072_sub_56(z1, z1, z0);
-    (void)sp_3072_add_56(r + 28, r + 28, z1);
-    sp_3072_norm_112(r);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_112(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 112; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_112(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 112; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-
-    return 0;
-}
-
-/* Normalize the values in each word to 28 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_224(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 216; i += 8) {
-        a[i+1] += a[i+0] >> 28; a[i+0] &= 0xfffffff;
-        a[i+2] += a[i+1] >> 28; a[i+1] &= 0xfffffff;
-        a[i+3] += a[i+2] >> 28; a[i+2] &= 0xfffffff;
-        a[i+4] += a[i+3] >> 28; a[i+3] &= 0xfffffff;
-        a[i+5] += a[i+4] >> 28; a[i+4] &= 0xfffffff;
-        a[i+6] += a[i+5] >> 28; a[i+5] &= 0xfffffff;
-        a[i+7] += a[i+6] >> 28; a[i+6] &= 0xfffffff;
-        a[i+8] += a[i+7] >> 28; a[i+7] &= 0xfffffff;
-    }
-    a[217] += a[216] >> 28; a[216] &= 0xfffffff;
-    a[218] += a[217] >> 28; a[217] &= 0xfffffff;
-    a[219] += a[218] >> 28; a[218] &= 0xfffffff;
-    a[220] += a[219] >> 28; a[219] &= 0xfffffff;
-    a[221] += a[220] >> 28; a[220] &= 0xfffffff;
-    a[222] += a[221] >> 28; a[221] &= 0xfffffff;
-    a[223] += a[222] >> 28; a[222] &= 0xfffffff;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_112(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[112];
-    sp_digit* a1 = z1;
-    sp_digit b1[56];
-    sp_digit* z2 = r + 112;
-    (void)sp_3072_add_56(a1, a, &a[56]);
-    sp_3072_norm_56(a1);
-    (void)sp_3072_add_56(b1, b, &b[56]);
-    sp_3072_norm_56(b1);
-    sp_3072_mul_56(z2, &a[56], &b[56]);
-    sp_3072_mul_56(z0, a, b);
-    sp_3072_mul_56(z1, a1, b1);
-    (void)sp_3072_sub_112(z1, z1, z2);
-    (void)sp_3072_sub_112(z1, z1, z0);
-    (void)sp_3072_add_112(r + 56, r + 56, z1);
-    sp_3072_norm_224(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_14(sp_digit* r, const sp_digit* a)
-{
-    sp_uint64 t0;
-    sp_uint64 t1;
-    sp_digit t[14];
-
-    t0 =  ((sp_uint64)a[ 0]) * a[ 0];
-    t1 = (((sp_uint64)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 0]) * a[ 2]) * 2
-       +  ((sp_uint64)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 0]) * a[ 3]
-       +  ((sp_uint64)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 0]) * a[ 4]
-       +  ((sp_uint64)a[ 1]) * a[ 3]) * 2
-       +  ((sp_uint64)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 0]) * a[ 5]
-       +  ((sp_uint64)a[ 1]) * a[ 4]
-       +  ((sp_uint64)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 0]) * a[ 6]
-       +  ((sp_uint64)a[ 1]) * a[ 5]
-       +  ((sp_uint64)a[ 2]) * a[ 4]) * 2
-       +  ((sp_uint64)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 0]) * a[ 7]
-       +  ((sp_uint64)a[ 1]) * a[ 6]
-       +  ((sp_uint64)a[ 2]) * a[ 5]
-       +  ((sp_uint64)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 0]) * a[ 8]
-       +  ((sp_uint64)a[ 1]) * a[ 7]
-       +  ((sp_uint64)a[ 2]) * a[ 6]
-       +  ((sp_uint64)a[ 3]) * a[ 5]) * 2
-       +  ((sp_uint64)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 0]) * a[ 9]
-       +  ((sp_uint64)a[ 1]) * a[ 8]
-       +  ((sp_uint64)a[ 2]) * a[ 7]
-       +  ((sp_uint64)a[ 3]) * a[ 6]
-       +  ((sp_uint64)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 0]) * a[10]
-       +  ((sp_uint64)a[ 1]) * a[ 9]
-       +  ((sp_uint64)a[ 2]) * a[ 8]
-       +  ((sp_uint64)a[ 3]) * a[ 7]
-       +  ((sp_uint64)a[ 4]) * a[ 6]) * 2
-       +  ((sp_uint64)a[ 5]) * a[ 5];
-    t[ 9] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 0]) * a[11]
-       +  ((sp_uint64)a[ 1]) * a[10]
-       +  ((sp_uint64)a[ 2]) * a[ 9]
-       +  ((sp_uint64)a[ 3]) * a[ 8]
-       +  ((sp_uint64)a[ 4]) * a[ 7]
-       +  ((sp_uint64)a[ 5]) * a[ 6]) * 2;
-    t[10] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 0]) * a[12]
-       +  ((sp_uint64)a[ 1]) * a[11]
-       +  ((sp_uint64)a[ 2]) * a[10]
-       +  ((sp_uint64)a[ 3]) * a[ 9]
-       +  ((sp_uint64)a[ 4]) * a[ 8]
-       +  ((sp_uint64)a[ 5]) * a[ 7]) * 2
-       +  ((sp_uint64)a[ 6]) * a[ 6];
-    t[11] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 0]) * a[13]
-       +  ((sp_uint64)a[ 1]) * a[12]
-       +  ((sp_uint64)a[ 2]) * a[11]
-       +  ((sp_uint64)a[ 3]) * a[10]
-       +  ((sp_uint64)a[ 4]) * a[ 9]
-       +  ((sp_uint64)a[ 5]) * a[ 8]
-       +  ((sp_uint64)a[ 6]) * a[ 7]) * 2;
-    t[12] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 1]) * a[13]
-       +  ((sp_uint64)a[ 2]) * a[12]
-       +  ((sp_uint64)a[ 3]) * a[11]
-       +  ((sp_uint64)a[ 4]) * a[10]
-       +  ((sp_uint64)a[ 5]) * a[ 9]
-       +  ((sp_uint64)a[ 6]) * a[ 8]) * 2
-       +  ((sp_uint64)a[ 7]) * a[ 7];
-    t[13] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 2]) * a[13]
-       +  ((sp_uint64)a[ 3]) * a[12]
-       +  ((sp_uint64)a[ 4]) * a[11]
-       +  ((sp_uint64)a[ 5]) * a[10]
-       +  ((sp_uint64)a[ 6]) * a[ 9]
-       +  ((sp_uint64)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 3]) * a[13]
-       +  ((sp_uint64)a[ 4]) * a[12]
-       +  ((sp_uint64)a[ 5]) * a[11]
-       +  ((sp_uint64)a[ 6]) * a[10]
-       +  ((sp_uint64)a[ 7]) * a[ 9]) * 2
-       +  ((sp_uint64)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 4]) * a[13]
-       +  ((sp_uint64)a[ 5]) * a[12]
-       +  ((sp_uint64)a[ 6]) * a[11]
-       +  ((sp_uint64)a[ 7]) * a[10]
-       +  ((sp_uint64)a[ 8]) * a[ 9]) * 2;
-    r[16] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 5]) * a[13]
-       +  ((sp_uint64)a[ 6]) * a[12]
-       +  ((sp_uint64)a[ 7]) * a[11]
-       +  ((sp_uint64)a[ 8]) * a[10]) * 2
-       +  ((sp_uint64)a[ 9]) * a[ 9];
-    r[17] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 6]) * a[13]
-       +  ((sp_uint64)a[ 7]) * a[12]
-       +  ((sp_uint64)a[ 8]) * a[11]
-       +  ((sp_uint64)a[ 9]) * a[10]) * 2;
-    r[18] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 7]) * a[13]
-       +  ((sp_uint64)a[ 8]) * a[12]
-       +  ((sp_uint64)a[ 9]) * a[11]) * 2
-       +  ((sp_uint64)a[10]) * a[10];
-    r[19] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[ 8]) * a[13]
-       +  ((sp_uint64)a[ 9]) * a[12]
-       +  ((sp_uint64)a[10]) * a[11]) * 2;
-    r[20] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[ 9]) * a[13]
-       +  ((sp_uint64)a[10]) * a[12]) * 2
-       +  ((sp_uint64)a[11]) * a[11];
-    r[21] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[10]) * a[13]
-       +  ((sp_uint64)a[11]) * a[12]) * 2;
-    r[22] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 = (((sp_uint64)a[11]) * a[13]) * 2
-       +  ((sp_uint64)a[12]) * a[12];
-    r[23] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    t1 = (((sp_uint64)a[12]) * a[13]) * 2;
-    r[24] = (sp_digit)(t0 & 0xfffffff); t1 += t0 >> 28;
-    t0 =  ((sp_uint64)a[13]) * a[13];
-    r[25] = (sp_digit)(t1 & 0xfffffff); t0 += t1 >> 28;
-    r[26] = (sp_digit)(t0 & 0xfffffff);
-    r[27] = (sp_digit)(t0 >> 28);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_28(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[28];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 28;
-    (void)sp_3072_add_14(a1, a, &a[14]);
-    sp_3072_norm_14(a1);
-    sp_3072_sqr_14(z2, &a[14]);
-    sp_3072_sqr_14(z0, a);
-    sp_3072_sqr_14(z1, a1);
-    (void)sp_3072_sub_28(z1, z1, z2);
-    (void)sp_3072_sub_28(z1, z1, z0);
-    (void)sp_3072_add_28(r + 14, r + 14, z1);
-    sp_3072_norm_56(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_56(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[56];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 56;
-    (void)sp_3072_add_28(a1, a, &a[28]);
-    sp_3072_norm_28(a1);
-    sp_3072_sqr_28(z2, &a[28]);
-    sp_3072_sqr_28(z0, a);
-    sp_3072_sqr_28(z1, a1);
-    (void)sp_3072_sub_56(z1, z1, z2);
-    (void)sp_3072_sub_56(z1, z1, z0);
-    (void)sp_3072_add_56(r + 28, r + 28, z1);
-    sp_3072_norm_112(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_112(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[112];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 112;
-    (void)sp_3072_add_56(a1, a, &a[56]);
-    sp_3072_norm_56(a1);
-    sp_3072_sqr_56(z2, &a[56]);
-    sp_3072_sqr_56(z0, a);
-    sp_3072_sqr_56(z1, a1);
-    (void)sp_3072_sub_112(z1, z1, z2);
-    (void)sp_3072_sub_112(z1, z1, z0);
-    (void)sp_3072_add_112(r + 56, r + 56, z1);
-    sp_3072_norm_224(r);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x &= 0xfffffff;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 28) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_112(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 112; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[112] = (sp_digit)(t & 0xfffffff);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_56(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = 0xfffffff;
-        r[i + 1] = 0xfffffff;
-        r[i + 2] = 0xfffffff;
-        r[i + 3] = 0xfffffff;
-        r[i + 4] = 0xfffffff;
-        r[i + 5] = 0xfffffff;
-        r[i + 6] = 0xfffffff;
-        r[i + 7] = 0xfffffff;
-    }
-    r[48] = 0xfffffff;
-    r[49] = 0xfffffff;
-    r[50] = 0xfffffff;
-    r[51] = 0xfffffff;
-    r[52] = 0xfffffff;
-    r[53] = 0xfffffff;
-    r[54] = 0xffffffL;
-    r[55] = 0;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_56(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_56(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i = 48; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 27);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_56(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 56; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_56(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 56; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0xfffffff;
-        t >>= 28;
-    }
-    r[56] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 48; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0xfffffff);
-        t[1] += t[0] >> 28;
-        r[i+1] = (sp_digit)(t[1] & 0xfffffff);
-        t[2] += t[1] >> 28;
-        r[i+2] = (sp_digit)(t[2] & 0xfffffff);
-        t[3] += t[2] >> 28;
-        r[i+3] = (sp_digit)(t[3] & 0xfffffff);
-        t[4] += t[3] >> 28;
-        r[i+4] = (sp_digit)(t[4] & 0xfffffff);
-        t[5] += t[4] >> 28;
-        r[i+5] = (sp_digit)(t[5] & 0xfffffff);
-        t[6] += t[5] >> 28;
-        r[i+6] = (sp_digit)(t[6] & 0xfffffff);
-        t[7] += t[6] >> 28;
-        r[i+7] = (sp_digit)(t[7] & 0xfffffff);
-        t[0]  = t[7] >> 28;
-    }
-    t[0] += (tb * a[48]) + r[48];
-    t[1]  = (tb * a[49]) + r[49];
-    t[2]  = (tb * a[50]) + r[50];
-    t[3]  = (tb * a[51]) + r[51];
-    t[4]  = (tb * a[52]) + r[52];
-    t[5]  = (tb * a[53]) + r[53];
-    t[6]  = (tb * a[54]) + r[54];
-    t[7]  = (tb * a[55]) + r[55];
-    r[48] = (sp_digit)(t[0] & 0xfffffff);
-    t[1] += t[0] >> 28;
-    r[49] = (sp_digit)(t[1] & 0xfffffff);
-    t[2] += t[1] >> 28;
-    r[50] = (sp_digit)(t[2] & 0xfffffff);
-    t[3] += t[2] >> 28;
-    r[51] = (sp_digit)(t[3] & 0xfffffff);
-    t[4] += t[3] >> 28;
-    r[52] = (sp_digit)(t[4] & 0xfffffff);
-    t[5] += t[4] >> 28;
-    r[53] = (sp_digit)(t[5] & 0xfffffff);
-    t[6] += t[5] >> 28;
-    r[54] = (sp_digit)(t[6] & 0xfffffff);
-    t[7] += t[6] >> 28;
-    r[55] = (sp_digit)(t[7] & 0xfffffff);
-    r[56] +=  (sp_digit)(t[7] >> 28);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 1536 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_56(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[54] >> 24;
-    n += ((sp_int64)a[55]) << 4;
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 56]) << 4;
-        r[i + 1] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 57]) << 4;
-        r[i + 2] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 58]) << 4;
-        r[i + 3] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 59]) << 4;
-        r[i + 4] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 60]) << 4;
-        r[i + 5] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 61]) << 4;
-        r[i + 6] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 62]) << 4;
-        r[i + 7] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 63]) << 4;
-    }
-    r[48] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[104]) << 4;
-    r[49] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[105]) << 4;
-    r[50] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[106]) << 4;
-    r[51] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[107]) << 4;
-    r[52] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[108]) << 4;
-    r[53] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[109]) << 4;
-    r[54] = (sp_digit)n;
-    XMEMSET(&r[55], 0, sizeof(*r) * 55U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_56(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_56(a + 55);
-
-    for (i=0; i<54; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffff);
-        sp_3072_mul_add_56(a+i, m, mu);
-        a[i+1] += a[i] >> 28;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xffffffL);
-    sp_3072_mul_add_56(a+i, m, mu);
-    a[i+1] += a[i] >> 28;
-    a[i] &= 0xfffffff;
-    sp_3072_mont_shift_56(a, a);
-    over = a[54] - m[54];
-    sp_3072_cond_sub_56(a, a, m, ~((over - 1) >> 31));
-    sp_3072_norm_56(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_56(r, a, b);
-    sp_3072_mont_reduce_56(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_56(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_56(r, a);
-    sp_3072_mont_reduce_56(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_56(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 56; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[56] = (sp_digit)(t & 0xfffffff);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_56(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 56; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_3072_rshift_56(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<48; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (28 - n)) & 0xfffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (28 - n)) & 0xfffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (28 - n)) & 0xfffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (28 - n)) & 0xfffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (28 - n)) & 0xfffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (28 - n)) & 0xfffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (28 - n)) & 0xfffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (28 - n)) & 0xfffffff);
-    }
-    r[48] = (a[48] >> n) | (sp_digit)((a[49] << (28 - n)) & 0xfffffff);
-    r[49] = (a[49] >> n) | (sp_digit)((a[50] << (28 - n)) & 0xfffffff);
-    r[50] = (a[50] >> n) | (sp_digit)((a[51] << (28 - n)) & 0xfffffff);
-    r[51] = (a[51] >> n) | (sp_digit)((a[52] << (28 - n)) & 0xfffffff);
-    r[52] = (a[52] >> n) | (sp_digit)((a[53] << (28 - n)) & 0xfffffff);
-    r[53] = (a[53] >> n) | (sp_digit)((a[54] << (28 - n)) & 0xfffffff);
-    r[54] = (a[54] >> n) | (sp_digit)((a[55] << (28 - n)) & 0xfffffff);
-    r[55] = a[55] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_56(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 28);
-    sp_digit t0 = (sp_digit)(d & 0xfffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 26; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 27) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 28);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 56) - (sp_digit)(d >> 56);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 13) + 1;
-
-    t = (sp_digit)(d >> 26);
-    t = (t / dv) << 13;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 11);
-    t = t / (dv << 2);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_56(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_56(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 56 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 56 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 112 + 1;
-        sd = t2 + 56 + 1;
-
-        sp_3072_mul_d_56(sd, d, (sp_digit)1 << 4);
-        sp_3072_mul_d_112(t1, a, (sp_digit)1 << 4);
-        dv = sd[54];
-        t1[55 + 55] += t1[55 + 55 - 1] >> 28;
-        t1[55 + 55 - 1] &= 0xfffffff;
-        for (i=55; i>=0; i--) {
-            r1 = sp_3072_div_word_56(t1[55 + i], t1[55 + i - 1], dv);
-
-            sp_3072_mul_d_56(t2, sd, r1);
-            (void)sp_3072_sub_56(&t1[i], &t1[i], t2);
-            sp_3072_norm_55(&t1[i]);
-            t1[55 + i] += t1[55 + i - 1] >> 28;
-            t1[55 + i - 1] &= 0xfffffff;
-            r1 = sp_3072_div_word_56(-t1[55 + i], -t1[55 + i - 1], dv);
-            r1 -= t1[55 + i];
-            sp_3072_mul_d_56(t2, sd, r1);
-            (void)sp_3072_add_56(&t1[i], &t1[i], t2);
-            t1[55 + i] += t1[55 + i - 1] >> 28;
-            t1[55 + i - 1] &= 0xfffffff;
-        }
-        t1[55 - 1] += t1[55 - 2] >> 28;
-        t1[55 - 2] &= 0xfffffff;
-        r1 = sp_3072_word_div_word_56(t1[55 - 1], dv);
-
-        sp_3072_mul_d_56(t2, sd, r1);
-        sp_3072_sub_56(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 112U);
-        for (i=0; i<54; i++) {
-            r[i+1] += r[i] >> 28;
-            r[i] &= 0xfffffff;
-        }
-        sp_3072_cond_add_56(r, r, sd, r[54] >> 31);
-
-        sp_3072_norm_55(r);
-        sp_3072_rshift_56(r, r, 4);
-        r[55] = 0;
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_56(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_56(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_56(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 112);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 112, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 56 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 56U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_56(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_56(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 56U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_56(t[1], t[1], norm);
-        err = sp_3072_mod_56(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 28;
-        c = bits % 28;
-        n = e[i--] << (28 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 28;
-            }
-
-            y = (int)((n >> 27) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_56(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 56 * 2);
-            sp_3072_mont_sqr_56(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 56 * 2);
-        }
-
-        sp_3072_mont_reduce_56(t[0], m, mp);
-        n = sp_3072_cmp_56(t[0], m);
-        sp_3072_cond_sub_56(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 56 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 112);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 112, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 56 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_56(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_56(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_56(t[1], t[1], norm);
-                err = sp_3072_mod_56(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_56(t[1], a, norm);
-            err = sp_3072_mod_56(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 28;
-        c = bits % 28;
-        n = e[i--] << (28 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 28;
-            }
-
-            y = (int)((n >> 27) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_56(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 56 * 2);
-            sp_3072_mont_sqr_56(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 56 * 2);
-        }
-
-        sp_3072_mont_reduce_56(t[0], m, mp);
-        n = sp_3072_cmp_56(t[0], m);
-        sp_3072_cond_sub_56(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 56 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 112) + 112);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 112) + 112, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 112;
-        rt = td + 3584;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_56(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_56(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_56(t[1], t[1], norm);
-                err = sp_3072_mod_56(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_56(t[1], a, norm);
-            err = sp_3072_mod_56(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_56(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_56(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_56(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_56(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_56(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_56(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_56(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_56(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_56(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_56(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_56(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_56(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_56(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_56(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_56(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_56(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_56(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_56(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_56(t[20], t[10], m, mp);
-        sp_3072_mont_mul_56(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_56(t[22], t[11], m, mp);
-        sp_3072_mont_mul_56(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_56(t[24], t[12], m, mp);
-        sp_3072_mont_mul_56(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_56(t[26], t[13], m, mp);
-        sp_3072_mont_mul_56(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_56(t[28], t[14], m, mp);
-        sp_3072_mont_mul_56(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_56(t[30], t[15], m, mp);
-        sp_3072_mont_mul_56(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 27) / 28) - 1;
-        c = bits % 28;
-        if (c == 0) {
-            c = 28;
-        }
-        if (i < 56) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (4 - c);
-            c += 28;
-        }
-        y = (int)((n >> 27) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 112);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 4;
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c = 23;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n = e[i--] << 4;
-                c = 5 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 28 - c;
-            }
-
-            sp_3072_mont_sqr_56(rt, rt, m, mp);
-            sp_3072_mont_sqr_56(rt, rt, m, mp);
-            sp_3072_mont_sqr_56(rt, rt, m, mp);
-            sp_3072_mont_sqr_56(rt, rt, m, mp);
-            sp_3072_mont_sqr_56(rt, rt, m, mp);
-
-            sp_3072_mont_mul_56(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_56(rt, m, mp);
-        n = sp_3072_cmp_56(rt, m);
-        sp_3072_cond_sub_56(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 112);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_112(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 104; i += 8) {
-        r[i + 0] = 0xfffffff;
-        r[i + 1] = 0xfffffff;
-        r[i + 2] = 0xfffffff;
-        r[i + 3] = 0xfffffff;
-        r[i + 4] = 0xfffffff;
-        r[i + 5] = 0xfffffff;
-        r[i + 6] = 0xfffffff;
-        r[i + 7] = 0xfffffff;
-    }
-    r[104] = 0xfffffff;
-    r[105] = 0xfffffff;
-    r[106] = 0xfffffff;
-    r[107] = 0xfffffff;
-    r[108] = 0xfffffff;
-    r[109] = 0xfffffL;
-    r[110] = 0;
-    r[111] = 0;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_112(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_112(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i = 104; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 27);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 27);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_112(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 112; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_112(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 112; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0xfffffff;
-        t >>= 28;
-    }
-    r[112] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 104; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0xfffffff);
-        t[1] += t[0] >> 28;
-        r[i+1] = (sp_digit)(t[1] & 0xfffffff);
-        t[2] += t[1] >> 28;
-        r[i+2] = (sp_digit)(t[2] & 0xfffffff);
-        t[3] += t[2] >> 28;
-        r[i+3] = (sp_digit)(t[3] & 0xfffffff);
-        t[4] += t[3] >> 28;
-        r[i+4] = (sp_digit)(t[4] & 0xfffffff);
-        t[5] += t[4] >> 28;
-        r[i+5] = (sp_digit)(t[5] & 0xfffffff);
-        t[6] += t[5] >> 28;
-        r[i+6] = (sp_digit)(t[6] & 0xfffffff);
-        t[7] += t[6] >> 28;
-        r[i+7] = (sp_digit)(t[7] & 0xfffffff);
-        t[0]  = t[7] >> 28;
-    }
-    t[0] += (tb * a[104]) + r[104];
-    t[1]  = (tb * a[105]) + r[105];
-    t[2]  = (tb * a[106]) + r[106];
-    t[3]  = (tb * a[107]) + r[107];
-    t[4]  = (tb * a[108]) + r[108];
-    t[5]  = (tb * a[109]) + r[109];
-    t[6]  = (tb * a[110]) + r[110];
-    t[7]  = (tb * a[111]) + r[111];
-    r[104] = (sp_digit)(t[0] & 0xfffffff);
-    t[1] += t[0] >> 28;
-    r[105] = (sp_digit)(t[1] & 0xfffffff);
-    t[2] += t[1] >> 28;
-    r[106] = (sp_digit)(t[2] & 0xfffffff);
-    t[3] += t[2] >> 28;
-    r[107] = (sp_digit)(t[3] & 0xfffffff);
-    t[4] += t[3] >> 28;
-    r[108] = (sp_digit)(t[4] & 0xfffffff);
-    t[5] += t[4] >> 28;
-    r[109] = (sp_digit)(t[5] & 0xfffffff);
-    t[6] += t[5] >> 28;
-    r[110] = (sp_digit)(t[6] & 0xfffffff);
-    t[7] += t[6] >> 28;
-    r[111] = (sp_digit)(t[7] & 0xfffffff);
-    r[112] +=  (sp_digit)(t[7] >> 28);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 3072 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_112(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[109] >> 20;
-    n += ((sp_int64)a[110]) << 8;
-    for (i = 0; i < 104; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 111]) << 8;
-        r[i + 1] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 112]) << 8;
-        r[i + 2] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 113]) << 8;
-        r[i + 3] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 114]) << 8;
-        r[i + 4] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 115]) << 8;
-        r[i + 5] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 116]) << 8;
-        r[i + 6] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 117]) << 8;
-        r[i + 7] = (sp_digit)(n & 0xfffffff);
-        n >>= 28; n += ((sp_int64)a[i + 118]) << 8;
-    }
-    r[104] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[215]) << 8;
-    r[105] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[216]) << 8;
-    r[106] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[217]) << 8;
-    r[107] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[218]) << 8;
-    r[108] = (sp_digit)(n & 0xfffffff); n >>= 28; n += ((sp_int64)a[219]) << 8;
-    r[109] = (sp_digit)n;
-    XMEMSET(&r[110], 0, sizeof(*r) * 110U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_112(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_112(a + 110);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<109; i++) {
-            mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffff);
-            sp_3072_mul_add_112(a+i, m, mu);
-            a[i+1] += a[i] >> 28;
-        }
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffL);
-        sp_3072_mul_add_112(a+i, m, mu);
-        a[i+1] += a[i] >> 28;
-        a[i] &= 0xfffffff;
-    }
-    else {
-        for (i=0; i<109; i++) {
-            mu = (sp_digit)(a[i] & 0xfffffff);
-            sp_3072_mul_add_112(a+i, m, mu);
-            a[i+1] += a[i] >> 28;
-        }
-        mu = (sp_digit)(a[i] & 0xfffffL);
-        sp_3072_mul_add_112(a+i, m, mu);
-        a[i+1] += a[i] >> 28;
-        a[i] &= 0xfffffff;
-    }
-#else
-    for (i=0; i<109; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffff);
-        sp_3072_mul_add_112(a+i, m, mu);
-        a[i+1] += a[i] >> 28;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffL);
-    sp_3072_mul_add_112(a+i, m, mu);
-    a[i+1] += a[i] >> 28;
-    a[i] &= 0xfffffff;
-#endif
-    sp_3072_mont_shift_112(a, a);
-    over = a[109] - m[109];
-    sp_3072_cond_sub_112(a, a, m, ~((over - 1) >> 31));
-    sp_3072_norm_112(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_112(r, a, b);
-    sp_3072_mont_reduce_112(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_112(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_112(r, a);
-    sp_3072_mont_reduce_112(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_224(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 224; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0xfffffff);
-        t >>= 28;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[224] = (sp_digit)(t & 0xfffffff);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_112(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 112; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_3072_rshift_112(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<104; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (28 - n)) & 0xfffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (28 - n)) & 0xfffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (28 - n)) & 0xfffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (28 - n)) & 0xfffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (28 - n)) & 0xfffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (28 - n)) & 0xfffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (28 - n)) & 0xfffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (28 - n)) & 0xfffffff);
-    }
-    r[104] = (a[104] >> n) | (sp_digit)((a[105] << (28 - n)) & 0xfffffff);
-    r[105] = (a[105] >> n) | (sp_digit)((a[106] << (28 - n)) & 0xfffffff);
-    r[106] = (a[106] >> n) | (sp_digit)((a[107] << (28 - n)) & 0xfffffff);
-    r[107] = (a[107] >> n) | (sp_digit)((a[108] << (28 - n)) & 0xfffffff);
-    r[108] = (a[108] >> n) | (sp_digit)((a[109] << (28 - n)) & 0xfffffff);
-    r[109] = (a[109] >> n) | (sp_digit)((a[110] << (28 - n)) & 0xfffffff);
-    r[110] = (a[110] >> n) | (sp_digit)((a[111] << (28 - n)) & 0xfffffff);
-    r[111] = a[111] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_112(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 28);
-    sp_digit t0 = (sp_digit)(d & 0xfffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 26; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 27) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 28);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 56) - (sp_digit)(d >> 56);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 28) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 13) + 1;
-
-    t = (sp_digit)(d >> 26);
-    t = (t / dv) << 13;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 11);
-    t = t / (dv << 2);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_112(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_112(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 112 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 112 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 224 + 1;
-        sd = t2 + 112 + 1;
-
-        sp_3072_mul_d_112(sd, d, (sp_digit)1 << 8);
-        sp_3072_mul_d_224(t1, a, (sp_digit)1 << 8);
-        dv = sd[109];
-        t1[110 + 110] += t1[110 + 110 - 1] >> 28;
-        t1[110 + 110 - 1] &= 0xfffffff;
-        for (i=110; i>=0; i--) {
-            r1 = sp_3072_div_word_112(t1[110 + i], t1[110 + i - 1], dv);
-
-            sp_3072_mul_d_112(t2, sd, r1);
-            (void)sp_3072_sub_112(&t1[i], &t1[i], t2);
-            sp_3072_norm_110(&t1[i]);
-            t1[110 + i] += t1[110 + i - 1] >> 28;
-            t1[110 + i - 1] &= 0xfffffff;
-            r1 = sp_3072_div_word_112(-t1[110 + i], -t1[110 + i - 1], dv);
-            r1 -= t1[110 + i];
-            sp_3072_mul_d_112(t2, sd, r1);
-            (void)sp_3072_add_112(&t1[i], &t1[i], t2);
-            t1[110 + i] += t1[110 + i - 1] >> 28;
-            t1[110 + i - 1] &= 0xfffffff;
-        }
-        t1[110 - 1] += t1[110 - 2] >> 28;
-        t1[110 - 2] &= 0xfffffff;
-        r1 = sp_3072_word_div_word_112(t1[110 - 1], dv);
-
-        sp_3072_mul_d_112(t2, sd, r1);
-        sp_3072_sub_112(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 224U);
-        for (i=0; i<109; i++) {
-            r[i+1] += r[i] >> 28;
-            r[i] &= 0xfffffff;
-        }
-        sp_3072_cond_add_112(r, r, sd, r[109] >> 31);
-
-        sp_3072_norm_110(r);
-        sp_3072_rshift_112(r, r, 8);
-        r[110] = 0;
-        r[111] = 0;
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_112(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_112(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_112(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 224);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 224, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 112 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 112U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_112(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_112(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 112U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_112(t[1], t[1], norm);
-        err = sp_3072_mod_112(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 28;
-        c = bits % 28;
-        n = e[i--] << (28 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 28;
-            }
-
-            y = (int)((n >> 27) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_112(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 112 * 2);
-            sp_3072_mont_sqr_112(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 112 * 2);
-        }
-
-        sp_3072_mont_reduce_112(t[0], m, mp);
-        n = sp_3072_cmp_112(t[0], m);
-        sp_3072_cond_sub_112(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 112 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 224);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 224, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 112 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_112(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_112(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_112(t[1], t[1], norm);
-                err = sp_3072_mod_112(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_112(t[1], a, norm);
-            err = sp_3072_mod_112(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 28;
-        c = bits % 28;
-        n = e[i--] << (28 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 28;
-            }
-
-            y = (int)((n >> 27) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_112(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 112 * 2);
-            sp_3072_mont_sqr_112(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 112 * 2);
-        }
-
-        sp_3072_mont_reduce_112(t[0], m, mp);
-        n = sp_3072_cmp_112(t[0], m);
-        sp_3072_cond_sub_112(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 112 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 224) + 224);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 224) + 224, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 224;
-        rt = td + 3584;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_112(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_112(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_112(t[1], t[1], norm);
-                err = sp_3072_mod_112(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_112(t[1], a, norm);
-            err = sp_3072_mod_112(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_112(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_112(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_112(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_112(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_112(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_112(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_112(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_112(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_112(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_112(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_112(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_112(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_112(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_112(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 27) / 28) - 1;
-        c = bits % 28;
-        if (c == 0) {
-            c = 28;
-        }
-        if (i < 112) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (4 - c);
-            c += 28;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 224);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 4;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 24;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 4;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 28 - c;
-            }
-
-            sp_3072_mont_sqr_112(rt, rt, m, mp);
-            sp_3072_mont_sqr_112(rt, rt, m, mp);
-            sp_3072_mont_sqr_112(rt, rt, m, mp);
-            sp_3072_mont_sqr_112(rt, rt, m, mp);
-
-            sp_3072_mont_mul_112(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_112(rt, m, mp);
-        n = sp_3072_cmp_112(rt, m);
-        sp_3072_cond_sub_112(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 224);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) || */
-       /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 112 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 112 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 112 * 2;
-        m = r + 112 * 2;
-        norm = r;
-
-        sp_3072_from_bin(a, 112, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 112, mm);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_112(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_112(a, a, norm);
-        err = sp_3072_mod_112(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 112 * 2);
-        for (i--; i>=0; i--) {
-            sp_3072_mont_sqr_112(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_3072_mont_mul_112(r, r, a, m, mp);
-            }
-        }
-        sp_3072_mont_reduce_112(r, m, mp);
-        mp = sp_3072_cmp_112(r, m);
-        sp_3072_cond_sub_112(r, r, m, ~(mp >> 31));
-
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 112 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 112 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 112 * 2;
-        m = r + 112 * 2;
-
-        sp_3072_from_bin(a, 112, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 112, mm);
-
-        if (e[0] == 0x3) {
-            sp_3072_sqr_112(r, a);
-            err = sp_3072_mod_112(r, r, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_112(r, a, r);
-                err = sp_3072_mod_112(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-            sp_3072_mont_norm_112(norm, m);
-
-            sp_3072_mul_112(a, a, norm);
-            err = sp_3072_mod_112(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 224U);
-                for (i--; i>=0; i--) {
-                    sp_3072_mont_sqr_112(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_112(r, r, a, m, mp);
-                    }
-                }
-                sp_3072_mont_reduce_112(r, m, mp);
-                mp = sp_3072_cmp_112(r, m);
-                sp_3072_cond_sub_112(r, r, m, ~(mp >> 31));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 112 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 112 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 112;
-        m = a + 224;
-        r = a;
-
-        sp_3072_from_bin(a, 112, in, inLen);
-        sp_3072_from_mp(d, 112, dm);
-        sp_3072_from_mp(m, 112, mm);
-        err = sp_3072_mod_exp_112(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 112, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 112 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 112 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 112;
-        m = a + 224;
-        r = a;
-
-        sp_3072_from_bin(a, 112, in, inLen);
-        sp_3072_from_mp(d, 112, dm);
-        sp_3072_from_mp(m, 112, mm);
-        err = sp_3072_mod_exp_112(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 112, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 56 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 56 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 112;
-        qi = dq = dp = p + 56;
-        tmpa = qi + 56;
-        tmpb = tmpa + 112;
-        r = a;
-
-        sp_3072_from_bin(a, 112, in, inLen);
-        sp_3072_from_mp(p, 56, pm);
-        sp_3072_from_mp(dp, 56, dpm);
-        err = sp_3072_mod_exp_56(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 56, qm);
-        sp_3072_from_mp(dq, 56, dqm);
-        err = sp_3072_mod_exp_56(tmpb, a, dq, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 56, pm);
-        (void)sp_3072_sub_56(tmpa, tmpa, tmpb);
-        sp_3072_norm_55(tmpa);
-        sp_3072_cond_add_56(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[54] >> 31));
-        sp_3072_cond_add_56(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[54] >> 31));
-        sp_3072_norm_56(tmpa);
-
-        sp_3072_from_mp(qi, 56, qim);
-        sp_3072_mul_56(tmpa, tmpa, qi);
-        err = sp_3072_mod_56(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 56, qm);
-        sp_3072_mul_56(tmpa, p, tmpa);
-        (void)sp_3072_add_112(r, tmpb, tmpa);
-        sp_3072_norm_112(r);
-
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 56 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 56 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 56 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 112 * 2;
-        q = p + 56;
-        dp = q + 56;
-        dq = dp + 56;
-        qi = dq + 56;
-        tmpa = qi + 56;
-        tmpb = tmpa + 112;
-        r = a;
-
-        sp_3072_from_bin(a, 112, in, inLen);
-        sp_3072_from_mp(p, 56, pm);
-        sp_3072_from_mp(q, 56, qm);
-        sp_3072_from_mp(dp, 56, dpm);
-        sp_3072_from_mp(dq, 56, dqm);
-        sp_3072_from_mp(qi, 56, qim);
-
-        err = sp_3072_mod_exp_56(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_3072_mod_exp_56(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_3072_sub_56(tmpa, tmpa, tmpb);
-        sp_3072_norm_55(tmpa);
-        sp_3072_cond_add_56(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[54] >> 31));
-        sp_3072_cond_add_56(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[54] >> 31));
-        sp_3072_norm_56(tmpa);
-        sp_3072_mul_56(tmpa, tmpa, qi);
-        err = sp_3072_mod_56(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_56(tmpa, tmpa, q);
-        (void)sp_3072_add_112(r, tmpb, tmpa);
-        sp_3072_norm_112(r);
-
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 56 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 28
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 110);
-        r->used = 110;
-        mp_clamp(r);
-#elif DIGIT_BIT < 28
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 110; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 28) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 28 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 110; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 28 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 28 - s;
-            }
-            else {
-                s += 28;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 112 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 112 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 112 * 2;
-        m = e + 112;
-        r = b;
-
-        sp_3072_from_mp(b, 112, base);
-        sp_3072_from_mp(e, 112, exp);
-        sp_3072_from_mp(m, 112, mod);
-
-        err = sp_3072_mod_exp_112(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 112U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 112 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 112 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 112 * 2;
-        m = e + 112;
-        r = b;
-
-        sp_3072_from_mp(b, 112, base);
-        sp_3072_from_mp(e, 112, exp);
-        sp_3072_from_mp(m, 112, mod);
-
-        err = sp_3072_mod_exp_112(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 112U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-SP_NOINLINE static void sp_3072_lshift_112(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[111];
-    r[112] = s >> (28U - n);
-    s = (sp_int_digit)(a[111]); t = (sp_int_digit)(a[110]);
-    r[111] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[110]); t = (sp_int_digit)(a[109]);
-    r[110] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[109]); t = (sp_int_digit)(a[108]);
-    r[109] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[108]); t = (sp_int_digit)(a[107]);
-    r[108] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[107]); t = (sp_int_digit)(a[106]);
-    r[107] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[106]); t = (sp_int_digit)(a[105]);
-    r[106] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[105]); t = (sp_int_digit)(a[104]);
-    r[105] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[104]); t = (sp_int_digit)(a[103]);
-    r[104] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[103]); t = (sp_int_digit)(a[102]);
-    r[103] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[102]); t = (sp_int_digit)(a[101]);
-    r[102] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[101]); t = (sp_int_digit)(a[100]);
-    r[101] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[100]); t = (sp_int_digit)(a[99]);
-    r[100] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[99]); t = (sp_int_digit)(a[98]);
-    r[99] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[98]); t = (sp_int_digit)(a[97]);
-    r[98] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[97]); t = (sp_int_digit)(a[96]);
-    r[97] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[96]); t = (sp_int_digit)(a[95]);
-    r[96] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[95]); t = (sp_int_digit)(a[94]);
-    r[95] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[94]); t = (sp_int_digit)(a[93]);
-    r[94] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[93]); t = (sp_int_digit)(a[92]);
-    r[93] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[92]); t = (sp_int_digit)(a[91]);
-    r[92] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[91]); t = (sp_int_digit)(a[90]);
-    r[91] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[90]); t = (sp_int_digit)(a[89]);
-    r[90] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[89]); t = (sp_int_digit)(a[88]);
-    r[89] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[88]); t = (sp_int_digit)(a[87]);
-    r[88] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[87]); t = (sp_int_digit)(a[86]);
-    r[87] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[86]); t = (sp_int_digit)(a[85]);
-    r[86] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[85]); t = (sp_int_digit)(a[84]);
-    r[85] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[84]); t = (sp_int_digit)(a[83]);
-    r[84] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[83]); t = (sp_int_digit)(a[82]);
-    r[83] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[82]); t = (sp_int_digit)(a[81]);
-    r[82] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[81]); t = (sp_int_digit)(a[80]);
-    r[81] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[80]); t = (sp_int_digit)(a[79]);
-    r[80] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[79]); t = (sp_int_digit)(a[78]);
-    r[79] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[78]); t = (sp_int_digit)(a[77]);
-    r[78] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[77]); t = (sp_int_digit)(a[76]);
-    r[77] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[76]); t = (sp_int_digit)(a[75]);
-    r[76] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[75]); t = (sp_int_digit)(a[74]);
-    r[75] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[74]); t = (sp_int_digit)(a[73]);
-    r[74] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[73]); t = (sp_int_digit)(a[72]);
-    r[73] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[72]); t = (sp_int_digit)(a[71]);
-    r[72] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[71]); t = (sp_int_digit)(a[70]);
-    r[71] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[70]); t = (sp_int_digit)(a[69]);
-    r[70] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[69]); t = (sp_int_digit)(a[68]);
-    r[69] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[68]); t = (sp_int_digit)(a[67]);
-    r[68] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[67]); t = (sp_int_digit)(a[66]);
-    r[67] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[66]); t = (sp_int_digit)(a[65]);
-    r[66] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[65]); t = (sp_int_digit)(a[64]);
-    r[65] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[64]); t = (sp_int_digit)(a[63]);
-    r[64] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[63]); t = (sp_int_digit)(a[62]);
-    r[63] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[62]); t = (sp_int_digit)(a[61]);
-    r[62] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[61]); t = (sp_int_digit)(a[60]);
-    r[61] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[60]); t = (sp_int_digit)(a[59]);
-    r[60] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[59]); t = (sp_int_digit)(a[58]);
-    r[59] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[58]); t = (sp_int_digit)(a[57]);
-    r[58] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[57]); t = (sp_int_digit)(a[56]);
-    r[57] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[56]); t = (sp_int_digit)(a[55]);
-    r[56] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[55]); t = (sp_int_digit)(a[54]);
-    r[55] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[54]); t = (sp_int_digit)(a[53]);
-    r[54] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[53]); t = (sp_int_digit)(a[52]);
-    r[53] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[52]); t = (sp_int_digit)(a[51]);
-    r[52] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[51]); t = (sp_int_digit)(a[50]);
-    r[51] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[50]); t = (sp_int_digit)(a[49]);
-    r[50] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[49]); t = (sp_int_digit)(a[48]);
-    r[49] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[48]); t = (sp_int_digit)(a[47]);
-    r[48] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[47]); t = (sp_int_digit)(a[46]);
-    r[47] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[46]); t = (sp_int_digit)(a[45]);
-    r[46] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[45]); t = (sp_int_digit)(a[44]);
-    r[45] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[44]); t = (sp_int_digit)(a[43]);
-    r[44] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[43]); t = (sp_int_digit)(a[42]);
-    r[43] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[42]); t = (sp_int_digit)(a[41]);
-    r[42] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[41]); t = (sp_int_digit)(a[40]);
-    r[41] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[40]); t = (sp_int_digit)(a[39]);
-    r[40] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[39]); t = (sp_int_digit)(a[38]);
-    r[39] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[38]); t = (sp_int_digit)(a[37]);
-    r[38] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[37]); t = (sp_int_digit)(a[36]);
-    r[37] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[36]); t = (sp_int_digit)(a[35]);
-    r[36] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (28U - n))) & 0xfffffff);
-    r[0] = (sp_digit)((a[0] << n) & 0xfffffff);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_112(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 337);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 337, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 224;
-        XMEMSET(td, 0, sizeof(sp_digit) * 337);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_112(norm, m);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 27) / 28) - 1;
-        c = bits % 28;
-        if (c == 0) {
-            c = 28;
-        }
-        if (i < 112) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (4 - c);
-            c += 28;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        sp_3072_lshift_112(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 4;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 24;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 4;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 28 - c;
-            }
-
-            sp_3072_mont_sqr_112(r, r, m, mp);
-            sp_3072_mont_sqr_112(r, r, m, mp);
-            sp_3072_mont_sqr_112(r, r, m, mp);
-            sp_3072_mont_sqr_112(r, r, m, mp);
-
-            sp_3072_lshift_112(r, r, (byte)y);
-            sp_3072_mul_d_112(tmp, norm, (r[110] << 8) + (r[109] >> 20));
-            r[110] = 0;
-            r[109] &= 0xfffffL;
-            (void)sp_3072_add_112(r, r, tmp);
-            sp_3072_norm_112(r);
-            o = sp_3072_cmp_112(r, m);
-            sp_3072_cond_sub_112(r, r, m, ~(o >> 31));
-        }
-
-        sp_3072_mont_reduce_112(r, m, mp);
-        n = sp_3072_cmp_112(r, m);
-        sp_3072_cond_sub_112(r, r, m, (sp_digit)~(n >> 31));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 112 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 112 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 112 * 2;
-        m = e + 112;
-        r = b;
-
-        sp_3072_from_mp(b, 112, base);
-        sp_3072_from_bin(e, 112, exp, expLen);
-        sp_3072_from_mp(m, 112, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2U &&
-                (m[109] >> 4) == 0xffffL) {
-            err = sp_3072_mod_exp_2_112(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_3072_mod_exp_112(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_3072
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_112(r, out);
-        *outLen = 384;
-        for (i=0; i<384U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 112U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 56 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 56 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 56 * 2;
-        m = e + 56;
-        r = b;
-
-        sp_3072_from_mp(b, 56, base);
-        sp_3072_from_mp(e, 56, exp);
-        sp_3072_from_mp(m, 56, mod);
-
-        err = sp_3072_mod_exp_56(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 56, 0, sizeof(*r) * 56U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 112U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 56 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 56 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 56 * 2;
-        m = e + 56;
-        r = b;
-
-        sp_3072_from_mp(b, 56, base);
-        sp_3072_from_mp(e, 56, exp);
-        sp_3072_from_mp(m, 56, mod);
-
-        err = sp_3072_mod_exp_56(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 56, 0, sizeof(*r) * 56U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 112U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-#ifdef WOLFSSL_SP_SMALL
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 21U) {
-            r[j] &= 0x1fffffff;
-            s = 29U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 29
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 28);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 28);
-    }
-#elif DIGIT_BIT > 29
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1fffffff;
-        s = 29U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 29U) <= (word32)DIGIT_BIT) {
-            s += 29U;
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 29) {
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 29 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_142(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<141; i++) {
-        r[i+1] += r[i] >> 29;
-        r[i] &= 0x1fffffff;
-    }
-    j = 4103 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<142 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 29) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 29);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_71(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 70; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_142(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 141; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_142(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[141]) * b[141];
-    r[283] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 281; k >= 0; k--) {
-        if (k >= 142) {
-            i = k - 141;
-            imax = 141;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint64)a[i]) * b[k - i];
-                }
-                c += lo >> 29;
-                lo &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint64)a[i]) * b[k - i];
-            }
-            c += lo >> 29;
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_142(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[141]) * a[141];
-    r[283] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 281; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 141) {
-            imax = k;
-        }
-        else {
-            imax = 141;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint64 hi;
-
-            hi = c >> 29;
-            c &= 0x1fffffff;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint64)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 29;
-                c &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(hi >> 29);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffff);
-            c <<= 29;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint64)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 58);
-            r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-            c = (c & 0x1fffffff) << 29;
-        }
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x &= 0x1fffffff;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 29) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_142(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 142; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[142] = (sp_digit)t;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_71(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 71; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_71(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<70; i++) {
-        r[i] = 0x1fffffff;
-    }
-    r[70] = 0x3ffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_71(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_71(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=70; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_71(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 71; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_71(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 71; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[71] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 68; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[68]) + r[68];
-    t[1]  = (tb * a[69]) + r[69];
-    t[2]  = (tb * a[70]) + r[70];
-    r[68] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[69] = (sp_digit)(t[1] & 0x1fffffff);
-    t[2] += t[1] >> 29;
-    r[70] = (sp_digit)(t[2] & 0x1fffffff);
-    r[71] +=  (sp_digit)(t[2] >> 29);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_71(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[70] >> 18;
-    n += ((sp_int64)a[71]) << 11;
-
-    for (i = 0; i < 70; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[72 + i]) << 11;
-    }
-    r[70] = (sp_digit)n;
-    XMEMSET(&r[71], 0, sizeof(*r) * 71U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_71(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_71(a + 71);
-
-    for (i=0; i<70; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_4096_mul_add_71(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffL);
-    sp_4096_mul_add_71(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-    sp_4096_mont_shift_71(a, a);
-    over = a[70] - m[70];
-    sp_4096_cond_sub_71(a, a, m, ~((over - 1) >> 31));
-    sp_4096_norm_71(a);
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_71(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[70]) * b[70];
-    r[141] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 139; k >= 0; k--) {
-        if (k >= 71) {
-            i = k - 70;
-            imax = 70;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint64)a[i]) * b[k - i];
-                }
-                c += lo >> 29;
-                lo &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint64)a[i]) * b[k - i];
-            }
-            c += lo >> 29;
-            r[k + 2] += (sp_digit)(c >> 29);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-            c = lo & 0x1fffffff;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_71(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_71(r, a, b);
-    sp_4096_mont_reduce_71(r, m, mp);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_71(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[70]) * a[70];
-    r[141] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 139; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 70) {
-            imax = k;
-        }
-        else {
-            imax = 70;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint64 hi;
-
-            hi = c >> 29;
-            c &= 0x1fffffff;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint64)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 29;
-                c &= 0x1fffffff;
-            }
-            r[k + 2] += (sp_digit)(hi >> 29);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffff);
-            c <<= 29;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint64)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 58);
-            r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-            c = (c & 0x1fffffff) << 29;
-        }
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_71(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_71(r, a);
-    sp_4096_mont_reduce_71(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_71(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 71; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[71] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_71(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 71; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_71(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 71; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_4096_rshift_71(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<70; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-    r[70] = a[70] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_71(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 29);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 27; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 28) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 29);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 58) - (sp_digit)(d >> 58);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 14) + 1;
-
-    t = (sp_digit)(d >> 28);
-    t = (t / dv) << 14;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_71(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_71(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 71 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 71 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 142 + 1;
-        sd = t2 + 71 + 1;
-
-        sp_4096_mul_d_71(sd, d, (sp_digit)1 << 11);
-        sp_4096_mul_d_142(t1, a, (sp_digit)1 << 11);
-        dv = sd[70];
-        t1[71 + 71] += t1[71 + 71 - 1] >> 29;
-        t1[71 + 71 - 1] &= 0x1fffffff;
-        for (i=71; i>=0; i--) {
-            r1 = sp_4096_div_word_71(t1[71 + i], t1[71 + i - 1], dv);
-
-            sp_4096_mul_d_71(t2, sd, r1);
-            (void)sp_4096_sub_71(&t1[i], &t1[i], t2);
-            sp_4096_norm_71(&t1[i]);
-            t1[71 + i] -= t2[71];
-            t1[71 + i] += t1[71 + i - 1] >> 29;
-            t1[71 + i - 1] &= 0x1fffffff;
-            r1 = sp_4096_div_word_71(-t1[71 + i], -t1[71 + i - 1], dv);
-            r1 -= t1[71 + i];
-            sp_4096_mul_d_71(t2, sd, r1);
-            (void)sp_4096_add_71(&t1[i], &t1[i], t2);
-            t1[71 + i] += t1[71 + i - 1] >> 29;
-            t1[71 + i - 1] &= 0x1fffffff;
-        }
-        t1[71 - 1] += t1[71 - 2] >> 29;
-        t1[71 - 2] &= 0x1fffffff;
-        r1 = sp_4096_word_div_word_71(t1[71 - 1], dv);
-
-        sp_4096_mul_d_71(t2, sd, r1);
-        sp_4096_sub_71(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 142U);
-        for (i=0; i<70; i++) {
-            r[i+1] += r[i] >> 29;
-            r[i] &= 0x1fffffff;
-        }
-        sp_4096_cond_add_71(r, r, sd, r[70] >> 31);
-
-        sp_4096_norm_71(r);
-        sp_4096_rshift_71(r, r, 11);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_71(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_71(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_71(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 142);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 142, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 71 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 71U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_71(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_71(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 71U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_71(t[1], t[1], norm);
-        err = sp_4096_mod_71(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_71(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 71 * 2);
-            sp_4096_mont_sqr_71(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 71 * 2);
-        }
-
-        sp_4096_mont_reduce_71(t[0], m, mp);
-        n = sp_4096_cmp_71(t[0], m);
-        sp_4096_cond_sub_71(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 71 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 142);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 142, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 71 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_71(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_71(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_71(t[1], t[1], norm);
-                err = sp_4096_mod_71(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_71(t[1], a, norm);
-            err = sp_4096_mod_71(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_71(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 71 * 2);
-            sp_4096_mont_sqr_71(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 71 * 2);
-        }
-
-        sp_4096_mont_reduce_71(t[0], m, mp);
-        n = sp_4096_cmp_71(t[0], m);
-        sp_4096_cond_sub_71(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 71 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 142) + 142);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 142) + 142, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 142;
-        rt = td + 4544;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_71(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_71(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_71(t[1], t[1], norm);
-                err = sp_4096_mod_71(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_71(t[1], a, norm);
-            err = sp_4096_mod_71(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_71(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_71(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_71(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_71(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_71(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_71(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_71(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_71(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_71(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_71(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_71(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_71(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_71(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_71(t[15], t[ 8], t[ 7], m, mp);
-        sp_4096_mont_sqr_71(t[16], t[ 8], m, mp);
-        sp_4096_mont_mul_71(t[17], t[ 9], t[ 8], m, mp);
-        sp_4096_mont_sqr_71(t[18], t[ 9], m, mp);
-        sp_4096_mont_mul_71(t[19], t[10], t[ 9], m, mp);
-        sp_4096_mont_sqr_71(t[20], t[10], m, mp);
-        sp_4096_mont_mul_71(t[21], t[11], t[10], m, mp);
-        sp_4096_mont_sqr_71(t[22], t[11], m, mp);
-        sp_4096_mont_mul_71(t[23], t[12], t[11], m, mp);
-        sp_4096_mont_sqr_71(t[24], t[12], m, mp);
-        sp_4096_mont_mul_71(t[25], t[13], t[12], m, mp);
-        sp_4096_mont_sqr_71(t[26], t[13], m, mp);
-        sp_4096_mont_mul_71(t[27], t[14], t[13], m, mp);
-        sp_4096_mont_sqr_71(t[28], t[14], m, mp);
-        sp_4096_mont_mul_71(t[29], t[15], t[14], m, mp);
-        sp_4096_mont_sqr_71(t[30], t[15], m, mp);
-        sp_4096_mont_mul_71(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 71) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 27) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 142);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c = 24;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n = e[i--] << 3;
-                c = 5 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_4096_mont_sqr_71(rt, rt, m, mp);
-            sp_4096_mont_sqr_71(rt, rt, m, mp);
-            sp_4096_mont_sqr_71(rt, rt, m, mp);
-            sp_4096_mont_sqr_71(rt, rt, m, mp);
-            sp_4096_mont_sqr_71(rt, rt, m, mp);
-
-            sp_4096_mont_mul_71(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_71(rt, m, mp);
-        n = sp_4096_cmp_71(rt, m);
-        sp_4096_cond_sub_71(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 142);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH) & !WOLFSSL_RSA_PUBLIC_ONLY */
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_142(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 142; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_142(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<141; i++) {
-        r[i] = 0x1fffffff;
-    }
-    r[141] = 0x7fL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_142(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_142(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=141; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_142(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 142; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_142(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 142; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[142] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 140; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[140]) + r[140];
-    t[1]  = (tb * a[141]) + r[141];
-    r[140] = (sp_digit)(t[0] & 0x1fffffff);
-    t[1] += t[0] >> 29;
-    r[141] = (sp_digit)(t[1] & 0x1fffffff);
-    r[142] +=  (sp_digit)(t[1] >> 29);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 4096 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_142(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[141] >> 7;
-    n += ((sp_int64)a[142]) << 22;
-
-    for (i = 0; i < 141; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[143 + i]) << 22;
-    }
-    r[141] = (sp_digit)n;
-    XMEMSET(&r[142], 0, sizeof(*r) * 142U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_142(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_142(a + 142);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<141; i++) {
-            mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-            sp_4096_mul_add_142(a+i, m, mu);
-            a[i+1] += a[i] >> 29;
-        }
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x7fL);
-        sp_4096_mul_add_142(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-    else {
-        for (i=0; i<141; i++) {
-            mu = (sp_digit)(a[i] & 0x1fffffff);
-            sp_4096_mul_add_142(a+i, m, mu);
-            a[i+1] += a[i] >> 29;
-        }
-        mu = (sp_digit)(a[i] & 0x7fL);
-        sp_4096_mul_add_142(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    for (i=0; i<141; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_4096_mul_add_142(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x7fL);
-    sp_4096_mul_add_142(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-#endif
-    sp_4096_mont_shift_142(a, a);
-    over = a[141] - m[141];
-    sp_4096_cond_sub_142(a, a, m, ~((over - 1) >> 31));
-    sp_4096_norm_142(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_142(r, a, b);
-    sp_4096_mont_reduce_142(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_142(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_142(r, a);
-    sp_4096_mont_reduce_142(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_284(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 284; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[284] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_142(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 142; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_142(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 142; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_4096_rshift_142(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<141; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-    r[141] = a[141] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_142(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 29);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 27; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 28) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 29);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 58) - (sp_digit)(d >> 58);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 29) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 14) + 1;
-
-    t = (sp_digit)(d >> 28);
-    t = (t / dv) << 14;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_142(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_142(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 142 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 142 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 284 + 1;
-        sd = t2 + 142 + 1;
-
-        sp_4096_mul_d_142(sd, d, (sp_digit)1 << 22);
-        sp_4096_mul_d_284(t1, a, (sp_digit)1 << 22);
-        dv = sd[141];
-        t1[142 + 142] += t1[142 + 142 - 1] >> 29;
-        t1[142 + 142 - 1] &= 0x1fffffff;
-        for (i=142; i>=0; i--) {
-            r1 = sp_4096_div_word_142(t1[142 + i], t1[142 + i - 1], dv);
-
-            sp_4096_mul_d_142(t2, sd, r1);
-            (void)sp_4096_sub_142(&t1[i], &t1[i], t2);
-            sp_4096_norm_142(&t1[i]);
-            t1[142 + i] -= t2[142];
-            t1[142 + i] += t1[142 + i - 1] >> 29;
-            t1[142 + i - 1] &= 0x1fffffff;
-            r1 = sp_4096_div_word_142(-t1[142 + i], -t1[142 + i - 1], dv);
-            r1 -= t1[142 + i];
-            sp_4096_mul_d_142(t2, sd, r1);
-            (void)sp_4096_add_142(&t1[i], &t1[i], t2);
-            t1[142 + i] += t1[142 + i - 1] >> 29;
-            t1[142 + i - 1] &= 0x1fffffff;
-        }
-        t1[142 - 1] += t1[142 - 2] >> 29;
-        t1[142 - 2] &= 0x1fffffff;
-        r1 = sp_4096_word_div_word_142(t1[142 - 1], dv);
-
-        sp_4096_mul_d_142(t2, sd, r1);
-        sp_4096_sub_142(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 284U);
-        for (i=0; i<141; i++) {
-            r[i+1] += r[i] >> 29;
-            r[i] &= 0x1fffffff;
-        }
-        sp_4096_cond_add_142(r, r, sd, r[141] >> 31);
-
-        sp_4096_norm_142(r);
-        sp_4096_rshift_142(r, r, 22);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_142(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_142(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_142(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 284);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 284, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 142 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 142U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_142(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_142(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 142U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_142(t[1], t[1], norm);
-        err = sp_4096_mod_142(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_142(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 142 * 2);
-            sp_4096_mont_sqr_142(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 142 * 2);
-        }
-
-        sp_4096_mont_reduce_142(t[0], m, mp);
-        n = sp_4096_cmp_142(t[0], m);
-        sp_4096_cond_sub_142(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 142 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 284);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 284, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 142 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_142(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_142(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_142(t[1], t[1], norm);
-                err = sp_4096_mod_142(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_142(t[1], a, norm);
-            err = sp_4096_mod_142(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 29;
-        c = bits % 29;
-        n = e[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 29;
-            }
-
-            y = (int)((n >> 28) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_142(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 142 * 2);
-            sp_4096_mont_sqr_142(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 142 * 2);
-        }
-
-        sp_4096_mont_reduce_142(t[0], m, mp);
-        n = sp_4096_cmp_142(t[0], m);
-        sp_4096_cond_sub_142(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 142 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 284) + 284);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 284) + 284, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 284;
-        rt = td + 4544;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_142(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_142(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_142(t[1], t[1], norm);
-                err = sp_4096_mod_142(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_142(t[1], a, norm);
-            err = sp_4096_mod_142(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_142(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_142(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_142(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_142(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_142(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_142(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_142(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_142(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_142(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_142(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_142(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_142(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_142(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_142(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 142) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 284);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 25;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_4096_mont_sqr_142(rt, rt, m, mp);
-            sp_4096_mont_sqr_142(rt, rt, m, mp);
-            sp_4096_mont_sqr_142(rt, rt, m, mp);
-            sp_4096_mont_sqr_142(rt, rt, m, mp);
-
-            sp_4096_mont_mul_142(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_142(rt, m, mp);
-        n = sp_4096_cmp_142(rt, m);
-        sp_4096_cond_sub_142(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 284);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 142 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 142 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 142 * 2;
-        m = r + 142 * 2;
-        norm = r;
-
-        sp_4096_from_bin(a, 142, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 142, mm);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_142(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_142(a, a, norm);
-        err = sp_4096_mod_142(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 142 * 2);
-        for (i--; i>=0; i--) {
-            sp_4096_mont_sqr_142(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_4096_mont_mul_142(r, r, a, m, mp);
-            }
-        }
-        sp_4096_mont_reduce_142(r, m, mp);
-        mp = sp_4096_cmp_142(r, m);
-        sp_4096_cond_sub_142(r, r, m, ~(mp >> 31));
-
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 142 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 142 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 142 * 2;
-        m = r + 142 * 2;
-
-        sp_4096_from_bin(a, 142, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 142, mm);
-
-        if (e[0] == 0x3) {
-            sp_4096_sqr_142(r, a);
-            err = sp_4096_mod_142(r, r, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_142(r, a, r);
-                err = sp_4096_mod_142(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-            sp_4096_mont_norm_142(norm, m);
-
-            sp_4096_mul_142(a, a, norm);
-            err = sp_4096_mod_142(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 284U);
-                for (i--; i>=0; i--) {
-                    sp_4096_mont_sqr_142(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_142(r, r, a, m, mp);
-                    }
-                }
-                sp_4096_mont_reduce_142(r, m, mp);
-                mp = sp_4096_cmp_142(r, m);
-                sp_4096_cond_sub_142(r, r, m, ~(mp >> 31));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 142 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 142 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 142;
-        m = a + 284;
-        r = a;
-
-        sp_4096_from_bin(a, 142, in, inLen);
-        sp_4096_from_mp(d, 142, dm);
-        sp_4096_from_mp(m, 142, mm);
-        err = sp_4096_mod_exp_142(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 142, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 142 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 142 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 142;
-        m = a + 284;
-        r = a;
-
-        sp_4096_from_bin(a, 142, in, inLen);
-        sp_4096_from_mp(d, 142, dm);
-        sp_4096_from_mp(m, 142, mm);
-        err = sp_4096_mod_exp_142(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 142, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 71 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 71 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 142;
-        qi = dq = dp = p + 71;
-        tmpa = qi + 71;
-        tmpb = tmpa + 142;
-        r = a;
-
-        sp_4096_from_bin(a, 142, in, inLen);
-        sp_4096_from_mp(p, 71, pm);
-        sp_4096_from_mp(dp, 71, dpm);
-        err = sp_4096_mod_exp_71(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 71, qm);
-        sp_4096_from_mp(dq, 71, dqm);
-        err = sp_4096_mod_exp_71(tmpb, a, dq, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 71, pm);
-        (void)sp_4096_sub_71(tmpa, tmpa, tmpb);
-        sp_4096_norm_71(tmpa);
-        sp_4096_cond_add_71(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[70] >> 31));
-        sp_4096_cond_add_71(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[70] >> 31));
-        sp_4096_norm_71(tmpa);
-
-        sp_4096_from_mp(qi, 71, qim);
-        sp_4096_mul_71(tmpa, tmpa, qi);
-        err = sp_4096_mod_71(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 71, qm);
-        sp_4096_mul_71(tmpa, p, tmpa);
-        (void)sp_4096_add_142(r, tmpb, tmpa);
-        sp_4096_norm_142(r);
-
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 71 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 71 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 71 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 142 * 2;
-        q = p + 71;
-        dp = q + 71;
-        dq = dp + 71;
-        qi = dq + 71;
-        tmpa = qi + 71;
-        tmpb = tmpa + 142;
-        r = a;
-
-        sp_4096_from_bin(a, 142, in, inLen);
-        sp_4096_from_mp(p, 71, pm);
-        sp_4096_from_mp(q, 71, qm);
-        sp_4096_from_mp(dp, 71, dpm);
-        sp_4096_from_mp(dq, 71, dqm);
-        sp_4096_from_mp(qi, 71, qim);
-
-        err = sp_4096_mod_exp_71(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_4096_mod_exp_71(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_4096_sub_71(tmpa, tmpa, tmpb);
-        sp_4096_norm_71(tmpa);
-        sp_4096_cond_add_71(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[70] >> 31));
-        sp_4096_cond_add_71(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[70] >> 31));
-        sp_4096_norm_71(tmpa);
-        sp_4096_mul_71(tmpa, tmpa, qi);
-        err = sp_4096_mod_71(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mul_71(tmpa, tmpa, q);
-        (void)sp_4096_add_142(r, tmpb, tmpa);
-        sp_4096_norm_142(r);
-
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 71 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 29
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 142);
-        r->used = 142;
-        mp_clamp(r);
-#elif DIGIT_BIT < 29
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 142; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 29) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 29 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 142; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 29 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 29 - s;
-            }
-            else {
-                s += 29;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 142 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 142 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 142 * 2;
-        m = e + 142;
-        r = b;
-
-        sp_4096_from_mp(b, 142, base);
-        sp_4096_from_mp(e, 142, exp);
-        sp_4096_from_mp(m, 142, mod);
-
-        err = sp_4096_mod_exp_142(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 142U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 142 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 142 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 142 * 2;
-        m = e + 142;
-        r = b;
-
-        sp_4096_from_mp(b, 142, base);
-        sp_4096_from_mp(e, 142, exp);
-        sp_4096_from_mp(m, 142, mod);
-
-        err = sp_4096_mod_exp_142(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 142U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-SP_NOINLINE static void sp_4096_lshift_142(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    r[142] = a[141] >> (29 - n);
-    for (i=141; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff);
-    }
-    r[0] = (sp_digit)((a[0] << n) & 0x1fffffff);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_142(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 427);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 427, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 284;
-        XMEMSET(td, 0, sizeof(sp_digit) * 427);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_142(norm, m);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 28) / 29) - 1;
-        c = bits % 29;
-        if (c == 0) {
-            c = 29;
-        }
-        if (i < 142) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 29;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        sp_4096_lshift_142(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 25;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 29 - c;
-            }
-
-            sp_4096_mont_sqr_142(r, r, m, mp);
-            sp_4096_mont_sqr_142(r, r, m, mp);
-            sp_4096_mont_sqr_142(r, r, m, mp);
-            sp_4096_mont_sqr_142(r, r, m, mp);
-
-            sp_4096_lshift_142(r, r, (byte)y);
-            sp_4096_mul_d_142(tmp, norm, (r[142] << 22) + (r[141] >> 7));
-            r[142] = 0;
-            r[141] &= 0x7fL;
-            (void)sp_4096_add_142(r, r, tmp);
-            sp_4096_norm_142(r);
-            o = sp_4096_cmp_142(r, m);
-            sp_4096_cond_sub_142(r, r, m, ~(o >> 31));
-        }
-
-        sp_4096_mont_reduce_142(r, m, mp);
-        n = sp_4096_cmp_142(r, m);
-        sp_4096_cond_sub_142(r, r, m, (sp_digit)~(n >> 31));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 142 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 142 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 142 * 2;
-        m = e + 142;
-        r = b;
-
-        sp_4096_from_mp(b, 142, base);
-        sp_4096_from_bin(e, 142, exp, expLen);
-        sp_4096_from_mp(m, 142, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2U &&
-                ((m[141] << 9) | (m[140] >> 20)) == 0xffffL) {
-            err = sp_4096_mod_exp_2_142(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_4096_mod_exp_142(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_4096
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_142(r, out);
-        *outLen = 512;
-        for (i=0; i<512U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 142U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#else
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 18U) {
-            r[j] &= 0x3ffffff;
-            s = 26U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 26
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 25);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 25);
-    }
-#elif DIGIT_BIT > 26
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x3ffffff;
-        s = 26U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 26U) <= (word32)DIGIT_BIT) {
-            s += 26U;
-            r[j] &= 0x3ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 26) {
-            r[j] &= 0x3ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 26 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_162(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<161; i++) {
-        r[i+1] += r[i] >> 26;
-        r[i] &= 0x3ffffff;
-    }
-    j = 4103 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<158 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 26) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 26);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_81(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 80; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_79(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 72; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[73] += a[72] >> 26; a[72] &= 0x3ffffff;
-    a[74] += a[73] >> 26; a[73] &= 0x3ffffff;
-    a[75] += a[74] >> 26; a[74] &= 0x3ffffff;
-    a[76] += a[75] >> 26; a[75] &= 0x3ffffff;
-    a[77] += a[76] >> 26; a[76] &= 0x3ffffff;
-    a[78] += a[77] >> 26; a[77] &= 0x3ffffff;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_162(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 160; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[161] += a[160] >> 26; a[160] &= 0x3ffffff;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_158(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 152; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[153] += a[152] >> 26; a[152] &= 0x3ffffff;
-    a[154] += a[153] >> 26; a[153] &= 0x3ffffff;
-    a[155] += a[154] >> 26; a[154] &= 0x3ffffff;
-    a[156] += a[155] >> 26; a[155] &= 0x3ffffff;
-    a[157] += a[156] >> 26; a[156] &= 0x3ffffff;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_uint64 t0;
-    sp_uint64 t1;
-    sp_digit t[9];
-
-    t0 = ((sp_uint64)a[ 0]) * b[ 0];
-    t1 = ((sp_uint64)a[ 0]) * b[ 1]
-       + ((sp_uint64)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 0]) * b[ 2]
-       + ((sp_uint64)a[ 1]) * b[ 1]
-       + ((sp_uint64)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 0]) * b[ 3]
-       + ((sp_uint64)a[ 1]) * b[ 2]
-       + ((sp_uint64)a[ 2]) * b[ 1]
-       + ((sp_uint64)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 0]) * b[ 4]
-       + ((sp_uint64)a[ 1]) * b[ 3]
-       + ((sp_uint64)a[ 2]) * b[ 2]
-       + ((sp_uint64)a[ 3]) * b[ 1]
-       + ((sp_uint64)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 0]) * b[ 5]
-       + ((sp_uint64)a[ 1]) * b[ 4]
-       + ((sp_uint64)a[ 2]) * b[ 3]
-       + ((sp_uint64)a[ 3]) * b[ 2]
-       + ((sp_uint64)a[ 4]) * b[ 1]
-       + ((sp_uint64)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 0]) * b[ 6]
-       + ((sp_uint64)a[ 1]) * b[ 5]
-       + ((sp_uint64)a[ 2]) * b[ 4]
-       + ((sp_uint64)a[ 3]) * b[ 3]
-       + ((sp_uint64)a[ 4]) * b[ 2]
-       + ((sp_uint64)a[ 5]) * b[ 1]
-       + ((sp_uint64)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 0]) * b[ 7]
-       + ((sp_uint64)a[ 1]) * b[ 6]
-       + ((sp_uint64)a[ 2]) * b[ 5]
-       + ((sp_uint64)a[ 3]) * b[ 4]
-       + ((sp_uint64)a[ 4]) * b[ 3]
-       + ((sp_uint64)a[ 5]) * b[ 2]
-       + ((sp_uint64)a[ 6]) * b[ 1]
-       + ((sp_uint64)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 0]) * b[ 8]
-       + ((sp_uint64)a[ 1]) * b[ 7]
-       + ((sp_uint64)a[ 2]) * b[ 6]
-       + ((sp_uint64)a[ 3]) * b[ 5]
-       + ((sp_uint64)a[ 4]) * b[ 4]
-       + ((sp_uint64)a[ 5]) * b[ 3]
-       + ((sp_uint64)a[ 6]) * b[ 2]
-       + ((sp_uint64)a[ 7]) * b[ 1]
-       + ((sp_uint64)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 1]) * b[ 8]
-       + ((sp_uint64)a[ 2]) * b[ 7]
-       + ((sp_uint64)a[ 3]) * b[ 6]
-       + ((sp_uint64)a[ 4]) * b[ 5]
-       + ((sp_uint64)a[ 5]) * b[ 4]
-       + ((sp_uint64)a[ 6]) * b[ 3]
-       + ((sp_uint64)a[ 7]) * b[ 2]
-       + ((sp_uint64)a[ 8]) * b[ 1];
-    t[ 8] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 2]) * b[ 8]
-       + ((sp_uint64)a[ 3]) * b[ 7]
-       + ((sp_uint64)a[ 4]) * b[ 6]
-       + ((sp_uint64)a[ 5]) * b[ 5]
-       + ((sp_uint64)a[ 6]) * b[ 4]
-       + ((sp_uint64)a[ 7]) * b[ 3]
-       + ((sp_uint64)a[ 8]) * b[ 2];
-    r[ 9] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 3]) * b[ 8]
-       + ((sp_uint64)a[ 4]) * b[ 7]
-       + ((sp_uint64)a[ 5]) * b[ 6]
-       + ((sp_uint64)a[ 6]) * b[ 5]
-       + ((sp_uint64)a[ 7]) * b[ 4]
-       + ((sp_uint64)a[ 8]) * b[ 3];
-    r[10] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 4]) * b[ 8]
-       + ((sp_uint64)a[ 5]) * b[ 7]
-       + ((sp_uint64)a[ 6]) * b[ 6]
-       + ((sp_uint64)a[ 7]) * b[ 5]
-       + ((sp_uint64)a[ 8]) * b[ 4];
-    r[11] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 5]) * b[ 8]
-       + ((sp_uint64)a[ 6]) * b[ 7]
-       + ((sp_uint64)a[ 7]) * b[ 6]
-       + ((sp_uint64)a[ 8]) * b[ 5];
-    r[12] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 6]) * b[ 8]
-       + ((sp_uint64)a[ 7]) * b[ 7]
-       + ((sp_uint64)a[ 8]) * b[ 6];
-    r[13] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_uint64)a[ 7]) * b[ 8]
-       + ((sp_uint64)a[ 8]) * b[ 7];
-    r[14] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_uint64)a[ 8]) * b[ 8];
-    r[15] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    r[16] = (sp_digit)(t0 & 0x3ffffff);
-    r[17] = (sp_digit)(t0 >> 26);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[16] = a[16] - b[16];
-    r[17] = a[17] - b[17];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[16] = a[16] + b[16];
-    r[17] = a[17] + b[17];
-
-    return 0;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_9(sp_digit* a)
-{
-    a[1] += a[0] >> 26; a[0] &= 0x3ffffff;
-    a[2] += a[1] >> 26; a[1] &= 0x3ffffff;
-    a[3] += a[2] >> 26; a[2] &= 0x3ffffff;
-    a[4] += a[3] >> 26; a[3] &= 0x3ffffff;
-    a[5] += a[4] >> 26; a[4] &= 0x3ffffff;
-    a[6] += a[5] >> 26; a[5] &= 0x3ffffff;
-    a[7] += a[6] >> 26; a[6] &= 0x3ffffff;
-    a[8] += a[7] >> 26; a[7] &= 0x3ffffff;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_18(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 16; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[17] += a[16] >> 26; a[16] &= 0x3ffffff;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_54(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 48; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[49] += a[48] >> 26; a[48] &= 0x3ffffff;
-    a[50] += a[49] >> 26; a[49] &= 0x3ffffff;
-    a[51] += a[50] >> 26; a[50] &= 0x3ffffff;
-    a[52] += a[51] >> 26; a[51] &= 0x3ffffff;
-    a[53] += a[52] >> 26; a[52] &= 0x3ffffff;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_27(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit p0[18];
-    sp_digit p1[18];
-    sp_digit p2[18];
-    sp_digit p3[18];
-    sp_digit p4[18];
-    sp_digit p5[18];
-    sp_digit t0[18];
-    sp_digit t1[18];
-    sp_digit t2[18];
-    sp_digit a0[9];
-    sp_digit a1[9];
-    sp_digit a2[9];
-    sp_digit b0[9];
-    sp_digit b1[9];
-    sp_digit b2[9];
-    (void)sp_4096_add_9(a0, a, &a[9]);
-    sp_4096_norm_9(a0);
-    (void)sp_4096_add_9(b0, b, &b[9]);
-    sp_4096_norm_9(b0);
-    (void)sp_4096_add_9(a1, &a[9], &a[18]);
-    sp_4096_norm_9(a1);
-    (void)sp_4096_add_9(b1, &b[9], &b[18]);
-    sp_4096_norm_9(b1);
-    (void)sp_4096_add_9(a2, a0, &a[18]);
-    sp_4096_norm_9(a1);
-    (void)sp_4096_add_9(b2, b0, &b[18]);
-    sp_4096_norm_9(b2);
-    sp_4096_mul_9(p0, a, b);
-    sp_4096_mul_9(p2, &a[9], &b[9]);
-    sp_4096_mul_9(p4, &a[18], &b[18]);
-    sp_4096_mul_9(p1, a0, b0);
-    sp_4096_mul_9(p3, a1, b1);
-    sp_4096_mul_9(p5, a2, b2);
-    XMEMSET(r, 0, sizeof(*r)*2U*27U);
-    (void)sp_4096_sub_18(t0, p3, p2);
-    (void)sp_4096_sub_18(t1, p1, p2);
-    (void)sp_4096_sub_18(t2, p5, t0);
-    (void)sp_4096_sub_18(t2, t2, t1);
-    sp_4096_norm_18(t2);
-    (void)sp_4096_sub_18(t0, t0, p4);
-    sp_4096_norm_18(t0);
-    (void)sp_4096_sub_18(t1, t1, p0);
-    sp_4096_norm_18(t1);
-    (void)sp_4096_add_18(r, r, p0);
-    (void)sp_4096_add_18(&r[9], &r[9], t1);
-    (void)sp_4096_add_18(&r[18], &r[18], t2);
-    (void)sp_4096_add_18(&r[27], &r[27], t0);
-    (void)sp_4096_add_18(&r[36], &r[36], p4);
-    sp_4096_norm_54(r);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[24] = a[24] + b[24];
-    r[25] = a[25] + b[25];
-    r[26] = a[26] + b[26];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[48] = a[48] - b[48];
-    r[49] = a[49] - b[49];
-    r[50] = a[50] - b[50];
-    r[51] = a[51] - b[51];
-    r[52] = a[52] - b[52];
-    r[53] = a[53] - b[53];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[48] = a[48] + b[48];
-    r[49] = a[49] + b[49];
-    r[50] = a[50] + b[50];
-    r[51] = a[51] + b[51];
-    r[52] = a[52] + b[52];
-    r[53] = a[53] + b[53];
-
-    return 0;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_27(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 24; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[25] += a[24] >> 26; a[24] &= 0x3ffffff;
-    a[26] += a[25] >> 26; a[25] &= 0x3ffffff;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_81(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit p0[54];
-    sp_digit p1[54];
-    sp_digit p2[54];
-    sp_digit p3[54];
-    sp_digit p4[54];
-    sp_digit p5[54];
-    sp_digit t0[54];
-    sp_digit t1[54];
-    sp_digit t2[54];
-    sp_digit a0[27];
-    sp_digit a1[27];
-    sp_digit a2[27];
-    sp_digit b0[27];
-    sp_digit b1[27];
-    sp_digit b2[27];
-    (void)sp_4096_add_27(a0, a, &a[27]);
-    sp_4096_norm_27(a0);
-    (void)sp_4096_add_27(b0, b, &b[27]);
-    sp_4096_norm_27(b0);
-    (void)sp_4096_add_27(a1, &a[27], &a[54]);
-    sp_4096_norm_27(a1);
-    (void)sp_4096_add_27(b1, &b[27], &b[54]);
-    sp_4096_norm_27(b1);
-    (void)sp_4096_add_27(a2, a0, &a[54]);
-    sp_4096_norm_27(a1);
-    (void)sp_4096_add_27(b2, b0, &b[54]);
-    sp_4096_norm_27(b2);
-    sp_4096_mul_27(p0, a, b);
-    sp_4096_mul_27(p2, &a[27], &b[27]);
-    sp_4096_mul_27(p4, &a[54], &b[54]);
-    sp_4096_mul_27(p1, a0, b0);
-    sp_4096_mul_27(p3, a1, b1);
-    sp_4096_mul_27(p5, a2, b2);
-    XMEMSET(r, 0, sizeof(*r)*2U*81U);
-    (void)sp_4096_sub_54(t0, p3, p2);
-    (void)sp_4096_sub_54(t1, p1, p2);
-    (void)sp_4096_sub_54(t2, p5, t0);
-    (void)sp_4096_sub_54(t2, t2, t1);
-    sp_4096_norm_54(t2);
-    (void)sp_4096_sub_54(t0, t0, p4);
-    sp_4096_norm_54(t0);
-    (void)sp_4096_sub_54(t1, t1, p0);
-    sp_4096_norm_54(t1);
-    (void)sp_4096_add_54(r, r, p0);
-    (void)sp_4096_add_54(&r[27], &r[27], t1);
-    (void)sp_4096_add_54(&r[54], &r[54], t2);
-    (void)sp_4096_add_54(&r[81], &r[81], t0);
-    (void)sp_4096_add_54(&r[108], &r[108], p4);
-    sp_4096_norm_162(r);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_81(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 80; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[80] = a[80] + b[80];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_162(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 160; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[160] = a[160] + b[160];
-    r[161] = a[161] + b[161];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_162(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 160; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[160] = a[160] - b[160];
-    r[161] = a[161] - b[161];
-
-    return 0;
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_324(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 320; i += 8) {
-        a[i+1] += a[i+0] >> 26; a[i+0] &= 0x3ffffff;
-        a[i+2] += a[i+1] >> 26; a[i+1] &= 0x3ffffff;
-        a[i+3] += a[i+2] >> 26; a[i+2] &= 0x3ffffff;
-        a[i+4] += a[i+3] >> 26; a[i+3] &= 0x3ffffff;
-        a[i+5] += a[i+4] >> 26; a[i+4] &= 0x3ffffff;
-        a[i+6] += a[i+5] >> 26; a[i+5] &= 0x3ffffff;
-        a[i+7] += a[i+6] >> 26; a[i+6] &= 0x3ffffff;
-        a[i+8] += a[i+7] >> 26; a[i+7] &= 0x3ffffff;
-    }
-    a[321] += a[320] >> 26; a[320] &= 0x3ffffff;
-    a[322] += a[321] >> 26; a[321] &= 0x3ffffff;
-    a[323] += a[322] >> 26; a[322] &= 0x3ffffff;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_162(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[162];
-    sp_digit* a1 = z1;
-    sp_digit b1[81];
-    sp_digit* z2 = r + 162;
-    (void)sp_4096_add_81(a1, a, &a[81]);
-    sp_4096_norm_81(a1);
-    (void)sp_4096_add_81(b1, b, &b[81]);
-    sp_4096_norm_81(b1);
-    sp_4096_mul_81(z2, &a[81], &b[81]);
-    sp_4096_mul_81(z0, a, b);
-    sp_4096_mul_81(z1, a1, b1);
-    (void)sp_4096_sub_162(z1, z1, z2);
-    (void)sp_4096_sub_162(z1, z1, z0);
-    (void)sp_4096_add_162(r + 81, r + 81, z1);
-    sp_4096_norm_324(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_uint64 t0;
-    sp_uint64 t1;
-    sp_digit t[9];
-
-    t0 =  ((sp_uint64)a[ 0]) * a[ 0];
-    t1 = (((sp_uint64)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 0]) * a[ 2]) * 2
-       +  ((sp_uint64)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 0]) * a[ 3]
-       +  ((sp_uint64)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 0]) * a[ 4]
-       +  ((sp_uint64)a[ 1]) * a[ 3]) * 2
-       +  ((sp_uint64)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 0]) * a[ 5]
-       +  ((sp_uint64)a[ 1]) * a[ 4]
-       +  ((sp_uint64)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 0]) * a[ 6]
-       +  ((sp_uint64)a[ 1]) * a[ 5]
-       +  ((sp_uint64)a[ 2]) * a[ 4]) * 2
-       +  ((sp_uint64)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 0]) * a[ 7]
-       +  ((sp_uint64)a[ 1]) * a[ 6]
-       +  ((sp_uint64)a[ 2]) * a[ 5]
-       +  ((sp_uint64)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 0]) * a[ 8]
-       +  ((sp_uint64)a[ 1]) * a[ 7]
-       +  ((sp_uint64)a[ 2]) * a[ 6]
-       +  ((sp_uint64)a[ 3]) * a[ 5]) * 2
-       +  ((sp_uint64)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 1]) * a[ 8]
-       +  ((sp_uint64)a[ 2]) * a[ 7]
-       +  ((sp_uint64)a[ 3]) * a[ 6]
-       +  ((sp_uint64)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 2]) * a[ 8]
-       +  ((sp_uint64)a[ 3]) * a[ 7]
-       +  ((sp_uint64)a[ 4]) * a[ 6]) * 2
-       +  ((sp_uint64)a[ 5]) * a[ 5];
-    r[ 9] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 3]) * a[ 8]
-       +  ((sp_uint64)a[ 4]) * a[ 7]
-       +  ((sp_uint64)a[ 5]) * a[ 6]) * 2;
-    r[10] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 4]) * a[ 8]
-       +  ((sp_uint64)a[ 5]) * a[ 7]) * 2
-       +  ((sp_uint64)a[ 6]) * a[ 6];
-    r[11] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 5]) * a[ 8]
-       +  ((sp_uint64)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_uint64)a[ 6]) * a[ 8]) * 2
-       +  ((sp_uint64)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_uint64)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 =  ((sp_uint64)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    r[16] = (sp_digit)(t0 & 0x3ffffff);
-    r[17] = (sp_digit)(t0 >> 26);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a into r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_27(sp_digit* r, const sp_digit* a)
-{
-    sp_digit p0[18];
-    sp_digit p1[18];
-    sp_digit p2[18];
-    sp_digit p3[18];
-    sp_digit p4[18];
-    sp_digit p5[18];
-    sp_digit t0[18];
-    sp_digit t1[18];
-    sp_digit t2[18];
-    sp_digit a0[9];
-    sp_digit a1[9];
-    sp_digit a2[9];
-    (void)sp_4096_add_9(a0, a, &a[9]);
-    sp_4096_norm_9(a0);
-    (void)sp_4096_add_9(a1, &a[9], &a[18]);
-    sp_4096_norm_9(a1);
-    (void)sp_4096_add_9(a2, a0, &a[18]);
-    sp_4096_norm_9(a2);
-    sp_4096_sqr_9(p0, a);
-    sp_4096_sqr_9(p2, &a[9]);
-    sp_4096_sqr_9(p4, &a[18]);
-    sp_4096_sqr_9(p1, a0);
-    sp_4096_sqr_9(p3, a1);
-    sp_4096_sqr_9(p5, a2);
-    XMEMSET(r, 0, sizeof(*r)*2U*27U);
-    (void)sp_4096_sub_18(t0, p3, p2);
-    (void)sp_4096_sub_18(t1, p1, p2);
-    (void)sp_4096_sub_18(t2, p5, t0);
-    (void)sp_4096_sub_18(t2, t2, t1);
-    sp_4096_norm_18(t2);
-    (void)sp_4096_sub_18(t0, t0, p4);
-    sp_4096_norm_18(t0);
-    (void)sp_4096_sub_18(t1, t1, p0);
-    sp_4096_norm_18(t1);
-    (void)sp_4096_add_18(r, r, p0);
-    (void)sp_4096_add_18(&r[9], &r[9], t1);
-    (void)sp_4096_add_18(&r[18], &r[18], t2);
-    (void)sp_4096_add_18(&r[27], &r[27], t0);
-    (void)sp_4096_add_18(&r[36], &r[36], p4);
-    sp_4096_norm_54(r);
-}
-
-/* Square a into r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_81(sp_digit* r, const sp_digit* a)
-{
-    sp_digit p0[54];
-    sp_digit p1[54];
-    sp_digit p2[54];
-    sp_digit p3[54];
-    sp_digit p4[54];
-    sp_digit p5[54];
-    sp_digit t0[54];
-    sp_digit t1[54];
-    sp_digit t2[54];
-    sp_digit a0[27];
-    sp_digit a1[27];
-    sp_digit a2[27];
-    (void)sp_4096_add_27(a0, a, &a[27]);
-    sp_4096_norm_27(a0);
-    (void)sp_4096_add_27(a1, &a[27], &a[54]);
-    sp_4096_norm_27(a1);
-    (void)sp_4096_add_27(a2, a0, &a[54]);
-    sp_4096_norm_27(a2);
-    sp_4096_sqr_27(p0, a);
-    sp_4096_sqr_27(p2, &a[27]);
-    sp_4096_sqr_27(p4, &a[54]);
-    sp_4096_sqr_27(p1, a0);
-    sp_4096_sqr_27(p3, a1);
-    sp_4096_sqr_27(p5, a2);
-    XMEMSET(r, 0, sizeof(*r)*2U*81U);
-    (void)sp_4096_sub_54(t0, p3, p2);
-    (void)sp_4096_sub_54(t1, p1, p2);
-    (void)sp_4096_sub_54(t2, p5, t0);
-    (void)sp_4096_sub_54(t2, t2, t1);
-    sp_4096_norm_54(t2);
-    (void)sp_4096_sub_54(t0, t0, p4);
-    sp_4096_norm_54(t0);
-    (void)sp_4096_sub_54(t1, t1, p0);
-    sp_4096_norm_54(t1);
-    (void)sp_4096_add_54(r, r, p0);
-    (void)sp_4096_add_54(&r[27], &r[27], t1);
-    (void)sp_4096_add_54(&r[54], &r[54], t2);
-    (void)sp_4096_add_54(&r[81], &r[81], t0);
-    (void)sp_4096_add_54(&r[108], &r[108], p4);
-    sp_4096_norm_162(r);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_162(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[162];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 162;
-    (void)sp_4096_add_81(a1, a, &a[81]);
-    sp_4096_norm_81(a1);
-    sp_4096_sqr_81(z2, &a[81]);
-    sp_4096_sqr_81(z0, a);
-    sp_4096_sqr_81(z1, a1);
-    (void)sp_4096_sub_162(z1, z1, z2);
-    (void)sp_4096_sub_162(z1, z1, z0);
-    (void)sp_4096_add_162(r + 81, r + 81, z1);
-    sp_4096_norm_324(r);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x &= 0x3ffffff;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 26) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_162(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 160; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[160];
-    r[160] = (sp_digit)(t & 0x3ffffff);
-    t >>= 26;
-    t += tb * a[161];
-    r[161] = (sp_digit)(t & 0x3ffffff);
-    t >>= 26;
-    r[162] = (sp_digit)(t & 0x3ffffff);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_81(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 80; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[80] = a[80] - b[80];
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_81(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = 0x3ffffff;
-        r[i + 1] = 0x3ffffff;
-        r[i + 2] = 0x3ffffff;
-        r[i + 3] = 0x3ffffff;
-        r[i + 4] = 0x3ffffff;
-        r[i + 5] = 0x3ffffff;
-        r[i + 6] = 0x3ffffff;
-        r[i + 7] = 0x3ffffff;
-    }
-    r[72] = 0x3ffffff;
-    r[73] = 0x3ffffff;
-    r[74] = 0x3ffffff;
-    r[75] = 0x3ffffff;
-    r[76] = 0x3ffffff;
-    r[77] = 0x3ffffff;
-    r[78] = 0xfffffL;
-    r[79] = 0;
-    r[80] = 0;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_81(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_81(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[80] - b[80]) & (0 - (sp_digit)1);
-    for (i = 72; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 25);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_81(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 80; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[80] = a[80] - (b[80] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_81(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 81; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x3ffffff;
-        t >>= 26;
-    }
-    r[81] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 80; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0x3ffffff);
-        t[1] += t[0] >> 26;
-        r[i+1] = (sp_digit)(t[1] & 0x3ffffff);
-        t[2] += t[1] >> 26;
-        r[i+2] = (sp_digit)(t[2] & 0x3ffffff);
-        t[3] += t[2] >> 26;
-        r[i+3] = (sp_digit)(t[3] & 0x3ffffff);
-        t[4] += t[3] >> 26;
-        r[i+4] = (sp_digit)(t[4] & 0x3ffffff);
-        t[5] += t[4] >> 26;
-        r[i+5] = (sp_digit)(t[5] & 0x3ffffff);
-        t[6] += t[5] >> 26;
-        r[i+6] = (sp_digit)(t[6] & 0x3ffffff);
-        t[7] += t[6] >> 26;
-        r[i+7] = (sp_digit)(t[7] & 0x3ffffff);
-        t[0]  = t[7] >> 26;
-    }
-    t[0] += (tb * a[80]) + r[80];
-    r[80] = (sp_digit)(t[0] & 0x3ffffff);
-    r[81] +=  (sp_digit)(t[0] >> 26);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_81(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[78] >> 20;
-    n += ((sp_int64)a[79]) << 6;
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 80]) << 6;
-        r[i + 1] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 81]) << 6;
-        r[i + 2] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 82]) << 6;
-        r[i + 3] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 83]) << 6;
-        r[i + 4] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 84]) << 6;
-        r[i + 5] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 85]) << 6;
-        r[i + 6] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 86]) << 6;
-        r[i + 7] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 87]) << 6;
-    }
-    r[72] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[152]) << 6;
-    r[73] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[153]) << 6;
-    r[74] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[154]) << 6;
-    r[75] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[155]) << 6;
-    r[76] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[156]) << 6;
-    r[77] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[157]) << 6;
-    r[78] = (sp_digit)n;
-    XMEMSET(&r[79], 0, sizeof(*r) * 79U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_81(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_81(a + 79);
-
-    for (i=0; i<78; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffff);
-        sp_4096_mul_add_81(a+i, m, mu);
-        a[i+1] += a[i] >> 26;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffL);
-    sp_4096_mul_add_81(a+i, m, mu);
-    a[i+1] += a[i] >> 26;
-    a[i] &= 0x3ffffff;
-    sp_4096_mont_shift_81(a, a);
-    over = a[78] - m[78];
-    sp_4096_cond_sub_81(a, a, m, ~((over - 1) >> 31));
-    sp_4096_norm_81(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_81(r, a, b);
-    sp_4096_mont_reduce_81(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_81(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_81(r, a);
-    sp_4096_mont_reduce_81(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_81(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 80; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[80];
-    r[80] = (sp_digit)(t & 0x3ffffff);
-    t >>= 26;
-    r[81] = (sp_digit)(t & 0x3ffffff);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_81(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 80; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[80] = a[80] + (b[80] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_4096_rshift_81(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<80; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (26 - n)) & 0x3ffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (26 - n)) & 0x3ffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (26 - n)) & 0x3ffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (26 - n)) & 0x3ffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (26 - n)) & 0x3ffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (26 - n)) & 0x3ffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (26 - n)) & 0x3ffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (26 - n)) & 0x3ffffff);
-    }
-    r[80] = a[80] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_81(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 26);
-    sp_digit t0 = (sp_digit)(d & 0x3ffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 24; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 25) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 26);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 52) - (sp_digit)(d >> 52);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 11) + 1;
-
-    t = (sp_digit)(d >> 22);
-    t = (t / dv) << 11;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 7);
-    t = t / (dv << 4);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_81(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_81(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 81 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 81 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 162 + 1;
-        sd = t2 + 81 + 1;
-
-        sp_4096_mul_d_81(sd, d, (sp_digit)1 << 6);
-        sp_4096_mul_d_162(t1, a, (sp_digit)1 << 6);
-        dv = sd[78];
-        t1[79 + 79] += t1[79 + 79 - 1] >> 26;
-        t1[79 + 79 - 1] &= 0x3ffffff;
-        for (i=79; i>=0; i--) {
-            r1 = sp_4096_div_word_81(t1[79 + i], t1[79 + i - 1], dv);
-
-            sp_4096_mul_d_81(t2, sd, r1);
-            (void)sp_4096_sub_81(&t1[i], &t1[i], t2);
-            sp_4096_norm_79(&t1[i]);
-            t1[79 + i] += t1[79 + i - 1] >> 26;
-            t1[79 + i - 1] &= 0x3ffffff;
-            r1 = sp_4096_div_word_81(-t1[79 + i], -t1[79 + i - 1], dv);
-            r1 -= t1[79 + i];
-            sp_4096_mul_d_81(t2, sd, r1);
-            (void)sp_4096_add_81(&t1[i], &t1[i], t2);
-            t1[79 + i] += t1[79 + i - 1] >> 26;
-            t1[79 + i - 1] &= 0x3ffffff;
-        }
-        t1[79 - 1] += t1[79 - 2] >> 26;
-        t1[79 - 2] &= 0x3ffffff;
-        r1 = sp_4096_word_div_word_81(t1[79 - 1], dv);
-
-        sp_4096_mul_d_81(t2, sd, r1);
-        sp_4096_sub_81(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 162U);
-        for (i=0; i<78; i++) {
-            r[i+1] += r[i] >> 26;
-            r[i] &= 0x3ffffff;
-        }
-        sp_4096_cond_add_81(r, r, sd, r[78] >> 31);
-
-        sp_4096_norm_79(r);
-        sp_4096_rshift_81(r, r, 6);
-        r[79] = 0;
-        r[80] = 0;
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_81(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_81(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_81(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 162);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 162, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 81 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 81U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_81(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_81(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 81U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_81(t[1], t[1], norm);
-        err = sp_4096_mod_81(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 26;
-        c = bits % 26;
-        n = e[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 26;
-            }
-
-            y = (int)((n >> 25) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_81(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 81 * 2);
-            sp_4096_mont_sqr_81(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 81 * 2);
-        }
-
-        sp_4096_mont_reduce_81(t[0], m, mp);
-        n = sp_4096_cmp_81(t[0], m);
-        sp_4096_cond_sub_81(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 81 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 162);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 162, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 81 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_81(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_81(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_81(t[1], t[1], norm);
-                err = sp_4096_mod_81(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_81(t[1], a, norm);
-            err = sp_4096_mod_81(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 26;
-        c = bits % 26;
-        n = e[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 26;
-            }
-
-            y = (int)((n >> 25) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_81(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 81 * 2);
-            sp_4096_mont_sqr_81(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 81 * 2);
-        }
-
-        sp_4096_mont_reduce_81(t[0], m, mp);
-        n = sp_4096_cmp_81(t[0], m);
-        sp_4096_cond_sub_81(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 81 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 162) + 162);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 162) + 162, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 162;
-        rt = td + 5184;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_81(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_81(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_81(t[1], t[1], norm);
-                err = sp_4096_mod_81(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_81(t[1], a, norm);
-            err = sp_4096_mod_81(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_81(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_81(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_81(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_81(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_81(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_81(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_81(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_81(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_81(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_81(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_81(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_81(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_81(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_81(t[15], t[ 8], t[ 7], m, mp);
-        sp_4096_mont_sqr_81(t[16], t[ 8], m, mp);
-        sp_4096_mont_mul_81(t[17], t[ 9], t[ 8], m, mp);
-        sp_4096_mont_sqr_81(t[18], t[ 9], m, mp);
-        sp_4096_mont_mul_81(t[19], t[10], t[ 9], m, mp);
-        sp_4096_mont_sqr_81(t[20], t[10], m, mp);
-        sp_4096_mont_mul_81(t[21], t[11], t[10], m, mp);
-        sp_4096_mont_sqr_81(t[22], t[11], m, mp);
-        sp_4096_mont_mul_81(t[23], t[12], t[11], m, mp);
-        sp_4096_mont_sqr_81(t[24], t[12], m, mp);
-        sp_4096_mont_mul_81(t[25], t[13], t[12], m, mp);
-        sp_4096_mont_sqr_81(t[26], t[13], m, mp);
-        sp_4096_mont_mul_81(t[27], t[14], t[13], m, mp);
-        sp_4096_mont_sqr_81(t[28], t[14], m, mp);
-        sp_4096_mont_mul_81(t[29], t[15], t[14], m, mp);
-        sp_4096_mont_sqr_81(t[30], t[15], m, mp);
-        sp_4096_mont_mul_81(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 25) / 26) - 1;
-        c = bits % 26;
-        if (c == 0) {
-            c = 26;
-        }
-        if (i < 81) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (6 - c);
-            c += 26;
-        }
-        y = (int)((n >> 27) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 162);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 6;
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c = 21;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n = e[i--] << 6;
-                c = 5 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 26 - c;
-            }
-
-            sp_4096_mont_sqr_81(rt, rt, m, mp);
-            sp_4096_mont_sqr_81(rt, rt, m, mp);
-            sp_4096_mont_sqr_81(rt, rt, m, mp);
-            sp_4096_mont_sqr_81(rt, rt, m, mp);
-            sp_4096_mont_sqr_81(rt, rt, m, mp);
-
-            sp_4096_mont_mul_81(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_81(rt, m, mp);
-        n = sp_4096_cmp_81(rt, m);
-        sp_4096_cond_sub_81(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 162);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH) & !WOLFSSL_RSA_PUBLIC_ONLY */
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_162(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 152; i += 8) {
-        r[i + 0] = 0x3ffffff;
-        r[i + 1] = 0x3ffffff;
-        r[i + 2] = 0x3ffffff;
-        r[i + 3] = 0x3ffffff;
-        r[i + 4] = 0x3ffffff;
-        r[i + 5] = 0x3ffffff;
-        r[i + 6] = 0x3ffffff;
-        r[i + 7] = 0x3ffffff;
-    }
-    r[152] = 0x3ffffff;
-    r[153] = 0x3ffffff;
-    r[154] = 0x3ffffff;
-    r[155] = 0x3ffffff;
-    r[156] = 0x3ffffff;
-    r[157] = 0x3fffL;
-    r[158] = 0;
-    r[159] = 0;
-    r[160] = 0;
-    r[161] = 0;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_162(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_162(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[161] - b[161]) & (0 - (sp_digit)1);
-    r |= (a[160] - b[160]) & ~(((sp_digit)0 - r) >> 25);
-    for (i = 152; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 25);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 25);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_162(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 160; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[160] = a[160] - (b[160] & m);
-    r[161] = a[161] - (b[161] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_162(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 162; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x3ffffff;
-        t >>= 26;
-    }
-    r[162] += (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 160; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0x3ffffff);
-        t[1] += t[0] >> 26;
-        r[i+1] = (sp_digit)(t[1] & 0x3ffffff);
-        t[2] += t[1] >> 26;
-        r[i+2] = (sp_digit)(t[2] & 0x3ffffff);
-        t[3] += t[2] >> 26;
-        r[i+3] = (sp_digit)(t[3] & 0x3ffffff);
-        t[4] += t[3] >> 26;
-        r[i+4] = (sp_digit)(t[4] & 0x3ffffff);
-        t[5] += t[4] >> 26;
-        r[i+5] = (sp_digit)(t[5] & 0x3ffffff);
-        t[6] += t[5] >> 26;
-        r[i+6] = (sp_digit)(t[6] & 0x3ffffff);
-        t[7] += t[6] >> 26;
-        r[i+7] = (sp_digit)(t[7] & 0x3ffffff);
-        t[0]  = t[7] >> 26;
-    }
-    t[0] += (tb * a[160]) + r[160];
-    t[1]  = (tb * a[161]) + r[161];
-    r[160] = (sp_digit)(t[0] & 0x3ffffff);
-    t[1] += t[0] >> 26;
-    r[161] = (sp_digit)(t[1] & 0x3ffffff);
-    r[162] +=  (sp_digit)(t[1] >> 26);
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Shift the result in the high 4096 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_162(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int64 n = a[157] >> 14;
-    n += ((sp_int64)a[158]) << 12;
-    for (i = 0; i < 152; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 159]) << 12;
-        r[i + 1] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 160]) << 12;
-        r[i + 2] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 161]) << 12;
-        r[i + 3] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 162]) << 12;
-        r[i + 4] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 163]) << 12;
-        r[i + 5] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 164]) << 12;
-        r[i + 6] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 165]) << 12;
-        r[i + 7] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26; n += ((sp_int64)a[i + 166]) << 12;
-    }
-    r[152] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[311]) << 12;
-    r[153] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[312]) << 12;
-    r[154] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[313]) << 12;
-    r[155] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[314]) << 12;
-    r[156] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[315]) << 12;
-    r[157] = (sp_digit)n;
-    XMEMSET(&r[158], 0, sizeof(*r) * 158U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_162(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_162(a + 158);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<157; i++) {
-            mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffff);
-            sp_4096_mul_add_162(a+i, m, mu);
-            a[i+1] += a[i] >> 26;
-        }
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3fffL);
-        sp_4096_mul_add_162(a+i, m, mu);
-        a[i+1] += a[i] >> 26;
-        a[i] &= 0x3ffffff;
-    }
-    else {
-        for (i=0; i<157; i++) {
-            mu = (sp_digit)(a[i] & 0x3ffffff);
-            sp_4096_mul_add_162(a+i, m, mu);
-            a[i+1] += a[i] >> 26;
-        }
-        mu = (sp_digit)(a[i] & 0x3fffL);
-        sp_4096_mul_add_162(a+i, m, mu);
-        a[i+1] += a[i] >> 26;
-        a[i] &= 0x3ffffff;
-    }
-#else
-    for (i=0; i<157; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffff);
-        sp_4096_mul_add_162(a+i, m, mu);
-        a[i+1] += a[i] >> 26;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3fffL);
-    sp_4096_mul_add_162(a+i, m, mu);
-    a[i+1] += a[i] >> 26;
-    a[i] &= 0x3ffffff;
-#endif
-    sp_4096_mont_shift_162(a, a);
-    over = a[157] - m[157];
-    sp_4096_cond_sub_162(a, a, m, ~((over - 1) >> 31));
-    sp_4096_norm_162(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_162(r, a, b);
-    sp_4096_mont_reduce_162(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_162(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_162(r, a);
-    sp_4096_mont_reduce_162(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_324(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 324; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[324] = (sp_digit)(t & 0x3ffffff);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_162(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 160; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[160] = a[160] + (b[160] & m);
-    r[161] = a[161] + (b[161] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_4096_rshift_162(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<160; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (26 - n)) & 0x3ffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (26 - n)) & 0x3ffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (26 - n)) & 0x3ffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (26 - n)) & 0x3ffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (26 - n)) & 0x3ffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (26 - n)) & 0x3ffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (26 - n)) & 0x3ffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (26 - n)) & 0x3ffffff);
-    }
-    r[160] = (a[160] >> n) | (sp_digit)((a[161] << (26 - n)) & 0x3ffffff);
-    r[161] = a[161] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_162(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 26);
-    sp_digit t0 = (sp_digit)(d & 0x3ffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 24; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 25) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 26);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 52) - (sp_digit)(d >> 52);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 26) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 11) + 1;
-
-    t = (sp_digit)(d >> 22);
-    t = (t / dv) << 11;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 7);
-    t = t / (dv << 4);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_162(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_162(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 162 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 162 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 324 + 1;
-        sd = t2 + 162 + 1;
-
-        sp_4096_mul_d_162(sd, d, (sp_digit)1 << 12);
-        sp_4096_mul_d_324(t1, a, (sp_digit)1 << 12);
-        dv = sd[157];
-        t1[158 + 158] += t1[158 + 158 - 1] >> 26;
-        t1[158 + 158 - 1] &= 0x3ffffff;
-        for (i=158; i>=0; i--) {
-            r1 = sp_4096_div_word_162(t1[158 + i], t1[158 + i - 1], dv);
-
-            sp_4096_mul_d_162(t2, sd, r1);
-            (void)sp_4096_sub_162(&t1[i], &t1[i], t2);
-            sp_4096_norm_158(&t1[i]);
-            t1[158 + i] += t1[158 + i - 1] >> 26;
-            t1[158 + i - 1] &= 0x3ffffff;
-            r1 = sp_4096_div_word_162(-t1[158 + i], -t1[158 + i - 1], dv);
-            r1 -= t1[158 + i];
-            sp_4096_mul_d_162(t2, sd, r1);
-            (void)sp_4096_add_162(&t1[i], &t1[i], t2);
-            t1[158 + i] += t1[158 + i - 1] >> 26;
-            t1[158 + i - 1] &= 0x3ffffff;
-        }
-        t1[158 - 1] += t1[158 - 2] >> 26;
-        t1[158 - 2] &= 0x3ffffff;
-        r1 = sp_4096_word_div_word_162(t1[158 - 1], dv);
-
-        sp_4096_mul_d_162(t2, sd, r1);
-        sp_4096_sub_162(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 324U);
-        for (i=0; i<157; i++) {
-            r[i+1] += r[i] >> 26;
-            r[i] &= 0x3ffffff;
-        }
-        sp_4096_cond_add_162(r, r, sd, r[157] >> 31);
-
-        sp_4096_norm_158(r);
-        sp_4096_rshift_162(r, r, 12);
-        r[158] = 0;
-        r[159] = 0;
-        r[160] = 0;
-        r[161] = 0;
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_162(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_162(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_162(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 324);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 324, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 162 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 162U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_162(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_162(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 162U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_162(t[1], t[1], norm);
-        err = sp_4096_mod_162(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 26;
-        c = bits % 26;
-        n = e[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 26;
-            }
-
-            y = (int)((n >> 25) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_162(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 162 * 2);
-            sp_4096_mont_sqr_162(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 162 * 2);
-        }
-
-        sp_4096_mont_reduce_162(t[0], m, mp);
-        n = sp_4096_cmp_162(t[0], m);
-        sp_4096_cond_sub_162(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 162 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 324);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 324, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 162 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_162(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_162(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_162(t[1], t[1], norm);
-                err = sp_4096_mod_162(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_162(t[1], a, norm);
-            err = sp_4096_mod_162(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 26;
-        c = bits % 26;
-        n = e[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 26;
-            }
-
-            y = (int)((n >> 25) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_162(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 162 * 2);
-            sp_4096_mont_sqr_162(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 162 * 2);
-        }
-
-        sp_4096_mont_reduce_162(t[0], m, mp);
-        n = sp_4096_cmp_162(t[0], m);
-        sp_4096_cond_sub_162(t[0], t[0], m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, t[0], sizeof(*r) * 162 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 324) + 324);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 324) + 324, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 324;
-        rt = td + 5184;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_162(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_162(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_162(t[1], t[1], norm);
-                err = sp_4096_mod_162(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_162(t[1], a, norm);
-            err = sp_4096_mod_162(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_162(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_162(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_162(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_162(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_162(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_162(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_162(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_162(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_162(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_162(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_162(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_162(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_162(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_162(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 25) / 26) - 1;
-        c = bits % 26;
-        if (c == 0) {
-            c = 26;
-        }
-        if (i < 162) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (6 - c);
-            c += 26;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 324);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 6;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 22;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 6;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 26 - c;
-            }
-
-            sp_4096_mont_sqr_162(rt, rt, m, mp);
-            sp_4096_mont_sqr_162(rt, rt, m, mp);
-            sp_4096_mont_sqr_162(rt, rt, m, mp);
-            sp_4096_mont_sqr_162(rt, rt, m, mp);
-
-            sp_4096_mont_mul_162(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_162(rt, m, mp);
-        n = sp_4096_cmp_162(rt, m);
-        sp_4096_cond_sub_162(rt, rt, m, (sp_digit)~(n >> 31));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 324);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) || */
-       /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 162 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 162 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 162 * 2;
-        m = r + 162 * 2;
-        norm = r;
-
-        sp_4096_from_bin(a, 162, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 162, mm);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_162(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_162(a, a, norm);
-        err = sp_4096_mod_162(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 162 * 2);
-        for (i--; i>=0; i--) {
-            sp_4096_mont_sqr_162(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_4096_mont_mul_162(r, r, a, m, mp);
-            }
-        }
-        sp_4096_mont_reduce_162(r, m, mp);
-        mp = sp_4096_cmp_162(r, m);
-        sp_4096_cond_sub_162(r, r, m, ~(mp >> 31));
-
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 162 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 162 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 162 * 2;
-        m = r + 162 * 2;
-
-        sp_4096_from_bin(a, 162, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 162, mm);
-
-        if (e[0] == 0x3) {
-            sp_4096_sqr_162(r, a);
-            err = sp_4096_mod_162(r, r, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_162(r, a, r);
-                err = sp_4096_mod_162(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-            sp_4096_mont_norm_162(norm, m);
-
-            sp_4096_mul_162(a, a, norm);
-            err = sp_4096_mod_162(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 324U);
-                for (i--; i>=0; i--) {
-                    sp_4096_mont_sqr_162(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_162(r, r, a, m, mp);
-                    }
-                }
-                sp_4096_mont_reduce_162(r, m, mp);
-                mp = sp_4096_cmp_162(r, m);
-                sp_4096_cond_sub_162(r, r, m, ~(mp >> 31));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 162 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 162 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 162;
-        m = a + 324;
-        r = a;
-
-        sp_4096_from_bin(a, 162, in, inLen);
-        sp_4096_from_mp(d, 162, dm);
-        sp_4096_from_mp(m, 162, mm);
-        err = sp_4096_mod_exp_162(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 162, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 162 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 162 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 162;
-        m = a + 324;
-        r = a;
-
-        sp_4096_from_bin(a, 162, in, inLen);
-        sp_4096_from_mp(d, 162, dm);
-        sp_4096_from_mp(m, 162, mm);
-        err = sp_4096_mod_exp_162(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 162, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 81 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 81 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 162;
-        qi = dq = dp = p + 81;
-        tmpa = qi + 81;
-        tmpb = tmpa + 162;
-        r = a;
-
-        sp_4096_from_bin(a, 162, in, inLen);
-        sp_4096_from_mp(p, 81, pm);
-        sp_4096_from_mp(dp, 81, dpm);
-        err = sp_4096_mod_exp_81(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 81, qm);
-        sp_4096_from_mp(dq, 81, dqm);
-        err = sp_4096_mod_exp_81(tmpb, a, dq, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 81, pm);
-        (void)sp_4096_sub_81(tmpa, tmpa, tmpb);
-        sp_4096_norm_79(tmpa);
-        sp_4096_cond_add_81(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[78] >> 31));
-        sp_4096_cond_add_81(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[78] >> 31));
-        sp_4096_norm_81(tmpa);
-
-        sp_4096_from_mp(qi, 81, qim);
-        sp_4096_mul_81(tmpa, tmpa, qi);
-        err = sp_4096_mod_81(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 81, qm);
-        sp_4096_mul_81(tmpa, p, tmpa);
-        (void)sp_4096_add_162(r, tmpb, tmpa);
-        sp_4096_norm_162(r);
-
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 81 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 81 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 81 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 162 * 2;
-        q = p + 81;
-        dp = q + 81;
-        dq = dp + 81;
-        qi = dq + 81;
-        tmpa = qi + 81;
-        tmpb = tmpa + 162;
-        r = a;
-
-        sp_4096_from_bin(a, 162, in, inLen);
-        sp_4096_from_mp(p, 81, pm);
-        sp_4096_from_mp(q, 81, qm);
-        sp_4096_from_mp(dp, 81, dpm);
-        sp_4096_from_mp(dq, 81, dqm);
-        sp_4096_from_mp(qi, 81, qim);
-
-        err = sp_4096_mod_exp_81(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_4096_mod_exp_81(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_4096_sub_81(tmpa, tmpa, tmpb);
-        sp_4096_norm_79(tmpa);
-        sp_4096_cond_add_81(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[78] >> 31));
-        sp_4096_cond_add_81(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[78] >> 31));
-        sp_4096_norm_81(tmpa);
-        sp_4096_mul_81(tmpa, tmpa, qi);
-        err = sp_4096_mod_81(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mul_81(tmpa, tmpa, q);
-        (void)sp_4096_add_162(r, tmpb, tmpa);
-        sp_4096_norm_162(r);
-
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 81 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 26
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 158);
-        r->used = 158;
-        mp_clamp(r);
-#elif DIGIT_BIT < 26
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 158; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 26) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 26 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 158; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 26 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 26 - s;
-            }
-            else {
-                s += 26;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 162 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 162 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 162 * 2;
-        m = e + 162;
-        r = b;
-
-        sp_4096_from_mp(b, 162, base);
-        sp_4096_from_mp(e, 162, exp);
-        sp_4096_from_mp(m, 162, mod);
-
-        err = sp_4096_mod_exp_162(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 162U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 162 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 162 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 162 * 2;
-        m = e + 162;
-        r = b;
-
-        sp_4096_from_mp(b, 162, base);
-        sp_4096_from_mp(e, 162, exp);
-        sp_4096_from_mp(m, 162, mod);
-
-        err = sp_4096_mod_exp_162(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 162U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-SP_NOINLINE static void sp_4096_lshift_162(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[161];
-    r[162] = s >> (26U - n);
-    s = (sp_int_digit)(a[161]); t = (sp_int_digit)(a[160]);
-    r[161] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[160]); t = (sp_int_digit)(a[159]);
-    r[160] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[159]); t = (sp_int_digit)(a[158]);
-    r[159] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[158]); t = (sp_int_digit)(a[157]);
-    r[158] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[157]); t = (sp_int_digit)(a[156]);
-    r[157] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[156]); t = (sp_int_digit)(a[155]);
-    r[156] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[155]); t = (sp_int_digit)(a[154]);
-    r[155] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[154]); t = (sp_int_digit)(a[153]);
-    r[154] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[153]); t = (sp_int_digit)(a[152]);
-    r[153] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[152]); t = (sp_int_digit)(a[151]);
-    r[152] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[151]); t = (sp_int_digit)(a[150]);
-    r[151] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[150]); t = (sp_int_digit)(a[149]);
-    r[150] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[149]); t = (sp_int_digit)(a[148]);
-    r[149] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[148]); t = (sp_int_digit)(a[147]);
-    r[148] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[147]); t = (sp_int_digit)(a[146]);
-    r[147] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[146]); t = (sp_int_digit)(a[145]);
-    r[146] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[145]); t = (sp_int_digit)(a[144]);
-    r[145] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[144]); t = (sp_int_digit)(a[143]);
-    r[144] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[143]); t = (sp_int_digit)(a[142]);
-    r[143] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[142]); t = (sp_int_digit)(a[141]);
-    r[142] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[141]); t = (sp_int_digit)(a[140]);
-    r[141] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[140]); t = (sp_int_digit)(a[139]);
-    r[140] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[139]); t = (sp_int_digit)(a[138]);
-    r[139] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[138]); t = (sp_int_digit)(a[137]);
-    r[138] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[137]); t = (sp_int_digit)(a[136]);
-    r[137] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[136]); t = (sp_int_digit)(a[135]);
-    r[136] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[135]); t = (sp_int_digit)(a[134]);
-    r[135] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[134]); t = (sp_int_digit)(a[133]);
-    r[134] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[133]); t = (sp_int_digit)(a[132]);
-    r[133] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[132]); t = (sp_int_digit)(a[131]);
-    r[132] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[131]); t = (sp_int_digit)(a[130]);
-    r[131] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[130]); t = (sp_int_digit)(a[129]);
-    r[130] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[129]); t = (sp_int_digit)(a[128]);
-    r[129] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[128]); t = (sp_int_digit)(a[127]);
-    r[128] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[127]); t = (sp_int_digit)(a[126]);
-    r[127] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[126]); t = (sp_int_digit)(a[125]);
-    r[126] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[125]); t = (sp_int_digit)(a[124]);
-    r[125] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[124]); t = (sp_int_digit)(a[123]);
-    r[124] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[123]); t = (sp_int_digit)(a[122]);
-    r[123] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[122]); t = (sp_int_digit)(a[121]);
-    r[122] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[121]); t = (sp_int_digit)(a[120]);
-    r[121] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[120]); t = (sp_int_digit)(a[119]);
-    r[120] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[119]); t = (sp_int_digit)(a[118]);
-    r[119] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[118]); t = (sp_int_digit)(a[117]);
-    r[118] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[117]); t = (sp_int_digit)(a[116]);
-    r[117] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[116]); t = (sp_int_digit)(a[115]);
-    r[116] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[115]); t = (sp_int_digit)(a[114]);
-    r[115] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[114]); t = (sp_int_digit)(a[113]);
-    r[114] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[113]); t = (sp_int_digit)(a[112]);
-    r[113] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[112]); t = (sp_int_digit)(a[111]);
-    r[112] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[111]); t = (sp_int_digit)(a[110]);
-    r[111] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[110]); t = (sp_int_digit)(a[109]);
-    r[110] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[109]); t = (sp_int_digit)(a[108]);
-    r[109] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[108]); t = (sp_int_digit)(a[107]);
-    r[108] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[107]); t = (sp_int_digit)(a[106]);
-    r[107] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[106]); t = (sp_int_digit)(a[105]);
-    r[106] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[105]); t = (sp_int_digit)(a[104]);
-    r[105] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[104]); t = (sp_int_digit)(a[103]);
-    r[104] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[103]); t = (sp_int_digit)(a[102]);
-    r[103] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[102]); t = (sp_int_digit)(a[101]);
-    r[102] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[101]); t = (sp_int_digit)(a[100]);
-    r[101] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[100]); t = (sp_int_digit)(a[99]);
-    r[100] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[99]); t = (sp_int_digit)(a[98]);
-    r[99] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[98]); t = (sp_int_digit)(a[97]);
-    r[98] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[97]); t = (sp_int_digit)(a[96]);
-    r[97] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[96]); t = (sp_int_digit)(a[95]);
-    r[96] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[95]); t = (sp_int_digit)(a[94]);
-    r[95] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[94]); t = (sp_int_digit)(a[93]);
-    r[94] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[93]); t = (sp_int_digit)(a[92]);
-    r[93] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[92]); t = (sp_int_digit)(a[91]);
-    r[92] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[91]); t = (sp_int_digit)(a[90]);
-    r[91] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[90]); t = (sp_int_digit)(a[89]);
-    r[90] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[89]); t = (sp_int_digit)(a[88]);
-    r[89] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[88]); t = (sp_int_digit)(a[87]);
-    r[88] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[87]); t = (sp_int_digit)(a[86]);
-    r[87] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[86]); t = (sp_int_digit)(a[85]);
-    r[86] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[85]); t = (sp_int_digit)(a[84]);
-    r[85] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[84]); t = (sp_int_digit)(a[83]);
-    r[84] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[83]); t = (sp_int_digit)(a[82]);
-    r[83] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[82]); t = (sp_int_digit)(a[81]);
-    r[82] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[81]); t = (sp_int_digit)(a[80]);
-    r[81] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[80]); t = (sp_int_digit)(a[79]);
-    r[80] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[79]); t = (sp_int_digit)(a[78]);
-    r[79] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[78]); t = (sp_int_digit)(a[77]);
-    r[78] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[77]); t = (sp_int_digit)(a[76]);
-    r[77] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[76]); t = (sp_int_digit)(a[75]);
-    r[76] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[75]); t = (sp_int_digit)(a[74]);
-    r[75] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[74]); t = (sp_int_digit)(a[73]);
-    r[74] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[73]); t = (sp_int_digit)(a[72]);
-    r[73] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[72]); t = (sp_int_digit)(a[71]);
-    r[72] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[71]); t = (sp_int_digit)(a[70]);
-    r[71] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[70]); t = (sp_int_digit)(a[69]);
-    r[70] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[69]); t = (sp_int_digit)(a[68]);
-    r[69] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[68]); t = (sp_int_digit)(a[67]);
-    r[68] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[67]); t = (sp_int_digit)(a[66]);
-    r[67] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[66]); t = (sp_int_digit)(a[65]);
-    r[66] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[65]); t = (sp_int_digit)(a[64]);
-    r[65] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[64]); t = (sp_int_digit)(a[63]);
-    r[64] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[63]); t = (sp_int_digit)(a[62]);
-    r[63] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[62]); t = (sp_int_digit)(a[61]);
-    r[62] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[61]); t = (sp_int_digit)(a[60]);
-    r[61] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[60]); t = (sp_int_digit)(a[59]);
-    r[60] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[59]); t = (sp_int_digit)(a[58]);
-    r[59] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[58]); t = (sp_int_digit)(a[57]);
-    r[58] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[57]); t = (sp_int_digit)(a[56]);
-    r[57] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[56]); t = (sp_int_digit)(a[55]);
-    r[56] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[55]); t = (sp_int_digit)(a[54]);
-    r[55] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[54]); t = (sp_int_digit)(a[53]);
-    r[54] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[53]); t = (sp_int_digit)(a[52]);
-    r[53] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[52]); t = (sp_int_digit)(a[51]);
-    r[52] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[51]); t = (sp_int_digit)(a[50]);
-    r[51] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[50]); t = (sp_int_digit)(a[49]);
-    r[50] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[49]); t = (sp_int_digit)(a[48]);
-    r[49] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[48]); t = (sp_int_digit)(a[47]);
-    r[48] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[47]); t = (sp_int_digit)(a[46]);
-    r[47] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[46]); t = (sp_int_digit)(a[45]);
-    r[46] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[45]); t = (sp_int_digit)(a[44]);
-    r[45] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[44]); t = (sp_int_digit)(a[43]);
-    r[44] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[43]); t = (sp_int_digit)(a[42]);
-    r[43] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[42]); t = (sp_int_digit)(a[41]);
-    r[42] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[41]); t = (sp_int_digit)(a[40]);
-    r[41] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[40]); t = (sp_int_digit)(a[39]);
-    r[40] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[39]); t = (sp_int_digit)(a[38]);
-    r[39] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[38]); t = (sp_int_digit)(a[37]);
-    r[38] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[37]); t = (sp_int_digit)(a[36]);
-    r[37] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[36]); t = (sp_int_digit)(a[35]);
-    r[36] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    r[0] = (sp_digit)((a[0] << n) & 0x3ffffff);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_162(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 487);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 487, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 324;
-        XMEMSET(td, 0, sizeof(sp_digit) * 487);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_162(norm, m);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 25) / 26) - 1;
-        c = bits % 26;
-        if (c == 0) {
-            c = 26;
-        }
-        if (i < 162) {
-            n = e[i--] << (32 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (6 - c);
-            c += 26;
-        }
-        y = (int)((n >> 28) & 0xf);
-        n <<= 4;
-        c -= 4;
-        sp_4096_lshift_162(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 6;
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c = 22;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n = e[i--] << 6;
-                c = 4 - c;
-                y |= (byte)((n >> (32 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 26 - c;
-            }
-
-            sp_4096_mont_sqr_162(r, r, m, mp);
-            sp_4096_mont_sqr_162(r, r, m, mp);
-            sp_4096_mont_sqr_162(r, r, m, mp);
-            sp_4096_mont_sqr_162(r, r, m, mp);
-
-            sp_4096_lshift_162(r, r, (byte)y);
-            sp_4096_mul_d_162(tmp, norm, (r[158] << 12) + (r[157] >> 14));
-            r[158] = 0;
-            r[157] &= 0x3fffL;
-            (void)sp_4096_add_162(r, r, tmp);
-            sp_4096_norm_162(r);
-            o = sp_4096_cmp_162(r, m);
-            sp_4096_cond_sub_162(r, r, m, ~(o >> 31));
-        }
-
-        sp_4096_mont_reduce_162(r, m, mp);
-        n = sp_4096_cmp_162(r, m);
-        sp_4096_cond_sub_162(r, r, m, (sp_digit)~(n >> 31));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 162 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 162 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 162 * 2;
-        m = e + 162;
-        r = b;
-
-        sp_4096_from_mp(b, 162, base);
-        sp_4096_from_bin(e, 162, exp, expLen);
-        sp_4096_from_mp(m, 162, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2U &&
-                ((m[157] << 2) | (m[156] >> 24)) == 0xffffL) {
-            err = sp_4096_mod_exp_2_162(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_4096_mod_exp_162(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_4096
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_162(r, out);
-        *outLen = 512;
-        for (i=0; i<512U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 162U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 9];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 9];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 9];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[9] = {
-    0x1fffffff,0x1fffffff,0x1fffffff,0x000001ff,0x00000000,0x00000000,
-    0x00040000,0x1fe00000,0x00ffffff
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[9] = {
-    0x00000001,0x00000000,0x00000000,0x1ffffe00,0x1fffffff,0x1fffffff,
-    0x1ffbffff,0x001fffff,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x0000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[9] = {
-    0x1c632551,0x1dce5617,0x05e7a13c,0x0df55b4e,0x1ffffbce,0x1fffffff,
-    0x0003ffff,0x1fe00000,0x00ffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[9] = {
-    0x1c63254f,0x1dce5617,0x05e7a13c,0x0df55b4e,0x1ffffbce,0x1fffffff,
-    0x0003ffff,0x1fe00000,0x00ffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[9] = {
-    0x039cdaaf,0x0231a9e8,0x1a185ec3,0x120aa4b1,0x00000431,0x00000000,
-    0x1ffc0000,0x001fffff,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0xe00bc4f;
-#endif
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0x1898c296,0x0509ca2e,0x1acce83d,0x06fb025b,0x040f2770,0x1372b1d2,
-        0x091fe2f3,0x1e5c2588,0x006b17d1,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x17bf51f5,0x1db20341,0x0c57b3b2,0x1c66aed6,0x19e162bc,0x15a53e07,
-        0x1e6e3b9f,0x1c5fc34f,0x004fe342,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[9] = {
-    0x07d2604b,0x1e71e1f1,0x14ec3d8e,0x1a0d6198,0x086bc651,0x1eaabb4c,
-    0x0f9ecfae,0x1b154752,0x005ac635
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[8]) * b[8];
-    r[17] = (sp_digit)(c >> 29);
-    c &= 0x1fffffff;
-    for (k = 15; k >= 0; k--) {
-        if (k >= 9) {
-            i = k - 8;
-            imax = 8;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint64)a[i]) * b[k - i];
-        }
-        c += lo >> 29;
-        r[k + 2] += (sp_digit)(c >> 29);
-        r[k + 1]  = (sp_digit)(c & 0x1fffffff);
-        c = lo & 0x1fffffff;
-    }
-    r[0] = (sp_digit)c;
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int64 t0;
-    sp_int64 t1;
-    sp_digit t[9];
-
-    t0 = ((sp_int64)a[ 0]) * b[ 0];
-    t1 = ((sp_int64)a[ 0]) * b[ 1]
-       + ((sp_int64)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 0]) * b[ 2]
-       + ((sp_int64)a[ 1]) * b[ 1]
-       + ((sp_int64)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 0]) * b[ 3]
-       + ((sp_int64)a[ 1]) * b[ 2]
-       + ((sp_int64)a[ 2]) * b[ 1]
-       + ((sp_int64)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 0]) * b[ 4]
-       + ((sp_int64)a[ 1]) * b[ 3]
-       + ((sp_int64)a[ 2]) * b[ 2]
-       + ((sp_int64)a[ 3]) * b[ 1]
-       + ((sp_int64)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 0]) * b[ 5]
-       + ((sp_int64)a[ 1]) * b[ 4]
-       + ((sp_int64)a[ 2]) * b[ 3]
-       + ((sp_int64)a[ 3]) * b[ 2]
-       + ((sp_int64)a[ 4]) * b[ 1]
-       + ((sp_int64)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 0]) * b[ 6]
-       + ((sp_int64)a[ 1]) * b[ 5]
-       + ((sp_int64)a[ 2]) * b[ 4]
-       + ((sp_int64)a[ 3]) * b[ 3]
-       + ((sp_int64)a[ 4]) * b[ 2]
-       + ((sp_int64)a[ 5]) * b[ 1]
-       + ((sp_int64)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 0]) * b[ 7]
-       + ((sp_int64)a[ 1]) * b[ 6]
-       + ((sp_int64)a[ 2]) * b[ 5]
-       + ((sp_int64)a[ 3]) * b[ 4]
-       + ((sp_int64)a[ 4]) * b[ 3]
-       + ((sp_int64)a[ 5]) * b[ 2]
-       + ((sp_int64)a[ 6]) * b[ 1]
-       + ((sp_int64)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 0]) * b[ 8]
-       + ((sp_int64)a[ 1]) * b[ 7]
-       + ((sp_int64)a[ 2]) * b[ 6]
-       + ((sp_int64)a[ 3]) * b[ 5]
-       + ((sp_int64)a[ 4]) * b[ 4]
-       + ((sp_int64)a[ 5]) * b[ 3]
-       + ((sp_int64)a[ 6]) * b[ 2]
-       + ((sp_int64)a[ 7]) * b[ 1]
-       + ((sp_int64)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 1]) * b[ 8]
-       + ((sp_int64)a[ 2]) * b[ 7]
-       + ((sp_int64)a[ 3]) * b[ 6]
-       + ((sp_int64)a[ 4]) * b[ 5]
-       + ((sp_int64)a[ 5]) * b[ 4]
-       + ((sp_int64)a[ 6]) * b[ 3]
-       + ((sp_int64)a[ 7]) * b[ 2]
-       + ((sp_int64)a[ 8]) * b[ 1];
-    t[ 8] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 2]) * b[ 8]
-       + ((sp_int64)a[ 3]) * b[ 7]
-       + ((sp_int64)a[ 4]) * b[ 6]
-       + ((sp_int64)a[ 5]) * b[ 5]
-       + ((sp_int64)a[ 6]) * b[ 4]
-       + ((sp_int64)a[ 7]) * b[ 3]
-       + ((sp_int64)a[ 8]) * b[ 2];
-    r[ 9] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 3]) * b[ 8]
-       + ((sp_int64)a[ 4]) * b[ 7]
-       + ((sp_int64)a[ 5]) * b[ 6]
-       + ((sp_int64)a[ 6]) * b[ 5]
-       + ((sp_int64)a[ 7]) * b[ 4]
-       + ((sp_int64)a[ 8]) * b[ 3];
-    r[10] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 4]) * b[ 8]
-       + ((sp_int64)a[ 5]) * b[ 7]
-       + ((sp_int64)a[ 6]) * b[ 6]
-       + ((sp_int64)a[ 7]) * b[ 5]
-       + ((sp_int64)a[ 8]) * b[ 4];
-    r[11] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 5]) * b[ 8]
-       + ((sp_int64)a[ 6]) * b[ 7]
-       + ((sp_int64)a[ 7]) * b[ 6]
-       + ((sp_int64)a[ 8]) * b[ 5];
-    r[12] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 6]) * b[ 8]
-       + ((sp_int64)a[ 7]) * b[ 7]
-       + ((sp_int64)a[ 8]) * b[ 6];
-    r[13] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = ((sp_int64)a[ 7]) * b[ 8]
-       + ((sp_int64)a[ 8]) * b[ 7];
-    r[14] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = ((sp_int64)a[ 8]) * b[ 8];
-    r[15] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    r[16] = (sp_digit)(t0 & 0x1fffffff);
-    r[17] = (sp_digit)(t0 >> 29);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[8]) * a[8];
-    r[17] = (sp_digit)(c >> 29);
-    c = (c & 0x1fffffff) << 29;
-    for (k = 15; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 8) {
-            imax = k;
-        }
-        else {
-            imax = 8;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint64)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 58);
-        r[k + 1]  = (sp_digit)((c >> 29) & 0x1fffffff);
-        c = (c & 0x1fffffff) << 29;
-    }
-    r[0] = (sp_digit)(c >> 29);
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_int64 t0;
-    sp_int64 t1;
-    sp_digit t[9];
-
-    t0 =  ((sp_int64)a[ 0]) * a[ 0];
-    t1 = (((sp_int64)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 0]) * a[ 2]) * 2
-       +  ((sp_int64)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 0]) * a[ 3]
-       +  ((sp_int64)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 0]) * a[ 4]
-       +  ((sp_int64)a[ 1]) * a[ 3]) * 2
-       +  ((sp_int64)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 0]) * a[ 5]
-       +  ((sp_int64)a[ 1]) * a[ 4]
-       +  ((sp_int64)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 0]) * a[ 6]
-       +  ((sp_int64)a[ 1]) * a[ 5]
-       +  ((sp_int64)a[ 2]) * a[ 4]) * 2
-       +  ((sp_int64)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 0]) * a[ 7]
-       +  ((sp_int64)a[ 1]) * a[ 6]
-       +  ((sp_int64)a[ 2]) * a[ 5]
-       +  ((sp_int64)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 0]) * a[ 8]
-       +  ((sp_int64)a[ 1]) * a[ 7]
-       +  ((sp_int64)a[ 2]) * a[ 6]
-       +  ((sp_int64)a[ 3]) * a[ 5]) * 2
-       +  ((sp_int64)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 1]) * a[ 8]
-       +  ((sp_int64)a[ 2]) * a[ 7]
-       +  ((sp_int64)a[ 3]) * a[ 6]
-       +  ((sp_int64)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 2]) * a[ 8]
-       +  ((sp_int64)a[ 3]) * a[ 7]
-       +  ((sp_int64)a[ 4]) * a[ 6]) * 2
-       +  ((sp_int64)a[ 5]) * a[ 5];
-    r[ 9] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 3]) * a[ 8]
-       +  ((sp_int64)a[ 4]) * a[ 7]
-       +  ((sp_int64)a[ 5]) * a[ 6]) * 2;
-    r[10] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 4]) * a[ 8]
-       +  ((sp_int64)a[ 5]) * a[ 7]) * 2
-       +  ((sp_int64)a[ 6]) * a[ 6];
-    r[11] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 5]) * a[ 8]
-       +  ((sp_int64)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 = (((sp_int64)a[ 6]) * a[ 8]) * 2
-       +  ((sp_int64)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    t1 = (((sp_int64)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x1fffffff); t1 += t0 >> 29;
-    t0 =  ((sp_int64)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x1fffffff); t0 += t1 >> 29;
-    r[16] = (sp_digit)(t0 & 0x1fffffff);
-    r[17] = (sp_digit)(t0 >> 29);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] - b[ 0];
-    r[ 1] = a[ 1] - b[ 1];
-    r[ 2] = a[ 2] - b[ 2];
-    r[ 3] = a[ 3] - b[ 3];
-    r[ 4] = a[ 4] - b[ 4];
-    r[ 5] = a[ 5] - b[ 5];
-    r[ 6] = a[ 6] - b[ 6];
-    r[ 7] = a[ 7] - b[ 7];
-    r[ 8] = a[ 8] - b[ 8];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 29
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 28);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 28);
-    }
-#elif DIGIT_BIT > 29
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1fffffff;
-        s = 29U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 29U) <= (word32)DIGIT_BIT) {
-            s += 29U;
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 29) {
-            r[j] &= 0x1fffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 29 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_9(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 9, pm->x);
-    sp_256_from_mp(p->y, 9, pm->y);
-    sp_256_from_mp(p->z, 9, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 29
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 9);
-        r->used = 9;
-        mp_clamp(r);
-#elif DIGIT_BIT < 29
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 29) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 29 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 29 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 29 - s;
-            }
-            else {
-                s += 29;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_9(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_256_cmp_9(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=8; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 28);
-    }
-#else
-    r |= (a[ 8] - b[ 8]) & (0 - (sp_digit)1);
-    r |= (a[ 7] - b[ 7]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 6] - b[ 6]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 5] - b[ 5]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 4] - b[ 4]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 3] - b[ 3]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 2] - b[ 2]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 1] - b[ 1]) & ~(((sp_digit)0 - r) >> 28);
-    r |= (a[ 0] - b[ 0]) & ~(((sp_digit)0 - r) >> 28);
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_256_cond_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    r[ 0] = a[ 0] - (b[ 0] & m);
-    r[ 1] = a[ 1] - (b[ 1] & m);
-    r[ 2] = a[ 2] - (b[ 2] & m);
-    r[ 3] = a[ 3] - (b[ 3] & m);
-    r[ 4] = a[ 4] - (b[ 4] & m);
-    r[ 5] = a[ 5] - (b[ 5] & m);
-    r[ 6] = a[ 6] - (b[ 6] & m);
-    r[ 7] = a[ 7] - (b[ 7] & m);
-    r[ 8] = a[ 8] - (b[ 8] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_256_mul_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifndef WOLFSSL_SP_LARGE_CODE
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        t += r[i];
-        t += tb * a[i];
-        r[i] = ((sp_digit)t) & 0x1fffffff;
-        t >>= 29;
-    }
-    r[9] += (sp_digit)t;
-#else
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 8; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[0]  = t[3] >> 29;
-    }
-    t[0] += (tb * a[8]) + r[8];
-    r[8] = (sp_digit)(t[0] & 0x1fffffff);
-    r[9] +=  (sp_digit)(t[0] >> 29);
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 8; i += 8) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        t[4]  = (tb * a[i+4]) + r[i+4];
-        t[5]  = (tb * a[i+5]) + r[i+5];
-        t[6]  = (tb * a[i+6]) + r[i+6];
-        t[7]  = (tb * a[i+7]) + r[i+7];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffff);
-        t[1] += t[0] >> 29;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffff);
-        t[2] += t[1] >> 29;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffff);
-        t[3] += t[2] >> 29;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffff);
-        t[4] += t[3] >> 29;
-        r[i+4] = (sp_digit)(t[4] & 0x1fffffff);
-        t[5] += t[4] >> 29;
-        r[i+5] = (sp_digit)(t[5] & 0x1fffffff);
-        t[6] += t[5] >> 29;
-        r[i+6] = (sp_digit)(t[6] & 0x1fffffff);
-        t[7] += t[6] >> 29;
-        r[i+7] = (sp_digit)(t[7] & 0x1fffffff);
-        t[0]  = t[7] >> 29;
-    }
-    t[0] += (tb * a[8]) + r[8];
-    r[8] = (sp_digit)(t[0] & 0x1fffffff);
-    r[9] +=  (sp_digit)(t[0] >> 29);
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* !WOLFSSL_SP_LARGE_CODE */
-}
-
-/* Normalize the values in each word to 29 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_256_norm_9(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 8; i++) {
-        a[i+1] += a[i] >> 29;
-        a[i] &= 0x1fffffff;
-    }
-#else
-    a[1] += a[0] >> 29; a[0] &= 0x1fffffff;
-    a[2] += a[1] >> 29; a[1] &= 0x1fffffff;
-    a[3] += a[2] >> 29; a[2] &= 0x1fffffff;
-    a[4] += a[3] >> 29; a[3] &= 0x1fffffff;
-    a[5] += a[4] >> 29; a[4] &= 0x1fffffff;
-    a[6] += a[5] >> 29; a[5] &= 0x1fffffff;
-    a[7] += a[6] >> 29; a[6] &= 0x1fffffff;
-    a[8] += a[7] >> 29; a[7] &= 0x1fffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 256 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_256_mont_shift_9(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_int64 n = a[8] >> 24;
-    n += ((sp_int64)a[9]) << 5;
-
-    for (i = 0; i < 8; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffff);
-        n >>= 29;
-        n += ((sp_int64)a[10 + i]) << 5;
-    }
-    r[8] = (sp_digit)n;
-#else
-    sp_int64 n = a[8] >> 24;
-    n += ((sp_int64)a[9]) << 5;
-    r[ 0] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[10]) << 5;
-    r[ 1] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[11]) << 5;
-    r[ 2] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[12]) << 5;
-    r[ 3] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[13]) << 5;
-    r[ 4] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[14]) << 5;
-    r[ 5] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[15]) << 5;
-    r[ 6] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[16]) << 5;
-    r[ 7] = (sp_digit)(n & 0x1fffffff); n >>= 29; n += ((sp_int64)a[17]) << 5;
-    r[8] = (sp_digit)n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[9], 0, sizeof(*r) * 9U);
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_256_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_256_norm_9(a + 9);
-
-    for (i=0; i<8; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffff);
-        sp_256_mul_add_9(a+i, m, mu);
-        a[i+1] += a[i] >> 29;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xffffffL);
-    sp_256_mul_add_9(a+i, m, mu);
-    a[i+1] += a[i] >> 29;
-    a[i] &= 0x1fffffff;
-    sp_256_mont_shift_9(a, a);
-    over = a[8] >> 24;
-    sp_256_cond_sub_9(a, a, m, ~((over - 1) >> 31));
-    sp_256_norm_9(a);
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit am;
-
-    (void)m;
-    (void)mp;
-
-    for (i = 0; i < 8; i++) {
-        am = (sp_digit)(a[i] & 0x1fffffff);
-        a[i + 3] += (sp_digit)((am << 9) & 0x1fffffff);
-        a[i + 4] += am >> 20;
-        a[i + 6] += (sp_digit)((am << 18) & 0x1fffffff);
-        a[i + 7] += (am >> 11) - (sp_digit)((am << 21) & 0x1fffffff);
-        a[i + 8] += -(am >> 8) + (sp_digit)((am << 24) & 0x1fffffff);
-        a[i + 9] += am >> 5;
-
-        a[i + 1] += a[i] >> 29;
-    }
-    am = (sp_digit)(a[8] & 0xffffff);
-    a[8 + 3] += (sp_digit)((am << 9) & 0x1fffffff);
-    a[8 + 4] += am >> 20;
-    a[8 + 6] += (sp_digit)((am << 18) & 0x1fffffff);
-    a[8 + 7] += (am >> 11) - (sp_digit)((am << 21) & 0x1fffffff);
-    a[8 + 8] += -(am >> 8) + (sp_digit)((am << 24) & 0x1fffffff);
-    a[8 + 9] += am >> 5;
-
-    a[0] = (a[ 8] >> 24) + (sp_digit)((a[ 9] << 5) & 0x1fffffff);
-    a[1] = (a[ 9] >> 24) + (sp_digit)((a[10] << 5) & 0x1fffffff);
-    a[2] = (a[10] >> 24) + (sp_digit)((a[11] << 5) & 0x1fffffff);
-    a[3] = (a[11] >> 24) + (sp_digit)((a[12] << 5) & 0x1fffffff);
-    a[4] = (a[12] >> 24) + (sp_digit)((a[13] << 5) & 0x1fffffff);
-    a[5] = (a[13] >> 24) + (sp_digit)((a[14] << 5) & 0x1fffffff);
-    a[6] = (a[14] >> 24) + (sp_digit)((a[15] << 5) & 0x1fffffff);
-    a[7] = (a[15] >> 24) + (sp_digit)((a[16] << 5) & 0x1fffffff);
-    a[8] = (a[16] >> 24) +  (a[17] << 5);
-
-    a[1] += a[0] >> 29; a[0] &= 0x1fffffff;
-    a[2] += a[1] >> 29; a[1] &= 0x1fffffff;
-    a[3] += a[2] >> 29; a[2] &= 0x1fffffff;
-    a[4] += a[3] >> 29; a[3] &= 0x1fffffff;
-    a[5] += a[4] >> 29; a[4] &= 0x1fffffff;
-    a[6] += a[5] >> 29; a[5] &= 0x1fffffff;
-    a[7] += a[6] >> 29; a[6] &= 0x1fffffff;
-    a[8] += a[7] >> 29; a[7] &= 0x1fffffff;
-
-    /* Get the bit over, if any. */
-    am = a[8] >> 24;
-    /* Create mask. */
-    am = 0 - am;
-
-    a[0] -= (sp_digit)(0x1fffffff & am);
-    a[1] -= (sp_digit)(0x1fffffff & am);
-    a[2] -= (sp_digit)(0x1fffffff & am);
-    a[3] -= (sp_digit)(0x000001ff & am);
-    /* p256_mod[4] is zero */
-    /* p256_mod[5] is zero */
-    a[6] -= (sp_digit)(0x00040000 & am);
-    a[7] -= (sp_digit)(0x1fe00000 & am);
-    a[8] -= (sp_digit)(0x00ffffff & am);
-
-    a[1] += a[0] >> 29; a[0] &= 0x1fffffff;
-    a[2] += a[1] >> 29; a[1] &= 0x1fffffff;
-    a[3] += a[2] >> 29; a[2] &= 0x1fffffff;
-    a[4] += a[3] >> 29; a[3] &= 0x1fffffff;
-    a[5] += a[4] >> 29; a[4] &= 0x1fffffff;
-    a[6] += a[5] >> 29; a[5] &= 0x1fffffff;
-    a[7] += a[6] >> 29; a[6] &= 0x1fffffff;
-    a[8] += a[7] >> 29; a[7] &= 0x1fffffff;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mul_9(r, a, b);
-    sp_256_mont_reduce_9(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_256_sqr_9(r, a);
-    sp_256_mont_reduce_9(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_9(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_9(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_9(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word32 p256_mod_minus_2[8] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0x00000000U,0x00000000U,0x00000000U,
-    0x00000001U,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_9(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_256_mont_mul_9(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-    /* 0x2 */
-    sp_256_mont_sqr_9(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_9(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_9(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_9(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_9(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_9(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_9(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_9(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_9(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_9(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_9(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_9(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_9(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_9(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_9(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_9(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_9(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_9(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_9(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_9(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_9(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_9(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_int32 n;
-
-    sp_256_mont_inv_9(t1, p->z, t + 2*9);
-
-    sp_256_mont_sqr_9(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_9(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 9, 0, sizeof(sp_digit) * 9U);
-    sp_256_mont_reduce_9(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_9(r->x, p256_mod);
-    sp_256_cond_sub_9(r->x, r->x, p256_mod, (sp_digit)~(n >> 28));
-    sp_256_norm_9(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_9(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 9, 0, sizeof(sp_digit) * 9U);
-    sp_256_mont_reduce_9(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_9(r->y, p256_mod);
-    sp_256_cond_sub_9(r->y, r->y, p256_mod, (sp_digit)~(n >> 28));
-    sp_256_norm_9(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_256_add_9(r, a, b);
-    sp_256_norm_9(r);
-    over = r[8] >> 24;
-    sp_256_cond_sub_9(r, r, m, ~((over - 1) >> 31));
-    sp_256_norm_9(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_256_add_9(r, a, a);
-    sp_256_norm_9(r);
-    over = r[8] >> 24;
-    sp_256_cond_sub_9(r, r, m, ~((over - 1) >> 31));
-    sp_256_norm_9(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_256_add_9(r, a, a);
-    sp_256_norm_9(r);
-    over = r[8] >> 24;
-    sp_256_cond_sub_9(r, r, m, ~((over - 1) >> 31));
-    sp_256_norm_9(r);
-    (void)sp_256_add_9(r, r, a);
-    sp_256_norm_9(r);
-    over = r[8] >> 24;
-    sp_256_cond_sub_9(r, r, m, ~((over - 1) >> 31));
-    sp_256_norm_9(r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_256_cond_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_256_cond_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    r[ 0] = a[ 0] + (b[ 0] & m);
-    r[ 1] = a[ 1] + (b[ 1] & m);
-    r[ 2] = a[ 2] + (b[ 2] & m);
-    r[ 3] = a[ 3] + (b[ 3] & m);
-    r[ 4] = a[ 4] + (b[ 4] & m);
-    r[ 5] = a[ 5] + (b[ 5] & m);
-    r[ 6] = a[ 6] + (b[ 6] & m);
-    r[ 7] = a[ 7] + (b[ 7] & m);
-    r[ 8] = a[ 8] + (b[ 8] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_256_sub_9(r, a, b);
-    sp_256_norm_9(r);
-    sp_256_cond_add_9(r, r, m, r[8] >> 24);
-    sp_256_norm_9(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_256_rshift1_9(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 28) & 0x1fffffff);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 28) & 0x1fffffff);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 28) & 0x1fffffff);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 28) & 0x1fffffff);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 28) & 0x1fffffff);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 28) & 0x1fffffff);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 28) & 0x1fffffff);
-    r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 28) & 0x1fffffff);
-    r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 28) & 0x1fffffff);
-#endif
-    r[8] = a[8] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_256_mont_div2_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_256_cond_add_9(r, a, m, 0 - (a[0] & 1));
-    sp_256_norm_9(r);
-    sp_256_rshift1_9(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_9(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_9(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_9(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_9(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_9(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_9(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_9(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_9(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_9(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_9(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_9(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_9(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_9(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_9(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_9(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_9(x, x, y, p256_mod);
-    /* Y = Y - X */
-    sp_256_mont_sub_9(y, y, x, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_9(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_9(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_9_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_9_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_9_ctx* ctx = (sp_256_proj_point_dbl_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_9(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_9(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_9(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_9(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_9(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_9(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_9(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_9(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_9(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_9(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_9(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_9(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_9(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_9(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_9(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_9(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_9(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_9(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_9(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_9(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_9(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*9;
-    sp_digit* t2 = t + 4*9;
-    sp_digit* t3 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_9(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_9(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_9(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_9(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_9(t2, t1) &
-            sp_256_cmp_equal_9(t4, t3)) {
-        sp_256_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_9(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_9(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_9(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_9(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_9(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(x, x, t5, p256_mod);
-        sp_256_mont_mul_9(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_9(t3, y, p256_mod);
-        sp_256_mont_sub_9(x, x, t3, p256_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_9(y, y, x, p256_mod);
-        sp_256_mont_mul_9(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_9_ctx {
-    int state;
-    sp_256_proj_point_dbl_9_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_9_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_9_ctx* ctx = (sp_256_proj_point_add_9_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*9;
-        ctx->t2 = t + 4*9;
-        ctx->t3 = t + 6*9;
-        ctx->t4 = t + 8*9;
-        ctx->t5 = t + 10*9;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_9(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_9(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_9(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_9(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_9(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_9(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_9(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_9(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_9(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_9(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_9(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_9(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_9(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_9(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_9(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_9(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_9(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_9(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_9(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_9(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_9(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_256_mont_dbl_9(ctx->t3, ctx->y, p256_mod);
-        sp_256_mont_sub_9(ctx->x, ctx->x, ctx->t3, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_9(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_9(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_9(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 2 * 8);
-    int64_t* a32 = NULL;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 2 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        a32 = t + 8;
-
-        a32[0] = a[0];
-        a32[0] |= (int64_t)a[1] << 29U;
-        a32[0] &= 0xffffffffL;
-        a32[1] = (a[1] >> 3);
-        a32[1] |= (int64_t)a[2] << 26U;
-        a32[1] &= 0xffffffffL;
-        a32[2] = (a[2] >> 6);
-        a32[2] |= (int64_t)a[3] << 23U;
-        a32[2] &= 0xffffffffL;
-        a32[3] = (a[3] >> 9);
-        a32[3] |= (int64_t)a[4] << 20U;
-        a32[3] &= 0xffffffffL;
-        a32[4] = (a[4] >> 12);
-        a32[4] |= (int64_t)a[5] << 17U;
-        a32[4] &= 0xffffffffL;
-        a32[5] = (a[5] >> 15);
-        a32[5] |= (int64_t)a[6] << 14U;
-        a32[5] &= 0xffffffffL;
-        a32[6] = (a[6] >> 18);
-        a32[6] |= (int64_t)a[7] << 11U;
-        a32[6] &= 0xffffffffL;
-        a32[7] = (a[7] >> 21);
-        a32[7] |= (int64_t)a[8] << 8U;
-        a32[7] &= 0xffffffffL;
-
-        /*  1  1  0 -1 -1 -1 -1  0 */
-        t[0] = 0 + a32[0] + a32[1] - a32[3] - a32[4] - a32[5] - a32[6];
-        /*  0  1  1  0 -1 -1 -1 -1 */
-        t[1] = 0 + a32[1] + a32[2] - a32[4] - a32[5] - a32[6] - a32[7];
-        /*  0  0  1  1  0 -1 -1 -1 */
-        t[2] = 0 + a32[2] + a32[3] - a32[5] - a32[6] - a32[7];
-        /* -1 -1  0  2  2  1  0 -1 */
-        t[3] = 0 - a32[0] - a32[1] + 2 * a32[3] + 2 * a32[4] + a32[5] - a32[7];
-        /*  0 -1 -1  0  2  2  1  0 */
-        t[4] = 0 - a32[1] - a32[2] + 2 * a32[4] + 2 * a32[5] + a32[6];
-        /*  0  0 -1 -1  0  2  2  1 */
-        t[5] = 0 - a32[2] - a32[3] + 2 * a32[5] + 2 * a32[6] + a32[7];
-        /* -1 -1  0  0  0  1  3  2 */
-        t[6] = 0 - a32[0] - a32[1] + a32[5] + 3 * a32[6] + 2 * a32[7];
-        /*  1  0 -1 -1 -1 -1  0  3 */
-        t[7] = 0 + a32[0] - a32[2] - a32[3] - a32[4] - a32[5] + 3 * a32[7];
-
-        t[1] += t[0] >> 32U; t[0] &= 0xffffffffL;
-        t[2] += t[1] >> 32U; t[1] &= 0xffffffffL;
-        t[3] += t[2] >> 32U; t[2] &= 0xffffffffL;
-        t[4] += t[3] >> 32U; t[3] &= 0xffffffffL;
-        t[5] += t[4] >> 32U; t[4] &= 0xffffffffL;
-        t[6] += t[5] >> 32U; t[5] &= 0xffffffffL;
-        t[7] += t[6] >> 32U; t[6] &= 0xffffffffL;
-        o     = t[7] >> 32U; t[7] &= 0xffffffffL;
-        t[0] += o;
-        t[3] -= o;
-        t[6] -= o;
-        t[7] += o;
-        t[1] += t[0] >> 32U; t[0] &= 0xffffffffL;
-        t[2] += t[1] >> 32U; t[1] &= 0xffffffffL;
-        t[3] += t[2] >> 32U; t[2] &= 0xffffffffL;
-        t[4] += t[3] >> 32U; t[3] &= 0xffffffffL;
-        t[5] += t[4] >> 32U; t[4] &= 0xffffffffL;
-        t[6] += t[5] >> 32U; t[5] &= 0xffffffffL;
-        t[7] += t[6] >> 32U; t[6] &= 0xffffffffL;
-
-        r[0] = (sp_digit)(t[0]) & 0x1fffffffL;
-        r[1] = (sp_digit)(t[0] >> 29U);
-        r[1] |= (sp_digit)(t[1] << 3U);
-        r[1] &= 0x1fffffffL;
-        r[2] = (sp_digit)(t[1] >> 26U);
-        r[2] |= (sp_digit)(t[2] << 6U);
-        r[2] &= 0x1fffffffL;
-        r[3] = (sp_digit)(t[2] >> 23U);
-        r[3] |= (sp_digit)(t[3] << 9U);
-        r[3] &= 0x1fffffffL;
-        r[4] = (sp_digit)(t[3] >> 20U);
-        r[4] |= (sp_digit)(t[4] << 12U);
-        r[4] &= 0x1fffffffL;
-        r[5] = (sp_digit)(t[4] >> 17U);
-        r[5] |= (sp_digit)(t[5] << 15U);
-        r[5] &= 0x1fffffffL;
-        r[6] = (sp_digit)(t[5] >> 14U);
-        r[6] |= (sp_digit)(t[6] << 18U);
-        r[6] &= 0x1fffffffL;
-        r[7] = (sp_digit)(t[6] >> 11U);
-        r[7] |= (sp_digit)(t[7] << 21U);
-        r[7] &= 0x1fffffffL;
-        r[8] = (sp_digit)(t[7] >> 8U);
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 256 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_256) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_9(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_9(t[1].y, g->y, p256_mod);
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_9(t[1].z, g->z, p256_mod);
-
-    if (err == MP_OKAY) {
-        i = 8;
-        c = 24;
-        n = k[i--] << (29 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 29;
-            }
-
-            y = (n >> 28) & 1;
-            n <<= 1;
-
-            sp_256_proj_point_add_9(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_256));
-            sp_256_proj_point_dbl_9(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_256));
-        }
-
-        if (map != 0) {
-            sp_256_map_9(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_ecc_mulmod_9_ctx {
-    int state;
-    union {
-        sp_256_proj_point_dbl_9_ctx dbl_ctx;
-        sp_256_proj_point_add_9_ctx add_ctx;
-    };
-    sp_point_256 t[3];
-    sp_digit tmp[2 * 9 * 6];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_256_ecc_mulmod_9_ctx;
-
-static int sp_256_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_ecc_mulmod_9_ctx* ctx = (sp_256_ecc_mulmod_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_ecc_mulmod_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_256) * 3);
-        ctx->i = 8;
-        ctx->c = 24;
-        ctx->n = k[ctx->i--] << (29 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_9(ctx->t[1].x, g->x, p256_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_256_mod_mul_norm_9(ctx->t[1].y, g->y, p256_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_256_mod_mul_norm_9(ctx->t[1].z, g->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 29;
-        }
-        ctx->y = (ctx->n >> 28) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_256_proj_point_add_9_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_256));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_256_proj_point_dbl_9_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_256));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_256_map_9(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_256));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[9];
-    sp_digit y[9];
-} sp_table_entry_256;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_256_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[9];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 9; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    t[ 7] = r[ 7] ^ a[ 7];
-    t[ 8] = r[ 8] ^ a[ 8];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-    r[ 7] ^= t[ 7] & m;
-    r[ 8] ^= t[ 8] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_9(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_9(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_9(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_9(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_9(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_9(t2, b, p256_mod);
-        sp_256_mont_sub_9(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_9(t2, b, x, p256_mod);
-        sp_256_mont_dbl_9(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_9(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_9(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_9(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_9(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_9(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_9(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_9(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_dbl_9(t2, b, p256_mod);
-    sp_256_mont_sub_9(x, x, t2, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_sub_9(t2, b, x, p256_mod);
-    sp_256_mont_dbl_9(b, t2, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_9(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_9(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_9(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_9(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_9(y, y, p256_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
-        const sp_point_256* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<9; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<9; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<9; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_9(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_9(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_9(w, w, p256_mod, p256_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_9(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_9(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_9(t2, b, p256_mod);
-        sp_256_mont_sub_9(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_9(t2, b, x, p256_mod);
-        sp_256_mont_dbl_9(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_9(r[j].z, z, y, p256_mod, p256_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_9(t1, t1, p256_mod, p256_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_9(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_9(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(y, y, t1, p256_mod);
-        /* Y = Y/2 */
-        sp_256_mont_div2_9(r[j].y, y, p256_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_256_proj_point_add_sub_9(sp_point_256* ra,
-        sp_point_256* rs, const sp_point_256* p, const sp_point_256* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_9(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t1, t1, xa, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_9(t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t4, t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_9(t3, t3, ya, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_9(t4, t4, q->y, p256_mod, p256_mp_mod);
-    /* H = U2 - U1 */
-    sp_256_mont_sub_9(t2, t2, t1, p256_mod);
-    /* RS = S2 + S1 */
-    sp_256_mont_add_9(t6, t4, t3, p256_mod);
-    /* R = S2 - S1 */
-    sp_256_mont_sub_9(t4, t4, t3, p256_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_256_mont_mul_9(za, za, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(za, za, t2, p256_mod, p256_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_256_mont_sqr_9(xa, t4, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_9(xs, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_9(t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(ya, t1, t5, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t5, t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_9(xa, xa, t5, p256_mod);
-    sp_256_mont_sub_9(xs, xs, t5, p256_mod);
-    sp_256_mont_dbl_9(t1, ya, p256_mod);
-    sp_256_mont_sub_9(xa, xa, t1, p256_mod);
-    sp_256_mont_sub_9(xs, xs, t1, p256_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_9(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_9(ya, ya, xa, p256_mod);
-    sp_256_mont_mul_9(ya, ya, t4, p256_mod, p256_mp_mod);
-    sp_256_sub_9(t6, p256_mod, t6);
-    sp_256_mont_mul_9(ys, ys, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t5, t5, t3, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_9(ya, ya, t5, p256_mod);
-    sp_256_mont_sub_9(ys, ys, t5, p256_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_256 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_256;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_9_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_9_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<43; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 29) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 29) {
-            n >>= 6;
-            if (++j < 9)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 9) {
-            n = k[j];
-            y |= (word8)((n << (29 - o)) & 0x3f);
-            o -= 23;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_9_6[y];
-        v[i].neg = recode_neg_9_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_point_33_9(sp_point_256* r, const sp_point_256* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_256* rt = NULL;
-    sp_point_256* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_256 v[43];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_9(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_9(t[1].y, g->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_9(t[1].z, g->z, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_256_proj_point_dbl_n_store_9(t, &t[ 1], 5, 1, tmp);
-        sp_256_proj_point_add_9(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[ 6], &t[ 3], tmp);
-        sp_256_proj_point_add_sub_9(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[10], &t[ 5], tmp);
-        sp_256_proj_point_add_sub_9(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[12], &t[ 6], tmp);
-        sp_256_proj_point_dbl_9(&t[14], &t[ 7], tmp);
-        sp_256_proj_point_add_sub_9(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[18], &t[ 9], tmp);
-        sp_256_proj_point_add_sub_9(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[20], &t[10], tmp);
-        sp_256_proj_point_dbl_9(&t[22], &t[11], tmp);
-        sp_256_proj_point_add_sub_9(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[24], &t[12], tmp);
-        sp_256_proj_point_dbl_9(&t[26], &t[13], tmp);
-        sp_256_proj_point_add_sub_9(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_256_proj_point_dbl_9(&t[28], &t[14], tmp);
-        sp_256_proj_point_dbl_9(&t[30], &t[15], tmp);
-        sp_256_proj_point_add_sub_9(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_256_ecc_recode_6_9(k, v);
-
-        i = 42;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_33_9(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_256));
-        }
-        for (--i; i>=0; i--) {
-            sp_256_proj_point_dbl_n_9(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_33_9(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_256));
-            }
-            sp_256_sub_9(negy, p256_mod, p->y);
-            sp_256_norm_9(negy);
-            sp_256_cond_copy_9(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_256_proj_point_add_9(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_256_map_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*9;
-    sp_digit* t6 = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_9(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_9(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_9(p->x, t2) &
-            sp_256_cmp_equal_9(p->y, t4)) {
-        sp_256_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_9(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_9(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_9(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_9(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_9(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(t2, t2, t1, p256_mod);
-        sp_256_mont_dbl_9(t5, t3, p256_mod);
-        sp_256_mont_sub_9(x, t2, t5, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_9(t3, t3, x, p256_mod);
-        sp_256_mont_mul_9(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_9(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 9;
-    sp_digit* tmp = t + 4 * 9;
-
-    sp_256_mont_inv_9(t1, a->z, tmp);
-
-    sp_256_mont_sqr_9(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_9(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_9(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 32 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_9(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_9(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_9(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_9(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_9(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_9(t, 32, tmp);
-            sp_256_proj_to_affine_9(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_9(t, s1, s2, tmp);
-                sp_256_proj_to_affine_9(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_256_9(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_9(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 9 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 31;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 29] >> (x % 29)) & 1) << j);
-            x += 32;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_256_9(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 29] >> (x % 29)) & 1) << j);
-                x += 32;
-            }
-
-            sp_256_proj_point_dbl_9(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_256_9(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_9(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_9(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[9];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[9];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_9(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_9(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_9(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_9(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 9, km);
-        sp_256_point_from_ecc_point_9(point, gm);
-
-            err = sp_256_ecc_mulmod_9(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_256_from_mp(k, 9, km);
-        sp_256_point_from_ecc_point_9(point, gm);
-        sp_256_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_9(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_9(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_9(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_9(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_9(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_9(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_256_ecc_mulmod_9(r, &p256_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_256_ecc_mulmod_base_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_256_ecc_mulmod_9_nb(sp_ctx, r, &p256_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 32 between points.
- */
-static const sp_table_entry_256 p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x0f3986a0,0x1b6d805e,0x152bf8bf,0x0251075b,0x1995bbb1,
-        0x1719e7ed,0x0ed4a6ea,0x0018905f },
-      { 0x0e95560a,0x0f929abe,0x06791737,0x1571c974,0x1f3258b4,0x03446e90,
-        0x16174ba2,0x0304b10b,0x008571ff } },
-    /* 2 */
-    { { 0x0147519a,0x01443012,0x0cdcbc08,0x103d584d,0x1ebc8d09,0x13e553c2,
-        0x03a6a752,0x01bb7beb,0x00d953c5 },
-      { 0x1d590f8f,0x0b1b0e67,0x19b245e7,0x12c4d689,0x164cf72e,0x10881175,
-        0x03cdff65,0x0fd3d651,0x00863ebb } },
-    /* 3 */
-    { { 0x1cdb6485,0x02b5b11a,0x028be5de,0x1e1d445e,0x0300b808,0x0caa27bf,
-        0x0280f9a3,0x0ab6bff0,0x00000760 },
-      { 0x038d2010,0x11a75cdc,0x10dc229d,0x029f7664,0x06606540,0x1e9cc215,
-        0x1b838391,0x0c2686e7,0x00830877 } },
-    /* 4 */
-    { { 0x16a0d2bb,0x1c917e28,0x188d2653,0x1982d834,0x02c8b0d5,0x079d2be3,
-        0x19fe4907,0x0c3fa36c,0x002f5e69 },
-      { 0x15a01797,0x00ae385f,0x05586497,0x01689ac1,0x1db523d2,0x0d9b838f,
-        0x1dec1244,0x02d1ade1,0x00f648f9 } },
-    /* 5 */
-    { { 0x0137bbbc,0x12b3423f,0x1a82fb27,0x088d3d14,0x13463e43,0x13b0bceb,
-        0x0056c710,0x10a267a0,0x005abe02 },
-      { 0x004c7dab,0x15541be6,0x098301e4,0x1b3e9886,0x0cc37573,0x0ab13c73,
-        0x0e0c324c,0x0b6d6dee,0x0094bb72 } },
-    /* 6 */
-    { { 0x120f141c,0x1fcda47b,0x1d6f1d2e,0x13679a5b,0x045c4619,0x1094a088,
-        0x13bf70fd,0x1965efb8,0x00cdd6bb },
-      { 0x0af436fd,0x0533805f,0x04c9afb3,0x08fedb73,0x125226f6,0x13c900a7,
-        0x17d8303e,0x17a97b5c,0x00a361be } },
-    /* 7 */
-    { { 0x197c13c7,0x05512ac2,0x0df0f84a,0x1ac6bea1,0x09d1dc38,0x0d7679e0,
-        0x04b01c0e,0x013896a5,0x00ba12ca },
-      { 0x19f91dfd,0x12047d22,0x1a81fee7,0x0876cd9d,0x00b293af,0x1844cebc,
-        0x1d2c7b3a,0x13ae03fd,0x0053ebb9 } },
-    /* 8 */
-    { { 0x10e63d34,0x1f3f718d,0x1953ead3,0x000ae553,0x1b5a4f46,0x199a6af3,
-        0x00c70124,0x1240daa9,0x008589fb },
-      { 0x0583553a,0x1387ae63,0x1592796a,0x121295c4,0x04652087,0x02838802,
-        0x113f3241,0x0da04a83,0x00ebb069 } },
-    /* 9 */
-    { { 0x0c1647c5,0x10b650ad,0x13d5e651,0x04fa8f89,0x1fbacb81,0x1551bb26,
-        0x168f7199,0x197a364f,0x00eb2820 },
-      { 0x0a87e008,0x0037c6c3,0x08de3ce5,0x1bf53b24,0x0ecb2d87,0x17214066,
-        0x08755bb4,0x136ab4fb,0x001f2828 } },
-    /* 10 */
-    { { 0x1b89da99,0x1dd50601,0x0a1008aa,0x05af3d70,0x005e8a6f,0x1c315c0e,
-        0x158c9e11,0x0b20bca9,0x00337a4b },
-      { 0x01f7794a,0x033a8069,0x1b5fd84f,0x000b6efa,0x1d6e8207,0x1bc08267,
-        0x0f582968,0x1abe985f,0x000d65e0 } },
-    /* 11 */
-    { { 0x15275d38,0x0e84ddf5,0x1828d636,0x114e8a17,0x0b265426,0x17fa4b9f,
-        0x08cbc1d8,0x084a5e94,0x00c23da2 },
-      { 0x0b94520c,0x0d0dc278,0x16f5e397,0x0ccec760,0x09ea1096,0x05c34a69,
-        0x1fc4e937,0x1198f219,0x0019de3b } },
-    /* 12 */
-    { { 0x06c5fe04,0x01d38b61,0x0e86f6c6,0x11bc1677,0x1712c3b2,0x02c35265,
-        0x0ff5d0cb,0x1a923f99,0x00e34dcb },
-      { 0x0aa58403,0x0046a35d,0x1a5e94ed,0x12e90d05,0x0a8af9a6,0x00939b55,
-        0x1dfe78e4,0x088f69c1,0x00e7641f } },
-    /* 13 */
-    { { 0x1f64ba59,0x0ba9ca0e,0x0090bf1f,0x1e21d816,0x01859d33,0x0fe350ac,
-        0x1efd3c1b,0x0ae0a54a,0x004a12df },
-      { 0x1439dbd0,0x1d319c7c,0x194f87ef,0x0497a97b,0x1b314d3c,0x07fd10f8,
-        0x091bf579,0x12776b7d,0x006af5aa } },
-    /* 14 */
-    { { 0x10c91999,0x1085b4c8,0x16012476,0x09688054,0x020900a2,0x0a5a5c66,
-        0x004cf802,0x0b4cd488,0x005fe347 },
-      { 0x193e7b4b,0x07c655ef,0x08fe46ac,0x16a034f8,0x06263292,0x04d7668f,
-        0x04590ba2,0x011d9fd5,0x00b544e3 } },
-    /* 15 */
-    { { 0x16ddfdce,0x03c63748,0x045e7999,0x0522cdf1,0x067e12c3,0x173b26a7,
-        0x082d3a35,0x17b4d618,0x00e0b6b2 },
-      { 0x1b7efb57,0x09896f95,0x031001c3,0x181bbcf2,0x1c9441aa,0x1b56b3cd,
-        0x1dd3e40c,0x1bc4b4c6,0x0071c023 } },
-    /* 16 */
-    { { 0x1fe20925,0x15461225,0x173a19d8,0x0335871f,0x0706391c,0x12eaee9c,
-        0x13d96a5a,0x1a843a64,0x0061d587 },
-      { 0x037173ea,0x03b39d15,0x1de2d97a,0x090010a6,0x0b43e238,0x020f02dd,
-        0x1ef843e1,0x0248c43d,0x00fa11fe } },
-    /* 17 */
-    { { 0x0cb19ffd,0x0448f959,0x048f08c7,0x151ab763,0x1ca8e01b,0x1eb3c562,
-        0x1b72db40,0x0983e277,0x00586eb0 },
-      { 0x07e8ed09,0x01ae3729,0x067b7883,0x03467830,0x052fa1e8,0x0b602b63,
-        0x1c449e3f,0x010e10c9,0x0019d5ac } },
-    /* 18 */
-    { { 0x109a4e1f,0x14cfac09,0x09c01d07,0x1bce37d2,0x08d20ab7,0x1785f7e9,
-        0x18fc9a97,0x07eff38a,0x00e7c007 },
-      { 0x0ef59f76,0x1b6b31d0,0x1f2c1407,0x1676a841,0x002d4669,0x0fbd3d33,
-        0x102b0230,0x1fd8cb67,0x00e08504 } },
-    /* 19 */
-    { { 0x0031b3ca,0x04c7b46d,0x169b59bc,0x19573dcd,0x046e86d1,0x00fd4a79,
-        0x1ad16ff6,0x104b6132,0x0078f018 },
-      { 0x1a25787f,0x1f77ef21,0x132b26ed,0x0df01a3b,0x1fc36801,0x043bd9ad,
-        0x11e833a9,0x170fd28e,0x0043a773 } },
-    /* 20 */
-    { { 0x12b533d5,0x12bbb9a6,0x0f777018,0x1715ed43,0x0c293673,0x1e4d53cf,
-        0x1ac55df9,0x0a38764c,0x00bb6de6 },
-      { 0x165259b3,0x1f4981d5,0x0e9d2039,0x015fa7a0,0x0fc27d6a,0x01e8cd9e,
-        0x066f16b2,0x134ba317,0x0060b461 } },
-    /* 21 */
-    { { 0x1ae5aa1c,0x0b51c708,0x19cd962f,0x0eca5693,0x187edb8b,0x000a772f,
-        0x1f342c4c,0x1655dd7f,0x009d0f27 },
-      { 0x1a730a55,0x1492318b,0x0ef20eb2,0x0ab65fbb,0x19a719c9,0x0ff05600,
-        0x12341f07,0x0da6add8,0x00244a56 } },
-    /* 22 */
-    { { 0x0acf1f96,0x0d81ca57,0x1309c71b,0x02455204,0x1d3b99f2,0x160dc165,
-        0x1da4989a,0x10e6b03d,0x0045e58c },
-      { 0x038f9dbc,0x1ffa3ced,0x02281034,0x15e28dd1,0x0bed7a8a,0x0fd92370,
-        0x1e92516b,0x03983c96,0x00c040e2 } },
-    /* 23 */
-    { { 0x0f8117b6,0x03d78003,0x08d50ce1,0x12d3fee7,0x075eb651,0x1abb0eca,
-        0x1b1d20ac,0x12ed058d,0x001cdf5c },
-      { 0x11f04839,0x0dbbada0,0x1785a61f,0x1d59e891,0x132197db,0x0ee8db85,
-        0x1cf6ca48,0x1f1525bf,0x00046755 } },
-    /* 24 */
-    { { 0x1ce8ffcd,0x04562e95,0x1986a0b3,0x0789165f,0x0d6c70d5,0x10b93901,
-        0x17cfdbc5,0x02277074,0x00046e5e },
-      { 0x18007f01,0x1dc7fb26,0x1d0c60f9,0x03de24b5,0x1a03c7fb,0x0f531af0,
-        0x016c1171,0x186607a0,0x006e0106 } },
-    /* 25 */
-    { { 0x08dd73b1,0x0639ac24,0x17b43652,0x00e11f32,0x02ab7767,0x0f5462b5,
-        0x1c7ce0e1,0x1dbd2039,0x00442594 },
-      { 0x12d4b65b,0x07d51648,0x12430dfe,0x0468772d,0x18d1f94c,0x1250af4b,
-        0x1a3b4c9b,0x0a2985dc,0x00a796fa } },
-    /* 26 */
-    { { 0x023addd7,0x0cfdb024,0x19a4eccd,0x14c307ca,0x13c809e2,0x1bc71e5f,
-        0x1ba7e216,0x1538d2ec,0x00e4ad2d },
-      { 0x0e048a61,0x0bfbfa14,0x04b6680d,0x1a331981,0x0d8ef082,0x0d7a601f,
-        0x050ff0e8,0x08d86f6a,0x00c5e940 } },
-    /* 27 */
-    { { 0x0be75f9e,0x1b529c61,0x048e9e11,0x0353d196,0x1c04b6fd,0x06f85884,
-        0x1d1f6179,0x15fb68c8,0x0063283d },
-      { 0x1af2df15,0x139467bd,0x1669fd33,0x0588aa15,0x0bcc3e59,0x1356f41a,
-        0x04e3eac8,0x15633035,0x0068bd19 } },
-    /* 28 */
-    { { 0x1887d659,0x04756a88,0x164c16b0,0x09abe966,0x14fe3337,0x14c0e7f3,
-        0x1f5a5a61,0x1ea78dfb,0x00495292 },
-      { 0x1acec896,0x143c64f0,0x16d12112,0x096421d8,0x160a7d96,0x1bf13326,
-        0x00dd9a5b,0x01a4c06d,0x000ec753 } },
-    /* 29 */
-    { { 0x0d2687bb,0x0d09d02d,0x0b887e8b,0x1076d5e6,0x0607ba1f,0x0f7a8eea,
-        0x1c2ce43d,0x14cc90c7,0x000f6207 },
-      { 0x0f138233,0x0b3f1dd8,0x0aa9c62f,0x0d72d84e,0x088aedd6,0x02039376,
-        0x173e3b40,0x0e411dad,0x00ff0db0 } },
-    /* 30 */
-    { { 0x0c95d553,0x04fd080a,0x1a02a29d,0x00a5faba,0x1566fa44,0x018bff9d,
-        0x1a8c60ed,0x07910e81,0x00313b51 },
-      { 0x08d11549,0x00171560,0x17b8872d,0x1dc21769,0x0320e071,0x03eea3f9,
-        0x1e049ae6,0x1f30de33,0x002d3abc } },
-    /* 31 */
-    { { 0x015581a2,0x0144280c,0x08846bd3,0x14daacc6,0x12e999a0,0x1d078655,
-        0x137c66e9,0x021bdb31,0x00c036fa },
-      { 0x01fbd009,0x0d7045d6,0x1456058a,0x1163200d,0x00d8f0b6,0x193bcdcf,
-        0x06530bac,0x1896da80,0x00a6b2a2 } },
-    /* 32 */
-    { { 0x0d3549cf,0x019f287b,0x135997b5,0x06d2dff5,0x1fcb46f3,0x1ed66708,
-        0x0181a56f,0x0a55ef93,0x00810ee2 },
-      { 0x1159bb2c,0x0a287f0b,0x02cd5ed9,0x1f7d7ceb,0x1ea72f7d,0x1f3a6b4f,
-        0x1d14ac15,0x0f524e62,0x00d48571 } },
-    /* 33 */
-    { { 0x10cb5a98,0x0ba0d457,0x0c442fc4,0x151f263e,0x02adfd3d,0x1165d59c,
-        0x01386653,0x14e5f34c,0x006a6045 },
-      { 0x02b2411d,0x186069fd,0x03a5b805,0x1d707ca2,0x1b3ccbe0,0x0fb9c432,
-        0x1e40ef32,0x1f5f3c2a,0x00d3e45c } },
-    /* 34 */
-    { { 0x083f7669,0x10fb4ddf,0x01df5af3,0x115d04e5,0x0278d09f,0x172a1922,
-        0x06725522,0x1bdc7858,0x00207755 },
-      { 0x0fef1945,0x1deb0ecb,0x0b4a30e1,0x0279df62,0x164aa188,0x08eb396f,
-        0x00367ef3,0x1cae2a96,0x0048dc5e } },
-    /* 35 */
-    { { 0x17e5a199,0x11bc85ff,0x0732edc4,0x1f719f31,0x19c79e0e,0x15ff0528,
-        0x111709e8,0x1dbbfede,0x00f2fb0a },
-      { 0x10b5025f,0x0e04abaf,0x1ea7c890,0x0a87ae81,0x1fbd0550,0x04569c05,
-        0x14963e8f,0x02bb651a,0x00a13e90 } },
-    /* 36 */
-    { { 0x02b65cbc,0x0fbd1a85,0x119089be,0x0972e454,0x107a10b0,0x1120f11f,
-        0x09bc9973,0x160292ea,0x002bf0d6 },
-      { 0x0b216fb7,0x1ea6e9fa,0x17689ab4,0x0f70cff7,0x0505cf7d,0x1c1fb384,
-        0x027ebade,0x0b42c5fd,0x0042a94a } },
-    /* 37 */
-    { { 0x0aadf191,0x0235685f,0x089a35d6,0x1491204b,0x1c1f60f8,0x182824a6,
-        0x18f7a180,0x0d38cbdb,0x002c2dd9 },
-      { 0x13849c17,0x0810b8ec,0x0894375b,0x0911743b,0x05485460,0x03831e1d,
-        0x16f12043,0x03e858ad,0x00f437fa } },
-    /* 38 */
-    { { 0x0a0f7dab,0x1506b8a2,0x1dba6b1a,0x092f262e,0x197860f0,0x10287af9,
-        0x0aa14b02,0x066a8e0f,0x00aaf45b },
-      { 0x018d364a,0x0f1be19e,0x125c5961,0x17360c7c,0x05444d40,0x0b408af6,
-        0x0af3d05c,0x01be9e4e,0x00cdf631 } },
-    /* 39 */
-    { { 0x0ea8b7ef,0x039e311c,0x0f08a1dd,0x126a310b,0x08e3408e,0x13b915ed,
-        0x1fc90655,0x175b53c5,0x00f0d008 },
-      { 0x0414d3b1,0x089338e9,0x067a9d8a,0x0a930b60,0x1cbdbb37,0x1cb6a29d,
-        0x0e2d7186,0x1eb9510f,0x005bd5c2 } },
-    /* 40 */
-    { { 0x149a3154,0x187a34f7,0x0acba6bb,0x0b4b2adc,0x04a9c3e8,0x160f5549,
-        0x1c6516ab,0x191413c8,0x00aa12df },
-      { 0x0df69f1d,0x1793913a,0x1fd79cc9,0x09905945,0x1dd44e0e,0x0739dbd4,
-        0x0406e763,0x0e7c9195,0x006c036e } },
-    /* 41 */
-    { { 0x0f6e3138,0x07d70950,0x0b4d1697,0x0dde004b,0x12bc5696,0x0325a2b3,
-        0x1892264f,0x0b12d5f7,0x00292ff6 },
-      { 0x1e213402,0x09286a22,0x04b27fb5,0x101c4e87,0x072e8f65,0x1cbfed0e,
-        0x09d825ec,0x1206236e,0x00644e0c } },
-    /* 42 */
-    { { 0x047153f0,0x0f210f0d,0x01063278,0x1876f324,0x17672b86,0x0743b82e,
-        0x09de4ef7,0x127956f3,0x00f25ae7 },
-      { 0x0d869d0c,0x198ca51b,0x01b09907,0x0b910493,0x0945e9d5,0x0f5184b7,
-        0x08f927ed,0x0a627b61,0x0039b8e6 } },
-    /* 43 */
-    { { 0x16fd2e59,0x1baa1005,0x157263cd,0x0580cd24,0x0573935e,0x190d0715,
-        0x0c1b676a,0x05e1e33b,0x0039122f },
-      { 0x03cad53c,0x1de70f00,0x1705f8f3,0x16581fcc,0x13877225,0x18e94d50,
-        0x1e35caeb,0x1f19d01f,0x008de80a } },
-    /* 44 */
-    { { 0x007bbb76,0x1df546c9,0x1e09d62b,0x18fcf842,0x036b1921,0x1ba58e02,
-        0x10137e8a,0x00c5c6d1,0x00871949 },
-      { 0x03993df5,0x0fc945dd,0x0cf49aad,0x1aeb6be7,0x15050639,0x13c542da,
-        0x1784046a,0x0d4b6e9f,0x00fc315e } },
-    /* 45 */
-    { { 0x08d6ecfa,0x10fea0d7,0x1b1fe195,0x1889ec35,0x0741d5f8,0x153da492,
-        0x02226114,0x15bdc712,0x00e6d4a7 },
-      { 0x0593c75d,0x02a9768a,0x09c45898,0x0e1b49ba,0x0c7db70a,0x0f49bdd1,
-        0x195f4abb,0x13537c55,0x0035dfaf } },
-    /* 46 */
-    { { 0x0a736636,0x1cab7e6d,0x0b2adf9a,0x0a3b2f5c,0x0996609f,0x1fa0879a,
-        0x14afec42,0x1ae39061,0x001da5c7 },
-      { 0x1cce6825,0x020f2419,0x15cf0ed7,0x1a231ff2,0x036b815a,0x0963f918,
-        0x075a8a15,0x1fbb7e97,0x007077c0 } },
-    /* 47 */
-    { { 0x06b9661c,0x1b1ffc6a,0x0b3f5c6f,0x1fa6d61a,0x1f8f7a1d,0x10a05423,
-        0x19100dcf,0x05dca1df,0x0053a863 },
-      { 0x096d8051,0x0bb7fb43,0x13d1a282,0x18192b8e,0x026bddae,0x06e1af27,
-        0x13058a65,0x0da69c3f,0x00028ca7 } },
-    /* 48 */
-    { { 0x1c9877ee,0x08ea3ee7,0x074000b4,0x06c42100,0x060b6c8b,0x008baa61,
-        0x011b400b,0x1b0d2c5e,0x0004c17c },
-      { 0x10daddf5,0x0cde84a5,0x1395701b,0x046aea49,0x003b5bea,0x0b73396d,
-        0x11d198cd,0x1d3fdb2e,0x00f7ba4d } },
-    /* 49 */
-    { { 0x0be1263f,0x06dfd1a7,0x0b9f39b4,0x0c6e6ae3,0x0f523557,0x02a9c153,
-        0x11074910,0x000a4263,0x00e31f96 },
-      { 0x0a6b6ec6,0x0ddc90b7,0x10bf1134,0x03a25ce7,0x0a29437a,0x1f5644e8,
-        0x11ef0439,0x0b39c69a,0x00aa3a62 } },
-    /* 50 */
-    { { 0x16f3dcd3,0x1e7cefa9,0x0fdcd83e,0x1bdaa1a5,0x04f5b6ce,0x087d6fa8,
-        0x0bb9245c,0x0c4fcf3b,0x002398dd },
-      { 0x0d09569e,0x1a382d1b,0x127dda73,0x0c3376a2,0x0034cea0,0x01bb9afb,
-        0x0843fe70,0x1643808c,0x005717f5 } },
-    /* 51 */
-    { { 0x01dd895e,0x1f114e49,0x10a11467,0x030a0081,0x17ecd8e5,0x091c8eb1,
-        0x037be84f,0x0ac1c785,0x00660a2c },
-      { 0x167fcbd0,0x06544576,0x0a7c25a7,0x0e48f01d,0x12b4dc84,0x1a40b974,
-        0x114ccacb,0x0989ea44,0x00624ee5 } },
-    /* 52 */
-    { { 0x1897eccc,0x0aa4e726,0x06202a82,0x13a3b27f,0x07c204d4,0x1211821d,
-        0x0f01c8f0,0x1f7257bf,0x004f392a },
-      { 0x1de44fd9,0x0b4fc7d3,0x0cc8559a,0x19f7c8af,0x0bc3cb66,0x14019b47,
-        0x06736cbe,0x0ef99b67,0x008a3e79 } },
-    /* 53 */
-    { { 0x06c4b125,0x0f0c40f8,0x18f2a337,0x09c601ed,0x013e9ae3,0x0cef2e3d,
-        0x1013bda6,0x046e1848,0x003888d0 },
-      { 0x04f91081,0x11401ab2,0x0055411d,0x1f9ec2be,0x0d36e3d9,0x16e43196,
-        0x0cd8609f,0x08e30204,0x00a5e62e } },
-    /* 54 */
-    { { 0x0facd6c8,0x1412f719,0x0f2f1986,0x18c6a8a9,0x19931699,0x16fbcc6f,
-        0x0b70338f,0x1cc8cd4b,0x002c4768 },
-      { 0x10a64bc9,0x1a37fc64,0x1de7d72c,0x14c041c8,0x1e884630,0x08325e02,
-        0x0a836527,0x083f3cca,0x007b5e64 } },
-    /* 55 */
-    { { 0x1d28444a,0x0b4a1160,0x04da8e48,0x0d8bb17c,0x07fcee99,0x17f2fd86,
-        0x11288e1e,0x196191ae,0x00b8af73 },
-      { 0x138b86fd,0x1ef41d51,0x02973fd7,0x07e2b14b,0x09433fee,0x07b79056,
-        0x025727ba,0x0befe7e1,0x00a03639 } },
-    /* 56 */
-    { { 0x010f7770,0x039e35dd,0x0a838923,0x02db0342,0x02b9fa6f,0x1b4128de,
-        0x14cc4037,0x0030ebf6,0x004be36b },
-      { 0x1fb56dbb,0x11304374,0x19e93e24,0x1fdf160f,0x12f20306,0x0602b36a,
-        0x0303bab3,0x10e37b80,0x008cbc9a } },
-    /* 57 */
-    { { 0x00dac4ab,0x098c4ae6,0x0bfc44b8,0x094880e2,0x0ee57a87,0x173e350e,
-        0x17e18cca,0x07c18106,0x0044e755 },
-      { 0x1734002d,0x0a81fffb,0x0d10971b,0x0b971616,0x138b59d3,0x013b0743,
-        0x106257dc,0x074bd71f,0x00470a68 } },
-    /* 58 */
-    { { 0x10513482,0x0dbb0ee4,0x1a49daa0,0x0e405403,0x13083028,0x00f70673,
-        0x1bbf3691,0x1218c7b8,0x00164106 },
-      { 0x0d06a2ed,0x081a5033,0x06c402fd,0x1aee8a31,0x018c9dd4,0x173955c1,
-        0x0d3f6452,0x1faf5797,0x00d73479 } },
-    /* 59 */
-    { { 0x1ad4c6e5,0x16f7d8b2,0x01b4135f,0x19e11eb6,0x1cb14262,0x0dd8c2ba,
-        0x19ac4bb5,0x1c60ee2c,0x00816469 },
-      { 0x161e291e,0x1d5cebca,0x17859875,0x1b5e4583,0x00513eb9,0x13f589af,
-        0x1e73d260,0x047e1ba7,0x000a36dd } },
-    /* 60 */
-    { { 0x01d5533c,0x0c69963a,0x0118a3c2,0x1eb53d0d,0x1bd117c5,0x1456f1a4,
-        0x0460e688,0x1adfb756,0x00e331df },
-      { 0x0bcc6ed8,0x08055b43,0x1e898394,0x01877bde,0x050d7716,0x0cd3de74,
-        0x0e26418f,0x054925c6,0x00d3b478 } },
-    /* 61 */
-    { { 0x13821f90,0x0a4db747,0x1adeab68,0x1bb3dacd,0x1311692e,0x14a98d00,
-        0x16f42ed9,0x0b4990d4,0x00728127 },
-      { 0x13ff47e5,0x01c2c7be,0x00591054,0x0c2d78c2,0x19bb15e1,0x188d3efe,
-        0x01658ac3,0x0fd9c28a,0x002c062e } },
-    /* 62 */
-    { { 0x0159ac2e,0x1b7ccb78,0x16c9c4e9,0x1cee6d97,0x06047281,0x09440472,
-        0x1bc4ab5b,0x1f2589cf,0x00282a35 },
-      { 0x00ce5cd2,0x01aa58f6,0x1e708a67,0x13df9226,0x0c11ecf9,0x179c1f41,
-        0x0af664b2,0x026aa9a5,0x00c71cd5 } },
-    /* 63 */
-    { { 0x09b578f4,0x042ef4e0,0x0bfe9e92,0x09c4b1c7,0x02f1f188,0x18dbac8c,
-        0x0e8e3dda,0x0819e8fe,0x00c50f67 },
-      { 0x174b68ea,0x0e256f99,0x0597f8aa,0x0de646d3,0x13050a40,0x111142d2,
-        0x0370be1a,0x14e4252b,0x00b9ecb3 } },
-    /* 64 */
-    { { 0x14f8b16a,0x17c20877,0x1ec99a95,0x0835fd88,0x087c1972,0x15c736ce,
-        0x0c6c2901,0x0059a855,0x00803f3e },
-      { 0x04dbec69,0x18184d40,0x0eb417df,0x170bee77,0x0197fa83,0x1939d6c7,
-        0x17071825,0x01ca0cf5,0x00c09744 } },
-    /* 65 */
-    { { 0x0379ab34,0x0352b796,0x077e3461,0x1c0d1708,0x068efa8e,0x022c8bb6,
-        0x1cc080c5,0x1ab22be3,0x00f1af32 },
-      { 0x1d75bd50,0x0e1ba98a,0x0bd9ef26,0x19ff75ee,0x1723f837,0x120c246b,
-        0x122c184e,0x061c5a83,0x0023d0f1 } },
-    /* 66 */
-    { { 0x141500d9,0x0bd5b76f,0x0fab6a21,0x1215cbf9,0x059510d8,0x032444b9,
-        0x0b754bfa,0x1ad8147f,0x00b0288d },
-      { 0x050bcb08,0x09907983,0x175b85a1,0x1ec626d2,0x1aa7671a,0x1053dcc4,
-        0x0348c7d4,0x09fe8119,0x00ffd372 } },
-    /* 67 */
-    { { 0x1458e6cb,0x1cb47325,0x1e974a14,0x1b5a4062,0x15f56992,0x1705bd53,
-        0x1b7ce052,0x095af184,0x00f5590f },
-      { 0x0f0ba55a,0x1e125e9e,0x1de2eb83,0x08e49418,0x1674a0fc,0x0327b41d,
-        0x088073a6,0x0a9edee9,0x0018d6da } },
-    /* 68 */
-    { { 0x15be5a2b,0x0c9f112e,0x0d3cf1bb,0x0f3306b2,0x06ffc6fe,0x04931131,
-        0x05a90c50,0x1b2f3204,0x0050bbb4 },
-      { 0x057ec63e,0x1c0c8e37,0x07736c8d,0x04588030,0x0e0f6654,0x04cd811b,
-        0x070d06a0,0x03003fc9,0x002b1001 } },
-    /* 69 */
-    { { 0x1b391593,0x0345ae2c,0x009c3f3f,0x0beb44b3,0x0dcbbc38,0x19d568cd,
-        0x1831c513,0x13307f75,0x00dd5589 },
-      { 0x14b82ff4,0x1dc45c73,0x19cd3264,0x007880e3,0x0322ad2e,0x0f57a1e0,
-        0x010669ea,0x0a2293ac,0x00e6e4c5 } },
-    /* 70 */
-    { { 0x1e9af288,0x0fb2add8,0x0b6a4c55,0x1c34c9ef,0x020e5647,0x1f25e594,
-        0x1bfd0da5,0x1620fdaa,0x0051e00d },
-      { 0x171c327e,0x1e8b4dc3,0x05b0ab50,0x1b641695,0x1477929c,0x08fa9ef5,
-        0x05df01f5,0x08293052,0x00e22f42 } },
-    /* 71 */
-    { { 0x035f1abb,0x0a2f47a3,0x14e21d33,0x18196ad0,0x0034d7ed,0x160fdad4,
-        0x0327251c,0x07aa5b89,0x00f70937 },
-      { 0x08af30d6,0x00cb35dd,0x0deda710,0x1ebe95e2,0x1c47e95b,0x0b1549b0,
-        0x0c44e598,0x111ce4eb,0x00bd52d2 } },
-    /* 72 */
-    { { 0x1c5fa877,0x18aae3d4,0x0e8f522a,0x15ace4fa,0x189d817d,0x1fcf39e8,
-        0x1e990fd0,0x1c99154e,0x00a0d0f8 },
-      { 0x0c94f92d,0x1df57ec6,0x1376ce82,0x11917c18,0x0ba14d81,0x12fc5c17,
-        0x08008b31,0x18f28dad,0x00a56c78 } },
-    /* 73 */
-    { { 0x0dd09529,0x0b11c8d8,0x0b77f3ca,0x1c1d4c7b,0x1f481803,0x1a8fadad,
-        0x19e8b1dc,0x1f0e6346,0x00d8befd },
-      { 0x1c0157f4,0x1c8cea17,0x1239942a,0x195daffd,0x08b0af51,0x05a0016a,
-        0x11e337e7,0x14b9d3ec,0x00854a68 } },
-    /* 74 */
-    { { 0x03506ea5,0x01afb3db,0x1f8359b7,0x0d891349,0x1cd4d928,0x0e9dff4a,
-        0x0a54fc40,0x0173108d,0x005cacea },
-      { 0x1ceac44d,0x086fb064,0x13470eaa,0x0535e86a,0x1babe3db,0x1ef456ae,
-        0x1ea42374,0x0246bc9d,0x00e4982d } },
-    /* 75 */
-    { { 0x034cd55e,0x18825116,0x00344c88,0x12b7664d,0x1d943586,0x0d7d0fd0,
-        0x1267ecd1,0x1ec2d640,0x008046b7 },
-      { 0x18e7d098,0x099ac0f1,0x1bc2dc2d,0x0c3d1be8,0x178c4d7f,0x14f52265,
-        0x1d54c37a,0x0f721055,0x00eb17ca } },
-    /* 76 */
-    { { 0x16a145b9,0x1a8dacc3,0x0f1c7b05,0x1ed61f83,0x115bba5c,0x1ab29c93,
-        0x04c74f80,0x175f56bc,0x00097b00 },
-      { 0x165f69e1,0x1336474a,0x0f94666a,0x11eeb56b,0x1d98477e,0x1d08ed27,
-        0x127980ce,0x0f75fb79,0x00f95c74 } },
-    /* 77 */
-    { { 0x1ebae45e,0x0c780e9d,0x0f1a5555,0x17d3e189,0x04fc6a8e,0x02d8ede3,
-        0x00debadc,0x03cacddb,0x00351260 },
-      { 0x1a1161cd,0x19b78f0f,0x197be1e4,0x1571aa98,0x121e5328,0x17713927,
-        0x0dad1d5f,0x046c0d15,0x000ef971 } },
-    /* 78 */
-    { { 0x14ca4226,0x12cc67ba,0x190b2380,0x1bc271f0,0x017905ee,0x1fba2347,
-        0x12552258,0x066769f7,0x00fc16d9 },
-      { 0x07c800ca,0x14b7d98f,0x1e2b6aaf,0x00c6624c,0x1e8b5138,0x024bb7f9,
-        0x085cf589,0x1e372baf,0x0014ca4a } },
-    /* 79 */
-    { { 0x1d2f81d5,0x123b8dd5,0x1df4659e,0x1f3ad203,0x1c9071a5,0x1f7be56c,
-        0x0c776262,0x0c7eb384,0x004057b0 },
-      { 0x09c05c0a,0x1fec17f4,0x1037e16f,0x0238de3b,0x016dbe49,0x065751ad,
-        0x0c4cefbf,0x0c9e2661,0x001c3b5d } },
-    /* 80 */
-    { { 0x00ec21fe,0x1f0a5ff4,0x156fa097,0x1c22d584,0x05d67f6c,0x0d0397a5,
-        0x0ebe62f1,0x091b6fcc,0x00fad271 },
-      { 0x09ab05b3,0x0605b561,0x0946b9a4,0x1350789c,0x0de7d37a,0x043ae155,
-        0x0a1029f7,0x1c73e1c3,0x0077387d } },
-    /* 81 */
-    { { 0x056c0dd7,0x14f6624d,0x021b1d07,0x1ff9b08c,0x1aecea5c,0x0a047a82,
-        0x11fa3de8,0x1817de18,0x00b37b85 },
-      { 0x0c0e6a8f,0x0cb5b726,0x0e23c8cd,0x1a977ed6,0x0ef4efd6,0x09fd61ce,
-        0x0356ae91,0x191f3ec5,0x009c135a } },
-    /* 82 */
-    { { 0x04e35743,0x15519014,0x08f37bcc,0x1ad5630b,0x19819320,0x18bb0ef8,
-        0x147ee086,0x03f88670,0x00572136 },
-      { 0x11fc9168,0x186d9b53,0x17100f07,0x1174e6bc,0x0d8f55f9,0x143f1bde,
-        0x06f7d932,0x193cd762,0x00dcbac3 } },
-    /* 83 */
-    { { 0x0518cbe2,0x00eccb42,0x07ac13bc,0x05f83139,0x1eebfd24,0x11e3f23f,
-        0x0189c9d9,0x13c5ac4d,0x00b8c1c8 },
-      { 0x08e1d569,0x0d2c5eee,0x16233414,0x1013916f,0x131eb563,0x1fecf88f,
-        0x0b509b09,0x1b45f284,0x005d23bb } },
-    /* 84 */
-    { { 0x15c8f8be,0x10e394a4,0x1cd8afc2,0x03890077,0x1d4ac296,0x0201efb1,
-        0x04027906,0x19723d9d,0x00c109f9 },
-      { 0x18945705,0x1684ae82,0x1ae17030,0x107b2dbb,0x0449bb90,0x15c6bd20,
-        0x1b8611a4,0x09e5ddc3,0x009bc334 } },
-    /* 85 */
-    { { 0x02913074,0x0ad71ab2,0x0950ac43,0x12364e91,0x0732a554,0x1332d988,
-        0x13051a72,0x0a4be349,0x0029591d },
-      { 0x184f983f,0x1b7adb5d,0x17e13879,0x1dde833e,0x0a189be7,0x0a4b405d,
-        0x0cb04803,0x03e31de6,0x00637655 } },
-    /* 86 */
-    { { 0x162976cc,0x0d2f8a72,0x1c4b0e2f,0x1947cc1d,0x0985222b,0x18323665,
-        0x01eaefe8,0x19011c53,0x00bdb79d },
-      { 0x0b06a772,0x0965ae4e,0x14db73bf,0x08eb55fc,0x15db838f,0x10113e15,
-        0x052b0a8f,0x0035ba78,0x008ee860 } },
-    /* 87 */
-    { { 0x04ade873,0x1f4b4c0d,0x1ee92332,0x13549b89,0x14ba57ee,0x144cad02,
-        0x092cb3b8,0x0f4deef5,0x0092e51d },
-      { 0x1190a34d,0x045d7d43,0x0f47b465,0x11eeb7ed,0x11144d69,0x13718657,
-        0x0aab403b,0x0de14ad5,0x005182f8 } },
-    /* 88 */
-    { { 0x1a4cc99c,0x1d310963,0x1b67287e,0x0136d07c,0x18c5aff6,0x13e5ad64,
-        0x1bc976ec,0x0ba80e74,0x0091dcab },
-      { 0x1f575a70,0x0db661ea,0x0361fe80,0x06c272df,0x017360cb,0x074644cc,
-        0x1cac5975,0x1b72f2e9,0x0017a0ce } },
-    /* 89 */
-    { { 0x076c8d3a,0x0430f150,0x03e492ce,0x155a7242,0x035d9701,0x157209d4,
-        0x1d065343,0x0d8fe99b,0x002e8ce3 },
-      { 0x037a862b,0x0939ed58,0x19323ea4,0x15376ec1,0x0f2dd01b,0x09c419dd,
-        0x03cfe591,0x19669ecd,0x00f4ccc6 } },
-    /* 90 */
-    { { 0x11f79687,0x077a92e7,0x1bea0551,0x12a92b25,0x18d297c5,0x0ba0d2e3,
-        0x0f27848c,0x111341be,0x00ac0db4 },
-      { 0x1f01747f,0x15fe388e,0x05f7c4e1,0x1726b1de,0x16bb5592,0x0727ae65,
-        0x128b9620,0x0c32992e,0x0095a64a } },
-    /* 91 */
-    { { 0x015a4c93,0x160f7ed6,0x1614505c,0x0d36e704,0x10bad402,0x1d8e0b65,
-        0x19ddaa37,0x17452420,0x00231e54 },
-      { 0x0ae6d2dc,0x186fc8bc,0x044a4629,0x154c7e72,0x172234d6,0x1935af2d,
-        0x0787d89d,0x065b14e6,0x00ab0be0 } },
-    /* 92 */
-    { { 0x0d131f2d,0x0bd6874c,0x013c4042,0x1e13c676,0x1a748637,0x10cb6af4,
-        0x19e46b21,0x10059ed4,0x00f1bcc8 },
-      { 0x08daacb4,0x0e348a07,0x1d940249,0x1c80aac1,0x137a63c4,0x047e23bc,
-        0x09c56473,0x0d2b5d76,0x00851694 } },
-    /* 93 */
-    { { 0x11dcf593,0x11ae0a1f,0x062f8ef7,0x00565360,0x19d3d782,0x16e14dee,
-        0x1763a736,0x1a5b55aa,0x008f67d9 },
-      { 0x1481ea5f,0x0088b2b3,0x13164321,0x05bbd3c6,0x13fa8e7d,0x01fa0282,
-        0x0d77ff75,0x17380e51,0x00f84572 } },
-    /* 94 */
-    { { 0x17af71c9,0x10d3d38c,0x1cd95957,0x092888f4,0x15063a14,0x1703870e,
-        0x106686d2,0x020c2d65,0x00edee27 },
-      { 0x11734121,0x1781a7a8,0x097a7c2c,0x18dcaa94,0x02ecf1ca,0x0479d206,
-        0x1fd23705,0x13689d7a,0x009fd27e } },
-    /* 95 */
-    { { 0x16e2cb16,0x063b2c57,0x16466d8f,0x16fa59fc,0x15583e3e,0x0c0b0b46,
-        0x0e1d6a31,0x16d2b1fe,0x00a40c2f },
-      { 0x1edcc158,0x04f62b07,0x1c8c15a3,0x10098cab,0x07e127ad,0x13824d18,
-        0x1b3f64e5,0x170fb8db,0x0099bc9b } },
-    /* 96 */
-    { { 0x127dafc6,0x054a90ec,0x02734661,0x03f6d2b8,0x06dde52c,0x00d07c9b,
-        0x19927656,0x01742daf,0x009abe21 },
-      { 0x08915220,0x0057c252,0x1605b192,0x062ed49b,0x1ca5afa7,0x1cc38b40,
-        0x12c31f54,0x0af0fe68,0x007881c2 } },
-    /* 97 */
-    { { 0x00bcf3ff,0x19ccda8f,0x1fdd3da4,0x05978a24,0x1d9680d0,0x12d16e80,
-        0x05023ed1,0x033461d1,0x0015e6e3 },
-      { 0x1e0e05f4,0x036b7069,0x16210119,0x0f7bb886,0x050d3fad,0x03e8e27c,
-        0x0b3af987,0x19e3222e,0x000e55fa } },
-    /* 98 */
-    { { 0x18787564,0x14ecc037,0x1a17399f,0x062e4263,0x1e8d61a3,0x0c655c0c,
-        0x15ddac05,0x0ecdfd2c,0x00d73d09 },
-      { 0x1eb7206e,0x1241a128,0x062ed090,0x12521f8c,0x0a520a51,0x1c2caf18,
-        0x142d772e,0x0e91e2b4,0x009250a3 } },
-    /* 99 */
-    { { 0x1e577410,0x17f847c5,0x1dea31b2,0x011406a0,0x063a4fd4,0x1944f605,
-        0x102fc7d8,0x10583991,0x00774140 },
-      { 0x0b0991cd,0x0d207d37,0x1f70a581,0x1410cc93,0x0fd40c1c,0x11e3d992,
-        0x02e4e9a2,0x09a25d64,0x008cb04f } },
-    /* 100 */
-    { { 0x0906171c,0x0e1682ab,0x09030fec,0x07d39b60,0x06841907,0x15a7ec48,
-        0x0d476e39,0x1de8e247,0x00e4e429 },
-      { 0x18ec36f4,0x1c6ea9e1,0x12da89c2,0x05b803fe,0x09a48f9d,0x1703c3cd,
-        0x15497419,0x1fe78dcc,0x0037bca2 } },
-    /* 101 */
-    { { 0x1f562470,0x06971e3e,0x0592b253,0x04e54581,0x193be44f,0x0efcc063,
-        0x08a9f1b5,0x1b860056,0x0059913e },
-      { 0x1750592a,0x109cd41a,0x00f7809e,0x003b01cf,0x1d64f99e,0x01baf502,
-        0x089b3e30,0x0956027c,0x0043786e } },
-    /* 102 */
-    { { 0x1e56b5a6,0x1995876c,0x1f1a3e7f,0x01b34db3,0x046a7075,0x1422acbc,
-        0x19ebb057,0x1316fcf3,0x008638ca },
-      { 0x0afc24b2,0x1ad704b0,0x0b3a3c8b,0x131d5e9b,0x1a78f053,0x0ee85765,
-        0x1bc0edd9,0x0d4f6754,0x001ecdd3 } },
-    /* 103 */
-    { { 0x0c5ff2f3,0x09d66b13,0x1cea5e17,0x0a2d8050,0x10d54a2d,0x04fd6908,
-        0x0cb6b653,0x10ba8b3e,0x00d85d0f },
-      { 0x10b11da3,0x1b805c68,0x00c63127,0x0458614f,0x0decdd2c,0x047a4904,
-        0x118955a6,0x18769da7,0x00a04f19 } },
-    /* 104 */
-    { { 0x0d7f93bd,0x03c92647,0x0bd47d82,0x0958ba72,0x171afcb6,0x1985410d,
-        0x02c1f2b8,0x1d4b812a,0x0092b2ee },
-      { 0x05b6e235,0x0d6264a4,0x0db03c21,0x19495252,0x08891ab2,0x1359f028,
-        0x1db203ea,0x042b0684,0x001ee782 } },
-    /* 105 */
-    { { 0x063e79f7,0x10517007,0x067641a9,0x01cf65e7,0x1c09df59,0x02a53303,
-        0x05424084,0x1b0af4dc,0x00f3f2ce },
-      { 0x110d9b55,0x0028879f,0x19099208,0x1f9f59b0,0x10e7c9d2,0x0d53f45e,
-        0x0843958c,0x0a87b47c,0x000f56a4 } },
-    /* 106 */
-    { { 0x1043e0df,0x190dffd0,0x001f9b56,0x096d9938,0x0517a6c7,0x17606a54,
-        0x098c6995,0x08232d3c,0x00bd8f17 },
-      { 0x1eb7494a,0x14dddc35,0x1cee0e22,0x0fa8de8b,0x1a79a156,0x0953d272,
-        0x08277de8,0x06a6199f,0x002d1a1c } },
-    /* 107 */
-    { { 0x106508da,0x0971c09a,0x15e569c6,0x03018943,0x144b3336,0x0ca4bd4c,
-        0x091b376d,0x0bd723f7,0x00a107a6 },
-      { 0x0f94d639,0x168e8e28,0x162df5f9,0x15e6eb14,0x1ca1c8b4,0x0ac25e9b,
-        0x0bc869f1,0x015f0f53,0x00183d76 } },
-    /* 108 */
-    { { 0x0dde59a4,0x0eb4b888,0x02fbe1ca,0x1b1a0e1d,0x0be78f1a,0x04b1a797,
-        0x1d508a6d,0x13b84d3a,0x001d4417 },
-      { 0x0390d30e,0x196e067c,0x1a04432c,0x164ea61b,0x0339a0a3,0x0ee295e0,
-        0x0988c6bc,0x1852c0da,0x00771f9c } },
-    /* 109 */
-    { { 0x05040739,0x0cc9f3bc,0x09aa4e66,0x073b7300,0x0fc26445,0x1b797afc,
-        0x063b3d03,0x06206c4e,0x0064427a },
-      { 0x05428aa8,0x1a796c3c,0x1ed26a13,0x15b87fd7,0x101ac7b7,0x1636f91e,
-        0x15b4806c,0x092d5d21,0x0049d9b7 } },
-    /* 110 */
-    { { 0x035d1099,0x03c6c5e2,0x03468233,0x179a9d1d,0x08a412ad,0x1150165b,
-        0x11140b0b,0x0367ec0a,0x009037d8 },
-      { 0x074c7b61,0x06dd6138,0x0ff5cb9f,0x006356af,0x15352fe2,0x164b2cb6,
-        0x0e718733,0x0d4f980c,0x0008c3de } },
-    /* 111 */
-    { { 0x16d552ab,0x07ee8107,0x13607c48,0x15ff300b,0x1129156b,0x1e1f489a,
-        0x0cbc1bed,0x0848af2d,0x00c69094 },
-      { 0x01231bd1,0x1d9d74e2,0x11608145,0x18dd0eb9,0x0a1221ea,0x1bd5fceb,
-        0x0b008220,0x00595fc7,0x003fa3db } },
-    /* 112 */
-    { { 0x05058880,0x1ad1f328,0x0e50fcb5,0x06cbdec8,0x049257da,0x030e7d59,
-        0x03fd051e,0x161fb701,0x00c5c4bd },
-      { 0x1272b56b,0x1a89f1a5,0x0e410e9c,0x04fd2a23,0x04969c83,0x11befc42,
-        0x1ad7f633,0x1288d856,0x002d56db } },
-    /* 113 */
-    { { 0x1f46ac6b,0x030bc17f,0x08b90949,0x1ef24c0f,0x08de1d19,0x11e204d2,
-        0x090bebfa,0x13bca077,0x000f56bd },
-      { 0x145cda49,0x1bea7689,0x1bca6744,0x02b1f902,0x03402821,0x12a5575a,
-        0x17c79f1a,0x13a22e76,0x004003bb } },
-    /* 114 */
-    { { 0x00803387,0x1c740c4d,0x12f5010e,0x022bea73,0x17f21ece,0x1046e943,
-        0x1e790a5c,0x04540fe5,0x00537655 },
-      { 0x08a4182d,0x04c0510d,0x0677de69,0x17a0f464,0x1a2d4a2b,0x05170d0c,
-        0x15259d34,0x0b0d8ba8,0x007a056f } },
-    /* 115 */
-    { { 0x1d8a2a47,0x03592ac4,0x17c9dcd9,0x10529187,0x0d5395b5,0x000755f8,
-        0x19d547b0,0x1e2f4344,0x0077d482 },
-      { 0x07853948,0x050decac,0x1efffbae,0x102f7ad9,0x01e47a6f,0x002bc034,
-        0x0392adbb,0x05656716,0x00411501 } },
-    /* 116 */
-    { { 0x0de28ced,0x039f87a3,0x04fb11cf,0x1b4ec136,0x063921d5,0x074f372e,
-        0x051986e3,0x0e5f7d41,0x00cdf045 },
-      { 0x0c53c3b0,0x059e2c5b,0x1ee10f07,0x1c782088,0x1780e97f,0x0570965c,
-        0x0427ecae,0x1b52e706,0x00ee703d } },
-    /* 117 */
-    { { 0x1f57e43a,0x028a8a07,0x0e046e0d,0x0cc1a763,0x0b986d44,0x0effc7a1,
-        0x1884aced,0x13b42c59,0x002a0ad8 },
-      { 0x0bc277ba,0x072534a3,0x10709d99,0x1192a982,0x16274c78,0x1326655f,
-        0x1964506a,0x0cf58568,0x00d62d0b } },
-    /* 118 */
-    { { 0x0c054ac4,0x0e2ec3d9,0x1f7de20e,0x00b0b3e4,0x128d6570,0x05f9d8c0,
-        0x109bb7df,0x1e532384,0x00b39a23 },
-      { 0x10b16ae5,0x094250af,0x0dbd46e5,0x140b6342,0x007830c6,0x009bf938,
-        0x1314758f,0x12580ce9,0x0004ed00 } },
-    /* 119 */
-    { { 0x1ae90393,0x1a0c2e8c,0x0f593987,0x0f685294,0x0fc14304,0x00d34c2a,
-        0x0e1eb800,0x18202ef8,0x00a0a91f },
-      { 0x0e2c831e,0x1851f80d,0x1c9f85bf,0x0d5d0456,0x075b4bb7,0x0450ad18,
-        0x11063c4b,0x1113da41,0x00084cf9 } },
-    /* 120 */
-    { { 0x1ca6becf,0x0c284ef7,0x1fecca36,0x1d5d00fb,0x0e8b92fc,0x0ae223bc,
-        0x1df97628,0x164e757e,0x00d57955 },
-      { 0x11b5d4f1,0x086d3cf1,0x1e9e8708,0x05e09679,0x1c20baa5,0x1044ee13,
-        0x07c75344,0x08405a28,0x008e14ea } },
-    /* 121 */
-    { { 0x12897042,0x16a81a2f,0x100b12bb,0x0a663e86,0x1fb218d0,0x00ca645e,
-        0x05632367,0x06e5549a,0x00597e1a },
-      { 0x0f0bd68c,0x193f60d6,0x00925140,0x17c1b956,0x03e846d4,0x06bd64ff,
-        0x17a96e72,0x06c33369,0x00ca3f02 } },
-    /* 122 */
-    { { 0x0170bd20,0x095085ab,0x0fd779d6,0x112fe2da,0x0ade20ea,0x1ff8a259,
-        0x1f928cd8,0x0fc61380,0x00bde7fd },
-      { 0x18f5432c,0x0b5db695,0x10d112d4,0x1b8397c0,0x15b5a210,0x0f37fc7c,
-        0x0660f6c0,0x01c14fba,0x00b623ad } },
-    /* 123 */
-    { { 0x00c7b65b,0x1adeb3ab,0x0928a269,0x18ab2047,0x06795ab8,0x07e86bd9,
-        0x0defe088,0x08cb1d82,0x00d6aa2e },
-      { 0x1138bb85,0x055e005a,0x0cea5704,0x03a243b0,0x0a32e8c3,0x18058b81,
-        0x04eac93f,0x1c05b98a,0x00111662 } },
-    /* 124 */
-    { { 0x0fb42b87,0x008a00af,0x1b137fde,0x1ebae036,0x1c129bd9,0x066bd3eb,
-        0x03e19bb3,0x197296ea,0x00db3ee1 },
-      { 0x134837cf,0x1379ed87,0x15e353ec,0x1da31772,0x0657de7e,0x0fc9be2b,
-        0x096574b3,0x084a440d,0x00886a64 } },
-    /* 125 */
-    { { 0x05b569ea,0x011a67db,0x0846704f,0x022283ee,0x0619e200,0x042ed0ad,
-        0x1ef22eb7,0x1d603142,0x00a70cf4 },
-      { 0x0c4a6a65,0x127cbd74,0x0d0de3c8,0x0b9e4e02,0x0096036e,0x104f27bf,
-        0x0ddef8e9,0x157a2e8f,0x00aa4772 } },
-    /* 126 */
-    { { 0x1aa60cc0,0x1b3b098b,0x1a0457d9,0x02c6c206,0x1bb5ac79,0x05da5de0,
-        0x05d37b66,0x1b861f5f,0x00611a6d },
-      { 0x015ee47a,0x073c65e6,0x0365a94c,0x12c5049c,0x1ed882e8,0x0d6f9eec,
-        0x1220dbcd,0x1f02c853,0x005cfffa } },
-    /* 127 */
-    { { 0x1b7a99cd,0x06aa67fc,0x0f116870,0x07733b08,0x139e17bf,0x0847b163,
-        0x05300e2a,0x046fb833,0x006e5a6b },
-      { 0x0ba5db77,0x1c5a2a70,0x1d8358fb,0x1100ff59,0x08378b7b,0x00633b30,
-        0x0f339647,0x11a485b5,0x00481a23 } },
-    /* 128 */
-    { { 0x15d0b34a,0x1a0bde01,0x09f029f8,0x1670d706,0x162d1440,0x1316d601,
-        0x050e3edc,0x099c19bf,0x002c4111 },
-      { 0x0d95a0b1,0x1d2e778d,0x1550d88a,0x166f50cf,0x086c9c09,0x06e900f2,
-        0x0a5c9b5b,0x17e85ff2,0x0020477a } },
-    /* 129 */
-    { { 0x18d65dbf,0x1ba8b9e0,0x07b6b60b,0x1f281c67,0x1001c77b,0x0935ee78,
-        0x1ad9c08b,0x1358ee72,0x00ac6640 },
-      { 0x06261cc3,0x185d9b7e,0x039fa422,0x1ef79232,0x06c10213,0x075d522f,
-        0x1e159507,0x0eb98245,0x00ce8e69 } },
-    /* 130 */
-    { { 0x1c0a67d2,0x1890da0d,0x13492283,0x08ec1488,0x1473762d,0x078eb2cd,
-        0x12a03811,0x0ca4a176,0x0008fde3 },
-      { 0x048bf287,0x07761ed4,0x0da75bab,0x0c4305a6,0x09482c2a,0x0fee4922,
-        0x135cd60b,0x1a4acbad,0x002f7e2f } },
-    /* 131 */
-    { { 0x03770fa7,0x125c96de,0x0410fe6b,0x1d1ab86f,0x01171095,0x074e8bbb,
-        0x0ab953cd,0x05d20ee0,0x00c65be9 },
-      { 0x16fd0a40,0x1ac5181f,0x139e12c9,0x1045c779,0x167bfe7d,0x1ac2a7cb,
-        0x0ce9eb93,0x08fa2327,0x004bff8e } },
-    /* 132 */
-    { { 0x00ff1480,0x0a0e90f8,0x1536c5b3,0x11f6fa0e,0x0f3ea2ab,0x0977ddf0,
-        0x19f6b207,0x1ccaee52,0x003e4e4a },
-      { 0x1c5303e6,0x10c79b69,0x0988e5df,0x13329724,0x0c3c03bd,0x07130992,
-        0x00a27b5c,0x1fab1d8c,0x005388ae } },
-    /* 133 */
-    { { 0x1e5d7713,0x0898bf5a,0x179276ab,0x130bdceb,0x1b26109b,0x1e27e3a7,
-        0x1838cbd6,0x1a29eeb7,0x005cf908 },
-      { 0x0e657b12,0x1021a884,0x1bb6799d,0x08434b72,0x0ccc2bfd,0x1a8fc4b8,
-        0x138838a7,0x080c1e01,0x00a698ba } },
-    /* 134 */
-    { { 0x0f748fec,0x1ed8b437,0x074b3e5c,0x0eab44fd,0x05effe6e,0x12a26713,
-        0x16358c2d,0x114f5d75,0x00b142ef },
-      { 0x17d5770a,0x098d7cf8,0x0cd04beb,0x1e76ce59,0x159de66a,0x068def99,
-        0x01d5af58,0x12cb0a2a,0x00d1896a } },
-    /* 135 */
-    { { 0x13c41c08,0x02cabd59,0x1a38b87b,0x1d2958a8,0x12f6c87d,0x15b9d623,
-        0x08e46205,0x016f303b,0x00267b0e },
-      { 0x0e62b988,0x12aa72ec,0x1b4879db,0x1b8eaa22,0x06f99d8d,0x1d781e95,
-        0x0e4d1843,0x0f542232,0x00b54e28 } },
-    /* 136 */
-    { { 0x178a876b,0x100915a8,0x14412d02,0x1f2dfe10,0x09f7651f,0x18d58a79,
-        0x1398142c,0x116bf0fa,0x0084abb2 },
-      { 0x0270790a,0x0f6a1cfc,0x18fd1af5,0x196b3b0b,0x022122d6,0x0e0db60f,
-        0x1901d7d5,0x0ce2ecaa,0x00e5436f } },
-    /* 137 */
-    { { 0x0286e8d5,0x1fc812f1,0x1114ef94,0x192b690c,0x0e3a0353,0x1adef204,
-        0x067b60cb,0x116b739d,0x000404f6 },
-      { 0x0781e8e5,0x1699def5,0x0f0bd6f2,0x1ea0302c,0x1caa33cd,0x14b0008c,
-        0x1c055d5d,0x1be15838,0x003a4263 } },
-    /* 138 */
-    { { 0x1aeb596d,0x14b2f664,0x0f24ad30,0x1407ce04,0x1396101e,0x1a5b1700,
-        0x0d9d1c12,0x07f20bd4,0x000ca8fd },
-      { 0x151b2b61,0x1291d212,0x03f341a4,0x0f513872,0x0a63e1eb,0x095f01c9,
-        0x10cf9fc7,0x0c89bb61,0x0096dca2 } },
-    /* 139 */
-    { { 0x187510af,0x01dda1d1,0x08da8048,0x1fd55153,0x10378846,0x0bb817ca,
-        0x077348e9,0x024755ab,0x004363e2 },
-      { 0x00246a47,0x121d0e3a,0x17749372,0x0571a5ca,0x1af96b36,0x03022ec7,
-        0x0313e6c2,0x0b9b1773,0x00840e11 } },
-    /* 140 */
-    { { 0x1023e8a7,0x09102f10,0x171e82fc,0x11519bb1,0x05ddfc80,0x11390b1d,
-        0x1b538a4a,0x17a61bda,0x005e0d6a },
-      { 0x1cfc0f64,0x1d390e13,0x157b6201,0x1d803a1c,0x19db242e,0x1f7c8e8f,
-        0x09689a9e,0x1e8528b4,0x007dea48 } },
-    /* 141 */
-    { { 0x05060a81,0x1efb78e7,0x1e55856a,0x1f38e5f1,0x0268be79,0x162a0356,
-        0x1b473f4d,0x17dd7fa2,0x00abc2a2 },
-      { 0x13e2eac7,0x16337c8e,0x174119a2,0x0174c7a5,0x0d31b6f1,0x11bb8141,
-        0x1f059e43,0x128d8fdd,0x004ea353 } },
-    /* 142 */
-    { { 0x1266309d,0x0c517c6a,0x05168fbb,0x038d8103,0x05dc10a5,0x1a2d2bc6,
-        0x1f0f3b2b,0x1123929f,0x003a76e6 },
-      { 0x1d7b0d0f,0x15674523,0x161297e6,0x159d2d1e,0x17fbe963,0x06392734,
-        0x1191468c,0x0148cbcc,0x008212a1 } },
-    /* 143 */
-    { { 0x0fab8caa,0x1be30e1e,0x0508e43b,0x171d081c,0x133ca18e,0x1fb3bf4b,
-        0x05933477,0x0e2b3396,0x00aa7cab },
-      { 0x1c837bd1,0x17e4939d,0x1abd75c0,0x080fa186,0x1da49c06,0x09497a11,
-        0x1f0c5d88,0x0e7fc0c2,0x0040e380 } },
-    /* 144 */
-    { { 0x07bf9b7c,0x07c04125,0x0f8c343d,0x1a46407f,0x19ce3365,0x09904be7,
-        0x149afef9,0x001660aa,0x00e36047 },
-      { 0x0cc6c2c7,0x0e5cc88b,0x132fb993,0x106e1174,0x0d9ec726,0x0a1a31bd,
-        0x057f737b,0x0ef47bdc,0x006542d6 } },
-    /* 145 */
-    { { 0x1b6c377a,0x1995b683,0x0d122f8f,0x00708f20,0x08af76cb,0x09d4106d,
-        0x1c875bf7,0x1dc1376d,0x00a6534a },
-      { 0x1035facf,0x050bc068,0x12d1f98c,0x0ab4673b,0x1f39335e,0x07f0e223,
-        0x1c89ba94,0x05fb935d,0x00f3cb67 } },
-    /* 146 */
-    { { 0x1b55fd83,0x19b8cff1,0x1777443a,0x0f48d90e,0x0a784e0d,0x0fd482e7,
-        0x039cceb2,0x05d55d0e,0x007cafaa },
-      { 0x1d53b338,0x1c0a6820,0x01f9b1a6,0x198141df,0x12b0fe0a,0x088408b3,
-        0x08bbee4f,0x183737aa,0x000aab13 } },
-    /* 147 */
-    { { 0x12681297,0x0e6713c6,0x02551ab7,0x0a1d636a,0x1aaf2cb3,0x18b9bb30,
-        0x0ba4b710,0x00508e02,0x004b91a6 },
-      { 0x12f8ddcf,0x07f884ab,0x0446bd37,0x17ec3d35,0x0430e08e,0x1b0561b9,
-        0x12ad23d0,0x0a6e4643,0x0049534c } },
-    /* 148 */
-    { { 0x107b7e9d,0x1efbeb8f,0x13545be0,0x11df4627,0x07ee3a47,0x1325b602,
-        0x17b9e3bc,0x09facb58,0x00caf46c },
-      { 0x12aa8266,0x026863bc,0x0da12ee8,0x08a8cd22,0x116b0edf,0x08b45725,
-        0x1c3d5b99,0x0ae098ce,0x0014ce9e } },
-    /* 149 */
-    { { 0x165e8f91,0x0a22f1f4,0x03c924a6,0x19437596,0x0a0a0d3a,0x0387c864,
-        0x09c74c73,0x14a7c993,0x001bb708 },
-      { 0x158bdd7a,0x0e54f34a,0x0289ac75,0x140a1003,0x0f1ec734,0x1538a64e,
-        0x040ac24e,0x1e5b4600,0x00f9d126 } },
-    /* 150 */
-    { { 0x0ff9563e,0x04de53d5,0x0645281d,0x0ef5fd69,0x11671dd0,0x0188dfaf,
-        0x11a789e8,0x172e53d9,0x00807afc },
-      { 0x09b08b77,0x1c5499be,0x0f1f8e1f,0x074f0a88,0x1d8ba86c,0x1d2ca3b7,
-        0x163217eb,0x1a2cad19,0x00751adc } },
-    /* 151 */
-    { { 0x10715c0d,0x1751c5a0,0x1da5fde2,0x07d4e31e,0x1f06dd11,0x158a49fd,
-        0x10fd997a,0x0d04a6ee,0x0029ec44 },
-      { 0x150bebbc,0x0ca38ce5,0x1415088f,0x1dcb7fc8,0x1edb1399,0x0d9d4696,
-        0x1df64335,0x1c725480,0x00ff9370 } },
-    /* 152 */
-    { { 0x06b75b65,0x0d16b4de,0x19947156,0x11f1aa4c,0x1d7d2418,0x199f1ef4,
-        0x0068a2a7,0x1174553a,0x00977647 },
-      { 0x129af2c7,0x0293116c,0x1a4248e2,0x1ebada9c,0x051e9334,0x03f2d44d,
-        0x0beb39b3,0x07f585f0,0x0074a631 } },
-    /* 153 */
-    { { 0x175f079c,0x17a6feed,0x18dbeeec,0x00f92a31,0x136dd85b,0x1e7873e6,
-        0x18f46db3,0x02a1fe90,0x00ab75be },
-      { 0x173fc9b7,0x0d9b3e00,0x1653f420,0x14e841a4,0x11236b90,0x1f81e204,
-        0x07d857f6,0x05c1688b,0x004ebeac } },
-    /* 154 */
-    { { 0x1c9f2c53,0x1b62ff3a,0x0ba5047a,0x0440231d,0x0c5d8d25,0x1b19fcad,
-        0x1ff32221,0x0f658375,0x00df9988 },
-      { 0x050aaecb,0x1bc77694,0x15a89cae,0x12303603,0x1bcac9d4,0x0a88d8e6,
-        0x01625e37,0x14eef3e8,0x0027b040 } },
-    /* 155 */
-    { { 0x173b2eb2,0x0202edbf,0x06c84624,0x1f0a111c,0x0327ee0d,0x18a92cb1,
-        0x0fd5406d,0x06fc99f4,0x00b393dd },
-      { 0x1fd75165,0x091873d9,0x14cd5528,0x06898579,0x15022d66,0x18df07bd,
-        0x1065b0db,0x025a08c6,0x0009588c } },
-    /* 156 */
-    { { 0x02601c3b,0x043049f8,0x170cd7f8,0x04a5f19e,0x0ff28fb0,0x194044a5,
-        0x122e5573,0x153b73ec,0x0081c879 },
-      { 0x06f56c51,0x007343e6,0x05d86301,0x08e2d27e,0x1353bfed,0x0520c82c,
-        0x0f1113e2,0x1eabf823,0x00fa0d48 } },
-    /* 157 */
-    { { 0x01608e4d,0x0370e4ef,0x00a08b2f,0x1bb4226b,0x0c2d7010,0x0ee08abf,
-        0x1f5bdadf,0x0ad6d46c,0x008ea0e1 },
-      { 0x0383b3b4,0x1aa70179,0x007d4f28,0x0cd7287e,0x03ca5699,0x119596f0,
-        0x16b13fd9,0x049f4016,0x003f5ab9 } },
-    /* 158 */
-    { { 0x19739efb,0x1bdd86ca,0x1afb034c,0x0361e9cf,0x067d1c75,0x16eb208d,
-        0x15b8b694,0x10e56e84,0x008bc768 },
-      { 0x02d3d253,0x0df1db94,0x035de7e9,0x0cf343eb,0x167bba9f,0x00b470b3,
-        0x0d3e872b,0x120c1f9e,0x00b386f1 } },
-    /* 159 */
-    { { 0x0fedcfc2,0x0f9e09a9,0x1e2bc34c,0x0d7ec4c5,0x088c2539,0x1a7572b9,
-        0x1136680a,0x1ee360d3,0x004cb460 },
-      { 0x1b8095ea,0x133da69a,0x101d80eb,0x17f0b2df,0x0a16592b,0x0fb35b0a,
-        0x088f851d,0x0112bdea,0x0052c0d5 } },
-    /* 160 */
-    { { 0x15339848,0x18e10870,0x1de32348,0x1451d0e0,0x0e170e87,0x1330b4ab,
-        0x102e7477,0x07057613,0x004ac3c9 },
-      { 0x0998987d,0x0df02a8b,0x027d3586,0x06ed895c,0x1933d8b2,0x1bb28d1f,
-        0x17d07782,0x18fc72e0,0x00380d94 } },
-    /* 161 */
-    { { 0x01542e75,0x0d1aad54,0x006e6dc0,0x0e4943dc,0x1708796c,0x14bbb126,
-        0x1ebdace8,0x0e3bc4c6,0x002ce3e1 },
-      { 0x15d5bc1a,0x1f7f5a4f,0x1df8ad73,0x0ac0fc4e,0x1756ca65,0x1617ca89,
-        0x19353faa,0x0a416c49,0x002e6cd8 } },
-    /* 162 */
-    { { 0x0c31c31d,0x142caa5c,0x1c86830d,0x067a00b7,0x19ec9685,0x11373ae3,
-        0x15502f5d,0x08e858d3,0x00ca1775 },
-      { 0x16d2dbb2,0x0376d7ff,0x12a74633,0x1b197a2e,0x178e8fd0,0x03c9d522,
-        0x139a1d7a,0x02739565,0x00a976a7 } },
-    /* 163 */
-    { { 0x13fb353d,0x1328f8dc,0x1f3e9c82,0x195716af,0x15281d75,0x07d398d8,
-        0x0666aa23,0x02e143e9,0x008720a7 },
-      { 0x093e1b90,0x01f469bb,0x1db7f0e3,0x0bb8162d,0x08742d34,0x08055a95,
-        0x04f23aa3,0x0538ed31,0x009719ef } },
-    /* 164 */
-    { { 0x18e35909,0x10776c6a,0x177045a0,0x0db1b867,0x05026936,0x0ce83710,
-        0x13075fe6,0x0edc2ae0,0x00a50729 },
-      { 0x04e70b2e,0x0151bf56,0x042aa280,0x19ecaed1,0x12a5c84d,0x1f8c322d,
-        0x1c9735c6,0x13bef6ee,0x0099389c } },
-    /* 165 */
-    { { 0x1ada7a4b,0x1c604793,0x0e24d988,0x1d3a07fa,0x1512c3ab,0x1744bb37,
-        0x0b91ad9c,0x15440590,0x00a88806 },
-      { 0x1380184e,0x10102256,0x1aa2e159,0x16f18824,0x04f17a8c,0x186056c2,
-        0x13f9e759,0x1f68e71b,0x000043bf } },
-    /* 166 */
-    { { 0x16d5192e,0x0acdaee1,0x042cabe3,0x110ba68b,0x01781acf,0x168508b0,
-        0x019a0d59,0x00374d89,0x0052f3ef },
-      { 0x0edcb64d,0x0c339950,0x1a0de7ce,0x10584700,0x0f3090a4,0x12fd3820,
-        0x19d45b2f,0x1133de4f,0x003296bd } },
-    /* 167 */
-    { { 0x054d81d7,0x1b55d44a,0x1ae6cf11,0x1bcfdea3,0x179869ea,0x10e6c0e2,
-        0x07a58668,0x17f5dcae,0x003b90fe },
-      { 0x1496f7cb,0x1c9811f2,0x0d46f124,0x1c83b0ff,0x0b5ce55b,0x0ea44cdf,
-        0x0c600fc7,0x13b3f021,0x006e8806 } },
-    /* 168 */
-    { { 0x143ea1db,0x11bd588d,0x1674a4b3,0x1fe352a4,0x0f1860a7,0x0110c7c2,
-        0x144e146c,0x1d5bdf55,0x00a7222b },
-      { 0x0b0a9144,0x1563c761,0x1e967168,0x0480a3e5,0x1ce385a0,0x1652b0a3,
-        0x1a424747,0x04778558,0x00be94d5 } },
-    /* 169 */
-    { { 0x0b226ce7,0x17a4a2f0,0x1fa2dc1c,0x1fae8f2c,0x0c63eb8a,0x0378c2d3,
-        0x1d9bb7a9,0x1fd37d18,0x007782de },
-      { 0x1db38626,0x10695521,0x1d9eb45d,0x15cf0eed,0x19cdb460,0x037e2a24,
-        0x192cd06e,0x0cf45125,0x00038385 } },
-    /* 170 */
-    { { 0x19ec1a0f,0x0c6d77eb,0x0ce725cb,0x19adfb9d,0x01a953bb,0x0ffe2c7b,
-        0x1083d55d,0x1895bef6,0x00dbd986 },
-      { 0x15f39eb7,0x0d5440a0,0x0365db20,0x05f9eb73,0x1717d6ee,0x03aee797,
-        0x0f415195,0x188d0c17,0x008e24d3 } },
-    /* 171 */
-    { { 0x1a587390,0x04ec72a4,0x0fb1621d,0x16329e19,0x183c612b,0x1ed2592c,
-        0x1f211b81,0x18880f75,0x00541a99 },
-      { 0x024c8842,0x1920b493,0x1b017ff6,0x098255b0,0x1cf62604,0x0a5a27bf,
-        0x17471674,0x093eafa6,0x00c0092c } },
-    /* 172 */
-    { { 0x1f2e61ef,0x1e63ae1e,0x06cd72b4,0x1083905c,0x129f47e8,0x1868c84f,
-        0x113718b4,0x068e50d2,0x0075e406 },
-      { 0x1bc237d0,0x1ea0fe2d,0x13c07279,0x06f7e1d8,0x1d534c95,0x0d0b1415,
-        0x161a4714,0x0b18f090,0x005b7cb6 } },
-    /* 173 */
-    { { 0x0a28ead1,0x12538424,0x0ed1fda5,0x1b8a11fa,0x05b39802,0x1fe8bb3f,
-        0x1e866b92,0x1751be12,0x007ae13e },
-      { 0x0add384e,0x090b77c7,0x0cbfc1bf,0x0345b36d,0x1b5f3036,0x0c3c25e6,
-        0x0ff4812e,0x0e9c551c,0x00787d80 } },
-    /* 174 */
-    { { 0x157fbb1c,0x0f12eb5b,0x08077af1,0x17bb6594,0x033ffe47,0x14d1b691,
-        0x12112957,0x0333de50,0x005c2228 },
-      { 0x08315250,0x19ea542c,0x1c25f05d,0x04345704,0x1d33f21b,0x0750ef7a,
-        0x0ac2adf1,0x15775e1e,0x00e45d37 } },
-    /* 175 */
-    { { 0x08511c8a,0x16f8f1a1,0x129b34f4,0x0453917b,0x039a7ebb,0x18d3b13e,
-        0x074d5e29,0x04509bf7,0x00ed7bc1 },
-      { 0x13dea561,0x191536fc,0x03c3b473,0x07e31ba9,0x123e8544,0x10a02dd6,
-        0x149f62e1,0x1928b94d,0x00aac97c } },
-    /* 176 */
-    { { 0x016bd00a,0x1aa753a5,0x102f307a,0x13d35beb,0x1fc06d83,0x1bf88fcd,
-        0x113824ae,0x16622c7b,0x00318f97 },
-      { 0x030d7138,0x06062df6,0x10c0883b,0x11be4757,0x0360644e,0x0b97d811,
-        0x1d34aede,0x1433509f,0x00fa41fa } },
-    /* 177 */
-    { { 0x06642269,0x0016cba5,0x0de0ef51,0x10299d37,0x1e60bc81,0x1c723ca0,
-        0x0788e634,0x0583a4dd,0x0038bb6b },
-      { 0x0a577f87,0x1272512b,0x047f8731,0x05a4a7b8,0x007288b5,0x155fb114,
-        0x0697fccd,0x00b9cec0,0x0094dd09 } },
-    /* 178 */
-    { { 0x1e93f92a,0x0b67bee6,0x0d7cc545,0x06679713,0x1e750a01,0x06fce4ca,
-        0x0ba40901,0x0cfa4b85,0x00920778 },
-      { 0x0bf39d44,0x1238f008,0x0ed4f5f8,0x1920412d,0x03d8f5f2,0x1bd9ae4e,
-        0x0d453112,0x117a537d,0x0081e842 } },
-    /* 179 */
-    { { 0x0477199f,0x0ece15d6,0x17b3765b,0x11dddcd6,0x0fd0e8cb,0x0d9ff720,
-        0x12c62bdf,0x0c5b77f4,0x001b94ab },
-      { 0x0e47f143,0x0786c59e,0x1d1858d1,0x0c47f8c7,0x1938351e,0x1387e62c,
-        0x03bbc63c,0x0500aab2,0x0006a38e } },
-    /* 180 */
-    { { 0x13355b49,0x12d809cd,0x1afe66cb,0x04cac169,0x1f3dc20e,0x1d35e934,
-        0x13e3023f,0x04107b3a,0x00a7b36c },
-      { 0x1b3e8830,0x068ae1d0,0x07e702d9,0x19d5c351,0x16930d5f,0x12517168,
-        0x08833fbb,0x16945045,0x00be54c6 } },
-    /* 181 */
-    { { 0x0d91167c,0x166d9efc,0x099897b5,0x187ef3cf,0x0c7f4517,0x12479a35,
-        0x0aedc415,0x157d5c04,0x00bf30a5 },
-      { 0x13828a68,0x13bc2df4,0x0fbc0da3,0x038664fe,0x146b2516,0x0ff5ac90,
-        0x04eb846d,0x1bc4e65a,0x00d1c820 } },
-    /* 182 */
-    { { 0x1038b363,0x01f09a3c,0x01794641,0x023ea8d6,0x0cad158c,0x1d5f3013,
-        0x168d3f95,0x1dad1431,0x00b7d17b },
-      { 0x029c2559,0x0652c48f,0x1fff6111,0x1406ecb7,0x069484f7,0x1257ba72,
-        0x11912637,0x0bcc8259,0x003997fd } },
-    /* 183 */
-    { { 0x0bd61507,0x103a3414,0x09934abc,0x0265aa69,0x015e329e,0x0fd84545,
-        0x0fa3ffb7,0x05278d82,0x000eeb89 },
-      { 0x07e259f8,0x0db4d1f5,0x0f9f99fa,0x1b6fcda2,0x1a685ce1,0x0c7b568f,
-        0x1bbc9dcc,0x1f192456,0x00228916 } },
-    /* 184 */
-    { { 0x0a12ab5b,0x0cd712d8,0x1ef04da5,0x022e3f2a,0x02b0ccc1,0x014f68b7,
-        0x05fa0161,0x03add261,0x00ec05ad },
-      { 0x0c3f3708,0x0bdd2df5,0x0d675dc5,0x15f26a61,0x034e531b,0x091b88c1,
-        0x0cdd1ed5,0x0acffe23,0x007d3141 } },
-    /* 185 */
-    { { 0x16dfefab,0x1ece02e7,0x0cddc1de,0x1e44d1b9,0x0bb95be2,0x16cb9d1c,
-        0x1e8f94fa,0x1f93783a,0x00e9ce66 },
-      { 0x0f6a02a1,0x0d50abb3,0x19803b5d,0x010fbec1,0x1c1b938c,0x1f9a3466,
-        0x1947e251,0x002e4500,0x00d9650b } },
-    /* 186 */
-    { { 0x1a057e60,0x025a6252,0x1bc97914,0x19877d1b,0x1ccbdcbc,0x19040be0,
-        0x1e8a98d4,0x135009d6,0x0014d669 },
-      { 0x1b1f411a,0x045420ae,0x035da70b,0x175e17f0,0x177ad09f,0x17c80e17,
-        0x062ad37b,0x0821a86b,0x006f4c68 } },
-    /* 187 */
-    { { 0x16c24a96,0x1936fa74,0x0f6668e1,0x1b790bf9,0x0e30a534,0x17794595,
-        0x0aecf119,0x1fac2313,0x004c4350 },
-      { 0x1855b8da,0x0b3fb8b7,0x0f0e284a,0x0847288c,0x1334341a,0x0a09f574,
-        0x02d70df8,0x084b4623,0x00a726d2 } },
-    /* 188 */
-    { { 0x148c1086,0x17359f74,0x14e8b876,0x1ca07b97,0x022f3f1d,0x169f81e8,
-        0x0e48fcd7,0x10598d9e,0x0013639e },
-      { 0x0dafaa86,0x1649c7de,0x15289626,0x178bf64c,0x11329f45,0x19372282,
-        0x168c658e,0x1c383466,0x00ca9365 } },
-    /* 189 */
-    { { 0x0c3b2d20,0x10ad63aa,0x138906cd,0x14a82f20,0x1071d742,0x10e2664e,
-        0x0a96c214,0x0692e16e,0x009ce29c },
-      { 0x0d3e0ad6,0x0640fb9b,0x1e10d323,0x01b53de5,0x062d9806,0x0e8d3674,
-        0x1e60d7b4,0x1af56855,0x0048c4ab } },
-    /* 190 */
-    { { 0x00c7485a,0x110d8662,0x09d36ff4,0x08ab77ca,0x1d2e8ead,0x1b4c4931,
-        0x0f2d24f1,0x065ecf66,0x0078017c },
-      { 0x130cb5ee,0x0e9abb4c,0x1023b4ae,0x029d2818,0x11a4dc0d,0x1faa9397,
-        0x1013e2de,0x0a9bcb83,0x0053cd04 } },
-    /* 191 */
-    { { 0x1d28ccac,0x06ac2fd2,0x16dd1baf,0x047cac00,0x123aa5f8,0x1850e680,
-        0x0a3df1e7,0x183a7aff,0x00eea465 },
-      { 0x0551803b,0x00832cf8,0x19abdc1e,0x16b33ef9,0x08e706c0,0x13b81494,
-        0x064d0656,0x148f5cd2,0x001b6e42 } },
-    /* 192 */
-    { { 0x167d04c3,0x14049be7,0x1bae044b,0x0257c513,0x14d601e3,0x0c43c92c,
-        0x14f55ad7,0x02830ff7,0x000224da },
-      { 0x0c5fe36f,0x1d5dc318,0x1d47d7e1,0x1e78c09d,0x029ec580,0x18dfd9da,
-        0x1cce593e,0x1e0857ff,0x0060838e } },
-    /* 193 */
-    { { 0x1e0bbe99,0x19659793,0x0a8e7b90,0x1489e609,0x139037bd,0x1e3d4fd4,
-        0x190d7d25,0x0045a662,0x00636eb2 },
-      { 0x13ae00aa,0x07e8730c,0x0b9b4bff,0x1401fc63,0x1901c875,0x0c514fc9,
-        0x0eb3d0d9,0x16c72431,0x008844ee } },
-    /* 194 */
-    { { 0x0b3bae58,0x0a0b8e93,0x18e7cf84,0x07bee22f,0x0eada7db,0x1e3fc0d4,
-        0x027b34de,0x1b8a3f6f,0x0027ba83 },
-      { 0x1bf54de5,0x1efa1cff,0x1f869c69,0x0e06176b,0x17a48727,0x071aed94,
-        0x12ad0bba,0x0690fe74,0x00adb62d } },
-    /* 195 */
-    { { 0x0175df2a,0x188b4515,0x030cba66,0x15409ec3,0x10916082,0x19738a35,
-        0x02cb2793,0x0ecebcf9,0x00b990fd },
-      { 0x0df37313,0x014ecb5a,0x0d01e242,0x00aaf3a1,0x077111c2,0x17253c04,
-        0x06359b26,0x1f29a21a,0x0081707e } },
-    /* 196 */
-    { { 0x03d6ff96,0x1ebe5590,0x010cd825,0x0a37f81b,0x0db4b5b8,0x11e26821,
-        0x09709a20,0x1d5ab515,0x003792da },
-      { 0x141afa0b,0x140c432c,0x160d9c54,0x13ce8285,0x0e0a7f3e,0x1293adf2,
-        0x06e85f20,0x0bd29600,0x005abd63 } },
-    /* 197 */
-    { { 0x0ac4927c,0x13fd4270,0x1233c8dc,0x10c06b4f,0x0a0dfe38,0x0af5256e,
-        0x184292f3,0x04308d56,0x005995bf },
-      { 0x029dfa33,0x087c305c,0x03f062fa,0x1fc55d2b,0x10366caa,0x17a23c31,
-        0x047a6cee,0x145a9068,0x0044c32c } },
-    /* 198 */
-    { { 0x040ed80c,0x1a54bf8f,0x14b2a0a9,0x07196263,0x16ad95f9,0x0925be16,
-        0x15314fc8,0x1f701054,0x001f2162 },
-      { 0x120b173e,0x1233e62b,0x17c4be5f,0x114ccc10,0x165dc40e,0x0107264e,
-        0x1f2633af,0x05787d20,0x008f1d40 } },
-    /* 199 */
-    { { 0x1bc4058a,0x1ac97ce7,0x0bd59c13,0x1c296c52,0x18c57b15,0x1f1bde0e,
-        0x0fe71573,0x08724ddb,0x00b1980f },
-      { 0x12c76b09,0x0619f049,0x0c1fde26,0x0a4f3a67,0x1b4611df,0x156a431d,
-        0x1915bc23,0x1366e891,0x002828ad } },
-    /* 200 */
-    { { 0x04cf4ac5,0x0b391626,0x1992beda,0x18347fbb,0x10832f5a,0x1d517044,
-        0x0e401546,0x04eb4296,0x004973f1 },
-      { 0x122eac5d,0x0cec19a9,0x166d5a39,0x0fddea17,0x083935e0,0x1907d12c,
-        0x0b1eacd9,0x1a1b62d1,0x006dac8e } },
-    /* 201 */
-    { { 0x0da835ef,0x1daa2d77,0x043b547d,0x0227a43a,0x01b094aa,0x12f009ba,
-        0x19300d69,0x0b24173b,0x004b23ef },
-      { 0x1c4c7341,0x015db401,0x162f0dfa,0x0ee0da7e,0x03ee8d45,0x1c31d28f,
-        0x0939cd49,0x069bbe93,0x004dd715 } },
-    /* 202 */
-    { { 0x15476cd9,0x1ca23394,0x069c96ef,0x1a0e5fc6,0x167e0648,0x045c7e25,
-        0x16ec5107,0x0005e949,0x00fd3170 },
-      { 0x0995d0e1,0x05a1ffa4,0x1dca6a87,0x0d2ba21d,0x1898276e,0x1cbb20bc,
-        0x0d978357,0x1192ad3e,0x0014fac5 } },
-    /* 203 */
-    { { 0x1312ae18,0x0cd0032f,0x124ff26b,0x0b1b81f9,0x12846519,0x0120453e,
-        0x09436685,0x0a26d57b,0x00ed7c76 },
-      { 0x05d4abbc,0x113878d1,0x0844fa91,0x1bb1e7e3,0x1952f9b5,0x183aada8,
-        0x1d4f1826,0x1ee9a5d3,0x00fefcb7 } },
-    /* 204 */
-    { { 0x1a119185,0x084a4bd5,0x1116e92f,0x1d186155,0x01179d54,0x1cef5529,
-        0x002d2491,0x0fd0fc1b,0x001801a5 },
-      { 0x1cafffb0,0x19e9fc6f,0x09549001,0x0678175c,0x1dfbc6cf,0x1b1dadaf,
-        0x0191e075,0x03c3d5a2,0x009f8fc1 } },
-    /* 205 */
-    { { 0x1e69544c,0x0c1d0b8a,0x12de04c5,0x1f0acfe0,0x04c320ea,0x147e93c5,
-        0x06a4788a,0x13a7a74d,0x00a9d380 },
-      { 0x19a2da3b,0x1b616162,0x057211e4,0x1979ec31,0x1086938c,0x122731ea,
-        0x1bdd7994,0x15dc22f1,0x003006b9 } },
-    /* 206 */
-    { { 0x09eead28,0x1d8f9586,0x1d37ef02,0x1ec6bb13,0x089397ee,0x0bfed967,
-        0x1d841d1d,0x1ae8bf1e,0x000ab85f },
-      { 0x1e5b4549,0x06d3e499,0x048bc87b,0x0576b92f,0x180404be,0x093a5a1d,
-        0x0b089868,0x0ea23d28,0x00b122d6 } },
-    /* 207 */
-    { { 0x06a5ae7a,0x1f303df3,0x0b72f8ce,0x0e07f4ed,0x0e5c501e,0x0180a75b,
-        0x0bb2be41,0x18212fb7,0x009f599d },
-      { 0x0ff250ed,0x0badb8c0,0x0688371b,0x122ae869,0x027a38eb,0x02d20859,
-        0x0de10958,0x1c114529,0x007d5528 } },
-    /* 208 */
-    { { 0x00c26def,0x07ac7b31,0x0acb47bc,0x0b0bd4b0,0x03881025,0x0bcd80e7,
-        0x1cc3ef9f,0x002607e2,0x0028ccea },
-      { 0x19644ba5,0x0ed5e68b,0x1ffc2e34,0x0c87d00d,0x1e17b1fc,0x1b7e3359,
-        0x0efe9829,0x09143a02,0x00c18baf } },
-    /* 209 */
-    { { 0x1dc4216d,0x0731c642,0x1850ab0d,0x0020ce40,0x1064a00c,0x10b8cafa,
-        0x05af514e,0x13b6f52b,0x009def80 },
-      { 0x07ab8d2c,0x0f432173,0x0de8ad90,0x080866c4,0x0218bb42,0x1536b262,
-        0x1395f541,0x160d1011,0x000357f8 } },
-    /* 210 */
-    { { 0x0cd2cc88,0x14edf322,0x0e3ce763,0x03851be1,0x0a0c8cc6,0x0c3a6698,
-        0x021d28c2,0x1ba36913,0x00e4a01a },
-      { 0x157cd8f9,0x168f7567,0x1653120b,0x0cfa7d7a,0x0f7871b7,0x0e38bde9,
-        0x10c29ca5,0x0f39c219,0x00466d7d } },
-    /* 211 */
-    { { 0x1dada2c7,0x1e98c494,0x06a89f51,0x014d871f,0x059e14fa,0x1e944105,
-        0x146a4393,0x0448a3d5,0x00c672a5 },
-      { 0x1d86b655,0x0303e642,0x0b52bc4c,0x06ba77f3,0x172a6f02,0x03402b88,
-        0x144e6682,0x1f5e54ce,0x005e3d64 } },
-    /* 212 */
-    { { 0x1b3b4416,0x1320863c,0x0c9b666a,0x1f9f0bd5,0x16a74cd8,0x1ba56db2,
-        0x0bf17aff,0x12bd71c8,0x006c8a7a },
-      { 0x102a63bd,0x06305d3d,0x03c011c4,0x1e460717,0x190b06b2,0x1b9c1896,
-        0x0a4631b0,0x0455b059,0x00348ae4 } },
-    /* 213 */
-    { { 0x1ccda2fb,0x1a3a331a,0x01c9b49f,0x1995431c,0x11f2022a,0x1bc12495,
-        0x14ba16b7,0x1c1b3de5,0x00c1074d },
-      { 0x0e9a65b3,0x079e7225,0x15c546ff,0x03c9580b,0x09788fd7,0x0fa86735,
-        0x1ff351c4,0x1b793ca9,0x00fbadfb } },
-    /* 214 */
-    { { 0x00a99363,0x189f8e69,0x1c89dd45,0x0acb1ed9,0x159b2b91,0x1ae69269,
-        0x1f365a05,0x16906e2d,0x00b7f976 },
-      { 0x1d6dbf74,0x1ac7126a,0x10ebcd95,0x0775fae3,0x1dfe38d2,0x1bb00121,
-        0x001523d1,0x05d95f99,0x00f4d41b } },
-    /* 215 */
-    { { 0x1dabd48d,0x0f8e7947,0x101e2914,0x037c6c65,0x146e9ce8,0x14ba08b8,
-        0x1c41ab38,0x1d5c02c1,0x00180824 },
-      { 0x06e58358,0x1c3b4c5b,0x1b28d600,0x0d0ea59c,0x1e6c5635,0x071a2f20,
-        0x149608e0,0x073079ed,0x0067e5f6 } },
-    /* 216 */
-    { { 0x0f4899ef,0x04e65c6e,0x0ed1303e,0x002be13d,0x18ec9949,0x093b592c,
-        0x1f1951be,0x13409823,0x009fef78 },
-      { 0x13d2a071,0x09b3f67a,0x1466c25b,0x1c34ff48,0x02eefb10,0x1fd8308f,
-        0x188329ac,0x10353389,0x00bc80c1 } },
-    /* 217 */
-    { { 0x05eb82e6,0x1929b7c7,0x1b2e4825,0x109f8fea,0x1da5e1a4,0x10b8a85a,
-        0x1c431e38,0x0c53f19b,0x0049270e },
-      { 0x0a6b50ad,0x11cdbddf,0x0e23ff06,0x05098344,0x1197b9a0,0x158bc083,
-        0x1dfd500f,0x1f2c26e5,0x00d2ee52 } },
-    /* 218 */
-    { { 0x08e0362a,0x1be6942c,0x09765374,0x1f514f1f,0x0a526442,0x1b72d21a,
-        0x1ccebfe0,0x17dcb576,0x00dfb478 },
-      { 0x073eede6,0x08f8e73b,0x16cbc12a,0x1215a856,0x0da2fa53,0x1bdfaa98,
-        0x1ce9799b,0x16811be8,0x00d9a140 } },
-    /* 219 */
-    { { 0x0e8ea498,0x10110dab,0x18fb8243,0x08f0526a,0x12ade623,0x01c899ae,
-        0x0c6b81ae,0x11ac47e9,0x00760c05 },
-      { 0x0198aa79,0x1c4dac66,0x1eae9fc2,0x1121a5e0,0x0556af74,0x00887ef1,
-        0x10253881,0x05b1e320,0x00714198 } },
-    /* 220 */
-    { { 0x0d4b0f45,0x1850719a,0x0aa5385b,0x10167072,0x01d5ed92,0x126359e3,
-        0x191cebcc,0x19d13aa9,0x003af9d1 },
-      { 0x00930371,0x0c7bcc09,0x105c25ff,0x04cc9843,0x0309beda,0x02ee6e21,
-        0x17583a55,0x186e72af,0x00b1f815 } },
-    /* 221 */
-    { { 0x09fec44a,0x07d53c74,0x0a932be1,0x055c8e79,0x0a624c8c,0x003ee0db,
-        0x0149a472,0x0282a87e,0x00a41aed },
-      { 0x1d5ffe04,0x121a9ccb,0x16db8810,0x1965bec4,0x177758ba,0x105f43c0,
-        0x03be1759,0x1bb0df6c,0x00d6e9c1 } },
-    /* 222 */
-    { { 0x06853264,0x15174bf6,0x0c1282ce,0x0a676fc4,0x0e9be771,0x15dbdc75,
-        0x03086e44,0x0215d37f,0x009c9c6e },
-      { 0x0030b74c,0x1184d2cf,0x18c7a428,0x0e929ad4,0x179f24ed,0x0591d24d,
-        0x06da27d1,0x12c81f4c,0x00566bd5 } },
-    /* 223 */
-    { { 0x018061f3,0x136008c6,0x00ff1c01,0x164ba6f9,0x13245190,0x04701393,
-        0x117bc17f,0x121ea4a6,0x00cf2c73 },
-      { 0x10eb30cf,0x04de75a0,0x1ddc0ea8,0x05d7741a,0x1f255cfd,0x021d0a87,
-        0x05e7a10b,0x0ab15441,0x0002f517 } },
-    /* 224 */
-    { { 0x0ddb7d07,0x0b77bca5,0x1155400e,0x1f8e8448,0x0a3ce0b4,0x075663c5,
-        0x05f7ebfe,0x14bd1a9b,0x0014e9ad },
-      { 0x0f7079e2,0x15240509,0x0c2003b6,0x15479bc9,0x0157d45b,0x0f16bc1c,
-        0x0ba005d9,0x1571d3b3,0x00a0ad4f } },
-    /* 225 */
-    { { 0x0a653618,0x1fdbb10a,0x1aaa97c2,0x05027863,0x09d5e187,0x139ba24a,
-        0x1478554f,0x170dcadd,0x00bcd530 },
-      { 0x12e9c47b,0x14df4299,0x00166ac5,0x0eedfd6a,0x1fbb4dc2,0x0bb08c95,
-        0x107736ea,0x19ed2f26,0x00909283 } },
-    /* 226 */
-    { { 0x16e81a13,0x1d801923,0x05c48e59,0x1c3532c4,0x019d69be,0x1b0de997,
-        0x126823b4,0x19359c2a,0x0035eeb7 },
-      { 0x1e4e5bdc,0x140572d3,0x13bb1b84,0x1a59a76d,0x06bc12dc,0x11263713,
-        0x01914b90,0x1e88915d,0x009a8b2c } },
-    /* 227 */
-    { { 0x09d03b59,0x1238df90,0x16bcaafd,0x1cc5476c,0x1eec9c90,0x18b475ea,
-        0x0de7fdff,0x1e9a8922,0x006bdb60 },
-      { 0x0a55bc30,0x16d7f5e4,0x025ff836,0x1d5a2c20,0x03bddc79,0x0ba0a60f,
-        0x02a50b86,0x1fb29741,0x0001ec3c } },
-    /* 228 */
-    { { 0x1c9485c2,0x1313bf5e,0x1ec431ee,0x1934f245,0x08d8a48c,0x0b07b851,
-        0x13d93d87,0x1808ea8c,0x00d1acb1 },
-      { 0x06f36612,0x13481589,0x186362f4,0x07489dc0,0x157ee59c,0x14099841,
-        0x1b0937e2,0x13a80ac4,0x007dcd07 } },
-    /* 229 */
-    { { 0x105a4b48,0x073ea69f,0x08c1dc97,0x1a52a46e,0x0915aadc,0x1cb8c095,
-        0x06e3463d,0x1126efa3,0x000bf535 },
-      { 0x0c68ea73,0x0f66cad3,0x0e96134d,0x07779504,0x1a723c7f,0x1a637a39,
-        0x1bf27ed9,0x1b3c2cd0,0x00d28be4 } },
-    /* 230 */
-    { { 0x18fa8e4b,0x095cc831,0x0ff63f17,0x1e30dd12,0x1b6fc559,0x115521b7,
-        0x0338e9b7,0x154a21f1,0x00d76007 },
-      { 0x123a4988,0x088555b2,0x17409ccb,0x0b9e88e9,0x07278b45,0x184151a0,
-        0x0c05fd19,0x0d166077,0x00f2b52f } },
-    /* 231 */
-    { { 0x1835b4ca,0x0abf57d4,0x19a72f03,0x0465f976,0x031982d2,0x1b406332,
-        0x14ea3bba,0x11d98b5d,0x00d8dbe9 },
-      { 0x05a02709,0x1d4df1fe,0x0e87ea32,0x1cd1cbeb,0x0a85230b,0x01e6f887,
-        0x1c17faf5,0x147dcab2,0x00e01593 } },
-    /* 232 */
-    { { 0x0a75a0a6,0x1f2d7a87,0x01600cf4,0x044d58af,0x16406512,0x0a87e80b,
-        0x1c19bf9b,0x1635d71d,0x00afec07 },
-      { 0x00bb0a31,0x1dccab3c,0x0c26ab9f,0x15e7986e,0x1f3896f1,0x10ad00d5,
-        0x1f76454e,0x0a8dc5b7,0x00a71b93 } },
-    /* 233 */
-    { { 0x18f593d2,0x1c709700,0x1e048aef,0x12085140,0x0f2add1a,0x02ed85d2,
-        0x0f645414,0x0b8c50a4,0x0053a200 },
-      { 0x07f2b935,0x1e45b1cf,0x00a58681,0x1f2eb583,0x0ca2c2bf,0x1753ba8c,
-        0x18f61af3,0x1367ab11,0x00bf47d1 } },
-    /* 234 */
-    { { 0x1d7665d5,0x194b3d3e,0x0bd37959,0x0060ae5e,0x0903f4e3,0x02d7406a,
-        0x06d85100,0x0fe73934,0x00001c2c },
-      { 0x09efc6d6,0x01d400a3,0x11e9c905,0x017b54f7,0x150a4c81,0x1385d3c0,
-        0x066d7d95,0x1cf0dff7,0x00fdadf8 } },
-    /* 235 */
-    { { 0x1fc00785,0x09c65c47,0x123ad9ff,0x14eb2276,0x08fbc77f,0x082adf9b,
-        0x12501153,0x09ab5487,0x003a838e },
-      { 0x1e97bb9a,0x10b31949,0x07653655,0x1266c688,0x12a839eb,0x08d3056d,
-        0x168d4556,0x0af0e7c3,0x003cdb82 } },
-    /* 236 */
-    { { 0x1de77eab,0x1b8a054b,0x19204244,0x038a1a82,0x1d0dff7e,0x05696758,
-        0x1ee9d8b7,0x113e3eaf,0x005a60cc },
-      { 0x00d45673,0x059b1c12,0x04f19560,0x057c32b2,0x0b7411b8,0x025c6eb2,
-        0x1f0015ca,0x0dfb7fb1,0x00922ff5 } },
-    /* 237 */
-    { { 0x09a129a1,0x1932ef76,0x0a138106,0x039caf98,0x1be3ca5b,0x0623675f,
-        0x158810e0,0x0fbed8b9,0x0072919a },
-      { 0x0fb90f9a,0x0c7a29d4,0x1900c6ca,0x13801711,0x11856d71,0x073bbcb7,
-        0x026b8cb0,0x1006c481,0x005e7917 } },
-    /* 238 */
-    { { 0x1f63cdfb,0x00b762ab,0x12b93f57,0x146ae3e3,0x197ca8e6,0x15f52b02,
-        0x1eaff389,0x0e3c4985,0x004e0a53 },
-      { 0x05765357,0x1b52069d,0x1ce8ad09,0x135e881a,0x11a323c8,0x185720e8,
-        0x13bae3cd,0x031aacc0,0x00f5ff78 } },
-    /* 239 */
-    { { 0x1a09df21,0x1f9f1ff0,0x1ba391fe,0x0ba51dcc,0x0901526d,0x1e8514e4,
-        0x1990825a,0x1d2a67eb,0x00e41df0 },
-      { 0x13ba9e3f,0x02fed205,0x0136254c,0x0819d64c,0x167c7f23,0x10c93f81,
-        0x157c219b,0x0dd589e2,0x008edd7d } },
-    /* 240 */
-    { { 0x0bfc8ff3,0x0d0ee070,0x0dbd0bf2,0x1fb057d2,0x181ef14e,0x17be6651,
-        0x1a599c05,0x195db15d,0x001432c1 },
-      { 0x10b23c26,0x0342414b,0x0d6c9cfb,0x1fd0e60e,0x10f5aa64,0x1b72f577,
-        0x0b1b8e27,0x016b591a,0x00caef48 } },
-    /* 241 */
-    { { 0x15315922,0x122e4bc3,0x18f32954,0x12a2e260,0x0f2cbd82,0x10685b27,
-        0x08dbcf39,0x0fd1df5c,0x00d0ba17 },
-      { 0x11b3af60,0x1d4d747d,0x0b688394,0x12d5ca7a,0x0ef281a7,0x1b02efcf,
-        0x18580758,0x0f838a95,0x00f31c95 } },
-    /* 242 */
-    { { 0x09cc4597,0x07ac6a92,0x18280a30,0x002b6175,0x0814adc5,0x1e2ab9a5,
-        0x10ebbf17,0x1972dc2f,0x00013404 },
-      { 0x09a824bf,0x14f12c2e,0x07abb5ec,0x0630bc00,0x168acd59,0x134130f7,
-        0x19b235bb,0x09723267,0x006f377c } },
-    /* 243 */
-    { { 0x08333fd2,0x1c9dd68d,0x0aa56e27,0x060404b4,0x15acea89,0x081bf57b,
-        0x14188479,0x09da5a12,0x006dba3e },
-      { 0x104399cd,0x0477cc66,0x0dceb7a9,0x038cddcd,0x0caf3181,0x03a960bf,
-        0x129dcbd8,0x08477d9e,0x00f13cf3 } },
-    /* 244 */
-    { { 0x0919e2eb,0x175cf605,0x0b03da33,0x13432bec,0x0229983a,0x1ddb3d5d,
-        0x0b4f3ee8,0x1524e977,0x00c83fa9 },
-      { 0x02fa1ce0,0x0be8d85b,0x063befc3,0x16c1ea68,0x06f04e58,0x17cf2938,
-        0x1a0efea3,0x1e8bae04,0x00b49d70 } },
-    /* 245 */
-    { { 0x1ad5513b,0x0a63a887,0x1d478b64,0x065dd962,0x19d5905f,0x020c6cfd,
-        0x073db614,0x1761861e,0x0059cfad },
-      { 0x15cb7fd6,0x0b3d611a,0x0109a8f8,0x06cf7104,0x18864249,0x02c64853,
-        0x0d9fabbb,0x0c46a949,0x005babf3 } },
-    /* 246 */
-    { { 0x0e424865,0x1e4c0e8f,0x1955dfcd,0x0050f1e5,0x0c0588b0,0x1878dcf0,
-        0x03c1c0a5,0x14f204d9,0x006188c6 },
-      { 0x10f244da,0x17cd0cde,0x02021cc1,0x19dab9f6,0x136371ec,0x07cdcf90,
-        0x0764d51c,0x0ebbea17,0x00993fe4 } },
-    /* 247 */
-    { { 0x1b2c3609,0x0718e6fc,0x11b53a9a,0x16338058,0x1510184e,0x160d4d3b,
-        0x05adeb27,0x0cc9900c,0x0081f764 },
-      { 0x15fbe978,0x0be152d3,0x00ecd587,0x07fda7e3,0x1d2bf674,0x0f82280e,
-        0x18360e34,0x054bfd20,0x00564a81 } },
-    /* 248 */
-    { { 0x1a817d1d,0x12d327a7,0x0a0b83de,0x12d0897d,0x1f9aa55f,0x0d07e6ab,
-        0x15b2d7fd,0x19e01ca3,0x00226bf3 },
-      { 0x0f2833cf,0x168d4fc9,0x13e26a35,0x0146b49e,0x17f7720a,0x1624c79f,
-        0x00d8454d,0x08ffe4af,0x0068779f } },
-    /* 249 */
-    { { 0x13043d08,0x0d860e0b,0x10083e9e,0x08cee83f,0x126d0a54,0x1f144d36,
-        0x182f4dd9,0x1a3d6125,0x0097bcb0 },
-      { 0x132ed3c3,0x15b75547,0x006f120a,0x09e2a365,0x178f3c8a,0x1a79dfd0,
-        0x1955346f,0x1d014f08,0x00a872ff } },
-    /* 250 */
-    { { 0x032b2086,0x0d5bc9ad,0x183d21ac,0x16e21d02,0x0e6bee1e,0x06c89db5,
-        0x0daa6f43,0x1f96e654,0x0002812b },
-      { 0x0f605318,0x11febe56,0x1f5b4769,0x1cbaa1fb,0x0d619646,0x01cc1081,
-        0x1abe875a,0x193fca72,0x0007391c } },
-    /* 251 */
-    { { 0x0b80d02b,0x080abf84,0x01dfdff1,0x0667a2c5,0x142ae6b8,0x0d7c3c6a,
-        0x0821eb28,0x1b8fcda5,0x00355d2a },
-      { 0x087386e1,0x00f99ad1,0x190c9d6d,0x0e5529f1,0x189eafd2,0x1166f3cc,
-        0x09e4a1b2,0x1c6f8547,0x003dc2b1 } },
-    /* 252 */
-    { { 0x04581352,0x144e90e0,0x19e0afb5,0x01904a6e,0x1701f0a0,0x0ac84ff6,
-        0x11ac80ef,0x020799b0,0x00c47869 },
-      { 0x04c768ed,0x0dd3b841,0x107d95d7,0x1dd404d0,0x0ce0e72f,0x1f6ab566,
-        0x14c9ccc4,0x0d1ab769,0x00ccc429 } },
-    /* 253 */
-    { { 0x1d7620b9,0x07286f09,0x04a95aa5,0x14b914b3,0x087c9d89,0x1b2033aa,
-        0x073f7001,0x0855490e,0x00e147eb },
-      { 0x0cf3ae46,0x1a55a775,0x0d43ef89,0x126df6a0,0x040eafd4,0x1f23a464,
-        0x1b8f7cab,0x08e101d2,0x00239ac0 } },
-    /* 254 */
-    { { 0x0bfee8d4,0x00e8f9a9,0x1ec3fb12,0x016b9ff4,0x1af3cce8,0x064f1674,
-        0x16744171,0x147ebefc,0x00c55fa1 },
-      { 0x0257c227,0x0c378a74,0x0af802cc,0x02ca7e68,0x04fb2c5b,0x04cc5548,
-        0x1a6426bf,0x139a9e96,0x00094cd9 } },
-    /* 255 */
-    { { 0x1703beba,0x14c0e426,0x13aca462,0x03a2a065,0x149ec863,0x1964f1de,
-        0x14ce9117,0x16c85575,0x00b90a30 },
-      { 0x14a5abf9,0x032a027d,0x16dd80ed,0x0ea186eb,0x1d89f004,0x0166651a,
-        0x13ddbe69,0x13436f24,0x00019f8b } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_9(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_9(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 9, km);
-
-            err = sp_256_ecc_mulmod_base_9(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_256_from_mp(k, 9, km);
-        sp_256_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_9(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_9(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_9(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_9(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_9(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_add_one_9(sp_digit* a)
-{
-    a[0]++;
-    sp_256_norm_9(a);
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 21U) {
-            r[j] &= 0x1fffffff;
-            s = 29U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_9(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 9, buf, (int)sizeof(buf));
-            if (sp_256_cmp_9(k, p256_order2) <= 0) {
-                sp_256_add_one_9(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 9);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_9(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_9(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_9(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_9(point->x) || sp_256_iszero_9(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_9(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_9_ctx mulmod_ctx;
-    sp_digit k[9];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_9(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_9(ctx->point->x) ||
-                    sp_256_iszero_9(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_9(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_9(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<8; i++) {
-        r[i+1] += r[i] >> 29;
-        r[i] &= 0x1fffffff;
-    }
-    j = 263 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<9 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 29) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 29);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 9, priv);
-        sp_256_point_from_ecc_point_9(point, pub);
-            err = sp_256_ecc_mulmod_9(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_9(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_9_ctx mulmod_ctx;
-    };
-    sp_digit k[9];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 9, priv);
-            sp_256_point_from_ecc_point_9(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_9(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_256_rshift_9(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<8; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (29 - n))) & 0x1fffffff);
-    }
-#else
-    for (i=0; i<8; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (29 - n)) & 0x1fffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (29 - n)) & 0x1fffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (29 - n)) & 0x1fffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (29 - n)) & 0x1fffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (29 - n)) & 0x1fffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (29 - n)) & 0x1fffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (29 - n)) & 0x1fffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (29 - n)) & 0x1fffffff);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-    r[8] = a[8] >> n;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_256_mul_d_9(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffff);
-        t >>= 29;
-    }
-    r[9] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[9];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    t[ 7] = tb * a[ 7];
-    t[ 8] = tb * a[ 8];
-    r[ 0] = (sp_digit)                 (t[ 0] & 0x1fffffff);
-    r[ 1] = (sp_digit)((t[ 0] >> 29) + (t[ 1] & 0x1fffffff));
-    r[ 2] = (sp_digit)((t[ 1] >> 29) + (t[ 2] & 0x1fffffff));
-    r[ 3] = (sp_digit)((t[ 2] >> 29) + (t[ 3] & 0x1fffffff));
-    r[ 4] = (sp_digit)((t[ 3] >> 29) + (t[ 4] & 0x1fffffff));
-    r[ 5] = (sp_digit)((t[ 4] >> 29) + (t[ 5] & 0x1fffffff));
-    r[ 6] = (sp_digit)((t[ 5] >> 29) + (t[ 6] & 0x1fffffff));
-    r[ 7] = (sp_digit)((t[ 6] >> 29) + (t[ 7] & 0x1fffffff));
-    r[ 8] = (sp_digit)((t[ 7] >> 29) + (t[ 8] & 0x1fffffff));
-    r[ 9] = (sp_digit) (t[ 8] >> 29);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-SP_NOINLINE static void sp_256_lshift_18(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[18] = a[17] >> (29 - n);
-    for (i=17; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (29 - n))) & 0x1fffffff);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[17];
-    r[18] = s >> (29U - n);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (29U - n))) & 0x1fffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0x1fffffff);
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Simplified based on top word of divisor being (1 << 29) - 1
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_256_div_9(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 9 + 3);
-    int i;
-    sp_digit r1;
-    sp_digit mask;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 9 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 18 + 1;
-        sd = t2 + 9 + 1;
-
-        sp_256_mul_d_9(sd, d, (sp_digit)1 << 5);
-        sp_256_lshift_18(t1, a, 5);
-        t1[9 + 9] += t1[9 + 9 - 1] >> 29;
-        t1[9 + 9 - 1] &= 0x1fffffff;
-        for (i=8; i>=0; i--) {
-            r1 = t1[9 + i];
-            sp_256_mul_d_9(t2, sd, r1);
-            (void)sp_256_sub_9(&t1[i], &t1[i], t2);
-            t1[9 + i] -= t2[9];
-            sp_256_norm_9(&t1[i + 1]);
-
-            mask = ~((t1[9 + i] - 1) >> 31);
-            sp_256_cond_sub_9(t1 + i, t1 + i, sd, mask);
-            sp_256_norm_9(&t1[i + 1]);
-        }
-        sp_256_norm_9(t1);
-        sp_256_rshift_9(r, t1, 5);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_256_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_256_div_9(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_256_mul_9(r, a, b);
-    sp_256_mont_reduce_order_9(r, p256_order, p256_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word32 p256_order_minus_2[8] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU,0xffffffffU,0xffffffffU,
-    0x00000000U,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[4] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_9(sp_digit* r, const sp_digit* a)
-{
-    sp_256_sqr_9(r, a);
-    sp_256_mont_reduce_order_9(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_256_mont_sqr_order_9(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_9(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_mont_inv_order_9_ctx {
-    int state;
-    int i;
-} sp_256_mont_inv_order_9_ctx;
-static int sp_256_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_mont_inv_order_9_ctx* ctx = (sp_256_mont_inv_order_9_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 9);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_9(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_256_mont_mul_order_9(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_9(t, t);
-        if ((p256_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_9(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-    int i;
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_9(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_9(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_9(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_9(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_9(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_9(t, t2, t3);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_9(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_9(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_9(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_9(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_9(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_9(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    sp_256_mont_sqr_order_9(t2, t2);
-    sp_256_mont_mul_order_9(t2, t2, a);
-    sp_256_mont_sqr_n_order_9(t2, t2, 5);
-    sp_256_mont_mul_order_9(t2, t2, t3);
-    for (i=121; i>=112; i--) {
-        sp_256_mont_sqr_order_9(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_9(t2, t2, 4);
-    sp_256_mont_mul_order_9(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_9(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_9(t2, t2, 4);
-    sp_256_mont_mul_order_9(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_9(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_9(t2, t2, 4);
-    sp_256_mont_mul_order_9(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_9(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_9(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_9(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_9(k, k, p256_norm_order);
-    err = sp_256_mod_9(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_9(k);
-
-        /* kInv = 1/k mod order */
-            sp_256_mont_inv_order_9(kInv, k, tmp);
-        sp_256_norm_9(kInv);
-
-        /* s = r * x + e */
-            sp_256_mul_9(x, x, r);
-        err = sp_256_mod_9(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_9(x);
-        carry = sp_256_add_9(s, e, x);
-        sp_256_cond_sub_9(s, s, p256_order, 0 - carry);
-        sp_256_norm_9(s);
-        c = sp_256_cmp_9(s, p256_order);
-        sp_256_cond_sub_9(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_9(s);
-
-        /* s = s * k^-1 mod order */
-            sp_256_mont_mul_order_9(s, s, kInv);
-        sp_256_norm_9(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 9);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 9;
-        k = e + 4 * 9;
-        r = e + 6 * 9;
-        tmp = e + 8 * 9;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_9(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 9, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_256_ecc_mulmod_base_9(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 9U);
-            sp_256_norm_9(r);
-            c = sp_256_cmp_9(r, p256_order);
-            sp_256_cond_sub_9(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_9(r);
-
-            if (!sp_256_iszero_9(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 9, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 9, hash, (int)hashLen);
-
-                err = sp_256_calc_s_9(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_9(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_256_mont_inv_order_9_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*9];
-    sp_digit x[2*9];
-    sp_digit k[2*9];
-    sp_digit r[2*9];
-    sp_digit tmp[3 * 2*9];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_9(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 9, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 9U);
-        sp_256_norm_9(ctx->r);
-        c = sp_256_cmp_9(ctx->r, p256_order);
-        sp_256_cond_sub_9(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_9(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 9, priv);
-        sp_256_from_bin(ctx->e, 9, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_9(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_9(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_9(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_9(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_9(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_9(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_256_norm_9(ctx->x);
-        carry = sp_256_add_9(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_9(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_9(ctx->s);
-        c = sp_256_cmp_9(ctx->s, p256_order);
-        sp_256_cond_sub_9(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_9(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_9(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_9(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_9(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 9U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-static const char sp_256_tab32_9[32] = {
-     1, 10,  2, 11, 14, 22,  3, 30,
-    12, 15, 17, 19, 23, 26,  4, 31,
-     9, 13, 21, 29, 16, 18, 25,  8,
-    20, 28, 24,  7, 27,  6,  5, 32};
-
-static int sp_256_num_bits_29_9(sp_digit v)
-{
-    v |= v >> 1;
-    v |= v >> 2;
-    v |= v >> 4;
-    v |= v >> 8;
-    v |= v >> 16;
-    return sp_256_tab32_9[(word32)(v*0x07C4ACDD) >> 27];
-}
-
-static int sp_256_num_bits_9(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i = 8; i >= 0; i--) {
-        if (a[i] != 0) {
-            r = sp_256_num_bits_29_9(a[i]);
-            r += i * 29;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- * @return  MEMEORY_E when dynamic memory allocation fails.
- */
-static int sp_256_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, u, 9 * 4);
-    sp_digit* v = NULL;
-    sp_digit* b = NULL;
-    sp_digit* d = NULL;
-    int ut;
-    int vt;
-
-    SP_ALLOC_VAR(sp_digit, u, 9 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        v = u + 9;
-        b = u + 2 * 9;
-        d = u + 3 * 9;
-
-        XMEMCPY(u, m, sizeof(sp_digit) * 9);
-        XMEMCPY(v, a, sizeof(sp_digit) * 9);
-
-        ut = sp_256_num_bits_9(u);
-        vt = sp_256_num_bits_9(v);
-
-        XMEMSET(b, 0, sizeof(sp_digit) * 9);
-        if ((v[0] & 1) == 0) {
-            sp_256_rshift1_9(v, v);
-            XMEMCPY(d, m, sizeof(sp_digit) * 9);
-            d[0]++;
-            sp_256_rshift1_9(d, d);
-            vt--;
-
-            while ((v[0] & 1) == 0) {
-                sp_256_rshift1_9(v, v);
-                if (d[0] & 1)
-                    sp_256_add_9(d, d, m);
-                sp_256_rshift1_9(d, d);
-                vt--;
-            }
-        }
-        else {
-            XMEMSET(d+1, 0, sizeof(sp_digit) * (9 - 1));
-            d[0] = 1;
-        }
-
-        while (ut > 1 && vt > 1) {
-            if ((ut > vt) || ((ut == vt) &&
-                    (sp_256_cmp_9(u, v) >= 0))) {
-                sp_256_sub_9(u, u, v);
-                sp_256_norm_9(u);
-
-                sp_256_sub_9(b, b, d);
-                sp_256_norm_9(b);
-                if (b[8] < 0)
-                    sp_256_add_9(b, b, m);
-                sp_256_norm_9(b);
-                ut = sp_256_num_bits_9(u);
-
-                do {
-                    sp_256_rshift1_9(u, u);
-                    if (b[0] & 1)
-                        sp_256_add_9(b, b, m);
-                    sp_256_rshift1_9(b, b);
-                    ut--;
-                }
-                while (ut > 0 && (u[0] & 1) == 0);
-            }
-            else {
-                sp_256_sub_9(v, v, u);
-                sp_256_norm_9(v);
-
-                sp_256_sub_9(d, d, b);
-                sp_256_norm_9(d);
-                if (d[8] < 0)
-                    sp_256_add_9(d, d, m);
-                sp_256_norm_9(d);
-                vt = sp_256_num_bits_9(v);
-
-                do {
-                    sp_256_rshift1_9(v, v);
-                    if (d[0] & 1)
-                        sp_256_add_9(d, d, m);
-                    sp_256_rshift1_9(d, d);
-                    vt--;
-                }
-                while (vt > 0 && (v[0] & 1) == 0);
-            }
-        }
-
-        if (ut == 1)
-            XMEMCPY(r, b, sizeof(sp_digit) * 9);
-        else
-            XMEMCPY(r, d, sizeof(sp_digit) * 9);
-    }
-    SP_FREE_VAR(u, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_9(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-
-        sp_256_proj_point_add_9(p1, p1, p2, tmp);
-    if (sp_256_iszero_9(p1->z)) {
-        if (sp_256_iszero_9(p1->x) && sp_256_iszero_9(p1->y)) {
-                sp_256_proj_point_dbl_9(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_9(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_256_mod_inv_9(s, s, p256_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_256_mul_9(s, s, p256_norm_order);
-        err = sp_256_mod_9(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_9(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_256_mont_inv_order_9(s, s, tmp);
-            sp_256_mont_mul_order_9(u1, u1, s);
-            sp_256_mont_mul_order_9(u2, u2, s);
-        }
-#else
-        {
-            sp_256_mont_mul_order_9(u1, u1, s);
-            sp_256_mont_mul_order_9(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_256_ecc_mulmod_base_9(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_9(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_9(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_9(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_9(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 9);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 9;
-        s   = u1 + 4 * 9;
-        tmp = u1 + 6 * 9;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 9, hash, (int)hashLen);
-        sp_256_from_mp(u2, 9, rm);
-        sp_256_from_mp(s, 9, sm);
-        sp_256_from_mp(p2->x, 9, pX);
-        sp_256_from_mp(p2->y, 9, pY);
-        sp_256_from_mp(p2->z, 9, pZ);
-
-        err = sp_256_calc_vfy_point_9(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 9, rm);
-        err = sp_256_mod_mul_norm_9(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_256_mont_sqr_9(p1->z, p1->z, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_9(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_9(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 9, rm);
-            carry = sp_256_add_9(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_9(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_9(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_9(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_256_mont_mul_9(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_9(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_256_mont_inv_order_9_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_9_ctx dbl_ctx;
-        sp_256_proj_point_add_9_ctx add_ctx;
-    };
-    sp_digit u1[2*9];
-    sp_digit u2[2*9];
-    sp_digit s[2*9];
-    sp_digit tmp[2*9 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 9, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 9, rm);
-        sp_256_from_mp(ctx->s, 9, sm);
-        sp_256_from_mp(ctx->p2.x, 9, pX);
-        sp_256_from_mp(ctx->p2.y, 9, pY);
-        sp_256_from_mp(ctx->p2.z, 9, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_9(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_9(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_9(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_9(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_9(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_9(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_9(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_9_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 9, rm);
-        err = sp_256_mod_mul_norm_9(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_9(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_9(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 9, rm);
-            carry = sp_256_add_9(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_9(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_9(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_9(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_9(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_9(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 9 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 9 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 9;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_9(t1, point->y);
-        (void)sp_256_mod_9(t1, t1, p256_mod);
-        sp_256_sqr_9(t2, point->x);
-        (void)sp_256_mod_9(t2, t2, p256_mod);
-        sp_256_mul_9(t2, t2, point->x);
-        (void)sp_256_mod_9(t2, t2, p256_mod);
-        sp_256_mont_sub_9(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_9(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_9(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_9(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_9(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 9, pX);
-        sp_256_from_mp(pub->y, 9, pY);
-        sp_256_from_bin(pub->z, 9, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_9(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 9);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 9, pX);
-        sp_256_from_mp(pub->y, 9, pY);
-        sp_256_from_bin(pub->z, 9, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 9, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_9(pub->x) != 0) &&
-            (sp_256_iszero_9(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_9(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_9(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_9(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_256_ecc_mulmod_9(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_9(p->x) == 0) ||
-                             (sp_256_iszero_9(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_256_ecc_mulmod_base_9(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_9(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_9(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 9, pX);
-        sp_256_from_mp(p->y, 9, pY);
-        sp_256_from_mp(p->z, 9, pZ);
-        sp_256_from_mp(q->x, 9, qX);
-        sp_256_from_mp(q->y, 9, qY);
-        sp_256_from_mp(q->z, 9, qZ);
-        p->infinity = sp_256_iszero_9(p->x) &
-                      sp_256_iszero_9(p->y);
-        q->infinity = sp_256_iszero_9(q->x) &
-                      sp_256_iszero_9(q->y);
-
-            sp_256_proj_point_add_9(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 9, pX);
-        sp_256_from_mp(p->y, 9, pY);
-        sp_256_from_mp(p->z, 9, pZ);
-        p->infinity = sp_256_iszero_9(p->x) &
-                      sp_256_iszero_9(p->y);
-
-            sp_256_proj_point_dbl_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 9, pX);
-        sp_256_from_mp(p->y, 9, pY);
-        sp_256_from_mp(p->z, 9, pZ);
-        p->infinity = sp_256_iszero_9(p->x) &
-                      sp_256_iszero_9(p->y);
-
-            sp_256_map_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_9(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 9);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 9;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_9(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_9(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_9(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_9(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_9(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_9(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_9(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_9(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_9(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_9(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_9(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 9);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 9;
-
-        sp_256_from_mp(x, 9, xm);
-        err = sp_256_mod_mul_norm_9(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_9(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_9(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_9(y, y, x, p256_mod);
-        sp_256_mont_sub_9(y, y, x, p256_mod);
-        sp_256_mont_sub_9(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_9(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_9(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_9(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 9, 0, 9U * sizeof(sp_digit));
-        sp_256_mont_reduce_9(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_9(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 15];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 15];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 15];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[15] = {
-    0x3ffffff,0x000003f,0x0000000,0x3fc0000,0x2ffffff,0x3ffffff,0x3ffffff,
-    0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,
-    0x00fffff
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[15] = {
-    0x0000001,0x3ffffc0,0x3ffffff,0x003ffff,0x1000000,0x0000000,0x0000000,
-    0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-    0x0000000
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[15] = {
-    0x0c52973,0x3065ab3,0x277aece,0x2c922c2,0x3581a0d,0x10dcb77,0x234d81f,
-    0x3ffff1d,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,
-    0x00fffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[15] = {
-    0x0c52971,0x3065ab3,0x277aece,0x2c922c2,0x3581a0d,0x10dcb77,0x234d81f,
-    0x3ffff1d,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,0x3ffffff,
-    0x00fffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[15] = {
-    0x33ad68d,0x0f9a54c,0x1885131,0x136dd3d,0x0a7e5f2,0x2f23488,0x1cb27e0,
-    0x00000e2,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-    0x0000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0x8fdc45;
-#endif
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x2760ab7,0x1178e1c,0x296c3a5,0x176fd54,0x05502f2,0x0950a8e,0x3741e08,
-        0x26e6167,0x3628ba7,0x11b874e,0x3320ad7,0x2c71c7b,0x305378e,0x288afa2,
-        0x00aa87c,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x0ea0e5f,0x0c75f24,0x019d7a4,0x33875fa,0x00a60b1,0x17c2e30,0x1a3113b,
-        0x051f3a7,0x1bd289a,0x27e3d07,0x1292dc2,0x27a62fe,0x22c6f5d,0x392a589,
-        0x003617d,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000001,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[15] = {
-    0x3ec2aef,0x1723b74,0x119d2a8,0x23628bb,0x2c65639,0x004e1d6,0x14088f5,
-    0x104480c,0x06efe81,0x2460767,0x23f82d1,0x23815af,0x2e7e498,0x3e9f88f,
-    0x00b3312
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_384_mul_15(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[14]) * b[14];
-    r[29] = (sp_digit)(c >> 26);
-    c &= 0x3ffffff;
-    for (k = 27; k >= 0; k--) {
-        if (k >= 15) {
-            i = k - 14;
-            imax = 14;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint64)a[i]) * b[k - i];
-        }
-        c += lo >> 26;
-        r[k + 2] += (sp_digit)(c >> 26);
-        r[k + 1]  = (sp_digit)(c & 0x3ffffff);
-        c = lo & 0x3ffffff;
-    }
-    r[0] = (sp_digit)c;
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_384_mul_15(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int64 t0;
-    sp_int64 t1;
-    sp_digit t[15];
-
-    t0 = ((sp_int64)a[ 0]) * b[ 0];
-    t1 = ((sp_int64)a[ 0]) * b[ 1]
-       + ((sp_int64)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[ 2]
-       + ((sp_int64)a[ 1]) * b[ 1]
-       + ((sp_int64)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 0]) * b[ 3]
-       + ((sp_int64)a[ 1]) * b[ 2]
-       + ((sp_int64)a[ 2]) * b[ 1]
-       + ((sp_int64)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[ 4]
-       + ((sp_int64)a[ 1]) * b[ 3]
-       + ((sp_int64)a[ 2]) * b[ 2]
-       + ((sp_int64)a[ 3]) * b[ 1]
-       + ((sp_int64)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 0]) * b[ 5]
-       + ((sp_int64)a[ 1]) * b[ 4]
-       + ((sp_int64)a[ 2]) * b[ 3]
-       + ((sp_int64)a[ 3]) * b[ 2]
-       + ((sp_int64)a[ 4]) * b[ 1]
-       + ((sp_int64)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[ 6]
-       + ((sp_int64)a[ 1]) * b[ 5]
-       + ((sp_int64)a[ 2]) * b[ 4]
-       + ((sp_int64)a[ 3]) * b[ 3]
-       + ((sp_int64)a[ 4]) * b[ 2]
-       + ((sp_int64)a[ 5]) * b[ 1]
-       + ((sp_int64)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 0]) * b[ 7]
-       + ((sp_int64)a[ 1]) * b[ 6]
-       + ((sp_int64)a[ 2]) * b[ 5]
-       + ((sp_int64)a[ 3]) * b[ 4]
-       + ((sp_int64)a[ 4]) * b[ 3]
-       + ((sp_int64)a[ 5]) * b[ 2]
-       + ((sp_int64)a[ 6]) * b[ 1]
-       + ((sp_int64)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[ 8]
-       + ((sp_int64)a[ 1]) * b[ 7]
-       + ((sp_int64)a[ 2]) * b[ 6]
-       + ((sp_int64)a[ 3]) * b[ 5]
-       + ((sp_int64)a[ 4]) * b[ 4]
-       + ((sp_int64)a[ 5]) * b[ 3]
-       + ((sp_int64)a[ 6]) * b[ 2]
-       + ((sp_int64)a[ 7]) * b[ 1]
-       + ((sp_int64)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 0]) * b[ 9]
-       + ((sp_int64)a[ 1]) * b[ 8]
-       + ((sp_int64)a[ 2]) * b[ 7]
-       + ((sp_int64)a[ 3]) * b[ 6]
-       + ((sp_int64)a[ 4]) * b[ 5]
-       + ((sp_int64)a[ 5]) * b[ 4]
-       + ((sp_int64)a[ 6]) * b[ 3]
-       + ((sp_int64)a[ 7]) * b[ 2]
-       + ((sp_int64)a[ 8]) * b[ 1]
-       + ((sp_int64)a[ 9]) * b[ 0];
-    t[ 8] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[10]
-       + ((sp_int64)a[ 1]) * b[ 9]
-       + ((sp_int64)a[ 2]) * b[ 8]
-       + ((sp_int64)a[ 3]) * b[ 7]
-       + ((sp_int64)a[ 4]) * b[ 6]
-       + ((sp_int64)a[ 5]) * b[ 5]
-       + ((sp_int64)a[ 6]) * b[ 4]
-       + ((sp_int64)a[ 7]) * b[ 3]
-       + ((sp_int64)a[ 8]) * b[ 2]
-       + ((sp_int64)a[ 9]) * b[ 1]
-       + ((sp_int64)a[10]) * b[ 0];
-    t[ 9] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 0]) * b[11]
-       + ((sp_int64)a[ 1]) * b[10]
-       + ((sp_int64)a[ 2]) * b[ 9]
-       + ((sp_int64)a[ 3]) * b[ 8]
-       + ((sp_int64)a[ 4]) * b[ 7]
-       + ((sp_int64)a[ 5]) * b[ 6]
-       + ((sp_int64)a[ 6]) * b[ 5]
-       + ((sp_int64)a[ 7]) * b[ 4]
-       + ((sp_int64)a[ 8]) * b[ 3]
-       + ((sp_int64)a[ 9]) * b[ 2]
-       + ((sp_int64)a[10]) * b[ 1]
-       + ((sp_int64)a[11]) * b[ 0];
-    t[10] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[12]
-       + ((sp_int64)a[ 1]) * b[11]
-       + ((sp_int64)a[ 2]) * b[10]
-       + ((sp_int64)a[ 3]) * b[ 9]
-       + ((sp_int64)a[ 4]) * b[ 8]
-       + ((sp_int64)a[ 5]) * b[ 7]
-       + ((sp_int64)a[ 6]) * b[ 6]
-       + ((sp_int64)a[ 7]) * b[ 5]
-       + ((sp_int64)a[ 8]) * b[ 4]
-       + ((sp_int64)a[ 9]) * b[ 3]
-       + ((sp_int64)a[10]) * b[ 2]
-       + ((sp_int64)a[11]) * b[ 1]
-       + ((sp_int64)a[12]) * b[ 0];
-    t[11] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 0]) * b[13]
-       + ((sp_int64)a[ 1]) * b[12]
-       + ((sp_int64)a[ 2]) * b[11]
-       + ((sp_int64)a[ 3]) * b[10]
-       + ((sp_int64)a[ 4]) * b[ 9]
-       + ((sp_int64)a[ 5]) * b[ 8]
-       + ((sp_int64)a[ 6]) * b[ 7]
-       + ((sp_int64)a[ 7]) * b[ 6]
-       + ((sp_int64)a[ 8]) * b[ 5]
-       + ((sp_int64)a[ 9]) * b[ 4]
-       + ((sp_int64)a[10]) * b[ 3]
-       + ((sp_int64)a[11]) * b[ 2]
-       + ((sp_int64)a[12]) * b[ 1]
-       + ((sp_int64)a[13]) * b[ 0];
-    t[12] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 0]) * b[14]
-       + ((sp_int64)a[ 1]) * b[13]
-       + ((sp_int64)a[ 2]) * b[12]
-       + ((sp_int64)a[ 3]) * b[11]
-       + ((sp_int64)a[ 4]) * b[10]
-       + ((sp_int64)a[ 5]) * b[ 9]
-       + ((sp_int64)a[ 6]) * b[ 8]
-       + ((sp_int64)a[ 7]) * b[ 7]
-       + ((sp_int64)a[ 8]) * b[ 6]
-       + ((sp_int64)a[ 9]) * b[ 5]
-       + ((sp_int64)a[10]) * b[ 4]
-       + ((sp_int64)a[11]) * b[ 3]
-       + ((sp_int64)a[12]) * b[ 2]
-       + ((sp_int64)a[13]) * b[ 1]
-       + ((sp_int64)a[14]) * b[ 0];
-    t[13] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 1]) * b[14]
-       + ((sp_int64)a[ 2]) * b[13]
-       + ((sp_int64)a[ 3]) * b[12]
-       + ((sp_int64)a[ 4]) * b[11]
-       + ((sp_int64)a[ 5]) * b[10]
-       + ((sp_int64)a[ 6]) * b[ 9]
-       + ((sp_int64)a[ 7]) * b[ 8]
-       + ((sp_int64)a[ 8]) * b[ 7]
-       + ((sp_int64)a[ 9]) * b[ 6]
-       + ((sp_int64)a[10]) * b[ 5]
-       + ((sp_int64)a[11]) * b[ 4]
-       + ((sp_int64)a[12]) * b[ 3]
-       + ((sp_int64)a[13]) * b[ 2]
-       + ((sp_int64)a[14]) * b[ 1];
-    t[14] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 2]) * b[14]
-       + ((sp_int64)a[ 3]) * b[13]
-       + ((sp_int64)a[ 4]) * b[12]
-       + ((sp_int64)a[ 5]) * b[11]
-       + ((sp_int64)a[ 6]) * b[10]
-       + ((sp_int64)a[ 7]) * b[ 9]
-       + ((sp_int64)a[ 8]) * b[ 8]
-       + ((sp_int64)a[ 9]) * b[ 7]
-       + ((sp_int64)a[10]) * b[ 6]
-       + ((sp_int64)a[11]) * b[ 5]
-       + ((sp_int64)a[12]) * b[ 4]
-       + ((sp_int64)a[13]) * b[ 3]
-       + ((sp_int64)a[14]) * b[ 2];
-    r[15] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 3]) * b[14]
-       + ((sp_int64)a[ 4]) * b[13]
-       + ((sp_int64)a[ 5]) * b[12]
-       + ((sp_int64)a[ 6]) * b[11]
-       + ((sp_int64)a[ 7]) * b[10]
-       + ((sp_int64)a[ 8]) * b[ 9]
-       + ((sp_int64)a[ 9]) * b[ 8]
-       + ((sp_int64)a[10]) * b[ 7]
-       + ((sp_int64)a[11]) * b[ 6]
-       + ((sp_int64)a[12]) * b[ 5]
-       + ((sp_int64)a[13]) * b[ 4]
-       + ((sp_int64)a[14]) * b[ 3];
-    r[16] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 4]) * b[14]
-       + ((sp_int64)a[ 5]) * b[13]
-       + ((sp_int64)a[ 6]) * b[12]
-       + ((sp_int64)a[ 7]) * b[11]
-       + ((sp_int64)a[ 8]) * b[10]
-       + ((sp_int64)a[ 9]) * b[ 9]
-       + ((sp_int64)a[10]) * b[ 8]
-       + ((sp_int64)a[11]) * b[ 7]
-       + ((sp_int64)a[12]) * b[ 6]
-       + ((sp_int64)a[13]) * b[ 5]
-       + ((sp_int64)a[14]) * b[ 4];
-    r[17] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 5]) * b[14]
-       + ((sp_int64)a[ 6]) * b[13]
-       + ((sp_int64)a[ 7]) * b[12]
-       + ((sp_int64)a[ 8]) * b[11]
-       + ((sp_int64)a[ 9]) * b[10]
-       + ((sp_int64)a[10]) * b[ 9]
-       + ((sp_int64)a[11]) * b[ 8]
-       + ((sp_int64)a[12]) * b[ 7]
-       + ((sp_int64)a[13]) * b[ 6]
-       + ((sp_int64)a[14]) * b[ 5];
-    r[18] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 6]) * b[14]
-       + ((sp_int64)a[ 7]) * b[13]
-       + ((sp_int64)a[ 8]) * b[12]
-       + ((sp_int64)a[ 9]) * b[11]
-       + ((sp_int64)a[10]) * b[10]
-       + ((sp_int64)a[11]) * b[ 9]
-       + ((sp_int64)a[12]) * b[ 8]
-       + ((sp_int64)a[13]) * b[ 7]
-       + ((sp_int64)a[14]) * b[ 6];
-    r[19] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 7]) * b[14]
-       + ((sp_int64)a[ 8]) * b[13]
-       + ((sp_int64)a[ 9]) * b[12]
-       + ((sp_int64)a[10]) * b[11]
-       + ((sp_int64)a[11]) * b[10]
-       + ((sp_int64)a[12]) * b[ 9]
-       + ((sp_int64)a[13]) * b[ 8]
-       + ((sp_int64)a[14]) * b[ 7];
-    r[20] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[ 8]) * b[14]
-       + ((sp_int64)a[ 9]) * b[13]
-       + ((sp_int64)a[10]) * b[12]
-       + ((sp_int64)a[11]) * b[11]
-       + ((sp_int64)a[12]) * b[10]
-       + ((sp_int64)a[13]) * b[ 9]
-       + ((sp_int64)a[14]) * b[ 8];
-    r[21] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[ 9]) * b[14]
-       + ((sp_int64)a[10]) * b[13]
-       + ((sp_int64)a[11]) * b[12]
-       + ((sp_int64)a[12]) * b[11]
-       + ((sp_int64)a[13]) * b[10]
-       + ((sp_int64)a[14]) * b[ 9];
-    r[22] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[10]) * b[14]
-       + ((sp_int64)a[11]) * b[13]
-       + ((sp_int64)a[12]) * b[12]
-       + ((sp_int64)a[13]) * b[11]
-       + ((sp_int64)a[14]) * b[10];
-    r[23] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[11]) * b[14]
-       + ((sp_int64)a[12]) * b[13]
-       + ((sp_int64)a[13]) * b[12]
-       + ((sp_int64)a[14]) * b[11];
-    r[24] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[12]) * b[14]
-       + ((sp_int64)a[13]) * b[13]
-       + ((sp_int64)a[14]) * b[12];
-    r[25] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = ((sp_int64)a[13]) * b[14]
-       + ((sp_int64)a[14]) * b[13];
-    r[26] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = ((sp_int64)a[14]) * b[14];
-    r[27] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    r[28] = (sp_digit)(t0 & 0x3ffffff);
-    r[29] = (sp_digit)(t0 >> 26);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_sqr_15(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[14]) * a[14];
-    r[29] = (sp_digit)(c >> 26);
-    c = (c & 0x3ffffff) << 26;
-    for (k = 27; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 14) {
-            imax = k;
-        }
-        else {
-            imax = 14;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint64)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 52);
-        r[k + 1]  = (sp_digit)((c >> 26) & 0x3ffffff);
-        c = (c & 0x3ffffff) << 26;
-    }
-    r[0] = (sp_digit)(c >> 26);
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_sqr_15(sp_digit* r, const sp_digit* a)
-{
-    sp_int64 t0;
-    sp_int64 t1;
-    sp_digit t[15];
-
-    t0 =  ((sp_int64)a[ 0]) * a[ 0];
-    t1 = (((sp_int64)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[ 2]) * 2
-       +  ((sp_int64)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 0]) * a[ 3]
-       +  ((sp_int64)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[ 4]
-       +  ((sp_int64)a[ 1]) * a[ 3]) * 2
-       +  ((sp_int64)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 0]) * a[ 5]
-       +  ((sp_int64)a[ 1]) * a[ 4]
-       +  ((sp_int64)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[ 6]
-       +  ((sp_int64)a[ 1]) * a[ 5]
-       +  ((sp_int64)a[ 2]) * a[ 4]) * 2
-       +  ((sp_int64)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 0]) * a[ 7]
-       +  ((sp_int64)a[ 1]) * a[ 6]
-       +  ((sp_int64)a[ 2]) * a[ 5]
-       +  ((sp_int64)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[ 8]
-       +  ((sp_int64)a[ 1]) * a[ 7]
-       +  ((sp_int64)a[ 2]) * a[ 6]
-       +  ((sp_int64)a[ 3]) * a[ 5]) * 2
-       +  ((sp_int64)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 0]) * a[ 9]
-       +  ((sp_int64)a[ 1]) * a[ 8]
-       +  ((sp_int64)a[ 2]) * a[ 7]
-       +  ((sp_int64)a[ 3]) * a[ 6]
-       +  ((sp_int64)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[10]
-       +  ((sp_int64)a[ 1]) * a[ 9]
-       +  ((sp_int64)a[ 2]) * a[ 8]
-       +  ((sp_int64)a[ 3]) * a[ 7]
-       +  ((sp_int64)a[ 4]) * a[ 6]) * 2
-       +  ((sp_int64)a[ 5]) * a[ 5];
-    t[ 9] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 0]) * a[11]
-       +  ((sp_int64)a[ 1]) * a[10]
-       +  ((sp_int64)a[ 2]) * a[ 9]
-       +  ((sp_int64)a[ 3]) * a[ 8]
-       +  ((sp_int64)a[ 4]) * a[ 7]
-       +  ((sp_int64)a[ 5]) * a[ 6]) * 2;
-    t[10] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[12]
-       +  ((sp_int64)a[ 1]) * a[11]
-       +  ((sp_int64)a[ 2]) * a[10]
-       +  ((sp_int64)a[ 3]) * a[ 9]
-       +  ((sp_int64)a[ 4]) * a[ 8]
-       +  ((sp_int64)a[ 5]) * a[ 7]) * 2
-       +  ((sp_int64)a[ 6]) * a[ 6];
-    t[11] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 0]) * a[13]
-       +  ((sp_int64)a[ 1]) * a[12]
-       +  ((sp_int64)a[ 2]) * a[11]
-       +  ((sp_int64)a[ 3]) * a[10]
-       +  ((sp_int64)a[ 4]) * a[ 9]
-       +  ((sp_int64)a[ 5]) * a[ 8]
-       +  ((sp_int64)a[ 6]) * a[ 7]) * 2;
-    t[12] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 0]) * a[14]
-       +  ((sp_int64)a[ 1]) * a[13]
-       +  ((sp_int64)a[ 2]) * a[12]
-       +  ((sp_int64)a[ 3]) * a[11]
-       +  ((sp_int64)a[ 4]) * a[10]
-       +  ((sp_int64)a[ 5]) * a[ 9]
-       +  ((sp_int64)a[ 6]) * a[ 8]) * 2
-       +  ((sp_int64)a[ 7]) * a[ 7];
-    t[13] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 1]) * a[14]
-       +  ((sp_int64)a[ 2]) * a[13]
-       +  ((sp_int64)a[ 3]) * a[12]
-       +  ((sp_int64)a[ 4]) * a[11]
-       +  ((sp_int64)a[ 5]) * a[10]
-       +  ((sp_int64)a[ 6]) * a[ 9]
-       +  ((sp_int64)a[ 7]) * a[ 8]) * 2;
-    t[14] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 2]) * a[14]
-       +  ((sp_int64)a[ 3]) * a[13]
-       +  ((sp_int64)a[ 4]) * a[12]
-       +  ((sp_int64)a[ 5]) * a[11]
-       +  ((sp_int64)a[ 6]) * a[10]
-       +  ((sp_int64)a[ 7]) * a[ 9]) * 2
-       +  ((sp_int64)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 3]) * a[14]
-       +  ((sp_int64)a[ 4]) * a[13]
-       +  ((sp_int64)a[ 5]) * a[12]
-       +  ((sp_int64)a[ 6]) * a[11]
-       +  ((sp_int64)a[ 7]) * a[10]
-       +  ((sp_int64)a[ 8]) * a[ 9]) * 2;
-    r[16] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 4]) * a[14]
-       +  ((sp_int64)a[ 5]) * a[13]
-       +  ((sp_int64)a[ 6]) * a[12]
-       +  ((sp_int64)a[ 7]) * a[11]
-       +  ((sp_int64)a[ 8]) * a[10]) * 2
-       +  ((sp_int64)a[ 9]) * a[ 9];
-    r[17] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 5]) * a[14]
-       +  ((sp_int64)a[ 6]) * a[13]
-       +  ((sp_int64)a[ 7]) * a[12]
-       +  ((sp_int64)a[ 8]) * a[11]
-       +  ((sp_int64)a[ 9]) * a[10]) * 2;
-    r[18] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 6]) * a[14]
-       +  ((sp_int64)a[ 7]) * a[13]
-       +  ((sp_int64)a[ 8]) * a[12]
-       +  ((sp_int64)a[ 9]) * a[11]) * 2
-       +  ((sp_int64)a[10]) * a[10];
-    r[19] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 7]) * a[14]
-       +  ((sp_int64)a[ 8]) * a[13]
-       +  ((sp_int64)a[ 9]) * a[12]
-       +  ((sp_int64)a[10]) * a[11]) * 2;
-    r[20] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[ 8]) * a[14]
-       +  ((sp_int64)a[ 9]) * a[13]
-       +  ((sp_int64)a[10]) * a[12]) * 2
-       +  ((sp_int64)a[11]) * a[11];
-    r[21] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[ 9]) * a[14]
-       +  ((sp_int64)a[10]) * a[13]
-       +  ((sp_int64)a[11]) * a[12]) * 2;
-    r[22] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[10]) * a[14]
-       +  ((sp_int64)a[11]) * a[13]) * 2
-       +  ((sp_int64)a[12]) * a[12];
-    r[23] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[11]) * a[14]
-       +  ((sp_int64)a[12]) * a[13]) * 2;
-    r[24] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 = (((sp_int64)a[12]) * a[14]) * 2
-       +  ((sp_int64)a[13]) * a[13];
-    r[25] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    t1 = (((sp_int64)a[13]) * a[14]) * 2;
-    r[26] = (sp_digit)(t0 & 0x3ffffff); t1 += t0 >> 26;
-    t0 =  ((sp_int64)a[14]) * a[14];
-    r[27] = (sp_digit)(t1 & 0x3ffffff); t0 += t1 >> 26;
-    r[28] = (sp_digit)(t0 & 0x3ffffff);
-    r[29] = (sp_digit)(t0 >> 26);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_add_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 15; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_add_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-    r[ 9] = a[ 9] + b[ 9];
-    r[10] = a[10] + b[10];
-    r[11] = a[11] + b[11];
-    r[12] = a[12] + b[12];
-    r[13] = a[13] + b[13];
-    r[14] = a[14] + b[14];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_sub_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 15; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_sub_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] - b[ 0];
-    r[ 1] = a[ 1] - b[ 1];
-    r[ 2] = a[ 2] - b[ 2];
-    r[ 3] = a[ 3] - b[ 3];
-    r[ 4] = a[ 4] - b[ 4];
-    r[ 5] = a[ 5] - b[ 5];
-    r[ 6] = a[ 6] - b[ 6];
-    r[ 7] = a[ 7] - b[ 7];
-    r[ 8] = a[ 8] - b[ 8];
-    r[ 9] = a[ 9] - b[ 9];
-    r[10] = a[10] - b[10];
-    r[11] = a[11] - b[11];
-    r[12] = a[12] - b[12];
-    r[13] = a[13] - b[13];
-    r[14] = a[14] - b[14];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 26
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 25);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 25);
-    }
-#elif DIGIT_BIT > 26
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x3ffffff;
-        s = 26U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 26U) <= (word32)DIGIT_BIT) {
-            s += 26U;
-            r[j] &= 0x3ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 26) {
-            r[j] &= 0x3ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 26 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_15(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 15, pm->x);
-    sp_384_from_mp(p->y, 15, pm->y);
-    sp_384_from_mp(p->z, 15, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 26
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 15);
-        r->used = 15;
-        mp_clamp(r);
-#elif DIGIT_BIT < 26
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 15; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 26) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 26 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 15; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 26 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 26 - s;
-            }
-            else {
-                s += 26;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_15(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_384_cmp_15(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=14; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 25);
-    }
-#else
-    r |= (a[14] - b[14]) & (0 - (sp_digit)1);
-    r |= (a[13] - b[13]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[12] - b[12]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[11] - b[11]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[10] - b[10]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 9] - b[ 9]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 8] - b[ 8]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 7] - b[ 7]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 6] - b[ 6]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 5] - b[ 5]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 4] - b[ 4]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 3] - b[ 3]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 2] - b[ 2]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 1] - b[ 1]) & ~(((sp_digit)0 - r) >> 25);
-    r |= (a[ 0] - b[ 0]) & ~(((sp_digit)0 - r) >> 25);
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_384_cond_sub_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 15; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    r[ 0] = a[ 0] - (b[ 0] & m);
-    r[ 1] = a[ 1] - (b[ 1] & m);
-    r[ 2] = a[ 2] - (b[ 2] & m);
-    r[ 3] = a[ 3] - (b[ 3] & m);
-    r[ 4] = a[ 4] - (b[ 4] & m);
-    r[ 5] = a[ 5] - (b[ 5] & m);
-    r[ 6] = a[ 6] - (b[ 6] & m);
-    r[ 7] = a[ 7] - (b[ 7] & m);
-    r[ 8] = a[ 8] - (b[ 8] & m);
-    r[ 9] = a[ 9] - (b[ 9] & m);
-    r[10] = a[10] - (b[10] & m);
-    r[11] = a[11] - (b[11] & m);
-    r[12] = a[12] - (b[12] & m);
-    r[13] = a[13] - (b[13] & m);
-    r[14] = a[14] - (b[14] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_384_mul_add_15(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 12; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x3ffffff);
-        t[1] += t[0] >> 26;
-        r[i+1] = (sp_digit)(t[1] & 0x3ffffff);
-        t[2] += t[1] >> 26;
-        r[i+2] = (sp_digit)(t[2] & 0x3ffffff);
-        t[3] += t[2] >> 26;
-        r[i+3] = (sp_digit)(t[3] & 0x3ffffff);
-        t[0]  = t[3] >> 26;
-    }
-    t[0] += (tb * a[12]) + r[12];
-    t[1]  = (tb * a[13]) + r[13];
-    t[2]  = (tb * a[14]) + r[14];
-    r[12] = (sp_digit)(t[0] & 0x3ffffff);
-    t[1] += t[0] >> 26;
-    r[13] = (sp_digit)(t[1] & 0x3ffffff);
-    t[2] += t[1] >> 26;
-    r[14] = (sp_digit)(t[2] & 0x3ffffff);
-    r[15] +=  (sp_digit)(t[2] >> 26);
-#else
-    sp_int64 tb = b;
-    sp_int64 t[15];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    t[ 7] = tb * a[ 7];
-    t[ 8] = tb * a[ 8];
-    t[ 9] = tb * a[ 9];
-    t[10] = tb * a[10];
-    t[11] = tb * a[11];
-    t[12] = tb * a[12];
-    t[13] = tb * a[13];
-    t[14] = tb * a[14];
-    r[ 0] += (sp_digit)                 (t[ 0] & 0x3ffffff);
-    r[ 1] += (sp_digit)((t[ 0] >> 26) + (t[ 1] & 0x3ffffff));
-    r[ 2] += (sp_digit)((t[ 1] >> 26) + (t[ 2] & 0x3ffffff));
-    r[ 3] += (sp_digit)((t[ 2] >> 26) + (t[ 3] & 0x3ffffff));
-    r[ 4] += (sp_digit)((t[ 3] >> 26) + (t[ 4] & 0x3ffffff));
-    r[ 5] += (sp_digit)((t[ 4] >> 26) + (t[ 5] & 0x3ffffff));
-    r[ 6] += (sp_digit)((t[ 5] >> 26) + (t[ 6] & 0x3ffffff));
-    r[ 7] += (sp_digit)((t[ 6] >> 26) + (t[ 7] & 0x3ffffff));
-    r[ 8] += (sp_digit)((t[ 7] >> 26) + (t[ 8] & 0x3ffffff));
-    r[ 9] += (sp_digit)((t[ 8] >> 26) + (t[ 9] & 0x3ffffff));
-    r[10] += (sp_digit)((t[ 9] >> 26) + (t[10] & 0x3ffffff));
-    r[11] += (sp_digit)((t[10] >> 26) + (t[11] & 0x3ffffff));
-    r[12] += (sp_digit)((t[11] >> 26) + (t[12] & 0x3ffffff));
-    r[13] += (sp_digit)((t[12] >> 26) + (t[13] & 0x3ffffff));
-    r[14] += (sp_digit)((t[13] >> 26) + (t[14] & 0x3ffffff));
-    r[15] += (sp_digit) (t[14] >> 26);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Normalize the values in each word to 26 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_384_norm_15(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 14; i++) {
-        a[i+1] += a[i] >> 26;
-        a[i] &= 0x3ffffff;
-    }
-#else
-    a[1] += a[0] >> 26; a[0] &= 0x3ffffff;
-    a[2] += a[1] >> 26; a[1] &= 0x3ffffff;
-    a[3] += a[2] >> 26; a[2] &= 0x3ffffff;
-    a[4] += a[3] >> 26; a[3] &= 0x3ffffff;
-    a[5] += a[4] >> 26; a[4] &= 0x3ffffff;
-    a[6] += a[5] >> 26; a[5] &= 0x3ffffff;
-    a[7] += a[6] >> 26; a[6] &= 0x3ffffff;
-    a[8] += a[7] >> 26; a[7] &= 0x3ffffff;
-    a[9] += a[8] >> 26; a[8] &= 0x3ffffff;
-    a[10] += a[9] >> 26; a[9] &= 0x3ffffff;
-    a[11] += a[10] >> 26; a[10] &= 0x3ffffff;
-    a[12] += a[11] >> 26; a[11] &= 0x3ffffff;
-    a[13] += a[12] >> 26; a[12] &= 0x3ffffff;
-    a[14] += a[13] >> 26; a[13] &= 0x3ffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 384 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_384_mont_shift_15(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_int64 n = a[14] >> 20;
-    n += ((sp_int64)a[15]) << 6;
-
-    for (i = 0; i < 14; i++) {
-        r[i] = (sp_digit)(n & 0x3ffffff);
-        n >>= 26;
-        n += ((sp_int64)a[16 + i]) << 6;
-    }
-    r[14] = (sp_digit)n;
-#else
-    sp_int64 n = a[14] >> 20;
-    n += ((sp_int64)a[15]) << 6;
-    r[ 0] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[16]) << 6;
-    r[ 1] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[17]) << 6;
-    r[ 2] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[18]) << 6;
-    r[ 3] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[19]) << 6;
-    r[ 4] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[20]) << 6;
-    r[ 5] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[21]) << 6;
-    r[ 6] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[22]) << 6;
-    r[ 7] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[23]) << 6;
-    r[ 8] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[24]) << 6;
-    r[ 9] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[25]) << 6;
-    r[10] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[26]) << 6;
-    r[11] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[27]) << 6;
-    r[12] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[28]) << 6;
-    r[13] = (sp_digit)(n & 0x3ffffff); n >>= 26; n += ((sp_int64)a[29]) << 6;
-    r[14] = (sp_digit)n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[15], 0, sizeof(*r) * 15U);
-}
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_384_mont_reduce_order_15(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_384_norm_15(a + 15);
-
-    for (i=0; i<14; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x3ffffff);
-        sp_384_mul_add_15(a+i, m, mu);
-        a[i+1] += a[i] >> 26;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0xfffffL);
-    sp_384_mul_add_15(a+i, m, mu);
-    a[i+1] += a[i] >> 26;
-    a[i] &= 0x3ffffff;
-    sp_384_mont_shift_15(a, a);
-    over = a[14] >> 20;
-    sp_384_cond_sub_15(a, a, m, ~((over - 1) >> 31));
-    sp_384_norm_15(a);
-}
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit am;
-
-    (void)m;
-    (void)mp;
-
-    for (i = 0; i < 14; i++) {
-        am = (sp_digit)((a[i] * 0x1) & 0x3ffffff);
-        a[i +  1] += (sp_digit)((am << 6) & 0x3ffffff);
-        a[i +  2] += am >> 20;
-        a[i +  3] -= (sp_digit)((am << 18) & 0x3ffffff);
-        a[i +  4] -= am >> 8;
-        a[i +  4] -= (sp_digit)((am << 24) & 0x3ffffff);
-        a[i +  5] -= am >> 2;
-        a[i + 14] += (sp_digit)((am << 20) & 0x3ffffff);
-        a[i + 15] += am >> 6;
-
-        a[i +  1] += a[i] >> 26;
-    }
-    am = (sp_digit)((a[14] * 0x1) & 0xfffff);
-    a[14 +  1] += (sp_digit)((am << 6) & 0x3ffffff);
-    a[14 +  2] += am >> 20;
-    a[14 +  3] -= (sp_digit)((am << 18) & 0x3ffffff);
-    a[14 +  4] -= am >> 8;
-    a[14 +  4] -= (sp_digit)((am << 24) & 0x3ffffff);
-    a[14 +  5] -= am >> 2;
-    a[14 + 14] += (sp_digit)((am << 20) & 0x3ffffff);
-    a[14 + 15] += am >> 6;
-
-    a[0] = (a[14] >> 20) + (sp_digit)((a[15] << 6) & 0x3ffffff);
-    a[1] = (a[15] >> 20) + (sp_digit)((a[16] << 6) & 0x3ffffff);
-    a[2] = (a[16] >> 20) + (sp_digit)((a[17] << 6) & 0x3ffffff);
-    a[3] = (a[17] >> 20) + (sp_digit)((a[18] << 6) & 0x3ffffff);
-    a[4] = (a[18] >> 20) + (sp_digit)((a[19] << 6) & 0x3ffffff);
-    a[5] = (a[19] >> 20) + (sp_digit)((a[20] << 6) & 0x3ffffff);
-    a[6] = (a[20] >> 20) + (sp_digit)((a[21] << 6) & 0x3ffffff);
-    a[7] = (a[21] >> 20) + (sp_digit)((a[22] << 6) & 0x3ffffff);
-    a[8] = (a[22] >> 20) + (sp_digit)((a[23] << 6) & 0x3ffffff);
-    a[9] = (a[23] >> 20) + (sp_digit)((a[24] << 6) & 0x3ffffff);
-    a[10] = (a[24] >> 20) + (sp_digit)((a[25] << 6) & 0x3ffffff);
-    a[11] = (a[25] >> 20) + (sp_digit)((a[26] << 6) & 0x3ffffff);
-    a[12] = (a[26] >> 20) + (sp_digit)((a[27] << 6) & 0x3ffffff);
-    a[13] = (a[27] >> 20) + (sp_digit)((a[28] << 6) & 0x3ffffff);
-    a[14] = (a[14 + 14] >> 20) +  (a[29] << 6);
-
-    a[1] += a[0] >> 26; a[0] &= 0x3ffffff;
-    a[2] += a[1] >> 26; a[1] &= 0x3ffffff;
-    a[3] += a[2] >> 26; a[2] &= 0x3ffffff;
-    a[4] += a[3] >> 26; a[3] &= 0x3ffffff;
-    a[5] += a[4] >> 26; a[4] &= 0x3ffffff;
-    a[6] += a[5] >> 26; a[5] &= 0x3ffffff;
-    a[7] += a[6] >> 26; a[6] &= 0x3ffffff;
-    a[8] += a[7] >> 26; a[7] &= 0x3ffffff;
-    a[9] += a[8] >> 26; a[8] &= 0x3ffffff;
-    a[10] += a[9] >> 26; a[9] &= 0x3ffffff;
-    a[11] += a[10] >> 26; a[10] &= 0x3ffffff;
-    a[12] += a[11] >> 26; a[11] &= 0x3ffffff;
-    a[13] += a[12] >> 26; a[12] &= 0x3ffffff;
-    a[14] += a[13] >> 26; a[13] &= 0x3ffffff;
-
-    /* Get the bit over, if any. */
-    am = a[14] >> 20;
-    /* Create mask. */
-    am = 0 - am;
-
-    a[0] -= (sp_digit)(0x03ffffff & am);
-    a[1] -= (sp_digit)(0x0000003f & am);
-    /* p384_mod[2] is zero */
-    a[3] -= (sp_digit)(0x03fc0000 & am);
-    a[4] -= (sp_digit)(0x02ffffff & am);
-    a[5] -= (sp_digit)(0x03ffffff & am);
-    a[6] -= (sp_digit)(0x03ffffff & am);
-    a[7] -= (sp_digit)(0x03ffffff & am);
-    a[8] -= (sp_digit)(0x03ffffff & am);
-    a[9] -= (sp_digit)(0x03ffffff & am);
-    a[10] -= (sp_digit)(0x03ffffff & am);
-    a[11] -= (sp_digit)(0x03ffffff & am);
-    a[12] -= (sp_digit)(0x03ffffff & am);
-    a[13] -= (sp_digit)(0x03ffffff & am);
-    a[14] -= (sp_digit)(0x000fffff & am);
-
-    a[1] += a[0] >> 26; a[0] &= 0x3ffffff;
-    a[2] += a[1] >> 26; a[1] &= 0x3ffffff;
-    a[3] += a[2] >> 26; a[2] &= 0x3ffffff;
-    a[4] += a[3] >> 26; a[3] &= 0x3ffffff;
-    a[5] += a[4] >> 26; a[4] &= 0x3ffffff;
-    a[6] += a[5] >> 26; a[5] &= 0x3ffffff;
-    a[7] += a[6] >> 26; a[6] &= 0x3ffffff;
-    a[8] += a[7] >> 26; a[7] &= 0x3ffffff;
-    a[9] += a[8] >> 26; a[8] &= 0x3ffffff;
-    a[10] += a[9] >> 26; a[9] &= 0x3ffffff;
-    a[11] += a[10] >> 26; a[10] &= 0x3ffffff;
-    a[12] += a[11] >> 26; a[11] &= 0x3ffffff;
-    a[13] += a[12] >> 26; a[12] &= 0x3ffffff;
-    a[14] += a[13] >> 26; a[13] &= 0x3ffffff;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_15(r, a, b);
-    sp_384_mont_reduce_15(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_15(r, a);
-    sp_384_mont_reduce_15(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_15(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_15(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_15(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word32 p384_mod_minus_2[12] = {
-    0xfffffffdU,0x00000000U,0x00000000U,0xffffffffU,0xfffffffeU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_15(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 15);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_15(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_384_mont_mul_15(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 15);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 15;
-    sp_digit* t3 = td + 4 * 15;
-    sp_digit* t4 = td + 6 * 15;
-    sp_digit* t5 = td + 8 * 15;
-
-    /* 0x2 */
-    sp_384_mont_sqr_15(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_15(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_15(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_15(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_15(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_15(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_15(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_15(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_15(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_15(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_15(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_15(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_15(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_15(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_15(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_15(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_15(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_15(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_15(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_15(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_15(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_15(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_15(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_15(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_15(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_15(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_15(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_15(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*15;
-    sp_int32 n;
-
-    sp_384_mont_inv_15(t1, p->z, t + 2*15);
-
-    sp_384_mont_sqr_15(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_15(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 15, 0, sizeof(sp_digit) * 15U);
-    sp_384_mont_reduce_15(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_15(r->x, p384_mod);
-    sp_384_cond_sub_15(r->x, r->x, p384_mod, (sp_digit)~(n >> 25));
-    sp_384_norm_15(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_15(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 15, 0, sizeof(sp_digit) * 15U);
-    sp_384_mont_reduce_15(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_15(r->y, p384_mod);
-    sp_384_cond_sub_15(r->y, r->y, p384_mod, (sp_digit)~(n >> 25));
-    sp_384_norm_15(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_add_15(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_384_add_15(r, a, b);
-    sp_384_norm_15(r);
-    over = r[14] >> 20;
-    sp_384_cond_sub_15(r, r, m, ~((over - 1) >> 31));
-    sp_384_norm_15(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_dbl_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_384_add_15(r, a, a);
-    sp_384_norm_15(r);
-    over = r[14] >> 20;
-    sp_384_cond_sub_15(r, r, m, ~((over - 1) >> 31));
-    sp_384_norm_15(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_tpl_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_384_add_15(r, a, a);
-    sp_384_norm_15(r);
-    over = r[14] >> 20;
-    sp_384_cond_sub_15(r, r, m, ~((over - 1) >> 31));
-    sp_384_norm_15(r);
-    (void)sp_384_add_15(r, r, a);
-    sp_384_norm_15(r);
-    over = r[14] >> 20;
-    sp_384_cond_sub_15(r, r, m, ~((over - 1) >> 31));
-    sp_384_norm_15(r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_384_cond_add_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 15; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_384_cond_add_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    r[ 0] = a[ 0] + (b[ 0] & m);
-    r[ 1] = a[ 1] + (b[ 1] & m);
-    r[ 2] = a[ 2] + (b[ 2] & m);
-    r[ 3] = a[ 3] + (b[ 3] & m);
-    r[ 4] = a[ 4] + (b[ 4] & m);
-    r[ 5] = a[ 5] + (b[ 5] & m);
-    r[ 6] = a[ 6] + (b[ 6] & m);
-    r[ 7] = a[ 7] + (b[ 7] & m);
-    r[ 8] = a[ 8] + (b[ 8] & m);
-    r[ 9] = a[ 9] + (b[ 9] & m);
-    r[10] = a[10] + (b[10] & m);
-    r[11] = a[11] + (b[11] & m);
-    r[12] = a[12] + (b[12] & m);
-    r[13] = a[13] + (b[13] & m);
-    r[14] = a[14] + (b[14] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_384_sub_15(r, a, b);
-    sp_384_norm_15(r);
-    sp_384_cond_add_15(r, r, m, r[14] >> 20);
-    sp_384_norm_15(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_384_rshift1_15(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<14; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 25) & 0x3ffffff);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 25) & 0x3ffffff);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 25) & 0x3ffffff);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 25) & 0x3ffffff);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 25) & 0x3ffffff);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 25) & 0x3ffffff);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 25) & 0x3ffffff);
-    r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 25) & 0x3ffffff);
-    r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 25) & 0x3ffffff);
-    r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 25) & 0x3ffffff);
-    r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 25) & 0x3ffffff);
-    r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 25) & 0x3ffffff);
-    r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 25) & 0x3ffffff);
-    r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 25) & 0x3ffffff);
-    r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 25) & 0x3ffffff);
-#endif
-    r[14] = a[14] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_384_mont_div2_15(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_384_cond_add_15(r, a, m, 0 - (a[0] & 1));
-    sp_384_norm_15(r);
-    sp_384_rshift1_15(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_15(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*15;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_15(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_15(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_15(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_15(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_15(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_15(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_15(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_15(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_15(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_15(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_15(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_15(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_15(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_15(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_15(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_15(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_15(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_15(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_15_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_15_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_15_ctx* ctx = (sp_384_proj_point_dbl_15_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_15_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*15;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_15(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_15(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_15(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_15(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_15(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_15(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_15(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_15(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_15(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_15(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_15(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_15(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_15(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_15(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_15(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_15(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_15(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_15(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_15(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_15(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_15(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*15;
-    sp_digit* t2 = t + 4*15;
-    sp_digit* t3 = t + 6*15;
-    sp_digit* t4 = t + 8*15;
-    sp_digit* t5 = t + 10*15;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_15(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_15(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_15(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_15(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_15(t2, t1) &
-            sp_384_cmp_equal_15(t4, t3)) {
-        sp_384_proj_point_dbl_15(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_15(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_15(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_15(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_15(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_15(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(x, x, t5, p384_mod);
-        sp_384_mont_mul_15(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_15(t3, y, p384_mod);
-        sp_384_mont_sub_15(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_15(y, y, x, p384_mod);
-        sp_384_mont_mul_15(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 15; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 15; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 15; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_15_ctx {
-    int state;
-    sp_384_proj_point_dbl_15_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_15_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_15_ctx* ctx = (sp_384_proj_point_add_15_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_15_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*15;
-        ctx->t2 = t + 4*15;
-        ctx->t3 = t + 6*15;
-        ctx->t4 = t + 8*15;
-        ctx->t5 = t + 10*15;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_15(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_15(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_15(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_15(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_15(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_15(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_15(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_15(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_15(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_15(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_15(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_15(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_15(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_15(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_15(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_15(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_15(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_15(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_15(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_15(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_15(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_15(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_15(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_15(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_15(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_15(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 15; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 15; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 15; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 2 * 12);
-    int64_t* a32 = NULL;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        a32 = t + 12;
-
-        a32[0] = a[0];
-        a32[0] |= (int64_t)a[1] << 26U;
-        a32[0] &= 0xffffffffL;
-        a32[1] = (a[1] >> 6);
-        a32[1] |= (int64_t)a[2] << 20U;
-        a32[1] &= 0xffffffffL;
-        a32[2] = (a[2] >> 12);
-        a32[2] |= (int64_t)a[3] << 14U;
-        a32[2] &= 0xffffffffL;
-        a32[3] = (a[3] >> 18);
-        a32[3] |= (int64_t)a[4] << 8U;
-        a32[3] &= 0xffffffffL;
-        a32[4] = (a[4] >> 24);
-        a32[4] |= (int64_t)a[5] << 2U;
-        a32[4] |= (int64_t)a[6] << 28U;
-        a32[4] &= 0xffffffffL;
-        a32[5] = (a[6] >> 4);
-        a32[5] |= (int64_t)a[7] << 22U;
-        a32[5] &= 0xffffffffL;
-        a32[6] = (a[7] >> 10);
-        a32[6] |= (int64_t)a[8] << 16U;
-        a32[6] &= 0xffffffffL;
-        a32[7] = (a[8] >> 16);
-        a32[7] |= (int64_t)a[9] << 10U;
-        a32[7] &= 0xffffffffL;
-        a32[8] = (a[9] >> 22);
-        a32[8] |= (int64_t)a[10] << 4U;
-        a32[8] |= (int64_t)a[11] << 30U;
-        a32[8] &= 0xffffffffL;
-        a32[9] = (a[11] >> 2);
-        a32[9] |= (int64_t)a[12] << 24U;
-        a32[9] &= 0xffffffffL;
-        a32[10] = (a[12] >> 8);
-        a32[10] |= (int64_t)a[13] << 18U;
-        a32[10] &= 0xffffffffL;
-        a32[11] = (a[13] >> 14);
-        a32[11] |= (int64_t)a[14] << 12U;
-        a32[11] &= 0xffffffffL;
-
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + a32[0] + a32[8] + a32[9] - a32[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - a32[0] + a32[1] - a32[8] + a32[10] + a32[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - a32[1] + a32[2] - a32[9] + a32[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + a32[0] - a32[2] + a32[3] + a32[8] + a32[9] - a32[10] - a32[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + a32[0] + a32[1] - a32[3] + a32[4] + a32[8] + 2 * a32[9] + a32[10] -  2 * a32[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + a32[1] + a32[2] - a32[4] + a32[5] + a32[9] + 2 * a32[10] + a32[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + a32[2] + a32[3] - a32[5] + a32[6] + a32[10] + 2 * a32[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + a32[3] + a32[4] - a32[6] + a32[7] + a32[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + a32[4] + a32[5] - a32[7] + a32[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + a32[5] + a32[6] - a32[8] + a32[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + a32[6] + a32[7] - a32[9] + a32[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + a32[7] + a32[8] - a32[10] + a32[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = (sp_digit)(t[0]) & 0x3ffffffL;
-        r[1] = (sp_digit)(t[0] >> 26U);
-        r[1] |= (sp_digit)(t[1] << 6U);
-        r[1] &= 0x3ffffffL;
-        r[2] = (sp_digit)(t[1] >> 20U);
-        r[2] |= (sp_digit)(t[2] << 12U);
-        r[2] &= 0x3ffffffL;
-        r[3] = (sp_digit)(t[2] >> 14U);
-        r[3] |= (sp_digit)(t[3] << 18U);
-        r[3] &= 0x3ffffffL;
-        r[4] = (sp_digit)(t[3] >> 8U);
-        r[4] |= (sp_digit)(t[4] << 24U);
-        r[4] &= 0x3ffffffL;
-        r[5] = (sp_digit)(t[4] >> 2U) & 0x3ffffffL;
-        r[6] = (sp_digit)(t[4] >> 28U);
-        r[6] |= (sp_digit)(t[5] << 4U);
-        r[6] &= 0x3ffffffL;
-        r[7] = (sp_digit)(t[5] >> 22U);
-        r[7] |= (sp_digit)(t[6] << 10U);
-        r[7] &= 0x3ffffffL;
-        r[8] = (sp_digit)(t[6] >> 16U);
-        r[8] |= (sp_digit)(t[7] << 16U);
-        r[8] &= 0x3ffffffL;
-        r[9] = (sp_digit)(t[7] >> 10U);
-        r[9] |= (sp_digit)(t[8] << 22U);
-        r[9] &= 0x3ffffffL;
-        r[10] = (sp_digit)(t[8] >> 4U) & 0x3ffffffL;
-        r[11] = (sp_digit)(t[8] >> 30U);
-        r[11] |= (sp_digit)(t[9] << 2U);
-        r[11] &= 0x3ffffffL;
-        r[12] = (sp_digit)(t[9] >> 24U);
-        r[12] |= (sp_digit)(t[10] << 8U);
-        r[12] &= 0x3ffffffL;
-        r[13] = (sp_digit)(t[10] >> 18U);
-        r[13] |= (sp_digit)(t[11] << 14U);
-        r[13] &= 0x3ffffffL;
-        r[14] = (sp_digit)(t[11] >> 12U);
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 384 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 15 * 6);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 15 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_384) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_15(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_384_mod_mul_norm_15(t[1].y, g->y, p384_mod);
-    if (err == MP_OKAY)
-        err = sp_384_mod_mul_norm_15(t[1].z, g->z, p384_mod);
-
-    if (err == MP_OKAY) {
-        i = 14;
-        c = 20;
-        n = k[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 26;
-            }
-
-            y = (n >> 25) & 1;
-            n <<= 1;
-
-            sp_384_proj_point_add_15(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_384));
-            sp_384_proj_point_dbl_15(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_384));
-        }
-
-        if (map != 0) {
-            sp_384_map_15(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 15 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_ecc_mulmod_15_ctx {
-    int state;
-    union {
-        sp_384_proj_point_dbl_15_ctx dbl_ctx;
-        sp_384_proj_point_add_15_ctx add_ctx;
-    };
-    sp_point_384 t[3];
-    sp_digit tmp[2 * 15 * 6];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_384_ecc_mulmod_15_ctx;
-
-static int sp_384_ecc_mulmod_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_ecc_mulmod_15_ctx* ctx = (sp_384_ecc_mulmod_15_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_ecc_mulmod_15_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_384) * 3);
-        ctx->i = 14;
-        ctx->c = 20;
-        ctx->n = k[ctx->i--] << (26 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_15(ctx->t[1].x, g->x, p384_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_384_mod_mul_norm_15(ctx->t[1].y, g->y, p384_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_384_mod_mul_norm_15(ctx->t[1].z, g->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 26;
-        }
-        ctx->y = (ctx->n >> 25) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_384_proj_point_add_15_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_384));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_384_proj_point_dbl_15_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_384));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_384_map_15(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_384));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[15];
-    sp_digit y[15];
-} sp_table_entry_384;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_384_cond_copy_15(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[15];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 15; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 15; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    t[ 7] = r[ 7] ^ a[ 7];
-    t[ 8] = r[ 8] ^ a[ 8];
-    t[ 9] = r[ 9] ^ a[ 9];
-    t[10] = r[10] ^ a[10];
-    t[11] = r[11] ^ a[11];
-    t[12] = r[12] ^ a[12];
-    t[13] = r[13] ^ a[13];
-    t[14] = r[14] ^ a[14];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-    r[ 7] ^= t[ 7] & m;
-    r[ 8] ^= t[ 8] & m;
-    r[ 9] ^= t[ 9] & m;
-    r[10] ^= t[10] & m;
-    r[11] ^= t[11] & m;
-    r[12] ^= t[12] & m;
-    r[13] ^= t[13] & m;
-    r[14] ^= t[14] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*15;
-    sp_digit* b = t + 4*15;
-    sp_digit* t1 = t + 6*15;
-    sp_digit* t2 = t + 8*15;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_15(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_15(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_15(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_15(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_15(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_15(t2, b, p384_mod);
-        sp_384_mont_sub_15(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_15(t2, b, x, p384_mod);
-        sp_384_mont_dbl_15(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_15(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_15(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_15(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_15(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_15(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_15(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_15(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_15(t2, b, p384_mod);
-    sp_384_mont_sub_15(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_15(t2, b, x, p384_mod);
-    sp_384_mont_dbl_15(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_15(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_15(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_15(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_15(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_15(y, y, p384_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
-        const sp_point_384* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*15;
-    sp_digit* b = t + 4*15;
-    sp_digit* t1 = t + 6*15;
-    sp_digit* t2 = t + 8*15;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<15; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<15; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<15; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_15(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_15(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_15(w, w, p384_mod, p384_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_15(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_15(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_15(t2, b, p384_mod);
-        sp_384_mont_sub_15(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_15(t2, b, x, p384_mod);
-        sp_384_mont_dbl_15(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_15(r[j].z, z, y, p384_mod, p384_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_15(t1, t1, p384_mod, p384_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_15(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_15(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(y, y, t1, p384_mod);
-        /* Y = Y/2 */
-        sp_384_mont_div2_15(r[j].y, y, p384_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_384_proj_point_add_sub_15(sp_point_384* ra,
-        sp_point_384* rs, const sp_point_384* p, const sp_point_384* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*15;
-    sp_digit* t3 = t + 4*15;
-    sp_digit* t4 = t + 6*15;
-    sp_digit* t5 = t + 8*15;
-    sp_digit* t6 = t + 10*15;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_15(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t1, t1, xa, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_15(t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t4, t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_15(t3, t3, ya, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_15(t4, t4, q->y, p384_mod, p384_mp_mod);
-    /* H = U2 - U1 */
-    sp_384_mont_sub_15(t2, t2, t1, p384_mod);
-    /* RS = S2 + S1 */
-    sp_384_mont_add_15(t6, t4, t3, p384_mod);
-    /* R = S2 - S1 */
-    sp_384_mont_sub_15(t4, t4, t3, p384_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_384_mont_mul_15(za, za, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(za, za, t2, p384_mod, p384_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_384_mont_sqr_15(xa, t4, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_15(xs, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_15(t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(ya, t1, t5, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t5, t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_15(xa, xa, t5, p384_mod);
-    sp_384_mont_sub_15(xs, xs, t5, p384_mod);
-    sp_384_mont_dbl_15(t1, ya, p384_mod);
-    sp_384_mont_sub_15(xa, xa, t1, p384_mod);
-    sp_384_mont_sub_15(xs, xs, t1, p384_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_15(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_15(ya, ya, xa, p384_mod);
-    sp_384_mont_mul_15(ya, ya, t4, p384_mod, p384_mp_mod);
-    sp_384_sub_15(t6, p384_mod, t6);
-    sp_384_mont_mul_15(ys, ys, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t5, t5, t3, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_15(ya, ya, t5, p384_mod);
-    sp_384_mont_sub_15(ys, ys, t5, p384_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_384 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_384;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_15_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_15_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<65; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 26) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 26) {
-            n >>= 6;
-            if (++j < 15)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 15) {
-            n = k[j];
-            y |= (word8)((n << (26 - o)) & 0x3f);
-            o -= 20;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_15_6[y];
-        v[i].neg = recode_neg_15_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_point_33_15(sp_point_384* r, const sp_point_384* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    r->z[12] = 0;
-    r->z[13] = 0;
-    r->z[14] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-        r->z[12] |= mask & table[i].z[12];
-        r->z[13] |= mask & table[i].z[13];
-        r->z[14] |= mask & table[i].z[14];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 15 * 6);
-    sp_point_384* rt = NULL;
-    sp_point_384* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_384 v[65];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 15 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_15(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_15(t[1].y, g->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_15(t[1].z, g->z, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_384_proj_point_dbl_n_store_15(t, &t[ 1], 5, 1, tmp);
-        sp_384_proj_point_add_15(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[ 6], &t[ 3], tmp);
-        sp_384_proj_point_add_sub_15(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[10], &t[ 5], tmp);
-        sp_384_proj_point_add_sub_15(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[12], &t[ 6], tmp);
-        sp_384_proj_point_dbl_15(&t[14], &t[ 7], tmp);
-        sp_384_proj_point_add_sub_15(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[18], &t[ 9], tmp);
-        sp_384_proj_point_add_sub_15(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[20], &t[10], tmp);
-        sp_384_proj_point_dbl_15(&t[22], &t[11], tmp);
-        sp_384_proj_point_add_sub_15(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[24], &t[12], tmp);
-        sp_384_proj_point_dbl_15(&t[26], &t[13], tmp);
-        sp_384_proj_point_add_sub_15(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_384_proj_point_dbl_15(&t[28], &t[14], tmp);
-        sp_384_proj_point_dbl_15(&t[30], &t[15], tmp);
-        sp_384_proj_point_add_sub_15(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_384_ecc_recode_6_15(k, v);
-
-        i = 64;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_33_15(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_384));
-        }
-        for (--i; i>=0; i--) {
-            sp_384_proj_point_dbl_n_15(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_33_15(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_384));
-            }
-            sp_384_sub_15(negy, p384_mod, p->y);
-            sp_384_norm_15(negy);
-            sp_384_cond_copy_15(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_384_proj_point_add_15(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_384_map_15(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*15;
-    sp_digit* t6 = t + 4*15;
-    sp_digit* t1 = t + 6*15;
-    sp_digit* t4 = t + 8*15;
-    sp_digit* t5 = t + 10*15;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_15(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_15(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_15(p->x, t2) &
-            sp_384_cmp_equal_15(p->y, t4)) {
-        sp_384_proj_point_dbl_15(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_15(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_15(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_15(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_15(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_15(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_15(t5, t3, p384_mod);
-        sp_384_mont_sub_15(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_15(t3, t3, x, p384_mod);
-        sp_384_mont_mul_15(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 15; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 15; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 15; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_15(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 15;
-    sp_digit* tmp = t + 4 * 15;
-
-    sp_384_mont_inv_15(t1, a->z, tmp);
-
-    sp_384_mont_sqr_15(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_15(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_15(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 48 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_15(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_15(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_15(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_15(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_15(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_384_proj_point_dbl_n_15(t, 48, tmp);
-            sp_384_proj_to_affine_15(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_15(t, s1, s2, tmp);
-                sp_384_proj_to_affine_15(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_256_15(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_15(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 15 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 15 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 47;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 26] >> (x % 26)) & 1) << j);
-            x += 48;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_256_15(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=46; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 26] >> (x % 26)) & 1) << j);
-                x += 48;
-            }
-
-            sp_384_proj_point_dbl_15(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_256_15(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_15(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_15(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[15];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[15];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_15(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_15(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_win_add_sub_15(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 15 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 15 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_15(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_win_add_sub_15(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_15(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 15);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 15, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 15, km);
-        sp_384_point_from_ecc_point_15(point, gm);
-
-            err = sp_384_ecc_mulmod_15(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_15(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 15 + 15 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 15 + 15 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 15;
-
-        sp_384_from_mp(k, 15, km);
-        sp_384_point_from_ecc_point_15(point, gm);
-        sp_384_point_from_ecc_point_15(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_15(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_15(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_15(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_15(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_15(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_15(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_15(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_15(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_384_ecc_mulmod_15(r, &p384_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_384_ecc_mulmod_base_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_384_ecc_mulmod_15_nb(sp_ctx, r, &p384_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 48 between points.
- */
-static const sp_table_entry_384 p384_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x1c0b528,0x01d5992,0x0e383dd,0x38a835b,0x220e378,0x106d35b,
-        0x1c3afc5,0x03bfe1e,0x28459a3,0x2d91521,0x214ede2,0x0bfdc8d,
-        0x2151381,0x3708a67,0x004d3aa },
-      { 0x303a4fe,0x10f6b52,0x29ac230,0x2fdeed2,0x0a1bfa8,0x3a0ec14,
-        0x2de7562,0x3ff662e,0x21968f4,0x031b0d4,0x3969a84,0x2000898,
-        0x1c5e9dd,0x2f09685,0x002b78a } },
-    /* 2 */
-    { { 0x30c535b,0x191d4ca,0x2296298,0x14dc141,0x090dd69,0x05aae6b,
-        0x0cd6b42,0x35da80e,0x3b7be12,0x2cf7e6d,0x1f347bd,0x3d365e1,
-        0x1448913,0x32704fa,0x00222c5 },
-      { 0x280dc64,0x39e5bc9,0x24175f8,0x2dd60d4,0x0120e7c,0x041d02e,
-        0x0b5d8ad,0x37b9895,0x2fb5337,0x1f0e2e3,0x14f0224,0x2230b86,
-        0x1bc4cf6,0x17cdb09,0x007b5c7 } },
-    /* 3 */
-    { { 0x2dffea5,0x28f30e7,0x29fce26,0x070df5f,0x235bbfd,0x2f78fbd,
-        0x27700d9,0x23d6bc3,0x3471a53,0x0c0e03a,0x05bf9eb,0x276a2ec,
-        0x20c3e2e,0x31cc691,0x00dbb93 },
-      { 0x126b605,0x2e8983d,0x153737d,0x23bf5e1,0x295d497,0x35ca812,
-        0x2d793ae,0x16c6893,0x3777600,0x089a520,0x1e681f8,0x3d55ee6,
-        0x154ef99,0x155f592,0x00ae5f9 } },
-    /* 4 */
-    { { 0x26feef9,0x20315fc,0x1240244,0x250e838,0x3c31a26,0x1cf8af1,
-        0x1002c32,0x3b531cd,0x1c53ef1,0x22310ba,0x3f4948e,0x22eafd9,
-        0x3863202,0x3d0e2a5,0x006a502 },
-      { 0x34536fe,0x04e91ad,0x30ebf5f,0x2af62a7,0x01d218b,0x1c8c9da,
-        0x336bcc3,0x23060c3,0x331576e,0x1b14c5e,0x1bbcb76,0x0755e9a,
-        0x3d4dcef,0x24c2cf8,0x00917c4 } },
-    /* 5 */
-    { { 0x349ddd0,0x09b8bb8,0x0250114,0x3e66cbf,0x29f117e,0x3005d29,
-        0x36b480e,0x2119bfc,0x2761845,0x253d2f7,0x0580604,0x0bb6db4,
-        0x3ca922f,0x1744677,0x008adc7 },
-      { 0x3d5a7ce,0x27425ed,0x11e9a61,0x3968d10,0x3874275,0x3692d3b,
-        0x03e0470,0x0763d50,0x3d97790,0x3cbaeab,0x2747170,0x18faf3a,
-        0x180365e,0x2511fe7,0x0012a36 } },
-    /* 6 */
-    { { 0x3c52870,0x2701e93,0x296128f,0x120694e,0x1ce0b37,0x3860a36,
-        0x10fa180,0x0896b55,0x2f76adb,0x22892ae,0x2e58a34,0x07b4295,
-        0x2cb62d1,0x079a522,0x00f3d81 },
-      { 0x061ed22,0x2375dd3,0x3c9d861,0x3e602d1,0x10bb747,0x39ae156,
-        0x3f796fd,0x087a48a,0x06d680a,0x37f7f47,0x2af2c9d,0x36c55dc,
-        0x10f3dc0,0x279b07a,0x00a0937 } },
-    /* 7 */
-    { { 0x085c629,0x319bbf8,0x089a386,0x184256f,0x15fc2a4,0x00fd2d0,
-        0x13d6312,0x363d44d,0x32b7e4b,0x25f2865,0x27df8ce,0x1dce02a,
-        0x24ea3b0,0x0e27b9f,0x00d8a90 },
-      { 0x3b14461,0x1d371f9,0x0f781bc,0x0503271,0x0dc2cb0,0x13bc284,
-        0x34b3a68,0x1ff894a,0x25d2032,0x16f79ba,0x260f961,0x07b10d5,
-        0x18173b7,0x2812e2b,0x00eede5 } },
-    /* 8 */
-    { { 0x13b9a2d,0x132ece2,0x0c5d558,0x02c0214,0x1820c66,0x37cb50f,
-        0x26d8267,0x3a00504,0x3f00109,0x33756ee,0x38172f1,0x2e4bb8c,
-        0x030d985,0x3e4fcc5,0x00609d4 },
-      { 0x2daf9d6,0x16681fa,0x1fb01e0,0x1b03c49,0x370e653,0x183c839,
-        0x2207515,0x0ea6b58,0x1ae7aaf,0x3a96522,0x24bae14,0x1c38bd9,
-        0x082497b,0x1c05db4,0x000dd03 } },
-    /* 9 */
-    { { 0x110521f,0x04efa21,0x0c174cc,0x2a7dc93,0x387315b,0x14f7098,
-        0x1d83bb3,0x2495ed2,0x2fe0c27,0x1e2d9df,0x093c953,0x0287073,
-        0x02c9951,0x336291c,0x0033e30 },
-      { 0x208353f,0x3f22748,0x2b2bf0f,0x2373b50,0x10170fa,0x1b8a97d,
-        0x0851ed2,0x0b25824,0x055ecb5,0x12049d9,0x3fe1adf,0x11b1385,
-        0x28eab06,0x11fac21,0x00513f0 } },
-    /* 10 */
-    { { 0x35bdf53,0x1847d37,0x1a6dc07,0x29d62c4,0x045d331,0x313b8e5,
-        0x165daf1,0x1e34562,0x3e75a58,0x16ea2fa,0x02dd302,0x3302862,
-        0x3eb8bae,0x2266a48,0x00cf2a3 },
-      { 0x24fd048,0x324a074,0x025df98,0x1662eec,0x3841bfb,0x26ae754,
-        0x1df8cec,0x0113ae3,0x0b67fef,0x094e293,0x2323666,0x0ab087c,
-        0x2f06509,0x0e142d9,0x00a919d } },
-    /* 11 */
-    { { 0x1d480d8,0x00ed021,0x3a7d3db,0x1e46ca1,0x28cd9f4,0x2a3ceeb,
-        0x24dc754,0x0624a3c,0x0003db4,0x1520bae,0x1c56e0f,0x2fe7ace,
-        0x1dc6f38,0x0c826a4,0x008b977 },
-      { 0x209cfc2,0x2c16c9c,0x1b70a31,0x21416cb,0x34c49bf,0x186549e,
-        0x062498d,0x146e959,0x0391fac,0x08ff944,0x2b4b834,0x013d57a,
-        0x2eabffb,0x0370131,0x00c07c1 } },
-    /* 12 */
-    { { 0x332f048,0x0bf9336,0x16dfad2,0x2451d7b,0x35f23bf,0x299adb2,
-        0x0ce0c0a,0x0170294,0x289f034,0x2b7d89e,0x395e2d6,0x1d20df7,
-        0x2e64e36,0x16dae90,0x00081c9 },
-      { 0x31d6ceb,0x0f80db9,0x0271eba,0x33db1ac,0x1b45bcc,0x1a11c07,
-        0x347e630,0x148fd9e,0x142e712,0x3183e3e,0x1cd47ad,0x108d1c9,
-        0x09cbb82,0x35e61d9,0x0083027 } },
-    /* 13 */
-    { { 0x215b0b8,0x0a7a98d,0x2c41b39,0x3f69536,0x0b41441,0x16da8da,
-        0x15d556b,0x3c17a26,0x129167e,0x3ea0351,0x2d25a27,0x2f2d285,
-        0x15b68f6,0x2931ef5,0x00210d6 },
-      { 0x1351130,0x012aec9,0x37ebf38,0x26640f8,0x01d2df6,0x2130972,
-        0x201efc0,0x23a457c,0x087a1c6,0x14c68a3,0x163f62a,0x36b494d,
-        0x015d481,0x39c35b1,0x005dd6d } },
-    /* 14 */
-    { { 0x06612ce,0x11c3f61,0x199729f,0x3b36863,0x2986f3e,0x3cd2be1,
-        0x04c1612,0x2be2dae,0x00846dd,0x3d7bc29,0x249e795,0x1016803,
-        0x37a3714,0x2c5aa8b,0x005f491 },
-      { 0x341b38d,0x01eb936,0x3caac7f,0x27863ef,0x1ef7d11,0x1110ec6,
-        0x18e0761,0x26498e8,0x01a79a1,0x390d5a1,0x22226fb,0x3d2a473,
-        0x0872191,0x1230f32,0x00dc772 } },
-    /* 15 */
-    { { 0x0b1ec9d,0x03fc6b9,0x3706d57,0x03b9fbb,0x221d23e,0x2867821,
-        0x1e40f4c,0x2c9c0f3,0x3c4cd4b,0x31f5948,0x3f13aa6,0x307c1b2,
-        0x04b6016,0x116b453,0x005aa72 },
-      { 0x0b74de8,0x20519d1,0x134e37f,0x05d882a,0x1839e7a,0x3a2c6a8,
-        0x0d14e8d,0x1d78bdd,0x251f30d,0x3a1e27e,0x081c261,0x2c9014b,
-        0x165ee09,0x19e0cf1,0x00654e2 } },
-    /* 16 */
-    { { 0x39fbe67,0x081778b,0x0e44378,0x20dfdca,0x1c4afcb,0x20b803c,
-        0x0ec06c6,0x1508f6f,0x1c3114d,0x3bca851,0x3a52463,0x07661d1,
-        0x17b0aa0,0x16c5f5c,0x00fc093 },
-      { 0x0d01f95,0x0ef13f5,0x2d34965,0x2a25582,0x39aa83e,0x3e38fcf,
-        0x3943dca,0x385bbdd,0x210e86f,0x3dc1dd2,0x3f9ffdc,0x18b9bc6,
-        0x345c96b,0x0e79621,0x008a72f } },
-    /* 17 */
-    { { 0x341c342,0x3793688,0x042273a,0x153a9c1,0x3dd326e,0x1d073bc,
-        0x2c7d983,0x05524cd,0x00d59e6,0x347abe8,0x3d9a3ef,0x0fb624a,
-        0x2c7e4cd,0x09b3171,0x0003faf },
-      { 0x045f8ac,0x38bf3cc,0x1e73087,0x0c85d3c,0x314a655,0x382be69,
-        0x384f28f,0x24d6cb3,0x2842cdc,0x1777f5e,0x2929c89,0x03c45ed,
-        0x3cfcc4c,0x0b59322,0x0035657 } },
-    /* 18 */
-    { { 0x18c1bba,0x2eb005f,0x33d57ec,0x30e42c3,0x36058f9,0x1865f43,
-        0x2116e3f,0x2c4a2bb,0x0684033,0x0f1375c,0x0209b98,0x2136e9b,
-        0x1bc4af0,0x0b3e0c7,0x0097c7c },
-      { 0x16010e8,0x398777e,0x2a172f4,0x0814a7e,0x0d97e4e,0x274dfc8,
-        0x2666606,0x1b5c93b,0x1ed3d36,0x3f3304e,0x13488e0,0x02dbb88,
-        0x2d53369,0x3717ce9,0x007cad1 } },
-    /* 19 */
-    { { 0x257a41f,0x2a6a076,0x39b6660,0x04bb000,0x1e74a04,0x3876b45,
-        0x343c6b5,0x0753108,0x3f54668,0x24a13cf,0x23749e8,0x0421fc5,
-        0x32f13b5,0x0f31be7,0x00070f2 },
-      { 0x1186e14,0x0847697,0x0dff542,0x0dff76c,0x084748f,0x2c7d060,
-        0x23aab4d,0x0b43906,0x27ba640,0x1497b59,0x02f5835,0x0a492a4,
-        0x0a6892f,0x39f3e91,0x005844e } },
-    /* 20 */
-    { { 0x33b236f,0x02181cf,0x21dafab,0x0760788,0x019e9d4,0x249ed0a,
-        0x36571e3,0x3c7dbcf,0x1337550,0x010d22a,0x285e62f,0x19ee65a,
-        0x052bf71,0x1d65fd5,0x0062d43 },
-      { 0x2955926,0x3fae7bc,0x0353d85,0x07db7de,0x1440a56,0x328dad6,
-        0x1668ec9,0x28058e2,0x1a1a22d,0x1014afc,0x3609325,0x3effdcb,
-        0x209f3bd,0x3ca3888,0x0094e50 } },
-    /* 21 */
-    { { 0x062e8af,0x0b96ccc,0x136990b,0x1d7a28f,0x1a85723,0x0076dec,
-        0x21b00b2,0x06a88ff,0x2f0ee65,0x1fa49b7,0x39b10ad,0x10b26fa,
-        0x0be7465,0x026e8bf,0x00098e3 },
-      { 0x3f1d63f,0x37bacff,0x1374779,0x02882ff,0x323d0e8,0x1da3de5,
-        0x12bb3b8,0x0a15a11,0x34d1f95,0x2b3dd6e,0x29ea3fa,0x39ad000,
-        0x33a538f,0x390204d,0x0012bd3 } },
-    /* 22 */
-    { { 0x04cbba5,0x0de0344,0x1d4cc02,0x11fe8d7,0x36207e7,0x32a6da8,
-        0x0239281,0x1ec40d7,0x3e89798,0x213fc66,0x0022eee,0x11daefe,
-        0x3e74db8,0x28534ee,0x00aa0a4 },
-      { 0x07d4543,0x250cc46,0x206620f,0x1c1e7db,0x1321538,0x31fa0b8,
-        0x30f74ea,0x01aae0e,0x3a2828f,0x3e9dd22,0x026ef35,0x3c0a62b,
-        0x27dbdc5,0x01c23a6,0x000f0c5 } },
-    /* 23 */
-    { { 0x2f029dd,0x3091337,0x21b80c5,0x21e1419,0x13dabc6,0x3847660,
-        0x12b865f,0x36eb666,0x38f6274,0x0ba6006,0x098da24,0x1398c64,
-        0x13d08e5,0x246a469,0x009929a },
-      { 0x1285887,0x3ff5c8d,0x010237b,0x097c506,0x0bc7594,0x34b9b88,
-        0x00cc35f,0x0bb964a,0x00cfbc4,0x29cd718,0x0837619,0x2b4a192,
-        0x0c57bb7,0x08c69de,0x00a3627 } },
-    /* 24 */
-    { { 0x1361ed8,0x266d724,0x366cae7,0x1d5b18c,0x247d71b,0x2c9969a,
-        0x0dd5211,0x1edd153,0x25998d7,0x0380856,0x3ab29db,0x09366de,
-        0x1e53644,0x2b31ff6,0x008b0ff },
-      { 0x3b5d9ef,0x217448d,0x174746d,0x18afea4,0x15b106d,0x3e66e8b,
-        0x0479f85,0x13793b4,0x1231d10,0x3c39bce,0x25e8983,0x2a13210,
-        0x05a7083,0x382be04,0x00a9507 } },
-    /* 25 */
-    { { 0x0cf381c,0x1a29b85,0x31ccf6c,0x2f708b8,0x3af9d27,0x2a29732,
-        0x168d4da,0x393488d,0x2c0e338,0x3f90c7b,0x0f52ad1,0x2a0a3fa,
-        0x2cd80f1,0x15e7a1a,0x00db6a0 },
-      { 0x107832a,0x159cb91,0x1289288,0x17e21f9,0x073fc27,0x1584342,
-        0x3802780,0x3d6c197,0x154075f,0x16366d1,0x09f712b,0x23a3ec4,
-        0x29cf23a,0x3218baf,0x0039f0a } },
-    /* 26 */
-    { { 0x052edf5,0x2afde13,0x2e53d8f,0x3969626,0x3dcd737,0x1e46ac5,
-        0x118bf0d,0x01b2652,0x156bcff,0x16d7ef6,0x1ca46d4,0x34c0cbb,
-        0x3e486f6,0x1f85068,0x002cdff },
-      { 0x1f47ec8,0x12cee98,0x0608667,0x18fbbe1,0x08a8821,0x31a1fe4,
-        0x17c7054,0x3c89e89,0x2edf6cd,0x1b8c32c,0x3f6ea84,0x1319329,
-        0x3cd3c2c,0x05f331a,0x00186fa } },
-    /* 27 */
-    { { 0x1fcb91e,0x0fd4d87,0x358a48a,0x04d91b4,0x083595e,0x044a1e6,
-        0x15827b9,0x1d5eaf4,0x2b82187,0x08f3984,0x21bd737,0x0c54285,
-        0x2f56887,0x14c2d98,0x00f4684 },
-      { 0x01896f6,0x0e542d0,0x2090883,0x269dfcf,0x1e11cb8,0x239fd29,
-        0x312cac4,0x19dfacb,0x369f606,0x0cc4f75,0x16579f9,0x33c22cc,
-        0x0f22bfd,0x3b251ae,0x006429c } },
-    /* 28 */
-    { { 0x375f9a4,0x137552e,0x3570498,0x2e4a74e,0x24aef06,0x35b9307,
-        0x384ca23,0x3bcd6d7,0x011b083,0x3c93187,0x392ca9f,0x129ce48,
-        0x0a800ce,0x145d9cc,0x00865d6 },
-      { 0x22b4a2b,0x37f9d9c,0x3e0eca3,0x3e5ec20,0x112c04b,0x2e1ae29,
-        0x3ce5b51,0x0f83200,0x32d6a7e,0x10ff1d8,0x081adbe,0x265c30b,
-        0x216b1c8,0x0eb4483,0x003cbcd } },
-    /* 29 */
-    { { 0x030ce93,0x2d331fb,0x20a2fbf,0x1f6dc9c,0x010ed6c,0x1ed5540,
-        0x275bf74,0x3df0fb1,0x103333f,0x0241c96,0x1075bfc,0x30e5cf9,
-        0x0f31bc7,0x32c01eb,0x00b049e },
-      { 0x358839c,0x1dbabd3,0x1e4fb40,0x36a8ac1,0x2101896,0x2d0319b,
-        0x2033b0a,0x192e8fd,0x2ebc8d8,0x2867ba7,0x07bf6d2,0x1b3c555,
-        0x2477deb,0x198fe09,0x008e5a9 } },
-    /* 30 */
-    { { 0x3fbd5e1,0x18bf77d,0x2b1d69e,0x151da44,0x338ecfe,0x0768efe,
-        0x1a3d56d,0x3c35211,0x10e1c86,0x2012525,0x3bc36ce,0x32b6fe4,
-        0x0c8d183,0x15c93f3,0x0041fce },
-      { 0x332c144,0x24e70a0,0x246e05f,0x22c21c7,0x2b17f24,0x1ba2bfd,
-        0x0534e26,0x318a4f6,0x1dc3b85,0x0c741bc,0x23131b7,0x01a8cba,
-        0x364e5db,0x21362cf,0x00f2951 } },
-    /* 31 */
-    { { 0x2ddc103,0x14ffdcd,0x206fd96,0x0de57bd,0x025f43e,0x381b73a,
-        0x2301fcf,0x3bafc27,0x34130b6,0x0216bc8,0x0ff56b2,0x2c4ad4c,
-        0x23c6b79,0x1267fa6,0x009b4fb },
-      { 0x1d27ac2,0x13e2494,0x1389015,0x38d5b29,0x2d33167,0x3f01969,
-        0x28ec1fa,0x1b26de0,0x2587f74,0x1c25668,0x0c44f83,0x23c6f8c,
-        0x32fdbb1,0x045f104,0x00a7946 } },
-    /* 32 */
-    { { 0x23c647b,0x09addd7,0x1348c04,0x0e633c1,0x1bfcbd9,0x1cb034f,
-        0x1312e31,0x11cdcc7,0x1e6ee75,0x057d27f,0x2da7ee6,0x154c3c1,
-        0x3a5fb89,0x2c2ba2c,0x00cf281 },
-      { 0x1b8a543,0x125cd50,0x1d30fd1,0x29cc203,0x341a625,0x14e4233,
-        0x3aae076,0x289e38a,0x036ba02,0x230f405,0x3b21b8f,0x34088b9,
-        0x01297a0,0x03a75fb,0x00fdc27 } },
-    /* 33 */
-    { { 0x07f41d6,0x1cf032f,0x1641008,0x0f86deb,0x3d97611,0x0e110fe,
-        0x136ff42,0x0b914a9,0x0e241e6,0x180c340,0x1f545fc,0x0ba619d,
-        0x1208c53,0x04223a4,0x00cd033 },
-      { 0x397612c,0x0132665,0x34e2d1a,0x00bba99,0x1d4393e,0x065d0a8,
-        0x2fa69ee,0x1643b55,0x08085f0,0x3774aad,0x08a2243,0x33bf149,
-        0x03f41a5,0x1ed950e,0x0048cc6 } },
-    /* 34 */
-    { { 0x014ab48,0x010c3bf,0x2a744e5,0x13c99c1,0x2195b7f,0x32207fd,
-        0x28a228c,0x004f4bf,0x0e2d945,0x2ec6e5a,0x0b92162,0x1aa95e5,
-        0x2754a93,0x1adcd93,0x004fb76 },
-      { 0x1e1ff7f,0x24ef28c,0x269113f,0x32b393c,0x2696eb5,0x0ac2780,
-        0x354bf8a,0x0ffe3fd,0x09ce58e,0x0163c4f,0x1678c0b,0x15cd1bc,
-        0x292b3b7,0x036ea19,0x00d5420 } },
-    /* 35 */
-    { { 0x1da1265,0x0c2ef5b,0x18dd9a0,0x3f3a25c,0x0f7b4f3,0x0d8196e,
-        0x24931f9,0x090729a,0x1875f72,0x1ef39cb,0x2577585,0x2ed472d,
-        0x136756c,0x20553a6,0x00c7161 },
-      { 0x2e32189,0x283de4b,0x00b2e81,0x0989df7,0x3ef2fab,0x1c7d1a7,
-        0x24f6feb,0x3e16679,0x233dfda,0x06d1233,0x3e6b5df,0x1707132,
-        0x05f7b3f,0x2c00779,0x00fb8df } },
-    /* 36 */
-    { { 0x15bb921,0x117e9d3,0x267ec73,0x2f934ad,0x25c7e04,0x20b5e8f,
-        0x2d3a802,0x2ca911f,0x3f87e47,0x39709dd,0x08488e2,0x2cec400,
-        0x35b4589,0x1f0acba,0x009aad7 },
-      { 0x2ac34ae,0x06f29f6,0x3326d68,0x3949abe,0x02452e4,0x0687b85,
-        0x0879244,0x1eb7832,0x0d4c240,0x31d0ec1,0x3c17a2a,0x17a666f,
-        0x01a06cb,0x3e0929c,0x004dca2 } },
-    /* 37 */
-    { { 0x127bc1a,0x0c72984,0x13be68e,0x26c5fab,0x1a3edd5,0x097d685,
-        0x36b645e,0x385799e,0x394a420,0x39d8885,0x0b1e872,0x13f60ed,
-        0x2ce1b79,0x3c0ecb7,0x007cab3 },
-      { 0x29b3586,0x26fc572,0x0bd7711,0x0913494,0x0a55459,0x31af3c9,
-        0x3633eac,0x3e2105c,0x0c2b1b6,0x0e6f4c2,0x047d38c,0x2b81bd5,
-        0x1fe1c3b,0x04d7cd0,0x0054dcc } },
-    /* 38 */
-    { { 0x03caf0d,0x0d66365,0x313356d,0x2a4897f,0x2ce044e,0x18feb7a,
-        0x1f6a7c5,0x3709e7b,0x14473e8,0x2d8cbae,0x3190dca,0x12d19f8,
-        0x31e3181,0x3cc5b6e,0x002d4f4 },
-      { 0x143b7ca,0x2604728,0x39508d6,0x0cb79f3,0x24ec1ac,0x1ed7fa0,
-        0x3ab5fd3,0x3c76488,0x2e49390,0x03a0985,0x3580461,0x3fd2c81,
-        0x308f0ab,0x38561d6,0x0011b9b } },
-    /* 39 */
-    { { 0x3be682c,0x0c68f4e,0x32dd4ae,0x099d3bb,0x0bc7c5d,0x311f750,
-        0x2fd10a3,0x2e7864a,0x23bc14a,0x13b1f82,0x32e495e,0x1b0f746,
-        0x3cd856a,0x17a4c26,0x00085ee },
-      { 0x02e67fd,0x06a4223,0x2af2f38,0x2038987,0x132083a,0x1b7bb85,
-        0x0d6a499,0x131e43f,0x3035e52,0x278ee3e,0x1d5b08b,0x30d8364,
-        0x2719f8d,0x0b21fc9,0x003a06e } },
-    /* 40 */
-    { { 0x237cac0,0x27d6a1c,0x27945cd,0x2750d61,0x293f0b5,0x253db13,
-        0x04a764e,0x20b4d0e,0x12bb627,0x160c13b,0x0de0601,0x236e2cf,
-        0x2190f0b,0x354d76f,0x004336d },
-      { 0x2ab473a,0x10d54e4,0x1046574,0x1d6f97b,0x0031c72,0x06426a9,
-        0x38678c2,0x0b76cf9,0x04f9920,0x152adf8,0x2977e63,0x1234819,
-        0x198be26,0x061024c,0x00d427d } },
-    /* 41 */
-    { { 0x39b5a31,0x2123d43,0x362a822,0x1a2eab6,0x0bb0034,0x0d5d567,
-        0x3a04723,0x3a10c8c,0x08079ae,0x0d27bda,0x2eb9e1e,0x2619e82,
-        0x39a55a8,0x0c6c7db,0x00c1519 },
-      { 0x174251e,0x13ac2eb,0x295ed26,0x18d2afc,0x037b9b2,0x1258344,
-        0x00921b0,0x1f702d8,0x1bc4da7,0x1c3794f,0x12b1869,0x366eacf,
-        0x16ddf01,0x31ebdc5,0x00ad54e } },
-    /* 42 */
-    { { 0x1efdc58,0x1370d5e,0x0ddb8e7,0x1a53fda,0x1456bd3,0x0c825a9,
-        0x0e74ccd,0x20f41c9,0x3423867,0x139073f,0x3c70d8a,0x131fc85,
-        0x219a2a0,0x34bf986,0x0041199 },
-      { 0x1c05dd2,0x268f80a,0x3da9d38,0x1af9f8f,0x0535f2a,0x30ad37e,
-        0x2cf72d7,0x14a509b,0x1f4fe74,0x259e09d,0x1d23f51,0x0672732,
-        0x08fc463,0x00b6201,0x001e05a } },
-    /* 43 */
-    { { 0x0d5ffe8,0x3238bb5,0x17f275c,0x25b6fa8,0x2f8bb48,0x3b8f2d2,
-        0x059790c,0x18594d4,0x285a47c,0x3d301bb,0x12935d2,0x23ffc96,
-        0x3d7c7f9,0x15c8cbf,0x0034c4a },
-      { 0x20376a2,0x05201ba,0x1e02c4b,0x1413c45,0x02ea5e7,0x39575f0,
-        0x2d76e21,0x113694c,0x011f310,0x0da3725,0x31b7799,0x1cb9195,
-        0x0cfd592,0x22ee4ea,0x00adaa3 } },
-    /* 44 */
-    { { 0x14ed72a,0x031c49f,0x39a34bf,0x192e87d,0x0da0e92,0x130e7a9,
-        0x00258bf,0x144e123,0x2d82a71,0x0294e53,0x3f06c66,0x3d4473a,
-        0x037cd4a,0x3bbfb17,0x00fcebc },
-      { 0x39ae8c1,0x2dd6a9d,0x206ef23,0x332b479,0x2deff59,0x09d5720,
-        0x3526fd2,0x33bf7cf,0x344bb32,0x359316a,0x115bdef,0x1b8468a,
-        0x3813ea9,0x11a8450,0x00ab197 } },
-    /* 45 */
-    { { 0x0837d7d,0x1e1617b,0x0ba443c,0x2f2e3b8,0x2ca5b6f,0x176ed7b,
-        0x2924d9d,0x07294d3,0x104bb4f,0x1cfd3e8,0x398640f,0x1162dc8,
-        0x007ea15,0x2aa75fd,0x004231f },
-      { 0x16e6896,0x01987be,0x0f9d53e,0x1a740ec,0x1554e4c,0x31e1634,
-        0x3cb07b9,0x013eb53,0x39352cb,0x1dfa549,0x0974e7f,0x17c55d2,
-        0x157c85f,0x1561adb,0x002e3fa } },
-    /* 46 */
-    { { 0x29951a8,0x35200da,0x2ad042c,0x22109e4,0x3a8b15b,0x2eca69c,
-        0x28bcf9a,0x0cfa063,0x0924099,0x12ff668,0x2fb88dc,0x028d653,
-        0x2445876,0x218d01c,0x0014418 },
-      { 0x1caedc7,0x295bba6,0x01c9162,0x3364744,0x28fb12e,0x24c80b6,
-        0x2719673,0x35e5ba9,0x04aa4cc,0x206ab23,0x1cf185a,0x2c140d8,
-        0x1095a7d,0x1b3633f,0x000c9f8 } },
-    /* 47 */
-    { { 0x0b2a556,0x0a051c4,0x30b29a7,0x190c9ed,0x3767ca9,0x38de66d,
-        0x2d9e125,0x3aca813,0x2dc22a3,0x319e074,0x0d9450a,0x3445bac,
-        0x3e08a5b,0x07f29fa,0x00eccac },
-      { 0x02d6e94,0x21113f7,0x321bde6,0x0a4d7b3,0x03621f4,0x2780e8b,
-        0x22d5432,0x1fc2853,0x0d57d3e,0x254f90b,0x33ed00b,0x289b025,
-        0x12272bb,0x30e715f,0x0000297 } },
-    /* 48 */
-    { { 0x0243a7d,0x2aac42e,0x0c5b3aa,0x0fa3e96,0x06eeef9,0x2b9fdd9,
-        0x26fca39,0x0134fe1,0x22661ab,0x1990416,0x03945d6,0x15e3628,
-        0x3848ca3,0x0f91e46,0x00b08cd },
-      { 0x16d2411,0x3717e1d,0x128c45e,0x3669d54,0x0d4a790,0x2797da8,
-        0x0f09634,0x2faab0b,0x27df649,0x3b19b49,0x0467039,0x39b65a2,
-        0x3816f3c,0x31ad0bd,0x0050046 } },
-    /* 49 */
-    { { 0x2425043,0x3858099,0x389092a,0x3f7c236,0x11ff66a,0x3c58b39,
-        0x2f5a7f8,0x1663ce1,0x2a0fcf5,0x38634b7,0x1a8ca18,0x0dcace8,
-        0x0e6f778,0x03ae334,0x00df0d2 },
-      { 0x1bb4045,0x357875d,0x14b77ed,0x33ae5b6,0x2252a47,0x31899dd,
-        0x3293582,0x040c6f6,0x14340dd,0x3614f0e,0x3d5f47f,0x326fb3d,
-        0x0044a9d,0x00beeb9,0x0027c23 } },
-    /* 50 */
-    { { 0x32d49ce,0x34822a3,0x30a22d1,0x00858b7,0x10d91aa,0x2681fd9,
-        0x1cce870,0x2404a71,0x38b8433,0x377c1c8,0x019442c,0x0a38b21,
-        0x22aba50,0x0d61c81,0x002dcbd },
-      { 0x0680967,0x2f0f2f9,0x172cb5f,0x1167e4b,0x12a7bc6,0x05b0da7,
-        0x2c76e11,0x3a36201,0x37a3177,0x1d71419,0x0569df5,0x0dce7ad,
-        0x3f40b75,0x3bd8db0,0x002d481 } },
-    /* 51 */
-    { { 0x2a1103e,0x34e7f7f,0x1b171a2,0x24a57e0,0x2eaae55,0x166c992,
-        0x10aa18f,0x0bb836f,0x01acb59,0x0e430e7,0x1750cca,0x18be036,
-        0x3cc6cdf,0x0a0f7e5,0x00da4d8 },
-      { 0x2201067,0x374d187,0x1f6b0a6,0x165a7ec,0x31531f8,0x3580487,
-        0x15e5521,0x0724522,0x2b04c04,0x202c86a,0x3cc1ccf,0x225b11a,
-        0x1bde79d,0x0eccc50,0x00d24da } },
-    /* 52 */
-    { { 0x3b0a354,0x2814dd4,0x1cd8575,0x3d031b7,0x0392ff2,0x1855ee5,
-        0x0e8cff5,0x203442e,0x3bd3b1b,0x141cf95,0x3fedee1,0x1d783c0,
-        0x26f192a,0x0392aa3,0x0075238 },
-      { 0x158ffe9,0x3889f19,0x14151f4,0x06067b1,0x13a3486,0x1e65c21,
-        0x382d5ef,0x1ab0aac,0x2ffddc4,0x3179b7a,0x3c8d094,0x05101e3,
-        0x237c6e5,0x3947d83,0x00f674f } },
-    /* 53 */
-    { { 0x363408f,0x21eb96b,0x27376fb,0x2a735d6,0x1a39c36,0x3d31863,
-        0x33313fc,0x32235e0,0x082f034,0x23ef351,0x39b3528,0x1a69d84,
-        0x1d9c944,0x07159ad,0x0077a71 },
-      { 0x04f8d65,0x25771e5,0x2ba84a6,0x194586a,0x1e6da5f,0x118059a,
-        0x14e9c32,0x1d24619,0x3f528ae,0x22f22e4,0x0f5580d,0x0747a0e,
-        0x32cc85f,0x286b3a8,0x008ccf9 } },
-    /* 54 */
-    { { 0x196fee2,0x2c4431c,0x094528a,0x18e1d32,0x175799d,0x26bb6b7,
-        0x2293482,0x23fd289,0x07b2be8,0x1a5c533,0x158d60d,0x04a4f3f,
-        0x164e9f7,0x32ccca9,0x00da6b6 },
-      { 0x1d821c2,0x3f76c4f,0x323df43,0x17e4374,0x0f2f278,0x121227e,
-        0x2464190,0x19d2644,0x326d24c,0x3185983,0x0803c15,0x0767a33,
-        0x1c4c996,0x0563eab,0x00631c6 } },
-    /* 55 */
-    { { 0x1752366,0x0baf83f,0x288bacf,0x0384e6f,0x2b93c34,0x3c805e7,
-        0x3664850,0x29e1663,0x254ff1d,0x3852080,0x0f85c16,0x1e389d9,
-        0x3191352,0x3915eaa,0x00a246e },
-      { 0x3763b33,0x187ad14,0x3c0d438,0x3f11702,0x1c49f03,0x35ac7a8,
-        0x3f16bca,0x27266bf,0x08b6fd4,0x0f38ce4,0x37fde8c,0x147a6ff,
-        0x02c5e5c,0x28e7fc5,0x00076a7 } },
-    /* 56 */
-    { { 0x2338d10,0x0e77fa7,0x011b046,0x1bfd0ad,0x28ee699,0x21d73bc,
-        0x0461d1a,0x342ea58,0x2d695b4,0x30415ed,0x2906e0b,0x18e494a,
-        0x20f8a27,0x026b870,0x002c19f },
-      { 0x2f4c43d,0x3f0fc3b,0x0aa95b8,0x2a01ea1,0x3e2e1b1,0x0d74af6,
-        0x0555288,0x0cb757d,0x24d2071,0x143d2bb,0x3907f67,0x3e0ce30,
-        0x131f0e9,0x3724381,0x007a874 } },
-    /* 57 */
-    { { 0x3c27050,0x08b5165,0x0bf884b,0x3dd679c,0x3bd0b8d,0x25ce2e6,
-        0x1674057,0x1f13ed3,0x1f5cd91,0x0d1fd35,0x13ce6e3,0x2671338,
-        0x10f8b90,0x34e5487,0x00942bf },
-      { 0x03b566d,0x23c3da9,0x37de502,0x1a486ff,0x1af6e86,0x1108cb3,
-        0x36f856c,0x01a6a0f,0x179f915,0x1595a01,0x2cfecb8,0x082568b,
-        0x1ba16d1,0x1abb6c0,0x00cf7f0 } },
-    /* 58 */
-    { { 0x2f96c80,0x1b8f123,0x209c0f5,0x2ccf76d,0x1d521f2,0x3705143,
-        0x2941027,0x07f88af,0x07102a9,0x38b4868,0x1efa37d,0x1bdd3e8,
-        0x028a12e,0x02e055b,0x009a9a9 },
-      { 0x1c7dfcb,0x3aa7aa7,0x1d62c54,0x3f0b0b0,0x3c74e66,0x274f819,
-        0x23f9674,0x0e2b67c,0x24654dd,0x0c71f0e,0x1946cee,0x0016211,
-        0x0045dc7,0x0da1173,0x0089856 } },
-    /* 59 */
-    { { 0x0e73946,0x29f353f,0x056329d,0x2d48c5a,0x28f697d,0x2ea4bb1,
-        0x235e9cc,0x34faa38,0x15f9f91,0x3557519,0x2a50a6c,0x1a27c8e,
-        0x2a1a0f3,0x3098879,0x00dcf21 },
-      { 0x1b818bf,0x2f20b98,0x2243cff,0x25b691e,0x3c74a2f,0x2f06833,
-        0x0e980a8,0x32db48d,0x2b57929,0x33cd7f5,0x2fe17d6,0x11a384b,
-        0x2dafb81,0x2b9562c,0x00ddea6 } },
-    /* 60 */
-    { { 0x2787b2e,0x37a21df,0x310d294,0x07ce6a4,0x1258acc,0x3050997,
-        0x19714aa,0x122824b,0x11c708b,0x0462d56,0x21abbf7,0x331aec3,
-        0x307b927,0x3e8d5a0,0x00c0581 },
-      { 0x24d4d58,0x3d628fc,0x23279e0,0x2e38338,0x2febe9b,0x346f9c0,
-        0x3d6a419,0x3264e47,0x245faca,0x3669f62,0x1e50d66,0x3028232,
-        0x18201ab,0x0bdc192,0x0002c34 } },
-    /* 61 */
-    { { 0x17bdbc2,0x1c501c5,0x1605ccd,0x31ab438,0x372fa89,0x24a8057,
-        0x13da2bb,0x3f95ac7,0x3cda0a3,0x1e2b679,0x24f0673,0x03b72f4,
-        0x35be616,0x2ccd849,0x0079d4d },
-      { 0x33497c4,0x0c7f657,0x2fb0d3d,0x3b81064,0x38cafea,0x0e942bc,
-        0x3ca7451,0x2ab9784,0x1678c85,0x3c62098,0x1eb556f,0x01b3aa2,
-        0x149f3ce,0x2656f6d,0x002eef1 } },
-    /* 62 */
-    { { 0x0596edc,0x1f4fad4,0x03a28ed,0x18a4149,0x3aa3593,0x12db40a,
-        0x12c2c2a,0x3b1a288,0x327c4fb,0x35847f5,0x384f733,0x02e3fde,
-        0x1af0e8a,0x2e417c3,0x00d85a6 },
-      { 0x0091cf7,0x2267d75,0x276860e,0x19cbbfc,0x04fef2b,0x030ce59,
-        0x3195cb1,0x1aa3f07,0x3699362,0x2a09d74,0x0d6c840,0x1e413d0,
-        0x28acdc7,0x1ff5ea1,0x0088d8b } },
-    /* 63 */
-    { { 0x3d98425,0x08dc8de,0x154e85f,0x24b1c2c,0x2d44639,0x19a1e8b,
-        0x300ee29,0x053f72e,0x3f7c832,0x12417f6,0x1359368,0x0674a4c,
-        0x1218e20,0x0e4fbd4,0x000428c },
-      { 0x01e909a,0x1d88fe6,0x12da40c,0x215ef86,0x2925133,0x004241f,
-        0x3e480f4,0x2d16523,0x07c3120,0x3375e86,0x21fd8f3,0x35dc0b6,
-        0x0efc5c9,0x14ef8d6,0x0066e47 } },
-    /* 64 */
-    { { 0x2973cf4,0x34d3845,0x34f7070,0x22df93c,0x120aee0,0x3ae2b4a,
-        0x1af9b95,0x177689a,0x036a6a4,0x0377828,0x23df41e,0x22d4a39,
-        0x0df2aa1,0x06ca898,0x0003cc7 },
-      { 0x06b1dd7,0x19dc2a8,0x35d324a,0x0467499,0x25bfa9c,0x1a1110c,
-        0x01e2a19,0x1b3c1cf,0x18d131a,0x10d9815,0x2ee7945,0x0a2720c,
-        0x0ddcdb0,0x2c071b6,0x00a6aef } },
-    /* 65 */
-    { { 0x1ab5245,0x1192d00,0x13ffba1,0x1b71236,0x09b8d0b,0x0eb49cb,
-        0x1867dc9,0x371de4e,0x05eae9f,0x36faf82,0x094ea8b,0x2b9440e,
-        0x022e173,0x2268e6b,0x00740fc },
-      { 0x0e23b23,0x22c28ca,0x04d05e2,0x0bb84c4,0x1235272,0x0289903,
-        0x267a18b,0x0df0fd1,0x32e49bb,0x2ab1d29,0x281e183,0x3dcd3c3,
-        0x1c0eb79,0x2db0ff6,0x00bffe5 } },
-    /* 66 */
-    { { 0x2a2123f,0x0d63d71,0x1f6db1a,0x257f8a3,0x1927b2d,0x06674be,
-        0x302753f,0x20b7225,0x14c1a3f,0x0429cdd,0x377affe,0x0f40a75,
-        0x2d34d06,0x05fb6b9,0x0054398 },
-      { 0x38b83c4,0x1e7bbda,0x1682f79,0x0527651,0x2615cb2,0x1795fab,
-        0x0e4facc,0x11f763c,0x1b81130,0x2010ae2,0x13f3650,0x20d5b72,
-        0x1f32f88,0x34617f4,0x00bf008 } },
-    /* 67 */
-    { { 0x28068db,0x0aa8913,0x1a47801,0x10695ca,0x1c72cc6,0x0fc1a47,
-        0x33df2c4,0x0517cf0,0x3471d92,0x1be815c,0x397f794,0x3f03cbe,
-        0x121bfae,0x172cbe0,0x00813d7 },
-      { 0x383bba6,0x04f1c90,0x0b3f056,0x1c29089,0x2a924ce,0x3c85e69,
-        0x1cecbe5,0x0ad8796,0x0aa79f6,0x25e38ba,0x13ad807,0x30b30ed,
-        0x0fa963a,0x35c763d,0x0055518 } },
-    /* 68 */
-    { { 0x0623f3b,0x3ca4880,0x2bff03c,0x0457ca7,0x3095c71,0x02a9a08,
-        0x1722478,0x302c10b,0x3a17458,0x001131e,0x0959ec2,0x18bdfbc,
-        0x2929fca,0x2adfe32,0x0040ae2 },
-      { 0x127b102,0x14ddeaa,0x1771b8c,0x283700c,0x2398a86,0x085a901,
-        0x108f9dc,0x0cc0012,0x33a918d,0x26d08e9,0x20b9473,0x12c3fc7,
-        0x1f69763,0x1c94b5a,0x00e29de } },
-    /* 69 */
-    { { 0x035af04,0x3450021,0x12da744,0x077fb06,0x25f255b,0x0db7150,
-        0x17dc123,0x1a2a07c,0x2a7636a,0x3972430,0x3704ca1,0x0327add,
-        0x3d65a96,0x3c79bec,0x009de8c },
-      { 0x11d3d06,0x3fb8354,0x12c7c60,0x04fe7ad,0x0466e23,0x01ac245,
-        0x3c0f5f2,0x2a935d0,0x3ac2191,0x090bd56,0x3febdbc,0x3f1f23f,
-        0x0ed1cce,0x02079ba,0x00d4fa6 } },
-    /* 70 */
-    { { 0x0ab9645,0x10174ec,0x3711b5e,0x26357c7,0x2aeec7f,0x2170a9b,
-        0x1423115,0x1a5122b,0x39e512c,0x18116b2,0x290db1c,0x041b13a,
-        0x26563ae,0x0f56263,0x00b89f3 },
-      { 0x3ed2ce4,0x01f365f,0x1b2043b,0x05f7605,0x1f9934e,0x2a068d2,
-        0x38d4d50,0x201859d,0x2de5291,0x0a7985a,0x17e6711,0x01b6c1b,
-        0x08091fa,0x33c6212,0x001da23 } },
-    /* 71 */
-    { { 0x2f2c4b5,0x311acd0,0x1e47821,0x3bd9816,0x1931513,0x1bd4334,
-        0x30ae436,0x2c49dc0,0x2c943e7,0x010ed4d,0x1fca536,0x189633d,
-        0x17abf00,0x39e5ad5,0x00e4e3e },
-      { 0x0c8b22f,0x2ce4009,0x1054bb6,0x307f2fc,0x32eb5e2,0x19d24ab,
-        0x3b18c95,0x0e55e4d,0x2e4acf5,0x1bc250c,0x1dbf3a5,0x17d6a74,
-        0x087cf58,0x07f6f82,0x00f8675 } },
-    /* 72 */
-    { { 0x110e0b2,0x0e672e7,0x11b7157,0x1598371,0x01c0d59,0x3d60c24,
-        0x096b8a1,0x0121075,0x0268859,0x219962f,0x03213f2,0x3022adc,
-        0x18de488,0x3dcdeb9,0x008d2e0 },
-      { 0x06cfee6,0x26f2552,0x3c579b7,0x31fa796,0x2036a26,0x362ba5e,
-        0x103601c,0x012506b,0x387ff3a,0x101a41f,0x2c7eb58,0x23d2efc,
-        0x10a5a07,0x2fd5fa3,0x00e3731 } },
-    /* 73 */
-    { { 0x1cd0abe,0x08a0af8,0x2fa272f,0x17a1fbf,0x1d4f901,0x30e0d2f,
-        0x1898066,0x273b674,0x0c1b8a2,0x3272337,0x3ee82eb,0x006e7d3,
-        0x2a75606,0x0af1c81,0x0037105 },
-      { 0x2f32562,0x2842491,0x1bb476f,0x1305cd4,0x1daad53,0x0d8daed,
-        0x164c37b,0x138030f,0x05145d5,0x300e2a3,0x32c09e7,0x0798600,
-        0x3515130,0x2b9e55c,0x009764e } },
-    /* 74 */
-    { { 0x3d5256a,0x06c67f2,0x3a3b879,0x3c9b284,0x04007e0,0x33c1a41,
-        0x3794604,0x1d6240e,0x022b6c1,0x22c62a7,0x01d4590,0x32df5f6,
-        0x368f1a1,0x2a7486e,0x006e13f },
-      { 0x31e6e16,0x20f18a9,0x09ed471,0x23b861d,0x15cf0ef,0x397b502,
-        0x1c7f9b2,0x05f84b2,0x2cce6e1,0x3c10bba,0x13fb5a7,0x1b52058,
-        0x1feb1b8,0x03b7279,0x00ea1cf } },
-    /* 75 */
-    { { 0x2a4cc9b,0x15cf273,0x08f36e6,0x076bf3b,0x2541796,0x10e2dbd,
-        0x0bf02aa,0x3aa2201,0x03cdcd4,0x3ee252c,0x3799571,0x3e01fa4,
-        0x156e8d0,0x1fd6188,0x003466a },
-      { 0x2515664,0x166b355,0x2b0b51e,0x0f28f17,0x355b0f9,0x2909e76,
-        0x206b026,0x3823a12,0x179c5fa,0x0972141,0x2663a1a,0x01ee36e,
-        0x3fc8dcf,0x2ef3d1b,0x0049a36 } },
-    /* 76 */
-    { { 0x2d93106,0x3d6b311,0x3c9ce47,0x382aa25,0x265b7ad,0x0b5f92f,
-        0x0f4c941,0x32aa4df,0x380d4b2,0x0e8aba6,0x260357a,0x1f38273,
-        0x0d5f95e,0x199f23b,0x0029f77 },
-      { 0x0a0b1c5,0x21a3d6a,0x0ad8df6,0x33d8a5e,0x1240858,0x30000a8,
-        0x3ac101d,0x2a8143d,0x1d7ffe9,0x1c74a2a,0x1b962c9,0x1261359,
-        0x0c8b274,0x002cf4a,0x00a8a7c } },
-    /* 77 */
-    { { 0x211a338,0x22a14ab,0x16e77c5,0x3c746be,0x3a78613,0x0d5731c,
-        0x1767d25,0x0b799fa,0x009792a,0x09ae8dc,0x124386b,0x183d860,
-        0x176747d,0x14c4445,0x00ab09b },
-      { 0x0eb9dd0,0x0121066,0x032895a,0x330541c,0x1e6c17a,0x2271b92,
-        0x06da454,0x054c2bf,0x20abb21,0x0ead169,0x3d7ea93,0x2359649,
-        0x242c6c5,0x3194255,0x00a3ef3 } },
-    /* 78 */
-    { { 0x3010879,0x1083a77,0x217989d,0x174e55d,0x29d2525,0x0e544ed,
-        0x1efd50e,0x30c4e73,0x05bd5d1,0x0793bf9,0x3f7af77,0x052779c,
-        0x2b06bc0,0x13d0d02,0x0055a6b },
-      { 0x3eaf771,0x094947a,0x0288f13,0x0a21e35,0x22ab441,0x23816bf,
-        0x15832e1,0x2d8aff3,0x348cc1f,0x2bbd4a8,0x01c4792,0x34209d3,
-        0x06dc72b,0x211a1df,0x00345c5 } },
-    /* 79 */
-    { { 0x2a65e90,0x173ac2f,0x199cde1,0x0ac905b,0x00987f7,0x3618f7b,
-        0x1b578df,0x0d5e113,0x34bac6a,0x27d85ed,0x1b48e99,0x18af5eb,
-        0x1a1be9e,0x3987aac,0x00877ca },
-      { 0x2358610,0x3776a8e,0x2b0723a,0x344c978,0x22fc4d6,0x1615d53,
-        0x3198f51,0x2d61225,0x12cb392,0x07dd061,0x355f7de,0x09e0132,
-        0x0efae99,0x13b46aa,0x00e9e6c } },
-    /* 80 */
-    { { 0x0683186,0x36d8e66,0x0ea9867,0x0937731,0x1fb5cf4,0x13c39ef,
-        0x1a7ffed,0x27dfb32,0x31c7a77,0x09f15fd,0x16b25ef,0x1dd01e7,
-        0x0168090,0x240ed02,0x0090eae },
-      { 0x2e1fceb,0x2ab9783,0x1a1fdf2,0x093a1b0,0x33ff1da,0x2864fb7,
-        0x3587d6c,0x275aa03,0x123dc9b,0x0e95a55,0x0592030,0x2102402,
-        0x1bdef7b,0x37f2e9b,0x001efa4 } },
-    /* 81 */
-    { { 0x0540015,0x20e3e78,0x37dcfbd,0x11b0e41,0x02c3239,0x3586449,
-        0x1fb9e6a,0x0baa22c,0x00c0ca6,0x3e58491,0x2dbe00f,0x366d4b0,
-        0x176439a,0x2a86b86,0x00f52ab },
-      { 0x0ac32ad,0x226250b,0x0f91d0e,0x1098aa6,0x3dfb79e,0x1dbd572,
-        0x052ecf2,0x0f84995,0x0d27ad2,0x036c6b0,0x1e4986f,0x2317dab,
-        0x2327df6,0x0dee0b3,0x00389ac } },
-    /* 82 */
-    { { 0x0e60f5b,0x0622d3e,0x2ada511,0x05522a8,0x27fe670,0x206af28,
-        0x333cb83,0x3f25f6c,0x19ddaf3,0x0ec579b,0x36aabc0,0x093dbac,
-        0x348b44b,0x277dca9,0x00c5978 },
-      { 0x1cf5279,0x32e294a,0x1a6c26f,0x3f006b6,0x37a3c6b,0x2e2eb26,
-        0x2cf88d4,0x3410619,0x1899c80,0x23d3226,0x30add14,0x2810905,
-        0x01a41f0,0x11e5176,0x005a02f } },
-    /* 83 */
-    { { 0x1c90202,0x321df30,0x3570fa5,0x103e2b1,0x3d099d4,0x05e207d,
-        0x0a5b1bd,0x0075d0a,0x3db5b25,0x2d87899,0x32e4465,0x226fc13,
-        0x24cb8f8,0x3821daa,0x004da3a },
-      { 0x3e66861,0x03f89b8,0x386d3ef,0x14ccc62,0x35e7729,0x11ce5b7,
-        0x035fbc7,0x3f4df0f,0x29c439f,0x1144568,0x32d7037,0x312f65e,
-        0x06b9dbf,0x03a9589,0x0008863 } },
-    /* 84 */
-    { { 0x0a9e8c9,0x1a19b6e,0x091ecd9,0x2e16ee0,0x2a11963,0x116cf34,
-        0x390d530,0x194131f,0x2b580f3,0x31d569c,0x21d3751,0x3e2ce64,
-        0x193de46,0x32454f0,0x004bffd },
-      { 0x09554e7,0x170126e,0x2be6cd1,0x153de89,0x0353c67,0x350765c,
-        0x202370b,0x1db01e5,0x30b12b1,0x3778591,0x00c8809,0x2e845d5,
-        0x1fb1e56,0x170f90d,0x00e2db3 } },
-    /* 85 */
-    { { 0x328e33f,0x392aad8,0x36d1d71,0x0aebe04,0x1548678,0x1b55c8c,
-        0x24995f8,0x2a5a01e,0x1bd1651,0x37c7c29,0x36803b6,0x3716c91,
-        0x1a935a5,0x32f10b7,0x005c587 },
-      { 0x2e8b4c0,0x336ccae,0x11382b6,0x22ec4cc,0x066d159,0x35fa585,
-        0x23b2d25,0x3017528,0x2a674a8,0x3a4f900,0x1a7ce82,0x2b2539b,
-        0x3d46545,0x0a07918,0x00eb9f8 } },
-    /* 86 */
-    { { 0x2cf5b9b,0x03e747f,0x166a34e,0x0afc81a,0x0a115b1,0x3aa814d,
-        0x11cf3b1,0x163e556,0x3cbfb15,0x157c0a4,0x1bc703a,0x2141e90,
-        0x01f811c,0x207218b,0x0092e6b },
-      { 0x1af24e3,0x3af19b3,0x3c70cc9,0x335cbf3,0x068917e,0x055ee92,
-        0x09a9308,0x2cac9b7,0x008b06a,0x1175097,0x36e929c,0x0be339c,
-        0x0932436,0x15f18ba,0x0009f6f } },
-    /* 87 */
-    { { 0x29375fb,0x35ade34,0x11571c7,0x07b8d74,0x3fabd85,0x090fa91,
-        0x362dcd4,0x02c3fdb,0x0608fe3,0x2477649,0x3fc6e70,0x059b7eb,
-        0x1e6a708,0x1a4c220,0x00c6c4c },
-      { 0x2a53fb0,0x1a3e1f5,0x11f9203,0x27e7ad3,0x038718e,0x3f5f9e4,
-        0x308acda,0x0a8700f,0x34472fe,0x3420d7a,0x08076e5,0x014240e,
-        0x0e7317e,0x197a98e,0x00538f7 } },
-    /* 88 */
-    { { 0x2663b4b,0x0927670,0x38dd0e0,0x16d1f34,0x3e700ab,0x3119567,
-        0x12559d2,0x399b6c6,0x0a84bcd,0x163e7dd,0x3e2aced,0x058548c,
-        0x03a5bad,0x011cf74,0x00c155c },
-      { 0x3e454eb,0x2a1e64e,0x1ccd346,0x36e0edf,0x266ee94,0x2e74aaf,
-        0x2d8378a,0x3cd547d,0x1d27733,0x0928e5b,0x353553c,0x26f502b,
-        0x1d94341,0x2635cc7,0x00d0ead } },
-    /* 89 */
-    { { 0x0142408,0x382c3bb,0x3310908,0x2e50452,0x398943c,0x1d0ac75,
-        0x1bf7d81,0x04bd00f,0x36b6934,0x3349c37,0x0f69e20,0x0195252,
-        0x243a1c5,0x030da5f,0x00a76a9 },
-      { 0x224825a,0x28ce111,0x34c2e0f,0x02e2b30,0x382e48c,0x26853ca,
-        0x24bd14e,0x0200dec,0x1e24db3,0x0d3d775,0x132da0a,0x1dea79e,
-        0x253dc0c,0x03c9d31,0x0020db9 } },
-    /* 90 */
-    { { 0x26c5fd9,0x05e6dc3,0x2eea261,0x08db260,0x2f8bec1,0x1255edf,
-        0x283338d,0x3d9a91d,0x2640a72,0x03311f9,0x1bad935,0x152fda8,
-        0x0e95abd,0x31abd15,0x00dfbf4 },
-      { 0x107f4fa,0x29ebe9a,0x27353f7,0x3821972,0x27311fa,0x2925ab6,
-        0x337ab82,0x2de6c91,0x1f115fe,0x044f909,0x21b93c2,0x3a5f142,
-        0x13eb5e9,0x3ab1377,0x00b26b6 } },
-    /* 91 */
-    { { 0x22e5f2b,0x2ae7d4a,0x1ac481c,0x0a6fce1,0x2f93caf,0x242658e,
-        0x3f35c3c,0x050f3d2,0x30074c9,0x142079c,0x0281b4c,0x295fea3,
-        0x007413e,0x01726cd,0x00e4979 },
-      { 0x1ab3cfb,0x1b76295,0x36adf55,0x1ad4636,0x1d444b9,0x3bd2e55,
-        0x35425a5,0x1aa8cd3,0x3acecd2,0x1f769e8,0x1a655e9,0x1f6846f,
-        0x24c70b5,0x3bff080,0x0002da3 } },
-    /* 92 */
-    { { 0x081d0d9,0x2c00d99,0x1fe2e24,0x396063f,0x03740db,0x243f680,
-        0x3c1f451,0x1ff7b07,0x2803cf2,0x38ca724,0x2934f43,0x0d72d4d,
-        0x0e8fe74,0x2975e21,0x002b505 },
-      { 0x11adcc9,0x331a99c,0x21e16cf,0x1714c78,0x1f03432,0x2caa2a6,
-        0x34a9679,0x2f7fe8b,0x0423c21,0x1a757ce,0x31b57d6,0x171e044,
-        0x093b9b2,0x13602e0,0x00db534 } },
-    /* 93 */
-    { { 0x250a2f5,0x0b999eb,0x21d10d7,0x22b92a1,0x39b7f8d,0x0c37c72,
-        0x29f70f3,0x3bf0e84,0x1d7e04f,0x07a42a9,0x272c3ae,0x1587b2f,
-        0x155faff,0x10a336e,0x000d8fb },
-      { 0x3663784,0x0d7dcf5,0x056ad22,0x319f8b1,0x0c05bae,0x2b6ff33,
-        0x0292e42,0x0435797,0x188efb1,0x0d3f45e,0x119d49f,0x395dcd3,
-        0x279fe27,0x133a13d,0x00188ac } },
-    /* 94 */
-    { { 0x396c53e,0x0d133e9,0x009b7ee,0x13421a0,0x1bbf607,0x1d284a5,
-        0x1594f74,0x18cb47c,0x2dcac11,0x2999ddb,0x04e2fa5,0x1889e2c,
-        0x0a89a18,0x33cb215,0x0052665 },
-      { 0x104ab58,0x1d91920,0x3d6d7e3,0x04dc813,0x1167759,0x13a8466,
-        0x0a06a54,0x103761b,0x25b1c92,0x26a8fdd,0x2474614,0x21406a4,
-        0x251d75f,0x38c3734,0x007b982 } },
-    /* 95 */
-    { { 0x15f3060,0x3a7bf30,0x3be6e44,0x0baa1fa,0x05ad62f,0x1e54035,
-        0x099d41c,0x2a744d9,0x1c0336f,0x3e99b5b,0x1afd3b1,0x2bf1255,
-        0x1822bf8,0x2c93972,0x001d8cc },
-      { 0x1d7584b,0x0508ade,0x20dd403,0x203a8fc,0x1c54a05,0x1611a31,
-        0x037c8f9,0x1dcd4fe,0x110fbea,0x30f60bc,0x3dffe2f,0x26a1de1,
-        0x0480367,0x18ec81c,0x0048eba } },
-    /* 96 */
-    { { 0x346e2f6,0x0435077,0x036789b,0x3e06545,0x313ab57,0x351a721,
-        0x3372b91,0x15e6019,0x2fa4f6c,0x3c30656,0x272c9ac,0x10e84a8,
-        0x2bdacea,0x232d9e2,0x009dadd },
-      { 0x182579a,0x15b1af8,0x02d8cce,0x36cb49b,0x086feba,0x2911d17,
-        0x268ee12,0x011e871,0x18698dc,0x35602b3,0x11b9ec2,0x0ade731,
-        0x0f6a05a,0x1821015,0x00007da } },
-    /* 97 */
-    { { 0x3b00dd0,0x328d485,0x27a69e3,0x32c3a06,0x1046779,0x120b61c,
-        0x19fef3d,0x0fef2e6,0x134d923,0x039bce0,0x348cd0e,0x0b0c007,
-        0x066ae11,0x15d8f1b,0x00934e7 },
-      { 0x33234dc,0x353f0f5,0x2fc1b44,0x18a193a,0x2fcae20,0x1afbc86,
-        0x3afe252,0x17f7e10,0x107f3b7,0x2d84d54,0x394c2e6,0x19e96a9,
-        0x0a37283,0x26c6152,0x003d262 } },
-    /* 98 */
-    { { 0x37cfaf8,0x01863d0,0x0299623,0x32c80cb,0x25b8742,0x0a4d90e,
-        0x1f72472,0x13de652,0x31a0946,0x0ee0103,0x0f25414,0x2518b49,
-        0x07e7604,0x1488d9b,0x00abd6b },
-      { 0x1338f55,0x2ce4af5,0x1a0c119,0x3380525,0x21a80a9,0x235d4df,
-        0x118ca7f,0x2dd8bcc,0x1c26bf4,0x32dc56b,0x28482b6,0x1418596,
-        0x3c84d24,0x1f1a5a9,0x00d958d } },
-    /* 99 */
-    { { 0x1c21f31,0x22aa1ef,0x258c9ad,0x2d2018f,0x0adb3ca,0x01f75ee,
-        0x186283b,0x31ad3bf,0x3621be7,0x3b1ee6d,0x015582d,0x3d61d04,
-        0x2ddf32e,0x14b8a66,0x00c970c },
-      { 0x2f24d66,0x00b8a88,0x100a78f,0x041d330,0x2efec1d,0x24c5b86,
-        0x2a6a390,0x37526bc,0x2055849,0x3339f08,0x16bffc4,0x07f9d72,
-        0x06ec09c,0x3f49ee8,0x00cad98 } },
-    /* 100 */
-    { { 0x248b73e,0x1b8b42d,0x285eed7,0x39473f4,0x1a9f92c,0x3b44f78,
-        0x086c062,0x06a4ea3,0x34ea519,0x3c74e95,0x1ad1b8b,0x1737e2c,
-        0x2cfe338,0x0a291f4,0x00bbecc },
-      { 0x1cec548,0x0c9b01a,0x20b298d,0x377c902,0x24f5bc1,0x2415c8d,
-        0x1a70622,0x2529090,0x1c5c682,0x283f1ba,0x2319f17,0x0120e2e,
-        0x01c6f4d,0x33c67ff,0x008b612 } },
-    /* 101 */
-    { { 0x03830eb,0x02d4053,0x10c59bb,0x0f23b83,0x13d08f8,0x26ea4e2,
-        0x2626427,0x0a45292,0x0449cbc,0x0175750,0x074c46f,0x27ae0f8,
-        0x2d7d6ae,0x163dd3a,0x0063bb7 },
-      { 0x2bb29e0,0x034bab1,0x341e1c4,0x21d2c0b,0x295aa2d,0x0f2c666,
-        0x1891755,0x13db64a,0x2fe5158,0x337646e,0x31a1aae,0x057bee4,
-        0x00f9e37,0x396d19e,0x00c1b6a } },
-    /* 102 */
-    { { 0x2772f41,0x34f92d0,0x39d1cde,0x174ef2d,0x03a700d,0x03fbb98,
-        0x30d50e8,0x352ed10,0x1fcf5e5,0x3d113bc,0x26e358f,0x180653f,
-        0x1b43cc6,0x3cc9aa4,0x00e68a2 },
-      { 0x37fe4d2,0x09dd725,0x01eb584,0x171f8a9,0x278fdef,0x3e37c03,
-        0x3bec02f,0x149757c,0x0cd5852,0x37d2e10,0x0e6988b,0x1c120e9,
-        0x0b83708,0x38e7319,0x0039499 } },
-    /* 103 */
-    { { 0x08df5fe,0x177a02c,0x0362fc0,0x1f18ee8,0x00c1295,0x173c50a,
-        0x379414d,0x1885ba8,0x32a54ef,0x2315644,0x39e65cf,0x357c4be,
-        0x1d66333,0x09e05a5,0x0009c60 },
-      { 0x1f7a2fb,0x073b518,0x2eb83ac,0x11353d7,0x1dd8384,0x0c63f2b,
-        0x238c6c8,0x2a1920a,0x2e5e9f1,0x1cc56f8,0x042daf4,0x1ed5dc5,
-        0x25f9e31,0x012a56a,0x0081b59 } },
-    /* 104 */
-    { { 0x321d232,0x2c71422,0x3a756b6,0x30230b2,0x387f3db,0x3a7c3eb,
-        0x274b46a,0x201e69f,0x185bb7b,0x140da82,0x0d974a2,0x0616e42,
-        0x35ec94f,0x3bc366b,0x005aa7c },
-      { 0x3dcfffc,0x19a9c15,0x3225e05,0x36ae114,0x16ea311,0x0cda2aa,
-        0x2a1a8d2,0x154b5cb,0x08348cd,0x17b66c8,0x080ea43,0x21e59f3,
-        0x04173b9,0x31d5b04,0x00ad735 } },
-    /* 105 */
-    { { 0x2e76ef4,0x216acf3,0x2b93aea,0x112bc74,0x3449974,0x2b2e48f,
-        0x11929be,0x2f03021,0x19051e3,0x0ac202d,0x19be68a,0x3b87619,
-        0x26cdac4,0x086592c,0x00f00de },
-      { 0x2e90d4d,0x3ed703c,0x2c648d7,0x29ddf67,0x000e219,0x3471247,
-        0x26febd5,0x1161713,0x3541a8f,0x302038d,0x08d2af9,0x26e1b21,
-        0x398514a,0x36dad99,0x002ed70 } },
-    /* 106 */
-    { { 0x06f25cb,0x1104596,0x370faee,0x07e83f3,0x0f7b686,0x228d43a,
-        0x12cd201,0x0a1bd57,0x3e592dc,0x1e186fc,0x2226aba,0x2c63fe9,
-        0x17b039a,0x1efaa61,0x00d1582 },
-      { 0x2e6acef,0x07d51e4,0x3ac326c,0x322b07e,0x1422c63,0x32ff5c7,
-        0x18760df,0x048928b,0x139b251,0x04d7da9,0x048d1a2,0x2a23e84,
-        0x199dbba,0x2fa7afe,0x0049f1a } },
-    /* 107 */
-    { { 0x3492b73,0x27d3d3d,0x2b1a16f,0x07b2ce4,0x0cf28ec,0x2729bff,
-        0x3130d46,0x3e96116,0x140b72e,0x14a2ea3,0x1ca066f,0x3a61f1d,
-        0x022ebac,0x09192b4,0x003e399 },
-      { 0x12555bb,0x0b6139d,0x239463a,0x12a70ab,0x2aaa93b,0x2254e72,
-        0x00424ec,0x26a6736,0x26daa11,0x25b5ad6,0x379f262,0x140cd30,
-        0x0c7d3bd,0x097bbcf,0x00899e9 } },
-    /* 108 */
-    { { 0x3825dc4,0x3cd946f,0x0462b7f,0x31102e7,0x30f741c,0x3313ed6,
-        0x1ff5a95,0x15bf9dc,0x09b47fd,0x0f2e7a7,0x1626c0d,0x3c14f6d,
-        0x14098bd,0x19d7df8,0x00a97ce },
-      { 0x0934f5e,0x3f968db,0x046f68a,0x12333bf,0x26cd5e1,0x1ea2161,
-        0x358570d,0x235031d,0x35edd55,0x05265e3,0x24ae00c,0x3542229,
-        0x25bb2a1,0x1c83c75,0x0058f2a } },
-    /* 109 */
-    { { 0x24daedb,0x376928f,0x305266f,0x0499746,0x038318c,0x312efd7,
-        0x1910a24,0x33450a3,0x1c478a9,0x39d8bf9,0x12cc0ae,0x397aeab,
-        0x0654c08,0x095f283,0x00d2cdf },
-      { 0x0b717d2,0x1f162c2,0x107a48f,0x128e1b3,0x2380718,0x39f4044,
-        0x00f626a,0x05ec0c9,0x21bc439,0x200fa4d,0x20aea01,0x186a1d8,
-        0x26372f2,0x1a91f87,0x0053f55 } },
-    /* 110 */
-    { { 0x3512a90,0x33b958b,0x29f1c84,0x0106c3a,0x224b3c0,0x09b307a,
-        0x215d2de,0x3bdf43b,0x22cf0c9,0x176121d,0x1534143,0x09ba717,
-        0x16b3110,0x0f73f6c,0x008f5b7 },
-      { 0x2c75d95,0x26fbcb4,0x0dda1f6,0x206f819,0x28d33d5,0x1fb4d79,
-        0x024c125,0x30a0630,0x1f9c309,0x0fe350d,0x1696019,0x0a54187,
-        0x09541fd,0x35e3a79,0x0066618 } },
-    /* 111 */
-    { { 0x0e382de,0x33f5163,0x0dde571,0x3bb7a40,0x1175806,0x12ae8ed,
-        0x0499653,0x3b25586,0x38ade7a,0x3fa265d,0x3f4aa97,0x3c03dbb,
-        0x30c6de8,0x32d4042,0x00ae971 },
-      { 0x2f788f1,0x1fbaf0e,0x3e2d182,0x3ff904f,0x0d46229,0x1d0726d,
-        0x15455b4,0x093ae28,0x290f8e4,0x097c0b9,0x1ae8771,0x28480bb,
-        0x04f6d40,0x3689925,0x0049b3b } },
-    /* 112 */
-    { { 0x35b2d69,0x31819c0,0x11b0d63,0x035afb6,0x2b50715,0x2bece6c,
-        0x35f82f7,0x0ad987c,0x0011601,0x02e6f67,0x2d0a5f5,0x365e583,
-        0x2f7c900,0x11449c5,0x00ed705 },
-      { 0x27abdb4,0x1bbfd04,0x301c157,0x263c079,0x36850d6,0x3f21f8b,
-        0x27d7493,0x0f9227e,0x06fb0ce,0x002daf3,0x37d8c1c,0x3ef87d7,
-        0x19cc6f4,0x0c3809c,0x00cf752 } },
-    /* 113 */
-    { { 0x22d94ed,0x075b09c,0x020e676,0x084dc62,0x2d1ec3f,0x17439f1,
-        0x240b702,0x33cc596,0x30ebaf3,0x0359fe0,0x393ea43,0x0ece01e,
-        0x16c6963,0x03a82f2,0x0017faa },
-      { 0x3866b98,0x3cd20b7,0x12d4e6b,0x3a6a76d,0x1205c1e,0x3e6ae1a,
-        0x2f9bbdf,0x2e61547,0x2d175ee,0x28e18f6,0x13cf442,0x085b0ef,
-        0x0e321ef,0x238fe72,0x003fb22 } },
-    /* 114 */
-    { { 0x360ac07,0x26dc301,0x3f4d94f,0x2ba75e6,0x1f3c9cc,0x17ff20f,
-        0x0ea084c,0x30e39cf,0x143dc49,0x03bd43e,0x3c9e733,0x19e8aba,
-        0x27fbaf4,0x12d913a,0x005ee53 },
-      { 0x3609e7f,0x2d89c80,0x09f020c,0x1558bf7,0x3098443,0x3c515fd,
-        0x1c8e580,0x16506bd,0x26cb4b2,0x1747d42,0x2ec8239,0x32c91f0,
-        0x1ca3377,0x079768f,0x00a5f3e } },
-    /* 115 */
-    { { 0x185fa94,0x122759f,0x0e47023,0x0dcb6e7,0x10ba405,0x3b5eab4,
-        0x1f7a1fa,0x32d003f,0x1739a4c,0x3295ec3,0x1b18967,0x3f3b265,
-        0x34d2448,0x2dbadc9,0x00f30b5 },
-      { 0x01c5338,0x2d1dcf2,0x2bd07cc,0x39a8fb5,0x2b85639,0x355bab6,
-        0x1df95f1,0x01eb5f6,0x17f0a16,0x1b895b5,0x157574d,0x29fff72,
-        0x3a8c46d,0x0118071,0x0065f84 } },
-    /* 116 */
-    { { 0x3a1e7f1,0x17432f2,0x1f648d4,0x3000ad5,0x2ef0a08,0x1f86624,
-        0x1ca31b1,0x241f9dc,0x2cb4885,0x2b8610f,0x364ce16,0x1e5faf0,
-        0x0b33867,0x2cb637d,0x00816d2 },
-      { 0x1aa8671,0x02c394e,0x35f5e87,0x393040a,0x39f0db3,0x1c831a5,
-        0x2966591,0x034a8d0,0x09e613c,0x042b532,0x018ddd6,0x3e402c9,
-        0x2e20e1a,0x29cb4cd,0x00e087c } },
-    /* 117 */
-    { { 0x3a10079,0x20c7fea,0x3ff2222,0x1edb593,0x00dc5f8,0x3a32ccc,
-        0x1479073,0x0cfed11,0x2a2702a,0x17a056a,0x1fba321,0x235acb9,
-        0x149c833,0x172de7d,0x000f753 },
-      { 0x2e95923,0x3b365cb,0x009f471,0x0df1b47,0x21e868b,0x199bbd3,
-        0x07b8ecc,0x12ff0af,0x189808a,0x3bd5059,0x3fbc4d2,0x0fa7b88,
-        0x1125bf2,0x0db0b5d,0x0043572 } },
-    /* 118 */
-    { { 0x29cdb1b,0x1db656e,0x391efe1,0x004be09,0x245a1ca,0x3793328,
-        0x254af24,0x2f2e65d,0x10e5cc4,0x2af6fe7,0x2d97ac0,0x29f7d42,
-        0x19fd6f6,0x0ac184d,0x00c5211 },
-      { 0x305eae3,0x36738d3,0x2c2b696,0x00ba50e,0x3903adc,0x2122f85,
-        0x0753470,0x1cf96a4,0x1702a39,0x247883c,0x2feb67e,0x2ab3071,
-        0x3c6b9e1,0x30cb85a,0x002ca0a } },
-    /* 119 */
-    { { 0x3871eb5,0x284b93b,0x0a7affe,0x176a2fc,0x294c2f2,0x204d3aa,
-        0x1e4c2a7,0x3ec4134,0x2fb0360,0x3847b45,0x05fc11b,0x0a6db6e,
-        0x390fa40,0x2adfd34,0x005e9f7 },
-      { 0x0646612,0x1b5cbcc,0x10d8507,0x0777687,0x3a0afed,0x1687440,
-        0x0222578,0x1af34a4,0x2174e27,0x372d267,0x11246c3,0x34769c5,
-        0x2044316,0x1b4d626,0x00c72d5 } },
-    /* 120 */
-    { { 0x2e5bb45,0x3ff1d36,0x16dcdf5,0x128986f,0x399068c,0x2a63b1e,
-        0x0afa7aa,0x3a5b770,0x200f121,0x33b74bb,0x1414045,0x0f31ef8,
-        0x2f50e16,0x2f38cd6,0x00b0b1b },
-      { 0x1a06293,0x035e140,0x2644d44,0x1f1954b,0x2cdebab,0x31d5f91,
-        0x0b8dbc8,0x38f2d23,0x3783cab,0x2a07e73,0x3123f59,0x3409846,
-        0x3784ddd,0x223bbac,0x003dc7b } },
-    /* 121 */
-    { { 0x0741456,0x234e631,0x2121e1b,0x00980ca,0x3a9dfa9,0x098c916,
-        0x3fc86d1,0x1c63072,0x3625244,0x13d0471,0x05b0fc5,0x1487550,
-        0x2498596,0x11bb6ea,0x001afab },
-      { 0x274b4ad,0x240aea1,0x3d12a75,0x2b56b61,0x1486b43,0x1b83426,
-        0x31c7363,0x35b59ca,0x207bb6c,0x38e6243,0x19bace4,0x0a26671,
-        0x35e3381,0x0c2ded4,0x00d8da4 } },
-    /* 122 */
-    { { 0x2b75791,0x19590b1,0x2bfb39f,0x2988601,0x0050947,0x0d8bbe1,
-        0x23e3701,0x08e4432,0x2ed8c3d,0x326f182,0x332e1dd,0x12219c5,
-        0x2e0779b,0x367aa63,0x0012d10 },
-      { 0x251b7dc,0x0a08b4d,0x1138b6f,0x2ea02af,0x06345a5,0x1cb4f21,
-        0x0332624,0x1d49d88,0x140acc5,0x2f55287,0x024447c,0x291ace9,
-        0x1a4966e,0x015cbec,0x005bc41 } },
-    /* 123 */
-    { { 0x351cd0e,0x315e8e9,0x07d6e70,0x067ae8f,0x2190d84,0x351f556,
-        0x03bee79,0x31b62c7,0x266f912,0x1b6a504,0x007a6ad,0x3a6ab31,
-        0x3891112,0x3c45ba0,0x00d6ce5 },
-      { 0x0e1f2ce,0x32a5edc,0x1434063,0x1ca084f,0x2a3e47c,0x137e042,
-        0x16e2418,0x2069280,0x3b0dfd8,0x35a22b5,0x289bf0a,0x1f667f2,
-        0x02d23a3,0x0ce688f,0x00d8e3f } },
-    /* 124 */
-    { { 0x10bed6f,0x14c58dd,0x0b0abdf,0x0ca0f9a,0x3808abc,0x2ec228c,
-        0x2366275,0x12afa16,0x20f6b0e,0x37dca8e,0x3af0c6a,0x1c5b467,
-        0x1b25ff7,0x00814de,0x0022dcc },
-      { 0x1a56e11,0x02fe37e,0x3f21740,0x35d5a91,0x06cb8ba,0x29bad91,
-        0x17176f7,0x2d919f2,0x0f7d1f5,0x13a3f61,0x04ddb05,0x0c82a51,
-        0x286f598,0x2e8c777,0x0007071 } },
-    /* 125 */
-    { { 0x0f8fcb9,0x3e83966,0x170c6fd,0x3825343,0x089cec8,0x01b482a,
-        0x0993971,0x3327282,0x39aba8a,0x32456fe,0x1507e01,0x1c3252d,
-        0x21ffb13,0x29822a0,0x0083246 },
-      { 0x23c378f,0x1cea7ef,0x1be9a82,0x224d689,0x37e5447,0x3764a75,
-        0x3a49724,0x361e1b3,0x19d365b,0x3a61ffb,0x1c29a7a,0x20ab251,
-        0x17ec549,0x175d777,0x004589a } },
-    /* 126 */
-    { { 0x15540a9,0x2ec5d2a,0x05b09fa,0x1bc058b,0x07cfb88,0x28f7b86,
-        0x3e766be,0x189305e,0x01fe88e,0x23fdf69,0x0b919c3,0x02dc7ae,
-        0x3f9a9ad,0x0b83cc7,0x0086a52 },
-      { 0x28bc259,0x39bdca1,0x39e4bc8,0x0e0f33b,0x16130c6,0x2919955,
-        0x31f4549,0x2fed027,0x30919b2,0x0a39b03,0x0ca7bb2,0x1711b24,
-        0x3b67b94,0x05a136b,0x00acd87 } },
-    /* 127 */
-    { { 0x0c53841,0x31cb284,0x3ced090,0x06d5693,0x1c20ae0,0x0408d2b,
-        0x37ebd5e,0x081900f,0x26a8589,0x0acfd0a,0x34a1472,0x2f0c302,
-        0x124ccbd,0x10de328,0x00971bc },
-      { 0x17ff2ff,0x27d1b54,0x147b6f7,0x38bb2ea,0x26a9c96,0x0a49448,
-        0x39f2f46,0x247c579,0x3b16a4e,0x28c2a5a,0x2d4c72d,0x11f248c,
-        0x1e4df11,0x047d604,0x0065bc3 } },
-    /* 128 */
-    { { 0x39b3239,0x1f75f44,0x3bae87c,0x139360c,0x18b5782,0x3ffc005,
-        0x3c48789,0x2bc6af2,0x38b909e,0x223ff3b,0x31443a7,0x017d3bb,
-        0x0bfed99,0x128b857,0x00020dd },
-      { 0x306d695,0x25a7b28,0x2f60ca2,0x2b6e4f2,0x1df940c,0x1fa9b8e,
-        0x37fab78,0x13f959f,0x10ff98c,0x38343b8,0x019cb91,0x11a1e6b,
-        0x17ab4c6,0x1431f47,0x004b4ea } },
-    /* 129 */
-    { { 0x20db57e,0x102515e,0x170219e,0x2b66a32,0x1e6017c,0x2f973fe,
-        0x3739e51,0x0e28b6f,0x3cda7a9,0x30d91ac,0x28350df,0x1444215,
-        0x098b504,0x1bcd5b8,0x00ad3bd },
-      { 0x22e3e3e,0x3aeaffb,0x26cb935,0x0091ce4,0x2fbd017,0x3a7ed6a,
-        0x335b029,0x3bfc1f1,0x3852e3f,0x2b14a86,0x046b405,0x266af4c,
-        0x3997191,0x33b0e40,0x00e306f } },
-    /* 130 */
-    { { 0x3e4712c,0x26bb208,0x18eed6d,0x1b30f06,0x27ca837,0x06faf62,
-        0x1831873,0x3fbcf9b,0x3f3d88b,0x1fb55eb,0x0f44edc,0x29917bb,
-        0x3151772,0x342d72e,0x00d4e63 },
-      { 0x2ee0ecf,0x39e8733,0x2e8e98c,0x0cd4e0f,0x08f0126,0x1ad157a,
-        0x079078a,0x23018ee,0x196c765,0x2b2f34f,0x0783336,0x075bf9c,
-        0x3713672,0x098d699,0x00f21a7 } },
-    /* 131 */
-    { { 0x186ba11,0x22cf365,0x048019d,0x2ca2970,0x0d9e0ae,0x08c3bd7,
-        0x261dbf2,0x2fc2790,0x1ee02e6,0x10256a7,0x00dc778,0x18dc8f2,
-        0x157b189,0x2ebc514,0x005c97d },
-      { 0x3c4503e,0x1d10d12,0x337097e,0x0c6169a,0x30fb1cb,0x3481752,
-        0x0df2bec,0x19768fa,0x1bcf8f7,0x2925f74,0x2c988a1,0x3be571d,
-        0x04cfa92,0x2ea9937,0x003f924 } },
-    /* 132 */
-    { { 0x268b448,0x06e375c,0x1b946bf,0x287bf5e,0x3d4c28b,0x138d547,
-        0x21f8c8e,0x21ea4be,0x2d45c91,0x35da78e,0x00326c0,0x210ed35,
-        0x1d66928,0x0251435,0x00fefc8 },
-      { 0x0339366,0x216ff64,0x2c3a30c,0x3c5733d,0x04eeb56,0x2333477,
-        0x32b1492,0x25e3839,0x1b5f2ce,0x0dcfba1,0x3165bb2,0x3acafcc,
-        0x10abfcd,0x248d390,0x008106c } },
-    /* 133 */
-    { { 0x102f4ee,0x3c0585f,0x1225c8d,0x11c6388,0x08a7815,0x2b3e790,
-        0x2895eb6,0x18cf53a,0x0b56e5a,0x2e2c003,0x3e981ff,0x0761b55,
-        0x1bc32f3,0x0a7111d,0x00f5c80 },
-      { 0x3568973,0x1587386,0x16ec764,0x20698a6,0x02f809b,0x2821502,
-        0x113d64d,0x38c2679,0x15de61c,0x0309f60,0x272999e,0x29bfe64,
-        0x173f70d,0x1de7fab,0x00bd284 } },
-    /* 134 */
-    { { 0x31cdf2b,0x0f0be66,0x2151603,0x01af17e,0x32a99cf,0x085dece,
-        0x27d2591,0x1520df4,0x273c448,0x1ec7c54,0x102e229,0x355f604,
-        0x2acb75f,0x005f1fd,0x003d43e },
-      { 0x270eb28,0x22ec2ce,0x306b41a,0x238fa02,0x167de2d,0x030a379,
-        0x245a417,0x1808c24,0x0b1a7b2,0x3ab5f6f,0x2cbc6c1,0x2c228d4,
-        0x3041f70,0x2d9a6cc,0x00b504f } },
-    /* 135 */
-    { { 0x17a27c2,0x216ad7e,0x011ba8e,0x22f0428,0x16ac5ec,0x3ef3c58,
-        0x345533f,0x0298155,0x2856579,0x0005e03,0x19ee75b,0x146fe16,
-        0x29881e4,0x18ece70,0x008907a },
-      { 0x20189ed,0x119ce09,0x35cb76d,0x0d91ef4,0x2284a44,0x032ad87,
-        0x0e8c402,0x3c82b5d,0x38c416c,0x398992f,0x1fd820c,0x169b255,
-        0x3b5fcfa,0x1343c92,0x00fa715 } },
-    /* 136 */
-    { { 0x33f5034,0x20b3b26,0x28fd184,0x16b3679,0x3962d44,0x15d1bc8,
-        0x2fb1d69,0x1292c99,0x25a58c9,0x1b19ab7,0x2d68a5b,0x2f6a09b,
-        0x0d6aedb,0x2935eac,0x0005664 },
-      { 0x25e32fc,0x13f9440,0x3252bcd,0x2fea5b7,0x161a5ae,0x0564a8c,
-        0x0a07e23,0x1545f62,0x0de9890,0x1d76765,0x1fd440e,0x2ed0041,
-        0x3db4c96,0x1e8ba01,0x001b0c4 } },
-    /* 137 */
-    { { 0x0223878,0x29ab202,0x15585c2,0x1a79969,0x1ba08c2,0x2ef09ff,
-        0x2b1b9b9,0x181f748,0x1bf72b9,0x224645c,0x2588dc5,0x2d157e7,
-        0x22d939a,0x05b88d9,0x006d549 },
-      { 0x31de0c1,0x23a4e0e,0x278f8da,0x1aa013c,0x1a84d18,0x0d185a5,
-        0x0988ccd,0x2c32efd,0x3bee10e,0x37d7ab8,0x3f2a66e,0x3e2da3e,
-        0x1b5701f,0x3d9f0c1,0x00a68da } },
-    /* 138 */
-    { { 0x0b2e045,0x0133fd1,0x05d4c10,0x0d92c70,0x391b5e1,0x2292281,
-        0x2e40908,0x2ec694e,0x195ea11,0x29cfeca,0x3d93a4e,0x01215c0,
-        0x08a5f32,0x37a0eff,0x00cce45 },
-      { 0x2b3106e,0x12a5fb0,0x0b4faff,0x0c2da12,0x09069c6,0x35d8907,
-        0x2837a6e,0x3db3fb6,0x3136cc3,0x222836b,0x3da018a,0x2741274,
-        0x13ba319,0x1ac7642,0x00f867c } },
-    /* 139 */
-    { { 0x2527296,0x10a9595,0x178de4d,0x0f739c4,0x0ae26c7,0x3094599,
-        0x20adac6,0x2b875c2,0x3ae5dc0,0x3e04d20,0x1aab2da,0x1d3ab37,
-        0x15f4f75,0x0b730b5,0x00c56b5 },
-      { 0x1f32923,0x2f059e5,0x2a89872,0x2056f74,0x04be175,0x1da67c0,
-        0x17f1e7a,0x3780a6d,0x0723ac2,0x257f367,0x1237773,0x2bcee86,
-        0x0b97f83,0x38aff14,0x00a64d4 } },
-    /* 140 */
-    { { 0x2552b40,0x0b6b883,0x12e8217,0x0974d35,0x062f497,0x1e563e6,
-        0x30ee400,0x375d1e4,0x290751f,0x0d5b68a,0x353e48c,0x064a0d3,
-        0x3c343f1,0x309a394,0x0034d2a },
-      { 0x3111286,0x0f08604,0x1827107,0x0536a76,0x0201dac,0x3a574de,
-        0x2c29dbe,0x382c7b0,0x1191f3e,0x324c5bc,0x144ce71,0x24327c1,
-        0x1212778,0x22bc9d8,0x00d7713 } },
-    /* 141 */
-    { { 0x34ad1cd,0x1179b4e,0x1bc1780,0x1392a92,0x2cd86b9,0x359de85,
-        0x251f1df,0x0da5d5f,0x135fa61,0x0f64a42,0x34f4d89,0x0fe564c,
-        0x3cf9b7a,0x122d757,0x008c9c2 },
-      { 0x370d4e9,0x0e9209b,0x0ae99f2,0x1518c64,0x0172734,0x2c20692,
-        0x1d7c135,0x149c52f,0x38928d6,0x3c78b78,0x25841d1,0x2eaa897,
-        0x372e50b,0x29e5d19,0x00c4c18 } },
-    /* 142 */
-    { { 0x13375ac,0x389a056,0x211310e,0x2f9f757,0x04f3288,0x103cd4e,
-        0x17b2fb2,0x2c78a6a,0x09f1de6,0x23e8442,0x1351bc5,0x1b69588,
-        0x285b551,0x0464b7e,0x00573b6 },
-      { 0x0ba7df5,0x259a0db,0x2b4089e,0x05630a2,0x3f299be,0x350ff2f,
-        0x1c9348a,0x3becfa4,0x3cc9a1c,0x17a6ef1,0x338b277,0x2b761d9,
-        0x2aa01c8,0x3cb9dd7,0x006e3b1 } },
-    /* 143 */
-    { { 0x277788b,0x16a222d,0x173c036,0x310ff58,0x2634ae8,0x392636f,
-        0x0987619,0x1e6acc1,0x26dc8f7,0x242310f,0x0c09aca,0x22b8e11,
-        0x0d17006,0x1c2c806,0x002380c },
-      { 0x297c5ec,0x1fef0e8,0x3948cf7,0x14f2915,0x2dacbc8,0x0dafb1f,
-        0x10de043,0x31184da,0x06414ee,0x3c9aeeb,0x1f713ab,0x308f1f8,
-        0x1569ed1,0x3f379bf,0x00f08bb } },
-    /* 144 */
-    { { 0x0770ee3,0x058fd21,0x17065f8,0x251d128,0x10e0c7f,0x06cb51b,
-        0x0f05f7e,0x3666a72,0x3e7d01f,0x2d05fab,0x11440e5,0x28577d4,
-        0x2fbcf2b,0x14aa469,0x00dc5c5 },
-      { 0x270f721,0x1c75d28,0x085b862,0x1d68011,0x132c0a0,0x37be81d,
-        0x1a87e38,0x083fa74,0x3acbf0d,0x16d6429,0x0feda1f,0x031070a,
-        0x2ec2443,0x21e563d,0x00454d2 } },
-    /* 145 */
-    { { 0x0525435,0x1e98d5f,0x3dbc52b,0x1fcdf12,0x13d9ef5,0x3ff311d,
-        0x393e9ed,0x3cef8ae,0x2987710,0x3bdee2e,0x21b727d,0x3ba1b68,
-        0x10d0142,0x3c64b92,0x0055ac3 },
-      { 0x0c1c390,0x38e9bb0,0x1e7b487,0x11511b3,0x1036fb3,0x25aba54,
-        0x1eb2764,0x048d022,0x0d971ed,0x1bb7fb5,0x100f0b4,0x06c3756,
-        0x2f0d366,0x3c6e160,0x0011bd6 } },
-    /* 146 */
-    { { 0x36bc9d1,0x24d43c1,0x12c35cf,0x2fb3cf3,0x015d903,0x16bc0c7,
-        0x0fc8c22,0x3195c87,0x2488b1c,0x1f82b4c,0x30014e8,0x27ee58d,
-        0x31658dd,0x1684a5f,0x00f0f3a },
-      { 0x1f703aa,0x023eebc,0x20babb9,0x080bd9d,0x12f9cc4,0x1a8e2d4,
-        0x0eec666,0x1176803,0x33005d6,0x1137b68,0x37de339,0x33d71cb,
-        0x0c906b9,0x14086b5,0x00aeef6 } },
-    /* 147 */
-    { { 0x219045d,0x0f22c5e,0x024c058,0x00b414a,0x0ae7c31,0x3db3e96,
-        0x234979f,0x0cf00a8,0x3c962c7,0x27fa77f,0x1c0c4b0,0x1fe8942,
-        0x218053a,0x1eed3f8,0x0051643 },
-      { 0x2a23ddb,0x138f570,0x104e945,0x21ca270,0x30726d8,0x3f45490,
-        0x37d9184,0x242ea25,0x33f6d77,0x3f15679,0x065af85,0x34fa1f5,
-        0x2e46b8f,0x31d17fb,0x00a2615 } },
-    /* 148 */
-    { { 0x335167d,0x181ea10,0x0887c8d,0x01383d7,0x18b42d8,0x263447e,
-        0x1f13df3,0x0319d7e,0x0872074,0x2d6aa94,0x23d9234,0x36a69aa,
-        0x0bad183,0x3138a95,0x00bd3a5 },
-      { 0x1b0f658,0x0e4530b,0x373add1,0x1b968fc,0x329dcb6,0x09169ca,
-        0x162df55,0x0211eff,0x02391e4,0x3867460,0x3136b1a,0x37dd36e,
-        0x3bc5bd9,0x2dacfe4,0x0072a06 } },
-    /* 149 */
-    { { 0x119d96f,0x067b0eb,0x00996da,0x293eca9,0x2b342da,0x1889c7a,
-        0x21633a6,0x0152c39,0x281ce8c,0x18ef3b3,0x0bd62dc,0x3238186,
-        0x38d8b7c,0x3867b95,0x00ae189 },
-      { 0x0ed1eed,0x1e89777,0x13ab73e,0x029e1d7,0x2c1257f,0x33fbc09,
-        0x32d5a21,0x3d870b2,0x39bb1fd,0x33663bc,0x24e83e6,0x239bda4,
-        0x3088bcd,0x01db1ed,0x00d71e7 } },
-    /* 150 */
-    { { 0x14245bf,0x0da0c27,0x153b339,0x05cab0a,0x122d962,0x1b0f0f3,
-        0x3f5a825,0x267a2ce,0x2910d06,0x254326f,0x0f36645,0x025118e,
-        0x37c35ec,0x36e944e,0x006c056 },
-      { 0x05ab0e3,0x29aa0c1,0x1295687,0x1fd1172,0x08d40b5,0x05bd655,
-        0x345048a,0x02a1c3c,0x2393d8f,0x0992d71,0x1f71c5e,0x18d4e8a,
-        0x30dd410,0x11d61d3,0x00dd58b } },
-    /* 151 */
-    { { 0x2230c72,0x30213d8,0x05e367e,0x329204e,0x0f14f6c,0x3369ddd,
-        0x0bb4074,0x2edafd6,0x1b1aa2d,0x0785404,0x0c035ab,0x220da74,
-        0x1f2fdd4,0x092a091,0x00ef83c },
-      { 0x3dc2538,0x1cca3e7,0x246afb5,0x24c647f,0x0798082,0x0bb7952,
-        0x0f5c443,0x008b38a,0x299ea1a,0x3c6cf36,0x3df2ec7,0x398e6dc,
-        0x29a1839,0x1cadd83,0x0077b62 } },
-    /* 152 */
-    { { 0x25d56d5,0x3546f69,0x16e02b1,0x3e5fa9a,0x03a9b71,0x2413d31,
-        0x250ecc9,0x1d2de54,0x2ebe757,0x2a2f135,0x2aeeb9a,0x0d0fe2b,
-        0x204cb0e,0x07464c3,0x00c473c },
-      { 0x24cd8ae,0x0c86c41,0x221c282,0x0795588,0x1f4b437,0x06fc488,
-        0x0c81ecd,0x020bf07,0x3a9e2c8,0x2294a81,0x3a64a95,0x0363966,
-        0x32c9a35,0x0f79bec,0x0029e4f } },
-    /* 153 */
-    { { 0x289aaa5,0x2755b2e,0x059e0aa,0x3031318,0x0f0208a,0x35b7729,
-        0x00d9c6b,0x3dd29d0,0x075f2c2,0x0ece139,0x31562dd,0x04187f2,
-        0x13b8d4c,0x0920b85,0x003924e },
-      { 0x09808ab,0x2e36621,0x2a36f38,0x1829246,0x229bf32,0x20883b7,
-        0x159ada8,0x3108a14,0x15bbe5b,0x1e2d1e4,0x1730096,0x0d35cbb,
-        0x15d0da9,0x0e60b94,0x00c4f30 } },
-    /* 154 */
-    { { 0x31de38b,0x27b9086,0x2760e3e,0x169098d,0x2a124e2,0x00596c6,
-        0x3f73c09,0x0d31642,0x2341464,0x248600a,0x2e1fa10,0x2aa0fc8,
-        0x051e954,0x00f3b67,0x001d4bd },
-      { 0x18751e6,0x25a8e1e,0x07f5c2d,0x17e30d4,0x0ed2723,0x23093e2,
-        0x3b80e2c,0x13de2d7,0x2fad37f,0x1be1cfb,0x3224ba9,0x0a7f5d3,
-        0x1714972,0x06667b7,0x009dcd9 } },
-    /* 155 */
-    { { 0x294f22a,0x3e06993,0x0341ee9,0x24bdc7b,0x2e56098,0x2660a13,
-        0x018ddda,0x2c261b2,0x2953b54,0x267f51c,0x0e8a7cc,0x29ab00c,
-        0x3a38247,0x397ac81,0x00de684 },
-      { 0x36b956b,0x347b34a,0x35834bd,0x053c06c,0x0090844,0x148cec5,
-        0x380b325,0x2f17b8b,0x054ef5e,0x09683fb,0x3f8b29a,0x33c979a,
-        0x1e01474,0x3e81fca,0x001c757 } },
-    /* 156 */
-    { { 0x30fdfe4,0x2d712ba,0x13671bc,0x2cfc226,0x3d7c649,0x16f020e,
-        0x368e3f0,0x2981ebb,0x246a78a,0x115e81b,0x21223a4,0x04dbb30,
-        0x1a50ba2,0x12114bd,0x0089bd6 },
-      { 0x055f15a,0x1046e51,0x00fd724,0x1c022a7,0x323dfa9,0x36d8efb,
-        0x0da4d16,0x0910dec,0x2c1fb16,0x2dbe29f,0x298284f,0x2b273bb,
-        0x26022c1,0x20accd5,0x00085a5 } },
-    /* 157 */
-    { { 0x01f138a,0x2d87e7b,0x0c2815c,0x0c19a3c,0x311c9a2,0x3e4fce3,
-        0x029729d,0x21236b2,0x2984048,0x3f3bc95,0x2bba8fb,0x1a1b680,
-        0x0619a3f,0x29e0447,0x00ed5fe },
-      { 0x2d1c833,0x3dcef35,0x3f809b4,0x01a1b9e,0x1509516,0x10ac754,
-        0x2735080,0x27b0a8a,0x2495fb8,0x0a7bdba,0x1ef8b89,0x00233a5,
-        0x0568bf1,0x1a126ba,0x0078a7e } },
-    /* 158 */
-    { { 0x0470cd8,0x20e9f04,0x30003fe,0x20be1b7,0x1927346,0x2a5026d,
-        0x1ac06bd,0x2717ed7,0x2609493,0x3079ea5,0x1cc116d,0x31b0541,
-        0x2c8ccde,0x10219ae,0x001a52b },
-      { 0x2864045,0x0e8d95b,0x2fc1530,0x0aa44e7,0x345eae7,0x3cc7553,
-        0x3ec6466,0x229b60e,0x06f6e95,0x00bed2a,0x0ff4403,0x181c639,
-        0x2e0df67,0x1f8fa46,0x0000811 } },
-    /* 159 */
-    { { 0x04310a2,0x20cee8e,0x09fc5d5,0x3707f5b,0x0bdfb4e,0x12713ee,
-        0x24f1028,0x0787ee6,0x39a581c,0x3797ec8,0x10a9746,0x112cb9f,
-        0x142b9ba,0x1da0ef6,0x0078f7b },
-      { 0x07607ae,0x3232872,0x2a7e076,0x0bb572a,0x182b23c,0x1d8f918,
-        0x181f392,0x37c45a9,0x24a3886,0x0b2a297,0x264e7f2,0x1fa433c,
-        0x0fcfcc8,0x21c0857,0x0004f74 } },
-    /* 160 */
-    { { 0x01d161c,0x1744585,0x2d17528,0x03a4f13,0x267cd2e,0x30d861f,
-        0x062a647,0x213284b,0x139ed25,0x27d4ca5,0x02fbbd6,0x31ddf11,
-        0x3c50ac4,0x1dd86f7,0x00107de },
-      { 0x16beebd,0x1b7317a,0x2151997,0x256a196,0x3be2aff,0x3621cab,
-        0x0a9da19,0x05f3038,0x23da63c,0x3178d5e,0x215cc67,0x07f7f63,
-        0x0c6d8d3,0x3bf5e5c,0x00c44bb } },
-    /* 161 */
-    { { 0x00c62f1,0x3e0f893,0x1572703,0x3b93865,0x19b1e28,0x389b33b,
-        0x02858bf,0x0e3e9aa,0x04bc436,0x234e072,0x25ba43d,0x3dca19e,
-        0x0274394,0x20f442e,0x003b4a7 },
-      { 0x176451e,0x2b5ed5d,0x35c8ee1,0x25c52da,0x0c3d0b5,0x32b306e,
-        0x030954f,0x275ecf7,0x10e472c,0x21577c4,0x02f8a32,0x321bb5c,
-        0x0098f97,0x104e237,0x00d0433 } },
-    /* 162 */
-    { { 0x0a8f2fe,0x034548b,0x141f1a6,0x121246f,0x1616409,0x237f80d,
-        0x2e29a55,0x1218db6,0x3ea278e,0x1669856,0x1ad7c8e,0x36d11de,
-        0x2c2fcbb,0x18c0b3a,0x001c706 },
-      { 0x1699b4b,0x2d531a6,0x17e85e2,0x1b48e78,0x2b509ca,0x2818ea0,
-        0x0165fee,0x0b809ca,0x09db6a2,0x3dad798,0x326ee1d,0x204e416,
-        0x091fa12,0x1c890e5,0x0007b9f } },
-    /* 163 */
-    { { 0x0ff4e49,0x0bb0512,0x0129159,0x05db591,0x03e4e9f,0x055ab30,
-        0x0f82881,0x0ac2deb,0x3a8bb09,0x356a8d2,0x3d38393,0x03e4089,
-        0x38187cd,0x1377a93,0x0041672 },
-      { 0x0139e73,0x3990730,0x187d3c4,0x33e4793,0x2e0fe46,0x2ad87e2,
-        0x33c792c,0x21d4fb6,0x1e4d386,0x2932d1b,0x20f1098,0x1270874,
-        0x0ea6ee4,0x0167d6e,0x005e5fd } },
-    /* 164 */
-    { { 0x1856031,0x2b7519d,0x3bd07fc,0x337abcb,0x089c7a4,0x2a1f120,
-        0x3523ce7,0x2ba406b,0x09561d9,0x1797f04,0x3cdb95f,0x2d6193e,
-        0x32c7d3f,0x223aed6,0x00beb51 },
-      { 0x2e65825,0x158f0ce,0x16413d1,0x310395f,0x3116854,0x250baf4,
-        0x373d341,0x156cc47,0x104c069,0x0893716,0x195a0a6,0x035320e,
-        0x37b7d8a,0x21b5755,0x00fb26b } },
-    /* 165 */
-    { { 0x286ae17,0x04239f1,0x1a56c53,0x0e74707,0x29090d7,0x2bb142b,
-        0x03b0139,0x1aac916,0x08ba49a,0x0376682,0x3382f85,0x064bbab,
-        0x2910e28,0x1d5bd7f,0x00cc8df },
-      { 0x0ab7630,0x208e8e7,0x3fc1877,0x26bee39,0x264984a,0x192ff05,
-        0x08ef9c3,0x0aa6951,0x071c44e,0x26eed3e,0x035c95e,0x06906ad,
-        0x10a0690,0x397eaa9,0x00c6c23 } },
-    /* 166 */
-    { { 0x034d8dd,0x005b064,0x279bb78,0x12c2c4f,0x1856bb4,0x0c90681,
-        0x06409ab,0x3b48617,0x19a2d78,0x0a34bf8,0x326eddf,0x31f09b5,
-        0x04f04dc,0x3d7c944,0x003ccaf },
-      { 0x321f843,0x35fb71a,0x1e4c397,0x377a5d7,0x2da88e4,0x3d6ada7,
-        0x33d3964,0x1b30149,0x0e39aae,0x054dda0,0x3e6f946,0x1273394,
-        0x3ffd3f7,0x2f6655e,0x00021dd } },
-    /* 167 */
-    { { 0x37233cf,0x11617dd,0x26f07b6,0x3d8250a,0x0fe6771,0x3f9bbbc,
-        0x2aba7ad,0x200a58d,0x3568603,0x198eefa,0x1e8fcf3,0x3b9610b,
-        0x20524ac,0x2a67528,0x0048d9a },
-      { 0x1a5e57a,0x1e9d303,0x16c9cff,0x0f39527,0x3c23259,0x03c8a1e,
-        0x104bccf,0x182d5a1,0x18dbc83,0x05b5f42,0x1b402f4,0x317c525,
-        0x11bf1ea,0x3c46e1f,0x0061936 } },
-    /* 168 */
-    { { 0x0153a9d,0x36859ee,0x2cf0aa9,0x2b27a0f,0x0a49fe3,0x2d984e1,
-        0x018f8e1,0x1378453,0x1ab3843,0x1987093,0x283dae9,0x25cf0e8,
-        0x14fc93d,0x280609d,0x00c99ba },
-      { 0x026b1e3,0x34663d3,0x2202477,0x21a9d45,0x212e8e1,0x18ab77e,
-        0x2e52f63,0x0a14ce1,0x295c396,0x00c7a3d,0x2aaedb6,0x30abc4d,
-        0x374acde,0x1318a73,0x00fcfdb } },
-    /* 169 */
-    { { 0x0a40298,0x3ba5633,0x11956b3,0x14fcbd7,0x3c38781,0x34bab96,
-        0x165630e,0x1f3c831,0x37e3a69,0x2b4226c,0x2d5029e,0x3b4ab1e,
-        0x1da6ac2,0x3eb43c3,0x007e5cd },
-      { 0x1b86202,0x109b7f6,0x2054f98,0x2c50cd7,0x2ed1960,0x3c518e7,
-        0x1b02463,0x319c07f,0x1c30db6,0x045fdc2,0x373421e,0x31a1eb9,
-        0x1a8acbf,0x31289b0,0x0013fef } },
-    /* 170 */
-    { { 0x3fa0a5f,0x068661f,0x2109e36,0x00b18ff,0x1f4b261,0x31d3844,
-        0x0acbc56,0x3aebc99,0x1fa77ab,0x152bd11,0x24cddb7,0x2313f74,
-        0x06eea44,0x15f5114,0x000b131 },
-      { 0x2e9993d,0x1ac565c,0x2cbe22a,0x3921797,0x12c3c57,0x360f868,
-        0x33560bf,0x320ee99,0x382c3b8,0x39af88f,0x00bbe38,0x2c4ea59,
-        0x3399b40,0x00ceb45,0x0066eea } },
-    /* 171 */
-    { { 0x0c6c693,0x31ba56d,0x3d3849f,0x378dabd,0x0efc735,0x17f90bf,
-        0x13343d3,0x2df0f81,0x27c6a9a,0x13c2a90,0x0a0fcb2,0x27c10d9,
-        0x3bc50c7,0x090e4fa,0x0016287 },
-      { 0x2927e1e,0x35af405,0x184c5c3,0x3499cee,0x240158e,0x33522e6,
-        0x386fc84,0x0a0b69f,0x1a660ea,0x34590fb,0x22a1bee,0x2ce4fab,
-        0x31a9445,0x0e78655,0x00664c8 } },
-    /* 172 */
-    { { 0x3eeaf94,0x115d409,0x21e7577,0x097aa67,0x22875c9,0x021ab7a,
-        0x27e7ba5,0x1093f04,0x2a086fe,0x05d9494,0x2b6c028,0x10f31b0,
-        0x1312d11,0x262759c,0x00c9bb2 },
-      { 0x1acb0a5,0x30cdf14,0x0f78880,0x0574f18,0x1a37109,0x098adbb,
-        0x2113c09,0x2060925,0x1f89ce4,0x1974976,0x3381358,0x2dab5ca,
-        0x2159c53,0x3af1303,0x000ea3b } },
-    /* 173 */
-    { { 0x1e49bea,0x29142b1,0x1a59cab,0x055f017,0x0684e54,0x39eb0db,
-        0x29cab9d,0x255ee8b,0x35f2e6f,0x05329e6,0x09b817b,0x1ec091c,
-        0x1df0fef,0x2641f62,0x00eb304 },
-      { 0x2fe5096,0x3dcc1d1,0x2aaf508,0x3a0b813,0x0695810,0x144bddb,
-        0x2f1bd93,0x281ae23,0x3513ebc,0x1ddd984,0x0cf158b,0x35218eb,
-        0x257daf7,0x391253b,0x00b2a81 } },
-    /* 174 */
-    { { 0x153e6ba,0x22396db,0x0ea2ff2,0x2a45121,0x0a90de1,0x34cf23b,
-        0x2db60ce,0x1a900be,0x2f328b6,0x355e75b,0x2c24372,0x0b75b77,
-        0x2ec7d4f,0x3f24759,0x00e9e33 },
-      { 0x39eab6e,0x2267480,0x3b5e110,0x1e8fa5e,0x2a31a66,0x3f739a3,
-        0x00166dc,0x3552d88,0x3ae5137,0x3efa0fa,0x0800acd,0x17df61d,
-        0x38c8608,0x04cc31b,0x00cf4ab } },
-    /* 175 */
-    { { 0x31e08fb,0x1961164,0x22c003f,0x078541b,0x3643855,0x30da587,
-        0x11f0dc9,0x324595e,0x329e3dc,0x29a041e,0x3495d2c,0x0908dd3,
-        0x1895b83,0x198dbb9,0x00d8cfb },
-      { 0x0349b1b,0x383c5a8,0x2b86525,0x1b1283e,0x133cd2c,0x2be376a,
-        0x012ee82,0x1eb4d1b,0x0ba71e9,0x01f3109,0x37621eb,0x1d9b77c,
-        0x0d39069,0x3d5a97c,0x0095565 } },
-    /* 176 */
-    { { 0x20f5e94,0x1eefc86,0x1327e0e,0x054760b,0x2f771e1,0x3ac447e,
-        0x033e3dc,0x198e040,0x04dd342,0x1b49a5d,0x00d01ef,0x3cb6768,
-        0x1ceafbd,0x31c6812,0x001cb80 },
-      { 0x221c677,0x060ca27,0x398b17f,0x0146723,0x36452af,0x02d9e65,
-        0x39c5f78,0x3cf50d6,0x0be40f8,0x2970b87,0x26d667c,0x3e45959,
-        0x16e7943,0x01673e7,0x009faaa } },
-    /* 177 */
-    { { 0x2078fe6,0x0918602,0x11dd8ad,0x399193f,0x0f6cc73,0x0f8dd12,
-        0x2ce34dc,0x06d7d34,0x0c5e327,0x0989254,0x2fc5af7,0x2443d7b,
-        0x32bc662,0x2fe2a84,0x008b585 },
-      { 0x039327f,0x08e616a,0x252f117,0x1f52ab0,0x234e2d2,0x0a5b313,
-        0x2f59ef6,0x0f7a500,0x15c4705,0x2c02b81,0x28b4f09,0x08aa5c8,
-        0x0180efc,0x0993e83,0x00a9e86 } },
-    /* 178 */
-    { { 0x0310ecc,0x2d8892f,0x14ed0b7,0x3c59fe8,0x08a1a74,0x0850e57,
-        0x1d09607,0x044a21f,0x109f5c9,0x237c6cf,0x06b264a,0x3fc8f1a,
-        0x0d4c539,0x2740f96,0x00dc2d4 },
-      { 0x1d6f501,0x0adf4ea,0x14f7215,0x0930102,0x3f4c32e,0x24e2643,
-        0x366596d,0x081ff18,0x38f94fb,0x2c21341,0x328594c,0x267c75c,
-        0x196b3fd,0x29932cb,0x0036def } },
-    /* 179 */
-    { { 0x3ed7cbe,0x26de044,0x3d0e461,0x0565e12,0x295e500,0x31dc17f,
-        0x32251c2,0x3420ca8,0x3995f0d,0x2e8ddab,0x0361a45,0x10971b0,
-        0x11e7b55,0x33bc7ca,0x00812d2 },
-      { 0x3d94972,0x1606817,0x0383ccf,0x0e795b7,0x026e20e,0x0f6fefc,
-        0x13685d6,0x315d402,0x0cc36b8,0x1c7f059,0x390ef5e,0x316ae04,
-        0x08c66b9,0x2fac9a4,0x0040086 } },
-    /* 180 */
-    { { 0x3e3c115,0x153de4d,0x1a8ae5e,0x2330511,0x169b8ee,0x1d965c2,
-        0x2edff2b,0x3ef99e6,0x1631b46,0x1f8a238,0x118d7bb,0x12113c3,
-        0x26424db,0x0f4122a,0x00e0ea2 },
-      { 0x3d80a73,0x30393bc,0x0f98714,0x278ef59,0x087a0aa,0x3b18c20,
-        0x04b8a82,0x2068e21,0x030255d,0x3382b27,0x055397f,0x05448dd,
-        0x2015586,0x1190be0,0x000b979 } },
-    /* 181 */
-    { { 0x2e03080,0x2895692,0x09fb127,0x2d1602a,0x1232306,0x105bd4e,
-        0x28cd6a6,0x0a83813,0x1ee13b0,0x2abadc3,0x0c09684,0x00e33e1,
-        0x033eea3,0x30f0a39,0x00a710e },
-      { 0x01b1f7d,0x1c959da,0x017077a,0x254bf0a,0x086fbce,0x15cd6b2,
-        0x008683f,0x23a4f4d,0x22a6bd6,0x14e8c93,0x0027d15,0x31d0d4f,
-        0x271777e,0x1533510,0x00ab603 } },
-    /* 182 */
-    { { 0x34c209d,0x14d0abb,0x270432a,0x1d02358,0x22ba752,0x209757f,
-        0x34af6fc,0x1ffc52e,0x1ced28e,0x1870e46,0x1e0340f,0x3f0bf73,
-        0x33ba91d,0x2ebca7c,0x00c6580 },
-      { 0x1d442cb,0x0879d50,0x24e4ae1,0x3f4e91c,0x04c7727,0x093cd1d,
-        0x16d6a45,0x10a8b95,0x0c77856,0x361f84f,0x217845f,0x0bbeec6,
-        0x0485718,0x33c5385,0x00dcec0 } },
-    /* 183 */
-    { { 0x1539819,0x225507a,0x1bf11cb,0x13e7653,0x0c8cb3b,0x05f695e,
-        0x353f634,0x2827874,0x3fb8053,0x22de9a5,0x035d8b7,0x2105cc7,
-        0x2a7a98d,0x35bed95,0x0085748 },
-      { 0x1859c5d,0x00e51f0,0x22a21fd,0x3054d74,0x06ce965,0x328eab7,
-        0x26a13e0,0x13bfc65,0x01d4fb1,0x36600b9,0x36dd3fc,0x01232ed,
-        0x15bbaa9,0x0ad7a51,0x0089b18 } },
-    /* 184 */
-    { { 0x3360710,0x1eb5a90,0x136bd77,0x3bd57a6,0x0841287,0x12886c9,
-        0x35c6700,0x21bc6eb,0x25f35ad,0x3bcb01c,0x0707e72,0x23e9943,
-        0x03e5233,0x34bb622,0x002bf8e },
-      { 0x16e0d6a,0x04b3d2d,0x290cb02,0x049a10c,0x350537e,0x22cf71b,
-        0x3184a19,0x2dc8b62,0x2350210,0x3b4afa6,0x159781e,0x1d01b6d,
-        0x1853440,0x16442f0,0x005a78d } },
-    /* 185 */
-    { { 0x348b02c,0x1ea8ab5,0x3b954d5,0x14684ac,0x0be5b34,0x11c4496,
-        0x0a7a456,0x14f6eb7,0x11a3221,0x2d65f82,0x32eb1ea,0x09c4018,
-        0x3f301f3,0x32e8a1c,0x00bd9ad },
-      { 0x0543f7f,0x31e744e,0x1fefd1d,0x24a486c,0x1000220,0x3977e3b,
-        0x1b3ef51,0x2512a1b,0x2049e6b,0x122232b,0x391a32b,0x2f4a7b1,
-        0x1c13e71,0x081a9b4,0x00d3516 } },
-    /* 186 */
-    { { 0x1924f43,0x1ae5495,0x28d52ef,0x2b93e77,0x2d2f401,0x371a010,
-        0x33e8d7a,0x06ed3f1,0x30c0d9d,0x2589fa9,0x3bf3567,0x2ecf8fa,
-        0x2dee4c3,0x152b620,0x007e8a2 },
-      { 0x1924407,0x01bd42d,0x044a089,0x18686b5,0x2f14a0e,0x17cdce3,
-        0x0efa216,0x3c586a8,0x1d6ae71,0x375831f,0x3175894,0x20e43eb,
-        0x34c009e,0x3480527,0x00d115c } },
-    /* 187 */
-    { { 0x12abf77,0x38b0769,0x25682f2,0x295508c,0x0c2a0dc,0x1259b73,
-        0x023ea25,0x340e7b5,0x3c7cd0d,0x1f92324,0x176405c,0x1528894,
-        0x18f2e1e,0x2c59c35,0x001efb5 },
-      { 0x0fb1471,0x07e7665,0x141da75,0x07d9f4a,0x0fdb31e,0x0dccda6,
-        0x074eb25,0x3d92a9b,0x11189a0,0x1b4c557,0x24b8d2b,0x0533f92,
-        0x0e9e344,0x2fa3dea,0x008d5a4 } },
-    /* 188 */
-    { { 0x2669e98,0x1ad3514,0x2a035c9,0x08a3f50,0x24547f9,0x0a145d3,
-        0x1c1319d,0x3fe833d,0x1ae064b,0x1e01734,0x246d27e,0x3a2f13c,
-        0x01e1150,0x263f55e,0x00f89ef },
-      { 0x2e0b63f,0x3e57db7,0x23a4b4f,0x11c8899,0x0ad8500,0x348f3a7,
-        0x2918604,0x27d6409,0x1ce5001,0x38f94c2,0x29a508a,0x39bdc89,
-        0x3a52c27,0x194899e,0x00e9376 } },
-    /* 189 */
-    { { 0x0368708,0x34a2730,0x2e1da04,0x0bd78c1,0x2c45887,0x0c44bfa,
-        0x3a23de3,0x390b9db,0x1746efd,0x05c638e,0x1d20609,0x3263370,
-        0x31987f0,0x2988529,0x005fa3c },
-      { 0x0aa9f2a,0x20622f7,0x060deee,0x0c9626a,0x3312cc7,0x18ebac7,
-        0x008dd6c,0x0ad4fe6,0x3db4ea6,0x1dc3f50,0x090b6e9,0x0aff8d2,
-        0x26aa62c,0x18f3e90,0x00105f8 } },
-    /* 190 */
-    { { 0x38059ad,0x25e576c,0x3ea00b2,0x1fa4191,0x25686b7,0x2d1ce8f,
-        0x30470ed,0x3478bbf,0x340f9b6,0x1c9e348,0x3d594ec,0x2ffe56e,
-        0x3f23deb,0x0cd34e9,0x00f4b72 },
-      { 0x1a83f0b,0x2166029,0x28b32a2,0x06a5c5a,0x20786c4,0x0944604,
-        0x0901bd2,0x379b84e,0x221e2fe,0x0346d54,0x1f4eb59,0x01b8993,
-        0x2462e08,0x25f9d8b,0x006c4c8 } },
-    /* 191 */
-    { { 0x0b41d9d,0x2e417ed,0x265bd10,0x199148e,0x3826ca4,0x1a67e8d,
-        0x1bbd13b,0x23e414d,0x3d773bc,0x356e64c,0x0d2118a,0x0cb587f,
-        0x25fd093,0x24fb529,0x00158c6 },
-      { 0x2806e63,0x3ecaa39,0x251b4dd,0x3b2d779,0x2e31ed3,0x066f1a6,
-        0x060e518,0x2c7e3e5,0x0d62c76,0x0d88a70,0x101970a,0x1e3c8c6,
-        0x272b8bb,0x083e73b,0x0031f38 } },
-    /* 192 */
-    { { 0x09e1c72,0x072bcb0,0x0cf4e93,0x2604a64,0x00715f2,0x10c98b6,
-        0x2ad81d9,0x234fcce,0x37a7304,0x1974a4a,0x1c7415f,0x14aaa93,
-        0x19587b1,0x3f643f4,0x00c3d10 },
-      { 0x1ddadd0,0x2cd715d,0x294cf76,0x14479ed,0x19f5f4a,0x0198c09,
-        0x1ab7ebc,0x182c0bc,0x0879202,0x1807273,0x05d39da,0x2c7d868,
-        0x29c4ec4,0x1b13ad2,0x006dcd7 } },
-    /* 193 */
-    { { 0x1c83f01,0x0245bff,0x24f90ba,0x112554f,0x2354c8b,0x3f17988,
-        0x0c511af,0x39e1e9b,0x26ae95b,0x0ae551c,0x35b41a6,0x0120455,
-        0x1e989cb,0x1b37aff,0x00fa2ae },
-      { 0x324659a,0x1aef1c3,0x1c43637,0x3f530a2,0x313a999,0x326af62,
-        0x134184e,0x2ac131c,0x3f6a789,0x30a300a,0x13e526e,0x2107af3,
-        0x093a8ff,0x2479902,0x00442b1 } },
-    /* 194 */
-    { { 0x22b6e20,0x31b18be,0x18614ca,0x26fdb5a,0x197f29e,0x325b44b,
-        0x0ab1dbb,0x042348a,0x3275e8e,0x15bae44,0x0077124,0x2cf5345,
-        0x2803ad4,0x188f2a2,0x0061b20 },
-      { 0x2a560b1,0x3ced069,0x3cf42c2,0x100e167,0x3879e1d,0x0936ff0,
-        0x1b51450,0x14c55f3,0x3153bfa,0x2957423,0x2a93823,0x15f5dce,
-        0x2c9a22f,0x16731a8,0x00a97f2 } },
-    /* 195 */
-    { { 0x18edbbb,0x18c5ef9,0x1f13c30,0x071e77f,0x225ade5,0x1b60f75,
-        0x1beaf11,0x3e495ad,0x2441dd8,0x2fa00e2,0x32a87b6,0x00050f2,
-        0x038de7f,0x0037d6d,0x00a885d },
-      { 0x39e48bd,0x1d9e433,0x2768e9f,0x3c29458,0x3f0bdf9,0x35ed5f2,
-        0x36709fa,0x176dc10,0x012f7c1,0x2df8547,0x1d90ee3,0x053c089,
-        0x21a8d35,0x200cb0d,0x002e84e } },
-    /* 196 */
-    { { 0x23ec8d8,0x1d81f55,0x0cb7227,0x07f8e4d,0x2a66181,0x163f577,
-        0x272e7af,0x131a8f2,0x2046229,0x25e6276,0x36bbefe,0x2cdc22f,
-        0x17c8288,0x33dd4fb,0x000d524 },
-      { 0x330c073,0x1a6728b,0x1cf369f,0x12e7707,0x2f0fa26,0x17c2abd,
-        0x0a45680,0x26ebd13,0x3c7d19b,0x1c3d6c8,0x2abd110,0x064fd07,
-        0x09b8339,0x02b4a9f,0x009e3e1 } },
-    /* 197 */
-    { { 0x0ae972f,0x2093c35,0x06e7a90,0x0af1ba1,0x243eef0,0x2748582,
-        0x0606122,0x13a45f9,0x0acfe60,0x08a685e,0x0eb184b,0x015bc11,
-        0x0cdf423,0x157fad5,0x004fcad },
-      { 0x2728d15,0x3e5bceb,0x0331a0f,0x31b1a80,0x28a2680,0x3b94955,
-        0x04cae07,0x176b57e,0x03ac5a6,0x3d7918b,0x22d23f4,0x0ae077f,
-        0x1eb075d,0x006f16c,0x006e473 } },
-    /* 198 */
-    { { 0x38219b9,0x0475a2b,0x107a774,0x39946c6,0x1cb883c,0x004e0ed,
-        0x087e571,0x25c3497,0x059982f,0x0a71f66,0x118305d,0x1aaf294,
-        0x3a5dbaa,0x34be404,0x00725fe },
-      { 0x3abd109,0x336ebea,0x2528487,0x15a1d61,0x0c0f8cf,0x2b56095,
-        0x2591e68,0x3549a80,0x1d1debb,0x0701c6c,0x161e7e3,0x1f7fa2e,
-        0x3dfe192,0x17e6498,0x0055f89 } },
-    /* 199 */
-    { { 0x175645b,0x26c036c,0x0b92f89,0x09ed96d,0x351f3a6,0x19ce67b,
-        0x33ac8db,0x2f0828b,0x27fe400,0x0b9c5e1,0x1967b95,0x3324080,
-        0x11de142,0x1d44fb3,0x003d596 },
-      { 0x3979775,0x3af37b6,0x3e88d41,0x2f1a8b9,0x299ba61,0x085413c,
-        0x1149a53,0x0beb40e,0x31427ba,0x239f708,0x357d836,0x1558c22,
-        0x280a79f,0x1b255f6,0x002b6d1 } },
-    /* 200 */
-    { { 0x39ad982,0x3d79d89,0x01a684a,0x0b6722e,0x39bb4c9,0x39a6399,
-        0x1ad44e0,0x3059f5e,0x048265f,0x33a2fa4,0x0c3a4cc,0x0d7df98,
-        0x23a33f1,0x34e2e21,0x00a0a10 },
-      { 0x386efd9,0x1c91f34,0x06c2e19,0x3e6d48d,0x00eefd3,0x2181ef2,
-        0x2415f97,0x1d33b08,0x0625086,0x1e8aa3e,0x08c9d60,0x0ab427b,
-        0x2764fa7,0x3b7943e,0x00cd9f0 } },
-    /* 201 */
-    { { 0x1a46d4d,0x0e471f4,0x1693063,0x0467ac0,0x22df51c,0x127a0f7,
-        0x0498008,0x20e0b16,0x1aa8ad0,0x1923f42,0x2a74273,0x01761ce,
-        0x1600ca4,0x187b87e,0x00ee49e },
-      { 0x0c76f73,0x19daf92,0x0b2ad76,0x3d8049d,0x1d9c100,0x0fe1c63,
-        0x0bb67c8,0x035cc44,0x02002fc,0x37b2169,0x344656a,0x1127879,
-        0x1939bc0,0x0dd8df6,0x0028ce7 } },
-    /* 202 */
-    { { 0x0544ac7,0x26bdc91,0x042697e,0x356e804,0x1f2c658,0x2ceb7ef,
-        0x2dec39f,0x02c1dcc,0x391a2df,0x2344beb,0x2171e20,0x3099c94,
-        0x0fa548a,0x37216c9,0x00f820c },
-      { 0x0f4cf77,0x29bbaa5,0x33c6307,0x34a5128,0x118c783,0x2dd06b1,
-        0x139d4c0,0x2db912e,0x1153ffb,0x1075eb3,0x3a255e4,0x2892161,
-        0x36d5006,0x125338c,0x0014fbc } },
-    /* 203 */
-    { { 0x1584e3c,0x0830314,0x00279b9,0x167df95,0x2c7733c,0x2108aef,
-        0x0ce1398,0x35aaf89,0x012523b,0x3c46b6a,0x388e6de,0x01a2002,
-        0x0582dde,0x19c7fa3,0x007b872 },
-      { 0x1e53510,0x11bca1f,0x19684e7,0x267de5c,0x2492f8b,0x364a2b0,
-        0x080bc77,0x2c6d47b,0x248432e,0x3ace44f,0x32028f6,0x0212198,
-        0x2f38bad,0x20d63f0,0x00122bb } },
-    /* 204 */
-    { { 0x30b29c3,0x3cec78e,0x01510a9,0x0c93e91,0x3837b64,0x1eca3a9,
-        0x105c921,0x05d42e6,0x1379845,0x07ce6f2,0x0e8b6da,0x0e0f093,
-        0x220b2cd,0x1f6c041,0x00299f5 },
-      { 0x0afdce3,0x2b0e596,0x2f477b6,0x2ccf417,0x3a15206,0x26ec0bf,
-        0x2e37e2b,0x2593282,0x0ab9db3,0x2841dd8,0x27954be,0x277a681,
-        0x03f82e2,0x2b610c7,0x00446a1 } },
-    /* 205 */
-    { { 0x06b8195,0x3b3a817,0x31b9c6f,0x317d279,0x3d744a7,0x1de9eb9,
-        0x296acc1,0x1ce9ea3,0x06c3587,0x246815d,0x3756736,0x0588518,
-        0x1c971a4,0x1fde1f4,0x00aa021 },
-      { 0x3fd3226,0x274561d,0x00be61e,0x01393d8,0x30f6f23,0x29b7fc1,
-        0x04cebc7,0x0a892a7,0x20109f1,0x27456be,0x0c863ee,0x2eb6c8a,
-        0x38c782b,0x039397a,0x00a2829 } },
-    /* 206 */
-    { { 0x29de330,0x21fe80f,0x145b55b,0x1986570,0x012b260,0x2482fbc,
-        0x0536e0a,0x16b7382,0x32c4d19,0x1deffdb,0x145f418,0x0c67a76,
-        0x2ce477f,0x218fe24,0x00f9848 },
-      { 0x3e37657,0x3f074d3,0x245ad0e,0x20973c3,0x23c58de,0x2c332ef,
-        0x2ad21a8,0x0bf1589,0x208af95,0x1f4a8c4,0x2b43735,0x1e46657,
-        0x15d4f81,0x0c3e63a,0x005f19d } },
-    /* 207 */
-    { { 0x26865bb,0x20f6683,0x16a672e,0x0efd8d1,0x222f5af,0x18f2367,
-        0x1e9c734,0x25c3902,0x178dfe6,0x2903a79,0x311b91c,0x1adbbe9,
-        0x225a387,0x0b3e509,0x0089551 },
-      { 0x34e462b,0x23b6a32,0x27c884c,0x129104b,0x384c015,0x3adedc7,
-        0x325db1c,0x021dc10,0x1e366f7,0x3054df7,0x1992b9a,0x2824e64,
-        0x0ae77f3,0x181b526,0x00a7316 } },
-    /* 208 */
-    { { 0x2d260f5,0x2434bf2,0x28c0139,0x0a7bb03,0x176c3be,0x3def5f5,
-        0x05bee00,0x3692df7,0x3d2efeb,0x3a6f859,0x1122b87,0x38f779a,
-        0x1415ccc,0x2c260ad,0x0075a28 },
-      { 0x04607a6,0x042f37a,0x3f0df68,0x0a1bd36,0x3c6d581,0x2d36bfa,
-        0x2d577d1,0x0a3affa,0x0b2066b,0x2e6f110,0x0b17e84,0x3c76a5e,
-        0x1a57553,0x012f36a,0x0004595 } },
-    /* 209 */
-    { { 0x29e5836,0x0e6808c,0x269d13e,0x147dc5c,0x32c9e7d,0x09b258e,
-        0x2c58d6f,0x1efd716,0x0437996,0x34ec31b,0x15908d9,0x2efa8fd,
-        0x09ad160,0x079fc1f,0x00d8481 },
-      { 0x3d20e4a,0x18269d6,0x3aa8fe7,0x34829c2,0x2e4325d,0x0d800e1,
-        0x11f370b,0x10c08dc,0x22fd092,0x1a5fe55,0x0acc443,0x037030d,
-        0x1cdd404,0x097379e,0x00fd6d7 } },
-    /* 210 */
-    { { 0x313eafb,0x3f438f3,0x2e5fb3e,0x2ed6a82,0x121009c,0x240889e,
-        0x00c5537,0x269b792,0x334b2fc,0x1dd573c,0x07096ae,0x19296fc,
-        0x3813985,0x2742f48,0x00ddd64 },
-      { 0x2045041,0x3842c62,0x1572d0d,0x04f255f,0x06e05b4,0x383ec97,
-        0x1ff8064,0x18bed71,0x39b6411,0x2764cc5,0x257439f,0x3521217,
-        0x172aa42,0x342a2a3,0x0070c5b } },
-    /* 211 */
-    { { 0x3bdf646,0x1c5ce25,0x1f7ca76,0x2d2acca,0x3aa1485,0x23c97f7,
-        0x3e11d6f,0x0609338,0x07ec622,0x01da8ff,0x3392474,0x17ca07f,
-        0x13a9a04,0x353a5b4,0x0024557 },
-      { 0x14c27cd,0x32012f7,0x3fea875,0x3d03d71,0x211c5f0,0x3157fdf,
-        0x0c880bd,0x3c406b2,0x2c51103,0x24ab377,0x399faa8,0x0d06887,
-        0x16b5738,0x28b33a7,0x00c7b67 } },
-    /* 212 */
-    { { 0x2357586,0x35c93e3,0x0da09a0,0x3d77d92,0x11d7f4f,0x37b98a9,
-        0x3e6c9bf,0x2cdca70,0x2f00389,0x2412673,0x18eab87,0x0101436,
-        0x11617e9,0x06d9b01,0x00e8eef },
-      { 0x37e3ca9,0x16ffaf0,0x391debf,0x1b69382,0x07c5e94,0x312fa8a,
-        0x0973142,0x2cadde4,0x109ee67,0x3a07db0,0x1afc5ed,0x08df66f,
-        0x304c7af,0x0804aae,0x00d2e60 } },
-    /* 213 */
-    { { 0x24f57bf,0x1818322,0x182a615,0x25bfc44,0x0f97586,0x0a5bbc0,
-        0x36773c6,0x1a2660c,0x3ceff66,0x3270152,0x319cd11,0x2845845,
-        0x1acfad6,0x19076f8,0x009824a },
-      { 0x289fd01,0x2de97ee,0x39d80b7,0x026227d,0x0f8d3b8,0x15e0a17,
-        0x21ea08f,0x20a2317,0x136ae6d,0x3deb1d1,0x3521ef5,0x0de8801,
-        0x0a25d5d,0x0612c98,0x005ecc4 } },
-    /* 214 */
-    { { 0x308c8d3,0x3aec669,0x01ecddc,0x13f18fe,0x1e63ed0,0x061cfe5,
-        0x05f5a01,0x1db5741,0x14479f2,0x0ced6b5,0x025ae5b,0x09ca8f5,
-        0x2160581,0x1404433,0x008bfeb },
-      { 0x08228bf,0x0e02722,0x37df423,0x33ecabf,0x34bd82a,0x32f529f,
-        0x28f1800,0x0c8f671,0x1246b44,0x1ff35dc,0x091db95,0x303f3da,
-        0x28f7f60,0x3624136,0x00cfbb4 } },
-    /* 215 */
-    { { 0x326139a,0x2977e4e,0x3eb89a6,0x20ecb31,0x13e076a,0x2a592f3,
-        0x28e82d5,0x235ad1e,0x239b927,0x262938a,0x2444354,0x141b263,
-        0x0d56693,0x2a3fc78,0x0006497 },
-      { 0x31efa05,0x3a3664a,0x3e333de,0x2a114e4,0x12da63c,0x3c15e6b,
-        0x2f7277c,0x363aa92,0x2393236,0x16bd2d1,0x32b617f,0x32b656c,
-        0x3b1246c,0x22e2e22,0x00ce76d } },
-    /* 216 */
-    { { 0x03843dc,0x094de82,0x13b463d,0x0507905,0x089eb35,0x2a6bf25,
-        0x35ebc4e,0x2bb5d45,0x1808ed1,0x1de9949,0x185e829,0x0a55847,
-        0x0b73d67,0x1a2ed61,0x008dd2d },
-      { 0x133c3a4,0x04e7980,0x38ea237,0x2ad2f49,0x19de838,0x018bf36,
-        0x29b072c,0x21c1ba0,0x14f63ba,0x31c1cc3,0x13cd05e,0x20120ff,
-        0x1f84d60,0x16e0321,0x00872ab } },
-    /* 217 */
-    { { 0x19d4d49,0x1ddb4e6,0x05e7fc0,0x37bb0fd,0x1a3eb59,0x36b87f0,
-        0x190e440,0x1c7fef2,0x31ea153,0x14cd65a,0x1bc7ab2,0x11f72ca,
-        0x39582d4,0x0fa4d65,0x00cd5b6 },
-      { 0x3d1ff11,0x0d9be9d,0x2903ae3,0x017b7b9,0x259f28f,0x110cefc,
-        0x03fed1a,0x38039bd,0x09bdf9c,0x3055027,0x2ca9c5d,0x2d737b6,
-        0x3bdb421,0x16560b5,0x00f9f33 } },
-    /* 218 */
-    { { 0x022c792,0x110de25,0x38bf959,0x08f2562,0x1239ea9,0x3c1d950,
-        0x21a247d,0x315112d,0x285bb9f,0x2534a73,0x0b42455,0x1a4a99c,
-        0x069009a,0x1680392,0x006e0ca },
-      { 0x1b3bece,0x269e0a1,0x18926b7,0x0e7187e,0x241f35e,0x39d1fe0,
-        0x02099aa,0x1675bfe,0x23fd0ca,0x3d6322b,0x19406b5,0x324c38a,
-        0x242434a,0x3ae677c,0x002ce04 } },
-    /* 219 */
-    { { 0x2c37b82,0x1ae6506,0x0d83436,0x23496c1,0x0ff0c72,0x2711edf,
-        0x1513611,0x04f9c7d,0x1edbeff,0x376fcb5,0x212a683,0x23bf547,
-        0x0f9c4f7,0x16e6627,0x0082cd8 },
-      { 0x0cb5d37,0x31b6db8,0x1a15e23,0x2f5cbb8,0x0818aee,0x21dc6c5,
-        0x12aafd2,0x205f608,0x1d91def,0x3def088,0x1445c51,0x3100e8a,
-        0x3746bda,0x145c4b0,0x00711b0 } },
-    /* 220 */
-    { { 0x2a99ecc,0x27b5217,0x35e10ed,0x036e32a,0x0f79950,0x15c32f7,
-        0x2c87dcb,0x3ebb2a3,0x2c2d35d,0x114b3ec,0x2e4d80a,0x0c7eb89,
-        0x2abe58d,0x3727737,0x00e6a37 },
-      { 0x1eca452,0x1968d07,0x344e5d3,0x29435a2,0x109a5f8,0x181d12c,
-        0x238ea5a,0x127a564,0x00dbb42,0x0fcbfb7,0x2909b2e,0x2571d3a,
-        0x08250e3,0x0694e4e,0x00e156d } },
-    /* 221 */
-    { { 0x3181ae9,0x1acf411,0x3808d79,0x2a11065,0x0baf44b,0x133cfeb,
-        0x1330943,0x1711b9a,0x2dec3bd,0x1906a9a,0x2ed947c,0x369d763,
-        0x1a5254f,0x104a7a9,0x00acd9d },
-      { 0x030301b,0x31568f5,0x2a4965c,0x33ded4b,0x03c9a5b,0x16541fc,
-        0x1319cf1,0x2a3748b,0x1b5de74,0x18bb82e,0x077ac2b,0x309a87a,
-        0x3c31420,0x0f6a4b9,0x00387d7 } },
-    /* 222 */
-    { { 0x0d3fdac,0x120cfa3,0x1b8e13c,0x1ccccb9,0x376fcd4,0x0bf87f4,
-        0x271b4be,0x363b3fd,0x28b5d98,0x0535cd3,0x114bbc1,0x3ab4f19,
-        0x10494b1,0x2161ece,0x00d14ca },
-      { 0x12d37e9,0x110ebd7,0x062295a,0x1cc0119,0x073c6ea,0x15d5411,
-        0x0aeb4b1,0x23fba91,0x175fab5,0x3ee8fe1,0x1c680a6,0x1e76f27,
-        0x3ddfc97,0x3d69ecd,0x00e1ee5 } },
-    /* 223 */
-    { { 0x2d29f46,0x2d19204,0x3137cd0,0x02c3b54,0x193295b,0x02fbdb2,
-        0x2260948,0x22c02ff,0x3885424,0x1299595,0x00e7f9c,0x310ff2a,
-        0x01ea169,0x0deef85,0x0021908 },
-      { 0x1b26cfb,0x38566a8,0x2852875,0x21debff,0x290ca9f,0x0b29663,
-        0x26550d9,0x2b44457,0x05d1938,0x1f8f825,0x366ef93,0x1d8daec,
-        0x069e5ef,0x342ece6,0x00b6034 } },
-    /* 224 */
-    { { 0x2d8356e,0x1578c09,0x226f4d2,0x3b74c51,0x0f83666,0x0323b59,
-        0x1ddf61d,0x1ed8508,0x3c52667,0x0e5b91c,0x1e9b18b,0x352bdfa,
-        0x13f75da,0x352aa4e,0x00fceff },
-      { 0x1c731d5,0x04e2844,0x01d9843,0x286cbc5,0x105bcb3,0x05edd9c,
-        0x21fa956,0x3b1ec83,0x01288cc,0x22fbf3a,0x10f1b56,0x081cf72,
-        0x15cb758,0x18687c1,0x00f5722 } },
-    /* 225 */
-    { { 0x2973088,0x1209dcd,0x3980f31,0x0221aa7,0x1c008e7,0x011b098,
-        0x395947e,0x2f2806d,0x27dca76,0x037c79a,0x31acddf,0x2bf6219,
-        0x0d8f4ab,0x13644d9,0x00ff705 },
-      { 0x2260594,0x18d51f8,0x277e2cf,0x1cb5cec,0x2468a53,0x3e6f4d7,
-        0x019e24e,0x0f30f1d,0x0202404,0x34ad287,0x090b39c,0x23c11ea,
-        0x1a2e3a2,0x3a851be,0x00dca2c } },
-    /* 226 */
-    { { 0x3277538,0x221cd94,0x3738ab7,0x0973da5,0x1a734e2,0x2c8b8b0,
-        0x2e1d1e6,0x348499b,0x389ebe1,0x18b1854,0x02bb076,0x1b2b500,
-        0x0f207f3,0x170cf99,0x0012088 },
-      { 0x0fbfec2,0x1df55a4,0x34ae59e,0x2ab5e95,0x3f9e781,0x3411794,
-        0x1410b05,0x17c3a00,0x0aaa91b,0x074ed7c,0x3fbb352,0x3477c01,
-        0x3ee9ab3,0x0cfb1ca,0x0011c4b } },
-    /* 227 */
-    { { 0x3c3a7f3,0x2e60ca0,0x2354d32,0x33e2362,0x28083ab,0x03d3b16,
-        0x3164045,0x0a41f7a,0x3f0641e,0x38635d1,0x31bbf03,0x225e2bb,
-        0x0cd894e,0x1f72228,0x0093244 },
-      { 0x33d5897,0x383faf3,0x0e6d561,0x0bc4d80,0x3fc3a68,0x05a9adc,
-        0x0b9d73d,0x3d6031e,0x2ded29b,0x339c4ff,0x08d69e5,0x089488c,
-        0x3fda40a,0x295c7fd,0x003a924 } },
-    /* 228 */
-    { { 0x0093bee,0x115532d,0x2ec0fb6,0x0969631,0x3a6d65a,0x0f43b4d,
-        0x26994d4,0x0b51104,0x2515515,0x3695a26,0x284caa8,0x397aa30,
-        0x25538b8,0x353f47c,0x0033f05 },
-      { 0x3615d6e,0x37f8246,0x07dae0f,0x23dc154,0x02ded7e,0x1eef320,
-        0x1631e51,0x3447f75,0x13e267f,0x353e1d1,0x3f89d62,0x369c8ff,
-        0x1a21dc6,0x2b8b8f3,0x0055cbc } },
-    /* 229 */
-    { { 0x34e84f3,0x2f2539a,0x2c35336,0x0c53bdc,0x1728630,0x3ad5fe6,
-        0x05fdeee,0x3386db6,0x272a42e,0x29fd38c,0x36f0320,0x21b2ed4,
-        0x331e67f,0x28ae48c,0x00f09b6 },
-      { 0x2778435,0x0fb3c55,0x32d221d,0x2660c8e,0x32977ba,0x1c12f03,
-        0x1b57fb1,0x01229a8,0x38b389f,0x375ddf3,0x2c6b42c,0x3885d3e,
-        0x2c55a9c,0x2ffc279,0x00404e2 } },
-    /* 230 */
-    { { 0x04c5ddb,0x2c4d788,0x150e9b9,0x110fbfd,0x29dbfe0,0x30ef83d,
-        0x2ab4bfe,0x395bcd7,0x30d0a43,0x0e2d30f,0x0e73f9b,0x07199cc,
-        0x0c9054c,0x22f4b1e,0x0092ed3 },
-      { 0x386e27c,0x00fdaa8,0x0507c70,0x1beb3b6,0x0b9c4f4,0x277d519,
-        0x024ec85,0x1cbaba8,0x1524295,0x112be58,0x21fc119,0x273578b,
-        0x2358c27,0x280ca07,0x00aa376 } },
-    /* 231 */
-    { { 0x0dbc95c,0x16488cf,0x337a078,0x1abbcb8,0x0aae1aa,0x1caa151,
-        0x00108d4,0x1edf701,0x3e68d03,0x1203214,0x0c7eee2,0x084c572,
-        0x07752d2,0x215a3b9,0x00195d3 },
-      { 0x2cd7fbe,0x06e80f6,0x052bd4b,0x07b4f83,0x24b5ac6,0x2aaded4,
-        0x13c0526,0x0ffa9a3,0x08c660e,0x13c35c9,0x3145efb,0x36cfe24,
-        0x0936daf,0x268e3d0,0x00a73fd } },
-    /* 232 */
-    { { 0x31b17ce,0x2e7bcee,0x3f31891,0x19f1849,0x1140236,0x015487f,
-        0x32e58d3,0x202204a,0x049e350,0x1ce91f9,0x3f75150,0x27f212f,
-        0x0d16ee4,0x1c894c4,0x004023f },
-      { 0x33399fa,0x2397b6d,0x2a3ea60,0x36354ca,0x1f12632,0x117a105,
-        0x22758e8,0x361844e,0x3851fc2,0x0ab92db,0x339d02f,0x1e7d6c4,
-        0x19ebd38,0x0a9a036,0x00446d2 } },
-    /* 233 */
-    { { 0x3e164f1,0x008c092,0x19200f5,0x35a22e0,0x38d09d2,0x212b3bf,
-        0x0056f19,0x3a03545,0x1f075e9,0x0e97137,0x1f496a9,0x32d1f9b,
-        0x36bf738,0x35ace37,0x00899e1 },
-      { 0x19eb2a6,0x21fa22d,0x338b69e,0x18e6d1f,0x1280d9d,0x1953a55,
-        0x1411ea3,0x2960566,0x0fd969a,0x1f3e375,0x130742a,0x170aebd,
-        0x33085ff,0x14d868d,0x00a4391 } },
-    /* 234 */
-    { { 0x0a4bdd2,0x39ca8ea,0x37026ac,0x346da3b,0x0c656cd,0x03136b6,
-        0x233e7e9,0x0714352,0x08a9d95,0x192bb38,0x085d68e,0x20016b8,
-        0x102b8ea,0x1f5dbdd,0x00fdd7a },
-      { 0x0d6fa45,0x3ec29a6,0x2b8cce6,0x1c84413,0x0228f86,0x28275f7,
-        0x3d8787d,0x0c19748,0x28b2ae9,0x1954850,0x2a56c36,0x3eae8f7,
-        0x0aca595,0x00e42a2,0x00edbe5 } },
-    /* 235 */
-    { { 0x3b26c82,0x3682b6f,0x2f9cd64,0x0f254b0,0x0e5d70b,0x1f9dfda,
-        0x28f365f,0x35a57d7,0x00208f2,0x19c8d38,0x112e7be,0x3e403bb,
-        0x3734efa,0x24d12b3,0x0027dc6 },
-      { 0x260a46a,0x13fd7b0,0x1c2880e,0x338b70c,0x27da5eb,0x29a7d54,
-        0x1c5d73c,0x2130921,0x32969cc,0x2b37eda,0x2d6d4ec,0x0716bfb,
-        0x0763703,0x1320889,0x00c7bbf } },
-    /* 236 */
-    { { 0x1fe01b2,0x2dcb1d2,0x11b89d5,0x219e4ea,0x0347851,0x3d1810e,
-        0x3a3c54c,0x06dbe8e,0x03d3ab2,0x2dcfa39,0x3e57b8a,0x337a382,
-        0x0426450,0x0e9f748,0x006488b },
-      { 0x1dc4582,0x0e62cf7,0x06fea9e,0x2a56fb1,0x31698c1,0x15b4e10,
-        0x1446ef1,0x0a689fc,0x1d87703,0x20ff497,0x2c71066,0x2c48868,
-        0x2e6cf05,0x30aa9cb,0x0065b2d } },
-    /* 237 */
-    { { 0x1021d63,0x2217df3,0x1f0821a,0x057fa98,0x23f344b,0x173dcf9,
-        0x1ba6ddc,0x22c8eb5,0x18f227a,0x0455343,0x1c55931,0x1d0dcf3,
-        0x20fa19b,0x1c56618,0x004feab },
-      { 0x19ec924,0x224e39f,0x2550509,0x179b51f,0x284d54a,0x2d85d41,
-        0x2d1bdc1,0x1a29068,0x3826158,0x1267f85,0x3005a92,0x0769e00,
-        0x379b617,0x17b5f63,0x00a70bf } },
-    /* 238 */
-    { { 0x22216c5,0x049437f,0x33510bc,0x141d806,0x22c37e2,0x1bc1adf,
-        0x300175d,0x2e6ded8,0x0a18bfe,0x35377a3,0x382f843,0x08410ca,
-        0x00afd4f,0x0be6c6b,0x008d70e },
-      { 0x2e91abb,0x1cede2a,0x28f225c,0x28e18c0,0x30230dc,0x173cc2d,
-        0x123ecfe,0x3c9962e,0x2c25506,0x27b5d53,0x329a5e3,0x106e231,
-        0x3889b8e,0x3b0aeaf,0x00ee67c } },
-    /* 239 */
-    { { 0x3e46c65,0x0eb3d46,0x1d7ae18,0x23f9d59,0x2978953,0x2589ed3,
-        0x073391d,0x2461e1e,0x0c19f1d,0x22fd2b1,0x0691f5c,0x2e67d8d,
-        0x1fb985d,0x200dd28,0x00a68df },
-      { 0x392b5fa,0x123b46f,0x1c323c4,0x104f82f,0x0a098c8,0x26fc05b,
-        0x34cd557,0x0913639,0x09c115e,0x3977c34,0x3410b66,0x062b404,
-        0x0213094,0x132c5e8,0x008b612 } },
-    /* 240 */
-    { { 0x26e3392,0x3b0ebf0,0x2e00425,0x1c285c8,0x3c07f84,0x08d5ad0,
-        0x028190e,0x1669b73,0x1ffb1ef,0x053b65f,0x063028c,0x0aceb47,
-        0x18988c2,0x0f09a30,0x0007072 },
-      { 0x0f49e7d,0x28c0bd3,0x252270d,0x24cfc4a,0x0c5e87c,0x2165052,
-        0x2cdd1d1,0x04931d2,0x3abca74,0x22b57dc,0x169fd47,0x0b928fb,
-        0x17cc3e7,0x21a1ec4,0x0061593 } },
-    /* 241 */
-    { { 0x1aa0486,0x2e55dea,0x15577b7,0x0d6818f,0x36e41fb,0x2a411f5,
-        0x17d5c7d,0x1eea6c0,0x28068a8,0x0e31d20,0x1f08ad9,0x117e973,
-        0x08a28ab,0x085d30a,0x00cd9fb },
-      { 0x347843d,0x1119095,0x11e3595,0x1b29584,0x134d64c,0x2ff3a35,
-        0x247ea14,0x099fc4b,0x2056169,0x145dd03,0x2ed03fb,0x1250e3b,
-        0x3f5135c,0x2b753f0,0x009da30 } },
-    /* 242 */
-    { { 0x0fa5200,0x214a0b3,0x313dc4e,0x23da866,0x3270760,0x15c9b8b,
-        0x39a53df,0x1f79772,0x3c9e942,0x2984901,0x154d582,0x1685f87,
-        0x2e1183e,0x1f79956,0x00b9987 },
-      { 0x15254de,0x3a5cac0,0x37c56f0,0x2c7c29b,0x292a56d,0x195be2c,
-        0x17e4e1a,0x0660f4a,0x052ad98,0x1267f80,0x07cfed8,0x194b4bc,
-        0x01738d3,0x14ba10f,0x00c7843 } },
-    /* 243 */
-    { { 0x29b2d8a,0x242bc1f,0x19646ee,0x0615f3c,0x0ac8d70,0x07ca3bf,
-        0x2d90317,0x2c83bdb,0x1a96812,0x39fdc35,0x31c61ee,0x2d55fd3,
-        0x2375827,0x355f189,0x00f1c9b },
-      { 0x21a6194,0x1f4050a,0x2b845cf,0x02c6242,0x2dd614e,0x3a4f0a9,
-        0x39de100,0x24714fb,0x175e0cd,0x0be633d,0x14befc3,0x13b0318,
-        0x1d68c50,0x299989e,0x00d0513 } },
-    /* 244 */
-    { { 0x059fb6a,0x2b6eb6a,0x3666a8e,0x39f6ca0,0x1cf8346,0x388b8d5,
-        0x35e61a3,0x271adec,0x22c9963,0x20a4fb3,0x16f241c,0x0058b89,
-        0x21ddafa,0x1ee6fde,0x00d2e6c },
-      { 0x0075e63,0x39894d0,0x0286d0d,0x187e7b2,0x02405aa,0x3f91525,
-        0x37830a8,0x2723088,0x2c7364e,0x013f406,0x104ba75,0x270f486,
-        0x3520b4d,0x3852bc6,0x00d589b } },
-    /* 245 */
-    { { 0x262e53b,0x1da93d1,0x3676135,0x147e41d,0x335ec2f,0x1f02be5,
-        0x297d139,0x22d6198,0x1fe9e59,0x13b4c80,0x1e70f60,0x2f1d4a9,
-        0x2d95149,0x14d6ec4,0x00b54af },
-      { 0x12c1c76,0x2930ac8,0x0dfd36e,0x31fac94,0x218f5bb,0x2828691,
-        0x1466cc9,0x3645e83,0x1a4dac2,0x1549593,0x0e95fab,0x19567d2,
-        0x27a3320,0x0642729,0x007487c } },
-    /* 246 */
-    { { 0x1e98e9c,0x2ff8df7,0x119975a,0x098a904,0x099b90b,0x336c7df,
-        0x010996d,0x159d46d,0x3118b3b,0x3aacd1b,0x31f8ae1,0x214864f,
-        0x398c104,0x089dae2,0x001ec4d },
-      { 0x1452baa,0x2f24991,0x2572ba3,0x162b312,0x2387d18,0x147c5c7,
-        0x38eff6e,0x0700251,0x37d931e,0x23cd5c1,0x254c8ca,0x3b9df37,
-        0x1c9a4ff,0x0bfd547,0x00fb489 } },
-    /* 247 */
-    { { 0x1b8dff8,0x2f6b40b,0x05a25b1,0x3f5688a,0x1d462f4,0x2802d18,
-        0x2aad8ed,0x1b46c75,0x3cf4130,0x250fefb,0x2a13fe1,0x23a1bcd,
-        0x0940442,0x04605fe,0x00c8b2f },
-      { 0x0d51afb,0x14a2abc,0x1d06762,0x291526c,0x2a3e2fe,0x28f77d9,
-        0x3ad8f2e,0x3481a1b,0x04b4fbd,0x2836733,0x0189ff5,0x3a5f533,
-        0x319a6cd,0x0f58667,0x00c3679 } },
-    /* 248 */
-    { { 0x1b85197,0x22426d4,0x2895ea3,0x342d324,0x3ffb17d,0x376cfcf,
-        0x30878b1,0x3c3c83a,0x0ffc57c,0x0ac174a,0x1abd57e,0x2f78b9c,
-        0x01b20d8,0x0a37103,0x007f2be },
-      { 0x19a2d48,0x137288a,0x182d655,0x0ba0dde,0x25130ba,0x01c65c6,
-        0x23205f1,0x2097621,0x2827cf2,0x2c57b98,0x03748f2,0x2db15fc,
-        0x385a0d4,0x13690c0,0x00a9e3f } },
-    /* 249 */
-    { { 0x3fbc9c6,0x2df3b20,0x377e33e,0x31d1505,0x024a311,0x3c1d9ff,
-        0x1377f74,0x00b6b20,0x2364ab7,0x184ab6b,0x2a77969,0x3f2db6c,
-        0x2a6adb7,0x0a10073,0x004a6fb },
-      { 0x1fc73de,0x2c74ab3,0x3d325e8,0x2346c0b,0x1d0efae,0x2076146,
-        0x19c190d,0x225c4fe,0x3fafc80,0x2cf063d,0x11b7ae7,0x3dc4f9d,
-        0x3c3f841,0x10d7c1f,0x000a4b3 } },
-    /* 250 */
-    { { 0x19b7d2e,0x28f1300,0x0b897dd,0x06b5371,0x0631c8d,0x336cc4f,
-        0x09cd6e1,0x2ec1952,0x1104c07,0x07512bb,0x35f000d,0x25f84e9,
-        0x1df4d8f,0x193f769,0x000e9ee },
-      { 0x2346910,0x267cecf,0x0ad7eaa,0x087e8a5,0x1622f69,0x342cbfa,
-        0x2aa20d0,0x206e88a,0x3991e58,0x093fb4b,0x0157180,0x3cecb5b,
-        0x2e17c9a,0x1ea371f,0x00919e6 } },
-    /* 251 */
-    { { 0x2250533,0x13f931d,0x3ef8c72,0x395f605,0x18a2080,0x1cb25d4,
-        0x2fb0f41,0x1c0ba8a,0x1eb17c0,0x266c433,0x09b7e3e,0x0e5d78f,
-        0x0cdc5bf,0x1f7c734,0x0020611 },
-      { 0x205ebd5,0x127986f,0x02c0fb0,0x1705b1e,0x1eb0bb5,0x2dffb42,
-        0x2331b8a,0x18fc04e,0x31d6328,0x17db162,0x0d3b619,0x193bdb9,
-        0x3f11662,0x2d8e694,0x0092c51 } },
-    /* 252 */
-    { { 0x08b364d,0x31ef20a,0x25c4a57,0x021ed07,0x14a562e,0x262a684,
-        0x1d21c66,0x126e5a6,0x181f3f8,0x2a93b65,0x1eb726b,0x08fbbce,
-        0x084f9a2,0x308f30a,0x0013159 },
-      { 0x23f4963,0x0c7960e,0x2a81739,0x2242b69,0x3965003,0x2aca542,
-        0x28a1c65,0x2ad48fb,0x149775f,0x1bbb7d2,0x0f2671b,0x3594b85,
-        0x22f5563,0x2470f13,0x00fed44 } },
-    /* 253 */
-    { { 0x0eb453e,0x3ab70fd,0x1a5b335,0x18f2b74,0x25ff74b,0x3612a46,
-        0x33d0d75,0x28cdda4,0x2b9b49b,0x22728fb,0x004c15b,0x1beb33b,
-        0x1a7e41f,0x0c9b702,0x004ef19 },
-      { 0x1ca3233,0x0b4c90f,0x1d4b53d,0x2428896,0x20ee405,0x151bc00,
-        0x022edb5,0x1adc463,0x00109ea,0x06490a6,0x30e91e6,0x3682b76,
-        0x23c50aa,0x3bd2665,0x005fe53 } },
-    /* 254 */
-    { { 0x0c28c65,0x3741ae4,0x247d372,0x0b04673,0x2176524,0x2c8bf20,
-        0x01fb806,0x3330701,0x307b0a7,0x3999fb7,0x1261bec,0x256679c,
-        0x3f22ac7,0x26e8673,0x00bc69d },
-      { 0x3c06819,0x35df344,0x379d009,0x2bb8a0a,0x0635a66,0x096c6fa,
-        0x1ac4a62,0x023e53b,0x0e45240,0x115f53d,0x3056af8,0x0a66b16,
-        0x3c386ee,0x1130e82,0x00cc384 } },
-    /* 255 */
-    { { 0x14c2356,0x190ec73,0x07be490,0x145d415,0x0740a48,0x1251301,
-        0x3eaf29d,0x2628190,0x079299a,0x26e95c9,0x2e05fdf,0x2ca7c5b,
-        0x32d7b48,0x3d84226,0x0033fb4 },
-      { 0x150f955,0x01240aa,0x3ddf867,0x137fb70,0x297e103,0x17eeda8,
-        0x1320b60,0x266ec84,0x13f4322,0x0c8f5ee,0x0590e4a,0x386815e,
-        0x00ce61f,0x161bd63,0x008e1d0 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_15(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_15(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 15);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 15, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 15, km);
-
-            err = sp_384_ecc_mulmod_base_15(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_15(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 15 + 15 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 15 + 15 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 15;
-
-        sp_384_from_mp(k, 15, km);
-        sp_384_point_from_ecc_point_15(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_15(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_15(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_15(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_15(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_15(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_15(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_15(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_add_one_15(sp_digit* a)
-{
-    a[0]++;
-    sp_384_norm_15(a);
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 18U) {
-            r[j] &= 0x3ffffff;
-            s = 26U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_15(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 15, buf, (int)sizeof(buf));
-            if (sp_384_cmp_15(k, p384_order2) <= 0) {
-                sp_384_add_one_15(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 15);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 15, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_15(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_15(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_15(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_15(point->x) || sp_384_iszero_15(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_15(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_15_ctx mulmod_ctx;
-    sp_digit k[15];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_15(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_15_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_15_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_15(ctx->point->x) ||
-                    sp_384_iszero_15(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_15(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_15(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<14; i++) {
-        r[i+1] += r[i] >> 26;
-        r[i] &= 0x3ffffff;
-    }
-    j = 391 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<15 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 26) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 26);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 15);
-    int err = MP_OKAY;
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 15, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 15, priv);
-        sp_384_point_from_ecc_point_15(point, pub);
-            err = sp_384_ecc_mulmod_15(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_15(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_15_ctx mulmod_ctx;
-    };
-    sp_digit k[15];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 15, priv);
-            sp_384_point_from_ecc_point_15(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_15_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_15(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_384_rshift_15(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<14; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (26 - n))) & 0x3ffffff);
-    }
-#else
-    for (i=0; i<8; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (26 - n)) & 0x3ffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (26 - n)) & 0x3ffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (26 - n)) & 0x3ffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (26 - n)) & 0x3ffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (26 - n)) & 0x3ffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (26 - n)) & 0x3ffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (26 - n)) & 0x3ffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (26 - n)) & 0x3ffffff);
-    }
-    r[8] = (a[8] >> n) | (sp_digit)((a[9] << (26 - n)) & 0x3ffffff);
-    r[9] = (a[9] >> n) | (sp_digit)((a[10] << (26 - n)) & 0x3ffffff);
-    r[10] = (a[10] >> n) | (sp_digit)((a[11] << (26 - n)) & 0x3ffffff);
-    r[11] = (a[11] >> n) | (sp_digit)((a[12] << (26 - n)) & 0x3ffffff);
-    r[12] = (a[12] >> n) | (sp_digit)((a[13] << (26 - n)) & 0x3ffffff);
-    r[13] = (a[13] >> n) | (sp_digit)((a[14] << (26 - n)) & 0x3ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[14] = a[14] >> n;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_384_mul_d_15(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 15; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x3ffffff);
-        t >>= 26;
-    }
-    r[15] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t[15];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    t[ 7] = tb * a[ 7];
-    t[ 8] = tb * a[ 8];
-    t[ 9] = tb * a[ 9];
-    t[10] = tb * a[10];
-    t[11] = tb * a[11];
-    t[12] = tb * a[12];
-    t[13] = tb * a[13];
-    t[14] = tb * a[14];
-    r[ 0] = (sp_digit)                 (t[ 0] & 0x3ffffff);
-    r[ 1] = (sp_digit)((t[ 0] >> 26) + (t[ 1] & 0x3ffffff));
-    r[ 2] = (sp_digit)((t[ 1] >> 26) + (t[ 2] & 0x3ffffff));
-    r[ 3] = (sp_digit)((t[ 2] >> 26) + (t[ 3] & 0x3ffffff));
-    r[ 4] = (sp_digit)((t[ 3] >> 26) + (t[ 4] & 0x3ffffff));
-    r[ 5] = (sp_digit)((t[ 4] >> 26) + (t[ 5] & 0x3ffffff));
-    r[ 6] = (sp_digit)((t[ 5] >> 26) + (t[ 6] & 0x3ffffff));
-    r[ 7] = (sp_digit)((t[ 6] >> 26) + (t[ 7] & 0x3ffffff));
-    r[ 8] = (sp_digit)((t[ 7] >> 26) + (t[ 8] & 0x3ffffff));
-    r[ 9] = (sp_digit)((t[ 8] >> 26) + (t[ 9] & 0x3ffffff));
-    r[10] = (sp_digit)((t[ 9] >> 26) + (t[10] & 0x3ffffff));
-    r[11] = (sp_digit)((t[10] >> 26) + (t[11] & 0x3ffffff));
-    r[12] = (sp_digit)((t[11] >> 26) + (t[12] & 0x3ffffff));
-    r[13] = (sp_digit)((t[12] >> 26) + (t[13] & 0x3ffffff));
-    r[14] = (sp_digit)((t[13] >> 26) + (t[14] & 0x3ffffff));
-    r[15] = (sp_digit) (t[14] >> 26);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-SP_NOINLINE static void sp_384_lshift_30(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[30] = a[29] >> (26 - n);
-    for (i=29; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (26 - n))) & 0x3ffffff);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[29];
-    r[30] = s >> (26U - n);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (26U - n))) & 0x3ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0x3ffffff);
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Simplified based on top word of divisor being (1 << 26) - 1
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_384_div_15(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 15 + 3);
-    int i;
-    sp_digit r1;
-    sp_digit mask;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 15 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 30 + 1;
-        sd = t2 + 15 + 1;
-
-        sp_384_mul_d_15(sd, d, (sp_digit)1 << 6);
-        sp_384_lshift_30(t1, a, 6);
-        t1[15 + 15] += t1[15 + 15 - 1] >> 26;
-        t1[15 + 15 - 1] &= 0x3ffffff;
-        for (i=14; i>=0; i--) {
-            r1 = t1[15 + i];
-            sp_384_mul_d_15(t2, sd, r1);
-            (void)sp_384_sub_15(&t1[i], &t1[i], t2);
-            t1[15 + i] -= t2[15];
-            sp_384_norm_15(&t1[i + 1]);
-
-            mask = ~((t1[15 + i] - 1) >> 31);
-            sp_384_cond_sub_15(t1 + i, t1 + i, sd, mask);
-            sp_384_norm_15(&t1[i + 1]);
-        }
-        sp_384_norm_15(t1);
-        sp_384_rshift_15(r, t1, 6);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_384_mod_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_384_div_15(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_15(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_15(r, a, b);
-    sp_384_mont_reduce_order_15(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word32 p384_order_minus_2[12] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word32 p384_order_low[6] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_15(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_15(r, a);
-    sp_384_mont_reduce_order_15(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_15(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_15(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_15(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_15_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_15_ctx;
-static int sp_384_mont_inv_order_15_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_15_ctx* ctx = (sp_384_mont_inv_order_15_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_15_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 15);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_15(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_384_mont_mul_order_15(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 15U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_15(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 15);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_15(t, t);
-        if ((p384_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_15(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 15U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 15;
-    sp_digit* t3 = td + 4 * 15;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_15(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_15(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_15(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_15(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_15(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_15(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_15(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_15(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_15(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_15(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_15(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_15(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_15(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_15(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_15(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_15(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_15(t2, t2);
-        if ((p384_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_15(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_15(t2, t2);
-    sp_384_mont_mul_order_15(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_15(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_15(k, k, p384_norm_order);
-    err = sp_384_mod_15(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_15(k);
-
-        /* kInv = 1/k mod order */
-            sp_384_mont_inv_order_15(kInv, k, tmp);
-        sp_384_norm_15(kInv);
-
-        /* s = r * x + e */
-            sp_384_mul_15(x, x, r);
-        err = sp_384_mod_15(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_15(x);
-        carry = sp_384_add_15(s, e, x);
-        sp_384_cond_sub_15(s, s, p384_order, 0 - carry);
-        sp_384_norm_15(s);
-        c = sp_384_cmp_15(s, p384_order);
-        sp_384_cond_sub_15(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_15(s);
-
-        /* s = s * k^-1 mod order */
-            sp_384_mont_mul_order_15(s, s, kInv);
-        sp_384_norm_15(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 15);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 15, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 15;
-        k = e + 4 * 15;
-        r = e + 6 * 15;
-        tmp = e + 8 * 15;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_15(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 15, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_384_ecc_mulmod_base_15(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 15U);
-            sp_384_norm_15(r);
-            c = sp_384_cmp_15(r, p384_order);
-            sp_384_cond_sub_15(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_15(r);
-
-            if (!sp_384_iszero_15(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 15, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 15, hash, (int)hashLen);
-
-                err = sp_384_calc_s_15(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_15(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 15, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_15_ctx mulmod_ctx;
-        sp_384_mont_inv_order_15_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*15];
-    sp_digit x[2*15];
-    sp_digit k[2*15];
-    sp_digit r[2*15];
-    sp_digit tmp[3 * 2*15];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_15(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 15, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_15_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 15U);
-        sp_384_norm_15(ctx->r);
-        c = sp_384_cmp_15(ctx->r, p384_order);
-        sp_384_cond_sub_15(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_15(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 15, priv);
-        sp_384_from_bin(ctx->e, 15, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_15(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_15(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_15(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_15_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_15(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_15(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_15(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_384_norm_15(ctx->x);
-        carry = sp_384_add_15(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_15(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_15(ctx->s);
-        c = sp_384_cmp_15(ctx->s, p384_order);
-        sp_384_cond_sub_15(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_15(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_15(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_15(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_15(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 15U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 15U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 15U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 15U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 15U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-static const char sp_384_tab32_15[32] = {
-     1, 10,  2, 11, 14, 22,  3, 30,
-    12, 15, 17, 19, 23, 26,  4, 31,
-     9, 13, 21, 29, 16, 18, 25,  8,
-    20, 28, 24,  7, 27,  6,  5, 32};
-
-static int sp_384_num_bits_26_15(sp_digit v)
-{
-    v |= v >> 1;
-    v |= v >> 2;
-    v |= v >> 4;
-    v |= v >> 8;
-    v |= v >> 16;
-    return sp_384_tab32_15[(word32)(v*0x07C4ACDD) >> 27];
-}
-
-static int sp_384_num_bits_15(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i = 14; i >= 0; i--) {
-        if (a[i] != 0) {
-            r = sp_384_num_bits_26_15(a[i]);
-            r += i * 26;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- * @return  MEMEORY_E when dynamic memory allocation fails.
- */
-static int sp_384_mod_inv_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, u, 15 * 4);
-    sp_digit* v = NULL;
-    sp_digit* b = NULL;
-    sp_digit* d = NULL;
-    int ut;
-    int vt;
-
-    SP_ALLOC_VAR(sp_digit, u, 15 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        v = u + 15;
-        b = u + 2 * 15;
-        d = u + 3 * 15;
-
-        XMEMCPY(u, m, sizeof(sp_digit) * 15);
-        XMEMCPY(v, a, sizeof(sp_digit) * 15);
-
-        ut = sp_384_num_bits_15(u);
-        vt = sp_384_num_bits_15(v);
-
-        XMEMSET(b, 0, sizeof(sp_digit) * 15);
-        if ((v[0] & 1) == 0) {
-            sp_384_rshift1_15(v, v);
-            XMEMCPY(d, m, sizeof(sp_digit) * 15);
-            d[0]++;
-            sp_384_rshift1_15(d, d);
-            vt--;
-
-            while ((v[0] & 1) == 0) {
-                sp_384_rshift1_15(v, v);
-                if (d[0] & 1)
-                    sp_384_add_15(d, d, m);
-                sp_384_rshift1_15(d, d);
-                vt--;
-            }
-        }
-        else {
-            XMEMSET(d+1, 0, sizeof(sp_digit) * (15 - 1));
-            d[0] = 1;
-        }
-
-        while (ut > 1 && vt > 1) {
-            if ((ut > vt) || ((ut == vt) &&
-                    (sp_384_cmp_15(u, v) >= 0))) {
-                sp_384_sub_15(u, u, v);
-                sp_384_norm_15(u);
-
-                sp_384_sub_15(b, b, d);
-                sp_384_norm_15(b);
-                if (b[14] < 0)
-                    sp_384_add_15(b, b, m);
-                sp_384_norm_15(b);
-                ut = sp_384_num_bits_15(u);
-
-                do {
-                    sp_384_rshift1_15(u, u);
-                    if (b[0] & 1)
-                        sp_384_add_15(b, b, m);
-                    sp_384_rshift1_15(b, b);
-                    ut--;
-                }
-                while (ut > 0 && (u[0] & 1) == 0);
-            }
-            else {
-                sp_384_sub_15(v, v, u);
-                sp_384_norm_15(v);
-
-                sp_384_sub_15(d, d, b);
-                sp_384_norm_15(d);
-                if (d[14] < 0)
-                    sp_384_add_15(d, d, m);
-                sp_384_norm_15(d);
-                vt = sp_384_num_bits_15(v);
-
-                do {
-                    sp_384_rshift1_15(v, v);
-                    if (d[0] & 1)
-                        sp_384_add_15(d, d, m);
-                    sp_384_rshift1_15(d, d);
-                    vt--;
-                }
-                while (vt > 0 && (v[0] & 1) == 0);
-            }
-        }
-
-        if (ut == 1)
-            XMEMCPY(r, b, sizeof(sp_digit) * 15);
-        else
-            XMEMCPY(r, d, sizeof(sp_digit) * 15);
-    }
-    SP_FREE_VAR(u, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_15(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-
-        sp_384_proj_point_add_15(p1, p1, p2, tmp);
-    if (sp_384_iszero_15(p1->z)) {
-        if (sp_384_iszero_15(p1->x) && sp_384_iszero_15(p1->y)) {
-                sp_384_proj_point_dbl_15(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            p1->x[12] = 0;
-            p1->x[13] = 0;
-            p1->x[14] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_15(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_15(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_384_mul_15(s, s, p384_norm_order);
-        err = sp_384_mod_15(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_15(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_384_mont_inv_order_15(s, s, tmp);
-            sp_384_mont_mul_order_15(u1, u1, s);
-            sp_384_mont_mul_order_15(u2, u2, s);
-        }
-#else
-        {
-            sp_384_mont_mul_order_15(u1, u1, s);
-            sp_384_mont_mul_order_15(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_384_ecc_mulmod_base_15(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_15(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_15(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_15(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_15(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 15);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 15, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 15;
-        s   = u1 + 4 * 15;
-        tmp = u1 + 6 * 15;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 15, hash, (int)hashLen);
-        sp_384_from_mp(u2, 15, rm);
-        sp_384_from_mp(s, 15, sm);
-        sp_384_from_mp(p2->x, 15, pX);
-        sp_384_from_mp(p2->y, 15, pY);
-        sp_384_from_mp(p2->z, 15, pZ);
-
-        err = sp_384_calc_vfy_point_15(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 15, rm);
-        err = sp_384_mod_mul_norm_15(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_384_mont_sqr_15(p1->z, p1->z, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_15(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_15(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 15, rm);
-            carry = sp_384_add_15(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_15(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_15(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_15(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_384_mont_mul_15(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_15(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_15_ctx mulmod_ctx;
-        sp_384_mont_inv_order_15_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_15_ctx dbl_ctx;
-        sp_384_proj_point_add_15_ctx add_ctx;
-    };
-    sp_digit u1[2*15];
-    sp_digit u2[2*15];
-    sp_digit s[2*15];
-    sp_digit tmp[2*15 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 15, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 15, rm);
-        sp_384_from_mp(ctx->s, 15, sm);
-        sp_384_from_mp(ctx->p2.x, 15, pX);
-        sp_384_from_mp(ctx->p2.y, 15, pY);
-        sp_384_from_mp(ctx->p2.z, 15, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_15(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_15(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_15(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_15_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_15(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_15(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_15_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_15(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_15_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_15(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_15_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 15, rm);
-        err = sp_384_mod_mul_norm_15(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_15(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_15(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_15(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 15, rm);
-            carry = sp_384_add_15(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_15(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_15(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_15(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_15(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_15(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_15(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 15 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 15 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 15;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_15(t1, point->y);
-        (void)sp_384_mod_15(t1, t1, p384_mod);
-        sp_384_sqr_15(t2, point->x);
-        (void)sp_384_mod_15(t2, t2, p384_mod);
-        sp_384_mul_15(t2, t2, point->x);
-        (void)sp_384_mod_15(t2, t2, p384_mod);
-        sp_384_mont_sub_15(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_15(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_15(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_15(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_15(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 15, pX);
-        sp_384_from_mp(pub->y, 15, pY);
-        sp_384_from_bin(pub->z, 15, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_15(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 15);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 15, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 15, pX);
-        sp_384_from_mp(pub->y, 15, pY);
-        sp_384_from_bin(pub->z, 15, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 15, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_15(pub->x) != 0) &&
-            (sp_384_iszero_15(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_15(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_15(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_15(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_384_ecc_mulmod_15(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_15(p->x) == 0) ||
-                             (sp_384_iszero_15(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_384_ecc_mulmod_base_15(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_15(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_15(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 15 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 15 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 15, pX);
-        sp_384_from_mp(p->y, 15, pY);
-        sp_384_from_mp(p->z, 15, pZ);
-        sp_384_from_mp(q->x, 15, qX);
-        sp_384_from_mp(q->y, 15, qY);
-        sp_384_from_mp(q->z, 15, qZ);
-        p->infinity = sp_384_iszero_15(p->x) &
-                      sp_384_iszero_15(p->y);
-        q->infinity = sp_384_iszero_15(q->x) &
-                      sp_384_iszero_15(q->y);
-
-            sp_384_proj_point_add_15(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 15 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 15 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 15, pX);
-        sp_384_from_mp(p->y, 15, pY);
-        sp_384_from_mp(p->z, 15, pZ);
-        p->infinity = sp_384_iszero_15(p->x) &
-                      sp_384_iszero_15(p->y);
-
-            sp_384_proj_point_dbl_15(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 15 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 15 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 15, pX);
-        sp_384_from_mp(p->y, 15, pY);
-        sp_384_from_mp(p->z, 15, pZ);
-        p->infinity = sp_384_iszero_15(p->x) &
-                      sp_384_iszero_15(p->y);
-
-            sp_384_map_15(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_15(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 15);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 15, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 15;
-        t3 = t1 + 4 * 15;
-        t4 = t1 + 6 * 15;
-        t5 = t1 + 8 * 15;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_15(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_15(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_15(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_15(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_15(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_15(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_15(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_15(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_15(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_15(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_15(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_15(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_15(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_15(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_15(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_15(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_15(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_15(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_15(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_15(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_15(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_15(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_15(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_15(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_15(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_15(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_15(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 15);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 15, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 15;
-
-        sp_384_from_mp(x, 15, xm);
-        err = sp_384_mod_mul_norm_15(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_384_mont_sqr_15(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_15(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_15(y, y, x, p384_mod);
-        sp_384_mont_sub_15(y, y, x, p384_mod);
-        sp_384_mont_sub_15(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_15(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_15(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_15(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 15, 0, 15U * sizeof(sp_digit));
-        sp_384_mont_reduce_15(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_15(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 21];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 21];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 21];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[21] = {
-    0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,
-    0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,
-    0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x01fffff
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[21] = {
-    0x0000001,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-    0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-    0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[21] = {
-    0x1386409,0x1db8f48,0x1ebaedb,0x1113388,0x1bb5c9b,0x04d2e81,0x00523dc,
-    0x0d6ff98,0x1bf2f96,0x0c343c1,0x1fffe94,0x1ffffff,0x1ffffff,0x1ffffff,
-    0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x01fffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[21] = {
-    0x1386407,0x1db8f48,0x1ebaedb,0x1113388,0x1bb5c9b,0x04d2e81,0x00523dc,
-    0x0d6ff98,0x1bf2f96,0x0c343c1,0x1fffe94,0x1ffffff,0x1ffffff,0x1ffffff,
-    0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x1ffffff,0x01fffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[21] = {
-    0x0c79bf7,0x02470b7,0x0145124,0x0eecc77,0x044a364,0x1b2d17e,0x1fadc23,
-    0x1290067,0x040d069,0x13cbc3e,0x000016b,0x0000000,0x0000000,0x0000000,
-    0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x1a995c7;
-#endif
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0x0e5bd66,0x13f18e1,0x0a6fe5f,0x030ad48,0x1348b3c,0x1fd46f1,0x1049e8b,
-        0x051fc3b,0x1efe759,0x0a5af3b,0x14f6ea8,0x1ec0d69,0x01f828a,0x029fda9,
-        0x19204e4,0x1688538,0x1662395,0x0cf1f65,0x1013a73,0x1c0d6e0,0x00c6858,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x1d16650,0x14a3b4f,0x090222f,0x0d44e58,0x153c708,0x1683b09,0x0e404fe,
-        0x0818aa1,0x15ef426,0x1f7394c,0x1998b25,0x1a2e4e7,0x0817afb,0x0bcda23,
-        0x1d51125,0x037b331,0x1b42c7d,0x02e452f,0x08ef001,0x12d4f13,0x0118392,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000001,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[21] = {
-    0x1503f00,0x08fea35,0x13c7bd1,0x107a586,0x1573df8,0x18df839,0x102f4ee,
-    0x0f62ca5,0x1ec7e93,0x10c9ca8,0x0427855,0x13231de,0x13b8b48,0x0cd98af,
-    0x169c96e,0x081dd45,0x1a0b685,0x1c94d10,0x1872687,0x1d72c31,0x0051953
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_521_mul_21(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[20]) * b[20];
-    r[41] = (sp_digit)(c >> 25);
-    c &= 0x1ffffff;
-    for (k = 39; k >= 0; k--) {
-        if (k >= 21) {
-            i = k - 20;
-            imax = 20;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint64)a[i]) * b[k - i];
-        }
-        c += lo >> 25;
-        r[k + 2] += (sp_digit)(c >> 25);
-        r[k + 1]  = (sp_digit)(c & 0x1ffffff);
-        c = lo & 0x1ffffff;
-    }
-    r[0] = (sp_digit)c;
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_521_mul_21(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int j;
-    sp_int64 t[42];
-
-    XMEMSET(t, 0, sizeof(t));
-    for (i=0; i<21; i++) {
-        for (j=0; j<21; j++) {
-            t[i+j] += ((sp_int64)a[i]) * b[j];
-        }
-    }
-    for (i=0; i<41; i++) {
-        r[i] = (sp_digit)(t[i] & 0x1ffffff);
-        t[i+1] += t[i] >> 25;
-    }
-    r[41] = (sp_digit)t[41];
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_sqr_21(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[20]) * a[20];
-    r[41] = (sp_digit)(c >> 25);
-    c = (c & 0x1ffffff) << 25;
-    for (k = 39; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 20) {
-            imax = k;
-        }
-        else {
-            imax = 20;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint64)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 50);
-        r[k + 1]  = (sp_digit)((c >> 25) & 0x1ffffff);
-        c = (c & 0x1ffffff) << 25;
-    }
-    r[0] = (sp_digit)(c >> 25);
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_sqr_21(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int j;
-    sp_int64 t[42];
-
-    XMEMSET(t, 0, sizeof(t));
-    for (i=0; i<21; i++) {
-        for (j=0; j<i; j++) {
-            t[i+j] += (((sp_int64)a[i]) * a[j]) * 2;
-        }
-        t[i+i] += ((sp_int64)a[i]) * a[i];
-    }
-    for (i=0; i<41; i++) {
-        r[i] = (sp_digit)(t[i] & 0x1ffffff);
-        t[i+1] += t[i] >> 25;
-    }
-    r[41] = (sp_digit)t[41];
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_add_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 21; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_add_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[16] = a[16] + b[16];
-    r[17] = a[17] + b[17];
-    r[18] = a[18] + b[18];
-    r[19] = a[19] + b[19];
-    r[20] = a[20] + b[20];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_sub_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 21; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_sub_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[16] = a[16] - b[16];
-    r[17] = a[17] - b[17];
-    r[18] = a[18] - b[18];
-    r[19] = a[19] - b[19];
-    r[20] = a[20] - b[20];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 25
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 24);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 24);
-    }
-#elif DIGIT_BIT > 25
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1ffffff;
-        s = 25U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 25U) <= (word32)DIGIT_BIT) {
-            s += 25U;
-            r[j] &= 0x1ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 25) {
-            r[j] &= 0x1ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 25 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_21(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 21, pm->x);
-    sp_521_from_mp(p->y, 21, pm->y);
-    sp_521_from_mp(p->z, 21, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 25
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 21);
-        r->used = 21;
-        mp_clamp(r);
-#elif DIGIT_BIT < 25
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 21; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 25) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 25 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 21; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 25 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 25 - s;
-            }
-            else {
-                s += 25;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_21(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Normalize the values in each word to 25 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_521_norm_21(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 20; i++) {
-        a[i+1] += a[i] >> 25;
-        a[i] &= 0x1ffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 16; i += 8) {
-        a[i+1] += a[i+0] >> 25; a[i+0] &= 0x1ffffff;
-        a[i+2] += a[i+1] >> 25; a[i+1] &= 0x1ffffff;
-        a[i+3] += a[i+2] >> 25; a[i+2] &= 0x1ffffff;
-        a[i+4] += a[i+3] >> 25; a[i+3] &= 0x1ffffff;
-        a[i+5] += a[i+4] >> 25; a[i+4] &= 0x1ffffff;
-        a[i+6] += a[i+5] >> 25; a[i+5] &= 0x1ffffff;
-        a[i+7] += a[i+6] >> 25; a[i+6] &= 0x1ffffff;
-        a[i+8] += a[i+7] >> 25; a[i+7] &= 0x1ffffff;
-    }
-    a[17] += a[16] >> 25; a[16] &= 0x1ffffff;
-    a[18] += a[17] >> 25; a[17] &= 0x1ffffff;
-    a[19] += a[18] >> 25; a[18] &= 0x1ffffff;
-    a[20] += a[19] >> 25; a[19] &= 0x1ffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_521_mont_reduce_21(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-
-    (void)m;
-    (void)mp;
-
-    for (i = 0; i < 20; i++) {
-        a[i] += (sp_digit)(((a[20 + i] >> 21) + (a[20 + i + 1] << 4)) & 0x1ffffff);
-    }
-    a[20] &= 0x1fffff;
-    a[20] += (sp_digit)(((a[40] >> 21) + (a[41] << 4)) & 0x1ffffff);
-
-    sp_521_norm_21(a);
-
-    a[0] += a[20] >> 21;
-    a[20] &= 0x1fffff;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_521_cmp_21(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=20; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 24);
-    }
-#else
-    int i;
-
-    r |= (a[20] - b[20]) & (0 - (sp_digit)1);
-    r |= (a[19] - b[19]) & ~(((sp_digit)0 - r) >> 24);
-    r |= (a[18] - b[18]) & ~(((sp_digit)0 - r) >> 24);
-    r |= (a[17] - b[17]) & ~(((sp_digit)0 - r) >> 24);
-    r |= (a[16] - b[16]) & ~(((sp_digit)0 - r) >> 24);
-    for (i = 8; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 24);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_521_cond_sub_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 21; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[16] = a[16] - (b[16] & m);
-    r[17] = a[17] - (b[17] & m);
-    r[18] = a[18] - (b[18] & m);
-    r[19] = a[19] - (b[19] & m);
-    r[20] = a[20] - (b[20] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_521_mul_add_21(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 20; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1ffffff);
-        t[1] += t[0] >> 25;
-        r[i+1] = (sp_digit)(t[1] & 0x1ffffff);
-        t[2] += t[1] >> 25;
-        r[i+2] = (sp_digit)(t[2] & 0x1ffffff);
-        t[3] += t[2] >> 25;
-        r[i+3] = (sp_digit)(t[3] & 0x1ffffff);
-        t[0]  = t[3] >> 25;
-    }
-    t[0] += (tb * a[20]) + r[20];
-    r[20] = (sp_digit)(t[0] & 0x1ffffff);
-    r[21] +=  (sp_digit)(t[0] >> 25);
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffff);
-    for (i = 0; i < 16; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 25) + (t[1] & 0x1ffffff));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 25) + (t[2] & 0x1ffffff));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 25) + (t[3] & 0x1ffffff));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 25) + (t[4] & 0x1ffffff));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 25) + (t[5] & 0x1ffffff));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 25) + (t[6] & 0x1ffffff));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 25) + (t[7] & 0x1ffffff));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 25) + (t[0] & 0x1ffffff));
-    }
-    t[1] = tb * a[17];
-    r[17] += (sp_digit)((t[0] >> 25) + (t[1] & 0x1ffffff));
-    t[2] = tb * a[18];
-    r[18] += (sp_digit)((t[1] >> 25) + (t[2] & 0x1ffffff));
-    t[3] = tb * a[19];
-    r[19] += (sp_digit)((t[2] >> 25) + (t[3] & 0x1ffffff));
-    t[4] = tb * a[20];
-    r[20] += (sp_digit)((t[3] >> 25) + (t[4] & 0x1ffffff));
-    r[21] +=  (sp_digit)(t[4] >> 25);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 521 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_521_mont_shift_21(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_digit n;
-    sp_digit s;
-
-    s = a[21];
-    n = a[20] >> 21;
-    for (i = 0; i < 20; i++) {
-        n += (sp_digit)((s & 0x1ffffff) << 4);
-        r[i] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25;
-        s = a[22 + i] + (s >> 25);
-    }
-    n += s << 4;
-    r[20] = n;
-#else
-    sp_digit n;
-    sp_digit s;
-    int i;
-
-    s = a[21]; n = a[20] >> 21;
-    for (i = 0; i < 16; i += 8) {
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+0] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+22] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+1] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+23] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+2] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+24] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+3] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+25] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+4] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+26] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+5] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+27] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+6] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+28] + (s >> 25);
-        n += (sp_digit)((s & 0x1ffffff) << 4); r[i+7] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25; s = a[i+29] + (s >> 25);
-    }
-    n += (sp_digit)((s & 0x1ffffff) << 4); r[16] = (sp_digit)(n & 0x1ffffff);
-    n >>= 25; s = a[38] + (s >> 25);
-    n += (sp_digit)((s & 0x1ffffff) << 4); r[17] = (sp_digit)(n & 0x1ffffff);
-    n >>= 25; s = a[39] + (s >> 25);
-    n += (sp_digit)((s & 0x1ffffff) << 4); r[18] = (sp_digit)(n & 0x1ffffff);
-    n >>= 25; s = a[40] + (s >> 25);
-    n += (sp_digit)((s & 0x1ffffff) << 4); r[19] = (sp_digit)(n & 0x1ffffff);
-    n >>= 25; s = a[41] + (s >> 25);
-    n += s << 4;              r[20] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[21], 0, sizeof(*r) * 21U);
-}
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_521_mont_reduce_order_21(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_521_norm_21(a + 21);
-
-    for (i=0; i<20; i++) {
-        mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1ffffff);
-        sp_521_mul_add_21(a+i, m, mu);
-        a[i+1] += a[i] >> 25;
-    }
-    mu = (sp_digit)(((sp_uint32)a[i] * (sp_uint32)mp) & 0x1fffffL);
-    sp_521_mul_add_21(a+i, m, mu);
-    a[i+1] += a[i] >> 25;
-    a[i] &= 0x1ffffff;
-    sp_521_mont_shift_21(a, a);
-    over = a[20] >> 21;
-    sp_521_cond_sub_21(a, a, m, ~((over - 1) >> 31));
-    sp_521_norm_21(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mul_21(r, a, b);
-    sp_521_mont_reduce_21(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_521_sqr_21(r, a);
-    sp_521_mont_reduce_21(r, m, mp);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_21(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_21(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_21(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word32 p521_mod_minus_2[17] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_21(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 21);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_21(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_521_mont_mul_21(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 21);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 21;
-    sp_digit* t3 = td + 4 * 21;
-
-    /* 0x2 */
-    sp_521_mont_sqr_21(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_21(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_21(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_21(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_21(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_21(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_21(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_21(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_21(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_21(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_21(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_21(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_21(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_21(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_21(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_21(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_21(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_21(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_21(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_21(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*21;
-    sp_int32 n;
-
-    sp_521_mont_inv_21(t1, p->z, t + 2*21);
-
-    sp_521_mont_sqr_21(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_21(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 21, 0, sizeof(sp_digit) * 21U);
-    sp_521_mont_reduce_21(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_21(r->x, p521_mod);
-    sp_521_cond_sub_21(r->x, r->x, p521_mod, (sp_digit)~(n >> 24));
-    sp_521_norm_21(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_21(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 21, 0, sizeof(sp_digit) * 21U);
-    sp_521_mont_reduce_21(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_21(r->y, p521_mod);
-    sp_521_cond_sub_21(r->y, r->y, p521_mod, (sp_digit)~(n >> 24));
-    sp_521_norm_21(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_add_21(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_521_add_21(r, a, b);
-    sp_521_norm_21(r);
-    over = r[20] >> 21;
-    sp_521_cond_sub_21(r, r, m, ~((over - 1) >> 31));
-    sp_521_norm_21(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_dbl_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_521_add_21(r, a, a);
-    sp_521_norm_21(r);
-    over = r[20] >> 21;
-    sp_521_cond_sub_21(r, r, m, ~((over - 1) >> 31));
-    sp_521_norm_21(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_tpl_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_521_add_21(r, a, a);
-    sp_521_norm_21(r);
-    over = r[20] >> 21;
-    sp_521_cond_sub_21(r, r, m, ~((over - 1) >> 31));
-    sp_521_norm_21(r);
-    (void)sp_521_add_21(r, r, a);
-    sp_521_norm_21(r);
-    over = r[20] >> 21;
-    sp_521_cond_sub_21(r, r, m, ~((over - 1) >> 31));
-    sp_521_norm_21(r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_521_cond_add_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 21; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_521_cond_add_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[16] = a[16] + (b[16] & m);
-    r[17] = a[17] + (b[17] & m);
-    r[18] = a[18] + (b[18] & m);
-    r[19] = a[19] + (b[19] & m);
-    r[20] = a[20] + (b[20] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_521_sub_21(r, a, b);
-    sp_521_norm_21(r);
-    sp_521_cond_add_21(r, r, m, r[20] >> 21);
-    sp_521_norm_21(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_521_rshift1_21(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<20; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 24) & 0x1ffffff);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 24) & 0x1ffffff);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 24) & 0x1ffffff);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 24) & 0x1ffffff);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 24) & 0x1ffffff);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 24) & 0x1ffffff);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 24) & 0x1ffffff);
-    r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 24) & 0x1ffffff);
-    r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 24) & 0x1ffffff);
-    r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 24) & 0x1ffffff);
-    r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 24) & 0x1ffffff);
-    r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 24) & 0x1ffffff);
-    r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 24) & 0x1ffffff);
-    r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 24) & 0x1ffffff);
-    r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 24) & 0x1ffffff);
-    r[14] = (a[14] >> 1) + (sp_digit)((a[15] << 24) & 0x1ffffff);
-    r[15] = (a[15] >> 1) + (sp_digit)((a[16] << 24) & 0x1ffffff);
-    r[16] = (a[16] >> 1) + (sp_digit)((a[17] << 24) & 0x1ffffff);
-    r[17] = (a[17] >> 1) + (sp_digit)((a[18] << 24) & 0x1ffffff);
-    r[18] = (a[18] >> 1) + (sp_digit)((a[19] << 24) & 0x1ffffff);
-    r[19] = (a[19] >> 1) + (sp_digit)((a[20] << 24) & 0x1ffffff);
-#endif
-    r[20] = a[20] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_521_mont_div2_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_521_cond_add_21(r, a, m, 0 - (a[0] & 1));
-    sp_521_norm_21(r);
-    sp_521_rshift1_21(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_21(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*21;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_21(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_21(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_21(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_21(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_21(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_21(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_21(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_21(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_21(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_21(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_21(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_21(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_21(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_21(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_21(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_21(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_21(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_21(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_21_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_21_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_21_ctx* ctx = (sp_521_proj_point_dbl_21_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_21_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*21;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_21(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_21(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_21(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_21(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_21(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_21(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_21(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_21(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_21(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_21(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_21(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_21(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_21(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_21(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_21(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_21(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_21(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_21(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_21(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16]) | (a[17] ^ b[17]) |
-            (a[18] ^ b[18]) | (a[19] ^ b[19]) | (a[20] ^ b[20])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_21(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16] | a[17] | a[18] | a[19] | a[20]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_21(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*21;
-    sp_digit* t2 = t + 4*21;
-    sp_digit* t3 = t + 6*21;
-    sp_digit* t4 = t + 8*21;
-    sp_digit* t5 = t + 10*21;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_21(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_21(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_21(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_21(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_21(t2, t1) &
-            sp_521_cmp_equal_21(t4, t3)) {
-        sp_521_proj_point_dbl_21(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_21(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_21(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_21(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_21(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_21(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(x, x, t5, p521_mod);
-        sp_521_mont_mul_21(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_21(t3, y, p521_mod);
-        sp_521_mont_sub_21(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_21(y, y, x, p521_mod);
-        sp_521_mont_mul_21(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 21; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 21; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 21; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_21_ctx {
-    int state;
-    sp_521_proj_point_dbl_21_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_21_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_21_ctx* ctx = (sp_521_proj_point_add_21_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_21_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*21;
-        ctx->t2 = t + 4*21;
-        ctx->t3 = t + 6*21;
-        ctx->t4 = t + 8*21;
-        ctx->t5 = t + 10*21;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_21(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_21(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_21(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_21(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_21(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_21(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_21(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_21(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_21(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_21(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_21(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_21(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_21(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_21(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_21(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_21(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_21(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_21(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_21(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_21(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_21(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_21(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_21(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_21(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_21(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_21(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 21; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 21; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 21; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)m;
-
-    if (r != a) {
-        XMEMCPY(r, a, 21 * sizeof(sp_digit));
-    }
-
-    return MP_OKAY;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 521 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 21 * 6);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 21 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_521) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_21(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_521_mod_mul_norm_21(t[1].y, g->y, p521_mod);
-    if (err == MP_OKAY)
-        err = sp_521_mod_mul_norm_21(t[1].z, g->z, p521_mod);
-
-    if (err == MP_OKAY) {
-        i = 20;
-        c = 21;
-        n = k[i--] << (25 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 25;
-            }
-
-            y = (n >> 24) & 1;
-            n <<= 1;
-
-            sp_521_proj_point_add_21(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_521));
-            sp_521_proj_point_dbl_21(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_521));
-        }
-
-        if (map != 0) {
-            sp_521_map_21(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 21 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_ecc_mulmod_21_ctx {
-    int state;
-    union {
-        sp_521_proj_point_dbl_21_ctx dbl_ctx;
-        sp_521_proj_point_add_21_ctx add_ctx;
-    };
-    sp_point_521 t[3];
-    sp_digit tmp[2 * 21 * 6];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_521_ecc_mulmod_21_ctx;
-
-static int sp_521_ecc_mulmod_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_ecc_mulmod_21_ctx* ctx = (sp_521_ecc_mulmod_21_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_ecc_mulmod_21_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_521) * 3);
-        ctx->i = 20;
-        ctx->c = 21;
-        ctx->n = k[ctx->i--] << (25 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_21(ctx->t[1].x, g->x, p521_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_521_mod_mul_norm_21(ctx->t[1].y, g->y, p521_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_521_mod_mul_norm_21(ctx->t[1].z, g->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 25;
-        }
-        ctx->y = (ctx->n >> 24) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_521_proj_point_add_21_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_521));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_521_proj_point_dbl_21_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_521));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_521_map_21(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_521));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[21];
-    sp_digit y[21];
-} sp_table_entry_521;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_521_cond_copy_21(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[21];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 21; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 21; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    t[ 7] = r[ 7] ^ a[ 7];
-    t[ 8] = r[ 8] ^ a[ 8];
-    t[ 9] = r[ 9] ^ a[ 9];
-    t[10] = r[10] ^ a[10];
-    t[11] = r[11] ^ a[11];
-    t[12] = r[12] ^ a[12];
-    t[13] = r[13] ^ a[13];
-    t[14] = r[14] ^ a[14];
-    t[15] = r[15] ^ a[15];
-    t[16] = r[16] ^ a[16];
-    t[17] = r[17] ^ a[17];
-    t[18] = r[18] ^ a[18];
-    t[19] = r[19] ^ a[19];
-    t[20] = r[20] ^ a[20];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-    r[ 7] ^= t[ 7] & m;
-    r[ 8] ^= t[ 8] & m;
-    r[ 9] ^= t[ 9] & m;
-    r[10] ^= t[10] & m;
-    r[11] ^= t[11] & m;
-    r[12] ^= t[12] & m;
-    r[13] ^= t[13] & m;
-    r[14] ^= t[14] & m;
-    r[15] ^= t[15] & m;
-    r[16] ^= t[16] & m;
-    r[17] ^= t[17] & m;
-    r[18] ^= t[18] & m;
-    r[19] ^= t[19] & m;
-    r[20] ^= t[20] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*21;
-    sp_digit* b = t + 4*21;
-    sp_digit* t1 = t + 6*21;
-    sp_digit* t2 = t + 8*21;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_21(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_21(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_21(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_21(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_21(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_21(t2, b, p521_mod);
-        sp_521_mont_sub_21(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_21(t2, b, x, p521_mod);
-        sp_521_mont_dbl_21(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_21(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_21(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_21(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_21(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_21(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_21(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_21(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_21(t2, b, p521_mod);
-    sp_521_mont_sub_21(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_21(t2, b, x, p521_mod);
-    sp_521_mont_dbl_21(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_21(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_21(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_21(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_21(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_21(y, y, p521_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
-        const sp_point_521* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*21;
-    sp_digit* b = t + 4*21;
-    sp_digit* t1 = t + 6*21;
-    sp_digit* t2 = t + 8*21;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<21; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<21; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<21; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_21(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_21(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_21(w, w, p521_mod, p521_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_21(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_21(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_21(t2, b, p521_mod);
-        sp_521_mont_sub_21(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_21(t2, b, x, p521_mod);
-        sp_521_mont_dbl_21(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_21(r[j].z, z, y, p521_mod, p521_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_21(t1, t1, p521_mod, p521_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_21(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_21(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(y, y, t1, p521_mod);
-        /* Y = Y/2 */
-        sp_521_mont_div2_21(r[j].y, y, p521_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_521_proj_point_add_sub_21(sp_point_521* ra,
-        sp_point_521* rs, const sp_point_521* p, const sp_point_521* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*21;
-    sp_digit* t3 = t + 4*21;
-    sp_digit* t4 = t + 6*21;
-    sp_digit* t5 = t + 8*21;
-    sp_digit* t6 = t + 10*21;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_21(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t1, t1, xa, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_21(t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t4, t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_21(t3, t3, ya, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_21(t4, t4, q->y, p521_mod, p521_mp_mod);
-    /* H = U2 - U1 */
-    sp_521_mont_sub_21(t2, t2, t1, p521_mod);
-    /* RS = S2 + S1 */
-    sp_521_mont_add_21(t6, t4, t3, p521_mod);
-    /* R = S2 - S1 */
-    sp_521_mont_sub_21(t4, t4, t3, p521_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_521_mont_mul_21(za, za, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(za, za, t2, p521_mod, p521_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_521_mont_sqr_21(xa, t4, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_21(xs, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_21(t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(ya, t1, t5, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t5, t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_21(xa, xa, t5, p521_mod);
-    sp_521_mont_sub_21(xs, xs, t5, p521_mod);
-    sp_521_mont_dbl_21(t1, ya, p521_mod);
-    sp_521_mont_sub_21(xa, xa, t1, p521_mod);
-    sp_521_mont_sub_21(xs, xs, t1, p521_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_21(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_21(ya, ya, xa, p521_mod);
-    sp_521_mont_mul_21(ya, ya, t4, p521_mod, p521_mp_mod);
-    sp_521_sub_21(t6, p521_mod, t6);
-    sp_521_mont_mul_21(ys, ys, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t5, t5, t3, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_21(ya, ya, t5, p521_mod);
-    sp_521_mont_sub_21(ys, ys, t5, p521_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_521 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_521;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_21_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_21_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<87; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 25) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 25) {
-            n >>= 6;
-            if (++j < 21)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 21) {
-            n = k[j];
-            y |= (word8)((n << (25 - o)) & 0x3f);
-            o -= 19;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_21_6[y];
-        v[i].neg = recode_neg_21_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_point_33_21(sp_point_521* r, const sp_point_521* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->x[17] = 0;
-    r->x[18] = 0;
-    r->x[19] = 0;
-    r->x[20] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    r->y[17] = 0;
-    r->y[18] = 0;
-    r->y[19] = 0;
-    r->y[20] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    r->z[12] = 0;
-    r->z[13] = 0;
-    r->z[14] = 0;
-    r->z[15] = 0;
-    r->z[16] = 0;
-    r->z[17] = 0;
-    r->z[18] = 0;
-    r->z[19] = 0;
-    r->z[20] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->x[17] |= mask & table[i].x[17];
-        r->x[18] |= mask & table[i].x[18];
-        r->x[19] |= mask & table[i].x[19];
-        r->x[20] |= mask & table[i].x[20];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-        r->y[17] |= mask & table[i].y[17];
-        r->y[18] |= mask & table[i].y[18];
-        r->y[19] |= mask & table[i].y[19];
-        r->y[20] |= mask & table[i].y[20];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-        r->z[12] |= mask & table[i].z[12];
-        r->z[13] |= mask & table[i].z[13];
-        r->z[14] |= mask & table[i].z[14];
-        r->z[15] |= mask & table[i].z[15];
-        r->z[16] |= mask & table[i].z[16];
-        r->z[17] |= mask & table[i].z[17];
-        r->z[18] |= mask & table[i].z[18];
-        r->z[19] |= mask & table[i].z[19];
-        r->z[20] |= mask & table[i].z[20];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 21 * 6);
-    sp_point_521* rt = NULL;
-    sp_point_521* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_521 v[87];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 21 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_21(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_21(t[1].y, g->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_21(t[1].z, g->z, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_521_proj_point_dbl_n_store_21(t, &t[ 1], 5, 1, tmp);
-        sp_521_proj_point_add_21(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[ 6], &t[ 3], tmp);
-        sp_521_proj_point_add_sub_21(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[10], &t[ 5], tmp);
-        sp_521_proj_point_add_sub_21(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[12], &t[ 6], tmp);
-        sp_521_proj_point_dbl_21(&t[14], &t[ 7], tmp);
-        sp_521_proj_point_add_sub_21(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[18], &t[ 9], tmp);
-        sp_521_proj_point_add_sub_21(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[20], &t[10], tmp);
-        sp_521_proj_point_dbl_21(&t[22], &t[11], tmp);
-        sp_521_proj_point_add_sub_21(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[24], &t[12], tmp);
-        sp_521_proj_point_dbl_21(&t[26], &t[13], tmp);
-        sp_521_proj_point_add_sub_21(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_521_proj_point_dbl_21(&t[28], &t[14], tmp);
-        sp_521_proj_point_dbl_21(&t[30], &t[15], tmp);
-        sp_521_proj_point_add_sub_21(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_521_ecc_recode_6_21(k, v);
-
-        i = 86;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_33_21(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_521));
-        }
-        for (--i; i>=0; i--) {
-            sp_521_proj_point_dbl_n_21(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_33_21(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_521));
-            }
-            sp_521_sub_21(negy, p521_mod, p->y);
-            sp_521_norm_21(negy);
-            sp_521_cond_copy_21(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_521_proj_point_add_21(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_521_map_21(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*21;
-    sp_digit* t6 = t + 4*21;
-    sp_digit* t1 = t + 6*21;
-    sp_digit* t4 = t + 8*21;
-    sp_digit* t5 = t + 10*21;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_21(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_21(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_21(p->x, t2) &
-            sp_521_cmp_equal_21(p->y, t4)) {
-        sp_521_proj_point_dbl_21(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_21(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_21(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_21(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_21(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_21(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_21(t5, t3, p521_mod);
-        sp_521_mont_sub_21(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_21(t3, t3, x, p521_mod);
-        sp_521_mont_mul_21(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 21; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 21; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 21; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_21(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 21;
-    sp_digit* tmp = t + 4 * 21;
-
-    sp_521_mont_inv_21(t1, a->z, tmp);
-
-    sp_521_mont_sqr_21(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_21(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_21(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 65 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_21(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_21(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_21(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_21(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_21(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_521_proj_point_dbl_n_21(t, 66, tmp);
-            sp_521_proj_to_affine_21(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_21(t, s1, s2, tmp);
-                sp_521_proj_to_affine_21(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_256_21(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->x[17] = 0;
-    r->x[18] = 0;
-    r->x[19] = 0;
-    r->x[20] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    r->y[17] = 0;
-    r->y[18] = 0;
-    r->y[19] = 0;
-    r->y[20] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->x[17] |= mask & table[i].x[17];
-        r->x[18] |= mask & table[i].x[18];
-        r->x[19] |= mask & table[i].x[19];
-        r->x[20] |= mask & table[i].x[20];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-        r->y[17] |= mask & table[i].y[17];
-        r->y[18] |= mask & table[i].y[18];
-        r->y[19] |= mask & table[i].y[19];
-        r->y[20] |= mask & table[i].y[20];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_21(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 21 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 21 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 65;
-        for (j=0; j<8 && x<521; j++) {
-            y |= (int)(((k[x / 25] >> (x % 25)) & 1) << j);
-            x += 66;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_256_21(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=64; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8 && x<521; j++) {
-                y |= (int)(((k[x / 25] >> (x % 25)) & 1) << j);
-                x += 66;
-            }
-
-            sp_521_proj_point_dbl_21(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_256_21(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_21(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_21(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[21];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[21];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_21(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_21(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_win_add_sub_21(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 21 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 21 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_21(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_win_add_sub_21(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_21(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 21);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 21, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 21, km);
-        sp_521_point_from_ecc_point_21(point, gm);
-
-            err = sp_521_ecc_mulmod_21(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_21(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 21 + 21 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 21 + 21 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 21;
-
-        sp_521_from_mp(k, 21, km);
-        sp_521_point_from_ecc_point_21(point, gm);
-        sp_521_point_from_ecc_point_21(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_21(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_21(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_21(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_21(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_21(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_21(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_21(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_21(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_521_ecc_mulmod_21(r, &p521_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_521_ecc_mulmod_base_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_521_ecc_mulmod_21_nb(sp_ctx, r, &p521_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 66 between points.
- */
-static const sp_table_entry_521 p521_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x0e5bd66,0x13f18e1,0x0a6fe5f,0x030ad48,0x1348b3c,0x1fd46f1,
-        0x1049e8b,0x051fc3b,0x1efe759,0x0a5af3b,0x14f6ea8,0x1ec0d69,
-        0x01f828a,0x029fda9,0x19204e4,0x1688538,0x1662395,0x0cf1f65,
-        0x1013a73,0x1c0d6e0,0x00c6858 },
-      { 0x1d16650,0x14a3b4f,0x090222f,0x0d44e58,0x153c708,0x1683b09,
-        0x0e404fe,0x0818aa1,0x15ef426,0x1f7394c,0x1998b25,0x1a2e4e7,
-        0x0817afb,0x0bcda23,0x1d51125,0x037b331,0x1b42c7d,0x02e452f,
-        0x08ef001,0x12d4f13,0x0118392 } },
-    /* 2 */
-    { { 0x10ccb51,0x0c33387,0x1d2a00e,0x026ca92,0x187e1d0,0x194f6cd,
-        0x13c86ca,0x06efeb1,0x0a3add3,0x16074d5,0x023fec1,0x0ba1d3a,
-        0x07f13b3,0x0b3b0b1,0x02fd132,0x07de9bb,0x014758a,0x1d250c6,
-        0x0010eb6,0x0aedbb4,0x013e96a },
-      { 0x12d95a3,0x1127c31,0x00a4af7,0x0298a49,0x19f15ef,0x0d5d0cb,
-        0x018fa6f,0x00f55bb,0x0a962b7,0x0f029fa,0x1636637,0x05bc284,
-        0x1cc598a,0x030e11a,0x0968674,0x1a6593f,0x110e8ff,0x0076a32,
-        0x1de33ab,0x153ba3d,0x01852ae } },
-    /* 3 */
-    { { 0x0af1fe3,0x08eec75,0x14af42a,0x0488016,0x0db3866,0x15f8690,
-        0x01aa486,0x081fed4,0x0a768c9,0x00943cd,0x1bb0de5,0x1579343,
-        0x1cf3791,0x139c1a1,0x04fef98,0x1578392,0x0abe222,0x1b945a1,
-        0x0e7bcc4,0x18150c5,0x0157874 },
-      { 0x0f03d49,0x078c273,0x180c2b2,0x083c917,0x09c357e,0x0e5ef7d,
-        0x17bce05,0x078059c,0x15fd8dc,0x120e3d5,0x0c4275e,0x0f93f5d,
-        0x184bef6,0x1427a69,0x0633286,0x0155c5f,0x07d672f,0x1bf01ea,
-        0x15625a2,0x0356b03,0x000724b } },
-    /* 4 */
-    { { 0x19314e0,0x196a5ef,0x0ab2413,0x1bcf401,0x1aae850,0x177d81e,
-        0x0420d60,0x1a4f246,0x1ec7fe6,0x078e141,0x15d2a20,0x132c333,
-        0x072d5b3,0x1ca803f,0x0482e6c,0x1e07cbe,0x1734773,0x118691b,
-        0x0de2da1,0x0324e67,0x0121f4c },
-      { 0x08b51f0,0x1ffb6fd,0x17c3c40,0x0281c57,0x0e7afb5,0x12a0b8d,
-        0x0e03a0c,0x12a2260,0x0cda10d,0x01a80dc,0x0a3007a,0x0e3c9e7,
-        0x0910577,0x1640383,0x14865aa,0x070431e,0x0aaa562,0x09b04d8,
-        0x12829fc,0x0af20d2,0x01db8c2 } },
-    /* 5 */
-    { { 0x0c0958d,0x1b86659,0x0e1cc00,0x0cd34f6,0x09aef16,0x064d9c4,
-        0x1cf3d20,0x0924f25,0x0fab3e1,0x194c279,0x12259c2,0x086ca0e,
-        0x0a9751e,0x1699ed9,0x0ae6756,0x09b5539,0x132b44a,0x0a6ca2e,
-        0x1b1dcc9,0x1994a42,0x000aa26 },
-      { 0x1e66d18,0x10ea0fc,0x19eb36f,0x0d5422f,0x00aeef9,0x186925c,
-        0x0528b76,0x17e0a64,0x15c98b7,0x0e7d913,0x0f2121b,0x086dbfa,
-        0x0c613e7,0x1e526a9,0x1c0fe84,0x03cc8dc,0x1771855,0x0864714,
-        0x1ea149f,0x121d597,0x01c6f5e } },
-    /* 6 */
-    { { 0x0b2d58f,0x178f3a5,0x000a8b0,0x185412f,0x01bbf82,0x05dbb56,
-        0x1ac91dc,0x17acb07,0x15667f7,0x1276cf6,0x1a25fa3,0x1b0dfb2,
-        0x15d8c01,0x1fdf078,0x0e5684c,0x1b962cc,0x19dd99c,0x0a8f279,
-        0x0837ac9,0x108494e,0x0082de0 },
-      { 0x0ea91af,0x129d930,0x1f765ea,0x0ef463b,0x04384af,0x084ddf5,
-        0x1c8e573,0x1c39b05,0x0f30058,0x0be0ced,0x1e3a5e6,0x018dcb8,
-        0x05443b6,0x0bad8c2,0x0ba6d7d,0x19c2df5,0x13308c2,0x12e7437,
-        0x1d8fea1,0x19cb1e9,0x0073983 } },
-    /* 7 */
-    { { 0x017609d,0x09898c1,0x1002bba,0x084825f,0x1f8a9dd,0x163194b,
-        0x19930a1,0x0bdc22f,0x07bf1c6,0x01bc16b,0x0fbb973,0x09b71a0,
-        0x19e8c14,0x0d5c9bc,0x0b2b2ca,0x1098e03,0x1b5b077,0x190af58,
-        0x0bff361,0x013f503,0x00f82c4 },
-      { 0x18139a4,0x09bb31b,0x0a4c01f,0x176ab7d,0x06d969e,0x045e4ee,
-        0x035bda3,0x0858f8c,0x15f93f2,0x0274230,0x1c5f661,0x1454e82,
-        0x0e8461c,0x185f890,0x04c39e7,0x133af1d,0x0026b56,0x170aaa5,
-        0x093edb7,0x18ee04d,0x007de69 } },
-    /* 8 */
-    { { 0x1ee80d7,0x08dd825,0x19a586d,0x1eed25b,0x0e1f6a1,0x15e1de8,
-        0x191b283,0x1e106f3,0x1930644,0x005ffd3,0x16c1dc7,0x170e721,
-        0x0997c67,0x1d6d0e7,0x170cf87,0x16a2412,0x0ddac54,0x11e2805,
-        0x0c46195,0x03a6c1a,0x00b0c23 },
-      { 0x1bcab2f,0x0494c1c,0x082818a,0x00c9ba4,0x00c0678,0x1ee1506,
-        0x18211d8,0x1c60c5e,0x11938c3,0x074ed39,0x11bae62,0x1e5aa5c,
-        0x1d69be8,0x152ef07,0x17234b5,0x01c4dca,0x163db2c,0x1f9d1fe,
-        0x192ffd5,0x18db3e3,0x014a899 } },
-    /* 9 */
-    { { 0x005ce88,0x171d0f6,0x080a7fd,0x0d6d5fa,0x18fc249,0x1f5803f,
-        0x081ddbe,0x080173a,0x1eebded,0x087605e,0x1c03ded,0x0e84d26,
-        0x0eaef97,0x1fbd818,0x1b8de84,0x03eef00,0x1171b90,0x1ae78be,
-        0x0a56b83,0x0dcbbf9,0x0159903 },
-      { 0x00e8e0c,0x1b25a80,0x17e402b,0x080df69,0x13f2ae0,0x0f91dd6,
-        0x1699d12,0x152bec3,0x0255b25,0x0548c21,0x0f19403,0x07cd1c6,
-        0x01fa6af,0x016013e,0x0dcf003,0x0814a28,0x1a19728,0x04cf9e6,
-        0x03a1090,0x0c56f3a,0x00e798c } },
-    /* 10 */
-    { { 0x04d0f28,0x1e25457,0x01bba31,0x1eacda0,0x1a8a55e,0x1720119,
-        0x17d9419,0x0ec6f30,0x15d321b,0x0f6655a,0x146c1e3,0x0dad706,
-        0x0b38b96,0x0beaa45,0x022794d,0x156165d,0x02fe631,0x1bd4f47,
-        0x1d714de,0x0c1f2bc,0x005945c },
-      { 0x067d79c,0x13e9a3c,0x0602f28,0x0b03903,0x1f460b1,0x15c628b,
-        0x166ae5d,0x1b2fd85,0x061b91e,0x0682243,0x07457ff,0x144bb38,
-        0x19730a7,0x1ca64ed,0x0b3c967,0x0b47714,0x1875dec,0x1473c25,
-        0x1944c7b,0x0a4c0e7,0x0004062 } },
-    /* 11 */
-    { { 0x1631bba,0x0272e78,0x14937b8,0x1e2ade8,0x00e6c1d,0x0184c82,
-        0x0fcc393,0x18e0cc0,0x16b6abe,0x1b24d21,0x053dbb6,0x0139ed7,
-        0x15354f5,0x1b5bf05,0x1b3d1a4,0x0dba4ff,0x07eba1e,0x153d388,
-        0x0251432,0x1db58ad,0x0022889 },
-      { 0x05596f2,0x148b768,0x0e2e404,0x1960479,0x03901da,0x0a55f0f,
-        0x14fb39f,0x0264a03,0x0a9c903,0x140a820,0x051b42c,0x07e38da,
-        0x169dbcd,0x1a770c4,0x08756c5,0x04df6df,0x161a912,0x024d750,
-        0x02a0261,0x19ddbf7,0x0154754 } },
-    /* 12 */
-    { { 0x070b2f0,0x113d821,0x135ed93,0x117e9ae,0x04b34e4,0x13915d4,
-        0x0fa2c30,0x039630d,0x19ff9b7,0x0a52c4e,0x15af13d,0x09be69f,
-        0x1d9887e,0x1a097a4,0x119a7f5,0x13a2d6f,0x1bb77f8,0x020046c,
-        0x040b81d,0x1284d79,0x01cfafb },
-      { 0x02935ca,0x07968b3,0x111b329,0x0732fb9,0x0847c70,0x1e3cfc1,
-        0x1a794d4,0x1e98113,0x15215f0,0x16c6cc4,0x046e767,0x1179012,
-        0x0359cf0,0x16f13d5,0x00d5039,0x0641a96,0x03ef69e,0x1a97a6b,
-        0x13bc64e,0x02ffad2,0x00e6a02 } },
-    /* 13 */
-    { { 0x0214780,0x0f313ba,0x07aaddf,0x0e40e8b,0x0a06681,0x03fd80e,
-        0x1e6dfa7,0x18fef0a,0x1d6d4b7,0x0aaa460,0x12a8e79,0x03214cd,
-        0x0f45756,0x0c282d2,0x0506c0e,0x0c9d7f0,0x17c4c88,0x1d2e506,
-        0x184a74f,0x15f2a13,0x0053bf8 },
-      { 0x1285092,0x194ec42,0x197ef26,0x151ddab,0x02f31da,0x0c555cc,
-        0x1a43bd8,0x1a33866,0x0d2626e,0x1770a7a,0x1638243,0x0e160fd,
-        0x0042295,0x039b682,0x1de483a,0x1a03a32,0x1ffede7,0x1a3f712,
-        0x11eadce,0x0438757,0x01b93c9 } },
-    /* 14 */
-    { { 0x08b2b14,0x103e650,0x11fc2da,0x177e2e9,0x0a978de,0x0659525,
-        0x0e0a310,0x0705239,0x090adc8,0x0e3c139,0x1b779a5,0x1655183,
-        0x0008da8,0x087de91,0x073acbe,0x1729ce8,0x1e5322d,0x12fc4e4,
-        0x1cf1523,0x0cc10b6,0x007d182 },
-      { 0x1efd012,0x1fc1516,0x1fbda7a,0x08b42a6,0x01ecb09,0x18408e8,
-        0x1d4d4fb,0x1d478aa,0x1b2bd4d,0x0e44153,0x05a7216,0x12e4f7f,
-        0x1b00a1f,0x0592d68,0x0eb7d78,0x0c00a0c,0x106f253,0x0260ff9,
-        0x044bf86,0x02b7d88,0x01178e5 } },
-    /* 15 */
-    { { 0x1e3d3d5,0x03c3ff7,0x089e4c5,0x0b3b12e,0x09e76f6,0x1b567a9,
-        0x1fb4782,0x1b22b8e,0x01c5e8d,0x015bd90,0x199ebe7,0x11e2bea,
-        0x1478803,0x19abb77,0x031d9bf,0x02a95e7,0x1c80040,0x1cf8311,
-        0x1a20ed4,0x078897b,0x009647d },
-      { 0x01b21a4,0x1ab1c6f,0x0704c81,0x02ae210,0x1b6399c,0x001accd,
-        0x1819dd7,0x1ea645c,0x1ade60c,0x03fef3f,0x0641657,0x0881df8,
-        0x001b195,0x0ebd9cb,0x1c2b233,0x14e7cfc,0x03d6a6f,0x02552d4,
-        0x0c201d9,0x119f58c,0x004234f } },
-    /* 16 */
-    { { 0x06492ad,0x0f38d14,0x0b13b8c,0x08cbf0d,0x08f3de4,0x189e5a0,
-        0x0035369,0x009d12e,0x1a86b71,0x1687af4,0x0b0585e,0x1c9e4ae,
-        0x19d9a62,0x12e60e4,0x1488fbc,0x05c18ef,0x1613b96,0x0f6ffb4,
-        0x0762c81,0x1a51e70,0x008e818 },
-      { 0x0df1f60,0x118e7c6,0x183dc84,0x16ce2ee,0x0b640f2,0x02d201c,
-        0x1be3381,0x13f7ce4,0x0037068,0x11142ee,0x08372d0,0x1f1ee5d,
-        0x037196b,0x0404331,0x1bde157,0x1fc9142,0x1c7c326,0x06a70cf,
-        0x1da2fd1,0x190add1,0x013efdb } },
-    /* 17 */
-    { { 0x0a3ace5,0x06827f3,0x070778d,0x1d12c32,0x0dbb603,0x0f687a0,
-        0x0001fdd,0x16b69b8,0x095b259,0x0f0735e,0x17c0805,0x14cc4c2,
-        0x18dfbcb,0x098f51f,0x1b150cf,0x1f04965,0x0e4103f,0x1215858,
-        0x1200ccb,0x02a0c18,0x0111193 },
-      { 0x05452f1,0x1f51402,0x1cee665,0x1ee3e7e,0x00b678c,0x1499474,
-        0x0f77107,0x04694a5,0x0e6af1c,0x1f932b7,0x08579ed,0x0b73688,
-        0x0bc4380,0x1852014,0x09cd3cb,0x0edc475,0x0794224,0x1f1e392,
-        0x031833d,0x05d160d,0x01f16dc } },
-    /* 18 */
-    { { 0x1fc0de5,0x1d737ff,0x1c92f37,0x1f5694b,0x0801814,0x15546ed,
-        0x0d963a8,0x0823202,0x1da4f04,0x1d8e57a,0x001847c,0x19b6682,
-        0x08f24b9,0x0b7067c,0x10c93b6,0x0b90491,0x1342305,0x0a5bf51,
-        0x0424b8a,0x06b6c91,0x01d36e8 },
-      { 0x1372f27,0x1bd7383,0x0669fad,0x150775c,0x0779b4f,0x014f5da,
-        0x16b8595,0x07f42eb,0x0fc03ef,0x0176133,0x071f125,0x0d52d32,
-        0x1c0e5fc,0x0b129e9,0x1d8793d,0x1ce7141,0x158de74,0x0bd08ff,
-        0x0937a46,0x0499a8c,0x0002605 } },
-    /* 19 */
-    { { 0x1342e08,0x0e86500,0x02bd16d,0x016e93e,0x109ed4f,0x14ec022,
-        0x00b6594,0x139d6aa,0x16d8035,0x15843ed,0x0120017,0x150e987,
-        0x04eaa66,0x03ad43c,0x1cb1e83,0x062fdd2,0x0216874,0x0460b4f,
-        0x1727efd,0x0aadc1c,0x014f81c },
-      { 0x120674d,0x05895f0,0x02b09ac,0x12433e0,0x06bf09b,0x0c65536,
-        0x1ccb759,0x13c3c3c,0x18292d9,0x1b8e2d7,0x16fe031,0x0a524bf,
-        0x1d5d813,0x1b3361b,0x06f5e60,0x1ed01cc,0x06a1d0d,0x1c6d64a,
-        0x0e7c260,0x19ed098,0x009f58d } },
-    /* 20 */
-    { { 0x17dc837,0x148813d,0x0710505,0x096a1d6,0x0d71975,0x133a0d9,
-        0x024ab5f,0x07009e8,0x1bc824a,0x0853f8e,0x082f3c7,0x00ad91c,
-        0x10570b2,0x0d0c0ed,0x0cb8ee7,0x0a114ce,0x16e0a7b,0x13c4031,
-        0x07dc124,0x1ea0599,0x004511a },
-      { 0x16f4ffa,0x106ca62,0x03e82e0,0x0589e18,0x1c6205a,0x1030350,
-        0x0f53a86,0x1f733e6,0x079b316,0x1d5b233,0x0903f06,0x10a5c9e,
-        0x0305aa0,0x096bee2,0x14e6de2,0x180e644,0x11206e3,0x181b2bf,
-        0x1b6d98c,0x00a5019,0x0059284 } },
-    /* 21 */
-    { { 0x197760c,0x04388a1,0x141a434,0x0c393f9,0x19020b7,0x1f127bd,
-        0x11fea61,0x1418ffd,0x0522335,0x119dc50,0x0728403,0x15fb5c4,
-        0x0073dbe,0x1d81911,0x0301828,0x0bb4c8b,0x1b8ee14,0x1cdce39,
-        0x1ffd8bb,0x0cc3ca4,0x00aa31c },
-      { 0x1430b5e,0x0c75840,0x15a6bd4,0x14a1dc1,0x132f9ce,0x175f45d,
-        0x0c2d6a9,0x1121d9b,0x09fe1d6,0x18afbf9,0x0732687,0x11e634b,
-        0x03ce5d6,0x0455953,0x159e650,0x19ca9e9,0x0ef4347,0x1742d8e,
-        0x01b41dd,0x0847805,0x01768ff } },
-    /* 22 */
-    { { 0x1dcec23,0x0082619,0x1466159,0x179ba0e,0x1af0d61,0x07984d5,
-        0x0bd4531,0x02a90db,0x1de4887,0x00de47a,0x0e6e8fc,0x15e3a6a,
-        0x0cddd6b,0x1d1df47,0x1f99974,0x10cbf76,0x0c3cb5d,0x07c8ced,
-        0x0485268,0x007b47e,0x0173fe2 },
-      { 0x0d4a3d1,0x174d0bc,0x1b6010e,0x110ca62,0x04d5cf5,0x0bb231d,
-        0x09b0104,0x089d5e0,0x1f84afa,0x0b631c7,0x0908b4c,0x072fffd,
-        0x13512f2,0x13115b0,0x07aa811,0x00d1ad2,0x0a397e7,0x02442b7,
-        0x1286ccf,0x0365c7e,0x01b542d } },
-    /* 23 */
-    { { 0x1487402,0x196af0f,0x1757d46,0x0cf55e3,0x036016e,0x14e1057,
-        0x1c7d5b6,0x1fa3d67,0x1ece45b,0x0dbe9b0,0x0a78609,0x0c6604f,
-        0x0942db0,0x14208b2,0x08a1ddf,0x0e7a17e,0x0c44587,0x07afe70,
-        0x175e97c,0x062a3a5,0x001fb2b },
-      { 0x1aa096a,0x1b9f47d,0x01e0409,0x17c1275,0x152726e,0x1f8bc08,
-        0x1341cb1,0x0ecb8a7,0x0ab5dca,0x069efe8,0x1cb528e,0x1b0b0fd,
-        0x02bb4a7,0x1bf588e,0x070804e,0x1445eb9,0x0340b6d,0x0af1a9e,
-        0x0c97b2b,0x1aa14b4,0x0039846 } },
-    /* 24 */
-    { { 0x077df58,0x13b9b0b,0x15b1db6,0x0e396a1,0x164bd56,0x0407f91,
-        0x11f5c28,0x0600887,0x1865324,0x0542a14,0x04079e8,0x1ba586a,
-        0x1682002,0x0462e6b,0x0f1850d,0x1e27f7d,0x1aeca6c,0x07f8ac8,
-        0x02fe370,0x0f85cd3,0x00fb91c },
-      { 0x0de14d5,0x02e5689,0x0089a9f,0x1ecac39,0x1c448c5,0x0dd9ed5,
-        0x190c1f3,0x1af3f1b,0x1c76811,0x02c7808,0x1881267,0x00dcea8,
-        0x091e898,0x04d3a72,0x0ab428b,0x06f87ca,0x05cb2be,0x0901a34,
-        0x082f1cb,0x0c648a1,0x00ec7a8 } },
-    /* 25 */
-    { { 0x086786e,0x0c610c5,0x0b20ce0,0x08426fc,0x0d537f7,0x1375907,
-        0x043469f,0x006bb2d,0x05cdc48,0x1c87638,0x1ef5d65,0x059049e,
-        0x1446916,0x070f878,0x19fbe75,0x02b9413,0x08bce99,0x1e98609,
-        0x11c489b,0x028becd,0x002d810 },
-      { 0x11d87e5,0x1a4fadb,0x1b68c49,0x02f6059,0x05f3b14,0x1d7f8b1,
-        0x1b4bb82,0x04e048a,0x1fcae66,0x1fbd9d4,0x16617e5,0x1f1e6f7,
-        0x010d6eb,0x1fd3686,0x0aa06e5,0x1e26e41,0x00121f2,0x0d94f8d,
-        0x130376c,0x0d45f0b,0x003de32 } },
-    /* 26 */
-    { { 0x0c2ee78,0x19cc59c,0x0fb89bc,0x034eb41,0x00c3d10,0x0d3fc72,
-        0x05c1959,0x0ba6b46,0x104019e,0x094c2f1,0x1d2dbb4,0x0c85702,
-        0x0a21e2a,0x17c0529,0x0857ba2,0x1b01c4b,0x1e68518,0x12e8f07,
-        0x13dbaa6,0x1782700,0x00848cb },
-      { 0x1d45169,0x143486f,0x0341da0,0x10b3a7d,0x18d7e09,0x1c5fe11,
-        0x0204736,0x09046eb,0x0162cf6,0x04caa3d,0x056e321,0x167769a,
-        0x06494ba,0x03024cd,0x0b2f15f,0x19fdb04,0x04ea8a1,0x1d62191,
-        0x1f19662,0x0c68d2a,0x00d9435 } },
-    /* 27 */
-    { { 0x0271323,0x14929b4,0x135cac1,0x10939a0,0x04d9e0a,0x18e63e9,
-        0x17efcac,0x0c355c6,0x157a3e3,0x07b25a7,0x13a1591,0x0d0c052,
-        0x0e14904,0x01e76a5,0x120bb9d,0x1b48fbb,0x0a57e2c,0x065c953,
-        0x1f07e5a,0x1885df7,0x013f989 },
-      { 0x0651600,0x0c5efdc,0x0bbafb6,0x08f479f,0x0c36343,0x18d1134,
-        0x0950cd6,0x00f2742,0x1d58255,0x0c6d3ee,0x1ac7a55,0x16470a5,
-        0x05a5173,0x114afaa,0x16b9614,0x1a203be,0x0ef6646,0x172a371,
-        0x1627e18,0x02d458b,0x01faf7e } },
-    /* 28 */
-    { { 0x1ec136d,0x0364763,0x146c35d,0x0f9a226,0x18e1d82,0x03d08b7,
-        0x0eb4fc6,0x0caec94,0x1136e84,0x18dcb47,0x060f08b,0x05290a1,
-        0x19d41aa,0x1f38b92,0x08fb312,0x0293842,0x152763c,0x0ee6e55,
-        0x008ae0b,0x0a16302,0x016da7f },
-      { 0x0a5e258,0x1299686,0x09efe67,0x0f2f6c5,0x0148ad1,0x1feef7d,
-        0x090bb1d,0x1891a14,0x174f9b6,0x028c5e6,0x048b516,0x0170ffa,
-        0x17c53b3,0x1da8596,0x033464f,0x155d377,0x0eebc01,0x08d0b4d,
-        0x1789b82,0x1362143,0x01c57e4 } },
-    /* 29 */
-    { { 0x1210716,0x1f33a90,0x1000b2a,0x060fc04,0x01a296a,0x01bcadc,
-        0x1047632,0x0d5295f,0x0dd9efa,0x079019a,0x15a1bda,0x13d6cef,
-        0x155be2f,0x1fae713,0x04fc9de,0x0f8b8d4,0x041b975,0x07bec91,
-        0x1d3d2e3,0x07a5e98,0x013270c },
-      { 0x1209aa4,0x0304e46,0x10dbe72,0x05b656a,0x06f413a,0x091a2ea,
-        0x0b468a6,0x09f2d6e,0x19487c3,0x0379575,0x028dd46,0x02ed688,
-        0x0e4fa72,0x1ed29ac,0x10824d9,0x1662074,0x1e3ff25,0x0788f56,
-        0x017582e,0x0e02a6a,0x01a99a5 } },
-    /* 30 */
-    { { 0x07495bb,0x089c9b7,0x0746b85,0x109210f,0x0bd2fd2,0x1ebb7e7,
-        0x0ac2ca7,0x0393846,0x1c60e72,0x0d06a4d,0x08278a8,0x1706a2f,
-        0x189f582,0x0ec5d6f,0x0de027a,0x1176958,0x09e0ad4,0x1a5526f,
-        0x0db3121,0x0826259,0x0027fd0 },
-      { 0x0d4fb6d,0x0817775,0x12fb015,0x1a14c05,0x160c25e,0x1fa503b,
-        0x1a106f5,0x028b174,0x054edce,0x145b019,0x1d85330,0x1c72072,
-        0x13b9d41,0x0c0f76c,0x086dc74,0x0961684,0x1c2332d,0x0e80871,
-        0x0ac3906,0x0b144fb,0x0096dfe } },
-    /* 31 */
-    { { 0x1ebd24e,0x17e6b3e,0x01d5335,0x0135c56,0x1e3fca6,0x0be1365,
-        0x108bbc8,0x07f4fb1,0x0b9620e,0x01681f0,0x07e1f75,0x042d8ff,
-        0x0e634bf,0x04b97ff,0x0c7b14e,0x07cee45,0x1c1d60d,0x141d4ab,
-        0x1da94df,0x1cbf0c1,0x0162edf },
-      { 0x0ea20b8,0x02a0078,0x0401028,0x1c3af2d,0x0872ac7,0x0d86561,
-        0x097243b,0x14eeecb,0x0b62939,0x0fadc98,0x12dc227,0x0edd5e5,
-        0x12f78a6,0x097f5e0,0x01ccafd,0x015a606,0x0deba19,0x09d3320,
-        0x0f9f8d0,0x15c2bf2,0x00d536e } },
-    /* 32 */
-    { { 0x1c88f3c,0x08cfb50,0x1129b18,0x185d8d2,0x124e5fe,0x017f954,
-        0x0b1815d,0x0f89915,0x0ddb22c,0x056ef0f,0x1496ed8,0x0719f4b,
-        0x0097289,0x1608bef,0x16b13df,0x05383f4,0x0b74829,0x0a0f9ad,
-        0x0bf657d,0x09d1f21,0x0180d1c },
-      { 0x1cd8358,0x0739ed3,0x0480bf1,0x0fe5439,0x19361a5,0x0a69441,
-        0x1c4c2b6,0x1c5ede5,0x02b6a78,0x1bf1233,0x098b378,0x1f16f38,
-        0x190babf,0x10dacbd,0x0b807bd,0x09cc8d9,0x1f0a60d,0x0ce0f19,
-        0x1407e11,0x084501b,0x000e52a } },
-    /* 33 */
-    { { 0x1013755,0x1205207,0x03a5cb5,0x0ff7070,0x0b6dce7,0x1b25988,
-        0x139e5fa,0x06c4f13,0x193ca5a,0x1382585,0x17ff263,0x01feb17,
-        0x1218c36,0x191861b,0x0c7cc8e,0x10ba2a7,0x0885a73,0x1eb59c8,
-        0x1ae4efd,0x0261eaa,0x004a071 },
-      { 0x0ef3f88,0x104b5ff,0x0514a68,0x1370567,0x02eba86,0x1332539,
-        0x0612a1c,0x084ffc4,0x1858ff9,0x06e05d0,0x03276a8,0x1d6ae92,
-        0x0833799,0x00ac467,0x0d5bd8a,0x19dc43a,0x07fa7b2,0x0beecde,
-        0x0f3ebba,0x0349d14,0x00d21e6 } },
-    /* 34 */
-    { { 0x1068656,0x0db14f4,0x137fb17,0x193fdbc,0x023bd70,0x0a2aa33,
-        0x156f7f3,0x0838f15,0x06291a7,0x1cc0ee9,0x19a23bd,0x1b24ec3,
-        0x0f3ac53,0x0adc939,0x05a24a9,0x0dfd8d5,0x1b80654,0x1210bf3,
-        0x0e78bd5,0x1807975,0x015e793 },
-      { 0x0ff39be,0x0caa1b7,0x1da023f,0x1db7fe9,0x1a1af07,0x120b0b2,
-        0x1eaf6c0,0x05307a8,0x1d47980,0x1e2e97e,0x0b9becd,0x12f0c16,
-        0x189d86d,0x0746dcc,0x18ca13b,0x17377c7,0x0b5d868,0x1cf824f,
-        0x16b462c,0x1d14f13,0x018e3b3 } },
-    /* 35 */
-    { { 0x11e61f0,0x1362b72,0x1d5d5c0,0x0660fe4,0x1ddbcaa,0x1757a0e,
-        0x09baec6,0x1752540,0x0e2d7f5,0x19f49be,0x1ab6468,0x003d78b,
-        0x1d1f7cc,0x1723403,0x0ad9974,0x12a3321,0x1555341,0x0e15227,
-        0x0599012,0x18394cf,0x00aa099 },
-      { 0x197e387,0x0d484c7,0x15a6d58,0x108bc3b,0x1605177,0x18eb55f,
-        0x144adff,0x1123ff4,0x0d09a9c,0x16d2ad2,0x00b8ad0,0x18e3a45,
-        0x0d5e5a7,0x13a0c2d,0x096880f,0x15dffbf,0x09dea0b,0x10cd89b,
-        0x1b30285,0x1df2283,0x01a3a5e } },
-    /* 36 */
-    { { 0x0573b81,0x106853d,0x13bcabc,0x10cc329,0x1eac1ca,0x188e1a3,
-        0x0b6342d,0x085de1a,0x0ba099d,0x17500b6,0x1ea329a,0x1a50a0c,
-        0x0fa6609,0x1d09a8f,0x14b1801,0x04c68d4,0x018b11c,0x06d5c2c,
-        0x0c700cf,0x1f48bb7,0x0121f17 },
-      { 0x03279d6,0x05c3d7e,0x07867ee,0x178403e,0x030e76a,0x1610eef,
-        0x1aa0e01,0x09e055e,0x1c63f82,0x17ebf15,0x14694fa,0x1c4c8d7,
-        0x047b074,0x1109c8b,0x1bd24c6,0x1b37f9a,0x139c172,0x0d5967e,
-        0x16d673c,0x07d6969,0x010a62f } },
-    /* 37 */
-    { { 0x0689a1b,0x16f1b70,0x19cb900,0x1afb95f,0x1dccc9f,0x0e85fdc,
-        0x0b5f895,0x1b3c9bd,0x04ada04,0x1f743f7,0x0b9dd35,0x073d7fa,
-        0x1b5a850,0x1b8595c,0x0b1995d,0x0777450,0x026ba10,0x0d3d654,
-        0x1f3541c,0x0051758,0x011aac7 },
-      { 0x00c8f04,0x0e9ce34,0x0d78b98,0x1969167,0x0f09c4c,0x1a279e1,
-        0x026f655,0x126262c,0x0aaccb5,0x0b9725a,0x1ec825b,0x0194b5b,
-        0x0fdb706,0x0fe9f66,0x1f6790c,0x054e78c,0x06fe175,0x00a43d1,
-        0x134215f,0x0a6cc6c,0x01e33d9 } },
-    /* 38 */
-    { { 0x0ec9e7f,0x02835a6,0x063f999,0x0861557,0x044564b,0x1fd1425,
-        0x1407c5c,0x0e4bc36,0x015c974,0x1dbdebf,0x1b00cf9,0x0f5105b,
-        0x02d6cc6,0x0531dbb,0x18ba4d0,0x05f9a3f,0x01b3f8e,0x11d0427,
-        0x0b9b9d4,0x1c9b513,0x00fdccc },
-      { 0x12fd820,0x1fc7760,0x1ccc1e5,0x152db48,0x125f892,0x0cbdfa1,
-        0x0907556,0x19eb2fa,0x002b753,0x1779ad6,0x1f3ae8e,0x12bbece,
-        0x0c8a73f,0x08ddd63,0x0a24adf,0x0f160b6,0x183cc52,0x1483a8a,
-        0x11fd17d,0x1daa7f4,0x001c2f5 } },
-    /* 39 */
-    { { 0x140b79c,0x00b2f55,0x06a0e45,0x104b691,0x1fb6eed,0x16083fd,
-        0x1adf629,0x117b426,0x18e01f2,0x018edc5,0x1e641f5,0x01bb49a,
-        0x0584e5d,0x1238f34,0x0a451ca,0x0dff0d3,0x1699837,0x0ac6834,
-        0x118c47f,0x0d36e98,0x0006ce3 },
-      { 0x0dd1452,0x1b9e88d,0x08a9b01,0x0bdb1d3,0x0e4e9c9,0x0ad2061,
-        0x038cb28,0x11fd1ff,0x0af62f1,0x1e5be9b,0x05212cf,0x0ddddd9,
-        0x1b2ca33,0x1d90202,0x15b9ea4,0x106a549,0x031956d,0x1b6c868,
-        0x07280f9,0x0eac07b,0x00e5dd3 } },
-    /* 40 */
-    { { 0x1481bf7,0x194bec5,0x00f3317,0x0854267,0x06a2a3e,0x005cb60,
-        0x14a3371,0x0793c28,0x11189da,0x115f9af,0x15fe9e6,0x1312d9a,
-        0x0bb8adb,0x09abe99,0x0924d72,0x0df5b83,0x180c2d7,0x0a8fd92,
-        0x13c8f78,0x043d684,0x01ba987 },
-      { 0x0a4b397,0x16d57a9,0x1952300,0x181a169,0x03c5f4c,0x1f3ce6e,
-        0x136cded,0x16c537c,0x0b33970,0x1a19b76,0x0231ffc,0x16f9250,
-        0x11ed3dc,0x011446d,0x0a43bfc,0x1ab35d8,0x151e96e,0x19523ce,
-        0x1b63e97,0x1db0e0e,0x00929d7 } },
-    /* 41 */
-    { { 0x060043c,0x0d785f3,0x1d3763b,0x1602dc0,0x04aa2cc,0x061d9ec,
-        0x1a39f8b,0x1893a46,0x05c269f,0x1da8098,0x0cf8d91,0x1dc27bc,
-        0x04d0194,0x1c4e528,0x0cd86e5,0x1623bb6,0x033984d,0x0466a8c,
-        0x03b24bc,0x1003d99,0x00c6d5b },
-      { 0x1ab9887,0x08e0aa3,0x0044cfe,0x14d6b56,0x0f285e2,0x1fe40c1,
-        0x139684c,0x05936e6,0x038d869,0x021ad3a,0x00ba057,0x08f8865,
-        0x0a3c92b,0x0e3de6d,0x048c7d6,0x1190c32,0x1c34d15,0x11d7212,
-        0x1688f32,0x0d1fd78,0x00117f5 } },
-    /* 42 */
-    { { 0x15caa87,0x1eceadf,0x1276332,0x1ed1bb1,0x17bfc60,0x0a6f6f0,
-        0x136ef1f,0x17ec7d6,0x18270b5,0x1b72ca2,0x063f9ef,0x0f4b981,
-        0x1588713,0x02ebdc7,0x17ada1c,0x14a6794,0x0ee4b25,0x025bef7,
-        0x09c029b,0x08b8649,0x00ef8e0 },
-      { 0x0cf52bc,0x00e4938,0x0a60583,0x152198c,0x0bf3f63,0x18147da,
-        0x10872fc,0x1e2bffe,0x1523bef,0x140816b,0x1384142,0x1347173,
-        0x1eff330,0x03310d8,0x0769340,0x0f00f1d,0x09fcc0a,0x14bbafc,
-        0x005e184,0x0890ca0,0x00eb590 } },
-    /* 43 */
-    { { 0x1bd33ec,0x1327ef5,0x15e6299,0x019cb5a,0x0cf9a66,0x1dab768,
-        0x1b01543,0x0ddd9a0,0x11d5aaa,0x0652fd6,0x09fc1ed,0x1cb7291,
-        0x1a36dae,0x17f0e08,0x18de21f,0x0a897a5,0x0c491d2,0x120fb0d,
-        0x0fff63a,0x1ee0e25,0x00be49d },
-      { 0x1acdb56,0x178fab2,0x0f79838,0x08bcbcb,0x12f13c8,0x1d02097,
-        0x14d5385,0x1df72ff,0x1d9c93b,0x11433e7,0x055f922,0x02d64b5,
-        0x1f9ca9d,0x050c31a,0x157066d,0x15ce23e,0x0f58d26,0x0cd9c34,
-        0x1251507,0x0900829,0x0000ac4 } },
-    /* 44 */
-    { { 0x0ad38db,0x1e7c4ea,0x1445b06,0x027ae28,0x1180f38,0x18121d0,
-        0x09d672d,0x0d8b698,0x1163a71,0x0eb26b1,0x122f6d7,0x1fd426c,
-        0x09bbd2e,0x126f4cb,0x1c61fe7,0x1188b48,0x112e2de,0x1b2ef34,
-        0x0f6b429,0x0be5389,0x0048e07 },
-      { 0x04dd88d,0x1aa3a2f,0x0bf000c,0x1100aef,0x1828363,0x19447b8,
-        0x1700489,0x1bdc966,0x1e68989,0x0047ec8,0x1dc6eb4,0x062b9a7,
-        0x0242142,0x1f26d0f,0x0c08ffc,0x05762b9,0x035b566,0x0bf35ce,
-        0x1ec13f9,0x1e82caf,0x0072143 } },
-    /* 45 */
-    { { 0x0f40f2c,0x1823613,0x0c76c1a,0x18d9af8,0x1d5d246,0x09d4dbd,
-        0x189c065,0x0df554a,0x08f0043,0x16494dc,0x0198356,0x125843a,
-        0x0619373,0x0deb6df,0x1e7b456,0x087f3a4,0x15ad17c,0x09bbe26,
-        0x03f3409,0x1db4a17,0x0179800 },
-      { 0x0132f31,0x0ee059b,0x0e8ee23,0x0255bce,0x0f8f4f0,0x1ef15cb,
-        0x07b0c80,0x066710b,0x0231b65,0x0d81c0a,0x024f2bb,0x1a41428,
-        0x19ad08c,0x0e15f17,0x1e1b511,0x1813f73,0x132f6eb,0x0fe9eca,
-        0x0bbd1e3,0x16b1323,0x013d757 } },
-    /* 46 */
-    { { 0x00f894b,0x168802c,0x11bdf66,0x15b24bc,0x1612488,0x0d3432d,
-        0x1f850b9,0x0268a92,0x117f9a8,0x0370829,0x0cd5072,0x0415f14,
-        0x18d8aa8,0x1d336ab,0x1e41981,0x11c474c,0x0ae5f75,0x023efb0,
-        0x1fe2ad7,0x1a99214,0x0107cad },
-      { 0x164ad0e,0x18227b3,0x06ccd5a,0x024a031,0x169fe0e,0x0a6db57,
-        0x129897c,0x0a85bd5,0x11bd77d,0x0f93bcf,0x0a2573a,0x03e4b9f,
-        0x0397991,0x1b78cd6,0x1a533b6,0x08963a9,0x01701af,0x0e1a99a,
-        0x031c9fd,0x087ffea,0x003bcac } },
-    /* 47 */
-    { { 0x1c1d4cf,0x14a8e41,0x0d3c5d0,0x01648b8,0x003791d,0x16e638f,
-        0x03bda70,0x0cfd51f,0x12a3107,0x152bd14,0x0522f4b,0x0d77625,
-        0x03255b4,0x07f575c,0x1707824,0x17eb255,0x18c449a,0x0d06968,
-        0x12a29a2,0x193feb8,0x00199e8 },
-      { 0x128171a,0x1dce6f5,0x01ef27d,0x07aaed3,0x0fd7840,0x1fc1267,
-        0x1cefc8b,0x18ab169,0x1bf333c,0x104d9c9,0x13adcbb,0x0745603,
-        0x0debff8,0x11014ce,0x0cd3114,0x1eea2b7,0x0a066eb,0x1d1e1f4,
-        0x074173c,0x1c0f769,0x01a65de } },
-    /* 48 */
-    { { 0x114257b,0x0ac6b58,0x18c026a,0x03a92eb,0x129afd4,0x173d88b,
-        0x1e6d4ea,0x1060e50,0x1edd1ac,0x1c8d849,0x19e5d41,0x0fa23d6,
-        0x0acfefc,0x1133ada,0x152f4df,0x0a2fe1c,0x17e8d69,0x1c4d316,
-        0x0084268,0x100bb04,0x006b96f },
-      { 0x1b5f9f4,0x0ea8bab,0x1345205,0x0c80b68,0x05c9e43,0x0380b07,
-        0x1778392,0x1f06885,0x11ef6b3,0x09ff7ca,0x05febe5,0x19ebee9,
-        0x17919e4,0x00b7785,0x18f3134,0x1ddda49,0x0872512,0x1fe2e55,
-        0x0ef45c0,0x1480534,0x01b6f1b } },
-    /* 49 */
-    { { 0x09252ac,0x1421aa9,0x0360a99,0x00e9cf6,0x1da626c,0x1f43559,
-        0x0330782,0x0a6aa10,0x14ed5dc,0x1a529fb,0x107f414,0x028019a,
-        0x1ca9eff,0x0b3a448,0x1f25171,0x16b5a1c,0x095ec53,0x06f525c,
-        0x1454262,0x0cf7de2,0x01ffefc },
-      { 0x06033fd,0x0e08498,0x1766623,0x13e6d0e,0x1b28797,0x019ae28,
-        0x0bc9b8f,0x1ac9a73,0x1124e29,0x0392cfe,0x16f7f29,0x0ae1883,
-        0x155d60c,0x06606c4,0x0892d84,0x1ff0c0c,0x0e5eea8,0x1d020ea,
-        0x19361c1,0x01c2b95,0x01fd292 } },
-    /* 50 */
-    { { 0x167da85,0x0af8666,0x08559b4,0x08b58a9,0x0e98b6f,0x1638e1d,
-        0x18087c6,0x0485e0b,0x0475592,0x1f59113,0x015b707,0x0ac2cdd,
-        0x072a2f1,0x17da5d2,0x1ac5159,0x12416cb,0x1d2a29d,0x19a3445,
-        0x07532e6,0x19d0ddf,0x0061943 },
-      { 0x0c91174,0x0b10c55,0x08d2d1a,0x1883bb2,0x05b519e,0x03b1d24,
-        0x0b7ca7c,0x0676fdf,0x1712c8b,0x028bf93,0x0e18c26,0x1d8760a,
-        0x04a02e7,0x0ff9f1f,0x0f116ec,0x0c90c8d,0x16f2949,0x1a35744,
-        0x0f4ae4f,0x162c93d,0x01462ae } },
-    /* 51 */
-    { { 0x0e4d3c3,0x07a0ff4,0x076c7cd,0x1eb76fd,0x080d87f,0x085abce,
-        0x1b02b64,0x15de042,0x1b87349,0x1125bb0,0x09b300a,0x0a50561,
-        0x17054bc,0x17968ca,0x131c0a6,0x0d9ba76,0x0e2adbe,0x00725c8,
-        0x181828d,0x0e9f024,0x00cf8e7 },
-      { 0x0229950,0x1cede17,0x0dc0f1f,0x0db3f05,0x0b11f84,0x0602f9d,
-        0x1668fc4,0x19456f5,0x10f1820,0x01f56a7,0x1eccc88,0x1791997,
-        0x1151dbc,0x0333837,0x1672bc0,0x13abc77,0x0250605,0x12d1cdf,
-        0x12bf993,0x070f91b,0x014c984 } },
-    /* 52 */
-    { { 0x0011531,0x13abfc7,0x15f1c22,0x0587b9a,0x1f45b17,0x0ccf14b,
-        0x127f70b,0x02b51d5,0x1b93b64,0x0a7740f,0x023a1a7,0x16a94a9,
-        0x10a5833,0x05dbd5b,0x155870c,0x1e753bb,0x184b3bd,0x1daded1,
-        0x177ccca,0x13f1c03,0x0124f90 },
-      { 0x141e782,0x0554255,0x0e1f16e,0x0d0a3bb,0x1de2012,0x0415e90,
-        0x0a9f665,0x077e937,0x1f4b641,0x0cb1ef5,0x0788901,0x1f76f9a,
-        0x0eed369,0x0dd6b07,0x1d25774,0x061dbb9,0x093892e,0x0f5a3ab,
-        0x1c2884b,0x0237b15,0x010baaf } },
-    /* 53 */
-    { { 0x0ec64e2,0x100ba0b,0x1af9c51,0x1efaf8d,0x1fd14ac,0x05b8bb5,
-        0x0128d9a,0x0383c6a,0x1741b04,0x171f9f9,0x0d9ec1c,0x0a945a7,
-        0x0d651fa,0x12bec94,0x0fb728f,0x1e832c4,0x08b72c8,0x194dba7,
-        0x09eaebb,0x13968e6,0x00383d9 },
-      { 0x0342a3f,0x0e859ed,0x0552023,0x05bde95,0x1200246,0x1ad4300,
-        0x190bbaa,0x0da3638,0x106e54b,0x10f1502,0x1b3c697,0x021e218,
-        0x109ba17,0x07c81e6,0x13f0d98,0x0cdea66,0x0011341,0x1cb4f00,
-        0x15710d4,0x04c0e82,0x00fafaa } },
-    /* 54 */
-    { { 0x12de285,0x0687338,0x1717217,0x010d3eb,0x0d2ff8b,0x0769c4e,
-        0x0ae4b7d,0x1086e54,0x055b99c,0x1a92698,0x0800cd8,0x0b45c0f,
-        0x1346fef,0x0b704a4,0x0b20b6b,0x12a5614,0x02172a8,0x159b133,
-        0x1c85fad,0x1963115,0x002c9af },
-      { 0x064c5b5,0x0ea3b4d,0x1f874ee,0x1c89899,0x00d8d5d,0x036dffd,
-        0x163bc47,0x1daac10,0x141c14a,0x10ecbc7,0x1fa1533,0x1ce46bd,
-        0x1d251f9,0x023a2ba,0x1430530,0x13807f3,0x18ebda8,0x0069641,
-        0x1b32770,0x1e08166,0x016fa25 } },
-    /* 55 */
-    { { 0x0ad682d,0x0cef54e,0x0e46c8f,0x068c6d2,0x07acb1b,0x07926bc,
-        0x0662170,0x19d3eb8,0x1d41883,0x1fb17e3,0x15791b7,0x13bea6a,
-        0x05d1ab2,0x048e6d0,0x06c72ca,0x067daad,0x1c452c6,0x06d8a6d,
-        0x08d150a,0x1770d85,0x01941ac },
-      { 0x0db8127,0x1386412,0x1d6f61a,0x1e836f9,0x04a6563,0x046cda4,
-        0x16afae4,0x0151b09,0x1899c26,0x1755731,0x0da55ea,0x1656888,
-        0x0d13ed6,0x0854964,0x1253e67,0x1972e77,0x02bd04b,0x1cbc797,
-        0x05a9597,0x0711dee,0x007456a } },
-    /* 56 */
-    { { 0x0fc1f77,0x16ff24b,0x15a9820,0x1e268f5,0x104c435,0x15f22bd,
-        0x0537097,0x155e84d,0x1b6f764,0x050b834,0x00f6859,0x07aa09b,
-        0x10e0387,0x1064119,0x0e76d4b,0x1367d61,0x14ed423,0x14c4359,
-        0x0620536,0x10fe54b,0x016a765 },
-      { 0x1c71a5d,0x07c7475,0x08cda46,0x050a80a,0x09141a4,0x0165e62,
-        0x0273306,0x14fac7e,0x1e09057,0x17f2ce9,0x0763ad2,0x161bc47,
-        0x12e633d,0x1eca4a5,0x12160b7,0x1fac375,0x0414704,0x0c5c8ad,
-        0x13abbf6,0x0cd53bf,0x010ee08 } },
-    /* 57 */
-    { { 0x0e07a4d,0x0623829,0x1740ad4,0x11cbae8,0x1f6d38b,0x1789133,
-        0x111f386,0x1ef6829,0x139c505,0x1f25a25,0x1ce6f80,0x0f2b0de,
-        0x1c59f3d,0x13e178d,0x066f29f,0x1f5a994,0x01ec063,0x18e28e0,
-        0x1d0a2be,0x126f4af,0x0080da3 },
-      { 0x02369fa,0x0654e88,0x18d7a76,0x16e0d81,0x0009bff,0x1aaec07,
-        0x0669e5a,0x0985c14,0x0ac0d09,0x107216f,0x1061eb6,0x058af0f,
-        0x166c1be,0x0e7d025,0x12b8b32,0x0e680da,0x0607657,0x0ad8675,
-        0x1f258a1,0x04a48b8,0x00d82d5 } },
-    /* 58 */
-    { { 0x093de69,0x191c657,0x1a6db72,0x0677fb5,0x0963c83,0x1bcc1b2,
-        0x07d37a2,0x15c6790,0x0ae8bf8,0x09d1122,0x1aeb338,0x0f0c987,
-        0x160bc6e,0x0aad2d6,0x0de94f1,0x128b350,0x135bc7e,0x0c3aec6,
-        0x07d1bf3,0x00aa69f,0x001fb37 },
-      { 0x1b974a1,0x093863f,0x1205e3a,0x01d3da4,0x03448fa,0x1ffdea1,
-        0x1b0f592,0x078282c,0x1d79f4b,0x02d5221,0x1cca828,0x09e2773,
-        0x1ed855a,0x164811a,0x1af3e36,0x0569097,0x1878db5,0x0b2c24c,
-        0x1234274,0x1ab3e3c,0x0183aa4 } },
-    /* 59 */
-    { { 0x1ffad9f,0x02ebaed,0x03f3b96,0x09e833b,0x04df617,0x0349a2b,
-        0x0fd679b,0x018dee7,0x183d59b,0x003c9e8,0x122542e,0x1f87253,
-        0x0b6baf4,0x14cb15d,0x1116a54,0x024e77a,0x145eaa9,0x1a95b0c,
-        0x1471e16,0x19bffe7,0x01be4fc },
-      { 0x0b2857f,0x1c26cbe,0x0fd0170,0x100d6f5,0x0cf8305,0x1673592,
-        0x1745d0e,0x16dea51,0x0bc43d6,0x03dc7d1,0x1592e4b,0x117e29c,
-        0x1a8f0e2,0x095cf80,0x1a6f1cf,0x107cc36,0x1403dd3,0x1d5c5f5,
-        0x1e4651a,0x1d418b2,0x00aeacc } },
-    /* 60 */
-    { { 0x163c2de,0x05d7700,0x029269a,0x17d64ed,0x042d0b2,0x0d73b3e,
-        0x1c493ff,0x086ad0d,0x10aaca9,0x136d2ea,0x02473e4,0x099dc02,
-        0x0d699c3,0x09925f6,0x0951501,0x141527a,0x0f14193,0x08db5ac,
-        0x1847327,0x0924bda,0x014ff14 },
-      { 0x1ed9259,0x0d30660,0x09fdfd8,0x065e3ab,0x1be37aa,0x177a188,
-        0x1c4f41e,0x1740708,0x14e6fa7,0x0f99ea4,0x0dcc326,0x182d17a,
-        0x1c43928,0x0dcaabe,0x13e333d,0x17dcae7,0x060d1a2,0x005e36a,
-        0x0ec5584,0x1a32870,0x014527c } },
-    /* 61 */
-    { { 0x027af4e,0x1289a9a,0x0df52f9,0x02621b2,0x0e6c0bb,0x1338e19,
-        0x09dab2a,0x0ed7b1d,0x0d3a9c3,0x0bd9fea,0x1c26aa7,0x10c68e2,
-        0x00124ce,0x00c028e,0x1739074,0x1dc3844,0x04ff9e8,0x02a4494,
-        0x0d713b2,0x105392a,0x013d22d },
-      { 0x1b15e02,0x0f6ced0,0x01a1ac0,0x18603cb,0x1d092ba,0x1209ad8,
-        0x0860d5d,0x1497f4f,0x16f7159,0x0772cdb,0x0434370,0x00a2301,
-        0x169171a,0x1c0290c,0x054c6ee,0x0f208b8,0x0fc2092,0x0ba0498,
-        0x18cdda1,0x169198e,0x0008963 } },
-    /* 62 */
-    { { 0x0aaaed5,0x05b107a,0x1ba03fa,0x1bfd0e3,0x1068de7,0x1fe5a58,
-        0x00c3ffa,0x0b65644,0x1c3a215,0x06fdf73,0x06e0175,0x15184ed,
-        0x10a7a26,0x169cf57,0x1f79dc1,0x1e0646e,0x047f615,0x0f8d492,
-        0x0b66dcc,0x1035088,0x012aa1b },
-      { 0x1152e8f,0x133e858,0x0530a67,0x0f256bc,0x0e773d9,0x05abd11,
-        0x041cfc7,0x145c1b0,0x0bf1da4,0x1d7854e,0x0d12680,0x0c1d845,
-        0x1d169b1,0x0e96be8,0x0b06b23,0x11dc970,0x0a6bfc9,0x0ba8456,
-        0x0f2fa85,0x124881c,0x0150549 } },
-    /* 63 */
-    { { 0x13a4602,0x0250550,0x1839c00,0x07a1a58,0x105c71a,0x0bcde2a,
-        0x0918e9b,0x1e949fc,0x0d54d9d,0x03c759d,0x0f1ee3a,0x120ee7a,
-        0x057ecca,0x122767d,0x0eec9e0,0x1a2f2b6,0x01fb124,0x045187b,
-        0x1d8cabc,0x1ca0029,0x01155b7 },
-      { 0x0f0021a,0x017664f,0x07518b1,0x0ff0ad9,0x18017fd,0x123c5e2,
-        0x10ee0b9,0x1b621c4,0x11505a4,0x183a334,0x1fba96b,0x143899a,
-        0x0ad9bb0,0x0a95768,0x0e8e68b,0x1e13bd1,0x09ab549,0x003a3a2,
-        0x195fe99,0x11ef7b3,0x013fd5c } },
-    /* 64 */
-    { { 0x053c22b,0x0673dad,0x11a86f6,0x1af9568,0x18733fc,0x1659ca3,
-        0x0938922,0x01f8899,0x0a38c79,0x0c4458f,0x0d08dea,0x0dd62b8,
-        0x0336afb,0x1db8103,0x04ee2a3,0x011f572,0x0c59175,0x19a5bbe,
-        0x0791cca,0x03af4ff,0x0050a93 },
-      { 0x0d21d18,0x121482b,0x0286a42,0x0eab682,0x0266630,0x053582c,
-        0x12a2e25,0x0b968d0,0x1828cf7,0x10d6f31,0x1c0a8e2,0x10b424e,
-        0x094fb2f,0x16fbdb8,0x1fdf416,0x03b6d07,0x092a68d,0x00e9fad,
-        0x024f357,0x19c3b78,0x00f5243 } },
-    /* 65 */
-    { { 0x17d7891,0x0c1e1e9,0x1b2a3f0,0x13fb0cb,0x17b5014,0x10c2208,
-        0x10f5a3c,0x0b01edc,0x15a07f6,0x1a8f612,0x00c80ab,0x0d975a6,
-        0x158fe5a,0x0833b77,0x179a3cc,0x000192b,0x11fca4e,0x03a8471,
-        0x1dcd495,0x1cb52ae,0x0159783 },
-      { 0x0537ad9,0x0dab897,0x13def07,0x1a6b7d3,0x1e87112,0x1fcde5a,
-        0x0ad2355,0x18f76a4,0x0a8b3cb,0x17fbc48,0x136d707,0x1c23cbd,
-        0x0d4f306,0x19c3f3f,0x16a0e48,0x03c7a61,0x0f47232,0x026c8fe,
-        0x104a99f,0x0f76c5c,0x009f848 } },
-    /* 66 */
-    { { 0x0b8e08e,0x0fc07c6,0x1b5a1bd,0x02492df,0x1cfd2c4,0x1bee6fb,
-        0x0dd0d82,0x0be00c3,0x157f4d0,0x0dd7fef,0x0187c93,0x18548b0,
-        0x04b1993,0x0ef4ca6,0x1b2a342,0x1c0c4d8,0x04d2747,0x077b869,
-        0x066572f,0x0ba9c77,0x00ffd4e },
-      { 0x0f40077,0x0f122e3,0x1418c5c,0x0a0e47c,0x1592e04,0x15fec40,
-        0x1bdf9a9,0x1c06b90,0x16d9d9c,0x104ace8,0x15dc32e,0x1fd07d6,
-        0x1d2e7f8,0x0206b1e,0x1ac2207,0x08832b1,0x1daeb9e,0x0ab199d,
-        0x0bf47d3,0x072fbe7,0x0034fb0 } },
-    /* 67 */
-    { { 0x158815c,0x0702f59,0x1f65ee1,0x09c8210,0x1abcb2d,0x182ebd1,
-        0x162241f,0x0390f4e,0x17a9d48,0x083bc6a,0x1932f4d,0x1ff085a,
-        0x1e9d34c,0x067944f,0x167356b,0x058dc10,0x191dd2b,0x141b96a,
-        0x02d02d8,0x1a905c3,0x006bc06 },
-      { 0x04ed375,0x14ad06d,0x0bab441,0x10531b5,0x11baf58,0x1b84962,
-        0x086d3d2,0x06b6051,0x07a335b,0x15c3ed7,0x1fbf622,0x06c40ac,
-        0x14a7359,0x199061b,0x127f040,0x11660f4,0x0c4a355,0x1b9bd65,
-        0x103f3a6,0x0d2d469,0x001ed30 } },
-    /* 68 */
-    { { 0x13902fe,0x085585e,0x0ecf655,0x170d53a,0x1bba4b4,0x0e561bc,
-        0x182a65d,0x1b874b3,0x1333605,0x02f4398,0x10b1601,0x118435f,
-        0x11f2c59,0x177ce5f,0x1fe35bf,0x0788503,0x1d09bf8,0x0c15f6a,
-        0x0a04c75,0x1b3ab6a,0x01579d1 },
-      { 0x119258e,0x0d182aa,0x0aa1a1f,0x1204fbc,0x13f539f,0x11186b3,
-        0x05d1f5a,0x108d3f5,0x15f5d16,0x18d7591,0x1907d6a,0x128ebef,
-        0x135bbfe,0x0b53ff5,0x151aaec,0x0a30f7a,0x0e8e16d,0x0957dea,
-        0x13254f7,0x0f7c277,0x0160743 } },
-    /* 69 */
-    { { 0x09755a3,0x0b2d4f7,0x0ac557c,0x1570593,0x0c8d5a1,0x15cbf30,
-        0x1916aad,0x0e2cb43,0x0ab05e2,0x00266d8,0x020c3cc,0x16a4db6,
-        0x0b9e0c3,0x1ad65ef,0x187b069,0x1093155,0x084761e,0x1209ea2,
-        0x06e718b,0x1c13776,0x01e9589 },
-      { 0x072258d,0x09040ce,0x0f519d4,0x08b82b2,0x01dcd73,0x008fedb,
-        0x1e9ee47,0x11cd8c4,0x1885790,0x0e9f4df,0x0f1a3b4,0x0dfca61,
-        0x1f9aac0,0x15ada27,0x1705aed,0x1dbaa24,0x1b6db90,0x01c4305,
-        0x0efb6d7,0x1d1611f,0x01aa96f } },
-    /* 70 */
-    { { 0x057c0f8,0x12eec79,0x0364c8e,0x05ba742,0x0884dc9,0x1c6701a,
-        0x1e73aee,0x15207e6,0x1a47262,0x10bd6a9,0x01b1b58,0x002ea5c,
-        0x0da1df2,0x0192146,0x0dc8f83,0x18c59eb,0x0892c30,0x00f2e9c,
-        0x1dfe0b3,0x121e3e8,0x01fdd9a },
-      { 0x163ab59,0x093dd0b,0x0fa60c3,0x1ce46f0,0x0f27d93,0x0cb4556,
-        0x0099251,0x1ab02ab,0x01700d5,0x1928d19,0x11b67d8,0x1ce6062,
-        0x12cf6bb,0x132df87,0x173d157,0x047f6d9,0x0ce6323,0x0405500,
-        0x05a91d1,0x13cc59b,0x01496e4 } },
-    /* 71 */
-    { { 0x0574c09,0x185bf20,0x1a5afbf,0x067fd01,0x176f264,0x11bec8d,
-        0x14d4bac,0x0041677,0x17edc31,0x006315b,0x08db70f,0x1296849,
-        0x1ef9893,0x1e3621a,0x1a99309,0x1a0edd3,0x1c4e388,0x196fe10,
-        0x139a792,0x10a5ed4,0x0139cc3 },
-      { 0x1096b91,0x051ffdd,0x10f948e,0x0ae7b1a,0x0e72c9e,0x0bbaac7,
-        0x16c4631,0x169822d,0x0dc47d4,0x07644e9,0x06557d5,0x1a6a85c,
-        0x1c2006d,0x1a1ba3a,0x12bb5a9,0x1208200,0x12a2bee,0x0e0eee1,
-        0x164ccb2,0x082f45d,0x01fb597 } },
-    /* 72 */
-    { { 0x19bae66,0x18cc0c2,0x106cf03,0x0308baf,0x0b48e9b,0x151e0f5,
-        0x0700d14,0x0738d9d,0x0ff8103,0x1c25006,0x035bf88,0x1c22bf3,
-        0x1bcd7ed,0x1c506ea,0x08038f4,0x0380def,0x08a3c7e,0x1ab6eca,
-        0x194e987,0x034fa31,0x00d09d2 },
-      { 0x00eb3fb,0x1edd7c4,0x1f27e73,0x0ebd07e,0x04cfd29,0x053a5a3,
-        0x1f5be8a,0x006c374,0x1dfb13e,0x01006af,0x0984a2e,0x1e96465,
-        0x0e03bc8,0x00d46c3,0x1ee4b0a,0x0dd4fa3,0x1ae706d,0x13433af,
-        0x1eac630,0x10c115d,0x011d9b0 } },
-    /* 73 */
-    { { 0x1d2f539,0x1b0a35d,0x0e885f3,0x00edc4d,0x16052fc,0x1f2533c,
-        0x0746352,0x1506d04,0x09f3f39,0x1c11a11,0x1e1cea3,0x0d72867,
-        0x0868b84,0x18b7a2b,0x074fcd9,0x0eea0f4,0x0282fd4,0x16fb01f,
-        0x05d7889,0x16058ad,0x000377c },
-      { 0x001dd59,0x0d6e9c6,0x0debc9d,0x1d73834,0x1c213a9,0x1e2a01c,
-        0x1441137,0x10cd215,0x007ee0d,0x0177103,0x1f10388,0x1d2acc3,
-        0x16896ed,0x085817a,0x135ce63,0x03448d6,0x191e5af,0x0e65cb4,
-        0x04fdc49,0x05035f8,0x009fd5c } },
-    /* 74 */
-    { { 0x1073a5a,0x062a5eb,0x11f7216,0x190c3d5,0x07c81a5,0x10100d4,
-        0x128e79c,0x19ca3f0,0x040e003,0x0954fc7,0x06677a5,0x0956b1e,
-        0x0b76bdc,0x0ab6601,0x1c48c8b,0x0c5e639,0x06383f1,0x0db31a7,
-        0x1e5a784,0x002fdd1,0x016984c },
-      { 0x089f1fa,0x019b12e,0x01e3c7d,0x016d2f6,0x0a02a63,0x02dbfa2,
-        0x079712c,0x1986662,0x14fede4,0x1e65728,0x096a929,0x10e8960,
-        0x0d0d26e,0x1c26dbd,0x16ddeef,0x183fcfa,0x0a8f571,0x01cf78d,
-        0x0633348,0x1752508,0x018d65e } },
-    /* 75 */
-    { { 0x0bb2537,0x03355c5,0x05be8de,0x16cb661,0x14ac4cb,0x0145698,
-        0x09fb4a9,0x12d04ff,0x010e9e1,0x0e8cfb1,0x006d3a5,0x0f41130,
-        0x0331eb9,0x15745c1,0x19de98a,0x12c8555,0x02a5f5c,0x04b49eb,
-        0x18da2e1,0x17fd2e7,0x00adff5 },
-      { 0x12b0dee,0x1d710a4,0x0b3a8fb,0x1d2c058,0x0143e9e,0x1dccf29,
-        0x1f265bc,0x0b2426c,0x0e93b8f,0x0bc5958,0x1304fb7,0x187020c,
-        0x1a8d541,0x1ab9c73,0x0e5c36b,0x16349cd,0x0168373,0x1d7b766,
-        0x12b8823,0x147e9ee,0x0180dbf } },
-    /* 76 */
-    { { 0x07a6aa0,0x0310d48,0x07dac09,0x1080f0f,0x0f56cb6,0x14549a7,
-        0x02da205,0x0908987,0x19b9a90,0x06b1c69,0x107c81c,0x154104a,
-        0x106968c,0x0fe445a,0x165c14c,0x0af0818,0x0d5af63,0x1aab26f,
-        0x1352533,0x11318f8,0x0097e7e },
-      { 0x16ebb2f,0x04c6cb5,0x049b877,0x18f553c,0x092a17f,0x1516341,
-        0x03f6fe8,0x0376c1e,0x0b2e185,0x0319386,0x0933fa7,0x04cb039,
-        0x15898db,0x188cace,0x02098e2,0x11a3328,0x08ea54b,0x0722798,
-        0x1398c25,0x133d708,0x00d6963 } },
-    /* 77 */
-    { { 0x03769ee,0x079b15c,0x12cfe80,0x187df89,0x12d040a,0x15eb43b,
-        0x0e2255e,0x0518726,0x1940a71,0x1132212,0x10a8c58,0x191fd84,
-        0x11909c4,0x12d0d2a,0x1923c79,0x042e5a3,0x0f1049c,0x0345eb8,
-        0x026dff5,0x125a56e,0x0041c86 },
-      { 0x1816784,0x04550ef,0x173938e,0x0a037ce,0x0a58c8a,0x133c092,
-        0x17fec0a,0x1c13693,0x0eda721,0x1994cf0,0x0997b29,0x03ebccf,
-        0x168a0bd,0x02b638d,0x07a47a2,0x15461b0,0x0f4c005,0x11bd771,
-        0x1656efc,0x000ea00,0x0073d94 } },
-    /* 78 */
-    { { 0x10c0ef3,0x1562500,0x0682a44,0x109d036,0x0e654bd,0x1a9a848,
-        0x18f713c,0x1351e0a,0x1b47d18,0x06e20f9,0x0302704,0x1a0de47,
-        0x07122ed,0x020d67b,0x1305abf,0x10a4044,0x1348375,0x18e65c9,
-        0x09d6b9b,0x16be524,0x01271a4 },
-      { 0x0e688b5,0x1ea399e,0x1a2de4b,0x0fb9538,0x14566d3,0x0b88e80,
-        0x0c9b950,0x151f9d2,0x03cc341,0x1dd0a77,0x0b047f8,0x0998424,
-        0x156b8ab,0x1ae9bcd,0x1e9d8ef,0x05f2381,0x0aef152,0x0caf169,
-        0x073e569,0x04367a6,0x00acd4e } },
-    /* 79 */
-    { { 0x18e061a,0x1d3bc8e,0x08c1004,0x0159909,0x02707e7,0x17b1b53,
-        0x0099bac,0x13ad581,0x177b25c,0x08bf510,0x1cd73fa,0x177ae1f,
-        0x1eddb78,0x020c4c5,0x0236cac,0x1c88aa0,0x0fcce0a,0x187ac52,
-        0x095f439,0x12472e4,0x0043ed0 },
-      { 0x0e129e6,0x0bbd9f1,0x135cb2b,0x0e1e37c,0x1b8c4a8,0x02b199f,
-        0x037fc80,0x0875dca,0x12a6915,0x0132c60,0x189902f,0x199571f,
-        0x0f95dc0,0x0cb2d05,0x13ad610,0x1b33cd2,0x053edd1,0x1be9dd5,
-        0x087b721,0x0276411,0x00832df } },
-    /* 80 */
-    { { 0x181c3f2,0x09123e8,0x08fffab,0x1de66f6,0x115d35b,0x0483394,
-        0x1f2e9d2,0x143b699,0x1fda7a3,0x07b86c7,0x1d5a1b9,0x0832f24,
-        0x1e226b6,0x17f8fbc,0x010218d,0x149d1d0,0x139cf5f,0x04c7425,
-        0x02827d8,0x1417d3b,0x00da57a },
-      { 0x0fcea66,0x0767aa7,0x1ebb503,0x195f8ed,0x18df2ae,0x0ac2d44,
-        0x0692324,0x14ac7e3,0x113f00a,0x088ded3,0x172e7ec,0x1f56896,
-        0x116687a,0x1293106,0x157ec49,0x06b578d,0x11bbacb,0x157ca9f,
-        0x1e53134,0x0126e1f,0x00ed997 } },
-    /* 81 */
-    { { 0x0b54c89,0x1ab7034,0x108ab27,0x1b9ce6f,0x08ecc17,0x044da98,
-        0x1a0feac,0x036411d,0x1543fbd,0x079d094,0x175c1ac,0x19f1089,
-        0x0d1b204,0x0f61720,0x05d7227,0x1229501,0x1ae9399,0x1845808,
-        0x119d37d,0x1742e0e,0x00176b4 },
-      { 0x1dfc175,0x0b754c7,0x0c31c48,0x06fc1eb,0x17b7fc6,0x199d1a3,
-        0x0a17f3a,0x16f11a0,0x10223ea,0x13cc0a7,0x1b648ad,0x0416a38,
-        0x1d90787,0x0e09fa8,0x1675692,0x0c16ab0,0x10bfaed,0x1734fc2,
-        0x14332ac,0x135088d,0x005c249 } },
-    /* 82 */
-    { { 0x1e7bcf1,0x0c0fdb9,0x1ef9075,0x19ba782,0x16dde61,0x0ccfec8,
-        0x05fb3e8,0x12f8c53,0x1c159db,0x13ac439,0x0ca0c06,0x112cc82,
-        0x184ed77,0x14a1548,0x1cb3a24,0x149772c,0x187816b,0x1f9f722,
-        0x195375f,0x0f42919,0x01234fb },
-      { 0x009be8c,0x0c057f8,0x0e87c17,0x0ef1be3,0x02e938d,0x16f3103,
-        0x0ba10c4,0x1734fc4,0x16070c4,0x0694f3f,0x1768dd2,0x07d7436,
-        0x135cd9c,0x1238ba2,0x146f4be,0x13cce3c,0x0b056ab,0x0ca04c5,
-        0x07df1a8,0x1095789,0x0049bb5 } },
-    /* 83 */
-    { { 0x0a470f7,0x12a980f,0x18c2a7c,0x11d24a9,0x001bf80,0x1001c6d,
-        0x1a7a9c6,0x10e130a,0x15913ca,0x0959770,0x007f6c3,0x0097705,
-        0x0aae170,0x08c72e1,0x171bac0,0x08757b6,0x04c1fa9,0x0d2b563,
-        0x0a4b540,0x1ec8ee3,0x00531aa },
-      { 0x0345730,0x0f7a483,0x1f0a59e,0x1d08de6,0x146aaa4,0x1e1d55c,
-        0x09ac069,0x09df02e,0x08166df,0x1c046d1,0x1370fb2,0x1f849c0,
-        0x14e9fb3,0x1b760cd,0x02d876d,0x1a27d3c,0x05eeed6,0x0373fb3,
-        0x1a9d4e1,0x1b180f0,0x00e570e } },
-    /* 84 */
-    { { 0x08ce13f,0x0b72c08,0x004d991,0x1a1c72f,0x15bfc58,0x1ca4f4d,
-        0x0a12fa8,0x0fa096d,0x075af66,0x14db35e,0x0559afa,0x0db9512,
-        0x1a7cb4d,0x1fb0aca,0x0f3b3c2,0x04a4036,0x13d002e,0x1218963,
-        0x04d697e,0x0ed130c,0x014b81d },
-      { 0x01078ec,0x1de12c2,0x1535011,0x0c2f388,0x15aa9c9,0x08fc7e3,
-        0x0182521,0x03ed42c,0x0ce3409,0x0c6a71f,0x15040a6,0x0e0911c,
-        0x1e9a9f6,0x0ed4562,0x0a03e21,0x046197e,0x0a08fec,0x0e32656,
-        0x0252ddd,0x10c960a,0x002b0ac } },
-    /* 85 */
-    { { 0x15daf7f,0x0371cc7,0x1419ad8,0x122124e,0x0838548,0x02c5392,
-        0x1717023,0x1c7444a,0x0c90f3e,0x19b17e8,0x057c08b,0x15e810f,
-        0x0ac9633,0x0212fad,0x1c42f44,0x1b7f6e2,0x005ec06,0x0e100bf,
-        0x06e2ef3,0x0fb9058,0x01c8d9c },
-      { 0x0b8bed9,0x00fef8c,0x0495f6d,0x11c7446,0x0948330,0x08e25df,
-        0x0779dca,0x15f79f2,0x141448a,0x185cb95,0x16918a6,0x0c67889,
-        0x0295dfc,0x00dfa85,0x0e7118c,0x0626321,0x177869e,0x08c5b37,
-        0x086eab6,0x09c5f42,0x00f5a8a } },
-    /* 86 */
-    { { 0x00251ea,0x0a884e5,0x06c2329,0x164f4d9,0x12aeed8,0x107a947,
-        0x02fad58,0x0ad2035,0x0ae13fc,0x14210f4,0x04f01e6,0x03890b3,
-        0x171349f,0x068d586,0x1820d64,0x1b21253,0x09baeb5,0x1cb7149,
-        0x166699b,0x05e3f1e,0x00ce96c },
-      { 0x0be8bd7,0x025a889,0x066f92f,0x1e78cfd,0x14846a0,0x1d1c327,
-        0x11f4d34,0x103b139,0x073f439,0x1b23889,0x13959c7,0x06484db,
-        0x0bc32bc,0x181584b,0x04d3aff,0x1056fee,0x00b0d06,0x0ab0278,
-        0x0f3a2d6,0x07afd5c,0x011cfd2 } },
-    /* 87 */
-    { { 0x07689a6,0x1236651,0x1cafe25,0x06aac82,0x16a7dc4,0x1e5fe66,
-        0x0923ad5,0x1ca617b,0x15b1adf,0x188fffd,0x162fd26,0x01b6e23,
-        0x1b9f2d8,0x1b872d2,0x1e7f7c2,0x1143bd0,0x1836bd1,0x04ba9a0,
-        0x12ff541,0x0a4d7b1,0x0114c8c },
-      { 0x17388bd,0x1392df7,0x1a9f57f,0x1fcfff5,0x11c3dbd,0x16f1567,
-        0x16e25f9,0x1f6f072,0x09ebf1b,0x0d3964d,0x01451a0,0x0e0ed2f,
-        0x0f65265,0x1a93385,0x097b367,0x0fa9072,0x1d283d5,0x121bde6,
-        0x003b2c0,0x0e654f9,0x01ceb5d } },
-    /* 88 */
-    { { 0x1d376d7,0x0fe6767,0x01369fe,0x1d4cd61,0x0b4eab3,0x1c8dec3,
-        0x0342356,0x1b0d592,0x08aa304,0x11eadbf,0x19a93ea,0x0856ff0,
-        0x0127f3d,0x1dc09d7,0x1467ea2,0x1240d2b,0x0d7e34a,0x0e9c3cc,
-        0x0cb0737,0x1814d34,0x0073df7 },
-      { 0x0315b16,0x000dd9c,0x03e6f8b,0x133c319,0x1daa7c8,0x1b5c298,
-        0x0fed022,0x10347a8,0x068092a,0x0acf246,0x1eab52c,0x1b3d06d,
-        0x1077e93,0x1234cb9,0x1b58d86,0x1c8eda9,0x1f66297,0x12b4e59,
-        0x1e047e9,0x1b0307c,0x0185b69 } },
-    /* 89 */
-    { { 0x19cb764,0x13f59d5,0x15b463c,0x031d783,0x1bbefc2,0x1cd53cd,
-        0x0376c11,0x1ea8eec,0x009e542,0x068b692,0x066e5ad,0x11a378d,
-        0x0ae35c3,0x0646c64,0x0cab896,0x148ba27,0x15267a3,0x042bce0,
-        0x1155301,0x16e6aed,0x00d9773 },
-      { 0x018c299,0x0523981,0x08ce588,0x0733ef1,0x09be29b,0x07a0a7b,
-        0x0802521,0x1a88d09,0x19a2ca4,0x163a49b,0x0deacec,0x0e7cd1b,
-        0x1f09c07,0x09ae1ab,0x007c166,0x1c7e4c3,0x03d8b7d,0x0049898,
-        0x03edb82,0x1ff9a1c,0x0060f3e } },
-    /* 90 */
-    { { 0x05d6530,0x00a5f59,0x103dc8f,0x13352fa,0x1e015b3,0x1bfb112,
-        0x0f12fef,0x1e24138,0x014b4f0,0x1ec62ce,0x1a3b3e0,0x1fbc7ef,
-        0x0fcf002,0x0f58f78,0x14d4f24,0x018c06b,0x0a5201f,0x01ca621,
-        0x0fa3b8d,0x025156f,0x01b5787 },
-      { 0x10110cd,0x1be9d5b,0x06d6824,0x188ef22,0x00fa4ef,0x1d260cf,
-        0x0bd6f14,0x1e58d59,0x138d509,0x0980879,0x0b071af,0x1057ca9,
-        0x1f3ee2a,0x127951d,0x1a99f0f,0x18f7263,0x06ef089,0x1bd2653,
-        0x1288d8b,0x14589e6,0x00b05bd } },
-    /* 91 */
-    { { 0x1f575cd,0x05038e8,0x060ad09,0x034a46e,0x15693b0,0x164ea00,
-        0x0d80a68,0x0c02826,0x19c914a,0x0621a45,0x0cc7054,0x0e7a12b,
-        0x0290245,0x117ea4b,0x05d7f48,0x164eedf,0x086e210,0x1d0b824,
-        0x16ea4de,0x137026d,0x01f6ac2 },
-      { 0x15da491,0x0f7aabb,0x160827b,0x1c56d55,0x05953f9,0x1a06ad9,
-        0x084186e,0x1b0cd2d,0x14d5127,0x1e22988,0x0b418b3,0x195303d,
-        0x032f21d,0x179db89,0x0f93c1e,0x1e41a7e,0x0b89646,0x1896683,
-        0x0443d6e,0x06c6d2d,0x015e241 } },
-    /* 92 */
-    { { 0x0cfc44e,0x027e81f,0x0f54321,0x10a0876,0x0095f2c,0x1e82cd2,
-        0x19f6f26,0x1bf34bf,0x0f65bec,0x1c9947d,0x0587348,0x08e34cf,
-        0x1de3102,0x1ddaefe,0x078e6fe,0x18b75d5,0x0d0133d,0x0c0115b,
-        0x1c4b0de,0x0f5536b,0x0141bed },
-      { 0x194d941,0x1802cfe,0x006025b,0x00fa9fe,0x1c6e9f0,0x0f82f1f,
-        0x1d661de,0x133cc75,0x100483c,0x0207859,0x0661c13,0x1ddee54,
-        0x1104d2f,0x0325253,0x1dced6d,0x0fe3db6,0x10f4936,0x1005b3b,
-        0x0a7ef4a,0x1c06025,0x01694f7 } },
-    /* 93 */
-    { { 0x09095fd,0x0eeb9c5,0x15e837d,0x03a79d0,0x04b7a02,0x16e3b3e,
-        0x1e5af97,0x0112154,0x1180a08,0x124bf7f,0x042aad5,0x1c3ecde,
-        0x06b9856,0x1cc3cbb,0x0a62090,0x00c0262,0x0f73ba8,0x0b0ba46,
-        0x1576a4a,0x120ed8a,0x001207d },
-      { 0x044394d,0x04d008e,0x19142c1,0x0e19c93,0x15f25ef,0x14a132f,
-        0x027c2c5,0x1f03c74,0x0109b33,0x02decff,0x04cb90b,0x087f461,
-        0x1207f2a,0x0367c57,0x1aaff2b,0x0ce44e6,0x004f336,0x056fbfd,
-        0x0a749ac,0x1d25f7f,0x00e02f1 } },
-    /* 94 */
-    { { 0x1be4d4a,0x0725331,0x1246549,0x1acde79,0x1fa57be,0x1d3e668,
-        0x04fe9f9,0x1a7baf9,0x088c5d1,0x07467b5,0x147c79c,0x12f47e4,
-        0x15b2579,0x11aaa67,0x17b163b,0x0e21214,0x0d7065a,0x1346934,
-        0x014227a,0x07a9a41,0x004c7c2 },
-      { 0x152d132,0x12badde,0x13158eb,0x0e71903,0x0fb8daa,0x131dcc8,
-        0x1b94793,0x10e12d4,0x0b239d3,0x0eb59b3,0x127fb54,0x10e94ba,
-        0x1aed5f8,0x01d4603,0x1424765,0x0d5c404,0x05ae468,0x10807c2,
-        0x1ad3bd6,0x0b3ae8f,0x01c21af } },
-    /* 95 */
-    { { 0x1441308,0x1e00f6e,0x02417de,0x090c611,0x0dc3494,0x0b08e68,
-        0x029d1d6,0x0cc55e7,0x14c23ce,0x0d38930,0x0bfb484,0x0f6bf17,
-        0x1937f31,0x0649f03,0x1eee7fd,0x0a59e9d,0x0dd8ecc,0x1440787,
-        0x172760a,0x19ba59b,0x0028480 },
-      { 0x1f807ac,0x0e506e1,0x1527a3c,0x057a0e0,0x0a3e4fc,0x1c5db63,
-        0x0285247,0x19b5a7a,0x13d6dfa,0x1f70e7e,0x11bfef8,0x0372bf6,
-        0x1cee46b,0x1eeae7d,0x01eceb1,0x1d16ea4,0x0d9b1b8,0x16ac060,
-        0x1ef7446,0x0cd3e98,0x008452c } },
-    /* 96 */
-    { { 0x0ace6d5,0x1a3a3e0,0x1eb690a,0x177ce50,0x15acb64,0x1e130a6,
-        0x1226626,0x03de660,0x0ff05c7,0x0bff41b,0x0b11420,0x048da6b,
-        0x1c772eb,0x1bad4e1,0x17f0858,0x1adfafe,0x01acbc0,0x1fdb7cf,
-        0x083a5cc,0x07862ae,0x009a764 },
-      { 0x1845ccf,0x10b5a79,0x16f52c8,0x0121780,0x1c174e8,0x02481bc,
-        0x031d358,0x00cf4aa,0x16358c8,0x0b91050,0x1dedb6f,0x188354c,
-        0x0e838f9,0x1371704,0x0ccb065,0x0db4a6e,0x15e496f,0x0d81943,
-        0x10c18c3,0x04e99f3,0x000c52b } },
-    /* 97 */
-    { { 0x0a58beb,0x173c147,0x0921bb0,0x1a6ccbf,0x0b404c1,0x1a07f81,
-        0x17eb482,0x14aa8da,0x029d3e6,0x1aefbdb,0x006647e,0x08dacd9,
-        0x1ef1868,0x17167f1,0x1a42f79,0x1a2d77c,0x1a01410,0x14bd75c,
-        0x0b323a4,0x102a917,0x00cb59d },
-      { 0x0f66a23,0x0e9d6dd,0x0207641,0x0e81bf6,0x0333738,0x007a196,
-        0x0d7792c,0x07cdaaa,0x007d3a0,0x0bff474,0x0f2a038,0x1fee0cd,
-        0x1529544,0x1d6ffd2,0x10ae5b2,0x0dd48c1,0x19445a2,0x04f80c6,
-        0x128d3ff,0x0702ce4,0x011ed54 } },
-    /* 98 */
-    { { 0x17f8a61,0x039fdde,0x02ed8aa,0x0377cb0,0x1e18cd7,0x1fb4c02,
-        0x07acd99,0x181fab9,0x1571d3d,0x1c6a7b0,0x1e6f22a,0x042af07,
-        0x14e2e45,0x121cc58,0x10ddd2c,0x0236a6d,0x16374d8,0x196da51,
-        0x17af8f0,0x1e252e5,0x01389f7 },
-      { 0x18fefb2,0x1f90e3c,0x09caee5,0x0a20f75,0x1c76fcb,0x0ddab44,
-        0x1dd83eb,0x18a25f7,0x1d33ea6,0x13245f3,0x04d2946,0x132646c,
-        0x1b412a2,0x04c2c49,0x0f605a6,0x15b4894,0x18f3e66,0x1b0a24a,
-        0x1a1ed15,0x1f8f36e,0x0140b4d } },
-    /* 99 */
-    { { 0x0be5bb9,0x0a2b83d,0x06fa0ec,0x11ca3b0,0x0e0cbfd,0x013d7fd,
-        0x17d2726,0x0a841b5,0x0a687b5,0x1d392a4,0x105ccf0,0x07f7dd6,
-        0x0308026,0x09c13e3,0x053f70f,0x16e1ce0,0x184b5e3,0x03e80c7,
-        0x0f3dc5a,0x107c01f,0x00151d4 },
-      { 0x1578aa3,0x11e3e35,0x16b8553,0x0ba6087,0x111ce9b,0x004080a,
-        0x07a6ed8,0x0deabf1,0x0f405ac,0x1618889,0x02b1ed3,0x09b0401,
-        0x067e66a,0x12e297d,0x10034e4,0x185d6e7,0x1988aca,0x1f70dcc,
-        0x02d5d14,0x063b2ac,0x008fdfa } },
-    /* 100 */
-    { { 0x11cf8d8,0x0507012,0x0f4b31d,0x1a083e5,0x14d8949,0x15e7296,
-        0x12924cf,0x15c16e6,0x15c5bcd,0x0d62fa8,0x002e4f8,0x1f982c4,
-        0x0ed3ecd,0x13c9b9b,0x01a899a,0x0d2804a,0x08bea6e,0x0ac2d0e,
-        0x0643e4d,0x19baa72,0x000e081 },
-      { 0x1e28412,0x1ccab29,0x192c157,0x05b64e2,0x0d1526f,0x19d6e38,
-        0x097ac77,0x1bb9aac,0x0dd35de,0x16229e5,0x03ff8b4,0x1093507,
-        0x09ed442,0x0e0672c,0x08304dd,0x16c135a,0x081bd99,0x196afdd,
-        0x08bbec1,0x083b98c,0x01ad5be } },
-    /* 101 */
-    { { 0x1850756,0x17b33c7,0x165d58e,0x1ca5e76,0x06d37aa,0x14217ac,
-        0x0294de5,0x12e21a7,0x1f743f9,0x0d57ccf,0x06a2eb3,0x0bcb27e,
-        0x192fa75,0x004fbe6,0x1c13855,0x0ca1635,0x00ad6d0,0x131dfcd,
-        0x16aff66,0x039d5aa,0x000e67b },
-      { 0x1f43178,0x054705a,0x0cccd98,0x1b3986b,0x16bd412,0x07b4042,
-        0x1e98e20,0x0e27af7,0x02e622c,0x19b96b3,0x009115f,0x17cedff,
-        0x11ad7b7,0x06d8272,0x0af7a02,0x0b91a1e,0x1fe4bd1,0x170f3c0,
-        0x03940bc,0x0eb7f77,0x01941f4 } },
-    /* 102 */
-    { { 0x03543ec,0x015fceb,0x1cf9e52,0x19422fd,0x185cb67,0x066631c,
-        0x018e058,0x03d158a,0x1729bdc,0x0b65f6a,0x1a1b7d5,0x12fb444,
-        0x1cd62ed,0x040f5bb,0x0932d7f,0x05db362,0x16672fa,0x126bda7,
-        0x00cd6e5,0x05354ef,0x017260b },
-      { 0x03df7c6,0x1e3db52,0x01b086f,0x077840e,0x05acac2,0x0ecac04,
-        0x0def0d1,0x179d6de,0x0a32a08,0x0c79069,0x14f17a7,0x09eda32,
-        0x10f0892,0x027b406,0x0975f1b,0x12258fa,0x0372de9,0x0327351,
-        0x0b39913,0x180d88a,0x00ebda1 } },
-    /* 103 */
-    { { 0x11dd110,0x1be2e20,0x1128999,0x1459323,0x0d6787a,0x0b336b0,
-        0x1a90691,0x02aa77c,0x0c15f9f,0x1f38b55,0x131ec9c,0x0c7e1c1,
-        0x10a93b8,0x1531255,0x015c45c,0x184c148,0x16e1a39,0x072f3b2,
-        0x1bdbc4c,0x1af16a5,0x0046af8 },
-      { 0x0f38dff,0x10a58b8,0x0415e58,0x1024742,0x1e35d82,0x1f6c091,
-        0x1135255,0x0c208d4,0x00da601,0x0c7d4dd,0x01104d8,0x054aa9f,
-        0x0be7cdd,0x0cf54ad,0x10958f8,0x06169e3,0x014cb2a,0x0e222cf,
-        0x07fe6aa,0x115bacc,0x0183c74 } },
-    /* 104 */
-    { { 0x1e58caf,0x00f9cce,0x0990ca6,0x1b0ea7d,0x05bb80f,0x08ca430,
-        0x07c90b4,0x015907f,0x003eeb0,0x0486783,0x0f5e73d,0x04a2f8e,
-        0x1b4037f,0x1926a30,0x10827f5,0x0419f08,0x0d22724,0x13581fb,
-        0x0d0e3e8,0x17a53d6,0x01526f4 },
-      { 0x189e51c,0x081a561,0x063a593,0x12db6fb,0x0cda55e,0x09e2c1d,
-        0x05f7ba4,0x081655d,0x1feb034,0x1c983bd,0x1878a41,0x06f13a8,
-        0x1eaa16e,0x021dfc5,0x099d4cc,0x1187f61,0x042ba7d,0x04eba4d,
-        0x0ee4977,0x03cdacd,0x00ec7c4 } },
-    /* 105 */
-    { { 0x1da8398,0x19a2ee2,0x10c0ba6,0x1f76718,0x1c66841,0x1dda3d5,
-        0x11589f0,0x1bb9c75,0x1738d2c,0x1df5895,0x0c46163,0x15aed0e,
-        0x14d4bc2,0x1dea7a7,0x0876c72,0x0361d2a,0x0aefe4e,0x1153486,
-        0x0ffaf8f,0x042bd6f,0x0194375 },
-      { 0x0dfd661,0x11a7897,0x07d132c,0x1ddaa58,0x0149984,0x1c7cc60,
-        0x1c98363,0x12065a4,0x07be385,0x13b7272,0x02d9cbf,0x0e7b2bd,
-        0x0254358,0x1958074,0x1b0e5ff,0x03d7122,0x105bad6,0x11dcdfb,
-        0x184c6ef,0x1203055,0x00007ee } },
-    /* 106 */
-    { { 0x1fbcb5c,0x1f54f49,0x0a6f4db,0x073f50a,0x182be58,0x108dd01,
-        0x0c497f5,0x06e1648,0x1cd8a26,0x0cd71bf,0x151c129,0x0c1c7b1,
-        0x19ab78c,0x02620db,0x0b090f5,0x1398a37,0x1eaeda4,0x1e2000f,
-        0x0f71fa7,0x1d48950,0x00f6988 },
-      { 0x077f79e,0x0655278,0x0435364,0x03b3c4b,0x14d1760,0x0da5bbf,
-        0x0eecf48,0x16c23bd,0x09037e1,0x18d9fb0,0x0fb3c00,0x1b0426b,
-        0x1af113e,0x19481ee,0x1004de7,0x1252ded,0x1caa6f1,0x09b5ef3,
-        0x16eeb61,0x076d093,0x006c57d } },
-    /* 107 */
-    { { 0x0bfccb0,0x1f71c4d,0x198e58f,0x0972ced,0x0c6e2a2,0x1d3693b,
-        0x03c0a12,0x1a3f0ed,0x0465853,0x1c5d1dd,0x0ae6db0,0x06da371,
-        0x116e3ab,0x03d0399,0x1f25d09,0x07e6403,0x1182523,0x17eea0b,
-        0x118779e,0x19f5035,0x00214da },
-      { 0x0a3198c,0x14f9bf5,0x0754d96,0x0bf9173,0x0be8a34,0x1af65e6,
-        0x1c4ab53,0x029484f,0x00c2375,0x020ffb0,0x09ec17a,0x18b4514,
-        0x135d9e8,0x1142cff,0x0ddd111,0x1bc6e5a,0x0ffea8b,0x00e0230,
-        0x073d6fe,0x1c93425,0x01810a0 } },
-    /* 108 */
-    { { 0x1843c3e,0x101d7a2,0x0b9da20,0x07557d7,0x0601e30,0x06fb15a,
-        0x023cd89,0x15072f6,0x0d21e5a,0x1439a45,0x10ac395,0x18e7344,
-        0x0d2cf12,0x1953b63,0x123b404,0x0a34590,0x1c2f527,0x0db9550,
-        0x0b00b41,0x052d872,0x00f3b63 },
-      { 0x0f3d1f0,0x1a156e3,0x0e53392,0x065ea65,0x0f0dcc5,0x021ece1,
-        0x0ccd60d,0x196af02,0x0dc8dd9,0x0808c77,0x1c64bed,0x034bdd0,
-        0x023039e,0x0aba0ce,0x1dc99f5,0x0d61932,0x04c30f9,0x123177d,
-        0x134f0d6,0x1f6f2c7,0x01f7454 } },
-    /* 109 */
-    { { 0x1153926,0x140ca4e,0x152043c,0x03056ae,0x02e28c9,0x0f4a64a,
-        0x0ecc142,0x0ae9684,0x0de9d6b,0x0d66295,0x128c531,0x1873167,
-        0x05aa746,0x031eade,0x13a8c1f,0x193121e,0x1a2e1cc,0x0212aa9,
-        0x1db6465,0x03317fe,0x008e271 },
-      { 0x08e672b,0x007231e,0x109f1e4,0x1a7e5bf,0x103675c,0x10b1e4b,
-        0x147debc,0x160e092,0x07aceaa,0x06b4c84,0x148da5d,0x0352fd1,
-        0x15482f2,0x009ee08,0x1ef0772,0x19a27b9,0x08004f6,0x106715e,
-        0x0afebfc,0x08cc590,0x003f2a5 } },
-    /* 110 */
-    { { 0x188a8bc,0x1a0f30a,0x0b2c373,0x1c4218a,0x0f48cd0,0x073d22b,
-        0x18af5d6,0x0ae670a,0x148b9b9,0x1006aa5,0x026e785,0x10174d7,
-        0x0f461df,0x04c6641,0x1f53c5c,0x0e28fef,0x1cd1497,0x08b3f80,
-        0x045b17e,0x070a22c,0x0048b13 },
-      { 0x12617f0,0x1b199ae,0x181b7ad,0x04dd970,0x1f9a577,0x08fe749,
-        0x00cb46e,0x12f5278,0x16c84b9,0x1d21c45,0x1296fbd,0x044b047,
-        0x0bbfe80,0x1ad197b,0x06700a0,0x0b8b0de,0x1ade3cb,0x0f9366a,
-        0x1430776,0x1bb8eed,0x01e77f5 } },
-    /* 111 */
-    { { 0x0e764c9,0x1f76437,0x0b30f27,0x0d60f90,0x11bec83,0x02d8a16,
-        0x0cb9a80,0x1d4d7e3,0x129e8a5,0x077a8d1,0x189071c,0x131c7ff,
-        0x08517d2,0x194b361,0x0e278a1,0x198ed76,0x0a92c7a,0x09d16d4,
-        0x0ca886d,0x19224ce,0x004a902 },
-      { 0x17ce110,0x08dce47,0x1bc65b1,0x0f5d606,0x1cc33a8,0x152cf16,
-        0x1426029,0x00104d2,0x1e78db5,0x1579353,0x0ec0c33,0x070992b,
-        0x0282f3c,0x126217a,0x15ba7dc,0x09414db,0x02970ac,0x03b46ef,
-        0x0f48bbf,0x1b9c960,0x016f4ae } },
-    /* 112 */
-    { { 0x1ed03c0,0x1819576,0x15341df,0x04b11bb,0x0684a05,0x02df079,
-        0x0f13e6a,0x176da13,0x1e0b9b6,0x0ed063f,0x0d621ef,0x18fde5f,
-        0x1e19689,0x161e673,0x0a5a583,0x055cbf1,0x1d5768d,0x15821ec,
-        0x0c84866,0x101037b,0x006829c },
-      { 0x059f006,0x0397d6f,0x1d69afe,0x0d972fd,0x02b9ffc,0x173f7c6,
-        0x0576d62,0x03e6e32,0x1f4ccaa,0x1711e50,0x09f3130,0x0c1d138,
-        0x061af8c,0x0435ee6,0x1975f9f,0x1bc87dd,0x07f9bd8,0x1c912da,
-        0x0c93c22,0x0fe8c69,0x00b453e } },
-    /* 113 */
-    { { 0x1048bda,0x04b6871,0x1939531,0x128787b,0x02b6749,0x16a84f7,
-        0x127dd30,0x1135840,0x0543c50,0x00fb48f,0x08d96ec,0x014620b,
-        0x09cd996,0x1c58b82,0x164fff9,0x128ce69,0x1b3f82c,0x0814fcc,
-        0x05869d5,0x18bd440,0x0091785 },
-      { 0x13dbdb6,0x0fcbc4a,0x067ed15,0x132fd94,0x0a9e84d,0x0a6bad7,
-        0x140a4db,0x1f48e77,0x0c15276,0x0e0be54,0x1d8d5aa,0x02668f8,
-        0x129cf66,0x01cb9c6,0x1a0d82c,0x06c1294,0x0a86973,0x0e9f218,
-        0x0ac9fc8,0x0a65bdc,0x01b40ae } },
-    /* 114 */
-    { { 0x164cb8b,0x0874128,0x19f5a04,0x1e4aa54,0x0979af4,0x0c2a93b,
-        0x1b43a34,0x189c21a,0x1fb64ea,0x1b62bc3,0x09164b3,0x0c77588,
-        0x1084081,0x1e706c0,0x03ffcdf,0x182b8bb,0x049da84,0x0c59427,
-        0x0998fb2,0x00aace6,0x0010ed8 },
-      { 0x1f3ee9e,0x1a01828,0x1c7841b,0x136715b,0x0e8e3ee,0x1eb2249,
-        0x1e9ba84,0x163a790,0x180e1ab,0x1da4fa2,0x15ca609,0x02f217f,
-        0x1fc283d,0x17e3d1a,0x1943e96,0x15a9f1f,0x145ade3,0x13b9ed2,
-        0x068877c,0x1f55c9b,0x01f878b } },
-    /* 115 */
-    { { 0x1ad5678,0x06c7455,0x096eb98,0x1dcc018,0x0afa72c,0x1447108,
-        0x182d130,0x13f73a9,0x0d254cf,0x0223fbb,0x18ae959,0x17892b3,
-        0x0c1fb36,0x14b0899,0x0f1135c,0x01e3272,0x01ffc14,0x06bd444,
-        0x1425992,0x10c2511,0x009127a },
-      { 0x09e690c,0x16010c5,0x0856d4d,0x03d569f,0x05dcc52,0x0772a64,
-        0x1108ec0,0x090135e,0x1af3a8e,0x1bc9a92,0x0c7616c,0x06116ee,
-        0x15e1f36,0x0a0e7da,0x0d875e0,0x08a536a,0x09eeffc,0x07520f9,
-        0x1df498d,0x0eab633,0x00e8cf5 } },
-    /* 116 */
-    { { 0x012b398,0x0dc06e9,0x0dcc07b,0x03aa7ba,0x1039618,0x097d4ae,
-        0x1811e29,0x0da1c10,0x0a7825e,0x08f3219,0x1b393eb,0x178a661,
-        0x0fe0185,0x183c49b,0x03dcc4e,0x0dd46a1,0x0fd9e7f,0x00ee4c1,
-        0x1555ad8,0x074c05a,0x00e8dbf },
-      { 0x19e05bc,0x1191a13,0x0f4f0dd,0x19e888a,0x1f5f40e,0x1183c9b,
-        0x17d35fe,0x0446218,0x0108d7e,0x07fd69b,0x062ef17,0x1de7855,
-        0x00f2f01,0x0bea3fc,0x0ac5c67,0x05c3861,0x118a9b2,0x03de4fc,
-        0x00d37e5,0x1b8a55d,0x01f9f53 } },
-    /* 117 */
-    { { 0x183f89b,0x15a4f60,0x1b53c99,0x04beb00,0x13fb5f0,0x1618406,
-        0x10ad653,0x02fa614,0x0371cd9,0x1b58ca0,0x1f89b52,0x15576fe,
-        0x04f7541,0x16adbdb,0x149a7ac,0x06d8bca,0x1c17f80,0x0870d42,
-        0x097c99d,0x1e1e45b,0x01cea0f },
-      { 0x08e11f8,0x1eab51d,0x0d5180a,0x03ebf35,0x0986402,0x06496b9,
-        0x0b16833,0x0178ce8,0x0523f65,0x122b4f3,0x0afed35,0x1037eff,
-        0x0bc8e46,0x01e4f36,0x09d651f,0x1fe4168,0x0d538f5,0x1159ca9,
-        0x1c12ba8,0x1f1c703,0x01b0818 } },
-    /* 118 */
-    { { 0x10d90f0,0x0dffd72,0x1370ef9,0x17ea023,0x0cb3b11,0x08efd62,
-        0x09c469a,0x0e7c219,0x14ea1a7,0x176108e,0x1bbad98,0x1d77cb0,
-        0x1d5a979,0x106178f,0x1c5aac6,0x17fd49b,0x17ec57b,0x17f4f1f,
-        0x0b949bd,0x0b2c1cb,0x015e1b0 },
-      { 0x030e62e,0x10252c3,0x06dc723,0x1cc88fc,0x1d00310,0x1a223d1,
-        0x1ad850e,0x1479e3c,0x17462e7,0x155dc28,0x09c9364,0x1410000,
-        0x1f8309e,0x12294b6,0x00175c3,0x1b0243b,0x1b33d4e,0x1079c24,
-        0x00d3513,0x17ff78d,0x00962d6 } },
-    /* 119 */
-    { { 0x0e07711,0x1f2c6a4,0x0ecb44f,0x11a4e14,0x10f8364,0x0ff8263,
-        0x024b633,0x0282a2f,0x051411f,0x0ddb2bc,0x1e29545,0x1b207c9,
-        0x0f6c31c,0x02099b1,0x1e1c548,0x0da9ae7,0x1eeeca0,0x197f012,
-        0x1538c5f,0x0dc82f2,0x00ad32a },
-      { 0x1d147df,0x0631fb4,0x0dedf8e,0x1ce217e,0x169bb06,0x0a8a6f5,
-        0x1afbca3,0x1b3729b,0x18d11c3,0x19183fd,0x1718112,0x1bf2070,
-        0x033b369,0x13c0074,0x1a8bd27,0x03838d1,0x0587d50,0x0781459,
-        0x13bde06,0x0f0442b,0x0055970 } },
-    /* 120 */
-    { { 0x0c1d751,0x1a8edaa,0x1448430,0x03741f2,0x0144530,0x0e45f6c,
-        0x0cd3eff,0x0154efd,0x0cf2368,0x0c6c09c,0x1ca1812,0x0949c09,
-        0x1a928c1,0x0b52db6,0x064b6e8,0x122072c,0x15b5f9a,0x124ef54,
-        0x05c9040,0x1a8af00,0x008580d },
-      { 0x009221c,0x1928007,0x015ba41,0x03e43bc,0x02e05b2,0x1304a83,
-        0x0be8783,0x0528919,0x16f7751,0x0bfdcbd,0x0d2b299,0x037be3e,
-        0x165d299,0x04ff8ae,0x1b356b1,0x1d8f34c,0x097d049,0x06e0eb4,
-        0x1caebaa,0x1f9509c,0x0067388 } },
-    /* 121 */
-    { { 0x0ef1dd3,0x05a4ed3,0x15d9948,0x1c774d9,0x191a045,0x1eafa41,
-        0x0602bcc,0x0953909,0x0ef0747,0x09e7ad9,0x1ec7ab9,0x1d34f17,
-        0x1aa35b2,0x16d4837,0x0a5ff5b,0x059e9d9,0x1891b9f,0x0f8d49b,
-        0x0aca162,0x0a66d27,0x010d667 },
-      { 0x1691faf,0x0824b39,0x18616d4,0x13aafd8,0x1c73d3a,0x054292e,
-        0x086ee4c,0x0d2fc52,0x040b05b,0x0a7ab8f,0x0fb7282,0x002e827,
-        0x185e96a,0x068d35c,0x1f53dca,0x1d16f3c,0x1da3ead,0x0aa8a1f,
-        0x05b9153,0x170889a,0x00fb859 } },
-    /* 122 */
-    { { 0x0667aaf,0x1041f3e,0x12e9f08,0x1295239,0x13545cb,0x1074a51,
-        0x064c632,0x18f943d,0x1e4eaa0,0x1d7ff91,0x15a1130,0x086c85e,
-        0x0ba21ac,0x106a968,0x11a2a2d,0x003a9f9,0x05b6a93,0x0a00d2c,
-        0x01eaf38,0x1eec592,0x00a3547 },
-      { 0x1e260ce,0x09f69fd,0x07e98f7,0x1b01b80,0x0717752,0x0ed1f21,
-        0x0dd75bc,0x01dabf5,0x05261f1,0x18b4325,0x135aed7,0x1ec7a41,
-        0x16be7b1,0x110d632,0x18e3040,0x1231d3a,0x0f6673b,0x0189bdc,
-        0x0b68bee,0x1688709,0x017423e } },
-    /* 123 */
-    { { 0x01fbcf4,0x113e215,0x17b8653,0x16bf59a,0x0c0d285,0x0f3303a,
-        0x1af7645,0x134eb85,0x0ef0a6a,0x134b288,0x13d1607,0x1f420cf,
-        0x1a13c5a,0x1df70fd,0x1804f05,0x0f3ce57,0x0d6dad2,0x0c2d203,
-        0x050b3d6,0x052a3aa,0x0031004 },
-      { 0x02bbc45,0x1af60d1,0x1361a9c,0x14feade,0x0ee5391,0x1000ef2,
-        0x1e7408d,0x04a60b5,0x1aa2f8d,0x0590c28,0x16de2aa,0x0db030f,
-        0x030e2c3,0x10d4446,0x13020fe,0x0fab79f,0x17fbd3e,0x1dc8ed5,
-        0x13f7408,0x10a8c1e,0x00f462d } },
-    /* 124 */
-    { { 0x172d703,0x05d0124,0x080fd5a,0x1a72131,0x1c44ca1,0x14642af,
-        0x1950ab8,0x06dd371,0x05b1b45,0x1ea79b0,0x1df9213,0x00f698f,
-        0x1d2e08b,0x1118411,0x0bcee60,0x1fa2608,0x1131889,0x0e4ffe9,
-        0x1b1a0d6,0x1e0ca58,0x01bb56a },
-      { 0x0e0f16a,0x182f103,0x1297b6f,0x15ae8c8,0x1c1ac2f,0x09638d7,
-        0x02a603e,0x143cb34,0x136c800,0x1d71beb,0x05e3704,0x1f8c46c,
-        0x105f20e,0x15a3778,0x0e962e0,0x013c888,0x1cf4425,0x064a8be,
-        0x103b66c,0x17682ac,0x01667d0 } },
-    /* 125 */
-    { { 0x122842d,0x185309e,0x1380ea8,0x0b6789d,0x0c6e00f,0x1c15bcc,
-        0x13e1db7,0x18b0ec9,0x178d208,0x1496c36,0x02152b6,0x0723cf1,
-        0x140a52d,0x12cd84c,0x06c9bee,0x1f93493,0x1ad04c5,0x02ee099,
-        0x138fc4d,0x0124d26,0x01dda5c },
-      { 0x0d6d673,0x0e5617d,0x0ff9bc3,0x0a01e76,0x0d8fdf0,0x0bab74b,
-        0x065058c,0x1c7d9ce,0x10a4d80,0x0c87a49,0x04c004e,0x126c63a,
-        0x18f2aca,0x1aac0b1,0x04659b1,0x0acf3dd,0x174e6dd,0x136f87a,
-        0x135c736,0x0490d19,0x0111be1 } },
-    /* 126 */
-    { { 0x15cc1b4,0x0639323,0x1e33d91,0x1256e72,0x115fc2f,0x1ebf5bc,
-        0x19b4438,0x1c0cb4f,0x0f40c38,0x1a2710d,0x1493f2e,0x0573c35,
-        0x0598866,0x01ab037,0x02e9377,0x127ee4e,0x02c1a4f,0x1e1c1a5,
-        0x0d8a935,0x0193446,0x002193d },
-      { 0x169fd7f,0x1bdc67b,0x0ee78b2,0x0f13442,0x1815da9,0x0887f78,
-        0x03159ae,0x070f69f,0x1269314,0x0445984,0x0cdf008,0x037b24b,
-        0x05477b7,0x1353207,0x126a484,0x18ddf40,0x1bdfd21,0x169eef8,
-        0x0ca95ac,0x1f3afa4,0x00649b5 } },
-    /* 127 */
-    { { 0x19a9c35,0x056fc33,0x1e5b590,0x0796e9a,0x0dad98e,0x074ed7e,
-        0x03aed7e,0x0788c97,0x0ad4a07,0x19c30a7,0x17955d1,0x01dc5db,
-        0x19bd86c,0x0bb6705,0x0cc5ce1,0x1f72cee,0x1274095,0x0cdae99,
-        0x1826bab,0x015d67d,0x013672f },
-      { 0x0e54ba5,0x063b6b2,0x14868e2,0x03b88e9,0x03fe7af,0x13b840b,
-        0x1a746ca,0x15aff47,0x0de1240,0x023da4f,0x00c0e81,0x16cd8e4,
-        0x13d9f64,0x135e810,0x11e00a7,0x07d4b63,0x0700aa0,0x18e578e,
-        0x0ee174a,0x0301d67,0x0103179 } },
-    /* 128 */
-    { { 0x12ed12f,0x1a7cfd7,0x162ab6f,0x09e701f,0x0e1d19e,0x0f40d76,
-        0x0f6d68e,0x17812af,0x1626ef6,0x0c19990,0x16ca37e,0x0bd419e,
-        0x14110ae,0x101c966,0x0565140,0x0f0ab56,0x0876bc6,0x133e24c,
-        0x0ff5871,0x1cb2714,0x004ace7 },
-      { 0x0c7dea9,0x0dcf794,0x0611671,0x1414d4e,0x102f95b,0x013b4e6,
-        0x1095e08,0x12c069b,0x094dd68,0x09d8584,0x1aa5688,0x16ff6bb,
-        0x0903730,0x10be544,0x090fb41,0x140a5fc,0x117fb1b,0x10b67a6,
-        0x09be5b6,0x123ad64,0x01c0d86 } },
-    /* 129 */
-    { { 0x18015c2,0x16f9fdf,0x0b62a8b,0x1b892a0,0x07f8236,0x1218abf,
-        0x1db829a,0x019d121,0x1a2d04b,0x0c77992,0x076eacc,0x0d1b501,
-        0x019cc06,0x0d33e51,0x09a4deb,0x17893ba,0x12c83fe,0x04793e0,
-        0x126e611,0x07b65e7,0x002987b },
-      { 0x12e3dc7,0x1d7687e,0x1554df9,0x16e82bf,0x098e8bd,0x122f92a,
-        0x1b26962,0x1a1f81a,0x0209c85,0x1eadd5d,0x0787ba0,0x1b8daaf,
-        0x0d31ec8,0x12815ff,0x132b42e,0x17de23e,0x0ce1f41,0x0e21973,
-        0x0fff299,0x015f557,0x01913b1 } },
-    /* 130 */
-    { { 0x1053af7,0x1bef829,0x13d2f67,0x0b65143,0x0030476,0x14821c3,
-        0x1e3f1f3,0x1ba882e,0x0ac8c5d,0x1df69b7,0x07b1863,0x0277f6b,
-        0x0f27b13,0x10d8df6,0x0995bfe,0x0e7533a,0x1459459,0x099a709,
-        0x0d8ad65,0x0311198,0x018c326 },
-      { 0x07f6ff8,0x1d20a55,0x11ebd04,0x107f56f,0x092aeb8,0x0183dd0,
-        0x021adf3,0x01df43b,0x1234610,0x040e092,0x10324f7,0x04e6042,
-        0x1593d4d,0x1308241,0x1b5f8f3,0x12be743,0x0cfdf17,0x1715c8f,
-        0x1a7b505,0x1b82346,0x0191160 } },
-    /* 131 */
-    { { 0x157d7cc,0x17a3745,0x0e1a69c,0x0a97e04,0x1140b0e,0x19d48e9,
-        0x0e5b816,0x1c110d8,0x1a4ec26,0x1cd59d4,0x1d63a46,0x15d78a1,
-        0x10742fe,0x0af1357,0x04b1821,0x1b3ee2b,0x076bb1c,0x0ca1e6a,
-        0x1fc0b22,0x12ffa98,0x017c3ed },
-      { 0x0d54964,0x01281f3,0x03014ec,0x058d463,0x19bd116,0x0146116,
-        0x1b3d273,0x08031fe,0x0035346,0x02e3c20,0x1019a29,0x06bd699,
-        0x038ea33,0x1a16df0,0x15c9fe3,0x1879af5,0x111fdf6,0x158abf4,
-        0x1264b5d,0x112993d,0x01b3a7f } },
-    /* 132 */
-    { { 0x109ea77,0x171cbd7,0x1716479,0x12ebb84,0x06a760b,0x050cbd9,
-        0x03022e5,0x0331808,0x0b68ce6,0x00dd654,0x08d5901,0x1a2ab7a,
-        0x1fa19a0,0x0cbbd99,0x1296e53,0x1a0530d,0x1f8e5fb,0x0f98fc3,
-        0x06407e6,0x18ab4d6,0x00b8f76 },
-      { 0x046ec9f,0x1fc619c,0x09185d6,0x193bd59,0x1462205,0x0846f87,
-        0x17b028c,0x0512596,0x1cfaed9,0x1ced941,0x127eca1,0x0008ca0,
-        0x11477dc,0x0b77281,0x1492eb2,0x19c8a91,0x11656ad,0x1d3edb5,
-        0x0c71a13,0x019b575,0x00fc011 } },
-    /* 133 */
-    { { 0x1308bf2,0x1b36c26,0x0010546,0x1facc70,0x19013c9,0x1c1dfcc,
-        0x17e4bf4,0x1f8d125,0x03ffc8e,0x0877ec2,0x1a8a1e8,0x02d8627,
-        0x00527e3,0x1d06fba,0x1db8f34,0x1a5431d,0x030f6eb,0x165cb72,
-        0x1c3b933,0x17d9e54,0x018cc1e },
-      { 0x070404c,0x0a56b8d,0x08c2034,0x01f39c5,0x0ad21dd,0x11f0393,
-        0x0f378ea,0x1217299,0x16363a6,0x15acb08,0x078ad02,0x1e8b8d6,
-        0x1be70bf,0x1367762,0x05b742d,0x0af8025,0x0747477,0x06a6595,
-        0x15f647a,0x11194c7,0x00aa089 } },
-    /* 134 */
-    { { 0x0db0396,0x0e7e57c,0x09daa8b,0x0f6845b,0x08ae8f3,0x042b927,
-        0x00d2659,0x07eca5f,0x07bf149,0x123e1e2,0x11e93bd,0x168d604,
-        0x0e8b600,0x1d75ed4,0x1cf90e5,0x11be157,0x11fa795,0x1170e91,
-        0x0206eac,0x0d2563f,0x00ef38e },
-      { 0x0cf3047,0x00b4493,0x01607cf,0x08b2a73,0x1ad14f9,0x1f905b6,
-        0x17470a4,0x02ffbd0,0x0f57abb,0x152a1b7,0x1378e0b,0x1ff82f2,
-        0x0f0d1a8,0x15ff669,0x0942388,0x0c08537,0x07fdb78,0x0088785,
-        0x1378c7e,0x1cdec8f,0x01962ad } },
-    /* 135 */
-    { { 0x0c78898,0x1529bff,0x1dff265,0x05bc1f4,0x0b39de7,0x0658478,
-        0x1dab34d,0x0a7eda0,0x0da78d3,0x06c5dc1,0x04b306b,0x09a7407,
-        0x1d5fe80,0x12c0aa4,0x1eb7b7b,0x18db356,0x1a0c067,0x1c41c80,
-        0x1b64fcd,0x0bff449,0x0191585 },
-      { 0x19ebef3,0x1871b5f,0x05dca55,0x0bbe966,0x021046a,0x00b5ae7,
-        0x06a569a,0x023f371,0x1288d0e,0x0f9c940,0x04566ab,0x17ca72f,
-        0x12d6baa,0x0e47d5d,0x06bfb81,0x15e2082,0x1afe5c7,0x1f8c961,
-        0x1f738de,0x05d039a,0x00f7aa7 } },
-    /* 136 */
-    { { 0x0c386ee,0x11e078b,0x00e483e,0x13a9813,0x133b046,0x15189b5,
-        0x15c8a1d,0x00cf3c1,0x03c406c,0x01e0549,0x0f89f4d,0x1c7c9bd,
-        0x0aef220,0x0cb7807,0x15ec784,0x1b9fe13,0x1d824a9,0x0a507ae,
-        0x0707421,0x105d8b3,0x01e2535 },
-      { 0x138c7ed,0x1793128,0x0237323,0x08ca8ff,0x1ec4319,0x054a446,
-        0x14eb774,0x1b856dc,0x08257eb,0x1cf8f7d,0x032627a,0x0dd63e1,
-        0x08c583c,0x000b1bb,0x1cda445,0x01c7be2,0x18bdbc2,0x131417f,
-        0x12f5453,0x10200b3,0x00d526b } },
-    /* 137 */
-    { { 0x0025949,0x0a917d0,0x0514912,0x1e177b1,0x126d888,0x1b90b7d,
-        0x0bd7f98,0x1ec6688,0x0472827,0x0761db2,0x109a076,0x034733f,
-        0x0d91d8a,0x1463b88,0x08cbab5,0x04ec4da,0x02fe51b,0x1c72dff,
-        0x14427e9,0x1e9fdbf,0x00040f9 },
-      { 0x14a05e0,0x17528b5,0x03ac654,0x1de438f,0x0b0d48e,0x0befede,
-        0x1986466,0x1fac9a6,0x08b4c21,0x088d902,0x08c0e83,0x136d7d2,
-        0x09a6f56,0x1c62f40,0x03d8259,0x0bb1c57,0x1ab3680,0x139135a,
-        0x0cd2728,0x1fe301b,0x01bdd6c } },
-    /* 138 */
-    { { 0x03cc612,0x1c2bb4a,0x071e927,0x1d06566,0x0914319,0x056f5ee,
-        0x18a5f33,0x043244b,0x0b06198,0x08c7da1,0x0731f12,0x01084b6,
-        0x10accb3,0x132372f,0x074cd1e,0x07c44ea,0x0ae590e,0x0757da5,
-        0x1128002,0x08c0705,0x0151821 },
-      { 0x196a461,0x040eddf,0x0e90f09,0x136a547,0x11c122e,0x06d845a,
-        0x0163919,0x03a4385,0x06d6a08,0x080a5bc,0x0f3bdec,0x1da9ea6,
-        0x1c167d3,0x00aa2fb,0x1ecca52,0x0f73ed9,0x11c449b,0x0f52369,
-        0x18870a6,0x1aec272,0x0081cfa } },
-    /* 139 */
-    { { 0x18a7f0e,0x0b193a3,0x0177bde,0x05bc2ee,0x114183e,0x108bf44,
-        0x09b7d5c,0x19fa494,0x1b7cd52,0x06d8d84,0x0f0580f,0x13f75b0,
-        0x099e42b,0x184f7c6,0x1c74ba9,0x0999ad2,0x05b8ee5,0x00c4a7e,
-        0x129483f,0x0f69ca6,0x00fcf75 },
-      { 0x0b62347,0x08c6643,0x04a1695,0x04f7855,0x0c51c9d,0x13393ff,
-        0x0ac14a5,0x0de5dd4,0x00ae43e,0x045471d,0x0819aef,0x16bc0b9,
-        0x0d80535,0x0419cc3,0x1ff36c6,0x099bb23,0x1ba3237,0x197a52d,
-        0x1480890,0x0c74921,0x0124087 } },
-    /* 140 */
-    { { 0x0fac14d,0x05cb927,0x14f3926,0x1b4f353,0x16f4bf8,0x103e14d,
-        0x036f75b,0x0701e3d,0x1717715,0x161867e,0x00c98fe,0x1a44e36,
-        0x154c91e,0x0cda2af,0x04e0cd4,0x1257f7f,0x1891270,0x0bb52f3,
-        0x1204ef6,0x0ce9c36,0x0128a97 },
-      { 0x03e5924,0x11e20ac,0x1418a6d,0x031e2e3,0x01f9aff,0x113d143,
-        0x0cf36ac,0x0e0568b,0x08a11ab,0x1ceaeed,0x0da5c64,0x0f61d1b,
-        0x052bfb4,0x0760840,0x08de77c,0x03002ac,0x08124ce,0x157ad32,
-        0x13e52ae,0x1188686,0x01508d9 } },
-    /* 141 */
-    { { 0x1ffc80f,0x0ff39e7,0x0fdb7aa,0x17a868e,0x023e2e9,0x09bdd3f,
-        0x0fb4f27,0x0ae4ff6,0x07a3fc3,0x19bb369,0x1280f5c,0x19e71c0,
-        0x03d0db4,0x15df07a,0x1805d48,0x0de9f19,0x119da98,0x1ec3f5b,
-        0x1f9ac0d,0x16a15c5,0x01536d1 },
-      { 0x040bab1,0x1aef7ed,0x098cdc7,0x1f3657b,0x07d6a8a,0x0565438,
-        0x1722435,0x156bd14,0x1643ff8,0x0b9787f,0x03b0bd3,0x01b297f,
-        0x029c4c1,0x075c9f1,0x0c3aae8,0x1fa026d,0x08f1d2d,0x15e2587,
-        0x14d2820,0x0a5cb53,0x01429f2 } },
-    /* 142 */
-    { { 0x10e7020,0x1ea60be,0x05a12bf,0x156a904,0x1b169aa,0x079a47c,
-        0x05c2162,0x177b7c0,0x1885986,0x175fb7f,0x070e076,0x0fea2bf,
-        0x1bb3398,0x0254a53,0x1157cb0,0x0d092fc,0x042a0ed,0x01cd20a,
-        0x1bdde63,0x15a94c3,0x01541c1 },
-      { 0x12709c4,0x1db1403,0x17f9d91,0x171021c,0x1330d68,0x1707b1d,
-        0x021d3a4,0x175a37b,0x1f8bea9,0x02727dc,0x0260685,0x1831063,
-        0x07c15af,0x1b46350,0x071720a,0x016cdc3,0x1a236e0,0x042c62b,
-        0x1f2debb,0x0aa2200,0x00119b2 } },
-    /* 143 */
-    { { 0x087027d,0x07693e4,0x0a18487,0x0a57f56,0x0050f33,0x0a88f13,
-        0x0f07067,0x1eadc6e,0x17f4c69,0x16a61d4,0x09aed00,0x0d5e4a4,
-        0x10e6f35,0x01f3d61,0x040470e,0x1fbf677,0x03d33d8,0x1a1d861,
-        0x1cba8d8,0x0721ef5,0x000ba8c },
-      { 0x0851bac,0x061eb3f,0x13f310c,0x134bea8,0x0991c38,0x1dd030c,
-        0x0f1919f,0x1e800d7,0x097cbdb,0x04e8127,0x12b6b75,0x0fbaee6,
-        0x0a4539b,0x1465b69,0x0ea3e7c,0x1675b21,0x0304de4,0x03d490c,
-        0x1ee5a4a,0x0e65df4,0x006ab28 } },
-    /* 144 */
-    { { 0x0ed5986,0x15a9691,0x1819c76,0x14b0a67,0x1eee627,0x0aaff1e,
-        0x18deb3c,0x065d1fd,0x17ae8b1,0x0b0a486,0x022e533,0x030a694,
-        0x102706e,0x1ce0ae1,0x17ff54b,0x15a8d50,0x0f351a5,0x1ead112,
-        0x135c02e,0x036daaa,0x01e644d },
-      { 0x02e4e9c,0x1834343,0x1f925a0,0x1890ec7,0x1e5cd76,0x01ce557,
-        0x059e702,0x05ac061,0x18d83d6,0x07265f5,0x112b8b0,0x0a9c237,
-        0x02911e2,0x127e503,0x0835f21,0x0e08b2d,0x1d5e9a2,0x07abc2e,
-        0x0f8104b,0x0cefa1e,0x01be2f4 } },
-    /* 145 */
-    { { 0x101a6dc,0x0096ed5,0x0da5300,0x035c35b,0x191bd6c,0x18283c9,
-        0x16bb2e6,0x03e75cf,0x062a106,0x138a7cf,0x14dadf0,0x1dcf52c,
-        0x0b71978,0x0f0bb2a,0x1046f41,0x07ba9dd,0x0e0efab,0x0e388b3,
-        0x1fb6fd8,0x154ae50,0x01d70f7 },
-      { 0x1eb5932,0x137bea8,0x12909ba,0x14bf105,0x154ea0a,0x1cfbee1,
-        0x1825ddc,0x0682eb6,0x09be579,0x19a8c95,0x117b334,0x0846f0a,
-        0x1d9801f,0x1db21e4,0x0e38959,0x157d865,0x1d723e3,0x0dca08e,
-        0x1c71942,0x1bd4d19,0x00ee656 } },
-    /* 146 */
-    { { 0x0890deb,0x070a050,0x12f534e,0x1b79d70,0x1f7bd87,0x020ef65,
-        0x1fdcae8,0x1d2a3e1,0x0a6820b,0x1f76385,0x018a62b,0x0147189,
-        0x0475519,0x1380876,0x16e9563,0x0f363d9,0x1b88c78,0x0676c8e,
-        0x1d78857,0x1c7c99d,0x014c08d },
-      { 0x0266da2,0x09a768b,0x0026705,0x16f6992,0x1ce322e,0x093b444,
-        0x12bbda6,0x09a6fbd,0x105c284,0x09284bf,0x1466ad9,0x1c26358,
-        0x06d23b7,0x12d1e64,0x0baedc9,0x08aead0,0x1b9628c,0x186298e,
-        0x0e014dc,0x01d170e,0x00be2e0 } },
-    /* 147 */
-    { { 0x1ed32e9,0x1e4002b,0x065ce01,0x1ef8049,0x027e40c,0x1aa4182,
-        0x1aaeeae,0x1e8b0a0,0x1ce820b,0x124bbb7,0x10fa055,0x0527658,
-        0x08b5353,0x07f7b32,0x07a0d4f,0x1b94ace,0x13f903b,0x09390be,
-        0x004ff5e,0x1382135,0x01dc40a },
-      { 0x1b21a38,0x153619e,0x1f91afa,0x03ae7de,0x0ae222e,0x0ea83fe,
-        0x0139ef4,0x1563fed,0x0587a77,0x0dd6332,0x12935bd,0x1ec418c,
-        0x0a58c74,0x153e1bc,0x0a0df65,0x1c81299,0x1313e42,0x1fa1efa,
-        0x0d27853,0x14868ff,0x013f8a9 } },
-    /* 148 */
-    { { 0x12f8923,0x1a76fcc,0x07ce16a,0x00dfa41,0x024aa5e,0x09a0777,
-        0x06e1c6c,0x0804f7d,0x191e0bb,0x0abe88f,0x1318b0a,0x15a5e7a,
-        0x0f425af,0x03ffbd5,0x08c4a1b,0x197d25a,0x12b0114,0x0cb2095,
-        0x0f88d4a,0x0d44638,0x019f670 },
-      { 0x05c02af,0x1dde911,0x06341ac,0x0c7f47d,0x13ebc16,0x07a4172,
-        0x0add6e1,0x1bf4dbe,0x12bfc55,0x095a290,0x09cf6a4,0x1a80a25,
-        0x0430bdb,0x1ea9f55,0x03d0f64,0x1faa758,0x1e40c27,0x07e1ac7,
-        0x065092d,0x03077d2,0x00a32cb } },
-    /* 149 */
-    { { 0x1a6a746,0x186169f,0x12a38e6,0x043ab44,0x084a792,0x06f95af,
-        0x02451e3,0x166e14b,0x130666c,0x144033e,0x1c741a2,0x013deda,
-        0x04b09a7,0x0032e8c,0x001e8f8,0x12890a0,0x14bb8dc,0x0382357,
-        0x19524eb,0x1462538,0x01fd2b6 },
-      { 0x05f2771,0x0eadef2,0x16574f5,0x15e865d,0x0542b08,0x19535dc,
-        0x103efc8,0x1645d9a,0x1e8becc,0x1e5b0a1,0x1891fc3,0x02757f1,
-        0x1bcecc5,0x06d181c,0x1755bde,0x141bf2a,0x01956c2,0x148abe3,
-        0x00c7f8a,0x06b97e6,0x018ca6d } },
-    /* 150 */
-    { { 0x00c4923,0x0058ddf,0x01ef760,0x00d2052,0x046ae74,0x1de8638,
-        0x0cdfe55,0x1704731,0x19655f8,0x1470d4e,0x1d0542a,0x0ff4a01,
-        0x0ecd292,0x10173d7,0x1aa71b4,0x0d25d04,0x0b39f29,0x05a67ac,
-        0x1d055df,0x070d197,0x011f309 },
-      { 0x13ed442,0x1af3d19,0x1deeb72,0x1f20dfd,0x0e5c8e2,0x0c79145,
-        0x0048cf6,0x0b85b36,0x07ffe12,0x119796d,0x0c60d51,0x0e63744,
-        0x1259487,0x0969628,0x12ab96c,0x1b38941,0x0589857,0x15f8073,
-        0x13c803d,0x02010ca,0x0172c5d } },
-    /* 151 */
-    { { 0x1c283e0,0x0a02317,0x0039625,0x08fdc11,0x1763398,0x1e8b117,
-        0x0d03adf,0x1dbf5e3,0x0f598c5,0x07a8a8f,0x0366efb,0x05eefc0,
-        0x146b4d9,0x14621fe,0x10f8ece,0x1a3a4ea,0x12c6511,0x19cca70,
-        0x1c16db4,0x08343b5,0x00c6dd8 },
-      { 0x1b991ad,0x10bf011,0x14508f6,0x06e3f74,0x0ab2b21,0x0e0c3cd,
-        0x1b16837,0x1b9682f,0x15f63ac,0x19de456,0x09f5405,0x04203c5,
-        0x082fcf5,0x1083680,0x0dcff41,0x0259ec6,0x1de7db0,0x18f4108,
-        0x1d9517b,0x0ecdb2a,0x018ca07 } },
-    /* 152 */
-    { { 0x180dfaf,0x1a3dcd7,0x1fce390,0x1f388cc,0x080b631,0x0de11c5,
-        0x16c99b7,0x140dfe3,0x1aa8718,0x0b0f1b2,0x070d7d8,0x19215e6,
-        0x08e7f7a,0x1e34237,0x0e0c747,0x0eb6980,0x1106841,0x10f334e,
-        0x0d2dcc6,0x13ac412,0x00c76da },
-      { 0x1e4e78b,0x1acbdd1,0x1e6a607,0x18aa133,0x0c14ded,0x0446309,
-        0x0e6564c,0x0b17e6e,0x19b2074,0x02b4183,0x1da401f,0x188f444,
-        0x13c4440,0x1bf36d7,0x17c8f23,0x122076d,0x0254292,0x1a7b316,
-        0x0cede58,0x14db631,0x00f9f4e } },
-    /* 153 */
-    { { 0x0d36049,0x0f5c467,0x07e319a,0x03e8373,0x07a4ffe,0x1970844,
-        0x1d58da9,0x114d216,0x065a0bb,0x1eeb546,0x10a5559,0x18b12dc,
-        0x0d42cf8,0x0d55ffd,0x01ad7cc,0x04d48a5,0x0f28f6f,0x18fbefd,
-        0x186b940,0x13c1581,0x0120c5d },
-      { 0x0c10da7,0x171ffd6,0x1b96bef,0x1328928,0x07e2d5f,0x01107fb,
-        0x1fa18f1,0x05d1d82,0x0bd6f63,0x137ba0a,0x127bd3f,0x181f87f,
-        0x104a9e3,0x01dfdc3,0x1fcf2e8,0x0685a4b,0x000bb03,0x10c7e9b,
-        0x014334b,0x07cea60,0x01ac1e6 } },
-    /* 154 */
-    { { 0x13d6a02,0x1e83e47,0x0347760,0x18fde9a,0x11fc143,0x03d7b0b,
-        0x12fc353,0x1e19532,0x0827c5c,0x0549f4c,0x05e20b2,0x18f656d,
-        0x1a4a102,0x052af45,0x0f21f56,0x0c9e0c6,0x02fcc2d,0x00d7441,
-        0x01b407f,0x136a7f3,0x01c12ce },
-      { 0x1dc1b79,0x11cfeca,0x05aa165,0x087e9cc,0x0728f75,0x117dcf9,
-        0x0f133b7,0x13cdce0,0x0d50fae,0x017bb40,0x14c3b41,0x187785a,
-        0x0c0546b,0x06eacc5,0x09001af,0x0922001,0x0c9e129,0x09f9943,
-        0x1afe58a,0x1044ab6,0x0146777 } },
-    /* 155 */
-    { { 0x10c98fe,0x0a10f71,0x1c16be0,0x01f859a,0x1eb0feb,0x0fb5696,
-        0x1329853,0x1d13658,0x09ba314,0x1c09a6f,0x12c5b74,0x1d709e0,
-        0x08a443d,0x183fc65,0x155bb83,0x0722ff8,0x1bb3a4f,0x09e0e41,
-        0x06b7350,0x0fba496,0x0199839 },
-      { 0x14781e6,0x0f0bf6f,0x0407280,0x128de3f,0x12d7c31,0x18486d1,
-        0x0984ed4,0x00f444f,0x0a7c8c6,0x04ad8ee,0x1a5c249,0x17ddbb8,
-        0x181cf2f,0x02b0404,0x0f60aed,0x069ae3a,0x1a30851,0x0e7e6ee,
-        0x19e6310,0x02e36b2,0x00d23dd } },
-    /* 156 */
-    { { 0x0dd7e96,0x007c26a,0x10325e9,0x150813f,0x1114c8e,0x0889c9b,
-        0x0a79aa7,0x1ad8ade,0x18fd8c6,0x1b03310,0x1a79f0e,0x150c004,
-        0x1fad3ba,0x02c94ea,0x04f1ac0,0x06cb628,0x040222e,0x060d6bf,
-        0x1e62abb,0x04c4348,0x01d36a8 },
-      { 0x1003c81,0x022e260,0x180abab,0x15e87b0,0x1ef9ef5,0x1bba34c,
-        0x17d7983,0x0b06d4c,0x1bf5d28,0x18973d5,0x0b3bc7c,0x1903909,
-        0x122f53e,0x0e9245a,0x18cb28a,0x0b8c0c7,0x1c581e6,0x1ff4d53,
-        0x0a1065c,0x10d934a,0x0017e36 } },
-    /* 157 */
-    { { 0x090de99,0x17f32cf,0x0d8c2cb,0x195a0b5,0x1e4485b,0x0724495,
-        0x1a94b85,0x10f8914,0x0226286,0x16c2a18,0x0f6d50a,0x1d2abd6,
-        0x01261f0,0x0a2f2c2,0x1a0618f,0x0ae7291,0x00f8ed7,0x067f0e7,
-        0x1612b79,0x1e3feaf,0x003fbd6 },
-      { 0x1bf968c,0x188eee8,0x11cb50d,0x1a91bf4,0x1558d7c,0x12d2b36,
-        0x0488f90,0x08293e1,0x05c26d0,0x07c199c,0x105d0c3,0x03e2f85,
-        0x19be7b8,0x08a1ece,0x0f70cf9,0x07f5dc7,0x03594fd,0x179c2d6,
-        0x1f46046,0x039e853,0x0113755 } },
-    /* 158 */
-    { { 0x0193bb2,0x07aad90,0x01c924a,0x00e6217,0x16e579d,0x02e93b4,
-        0x18c274d,0x114bdc0,0x0a87186,0x121f219,0x0e1a0e6,0x07c2220,
-        0x0828c11,0x1199788,0x01bb3ce,0x1976905,0x0370385,0x199a455,
-        0x1c5636b,0x1ff955d,0x00c6698 },
-      { 0x0908745,0x062a57b,0x0fee811,0x08d466a,0x06b336e,0x10f410d,
-        0x0a14b55,0x0fed298,0x0363491,0x194bcb8,0x184c546,0x077303e,
-        0x0f6e102,0x17a352f,0x05f70af,0x09efed0,0x0af8e11,0x1c9ef50,
-        0x15cb16f,0x1e79abd,0x0136c3c } },
-    /* 159 */
-    { { 0x1080de4,0x1ccd5bd,0x0e5aee1,0x1bad3b0,0x1b8f781,0x17c7b19,
-        0x0aaaa61,0x194ed68,0x0a54bc5,0x0ba601c,0x0beee57,0x0c0b538,
-        0x1076fcb,0x000bc49,0x146d102,0x0de1b08,0x0389d28,0x1a07806,
-        0x1150c98,0x11d2a41,0x014c303 },
-      { 0x177aad9,0x1e1c0b4,0x0f8f252,0x05ae10f,0x0dbfd08,0x0ff6845,
-        0x008321d,0x1f80da1,0x0345656,0x0e7426a,0x1b753b8,0x11c01fa,
-        0x0071c4d,0x152fd5a,0x0ce2c89,0x1d6de46,0x0c10bae,0x06a3bf5,
-        0x1e0309b,0x161176b,0x0078e4d } },
-    /* 160 */
-    { { 0x078342a,0x0e89508,0x0190044,0x1cab342,0x0534725,0x09ffee8,
-        0x075643f,0x03fd48b,0x106f0ac,0x1b4a54f,0x06f1a73,0x15b67c3,
-        0x00f6d24,0x1ceee68,0x18e3d7a,0x1ba9c79,0x166b632,0x09c2007,
-        0x0578715,0x11fbf7c,0x0085cab },
-      { 0x109422f,0x01fb5c6,0x10ec2a5,0x0c1f311,0x17d2975,0x19726c8,
-        0x107e8bb,0x07eab48,0x135f7c1,0x1a1a91d,0x0b4ffd9,0x080fdb5,
-        0x0d274d3,0x09a3921,0x10450d6,0x0c2bab2,0x1013bb8,0x08e5939,
-        0x15de533,0x06e0097,0x007da04 } },
-    /* 161 */
-    { { 0x1712c44,0x1ccd316,0x15de092,0x114d2c4,0x148368f,0x0f11438,
-        0x010cb59,0x1f11dad,0x06f5bc5,0x0014183,0x0d1e745,0x02429d8,
-        0x10e6cf3,0x09936db,0x16dbd12,0x126d72d,0x098ca32,0x1e52d60,
-        0x1fa886b,0x04918e5,0x004d69e },
-      { 0x11269fb,0x0484953,0x0d802aa,0x1030ca1,0x0f6bdba,0x1aaed91,
-        0x10a8e7e,0x1a03b39,0x16311e9,0x1e7586f,0x10b0743,0x0f39215,
-        0x0a6faeb,0x058f9b9,0x04ec88b,0x0832647,0x1dfbc8c,0x0315379,
-        0x1fa399d,0x1461645,0x00019de } },
-    /* 162 */
-    { { 0x0b3118b,0x144d609,0x0959f7d,0x1ad96dd,0x106ee39,0x1e6cbc6,
-        0x08b0861,0x10f9f98,0x18d537d,0x0c2db40,0x15b6cae,0x02a5d3e,
-        0x1575845,0x0f04c60,0x00e61c5,0x059a41f,0x1c83b21,0x1df4b52,
-        0x06b0711,0x140671b,0x01fb3dd },
-      { 0x1a0a9b8,0x1bff067,0x1dd7c1a,0x0fc45b9,0x1478bac,0x1443e44,
-        0x178104d,0x179e702,0x0914c54,0x0c08eef,0x07a993b,0x02c01ea,
-        0x17c8c24,0x064382b,0x045360d,0x17968c7,0x152a8ab,0x1769272,
-        0x1913d4b,0x1d73d04,0x00019e5 } },
-    /* 163 */
-    { { 0x0d52313,0x0d02733,0x0af47d9,0x0a9a7ee,0x1d69454,0x1bd708f,
-        0x176be9a,0x08e5781,0x0571ab2,0x10fbcec,0x0a35a24,0x12cd5cb,
-        0x13d4c5f,0x1762e70,0x185dc5a,0x17a73fb,0x1a4b764,0x1b87376,
-        0x04359e0,0x12810b3,0x01efffe },
-      { 0x08f92e8,0x10713ec,0x08f3cfe,0x1b38ee2,0x021ef0f,0x13a6dd5,
-        0x05d3224,0x0c4c4b3,0x1b9ba27,0x067d252,0x0f2bdb5,0x13a48dd,
-        0x1010c90,0x07c7143,0x05e8436,0x1dd4406,0x1e1453a,0x1d83b8e,
-        0x031ac28,0x188f22d,0x00eadf0 } },
-    /* 164 */
-    { { 0x0854477,0x00f2426,0x11f046f,0x090c71c,0x0bec25b,0x0e2a6c9,
-        0x180ae1a,0x1a487a9,0x0be1e7e,0x18c6f19,0x18312b8,0x1d60d68,
-        0x1ef5471,0x1521357,0x0b9efce,0x05b8271,0x0ddd845,0x091d713,
-        0x1e0b7a7,0x1f83aaa,0x01649d3 },
-      { 0x0de1979,0x0571885,0x1ca361f,0x1a76978,0x0847041,0x01e4df5,
-        0x0f1015b,0x0ce7124,0x0d74ae4,0x17f0c15,0x1926b8d,0x0de9d97,
-        0x1592bff,0x0e20fcf,0x0036e03,0x00e2acd,0x06fe463,0x19add60,
-        0x1b41cc1,0x11698fa,0x00c06d6 } },
-    /* 165 */
-    { { 0x14dfcf2,0x115f3c2,0x0f436f8,0x1f4d5c7,0x0e21a7d,0x10f6237,
-        0x0eb4694,0x099e8c6,0x041a948,0x14a293d,0x048fcfb,0x1736554,
-        0x121145e,0x0571e54,0x0d2a0ab,0x1b24aac,0x0a0fc85,0x070bb56,
-        0x0420b63,0x19eff83,0x0078504 },
-      { 0x199793c,0x073e21b,0x1ed75d3,0x116aa33,0x14ddd61,0x1fcc043,
-        0x17e4e57,0x1cc59ed,0x1b8bf61,0x07522e8,0x13d53c0,0x0c27b9f,
-        0x1026863,0x01801ad,0x108edd8,0x15396ce,0x1344028,0x14fde3a,
-        0x14681df,0x059c6e0,0x00f47b5 } },
-    /* 166 */
-    { { 0x0bec962,0x1ec56cb,0x01ebafd,0x0c2fc02,0x11cc81f,0x07082c6,
-        0x1142485,0x13ec988,0x142394c,0x014c621,0x18144db,0x0a5a34c,
-        0x03d9100,0x086fc12,0x190dd52,0x1bd4986,0x01efe5c,0x09189df,
-        0x09fedec,0x14c1efa,0x0076249 },
-      { 0x0f593a0,0x1ac1c0e,0x1679d25,0x1706c98,0x0c9ceef,0x0e4cc88,
-        0x04ccf81,0x1c65eb4,0x1421808,0x0752f0f,0x1a3d3cc,0x149e9eb,
-        0x0756fb3,0x1b6065a,0x0b9b8ba,0x198d459,0x1fd08bd,0x1b05983,
-        0x1fe3045,0x0f20381,0x001aee1 } },
-    /* 167 */
-    { { 0x1aa9e14,0x019b5c4,0x003f012,0x03ecece,0x0663427,0x15b4c03,
-        0x010ce41,0x0469b54,0x1ebb7ab,0x0123f70,0x06814cc,0x154fd6b,
-        0x15969b4,0x00007a6,0x03be096,0x0d6b7af,0x0eb4602,0x072ed9c,
-        0x15a15b1,0x087cbaf,0x003b06a },
-      { 0x12a0ee7,0x1741c76,0x004ea82,0x11e2dd1,0x04bbe52,0x13209b8,
-        0x17d713a,0x0cf156d,0x006e298,0x1f4065b,0x07b4ad6,0x16e5e8b,
-        0x1af19b1,0x0bb0a90,0x0733934,0x0de76f5,0x194aa51,0x09cd7fc,
-        0x0d05a49,0x125d0d6,0x000797d } },
-    /* 168 */
-    { { 0x0f3a8ca,0x176f0ad,0x07b096b,0x054b86a,0x1392478,0x1f60401,
-        0x08fefe4,0x16883cf,0x0e6f425,0x027c9e2,0x1d8026c,0x05d903c,
-        0x06e4ec1,0x08c07fe,0x1cd9b51,0x1de74f2,0x1b50e0a,0x0e949e5,
-        0x035c764,0x12d288d,0x0061a14 },
-      { 0x15a67a1,0x02a0e33,0x041bd4b,0x011ebfd,0x07d38d3,0x1f4c473,
-        0x0f333da,0x10c54e1,0x0185898,0x101f65f,0x1c116eb,0x0c2ce0c,
-        0x16ecd02,0x086546c,0x0b37664,0x0e6ba3f,0x08230c0,0x03d5085,
-        0x0ca3c87,0x0fcaa86,0x00152a2 } },
-    /* 169 */
-    { { 0x0057e27,0x104f073,0x1368f75,0x0f8f48a,0x07e8b6a,0x196eadc,
-        0x045147c,0x1c5feb3,0x0d0ef51,0x11cbd44,0x19d51ba,0x0d424aa,
-        0x00c4986,0x19145a4,0x11722c4,0x132f5d4,0x077dd01,0x11edf07,
-        0x14619f4,0x1d451f8,0x01f80e2 },
-      { 0x1d0820b,0x0a096b4,0x08618a5,0x0e3d4cb,0x0317312,0x031c068,
-        0x00887ac,0x00d84f9,0x075fe97,0x1fea77e,0x074941f,0x14aeb4e,
-        0x037b396,0x03e5baa,0x1200147,0x17dc6c3,0x0d7ad4d,0x0f03eda,
-        0x0c64b51,0x0903e93,0x01431c7 } },
-    /* 170 */
-    { { 0x0e1cc4d,0x1968204,0x07b97aa,0x075a5b8,0x093758d,0x0e39c9f,
-        0x1f7f972,0x10619d6,0x1d33796,0x186c354,0x1e1b5d4,0x0795c49,
-        0x0bef528,0x1858dd8,0x1746993,0x09c7956,0x01f54db,0x0cb555e,
-        0x0f00316,0x1b0f987,0x01443e3 },
-      { 0x160e7b0,0x141098e,0x0063942,0x16ba67a,0x1c9b629,0x0299c6f,
-        0x1b90bf4,0x1d58a95,0x0e821c6,0x13c7960,0x10272c1,0x0ebe0d5,
-        0x16e5c9d,0x0980c6f,0x0d5d44d,0x18ccf06,0x1ac0bf8,0x0c0e537,
-        0x142b8b7,0x10041d3,0x00e17fc } },
-    /* 171 */
-    { { 0x1aaa5eb,0x0a3a08d,0x00da2b7,0x12f37b0,0x02cbb75,0x1ff6910,
-        0x0310337,0x083b0d0,0x04e0911,0x011d478,0x122e1c7,0x03da40e,
-        0x0965d14,0x12cf494,0x1a855d5,0x1b7fcb0,0x1cd5006,0x03e346b,
-        0x095a69d,0x15a1be4,0x0148da0 },
-      { 0x19069d7,0x062edbf,0x069323f,0x0ab80a6,0x0487d24,0x116d9d1,
-        0x12267a6,0x0418b56,0x0b4fe97,0x15fea9c,0x1cd7914,0x1949a4f,
-        0x1373a04,0x1716d64,0x0ef1527,0x1cfc4f9,0x09dff3e,0x0014391,
-        0x036a4d8,0x130f1a5,0x00d0317 } },
-    /* 172 */
-    { { 0x166c047,0x1f4dd9d,0x187626d,0x12c0547,0x02e6586,0x0dce001,
-        0x08a5f23,0x14689f0,0x1d08a74,0x13b5651,0x0e63783,0x0e3bf9a,
-        0x0afbf1a,0x0190733,0x0edbaaa,0x13f8a5f,0x0bc179c,0x0541687,
-        0x19eacad,0x019ede9,0x000f4e0 },
-      { 0x090c439,0x0074d24,0x1ac9093,0x17786b4,0x17564a2,0x1ba4be9,
-        0x11e7766,0x0852b48,0x1612de9,0x0ff9f86,0x1400ce8,0x0ff9cc1,
-        0x1a35862,0x09120be,0x176a301,0x1070b02,0x0d4ef6b,0x1283082,
-        0x05ba5aa,0x0e51a5e,0x0120800 } },
-    /* 173 */
-    { { 0x1039042,0x191b955,0x13b65db,0x193f410,0x10e6978,0x1f60a18,
-        0x174bd62,0x187a07f,0x1fe2045,0x1006080,0x16a4a0c,0x1ef5614,
-        0x18e6868,0x130fd7f,0x1257477,0x044ca4d,0x127b7b1,0x1d0f100,
-        0x0a97b45,0x07baf18,0x00898e6 },
-      { 0x0bba4ee,0x099ed11,0x15d2ed9,0x0fe92d4,0x1eff639,0x19535c9,
-        0x0a7dc53,0x07e8126,0x11dfdd7,0x041245e,0x1286c68,0x1e5cd37,
-        0x0762f33,0x1d17019,0x05df992,0x1ee8334,0x19375dd,0x05e2874,
-        0x095af47,0x152f3e9,0x0095b87 } },
-    /* 174 */
-    { { 0x1c1f177,0x19b54b3,0x0f27a0d,0x10c0026,0x1b6d350,0x164d2d8,
-        0x0ee49ba,0x0392849,0x0c27ef3,0x14e00d3,0x0d21c1e,0x174a245,
-        0x05ad93b,0x0e8d64c,0x0e538aa,0x02eb73d,0x006d53f,0x0288e01,
-        0x040b645,0x1d64a4a,0x00b1d13 },
-      { 0x15a1171,0x1edf5b3,0x0ac73f9,0x182d81a,0x1228295,0x1e44655,
-        0x16d6815,0x19f1b64,0x0d300e9,0x1f54f4b,0x154badc,0x06fe4d2,
-        0x1fb0e00,0x0f07cc6,0x0740d72,0x0901fd5,0x1b8d290,0x0c30724,
-        0x00dacc6,0x1d2a258,0x0037a35 } },
-    /* 175 */
-    { { 0x100df48,0x194f747,0x0c13159,0x0c23590,0x189ca7b,0x1d4091d,
-        0x15fe62c,0x1d492f4,0x1c21ca3,0x0218d8c,0x0cf39f8,0x1bd7c57,
-        0x1945a73,0x16e3bc0,0x01b30ae,0x07be25f,0x1e4e5eb,0x02ff802,
-        0x149f73c,0x0bbaf5b,0x005ef95 },
-      { 0x0ee402f,0x117fd00,0x0d33830,0x1476617,0x1b335e2,0x1e5880a,
-        0x1474190,0x110a84a,0x13cd196,0x10c1fa2,0x1952d31,0x1e45e17,
-        0x04c6664,0x061066f,0x1d33fb9,0x188eb4b,0x12f80a4,0x0ee554b,
-        0x04447b6,0x15e400b,0x019cde4 } },
-    /* 176 */
-    { { 0x171f428,0x085e46b,0x0e0a7a7,0x13c8794,0x1ac1ecd,0x09d6781,
-        0x19203ae,0x07f1abd,0x1065a2a,0x11197c0,0x0e29cc5,0x1f545e1,
-        0x021fc04,0x012a3a5,0x037df9c,0x0bede95,0x1f23bb1,0x128d627,
-        0x0254394,0x0436e7c,0x006b66e },
-      { 0x1a41dee,0x0c24033,0x0cfd672,0x1cf67c5,0x0cfa95a,0x0a2a709,
-        0x00e1a24,0x148a9b3,0x1eefca6,0x06eedef,0x072dd7c,0x164823d,
-        0x035f691,0x1f79046,0x0e79d9b,0x079ed53,0x00018b3,0x0f46f88,
-        0x0705d2a,0x0ab593a,0x01c4b8a } },
-    /* 177 */
-    { { 0x04cccb8,0x1ac312e,0x0fbea67,0x125de9a,0x10bf520,0x17e43c3,
-        0x195da27,0x0dc51e9,0x0da1420,0x11b37cb,0x0841f68,0x1400f8a,
-        0x1090331,0x0a50787,0x03533ab,0x08f608f,0x0e2472a,0x0d944cf,
-        0x1081d52,0x0ca69cc,0x0110ae9 },
-      { 0x0ed05b0,0x0eb2ae6,0x150cb30,0x1202eb2,0x0bac3f0,0x0bbe6bd,
-        0x1c29239,0x0db75d6,0x140e98d,0x0580449,0x1493c61,0x0ca6c07,
-        0x1d26983,0x12b90b9,0x051620c,0x083bcdc,0x1266111,0x00e9a45,
-        0x1e89fcd,0x04afb9d,0x006be52 } },
-    /* 178 */
-    { { 0x147e655,0x1c799e4,0x1e56499,0x1411246,0x1f0fb76,0x011ce8f,
-        0x19d15e4,0x19d65bf,0x03cdbb7,0x1043a49,0x1b5073a,0x1b720be,
-        0x0821326,0x1cee2ac,0x06ba6b9,0x02e04b6,0x00ce9c3,0x070a29a,
-        0x0b0e2a7,0x0058534,0x00c3075 },
-      { 0x156ace2,0x12788e0,0x14a4304,0x0ef3fe4,0x0c170fe,0x08b8d91,
-        0x06a05b8,0x12ec1bf,0x155de27,0x0cde541,0x131e768,0x0fd4f8d,
-        0x101ad92,0x0eb0fbb,0x1640448,0x00d7650,0x026261c,0x1ff4064,
-        0x08990ae,0x01a6715,0x015e405 } },
-    /* 179 */
-    { { 0x0ad87bc,0x0bc14f5,0x12f724e,0x0f03d09,0x00ac936,0x0f27ef7,
-        0x10935ab,0x0ad6af3,0x1690d7f,0x05cd5d2,0x1ec2e54,0x13a7a29,
-        0x16f09b2,0x12d073d,0x1a13c8c,0x09fe7a0,0x1d3606f,0x1828a74,
-        0x02b5cce,0x17ba4dd,0x0077e63 },
-      { 0x0d25c6d,0x0837670,0x173c2bf,0x1401745,0x1d90021,0x0dd9cc6,
-        0x15dc231,0x1f83604,0x0198ff8,0x1bf836c,0x0b35a01,0x1fe36fc,
-        0x1287d50,0x131d1ab,0x1d7815c,0x0b535de,0x092fa92,0x0df92bc,
-        0x0e743a5,0x1a7be0e,0x0111847 } },
-    /* 180 */
-    { { 0x0c82924,0x1ce63ff,0x15a54aa,0x134e441,0x1c76dd6,0x1778710,
-        0x09f7a81,0x0094c6a,0x0271839,0x19f28e1,0x001f22a,0x0bd4e2d,
-        0x06f4db3,0x1a47892,0x0fb7829,0x0c12b1e,0x0444115,0x178a49b,
-        0x1d2ce37,0x0b07a30,0x00f75f6 },
-      { 0x1927eb7,0x0c4f085,0x049e8e4,0x1385c5e,0x087c635,0x14b37a5,
-        0x108cdff,0x10a16e5,0x0105e55,0x015c1c1,0x10e7e44,0x000dcb1,
-        0x0963fee,0x0c8da99,0x014bb8e,0x1f2f67e,0x14ccbaf,0x03fadc2,
-        0x1e01418,0x1cbed8b,0x016a935 } },
-    /* 181 */
-    { { 0x1d88d38,0x101aaef,0x1d03c66,0x078a93b,0x155cd8e,0x080370a,
-        0x0a78c13,0x1cc644e,0x0fd0b0c,0x0b5b836,0x0ab4c7c,0x18126be,
-        0x1ff156d,0x1bd1efc,0x031484f,0x0bf6b66,0x092a55e,0x14f94e6,
-        0x0e16368,0x19fba85,0x0144a0e },
-      { 0x0658a92,0x08aefa9,0x185ad70,0x0f88502,0x1ce3ed1,0x0c9548d,
-        0x17dc1ff,0x12d4ab2,0x19cd5d8,0x11e45fe,0x11cac59,0x087eb52,
-        0x1d07763,0x1819f0d,0x19132a2,0x005f629,0x1861e5c,0x113d0e4,
-        0x113fecc,0x01e5899,0x01b5ece } },
-    /* 182 */
-    { { 0x1211943,0x13dd598,0x09705c4,0x0cad086,0x04a8cac,0x0afe1f2,
-        0x02e2361,0x14ba5fc,0x0ce91ee,0x1d5d586,0x11f4491,0x1b88f1d,
-        0x1a5d23d,0x066cff7,0x061b79c,0x0aecd47,0x0678265,0x11963dc,
-        0x1abb1fe,0x080317d,0x00873e5 },
-      { 0x18d17c1,0x1437959,0x103725b,0x18e3f40,0x1cbfbd0,0x024ce5c,
-        0x0ade7e2,0x017c223,0x0f71ec8,0x0a3e2e7,0x025a487,0x17828d9,
-        0x11acaa3,0x1e98b19,0x0487038,0x0ecb6bf,0x01ee768,0x018fd04,
-        0x07bfc9c,0x15fabe8,0x00fed5d } },
-    /* 183 */
-    { { 0x0da1348,0x085cea6,0x04ea2bc,0x044b860,0x10769fd,0x0be115d,
-        0x096c625,0x1888a15,0x1f5acf1,0x057eb63,0x1e00a57,0x02813fd,
-        0x1dcf71a,0x17044fa,0x080a7d7,0x05751c2,0x0fb0fbd,0x04ba954,
-        0x1dc32d6,0x044ebed,0x009061e },
-      { 0x1bda16a,0x125628f,0x0a8adc2,0x13e3bf4,0x19910e7,0x0a2fb7b,
-        0x184cb66,0x1df7459,0x0eb4ba4,0x086acd7,0x0b54f51,0x136697e,
-        0x086a8e0,0x131063d,0x0040813,0x18de8ec,0x03d0a53,0x131fc4a,
-        0x1fabd5a,0x123a330,0x013214c } },
-    /* 184 */
-    { { 0x10d66c3,0x1d89024,0x0813953,0x1141b90,0x0aed732,0x1a14a6f,
-        0x130e012,0x0cf7402,0x131ddc4,0x197d155,0x0bb444f,0x0bd5068,
-        0x0e70ff5,0x1181a70,0x0369cbc,0x1c78363,0x1bebd8a,0x156e186,
-        0x1a51680,0x17bede7,0x009c179 },
-      { 0x084c26f,0x09477ba,0x0ec51b2,0x03de55b,0x006b7db,0x0c6ed39,
-        0x1d520fd,0x16c110f,0x04bc7ed,0x0f27106,0x12bf73f,0x043b2eb,
-        0x00484d1,0x035f761,0x0d659c2,0x1b6cf8b,0x088a6d6,0x05abcd5,
-        0x0461d22,0x0db0fc8,0x001522c } },
-    /* 185 */
-    { { 0x071d4ae,0x083abe2,0x09d82a2,0x0a8743b,0x1ef4b1a,0x1380d0f,
-        0x0c609aa,0x1277125,0x059c65f,0x1a6a729,0x077cd6f,0x1253af1,
-        0x12923af,0x05bce1f,0x12d1b18,0x1e26079,0x0e7cf4c,0x04aac16,
-        0x15fc3b1,0x0103684,0x011c7da },
-      { 0x0eef274,0x03572cd,0x020fe4b,0x1e286f8,0x06c5bf4,0x1e4357f,
-        0x0c08f84,0x0c154e9,0x02a2253,0x10ed673,0x027e974,0x057044b,
-        0x0fb3d57,0x0fd3a58,0x128e45b,0x123527a,0x0dcb128,0x0f3b66c,
-        0x07d33ef,0x12347eb,0x019aa03 } },
-    /* 186 */
-    { { 0x03fc3f1,0x1d34f10,0x08a4152,0x16c420d,0x09168cc,0x0afd4f8,
-        0x01502ab,0x0df6103,0x0bff7ed,0x05c7907,0x052bf7b,0x0c317df,
-        0x1b2c80a,0x1855e8e,0x1763282,0x014f9c4,0x041028e,0x13af33d,
-        0x1ba56e6,0x0cc5bba,0x01b2dd7 },
-      { 0x089d7ee,0x1f93cf9,0x01721f7,0x13dd444,0x0d755d5,0x056d632,
-        0x1f55306,0x0335d61,0x17ec010,0x1462367,0x15c290e,0x1cfd691,
-        0x186fc90,0x0859cf7,0x1714f04,0x0b4412c,0x1cc3854,0x122abbb,
-        0x1f7408f,0x0861eea,0x016ea33 } },
-    /* 187 */
-    { { 0x1f53d2c,0x19ca487,0x06e7ea7,0x0d60069,0x0dc9159,0x0cbcb3c,
-        0x1405356,0x115e214,0x1a8a6b7,0x0eb96d5,0x05ec413,0x0a8116a,
-        0x00ef5de,0x1369cdf,0x0ae42f2,0x0fee028,0x1e9eda1,0x0657551,
-        0x1acc446,0x0d13ac0,0x016da01 },
-      { 0x06afff7,0x052b1fa,0x17cfa9b,0x14694bc,0x1945c7b,0x0cc7ec1,
-        0x19322aa,0x0bd83ff,0x0b63f53,0x15300a3,0x1427950,0x1111a3e,
-        0x1b50816,0x0fc6686,0x04636aa,0x0cee5a3,0x0bb78a3,0x13282f3,
-        0x131b719,0x0075033,0x01ef4ab } },
-    /* 188 */
-    { { 0x176d986,0x04e8a69,0x16c0182,0x0f45b86,0x10f4e07,0x1f96436,
-        0x1c2694f,0x1903822,0x1123c3f,0x17a5d22,0x15bf0bf,0x0b4e36c,
-        0x1b852cd,0x0ff7d45,0x1f1d224,0x016ef6a,0x03e4811,0x0c7829c,
-        0x0b1684a,0x0ba75aa,0x004c4b5 },
-      { 0x1827633,0x067f9f9,0x1a59444,0x0bc015f,0x086784d,0x16997d0,
-        0x1e208fa,0x10d9670,0x02b91cd,0x0e7a68b,0x0d8e28f,0x14b1cde,
-        0x02078b6,0x145bfea,0x1e4844b,0x107ce66,0x04dee56,0x1b4b202,
-        0x038a10c,0x08421e5,0x01223b8 } },
-    /* 189 */
-    { { 0x1ebeb27,0x054d4e1,0x03e1b0a,0x0a7deb2,0x17bcdcb,0x173f9be,
-        0x0b84536,0x193d114,0x0726ea7,0x19a9172,0x104e200,0x070d182,
-        0x1599d50,0x10b10ab,0x0c6bb29,0x0c9b0b3,0x1ebfcc5,0x138cfe7,
-        0x0bae38d,0x0ef5e23,0x00433a5 },
-      { 0x1eba922,0x1367037,0x1a4f0fc,0x1c8eb4a,0x1f6c83e,0x1f9bc72,
-        0x19d00a2,0x1e2fef2,0x0bdc3f6,0x152f1b4,0x1642bb4,0x14154dd,
-        0x153d034,0x0523e5e,0x070e931,0x0579076,0x06e4dce,0x1d27855,
-        0x132803a,0x0f5e86e,0x01c097c } },
-    /* 190 */
-    { { 0x1c28de7,0x1b8bc3c,0x0c3000d,0x1557386,0x017aa2a,0x1e30f5b,
-        0x060999a,0x0088610,0x14d78b5,0x05adae7,0x03f1cb8,0x0a5b30e,
-        0x05d76a7,0x0a05bde,0x11a27d7,0x1a07476,0x06787f2,0x0d4bfec,
-        0x158182a,0x0f6bddf,0x01c06ab },
-      { 0x1b71704,0x156d8ff,0x0ec7a67,0x16721fc,0x036e58b,0x078cd52,
-        0x0e0b2ad,0x1b9dd95,0x0e0f3d9,0x12496fd,0x02b44b6,0x097adc4,
-        0x022a0f5,0x1edde93,0x027e83d,0x1d6a95f,0x01ae8d2,0x06e6285,
-        0x1df41d6,0x13f02dd,0x00b7979 } },
-    /* 191 */
-    { { 0x04f98cc,0x0323108,0x1aba7b1,0x04e55db,0x0511592,0x110c37a,
-        0x0f741f9,0x16cf5d2,0x08d6d69,0x0be7013,0x0ea3cf4,0x0c11fa8,
-        0x17b5347,0x1e055bc,0x1fc704d,0x1323bd0,0x1a8139f,0x11dfacb,
-        0x151f835,0x0750b7c,0x008de29 },
-      { 0x0f668b1,0x156e9c7,0x1d90260,0x1ac2392,0x054e6b2,0x0ea131e,
-        0x1ac4870,0x0e679ce,0x0eff64e,0x09a5947,0x0584a8c,0x135850e,
-        0x14af71a,0x1d049ac,0x1222bca,0x011d063,0x112ba91,0x105b248,
-        0x13d0df6,0x178b8ab,0x01138fe } },
-    /* 192 */
-    { { 0x0a2daa2,0x052c4e2,0x0231fa7,0x18801ec,0x18ea703,0x0ba8818,
-        0x1416354,0x052df19,0x04abb6f,0x1249a39,0x05aad09,0x07c3285,
-        0x1d0be55,0x1628b2b,0x1e4e63e,0x01d5135,0x0ec4f88,0x0f1196f,
-        0x1ec786c,0x02ec3cc,0x01372f8 },
-      { 0x020f662,0x0a5e39d,0x1409440,0x1893db2,0x1fb7e77,0x15cb290,
-        0x025bed8,0x0fd13ea,0x1a2e8d3,0x132ce33,0x105c38e,0x144cb00,
-        0x140f2b2,0x0f6a851,0x1d3f39a,0x1801e2c,0x17efdc3,0x1d55229,
-        0x13a6764,0x077fb49,0x0198f3c } },
-    /* 193 */
-    { { 0x1614189,0x0fae6c0,0x07deeac,0x0a4964b,0x07d56c4,0x1da0af6,
-        0x092c917,0x1f38f75,0x07af6be,0x015e46e,0x123a08c,0x01c0e96,
-        0x1f91b77,0x0db68d8,0x04cdb82,0x0192e94,0x157e668,0x0942e09,
-        0x1f32d89,0x1970278,0x012d59b },
-      { 0x0019927,0x0c1da3e,0x156f76b,0x0ec61bf,0x010f266,0x102e91f,
-        0x1b168c7,0x0c02bb7,0x0456ac4,0x15372fd,0x12b208a,0x0a52487,
-        0x0946956,0x06e464f,0x07271fd,0x080cb8d,0x009e24a,0x1d6d93f,
-        0x1904c06,0x0f469d5,0x01ccdfa } },
-    /* 194 */
-    { { 0x1cb1a7d,0x14326ac,0x03b85da,0x06d5df7,0x0d864ca,0x11586c2,
-        0x0eb2c70,0x03a1dd0,0x1d980df,0x1405375,0x133b65f,0x1988ff2,
-        0x15f582a,0x1d39608,0x073448c,0x0f76f45,0x0a8c710,0x0670951,
-        0x1b6028c,0x1394ac9,0x0150022 },
-      { 0x11c180b,0x05d6a97,0x08425dd,0x11ae935,0x108be99,0x0de8dd6,
-        0x122ad5b,0x1352f18,0x00afbea,0x169f1f2,0x1717f1b,0x12f62a7,
-        0x108a8be,0x0df49f6,0x11fc256,0x0477b5b,0x1082cee,0x1469214,
-        0x109ca77,0x0a478db,0x0016417 } },
-    /* 195 */
-    { { 0x014a31e,0x16678b6,0x10b5d3b,0x0965bc7,0x088e253,0x1621e1a,
-        0x0d665f3,0x06df376,0x1916ac9,0x10822ce,0x1910010,0x18053ef,
-        0x0371d15,0x022a9ac,0x071f049,0x148cf19,0x08dec94,0x0e64baa,
-        0x059eeb6,0x0cf0306,0x014e4ca },
-      { 0x10312bf,0x1782ac6,0x19980ce,0x0aa82c3,0x1d1bf4f,0x00bc0ed,
-        0x1169fe9,0x1aa4b32,0x000eef1,0x1a4a6d4,0x0ee340c,0x1d80f38,
-        0x096c505,0x0e4fb73,0x0b86b78,0x01554e1,0x0c17683,0x0014478,
-        0x18a8183,0x19fc774,0x000c7f4 } },
-    /* 196 */
-    { { 0x17d6006,0x1a23e82,0x02c0362,0x0dfae39,0x18b976e,0x07a07a9,
-        0x180a6af,0x106bcef,0x0f103a7,0x1df71c3,0x1cb12c4,0x1840bc8,
-        0x1420a6a,0x18fe58c,0x0c117d8,0x17e9287,0x19fc00a,0x0f2ee0e,
-        0x1555ade,0x0178e14,0x01b528c },
-      { 0x08640b8,0x083f745,0x004aea7,0x07a1c68,0x0561102,0x1257449,
-        0x1956ef8,0x19b8f9c,0x0fa579d,0x1ac7292,0x0eff978,0x0e2a6ef,
-        0x0457ce2,0x1e04a3f,0x19471b0,0x0f04cc8,0x150f4a9,0x12fdec6,
-        0x0b87056,0x1ba51fc,0x008d6fc } },
-    /* 197 */
-    { { 0x07202c8,0x0517b2e,0x0362d59,0x04b4a96,0x1d63405,0x1a7dfab,
-        0x159c850,0x1470829,0x01d9830,0x08a10af,0x03ef860,0x11aabde,
-        0x1fc7a75,0x137abfc,0x01773e3,0x0d3a6ae,0x056d922,0x1aeea4d,
-        0x16d27e5,0x02baf57,0x00f18f0 },
-      { 0x0799ce6,0x188885a,0x1f6c1c4,0x1259796,0x15bbfb9,0x1d10f11,
-        0x0327fde,0x1fd83e0,0x1b18f49,0x04eb489,0x1e566c0,0x12a3579,
-        0x0e8da61,0x06a10a3,0x1a1c84c,0x047e21c,0x017ae5f,0x1aac194,
-        0x0b9ce1a,0x0b76d13,0x0143c9b } },
-    /* 198 */
-    { { 0x0c74424,0x1946da4,0x0bad08c,0x03a3396,0x12616e1,0x0b710b9,
-        0x064a903,0x0a5ca68,0x00cbdc7,0x0c1d4a6,0x0eec077,0x00a1ae6,
-        0x005c623,0x0dbd229,0x0358c69,0x023919a,0x0259a40,0x0e66e05,
-        0x11b9f35,0x022598c,0x01e622f },
-      { 0x01e4c4b,0x1714d1f,0x12291f5,0x113f62a,0x15f8253,0x09f18ce,
-        0x016d53f,0x0ccfc6e,0x00a08b9,0x02672cd,0x0fa36e3,0x13cfb19,
-        0x15bca74,0x17761eb,0x1125baa,0x0627b98,0x03a8a1a,0x00bee39,
-        0x13ae4d8,0x1feef51,0x01a5250 } },
-    /* 199 */
-    { { 0x029bd79,0x103937f,0x0cd2956,0x009f321,0x0574a81,0x0ab4c1b,
-        0x051b6ab,0x1ded20d,0x150d41f,0x12c055c,0x1dfd143,0x0a28dcd,
-        0x0abc75b,0x1879b8c,0x03325ef,0x0810ea1,0x0a4a563,0x028dd16,
-        0x1936244,0x0720efc,0x017275c },
-      { 0x17ca6bd,0x06657fb,0x17d7cdf,0x037b631,0x00a0df4,0x0f00fbf,
-        0x13fe006,0x0573e8d,0x0aa65d7,0x1279ea2,0x198fa6f,0x1158dc6,
-        0x0d7822d,0x1f7cedb,0x0dfe488,0x15354be,0x19dabe4,0x13f8569,
-        0x1a7322e,0x0af8e1e,0x0098a0a } },
-    /* 200 */
-    { { 0x0fd5286,0x0867a00,0x00f3671,0x0ae5496,0x1ea5b9d,0x0d739f0,
-        0x03e7814,0x049ebcc,0x0951b38,0x14da8a1,0x13599ff,0x05a13f6,
-        0x16b034b,0x16e2842,0x14dea03,0x0045c96,0x0128cb0,0x134f708,
-        0x09522bb,0x173cb8d,0x00ed7c8 },
-      { 0x133619b,0x003de6c,0x1865d18,0x1c573bf,0x0ce7668,0x1715170,
-        0x1574f31,0x05f53dd,0x17eebf3,0x0d0a7af,0x113d90d,0x131acf9,
-        0x0c75cb8,0x1c2860b,0x08617f1,0x1392d96,0x07645f7,0x004c3a5,
-        0x1f6d1d1,0x11f15c4,0x0139746 } },
-    /* 201 */
-    { { 0x08684f6,0x13456e4,0x16ff177,0x16c334f,0x1c1edaa,0x1d0c7ab,
-        0x05cd6c9,0x1d64b1a,0x18ecd89,0x13f3db2,0x07dfaac,0x138db0f,
-        0x1b3d888,0x13eadf7,0x1f725b5,0x1ae7951,0x0ae37ba,0x1e426c3,
-        0x1a395b5,0x1232ed9,0x01a4c7e },
-      { 0x119ffa6,0x0d2a031,0x0131400,0x18269d8,0x0cae64e,0x0092160,
-        0x0a5b355,0x1dc3ed3,0x0bf2cae,0x0d12cf7,0x1ba0167,0x0f18517,
-        0x0488e79,0x1c74487,0x1212fae,0x0ffb3d2,0x0d0fb22,0x0072923,
-        0x09758c6,0x054a94c,0x01b78be } },
-    /* 202 */
-    { { 0x072f13a,0x1aaa57a,0x0472888,0x0eae67d,0x1ac993b,0x00b4517,
-        0x1a7c25b,0x06a4d5f,0x14b1275,0x07f3b0e,0x01c329f,0x10e7cee,
-        0x1684301,0x03f3e6f,0x0daaab7,0x05da8cd,0x1eaa156,0x06d16ea,
-        0x07ebe36,0x145c007,0x0016a81 },
-      { 0x03de3bf,0x03ace27,0x022aa20,0x02a5e61,0x0c1e2e1,0x1f5d2d8,
-        0x1b66aa9,0x195965b,0x19f9c11,0x032eaa9,0x1170653,0x1b0f61b,
-        0x010ab9b,0x051fa5b,0x0be325b,0x0bf3fa6,0x1cc28cb,0x1a4c217,
-        0x0438877,0x1c4f997,0x00f431a } },
-    /* 203 */
-    { { 0x00ccd0a,0x10506b5,0x1554eca,0x04b3276,0x03eeec8,0x1339535,
-        0x01bf677,0x19f6269,0x00da05d,0x0ce28a4,0x061d363,0x089ace7,
-        0x09c4aa4,0x114d1ae,0x13cd6cb,0x0fd5bb3,0x15f8917,0x0eb5ecd,
-        0x0811c28,0x01eb3a5,0x01d69af },
-      { 0x07535fd,0x02263dd,0x1ce6cbe,0x1b5085f,0x05bd4c3,0x08cba5a,
-        0x127b7a5,0x1d8bfc2,0x1fd4453,0x0c174cb,0x0df039a,0x00bbcd8,
-        0x0aa63f7,0x0961f7b,0x0c3daa7,0x151ac13,0x1861776,0x05f6e9a,
-        0x17846de,0x1148d5d,0x0176404 } },
-    /* 204 */
-    { { 0x1a251d1,0x03772a8,0x17f691f,0x041a4f3,0x1ef4bf1,0x08c5145,
-        0x14e33b1,0x0dc985a,0x13880be,0x195bc43,0x06c82c6,0x1f1c37d,
-        0x1ec69cc,0x1bcb50c,0x077fab8,0x17bd5c8,0x1c9fb50,0x012b3b7,
-        0x0f86030,0x02b40a0,0x016a8b8 },
-      { 0x1f5ef65,0x042fb29,0x0414b28,0x12ef64a,0x01dfbbf,0x1a37f33,
-        0x01f8e8c,0x1df11d5,0x01b95f7,0x0eefef7,0x17abb09,0x1cd2b6c,
-        0x1b22074,0x0617011,0x01a6855,0x0776a23,0x17742e8,0x0c300da,
-        0x0a1df9f,0x08ca59f,0x0015146 } },
-    /* 205 */
-    { { 0x1fa58f1,0x029e42b,0x19c0942,0x1099498,0x158a4e6,0x00fa06d,
-        0x1b4286e,0x17a0f72,0x0558e8c,0x0328f08,0x0e233e9,0x08dc85c,
-        0x081a640,0x0221b04,0x0c354e5,0x11fa0a3,0x1b3e26b,0x1615f9a,
-        0x1c0b3f3,0x0f0e12a,0x00fd4ae },
-      { 0x153d498,0x0de14ef,0x1890f1e,0x1c226fe,0x0cf31c4,0x11e76fa,
-        0x015b05e,0x0bb276d,0x06cd911,0x030898e,0x03376c9,0x08a7245,
-        0x11ab30a,0x069015f,0x1dd5eda,0x10c25d2,0x07ce610,0x053336f,
-        0x1d809ad,0x01fcca9,0x0051c20 } },
-    /* 206 */
-    { { 0x1a2b4b5,0x1081e58,0x05a3aa5,0x1d08781,0x18dccbf,0x17fdadc,
-        0x01cb661,0x184d46e,0x0169d3a,0x1d03d79,0x0dc7c4b,0x1734ee2,
-        0x0f8bb85,0x13e14cf,0x18434d3,0x05df9d5,0x069e237,0x09ea5ee,
-        0x17615bc,0x1beebb1,0x0039378 },
-      { 0x07ff5d9,0x0817fef,0x0728c7a,0x0464b41,0x0e9a85d,0x0c97e68,
-        0x04e9bd0,0x167ae37,0x115b076,0x0952b9b,0x047473d,0x150cdce,
-        0x19d726a,0x1614940,0x186c77c,0x0bbcc16,0x15cc801,0x191272b,
-        0x02de791,0x1127c23,0x01dc68e } },
-    /* 207 */
-    { { 0x1feda73,0x127fcb7,0x0062de4,0x0d41b44,0x0709f40,0x0ac26ff,
-        0x083abe2,0x0806d1c,0x08355a0,0x04a8897,0x1df5f00,0x0a51fae,
-        0x08259d4,0x15fc796,0x1125594,0x0623761,0x12844c5,0x0bfb18c,
-        0x119b675,0x1a1c9f0,0x00d5698 },
-      { 0x15d204d,0x0b27d00,0x114f843,0x14dba21,0x1b626bf,0x14c64a3,
-        0x0398e9d,0x0ac10ff,0x105337a,0x12d32a3,0x11e0bd4,0x0489beb,
-        0x1f558e2,0x02afdd7,0x0a87906,0x0706091,0x18e47ee,0x1a47910,
-        0x0e118f4,0x0472b22,0x004df25 } },
-    /* 208 */
-    { { 0x0695310,0x07eb4ec,0x03a9dbd,0x1efd0ed,0x028eb09,0x0a99547,
-        0x0604b83,0x0f20738,0x0c572ac,0x0d33ba2,0x158a4f7,0x01c0f0b,
-        0x121f980,0x1ed3b5d,0x1f8a968,0x0e42e57,0x190a2bc,0x13768ad,
-        0x05e22a3,0x1cc37fa,0x004cd80 },
-      { 0x0730056,0x001b80b,0x150ee7d,0x1fb9da7,0x06f45fe,0x1283a12,
-        0x1d8f06a,0x0e615fa,0x0ff92ae,0x0f2e329,0x0818fc8,0x061a376,
-        0x006ef08,0x096912a,0x0c1bb30,0x0003830,0x13a1f15,0x0276ecd,
-        0x0331509,0x164b718,0x01f4e4e } },
-    /* 209 */
-    { { 0x1db5c18,0x0d38a50,0x1d33b58,0x1cecee0,0x1454e61,0x1b42ef4,
-        0x1ef95ef,0x1cbd2e1,0x1d2145b,0x10d8629,0x0697c88,0x1037dc9,
-        0x03b9318,0x0a588e8,0x0e46be8,0x0426e01,0x0493ec2,0x1e3577f,
-        0x098802b,0x0a9d28a,0x013c505 },
-      { 0x164c92e,0x022f3b9,0x03a350b,0x0ae6a43,0x0050026,0x09f9e2f,
-        0x1680a13,0x0d7a503,0x0dbf764,0x097c212,0x1cc13cc,0x1e5490b,
-        0x13e1a88,0x0893d28,0x0fd58c4,0x1c178b0,0x0c71a60,0x076bca8,
-        0x0dedc29,0x0abc209,0x00c6928 } },
-    /* 210 */
-    { { 0x04614e7,0x10c2e32,0x1092341,0x1c8e934,0x0e906ca,0x03f2941,
-        0x04ba896,0x19ab0a8,0x0d12857,0x1b1cc85,0x164ed4d,0x1ee174a,
-        0x06770c7,0x0eae952,0x13db713,0x1437585,0x0563b69,0x12b26d2,
-        0x01e2576,0x1efc283,0x01c8639 },
-      { 0x0589620,0x0b5817c,0x0150172,0x0683c88,0x0fe468a,0x15684e1,
-        0x1684425,0x1dd7e45,0x09c652a,0x039e14c,0x186e3ef,0x1f16a8f,
-        0x13cdef9,0x0bbedfb,0x1cde16a,0x0aa5ae0,0x1aa7e13,0x1854950,
-        0x08e4f4f,0x0c22807,0x015b227 } },
-    /* 211 */
-    { { 0x1bfaf32,0x0d3d80f,0x1486269,0x017ccc3,0x1c5a62d,0x11da26a,
-        0x03d7bd7,0x0c48f2e,0x1f43bbf,0x15000f6,0x0b9680f,0x050a4c1,
-        0x0ca8e74,0x134be31,0x0267af4,0x0ec87d7,0x1e6751a,0x11b5001,
-        0x081c969,0x0f18a37,0x00eaef1 },
-      { 0x1d51f28,0x1c74fcd,0x0112ab3,0x1750e24,0x19febbd,0x1e41b29,
-        0x0b4e96f,0x11f0f01,0x110e6f0,0x0451a66,0x06ac390,0x1421048,
-        0x018104c,0x0c53315,0x0f9c73a,0x091ad08,0x1142320,0x1cee742,
-        0x13cf461,0x14477c3,0x01fa5cb } },
-    /* 212 */
-    { { 0x173a15c,0x064e914,0x07ccbfa,0x1ba852f,0x06fec8d,0x157d9f3,
-        0x128e42d,0x044735e,0x0ab65ef,0x1d8f21b,0x17f36c2,0x003ccd8,
-        0x0b8f262,0x0d7a438,0x1ffa28d,0x09c4879,0x06f2bb4,0x132d714,
-        0x07745c8,0x1c5074a,0x0114da2 },
-      { 0x1e3d708,0x04d2b60,0x1e992a7,0x1e3961d,0x0fe62d3,0x143aa02,
-        0x0a6125f,0x1f5e0e0,0x13cea46,0x1c5beb5,0x01898c4,0x069d071,
-        0x0907806,0x18e1848,0x1a10a01,0x10c8e4f,0x1d7e583,0x1f857bc,
-        0x08da899,0x10cb056,0x0104c1b } },
-    /* 213 */
-    { { 0x126c894,0x184f6d2,0x148ccbf,0x002958f,0x15abf12,0x0c949a4,
-        0x13734f3,0x0ad6df2,0x092e6b5,0x1d57589,0x1b0c6ff,0x0dd4206,
-        0x0e19379,0x183ff99,0x148df9d,0x0cf7153,0x10d829d,0x1eb2d2d,
-        0x0ca4922,0x1b6aadb,0x01b348e },
-      { 0x0d46575,0x0fcd96f,0x0b3dbba,0x15ff4d3,0x096ca08,0x169be8a,
-        0x0ce87c5,0x003ab5d,0x1789e5d,0x1283ed8,0x1f31152,0x1c53904,
-        0x1705e2c,0x14b2733,0x0db9294,0x08de453,0x0ba4c0e,0x082b1d8,
-        0x0f11921,0x1848909,0x00a3e75 } },
-    /* 214 */
-    { { 0x0f6615d,0x1a3b7e9,0x06a43f2,0x11b31b5,0x0b7f9b7,0x1ef883a,
-        0x17c734a,0x063c5fb,0x09b956f,0x1ed1843,0x1bab7ca,0x05ef6b2,
-        0x18f3cca,0x1aad929,0x1027e2c,0x08db723,0x0f3c6c8,0x12379fb,
-        0x085190b,0x12731c5,0x01ff9bb },
-      { 0x17bd645,0x06a7ad0,0x1549446,0x17b7ada,0x17033ea,0x0684aba,
-        0x01bf1cd,0x06a00fd,0x15f53c4,0x065032f,0x1f74666,0x137ffa4,
-        0x0a9949d,0x14a968e,0x1138c11,0x02039bb,0x0fb81ac,0x1c2655a,
-        0x095ac01,0x00f3f29,0x000346d } },
-    /* 215 */
-    { { 0x0bfdedd,0x1c727d3,0x1be657a,0x1cf4e98,0x193a285,0x04d1294,
-        0x15344f4,0x0cf17ab,0x019a5f7,0x15085f3,0x0ecd03a,0x107c19d,
-        0x03d3db0,0x0edfbd4,0x0ce9e2c,0x047c38c,0x03ec30f,0x093325e,
-        0x1e820de,0x01f1e20,0x01c9663 },
-      { 0x0f86a80,0x065a5ef,0x06aeefd,0x107f04b,0x1fa4ec7,0x0a99640,
-        0x1d81182,0x125497e,0x08b909e,0x0ddbd66,0x010581c,0x062e2f1,
-        0x08ca1d7,0x050d5c9,0x1fc52fb,0x0ab4afe,0x16e5f84,0x0dff500,
-        0x1c87a26,0x18ed737,0x002d7b8 } },
-    /* 216 */
-    { { 0x19f8e7d,0x102b1a5,0x02a11a1,0x0ec7f8b,0x001176b,0x176b451,
-        0x169f8bf,0x121cf4b,0x0651831,0x033bb1f,0x1deb5b3,0x0205d26,
-        0x017d7d0,0x1b81919,0x1f11c81,0x16a0b99,0x031534b,0x0ab9f70,
-        0x1c689da,0x03df181,0x00f31bf },
-      { 0x0935667,0x1ae2586,0x0e2d8d7,0x120c1a5,0x14152c3,0x01d2ba3,
-        0x0b0b8df,0x19bdff5,0x00b72e0,0x0afe626,0x18091ff,0x1373e9e,
-        0x13b743f,0x1cf0b79,0x10b8d51,0x1df380b,0x0473074,0x1d111a6,
-        0x056ab38,0x05e4f29,0x0124409 } },
-    /* 217 */
-    { { 0x10f9170,0x0bc28d9,0x16c56ff,0x126ff9c,0x115aa1e,0x021bdcb,
-        0x157824a,0x0e79ffa,0x1c32f12,0x056692c,0x1878d22,0x19e4917,
-        0x0b5a145,0x1d2de31,0x0d02181,0x0de8c74,0x1151815,0x1b14b75,
-        0x1dd3870,0x1f5a324,0x01e7397 },
-      { 0x08225b5,0x1ccfa4e,0x1134d8b,0x128d6ef,0x13efce4,0x00f48d9,
-        0x1d4c215,0x1268a3b,0x038f3d6,0x1e96c9a,0x1ed5382,0x05adce4,
-        0x000b5de,0x1b116ca,0x164a709,0x1529685,0x12356f6,0x09b5673,
-        0x132bc81,0x0319abf,0x004464a } },
-    /* 218 */
-    { { 0x1a95d63,0x10555d5,0x11b636f,0x02f6966,0x12780c6,0x06c0a14,
-        0x1e18c38,0x098c861,0x0b56ef0,0x1adf015,0x18d8ce1,0x172af0b,
-        0x04c28fe,0x009649f,0x1005e57,0x10547aa,0x1c1e36f,0x144ffa8,
-        0x03babf5,0x11912a2,0x016b3c4 },
-      { 0x0f064be,0x03f5d6a,0x0a65e4a,0x0aa9d7b,0x1a77d55,0x1b93f50,
-        0x17bc988,0x18c8ce8,0x189f366,0x088fac8,0x15baf6a,0x0b9b8b3,
-        0x137e543,0x1a92690,0x0136ba9,0x1671a75,0x11c4395,0x0e3d8ee,
-        0x0a08f12,0x07ce083,0x001cca1 } },
-    /* 219 */
-    { { 0x14d64b0,0x0c30643,0x18318e6,0x042ca79,0x1375b09,0x108cc31,
-        0x00003aa,0x0ba2ce0,0x1621cd1,0x1633c84,0x1c37358,0x1bacefa,
-        0x0dbe1d7,0x182dea6,0x1c3c9c0,0x11e61df,0x021362f,0x003b763,
-        0x19116de,0x00902cf,0x01d8812 },
-      { 0x01f9758,0x04d070b,0x138a05d,0x1d4789f,0x060915f,0x0eec57f,
-        0x1390644,0x013ea6f,0x079a51a,0x11b5456,0x173e3bf,0x0968594,
-        0x1567fb5,0x12482bf,0x172b81f,0x096c837,0x0c5a424,0x1db8ff8,
-        0x0d81960,0x0b4a6c9,0x0106481 } },
-    /* 220 */
-    { { 0x139cc39,0x14e1f77,0x1b45e31,0x09f4c6a,0x1830456,0x17dcc84,
-        0x0d50904,0x14b7a78,0x179dbb2,0x0ea98e9,0x1d78f68,0x0311cfc,
-        0x114865f,0x0580a3d,0x0b13888,0x135605b,0x1ca33d2,0x1facf28,
-        0x1ec1d3b,0x09effc6,0x00f1c96 },
-      { 0x0301262,0x0605307,0x08b5c20,0x00a7214,0x1a45806,0x054814c,
-        0x1fe6b32,0x185b4ce,0x114c0f1,0x1d7482b,0x1b67df7,0x1e2cdcc,
-        0x043665f,0x03c2349,0x19b7631,0x060f990,0x18fc4cc,0x062d7f4,
-        0x02fd439,0x0774c7c,0x003960e } },
-    /* 221 */
-    { { 0x19ecdb3,0x0289b4a,0x06f869e,0x0ff3d2b,0x089af61,0x106e441,
-        0x0cae337,0x02aa28b,0x07c079e,0x1483858,0x089057f,0x09a6a1c,
-        0x02f77f0,0x1ac6b6a,0x0adcdc8,0x0c53567,0x1b9ba7b,0x08a7ea0,
-        0x1003f49,0x05b01ce,0x01937b3 },
-      { 0x147886f,0x006a6b8,0x072b976,0x02aed90,0x008ced6,0x138bddf,
-        0x01a4990,0x043c29d,0x0abb4bd,0x0e6f8cc,0x00c22e7,0x0c8cca6,
-        0x07658be,0x0cce8ce,0x1c64b6b,0x1624df7,0x1b3304a,0x0aad1e8,
-        0x089378c,0x1e97cbf,0x000e943 } },
-    /* 222 */
-    { { 0x1e9ea48,0x1202c3f,0x121b150,0x0ac36ae,0x0f24f82,0x18cba05,
-        0x104f1e1,0x09b3a58,0x170eb87,0x1d4df3c,0x0e8ea89,0x11c16c5,
-        0x0c43fef,0x160df85,0x08fca18,0x061c214,0x0f34af1,0x1a8e13b,
-        0x19573af,0x1a3d355,0x0185f6c },
-      { 0x0369093,0x17d3fa0,0x1828937,0x0cb0b03,0x11f1d9d,0x0976cf0,
-        0x0fccf94,0x12d3201,0x1ed1208,0x1c5422c,0x0f0e66f,0x0abd16e,
-        0x1e83245,0x07b7aa7,0x08c15a6,0x046aaa9,0x1a53c25,0x0954eb6,
-        0x0824ecc,0x0df2085,0x016ae6a } },
-    /* 223 */
-    { { 0x12cdd35,0x091e48a,0x1bc6cb8,0x110c805,0x0e6e43a,0x072dead,
-        0x1c37ee7,0x0291257,0x0758049,0x0565c25,0x0bbb0ad,0x0bffea0,
-        0x0e8c7f5,0x1519f7a,0x029ee4e,0x0400339,0x157fd9d,0x1835881,
-        0x0e8ef3a,0x033fe01,0x00273e3 },
-      { 0x1e360a3,0x017bbd5,0x129860b,0x095bfdf,0x17ef5c8,0x05b7e62,
-        0x0329994,0x005349e,0x0aaf0b2,0x1a7c72b,0x1bc558f,0x1141449,
-        0x135c850,0x0f522f8,0x1d8bf64,0x0db7db1,0x1a02803,0x1f96491,
-        0x093440e,0x1949803,0x018a4a9 } },
-    /* 224 */
-    { { 0x048e339,0x1dbcc2a,0x05d8a8f,0x1e31473,0x1e8770c,0x148b866,
-        0x15d35e9,0x15822c0,0x12b6067,0x1d82e2c,0x04e2ad2,0x1b61090,
-        0x14de0d2,0x0484f3c,0x076ae49,0x02bee29,0x0b67903,0x041d19b,
-        0x0cd6896,0x00e9b34,0x013ccd9 },
-      { 0x01b784d,0x0e2f056,0x0b87a0e,0x0ddca4f,0x0b65c8c,0x0447605,
-        0x1851a87,0x0b1a790,0x046c1bf,0x100fbc8,0x0940a88,0x0c4e7fb,
-        0x0571cec,0x112dc83,0x0fe23ac,0x1bf9bfe,0x098c556,0x0360f86,
-        0x013e973,0x0445549,0x00acaa3 } },
-    /* 225 */
-    { { 0x1b4dfd6,0x1a5e1e4,0x0a4c5f9,0x07f1cec,0x05ba805,0x061a901,
-        0x1701676,0x168060f,0x0b85a20,0x0481b66,0x1c4d647,0x1e14470,
-        0x0ef2c63,0x054afda,0x0676763,0x18d8c35,0x1399850,0x01ebe27,
-        0x00a659a,0x12d392d,0x0169162 },
-      { 0x163ee53,0x1e133e5,0x0d4df44,0x02ebd58,0x07b12e6,0x0d5fe53,
-        0x0684464,0x13f666d,0x1ee1af6,0x168324e,0x10479d6,0x1e0023b,
-        0x054d7a6,0x0dcfcbb,0x1c0c2e3,0x0266501,0x1a3f0ab,0x1510000,
-        0x0763318,0x1931a47,0x0194e17 } },
-    /* 226 */
-    { { 0x18fe898,0x0c05a0e,0x14d1c83,0x0e64308,0x0d7a28b,0x190ba04,
-        0x10e1413,0x15fe3e7,0x1166aa6,0x09c0e6a,0x1838d57,0x010998a,
-        0x0d9cde6,0x0f30f16,0x0107c29,0x12a3596,0x0f5d9b4,0x031088b,
-        0x1b8ab0b,0x1c2da6f,0x00c4509 },
-      { 0x06fd79e,0x1106216,0x0c3ae0a,0x1c75ef1,0x15b7ee4,0x0c0ce54,
-        0x18f06eb,0x0d27b36,0x0985525,0x06b3a6f,0x06743c4,0x0965f38,
-        0x0917de6,0x03e2f35,0x0feaebd,0x1b6df40,0x0ad2ce2,0x142c5e2,
-        0x1f27463,0x0470143,0x00c976c } },
-    /* 227 */
-    { { 0x064f114,0x18f7c58,0x1d32445,0x0a9e5e1,0x03cb156,0x19315bc,
-        0x161515e,0x0d860a4,0x10f3493,0x1463380,0x107fb51,0x05fd334,
-        0x09ef26d,0x13fbfb5,0x168899e,0x1f837ed,0x0dba01b,0x012b1dc,
-        0x0d03b50,0x06d90b8,0x000e14b },
-      { 0x1db67e6,0x1f13212,0x017d795,0x12fe5d2,0x05df4e8,0x1621344,
-        0x1945009,0x126f065,0x03e8750,0x095f131,0x0e1a44c,0x17b078a,
-        0x1d856b5,0x0ab9a7c,0x072b956,0x090c2b6,0x1e2d5aa,0x02d03df,
-        0x1a2aed6,0x192de19,0x01d07a4 } },
-    /* 228 */
-    { { 0x03aa2e9,0x0a682a9,0x0181efd,0x19da7a1,0x08841e0,0x0dfdb4e,
-        0x1db89fe,0x10aad07,0x0162bdf,0x0583fa2,0x0373277,0x10720f6,
-        0x0e62d17,0x12bd29b,0x12ee2ad,0x0fa7945,0x0d27cf4,0x04c5cd0,
-        0x1ba98dc,0x0a9ad0b,0x01f2ff1 },
-      { 0x0b232ac,0x1bb452b,0x0aad5a2,0x0c7e54a,0x0e8d6e3,0x1bfe302,
-        0x1e85a20,0x12375d0,0x1d10a76,0x1e2c541,0x157efba,0x15e1f28,
-        0x0ead5e4,0x1eb2a71,0x0835b0d,0x104aa34,0x0b9da7c,0x0c6207e,
-        0x0366e4c,0x1679aec,0x00b26d7 } },
-    /* 229 */
-    { { 0x12eaf45,0x0861f5d,0x04bdec2,0x18c5ff7,0x0d24d91,0x1b791ef,
-        0x0fa929c,0x1c77e54,0x16ff0fd,0x0dccf5e,0x040bd6d,0x0abb942,
-        0x08bca2b,0x03f0195,0x080f360,0x02f51ec,0x048a8bf,0x0aa085a,
-        0x077156c,0x0cc14fc,0x0109b86 },
-      { 0x0a2fbd8,0x058ed01,0x0296c52,0x167645d,0x1ed85e8,0x095a84f,
-        0x083921c,0x02c26f1,0x0c6a3e5,0x02b00a4,0x0ed40da,0x04382c6,
-        0x1171009,0x12a8938,0x049450c,0x0208f27,0x1d207d3,0x1bda498,
-        0x150b82e,0x1ce4570,0x00ea623 } },
-    /* 230 */
-    { { 0x0972688,0x011e992,0x1d88212,0x04007ea,0x18b83c1,0x06a2942,
-        0x19a41b4,0x0fc329a,0x02c6f74,0x010cac2,0x1b626a1,0x05d2028,
-        0x02c8f8a,0x1a28dde,0x1b0779d,0x109f453,0x0b8f7f2,0x1fb115b,
-        0x0dc7913,0x03b7d2f,0x006083f },
-      { 0x19dd56b,0x04999cc,0x17a6659,0x152f48f,0x0cfac0b,0x147d901,
-        0x162baef,0x194ccc1,0x0f61d7b,0x1e14eec,0x1705351,0x0a3b0b5,
-        0x1c6f5fb,0x07cfea0,0x16b1e21,0x07cd9cc,0x1d4ff51,0x10e734e,
-        0x1f9674f,0x1cb23df,0x00231ac } },
-    /* 231 */
-    { { 0x1fda771,0x1d21c54,0x0038b99,0x190cc62,0x026f652,0x19f91db,
-        0x0792384,0x03fbf63,0x0035d2d,0x0cfc479,0x0fa1e16,0x02251a2,
-        0x071723a,0x1da8e70,0x02a8a4b,0x1750512,0x10ebbd9,0x072f9d3,
-        0x1d1452d,0x104ce66,0x0155dde },
-      { 0x0f59a95,0x15bbf6b,0x108022c,0x0604040,0x13f853e,0x163bcbc,
-        0x0ab07ae,0x0eca44a,0x1b56b66,0x166e5cc,0x0a9401b,0x13f32e4,
-        0x104abdb,0x02715d6,0x0843cfc,0x1ba9a4c,0x0ff3034,0x08652d0,
-        0x0b02e03,0x1b0101b,0x0041333 } },
-    /* 232 */
-    { { 0x1a85a06,0x083849a,0x0d13a14,0x0c85de3,0x0e166e7,0x1d9d36a,
-        0x02dc681,0x0d50952,0x030329e,0x16eb600,0x1549675,0x14ca7aa,
-        0x1e20c4b,0x17c5682,0x0ec9abd,0x1999bdc,0x1412ab4,0x01071ea,
-        0x0501909,0x1312695,0x01bd797 },
-      { 0x00c7ff0,0x0e8c247,0x0d03ca8,0x192a876,0x1ae85ef,0x0e98c5d,
-        0x0c6bbd4,0x14dd2c8,0x075878f,0x0e9f6a7,0x057d4b9,0x13b7851,
-        0x1c4d2a2,0x0f88833,0x1c9e1dc,0x09dca75,0x1649e7f,0x13666f4,
-        0x15b5d36,0x111b434,0x0192351 } },
-    /* 233 */
-    { { 0x1d310ed,0x1909001,0x0c46c20,0x1930f60,0x120ee8c,0x02ac546,
-        0x0749a13,0x1913ca9,0x0b7167e,0x112f9e7,0x156ed57,0x09e897e,
-        0x17acf11,0x030e480,0x07b71dc,0x0878103,0x0e6deb3,0x0bacd22,
-        0x1326d7b,0x1f3efc0,0x007858d },
-      { 0x1f13222,0x03f5d9d,0x08453e9,0x1bd40fb,0x1e451dc,0x0c12178,
-        0x1eb0f03,0x03c37d3,0x136eb87,0x192bea6,0x0c64364,0x0eb57d4,
-        0x13f49e7,0x075f159,0x1b4647d,0x0012c80,0x13c0c11,0x033d562,
-        0x0e06b1e,0x0b9f17a,0x01f4521 } },
-    /* 234 */
-    { { 0x0493b79,0x145477d,0x0ab0e1f,0x169d638,0x120e270,0x1911905,
-        0x0fe827f,0x07b3e72,0x0a91c39,0x170dd57,0x0a36597,0x0c34271,
-        0x04deda9,0x0bdea87,0x0ac8e32,0x191c0d3,0x08a2363,0x17fb46a,
-        0x1931305,0x1c01cb9,0x0158af8 },
-      { 0x1c509a1,0x0e78367,0x01d5b33,0x1f84d98,0x00f411e,0x0e2bf83,
-        0x17f5936,0x158da19,0x132e99c,0x0a8a429,0x1a5442a,0x167b171,
-        0x1d58f9a,0x1886e1f,0x1a61c26,0x06a134f,0x03d75ef,0x1c1c842,
-        0x0a4c4b1,0x1993a0b,0x01b628c } },
-    /* 235 */
-    { { 0x141463f,0x1a78071,0x1e80764,0x1c2a1b4,0x14c8a6c,0x04aa9f8,
-        0x183f104,0x123b690,0x0a93f4a,0x11def2d,0x16019f0,0x0f0e59a,
-        0x009f47c,0x0219ee4,0x0cc0152,0x054fa3a,0x1f975a3,0x08605f3,
-        0x031d76a,0x0eefab1,0x012e08b },
-      { 0x1a10d37,0x0940bb0,0x16977f0,0x02b8a1e,0x0d7b618,0x03be307,
-        0x0576de5,0x016515f,0x133c531,0x05515bb,0x06099e8,0x1570a62,
-        0x1f905fa,0x15a0cac,0x03a6059,0x0ef09e8,0x05216b3,0x04e65a1,
-        0x0619ab3,0x0baef8d,0x00c5683 } },
-    /* 236 */
-    { { 0x1450a66,0x18a6595,0x1053a75,0x18fb7fb,0x1318885,0x1350600,
-        0x03616d1,0x14ccab5,0x15bdfc1,0x1510f4c,0x1e4b440,0x1931cce,
-        0x177a0d7,0x1aa853c,0x006ed5e,0x1a66e54,0x0335d74,0x0a16231,
-        0x036b525,0x09c3811,0x008b7be },
-      { 0x1812273,0x1d81fca,0x15fc61c,0x05dc7ee,0x0e26ed3,0x1310bd1,
-        0x03ab9b6,0x09e58e2,0x0261d9f,0x1a85aba,0x0768b66,0x1f536f8,
-        0x0743971,0x02542ef,0x113ee1f,0x026f645,0x051ec22,0x17b961a,
-        0x1ee8649,0x0acd18e,0x0173134 } },
-    /* 237 */
-    { { 0x03ba183,0x1463d45,0x1e9cf8f,0x17fc713,0x0e8cebb,0x0dd307a,
-        0x11a1c3e,0x1071d48,0x1cb601a,0x08bb71a,0x14b6d15,0x184c25c,
-        0x11f90bd,0x07b895f,0x1e79166,0x0a99b2b,0x00fbea0,0x1cde990,
-        0x157f502,0x0337edb,0x017a2cf },
-      { 0x0736feb,0x1b65133,0x18bdc73,0x13bcf9f,0x1de86f4,0x1482b1d,
-        0x0f3a3f0,0x09f8c15,0x0726b6e,0x17451e7,0x048d6ea,0x088a7e5,
-        0x1ed2382,0x1287fd2,0x0d55fd5,0x1ee8949,0x054113e,0x150a29f,
-        0x1909b74,0x0ed4a67,0x01b07c6 } },
-    /* 238 */
-    { { 0x1d96872,0x101f91a,0x032bd79,0x187f4b7,0x0b1a23c,0x046e2fd,
-        0x01c6fa6,0x17aa8b3,0x1d430c0,0x1974244,0x16730f8,0x13c0ec9,
-        0x0d7ec26,0x1960620,0x08e084b,0x10769ee,0x183887b,0x096ca30,
-        0x1c62904,0x1f4ce25,0x0010281 },
-      { 0x0858b37,0x00247b2,0x176600a,0x1e6afbc,0x00e149a,0x0f5d8c7,
-        0x01e4586,0x1416443,0x19f2b0b,0x0810059,0x072eb88,0x15cc207,
-        0x1d5a87e,0x1cabce8,0x1f7376c,0x0a2bc9d,0x0aa2788,0x10d9c47,
-        0x0061e2a,0x0a58799,0x002c1a5 } },
-    /* 239 */
-    { { 0x0a723dc,0x1fa8007,0x08c5eb1,0x088562a,0x0a5f04f,0x042e430,
-        0x05116fa,0x004c7a9,0x1ff1197,0x0fccc9f,0x1633a98,0x08b9898,
-        0x16c3fba,0x1ce6b01,0x145479a,0x04777cd,0x11557b9,0x13ad1d5,
-        0x1acbf51,0x00f8a59,0x01474ec },
-      { 0x188239d,0x11e9976,0x1a5311a,0x0d06b5c,0x0d1b8ae,0x1759738,
-        0x18c967f,0x16be9fb,0x043bc0b,0x11dfb8e,0x0a9c148,0x016f1ec,
-        0x053cd22,0x0ff3ccd,0x092183a,0x0ff2644,0x10324ab,0x1ec2ac3,
-        0x1652562,0x1ee6616,0x010f8e0 } },
-    /* 240 */
-    { { 0x067d520,0x0e3dd9e,0x07b2bcd,0x1647f95,0x18f4958,0x1d54046,
-        0x1c6522e,0x15c0ef1,0x02135e8,0x0c61867,0x03bfdd0,0x1353911,
-        0x0bcdd8d,0x1b98a25,0x01d77c3,0x14a68e4,0x0954506,0x0daa4e4,
-        0x1eedff1,0x0712f2b,0x011c4ef },
-      { 0x1f5e698,0x164d621,0x18e8ff8,0x19c714b,0x0e77fcb,0x04e170e,
-        0x12438c2,0x002da0b,0x1ac1d58,0x13a79ff,0x0e74a96,0x0440703,
-        0x0baeeda,0x1af9cb0,0x162c50f,0x1577db2,0x0510db7,0x032ffe8,
-        0x0816dc6,0x0fcd00f,0x00ce8e9 } },
-    /* 241 */
-    { { 0x0e86a83,0x0f30dc6,0x0580894,0x1f7efce,0x0604159,0x1819bbc,
-        0x1f75d23,0x085f824,0x1450522,0x1e5961b,0x1a826e1,0x01e9269,
-        0x01bd495,0x0233ca2,0x11b100f,0x082d4a2,0x11023ba,0x0f456a3,
-        0x1d8e3ac,0x1034c15,0x01b389b },
-      { 0x0150c69,0x0c9a774,0x12f39a6,0x11c4f82,0x14f7590,0x00ca7fb,
-        0x0a245a8,0x0ecbb81,0x01bd51b,0x07a4e99,0x1e58c0e,0x00bc30e,
-        0x086bc33,0x1e9da53,0x0bcfeff,0x1e313fc,0x177d7ca,0x18a04d9,
-        0x0e3c426,0x1d42773,0x01b3029 } },
-    /* 242 */
-    { { 0x1a2fd88,0x09c6912,0x180fbde,0x199d740,0x090f2f7,0x136ffa4,
-        0x072035e,0x10c987c,0x02883f9,0x063c79b,0x194c140,0x0b25331,
-        0x13ed92b,0x192eee3,0x02a3c6c,0x0e11403,0x187d5d3,0x1b6ffec,
-        0x147ca2e,0x06aa9e1,0x0059dcd },
-      { 0x1a74e7d,0x1720e91,0x17d85f1,0x1cbb665,0x14b61eb,0x1ffd05c,
-        0x1fe9e79,0x01a785f,0x12ebb7a,0x19b315b,0x17e70d1,0x0bdc035,
-        0x04a8641,0x0a33c93,0x00b0c99,0x138ae2a,0x1492fa0,0x10b4889,
-        0x11d2421,0x1e69544,0x0195897 } },
-    /* 243 */
-    { { 0x1adc253,0x0e9acd5,0x0579211,0x198f2f9,0x0054b92,0x10c1097,
-        0x0d6f668,0x04e4553,0x0a52b88,0x1dc052f,0x0719da6,0x0f1c5cc,
-        0x13ea38e,0x04587c5,0x09d2c68,0x10a99f6,0x0e3db9d,0x1db5521,
-        0x1804b5c,0x044a46a,0x01638ba },
-      { 0x1c8c576,0x00737ba,0x1749f3b,0x19c978f,0x0bb20e7,0x0c03935,
-        0x08321a7,0x16e12b1,0x08a023e,0x0846335,0x042c56a,0x01d4ec2,
-        0x06ca9f5,0x0c37b0d,0x0326650,0x0d3b0cd,0x0ed2a0a,0x1ceef91,
-        0x0fe2843,0x1c312f7,0x01e0bfe } },
-    /* 244 */
-    { { 0x0319e4f,0x0340c24,0x1e809b6,0x0ab4b0d,0x0be6f6b,0x189932b,
-        0x1621899,0x1f57deb,0x198529c,0x0129562,0x0a73eeb,0x0be2c56,
-        0x0de7cc4,0x11531ac,0x0141826,0x158e1dc,0x0a42940,0x07be5ce,
-        0x0216c7c,0x0955d95,0x01adfb4 },
-      { 0x198678e,0x1d49b73,0x10e19ad,0x0732a80,0x0a01e10,0x14305be,
-        0x078de05,0x0afe492,0x1b745d8,0x17fea41,0x017b5bb,0x0c5148e,
-        0x175dbb3,0x1952e87,0x15a3526,0x1fdc6af,0x09a2389,0x168d429,
-        0x09ff5a1,0x184a923,0x01addbb } },
-    /* 245 */
-    { { 0x09686a3,0x05d104b,0x0fd7843,0x0bc780a,0x108b1c5,0x1a38811,
-        0x0c4d09b,0x0702e25,0x1490330,0x1c8b2d8,0x0549ec7,0x002e5a0,
-        0x0245b72,0x154d1a7,0x13d991e,0x06b90df,0x194b0be,0x128faa5,
-        0x08578e0,0x16454ab,0x00e3fcc },
-      { 0x14dc0be,0x0f2762d,0x1712a9c,0x11b639a,0x1b13624,0x170803d,
-        0x1fd0c11,0x147e6d7,0x1da9c99,0x134036b,0x06f1416,0x0ddd069,
-        0x109cbfc,0x109f042,0x01c79cf,0x091824d,0x02767f4,0x0af3551,
-        0x169eebe,0x0ef0f85,0x01b9ba7 } },
-    /* 246 */
-    { { 0x1a73375,0x12c7762,0x10e06af,0x1af5158,0x175df69,0x0541ad0,
-        0x0542b3b,0x01e59e6,0x1f507d3,0x03d8304,0x0c1092e,0x14578c1,
-        0x0c9ae53,0x0087c87,0x0c78609,0x1137692,0x10fadd6,0x122963e,
-        0x1d8c6a3,0x0a69228,0x0013ab4 },
-      { 0x084f3af,0x0ec2b46,0x0cfabcb,0x043755c,0x029dc09,0x0b58384,
-        0x0aa162e,0x02c8ca8,0x0e8a825,0x11306a0,0x14c8ad0,0x1b58b86,
-        0x12b9e5e,0x1cf6d06,0x09e5580,0x1721579,0x1c6b962,0x1435e83,
-        0x07b14c0,0x05b58f6,0x010a2e2 } },
-    /* 247 */
-    { { 0x19d8f0a,0x1e04e91,0x0085997,0x1957142,0x12b2e03,0x19a3bdc,
-        0x05da005,0x009c86d,0x18e3616,0x19c76cf,0x0186faa,0x123b3d6,
-        0x1079b00,0x1f422b3,0x1089950,0x145c19a,0x0c72fe1,0x1d07bbf,
-        0x18280c3,0x0842c4e,0x00931d2 },
-      { 0x0646bc3,0x1c1a67c,0x1be7ea7,0x04815d2,0x1df94a5,0x08bbe8b,
-        0x0e240de,0x19b2038,0x0ffeb66,0x0fe8322,0x0491967,0x05d8ef7,
-        0x0f81aec,0x06cc0ea,0x1cedfcb,0x161265b,0x169f377,0x1e4de1f,
-        0x1616762,0x1e69e7b,0x0125dae } },
-    /* 248 */
-    { { 0x0c123bc,0x0228dd1,0x0952b02,0x101031f,0x11e83a6,0x0abdc56,
-        0x15c0a62,0x02cadba,0x0f0f12f,0x03f971a,0x1e85373,0x1866153,
-        0x0c1f6a9,0x197f3c1,0x1268aee,0x0a9bbdf,0x097709f,0x1e98ce3,
-        0x1918294,0x047197a,0x01dc0b8 },
-      { 0x0dfb6f6,0x09480a2,0x149bd92,0x08dc803,0x070d7cb,0x09bd6c1,
-        0x0903921,0x1b234e1,0x170d8db,0x06b30da,0x03562e1,0x0475e2e,
-        0x12ca272,0x11a270e,0x0d33c51,0x1c3f5dd,0x095ab9d,0x1912afe,
-        0x0f717a9,0x1c2215b,0x01f8cd6 } },
-    /* 249 */
-    { { 0x0b8a0a7,0x1e35cbc,0x17a8a95,0x0dd067d,0x04b4aeb,0x089ff39,
-        0x05f052f,0x1c93c8c,0x0fc2e8e,0x00c3444,0x11fbbf1,0x1493f62,
-        0x1b8d398,0x1733167,0x1c647c4,0x145d9d3,0x089958b,0x0b0c391,
-        0x02e3543,0x1a1e360,0x002dbd6 },
-      { 0x0c93cc9,0x07eff12,0x039e257,0x0173ce3,0x09ed778,0x1d7bf59,
-        0x0e960e2,0x0d20391,0x04ddcbf,0x1129c3f,0x035aec0,0x017f430,
-        0x0264b25,0x04a3e3e,0x1a39523,0x1e79ada,0x0329923,0x14153db,
-        0x1440f34,0x006c265,0x000fb8f } },
-    /* 250 */
-    { { 0x0d9d494,0x059f846,0x07ce066,0x1329e9f,0x1b2065b,0x19c7d4c,
-        0x08880f1,0x196ecc9,0x0d8d229,0x0cfa60a,0x1152cc6,0x0b898a3,
-        0x12ddad7,0x0909d19,0x0cb382f,0x0f65f34,0x085888c,0x179d108,
-        0x0c7fc82,0x1f46c4b,0x00d16de },
-      { 0x1a296eb,0x002a40c,0x0c4d138,0x0ba3522,0x1d94ff1,0x1522a78,
-        0x0b4affa,0x0ffafbd,0x14d40bd,0x132d401,0x0692beb,0x08fc300,
-        0x17604f1,0x12f06f3,0x0c123e6,0x0594130,0x0a5ff57,0x1d1d8ce,
-        0x0087445,0x0fb74e3,0x00e0a23 } },
-    /* 251 */
-    { { 0x1630ee8,0x15fc248,0x0c07b6e,0x040bd6a,0x1e6589c,0x08fa3de,
-        0x0acb681,0x1033efa,0x0212bbe,0x1554fcb,0x048492b,0x1abd285,
-        0x1bdced3,0x1a21af2,0x07d6e27,0x1ecded2,0x0339411,0x10cb026,
-        0x0d5bc36,0x1813948,0x00e6b7f },
-      { 0x14f811c,0x07209fb,0x176c4a5,0x03bf1b1,0x1a42d83,0x1a0c648,
-        0x1c85e58,0x1d84fea,0x088ebcd,0x1ef290c,0x016f257,0x00ddd46,
-        0x01fdd5e,0x163345b,0x0798222,0x030c3da,0x016eb81,0x0199d78,
-        0x17773af,0x16325a2,0x01c95ec } },
-    /* 252 */
-    { { 0x0bde442,0x19bd1f0,0x1cfa49e,0x10cdef4,0x00543fe,0x0886177,
-        0x074823b,0x065a61b,0x1a6617a,0x1bce1a0,0x173e2eb,0x10e1a3a,
-        0x0be7367,0x11d5e7c,0x14373a7,0x0bcf605,0x0dd772b,0x0ff11e9,
-        0x1ff1c31,0x19dd403,0x010b29f },
-      { 0x0d803ff,0x05726b1,0x1aa4c6f,0x1fb7860,0x13ee913,0x0083314,
-        0x19eaf63,0x0b15e3b,0x0e7a6d6,0x042bc15,0x1d381b5,0x125c205,
-        0x0691265,0x09b7d7f,0x08c49fc,0x0242723,0x0408837,0x0235c9a,
-        0x0c7858d,0x1687014,0x00ba53b } },
-    /* 253 */
-    { { 0x05636b0,0x08bfe65,0x171d8b9,0x02d5742,0x0296e02,0x173d96a,
-        0x1f5f084,0x108b551,0x15717ad,0x08be736,0x0bcd5e5,0x10b7316,
-        0x1ce762b,0x0facd83,0x1e65ad7,0x1ede085,0x0bbf37e,0x0f9b995,
-        0x150ad22,0x028bd48,0x015da5d },
-      { 0x07f6e3f,0x1e2af55,0x16f079d,0x0f54940,0x1f4d99a,0x0141139,
-        0x1f5dd16,0x1f74ada,0x177b748,0x1844afd,0x07d7476,0x199c0c5,
-        0x1b1c484,0x1acc01f,0x0c72428,0x171a1eb,0x1291720,0x121d627,
-        0x0ab04fc,0x017fd0e,0x00e98c1 } },
-    /* 254 */
-    { { 0x06c4fd6,0x023c2e0,0x0e76747,0x0ba4b85,0x1f4b902,0x0c17925,
-        0x17ac752,0x0560826,0x0ba4fef,0x159f6e1,0x181eace,0x073f31b,
-        0x1d55a52,0x04b7a5b,0x1f126ac,0x1902bab,0x1603844,0x1e28514,
-        0x159daca,0x0291a02,0x0047db1 },
-      { 0x0f3bad9,0x1ce6288,0x0753127,0x1804520,0x090888f,0x1da26fa,
-        0x157af11,0x0d122f4,0x0f39f2b,0x05975e3,0x0658a88,0x075e09d,
-        0x170c58e,0x0b9eead,0x0adf06d,0x1eed8a5,0x1d6a329,0x195aa56,
-        0x0bd328e,0x15a3d70,0x010859d } },
-    /* 255 */
-    { { 0x182d1ad,0x0209450,0x111598b,0x1c4122d,0x1751796,0x140b23b,
-        0x109cae9,0x1834ee0,0x0b92c85,0x164587d,0x0cb81fe,0x05bf5df,
-        0x0d207ab,0x1c30d99,0x0d4c281,0x1a28b8e,0x16588ae,0x0b1edf6,
-        0x094e927,0x179b941,0x00bd547 },
-      { 0x1056b51,0x09c17c3,0x044a9f0,0x16261f3,0x03d91ed,0x002da16,
-        0x1791b4e,0x12bef8f,0x1fd31a9,0x0b080f5,0x1ee2a91,0x05699a7,
-        0x0e1efd2,0x0f58bde,0x0e477de,0x01865fc,0x0c6616c,0x05a6a60,
-        0x046fbbd,0x00477ce,0x011219f } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_21(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_21(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 21);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 21, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 21, km);
-
-            err = sp_521_ecc_mulmod_base_21(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_21(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 21 + 21 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 21 + 21 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 21;
-
-        sp_521_from_mp(k, 21, km);
-        sp_521_point_from_ecc_point_21(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_21(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_21(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_21(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_21(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_21(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_21(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_21(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_add_one_21(sp_digit* a)
-{
-    a[0]++;
-    sp_521_norm_21(a);
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 17U) {
-            r[j] &= 0x1ffffff;
-            s = 25U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_21(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 21, buf, (int)sizeof(buf));
-            if (sp_521_cmp_21(k, p521_order2) <= 0) {
-                sp_521_add_one_21(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 21);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 21, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_21(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_21(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_21(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_21(point->x) || sp_521_iszero_21(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_21(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_21_ctx mulmod_ctx;
-    sp_digit k[21];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_21(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_21_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_21_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_21(ctx->point->x) ||
-                    sp_521_iszero_21(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_21(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_21(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<20; i++) {
-        r[i+1] += r[i] >> 25;
-        r[i] &= 0x1ffffff;
-    }
-    j = 528 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<21 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 25) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 25);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 21);
-    int err = MP_OKAY;
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 21, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 21, priv);
-        sp_521_point_from_ecc_point_21(point, pub);
-            err = sp_521_ecc_mulmod_21(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_21(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_21_ctx mulmod_ctx;
-    };
-    sp_digit k[21];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 21, priv);
-            sp_521_point_from_ecc_point_21(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_21_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_21(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_521_rshift_21(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<20; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (25 - n))) & 0x1ffffff);
-    }
-#else
-    for (i=0; i<16; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (25 - n)) & 0x1ffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (25 - n)) & 0x1ffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (25 - n)) & 0x1ffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (25 - n)) & 0x1ffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (25 - n)) & 0x1ffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (25 - n)) & 0x1ffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (25 - n)) & 0x1ffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (25 - n)) & 0x1ffffff);
-    }
-    r[16] = (a[16] >> n) | (sp_digit)((a[17] << (25 - n)) & 0x1ffffff);
-    r[17] = (a[17] >> n) | (sp_digit)((a[18] << (25 - n)) & 0x1ffffff);
-    r[18] = (a[18] >> n) | (sp_digit)((a[19] << (25 - n)) & 0x1ffffff);
-    r[19] = (a[19] >> n) | (sp_digit)((a[20] << (25 - n)) & 0x1ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[20] = a[20] >> n;
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_521_mul_d_21(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 21; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-    }
-    r[21] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 20; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[20];
-    r[20] = (sp_digit)(t & 0x1ffffff);
-    t >>= 25;
-    r[21] = (sp_digit)(t & 0x1ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-SP_NOINLINE static void sp_521_lshift_42(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[42] = a[41] >> (25 - n);
-    for (i=41; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (25 - n))) & 0x1ffffff);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[41];
-    r[42] = s >> (25U - n);
-    s = (sp_int_digit)(a[41]); t = (sp_int_digit)(a[40]);
-    r[41] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[40]); t = (sp_int_digit)(a[39]);
-    r[40] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[39]); t = (sp_int_digit)(a[38]);
-    r[39] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[38]); t = (sp_int_digit)(a[37]);
-    r[38] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[37]); t = (sp_int_digit)(a[36]);
-    r[37] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[36]); t = (sp_int_digit)(a[35]);
-    r[36] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (25U - n))) & 0x1ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0x1ffffff);
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Simplified based on top word of divisor being (1 << 25) - 1
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_521_div_21(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 21 + 3);
-    int i;
-    sp_digit r1;
-    sp_digit mask;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 21 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 42 + 1;
-        sd = t2 + 21 + 1;
-
-        sp_521_mul_d_21(sd, d, (sp_digit)1 << 4);
-        sp_521_lshift_42(t1, a, 4);
-        t1[21 + 21] += t1[21 + 21 - 1] >> 25;
-        t1[21 + 21 - 1] &= 0x1ffffff;
-        for (i=20; i>=0; i--) {
-            r1 = t1[21 + i];
-            sp_521_mul_d_21(t2, sd, r1);
-            (void)sp_521_sub_21(&t1[i], &t1[i], t2);
-            t1[21 + i] -= t2[21];
-            sp_521_norm_21(&t1[i + 1]);
-
-            mask = ~((t1[21 + i] - 1) >> 31);
-            sp_521_cond_sub_21(t1 + i, t1 + i, sd, mask);
-            sp_521_norm_21(&t1[i + 1]);
-        }
-        sp_521_norm_21(t1);
-        sp_521_rshift_21(r, t1, 4);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_521_mod_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_521_div_21(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_21(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_21(r, a, b);
-    sp_521_mont_reduce_order_21(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word32 p521_order_minus_2[17] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word32 p521_order_low[9] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_21(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_21(r, a);
-    sp_521_mont_reduce_order_21(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_21(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_21(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_21(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_21_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_21_ctx;
-static int sp_521_mont_inv_order_21_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_21_ctx* ctx = (sp_521_mont_inv_order_21_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_21_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 21);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_21(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_521_mont_mul_order_21(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 21U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_21(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 21);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_21(t, t);
-        if ((p521_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_21(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 21U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 21;
-    sp_digit* t3 = td + 4 * 21;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_21(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_21(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_21(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_21(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_21(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_21(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_21(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_21(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_21(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_21(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_21(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_21(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_21(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_21(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_21(t2, t2);
-        if ((p521_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_21(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_21(t2, t2);
-    sp_521_mont_mul_order_21(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_21(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_21(k, k, p521_norm_order);
-    err = sp_521_mod_21(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_21(k);
-
-        /* kInv = 1/k mod order */
-            sp_521_mont_inv_order_21(kInv, k, tmp);
-        sp_521_norm_21(kInv);
-
-        /* s = r * x + e */
-            sp_521_mul_21(x, x, r);
-        err = sp_521_mod_21(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_21(x);
-        carry = sp_521_add_21(s, e, x);
-        sp_521_cond_sub_21(s, s, p521_order, 0 - carry);
-        sp_521_norm_21(s);
-        c = sp_521_cmp_21(s, p521_order);
-        sp_521_cond_sub_21(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_21(s);
-
-        /* s = s * k^-1 mod order */
-            sp_521_mont_mul_order_21(s, s, kInv);
-        sp_521_norm_21(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 21);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 21, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 21;
-        k = e + 4 * 21;
-        r = e + 6 * 21;
-        tmp = e + 8 * 21;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_21(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 21, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_521_ecc_mulmod_base_21(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 21U);
-            sp_521_norm_21(r);
-            c = sp_521_cmp_21(r, p521_order);
-            sp_521_cond_sub_21(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_21(r);
-
-            if (!sp_521_iszero_21(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 21, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 21, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_21(e, e, 7);
-                    e[20] |= ((sp_digit)hash[0]) << 13;
-                }
-
-                err = sp_521_calc_s_21(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_21(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 21, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_21_ctx mulmod_ctx;
-        sp_521_mont_inv_order_21_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*21];
-    sp_digit x[2*21];
-    sp_digit k[2*21];
-    sp_digit r[2*21];
-    sp_digit tmp[3 * 2*21];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_21(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 21, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_21_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 21U);
-        sp_521_norm_21(ctx->r);
-        c = sp_521_cmp_21(ctx->r, p521_order);
-        sp_521_cond_sub_21(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_21(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 21, priv);
-        sp_521_from_bin(ctx->e, 21, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_21(ctx->e, ctx->e, 7);
-            ctx->e[20] |= ((sp_digit)hash[0]) << 13;
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_21(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_21(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_21(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_21_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_21(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_21(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_21(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_521_norm_21(ctx->x);
-        carry = sp_521_add_21(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_21(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_21(ctx->s);
-        c = sp_521_cmp_21(ctx->s, p521_order);
-        sp_521_cond_sub_21(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_21(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_21(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_21(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_21(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 21U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 21U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 21U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 21U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 21U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-static const char sp_521_tab32_21[32] = {
-     1, 10,  2, 11, 14, 22,  3, 30,
-    12, 15, 17, 19, 23, 26,  4, 31,
-     9, 13, 21, 29, 16, 18, 25,  8,
-    20, 28, 24,  7, 27,  6,  5, 32};
-
-static int sp_521_num_bits_25_21(sp_digit v)
-{
-    v |= v >> 1;
-    v |= v >> 2;
-    v |= v >> 4;
-    v |= v >> 8;
-    v |= v >> 16;
-    return sp_521_tab32_21[(word32)(v*0x07C4ACDD) >> 27];
-}
-
-static int sp_521_num_bits_21(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i = 20; i >= 0; i--) {
-        if (a[i] != 0) {
-            r = sp_521_num_bits_25_21(a[i]);
-            r += i * 25;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- * @return  MEMEORY_E when dynamic memory allocation fails.
- */
-static int sp_521_mod_inv_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, u, 21 * 4);
-    sp_digit* v = NULL;
-    sp_digit* b = NULL;
-    sp_digit* d = NULL;
-    int ut;
-    int vt;
-
-    SP_ALLOC_VAR(sp_digit, u, 21 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        v = u + 21;
-        b = u + 2 * 21;
-        d = u + 3 * 21;
-
-        XMEMCPY(u, m, sizeof(sp_digit) * 21);
-        XMEMCPY(v, a, sizeof(sp_digit) * 21);
-
-        ut = sp_521_num_bits_21(u);
-        vt = sp_521_num_bits_21(v);
-
-        XMEMSET(b, 0, sizeof(sp_digit) * 21);
-        if ((v[0] & 1) == 0) {
-            sp_521_rshift1_21(v, v);
-            XMEMCPY(d, m, sizeof(sp_digit) * 21);
-            d[0]++;
-            sp_521_rshift1_21(d, d);
-            vt--;
-
-            while ((v[0] & 1) == 0) {
-                sp_521_rshift1_21(v, v);
-                if (d[0] & 1)
-                    sp_521_add_21(d, d, m);
-                sp_521_rshift1_21(d, d);
-                vt--;
-            }
-        }
-        else {
-            XMEMSET(d+1, 0, sizeof(sp_digit) * (21 - 1));
-            d[0] = 1;
-        }
-
-        while (ut > 1 && vt > 1) {
-            if ((ut > vt) || ((ut == vt) &&
-                    (sp_521_cmp_21(u, v) >= 0))) {
-                sp_521_sub_21(u, u, v);
-                sp_521_norm_21(u);
-
-                sp_521_sub_21(b, b, d);
-                sp_521_norm_21(b);
-                if (b[20] < 0)
-                    sp_521_add_21(b, b, m);
-                sp_521_norm_21(b);
-                ut = sp_521_num_bits_21(u);
-
-                do {
-                    sp_521_rshift1_21(u, u);
-                    if (b[0] & 1)
-                        sp_521_add_21(b, b, m);
-                    sp_521_rshift1_21(b, b);
-                    ut--;
-                }
-                while (ut > 0 && (u[0] & 1) == 0);
-            }
-            else {
-                sp_521_sub_21(v, v, u);
-                sp_521_norm_21(v);
-
-                sp_521_sub_21(d, d, b);
-                sp_521_norm_21(d);
-                if (d[20] < 0)
-                    sp_521_add_21(d, d, m);
-                sp_521_norm_21(d);
-                vt = sp_521_num_bits_21(v);
-
-                do {
-                    sp_521_rshift1_21(v, v);
-                    if (d[0] & 1)
-                        sp_521_add_21(d, d, m);
-                    sp_521_rshift1_21(d, d);
-                    vt--;
-                }
-                while (vt > 0 && (v[0] & 1) == 0);
-            }
-        }
-
-        if (ut == 1)
-            XMEMCPY(r, b, sizeof(sp_digit) * 21);
-        else
-            XMEMCPY(r, d, sizeof(sp_digit) * 21);
-    }
-    SP_FREE_VAR(u, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_21(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-
-        sp_521_proj_point_add_21(p1, p1, p2, tmp);
-    if (sp_521_iszero_21(p1->z)) {
-        if (sp_521_iszero_21(p1->x) && sp_521_iszero_21(p1->y)) {
-                sp_521_proj_point_dbl_21(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            p1->x[12] = 0;
-            p1->x[13] = 0;
-            p1->x[14] = 0;
-            p1->x[15] = 0;
-            p1->x[16] = 0;
-            p1->x[17] = 0;
-            p1->x[18] = 0;
-            p1->x[19] = 0;
-            p1->x[20] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_21(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_21(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_521_mul_21(s, s, p521_norm_order);
-        err = sp_521_mod_21(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_21(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_521_mont_inv_order_21(s, s, tmp);
-            sp_521_mont_mul_order_21(u1, u1, s);
-            sp_521_mont_mul_order_21(u2, u2, s);
-        }
-#else
-        {
-            sp_521_mont_mul_order_21(u1, u1, s);
-            sp_521_mont_mul_order_21(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_521_ecc_mulmod_base_21(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_21(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_21(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_21(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_21(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 21);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 21, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 21;
-        s   = u1 + 4 * 21;
-        tmp = u1 + 6 * 21;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 21, hash, (int)hashLen);
-        sp_521_from_mp(u2, 21, rm);
-        sp_521_from_mp(s, 21, sm);
-        sp_521_from_mp(p2->x, 21, pX);
-        sp_521_from_mp(p2->y, 21, pY);
-        sp_521_from_mp(p2->z, 21, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_21(u1, u1, 7);
-            u1[20] |= ((sp_digit)hash[0]) << 13;
-        }
-
-        err = sp_521_calc_vfy_point_21(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 21, rm);
-        err = sp_521_mod_mul_norm_21(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_521_mont_sqr_21(p1->z, p1->z, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_21(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_21(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 21, rm);
-            carry = sp_521_add_21(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_21(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_21(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_21(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_521_mont_mul_21(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_21(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_21_ctx mulmod_ctx;
-        sp_521_mont_inv_order_21_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_21_ctx dbl_ctx;
-        sp_521_proj_point_add_21_ctx add_ctx;
-    };
-    sp_digit u1[2*21];
-    sp_digit u2[2*21];
-    sp_digit s[2*21];
-    sp_digit tmp[2*21 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 21, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 21, rm);
-        sp_521_from_mp(ctx->s, 21, sm);
-        sp_521_from_mp(ctx->p2.x, 21, pX);
-        sp_521_from_mp(ctx->p2.y, 21, pY);
-        sp_521_from_mp(ctx->p2.z, 21, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_21(ctx->u1, ctx->u1, 7);
-            ctx->u1[20] |= ((sp_digit)hash[0]) << 13;
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_21(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_21(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_21(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_21_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_21(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_21(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_21_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_21(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_21_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_21(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_21_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 21, rm);
-        err = sp_521_mod_mul_norm_21(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_21(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_21(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_21(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 21, rm);
-            carry = sp_521_add_21(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_21(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_21(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_21(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_21(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_21(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_21(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 21 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 21 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 21;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_21(t1, point->y);
-        (void)sp_521_mod_21(t1, t1, p521_mod);
-        sp_521_sqr_21(t2, point->x);
-        (void)sp_521_mod_21(t2, t2, p521_mod);
-        sp_521_mul_21(t2, t2, point->x);
-        (void)sp_521_mod_21(t2, t2, p521_mod);
-        sp_521_mont_sub_21(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_21(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_21(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_21(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_21(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 21, pX);
-        sp_521_from_mp(pub->y, 21, pY);
-        sp_521_from_bin(pub->z, 21, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_21(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 21);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 21, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 21, pX);
-        sp_521_from_mp(pub->y, 21, pY);
-        sp_521_from_bin(pub->z, 21, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 21, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_21(pub->x) != 0) &&
-            (sp_521_iszero_21(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_21(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_21(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_21(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_521_ecc_mulmod_21(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_21(p->x) == 0) ||
-                             (sp_521_iszero_21(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_521_ecc_mulmod_base_21(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_21(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_21(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 21 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 21 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 21, pX);
-        sp_521_from_mp(p->y, 21, pY);
-        sp_521_from_mp(p->z, 21, pZ);
-        sp_521_from_mp(q->x, 21, qX);
-        sp_521_from_mp(q->y, 21, qY);
-        sp_521_from_mp(q->z, 21, qZ);
-        p->infinity = sp_521_iszero_21(p->x) &
-                      sp_521_iszero_21(p->y);
-        q->infinity = sp_521_iszero_21(q->x) &
-                      sp_521_iszero_21(q->y);
-
-            sp_521_proj_point_add_21(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 21 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 21 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 21, pX);
-        sp_521_from_mp(p->y, 21, pY);
-        sp_521_from_mp(p->z, 21, pZ);
-        p->infinity = sp_521_iszero_21(p->x) &
-                      sp_521_iszero_21(p->y);
-
-            sp_521_proj_point_dbl_21(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 21 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 21 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 21, pX);
-        sp_521_from_mp(p->y, 21, pY);
-        sp_521_from_mp(p->z, 21, pZ);
-        p->infinity = sp_521_iszero_21(p->x) &
-                      sp_521_iszero_21(p->y);
-
-            sp_521_map_21(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word32 p521_sqrt_power[17] = {
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_21(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 21);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 21, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 21);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_21(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32)))
-                    sp_521_mont_mul_21(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 21);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 21);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 21, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 21;
-
-        sp_521_from_mp(x, 21, xm);
-        err = sp_521_mod_mul_norm_21(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_521_mont_sqr_21(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_21(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_21(y, y, x, p521_mod);
-        sp_521_mont_sub_21(y, y, x, p521_mod);
-        sp_521_mont_sub_21(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_21(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_21(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_21(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 21, 0, 21U * sizeof(sp_digit));
-        sp_521_mont_reduce_21(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_21(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 42];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 42];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 42];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_7(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int64 t0   = ((sp_int64)a[ 0]) * b[ 0];
-    sp_int64 t1   = ((sp_int64)a[ 0]) * b[ 1]
-                 + ((sp_int64)a[ 1]) * b[ 0];
-    sp_int64 t2   = ((sp_int64)a[ 0]) * b[ 2]
-                 + ((sp_int64)a[ 1]) * b[ 1]
-                 + ((sp_int64)a[ 2]) * b[ 0];
-    sp_int64 t3   = ((sp_int64)a[ 0]) * b[ 3]
-                 + ((sp_int64)a[ 1]) * b[ 2]
-                 + ((sp_int64)a[ 2]) * b[ 1]
-                 + ((sp_int64)a[ 3]) * b[ 0];
-    sp_int64 t4   = ((sp_int64)a[ 0]) * b[ 4]
-                 + ((sp_int64)a[ 1]) * b[ 3]
-                 + ((sp_int64)a[ 2]) * b[ 2]
-                 + ((sp_int64)a[ 3]) * b[ 1]
-                 + ((sp_int64)a[ 4]) * b[ 0];
-    sp_int64 t5   = ((sp_int64)a[ 0]) * b[ 5]
-                 + ((sp_int64)a[ 1]) * b[ 4]
-                 + ((sp_int64)a[ 2]) * b[ 3]
-                 + ((sp_int64)a[ 3]) * b[ 2]
-                 + ((sp_int64)a[ 4]) * b[ 1]
-                 + ((sp_int64)a[ 5]) * b[ 0];
-    sp_int64 t6   = ((sp_int64)a[ 0]) * b[ 6]
-                 + ((sp_int64)a[ 1]) * b[ 5]
-                 + ((sp_int64)a[ 2]) * b[ 4]
-                 + ((sp_int64)a[ 3]) * b[ 3]
-                 + ((sp_int64)a[ 4]) * b[ 2]
-                 + ((sp_int64)a[ 5]) * b[ 1]
-                 + ((sp_int64)a[ 6]) * b[ 0];
-    sp_int64 t7   = ((sp_int64)a[ 1]) * b[ 6]
-                 + ((sp_int64)a[ 2]) * b[ 5]
-                 + ((sp_int64)a[ 3]) * b[ 4]
-                 + ((sp_int64)a[ 4]) * b[ 3]
-                 + ((sp_int64)a[ 5]) * b[ 2]
-                 + ((sp_int64)a[ 6]) * b[ 1];
-    sp_int64 t8   = ((sp_int64)a[ 2]) * b[ 6]
-                 + ((sp_int64)a[ 3]) * b[ 5]
-                 + ((sp_int64)a[ 4]) * b[ 4]
-                 + ((sp_int64)a[ 5]) * b[ 3]
-                 + ((sp_int64)a[ 6]) * b[ 2];
-    sp_int64 t9   = ((sp_int64)a[ 3]) * b[ 6]
-                 + ((sp_int64)a[ 4]) * b[ 5]
-                 + ((sp_int64)a[ 5]) * b[ 4]
-                 + ((sp_int64)a[ 6]) * b[ 3];
-    sp_int64 t10  = ((sp_int64)a[ 4]) * b[ 6]
-                 + ((sp_int64)a[ 5]) * b[ 5]
-                 + ((sp_int64)a[ 6]) * b[ 4];
-    sp_int64 t11  = ((sp_int64)a[ 5]) * b[ 6]
-                 + ((sp_int64)a[ 6]) * b[ 5];
-    sp_int64 t12  = ((sp_int64)a[ 6]) * b[ 6];
-
-    t1   += t0  >> 25; r[ 0] = (sp_digit)(t0  & 0x1ffffff);
-    t2   += t1  >> 25; r[ 1] = (sp_digit)(t1  & 0x1ffffff);
-    t3   += t2  >> 25; r[ 2] = (sp_digit)(t2  & 0x1ffffff);
-    t4   += t3  >> 25; r[ 3] = (sp_digit)(t3  & 0x1ffffff);
-    t5   += t4  >> 25; r[ 4] = (sp_digit)(t4  & 0x1ffffff);
-    t6   += t5  >> 25; r[ 5] = (sp_digit)(t5  & 0x1ffffff);
-    t7   += t6  >> 25; r[ 6] = (sp_digit)(t6  & 0x1ffffff);
-    t8   += t7  >> 25; r[ 7] = (sp_digit)(t7  & 0x1ffffff);
-    t9   += t8  >> 25; r[ 8] = (sp_digit)(t8  & 0x1ffffff);
-    t10  += t9  >> 25; r[ 9] = (sp_digit)(t9  & 0x1ffffff);
-    t11  += t10 >> 25; r[10] = (sp_digit)(t10 & 0x1ffffff);
-    t12  += t11 >> 25; r[11] = (sp_digit)(t11 & 0x1ffffff);
-    r[13] = (sp_digit)(t12 >> 25);
-                       r[12] = (sp_digit)(t12 & 0x1ffffff);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_7(sp_digit* r, const sp_digit* a)
-{
-    sp_int64 t0   =  ((sp_int64)a[ 0]) * a[ 0];
-    sp_int64 t1   = (((sp_int64)a[ 0]) * a[ 1]) * 2;
-    sp_int64 t2   = (((sp_int64)a[ 0]) * a[ 2]) * 2
-                 +  ((sp_int64)a[ 1]) * a[ 1];
-    sp_int64 t3   = (((sp_int64)a[ 0]) * a[ 3]
-                 +  ((sp_int64)a[ 1]) * a[ 2]) * 2;
-    sp_int64 t4   = (((sp_int64)a[ 0]) * a[ 4]
-                 +  ((sp_int64)a[ 1]) * a[ 3]) * 2
-                 +  ((sp_int64)a[ 2]) * a[ 2];
-    sp_int64 t5   = (((sp_int64)a[ 0]) * a[ 5]
-                 +  ((sp_int64)a[ 1]) * a[ 4]
-                 +  ((sp_int64)a[ 2]) * a[ 3]) * 2;
-    sp_int64 t6   = (((sp_int64)a[ 0]) * a[ 6]
-                 +  ((sp_int64)a[ 1]) * a[ 5]
-                 +  ((sp_int64)a[ 2]) * a[ 4]) * 2
-                 +  ((sp_int64)a[ 3]) * a[ 3];
-    sp_int64 t7   = (((sp_int64)a[ 1]) * a[ 6]
-                 +  ((sp_int64)a[ 2]) * a[ 5]
-                 +  ((sp_int64)a[ 3]) * a[ 4]) * 2;
-    sp_int64 t8   = (((sp_int64)a[ 2]) * a[ 6]
-                 +  ((sp_int64)a[ 3]) * a[ 5]) * 2
-                 +  ((sp_int64)a[ 4]) * a[ 4];
-    sp_int64 t9   = (((sp_int64)a[ 3]) * a[ 6]
-                 +  ((sp_int64)a[ 4]) * a[ 5]) * 2;
-    sp_int64 t10  = (((sp_int64)a[ 4]) * a[ 6]) * 2
-                 +  ((sp_int64)a[ 5]) * a[ 5];
-    sp_int64 t11  = (((sp_int64)a[ 5]) * a[ 6]) * 2;
-    sp_int64 t12  =  ((sp_int64)a[ 6]) * a[ 6];
-
-    t1   += t0  >> 25; r[ 0] = (sp_digit)(t0  & 0x1ffffff);
-    t2   += t1  >> 25; r[ 1] = (sp_digit)(t1  & 0x1ffffff);
-    t3   += t2  >> 25; r[ 2] = (sp_digit)(t2  & 0x1ffffff);
-    t4   += t3  >> 25; r[ 3] = (sp_digit)(t3  & 0x1ffffff);
-    t5   += t4  >> 25; r[ 4] = (sp_digit)(t4  & 0x1ffffff);
-    t6   += t5  >> 25; r[ 5] = (sp_digit)(t5  & 0x1ffffff);
-    t7   += t6  >> 25; r[ 6] = (sp_digit)(t6  & 0x1ffffff);
-    t8   += t7  >> 25; r[ 7] = (sp_digit)(t7  & 0x1ffffff);
-    t9   += t8  >> 25; r[ 8] = (sp_digit)(t8  & 0x1ffffff);
-    t10  += t9  >> 25; r[ 9] = (sp_digit)(t9  & 0x1ffffff);
-    t11  += t10 >> 25; r[10] = (sp_digit)(t10 & 0x1ffffff);
-    t12  += t11 >> 25; r[11] = (sp_digit)(t11 & 0x1ffffff);
-    r[13] = (sp_digit)(t12 >> 25);
-                       r[12] = (sp_digit)(t12 & 0x1ffffff);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_sub_14(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] - b[ 0];
-    r[ 1] = a[ 1] - b[ 1];
-    r[ 2] = a[ 2] - b[ 2];
-    r[ 3] = a[ 3] - b[ 3];
-    r[ 4] = a[ 4] - b[ 4];
-    r[ 5] = a[ 5] - b[ 5];
-    r[ 6] = a[ 6] - b[ 6];
-    r[ 7] = a[ 7] - b[ 7];
-    r[ 8] = a[ 8] - b[ 8];
-    r[ 9] = a[ 9] - b[ 9];
-    r[10] = a[10] - b[10];
-    r[11] = a[11] - b[11];
-    r[12] = a[12] - b[12];
-    r[13] = a[13] - b[13];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_14(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-    r[ 9] = a[ 9] + b[ 9];
-    r[10] = a[10] + b[10];
-    r[11] = a[11] + b[11];
-    r[12] = a[12] + b[12];
-    r[13] = a[13] + b[13];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_21(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit p0[14];
-    sp_digit p1[14];
-    sp_digit p2[14];
-    sp_digit p3[14];
-    sp_digit p4[14];
-    sp_digit p5[14];
-    sp_digit t0[14];
-    sp_digit t1[14];
-    sp_digit t2[14];
-    sp_digit a0[7];
-    sp_digit a1[7];
-    sp_digit a2[7];
-    sp_digit b0[7];
-    sp_digit b1[7];
-    sp_digit b2[7];
-    (void)sp_1024_add_7(a0, a, &a[7]);
-    (void)sp_1024_add_7(b0, b, &b[7]);
-    (void)sp_1024_add_7(a1, &a[7], &a[14]);
-    (void)sp_1024_add_7(b1, &b[7], &b[14]);
-    (void)sp_1024_add_7(a2, a0, &a[14]);
-    (void)sp_1024_add_7(b2, b0, &b[14]);
-    sp_1024_mul_7(p0, a, b);
-    sp_1024_mul_7(p2, &a[7], &b[7]);
-    sp_1024_mul_7(p4, &a[14], &b[14]);
-    sp_1024_mul_7(p1, a0, b0);
-    sp_1024_mul_7(p3, a1, b1);
-    sp_1024_mul_7(p5, a2, b2);
-    XMEMSET(r, 0, sizeof(*r)*2U*21U);
-    (void)sp_1024_sub_14(t0, p3, p2);
-    (void)sp_1024_sub_14(t1, p1, p2);
-    (void)sp_1024_sub_14(t2, p5, t0);
-    (void)sp_1024_sub_14(t2, t2, t1);
-    (void)sp_1024_sub_14(t0, t0, p4);
-    (void)sp_1024_sub_14(t1, t1, p0);
-    (void)sp_1024_add_14(r, r, p0);
-    (void)sp_1024_add_14(&r[7], &r[7], t1);
-    (void)sp_1024_add_14(&r[14], &r[14], t2);
-    (void)sp_1024_add_14(&r[21], &r[21], t0);
-    (void)sp_1024_add_14(&r[28], &r[28], p4);
-}
-
-/* Square a into r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_21(sp_digit* r, const sp_digit* a)
-{
-    sp_digit p0[14];
-    sp_digit p1[14];
-    sp_digit p2[14];
-    sp_digit p3[14];
-    sp_digit p4[14];
-    sp_digit p5[14];
-    sp_digit t0[14];
-    sp_digit t1[14];
-    sp_digit t2[14];
-    sp_digit a0[7];
-    sp_digit a1[7];
-    sp_digit a2[7];
-    (void)sp_1024_add_7(a0, a, &a[7]);
-    (void)sp_1024_add_7(a1, &a[7], &a[14]);
-    (void)sp_1024_add_7(a2, a0, &a[14]);
-    sp_1024_sqr_7(p0, a);
-    sp_1024_sqr_7(p2, &a[7]);
-    sp_1024_sqr_7(p4, &a[14]);
-    sp_1024_sqr_7(p1, a0);
-    sp_1024_sqr_7(p3, a1);
-    sp_1024_sqr_7(p5, a2);
-    XMEMSET(r, 0, sizeof(*r)*2U*21U);
-    (void)sp_1024_sub_14(t0, p3, p2);
-    (void)sp_1024_sub_14(t1, p1, p2);
-    (void)sp_1024_sub_14(t2, p5, t0);
-    (void)sp_1024_sub_14(t2, t2, t1);
-    (void)sp_1024_sub_14(t0, t0, p4);
-    (void)sp_1024_sub_14(t1, t1, p0);
-    (void)sp_1024_add_14(r, r, p0);
-    (void)sp_1024_add_14(&r[7], &r[7], t1);
-    (void)sp_1024_add_14(&r[14], &r[14], t2);
-    (void)sp_1024_add_14(&r[21], &r[21], t0);
-    (void)sp_1024_add_14(&r[28], &r[28], p4);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_21(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[16] = a[16] + b[16];
-    r[17] = a[17] + b[17];
-    r[18] = a[18] + b[18];
-    r[19] = a[19] + b[19];
-    r[20] = a[20] + b[20];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 40; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[40] = a[40] + b[40];
-    r[41] = a[41] + b[41];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_sub_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 40; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[40] = a[40] - b[40];
-    r[41] = a[41] - b[41];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_42(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[42];
-    sp_digit* a1 = z1;
-    sp_digit b1[21];
-    sp_digit* z2 = r + 42;
-    (void)sp_1024_add_21(a1, a, &a[21]);
-    (void)sp_1024_add_21(b1, b, &b[21]);
-    sp_1024_mul_21(z2, &a[21], &b[21]);
-    sp_1024_mul_21(z0, a, b);
-    sp_1024_mul_21(z1, a1, b1);
-    (void)sp_1024_sub_42(z1, z1, z2);
-    (void)sp_1024_sub_42(z1, z1, z0);
-    (void)sp_1024_add_42(r + 21, r + 21, z1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_42(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[42];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 42;
-    (void)sp_1024_add_21(a1, a, &a[21]);
-    sp_1024_sqr_21(z2, &a[21]);
-    sp_1024_sqr_21(z0, a);
-    sp_1024_sqr_21(z1, a1);
-    (void)sp_1024_sub_42(z1, z1, z2);
-    (void)sp_1024_sub_42(z1, z1, z0);
-    (void)sp_1024_add_42(r + 21, r + 21, z1);
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_42(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 lo;
-
-    c = ((sp_uint64)a[41]) * b[41];
-    r[83] = (sp_digit)(c >> 25);
-    c &= 0x1ffffff;
-    for (k = 81; k >= 0; k--) {
-        if (k >= 42) {
-            i = k - 41;
-            imax = 41;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint64)a[i]) * b[k - i];
-        }
-        c += lo >> 25;
-        r[k + 2] += (sp_digit)(c >> 25);
-        r[k + 1]  = (sp_digit)(c & 0x1ffffff);
-        c = lo & 0x1ffffff;
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_42(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint64 c;
-    sp_uint64 t;
-
-    c = ((sp_uint64)a[41]) * a[41];
-    r[83] = (sp_digit)(c >> 25);
-    c = (c & 0x1ffffff) << 25;
-    for (k = 81; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint64)a[i]) * a[i];
-           i++;
-        }
-        if (k < 41) {
-            imax = k;
-        }
-        else {
-            imax = 41;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint64)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 50);
-        r[k + 1]  = (sp_digit)((c >> 25) & 0x1ffffff);
-        c = (c & 0x1ffffff) << 25;
-    }
-    r[0] = (sp_digit)(c >> 25);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[42] = {
-    0x0a85feb,0x0c03d7f,0x1a1d99b,0x0158f59,0x00c5df1,0x02bed84,0x1a08e26,
-    0x03ff9c7,0x156971f,0x1ca6b57,0x1026aa7,0x18a4387,0x02a7cf3,0x18c2954,
-    0x0bfd2a0,0x039c36d,0x1cd6568,0x0289562,0x09ad335,0x18c90e6,0x06d0e26,
-    0x1a53335,0x0d5b49f,0x1911432,0x1b39ff7,0x05873c8,0x14c6967,0x050e61a,
-    0x1c0f1b2,0x1593f17,0x0bbd02a,0x167c034,0x09ae358,0x04130df,0x138672d,
-    0x1482d81,0x1ad0657,0x0308cc6,0x0ff6997,0x03e14ac,0x0997abb,0x0000000
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[42] = {
-    0x157a015,0x13fc280,0x05e2664,0x1ea70a6,0x1f3a20e,0x1d4127b,0x05f71d9,
-    0x1c00638,0x0a968e0,0x03594a8,0x0fd9558,0x075bc78,0x1d5830c,0x073d6ab,
-    0x1402d5f,0x1c63c92,0x0329a97,0x1d76a9d,0x1652cca,0x0736f19,0x192f1d9,
-    0x05accca,0x12a4b60,0x06eebcd,0x04c6008,0x1a78c37,0x0b39698,0x1af19e5,
-    0x03f0e4d,0x0a6c0e8,0x1442fd5,0x0983fcb,0x1651ca7,0x1becf20,0x0c798d2,
-    0x0b7d27e,0x052f9a8,0x1cf7339,0x1009668,0x1c1eb53,0x0668544,0x0000000
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[42] = {
-    0x1aa17fb,0x1b00f5f,0x0e87666,0x08563d6,0x003177c,0x10afb61,0x1e82389,
-    0x18ffe71,0x1d5a5c7,0x1f29ad5,0x1c09aa9,0x1e290e1,0x00a9f3c,0x0630a55,
-    0x0aff4a8,0x00e70db,0x173595a,0x08a2558,0x126b4cd,0x1632439,0x09b4389,
-    0x1e94ccd,0x1356d27,0x1e4450c,0x06ce7fd,0x1961cf2,0x1531a59,0x1143986,
-    0x1f03c6c,0x1564fc5,0x02ef40a,0x059f00d,0x1a6b8d6,0x0904c37,0x0ce19cb,
-    0x1d20b60,0x16b4195,0x18c2331,0x03fda65,0x18f852b,0x0265eae,0x0000000
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0x0e63895,0x0e455f5,0x05e6203,0x092cfc1,0x00ec46c,0x1fb9f64,0x18e96d8,
-        0x10fdd22,0x080728d,0x0e7da66,0x1a44375,0x029b74c,0x14a7c15,0x1d306f3,
-        0x00b0ce5,0x1e5c34e,0x0548b72,0x199be43,0x1756f32,0x015eecb,0x0890976,
-        0x13a0367,0x1c62f67,0x13bf4aa,0x1f22cdb,0x10821ea,0x00c2c27,0x1621b72,
-        0x0e2308a,0x1b607b6,0x0fed7b6,0x16dfef9,0x0b2f204,0x034e34c,0x1f582bb,
-        0x1456345,0x1ed9b52,0x1cc8029,0x0a6b429,0x1dc6658,0x053fc09,0x0000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x1ef16d7,0x19feb8d,0x1379d55,0x00d4cfb,0x0db9b57,0x1da31b5,0x0b56b56,
-        0x153017b,0x1e9cb99,0x1a8ad6b,0x1357c84,0x0f3f8b4,0x09492d9,0x0b2554c,
-        0x1bc7a00,0x05fc158,0x0b5b765,0x0656b4b,0x1551f1b,0x15c22f5,0x12b970d,
-        0x0654f01,0x105b3fc,0x028165c,0x18ccf9a,0x0fb35ac,0x17c3795,0x0fefebc,
-        0x0ec2b9e,0x14fa32a,0x1e3d7a9,0x03c2822,0x1778d82,0x0834b1e,0x00580a6,
-        0x0ba7d04,0x1634a13,0x18f8299,0x027c7e7,0x00c7ec0,0x00a8249,0x0000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000001,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-/* Normalize the values in each word to 25 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_1024_norm_41(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 40; i++) {
-        a[i+1] += a[i] >> 25;
-        a[i] &= 0x1ffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 40; i += 8) {
-        a[i+1] += a[i+0] >> 25; a[i+0] &= 0x1ffffff;
-        a[i+2] += a[i+1] >> 25; a[i+1] &= 0x1ffffff;
-        a[i+3] += a[i+2] >> 25; a[i+2] &= 0x1ffffff;
-        a[i+4] += a[i+3] >> 25; a[i+3] &= 0x1ffffff;
-        a[i+5] += a[i+4] >> 25; a[i+4] &= 0x1ffffff;
-        a[i+6] += a[i+5] >> 25; a[i+5] &= 0x1ffffff;
-        a[i+7] += a[i+6] >> 25; a[i+6] &= 0x1ffffff;
-        a[i+8] += a[i+7] >> 25; a[i+7] &= 0x1ffffff;
-    }
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_1024_mul_d_42(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 42; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-    }
-    r[42] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 40; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[40];
-    r[40] = (sp_digit)(t & 0x1ffffff);
-    t >>= 25;
-    t += tb * a[41];
-    r[41] = (sp_digit)(t & 0x1ffffff);
-    t >>= 25;
-    r[42] = (sp_digit)(t & 0x1ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_1024_mul_d_84(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    int i;
-
-    for (i = 0; i < 84; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-    }
-    r[84] = (sp_digit)t;
-#else
-    sp_int64 tb = b;
-    sp_int64 t = 0;
-    sp_digit t2;
-    sp_int64 p[4];
-    int i;
-
-    for (i = 0; i < 84; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffff);
-        t >>= 25;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[84] = (sp_digit)(t & 0x1ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 42; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_add_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 40; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[40] = a[40] + (b[40] & m);
-    r[41] = a[41] + (b[41] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_sub_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 42; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 42; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_1024_rshift_42(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<41; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (25 - n))) & 0x1ffffff);
-    }
-#else
-    for (i=0; i<40; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (25 - n)) & 0x1ffffff);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (25 - n)) & 0x1ffffff);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (25 - n)) & 0x1ffffff);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (25 - n)) & 0x1ffffff);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (25 - n)) & 0x1ffffff);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (25 - n)) & 0x1ffffff);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (25 - n)) & 0x1ffffff);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (25 - n)) & 0x1ffffff);
-    }
-    r[40] = (a[40] >> n) | (sp_digit)((a[41] << (25 - n)) & 0x1ffffff);
-#endif /* WOLFSSL_SP_SMALL */
-    r[41] = a[41] >> n;
-}
-
-static WC_INLINE sp_digit sp_1024_div_word_42(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int64 d = ((sp_int64)d1 << 25) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int64 d = ((sp_int64)d1 << 25) + d0;
-    sp_uint32 lo = (sp_uint32)d;
-    sp_digit hi = (sp_digit)(d >> 32);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int64 d = ((sp_int64)d1 << 25) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 25);
-    sp_digit t0 = (sp_digit)(d & 0x1ffffff);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int64 m;
-
-    r = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-    t1 -= dv & (0 - r);
-    for (i = 23; i >= 1; i--) {
-        t1 += t1 + (((sp_uint32)t0 >> 24) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint32)(dv - t1)) >> 31);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 25);
-    m = d - ((sp_int64)r * div);
-    r += (sp_digit)(m >> 50) - (sp_digit)(d >> 50);
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-
-    m = d - ((sp_int64)r * div);
-    sign = (sp_digit)(0 - ((sp_uint32)m >> 31)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint32)(div - m)) >> 31);
-    r += sign * t2;
-   return r;
-#else
-    sp_int64 d = ((sp_int64)d1 << 25) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 10) + 1;
-
-    t = (sp_digit)(d >> 20);
-    t = (t / dv) << 10;
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)(d >> 5);
-    t = t / (dv << 5);
-    r += t;
-    d -= (sp_int64)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int64)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_1024_word_div_word_42(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint32)(div - d) >> 31);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_1024_div_42(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 42 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 42 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 84 + 1;
-        sd = t2 + 42 + 1;
-
-        sp_1024_mul_d_42(sd, d, (sp_digit)1 << 1);
-        sp_1024_mul_d_84(t1, a, (sp_digit)1 << 1);
-        dv = sd[40];
-        t1[41 + 41] += t1[41 + 41 - 1] >> 25;
-        t1[41 + 41 - 1] &= 0x1ffffff;
-        for (i=41; i>=0; i--) {
-            r1 = sp_1024_div_word_42(t1[41 + i], t1[41 + i - 1], dv);
-
-            sp_1024_mul_d_42(t2, sd, r1);
-            (void)sp_1024_sub_42(&t1[i], &t1[i], t2);
-            sp_1024_norm_41(&t1[i]);
-            t1[41 + i] += t1[41 + i - 1] >> 25;
-            t1[41 + i - 1] &= 0x1ffffff;
-            r1 = sp_1024_div_word_42(-t1[41 + i], -t1[41 + i - 1], dv);
-            r1 -= t1[41 + i];
-            sp_1024_mul_d_42(t2, sd, r1);
-            (void)sp_1024_add_42(&t1[i], &t1[i], t2);
-            t1[41 + i] += t1[41 + i - 1] >> 25;
-            t1[41 + i - 1] &= 0x1ffffff;
-        }
-        t1[41 - 1] += t1[41 - 2] >> 25;
-        t1[41 - 2] &= 0x1ffffff;
-        r1 = sp_1024_word_div_word_42(t1[41 - 1], dv);
-
-        sp_1024_mul_d_42(t2, sd, r1);
-        sp_1024_sub_42(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 84U);
-        for (i=0; i<40; i++) {
-            r[i+1] += r[i] >> 25;
-            r[i] &= 0x1ffffff;
-        }
-        sp_1024_cond_add_42(r, r, sd, r[40] >> 31);
-
-        sp_1024_norm_41(r);
-        sp_1024_rshift_42(r, r, 1);
-        r[41] = 0;
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_1024_mod_42(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_1024_div_42(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_mul_42(r, a, p1024_norm_mod);
-    return sp_1024_mod_42(r, r, m);
-}
-
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_42(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_42(heap, sp, p) sp_1024_point_new_ex_42((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_42(heap, sp, p) sp_1024_point_new_ex_42((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_42(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 25
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 24);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 24);
-    }
-#elif DIGIT_BIT > 25
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1ffffff;
-        s = 25U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 25U) <= (word32)DIGIT_BIT) {
-            s += 25U;
-            r[j] &= 0x1ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 25) {
-            r[j] &= 0x1ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 25 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_42(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 42, pm->x);
-    sp_1024_from_mp(p->y, 42, pm->y);
-    sp_1024_from_mp(p->z, 42, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 25
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 41);
-        r->used = 41;
-        mp_clamp(r);
-#elif DIGIT_BIT < 25
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 41; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 25) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 25 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 41; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 25 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 25 - s;
-            }
-            else {
-                s += 25;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_42(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_1024_cmp_42(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=41; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 24);
-    }
-#else
-    int i;
-
-    r |= (a[41] - b[41]) & (0 - (sp_digit)1);
-    r |= (a[40] - b[40]) & ~(((sp_digit)0 - r) >> 24);
-    for (i = 32; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 24);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 24);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_sub_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 42; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    int i;
-
-    for (i = 0; i < 40; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[40] = a[40] - (b[40] & m);
-    r[41] = a[41] - (b[41] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_1024_mul_add_42(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int64 tb = b;
-    sp_int64 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 40; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1ffffff);
-        t[1] += t[0] >> 25;
-        r[i+1] = (sp_digit)(t[1] & 0x1ffffff);
-        t[2] += t[1] >> 25;
-        r[i+2] = (sp_digit)(t[2] & 0x1ffffff);
-        t[3] += t[2] >> 25;
-        r[i+3] = (sp_digit)(t[3] & 0x1ffffff);
-        t[0]  = t[3] >> 25;
-    }
-    t[0] += (tb * a[40]) + r[40];
-    t[1]  = (tb * a[41]) + r[41];
-    r[40] = (sp_digit)(t[0] & 0x1ffffff);
-    t[1] += t[0] >> 25;
-    r[41] = (sp_digit)(t[1] & 0x1ffffff);
-    r[42] +=  (sp_digit)(t[1] >> 25);
-#else
-    sp_int64 tb = b;
-    sp_int64 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffff);
-    for (i = 0; i < 40; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 25) + (t[1] & 0x1ffffff));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 25) + (t[2] & 0x1ffffff));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 25) + (t[3] & 0x1ffffff));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 25) + (t[4] & 0x1ffffff));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 25) + (t[5] & 0x1ffffff));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 25) + (t[6] & 0x1ffffff));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 25) + (t[7] & 0x1ffffff));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 25) + (t[0] & 0x1ffffff));
-    }
-    t[1] = tb * a[41];
-    r[41] += (sp_digit)((t[0] >> 25) + (t[1] & 0x1ffffff));
-    r[42] +=  (sp_digit)(t[1] >> 25);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Normalize the values in each word to 25 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_1024_norm_42(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 41; i++) {
-        a[i+1] += a[i] >> 25;
-        a[i] &= 0x1ffffff;
-    }
-#else
-    int i;
-    for (i = 0; i < 40; i += 8) {
-        a[i+1] += a[i+0] >> 25; a[i+0] &= 0x1ffffff;
-        a[i+2] += a[i+1] >> 25; a[i+1] &= 0x1ffffff;
-        a[i+3] += a[i+2] >> 25; a[i+2] &= 0x1ffffff;
-        a[i+4] += a[i+3] >> 25; a[i+3] &= 0x1ffffff;
-        a[i+5] += a[i+4] >> 25; a[i+4] &= 0x1ffffff;
-        a[i+6] += a[i+5] >> 25; a[i+5] &= 0x1ffffff;
-        a[i+7] += a[i+6] >> 25; a[i+6] &= 0x1ffffff;
-        a[i+8] += a[i+7] >> 25; a[i+7] &= 0x1ffffff;
-    }
-    a[41] += a[40] >> 25; a[40] &= 0x1ffffff;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 1024 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_1024_mont_shift_42(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_uint32 n;
-
-    n = a[40] >> 24;
-    for (i = 0; i < 40; i++) {
-        n += (sp_uint32)a[41 + i] << 1;
-        r[i] = (sp_digit)(n & 0x1ffffff);
-        n >>= 25;
-    }
-    n += (sp_uint32)a[81] << 1;
-    r[40] = n;
-#else
-    sp_uint32 n;
-    int i;
-
-    n  = (sp_uint32)a[40];
-    n  = n >> 24U;
-    for (i = 0; i < 40; i += 8) {
-        n += (sp_uint32)a[i+41] << 1U; r[i+0] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+42] << 1U; r[i+1] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+43] << 1U; r[i+2] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+44] << 1U; r[i+3] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+45] << 1U; r[i+4] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+46] << 1U; r[i+5] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+47] << 1U; r[i+6] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-        n += (sp_uint32)a[i+48] << 1U; r[i+7] = (sp_digit)(n & 0x1ffffff); n >>= 25U;
-    }
-    n += (sp_uint32)a[81] << 1U; r[40] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[41], 0, sizeof(*r) * 41U);
-}
-
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_1024_mont_reduce_42(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_1024_norm_42(a + 41);
-
-    if (mp != 1) {
-        for (i=0; i<40; i++) {
-            mu = (sp_digit)((a[i] * mp) & 0x1ffffff);
-            sp_1024_mul_add_42(a+i, m, mu);
-            a[i+1] += a[i] >> 25;
-        }
-        mu = (sp_digit)((a[i] * mp) & 0xffffffL);
-        sp_1024_mul_add_42(a+i, m, mu);
-        a[i+1] += a[i] >> 25;
-        a[i] &= 0x1ffffff;
-    }
-    else {
-        for (i=0; i<40; i++) {
-            mu = (sp_digit)(a[i] & 0x1ffffff);
-            sp_1024_mul_add_42(a+i, m, mu);
-            a[i+1] += a[i] >> 25;
-        }
-        mu = (sp_digit)(a[i] & 0xffffffL);
-        sp_1024_mul_add_42(a+i, m, mu);
-        a[i+1] += a[i] >> 25;
-        a[i] &= 0x1ffffff;
-    }
-    sp_1024_norm_42(a + 41);
-    sp_1024_mont_shift_42(a, a);
-    over = a[40] - m[40];
-    sp_1024_cond_sub_42(a, a, m, ~((over - 1) >> 31));
-    sp_1024_norm_42(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_42(r, a, b);
-    sp_1024_mont_reduce_42(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_42(r, a);
-    sp_1024_mont_reduce_42(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_42(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 42];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 42 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 42);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_42(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_42(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 42);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_42(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_42(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_42(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_42(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*42;
-    sp_int32 n;
-
-    sp_1024_mont_inv_42(t1, p->z, t + 2*42);
-
-    sp_1024_mont_sqr_42(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_42(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 42, 0, sizeof(sp_digit) * 42U);
-    sp_1024_mont_reduce_42(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_42(r->x, p1024_mod);
-    sp_1024_cond_sub_42(r->x, r->x, p1024_mod, (sp_digit)~(n >> 24));
-    sp_1024_norm_42(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_42(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 42, 0, sizeof(sp_digit) * 42U);
-    sp_1024_mont_reduce_42(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_42(r->y, p1024_mod);
-    sp_1024_cond_sub_42(r->y, r->y, p1024_mod, (sp_digit)~(n >> 24));
-    sp_1024_norm_42(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_add_42(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_1024_add_42(r, a, b);
-    sp_1024_norm_42(r);
-    over = r[40] - m[40];
-    sp_1024_cond_sub_42(r, r, m, ~((over - 1) >> 31));
-    sp_1024_norm_42(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_dbl_42(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_1024_add_42(r, a, a);
-    sp_1024_norm_42(r);
-    over = r[40] - m[40];
-    sp_1024_cond_sub_42(r, r, m, ~((over - 1) >> 31));
-    sp_1024_norm_42(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_tpl_42(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_1024_add_42(r, a, a);
-    sp_1024_norm_42(r);
-    over = r[40] - m[40];
-    sp_1024_cond_sub_42(r, r, m, ~((over - 1) >> 31));
-    sp_1024_norm_42(r);
-    (void)sp_1024_add_42(r, r, a);
-    sp_1024_norm_42(r);
-    over = r[40] - m[40];
-    sp_1024_cond_sub_42(r, r, m, ~((over - 1) >> 31));
-    sp_1024_norm_42(r);
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_sub_42(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_1024_sub_42(r, a, b);
-    sp_1024_norm_42(r);
-    sp_1024_cond_add_42(r, r, m, r[41] >> 7);
-    sp_1024_norm_42(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_1024_rshift1_42(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<41; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 24) & 0x1ffffff);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 24) & 0x1ffffff);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 24) & 0x1ffffff);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 24) & 0x1ffffff);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 24) & 0x1ffffff);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 24) & 0x1ffffff);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 24) & 0x1ffffff);
-    r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 24) & 0x1ffffff);
-    r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 24) & 0x1ffffff);
-    r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 24) & 0x1ffffff);
-    r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 24) & 0x1ffffff);
-    r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 24) & 0x1ffffff);
-    r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 24) & 0x1ffffff);
-    r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 24) & 0x1ffffff);
-    r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 24) & 0x1ffffff);
-    r[14] = (a[14] >> 1) + (sp_digit)((a[15] << 24) & 0x1ffffff);
-    r[15] = (a[15] >> 1) + (sp_digit)((a[16] << 24) & 0x1ffffff);
-    r[16] = (a[16] >> 1) + (sp_digit)((a[17] << 24) & 0x1ffffff);
-    r[17] = (a[17] >> 1) + (sp_digit)((a[18] << 24) & 0x1ffffff);
-    r[18] = (a[18] >> 1) + (sp_digit)((a[19] << 24) & 0x1ffffff);
-    r[19] = (a[19] >> 1) + (sp_digit)((a[20] << 24) & 0x1ffffff);
-    r[20] = (a[20] >> 1) + (sp_digit)((a[21] << 24) & 0x1ffffff);
-    r[21] = (a[21] >> 1) + (sp_digit)((a[22] << 24) & 0x1ffffff);
-    r[22] = (a[22] >> 1) + (sp_digit)((a[23] << 24) & 0x1ffffff);
-    r[23] = (a[23] >> 1) + (sp_digit)((a[24] << 24) & 0x1ffffff);
-    r[24] = (a[24] >> 1) + (sp_digit)((a[25] << 24) & 0x1ffffff);
-    r[25] = (a[25] >> 1) + (sp_digit)((a[26] << 24) & 0x1ffffff);
-    r[26] = (a[26] >> 1) + (sp_digit)((a[27] << 24) & 0x1ffffff);
-    r[27] = (a[27] >> 1) + (sp_digit)((a[28] << 24) & 0x1ffffff);
-    r[28] = (a[28] >> 1) + (sp_digit)((a[29] << 24) & 0x1ffffff);
-    r[29] = (a[29] >> 1) + (sp_digit)((a[30] << 24) & 0x1ffffff);
-    r[30] = (a[30] >> 1) + (sp_digit)((a[31] << 24) & 0x1ffffff);
-    r[31] = (a[31] >> 1) + (sp_digit)((a[32] << 24) & 0x1ffffff);
-    r[32] = (a[32] >> 1) + (sp_digit)((a[33] << 24) & 0x1ffffff);
-    r[33] = (a[33] >> 1) + (sp_digit)((a[34] << 24) & 0x1ffffff);
-    r[34] = (a[34] >> 1) + (sp_digit)((a[35] << 24) & 0x1ffffff);
-    r[35] = (a[35] >> 1) + (sp_digit)((a[36] << 24) & 0x1ffffff);
-    r[36] = (a[36] >> 1) + (sp_digit)((a[37] << 24) & 0x1ffffff);
-    r[37] = (a[37] >> 1) + (sp_digit)((a[38] << 24) & 0x1ffffff);
-    r[38] = (a[38] >> 1) + (sp_digit)((a[39] << 24) & 0x1ffffff);
-    r[39] = (a[39] >> 1) + (sp_digit)((a[40] << 24) & 0x1ffffff);
-    r[40] = (a[40] >> 1) + (sp_digit)((a[41] << 24) & 0x1ffffff);
-#endif
-    r[41] = a[41] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_1024_mont_div2_42(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_cond_add_42(r, a, m, 0 - (a[0] & 1));
-    sp_1024_norm_42(r);
-    sp_1024_rshift1_42(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_42(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*42;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_42(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_42(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_42(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_42(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_42(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_42(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_42(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_42(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_42(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_42(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_42(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_42(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_42(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_42(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_42(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_42(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_42(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_42(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_42_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_42_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_42_ctx* ctx = (sp_1024_proj_point_dbl_42_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_42_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*42;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_42(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_42(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_42(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_42(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_42(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_42(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_42(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_42(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_42(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_42(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_42(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_42(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_42(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_42(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_42(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_42(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_42(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16]) | (a[17] ^ b[17]) |
-            (a[18] ^ b[18]) | (a[19] ^ b[19]) | (a[20] ^ b[20]) |
-            (a[21] ^ b[21]) | (a[22] ^ b[22]) | (a[23] ^ b[23]) |
-            (a[24] ^ b[24]) | (a[25] ^ b[25]) | (a[26] ^ b[26]) |
-            (a[27] ^ b[27]) | (a[28] ^ b[28]) | (a[29] ^ b[29]) |
-            (a[30] ^ b[30]) | (a[31] ^ b[31]) | (a[32] ^ b[32]) |
-            (a[33] ^ b[33]) | (a[34] ^ b[34]) | (a[35] ^ b[35]) |
-            (a[36] ^ b[36]) | (a[37] ^ b[37]) | (a[38] ^ b[38]) |
-            (a[39] ^ b[39]) | (a[40] ^ b[40]) | (a[41] ^ b[41])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_42(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16] | a[17] | a[18] | a[19] | a[20] | a[21] | a[22] | a[23] |
-            a[24] | a[25] | a[26] | a[27] | a[28] | a[29] | a[30] | a[31] |
-            a[32] | a[33] | a[34] | a[35] | a[36] | a[37] | a[38] | a[39] |
-            a[40] | a[41]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_42(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*42;
-    sp_digit* t2 = t + 4*42;
-    sp_digit* t3 = t + 6*42;
-    sp_digit* t4 = t + 8*42;
-    sp_digit* t5 = t + 10*42;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_42(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_42(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_42(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_42(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_42(t2, t1) &
-            sp_1024_cmp_equal_42(t4, t3)) {
-        sp_1024_proj_point_dbl_42(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_42(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_42(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_42(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_42(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_42(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_42(t3, y, p1024_mod);
-        sp_1024_mont_sub_42(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_42(y, y, x, p1024_mod);
-        sp_1024_mont_mul_42(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 42; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 42; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 42; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_42_ctx {
-    int state;
-    sp_1024_proj_point_dbl_42_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_42_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_42_ctx* ctx = (sp_1024_proj_point_add_42_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_42_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*42;
-        ctx->t2 = t + 4*42;
-        ctx->t3 = t + 6*42;
-        ctx->t4 = t + 8*42;
-        ctx->t5 = t + 10*42;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_42(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_42(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_42(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_42(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_42(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_42(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_42(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_42(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_42(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_42(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_42(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_42(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_42(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_42(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_42(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_42(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_42(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_42(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_42(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_42(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_42(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_42(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_42(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_42(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 42; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 42; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 42; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 1024 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 42 * 37);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 42 * 37, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_1024) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_42(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_1024_mod_mul_norm_42(t[1].y, g->y, p1024_mod);
-    if (err == MP_OKAY)
-        err = sp_1024_mod_mul_norm_42(t[1].z, g->z, p1024_mod);
-
-    if (err == MP_OKAY) {
-        i = 40;
-        c = 24;
-        n = k[i--] << (25 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 25;
-            }
-
-            y = (n >> 24) & 1;
-            n <<= 1;
-
-            sp_1024_proj_point_add_42(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_1024));
-            sp_1024_proj_point_dbl_42(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_1024));
-        }
-
-        if (map != 0) {
-            sp_1024_map_42(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_1024));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 42 * 37, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_ecc_mulmod_42_ctx {
-    int state;
-    union {
-        sp_1024_proj_point_dbl_42_ctx dbl_ctx;
-        sp_1024_proj_point_add_42_ctx add_ctx;
-    };
-    sp_point_1024 t[3];
-    sp_digit tmp[2 * 42 * 37];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_1024_ecc_mulmod_42_ctx;
-
-static int sp_1024_ecc_mulmod_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_ecc_mulmod_42_ctx* ctx = (sp_1024_ecc_mulmod_42_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_ecc_mulmod_42_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_1024) * 3);
-        ctx->i = 40;
-        ctx->c = 24;
-        ctx->n = k[ctx->i--] << (25 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_42(ctx->t[1].x, g->x, p1024_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_1024_mod_mul_norm_42(ctx->t[1].y, g->y, p1024_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_1024_mod_mul_norm_42(ctx->t[1].z, g->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 25;
-        }
-        ctx->y = (ctx->n >> 24) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_1024_proj_point_add_42_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_1024));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_1024_proj_point_dbl_42_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_1024));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_1024_map_42(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_1024));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[42];
-    sp_digit y[42];
-} sp_table_entry_1024;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_copy_42(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[42];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 42; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 42; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    t[ 7] = r[ 7] ^ a[ 7];
-    t[ 8] = r[ 8] ^ a[ 8];
-    t[ 9] = r[ 9] ^ a[ 9];
-    t[10] = r[10] ^ a[10];
-    t[11] = r[11] ^ a[11];
-    t[12] = r[12] ^ a[12];
-    t[13] = r[13] ^ a[13];
-    t[14] = r[14] ^ a[14];
-    t[15] = r[15] ^ a[15];
-    t[16] = r[16] ^ a[16];
-    t[17] = r[17] ^ a[17];
-    t[18] = r[18] ^ a[18];
-    t[19] = r[19] ^ a[19];
-    t[20] = r[20] ^ a[20];
-    t[21] = r[21] ^ a[21];
-    t[22] = r[22] ^ a[22];
-    t[23] = r[23] ^ a[23];
-    t[24] = r[24] ^ a[24];
-    t[25] = r[25] ^ a[25];
-    t[26] = r[26] ^ a[26];
-    t[27] = r[27] ^ a[27];
-    t[28] = r[28] ^ a[28];
-    t[29] = r[29] ^ a[29];
-    t[30] = r[30] ^ a[30];
-    t[31] = r[31] ^ a[31];
-    t[32] = r[32] ^ a[32];
-    t[33] = r[33] ^ a[33];
-    t[34] = r[34] ^ a[34];
-    t[35] = r[35] ^ a[35];
-    t[36] = r[36] ^ a[36];
-    t[37] = r[37] ^ a[37];
-    t[38] = r[38] ^ a[38];
-    t[39] = r[39] ^ a[39];
-    t[40] = r[40] ^ a[40];
-    t[41] = r[41] ^ a[41];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-    r[ 7] ^= t[ 7] & m;
-    r[ 8] ^= t[ 8] & m;
-    r[ 9] ^= t[ 9] & m;
-    r[10] ^= t[10] & m;
-    r[11] ^= t[11] & m;
-    r[12] ^= t[12] & m;
-    r[13] ^= t[13] & m;
-    r[14] ^= t[14] & m;
-    r[15] ^= t[15] & m;
-    r[16] ^= t[16] & m;
-    r[17] ^= t[17] & m;
-    r[18] ^= t[18] & m;
-    r[19] ^= t[19] & m;
-    r[20] ^= t[20] & m;
-    r[21] ^= t[21] & m;
-    r[22] ^= t[22] & m;
-    r[23] ^= t[23] & m;
-    r[24] ^= t[24] & m;
-    r[25] ^= t[25] & m;
-    r[26] ^= t[26] & m;
-    r[27] ^= t[27] & m;
-    r[28] ^= t[28] & m;
-    r[29] ^= t[29] & m;
-    r[30] ^= t[30] & m;
-    r[31] ^= t[31] & m;
-    r[32] ^= t[32] & m;
-    r[33] ^= t[33] & m;
-    r[34] ^= t[34] & m;
-    r[35] ^= t[35] & m;
-    r[36] ^= t[36] & m;
-    r[37] ^= t[37] & m;
-    r[38] ^= t[38] & m;
-    r[39] ^= t[39] & m;
-    r[40] ^= t[40] & m;
-    r[41] ^= t[41] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*42;
-    sp_digit* b = t + 4*42;
-    sp_digit* t1 = t + 6*42;
-    sp_digit* t2 = t + 8*42;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_42(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_42(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_42(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_42(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_42(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_42(t2, b, p1024_mod);
-        sp_1024_mont_sub_42(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_42(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_42(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_42(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_42(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_42(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_42(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_42(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_42(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_42(t2, b, p1024_mod);
-    sp_1024_mont_sub_42(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_42(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_42(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_42(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_42(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_42(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_42(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_42(y, y, p1024_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
-        const sp_point_1024* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*42;
-    sp_digit* b = t + 4*42;
-    sp_digit* t1 = t + 6*42;
-    sp_digit* t2 = t + 8*42;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<42; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<42; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<42; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_42(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_42(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_42(w, w, p1024_mod, p1024_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_42(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_42(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_42(t2, b, p1024_mod);
-        sp_1024_mont_sub_42(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_42(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_42(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_42(r[j].z, z, y, p1024_mod, p1024_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_42(t1, t1, p1024_mod, p1024_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_42(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_42(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(y, y, t1, p1024_mod);
-        /* Y = Y/2 */
-        sp_1024_mont_div2_42(r[j].y, y, p1024_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_sub_42(sp_point_1024* ra,
-        sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*42;
-    sp_digit* t3 = t + 4*42;
-    sp_digit* t4 = t + 6*42;
-    sp_digit* t5 = t + 8*42;
-    sp_digit* t6 = t + 10*42;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_42(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t1, t1, xa, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_42(t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t4, t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_42(t3, t3, ya, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_42(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-    /* H = U2 - U1 */
-    sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
-    /* RS = S2 + S1 */
-    sp_1024_mont_add_42(t6, t4, t3, p1024_mod);
-    /* R = S2 - S1 */
-    sp_1024_mont_sub_42(t4, t4, t3, p1024_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_1024_mont_mul_42(za, za, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(za, za, t2, p1024_mod, p1024_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_1024_mont_sqr_42(xa, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_42(xs, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_42(t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(ya, t1, t5, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t5, t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_42(xa, xa, t5, p1024_mod);
-    sp_1024_mont_sub_42(xs, xs, t5, p1024_mod);
-    sp_1024_mont_dbl_42(t1, ya, p1024_mod);
-    sp_1024_mont_sub_42(xa, xa, t1, p1024_mod);
-    sp_1024_mont_sub_42(xs, xs, t1, p1024_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_42(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_42(ya, ya, xa, p1024_mod);
-    sp_1024_mont_mul_42(ya, ya, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_42(t6, p1024_mod, t6, p1024_mod);
-    sp_1024_mont_mul_42(ys, ys, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t5, t5, t3, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_42(ya, ya, t5, p1024_mod);
-    sp_1024_mont_sub_42(ys, ys, t5, p1024_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_1024 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_1024;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_42_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_42_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_1024_ecc_recode_7_42(const sp_digit* k, ecc_recode_1024* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<147; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 25) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 25) {
-            n >>= 7;
-            if (++j < 42)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 42) {
-            n = k[j];
-            y |= (word8)((n << (25 - o)) & 0x7f);
-            o -= 18;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_42_7[y];
-        v[i].neg = recode_neg_42_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 7 bits. (Add-Sub variation.)
- * Calculate 0..64 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 65+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 42 * 37);
-    sp_point_1024* rt = NULL;
-    sp_point_1024* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_1024 v[147];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 65+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 42 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 65;
-        p  = t + 65+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_42(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(t[1].y, g->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(t[1].z, g->z, p1024_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[64]  */
-        sp_1024_proj_point_dbl_n_store_42(t, &t[ 1], 6, 1, tmp);
-        sp_1024_proj_point_add_42(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[ 6], &t[ 3], tmp);
-        sp_1024_proj_point_add_sub_42(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[10], &t[ 5], tmp);
-        sp_1024_proj_point_add_sub_42(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[12], &t[ 6], tmp);
-        sp_1024_proj_point_dbl_42(&t[14], &t[ 7], tmp);
-        sp_1024_proj_point_add_sub_42(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[18], &t[ 9], tmp);
-        sp_1024_proj_point_add_sub_42(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[20], &t[10], tmp);
-        sp_1024_proj_point_dbl_42(&t[22], &t[11], tmp);
-        sp_1024_proj_point_add_sub_42(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[24], &t[12], tmp);
-        sp_1024_proj_point_dbl_42(&t[26], &t[13], tmp);
-        sp_1024_proj_point_add_sub_42(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[28], &t[14], tmp);
-        sp_1024_proj_point_dbl_42(&t[30], &t[15], tmp);
-        sp_1024_proj_point_add_sub_42(&t[31], &t[29], &t[30], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[34], &t[17], tmp);
-        sp_1024_proj_point_add_sub_42(&t[35], &t[33], &t[34], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[36], &t[18], tmp);
-        sp_1024_proj_point_dbl_42(&t[38], &t[19], tmp);
-        sp_1024_proj_point_add_sub_42(&t[39], &t[37], &t[38], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[40], &t[20], tmp);
-        sp_1024_proj_point_dbl_42(&t[42], &t[21], tmp);
-        sp_1024_proj_point_add_sub_42(&t[43], &t[41], &t[42], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[44], &t[22], tmp);
-        sp_1024_proj_point_dbl_42(&t[46], &t[23], tmp);
-        sp_1024_proj_point_add_sub_42(&t[47], &t[45], &t[46], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[48], &t[24], tmp);
-        sp_1024_proj_point_dbl_42(&t[50], &t[25], tmp);
-        sp_1024_proj_point_add_sub_42(&t[51], &t[49], &t[50], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[52], &t[26], tmp);
-        sp_1024_proj_point_dbl_42(&t[54], &t[27], tmp);
-        sp_1024_proj_point_add_sub_42(&t[55], &t[53], &t[54], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[56], &t[28], tmp);
-        sp_1024_proj_point_dbl_42(&t[58], &t[29], tmp);
-        sp_1024_proj_point_add_sub_42(&t[59], &t[57], &t[58], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_42(&t[60], &t[30], tmp);
-        sp_1024_proj_point_dbl_42(&t[62], &t[31], tmp);
-        sp_1024_proj_point_add_sub_42(&t[63], &t[61], &t[62], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_1024_ecc_recode_7_42(k, v);
-
-        i = 146;
-        XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_1024));
-        for (--i; i>=0; i--) {
-            sp_1024_proj_point_dbl_n_42(rt, 7, tmp);
-            XMEMCPY(p, &t[v[i].i], sizeof(sp_point_1024));
-            sp_1024_mont_sub_42(negy, p1024_mod, p->y, p1024_mod);
-            sp_1024_norm_42(negy);
-            sp_1024_cond_copy_42(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_1024_proj_point_add_42(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_42(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*42;
-    sp_digit* t6 = t + 4*42;
-    sp_digit* t1 = t + 6*42;
-    sp_digit* t4 = t + 8*42;
-    sp_digit* t5 = t + 10*42;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_42(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_42(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_42(p->x, t2) &
-            sp_1024_cmp_equal_42(p->y, t4)) {
-        sp_1024_proj_point_dbl_42(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_42(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_42(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_42(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_42(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_42(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_42(t5, t3, p1024_mod);
-        sp_1024_mont_sub_42(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_42(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_42(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 42; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 42; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 42; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_42(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 42;
-    sp_digit* tmp = t + 4 * 42;
-
-    sp_1024_mont_inv_42(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_42(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_42(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_42(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_42(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_42(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_42(t, 128, tmp);
-            sp_1024_proj_to_affine_42(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_42(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_42(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_42(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 42 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 42 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 25] >> (x % 25)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 25] >> (x % 25)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_42(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_42(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_42(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[42];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[42];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_42(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_42(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_win_add_sub_42(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 42 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 42 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_42(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_win_add_sub_42(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_42(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 42);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 42, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 42, km);
-        sp_1024_point_from_ecc_point_42(point, gm);
-
-            err = sp_1024_ecc_mulmod_42(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_42(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_42(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_1024_ecc_mulmod_42(r, &p1024_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_1024_ecc_mulmod_base_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_1024_ecc_mulmod_42_nb(sp_ctx, r, &p1024_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x0162bc2,0x03f6370,0x0a26fe7,0x0621512,0x1decc6e,0x04cec0e,
-        0x077c279,0x030bab3,0x06d3582,0x14b7514,0x17e36e6,0x0fa6e18,
-        0x0601aec,0x067ae83,0x0b92656,0x1aff1ce,0x17d3e91,0x1617394,
-        0x0a7cbd6,0x03b725b,0x19ed862,0x13ad2b3,0x12c9b21,0x0ad5582,
-        0x185df2c,0x1cc9199,0x131a84f,0x111ce9a,0x08ec11b,0x18b9ffd,
-        0x1bc4852,0x03e7f3f,0x0386a27,0x1da2750,0x0d3b039,0x0d7b363,
-        0x0ecd349,0x12946e7,0x1e02ebf,0x0d43893,0x08dfff9 },
-      { 0x03c0c83,0x03a9d60,0x15d6d29,0x11579b9,0x08e69d1,0x1adb24b,
-        0x06e23dd,0x0a5c707,0x0bf58f3,0x01fca4d,0x0f05720,0x0cf37a1,
-        0x025f702,0x07f94c6,0x0fd745a,0x12edd0b,0x198c6c7,0x01fb75e,
-        0x178f86d,0x0315e88,0x0093206,0x072a732,0x19f5566,0x09fdb3c,
-        0x1283b50,0x08bd823,0x15c361d,0x0a1957f,0x1addbe4,0x145f9fa,
-        0x1291f58,0x0f19699,0x037ef30,0x0248400,0x14f1ac7,0x0e9c291,
-        0x0fcfd83,0x0b6994a,0x007cf89,0x0f7bc78,0x02aa120 } },
-    /* 2 */
-    { { 0x1900955,0x1b6d700,0x15b6a56,0x039d68c,0x05dc9cc,0x17f4add,
-        0x0241f9c,0x068a18f,0x1a040c3,0x0d72a23,0x0ba9ba8,0x06e0f2a,
-        0x0591191,0x1684b98,0x1fdcd0d,0x1a21ea9,0x074bda4,0x0526d80,
-        0x059101c,0x060de32,0x122cfd5,0x19c5922,0x052e7f9,0x093eec4,
-        0x0dad678,0x1720a34,0x02c3734,0x0f65343,0x1ad4928,0x18d0af0,
-        0x06ab75f,0x1b77454,0x0c63a81,0x119bccd,0x116e048,0x10026f3,
-        0x10e53bc,0x0159785,0x0ed87d0,0x0fe17e2,0x08c3eb2 },
-      { 0x113696f,0x169f0f2,0x1fea692,0x1831903,0x0350ba5,0x019e898,
-        0x104d8f0,0x1783c5f,0x117a531,0x1ed3738,0x1584354,0x092035d,
-        0x0742ec6,0x14cffab,0x0fa37df,0x1a255a6,0x13e3dee,0x1f2556b,
-        0x003d37a,0x0768ca3,0x10b4d98,0x14a8179,0x064d949,0x1231aff,
-        0x199aba8,0x1cd3f13,0x19c03f1,0x1ffd096,0x1fd8c20,0x006b205,
-        0x0f5ed10,0x0ba4c83,0x1a21d21,0x110e5e1,0x110b0c9,0x06f3072,
-        0x11401e8,0x132805d,0x10c42b3,0x07c4a38,0x07bf416 } },
-    /* 3 */
-    { { 0x1fd589e,0x1a7c471,0x080c705,0x01bf2e9,0x1b50179,0x182a4fe,
-        0x08f8cf9,0x069a12c,0x115924f,0x0848f7f,0x196b163,0x195bf36,
-        0x0feef79,0x1fb4e16,0x1310988,0x10579a5,0x03252cd,0x0c0bec8,
-        0x17c7777,0x09e9b34,0x16bdacf,0x1aa808d,0x1418498,0x1a28193,
-        0x0490d2e,0x1694fba,0x1136da1,0x08125d1,0x0b0fcc6,0x178b3bb,
-        0x0d8897b,0x1be2d5d,0x08c01e9,0x1ec1507,0x1d0612e,0x0ec506c,
-        0x0956e33,0x1aba714,0x1fc1dd5,0x18ce0b4,0x09871ed },
-      { 0x16535f7,0x1bb6abb,0x0ee2f42,0x044c6b6,0x1214d60,0x10b7b22,
-        0x16b6674,0x0eb8184,0x15515bf,0x0a6f9d3,0x1c59d7f,0x0b78bd3,
-        0x0724a62,0x003439f,0x0d7bedd,0x0b89478,0x033bb2e,0x177ae4d,
-        0x01ac662,0x0366bd0,0x10eda97,0x12d1e34,0x07d7032,0x03c4683,
-        0x1dd898e,0x0f2546a,0x1a556b6,0x19d9799,0x0d34164,0x0203924,
-        0x1b8bb3d,0x08b815e,0x0bb3811,0x007ff8d,0x1a0871e,0x0e7e97d,
-        0x0272ed5,0x06fbb46,0x0deb745,0x0146e2c,0x0397ed1 } },
-    /* 4 */
-    { { 0x15c2a27,0x105d93a,0x11133cf,0x12b2b0b,0x138e42f,0x142f306,
-        0x0f83c64,0x01e8d62,0x076273d,0x1f66860,0x115a6b0,0x010a327,
-        0x0a7800f,0x01a8c0c,0x139d2ad,0x06c77e0,0x0388496,0x1492c55,
-        0x032253f,0x0cc2f97,0x09a0845,0x15157cb,0x02f18aa,0x08cd1b3,
-        0x0280b5a,0x07d3361,0x1aa64bd,0x193beb1,0x001e99b,0x1bec9fa,
-        0x03976c2,0x1898718,0x0614fe1,0x0fb59f0,0x1470b33,0x11aa622,
-        0x0143b61,0x1abaf67,0x0629071,0x10bbf27,0x0402479 },
-      { 0x1055746,0x128bc47,0x1b83ee8,0x001563c,0x05ba004,0x14934be,
-        0x053eeb0,0x081c363,0x15b4f47,0x18a908c,0x1ee951d,0x03a1376,
-        0x0425009,0x1cd09cd,0x19d2186,0x154fcf4,0x1b3f353,0x15d4209,
-        0x110f3bb,0x0ee3244,0x1bd0afe,0x1b1c23d,0x0511a34,0x149285a,
-        0x19ff63d,0x02b30fb,0x075096d,0x0ac7438,0x1f46301,0x07e6baf,
-        0x124f09c,0x1d65005,0x0072090,0x0380221,0x172f217,0x08d1e19,
-        0x1a032e7,0x01b97df,0x0760329,0x1cd916f,0x01a6fd1 } },
-    /* 5 */
-    { { 0x15116a3,0x1480d46,0x11fe59e,0x0965ebe,0x0b84439,0x15d79d8,
-        0x1514983,0x019c735,0x160ccfc,0x10df30b,0x1d4fc87,0x07a5987,
-        0x16ac07e,0x0f688dd,0x00e3838,0x16185bb,0x1071c15,0x022a3a9,
-        0x083f96e,0x1a8e912,0x096d70d,0x16f238c,0x06882f8,0x04ed8f8,
-        0x1ad8a59,0x1039e1f,0x0f221bb,0x04d4398,0x031ac40,0x179bb74,
-        0x1967f6d,0x158a03a,0x0a35d1a,0x142ba13,0x0415036,0x0a15d31,
-        0x0bd734e,0x0ef0525,0x11d4197,0x1b82ac2,0x029b7d4 },
-      { 0x1f4e20b,0x1e165e5,0x131512c,0x1eb1988,0x1c3f548,0x06560f8,
-        0x06d516c,0x0427301,0x100f806,0x007815a,0x0417803,0x11200cd,
-        0x0ce612b,0x01a80c4,0x0563b5e,0x0ed651e,0x0583f55,0x0600ee2,
-        0x11524b8,0x0064e54,0x0443298,0x1d07fc9,0x1de9588,0x1a1b882,
-        0x02b0029,0x03d6895,0x049e03a,0x0824a8b,0x13f272b,0x1c8186a,
-        0x0347af3,0x048603d,0x0e6ea40,0x083cc5d,0x1cbe8df,0x183cbe7,
-        0x02b4126,0x0161881,0x125fa4d,0x004a704,0x05d0928 } },
-    /* 6 */
-    { { 0x12f780d,0x115bf7f,0x0c7560e,0x01afaed,0x14d2682,0x1ba5761,
-        0x0a11e1b,0x1d7c786,0x010823f,0x1ea1109,0x19efd03,0x02fdf6b,
-        0x0d227e4,0x12b47c6,0x03526da,0x177d8a2,0x1d61781,0x1a9de73,
-        0x1cdc62d,0x1c7e445,0x0c1f9cf,0x0fecef3,0x1fd13a2,0x15936aa,
-        0x0553f3f,0x05e78e6,0x1b9bcc0,0x1a5a108,0x0ae6b19,0x01514f8,
-        0x1825db2,0x0497177,0x03dbf5e,0x12d53f3,0x1d165ce,0x0e9958f,
-        0x04dd33c,0x15b11bc,0x1b9771b,0x068285f,0x00a26e4 },
-      { 0x0aa9a08,0x099cfd6,0x1386020,0x0aa48dd,0x00f3110,0x1c9ba3a,
-        0x005c184,0x1c31259,0x1242f02,0x0c6a081,0x17a62a3,0x1a4076b,
-        0x12482bf,0x0d5df4a,0x1be51ad,0x1049313,0x0b93769,0x15c690c,
-        0x1985f1e,0x0d1d12c,0x0b91d52,0x08c5be9,0x058b9d5,0x11acf87,
-        0x07973fe,0x028962e,0x08ac05f,0x05c62a1,0x0294694,0x0f5e60d,
-        0x00dbd39,0x0a638e1,0x19910ce,0x1cf2851,0x1ad2dde,0x015e9ed,
-        0x1a120ad,0x05d8bae,0x0dbb1a3,0x0c3724c,0x019497c } },
-    /* 7 */
-    { { 0x17659a8,0x0586320,0x03fda48,0x0f25965,0x077ab9c,0x03bcbfe,
-        0x1c602da,0x0c6ab6c,0x1e77593,0x057ac60,0x06c6193,0x1b6caac,
-        0x065155b,0x1c07a4a,0x1938d55,0x116405c,0x1b7229a,0x0758564,
-        0x15c6f58,0x129af04,0x18f9885,0x1cf1fd3,0x1773024,0x185a6f2,
-        0x148302a,0x0223dc5,0x02e43c5,0x00bf7ec,0x04b3c15,0x07409e7,
-        0x062b184,0x1ab36b8,0x1a4f27a,0x101111c,0x05cdf3a,0x16bf467,
-        0x0dff1c7,0x1c3985c,0x1de9b95,0x116a2f7,0x096b91b },
-      { 0x0ac087c,0x0c8fa4d,0x0a3706a,0x1cd9fb6,0x0e62f74,0x1b006b6,
-        0x1fe697d,0x19211ad,0x0f917f9,0x1c0e682,0x14b6ff5,0x0bec7bc,
-        0x007796f,0x176b90c,0x16d9380,0x026fbcf,0x0f66fa4,0x107843b,
-        0x1287dc5,0x03dcc87,0x18a3327,0x0c3e255,0x12e6c81,0x090208f,
-        0x1710739,0x01be5d0,0x1566317,0x1f34321,0x00e125d,0x1395379,
-        0x0b432db,0x1e9e520,0x1142204,0x16e7dd1,0x12e5f38,0x0285a51,
-        0x03d3c35,0x130dc55,0x092777c,0x02b9ff8,0x073f3d3 } },
-    /* 8 */
-    { { 0x0fd3673,0x142adf3,0x0ded761,0x1f3a429,0x109b70a,0x0236699,
-        0x0be4373,0x1bd1a66,0x1595510,0x0a9e00a,0x0494739,0x012c718,
-        0x095746a,0x02e60de,0x1f3a96e,0x1751f9a,0x068002e,0x027fd0a,
-        0x0bf35df,0x0796e04,0x05e310a,0x1de2750,0x0da6677,0x1f4eadd,
-        0x1a0d04e,0x1ec19ba,0x1b73b57,0x1b204f3,0x1fd56e4,0x1201928,
-        0x1c52064,0x105498b,0x07633a4,0x0082df4,0x04c06cd,0x1062e1a,
-        0x1247e57,0x0cc587b,0x087ea4e,0x0c886d7,0x088934f },
-      { 0x113eabc,0x1a1d823,0x145fc27,0x03599b8,0x0ca7dd9,0x09e53e2,
-        0x098efbc,0x0964fb5,0x0258818,0x1972d3d,0x1709a62,0x0c25b2b,
-        0x0c0a8cb,0x10f978a,0x1a5d68b,0x126b868,0x0ede172,0x18f94dc,
-        0x102f078,0x17fadda,0x03dac3c,0x1f89931,0x14fd1ac,0x016ed03,
-        0x1be6dfb,0x1a2608a,0x155b690,0x1c63868,0x043d985,0x1f8c547,
-        0x1aa9f18,0x097bb69,0x1cb2083,0x07ac62a,0x10e1295,0x1362d41,
-        0x06fd69d,0x1566512,0x12385d3,0x1762a6a,0x00d1898 } },
-    /* 9 */
-    { { 0x15ef043,0x19a30f1,0x15913a9,0x12692d6,0x107b67d,0x1c1d1e0,
-        0x05cef43,0x06bac58,0x051d29c,0x16a581c,0x070693e,0x1054e36,
-        0x1e3f428,0x0a5a1dc,0x0af3d99,0x1ea86ba,0x1aa2abd,0x0e3bd8a,
-        0x0af8f70,0x071501b,0x073b5cb,0x175240b,0x057f682,0x1721d7c,
-        0x16b4de7,0x1ec434c,0x14af23c,0x09f0fc4,0x04e4248,0x01eb1be,
-        0x162b7b4,0x1af4f5f,0x1ede666,0x05c9d72,0x168a873,0x0301bb2,
-        0x06fba39,0x0e7e92a,0x0b98295,0x1b88df0,0x02bdab1 },
-      { 0x06fed61,0x0f115fd,0x0539e93,0x0b991bb,0x0a458aa,0x09117ae,
-        0x0b7c41c,0x0ee7c6e,0x1e5aff3,0x1525a27,0x0e39b41,0x174e94e,
-        0x16bc2d0,0x0f98f89,0x11c3875,0x1522234,0x13ae102,0x0bbffc9,
-        0x0431e21,0x1014a06,0x05ac8b3,0x143c1fe,0x07cf008,0x0e4ba0d,
-        0x0892544,0x110f633,0x196b210,0x0f1e1c2,0x1a6e8a8,0x18d7e7e,
-        0x0ea68eb,0x0f19a55,0x183ed37,0x0875700,0x158209b,0x0a659b7,
-        0x0bee641,0x11a330e,0x00482cc,0x1257382,0x0353eb8 } },
-    /* 10 */
-    { { 0x0b5521e,0x0e56b08,0x0bc323f,0x00a5ce0,0x1a11b44,0x1ed24e0,
-        0x1a0363f,0x15ac604,0x0cbf36b,0x0dcb2a5,0x028b5f3,0x1c22982,
-        0x007b58c,0x131873f,0x1747df7,0x150263c,0x17d6760,0x1c65f1e,
-        0x12035df,0x0b0cd6c,0x0219eb3,0x19bf81b,0x161ca33,0x1514eae,
-        0x065ed42,0x0386eac,0x1641a8a,0x107e3e3,0x1f906b2,0x1fd2528,
-        0x0a1e788,0x0a87641,0x0ac6e83,0x13baa79,0x0de6e07,0x1c9e16c,
-        0x040016e,0x1de06a4,0x0d9f55f,0x0e3cc43,0x08da207 },
-      { 0x0ce65ec,0x0a80276,0x0178f21,0x1f6e903,0x16d10d1,0x1cbd693,
-        0x1ef29e1,0x15ac97c,0x077e54a,0x1a226d8,0x17c3fd0,0x01937c1,
-        0x0417b6b,0x02a8435,0x11095b0,0x1ab471f,0x03bfd74,0x07ca962,
-        0x0713b6e,0x1c00b40,0x0328501,0x1e252bf,0x1545cb7,0x0baddc7,
-        0x0ce4e53,0x08c6da0,0x1031942,0x15de3cb,0x1561fcb,0x02f3c2b,
-        0x11ba145,0x0694449,0x068536a,0x0705172,0x089c3b0,0x18d351c,
-        0x042b03f,0x1a91239,0x0f57ecf,0x1c5877d,0x0862f55 } },
-    /* 11 */
-    { { 0x06049fe,0x11c8791,0x07ecb5a,0x11b9779,0x0c92a57,0x11a7dbe,
-        0x1b2925d,0x1274a5f,0x03dea58,0x19a065b,0x07a458a,0x0714549,
-        0x13a39f3,0x0a4f20f,0x0cb7cf6,0x0fc804d,0x0db065a,0x1638e3e,
-        0x1a0a068,0x1709408,0x0eca4a9,0x01b98f7,0x18fbad4,0x1976e4a,
-        0x0913476,0x1c67368,0x06e5299,0x19f2f35,0x0fd9f10,0x061dc04,
-        0x0e6d136,0x1c15f8b,0x00da613,0x0df34f3,0x1f78fa9,0x1ea5b9c,
-        0x1c1ee74,0x0eb4326,0x01e40e9,0x1227790,0x071ab28 },
-      { 0x15b60ad,0x0c7e21d,0x06133d8,0x0094186,0x0afb5e3,0x0019810,
-        0x00732f1,0x0cda447,0x1db1c0c,0x1e7c4a9,0x04aa34c,0x1c9b4c2,
-        0x069c994,0x08cb3d4,0x0ab8b0f,0x19a53af,0x0935b7a,0x1e146aa,
-        0x12695fe,0x0b7a26d,0x07f9807,0x1f4e421,0x12700dc,0x0644beb,
-        0x0a18d19,0x0c6165e,0x0d10b00,0x06eefa2,0x13a7277,0x16a3fdd,
-        0x063af97,0x032c5b8,0x0437d49,0x0440338,0x1824b70,0x19e7383,
-        0x15fff35,0x14e37b8,0x029940f,0x16cbc6c,0x08d087b } },
-    /* 12 */
-    { { 0x1dc1844,0x091811f,0x115af88,0x1e20bd5,0x0eca27e,0x1451a43,
-        0x0981bc5,0x1964307,0x1e1d7a4,0x0afc03e,0x1750f8a,0x0c64fde,
-        0x077246a,0x03b812e,0x050c817,0x09c7d5c,0x1caf348,0x0a5efe3,
-        0x1d4b01d,0x07312bb,0x0ac0ec9,0x1b6bd4e,0x00b9957,0x15dbb61,
-        0x1fe208b,0x198cc2e,0x1149f79,0x13902fc,0x1de1ea7,0x07de189,
-        0x0ecc338,0x1989ed9,0x1f95b89,0x19066ce,0x1c7bd6e,0x03e55db,
-        0x1a8cfb0,0x0f05448,0x0dfb3f0,0x094c7db,0x0225ed3 },
-      { 0x0bb1a85,0x18aa6dd,0x1968f84,0x0e3cd4a,0x13d8dae,0x058807e,
-        0x1f55aad,0x035a642,0x0ebc78e,0x026c9a7,0x1cf4df5,0x043691c,
-        0x0b02153,0x100f21e,0x1242fe8,0x0120b77,0x1d02750,0x09e11f8,
-        0x019a468,0x1ca0019,0x041c2a2,0x093032c,0x022caeb,0x004d6c0,
-        0x01caf30,0x1308aea,0x1149db3,0x0e2585e,0x132ffb1,0x01f38ac,
-        0x1c80713,0x0d4e995,0x094e13d,0x09bd23c,0x177c301,0x1c05ade,
-        0x02b1c97,0x1dbb016,0x1f1eea3,0x1cba110,0x0612b60 } },
-    /* 13 */
-    { { 0x0245d6b,0x04ae7dd,0x1fdbbf5,0x0f459c7,0x1cf0cbb,0x1aff772,
-        0x0ab037f,0x14649b4,0x0cf28c6,0x0648a7c,0x0295ae4,0x0a1a861,
-        0x1472fdb,0x09eb901,0x16fdde4,0x193d207,0x091822a,0x0e7d2f6,
-        0x0ba8fa0,0x1ce7907,0x11390dd,0x1133144,0x1516ea5,0x0d597a6,
-        0x1648bca,0x01d5297,0x1a6281a,0x1ede4ed,0x18ed52f,0x09d651b,
-        0x16494db,0x110b583,0x13c2c54,0x042539a,0x0b6802f,0x0f95fea,
-        0x1768416,0x18fc0e1,0x061b8e5,0x1c3a5af,0x00f7334 },
-      { 0x196067e,0x1ae41b2,0x001abee,0x1271833,0x13e54e1,0x0586e61,
-        0x1659ce7,0x1f3050b,0x1424035,0x1a9fa1e,0x1e4254a,0x03f1bfd,
-        0x1a38c53,0x0d87ab8,0x1efa393,0x14f0f21,0x0d2a39c,0x04d060f,
-        0x01bc988,0x1983acc,0x0b4a2fe,0x18b95be,0x0772242,0x176f0d1,
-        0x0a6fbcc,0x124e19e,0x0bf9cfb,0x0362210,0x166c48d,0x1e8bfe5,
-        0x1cd642d,0x10dc28a,0x156b0a6,0x156c2c9,0x0b1014f,0x16ebad0,
-        0x054d30f,0x172afd6,0x1a526ca,0x0e5f15d,0x067636a } },
-    /* 14 */
-    { { 0x11d6bea,0x031de5c,0x0e598e0,0x1d247d9,0x0e263a2,0x13d6535,
-        0x0264b18,0x0fd3af6,0x077af9e,0x176800d,0x0bfaef1,0x199e495,
-        0x109214a,0x1c02ad4,0x1592e59,0x0933b46,0x11ce027,0x0804ccd,
-        0x11a81a9,0x0749c3c,0x0fe7e41,0x1b1728f,0x081744f,0x150877d,
-        0x07d349b,0x0cf1af4,0x14c60c5,0x14c6704,0x0019230,0x145d2a3,
-        0x1c9808f,0x16ffa39,0x1107721,0x17ea9cd,0x10aff7c,0x108d6aa,
-        0x1c18af3,0x0a7a7c0,0x02596cc,0x0ecc159,0x0086f98 },
-      { 0x0bb9850,0x00caa46,0x1231d9c,0x01441a5,0x0210b73,0x1ab3863,
-        0x1415d4c,0x1d48109,0x10324ba,0x166e2ca,0x1ba6d0f,0x0be58ed,
-        0x04607fc,0x0207fd3,0x04f403d,0x08c79e7,0x1962dc1,0x1f0088b,
-        0x11dc979,0x1704a33,0x1186f00,0x1b2de8e,0x0d7981c,0x1ee5558,
-        0x0554c2c,0x0bef9ec,0x1bbe8d2,0x09ba1fb,0x06ad11b,0x13467b2,
-        0x0b75c48,0x13ef71d,0x1c20afb,0x16ff283,0x0753f01,0x14c612d,
-        0x1245549,0x1bef8e3,0x1a041da,0x007cc35,0x0681f94 } },
-    /* 15 */
-    { { 0x1a0623b,0x0a8b1e4,0x0351f2b,0x0ecff57,0x1bf8295,0x17be3e6,
-        0x0c3b206,0x1845995,0x0e966d5,0x14f1c64,0x1390711,0x1aa5e1a,
-        0x1c34430,0x12959ac,0x181d68a,0x0024e84,0x1e333bd,0x09216e9,
-        0x1fb48d0,0x07ec6b3,0x0ffacda,0x186bea9,0x137ccdc,0x08187de,
-        0x156f076,0x0be2fff,0x106ef79,0x0f07843,0x0bb3364,0x051575c,
-        0x01761e1,0x1d5a108,0x0c7c533,0x115ea0f,0x108fe6d,0x1e96fe2,
-        0x1075d4a,0x018a2e3,0x1642955,0x09574c0,0x00c9de9 },
-      { 0x1d5682b,0x1939aca,0x1bb63b5,0x065d84e,0x111c428,0x1b50693,
-        0x0bb562c,0x11fa3e9,0x08498a8,0x155a062,0x03d1458,0x18c4890,
-        0x0258c8f,0x1bce7ff,0x123292e,0x06b3b17,0x03c701a,0x0c855ac,
-        0x1f57457,0x0634e67,0x133caee,0x1de4891,0x00a9565,0x187c784,
-        0x1cae4b6,0x044080c,0x10a64e0,0x0a26085,0x1c8199e,0x141efa3,
-        0x0483800,0x1e5401d,0x0d68e58,0x0d71dc8,0x1d069dd,0x04d3c5b,
-        0x071c30b,0x097652c,0x18e5ae3,0x01d763b,0x0733dca } },
-    /* 16 */
-    { { 0x159213a,0x04ae825,0x003bd6d,0x131ae04,0x0a67203,0x13b8e0e,
-        0x02698ad,0x1969796,0x02b9eb0,0x156f76a,0x0e88489,0x0ea919b,
-        0x11eb544,0x1844486,0x06aff37,0x08d681c,0x163698e,0x029284c,
-        0x0ba704e,0x1fe1610,0x1a71e1b,0x06a884c,0x0862793,0x172398f,
-        0x0c9bcc9,0x05f11b0,0x104dfb1,0x17a9afb,0x119f6e9,0x1290e8a,
-        0x00f40d5,0x19f064a,0x15f6d78,0x1515a5f,0x00c637b,0x19c8602,
-        0x0f4c319,0x09924a7,0x09f5f0c,0x08e1e3f,0x02ab3bd },
-      { 0x02c9fbb,0x1db4049,0x1b455d4,0x101e2d8,0x069e7dc,0x00b77e4,
-        0x144d6eb,0x1370688,0x0846d1d,0x19351da,0x18b0850,0x1dc765a,
-        0x15b517f,0x0594956,0x016be88,0x15826d2,0x11a2cad,0x0952b89,
-        0x0f6f2a3,0x009b1fd,0x1fb2cd9,0x179f9b2,0x17fb6a1,0x0fd5439,
-        0x1b208dc,0x1e0384b,0x129179d,0x1346b50,0x1d118e8,0x031667a,
-        0x1a105e8,0x03edd33,0x00c04a8,0x1043e9e,0x12c2e9e,0x05888e0,
-        0x1ea22ad,0x0513e89,0x148a5be,0x02c984f,0x093a4b4 } },
-    /* 17 */
-    { { 0x11efb7a,0x18de08f,0x1037509,0x0c67f99,0x0e4e68e,0x0fa8545,
-        0x123c6c4,0x1133b37,0x1af0760,0x0181cc7,0x14380d5,0x05f6887,
-        0x0145e24,0x1b71ea6,0x1b09467,0x15a12e7,0x190ba9b,0x1d5b87b,
-        0x06b7443,0x0255abf,0x02b4de6,0x070a74a,0x0e0df95,0x1716d15,
-        0x056d3dd,0x0040bad,0x106b0a9,0x10b6467,0x080f94e,0x1618786,
-        0x1e7e3fd,0x1131b69,0x17f3fb7,0x1ee6ea5,0x113d169,0x0b458c0,
-        0x1e3d389,0x15d97b7,0x1dd8fce,0x1ae65dc,0x0342ce0 },
-      { 0x1491b1f,0x109ca67,0x0e57ac9,0x0e3213c,0x1caaeed,0x126df56,
-        0x0156a7f,0x09bb988,0x1493d60,0x1d3308e,0x17afbc5,0x147439c,
-        0x15ba445,0x11cc4e5,0x0b8a163,0x1080dd0,0x08283f5,0x0dcb7a1,
-        0x055b3d5,0x0ef7334,0x0a0e998,0x13270b3,0x0be41a9,0x12eda27,
-        0x1d353b2,0x100e750,0x1cdb186,0x1f82de4,0x155d86e,0x0219d87,
-        0x0076c13,0x11d6698,0x0b4b269,0x101401e,0x1de0ab9,0x0a71a0f,
-        0x03be3ec,0x161de5a,0x1f4810e,0x1e7c2ad,0x0455f4a } },
-    /* 18 */
-    { { 0x14ec21c,0x1f9313a,0x08e3015,0x13c7437,0x1eacd4c,0x160ff49,
-        0x0434445,0x16c7404,0x0eacc8a,0x075274a,0x1ccb2b9,0x1935d4d,
-        0x0e31c00,0x035cbae,0x0d88e76,0x143d2b9,0x18ca14e,0x1b2a6ae,
-        0x019ff22,0x1a63e8a,0x1ecb230,0x05b1aaf,0x122ee43,0x02e5d1c,
-        0x01ecedc,0x19bbc7c,0x032c019,0x1107015,0x02d0122,0x1700f0b,
-        0x17066c0,0x18b5e28,0x0087a06,0x0e1aa07,0x02dedcb,0x0de09b9,
-        0x0de3c06,0x07790a4,0x07edfdc,0x0862601,0x04f1482 },
-      { 0x02055e2,0x027e737,0x019d780,0x150d864,0x09e247e,0x0ed5514,
-        0x0f6557e,0x0769d79,0x1ceb7f6,0x0af9097,0x1e12834,0x183f0c6,
-        0x115ecc5,0x1abb012,0x0ce002d,0x052a8a7,0x1c38a6a,0x0f5c980,
-        0x04f3746,0x0d74314,0x0d240f1,0x08c43e1,0x00c4f49,0x12827ed,
-        0x035859a,0x1e2fcc9,0x1bf8ff5,0x04680bc,0x00ee054,0x159a0b7,
-        0x0c19e2b,0x07f5b55,0x13be7bb,0x022388f,0x08b20a2,0x0cf203f,
-        0x0d662ff,0x086d982,0x05c2f25,0x1a87802,0x074d5d2 } },
-    /* 19 */
-    { { 0x15bfe11,0x016e015,0x079e8c0,0x1aa5a64,0x0733410,0x1cdd448,
-        0x03d9659,0x0dc2b24,0x0685b23,0x112460a,0x1d81003,0x0b2868d,
-        0x108cfab,0x00638bf,0x15ebedd,0x08aed3e,0x08c6604,0x186dd59,
-        0x1370c91,0x0132d13,0x0d050fa,0x1161187,0x10780ab,0x0b7dee8,
-        0x01554e4,0x1b786cb,0x0b3935e,0x0d11530,0x02d22e9,0x1d63af3,
-        0x0a3eb7b,0x17a5974,0x11512a6,0x03a4fd7,0x198af9f,0x16f10d1,
-        0x0e9f5a6,0x0246c0d,0x1e8a620,0x0858b0a,0x06b1a54 },
-      { 0x1242066,0x15cd6a1,0x0aba7d6,0x0a59994,0x0afef1b,0x076e270,
-        0x0fb1e62,0x1ab6368,0x10341b0,0x0860078,0x0aacdc3,0x11ef6a1,
-        0x194d68b,0x19d3254,0x03939bf,0x0d09d35,0x0fb7f1a,0x00cc19c,
-        0x14683d7,0x01ce906,0x05158bc,0x06ed622,0x0b2b3cb,0x13feed6,
-        0x139995e,0x02ae0a6,0x1c58e4c,0x0940367,0x0d83765,0x1752c44,
-        0x0c5ab0f,0x0e464ef,0x04d9a9a,0x0dddfdc,0x1a47847,0x1132264,
-        0x0bb6717,0x1b8bd75,0x12b2165,0x04d1762,0x04c2135 } },
-    /* 20 */
-    { { 0x1532833,0x1f0534a,0x019cb9b,0x1dac4da,0x0bca228,0x0f39ded,
-        0x1cf6592,0x018455d,0x0f03c4c,0x041d43d,0x1a6d148,0x0eba6a2,
-        0x09e954e,0x1a28354,0x1d427b9,0x19f20ae,0x16e2aea,0x0a4e593,
-        0x09027e4,0x0ebaeff,0x16b9082,0x1ef85de,0x187adbc,0x0264e08,
-        0x002cbe4,0x058ca41,0x06c7126,0x0be7f84,0x1fee593,0x05d41b0,
-        0x1cddb1a,0x0a1c0a3,0x18cbbd9,0x1382150,0x01e4c63,0x1647095,
-        0x00dd1e8,0x155f56c,0x10cd0a4,0x052b86f,0x065713c },
-      { 0x0b77b9a,0x05474e7,0x11a7733,0x0e476d2,0x0f97e72,0x0eb5941,
-        0x0fb9a80,0x1fd8ed5,0x15abecd,0x092901e,0x0435c0e,0x0104525,
-        0x1889448,0x1818a21,0x04c5092,0x08f87f3,0x1f17cd4,0x182104e,
-        0x0157209,0x1e40b39,0x00697c6,0x112b607,0x165f5e1,0x05b2989,
-        0x1b6fe41,0x0eead4e,0x0665310,0x134c8b2,0x1e21a31,0x0550e44,
-        0x03848d2,0x18d407e,0x0904b50,0x17f566b,0x055a985,0x16ab82a,
-        0x1cc7693,0x1b68dab,0x0f0e138,0x0d8775c,0x06b0e99 } },
-    /* 21 */
-    { { 0x0eced00,0x04fd5e6,0x0998c9e,0x15cb6f5,0x1237e71,0x0f5e6f9,
-        0x189a4b7,0x11f0f65,0x0b61dad,0x1922890,0x1e00f2d,0x1c91a6b,
-        0x0de11e5,0x0c72878,0x137d75e,0x15725f6,0x0b4bcd2,0x0b07734,
-        0x138cd8f,0x165eb83,0x064798a,0x0d3e6a1,0x056e8e7,0x1e9f67e,
-        0x172eb83,0x06d8d32,0x0395bc2,0x1eefbd1,0x0562c20,0x1b0f0b9,
-        0x1d05d0d,0x114b1e1,0x0349ff8,0x0eb715f,0x1c6e134,0x09c09b4,
-        0x1e9ff3b,0x0781a14,0x08fe0da,0x00acf04,0x04022a2 },
-      { 0x1847375,0x1de82c1,0x0bc149e,0x047e8a3,0x1ae56b6,0x163f8c1,
-        0x1c9352c,0x11ac331,0x14525b9,0x1191fad,0x0212d7b,0x07341c1,
-        0x16a9d8d,0x1d8963b,0x0175fdb,0x182a9a0,0x03e708b,0x06b8e24,
-        0x109506f,0x0dfa50e,0x1ddb8ca,0x06fc1cb,0x02bcf73,0x199e486,
-        0x131253e,0x1c6dc06,0x0163606,0x0e87421,0x191f68c,0x1590b89,
-        0x1fcfd23,0x06776ca,0x13aff88,0x03f18a4,0x15981f9,0x0c3a2bd,
-        0x008279f,0x0acd88f,0x0a55840,0x196494d,0x0312179 } },
-    /* 22 */
-    { { 0x1615ac2,0x061e503,0x1606a53,0x082435a,0x05865e6,0x0c35bcc,
-        0x185be9e,0x03b5c8e,0x19d5e0f,0x0ad2075,0x115fa8e,0x04c87b2,
-        0x19a9143,0x1d1432e,0x19b5a8f,0x15d191b,0x1961014,0x183b8ed,
-        0x1daa1f2,0x0f99cd2,0x0f6077a,0x108a1d0,0x09f790b,0x127b269,
-        0x1cc09d9,0x01ef101,0x0e63b13,0x04030d2,0x05df4b9,0x036c1d1,
-        0x1af5dd5,0x0c5605a,0x0d9eb47,0x138c485,0x0823416,0x17f555e,
-        0x031221b,0x1c0c0fa,0x047a948,0x0f0e66a,0x0417d6c },
-      { 0x091e9a8,0x0c0db87,0x1accf2f,0x1186e1a,0x1334041,0x1511b9b,
-        0x0c42a3a,0x0ad04bb,0x06c7d67,0x19584f2,0x0cf7b63,0x1d37298,
-        0x1be288e,0x0b4af1f,0x0109aec,0x1d1119b,0x086dce9,0x1530bb6,
-        0x05978d8,0x191244c,0x1b093f4,0x0fb031f,0x1453904,0x1f3c098,
-        0x1ac20c8,0x0b0b483,0x137f4ab,0x1dee8d3,0x12199ac,0x1d72422,
-        0x18ae8c2,0x0255868,0x0681293,0x0a41698,0x01cf24b,0x0a0237d,
-        0x0833099,0x065fc4f,0x0282bfd,0x0a5a28e,0x002189d } },
-    /* 23 */
-    { { 0x0599c69,0x00ceec9,0x0b29cf9,0x16ffd86,0x1b94221,0x1dfdfea,
-        0x06f4826,0x0b7657f,0x063ed89,0x0f54bd2,0x01bde58,0x08d67e9,
-        0x1966091,0x1e8a0d1,0x071e817,0x0826b7a,0x0cf83d6,0x1e3cf64,
-        0x020d41e,0x1fa85f3,0x10277f8,0x1b8bd9e,0x0bf2d4e,0x194b443,
-        0x18dcd67,0x1c34332,0x1334525,0x0d4d815,0x195067a,0x0b871a5,
-        0x0305bcf,0x1be892b,0x11208e3,0x001091b,0x139bb0a,0x03a5bac,
-        0x10782c7,0x1962559,0x1dbe8ce,0x17aa422,0x07bbf8a },
-      { 0x18b981a,0x12557d3,0x00a2fa7,0x0c609d9,0x188b4e3,0x0cef51b,
-        0x13ce4e5,0x18e188b,0x1240b39,0x054dee9,0x00edf5c,0x0fba507,
-        0x06499cd,0x183d081,0x1a42cb8,0x1e36660,0x198ee92,0x011316a,
-        0x11c9692,0x1aefbd6,0x0a0ec62,0x1e3de1d,0x085bc96,0x0bdeff5,
-        0x18b65d1,0x147b16e,0x142e5b5,0x12f2443,0x0f1906d,0x02e1d00,
-        0x102e4a2,0x1d6e98e,0x0476b9b,0x1b1117d,0x0ed71d5,0x1e42fbb,
-        0x1788504,0x1c16182,0x1c5af09,0x0d9f024,0x0860d09 } },
-    /* 24 */
-    { { 0x179bbf9,0x019bea6,0x1e03faf,0x10d3ee9,0x1d53eab,0x0826a9a,
-        0x08254cc,0x12ffe6d,0x0196f8b,0x15c106d,0x19a424a,0x1a3eeb9,
-        0x14961d3,0x02341ba,0x05fb010,0x1973763,0x1bf93a6,0x1d34670,
-        0x17c0868,0x08adff8,0x1fdb503,0x18c4a07,0x0d428b6,0x0008413,
-        0x10f8fef,0x03abbe2,0x1c12596,0x0c6ba2e,0x18770ad,0x136cc5d,
-        0x0f9c95d,0x140f1ca,0x019b028,0x041bc47,0x132be7f,0x006c9a9,
-        0x10dd39a,0x1efa08f,0x1e48068,0x084075b,0x07e80e4 },
-      { 0x19a1ddf,0x1c52ba9,0x15892d7,0x1ddc90c,0x1248e7a,0x1010f0e,
-        0x1247605,0x18838f6,0x1fd36d2,0x13dc38d,0x100364b,0x0a0815d,
-        0x13da38b,0x10c9f8d,0x009d849,0x0f1ade5,0x086fb1f,0x1b4e1ff,
-        0x009eb0c,0x116f0dd,0x08f756c,0x039a43e,0x05a1fdb,0x1bdcb78,
-        0x1221719,0x00c55c7,0x1ffce65,0x09d08e7,0x027c800,0x000a548,
-        0x0a3ce13,0x1543a5c,0x167be9a,0x0f778cc,0x1b4f819,0x190d2d0,
-        0x07bd837,0x1e35846,0x1618dcd,0x1a33d17,0x05dcab5 } },
-    /* 25 */
-    { { 0x07d772b,0x0141d4d,0x166c1e1,0x0bca812,0x0b49e52,0x00a55ab,
-        0x0c02219,0x152a8d7,0x09d74b2,0x02240b1,0x0c2c6f5,0x015a407,
-        0x0b26789,0x0469fc3,0x1ea0af3,0x1078e3c,0x1b5d85a,0x189a95f,
-        0x0b41f33,0x1e2dc7f,0x043ff29,0x1c20f06,0x100a98e,0x06f3fdf,
-        0x122c56b,0x1934827,0x0ec4913,0x13b14ca,0x08bdea1,0x1b6f9d1,
-        0x13998d6,0x1eda8ab,0x0b68851,0x19b9a8c,0x006273f,0x16e9585,
-        0x0b2cbda,0x007cefc,0x15262b5,0x13d5b93,0x008cc2d },
-      { 0x170c84b,0x1343360,0x1210b9a,0x16b4934,0x1b989e8,0x0644c95,
-        0x0038341,0x046f61c,0x061b3a4,0x0d69a3c,0x0062655,0x08a161a,
-        0x133c952,0x1188065,0x0488557,0x0eda1c7,0x16ef032,0x18c932d,
-        0x1b50ad4,0x10b2b4e,0x13b60fe,0x107e31a,0x02a5b7b,0x0df127c,
-        0x00dc824,0x05d3b0f,0x1bc29d3,0x1d92057,0x1fad9b4,0x03421fe,
-        0x1d58402,0x09fb6d2,0x16a60e4,0x1ac852e,0x0b21fbd,0x0e7ea75,
-        0x12870a3,0x0f35f00,0x156c34a,0x182ab54,0x0991fad } },
-    /* 26 */
-    { { 0x0844ffe,0x02587da,0x01c60af,0x08c1f17,0x1392271,0x11f8f9b,
-        0x0038933,0x1d91580,0x0163519,0x06aa45a,0x022d7fc,0x0857105,
-        0x107aaf8,0x15ee4d3,0x02c3130,0x1facf3d,0x1524ba5,0x1d036a8,
-        0x04f37b0,0x035f41f,0x18f0d0b,0x1d6fc4f,0x0a02556,0x1465924,
-        0x1e92dee,0x1f24365,0x04ff816,0x195c7f3,0x0919aa0,0x184afd3,
-        0x02fc981,0x0dc1e37,0x154741e,0x07cc407,0x1dd0c3b,0x0e55da3,
-        0x134991d,0x0b7bb5b,0x03fa64a,0x0504b3e,0x066cf8d },
-      { 0x06f5868,0x0c82d91,0x1a7a6c0,0x182d213,0x0102e88,0x1bf5aa6,
-        0x0245928,0x04657a1,0x0c98163,0x19129f4,0x0b14f3d,0x1d3b0d7,
-        0x1737f84,0x17f5557,0x0d49152,0x008dc5c,0x1772ca0,0x133e437,
-        0x198cdcb,0x19ca1cc,0x0a0486b,0x105b4a8,0x1da8ea5,0x0357527,
-        0x194d7fc,0x13730fc,0x0f04c9b,0x12af825,0x16b0051,0x07f2172,
-        0x0326d96,0x10b24e8,0x0d297fc,0x19352ce,0x1a6c5df,0x16eca99,
-        0x079d2eb,0x134cedd,0x19122aa,0x0b41d96,0x05fca0c } },
-    /* 27 */
-    { { 0x09a6663,0x112f9ab,0x129f89b,0x0fcd549,0x09597ee,0x0c5c060,
-        0x1369a34,0x0604b49,0x1229267,0x083015a,0x01c8251,0x0ca00e7,
-        0x139af5f,0x13399d2,0x1bb6cd0,0x052a3fd,0x1688657,0x107ae73,
-        0x0e62ba6,0x146c170,0x16c3872,0x0015987,0x180d1ea,0x02c42b0,
-        0x13b231a,0x0f66908,0x0bb9b1b,0x1fb39f2,0x1cf9e66,0x12d42e5,
-        0x01217c2,0x05747fd,0x1a5a6e4,0x06b93eb,0x1c8147b,0x0155fcc,
-        0x02081a1,0x0e35d95,0x0c2d382,0x1e172e7,0x0657acb },
-      { 0x074c8d4,0x02337e1,0x1344c4c,0x0c61532,0x0276517,0x1ca1afa,
-        0x16329c1,0x00c42e4,0x0eb897a,0x0428203,0x1b84c11,0x1ddcac3,
-        0x1bf38df,0x150bbc5,0x1d3eb3e,0x173d223,0x017b9ab,0x13b2e33,
-        0x03c424c,0x0a9337b,0x1159b13,0x1bd39dc,0x103ad8c,0x0fd16d5,
-        0x1ccf16f,0x1a9f960,0x0861f7b,0x1665807,0x0b9c625,0x0ea4c18,
-        0x0e226b4,0x05e21ca,0x135eae3,0x1aade0b,0x070a757,0x1b6397b,
-        0x0539db0,0x014623f,0x0ceed09,0x02590a5,0x03d2da4 } },
-    /* 28 */
-    { { 0x11f2865,0x015b743,0x035a5dc,0x1e28524,0x16cb639,0x1ac308a,
-        0x08a8116,0x024650a,0x1f3b138,0x1ca1d68,0x081ba3c,0x0014e24,
-        0x0ae6c22,0x11a6acf,0x024396a,0x1eeb385,0x140f6b7,0x1d5a97e,
-        0x002fd59,0x0591bc3,0x0396f52,0x1956677,0x0607a5e,0x1d4b976,
-        0x15819c4,0x1f7f01b,0x02ad474,0x1b330bd,0x150fd80,0x0b655e5,
-        0x03789b2,0x12fc390,0x19d6b13,0x11abefd,0x0053de5,0x16b0563,
-        0x07f4c7f,0x13c1108,0x1f98626,0x05b806a,0x002aeef },
-      { 0x07ec9be,0x1c93796,0x0804ae9,0x1ce4b16,0x092f307,0x1d35a51,
-        0x0a8431b,0x156e9cc,0x1e2bcc5,0x06042a4,0x0301ce0,0x1b70f77,
-        0x0db4160,0x194f8ca,0x1bc14a4,0x09539ab,0x0146dda,0x0875c6d,
-        0x17a88f4,0x1a87a42,0x1fae0b5,0x017e1a5,0x1b3afbc,0x10eaf4e,
-        0x164d084,0x051d669,0x00b4d33,0x028026d,0x0d95e2c,0x13a10e9,
-        0x0a02729,0x0f0dd54,0x1fd1d6e,0x12ff661,0x0db68a5,0x073d622,
-        0x0077920,0x038dd56,0x0bac122,0x002962b,0x06b446c } },
-    /* 29 */
-    { { 0x1e8fe80,0x0f59712,0x085f206,0x0d30471,0x0b5f790,0x120c249,
-        0x1a65a07,0x08bade3,0x098ea6d,0x056c56b,0x00b9016,0x15a97fa,
-        0x0d5bae5,0x140920b,0x1b70c9e,0x0f94202,0x185a334,0x0c598d4,
-        0x0a994e4,0x1b4c210,0x15fb0b4,0x16da461,0x072e46c,0x155f188,
-        0x0817cd2,0x0e04f4b,0x0f37f73,0x14c6090,0x1692541,0x09b0895,
-        0x05dc156,0x1f14541,0x1dcd712,0x02940af,0x08e8d73,0x0ab356c,
-        0x132b609,0x0475f04,0x014bcc3,0x097611c,0x0861342 },
-      { 0x0231d8a,0x01031d9,0x199ca24,0x13b34c2,0x10f6232,0x0d4f93d,
-        0x03f9c1c,0x0fd55f4,0x0603f04,0x1e6c4b0,0x0a870da,0x14edfb2,
-        0x16118cc,0x18ea41d,0x05398ad,0x0a4c468,0x0ddba70,0x15091e6,
-        0x166d716,0x0ec86ff,0x0fa31a5,0x0126468,0x094c06f,0x0484f9b,
-        0x0ad4410,0x0014b78,0x034ea9b,0x1cdf6bc,0x0a39960,0x0440039,
-        0x0b73631,0x1081a7f,0x1afca12,0x0eaa0a6,0x08f77a4,0x1a53e99,
-        0x0441734,0x1be2cc4,0x195f000,0x133399f,0x086333a } },
-    /* 30 */
-    { { 0x0f53b40,0x1d3a8f6,0x150b484,0x045ef14,0x0ff2c6f,0x1d72b6e,
-        0x1c38bc4,0x11c1eb3,0x10e6174,0x0fc665f,0x1105164,0x1973ae5,
-        0x170aade,0x064e6e5,0x0bb6149,0x1f8e0d6,0x12c1eaf,0x147005b,
-        0x09ca040,0x04850b5,0x0afa89b,0x105b3ce,0x0a9fa9f,0x014dedf,
-        0x18c264f,0x1cbae95,0x0c3a010,0x1daf62e,0x1730497,0x15a2e42,
-        0x0f96a4f,0x0130dd2,0x12bf5d4,0x06057e4,0x0a71a88,0x1ea4d6b,
-        0x199dc3a,0x0fa3e4d,0x0b3242b,0x1c57440,0x012b25f },
-      { 0x1eea395,0x06bc519,0x117026e,0x11ec67f,0x07a9361,0x076777e,
-        0x058a49c,0x018fd04,0x0c628ed,0x123bcdc,0x1a24e54,0x194343a,
-        0x1091db5,0x0c376e4,0x09b8639,0x1e77f0c,0x08bfeb3,0x07f011f,
-        0x09405c7,0x13fbc20,0x12de627,0x0e2af0b,0x194bb1f,0x1a9948b,
-        0x08695c6,0x078a22f,0x02f6f04,0x05bc70f,0x03835e4,0x06f437e,
-        0x148ac45,0x0fc216c,0x1aba456,0x13c7f4f,0x00a8e43,0x148223b,
-        0x0edf0ac,0x15b0e15,0x12dd15d,0x152e959,0x0216279 } },
-    /* 31 */
-    { { 0x047f747,0x06d5fa0,0x087b053,0x1b8262b,0x03ca233,0x12e8538,
-        0x12f4d03,0x0d2b3cf,0x1bb4138,0x1e86274,0x07ef607,0x11621e0,
-        0x1d189d0,0x13b5c11,0x112710a,0x00142a0,0x0a1398b,0x040e112,
-        0x1a05e79,0x109c9f1,0x01e9080,0x0a34c72,0x1f62be6,0x0217e5d,
-        0x0e37c56,0x0878f18,0x1e9f49e,0x1cd4087,0x1953884,0x1306598,
-        0x1f6765b,0x006f33b,0x15f986d,0x1c817f3,0x1c47e3f,0x1c76951,
-        0x1588416,0x0a29bc3,0x14d7bea,0x07f304e,0x020683e },
-      { 0x0378878,0x0171368,0x1e1f2d6,0x074f28a,0x1e214c2,0x134459c,
-        0x002fe3d,0x0e027a0,0x1405152,0x0a46a7a,0x047d75d,0x02ba802,
-        0x027113c,0x145ffc8,0x1d6949a,0x08b9877,0x0109b49,0x0ded358,
-        0x10bce81,0x198e9d7,0x1fa183d,0x0221f7e,0x0abbd8a,0x0b8b7e8,
-        0x00ee956,0x01d6973,0x1564bc9,0x1e1f421,0x03bf514,0x05990de,
-        0x1d1ab96,0x0c0aed4,0x13b0868,0x1840d40,0x0fe135c,0x1217804,
-        0x12dcee5,0x081d501,0x11e567f,0x1ea4fad,0x05e416b } },
-    /* 32 */
-    { { 0x06cc23c,0x09bb001,0x016090c,0x1d6b652,0x1819aae,0x09770bf,
-        0x1cbe317,0x0055244,0x1ee5cc4,0x02473e5,0x1bc1f60,0x0ddcefb,
-        0x1edbc7d,0x1b57c10,0x15a4913,0x17712c3,0x0ed996c,0x02fbcb3,
-        0x1a85569,0x162fd52,0x0d56f81,0x1801f9f,0x0cb67bd,0x1054b65,
-        0x05906e8,0x0c02f37,0x0aba51c,0x0df420e,0x0c76f48,0x1e28b2c,
-        0x080d367,0x19606b5,0x1603dc0,0x13240cf,0x1fadd6f,0x1f6f673,
-        0x0f04a9e,0x03aaa56,0x1f78f2a,0x1d90f69,0x04ff682 },
-      { 0x0a10ad5,0x0b13fe8,0x1d14c49,0x052d1cd,0x1fd45c7,0x1508b1b,
-        0x0f5ae01,0x1c65303,0x1de5033,0x096f0e6,0x1e2622e,0x08bd7e9,
-        0x1c3b44b,0x0d73f0e,0x06e625b,0x1b0f194,0x05a0778,0x1a90b37,
-        0x1445a11,0x08e57d4,0x144582d,0x157944a,0x1ef74e0,0x0dd8993,
-        0x116025d,0x1811176,0x12d954a,0x0c29d63,0x06210f3,0x0fb9d0f,
-        0x09d8f17,0x00434e9,0x1160285,0x05ea6f4,0x1003197,0x1348994,
-        0x0f15e29,0x058c3f0,0x141f123,0x11c6804,0x051eb81 } },
-    /* 33 */
-    { { 0x12100ab,0x0e8bc5c,0x00e47f0,0x012c0b7,0x1f2e3d6,0x0f2ce86,
-        0x10956dc,0x008254f,0x114fcbe,0x1c5b33a,0x141abcf,0x126ab3f,
-        0x070e8a3,0x0901068,0x0c99408,0x0f7caac,0x0d1528e,0x0334b7e,
-        0x11edd95,0x10a2961,0x05b5658,0x062c895,0x033603e,0x04996fe,
-        0x1ef04f3,0x0bac5d7,0x1f1b68f,0x16a7dd9,0x11df2f6,0x046c18e,
-        0x1b7b7bd,0x0e70256,0x136b965,0x13018f9,0x192bb98,0x17905d5,
-        0x1244f09,0x055e996,0x191fcc0,0x0aa63b2,0x08b0af9 },
-      { 0x0603544,0x00c0517,0x167addc,0x0644359,0x0b573ac,0x0038191,
-        0x1d99589,0x07a742f,0x1b89abc,0x09f3a56,0x0c896ab,0x1c75af2,
-        0x0b8a3d2,0x17812b2,0x1eee813,0x1a56a8a,0x12ffc2d,0x0443ab2,
-        0x19c50fa,0x00ba2bc,0x0d70d29,0x0101724,0x1b6212d,0x0c6d4ae,
-        0x19219c7,0x06f837c,0x04d78de,0x11b8684,0x064a02a,0x0b9e886,
-        0x19a5707,0x1982af4,0x16a4ece,0x051aa66,0x0722389,0x1b75b98,
-        0x1839329,0x1278d94,0x02b4200,0x0929b49,0x05363e5 } },
-    /* 34 */
-    { { 0x03fc641,0x091dbf1,0x018c7d5,0x1f0ccce,0x1e54e72,0x004e97f,
-        0x057d638,0x1c25294,0x18c57f5,0x101ccbf,0x159373c,0x049962d,
-        0x1ba2297,0x05d517f,0x1ef93f5,0x11dacd2,0x0460a6e,0x11fa83f,
-        0x014214d,0x1c74baf,0x02080af,0x0ecaa04,0x1bbbdb3,0x18846f9,
-        0x1d889f2,0x129b80f,0x0970e14,0x12db107,0x0212f14,0x13f6b95,
-        0x1378971,0x03fef1f,0x1416783,0x1a0a325,0x001305b,0x0fd32ce,
-        0x045b069,0x02e1d0e,0x0c30fe9,0x0307f7a,0x0633340 },
-      { 0x0fbbbce,0x0d06651,0x1d10e72,0x1954196,0x076f6e5,0x1c7671c,
-        0x00438d0,0x10539cc,0x013802d,0x1568a47,0x11686c2,0x18c139a,
-        0x009c3e5,0x1de7e0f,0x172e165,0x09ba10e,0x190d858,0x1d8cffb,
-        0x0070a8a,0x11703db,0x07e3259,0x17815f0,0x0462f7c,0x0ecb9d2,
-        0x1c8eeb9,0x0d703a7,0x02c93e5,0x04bd3b1,0x18f09d1,0x166e064,
-        0x09ceec4,0x1416e96,0x06aee07,0x03be725,0x0be7020,0x1e8e47a,
-        0x1ea8026,0x0a23eb5,0x02dce56,0x0b82c50,0x093a707 } },
-    /* 35 */
-    { { 0x15b27f9,0x1f7f138,0x048c9ae,0x0454501,0x0935a5e,0x0c51355,
-        0x08ebff5,0x128bbbe,0x07c1386,0x0641f0b,0x08854d5,0x1793125,
-        0x1544799,0x0dc684f,0x1b91c42,0x1d4d09c,0x016d588,0x1631d7b,
-        0x00eac6d,0x12ce0d1,0x13365e8,0x101e904,0x0f04e4e,0x1847bb4,
-        0x1292192,0x121e817,0x0b73dba,0x16e196f,0x1559e1a,0x07543c8,
-        0x02c490d,0x0dae1fe,0x00680db,0x15d2282,0x1948a0c,0x1e3421f,
-        0x05f0cb8,0x0fce047,0x107f75a,0x1588962,0x01a7422 },
-      { 0x140b675,0x0ee974f,0x1ce70ea,0x07f98e3,0x0a7c660,0x0471a11,
-        0x0698465,0x1083127,0x0ed0ab4,0x19db0ac,0x0729ae3,0x1b2fdc6,
-        0x03a3aa7,0x1bd46db,0x07a197b,0x0c5c978,0x0092c7c,0x198afc6,
-        0x1d71b43,0x00f11f3,0x1ec5a26,0x14a5b79,0x0c60cc4,0x169b093,
-        0x1bcd636,0x14db9d6,0x02f1a66,0x0dc2912,0x1175e76,0x086c150,
-        0x13efcde,0x1f8a794,0x143605a,0x1b048bf,0x111e1ff,0x0caefed,
-        0x000c82b,0x1e3aa93,0x1667209,0x0613a4a,0x00944d6 } },
-    /* 36 */
-    { { 0x0ab9620,0x15b1f73,0x00233f7,0x1af0d9b,0x1ff4fa6,0x119059e,
-        0x1760915,0x02a28bd,0x0c49439,0x172fc31,0x0cfe1ca,0x10276e7,
-        0x099508e,0x1297cbd,0x16017cf,0x136c477,0x028c982,0x07b8dae,
-        0x1b833bf,0x098e1d0,0x136eb39,0x1491ded,0x14d3ec6,0x1c4fcb4,
-        0x15862db,0x0b4eb27,0x0e0ead8,0x15c47be,0x0828cbb,0x18d893e,
-        0x02b75b7,0x07460f5,0x101899f,0x0efb30c,0x1966047,0x0e6d990,
-        0x19943b7,0x05bbba3,0x195da8f,0x106dfb0,0x07d89f3 },
-      { 0x1f92b2b,0x1212164,0x0af7e15,0x0b88dc6,0x100c6a7,0x0cd2e2b,
-        0x1a2ddfe,0x0d127ce,0x0031495,0x177f42c,0x199c26d,0x1433859,
-        0x13bbfe8,0x1737624,0x068ec6f,0x1851ae4,0x0a9c371,0x0937777,
-        0x145df87,0x1022bc2,0x05a5d79,0x0758345,0x15efcef,0x1a56965,
-        0x1a22046,0x0fe6fc6,0x0d66fa7,0x1be132b,0x040b793,0x0bde3bb,
-        0x11725a2,0x0b457a7,0x00cf4c2,0x1f3a267,0x15ba26b,0x162de8b,
-        0x1a8509b,0x1f9d659,0x09b9ad4,0x03ec7e5,0x0449af8 } },
-    /* 37 */
-    { { 0x16d9377,0x0789950,0x1e7b0bf,0x06fc345,0x1ab377b,0x08cd72c,
-        0x084ba1b,0x162e5c3,0x0d013bb,0x1589733,0x1d9aeb4,0x00ab96b,
-        0x100972e,0x1ccf55a,0x0778700,0x0bd85a2,0x0fdc65f,0x1e0f98a,
-        0x0a7fd64,0x0230831,0x06e6fc3,0x1670292,0x17dcf07,0x04a0adb,
-        0x1136316,0x10ce146,0x1dbec97,0x0153b7a,0x1cd2d73,0x0922422,
-        0x0b4127b,0x1a6dd0a,0x179b83f,0x04541e3,0x1f1fda3,0x070b46b,
-        0x095e803,0x0df8f0e,0x06bd4a6,0x1864112,0x00e8617 },
-      { 0x1c81b5c,0x1030133,0x1cf14dc,0x1bce6f0,0x0fa89dc,0x0a27e81,
-        0x0c2c2a0,0x10654e8,0x126208c,0x00362d3,0x0903d4c,0x0cc1b1d,
-        0x044e066,0x04b209d,0x14097e6,0x0293f3b,0x0cc46b9,0x15ef9c0,
-        0x0849730,0x0acc321,0x1c37801,0x1ba93c9,0x0135a8e,0x0f4c5e4,
-        0x013746b,0x0bc5b00,0x0161756,0x139fc4d,0x15fe66a,0x065c41c,
-        0x1db72b4,0x08d64c3,0x0b468fc,0x0c90c5d,0x17be767,0x05941de,
-        0x1e45240,0x03ea542,0x1da1f14,0x1e264d9,0x06f4404 } },
-    /* 38 */
-    { { 0x1ebd3ff,0x0c905a7,0x0eea8f8,0x11fbfa5,0x0a6234d,0x0d4c14e,
-        0x0bcab86,0x0416fa3,0x0c6f5bc,0x1ef0b08,0x0e72a48,0x17e7b54,
-        0x0be204d,0x16c6385,0x0b7a6e1,0x06e1654,0x0377c9d,0x1139706,
-        0x1595443,0x02980dc,0x16b0809,0x142be5d,0x0d8479e,0x04cd4dd,
-        0x1c6efd8,0x00e03b7,0x18c2560,0x1f5869d,0x024063d,0x00515cf,
-        0x115a7fd,0x0f0f54b,0x1ba31a9,0x1866953,0x1f7ccf1,0x081c9a3,
-        0x0895f07,0x1f18993,0x1c78a40,0x1f0ff6c,0x0905771 },
-      { 0x0062bee,0x0dd06d2,0x07e5466,0x1929afb,0x18e7238,0x0491600,
-        0x0a6f078,0x0bfea7e,0x1b12d85,0x14d9540,0x0328a77,0x1ddadad,
-        0x1f649f3,0x028604b,0x0b7f0d3,0x13140c9,0x0b99db3,0x040cb25,
-        0x0961c89,0x0b388ef,0x103a00d,0x0b3a62c,0x027fa8e,0x0087ba0,
-        0x1d8ee15,0x0103557,0x197c7b3,0x0ae434d,0x19b7b4c,0x124186d,
-        0x0aadb5a,0x0cd91aa,0x0ffc617,0x0151383,0x075ab32,0x107bc48,
-        0x07f2f7a,0x02f8291,0x17b3018,0x076c809,0x06a2295 } },
-    /* 39 */
-    { { 0x0fce389,0x096c7ba,0x1592491,0x0055f4a,0x059634c,0x16bc128,
-        0x132efc3,0x01b26ef,0x137718e,0x0fa022d,0x1a69362,0x1cfb3f4,
-        0x1a11074,0x194ad85,0x1c2ec1d,0x1dbccba,0x0adf107,0x1d916aa,
-        0x068a71e,0x1347b14,0x03ab5c3,0x016bcaf,0x0dc8db0,0x0b132a2,
-        0x02d002b,0x1717b94,0x195e42f,0x1c44cb7,0x065ea25,0x1508d47,
-        0x0f64783,0x0c0039d,0x071a708,0x02a0107,0x1d68b07,0x022d201,
-        0x157f698,0x196ae01,0x0d09f0e,0x140c33c,0x0528c9e },
-      { 0x126c577,0x0435a2f,0x15147b7,0x1128717,0x1807470,0x12c153f,
-        0x0404de4,0x13e5bfc,0x0de1e56,0x0475650,0x168d5b8,0x1df534a,
-        0x165f952,0x124bb10,0x1602d4f,0x0e3e549,0x055cd5d,0x0695b2c,
-        0x1b3a8fc,0x0e097ec,0x03ca246,0x0fa4919,0x064fd90,0x1b6264a,
-        0x1855c9a,0x1295340,0x18b4675,0x0daa459,0x02ed7b8,0x0f882dc,
-        0x0a54d82,0x11c2a1a,0x10f0094,0x1f4489d,0x0fec2c4,0x12475b1,
-        0x1794b44,0x18aab67,0x13d5f2e,0x126e717,0x0200f90 } },
-    /* 40 */
-    { { 0x188387f,0x117e2c1,0x0f17e6c,0x0051d10,0x0f26f17,0x1bcb9e6,
-        0x0ae4346,0x0e288f9,0x0f6ec91,0x0aea751,0x136f023,0x0931861,
-        0x0b2e16f,0x04311e1,0x04a4431,0x18a8bb9,0x1b030db,0x0758a48,
-        0x137886c,0x1bd65c2,0x10f4631,0x1317f41,0x0128841,0x1383e7e,
-        0x0979c37,0x1cad263,0x03ec1a9,0x14e656d,0x19dfa98,0x193d0b0,
-        0x06ce910,0x11b7c59,0x1a307d3,0x04ff548,0x03480e6,0x1f27379,
-        0x0f4a331,0x155d790,0x15770f6,0x131ba1e,0x05c307e },
-      { 0x1b233da,0x070621a,0x0616ef1,0x0a45edf,0x03d2908,0x1812347,
-        0x0b486a2,0x1cf33ba,0x1a96916,0x1c7a074,0x0f33b65,0x10d8c29,
-        0x0c0327d,0x19483b1,0x1a5540a,0x1e5db2b,0x197a879,0x187fe90,
-        0x0382f4c,0x0ca26ea,0x04c4c43,0x050413e,0x09b0c52,0x19f8164,
-        0x012a83f,0x0c4e3cc,0x18c64a1,0x07b1a2f,0x10f42dc,0x167f441,
-        0x0fe2d5c,0x0960ff0,0x0d9ff92,0x08a47be,0x0540294,0x1866395,
-        0x0c59f9a,0x029cb42,0x11e1743,0x1f58286,0x01df16d } },
-    /* 41 */
-    { { 0x0bcacc3,0x1da5634,0x033f31e,0x1e861eb,0x06ded34,0x10c2ad0,
-        0x07d3f51,0x1798b3f,0x045c9f0,0x0a48cca,0x17224bd,0x1d8c86e,
-        0x1adc5f7,0x1e42cc1,0x01c23c4,0x1a10e37,0x0c482fc,0x1d9952e,
-        0x15ad303,0x19b86a5,0x1b2defd,0x0245637,0x12ec93c,0x120c8e2,
-        0x0d4f533,0x1622cc1,0x1ee0e8e,0x0c5d6a5,0x17a2231,0x0f94119,
-        0x14dc4c3,0x19787b7,0x0e7b802,0x1d6076e,0x0564919,0x1d1672b,
-        0x1b56717,0x09e9740,0x0985c87,0x0a08ca2,0x0729a7f },
-      { 0x020f90a,0x168d542,0x01561d3,0x1c1fc99,0x0368e19,0x1f3a57b,
-        0x12aaac2,0x1536c5a,0x08ca60c,0x17e6240,0x16a19dd,0x0b4aec8,
-        0x0cf310b,0x0ed8d92,0x06eb26f,0x0b68826,0x11d2dea,0x177bbeb,
-        0x0bf3193,0x0da420e,0x17f0470,0x08b39eb,0x0a6e49a,0x13c0cc6,
-        0x00bf3e8,0x0a01170,0x0dd01df,0x0e5a19a,0x1232e24,0x0206c14,
-        0x0ccf884,0x071b90a,0x1916dfb,0x07b3397,0x166c52e,0x1a91776,
-        0x144be19,0x0f4fa56,0x0757067,0x092465b,0x07f6d36 } },
-    /* 42 */
-    { { 0x0794819,0x0326f37,0x1684ef4,0x1df05d7,0x1a6b694,0x0f14022,
-        0x1ff82e4,0x1a43e02,0x107a43c,0x08698f9,0x10cfa46,0x044cc60,
-        0x146c26f,0x055fee5,0x1222a9c,0x0238174,0x085a464,0x020c6c8,
-        0x1fed620,0x069fcd7,0x18491b9,0x1bf1007,0x1d74788,0x0a827b6,
-        0x0d63fa5,0x1bbef82,0x1788ecf,0x042ddae,0x11bd30e,0x136587c,
-        0x0268161,0x0ee538a,0x0c395d9,0x1596bc2,0x062114a,0x0dd92fc,
-        0x0093d68,0x1be0fc8,0x021b232,0x12ac51e,0x02d0323 },
-      { 0x044b4c5,0x04a03a5,0x1262a07,0x1398e05,0x1984687,0x186e4bd,
-        0x08a1f3a,0x04396a0,0x06e3aa3,0x0180893,0x095b08c,0x0ec7c98,
-        0x05c0ac8,0x12ada42,0x00d3483,0x1e6b6ca,0x040f240,0x0554b50,
-        0x13dfbb7,0x1a4da6f,0x0656046,0x109dc08,0x18a96a3,0x1ae1856,
-        0x04b9783,0x147c302,0x0167936,0x1f75ff1,0x17f5d12,0x080d2a2,
-        0x15e4a76,0x16a636e,0x09e1eb2,0x14b9ce9,0x0f72793,0x12429b5,
-        0x0eaa9bd,0x0b927e2,0x0ee6d6f,0x1663df3,0x0734c12 } },
-    /* 43 */
-    { { 0x0f9b086,0x11e1749,0x151263f,0x1d67fa8,0x0641b93,0x01632e2,
-        0x0822d70,0x0848f9c,0x1c4f032,0x1296e50,0x14a7da2,0x0fb2cf3,
-        0x14b5ec1,0x0a037af,0x14bfb42,0x1502223,0x1dc0d9b,0x19307b1,
-        0x151ca8f,0x160ade2,0x10e6de2,0x0f80394,0x06c5c36,0x16b91f2,
-        0x03e8db6,0x1f75171,0x073cd30,0x08b4507,0x173ee23,0x0a308dc,
-        0x1166f71,0x17649a3,0x1bda6c2,0x0a0d0b2,0x0e8cf18,0x032faa5,
-        0x1d2eb20,0x1d8b094,0x1927d1e,0x10e43f7,0x07c558a },
-      { 0x1350fec,0x02d291f,0x1302e52,0x0ad471a,0x016678c,0x0d53268,
-        0x11a8835,0x1c91de6,0x0d96da2,0x02ed501,0x11ecf2e,0x09d49ec,
-        0x0c845ec,0x06af4a3,0x1469b28,0x1e95781,0x1c14fa9,0x1a0ec68,
-        0x122c4c0,0x0e598b3,0x1bfb439,0x06a1a7f,0x19f87d2,0x13a4630,
-        0x0e93a81,0x11f9a86,0x01b77bc,0x13ea612,0x0cf12c4,0x167c900,
-        0x1f0f0b9,0x0c80865,0x0691cc1,0x0b5a921,0x12d1c92,0x1d7ffee,
-        0x020a97b,0x093e4f8,0x10d2111,0x194f678,0x034cd7d } },
-    /* 44 */
-    { { 0x1e7fe87,0x0bb0d2c,0x15cbc0c,0x14008f9,0x11eae31,0x1187b15,
-        0x0b9a3eb,0x0864f20,0x1b71db1,0x1337a46,0x00e3d29,0x0cf01c0,
-        0x0d75ee6,0x015eebb,0x116b19c,0x19ab876,0x028a0d6,0x08697dc,
-        0x16316c4,0x1cfe3b3,0x1e9627c,0x120905a,0x0507f83,0x04cf86e,
-        0x1b984b9,0x166cad0,0x07580c4,0x040dcb1,0x1493565,0x1a176d2,
-        0x0b0619c,0x00e18e9,0x14520b9,0x1d8599b,0x0ed6555,0x084e079,
-        0x06ed8c1,0x10face5,0x0e21fd8,0x18557ef,0x07ceb1c },
-      { 0x17fd65b,0x1d2dded,0x15f0191,0x006d928,0x18d45cc,0x0938c56,
-        0x0676e78,0x1638db5,0x0e93a7f,0x08eddfa,0x159a87b,0x12b97a2,
-        0x194512c,0x0de0648,0x186e803,0x0a4d290,0x0989e7f,0x11e3661,
-        0x0506aab,0x12c2a01,0x18e3671,0x07e4629,0x0ff3d74,0x0b4aa3f,
-        0x09929a2,0x19356b7,0x145f283,0x00e2130,0x09ef7e9,0x1c757d4,
-        0x125d0ed,0x0e3568a,0x1d5ea31,0x0e1b69c,0x0fcf9b4,0x1ae885e,
-        0x059d568,0x1341f00,0x1b57096,0x13244f9,0x01f629a } },
-    /* 45 */
-    { { 0x05a1c3e,0x0eed672,0x117e249,0x0a83eea,0x12d2936,0x13fc143,
-        0x0bf2cdf,0x1a48ac4,0x13e4c79,0x011a289,0x19175a2,0x1f09384,
-        0x195dffa,0x0ca4015,0x1e3d376,0x13f4060,0x1f09d33,0x02b3493,
-        0x1f64773,0x00143d3,0x0bd79a5,0x0005585,0x1380206,0x129cbbf,
-        0x135a381,0x0446cb8,0x1e62b7c,0x1d0ec60,0x05a2a79,0x00dc4d2,
-        0x064eebc,0x0f11687,0x1ed6154,0x14cbeb7,0x1c8b9de,0x1b301ca,
-        0x0a378ee,0x0487fd1,0x0168aab,0x14517b0,0x04a75fd },
-      { 0x1e74cbc,0x147ddaa,0x1c97426,0x1df5631,0x137738c,0x12761d3,
-        0x0eb5a5d,0x0621f84,0x1e7e0ad,0x0d3e9ad,0x07326f1,0x0d1dc90,
-        0x14e75e0,0x1ea5761,0x10baa64,0x0c789e1,0x1e80d4a,0x0789927,
-        0x06c164b,0x16f82d3,0x146b5db,0x06d3f07,0x110b59d,0x001f5d4,
-        0x166c7a3,0x041ad2e,0x04ccceb,0x107b904,0x008496e,0x0097462,
-        0x105c3be,0x133debf,0x0e1dcb6,0x074314b,0x1c6c5cd,0x10dc56e,
-        0x183507d,0x114e6e2,0x05e6811,0x15c47b0,0x05819f9 } },
-    /* 46 */
-    { { 0x0a78811,0x14890b5,0x1f0f665,0x084207c,0x164ee8f,0x1cf34c7,
-        0x041c08a,0x1bdbbe0,0x04f582c,0x1000fcf,0x1eb06b9,0x115e5d9,
-        0x0924a60,0x031c980,0x1d31e10,0x05222dd,0x0e6ebf7,0x0293175,
-        0x113b968,0x1a15eb1,0x1bc7ddb,0x08766c3,0x01d6bfe,0x049e229,
-        0x1b34c6f,0x0b917ee,0x07a197c,0x1020850,0x0c1b9a4,0x1213443,
-        0x07e55a4,0x13de846,0x15f3208,0x1f41737,0x0b3f429,0x115eb0f,
-        0x1ac395c,0x0b8c8bc,0x09d4359,0x07826c9,0x0745960 },
-      { 0x01ae519,0x03adffa,0x0944709,0x0295f1e,0x14401fb,0x1d961e9,
-        0x1f34abb,0x010e1bb,0x151cdaf,0x1969c2d,0x02ec666,0x04ad041,
-        0x168531c,0x0619f9f,0x12277d9,0x02ed22d,0x0992457,0x1611e7d,
-        0x1b4042e,0x136a3d0,0x0313233,0x069131c,0x0236c3a,0x1fdbd6e,
-        0x1e17900,0x178fbb4,0x0e8da1f,0x1fb2db9,0x0764753,0x1591c8a,
-        0x1773411,0x0188b91,0x1ff2064,0x01ebc79,0x1ef6e0d,0x01dfa2c,
-        0x0b77ee9,0x1e65b6a,0x1ed1524,0x027679e,0x0330255 } },
-    /* 47 */
-    { { 0x1eaaca1,0x002349a,0x0408dbc,0x0b12232,0x0c384b7,0x094aa60,
-        0x159979b,0x1af966e,0x1b1e9d6,0x1c8ccdc,0x109d5f2,0x0693853,
-        0x1075852,0x1c739c6,0x12f46ea,0x1484f13,0x0905923,0x0cdc6df,
-        0x03f8622,0x0ef27c3,0x0083a23,0x0bd3a17,0x0909c5d,0x1d7ac27,
-        0x179d24e,0x1bbc624,0x1353cb3,0x0064a0a,0x0705de4,0x1048cac,
-        0x0ea8ee2,0x067b333,0x1191bd9,0x1f70f0d,0x0e90ec3,0x0975fdf,
-        0x1facdf1,0x1d68c21,0x15872ce,0x160870e,0x09328ad },
-      { 0x106b872,0x027407c,0x1996afa,0x00f04c4,0x105523a,0x0c667bb,
-        0x1a9f8ce,0x047b138,0x1f55b53,0x1d5aa8e,0x137aa0b,0x1d940aa,
-        0x0da0578,0x1baac4e,0x09948f4,0x1aea1de,0x042864a,0x16c7eb1,
-        0x1e3f87f,0x04ff8a2,0x142293f,0x184efc3,0x1ecf9bc,0x0a1a0a8,
-        0x0e49e37,0x0509431,0x097700e,0x1b218d6,0x1b682b7,0x1711426,
-        0x02b0686,0x1310326,0x1f3dab7,0x1f05223,0x154aebc,0x0a61cd7,
-        0x162d25c,0x00012df,0x1579c1a,0x19f5ba1,0x00aa1f3 } },
-    /* 48 */
-    { { 0x0a10453,0x110c811,0x042ea60,0x1854074,0x1d1eb91,0x12379de,
-        0x1765659,0x18d5f76,0x0f38b6f,0x0c6f1a2,0x1f28769,0x07cb719,
-        0x04ce47c,0x07b86d0,0x16385b4,0x05dadf9,0x09bda26,0x156221a,
-        0x15b8be3,0x01b0f78,0x0e58932,0x040c89c,0x0738fa8,0x1646d81,
-        0x02dffa2,0x186d2c3,0x1239fbe,0x161f34b,0x0c78eb6,0x01958b5,
-        0x0bd2d4d,0x0e136a3,0x1f43105,0x0cb1437,0x1be23d4,0x1a11c46,
-        0x0ed403a,0x09f8bb7,0x151787e,0x1c12c6c,0x0559337 },
-      { 0x0fd807a,0x0fb9c6c,0x0888c37,0x1b56262,0x14e0ec9,0x0d7de1f,
-        0x1d36d89,0x12a2945,0x09f12f8,0x0db8302,0x0113f75,0x1847586,
-        0x0fb46f3,0x1aa00a4,0x08cb47f,0x1caa836,0x0f539b4,0x0b0da2c,
-        0x175c2dd,0x0964941,0x01d9f69,0x0c944ac,0x03f190a,0x0bfc45a,
-        0x149beee,0x1b1e02e,0x1da862f,0x15e688f,0x1929d67,0x0ee13f8,
-        0x033a5a8,0x182aa3d,0x0fe6028,0x0a7d135,0x0bccad7,0x084fb59,
-        0x145c2cb,0x0b18de2,0x0534d28,0x1f36192,0x0930070 } },
-    /* 49 */
-    { { 0x1a9bc05,0x1962f34,0x0dcf4bc,0x0cb1389,0x0a5c19c,0x132fce0,
-        0x0797a51,0x07212b9,0x1bcfb4c,0x1587949,0x0df0c62,0x10ee3bb,
-        0x08b9070,0x1359c02,0x13a5961,0x1b37b12,0x0cf606b,0x0f8cd48,
-        0x1bf4b5a,0x1ab1bf6,0x0a69cc1,0x07230ec,0x021b731,0x19c9063,
-        0x1c277f9,0x141622a,0x19d97e2,0x0934b32,0x1adc8d7,0x134661d,
-        0x0acbff1,0x122259b,0x0018396,0x1e3e59c,0x170ec90,0x09530f2,
-        0x010a222,0x1af9880,0x178521d,0x082b0f6,0x0043a21 },
-      { 0x0873752,0x14ede1d,0x1fb9eef,0x085e885,0x0e1493f,0x0610c0f,
-        0x08b2306,0x1cf3039,0x0e29769,0x0671848,0x1a317c0,0x1591bce,
-        0x1eb4626,0x1a6bb3b,0x1a73918,0x129cc67,0x0ade0fa,0x1fc4e16,
-        0x07d6d6f,0x0b98228,0x012c04f,0x1b11146,0x09597dc,0x00b99ca,
-        0x1706a0c,0x027f8df,0x1ef921f,0x1a0ffff,0x19f1a45,0x1e04d24,
-        0x000fb10,0x131b290,0x14e79bb,0x1897c27,0x08581cf,0x1b1466b,
-        0x0f970d6,0x1af57b8,0x02ba12e,0x0f7e49a,0x018d074 } },
-    /* 50 */
-    { { 0x0601faf,0x1e3be42,0x1dc9634,0x055e383,0x09465be,0x0b6c036,
-        0x19e6344,0x079fec4,0x0d5b0d9,0x0cb6063,0x19c8e8e,0x1aeabd8,
-        0x092fa1a,0x01dd29a,0x1aa0510,0x09b152c,0x0222ac3,0x0ee264a,
-        0x159d619,0x08e3bdd,0x128fddf,0x0bca9ea,0x162b296,0x1d7ecfb,
-        0x063b524,0x069d972,0x05f896d,0x0b0490e,0x159daa2,0x16dd218,
-        0x1008f16,0x1066aea,0x058f9c6,0x058d32a,0x169fe4e,0x039ed0b,
-        0x0efed23,0x0d27ed6,0x1796660,0x1da1176,0x0711093 },
-      { 0x01f161a,0x11fe320,0x1a1c4aa,0x012e98b,0x1735856,0x1aefc17,
-        0x14bec5e,0x1329544,0x1a48e62,0x05c1583,0x1611f6c,0x02ae53b,
-        0x0600234,0x0294e2d,0x1953401,0x1ea71e3,0x19e6d98,0x1e60e29,
-        0x034eaf2,0x0c56a65,0x10cd361,0x1c15427,0x1d68de4,0x1dce908,
-        0x1a81b4d,0x18dfb8b,0x0d308ef,0x0d9e6bf,0x1e8b3e1,0x014fbc3,
-        0x0c1ff47,0x0b36f35,0x1da7e68,0x16305db,0x028217d,0x0a0e420,
-        0x07ed48b,0x0200acf,0x05f50c6,0x1b49b39,0x017898b } },
-    /* 51 */
-    { { 0x01b8cf8,0x041ec57,0x015b361,0x05d3451,0x123d4b4,0x0525e11,
-        0x1613c81,0x1f4ec66,0x0ca7a69,0x1059114,0x1eeac93,0x1517eea,
-        0x0a8afbd,0x1662fce,0x0c90221,0x12b870b,0x013d41a,0x1a3fda4,
-        0x0aaaf9a,0x178a798,0x199d3f1,0x1f8d68a,0x1c8b368,0x03d5363,
-        0x0c081c3,0x1608d97,0x0c05852,0x091e609,0x0fa7ab0,0x0774e35,
-        0x0f738c7,0x08281b8,0x1af7633,0x055dd2a,0x0cdf73a,0x1d096f5,
-        0x07cf3ef,0x0f3b246,0x1aac943,0x19e2a6a,0x073a88d },
-      { 0x0e83b39,0x1414403,0x0df4fe1,0x073e880,0x077a441,0x0de420a,
-        0x02c3c5f,0x093f20b,0x154d175,0x0db27a7,0x01fff8b,0x14d5e46,
-        0x01a23ce,0x0789313,0x0fbf555,0x0fe4c72,0x18a10f3,0x097a732,
-        0x13b878d,0x06f9c7e,0x1e8ba44,0x13d49e6,0x193bd0a,0x1355202,
-        0x1c9f493,0x06a0ef5,0x08f5ed7,0x08447ad,0x0a3acc4,0x1508fc4,
-        0x0b5e269,0x058c114,0x0fb9df8,0x0b6032b,0x038eefd,0x01cf3b7,
-        0x068fa30,0x02b5793,0x1a879cf,0x02f5c72,0x052f32b } },
-    /* 52 */
-    { { 0x114f71a,0x09260f3,0x14655bd,0x0535bb0,0x01be126,0x056df1e,
-        0x0276197,0x0935b23,0x05a0fb6,0x045fae4,0x064b676,0x152443a,
-        0x0f9efa6,0x17b925b,0x1fa0e25,0x02339c7,0x024b250,0x0761fd7,
-        0x0b834f0,0x15f3ec5,0x024d4b6,0x05eb0cb,0x03f3ae8,0x1b6dc75,
-        0x1092b2f,0x094bee1,0x18c98f3,0x123b46e,0x1c43bdc,0x1b0f7ca,
-        0x164c301,0x19bd689,0x1136400,0x0698ec4,0x1a110f0,0x1ffafb9,
-        0x1871899,0x1f61d8c,0x16305e3,0x051dfbe,0x079e14d },
-      { 0x1b40c55,0x1111acd,0x090b8e0,0x1a1da0f,0x0a27202,0x1c60fa0,
-        0x106a520,0x11c91cd,0x1d864a7,0x1af9253,0x115724a,0x081418d,
-        0x087e7f1,0x07096a8,0x0b0412b,0x03c21cc,0x07ec11b,0x0cd850d,
-        0x1eecf75,0x144ebf5,0x0b30fd8,0x1f4d1db,0x17fcd53,0x0c05403,
-        0x05d9e46,0x0fbad08,0x164eed9,0x1a6e369,0x02fdeb3,0x1f8587c,
-        0x1176972,0x1bc8d0a,0x001229b,0x0a8bf23,0x02e71cf,0x04a0bc2,
-        0x072ff49,0x07d2a0b,0x1b389df,0x11532ac,0x00d8ec2 } },
-    /* 53 */
-    { { 0x1eee995,0x07b9f65,0x0030053,0x19a923d,0x12eb88b,0x15d2ea5,
-        0x1b2b766,0x09ac2b4,0x19304c8,0x1bea319,0x00f268b,0x03a5156,
-        0x14ba050,0x08dd5dc,0x1dc8f7a,0x0aee591,0x1775040,0x06442fc,
-        0x1ff2c25,0x03a5678,0x071ab5e,0x0aefcb6,0x187b9e6,0x0c8933c,
-        0x0daab34,0x0995c64,0x157d81e,0x1684bbb,0x043587d,0x0e50d89,
-        0x101c094,0x13f8e86,0x0d7d3be,0x1564493,0x0c43240,0x1f182f2,
-        0x0559a74,0x09160aa,0x12bf1c9,0x04f86e6,0x086001e },
-      { 0x1693947,0x005d2f3,0x18ac4ec,0x1c02580,0x0478641,0x0a48543,
-        0x0e383a1,0x0bdc348,0x1d9574d,0x0b9eddf,0x0ee9854,0x171937a,
-        0x159532e,0x0f9f503,0x106f2e1,0x125723e,0x0478cbb,0x0560e61,
-        0x1be406d,0x08c91c3,0x12ee0f3,0x0f6959d,0x1764a74,0x1aeb7f9,
-        0x11eabc3,0x0692387,0x1c4e73d,0x19b78de,0x0249535,0x02a6f82,
-        0x00f3619,0x08ff967,0x0079812,0x1c9860f,0x06d05f7,0x0173e41,
-        0x114ebc0,0x12fe188,0x11b0508,0x19668f2,0x0020591 } },
-    /* 54 */
-    { { 0x15e0af4,0x01b9093,0x092f8c0,0x1fcf149,0x121141e,0x1aba42b,
-        0x1f3db45,0x13cccd9,0x1168e65,0x1d0eb9b,0x010bb97,0x1ca81c5,
-        0x16263e3,0x0a45eaf,0x1b30f52,0x020955b,0x03d246b,0x000cef0,
-        0x0d0f606,0x13d207e,0x0d31f8a,0x052d860,0x12d5ee9,0x1c4ecbf,
-        0x0c50651,0x1b3c123,0x1d9466f,0x018aea3,0x119a018,0x0100790,
-        0x1d17c17,0x0f043a9,0x06487b8,0x01d033f,0x12a8987,0x044c5f2,
-        0x1214605,0x07f244b,0x017bd5b,0x0bf43be,0x0511998 },
-      { 0x18586c0,0x0a4bed8,0x0989606,0x0d8ddd5,0x004415d,0x06d1458,
-        0x11ada5f,0x128f8d4,0x07c1945,0x10a4d94,0x0e941a6,0x13f49da,
-        0x14b5636,0x01e4a65,0x04aa999,0x1ddc4e1,0x13aa9e9,0x0aade73,
-        0x1e24d42,0x1650e0e,0x132634b,0x180375a,0x02be57e,0x071e90b,
-        0x1032396,0x1fc43e6,0x016e9d6,0x126ec4d,0x02d5812,0x179ecea,
-        0x137ccb5,0x0cb8dac,0x0cad574,0x0f6a0d2,0x03eecb3,0x0f30bea,
-        0x1006a06,0x1a67074,0x1fe6b3c,0x0cab14a,0x059eaf2 } },
-    /* 55 */
-    { { 0x0c3876f,0x03f7db7,0x1921ed0,0x07e1e90,0x180c612,0x04981cb,
-        0x15bfefe,0x1605576,0x045a91a,0x0c97550,0x046e0a5,0x09aef10,
-        0x09ce5b8,0x0fcf9fe,0x09c68d0,0x1c2770d,0x186f0e7,0x060bfee,
-        0x1568220,0x1b052ec,0x066688e,0x1a40eaf,0x1d75b71,0x02e2f2e,
-        0x09df61d,0x10ff7fe,0x178fde7,0x0d5a991,0x06192e3,0x18be902,
-        0x18b6c54,0x04e9fb4,0x0c9fa7a,0x0cc8a3c,0x093e0b7,0x1809d92,
-        0x1a64971,0x0e8f1c1,0x0efec16,0x1d44c41,0x03b4450 },
-      { 0x176dcdb,0x1d4aae3,0x091cf6d,0x1903917,0x15c4a57,0x0bb07d9,
-        0x1400d41,0x0a75c50,0x1b3aec3,0x1f40348,0x05ef978,0x0b7c8e2,
-        0x0138033,0x02b667b,0x111f8e8,0x0f22dc3,0x1eb3397,0x0929e7e,
-        0x172dfb8,0x19bf75e,0x17043de,0x07be7a5,0x1cf25e5,0x1f028c5,
-        0x1680c9f,0x14f9200,0x06f8f6a,0x1c881c2,0x191d8a4,0x01bbb4f,
-        0x1771741,0x196bd38,0x106c7a8,0x1e926a0,0x0684ced,0x0432321,
-        0x1764b4a,0x09e41c1,0x0d853a2,0x0198853,0x04a7fe3 } },
-    /* 56 */
-    { { 0x055c7c5,0x19d3812,0x1d539e3,0x10e02ae,0x1b7636e,0x1193162,
-        0x11491d8,0x18fe658,0x01bc780,0x04c588f,0x1b61dcb,0x1d5922b,
-        0x14d48ea,0x0cc932f,0x0134f00,0x0401f76,0x19bcfa5,0x035a958,
-        0x0fa8ffa,0x1413032,0x0059c46,0x1edd3ac,0x160b1cc,0x12d5599,
-        0x0bbd618,0x0a8e992,0x133a3b3,0x181345f,0x1c44b3a,0x0c7e817,
-        0x12d4a64,0x15542f0,0x0c45e4a,0x1042e78,0x0d03f88,0x026ac4c,
-        0x050c7d6,0x05db3b6,0x1ac8d4f,0x146ca24,0x083fa1e },
-      { 0x0ccc646,0x0436d08,0x07a582b,0x1ef608a,0x0ce0637,0x0443081,
-        0x1d8c228,0x1057779,0x1203499,0x1e0c80c,0x0f36808,0x0739f81,
-        0x1d707fc,0x0dea7eb,0x1347c54,0x07776fe,0x0744471,0x06b5327,
-        0x16b2798,0x1b8ced8,0x116957b,0x019bdb0,0x115b14c,0x1e8143a,
-        0x11396dc,0x163e9a2,0x15265f4,0x07dbd84,0x04a739f,0x14d2616,
-        0x1894d2b,0x0d4d5a5,0x001397e,0x0afc08a,0x15348fa,0x1e40ed3,
-        0x1e98fab,0x1003e36,0x147833b,0x0f32638,0x0614097 } },
-    /* 57 */
-    { { 0x1156623,0x1996d8a,0x1f08f76,0x1956f4c,0x08137fb,0x0cf1e13,
-        0x07d41bc,0x0c24c02,0x089924c,0x010c581,0x013070d,0x161f8d0,
-        0x07492a0,0x17d5735,0x16f9c1a,0x17cc3ac,0x03e0d01,0x09d89e9,
-        0x01fd31a,0x08b68ff,0x1aa3445,0x11026e0,0x15088db,0x0a2c3d9,
-        0x1261d3c,0x003b09a,0x0ef622f,0x1d68d4c,0x19d7201,0x0c1b0ac,
-        0x1cde31b,0x0d375e1,0x0955fe1,0x194107b,0x0f585c1,0x148cfdd,
-        0x1e3a340,0x0dc5151,0x17e20bc,0x0ec5a16,0x0636dac },
-      { 0x0c80af3,0x006dcda,0x0aae50a,0x029c712,0x1a189cd,0x03beee4,
-        0x00b8345,0x09e4dce,0x068f9f1,0x08d771c,0x0a82cba,0x0c75017,
-        0x092864f,0x05b8a51,0x1607dce,0x0f96d59,0x070c5fe,0x09870dc,
-        0x0420dff,0x1d43876,0x089f883,0x09b5902,0x0b689e5,0x145b4be,
-        0x12a6858,0x10a1d75,0x080ea3e,0x046617e,0x10b1c4e,0x045aee3,
-        0x1d2d712,0x0532cf1,0x078c4d9,0x1b3ae05,0x0260977,0x104677a,
-        0x1b67d36,0x1ae03b3,0x1bcfcde,0x1fc9a17,0x02f6dbd } },
-    /* 58 */
-    { { 0x04da7c7,0x0397e97,0x04c8be1,0x035ccef,0x108cfc9,0x0134713,
-        0x1c228f7,0x0486c95,0x0799a24,0x1886ff0,0x162ffc3,0x1ab0e3a,
-        0x06ef912,0x0c44b17,0x1cd77f2,0x1d414d7,0x1a95f47,0x0945cb7,
-        0x0b4c230,0x14f3d55,0x1bba734,0x1bcfa1b,0x055cc0c,0x1ea9eeb,
-        0x0bd8e6c,0x1760016,0x1f9d8cb,0x0ec0db9,0x1931044,0x0f65a98,
-        0x075012d,0x0159ee5,0x0e0897c,0x0f8ef05,0x0e18ef7,0x1112c51,
-        0x187d744,0x168aa77,0x1753bb3,0x12e8b1a,0x05cb6e1 },
-      { 0x08c75ed,0x178cb80,0x0be2633,0x1deddd5,0x1cf49d3,0x1af4b6b,
-        0x0780861,0x1143adf,0x0dd9b0d,0x076167f,0x1db6abf,0x19fd72a,
-        0x1838a61,0x1b53edd,0x000fce4,0x029e820,0x06823b8,0x1d9be1c,
-        0x0038c54,0x0cdb977,0x07a89fb,0x1d02cc2,0x079f8ba,0x14e4ee1,
-        0x063fd35,0x1685276,0x07f2783,0x023e7b2,0x15baa43,0x004a6a8,
-        0x18cf077,0x14119a9,0x1a06ebc,0x0f7553a,0x08e0bb5,0x1f56c2e,
-        0x01f52c1,0x015dd87,0x15b94ba,0x060a2eb,0x02149d6 } },
-    /* 59 */
-    { { 0x19311f6,0x14737af,0x1e17b86,0x1f75783,0x097e3c9,0x0a104d6,
-        0x114bad2,0x1c29f4f,0x019774f,0x0617a8e,0x16113c1,0x02450aa,
-        0x135cefd,0x1ac39d5,0x0e18a8e,0x033f96a,0x1d6cbed,0x13b477e,
-        0x19611a6,0x0248f3d,0x009ccdc,0x189ec06,0x0448df8,0x0898518,
-        0x0a290c0,0x143eeba,0x0af51f8,0x1dcca2f,0x0ffeef9,0x0914568,
-        0x07f0908,0x1031a50,0x073088f,0x006f0a1,0x12f10fb,0x07d78e8,
-        0x1415bd7,0x137667d,0x109b16c,0x0a1960f,0x014e2f3 },
-      { 0x016946b,0x0950821,0x04b5523,0x0ef497b,0x0e801f0,0x14a8b03,
-        0x1428d0d,0x192b32d,0x163a197,0x18dae17,0x1ddf243,0x189e0c3,
-        0x0279da3,0x09ffbd9,0x07358d2,0x0247e38,0x050a234,0x02f30db,
-        0x0a100cf,0x16698be,0x0214826,0x146179a,0x1c62e43,0x100dd8a,
-        0x15620ae,0x0da52f9,0x178c92a,0x05f5c68,0x13cb51a,0x1caf45a,
-        0x1e2302e,0x1f32cae,0x14f6ac2,0x0f79964,0x01f5ae7,0x0e0fd8c,
-        0x10ed8f2,0x1f8edd6,0x0793d8e,0x005b96c,0x058537e } },
-    /* 60 */
-    { { 0x0f80ba2,0x0583232,0x116c7d9,0x0e0ab34,0x08e055e,0x1a5b1a7,
-        0x0acd3c7,0x105864c,0x1de8c84,0x1a7beaf,0x11e02bb,0x1d41861,
-        0x139d55d,0x07d0f34,0x102bee7,0x186962e,0x0667460,0x1167f35,
-        0x061f07b,0x12b2822,0x0d94f66,0x1bafcba,0x04e0bc9,0x08a93d6,
-        0x0ace400,0x0810e50,0x1eeaf7b,0x1048967,0x1653eaf,0x0683271,
-        0x00f0dbd,0x18ab8bf,0x0b9f0dc,0x1e74875,0x13beb3a,0x0bb2773,
-        0x1906142,0x12c7390,0x05c3459,0x0bf05af,0x0485783 },
-      { 0x0576210,0x092de69,0x110f735,0x0faa36a,0x1f378aa,0x0c1cca4,
-        0x0fc5c6f,0x043fd2f,0x1f38ac6,0x18687b1,0x1023324,0x182f030,
-        0x16af8f2,0x1307a9f,0x04b21f8,0x0ebc84d,0x007db0a,0x187722a,
-        0x1f6c6cd,0x08f5cbf,0x044b0ec,0x0e3d535,0x1da44a7,0x0816eba,
-        0x132b22e,0x1bbdb7c,0x0257bce,0x00cec9a,0x1c63e8e,0x03fab45,
-        0x100a3f5,0x1380029,0x1810494,0x0aec768,0x0ff75e6,0x1f21c5a,
-        0x0c2a85a,0x1cd02eb,0x0c4a3ac,0x17b443e,0x06c0277 } },
-    /* 61 */
-    { { 0x109e7ef,0x1b8435a,0x1e47906,0x167aff3,0x0842ec7,0x135c45c,
-        0x17e5154,0x1579a50,0x0051dd0,0x1227032,0x1c73adb,0x1820ee9,
-        0x1b90198,0x091f330,0x12afa60,0x08fb2dd,0x13632f6,0x1224088,
-        0x1b14abb,0x10568a4,0x09d51dd,0x1fc9cee,0x1594241,0x1a8ab7f,
-        0x0eef2fc,0x0be5eaf,0x1634b97,0x102b49b,0x1c9f2a7,0x1649445,
-        0x0896b53,0x0af4766,0x0f10d0b,0x0e5ede3,0x079c82e,0x11d1a18,
-        0x1b774ee,0x05838d4,0x13e3d68,0x135e45f,0x03067bc },
-      { 0x1ca9326,0x0c4f95b,0x1d8f839,0x1b62449,0x17a106f,0x1d2bde8,
-        0x11485d1,0x05d646a,0x162b088,0x10a4c16,0x07ff3c9,0x0a88872,
-        0x0d7f3af,0x1427220,0x0a8cdee,0x160e235,0x1b0941b,0x014751b,
-        0x1929fd5,0x0fb9685,0x15fba95,0x160d356,0x19ead98,0x186d441,
-        0x1e381f7,0x1b5e89a,0x126ea82,0x05cf301,0x04671f4,0x01864a7,
-        0x18d08dc,0x1161245,0x0cc63ff,0x12c4f92,0x09e5116,0x19a21aa,
-        0x0870ff6,0x0ce98b5,0x10656ee,0x195532d,0x0390c83 } },
-    /* 62 */
-    { { 0x1c4a73f,0x1fd417f,0x0c0d434,0x0a77aa6,0x0665d63,0x05dbbe9,
-        0x1be2899,0x1090140,0x022d73d,0x0e02537,0x0ee2aa0,0x1fea064,
-        0x1a2409c,0x062626a,0x173885e,0x1383263,0x00e0c0f,0x01ba554,
-        0x0061aee,0x0b470e0,0x087f0b2,0x085578a,0x142dde8,0x0931bc3,
-        0x19ad5ab,0x08b0af9,0x186a830,0x05c65b4,0x025ce89,0x1edecb7,
-        0x1448a38,0x0bd0c8d,0x17c88dc,0x18e345a,0x059099e,0x0ace562,
-        0x000bdec,0x06c03fb,0x15ce974,0x0fa447c,0x03ea400 },
-      { 0x195d0a3,0x0f5e852,0x0ed35db,0x175fe16,0x06bd76c,0x0dedcbd,
-        0x0553e6c,0x0e37e58,0x04c714c,0x158cd5a,0x0bd98d8,0x0772443,
-        0x16c9bf3,0x064a0f7,0x161f126,0x01eda47,0x0c3d79f,0x092ac02,
-        0x09eb2f0,0x14200a5,0x08af6f1,0x0caa829,0x176ade7,0x1a2c426,
-        0x1a6f0c8,0x014febb,0x1779784,0x00a116d,0x1da12b4,0x00797ca,
-        0x087656b,0x0eb1517,0x060af71,0x0647dc4,0x120dc58,0x0816329,
-        0x0e004d3,0x0736406,0x0aa8290,0x02ed629,0x009f82a } },
-    /* 63 */
-    { { 0x01366dc,0x1f2c461,0x0be582a,0x1f5eebb,0x129c0a4,0x1c9f6a3,
-        0x07f66b2,0x0e0e0a0,0x087a16d,0x0bf3a27,0x1cd86ee,0x14f531c,
-        0x13a42e0,0x145aa67,0x136bfc8,0x120f035,0x0bbb7bd,0x1f843e6,
-        0x18c9439,0x1e7306c,0x1c09da6,0x175d783,0x19b5a4f,0x175e2ae,
-        0x0f4c38c,0x0e83cdd,0x1f7f2a6,0x15309c0,0x0d8dab5,0x1923f93,
-        0x1e6ad34,0x0fd746d,0x10be701,0x0e90b26,0x19943a3,0x066f773,
-        0x131c4f0,0x1527122,0x16169ca,0x1096ea7,0x077d1e9 },
-      { 0x0e62367,0x1991cec,0x13c764d,0x1773041,0x1361848,0x0e4be21,
-        0x18d116a,0x1f8018f,0x014f960,0x10764d7,0x11d2d66,0x019ee80,
-        0x15cf41f,0x167032e,0x1bb7a3f,0x10c214b,0x04e9e80,0x0d8ef2d,
-        0x1833dd7,0x0895c95,0x0d0b17c,0x11b58a4,0x0be958c,0x13fe5b8,
-        0x0740fd2,0x097327d,0x0a232c8,0x0c0bd71,0x063016c,0x18d6b54,
-        0x05fcb1d,0x0c0f698,0x16112e7,0x04bc2b6,0x101d035,0x0bfd21d,
-        0x0256e0e,0x0df0c5f,0x0b6c166,0x1d994a9,0x04e6eab } },
-    /* 64 */
-    { { 0x199cfe6,0x191e9fd,0x05e2540,0x0d92668,0x1b09bc2,0x1efdb7b,
-        0x07905f2,0x0c0c822,0x089a757,0x08a0ba2,0x0672c24,0x1bf2212,
-        0x0f4c633,0x1cb5fe9,0x17f1f1c,0x0c5b6e2,0x1128cab,0x04650ca,
-        0x16e06ab,0x0e48e69,0x054a306,0x15da626,0x199e891,0x0452c8d,
-        0x0a0fabf,0x0b86bbf,0x07e96d7,0x17da2be,0x1192f35,0x16d2e17,
-        0x0b695a1,0x0fecd21,0x0cac72a,0x085beef,0x0a8b2a9,0x1e1895e,
-        0x0049ad2,0x0318e0b,0x1c15bd1,0x12c09d9,0x0325d27 },
-      { 0x048c144,0x0fdaaa4,0x1ccbb84,0x0b6d4f5,0x0e06292,0x0f07cd2,
-        0x1a384da,0x03c24b6,0x0ca53b2,0x0cded73,0x03a86eb,0x00b85d3,
-        0x15f50d6,0x0f97d1c,0x0e7854e,0x065eb7b,0x12de915,0x1a2b871,
-        0x1a89435,0x0d315c8,0x1145810,0x1656cec,0x1ff6551,0x1d2f4bc,
-        0x0772111,0x174d5fb,0x14927e0,0x1453efa,0x11df63c,0x1cd4cc2,
-        0x196a714,0x0e3a1c7,0x184d54b,0x095ab7e,0x1670107,0x15a3c08,
-        0x1d80096,0x19f5b77,0x1e74f3a,0x08dc654,0x019d485 } },
-    /* 65 */
-    { { 0x140f5e5,0x0f747da,0x145ff86,0x1e09cd1,0x06d2a52,0x1ee438c,
-        0x036c2b6,0x191a464,0x0d03a7f,0x01d6ad4,0x12e45aa,0x078e117,
-        0x0054bf8,0x1728f42,0x084cfa8,0x1bbbe12,0x024cb52,0x1de71c2,
-        0x0418d60,0x0f7c806,0x1176d5c,0x0fa2c71,0x107aee7,0x09b577f,
-        0x19639bc,0x0d457d8,0x13015c9,0x0c6a1fc,0x01cd243,0x031a427,
-        0x17ab128,0x1828b71,0x1f73154,0x0191bd6,0x167acd2,0x00154db,
-        0x0bff272,0x1a2e1ee,0x14ec28c,0x0d969c8,0x01b3ace },
-      { 0x0a8bdc5,0x1f2f4c8,0x02240d0,0x1ac60d4,0x0203bf9,0x0429075,
-        0x068d639,0x00d3091,0x0de7d1d,0x08bef5f,0x0574fef,0x0daebef,
-        0x1f8fafa,0x1c3d851,0x13ad8c0,0x1d5f549,0x132ffdd,0x1700b35,
-        0x19d9380,0x1c40a8f,0x1304a2f,0x127438f,0x156ae60,0x05d88bc,
-        0x136bb95,0x065515e,0x12a4348,0x1698290,0x1cfb537,0x19c3bad,
-        0x1954c67,0x0d30589,0x0238a4a,0x1490e9a,0x071e840,0x1d4576c,
-        0x1b3ab17,0x030db26,0x0285078,0x07c325e,0x0538ec3 } },
-    /* 66 */
-    { { 0x19b56cf,0x04b7f50,0x0b3464d,0x08f7733,0x063d77f,0x085440b,
-        0x0bea15f,0x1fb1e09,0x0082835,0x0769ed1,0x0b3b1f3,0x15dabb0,
-        0x057e21f,0x1c004e4,0x05d6e67,0x1460edc,0x11b2d05,0x16ce371,
-        0x0521f60,0x091a950,0x0655969,0x196a37b,0x01baf4f,0x0799893,
-        0x11aa877,0x0534342,0x0a2c590,0x1c441e4,0x020b753,0x11d420d,
-        0x1be7c1b,0x1215814,0x0fffe5e,0x159fd96,0x076a3af,0x13eb536,
-        0x0e08e2c,0x03eccbb,0x1d00496,0x13007d3,0x06fd602 },
-      { 0x0b7516a,0x04fc6c7,0x02ad51c,0x097b8b3,0x03058a7,0x1400e74,
-        0x176621f,0x12da469,0x0d17b8a,0x087cec8,0x03daaff,0x093edd2,
-        0x1baa1e5,0x0d3f6aa,0x05bfe01,0x0983249,0x17a6c25,0x086cfb2,
-        0x025895d,0x1d49397,0x07de3cd,0x1816ff9,0x0da168f,0x1178097,
-        0x0e7fddb,0x1581e28,0x1e61c8d,0x009fe1f,0x0d50559,0x0c7edd8,
-        0x141250a,0x1c297d1,0x0b3386d,0x0986b1a,0x1a71f0f,0x12f5a69,
-        0x0159fdd,0x15995ef,0x197007c,0x0798ec3,0x084cfa2 } },
-    /* 67 */
-    { { 0x199b964,0x008f5c5,0x111c4ef,0x14b1c5f,0x0e280c0,0x04d2a5c,
-        0x0f12753,0x1f50e1f,0x0bf6e20,0x1d19a51,0x0233e8d,0x1a1baf9,
-        0x1aee583,0x17a578e,0x180a6a3,0x1f14c0b,0x0340c2e,0x136aaf1,
-        0x027a6d8,0x0dfbfc4,0x080f61b,0x135dc70,0x0ec76b4,0x125f834,
-        0x1c16293,0x1a72d6d,0x182ab8f,0x05581fc,0x1f4d5b0,0x000d615,
-        0x14a3666,0x18505fd,0x133f93f,0x0d99f91,0x0432d4b,0x0e2db96,
-        0x055752e,0x1c87c26,0x0363827,0x0a39094,0x0287d4c },
-      { 0x09867da,0x0c10087,0x13697e9,0x06350e9,0x014589b,0x0f71173,
-        0x09f17ef,0x15000bc,0x1e612bd,0x1abff7a,0x18d7e78,0x1dbe5a6,
-        0x064e0db,0x17892d4,0x0f9c391,0x145cac5,0x0840d94,0x0d04dcc,
-        0x02d7974,0x13342a5,0x08b57eb,0x173a881,0x086e505,0x0da5988,
-        0x17fd7e0,0x0228d89,0x1ffa826,0x1f43ea2,0x0ecbd76,0x14b37fe,
-        0x0f8ee87,0x1065e8a,0x0c89a4a,0x147d0ea,0x0abfb29,0x060f63c,
-        0x0bd395a,0x1da229a,0x0784f43,0x1b9b1df,0x00132a3 } },
-    /* 68 */
-    { { 0x16374c2,0x03bc2ab,0x010394f,0x0308e4e,0x060526d,0x0650227,
-        0x1b7208a,0x027140c,0x0f1ce13,0x1f0e0d9,0x0c31747,0x10659bd,
-        0x0f2aeec,0x0e5fc13,0x1659a66,0x14b134e,0x081de77,0x0668c47,
-        0x0634495,0x1c1fc02,0x186ae5c,0x0203c85,0x0850aa6,0x158519d,
-        0x1043f39,0x0027147,0x021f796,0x1ddf052,0x19a8c54,0x0d997b1,
-        0x13e0f0c,0x0b10ef2,0x10454a7,0x0d9c8eb,0x154062c,0x0b94c6b,
-        0x11d9c79,0x1f503b1,0x0a8973b,0x0ed6df1,0x013cbee },
-      { 0x13f34f3,0x15f07c6,0x1f8de72,0x1946c2f,0x1da9c31,0x0a1350d,
-        0x1b88f76,0x00964db,0x1f29c91,0x0eecb13,0x1b34efa,0x02d3c58,
-        0x16033eb,0x1e5d10c,0x1cfd24b,0x1907914,0x00bb858,0x1c971bf,
-        0x0ecfeed,0x05594c4,0x00a2e4f,0x0f325f0,0x00407ec,0x11ec891,
-        0x1826a94,0x073c8d3,0x1241c98,0x0280cf6,0x0bb8354,0x1528718,
-        0x1bbddd2,0x1933380,0x122ca80,0x04288fc,0x16e42e8,0x00d70c6,
-        0x05fa04f,0x09b5ae1,0x0259efe,0x1b5c05d,0x04e0a1a } },
-    /* 69 */
-    { { 0x1a29c4d,0x1333845,0x0250032,0x1c45310,0x008240c,0x0ed3a96,
-        0x1299c5b,0x068438b,0x1abbbfa,0x04e0722,0x0a2dc9a,0x0bfa7da,
-        0x141d754,0x0be2b55,0x0884663,0x13acabe,0x1743875,0x0a59ec7,
-        0x1f942e2,0x121bf71,0x1a16934,0x0bf4075,0x0d907d7,0x1596a6f,
-        0x1a5eb79,0x12f3d86,0x1c30757,0x16d6292,0x1a429aa,0x1346d2e,
-        0x0948ce3,0x05eda5e,0x010c437,0x079d3f0,0x1b4994c,0x1844de2,
-        0x0bef08b,0x187bdb6,0x12667be,0x1b33f33,0x0733e30 },
-      { 0x02a38f9,0x10ac152,0x1403b3f,0x1c8e616,0x0ec2d58,0x0bb5965,
-        0x1ca9f7a,0x1765dc5,0x1a969c1,0x029ceda,0x136d2bc,0x02d1f9d,
-        0x0231954,0x13d4748,0x1dcd22b,0x0a83fe5,0x1cc3121,0x10eac6b,
-        0x080ab94,0x0b6eb84,0x15a75d2,0x0d7a041,0x17aa659,0x1369c8d,
-        0x16a4152,0x0cd9ff5,0x1ef49eb,0x192ff6d,0x1f900b5,0x0a60130,
-        0x07b61d5,0x009ab63,0x03031d9,0x0cdce5a,0x06e32c8,0x1e67abd,
-        0x1ee00bc,0x01ea491,0x17031e9,0x0736f34,0x056facb } },
-    /* 70 */
-    { { 0x1018bfa,0x0b2d151,0x0610064,0x093ff5b,0x100c6b2,0x1a0d4d8,
-        0x0c7d954,0x19377e3,0x125dc4c,0x15e8ecb,0x1ff9839,0x1daa57f,
-        0x0b52850,0x1f2a84d,0x1a64b31,0x0b3e249,0x02e4ceb,0x07fb628,
-        0x0a9f452,0x166ae63,0x0a462f0,0x0ef3f1d,0x1a43077,0x0285101,
-        0x09f45d1,0x0eadd76,0x1996f97,0x0eb9fa4,0x0bce134,0x18a70ff,
-        0x0c20eae,0x101285a,0x0ba4829,0x1416435,0x0d74a5f,0x1a3c364,
-        0x10d8218,0x18e6df2,0x1b2eedd,0x0cdb29a,0x0885992 },
-      { 0x15ccaf2,0x039480a,0x1cf8221,0x0ef8b6e,0x0679ebc,0x0e8476c,
-        0x0b746cb,0x1b75116,0x087d475,0x1050c07,0x1340aa5,0x0d6ecd2,
-        0x1680fdb,0x1f9fcf4,0x01d6324,0x06d887d,0x0fa4ad8,0x0ded1fb,
-        0x0bece1f,0x018b026,0x000f940,0x0112a81,0x0969e15,0x0dd9e30,
-        0x1c35177,0x0cd154b,0x1959b6d,0x07d7e8d,0x145eda0,0x1140132,
-        0x1111d0e,0x19ee956,0x1169d84,0x19fb4f6,0x0c76232,0x0d75572,
-        0x1825719,0x1749966,0x05c65c2,0x14d4181,0x0797224 } },
-    /* 71 */
-    { { 0x01f3567,0x091fc22,0x1c758ca,0x105c497,0x011c316,0x138fffe,
-        0x1c9aedd,0x044972e,0x17a5e1a,0x00ba353,0x16d05d8,0x1d4075b,
-        0x0653ddd,0x1facdc2,0x019e8f1,0x0ffeeaf,0x18756cd,0x0580954,
-        0x066ea6a,0x0bfd93e,0x07481bd,0x117c183,0x1d40de6,0x1180ba2,
-        0x1445dab,0x0153bb1,0x0de40fd,0x1afe883,0x03e46d5,0x13a6d48,
-        0x1070045,0x15ba24d,0x11d3c4d,0x0ada00d,0x0ab1851,0x1d44ea5,
-        0x155c356,0x1215342,0x014b136,0x02bb041,0x03ff09c },
-      { 0x1cb7784,0x10de77c,0x0c15302,0x184845e,0x0ec539b,0x00a553d,
-        0x1e7f431,0x188be81,0x0ffd42b,0x1d518b6,0x1638574,0x09865e6,
-        0x0242f5a,0x0b713b4,0x0f7367b,0x1d9dc01,0x09ff8a5,0x0834fbc,
-        0x17853d7,0x10031c0,0x0741807,0x09c5a06,0x0aecf92,0x02fee5a,
-        0x08c1d79,0x0862ede,0x13315c5,0x01dd4cc,0x1a8920e,0x062d61f,
-        0x192897b,0x038f2e2,0x021b0f5,0x168b59e,0x0bc98d2,0x151e134,
-        0x18391d9,0x1987e2a,0x0b93239,0x00a9fbf,0x047ef18 } },
-    /* 72 */
-    { { 0x1a285e4,0x0f9e89e,0x0fd2659,0x147403c,0x1a7d4db,0x10a5685,
-        0x104e984,0x0928e70,0x1223975,0x1dbea9a,0x0c2e4b4,0x1b9eb4e,
-        0x1da53db,0x19968b2,0x0c364ac,0x0fde862,0x14182f9,0x1225142,
-        0x137386d,0x0444388,0x0ec9bf6,0x0c3f150,0x0ee84e1,0x1f5b331,
-        0x12c8dcb,0x02599f9,0x1ed7fb5,0x013cbe7,0x0217bb4,0x0632e33,
-        0x0a570ca,0x1f9bee3,0x00db69f,0x103c458,0x0886e24,0x1744785,
-        0x1ae6464,0x1594731,0x02187e2,0x13971bc,0x01a6b6e },
-      { 0x0af77aa,0x1615b03,0x0196bdb,0x1b510fe,0x0e60f5c,0x04c62b1,
-        0x050027d,0x0970fa4,0x1fcbaaf,0x1acadac,0x0ae1576,0x05424e3,
-        0x0c0fb59,0x0a1a4d8,0x1384397,0x1193941,0x1d8887d,0x1ceb0c3,
-        0x152f5b6,0x1d2bf22,0x099903e,0x09ae836,0x03f94c8,0x0d4c9a1,
-        0x1bc30fb,0x1b07a53,0x159a932,0x1a455e1,0x17367c3,0x1677ae9,
-        0x1545a54,0x132fb1c,0x10ea734,0x1996837,0x1c3dcc5,0x05688f8,
-        0x09cb394,0x15981a5,0x03f4002,0x10050a2,0x079dd01 } },
-    /* 73 */
-    { { 0x0c7424e,0x0019d1d,0x1340138,0x10c1fb4,0x1b06b68,0x1bb97de,
-        0x05d9af2,0x14846d5,0x1f297cd,0x0a54715,0x04f1b8a,0x170bb60,
-        0x0d4b0aa,0x0391d1d,0x0abb262,0x094d67a,0x0cd13c8,0x1065719,
-        0x03b05a7,0x111ebce,0x0262218,0x1ea1544,0x1ce58ce,0x0c1b370,
-        0x0792e7b,0x1f0b456,0x0841da7,0x13e56e4,0x0bed348,0x07f3692,
-        0x0aa3cff,0x147d649,0x15efb88,0x03835e9,0x08fd213,0x1bbbd9f,
-        0x129ece0,0x008cd4c,0x150d9f3,0x08b1a80,0x087e5ad },
-      { 0x11000a7,0x0d54ebe,0x00ceea6,0x195d047,0x0b94aff,0x1c1ee2c,
-        0x058a37e,0x11b9045,0x1845a41,0x1acff08,0x05c150b,0x01f0ba8,
-        0x01a8b97,0x195b8ac,0x0630995,0x1ba2f12,0x17dc0d1,0x07277a3,
-        0x0beb5f0,0x1699e67,0x0a5bb50,0x1c80c38,0x086eba9,0x07450d0,
-        0x087f9bb,0x0e6e3b8,0x1849296,0x10aea63,0x1432397,0x0137abf,
-        0x12bb5d3,0x002c992,0x1f5ae25,0x05fba6a,0x1f8bc25,0x04cc116,
-        0x1dceea3,0x06dadd7,0x10117d3,0x0333219,0x00b7125 } },
-    /* 74 */
-    { { 0x0d5c64d,0x08650c4,0x14d168a,0x134e924,0x0596d74,0x0074928,
-        0x034f4a8,0x0d74096,0x0caf7b6,0x0166816,0x17b60c2,0x0185d9b,
-        0x0e912b5,0x1f98b23,0x0f3a77b,0x1ff2b02,0x0c7c75f,0x0b15738,
-        0x18a9185,0x10a5c0f,0x0fd16f6,0x0801c02,0x0c83f5f,0x031d1b2,
-        0x0a4dd82,0x0ebd8d1,0x0ebf191,0x12314df,0x19fdbe4,0x07d0f46,
-        0x1bbec20,0x088e16d,0x1d4d08a,0x1a77b99,0x01ddb65,0x05a5744,
-        0x09dae5d,0x05cad3b,0x165b63b,0x074fad2,0x07a3f42 },
-      { 0x0929387,0x096534d,0x1ffcd8b,0x0396383,0x0bdb758,0x08db65d,
-        0x1b27df9,0x03fb125,0x03a4e13,0x146c319,0x01d587b,0x07e2b7b,
-        0x124680e,0x0a73f39,0x0965f87,0x1fdfdc7,0x17c5581,0x19e6395,
-        0x0a32b82,0x0eff159,0x14aff3e,0x0e2f17e,0x1f31f5f,0x06ab6f3,
-        0x0455221,0x0bbee9d,0x0a8b01c,0x08d649e,0x09621f5,0x0996834,
-        0x0f9056d,0x07ef02c,0x1e9af51,0x1f69095,0x0e6ccf5,0x064fac7,
-        0x1680294,0x00cf794,0x1ebd2ac,0x0aa2c47,0x02da5fc } },
-    /* 75 */
-    { { 0x0a5c600,0x14e79e4,0x19f1890,0x047fc67,0x07a80c2,0x0beee5d,
-        0x09d0029,0x0e93ffb,0x1925b0c,0x0d70ab6,0x003ac34,0x07f2d62,
-        0x01097a4,0x17ca1e4,0x07a5173,0x19e482d,0x0e51128,0x1d0fb9a,
-        0x067c04c,0x10f8948,0x0024043,0x0580822,0x1001e1a,0x06b39e5,
-        0x16abf90,0x071f2a0,0x191e355,0x138edfd,0x02173ef,0x0ed3215,
-        0x1059886,0x13fc602,0x1e03156,0x1923f30,0x138e4fb,0x0541feb,
-        0x072b659,0x0bc95d0,0x1534e04,0x032e190,0x0855f02 },
-      { 0x07314c4,0x1fdb642,0x05a987e,0x0bd68b7,0x1790615,0x1157d64,
-        0x18519ae,0x102e205,0x1ab9497,0x0a8fcba,0x0313fbb,0x162f822,
-        0x079d2f5,0x17fabb3,0x12339c2,0x089cef5,0x0216eb2,0x1f39b35,
-        0x1471971,0x1779d8a,0x19dedd1,0x0570d42,0x0d49418,0x14fa5cf,
-        0x081748b,0x0623d02,0x06ae3aa,0x03458a8,0x1ff078e,0x1261b7e,
-        0x011b9e0,0x0290e96,0x1b49fc7,0x0fb99bc,0x0dfc1ac,0x1e455c6,
-        0x0f8fe6c,0x1a90c93,0x01e5c70,0x19ea4ba,0x0292236 } },
-    /* 76 */
-    { { 0x18b29dc,0x06c053e,0x122b36e,0x0811d4c,0x117a202,0x095f48e,
-        0x0b17aba,0x178fb62,0x0fda72f,0x19a3e8c,0x1831bc7,0x16813ce,
-        0x1111374,0x0c71c6c,0x187a3c7,0x183e8e6,0x09d739a,0x13b8a5f,
-        0x137d713,0x12e0396,0x0ae1c1f,0x0c37b96,0x1644e3b,0x1a30189,
-        0x1e1f76a,0x1ce0e3f,0x1a78b6f,0x11830b7,0x10c44df,0x1934be3,
-        0x17e0d76,0x161a2b6,0x197cfea,0x12a2f7c,0x1169879,0x1ca2028,
-        0x05184e5,0x1834421,0x19ea85a,0x0b2ea43,0x07cfac3 },
-      { 0x00bc53a,0x010b39e,0x0d9e046,0x06fcea2,0x04b5ede,0x12bd0c4,
-        0x157f68d,0x1307944,0x0ba1fdd,0x0b55dfa,0x09df602,0x0d3f8bb,
-        0x059ce83,0x1559a16,0x1ee6b9e,0x0b3e3e4,0x1d69720,0x083648d,
-        0x053b3fa,0x1b56612,0x1f12ee0,0x1dc9fa9,0x0ed91fe,0x14afc1d,
-        0x18a7aff,0x1039861,0x1e7cab5,0x02fa0dd,0x19dcc95,0x06c3ddc,
-        0x08525ca,0x088c101,0x0034af1,0x0e0bed8,0x10fc4ae,0x0199021,
-        0x172a22a,0x12f8a7b,0x00af5c8,0x0fe3bbf,0x06ce3dc } },
-    /* 77 */
-    { { 0x0397830,0x06c1ad2,0x0c1b01f,0x19e8e66,0x0dd9290,0x0c4f462,
-        0x14ea0a6,0x0a5ba6b,0x1563d81,0x0c812ac,0x17986de,0x1223d0f,
-        0x1cf278d,0x081271a,0x1cd031c,0x01cb338,0x0614a0d,0x096a222,
-        0x0c989a8,0x0ec11fe,0x1aa963e,0x14e264d,0x189e8df,0x1fffa4a,
-        0x0dc5176,0x0e6862b,0x033bca8,0x16dbdf9,0x0559d9c,0x06ab77e,
-        0x04b2f30,0x008396d,0x05f3fc5,0x10f04f2,0x08e7945,0x199a0b8,
-        0x1c3b559,0x198f74a,0x085b4a9,0x04547a1,0x0851511 },
-      { 0x0ff19e2,0x0819ac3,0x180de0b,0x143b450,0x02c60da,0x1e3f76e,
-        0x033f955,0x16165cf,0x01bc4e8,0x07b7cc2,0x0d719ea,0x16967be,
-        0x0acc1f9,0x03b2231,0x184d80d,0x1c1612d,0x1977c7a,0x15fc885,
-        0x050d655,0x0fe60aa,0x0ae527c,0x0e7b18f,0x10536c5,0x0d36699,
-        0x161427e,0x1f9528e,0x057f04b,0x1d9050a,0x087162d,0x1709fdc,
-        0x0f7f33a,0x1bc2911,0x0332ac1,0x1f3a66d,0x1388bb8,0x194406e,
-        0x10ae069,0x1f50d0f,0x1b01165,0x1e4ef7b,0x08b1159 } },
-    /* 78 */
-    { { 0x1961d30,0x18d2217,0x123d2bd,0x10f58e4,0x1df968a,0x148366d,
-        0x1e1f2c6,0x04ba65b,0x004abf9,0x0608713,0x0135300,0x0eb373e,
-        0x1ab8711,0x09cb82e,0x1553982,0x0109201,0x033c9f8,0x0fbac3a,
-        0x09e88dd,0x1575bcd,0x17ac2e9,0x1c4a560,0x159db51,0x005b338,
-        0x0525bc2,0x19ea650,0x16afeb9,0x0b71795,0x05991b9,0x169c1a0,
-        0x10c8dc7,0x08b1533,0x169e47a,0x0643315,0x0c60ade,0x18f9581,
-        0x00232c7,0x1553cdf,0x1d165b3,0x066b11e,0x00bd864 },
-      { 0x0734189,0x0d45a3f,0x085f7a8,0x119fcbf,0x12c5ac8,0x01bb322,
-        0x1353845,0x0a08894,0x0af9e97,0x1291184,0x11acef0,0x0187a61,
-        0x1778b1d,0x0636fa3,0x16b97c1,0x11bae5d,0x19a2ee8,0x029898e,
-        0x1324f8d,0x0701dd5,0x0e8ec4e,0x16546d8,0x15266c6,0x0ba93af,
-        0x08c167f,0x06bbb9a,0x1c555b3,0x12cc64a,0x11d13dc,0x0746130,
-        0x1319738,0x16b45fb,0x095fe66,0x07d5096,0x00ca196,0x104cd31,
-        0x11c32c9,0x03e8fa1,0x0641f6a,0x131f9b2,0x0466505 } },
-    /* 79 */
-    { { 0x14a5efa,0x009e635,0x099531b,0x163a0f6,0x0481989,0x0e34e06,
-        0x19b3a2f,0x1a82172,0x02c2531,0x0a67d51,0x028403d,0x101195a,
-        0x09cb5f1,0x172ed22,0x0d494e3,0x107997d,0x085bedd,0x0531200,
-        0x189571e,0x05b59fa,0x058fe79,0x0310310,0x020dc64,0x02cb183,
-        0x15e83ed,0x0a14b30,0x1df4a35,0x16a9364,0x175df34,0x13edc1d,
-        0x10babc4,0x02ff772,0x160df6d,0x1e49827,0x076fdbd,0x1fa10c6,
-        0x0018789,0x01c7cc3,0x0a0305f,0x0957352,0x00c4357 },
-      { 0x120cad0,0x199260e,0x0229dba,0x1318c22,0x10decb0,0x0369b6c,
-        0x14e71bc,0x12f4dd3,0x0bc0da1,0x06cbc5d,0x0b1739b,0x0380a0f,
-        0x155948b,0x02a4bf5,0x151c593,0x029c657,0x00f4d59,0x0154e26,
-        0x1d67c0f,0x18a08d4,0x047e772,0x0534d64,0x19f5cca,0x0916661,
-        0x17d0c30,0x167546a,0x0103dee,0x0c0069c,0x1f1790e,0x08c9d42,
-        0x0da08f6,0x0b90b2e,0x0e9b66c,0x1081153,0x11e99e7,0x0845945,
-        0x09023fa,0x13d0ce0,0x156e403,0x1e24e4d,0x0324999 } },
-    /* 80 */
-    { { 0x0834915,0x1576b3e,0x193599f,0x1578bd6,0x1f77aa6,0x0b1008c,
-        0x0f2d897,0x184e53d,0x0699fd9,0x1771279,0x153db02,0x10e8571,
-        0x16e1eb5,0x0a64bb6,0x049c430,0x1d4cafe,0x135f6d9,0x0489c81,
-        0x1ad4019,0x16e0920,0x0e4f668,0x07043b7,0x1965a68,0x13b26c0,
-        0x1bf3f2f,0x1e77c80,0x06d2678,0x16350ca,0x1bcaaaf,0x09fdf96,
-        0x0da02e5,0x12e760d,0x12cc566,0x1b63218,0x070cebc,0x0a6a69b,
-        0x10ffd81,0x031d290,0x0ae4791,0x097e318,0x057ea2b },
-      { 0x0a0f2f2,0x0f0b145,0x12a803d,0x0a1c8d7,0x0c7e75c,0x116216c,
-        0x11e6a92,0x0052f56,0x014baa2,0x0798475,0x0f30bad,0x1a28d28,
-        0x04a901b,0x176ac40,0x0497fbb,0x01ef976,0x0f99d18,0x0328164,
-        0x1603187,0x0a72322,0x1ee3e53,0x1493880,0x1f89e01,0x14e4e2e,
-        0x040a1fa,0x0a9bd05,0x0931d6c,0x05db9c0,0x0f1c223,0x1305a9c,
-        0x0bb688d,0x17c60fa,0x1511e98,0x1705a26,0x19026eb,0x0e484ed,
-        0x1ff1f30,0x061c93b,0x0d7269e,0x08dd4f2,0x060480b } },
-    /* 81 */
-    { { 0x072ece3,0x03eb31c,0x03e0c42,0x1b2ab6e,0x1f29be7,0x1caddc2,
-        0x13f1e73,0x0436a16,0x1dbffa6,0x171dac6,0x0ae976e,0x0501c04,
-        0x1c0e61d,0x00c0a24,0x0b9445d,0x0a90af1,0x040cf55,0x1058994,
-        0x03382c3,0x1da36d7,0x1e3d800,0x0abc6ae,0x0d77ff7,0x14ad68e,
-        0x0237469,0x173fbf2,0x0636442,0x0bc646d,0x13c7c7d,0x0950318,
-        0x196dbfd,0x1525bd3,0x02fe20d,0x0885dad,0x1f4f448,0x0683668,
-        0x00c16f2,0x082f6da,0x0233316,0x1a7351f,0x00774a0 },
-      { 0x1b6c106,0x0c0d5f1,0x02dceb8,0x1f1bc2a,0x0ebe163,0x1aa41b2,
-        0x0e0bdbc,0x02d9eeb,0x13ac7ac,0x1069031,0x1c8abea,0x0cd0522,
-        0x135c680,0x08aa2aa,0x0507984,0x1c7eee7,0x038bf5d,0x10b893f,
-        0x0bed076,0x1fbe063,0x066332c,0x08c3de4,0x11a24f2,0x0593933,
-        0x06744a6,0x0a3ba82,0x1658b06,0x0d0cdc5,0x0cdf4c9,0x046f9bc,
-        0x0c9227b,0x0680ff4,0x060709b,0x148689d,0x0565544,0x07a6fa4,
-        0x1ab9227,0x11e981d,0x0052e58,0x0a84864,0x0081519 } },
-    /* 82 */
-    { { 0x17b2108,0x1b6c4fd,0x06abe48,0x195aebf,0x1ecc83c,0x10ed089,
-        0x0ac56d3,0x0c5ef8e,0x10315c3,0x0957577,0x0bf8fd5,0x01dbe4e,
-        0x0811e14,0x03c21f7,0x15e6fda,0x164b733,0x0fd1d9b,0x06735aa,
-        0x0c6eb5d,0x161c42b,0x090db20,0x07adc26,0x1528085,0x14d9d92,
-        0x1bf52fc,0x1b7a2cd,0x167937d,0x06c7891,0x0cf17ee,0x1c276b2,
-        0x120c117,0x1ec55b4,0x002a167,0x06500c2,0x0fcda9d,0x1a593c3,
-        0x1691c42,0x07cea0f,0x0e1d3a3,0x0f18589,0x05abf21 },
-      { 0x1b3bccd,0x1cb35f9,0x12a91dd,0x017c7c1,0x0047e0f,0x1ea8218,
-        0x00ece31,0x1f99707,0x1946fd5,0x1bf1dd7,0x103a1f9,0x0f0bd3d,
-        0x0579baa,0x0450c69,0x0f155f3,0x1f9fdb0,0x1af25be,0x0cdcb72,
-        0x031c6d8,0x0ba2bd3,0x0da14f0,0x0d3bf31,0x0207e64,0x1547042,
-        0x0c781cb,0x1fd8e37,0x1795366,0x0a45ecb,0x0d14307,0x0ab9a27,
-        0x16bd741,0x12b95fb,0x035b31f,0x07adf98,0x1d0d8de,0x128fccf,
-        0x1270b9d,0x0fbe56a,0x1a9200a,0x10e9b22,0x015ad15 } },
-    /* 83 */
-    { { 0x0588ae4,0x1176755,0x08c8037,0x1146e34,0x152ebc5,0x1182222,
-        0x0a4d1c4,0x05ba01d,0x1e4b183,0x1dfd33e,0x07a10eb,0x06836d1,
-        0x0829216,0x10fa717,0x05aeef5,0x13b8a3f,0x08404c2,0x0caa103,
-        0x08c5ff4,0x1c704e8,0x1162c7f,0x0331a41,0x18282bb,0x000309f,
-        0x194d107,0x0c2fe15,0x0ff87ef,0x0e4332e,0x0743520,0x1558fd8,
-        0x049922d,0x188dca7,0x1bbdaad,0x12b7f91,0x147c03e,0x0c1b71b,
-        0x066725f,0x040af5c,0x0658c41,0x194a5d0,0x03f9c4c },
-      { 0x0ce637e,0x1594b99,0x1377fcd,0x1beba4b,0x01a15f2,0x0156cbc,
-        0x014b62c,0x1d2343a,0x0cfbab3,0x12f9dde,0x1badd4b,0x17aec29,
-        0x1a60d2c,0x06ad3c9,0x124610f,0x04289a8,0x175cdba,0x1112167,
-        0x02e65d9,0x0e0bcf1,0x0132a20,0x00763bf,0x19384b3,0x035360a,
-        0x14df6b6,0x1ad58e0,0x11d2096,0x1fb2fe0,0x0312238,0x04109ed,
-        0x0365581,0x09a618e,0x0486727,0x17734ef,0x1c54704,0x1b79571,
-        0x068d893,0x031c5a3,0x15d2d77,0x1ac447e,0x06479da } },
-    /* 84 */
-    { { 0x05f2b26,0x02279d8,0x1db15a4,0x150173e,0x135a294,0x087b575,
-        0x1f8a10a,0x0ef1073,0x1026a58,0x10e7d91,0x1fe70dd,0x0d6c5cb,
-        0x1676892,0x0588e2b,0x19b3480,0x07dfd75,0x15672a0,0x16e42bb,
-        0x06eb58e,0x1c0e95c,0x199c0ca,0x10eb84e,0x0ff9246,0x003b382,
-        0x1ded665,0x1fbbb62,0x070cabb,0x1b4dd94,0x1683e81,0x0eaae2b,
-        0x11d4212,0x1bf31b0,0x0392e9c,0x0d2b24f,0x00bd936,0x05f5af3,
-        0x037b98b,0x01dedbd,0x0125fdf,0x129e10c,0x01fe09f },
-      { 0x048cc63,0x1f5573b,0x1c51269,0x02cf9f4,0x13ea251,0x1fa2ac8,
-        0x048f194,0x10df917,0x181a16e,0x0abb0cd,0x1919d36,0x0096790,
-        0x1a0c7e8,0x0b0b2cc,0x0204d28,0x04651f9,0x1690a65,0x11b3754,
-        0x0f240a7,0x0652c09,0x0d2b415,0x0a57155,0x1be7866,0x0217deb,
-        0x08c527f,0x0304f15,0x1b19efe,0x07b96b0,0x0cc25d7,0x01fd422,
-        0x14fd869,0x0e9d66c,0x14e7eea,0x007816b,0x1c1b749,0x09e66ac,
-        0x1d83bcb,0x03b4a67,0x149abbb,0x10db6c4,0x04de957 } },
-    /* 85 */
-    { { 0x1eac2f7,0x1e98a9e,0x0a39219,0x156c3b3,0x0084778,0x1bd96ad,
-        0x1be582a,0x0f3e76e,0x0cfdf4f,0x059802b,0x0e3d2c0,0x1c2a635,
-        0x01d0701,0x0e3bce8,0x1e52356,0x0a6e20f,0x0bc8267,0x03e4ca7,
-        0x02eb530,0x09a9dc9,0x1058110,0x1adfe4e,0x1e63382,0x13f5016,
-        0x0898d30,0x157e3e5,0x16b2ccf,0x0489e44,0x0f31750,0x06fe2d9,
-        0x0d3547a,0x149af7c,0x049ba6b,0x015a19f,0x131ef68,0x142ec1e,
-        0x0435275,0x11b53f2,0x06030df,0x117cc6d,0x01c9441 },
-      { 0x1dc1414,0x1098984,0x14dd0e8,0x1887926,0x060765f,0x0fbce70,
-        0x081eb7d,0x194dfe6,0x085d4cf,0x18c58fd,0x0656adb,0x0e5cc7d,
-        0x02f5c42,0x1415980,0x0682792,0x0fe2c24,0x11b9714,0x1415b2e,
-        0x029ff89,0x0784184,0x0726499,0x0c7338b,0x067272e,0x1688141,
-        0x0d673fe,0x1e2ad01,0x04946d2,0x1e7f53c,0x1338ea3,0x023a502,
-        0x12dd76f,0x0f613ed,0x0b4044b,0x1a3049e,0x0862010,0x04cecfb,
-        0x098ceac,0x028a110,0x0d6ea5e,0x1656aa4,0x0611bfb } },
-    /* 86 */
-    { { 0x00ad2a1,0x152af78,0x035ef6e,0x1c29452,0x09efa85,0x158b4a1,
-        0x11da3a4,0x0607694,0x111ec81,0x1888de6,0x149ec99,0x0e05117,
-        0x060e425,0x0cd01e0,0x033ca8f,0x11095e5,0x12df318,0x05dbe46,
-        0x0eabac8,0x1428c5c,0x1d77e2e,0x0221dc2,0x0cd4d60,0x09dd37a,
-        0x0448255,0x0c7c0f7,0x1b9aa86,0x165ddd3,0x0c5944e,0x1402613,
-        0x1f1e96a,0x105562c,0x0ef2da5,0x110d2d0,0x11d80bf,0x1cb4556,
-        0x1370298,0x0e59dc1,0x0aa345a,0x0881d67,0x086e6c5 },
-      { 0x1793d9b,0x0199085,0x1b3bb78,0x023bb6b,0x179fade,0x0985b27,
-        0x16a49a2,0x165ee7f,0x1fe4fd1,0x1556cbe,0x1372201,0x163b254,
-        0x15073a5,0x1e4bb6b,0x1e32f62,0x04d8115,0x1b163ce,0x1305a55,
-        0x12c7ec1,0x060153b,0x13d39c8,0x066d4ad,0x0cd6965,0x0fd590e,
-        0x1d7d4b3,0x1558fcb,0x0883bbe,0x07a5d74,0x0828c8a,0x048379f,
-        0x004c963,0x10b56ef,0x032616f,0x05b0be4,0x064a30a,0x1ae4b2e,
-        0x1233b82,0x18cb5e1,0x049b735,0x17233f4,0x083867e } },
-    /* 87 */
-    { { 0x0474edb,0x1f39f11,0x06b9dd3,0x083509c,0x0a76639,0x16eb719,
-        0x0a6b671,0x0ba4e06,0x114f8bf,0x062520a,0x19ee400,0x146fa44,
-        0x0e3ce2e,0x08e927d,0x1d4c054,0x036f024,0x054263a,0x13e0a6c,
-        0x0b82c81,0x1080363,0x09fc20c,0x0d840fa,0x1cca804,0x138dbf1,
-        0x123fb95,0x0830f40,0x1200387,0x0651b8f,0x059a9aa,0x11bc121,
-        0x0dd61da,0x16fded8,0x1ada8b5,0x0a64f91,0x0dbaa4f,0x1e047ed,
-        0x1fb6389,0x1aa0a6f,0x0ce7a27,0x145cc51,0x04b26bb },
-      { 0x1318454,0x18e5a2e,0x12db4c2,0x1fae86d,0x123b749,0x053a308,
-        0x11c995a,0x03c6221,0x11c84fd,0x02ef091,0x00f5572,0x0dcc108,
-        0x18a5f8d,0x0d8fd5f,0x16db84e,0x1b9c072,0x0c33cfe,0x07f36b4,
-        0x12e4444,0x00703f2,0x0eb71d9,0x0096e63,0x1c2a3aa,0x1219457,
-        0x004137e,0x02d2cf4,0x1f22897,0x1d6bf80,0x04663cb,0x129d2ec,
-        0x1f00270,0x12216d4,0x0b15073,0x07c6a80,0x0931042,0x0b0c0fb,
-        0x0b901e6,0x01ece1e,0x057180b,0x18a592c,0x04d697b } },
-    /* 88 */
-    { { 0x1a8fb40,0x18f7877,0x0273836,0x16b7473,0x09021c5,0x0e8cef9,
-        0x1ec5602,0x1c351ad,0x14c1219,0x1bc3db9,0x1c1789a,0x02d029d,
-        0x026417e,0x07cbcb7,0x04d0b6e,0x0843689,0x05ebf84,0x117c3c5,
-        0x052914d,0x122dafd,0x1693e71,0x11d708c,0x06062ee,0x0d1009d,
-        0x14be957,0x1c57633,0x13e1093,0x144c0e9,0x0ce6ab0,0x1dcea33,
-        0x02f6f24,0x192400f,0x1f15a98,0x078d1d9,0x1434e1c,0x0f3a21f,
-        0x04e785a,0x0920ecf,0x1360298,0x143cd91,0x076ca87 },
-      { 0x02e48b7,0x1fdab70,0x07190d5,0x079813d,0x1bd14b1,0x034e787,
-        0x090d490,0x153b6be,0x02c3b01,0x03c0b2e,0x15b6b7e,0x0f89cd2,
-        0x08e549e,0x1deb05b,0x1fa54e2,0x18ca7e5,0x16b059d,0x1ca97c2,
-        0x0ddffa6,0x0c044b6,0x08c4d3f,0x145ff48,0x1a831cc,0x11ebe5a,
-        0x0a2d3bc,0x0286735,0x0c91094,0x0e42688,0x1b3ce5f,0x13351e9,
-        0x0485f84,0x182ceea,0x1b5e43f,0x1c4a53a,0x0188dfe,0x0a2b24e,
-        0x0be3e37,0x1303a99,0x0def854,0x18cdb47,0x027e7f2 } },
-    /* 89 */
-    { { 0x0a15883,0x1b2d6f3,0x0ccd8e3,0x18cd5fb,0x14a7e68,0x1896f2e,
-        0x0daaf4f,0x020c40f,0x037b878,0x037fca8,0x13db4c7,0x1964c95,
-        0x02c0d44,0x195f3c6,0x0eb1807,0x1301c2c,0x05a1636,0x18e31e6,
-        0x1724d26,0x059fd12,0x12203e9,0x0c20f63,0x1dce383,0x0bf52c2,
-        0x1d7642d,0x074b0b4,0x070f80a,0x154eed8,0x0d54092,0x0b2358b,
-        0x1664f71,0x0e0dbe9,0x0b27fb5,0x035cbd0,0x05c33a7,0x013d322,
-        0x13c85f4,0x07215f2,0x194a3aa,0x06f0648,0x002e964 },
-      { 0x078ea1f,0x0056ed7,0x1a5a455,0x1af6ce1,0x11a1b74,0x0034132,
-        0x19107dc,0x18ff326,0x07d7520,0x1cbeb75,0x184b863,0x1404d39,
-        0x020faa6,0x1c9041a,0x042b2a1,0x0886c4b,0x0637561,0x1bd241c,
-        0x0e05023,0x0c293de,0x140607c,0x026bc29,0x1ccefd6,0x1776dee,
-        0x1b0109a,0x04d43b0,0x1fd4a28,0x09d6493,0x00ae3ce,0x0f6c170,
-        0x1e821e0,0x042f1df,0x04c1b25,0x09d3f43,0x0a8a754,0x1f983cc,
-        0x1919062,0x1c5ca70,0x149f7b6,0x1b49e2c,0x0739f53 } },
-    /* 90 */
-    { { 0x04adc5f,0x1a54449,0x15b5e97,0x0d5031e,0x15646c1,0x0afcaa4,
-        0x044a5de,0x0001d89,0x1d19c54,0x1a43a9e,0x044ad0a,0x06d640b,
-        0x0616fa2,0x143d24a,0x0f597cf,0x1a0ccd6,0x001045f,0x0538ba5,
-        0x0a97850,0x0a06262,0x0623b63,0x0254b5c,0x09e712d,0x16007ab,
-        0x19d659a,0x18d3d19,0x18e09bc,0x0e5e618,0x1090cdc,0x1c8637b,
-        0x092d39c,0x120dd7c,0x1ac6c36,0x0282d2c,0x01b6ee9,0x14734fe,
-        0x058c413,0x0cc8f0e,0x03a120e,0x1ff441c,0x0020c23 },
-      { 0x1c74661,0x1256d57,0x0194483,0x064eff8,0x17bbcf6,0x0e73cc9,
-        0x073dadb,0x1428209,0x17b161b,0x1c6b5a9,0x043ec96,0x086352c,
-        0x0922218,0x0feef3b,0x07b2747,0x00c61bd,0x04d42d8,0x1e995fd,
-        0x09137d2,0x0ae054c,0x0dfb388,0x16a2ac9,0x137b747,0x09c0371,
-        0x1f45bfb,0x0d8070e,0x0a1b885,0x1e97bda,0x137e6a8,0x0a43b54,
-        0x08e024d,0x10261ee,0x15278ba,0x010fc20,0x1a48e2a,0x158db88,
-        0x1d8b4f8,0x03d88cf,0x073bc88,0x0a7f24d,0x076e7bf } },
-    /* 91 */
-    { { 0x1ebd187,0x1421413,0x16ed7c4,0x176cb55,0x0d3320a,0x12c34ac,
-        0x1d969c8,0x1576084,0x18f0986,0x11f99fc,0x1fd40f6,0x0f4f5d7,
-        0x0541180,0x012fb8d,0x11ddb2a,0x1e4964b,0x1edff7d,0x0606f3d,
-        0x197c7ed,0x161e842,0x1ae3da8,0x1bb98f9,0x17cffdc,0x07c14a4,
-        0x1d7e719,0x1232668,0x0edacee,0x1bf0954,0x1f37828,0x1c4bd50,
-        0x11eea12,0x1cee675,0x07960cc,0x00d10b7,0x1aad426,0x1a9a8da,
-        0x1cbb80e,0x009612b,0x1bc247b,0x04e572d,0x079e7ad },
-      { 0x130caae,0x0b86e47,0x1bd0f36,0x0214dd7,0x05cabcf,0x0a30b6c,
-        0x018fb1c,0x130c783,0x1519e3a,0x0286d85,0x0c4f587,0x12c6c99,
-        0x09f39b8,0x112a3db,0x19f607c,0x16199be,0x1b9d67d,0x1b8abd5,
-        0x025246d,0x144b751,0x00dcccc,0x1e3d13f,0x1da2481,0x1a86503,
-        0x08fbe0f,0x0049a57,0x0d5c83b,0x0bb23ee,0x1d7beda,0x0c84e6f,
-        0x0cacbd8,0x094073c,0x0c10232,0x0c7ee0f,0x197b6c3,0x1ba787a,
-        0x0fe5005,0x048b642,0x1aa50cb,0x1589817,0x07f8c37 } },
-    /* 92 */
-    { { 0x1ac05e5,0x00f2a21,0x0094cfb,0x099b1a7,0x1a4a4da,0x1fcf15e,
-        0x0302e22,0x1b90db1,0x0b53811,0x06b8ee8,0x0eae90d,0x01a5478,
-        0x1e65504,0x1b0b08d,0x1102526,0x09f4057,0x06e279a,0x18e16a1,
-        0x0c196b0,0x14b5447,0x0890535,0x17e2975,0x16aa28c,0x1bb5a45,
-        0x1eca79f,0x137ad2e,0x14aacec,0x023e0bf,0x1cd81e9,0x13edf9b,
-        0x03176b3,0x121a2d7,0x00e44e7,0x0c4a707,0x0bb793d,0x1e2bcd1,
-        0x1c92a74,0x1024ccf,0x1f0bebf,0x1552e1c,0x01d7703 },
-      { 0x10062a9,0x0640e9f,0x02eaa29,0x11b2d44,0x031eb2b,0x05e880f,
-        0x0637e19,0x028cdbb,0x04413b6,0x102fac9,0x1557e2e,0x141bd34,
-        0x1151a67,0x1725a96,0x10bc25c,0x1564759,0x0ec7184,0x1d5aed5,
-        0x11fda46,0x11687cf,0x07f4ce0,0x05bb621,0x148394c,0x047d7b8,
-        0x12069e4,0x0673e9a,0x00d37c5,0x16bc73d,0x0305ac6,0x194aa23,
-        0x104f72f,0x1fc699b,0x02cb2e1,0x1ad7db4,0x1744447,0x13a9588,
-        0x07f296f,0x17b1e6a,0x021c717,0x1d92784,0x00a2c40 } },
-    /* 93 */
-    { { 0x15747db,0x01c27d7,0x01ac26f,0x0d80d57,0x1bad608,0x1e0aa39,
-        0x020ba79,0x17f480d,0x155977a,0x0a99368,0x077ac0b,0x140bb50,
-        0x11063a9,0x0925b08,0x01b929d,0x1d72135,0x07a4ab2,0x10a017c,
-        0x171802e,0x0e43a9a,0x1dbf7d0,0x14f944f,0x068bf66,0x1bcde0e,
-        0x0e66dec,0x139faee,0x1f6ae7e,0x042e24e,0x074bab6,0x024fb62,
-        0x0cdb4b7,0x0eddda0,0x0017e1f,0x012e9ee,0x170136a,0x0772e2e,
-        0x14b05e4,0x14bf1ea,0x121f9b0,0x08cad93,0x02efb45 },
-      { 0x121c064,0x0958045,0x0a7a91c,0x0494e0c,0x1186fe4,0x1a7857e,
-        0x0cd026d,0x052c86b,0x17ec9e6,0x0b2d521,0x183421a,0x0ce7898,
-        0x0adda14,0x1f982bd,0x19599c2,0x0dec016,0x0403ce8,0x13f82f4,
-        0x1100685,0x00e7520,0x007ec05,0x1c14a73,0x05ac798,0x19ee08c,
-        0x0325269,0x09d103c,0x0fa339f,0x1282283,0x17053d2,0x0c69bab,
-        0x0374e2b,0x1954cc6,0x1a68fb3,0x021a86d,0x1fc7a54,0x17d97d5,
-        0x1d2d760,0x08b36a8,0x047927d,0x19c8c51,0x0337532 } },
-    /* 94 */
-    { { 0x000bb9b,0x08c299d,0x1a14fc4,0x1c8becc,0x0d2ffba,0x1771269,
-        0x06a1752,0x0dd35c2,0x1034185,0x05d0f0d,0x04d27c6,0x02f04e6,
-        0x15a9ac8,0x0a2b8ad,0x0f7f529,0x1a5d582,0x03c5daa,0x1d2fba1,
-        0x0d6dda9,0x090772a,0x1e9b30a,0x127fc39,0x04ba6b6,0x07420ab,
-        0x02d8472,0x0700ab3,0x0e3b6b1,0x126a92f,0x18fa70b,0x020d1ce,
-        0x07d86d9,0x081a2b1,0x141d756,0x02f850a,0x08dfc28,0x10c5328,
-        0x0bb2890,0x05801a3,0x0cafff6,0x0bba99a,0x0192a2b },
-      { 0x05ced07,0x1b3141b,0x147d8d5,0x160bbc3,0x029f32f,0x0053d50,
-        0x0e6f2fd,0x08eda2f,0x09bb50a,0x18d9504,0x0989e06,0x1776f2b,
-        0x1b9389a,0x19a7e0c,0x13fd83e,0x10e72a5,0x092387d,0x179d5ca,
-        0x0483335,0x00a7ccd,0x14f0a8f,0x05b1d4d,0x0fbcb75,0x1d04252,
-        0x0ede151,0x1d0cd58,0x0c20e2f,0x1f74181,0x1c11bea,0x13d64ff,
-        0x1e0af56,0x12b9810,0x18bfd95,0x1786302,0x028fe30,0x14d0da9,
-        0x1d9b31b,0x1d5d578,0x109a30c,0x1127781,0x0632e22 } },
-    /* 95 */
-    { { 0x1a1ccca,0x08e900a,0x0f0c721,0x18fca45,0x0efe290,0x155829a,
-        0x0755463,0x02e16e8,0x1bc85e2,0x132b0cb,0x1e2ca6b,0x083c039,
-        0x18ae131,0x134a423,0x0b2d64d,0x1b15c5c,0x10fc31b,0x075abdd,
-        0x09939e2,0x1debad8,0x0d86dec,0x064e5cb,0x1bea15b,0x12307b4,
-        0x1681327,0x0b516d8,0x00e0f5e,0x007e704,0x0c6fedf,0x0b7f8e8,
-        0x06d6291,0x114d57b,0x1589805,0x0b78c92,0x0b160fe,0x0e673ea,
-        0x1a7e9ea,0x16f6c7e,0x135173d,0x182ba39,0x068c3d9 },
-      { 0x0b392b7,0x13132f3,0x14259f8,0x1eeebb2,0x0ec1d9b,0x128a7be,
-        0x0f3535d,0x039c2d5,0x00de72e,0x037acd9,0x1ec0cf6,0x079a35b,
-        0x0ca66e4,0x02f22be,0x0d10d00,0x1b545b6,0x1165681,0x0db3d3c,
-        0x00451cc,0x1cf757e,0x0961c32,0x1769d8f,0x019bf85,0x07a4dcc,
-        0x0298ef6,0x0b6c927,0x01506b7,0x17d41bb,0x02f9719,0x006fccc,
-        0x0b3be54,0x18be0ed,0x0876e63,0x09cb5ae,0x0b96c8f,0x14abc25,
-        0x0ec6747,0x17dd9b1,0x01a9427,0x1dc4665,0x08f2055 } },
-    /* 96 */
-    { { 0x02c1af0,0x15cf1dc,0x0991292,0x0fe595c,0x1c65e9e,0x0c3ea37,
-        0x0b02980,0x0c69fd5,0x1e393b3,0x1e9f99a,0x0eb3389,0x1801033,
-        0x119c9f7,0x1c55330,0x1d062d6,0x15d2a7e,0x157372a,0x0ffd4a2,
-        0x16ce162,0x1af0091,0x1c1c937,0x0fb78fd,0x144321b,0x1e1419d,
-        0x0bd89a2,0x0f5a457,0x08d9d0e,0x1cbabf4,0x17d2d8a,0x15059f8,
-        0x05040e9,0x0823b31,0x033f68a,0x1b3d179,0x02cc862,0x0cffd9d,
-        0x0319bf0,0x112a079,0x0c8b810,0x192681a,0x01292c8 },
-      { 0x186463d,0x1aac381,0x05ffd7a,0x0406e3b,0x14bbc2b,0x00ce2d6,
-        0x115c42e,0x082366c,0x0cf04ad,0x05da16b,0x0e7b043,0x18eccd2,
-        0x075d819,0x100c23f,0x116b04e,0x065c90e,0x1021c72,0x027b825,
-        0x12c15e0,0x1cb1415,0x02952c9,0x19dab0f,0x0548ee2,0x1f3746b,
-        0x0df0079,0x11419c2,0x087aaa5,0x10463f8,0x0a2b907,0x02a7c57,
-        0x18e8bab,0x061a384,0x075ed77,0x1c80040,0x1b57ecc,0x1559689,
-        0x1011293,0x0a35617,0x05d9249,0x057d704,0x07c7876 } },
-    /* 97 */
-    { { 0x07902b6,0x1eb7d83,0x0602e3d,0x07a2e6b,0x12823a4,0x1a0eeed,
-        0x1ec4965,0x0b80c59,0x14033f9,0x11c8d83,0x026e31b,0x0146d0b,
-        0x123831d,0x0911487,0x11d3525,0x03e75c6,0x0d6222e,0x0a6d58a,
-        0x0fc234e,0x01f9bca,0x08f58f0,0x17383f9,0x156645e,0x11cc0f8,
-        0x0a0ba06,0x0120b35,0x1f5f87e,0x004e27c,0x0a328f6,0x0aa026b,
-        0x0a9f095,0x131219a,0x12e3264,0x0590506,0x0513b28,0x19e440f,
-        0x12f4e09,0x0c6e03a,0x1a07572,0x009b09b,0x0694035 },
-      { 0x1407206,0x1d9b372,0x0a33e2d,0x1e1b11f,0x1ecf54c,0x1397378,
-        0x19523dc,0x0d0dfdf,0x081ab44,0x12989b9,0x1d10235,0x1e1c9c8,
-        0x1f52cb5,0x124839b,0x109ace9,0x1a0e33c,0x19b4980,0x192bb60,
-        0x1c9cb2b,0x068c501,0x11c991f,0x07a3479,0x1e39829,0x1089b12,
-        0x0a32990,0x015c3bb,0x12e5456,0x14aae01,0x11adbf8,0x19b28a5,
-        0x1beac6b,0x1f7a687,0x0ebff92,0x00f9a11,0x0c06df6,0x0265f3f,
-        0x1a6b30e,0x0287035,0x0551ab6,0x04f78bf,0x06da9e0 } },
-    /* 98 */
-    { { 0x09490ce,0x172612e,0x0e0487b,0x061bed0,0x096ec4a,0x149b475,
-        0x01f8292,0x1e7cd8c,0x04bc262,0x0582495,0x10d3ff6,0x04208c1,
-        0x0d0846a,0x146f99e,0x1fde990,0x0ec25ef,0x0442182,0x08862a8,
-        0x126f340,0x0bf9d22,0x13dc9d2,0x06e7e30,0x1c95847,0x1ea39ca,
-        0x17e8897,0x05a8acf,0x053a302,0x1f477e6,0x07538f3,0x108abaf,
-        0x083a855,0x1239080,0x1e0a951,0x1568568,0x02eb3c0,0x1e1a44d,
-        0x058b8e5,0x0635620,0x1644a81,0x17366a2,0x0773b40 },
-      { 0x031cfd2,0x1966e1b,0x1ef003f,0x0700ee6,0x14c4c2d,0x0529380,
-        0x185a8ce,0x1bdac00,0x1b32cab,0x0719836,0x0c5f2b4,0x11d54e1,
-        0x0e33673,0x1cf9a9f,0x1d2aa35,0x075a7e5,0x0d9576f,0x03897b5,
-        0x06caf38,0x0f30a51,0x0a30e42,0x06ed496,0x01763e5,0x0925bb2,
-        0x1d475d8,0x05ecc48,0x0934579,0x1c0d4b9,0x0eabbd3,0x0a7592a,
-        0x0f11c97,0x181daa2,0x1394ace,0x1573618,0x0166efe,0x0efc1f3,
-        0x033fd13,0x092aa34,0x13dd770,0x10b8ad8,0x012b463 } },
-    /* 99 */
-    { { 0x12951de,0x0df5ec9,0x1252043,0x04b54d3,0x16959d4,0x197846c,
-        0x07013b2,0x058bf89,0x02250b8,0x03a7866,0x113876b,0x134a75d,
-        0x0d96a43,0x0824cd6,0x0f2ae6a,0x1675f86,0x06654d9,0x197e66f,
-        0x018eba2,0x1e50b87,0x1f88f4a,0x1f237f5,0x08dccdc,0x1356fda,
-        0x1672c3c,0x1063a8e,0x03f8480,0x038a226,0x13e56ec,0x0017a97,
-        0x006b609,0x1494c95,0x089ab7a,0x0b1f91a,0x198767c,0x0e143f6,
-        0x0e55331,0x034df08,0x1505c5f,0x0bcfb11,0x061c193 },
-      { 0x092ae43,0x116cd9a,0x0168b9c,0x0a0a71e,0x1ef89d9,0x0555b18,
-        0x1962080,0x02f5cef,0x0eba4b1,0x0396090,0x1872e0a,0x0590748,
-        0x065c243,0x05c9c79,0x16cd0d3,0x0fb8062,0x0c58c4c,0x082df95,
-        0x05acde3,0x0a03bab,0x0c30d2e,0x0fe5c48,0x0a141b2,0x06c3e19,
-        0x0f4617c,0x1d71e85,0x0168d72,0x03ef6e3,0x1c01382,0x1af8f9f,
-        0x17ef440,0x116491d,0x0628af5,0x0e5703a,0x0741232,0x071ac84,
-        0x0ca1877,0x11ed1c9,0x16e51d7,0x1e4e3a7,0x027ad0d } },
-    /* 100 */
-    { { 0x05b5aed,0x1ed3c98,0x1a9e78e,0x08b331a,0x0c67d4a,0x1f5b801,
-        0x1874c3d,0x08990ab,0x0147d1c,0x0c53f4f,0x1503b70,0x0c31912,
-        0x003ea99,0x1f35fe9,0x0ef8829,0x0886f4a,0x064ecc1,0x164a43f,
-        0x13be171,0x0f240e6,0x0bd5729,0x18eaf0f,0x1e83539,0x091ad6d,
-        0x0b1e64d,0x06a7ed1,0x159b880,0x10543c0,0x1366a17,0x186d2d2,
-        0x0e0a8f1,0x0348e6e,0x03fbd2b,0x010747f,0x1019ff8,0x0bafdf1,
-        0x0acfb66,0x1437ef7,0x150bfb1,0x04edba2,0x05d9b5e },
-      { 0x13e472e,0x1e2d2e5,0x0178d8d,0x0e61428,0x0153d92,0x04c2ac1,
-        0x04b96d1,0x0a20133,0x1f39a08,0x0780666,0x1b15806,0x18236b8,
-        0x0e26237,0x09a1aa0,0x03b5020,0x0630883,0x1f07e7f,0x1ff7be5,
-        0x1d215da,0x1246cd7,0x091aecd,0x0d5e4a6,0x06dd6f8,0x02c44ec,
-        0x178de4a,0x05c470b,0x0f171af,0x0a5cafa,0x171858c,0x0163ad5,
-        0x1e5730e,0x07edc73,0x12c2c28,0x19afe70,0x1bcb589,0x0c98fc1,
-        0x035a599,0x18ef58c,0x11d9b81,0x19b9771,0x024f891 } },
-    /* 101 */
-    { { 0x178c1e2,0x1b05fb3,0x197093b,0x1a01ab7,0x1f49c03,0x00d04ff,
-        0x061b8bc,0x0b1d823,0x0ae096e,0x0d39452,0x1e61316,0x1db6e0e,
-        0x05aabbc,0x038652d,0x11cef4a,0x01c7bf6,0x0614de3,0x1464946,
-        0x1d9eaf2,0x1cff349,0x09cf3fa,0x15f610d,0x00f0acb,0x1b36bbd,
-        0x10d629c,0x06fd7d3,0x07182c6,0x1bd5d4b,0x09b54ca,0x1bdf202,
-        0x18f57fb,0x0dba621,0x0eebc76,0x190e67e,0x1f8e3d8,0x0aee91d,
-        0x18ee8af,0x0e19588,0x1d84bfa,0x19fa85b,0x0863ac3 },
-      { 0x05a2fe2,0x17e53dc,0x171828d,0x11dc853,0x13e70d0,0x0e1ca27,
-        0x0882450,0x0151937,0x067272a,0x0354083,0x02f418c,0x0aabf2d,
-        0x1de69a1,0x0a9e301,0x1bdf91c,0x1c9f570,0x14aef56,0x04b8330,
-        0x01e02d3,0x186d713,0x1263c0d,0x111d0e9,0x10d95ff,0x0aa4592,
-        0x17a8643,0x13c80fc,0x1bb7fbd,0x12312fe,0x0a17a0d,0x18ea36d,
-        0x0f7aef8,0x10b599f,0x1179100,0x1e0ef37,0x18ca3e7,0x19c1b4d,
-        0x01e7142,0x0ea9edf,0x1c96872,0x03d170c,0x03e3f1b } },
-    /* 102 */
-    { { 0x17fbf05,0x10ae03d,0x020adfa,0x0c3e347,0x192f11b,0x0e68de4,
-        0x1656b47,0x11793bb,0x0ad0f7e,0x0fadbfd,0x1eade4c,0x0bd7f94,
-        0x062936e,0x0cd2adf,0x1d05f70,0x1caa861,0x04343cd,0x18fb7a7,
-        0x0bc112f,0x1ebccb0,0x0408971,0x1221446,0x1cf0ee3,0x00feaea,
-        0x0c59fb8,0x07830d5,0x16062d6,0x0c9dc5b,0x03b0d3a,0x05304bd,
-        0x161bde8,0x0072960,0x185ecc8,0x1a8bec5,0x11d2fec,0x0d340b2,
-        0x079c3f0,0x16acbbd,0x0009626,0x1b0e015,0x081208e },
-      { 0x0c4ce37,0x1a84c8a,0x0298424,0x0743549,0x134bb84,0x06ac747,
-        0x1c09160,0x1750c00,0x1b375b8,0x0da1624,0x0f7a0db,0x0a49da7,
-        0x16ac365,0x124919d,0x08786d1,0x128deaa,0x1d564dd,0x15e3e62,
-        0x1ed6dab,0x09606b7,0x01a39c1,0x0c00a36,0x1fc8ae8,0x04429ea,
-        0x0fbbc87,0x1b205b1,0x1ed2485,0x159fafe,0x0d6df13,0x06d0e5a,
-        0x0457fc4,0x0c4c015,0x00e2620,0x08b3fb3,0x0a76076,0x12f58fb,
-        0x16e7a19,0x0713065,0x0cf09ba,0x17101bd,0x044383f } },
-    /* 103 */
-    { { 0x04f9af6,0x1f80ef2,0x0873841,0x1b1963f,0x16381a4,0x1eea499,
-        0x18fb3ed,0x13fccb7,0x026a883,0x05c21ad,0x1e27634,0x122a7d8,
-        0x1fee60f,0x15e62f0,0x17fa940,0x15039c4,0x0c57e44,0x0023be0,
-        0x0c2e96e,0x1d3f064,0x0dd9349,0x17ef0c0,0x1750bcc,0x147a239,
-        0x19eaf64,0x01d4581,0x1afadc2,0x01df109,0x0742cb8,0x1062789,
-        0x188a239,0x0e41404,0x0156cc5,0x1dbbfa2,0x1799c94,0x139aa8f,
-        0x06013a5,0x14d3765,0x0111660,0x11e1aa9,0x08aee70 },
-      { 0x0c54409,0x116ce19,0x0b1063c,0x0cebd75,0x09ebfa4,0x1424c0d,
-        0x1a4a218,0x01921c5,0x16b3a8e,0x0100fb7,0x1d907b4,0x02d97ae,
-        0x15c9730,0x180b82b,0x09bcbc1,0x19c03f2,0x08ffec0,0x024c202,
-        0x0c674c1,0x12c423e,0x08c4bf6,0x02648d4,0x1d2d721,0x0061504,
-        0x0fbcee0,0x090a620,0x1793db5,0x1dacea4,0x167d1eb,0x03e614e,
-        0x0dabdf9,0x1843a6a,0x0307db8,0x14a02fd,0x11aaeec,0x1ead6d8,
-        0x033e805,0x0cd3f18,0x09683c1,0x1fcc12d,0x0970f61 } },
-    /* 104 */
-    { { 0x1ec8e4a,0x09e918d,0x0d306f1,0x086b4c0,0x0809ac1,0x0f2326c,
-        0x0076942,0x06a9dc1,0x18a4882,0x0b570fe,0x0192d92,0x10c664b,
-        0x1fa1ae9,0x1a66834,0x1284fa5,0x14d6975,0x058b1d8,0x01b9c66,
-        0x1dae769,0x0e3eb1c,0x16fb5fa,0x0463f58,0x12466fa,0x09c853b,
-        0x0f13fad,0x0f6fae4,0x049267e,0x0b076ce,0x0d8bd74,0x008ad08,
-        0x1faf388,0x0af2176,0x06d7605,0x1bc6efb,0x1b7920a,0x15262d5,
-        0x15f855f,0x0c7d96b,0x1329f83,0x128b4fb,0x0404b5b },
-      { 0x17a15c7,0x1341528,0x080be7b,0x19df100,0x0ae4cfb,0x0351aa5,
-        0x104e544,0x1cf9dc5,0x0170feb,0x0f300c9,0x03152d7,0x13fae7a,
-        0x17589e3,0x0648495,0x171c4d6,0x1fcbe32,0x13f0a7b,0x0e5bf6a,
-        0x187325e,0x124855e,0x17d92bd,0x1629caf,0x034bbc5,0x1665e13,
-        0x0c1ca70,0x0e086a5,0x154b461,0x0b0ea4d,0x0d6195a,0x18254a1,
-        0x0b0a4ca,0x14a0161,0x025a979,0x1e9187f,0x12b958b,0x18bf43e,
-        0x00da253,0x1aad791,0x1800983,0x16b0628,0x07faa11 } },
-    /* 105 */
-    { { 0x0402149,0x1278637,0x0466c2e,0x1b2c798,0x1584cc1,0x093a3b1,
-        0x1706a99,0x1e4ee81,0x1c95715,0x1bbffba,0x07ec38f,0x095a7f1,
-        0x1fb2f23,0x17cdf1f,0x05640cb,0x0fd04aa,0x01d0423,0x1fe4fd9,
-        0x054fb64,0x1dfe714,0x1d13eb2,0x1008020,0x02754eb,0x037b051,
-        0x0545b7f,0x152e797,0x190e54f,0x1a944f9,0x1e75c8d,0x12ea6c2,
-        0x10c034b,0x04837c3,0x193ed62,0x10196f5,0x097c090,0x023ca7e,
-        0x03a4e70,0x0abb1b6,0x1fafee6,0x0a5db31,0x014b63a },
-      { 0x1c43336,0x05aa9b8,0x092dd84,0x0c47490,0x19dfd4a,0x03028d8,
-        0x08b800a,0x1b6f72f,0x08f5f1e,0x155ddce,0x1f6ab61,0x1aef36c,
-        0x1b67a57,0x06affd7,0x13941b7,0x078c715,0x19589ac,0x042ed4f,
-        0x168f454,0x197550e,0x0ed2081,0x07f49a3,0x00cd4f6,0x1f3405a,
-        0x161f1a1,0x038d955,0x1ce9967,0x0196126,0x1df8a1b,0x1185a7a,
-        0x076df83,0x1d6fab4,0x1c4c741,0x12e783b,0x1271ca3,0x191e08d,
-        0x17c171a,0x0e85e3f,0x09954cb,0x0e706da,0x0024858 } },
-    /* 106 */
-    { { 0x1a4cd8d,0x06e91ba,0x09e3350,0x072f797,0x132ca43,0x06b0fa8,
-        0x1361096,0x0d0618b,0x1da1e8e,0x13f602c,0x1750282,0x02e23ac,
-        0x1607a8f,0x1a1a86b,0x079957b,0x15c850d,0x0f05983,0x05cc673,
-        0x162faf4,0x02723b3,0x1d497b6,0x12d8dd2,0x0e94a78,0x0d659ec,
-        0x132e91f,0x114a37b,0x08fe8ed,0x1acdd8d,0x0f0ed2b,0x087661f,
-        0x1d8e5e5,0x0be1168,0x09008cb,0x1071777,0x1096596,0x0ffad7c,
-        0x1177bc8,0x16a89e0,0x0b6b9e3,0x1bffca2,0x06798ce },
-      { 0x197c5c6,0x1fc7e8d,0x0cfd278,0x1cf1876,0x19fbab3,0x1acadd1,
-        0x1104903,0x0ec884e,0x15d7d43,0x1a112dc,0x111ddc5,0x1f98f38,
-        0x05880b3,0x194b592,0x0eb2a0c,0x1c309b8,0x1f71734,0x12ac89e,
-        0x124d11c,0x1647a73,0x0a11a4d,0x19e8a10,0x13aecdc,0x0c117b9,
-        0x00cf9f3,0x09fdce9,0x18c33f8,0x0c3159e,0x10874ca,0x1598af9,
-        0x095d7c1,0x13e000b,0x06efe7f,0x1e4eda8,0x1e3006f,0x03155d4,
-        0x178e7c4,0x0bc92af,0x18e57e4,0x1a4a5d2,0x03ea7ae } },
-    /* 107 */
-    { { 0x106ae25,0x0bf022d,0x03be618,0x1b96aea,0x1cac148,0x0615d15,
-        0x0bc3981,0x0eb23d4,0x176b789,0x060cfb5,0x1686040,0x0da0ca3,
-        0x1b79b9b,0x04a2b82,0x0896faf,0x0b7e3e6,0x1f35c00,0x0985a1a,
-        0x109361b,0x1689057,0x1777440,0x0b6b1b9,0x0ae3c26,0x08969b8,
-        0x16c561c,0x0ccb2fe,0x18c241a,0x1280bdc,0x0a1ec1e,0x0492045,
-        0x05467fc,0x07a5e51,0x0f3246a,0x033cbf7,0x1d96f1d,0x1c02d86,
-        0x10705f7,0x092b4fe,0x001118b,0x1380a4a,0x06a8ad3 },
-      { 0x0be7282,0x18106a3,0x1c4b917,0x1a42701,0x1405afe,0x0d35684,
-        0x096f757,0x03c99b9,0x07f8be6,0x16b78c2,0x0e05e30,0x12a6b2d,
-        0x1420132,0x1d46fca,0x0ec79ed,0x0569b1a,0x1bb3957,0x13abe30,
-        0x0330ed5,0x136af70,0x1fecd74,0x099bd9f,0x05643fe,0x0bb929b,
-        0x1b65314,0x0b99cdd,0x188cd79,0x01838c0,0x03feba7,0x196bfbb,
-        0x0ca70b9,0x198c36e,0x168e424,0x1f96523,0x1e9aa9c,0x1aeefa5,
-        0x05cb58c,0x126dd56,0x186ab7b,0x0f339f5,0x01a1811 } },
-    /* 108 */
-    { { 0x1575ed0,0x1fb17bb,0x066dbdb,0x12fa3b5,0x18f14fa,0x17ebfb0,
-        0x0bbeda7,0x0665ce5,0x1ddc286,0x02d5a65,0x1160d31,0x1a90b0d,
-        0x18b0e20,0x1cbbaee,0x05c0468,0x08931a7,0x008f413,0x0009864,
-        0x14457b6,0x011d75e,0x1ed92d4,0x0e01306,0x1141a81,0x1957223,
-        0x1736219,0x1434f2d,0x1ba1a4e,0x19ea118,0x1736174,0x122fe63,
-        0x08d39c4,0x12bb139,0x171aa1f,0x1de4c17,0x11a981e,0x049774f,
-        0x012b7fd,0x128af39,0x1d6a3ce,0x0eb2461,0x07d2ddc },
-      { 0x0d2cae8,0x0c0b6a7,0x0ddcf41,0x1b73800,0x0cf6bc7,0x15846a2,
-        0x0639991,0x101847d,0x14b9c01,0x0f73630,0x05e707e,0x1427df2,
-        0x0ae11c9,0x076cb44,0x0d851fa,0x0e14f4b,0x048d066,0x0bd7f5b,
-        0x1da149d,0x0066782,0x08f2d67,0x14bafcf,0x0a27765,0x14d15bd,
-        0x1228d37,0x0c35dab,0x191532c,0x0340bab,0x1dd5502,0x0ac7831,
-        0x1cd2040,0x0996d95,0x0dd4f08,0x055f3c9,0x0149e15,0x0ce189b,
-        0x0e729d7,0x0cb4ee3,0x102ea11,0x0f5637e,0x05a52f8 } },
-    /* 109 */
-    { { 0x1ecacbd,0x0cf4884,0x17abb40,0x1af7137,0x0544023,0x039b8f3,
-        0x07c2d5c,0x02ef98a,0x016c8e2,0x0419582,0x166ad45,0x0d05024,
-        0x14b1aa6,0x11f1b0e,0x0403e48,0x0b854dc,0x0e9e3a9,0x172c9f7,
-        0x1b04389,0x16d77a2,0x013f699,0x19ca39d,0x0b521e1,0x0e930f9,
-        0x14dc5b2,0x174f8e0,0x1495678,0x0fb800e,0x147ad25,0x024ee1e,
-        0x04e1126,0x1baa4ef,0x1df278a,0x0adccc1,0x1b23bbf,0x00ee1c7,
-        0x16bd02a,0x12c2233,0x17ff8ab,0x0c87ce0,0x017f027 },
-      { 0x1abea1f,0x0008694,0x1133769,0x0a480f5,0x036b969,0x1990c5b,
-        0x004a410,0x0952d4c,0x1163d53,0x110fe1d,0x081597c,0x0b7d998,
-        0x1705ba1,0x0b142ab,0x0e39536,0x009a624,0x0578788,0x00d8a21,
-        0x026a7f9,0x17e6095,0x02b196f,0x1625f32,0x1229fc1,0x05610bd,
-        0x020e86e,0x08eee8d,0x0bfd296,0x1efe4f8,0x0343b88,0x03a9d25,
-        0x13705ec,0x1762e7a,0x04b1e88,0x03ddf34,0x0910f70,0x0e7599d,
-        0x0c441d7,0x0ae446a,0x055fb6c,0x134a7cb,0x00ef030 } },
-    /* 110 */
-    { { 0x08e5b60,0x12b90fd,0x0ec93f0,0x1ad2381,0x046938a,0x0511243,
-        0x12dd82c,0x0efc8da,0x07de168,0x11fcd61,0x0718c21,0x0dde4e4,
-        0x02503bb,0x05b3fd8,0x106677c,0x17a73f1,0x172e07a,0x13c60f6,
-        0x0cbc376,0x1bd6f76,0x09f3cf9,0x18361e4,0x0bfdc9b,0x0e444b5,
-        0x08b2d19,0x1ae5b80,0x1d3c517,0x1eb4c22,0x1c4f378,0x17c622b,
-        0x1913839,0x0388a78,0x1bdaa44,0x0964045,0x09b69ba,0x02af7c6,
-        0x1d77356,0x1e1feca,0x0dcaaa6,0x18d766f,0x03d3b6c },
-      { 0x122c880,0x189664b,0x0225b9b,0x0e50d6d,0x1a1b6ae,0x17d7f61,
-        0x1026eb4,0x1df7439,0x043bb8b,0x0b256bd,0x0fd30eb,0x14012f8,
-        0x1ba5af6,0x01a9d48,0x1f2c367,0x17ed655,0x0ab69cc,0x06509fe,
-        0x0aaf064,0x142723e,0x07e5699,0x0111d12,0x0b6f555,0x0911b34,
-        0x0180f95,0x01e7103,0x1c49133,0x153cf7f,0x13a365b,0x1d5f43e,
-        0x188a4a5,0x1f4994b,0x054fa38,0x10db620,0x08f59ef,0x096720c,
-        0x18f41a4,0x133e2bb,0x1139c7e,0x0878f6a,0x02e946e } },
-    /* 111 */
-    { { 0x00934ae,0x07eefe3,0x1b44a60,0x1e2c840,0x0c3e7ef,0x176bad1,
-        0x1fe5905,0x1b9eebc,0x15cd0b2,0x1630679,0x0b61efe,0x1d9c3f5,
-        0x1dddc4b,0x0c24f2e,0x0fea1f2,0x1e35cea,0x0a32c1b,0x1e2ea8b,
-        0x11ccad2,0x1b7d502,0x096b565,0x1d67243,0x001faf8,0x172ed28,
-        0x074d6cd,0x1df2065,0x0197939,0x1eb9a4e,0x0c4ebc3,0x1e009d5,
-        0x085d211,0x087ad87,0x162e034,0x103b533,0x125519e,0x1ad21b1,
-        0x1eda677,0x06bc6b0,0x16309da,0x0aa0303,0x00997ce },
-      { 0x05a0b81,0x1ba364b,0x17ea4a5,0x0dcbc25,0x08b58be,0x0fa1bfa,
-        0x0cf11c5,0x0b2aae7,0x1b565c4,0x012f483,0x09e5f39,0x0a242b0,
-        0x0f4f43f,0x0752a3a,0x16be9be,0x00959cb,0x1be13de,0x19575c7,
-        0x0281f20,0x1f2be1d,0x09feed7,0x1733160,0x0f804a9,0x0859e2e,
-        0x0e9b8c7,0x022dfcb,0x0b8a287,0x1d4aeb3,0x14e2f38,0x00da2e7,
-        0x0651d65,0x1f20340,0x1d3c02d,0x0b5973e,0x1ba9c24,0x11cf49b,
-        0x0fa9b98,0x19395a9,0x1ff9942,0x13fa122,0x096f9f0 } },
-    /* 112 */
-    { { 0x0310a96,0x0556216,0x1cd1e3a,0x07ef454,0x12a9830,0x0b11039,
-        0x0a0f48e,0x10188d9,0x0d95412,0x0898f37,0x0fa446b,0x18bc595,
-        0x085791f,0x020db63,0x12ddfae,0x110f0a1,0x1ea3d3c,0x157fc9e,
-        0x0401ef3,0x083e3be,0x11fd065,0x012ae6f,0x13b9ca7,0x07c72e4,
-        0x1131732,0x060f07b,0x06b5342,0x05bcf48,0x1e22bfa,0x155fd1a,
-        0x096a644,0x1136066,0x050122b,0x0a6a750,0x07d0194,0x17173ca,
-        0x19d3e0a,0x1e3d56b,0x1fa9508,0x04c8171,0x071998e },
-      { 0x0b6ed78,0x007e6e7,0x1459005,0x0e30a68,0x053cf37,0x0b06e63,
-        0x0d96ba3,0x1f008a1,0x09dac55,0x1360d3b,0x15a1b33,0x125b5c0,
-        0x028a96a,0x093892b,0x1911d88,0x1284a5f,0x150a4f3,0x13a3de5,
-        0x114c7f0,0x18dfe5f,0x1ff0f0e,0x03887f4,0x125f0d1,0x0f259ff,
-        0x087839c,0x00cfda4,0x0009bec,0x0a58a49,0x04c2905,0x114e6c0,
-        0x1cd0006,0x06b9194,0x02b5ad8,0x0efd03a,0x1c5dbb9,0x0386f03,
-        0x1dfa4ab,0x15c2f81,0x0cab329,0x034161a,0x0838994 } },
-    /* 113 */
-    { { 0x0067dff,0x031516f,0x058b03c,0x0179700,0x14f3269,0x03d15ee,
-        0x064341c,0x123319b,0x0fae4a3,0x17e31dc,0x0b60516,0x16f7665,
-        0x11684f1,0x18ccefd,0x08b738b,0x0b09161,0x17f48f2,0x1113070,
-        0x0b57a18,0x07b6018,0x1171739,0x0a19c67,0x07a23e1,0x159ea45,
-        0x1942902,0x19e8033,0x01a0d6b,0x122af97,0x02614c1,0x17c95c5,
-        0x1b0bea9,0x0269d88,0x0ff95f5,0x1409a82,0x09bbede,0x099e00c,
-        0x137a470,0x059e82d,0x1b09515,0x0624d29,0x01fbfda },
-      { 0x0f69c77,0x1db2be4,0x03ebf7a,0x1747bf1,0x12a8278,0x1dbc5a4,
-        0x155c707,0x0668c76,0x011c71a,0x103350d,0x0562c34,0x0286113,
-        0x0610c88,0x07ceb3d,0x1d71f83,0x0f71f72,0x0087303,0x0ed52e9,
-        0x02fd618,0x0a00ba8,0x09a95ee,0x13bedd3,0x0c039b3,0x0c598e8,
-        0x03cb3c9,0x02ac49e,0x0533e10,0x15930c5,0x1c9d700,0x1b1d112,
-        0x1a029fb,0x1723c8f,0x0184869,0x1c25f7f,0x17ae30b,0x1e373af,
-        0x00e278b,0x1c448ae,0x1c6799d,0x195884d,0x04f9488 } },
-    /* 114 */
-    { { 0x151b8ce,0x0fe6a6e,0x1a01843,0x106c461,0x0857927,0x0ccab10,
-        0x1fc70d9,0x0efdb8f,0x1e2cae8,0x02f56a5,0x19d8224,0x0bb3cf2,
-        0x0ca1c32,0x1e9c493,0x0e7b776,0x0149c7c,0x0685f6f,0x06d4964,
-        0x11e83e9,0x1f0015e,0x0aabe16,0x0df2fb0,0x142d36d,0x070a7a6,
-        0x1412f98,0x04e1b32,0x026de5e,0x096c44a,0x0e72b26,0x002c270,
-        0x0efa958,0x1caab85,0x1bd4901,0x09708d5,0x069c5ca,0x1e6f083,
-        0x0174218,0x05ad557,0x1ae49b8,0x1091ef2,0x0688e06 },
-      { 0x13b8f64,0x17b2098,0x118b37f,0x172858e,0x0ef11b7,0x06c55ed,
-        0x1eddd70,0x1520cf9,0x0af4041,0x04752f8,0x14843d8,0x1b04d26,
-        0x0823d5b,0x13c8bd0,0x0e413f0,0x05a42b5,0x1fe45d2,0x1c2edd8,
-        0x14d8567,0x0bca129,0x18f2c3d,0x070e9cd,0x0baed4a,0x0959de1,
-        0x0a828f4,0x12a6eae,0x1c8315e,0x084135b,0x195f442,0x1a19bc7,
-        0x0dd5d0a,0x15266fa,0x11fa7d9,0x07edbe8,0x1027193,0x19acd41,
-        0x1bb817e,0x12adc7c,0x049955b,0x1c7c988,0x01723c7 } },
-    /* 115 */
-    { { 0x08b43f3,0x0436c6e,0x19a2699,0x024c813,0x1c3e0e6,0x1a3001f,
-        0x110df66,0x0f63113,0x16284ec,0x142819a,0x16eba8e,0x0b88d53,
-        0x1c5a366,0x14bc499,0x1da5077,0x02920f7,0x1106934,0x08f6ad2,
-        0x12e000b,0x14f6f51,0x0a59664,0x1230768,0x180fddb,0x09d7e4e,
-        0x06ba31f,0x13fe1f0,0x07cb0e2,0x12d9da8,0x1db08a2,0x07bce78,
-        0x0d8ab06,0x19bcf47,0x119e882,0x1458364,0x14a76fd,0x0a2bcef,
-        0x0e947cb,0x0bc5d52,0x064e886,0x056ec61,0x084bf54 },
-      { 0x164f21e,0x166d4f1,0x15fb077,0x0a025ca,0x0d6cf34,0x07c8708,
-        0x1a12162,0x1717448,0x1e3b104,0x1b6ed25,0x1bd5ea7,0x068dc75,
-        0x096bf7a,0x14193f5,0x00a67fb,0x1cd8e42,0x087da95,0x0d54cfa,
-        0x0b37d91,0x1f027da,0x14b824f,0x0945ea0,0x1476ecb,0x1f434c3,
-        0x101afca,0x0d20328,0x0a737af,0x1b3e973,0x1039e47,0x19caf20,
-        0x10abd06,0x18a15be,0x1e9e6ba,0x14f24f1,0x0eb8d07,0x069e426,
-        0x0b157f2,0x146079e,0x0054d25,0x0f7b40d,0x0383f82 } },
-    /* 116 */
-    { { 0x183ff4c,0x03510b2,0x079cbb1,0x1295ae1,0x0e645a2,0x0650952,
-        0x1a73f01,0x1cbb8cd,0x09160a7,0x178947a,0x11d8ba0,0x0f62ad3,
-        0x07bfb22,0x0176dc7,0x031e58f,0x1ed11f0,0x00649a0,0x053ed7f,
-        0x1452e33,0x082ea85,0x00beb7e,0x09c36f2,0x0e83171,0x16f2662,
-        0x052861d,0x18df868,0x07eff81,0x12059cd,0x0e9903b,0x14ab108,
-        0x0e18791,0x1ee07d7,0x0ef874e,0x1bc5b7d,0x11fb757,0x15ecd12,
-        0x1af5ea3,0x1432a3a,0x11895bf,0x02a87f2,0x03b121f },
-      { 0x19275e9,0x17423b2,0x19416c9,0x1ada1f9,0x07581cf,0x11f8f7a,
-        0x12ff62a,0x01cabeb,0x1e484e6,0x13df18a,0x1a63907,0x041ffd2,
-        0x04d8f1a,0x1d5823c,0x151b6a5,0x1b67c4b,0x175834c,0x0d2936d,
-        0x1422802,0x0811b31,0x08161fd,0x102dae5,0x1f0012c,0x1c977d1,
-        0x03bb365,0x177ad9f,0x15d66ed,0x0a19824,0x1ac737f,0x140be17,
-        0x06bc17e,0x1a4e72a,0x0e102d2,0x199b3cf,0x102ffb2,0x1e551ca,
-        0x0a6a515,0x1a237d9,0x0320d9c,0x1a26e52,0x05505e1 } },
-    /* 117 */
-    { { 0x15e68a6,0x00a50e8,0x179430c,0x0cc9ba6,0x0f9f0b2,0x16b3fcb,
-        0x1d0b40e,0x1083186,0x0d2c144,0x040c607,0x068f2dd,0x02d21a8,
-        0x1ec5181,0x024f9f4,0x12320ff,0x1270ccb,0x0612c27,0x04d9306,
-        0x1b413a7,0x10df5d9,0x0758f60,0x15febe2,0x09ecb33,0x052ffb1,
-        0x0313390,0x164259e,0x0025c06,0x1504c9d,0x0b3762c,0x1543a84,
-        0x1fa7e5d,0x130751b,0x1582714,0x0cc74ae,0x19a7675,0x106a1a4,
-        0x0f6fd34,0x05c4e58,0x0c5f217,0x1a94ae8,0x0617d80 },
-      { 0x0022b67,0x1933f38,0x052933b,0x0a6ed17,0x00536bb,0x1c22314,
-        0x0959b49,0x03262a7,0x0382439,0x082a6a2,0x1e31292,0x02e4bbe,
-        0x1a8d11e,0x0ad0f1a,0x094a9c7,0x1c63b36,0x0808171,0x103c336,
-        0x0ce2803,0x0a03b63,0x02360a8,0x1c673b8,0x0bb64ca,0x1b5efa0,
-        0x176098e,0x174d16b,0x0ee4c01,0x15dcbb5,0x1eb0363,0x04625df,
-        0x02febff,0x09c4367,0x17b9678,0x0703483,0x167f72a,0x02923f8,
-        0x0e93847,0x1127aa8,0x1e02cfd,0x010f9a2,0x05156f5 } },
-    /* 118 */
-    { { 0x006e8d0,0x1a71101,0x1cc9608,0x08fe2b5,0x15f6f5d,0x1c4a87f,
-        0x1ca2758,0x1e95f56,0x17d4495,0x1762684,0x0a02a59,0x18bad1b,
-        0x0bad890,0x127c51b,0x0a82481,0x0b8bfc9,0x17e0f4d,0x0bccf12,
-        0x112578c,0x0cef5c4,0x035244c,0x19d2dc7,0x1c80e1e,0x1450f72,
-        0x190f475,0x17bb81b,0x170f07c,0x0912b98,0x07fa415,0x07cda0d,
-        0x02ee1a0,0x1601601,0x0d47458,0x039e5fe,0x00e2e99,0x1429399,
-        0x0c9be19,0x16afbd5,0x196e9e3,0x139666e,0x0525459 },
-      { 0x01b54c4,0x1cb3cd1,0x167421c,0x156c92f,0x029ece2,0x0443200,
-        0x06a4b21,0x1b3e29e,0x1e9fa79,0x1246e7f,0x08236eb,0x03848d8,
-        0x1e14b91,0x0d71fb4,0x0c3efcb,0x17070b5,0x07ed1ed,0x18c0564,
-        0x02161ae,0x1fae303,0x0bd0146,0x0a2a33e,0x0843ad9,0x0cf9fdc,
-        0x1940816,0x1305511,0x0adcf46,0x1624b83,0x1c1cbed,0x0980440,
-        0x0cb79a1,0x06f8604,0x034c713,0x0468c7f,0x1c39bcf,0x078d8c0,
-        0x14af4e8,0x11b2dd5,0x0ad141f,0x1dbb9f0,0x022f0a7 } },
-    /* 119 */
-    { { 0x07f1b7f,0x13c8ff5,0x0753898,0x1bb9fe1,0x1c3d8c5,0x03ee2c4,
-        0x0a70ce7,0x1810d85,0x14276e8,0x0d6a00b,0x1875593,0x1eb3d3f,
-        0x090a918,0x1554086,0x15e59c0,0x19b8971,0x0364aa5,0x175bd44,
-        0x1ebe9cb,0x184777c,0x0908fc4,0x0f25643,0x136ed72,0x018fcde,
-        0x190136a,0x0691bf1,0x0527086,0x0abae00,0x1324a28,0x1e33ca5,
-        0x1c791d6,0x0c50f40,0x18a8dc6,0x0191e64,0x066d7ed,0x1272b45,
-        0x0c0389e,0x0361f70,0x1311b86,0x0de2ce6,0x079f81e },
-      { 0x04f3c4e,0x160f99b,0x052e0fc,0x0a26cfc,0x136b2ac,0x19f21ea,
-        0x173f164,0x1fc894d,0x110d961,0x072ca3a,0x1caab8d,0x1d9cfc7,
-        0x0508234,0x1ef53f9,0x04b802a,0x1424997,0x0f0a791,0x10f7dd2,
-        0x064b54e,0x10dfa42,0x0af6c20,0x1e5a8e4,0x1fb0343,0x01e36bf,
-        0x1b2cadc,0x10ca468,0x1e04b6f,0x00f4711,0x1bdd45b,0x1d356f6,
-        0x069021c,0x1ae04b1,0x02a1268,0x13db25e,0x0ea05f8,0x0b77edc,
-        0x0d386e8,0x172b31b,0x10001cf,0x06f3bcf,0x0442ecd } },
-    /* 120 */
-    { { 0x02f90a6,0x08d7345,0x0332d33,0x1adeb5a,0x1277d41,0x0ea5c77,
-        0x0a31100,0x062d470,0x0d83766,0x00bd09a,0x04492fa,0x0b1bebc,
-        0x04142b7,0x1eb5caf,0x1ef1a77,0x13c7c4b,0x15fd74a,0x151864f,
-        0x02598f3,0x01e2c7b,0x186d5ac,0x1b86731,0x0caa7bb,0x1daaa88,
-        0x10ea5d8,0x13d3d34,0x0262250,0x1bc47fe,0x0ced585,0x1b52f55,
-        0x195d6b4,0x1a7c308,0x114a6c1,0x09c881a,0x0b0dfc2,0x107b22c,
-        0x033d56e,0x0856ecf,0x1a47970,0x0e60d54,0x085176b },
-      { 0x0a21e38,0x0887d14,0x14e28c8,0x1aaee7a,0x17b6379,0x0106e24,
-        0x1eefcb4,0x19ba6d2,0x1961833,0x08bbac9,0x0a14596,0x0bf5cbf,
-        0x126d704,0x1c355ae,0x043ca69,0x0b6e067,0x030dc4f,0x15605ed,
-        0x1318571,0x004815b,0x0d91cca,0x01628a3,0x0387c5c,0x059df0f,
-        0x072d0a7,0x1d0e75a,0x002d9a6,0x09080e1,0x01aa0a8,0x07cebf3,
-        0x02de6c2,0x08cd2ac,0x08160be,0x15b8f1c,0x10b6523,0x184726b,
-        0x1431590,0x1ec1e04,0x1a2cf5f,0x176dcae,0x08ab154 } },
-    /* 121 */
-    { { 0x13c4a96,0x030019a,0x00d4a1a,0x1120b9b,0x0e5c60e,0x137c662,
-        0x04d923d,0x13d7ab2,0x09faccf,0x15c05cc,0x18e796d,0x1f5dc64,
-        0x0bbc1c1,0x13c556f,0x18e5b48,0x0405a5e,0x0d01898,0x08053cb,
-        0x091d20d,0x16a91e7,0x0e3e18a,0x01d98d8,0x0b3415b,0x0c8a25b,
-        0x068dd01,0x1de0add,0x052c0fc,0x00706db,0x1206c52,0x0535ec7,
-        0x0db593b,0x13e2ef3,0x11a361e,0x19a5449,0x03f14aa,0x05b04d2,
-        0x12922e2,0x15dc704,0x00aa4d0,0x109c016,0x01bfcdd },
-      { 0x1a365d9,0x1cd21ba,0x0c0cc42,0x1c11b1f,0x14ade15,0x016fc1e,
-        0x14f5f5d,0x085392e,0x0de3187,0x1b984ea,0x02b3833,0x042466c,
-        0x031228e,0x1bb34b2,0x10f48e3,0x0b4a620,0x1edf90f,0x1fe156d,
-        0x0d7e4e5,0x0c996ef,0x101041d,0x0562236,0x14802cc,0x02e41fc,
-        0x0642d23,0x03ae1e4,0x16e6a88,0x1980245,0x1eae47f,0x1d89020,
-        0x09215b8,0x0d190ed,0x1864455,0x10358a2,0x01088cd,0x1e3438f,
-        0x027757b,0x1b368f9,0x153c66d,0x077ef73,0x025b78a } },
-    /* 122 */
-    { { 0x16707ce,0x1ab8c0a,0x042a420,0x108629f,0x1bdc239,0x12bedec,
-        0x0216a2f,0x17002f9,0x1ad63a4,0x05dd112,0x0b3ff75,0x170c2b5,
-        0x025ce71,0x194aa39,0x09991d5,0x1a7babe,0x1f74f0a,0x1854078,
-        0x10d4bb5,0x0a7147f,0x06ca010,0x02a101e,0x1e29901,0x018e769,
-        0x07a8833,0x00d9596,0x180b72b,0x06867dc,0x0b17c7b,0x0ce7f69,
-        0x11cb812,0x17ac653,0x18681a4,0x16e1bcf,0x0518dbe,0x16712f3,
-        0x12b7895,0x0b28644,0x073c371,0x0e0cb4a,0x070ab95 },
-      { 0x1585d93,0x1c7623d,0x193919d,0x014c67f,0x0a6d361,0x10188d6,
-        0x055393a,0x05e43b4,0x1bd6400,0x1910c85,0x12dea6b,0x158fb23,
-        0x179e633,0x17341be,0x04f0c7f,0x1dd15da,0x1d71616,0x16d2503,
-        0x0bf3585,0x144e647,0x1694d78,0x12dd0a6,0x1019a5b,0x1eb0841,
-        0x154d74d,0x1e4b99b,0x189de38,0x10bca09,0x15a5c2e,0x15062ad,
-        0x170c156,0x1147596,0x13df538,0x0476d18,0x12d4a82,0x1cb12d5,
-        0x04c85dd,0x0421504,0x19afbf2,0x0f2a3bb,0x05fec9f } },
-    /* 123 */
-    { { 0x0519f99,0x0163e7f,0x0d4d7af,0x01ca820,0x0396bd8,0x1cc479f,
-        0x0500a28,0x1435bdb,0x1d601bd,0x001db9a,0x1992b07,0x006c299,
-        0x10fd302,0x0092014,0x0dfafa4,0x012fab0,0x1a3a554,0x0e55750,
-        0x02e204e,0x0e7a4b6,0x10b9dce,0x15f6584,0x0d7b504,0x07b5678,
-        0x09ff7d6,0x038cc81,0x0418b6c,0x0aa86fb,0x04c11d5,0x17ab215,
-        0x0249df4,0x049f922,0x17fa645,0x092a6a3,0x06dc9e6,0x18f625d,
-        0x184c618,0x0957116,0x14655eb,0x0c79d1d,0x00a8d56 },
-      { 0x021fde1,0x028b185,0x01250eb,0x0cd207b,0x0fcf5dd,0x0eb140e,
-        0x067b97f,0x068da49,0x077a49a,0x0f6e378,0x1701bd3,0x058050e,
-        0x0646bda,0x1a3dc02,0x18383d8,0x106dfa1,0x09b5e67,0x1082c0b,
-        0x1a2a010,0x032255b,0x1d32c96,0x05549d9,0x17cffa8,0x0aed78b,
-        0x18edb0c,0x123cf89,0x1b634df,0x12e35ad,0x05e7cb7,0x0b9ce67,
-        0x103aae1,0x03a4056,0x0a4b434,0x0fe9344,0x155f8e8,0x02bb084,
-        0x13a86f9,0x17d5ead,0x18a7e1c,0x126d548,0x095b934 } },
-    /* 124 */
-    { { 0x1f951de,0x05380cc,0x0d16666,0x0de0b1b,0x0fade59,0x081ee9c,
-        0x0707bcf,0x1a69a8f,0x133b141,0x14946ae,0x1a2901b,0x100159f,
-        0x1d9a465,0x00e77d1,0x022b4bf,0x0e4dda2,0x121e013,0x1b25cb4,
-        0x1a0eee7,0x0d4d6d1,0x0544b9b,0x0e09217,0x0a7c79b,0x0cb2cd6,
-        0x0f6762f,0x1a0e9fc,0x1978416,0x069ba12,0x011e1ca,0x09cd0b0,
-        0x06f53a4,0x04a2aa8,0x0a4dc68,0x10b36f7,0x02b3208,0x08df006,
-        0x11d1612,0x03d70e9,0x1e9f6f7,0x0a2c435,0x02e25ef },
-      { 0x18e7357,0x1e7c7ee,0x16e094c,0x11d59db,0x133ba21,0x0269561,
-        0x18c741e,0x1c4d1c7,0x0f2804a,0x0493f9b,0x1eb5f87,0x1a44efc,
-        0x0001433,0x0c3fbc5,0x10073c1,0x04f5c16,0x036aa00,0x0cefe78,
-        0x16691ad,0x08d9163,0x0d32c9e,0x030f944,0x0a9b792,0x114087b,
-        0x0da2f1b,0x1ab6eab,0x17cb42e,0x08c461c,0x1efb563,0x1b720ce,
-        0x1d067c2,0x043a590,0x1ec37cd,0x122d9aa,0x0e5edc3,0x047b7e0,
-        0x0c7ce85,0x031546d,0x1cf5bc2,0x14fc283,0x087979e } },
-    /* 125 */
-    { { 0x11c747f,0x13d9fbf,0x0da66df,0x1b8dcc6,0x151a4c1,0x196dd00,
-        0x1fdc2cd,0x1fc84e7,0x0d3ee54,0x136911a,0x12b83f2,0x1c19a67,
-        0x0c12fc8,0x0eeb788,0x0ca14e1,0x139f24e,0x1bdf01a,0x0e4379f,
-        0x0db2ba4,0x04ceffc,0x0a44532,0x1997f7f,0x0e69c00,0x115e42e,
-        0x0a328ce,0x0fa164e,0x1bda9cc,0x004acee,0x096813c,0x19efb35,
-        0x0a31a1e,0x11b65db,0x14aab12,0x07f5e8c,0x116bbb1,0x05bc61b,
-        0x179241b,0x0911b54,0x1305b01,0x005847a,0x03ec988 },
-      { 0x072f74d,0x13b0620,0x01643e7,0x1d56b28,0x078eb0d,0x1804e17,
-        0x1a90326,0x1cbb67b,0x038b59a,0x1f43af8,0x16a8191,0x086c569,
-        0x08f40eb,0x04879bc,0x1a93e48,0x15f1734,0x1afedbf,0x177f5f4,
-        0x019f895,0x1f2d4b3,0x0aebf87,0x11bad5b,0x079bfb4,0x1b62796,
-        0x0782a3f,0x1108bf9,0x19c3e89,0x02058e3,0x0c0dbe5,0x03767ea,
-        0x05d74ac,0x06068e5,0x17cc268,0x1f3c029,0x18acad9,0x051b7eb,
-        0x1a25da3,0x119f9d5,0x12450bd,0x1d1df5d,0x03e9315 } },
-    /* 126 */
-    { { 0x19a9ea9,0x0e7d291,0x098a495,0x0017c67,0x00f3c69,0x1b215e9,
-        0x1ad2e72,0x030eb3d,0x000bae7,0x18b62a3,0x043e10c,0x0dabe68,
-        0x16874a7,0x087894d,0x0ed40ba,0x03e3824,0x1a81285,0x056e47c,
-        0x0d89023,0x16ec943,0x177bf57,0x0f8d403,0x045bb00,0x01bb8b8,
-        0x0cef21f,0x0d3ba37,0x13969a9,0x1893a8f,0x0955ba3,0x0df3837,
-        0x0c07857,0x168baf3,0x09c0c79,0x08843b1,0x0c21de3,0x0e224f0,
-        0x0c6a22d,0x0c2ee3c,0x09e4489,0x01a14d0,0x02ed02a },
-      { 0x1aa2682,0x01a0b26,0x18954c1,0x16026b2,0x0e26d32,0x03384b8,
-        0x00d2af6,0x05c8939,0x1ee77ae,0x0d0ce95,0x1b05a44,0x053475e,
-        0x1439bd5,0x0e6b082,0x1329701,0x01fc26d,0x19bdc6c,0x0b1b852,
-        0x04f544d,0x041a4f7,0x051aca4,0x02aaa62,0x161cc35,0x19bd7e5,
-        0x058c996,0x102f5e9,0x02943e6,0x1963732,0x0f01510,0x04bd3d8,
-        0x185a6a3,0x023a42f,0x0c36d34,0x1baf416,0x0229d4b,0x03e22ed,
-        0x009b2a6,0x1809ca5,0x15f7476,0x08953df,0x0146278 } },
-    /* 127 */
-    { { 0x12803cf,0x11d7691,0x1cd1af2,0x17352df,0x01e4398,0x15bc45e,
-        0x1d5fdd2,0x09b95ec,0x07e68c0,0x1d29f00,0x1f34830,0x1832b96,
-        0x0a5f969,0x0e0345e,0x02d969b,0x06065e5,0x1d31d86,0x071e500,
-        0x1e02385,0x0677030,0x18be9b7,0x0cf7f30,0x0d75c13,0x03728db,
-        0x13542b0,0x0df93b7,0x1befb77,0x00afc33,0x1275cee,0x1795c81,
-        0x119f460,0x1101ef7,0x0dc5f77,0x1b60a1e,0x14fde11,0x05ade07,
-        0x09ba507,0x0faaabd,0x058a00d,0x16d6805,0x07acb57 },
-      { 0x0e6b07c,0x09ab4a2,0x1177490,0x13c38e6,0x051c4cc,0x19dcfda,
-        0x1136389,0x1f880e8,0x1b88e34,0x124b03c,0x09ddb7f,0x099fe2a,
-        0x1c77d18,0x03a114c,0x040cee7,0x0512eda,0x08477bf,0x014d053,
-        0x1a3c108,0x1fbe21d,0x16d659f,0x16225da,0x1385c51,0x135d0aa,
-        0x106c2fb,0x06ac18e,0x0f64f9f,0x059705b,0x16b607b,0x0e231e4,
-        0x0a20ce0,0x0ea93c5,0x0aed251,0x110ea03,0x0471dd2,0x1bdf2f1,
-        0x0675fbd,0x0c03e3c,0x145b2ba,0x172c6c6,0x06a5a05 } },
-    /* 128 */
-    { { 0x08f4f33,0x18f5335,0x1d2a4b9,0x0c9bd51,0x12fc6fc,0x144230f,
-        0x094b3fb,0x011a6ac,0x008954d,0x0d8541f,0x0add996,0x18468d1,
-        0x045bd68,0x0807c68,0x0a04d5e,0x0cf5c80,0x1c052b8,0x08c0e0c,
-        0x01d9310,0x14a2d23,0x1d24986,0x1709aba,0x12c077e,0x06cef6f,
-        0x09ae559,0x18c8b93,0x151b726,0x0da2e04,0x0097c8f,0x024ce20,
-        0x1ee379a,0x04b3880,0x0df0032,0x14ec5bb,0x0b645f4,0x0c81235,
-        0x0a7ab5f,0x1a3690a,0x192329f,0x168e1d9,0x0688054 },
-      { 0x1a5b86c,0x0b45528,0x091fc34,0x112aeee,0x0437e4d,0x1901949,
-        0x101dbc5,0x09d5d08,0x19647a5,0x13d643e,0x1588b02,0x1496080,
-        0x0f1e597,0x1853cf9,0x1bf971b,0x02adbdb,0x0c24d55,0x1579f78,
-        0x1c11f3d,0x1f609dd,0x0137917,0x0faa5b1,0x0de49e6,0x097c170,
-        0x0a32f31,0x18643af,0x0c3119a,0x02af8cb,0x018978e,0x08673f1,
-        0x0bf4a32,0x19bcb0f,0x10fc3ba,0x1bdf6dc,0x1c722e1,0x1bba65a,
-        0x0a8e10c,0x0191006,0x1b94ced,0x033b29e,0x00021f4 } },
-    /* 129 */
-    { { 0x1519d26,0x0891621,0x0114864,0x1a814a3,0x1dafac1,0x05dc4fd,
-        0x1c7a552,0x1f398de,0x016844b,0x1799bae,0x1a35567,0x1ef22f1,
-        0x05e7789,0x0fc5f0e,0x1d666d8,0x1bc8009,0x19a2cbb,0x0c04464,
-        0x04c81b2,0x1344c11,0x0851893,0x1ffe698,0x086b92f,0x11fd5fd,
-        0x0b3fee0,0x15e3326,0x07fc52a,0x03e7013,0x041ef96,0x0a66154,
-        0x0d8360e,0x02fe03b,0x1fad8ad,0x1dbb9ba,0x15d9b7a,0x04df868,
-        0x0425251,0x18b582d,0x1b67c79,0x10053c3,0x0798558 },
-      { 0x1106473,0x19d554a,0x08128b2,0x02b4c3b,0x15fafa4,0x0ab1e04,
-        0x04d894e,0x10ffa79,0x195312b,0x1524048,0x0171dae,0x0b057f1,
-        0x156c7e7,0x11863c6,0x1db6ad8,0x0881ae1,0x11c7747,0x1467182,
-        0x1f6d861,0x1d7a29f,0x00966db,0x1d0c872,0x0c38107,0x1cc5c55,
-        0x0c4666e,0x1eb5d08,0x09d3ccc,0x07aafc5,0x1b9b669,0x16e27f3,
-        0x1f401aa,0x00da506,0x0f72f6c,0x1a0f57d,0x179a441,0x0e63198,
-        0x0569247,0x081304b,0x0c23671,0x1863a1f,0x095d823 } },
-    /* 130 */
-    { { 0x00528a5,0x15ec30a,0x0f21abb,0x14a72f3,0x1268c2b,0x00a255f,
-        0x06e293b,0x1db6379,0x182a7d7,0x17d5d86,0x0463607,0x01a29c0,
-        0x0ef12c7,0x10e0aac,0x181c5a2,0x1ce7c62,0x0b7e4b7,0x099f214,
-        0x0ebb277,0x0ecc6f0,0x035c631,0x1f70956,0x145cbfe,0x02f6548,
-        0x10bfbbc,0x0951bef,0x01d07e0,0x0425f0e,0x088f9c4,0x05edf14,
-        0x174f73b,0x0ead94a,0x1dc15aa,0x14720d4,0x03b2e40,0x07e6323,
-        0x0aeadb0,0x0f0142b,0x13d51fb,0x1aaf0ca,0x00e2708 },
-      { 0x1e20f88,0x06629e6,0x00e489c,0x18beb62,0x1338272,0x058edfc,
-        0x1867977,0x182a085,0x1b72d74,0x19ef10c,0x0aa9552,0x1516555,
-        0x0616c49,0x1dd435d,0x0110f96,0x02d2a01,0x17220cf,0x0f735e6,
-        0x026af44,0x1f58d75,0x039d59f,0x1df88ab,0x0a0c485,0x09974a4,
-        0x08af2f3,0x0837269,0x1c1c9ea,0x04fe07c,0x017766f,0x03cfb48,
-        0x0f9a10b,0x0f50224,0x13469bd,0x0b9dc65,0x0d1a90a,0x1a9181e,
-        0x03990db,0x0bc2531,0x059e3f1,0x077f653,0x00d3dab } },
-    /* 131 */
-    { { 0x029c3cc,0x1bb7367,0x0f1a3e0,0x19e02d9,0x0b0507e,0x1ca670e,
-        0x1e65978,0x083bd7f,0x173c50d,0x07e2937,0x1b38f49,0x14a85a2,
-        0x014edd5,0x08e098a,0x0def766,0x10c0d76,0x0f2e33a,0x071a217,
-        0x018a76a,0x12066f8,0x13312ae,0x122c955,0x15febb1,0x0570af6,
-        0x18997d8,0x0bb0d49,0x068cdcc,0x1ad9197,0x06751fa,0x0ef1484,
-        0x05a0965,0x03182e3,0x01e97fb,0x0b9abd4,0x084efda,0x13c9e91,
-        0x1cb89f6,0x1c3e172,0x0d09a84,0x1d6b0e9,0x0530b4e },
-      { 0x0b7b5ae,0x13ad0dd,0x0fd3a7c,0x1a074af,0x1b69dc4,0x0e282dd,
-        0x1712a91,0x00592e9,0x1416ac4,0x131b4f9,0x061771c,0x1cf15db,
-        0x01735e4,0x06ea235,0x12361e7,0x160540a,0x0699e16,0x1426758,
-        0x026c469,0x1edf48f,0x0784f73,0x0fd9527,0x1aa8310,0x1536d2e,
-        0x1690293,0x15958fb,0x03c0ea2,0x02999c0,0x0d66c18,0x12adc22,
-        0x005932c,0x0612a44,0x194e7d6,0x19138db,0x1390f68,0x13c0a5a,
-        0x08b6a4d,0x1c59738,0x15dfd49,0x0a5018c,0x0909425 } },
-    /* 132 */
-    { { 0x15b4c2f,0x0d0a686,0x127349a,0x16b914c,0x0b8fc59,0x11bea51,
-        0x12ceac3,0x0fd2b7d,0x0911103,0x0d0d3b4,0x0d4c8bf,0x00b529c,
-        0x1c5810e,0x10bc7d7,0x137304a,0x19cc544,0x1b28e3d,0x02e1631,
-        0x114b111,0x187e2f2,0x1161995,0x01a16a2,0x0d4cc3b,0x1df0252,
-        0x1a60ab4,0x009d012,0x0a2eba7,0x0a9264a,0x03caf88,0x1303717,
-        0x11c9746,0x06c937e,0x04091ab,0x162f8ea,0x1efdc13,0x078fa15,
-        0x1d8b333,0x1e8eb15,0x05bd49e,0x0239fcc,0x0505701 },
-      { 0x134356b,0x025677a,0x1ef3402,0x0a96961,0x1df1de0,0x1026e0c,
-        0x1f8173b,0x1c20435,0x0361b78,0x05ef344,0x034e2d9,0x198fdef,
-        0x0ea324f,0x15852f2,0x0cdcb3b,0x0332dfd,0x0b36581,0x177827e,
-        0x1ac2ad3,0x1cbaa0b,0x186e7dc,0x0411c62,0x078a6d6,0x1b0006e,
-        0x03197bc,0x0e7ef2f,0x05201ae,0x17ebc8a,0x0e67ab8,0x0b45e8c,
-        0x0b50cc2,0x1f3ec7f,0x0a7d04e,0x0c5da13,0x048ed70,0x19438fe,
-        0x05dce22,0x0dc2411,0x19e7d21,0x0dfaa81,0x08ff0b3 } },
-    /* 133 */
-    { { 0x1f42cff,0x1717a1f,0x05f267c,0x1a386a6,0x03c19f9,0x10daa2d,
-        0x04e4aae,0x065b6e9,0x14afa9a,0x0119582,0x1350da1,0x1a8dafb,
-        0x150b855,0x02e7cc8,0x10d7881,0x1443115,0x0c7f001,0x0ebe791,
-        0x15020c1,0x1a6b5dd,0x0fcd057,0x0caa9e6,0x0969294,0x1c57272,
-        0x0579393,0x013af2b,0x00d08bb,0x0406656,0x053958a,0x002f1d6,
-        0x18e6c24,0x0f3d362,0x08051a3,0x10c6b31,0x1027f19,0x1f6941b,
-        0x0748e7a,0x0742bfb,0x158fa78,0x1dd8aef,0x071b28e },
-      { 0x1726bf8,0x15866cc,0x1cf1250,0x1238411,0x1290a3b,0x0cc7550,
-        0x0439ec1,0x051fae5,0x1a25a91,0x153bc8f,0x1f5f6b1,0x1649806,
-        0x1b2d33d,0x187141b,0x07bfac1,0x1c54184,0x16ee3da,0x1dfb86c,
-        0x141d809,0x1b03230,0x17e343e,0x1426a56,0x12bac2a,0x18b6e98,
-        0x1101fe8,0x1eede3a,0x1ab49ba,0x17f654d,0x18aa4ed,0x103435b,
-        0x122ea04,0x1c22b30,0x14aa8f2,0x12e2764,0x076cfae,0x141a21b,
-        0x0318295,0x1ff623b,0x0496b39,0x034661b,0x0729471 } },
-    /* 134 */
-    { { 0x0bbd495,0x02c8219,0x1cfff39,0x037ca92,0x130f4dd,0x0e1fa71,
-        0x1b87576,0x00800d7,0x059ba72,0x077303c,0x0b1da10,0x1a7e858,
-        0x1ec194f,0x14ff445,0x19dac4b,0x0042141,0x1dbec2b,0x18be6ee,
-        0x02047b1,0x1a86d60,0x09e4689,0x1b9425f,0x09a9ae8,0x0fa8229,
-        0x195b200,0x1a255e1,0x0c3c479,0x119bf3e,0x196402f,0x1f64749,
-        0x01717fa,0x1dd68c5,0x0751743,0x0689bc5,0x1e0b1b8,0x07337f0,
-        0x1eb292e,0x12f0b85,0x1f57ce5,0x1b0b003,0x0001c39 },
-      { 0x04a0912,0x02e5ced,0x1293d20,0x1488217,0x127cb76,0x18eb2de,
-        0x12e3bb1,0x135de7b,0x1481684,0x007dd95,0x0918d5e,0x004d516,
-        0x08ef6a7,0x0962273,0x1897220,0x0e9502a,0x12c4d7a,0x0312611,
-        0x0c58c79,0x0ee06e9,0x1c2e81a,0x18edc8b,0x01393df,0x0c3db2a,
-        0x065fd1f,0x11e8e82,0x072f79b,0x0209009,0x131fcfb,0x1060eb8,
-        0x0558df3,0x115b48e,0x0e4dbc2,0x0cb9311,0x1172b3a,0x01eea61,
-        0x0e28745,0x0b06e67,0x0bc4e80,0x0e17723,0x09132e6 } },
-    /* 135 */
-    { { 0x196099d,0x1f7f13c,0x0232015,0x1740dcc,0x172344d,0x0ac2c45,
-        0x01d0342,0x1d3d695,0x079e5ae,0x09ed783,0x08beb79,0x1535211,
-        0x0ac9560,0x083f383,0x12f84c4,0x048d4fe,0x19b2830,0x136af9e,
-        0x1f328f9,0x11d1b44,0x1292a5f,0x1326147,0x1ad4772,0x03bfaf1,
-        0x0310ef3,0x1f2a67d,0x08b281c,0x05c18f8,0x0da6839,0x0b4a520,
-        0x1f040bc,0x0ea1a71,0x0bb07cc,0x1701a8b,0x0f8aeb6,0x1ae07d0,
-        0x14d3c9d,0x09e0335,0x03b47aa,0x1caf328,0x07d0b03 },
-      { 0x1d94c63,0x1f51826,0x0ce97f9,0x0ae7161,0x17ef01c,0x0735a5a,
-        0x09e3285,0x0ed2a69,0x0a53532,0x1b1166f,0x0b40181,0x140ef84,
-        0x09af696,0x1ea3590,0x0f06219,0x05694e6,0x0bb626c,0x04b2a66,
-        0x013cf13,0x11a7435,0x0b74a09,0x1696b9a,0x0d65be7,0x0aa3920,
-        0x1021a5d,0x11fefe9,0x1c7b144,0x0574fa5,0x01aa39e,0x1492d96,
-        0x09fe5c9,0x1f1d652,0x0e75d0e,0x09537e9,0x04b8646,0x1df574e,
-        0x1b83e50,0x035a1d4,0x1798298,0x05fb56b,0x031b178 } },
-    /* 136 */
-    { { 0x034db92,0x0dd22a0,0x11361e3,0x031e69b,0x0397790,0x1aa619d,
-        0x13cbb7d,0x1111a00,0x0cd563a,0x152caa5,0x1feb47a,0x191376b,
-        0x18a29d6,0x186c5ed,0x0b7d956,0x1b68f51,0x02d8cdb,0x1fbfdc2,
-        0x034c816,0x1c74070,0x1ca9b72,0x193e563,0x10cd6c2,0x14a8ebb,
-        0x00bcbd8,0x12fffe3,0x07ae934,0x06deee3,0x10fca67,0x0e1c062,
-        0x000f640,0x1018032,0x1dacf7b,0x0fc268f,0x163d5a0,0x02eb9ec,
-        0x1cefbbc,0x13f31a2,0x1b47d5e,0x1ca7c0f,0x06fc0fb },
-      { 0x01b0e5f,0x088b5dc,0x0ee125b,0x0a5590a,0x182dd2a,0x19c3f86,
-        0x08b50c9,0x0b26afc,0x0ba912c,0x1199542,0x177304f,0x0c8693a,
-        0x138b71c,0x01c6c2e,0x060bba5,0x19a9c19,0x13cbf7f,0x1c85caa,
-        0x03fb578,0x0737787,0x09032cb,0x0e2d621,0x08b19f2,0x00fb4ab,
-        0x01217bf,0x07775f9,0x1682e79,0x0b580b5,0x09e0c65,0x0961477,
-        0x0fc42ec,0x09176dc,0x0f3aee5,0x03748ae,0x1a722c1,0x1e95ce4,
-        0x0a0e553,0x1330095,0x03f232c,0x1435299,0x0701935 } },
-    /* 137 */
-    { { 0x0626dea,0x06a0ed2,0x0e7f796,0x142b720,0x05ef66c,0x12732d9,
-        0x04290c5,0x19f3350,0x1748cfc,0x1f36d56,0x10bea67,0x0d7a5e2,
-        0x167ab9a,0x0ea38bc,0x12e85a1,0x1473749,0x1366bc3,0x1096985,
-        0x0fd141d,0x0d4bb91,0x0c0e1f4,0x148a10d,0x0e1a394,0x1774389,
-        0x0620659,0x1c83d34,0x1b69a62,0x1696aa5,0x0537072,0x0e6a72a,
-        0x17d40e7,0x13d202c,0x0a07a9e,0x02efe21,0x1fcf5f5,0x015071f,
-        0x1b5ceb3,0x0c8f2d1,0x0980106,0x1912d39,0x06c961e },
-      { 0x0e7eb46,0x1ee0de2,0x0d21c0e,0x0eb2d8f,0x16bac55,0x17eba6e,
-        0x05f359a,0x1e69f32,0x1656ce6,0x11aa882,0x05c5d55,0x0a18649,
-        0x0d3d1fb,0x11f7fd9,0x099e0f9,0x1457bfb,0x1f3eefa,0x1debcf8,
-        0x1ebe7bd,0x1f7ca82,0x17a4a4e,0x112d2ad,0x1b3bd91,0x0e26608,
-        0x132381a,0x0d188b7,0x1ee5589,0x165454f,0x027e96d,0x121d058,
-        0x0f1a82a,0x0906567,0x18fe5d2,0x1d56022,0x037d6b7,0x14a4683,
-        0x049e7f9,0x0d44e5e,0x12d4f01,0x1b0d3c4,0x0830883 } },
-    /* 138 */
-    { { 0x0557389,0x18e3101,0x02f2566,0x0f5bdf8,0x1fe5ce9,0x1879c1a,
-        0x0f9fe0c,0x03d1277,0x116cfb8,0x1f06357,0x10a3f49,0x0cb7a08,
-        0x026f64e,0x1bcf30c,0x17a4916,0x02394a7,0x1c1487e,0x1845189,
-        0x116f3a4,0x1d87728,0x149e65c,0x0a6b3f6,0x0cef00c,0x0f046a4,
-        0x16b2430,0x0e934f9,0x1e4eb4c,0x0f1cbb5,0x00890cd,0x15b863c,
-        0x1a7c9a0,0x13c8bdf,0x015c34f,0x1d7f538,0x0e939b2,0x1826ba9,
-        0x1e3fcc6,0x11bc523,0x03e310e,0x0ff2cc7,0x02376f9 },
-      { 0x0575b99,0x10f6057,0x037029b,0x1f0372e,0x1e14cb4,0x139ca3b,
-        0x0e0934e,0x13be014,0x1fb235a,0x1a5ce40,0x18a5102,0x02beb7e,
-        0x1a8d151,0x0f0b2eb,0x14d6d0c,0x07c779f,0x0a2b2ee,0x1ae897f,
-        0x1460b9e,0x13094de,0x108e629,0x19e1b2e,0x1390f8b,0x1e6dce4,
-        0x0709130,0x000cc99,0x03f4d15,0x1316940,0x196dce6,0x1e875d7,
-        0x1508f13,0x046ceaa,0x00ba0ae,0x12bc253,0x10b6c0c,0x02a37b5,
-        0x015464a,0x1a0c851,0x00a5a2a,0x0c2d7e2,0x08c4616 } },
-    /* 139 */
-    { { 0x11f36a5,0x0512c16,0x1cb7bff,0x051298b,0x0eded2b,0x076c278,
-        0x136e10f,0x1366b4b,0x0db0e3b,0x087c4c1,0x068448a,0x15e00e3,
-        0x16cce0e,0x1cd1b16,0x1995f90,0x0fc8fa1,0x15d6269,0x02a8b52,
-        0x198d945,0x1c3eef1,0x09bc269,0x05ea813,0x178f7b7,0x038af8a,
-        0x0230044,0x1c6f676,0x131c155,0x1707e63,0x089eabd,0x1db98f2,
-        0x0d06f7b,0x072bf9b,0x0b678cf,0x0d80090,0x0473fe7,0x112119f,
-        0x15f52cc,0x15e37a2,0x0458b2f,0x045698c,0x0155ea6 },
-      { 0x16fa42e,0x1178fc3,0x1b9e52f,0x12ff5bd,0x0b5e874,0x0432d7d,
-        0x1c3d4e3,0x160d25c,0x0df8059,0x174cdc2,0x09eb245,0x00dd16b,
-        0x0b0ceb6,0x16a31e9,0x148cd5c,0x013419d,0x0232a9a,0x1968793,
-        0x0187ef7,0x1333187,0x110b252,0x13e0df1,0x1c46222,0x1155bc6,
-        0x029c50d,0x19ecd89,0x00ec4d4,0x179f36f,0x029708d,0x037c7f8,
-        0x020f29d,0x1b507df,0x1a013a1,0x1422252,0x14612ac,0x151d209,
-        0x1cbd4ab,0x14259ed,0x1630cbf,0x0484b20,0x08f570f } },
-    /* 140 */
-    { { 0x0a9c508,0x1364516,0x1e037ad,0x04d3ad6,0x0dc5bec,0x156b001,
-        0x0499a23,0x0282dac,0x149d726,0x0c20dcb,0x1cb9bd8,0x1cd99c8,
-        0x1641e40,0x0fd3d43,0x0890990,0x12f415b,0x133cc39,0x022dcfe,
-        0x105773d,0x1d1f52f,0x029db25,0x190974b,0x004933a,0x167b2ac,
-        0x072c67d,0x0221d46,0x0df069e,0x1c5bda5,0x1027ff8,0x04e336e,
-        0x11a52ac,0x0fcf457,0x09a057d,0x063b1fc,0x089b3dc,0x055b17e,
-        0x08a2621,0x193473e,0x1307532,0x10f6588,0x03d171e },
-      { 0x0e49820,0x160b746,0x1724e0a,0x0581889,0x04ee45e,0x142c621,
-        0x1e449cf,0x1f21d8c,0x046327c,0x0c6592e,0x16707e4,0x0ed78c2,
-        0x1343e38,0x1baa2e5,0x0db8380,0x068fd6d,0x1ab5d12,0x0b25c1c,
-        0x0c03550,0x0124e94,0x116972e,0x13440e0,0x09aaca3,0x0eb5086,
-        0x00fffeb,0x06fa52c,0x08d6448,0x14b0059,0x09f4a30,0x0168190,
-        0x001ffba,0x11cd527,0x118016b,0x108e55a,0x11c30bb,0x0f7338d,
-        0x0b9d4ec,0x082d78d,0x0401058,0x1f0699b,0x0234e98 } },
-    /* 141 */
-    { { 0x0db9cda,0x1a9040a,0x1243fd0,0x0f2d5bd,0x19cfdc4,0x02c5b6c,
-        0x0a9bebd,0x0630875,0x1743eaa,0x18fba0a,0x0d7604f,0x125cc2e,
-        0x15915e1,0x0562cae,0x10688b4,0x1791a68,0x167c044,0x13825df,
-        0x188e88d,0x0c08e37,0x15572f9,0x040ae8e,0x130c98e,0x163bb29,
-        0x0230b76,0x133ca08,0x1c30722,0x05ca873,0x1c910df,0x00d6419,
-        0x17d5ac5,0x10cb709,0x07c999f,0x015bda3,0x07e887c,0x003604a,
-        0x1621695,0x0da9304,0x07a4f79,0x1c79c74,0x06a2130 },
-      { 0x13ca1a7,0x1b3d025,0x1a03486,0x0601819,0x0f42ed5,0x16783d5,
-        0x14da24c,0x0b44599,0x15c25c3,0x1291d40,0x013418d,0x12b11ba,
-        0x1becdd3,0x197c9d1,0x168d40a,0x16a60e7,0x03cd5e5,0x1a62f06,
-        0x0c9a1dd,0x1ea90c2,0x0292ef9,0x1e0f3a1,0x1b61ffb,0x09cbdbd,
-        0x0c29ea2,0x18d36cd,0x00ce127,0x115793e,0x1239050,0x1149207,
-        0x14ec26c,0x0ff2686,0x191072c,0x15aa833,0x0e079ab,0x002054c,
-        0x16feb87,0x103a04c,0x0a0c0fb,0x155389a,0x034f06f } },
-    /* 142 */
-    { { 0x148f005,0x0e3cf91,0x02c61a7,0x03be924,0x1b5c5d7,0x1732524,
-        0x15f29b7,0x169fa36,0x0e82a4f,0x0dbfb9a,0x1e0d988,0x106972a,
-        0x16637cb,0x1e943ec,0x0d0406d,0x1d95792,0x0ac0392,0x18ac87c,
-        0x1dd7d38,0x1b86e6f,0x0c62280,0x07b530d,0x02cdbd4,0x0aad1b5,
-        0x18304a6,0x1853a7a,0x0764c21,0x01af255,0x0895cc8,0x18c97e4,
-        0x07db45e,0x0922927,0x18392fa,0x0adcf24,0x09f7507,0x0b5e6c0,
-        0x1caa82b,0x16bcf12,0x1746914,0x163e822,0x0764d47 },
-      { 0x0ee8b9c,0x11181d1,0x152177c,0x070bbf9,0x1b9f72d,0x009d1b8,
-        0x0e60c42,0x1ead685,0x13de741,0x146291d,0x0eed6f8,0x04b5e60,
-        0x0f08576,0x164dfcd,0x1bca66a,0x0b66924,0x0080d44,0x110df56,
-        0x1ae8b03,0x047405a,0x08646a5,0x18bfe71,0x18c0a86,0x00183d5,
-        0x0a235e3,0x188a28b,0x09ed2a4,0x0a86e6d,0x0c89f74,0x1cf4606,
-        0x17b4f02,0x081db11,0x081904f,0x1fe3802,0x0d58f2d,0x109e4d3,
-        0x121b973,0x10ea9d1,0x0e04026,0x1864614,0x01c0dd9 } },
-    /* 143 */
-    { { 0x06a7d9a,0x10fb3e2,0x0733fea,0x097dbf2,0x0474333,0x1217973,
-        0x0e9d11e,0x1528b06,0x1241ffa,0x1cc0028,0x1bf9ad9,0x150866b,
-        0x0370979,0x1845920,0x0184fd7,0x023b8be,0x1cd64f2,0x035d917,
-        0x015cb3f,0x1165474,0x014ae1b,0x00bca85,0x06783ad,0x16d9a98,
-        0x0bb293e,0x0fff31a,0x151c289,0x0340964,0x115a0a3,0x1d64d1e,
-        0x1a6907d,0x17e5fdb,0x1ed85ec,0x0a50077,0x1d7e06e,0x183eb03,
-        0x1ef4a15,0x1ccb584,0x106f2a8,0x07360c0,0x052d8be },
-      { 0x1631a2f,0x09b7b7e,0x0372f45,0x0166a35,0x11fae7f,0x0931094,
-        0x0431e6c,0x06ba34b,0x12bd0f4,0x16a43af,0x03a9c14,0x0da7256,
-        0x1e9aedb,0x1c1d5c4,0x142af72,0x0325817,0x06289fe,0x1413d08,
-        0x00a82f6,0x0d52c02,0x0814656,0x1be701b,0x16820c0,0x0c7280b,
-        0x0d79f58,0x0fc985f,0x1b6f2a3,0x0e40336,0x1aa3f59,0x094377e,
-        0x04a2480,0x0a46d71,0x137b996,0x01739d9,0x0e38a3f,0x0623a7c,
-        0x080e8da,0x1c3fa0c,0x09175c1,0x0cfb5c9,0x06cff63 } },
-    /* 144 */
-    { { 0x09a8bb4,0x08219fc,0x1dc6f4f,0x0727731,0x02144c3,0x038516a,
-        0x05b200d,0x13d056c,0x1e5da08,0x07e63ab,0x17f69a6,0x09def7e,
-        0x0c54235,0x0f5e9a6,0x017094e,0x1ba1a31,0x085bec5,0x1171059,
-        0x00a86f2,0x1777c2f,0x0ef0e71,0x184dc2a,0x05677b4,0x12ff4d5,
-        0x0997989,0x0228b92,0x03607cf,0x019f1f5,0x0111525,0x1a8bb06,
-        0x1aaa68e,0x1d9f08b,0x1b0ef7d,0x1688de4,0x188ee7f,0x0192673,
-        0x0825608,0x1f4e2e1,0x1079f24,0x02ec27d,0x01d2c82 },
-      { 0x07cfc93,0x09a3ecc,0x0041ce0,0x17e30ff,0x047603b,0x0865188,
-        0x0f27449,0x1e67f4d,0x0bb055b,0x00048f0,0x0be1f12,0x1e34747,
-        0x0bbdf95,0x0a02a05,0x1a1ddc0,0x008b7c4,0x130d7fe,0x0ccc6fb,
-        0x1c8ef0b,0x1026bf6,0x0c46b39,0x060af5f,0x0b08c3e,0x0aac381,
-        0x018305f,0x03ff047,0x1369829,0x181f7e9,0x0d4bfc7,0x0e1270b,
-        0x0481ba5,0x0e8c2fd,0x0163495,0x061073a,0x01a52b8,0x0c72e33,
-        0x0131e2b,0x1349891,0x1dc8bf8,0x06c14a6,0x025486e } },
-    /* 145 */
-    { { 0x1572806,0x1cae529,0x0385861,0x12cad2d,0x12c8944,0x1991d75,
-        0x0b25cfe,0x1ac2938,0x0409bc7,0x18aef13,0x0486cfe,0x14e58f2,
-        0x1ba90cd,0x102655d,0x0be8538,0x0824ada,0x0f79160,0x1e5e6d3,
-        0x10d7e51,0x10c4c36,0x0b10250,0x1c61417,0x16da1b0,0x14f2397,
-        0x16d62f1,0x1362880,0x0586889,0x1638fda,0x1d74a66,0x0333138,
-        0x09099e0,0x104850f,0x1ffeda1,0x07879da,0x0ffeef9,0x0997ca0,
-        0x19482a7,0x1bf85f5,0x04fc75f,0x0b01109,0x0751b23 },
-      { 0x1c9be68,0x1dceb74,0x11b3565,0x08cfa21,0x1794b5c,0x11597a0,
-        0x170f5dd,0x0235119,0x0a1b44e,0x0ca531d,0x03b2a1b,0x1773555,
-        0x1ffb0bb,0x04b1ec3,0x0c3cb43,0x00ebbe9,0x02c5dc7,0x0dba983,
-        0x064ce62,0x0e4d589,0x0cdefed,0x1c2bfce,0x1769818,0x1f18ecc,
-        0x0392a75,0x165110e,0x157719c,0x1a4c9b2,0x0ecc8dc,0x1f915b3,
-        0x0e9c013,0x03148b1,0x11aa9ae,0x1eb29fd,0x137e2ea,0x19d52c8,
-        0x0ba0de7,0x1bc7401,0x1b1d6a4,0x05b9458,0x0144cc1 } },
-    /* 146 */
-    { { 0x189aa3a,0x1050e94,0x193564e,0x06b3cdc,0x183f228,0x1739976,
-        0x0c32f4c,0x093d271,0x13c3cb2,0x0623262,0x1a9ab3d,0x0bf1f13,
-        0x129750a,0x1a367e1,0x1f96efc,0x170128c,0x19d37b2,0x0e4dfd5,
-        0x0cce71b,0x16e8a67,0x0deef8e,0x1f1dbb3,0x0ff807e,0x0d5d44e,
-        0x14254ef,0x188598a,0x09ef986,0x0ab87be,0x0184885,0x16c0eec,
-        0x1e5c3ed,0x177ce29,0x01af3a4,0x07b49ed,0x005e746,0x12aebe4,
-        0x0465b83,0x047e359,0x0a54770,0x066d709,0x0874ecf },
-      { 0x1b3f6be,0x17c1f5d,0x08f5892,0x1211768,0x1578fbb,0x039a93f,
-        0x0c2eb5e,0x084ac47,0x0a62e04,0x1b2cdec,0x0dbde70,0x02cffc4,
-        0x062903b,0x129f935,0x090c31b,0x0259eab,0x1ae3ad7,0x19112a3,
-        0x1bac9ca,0x1121aee,0x0df9b73,0x059eb14,0x056d3dc,0x1d5c959,
-        0x013b053,0x1a74f87,0x039fc85,0x169ea27,0x1bae175,0x167ccc6,
-        0x001d520,0x088a309,0x169bbde,0x178ae15,0x194b2bf,0x129e4f2,
-        0x16bcaf1,0x11f795d,0x18d3e82,0x1039c98,0x031fb85 } },
-    /* 147 */
-    { { 0x15cd607,0x18368b0,0x0e98e60,0x1554658,0x080c9fa,0x1c898eb,
-        0x1c16ddd,0x001d0f4,0x036708b,0x018809d,0x14a5fc4,0x01c3288,
-        0x16814fa,0x1353cda,0x11560ea,0x17da8e1,0x0bf4b16,0x18181ce,
-        0x0aabe34,0x0f951b5,0x08a518a,0x13ae6db,0x1ccc567,0x07029f5,
-        0x0e738d2,0x1cfef50,0x02343d3,0x166a4e3,0x1ff032e,0x1304ee6,
-        0x02ec2dd,0x07a9067,0x1ba8ea9,0x0a83d32,0x1609577,0x0830089,
-        0x0a4a50b,0x05111f2,0x0795211,0x00031c3,0x0983230 },
-      { 0x1f3d5a6,0x10813ab,0x1734a28,0x10dd195,0x1fce564,0x0a8f9df,
-        0x0e06c09,0x1e32b20,0x1935ebd,0x1366327,0x0ea9bac,0x0523810,
-        0x0160611,0x047267a,0x062299a,0x1636b9b,0x173dd53,0x0ac0e1f,
-        0x1ff1887,0x100952e,0x02fa78c,0x187d6e5,0x0c61d0c,0x0799e04,
-        0x08da4c8,0x183fb80,0x169e691,0x0824543,0x115eb5c,0x069fa54,
-        0x1826a38,0x1a0246c,0x0de157d,0x1695051,0x0ec997a,0x0a8bde8,
-        0x188db28,0x11156f0,0x032ab42,0x13d245c,0x08abbe3 } },
-    /* 148 */
-    { { 0x02d2f01,0x034829d,0x0172d11,0x06bb8cd,0x127c319,0x1a5013e,
-        0x02efc75,0x03ad521,0x15b50ec,0x0ed1a87,0x10b8980,0x08bc7e7,
-        0x121d3dd,0x1c1b774,0x1b84742,0x12f39ec,0x08f474b,0x03f01c8,
-        0x02e1e0d,0x0f8b733,0x1de919e,0x1f5e9e8,0x09d074f,0x1ec0b37,
-        0x08e8d1e,0x123b1e3,0x04d9d38,0x173ff27,0x1e67f69,0x09f39f3,
-        0x12075f5,0x15dd3c4,0x18dc326,0x0cc2634,0x1b6acef,0x0ea5e47,
-        0x0f8fe8a,0x0f18d83,0x0ea57e5,0x1a187a1,0x00f15b4 },
-      { 0x10a8d85,0x1b31abc,0x0bc63cb,0x1dc4b2b,0x11bffba,0x1a8943a,
-        0x1fb1892,0x0bba2b6,0x1323471,0x11cdb55,0x151075d,0x0532578,
-        0x130cdd5,0x1b682c1,0x0003a93,0x1c6c0a9,0x152f6d6,0x190f7eb,
-        0x04a4184,0x0fffca3,0x18cdc0b,0x12f7544,0x0da2960,0x13044cd,
-        0x1ba9222,0x1d97676,0x02ef41a,0x0f15236,0x16b0cb6,0x16e025d,
-        0x062c90d,0x195f1d5,0x17a99e7,0x102dde7,0x19b9c6a,0x03725a1,
-        0x15993eb,0x068238f,0x1776efe,0x0f04070,0x0515db3 } },
-    /* 149 */
-    { { 0x15bef22,0x1f55537,0x1c4bb90,0x1040690,0x152d269,0x1d7b634,
-        0x12139e8,0x0063c98,0x09a8c94,0x06a1a63,0x0626686,0x0e82a00,
-        0x0c63e5d,0x1f47520,0x0e36ef3,0x10e42a4,0x0d29679,0x0653664,
-        0x12b2f7a,0x16d5dc0,0x13ce73d,0x06dbfcc,0x0fda4ca,0x08bc669,
-        0x19bbfad,0x11851fb,0x0df07c5,0x18a3d92,0x00a6de8,0x192fcd8,
-        0x10d241c,0x025b057,0x1e6acb4,0x0cfe4a4,0x0db43b1,0x16b2036,
-        0x1cf34e3,0x04db884,0x1300b2c,0x0fc357e,0x02de048 },
-      { 0x1d9d484,0x19179c6,0x0b3062d,0x06f8ef7,0x0334939,0x0c95c54,
-        0x0e3c64f,0x04ab1b7,0x08e3fac,0x06bc6a8,0x1d29f60,0x1302e8b,
-        0x1df0500,0x03be614,0x1caffb6,0x113f1a0,0x0f2c30a,0x1b3d5fc,
-        0x0820835,0x0acfd53,0x173892c,0x17451d2,0x1096ac4,0x0aaa436,
-        0x0faebf0,0x0f4e0b1,0x1ae53a9,0x1c389e4,0x11e546e,0x04ca1eb,
-        0x0747905,0x087d17c,0x18183b8,0x1570592,0x120bbe7,0x008922f,
-        0x13874a3,0x09d22bb,0x1e1b9a0,0x0e39885,0x06f6ac0 } },
-    /* 150 */
-    { { 0x1d6e3b1,0x01156a6,0x01a74e2,0x195ac41,0x1c78e1c,0x166f407,
-        0x0e114b2,0x1c7cf08,0x0a8469f,0x10e60a5,0x1a3bc84,0x1b4fccf,
-        0x088e8f3,0x069a3a2,0x00f45b9,0x063e9b7,0x1987986,0x19dd0ee,
-        0x0931305,0x16b2ee1,0x101fdfa,0x031f6e3,0x07c284c,0x1b1fe50,
-        0x1d6016c,0x1e4a324,0x0ef3156,0x04ce461,0x00412a2,0x0e302bb,
-        0x1d80a86,0x0651f5d,0x119d5f1,0x1556ce3,0x1a7bd9f,0x0a4f972,
-        0x119bafb,0x0129873,0x00b2fcd,0x199feb5,0x06e2c24 },
-      { 0x1af8793,0x18125d6,0x12398c4,0x0206b92,0x144bccf,0x1a805fc,
-        0x19ade54,0x0cbd340,0x01d1167,0x0c8d4a3,0x04f1e1e,0x165d3fb,
-        0x1595add,0x14972a4,0x14b00df,0x1cb9e0b,0x1189f03,0x1658a2d,
-        0x16a87dc,0x1c91952,0x0e4f81a,0x0109ad3,0x080fc9c,0x1654faa,
-        0x0f5a249,0x15195e7,0x000b5fc,0x0d0f520,0x0745b00,0x1914363,
-        0x014bdf4,0x10ca0e6,0x1a8a875,0x0e2c79e,0x0210ba3,0x0b7c717,
-        0x1bf1118,0x045f9a6,0x03e45ad,0x01b2f81,0x05af7fd } },
-    /* 151 */
-    { { 0x0a224a5,0x0dca87a,0x1ce957e,0x0998a04,0x0190457,0x1f8feaa,
-        0x04cc190,0x10669f0,0x10e50f7,0x0b400dd,0x005c4a6,0x080712b,
-        0x16866d7,0x12048e9,0x0690176,0x0dfcfb7,0x1df16a4,0x078f1bc,
-        0x0efe45a,0x09527f0,0x0bca8d0,0x1a99590,0x0b9320c,0x0543821,
-        0x134b1f7,0x0da4ce9,0x1f60657,0x1f7932e,0x014b5d8,0x1efffdd,
-        0x1db2bac,0x0edb5e8,0x0fef022,0x1b97a30,0x17fb6d6,0x0497291,
-        0x16dfb06,0x02e492d,0x152b946,0x1032c13,0x027a9c3 },
-      { 0x12a93af,0x1b9a378,0x0d35cf0,0x18aa6cc,0x028b707,0x00c9e88,
-        0x1635526,0x13b1df4,0x0ef21b6,0x1c1d2e6,0x0283893,0x01474f1,
-        0x1805cbb,0x12d89e4,0x00c5e05,0x0f09802,0x0582b73,0x17f5107,
-        0x140d87c,0x0e2741c,0x02d9df9,0x07e8661,0x0c51268,0x0bc5c36,
-        0x152e77c,0x0678c1b,0x16d9c11,0x1c89ad7,0x1e177a6,0x0f4ab99,
-        0x08c04b7,0x011dc58,0x0b49669,0x18ca4b4,0x15047d7,0x1fb3760,
-        0x0acd886,0x0c1638b,0x0491254,0x129f7bd,0x01c6906 } },
-    /* 152 */
-    { { 0x0880026,0x13e8b9d,0x17c976d,0x0024bb2,0x09c4f0a,0x165bd24,
-        0x01544fd,0x14a520a,0x15cbbdc,0x15918e8,0x0f2f4cf,0x19332e5,
-        0x1af8cff,0x16aad01,0x13bd352,0x0f85f96,0x1ca2286,0x0ca26a3,
-        0x1ab46a9,0x110a901,0x104596d,0x1c65e45,0x1da95f3,0x0bcab40,
-        0x1844b00,0x04beff2,0x0474628,0x1d3cfc3,0x123c745,0x1374294,
-        0x0e655e8,0x0febb66,0x0867b79,0x1686468,0x02398ef,0x184aa68,
-        0x089ad23,0x0b72eab,0x10ce456,0x1ad4a09,0x07b8c13 },
-      { 0x0fb6901,0x01d56a9,0x14ecbf1,0x122d944,0x1c0313f,0x0d56e30,
-        0x00c2945,0x18428eb,0x07f577d,0x09e8c93,0x0f03772,0x1d1dee4,
-        0x1a26e52,0x1f5cfb6,0x0783ae0,0x06eda5e,0x082f180,0x0ccbcef,
-        0x020d24e,0x051d976,0x18e743e,0x0e51ce1,0x068b547,0x1c7ed6b,
-        0x063a9a8,0x1383730,0x092e6cc,0x19e3b47,0x18915d4,0x0451697,
-        0x049b94d,0x0a0a0f2,0x075e3e0,0x1c1fd2f,0x195c834,0x135dff9,
-        0x0fd2fb2,0x16a9e64,0x1334075,0x1ecd2de,0x00e3c3e } },
-    /* 153 */
-    { { 0x1ee1d83,0x19be090,0x1e20ef0,0x1af0f6e,0x17e08f6,0x07d2674,
-        0x07f304e,0x0b17ee1,0x1a0348e,0x17bbb23,0x199cb6e,0x15794ab,
-        0x1d04f8b,0x1eaf62e,0x14a4675,0x124301d,0x1ff33e9,0x1c67325,
-        0x12c166b,0x13f8ae4,0x12baac0,0x1cee2f1,0x141a0c7,0x0b5ed52,
-        0x0267746,0x1fc1351,0x1b25fc7,0x18bdfcc,0x0087fd3,0x106b5e3,
-        0x1ac5457,0x1551db8,0x1a39c5e,0x0f694d8,0x1aec39e,0x107bb02,
-        0x1c3788b,0x009bb4d,0x09471b3,0x1c78125,0x0463098 },
-      { 0x0bd0fa7,0x00463e4,0x1924e99,0x039cd7b,0x1176431,0x1f7bdf6,
-        0x18420a0,0x071c62b,0x199b5d9,0x109e63b,0x1269ae0,0x0b028b4,
-        0x11af7f1,0x1294f26,0x03f6c3f,0x193ada0,0x177ce66,0x12ae9c7,
-        0x0f52e54,0x0f99803,0x1986b4f,0x04d7b8f,0x0365d6d,0x0c9a015,
-        0x19fcbcd,0x16b895a,0x12968ee,0x10c1ca0,0x1c89f11,0x102215a,
-        0x07db65d,0x0f47c46,0x0d0c659,0x05d497f,0x10cc5e3,0x1cb0229,
-        0x0698e11,0x13a6033,0x0e16b8b,0x1274691,0x07f8fd0 } },
-    /* 154 */
-    { { 0x19428af,0x0c96560,0x1997c91,0x0274610,0x192a1c8,0x05debf8,
-        0x0604b8c,0x17284b1,0x1836c6b,0x06d8391,0x19261c4,0x03d2b31,
-        0x0b9c7a4,0x1756b7a,0x1fc5e79,0x0588915,0x1b97586,0x1387c7c,
-        0x1c8660f,0x16046ed,0x11526b3,0x0dcc732,0x09760fa,0x0a24314,
-        0x126a8d7,0x0d31d96,0x0a75bc7,0x0a10503,0x081f749,0x0682d2d,
-        0x1c637de,0x1c8d0e8,0x19ee559,0x1ec666b,0x095d9e1,0x0a40c19,
-        0x08476c9,0x1d427fd,0x144c509,0x0a3cc86,0x087b64c },
-      { 0x130d3c4,0x037b2a5,0x1c521fd,0x184769d,0x0dec4c5,0x0526b46,
-        0x11d998f,0x0db676e,0x1cf3fb5,0x0f9a134,0x1f51a87,0x13881fa,
-        0x1dd4f13,0x1534d45,0x0df1f1d,0x1afa547,0x0c9cbad,0x0772b5a,
-        0x12508cd,0x1fe6855,0x1da3b28,0x1d3c378,0x0011bf7,0x001905c,
-        0x1149cb7,0x0cbe72e,0x0542599,0x1461df0,0x1f4bddc,0x0304fe7,
-        0x1a11288,0x08924a4,0x12f65e7,0x10f9c07,0x14b3500,0x01cb6ca,
-        0x042dbbd,0x154e150,0x18bd5df,0x0f9b380,0x08c9526 } },
-    /* 155 */
-    { { 0x1c1abb1,0x081972f,0x1d0d995,0x0825fc8,0x0215af5,0x182f7a9,
-        0x1d580a7,0x1d3faca,0x1dc191b,0x0739992,0x18e6c2c,0x0cbd810,
-        0x137ab3c,0x0e1f333,0x141fd44,0x0aaaace,0x1c3c861,0x0b1c5f7,
-        0x0bc312b,0x03119e8,0x186d5d0,0x0e6c4b0,0x010e8c0,0x18ce83d,
-        0x003f7b2,0x0e8022b,0x13e8f34,0x0ea8b81,0x00672ef,0x17fea52,
-        0x177d84a,0x08b73d1,0x0197c9f,0x116ba2b,0x0df61e4,0x1f68a64,
-        0x0b2d59b,0x09971d2,0x1a85afc,0x0e77094,0x08afa1b },
-      { 0x193ac70,0x0cb7573,0x1441acd,0x1dddedb,0x0c94ef8,0x0117202,
-        0x13e89c1,0x0c724d6,0x0e9e5d7,0x0638ee7,0x0aab7f2,0x16e1ea2,
-        0x1f352fc,0x1441cba,0x1ee84e2,0x0762636,0x190058c,0x0abcc89,
-        0x1dd03f4,0x0412552,0x0697969,0x0d8b058,0x066b651,0x106f564,
-        0x1438810,0x1b8de31,0x13c5d2e,0x0ddc238,0x1b80eb7,0x1fe0d58,
-        0x0298446,0x0e1d88b,0x082bac8,0x09992de,0x049cc4b,0x11ddcc0,
-        0x1240adc,0x08c58d5,0x024f2d0,0x12256b4,0x0672111 } },
-    /* 156 */
-    { { 0x15cf9bf,0x0c9837a,0x1b6647a,0x1148d72,0x1b04530,0x1d32efc,
-        0x0787679,0x1775c78,0x1c731bc,0x09e58a8,0x1629851,0x044f49a,
-        0x0214be5,0x0be3a66,0x16b248a,0x001ac73,0x045822e,0x1a687bd,
-        0x18ac0f7,0x163aa38,0x0b2dafe,0x125d50c,0x0ec770e,0x056e9e1,
-        0x07178df,0x119bf9e,0x1a25ada,0x19a6514,0x0e055ff,0x0a2a0ee,
-        0x01fa57b,0x0d49c57,0x1fbc76b,0x0ee74cb,0x1fc7e96,0x03cbd8c,
-        0x0c0367c,0x11b4566,0x08ff814,0x02ca9c9,0x07c8639 },
-      { 0x07388cf,0x0a5af65,0x14e157a,0x018066b,0x17cc0a6,0x17c2dd0,
-        0x0de2d85,0x10136d3,0x1101229,0x02e8177,0x1429e5c,0x1d0039f,
-        0x12565a6,0x1e8f71a,0x1d2a5b5,0x13b5bd6,0x0ed427b,0x1ae4419,
-        0x1b54cc3,0x150a51c,0x0ee896e,0x158c692,0x0c36218,0x1f273ee,
-        0x18ed59f,0x1294e69,0x0804180,0x121f934,0x03b3ff6,0x045c118,
-        0x1a718b6,0x1baa568,0x042d7a4,0x096c9fe,0x1e8a32b,0x100df1b,
-        0x0092043,0x11b0483,0x156b540,0x0b1f9d0,0x0325827 } },
-    /* 157 */
-    { { 0x19e8c60,0x0722f9a,0x061bac8,0x0a6c994,0x071bb8a,0x1c70886,
-        0x141c77f,0x0f00562,0x14c93e5,0x1a748e9,0x0743601,0x1c01705,
-        0x1ac0326,0x113541f,0x0648961,0x1413c78,0x0d5fb29,0x11c3d32,
-        0x16b1720,0x147a69c,0x1a29caa,0x12d6d16,0x03b5a17,0x052ca1d,
-        0x00267eb,0x179c939,0x05d8e00,0x0e30963,0x0b1aeaf,0x0e876fb,
-        0x1748fd7,0x04bcc24,0x01fa347,0x1950d5f,0x1e74321,0x1fac50f,
-        0x0c57c3a,0x1549e95,0x1d95926,0x0e2b7b4,0x01a4e6a },
-      { 0x14d1267,0x1376f2a,0x0d20684,0x0639a05,0x17f9453,0x18fd8e9,
-        0x1c13338,0x025ae15,0x1097dc0,0x1a08585,0x1edb173,0x1a2e6d8,
-        0x05930e1,0x0344884,0x0bfb907,0x0c71f20,0x0a779fb,0x19a4dd2,
-        0x135be37,0x18b0435,0x0acea16,0x009703b,0x1ecee0f,0x003a29b,
-        0x1033be5,0x16d35c6,0x0883cb4,0x0b27a8a,0x1f18800,0x0936cce,
-        0x098dd49,0x13fd667,0x032351c,0x17a2b65,0x0ef07db,0x15b2268,
-        0x15b9dc8,0x042bed9,0x1a0cb1d,0x1270b69,0x0856a7c } },
-    /* 158 */
-    { { 0x10a5583,0x1e80106,0x162a801,0x1bdb48c,0x0f1301d,0x0c9cdf1,
-        0x1e590d3,0x06d2380,0x0a70c08,0x065b3c0,0x0795028,0x1f2b7d0,
-        0x18c0b4d,0x0ea5645,0x0ef34d1,0x0c472d9,0x0d05475,0x12be297,
-        0x00173ad,0x05b9483,0x0255cac,0x15bc9a2,0x0457b9a,0x193454d,
-        0x1ef3124,0x13a1b36,0x1e304b1,0x1a772c5,0x1b7c3bb,0x078dbed,
-        0x16eaad9,0x1c45772,0x00e4553,0x11dba1e,0x1aeb131,0x024811f,
-        0x0a4da63,0x13b9891,0x16900f2,0x1098c6d,0x0628890 },
-      { 0x0b8d208,0x1fea9c6,0x1b52915,0x12a87e0,0x1a8f800,0x17f955b,
-        0x18553cb,0x1cf6cdb,0x1f72517,0x0ed9475,0x0274b3f,0x1ccdf27,
-        0x0e0149f,0x0c2dc46,0x1a1dcff,0x087eef3,0x10b0ba5,0x0229704,
-        0x02c0ff0,0x136b9f6,0x177bdeb,0x05362f6,0x0c44d12,0x1f806e4,
-        0x1f3cf8f,0x0251b04,0x15706d3,0x179388d,0x059be92,0x1df9c7d,
-        0x04799bc,0x19b604d,0x196bf5f,0x1c47c89,0x0750027,0x07e3d8b,
-        0x0ad9dfe,0x081a2b1,0x135630a,0x058b5b4,0x079d812 } },
-    /* 159 */
-    { { 0x0529507,0x0726755,0x1400535,0x08e8cab,0x056a081,0x07e23a0,
-        0x028e13c,0x11d81a6,0x03443cb,0x14101f5,0x05ca362,0x1f612fe,
-        0x1233c62,0x1a9077a,0x0e373f6,0x13a7d14,0x15d7cac,0x0507c86,
-        0x1cf3a94,0x0f617f0,0x01cb28a,0x1d36362,0x14456b8,0x0702583,
-        0x171daa1,0x03f51a8,0x1589354,0x0ba9774,0x18f42f2,0x0944bf4,
-        0x1c6476b,0x12d4826,0x1d6b1e9,0x12dbbff,0x0496da7,0x0fa8d84,
-        0x00c4f70,0x095a121,0x155eb1f,0x12b0284,0x02ab3af },
-      { 0x05372a6,0x103a635,0x0e9e1b2,0x1cac525,0x128fb83,0x1a0e7ab,
-        0x05b71dd,0x13ae8ab,0x1520ef4,0x05a6750,0x1191c9c,0x1c68c3c,
-        0x1d1472f,0x1fdc562,0x15af598,0x180e3e9,0x0c9c10b,0x0a37296,
-        0x1c68d18,0x129dfc6,0x0877287,0x0c13b7f,0x092141c,0x1deb569,
-        0x157739b,0x00af6d6,0x1cfc572,0x0985b3f,0x0395c32,0x0872c7c,
-        0x1546225,0x1016d50,0x0e40996,0x001f0dd,0x08b22a2,0x1c9ea7c,
-        0x039d25e,0x119fb08,0x0272abc,0x06a4a08,0x007db2c } },
-    /* 160 */
-    { { 0x17d4703,0x1dc6d81,0x02e71fc,0x1f8be91,0x083708d,0x18ea017,
-        0x00c3e11,0x1d23f75,0x05a2faa,0x0af7469,0x13f07a9,0x1e20a80,
-        0x11c2e5b,0x1516ab2,0x1f5409e,0x1ebf2c8,0x00c7eba,0x19bd29e,
-        0x16cc2af,0x1e17652,0x13ba7ad,0x1f6b264,0x1698b87,0x1de94f0,
-        0x018c0e2,0x027bffe,0x0534b34,0x073bb3b,0x00af021,0x1d5baf5,
-        0x13c94fe,0x01fdf35,0x08100ea,0x0ad53be,0x0137218,0x12e98a7,
-        0x1fe5206,0x143416c,0x15d672c,0x11f9efb,0x008b6ca },
-      { 0x16c3b5a,0x12df501,0x0d2f813,0x04ff3e5,0x1872610,0x1cbe079,
-        0x095c0a5,0x14753f9,0x182879e,0x12b0c05,0x1c377c5,0x1376c0f,
-        0x0715338,0x13d8704,0x08488f1,0x0ff8f33,0x0ec9d89,0x0868c04,
-        0x05bb7c6,0x00e2352,0x1118947,0x158390b,0x1e3d4bc,0x111116d,
-        0x129ffd1,0x0802ec5,0x15331be,0x1e3c458,0x04877fe,0x10b2f59,
-        0x097100d,0x06a8f2a,0x1a95233,0x0a3457e,0x1085a18,0x11ac454,
-        0x14faba0,0x021d83b,0x09f4974,0x0041a63,0x02c337b } },
-    /* 161 */
-    { { 0x022fa65,0x182de75,0x18e9ec8,0x09a2b3e,0x1e183ef,0x1ac91fd,
-        0x161f4fc,0x0a668e7,0x0c11d77,0x13fd983,0x1533fec,0x1cd6540,
-        0x19702e7,0x178c2b0,0x1a7e5f2,0x0a38a79,0x0434e7d,0x1c1aa81,
-        0x0d5ab16,0x1c7b05e,0x1131a63,0x156bb22,0x019edf2,0x0e3f93b,
-        0x1e6afa6,0x0bbf742,0x18ac1f3,0x1730bdb,0x1a51933,0x0c587fe,
-        0x0d81f56,0x15285b8,0x10eca39,0x10c54d8,0x13b9418,0x142fe7b,
-        0x06b7d5c,0x0a74688,0x0c724f6,0x069db10,0x0509b26 },
-      { 0x0caed54,0x0a0a724,0x1a5ec6e,0x1997ea3,0x17a78c6,0x14d92c3,
-        0x0323537,0x0f148d1,0x091ee3d,0x01209be,0x1b99300,0x0469c61,
-        0x18a68f9,0x040c86b,0x0c956f2,0x0d216ae,0x05fba80,0x020f470,
-        0x10d53d3,0x071b09d,0x0816500,0x0b6fd29,0x0c63c0b,0x16c7fb5,
-        0x19007cc,0x02ae23f,0x0fa62b9,0x13a901f,0x0e319d2,0x0e912e8,
-        0x0652b11,0x004db6e,0x06f3575,0x0c3dce8,0x1880b0d,0x0ee6773,
-        0x0c31772,0x041cc91,0x01d4889,0x14ea977,0x01592d5 } },
-    /* 162 */
-    { { 0x17453f0,0x06cd167,0x07c15de,0x15db078,0x0ffb899,0x1415d3d,
-        0x01b4f82,0x1035cca,0x0ea3d50,0x164270d,0x0a8e2cc,0x1181021,
-        0x019ad52,0x1e9be82,0x1f6c082,0x1c83f63,0x1e1d06c,0x13c6b65,
-        0x19d2dfd,0x0fe1e05,0x1022d28,0x1ae21dd,0x1d73495,0x034e367,
-        0x0f2f3f8,0x1fa3694,0x1718cf9,0x0cb763e,0x1c580ee,0x1e0e627,
-        0x094cb97,0x176f60f,0x155539f,0x1579d66,0x11c70f2,0x1b6b528,
-        0x0cc22d2,0x0c5efa2,0x1ddf2e5,0x17aef44,0x01614bd },
-      { 0x10ab04d,0x1811876,0x0ba9307,0x00dc410,0x0e347b0,0x162dafd,
-        0x0f18f10,0x06b3e21,0x1de0199,0x029cf37,0x142096c,0x09cecbb,
-        0x16d89bd,0x1de76d0,0x0983fbe,0x1946524,0x15ce62a,0x1c5553a,
-        0x1b20b17,0x0c5f52b,0x0768ed7,0x008c328,0x0679930,0x05c6919,
-        0x16245c9,0x0b42bee,0x1cc7a9b,0x1b7114e,0x1447360,0x095583d,
-        0x1fbbc00,0x02e3ae1,0x1356b94,0x048d85c,0x18a00fe,0x05cd160,
-        0x179c20a,0x0a529d5,0x01ca0e9,0x18f6016,0x0489656 } },
-    /* 163 */
-    { { 0x1353c25,0x124dd38,0x189390d,0x0227ecf,0x117f27a,0x0f5cf1a,
-        0x0cce870,0x1f2217a,0x078e29b,0x070e02e,0x0fc5765,0x1b2e8e8,
-        0x1084fe7,0x086d16f,0x01d2422,0x077c339,0x1a75367,0x0c1201f,
-        0x0eba86c,0x1ebb683,0x0ead7eb,0x1a920c0,0x13f82b8,0x1ea187f,
-        0x1873fc2,0x06c8e8a,0x19c1987,0x0d0a35a,0x1e8c2c1,0x146cd28,
-        0x06600a5,0x1c02c21,0x1d1a9cd,0x1f52b73,0x1226a29,0x10562a7,
-        0x06e3c49,0x00dbc48,0x0772db5,0x1d3aced,0x0082bb2 },
-      { 0x0d6615f,0x077a362,0x0a71860,0x0203730,0x1c629dc,0x1932657,
-        0x0bb003e,0x189bc44,0x010ecc2,0x0a2bf03,0x08b1371,0x133e3dd,
-        0x0c95ce5,0x07ce2d9,0x0cfe9ca,0x021f208,0x062cd63,0x1f701aa,
-        0x18b8894,0x0af8779,0x1e4484c,0x0d4b6c3,0x1b23b0c,0x0a58b4e,
-        0x1e393a4,0x11a985f,0x02811ec,0x0b25628,0x18545ec,0x1f0c600,
-        0x119ef62,0x0b82f18,0x14e0107,0x1802dbc,0x0518b88,0x06908e3,
-        0x022a54f,0x12f11bb,0x0410899,0x08d2039,0x036451a } },
-    /* 164 */
-    { { 0x1893e71,0x0168c0c,0x02085e0,0x16a7344,0x01765d8,0x01767e5,
-        0x1a8048c,0x13bf8d5,0x1365bf5,0x0a67a8d,0x0caa023,0x1ae41a4,
-        0x0787741,0x0c74021,0x0d0facc,0x073d958,0x12fe747,0x12a9f65,
-        0x0a2c1f2,0x14f3503,0x0b3aaec,0x112b7a5,0x0227fcc,0x143a3ee,
-        0x1d7293f,0x10b2f4a,0x1bd8aa6,0x0c0ad35,0x08ddc22,0x1119550,
-        0x12979dd,0x036f76a,0x1fabec3,0x0ab73c9,0x0559d0f,0x1e91441,
-        0x0b0ebef,0x0e6d897,0x1f3c5d2,0x148d371,0x0705307 },
-      { 0x088310b,0x1260272,0x15edea3,0x04a64b9,0x12726e3,0x01f7d60,
-        0x162c126,0x026ba1f,0x002ddb9,0x0b72a96,0x05a171e,0x07eeef7,
-        0x030eeca,0x18af925,0x1d9ba26,0x192f336,0x0d648ef,0x03e139b,
-        0x000871b,0x032d0b5,0x11ea3d6,0x1c50597,0x1f8cf89,0x0edad61,
-        0x09879b6,0x05f4ae3,0x046bd38,0x00e8e63,0x04ee55a,0x1af89b6,
-        0x0e68bea,0x0b3cbe7,0x138b8ff,0x17f3734,0x1690e72,0x003c229,
-        0x0a6ad12,0x0caf61b,0x0abb325,0x1a0afcc,0x080f79b } },
-    /* 165 */
-    { { 0x0af09b3,0x1a153b0,0x1850f3b,0x1b267bf,0x1c016eb,0x02f5541,
-        0x1c783b6,0x192e419,0x1ceaa3b,0x07af4cf,0x01be5f5,0x13a56e2,
-        0x127216b,0x04b3456,0x1cd30db,0x0ca3ecb,0x0bc5b0c,0x1547dc1,
-        0x0bf6937,0x085e39e,0x059e20f,0x16690fb,0x1acc6ac,0x07a2c31,
-        0x176c7a1,0x1f2dbd3,0x08e198a,0x1888204,0x108e0be,0x0d38656,
-        0x0032097,0x0045803,0x1299079,0x1cffecc,0x1680abb,0x00ec477,
-        0x15c58b5,0x027a79f,0x1fc677a,0x149b049,0x05f5a5d },
-      { 0x08311dc,0x192bf3f,0x04d95cd,0x028cd9e,0x1ef94f5,0x0e510d6,
-        0x05916c1,0x06f4e7c,0x002e4ab,0x0754d9e,0x04596ce,0x15930af,
-        0x047760e,0x012580d,0x1f7411f,0x0ab09bf,0x1d13fb9,0x10c46a7,
-        0x15522f6,0x1871704,0x1cacfaa,0x182cf4e,0x069e69b,0x144e01e,
-        0x1720f09,0x1244c1f,0x13ee29f,0x19774aa,0x01fad58,0x0cb423d,
-        0x178e286,0x0b57ad6,0x1856547,0x0b76108,0x14c7cdc,0x16ea227,
-        0x0212907,0x08f3c0a,0x162244e,0x0021b82,0x05319c8 } },
-    /* 166 */
-    { { 0x161c3af,0x009b735,0x0da08c8,0x1c0f697,0x1d40f2d,0x064bf80,
-        0x1b9fce0,0x074ca3b,0x06a8c31,0x0bc5d38,0x072842a,0x0fac402,
-        0x1b22c58,0x158fa22,0x0ee8862,0x089cc91,0x107e504,0x0c62f57,
-        0x10bf33e,0x13e0548,0x093d554,0x179ec02,0x09591d1,0x1808b22,
-        0x04f6179,0x043a169,0x02af722,0x0c01f43,0x138f8f1,0x10056f6,
-        0x11972e1,0x12475d6,0x0bf9b90,0x02bc552,0x18d4787,0x09ac7fd,
-        0x0bb9ea1,0x04e2d67,0x13fc3cf,0x09be234,0x03d1331 },
-      { 0x0513d1e,0x03316da,0x0af7973,0x0baab2a,0x1e78a8c,0x1c36856,
-        0x1e8ff9f,0x18bd146,0x07a04f0,0x1168952,0x1741b32,0x0dc85c4,
-        0x114c669,0x1909b03,0x1851a62,0x1c396a4,0x01b89f6,0x17a6938,
-        0x03bf657,0x1ac2ef0,0x0907aaf,0x0262ddb,0x19b5ceb,0x01b66b5,
-        0x074ac42,0x1d024f4,0x13c9d47,0x02c63bc,0x1a2edd1,0x199b50f,
-        0x136ca7d,0x16ffaf2,0x0406864,0x1c95326,0x074f88b,0x0ce7964,
-        0x0043cc7,0x1482731,0x11ab7ab,0x13f6645,0x067f28a } },
-    /* 167 */
-    { { 0x0148ab5,0x1d92c65,0x0145f05,0x1f678c0,0x19a1976,0x1946fcd,
-        0x01a6323,0x02fd44c,0x0e8d450,0x1d9663a,0x02908a1,0x06520af,
-        0x1237257,0x0bdf639,0x157b894,0x1778903,0x1cf1d48,0x16ba08f,
-        0x01fd73f,0x02fcd69,0x0e1b462,0x02a0f5c,0x12c01eb,0x0b40191,
-        0x057a6e0,0x14ce20e,0x0f4be7e,0x1f2a9a5,0x141cad1,0x0aeda04,
-        0x074dc2f,0x07052a1,0x087879c,0x052f772,0x154973b,0x1c9826e,
-        0x1d3efb9,0x17bfd27,0x0f6cba3,0x0e837a3,0x05ff091 },
-      { 0x19c6632,0x089522b,0x0055e46,0x1f71441,0x1b19a44,0x0b1ce9d,
-        0x1ee114d,0x19de9f2,0x1bc3c9b,0x0bf15e5,0x1990439,0x1e57e33,
-        0x0d122b3,0x09abecd,0x0062768,0x1fecc3e,0x1bb79e5,0x033aab9,
-        0x1cbcf13,0x1cb931d,0x0731444,0x1002688,0x15bd878,0x0ebac6b,
-        0x0366fac,0x19186fd,0x18b2153,0x1f88f90,0x10850b9,0x121f056,
-        0x0cb012b,0x05ee418,0x0e94f64,0x1de4eae,0x19969d4,0x06cfdf5,
-        0x10373a6,0x1e9869d,0x0591b09,0x07452e4,0x0668101 } },
-    /* 168 */
-    { { 0x04509df,0x0ec89f4,0x0dd84e1,0x1b9e672,0x0978bed,0x11d0a47,
-        0x0974cd0,0x0f25be8,0x1ee8cb5,0x1fd0571,0x1154f10,0x0d3a638,
-        0x08f0153,0x0fdf8ea,0x13c22ef,0x048940b,0x1e69444,0x1d6ffa5,
-        0x0d7768c,0x06bf034,0x0b7c016,0x04f3b7d,0x0217225,0x0e6ef06,
-        0x1fcde16,0x06925eb,0x128953e,0x1b196a5,0x1ec985f,0x0533209,
-        0x131885a,0x0f5204d,0x0db9741,0x0f0dbf9,0x1959438,0x1c72c5d,
-        0x13beffd,0x1051a36,0x0ac7efb,0x05e17bf,0x03b35b7 },
-      { 0x15c3749,0x06f4fa9,0x1122ffe,0x1f15bb3,0x03c1f20,0x1c7b319,
-        0x0cdef23,0x09352eb,0x1e8f3ae,0x094f23a,0x1898a09,0x01aa3ab,
-        0x1dc32f1,0x13c3178,0x1034a5d,0x17c6cb5,0x138854c,0x109e3c9,
-        0x0d9f918,0x0009de9,0x0ee148f,0x0872e88,0x1e8de85,0x1051141,
-        0x0778dd2,0x1a6a4ba,0x1b3edcf,0x0d0614c,0x0049529,0x000983c,
-        0x0527d11,0x12ec16d,0x033c709,0x1ae4cc1,0x129496d,0x1906819,
-        0x0771f99,0x117205e,0x11a14fd,0x1d79b2b,0x047d0a1 } },
-    /* 169 */
-    { { 0x12811f1,0x1a7ffb2,0x000899b,0x06c5de6,0x0aacaa9,0x05d0657,
-        0x1e95543,0x0ced870,0x0007f54,0x1a80a15,0x1c99ce8,0x0054405,
-        0x05c7fd1,0x19ee373,0x0bb95c0,0x0c7b2bb,0x0c3064a,0x1303417,
-        0x18ac947,0x1e17608,0x16e746c,0x12aed49,0x0380c32,0x084cb6a,
-        0x060f243,0x07ae43d,0x0da6d3a,0x0c6f657,0x17770a9,0x1ac63d6,
-        0x099807e,0x1da742b,0x12147f6,0x0f4b08f,0x1578a65,0x0c0b68f,
-        0x03213a1,0x0654d9c,0x0a1732c,0x094932b,0x08f4b61 },
-      { 0x14eb3c1,0x0760ca5,0x09c16aa,0x0840647,0x0c549ac,0x1663554,
-        0x04c893d,0x14601a9,0x145f9a5,0x129dcdd,0x1eaeec3,0x0220112,
-        0x10e46ef,0x0bd66be,0x01cf95f,0x16b11fd,0x1e50f7c,0x0be7e67,
-        0x01555f4,0x0a7acb9,0x12e20ea,0x0239447,0x1f767ad,0x1d6d151,
-        0x1edfac0,0x1065596,0x002180e,0x104428e,0x1eb06c5,0x0344807,
-        0x0b1a519,0x04bcb95,0x04cf5bf,0x08d74c0,0x01627f2,0x1db0ab3,
-        0x13c45ea,0x09bc58b,0x06007b6,0x004a499,0x08f942d } },
-    /* 170 */
-    { { 0x0845808,0x1618147,0x1f147c7,0x156ef57,0x0302bff,0x0cbee3e,
-        0x152e7e3,0x0964d5f,0x03aac59,0x09d41e2,0x165370f,0x17a2ce9,
-        0x1ce3b74,0x0552c88,0x192dcdf,0x059a488,0x173871c,0x131492b,
-        0x0d1103f,0x1e490a7,0x0d7d419,0x19f0295,0x1769a83,0x0d90d81,
-        0x080d684,0x1a13229,0x0be0c93,0x04ad13f,0x0f117aa,0x08f403e,
-        0x0df1d2b,0x11bb93b,0x026dea0,0x1e42eab,0x0dce59b,0x06a4c40,
-        0x13b1eb5,0x16abe1f,0x06b2f82,0x0a52938,0x0383002 },
-      { 0x0744723,0x1ad202f,0x120683b,0x0a35c10,0x1b5bcf7,0x00fbb7e,
-        0x16333fb,0x18d57f5,0x1fab37f,0x1d2ec18,0x1b6de3e,0x049191f,
-        0x10be39e,0x16c9f98,0x13eb57e,0x0b8494b,0x11e913d,0x0ba3fed,
-        0x1462dfd,0x148f928,0x0327052,0x163e7da,0x0788235,0x1ca717d,
-        0x1cb9c70,0x08b589a,0x056ec5e,0x0c6a4eb,0x1106c73,0x1c402d9,
-        0x01a8b01,0x1841376,0x0d42a06,0x08256e9,0x11c74f1,0x096a4b6,
-        0x022ce03,0x1a59b44,0x0169727,0x12dd683,0x015f187 } },
-    /* 171 */
-    { { 0x0ee4684,0x0f50305,0x0f20253,0x0cf9b7b,0x02b21f0,0x09898ca,
-        0x18526c6,0x14d4873,0x181a7db,0x125eea0,0x0ba03fa,0x0e0c785,
-        0x02c6213,0x09411ee,0x02c259c,0x023636b,0x1158326,0x03a21ea,
-        0x0f080e1,0x0df0622,0x12d22e1,0x0b15ecc,0x0338813,0x0327116,
-        0x1bcd6f4,0x063a4ce,0x1474dde,0x125bda3,0x1dae734,0x0ba7e2e,
-        0x166756f,0x13296c4,0x0813d52,0x165346a,0x13d83a1,0x18323b3,
-        0x13e9c2a,0x10bcf57,0x048e158,0x1e73fdc,0x06146f1 },
-      { 0x18e2aa6,0x1699f03,0x0996f41,0x0f3bdd2,0x093af7f,0x1207423,
-        0x03e076a,0x0fdaadc,0x09b9a40,0x0fdddc4,0x0654641,0x15b9dbd,
-        0x19dcf44,0x0496dd1,0x1c7e34c,0x0ee96fe,0x1a54231,0x1b3adae,
-        0x17d817a,0x0d44a34,0x1a9e745,0x17c3d1c,0x040c752,0x168e97b,
-        0x1000605,0x148eda1,0x0ad996a,0x1b4bb7e,0x11eeb4b,0x1efab31,
-        0x1617468,0x0c46ef8,0x08149ef,0x085ff81,0x13a5a17,0x1c5c35e,
-        0x02a465d,0x15043ac,0x0014383,0x13c0d7a,0x095543f } },
-    /* 172 */
-    { { 0x1d7c6ef,0x1e37a42,0x1093df2,0x1ac7637,0x0ad8084,0x065d316,
-        0x13a22fe,0x125bf21,0x0b455c1,0x0725b43,0x1f1bb66,0x11aaee9,
-        0x176146b,0x1d71003,0x188e279,0x04a52e1,0x07961c2,0x0a920e2,
-        0x021397d,0x042a207,0x02737d2,0x110bf14,0x15b4833,0x04ce9f1,
-        0x19f514f,0x0edf188,0x15c3004,0x0a8b20a,0x1b760e8,0x1aecfe7,
-        0x0677ead,0x13d1854,0x146362a,0x0a593ca,0x1e2929f,0x1896da7,
-        0x0e5d698,0x0438827,0x05bfe97,0x0f05745,0x06db434 },
-      { 0x03f0d95,0x03249ae,0x0254192,0x049ce91,0x0917db8,0x179f224,
-        0x17d89ac,0x097ee7f,0x02b7f57,0x1076e2a,0x0c9c8f1,0x13455ee,
-        0x0cbe1c0,0x1e5688a,0x0d19a75,0x15ff2fa,0x00a321a,0x04b2330,
-        0x1433587,0x1c5775d,0x150eb94,0x00ef623,0x019b869,0x1513eb1,
-        0x0990db1,0x149d0df,0x13c9d65,0x073c9ad,0x00dddfc,0x1bc0607,
-        0x104473e,0x1b33914,0x0afcd7f,0x0182878,0x0b6db87,0x099d7ff,
-        0x16d2c6e,0x1cc0d84,0x1ea513c,0x1ce55c4,0x007a791 } },
-    /* 173 */
-    { { 0x09f0300,0x148238f,0x04139c3,0x13799bf,0x00253ad,0x02983c7,
-        0x0a277fc,0x0c4a380,0x0ae8934,0x0f78497,0x11a117c,0x1235490,
-        0x142c90a,0x18ed6a5,0x11bb683,0x0cf6432,0x0f333df,0x0783b28,
-        0x0c56805,0x1311b61,0x10f9c6e,0x175aa17,0x1cb8319,0x1806f1e,
-        0x16311e0,0x086aea5,0x0aba1a5,0x09175b5,0x1f1c8f5,0x11c6d9a,
-        0x151a005,0x1289a35,0x09e3216,0x18e9909,0x0b21011,0x1d32a37,
-        0x05e94dd,0x0614f9c,0x1b2b00f,0x05c8a87,0x06d6acc },
-      { 0x1b2d299,0x0cf4aab,0x0737ae6,0x17c7ae4,0x1a2bcd9,0x065a221,
-        0x0e13eed,0x1545cc0,0x1dc060f,0x10bbb84,0x01f37ab,0x0da7193,
-        0x0d74f0e,0x083b7df,0x08df3e0,0x1f7ff34,0x1137983,0x034d78a,
-        0x08fe561,0x1ef43a6,0x03986c3,0x07b6db2,0x0f8872b,0x0e07b24,
-        0x0134f96,0x1bb3e6c,0x1ee0e4f,0x0eab131,0x0252220,0x145e174,
-        0x1f06d6c,0x0f24954,0x18799c1,0x13d455b,0x03ca050,0x043b66f,
-        0x1f28949,0x1228d8f,0x11bbb56,0x0247a78,0x079d182 } },
-    /* 174 */
-    { { 0x09d5589,0x16ffc88,0x126468f,0x0805368,0x1ed52eb,0x1aa56fe,
-        0x074c2d2,0x0ce27d7,0x1a27bff,0x1c90a60,0x03d1813,0x1dcecfe,
-        0x084c817,0x01d2871,0x17e360f,0x0c46f75,0x1c99402,0x0e2ee01,
-        0x19991f0,0x12b0372,0x07f35f2,0x04c5034,0x042da82,0x0c68a2e,
-        0x07cec31,0x0c4573c,0x158b9d4,0x0003b74,0x02c3fb2,0x10d3a2f,
-        0x0555753,0x16cfa67,0x1cacdeb,0x021775f,0x1e72f1a,0x1743415,
-        0x1e88580,0x0c85159,0x1372141,0x1234f09,0x0731044 },
-      { 0x048d676,0x1166f93,0x0ac5132,0x0a9e362,0x1a85eca,0x0070f5c,
-        0x0b250a6,0x112373b,0x11ac8aa,0x1869b84,0x078657c,0x156f8e3,
-        0x1773072,0x17b81bc,0x1463208,0x0cfed74,0x014ac00,0x1d60487,
-        0x1734a49,0x19f8e11,0x1a630e6,0x1110f3e,0x13d6227,0x0e38f8c,
-        0x0a40b83,0x064da55,0x0a3de1e,0x1f3b57c,0x0caf3f1,0x16b5ec2,
-        0x04bde2b,0x13c1c3b,0x039dd07,0x0126e1e,0x17ec489,0x12d017c,
-        0x0bdc009,0x0d90a68,0x1153fd0,0x192a301,0x06a8f8f } },
-    /* 175 */
-    { { 0x1235132,0x0f6b1a9,0x022d8a8,0x02b3b75,0x1db233f,0x0f7eec0,
-        0x15148a4,0x15d0ac4,0x1b25111,0x1a8294b,0x006f631,0x15f23ae,
-        0x1db5921,0x0bba7a2,0x14175ca,0x0e7ff69,0x05ef18e,0x0371ea6,
-        0x066cc0e,0x1b30bf1,0x1558897,0x1de44d8,0x02a70c3,0x0263039,
-        0x0d1a34d,0x1071e49,0x08888cc,0x125d0d7,0x0eed022,0x0a6100e,
-        0x07f3c91,0x0b07e61,0x1a45f74,0x1e8d193,0x00b2b43,0x10eb4c2,
-        0x0b9c753,0x07a2e96,0x0ff5f6d,0x183b650,0x04752d8 },
-      { 0x1dff4d5,0x0b6756a,0x1fd1453,0x168b504,0x14cd5fd,0x0389af3,
-        0x098313f,0x11c20e1,0x01be577,0x1605dbc,0x11ac237,0x059ab1b,
-        0x16271e1,0x0a5e124,0x194226d,0x131596e,0x0636190,0x136ef96,
-        0x1d4a20c,0x1d758cc,0x0af1fd6,0x12e1284,0x1aa8b40,0x19f83e1,
-        0x0cda84d,0x1f009e1,0x0115442,0x18f06d5,0x0868011,0x14468d4,
-        0x114e411,0x15f5e4a,0x03132aa,0x05446b2,0x15dca0c,0x0092d0a,
-        0x0744b47,0x0a48e54,0x015495a,0x1e6ebf7,0x03a6518 } },
-    /* 176 */
-    { { 0x04042a0,0x076a811,0x079aaaa,0x0048a5e,0x0cb4e3b,0x0108ec3,
-        0x17d31da,0x07fdb94,0x1ef4d5d,0x107f1fc,0x151b953,0x0548a45,
-        0x1533a8e,0x18a233b,0x063887f,0x1a036b3,0x10ef592,0x08a4b62,
-        0x0e99dce,0x00985f0,0x1f00691,0x05a395d,0x0a19c2f,0x062ef7a,
-        0x083b250,0x1514754,0x15f49c4,0x0bb1780,0x19c994c,0x098bda1,
-        0x1fd07be,0x1b9b435,0x001d3a8,0x07b7dcc,0x1ad5c0e,0x01ad0dd,
-        0x1bfbf82,0x062e687,0x1605fa0,0x0c7db84,0x0540ac3 },
-      { 0x07f43df,0x0b4d4ff,0x19329c6,0x1058373,0x0665380,0x0e148bf,
-        0x1df6216,0x0095b2c,0x196aa44,0x1654aa2,0x0a5f6ae,0x0abffe2,
-        0x1e0e9d8,0x115753e,0x18625ec,0x07f1c3e,0x0fd36f1,0x1cb76e6,
-        0x1b88037,0x1a60e02,0x08a4627,0x1b64c4c,0x1ca7c1c,0x1e463a4,
-        0x05e6097,0x1a94af1,0x0fd8121,0x1efe443,0x19b299a,0x1304a00,
-        0x16759a0,0x04d6963,0x199de09,0x0ebd18e,0x1d986b3,0x13d88f9,
-        0x0ebe15e,0x14f959b,0x05d3d37,0x1d9f42d,0x017db32 } },
-    /* 177 */
-    { { 0x0f40599,0x1b48cb6,0x03a9d7b,0x1601804,0x1ea10df,0x157b3cb,
-        0x0b9eff2,0x0f07b4b,0x188ddd6,0x0b31e51,0x0f3f343,0x11fc4ab,
-        0x1e5a21f,0x11a25e3,0x10fd4e3,0x00c65d3,0x11d548e,0x09afb15,
-        0x0f1b993,0x1e484a8,0x1627654,0x13134c9,0x11d569e,0x1e82649,
-        0x1c5f7b0,0x079d1db,0x04e8860,0x0ad2fef,0x01675b0,0x0fd88f4,
-        0x1d5b3e1,0x1ca6851,0x13cdb35,0x1458136,0x16454b4,0x11c7542,
-        0x17a3fb7,0x03812af,0x11176a1,0x0374328,0x0460bd0 },
-      { 0x04d8077,0x06e11e1,0x14b2f0d,0x0098e41,0x02f4b58,0x0e8fff4,
-        0x0a445bd,0x1c5453b,0x092783c,0x1c57a90,0x012bcd5,0x03576b2,
-        0x10e29f5,0x1bd508c,0x115c35f,0x1bbe08d,0x1ba571b,0x0a52917,
-        0x1a26ed4,0x1c540d5,0x044dbf4,0x062cf9a,0x1e66cd7,0x1984aae,
-        0x0836726,0x0bbe181,0x16bf3b0,0x0949d30,0x16cbd09,0x1ee5be1,
-        0x1deb6bd,0x0eba720,0x131b787,0x1125e76,0x013cb4f,0x16a5ad2,
-        0x1f95421,0x0513348,0x01e3717,0x0782e69,0x07d342c } },
-    /* 178 */
-    { { 0x1fd127f,0x1960508,0x117b973,0x10233c9,0x06d36bb,0x1ab561b,
-        0x0c949bb,0x0eac435,0x0e54306,0x067f577,0x1a5864c,0x0fa5587,
-        0x112ede2,0x1c7e733,0x04d44eb,0x0987ac8,0x01b075f,0x030ace3,
-        0x041a766,0x0fdfd2b,0x0ea9d44,0x14753b5,0x0be35bd,0x0b7a2c9,
-        0x1c61b0f,0x1cc562e,0x187a22e,0x175688d,0x092320d,0x058b0dd,
-        0x195862e,0x0f13130,0x0eafb3c,0x1bf4150,0x130b022,0x1618f57,
-        0x00d160b,0x184db71,0x18e9c43,0x14d1c98,0x05be0af },
-      { 0x1bbf49c,0x1b69c0d,0x0ffa0aa,0x13180e0,0x1e09ce4,0x07a1319,
-        0x02d7784,0x065d94b,0x1da5a45,0x0e632c0,0x03dedf6,0x10edec3,
-        0x0707e18,0x1287bff,0x066978c,0x10d7c08,0x090de6b,0x0dd8d4f,
-        0x1cd645a,0x14fbd66,0x1b2c584,0x04a8a4e,0x0e3acd2,0x1d75770,
-        0x06a33b0,0x1490a2a,0x030be22,0x00cfe16,0x0db0190,0x0ff3851,
-        0x0faf783,0x18c7cde,0x051b06c,0x037d6dd,0x1ee7a48,0x1543224,
-        0x1e80dc0,0x15af43f,0x0c2bb93,0x1eba9bc,0x01e6fcc } },
-    /* 179 */
-    { { 0x08ac924,0x0ffb355,0x0fa2d5f,0x0385316,0x06e9ad3,0x1d84060,
-        0x18ca597,0x07fa281,0x11d95c9,0x0d5908e,0x0032a9f,0x1085143,
-        0x096d68d,0x1106f6b,0x04a5022,0x08c3e35,0x15338df,0x1540a8b,
-        0x03aba4c,0x0c095cc,0x0c0bff5,0x04bed72,0x0406e79,0x04c5d13,
-        0x1a97fde,0x0c1a2b9,0x13c4212,0x1ad3b34,0x124f1de,0x0117b23,
-        0x17e3fe8,0x1d50b42,0x1f1c2e4,0x09bca6a,0x13a4051,0x1a98c4d,
-        0x1f0907d,0x02066b5,0x0a0de01,0x0c2bbb5,0x04522d4 },
-      { 0x1fbe7c5,0x0f83cf5,0x111a225,0x1b09de6,0x10ea1de,0x10d5cb1,
-        0x07adb52,0x0d0e2d5,0x050a30c,0x1252e91,0x0eeea86,0x0638008,
-        0x155a166,0x080872f,0x041d409,0x00aad7a,0x09d3d8c,0x0dfff1f,
-        0x1ddc906,0x0616300,0x029731b,0x18425c1,0x043fdfb,0x0343187,
-        0x17d75f2,0x07c0061,0x15596ee,0x11a14c6,0x03bceb1,0x0d1522f,
-        0x036eb07,0x047e161,0x038e90c,0x02d628e,0x0a897ef,0x0de3743,
-        0x1da71fc,0x0a92b5e,0x102e827,0x152dafc,0x0346501 } },
-    /* 180 */
-    { { 0x02b0f1d,0x1224666,0x1c0e1af,0x1358986,0x03eb45c,0x04b5dff,
-        0x1d9767f,0x1b4a70f,0x15ae27f,0x179e274,0x0602273,0x0eec378,
-        0x01a008f,0x11650c5,0x1d28210,0x066e3e6,0x04253b7,0x0774414,
-        0x13024d5,0x1f8db0f,0x0d6bcb6,0x0db0a4b,0x01227b0,0x1c64b89,
-        0x029b949,0x0b35496,0x09ef7b0,0x0b8d94a,0x0a28131,0x07776e7,
-        0x13e5511,0x074422a,0x0683eb3,0x030e79a,0x1e634e4,0x171f64d,
-        0x06c940b,0x1845540,0x125b70e,0x19fcaa9,0x07c1d42 },
-      { 0x0110aa7,0x1381fee,0x0de1d9b,0x0fe6c5c,0x0b7b79d,0x16e51e5,
-        0x11d756a,0x0e7a4b3,0x160be33,0x137653c,0x13a3fca,0x14960d8,
-        0x1ff4744,0x19db82d,0x010b33b,0x096a765,0x1aaae30,0x00d1d7a,
-        0x0cb4c6e,0x1f44023,0x08d97bb,0x1d25f74,0x112e9ba,0x0b97073,
-        0x165ce56,0x074169a,0x1b6bdfb,0x09010d2,0x1597452,0x0673f34,
-        0x0dcb1f3,0x1d29f30,0x1d6eb3c,0x0d19377,0x133ce04,0x0c14676,
-        0x1ffa93a,0x101fa1f,0x0764050,0x050e786,0x0031e98 } },
-    /* 181 */
-    { { 0x05a17ff,0x1f67e3b,0x09953fb,0x11a2521,0x009f388,0x06d01c5,
-        0x1711a4e,0x08d7e4c,0x1a169ad,0x1db0a2e,0x18bfa12,0x0428474,
-        0x0533cf8,0x15e4305,0x0b7d5c6,0x07188ac,0x0fa815c,0x0df9548,
-        0x1fb6a1d,0x143adc2,0x05e145b,0x0d4a37d,0x1e67620,0x01eb476,
-        0x1e784b9,0x095360d,0x12c43fd,0x122146f,0x14fd360,0x0ff2527,
-        0x0830e30,0x11c5a77,0x1180fc5,0x130c3e1,0x0142c5e,0x047c5fe,
-        0x143a35c,0x0002cdc,0x11470e8,0x08b4519,0x0494d36 },
-      { 0x1a021f8,0x0135b25,0x0db0e61,0x06f2dbd,0x114c908,0x1b63b16,
-        0x14e55f8,0x02cda5c,0x0751cf2,0x1aab765,0x0928663,0x1c00336,
-        0x0edaca1,0x0590615,0x021f691,0x14e668f,0x0cdff41,0x1c9f6a6,
-        0x11f0335,0x02f888b,0x10098d7,0x0548dfb,0x131218d,0x0b3775f,
-        0x146f93b,0x18ad0f8,0x0795893,0x1a71767,0x1f8443d,0x0d56981,
-        0x1f25b50,0x097e209,0x1670f03,0x032c135,0x07b4a5c,0x0a0a07f,
-        0x134200f,0x070fa3d,0x11bcdda,0x0bd77a9,0x03cfdcc } },
-    /* 182 */
-    { { 0x123e13d,0x015435a,0x02814db,0x105241a,0x1014a45,0x0b894b0,
-        0x0d1e39d,0x1d47aa5,0x07eb51b,0x0ba3033,0x03a4641,0x10c30f6,
-        0x08709f7,0x1434447,0x02bb621,0x1f9a805,0x1d7d94a,0x1bcd404,
-        0x084a6bc,0x0c065fc,0x008250c,0x194c1e2,0x1d792f9,0x1677d1c,
-        0x11bbb7a,0x1944c19,0x12d8631,0x0634065,0x19c4a4d,0x02d09fa,
-        0x188db76,0x1da9ec3,0x1ece345,0x18b8aed,0x1334795,0x0f74f55,
-        0x04a1ebd,0x062c6d3,0x1ba844e,0x01e7a35,0x089296d },
-      { 0x0a82c97,0x09447e6,0x0372c59,0x1a284fd,0x06c6c12,0x1f6ed49,
-        0x13c1d30,0x17ccd52,0x0eaa01e,0x030070f,0x17a1b65,0x1cf861e,
-        0x1114abc,0x05a2b51,0x075c083,0x08584e8,0x013279f,0x05582d5,
-        0x108e11a,0x0c1f5fa,0x19e670b,0x0098c69,0x0863bfb,0x0416631,
-        0x1f1ac89,0x101f583,0x0360e67,0x03c7975,0x01a3010,0x09971e4,
-        0x16197e2,0x1998ccf,0x08bca7d,0x0303e57,0x19e689a,0x199dc35,
-        0x0ac0a12,0x0173266,0x13150c6,0x1ee5634,0x09233a2 } },
-    /* 183 */
-    { { 0x0cbee17,0x146fb05,0x1371c5f,0x04b849f,0x0f0959c,0x07fe580,
-        0x0621f95,0x0d68de1,0x0d28511,0x0c9ef65,0x07e946e,0x09f1774,
-        0x1e0bfaa,0x08790c1,0x04927bf,0x0eef339,0x1589684,0x0fc9e59,
-        0x0c8b508,0x17f6fe4,0x1009284,0x0d6a157,0x10331c2,0x163ac2a,
-        0x122749b,0x035634f,0x09c5f0f,0x0dea167,0x1c5eeb7,0x14c2ddc,
-        0x17e2c87,0x148f076,0x0fb19ae,0x0e1f3ac,0x0e6d4b8,0x100990d,
-        0x12971ac,0x12c8497,0x00a46b2,0x0d243db,0x02bb26a },
-      { 0x1f81416,0x1a21a8a,0x0ed2628,0x0f55feb,0x086e72e,0x0b930e0,
-        0x193780c,0x1fc7a3e,0x05c0a1c,0x0e03c36,0x00d004c,0x09b166d,
-        0x0d542ea,0x0d1cda6,0x1dc9ce8,0x04fe25e,0x0e1cbef,0x00a7f3f,
-        0x1aec9f7,0x1f813c2,0x1dc7ee7,0x0ba0872,0x1037330,0x08767bb,
-        0x0674219,0x0dbd1a3,0x00fcc70,0x052696c,0x0c10709,0x0f6ce11,
-        0x1ac061b,0x0f33f2c,0x17ee8ba,0x18449d1,0x12d0926,0x1c1e77f,
-        0x0e92d4d,0x130a239,0x1ac22eb,0x1f1c32d,0x0937cb3 } },
-    /* 184 */
-    { { 0x0fbfdce,0x073be0b,0x13015f0,0x13931a9,0x0a034cc,0x0b96907,
-        0x1b5c909,0x079cec0,0x00019a8,0x030daae,0x05c58a6,0x1007e2b,
-        0x1b80ba2,0x02d07eb,0x1050774,0x155441e,0x13b4b0d,0x04432c8,
-        0x08e123b,0x10ae8d5,0x05d2e66,0x0d1f024,0x05b4569,0x0d20bba,
-        0x0c7743b,0x15d40e0,0x16062bc,0x1d8636f,0x174b78c,0x18ca695,
-        0x0a20363,0x0a87c5e,0x0659db2,0x03e0e65,0x09f67ec,0x0063707,
-        0x1f1048c,0x09bfee0,0x1a84619,0x00ef0b0,0x04d57bb },
-      { 0x1b396b6,0x1bb4529,0x16b2f12,0x09276a3,0x1c8b24c,0x0570d9d,
-        0x047ae8c,0x18a67ca,0x1945147,0x09ddeca,0x1f8f3a2,0x00622f3,
-        0x146cc86,0x1fc905e,0x0c2859c,0x0c2c069,0x0eb6b25,0x1d99489,
-        0x145a360,0x1345493,0x1128bc6,0x1d7786e,0x0d25279,0x04d33c3,
-        0x1419a87,0x1b59309,0x1efc84d,0x0d8b08e,0x1971470,0x0c84d27,
-        0x17f956c,0x0f736e8,0x1d6eb75,0x19e42b1,0x0ca4237,0x076a6cb,
-        0x15fcfae,0x12bf21a,0x0aaa038,0x0312f3e,0x01067c1 } },
-    /* 185 */
-    { { 0x0bf8883,0x0a84219,0x199f211,0x14dfa0c,0x0755286,0x0119aea,
-        0x03e3ddf,0x129ae16,0x02f4a2c,0x1c7306d,0x02b3d59,0x1159a23,
-        0x19a468d,0x1fadc86,0x04e0c2e,0x122099d,0x074ed4e,0x075258e,
-        0x1dddba9,0x0e62da4,0x0b12ac6,0x0e1b0dd,0x0e62b5d,0x02448a3,
-        0x1d48299,0x1d76191,0x014c290,0x0c88044,0x12d5a52,0x0997194,
-        0x0f0e911,0x0bfd9e3,0x148694b,0x1dc5c6d,0x05bb199,0x1dc9c0a,
-        0x04306ad,0x152cafd,0x05c96ce,0x123e69d,0x07e4f70 },
-      { 0x1f70919,0x00b74db,0x0fd4fce,0x1a2d600,0x165216e,0x064cf2b,
-        0x13fd1de,0x0208d8d,0x030a518,0x152d5f4,0x1ca36f9,0x13cc8bc,
-        0x16ef6f4,0x056677e,0x175cfab,0x1e7eedf,0x06f8c37,0x1f61ca7,
-        0x1901ff0,0x0410056,0x1cbd733,0x1d4b312,0x0623a3d,0x157f601,
-        0x123637c,0x0cd4194,0x1d01fcd,0x0b1753b,0x1fae502,0x1772e65,
-        0x04ffc06,0x1fc4a30,0x1eaeace,0x0e5d0fd,0x05860fc,0x0b38d3e,
-        0x1eadcdb,0x162c56c,0x1a2f544,0x1a8d999,0x02ae49c } },
-    /* 186 */
-    { { 0x00849f2,0x0d871e2,0x063048e,0x1b48821,0x1136a4c,0x03fb24a,
-        0x16a6795,0x18cc2a6,0x07a9bba,0x1725ee2,0x11ebda4,0x0c8ca6a,
-        0x0a195a1,0x05a3d3a,0x1b2cc66,0x145650b,0x1fc9de6,0x093c2a9,
-        0x18ae94b,0x1807141,0x1a93471,0x041ade5,0x04ae86e,0x063d944,
-        0x150da6f,0x1636a5f,0x1a00acc,0x028dc7e,0x04c8c4d,0x00989e3,
-        0x05c3270,0x1dda425,0x130f12d,0x02987d6,0x1fee71a,0x0336eb7,
-        0x0918de5,0x00569f4,0x1c6dc8f,0x0a54e6e,0x0180e9d },
-      { 0x1ab77b0,0x12a1794,0x18a30c5,0x19ef5dc,0x1d411d9,0x1e17a06,
-        0x01a14d4,0x19e0898,0x04b0ae4,0x1c6e3f2,0x1099bd8,0x030b2bf,
-        0x1da0924,0x1e97f5b,0x07699c7,0x12f30c7,0x0d55ea3,0x12b42c7,
-        0x03ce0ca,0x129e62b,0x18317a6,0x03698b6,0x0a508cf,0x146b4f7,
-        0x0cb2630,0x09d97e5,0x17c7fdc,0x1df1efb,0x0ee2f3f,0x0292acf,
-        0x12a2e6d,0x02ada0c,0x1b4f91b,0x07e7e68,0x1b08bd7,0x022ef0c,
-        0x1777eb4,0x1e12b31,0x016d04a,0x079b157,0x021ca6f } },
-    /* 187 */
-    { { 0x1e66635,0x11589d1,0x1abc385,0x16553ee,0x1ef20a2,0x0d99ab0,
-        0x0e8c11b,0x11b568e,0x17802bb,0x0205ebb,0x06d1302,0x1ebd4d3,
-        0x115b6ba,0x0d9103f,0x1846400,0x0020b8d,0x0a9790b,0x072ef0b,
-        0x0d9fc01,0x025e2bb,0x1d2522b,0x02c5012,0x0617eb5,0x0142284,
-        0x16953df,0x0605e67,0x0fd140d,0x1884253,0x077bff4,0x02000e1,
-        0x0603dd0,0x050153c,0x0440b4c,0x1515a37,0x03d610a,0x1eecfbd,
-        0x05e8d94,0x11055c0,0x1d8d4f7,0x0b24044,0x05aff58 },
-      { 0x0458e40,0x1669054,0x0af6016,0x10292e6,0x1a5557d,0x0e5396a,
-        0x104c57c,0x0478e0e,0x0952b53,0x197134e,0x13eb7df,0x0aacc92,
-        0x065c592,0x0d3e933,0x0edeb34,0x050ca2a,0x03d86fe,0x1d36f83,
-        0x1f54eda,0x03b626a,0x0d011e9,0x04f49f5,0x04656ee,0x0c77fcd,
-        0x1e1af29,0x0431eb8,0x0a209e2,0x1565738,0x059b6ff,0x13491dc,
-        0x145de0d,0x1ee053b,0x0695174,0x022b0b7,0x01d9ee6,0x138f30f,
-        0x1907d84,0x1da78ea,0x0a5dd93,0x03911b1,0x03eab7e } },
-    /* 188 */
-    { { 0x0e5718b,0x14a5b29,0x07a71ce,0x09e99dc,0x03aefa5,0x1f76f57,
-        0x0798d54,0x034ca9d,0x15f3aca,0x12a0f0d,0x00cc5bc,0x09121a1,
-        0x0ed7129,0x1dbfca8,0x196bd8f,0x07c94f2,0x00dc74e,0x06c7e4f,
-        0x0bde7af,0x1c91a5d,0x07e6b4e,0x1545bbc,0x09162a1,0x199d5e1,
-        0x1621ff7,0x006ec63,0x1f7d9e6,0x0451ddf,0x1067278,0x03a17c8,
-        0x0a48435,0x160fc6c,0x1f63501,0x0f14ec8,0x0719e5c,0x0a882ec,
-        0x03a3b8a,0x06632f8,0x0551303,0x09e71c1,0x03491da },
-      { 0x1062eae,0x1682365,0x1db59c1,0x0aba10e,0x0e7db73,0x118ae97,
-        0x00148a4,0x1b701bd,0x0c402bb,0x03c2b31,0x14ccdd0,0x04b84dd,
-        0x135f935,0x1eab476,0x1a85359,0x1163cd9,0x1896688,0x0c8b508,
-        0x171c59d,0x1aa40ab,0x1df20fb,0x1bf22ba,0x00cf441,0x012466b,
-        0x1100aec,0x1c4a749,0x05b3614,0x1f3c3a0,0x0263682,0x1b92a19,
-        0x15fbaf4,0x037499f,0x01d172b,0x02c1c20,0x0e755d3,0x1c6efb5,
-        0x00d517d,0x1534ac4,0x16862ba,0x1fad5a2,0x00c843d } },
-    /* 189 */
-    { { 0x1373300,0x008ffe4,0x0c01156,0x1533fb8,0x1c39332,0x1e5b2a8,
-        0x0e070d4,0x04fc337,0x096a83d,0x1a5c925,0x18fc69d,0x1f9765d,
-        0x07cbfc8,0x0086ab6,0x09e3b10,0x15ef35e,0x02fe0ab,0x1b7ef34,
-        0x0ce6baf,0x0da0e4e,0x1db6756,0x0eb8902,0x0f4d6b5,0x0a393a1,
-        0x1e69470,0x13e5add,0x034e8c1,0x0efb690,0x0d75305,0x1faa2b9,
-        0x0f4b1c3,0x1c0db0a,0x0615aec,0x1fdaef4,0x132c16a,0x0ee3333,
-        0x0a0a8ed,0x17e4b5f,0x17da7bb,0x13a6bed,0x02dcc46 },
-      { 0x05f0e77,0x1668363,0x052b329,0x017ae36,0x1dcc798,0x09e6006,
-        0x07e2cf2,0x0af6c44,0x1ae8cbf,0x0fe6ad9,0x0398ff7,0x0e7eedf,
-        0x17bc929,0x0370995,0x01228d0,0x193c5d3,0x003d51e,0x12662cd,
-        0x08cc206,0x1a65767,0x066b9c9,0x0940742,0x0004841,0x17ce52a,
-        0x0032a1b,0x0246158,0x08924e1,0x17f8cae,0x1ba0ffd,0x10675b5,
-        0x00ba5ca,0x1815290,0x00c0a4f,0x0c5e3fb,0x0731667,0x11ec588,
-        0x112da0b,0x064b771,0x1e7f208,0x1b79b7b,0x05a1a65 } },
-    /* 190 */
-    { { 0x0485684,0x1348d21,0x0326fee,0x125388e,0x013116b,0x15028cb,
-        0x065c798,0x1b56960,0x05ff499,0x1922d53,0x0e3bffc,0x0fe94a4,
-        0x15c2ef8,0x064eaa8,0x1b71aeb,0x1595982,0x07e2dbd,0x1ad3f91,
-        0x06eebb2,0x1b55895,0x18858de,0x16973e4,0x1fcc229,0x112ab27,
-        0x12fc2e6,0x108a637,0x145df81,0x0cabe50,0x0b1bee3,0x0683180,
-        0x15298fa,0x02782f6,0x0d0ce79,0x1a1315f,0x18d7125,0x0f94957,
-        0x1c4e403,0x1a250bd,0x1ef67d2,0x133dfcb,0x05ae950 },
-      { 0x04f7455,0x12f73c0,0x1a0848b,0x0e440cc,0x141a499,0x0af1999,
-        0x130c5de,0x1db2fa4,0x0e48efc,0x17a091e,0x0f08704,0x1b2433f,
-        0x0ee8738,0x0331d1d,0x0ef7184,0x14db776,0x0c28593,0x09b01ec,
-        0x0f06b1d,0x044fe5c,0x0519926,0x002f557,0x1faa4ab,0x0d02559,
-        0x16f0bfd,0x16e2dac,0x13f0aa0,0x19cfd08,0x122b273,0x040d31a,
-        0x054e101,0x0a50cf1,0x16088b1,0x0434441,0x1f30996,0x1843ff6,
-        0x0f4a7ca,0x1198b09,0x14a6032,0x0fd47db,0x0411066 } },
-    /* 191 */
-    { { 0x0d04b63,0x181abe1,0x0862060,0x1be9253,0x1fc5a34,0x08caef9,
-        0x1db688b,0x0e78e77,0x1cb4324,0x06f97c4,0x1fc4e05,0x1cb9d32,
-        0x14345af,0x05cb027,0x18fd7e6,0x015cbb1,0x0e950c1,0x1d6bca1,
-        0x1b497fc,0x1aa88fd,0x00cccef,0x0f0739e,0x0fda394,0x0a9f499,
-        0x0d591ab,0x0462d8d,0x144ad87,0x1778220,0x0bf7608,0x1489dad,
-        0x126ee4c,0x003cf2c,0x11231be,0x065f3ed,0x1a44103,0x13a1507,
-        0x10a96db,0x0f2137c,0x047a8f7,0x08a69be,0x01cceb6 },
-      { 0x06d0f55,0x0862786,0x1274b48,0x1738ce7,0x0cadf61,0x071fddb,
-        0x06466a7,0x1c9baff,0x093b063,0x1afa4a6,0x0a4ef84,0x167828b,
-        0x1c580bd,0x07a977b,0x01c8cc8,0x176d49b,0x0e88814,0x13a6c3b,
-        0x1ea5f7b,0x1ee4758,0x18334f6,0x181f1e6,0x1f78ae3,0x0e404e0,
-        0x0f082ae,0x03730b1,0x1377e92,0x111d85a,0x1a17c6e,0x042cc69,
-        0x06b6597,0x073002e,0x0e59e54,0x1b59131,0x0176efb,0x06156c5,
-        0x0d48b20,0x1a28caa,0x17a8cf3,0x0669d44,0x01f1752 } },
-    /* 192 */
-    { { 0x067ea91,0x13b2d9a,0x1116022,0x1dfa5b3,0x1f4632e,0x195e379,
-        0x171b673,0x15cf6eb,0x0359813,0x1e46920,0x12f637b,0x0413c89,
-        0x0223ecb,0x10a92b1,0x0e8438c,0x1c334b3,0x1343f1e,0x1fd0a6c,
-        0x0c3123d,0x0f8437f,0x1437df9,0x0875186,0x11398a2,0x028eb85,
-        0x0e2a465,0x152d943,0x104999c,0x123e03c,0x0ab3b82,0x0d2e18d,
-        0x1b271bf,0x1c2fa45,0x1277a5a,0x185d6db,0x160e453,0x037b11d,
-        0x0a2392e,0x182e8db,0x0f0af42,0x120cb12,0x04cb8af },
-      { 0x14b1953,0x0102bdd,0x1bba8ac,0x09eb2fe,0x0ce08b4,0x1209642,
-        0x1766d79,0x0330a9e,0x1b3cd49,0x0899316,0x0aed746,0x05c8dc8,
-        0x0090276,0x0bc73fb,0x157239b,0x182d906,0x02438b6,0x0477d54,
-        0x1543d86,0x0e6f21c,0x178ed01,0x1172beb,0x0462bd1,0x0b68e28,
-        0x0d5e871,0x07cd0b5,0x0d077a9,0x000b2d8,0x0ca6109,0x1e19140,
-        0x084aa55,0x06e98cb,0x1aee800,0x0020a17,0x049d402,0x03b620a,
-        0x1f080fa,0x0edc98f,0x1e3f230,0x04baf30,0x0486a5c } },
-    /* 193 */
-    { { 0x01b4f36,0x0f109ca,0x13e4148,0x09f0076,0x1aacfb1,0x12a5d45,
-        0x188b94a,0x0d9fbe3,0x08fe479,0x07d5ddd,0x0eb2dab,0x11b6b1b,
-        0x11ae078,0x00cefd2,0x0635cdb,0x02dddbf,0x06a35a7,0x18aae14,
-        0x1219186,0x1a8ced3,0x0a5ebe7,0x07b1d32,0x142d8e0,0x0c124c4,
-        0x019149f,0x0d98a5a,0x028b7f1,0x12334fa,0x1466ac0,0x0d2ae77,
-        0x1b31153,0x0d30d55,0x1fa4a24,0x04e76c9,0x05c5c69,0x1aa1216,
-        0x01fa75a,0x178eb66,0x1015180,0x112f1c9,0x05d269f },
-      { 0x0920419,0x001860a,0x1ce4e9d,0x11212d0,0x0845d86,0x1b87d30,
-        0x05313ba,0x1970373,0x1d9fc5b,0x1e55036,0x1e3cb6a,0x084feb1,
-        0x0a06539,0x18ee295,0x1217d9e,0x037546b,0x1722c91,0x02d3ec6,
-        0x1b0b60d,0x0200b95,0x1347404,0x023d472,0x0d61a29,0x1ca2587,
-        0x0180b8d,0x0758277,0x148445a,0x1b54cdc,0x17cd8a4,0x0ed5918,
-        0x1db02f5,0x0c22c9b,0x1d4185d,0x16be4d0,0x089876e,0x0759db9,
-        0x09b0268,0x125ad60,0x1543c3f,0x0b44db2,0x08ac999 } },
-    /* 194 */
-    { { 0x040a39d,0x06e4d93,0x07e6cb2,0x11dbc19,0x01ff0b3,0x165d051,
-        0x1a6f687,0x02ee9e8,0x1080d04,0x1481666,0x0518122,0x1465e93,
-        0x15e956f,0x0bbb558,0x03e173e,0x1e92469,0x0ee0066,0x1e10fe3,
-        0x1bbbcd9,0x03d7fdf,0x05ed35b,0x0e2309f,0x1e01160,0x0d740e2,
-        0x1e8e6ea,0x1f6e5ef,0x0a5435c,0x1bf9546,0x048889d,0x1c9b0ed,
-        0x14725d1,0x1b75ff7,0x0867c8c,0x17573e7,0x0c7c72e,0x11a4ce8,
-        0x097912c,0x12a822c,0x07935a0,0x1b9afd4,0x00c7c1d },
-      { 0x0e963a7,0x118660e,0x0b794ea,0x19898bf,0x1352f64,0x1457dfb,
-        0x08be0a0,0x00e5735,0x0ca2121,0x0139e2b,0x15db719,0x0ca90b4,
-        0x1caadd7,0x085ae3b,0x05ab0fa,0x1e736c3,0x09fd1aa,0x0106a1f,
-        0x14172f1,0x1240c59,0x12fdfc3,0x192607f,0x05058e1,0x1d043cc,
-        0x0b8d82a,0x1f86799,0x0cfe9e8,0x1eb1f28,0x04ca925,0x0e96fb2,
-        0x17ebafc,0x032314e,0x0061563,0x1b08c06,0x17b5ae1,0x02f3136,
-        0x0d41244,0x1a1222d,0x0ceaefc,0x15c3bec,0x024ffc9 } },
-    /* 195 */
-    { { 0x1c7cb2b,0x06e02c9,0x0fee27f,0x0ab200a,0x01243b9,0x011a1e6,
-        0x1af3d86,0x0c6c03b,0x166c18a,0x122a377,0x04ca1cd,0x0e03d92,
-        0x11a5290,0x1cbc461,0x16e009b,0x1efaf86,0x02a92d1,0x04295c3,
-        0x0a9e5ca,0x13960a1,0x0005180,0x1e51e59,0x025f519,0x1eb728d,
-        0x077c09e,0x0c27906,0x0bc8906,0x066e588,0x1bb206c,0x1f06f9a,
-        0x0d76814,0x1538281,0x026c6d0,0x17d99de,0x10332d5,0x10c39f9,
-        0x099b396,0x1e7cf79,0x06e9070,0x1a280c4,0x089e4d3 },
-      { 0x05a9be3,0x14073d2,0x1ef74d7,0x100e6ad,0x04daa57,0x13de17e,
-        0x158bae5,0x1c6030d,0x047cd16,0x18133cf,0x033a6e9,0x1804be6,
-        0x10ca2f1,0x0fc327a,0x0816d18,0x03acde2,0x1978506,0x13feb6b,
-        0x0822027,0x1b89ed1,0x1ae247e,0x04cd269,0x176b011,0x03f3b50,
-        0x0664a6d,0x138fc22,0x135ea0e,0x1e619d0,0x0c33f19,0x15d6755,
-        0x0afa4e0,0x1290c45,0x1033831,0x00f590f,0x12ebdda,0x0f606f4,
-        0x19a1b5c,0x0b54844,0x143ef45,0x0dfcde3,0x0675d3e } },
-    /* 196 */
-    { { 0x07193e5,0x13ffeb8,0x039765d,0x030206b,0x0478aa9,0x06c77bf,
-        0x1e7fcca,0x14eac69,0x06dbbd9,0x09d0774,0x055a1a4,0x12d0fc4,
-        0x18379b2,0x04eced1,0x0fd042a,0x069a520,0x1b91b13,0x0ecfc6b,
-        0x160bbed,0x0e84537,0x07789fe,0x111c01e,0x16d5a2d,0x1a4a689,
-        0x1a350d3,0x1f449f4,0x01c9125,0x0b386b6,0x09e23b5,0x0a1b50b,
-        0x1a711cb,0x198b698,0x1864632,0x1fa9884,0x16760f1,0x113edae,
-        0x1e49788,0x0e78ed8,0x0692ea4,0x1fcc15e,0x05f7f92 },
-      { 0x145167e,0x10e6302,0x0383c62,0x055ff51,0x15ee2e0,0x153de7a,
-        0x1fd450c,0x0cc499b,0x0a75108,0x1c16d21,0x046bddc,0x023e80a,
-        0x03e894c,0x15578a1,0x13938c4,0x1a55d54,0x0f0f63d,0x0c61e9b,
-        0x1d9818d,0x192aa1a,0x1eabfc5,0x189bf53,0x00494dc,0x172a1ec,
-        0x0d59839,0x021152e,0x050398d,0x0b41ec0,0x0c70459,0x11c7795,
-        0x1ce4178,0x088d61e,0x0bacc0e,0x02bc522,0x01bb112,0x0699a84,
-        0x05bd780,0x1d8d555,0x11634d9,0x1b21456,0x025bece } },
-    /* 197 */
-    { { 0x033a8fb,0x139c106,0x10741e6,0x021e4bb,0x0fbf6cd,0x0a415b6,
-        0x1cfe31b,0x0949ff8,0x007bf84,0x128f8c6,0x058bc0f,0x046cb32,
-        0x11a7651,0x0a009c0,0x1669d38,0x0314158,0x065e550,0x0cabd34,
-        0x0f2826c,0x18a37bc,0x053fe1e,0x19d4b01,0x0f031fa,0x1c07f09,
-        0x1fd147d,0x184f41d,0x054bef6,0x00a81da,0x015ec1c,0x176ee75,
-        0x01dae94,0x0964c26,0x1d30ed5,0x0b90379,0x0ba3a0e,0x1537af7,
-        0x096373a,0x06c3490,0x0fd8fc8,0x0978761,0x00a616a },
-      { 0x01339c9,0x0f9f6b7,0x029881d,0x057f160,0x1afaa07,0x06cda3b,
-        0x1b20af3,0x18fbf5f,0x100ca54,0x1898ac7,0x10c6b91,0x05e2717,
-        0x0a44910,0x1886fe4,0x063c560,0x0a9a95f,0x07559e9,0x064f790,
-        0x149e831,0x0435f38,0x0023e80,0x1bbd0c9,0x1ba0049,0x16046ee,
-        0x1538c7f,0x0a8b1af,0x1fa327a,0x1be32e9,0x0c90975,0x1d768ae,
-        0x1700a1f,0x1ef4a22,0x00728f0,0x0311efd,0x0f983eb,0x1321b7f,
-        0x0311ba0,0x0a07ea0,0x11932a3,0x09c0f8c,0x0876d15 } },
-    /* 198 */
-    { { 0x0d3ea8a,0x06b6961,0x003b4e9,0x175084c,0x16be681,0x0383391,
-        0x0403790,0x0f78a7e,0x06a7d7a,0x1f2db7f,0x186a0f8,0x09f2bab,
-        0x0a6e699,0x1b04be1,0x12b3489,0x020220f,0x1baa679,0x0096cc6,
-        0x00b8389,0x1888c22,0x072addf,0x016a499,0x120576f,0x086cd2c,
-        0x0e64ba9,0x1c83f1c,0x08cacaf,0x12c1d63,0x08e28b4,0x1a92ec9,
-        0x07b6915,0x0540ef9,0x0f75b39,0x10e8039,0x12edff5,0x0c4eec1,
-        0x0f4b145,0x11ae8d8,0x05c02bc,0x077ceda,0x03040c2 },
-      { 0x0fa9a70,0x0e2ada7,0x1842c43,0x1ea7d0c,0x14de414,0x1c513fe,
-        0x1044c27,0x0787b2b,0x106661d,0x02884d2,0x0d44f94,0x1294c1d,
-        0x0bcaa29,0x0f3e99c,0x19054dc,0x1ce3e7d,0x1fc4651,0x027e8a2,
-        0x0f0c4ed,0x17f0719,0x015051b,0x1c0f5c9,0x0c0e781,0x17eb58f,
-        0x16b4414,0x0467434,0x022f835,0x1acce31,0x0f2b6f2,0x197aeec,
-        0x02afa4e,0x1d714ff,0x1dfd1e7,0x1a8e2e0,0x176643d,0x1d0c567,
-        0x032a74b,0x18d6ac5,0x126887a,0x1343d77,0x05486d7 } },
-    /* 199 */
-    { { 0x1359e13,0x11a7fd0,0x01472cb,0x1e5032c,0x002d8db,0x0b25af1,
-        0x008f48d,0x025d2bc,0x042f6ac,0x189a05b,0x0dc977e,0x10a56ca,
-        0x0d543ba,0x0692335,0x0bb735a,0x0e51703,0x024547c,0x0dfbc01,
-        0x15a7ed9,0x1f14232,0x0ec9559,0x116fd91,0x1416de9,0x1dabca4,
-        0x075409e,0x1888388,0x00a67db,0x1913251,0x16f8c79,0x09309ed,
-        0x0a69f5a,0x16794f3,0x0eb7fb3,0x0b05818,0x0ee3ec8,0x1595733,
-        0x128b409,0x0092b46,0x17e2f48,0x01eb588,0x0380f1b },
-      { 0x0a0068f,0x0cf35f3,0x1d4f02e,0x15914e6,0x0b67cf2,0x1d75be2,
-        0x09522cb,0x1874d93,0x1340260,0x1a0bfcc,0x1dce79f,0x10ab981,
-        0x1a8ee56,0x1c04a4e,0x02d443d,0x0ddffe1,0x1c28d5c,0x1d8bb87,
-        0x165a9ee,0x0b57ddf,0x1a2ab4f,0x1b79332,0x081ec44,0x003b9f3,
-        0x180a4b6,0x06317d9,0x1058afb,0x19006c2,0x0b83b3c,0x1dcb773,
-        0x1acd263,0x15182fd,0x09b0fd6,0x1f7e175,0x16ea85d,0x1cb0696,
-        0x1b110b3,0x08227aa,0x0a17a4a,0x1dbd7ae,0x04abedd } },
-    /* 200 */
-    { { 0x00ef376,0x0f0dcb8,0x0ffccd5,0x14cd9b5,0x156e5d9,0x143b236,
-        0x095d51f,0x0d367b8,0x000f793,0x07a25c5,0x14b8a4a,0x163d418,
-        0x1208c32,0x1b94d9c,0x1e37848,0x0473ab4,0x19ab26d,0x1a0c228,
-        0x033929a,0x0d696fc,0x09f923f,0x0556595,0x08d7dbe,0x00c94b2,
-        0x1c454e2,0x1175dc5,0x106fcc1,0x0fdfa06,0x1ff6f93,0x141dca6,
-        0x019aeb1,0x1154ff4,0x1364b1e,0x19ba2e1,0x1cab382,0x1e0c2ce,
-        0x11e3fb0,0x1846846,0x0cb4d1b,0x16631c2,0x06a20ab },
-      { 0x085cbc7,0x1880b35,0x0a9faa0,0x0d269f3,0x1099094,0x1c78d9e,
-        0x042239d,0x1338442,0x12247b7,0x1527fc7,0x121339f,0x1ae28a8,
-        0x04b3171,0x07cc61b,0x100e525,0x028b052,0x1f397df,0x12ed488,
-        0x050e445,0x0b01261,0x18bca6b,0x0d0ba11,0x1d7e542,0x012eb1a,
-        0x1182182,0x0e87f5a,0x0691e49,0x1c18c04,0x0a315ea,0x134a57c,
-        0x0dc3a51,0x0d75a09,0x07af8a3,0x1223ed7,0x19ffc1c,0x1c8982b,
-        0x05456ff,0x0233455,0x0e5dd46,0x14f7e6d,0x045e353 } },
-    /* 201 */
-    { { 0x1092f71,0x0b3b249,0x15c5d81,0x05eb725,0x0b66b6c,0x045b62f,
-        0x0526f8b,0x07d3b66,0x020c036,0x117ac1d,0x15c25fd,0x1a66079,
-        0x0c688ac,0x15dc8b5,0x14303e3,0x1361d0b,0x02c84c1,0x08dfba3,
-        0x1129ab4,0x1dabf2f,0x1369c76,0x1d688cf,0x1b22e22,0x1ca1707,
-        0x0371beb,0x1532cdc,0x02199c1,0x198d2a1,0x173d2c0,0x1ad1fc1,
-        0x1ed4c71,0x054b405,0x01cd3a3,0x0d0e827,0x1de368e,0x1dd04e8,
-        0x15da333,0x1e2dddb,0x0f4dbb7,0x04994f3,0x015941f },
-      { 0x17dd512,0x0607c53,0x17d90ba,0x0e3b86c,0x091b59a,0x1a9c315,
-        0x0533421,0x195d01a,0x1d272fa,0x1121186,0x1f2d685,0x182c804,
-        0x03eea3e,0x00f7cf8,0x1c02d67,0x0291b82,0x1270da3,0x0ea08e0,
-        0x10606bc,0x1dc8918,0x100b801,0x0ccf1d4,0x1b7ca15,0x0135ffb,
-        0x1b0bd0d,0x0122eb3,0x1a2cdc0,0x1073bf2,0x1836b8d,0x03f0737,
-        0x124ed8c,0x17a6403,0x182e588,0x0815da9,0x09ade87,0x12c6db1,
-        0x168641e,0x1bedbb4,0x0b40dc2,0x094231f,0x06d17c3 } },
-    /* 202 */
-    { { 0x181c99b,0x04420e0,0x12bf3d8,0x0390f7b,0x165dc90,0x106d5f5,
-        0x0d11cdc,0x0b768c1,0x0537751,0x03ce1cb,0x1b09dd3,0x045c152,
-        0x00d447f,0x15607a2,0x05484c0,0x1075a1b,0x06bc905,0x0419859,
-        0x0a24128,0x1d2ef52,0x0b18e25,0x0cc2e28,0x077abff,0x15abed4,
-        0x1bcb7a5,0x16ae7a6,0x07228df,0x179a003,0x1850b6c,0x0ec80f4,
-        0x015e11b,0x16171cc,0x0c8194a,0x197c80d,0x15c4d04,0x1772e50,
-        0x156ee28,0x14f8a4f,0x0753933,0x1487d3c,0x01ab9b5 },
-      { 0x14fa7a3,0x0d5c918,0x058c81b,0x008f1ff,0x0c4af0f,0x06cfede,
-        0x05c4e41,0x1fc999c,0x112c045,0x0105175,0x1db5f6b,0x08f1fb1,
-        0x1a44fc5,0x053db7f,0x1b9cb17,0x1eeb110,0x09b6fd6,0x0bfd229,
-        0x0aa0835,0x03a3632,0x11494df,0x0f93c4f,0x0f604be,0x176a7a4,
-        0x0f083aa,0x1994c21,0x0ca80ea,0x0c90a73,0x1125022,0x104858a,
-        0x1558c73,0x0e63ed7,0x1294d15,0x1731a70,0x187650d,0x1f64526,
-        0x1ca966a,0x0140e21,0x0cfb631,0x0ad8435,0x024b349 } },
-    /* 203 */
-    { { 0x19824e2,0x0e5c332,0x1d3126f,0x109c27c,0x0dc4ce4,0x1f0f753,
-        0x06899ae,0x0af4980,0x11e3ec4,0x1d95c73,0x0a392d1,0x0bc05eb,
-        0x0d7e8b1,0x1199a98,0x07adb9b,0x0a405d0,0x09e17a4,0x1d65d1b,
-        0x1c39327,0x082863a,0x1eb8812,0x059f095,0x10642bd,0x1e90dfb,
-        0x1052311,0x1e72993,0x04a7eca,0x1ed883c,0x0f6c089,0x03f5db8,
-        0x1def98a,0x07fd688,0x079850a,0x18c5d8a,0x0c466f3,0x01f9fbf,
-        0x1a80d04,0x0e1497e,0x16fe649,0x1cafc78,0x0212d65 },
-      { 0x015cf08,0x0d9c365,0x0bac8eb,0x0903c2e,0x0dfa4ac,0x0168602,
-        0x0fe4d35,0x18f3a3b,0x174404d,0x0e7b039,0x0aff376,0x0883d26,
-        0x1860508,0x0e34154,0x1a44328,0x0398135,0x01841ac,0x04a947e,
-        0x0efb58c,0x02415db,0x1250e6a,0x1618667,0x0538387,0x1177e5f,
-        0x0ba54e5,0x00aff42,0x1e7ea91,0x0cda169,0x0e7ce5c,0x18f3f67,
-        0x0e83163,0x0df4d0e,0x01d43eb,0x189a43d,0x1680e67,0x0f2d8d8,
-        0x06727ab,0x17cd557,0x0911f9b,0x0a934b8,0x066afa5 } },
-    /* 204 */
-    { { 0x180e91d,0x155d464,0x1beb696,0x12d5931,0x093cf50,0x1193315,
-        0x0382a36,0x07d6132,0x0008145,0x0e90a98,0x077a100,0x067c7ae,
-        0x122bb0d,0x1f0cd00,0x17db600,0x071ce8c,0x14c78a8,0x02c817f,
-        0x04c4d23,0x055f6e3,0x057b74e,0x0bce7d8,0x0924c9d,0x1a07f1f,
-        0x0a6423a,0x0053b0f,0x1563fe9,0x0fa9848,0x087e30b,0x006cbbd,
-        0x09ad7a7,0x193909a,0x1c5edba,0x0b1d068,0x0e68f46,0x1bd9510,
-        0x0bf6bf0,0x17979af,0x0af7ef1,0x0621ab1,0x001ef06 },
-      { 0x0cdcbb0,0x0818b1f,0x0554afe,0x104f839,0x19e2d72,0x1ae4980,
-        0x1c0c255,0x0613ca4,0x1969839,0x0e0e2d4,0x020b7c3,0x01fef9a,
-        0x11ef9f8,0x0fcbf02,0x04541d7,0x036ab9b,0x1fe9cc6,0x079437f,
-        0x03c9331,0x1b671f0,0x1ae3352,0x161b291,0x1b66e67,0x1620953,
-        0x08ca810,0x1d6884d,0x1cc1480,0x04e01fc,0x1400f5c,0x11273b4,
-        0x0b0a8bb,0x1dc188a,0x195d399,0x01520ea,0x15abdfc,0x0e156eb,
-        0x0db730b,0x08404c8,0x04808d0,0x1fabd1a,0x00e4f5f } },
-    /* 205 */
-    { { 0x1f14c38,0x0322207,0x07caf47,0x155d9c2,0x1a5b59f,0x17b1984,
-        0x0169c8a,0x1dd548c,0x082af24,0x0e4fb2d,0x0845677,0x17fdd73,
-        0x0ff4ee4,0x1a74275,0x18f41d9,0x1559c48,0x1e00e0b,0x1c465f0,
-        0x17eaf72,0x0ad1d5a,0x199d7ca,0x1262bf5,0x0f60354,0x17d30e7,
-        0x0572ce9,0x02f4e23,0x15cc02e,0x03143b9,0x1541769,0x0989207,
-        0x0d92488,0x16b6284,0x1e324ff,0x078b57b,0x140490d,0x1881bb4,
-        0x0133d97,0x019a10d,0x1c08022,0x0c210ed,0x033d411 },
-      { 0x078e5ec,0x0d1b5cc,0x08c9d4c,0x028d230,0x1de3e32,0x1182322,
-        0x068cf42,0x0b3a2bf,0x1aa1736,0x1a60dc3,0x1753f9c,0x0945f24,
-        0x14ac209,0x0131587,0x1259687,0x0b97887,0x03e447d,0x03ace48,
-        0x148e4c0,0x1e42bc0,0x1f3492a,0x0f8fac9,0x1ffedb5,0x19bb6bf,
-        0x03b4bc3,0x00432ca,0x12ff755,0x1a07453,0x0d76c09,0x0d358cc,
-        0x1663df3,0x181e4f6,0x0790a22,0x0c667e0,0x0a1232d,0x1974aaf,
-        0x16c54fd,0x110296b,0x0d19964,0x1548f6d,0x02d3de7 } },
-    /* 206 */
-    { { 0x1add3b7,0x13a3132,0x10aaab7,0x0b57e49,0x05888f3,0x12bec9f,
-        0x1272b86,0x17fa82a,0x02c76f7,0x11170c7,0x080acc3,0x11d57c6,
-        0x0a67f28,0x0e8e878,0x0699ae8,0x15a316f,0x1492881,0x087055b,
-        0x1eb6c3a,0x04810d8,0x132f7d4,0x0294210,0x01c30cb,0x1f3413d,
-        0x077f158,0x0c4c2c2,0x0bb0095,0x045526e,0x0987774,0x062e528,
-        0x162f90a,0x0aecc00,0x1b79564,0x19be7a2,0x18c655f,0x12d8ff8,
-        0x1631628,0x1811eee,0x04a9a2d,0x16cb638,0x047003b },
-      { 0x11c1c96,0x000e0e4,0x05c3665,0x124f425,0x0a5dcdf,0x014883d,
-        0x0b85f0f,0x0207572,0x1a3fe47,0x17e747b,0x0663b89,0x1abc9dd,
-        0x18b0d09,0x071d20f,0x0988812,0x14a0d5f,0x0a5a26c,0x158e009,
-        0x06d5c94,0x1ee6993,0x1fe12c6,0x0fa897b,0x0424f5e,0x1dc334c,
-        0x0906eac,0x1531798,0x0415b47,0x17ff070,0x135f216,0x0c2b77f,
-        0x091871d,0x1835a44,0x007e978,0x07ef437,0x1285ac8,0x165994d,
-        0x033fe81,0x06b696b,0x0b39aad,0x00960d4,0x073dff5 } },
-    /* 207 */
-    { { 0x0e20fb8,0x0ac02ec,0x0fc22d8,0x09056a6,0x1c6873e,0x142a653,
-        0x1c0055a,0x022a40b,0x0cb3692,0x1ff6356,0x024ade1,0x01d98fe,
-        0x0c1fa3c,0x1422ff2,0x0d991fb,0x1e224b6,0x085f8b1,0x1ea3c0f,
-        0x0c3c69b,0x04d0731,0x0b92c65,0x166e5c7,0x13bae31,0x0bedaa5,
-        0x10ead8e,0x06e099f,0x0f2364d,0x03107c4,0x0ac45a3,0x0adea14,
-        0x014853b,0x1b77f95,0x17ca492,0x0d709fb,0x0ff81f9,0x17be822,
-        0x12ab05f,0x1250693,0x1d4d58f,0x16ee291,0x07544d0 },
-      { 0x0797ace,0x0689a40,0x05f93fa,0x015f0db,0x016d6aa,0x0d347e1,
-        0x09a23bd,0x109b7e1,0x19f9b26,0x05937a2,0x074bf06,0x19f5133,
-        0x1552fef,0x11211ca,0x0be3609,0x06f01ab,0x069f63a,0x1c7891a,
-        0x1353fab,0x068a9fb,0x1d09293,0x1bd39da,0x0ea0062,0x0aa5831,
-        0x1f276e5,0x18e4d78,0x17fc9ae,0x0ba8ee7,0x1d4f44c,0x0a08036,
-        0x1267bd2,0x0be7374,0x18f12f9,0x0527956,0x1b73d9b,0x14aecfe,
-        0x1922f59,0x03b9f8b,0x0b526ea,0x1d583c8,0x0220081 } },
-    /* 208 */
-    { { 0x037a0ba,0x1eab9dd,0x17d8c10,0x19ba2ed,0x05a431b,0x10387b8,
-        0x0b3f310,0x0120664,0x067c2d1,0x055e987,0x02f3e97,0x0bbd97f,
-        0x0b362c9,0x1bc3d88,0x19f49dd,0x0bcc9ae,0x15e6ec0,0x1309648,
-        0x19a70c3,0x0d2c639,0x06359e6,0x07b4171,0x09f2776,0x1ff9870,
-        0x01f1295,0x0513c81,0x0628ab7,0x0d51dcf,0x1d500a0,0x13c225a,
-        0x1163803,0x11b01ad,0x1746fc7,0x1886643,0x0efa457,0x1048c0a,
-        0x019f6fd,0x0719459,0x0dcce11,0x158237a,0x0620541 },
-      { 0x09e5a29,0x1e9c128,0x0c783df,0x016864a,0x0748d7d,0x1c41dcc,
-        0x04d5334,0x0f51ee9,0x08bfbb1,0x15c563a,0x0b4b171,0x14cc0be,
-        0x03a4616,0x0de58dc,0x1659894,0x04cb567,0x1042fee,0x067ba98,
-        0x0c89416,0x1ae7f7b,0x1556c70,0x1a78616,0x0484750,0x164b366,
-        0x061d854,0x1bec310,0x1710acf,0x1fc8c0d,0x0a4949f,0x02c2f43,
-        0x0b13172,0x02c1ddb,0x0ddcc8b,0x1121002,0x199d5a3,0x0c30099,
-        0x0214165,0x19c2ad2,0x0fa5e47,0x131f265,0x07f3781 } },
-    /* 209 */
-    { { 0x1a6639a,0x1a5ed6f,0x0e4668d,0x080556e,0x0cbd48d,0x018f168,
-        0x1c8d91c,0x03eb8bd,0x0d0599d,0x04f715e,0x0e110ed,0x16c1c1a,
-        0x08d285e,0x1349c97,0x0faa4bc,0x0a71fb7,0x1bfb8bc,0x048a2af,
-        0x11a6dda,0x0b3fe3c,0x1682ae2,0x0fa0ef2,0x1073b2c,0x0a5a35d,
-        0x0f07199,0x023643b,0x079efdd,0x19c4a30,0x0ad2f11,0x16c3141,
-        0x19f2e4e,0x0d749de,0x1a3cd31,0x1d51f47,0x0813941,0x11f9cd1,
-        0x061bb60,0x0ba0b85,0x043433b,0x167ed58,0x06de716 },
-      { 0x12d6dc5,0x0c6820b,0x1973539,0x0cc72f8,0x1ed2cde,0x0f5a745,
-        0x1f86032,0x1b6f5ce,0x075fa2e,0x113aa34,0x199ce15,0x049d523,
-        0x0e4b303,0x11ae459,0x08ea158,0x0510ec0,0x0c2a8f9,0x0cefb6b,
-        0x1bd7a2d,0x1830bfe,0x148aec2,0x159d6ab,0x1e24b84,0x095df78,
-        0x1b4f2d5,0x010bd75,0x03ba1a2,0x0922a89,0x19bd5b1,0x0fb8d8e,
-        0x1de89b1,0x05fe01b,0x1ccd166,0x18ef772,0x1c5ee56,0x09d7933,
-        0x1fe1f77,0x0c1b0b1,0x096c242,0x061767a,0x051f908 } },
-    /* 210 */
-    { { 0x0922461,0x1b7d0f9,0x034524d,0x062ca1a,0x1bb1b1c,0x0c3046e,
-        0x070cc37,0x00d2572,0x136b899,0x1309625,0x180148f,0x1617bea,
-        0x05e1977,0x11b512a,0x0bffdc1,0x07b1df1,0x0781172,0x166d3e9,
-        0x06f79ee,0x1789770,0x178e0b0,0x1976952,0x0f2c202,0x0365c04,
-        0x00d0d17,0x0d72ded,0x1e506ee,0x0dbe719,0x0a65c5f,0x00ede0a,
-        0x03a1776,0x1833bb3,0x198c82d,0x037c9bf,0x11fd488,0x118c26e,
-        0x1f5bbe7,0x09d1612,0x12f9e78,0x11c1546,0x05eed21 },
-      { 0x1d4dc0b,0x12baa00,0x0c1f855,0x0feacd7,0x01ae5f2,0x1112ead,
-        0x1afaee0,0x0d7d30b,0x01189ec,0x19d690e,0x1936757,0x0319d99,
-        0x1917da5,0x0b5b2da,0x128b4fb,0x0ee3990,0x1758ffa,0x13fcc40,
-        0x0b1a69e,0x0d5c245,0x046d50d,0x18e3734,0x12dfcc2,0x1a17627,
-        0x03a605b,0x003c601,0x175cfc9,0x1421fd9,0x10a9969,0x0c6672f,
-        0x01a3145,0x17b1eb0,0x06bf615,0x12370e9,0x0a1e456,0x115e65d,
-        0x0287d30,0x1ba7408,0x10953ab,0x00d4c4c,0x08c14ba } },
-    /* 211 */
-    { { 0x17ee201,0x1bc4ad8,0x09dc321,0x0311caf,0x005aa47,0x01122b6,
-        0x19d8e5e,0x03a3387,0x0c9c3ba,0x1f37c60,0x027af82,0x09ff687,
-        0x16fe85f,0x0673fdd,0x02f3338,0x0d8c8a7,0x12a6526,0x143b755,
-        0x1e68e10,0x158d219,0x19815c9,0x18e6647,0x07d73ce,0x1ed0fbd,
-        0x1be6a9c,0x00afd0b,0x120e0d7,0x19f821f,0x0ef2ebf,0x07ed8a8,
-        0x19821ac,0x11094a5,0x197ecd9,0x08f5c4f,0x1e8ac33,0x1482dcd,
-        0x1ecc03b,0x1e8acc9,0x0597b8a,0x0bbd576,0x0645c0a },
-      { 0x0aa7e31,0x02102a8,0x1697653,0x185f0a3,0x0ec8df0,0x1937355,
-        0x1a424f1,0x13532c8,0x02619bf,0x16dee1b,0x0fef55c,0x01c1c4a,
-        0x061b426,0x06384f0,0x10967ee,0x1d8b72f,0x0bbcdda,0x0fd5fbe,
-        0x12dc0fa,0x0bd163c,0x0fddb4d,0x17039a7,0x06c1b95,0x0abf14a,
-        0x0a4f91f,0x046816a,0x08fd597,0x1f0c117,0x0d1d947,0x03e940b,
-        0x0da08bd,0x0b9cf62,0x0c36156,0x0212106,0x17bcc74,0x0dc8ddc,
-        0x083567f,0x132fb83,0x1b246ca,0x081a5f4,0x027e9ff } },
-    /* 212 */
-    { { 0x1e952e7,0x08c49eb,0x1c61d49,0x078e6b7,0x15b3058,0x1f02488,
-        0x1664a5b,0x194e656,0x0806d2f,0x1a28c2c,0x017b649,0x0d40371,
-        0x0c71ab7,0x16cfaaf,0x13a765d,0x175397b,0x12048f2,0x19ed305,
-        0x04ac4ca,0x0f810cb,0x11d7697,0x0584c82,0x0db72a7,0x1115c4b,
-        0x0ab23d1,0x19eece1,0x1f882ab,0x1e8d3e7,0x0d74d09,0x1be7ad5,
-        0x0ef6f47,0x04553d6,0x15efe5c,0x008621e,0x1e884dc,0x0118bdb,
-        0x1787026,0x1110bda,0x05ddab6,0x0ce7b59,0x04feee5 },
-      { 0x1d3d780,0x0c6a95a,0x1d10c38,0x060e2cc,0x0dadb5d,0x1a10ab2,
-        0x0e1b969,0x10c641a,0x08d6bbb,0x0c61487,0x18f7457,0x06465a4,
-        0x16981a4,0x0c4c231,0x1439f2a,0x1596267,0x04da519,0x1a89c3c,
-        0x177207f,0x1c7f57b,0x043a832,0x0a18ccd,0x1f09e16,0x0e862c7,
-        0x0abcf32,0x1d3ada6,0x15d3e53,0x1f40217,0x14a6279,0x1a1eab4,
-        0x0930a29,0x196caf4,0x1d2a888,0x112f560,0x140fa1a,0x1efdde4,
-        0x04c561f,0x08d2e98,0x1783bb4,0x1cf393d,0x04fe818 } },
-    /* 213 */
-    { { 0x1c1c7ff,0x0964ebf,0x0b44009,0x1b3f513,0x09bd419,0x1274e65,
-        0x0492901,0x1999274,0x043942e,0x0265e5c,0x05a56ce,0x03fb0e9,
-        0x1f004c2,0x0108b2d,0x120767d,0x02204d3,0x028dde0,0x0f1192b,
-        0x0a6c013,0x06e8aeb,0x1c21ec9,0x1ffb6e7,0x1eccd1a,0x06e58fb,
-        0x1a64b4d,0x0715626,0x0fc8125,0x1d96f5a,0x07c150c,0x00daf43,
-        0x16158b1,0x1856e47,0x19395ce,0x0991894,0x1f15fb9,0x0f9235b,
-        0x110b659,0x1788b0f,0x0fff381,0x0536e9a,0x0819155 },
-      { 0x0d9d4ee,0x09218b7,0x1c063b0,0x08d135f,0x1dffa15,0x04d1fa1,
-        0x0d27caa,0x1649574,0x0d467ef,0x0d8f471,0x040b88b,0x06a8072,
-        0x0b18dea,0x1297841,0x0aae14f,0x1ba8e84,0x0c1ed36,0x1389851,
-        0x0a5747b,0x01d0da0,0x1ad3ca6,0x043e3fa,0x19ab1a0,0x10c8cb1,
-        0x1cecfde,0x13287c1,0x0518744,0x05ccd84,0x1850997,0x00a85e9,
-        0x027fbbd,0x14cc645,0x1183f3a,0x0e3ca87,0x12f9e4b,0x044ea8a,
-        0x1136770,0x02608d8,0x1bbcc9d,0x18fd1d4,0x07d06bc } },
-    /* 214 */
-    { { 0x090212f,0x02ca138,0x011224a,0x18aa43d,0x091b7d4,0x16ddc93,
-        0x0108af8,0x1009807,0x1bd81f8,0x0bb90f6,0x06f0d8c,0x17dd591,
-        0x0dc136c,0x1dc7802,0x1c6d82d,0x115709e,0x0d04e21,0x0934899,
-        0x1b32053,0x0492ddc,0x1c15b0e,0x0bbafd6,0x02cb38c,0x1a4478a,
-        0x1c08466,0x1c5c171,0x193184b,0x0e43954,0x1653559,0x08f5d25,
-        0x145669d,0x18fa7b3,0x033aad5,0x0a1231a,0x074ba03,0x143cc37,
-        0x1c673ca,0x0fb2aff,0x12e4852,0x133a1f3,0x048b52b },
-      { 0x1dc05be,0x0a9ccf7,0x17a68e4,0x1027c12,0x1e70db1,0x0d9fed6,
-        0x18ba737,0x0a288f0,0x01a0094,0x15818b1,0x083a8e8,0x1018472,
-        0x0b4b279,0x111dc7f,0x14e53c6,0x02da958,0x0563e56,0x10b1fb9,
-        0x1c50866,0x1ff27f6,0x0474aa0,0x0949eb1,0x149be5b,0x19fc4ed,
-        0x12ea87d,0x08aee90,0x1d1c0e3,0x164f7e5,0x18168ea,0x0192fa0,
-        0x06b9632,0x1665531,0x1704222,0x0f89df1,0x0e42ff2,0x1b46d28,
-        0x0d0684a,0x1713030,0x1dbb3c5,0x10f3b18,0x017c0de } },
-    /* 215 */
-    { { 0x0c01958,0x0fa29ee,0x0e4ef29,0x0839d10,0x1d94595,0x0fadb6b,
-        0x1428558,0x178bcc6,0x07e2d36,0x08e1e43,0x10e9b0a,0x1b094b5,
-        0x0df6c7e,0x0cc0036,0x04f102f,0x1d876f2,0x0875671,0x0fbc5d8,
-        0x10fa26a,0x051edd6,0x01ed1c9,0x19d70f5,0x1f7ca37,0x049656b,
-        0x1a5b1b9,0x102b15d,0x146845b,0x123a4e0,0x1ed3e34,0x015b8b3,
-        0x11823b0,0x0b78160,0x091cf7b,0x0bfacf1,0x05a6317,0x0e61ca0,
-        0x15c799b,0x1e1a86f,0x1875c31,0x1c4158d,0x06862b9 },
-      { 0x1fa1f64,0x17a73cf,0x0d255b1,0x1543c48,0x1ed6a91,0x1ba9197,
-        0x1b83336,0x00fd341,0x10322d6,0x1e4859b,0x1fbe1ef,0x15a48c5,
-        0x1429480,0x015fe79,0x08525a7,0x1c71ff8,0x1e0a539,0x0372908,
-        0x0a94527,0x13d84c2,0x15322a5,0x096b835,0x0657f88,0x1390852,
-        0x1b108e9,0x0417bbf,0x0d77201,0x099d5d4,0x12d2987,0x0185dec,
-        0x1ba9698,0x155d42b,0x142dca5,0x1884e56,0x0f1d261,0x13ad587,
-        0x090af64,0x070e201,0x179b319,0x05aa3f1,0x05093fa } },
-    /* 216 */
-    { { 0x02d553b,0x1994026,0x10a7133,0x04772cd,0x1c1abe2,0x0b48a56,
-        0x152708a,0x192aad4,0x1999976,0x064fc5a,0x1a0fcf6,0x0f7aeed,
-        0x17c22c5,0x1e42f62,0x0a50aad,0x0c3ea9e,0x1e56e2c,0x0779a03,
-        0x084f6d2,0x0bd195e,0x18c7f00,0x1ef9934,0x11c3214,0x1814a96,
-        0x088d7ca,0x00f737a,0x1582dd4,0x0d7ad7d,0x0a4bd9b,0x188338a,
-        0x053c040,0x0dc1311,0x085bc3b,0x0950029,0x106bd7e,0x15d80ce,
-        0x0f7ef24,0x18b2137,0x090e0cb,0x09ad8ef,0x012f9c4 },
-      { 0x1313a1c,0x0f4b241,0x0cdc654,0x14678b1,0x18edd3d,0x1620224,
-        0x0fd4b1e,0x1d09db7,0x10dcb5e,0x136537b,0x108be21,0x11eadba,
-        0x0eec0ae,0x0330f61,0x1def150,0x0a47820,0x13ad422,0x1369cc8,
-        0x039f2cf,0x0bc3d0b,0x1b45d10,0x1fe4bcd,0x11f24e5,0x12f6b24,
-        0x1d4a909,0x1f39910,0x0fa254b,0x1dec514,0x1462410,0x0c13a74,
-        0x1034235,0x0b2f01e,0x0cbed0f,0x0887632,0x089c238,0x0627af8,
-        0x1679b1a,0x036c333,0x0746346,0x09c4d5c,0x002f75e } },
-    /* 217 */
-    { { 0x1f307d7,0x1bf5fa3,0x11dc6d8,0x15a0282,0x0b644a6,0x02d4063,
-        0x0f594b8,0x0630546,0x1fed07b,0x078d079,0x1b965f2,0x0ff26d2,
-        0x1ec09ee,0x03ffe00,0x0a9fb0f,0x0e7739b,0x0fef8f3,0x0aa4fc4,
-        0x0eee262,0x1a32c38,0x07b7c88,0x14efe55,0x164a93f,0x1c95641,
-        0x19ee23a,0x0d2897f,0x07d7b2c,0x0b5d4c8,0x0fb47df,0x11bff19,
-        0x1039da4,0x04ba10b,0x0a5c420,0x1aad14b,0x15609b1,0x07b9224,
-        0x1bce972,0x05cc2fc,0x0650560,0x0ccc72c,0x072b1b5 },
-      { 0x10e5558,0x045043c,0x1e0275c,0x020d135,0x1853604,0x189dafc,
-        0x1ee2908,0x035d0bc,0x055a49d,0x15d0949,0x1c6c2f9,0x0961586,
-        0x195e76c,0x09c7370,0x1413ce6,0x13442b0,0x02260ae,0x146ea0a,
-        0x1a12173,0x009d372,0x1e43d8b,0x12c43f7,0x1e5312e,0x038bce7,
-        0x08e67f1,0x0e20893,0x033dae6,0x04c47c5,0x0a96629,0x15543d0,
-        0x14fcb42,0x099405d,0x066772a,0x1daa8d9,0x1938b58,0x0ad1dd1,
-        0x0e78b5b,0x15d94c9,0x096b737,0x02dc2e4,0x05df192 } },
-    /* 218 */
-    { { 0x1f2e7e3,0x13f0f46,0x1f78800,0x11b1b40,0x1183cc6,0x05734a5,
-        0x0e9a52d,0x1119c6b,0x13ca62e,0x0b6cbef,0x1fb4b22,0x0276a5d,
-        0x0f3de47,0x135e842,0x01b1038,0x12477a0,0x1bbfc81,0x00f4db8,
-        0x0ab31ac,0x038f6c3,0x0840999,0x1247b2b,0x194324d,0x1e8ea48,
-        0x161d187,0x05109c2,0x06fff4f,0x021e562,0x1914186,0x0fd7fd0,
-        0x0265a45,0x12abca6,0x11236de,0x196bcc7,0x1baa861,0x16c2797,
-        0x06a2a48,0x1da2753,0x070c9fd,0x185c151,0x0452265 },
-      { 0x1430010,0x0f63c92,0x03012b5,0x1fd7a12,0x0ac786f,0x14e9fae,
-        0x1d3fc82,0x0bf4bf3,0x0a3edc6,0x05fa089,0x0fac47f,0x073819e,
-        0x0088248,0x0552db8,0x175b53a,0x1157171,0x1fdb756,0x171138e,
-        0x1d11583,0x1d86e76,0x1296e43,0x130e7ba,0x1e3abe4,0x152db36,
-        0x1ae0e3f,0x1ea8c04,0x1770977,0x16625a5,0x0b77110,0x1c5a35d,
-        0x191ae3d,0x16bd9e3,0x09efc8d,0x1f65503,0x0eb9827,0x03832a5,
-        0x1f4dbde,0x118176a,0x015550f,0x1f23c0f,0x014b02b } },
-    /* 219 */
-    { { 0x07e5b57,0x0e3b45c,0x155cb1c,0x0fea634,0x0bcc78f,0x0cbee40,
-        0x0fe2fdd,0x0be9ff2,0x1139e17,0x1470136,0x1329b2c,0x0e4f972,
-        0x1c6b83b,0x003cfbf,0x0bf8ec8,0x1a2e05d,0x0decf3b,0x015652a,
-        0x0bc371b,0x082678d,0x035e17c,0x12e67af,0x0fa8799,0x0aa0b8d,
-        0x11a4834,0x1c4d334,0x0398402,0x0c6757a,0x1d03882,0x138360b,
-        0x03259b1,0x03419f2,0x0efffbe,0x0eb263d,0x0f9f42b,0x0c9b08f,
-        0x0ea2aa4,0x0de6fdd,0x1429752,0x0e8598f,0x085e07e },
-      { 0x1c25bca,0x1705305,0x13b08ea,0x03c89ec,0x0e8e55f,0x03dbb9b,
-        0x05b62d8,0x013c3cd,0x0d30059,0x14853a3,0x112642a,0x199a597,
-        0x1d072b1,0x034717a,0x03f9b1b,0x11d921a,0x1f053e2,0x0c90762,
-        0x0010330,0x043f69e,0x02c779b,0x09fe625,0x09cdd6f,0x1758fbb,
-        0x1def9e1,0x069fafa,0x04d703e,0x1862baf,0x0cd318d,0x00b8165,
-        0x071c45f,0x1d24dee,0x12823c4,0x179cd37,0x02efb40,0x0671b6b,
-        0x1db6932,0x1a4918b,0x1d0c396,0x13f1a93,0x0096403 } },
-    /* 220 */
-    { { 0x0999eba,0x1a78b2b,0x0c1485d,0x0f63bcc,0x1d8ee28,0x0593349,
-        0x1dc9b78,0x143b035,0x13f8942,0x1a2349c,0x0f84f0d,0x0c2bd40,
-        0x0fbcf6b,0x0a7139e,0x03030d6,0x0b8ada6,0x056c672,0x127e99d,
-        0x02fa5e8,0x0a695b5,0x0251a57,0x133e115,0x1e6490a,0x018b892,
-        0x1bdb59d,0x1b42728,0x131a909,0x0f9aed9,0x06bf59d,0x0bd66a1,
-        0x0ca4502,0x0cdd37d,0x1404a2c,0x171f4ac,0x1a61725,0x008e71f,
-        0x0ad666d,0x1d9f075,0x1795af2,0x1a4c778,0x0626b0f },
-      { 0x1a1ec42,0x0bedd70,0x11411c8,0x1756b59,0x0a6ae7d,0x0998e8d,
-        0x0ac7a19,0x0df6fc3,0x03d3012,0x0229838,0x186146e,0x13c1bdc,
-        0x0428064,0x15344aa,0x01bd28f,0x1ec6510,0x1adcb56,0x1a5df21,
-        0x12bfe53,0x1737b57,0x17be036,0x12de831,0x0365079,0x0de7576,
-        0x19d4468,0x1eb410b,0x12ab5ab,0x090d225,0x1e15341,0x048f7fb,
-        0x05a68ee,0x1d70dfb,0x0c426ce,0x09461c4,0x0a0445e,0x016adcd,
-        0x16399e0,0x1f389ac,0x1ab064c,0x1b342f6,0x009bbdd } },
-    /* 221 */
-    { { 0x0fd3673,0x1ce0ef2,0x181dd78,0x034cb91,0x1880d9d,0x04e3ff7,
-        0x10771ca,0x0008e4b,0x03529d2,0x1b39af7,0x11ebcd6,0x05da78e,
-        0x15c1f8f,0x08977ef,0x1ce663e,0x13872b9,0x0184985,0x0f6b913,
-        0x19a5e57,0x12745e1,0x12a7237,0x0b4358e,0x029aae3,0x15105c9,
-        0x015de22,0x0bf0064,0x13e76e3,0x1cefadf,0x067547b,0x1d99011,
-        0x170221b,0x093821d,0x02687d4,0x1f6a65b,0x185df20,0x153e387,
-        0x1af366e,0x0aebf82,0x0b4939b,0x171a3df,0x02eaa01 },
-      { 0x1357c74,0x1fdb80f,0x1e51791,0x1553c76,0x13085c4,0x02d482c,
-        0x01ccdba,0x1929e13,0x1be0244,0x09c047f,0x159837d,0x1f27476,
-        0x1691ddd,0x19dcaf6,0x1d8ddef,0x041a916,0x1b7bb39,0x1c8dc88,
-        0x1a84f3c,0x1e117f0,0x0e587cc,0x0bf500c,0x14fb63e,0x18aa328,
-        0x0434378,0x0d358f5,0x07834b5,0x1cd5bbd,0x16259a8,0x1247cdc,
-        0x177f0ac,0x1dde2fb,0x0ebceae,0x1ce42cb,0x110d55f,0x11ed296,
-        0x07d5bba,0x068a878,0x061ad23,0x1d36983,0x002d31d } },
-    /* 222 */
-    { { 0x079499d,0x1cf0f6f,0x0ab69ae,0x11fa1f8,0x16ca8ff,0x1ec9ab7,
-        0x1e3a069,0x04f7d81,0x1e8f063,0x01e8e4f,0x002faef,0x042e766,
-        0x1b805c7,0x009e0c0,0x1082821,0x13a0200,0x07ef0ca,0x14f4d0b,
-        0x0bbb775,0x19213a3,0x0a72076,0x1fc71d4,0x1928665,0x0f6853c,
-        0x1f7a7a7,0x1f49e73,0x1172534,0x1581f7e,0x148407a,0x0a53f36,
-        0x19fcdda,0x1523243,0x16679e2,0x0ddeb7a,0x03cfb87,0x13e47fc,
-        0x0bf9fa9,0x08bab36,0x15d971e,0x1e5c1e9,0x0965860 },
-      { 0x1a5f79c,0x03815bf,0x09b79cd,0x0cb5e5a,0x130bd42,0x19f0674,
-        0x02e61b1,0x05a8b7b,0x14ee44a,0x0df3df6,0x122869f,0x00492ad,
-        0x0ec129e,0x1be6fc0,0x17016b1,0x14b36df,0x02b589c,0x1b8535d,
-        0x066096b,0x1080433,0x10b6fc4,0x0a3d11f,0x074a12d,0x141515e,
-        0x010a428,0x16c58ed,0x04acabd,0x03d6366,0x135ee3b,0x021d19c,
-        0x1b3c145,0x11dff4d,0x007eb26,0x132a63d,0x021b598,0x182ddc8,
-        0x0549ee4,0x1de280a,0x02949e9,0x0643f53,0x0650810 } },
-    /* 223 */
-    { { 0x07ed9b2,0x072305b,0x0f4927c,0x0186db2,0x0cda0fd,0x03af0e0,
-        0x18fa623,0x19376b2,0x1614bc0,0x0bddf49,0x1a1815d,0x100334e,
-        0x049a9b8,0x0476e2a,0x0df8abd,0x0b30b51,0x19eb51a,0x04f3bf6,
-        0x0efc093,0x04a4e9d,0x0636dd0,0x040aa2e,0x1662d8a,0x001b740,
-        0x1aed048,0x11d1cde,0x06078a8,0x1f84027,0x0cb4f27,0x1eae2a8,
-        0x11f719b,0x16a40d1,0x127032f,0x0fd0ad6,0x12ba05a,0x0593417,
-        0x1a7ca8a,0x1037909,0x194bd81,0x08d30c4,0x0982950 },
-      { 0x011c128,0x1a30017,0x09f8f8d,0x1a1cdb9,0x00dfae5,0x0a91324,
-        0x05b8b65,0x087c880,0x0880b71,0x12fc479,0x0e2073d,0x11a8a4d,
-        0x1eca3d2,0x0fdc357,0x1167747,0x1f2b1f3,0x0c24c74,0x1aa4430,
-        0x12da7d3,0x1d48793,0x0cecd06,0x17399a7,0x14d0f26,0x0652e26,
-        0x0ccd635,0x0062e61,0x0d7ce9b,0x12bfe80,0x12653ba,0x10e659b,
-        0x0f4b806,0x144a0a4,0x1510fdf,0x13f5918,0x038a988,0x01ddca7,
-        0x0a23cd1,0x0fe4506,0x1d52fab,0x0367cf1,0x04b7e6e } },
-    /* 224 */
-    { { 0x15f928b,0x083b7ed,0x13b1e72,0x0d6e68f,0x06250bb,0x007620f,
-        0x1de62b0,0x18ea96c,0x09d9619,0x006905d,0x10d0fe4,0x01a0b3c,
-        0x17ed42c,0x028c9ae,0x1ce7a15,0x0039c7b,0x18264f7,0x0131c88,
-        0x07e1eab,0x1e4aa9c,0x1aaace8,0x04b2fc8,0x1f7759e,0x048a73f,
-        0x1163fa3,0x0cacb66,0x112eb3a,0x1902be5,0x0f9ea55,0x061554a,
-        0x1575e32,0x1de49c8,0x0b2aff4,0x0e1353d,0x1024737,0x05e1dac,
-        0x00ca282,0x0521058,0x1d96255,0x18ba652,0x00611c4 },
-      { 0x1e81829,0x1000e54,0x0b33c64,0x0011450,0x1ed3332,0x0ef6cde,
-        0x1f7863e,0x00617fa,0x1b78890,0x1c9d606,0x1e97759,0x123a6ae,
-        0x0bbb00d,0x00169e1,0x1e88e9e,0x12029c2,0x08cfb54,0x1ffcafc,
-        0x1c6db81,0x037e978,0x0c8b7cd,0x1011ac4,0x0b8ec92,0x02240ec,
-        0x135b8a4,0x0984da9,0x1b1015b,0x090380b,0x16a1b52,0x0086748,
-        0x1d1571d,0x10a02f3,0x1e03271,0x089045d,0x05decf3,0x002bcd8,
-        0x10cbfe5,0x0d12604,0x0159942,0x0523821,0x0820795 } },
-    /* 225 */
-    { { 0x07d353e,0x09e7f8e,0x18ed74b,0x1afbc19,0x15e7ecc,0x143b1ae,
-        0x01d7db2,0x07d6962,0x025f9ad,0x1420270,0x12d6bb6,0x1d1240b,
-        0x016b963,0x04f910d,0x17b8360,0x159493c,0x1d9ea41,0x06b2642,
-        0x1110a8d,0x0d89d26,0x15a46a4,0x1f1e7b2,0x0b1bfe5,0x082faf9,
-        0x05c1ee5,0x0263b2b,0x07bafe7,0x1020135,0x1a63886,0x0e9cc46,
-        0x11a56d8,0x1ed68e5,0x002b46a,0x188b8b2,0x05942df,0x063fbca,
-        0x1e0c05e,0x1c7939d,0x1129e53,0x06d5106,0x07487b0 },
-      { 0x03e2370,0x072bace,0x1c66a18,0x07f0090,0x19d5819,0x117cd50,
-        0x0fcf29b,0x136741b,0x1614471,0x163f4ac,0x1fb086d,0x18e9bdf,
-        0x1fa9049,0x1fa8675,0x08192c8,0x1bc2b17,0x0c049a1,0x1589411,
-        0x07549fc,0x096fb36,0x0430b65,0x0e87fe8,0x111c216,0x00a88d7,
-        0x14a674f,0x0ca9be3,0x0e8eb76,0x0aa64a3,0x1533b5e,0x0b65f19,
-        0x13928fb,0x04fc833,0x12f44d0,0x0dcbc97,0x1a0a974,0x1e5b09d,
-        0x1b6fa69,0x1b5891e,0x0ef7731,0x18a43f4,0x0834f85 } },
-    /* 226 */
-    { { 0x0e9b31a,0x1a3e096,0x0edcca4,0x15fc7f6,0x1d88522,0x1fc87e8,
-        0x1ed354b,0x03a979d,0x02b1a08,0x1d8b9c3,0x047c214,0x0374548,
-        0x1a538c1,0x0a0db01,0x056e4f0,0x1ae82f1,0x1aab10b,0x114c9dc,
-        0x0644a61,0x17a08c1,0x0ba5ccb,0x1877505,0x19a7ebe,0x0cc312e,
-        0x0462235,0x12a6a42,0x10d9ffe,0x14c7713,0x1478da4,0x0e8e8e1,
-        0x1df2eb5,0x154c069,0x1339227,0x189c8e2,0x017f986,0x0a1cdae,
-        0x174ff51,0x0a5b307,0x0d53374,0x014a665,0x0639d8b },
-      { 0x02217cd,0x118b10b,0x039be90,0x1502385,0x0e0e4a2,0x1b36e01,
-        0x1386085,0x1ded1b3,0x1046a06,0x0931b9c,0x0484054,0x0463bbd,
-        0x1344eea,0x08a14c6,0x01f23c8,0x0afd20c,0x0ba63d9,0x093f939,
-        0x17a32b8,0x1d01994,0x063fe7c,0x11127bd,0x1605baf,0x0ce7c68,
-        0x0e5a789,0x1ea26f6,0x094daea,0x06ead44,0x1f77af1,0x10d771d,
-        0x0f19135,0x0579f31,0x0b2bf6e,0x14b1630,0x07cca7e,0x067616b,
-        0x0bb5002,0x1b4d0d5,0x100b2c1,0x06c18ea,0x0409031 } },
-    /* 227 */
-    { { 0x070433f,0x1439d0b,0x17f2134,0x0c4a927,0x09394df,0x1e7c4f6,
-        0x0866a03,0x02dd60b,0x0db2976,0x1cf2188,0x18c11b8,0x1b93b3c,
-        0x1e50742,0x0ef4e54,0x06b6320,0x03a1be6,0x194fb7b,0x0c3555f,
-        0x0cf20b4,0x1b44f43,0x0d8436c,0x1a1cb81,0x1ec68bb,0x0102533,
-        0x1fddc46,0x11c1405,0x1748e58,0x0965691,0x1c9353e,0x0179bd9,
-        0x1a4b6cb,0x025f714,0x1b5b317,0x0023a6a,0x08ec206,0x11f370f,
-        0x1e95257,0x0c84c30,0x0af2361,0x1dbe6f4,0x080668e },
-      { 0x19a0249,0x0e69ad9,0x1abb8bb,0x0965f15,0x0f230cd,0x11ef82d,
-        0x05791c8,0x1e852b6,0x0e0e937,0x1b34c15,0x12458ae,0x16e5197,
-        0x01019d2,0x07a4ee5,0x144aba7,0x00f68b8,0x1a7630f,0x088da48,
-        0x00e1d3a,0x09e6994,0x143348d,0x132265b,0x107f43a,0x0b66187,
-        0x19ae1f9,0x05609fb,0x17b62d8,0x006c5a9,0x0ad81c4,0x0a7fb0f,
-        0x0a27a0c,0x093187a,0x1600dd4,0x10b8176,0x1067094,0x06bf963,
-        0x1a9c1f3,0x1194fe1,0x1b3a564,0x09037bc,0x0046775 } },
-    /* 228 */
-    { { 0x1233c96,0x0f2b71c,0x1abfb8f,0x1900e6f,0x068c409,0x0d5e344,
-        0x046f480,0x00b595c,0x12b4862,0x196754d,0x0415b03,0x0fc2de3,
-        0x01e3238,0x12ee152,0x1d4d96a,0x17d0dd4,0x0cc12b4,0x0bb614d,
-        0x158ca53,0x1f956f1,0x1f24a01,0x058655c,0x0076fa2,0x02980a9,
-        0x06e5bf4,0x1d53b32,0x0f2e5ad,0x1c22312,0x04e097f,0x1ad8bb3,
-        0x0a6d927,0x0a7f9eb,0x196422e,0x1fb1a50,0x06f42df,0x0ab2f19,
-        0x1c22989,0x1f59c71,0x1115ad7,0x1f61067,0x0038a49 },
-      { 0x1e93257,0x1c0c609,0x106cd78,0x1b4c24e,0x14cebc9,0x1560358,
-        0x04925f2,0x02c9edd,0x13daa11,0x113c719,0x080d2a0,0x0cbc9bc,
-        0x10e7cc5,0x050dd31,0x1f7257c,0x0df7b76,0x1236695,0x140eecf,
-        0x0c4cb75,0x1cc6337,0x1337c63,0x117e120,0x1b88ac0,0x117d638,
-        0x081937e,0x05611c2,0x176324e,0x0763329,0x1b56448,0x1d65535,
-        0x01ed533,0x00df230,0x07cd44e,0x06cf98d,0x06eea3e,0x0c3ba87,
-        0x1f74a8e,0x06153c3,0x1598198,0x0442436,0x04bb76e } },
-    /* 229 */
-    { { 0x0354817,0x08f4573,0x10e1e85,0x15e0716,0x13d494e,0x0ac4c31,
-        0x11a2216,0x024990d,0x11dcbac,0x10a9c13,0x16b419c,0x1f1981d,
-        0x16f487a,0x128072e,0x0cc147f,0x0feab5a,0x11bd6e4,0x085388d,
-        0x11d1ab5,0x0e134f1,0x135ea68,0x1132017,0x09fc5c9,0x0618260,
-        0x08efafb,0x04be368,0x0701b1d,0x1de3808,0x03e2da9,0x07676e6,
-        0x1cf431d,0x0125c20,0x0c5f96e,0x095ba18,0x0f3caa8,0x041e272,
-        0x0107eb0,0x0c200b1,0x1e62c91,0x0bef6ed,0x08843d2 },
-      { 0x1b2a83e,0x080ee76,0x1c91385,0x005771a,0x1cfe8fb,0x12efb15,
-        0x0196764,0x1861204,0x142ab6f,0x038aee7,0x0277f4f,0x00ab41e,
-        0x0a73c05,0x11ac857,0x19d1763,0x0e93c24,0x0d876ff,0x1a9c17a,
-        0x0483198,0x13fddf5,0x11cafc6,0x08cfeb8,0x1785808,0x0eb89ab,
-        0x1c3bd90,0x1f9210c,0x04f7b5a,0x100197a,0x03a1163,0x1075b13,
-        0x0de31fa,0x0fa4c98,0x1bd7958,0x0e4c61a,0x1915c56,0x0aadc45,
-        0x1a7373b,0x1f9516f,0x12525c6,0x073126b,0x00503f9 } },
-    /* 230 */
-    { { 0x1dad4f6,0x0ee3338,0x086d96b,0x120497d,0x038e488,0x02e9ee9,
-        0x1238bd8,0x113f6ed,0x0b0d96b,0x1eafaef,0x06cb2c4,0x146acc0,
-        0x14e0b5b,0x01f1e92,0x1f52476,0x11d4fc6,0x023240c,0x1744302,
-        0x047266e,0x0305e7d,0x1919374,0x1cd43d6,0x09b0b2b,0x0e9e52a,
-        0x1040af5,0x051a589,0x0651000,0x17379da,0x1f42e75,0x0bdf036,
-        0x0753331,0x097a211,0x0e8ec50,0x1da8011,0x1deb776,0x1618a62,
-        0x1ecfead,0x0698e94,0x1a3e5a4,0x1fc2ecc,0x0735778 },
-      { 0x03c1137,0x1771f42,0x0f343e1,0x147e16e,0x1c1c42f,0x19071d1,
-        0x19e762a,0x15c1cea,0x016242f,0x1caf8fa,0x024b91b,0x0238736,
-        0x007b88e,0x0611b56,0x0a500f9,0x005cc2c,0x1412dac,0x133082f,
-        0x18b818c,0x18514f0,0x1c8d74d,0x1979d91,0x08463fe,0x08bff7e,
-        0x0417c07,0x08f08c1,0x113015c,0x136ab40,0x1be4de4,0x0dba677,
-        0x01cb199,0x12f7ee2,0x0c4c01d,0x1833b0e,0x1b6b153,0x1165940,
-        0x1450d0f,0x0cced53,0x00a87f1,0x14c3463,0x052e637 } },
-    /* 231 */
-    { { 0x1ebc6db,0x18078b5,0x1649205,0x17f2a07,0x0a6b45d,0x0a9c8ca,
-        0x134f174,0x1798e2b,0x1e5ad2a,0x0150e02,0x0d19be5,0x086756f,
-        0x0b36a82,0x1d09c8c,0x104efb6,0x1cd9d74,0x02490f4,0x134c52b,
-        0x0fc7cf2,0x041b4de,0x1ab3bb7,0x0eb1a38,0x0845b50,0x07a6c12,
-        0x1222730,0x14f7006,0x0118ee9,0x1fa9980,0x045fd17,0x0f26b14,
-        0x11eb182,0x1015b93,0x1603b2c,0x17de531,0x126917e,0x177e2df,
-        0x04bc94a,0x003fbfe,0x05a6104,0x09f4e96,0x07c916b },
-      { 0x0bac2d4,0x137c8bc,0x01d7040,0x104c035,0x0a2e809,0x19eb204,
-        0x09db801,0x1115a5e,0x0fcc1fb,0x01b0862,0x0ca47d1,0x104594d,
-        0x1c5727b,0x0476307,0x1154cb2,0x1a9160c,0x099ed9a,0x1a8f244,
-        0x150fc40,0x16916be,0x0eeb841,0x1f6ac8e,0x09b32c6,0x19eb517,
-        0x0df0f9d,0x0da7e25,0x02cd1f7,0x14f9404,0x04c5213,0x066165a,
-        0x112a86b,0x00a4f81,0x13b6828,0x1e7a83b,0x1041c08,0x0d546e9,
-        0x0b74c92,0x1e88003,0x141f1cc,0x0deef51,0x01ff391 } },
-    /* 232 */
-    { { 0x197939d,0x0c7f27c,0x0ecea88,0x16f22b0,0x1d4dfbb,0x1bab059,
-        0x0d76a1f,0x131674f,0x15da92c,0x0e01400,0x19bd2aa,0x155a8cc,
-        0x17e1eb4,0x0a674ee,0x0c5e944,0x060ec5d,0x0a4ef8f,0x17a3533,
-        0x043951b,0x168b8d0,0x04dd900,0x0c25d78,0x1debc89,0x109a85f,
-        0x1c8725c,0x1ef1e60,0x1639320,0x0127e44,0x0d88b23,0x0f208b8,
-        0x1118beb,0x1580edc,0x19612e4,0x08a0df0,0x0d18cb7,0x15e91ae,
-        0x125e34d,0x18fbacc,0x0432706,0x0ac0e57,0x019ed1a },
-      { 0x0735473,0x1fe6f36,0x10fa73d,0x0ec0077,0x0ab88e6,0x0ccddc5,
-        0x1f2f3ec,0x17a2430,0x19acccc,0x1b98220,0x195166e,0x1e7961e,
-        0x02214af,0x17c9314,0x1b2068d,0x04170d5,0x1329f9d,0x0554165,
-        0x1dcf324,0x07f21ea,0x17e182f,0x15fb112,0x12bd839,0x08ec5be,
-        0x144bfbd,0x1a9f8c5,0x076e5c1,0x1291625,0x02c18e3,0x1074be1,
-        0x0b71ba4,0x0af7d2f,0x13d6208,0x11bfc9c,0x00b11ad,0x0bd1ae7,
-        0x11fed1d,0x112e65f,0x05667d9,0x1f2d0d0,0x06f31e0 } },
-    /* 233 */
-    { { 0x0b8f204,0x17f2ac1,0x152b116,0x0da6b16,0x0c0441b,0x0afaf6d,
-        0x19efeb3,0x126e427,0x1139bcd,0x08a6385,0x0f2ec06,0x0b032db,
-        0x01714b4,0x0f69ae9,0x0a5f4d4,0x03e41d2,0x0376a3e,0x0c7b204,
-        0x1cf35c1,0x15153a5,0x1f6d150,0x00ee6ec,0x1ecdba0,0x1eadb05,
-        0x0eb655c,0x110ad2a,0x124aa96,0x0c20a01,0x089f037,0x05711d8,
-        0x1a34434,0x18856cd,0x11b2079,0x146a424,0x18f43bb,0x0a95e35,
-        0x01556f4,0x1f26142,0x09f984d,0x010c7b1,0x0875e33 },
-      { 0x16c0acc,0x07eee57,0x1023720,0x0d763cf,0x15ad1e6,0x02c2d6e,
-        0x1eb860a,0x14db8e2,0x0275c7d,0x0e2a1a0,0x0e7856f,0x10a5a4d,
-        0x10f4b4c,0x1502fd2,0x0287efd,0x19664be,0x047817b,0x0e37c0f,
-        0x03fcb87,0x1a8650e,0x17fc2cb,0x0b33e3f,0x0289240,0x10b4d89,
-        0x1acb7b5,0x02be822,0x11199b0,0x1d2e55a,0x17d63d2,0x03e7f36,
-        0x1131d36,0x01c4e82,0x1067d87,0x0c2577b,0x15ea2c9,0x1765942,
-        0x15f0fde,0x0e2dfdb,0x1802525,0x103e70d,0x05abb05 } },
-    /* 234 */
-    { { 0x0c97f57,0x11695f8,0x031e2f9,0x032c5e5,0x0fe0487,0x1a855d8,
-        0x0919d1e,0x1db8a91,0x144fa09,0x1593701,0x16a5bbd,0x0dc7560,
-        0x02fd44c,0x1873574,0x0c00cb1,0x1133bdb,0x02bd7e4,0x1145ea0,
-        0x0df0470,0x05d2c73,0x171643f,0x0767489,0x03b0ff0,0x1fa1f18,
-        0x18bc902,0x1d63b4d,0x09f2af0,0x1b39675,0x124cc99,0x0449034,
-        0x053a22a,0x084c120,0x11461aa,0x13cf052,0x0a2e58b,0x018fe95,
-        0x0b1b3e8,0x1810854,0x192f13b,0x10037fd,0x0705446 },
-      { 0x01901c1,0x1eb8989,0x12abeac,0x0ffd5aa,0x090a262,0x045d11f,
-        0x14a16f0,0x0fcc9ed,0x136ec22,0x0cc980a,0x0646ae3,0x15720d8,
-        0x0c99a16,0x1b24e71,0x0c73d6f,0x075010d,0x15966be,0x02c9033,
-        0x12e8b3c,0x06c4f39,0x1486188,0x03f7fa9,0x0b055ee,0x04475e4,
-        0x098964b,0x12bdfd6,0x002ab9e,0x1a1fa9e,0x018a80c,0x1ca0319,
-        0x13b6b76,0x1bf11e2,0x044bb79,0x16cfe9c,0x0f52dc7,0x0d8367c,
-        0x1620503,0x11a509e,0x029adb1,0x19f70d0,0x06f56ae } },
-    /* 235 */
-    { { 0x1205c5d,0x0e401ec,0x04a6c07,0x1ace247,0x08955f7,0x0db2b2b,
-        0x0fff676,0x1fc7bd7,0x0d3b1ac,0x0221caf,0x13bbfee,0x1642c12,
-        0x0b04328,0x114c8ff,0x0c7fea0,0x1a0eacc,0x0e6190d,0x086ef33,
-        0x015df01,0x0078abd,0x040775b,0x0fc8b91,0x1b24739,0x176747e,
-        0x08a408e,0x1cb4d14,0x0816284,0x1a6edf1,0x0e06761,0x0a2bcd3,
-        0x023ce96,0x0f6e3a5,0x03029c5,0x0186008,0x10a2d13,0x181087e,
-        0x130e0b9,0x1357fc3,0x112b763,0x0229dac,0x07b6be8 },
-      { 0x13aa54e,0x1c7251e,0x0268fb0,0x07b07aa,0x1023394,0x1caaf10,
-        0x0988490,0x089f095,0x1f51d3d,0x088238b,0x0938dca,0x0858fd9,
-        0x1e62d24,0x02fd2ae,0x16948f6,0x1436b18,0x0da851d,0x0637ae6,
-        0x000051a,0x1795504,0x02e0044,0x14700b8,0x1dd4079,0x14159d9,
-        0x19359e6,0x0597840,0x16b03bc,0x07bb4d5,0x164f013,0x16e47ec,
-        0x1625ebb,0x0a61721,0x0dacd0e,0x09175a4,0x15bee10,0x1c98bf5,
-        0x1700a1d,0x02760f6,0x151d08a,0x06bb794,0x086f9a8 } },
-    /* 236 */
-    { { 0x10cc69f,0x0c82aa2,0x063c387,0x1993dbf,0x10eb14b,0x1f5d00a,
-        0x139dfb9,0x0a63772,0x1998f8e,0x1bd339b,0x1bbbc17,0x09c6362,
-        0x1558838,0x0c2e2f0,0x04a1c8f,0x0a55577,0x145cbd9,0x07f28f1,
-        0x189059d,0x01dc50f,0x02f0c5d,0x178800c,0x1f7051b,0x1eb7c59,
-        0x19e92e7,0x09f07b9,0x1ed95af,0x0035675,0x08e2895,0x16ef28b,
-        0x12ac554,0x171dc20,0x00dfe31,0x0223aca,0x180f10c,0x0685246,
-        0x0460a91,0x03788a6,0x07e1a4c,0x15e076a,0x05bfa9f },
-      { 0x07b258e,0x1fa9608,0x0770a88,0x17acc68,0x189e82b,0x1e7f8d4,
-        0x13b6208,0x03ea947,0x0719b49,0x02dbbca,0x0f7ee3d,0x0430486,
-        0x0e898c2,0x0249287,0x0776473,0x0ecaa1f,0x0ae4fa1,0x0a86151,
-        0x10c9fd1,0x1439c85,0x1e41f7a,0x0b2c1d8,0x04e856b,0x17f5b3c,
-        0x0d5a5a1,0x0e6cd50,0x02387ef,0x1639545,0x1f7f879,0x01db48a,
-        0x07abe4a,0x10fd034,0x10e4e0c,0x0694b60,0x0958420,0x1009fb9,
-        0x12755bd,0x064b0b0,0x1bb69ab,0x155051f,0x01b1266 } },
-    /* 237 */
-    { { 0x14ee49c,0x005003b,0x1f5d3af,0x0596c46,0x176f685,0x1c9c51b,
-        0x112b177,0x17bf80a,0x0b6fbfb,0x19c4764,0x1cbabb0,0x179ae8b,
-        0x1784ac8,0x18f6749,0x1159826,0x1f42753,0x0ac7de8,0x0b2b7db,
-        0x14cae1c,0x1bdae94,0x1f095f8,0x05d5444,0x0ac350a,0x16f5d85,
-        0x07f2810,0x1a621d9,0x1bfbb2c,0x0c84dc3,0x09c2db2,0x0db5cf4,
-        0x041110c,0x0724221,0x0c4bc5d,0x0082c55,0x0da13f6,0x1d24dee,
-        0x071ef60,0x17d348a,0x1e88d14,0x1b6431a,0x033517f },
-      { 0x13c4a36,0x19fa32c,0x07baa70,0x106d635,0x0c69d71,0x1bdf765,
-        0x0307509,0x138ab44,0x07e4f17,0x1465127,0x162288f,0x06d3a8d,
-        0x1857373,0x1983817,0x13ac731,0x1aae8e3,0x19735ee,0x1458c26,
-        0x1c133b0,0x0a2f440,0x0a537f4,0x0c6b831,0x1fc4a74,0x1aefc38,
-        0x0571bb1,0x05903d2,0x060d436,0x0e95861,0x1ab8ef7,0x08cfb0f,
-        0x06c9eca,0x16bbb00,0x1c4cc13,0x02c8fd3,0x156c50d,0x07cfcc4,
-        0x1a3592b,0x0c9bdc2,0x1d524d2,0x07a618e,0x031fac6 } },
-    /* 238 */
-    { { 0x0913fb6,0x0678d82,0x1accbba,0x002ed34,0x1e40135,0x1f30f83,
-        0x0edc5e0,0x1fcf21d,0x1e27f2f,0x12883fc,0x1e26fc7,0x0cffdb5,
-        0x0d124ba,0x12c6f34,0x0480387,0x157dc31,0x0a36df5,0x14b1399,
-        0x12fad2a,0x186f9f5,0x1a7672c,0x0b749e2,0x0c317ea,0x0c67277,
-        0x0317cde,0x0b62615,0x1e0c2cb,0x0fecbcc,0x05b96a9,0x1a820df,
-        0x1b52bf0,0x0e619cc,0x1f40a60,0x06c2785,0x09e64d0,0x112d437,
-        0x07626b0,0x10c12a0,0x12fd4fb,0x1b6f561,0x001db35 },
-      { 0x00efee2,0x1de16d6,0x0d15b83,0x1bae3b7,0x0406ebc,0x1b4d5f4,
-        0x178f866,0x045ce57,0x137e018,0x0e5bf30,0x162d312,0x0038228,
-        0x03cbb8c,0x143e2eb,0x02d211d,0x0ceec84,0x1a1454c,0x00c23ef,
-        0x060e746,0x1d223ba,0x1046bed,0x0493c6f,0x06e7727,0x03466d8,
-        0x1d62b88,0x16e14a5,0x064f9de,0x1e12d0f,0x0e3ba77,0x0332a1e,
-        0x1f1eb24,0x0eec9dd,0x08695fd,0x032e78a,0x1c2e6b1,0x03c1841,
-        0x06e2cdb,0x1746945,0x0d0758d,0x119aeaa,0x07b6ba9 } },
-    /* 239 */
-    { { 0x1881ab4,0x0cf01e0,0x12232c7,0x0b662d1,0x19c25d5,0x11b2670,
-        0x0f51ca0,0x049505a,0x0f161aa,0x0cca1c8,0x0ecb265,0x1801c3d,
-        0x157838b,0x1ef63d3,0x1577f32,0x044151f,0x1c24ff7,0x026e901,
-        0x1bfbfd2,0x02e7661,0x0b355ec,0x198b214,0x067c74a,0x0dd027f,
-        0x1d9e505,0x0f8e035,0x0b02cc6,0x0522e57,0x023b159,0x11c27e9,
-        0x1b5ab83,0x131a123,0x101059e,0x032475e,0x0392995,0x10d662d,
-        0x1375e79,0x08a23f9,0x1142088,0x032e3d6,0x047e810 },
-      { 0x08c290d,0x0ea2d5e,0x0ce9c11,0x0b021f6,0x033d135,0x1ddf97d,
-        0x002491b,0x1b2575e,0x1385c7c,0x07f9f8d,0x066172b,0x01d9c2c,
-        0x08c5b15,0x154443a,0x1b829fc,0x1b9918d,0x08e5e88,0x1cec446,
-        0x12e1910,0x0e6be59,0x16f24dd,0x1b9e207,0x130784e,0x1fdad23,
-        0x025fff3,0x0e3fe1d,0x1c95fb9,0x1968762,0x0db1354,0x07c9f99,
-        0x14ea995,0x005bfe5,0x0f58d0a,0x131ca22,0x0622a32,0x0ef1c7e,
-        0x13e8669,0x1236677,0x1a1ece5,0x005c1b9,0x0785b19 } },
-    /* 240 */
-    { { 0x12f9a20,0x111b0d4,0x103bf33,0x0f3ac8a,0x17bdca8,0x006be2d,
-        0x06a1474,0x04da8e7,0x02e97c9,0x13d646e,0x09aa2c1,0x1ffcf1b,
-        0x092aea3,0x11e28db,0x0a2fd51,0x02834d0,0x0797155,0x03b78e2,
-        0x05df604,0x197dec7,0x0e7af4b,0x04aa0de,0x1d6f125,0x0e0834a,
-        0x14066d1,0x157f00f,0x161dd57,0x0505ab7,0x07ae80d,0x03eeacf,
-        0x1bdb884,0x0705566,0x056e166,0x0eb1a55,0x1bdae74,0x08cbdd1,
-        0x0e4ed84,0x110b056,0x0b09e66,0x0cf6ee2,0x06557c3 },
-      { 0x15b6e52,0x181346b,0x1a25586,0x00231a1,0x1081364,0x1758d75,
-        0x0ccc1a8,0x1299fea,0x06d0908,0x1231113,0x1075213,0x044f6bf,
-        0x0dbb351,0x0bd1831,0x197a81d,0x05b8b26,0x17bd66e,0x1a65651,
-        0x0425621,0x1afa477,0x13bf220,0x09c6223,0x0703f4e,0x10fb49f,
-        0x1370a67,0x05c56ff,0x13415fd,0x1e15d79,0x13f33ae,0x1a2608b,
-        0x0d08179,0x124b44d,0x0d1f0a5,0x1ddfedc,0x1d25c8b,0x09526c9,
-        0x0227d28,0x08d73bc,0x02ad322,0x00941c1,0x015c40d } },
-    /* 241 */
-    { { 0x00e18d1,0x18b4d15,0x1f0a6eb,0x0e98064,0x1971c01,0x0131674,
-        0x0c8fdef,0x0f3b034,0x1818ff3,0x04cedc6,0x0f0cc08,0x0c7a99a,
-        0x13663f6,0x008d02a,0x14c970c,0x148e1de,0x1dcf980,0x04e6b85,
-        0x127b41c,0x08a5a23,0x0e13e64,0x1a5633b,0x0befd0f,0x10b854b,
-        0x0c0a6ae,0x0624bdf,0x011c124,0x1f55caa,0x1e6ba92,0x1d43a48,
-        0x0502ae5,0x155f532,0x055f537,0x132aba0,0x16ecd9c,0x1ff92b5,
-        0x1119d6b,0x11a1dce,0x078dd91,0x1413a68,0x0788e94 },
-      { 0x053461a,0x137f2ce,0x1bb414e,0x1c11c76,0x15ec897,0x146c9cb,
-        0x14bcc1d,0x09f51eb,0x0cc213d,0x1eb5ffb,0x0051f26,0x16820b6,
-        0x09590c7,0x1e3dc0b,0x08d8a2d,0x0f1d241,0x06e5bce,0x1e33504,
-        0x17b0763,0x09a5049,0x0ce93dd,0x0260cee,0x0242b3d,0x086b4fd,
-        0x0d875d8,0x0d93319,0x07a98e0,0x1202cf8,0x1cc1285,0x0bcbf86,
-        0x18ec896,0x08df1a8,0x1a612b4,0x17d1cc8,0x15e3057,0x108430b,
-        0x119f678,0x0af61b8,0x1aa4f7d,0x18cf01b,0x091b19c } },
-    /* 242 */
-    { { 0x15d8b80,0x1384ee5,0x183bafc,0x05f86ac,0x03b9618,0x0f7cb48,
-        0x1664415,0x08570e7,0x1e47c43,0x0f525a6,0x1e219f4,0x0489aa9,
-        0x0fcc4b9,0x1ec6bbf,0x0c68b2b,0x1eac727,0x0e7e8c1,0x1034692,
-        0x065cc15,0x1f576c9,0x174f5f5,0x0802a11,0x00c9231,0x071d227,
-        0x1e2b53f,0x05f61b6,0x0deeda0,0x1a0fd1d,0x1313b5e,0x09ebec7,
-        0x04a5920,0x15fa5a7,0x1b6a069,0x0518d3d,0x1238212,0x0b80db0,
-        0x04f0c32,0x13fd97f,0x10ebda1,0x0680ce6,0x03c2ba8 },
-      { 0x13ad63b,0x16bbace,0x0c7ead8,0x0eb3c1d,0x1f9cab9,0x02f08b9,
-        0x0a98ce2,0x13ce066,0x0e20b2f,0x11657e7,0x12a51fc,0x14fc93d,
-        0x0db529b,0x11146c4,0x0550859,0x12ac249,0x1ec3923,0x0407511,
-        0x10dc191,0x120fcfa,0x0e441b8,0x0aab1f2,0x12dfe91,0x14961f4,
-        0x1829eb2,0x1c96654,0x1120181,0x014e414,0x0991ced,0x0d06123,
-        0x1ae3337,0x0691a10,0x1a2325b,0x177099b,0x1427d82,0x1eacdda,
-        0x147f253,0x1870488,0x0ef60f4,0x14b820e,0x01fa627 } },
-    /* 243 */
-    { { 0x0478fd4,0x1115121,0x0002844,0x02ce164,0x0cf4c6f,0x0ce36f5,
-        0x0c13e0d,0x179ee37,0x17b93cd,0x0c71414,0x16d82d8,0x15c6461,
-        0x0996e1b,0x0b2d9d9,0x1ff4ed2,0x0abbbe2,0x1c6bc70,0x1d2c31c,
-        0x0e05f5f,0x1525da9,0x08a4c3e,0x13691d8,0x0420aca,0x02e021d,
-        0x1228adc,0x0cbc238,0x1883a27,0x0a773c8,0x1f77c97,0x07cb81f,
-        0x1973df9,0x0577cc1,0x03f8245,0x100beb6,0x12f2e03,0x173c865,
-        0x00a45ed,0x052d66e,0x1d0f854,0x00a8f30,0x067b8bd },
-      { 0x0797cf7,0x03cda7a,0x180b998,0x15a07fb,0x031c998,0x055778f,
-        0x1d8e953,0x022b546,0x0f76497,0x06cd0ff,0x06c69d9,0x18e75e5,
-        0x137ce0d,0x1db3654,0x186c20f,0x0d4f0cc,0x0fe32fb,0x0dfa6ba,
-        0x1c02958,0x0dde13b,0x115925f,0x1fc18e8,0x0af10e0,0x0d7bc6e,
-        0x0c10c53,0x12db6ae,0x1e20b31,0x0928bf3,0x1a99b8d,0x0789a28,
-        0x09207d2,0x0d75823,0x00161cd,0x125050a,0x13b7c62,0x093b29a,
-        0x0467a82,0x1b18b2d,0x0bb7d94,0x1534993,0x074297a } },
-    /* 244 */
-    { { 0x01124ba,0x1ac5271,0x0f4b125,0x1150fff,0x19bd819,0x131c544,
-        0x13744f5,0x0ec8bf7,0x015f7bf,0x0322ffc,0x1b55fa5,0x06df89c,
-        0x195fa67,0x09730ed,0x0b991d6,0x128943d,0x00ccbdf,0x03cabae,
-        0x16cc75d,0x02608e4,0x1ae6a3d,0x112655a,0x1e2077c,0x0510fe4,
-        0x1d2991a,0x02cc6df,0x0289ab1,0x07a0eb2,0x061d4a2,0x0c296c3,
-        0x1dcb962,0x1140281,0x1b5c13b,0x1bc151b,0x0678fec,0x001f283,
-        0x1bc14e9,0x15502c8,0x0ec49c8,0x175aab7,0x089aab7 },
-      { 0x056bdc7,0x02d4b6b,0x14ee2cd,0x1fc2ed9,0x03bdc8a,0x0b2621a,
-        0x062d8cb,0x083ad2a,0x179b82b,0x079b253,0x033e0bf,0x089dff6,
-        0x1b907b3,0x0880943,0x14320f1,0x121dfe7,0x05934cd,0x074f935,
-        0x1c20ad7,0x0b55e40,0x0165e5f,0x1af673e,0x13adcb1,0x130d9ac,
-        0x10a81be,0x15574ac,0x1ffc54d,0x1dde931,0x063d5ef,0x0121d41,
-        0x0ac1158,0x0a95d0e,0x00be14f,0x03b434a,0x13278c8,0x157dcf7,
-        0x01bc4d7,0x0b513ee,0x0ad1b52,0x12eb281,0x0002dc2 } },
-    /* 245 */
-    { { 0x09d60c3,0x19c9bdb,0x1d57b94,0x05fd2e4,0x060be55,0x0392d31,
-        0x0de3703,0x185623f,0x0cab2e7,0x0c1613f,0x0c8b2da,0x1bb3dc4,
-        0x174bcee,0x0913827,0x0ac67b4,0x0c2cb2a,0x085854a,0x096fa61,
-        0x0c64921,0x016b7ef,0x152aba4,0x08008cf,0x1f2f2a5,0x15bb0df,
-        0x1d1cbe5,0x160ba33,0x0f6743c,0x17ea6df,0x14ebc99,0x171a5c6,
-        0x05cf0a5,0x00b5026,0x095f8f4,0x1afbb02,0x0359ccc,0x0518b3d,
-        0x0054212,0x09e9927,0x169cc2d,0x06a7877,0x04d5645 },
-      { 0x05c0877,0x17c003f,0x1d91cc8,0x0c19534,0x081b43e,0x00938b2,
-        0x13d2e8b,0x184463e,0x1ed3136,0x0acb42b,0x0cc3782,0x064471b,
-        0x1cae826,0x0cc8475,0x0beb502,0x0463cca,0x014af0d,0x085c68c,
-        0x072f0d2,0x018a961,0x1f8e268,0x19a5f9d,0x1f5158b,0x056b2bf,
-        0x1090b09,0x01a14c2,0x117857f,0x0de7394,0x178168e,0x08c8de1,
-        0x01dc05d,0x108b495,0x06944b3,0x0aa0d48,0x1d2a0a8,0x09598da,
-        0x1155c8b,0x04dd59d,0x1b18ab7,0x19cee60,0x01f2f89 } },
-    /* 246 */
-    { { 0x0ffefdf,0x1f7a0cd,0x15ae094,0x0a99f24,0x05d7ece,0x0272418,
-        0x00bcad1,0x03e6ee0,0x1cba547,0x0c4baaf,0x0f8056c,0x0797ab9,
-        0x09c8848,0x1505c21,0x13df1a5,0x1ec3a4a,0x1d461f3,0x18c4285,
-        0x0891c55,0x0421121,0x0b0d7ba,0x176c977,0x0d6aef0,0x0bbd912,
-        0x0cabe96,0x0257dab,0x12f155a,0x1b446e4,0x1a74929,0x1cb7b53,
-        0x11b62e8,0x05de974,0x0b90db7,0x0d93d7e,0x1f82642,0x1dba469,
-        0x16f4366,0x19e0b23,0x0351ef7,0x0fe2fca,0x009c809 },
-      { 0x0050c07,0x058a030,0x0df9a81,0x108751c,0x029e831,0x0af20fe,
-        0x0a6caed,0x0759728,0x02ce60e,0x097f52d,0x160bd3b,0x1fe7b73,
-        0x1adc7b1,0x143e9bf,0x1afb30d,0x0ea7291,0x032ecb0,0x13c8a9f,
-        0x1c1d5a4,0x000a9ea,0x19ba6a6,0x064003a,0x0e1c734,0x1245be2,
-        0x1386f30,0x1be0bd3,0x1a0cd5e,0x1d3f8b3,0x0151864,0x19d49ca,
-        0x024749a,0x1a69b71,0x12a0222,0x06db8c8,0x13d167f,0x0ccce5f,
-        0x04ff303,0x1f9346a,0x185b168,0x1a6d223,0x06f113e } },
-    /* 247 */
-    { { 0x036f1c9,0x0efac8c,0x01f54aa,0x0a84646,0x1a6519f,0x16942d7,
-        0x11c0577,0x0eb080d,0x0af627f,0x10aa2e5,0x0105f42,0x03dd59c,
-        0x03ae111,0x13089a2,0x0a2f7da,0x19797f6,0x0ab52db,0x06f4f78,
-        0x004f996,0x183036f,0x1225e9d,0x0dcc893,0x02c76af,0x10298b2,
-        0x198e322,0x13f2f82,0x1b64d3b,0x18772cd,0x1ba4bf5,0x076d5cc,
-        0x19d3ae1,0x07836ab,0x0919a34,0x14307d9,0x0d2652a,0x0d535bb,
-        0x16811ff,0x19106ff,0x00f886d,0x077a343,0x06636a2 },
-      { 0x0587283,0x0ad1690,0x11777d7,0x13de0ff,0x0b3822c,0x1b6f1c0,
-        0x0f5543b,0x03a2f0d,0x125d167,0x11e7c83,0x0c77bc5,0x0e3e39b,
-        0x0a74bf9,0x04217e2,0x127a0c0,0x0a9eeae,0x1c727f8,0x187176d,
-        0x13892b2,0x0f77b57,0x108dbb2,0x1602df6,0x106c673,0x1920979,
-        0x0123ef7,0x16dd56d,0x0f62660,0x04853e3,0x16e6320,0x10b732f,
-        0x0c9274d,0x1dcb3fa,0x1789fa8,0x194fad1,0x0eebfa7,0x002c174,
-        0x0f5378a,0x169db0d,0x09be03c,0x0ece785,0x07aeecc } },
-    /* 248 */
-    { { 0x043b0db,0x03abe6e,0x12b7ce9,0x0b30233,0x1d8a4e8,0x0b60ab1,
-        0x16fd918,0x12ff012,0x04f533e,0x11503de,0x1f16b4f,0x06ce739,
-        0x0ca9824,0x06b4029,0x09ae8eb,0x1d8cc31,0x1908a1c,0x0deb072,
-        0x0ac6da5,0x10834a0,0x195bae3,0x090c850,0x061b7fc,0x063fb37,
-        0x0beacad,0x1bd96f9,0x1331ca3,0x1b12644,0x10a9927,0x139c067,
-        0x1ab0e3a,0x0b0d489,0x0439a80,0x0f81e54,0x1fc0585,0x0bdbcfe,
-        0x07a1f88,0x124c841,0x1d91520,0x00d6f14,0x028ec40 },
-      { 0x0fe0009,0x1061751,0x13a7860,0x05e270e,0x011ba5d,0x126da97,
-        0x0915314,0x0532ea4,0x07fede5,0x0a3ba13,0x1403513,0x0335364,
-        0x0b01d34,0x0c34922,0x0229248,0x1c3739c,0x023dd1b,0x05d0b48,
-        0x0a8c078,0x187ca86,0x0788242,0x1d38483,0x06d5bde,0x0951989,
-        0x12a09c7,0x01cf856,0x075dbe5,0x139a308,0x1fb60e9,0x1f05b10,
-        0x0d3b76b,0x17872ec,0x16bee54,0x1854202,0x0183fdf,0x1e8ca7f,
-        0x0011c0a,0x0a43b79,0x0970daf,0x18e192a,0x0134f4c } },
-    /* 249 */
-    { { 0x138dff4,0x0d1f674,0x068e588,0x1690d4f,0x1d101a7,0x0a829bb,
-        0x1be5f7a,0x1b7e589,0x1e65d87,0x18c204c,0x0e33ebc,0x1ff66e7,
-        0x0eb89c7,0x142148b,0x0ea9417,0x14ec8d1,0x1094ebe,0x1d3c87e,
-        0x164a24a,0x1beda9c,0x1741679,0x0e7e7f6,0x0808ccc,0x101fe42,
-        0x0efd298,0x08085fa,0x1740d11,0x194f1bb,0x0858c87,0x0f659a1,
-        0x1e8b2c2,0x04aea90,0x05eb6dc,0x18248cf,0x0857af2,0x02a0ceb,
-        0x1381d47,0x0973a7b,0x15bd027,0x05307a7,0x06ea378 },
-      { 0x05cc40a,0x004a5a7,0x17ef197,0x1435e6f,0x1a2e3f6,0x0137223,
-        0x1fa77e4,0x0a7dece,0x193880f,0x1c3c64a,0x112aa6d,0x160efec,
-        0x1c4aa30,0x1790461,0x1145a0c,0x0cc7741,0x1ae658d,0x03e013b,
-        0x187644c,0x1678715,0x1ea4ef0,0x13b4ae1,0x0c0bcde,0x018bc1a,
-        0x0c1c56a,0x1cff002,0x10832f3,0x1fa92b8,0x0a0e7c9,0x0dceab4,
-        0x151c1b5,0x0b250c8,0x1225dff,0x1384e45,0x1196366,0x10a4fa8,
-        0x07c08d6,0x02ac6d4,0x1c1f51f,0x1cd769d,0x0606ee6 } },
-    /* 250 */
-    { { 0x1c621f6,0x0cfe3ab,0x15200b6,0x02ffd07,0x092e40c,0x18ccd81,
-        0x11e867b,0x0cc37bf,0x0e62c76,0x0502081,0x0e1d4de,0x06e1cce,
-        0x0f16cda,0x0f1d32d,0x0065d34,0x1c41379,0x048f78f,0x10cba10,
-        0x1d66071,0x140b157,0x102dc83,0x1a4e44b,0x1c9ac90,0x034cf15,
-        0x12f1e9d,0x114cc45,0x03fca6b,0x0e57f36,0x1cf5ec4,0x11cc0eb,
-        0x162850f,0x164d1bb,0x09d7e45,0x07fbb4e,0x09557f1,0x062cd9b,
-        0x04aa767,0x0266f85,0x01c1d81,0x1efd229,0x049dba6 },
-      { 0x158e37a,0x03fd953,0x1d98839,0x0e5b1d5,0x0f6b31d,0x0e11085,
-        0x157e5be,0x0566a55,0x190efc3,0x049fb93,0x12c9900,0x13b883c,
-        0x15435c9,0x02d8abc,0x0a1e380,0x06aeb7f,0x0a40e67,0x0cce290,
-        0x1fba9d6,0x104b290,0x148bca6,0x00f8951,0x00a7dee,0x1459c6a,
-        0x1cc182a,0x162d2a3,0x0fab578,0x023b0e9,0x082cdfa,0x1a4daab,
-        0x19a6bc0,0x1177d1c,0x06ebfea,0x1ca55fc,0x1e0bd54,0x1e7b570,
-        0x0bc8eb8,0x05fbcbf,0x19e3116,0x14936fb,0x04890a7 } },
-    /* 251 */
-    { { 0x1a995f6,0x0cb44c6,0x1bbf5ca,0x0fd8c2a,0x139eaae,0x15416ae,
-        0x01030d5,0x1fcd2b2,0x1c135bc,0x1023590,0x0571e2c,0x16c81eb,
-        0x00ea720,0x13e2fda,0x0093beb,0x077f805,0x14c0edb,0x14bec7e,
-        0x07c93af,0x00520af,0x06b912f,0x078c3f5,0x05bf11f,0x13ab846,
-        0x1fd2778,0x166610c,0x122498f,0x0674d6d,0x0d30a62,0x1a5945b,
-        0x00208d8,0x193666d,0x0352e25,0x1ba2b65,0x1b29031,0x172711a,
-        0x1c92065,0x12ad859,0x069dbe3,0x0960487,0x05c1747 },
-      { 0x0accab5,0x073e145,0x016f622,0x0d559da,0x1802783,0x1607b28,
-        0x01df733,0x10430b7,0x0125c28,0x1e56e0e,0x1715324,0x0814cff,
-        0x1345df5,0x013c451,0x0f21b8b,0x1f4589e,0x069e3a0,0x19f43a2,
-        0x1ce60f3,0x1b548e4,0x18a5c59,0x05a54b6,0x0c18f12,0x1cb122a,
-        0x12bcfc2,0x061e1c6,0x1e1390a,0x01cf170,0x04fd539,0x1496786,
-        0x0164028,0x1283cc0,0x1f92db7,0x09d0e5b,0x0905b29,0x0f2acf2,
-        0x11ab0fa,0x1b798ed,0x10230d7,0x168f6b0,0x05d675e } },
-    /* 252 */
-    { { 0x10c6025,0x10d3bc3,0x1f2abbb,0x0f2345b,0x1c4a23b,0x15b2627,
-        0x18310e1,0x162f61c,0x1e5ae72,0x0ead8be,0x1e884b5,0x11593dd,
-        0x166dfc8,0x0a01c5c,0x1abbefb,0x05d989f,0x1568e2d,0x184cd61,
-        0x04abc81,0x1d4c240,0x1218548,0x0dc4e18,0x13ffb67,0x1cce662,
-        0x091c4e0,0x0700e0f,0x1ebe0c0,0x01376c9,0x13c3be0,0x080e33b,
-        0x1ea1e01,0x1810433,0x0cd6ede,0x1837ff0,0x181fe06,0x1ef80ab,
-        0x0080b36,0x1b1fce7,0x1b28e0a,0x15e153f,0x002fccb },
-      { 0x07cac61,0x0ea68da,0x04b2664,0x0f570dc,0x0e9d168,0x0a78211,
-        0x157b0ae,0x1cb18d0,0x148e648,0x120028c,0x06b15f2,0x1f65df1,
-        0x0d9ba91,0x0df3c96,0x1064818,0x03c2a9e,0x1cbbd0f,0x0c16910,
-        0x1111006,0x1d6277f,0x0fdc062,0x194cbc8,0x1cea5f0,0x0cf4c97,
-        0x16d9460,0x1ad273c,0x01b48dd,0x08dba60,0x1f0f23c,0x026af6b,
-        0x15e19cb,0x0769ec7,0x01851dc,0x139f941,0x1833498,0x1ea1475,
-        0x0ac60f6,0x072c7e7,0x1551600,0x0ac2708,0x056f1e4 } },
-    /* 253 */
-    { { 0x0c24f3b,0x059fb19,0x1f98073,0x1e0db02,0x19eb1c7,0x1133bb4,
-        0x102edaa,0x1c11b8c,0x00845d5,0x01c57ff,0x09e6a1e,0x1963f03,
-        0x10f34fe,0x1f340cd,0x0b8a0b4,0x14970d4,0x1ce8237,0x0e25cbb,
-        0x1d8d90e,0x0d67b70,0x04970f4,0x004bcb8,0x09197d5,0x1237c87,
-        0x0876287,0x1636bf0,0x10d0663,0x004416d,0x1d94bb0,0x031b849,
-        0x0c95ece,0x053ad21,0x0012e16,0x168d242,0x16d482a,0x0605d93,
-        0x05dc34e,0x1717e34,0x033e2bf,0x06c4aa0,0x0911d19 },
-      { 0x1e5af5b,0x0deac7a,0x0a9c4ec,0x16f6d44,0x07ca263,0x17956e5,
-        0x1b137ce,0x17b56d7,0x1a04420,0x1328f2c,0x0db0445,0x1676974,
-        0x103b448,0x1fa1218,0x18aff37,0x0d97678,0x0a5f1a9,0x06f0ae2,
-        0x1347e60,0x15b143c,0x1a3abe0,0x071b339,0x004af45,0x02559bb,
-        0x03af692,0x0e72018,0x115d825,0x1edb573,0x1f5ca58,0x0415083,
-        0x0c1f7c6,0x1112d47,0x103e63c,0x1d9f85c,0x1513618,0x1dea090,
-        0x009887d,0x080cdce,0x0e19579,0x1fd41ea,0x02be744 } },
-    /* 254 */
-    { { 0x150f324,0x0682fad,0x1e88153,0x083d478,0x19b1eb2,0x1c735bd,
-        0x02971ff,0x104950b,0x0ec0408,0x01c817f,0x0ea6f76,0x0929a19,
-        0x1e72b26,0x194e4f0,0x05dbe42,0x1b703a0,0x102ceba,0x002ea75,
-        0x1cae2ff,0x080b626,0x1190874,0x00bcf56,0x17104a2,0x056919a,
-        0x03dd3ec,0x019ea25,0x1cfd354,0x089334e,0x0c3a098,0x1c66ab2,
-        0x0eecdec,0x1e85d00,0x0e99497,0x08c5940,0x1e82e3d,0x0980f68,
-        0x1568fde,0x0871e29,0x039eb1c,0x05f9d5a,0x0735f54 },
-      { 0x0380039,0x0d0b89c,0x07232aa,0x0fee9a3,0x0dfafe1,0x1e0d45d,
-        0x0e4fb32,0x00b25a8,0x1fe0297,0x02edf9c,0x1a6cd8f,0x0b57261,
-        0x0a4552b,0x157ea4a,0x198c0c8,0x15886fd,0x0d73f02,0x041354d,
-        0x04d58a6,0x0a6ac53,0x1b3998c,0x03b9a15,0x0321a7e,0x1f36f34,
-        0x10020e4,0x0d4eba8,0x134d1e2,0x06c3a34,0x0856376,0x0add67d,
-        0x193c37b,0x111580f,0x07ee73f,0x18e5ea0,0x00fc27b,0x1bf58fa,
-        0x0d475ba,0x0b4be5a,0x0e67897,0x13a297a,0x01e984c } },
-    /* 255 */
-    { { 0x050c817,0x082b0a4,0x04b71db,0x1269130,0x108a5b1,0x0c65df5,
-        0x1455179,0x0b4e4e7,0x04be61e,0x0805afd,0x1ae3862,0x0d23af5,
-        0x0baa088,0x09ad1ea,0x1999abf,0x0fa7bcc,0x19957ec,0x01c5160,
-        0x1a35bd7,0x091d1ec,0x1746a06,0x163d6e0,0x07e7f24,0x060cb86,
-        0x116c084,0x13491d0,0x01879ab,0x0c6e144,0x047e733,0x1b9b155,
-        0x01189b0,0x1bdfedb,0x00c25f2,0x1696a2a,0x093336f,0x0530090,
-        0x039a949,0x0dfe700,0x0b8052d,0x0aced28,0x06c474a },
-      { 0x188e3a1,0x1cd20be,0x10a8eba,0x118908e,0x105d3c8,0x1308988,
-        0x1a344ff,0x117cb3b,0x11a869e,0x047adb5,0x1764285,0x18b354e,
-        0x137a8ab,0x110a300,0x0326f1d,0x099b25e,0x147c382,0x121fd53,
-        0x09742e4,0x0c7430d,0x0ebc817,0x1e4de5d,0x0ef0d06,0x08ba3bb,
-        0x13160f7,0x0fa70c0,0x16dd739,0x0a79ca5,0x0de4c2a,0x13366a8,
-        0x1b457ab,0x0ebaeca,0x0d8996c,0x12a952f,0x1c47132,0x09c9fea,
-        0x1c5305b,0x0f4c2d1,0x08b3885,0x0a9f437,0x06b2589 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_42(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_42(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 42);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 42, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 42, km);
-
-            err = sp_1024_ecc_mulmod_base_42(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_42(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 42 + 42 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 42 + 42 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 42;
-
-        sp_1024_from_mp(k, 42, km);
-        sp_1024_point_from_ecc_point_42(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_42(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_42(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_42(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_1024_ecc_mulmod_base_42(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_1024_proj_point_add_42(point, point, addP, tmp);
-
-        if (map) {
-                sp_1024_map_42(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_42(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 42);
-    int err = MP_OKAY;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 42, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_42(point, gm);
-            err = sp_1024_gen_stripe_table_42(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 42);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 42, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 42, km);
-        sp_1024_point_from_ecc_point_42(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-            err = sp_1024_ecc_mulmod_stripe_42(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_42(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_42(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_42(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 42;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_42(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_42(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_42(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_42(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_42(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 42;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_42(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_42(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_42(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_42(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_42(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 42];
-    sp_digit tx[2 * 42];
-    sp_digit ty[2 * 42];
-    sp_digit b[2 * 42];
-    sp_digit e[2 * 42];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 42 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 42 * 2;
-        ty = td + 37 * 42 * 2;
-        b  = td + 38 * 42 * 2;
-        e  = td + 39 * 42 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 42, base);
-        sp_1024_from_mp(e, 42, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 42);
-        sp_1024_mul_42(b, b, p1024_norm_mod);
-        err = sp_1024_mod_42(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 42);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_42(tx, ty, t);
-            if ((e[i / 25] >> (i % 25)) & 1) {
-                sp_1024_proj_mul_qx1_42(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_42(tx, tx, t);
-
-        XMEMSET(tx + 42, 0, sizeof(sp_digit) * 42);
-        sp_1024_mont_reduce_42(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 42, 0, sizeof(sp_digit) * 42);
-        sp_1024_mont_reduce_42(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_42(r, tx, ty);
-        err = sp_1024_mod_42(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][42] = {
-    { 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000,
-      0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000,
-      0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000,
-      0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000,
-      0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000,
-      0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000,
-      0x0000000, 0x0000000, 0x0000000, 0x0000000, 0x0000000 },
-    { 0x15c1685, 0x1236919, 0x09605c2, 0x03c200f, 0x0ac9e97, 0x052539f,
-      0x1cf7d0f, 0x0ea81d1, 0x1826424, 0x1237c0a, 0x15db449, 0x176966c,
-      0x1b3af49, 0x195f8d7, 0x078b451, 0x0a3cdb1, 0x02c2fd1, 0x013df44,
-      0x1e21c5f, 0x1db90b1, 0x0c6fadd, 0x1f8b563, 0x15b6166, 0x11d5cb1,
-      0x01a1b2d, 0x186873a, 0x018707c, 0x1f5ef40, 0x07e0966, 0x084d4db,
-      0x1f59b6f, 0x0fa769e, 0x1f11c06, 0x1e4c710, 0x080b1c9, 0x02c2a57,
-      0x086cb22, 0x0ac448f, 0x0ebd2bf, 0x0d4d7a7, 0x059e93c },
-    { 0x1dd4594, 0x0e9b7b8, 0x079b953, 0x1e015de, 0x1bc9cc9, 0x0fb2985,
-      0x0913a86, 0x0513d4b, 0x13f5209, 0x0c4554c, 0x1050621, 0x12991eb,
-      0x1a97537, 0x0089ccf, 0x02f5e4b, 0x0d56a23, 0x0fdf5cb, 0x15cde9d,
-      0x1b2e594, 0x1a39645, 0x1813813, 0x13a01c4, 0x1f51589, 0x1908639,
-      0x1119b4a, 0x15b28fb, 0x0428603, 0x1b3ed52, 0x1bfa2ed, 0x168bcfb,
-      0x1644e51, 0x0a153a1, 0x0f18631, 0x1b9e98b, 0x0835be0, 0x12be338,
-      0x1b6a52b, 0x02d6354, 0x0b80efa, 0x0f6e9ec, 0x063ef18 },
-    { 0x16f45e7, 0x1b5bf80, 0x0be1f0d, 0x0e57d90, 0x1c1bdb5, 0x014db00,
-      0x1dd0739, 0x03ae725, 0x0c7afd8, 0x1edf851, 0x04262db, 0x163ee48,
-      0x0fbda41, 0x1db07c6, 0x101d1d2, 0x1789ab6, 0x141b330, 0x1499f06,
-      0x0cfe8ef, 0x105060e, 0x0cd1ae1, 0x0d87ae3, 0x083b4a6, 0x130c191,
-      0x1354e3f, 0x020bff9, 0x1855567, 0x026c130, 0x1f85cbb, 0x1b1e094,
-      0x0faac32, 0x08ed0bf, 0x02ecc49, 0x0cb19b4, 0x1b0bac6, 0x14a0bd1,
-      0x1dac2cd, 0x0e63ca6, 0x1688e43, 0x039e325, 0x04fe679 },
-    { 0x1e8733c, 0x011ea82, 0x1f06529, 0x0a3aae2, 0x0c845e6, 0x10d9916,
-      0x1fa23a5, 0x19846f8, 0x0db4181, 0x02238e3, 0x0f5c843, 0x0bc4e27,
-      0x0900c87, 0x1960bd8, 0x1f7a7b6, 0x1d5ed3b, 0x1e5e88c, 0x1218536,
-      0x0e073a9, 0x0f4c34f, 0x18d5aaa, 0x13119fc, 0x1a94b40, 0x0d13535,
-      0x0fdd060, 0x155daaf, 0x1972b12, 0x019f4f9, 0x1507613, 0x188a474,
-      0x14be936, 0x09d343c, 0x09570c4, 0x000b818, 0x1d84681, 0x0431843,
-      0x1e78d9d, 0x0e8fff5, 0x0ca5d55, 0x030ac3b, 0x004482a },
-    { 0x1d486d8, 0x0c56139, 0x079f9dd, 0x0cc39b8, 0x0169f94, 0x0455a7c,
-      0x067f086, 0x060e479, 0x0f33736, 0x072a781, 0x1089828, 0x1c4b7b1,
-      0x00560be, 0x0298de3, 0x1f0c1f1, 0x1fd6a51, 0x11a7e44, 0x1eb790f,
-      0x1c4a34d, 0x089338a, 0x0a45c8e, 0x1f6bd97, 0x058ec14, 0x147a445,
-      0x07a0432, 0x1342061, 0x14d5165, 0x16a30a9, 0x1557e95, 0x124feb9,
-      0x1e99b86, 0x10d240e, 0x1267fd9, 0x0138106, 0x034f9cd, 0x09f426a,
-      0x08ccdb4, 0x0e1f92b, 0x1e27c6a, 0x1f1bdb7, 0x0833a0f },
-    { 0x1376b76, 0x00ce3d5, 0x0332a31, 0x064fa1e, 0x1b7294f, 0x0628a69,
-      0x0e78aa4, 0x14dcad7, 0x0a62575, 0x18dd28f, 0x102a224, 0x00f6131,
-      0x0a56fee, 0x1a60b51, 0x0f96bba, 0x04c1609, 0x10be6eb, 0x072899a,
-      0x075709c, 0x1db5ad4, 0x0dd1339, 0x0cf4edd, 0x1cd9bb5, 0x1a0dd81,
-      0x1be882d, 0x1eda109, 0x032c461, 0x05ac739, 0x01058a2, 0x0af0ec5,
-      0x1c47fb2, 0x1456e89, 0x1f73ea6, 0x02e0601, 0x146bd3c, 0x00e83fa,
-      0x05f811a, 0x16fcad4, 0x0597cb8, 0x1c7d649, 0x0692b3c },
-    { 0x0a127b4, 0x165b969, 0x05bc339, 0x0b1f250, 0x06a46ea, 0x11bb0b3,
-      0x1d18d1e, 0x1dc87d9, 0x1e0ab96, 0x11ecd00, 0x16fa305, 0x18db65d,
-      0x05c8145, 0x06f2733, 0x109b2b9, 0x0a5f25e, 0x14074e2, 0x08ba685,
-      0x14abe0c, 0x0481aef, 0x093654c, 0x0b9eb29, 0x1607e8e, 0x13a8d2a,
-      0x1491ca0, 0x01e02dc, 0x0d51499, 0x189d0a6, 0x1283278, 0x0198ea0,
-      0x094cb59, 0x0e06c3e, 0x0479038, 0x184f932, 0x06c627b, 0x00ee832,
-      0x01de5fe, 0x078557c, 0x10b5b03, 0x015e800, 0x0333e43 },
-    { 0x126d3b7, 0x026f267, 0x06f977c, 0x0d6a7ef, 0x17a7730, 0x045b322,
-      0x0f17c60, 0x0c14802, 0x0850373, 0x1948f52, 0x1840dfb, 0x1afa160,
-      0x1b1ffc9, 0x12e489d, 0x1413765, 0x10b0fb3, 0x1aff13b, 0x0ca451b,
-      0x18fb9d5, 0x086907f, 0x1386b54, 0x1a02318, 0x0ff0879, 0x1bd6b18,
-      0x104e5cd, 0x0a959d0, 0x0995cb3, 0x09fc30c, 0x0aa4089, 0x18d08ad,
-      0x18bae69, 0x08b3d48, 0x0dc6fe5, 0x18151c5, 0x05d52ba, 0x037631a,
-      0x0f7791d, 0x093b1b1, 0x15c22b8, 0x03bad77, 0x010e8b3 },
-    { 0x0d9f1af, 0x181f29f, 0x059ae1f, 0x0eaccec, 0x03ad247, 0x070adc0,
-      0x158c1d3, 0x0b671b9, 0x026b1e8, 0x03bf158, 0x0670546, 0x1a2e35f,
-      0x1ab1654, 0x09c12a3, 0x00ba792, 0x0bdeb2f, 0x07c26d5, 0x036e3fe,
-      0x1efad53, 0x11f2ba5, 0x0357903, 0x1f01b60, 0x1f96437, 0x1b87eff,
-      0x16eae4f, 0x14467e5, 0x13cd786, 0x163f78a, 0x0a5568c, 0x0ed96d0,
-      0x15cf238, 0x0b6deaa, 0x087393f, 0x005034d, 0x0ccb9eb, 0x1670c8d,
-      0x0a8495a, 0x130e419, 0x112f3f4, 0x09819b9, 0x0648552 },
-    { 0x0a6ff2a, 0x1d9f162, 0x0a286af, 0x146b4c8, 0x0aa03fb, 0x17fba11,
-      0x09fc226, 0x1271084, 0x0ba5dbd, 0x19bc41d, 0x060b2c8, 0x15d3a54,
-      0x0538186, 0x04d00f8, 0x1c1d935, 0x03cf573, 0x1eb917b, 0x1c9208f,
-      0x1c32ed6, 0x163206a, 0x1e7c700, 0x0adc8a5, 0x1754607, 0x102305a,
-      0x0443719, 0x0cb89ae, 0x115d2e6, 0x04eb1a4, 0x0d28b23, 0x147ab19,
-      0x0269942, 0x1f4707e, 0x0078bac, 0x19ec012, 0x1830028, 0x12ca8d4,
-      0x0df8b44, 0x030e3d1, 0x158f290, 0x1e5e468, 0x01f76f3 },
-    { 0x0c436b0, 0x160a1a2, 0x01ea6a8, 0x0c3ed39, 0x1907055, 0x16d96fb,
-      0x045ed7d, 0x1046be6, 0x1ed56ba, 0x0bb0fa0, 0x0be9221, 0x0c9efa1,
-      0x1ef8314, 0x1d6e738, 0x07ca454, 0x0e91153, 0x093116b, 0x1593dfb,
-      0x0ee510e, 0x14b5193, 0x1de8a98, 0x131772f, 0x1fe1e00, 0x025596e,
-      0x193dd18, 0x0491d37, 0x137212f, 0x1f25499, 0x14995aa, 0x1157f8e,
-      0x074f095, 0x009db13, 0x19fc33c, 0x1529c7e, 0x0a513b4, 0x0d80519,
-      0x049ea72, 0x19b3dd8, 0x0381743, 0x1f67a21, 0x004924f },
-    { 0x073562f, 0x0471ee3, 0x1230195, 0x0bc5d5c, 0x13b3302, 0x0e34bbe,
-      0x14cad78, 0x0f7cc3f, 0x06ebe55, 0x1271032, 0x1b86390, 0x038083a,
-      0x1b76739, 0x0a6bf4a, 0x03aee38, 0x0371897, 0x1d42099, 0x1a5745b,
-      0x004a434, 0x01becdc, 0x1f4ef8a, 0x11c92f2, 0x125f892, 0x0104e55,
-      0x1b2cb15, 0x130bcd3, 0x18941c9, 0x08160e5, 0x02fa49b, 0x10c1483,
-      0x13b6b67, 0x1e78a77, 0x180a784, 0x013ccc3, 0x0dda7c5, 0x0cb1505,
-      0x0146842, 0x06c24e6, 0x0b8d423, 0x0138701, 0x04dfce8 },
-    { 0x127b780, 0x14e596a, 0x0375141, 0x0b2ef26, 0x152da01, 0x1e8131e,
-      0x1802f89, 0x0562198, 0x0bb2d1b, 0x0081613, 0x0b7cf0d, 0x0c46aa9,
-      0x074c652, 0x02f87fa, 0x0244e09, 0x0dcf9ad, 0x0c5ca91, 0x141fd46,
-      0x0572362, 0x01e273a, 0x16b31e1, 0x1740ee2, 0x1c5cf70, 0x09db375,
-      0x0cb045c, 0x1143fe7, 0x011f404, 0x00ffafb, 0x1a532f3, 0x18a9cf9,
-      0x0889295, 0x1c42a78, 0x1e9e81d, 0x052042c, 0x057790a, 0x078ac4b,
-      0x1339bd2, 0x1ed7fc4, 0x1a00b71, 0x0117140, 0x00d0759 },
-    { 0x0085f2a, 0x17953ef, 0x0b961c2, 0x1f7d336, 0x08fcd24, 0x05209dc,
-      0x1498567, 0x0a31181, 0x08559f8, 0x1815172, 0x0b68347, 0x0043ec4,
-      0x1583b96, 0x16e51b0, 0x0170bd5, 0x18d04b8, 0x11c7910, 0x100a467,
-      0x1c9a56f, 0x1e512c4, 0x0ef6392, 0x1ad46b2, 0x020f42e, 0x1f978a5,
-      0x122441c, 0x1f2f786, 0x1149845, 0x0bb5f9d, 0x0928e9f, 0x095cf82,
-      0x0aada18, 0x0727e5c, 0x03f744d, 0x008a894, 0x1fb5c03, 0x1df7dda,
-      0x04360df, 0x06f10ad, 0x14d6bcb, 0x0385e10, 0x024fa96 },
-    { 0x16df7f6, 0x1ed9fb0, 0x0c981d9, 0x11f7b20, 0x043057d, 0x016aa23,
-      0x0aa41ba, 0x1b62e9b, 0x1689643, 0x14279a2, 0x0681808, 0x03bf991,
-      0x1218b19, 0x0b613e8, 0x0d1abd3, 0x0a28b75, 0x086c989, 0x12d2bfa,
-      0x1250be7, 0x0429d39, 0x0158c03, 0x07a0ca8, 0x09cf872, 0x15a8756,
-      0x1759f39, 0x0b9c675, 0x1f943b8, 0x1c3716f, 0x0d7d4e5, 0x18fe47a,
-      0x1cfd8d6, 0x0eaac07, 0x0ff77e3, 0x17d3047, 0x0745dd4, 0x02403ec,
-      0x0a6fb6e, 0x0bd01ea, 0x0045253, 0x07bf89e, 0x0371cc2 },
-    { 0x090c351, 0x188aeed, 0x1018a26, 0x1e6c9b3, 0x0d196eb, 0x08598db,
-      0x0480bd9, 0x05eef51, 0x06f5764, 0x01460b2, 0x00049f3, 0x1c6c102,
-      0x1bdc4f7, 0x0e26403, 0x0db3423, 0x081e510, 0x156e002, 0x1894078,
-      0x072ce54, 0x14daf13, 0x00383f9, 0x099d401, 0x1029253, 0x0fa68e8,
-      0x17e91e8, 0x12522b4, 0x1c9b778, 0x01b2fa0, 0x00c30e7, 0x12c6bb2,
-      0x1181bda, 0x0b74dcd, 0x1c2c0e8, 0x009f401, 0x09ebc6f, 0x1e661ed,
-      0x09f4d78, 0x101727e, 0x1edfcf9, 0x1401901, 0x092b6bc },
-    { 0x100822e, 0x0ae41af, 0x1c48b8f, 0x057162d, 0x0e82571, 0x1851980,
-      0x0a7124a, 0x0a90386, 0x1a7cc19, 0x1a71956, 0x0504fda, 0x19dc376,
-      0x070bee9, 0x0549651, 0x1edeea9, 0x122a7db, 0x0faea3b, 0x0e6a395,
-      0x03c303e, 0x013cfc0, 0x1b70e8f, 0x192e6f5, 0x0938761, 0x136c76d,
-      0x1ae084a, 0x1b2ff15, 0x00ff563, 0x0802837, 0x162759f, 0x0f6d51d,
-      0x0235fb1, 0x0f21c61, 0x0af6e67, 0x1bf18cd, 0x00c07c9, 0x1842b5b,
-      0x0f33871, 0x0da5cc6, 0x1e2779f, 0x1929e05, 0x071ff62 },
-    { 0x04a84d9, 0x0388115, 0x079aa93, 0x1abd78e, 0x02ee4ac, 0x06b2bc7,
-      0x0a297c7, 0x14a7623, 0x1fff120, 0x1faf7cf, 0x1940ce0, 0x11c213c,
-      0x00a4c59, 0x050220c, 0x1a7e643, 0x05183c3, 0x146f598, 0x1c5c196,
-      0x0ebd4da, 0x1e51406, 0x168a753, 0x18db6a7, 0x04bb712, 0x199a3e1,
-      0x0692a72, 0x01976ef, 0x1748899, 0x07541ef, 0x12661cd, 0x1b1f51e,
-      0x168e36e, 0x1fb86fb, 0x1e19fc6, 0x1b5a678, 0x0d4213b, 0x12d8316,
-      0x1f1bba6, 0x141ff4e, 0x009cf9a, 0x1cebf2b, 0x040fd47 },
-    { 0x07140a4, 0x05ba313, 0x0bed6e2, 0x1dd56de, 0x0dbbfc1, 0x0312a43,
-      0x12239a6, 0x185bb3d, 0x12eb6ef, 0x0df75d0, 0x03fe21a, 0x0295159,
-      0x10cfc22, 0x1ad10ca, 0x15725ba, 0x1f6d32b, 0x0054171, 0x1c99c4e,
-      0x0d1a0cd, 0x0ba8a43, 0x025c2d8, 0x042089a, 0x0535a28, 0x0d842e8,
-      0x00139ec, 0x026f296, 0x1fdcc02, 0x019e172, 0x178aa32, 0x15130fa,
-      0x10c6b05, 0x1f36d5c, 0x0b9fab3, 0x0534a8c, 0x0447615, 0x0cd1b04,
-      0x1ffbe28, 0x19a6cc6, 0x0ce302c, 0x0afcc72, 0x05b1c11 },
-    { 0x0b6bb8f, 0x0d558b9, 0x0b0a43b, 0x0405f92, 0x0dc64ed, 0x14a639c,
-      0x08f17f9, 0x1c9e857, 0x1cb54dc, 0x0b6e32f, 0x108370c, 0x0d46c64,
-      0x14cb2d6, 0x02b6e7c, 0x19c1b9c, 0x0593a2d, 0x164a4f3, 0x01404e3,
-      0x09bb72a, 0x11b061d, 0x1f57ab1, 0x1340e32, 0x13f46b3, 0x1425820,
-      0x1651c7d, 0x1240fc8, 0x1b1de46, 0x15877ac, 0x1e67a30, 0x0e7a3c2,
-      0x046dab4, 0x1b41fab, 0x0d3fc44, 0x031a272, 0x0005b87, 0x079c2c9,
-      0x13e50ab, 0x0f4e5c1, 0x1bbd213, 0x0754ead, 0x0963ab8 },
-    { 0x14ea5a3, 0x1a3ec6f, 0x17fa512, 0x0ab9fc8, 0x1656881, 0x1e1ab24,
-      0x1f56228, 0x02ba2dc, 0x0e7c99e, 0x072ad9f, 0x01c6f21, 0x009beaa,
-      0x0e3fee2, 0x0202bee, 0x001bca4, 0x0aae0e2, 0x10dbba7, 0x07f461c,
-      0x0c66b6b, 0x0b796c6, 0x1fd8364, 0x183e105, 0x00627a2, 0x0fb2af1,
-      0x109697d, 0x11dc72a, 0x06e67d3, 0x06fa264, 0x0cfb6a0, 0x1290d30,
-      0x168046c, 0x106e705, 0x0594aaa, 0x0ee03b3, 0x07f60f0, 0x0991372,
-      0x076b988, 0x015c4c8, 0x11561ae, 0x1f97c8b, 0x0443480 },
-    { 0x114221a, 0x1ffda48, 0x09ebe3f, 0x1c7d0af, 0x0aec4f2, 0x12a3c3a,
-      0x143903e, 0x0a485c5, 0x1d6f961, 0x19f3598, 0x1a6ddfb, 0x0a6ff7f,
-      0x0ab2296, 0x1da1d43, 0x0a743cb, 0x0558d85, 0x0ed2457, 0x1920942,
-      0x1c86e9e, 0x0d122fc, 0x078da38, 0x00608bd, 0x16fbdf0, 0x02c0b59,
-      0x09071d3, 0x1749c0a, 0x18196a3, 0x05b5b53, 0x02be82c, 0x1c6c622,
-      0x16356c4, 0x1edae56, 0x16c224b, 0x01f36cd, 0x173e3ac, 0x0373a6a,
-      0x0170037, 0x168f585, 0x09faead, 0x1119ff5, 0x097118a },
-    { 0x1ecb5d8, 0x02cd166, 0x019afe7, 0x175274d, 0x0083c81, 0x1ba7dfc,
-      0x1760411, 0x16849c1, 0x0a02070, 0x1bcd1e5, 0x1ede079, 0x1f761f7,
-      0x049d352, 0x1f7950e, 0x0c36080, 0x1ca0351, 0x17b14b3, 0x15c2c31,
-      0x0a20bfc, 0x0e14931, 0x0fa55ba, 0x019d837, 0x089cc02, 0x05fdc55,
-      0x002f410, 0x1d2d216, 0x0628088, 0x09cec53, 0x03fc72e, 0x1d1342e,
-      0x19f6e8a, 0x1fca5d5, 0x14fe763, 0x1a2fb2a, 0x01689c3, 0x18616a8,
-      0x0573387, 0x150bbd5, 0x1ea0b55, 0x11a96e3, 0x017c077 },
-    { 0x135e37b, 0x0ff8e93, 0x15c839b, 0x0ccadd8, 0x09884e5, 0x1dd4bc6,
-      0x0b2767a, 0x18945eb, 0x0ba09f3, 0x07d228c, 0x010ddd0, 0x02efeb6,
-      0x0a8c3fa, 0x0b3d176, 0x0877b36, 0x17a8143, 0x0700528, 0x13b45e5,
-      0x01a4712, 0x092a563, 0x1fd5f22, 0x02f436a, 0x05b84b1, 0x10b34d4,
-      0x1915737, 0x1073d06, 0x0683ff3, 0x047e861, 0x0cc9a37, 0x1bcdd4b,
-      0x0e16a36, 0x035a474, 0x1d12ae0, 0x1aec236, 0x0e878af, 0x0d3ffd8,
-      0x0452ed6, 0x074270d, 0x1931b5b, 0x190ae3f, 0x01219d5 },
-    { 0x02969eb, 0x1533f93, 0x1dcd0fa, 0x1a5e07c, 0x1a3ab39, 0x1d84849,
-      0x1f9455e, 0x0e9cc24, 0x18d1502, 0x1c15876, 0x02f6f43, 0x15b1cb0,
-      0x0bffffc, 0x14ba1f3, 0x14f41d6, 0x023aca3, 0x1b18bac, 0x00a425e,
-      0x0c930e2, 0x1b3321d, 0x07c695c, 0x083fd63, 0x085a987, 0x09cd70e,
-      0x0f762a0, 0x0642184, 0x072e95f, 0x10cbbac, 0x14a07a2, 0x1586e91,
-      0x1e4f0a5, 0x0740f27, 0x0f92839, 0x14f673b, 0x187c2f8, 0x04e16af,
-      0x1e626f4, 0x0a5417b, 0x1c8c04c, 0x165acaf, 0x02c8d7a },
-    { 0x025e4d6, 0x1ac4904, 0x0d119f3, 0x0addf07, 0x1f51eaa, 0x080846e,
-      0x197604c, 0x07ec7cc, 0x18dd096, 0x14fc4fa, 0x190da88, 0x09bb3be,
-      0x078c4b1, 0x0a2f5dd, 0x16b91a7, 0x1e70333, 0x1775a4d, 0x188c555,
-      0x078dffa, 0x12f17a5, 0x17efda8, 0x1556516, 0x1a73b56, 0x0fad514,
-      0x0d05dc6, 0x11a364c, 0x15dfe12, 0x08e97e1, 0x0cd59a7, 0x059776c,
-      0x1ef510a, 0x1a3a731, 0x0fd1cd5, 0x10588d8, 0x0f6e528, 0x08b2c02,
-      0x1b404c4, 0x15b82d0, 0x165625b, 0x0ee9613, 0x02299d2 },
-    { 0x04397e6, 0x06ac6e3, 0x0c796e7, 0x1d7edba, 0x0c198f1, 0x0f8ed95,
-      0x16384fa, 0x118b0cd, 0x18fcdc6, 0x02d7143, 0x1007f50, 0x019bca7,
-      0x16a4b28, 0x008edaf, 0x058fcb5, 0x1f141b9, 0x189bec4, 0x1f6aea8,
-      0x05bba62, 0x1fa27b2, 0x148e336, 0x198216f, 0x1a496c6, 0x1c00e9c,
-      0x16291ac, 0x14a867a, 0x0094c5f, 0x11a7169, 0x1c446be, 0x0e95c10,
-      0x0d31eb4, 0x1e16cb2, 0x1c44135, 0x106a838, 0x0dbd4b2, 0x0d2e36e,
-      0x07b46c2, 0x0ffd2b9, 0x1863abe, 0x0f2326c, 0x021ac67 },
-    { 0x17fbcd2, 0x1071f96, 0x1062ad0, 0x072f7bf, 0x1272247, 0x1aea5a0,
-      0x0cfe137, 0x1a69240, 0x03807b7, 0x1e6a11b, 0x10d895b, 0x1613667,
-      0x14dfc19, 0x1079140, 0x15bcdd6, 0x0337027, 0x059037c, 0x0384bc5,
-      0x1fc9ee7, 0x13132e1, 0x03894f3, 0x02b0ad2, 0x1f03869, 0x0c05ee9,
-      0x1496a3e, 0x10e7fd1, 0x06c9872, 0x07e3886, 0x0164cdc, 0x08edf70,
-      0x07d8488, 0x1cfef7d, 0x0463ee4, 0x170dd98, 0x19e24b0, 0x0c02bef,
-      0x04483a5, 0x1ec46b1, 0x1676198, 0x1ce1cc5, 0x00e8ec1 },
-    { 0x00878dd, 0x06614c5, 0x1c6aa23, 0x1acc800, 0x19ac175, 0x0b9b0bc,
-      0x1208294, 0x02b2068, 0x0dd58a3, 0x0b6811f, 0x088684c, 0x17a911a,
-      0x0330785, 0x0ace247, 0x12cf79e, 0x14ee36e, 0x1824c67, 0x1a17701,
-      0x02e4514, 0x1ed9bbc, 0x1e9159e, 0x144d91b, 0x1e0c2b8, 0x0bb064a,
-      0x07a4c49, 0x13370c2, 0x1b41dcd, 0x0f6242f, 0x14a3256, 0x1643514,
-      0x0996064, 0x10c9b06, 0x0aa0f56, 0x09f2dbb, 0x144bd2c, 0x1bc5457,
-      0x1b6b73f, 0x0860e00, 0x0d8d761, 0x0beba20, 0x0653a79 },
-    { 0x0dcb199, 0x144c2a8, 0x0d833f8, 0x1cff405, 0x135b8e5, 0x1b01e85,
-      0x15f0f25, 0x16b794f, 0x127f131, 0x0729446, 0x04b54ac, 0x09bdc56,
-      0x073aa70, 0x0edb92e, 0x01ac760, 0x16227c4, 0x19ac5d1, 0x1858941,
-      0x0d175d8, 0x12e197b, 0x1e8e14f, 0x1f59092, 0x1265fe4, 0x0fb544d,
-      0x1739cee, 0x074deba, 0x1c7fbc8, 0x0dd97a7, 0x0a42b14, 0x108a3e3,
-      0x147e652, 0x04ff61f, 0x089eb4f, 0x06d25e9, 0x14c6690, 0x0c2230d,
-      0x1b9d797, 0x1fb2d2f, 0x19d7820, 0x0f7a888, 0x030dfc4 },
-    { 0x0aadfe8, 0x02d714f, 0x004af3f, 0x0969a9d, 0x05027e5, 0x099ab09,
-      0x00b7e2d, 0x029560e, 0x056a6a2, 0x15ce102, 0x041a3a8, 0x1ef460b,
-      0x0fb1a3d, 0x0c41888, 0x1452c86, 0x11c3946, 0x136c4b7, 0x05bdf11,
-      0x18bda61, 0x0e79cc7, 0x1ac6170, 0x1316efb, 0x01b8452, 0x1af8791,
-      0x192bf07, 0x14493b0, 0x0fac6b8, 0x1b4d3c1, 0x1849395, 0x18ba928,
-      0x08260eb, 0x080f475, 0x0c52a4d, 0x1f10c4d, 0x1f6ab83, 0x022a6b8,
-      0x197f250, 0x17f4391, 0x04b3f85, 0x03ea984, 0x0572a59 },
-    { 0x1a5553a, 0x1420c84, 0x0ef1259, 0x1064ee6, 0x1f05431, 0x17eb481,
-      0x0d2c8fb, 0x1a9f39d, 0x1f22126, 0x09e5fcd, 0x1655e2f, 0x03805fd,
-      0x186d967, 0x0501836, 0x0965f3b, 0x09fcb77, 0x1613d67, 0x15b82f6,
-      0x1fccfdd, 0x06c456c, 0x0c31f1d, 0x0308e5c, 0x056f3cf, 0x07a3552,
-      0x067dce5, 0x1a1d1c2, 0x07e422a, 0x005fd25, 0x15767a9, 0x04cec68,
-      0x1edb8f9, 0x1215fa0, 0x142db5c, 0x18c8740, 0x1ef1b22, 0x1c2418d,
-      0x04919a4, 0x0432a99, 0x0b0f203, 0x1c3b190, 0x065c2cb },
-    { 0x060bb63, 0x06d1053, 0x0915a13, 0x150dd0c, 0x07dc3b0, 0x10776b9,
-      0x0b3d9ae, 0x0b0ec8e, 0x1679dd1, 0x0e0b172, 0x14b511e, 0x04ee108,
-      0x1eb6884, 0x009fabc, 0x06f1acd, 0x02ee105, 0x1ec9501, 0x1c9750a,
-      0x1dce060, 0x09c6008, 0x12f15e3, 0x04b9f0e, 0x030f28d, 0x137a7bd,
-      0x0f1dc22, 0x169d2e2, 0x0e53bdf, 0x107dfe3, 0x0e7a1a7, 0x19c6efd,
-      0x1491b6d, 0x0341330, 0x153d72e, 0x07a55a1, 0x1562837, 0x124a675,
-      0x0e7888b, 0x02a80b0, 0x1fd9b60, 0x1aa774e, 0x0831440 },
-    { 0x011b2da, 0x117197b, 0x1ab3d0f, 0x13a1f48, 0x1d066e2, 0x059e06a,
-      0x1cfa208, 0x1e1d12f, 0x01d3e44, 0x02e1473, 0x09e99b1, 0x1ecdbfa,
-      0x17929d7, 0x080f428, 0x16e1828, 0x0f1bae6, 0x0983de0, 0x1751fe7,
-      0x0e33846, 0x0efb6ac, 0x0b3bc99, 0x17a429b, 0x01220e0, 0x195bf8c,
-      0x07a3c64, 0x1b8bf06, 0x1e0851e, 0x19a2fef, 0x011e3e3, 0x11e60da,
-      0x1b7a559, 0x130bf68, 0x139ac8f, 0x08ce52b, 0x0736f3c, 0x0a70a73,
-      0x015a281, 0x0c2d387, 0x115992a, 0x114dabe, 0x0504c3a },
-    { 0x0fa53c7, 0x0a941dc, 0x138c02d, 0x10a128e, 0x185cff3, 0x1e712fc,
-      0x090710d, 0x1da469a, 0x0e5a129, 0x0c19218, 0x1319d0a, 0x12ad557,
-      0x016ad38, 0x1f740f7, 0x1700075, 0x04e0545, 0x0b6670b, 0x1a611e3,
-      0x1ba28ee, 0x1cacfd4, 0x13eab35, 0x07534b3, 0x0f1c2cf, 0x1c51d59,
-      0x1a9c3e6, 0x1ed42d3, 0x1954ded, 0x15cd09b, 0x0937dc2, 0x01f2b6f,
-      0x0897b2b, 0x1f08608, 0x12ea6c9, 0x0e2905f, 0x1f41dff, 0x1a7195e,
-      0x09f56ad, 0x1d7858b, 0x0874b09, 0x1338e3a, 0x0496e46 },
-    { 0x1a93467, 0x07e414f, 0x1852e85, 0x081d654, 0x02e3768, 0x19f04de,
-      0x13ebd20, 0x198cb37, 0x03686bd, 0x042cba9, 0x0c85aaf, 0x010103e,
-      0x1840bfd, 0x0be040d, 0x18ef698, 0x0f27788, 0x086bb04, 0x0de80fd,
-      0x1359031, 0x03d9cc5, 0x15c45a2, 0x0a1101e, 0x05efda9, 0x022cf6f,
-      0x00edc95, 0x134675a, 0x1dd96e8, 0x0cf5595, 0x0b51f9d, 0x0cf4d75,
-      0x0ea2e83, 0x161ad0c, 0x14b215e, 0x034a960, 0x136f97c, 0x0a6a99b,
-      0x0b3744b, 0x15ae67e, 0x1ffa13c, 0x0e62606, 0x0133891 },
-    { 0x1003cd1, 0x0032022, 0x0b1bb9a, 0x18895c5, 0x1dac17b, 0x07298a7,
-      0x1067f7a, 0x0b8979a, 0x1c7cea9, 0x0f1a75c, 0x0df8060, 0x0c5a71e,
-      0x08bb577, 0x1304c86, 0x1133ec0, 0x094f7d9, 0x1f950a3, 0x185e249,
-      0x10cc13b, 0x0e82e4a, 0x0a2a680, 0x1935e45, 0x0bb03f2, 0x08bfd4b,
-      0x09b463b, 0x1d64f3d, 0x1957ef6, 0x17652a5, 0x05dff44, 0x0053024,
-      0x05943c3, 0x09bd48f, 0x0c5104d, 0x11d0101, 0x0825a57, 0x0ba59df,
-      0x0da1f34, 0x00815a3, 0x0fef532, 0x0e7e706, 0x0422eb5 },
-    { 0x0ad3f47, 0x0975b53, 0x083ab16, 0x1b2e297, 0x10861f6, 0x140a2cd,
-      0x1a4641c, 0x006af83, 0x064ea58, 0x1be4a71, 0x049c8f3, 0x0d58a96,
-      0x0a72537, 0x0d7db9b, 0x09ae907, 0x079b9e5, 0x120cba0, 0x0e44f44,
-      0x0c3f4eb, 0x041968b, 0x19fef2e, 0x0a6b302, 0x09ba969, 0x13bf178,
-      0x1fa8b88, 0x15ff731, 0x059a8fc, 0x01e38fc, 0x1312e14, 0x1e4e3a3,
-      0x1fc27fa, 0x0e4f333, 0x119b9c2, 0x09582be, 0x0d32dff, 0x0d53f77,
-      0x00da2dc, 0x1d13ebd, 0x0960b3e, 0x19e584a, 0x0368541 },
-    { 0x0799d37, 0x09e4f11, 0x0ce9443, 0x0b59f46, 0x1b677de, 0x07bcad8,
-      0x1863c20, 0x1849cd5, 0x0afc8df, 0x0da9e15, 0x10b709a, 0x036c1d0,
-      0x0879754, 0x16033ff, 0x09bcabe, 0x1b0efab, 0x003bd07, 0x1681045,
-      0x152f8bc, 0x08e7e0c, 0x023e34b, 0x157a8af, 0x199f040, 0x1835e91,
-      0x1bf9d2a, 0x0805806, 0x06da84f, 0x04c9f48, 0x094c11e, 0x1c354bf,
-      0x1d059a5, 0x10d4b0d, 0x1d8cf2d, 0x093f484, 0x01a71fe, 0x0c0e77f,
-      0x0241a56, 0x0bbc401, 0x04cd2e2, 0x0b2444c, 0x059a5bf },
-    { 0x1347191, 0x0e48f40, 0x05cba74, 0x19d72d3, 0x186c1ab, 0x0a353f8,
-      0x01d9ea7, 0x12e0f11, 0x0daa7d3, 0x149e7e6, 0x0e6a836, 0x13e3b23,
-      0x0c08bee, 0x1c6e9e3, 0x19ff5e3, 0x1020104, 0x0d09422, 0x1fc9c30,
-      0x0b6d1fe, 0x14e355b, 0x0f8a6a6, 0x1bd30ab, 0x072a81a, 0x1091793,
-      0x105e039, 0x09ad50d, 0x1caaaa4, 0x0dbb846, 0x1f3bd13, 0x103cd89,
-      0x135df9f, 0x09598be, 0x10b5cbe, 0x07e9b46, 0x17e2613, 0x1009b48,
-      0x13d3e0f, 0x077b0c6, 0x1e673c5, 0x18287d6, 0x0467564 },
-    { 0x0fff5d7, 0x12c825b, 0x1d4a35c, 0x1f25b88, 0x037f33a, 0x105c550,
-      0x155d5b4, 0x073212b, 0x143baec, 0x111afe0, 0x0ae6c0c, 0x095ed14,
-      0x01a2feb, 0x0a69ae3, 0x1140c62, 0x0e90cc3, 0x0a2ea87, 0x1d6495b,
-      0x046f1bc, 0x09162a0, 0x1cb28eb, 0x1463cf6, 0x08a3f84, 0x1a5400d,
-      0x1bc0ca5, 0x0284fb8, 0x08bc56e, 0x062cee6, 0x036218f, 0x19463d0,
-      0x07bfa35, 0x09f03c1, 0x08f39cb, 0x0286c83, 0x0059edf, 0x062ee7e,
-      0x0d6a1e0, 0x07bd6df, 0x0135434, 0x02c9dd3, 0x08a0dee },
-    { 0x1366e6f, 0x0c8dfa3, 0x0015412, 0x1fd0d86, 0x18084d9, 0x06671b5,
-      0x11d4690, 0x1c42989, 0x03f1961, 0x1da3553, 0x11790ee, 0x0bf2808,
-      0x1f56a78, 0x048f10a, 0x0346d5f, 0x1011bb7, 0x13ec7ee, 0x0354722,
-      0x0ea87a3, 0x0cfdf17, 0x0109c03, 0x18f1f0c, 0x0c43647, 0x0414586,
-      0x0fd0e7e, 0x13bfcbe, 0x1155330, 0x03d0190, 0x028403f, 0x1e0ebdb,
-      0x1f3a26e, 0x07fc142, 0x178a966, 0x00039bb, 0x067f07c, 0x053d3b6,
-      0x16f6bed, 0x13ff3ed, 0x1388cb3, 0x1a5dd2f, 0x07b04b5 },
-    { 0x0c5faf8, 0x035e3c1, 0x025d6d5, 0x1d1d702, 0x1a734c5, 0x1c28f00,
-      0x1a1879d, 0x03e7aac, 0x1e956d5, 0x19d0809, 0x0f0df20, 0x0e63878,
-      0x0cc7351, 0x1060a47, 0x1dce3ef, 0x1de82c0, 0x0bbe1bb, 0x1976378,
-      0x1e94615, 0x0558dd9, 0x0df00aa, 0x0bb371d, 0x01ca40b, 0x045adc6,
-      0x15089c6, 0x017e6a6, 0x0e9b760, 0x15c4364, 0x0863723, 0x0d2a99c,
-      0x08b9519, 0x151b030, 0x05119a0, 0x14bbd6c, 0x00c8de1, 0x189e29a,
-      0x1c7b272, 0x0d840e4, 0x18c7145, 0x1499337, 0x01c6a95 },
-    { 0x0821363, 0x0a56ae1, 0x18729ac, 0x069a2fb, 0x029c182, 0x16f4244,
-      0x14b1332, 0x04f5deb, 0x182489e, 0x009559c, 0x07649fd, 0x0131e10,
-      0x1f92c9c, 0x1ae5d68, 0x01ef7d1, 0x13f62df, 0x0b81a1d, 0x17a556d,
-      0x1d7cedd, 0x14f2476, 0x08fe475, 0x0b6dddd, 0x067742b, 0x0e1568b,
-      0x161644b, 0x178c1b7, 0x04d2f66, 0x148c910, 0x1abda32, 0x11375d4,
-      0x1ed7244, 0x1ccac4b, 0x0ec8709, 0x0725f26, 0x0678206, 0x19a9672,
-      0x14f6879, 0x004e420, 0x1932697, 0x0046150, 0x072708a },
-    { 0x14a466c, 0x1e058f9, 0x16e93cc, 0x18ff3a8, 0x01bae09, 0x143c2e5,
-      0x03fb838, 0x103ae1e, 0x0908808, 0x12638a3, 0x10f68e0, 0x1855760,
-      0x12e2416, 0x07637a1, 0x0f69c4f, 0x07c38e6, 0x049c979, 0x095ac83,
-      0x0d724d9, 0x05ab616, 0x1b2adb6, 0x111f2e0, 0x0d57adb, 0x02d6a2a,
-      0x0b5cebb, 0x08e67f4, 0x07dc25a, 0x1c1030d, 0x085bd59, 0x1cfdb0d,
-      0x1df2197, 0x1f5c207, 0x169d3cc, 0x13f4ef8, 0x11cdcd1, 0x072a4b8,
-      0x0369511, 0x1aae05a, 0x17485f6, 0x098e64c, 0x07491c7 },
-    { 0x0d2b94d, 0x16adfc0, 0x182cc4b, 0x0774964, 0x1b8ac63, 0x110cd08,
-      0x1163358, 0x11d590d, 0x1aeb82c, 0x0be67b5, 0x1e73b4c, 0x13dcb3d,
-      0x1a2dfb2, 0x1215e6a, 0x09f6263, 0x16403b5, 0x1c85974, 0x049f14a,
-      0x07f16b7, 0x0eaf09b, 0x03ba69e, 0x0f80955, 0x15b11c2, 0x0ba7973,
-      0x09f37c8, 0x15e8fed, 0x174f752, 0x0a90fc4, 0x1ba22ee, 0x0580859,
-      0x0ec03f5, 0x18dd1b9, 0x1591493, 0x1433265, 0x1eaef39, 0x0d6e653,
-      0x08906b7, 0x14e8e13, 0x1a105a0, 0x1cae82e, 0x08bcfd3 },
-    { 0x1c8c314, 0x0139a69, 0x00cc1a2, 0x02230e1, 0x15f0b2f, 0x145d0b4,
-      0x1df0f01, 0x10f726f, 0x0779247, 0x1b2f06c, 0x04889d4, 0x1cbc3f3,
-      0x0f15527, 0x13effea, 0x01a5920, 0x0c71214, 0x1f22f58, 0x0eac59e,
-      0x0bc83ab, 0x08d712d, 0x0257834, 0x05a83a3, 0x0275e5c, 0x0454d22,
-      0x0d20640, 0x1bcecf4, 0x1d9c7b0, 0x03cbf15, 0x1fe91ed, 0x128482b,
-      0x061bd50, 0x0a51208, 0x14dda81, 0x09956f8, 0x043876e, 0x117af00,
-      0x105a937, 0x0c68f24, 0x0ad24f8, 0x1ef7a6f, 0x053cadc },
-    { 0x053d0ff, 0x0f6fbaf, 0x1d9c6ed, 0x1911157, 0x1886606, 0x10368ae,
-      0x0c3e048, 0x066c923, 0x1e22b6a, 0x180c1a2, 0x0ecc5ec, 0x129762e,
-      0x15aba67, 0x1ee4f2c, 0x079619d, 0x049a318, 0x0822396, 0x1a70832,
-      0x0957754, 0x0a5cb3b, 0x079c617, 0x15cf214, 0x0062d3a, 0x03e57da,
-      0x0784b49, 0x14f657b, 0x0879e50, 0x1b9b73a, 0x1262243, 0x0a42887,
-      0x170da50, 0x14ca1d8, 0x06f190a, 0x14bb008, 0x16bada6, 0x0cea854,
-      0x032d104, 0x1ebaf4e, 0x18ac5a6, 0x0c97f18, 0x0908499 },
-    { 0x093c661, 0x0867b2d, 0x015ac4e, 0x093b6be, 0x1848626, 0x0d0bc40,
-      0x0ea7694, 0x1352552, 0x16772de, 0x1865dc7, 0x0521f06, 0x1d7af8e,
-      0x1e6e67f, 0x0731211, 0x0d0e0b5, 0x085f1f3, 0x10ebb5a, 0x14b7ed2,
-      0x022693c, 0x03666ec, 0x0516c92, 0x1dc3af6, 0x1274cb5, 0x0202496,
-      0x0d2cac4, 0x1bd5ec3, 0x071087e, 0x0d0c441, 0x17de33f, 0x04d5fb5,
-      0x1a0f865, 0x1d27924, 0x1ee18f0, 0x0266066, 0x1578237, 0x05a9db7,
-      0x13580d2, 0x1badf23, 0x15fa30a, 0x1f48d19, 0x03d7f6f },
-    { 0x1fbd5d1, 0x194866f, 0x037fa9e, 0x0d2e067, 0x1d759da, 0x1f76e4c,
-      0x02c2243, 0x11cacd0, 0x142dce6, 0x034857a, 0x19360af, 0x1e57655,
-      0x008519d, 0x1f8cadb, 0x04919fd, 0x043e8ac, 0x02cd83c, 0x1b2cd1a,
-      0x159458c, 0x0e37eaa, 0x0562557, 0x1aaa45d, 0x17f1a24, 0x125e474,
-      0x1920394, 0x00bdaa0, 0x0e72718, 0x0cea51c, 0x1e60195, 0x076a288,
-      0x154fc19, 0x03a2d4a, 0x03f9eb9, 0x055f718, 0x13f4895, 0x187c318,
-      0x1d434e7, 0x0ca6b7f, 0x1d39902, 0x07edbbc, 0x08fb12d },
-    { 0x13cb7a4, 0x1c0d114, 0x1935b18, 0x0170f6f, 0x053e09f, 0x0561f7a,
-      0x0a08c1e, 0x1229e42, 0x0578cae, 0x04ffd68, 0x0e9377a, 0x12d4e2d,
-      0x004a2b6, 0x1b7ac05, 0x1a06853, 0x0260e28, 0x17b4c2f, 0x089ac7c,
-      0x04cbee2, 0x12d32c5, 0x1af7878, 0x0513452, 0x0a77614, 0x0473f06,
-      0x11f6dfe, 0x0ced7bb, 0x193d1d2, 0x1e41fa5, 0x1ca0e95, 0x1f3bc33,
-      0x1b26d90, 0x06eb303, 0x1858ecd, 0x18e4bf3, 0x096466a, 0x077d28d,
-      0x06ff345, 0x0981d10, 0x0dec53e, 0x062eba4, 0x03fcc67 },
-    { 0x121f920, 0x0f5eaef, 0x0e41427, 0x1f82803, 0x1af70e1, 0x132557f,
-      0x12ff656, 0x0444853, 0x12c37a1, 0x109042a, 0x0e49afc, 0x07e8fbd,
-      0x1c1d4c9, 0x0fd9f8e, 0x1cf9302, 0x1788c25, 0x0595b51, 0x12b042d,
-      0x043f6f4, 0x1ebac5e, 0x13c22a2, 0x07ef865, 0x183758b, 0x01e4a96,
-      0x024a36b, 0x15b8aa2, 0x1559184, 0x074b40b, 0x15249cc, 0x1867d0f,
-      0x022faf8, 0x0fcc543, 0x0ec6903, 0x14c9c92, 0x0eb2bd0, 0x0aebe1f,
-      0x13fa868, 0x09a2ee5, 0x070d350, 0x1fb8e2a, 0x0645146 },
-    { 0x01924f9, 0x0319d5d, 0x1b87b3b, 0x0c00c64, 0x1ba6f13, 0x087e0bd,
-      0x15eb1f9, 0x000406e, 0x1ef3d8e, 0x1298c8c, 0x1169d32, 0x0d54a3b,
-      0x189545a, 0x098a095, 0x087563f, 0x1a000dc, 0x0057bb1, 0x180de18,
-      0x1b46a70, 0x1138d2d, 0x1a48f17, 0x0fcc2c7, 0x1ebcb4d, 0x12f7d0a,
-      0x109b981, 0x12ea1a6, 0x14a6a89, 0x1b80eea, 0x18fa801, 0x1df3e02,
-      0x13b2b40, 0x0a97429, 0x0d70a9f, 0x0853a49, 0x1415b01, 0x14db8f0,
-      0x0d005dd, 0x1e5254a, 0x07cb8a9, 0x0e557f7, 0x0448d3d },
-    { 0x1b33989, 0x178a294, 0x056b715, 0x19535d0, 0x068351b, 0x03a20a4,
-      0x1584d2c, 0x07767e8, 0x03cd9f3, 0x0ae7215, 0x1b928e5, 0x09d8bfe,
-      0x1113ade, 0x1287554, 0x0ab1c56, 0x1dfbfa7, 0x0995666, 0x10630f6,
-      0x1a911c2, 0x145171e, 0x04c9108, 0x0272a42, 0x100bbd6, 0x1c5e66e,
-      0x1b162d0, 0x05e5c12, 0x1ed1bdf, 0x1b9a263, 0x12fd893, 0x1c764b7,
-      0x1e08205, 0x04b2518, 0x18c5d67, 0x1e22ca6, 0x0f7e658, 0x1e50b46,
-      0x192a309, 0x04b8bae, 0x06695c9, 0x0f396e0, 0x0768814 },
-    { 0x1767eed, 0x1d08a48, 0x176ee90, 0x1b257ec, 0x1e11b9a, 0x12f10d2,
-      0x0b3800e, 0x02bd144, 0x12a3354, 0x1b02210, 0x1ab5898, 0x0768953,
-      0x05c2c56, 0x1059577, 0x1018992, 0x1c3ae97, 0x1758bf2, 0x0badc6a,
-      0x0228997, 0x1e1dcfa, 0x12a71cf, 0x0ed85b8, 0x05e4538, 0x030d25a,
-      0x125d04b, 0x00ae1ac, 0x115b33a, 0x1c4a7e9, 0x1f0e3ad, 0x120e4ff,
-      0x06691e4, 0x1bb57da, 0x0b9d06e, 0x1728328, 0x098167e, 0x00ce26a,
-      0x132ce18, 0x1b007da, 0x0189bcd, 0x038bcb5, 0x0670eb0 },
-    { 0x1cdbb43, 0x1e057b9, 0x06b77dc, 0x0afe486, 0x0f08ecc, 0x0d1c22e,
-      0x01504a8, 0x1e322f0, 0x09224dd, 0x0d08279, 0x11fbfda, 0x071b7d5,
-      0x024352f, 0x1e16899, 0x0eced39, 0x168edf8, 0x030b5e4, 0x0534f4a,
-      0x1d691bc, 0x0646812, 0x0ece7d9, 0x0f2eb27, 0x0024e26, 0x0468bd3,
-      0x01250db, 0x0b5bdc1, 0x09fd2de, 0x06aa526, 0x190b1f2, 0x060aa5d,
-      0x158bba7, 0x12225ef, 0x1a9c8f5, 0x157190f, 0x1e6072e, 0x145a1e5,
-      0x0075166, 0x1f81b30, 0x1fc9edd, 0x1cec6bb, 0x0504852 },
-    { 0x0f392fa, 0x19e72d1, 0x01e0bc3, 0x15d8d92, 0x126c076, 0x1d557b1,
-      0x17a4a12, 0x1275a03, 0x1cbe8e9, 0x00d8b69, 0x142422c, 0x18485b2,
-      0x1871305, 0x1c29d79, 0x1bf585c, 0x053418c, 0x00ed3c4, 0x1bb9a8a,
-      0x1eafc09, 0x0362543, 0x11778a3, 0x0102c59, 0x0814c00, 0x18fbd73,
-      0x1d9fca9, 0x09855ff, 0x0fa199f, 0x00bded3, 0x09e13fd, 0x198474d,
-      0x070bce9, 0x1723d5d, 0x14c9a19, 0x073621f, 0x1b9d863, 0x00a1a19,
-      0x1240f8b, 0x126e202, 0x03313ec, 0x0a3efd2, 0x0992fe1 },
-    { 0x0f197aa, 0x06d989c, 0x1e61115, 0x1b0f0e5, 0x04ded69, 0x1854145,
-      0x09ec113, 0x18d2f68, 0x0a31e48, 0x010f0d7, 0x03bfb26, 0x013fbb3,
-      0x0ee38cb, 0x040659d, 0x0e13ea1, 0x0aae641, 0x0a84747, 0x1dd2dda,
-      0x1543a5a, 0x1c10159, 0x1550a9b, 0x0e77881, 0x111147a, 0x08264b9,
-      0x0e75fc4, 0x19eb137, 0x00e2978, 0x1dd4bd3, 0x10abd26, 0x1f5cd15,
-      0x0a5cc86, 0x136c105, 0x092e484, 0x1e61565, 0x1a2a64a, 0x163b902,
-      0x1c8eb9f, 0x0767a5c, 0x1c7804d, 0x15098b6, 0x05a68bf },
-    { 0x10a2bfb, 0x19da2ff, 0x02c2d3f, 0x12aa05f, 0x1105fff, 0x0e06136,
-      0x162156c, 0x00829bc, 0x10d3b9d, 0x08b432d, 0x14e45fb, 0x08a604d,
-      0x0e2f5a2, 0x1a6d9e0, 0x08bd24f, 0x11e5cd4, 0x08ae241, 0x0a438aa,
-      0x026fbd8, 0x06c750a, 0x1bec6ab, 0x1d5c65d, 0x0472878, 0x023472d,
-      0x0dc9840, 0x0bbb8f0, 0x0835729, 0x1f305c1, 0x097bc1f, 0x1822c0c,
-      0x19fad02, 0x010b5ab, 0x1c24a46, 0x1bdbe25, 0x1e8298c, 0x1fa2b91,
-      0x1ef1628, 0x07377bd, 0x1d0e55b, 0x1f33ebd, 0x078acfd },
-    { 0x0520189, 0x1bf8afc, 0x071116f, 0x018efec, 0x154202a, 0x11170dc,
-      0x11ae77e, 0x10e73db, 0x11f4a34, 0x16b0133, 0x13314b4, 0x1252902,
-      0x03cd933, 0x02f4f89, 0x1da8490, 0x16defbc, 0x0a0ae36, 0x0711837,
-      0x00e9638, 0x02a4317, 0x031a538, 0x1b50209, 0x0618aed, 0x0637ce3,
-      0x0253cbf, 0x10ff46d, 0x08df7a1, 0x1bf8a66, 0x0e48902, 0x09fb485,
-      0x14bc972, 0x11754dd, 0x0bcb8f0, 0x1a514b3, 0x183e422, 0x12de215,
-      0x1061c94, 0x1a5a465, 0x08d9a32, 0x0e7a0eb, 0x00ad92d },
-    { 0x0ca548a, 0x0aff6e1, 0x06aefee, 0x01019b1, 0x0778c62, 0x1361402,
-      0x0552cd1, 0x0057d32, 0x1d4be89, 0x11df049, 0x1a07b7a, 0x132a27c,
-      0x01847b7, 0x017a00b, 0x0aa3d2c, 0x0ffd1e4, 0x14d4aeb, 0x11f7965,
-      0x0ebb57d, 0x18a2a36, 0x11639ad, 0x08cc618, 0x1b0733f, 0x1afb11f,
-      0x0c17ba3, 0x04bee15, 0x0d19084, 0x11f4c9a, 0x190bcf0, 0x005bca5,
-      0x1ad7afe, 0x016a153, 0x178b4ba, 0x153358d, 0x04d09e6, 0x1a349fd,
-      0x075b3ce, 0x1a6e578, 0x1a6ba3b, 0x140e14d, 0x095bbd8 },
-    { 0x014bbd0, 0x0924af3, 0x0d8d67e, 0x0f7047c, 0x1567a88, 0x0deb53b,
-      0x127b3f0, 0x085c48f, 0x18e835c, 0x1fd57a3, 0x1819a8a, 0x09c155b,
-      0x16314ef, 0x0e0b699, 0x0aea98d, 0x1c7120e, 0x071e2f0, 0x1fd214e,
-      0x141f643, 0x03cba17, 0x1c04cac, 0x1528a7a, 0x1a7fcd7, 0x0aa9d82,
-      0x053fcc0, 0x03fc498, 0x1ca8d65, 0x163b0d6, 0x0be487a, 0x1830157,
-      0x0878a7e, 0x1bf739e, 0x0a10d6d, 0x0fe7ad0, 0x0167c83, 0x155a28e,
-      0x18867a2, 0x06e337d, 0x0a46520, 0x09f824b, 0x0375a88 },
-    { 0x017f7ea, 0x05f1709, 0x16ac5e3, 0x150eb8d, 0x1a161e2, 0x0d8d2a0,
-      0x1fb006f, 0x195eee0, 0x0e4fd73, 0x1c43250, 0x0836199, 0x0cc9a27,
-      0x08baebc, 0x0469833, 0x0c97e67, 0x0b2a080, 0x1c92f1c, 0x1dc9f6c,
-      0x1078199, 0x06cec6a, 0x0763fdf, 0x185c8d3, 0x1f65fee, 0x0f39341,
-      0x069ea60, 0x0239355, 0x007aaa3, 0x0e60790, 0x063c55c, 0x0e40d7d,
-      0x16f7b1d, 0x09fa255, 0x1cdcde2, 0x041c500, 0x169c65a, 0x133fc1b,
-      0x1841537, 0x1d849d9, 0x013b19a, 0x1161197, 0x0268d81 },
-    { 0x1580555, 0x171ac20, 0x00edcf6, 0x0e8e7a2, 0x0fc32e6, 0x0660d5a,
-      0x0404efb, 0x1bc4818, 0x0b24ee9, 0x1204cf9, 0x03819b6, 0x16b73f5,
-      0x0e37b0c, 0x121c6bf, 0x0b81391, 0x002816b, 0x1642b72, 0x03fbe98,
-      0x0e7929e, 0x1e9db66, 0x037586e, 0x169d3ec, 0x0979dfb, 0x0e0f85d,
-      0x1ad37bd, 0x0c4c41f, 0x083e5e4, 0x02d6c67, 0x1a208e8, 0x0145173,
-      0x1ab8930, 0x0886aa2, 0x171fe3c, 0x195fa88, 0x0ccd3d7, 0x0c7d727,
-      0x01b53a5, 0x0cf6a58, 0x0912e10, 0x0b80ad9, 0x08b0273 },
-    { 0x1019195, 0x1da3270, 0x0306e26, 0x0de7f85, 0x1de4c02, 0x1e1d908,
-      0x039b8af, 0x05f5824, 0x091bdf9, 0x038de2d, 0x056f27b, 0x15681b3,
-      0x1e485d7, 0x13248ff, 0x119da3b, 0x1c4cb2f, 0x119afbc, 0x16caa96,
-      0x186ddb0, 0x0d8ffd1, 0x0d1bbae, 0x00ebf1d, 0x059f60a, 0x1312e68,
-      0x09af95e, 0x0c11f0a, 0x1228320, 0x03e0049, 0x006c0dd, 0x1fede18,
-      0x133d5c7, 0x0b0ee7a, 0x12ecf7e, 0x0a06c59, 0x1e0bf4d, 0x04b0454,
-      0x0436504, 0x1a2e1f8, 0x017f96a, 0x140969b, 0x0400e3a },
-    { 0x046e4a2, 0x10b24af, 0x01d11cc, 0x084826c, 0x17a2ed6, 0x0763be9,
-      0x08ec718, 0x05ccb24, 0x1e5e0ac, 0x109d561, 0x01eadd7, 0x08378a2,
-      0x1bda17c, 0x19e129e, 0x0c8bb25, 0x0452ccb, 0x1b8a501, 0x1ff9c33,
-      0x1886a66, 0x0cc1aa0, 0x03f5fed, 0x03644fe, 0x08f0a14, 0x0c8a34f,
-      0x150b9f1, 0x0379f69, 0x099f2d6, 0x0f87c06, 0x1185b12, 0x03bccb3,
-      0x06f201f, 0x0942601, 0x1c157d4, 0x18fa684, 0x191eb6b, 0x106c5ee,
-      0x13a6a19, 0x015cd67, 0x180e529, 0x1451b4d, 0x0131c3d },
-    { 0x1da83ba, 0x02ff8d3, 0x10d929e, 0x0ba09e8, 0x1415b42, 0x01fc097,
-      0x066f7b0, 0x144f811, 0x080f5f4, 0x0c6a08d, 0x0946e71, 0x0c21fb4,
-      0x123d32d, 0x069d979, 0x0ed1413, 0x0107933, 0x04bf4c2, 0x08cc622,
-      0x0c3a0ff, 0x04c35ee, 0x1b9060c, 0x0fe5816, 0x0183293, 0x1e3cf90,
-      0x1838b9d, 0x06487fb, 0x1f131a4, 0x16f39f2, 0x15f1546, 0x0a6baeb,
-      0x1fc4c54, 0x03961d1, 0x1c074f1, 0x0bb0ad3, 0x0b06cb0, 0x0172415,
-      0x04aa0ff, 0x004c56a, 0x173a77a, 0x0d468a8, 0x071d1a4 },
-    { 0x01b382e, 0x1c7bb7d, 0x0835d85, 0x06ee5bb, 0x00d8ecc, 0x0a68985,
-      0x0acab17, 0x05954b5, 0x08d7262, 0x1e9c5d2, 0x0fb4189, 0x1b6d947,
-      0x0fc5410, 0x1c9e766, 0x0de9621, 0x1c7afec, 0x0fd6e65, 0x08fb2ed,
-      0x0291590, 0x08950ac, 0x140bc3b, 0x1427bc2, 0x03d1ece, 0x09ac1ec,
-      0x1dadd5e, 0x16ac127, 0x105f4ed, 0x1199f21, 0x1fc13ad, 0x15ef992,
-      0x0e4023a, 0x06c91f5, 0x090d716, 0x096a59f, 0x1ce8931, 0x1672c9f,
-      0x133d0ac, 0x0e620b2, 0x1d486e5, 0x13e22cf, 0x06cd269 },
-    { 0x0f4f3ac, 0x0059d89, 0x17ecb63, 0x0533a37, 0x103dcfe, 0x19b9935,
-      0x0d3e0c3, 0x104a800, 0x17c5a8c, 0x16eb449, 0x1c51088, 0x07a19b1,
-      0x12eb709, 0x0c2ba17, 0x09e569d, 0x1b5bb12, 0x02c087a, 0x170af94,
-      0x1aaded7, 0x1b8e922, 0x0bb47bb, 0x05d2c56, 0x14c3f90, 0x1758737,
-      0x017ebe2, 0x05e06f2, 0x1b18681, 0x1696334, 0x1355694, 0x01a6f93,
-      0x1be4ce3, 0x0615632, 0x0f03742, 0x064b2f4, 0x12e1b22, 0x0df45df,
-      0x07eeb82, 0x17713a6, 0x1770867, 0x07fb468, 0x0327c06 },
-    { 0x147cd53, 0x0cf7fad, 0x1bfaace, 0x1a32875, 0x1be9869, 0x0154335,
-      0x131ec50, 0x02dcc9d, 0x0b1c25a, 0x1f3e155, 0x1789c70, 0x16f2045,
-      0x1fc4216, 0x1b36b52, 0x037f320, 0x0666dcb, 0x09eda81, 0x068aca8,
-      0x0c2fedf, 0x0801e42, 0x0780370, 0x0cc9da4, 0x06f9381, 0x1e79a44,
-      0x1a1fe39, 0x1c38311, 0x0bbb2d3, 0x0554456, 0x07b83b7, 0x024b361,
-      0x0fc6bd3, 0x1b4bf4b, 0x042a94b, 0x00d793d, 0x008922c, 0x1935f75,
-      0x1670112, 0x15ce951, 0x1a15bad, 0x1a381be, 0x0020f19 },
-    { 0x0dbba20, 0x08d4352, 0x1714dc1, 0x0db63bc, 0x1618ebc, 0x092c205,
-      0x0286799, 0x09b34f0, 0x1d2bccc, 0x0201816, 0x0168925, 0x047a205,
-      0x08e9ff0, 0x1d24313, 0x04dfb8c, 0x0228e77, 0x0f24cd6, 0x1f1bf71,
-      0x0f415f3, 0x177fa74, 0x0fce79f, 0x09e66ef, 0x17ee85b, 0x0462e4e,
-      0x058ec5b, 0x16dc8b0, 0x19c830e, 0x0ed33d7, 0x0f6bba4, 0x01c345a,
-      0x1c0989d, 0x1e3140e, 0x0b0092a, 0x108b02a, 0x03aeb32, 0x0133a12,
-      0x0c888f6, 0x0bf0ff8, 0x01513dd, 0x041600a, 0x079e727 },
-    { 0x020a239, 0x1679294, 0x0c418ca, 0x1d55cd6, 0x11a3974, 0x0050efd,
-      0x15ae923, 0x155ac3f, 0x15a3ee7, 0x1229e1c, 0x0111b74, 0x0b41730,
-      0x0f54845, 0x0f0b33b, 0x0a765ef, 0x0eb433e, 0x00c7893, 0x0f92965,
-      0x1d0ea61, 0x035e7ce, 0x1d8de96, 0x0b3366d, 0x1c31e71, 0x18a71f2,
-      0x1854ecb, 0x08e0a51, 0x0a849a1, 0x11b54e7, 0x1f558c5, 0x1da2954,
-      0x017a6d6, 0x1f7a2bc, 0x1af7f83, 0x0c9ce9b, 0x049ce28, 0x0d4890f,
-      0x1511a05, 0x14595ac, 0x011b790, 0x1c6e02b, 0x0001d3c },
-    { 0x145b1d7, 0x11b5cf0, 0x19935af, 0x140138a, 0x13e3938, 0x007b6df,
-      0x0b9f79f, 0x0725cac, 0x0c343f5, 0x0882273, 0x025ec65, 0x0571b21,
-      0x1ca5ab6, 0x0897bcb, 0x087dc2d, 0x051c963, 0x154750f, 0x0c8e6eb,
-      0x1ee0597, 0x101c5ff, 0x02b3b4c, 0x03aca68, 0x197b4e7, 0x1067db8,
-      0x0a49d56, 0x10c6609, 0x13cda4e, 0x0e6d297, 0x12c404e, 0x09a57e6,
-      0x050d330, 0x023a803, 0x11bd5fc, 0x02f2303, 0x011ff16, 0x080aeb2,
-      0x190b7a0, 0x1401b03, 0x11a12cc, 0x1f8815f, 0x04bb8c6 },
-    { 0x10f8796, 0x0716efe, 0x0778c48, 0x1b62679, 0x0968a40, 0x1b4e373,
-      0x19b02a4, 0x077fd46, 0x0600727, 0x1f2db6b, 0x0050e4d, 0x19e1197,
-      0x0539e4e, 0x0ff5e00, 0x1ffa736, 0x16a7890, 0x0440199, 0x1f5c57a,
-      0x04d467a, 0x049c765, 0x1c162f1, 0x0564164, 0x0183086, 0x13b8b21,
-      0x1d6f270, 0x094d668, 0x14db541, 0x0d2daa8, 0x120bfc5, 0x0efcac8,
-      0x04300fd, 0x021ff4d, 0x1a3e88d, 0x19413cc, 0x1e95b10, 0x13a9f39,
-      0x1a135d8, 0x07f54f4, 0x1f9e0ba, 0x1036d4e, 0x03699a8 },
-    { 0x0b1c64d, 0x119b90f, 0x05516f2, 0x1be3a50, 0x09cf3a2, 0x1b8837f,
-      0x1a6cd94, 0x09b6fc5, 0x14f7cbf, 0x160b8a8, 0x02cdfc1, 0x02dc40b,
-      0x05cbde4, 0x041a74e, 0x114e9fa, 0x074eb05, 0x1e2e9ac, 0x14a6def,
-      0x1799f00, 0x1d8d978, 0x080d795, 0x0f8a135, 0x0308f09, 0x11a9f3f,
-      0x0d20d6a, 0x11af716, 0x134edf0, 0x071b54a, 0x1a4d528, 0x07601eb,
-      0x1cee782, 0x0f03968, 0x09475e9, 0x18e5565, 0x0e797b0, 0x0ee4e3e,
-      0x0253518, 0x18474fc, 0x1fe2c77, 0x0064115, 0x04f3a4b },
-    { 0x0d095f8, 0x1c0838f, 0x15383de, 0x0db444d, 0x03e37fa, 0x19b68e9,
-      0x0614abe, 0x023161f, 0x007d8e3, 0x08a31a7, 0x03c5bac, 0x152fc7c,
-      0x17b9634, 0x010f761, 0x152ee71, 0x0438248, 0x1dbd72b, 0x05a766a,
-      0x17c835f, 0x0070d0d, 0x00a2f96, 0x1eefc37, 0x07d4d67, 0x1891155,
-      0x154fa5a, 0x0fa621e, 0x0f44127, 0x0dae295, 0x00607a5, 0x159f581,
-      0x1784c54, 0x0f40464, 0x1be1c18, 0x1426da4, 0x1d294ab, 0x0089e49,
-      0x0b5a7b8, 0x092e018, 0x1e7f679, 0x08d4da2, 0x06d8744 },
-    { 0x09a42f5, 0x083d55f, 0x13234a7, 0x186f039, 0x1fd5316, 0x034f508,
-      0x169b677, 0x034e34e, 0x188fee9, 0x10cf06f, 0x113c493, 0x09b9f1a,
-      0x0499c2b, 0x18d74a7, 0x1db7e48, 0x199840b, 0x076cf28, 0x193fdd4,
-      0x15fdf3a, 0x141e03e, 0x1b746e1, 0x1a79fe9, 0x180fc7c, 0x183a427,
-      0x1c4a742, 0x0c05076, 0x01f7ae1, 0x195584e, 0x0848bc5, 0x1c8fd78,
-      0x0743d75, 0x00f58eb, 0x1f514ad, 0x1e2988b, 0x1cd2413, 0x1b2b472,
-      0x1bb70f3, 0x125654b, 0x1582656, 0x193ff38, 0x03cf384 },
-    { 0x01fc9e3, 0x0835d67, 0x0e65c01, 0x04ced60, 0x0972174, 0x15fbd9a,
-      0x06e379c, 0x1ee5694, 0x079b209, 0x1430154, 0x1aa3872, 0x17219c4,
-      0x1a90580, 0x1f1279c, 0x1cce6df, 0x0c5c23d, 0x1916293, 0x05b62ec,
-      0x1dec93d, 0x0e9c34a, 0x11e9511, 0x1a82f22, 0x1ce03f2, 0x106437b,
-      0x17afb14, 0x0957a6c, 0x0dd1f97, 0x13300d7, 0x19a6080, 0x0eb2df4,
-      0x0821549, 0x1a8abd0, 0x04828d9, 0x1053293, 0x1017615, 0x011918a,
-      0x1103077, 0x13f39e3, 0x17c98f1, 0x0a1dce7, 0x02b2488 },
-    { 0x141159f, 0x1e6f342, 0x02c885c, 0x109f682, 0x18224c1, 0x1650e3b,
-      0x018647c, 0x0800f45, 0x0a8b23e, 0x16103eb, 0x08d1294, 0x04214d6,
-      0x05071a0, 0x1af694a, 0x03961f2, 0x198d9b6, 0x0ef810f, 0x0b62b5c,
-      0x0b610ee, 0x118b1ec, 0x0975124, 0x1eba633, 0x12e40d8, 0x0d8cdec,
-      0x0f7f2e6, 0x05f31a4, 0x07049af, 0x05f3a88, 0x0e49e8b, 0x1951b9e,
-      0x1c2b01f, 0x1d0361b, 0x0486758, 0x110e8a9, 0x1534751, 0x1942116,
-      0x14414a1, 0x130f673, 0x108545c, 0x198d475, 0x0938b3b },
-    { 0x0ded340, 0x050b5f2, 0x00daa79, 0x1501d10, 0x0e65fb2, 0x0b9d65c,
-      0x0581b73, 0x1532e11, 0x0aaa657, 0x01d021a, 0x006c187, 0x18b0922,
-      0x0cf304f, 0x0d05db2, 0x03ed86b, 0x05bebcc, 0x0ecf554, 0x1c0c615,
-      0x1bddb57, 0x040aeca, 0x1d97740, 0x0849299, 0x0d59ade, 0x1add6bf,
-      0x055e574, 0x05bd723, 0x16956d1, 0x01ef436, 0x147ea56, 0x0bcdc9b,
-      0x159e5c0, 0x1e5b59c, 0x0e7e0e8, 0x01e0345, 0x181e13a, 0x03308e8,
-      0x1530734, 0x1464f68, 0x075ac93, 0x14bb3d1, 0x06cff58 },
-    { 0x1e51f68, 0x000d801, 0x1f59423, 0x0a3a5fc, 0x01d1f22, 0x1ec402f,
-      0x0342c26, 0x16fef33, 0x003e415, 0x0af483d, 0x165e609, 0x0cfac0f,
-      0x16d1484, 0x0da29c4, 0x170ec7a, 0x0a1e80a, 0x013809f, 0x01a8008,
-      0x008cff7, 0x165f4da, 0x00b8fbb, 0x057f8c1, 0x02da02c, 0x1a62fc0,
-      0x004dc38, 0x1efd8ea, 0x1333231, 0x067aa88, 0x013f841, 0x03f3376,
-      0x121fea1, 0x008dc5c, 0x13f83d8, 0x1d9d661, 0x1f15218, 0x0e78c4f,
-      0x0b936af, 0x13fc557, 0x04c9d7d, 0x11e636f, 0x05fe4ac },
-    { 0x16f401e, 0x1525fc5, 0x1b51606, 0x075ab8f, 0x05db12a, 0x183da50,
-      0x01c99be, 0x1a8f603, 0x09c22bc, 0x0e88f82, 0x1c7257f, 0x0fa8d26,
-      0x0f5454a, 0x0cd2375, 0x1b157ee, 0x12da00c, 0x07c7fef, 0x00c31be,
-      0x0e0fa57, 0x183a68d, 0x02dcbaf, 0x09805da, 0x1570e16, 0x1cfce24,
-      0x1ec2b34, 0x1746ec6, 0x02c6133, 0x13939f6, 0x0278646, 0x062124d,
-      0x19e3730, 0x04021e5, 0x10d95f2, 0x1d21014, 0x1325a5d, 0x1b0dc4a,
-      0x0b2abda, 0x098e44f, 0x0152082, 0x0c82438, 0x0813771 },
-    { 0x05a8edf, 0x1592f4e, 0x1eb5899, 0x0420f14, 0x0e1388c, 0x1b776fb,
-      0x1cdf521, 0x02ebe04, 0x1627446, 0x017d3fc, 0x14e0a89, 0x17b3670,
-      0x0f3e2cf, 0x017b8df, 0x16b5ec4, 0x0152575, 0x0fa677d, 0x02b155e,
-      0x07f7fcd, 0x1d7a2ea, 0x0c78573, 0x093e128, 0x15fd961, 0x0f9512d,
-      0x116eec4, 0x04f7067, 0x019d88b, 0x199af36, 0x12c0758, 0x0c417c7,
-      0x054c7f1, 0x14c010a, 0x032b37e, 0x062dd49, 0x0d860ba, 0x1c9af76,
-      0x12f146f, 0x1239ae6, 0x16e62fc, 0x1dd39a5, 0x079c280 },
-    { 0x0b48122, 0x04101f9, 0x123af73, 0x0d60958, 0x08c0491, 0x02442f5,
-      0x193727f, 0x03959e0, 0x182c100, 0x1c1c4cb, 0x178942a, 0x0e42ced,
-      0x007339e, 0x070d5c1, 0x0a96baa, 0x0965c2f, 0x0a06bc1, 0x0126946,
-      0x05ad88c, 0x18b76f0, 0x1606570, 0x0e67735, 0x1b1448d, 0x07d5c84,
-      0x1f89f18, 0x1a58d95, 0x1a71989, 0x1c75e78, 0x1e38bc3, 0x02135a8,
-      0x0ef82c1, 0x0e7c81c, 0x0dbc58e, 0x12df213, 0x15e2d6f, 0x107f3ba,
-      0x12c8f40, 0x0cfbc8a, 0x1fd3e7f, 0x14953c7, 0x0758073 },
-    { 0x091ca22, 0x1d82bc3, 0x06d9f49, 0x0c27454, 0x1206bfd, 0x1caa09f,
-      0x14e16b1, 0x00fd097, 0x0755366, 0x0e8c515, 0x0389331, 0x1bcf914,
-      0x1d2e166, 0x1e23a6d, 0x155d430, 0x10874ad, 0x0c11366, 0x16f7a22,
-      0x1d2e10c, 0x08dca79, 0x1783146, 0x1854fec, 0x12f0340, 0x0fdc406,
-      0x0c82429, 0x163ded2, 0x1ff5ef9, 0x1a16217, 0x07f3ff3, 0x123b046,
-      0x114b485, 0x169fa98, 0x0e52599, 0x0f08203, 0x1e8527a, 0x1bf7573,
-      0x0661d32, 0x0153fd4, 0x1aaa24d, 0x0b1f5ec, 0x03f3e34 },
-    { 0x11597aa, 0x01ad7ca, 0x13ad47b, 0x1893bec, 0x1677d4a, 0x1a77fad,
-      0x136726f, 0x06a04ed, 0x1515a29, 0x11f6524, 0x0ee70d0, 0x0aa7fb3,
-      0x1c8a696, 0x16f0f84, 0x07ba77f, 0x0bf31f3, 0x156199e, 0x15c7d14,
-      0x14a4b0c, 0x070eb06, 0x081bb76, 0x0e7e207, 0x01cd3b7, 0x08afb2b,
-      0x15e9f65, 0x095ec16, 0x18c31e3, 0x11dc647, 0x033d67c, 0x172660a,
-      0x0bb9dec, 0x0790629, 0x0d9f807, 0x117b1ab, 0x1788a83, 0x1c883dd,
-      0x0c48295, 0x0f0bf6b, 0x053bc7a, 0x1886985, 0x0640d20 },
-    { 0x084d513, 0x105c719, 0x14e93a6, 0x0be62a0, 0x074c354, 0x166a950,
-      0x1d01d16, 0x16f66dc, 0x01de50d, 0x005ee7e, 0x07f11b6, 0x0fb84a9,
-      0x088d9d4, 0x181f83d, 0x0dbbc4c, 0x1a98453, 0x0ca6d4a, 0x1a7230d,
-      0x127c6dc, 0x1c6a3bf, 0x0e65ca8, 0x06aba30, 0x02f1025, 0x065a6cf,
-      0x02b330f, 0x1745b18, 0x18a15d0, 0x1340e96, 0x0c29c36, 0x1588c3b,
-      0x1eb7f94, 0x12257a2, 0x19e4609, 0x1531cf9, 0x1598d26, 0x031dc81,
-      0x072e05c, 0x1448156, 0x0a05ae5, 0x15181b2, 0x00f9c1c },
-    { 0x1433df3, 0x1d559b3, 0x0a307ae, 0x0e2ba6c, 0x16aa534, 0x1862e65,
-      0x083625f, 0x1f22746, 0x165e408, 0x1648c65, 0x1cd145c, 0x10a9aa6,
-      0x094b638, 0x05a6e50, 0x04e668c, 0x0264ce6, 0x1300a3b, 0x06792b3,
-      0x1822ce2, 0x0c1bf4c, 0x0dfd5ea, 0x183d948, 0x162b5d2, 0x0d29f36,
-      0x02789d7, 0x1d8c190, 0x02d98c3, 0x10b27b7, 0x1e3eaf4, 0x1fb8632,
-      0x1e0f6d1, 0x07ce4c7, 0x1949c91, 0x17f99b1, 0x1b1b9b9, 0x0137359,
-      0x098a824, 0x1ecdd38, 0x1bb14d2, 0x05e8ba6, 0x07e31c1 },
-    { 0x1fd2dd7, 0x00eb406, 0x0762f8a, 0x004956c, 0x1efacb0, 0x018fcb8,
-      0x0017e51, 0x1797386, 0x0959cb3, 0x10646fd, 0x0ed0199, 0x18619ff,
-      0x0dfdd5f, 0x1cb4d08, 0x118c6f9, 0x1fa36f4, 0x09ede13, 0x119b718,
-      0x1251c1d, 0x077f5bf, 0x022376b, 0x0eee639, 0x1ea4649, 0x0d89dc3,
-      0x10d7315, 0x1a3ba0f, 0x0438acd, 0x1ec9dc8, 0x04d93c4, 0x0969f7e,
-      0x0ba1afa, 0x1f89f76, 0x13b7e03, 0x050dde2, 0x13d4cdf, 0x015832d,
-      0x1e23ba6, 0x120d183, 0x14d5d37, 0x08a64da, 0x01a219c },
-    { 0x04db0bc, 0x1bf7c55, 0x058ff73, 0x0cf6d93, 0x0e23180, 0x050c979,
-      0x0419cf6, 0x0e384c7, 0x0ffdc77, 0x0676171, 0x103b6f0, 0x1c6b45f,
-      0x03997c8, 0x0166302, 0x1843b06, 0x10240f1, 0x0cb2b0c, 0x17e86f1,
-      0x0795fe3, 0x188afed, 0x11c34d6, 0x192da9f, 0x054f9a6, 0x1f13971,
-      0x0330ac4, 0x1f32115, 0x065559a, 0x05fe465, 0x1442d19, 0x0816a1b,
-      0x00dcf35, 0x17d4d28, 0x04ce590, 0x1833178, 0x0dfbe00, 0x06d582a,
-      0x16d0bf9, 0x15e7bbd, 0x064bf80, 0x1337920, 0x017aaa9 },
-    { 0x055db2e, 0x0ab21c7, 0x014434f, 0x067728d, 0x035dee4, 0x042317c,
-      0x103956e, 0x0f83428, 0x1ea17e2, 0x17f9d9a, 0x17dea69, 0x186dbb2,
-      0x0f23f99, 0x1eeb396, 0x05ff766, 0x08b80e4, 0x01edd20, 0x0fa0056,
-      0x1fc1ac9, 0x0ab90e9, 0x09be94b, 0x1287252, 0x0291283, 0x076d026,
-      0x05e91b4, 0x162f449, 0x04853e5, 0x117dbbc, 0x17fa977, 0x152607c,
-      0x19c3d15, 0x14b7fa4, 0x08fd86b, 0x10477d1, 0x163ef9d, 0x1876965,
-      0x026474b, 0x0affc61, 0x0c92bef, 0x1e14be7, 0x06b282a },
-    { 0x141a595, 0x0012fb1, 0x0a31e3f, 0x0d488bc, 0x191c38d, 0x0234212,
-      0x1b8f7ad, 0x066e57a, 0x1755478, 0x1ca3369, 0x185b10f, 0x09a6107,
-      0x1491141, 0x0ad3d65, 0x176519a, 0x1f6c828, 0x1098fd2, 0x08816ef,
-      0x0ff61ec, 0x165a5a1, 0x10882a2, 0x0e2ca2a, 0x1a7a6f9, 0x0048bbc,
-      0x18bf4a8, 0x187771b, 0x02c8c1a, 0x01617ad, 0x1e9f3d8, 0x02e3615,
-      0x115da95, 0x0900584, 0x09d167b, 0x096fda1, 0x109cad0, 0x0427cc8,
-      0x0e8d976, 0x127a94f, 0x1bafed9, 0x046a8e0, 0x06d4f5d },
-    { 0x0ba9f88, 0x0795b00, 0x02fcd72, 0x00f76da, 0x1dc807e, 0x1c0f2df,
-      0x1b50ace, 0x03c1424, 0x0a7ac78, 0x1ae7367, 0x172e98c, 0x1cdfe6f,
-      0x073e308, 0x11e4b24, 0x0372989, 0x0869a05, 0x17e8818, 0x13975d2,
-      0x06de289, 0x07ab3ef, 0x0ea3a9e, 0x0e9783d, 0x14bc29f, 0x1a0bee9,
-      0x0467824, 0x15b707f, 0x00045b7, 0x0410a2e, 0x137580b, 0x0f492c7,
-      0x0ce70a9, 0x0e80e17, 0x18bd7a5, 0x1bec873, 0x01cae65, 0x08aa3f9,
-      0x00db81b, 0x0d49e22, 0x0d2b5bb, 0x09facba, 0x04aaf0b },
-    { 0x114c7af, 0x192831a, 0x1ab66fb, 0x1b78303, 0x109e7da, 0x11f62c5,
-      0x0ba1e3e, 0x10bde79, 0x1173b86, 0x06dfd5a, 0x14cb776, 0x1f81243,
-      0x06b2490, 0x05ece23, 0x1bce1ae, 0x1b7b69d, 0x12fa061, 0x1e0e6ea,
-      0x16f0136, 0x1d31344, 0x063664d, 0x15c2b94, 0x01be60d, 0x1c89540,
-      0x1a8048b, 0x06388d2, 0x1825c06, 0x0dbdbc9, 0x011fb11, 0x02bbd96,
-      0x165cabb, 0x14e43d9, 0x04dade1, 0x1f9d48a, 0x09af5ba, 0x0ff338a,
-      0x1c2e14d, 0x0a0b2d8, 0x18cde87, 0x0730578, 0x08b2cbd },
-    { 0x052e991, 0x00df945, 0x0bb0a3b, 0x0d9f3a8, 0x0ba202f, 0x1a75228,
-      0x144c318, 0x139060f, 0x1c5762b, 0x1e12bd9, 0x10a8b4f, 0x11a290f,
-      0x0abd329, 0x118ca44, 0x053c69e, 0x00da594, 0x13b06ba, 0x0e38654,
-      0x19017a2, 0x07e967d, 0x0ae79aa, 0x199aef7, 0x13193ba, 0x17e3a99,
-      0x1f57803, 0x1fee8aa, 0x151585a, 0x083d816, 0x0e33f60, 0x0073043,
-      0x1d48f7e, 0x1e04879, 0x19a79c8, 0x066ac1c, 0x093a1d3, 0x030d850,
-      0x0fc5c83, 0x0775764, 0x0d9c088, 0x008fb7c, 0x057e283 },
-    { 0x1cdf666, 0x05b4c7d, 0x0749b98, 0x1317d76, 0x1dd06a9, 0x04c21b5,
-      0x0b6ea01, 0x11a8089, 0x0522bc8, 0x1b5fbaf, 0x08ec835, 0x1736508,
-      0x12655c4, 0x099cc53, 0x103d249, 0x0ec02cb, 0x0b70ca3, 0x13b6a79,
-      0x00c3e96, 0x11324a4, 0x0705469, 0x03db02a, 0x05acdfa, 0x1bc365f,
-      0x0f73153, 0x182f7cb, 0x12b553b, 0x1d97791, 0x1617b05, 0x0e85549,
-      0x1f7aca2, 0x0f97442, 0x0c0fbd5, 0x0516b9d, 0x0d58675, 0x07a1a79,
-      0x091d606, 0x1f74ea6, 0x1f69ba2, 0x06ed2df, 0x04f12e0 },
-    { 0x1f1a610, 0x1d2110a, 0x0669333, 0x0a6f0ca, 0x004a5c5, 0x01c09a4,
-      0x09151ce, 0x054248d, 0x04b284e, 0x10ada42, 0x144c83e, 0x18ca28d,
-      0x1a36464, 0x1854507, 0x1aea231, 0x1009df6, 0x0e793c4, 0x13a73e7,
-      0x056b85a, 0x09a4597, 0x14dd8c3, 0x0ffce0e, 0x0767b62, 0x004a6e3,
-      0x0866d32, 0x02530d0, 0x0a6f591, 0x0b64656, 0x17bab14, 0x1496793,
-      0x00be223, 0x1528916, 0x1e69c6e, 0x10f65b9, 0x1aa56d4, 0x043492d,
-      0x1858afb, 0x1bc753a, 0x1be46a3, 0x07d624c, 0x083d233 },
-    { 0x1b478d7, 0x1994433, 0x1270718, 0x02a145f, 0x01ee1ae, 0x09120dd,
-      0x0acc063, 0x12c0b6d, 0x0893cd6, 0x0f8f944, 0x05ea1da, 0x0cc1502,
-      0x17159d6, 0x18739eb, 0x0480465, 0x0be15d0, 0x10093f5, 0x12947f7,
-      0x01537ec, 0x0f1b71b, 0x1fbbb39, 0x1b7a2ec, 0x15ad0fb, 0x17dc72f,
-      0x04bfed5, 0x0d68bef, 0x05afddb, 0x003c1eb, 0x00754ca, 0x14071ea,
-      0x1cca2c8, 0x1f1d0dd, 0x0db6122, 0x0f2c347, 0x1abedf4, 0x17044d6,
-      0x0f40a55, 0x1a990a9, 0x0588518, 0x07d8b46, 0x07362f1 },
-    { 0x1c0c430, 0x1593e39, 0x195de4b, 0x1f4a386, 0x0cc0a65, 0x0ca78dc,
-      0x13b3b48, 0x08ea14b, 0x0814b49, 0x04a2b44, 0x1eefd06, 0x103496d,
-      0x08bbf0a, 0x1855430, 0x1bd3d63, 0x0f2bc6e, 0x1683987, 0x0ec9b0e,
-      0x0ea3435, 0x0219b1c, 0x0455b65, 0x1fdb60d, 0x18f8bf6, 0x19123f2,
-      0x1154eae, 0x1b21648, 0x17fd5a3, 0x1d63ce2, 0x0b399e0, 0x0e6b979,
-      0x02f9ebe, 0x113e17e, 0x1c39bac, 0x01b4a8f, 0x164a426, 0x11e10c3,
-      0x1a0a20a, 0x18b7816, 0x03ab766, 0x07f4718, 0x02f1069 },
-    { 0x006ded2, 0x1674886, 0x01ec1e9, 0x1e5fb21, 0x1974842, 0x1b1ad37,
-      0x0ff5aa7, 0x04dc8d1, 0x11ed606, 0x05b0c48, 0x1b95201, 0x113e6d3,
-      0x011fb2f, 0x0e4b510, 0x0f4444f, 0x0675939, 0x0fe10d6, 0x133acd6,
-      0x1ea98a7, 0x14cdf91, 0x028364b, 0x04a3f9c, 0x09a1ab9, 0x139b533,
-      0x03a05d5, 0x1b74146, 0x1023a8b, 0x18f5f62, 0x1953c87, 0x0472579,
-      0x13c9547, 0x13b553c, 0x153d279, 0x18ca02d, 0x0352b5b, 0x163dfed,
-      0x16437cd, 0x1aedeec, 0x0810c9d, 0x1c89fcf, 0x0985f83 },
-    { 0x0f45294, 0x01e0b75, 0x1d46258, 0x018496a, 0x1013116, 0x0b5a96b,
-      0x08060e7, 0x0809822, 0x0ed9433, 0x03ce781, 0x106da1c, 0x0516e9e,
-      0x010c5b0, 0x0e4560f, 0x10fc1da, 0x09e1c7b, 0x0a3f8b2, 0x12d62f7,
-      0x0d31708, 0x0d0975c, 0x052aee6, 0x11cd5e2, 0x0949679, 0x1be8b99,
-      0x12cd1e9, 0x07d583e, 0x0c6910f, 0x0e03392, 0x0003b30, 0x0d54c96,
-      0x0b9a3f7, 0x01b1978, 0x19f179c, 0x00e5396, 0x09bc79e, 0x1377e2b,
-      0x10dcc79, 0x0bbceaa, 0x18bc553, 0x0801fd2, 0x00c88e5 },
-    { 0x0f44357, 0x18d3574, 0x0daa13d, 0x0c74795, 0x175b4bf, 0x15e3407,
-      0x076796b, 0x1e46699, 0x08a753e, 0x1657842, 0x18f23b3, 0x09820eb,
-      0x1ae2801, 0x1ba7c69, 0x07568e3, 0x0655d77, 0x064b80e, 0x13acc42,
-      0x0af0de4, 0x051cdfe, 0x01977b3, 0x17f7687, 0x1aeec7e, 0x0660cb5,
-      0x0ac955a, 0x07433a7, 0x1e48b6f, 0x1833fb1, 0x1b907a8, 0x1742cc3,
-      0x15e305e, 0x0767459, 0x1f33627, 0x1bb97c4, 0x0067ea1, 0x0dd75d4,
-      0x1a25ced, 0x0ef24c9, 0x01c5539, 0x1715e22, 0x08e2560 },
-    { 0x141aba6, 0x1ba3618, 0x1e795b4, 0x1f75659, 0x05a1079, 0x0e93e3a,
-      0x0a0c673, 0x01d6c70, 0x09dfd95, 0x111bb19, 0x1023fc8, 0x0b9a752,
-      0x181e0b1, 0x188b008, 0x0a00802, 0x1774e93, 0x15da383, 0x0938ced,
-      0x14411b5, 0x106814c, 0x1b1f607, 0x0f4ba91, 0x024a753, 0x0145157,
-      0x0345c8e, 0x0e3a020, 0x082b7c2, 0x024eb58, 0x11d6116, 0x1932919,
-      0x142d06a, 0x0a72394, 0x10cc77c, 0x1118a91, 0x124a3e4, 0x13117c1,
-      0x12fd9a2, 0x19ec95c, 0x1cb97fb, 0x0450649, 0x059005f },
-    { 0x04c1c74, 0x0ba861e, 0x0de5aec, 0x01d2cdf, 0x1e73aac, 0x02cb9fd,
-      0x176499b, 0x16d0b4e, 0x03a8656, 0x04bfc99, 0x11b37a3, 0x0762a08,
-      0x1f2b704, 0x1ff9c4b, 0x0245bdc, 0x0e564a9, 0x01cb18b, 0x1489ee8,
-      0x0230379, 0x0ea3e29, 0x0a58d0a, 0x0a42ac6, 0x0645d5c, 0x14cc7b4,
-      0x1430144, 0x10c4bb8, 0x12c3821, 0x1be3215, 0x1ead9c2, 0x1e0679c,
-      0x0840203, 0x02e705b, 0x085ac6e, 0x1519c00, 0x0144c98, 0x1bd2f23,
-      0x143bae8, 0x04ac9b5, 0x17dbb91, 0x04daf07, 0x057a78e },
-    { 0x0dbddd8, 0x19a37a0, 0x0eb0586, 0x0f28218, 0x0b49a92, 0x03679d9,
-      0x09e0c62, 0x1d718a8, 0x033b93d, 0x16f9919, 0x1d5e75c, 0x13ea81b,
-      0x009c8d5, 0x01077a8, 0x15e99f7, 0x10c87cb, 0x11867f0, 0x1e2359c,
-      0x165ab70, 0x14488b5, 0x04d0ecf, 0x0d8622a, 0x1963d62, 0x1082fae,
-      0x09301e0, 0x1447376, 0x0b11538, 0x194bded, 0x0f462d6, 0x0247d60,
-      0x0d90644, 0x011b140, 0x12407d8, 0x1adbf42, 0x0e9fdb4, 0x0f698a6,
-      0x0f6ada8, 0x08f2094, 0x1cba0c9, 0x18b0388, 0x01ca370 },
-    { 0x001b68a, 0x0a8b8d4, 0x02ce52f, 0x19fa333, 0x1312879, 0x0b19013,
-      0x0aafd04, 0x1b6920b, 0x0f5b01f, 0x0ff43fa, 0x084a2ed, 0x047539b,
-      0x1778de5, 0x03de98f, 0x1c58687, 0x0986a17, 0x1d02390, 0x0daef67,
-      0x0623c4b, 0x165105c, 0x0e74224, 0x0efcced, 0x0374a00, 0x19a39a4,
-      0x067b508, 0x11ce56a, 0x170219f, 0x1862387, 0x0250726, 0x0b9015a,
-      0x00dc684, 0x05dfb20, 0x1bf464e, 0x09d81c1, 0x122876f, 0x14a7a08,
-      0x06265ba, 0x0da97a7, 0x0b1e4cb, 0x0989867, 0x02584b3 },
-    { 0x0eec688, 0x031c495, 0x148cf2e, 0x148bf7c, 0x05e740b, 0x105afc5,
-      0x1c7dff5, 0x07a845c, 0x0487491, 0x0ae8c2e, 0x1f60351, 0x166df42,
-      0x0404c2b, 0x1602a29, 0x09c6152, 0x14cae7e, 0x045a8b9, 0x03b6e98,
-      0x0bb9f32, 0x0587c2c, 0x07d02e4, 0x0326fb6, 0x000999c, 0x0f96910,
-      0x1dd51dc, 0x1f02c93, 0x1861e25, 0x167f557, 0x15737c6, 0x0917796,
-      0x1fff9ab, 0x1fea353, 0x1b60269, 0x03dd557, 0x1515a60, 0x15c3906,
-      0x151ca49, 0x0edb7fc, 0x0c216b3, 0x0e87f35, 0x07e8113 },
-    { 0x10a88b1, 0x11545c1, 0x1f86b5c, 0x119c222, 0x11918ea, 0x04da3ec,
-      0x142e010, 0x1a67c05, 0x16c46d1, 0x09c0969, 0x059a72d, 0x1b61cb1,
-      0x1e2fd09, 0x0ad866a, 0x1173418, 0x188a730, 0x15a2386, 0x1860e0a,
-      0x17fd0f2, 0x0e9bcbe, 0x00cdda7, 0x0c71c8e, 0x0ec1dae, 0x009e50d,
-      0x11eff50, 0x1ff4beb, 0x12bbb02, 0x07c168d, 0x01ad942, 0x0333995,
-      0x08b914e, 0x072db48, 0x00c9f81, 0x195ff7f, 0x06898f6, 0x02c6ed8,
-      0x1a56fa9, 0x0e3c8c5, 0x0169800, 0x0c9bf09, 0x0436b8c },
-    { 0x0b764bc, 0x0bf4ec5, 0x1e12204, 0x0940efb, 0x1fa61e9, 0x0c775ee,
-      0x1974c30, 0x1b8b4ee, 0x1fc9451, 0x0448b57, 0x08d1e95, 0x1c660e3,
-      0x1f01a52, 0x191da0e, 0x0ee577a, 0x1850cc6, 0x0c943c8, 0x06ebeb4,
-      0x0365c1a, 0x13a83c3, 0x199de4f, 0x0846493, 0x1e6422e, 0x0e72946,
-      0x0148ed4, 0x09ff30a, 0x1f35479, 0x0a030a2, 0x03dcb6e, 0x03af012,
-      0x0154180, 0x02f2a88, 0x1dcde62, 0x0d2fff2, 0x03854df, 0x0cdef92,
-      0x0768cb6, 0x1bd5720, 0x0578477, 0x13cdb7d, 0x05266ca },
-    { 0x186b3db, 0x0f73689, 0x1502137, 0x14f871c, 0x19e4af5, 0x027a4ef,
-      0x01103ac, 0x1fb6683, 0x0fde5a4, 0x09c50f4, 0x15f3f08, 0x1248604,
-      0x013e6e6, 0x0cfeb86, 0x0671b8c, 0x03fe06a, 0x17486c3, 0x0479a70,
-      0x103387a, 0x0531fb2, 0x0d7cf1e, 0x0e8a4b0, 0x1bee32c, 0x05e77fe,
-      0x013472b, 0x07f903e, 0x1051bbe, 0x1334416, 0x13e2208, 0x1b15bde,
-      0x09df7b0, 0x0c4d7d4, 0x175044e, 0x065b3d4, 0x11253ed, 0x141e656,
-      0x1fc6703, 0x1d04900, 0x128af05, 0x17339b0, 0x041f325 },
-    { 0x02843a4, 0x16a89e7, 0x0bf0c4b, 0x1c00e51, 0x0748498, 0x032672f,
-      0x0a08936, 0x07751de, 0x0a62008, 0x0032382, 0x14ce34d, 0x03b297d,
-      0x185905e, 0x031f3d9, 0x15e32d4, 0x0f77254, 0x196289e, 0x0cc13b6,
-      0x05edcd0, 0x05b88fe, 0x0944dfe, 0x0f8ed64, 0x1648d48, 0x080154e,
-      0x0d28d23, 0x1219edb, 0x1a9d86e, 0x0c8ee0b, 0x1d07ddc, 0x1d36cdf,
-      0x1f6251e, 0x0485951, 0x0f2e3ac, 0x01a3400, 0x19c3ae3, 0x1a93de8,
-      0x19aa18f, 0x19e9bde, 0x1aa79f6, 0x16dcb19, 0x056b30f },
-    { 0x180a428, 0x06e5566, 0x02441fb, 0x190e659, 0x1af922d, 0x0d220fb,
-      0x01e60eb, 0x11441b1, 0x0924b00, 0x1f6cd22, 0x0070e8e, 0x067965d,
-      0x1321235, 0x12fc03e, 0x13901d5, 0x15d9786, 0x1a51f2f, 0x085fd77,
-      0x17a2a23, 0x0c694b5, 0x0a9178b, 0x1c4a1c9, 0x11382df, 0x17639b1,
-      0x0237790, 0x0571849, 0x0be1c81, 0x1d5369f, 0x13cd83d, 0x00fac2e,
-      0x1e4fb7e, 0x18ca474, 0x0f88c51, 0x06cb4ac, 0x0e2c5f0, 0x0fc8e5f,
-      0x1ccf7f0, 0x0840f2e, 0x1451a26, 0x0aeb17b, 0x01353cc },
-    { 0x1bf6e18, 0x0b24b9c, 0x071ca29, 0x04c9371, 0x19e8b5a, 0x145c73a,
-      0x0d28373, 0x0191b28, 0x1204704, 0x09adfa8, 0x0e3a0b6, 0x02c8d4f,
-      0x142ab3a, 0x13fc094, 0x160fb58, 0x0e52fe2, 0x1e072d6, 0x1c20b53,
-      0x14e790a, 0x10bb0d9, 0x1bad496, 0x03cac6e, 0x029e5ff, 0x0b9cdbd,
-      0x0f92815, 0x11ad2ac, 0x03e28d8, 0x0be9cae, 0x077ae57, 0x07e0294,
-      0x0f6f1a7, 0x14d62dd, 0x14193a9, 0x060f8c7, 0x10f2ec7, 0x131a3be,
-      0x1a21e78, 0x1d41872, 0x17d61c8, 0x0bbe8a3, 0x03ec218 },
-    { 0x10bc2d7, 0x063eb8f, 0x104ae75, 0x18dca3a, 0x0982c6c, 0x0fc07b3,
-      0x0b64e82, 0x13925c0, 0x1047ae0, 0x1ee9692, 0x0d47e6d, 0x093e6fe,
-      0x1e35031, 0x03bc285, 0x1527387, 0x1a590d3, 0x0cb12f0, 0x0b01215,
-      0x0f0a2e7, 0x1118acf, 0x0550ba1, 0x10835e0, 0x0390184, 0x0fa8653,
-      0x04b1f8d, 0x0f0586c, 0x1f4e254, 0x094cf5c, 0x097607b, 0x02bdc5e,
-      0x1cad49f, 0x0a92f54, 0x093c5f3, 0x0eb335e, 0x0330e6f, 0x06be3bd,
-      0x09d447a, 0x03ee2e7, 0x0af94c2, 0x16d4423, 0x089b356 },
-    { 0x1dcc837, 0x0d857ef, 0x1ea7b5b, 0x1550e36, 0x0fb80ba, 0x0ea5b90,
-      0x0ff2470, 0x0b88275, 0x1adac9e, 0x0dab5fb, 0x195e8fd, 0x05b5170,
-      0x0e5664a, 0x0720eca, 0x0c13dc8, 0x06cb023, 0x1263743, 0x131f08e,
-      0x109b6ba, 0x051d9de, 0x0dc2ee6, 0x04e58b1, 0x0045867, 0x0c90c86,
-      0x1817f87, 0x0434e7a, 0x095612f, 0x03772e0, 0x1f7928e, 0x1e77805,
-      0x194b309, 0x1b8c1dd, 0x0f3a80e, 0x0e17ca7, 0x0afa1eb, 0x04fc240,
-      0x0a0d4f5, 0x178c704, 0x1449995, 0x01aaf8b, 0x039c4f1 },
-    { 0x08aecd3, 0x0db4674, 0x0a76cea, 0x114a315, 0x155b091, 0x0a772a2,
-      0x136b52f, 0x109db83, 0x102068d, 0x0db45b3, 0x0b1cb5e, 0x01a1023,
-      0x187dac8, 0x140d053, 0x079b4d6, 0x0c506da, 0x1ea3bd1, 0x06420f4,
-      0x0531111, 0x182eeb1, 0x1202a7b, 0x12f8d50, 0x1cad8dc, 0x1a98aad,
-      0x1767ec7, 0x08ddf63, 0x0f51bfd, 0x102fd76, 0x17e3392, 0x1f46b9f,
-      0x113f796, 0x0b5da49, 0x0c6c977, 0x0bce7a2, 0x1c1edb9, 0x1817342,
-      0x1069fbc, 0x18b23c4, 0x0ac033f, 0x05a922a, 0x0414b54 },
-    { 0x06e173b, 0x18f2c30, 0x04e8cf0, 0x1721cce, 0x1b7f4e1, 0x1d9057a,
-      0x0d44b7a, 0x0e084bf, 0x105120e, 0x1c4630b, 0x0f93b31, 0x0c05202,
-      0x173ef05, 0x00e3736, 0x074d6b2, 0x0d2153f, 0x08f9450, 0x17098f4,
-      0x12bc20b, 0x1f36648, 0x0ea9708, 0x160dd15, 0x0cb9359, 0x01b6539,
-      0x14a6e74, 0x003d78f, 0x034610c, 0x0957249, 0x156a6c7, 0x077c76a,
-      0x0984cce, 0x04e1a2f, 0x08e623e, 0x07adffa, 0x0bea582, 0x0a78e6c,
-      0x044e851, 0x0bbc3a2, 0x02ca90e, 0x0d5c017, 0x052678d },
-    { 0x136aeb4, 0x18e2cef, 0x02ad77f, 0x1952578, 0x12d6653, 0x1d2fc0a,
-      0x1d25a49, 0x03e1c07, 0x02dfd49, 0x084ea0a, 0x07e26e1, 0x18a54ae,
-      0x05258c2, 0x0999a24, 0x1586012, 0x13c1257, 0x14f3f7d, 0x10d19f4,
-      0x106fe41, 0x0831a65, 0x095cfab, 0x072d52b, 0x1ce7124, 0x1a5afff,
-      0x1196ef6, 0x0548720, 0x143de52, 0x1d9a80e, 0x053b4f3, 0x1cd9698,
-      0x1252d63, 0x0bb32e9, 0x0ee842a, 0x17b415c, 0x1076fc8, 0x0c474b3,
-      0x08efcea, 0x0d630a6, 0x1bb7411, 0x0b78219, 0x07040ba },
-    { 0x15a1a96, 0x127c0a8, 0x1f80b0d, 0x0630864, 0x11a6350, 0x0c9ea79,
-      0x199406b, 0x0e61412, 0x1273b61, 0x0bb4a78, 0x16a74a7, 0x10eda59,
-      0x178886d, 0x140a60b, 0x0069d08, 0x0d2d63c, 0x16b8667, 0x11a4913,
-      0x0c97c01, 0x09e18cb, 0x0c4a2fd, 0x0ffd94a, 0x1949cd2, 0x03a66de,
-      0x00d8ade, 0x10760ff, 0x039f8e1, 0x1f3447d, 0x14c31ea, 0x1b90dbb,
-      0x12a5f4a, 0x086caf0, 0x0c3e582, 0x07551fd, 0x1d39c3d, 0x11fe5bf,
-      0x1e87324, 0x140f0d7, 0x12704f4, 0x1ac17a3, 0x09043a6 },
-    { 0x06c7937, 0x0d07f3b, 0x0f8c544, 0x1957787, 0x1b2ded5, 0x0444560,
-      0x1833380, 0x1e65582, 0x1616200, 0x143aa5e, 0x0ba81a4, 0x107a694,
-      0x0fb801c, 0x0e5f083, 0x15e80ea, 0x19b2915, 0x022cedf, 0x04cb584,
-      0x101a620, 0x068c75c, 0x1663c3c, 0x06facbf, 0x1ec4ba9, 0x19255f3,
-      0x1383440, 0x0aa1646, 0x193a368, 0x13790b8, 0x0e801a7, 0x0fd16da,
-      0x0ca55dc, 0x03c6af3, 0x1d2c138, 0x1683c3d, 0x177ffea, 0x0dc8b8e,
-      0x173eac4, 0x1b051e5, 0x17cd6c1, 0x0907424, 0x026362b },
-    { 0x0fc3e89, 0x1469477, 0x19c4971, 0x0ed3d3d, 0x0d0ee87, 0x0f25ba9,
-      0x0ee1abd, 0x067160f, 0x0cb86b3, 0x1b84839, 0x14aeb36, 0x01d5fea,
-      0x09fd3d2, 0x0606d0f, 0x1bacac5, 0x0e28b4b, 0x08a44f9, 0x09c8fb4,
-      0x181b521, 0x17a6203, 0x0d4921f, 0x12df54e, 0x11793ca, 0x17e43b4,
-      0x0d464a7, 0x038bdb0, 0x0015355, 0x127f119, 0x00f2e91, 0x09e8df7,
-      0x1cd6b39, 0x1828724, 0x0c26563, 0x15af749, 0x02ca5b1, 0x15390dc,
-      0x09ff59b, 0x17f1188, 0x04d7914, 0x040aab9, 0x02e952b },
-    { 0x15f886e, 0x035e56b, 0x1160aa1, 0x1da87bf, 0x068a5db, 0x1d8dc37,
-      0x116d801, 0x16a207c, 0x1355ff2, 0x0071764, 0x0fb3256, 0x1e4d44c,
-      0x13bc702, 0x0c0f2f1, 0x0d6ce18, 0x040ec50, 0x1ec6c12, 0x0812889,
-      0x1ef615b, 0x04dc74f, 0x1cb1a5c, 0x19ceb75, 0x03be0fe, 0x09a5f51,
-      0x053f2a4, 0x14bbd55, 0x0d4ec7e, 0x1829de6, 0x159a307, 0x05088ba,
-      0x183fd81, 0x16126ef, 0x1cd96b0, 0x1813995, 0x025b6cb, 0x0d4b829,
-      0x0b53ef0, 0x054264f, 0x0392c70, 0x02e606f, 0x01236d0 },
-    { 0x084373b, 0x00e47e0, 0x1ebb5d2, 0x10c8c12, 0x09ae476, 0x1de1a59,
-      0x17e8184, 0x1602601, 0x0934bc2, 0x18938a6, 0x0f9f88d, 0x0c521c5,
-      0x0086524, 0x1680840, 0x13eee7f, 0x08aecaa, 0x1384231, 0x1787605,
-      0x0c28ca0, 0x15eb286, 0x181765b, 0x1438377, 0x0ef7786, 0x0ea61d2,
-      0x0727dba, 0x0e5be96, 0x19d3325, 0x1618bac, 0x18906db, 0x09b2921,
-      0x1cecff3, 0x1a28cb1, 0x1881941, 0x1f8748c, 0x1555b25, 0x15cc2de,
-      0x0b9ec7e, 0x1e16c2a, 0x0d5b8d4, 0x028c419, 0x002a480 },
-    { 0x06ccd38, 0x1691ea8, 0x0a98475, 0x0920b37, 0x029a1c5, 0x0808e29,
-      0x0709da7, 0x0fae2f9, 0x0d82893, 0x03f0da3, 0x0d420fa, 0x1777070,
-      0x18f5d63, 0x156d612, 0x09ed09e, 0x09a3fe1, 0x0bd9f15, 0x0ccd593,
-      0x1b2557f, 0x01ff7f1, 0x1880dec, 0x13a4fe5, 0x1ba55f1, 0x00229bd,
-      0x15dee1e, 0x163991c, 0x1cda7d1, 0x1254c96, 0x0b25991, 0x033048f,
-      0x1690c11, 0x145d187, 0x02da887, 0x0b68c5f, 0x10970d5, 0x07489c5,
-      0x155f75f, 0x1c820a5, 0x1ff80c4, 0x0df1e42, 0x01d8bde },
-    { 0x0028924, 0x09cfc51, 0x0e7c0f3, 0x1960dd9, 0x0e54f19, 0x182c233,
-      0x0f2df5b, 0x0ed0c57, 0x05a0607, 0x1f0338b, 0x1fb0436, 0x12f5621,
-      0x1c9397c, 0x178ddb2, 0x084e099, 0x17471e8, 0x0cba672, 0x120a6f6,
-      0x022c179, 0x1a9a87f, 0x14d1594, 0x1d564a6, 0x1e64fd5, 0x162ec70,
-      0x02a6abf, 0x0ad3a7e, 0x0edbf19, 0x1032d6b, 0x0d2139d, 0x0e42774,
-      0x09b70dd, 0x06c1a74, 0x1b00a02, 0x09dc3dc, 0x0d737ae, 0x1d66dda,
-      0x0c83209, 0x12d945e, 0x04f07d5, 0x0878c20, 0x0349c69 },
-    { 0x1e6c88a, 0x1ca2226, 0x01fb46c, 0x028e004, 0x15c2c47, 0x015bc06,
-      0x1628887, 0x07d6de8, 0x0085099, 0x04fbab2, 0x1c3061d, 0x0af375d,
-      0x10400ba, 0x19be387, 0x1d0a4e1, 0x0fd7e5a, 0x0ec2146, 0x1e2d471,
-      0x0cdfd14, 0x14ccdca, 0x150a243, 0x03f685e, 0x12647c7, 0x17a3f23,
-      0x13e90f4, 0x14d9d3f, 0x097c384, 0x0c113d1, 0x1896359, 0x10bb839,
-      0x127434e, 0x04e3055, 0x0f842d5, 0x1e2e14e, 0x0a64205, 0x124232a,
-      0x0725576, 0x17993f4, 0x163ea8c, 0x1571385, 0x0056587 },
-    { 0x0e4733d, 0x0b1768e, 0x1110021, 0x1731ca2, 0x1faff7c, 0x15a35ca,
-      0x0087ea6, 0x026be06, 0x0b61a8c, 0x0a4a62f, 0x0d65da2, 0x006c6d6,
-      0x1657c95, 0x1561697, 0x1a1323c, 0x0e07cd7, 0x0d89bd2, 0x1872d9a,
-      0x1a1caae, 0x1b231ef, 0x0ee1c4a, 0x0fe2029, 0x10aa27a, 0x1216a3d,
-      0x0ee3f31, 0x0a7e165, 0x1dbffc9, 0x11fa286, 0x1e09725, 0x06b4441,
-      0x0e1bcf0, 0x01f62a8, 0x1d0a0e9, 0x1570031, 0x192fdb2, 0x198870e,
-      0x1f1d0f6, 0x0f8ab29, 0x16f7a05, 0x1db70d9, 0x01b87f2 },
-    { 0x10b15b1, 0x095dd95, 0x1de4d5e, 0x0f9cd74, 0x03e4b5a, 0x079bbcd,
-      0x1ff6776, 0x1dff759, 0x1c298d1, 0x02a285e, 0x00c7180, 0x0aad88e,
-      0x060e3f5, 0x0aeb403, 0x1c3c1ea, 0x0a5840e, 0x0e02d10, 0x0671f42,
-      0x0aa3315, 0x00f23cf, 0x03a3b05, 0x19dd191, 0x1358879, 0x0c65320,
-      0x1b94d39, 0x0b6c3dc, 0x1dfae01, 0x1bf3968, 0x1ca0cc8, 0x06f476f,
-      0x12b890c, 0x12e2541, 0x14bf416, 0x0454c9b, 0x11de221, 0x1d7c7e7,
-      0x04a3e59, 0x15c3d8e, 0x0f08ec8, 0x1887d2b, 0x08e0227 },
-    { 0x010964d, 0x1115419, 0x1bac003, 0x0bfe0ad, 0x1ccd5df, 0x18f56be,
-      0x0e87f6b, 0x1c6042e, 0x067cdca, 0x01419f0, 0x1324334, 0x099717b,
-      0x151cc57, 0x19125a7, 0x1b29c50, 0x105310d, 0x03abb3f, 0x1e80730,
-      0x106a37a, 0x1d9c361, 0x061db98, 0x121bc61, 0x08a291b, 0x02cbcba,
-      0x1dd0da6, 0x071637c, 0x052dfbc, 0x075c713, 0x09f306b, 0x0b59ded,
-      0x16ce8f0, 0x0714109, 0x09a26d3, 0x074a82f, 0x064d4e5, 0x18a51cb,
-      0x0ea206b, 0x076588a, 0x175ba12, 0x16a80a8, 0x014b15a },
-    { 0x04c59a2, 0x0c364b3, 0x0a943db, 0x02c1faf, 0x1dfe2be, 0x1965c71,
-      0x0d5a641, 0x1c067f3, 0x18176a7, 0x19192ec, 0x1c202d7, 0x09ce8b0,
-      0x0579a0d, 0x06aea70, 0x1b837bc, 0x051c349, 0x1fac87b, 0x16056cf,
-      0x1c26d3b, 0x031a5e7, 0x1d87d6f, 0x1394974, 0x13225ab, 0x128ec79,
-      0x0953d60, 0x0fd6544, 0x0063efe, 0x17dd2f5, 0x03d701d, 0x1074a5b,
-      0x0bf7c83, 0x08fd4e4, 0x1ba6e30, 0x1ab8fe5, 0x072984a, 0x0b9cafc,
-      0x009a55f, 0x0b563b0, 0x078b878, 0x1b18871, 0x0742bbe },
-    { 0x1dc2c73, 0x1436e60, 0x0afc8fa, 0x1782c87, 0x0bbbfd5, 0x0c650fa,
-      0x1e87c93, 0x18e0ff1, 0x08cb5ca, 0x1345370, 0x19a9f77, 0x0c96a9c,
-      0x187d54c, 0x14dbd6b, 0x076e88a, 0x15728f1, 0x140e364, 0x0a6c46a,
-      0x1dcb804, 0x05c05a3, 0x0278c8c, 0x0ba3715, 0x1320981, 0x030f8fa,
-      0x15bb34b, 0x064f361, 0x1bae3f8, 0x1b167bf, 0x11e415e, 0x1a743e8,
-      0x1e6daf0, 0x170cb8f, 0x1908bbf, 0x060be59, 0x139b87b, 0x16e2fa3,
-      0x17cdd69, 0x0f19847, 0x1049054, 0x0296b92, 0x097bd5a },
-    { 0x1e82861, 0x0317f40, 0x103b807, 0x1bba858, 0x103d4b6, 0x0f48f2b,
-      0x1956f99, 0x1bafca5, 0x05abbbf, 0x05a49ba, 0x0917d2e, 0x1ea58e5,
-      0x18b4f15, 0x0a8794e, 0x010d6a1, 0x1cebf9d, 0x19b582d, 0x14efbb5,
-      0x08322e5, 0x1098bf4, 0x0af452e, 0x0885450, 0x0bddf4b, 0x0c02787,
-      0x1bbd8ca, 0x02f81c4, 0x089be0c, 0x01b3737, 0x0c8b9ab, 0x1424067,
-      0x063c14f, 0x1ff57b4, 0x163367a, 0x1261526, 0x0f92990, 0x1ca1ea7,
-      0x064fba2, 0x0962c64, 0x151a7e2, 0x0629198, 0x0317c6d },
-    { 0x0b7d42b, 0x092d816, 0x12b830d, 0x12621f5, 0x15240bc, 0x102047a,
-      0x0808bfc, 0x1411aba, 0x1e0c10e, 0x180a017, 0x1ac8f5a, 0x0d14e31,
-      0x197fbef, 0x0092950, 0x051ad69, 0x01add40, 0x048110e, 0x0acd7e7,
-      0x08b7860, 0x03a4fe0, 0x09dae9a, 0x0b6e1fa, 0x1b6e5b4, 0x17c8010,
-      0x0e3f5ef, 0x08e7e0d, 0x07b32f0, 0x13ae0c8, 0x1f8636f, 0x113ca92,
-      0x0c12408, 0x184ec78, 0x169796a, 0x031859b, 0x00f0764, 0x0f39869,
-      0x0e3d3f1, 0x0b28f87, 0x0e3f514, 0x0733b41, 0x06ae597 },
-    { 0x1f4d2ee, 0x09de3df, 0x0f615ec, 0x126162e, 0x0075422, 0x0a49b61,
-      0x12f541e, 0x17d6c4a, 0x05efd55, 0x0af9195, 0x10ce247, 0x150a9c1,
-      0x04c06f4, 0x0730fca, 0x0b16d66, 0x10f6f9e, 0x01ffd5f, 0x062b243,
-      0x08abe93, 0x0c3f62b, 0x0774ee2, 0x1316cbd, 0x0c3fdc8, 0x19e00f5,
-      0x1ae22d6, 0x10a0d44, 0x134d1bc, 0x11100a6, 0x16497e2, 0x1dffcbd,
-      0x1f23f9c, 0x1f455ff, 0x08595b2, 0x0d39345, 0x1cfbc54, 0x173df39,
-      0x0744b82, 0x0772f8f, 0x1f9caa1, 0x11b78c7, 0x0664904 },
-    { 0x08b760d, 0x1ddbc0f, 0x0a8246d, 0x104b55b, 0x147b0bd, 0x1a9137e,
-      0x0f67fea, 0x11d0292, 0x0bffc14, 0x136e913, 0x0f8f6d2, 0x1f15453,
-      0x0b5a032, 0x1a58558, 0x036f1c0, 0x090d063, 0x1b57d65, 0x16e665f,
-      0x1160791, 0x0d566f3, 0x0ce2850, 0x1714187, 0x0244da9, 0x0d9018e,
-      0x19356cf, 0x143245b, 0x1fbdac7, 0x142ec6e, 0x10f1c9f, 0x0e60c1f,
-      0x174b270, 0x02d57db, 0x0f0526d, 0x186f24b, 0x038aa4e, 0x147c1d3,
-      0x0f13873, 0x16bd6d0, 0x127b1bc, 0x0b9e7f4, 0x04eb93b },
-    { 0x11fae32, 0x0fbf2f0, 0x1d46f62, 0x0b88047, 0x113d74f, 0x0e1fb7e,
-      0x0537d24, 0x16e3600, 0x1555279, 0x0c24d2b, 0x0801a07, 0x112e0b7,
-      0x0abb9e8, 0x009e516, 0x0889067, 0x0cedf04, 0x085fd33, 0x157dddb,
-      0x161e28a, 0x187ea4e, 0x1173931, 0x17f79ea, 0x04abbbf, 0x114d0f0,
-      0x05cc8bd, 0x00b0c4d, 0x0f667c3, 0x059ffb6, 0x1d48b68, 0x0a0350c,
-      0x182fd59, 0x1d38d89, 0x005e223, 0x020b92b, 0x077a1a0, 0x10a7cf0,
-      0x07001cc, 0x1ae485e, 0x0fda337, 0x126f808, 0x02b582d },
-    { 0x1abc2ae, 0x12e4140, 0x1b2a845, 0x0bc56d3, 0x073380f, 0x1ffb37d,
-      0x0cf481f, 0x00d812f, 0x0547765, 0x0b01c13, 0x1e88717, 0x13e76af,
-      0x15dcbac, 0x04c6dee, 0x1d436d3, 0x1e654f0, 0x103d9ef, 0x042f108,
-      0x1c47107, 0x1a2e585, 0x0c09cee, 0x124f1a4, 0x0a38e49, 0x03dbbf7,
-      0x1936b83, 0x051b8e5, 0x1bd4219, 0x02b87a0, 0x1acfcd9, 0x19e6f49,
-      0x0abfa38, 0x167e5ef, 0x1ee10d7, 0x0774d25, 0x0d23adf, 0x1b83b1d,
-      0x1a574af, 0x124e71f, 0x0d3013e, 0x0130c5b, 0x0786151 },
-    { 0x0e72c21, 0x1fa403d, 0x1694ff8, 0x09fa1e1, 0x031aa14, 0x01d22a3,
-      0x187a3e3, 0x1578edd, 0x051b4f1, 0x1cd704a, 0x16ec90d, 0x072faf9,
-      0x0d2a3a4, 0x015eafe, 0x0533ffa, 0x1deb4f4, 0x112f427, 0x1ddf276,
-      0x0134f33, 0x1487dc5, 0x0e1e9b0, 0x09c7763, 0x15ede2e, 0x171d0f6,
-      0x004e467, 0x0100c6a, 0x14d0dd3, 0x1915b80, 0x08deb50, 0x1b02aa1,
-      0x13d90dc, 0x1875f45, 0x0d80ec0, 0x0ab7cda, 0x04f0eaa, 0x10daa3f,
-      0x04161c6, 0x0d1455c, 0x100967e, 0x16ed793, 0x0540b6b },
-    { 0x01d315d, 0x0b9a619, 0x1740138, 0x05b0dc0, 0x0ef5661, 0x1466c0a,
-      0x18516ee, 0x135d5f5, 0x1acdc78, 0x1d83d24, 0x1d5c3c7, 0x135ab0e,
-      0x1e6a21e, 0x1cde29e, 0x12a0dfa, 0x131d65c, 0x0931d62, 0x0a1b6d9,
-      0x08d8bd1, 0x1f78f1d, 0x058543a, 0x0bd55fb, 0x0aa5cf6, 0x1249ac0,
-      0x1dabe0c, 0x074ee73, 0x01f2b7c, 0x0d3b31e, 0x020538f, 0x02d0ba8,
-      0x0a782d4, 0x088c39a, 0x1b7d1a3, 0x0740c1e, 0x1dd9788, 0x0dc3850,
-      0x12dd50f, 0x112c33a, 0x0e230b2, 0x02925c0, 0x0897cab },
-    { 0x18bab8a, 0x09c0986, 0x002967b, 0x1948704, 0x011d364, 0x0c0a0ae,
-      0x0fcb101, 0x0e80d0f, 0x07ac896, 0x156869d, 0x1046821, 0x020b72e,
-      0x1c44928, 0x19c19b8, 0x0612c47, 0x1063ce9, 0x1840d1a, 0x0386976,
-      0x1244bf8, 0x06c516d, 0x08d2d88, 0x1d8a7d4, 0x113e3df, 0x015927c,
-      0x12a4dcf, 0x1d32b27, 0x0a9b093, 0x05ec535, 0x0cd9498, 0x15d1dfb,
-      0x0b6ae41, 0x0414a30, 0x0822e67, 0x1c9d296, 0x16b0c3a, 0x145fe8f,
-      0x1ff673a, 0x1162527, 0x03b1771, 0x0c68ed6, 0x064b007 },
-    { 0x1c9a404, 0x1a99f59, 0x054878f, 0x076fdf3, 0x11db7f7, 0x129b49d,
-      0x0f8a5b0, 0x1a98fe2, 0x00738ee, 0x073fa62, 0x1b2b41f, 0x16679c4,
-      0x11ccfd3, 0x00f62e7, 0x1e124d4, 0x09c03b0, 0x09ddc08, 0x19fc7e0,
-      0x0e6d6b3, 0x1956658, 0x151c217, 0x1dcf7aa, 0x10b6bc2, 0x042f52a,
-      0x16f56e1, 0x0157de3, 0x0b08dc0, 0x002f162, 0x10a2938, 0x01cfd83,
-      0x1902d4b, 0x0aed952, 0x1925153, 0x1471b71, 0x1090675, 0x084aab2,
-      0x09e50e8, 0x0fdc160, 0x1b630a4, 0x14ccc31, 0x07dd22e },
-    { 0x1cbb3bf, 0x14225a4, 0x0c95fff, 0x08aac5f, 0x1e0cc70, 0x0d422d6,
-      0x194de7d, 0x1f83cdd, 0x0e51277, 0x0b6bf93, 0x0d5c625, 0x097260c,
-      0x142c75d, 0x0b4abf9, 0x085224a, 0x0e85673, 0x13282e5, 0x1467a75,
-      0x0c91edc, 0x1a7bbb0, 0x02376b0, 0x19900d2, 0x19ea7d8, 0x029490a,
-      0x003c114, 0x08b20b2, 0x1edbdaa, 0x015fa88, 0x06f7906, 0x04986d6,
-      0x00a57e5, 0x17a773b, 0x05ff94b, 0x16f87b4, 0x03f1472, 0x12b91f3,
-      0x113b748, 0x0ce4455, 0x1f32255, 0x0ccbe31, 0x031377c },
-    { 0x1cfb35f, 0x0ef04be, 0x1be0d71, 0x1e03986, 0x0dccca9, 0x1b65b19,
-      0x1a175d5, 0x0eafd27, 0x0f7b4b3, 0x016ea45, 0x0866d43, 0x1a9f613,
-      0x079d95c, 0x18dff30, 0x0bb4565, 0x1b5a4ea, 0x0cf2596, 0x1a1cc40,
-      0x07a429b, 0x1df6a6d, 0x060ae52, 0x1181e9f, 0x11025d9, 0x0a0e1c0,
-      0x164faa9, 0x0e97e79, 0x1815893, 0x11f3276, 0x15e467d, 0x0c12006,
-      0x092cd6a, 0x0191e8a, 0x089d024, 0x100bcf1, 0x08f1922, 0x1bde8a8,
-      0x187edab, 0x0feb4aa, 0x149c4e9, 0x019423c, 0x03dacc5 },
-    { 0x099ae4c, 0x127ca32, 0x149f2cf, 0x02e0a78, 0x046dcbe, 0x1c17455,
-      0x173a6f9, 0x08b00fe, 0x0d8481e, 0x1632694, 0x01bf42d, 0x0a31545,
-      0x09f35e4, 0x0f8e6da, 0x0dee6eb, 0x07d5fef, 0x010aec2, 0x1f9fdb1,
-      0x06ff4be, 0x17470b7, 0x13a00a9, 0x09c403f, 0x1946835, 0x0f65085,
-      0x04404b1, 0x1853d59, 0x1fe7767, 0x1faaed0, 0x09df646, 0x1eda79f,
-      0x137347b, 0x0c1be32, 0x1d2df7a, 0x0ef82ae, 0x0b0f81a, 0x037da7e,
-      0x03248a3, 0x0dbab09, 0x113dd1a, 0x1c2d28e, 0x0866949 },
-    { 0x14ab07a, 0x106d29f, 0x1efcea6, 0x07ea94d, 0x0cd6f33, 0x1e79481,
-      0x1a486c8, 0x0b01925, 0x0848e3d, 0x0ac0e1f, 0x0862af2, 0x1f7ba76,
-      0x1793af1, 0x03365a6, 0x1663a84, 0x0074070, 0x14e990c, 0x0a8009c,
-      0x1421ded, 0x0c963cf, 0x10913b6, 0x1deba63, 0x15e76c6, 0x05abba1,
-      0x144354e, 0x1c14296, 0x0ccca76, 0x1a57083, 0x16d4800, 0x07583dc,
-      0x11bea11, 0x1852bb8, 0x1a50569, 0x1f6271b, 0x0dce53d, 0x0f85a70,
-      0x1b08317, 0x1c427fa, 0x0966370, 0x171163f, 0x0574352 },
-    { 0x15d7ce9, 0x0c9fb86, 0x1abfb48, 0x0c1690f, 0x1c19fd2, 0x132fe81,
-      0x0ad65ef, 0x0acf889, 0x078270d, 0x0ced430, 0x1c06637, 0x1801754,
-      0x1f8a84e, 0x142cc2e, 0x109f924, 0x051b05d, 0x0f0de20, 0x0ccb665,
-      0x0708807, 0x0c918ec, 0x19eb4e7, 0x1e048e0, 0x0a58cd6, 0x1acf057,
-      0x03a69f0, 0x049929d, 0x034a519, 0x1e40868, 0x1f68733, 0x10d084c,
-      0x0691114, 0x0d32c02, 0x1cbcc09, 0x1d4a72f, 0x1763e14, 0x027109a,
-      0x13b6a3a, 0x0c63126, 0x0f13c90, 0x1e40d5c, 0x03e431a },
-    { 0x1d381f1, 0x1ec9cc1, 0x0f0fe59, 0x1da1806, 0x16501aa, 0x0083b41,
-      0x1d34151, 0x1a77e75, 0x05093a6, 0x0368acc, 0x1ca402a, 0x0e83b25,
-      0x1543ae0, 0x1b785ba, 0x0cabe98, 0x0dadffd, 0x0a3aa45, 0x1684853,
-      0x1bf6d91, 0x149fb55, 0x0f7d336, 0x020d4a1, 0x1f46ff9, 0x03dc83d,
-      0x0a3ed85, 0x0e2bfe1, 0x1847a4d, 0x1e392d0, 0x1bb3434, 0x1b3329d,
-      0x0ab355d, 0x15b12d8, 0x06931ba, 0x1fd20f9, 0x0f461ae, 0x03141f7,
-      0x0203cef, 0x1ebec15, 0x134d470, 0x02bc4cc, 0x06dad3f },
-    { 0x0ec35a1, 0x005be89, 0x04a3465, 0x0dcfbf6, 0x0219c5b, 0x1990eab,
-      0x1e31bc4, 0x16c5984, 0x033c58e, 0x13b4825, 0x00f10d7, 0x1eabb32,
-      0x1915090, 0x01ecb50, 0x06f249b, 0x1974e0c, 0x1038c0a, 0x1cba54f,
-      0x0662c86, 0x028042e, 0x0c6f7a4, 0x0efc4ac, 0x0c1a566, 0x17a0253,
-      0x12f1dbe, 0x0e1a8bf, 0x0f7cea3, 0x02134c2, 0x0375c51, 0x0224339,
-      0x14c2396, 0x12707a5, 0x0590ba4, 0x1c1be2b, 0x1f182ff, 0x1ff87dc,
-      0x07d2d55, 0x1d29c81, 0x1e8ff21, 0x1a8bea2, 0x02438e9 },
-    { 0x015af3c, 0x0298444, 0x1b57129, 0x05e7937, 0x055f1a3, 0x1b2eeff,
-      0x137265e, 0x16b5de3, 0x012e51e, 0x0e30eca, 0x1c92418, 0x18a9cc7,
-      0x11bd0da, 0x0859f11, 0x0510a73, 0x0c020de, 0x1c2f1da, 0x0fb9be1,
-      0x0ef13ec, 0x01c096d, 0x01cb715, 0x048df14, 0x0816d32, 0x0e03eb6,
-      0x0633cd7, 0x04878da, 0x18a944d, 0x1667de8, 0x11f7f28, 0x1e39b47,
-      0x19f76d1, 0x17a82d6, 0x0ada511, 0x0add9fa, 0x1f37fde, 0x0f3a552,
-      0x16200e6, 0x145bd94, 0x0380402, 0x0235fc6, 0x013f390 },
-    { 0x1d0c827, 0x14b77bd, 0x1d18f74, 0x069453f, 0x106110f, 0x0d28ad2,
-      0x0c1a072, 0x0eff0f2, 0x1268bca, 0x146c022, 0x01177f7, 0x0049330,
-      0x04cbb83, 0x146072c, 0x0435c41, 0x0c0c47f, 0x0a8263b, 0x19541c6,
-      0x0d71742, 0x176bcea, 0x1110293, 0x0aab20a, 0x13baa67, 0x17b400b,
-      0x11ad01b, 0x00c7f18, 0x1e93634, 0x092fc17, 0x12b8662, 0x1bd00e7,
-      0x02ccf75, 0x1b18975, 0x0075b73, 0x1bde4de, 0x1b51c8a, 0x165308c,
-      0x0bda1b0, 0x13e7126, 0x00ed85e, 0x0d6d00e, 0x0458d4b },
-    { 0x154d8b2, 0x1510726, 0x0836289, 0x1c9a641, 0x05a5696, 0x0a7b800,
-      0x16163e6, 0x150d316, 0x02f6549, 0x1256e1e, 0x134035e, 0x10326d2,
-      0x1d1812e, 0x1982015, 0x0e6c001, 0x0c8208d, 0x049a1b3, 0x070850a,
-      0x048c088, 0x12bd4b3, 0x00c3eae, 0x0d8da41, 0x0fbf0ba, 0x193d714,
-      0x15cb585, 0x0327f2d, 0x065e11c, 0x035c063, 0x07d49f2, 0x05b8479,
-      0x1ada3bc, 0x05ee4aa, 0x059ef18, 0x0d80d19, 0x115d893, 0x18015c0,
-      0x1668f95, 0x071d832, 0x0fe458a, 0x1f56df7, 0x05f13f5 },
-    { 0x09b0dc6, 0x16cd71d, 0x1b21f1b, 0x12df107, 0x0ea1bde, 0x059b3bd,
-      0x0fe23aa, 0x157d4cd, 0x09a66e3, 0x17d355e, 0x05fff77, 0x02f6d04,
-      0x1cc4d33, 0x1486f82, 0x10723c8, 0x0ce9dee, 0x1177d11, 0x10f87ef,
-      0x0d66272, 0x01d9cf8, 0x082dfdf, 0x0fb5ce2, 0x03bb64b, 0x17e394e,
-      0x13e6655, 0x0ce39b8, 0x00973b2, 0x0159652, 0x03e69c9, 0x11d1740,
-      0x068df27, 0x02ee274, 0x00a3c53, 0x10ba6be, 0x1595bd6, 0x0c6a1b8,
-      0x05f802f, 0x112d220, 0x0928845, 0x0bb46f7, 0x0219649 },
-    { 0x1142680, 0x197e989, 0x13d0032, 0x0ecba29, 0x0b9e91d, 0x11334f5,
-      0x13aaf7f, 0x18b8d41, 0x00ae22b, 0x177e72c, 0x1b0942f, 0x130d96d,
-      0x1f3c2b7, 0x0b9c78f, 0x0b6c68b, 0x191d909, 0x028516e, 0x0cb84de,
-      0x1a3df6d, 0x1262531, 0x17f9f36, 0x15cad8c, 0x1123bf1, 0x1554809,
-      0x109529a, 0x0584ff8, 0x1451055, 0x1879197, 0x1f34352, 0x1de1a13,
-      0x104cfbd, 0x1a4312f, 0x0a17940, 0x0a45002, 0x11f5b39, 0x04b5418,
-      0x1d56fa6, 0x18e7539, 0x17c20a5, 0x160088e, 0x093ad0e },
-    { 0x08a9963, 0x1b4b3cc, 0x0375e82, 0x0eca2bd, 0x01e477f, 0x15a8793,
-      0x18e18ed, 0x1bcc4e9, 0x1d33922, 0x1d4dc6a, 0x096cf58, 0x07f6d0f,
-      0x033c38d, 0x0981719, 0x1dbc270, 0x1999e31, 0x1c3e02f, 0x192a602,
-      0x1b998bd, 0x1da16e4, 0x0079c04, 0x1c0a1ff, 0x075591a, 0x002d918,
-      0x09448c9, 0x1cbf7c5, 0x0fe08f5, 0x0ace989, 0x0de451e, 0x1b97de6,
-      0x178161b, 0x0882fd5, 0x1fc88d5, 0x12c46e2, 0x08255db, 0x12572a4,
-      0x1844d1f, 0x046ea12, 0x100d110, 0x1e1d483, 0x073f8c3 },
-    { 0x1f763dd, 0x1a7e42e, 0x00da254, 0x06758e3, 0x1b1427f, 0x078ad01,
-      0x0f85dba, 0x11c1b6b, 0x0cb2088, 0x09c84a2, 0x12ba987, 0x135b0af,
-      0x137804c, 0x08cfbdf, 0x16110a1, 0x1519f54, 0x0f1293a, 0x0b13776,
-      0x08da805, 0x1c1b31d, 0x0dcd749, 0x171990f, 0x1bffdb6, 0x16f2399,
-      0x1eea628, 0x1b0cb1e, 0x08b45b8, 0x029c0aa, 0x1ae206a, 0x0c7e58a,
-      0x1928b81, 0x1f9464b, 0x1268745, 0x00d4507, 0x101c84d, 0x10f9f3a,
-      0x1caa51b, 0x1692ecb, 0x175d77f, 0x0735b7d, 0x00108ae },
-    { 0x1e88f63, 0x0bc79d4, 0x0c95534, 0x1d5618e, 0x0a05b11, 0x10ec535,
-      0x14f9b89, 0x190ee74, 0x08d0b91, 0x06dbed7, 0x0c01349, 0x00e7d37,
-      0x0bde10b, 0x0a71848, 0x02fbf9d, 0x13913f9, 0x1990cc6, 0x10b5782,
-      0x1565446, 0x1070073, 0x1afcddc, 0x0ca362e, 0x10fd96e, 0x1c14b33,
-      0x04be81e, 0x18bfddf, 0x1becea6, 0x11123c6, 0x1dad008, 0x16baa22,
-      0x07c326a, 0x1aa12fc, 0x1fc46ab, 0x0d270ef, 0x026eb21, 0x0710901,
-      0x00c4523, 0x05da17d, 0x1077cd2, 0x1b1d627, 0x0807c06 },
-    { 0x0ee0ef6, 0x0b4f64c, 0x1ebc02a, 0x07176f6, 0x1a9d548, 0x17c7edd,
-      0x1324a80, 0x0f84890, 0x08b7055, 0x1ed900d, 0x146bc9e, 0x07c8c15,
-      0x1be5934, 0x0cc64af, 0x0a6a50a, 0x03a76a7, 0x1deda86, 0x14ba6d9,
-      0x14e6703, 0x0a4b93d, 0x09bdce1, 0x00fb908, 0x026d5a2, 0x1042349,
-      0x17d1599, 0x1ad047f, 0x0bbc3c9, 0x1beed67, 0x0f358b5, 0x007bfd1,
-      0x0d24fc6, 0x187360c, 0x0c4ffcf, 0x01da9d5, 0x18985d6, 0x184d258,
-      0x155399f, 0x1efd1b5, 0x1e986cb, 0x0d932c0, 0x016424c },
-    { 0x12744a9, 0x12e2aee, 0x1061775, 0x05fc75e, 0x0544c1c, 0x1458449,
-      0x0ba67bf, 0x0346590, 0x1a9df69, 0x05bd592, 0x0659d0c, 0x0aa137d,
-      0x0298384, 0x0579689, 0x1b34963, 0x0e4e579, 0x098bcc7, 0x0445720,
-      0x0e3be83, 0x12c2829, 0x112cd43, 0x1cf6b26, 0x113fd9e, 0x0fe6808,
-      0x055e42e, 0x0f5d4f3, 0x1516c3a, 0x1a2df88, 0x1ded283, 0x1f0a781,
-      0x1711d28, 0x1599970, 0x1c9adff, 0x1d28dd1, 0x0f05c94, 0x027bfcd,
-      0x1b5831b, 0x0d7a5cf, 0x11e2b77, 0x00549e8, 0x05544e6 },
-    { 0x0a80b4f, 0x02989dd, 0x03be25f, 0x1ec77b9, 0x0122716, 0x0162d40,
-      0x10b6ded, 0x1195c4e, 0x1088330, 0x0ecf0f4, 0x106ac7a, 0x187e5a6,
-      0x10352c8, 0x16ca2c3, 0x0f41403, 0x1b3b02c, 0x173c290, 0x0c1a4ee,
-      0x1db1f4a, 0x078bc03, 0x033c205, 0x0365a10, 0x00c41d1, 0x1a135e3,
-      0x08bd209, 0x140bb64, 0x1ac9e51, 0x01ee1cd, 0x11b540d, 0x0cef0cd,
-      0x10dc82d, 0x0453296, 0x0b7ecdc, 0x029e7c0, 0x1738b7b, 0x0583499,
-      0x1ed60f4, 0x1e9f6e8, 0x1498775, 0x0b9c483, 0x0573599 },
-    { 0x0237056, 0x1d1fdd0, 0x0e23712, 0x0867566, 0x0856c16, 0x0f63093,
-      0x1aef49c, 0x1d9803d, 0x1e3031b, 0x1ef5819, 0x0287d6a, 0x0832c23,
-      0x134eee4, 0x0db0079, 0x125d085, 0x10ee7d8, 0x1cf0886, 0x08db8c2,
-      0x106df7f, 0x188d9af, 0x1e897b0, 0x0d25262, 0x1450ecb, 0x03ff29b,
-      0x05984bb, 0x032edcd, 0x13273cd, 0x187209c, 0x0e64c9a, 0x0de0756,
-      0x06be1ca, 0x0ed15b3, 0x0c22821, 0x0a0612e, 0x02062a5, 0x0f77a76,
-      0x049a691, 0x1476af8, 0x17bc391, 0x1be7d88, 0x0885486 },
-    { 0x1dff464, 0x01649a5, 0x1145aa5, 0x1e4b4f6, 0x1db2719, 0x0df1921,
-      0x01c2cc9, 0x0739960, 0x119fe33, 0x02ad18d, 0x1ba3fc8, 0x15d0483,
-      0x0faca69, 0x0af7c6f, 0x01f7421, 0x0e78cec, 0x00f1a1b, 0x04f124b,
-      0x074da04, 0x01d144e, 0x06b9bcb, 0x113442f, 0x0a7846a, 0x0bd5c32,
-      0x1d0ab18, 0x08e4c5a, 0x103e07e, 0x14172dc, 0x0fc5031, 0x05e7cca,
-      0x181343a, 0x1e233ad, 0x1d81697, 0x0670619, 0x0a1eaa9, 0x0e52106,
-      0x091ff9d, 0x0ea69f6, 0x058b717, 0x1d1a957, 0x031cecf },
-    { 0x08b21e8, 0x1fecd7e, 0x1b7d0de, 0x0763286, 0x05dd32b, 0x0e1b507,
-      0x00b5248, 0x121fcb2, 0x1a3d0fa, 0x14ef426, 0x148ef63, 0x0d5ab76,
-      0x159663e, 0x1766b4b, 0x00288fe, 0x16b3930, 0x0d9b4fb, 0x08804e0,
-      0x07483fc, 0x154f7b9, 0x1a3d839, 0x16f66b7, 0x1d40bd9, 0x0a2d953,
-      0x0d4fbc5, 0x1622407, 0x19b1d0a, 0x0bff4be, 0x1252f86, 0x1ca2ff9,
-      0x0f4adf1, 0x0ebb396, 0x0fefc05, 0x178e939, 0x18ef5b5, 0x0623610,
-      0x1a6a4ec, 0x079e784, 0x11ecd76, 0x0d5b44a, 0x06961b4 },
-    { 0x135e2ac, 0x1ac3f65, 0x136741e, 0x16af5e2, 0x1ed5546, 0x1450260,
-      0x1e96f6c, 0x1e1d942, 0x0709d54, 0x0fc8ea2, 0x1d003a8, 0x13fb38d,
-      0x10a6e71, 0x1dc670c, 0x12e23b7, 0x07fa49c, 0x0dd246e, 0x0fcbc0f,
-      0x1956bd7, 0x0241cd6, 0x1ca7d67, 0x0ec9a09, 0x169e0b4, 0x00ff443,
-      0x020a297, 0x091b4bf, 0x0953a10, 0x1d6a3e6, 0x051f9f1, 0x06cf1b0,
-      0x1a4b895, 0x0e79cb7, 0x1aec42b, 0x1bca7ee, 0x0cbb34f, 0x1313534,
-      0x0781aad, 0x1271178, 0x1484865, 0x018a6ea, 0x06a63a9 },
-    { 0x17acbbb, 0x0a7001e, 0x0421d95, 0x156e9ec, 0x0c01668, 0x0628cd9,
-      0x059c8e2, 0x09fc945, 0x03eb94d, 0x0b33b8a, 0x1b4bd80, 0x19be19a,
-      0x1f086a3, 0x1d9b87b, 0x1960085, 0x07cf9f0, 0x0c15a4d, 0x0b2c440,
-      0x0e8fd28, 0x1ab02cb, 0x11ddd6e, 0x09ae523, 0x0af31e0, 0x0894aed,
-      0x1f074e8, 0x175404d, 0x0dba940, 0x0a75036, 0x021ed3a, 0x0983870,
-      0x197082e, 0x10c2fe2, 0x027f892, 0x0e685c6, 0x111a08d, 0x034a8ec,
-      0x0255296, 0x044ffec, 0x1643bff, 0x045a2a3, 0x051ed4a },
-    { 0x09701b4, 0x14b1d22, 0x0bc8df5, 0x07764f9, 0x0a8d91a, 0x194b2ff,
-      0x0f856d5, 0x0fa7df3, 0x1db50bf, 0x0d3d02a, 0x10ee6dd, 0x101d9cc,
-      0x1efd674, 0x1675aea, 0x09834b5, 0x1912fe5, 0x00c5ed7, 0x1b47e19,
-      0x0339a17, 0x0a79ec5, 0x015e41c, 0x0fb8833, 0x038a5c4, 0x0a01d98,
-      0x1213823, 0x1243d43, 0x01b0a7f, 0x1e1524c, 0x0f9712a, 0x1f9570f,
-      0x0fe4f7c, 0x1a5a2d3, 0x15f6fb1, 0x0bc9e06, 0x1899d2a, 0x0dd6f5f,
-      0x09f4925, 0x19eca57, 0x1739505, 0x1785716, 0x02d6951 },
-    { 0x04e222e, 0x03ecfc8, 0x0427740, 0x1f0de9c, 0x133f248, 0x014f771,
-      0x13a2e3d, 0x031a932, 0x1cfc775, 0x0ab9a0a, 0x1d0bc4a, 0x1474161,
-      0x196e7fe, 0x013a1a8, 0x0572df7, 0x0e3418f, 0x166711e, 0x0c10547,
-      0x0e1d3d5, 0x12bb385, 0x162783d, 0x1c73870, 0x152d935, 0x1254e85,
-      0x153f58b, 0x136c921, 0x0511ed7, 0x0440916, 0x1931a03, 0x19865e7,
-      0x1a02eb5, 0x14f5e44, 0x1c4d089, 0x1c9fcba, 0x1306e0e, 0x1c8c920,
-      0x165b3ae, 0x075d010, 0x117c289, 0x0f1c119, 0x065c48e },
-    { 0x0222c22, 0x039e76f, 0x0ed0687, 0x1bf9d44, 0x1683d8c, 0x0a1d832,
-      0x12c52c8, 0x0ee0603, 0x159fcec, 0x0256fc7, 0x0133bca, 0x1038624,
-      0x07fb1c5, 0x0a39a88, 0x134fbba, 0x11181ea, 0x10b4d31, 0x16dfb3f,
-      0x03c6344, 0x07e5a22, 0x001376a, 0x1403e9f, 0x0e027e8, 0x1cfd9c0,
-      0x10a4625, 0x0977837, 0x16ca257, 0x1050cfd, 0x10553ad, 0x1a44845,
-      0x117841b, 0x1de48a8, 0x0280fa6, 0x0d1e5f1, 0x1e16a36, 0x1a805aa,
-      0x1438ba2, 0x1eecffe, 0x089bfd8, 0x058f4d6, 0x036b5cd },
-    { 0x05679a7, 0x1a7102a, 0x1d421ff, 0x028a418, 0x04d80b4, 0x02ce6c3,
-      0x15fea6d, 0x1472146, 0x1c85af1, 0x0cf579c, 0x0d697a8, 0x1af31b2,
-      0x0a0d475, 0x1c0d33c, 0x140660d, 0x1d020e8, 0x1790cc2, 0x03a41cb,
-      0x1d04891, 0x043a225, 0x1a37c6a, 0x1c9b528, 0x0343a17, 0x14e9bf1,
-      0x0151eea, 0x0e27fa8, 0x1e4f3e6, 0x09c3054, 0x0a9ab61, 0x1ef89bb,
-      0x1fd1564, 0x0a44713, 0x0f73caf, 0x02f450c, 0x0583dd1, 0x11a4f99,
-      0x19a51dc, 0x097a629, 0x0ff601a, 0x089b673, 0x008d7c1 },
-    { 0x0cca773, 0x006cb1f, 0x055a027, 0x05a9184, 0x07ea919, 0x15eb20c,
-      0x135d36d, 0x1bfe1d9, 0x02a678c, 0x19891ba, 0x01edf9d, 0x1b17a2b,
-      0x067a966, 0x1098526, 0x1068405, 0x02f7be7, 0x0385fce, 0x03e6374,
-      0x0379ea9, 0x12b7715, 0x08e395e, 0x1ac4c18, 0x0ff87a2, 0x08ed294,
-      0x1243ee3, 0x15f80cb, 0x0aec334, 0x07fd388, 0x1b2b49f, 0x093207c,
-      0x07ed641, 0x18e6cfa, 0x0385e8b, 0x10a3da6, 0x02bad7b, 0x123a60a,
-      0x04004ad, 0x161c3c8, 0x0080a38, 0x1dd756e, 0x05f2aa8 },
-    { 0x066524b, 0x06a3209, 0x1d9b882, 0x01a1433, 0x17bf388, 0x08375fd,
-      0x1a17b68, 0x08d4b54, 0x1e642dd, 0x134f469, 0x0b93582, 0x18c38d0,
-      0x0cef349, 0x07e5a9a, 0x1dbb8ec, 0x0cf704d, 0x12705eb, 0x13ed5d0,
-      0x02f817d, 0x1764fc3, 0x05d12ba, 0x1d4716c, 0x0566bf2, 0x1b3a70d,
-      0x12d1ae2, 0x03776e7, 0x187a9bc, 0x13b8a5c, 0x0e5ae85, 0x1c5a433,
-      0x11f0a09, 0x00579a7, 0x1ff0340, 0x1f417ec, 0x11d9e12, 0x09d1095,
-      0x03c9f22, 0x0b24c04, 0x1e5268c, 0x13168df, 0x062501a },
-    { 0x1264086, 0x1becd56, 0x12f558f, 0x174bc1c, 0x0a6a33d, 0x069eb3e,
-      0x0c00a32, 0x033d04a, 0x046e64b, 0x1446d64, 0x0914da8, 0x032e415,
-      0x0cfa3c9, 0x16aa9f5, 0x0c326c3, 0x157a702, 0x0e02ea8, 0x1b11403,
-      0x1b33f9d, 0x17ea9b9, 0x1b7052f, 0x18a7868, 0x0f66a38, 0x1362e83,
-      0x12133d5, 0x14528ce, 0x1269bfa, 0x1ae8203, 0x04eb10f, 0x1bd05ae,
-      0x17b46b3, 0x123f3b4, 0x0499b73, 0x152c33c, 0x1127037, 0x1557549,
-      0x01f3531, 0x0e2fb9d, 0x1199732, 0x1fdfa7f, 0x0497b15 },
-    { 0x05568e9, 0x165d57a, 0x09be295, 0x1d8e325, 0x1491a0f, 0x1929cd7,
-      0x0f74e6a, 0x153b760, 0x04ac37d, 0x032917c, 0x03d6d32, 0x1744054,
-      0x1f8c8cd, 0x114e29c, 0x027f1d6, 0x1e05d02, 0x131ca90, 0x1ce6836,
-      0x1885b6f, 0x03e0887, 0x1d918f3, 0x165d1f5, 0x066a9a2, 0x1800fe9,
-      0x0d0d242, 0x1e71540, 0x1e1aa6d, 0x1b1bff7, 0x108edcd, 0x1f426b1,
-      0x1290174, 0x00d0025, 0x0fa33fe, 0x10838ed, 0x144fb7a, 0x0d85dd7,
-      0x0ff637e, 0x173f2e1, 0x132dede, 0x0d93ca2, 0x018d46a },
-    { 0x18b7802, 0x05d9153, 0x0bd21a3, 0x0492f97, 0x0745ddb, 0x17456e8,
-      0x0bcf90a, 0x1c989d6, 0x0b4ceb4, 0x0055e6d, 0x17f502b, 0x064b464,
-      0x052e0d8, 0x09d639a, 0x1f815c4, 0x0e372d9, 0x188b141, 0x1ba03d3,
-      0x169e94a, 0x160c06d, 0x16ac70e, 0x1cec28b, 0x0ac2cdb, 0x052a9e7,
-      0x09d297c, 0x0d68a08, 0x03735c1, 0x0e1bd39, 0x15e7513, 0x1ae6bdd,
-      0x030fc36, 0x140dce1, 0x1f93d41, 0x18286a2, 0x1e29fa4, 0x1221aa9,
-      0x1a38fef, 0x137c722, 0x0b901a7, 0x003a7ec, 0x0550446 },
-    { 0x0cb9cc9, 0x0e48803, 0x0053471, 0x0e83a00, 0x142074d, 0x11b7dc2,
-      0x198f844, 0x104f9b0, 0x029ad5f, 0x0b90fff, 0x07f20ce, 0x17f452a,
-      0x0f1d21f, 0x00068a2, 0x1781b9d, 0x05cd639, 0x16b9179, 0x148212c,
-      0x06b5459, 0x0b91ca5, 0x1e98336, 0x02cd777, 0x188883a, 0x1855dc7,
-      0x1318970, 0x05e5e5a, 0x0e7fc40, 0x0ef947b, 0x12973f4, 0x00bb7a9,
-      0x06c9c1d, 0x13457a0, 0x12118ac, 0x1cfc9d0, 0x0824f75, 0x17e684a,
-      0x06f5d7d, 0x1d47fbe, 0x1b13d58, 0x1f9af61, 0x00da313 },
-    { 0x1aa2557, 0x12d460a, 0x1a70dc4, 0x1801127, 0x0a21d70, 0x1c5411e,
-      0x0e6519e, 0x05490e2, 0x07cb004, 0x09f4d3a, 0x0b38603, 0x09ff93c,
-      0x022d2bf, 0x024d756, 0x14c6834, 0x00cc1aa, 0x016f03d, 0x02694d3,
-      0x1c6dfc0, 0x1aa1ac3, 0x050c473, 0x1de51ef, 0x0ebc3b2, 0x1851e4e,
-      0x19bea09, 0x132714a, 0x03e1c11, 0x1af85d4, 0x1083ef6, 0x1270b98,
-      0x152b7eb, 0x128384a, 0x0940c26, 0x11681a8, 0x1042845, 0x1c882ce,
-      0x1e82290, 0x01186c0, 0x12b3188, 0x1d1b682, 0x063630b },
-    { 0x07d2e41, 0x0a91145, 0x01e6fe3, 0x07d6c5f, 0x09e7582, 0x0016c4a,
-      0x0cf75b1, 0x15a369a, 0x0de2c59, 0x01f026b, 0x0770e22, 0x11e8937,
-      0x0cbf3f3, 0x1a5b862, 0x065f462, 0x1408b3b, 0x00c13ce, 0x08fb4d9,
-      0x038981b, 0x1ae04ab, 0x1b79ca3, 0x1b930e8, 0x0f53f65, 0x0286df4,
-      0x0afa85a, 0x003ab57, 0x02ed10f, 0x0d367d3, 0x18f6be3, 0x0c3672a,
-      0x027f394, 0x1f1591f, 0x10cd478, 0x0d53975, 0x1cdf579, 0x00d00e9,
-      0x08544eb, 0x0c22e03, 0x023b4a5, 0x0e3e2cd, 0x0306a98 },
-    { 0x14ec136, 0x08f4eb1, 0x163ef11, 0x141cdec, 0x1edf27c, 0x0da0900,
-      0x0054b03, 0x0cf537c, 0x0c5bfee, 0x1db7790, 0x15808e1, 0x0471345,
-      0x1935283, 0x03d7dc4, 0x1959363, 0x185bcc1, 0x1c00ac9, 0x1a57915,
-      0x0aa748a, 0x0dec630, 0x101b28e, 0x00fa993, 0x101d71c, 0x00ebf23,
-      0x018f882, 0x088fb6a, 0x146faa9, 0x13f4c51, 0x12a13df, 0x1d0bb73,
-      0x0715479, 0x0efe980, 0x106215b, 0x0eac449, 0x1cc64f2, 0x08e3574,
-      0x18e57cd, 0x01f5f02, 0x0f8dd91, 0x083d020, 0x02833ac },
-    { 0x1a5ec5c, 0x125c346, 0x0c91f95, 0x103811b, 0x0c3d9da, 0x0bd3945,
-      0x07c2e31, 0x1853af8, 0x19d343d, 0x08957f3, 0x180ce4d, 0x099ffb8,
-      0x01b438e, 0x0e7d0ca, 0x1689c03, 0x00892fa, 0x1f82732, 0x16af991,
-      0x0e4f1b9, 0x0f4b1c2, 0x04311b8, 0x08825d5, 0x1b2da2f, 0x04569af,
-      0x01c5a47, 0x1d5604e, 0x1c81ad7, 0x085f552, 0x16327ef, 0x1e6b4cb,
-      0x1678772, 0x010ef0f, 0x15ba9e4, 0x000c8b2, 0x1d5f797, 0x117ab38,
-      0x0bcf353, 0x1810768, 0x18c0d9c, 0x0a9493a, 0x0120cd4 },
-    { 0x0b0f9ee, 0x0dc7a65, 0x03bbaff, 0x00599cb, 0x1c003ef, 0x068332d,
-      0x1a1056a, 0x0e936d4, 0x09b9577, 0x01769d3, 0x06ad719, 0x0fe08e4,
-      0x133de48, 0x10d2786, 0x0bfce00, 0x1bb9bde, 0x15829db, 0x15e8b7a,
-      0x1a4f7fc, 0x00b6961, 0x0ec12ef, 0x0905e4d, 0x1787ea8, 0x0cff525,
-      0x0e2c2d4, 0x11a336d, 0x117accf, 0x0b1b5ec, 0x0103cb7, 0x0cfb478,
-      0x0c299eb, 0x137c048, 0x11f693a, 0x02a5e0a, 0x125bad0, 0x1daad30,
-      0x1019336, 0x18b3bf3, 0x1a8fa3b, 0x02cffbd, 0x0021cfd },
-    { 0x15c36f3, 0x1b8afef, 0x095171c, 0x0fac95a, 0x103bde3, 0x07bb89b,
-      0x03443cb, 0x190aa6d, 0x10f3993, 0x12f63db, 0x0b93287, 0x0eec609,
-      0x0bfdb16, 0x1e9dd8c, 0x03dc5f8, 0x07ab41b, 0x13f6634, 0x0a93383,
-      0x158022d, 0x16a5de2, 0x070ffae, 0x1c91252, 0x0e5eb57, 0x0556a35,
-      0x0e391ed, 0x01657c3, 0x1e65d0c, 0x1818fca, 0x0ae28ad, 0x140bfe8,
-      0x073223e, 0x17f1dab, 0x07c22df, 0x145db40, 0x08c7ac4, 0x06bbdb8,
-      0x020595a, 0x16e6ce5, 0x1de39c7, 0x08d8e79, 0x007265b },
-    { 0x166232f, 0x0ccf85e, 0x1c59cf7, 0x138804e, 0x059aaf8, 0x0307e26,
-      0x1b7e96e, 0x0775f04, 0x07a943f, 0x1cf5455, 0x110a348, 0x1634a47,
-      0x1a0e0e1, 0x14b9dca, 0x1a838e9, 0x0ea76ab, 0x0aa2557, 0x1f51cce,
-      0x1a55ec7, 0x1bee5e0, 0x0302f8a, 0x009de9a, 0x00e27cd, 0x148752e,
-      0x127d0f8, 0x0b7999f, 0x02b6bde, 0x1b38181, 0x012aa2c, 0x124da4e,
-      0x1a5b732, 0x0f4158d, 0x188deee, 0x004076e, 0x1d74191, 0x1b1e8ea,
-      0x0cc2f4b, 0x0eb33e8, 0x125b1ba, 0x09663a2, 0x036c575 },
-    { 0x123d84b, 0x0023779, 0x113e448, 0x04fcf13, 0x0699112, 0x0dc02ad,
-      0x0bd3a48, 0x09c961d, 0x0807997, 0x19cc225, 0x1e31e58, 0x0cd4e81,
-      0x09c9054, 0x06b6f7a, 0x06343df, 0x1c97438, 0x06b4b23, 0x0a94bed,
-      0x1060031, 0x13bfe78, 0x07771c0, 0x0d9bf7b, 0x1b1241d, 0x0a27bda,
-      0x03a4050, 0x182d4a6, 0x05ac2c5, 0x1ace85d, 0x0af5ae3, 0x024a624,
-      0x17b01e1, 0x192b045, 0x0c01532, 0x06ca7a0, 0x1797059, 0x0b45bb5,
-      0x02975eb, 0x054564d, 0x0513bf2, 0x0c2328d, 0x006fbf8 },
-    { 0x145aa97, 0x099c71f, 0x1facb59, 0x103a081, 0x183b58c, 0x0f7c5ce,
-      0x1d66c3f, 0x0f80bfd, 0x0e4d741, 0x1f5838d, 0x08688de, 0x03eb661,
-      0x03982b6, 0x1db2de8, 0x17ca8ab, 0x0d7e698, 0x09d5cbf, 0x0f2055e,
-      0x01984a9, 0x1864dbe, 0x0e28422, 0x0ecab8d, 0x124879a, 0x1a6869d,
-      0x0b10b23, 0x099be44, 0x1e7681e, 0x0da5d2a, 0x19cf4d9, 0x03509b0,
-      0x0860cf5, 0x1b2bddf, 0x1d19653, 0x147876c, 0x104680f, 0x0254fb0,
-      0x04bb5ab, 0x1214a98, 0x0a7a979, 0x1fa3e1f, 0x05e9ca0 },
-    { 0x17c5dc4, 0x0a2b88c, 0x16896f5, 0x1fcf152, 0x02da40b, 0x0d87597,
-      0x07bf3ff, 0x0f8cbf7, 0x00d1746, 0x0a96e16, 0x031a8fa, 0x18f78eb,
-      0x1ac1fc9, 0x0a01a54, 0x1e558b3, 0x096adf8, 0x1be61f6, 0x19371b7,
-      0x1a11ca2, 0x18973c3, 0x0c8a6ad, 0x09d47cd, 0x1fc597f, 0x1c7c026,
-      0x13a4503, 0x071bde4, 0x0d9591e, 0x1598aa2, 0x0ddc77e, 0x0b8b832,
-      0x0534ce4, 0x0ed26d2, 0x1b318dc, 0x012533a, 0x071cd89, 0x08d363e,
-      0x09955f3, 0x01022da, 0x1abe233, 0x1678d06, 0x0940622 },
-    { 0x1997973, 0x0665b86, 0x04551c4, 0x1ba7f1e, 0x1b29625, 0x0bd5ea9,
-      0x113556e, 0x14b19e1, 0x0673e14, 0x1190f05, 0x18891b1, 0x1f3a7a4,
-      0x110541a, 0x17e41d8, 0x1b61d51, 0x0a549bc, 0x1a8f016, 0x123f4be,
-      0x16600ad, 0x05674d5, 0x04b20f8, 0x1ad74e2, 0x1a6a901, 0x1a57eee,
-      0x15de2ce, 0x06d579f, 0x0925e90, 0x1de3d51, 0x03ba9c1, 0x03041e1,
-      0x120b83e, 0x1e32145, 0x0a998a4, 0x119b46c, 0x12333f7, 0x03c5693,
-      0x1de6bd7, 0x1a4c125, 0x1b6dae7, 0x0c8f0b7, 0x080bb16 },
-    { 0x1145cb5, 0x0baff7e, 0x020c179, 0x0358bcd, 0x155ee56, 0x09d9398,
-      0x1c33e1e, 0x0708c3c, 0x0133b23, 0x18aa9ef, 0x1ee81e7, 0x0187454,
-      0x1a2fb9e, 0x1f38437, 0x0ff5aa0, 0x1972787, 0x1008bb4, 0x0db5d42,
-      0x1be0b6f, 0x0daf12e, 0x09ff0b6, 0x1b2a75a, 0x1f569bf, 0x0416644,
-      0x1d2371f, 0x06e66b2, 0x09538a7, 0x13d4938, 0x118ff97, 0x0cb1e58,
-      0x02d925d, 0x198b000, 0x09598dd, 0x03bce4b, 0x0460443, 0x0b2a20f,
-      0x03b85a3, 0x1e0aa43, 0x08d43b7, 0x1d48242, 0x0077ba5 },
-    { 0x1d86f61, 0x11c69e6, 0x02ac2ce, 0x0a0a054, 0x0312144, 0x1681392,
-      0x1b71601, 0x01e3225, 0x08a32f1, 0x0ee0fcc, 0x031d800, 0x03a21d0,
-      0x13bb1d3, 0x1a32745, 0x1bb1f97, 0x093dda8, 0x1369abf, 0x1eab4d7,
-      0x136b79d, 0x10dd4e5, 0x19209d2, 0x06a2d6a, 0x0af9c08, 0x1335cfe,
-      0x1236e62, 0x003d5f2, 0x174fd57, 0x1262f37, 0x150e80c, 0x0cad291,
-      0x01a04e2, 0x15fe0eb, 0x101265c, 0x1cb2984, 0x06cbd1c, 0x02b6790,
-      0x1bc77d2, 0x1bac0ec, 0x08b8aeb, 0x1be8b23, 0x06b2006 },
-    { 0x05b1bc1, 0x128544b, 0x13f6cbf, 0x152c576, 0x131f536, 0x073fccc,
-      0x034cc00, 0x0bdaae3, 0x153d512, 0x0394792, 0x0972be1, 0x0309a42,
-      0x1e4f8a6, 0x1abfb3c, 0x1c69c04, 0x180b4a9, 0x00c1531, 0x0b854fa,
-      0x1ea2ddd, 0x01972ed, 0x0ce910d, 0x0f4ee09, 0x0d1dbd0, 0x0abf129,
-      0x17a7527, 0x0d22e46, 0x01895d0, 0x0d825c2, 0x17b16cd, 0x17dc648,
-      0x08098a9, 0x071ad61, 0x0d116e6, 0x1c74192, 0x0300cb0, 0x19092a8,
-      0x06868af, 0x0dc88e3, 0x0d54215, 0x14d7a4d, 0x053217e },
-    { 0x19f52b4, 0x0023992, 0x11b3f21, 0x17cc422, 0x168da9c, 0x05e9374,
-      0x0e17b2b, 0x0892c9d, 0x1e4a543, 0x1bed516, 0x093fdea, 0x1090703,
-      0x0f6dc3b, 0x00e40af, 0x1ea5acd, 0x163c340, 0x1e8c3d4, 0x0627d74,
-      0x0b3a7aa, 0x071a3c8, 0x052f0f9, 0x061ae60, 0x09c9f6b, 0x140de0f,
-      0x001c9e9, 0x0d0e40f, 0x0d29b59, 0x13c11b9, 0x04a9a6a, 0x08b9b02,
-      0x16fe38b, 0x1e57a52, 0x1893dd0, 0x00d894c, 0x0de7e5e, 0x05411a6,
-      0x01830ac, 0x1eb000b, 0x0fbbd92, 0x03db35b, 0x0038693 },
-    { 0x09885a5, 0x1d5d9e8, 0x0c1f435, 0x0fc6ab7, 0x0d9d2b6, 0x175d76f,
-      0x0e33d4d, 0x1ac7784, 0x0699ce4, 0x0e5173c, 0x1653358, 0x088e222,
-      0x12354ff, 0x0198b56, 0x12f9c24, 0x1eb88ab, 0x1fd49ff, 0x020c33c,
-      0x1e71b10, 0x159aea1, 0x121a75b, 0x0414b93, 0x19dfb72, 0x1dea05e,
-      0x16887e5, 0x107412c, 0x1efcc83, 0x0b3d26c, 0x1dccb24, 0x1b77c5d,
-      0x0f60738, 0x16ecd0c, 0x1a097fc, 0x036dc0d, 0x075b563, 0x179a744,
-      0x14a8748, 0x04b3e6d, 0x0708039, 0x0922a08, 0x02caaf7 },
-    { 0x0d20424, 0x0c00337, 0x151513e, 0x06448e2, 0x13e4ea2, 0x0d46435,
-      0x14695e0, 0x0164d1d, 0x17ae5b7, 0x06855ba, 0x14e6092, 0x06406ad,
-      0x046ca8b, 0x16f98fd, 0x1a39a04, 0x1b9e539, 0x032d925, 0x15c84e9,
-      0x159c8f7, 0x191ef1e, 0x16f9302, 0x14d5d64, 0x045c975, 0x1a342e0,
-      0x047ca57, 0x1f3b2b5, 0x070628a, 0x176baa2, 0x10d9d96, 0x02f8d6a,
-      0x062d5b9, 0x0e160aa, 0x0e886e2, 0x07fc89b, 0x1cf4276, 0x1d8f8e3,
-      0x1350361, 0x10ddf14, 0x0ef6196, 0x0648bfc, 0x086d7f5 },
-    { 0x0bf719a, 0x0b75b58, 0x044e67c, 0x111787b, 0x1697509, 0x0680da5,
-      0x039489b, 0x039f5ca, 0x090898d, 0x1f1d62a, 0x1b199b4, 0x13b710f,
-      0x184da3b, 0x1df522d, 0x0c01913, 0x160b0b0, 0x1d98355, 0x19b4f9d,
-      0x1e6f304, 0x047350a, 0x18110fb, 0x1cb715e, 0x13d6d14, 0x0331fa4,
-      0x13baf24, 0x08e803f, 0x0e20df5, 0x114cedb, 0x075b166, 0x1531757,
-      0x0f1a3bb, 0x07b6c10, 0x1fe5f94, 0x1b62d2f, 0x143df60, 0x0aa5929,
-      0x0bc1ff8, 0x061e37e, 0x0d37569, 0x1c70d81, 0x0682a55 },
-    { 0x07495aa, 0x11ad22c, 0x117723c, 0x18698e4, 0x0276026, 0x0d23719,
-      0x03316dd, 0x1cfad5c, 0x1ecc3e5, 0x0869cb2, 0x0598a62, 0x085e285,
-      0x071b133, 0x0543b91, 0x0649f9a, 0x14d1791, 0x07e2324, 0x10aa1f9,
-      0x0737086, 0x08ed089, 0x10ac6c4, 0x078a296, 0x06f1ff5, 0x09608b9,
-      0x10a31ff, 0x1089661, 0x0214bdd, 0x02ba8d4, 0x1dd7a64, 0x1829637,
-      0x046b5cd, 0x0f698f9, 0x0ecc3ab, 0x06b866e, 0x006dda2, 0x0ba59be,
-      0x040d390, 0x0792a17, 0x1373415, 0x14dfdfc, 0x002227f },
-    { 0x151948b, 0x0f7ecdb, 0x0974601, 0x0dfbfa4, 0x0efeed4, 0x1645914,
-      0x038253c, 0x1cb9625, 0x196f7c5, 0x088485f, 0x0fb2827, 0x0089699,
-      0x040959d, 0x0704658, 0x12557e6, 0x09f9c43, 0x19d68fa, 0x15e0f93,
-      0x1c42ba6, 0x03c29c0, 0x07f4b02, 0x0fc408b, 0x19345ba, 0x193e34a,
-      0x1c22ebb, 0x1757ad2, 0x1f8d083, 0x1e6e2db, 0x04e8435, 0x1c8aeae,
-      0x0065c7a, 0x051ff75, 0x0fc55fc, 0x1babc32, 0x1535f74, 0x00684fc,
-      0x15ebc7d, 0x1735310, 0x05de111, 0x134524d, 0x0547e24 },
-    { 0x1ffda27, 0x1434550, 0x1d411c1, 0x18f2ab9, 0x14e6cdc, 0x11f9ec5,
-      0x1478429, 0x015eca2, 0x09de5e7, 0x1a093f5, 0x10a08d6, 0x1375f26,
-      0x113d2c0, 0x1517bea, 0x126760e, 0x1804a31, 0x11dddee, 0x15062dd,
-      0x0f73c73, 0x1bbf080, 0x1eda7ff, 0x14b0b7e, 0x195f934, 0x06543e1,
-      0x1656979, 0x071e922, 0x00c6475, 0x08ebc1d, 0x00218b7, 0x1f50e11,
-      0x014d1e6, 0x117964a, 0x0eb5c90, 0x099737e, 0x13a8f18, 0x1638d0b,
-      0x1fe6c1e, 0x16e3a2d, 0x03bab10, 0x181a561, 0x045a41c },
-    { 0x1bbf0e1, 0x0d963a6, 0x1c38faa, 0x1f42f9e, 0x01ff962, 0x15a6332,
-      0x09d617b, 0x0fdb83d, 0x0a9beb1, 0x1aa0969, 0x15d0693, 0x1ea5450,
-      0x1f2c9e4, 0x0c27e88, 0x17df692, 0x0309d27, 0x1dc0df3, 0x0d957de,
-      0x10878dd, 0x047a4a4, 0x181e963, 0x1224efb, 0x121ef87, 0x0b137d5,
-      0x001ed3d, 0x16e8a2b, 0x14a3ffd, 0x1e17b37, 0x0f298c0, 0x0cea450,
-      0x110b4c9, 0x1b11cd2, 0x02d7a77, 0x0157b1b, 0x1adadab, 0x0550980,
-      0x1087da0, 0x028564e, 0x10322ea, 0x19285dc, 0x0128763 },
-    { 0x0bac178, 0x00783d6, 0x1db8a6a, 0x0869611, 0x1cc2004, 0x1f6f693,
-      0x07451c3, 0x0cfd2c6, 0x1866157, 0x108aed1, 0x021522c, 0x0b89961,
-      0x037c75f, 0x0d17470, 0x0a7484e, 0x02ea4b6, 0x0668b88, 0x07f4fed,
-      0x0779faf, 0x1b1b118, 0x01233f1, 0x0f0190c, 0x0d1d959, 0x1932be7,
-      0x05561b1, 0x18d839b, 0x02c4fad, 0x02c1963, 0x13a0eb2, 0x1289ccd,
-      0x1d1fa36, 0x1641f9a, 0x08ca1f9, 0x136b92f, 0x019ed04, 0x1ed4fc0,
-      0x08bb637, 0x01025bb, 0x1d3487a, 0x199f89e, 0x075e96b },
-    { 0x119716e, 0x08fee06, 0x1494627, 0x10f8708, 0x1f58505, 0x0c3e956,
-      0x11b47aa, 0x01ec950, 0x16c0715, 0x15b5fc1, 0x1f56dc4, 0x1a8c9ad,
-      0x1f91d85, 0x07a9faa, 0x1e220d9, 0x1225352, 0x1d88150, 0x030041d,
-      0x0a1dbd2, 0x0e4d07d, 0x0489a76, 0x1d60ad9, 0x1a02cb9, 0x1a3b325,
-      0x0f8d242, 0x0494c2f, 0x073cf79, 0x18af605, 0x0876279, 0x1c1e58a,
-      0x01ff80b, 0x115cb6d, 0x0ba4fe4, 0x1c0cb57, 0x026d75a, 0x1b150de,
-      0x016e523, 0x07ab35d, 0x0252762, 0x135744d, 0x0309a6e },
-    { 0x1fbe97a, 0x1f7285e, 0x1137bc9, 0x1f718a1, 0x1a5fe70, 0x104fae0,
-      0x1ac05ff, 0x18b98f7, 0x1bed36c, 0x1d0ad42, 0x03b4ea3, 0x19b6eaa,
-      0x01c0c3a, 0x15c8434, 0x007be1f, 0x0b9978b, 0x162c49d, 0x050ad99,
-      0x1e8993a, 0x162e283, 0x0e880fb, 0x07c70f7, 0x099fe36, 0x1856c7a,
-      0x0cfd621, 0x17ee98e, 0x154ef9f, 0x049b7cf, 0x0a358a9, 0x03bfed9,
-      0x10750ba, 0x0ebad15, 0x19673c7, 0x1f52ae7, 0x03f5c53, 0x05c6b2f,
-      0x1769b20, 0x19b329a, 0x0de27ba, 0x115aeb2, 0x0045825 },
-    { 0x042dbdf, 0x18d3a50, 0x1e8977d, 0x0eaef3b, 0x0d40585, 0x17332b9,
-      0x12e9c34, 0x05c1ccd, 0x1ca2e89, 0x02eb3a2, 0x19ad7ca, 0x1bde1e1,
-      0x03f56a8, 0x1183b3e, 0x1ba1476, 0x0d739c1, 0x0584334, 0x14c602b,
-      0x1acf1d0, 0x1f9c4da, 0x1e00b35, 0x1f9cbbb, 0x102256f, 0x16db10d,
-      0x0f6a6e7, 0x025c1e4, 0x0d3c0a4, 0x1dc2908, 0x04ec34b, 0x08ad974,
-      0x045fdd2, 0x12da213, 0x0af663c, 0x1d6605d, 0x1d5f907, 0x1200970,
-      0x0f86c02, 0x1c4072b, 0x1cd628a, 0x1c12b6e, 0x053f4a3 },
-    { 0x1fc48e7, 0x1846744, 0x0bac46e, 0x0f5f56b, 0x1a60c57, 0x00e5ad5,
-      0x12fe283, 0x16de0d7, 0x079757c, 0x0977d75, 0x064581f, 0x0162ec6,
-      0x09e26d9, 0x15bbdbd, 0x0a86ad8, 0x1e57e85, 0x0cd285d, 0x01c7760,
-      0x0ea3dfc, 0x128febe, 0x15b5d35, 0x077e0e5, 0x05f2370, 0x0b08b9f,
-      0x0cca0c4, 0x1797f5c, 0x0492789, 0x0dd1b31, 0x1ed89a1, 0x0736a41,
-      0x1cdf099, 0x0a3b220, 0x1a3f145, 0x14cf809, 0x18b8c17, 0x070a02a,
-      0x0908d56, 0x1cc6ba3, 0x148daab, 0x0a7ae47, 0x00a99e6 },
-    { 0x1bc0559, 0x1b7a355, 0x05808d4, 0x1735434, 0x0163067, 0x0b40dae,
-      0x148a430, 0x00e453f, 0x11378e9, 0x092a5f0, 0x04e8b58, 0x0af556f,
-      0x1bc60ff, 0x0332a96, 0x1cb7e2d, 0x0146d4d, 0x0938c17, 0x14d698c,
-      0x06dd366, 0x1b357c5, 0x0523c5c, 0x19fbc24, 0x13dd1c9, 0x01c60c7,
-      0x0a93a0d, 0x1ec6093, 0x0d09238, 0x1c4043c, 0x03ddfaf, 0x01f7419,
-      0x19f65cd, 0x0664c73, 0x1768775, 0x12aa44f, 0x10c5d4c, 0x152ca1f,
-      0x1eebf7e, 0x0aede89, 0x12f02d6, 0x08a021f, 0x03a95cb },
-    { 0x1d7ff2e, 0x134659c, 0x123e553, 0x1783ab8, 0x0dd1cb4, 0x14a1c54,
-      0x0b1ddc5, 0x19c0552, 0x091cad8, 0x0b2e058, 0x142349e, 0x1156659,
-      0x1a0c579, 0x134815e, 0x16f0f0e, 0x1a43034, 0x1255186, 0x1aa2e84,
-      0x09f9936, 0x0ef9b7a, 0x12daf00, 0x1246684, 0x0055f2a, 0x0a65566,
-      0x1a3a024, 0x1d19517, 0x0d0732a, 0x0bf6c73, 0x04aee6a, 0x16e0a3a,
-      0x16805c0, 0x19b7527, 0x05bb436, 0x1c278a4, 0x1d98ca5, 0x0726b2f,
-      0x1ad672c, 0x189e0ee, 0x1c91575, 0x05c0616, 0x0366d22 },
-    { 0x13ea5b2, 0x1a43aab, 0x1137542, 0x17521b4, 0x0fce401, 0x0d01880,
-      0x1e995e8, 0x0c0f6a7, 0x1cf1144, 0x1154052, 0x02fd25c, 0x1e0b4a7,
-      0x010b8eb, 0x0995669, 0x050451f, 0x1a0fb5c, 0x12c7b5a, 0x1b34938,
-      0x1d23281, 0x0bfdce7, 0x18d86dc, 0x0c95c53, 0x063b452, 0x05e2eb3,
-      0x13145dd, 0x1c72745, 0x057e5c6, 0x06811bc, 0x11b3684, 0x136ed6f,
-      0x1f8157a, 0x1cb2656, 0x1b76e73, 0x049fea5, 0x054f4c2, 0x148850e,
-      0x0661bfd, 0x1ee6690, 0x1f4945c, 0x132f3bd, 0x09072ba },
-    { 0x020ea39, 0x0f26ecb, 0x1ba11d3, 0x1f90639, 0x1bf1649, 0x1d4e21f,
-      0x02ec734, 0x1aa161d, 0x13f3df1, 0x11c1437, 0x1b26cda, 0x05671e1,
-      0x034ed07, 0x194e04f, 0x193261d, 0x044854d, 0x0c68ad1, 0x1751f45,
-      0x0f7e96e, 0x01c457f, 0x15926ae, 0x07d8507, 0x1585c7b, 0x10e3f1a,
-      0x0886d6b, 0x1ed19d9, 0x04d7846, 0x16337d5, 0x0f153f6, 0x0d203f8,
-      0x1b93605, 0x0fad805, 0x0608d97, 0x047a33f, 0x0f66daa, 0x08fd1e4,
-      0x039d165, 0x164b292, 0x1b0a49a, 0x17a6aa8, 0x08d92c6 },
-    { 0x1eb0ff7, 0x06be755, 0x0be2cf8, 0x087c1c8, 0x1be3525, 0x00424cf,
-      0x0c89b7a, 0x186afa3, 0x11cd44b, 0x167170f, 0x13fb867, 0x1b7886b,
-      0x1c1245a, 0x1c9fac0, 0x13ba103, 0x1728f0e, 0x19cbda0, 0x148b53b,
-      0x095eb82, 0x1902b5f, 0x01b0abc, 0x16f8531, 0x05eb7b0, 0x1f217b9,
-      0x0502b81, 0x11edf35, 0x054ef79, 0x097f3bc, 0x084c255, 0x0d5fbc4,
-      0x1c2a23f, 0x19776a8, 0x0aa52b1, 0x09f7a98, 0x05b0a41, 0x15f00a7,
-      0x0dd827e, 0x01ec4c4, 0x1970235, 0x02eb835, 0x04e4bec },
-    { 0x0c09676, 0x041d17e, 0x0a52fe1, 0x1e33d53, 0x057c4a3, 0x0152eea,
-      0x0bbcf5c, 0x1b14d0a, 0x0843fe7, 0x1c8afe9, 0x0d45639, 0x15302dc,
-      0x10644bb, 0x0f6ba37, 0x06e5742, 0x1e16b1a, 0x181b90a, 0x123b822,
-      0x13f44d7, 0x0978d7a, 0x13a50bd, 0x13da741, 0x09b7381, 0x0ad5343,
-      0x08f30ff, 0x1ff1607, 0x03b0b18, 0x1390100, 0x1508a8a, 0x1052cc7,
-      0x0e91270, 0x0652502, 0x0b94cb3, 0x140d101, 0x14a3b1f, 0x0ec8fc7,
-      0x1487767, 0x133e8d5, 0x1b491cb, 0x1eadf3b, 0x07a4aa3 },
-    { 0x07a0045, 0x178dd71, 0x0d41567, 0x1f64859, 0x1c812d4, 0x07c6926,
-      0x1e390e7, 0x0a84748, 0x19b3f9c, 0x1aa27e2, 0x087f3e5, 0x02655ff,
-      0x1b5ac68, 0x1a51641, 0x1e3fb80, 0x0976ee9, 0x00fcd3f, 0x14b6632,
-      0x0144ba9, 0x1b9d3b6, 0x181e775, 0x0ee6e71, 0x19f7286, 0x1a7fcaa,
-      0x0b3f3a9, 0x1a7e0f7, 0x0868649, 0x11c17e8, 0x169b123, 0x17da146,
-      0x1e05664, 0x13fa13b, 0x0fcebde, 0x15aefa4, 0x093ed06, 0x0bb93bf,
-      0x00a269c, 0x1ebee46, 0x0b78432, 0x0f7efe1, 0x060282a },
-    { 0x0eea2e7, 0x1f29c6e, 0x1875f01, 0x1078840, 0x18a322c, 0x0fb28b1,
-      0x0a3e53c, 0x020ced0, 0x1c7776a, 0x10db4fd, 0x1ad017c, 0x082f6bc,
-      0x02c63a3, 0x08d3db2, 0x067c962, 0x0288099, 0x0a82cad, 0x09c3496,
-      0x021a6f3, 0x105ffc0, 0x066af1e, 0x070b7f2, 0x10c2dc5, 0x0032271,
-      0x142f919, 0x1572fdb, 0x003e945, 0x1202cda, 0x073a43e, 0x1bd66c6,
-      0x1c95543, 0x1f78b86, 0x16a407d, 0x01cf696, 0x14e5a33, 0x01c8f4e,
-      0x0a5fbe7, 0x09436ca, 0x0e508ff, 0x18e478d, 0x05f4ae9 },
-    { 0x1f4d561, 0x116ed29, 0x064b65a, 0x002db43, 0x086d45d, 0x0a58289,
-      0x007eff7, 0x1d48934, 0x19f2195, 0x0a44506, 0x1986cc9, 0x161546e,
-      0x02c4151, 0x1cf2f70, 0x0311c7b, 0x1102f73, 0x06ea865, 0x1525e54,
-      0x09a3f02, 0x15b70ef, 0x06a9bbc, 0x04b5b9b, 0x022cd19, 0x0cc385b,
-      0x098d415, 0x1061977, 0x1b24050, 0x0b67698, 0x0752aff, 0x139a979,
-      0x07288d4, 0x0a21c9b, 0x164ce73, 0x0554017, 0x1c9ab29, 0x072734f,
-      0x001aa50, 0x09f148a, 0x0bf4a73, 0x047b88d, 0x092a014 },
-    { 0x02f7dbd, 0x125f08e, 0x1feba7c, 0x1f6faa4, 0x1a8c900, 0x0478946,
-      0x096ee19, 0x0832c7c, 0x0481419, 0x15b89f1, 0x1d5bee6, 0x1a02f4c,
-      0x1de87f7, 0x02c6c85, 0x1376178, 0x0d57a4e, 0x07a8256, 0x0c11ff7,
-      0x1090065, 0x0461aee, 0x046e9f6, 0x16565af, 0x0115e7c, 0x14990fc,
-      0x0626316, 0x02b9511, 0x0f666c2, 0x1943348, 0x08789e9, 0x15d1f24,
-      0x0f61b70, 0x1280d87, 0x160b5b9, 0x04abf7c, 0x0a2e258, 0x16de588,
-      0x161c515, 0x1a43830, 0x12e6e41, 0x03d5511, 0x00fc8fe },
-    { 0x0b90f2d, 0x10df6ff, 0x1565a2b, 0x1949162, 0x1393bb3, 0x074b1af,
-      0x0be73d9, 0x18457cc, 0x0f8be75, 0x0a61208, 0x1dd4a4d, 0x0e06bcd,
-      0x11bd7ea, 0x0b16559, 0x1921a38, 0x1e7ff84, 0x070c860, 0x1589c8f,
-      0x16260df, 0x0cf8ea3, 0x0941df3, 0x1a15f99, 0x18542da, 0x182631f,
-      0x0f46e78, 0x0b04af4, 0x0e8b12c, 0x167e3b5, 0x1afbf32, 0x1ae7380,
-      0x1171b33, 0x0bd10e9, 0x0d27530, 0x16e5f1d, 0x1945771, 0x1a7250b,
-      0x199892d, 0x0aa6c36, 0x1e27cf2, 0x0c5bfa6, 0x02d0ba8 },
-    { 0x072e1af, 0x0c7745a, 0x0f33ab3, 0x1d6ed57, 0x0b354ea, 0x0c9fdef,
-      0x02fe343, 0x00d36a4, 0x1fe6fc7, 0x066b06b, 0x18bce7f, 0x1bbd49d,
-      0x1ea9353, 0x0d40f28, 0x0c2497a, 0x0ceeebd, 0x1a1d136, 0x0f719a6,
-      0x14d535a, 0x05193fa, 0x0d54c1d, 0x0ac952f, 0x0e5dc5d, 0x1ee1b03,
-      0x0367fb7, 0x13d2e9f, 0x0aa4ceb, 0x17cfdd9, 0x1cfbb77, 0x18fcf11,
-      0x0049933, 0x11292ed, 0x1129f4a, 0x111ad86, 0x169026d, 0x14e0a6e,
-      0x08a376d, 0x1b263aa, 0x16ff333, 0x0249a83, 0x0963c87 },
-    { 0x036a814, 0x14865ef, 0x0ad6eb8, 0x0ae6762, 0x1bdb019, 0x1ff070c,
-      0x1619fdd, 0x1d41d75, 0x129720c, 0x13e8cfe, 0x07b1c82, 0x0ca3205,
-      0x1e434d7, 0x1da8c88, 0x1abfc5e, 0x0fec10a, 0x19ad80a, 0x168512e,
-      0x0123041, 0x150d5ff, 0x149cffc, 0x1ca1d6b, 0x14fa2f7, 0x1cd2d76,
-      0x00284e3, 0x10afdcf, 0x0bbbb90, 0x1d6cc61, 0x0f3c633, 0x1dcf176,
-      0x102763e, 0x09c0181, 0x1da4ffa, 0x1df5638, 0x1965755, 0x1f652d7,
-      0x08cec7e, 0x08fdd6d, 0x15ef45d, 0x079feab, 0x02d03eb },
-    { 0x0f2ec1d, 0x1492f82, 0x1b8bac5, 0x0c1a28f, 0x0878f27, 0x0cecf05,
-      0x1d812ab, 0x0b6885b, 0x13f7103, 0x08efa25, 0x05756e2, 0x0567197,
-      0x03c2827, 0x0f74769, 0x053bed5, 0x1e7c6de, 0x00f13b0, 0x179e223,
-      0x0f5ccd7, 0x1f37aed, 0x1a6e889, 0x18fbaad, 0x0227b9d, 0x04336d9,
-      0x184feed, 0x008b134, 0x1fb0bb9, 0x1a898e6, 0x0fcd372, 0x02d131f,
-      0x1aee50e, 0x0cc6f04, 0x109321b, 0x15bd3ec, 0x09e4fb9, 0x0f849f1,
-      0x07cf61b, 0x0546925, 0x0b3668f, 0x1838a97, 0x0842e40 },
-    { 0x061d843, 0x1476b53, 0x0335689, 0x149eb66, 0x02328cc, 0x08f0bb8,
-      0x1fb444c, 0x0ce2dcd, 0x0c66959, 0x086f65a, 0x0b8a01a, 0x17ecaf6,
-      0x10bdac5, 0x0f7f216, 0x1fe0b28, 0x1945f04, 0x00aca5f, 0x162aa76,
-      0x1791541, 0x04ed83b, 0x1513ac5, 0x047183b, 0x0dfd32c, 0x10f2f99,
-      0x16d9acc, 0x1694657, 0x10364cc, 0x0b2c902, 0x1a409fd, 0x114b942,
-      0x04f31ab, 0x0c447a1, 0x173c2a5, 0x07e04bb, 0x1ab144a, 0x185aa4c,
-      0x1c31fe6, 0x0b5be5d, 0x04ca296, 0x1359592, 0x00e6331 },
-    { 0x0360ac2, 0x097d6f8, 0x016ad73, 0x1c50bcc, 0x06b660d, 0x0dcd8a4,
-      0x13c4389, 0x0a9058d, 0x1aa9ac5, 0x0afd1c6, 0x101c3a7, 0x0370a4d,
-      0x0d3dfcf, 0x1fe6629, 0x1e6a5ac, 0x18fea06, 0x0290bfc, 0x0f1b2ce,
-      0x074f9a8, 0x147b6ad, 0x02d55b1, 0x1acdbda, 0x0d054a2, 0x045400d,
-      0x1efa49c, 0x1db49a6, 0x026d338, 0x01e7003, 0x0baf329, 0x1e0259d,
-      0x18ac1ce, 0x1ff0713, 0x1a5a222, 0x0d1ad93, 0x1547fe9, 0x0416f53,
-      0x08e1a7c, 0x1cf6779, 0x1c16924, 0x14430e4, 0x088839d },
-    { 0x01ce29a, 0x1361838, 0x15415ad, 0x0cb1303, 0x1acaf12, 0x0fcf909,
-      0x1f03041, 0x027a9b5, 0x0373e3d, 0x172b8f3, 0x1b8f2bf, 0x190df45,
-      0x1ae7269, 0x0e901c2, 0x132992b, 0x1d359eb, 0x1573000, 0x190bf93,
-      0x19c9cfb, 0x09b68e1, 0x0776c93, 0x1b9aadb, 0x10a53d3, 0x180a300,
-      0x036b96f, 0x0858fd5, 0x0ec1486, 0x1f1163b, 0x0aef528, 0x0dc874f,
-      0x040d5e4, 0x1b6d037, 0x17fb2eb, 0x0e1b4f9, 0x1475105, 0x1273a14,
-      0x1d2e21c, 0x0ce6538, 0x0309bf1, 0x1fd43ea, 0x064128c },
-    { 0x0f5b0b5, 0x13c5174, 0x0167c0d, 0x19a681e, 0x1c7e249, 0x053e762,
-      0x011064f, 0x1308288, 0x0bc83af, 0x1ae51a3, 0x02eec01, 0x0067f55,
-      0x17f39f0, 0x19c1187, 0x063c3b7, 0x1e68a7a, 0x00cd448, 0x0bc6ff8,
-      0x146a91d, 0x045181a, 0x08d1849, 0x0418649, 0x175389c, 0x0259fa7,
-      0x1a6868f, 0x1036335, 0x0e22ce8, 0x122093b, 0x0dae010, 0x082c80b,
-      0x1f76197, 0x1c4a7c6, 0x199e905, 0x0c38da2, 0x0309f3a, 0x1c6459e,
-      0x174a132, 0x07aa6d0, 0x12f6805, 0x0137b57, 0x093634a },
-    { 0x1a2e304, 0x13593d4, 0x04918a0, 0x0d83498, 0x057e186, 0x1c0b886,
-      0x0e0c888, 0x1fd2275, 0x1a9847c, 0x14db5c2, 0x1d1bf5f, 0x19e256b,
-      0x0d29655, 0x001c733, 0x0555cae, 0x0bd56e5, 0x0016fa9, 0x0f265d3,
-      0x077b6a0, 0x0220e37, 0x161ebbc, 0x0d1f8e7, 0x05fc002, 0x07c19f7,
-      0x0777b37, 0x11da9b9, 0x1344e75, 0x005f213, 0x07d78e3, 0x196d27c,
-      0x18c7b59, 0x168090e, 0x02077a3, 0x011591b, 0x0cb6773, 0x0f88118,
-      0x06deeee, 0x062df91, 0x0d5f92d, 0x0cf780c, 0x0266cb4 },
-    { 0x16363e8, 0x120aa5a, 0x136dbea, 0x1078354, 0x0b4fd07, 0x0f32cba,
-      0x03778ae, 0x108286b, 0x0fa004b, 0x19a571f, 0x0446996, 0x05d9e33,
-      0x18cf44b, 0x129b5fb, 0x12aa0ce, 0x1b92aab, 0x0b98870, 0x0b0370f,
-      0x07cd447, 0x0650fa1, 0x1364e3c, 0x15ceae7, 0x1a2cbd3, 0x157193c,
-      0x0e89263, 0x108e0aa, 0x1b0daad, 0x0a91051, 0x17d1201, 0x1fe5d0d,
-      0x15c24ca, 0x0a62b71, 0x0e7b5bc, 0x19d60bf, 0x0347dd1, 0x06f05fa,
-      0x1c8f2af, 0x1814d41, 0x13b86f2, 0x036a48a, 0x04b1d5a },
-    { 0x1d52c0c, 0x128ba31, 0x06744bf, 0x1c31181, 0x1735525, 0x071cab1,
-      0x0558cd8, 0x086b8c4, 0x0acfa5a, 0x059f8e5, 0x1a041e2, 0x1414f2f,
-      0x0a90123, 0x18af040, 0x0c7dad6, 0x1b5b574, 0x012fca3, 0x06bef2f,
-      0x17d4472, 0x0e6c361, 0x1d4e328, 0x0a32bab, 0x1f32003, 0x00fd922,
-      0x10f3d52, 0x0718840, 0x04c3ba8, 0x1a9cade, 0x05a2ec0, 0x17099f5,
-      0x142efdf, 0x17cd577, 0x1c07762, 0x1fb0cb7, 0x1738482, 0x159063f,
-      0x1622d42, 0x1a1cfd5, 0x12c9f81, 0x07ea11c, 0x08186b9 },
-    { 0x1312867, 0x0e8aa04, 0x16d3186, 0x0b7f5ef, 0x1e042c0, 0x0faeed3,
-      0x059a07d, 0x105839e, 0x1a4fc3d, 0x055282b, 0x02e3f94, 0x1acb9cd,
-      0x04ed30e, 0x1f5a6b2, 0x0c0702e, 0x0092fd9, 0x044831c, 0x03daee2,
-      0x0df66c7, 0x1cd4013, 0x1c91351, 0x1ceca3b, 0x12ee18e, 0x1a82214,
-      0x0589105, 0x1bd55d3, 0x110d602, 0x0010d9e, 0x1e357e3, 0x003b485,
-      0x13ac4e7, 0x04f6a42, 0x0bfff1a, 0x1d5ab89, 0x1b5c8b0, 0x14f39f8,
-      0x134a9bf, 0x01ef2bf, 0x0aca91d, 0x12f93dc, 0x00bf97e },
-    { 0x1a19e96, 0x027646e, 0x1a2e5bb, 0x14d860d, 0x14ce18e, 0x1b48c52,
-      0x184ad97, 0x132fd06, 0x10d9a0d, 0x1637b45, 0x1730246, 0x0f48c5f,
-      0x1398a69, 0x0ade1f0, 0x13897c6, 0x12e60cb, 0x0dab393, 0x10c4b76,
-      0x0bc4a01, 0x10341e6, 0x07df9eb, 0x170e96e, 0x14f5d05, 0x08e6b33,
-      0x07976ad, 0x01cf116, 0x0a7d7bd, 0x1bc6f53, 0x09d94e3, 0x0055cf3,
-      0x121adeb, 0x0153a17, 0x0bfa9e0, 0x1789073, 0x1c3559d, 0x1eaed50,
-      0x1eaac23, 0x0c8dda7, 0x0aaecef, 0x0587c81, 0x08fe548 },
-    { 0x09a4d1e, 0x133e167, 0x00e216b, 0x069e3a4, 0x0c3eb80, 0x0830c92,
-      0x03ce897, 0x038b8d9, 0x1308fb4, 0x01ef056, 0x10a53a0, 0x0b79ce3,
-      0x1a9961f, 0x1817586, 0x1881e37, 0x1d16db8, 0x115b64a, 0x1e43f7a,
-      0x02d3463, 0x0f3e3ca, 0x1f43696, 0x10a90cc, 0x1170026, 0x0c814bf,
-      0x084be0f, 0x0b353ea, 0x048f6ad, 0x1923176, 0x075d2c4, 0x08a6321,
-      0x15a99f0, 0x195a5bd, 0x1a913b9, 0x1ae46ca, 0x062dad2, 0x0c313da,
-      0x142d3bf, 0x15b1035, 0x0f0fd2b, 0x0d37791, 0x03928c6 },
-    { 0x0cb4b64, 0x1f5256d, 0x0687792, 0x09e4c2f, 0x03f62a4, 0x0889520,
-      0x12539ea, 0x03de755, 0x1d36f33, 0x02247de, 0x0e17124, 0x057880f,
-      0x1b42604, 0x1090dbb, 0x1629658, 0x1d308b5, 0x04f67ce, 0x098b3a5,
-      0x18ecbc3, 0x1d177c9, 0x10eb7fa, 0x0ed3e49, 0x1a077db, 0x0b3a1a8,
-      0x0fa98c2, 0x0fed6f7, 0x1afa870, 0x1629b3c, 0x1405d11, 0x0e4590e,
-      0x150eeab, 0x0e7124e, 0x01dff93, 0x0e6f278, 0x0cfbc1c, 0x130386b,
-      0x1150d0d, 0x026970c, 0x0d3d85c, 0x11e6aa2, 0x06ccc88 },
-    { 0x0d7504c, 0x1b7873d, 0x1777e34, 0x1fef2b3, 0x1ca3265, 0x0f33d55,
-      0x07b7bfb, 0x05e1b9a, 0x0baebf3, 0x13b7a67, 0x1b73f04, 0x0dcc029,
-      0x176825a, 0x0cd6c75, 0x0306a0a, 0x19c3c17, 0x0a909b8, 0x1189012,
-      0x12f4d46, 0x1fb3173, 0x08becb8, 0x1c7d58f, 0x092104d, 0x0e7959f,
-      0x10f5d39, 0x12a0bf6, 0x1096754, 0x02fc290, 0x191393a, 0x1c21ba5,
-      0x1a54f56, 0x0359479, 0x1792b21, 0x07c0ac7, 0x0443230, 0x1a06bfe,
-      0x0d4ed7b, 0x1d31abd, 0x0bbe5ab, 0x10164df, 0x02f1519 },
-    { 0x1d2d439, 0x118ed14, 0x0554321, 0x0578073, 0x121fbbc, 0x02dbad8,
-      0x05e49b0, 0x1d87cb5, 0x0b6ce47, 0x0b67a60, 0x031961b, 0x0ecf3b1,
-      0x17baaa1, 0x199aad0, 0x076e79f, 0x0b50a06, 0x1d80aef, 0x1c1c0f1,
-      0x168c6f7, 0x1b65202, 0x1d7dc71, 0x1a4a4c7, 0x18e3dad, 0x17dddec,
-      0x1f3f913, 0x1d9a276, 0x07d2ad9, 0x0c2e64e, 0x02df11e, 0x16387e9,
-      0x048e880, 0x040b89d, 0x1be0389, 0x1cc907b, 0x0216a3a, 0x1438432,
-      0x1eb54aa, 0x002e745, 0x03595b2, 0x16e158b, 0x0354b05 },
-    { 0x09170e9, 0x0f11b3d, 0x0335c5c, 0x1a995aa, 0x01eec42, 0x0ee67d8,
-      0x0093cf3, 0x035ff7d, 0x1a66cae, 0x19f4671, 0x11f4069, 0x14ff2cb,
-      0x1eb7138, 0x0e1ecb8, 0x01638fd, 0x14e5600, 0x0c32ff0, 0x1a92c8d,
-      0x0ef39db, 0x1f6b797, 0x1a18a32, 0x1c54fc0, 0x1cc906a, 0x14d0c61,
-      0x13332ec, 0x09df98e, 0x11120bc, 0x08f5f3f, 0x081be28, 0x110bd23,
-      0x1e5865b, 0x1cabdf9, 0x138f932, 0x06382cc, 0x12e1c2b, 0x047cfb5,
-      0x0f09fac, 0x0df449e, 0x08e8750, 0x1895c6a, 0x048dc55 },
-    { 0x1092193, 0x11c1352, 0x1c32398, 0x04d1312, 0x046ec36, 0x04f5a0f,
-      0x15abc97, 0x08a5e26, 0x083c7d2, 0x0bc0320, 0x0038e10, 0x1ecf2fa,
-      0x1c982de, 0x12890a8, 0x0badb9e, 0x110d270, 0x0778af5, 0x10aa708,
-      0x09473c0, 0x00e0eb1, 0x1c58187, 0x1bb8989, 0x137aea7, 0x02ab209,
-      0x1b973ba, 0x19d2eb3, 0x0c7435e, 0x0a393e9, 0x0af2cd8, 0x0eb8c5c,
-      0x18867ca, 0x130d71a, 0x194ccff, 0x1ce19e5, 0x092ee4e, 0x110e4bc,
-      0x06e38c6, 0x0e7262b, 0x1008501, 0x1ba16db, 0x05f6a8e },
-    { 0x19a8690, 0x02652c7, 0x101e0dc, 0x0c5eed4, 0x1f36976, 0x1008141,
-      0x0b631a4, 0x19ff782, 0x0bce3a4, 0x06ac78b, 0x0ac9b53, 0x0c94095,
-      0x0878046, 0x07522bd, 0x173eee9, 0x12f2800, 0x1b3b8a5, 0x0a9bca8,
-      0x1f87dce, 0x0573c89, 0x17974ca, 0x06ef992, 0x1910a2b, 0x14487b7,
-      0x1a3420e, 0x00f3246, 0x0fd0f38, 0x19ccac5, 0x1db490c, 0x0210f93,
-      0x1c2103c, 0x117f6f9, 0x16ccb70, 0x1cbe98a, 0x00356a1, 0x1736669,
-      0x1eb814b, 0x09703d4, 0x01eb0b8, 0x0e594ff, 0x01ca650 },
-    { 0x19d25a0, 0x190e795, 0x1b6feec, 0x14814e8, 0x06affdc, 0x11b45ab,
-      0x14c3967, 0x11f8382, 0x07d8006, 0x1768f52, 0x1f75a15, 0x11fcac8,
-      0x089b74d, 0x04dbc6d, 0x05ad41e, 0x067223b, 0x0438bbe, 0x19cdba9,
-      0x1616317, 0x1a887c1, 0x0a34ef8, 0x04cb235, 0x1374b6d, 0x0cea878,
-      0x13bd1e6, 0x0c2bfd6, 0x01a2602, 0x01ae218, 0x1acabad, 0x1f9924f,
-      0x04a7deb, 0x029f343, 0x15dec1c, 0x183d082, 0x0e647ec, 0x09594cc,
-      0x15ffff6, 0x027ec89, 0x0f3bab1, 0x16d975a, 0x0462caf },
-    { 0x03237dd, 0x05323ef, 0x1010598, 0x190570e, 0x15f735c, 0x1d2afc4,
-      0x07d6777, 0x095ef0f, 0x0726b91, 0x0f7821f, 0x0f8a605, 0x127a392,
-      0x1118753, 0x1778c19, 0x08af9d1, 0x1425743, 0x1fc25a9, 0x1a73f46,
-      0x070e45f, 0x1f92fb5, 0x1e41dfe, 0x0185175, 0x0f21d74, 0x065a399,
-      0x1d235a7, 0x16987ba, 0x1b66ea9, 0x0dfdcff, 0x1485760, 0x07d5b2f,
-      0x102a9e1, 0x0a27f07, 0x1155e22, 0x1ce8991, 0x1c60fa3, 0x1ba5f6e,
-      0x1546eaf, 0x148a81d, 0x0d820a8, 0x118d9b2, 0x01293c9 },
-    { 0x1d53b77, 0x00928a4, 0x0b1dc9e, 0x1b2dd5f, 0x06ab403, 0x1b5b88d,
-      0x11f6d28, 0x1836faf, 0x087e771, 0x11c6384, 0x0dd48a0, 0x157e676,
-      0x0d495f6, 0x0643a98, 0x0c0a272, 0x0223561, 0x186e77b, 0x16541e5,
-      0x06f4627, 0x181f714, 0x17c7be1, 0x1d8d74e, 0x1633ecb, 0x08187d0,
-      0x023c549, 0x083e82e, 0x05d2b64, 0x0dcf3c8, 0x0e71421, 0x1f82832,
-      0x13e8291, 0x1fbfac2, 0x0929cd4, 0x14c45e3, 0x0130e51, 0x03db64b,
-      0x046f8fb, 0x125af9f, 0x052e9cf, 0x142d1d5, 0x053b79a },
-    { 0x0bbb6a1, 0x1d7e722, 0x1ca085b, 0x00cf042, 0x13a5bba, 0x0ec9cd6,
-      0x12cc2a7, 0x1fdde3c, 0x1f19efa, 0x117579e, 0x1b00500, 0x179cf69,
-      0x18fed5a, 0x0896339, 0x05a3b99, 0x11344c9, 0x06929fe, 0x09188cc,
-      0x1ce5f01, 0x073b1a8, 0x16c40d5, 0x0a11a2c, 0x19002f1, 0x08cc23a,
-      0x07f5853, 0x107dc94, 0x0f27576, 0x0813320, 0x1af2a80, 0x04cbe41,
-      0x18797bd, 0x06502a3, 0x09dc01b, 0x0088264, 0x12a5610, 0x1a2a1f6,
-      0x13872c9, 0x137beaf, 0x1a0cd02, 0x1a2ad85, 0x08290d6 },
-    { 0x0546946, 0x11be36c, 0x1febe11, 0x12d3d8a, 0x1a134a3, 0x04803f6,
-      0x166935e, 0x013a846, 0x00dc7b8, 0x012abff, 0x1e12a6d, 0x0a5a5ac,
-      0x1fe62ae, 0x05e56da, 0x1c53298, 0x1f94b44, 0x1e633aa, 0x0e61046,
-      0x1659e04, 0x01dab9d, 0x1660238, 0x14ed990, 0x1b9ad57, 0x0ea46b4,
-      0x0d02ca6, 0x0708df5, 0x06ccfe8, 0x0398ddf, 0x0a2a085, 0x1f13783,
-      0x13ff488, 0x1d88f67, 0x0f332e1, 0x14c2700, 0x05ee82a, 0x088b3e5,
-      0x0e952e1, 0x10ecb4f, 0x0aec1be, 0x156609f, 0x0506ef1 },
-    { 0x1bff163, 0x075939a, 0x061046d, 0x1fd53f5, 0x1130b96, 0x1593e73,
-      0x1acfe77, 0x1aacd59, 0x19dd1c3, 0x16d78d2, 0x01d6aa8, 0x14fd4e6,
-      0x18f5090, 0x11838da, 0x09abce7, 0x15b386d, 0x13ddf73, 0x15146b1,
-      0x1722685, 0x0a99597, 0x1c3cdd3, 0x11ea6e5, 0x17fa8d0, 0x13b25a3,
-      0x074d237, 0x1b2b776, 0x1e3bb59, 0x02948ad, 0x0feb1fe, 0x1ba1fd4,
-      0x11feaf9, 0x1731f97, 0x004ccf8, 0x138370a, 0x1effdc6, 0x10d99a5,
-      0x0d85c67, 0x179feda, 0x00d136a, 0x17e2a40, 0x0415b7d },
-    { 0x18377a7, 0x082c33e, 0x09ca5c0, 0x1197006, 0x068a3d6, 0x1d26190,
-      0x14a27c0, 0x121facf, 0x193c8f2, 0x1e384ae, 0x168ae12, 0x0279d3c,
-      0x1b712fa, 0x07f5cf9, 0x1ab1b18, 0x0a985f8, 0x0d96e0e, 0x0866d1b,
-      0x18c8280, 0x132ea30, 0x0f11454, 0x08cbf80, 0x1e4c632, 0x126ca11,
-      0x04c3fe6, 0x05500ee, 0x0617c1a, 0x0d345df, 0x15511c7, 0x0778515,
-      0x014d48b, 0x168245c, 0x06965ed, 0x0ea1f80, 0x0bf305d, 0x13f9c1f,
-      0x0c831d5, 0x0ee4def, 0x01e7549, 0x1e35eb1, 0x01ec314 },
-    { 0x08310c2, 0x1ff7796, 0x1dd0198, 0x148afc7, 0x0a7e14d, 0x1a3443d,
-      0x043f394, 0x18a7256, 0x1637ec2, 0x0f251c7, 0x0be37f3, 0x06416a8,
-      0x1150773, 0x1bef0b8, 0x04c0be7, 0x1378c68, 0x063ae4b, 0x180c58e,
-      0x14be79b, 0x0388ddb, 0x0fa0f00, 0x0b93766, 0x14eec2a, 0x08dc18f,
-      0x1b99d77, 0x1765498, 0x1fd61d6, 0x01916de, 0x139c82e, 0x18be4b4,
-      0x192eccb, 0x07bcb4c, 0x05135d2, 0x1fd35bb, 0x12d14aa, 0x1ce326d,
-      0x0dc105d, 0x0e60479, 0x15e22b5, 0x024fffe, 0x017e91d },
-    { 0x1e051ca, 0x16769db, 0x1b52fa4, 0x1a338ee, 0x0644d4f, 0x033c25e,
-      0x12d4802, 0x0639156, 0x1ce9d6b, 0x1533113, 0x07a71cf, 0x1347a51,
-      0x0e39524, 0x08950cf, 0x1427997, 0x0b5d8a8, 0x0928c36, 0x153dea3,
-      0x1e58f83, 0x132fc8e, 0x132d354, 0x0bdaccb, 0x035d965, 0x1a9476c,
-      0x04aeb91, 0x1144cac, 0x1077acf, 0x1cca7d4, 0x0571df6, 0x0c76ab9,
-      0x1e729f2, 0x16315c3, 0x101a38f, 0x1dcbf79, 0x1f098fd, 0x0a2c53e,
-      0x0fc4a0d, 0x1211415, 0x030077c, 0x0967bba, 0x0118f3b },
-    { 0x0d4762b, 0x050543d, 0x05d5d28, 0x1518b1a, 0x1aef84d, 0x1bb6c30,
-      0x1258133, 0x1162dfe, 0x07e60d9, 0x05f43c3, 0x1076eb0, 0x1ff67d9,
-      0x1a83637, 0x0eeb0a3, 0x1129825, 0x08dcb84, 0x0345b08, 0x0d1f0bc,
-      0x1de9301, 0x1d6d0dc, 0x0695735, 0x07efbac, 0x16f062d, 0x1bfca5e,
-      0x18d0b1b, 0x1d08ab0, 0x1401c56, 0x0f1d981, 0x1d617f8, 0x1e8d616,
-      0x04076f6, 0x0436c2e, 0x1d2b631, 0x0c9e110, 0x09e513d, 0x08459d1,
-      0x04f1702, 0x0da9b52, 0x19c9cee, 0x0f91a07, 0x001d0a6 },
-    { 0x046533c, 0x1211b0f, 0x0ab9ee5, 0x01f7118, 0x0947799, 0x16250c7,
-      0x1745a90, 0x08a0336, 0x1d83c7a, 0x09af40e, 0x198f8dc, 0x17ba996,
-      0x0374a69, 0x13b606b, 0x19fb36f, 0x11b4cf6, 0x12111e6, 0x101eaa2,
-      0x0ba1942, 0x199d6ba, 0x1b37596, 0x1e95781, 0x1355cb7, 0x17ab2a5,
-      0x04ba1fa, 0x0b4a91b, 0x1ad3b61, 0x1e8fa8a, 0x10d5d47, 0x1ab964a,
-      0x0116b62, 0x090dc5f, 0x0dd2dfa, 0x1d82265, 0x0d0f15a, 0x0dbaa4f,
-      0x197c08e, 0x16dd124, 0x0c83f26, 0x00cfb4c, 0x01b625b },
-    { 0x1d8446d, 0x1d53da7, 0x0fad137, 0x035edfd, 0x001b2f0, 0x041c5ae,
-      0x10e23fa, 0x1177e88, 0x1bba975, 0x19e21a7, 0x15af27c, 0x19750e2,
-      0x0b2b971, 0x0fa484c, 0x0917970, 0x18bbad6, 0x1342b41, 0x1c3ee5a,
-      0x13614b5, 0x1f018c6, 0x1a34db1, 0x0c1219e, 0x1b5b8c9, 0x0fbe184,
-      0x020653f, 0x1b2fb34, 0x10d832c, 0x0994acf, 0x06656ac, 0x15614c1,
-      0x1a0c87e, 0x17e0d2e, 0x1f5ca6f, 0x1b31c89, 0x04869c1, 0x1c2a72f,
-      0x0400736, 0x18a1944, 0x05236f7, 0x12c33f9, 0x0333eca },
-    { 0x0775d81, 0x1bca456, 0x0f288cc, 0x1fa83b7, 0x18c2518, 0x1e74a41,
-      0x1e93ef3, 0x1cec478, 0x054703f, 0x169b11b, 0x0ced6ea, 0x074827f,
-      0x102b3a1, 0x1fae00f, 0x0cd5969, 0x12cc2bb, 0x0dc5235, 0x0eb9204,
-      0x1585ba4, 0x0ff1ca3, 0x19995a1, 0x15e592d, 0x04305bb, 0x126e87d,
-      0x08cf133, 0x053f9af, 0x0b952d9, 0x10fb4e9, 0x0d449d9, 0x191532e,
-      0x17555ec, 0x06fcf62, 0x05082a5, 0x089a7bb, 0x1d0bcb3, 0x0c9a4b8,
-      0x0ccf074, 0x0ece03a, 0x144d6ba, 0x0210e51, 0x072fc21 },
-    { 0x16004c8, 0x15901fc, 0x17fea41, 0x1e8b00a, 0x183f95c, 0x19ac84e,
-      0x1619d57, 0x1ddaefa, 0x1e550c8, 0x14f537d, 0x0182052, 0x1952ab4,
-      0x0291c8c, 0x1e74103, 0x07fb9e2, 0x1f0bc94, 0x0069a3d, 0x175cd6f,
-      0x14f7999, 0x1b9e18f, 0x0d51fbb, 0x0dae99b, 0x08a28e4, 0x05ff878,
-      0x18d285c, 0x12dbb07, 0x0cbdec5, 0x1dc91bc, 0x1770401, 0x1ec22b0,
-      0x0800e00, 0x13bdff3, 0x173f648, 0x11ad272, 0x0e3a85f, 0x0dc344e,
-      0x0840a6c, 0x0778be4, 0x164b48e, 0x1f1623d, 0x0480946 },
-    { 0x171f119, 0x1a3d47e, 0x1a56131, 0x1ca7d66, 0x19e65c5, 0x0c2c3d0,
-      0x19e198a, 0x1e81c5e, 0x1ab18d6, 0x052444c, 0x02e3012, 0x00498c6,
-      0x12a1a99, 0x16557c4, 0x05d4258, 0x1ac4909, 0x0bae20f, 0x064434d,
-      0x10adf75, 0x05609ad, 0x17d03b7, 0x1b04c97, 0x189dd7a, 0x00dcd09,
-      0x1c06e7d, 0x0038044, 0x0792ef4, 0x167686c, 0x0846e4c, 0x1335a5d,
-      0x07a86b9, 0x08c8c9b, 0x01c2eb2, 0x029cfe0, 0x0f9b07e, 0x0ff0de5,
-      0x0f68afc, 0x1474576, 0x1a4085b, 0x1fb8e70, 0x08dab61 },
-    { 0x14d1d45, 0x0e481ea, 0x0e890a9, 0x1dfe9f3, 0x0cd4297, 0x0a3c5a5,
-      0x0d480d3, 0x0345b11, 0x108c462, 0x0d95d15, 0x195008d, 0x1376690,
-      0x06d3d23, 0x088f997, 0x19dabb6, 0x1fb843b, 0x1cf3f06, 0x143bfc5,
-      0x1b14540, 0x0e29833, 0x100d802, 0x15d2c83, 0x0841113, 0x1b992af,
-      0x0229f31, 0x1f6c34a, 0x0ee05a7, 0x1d9cef5, 0x0f080e5, 0x050a965,
-      0x1c556fa, 0x197af9d, 0x0b21b14, 0x0bf709f, 0x0b459ee, 0x193bdef,
-      0x118f690, 0x1e543c8, 0x0a79f80, 0x05bf336, 0x06f77e6 },
-    { 0x00bbf59, 0x0def6f2, 0x0b5a89c, 0x06c8035, 0x177ba45, 0x0a0e688,
-      0x180d5cd, 0x05e2eab, 0x04b71b0, 0x032da33, 0x0cd67cd, 0x0227502,
-      0x0722eb7, 0x179c756, 0x04aa3f5, 0x1e76b2f, 0x12fff3b, 0x188d500,
-      0x0170fef, 0x15f57ff, 0x0c4299a, 0x1783606, 0x047828b, 0x076f675,
-      0x15d5777, 0x00518a6, 0x1b59a61, 0x1cbc5ce, 0x1a8be6a, 0x1039972,
-      0x002184d, 0x1839eab, 0x06d7578, 0x1688177, 0x003da2f, 0x164689c,
-      0x0184f0e, 0x0ebc434, 0x13e01e6, 0x12387a5, 0x063819c },
-    { 0x084b073, 0x1c970bc, 0x1fab294, 0x19d624c, 0x1ec3a1f, 0x181c53c,
-      0x1d7c241, 0x0e07a0f, 0x0e4c47b, 0x195603e, 0x05ae472, 0x09dc37f,
-      0x1ff9666, 0x157527d, 0x1d5d624, 0x0ca01d7, 0x191fade, 0x02d55f9,
-      0x1c74481, 0x066ede2, 0x181ac5b, 0x08d069e, 0x07fd831, 0x0d50896,
-      0x0cfe797, 0x12d0859, 0x0af6984, 0x0263993, 0x1d453ee, 0x0b69a75,
-      0x10783f0, 0x0a096d7, 0x0d0319a, 0x1c655e0, 0x0f9c28b, 0x0fc8741,
-      0x15e49b4, 0x057f762, 0x15fbb20, 0x02504cb, 0x067d48d },
-    { 0x02d56d6, 0x0acd3f5, 0x098c1a3, 0x1c4e901, 0x171abd0, 0x19b366e,
-      0x076c2b9, 0x178d7a2, 0x007204e, 0x1db1ce5, 0x198a4fe, 0x05cfeef,
-      0x1d89a24, 0x1add461, 0x19f28ad, 0x1f351bd, 0x03d64a2, 0x02396ee,
-      0x1586804, 0x053be8e, 0x09d4842, 0x02e2db2, 0x057d8b2, 0x1924f9b,
-      0x16b1b4d, 0x0cb7eea, 0x017b981, 0x1d17624, 0x129401f, 0x152855f,
-      0x010fbf2, 0x021a383, 0x0900d0f, 0x00efaea, 0x0ea4a2c, 0x0a59e22,
-      0x1f0e43f, 0x0bf5e18, 0x1371e8f, 0x071d070, 0x027950e },
-    { 0x1d0fa79, 0x10ff870, 0x17a7aac, 0x060916b, 0x0b9fd03, 0x11ba65a,
-      0x11a24bf, 0x0d69926, 0x04eb21f, 0x1a413fd, 0x179f9ee, 0x1ef3524,
-      0x1146716, 0x1eea629, 0x10afcd9, 0x0dbbe28, 0x14cd2e9, 0x09039ca,
-      0x140aaa2, 0x02835d0, 0x0cc94e0, 0x0d4777b, 0x03b8038, 0x1019b5f,
-      0x0849158, 0x0232ae7, 0x11a58a0, 0x1e7574b, 0x15dfbff, 0x027c2e8,
-      0x094cd73, 0x13ed09e, 0x1f0440c, 0x12dec53, 0x14feec7, 0x175d008,
-      0x1f2225a, 0x04cc09f, 0x175c687, 0x108f364, 0x054ff78 },
-    { 0x040b068, 0x177186f, 0x14789f1, 0x17cde74, 0x1226465, 0x1d90fb4,
-      0x11813e8, 0x02bc494, 0x1c04181, 0x052d2d6, 0x0434ad4, 0x08831bf,
-      0x0fe3285, 0x0e58600, 0x1d3963f, 0x011c776, 0x13b4a2c, 0x0e3478d,
-      0x13367b2, 0x1be1021, 0x0a9f339, 0x0e5bc37, 0x0454d8b, 0x0ab5d5b,
-      0x05e31c9, 0x035944a, 0x162da9b, 0x0d45803, 0x18a427d, 0x016e1b3,
-      0x0b01a7a, 0x0519260, 0x1875500, 0x080f30b, 0x05967e8, 0x0d159b5,
-      0x0e30b28, 0x0722b9f, 0x0c3f939, 0x10a7e30, 0x08adbad },
-    { 0x169d524, 0x1708f84, 0x11e4182, 0x0fe7379, 0x142fdaf, 0x00fe617,
-      0x19d99f3, 0x09e79d8, 0x0e2336d, 0x0b5ce79, 0x103dfd1, 0x0bbd1c3,
-      0x0e6aa1f, 0x04c27d8, 0x0f0ab48, 0x096519b, 0x1a61b46, 0x1a04867,
-      0x090fcfb, 0x10de602, 0x07e740d, 0x0666af4, 0x056c5b3, 0x04d9a83,
-      0x1168c30, 0x198201f, 0x0e05b01, 0x17c70d9, 0x007a1dd, 0x0379ac2,
-      0x0bc53ae, 0x02e2fc3, 0x188b4f8, 0x1e4b67a, 0x06999b2, 0x036eb88,
-      0x027e71c, 0x0160d50, 0x1797fcd, 0x06d8128, 0x0739300 },
-    { 0x0cdaf42, 0x1babe91, 0x0aae553, 0x1be8303, 0x188b591, 0x08a792b,
-      0x1a067d5, 0x1791730, 0x0f18fd5, 0x0b21704, 0x13ae45a, 0x0ba2045,
-      0x0592b30, 0x1527b4c, 0x05640f9, 0x1395c2e, 0x09d6117, 0x125ebeb,
-      0x0a7006a, 0x1bfabba, 0x08ccdac, 0x0d6c888, 0x1c17775, 0x1591e2a,
-      0x0c7b164, 0x197a1a5, 0x06d4918, 0x034a29c, 0x1fc4476, 0x130db98,
-      0x0c516e7, 0x1c12c36, 0x1561348, 0x17911e7, 0x059dcfa, 0x0738515,
-      0x0a7c99d, 0x0880c15, 0x197896f, 0x095c852, 0x08bc6ec },
-    { 0x1f2a32b, 0x172e073, 0x08c3425, 0x1812711, 0x1f54800, 0x0f1b067,
-      0x10df100, 0x14c0dfc, 0x0bb6054, 0x12afe4e, 0x1ea9b99, 0x10c108a,
-      0x17510e1, 0x1594d95, 0x0b3f288, 0x1b4c341, 0x1e351b7, 0x1399241,
-      0x0f9b232, 0x08e3dcd, 0x09a1e31, 0x0e45b2e, 0x195950c, 0x1acb977,
-      0x0c3b948, 0x1547e4d, 0x06ba6ca, 0x0611f84, 0x00aa6ad, 0x0f86d53,
-      0x1535a9f, 0x1305f81, 0x044d96a, 0x1d26b94, 0x10b1611, 0x0b56025,
-      0x1ceb895, 0x1e47b8e, 0x1f854ac, 0x0fb7d38, 0x08e8543 },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 42];
-    sp_digit tx[2 * 42];
-    sp_digit ty[2 * 42];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 42 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 42 * 2;
-        ty = td + 37 * 42 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 42);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 42);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_42(tx, ty, t);
-            sp_1024_proj_mul_qx1_42(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_42(tx, tx, t);
-        sp_1024_mont_mul_42(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 42, 0, sizeof(sp_digit) * 42);
-        sp_1024_mont_reduce_42(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_42(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 42;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_42(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_42(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_42(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_42(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_42(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_42(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_42(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_42(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 42;
-
-    sp_1024_mont_inv_42(t1, p->z, t2);
-    sp_1024_mont_sqr_42(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_42(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 42);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 42;
-    sp_digit* pz2 = t +  2 * 42;
-    sp_digit* rx  = t +  4 * 42;
-    sp_digit* ry  = t +  6 * 42;
-    sp_digit* l   = t +  8 * 42;
-    sp_digit* ty  = t + 10 * 42;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_42(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_42(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_42(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_42(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_42(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_42(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_42(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_42(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_42(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_42(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_42(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_42(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_42(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_42(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_42(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_42(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_42(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_42(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_42(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_42(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_42(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_42(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_42(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_42(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_42(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_42(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 42;
-    sp_digit* rx  = t +  4 * 42;
-    sp_digit* ry  = t +  6 * 42;
-    sp_digit* h   = t +  8 * 42;
-    sp_digit* r   = t + 10 * 42;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_42(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_42(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_42(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_42(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_42(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_42(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_42(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_42(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_42(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_42(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_42(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_42(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_42(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_42(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_42(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_42(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_42(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_42(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_42(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_42(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_42(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_42(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_42(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_42(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 42];
-    sp_digit vx[2 * 42];
-    sp_digit vy[2 * 42];
-    sp_digit qx_px[2 * 42];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_42(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 42 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 42 * 2;
-        vy    = td + 37 * 42 * 2;
-        qx_px = td + 38 * 42 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_42(p, pm);
-        sp_1024_point_from_ecc_point_42(q, qm);
-
-        err = sp_1024_mod_mul_norm_42(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 42);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 42);
-
-        sp_1024_mont_add_42(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_42(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 25] >> (i % 25)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_42(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_42(vx, vy, t);
-        sp_1024_proj_sqr_42(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_42(vx, vx, t);
-        sp_1024_mont_mul_42(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 42, 0, sizeof(sp_digit) * 42);
-        sp_1024_mont_reduce_42(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_42(c, 1, NULL);
-    sp_1024_point_free_42(q, 1, NULL);
-    sp_1024_point_free_42(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_42(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 42;
-    sp_digit* rx = t +  4 * 42;
-    sp_digit* ry = t +  6 * 42;
-    sp_digit* h  = t +  8 * 42;
-    sp_digit* r  = t + 10 * 42;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_42(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_42(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_42(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_42(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_42(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_42(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_42(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_42(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_42(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_42(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_42(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_42(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_42(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_42(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_42(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_42(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_42(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_42(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_42(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_42(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_42(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_42(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_42(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_42(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_42(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_42(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_42(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_42(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_42(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_42(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_42(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_42(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_42(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_42(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 42;
-    sp_digit* pz2 = t +  2 * 42;
-    sp_digit* rx  = t +  4 * 42;
-    sp_digit* ry  = t +  6 * 42;
-    sp_digit* l   = t +  8 * 42;
-    sp_digit* ty  = t + 10 * 42;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_42(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_42(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_42(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_42(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_42(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_42(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_42(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_42(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_42(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_42(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_42(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_42(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_42(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_42(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_42(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_42(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_42(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_42(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_42(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_42(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_42(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_42(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_42(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_42(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_42(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_42(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[84];
-    sp_digit (*pre_vy)[84];
-    sp_digit (*pre_nvy)[84];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 42];
-    sp_digit vx[2 * 42];
-    sp_digit vy[2 * 42];
-    sp_digit pre_vx[16][84];
-    sp_digit pre_vy[16][84];
-    sp_digit pre_nvy[16][84];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_42(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 42 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 42 * 2;
-        vy      = td + 37 * 42 * 2;
-        pre_vx  = (sp_digit(*)[84])(td + 38 * 42 * 2);
-        pre_vy  = (sp_digit(*)[84])(td + 54 * 42 * 2);
-        pre_nvy = (sp_digit(*)[84])(td + 70 * 42 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 42 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_42(p, pm);
-        sp_1024_point_from_ecc_point_42(q, qm);
-
-        err = sp_1024_mod_mul_norm_42(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 42);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 42);
-        sp_1024_mont_sub_42(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 42);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 42);
-        sp_1024_accumulate_line_dbl_42(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 42);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 42);
-            sp_1024_proj_mul_42(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_42(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_42(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 42);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 42);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_42(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_42(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_42(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_42(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_42(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_42(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_42(vx, vy, t);
-        sp_1024_proj_sqr_42(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_42(vx, vx, t);
-        sp_1024_mont_mul_42(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 42, 0, sizeof(sp_digit) * 42);
-        sp_1024_mont_reduce_42(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_42(c, 1, NULL);
-    sp_1024_point_free_42(q, 1, NULL);
-    sp_1024_point_free_42(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_42(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 42;
-    sp_digit* t2 = t + 34 * 2 * 42;
-    sp_digit* l  = t + 35 * 2 * 42;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_42(l, py, p1024_mod);
-    sp_1024_mont_inv_42(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_42(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_42(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_42(t2, t1, p1024_mod);
-    sp_1024_mont_add_42(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_42(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_42(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_42(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 42);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 42);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_42(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 42;
-    sp_digit* c  = t + 34 * 2 * 42;
-    sp_digit* l  = t + 35 * 2 * 42;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_42(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_42(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_42(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_42(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_42(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_42(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_42(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_42(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 42);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 42);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_42(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 42;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_42(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_42(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_42(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_42(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 42];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 42 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 42 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_42(p, pm);
-
-        err = sp_1024_mod_mul_norm_42(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_42(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_42(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_42(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_42(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_42(c, c, t);
-            sp_1024_mont_map_42(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_42(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_42(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_42(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_42(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_42(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_42(c, c, neg, t);
-                sp_1024_mont_map_42(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_42(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_42(c, c, t);
-                sp_1024_mont_map_42(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_42(neg, 1, NULL);
-    sp_1024_point_free_42(c, 1, NULL);
-    sp_1024_point_free_42(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[84];
-    sp_digit (*pre_vy)[84];
-    sp_digit (*pre_nvy)[84];
-#else
-    sp_digit t[36 * 2 * 42];
-    sp_digit vx[2 * 42];
-    sp_digit vy[2 * 42];
-    sp_digit pre_vx[16][84];
-    sp_digit pre_vy[16][84];
-    sp_digit pre_nvy[16][84];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_42(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 42 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 42 * 2;
-        vy      = td + 37 * 42 * 2;
-        pre_vx  = (sp_digit(*)[84])(td + 38 * 42 * 2);
-        pre_vy  = (sp_digit(*)[84])(td + 54 * 42 * 2);
-        pre_nvy = (sp_digit(*)[84])(td + 70 * 42 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_42(p, pm);
-        sp_1024_point_from_ecc_point_42(q, qm);
-
-        err = sp_1024_mod_mul_norm_42(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_42(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 42);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 42);
-        sp_1024_mont_sub_42(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 42);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 42);
-        sp_1024_accumulate_line_dbl_42(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 42);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 42);
-            sp_1024_proj_mul_42(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_42(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_42(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 42);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 42);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 42);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_42(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_42(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_42(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_42(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_42(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_42(vx, vy, t);
-        sp_1024_proj_sqr_42(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_42(vx, vx, t);
-        sp_1024_mont_mul_42(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 42, 0, sizeof(sp_digit) * 42);
-        sp_1024_mont_reduce_42(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_42(c, 1, NULL);
-    sp_1024_point_free_42(q, 1, NULL);
-    sp_1024_point_free_42(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 17U) {
-            r[j] &= 0x1ffffff;
-            s = 25U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_42(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 42 * 4);
-    sp_digit* t2 = NULL;
-    sp_int32 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 42 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 42;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_42(t1, point->y);
-        (void)sp_1024_mod_42(t1, t1, p1024_mod);
-        sp_1024_sqr_42(t2, point->x);
-        (void)sp_1024_mod_42(t2, t2, p1024_mod);
-        sp_1024_mul_42(t2, t2, point->x);
-        (void)sp_1024_mod_42(t2, t2, p1024_mod);
-        sp_1024_mont_sub_42(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_42(t1, p1024_mod);
-        sp_1024_cond_sub_42(t1, t1, p1024_mod, (sp_digit)~(n >> 24));
-        sp_1024_norm_42(t1);
-        if (!sp_1024_iszero_42(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 42, pX);
-        sp_1024_from_mp(pub->y, 42, pY);
-        sp_1024_from_bin(pub->z, 42, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_42(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 42);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 42, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 42, pX);
-        sp_1024_from_mp(pub->y, 42, pY);
-        sp_1024_from_bin(pub->z, 42, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 42, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_42(pub->x) != 0) &&
-            (sp_1024_iszero_42(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_42(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_42(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_42(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_1024_ecc_mulmod_42(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_42(p->x) == 0) ||
-                             (sp_1024_iszero_42(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_1024_ecc_mulmod_base_42(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_42(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_42(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* SP_WORD_SIZE == 32 */
-#endif /* !WOLFSSL_SP_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_c64.c b/src/ssl/wolfssl/wolfcrypt/sp_c64.c
deleted file mode 100644
index 21473732a..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_c64.c
+++ /dev/null
@@ -1,49929 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef SP_RSA_PRIVATE_EXP_D
-#define SP_RSA_PRIVATE_EXP_D
-#endif
-
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifndef WOLFSSL_SP_ASM
-#if SP_WORD_SIZE == 64
-#define SP_PRINT_NUM(var, name, total, words, bits)   \
-    do {                                              \
-        int ii;                                       \
-        byte nb[((bits) + 7) / 8];                    \
-        sp_digit _s[words];                           \
-        XMEMCPY(_s, var, sizeof(_s));                 \
-        sp_##total##_norm_##words(_s);                \
-        sp_##total##_to_bin_##words(_s, nb);          \
-        fprintf(stderr, name "=0x");                  \
-        for (ii=0; ii<((bits) + 7) / 8; ii++)         \
-            fprintf(stderr, "%02x", nb[ii]);          \
-        fprintf(stderr, "\n");                        \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                       \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                       \
-    fprintf(stderr, name "=%d\n", var)
-
-#if ((defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && \
-     ((!defined(WC_NO_CACHE_RESISTANT) && \
-       (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
-      (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
-    !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || (defined(WOLFSSL_SP_SMALL) && \
-    defined(WOLFSSL_HAVE_SP_ECC) && (!defined(WOLFSSL_SP_NO_256) || \
-    defined(WOLFSSL_SP_384) || defined(WOLFSSL_SP_521) || \
-    defined(WOLFSSL_SP_1024)))
-/* Mask for address to obfuscate which of the two address will be used. */
-static const size_t addr_mask[2] = { 0, (size_t)-1 };
-#endif
-
-#if defined(WOLFSSL_SP_NONBLOCK) && (!defined(WOLFSSL_SP_NO_MALLOC) || \
-                                     !defined(WOLFSSL_SP_SMALL))
-    #error SP non-blocking requires small and no-malloc (WOLFSSL_SP_SMALL and WOLFSSL_SP_NO_MALLOC)
-#endif
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-#ifdef WOLFSSL_SP_SMALL
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 53U) {
-            r[j] &= 0x1fffffffffffffffL;
-            s = 61U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 61
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 60);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 60);
-    }
-#elif DIGIT_BIT > 61
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1fffffffffffffffL;
-        s = 61U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 61U) <= (word32)DIGIT_BIT) {
-            s += 61U;
-            r[j] &= 0x1fffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 61) {
-            r[j] &= 0x1fffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 61 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_34(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<33; i++) {
-        r[i+1] += r[i] >> 61;
-        r[i] &= 0x1fffffffffffffffL;
-    }
-    j = 2055 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<34 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 61) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 61);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 61 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_17(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 16; i++) {
-        a[i+1] += a[i] >> 61;
-        a[i] &= 0x1fffffffffffffffL;
-    }
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 61 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_34(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 33; i++) {
-        a[i+1] += a[i] >> 61;
-        a[i] &= 0x1fffffffffffffffL;
-    }
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_34(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[33]) * b[33];
-    r[67] = (sp_digit)(c >> 61);
-    c &= 0x1fffffffffffffffL;
-    for (k = 65; k >= 0; k--) {
-        if (k >= 34) {
-            i = k - 33;
-            imax = 33;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint128)a[i]) * b[k - i];
-                }
-                c += lo >> 61;
-                lo &= 0x1fffffffffffffffL;
-            }
-            r[k + 2] += (sp_digit)(c >> 61);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffffffffffffL);
-            c = lo & 0x1fffffffffffffffL;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint128)a[i]) * b[k - i];
-            }
-            c += lo >> 61;
-            r[k + 2] += (sp_digit)(c >> 61);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffffffffffffL);
-            c = lo & 0x1fffffffffffffffL;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_34(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[33]) * a[33];
-    r[67] = (sp_digit)(c >> 61);
-    c = (c & 0x1fffffffffffffffL) << 61;
-    for (k = 65; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 33) {
-            imax = k;
-        }
-        else {
-            imax = 33;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint128 hi;
-
-            hi = c >> 61;
-            c &= 0x1fffffffffffffffL;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint128)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 61;
-                c &= 0x1fffffffffffffffL;
-            }
-            r[k + 2] += (sp_digit)(hi >> 61);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffffffffffffL);
-            c <<= 61;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint128)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 122);
-            r[k + 1]  = (sp_digit)((c >> 61) & 0x1fffffffffffffffL);
-            c = (c & 0x1fffffffffffffffL) << 61;
-        }
-    }
-    r[0] = (sp_digit)(c >> 61);
-}
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-    x &= 0x1fffffffffffffffL;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 61) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_34(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 34; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffffffffffffL);
-        t >>= 61;
-    }
-    r[34] = (sp_digit)t;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 17; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_17(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = 0x1fffffffffffffffL;
-    }
-    r[16] = 0xffffffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_2048_sub_17(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_2048_cmp_17(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=16; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 60);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 17; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 16; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffffffffffffL);
-        t[1] += t[0] >> 61;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffffffffffffL);
-        t[2] += t[1] >> 61;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffffffffffffL);
-        t[3] += t[2] >> 61;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffffffffffffL);
-        t[0]  = t[3] >> 61;
-    }
-    t[0] += (tb * a[16]) + r[16];
-    r[16] = (sp_digit)(t[0] & 0x1fffffffffffffffL);
-    r[17] +=  (sp_digit)(t[0] >> 61);
-}
-
-/* Shift the result in the high 1024 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_2048_mont_shift_17(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[16] >> 48;
-    n += ((sp_int128)a[17]) << 13;
-
-    for (i = 0; i < 16; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffffffffffffL);
-        n >>= 61;
-        n += ((sp_int128)a[18 + i]) << 13;
-    }
-    r[16] = (sp_digit)n;
-    XMEMSET(&r[17], 0, sizeof(*r) * 17U);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_2048_mont_reduce_17(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_2048_norm_17(a + 17);
-
-    for (i=0; i<16; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffffL);
-        sp_2048_mul_add_17(a+i, m, mu);
-        a[i+1] += a[i] >> 61;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xffffffffffffL);
-    sp_2048_mul_add_17(a+i, m, mu);
-    a[i+1] += a[i] >> 61;
-    a[i] &= 0x1fffffffffffffffL;
-    sp_2048_mont_shift_17(a, a);
-    over = a[16] - m[16];
-    sp_2048_cond_sub_17(a, a, m, ~((over - 1) >> 63));
-    sp_2048_norm_17(a);
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_17(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[16]) * b[16];
-    r[33] = (sp_digit)(c >> 61);
-    c &= 0x1fffffffffffffffL;
-    for (k = 31; k >= 0; k--) {
-        if (k >= 17) {
-            i = k - 16;
-            imax = 16;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        if (imax - i > 15) {
-            int imaxlo;
-            lo = 0;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 15) {
-                for (; i <= imax && i < imaxlo + 15; i++) {
-                    lo += ((sp_uint128)a[i]) * b[k - i];
-                }
-                c += lo >> 61;
-                lo &= 0x1fffffffffffffffL;
-            }
-            r[k + 2] += (sp_digit)(c >> 61);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffffffffffffL);
-            c = lo & 0x1fffffffffffffffL;
-        }
-        else {
-            lo = 0;
-            for (; i <= imax; i++) {
-                lo += ((sp_uint128)a[i]) * b[k - i];
-            }
-            c += lo >> 61;
-            r[k + 2] += (sp_digit)(c >> 61);
-            r[k + 1]  = (sp_digit)(c & 0x1fffffffffffffffL);
-            c = lo & 0x1fffffffffffffffL;
-        }
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_17(r, a, b);
-    sp_2048_mont_reduce_17(r, m, mp);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_17(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[16]) * a[16];
-    r[33] = (sp_digit)(c >> 61);
-    c = (c & 0x1fffffffffffffffL) << 61;
-    for (k = 31; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 16) {
-            imax = k;
-        }
-        else {
-            imax = 16;
-        }
-        if (imax - i >= 14) {
-            int imaxlo;
-            sp_uint128 hi;
-
-            hi = c >> 61;
-            c &= 0x1fffffffffffffffL;
-            for (imaxlo = i; imaxlo <= imax; imaxlo += 14) {
-                t = 0;
-                for (; i <= imax && i < imaxlo + 14; i++) {
-                    t += ((sp_uint128)a[i]) * a[k - i];
-                }
-                c += t * 2;
-
-                hi += c >> 61;
-                c &= 0x1fffffffffffffffL;
-            }
-            r[k + 2] += (sp_digit)(hi >> 61);
-            r[k + 1]  = (sp_digit)(hi & 0x1fffffffffffffffL);
-            c <<= 61;
-        }
-        else
-        {
-            t = 0;
-            for (; i <= imax; i++) {
-                t += ((sp_uint128)a[i]) * a[k - i];
-            }
-            c += t * 2;
-
-            r[k + 2] += (sp_digit) (c >> 122);
-            r[k + 1]  = (sp_digit)((c >> 61) & 0x1fffffffffffffffL);
-            c = (c & 0x1fffffffffffffffL) << 61;
-        }
-    }
-    r[0] = (sp_digit)(c >> 61);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_17(r, a);
-    sp_2048_mont_reduce_17(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_17(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 17; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffffffffffffL);
-        t >>= 61;
-    }
-    r[17] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 17; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 17; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_2048_rshift_17(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (61 - n))) & 0x1fffffffffffffffL);
-    }
-    r[16] = a[16] >> n;
-}
-
-static WC_INLINE sp_digit sp_2048_div_word_17(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 61);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 59; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 60) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 61);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 122) - (sp_digit)(d >> 122);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 30) + 1;
-
-    t = (sp_digit)(d >> 60);
-    t = (t / dv) << 30;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 29);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_2048_word_div_word_17(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_div_17(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 17 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 17 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 34 + 1;
-        sd = t2 + 17 + 1;
-
-        sp_2048_mul_d_17(sd, d, (sp_digit)1 << 13);
-        sp_2048_mul_d_34(t1, a, (sp_digit)1 << 13);
-        dv = sd[16];
-        t1[17 + 17] += t1[17 + 17 - 1] >> 61;
-        t1[17 + 17 - 1] &= 0x1fffffffffffffffL;
-        for (i=17; i>=0; i--) {
-            r1 = sp_2048_div_word_17(t1[17 + i], t1[17 + i - 1], dv);
-
-            sp_2048_mul_d_17(t2, sd, r1);
-            (void)sp_2048_sub_17(&t1[i], &t1[i], t2);
-            sp_2048_norm_17(&t1[i]);
-            t1[17 + i] -= t2[17];
-            t1[17 + i] += t1[17 + i - 1] >> 61;
-            t1[17 + i - 1] &= 0x1fffffffffffffffL;
-            r1 = sp_2048_div_word_17(-t1[17 + i], -t1[17 + i - 1], dv);
-            r1 -= t1[17 + i];
-            sp_2048_mul_d_17(t2, sd, r1);
-            (void)sp_2048_add_17(&t1[i], &t1[i], t2);
-            t1[17 + i] += t1[17 + i - 1] >> 61;
-            t1[17 + i - 1] &= 0x1fffffffffffffffL;
-        }
-        t1[17 - 1] += t1[17 - 2] >> 61;
-        t1[17 - 2] &= 0x1fffffffffffffffL;
-        r1 = sp_2048_word_div_word_17(t1[17 - 1], dv);
-
-        sp_2048_mul_d_17(t2, sd, r1);
-        sp_2048_sub_17(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 34U);
-        for (i=0; i<16; i++) {
-            r[i+1] += r[i] >> 61;
-            r[i] &= 0x1fffffffffffffffL;
-        }
-        sp_2048_cond_add_17(r, r, sd, r[16] >> 63);
-
-        sp_2048_norm_17(r);
-        sp_2048_rshift_17(r, r, 13);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_17(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_17(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 34);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 17 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 17U * 2U);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_17(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_17(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 17U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_17(t[1], t[1], norm);
-        err = sp_2048_mod_17(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 61;
-        c = bits % 61;
-        n = e[i--] << (61 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 61;
-            }
-
-            y = (int)((n >> 60) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_17(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 17 * 2);
-            sp_2048_mont_sqr_17(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 17 * 2);
-        }
-
-        sp_2048_mont_reduce_17(t[0], m, mp);
-        n = sp_2048_cmp_17(t[0], m);
-        sp_2048_cond_sub_17(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 17 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 34);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 17 * 2);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_17(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_17(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_17(t[1], t[1], norm);
-                err = sp_2048_mod_17(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_17(t[1], a, norm);
-            err = sp_2048_mod_17(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 61;
-        c = bits % 61;
-        n = e[i--] << (61 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 61;
-            }
-
-            y = (int)((n >> 60) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_17(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 17 * 2);
-            sp_2048_mont_sqr_17(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 17 * 2);
-        }
-
-        sp_2048_mont_reduce_17(t[0], m, mp);
-        n = sp_2048_cmp_17(t[0], m);
-        sp_2048_cond_sub_17(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 17 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 34) + 34);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 34) + 34, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 34;
-        rt = td + 1088;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_17(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_17(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_17(t[1], t[1], norm);
-                err = sp_2048_mod_17(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_17(t[1], a, norm);
-            err = sp_2048_mod_17(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_17(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_17(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_17(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_17(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_17(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_17(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_17(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_17(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_17(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_17(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_17(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_17(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_17(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_17(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_17(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_17(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_17(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_17(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_17(t[20], t[10], m, mp);
-        sp_2048_mont_mul_17(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_17(t[22], t[11], m, mp);
-        sp_2048_mont_mul_17(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_17(t[24], t[12], m, mp);
-        sp_2048_mont_mul_17(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_17(t[26], t[13], m, mp);
-        sp_2048_mont_mul_17(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_17(t[28], t[14], m, mp);
-        sp_2048_mont_mul_17(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_17(t[30], t[15], m, mp);
-        sp_2048_mont_mul_17(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 60) / 61) - 1;
-        c = bits % 61;
-        if (c == 0) {
-            c = 61;
-        }
-        if (i < 17) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (3 - c);
-            c += 61;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 34);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 56;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 3;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 61 - c;
-            }
-
-            sp_2048_mont_sqr_17(rt, rt, m, mp);
-            sp_2048_mont_sqr_17(rt, rt, m, mp);
-            sp_2048_mont_sqr_17(rt, rt, m, mp);
-            sp_2048_mont_sqr_17(rt, rt, m, mp);
-            sp_2048_mont_sqr_17(rt, rt, m, mp);
-
-            sp_2048_mont_mul_17(rt, rt, t[y], m, mp);
-        }
-
-        sp_2048_mont_reduce_17(rt, m, mp);
-        n = sp_2048_cmp_17(rt, m);
-        sp_2048_cond_sub_17(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 34);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_34(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 34; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_34(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<33; i++) {
-        r[i] = 0x1fffffffffffffffL;
-    }
-    r[33] = 0x7ffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_2048_sub_34(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_2048_cmp_34(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=33; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 60);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_sub_34(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 34; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_add_34(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 32; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1fffffffffffffffL);
-        t[1] += t[0] >> 61;
-        r[i+1] = (sp_digit)(t[1] & 0x1fffffffffffffffL);
-        t[2] += t[1] >> 61;
-        r[i+2] = (sp_digit)(t[2] & 0x1fffffffffffffffL);
-        t[3] += t[2] >> 61;
-        r[i+3] = (sp_digit)(t[3] & 0x1fffffffffffffffL);
-        t[0]  = t[3] >> 61;
-    }
-    t[0] += (tb * a[32]) + r[32];
-    t[1]  = (tb * a[33]) + r[33];
-    r[32] = (sp_digit)(t[0] & 0x1fffffffffffffffL);
-    t[1] += t[0] >> 61;
-    r[33] = (sp_digit)(t[1] & 0x1fffffffffffffffL);
-    r[34] +=  (sp_digit)(t[1] >> 61);
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_2048_mont_shift_34(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[33] >> 35;
-    n += ((sp_int128)a[34]) << 26;
-
-    for (i = 0; i < 33; i++) {
-        r[i] = (sp_digit)(n & 0x1fffffffffffffffL);
-        n >>= 61;
-        n += ((sp_int128)a[35 + i]) << 26;
-    }
-    r[33] = (sp_digit)n;
-    XMEMSET(&r[34], 0, sizeof(*r) * 34U);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_2048_mont_reduce_34(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_2048_norm_34(a + 34);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<33; i++) {
-            mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffffL);
-            sp_2048_mul_add_34(a+i, m, mu);
-            a[i+1] += a[i] >> 61;
-        }
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffL);
-        sp_2048_mul_add_34(a+i, m, mu);
-        a[i+1] += a[i] >> 61;
-        a[i] &= 0x1fffffffffffffffL;
-    }
-    else {
-        for (i=0; i<33; i++) {
-            mu = (sp_digit)(a[i] & 0x1fffffffffffffffL);
-            sp_2048_mul_add_34(a+i, m, mu);
-            a[i+1] += a[i] >> 61;
-        }
-        mu = (sp_digit)(a[i] & 0x7ffffffffL);
-        sp_2048_mul_add_34(a+i, m, mu);
-        a[i+1] += a[i] >> 61;
-        a[i] &= 0x1fffffffffffffffL;
-    }
-#else
-    for (i=0; i<33; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffffL);
-        sp_2048_mul_add_34(a+i, m, mu);
-        a[i+1] += a[i] >> 61;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffL);
-    sp_2048_mul_add_34(a+i, m, mu);
-    a[i+1] += a[i] >> 61;
-    a[i] &= 0x1fffffffffffffffL;
-#endif
-    sp_2048_mont_shift_34(a, a);
-    over = a[33] - m[33];
-    sp_2048_cond_sub_34(a, a, m, ~((over - 1) >> 63));
-    sp_2048_norm_34(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_34(r, a, b);
-    sp_2048_mont_reduce_34(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_34(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_34(r, a);
-    sp_2048_mont_reduce_34(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_68(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 68; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1fffffffffffffffL);
-        t >>= 61;
-    }
-    r[68] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_34(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 34; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_34(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 34; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_2048_rshift_34(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<33; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (61 - n))) & 0x1fffffffffffffffL);
-    }
-    r[33] = a[33] >> n;
-}
-
-static WC_INLINE sp_digit sp_2048_div_word_34(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 61);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 59; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 60) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 61);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 122) - (sp_digit)(d >> 122);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 61) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 30) + 1;
-
-    t = (sp_digit)(d >> 60);
-    t = (t / dv) << 30;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 29);
-    t = t / (dv << 1);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_2048_word_div_word_34(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_div_34(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 34 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 34 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 68 + 1;
-        sd = t2 + 34 + 1;
-
-        sp_2048_mul_d_34(sd, d, (sp_digit)1 << 26);
-        sp_2048_mul_d_68(t1, a, (sp_digit)1 << 26);
-        dv = sd[33];
-        t1[34 + 34] += t1[34 + 34 - 1] >> 61;
-        t1[34 + 34 - 1] &= 0x1fffffffffffffffL;
-        for (i=34; i>=0; i--) {
-            r1 = sp_2048_div_word_34(t1[34 + i], t1[34 + i - 1], dv);
-
-            sp_2048_mul_d_34(t2, sd, r1);
-            (void)sp_2048_sub_34(&t1[i], &t1[i], t2);
-            sp_2048_norm_34(&t1[i]);
-            t1[34 + i] -= t2[34];
-            t1[34 + i] += t1[34 + i - 1] >> 61;
-            t1[34 + i - 1] &= 0x1fffffffffffffffL;
-            r1 = sp_2048_div_word_34(-t1[34 + i], -t1[34 + i - 1], dv);
-            r1 -= t1[34 + i];
-            sp_2048_mul_d_34(t2, sd, r1);
-            (void)sp_2048_add_34(&t1[i], &t1[i], t2);
-            t1[34 + i] += t1[34 + i - 1] >> 61;
-            t1[34 + i - 1] &= 0x1fffffffffffffffL;
-        }
-        t1[34 - 1] += t1[34 - 2] >> 61;
-        t1[34 - 2] &= 0x1fffffffffffffffL;
-        r1 = sp_2048_word_div_word_34(t1[34 - 1], dv);
-
-        sp_2048_mul_d_34(t2, sd, r1);
-        sp_2048_sub_34(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 68U);
-        for (i=0; i<33; i++) {
-            r[i+1] += r[i] >> 61;
-            r[i] &= 0x1fffffffffffffffL;
-        }
-        sp_2048_cond_add_34(r, r, sd, r[33] >> 63);
-
-        sp_2048_norm_34(r);
-        sp_2048_rshift_34(r, r, 26);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_mod_34(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_34(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_34(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 68);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 68, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 34 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 34U * 2U);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_34(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_34(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 34U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_34(t[1], t[1], norm);
-        err = sp_2048_mod_34(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 61;
-        c = bits % 61;
-        n = e[i--] << (61 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 61;
-            }
-
-            y = (int)((n >> 60) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_34(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 34 * 2);
-            sp_2048_mont_sqr_34(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 34 * 2);
-        }
-
-        sp_2048_mont_reduce_34(t[0], m, mp);
-        n = sp_2048_cmp_34(t[0], m);
-        sp_2048_cond_sub_34(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 34 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 68);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 68, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 34 * 2);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_34(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_34(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_34(t[1], t[1], norm);
-                err = sp_2048_mod_34(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_34(t[1], a, norm);
-            err = sp_2048_mod_34(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 61;
-        c = bits % 61;
-        n = e[i--] << (61 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 61;
-            }
-
-            y = (int)((n >> 60) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_34(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 34 * 2);
-            sp_2048_mont_sqr_34(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 34 * 2);
-        }
-
-        sp_2048_mont_reduce_34(t[0], m, mp);
-        n = sp_2048_cmp_34(t[0], m);
-        sp_2048_cond_sub_34(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 34 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 68) + 68);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 68) + 68, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 68;
-        rt = td + 1088;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_34(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_34(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_34(t[1], t[1], norm);
-                err = sp_2048_mod_34(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_34(t[1], a, norm);
-            err = sp_2048_mod_34(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_34(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_34(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_34(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_34(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_34(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_34(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_34(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_34(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_34(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_34(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_34(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_34(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_34(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_34(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 60) / 61) - 1;
-        c = bits % 61;
-        if (c == 0) {
-            c = 61;
-        }
-        if (i < 34) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (3 - c);
-            c += 61;
-        }
-        y = (int)((n >> 60) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 68);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c = 57;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n = e[i--] << 3;
-                c = 4 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 61 - c;
-            }
-
-            sp_2048_mont_sqr_34(rt, rt, m, mp);
-            sp_2048_mont_sqr_34(rt, rt, m, mp);
-            sp_2048_mont_sqr_34(rt, rt, m, mp);
-            sp_2048_mont_sqr_34(rt, rt, m, mp);
-
-            sp_2048_mont_mul_34(rt, rt, t[y], m, mp);
-        }
-
-        sp_2048_mont_reduce_34(rt, m, mp);
-        n = sp_2048_cmp_34(rt, m);
-        sp_2048_cond_sub_34(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 68);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 34 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 34 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 34 * 2;
-        m = r + 34 * 2;
-        norm = r;
-
-        sp_2048_from_bin(a, 34, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 34, mm);
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_34(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_34(a, a, norm);
-        err = sp_2048_mod_34(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 34 * 2);
-        for (i--; i>=0; i--) {
-            sp_2048_mont_sqr_34(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_2048_mont_mul_34(r, r, a, m, mp);
-            }
-        }
-        sp_2048_mont_reduce_34(r, m, mp);
-        mp = sp_2048_cmp_34(r, m);
-        sp_2048_cond_sub_34(r, r, m, ~(mp >> 63));
-
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 34 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 34 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 34 * 2;
-        m = r + 34 * 2;
-
-        sp_2048_from_bin(a, 34, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 34, mm);
-
-        if (e[0] == 0x3) {
-            sp_2048_sqr_34(r, a);
-            err = sp_2048_mod_34(r, r, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_34(r, a, r);
-                err = sp_2048_mod_34(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-            sp_2048_mont_norm_34(norm, m);
-
-            sp_2048_mul_34(a, a, norm);
-            err = sp_2048_mod_34(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 68U);
-                for (i--; i>=0; i--) {
-                    sp_2048_mont_sqr_34(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_34(r, r, a, m, mp);
-                    }
-                }
-                sp_2048_mont_reduce_34(r, m, mp);
-                mp = sp_2048_cmp_34(r, m);
-                sp_2048_cond_sub_34(r, r, m, ~(mp >> 63));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 34 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 34 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 34;
-        m = a + 68;
-        r = a;
-
-        sp_2048_from_bin(a, 34, in, inLen);
-        sp_2048_from_mp(d, 34, dm);
-        sp_2048_from_mp(m, 34, mm);
-        err = sp_2048_mod_exp_34(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 34, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 34 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 34 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 34;
-        m = a + 68;
-        r = a;
-
-        sp_2048_from_bin(a, 34, in, inLen);
-        sp_2048_from_mp(d, 34, dm);
-        sp_2048_from_mp(m, 34, mm);
-        err = sp_2048_mod_exp_34(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 34, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 17 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 17 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 34;
-        qi = dq = dp = p + 17;
-        tmpa = qi + 17;
-        tmpb = tmpa + 34;
-        r = a;
-
-        sp_2048_from_bin(a, 34, in, inLen);
-        sp_2048_from_mp(p, 17, pm);
-        sp_2048_from_mp(dp, 17, dpm);
-        err = sp_2048_mod_exp_17(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 17, qm);
-        sp_2048_from_mp(dq, 17, dqm);
-        err = sp_2048_mod_exp_17(tmpb, a, dq, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 17, pm);
-        (void)sp_2048_sub_17(tmpa, tmpa, tmpb);
-        sp_2048_norm_17(tmpa);
-        sp_2048_cond_add_17(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[16] >> 63));
-        sp_2048_cond_add_17(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[16] >> 63));
-        sp_2048_norm_17(tmpa);
-
-        sp_2048_from_mp(qi, 17, qim);
-        sp_2048_mul_17(tmpa, tmpa, qi);
-        err = sp_2048_mod_17(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 17, qm);
-        sp_2048_mul_17(tmpa, p, tmpa);
-        (void)sp_2048_add_34(r, tmpb, tmpa);
-        sp_2048_norm_34(r);
-
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 17 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 17 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 17 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 34 * 2;
-        q = p + 17;
-        dp = q + 17;
-        dq = dp + 17;
-        qi = dq + 17;
-        tmpa = qi + 17;
-        tmpb = tmpa + 34;
-        r = a;
-
-        sp_2048_from_bin(a, 34, in, inLen);
-        sp_2048_from_mp(p, 17, pm);
-        sp_2048_from_mp(q, 17, qm);
-        sp_2048_from_mp(dp, 17, dpm);
-        sp_2048_from_mp(dq, 17, dqm);
-        sp_2048_from_mp(qi, 17, qim);
-
-        err = sp_2048_mod_exp_17(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_2048_mod_exp_17(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_2048_sub_17(tmpa, tmpa, tmpb);
-        sp_2048_norm_17(tmpa);
-        sp_2048_cond_add_17(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[16] >> 63));
-        sp_2048_cond_add_17(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[16] >> 63));
-        sp_2048_norm_17(tmpa);
-        sp_2048_mul_17(tmpa, tmpa, qi);
-        err = sp_2048_mod_17(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_17(tmpa, tmpa, q);
-        (void)sp_2048_add_34(r, tmpb, tmpa);
-        sp_2048_norm_34(r);
-
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 17 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 61
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 34);
-        r->used = 34;
-        mp_clamp(r);
-#elif DIGIT_BIT < 61
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 34; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 61) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 61 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 34; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 61 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 61 - s;
-            }
-            else {
-                s += 61;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 34 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 34 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 34 * 2;
-        m = e + 34;
-        r = b;
-
-        sp_2048_from_mp(b, 34, base);
-        sp_2048_from_mp(e, 34, exp);
-        sp_2048_from_mp(m, 34, mod);
-
-        err = sp_2048_mod_exp_34(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 34U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 34 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 34 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 34 * 2;
-        m = e + 34;
-        r = b;
-
-        sp_2048_from_mp(b, 34, base);
-        sp_2048_from_mp(e, 34, exp);
-        sp_2048_from_mp(m, 34, mod);
-
-        err = sp_2048_mod_exp_34(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 34U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-SP_NOINLINE static void sp_2048_lshift_34(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    r[34] = a[33] >> (61 - n);
-    for (i=33; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (61 - n))) & 0x1fffffffffffffffL);
-    }
-    r[0] = (sp_digit)((a[0] << n) & 0x1fffffffffffffffL);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_34(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 103);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 103, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 68;
-        XMEMSET(td, 0, sizeof(sp_digit) * 103);
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_34(norm, m);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 60) / 61) - 1;
-        c = bits % 61;
-        if (c == 0) {
-            c = 61;
-        }
-        if (i < 34) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (3 - c);
-            c += 61;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        sp_2048_lshift_34(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 3;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 56;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 3;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 61 - c;
-            }
-
-            sp_2048_mont_sqr_34(r, r, m, mp);
-            sp_2048_mont_sqr_34(r, r, m, mp);
-            sp_2048_mont_sqr_34(r, r, m, mp);
-            sp_2048_mont_sqr_34(r, r, m, mp);
-            sp_2048_mont_sqr_34(r, r, m, mp);
-
-            sp_2048_lshift_34(r, r, (byte)y);
-            sp_2048_mul_d_34(tmp, norm, (r[34] << 26) + (r[33] >> 35));
-            r[34] = 0;
-            r[33] &= 0x7ffffffffL;
-            (void)sp_2048_add_34(r, r, tmp);
-            sp_2048_norm_34(r);
-            o = sp_2048_cmp_34(r, m);
-            sp_2048_cond_sub_34(r, r, m, ~(o >> 63));
-        }
-
-        sp_2048_mont_reduce_34(r, m, mp);
-        n = sp_2048_cmp_34(r, m);
-        sp_2048_cond_sub_34(r, r, m, (sp_digit)~(n >> 63));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 34 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 34 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 34 * 2;
-        m = e + 34;
-        r = b;
-
-        sp_2048_from_mp(b, 34, base);
-        sp_2048_from_bin(e, 34, exp, expLen);
-        sp_2048_from_mp(m, 34, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2U &&
-                (m[33] >> 3) == 0xffffffffL) {
-            err = sp_2048_mod_exp_2_34(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_2048_mod_exp_34(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_2048
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_34(r, out);
-        *outLen = 256;
-        for (i=0; i<256U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 34U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 17 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 17 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 17 * 2;
-        m = e + 17;
-        r = b;
-
-        sp_2048_from_mp(b, 17, base);
-        sp_2048_from_mp(e, 17, exp);
-        sp_2048_from_mp(m, 17, mod);
-
-        err = sp_2048_mod_exp_17(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 17, 0, sizeof(*r) * 17U);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 34U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 17 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 17 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 17 * 2;
-        m = e + 17;
-        r = b;
-
-        sp_2048_from_mp(b, 17, base);
-        sp_2048_from_mp(e, 17, exp);
-        sp_2048_from_mp(m, 17, mod);
-
-        err = sp_2048_mod_exp_17(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 17, 0, sizeof(*r) * 17U);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 34U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#else
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 49U) {
-            r[j] &= 0x1ffffffffffffffL;
-            s = 57U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 57
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 56);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 56);
-    }
-#elif DIGIT_BIT > 57
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1ffffffffffffffL;
-        s = 57U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 57U) <= (word32)DIGIT_BIT) {
-            s += 57U;
-            r[j] &= 0x1ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 57) {
-            r[j] &= 0x1ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 57 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_36(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<35; i++) {
-        r[i+1] += r[i] >> 57;
-        r[i] &= 0x1ffffffffffffffL;
-    }
-    j = 2055 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<36 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 57) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 57);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 57 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_18(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 16; i += 8) {
-        a[i+1] += a[i+0] >> 57; a[i+0] &= 0x1ffffffffffffffL;
-        a[i+2] += a[i+1] >> 57; a[i+1] &= 0x1ffffffffffffffL;
-        a[i+3] += a[i+2] >> 57; a[i+2] &= 0x1ffffffffffffffL;
-        a[i+4] += a[i+3] >> 57; a[i+3] &= 0x1ffffffffffffffL;
-        a[i+5] += a[i+4] >> 57; a[i+4] &= 0x1ffffffffffffffL;
-        a[i+6] += a[i+5] >> 57; a[i+5] &= 0x1ffffffffffffffL;
-        a[i+7] += a[i+6] >> 57; a[i+6] &= 0x1ffffffffffffffL;
-        a[i+8] += a[i+7] >> 57; a[i+7] &= 0x1ffffffffffffffL;
-    }
-    a[17] += a[16] >> 57; a[16] &= 0x1ffffffffffffffL;
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 57 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_2048_norm_36(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 32; i += 8) {
-        a[i+1] += a[i+0] >> 57; a[i+0] &= 0x1ffffffffffffffL;
-        a[i+2] += a[i+1] >> 57; a[i+1] &= 0x1ffffffffffffffL;
-        a[i+3] += a[i+2] >> 57; a[i+2] &= 0x1ffffffffffffffL;
-        a[i+4] += a[i+3] >> 57; a[i+3] &= 0x1ffffffffffffffL;
-        a[i+5] += a[i+4] >> 57; a[i+4] &= 0x1ffffffffffffffL;
-        a[i+6] += a[i+5] >> 57; a[i+5] &= 0x1ffffffffffffffL;
-        a[i+7] += a[i+6] >> 57; a[i+6] &= 0x1ffffffffffffffL;
-        a[i+8] += a[i+7] >> 57; a[i+7] &= 0x1ffffffffffffffL;
-    }
-    a[33] += a[32] >> 57; a[32] &= 0x1ffffffffffffffL;
-    a[34] += a[33] >> 57; a[33] &= 0x1ffffffffffffffL;
-    a[35] += a[34] >> 57; a[34] &= 0x1ffffffffffffffL;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_uint128 t0;
-    sp_uint128 t1;
-    sp_digit t[9];
-
-    t0 = ((sp_uint128)a[ 0]) * b[ 0];
-    t1 = ((sp_uint128)a[ 0]) * b[ 1]
-       + ((sp_uint128)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 2]
-       + ((sp_uint128)a[ 1]) * b[ 1]
-       + ((sp_uint128)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 0]) * b[ 3]
-       + ((sp_uint128)a[ 1]) * b[ 2]
-       + ((sp_uint128)a[ 2]) * b[ 1]
-       + ((sp_uint128)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 4]
-       + ((sp_uint128)a[ 1]) * b[ 3]
-       + ((sp_uint128)a[ 2]) * b[ 2]
-       + ((sp_uint128)a[ 3]) * b[ 1]
-       + ((sp_uint128)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 0]) * b[ 5]
-       + ((sp_uint128)a[ 1]) * b[ 4]
-       + ((sp_uint128)a[ 2]) * b[ 3]
-       + ((sp_uint128)a[ 3]) * b[ 2]
-       + ((sp_uint128)a[ 4]) * b[ 1]
-       + ((sp_uint128)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 6]
-       + ((sp_uint128)a[ 1]) * b[ 5]
-       + ((sp_uint128)a[ 2]) * b[ 4]
-       + ((sp_uint128)a[ 3]) * b[ 3]
-       + ((sp_uint128)a[ 4]) * b[ 2]
-       + ((sp_uint128)a[ 5]) * b[ 1]
-       + ((sp_uint128)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 0]) * b[ 7]
-       + ((sp_uint128)a[ 1]) * b[ 6]
-       + ((sp_uint128)a[ 2]) * b[ 5]
-       + ((sp_uint128)a[ 3]) * b[ 4]
-       + ((sp_uint128)a[ 4]) * b[ 3]
-       + ((sp_uint128)a[ 5]) * b[ 2]
-       + ((sp_uint128)a[ 6]) * b[ 1]
-       + ((sp_uint128)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 8]
-       + ((sp_uint128)a[ 1]) * b[ 7]
-       + ((sp_uint128)a[ 2]) * b[ 6]
-       + ((sp_uint128)a[ 3]) * b[ 5]
-       + ((sp_uint128)a[ 4]) * b[ 4]
-       + ((sp_uint128)a[ 5]) * b[ 3]
-       + ((sp_uint128)a[ 6]) * b[ 2]
-       + ((sp_uint128)a[ 7]) * b[ 1]
-       + ((sp_uint128)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 1]) * b[ 8]
-       + ((sp_uint128)a[ 2]) * b[ 7]
-       + ((sp_uint128)a[ 3]) * b[ 6]
-       + ((sp_uint128)a[ 4]) * b[ 5]
-       + ((sp_uint128)a[ 5]) * b[ 4]
-       + ((sp_uint128)a[ 6]) * b[ 3]
-       + ((sp_uint128)a[ 7]) * b[ 2]
-       + ((sp_uint128)a[ 8]) * b[ 1];
-    t[ 8] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 2]) * b[ 8]
-       + ((sp_uint128)a[ 3]) * b[ 7]
-       + ((sp_uint128)a[ 4]) * b[ 6]
-       + ((sp_uint128)a[ 5]) * b[ 5]
-       + ((sp_uint128)a[ 6]) * b[ 4]
-       + ((sp_uint128)a[ 7]) * b[ 3]
-       + ((sp_uint128)a[ 8]) * b[ 2];
-    r[ 9] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 3]) * b[ 8]
-       + ((sp_uint128)a[ 4]) * b[ 7]
-       + ((sp_uint128)a[ 5]) * b[ 6]
-       + ((sp_uint128)a[ 6]) * b[ 5]
-       + ((sp_uint128)a[ 7]) * b[ 4]
-       + ((sp_uint128)a[ 8]) * b[ 3];
-    r[10] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 4]) * b[ 8]
-       + ((sp_uint128)a[ 5]) * b[ 7]
-       + ((sp_uint128)a[ 6]) * b[ 6]
-       + ((sp_uint128)a[ 7]) * b[ 5]
-       + ((sp_uint128)a[ 8]) * b[ 4];
-    r[11] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 5]) * b[ 8]
-       + ((sp_uint128)a[ 6]) * b[ 7]
-       + ((sp_uint128)a[ 7]) * b[ 6]
-       + ((sp_uint128)a[ 8]) * b[ 5];
-    r[12] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 6]) * b[ 8]
-       + ((sp_uint128)a[ 7]) * b[ 7]
-       + ((sp_uint128)a[ 8]) * b[ 6];
-    r[13] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 7]) * b[ 8]
-       + ((sp_uint128)a[ 8]) * b[ 7];
-    r[14] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 8]) * b[ 8];
-    r[15] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    r[16] = (sp_digit)(t0 & 0x1ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 57);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[16] = a[16] + b[16];
-    r[17] = a[17] + b[17];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[16] = a[16] - b[16];
-    r[17] = a[17] - b[17];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_18(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[18];
-    sp_digit* a1 = z1;
-    sp_digit b1[9];
-    sp_digit* z2 = r + 18;
-    (void)sp_2048_add_9(a1, a, &a[9]);
-    (void)sp_2048_add_9(b1, b, &b[9]);
-    sp_2048_mul_9(z2, &a[9], &b[9]);
-    sp_2048_mul_9(z0, a, b);
-    sp_2048_mul_9(z1, a1, b1);
-    (void)sp_2048_sub_18(z1, z1, z2);
-    (void)sp_2048_sub_18(z1, z1, z0);
-    (void)sp_2048_add_18(r + 9, r + 9, z1);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[32] = a[32] + b[32];
-    r[33] = a[33] + b[33];
-    r[34] = a[34] + b[34];
-    r[35] = a[35] + b[35];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_2048_sub_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[32] = a[32] - b[32];
-    r[33] = a[33] - b[33];
-    r[34] = a[34] - b[34];
-    r[35] = a[35] - b[35];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_36(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[36];
-    sp_digit* a1 = z1;
-    sp_digit b1[18];
-    sp_digit* z2 = r + 36;
-    (void)sp_2048_add_18(a1, a, &a[18]);
-    (void)sp_2048_add_18(b1, b, &b[18]);
-    sp_2048_mul_18(z2, &a[18], &b[18]);
-    sp_2048_mul_18(z0, a, b);
-    sp_2048_mul_18(z1, a1, b1);
-    (void)sp_2048_sub_36(z1, z1, z2);
-    (void)sp_2048_sub_36(z1, z1, z0);
-    (void)sp_2048_add_36(r + 18, r + 18, z1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_uint128 t0;
-    sp_uint128 t1;
-    sp_digit t[9];
-
-    t0 =  ((sp_uint128)a[ 0]) * a[ 0];
-    t1 = (((sp_uint128)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 2]) * 2
-       +  ((sp_uint128)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 0]) * a[ 3]
-       +  ((sp_uint128)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 4]
-       +  ((sp_uint128)a[ 1]) * a[ 3]) * 2
-       +  ((sp_uint128)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 0]) * a[ 5]
-       +  ((sp_uint128)a[ 1]) * a[ 4]
-       +  ((sp_uint128)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 6]
-       +  ((sp_uint128)a[ 1]) * a[ 5]
-       +  ((sp_uint128)a[ 2]) * a[ 4]) * 2
-       +  ((sp_uint128)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 0]) * a[ 7]
-       +  ((sp_uint128)a[ 1]) * a[ 6]
-       +  ((sp_uint128)a[ 2]) * a[ 5]
-       +  ((sp_uint128)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 8]
-       +  ((sp_uint128)a[ 1]) * a[ 7]
-       +  ((sp_uint128)a[ 2]) * a[ 6]
-       +  ((sp_uint128)a[ 3]) * a[ 5]) * 2
-       +  ((sp_uint128)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 1]) * a[ 8]
-       +  ((sp_uint128)a[ 2]) * a[ 7]
-       +  ((sp_uint128)a[ 3]) * a[ 6]
-       +  ((sp_uint128)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 2]) * a[ 8]
-       +  ((sp_uint128)a[ 3]) * a[ 7]
-       +  ((sp_uint128)a[ 4]) * a[ 6]) * 2
-       +  ((sp_uint128)a[ 5]) * a[ 5];
-    r[ 9] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 3]) * a[ 8]
-       +  ((sp_uint128)a[ 4]) * a[ 7]
-       +  ((sp_uint128)a[ 5]) * a[ 6]) * 2;
-    r[10] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 4]) * a[ 8]
-       +  ((sp_uint128)a[ 5]) * a[ 7]) * 2
-       +  ((sp_uint128)a[ 6]) * a[ 6];
-    r[11] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 5]) * a[ 8]
-       +  ((sp_uint128)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 6]) * a[ 8]) * 2
-       +  ((sp_uint128)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 =  ((sp_uint128)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    r[16] = (sp_digit)(t0 & 0x1ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 57);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_18(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[18];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 18;
-    (void)sp_2048_add_9(a1, a, &a[9]);
-    sp_2048_sqr_9(z2, &a[9]);
-    sp_2048_sqr_9(z0, a);
-    sp_2048_sqr_9(z1, a1);
-    (void)sp_2048_sub_18(z1, z1, z2);
-    (void)sp_2048_sub_18(z1, z1, z0);
-    (void)sp_2048_add_18(r + 9, r + 9, z1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[36];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 36;
-    (void)sp_2048_add_18(a1, a, &a[18]);
-    sp_2048_sqr_18(z2, &a[18]);
-    sp_2048_sqr_18(z0, a);
-    sp_2048_sqr_18(z1, a1);
-    (void)sp_2048_sub_36(z1, z1, z2);
-    (void)sp_2048_sub_36(z1, z1, z0);
-    (void)sp_2048_add_36(r + 18, r + 18, z1);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-    x &= 0x1ffffffffffffffL;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 57) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_36(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 36; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[36] = (sp_digit)(t & 0x1ffffffffffffffL);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_18(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = 0x1ffffffffffffffL;
-        r[i + 1] = 0x1ffffffffffffffL;
-        r[i + 2] = 0x1ffffffffffffffL;
-        r[i + 3] = 0x1ffffffffffffffL;
-        r[i + 4] = 0x1ffffffffffffffL;
-        r[i + 5] = 0x1ffffffffffffffL;
-        r[i + 6] = 0x1ffffffffffffffL;
-        r[i + 7] = 0x1ffffffffffffffL;
-    }
-    r[16] = 0x1ffffffffffffffL;
-    r[17] = 0x7fffffffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_2048_sub_18(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_2048_cmp_18(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[17] - b[17]) & (0 - (sp_digit)1);
-    r |= (a[16] - b[16]) & ~(((sp_digit)0 - r) >> 56);
-    for (i = 8; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 56);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[16] = a[16] - (b[16] & m);
-    r[17] = a[17] - (b[17] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffffffffffffL);
-    for (i = 0; i < 16; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 57) + (t[4] & 0x1ffffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 57) + (t[5] & 0x1ffffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 57) + (t[6] & 0x1ffffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 57) + (t[7] & 0x1ffffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 57) + (t[0] & 0x1ffffffffffffffL));
-    }
-    t[1] = tb * a[17];
-    r[17] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-    r[18] +=  (sp_digit)(t[1] >> 57);
-}
-
-/* Shift the result in the high 1024 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_2048_mont_shift_18(sp_digit* r, const sp_digit* a)
-{
-    sp_uint64 n;
-    int i;
-
-    n  = (sp_uint64)a[17];
-    n  = n >> 55U;
-    for (i = 0; i < 16; i += 8) {
-        n += (sp_uint64)a[i+18] << 2U; r[i+0] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+19] << 2U; r[i+1] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+20] << 2U; r[i+2] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+21] << 2U; r[i+3] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+22] << 2U; r[i+4] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+23] << 2U; r[i+5] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+24] << 2U; r[i+6] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+25] << 2U; r[i+7] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-    }
-    n += (sp_uint64)a[34] << 2U; r[16] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-    n += (sp_uint64)a[35] << 2U; r[17] = n;
-    XMEMSET(&r[18], 0, sizeof(*r) * 18U);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_2048_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_2048_norm_18(a + 18);
-
-    for (i=0; i<17; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-        sp_2048_mul_add_18(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7fffffffffffffL);
-    sp_2048_mul_add_18(a+i, m, mu);
-    a[i+1] += a[i] >> 57;
-    a[i] &= 0x1ffffffffffffffL;
-    sp_2048_mont_shift_18(a, a);
-    over = a[17] - m[17];
-    sp_2048_cond_sub_18(a, a, m, ~((over - 1) >> 63));
-    sp_2048_norm_18(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_18(r, a, b);
-    sp_2048_mont_reduce_18(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_18(r, a);
-    sp_2048_mont_reduce_18(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_18(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 16; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[16];
-    r[16] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    t += tb * a[17];
-    r[17] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    r[18] = (sp_digit)(t & 0x1ffffffffffffffL);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[16] = a[16] + (b[16] & m);
-    r[17] = a[17] + (b[17] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_2048_rshift_18(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<16; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL);
-    }
-    r[16] = (a[16] >> n) | (sp_digit)((a[17] << (57 - n)) & 0x1ffffffffffffffL);
-    r[17] = a[17] >> n;
-}
-
-static WC_INLINE sp_digit sp_2048_div_word_18(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 57);
-    sp_digit t0 = (sp_digit)(d & 0x1ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 55; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 56) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 57);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 114) - (sp_digit)(d >> 114);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 26) + 1;
-
-    t = (sp_digit)(d >> 52);
-    t = (t / dv) << 26;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 21);
-    t = t / (dv << 5);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_2048_word_div_word_18(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_div_18(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 18 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 18 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 36 + 1;
-        sd = t2 + 18 + 1;
-
-        sp_2048_mul_d_18(sd, d, (sp_digit)1 << 2);
-        sp_2048_mul_d_36(t1, a, (sp_digit)1 << 2);
-        dv = sd[17];
-        t1[18 + 18] += t1[18 + 18 - 1] >> 57;
-        t1[18 + 18 - 1] &= 0x1ffffffffffffffL;
-        for (i=18; i>=0; i--) {
-            r1 = sp_2048_div_word_18(t1[18 + i], t1[18 + i - 1], dv);
-
-            sp_2048_mul_d_18(t2, sd, r1);
-            (void)sp_2048_sub_18(&t1[i], &t1[i], t2);
-            sp_2048_norm_18(&t1[i]);
-            t1[18 + i] -= t2[18];
-            t1[18 + i] += t1[18 + i - 1] >> 57;
-            t1[18 + i - 1] &= 0x1ffffffffffffffL;
-            r1 = sp_2048_div_word_18(-t1[18 + i], -t1[18 + i - 1], dv);
-            r1 -= t1[18 + i];
-            sp_2048_mul_d_18(t2, sd, r1);
-            (void)sp_2048_add_18(&t1[i], &t1[i], t2);
-            t1[18 + i] += t1[18 + i - 1] >> 57;
-            t1[18 + i - 1] &= 0x1ffffffffffffffL;
-        }
-        t1[18 - 1] += t1[18 - 2] >> 57;
-        t1[18 - 2] &= 0x1ffffffffffffffL;
-        r1 = sp_2048_word_div_word_18(t1[18 - 1], dv);
-
-        sp_2048_mul_d_18(t2, sd, r1);
-        sp_2048_sub_18(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 36U);
-        for (i=0; i<17; i++) {
-            r[i+1] += r[i] >> 57;
-            r[i] &= 0x1ffffffffffffffL;
-        }
-        sp_2048_cond_add_18(r, r, sd, r[17] >> 63);
-
-        sp_2048_norm_18(r);
-        sp_2048_rshift_18(r, r, 2);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_18(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_18(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 36);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 36, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 18 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 18U * 2U);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_18(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_18(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 18U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_18(t[1], t[1], norm);
-        err = sp_2048_mod_18(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_18(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 18 * 2);
-            sp_2048_mont_sqr_18(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 18 * 2);
-        }
-
-        sp_2048_mont_reduce_18(t[0], m, mp);
-        n = sp_2048_cmp_18(t[0], m);
-        sp_2048_cond_sub_18(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 18 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 36);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 36, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 18 * 2);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_18(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_18(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_18(t[1], t[1], norm);
-                err = sp_2048_mod_18(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_18(t[1], a, norm);
-            err = sp_2048_mod_18(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_18(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 18 * 2);
-            sp_2048_mont_sqr_18(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 18 * 2);
-        }
-
-        sp_2048_mont_reduce_18(t[0], m, mp);
-        n = sp_2048_cmp_18(t[0], m);
-        sp_2048_cond_sub_18(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 18 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 36) + 36);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 36) + 36, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 36;
-        rt = td + 1152;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_18(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_18(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_18(t[1], t[1], norm);
-                err = sp_2048_mod_18(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_18(t[1], a, norm);
-            err = sp_2048_mod_18(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_18(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_18(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_18(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_18(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_18(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_18(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_18(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_18(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_18(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_18(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_18(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_18(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_18(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_18(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_18(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_18(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_18(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_18(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_18(t[20], t[10], m, mp);
-        sp_2048_mont_mul_18(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_18(t[22], t[11], m, mp);
-        sp_2048_mont_mul_18(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_18(t[24], t[12], m, mp);
-        sp_2048_mont_mul_18(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_18(t[26], t[13], m, mp);
-        sp_2048_mont_mul_18(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_18(t[28], t[14], m, mp);
-        sp_2048_mont_mul_18(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_18(t[30], t[15], m, mp);
-        sp_2048_mont_mul_18(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 56) / 57) - 1;
-        c = bits % 57;
-        if (c == 0) {
-            c = 57;
-        }
-        if (i < 18) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (7 - c);
-            c += 57;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 36);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 7;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 52;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 7;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 57 - c;
-            }
-
-            sp_2048_mont_sqr_18(rt, rt, m, mp);
-            sp_2048_mont_sqr_18(rt, rt, m, mp);
-            sp_2048_mont_sqr_18(rt, rt, m, mp);
-            sp_2048_mont_sqr_18(rt, rt, m, mp);
-            sp_2048_mont_sqr_18(rt, rt, m, mp);
-
-            sp_2048_mont_mul_18(rt, rt, t[y], m, mp);
-        }
-
-        sp_2048_mont_reduce_18(rt, m, mp);
-        n = sp_2048_cmp_18(rt, m);
-        sp_2048_cond_sub_18(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 36);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_36(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = 0x1ffffffffffffffL;
-        r[i + 1] = 0x1ffffffffffffffL;
-        r[i + 2] = 0x1ffffffffffffffL;
-        r[i + 3] = 0x1ffffffffffffffL;
-        r[i + 4] = 0x1ffffffffffffffL;
-        r[i + 5] = 0x1ffffffffffffffL;
-        r[i + 6] = 0x1ffffffffffffffL;
-        r[i + 7] = 0x1ffffffffffffffL;
-    }
-    r[32] = 0x1ffffffffffffffL;
-    r[33] = 0x1ffffffffffffffL;
-    r[34] = 0x1ffffffffffffffL;
-    r[35] = 0x1fffffffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_2048_sub_36(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_2048_cmp_36(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[35] - b[35]) & (0 - (sp_digit)1);
-    r |= (a[34] - b[34]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[33] - b[33]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[32] - b[32]) & ~(((sp_digit)0 - r) >> 56);
-    for (i = 24; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 56);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_sub_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[32] = a[32] - (b[32] & m);
-    r[33] = a[33] - (b[33] & m);
-    r[34] = a[34] - (b[34] & m);
-    r[35] = a[35] - (b[35] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffffffffffffL);
-    for (i = 0; i < 32; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 57) + (t[4] & 0x1ffffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 57) + (t[5] & 0x1ffffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 57) + (t[6] & 0x1ffffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 57) + (t[7] & 0x1ffffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 57) + (t[0] & 0x1ffffffffffffffL));
-    }
-    t[1] = tb * a[33];
-    r[33] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-    t[2] = tb * a[34];
-    r[34] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-    t[3] = tb * a[35];
-    r[35] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-    r[36] +=  (sp_digit)(t[3] >> 57);
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_2048_mont_shift_36(sp_digit* r, const sp_digit* a)
-{
-    sp_digit n;
-    sp_digit s;
-    int i;
-
-    s = a[36]; n = a[35] >> 53;
-    for (i = 0; i < 32; i += 8) {
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+0] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+37] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+1] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+38] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+2] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+39] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+3] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+40] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+4] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+41] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+5] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+42] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+6] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+43] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[i+7] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+44] + (s >> 57);
-    }
-    n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[32] = (sp_digit)(n & 0x1ffffffffffffffL);
-    n >>= 57; s = a[69] + (s >> 57);
-    n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[33] = (sp_digit)(n & 0x1ffffffffffffffL);
-    n >>= 57; s = a[70] + (s >> 57);
-    n += (sp_digit)((s & 0x1ffffffffffffffL) << 4); r[34] = (sp_digit)(n & 0x1ffffffffffffffL);
-    n >>= 57; s = a[71] + (s >> 57);
-    n += s << 4;              r[35] = n;
-    XMEMSET(&r[36], 0, sizeof(*r) * 36U);
-}
-
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_2048_norm_36(a + 36);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<35; i++) {
-            mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-            sp_2048_mul_add_36(a+i, m, mu);
-            a[i+1] += a[i] >> 57;
-        }
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffL);
-        sp_2048_mul_add_36(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-    else {
-        for (i=0; i<35; i++) {
-            mu = (sp_digit)(a[i] & 0x1ffffffffffffffL);
-            sp_2048_mul_add_36(a+i, m, mu);
-            a[i+1] += a[i] >> 57;
-        }
-        mu = (sp_digit)(a[i] & 0x1fffffffffffffL);
-        sp_2048_mul_add_36(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-#else
-    for (i=0; i<35; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-        sp_2048_mul_add_36(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffL);
-    sp_2048_mul_add_36(a+i, m, mu);
-    a[i+1] += a[i] >> 57;
-    a[i] &= 0x1ffffffffffffffL;
-#endif
-    sp_2048_mont_shift_36(a, a);
-    over = a[35] - m[35];
-    sp_2048_cond_sub_36(a, a, m, ~((over - 1) >> 63));
-    sp_2048_norm_36(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_36(r, a, b);
-    sp_2048_mont_reduce_36(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_36(r, a);
-    sp_2048_mont_reduce_36(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_2048_mul_d_72(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 72; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[72] = (sp_digit)(t & 0x1ffffffffffffffL);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_2048_cond_add_36(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[32] = a[32] + (b[32] & m);
-    r[33] = a[33] + (b[33] & m);
-    r[34] = a[34] + (b[34] & m);
-    r[35] = a[35] + (b[35] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_2048_rshift_36(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<32; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL);
-    }
-    r[32] = (a[32] >> n) | (sp_digit)((a[33] << (57 - n)) & 0x1ffffffffffffffL);
-    r[33] = (a[33] >> n) | (sp_digit)((a[34] << (57 - n)) & 0x1ffffffffffffffL);
-    r[34] = (a[34] >> n) | (sp_digit)((a[35] << (57 - n)) & 0x1ffffffffffffffL);
-    r[35] = a[35] >> n;
-}
-
-static WC_INLINE sp_digit sp_2048_div_word_36(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 57);
-    sp_digit t0 = (sp_digit)(d & 0x1ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 55; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 56) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 57);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 114) - (sp_digit)(d >> 114);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 26) + 1;
-
-    t = (sp_digit)(d >> 52);
-    t = (t / dv) << 26;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 21);
-    t = t / (dv << 5);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_2048_word_div_word_36(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_div_36(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 36 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 36 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 72 + 1;
-        sd = t2 + 36 + 1;
-
-        sp_2048_mul_d_36(sd, d, (sp_digit)1 << 4);
-        sp_2048_mul_d_72(t1, a, (sp_digit)1 << 4);
-        dv = sd[35];
-        t1[36 + 36] += t1[36 + 36 - 1] >> 57;
-        t1[36 + 36 - 1] &= 0x1ffffffffffffffL;
-        for (i=36; i>=0; i--) {
-            r1 = sp_2048_div_word_36(t1[36 + i], t1[36 + i - 1], dv);
-
-            sp_2048_mul_d_36(t2, sd, r1);
-            (void)sp_2048_sub_36(&t1[i], &t1[i], t2);
-            sp_2048_norm_36(&t1[i]);
-            t1[36 + i] -= t2[36];
-            t1[36 + i] += t1[36 + i - 1] >> 57;
-            t1[36 + i - 1] &= 0x1ffffffffffffffL;
-            r1 = sp_2048_div_word_36(-t1[36 + i], -t1[36 + i - 1], dv);
-            r1 -= t1[36 + i];
-            sp_2048_mul_d_36(t2, sd, r1);
-            (void)sp_2048_add_36(&t1[i], &t1[i], t2);
-            t1[36 + i] += t1[36 + i - 1] >> 57;
-            t1[36 + i - 1] &= 0x1ffffffffffffffL;
-        }
-        t1[36 - 1] += t1[36 - 2] >> 57;
-        t1[36 - 2] &= 0x1ffffffffffffffL;
-        r1 = sp_2048_word_div_word_36(t1[36 - 1], dv);
-
-        sp_2048_mul_d_36(t2, sd, r1);
-        sp_2048_sub_36(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 72U);
-        for (i=0; i<35; i++) {
-            r[i+1] += r[i] >> 57;
-            r[i] &= 0x1ffffffffffffffL;
-        }
-        sp_2048_cond_add_36(r, r, sd, r[35] >> 63);
-
-        sp_2048_norm_36(r);
-        sp_2048_rshift_36(r, r, 4);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_2048_mod_36(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_36(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_36(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 72);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 72, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 36 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 36U * 2U);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_36(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 36U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_36(t[1], t[1], norm);
-        err = sp_2048_mod_36(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 36 * 2);
-            sp_2048_mont_sqr_36(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 36 * 2);
-        }
-
-        sp_2048_mont_reduce_36(t[0], m, mp);
-        n = sp_2048_cmp_36(t[0], m);
-        sp_2048_cond_sub_36(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 36 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 72);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 72, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 36 * 2);
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_36(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_36(t[1], t[1], norm);
-                err = sp_2048_mod_36(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_36(t[1], a, norm);
-            err = sp_2048_mod_36(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_2048_mont_mul_36(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 36 * 2);
-            sp_2048_mont_sqr_36(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 36 * 2);
-        }
-
-        sp_2048_mont_reduce_36(t[0], m, mp);
-        n = sp_2048_cmp_36(t[0], m);
-        sp_2048_cond_sub_36(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 36 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 72) + 72);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 72) + 72, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 72;
-        rt = td + 1152;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_2048_mod_36(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_36(t[1], t[1], norm);
-                err = sp_2048_mod_36(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_2048_mul_36(t[1], a, norm);
-            err = sp_2048_mod_36(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_36(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_36(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_36(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_36(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_36(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_36(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_36(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_36(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_36(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_36(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_36(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_36(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_36(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_36(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 56) / 57) - 1;
-        c = bits % 57;
-        if (c == 0) {
-            c = 57;
-        }
-        if (i < 36) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (7 - c);
-            c += 57;
-        }
-        y = (int)((n >> 60) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 72);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 7;
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c = 53;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n = e[i--] << 7;
-                c = 4 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 57 - c;
-            }
-
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-            sp_2048_mont_sqr_36(rt, rt, m, mp);
-
-            sp_2048_mont_mul_36(rt, rt, t[y], m, mp);
-        }
-
-        sp_2048_mont_reduce_36(rt, m, mp);
-        n = sp_2048_cmp_36(rt, m);
-        sp_2048_cond_sub_36(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 72);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) || */
-       /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 36 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 36 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 36 * 2;
-        m = r + 36 * 2;
-        norm = r;
-
-        sp_2048_from_bin(a, 36, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 36, mm);
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_mul_36(a, a, norm);
-        err = sp_2048_mod_36(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 36 * 2);
-        for (i--; i>=0; i--) {
-            sp_2048_mont_sqr_36(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_2048_mont_mul_36(r, r, a, m, mp);
-            }
-        }
-        sp_2048_mont_reduce_36(r, m, mp);
-        mp = sp_2048_cmp_36(r, m);
-        sp_2048_cond_sub_36(r, r, m, ~(mp >> 63));
-
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 36 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 36 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 36 * 2;
-        m = r + 36 * 2;
-
-        sp_2048_from_bin(a, 36, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 36, mm);
-
-        if (e[0] == 0x3) {
-            sp_2048_sqr_36(r, a);
-            err = sp_2048_mod_36(r, r, m);
-            if (err == MP_OKAY) {
-                sp_2048_mul_36(r, a, r);
-                err = sp_2048_mod_36(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-            sp_2048_mont_norm_36(norm, m);
-
-            sp_2048_mul_36(a, a, norm);
-            err = sp_2048_mod_36(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 72U);
-                for (i--; i>=0; i--) {
-                    sp_2048_mont_sqr_36(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_36(r, r, a, m, mp);
-                    }
-                }
-                sp_2048_mont_reduce_36(r, m, mp);
-                mp = sp_2048_cmp_36(r, m);
-                sp_2048_cond_sub_36(r, r, m, ~(mp >> 63));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 36 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 36 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 36;
-        m = a + 72;
-        r = a;
-
-        sp_2048_from_bin(a, 36, in, inLen);
-        sp_2048_from_mp(d, 36, dm);
-        sp_2048_from_mp(m, 36, mm);
-        err = sp_2048_mod_exp_36(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 36, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 36 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 36 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 36;
-        m = a + 72;
-        r = a;
-
-        sp_2048_from_bin(a, 36, in, inLen);
-        sp_2048_from_mp(d, 36, dm);
-        sp_2048_from_mp(m, 36, mm);
-        err = sp_2048_mod_exp_36(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 36, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 18 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 18 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 36;
-        qi = dq = dp = p + 18;
-        tmpa = qi + 18;
-        tmpb = tmpa + 36;
-        r = a;
-
-        sp_2048_from_bin(a, 36, in, inLen);
-        sp_2048_from_mp(p, 18, pm);
-        sp_2048_from_mp(dp, 18, dpm);
-        err = sp_2048_mod_exp_18(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 18, qm);
-        sp_2048_from_mp(dq, 18, dqm);
-        err = sp_2048_mod_exp_18(tmpb, a, dq, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 18, pm);
-        (void)sp_2048_sub_18(tmpa, tmpa, tmpb);
-        sp_2048_norm_18(tmpa);
-        sp_2048_cond_add_18(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[17] >> 63));
-        sp_2048_cond_add_18(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[17] >> 63));
-        sp_2048_norm_18(tmpa);
-
-        sp_2048_from_mp(qi, 18, qim);
-        sp_2048_mul_18(tmpa, tmpa, qi);
-        err = sp_2048_mod_18(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(p, 18, qm);
-        sp_2048_mul_18(tmpa, p, tmpa);
-        (void)sp_2048_add_36(r, tmpb, tmpa);
-        sp_2048_norm_36(r);
-
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 18 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 18 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 18 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 36 * 2;
-        q = p + 18;
-        dp = q + 18;
-        dq = dp + 18;
-        qi = dq + 18;
-        tmpa = qi + 18;
-        tmpb = tmpa + 36;
-        r = a;
-
-        sp_2048_from_bin(a, 36, in, inLen);
-        sp_2048_from_mp(p, 18, pm);
-        sp_2048_from_mp(q, 18, qm);
-        sp_2048_from_mp(dp, 18, dpm);
-        sp_2048_from_mp(dq, 18, dqm);
-        sp_2048_from_mp(qi, 18, qim);
-
-        err = sp_2048_mod_exp_18(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_2048_mod_exp_18(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_2048_sub_18(tmpa, tmpa, tmpb);
-        sp_2048_norm_18(tmpa);
-        sp_2048_cond_add_18(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[17] >> 63));
-        sp_2048_cond_add_18(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[17] >> 63));
-        sp_2048_norm_18(tmpa);
-        sp_2048_mul_18(tmpa, tmpa, qi);
-        err = sp_2048_mod_18(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_18(tmpa, tmpa, q);
-        (void)sp_2048_add_36(r, tmpb, tmpa);
-        sp_2048_norm_36(r);
-
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 18 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 57
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 36);
-        r->used = 36;
-        mp_clamp(r);
-#elif DIGIT_BIT < 57
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 36; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 57) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 57 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 36; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 57 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 57 - s;
-            }
-            else {
-                s += 57;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 36 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 36 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 36 * 2;
-        m = e + 36;
-        r = b;
-
-        sp_2048_from_mp(b, 36, base);
-        sp_2048_from_mp(e, 36, exp);
-        sp_2048_from_mp(m, 36, mod);
-
-        err = sp_2048_mod_exp_36(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 36U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 36 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 36 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 36 * 2;
-        m = e + 36;
-        r = b;
-
-        sp_2048_from_mp(b, 36, base);
-        sp_2048_from_mp(e, 36, exp);
-        sp_2048_from_mp(m, 36, mod);
-
-        err = sp_2048_mod_exp_36(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 36U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-SP_NOINLINE static void sp_2048_lshift_36(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[35];
-    r[36] = s >> (57U - n);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    r[0] = (sp_digit)((a[0] << n) & 0x1ffffffffffffffL);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_36(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 109);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 109, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 72;
-        XMEMSET(td, 0, sizeof(sp_digit) * 109);
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_36(norm, m);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 56) / 57) - 1;
-        c = bits % 57;
-        if (c == 0) {
-            c = 57;
-        }
-        if (i < 36) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (7 - c);
-            c += 57;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        sp_2048_lshift_36(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 7;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 52;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 7;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 57 - c;
-            }
-
-            sp_2048_mont_sqr_36(r, r, m, mp);
-            sp_2048_mont_sqr_36(r, r, m, mp);
-            sp_2048_mont_sqr_36(r, r, m, mp);
-            sp_2048_mont_sqr_36(r, r, m, mp);
-            sp_2048_mont_sqr_36(r, r, m, mp);
-
-            sp_2048_lshift_36(r, r, (byte)y);
-            sp_2048_mul_d_36(tmp, norm, (r[36] << 4) + (r[35] >> 53));
-            r[36] = 0;
-            r[35] &= 0x1fffffffffffffL;
-            (void)sp_2048_add_36(r, r, tmp);
-            sp_2048_norm_36(r);
-            o = sp_2048_cmp_36(r, m);
-            sp_2048_cond_sub_36(r, r, m, ~(o >> 63));
-        }
-
-        sp_2048_mont_reduce_36(r, m, mp);
-        n = sp_2048_cmp_36(r, m);
-        sp_2048_cond_sub_36(r, r, m, (sp_digit)~(n >> 63));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 36 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 36 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 36 * 2;
-        m = e + 36;
-        r = b;
-
-        sp_2048_from_mp(b, 36, base);
-        sp_2048_from_bin(e, 36, exp, expLen);
-        sp_2048_from_mp(m, 36, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2U &&
-                (m[35] >> 21) == 0xffffffffL) {
-            err = sp_2048_mod_exp_2_36(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_2048_mod_exp_36(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_2048
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_36(r, out);
-        *outLen = 256;
-        for (i=0; i<256U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 36U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 18 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 18 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 18 * 2;
-        m = e + 18;
-        r = b;
-
-        sp_2048_from_mp(b, 18, base);
-        sp_2048_from_mp(e, 18, exp);
-        sp_2048_from_mp(m, 18, mod);
-
-        err = sp_2048_mod_exp_18(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 18, 0, sizeof(*r) * 18U);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 36U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 18 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 18 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 18 * 2;
-        m = e + 18;
-        r = b;
-
-        sp_2048_from_mp(b, 18, base);
-        sp_2048_from_mp(e, 18, exp);
-        sp_2048_from_mp(m, 18, mod);
-
-        err = sp_2048_mod_exp_18(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 18, 0, sizeof(*r) * 18U);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 36U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-#ifdef WOLFSSL_SP_SMALL
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 52U) {
-            r[j] &= 0xfffffffffffffffL;
-            s = 60U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 60
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 59);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 59);
-    }
-#elif DIGIT_BIT > 60
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xfffffffffffffffL;
-        s = 60U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 60U) <= (word32)DIGIT_BIT) {
-            s += 60U;
-            r[j] &= 0xfffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 60) {
-            r[j] &= 0xfffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 60 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_52(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<51; i++) {
-        r[i+1] += r[i] >> 60;
-        r[i] &= 0xfffffffffffffffL;
-    }
-    j = 3079 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<52 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 60) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 60);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 60 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_26(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 25; i++) {
-        a[i+1] += a[i] >> 60;
-        a[i] &= 0xfffffffffffffffL;
-    }
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 60 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_52(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 51; i++) {
-        a[i+1] += a[i] >> 60;
-        a[i] &= 0xfffffffffffffffL;
-    }
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_52(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[51]) * b[51];
-    r[103] = (sp_digit)(c >> 60);
-    c &= 0xfffffffffffffffL;
-    for (k = 101; k >= 0; k--) {
-        if (k >= 52) {
-            i = k - 51;
-            imax = 51;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 60;
-        r[k + 2] += (sp_digit)(c >> 60);
-        r[k + 1]  = (sp_digit)(c & 0xfffffffffffffffL);
-        c = lo & 0xfffffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_52(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[51]) * a[51];
-    r[103] = (sp_digit)(c >> 60);
-    c = (c & 0xfffffffffffffffL) << 60;
-    for (k = 101; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 51) {
-            imax = k;
-        }
-        else {
-            imax = 51;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 120);
-        r[k + 1]  = (sp_digit)((c >> 60) & 0xfffffffffffffffL);
-        c = (c & 0xfffffffffffffffL) << 60;
-    }
-    r[0] = (sp_digit)(c >> 60);
-}
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-    x &= 0xfffffffffffffffL;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 60) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_52(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 52; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0xfffffffffffffffL);
-        t >>= 60;
-    }
-    r[52] = (sp_digit)t;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 26; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_26(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<25; i++) {
-        r[i] = 0xfffffffffffffffL;
-    }
-    r[25] = 0xfffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_26(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_26(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=25; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 59);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 26; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_26(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 24; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0xfffffffffffffffL);
-        t[1] += t[0] >> 60;
-        r[i+1] = (sp_digit)(t[1] & 0xfffffffffffffffL);
-        t[2] += t[1] >> 60;
-        r[i+2] = (sp_digit)(t[2] & 0xfffffffffffffffL);
-        t[3] += t[2] >> 60;
-        r[i+3] = (sp_digit)(t[3] & 0xfffffffffffffffL);
-        t[0]  = t[3] >> 60;
-    }
-    t[0] += (tb * a[24]) + r[24];
-    t[1]  = (tb * a[25]) + r[25];
-    r[24] = (sp_digit)(t[0] & 0xfffffffffffffffL);
-    t[1] += t[0] >> 60;
-    r[25] = (sp_digit)(t[1] & 0xfffffffffffffffL);
-    r[26] +=  (sp_digit)(t[1] >> 60);
-}
-
-/* Shift the result in the high 1536 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_26(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[25] >> 36;
-    n += ((sp_int128)a[26]) << 24;
-
-    for (i = 0; i < 25; i++) {
-        r[i] = (sp_digit)(n & 0xfffffffffffffffL);
-        n >>= 60;
-        n += ((sp_int128)a[27 + i]) << 24;
-    }
-    r[25] = (sp_digit)n;
-    XMEMSET(&r[26], 0, sizeof(*r) * 26U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_26(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_26(a + 26);
-
-    for (i=0; i<25; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffffffffffffffL);
-        sp_3072_mul_add_26(a+i, m, mu);
-        a[i+1] += a[i] >> 60;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffffffffL);
-    sp_3072_mul_add_26(a+i, m, mu);
-    a[i+1] += a[i] >> 60;
-    a[i] &= 0xfffffffffffffffL;
-    sp_3072_mont_shift_26(a, a);
-    over = a[25] - m[25];
-    sp_3072_cond_sub_26(a, a, m, ~((over - 1) >> 63));
-    sp_3072_norm_26(a);
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_26(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[25]) * b[25];
-    r[51] = (sp_digit)(c >> 60);
-    c &= 0xfffffffffffffffL;
-    for (k = 49; k >= 0; k--) {
-        if (k >= 26) {
-            i = k - 25;
-            imax = 25;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 60;
-        r[k + 2] += (sp_digit)(c >> 60);
-        r[k + 1]  = (sp_digit)(c & 0xfffffffffffffffL);
-        c = lo & 0xfffffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_26(r, a, b);
-    sp_3072_mont_reduce_26(r, m, mp);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_26(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[25]) * a[25];
-    r[51] = (sp_digit)(c >> 60);
-    c = (c & 0xfffffffffffffffL) << 60;
-    for (k = 49; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 25) {
-            imax = k;
-        }
-        else {
-            imax = 25;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 120);
-        r[k + 1]  = (sp_digit)((c >> 60) & 0xfffffffffffffffL);
-        c = (c & 0xfffffffffffffffL) << 60;
-    }
-    r[0] = (sp_digit)(c >> 60);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_26(r, a);
-    sp_3072_mont_reduce_26(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_26(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 26; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0xfffffffffffffffL);
-        t >>= 60;
-    }
-    r[26] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 26; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 26; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_3072_rshift_26(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<25; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (60 - n))) & 0xfffffffffffffffL);
-    }
-    r[25] = a[25] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_26(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 60);
-    sp_digit t0 = (sp_digit)(d & 0xfffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 58; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 59) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 60);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 120) - (sp_digit)(d >> 120);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 29) + 1;
-
-    t = (sp_digit)(d >> 58);
-    t = (t / dv) << 29;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 27);
-    t = t / (dv << 2);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_26(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_26(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 26 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 26 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 52 + 1;
-        sd = t2 + 26 + 1;
-
-        sp_3072_mul_d_26(sd, d, (sp_digit)1 << 24);
-        sp_3072_mul_d_52(t1, a, (sp_digit)1 << 24);
-        dv = sd[25];
-        t1[26 + 26] += t1[26 + 26 - 1] >> 60;
-        t1[26 + 26 - 1] &= 0xfffffffffffffffL;
-        for (i=26; i>=0; i--) {
-            r1 = sp_3072_div_word_26(t1[26 + i], t1[26 + i - 1], dv);
-
-            sp_3072_mul_d_26(t2, sd, r1);
-            (void)sp_3072_sub_26(&t1[i], &t1[i], t2);
-            sp_3072_norm_26(&t1[i]);
-            t1[26 + i] -= t2[26];
-            t1[26 + i] += t1[26 + i - 1] >> 60;
-            t1[26 + i - 1] &= 0xfffffffffffffffL;
-            r1 = sp_3072_div_word_26(-t1[26 + i], -t1[26 + i - 1], dv);
-            r1 -= t1[26 + i];
-            sp_3072_mul_d_26(t2, sd, r1);
-            (void)sp_3072_add_26(&t1[i], &t1[i], t2);
-            t1[26 + i] += t1[26 + i - 1] >> 60;
-            t1[26 + i - 1] &= 0xfffffffffffffffL;
-        }
-        t1[26 - 1] += t1[26 - 2] >> 60;
-        t1[26 - 2] &= 0xfffffffffffffffL;
-        r1 = sp_3072_word_div_word_26(t1[26 - 1], dv);
-
-        sp_3072_mul_d_26(t2, sd, r1);
-        sp_3072_sub_26(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 52U);
-        for (i=0; i<25; i++) {
-            r[i+1] += r[i] >> 60;
-            r[i] &= 0xfffffffffffffffL;
-        }
-        sp_3072_cond_add_26(r, r, sd, r[25] >> 63);
-
-        sp_3072_norm_26(r);
-        sp_3072_rshift_26(r, r, 24);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_26(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_26(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_26(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 52);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 52, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 26 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 26U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_26(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_26(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 26U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_26(t[1], t[1], norm);
-        err = sp_3072_mod_26(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 60;
-        c = bits % 60;
-        n = e[i--] << (60 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 60;
-            }
-
-            y = (int)((n >> 59) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_26(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 26 * 2);
-            sp_3072_mont_sqr_26(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 26 * 2);
-        }
-
-        sp_3072_mont_reduce_26(t[0], m, mp);
-        n = sp_3072_cmp_26(t[0], m);
-        sp_3072_cond_sub_26(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 26 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 52);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 52, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 26 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_26(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_26(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_26(t[1], t[1], norm);
-                err = sp_3072_mod_26(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_26(t[1], a, norm);
-            err = sp_3072_mod_26(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 60;
-        c = bits % 60;
-        n = e[i--] << (60 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 60;
-            }
-
-            y = (int)((n >> 59) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_26(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 26 * 2);
-            sp_3072_mont_sqr_26(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 26 * 2);
-        }
-
-        sp_3072_mont_reduce_26(t[0], m, mp);
-        n = sp_3072_cmp_26(t[0], m);
-        sp_3072_cond_sub_26(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 26 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 52) + 52);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 52) + 52, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 52;
-        rt = td + 1664;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_26(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_26(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_26(t[1], t[1], norm);
-                err = sp_3072_mod_26(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_26(t[1], a, norm);
-            err = sp_3072_mod_26(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_26(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_26(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_26(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_26(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_26(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_26(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_26(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_26(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_26(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_26(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_26(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_26(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_26(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_26(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_26(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_26(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_26(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_26(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_26(t[20], t[10], m, mp);
-        sp_3072_mont_mul_26(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_26(t[22], t[11], m, mp);
-        sp_3072_mont_mul_26(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_26(t[24], t[12], m, mp);
-        sp_3072_mont_mul_26(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_26(t[26], t[13], m, mp);
-        sp_3072_mont_mul_26(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_26(t[28], t[14], m, mp);
-        sp_3072_mont_mul_26(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_26(t[30], t[15], m, mp);
-        sp_3072_mont_mul_26(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 59) / 60) - 1;
-        c = bits % 60;
-        if (c == 0) {
-            c = 60;
-        }
-        if (i < 26) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (4 - c);
-            c += 60;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 52);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 4;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 55;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 4;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 60 - c;
-            }
-
-            sp_3072_mont_sqr_26(rt, rt, m, mp);
-            sp_3072_mont_sqr_26(rt, rt, m, mp);
-            sp_3072_mont_sqr_26(rt, rt, m, mp);
-            sp_3072_mont_sqr_26(rt, rt, m, mp);
-            sp_3072_mont_sqr_26(rt, rt, m, mp);
-
-            sp_3072_mont_mul_26(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_26(rt, m, mp);
-        n = sp_3072_cmp_26(rt, m);
-        sp_3072_cond_sub_26(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 52);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_52(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 52; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_52(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<51; i++) {
-        r[i] = 0xfffffffffffffffL;
-    }
-    r[51] = 0xfffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_52(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_52(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=51; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 59);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_52(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 52; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_52(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 48; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0xfffffffffffffffL);
-        t[1] += t[0] >> 60;
-        r[i+1] = (sp_digit)(t[1] & 0xfffffffffffffffL);
-        t[2] += t[1] >> 60;
-        r[i+2] = (sp_digit)(t[2] & 0xfffffffffffffffL);
-        t[3] += t[2] >> 60;
-        r[i+3] = (sp_digit)(t[3] & 0xfffffffffffffffL);
-        t[0]  = t[3] >> 60;
-    }
-    t[0] += (tb * a[48]) + r[48];
-    t[1]  = (tb * a[49]) + r[49];
-    t[2]  = (tb * a[50]) + r[50];
-    t[3]  = (tb * a[51]) + r[51];
-    r[48] = (sp_digit)(t[0] & 0xfffffffffffffffL);
-    t[1] += t[0] >> 60;
-    r[49] = (sp_digit)(t[1] & 0xfffffffffffffffL);
-    t[2] += t[1] >> 60;
-    r[50] = (sp_digit)(t[2] & 0xfffffffffffffffL);
-    t[3] += t[2] >> 60;
-    r[51] = (sp_digit)(t[3] & 0xfffffffffffffffL);
-    r[52] +=  (sp_digit)(t[3] >> 60);
-}
-
-/* Shift the result in the high 3072 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_52(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[51] >> 12;
-    n += ((sp_int128)a[52]) << 48;
-
-    for (i = 0; i < 51; i++) {
-        r[i] = (sp_digit)(n & 0xfffffffffffffffL);
-        n >>= 60;
-        n += ((sp_int128)a[53 + i]) << 48;
-    }
-    r[51] = (sp_digit)n;
-    XMEMSET(&r[52], 0, sizeof(*r) * 52U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_52(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_52(a + 52);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<51; i++) {
-            mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffffffffffffffL);
-            sp_3072_mul_add_52(a+i, m, mu);
-            a[i+1] += a[i] >> 60;
-        }
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffL);
-        sp_3072_mul_add_52(a+i, m, mu);
-        a[i+1] += a[i] >> 60;
-        a[i] &= 0xfffffffffffffffL;
-    }
-    else {
-        for (i=0; i<51; i++) {
-            mu = (sp_digit)(a[i] & 0xfffffffffffffffL);
-            sp_3072_mul_add_52(a+i, m, mu);
-            a[i+1] += a[i] >> 60;
-        }
-        mu = (sp_digit)(a[i] & 0xfffL);
-        sp_3072_mul_add_52(a+i, m, mu);
-        a[i+1] += a[i] >> 60;
-        a[i] &= 0xfffffffffffffffL;
-    }
-#else
-    for (i=0; i<51; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffffffffffffffL);
-        sp_3072_mul_add_52(a+i, m, mu);
-        a[i+1] += a[i] >> 60;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffL);
-    sp_3072_mul_add_52(a+i, m, mu);
-    a[i+1] += a[i] >> 60;
-    a[i] &= 0xfffffffffffffffL;
-#endif
-    sp_3072_mont_shift_52(a, a);
-    over = a[51] - m[51];
-    sp_3072_cond_sub_52(a, a, m, ~((over - 1) >> 63));
-    sp_3072_norm_52(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_52(r, a, b);
-    sp_3072_mont_reduce_52(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_52(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_52(r, a);
-    sp_3072_mont_reduce_52(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_104(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 104; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0xfffffffffffffffL);
-        t >>= 60;
-    }
-    r[104] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_52(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 52; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_52(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 52; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_3072_rshift_52(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<51; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (60 - n))) & 0xfffffffffffffffL);
-    }
-    r[51] = a[51] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_52(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 60);
-    sp_digit t0 = (sp_digit)(d & 0xfffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 58; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 59) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 60);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 120) - (sp_digit)(d >> 120);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 60) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 29) + 1;
-
-    t = (sp_digit)(d >> 58);
-    t = (t / dv) << 29;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 27);
-    t = t / (dv << 2);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_52(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_52(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 52 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 52 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 104 + 1;
-        sd = t2 + 52 + 1;
-
-        sp_3072_mul_d_52(sd, d, (sp_digit)1 << 48);
-        sp_3072_mul_d_104(t1, a, (sp_digit)1 << 48);
-        dv = sd[51];
-        t1[52 + 52] += t1[52 + 52 - 1] >> 60;
-        t1[52 + 52 - 1] &= 0xfffffffffffffffL;
-        for (i=52; i>=0; i--) {
-            r1 = sp_3072_div_word_52(t1[52 + i], t1[52 + i - 1], dv);
-
-            sp_3072_mul_d_52(t2, sd, r1);
-            (void)sp_3072_sub_52(&t1[i], &t1[i], t2);
-            sp_3072_norm_52(&t1[i]);
-            t1[52 + i] -= t2[52];
-            t1[52 + i] += t1[52 + i - 1] >> 60;
-            t1[52 + i - 1] &= 0xfffffffffffffffL;
-            r1 = sp_3072_div_word_52(-t1[52 + i], -t1[52 + i - 1], dv);
-            r1 -= t1[52 + i];
-            sp_3072_mul_d_52(t2, sd, r1);
-            (void)sp_3072_add_52(&t1[i], &t1[i], t2);
-            t1[52 + i] += t1[52 + i - 1] >> 60;
-            t1[52 + i - 1] &= 0xfffffffffffffffL;
-        }
-        t1[52 - 1] += t1[52 - 2] >> 60;
-        t1[52 - 2] &= 0xfffffffffffffffL;
-        r1 = sp_3072_word_div_word_52(t1[52 - 1], dv);
-
-        sp_3072_mul_d_52(t2, sd, r1);
-        sp_3072_sub_52(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 104U);
-        for (i=0; i<51; i++) {
-            r[i+1] += r[i] >> 60;
-            r[i] &= 0xfffffffffffffffL;
-        }
-        sp_3072_cond_add_52(r, r, sd, r[51] >> 63);
-
-        sp_3072_norm_52(r);
-        sp_3072_rshift_52(r, r, 48);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_52(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_52(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_52(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 104);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 104, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 52 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 52U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_52(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_52(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 52U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_52(t[1], t[1], norm);
-        err = sp_3072_mod_52(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 60;
-        c = bits % 60;
-        n = e[i--] << (60 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 60;
-            }
-
-            y = (int)((n >> 59) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_52(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 52 * 2);
-            sp_3072_mont_sqr_52(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 52 * 2);
-        }
-
-        sp_3072_mont_reduce_52(t[0], m, mp);
-        n = sp_3072_cmp_52(t[0], m);
-        sp_3072_cond_sub_52(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 52 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 104);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 104, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 52 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_52(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_52(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_52(t[1], t[1], norm);
-                err = sp_3072_mod_52(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_52(t[1], a, norm);
-            err = sp_3072_mod_52(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 60;
-        c = bits % 60;
-        n = e[i--] << (60 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 60;
-            }
-
-            y = (int)((n >> 59) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_52(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 52 * 2);
-            sp_3072_mont_sqr_52(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 52 * 2);
-        }
-
-        sp_3072_mont_reduce_52(t[0], m, mp);
-        n = sp_3072_cmp_52(t[0], m);
-        sp_3072_cond_sub_52(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 52 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 104) + 104);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 104) + 104, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 104;
-        rt = td + 1664;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_52(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_52(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_52(t[1], t[1], norm);
-                err = sp_3072_mod_52(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_52(t[1], a, norm);
-            err = sp_3072_mod_52(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_52(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_52(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_52(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_52(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_52(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_52(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_52(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_52(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_52(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_52(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_52(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_52(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_52(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_52(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 59) / 60) - 1;
-        c = bits % 60;
-        if (c == 0) {
-            c = 60;
-        }
-        if (i < 52) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (4 - c);
-            c += 60;
-        }
-        y = (int)((n >> 60) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 104);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 4;
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c = 56;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n = e[i--] << 4;
-                c = 4 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 60 - c;
-            }
-
-            sp_3072_mont_sqr_52(rt, rt, m, mp);
-            sp_3072_mont_sqr_52(rt, rt, m, mp);
-            sp_3072_mont_sqr_52(rt, rt, m, mp);
-            sp_3072_mont_sqr_52(rt, rt, m, mp);
-
-            sp_3072_mont_mul_52(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_52(rt, m, mp);
-        n = sp_3072_cmp_52(rt, m);
-        sp_3072_cond_sub_52(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 104);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 52 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 52 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 52 * 2;
-        m = r + 52 * 2;
-        norm = r;
-
-        sp_3072_from_bin(a, 52, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 52, mm);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_52(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_52(a, a, norm);
-        err = sp_3072_mod_52(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 52 * 2);
-        for (i--; i>=0; i--) {
-            sp_3072_mont_sqr_52(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_3072_mont_mul_52(r, r, a, m, mp);
-            }
-        }
-        sp_3072_mont_reduce_52(r, m, mp);
-        mp = sp_3072_cmp_52(r, m);
-        sp_3072_cond_sub_52(r, r, m, ~(mp >> 63));
-
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 52 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 52 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 52 * 2;
-        m = r + 52 * 2;
-
-        sp_3072_from_bin(a, 52, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 52, mm);
-
-        if (e[0] == 0x3) {
-            sp_3072_sqr_52(r, a);
-            err = sp_3072_mod_52(r, r, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_52(r, a, r);
-                err = sp_3072_mod_52(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-            sp_3072_mont_norm_52(norm, m);
-
-            sp_3072_mul_52(a, a, norm);
-            err = sp_3072_mod_52(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 104U);
-                for (i--; i>=0; i--) {
-                    sp_3072_mont_sqr_52(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_52(r, r, a, m, mp);
-                    }
-                }
-                sp_3072_mont_reduce_52(r, m, mp);
-                mp = sp_3072_cmp_52(r, m);
-                sp_3072_cond_sub_52(r, r, m, ~(mp >> 63));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 52 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 52 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 52;
-        m = a + 104;
-        r = a;
-
-        sp_3072_from_bin(a, 52, in, inLen);
-        sp_3072_from_mp(d, 52, dm);
-        sp_3072_from_mp(m, 52, mm);
-        err = sp_3072_mod_exp_52(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 52, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 52 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 52 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 52;
-        m = a + 104;
-        r = a;
-
-        sp_3072_from_bin(a, 52, in, inLen);
-        sp_3072_from_mp(d, 52, dm);
-        sp_3072_from_mp(m, 52, mm);
-        err = sp_3072_mod_exp_52(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 52, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 26 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 26 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 52;
-        qi = dq = dp = p + 26;
-        tmpa = qi + 26;
-        tmpb = tmpa + 52;
-        r = a;
-
-        sp_3072_from_bin(a, 52, in, inLen);
-        sp_3072_from_mp(p, 26, pm);
-        sp_3072_from_mp(dp, 26, dpm);
-        err = sp_3072_mod_exp_26(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 26, qm);
-        sp_3072_from_mp(dq, 26, dqm);
-        err = sp_3072_mod_exp_26(tmpb, a, dq, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 26, pm);
-        (void)sp_3072_sub_26(tmpa, tmpa, tmpb);
-        sp_3072_norm_26(tmpa);
-        sp_3072_cond_add_26(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[25] >> 63));
-        sp_3072_cond_add_26(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[25] >> 63));
-        sp_3072_norm_26(tmpa);
-
-        sp_3072_from_mp(qi, 26, qim);
-        sp_3072_mul_26(tmpa, tmpa, qi);
-        err = sp_3072_mod_26(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 26, qm);
-        sp_3072_mul_26(tmpa, p, tmpa);
-        (void)sp_3072_add_52(r, tmpb, tmpa);
-        sp_3072_norm_52(r);
-
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 26 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 26 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 26 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 52 * 2;
-        q = p + 26;
-        dp = q + 26;
-        dq = dp + 26;
-        qi = dq + 26;
-        tmpa = qi + 26;
-        tmpb = tmpa + 52;
-        r = a;
-
-        sp_3072_from_bin(a, 52, in, inLen);
-        sp_3072_from_mp(p, 26, pm);
-        sp_3072_from_mp(q, 26, qm);
-        sp_3072_from_mp(dp, 26, dpm);
-        sp_3072_from_mp(dq, 26, dqm);
-        sp_3072_from_mp(qi, 26, qim);
-
-        err = sp_3072_mod_exp_26(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_3072_mod_exp_26(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_3072_sub_26(tmpa, tmpa, tmpb);
-        sp_3072_norm_26(tmpa);
-        sp_3072_cond_add_26(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[25] >> 63));
-        sp_3072_cond_add_26(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[25] >> 63));
-        sp_3072_norm_26(tmpa);
-        sp_3072_mul_26(tmpa, tmpa, qi);
-        err = sp_3072_mod_26(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_26(tmpa, tmpa, q);
-        (void)sp_3072_add_52(r, tmpb, tmpa);
-        sp_3072_norm_52(r);
-
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 26 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 60
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 52);
-        r->used = 52;
-        mp_clamp(r);
-#elif DIGIT_BIT < 60
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 52; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 60) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 60 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 52; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 60 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 60 - s;
-            }
-            else {
-                s += 60;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 52 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 52 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 52 * 2;
-        m = e + 52;
-        r = b;
-
-        sp_3072_from_mp(b, 52, base);
-        sp_3072_from_mp(e, 52, exp);
-        sp_3072_from_mp(m, 52, mod);
-
-        err = sp_3072_mod_exp_52(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 52U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 52 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 52 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 52 * 2;
-        m = e + 52;
-        r = b;
-
-        sp_3072_from_mp(b, 52, base);
-        sp_3072_from_mp(e, 52, exp);
-        sp_3072_from_mp(m, 52, mod);
-
-        err = sp_3072_mod_exp_52(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 52U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-SP_NOINLINE static void sp_3072_lshift_52(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    r[52] = a[51] >> (60 - n);
-    for (i=51; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (60 - n))) & 0xfffffffffffffffL);
-    }
-    r[0] = (sp_digit)((a[0] << n) & 0xfffffffffffffffL);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_52(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 157);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 157, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 104;
-        XMEMSET(td, 0, sizeof(sp_digit) * 157);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_52(norm, m);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 59) / 60) - 1;
-        c = bits % 60;
-        if (c == 0) {
-            c = 60;
-        }
-        if (i < 52) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (4 - c);
-            c += 60;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        sp_3072_lshift_52(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 4;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 55;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 4;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 60 - c;
-            }
-
-            sp_3072_mont_sqr_52(r, r, m, mp);
-            sp_3072_mont_sqr_52(r, r, m, mp);
-            sp_3072_mont_sqr_52(r, r, m, mp);
-            sp_3072_mont_sqr_52(r, r, m, mp);
-            sp_3072_mont_sqr_52(r, r, m, mp);
-
-            sp_3072_lshift_52(r, r, (byte)y);
-            sp_3072_mul_d_52(tmp, norm, (r[52] << 48) + (r[51] >> 12));
-            r[52] = 0;
-            r[51] &= 0xfffL;
-            (void)sp_3072_add_52(r, r, tmp);
-            sp_3072_norm_52(r);
-            o = sp_3072_cmp_52(r, m);
-            sp_3072_cond_sub_52(r, r, m, ~(o >> 63));
-        }
-
-        sp_3072_mont_reduce_52(r, m, mp);
-        n = sp_3072_cmp_52(r, m);
-        sp_3072_cond_sub_52(r, r, m, (sp_digit)~(n >> 63));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 52 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 52 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 52 * 2;
-        m = e + 52;
-        r = b;
-
-        sp_3072_from_mp(b, 52, base);
-        sp_3072_from_bin(e, 52, exp, expLen);
-        sp_3072_from_mp(m, 52, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2U &&
-                ((m[51] << 20) | (m[50] >> 40)) == 0xffffffffL) {
-            err = sp_3072_mod_exp_2_52(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_3072_mod_exp_52(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_3072
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_52(r, out);
-        *outLen = 384;
-        for (i=0; i<384U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 52U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 26 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 26 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 26 * 2;
-        m = e + 26;
-        r = b;
-
-        sp_3072_from_mp(b, 26, base);
-        sp_3072_from_mp(e, 26, exp);
-        sp_3072_from_mp(m, 26, mod);
-
-        err = sp_3072_mod_exp_26(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 26, 0, sizeof(*r) * 26U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 52U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 26 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 26 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 26 * 2;
-        m = e + 26;
-        r = b;
-
-        sp_3072_from_mp(b, 26, base);
-        sp_3072_from_mp(e, 26, exp);
-        sp_3072_from_mp(m, 26, mod);
-
-        err = sp_3072_mod_exp_26(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 26, 0, sizeof(*r) * 26U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 52U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#else
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 49U) {
-            r[j] &= 0x1ffffffffffffffL;
-            s = 57U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 57
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 56);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 56);
-    }
-#elif DIGIT_BIT > 57
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1ffffffffffffffL;
-        s = 57U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 57U) <= (word32)DIGIT_BIT) {
-            s += 57U;
-            r[j] &= 0x1ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 57) {
-            r[j] &= 0x1ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 57 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_54(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<53; i++) {
-        r[i+1] += r[i] >> 57;
-        r[i] &= 0x1ffffffffffffffL;
-    }
-    j = 3079 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<54 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 57) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 57);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 57 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_27(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 24; i += 8) {
-        a[i+1] += a[i+0] >> 57; a[i+0] &= 0x1ffffffffffffffL;
-        a[i+2] += a[i+1] >> 57; a[i+1] &= 0x1ffffffffffffffL;
-        a[i+3] += a[i+2] >> 57; a[i+2] &= 0x1ffffffffffffffL;
-        a[i+4] += a[i+3] >> 57; a[i+3] &= 0x1ffffffffffffffL;
-        a[i+5] += a[i+4] >> 57; a[i+4] &= 0x1ffffffffffffffL;
-        a[i+6] += a[i+5] >> 57; a[i+5] &= 0x1ffffffffffffffL;
-        a[i+7] += a[i+6] >> 57; a[i+6] &= 0x1ffffffffffffffL;
-        a[i+8] += a[i+7] >> 57; a[i+7] &= 0x1ffffffffffffffL;
-    }
-    a[25] += a[24] >> 57; a[24] &= 0x1ffffffffffffffL;
-    a[26] += a[25] >> 57; a[25] &= 0x1ffffffffffffffL;
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 57 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_3072_norm_54(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 48; i += 8) {
-        a[i+1] += a[i+0] >> 57; a[i+0] &= 0x1ffffffffffffffL;
-        a[i+2] += a[i+1] >> 57; a[i+1] &= 0x1ffffffffffffffL;
-        a[i+3] += a[i+2] >> 57; a[i+2] &= 0x1ffffffffffffffL;
-        a[i+4] += a[i+3] >> 57; a[i+3] &= 0x1ffffffffffffffL;
-        a[i+5] += a[i+4] >> 57; a[i+4] &= 0x1ffffffffffffffL;
-        a[i+6] += a[i+5] >> 57; a[i+5] &= 0x1ffffffffffffffL;
-        a[i+7] += a[i+6] >> 57; a[i+6] &= 0x1ffffffffffffffL;
-        a[i+8] += a[i+7] >> 57; a[i+7] &= 0x1ffffffffffffffL;
-    }
-    a[49] += a[48] >> 57; a[48] &= 0x1ffffffffffffffL;
-    a[50] += a[49] >> 57; a[49] &= 0x1ffffffffffffffL;
-    a[51] += a[50] >> 57; a[50] &= 0x1ffffffffffffffL;
-    a[52] += a[51] >> 57; a[51] &= 0x1ffffffffffffffL;
-    a[53] += a[52] >> 57; a[52] &= 0x1ffffffffffffffL;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_uint128 t0;
-    sp_uint128 t1;
-    sp_digit t[9];
-
-    t0 = ((sp_uint128)a[ 0]) * b[ 0];
-    t1 = ((sp_uint128)a[ 0]) * b[ 1]
-       + ((sp_uint128)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 2]
-       + ((sp_uint128)a[ 1]) * b[ 1]
-       + ((sp_uint128)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 0]) * b[ 3]
-       + ((sp_uint128)a[ 1]) * b[ 2]
-       + ((sp_uint128)a[ 2]) * b[ 1]
-       + ((sp_uint128)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 4]
-       + ((sp_uint128)a[ 1]) * b[ 3]
-       + ((sp_uint128)a[ 2]) * b[ 2]
-       + ((sp_uint128)a[ 3]) * b[ 1]
-       + ((sp_uint128)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 0]) * b[ 5]
-       + ((sp_uint128)a[ 1]) * b[ 4]
-       + ((sp_uint128)a[ 2]) * b[ 3]
-       + ((sp_uint128)a[ 3]) * b[ 2]
-       + ((sp_uint128)a[ 4]) * b[ 1]
-       + ((sp_uint128)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 6]
-       + ((sp_uint128)a[ 1]) * b[ 5]
-       + ((sp_uint128)a[ 2]) * b[ 4]
-       + ((sp_uint128)a[ 3]) * b[ 3]
-       + ((sp_uint128)a[ 4]) * b[ 2]
-       + ((sp_uint128)a[ 5]) * b[ 1]
-       + ((sp_uint128)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 0]) * b[ 7]
-       + ((sp_uint128)a[ 1]) * b[ 6]
-       + ((sp_uint128)a[ 2]) * b[ 5]
-       + ((sp_uint128)a[ 3]) * b[ 4]
-       + ((sp_uint128)a[ 4]) * b[ 3]
-       + ((sp_uint128)a[ 5]) * b[ 2]
-       + ((sp_uint128)a[ 6]) * b[ 1]
-       + ((sp_uint128)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 0]) * b[ 8]
-       + ((sp_uint128)a[ 1]) * b[ 7]
-       + ((sp_uint128)a[ 2]) * b[ 6]
-       + ((sp_uint128)a[ 3]) * b[ 5]
-       + ((sp_uint128)a[ 4]) * b[ 4]
-       + ((sp_uint128)a[ 5]) * b[ 3]
-       + ((sp_uint128)a[ 6]) * b[ 2]
-       + ((sp_uint128)a[ 7]) * b[ 1]
-       + ((sp_uint128)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 1]) * b[ 8]
-       + ((sp_uint128)a[ 2]) * b[ 7]
-       + ((sp_uint128)a[ 3]) * b[ 6]
-       + ((sp_uint128)a[ 4]) * b[ 5]
-       + ((sp_uint128)a[ 5]) * b[ 4]
-       + ((sp_uint128)a[ 6]) * b[ 3]
-       + ((sp_uint128)a[ 7]) * b[ 2]
-       + ((sp_uint128)a[ 8]) * b[ 1];
-    t[ 8] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 2]) * b[ 8]
-       + ((sp_uint128)a[ 3]) * b[ 7]
-       + ((sp_uint128)a[ 4]) * b[ 6]
-       + ((sp_uint128)a[ 5]) * b[ 5]
-       + ((sp_uint128)a[ 6]) * b[ 4]
-       + ((sp_uint128)a[ 7]) * b[ 3]
-       + ((sp_uint128)a[ 8]) * b[ 2];
-    r[ 9] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 3]) * b[ 8]
-       + ((sp_uint128)a[ 4]) * b[ 7]
-       + ((sp_uint128)a[ 5]) * b[ 6]
-       + ((sp_uint128)a[ 6]) * b[ 5]
-       + ((sp_uint128)a[ 7]) * b[ 4]
-       + ((sp_uint128)a[ 8]) * b[ 3];
-    r[10] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 4]) * b[ 8]
-       + ((sp_uint128)a[ 5]) * b[ 7]
-       + ((sp_uint128)a[ 6]) * b[ 6]
-       + ((sp_uint128)a[ 7]) * b[ 5]
-       + ((sp_uint128)a[ 8]) * b[ 4];
-    r[11] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 5]) * b[ 8]
-       + ((sp_uint128)a[ 6]) * b[ 7]
-       + ((sp_uint128)a[ 7]) * b[ 6]
-       + ((sp_uint128)a[ 8]) * b[ 5];
-    r[12] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 6]) * b[ 8]
-       + ((sp_uint128)a[ 7]) * b[ 7]
-       + ((sp_uint128)a[ 8]) * b[ 6];
-    r[13] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_uint128)a[ 7]) * b[ 8]
-       + ((sp_uint128)a[ 8]) * b[ 7];
-    r[14] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_uint128)a[ 8]) * b[ 8];
-    r[15] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    r[16] = (sp_digit)(t0 & 0x1ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 57);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[16] = a[16] - b[16];
-    r[17] = a[17] - b[17];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[16] = a[16] + b[16];
-    r[17] = a[17] + b[17];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_27(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit p0[18];
-    sp_digit p1[18];
-    sp_digit p2[18];
-    sp_digit p3[18];
-    sp_digit p4[18];
-    sp_digit p5[18];
-    sp_digit t0[18];
-    sp_digit t1[18];
-    sp_digit t2[18];
-    sp_digit a0[9];
-    sp_digit a1[9];
-    sp_digit a2[9];
-    sp_digit b0[9];
-    sp_digit b1[9];
-    sp_digit b2[9];
-    (void)sp_3072_add_9(a0, a, &a[9]);
-    (void)sp_3072_add_9(b0, b, &b[9]);
-    (void)sp_3072_add_9(a1, &a[9], &a[18]);
-    (void)sp_3072_add_9(b1, &b[9], &b[18]);
-    (void)sp_3072_add_9(a2, a0, &a[18]);
-    (void)sp_3072_add_9(b2, b0, &b[18]);
-    sp_3072_mul_9(p0, a, b);
-    sp_3072_mul_9(p2, &a[9], &b[9]);
-    sp_3072_mul_9(p4, &a[18], &b[18]);
-    sp_3072_mul_9(p1, a0, b0);
-    sp_3072_mul_9(p3, a1, b1);
-    sp_3072_mul_9(p5, a2, b2);
-    XMEMSET(r, 0, sizeof(*r)*2U*27U);
-    (void)sp_3072_sub_18(t0, p3, p2);
-    (void)sp_3072_sub_18(t1, p1, p2);
-    (void)sp_3072_sub_18(t2, p5, t0);
-    (void)sp_3072_sub_18(t2, t2, t1);
-    (void)sp_3072_sub_18(t0, t0, p4);
-    (void)sp_3072_sub_18(t1, t1, p0);
-    (void)sp_3072_add_18(r, r, p0);
-    (void)sp_3072_add_18(&r[9], &r[9], t1);
-    (void)sp_3072_add_18(&r[18], &r[18], t2);
-    (void)sp_3072_add_18(&r[27], &r[27], t0);
-    (void)sp_3072_add_18(&r[36], &r[36], p4);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[24] = a[24] + b[24];
-    r[25] = a[25] + b[25];
-    r[26] = a[26] + b[26];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_add_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[48] = a[48] + b[48];
-    r[49] = a[49] + b[49];
-    r[50] = a[50] + b[50];
-    r[51] = a[51] + b[51];
-    r[52] = a[52] + b[52];
-    r[53] = a[53] + b[53];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[48] = a[48] - b[48];
-    r[49] = a[49] - b[49];
-    r[50] = a[50] - b[50];
-    r[51] = a[51] - b[51];
-    r[52] = a[52] - b[52];
-    r[53] = a[53] - b[53];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_54(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[54];
-    sp_digit* a1 = z1;
-    sp_digit b1[27];
-    sp_digit* z2 = r + 54;
-    (void)sp_3072_add_27(a1, a, &a[27]);
-    (void)sp_3072_add_27(b1, b, &b[27]);
-    sp_3072_mul_27(z2, &a[27], &b[27]);
-    sp_3072_mul_27(z0, a, b);
-    sp_3072_mul_27(z1, a1, b1);
-    (void)sp_3072_sub_54(z1, z1, z2);
-    (void)sp_3072_sub_54(z1, z1, z0);
-    (void)sp_3072_add_54(r + 27, r + 27, z1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_uint128 t0;
-    sp_uint128 t1;
-    sp_digit t[9];
-
-    t0 =  ((sp_uint128)a[ 0]) * a[ 0];
-    t1 = (((sp_uint128)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 2]) * 2
-       +  ((sp_uint128)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 0]) * a[ 3]
-       +  ((sp_uint128)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 4]
-       +  ((sp_uint128)a[ 1]) * a[ 3]) * 2
-       +  ((sp_uint128)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 0]) * a[ 5]
-       +  ((sp_uint128)a[ 1]) * a[ 4]
-       +  ((sp_uint128)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 6]
-       +  ((sp_uint128)a[ 1]) * a[ 5]
-       +  ((sp_uint128)a[ 2]) * a[ 4]) * 2
-       +  ((sp_uint128)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 0]) * a[ 7]
-       +  ((sp_uint128)a[ 1]) * a[ 6]
-       +  ((sp_uint128)a[ 2]) * a[ 5]
-       +  ((sp_uint128)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 0]) * a[ 8]
-       +  ((sp_uint128)a[ 1]) * a[ 7]
-       +  ((sp_uint128)a[ 2]) * a[ 6]
-       +  ((sp_uint128)a[ 3]) * a[ 5]) * 2
-       +  ((sp_uint128)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 1]) * a[ 8]
-       +  ((sp_uint128)a[ 2]) * a[ 7]
-       +  ((sp_uint128)a[ 3]) * a[ 6]
-       +  ((sp_uint128)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 2]) * a[ 8]
-       +  ((sp_uint128)a[ 3]) * a[ 7]
-       +  ((sp_uint128)a[ 4]) * a[ 6]) * 2
-       +  ((sp_uint128)a[ 5]) * a[ 5];
-    r[ 9] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 3]) * a[ 8]
-       +  ((sp_uint128)a[ 4]) * a[ 7]
-       +  ((sp_uint128)a[ 5]) * a[ 6]) * 2;
-    r[10] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 4]) * a[ 8]
-       +  ((sp_uint128)a[ 5]) * a[ 7]) * 2
-       +  ((sp_uint128)a[ 6]) * a[ 6];
-    r[11] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 5]) * a[ 8]
-       +  ((sp_uint128)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_uint128)a[ 6]) * a[ 8]) * 2
-       +  ((sp_uint128)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_uint128)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 =  ((sp_uint128)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    r[16] = (sp_digit)(t0 & 0x1ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 57);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a into r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_27(sp_digit* r, const sp_digit* a)
-{
-    sp_digit p0[18];
-    sp_digit p1[18];
-    sp_digit p2[18];
-    sp_digit p3[18];
-    sp_digit p4[18];
-    sp_digit p5[18];
-    sp_digit t0[18];
-    sp_digit t1[18];
-    sp_digit t2[18];
-    sp_digit a0[9];
-    sp_digit a1[9];
-    sp_digit a2[9];
-    (void)sp_3072_add_9(a0, a, &a[9]);
-    (void)sp_3072_add_9(a1, &a[9], &a[18]);
-    (void)sp_3072_add_9(a2, a0, &a[18]);
-    sp_3072_sqr_9(p0, a);
-    sp_3072_sqr_9(p2, &a[9]);
-    sp_3072_sqr_9(p4, &a[18]);
-    sp_3072_sqr_9(p1, a0);
-    sp_3072_sqr_9(p3, a1);
-    sp_3072_sqr_9(p5, a2);
-    XMEMSET(r, 0, sizeof(*r)*2U*27U);
-    (void)sp_3072_sub_18(t0, p3, p2);
-    (void)sp_3072_sub_18(t1, p1, p2);
-    (void)sp_3072_sub_18(t2, p5, t0);
-    (void)sp_3072_sub_18(t2, t2, t1);
-    (void)sp_3072_sub_18(t0, t0, p4);
-    (void)sp_3072_sub_18(t1, t1, p0);
-    (void)sp_3072_add_18(r, r, p0);
-    (void)sp_3072_add_18(&r[9], &r[9], t1);
-    (void)sp_3072_add_18(&r[18], &r[18], t2);
-    (void)sp_3072_add_18(&r[27], &r[27], t0);
-    (void)sp_3072_add_18(&r[36], &r[36], p4);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_54(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[54];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 54;
-    (void)sp_3072_add_27(a1, a, &a[27]);
-    sp_3072_sqr_27(z2, &a[27]);
-    sp_3072_sqr_27(z0, a);
-    sp_3072_sqr_27(z1, a1);
-    (void)sp_3072_sub_54(z1, z1, z2);
-    (void)sp_3072_sub_54(z1, z1, z0);
-    (void)sp_3072_add_54(r + 27, r + 27, z1);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-    x &= 0x1ffffffffffffffL;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 57) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_54(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 52; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[52];
-    r[52] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    t += tb * a[53];
-    r[53] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    r[54] = (sp_digit)(t & 0x1ffffffffffffffL);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_3072_sub_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[24] = a[24] - b[24];
-    r[25] = a[25] - b[25];
-    r[26] = a[26] - b[26];
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_27(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = 0x1ffffffffffffffL;
-        r[i + 1] = 0x1ffffffffffffffL;
-        r[i + 2] = 0x1ffffffffffffffL;
-        r[i + 3] = 0x1ffffffffffffffL;
-        r[i + 4] = 0x1ffffffffffffffL;
-        r[i + 5] = 0x1ffffffffffffffL;
-        r[i + 6] = 0x1ffffffffffffffL;
-        r[i + 7] = 0x1ffffffffffffffL;
-    }
-    r[24] = 0x1ffffffffffffffL;
-    r[25] = 0x1ffffffffffffffL;
-    r[26] = 0x3fffffffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_27(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_27(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[26] - b[26]) & (0 - (sp_digit)1);
-    r |= (a[25] - b[25]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[24] - b[24]) & ~(((sp_digit)0 - r) >> 56);
-    for (i = 16; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 56);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[24] = a[24] - (b[24] & m);
-    r[25] = a[25] - (b[25] & m);
-    r[26] = a[26] - (b[26] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_27(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffffffffffffL);
-    for (i = 0; i < 24; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 57) + (t[4] & 0x1ffffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 57) + (t[5] & 0x1ffffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 57) + (t[6] & 0x1ffffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 57) + (t[7] & 0x1ffffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 57) + (t[0] & 0x1ffffffffffffffL));
-    }
-    t[1] = tb * a[25];
-    r[25] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-    t[2] = tb * a[26];
-    r[26] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-    r[27] +=  (sp_digit)(t[2] >> 57);
-}
-
-/* Shift the result in the high 1536 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_27(sp_digit* r, const sp_digit* a)
-{
-    sp_digit n;
-    sp_digit s;
-    int i;
-
-    s = a[27]; n = a[26] >> 54;
-    for (i = 0; i < 24; i += 8) {
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+0] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+28] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+1] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+29] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+2] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+30] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+3] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+31] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+4] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+32] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+5] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+33] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+6] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+34] + (s >> 57);
-        n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[i+7] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; s = a[i+35] + (s >> 57);
-    }
-    n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[24] = (sp_digit)(n & 0x1ffffffffffffffL);
-    n >>= 57; s = a[52] + (s >> 57);
-    n += (sp_digit)((s & 0x1ffffffffffffffL) << 3); r[25] = (sp_digit)(n & 0x1ffffffffffffffL);
-    n >>= 57; s = a[53] + (s >> 57);
-    n += s << 3;              r[26] = n;
-    XMEMSET(&r[27], 0, sizeof(*r) * 27U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_27(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_27(a + 27);
-
-    for (i=0; i<26; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-        sp_3072_mul_add_27(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x3fffffffffffffL);
-    sp_3072_mul_add_27(a+i, m, mu);
-    a[i+1] += a[i] >> 57;
-    a[i] &= 0x1ffffffffffffffL;
-    sp_3072_mont_shift_27(a, a);
-    over = a[26] - m[26];
-    sp_3072_cond_sub_27(a, a, m, ~((over - 1) >> 63));
-    sp_3072_norm_27(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_27(r, a, b);
-    sp_3072_mont_reduce_27(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_27(r, a);
-    sp_3072_mont_reduce_27(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_27(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 24; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[24];
-    r[24] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    t += tb * a[25];
-    r[25] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    t += tb * a[26];
-    r[26] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    r[27] = (sp_digit)(t & 0x1ffffffffffffffL);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_27(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[24] = a[24] + (b[24] & m);
-    r[25] = a[25] + (b[25] & m);
-    r[26] = a[26] + (b[26] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_3072_rshift_27(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<24; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL);
-    }
-    r[24] = (a[24] >> n) | (sp_digit)((a[25] << (57 - n)) & 0x1ffffffffffffffL);
-    r[25] = (a[25] >> n) | (sp_digit)((a[26] << (57 - n)) & 0x1ffffffffffffffL);
-    r[26] = a[26] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_27(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 57);
-    sp_digit t0 = (sp_digit)(d & 0x1ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 55; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 56) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 57);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 114) - (sp_digit)(d >> 114);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 26) + 1;
-
-    t = (sp_digit)(d >> 52);
-    t = (t / dv) << 26;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 21);
-    t = t / (dv << 5);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_27(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_27(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 27 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 27 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 54 + 1;
-        sd = t2 + 27 + 1;
-
-        sp_3072_mul_d_27(sd, d, (sp_digit)1 << 3);
-        sp_3072_mul_d_54(t1, a, (sp_digit)1 << 3);
-        dv = sd[26];
-        t1[27 + 27] += t1[27 + 27 - 1] >> 57;
-        t1[27 + 27 - 1] &= 0x1ffffffffffffffL;
-        for (i=27; i>=0; i--) {
-            r1 = sp_3072_div_word_27(t1[27 + i], t1[27 + i - 1], dv);
-
-            sp_3072_mul_d_27(t2, sd, r1);
-            (void)sp_3072_sub_27(&t1[i], &t1[i], t2);
-            sp_3072_norm_27(&t1[i]);
-            t1[27 + i] -= t2[27];
-            t1[27 + i] += t1[27 + i - 1] >> 57;
-            t1[27 + i - 1] &= 0x1ffffffffffffffL;
-            r1 = sp_3072_div_word_27(-t1[27 + i], -t1[27 + i - 1], dv);
-            r1 -= t1[27 + i];
-            sp_3072_mul_d_27(t2, sd, r1);
-            (void)sp_3072_add_27(&t1[i], &t1[i], t2);
-            t1[27 + i] += t1[27 + i - 1] >> 57;
-            t1[27 + i - 1] &= 0x1ffffffffffffffL;
-        }
-        t1[27 - 1] += t1[27 - 2] >> 57;
-        t1[27 - 2] &= 0x1ffffffffffffffL;
-        r1 = sp_3072_word_div_word_27(t1[27 - 1], dv);
-
-        sp_3072_mul_d_27(t2, sd, r1);
-        sp_3072_sub_27(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 54U);
-        for (i=0; i<26; i++) {
-            r[i+1] += r[i] >> 57;
-            r[i] &= 0x1ffffffffffffffL;
-        }
-        sp_3072_cond_add_27(r, r, sd, r[26] >> 63);
-
-        sp_3072_norm_27(r);
-        sp_3072_rshift_27(r, r, 3);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_27(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_27(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_27(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 54);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 54, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 27 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 27U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_27(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_27(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 27U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_27(t[1], t[1], norm);
-        err = sp_3072_mod_27(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_27(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 27 * 2);
-            sp_3072_mont_sqr_27(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 27 * 2);
-        }
-
-        sp_3072_mont_reduce_27(t[0], m, mp);
-        n = sp_3072_cmp_27(t[0], m);
-        sp_3072_cond_sub_27(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 27 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 54);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 54, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 27 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_27(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_27(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_27(t[1], t[1], norm);
-                err = sp_3072_mod_27(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_27(t[1], a, norm);
-            err = sp_3072_mod_27(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_27(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 27 * 2);
-            sp_3072_mont_sqr_27(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 27 * 2);
-        }
-
-        sp_3072_mont_reduce_27(t[0], m, mp);
-        n = sp_3072_cmp_27(t[0], m);
-        sp_3072_cond_sub_27(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 27 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 54) + 54);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 54) + 54, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 54;
-        rt = td + 1728;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_27(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_27(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_27(t[1], t[1], norm);
-                err = sp_3072_mod_27(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_27(t[1], a, norm);
-            err = sp_3072_mod_27(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_27(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_27(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_27(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_27(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_27(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_27(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_27(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_27(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_27(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_27(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_27(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_27(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_27(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_27(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_27(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_27(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_27(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_27(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_27(t[20], t[10], m, mp);
-        sp_3072_mont_mul_27(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_27(t[22], t[11], m, mp);
-        sp_3072_mont_mul_27(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_27(t[24], t[12], m, mp);
-        sp_3072_mont_mul_27(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_27(t[26], t[13], m, mp);
-        sp_3072_mont_mul_27(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_27(t[28], t[14], m, mp);
-        sp_3072_mont_mul_27(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_27(t[30], t[15], m, mp);
-        sp_3072_mont_mul_27(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 56) / 57) - 1;
-        c = bits % 57;
-        if (c == 0) {
-            c = 57;
-        }
-        if (i < 27) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (7 - c);
-            c += 57;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 54);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 7;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 52;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 7;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 57 - c;
-            }
-
-            sp_3072_mont_sqr_27(rt, rt, m, mp);
-            sp_3072_mont_sqr_27(rt, rt, m, mp);
-            sp_3072_mont_sqr_27(rt, rt, m, mp);
-            sp_3072_mont_sqr_27(rt, rt, m, mp);
-            sp_3072_mont_sqr_27(rt, rt, m, mp);
-
-            sp_3072_mont_mul_27(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_27(rt, m, mp);
-        n = sp_3072_cmp_27(rt, m);
-        sp_3072_cond_sub_27(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 54);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_54(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = 0x1ffffffffffffffL;
-        r[i + 1] = 0x1ffffffffffffffL;
-        r[i + 2] = 0x1ffffffffffffffL;
-        r[i + 3] = 0x1ffffffffffffffL;
-        r[i + 4] = 0x1ffffffffffffffL;
-        r[i + 5] = 0x1ffffffffffffffL;
-        r[i + 6] = 0x1ffffffffffffffL;
-        r[i + 7] = 0x1ffffffffffffffL;
-    }
-    r[48] = 0x1ffffffffffffffL;
-    r[49] = 0x1ffffffffffffffL;
-    r[50] = 0x1ffffffffffffffL;
-    r[51] = 0x1ffffffffffffffL;
-    r[52] = 0x1ffffffffffffffL;
-    r[53] = 0x7ffffffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_3072_sub_54(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_3072_cmp_54(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[53] - b[53]) & (0 - (sp_digit)1);
-    r |= (a[52] - b[52]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[51] - b[51]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[50] - b[50]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[49] - b[49]) & ~(((sp_digit)0 - r) >> 56);
-    r |= (a[48] - b[48]) & ~(((sp_digit)0 - r) >> 56);
-    for (i = 40; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 56);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_sub_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[48] = a[48] - (b[48] & m);
-    r[49] = a[49] - (b[49] & m);
-    r[50] = a[50] - (b[50] & m);
-    r[51] = a[51] - (b[51] & m);
-    r[52] = a[52] - (b[52] & m);
-    r[53] = a[53] - (b[53] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_add_54(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffffffffffffL);
-    for (i = 0; i < 48; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 57) + (t[4] & 0x1ffffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 57) + (t[5] & 0x1ffffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 57) + (t[6] & 0x1ffffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 57) + (t[7] & 0x1ffffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 57) + (t[0] & 0x1ffffffffffffffL));
-    }
-    t[1] = tb * a[49];
-    r[49] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-    t[2] = tb * a[50];
-    r[50] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-    t[3] = tb * a[51];
-    r[51] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-    t[4] = tb * a[52];
-    r[52] += (sp_digit)((t[3] >> 57) + (t[4] & 0x1ffffffffffffffL));
-    t[5] = tb * a[53];
-    r[53] += (sp_digit)((t[4] >> 57) + (t[5] & 0x1ffffffffffffffL));
-    r[54] +=  (sp_digit)(t[5] >> 57);
-}
-
-/* Shift the result in the high 3072 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_3072_mont_shift_54(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[53] >> 51;
-    n += ((sp_int128)a[54]) << 6;
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 55]) << 6;
-        r[i + 1] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 56]) << 6;
-        r[i + 2] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 57]) << 6;
-        r[i + 3] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 58]) << 6;
-        r[i + 4] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 59]) << 6;
-        r[i + 5] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 60]) << 6;
-        r[i + 6] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 61]) << 6;
-        r[i + 7] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57; n += ((sp_int128)a[i + 62]) << 6;
-    }
-    r[48] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; n += ((sp_int128)a[103]) << 6;
-    r[49] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; n += ((sp_int128)a[104]) << 6;
-    r[50] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; n += ((sp_int128)a[105]) << 6;
-    r[51] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; n += ((sp_int128)a[106]) << 6;
-    r[52] = (sp_digit)(n & 0x1ffffffffffffffL); n >>= 57; n += ((sp_int128)a[107]) << 6;
-    r[53] = (sp_digit)n;
-    XMEMSET(&r[54], 0, sizeof(*r) * 54U);
-}
-
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_3072_mont_reduce_54(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_3072_norm_54(a + 54);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<53; i++) {
-            mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-            sp_3072_mul_add_54(a+i, m, mu);
-            a[i+1] += a[i] >> 57;
-        }
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffffffL);
-        sp_3072_mul_add_54(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-    else {
-        for (i=0; i<53; i++) {
-            mu = (sp_digit)(a[i] & 0x1ffffffffffffffL);
-            sp_3072_mul_add_54(a+i, m, mu);
-            a[i+1] += a[i] >> 57;
-        }
-        mu = (sp_digit)(a[i] & 0x7ffffffffffffL);
-        sp_3072_mul_add_54(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-#else
-    for (i=0; i<53; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-        sp_3072_mul_add_54(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffffffL);
-    sp_3072_mul_add_54(a+i, m, mu);
-    a[i+1] += a[i] >> 57;
-    a[i] &= 0x1ffffffffffffffL;
-#endif
-    sp_3072_mont_shift_54(a, a);
-    over = a[53] - m[53];
-    sp_3072_cond_sub_54(a, a, m, ~((over - 1) >> 63));
-    sp_3072_norm_54(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_54(r, a, b);
-    sp_3072_mont_reduce_54(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_54(r, a);
-    sp_3072_mont_reduce_54(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_3072_mul_d_108(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 108; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[108] = (sp_digit)(t & 0x1ffffffffffffffL);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_3072_cond_add_54(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[48] = a[48] + (b[48] & m);
-    r[49] = a[49] + (b[49] & m);
-    r[50] = a[50] + (b[50] & m);
-    r[51] = a[51] + (b[51] & m);
-    r[52] = a[52] + (b[52] & m);
-    r[53] = a[53] + (b[53] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_3072_rshift_54(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<48; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL);
-    }
-    r[48] = (a[48] >> n) | (sp_digit)((a[49] << (57 - n)) & 0x1ffffffffffffffL);
-    r[49] = (a[49] >> n) | (sp_digit)((a[50] << (57 - n)) & 0x1ffffffffffffffL);
-    r[50] = (a[50] >> n) | (sp_digit)((a[51] << (57 - n)) & 0x1ffffffffffffffL);
-    r[51] = (a[51] >> n) | (sp_digit)((a[52] << (57 - n)) & 0x1ffffffffffffffL);
-    r[52] = (a[52] >> n) | (sp_digit)((a[53] << (57 - n)) & 0x1ffffffffffffffL);
-    r[53] = a[53] >> n;
-}
-
-static WC_INLINE sp_digit sp_3072_div_word_54(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 57);
-    sp_digit t0 = (sp_digit)(d & 0x1ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 55; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 56) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 57);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 114) - (sp_digit)(d >> 114);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 26) + 1;
-
-    t = (sp_digit)(d >> 52);
-    t = (t / dv) << 26;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 21);
-    t = t / (dv << 5);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_3072_word_div_word_54(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_div_54(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 54 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 54 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 108 + 1;
-        sd = t2 + 54 + 1;
-
-        sp_3072_mul_d_54(sd, d, (sp_digit)1 << 6);
-        sp_3072_mul_d_108(t1, a, (sp_digit)1 << 6);
-        dv = sd[53];
-        t1[54 + 54] += t1[54 + 54 - 1] >> 57;
-        t1[54 + 54 - 1] &= 0x1ffffffffffffffL;
-        for (i=54; i>=0; i--) {
-            r1 = sp_3072_div_word_54(t1[54 + i], t1[54 + i - 1], dv);
-
-            sp_3072_mul_d_54(t2, sd, r1);
-            (void)sp_3072_sub_54(&t1[i], &t1[i], t2);
-            sp_3072_norm_54(&t1[i]);
-            t1[54 + i] -= t2[54];
-            t1[54 + i] += t1[54 + i - 1] >> 57;
-            t1[54 + i - 1] &= 0x1ffffffffffffffL;
-            r1 = sp_3072_div_word_54(-t1[54 + i], -t1[54 + i - 1], dv);
-            r1 -= t1[54 + i];
-            sp_3072_mul_d_54(t2, sd, r1);
-            (void)sp_3072_add_54(&t1[i], &t1[i], t2);
-            t1[54 + i] += t1[54 + i - 1] >> 57;
-            t1[54 + i - 1] &= 0x1ffffffffffffffL;
-        }
-        t1[54 - 1] += t1[54 - 2] >> 57;
-        t1[54 - 2] &= 0x1ffffffffffffffL;
-        r1 = sp_3072_word_div_word_54(t1[54 - 1], dv);
-
-        sp_3072_mul_d_54(t2, sd, r1);
-        sp_3072_sub_54(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 108U);
-        for (i=0; i<53; i++) {
-            r[i+1] += r[i] >> 57;
-            r[i] &= 0x1ffffffffffffffL;
-        }
-        sp_3072_cond_add_54(r, r, sd, r[53] >> 63);
-
-        sp_3072_norm_54(r);
-        sp_3072_rshift_54(r, r, 6);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_3072_mod_54(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_54(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_54(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 108);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 108, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 54 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 54U * 2U);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_54(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_54(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 54U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_54(t[1], t[1], norm);
-        err = sp_3072_mod_54(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_54(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 54 * 2);
-            sp_3072_mont_sqr_54(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 54 * 2);
-        }
-
-        sp_3072_mont_reduce_54(t[0], m, mp);
-        n = sp_3072_cmp_54(t[0], m);
-        sp_3072_cond_sub_54(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 54 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 108);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 108, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 54 * 2);
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_54(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_54(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_54(t[1], t[1], norm);
-                err = sp_3072_mod_54(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_54(t[1], a, norm);
-            err = sp_3072_mod_54(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 57;
-        c = bits % 57;
-        n = e[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 57;
-            }
-
-            y = (int)((n >> 56) & 1);
-            n <<= 1;
-
-            sp_3072_mont_mul_54(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 54 * 2);
-            sp_3072_mont_sqr_54(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 54 * 2);
-        }
-
-        sp_3072_mont_reduce_54(t[0], m, mp);
-        n = sp_3072_cmp_54(t[0], m);
-        sp_3072_cond_sub_54(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 54 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 108) + 108);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 108) + 108, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 108;
-        rt = td + 1728;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_54(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_3072_mod_54(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_54(t[1], t[1], norm);
-                err = sp_3072_mod_54(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_3072_mul_54(t[1], a, norm);
-            err = sp_3072_mod_54(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_54(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_54(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_54(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_54(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_54(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_54(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_54(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_54(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_54(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_54(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_54(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_54(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_54(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_54(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 56) / 57) - 1;
-        c = bits % 57;
-        if (c == 0) {
-            c = 57;
-        }
-        if (i < 54) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (7 - c);
-            c += 57;
-        }
-        y = (int)((n >> 60) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 108);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 7;
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c = 53;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n = e[i--] << 7;
-                c = 4 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 57 - c;
-            }
-
-            sp_3072_mont_sqr_54(rt, rt, m, mp);
-            sp_3072_mont_sqr_54(rt, rt, m, mp);
-            sp_3072_mont_sqr_54(rt, rt, m, mp);
-            sp_3072_mont_sqr_54(rt, rt, m, mp);
-
-            sp_3072_mont_mul_54(rt, rt, t[y], m, mp);
-        }
-
-        sp_3072_mont_reduce_54(rt, m, mp);
-        n = sp_3072_cmp_54(rt, m);
-        sp_3072_cond_sub_54(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 108);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) || */
-       /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 54 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 54 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 54 * 2;
-        m = r + 54 * 2;
-        norm = r;
-
-        sp_3072_from_bin(a, 54, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 54, mm);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_54(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_mul_54(a, a, norm);
-        err = sp_3072_mod_54(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 54 * 2);
-        for (i--; i>=0; i--) {
-            sp_3072_mont_sqr_54(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_3072_mont_mul_54(r, r, a, m, mp);
-            }
-        }
-        sp_3072_mont_reduce_54(r, m, mp);
-        mp = sp_3072_cmp_54(r, m);
-        sp_3072_cond_sub_54(r, r, m, ~(mp >> 63));
-
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 54 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 54 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 54 * 2;
-        m = r + 54 * 2;
-
-        sp_3072_from_bin(a, 54, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 54, mm);
-
-        if (e[0] == 0x3) {
-            sp_3072_sqr_54(r, a);
-            err = sp_3072_mod_54(r, r, m);
-            if (err == MP_OKAY) {
-                sp_3072_mul_54(r, a, r);
-                err = sp_3072_mod_54(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-            sp_3072_mont_norm_54(norm, m);
-
-            sp_3072_mul_54(a, a, norm);
-            err = sp_3072_mod_54(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 108U);
-                for (i--; i>=0; i--) {
-                    sp_3072_mont_sqr_54(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_54(r, r, a, m, mp);
-                    }
-                }
-                sp_3072_mont_reduce_54(r, m, mp);
-                mp = sp_3072_cmp_54(r, m);
-                sp_3072_cond_sub_54(r, r, m, ~(mp >> 63));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 54 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 54 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 54;
-        m = a + 108;
-        r = a;
-
-        sp_3072_from_bin(a, 54, in, inLen);
-        sp_3072_from_mp(d, 54, dm);
-        sp_3072_from_mp(m, 54, mm);
-        err = sp_3072_mod_exp_54(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 54, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 54 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 54 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 54;
-        m = a + 108;
-        r = a;
-
-        sp_3072_from_bin(a, 54, in, inLen);
-        sp_3072_from_mp(d, 54, dm);
-        sp_3072_from_mp(m, 54, mm);
-        err = sp_3072_mod_exp_54(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 54, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 27 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 27 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 54;
-        qi = dq = dp = p + 27;
-        tmpa = qi + 27;
-        tmpb = tmpa + 54;
-        r = a;
-
-        sp_3072_from_bin(a, 54, in, inLen);
-        sp_3072_from_mp(p, 27, pm);
-        sp_3072_from_mp(dp, 27, dpm);
-        err = sp_3072_mod_exp_27(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 27, qm);
-        sp_3072_from_mp(dq, 27, dqm);
-        err = sp_3072_mod_exp_27(tmpb, a, dq, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 27, pm);
-        (void)sp_3072_sub_27(tmpa, tmpa, tmpb);
-        sp_3072_norm_27(tmpa);
-        sp_3072_cond_add_27(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[26] >> 63));
-        sp_3072_cond_add_27(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[26] >> 63));
-        sp_3072_norm_27(tmpa);
-
-        sp_3072_from_mp(qi, 27, qim);
-        sp_3072_mul_27(tmpa, tmpa, qi);
-        err = sp_3072_mod_27(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(p, 27, qm);
-        sp_3072_mul_27(tmpa, p, tmpa);
-        (void)sp_3072_add_54(r, tmpb, tmpa);
-        sp_3072_norm_54(r);
-
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 27 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 27 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 27 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 54 * 2;
-        q = p + 27;
-        dp = q + 27;
-        dq = dp + 27;
-        qi = dq + 27;
-        tmpa = qi + 27;
-        tmpb = tmpa + 54;
-        r = a;
-
-        sp_3072_from_bin(a, 54, in, inLen);
-        sp_3072_from_mp(p, 27, pm);
-        sp_3072_from_mp(q, 27, qm);
-        sp_3072_from_mp(dp, 27, dpm);
-        sp_3072_from_mp(dq, 27, dqm);
-        sp_3072_from_mp(qi, 27, qim);
-
-        err = sp_3072_mod_exp_27(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_3072_mod_exp_27(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_3072_sub_27(tmpa, tmpa, tmpb);
-        sp_3072_norm_27(tmpa);
-        sp_3072_cond_add_27(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[26] >> 63));
-        sp_3072_cond_add_27(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[26] >> 63));
-        sp_3072_norm_27(tmpa);
-        sp_3072_mul_27(tmpa, tmpa, qi);
-        err = sp_3072_mod_27(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_27(tmpa, tmpa, q);
-        (void)sp_3072_add_54(r, tmpb, tmpa);
-        sp_3072_norm_54(r);
-
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 27 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 57
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 54);
-        r->used = 54;
-        mp_clamp(r);
-#elif DIGIT_BIT < 57
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 54; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 57) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 57 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 54; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 57 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 57 - s;
-            }
-            else {
-                s += 57;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 54 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 54 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 54 * 2;
-        m = e + 54;
-        r = b;
-
-        sp_3072_from_mp(b, 54, base);
-        sp_3072_from_mp(e, 54, exp);
-        sp_3072_from_mp(m, 54, mod);
-
-        err = sp_3072_mod_exp_54(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 54U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 54 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 54 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 54 * 2;
-        m = e + 54;
-        r = b;
-
-        sp_3072_from_mp(b, 54, base);
-        sp_3072_from_mp(e, 54, exp);
-        sp_3072_from_mp(m, 54, mod);
-
-        err = sp_3072_mod_exp_54(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 54U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-SP_NOINLINE static void sp_3072_lshift_54(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[53];
-    r[54] = s >> (57U - n);
-    s = (sp_int_digit)(a[53]); t = (sp_int_digit)(a[52]);
-    r[53] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[52]); t = (sp_int_digit)(a[51]);
-    r[52] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[51]); t = (sp_int_digit)(a[50]);
-    r[51] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[50]); t = (sp_int_digit)(a[49]);
-    r[50] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[49]); t = (sp_int_digit)(a[48]);
-    r[49] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[48]); t = (sp_int_digit)(a[47]);
-    r[48] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[47]); t = (sp_int_digit)(a[46]);
-    r[47] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[46]); t = (sp_int_digit)(a[45]);
-    r[46] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[45]); t = (sp_int_digit)(a[44]);
-    r[45] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[44]); t = (sp_int_digit)(a[43]);
-    r[44] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[43]); t = (sp_int_digit)(a[42]);
-    r[43] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[42]); t = (sp_int_digit)(a[41]);
-    r[42] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[41]); t = (sp_int_digit)(a[40]);
-    r[41] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[40]); t = (sp_int_digit)(a[39]);
-    r[40] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[39]); t = (sp_int_digit)(a[38]);
-    r[39] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[38]); t = (sp_int_digit)(a[37]);
-    r[38] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[37]); t = (sp_int_digit)(a[36]);
-    r[37] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[36]); t = (sp_int_digit)(a[35]);
-    r[36] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (57U - n))) & 0x1ffffffffffffffUL);
-    r[0] = (sp_digit)((a[0] << n) & 0x1ffffffffffffffL);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_54(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 163);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 163, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 108;
-        XMEMSET(td, 0, sizeof(sp_digit) * 163);
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_54(norm, m);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 56) / 57) - 1;
-        c = bits % 57;
-        if (c == 0) {
-            c = 57;
-        }
-        if (i < 54) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (7 - c);
-            c += 57;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        sp_3072_lshift_54(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 7;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 52;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 7;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 57 - c;
-            }
-
-            sp_3072_mont_sqr_54(r, r, m, mp);
-            sp_3072_mont_sqr_54(r, r, m, mp);
-            sp_3072_mont_sqr_54(r, r, m, mp);
-            sp_3072_mont_sqr_54(r, r, m, mp);
-            sp_3072_mont_sqr_54(r, r, m, mp);
-
-            sp_3072_lshift_54(r, r, (byte)y);
-            sp_3072_mul_d_54(tmp, norm, (r[54] << 6) + (r[53] >> 51));
-            r[54] = 0;
-            r[53] &= 0x7ffffffffffffL;
-            (void)sp_3072_add_54(r, r, tmp);
-            sp_3072_norm_54(r);
-            o = sp_3072_cmp_54(r, m);
-            sp_3072_cond_sub_54(r, r, m, ~(o >> 63));
-        }
-
-        sp_3072_mont_reduce_54(r, m, mp);
-        n = sp_3072_cmp_54(r, m);
-        sp_3072_cond_sub_54(r, r, m, (sp_digit)~(n >> 63));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 54 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 54 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 54 * 2;
-        m = e + 54;
-        r = b;
-
-        sp_3072_from_mp(b, 54, base);
-        sp_3072_from_bin(e, 54, exp, expLen);
-        sp_3072_from_mp(m, 54, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2U &&
-                (m[53] >> 19) == 0xffffffffL) {
-            err = sp_3072_mod_exp_2_54(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_3072_mod_exp_54(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_3072
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_54(r, out);
-        *outLen = 384;
-        for (i=0; i<384U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 54U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 27 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 27 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 27 * 2;
-        m = e + 27;
-        r = b;
-
-        sp_3072_from_mp(b, 27, base);
-        sp_3072_from_mp(e, 27, exp);
-        sp_3072_from_mp(m, 27, mod);
-
-        err = sp_3072_mod_exp_27(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 27, 0, sizeof(*r) * 27U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 54U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 27 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 27 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 27 * 2;
-        m = e + 27;
-        r = b;
-
-        sp_3072_from_mp(b, 27, base);
-        sp_3072_from_mp(e, 27, exp);
-        sp_3072_from_mp(m, 27, mod);
-
-        err = sp_3072_mod_exp_27(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 27, 0, sizeof(*r) * 27U);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 54U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-#ifdef WOLFSSL_SP_SMALL
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 51U) {
-            r[j] &= 0x7ffffffffffffffL;
-            s = 59U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 59
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 58);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 58);
-    }
-#elif DIGIT_BIT > 59
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x7ffffffffffffffL;
-        s = 59U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 59U) <= (word32)DIGIT_BIT) {
-            s += 59U;
-            r[j] &= 0x7ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 59) {
-            r[j] &= 0x7ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 59 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_70(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<69; i++) {
-        r[i+1] += r[i] >> 59;
-        r[i] &= 0x7ffffffffffffffL;
-    }
-    j = 4103 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<70 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 59) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 59);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Normalize the values in each word to 59 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_35(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 34; i++) {
-        a[i+1] += a[i] >> 59;
-        a[i] &= 0x7ffffffffffffffL;
-    }
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 59 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_70(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 69; i++) {
-        a[i+1] += a[i] >> 59;
-        a[i] &= 0x7ffffffffffffffL;
-    }
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_70(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[69]) * b[69];
-    r[139] = (sp_digit)(c >> 59);
-    c &= 0x7ffffffffffffffL;
-    for (k = 137; k >= 0; k--) {
-        if (k >= 70) {
-            i = k - 69;
-            imax = 69;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 59;
-        r[k + 2] += (sp_digit)(c >> 59);
-        r[k + 1]  = (sp_digit)(c & 0x7ffffffffffffffL);
-        c = lo & 0x7ffffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_70(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[69]) * a[69];
-    r[139] = (sp_digit)(c >> 59);
-    c = (c & 0x7ffffffffffffffL) << 59;
-    for (k = 137; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 69) {
-            imax = k;
-        }
-        else {
-            imax = 69;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 118);
-        r[k + 1]  = (sp_digit)((c >> 59) & 0x7ffffffffffffffL);
-        c = (c & 0x7ffffffffffffffL) << 59;
-    }
-    r[0] = (sp_digit)(c >> 59);
-}
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-    x &= 0x7ffffffffffffffL;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 59) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_70(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 70; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x7ffffffffffffffL);
-        t >>= 59;
-    }
-    r[70] = (sp_digit)t;
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_35(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 35; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_35(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<34; i++) {
-        r[i] = 0x7ffffffffffffffL;
-    }
-    r[34] = 0x3ffffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_35(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_35(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=34; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 58);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_35(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 35; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_35(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 32; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x7ffffffffffffffL);
-        t[1] += t[0] >> 59;
-        r[i+1] = (sp_digit)(t[1] & 0x7ffffffffffffffL);
-        t[2] += t[1] >> 59;
-        r[i+2] = (sp_digit)(t[2] & 0x7ffffffffffffffL);
-        t[3] += t[2] >> 59;
-        r[i+3] = (sp_digit)(t[3] & 0x7ffffffffffffffL);
-        t[0]  = t[3] >> 59;
-    }
-    t[0] += (tb * a[32]) + r[32];
-    t[1]  = (tb * a[33]) + r[33];
-    t[2]  = (tb * a[34]) + r[34];
-    r[32] = (sp_digit)(t[0] & 0x7ffffffffffffffL);
-    t[1] += t[0] >> 59;
-    r[33] = (sp_digit)(t[1] & 0x7ffffffffffffffL);
-    t[2] += t[1] >> 59;
-    r[34] = (sp_digit)(t[2] & 0x7ffffffffffffffL);
-    r[35] +=  (sp_digit)(t[2] >> 59);
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_35(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[34] >> 42;
-    n += ((sp_int128)a[35]) << 17;
-
-    for (i = 0; i < 34; i++) {
-        r[i] = (sp_digit)(n & 0x7ffffffffffffffL);
-        n >>= 59;
-        n += ((sp_int128)a[36 + i]) << 17;
-    }
-    r[34] = (sp_digit)n;
-    XMEMSET(&r[35], 0, sizeof(*r) * 35U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_35(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_35(a + 35);
-
-    for (i=0; i<34; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffffffffL);
-        sp_4096_mul_add_35(a+i, m, mu);
-        a[i+1] += a[i] >> 59;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x3ffffffffffL);
-    sp_4096_mul_add_35(a+i, m, mu);
-    a[i+1] += a[i] >> 59;
-    a[i] &= 0x7ffffffffffffffL;
-    sp_4096_mont_shift_35(a, a);
-    over = a[34] - m[34];
-    sp_4096_cond_sub_35(a, a, m, ~((over - 1) >> 63));
-    sp_4096_norm_35(a);
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_35(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[34]) * b[34];
-    r[69] = (sp_digit)(c >> 59);
-    c &= 0x7ffffffffffffffL;
-    for (k = 67; k >= 0; k--) {
-        if (k >= 35) {
-            i = k - 34;
-            imax = 34;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 59;
-        r[k + 2] += (sp_digit)(c >> 59);
-        r[k + 1]  = (sp_digit)(c & 0x7ffffffffffffffL);
-        c = lo & 0x7ffffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_35(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_35(r, a, b);
-    sp_4096_mont_reduce_35(r, m, mp);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_35(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[34]) * a[34];
-    r[69] = (sp_digit)(c >> 59);
-    c = (c & 0x7ffffffffffffffL) << 59;
-    for (k = 67; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 34) {
-            imax = k;
-        }
-        else {
-            imax = 34;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 118);
-        r[k + 1]  = (sp_digit)((c >> 59) & 0x7ffffffffffffffL);
-        c = (c & 0x7ffffffffffffffL) << 59;
-    }
-    r[0] = (sp_digit)(c >> 59);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_35(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_35(r, a);
-    sp_4096_mont_reduce_35(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_35(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 35; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x7ffffffffffffffL);
-        t >>= 59;
-    }
-    r[35] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_35(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 35; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_35(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 35; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_4096_rshift_35(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<34; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (59 - n))) & 0x7ffffffffffffffL);
-    }
-    r[34] = a[34] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_35(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 59);
-    sp_digit t0 = (sp_digit)(d & 0x7ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 57; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 58) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 59);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 118) - (sp_digit)(d >> 118);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 28) + 1;
-
-    t = (sp_digit)(d >> 56);
-    t = (t / dv) << 28;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 25);
-    t = t / (dv << 3);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_35(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_35(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 35 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 35 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 70 + 1;
-        sd = t2 + 35 + 1;
-
-        sp_4096_mul_d_35(sd, d, (sp_digit)1 << 17);
-        sp_4096_mul_d_70(t1, a, (sp_digit)1 << 17);
-        dv = sd[34];
-        t1[35 + 35] += t1[35 + 35 - 1] >> 59;
-        t1[35 + 35 - 1] &= 0x7ffffffffffffffL;
-        for (i=35; i>=0; i--) {
-            r1 = sp_4096_div_word_35(t1[35 + i], t1[35 + i - 1], dv);
-
-            sp_4096_mul_d_35(t2, sd, r1);
-            (void)sp_4096_sub_35(&t1[i], &t1[i], t2);
-            sp_4096_norm_35(&t1[i]);
-            t1[35 + i] -= t2[35];
-            t1[35 + i] += t1[35 + i - 1] >> 59;
-            t1[35 + i - 1] &= 0x7ffffffffffffffL;
-            r1 = sp_4096_div_word_35(-t1[35 + i], -t1[35 + i - 1], dv);
-            r1 -= t1[35 + i];
-            sp_4096_mul_d_35(t2, sd, r1);
-            (void)sp_4096_add_35(&t1[i], &t1[i], t2);
-            t1[35 + i] += t1[35 + i - 1] >> 59;
-            t1[35 + i - 1] &= 0x7ffffffffffffffL;
-        }
-        t1[35 - 1] += t1[35 - 2] >> 59;
-        t1[35 - 2] &= 0x7ffffffffffffffL;
-        r1 = sp_4096_word_div_word_35(t1[35 - 1], dv);
-
-        sp_4096_mul_d_35(t2, sd, r1);
-        sp_4096_sub_35(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 70U);
-        for (i=0; i<34; i++) {
-            r[i+1] += r[i] >> 59;
-            r[i] &= 0x7ffffffffffffffL;
-        }
-        sp_4096_cond_add_35(r, r, sd, r[34] >> 63);
-
-        sp_4096_norm_35(r);
-        sp_4096_rshift_35(r, r, 17);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_35(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_35(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_35(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 70);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 70, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 35 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 35U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_35(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_35(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 35U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_35(t[1], t[1], norm);
-        err = sp_4096_mod_35(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 59;
-        c = bits % 59;
-        n = e[i--] << (59 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 59;
-            }
-
-            y = (int)((n >> 58) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_35(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 35 * 2);
-            sp_4096_mont_sqr_35(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 35 * 2);
-        }
-
-        sp_4096_mont_reduce_35(t[0], m, mp);
-        n = sp_4096_cmp_35(t[0], m);
-        sp_4096_cond_sub_35(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 35 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 70);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 70, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 35 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_35(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_35(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_35(t[1], t[1], norm);
-                err = sp_4096_mod_35(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_35(t[1], a, norm);
-            err = sp_4096_mod_35(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 59;
-        c = bits % 59;
-        n = e[i--] << (59 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 59;
-            }
-
-            y = (int)((n >> 58) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_35(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 35 * 2);
-            sp_4096_mont_sqr_35(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 35 * 2);
-        }
-
-        sp_4096_mont_reduce_35(t[0], m, mp);
-        n = sp_4096_cmp_35(t[0], m);
-        sp_4096_cond_sub_35(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 35 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 70) + 70);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 70) + 70, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 70;
-        rt = td + 2240;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_35(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_35(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_35(t[1], t[1], norm);
-                err = sp_4096_mod_35(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_35(t[1], a, norm);
-            err = sp_4096_mod_35(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_35(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_35(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_35(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_35(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_35(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_35(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_35(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_35(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_35(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_35(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_35(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_35(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_35(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_35(t[15], t[ 8], t[ 7], m, mp);
-        sp_4096_mont_sqr_35(t[16], t[ 8], m, mp);
-        sp_4096_mont_mul_35(t[17], t[ 9], t[ 8], m, mp);
-        sp_4096_mont_sqr_35(t[18], t[ 9], m, mp);
-        sp_4096_mont_mul_35(t[19], t[10], t[ 9], m, mp);
-        sp_4096_mont_sqr_35(t[20], t[10], m, mp);
-        sp_4096_mont_mul_35(t[21], t[11], t[10], m, mp);
-        sp_4096_mont_sqr_35(t[22], t[11], m, mp);
-        sp_4096_mont_mul_35(t[23], t[12], t[11], m, mp);
-        sp_4096_mont_sqr_35(t[24], t[12], m, mp);
-        sp_4096_mont_mul_35(t[25], t[13], t[12], m, mp);
-        sp_4096_mont_sqr_35(t[26], t[13], m, mp);
-        sp_4096_mont_mul_35(t[27], t[14], t[13], m, mp);
-        sp_4096_mont_sqr_35(t[28], t[14], m, mp);
-        sp_4096_mont_mul_35(t[29], t[15], t[14], m, mp);
-        sp_4096_mont_sqr_35(t[30], t[15], m, mp);
-        sp_4096_mont_mul_35(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 58) / 59) - 1;
-        c = bits % 59;
-        if (c == 0) {
-            c = 59;
-        }
-        if (i < 35) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (5 - c);
-            c += 59;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 70);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 5;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 54;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 5;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 59 - c;
-            }
-
-            sp_4096_mont_sqr_35(rt, rt, m, mp);
-            sp_4096_mont_sqr_35(rt, rt, m, mp);
-            sp_4096_mont_sqr_35(rt, rt, m, mp);
-            sp_4096_mont_sqr_35(rt, rt, m, mp);
-            sp_4096_mont_sqr_35(rt, rt, m, mp);
-
-            sp_4096_mont_mul_35(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_35(rt, m, mp);
-        n = sp_4096_cmp_35(rt, m);
-        sp_4096_cond_sub_35(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 70);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH) & !WOLFSSL_RSA_PUBLIC_ONLY */
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_70(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 70; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_70(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i=0; i<69; i++) {
-        r[i] = 0x7ffffffffffffffL;
-    }
-    r[69] = 0x1ffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_70(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_70(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    for (i=69; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 58);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_70(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 70; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_70(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 68; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x7ffffffffffffffL);
-        t[1] += t[0] >> 59;
-        r[i+1] = (sp_digit)(t[1] & 0x7ffffffffffffffL);
-        t[2] += t[1] >> 59;
-        r[i+2] = (sp_digit)(t[2] & 0x7ffffffffffffffL);
-        t[3] += t[2] >> 59;
-        r[i+3] = (sp_digit)(t[3] & 0x7ffffffffffffffL);
-        t[0]  = t[3] >> 59;
-    }
-    t[0] += (tb * a[68]) + r[68];
-    t[1]  = (tb * a[69]) + r[69];
-    r[68] = (sp_digit)(t[0] & 0x7ffffffffffffffL);
-    t[1] += t[0] >> 59;
-    r[69] = (sp_digit)(t[1] & 0x7ffffffffffffffL);
-    r[70] +=  (sp_digit)(t[1] >> 59);
-}
-
-/* Shift the result in the high 4096 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_70(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[69] >> 25;
-    n += ((sp_int128)a[70]) << 34;
-
-    for (i = 0; i < 69; i++) {
-        r[i] = (sp_digit)(n & 0x7ffffffffffffffL);
-        n >>= 59;
-        n += ((sp_int128)a[71 + i]) << 34;
-    }
-    r[69] = (sp_digit)n;
-    XMEMSET(&r[70], 0, sizeof(*r) * 70U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_70(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_70(a + 70);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<69; i++) {
-            mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffffffffL);
-            sp_4096_mul_add_70(a+i, m, mu);
-            a[i+1] += a[i] >> 59;
-        }
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffL);
-        sp_4096_mul_add_70(a+i, m, mu);
-        a[i+1] += a[i] >> 59;
-        a[i] &= 0x7ffffffffffffffL;
-    }
-    else {
-        for (i=0; i<69; i++) {
-            mu = (sp_digit)(a[i] & 0x7ffffffffffffffL);
-            sp_4096_mul_add_70(a+i, m, mu);
-            a[i+1] += a[i] >> 59;
-        }
-        mu = (sp_digit)(a[i] & 0x1ffffffL);
-        sp_4096_mul_add_70(a+i, m, mu);
-        a[i+1] += a[i] >> 59;
-        a[i] &= 0x7ffffffffffffffL;
-    }
-#else
-    for (i=0; i<69; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7ffffffffffffffL);
-        sp_4096_mul_add_70(a+i, m, mu);
-        a[i+1] += a[i] >> 59;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffL);
-    sp_4096_mul_add_70(a+i, m, mu);
-    a[i+1] += a[i] >> 59;
-    a[i] &= 0x7ffffffffffffffL;
-#endif
-    sp_4096_mont_shift_70(a, a);
-    over = a[69] - m[69];
-    sp_4096_cond_sub_70(a, a, m, ~((over - 1) >> 63));
-    sp_4096_norm_70(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_70(r, a, b);
-    sp_4096_mont_reduce_70(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_70(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_70(r, a);
-    sp_4096_mont_reduce_70(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_140(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 140; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x7ffffffffffffffL);
-        t >>= 59;
-    }
-    r[140] = (sp_digit)t;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_70(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 70; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_70(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 70; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-
-SP_NOINLINE static void sp_4096_rshift_70(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<69; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (59 - n))) & 0x7ffffffffffffffL);
-    }
-    r[69] = a[69] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_70(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 59);
-    sp_digit t0 = (sp_digit)(d & 0x7ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 57; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 58) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 59);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 118) - (sp_digit)(d >> 118);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 59) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 28) + 1;
-
-    t = (sp_digit)(d >> 56);
-    t = (t / dv) << 28;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 25);
-    t = t / (dv << 3);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_70(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_70(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 70 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 70 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 140 + 1;
-        sd = t2 + 70 + 1;
-
-        sp_4096_mul_d_70(sd, d, (sp_digit)1 << 34);
-        sp_4096_mul_d_140(t1, a, (sp_digit)1 << 34);
-        dv = sd[69];
-        t1[70 + 70] += t1[70 + 70 - 1] >> 59;
-        t1[70 + 70 - 1] &= 0x7ffffffffffffffL;
-        for (i=70; i>=0; i--) {
-            r1 = sp_4096_div_word_70(t1[70 + i], t1[70 + i - 1], dv);
-
-            sp_4096_mul_d_70(t2, sd, r1);
-            (void)sp_4096_sub_70(&t1[i], &t1[i], t2);
-            sp_4096_norm_70(&t1[i]);
-            t1[70 + i] -= t2[70];
-            t1[70 + i] += t1[70 + i - 1] >> 59;
-            t1[70 + i - 1] &= 0x7ffffffffffffffL;
-            r1 = sp_4096_div_word_70(-t1[70 + i], -t1[70 + i - 1], dv);
-            r1 -= t1[70 + i];
-            sp_4096_mul_d_70(t2, sd, r1);
-            (void)sp_4096_add_70(&t1[i], &t1[i], t2);
-            t1[70 + i] += t1[70 + i - 1] >> 59;
-            t1[70 + i - 1] &= 0x7ffffffffffffffL;
-        }
-        t1[70 - 1] += t1[70 - 2] >> 59;
-        t1[70 - 2] &= 0x7ffffffffffffffL;
-        r1 = sp_4096_word_div_word_70(t1[70 - 1], dv);
-
-        sp_4096_mul_d_70(t2, sd, r1);
-        sp_4096_sub_70(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 140U);
-        for (i=0; i<69; i++) {
-            r[i+1] += r[i] >> 59;
-            r[i] &= 0x7ffffffffffffffL;
-        }
-        sp_4096_cond_add_70(r, r, sd, r[69] >> 63);
-
-        sp_4096_norm_70(r);
-        sp_4096_rshift_70(r, r, 34);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_70(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_70(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_70(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 140);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 140, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 70 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 70U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_70(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_70(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 70U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_70(t[1], t[1], norm);
-        err = sp_4096_mod_70(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 59;
-        c = bits % 59;
-        n = e[i--] << (59 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 59;
-            }
-
-            y = (int)((n >> 58) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_70(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 70 * 2);
-            sp_4096_mont_sqr_70(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 70 * 2);
-        }
-
-        sp_4096_mont_reduce_70(t[0], m, mp);
-        n = sp_4096_cmp_70(t[0], m);
-        sp_4096_cond_sub_70(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 70 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 140);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 140, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 70 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_70(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_70(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_70(t[1], t[1], norm);
-                err = sp_4096_mod_70(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_70(t[1], a, norm);
-            err = sp_4096_mod_70(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 59;
-        c = bits % 59;
-        n = e[i--] << (59 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 59;
-            }
-
-            y = (int)((n >> 58) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_70(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 70 * 2);
-            sp_4096_mont_sqr_70(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 70 * 2);
-        }
-
-        sp_4096_mont_reduce_70(t[0], m, mp);
-        n = sp_4096_cmp_70(t[0], m);
-        sp_4096_cond_sub_70(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 70 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 140) + 140);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 140) + 140, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 140;
-        rt = td + 2240;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_70(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_70(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_70(t[1], t[1], norm);
-                err = sp_4096_mod_70(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_70(t[1], a, norm);
-            err = sp_4096_mod_70(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_70(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_70(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_70(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_70(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_70(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_70(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_70(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_70(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_70(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_70(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_70(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_70(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_70(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_70(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 58) / 59) - 1;
-        c = bits % 59;
-        if (c == 0) {
-            c = 59;
-        }
-        if (i < 70) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (5 - c);
-            c += 59;
-        }
-        y = (int)((n >> 60) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 140);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 5;
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c = 55;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n = e[i--] << 5;
-                c = 4 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 59 - c;
-            }
-
-            sp_4096_mont_sqr_70(rt, rt, m, mp);
-            sp_4096_mont_sqr_70(rt, rt, m, mp);
-            sp_4096_mont_sqr_70(rt, rt, m, mp);
-            sp_4096_mont_sqr_70(rt, rt, m, mp);
-
-            sp_4096_mont_mul_70(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_70(rt, m, mp);
-        n = sp_4096_cmp_70(rt, m);
-        sp_4096_cond_sub_70(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 140);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 70 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 70 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 70 * 2;
-        m = r + 70 * 2;
-        norm = r;
-
-        sp_4096_from_bin(a, 70, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 70, mm);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_70(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_70(a, a, norm);
-        err = sp_4096_mod_70(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 70 * 2);
-        for (i--; i>=0; i--) {
-            sp_4096_mont_sqr_70(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_4096_mont_mul_70(r, r, a, m, mp);
-            }
-        }
-        sp_4096_mont_reduce_70(r, m, mp);
-        mp = sp_4096_cmp_70(r, m);
-        sp_4096_cond_sub_70(r, r, m, ~(mp >> 63));
-
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 70 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 70 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 70 * 2;
-        m = r + 70 * 2;
-
-        sp_4096_from_bin(a, 70, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 70, mm);
-
-        if (e[0] == 0x3) {
-            sp_4096_sqr_70(r, a);
-            err = sp_4096_mod_70(r, r, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_70(r, a, r);
-                err = sp_4096_mod_70(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-            sp_4096_mont_norm_70(norm, m);
-
-            sp_4096_mul_70(a, a, norm);
-            err = sp_4096_mod_70(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 140U);
-                for (i--; i>=0; i--) {
-                    sp_4096_mont_sqr_70(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_70(r, r, a, m, mp);
-                    }
-                }
-                sp_4096_mont_reduce_70(r, m, mp);
-                mp = sp_4096_cmp_70(r, m);
-                sp_4096_cond_sub_70(r, r, m, ~(mp >> 63));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 70 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 70 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 70;
-        m = a + 140;
-        r = a;
-
-        sp_4096_from_bin(a, 70, in, inLen);
-        sp_4096_from_mp(d, 70, dm);
-        sp_4096_from_mp(m, 70, mm);
-        err = sp_4096_mod_exp_70(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 70, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 70 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 70 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 70;
-        m = a + 140;
-        r = a;
-
-        sp_4096_from_bin(a, 70, in, inLen);
-        sp_4096_from_mp(d, 70, dm);
-        sp_4096_from_mp(m, 70, mm);
-        err = sp_4096_mod_exp_70(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 70, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 35 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 35 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 70;
-        qi = dq = dp = p + 35;
-        tmpa = qi + 35;
-        tmpb = tmpa + 70;
-        r = a;
-
-        sp_4096_from_bin(a, 70, in, inLen);
-        sp_4096_from_mp(p, 35, pm);
-        sp_4096_from_mp(dp, 35, dpm);
-        err = sp_4096_mod_exp_35(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 35, qm);
-        sp_4096_from_mp(dq, 35, dqm);
-        err = sp_4096_mod_exp_35(tmpb, a, dq, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 35, pm);
-        (void)sp_4096_sub_35(tmpa, tmpa, tmpb);
-        sp_4096_norm_35(tmpa);
-        sp_4096_cond_add_35(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[34] >> 63));
-        sp_4096_cond_add_35(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[34] >> 63));
-        sp_4096_norm_35(tmpa);
-
-        sp_4096_from_mp(qi, 35, qim);
-        sp_4096_mul_35(tmpa, tmpa, qi);
-        err = sp_4096_mod_35(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 35, qm);
-        sp_4096_mul_35(tmpa, p, tmpa);
-        (void)sp_4096_add_70(r, tmpb, tmpa);
-        sp_4096_norm_70(r);
-
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 35 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 35 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 35 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 70 * 2;
-        q = p + 35;
-        dp = q + 35;
-        dq = dp + 35;
-        qi = dq + 35;
-        tmpa = qi + 35;
-        tmpb = tmpa + 70;
-        r = a;
-
-        sp_4096_from_bin(a, 70, in, inLen);
-        sp_4096_from_mp(p, 35, pm);
-        sp_4096_from_mp(q, 35, qm);
-        sp_4096_from_mp(dp, 35, dpm);
-        sp_4096_from_mp(dq, 35, dqm);
-        sp_4096_from_mp(qi, 35, qim);
-
-        err = sp_4096_mod_exp_35(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_4096_mod_exp_35(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_4096_sub_35(tmpa, tmpa, tmpb);
-        sp_4096_norm_35(tmpa);
-        sp_4096_cond_add_35(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[34] >> 63));
-        sp_4096_cond_add_35(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[34] >> 63));
-        sp_4096_norm_35(tmpa);
-        sp_4096_mul_35(tmpa, tmpa, qi);
-        err = sp_4096_mod_35(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mul_35(tmpa, tmpa, q);
-        (void)sp_4096_add_70(r, tmpb, tmpa);
-        sp_4096_norm_70(r);
-
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 35 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 59
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 70);
-        r->used = 70;
-        mp_clamp(r);
-#elif DIGIT_BIT < 59
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 70; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 59) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 59 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 70; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 59 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 59 - s;
-            }
-            else {
-                s += 59;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 70 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 70 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 70 * 2;
-        m = e + 70;
-        r = b;
-
-        sp_4096_from_mp(b, 70, base);
-        sp_4096_from_mp(e, 70, exp);
-        sp_4096_from_mp(m, 70, mod);
-
-        err = sp_4096_mod_exp_70(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 70U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 70 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 70 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 70 * 2;
-        m = e + 70;
-        r = b;
-
-        sp_4096_from_mp(b, 70, base);
-        sp_4096_from_mp(e, 70, exp);
-        sp_4096_from_mp(m, 70, mod);
-
-        err = sp_4096_mod_exp_70(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 70U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-SP_NOINLINE static void sp_4096_lshift_70(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    r[70] = a[69] >> (59 - n);
-    for (i=69; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (59 - n))) & 0x7ffffffffffffffL);
-    }
-    r[0] = (sp_digit)((a[0] << n) & 0x7ffffffffffffffL);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_70(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 211);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 211, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 140;
-        XMEMSET(td, 0, sizeof(sp_digit) * 211);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_70(norm, m);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 58) / 59) - 1;
-        c = bits % 59;
-        if (c == 0) {
-            c = 59;
-        }
-        if (i < 70) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (5 - c);
-            c += 59;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        sp_4096_lshift_70(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 5;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 54;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 5;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 59 - c;
-            }
-
-            sp_4096_mont_sqr_70(r, r, m, mp);
-            sp_4096_mont_sqr_70(r, r, m, mp);
-            sp_4096_mont_sqr_70(r, r, m, mp);
-            sp_4096_mont_sqr_70(r, r, m, mp);
-            sp_4096_mont_sqr_70(r, r, m, mp);
-
-            sp_4096_lshift_70(r, r, (byte)y);
-            sp_4096_mul_d_70(tmp, norm, (r[70] << 34) + (r[69] >> 25));
-            r[70] = 0;
-            r[69] &= 0x1ffffffL;
-            (void)sp_4096_add_70(r, r, tmp);
-            sp_4096_norm_70(r);
-            o = sp_4096_cmp_70(r, m);
-            sp_4096_cond_sub_70(r, r, m, ~(o >> 63));
-        }
-
-        sp_4096_mont_reduce_70(r, m, mp);
-        n = sp_4096_cmp_70(r, m);
-        sp_4096_cond_sub_70(r, r, m, (sp_digit)~(n >> 63));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 70 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 70 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 70 * 2;
-        m = e + 70;
-        r = b;
-
-        sp_4096_from_mp(b, 70, base);
-        sp_4096_from_bin(e, 70, exp, expLen);
-        sp_4096_from_mp(m, 70, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2U &&
-                ((m[69] << 7) | (m[68] >> 52)) == 0xffffffffL) {
-            err = sp_4096_mod_exp_2_70(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_4096_mod_exp_70(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_4096
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_70(r, out);
-        *outLen = 512;
-        for (i=0; i<512U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 70U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#else
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 45U) {
-            r[j] &= 0x1fffffffffffffL;
-            s = 53U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 53
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 52);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 52);
-    }
-#elif DIGIT_BIT > 53
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1fffffffffffffL;
-        s = 53U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 53U) <= (word32)DIGIT_BIT) {
-            s += 53U;
-            r[j] &= 0x1fffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 53) {
-            r[j] &= 0x1fffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 53 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_78(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<77; i++) {
-        r[i+1] += r[i] >> 53;
-        r[i] &= 0x1fffffffffffffL;
-    }
-    j = 4103 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<78 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 53) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 53);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Normalize the values in each word to 53 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_39(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 32; i += 8) {
-        a[i+1] += a[i+0] >> 53; a[i+0] &= 0x1fffffffffffffL;
-        a[i+2] += a[i+1] >> 53; a[i+1] &= 0x1fffffffffffffL;
-        a[i+3] += a[i+2] >> 53; a[i+2] &= 0x1fffffffffffffL;
-        a[i+4] += a[i+3] >> 53; a[i+3] &= 0x1fffffffffffffL;
-        a[i+5] += a[i+4] >> 53; a[i+4] &= 0x1fffffffffffffL;
-        a[i+6] += a[i+5] >> 53; a[i+5] &= 0x1fffffffffffffL;
-        a[i+7] += a[i+6] >> 53; a[i+6] &= 0x1fffffffffffffL;
-        a[i+8] += a[i+7] >> 53; a[i+7] &= 0x1fffffffffffffL;
-    }
-    a[33] += a[32] >> 53; a[32] &= 0x1fffffffffffffL;
-    a[34] += a[33] >> 53; a[33] &= 0x1fffffffffffffL;
-    a[35] += a[34] >> 53; a[34] &= 0x1fffffffffffffL;
-    a[36] += a[35] >> 53; a[35] &= 0x1fffffffffffffL;
-    a[37] += a[36] >> 53; a[36] &= 0x1fffffffffffffL;
-    a[38] += a[37] >> 53; a[37] &= 0x1fffffffffffffL;
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 53 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_4096_norm_78(sp_digit* a)
-{
-    int i;
-    for (i = 0; i < 72; i += 8) {
-        a[i+1] += a[i+0] >> 53; a[i+0] &= 0x1fffffffffffffL;
-        a[i+2] += a[i+1] >> 53; a[i+1] &= 0x1fffffffffffffL;
-        a[i+3] += a[i+2] >> 53; a[i+2] &= 0x1fffffffffffffL;
-        a[i+4] += a[i+3] >> 53; a[i+3] &= 0x1fffffffffffffL;
-        a[i+5] += a[i+4] >> 53; a[i+4] &= 0x1fffffffffffffL;
-        a[i+6] += a[i+5] >> 53; a[i+5] &= 0x1fffffffffffffL;
-        a[i+7] += a[i+6] >> 53; a[i+6] &= 0x1fffffffffffffL;
-        a[i+8] += a[i+7] >> 53; a[i+7] &= 0x1fffffffffffffL;
-    }
-    a[73] += a[72] >> 53; a[72] &= 0x1fffffffffffffL;
-    a[74] += a[73] >> 53; a[73] &= 0x1fffffffffffffL;
-    a[75] += a[74] >> 53; a[74] &= 0x1fffffffffffffL;
-    a[76] += a[75] >> 53; a[75] &= 0x1fffffffffffffL;
-    a[77] += a[76] >> 53; a[76] &= 0x1fffffffffffffL;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_13(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_uint128 t0;
-    sp_uint128 t1;
-    sp_digit t[13];
-
-    t0 = ((sp_uint128)a[ 0]) * b[ 0];
-    t1 = ((sp_uint128)a[ 0]) * b[ 1]
-       + ((sp_uint128)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 0]) * b[ 2]
-       + ((sp_uint128)a[ 1]) * b[ 1]
-       + ((sp_uint128)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 0]) * b[ 3]
-       + ((sp_uint128)a[ 1]) * b[ 2]
-       + ((sp_uint128)a[ 2]) * b[ 1]
-       + ((sp_uint128)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 0]) * b[ 4]
-       + ((sp_uint128)a[ 1]) * b[ 3]
-       + ((sp_uint128)a[ 2]) * b[ 2]
-       + ((sp_uint128)a[ 3]) * b[ 1]
-       + ((sp_uint128)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 0]) * b[ 5]
-       + ((sp_uint128)a[ 1]) * b[ 4]
-       + ((sp_uint128)a[ 2]) * b[ 3]
-       + ((sp_uint128)a[ 3]) * b[ 2]
-       + ((sp_uint128)a[ 4]) * b[ 1]
-       + ((sp_uint128)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 0]) * b[ 6]
-       + ((sp_uint128)a[ 1]) * b[ 5]
-       + ((sp_uint128)a[ 2]) * b[ 4]
-       + ((sp_uint128)a[ 3]) * b[ 3]
-       + ((sp_uint128)a[ 4]) * b[ 2]
-       + ((sp_uint128)a[ 5]) * b[ 1]
-       + ((sp_uint128)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 0]) * b[ 7]
-       + ((sp_uint128)a[ 1]) * b[ 6]
-       + ((sp_uint128)a[ 2]) * b[ 5]
-       + ((sp_uint128)a[ 3]) * b[ 4]
-       + ((sp_uint128)a[ 4]) * b[ 3]
-       + ((sp_uint128)a[ 5]) * b[ 2]
-       + ((sp_uint128)a[ 6]) * b[ 1]
-       + ((sp_uint128)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 0]) * b[ 8]
-       + ((sp_uint128)a[ 1]) * b[ 7]
-       + ((sp_uint128)a[ 2]) * b[ 6]
-       + ((sp_uint128)a[ 3]) * b[ 5]
-       + ((sp_uint128)a[ 4]) * b[ 4]
-       + ((sp_uint128)a[ 5]) * b[ 3]
-       + ((sp_uint128)a[ 6]) * b[ 2]
-       + ((sp_uint128)a[ 7]) * b[ 1]
-       + ((sp_uint128)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 0]) * b[ 9]
-       + ((sp_uint128)a[ 1]) * b[ 8]
-       + ((sp_uint128)a[ 2]) * b[ 7]
-       + ((sp_uint128)a[ 3]) * b[ 6]
-       + ((sp_uint128)a[ 4]) * b[ 5]
-       + ((sp_uint128)a[ 5]) * b[ 4]
-       + ((sp_uint128)a[ 6]) * b[ 3]
-       + ((sp_uint128)a[ 7]) * b[ 2]
-       + ((sp_uint128)a[ 8]) * b[ 1]
-       + ((sp_uint128)a[ 9]) * b[ 0];
-    t[ 8] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 0]) * b[10]
-       + ((sp_uint128)a[ 1]) * b[ 9]
-       + ((sp_uint128)a[ 2]) * b[ 8]
-       + ((sp_uint128)a[ 3]) * b[ 7]
-       + ((sp_uint128)a[ 4]) * b[ 6]
-       + ((sp_uint128)a[ 5]) * b[ 5]
-       + ((sp_uint128)a[ 6]) * b[ 4]
-       + ((sp_uint128)a[ 7]) * b[ 3]
-       + ((sp_uint128)a[ 8]) * b[ 2]
-       + ((sp_uint128)a[ 9]) * b[ 1]
-       + ((sp_uint128)a[10]) * b[ 0];
-    t[ 9] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 0]) * b[11]
-       + ((sp_uint128)a[ 1]) * b[10]
-       + ((sp_uint128)a[ 2]) * b[ 9]
-       + ((sp_uint128)a[ 3]) * b[ 8]
-       + ((sp_uint128)a[ 4]) * b[ 7]
-       + ((sp_uint128)a[ 5]) * b[ 6]
-       + ((sp_uint128)a[ 6]) * b[ 5]
-       + ((sp_uint128)a[ 7]) * b[ 4]
-       + ((sp_uint128)a[ 8]) * b[ 3]
-       + ((sp_uint128)a[ 9]) * b[ 2]
-       + ((sp_uint128)a[10]) * b[ 1]
-       + ((sp_uint128)a[11]) * b[ 0];
-    t[10] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 0]) * b[12]
-       + ((sp_uint128)a[ 1]) * b[11]
-       + ((sp_uint128)a[ 2]) * b[10]
-       + ((sp_uint128)a[ 3]) * b[ 9]
-       + ((sp_uint128)a[ 4]) * b[ 8]
-       + ((sp_uint128)a[ 5]) * b[ 7]
-       + ((sp_uint128)a[ 6]) * b[ 6]
-       + ((sp_uint128)a[ 7]) * b[ 5]
-       + ((sp_uint128)a[ 8]) * b[ 4]
-       + ((sp_uint128)a[ 9]) * b[ 3]
-       + ((sp_uint128)a[10]) * b[ 2]
-       + ((sp_uint128)a[11]) * b[ 1]
-       + ((sp_uint128)a[12]) * b[ 0];
-    t[11] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 1]) * b[12]
-       + ((sp_uint128)a[ 2]) * b[11]
-       + ((sp_uint128)a[ 3]) * b[10]
-       + ((sp_uint128)a[ 4]) * b[ 9]
-       + ((sp_uint128)a[ 5]) * b[ 8]
-       + ((sp_uint128)a[ 6]) * b[ 7]
-       + ((sp_uint128)a[ 7]) * b[ 6]
-       + ((sp_uint128)a[ 8]) * b[ 5]
-       + ((sp_uint128)a[ 9]) * b[ 4]
-       + ((sp_uint128)a[10]) * b[ 3]
-       + ((sp_uint128)a[11]) * b[ 2]
-       + ((sp_uint128)a[12]) * b[ 1];
-    t[12] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 2]) * b[12]
-       + ((sp_uint128)a[ 3]) * b[11]
-       + ((sp_uint128)a[ 4]) * b[10]
-       + ((sp_uint128)a[ 5]) * b[ 9]
-       + ((sp_uint128)a[ 6]) * b[ 8]
-       + ((sp_uint128)a[ 7]) * b[ 7]
-       + ((sp_uint128)a[ 8]) * b[ 6]
-       + ((sp_uint128)a[ 9]) * b[ 5]
-       + ((sp_uint128)a[10]) * b[ 4]
-       + ((sp_uint128)a[11]) * b[ 3]
-       + ((sp_uint128)a[12]) * b[ 2];
-    r[13] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 3]) * b[12]
-       + ((sp_uint128)a[ 4]) * b[11]
-       + ((sp_uint128)a[ 5]) * b[10]
-       + ((sp_uint128)a[ 6]) * b[ 9]
-       + ((sp_uint128)a[ 7]) * b[ 8]
-       + ((sp_uint128)a[ 8]) * b[ 7]
-       + ((sp_uint128)a[ 9]) * b[ 6]
-       + ((sp_uint128)a[10]) * b[ 5]
-       + ((sp_uint128)a[11]) * b[ 4]
-       + ((sp_uint128)a[12]) * b[ 3];
-    r[14] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 4]) * b[12]
-       + ((sp_uint128)a[ 5]) * b[11]
-       + ((sp_uint128)a[ 6]) * b[10]
-       + ((sp_uint128)a[ 7]) * b[ 9]
-       + ((sp_uint128)a[ 8]) * b[ 8]
-       + ((sp_uint128)a[ 9]) * b[ 7]
-       + ((sp_uint128)a[10]) * b[ 6]
-       + ((sp_uint128)a[11]) * b[ 5]
-       + ((sp_uint128)a[12]) * b[ 4];
-    r[15] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 5]) * b[12]
-       + ((sp_uint128)a[ 6]) * b[11]
-       + ((sp_uint128)a[ 7]) * b[10]
-       + ((sp_uint128)a[ 8]) * b[ 9]
-       + ((sp_uint128)a[ 9]) * b[ 8]
-       + ((sp_uint128)a[10]) * b[ 7]
-       + ((sp_uint128)a[11]) * b[ 6]
-       + ((sp_uint128)a[12]) * b[ 5];
-    r[16] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 6]) * b[12]
-       + ((sp_uint128)a[ 7]) * b[11]
-       + ((sp_uint128)a[ 8]) * b[10]
-       + ((sp_uint128)a[ 9]) * b[ 9]
-       + ((sp_uint128)a[10]) * b[ 8]
-       + ((sp_uint128)a[11]) * b[ 7]
-       + ((sp_uint128)a[12]) * b[ 6];
-    r[17] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 7]) * b[12]
-       + ((sp_uint128)a[ 8]) * b[11]
-       + ((sp_uint128)a[ 9]) * b[10]
-       + ((sp_uint128)a[10]) * b[ 9]
-       + ((sp_uint128)a[11]) * b[ 8]
-       + ((sp_uint128)a[12]) * b[ 7];
-    r[18] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[ 8]) * b[12]
-       + ((sp_uint128)a[ 9]) * b[11]
-       + ((sp_uint128)a[10]) * b[10]
-       + ((sp_uint128)a[11]) * b[ 9]
-       + ((sp_uint128)a[12]) * b[ 8];
-    r[19] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[ 9]) * b[12]
-       + ((sp_uint128)a[10]) * b[11]
-       + ((sp_uint128)a[11]) * b[10]
-       + ((sp_uint128)a[12]) * b[ 9];
-    r[20] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[10]) * b[12]
-       + ((sp_uint128)a[11]) * b[11]
-       + ((sp_uint128)a[12]) * b[10];
-    r[21] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = ((sp_uint128)a[11]) * b[12]
-       + ((sp_uint128)a[12]) * b[11];
-    r[22] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = ((sp_uint128)a[12]) * b[12];
-    r[23] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    r[24] = (sp_digit)(t0 & 0x1fffffffffffffL);
-    r[25] = (sp_digit)(t0 >> 53);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_13(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-    r[ 9] = a[ 9] + b[ 9];
-    r[10] = a[10] + b[10];
-    r[11] = a[11] + b[11];
-    r[12] = a[12] + b[12];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[24] = a[24] - b[24];
-    r[25] = a[25] - b[25];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_26(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[24] = a[24] + b[24];
-    r[25] = a[25] + b[25];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_39(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit p0[26];
-    sp_digit p1[26];
-    sp_digit p2[26];
-    sp_digit p3[26];
-    sp_digit p4[26];
-    sp_digit p5[26];
-    sp_digit t0[26];
-    sp_digit t1[26];
-    sp_digit t2[26];
-    sp_digit a0[13];
-    sp_digit a1[13];
-    sp_digit a2[13];
-    sp_digit b0[13];
-    sp_digit b1[13];
-    sp_digit b2[13];
-    (void)sp_4096_add_13(a0, a, &a[13]);
-    (void)sp_4096_add_13(b0, b, &b[13]);
-    (void)sp_4096_add_13(a1, &a[13], &a[26]);
-    (void)sp_4096_add_13(b1, &b[13], &b[26]);
-    (void)sp_4096_add_13(a2, a0, &a[26]);
-    (void)sp_4096_add_13(b2, b0, &b[26]);
-    sp_4096_mul_13(p0, a, b);
-    sp_4096_mul_13(p2, &a[13], &b[13]);
-    sp_4096_mul_13(p4, &a[26], &b[26]);
-    sp_4096_mul_13(p1, a0, b0);
-    sp_4096_mul_13(p3, a1, b1);
-    sp_4096_mul_13(p5, a2, b2);
-    XMEMSET(r, 0, sizeof(*r)*2U*39U);
-    (void)sp_4096_sub_26(t0, p3, p2);
-    (void)sp_4096_sub_26(t1, p1, p2);
-    (void)sp_4096_sub_26(t2, p5, t0);
-    (void)sp_4096_sub_26(t2, t2, t1);
-    (void)sp_4096_sub_26(t0, t0, p4);
-    (void)sp_4096_sub_26(t1, t1, p0);
-    (void)sp_4096_add_26(r, r, p0);
-    (void)sp_4096_add_26(&r[13], &r[13], t1);
-    (void)sp_4096_add_26(&r[26], &r[26], t2);
-    (void)sp_4096_add_26(&r[39], &r[39], t0);
-    (void)sp_4096_add_26(&r[52], &r[52], p4);
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_39(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[32] = a[32] + b[32];
-    r[33] = a[33] + b[33];
-    r[34] = a[34] + b[34];
-    r[35] = a[35] + b[35];
-    r[36] = a[36] + b[36];
-    r[37] = a[37] + b[37];
-    r[38] = a[38] + b[38];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_add_78(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[72] = a[72] + b[72];
-    r[73] = a[73] + b[73];
-    r[74] = a[74] + b[74];
-    r[75] = a[75] + b[75];
-    r[76] = a[76] + b[76];
-    r[77] = a[77] + b[77];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_78(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[72] = a[72] - b[72];
-    r[73] = a[73] - b[73];
-    r[74] = a[74] - b[74];
-    r[75] = a[75] - b[75];
-    r[76] = a[76] - b[76];
-    r[77] = a[77] - b[77];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_78(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[78];
-    sp_digit* a1 = z1;
-    sp_digit b1[39];
-    sp_digit* z2 = r + 78;
-    (void)sp_4096_add_39(a1, a, &a[39]);
-    (void)sp_4096_add_39(b1, b, &b[39]);
-    sp_4096_mul_39(z2, &a[39], &b[39]);
-    sp_4096_mul_39(z0, a, b);
-    sp_4096_mul_39(z1, a1, b1);
-    (void)sp_4096_sub_78(z1, z1, z2);
-    (void)sp_4096_sub_78(z1, z1, z0);
-    (void)sp_4096_add_78(r + 39, r + 39, z1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_13(sp_digit* r, const sp_digit* a)
-{
-    sp_uint128 t0;
-    sp_uint128 t1;
-    sp_digit t[13];
-
-    t0 =  ((sp_uint128)a[ 0]) * a[ 0];
-    t1 = (((sp_uint128)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 0]) * a[ 2]) * 2
-       +  ((sp_uint128)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 0]) * a[ 3]
-       +  ((sp_uint128)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 0]) * a[ 4]
-       +  ((sp_uint128)a[ 1]) * a[ 3]) * 2
-       +  ((sp_uint128)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 0]) * a[ 5]
-       +  ((sp_uint128)a[ 1]) * a[ 4]
-       +  ((sp_uint128)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 0]) * a[ 6]
-       +  ((sp_uint128)a[ 1]) * a[ 5]
-       +  ((sp_uint128)a[ 2]) * a[ 4]) * 2
-       +  ((sp_uint128)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 0]) * a[ 7]
-       +  ((sp_uint128)a[ 1]) * a[ 6]
-       +  ((sp_uint128)a[ 2]) * a[ 5]
-       +  ((sp_uint128)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 0]) * a[ 8]
-       +  ((sp_uint128)a[ 1]) * a[ 7]
-       +  ((sp_uint128)a[ 2]) * a[ 6]
-       +  ((sp_uint128)a[ 3]) * a[ 5]) * 2
-       +  ((sp_uint128)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 0]) * a[ 9]
-       +  ((sp_uint128)a[ 1]) * a[ 8]
-       +  ((sp_uint128)a[ 2]) * a[ 7]
-       +  ((sp_uint128)a[ 3]) * a[ 6]
-       +  ((sp_uint128)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 0]) * a[10]
-       +  ((sp_uint128)a[ 1]) * a[ 9]
-       +  ((sp_uint128)a[ 2]) * a[ 8]
-       +  ((sp_uint128)a[ 3]) * a[ 7]
-       +  ((sp_uint128)a[ 4]) * a[ 6]) * 2
-       +  ((sp_uint128)a[ 5]) * a[ 5];
-    t[ 9] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 0]) * a[11]
-       +  ((sp_uint128)a[ 1]) * a[10]
-       +  ((sp_uint128)a[ 2]) * a[ 9]
-       +  ((sp_uint128)a[ 3]) * a[ 8]
-       +  ((sp_uint128)a[ 4]) * a[ 7]
-       +  ((sp_uint128)a[ 5]) * a[ 6]) * 2;
-    t[10] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 0]) * a[12]
-       +  ((sp_uint128)a[ 1]) * a[11]
-       +  ((sp_uint128)a[ 2]) * a[10]
-       +  ((sp_uint128)a[ 3]) * a[ 9]
-       +  ((sp_uint128)a[ 4]) * a[ 8]
-       +  ((sp_uint128)a[ 5]) * a[ 7]) * 2
-       +  ((sp_uint128)a[ 6]) * a[ 6];
-    t[11] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 1]) * a[12]
-       +  ((sp_uint128)a[ 2]) * a[11]
-       +  ((sp_uint128)a[ 3]) * a[10]
-       +  ((sp_uint128)a[ 4]) * a[ 9]
-       +  ((sp_uint128)a[ 5]) * a[ 8]
-       +  ((sp_uint128)a[ 6]) * a[ 7]) * 2;
-    t[12] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 2]) * a[12]
-       +  ((sp_uint128)a[ 3]) * a[11]
-       +  ((sp_uint128)a[ 4]) * a[10]
-       +  ((sp_uint128)a[ 5]) * a[ 9]
-       +  ((sp_uint128)a[ 6]) * a[ 8]) * 2
-       +  ((sp_uint128)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 3]) * a[12]
-       +  ((sp_uint128)a[ 4]) * a[11]
-       +  ((sp_uint128)a[ 5]) * a[10]
-       +  ((sp_uint128)a[ 6]) * a[ 9]
-       +  ((sp_uint128)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 4]) * a[12]
-       +  ((sp_uint128)a[ 5]) * a[11]
-       +  ((sp_uint128)a[ 6]) * a[10]
-       +  ((sp_uint128)a[ 7]) * a[ 9]) * 2
-       +  ((sp_uint128)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 5]) * a[12]
-       +  ((sp_uint128)a[ 6]) * a[11]
-       +  ((sp_uint128)a[ 7]) * a[10]
-       +  ((sp_uint128)a[ 8]) * a[ 9]) * 2;
-    r[16] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 6]) * a[12]
-       +  ((sp_uint128)a[ 7]) * a[11]
-       +  ((sp_uint128)a[ 8]) * a[10]) * 2
-       +  ((sp_uint128)a[ 9]) * a[ 9];
-    r[17] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 7]) * a[12]
-       +  ((sp_uint128)a[ 8]) * a[11]
-       +  ((sp_uint128)a[ 9]) * a[10]) * 2;
-    r[18] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[ 8]) * a[12]
-       +  ((sp_uint128)a[ 9]) * a[11]) * 2
-       +  ((sp_uint128)a[10]) * a[10];
-    r[19] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[ 9]) * a[12]
-       +  ((sp_uint128)a[10]) * a[11]) * 2;
-    r[20] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 = (((sp_uint128)a[10]) * a[12]) * 2
-       +  ((sp_uint128)a[11]) * a[11];
-    r[21] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    t1 = (((sp_uint128)a[11]) * a[12]) * 2;
-    r[22] = (sp_digit)(t0 & 0x1fffffffffffffL); t1 += t0 >> 53;
-    t0 =  ((sp_uint128)a[12]) * a[12];
-    r[23] = (sp_digit)(t1 & 0x1fffffffffffffL); t0 += t1 >> 53;
-    r[24] = (sp_digit)(t0 & 0x1fffffffffffffL);
-    r[25] = (sp_digit)(t0 >> 53);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a into r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_39(sp_digit* r, const sp_digit* a)
-{
-    sp_digit p0[26];
-    sp_digit p1[26];
-    sp_digit p2[26];
-    sp_digit p3[26];
-    sp_digit p4[26];
-    sp_digit p5[26];
-    sp_digit t0[26];
-    sp_digit t1[26];
-    sp_digit t2[26];
-    sp_digit a0[13];
-    sp_digit a1[13];
-    sp_digit a2[13];
-    (void)sp_4096_add_13(a0, a, &a[13]);
-    (void)sp_4096_add_13(a1, &a[13], &a[26]);
-    (void)sp_4096_add_13(a2, a0, &a[26]);
-    sp_4096_sqr_13(p0, a);
-    sp_4096_sqr_13(p2, &a[13]);
-    sp_4096_sqr_13(p4, &a[26]);
-    sp_4096_sqr_13(p1, a0);
-    sp_4096_sqr_13(p3, a1);
-    sp_4096_sqr_13(p5, a2);
-    XMEMSET(r, 0, sizeof(*r)*2U*39U);
-    (void)sp_4096_sub_26(t0, p3, p2);
-    (void)sp_4096_sub_26(t1, p1, p2);
-    (void)sp_4096_sub_26(t2, p5, t0);
-    (void)sp_4096_sub_26(t2, t2, t1);
-    (void)sp_4096_sub_26(t0, t0, p4);
-    (void)sp_4096_sub_26(t1, t1, p0);
-    (void)sp_4096_add_26(r, r, p0);
-    (void)sp_4096_add_26(&r[13], &r[13], t1);
-    (void)sp_4096_add_26(&r[26], &r[26], t2);
-    (void)sp_4096_add_26(&r[39], &r[39], t0);
-    (void)sp_4096_add_26(&r[52], &r[52], p4);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_78(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[78];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 78;
-    (void)sp_4096_add_39(a1, a, &a[39]);
-    sp_4096_sqr_39(z2, &a[39]);
-    sp_4096_sqr_39(z0, a);
-    sp_4096_sqr_39(z1, a1);
-    (void)sp_4096_sub_78(z1, z1, z2);
-    (void)sp_4096_sub_78(z1, z1, z0);
-    (void)sp_4096_add_78(r + 39, r + 39, z1);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-    x &= 0x1fffffffffffffL;
-
-    /* rho = -1/m mod b */
-    *rho = ((sp_digit)1 << 53) - x;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_78(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 76; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[76];
-    r[76] = (sp_digit)(t & 0x1fffffffffffffL);
-    t >>= 53;
-    t += tb * a[77];
-    r[77] = (sp_digit)(t & 0x1fffffffffffffL);
-    t >>= 53;
-    r[78] = (sp_digit)(t & 0x1fffffffffffffL);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_4096_sub_39(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[32] = a[32] - b[32];
-    r[33] = a[33] - b[33];
-    r[34] = a[34] - b[34];
-    r[35] = a[35] - b[35];
-    r[36] = a[36] - b[36];
-    r[37] = a[37] - b[37];
-    r[38] = a[38] - b[38];
-
-    return 0;
-}
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_39(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = 0x1fffffffffffffL;
-        r[i + 1] = 0x1fffffffffffffL;
-        r[i + 2] = 0x1fffffffffffffL;
-        r[i + 3] = 0x1fffffffffffffL;
-        r[i + 4] = 0x1fffffffffffffL;
-        r[i + 5] = 0x1fffffffffffffL;
-        r[i + 6] = 0x1fffffffffffffL;
-        r[i + 7] = 0x1fffffffffffffL;
-    }
-    r[32] = 0x1fffffffffffffL;
-    r[33] = 0x1fffffffffffffL;
-    r[34] = 0x1fffffffffffffL;
-    r[35] = 0x1fffffffffffffL;
-    r[36] = 0x1fffffffffffffL;
-    r[37] = 0x1fffffffffffffL;
-    r[38] = 0x3ffffffffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_39(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_39(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[38] - b[38]) & (0 - (sp_digit)1);
-    r |= (a[37] - b[37]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[36] - b[36]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[35] - b[35]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[34] - b[34]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[33] - b[33]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[32] - b[32]) & ~(((sp_digit)0 - r) >> 52);
-    for (i = 24; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 52);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_39(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[32] = a[32] - (b[32] & m);
-    r[33] = a[33] - (b[33] & m);
-    r[34] = a[34] - (b[34] & m);
-    r[35] = a[35] - (b[35] & m);
-    r[36] = a[36] - (b[36] & m);
-    r[37] = a[37] - (b[37] & m);
-    r[38] = a[38] - (b[38] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_39(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1fffffffffffffL);
-    for (i = 0; i < 32; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 53) + (t[1] & 0x1fffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 53) + (t[2] & 0x1fffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 53) + (t[3] & 0x1fffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 53) + (t[4] & 0x1fffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 53) + (t[5] & 0x1fffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 53) + (t[6] & 0x1fffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 53) + (t[7] & 0x1fffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 53) + (t[0] & 0x1fffffffffffffL));
-    }
-    t[1] = tb * a[33];
-    r[33] += (sp_digit)((t[0] >> 53) + (t[1] & 0x1fffffffffffffL));
-    t[2] = tb * a[34];
-    r[34] += (sp_digit)((t[1] >> 53) + (t[2] & 0x1fffffffffffffL));
-    t[3] = tb * a[35];
-    r[35] += (sp_digit)((t[2] >> 53) + (t[3] & 0x1fffffffffffffL));
-    t[4] = tb * a[36];
-    r[36] += (sp_digit)((t[3] >> 53) + (t[4] & 0x1fffffffffffffL));
-    t[5] = tb * a[37];
-    r[37] += (sp_digit)((t[4] >> 53) + (t[5] & 0x1fffffffffffffL));
-    t[6] = tb * a[38];
-    r[38] += (sp_digit)((t[5] >> 53) + (t[6] & 0x1fffffffffffffL));
-    r[39] +=  (sp_digit)(t[6] >> 53);
-}
-
-/* Shift the result in the high 2048 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_39(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[38] >> 34;
-    n += ((sp_int128)a[39]) << 19;
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 40]) << 19;
-        r[i + 1] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 41]) << 19;
-        r[i + 2] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 42]) << 19;
-        r[i + 3] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 43]) << 19;
-        r[i + 4] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 44]) << 19;
-        r[i + 5] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 45]) << 19;
-        r[i + 6] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 46]) << 19;
-        r[i + 7] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 47]) << 19;
-    }
-    r[32] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[72]) << 19;
-    r[33] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[73]) << 19;
-    r[34] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[74]) << 19;
-    r[35] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[75]) << 19;
-    r[36] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[76]) << 19;
-    r[37] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[77]) << 19;
-    r[38] = (sp_digit)n;
-    XMEMSET(&r[39], 0, sizeof(*r) * 39U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_39(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_39(a + 39);
-
-    for (i=0; i<38; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffL);
-        sp_4096_mul_add_39(a+i, m, mu);
-        a[i+1] += a[i] >> 53;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x3ffffffffL);
-    sp_4096_mul_add_39(a+i, m, mu);
-    a[i+1] += a[i] >> 53;
-    a[i] &= 0x1fffffffffffffL;
-    sp_4096_mont_shift_39(a, a);
-    over = a[38] - m[38];
-    sp_4096_cond_sub_39(a, a, m, ~((over - 1) >> 63));
-    sp_4096_norm_39(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_39(r, a, b);
-    sp_4096_mont_reduce_39(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_39(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_39(r, a);
-    sp_4096_mont_reduce_39(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_39(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 36; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[36];
-    r[36] = (sp_digit)(t & 0x1fffffffffffffL);
-    t >>= 53;
-    t += tb * a[37];
-    r[37] = (sp_digit)(t & 0x1fffffffffffffL);
-    t >>= 53;
-    t += tb * a[38];
-    r[38] = (sp_digit)(t & 0x1fffffffffffffL);
-    t >>= 53;
-    r[39] = (sp_digit)(t & 0x1fffffffffffffL);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_39(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[32] = a[32] + (b[32] & m);
-    r[33] = a[33] + (b[33] & m);
-    r[34] = a[34] + (b[34] & m);
-    r[35] = a[35] + (b[35] & m);
-    r[36] = a[36] + (b[36] & m);
-    r[37] = a[37] + (b[37] & m);
-    r[38] = a[38] + (b[38] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_4096_rshift_39(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<32; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (53 - n)) & 0x1fffffffffffffL);
-    }
-    r[32] = (a[32] >> n) | (sp_digit)((a[33] << (53 - n)) & 0x1fffffffffffffL);
-    r[33] = (a[33] >> n) | (sp_digit)((a[34] << (53 - n)) & 0x1fffffffffffffL);
-    r[34] = (a[34] >> n) | (sp_digit)((a[35] << (53 - n)) & 0x1fffffffffffffL);
-    r[35] = (a[35] >> n) | (sp_digit)((a[36] << (53 - n)) & 0x1fffffffffffffL);
-    r[36] = (a[36] >> n) | (sp_digit)((a[37] << (53 - n)) & 0x1fffffffffffffL);
-    r[37] = (a[37] >> n) | (sp_digit)((a[38] << (53 - n)) & 0x1fffffffffffffL);
-    r[38] = a[38] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_39(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 53);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 51; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 52) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 53);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 106) - (sp_digit)(d >> 106);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 22) + 1;
-
-    t = (sp_digit)(d >> 44);
-    t = (t / dv) << 22;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 9);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_39(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_39(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 39 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 39 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 78 + 1;
-        sd = t2 + 39 + 1;
-
-        sp_4096_mul_d_39(sd, d, (sp_digit)1 << 19);
-        sp_4096_mul_d_78(t1, a, (sp_digit)1 << 19);
-        dv = sd[38];
-        t1[39 + 39] += t1[39 + 39 - 1] >> 53;
-        t1[39 + 39 - 1] &= 0x1fffffffffffffL;
-        for (i=39; i>=0; i--) {
-            r1 = sp_4096_div_word_39(t1[39 + i], t1[39 + i - 1], dv);
-
-            sp_4096_mul_d_39(t2, sd, r1);
-            (void)sp_4096_sub_39(&t1[i], &t1[i], t2);
-            sp_4096_norm_39(&t1[i]);
-            t1[39 + i] -= t2[39];
-            t1[39 + i] += t1[39 + i - 1] >> 53;
-            t1[39 + i - 1] &= 0x1fffffffffffffL;
-            r1 = sp_4096_div_word_39(-t1[39 + i], -t1[39 + i - 1], dv);
-            r1 -= t1[39 + i];
-            sp_4096_mul_d_39(t2, sd, r1);
-            (void)sp_4096_add_39(&t1[i], &t1[i], t2);
-            t1[39 + i] += t1[39 + i - 1] >> 53;
-            t1[39 + i - 1] &= 0x1fffffffffffffL;
-        }
-        t1[39 - 1] += t1[39 - 2] >> 53;
-        t1[39 - 2] &= 0x1fffffffffffffL;
-        r1 = sp_4096_word_div_word_39(t1[39 - 1], dv);
-
-        sp_4096_mul_d_39(t2, sd, r1);
-        sp_4096_sub_39(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 78U);
-        for (i=0; i<38; i++) {
-            r[i+1] += r[i] >> 53;
-            r[i] &= 0x1fffffffffffffL;
-        }
-        sp_4096_cond_add_39(r, r, sd, r[38] >> 63);
-
-        sp_4096_norm_39(r);
-        sp_4096_rshift_39(r, r, 19);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_39(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_39(a, m, NULL, r);
-}
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_39(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 78);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 78, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 39 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 39U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_39(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_39(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 39U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_39(t[1], t[1], norm);
-        err = sp_4096_mod_39(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 53;
-        c = bits % 53;
-        n = e[i--] << (53 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 53;
-            }
-
-            y = (int)((n >> 52) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_39(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 39 * 2);
-            sp_4096_mont_sqr_39(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 39 * 2);
-        }
-
-        sp_4096_mont_reduce_39(t[0], m, mp);
-        n = sp_4096_cmp_39(t[0], m);
-        sp_4096_cond_sub_39(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 39 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 78);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 78, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 39 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_39(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_39(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_39(t[1], t[1], norm);
-                err = sp_4096_mod_39(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_39(t[1], a, norm);
-            err = sp_4096_mod_39(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 53;
-        c = bits % 53;
-        n = e[i--] << (53 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 53;
-            }
-
-            y = (int)((n >> 52) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_39(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 39 * 2);
-            sp_4096_mont_sqr_39(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 39 * 2);
-        }
-
-        sp_4096_mont_reduce_39(t[0], m, mp);
-        n = sp_4096_cmp_39(t[0], m);
-        sp_4096_cond_sub_39(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 39 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (32 * 78) + 78);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (32 * 78) + 78, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 78;
-        rt = td + 2496;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_39(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_39(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_39(t[1], t[1], norm);
-                err = sp_4096_mod_39(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_39(t[1], a, norm);
-            err = sp_4096_mod_39(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_39(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_39(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_39(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_39(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_39(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_39(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_39(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_39(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_39(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_39(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_39(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_39(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_39(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_39(t[15], t[ 8], t[ 7], m, mp);
-        sp_4096_mont_sqr_39(t[16], t[ 8], m, mp);
-        sp_4096_mont_mul_39(t[17], t[ 9], t[ 8], m, mp);
-        sp_4096_mont_sqr_39(t[18], t[ 9], m, mp);
-        sp_4096_mont_mul_39(t[19], t[10], t[ 9], m, mp);
-        sp_4096_mont_sqr_39(t[20], t[10], m, mp);
-        sp_4096_mont_mul_39(t[21], t[11], t[10], m, mp);
-        sp_4096_mont_sqr_39(t[22], t[11], m, mp);
-        sp_4096_mont_mul_39(t[23], t[12], t[11], m, mp);
-        sp_4096_mont_sqr_39(t[24], t[12], m, mp);
-        sp_4096_mont_mul_39(t[25], t[13], t[12], m, mp);
-        sp_4096_mont_sqr_39(t[26], t[13], m, mp);
-        sp_4096_mont_mul_39(t[27], t[14], t[13], m, mp);
-        sp_4096_mont_sqr_39(t[28], t[14], m, mp);
-        sp_4096_mont_mul_39(t[29], t[15], t[14], m, mp);
-        sp_4096_mont_sqr_39(t[30], t[15], m, mp);
-        sp_4096_mont_mul_39(t[31], t[16], t[15], m, mp);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 52) / 53) - 1;
-        c = bits % 53;
-        if (c == 0) {
-            c = 53;
-        }
-        if (i < 39) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (11 - c);
-            c += 53;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 78);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 11;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 48;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 11;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 53 - c;
-            }
-
-            sp_4096_mont_sqr_39(rt, rt, m, mp);
-            sp_4096_mont_sqr_39(rt, rt, m, mp);
-            sp_4096_mont_sqr_39(rt, rt, m, mp);
-            sp_4096_mont_sqr_39(rt, rt, m, mp);
-            sp_4096_mont_sqr_39(rt, rt, m, mp);
-
-            sp_4096_mont_mul_39(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_39(rt, m, mp);
-        n = sp_4096_cmp_39(rt, m);
-        sp_4096_cond_sub_39(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 78);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_HAVE_SP_RSA & !SP_RSA_PRIVATE_EXP_D */
-#endif /* (WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH) & !WOLFSSL_RSA_PUBLIC_ONLY */
-
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_78(sp_digit* r, const sp_digit* m)
-{
-    /* Set r = 2^n - 1. */
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = 0x1fffffffffffffL;
-        r[i + 1] = 0x1fffffffffffffL;
-        r[i + 2] = 0x1fffffffffffffL;
-        r[i + 3] = 0x1fffffffffffffL;
-        r[i + 4] = 0x1fffffffffffffL;
-        r[i + 5] = 0x1fffffffffffffL;
-        r[i + 6] = 0x1fffffffffffffL;
-        r[i + 7] = 0x1fffffffffffffL;
-    }
-    r[72] = 0x1fffffffffffffL;
-    r[73] = 0x1fffffffffffffL;
-    r[74] = 0x1fffffffffffffL;
-    r[75] = 0x1fffffffffffffL;
-    r[76] = 0x1fffffffffffffL;
-    r[77] = 0x7fffL;
-
-    /* r = (2^n - 1) mod n */
-    (void)sp_4096_sub_78(r, r, m);
-
-    /* Add one so r = 2^n mod m */
-    r[0] += 1;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_4096_cmp_78(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-    int i;
-
-    r |= (a[77] - b[77]) & (0 - (sp_digit)1);
-    r |= (a[76] - b[76]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[75] - b[75]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[74] - b[74]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[73] - b[73]) & ~(((sp_digit)0 - r) >> 52);
-    r |= (a[72] - b[72]) & ~(((sp_digit)0 - r) >> 52);
-    for (i = 64; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 52);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 52);
-    }
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_sub_78(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[72] = a[72] - (b[72] & m);
-    r[73] = a[73] - (b[73] & m);
-    r[74] = a[74] - (b[74] & m);
-    r[75] = a[75] - (b[75] & m);
-    r[76] = a[76] - (b[76] & m);
-    r[77] = a[77] - (b[77] & m);
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_add_78(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1fffffffffffffL);
-    for (i = 0; i < 72; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 53) + (t[1] & 0x1fffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 53) + (t[2] & 0x1fffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 53) + (t[3] & 0x1fffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 53) + (t[4] & 0x1fffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 53) + (t[5] & 0x1fffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 53) + (t[6] & 0x1fffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 53) + (t[7] & 0x1fffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 53) + (t[0] & 0x1fffffffffffffL));
-    }
-    t[1] = tb * a[73];
-    r[73] += (sp_digit)((t[0] >> 53) + (t[1] & 0x1fffffffffffffL));
-    t[2] = tb * a[74];
-    r[74] += (sp_digit)((t[1] >> 53) + (t[2] & 0x1fffffffffffffL));
-    t[3] = tb * a[75];
-    r[75] += (sp_digit)((t[2] >> 53) + (t[3] & 0x1fffffffffffffL));
-    t[4] = tb * a[76];
-    r[76] += (sp_digit)((t[3] >> 53) + (t[4] & 0x1fffffffffffffL));
-    t[5] = tb * a[77];
-    r[77] += (sp_digit)((t[4] >> 53) + (t[5] & 0x1fffffffffffffL));
-    r[78] +=  (sp_digit)(t[5] >> 53);
-}
-
-/* Shift the result in the high 4096 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_4096_mont_shift_78(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    sp_int128 n = a[77] >> 15;
-    n += ((sp_int128)a[78]) << 38;
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 79]) << 38;
-        r[i + 1] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 80]) << 38;
-        r[i + 2] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 81]) << 38;
-        r[i + 3] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 82]) << 38;
-        r[i + 4] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 83]) << 38;
-        r[i + 5] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 84]) << 38;
-        r[i + 6] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 85]) << 38;
-        r[i + 7] = (sp_digit)(n & 0x1fffffffffffffL);
-        n >>= 53; n += ((sp_int128)a[i + 86]) << 38;
-    }
-    r[72] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[151]) << 38;
-    r[73] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[152]) << 38;
-    r[74] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[153]) << 38;
-    r[75] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[154]) << 38;
-    r[76] = (sp_digit)(n & 0x1fffffffffffffL); n >>= 53; n += ((sp_int128)a[155]) << 38;
-    r[77] = (sp_digit)n;
-    XMEMSET(&r[78], 0, sizeof(*r) * 78U);
-}
-
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_4096_mont_reduce_78(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_4096_norm_78(a + 78);
-
-#ifdef WOLFSSL_SP_DH
-    if (mp != 1) {
-        for (i=0; i<77; i++) {
-            mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffL);
-            sp_4096_mul_add_78(a+i, m, mu);
-            a[i+1] += a[i] >> 53;
-        }
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7fffL);
-        sp_4096_mul_add_78(a+i, m, mu);
-        a[i+1] += a[i] >> 53;
-        a[i] &= 0x1fffffffffffffL;
-    }
-    else {
-        for (i=0; i<77; i++) {
-            mu = (sp_digit)(a[i] & 0x1fffffffffffffL);
-            sp_4096_mul_add_78(a+i, m, mu);
-            a[i+1] += a[i] >> 53;
-        }
-        mu = (sp_digit)(a[i] & 0x7fffL);
-        sp_4096_mul_add_78(a+i, m, mu);
-        a[i+1] += a[i] >> 53;
-        a[i] &= 0x1fffffffffffffL;
-    }
-#else
-    for (i=0; i<77; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1fffffffffffffL);
-        sp_4096_mul_add_78(a+i, m, mu);
-        a[i+1] += a[i] >> 53;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7fffL);
-    sp_4096_mul_add_78(a+i, m, mu);
-    a[i+1] += a[i] >> 53;
-    a[i] &= 0x1fffffffffffffL;
-#endif
-    sp_4096_mont_shift_78(a, a);
-    over = a[77] - m[77];
-    sp_4096_cond_sub_78(a, a, m, ~((over - 1) >> 63));
-    sp_4096_norm_78(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_78(r, a, b);
-    sp_4096_mont_reduce_78(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_78(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_78(r, a);
-    sp_4096_mont_reduce_78(r, m, mp);
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_4096_mul_d_156(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 156; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1fffffffffffffL);
-        t >>= 53;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[156] = (sp_digit)(t & 0x1fffffffffffffL);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_4096_cond_add_78(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 72; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[72] = a[72] + (b[72] & m);
-    r[73] = a[73] + (b[73] & m);
-    r[74] = a[74] + (b[74] & m);
-    r[75] = a[75] + (b[75] & m);
-    r[76] = a[76] + (b[76] & m);
-    r[77] = a[77] + (b[77] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_4096_rshift_78(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-    for (i=0; i<72; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (53 - n)) & 0x1fffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (53 - n)) & 0x1fffffffffffffL);
-    }
-    r[72] = (a[72] >> n) | (sp_digit)((a[73] << (53 - n)) & 0x1fffffffffffffL);
-    r[73] = (a[73] >> n) | (sp_digit)((a[74] << (53 - n)) & 0x1fffffffffffffL);
-    r[74] = (a[74] >> n) | (sp_digit)((a[75] << (53 - n)) & 0x1fffffffffffffL);
-    r[75] = (a[75] >> n) | (sp_digit)((a[76] << (53 - n)) & 0x1fffffffffffffL);
-    r[76] = (a[76] >> n) | (sp_digit)((a[77] << (53 - n)) & 0x1fffffffffffffL);
-    r[77] = a[77] >> n;
-}
-
-static WC_INLINE sp_digit sp_4096_div_word_78(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 53);
-    sp_digit t0 = (sp_digit)(d & 0x1fffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 51; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 52) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 53);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 106) - (sp_digit)(d >> 106);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 53) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 22) + 1;
-
-    t = (sp_digit)(d >> 44);
-    t = (t / dv) << 22;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 13);
-    t = t / (dv << 9);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_4096_word_div_word_78(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_div_78(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 78 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 78 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 156 + 1;
-        sd = t2 + 78 + 1;
-
-        sp_4096_mul_d_78(sd, d, (sp_digit)1 << 38);
-        sp_4096_mul_d_156(t1, a, (sp_digit)1 << 38);
-        dv = sd[77];
-        t1[78 + 78] += t1[78 + 78 - 1] >> 53;
-        t1[78 + 78 - 1] &= 0x1fffffffffffffL;
-        for (i=78; i>=0; i--) {
-            r1 = sp_4096_div_word_78(t1[78 + i], t1[78 + i - 1], dv);
-
-            sp_4096_mul_d_78(t2, sd, r1);
-            (void)sp_4096_sub_78(&t1[i], &t1[i], t2);
-            sp_4096_norm_78(&t1[i]);
-            t1[78 + i] -= t2[78];
-            t1[78 + i] += t1[78 + i - 1] >> 53;
-            t1[78 + i - 1] &= 0x1fffffffffffffL;
-            r1 = sp_4096_div_word_78(-t1[78 + i], -t1[78 + i - 1], dv);
-            r1 -= t1[78 + i];
-            sp_4096_mul_d_78(t2, sd, r1);
-            (void)sp_4096_add_78(&t1[i], &t1[i], t2);
-            t1[78 + i] += t1[78 + i - 1] >> 53;
-            t1[78 + i - 1] &= 0x1fffffffffffffL;
-        }
-        t1[78 - 1] += t1[78 - 2] >> 53;
-        t1[78 - 2] &= 0x1fffffffffffffL;
-        r1 = sp_4096_word_div_word_78(t1[78 - 1], dv);
-
-        sp_4096_mul_d_78(t2, sd, r1);
-        sp_4096_sub_78(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 156U);
-        for (i=0; i<77; i++) {
-            r[i+1] += r[i] >> 53;
-            r[i] &= 0x1fffffffffffffL;
-        }
-        sp_4096_cond_add_78(r, r, sd, r[77] >> 63);
-
-        sp_4096_norm_78(r);
-        sp_4096_rshift_78(r, r, 38);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_4096_mod_78(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_78(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_78(sp_digit* r, const sp_digit* a, const sp_digit* e,
-    int bits, const sp_digit* m, int reduceA)
-{
-#if defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP)
-    SP_DECL_VAR(sp_digit, td, 3 * 156);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 156, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 78 * 2);
-            XMEMSET(t[i], 0, sizeof(sp_digit) * 78U * 2U);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_78(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_78(t[1], a, m);
-        }
-        else {
-            XMEMCPY(t[1], a, sizeof(sp_digit) * 78U);
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_78(t[1], t[1], norm);
-        err = sp_4096_mod_78(t[1], t[1], m);
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 53;
-        c = bits % 53;
-        n = e[i--] << (53 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 53;
-            }
-
-            y = (int)((n >> 52) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_78(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 78 * 2);
-            sp_4096_mont_sqr_78(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 78 * 2);
-        }
-
-        sp_4096_mont_reduce_78(t[0], m, mp);
-        n = sp_4096_cmp_78(t[0], m);
-        sp_4096_cond_sub_78(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 78 * 2);
-
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#elif !defined(WC_NO_CACHE_RESISTANT)
-    SP_DECL_VAR(sp_digit, td, 3 * 156);
-    sp_digit* t[3] = {0, 0, 0};
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 3 * 156, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<3; i++) {
-            t[i] = td + (i * 78 * 2);
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_78(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_78(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_78(t[1], t[1], norm);
-                err = sp_4096_mod_78(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_78(t[1], a, norm);
-            err = sp_4096_mod_78(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        i = bits / 53;
-        c = bits % 53;
-        n = e[i--] << (53 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1) {
-                    break;
-                }
-
-                n = e[i--];
-                c = 53;
-            }
-
-            y = (int)((n >> 52) & 1);
-            n <<= 1;
-
-            sp_4096_mont_mul_78(t[y^1], t[0], t[1], m, mp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                                  sizeof(*t[2]) * 78 * 2);
-            sp_4096_mont_sqr_78(t[2], t[2], m, mp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                            sizeof(*t[2]) * 78 * 2);
-        }
-
-        sp_4096_mont_reduce_78(t[0], m, mp);
-        n = sp_4096_cmp_78(t[0], m);
-        sp_4096_cond_sub_78(t[0], t[0], m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, t[0], sizeof(*r) * 78 * 2);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, td, (16 * 156) + 156);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (16 * 156) + 156, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 156;
-        rt = td + 2496;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_78(norm, m);
-
-        if (reduceA != 0) {
-            err = sp_4096_mod_78(t[1], a, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_78(t[1], t[1], norm);
-                err = sp_4096_mod_78(t[1], t[1], m);
-            }
-        }
-        else {
-            sp_4096_mul_78(t[1], a, norm);
-            err = sp_4096_mod_78(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_78(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_78(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_78(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_78(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_78(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_78(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_78(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_78(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_78(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_78(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_78(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_78(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_78(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_78(t[15], t[ 8], t[ 7], m, mp);
-
-        bits = ((bits + 3) / 4) * 4;
-        i = ((bits + 52) / 53) - 1;
-        c = bits % 53;
-        if (c == 0) {
-            c = 53;
-        }
-        if (i < 78) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 4) {
-            n |= e[i--] << (11 - c);
-            c += 53;
-        }
-        y = (int)((n >> 60) & 0xf);
-        n <<= 4;
-        c -= 4;
-        XMEMCPY(rt, t[y], sizeof(sp_digit) * 156);
-        while ((i >= 0) || (c >= 4)) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--] << 11;
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c = 49;
-            }
-            else {
-                y = (byte)((n >> 60) & 0xf);
-                n = e[i--] << 11;
-                c = 4 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 53 - c;
-            }
-
-            sp_4096_mont_sqr_78(rt, rt, m, mp);
-            sp_4096_mont_sqr_78(rt, rt, m, mp);
-            sp_4096_mont_sqr_78(rt, rt, m, mp);
-            sp_4096_mont_sqr_78(rt, rt, m, mp);
-
-            sp_4096_mont_mul_78(rt, rt, t[y], m, mp);
-        }
-
-        sp_4096_mont_reduce_78(rt, m, mp);
-        n = sp_4096_cmp_78(rt, m);
-        sp_4096_cond_sub_78(rt, rt, m, (sp_digit)~(n >> 63));
-        XMEMCPY(r, rt, sizeof(sp_digit) * 156);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-#endif
-}
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) || */
-       /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-#ifdef WOLFSSL_SP_SMALL
-    SP_DECL_VAR(sp_digit, a, 78 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit* norm = NULL;
-    sp_uint64 e[1] = {0};
-    sp_digit mp = 0;
-    int i;
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 78 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 78 * 2;
-        m = r + 78 * 2;
-        norm = r;
-
-        sp_4096_from_bin(a, 78, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 78, mm);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_78(norm, m);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_mul_78(a, a, norm);
-        err = sp_4096_mod_78(a, a, m);
-    }
-    if (err == MP_OKAY) {
-        for (i=63; i>=0; i--) {
-            if ((e[0] >> i) != 0) {
-                break;
-            }
-        }
-
-        XMEMCPY(r, a, sizeof(sp_digit) * 78 * 2);
-        for (i--; i>=0; i--) {
-            sp_4096_mont_sqr_78(r, r, m, mp);
-
-            if (((e[0] >> i) & 1) == 1) {
-                sp_4096_mont_mul_78(r, r, a, m, mp);
-            }
-        }
-        sp_4096_mont_reduce_78(r, m, mp);
-        mp = sp_4096_cmp_78(r, m);
-        sp_4096_cond_sub_78(r, r, m, ~(mp >> 63));
-
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 78 * 5);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_uint64 e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 64) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 78 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d;
-        r = a + 78 * 2;
-        m = r + 78 * 2;
-
-        sp_4096_from_bin(a, 78, in, inLen);
-#if DIGIT_BIT >= 64
-        e[0] = (sp_uint64)em->dp[0];
-#else
-        e[0] = (sp_uint64)em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 78, mm);
-
-        if (e[0] == 0x3) {
-            sp_4096_sqr_78(r, a);
-            err = sp_4096_mod_78(r, r, m);
-            if (err == MP_OKAY) {
-                sp_4096_mul_78(r, a, r);
-                err = sp_4096_mod_78(r, r, m);
-            }
-        }
-        else {
-            sp_digit* norm = r;
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-            sp_4096_mont_norm_78(norm, m);
-
-            sp_4096_mul_78(a, a, norm);
-            err = sp_4096_mod_78(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if ((e[0] >> i) != 0) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 156U);
-                for (i--; i>=0; i--) {
-                    sp_4096_mont_sqr_78(r, r, m, mp);
-
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_78(r, r, a, m, mp);
-                    }
-                }
-                sp_4096_mont_reduce_78(r, m, mp);
-                mp = sp_4096_cmp_78(r, m);
-                sp_4096_cond_sub_78(r, r, m, ~(mp >> 63));
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(d, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if !defined(SP_RSA_PRIVATE_EXP_D) && !defined(RSA_LOW_MEM)
-#endif /* !SP_RSA_PRIVATE_EXP_D & !RSA_LOW_MEM */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, d, 78 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 78 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 78;
-        m = a + 156;
-        r = a;
-
-        sp_4096_from_bin(a, 78, in, inLen);
-        sp_4096_from_mp(d, 78, dm);
-        sp_4096_from_mp(m, 78, mm);
-        err = sp_4096_mod_exp_78(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 78, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, d, 78 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 78 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 78;
-        m = a + 156;
-        r = a;
-
-        sp_4096_from_bin(a, 78, in, inLen);
-        sp_4096_from_mp(d, 78, dm);
-        sp_4096_from_mp(m, 78, mm);
-        err = sp_4096_mod_exp_78(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 78, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#else
-#if defined(WOLFSSL_SP_SMALL)
-    SP_DECL_VAR(sp_digit, a, 39 * 8);
-    sp_digit* p = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 39 * 8, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 78;
-        qi = dq = dp = p + 39;
-        tmpa = qi + 39;
-        tmpb = tmpa + 78;
-        r = a;
-
-        sp_4096_from_bin(a, 78, in, inLen);
-        sp_4096_from_mp(p, 39, pm);
-        sp_4096_from_mp(dp, 39, dpm);
-        err = sp_4096_mod_exp_39(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 39, qm);
-        sp_4096_from_mp(dq, 39, dqm);
-        err = sp_4096_mod_exp_39(tmpb, a, dq, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 39, pm);
-        (void)sp_4096_sub_39(tmpa, tmpa, tmpb);
-        sp_4096_norm_39(tmpa);
-        sp_4096_cond_add_39(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[38] >> 63));
-        sp_4096_cond_add_39(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[38] >> 63));
-        sp_4096_norm_39(tmpa);
-
-        sp_4096_from_mp(qi, 39, qim);
-        sp_4096_mul_39(tmpa, tmpa, qi);
-        err = sp_4096_mod_39(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(p, 39, qm);
-        sp_4096_mul_39(tmpa, p, tmpa);
-        (void)sp_4096_add_78(r, tmpb, tmpa);
-        sp_4096_norm_78(r);
-
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 39 * 8, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 39 * 13);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(pm)) {
-            err = MP_VAL;
-        }
-        else if (mp_iseven(qm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 39 * 13, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 78 * 2;
-        q = p + 39;
-        dp = q + 39;
-        dq = dp + 39;
-        qi = dq + 39;
-        tmpa = qi + 39;
-        tmpb = tmpa + 78;
-        r = a;
-
-        sp_4096_from_bin(a, 78, in, inLen);
-        sp_4096_from_mp(p, 39, pm);
-        sp_4096_from_mp(q, 39, qm);
-        sp_4096_from_mp(dp, 39, dpm);
-        sp_4096_from_mp(dq, 39, dqm);
-        sp_4096_from_mp(qi, 39, qim);
-
-        err = sp_4096_mod_exp_39(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_4096_mod_exp_39(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        (void)sp_4096_sub_39(tmpa, tmpa, tmpb);
-        sp_4096_norm_39(tmpa);
-        sp_4096_cond_add_39(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[38] >> 63));
-        sp_4096_cond_add_39(tmpa, tmpa, p, 0 - ((sp_int_digit)tmpa[38] >> 63));
-        sp_4096_norm_39(tmpa);
-        sp_4096_mul_39(tmpa, tmpa, qi);
-        err = sp_4096_mod_39(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mul_39(tmpa, tmpa, q);
-        (void)sp_4096_add_78(r, tmpb, tmpa);
-        sp_4096_norm_78(r);
-
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 39 * 13, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-}
-
-#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 53
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 78);
-        r->used = 78;
-        mp_clamp(r);
-#elif DIGIT_BIT < 53
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 78; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 53) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 53 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 78; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 53 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 53 - s;
-            }
-            else {
-                s += 53;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 78 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 78 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 78 * 2;
-        m = e + 78;
-        r = b;
-
-        sp_4096_from_mp(b, 78, base);
-        sp_4096_from_mp(e, 78, exp);
-        sp_4096_from_mp(m, 78, mod);
-
-        err = sp_4096_mod_exp_78(r, b, e, mp_count_bits(exp), m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 78U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, b, 78 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 78 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 78 * 2;
-        m = e + 78;
-        r = b;
-
-        sp_4096_from_mp(b, 78, base);
-        sp_4096_from_mp(e, 78, exp);
-        sp_4096_from_mp(m, 78, mod);
-
-        err = sp_4096_mod_exp_78(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 78U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-#endif
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-SP_NOINLINE static void sp_4096_lshift_78(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[77];
-    r[78] = s >> (53U - n);
-    s = (sp_int_digit)(a[77]); t = (sp_int_digit)(a[76]);
-    r[77] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[76]); t = (sp_int_digit)(a[75]);
-    r[76] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[75]); t = (sp_int_digit)(a[74]);
-    r[75] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[74]); t = (sp_int_digit)(a[73]);
-    r[74] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[73]); t = (sp_int_digit)(a[72]);
-    r[73] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[72]); t = (sp_int_digit)(a[71]);
-    r[72] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[71]); t = (sp_int_digit)(a[70]);
-    r[71] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[70]); t = (sp_int_digit)(a[69]);
-    r[70] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[69]); t = (sp_int_digit)(a[68]);
-    r[69] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[68]); t = (sp_int_digit)(a[67]);
-    r[68] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[67]); t = (sp_int_digit)(a[66]);
-    r[67] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[66]); t = (sp_int_digit)(a[65]);
-    r[66] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[65]); t = (sp_int_digit)(a[64]);
-    r[65] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[64]); t = (sp_int_digit)(a[63]);
-    r[64] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[63]); t = (sp_int_digit)(a[62]);
-    r[63] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[62]); t = (sp_int_digit)(a[61]);
-    r[62] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[61]); t = (sp_int_digit)(a[60]);
-    r[61] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[60]); t = (sp_int_digit)(a[59]);
-    r[60] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[59]); t = (sp_int_digit)(a[58]);
-    r[59] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[58]); t = (sp_int_digit)(a[57]);
-    r[58] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[57]); t = (sp_int_digit)(a[56]);
-    r[57] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[56]); t = (sp_int_digit)(a[55]);
-    r[56] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[55]); t = (sp_int_digit)(a[54]);
-    r[55] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[54]); t = (sp_int_digit)(a[53]);
-    r[54] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[53]); t = (sp_int_digit)(a[52]);
-    r[53] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[52]); t = (sp_int_digit)(a[51]);
-    r[52] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[51]); t = (sp_int_digit)(a[50]);
-    r[51] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[50]); t = (sp_int_digit)(a[49]);
-    r[50] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[49]); t = (sp_int_digit)(a[48]);
-    r[49] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[48]); t = (sp_int_digit)(a[47]);
-    r[48] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[47]); t = (sp_int_digit)(a[46]);
-    r[47] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[46]); t = (sp_int_digit)(a[45]);
-    r[46] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[45]); t = (sp_int_digit)(a[44]);
-    r[45] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[44]); t = (sp_int_digit)(a[43]);
-    r[44] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[43]); t = (sp_int_digit)(a[42]);
-    r[43] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[42]); t = (sp_int_digit)(a[41]);
-    r[42] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[41]); t = (sp_int_digit)(a[40]);
-    r[41] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[40]); t = (sp_int_digit)(a[39]);
-    r[40] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[39]); t = (sp_int_digit)(a[38]);
-    r[39] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[38]); t = (sp_int_digit)(a[37]);
-    r[38] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[37]); t = (sp_int_digit)(a[36]);
-    r[37] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[36]); t = (sp_int_digit)(a[35]);
-    r[36] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[35]); t = (sp_int_digit)(a[34]);
-    r[35] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[34]); t = (sp_int_digit)(a[33]);
-    r[34] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[33]); t = (sp_int_digit)(a[32]);
-    r[33] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[32]); t = (sp_int_digit)(a[31]);
-    r[32] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[31]); t = (sp_int_digit)(a[30]);
-    r[31] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[30]); t = (sp_int_digit)(a[29]);
-    r[30] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[29]); t = (sp_int_digit)(a[28]);
-    r[29] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[28]); t = (sp_int_digit)(a[27]);
-    r[28] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[27]); t = (sp_int_digit)(a[26]);
-    r[27] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[26]); t = (sp_int_digit)(a[25]);
-    r[26] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[25]); t = (sp_int_digit)(a[24]);
-    r[25] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[24]); t = (sp_int_digit)(a[23]);
-    r[24] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[23]); t = (sp_int_digit)(a[22]);
-    r[23] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[22]); t = (sp_int_digit)(a[21]);
-    r[22] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[21]); t = (sp_int_digit)(a[20]);
-    r[21] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[20]); t = (sp_int_digit)(a[19]);
-    r[20] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[19]); t = (sp_int_digit)(a[18]);
-    r[19] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[18]); t = (sp_int_digit)(a[17]);
-    r[18] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (53U - n))) & 0x1fffffffffffffUL);
-    r[0] = (sp_digit)((a[0] << n) & 0x1fffffffffffffL);
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_78(sp_digit* r, const sp_digit* e, int bits, const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 235);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 235, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp  = td + 156;
-        XMEMSET(td, 0, sizeof(sp_digit) * 235);
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_78(norm, m);
-
-        bits = ((bits + 4) / 5) * 5;
-        i = ((bits + 52) / 53) - 1;
-        c = bits % 53;
-        if (c == 0) {
-            c = 53;
-        }
-        if (i < 78) {
-            n = e[i--] << (64 - c);
-        }
-        else {
-            n = 0;
-            i--;
-        }
-        if (c < 5) {
-            n |= e[i--] << (11 - c);
-            c += 53;
-        }
-        y = (int)((n >> 59) & 0x1f);
-        n <<= 5;
-        c -= 5;
-        sp_4096_lshift_78(r, norm, (byte)y);
-        while ((i >= 0) || (c >= 5)) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--] << 11;
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c = 48;
-            }
-            else {
-                y = (byte)((n >> 59) & 0x1f);
-                n = e[i--] << 11;
-                c = 5 - c;
-                y |= (byte)((n >> (64 - c)) & ((1 << c) - 1));
-                n <<= c;
-                c = 53 - c;
-            }
-
-            sp_4096_mont_sqr_78(r, r, m, mp);
-            sp_4096_mont_sqr_78(r, r, m, mp);
-            sp_4096_mont_sqr_78(r, r, m, mp);
-            sp_4096_mont_sqr_78(r, r, m, mp);
-            sp_4096_mont_sqr_78(r, r, m, mp);
-
-            sp_4096_lshift_78(r, r, (byte)y);
-            sp_4096_mul_d_78(tmp, norm, (r[78] << 38) + (r[77] >> 15));
-            r[78] = 0;
-            r[77] &= 0x7fffL;
-            (void)sp_4096_add_78(r, r, tmp);
-            sp_4096_norm_78(r);
-            o = sp_4096_cmp_78(r, m);
-            sp_4096_cond_sub_78(r, r, m, ~(o >> 63));
-        }
-
-        sp_4096_mont_reduce_78(r, m, mp);
-        n = sp_4096_cmp_78(r, m);
-        sp_4096_cond_sub_78(r, r, m, (sp_digit)~(n >> 63));
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, b, 78 * 4);
-    sp_digit* e = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    word32 i;
-    int err = MP_OKAY;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 78 * 4, NULL, DYNAMIC_TYPE_DH);
-
-    if (err == MP_OKAY) {
-        e = b + 78 * 2;
-        m = e + 78;
-        r = b;
-
-        sp_4096_from_mp(b, 78, base);
-        sp_4096_from_bin(e, 78, exp, expLen);
-        sp_4096_from_mp(m, 78, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2U &&
-                ((m[77] << 17) | (m[76] >> 36)) == 0xffffffffL) {
-            err = sp_4096_mod_exp_2_78(r, e, expLen * 8U, m);
-        }
-        else {
-    #endif
-            err = sp_4096_mod_exp_78(r, b, e, expLen * 8U, m, 0);
-    #ifdef HAVE_FFDHE_4096
-        }
-    #endif
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_78(r, out);
-        *outLen = 512;
-        for (i=0; i<512U && out[i] == 0U; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, b, e, 78U, NULL, DYNAMIC_TYPE_DH);
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 5];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 5];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 5];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[5] = {
-    0xfffffffffffffL,0x00fffffffffffL,0x0000000000000L,0x0001000000000L,
-    0x0ffffffff0000L
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[5] = {
-    0x0000000000001L,0xff00000000000L,0xfffffffffffffL,0xfffefffffffffL,
-    0x000000000ffffL
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x0000000000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[5] = {
-    0x9cac2fc632551L,0xada7179e84f3bL,0xfffffffbce6faL,0x0000fffffffffL,
-    0x0ffffffff0000L
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[5] = {
-    0x9cac2fc63254fL,0xada7179e84f3bL,0xfffffffbce6faL,0x0000fffffffffL,
-    0x0ffffffff0000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[5] = {
-    0x6353d039cdaafL,0x5258e8617b0c4L,0x0000000431905L,0xffff000000000L,
-    0x000000000ffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0x1c8aaee00bc4fL;
-#endif
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0x13945d898c296L,0x812deb33a0f4aL,0x3a440f277037dL,0x4247f8bce6e56L,
-        0x06b17d1f2e12cL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x6406837bf51f5L,0x576b315ececbbL,0xc0f9e162bce33L,0x7f9b8ee7eb4a7L,
-        0x04fe342e2fe1aL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000001L,0x0000000000000L,0x0000000000000L,0x0000000000000L,
-        0x0000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[5] = {
-    0xe3c3e27d2604bL,0xb0cc53b0f63bcL,0x69886bc651d06L,0x93e7b3ebbd557L,
-    0x05ac635d8aa3aL
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_5(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[4]) * b[4];
-    r[9] = (sp_digit)(c >> 52);
-    c &= 0xfffffffffffffL;
-    for (k = 7; k >= 0; k--) {
-        if (k >= 5) {
-            i = k - 4;
-            imax = 4;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 52;
-        r[k + 2] += (sp_digit)(c >> 52);
-        r[k + 1]  = (sp_digit)(c & 0xfffffffffffffL);
-        c = lo & 0xfffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_5(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int128 t0   = ((sp_int128)a[ 0]) * b[ 0];
-    sp_int128 t1   = ((sp_int128)a[ 0]) * b[ 1]
-                 + ((sp_int128)a[ 1]) * b[ 0];
-    sp_int128 t2   = ((sp_int128)a[ 0]) * b[ 2]
-                 + ((sp_int128)a[ 1]) * b[ 1]
-                 + ((sp_int128)a[ 2]) * b[ 0];
-    sp_int128 t3   = ((sp_int128)a[ 0]) * b[ 3]
-                 + ((sp_int128)a[ 1]) * b[ 2]
-                 + ((sp_int128)a[ 2]) * b[ 1]
-                 + ((sp_int128)a[ 3]) * b[ 0];
-    sp_int128 t4   = ((sp_int128)a[ 0]) * b[ 4]
-                 + ((sp_int128)a[ 1]) * b[ 3]
-                 + ((sp_int128)a[ 2]) * b[ 2]
-                 + ((sp_int128)a[ 3]) * b[ 1]
-                 + ((sp_int128)a[ 4]) * b[ 0];
-    sp_int128 t5   = ((sp_int128)a[ 1]) * b[ 4]
-                 + ((sp_int128)a[ 2]) * b[ 3]
-                 + ((sp_int128)a[ 3]) * b[ 2]
-                 + ((sp_int128)a[ 4]) * b[ 1];
-    sp_int128 t6   = ((sp_int128)a[ 2]) * b[ 4]
-                 + ((sp_int128)a[ 3]) * b[ 3]
-                 + ((sp_int128)a[ 4]) * b[ 2];
-    sp_int128 t7   = ((sp_int128)a[ 3]) * b[ 4]
-                 + ((sp_int128)a[ 4]) * b[ 3];
-    sp_int128 t8   = ((sp_int128)a[ 4]) * b[ 4];
-
-    t1   += t0  >> 52; r[ 0] = (sp_digit)(t0  & 0xfffffffffffffL);
-    t2   += t1  >> 52; r[ 1] = (sp_digit)(t1  & 0xfffffffffffffL);
-    t3   += t2  >> 52; r[ 2] = (sp_digit)(t2  & 0xfffffffffffffL);
-    t4   += t3  >> 52; r[ 3] = (sp_digit)(t3  & 0xfffffffffffffL);
-    t5   += t4  >> 52; r[ 4] = (sp_digit)(t4  & 0xfffffffffffffL);
-    t6   += t5  >> 52; r[ 5] = (sp_digit)(t5  & 0xfffffffffffffL);
-    t7   += t6  >> 52; r[ 6] = (sp_digit)(t6  & 0xfffffffffffffL);
-    t8   += t7  >> 52; r[ 7] = (sp_digit)(t7  & 0xfffffffffffffL);
-    r[9] = (sp_digit)(t8 >> 52);
-                       r[8] = (sp_digit)(t8 & 0xfffffffffffffL);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_5(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[4]) * a[4];
-    r[9] = (sp_digit)(c >> 52);
-    c = (c & 0xfffffffffffffL) << 52;
-    for (k = 7; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 4) {
-            imax = k;
-        }
-        else {
-            imax = 4;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 104);
-        r[k + 1]  = (sp_digit)((c >> 52) & 0xfffffffffffffL);
-        c = (c & 0xfffffffffffffL) << 52;
-    }
-    r[0] = (sp_digit)(c >> 52);
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_5(sp_digit* r, const sp_digit* a)
-{
-    sp_int128 t0   =  ((sp_int128)a[ 0]) * a[ 0];
-    sp_int128 t1   = (((sp_int128)a[ 0]) * a[ 1]) * 2;
-    sp_int128 t2   = (((sp_int128)a[ 0]) * a[ 2]) * 2
-                 +  ((sp_int128)a[ 1]) * a[ 1];
-    sp_int128 t3   = (((sp_int128)a[ 0]) * a[ 3]
-                 +  ((sp_int128)a[ 1]) * a[ 2]) * 2;
-    sp_int128 t4   = (((sp_int128)a[ 0]) * a[ 4]
-                 +  ((sp_int128)a[ 1]) * a[ 3]) * 2
-                 +  ((sp_int128)a[ 2]) * a[ 2];
-    sp_int128 t5   = (((sp_int128)a[ 1]) * a[ 4]
-                 +  ((sp_int128)a[ 2]) * a[ 3]) * 2;
-    sp_int128 t6   = (((sp_int128)a[ 2]) * a[ 4]) * 2
-                 +  ((sp_int128)a[ 3]) * a[ 3];
-    sp_int128 t7   = (((sp_int128)a[ 3]) * a[ 4]) * 2;
-    sp_int128 t8   =  ((sp_int128)a[ 4]) * a[ 4];
-
-    t1   += t0  >> 52; r[ 0] = (sp_digit)(t0  & 0xfffffffffffffL);
-    t2   += t1  >> 52; r[ 1] = (sp_digit)(t1  & 0xfffffffffffffL);
-    t3   += t2  >> 52; r[ 2] = (sp_digit)(t2  & 0xfffffffffffffL);
-    t4   += t3  >> 52; r[ 3] = (sp_digit)(t3  & 0xfffffffffffffL);
-    t5   += t4  >> 52; r[ 4] = (sp_digit)(t4  & 0xfffffffffffffL);
-    t6   += t5  >> 52; r[ 5] = (sp_digit)(t5  & 0xfffffffffffffL);
-    t7   += t6  >> 52; r[ 6] = (sp_digit)(t6  & 0xfffffffffffffL);
-    t8   += t7  >> 52; r[ 7] = (sp_digit)(t7  & 0xfffffffffffffL);
-    r[9] = (sp_digit)(t8 >> 52);
-                       r[8] = (sp_digit)(t8 & 0xfffffffffffffL);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_add_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 5; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_add_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_sub_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 5; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_sub_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] - b[ 0];
-    r[ 1] = a[ 1] - b[ 1];
-    r[ 2] = a[ 2] - b[ 2];
-    r[ 3] = a[ 3] - b[ 3];
-    r[ 4] = a[ 4] - b[ 4];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 52
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 51);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 51);
-    }
-#elif DIGIT_BIT > 52
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xfffffffffffffL;
-        s = 52U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 52U) <= (word32)DIGIT_BIT) {
-            s += 52U;
-            r[j] &= 0xfffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 52) {
-            r[j] &= 0xfffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 52 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_5(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 5, pm->x);
-    sp_256_from_mp(p->y, 5, pm->y);
-    sp_256_from_mp(p->z, 5, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 52
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 5);
-        r->used = 5;
-        mp_clamp(r);
-#elif DIGIT_BIT < 52
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 5; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 52) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 52 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 5; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 52 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 52 - s;
-            }
-            else {
-                s += 52;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_5(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_256_cmp_5(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=4; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 51);
-    }
-#else
-    r |= (a[ 4] - b[ 4]) & (0 - (sp_digit)1);
-    r |= (a[ 3] - b[ 3]) & ~(((sp_digit)0 - r) >> 51);
-    r |= (a[ 2] - b[ 2]) & ~(((sp_digit)0 - r) >> 51);
-    r |= (a[ 1] - b[ 1]) & ~(((sp_digit)0 - r) >> 51);
-    r |= (a[ 0] - b[ 0]) & ~(((sp_digit)0 - r) >> 51);
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_256_cond_sub_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 5; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    r[ 0] = a[ 0] - (b[ 0] & m);
-    r[ 1] = a[ 1] - (b[ 1] & m);
-    r[ 2] = a[ 2] - (b[ 2] & m);
-    r[ 3] = a[ 3] - (b[ 3] & m);
-    r[ 4] = a[ 4] - (b[ 4] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_256_mul_add_5(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 4; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0xfffffffffffffL);
-        t[1] += t[0] >> 52;
-        r[i+1] = (sp_digit)(t[1] & 0xfffffffffffffL);
-        t[2] += t[1] >> 52;
-        r[i+2] = (sp_digit)(t[2] & 0xfffffffffffffL);
-        t[3] += t[2] >> 52;
-        r[i+3] = (sp_digit)(t[3] & 0xfffffffffffffL);
-        t[0]  = t[3] >> 52;
-    }
-    t[0] += (tb * a[4]) + r[4];
-    r[4] = (sp_digit)(t[0] & 0xfffffffffffffL);
-    r[5] +=  (sp_digit)(t[0] >> 52);
-#else
-    sp_int128 tb = b;
-    sp_int128 t[5];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    r[ 0] += (sp_digit)                 (t[ 0] & 0xfffffffffffffL);
-    r[ 1] += (sp_digit)((t[ 0] >> 52) + (t[ 1] & 0xfffffffffffffL));
-    r[ 2] += (sp_digit)((t[ 1] >> 52) + (t[ 2] & 0xfffffffffffffL));
-    r[ 3] += (sp_digit)((t[ 2] >> 52) + (t[ 3] & 0xfffffffffffffL));
-    r[ 4] += (sp_digit)((t[ 3] >> 52) + (t[ 4] & 0xfffffffffffffL));
-    r[ 5] += (sp_digit) (t[ 4] >> 52);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Normalize the values in each word to 52 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_256_norm_5(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 4; i++) {
-        a[i+1] += a[i] >> 52;
-        a[i] &= 0xfffffffffffffL;
-    }
-#else
-    a[1] += a[0] >> 52; a[0] &= 0xfffffffffffffL;
-    a[2] += a[1] >> 52; a[1] &= 0xfffffffffffffL;
-    a[3] += a[2] >> 52; a[2] &= 0xfffffffffffffL;
-    a[4] += a[3] >> 52; a[3] &= 0xfffffffffffffL;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 256 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_256_mont_shift_5(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_uint64 n;
-
-    n = a[4] >> 48;
-    for (i = 0; i < 4; i++) {
-        n += (sp_uint64)a[5 + i] << 4;
-        r[i] = (sp_digit)(n & 0xfffffffffffffL);
-        n >>= 52;
-    }
-    n += (sp_uint64)a[9] << 4;
-    r[4] = n;
-#else
-    sp_uint64 n;
-
-    n  = a[4] >> 48;
-    n += (sp_uint64)a[ 5] << 4U; r[ 0] = (sp_digit)(n & 0xfffffffffffffUL); n >>= 52U;
-    n += (sp_uint64)a[ 6] << 4U; r[ 1] = (sp_digit)(n & 0xfffffffffffffUL); n >>= 52U;
-    n += (sp_uint64)a[ 7] << 4U; r[ 2] = (sp_digit)(n & 0xfffffffffffffUL); n >>= 52U;
-    n += (sp_uint64)a[ 8] << 4U; r[ 3] = (sp_digit)(n & 0xfffffffffffffUL); n >>= 52U;
-    n += (sp_uint64)a[ 9] << 4U; r[ 4] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[5], 0, sizeof(*r) * 5U);
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_256_mont_reduce_order_5(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_256_norm_5(a + 5);
-
-    for (i=0; i<4; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xfffffffffffffL);
-        sp_256_mul_add_5(a+i, m, mu);
-        a[i+1] += a[i] >> 52;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0xffffffffffffL);
-    sp_256_mul_add_5(a+i, m, mu);
-    a[i+1] += a[i] >> 52;
-    a[i] &= 0xfffffffffffffL;
-    sp_256_mont_shift_5(a, a);
-    over = a[4] >> 48;
-    sp_256_cond_sub_5(a, a, m, ~((over - 1) >> 63));
-    sp_256_norm_5(a);
-}
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_int128 t;
-    sp_digit am;
-
-    (void)m;
-    (void)mp;
-
-    for (i = 0; i < 4; i++) {
-        am = (sp_digit)(a[i] & 0xfffffffffffffL);
-        /* Fifth word of modulus word */
-        t = am; t *= 0x0ffffffff0000L;
-
-        a[i + 1] += (sp_digit)((am << 44) & 0xfffffffffffffL);
-        a[i + 2] += am >> 8;
-        a[i + 3] += (sp_digit)((am << 36) & 0xfffffffffffffL);
-        a[i + 4] += (am >> 16) + (sp_digit)(t & 0xfffffffffffffL);
-        a[i + 5] +=  t >> 52;
-
-        a[i + 1] += a[i] >> 52;
-    }
-    am = (sp_digit)(a[4] & 0xffffffffffff);
-    /* Fifth word of modulus word */
-    t = am; t *= 0x0ffffffff0000L;
-
-    a[4 + 1] += (sp_digit)((am << 44) & 0xfffffffffffffL);
-    a[4 + 2] += am >> 8;
-    a[4 + 3] += (sp_digit)((am << 36) & 0xfffffffffffffL);
-    a[4 + 4] += (am >> 16) + (sp_digit)(t & 0xfffffffffffffL);
-    a[4 + 5] +=  t >> 52;
-
-    a[0] = (a[4] >> 48) + (sp_digit)((a[5] << 4) & 0xfffffffffffffL);
-    a[1] = (a[5] >> 48) + (sp_digit)((a[6] << 4) & 0xfffffffffffffL);
-    a[2] = (a[6] >> 48) + (sp_digit)((a[7] << 4) & 0xfffffffffffffL);
-    a[3] = (a[7] >> 48) + (sp_digit)((a[8] << 4) & 0xfffffffffffffL);
-    a[4] = (a[8] >> 48) +  (a[9] << 4);
-
-    a[1] += a[0] >> 52; a[0] &= 0xfffffffffffffL;
-    a[2] += a[1] >> 52; a[1] &= 0xfffffffffffffL;
-    a[3] += a[2] >> 52; a[2] &= 0xfffffffffffffL;
-    a[4] += a[3] >> 52; a[3] &= 0xfffffffffffffL;
-
-    /* Get the bit over, if any. */
-    am = a[4] >> 48;
-    /* Create mask. */
-    am = 0 - am;
-
-    a[0] -= (sp_digit)(0x000fffffffffffffL & am);
-    a[1] -= (sp_digit)(0x00000fffffffffffL & am);
-    /* p256_mod[2] is zero */
-    a[3] -= (sp_digit)(0x0000001000000000L & am);
-    a[4] -= (sp_digit)(0x0000ffffffff0000L & am);
-
-    a[1] += a[0] >> 52; a[0] &= 0xfffffffffffffL;
-    a[2] += a[1] >> 52; a[1] &= 0xfffffffffffffL;
-    a[3] += a[2] >> 52; a[2] &= 0xfffffffffffffL;
-    a[4] += a[3] >> 52; a[3] &= 0xfffffffffffffL;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mul_5(r, a, b);
-    sp_256_mont_reduce_5(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_256_sqr_5(r, a);
-    sp_256_mont_reduce_5(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_5(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_5(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_5(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word64 p256_mod_minus_2[4] = {
-    0xfffffffffffffffdU,0x00000000ffffffffU,0x0000000000000000U,
-    0xffffffff00000001U
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_5(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 5);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_5(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_256_mont_mul_5(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 5);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 5;
-    sp_digit* t3 = td + 4 * 5;
-    /* 0x2 */
-    sp_256_mont_sqr_5(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_5(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_5(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_5(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_5(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_5(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_5(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_5(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_5(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_5(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_5(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_5(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_5(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_5(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_5(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_5(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_5(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_5(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_5(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_5(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_5(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_5(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*5;
-    sp_int64 n;
-
-    sp_256_mont_inv_5(t1, p->z, t + 2*5);
-
-    sp_256_mont_sqr_5(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_5(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 5, 0, sizeof(sp_digit) * 5U);
-    sp_256_mont_reduce_5(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_5(r->x, p256_mod);
-    sp_256_cond_sub_5(r->x, r->x, p256_mod, (sp_digit)~(n >> 51));
-    sp_256_norm_5(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_5(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 5, 0, sizeof(sp_digit) * 5U);
-    sp_256_mont_reduce_5(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_5(r->y, p256_mod);
-    sp_256_cond_sub_5(r->y, r->y, p256_mod, (sp_digit)~(n >> 51));
-    sp_256_norm_5(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_add_5(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_256_add_5(r, a, b);
-    sp_256_norm_5(r);
-    over = r[4] >> 48;
-    sp_256_cond_sub_5(r, r, m, ~((over - 1) >> 63));
-    sp_256_norm_5(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_dbl_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_256_add_5(r, a, a);
-    sp_256_norm_5(r);
-    over = r[4] >> 48;
-    sp_256_cond_sub_5(r, r, m, ~((over - 1) >> 63));
-    sp_256_norm_5(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_tpl_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_256_add_5(r, a, a);
-    sp_256_norm_5(r);
-    over = r[4] >> 48;
-    sp_256_cond_sub_5(r, r, m, ~((over - 1) >> 63));
-    sp_256_norm_5(r);
-    (void)sp_256_add_5(r, r, a);
-    sp_256_norm_5(r);
-    over = r[4] >> 48;
-    sp_256_cond_sub_5(r, r, m, ~((over - 1) >> 63));
-    sp_256_norm_5(r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_256_cond_add_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 5; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_256_cond_add_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    r[ 0] = a[ 0] + (b[ 0] & m);
-    r[ 1] = a[ 1] + (b[ 1] & m);
-    r[ 2] = a[ 2] + (b[ 2] & m);
-    r[ 3] = a[ 3] + (b[ 3] & m);
-    r[ 4] = a[ 4] + (b[ 4] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_256_sub_5(r, a, b);
-    sp_256_norm_5(r);
-    sp_256_cond_add_5(r, r, m, r[4] >> 48);
-    sp_256_norm_5(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_256_rshift1_5(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<4; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 51) & 0xfffffffffffffL);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 51) & 0xfffffffffffffL);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 51) & 0xfffffffffffffL);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 51) & 0xfffffffffffffL);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 51) & 0xfffffffffffffL);
-#endif
-    r[4] = a[4] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_256_mont_div2_5(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_256_cond_add_5(r, a, m, 0 - (a[0] & 1));
-    sp_256_norm_5(r);
-    sp_256_rshift1_5(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_5(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*5;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_5(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_5(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_5(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_5(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_5(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_5(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_5(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_5(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_5(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_5(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_5(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_5(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_5(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_5(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_5(x, x, y, p256_mod);
-    /* Y = Y - X */
-    sp_256_mont_sub_5(y, y, x, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_5(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_5(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_5_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_5_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_5_ctx* ctx = (sp_256_proj_point_dbl_5_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_5_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*5;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_5(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_5(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_5(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_5(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_5(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_5(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_5(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_5(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_5(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_5(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_5(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_5(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_5(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_5(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_5(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_5(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_5(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_5(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_5(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_5(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_5(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*5;
-    sp_digit* t2 = t + 4*5;
-    sp_digit* t3 = t + 6*5;
-    sp_digit* t4 = t + 8*5;
-    sp_digit* t5 = t + 10*5;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_5(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_5(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_5(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_5(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_5(t2, t1) &
-            sp_256_cmp_equal_5(t4, t3)) {
-        sp_256_proj_point_dbl_5(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_5(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_5(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_5(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_5(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_5(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(x, x, t5, p256_mod);
-        sp_256_mont_mul_5(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_5(t3, y, p256_mod);
-        sp_256_mont_sub_5(x, x, t3, p256_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_5(y, y, x, p256_mod);
-        sp_256_mont_mul_5(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 5; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 5; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 5; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_5_ctx {
-    int state;
-    sp_256_proj_point_dbl_5_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_5_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_5_ctx* ctx = (sp_256_proj_point_add_5_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_5_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*5;
-        ctx->t2 = t + 4*5;
-        ctx->t3 = t + 6*5;
-        ctx->t4 = t + 8*5;
-        ctx->t5 = t + 10*5;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_5(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_5(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_5(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_5(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_5(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_5(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_5(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_5(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_5(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_5(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_5(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_5(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_5(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_5(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_5(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_5(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_5(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_5(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_5(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_5(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_5(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_256_mont_dbl_5(ctx->t3, ctx->y, p256_mod);
-        sp_256_mont_sub_5(ctx->x, ctx->x, ctx->t3, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_5(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_5(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_5(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 5; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 5; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 5; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mod_mul_norm_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 2 * 8);
-    int64_t* a32 = NULL;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 2 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        a32 = t + 8;
-
-        a32[0] = (sp_digit)(a[0]) & 0xffffffffL;
-        a32[1] = (sp_digit)(a[0] >> 32U);
-        a32[1] |= (sp_digit)(a[1] << 20U);
-        a32[1] &= 0xffffffffL;
-        a32[2] = (sp_digit)(a[1] >> 12U) & 0xffffffffL;
-        a32[3] = (sp_digit)(a[1] >> 44U);
-        a32[3] |= (sp_digit)(a[2] << 8U);
-        a32[3] &= 0xffffffffL;
-        a32[4] = (sp_digit)(a[2] >> 24U);
-        a32[4] |= (sp_digit)(a[3] << 28U);
-        a32[4] &= 0xffffffffL;
-        a32[5] = (sp_digit)(a[3] >> 4U) & 0xffffffffL;
-        a32[6] = (sp_digit)(a[3] >> 36U);
-        a32[6] |= (sp_digit)(a[4] << 16U);
-        a32[6] &= 0xffffffffL;
-        a32[7] = (sp_digit)(a[4] >> 16U) & 0xffffffffL;
-
-        /*  1  1  0 -1 -1 -1 -1  0 */
-        t[0] = 0 + a32[0] + a32[1] - a32[3] - a32[4] - a32[5] - a32[6];
-        /*  0  1  1  0 -1 -1 -1 -1 */
-        t[1] = 0 + a32[1] + a32[2] - a32[4] - a32[5] - a32[6] - a32[7];
-        /*  0  0  1  1  0 -1 -1 -1 */
-        t[2] = 0 + a32[2] + a32[3] - a32[5] - a32[6] - a32[7];
-        /* -1 -1  0  2  2  1  0 -1 */
-        t[3] = 0 - a32[0] - a32[1] + 2 * a32[3] + 2 * a32[4] + a32[5] - a32[7];
-        /*  0 -1 -1  0  2  2  1  0 */
-        t[4] = 0 - a32[1] - a32[2] + 2 * a32[4] + 2 * a32[5] + a32[6];
-        /*  0  0 -1 -1  0  2  2  1 */
-        t[5] = 0 - a32[2] - a32[3] + 2 * a32[5] + 2 * a32[6] + a32[7];
-        /* -1 -1  0  0  0  1  3  2 */
-        t[6] = 0 - a32[0] - a32[1] + a32[5] + 3 * a32[6] + 2 * a32[7];
-        /*  1  0 -1 -1 -1 -1  0  3 */
-        t[7] = 0 + a32[0] - a32[2] - a32[3] - a32[4] - a32[5] + 3 * a32[7];
-
-        t[1] += t[0] >> 32U; t[0] &= 0xffffffffL;
-        t[2] += t[1] >> 32U; t[1] &= 0xffffffffL;
-        t[3] += t[2] >> 32U; t[2] &= 0xffffffffL;
-        t[4] += t[3] >> 32U; t[3] &= 0xffffffffL;
-        t[5] += t[4] >> 32U; t[4] &= 0xffffffffL;
-        t[6] += t[5] >> 32U; t[5] &= 0xffffffffL;
-        t[7] += t[6] >> 32U; t[6] &= 0xffffffffL;
-        o     = t[7] >> 32U; t[7] &= 0xffffffffL;
-        t[0] += o;
-        t[3] -= o;
-        t[6] -= o;
-        t[7] += o;
-        t[1] += t[0] >> 32U; t[0] &= 0xffffffffL;
-        t[2] += t[1] >> 32U; t[1] &= 0xffffffffL;
-        t[3] += t[2] >> 32U; t[2] &= 0xffffffffL;
-        t[4] += t[3] >> 32U; t[3] &= 0xffffffffL;
-        t[5] += t[4] >> 32U; t[4] &= 0xffffffffL;
-        t[6] += t[5] >> 32U; t[5] &= 0xffffffffL;
-        t[7] += t[6] >> 32U; t[6] &= 0xffffffffL;
-
-        r[0] = t[0];
-        r[0] |= t[1] << 32U;
-        r[0] &= 0xfffffffffffffLL;
-        r[1] = (t[1] >> 20);
-        r[1] |= t[2] << 12U;
-        r[1] |= t[3] << 44U;
-        r[1] &= 0xfffffffffffffLL;
-        r[2] = (t[3] >> 8);
-        r[2] |= t[4] << 24U;
-        r[2] &= 0xfffffffffffffLL;
-        r[3] = (t[4] >> 28);
-        r[3] |= t[5] << 4U;
-        r[3] |= t[6] << 36U;
-        r[3] &= 0xfffffffffffffLL;
-        r[4] = (t[6] >> 16);
-        r[4] |= t[7] << 16U;
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 256 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 5 * 6);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 5 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_256) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_5(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_5(t[1].y, g->y, p256_mod);
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_5(t[1].z, g->z, p256_mod);
-
-    if (err == MP_OKAY) {
-        i = 4;
-        c = 48;
-        n = k[i--] << (52 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 52;
-            }
-
-            y = (n >> 51) & 1;
-            n <<= 1;
-
-            sp_256_proj_point_add_5(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_256));
-            sp_256_proj_point_dbl_5(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_256));
-        }
-
-        if (map != 0) {
-            sp_256_map_5(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 5 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_ecc_mulmod_5_ctx {
-    int state;
-    union {
-        sp_256_proj_point_dbl_5_ctx dbl_ctx;
-        sp_256_proj_point_add_5_ctx add_ctx;
-    };
-    sp_point_256 t[3];
-    sp_digit tmp[2 * 5 * 6];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_256_ecc_mulmod_5_ctx;
-
-static int sp_256_ecc_mulmod_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_ecc_mulmod_5_ctx* ctx = (sp_256_ecc_mulmod_5_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_ecc_mulmod_5_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_256) * 3);
-        ctx->i = 4;
-        ctx->c = 48;
-        ctx->n = k[ctx->i--] << (52 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_5(ctx->t[1].x, g->x, p256_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_256_mod_mul_norm_5(ctx->t[1].y, g->y, p256_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_256_mod_mul_norm_5(ctx->t[1].z, g->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 52;
-        }
-        ctx->y = (ctx->n >> 51) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_256_proj_point_add_5_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_256));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_256_proj_point_dbl_5_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_256));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_256_map_5(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_256));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[5];
-    sp_digit y[5];
-} sp_table_entry_256;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_256_cond_copy_5(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[5];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 5; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 5; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*5;
-    sp_digit* b = t + 4*5;
-    sp_digit* t1 = t + 6*5;
-    sp_digit* t2 = t + 8*5;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_5(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_5(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_5(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_5(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_5(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_5(t2, b, p256_mod);
-        sp_256_mont_sub_5(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_5(t2, b, x, p256_mod);
-        sp_256_mont_dbl_5(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_5(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_5(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_5(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_5(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_5(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_5(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_5(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_dbl_5(t2, b, p256_mod);
-    sp_256_mont_sub_5(x, x, t2, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_sub_5(t2, b, x, p256_mod);
-    sp_256_mont_dbl_5(b, t2, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_5(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_5(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_5(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_5(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_5(y, y, p256_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
-        const sp_point_256* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*5;
-    sp_digit* b = t + 4*5;
-    sp_digit* t1 = t + 6*5;
-    sp_digit* t2 = t + 8*5;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<5; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<5; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<5; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_5(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_5(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_5(w, w, p256_mod, p256_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_5(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_5(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_5(t2, b, p256_mod);
-        sp_256_mont_sub_5(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_5(t2, b, x, p256_mod);
-        sp_256_mont_dbl_5(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_5(r[j].z, z, y, p256_mod, p256_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_5(t1, t1, p256_mod, p256_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_5(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_5(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(y, y, t1, p256_mod);
-        /* Y = Y/2 */
-        sp_256_mont_div2_5(r[j].y, y, p256_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_256_proj_point_add_sub_5(sp_point_256* ra,
-        sp_point_256* rs, const sp_point_256* p, const sp_point_256* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*5;
-    sp_digit* t3 = t + 4*5;
-    sp_digit* t4 = t + 6*5;
-    sp_digit* t5 = t + 8*5;
-    sp_digit* t6 = t + 10*5;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_5(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t1, t1, xa, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_5(t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t4, t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_5(t3, t3, ya, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_5(t4, t4, q->y, p256_mod, p256_mp_mod);
-    /* H = U2 - U1 */
-    sp_256_mont_sub_5(t2, t2, t1, p256_mod);
-    /* RS = S2 + S1 */
-    sp_256_mont_add_5(t6, t4, t3, p256_mod);
-    /* R = S2 - S1 */
-    sp_256_mont_sub_5(t4, t4, t3, p256_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_256_mont_mul_5(za, za, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(za, za, t2, p256_mod, p256_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_256_mont_sqr_5(xa, t4, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_5(xs, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_5(t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(ya, t1, t5, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t5, t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_5(xa, xa, t5, p256_mod);
-    sp_256_mont_sub_5(xs, xs, t5, p256_mod);
-    sp_256_mont_dbl_5(t1, ya, p256_mod);
-    sp_256_mont_sub_5(xa, xa, t1, p256_mod);
-    sp_256_mont_sub_5(xs, xs, t1, p256_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_5(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_5(ya, ya, xa, p256_mod);
-    sp_256_mont_mul_5(ya, ya, t4, p256_mod, p256_mp_mod);
-    sp_256_sub_5(t6, p256_mod, t6);
-    sp_256_mont_mul_5(ys, ys, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t5, t5, t3, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_5(ya, ya, t5, p256_mod);
-    sp_256_mont_sub_5(ys, ys, t5, p256_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_256 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_256;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_5_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_5_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<43; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 52) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 52) {
-            n >>= 6;
-            if (++j < 5)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 5) {
-            n = k[j];
-            y |= (word8)((n << (52 - o)) & 0x3f);
-            o -= 46;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_5_6[y];
-        v[i].neg = recode_neg_5_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_point_33_5(sp_point_256* r, const sp_point_256* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 5 * 6);
-    sp_point_256* rt = NULL;
-    sp_point_256* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_256 v[43];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 5 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_5(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_5(t[1].y, g->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_5(t[1].z, g->z, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_256_proj_point_dbl_n_store_5(t, &t[ 1], 5, 1, tmp);
-        sp_256_proj_point_add_5(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[ 6], &t[ 3], tmp);
-        sp_256_proj_point_add_sub_5(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[10], &t[ 5], tmp);
-        sp_256_proj_point_add_sub_5(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[12], &t[ 6], tmp);
-        sp_256_proj_point_dbl_5(&t[14], &t[ 7], tmp);
-        sp_256_proj_point_add_sub_5(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[18], &t[ 9], tmp);
-        sp_256_proj_point_add_sub_5(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[20], &t[10], tmp);
-        sp_256_proj_point_dbl_5(&t[22], &t[11], tmp);
-        sp_256_proj_point_add_sub_5(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[24], &t[12], tmp);
-        sp_256_proj_point_dbl_5(&t[26], &t[13], tmp);
-        sp_256_proj_point_add_sub_5(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_256_proj_point_dbl_5(&t[28], &t[14], tmp);
-        sp_256_proj_point_dbl_5(&t[30], &t[15], tmp);
-        sp_256_proj_point_add_sub_5(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_256_ecc_recode_6_5(k, v);
-
-        i = 42;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_33_5(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_256));
-        }
-        for (--i; i>=0; i--) {
-            sp_256_proj_point_dbl_n_5(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_33_5(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_256));
-            }
-            sp_256_sub_5(negy, p256_mod, p->y);
-            sp_256_norm_5(negy);
-            sp_256_cond_copy_5(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_256_proj_point_add_5(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_256_map_5(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*5;
-    sp_digit* t6 = t + 4*5;
-    sp_digit* t1 = t + 6*5;
-    sp_digit* t4 = t + 8*5;
-    sp_digit* t5 = t + 10*5;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_5(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_5(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_5(p->x, t2) &
-            sp_256_cmp_equal_5(p->y, t4)) {
-        sp_256_proj_point_dbl_5(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_5(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_5(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_5(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_5(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_5(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(t2, t2, t1, p256_mod);
-        sp_256_mont_dbl_5(t5, t3, p256_mod);
-        sp_256_mont_sub_5(x, t2, t5, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_5(t3, t3, x, p256_mod);
-        sp_256_mont_mul_5(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 5; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 5; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 5; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_5(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 5;
-    sp_digit* tmp = t + 4 * 5;
-
-    sp_256_mont_inv_5(t1, a->z, tmp);
-
-    sp_256_mont_sqr_5(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_5(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_5(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 32 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_5(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_5(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_5(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_5(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_5(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_5(t, 32, tmp);
-            sp_256_proj_to_affine_5(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_5(t, s1, s2, tmp);
-                sp_256_proj_to_affine_5(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_256_5(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_5(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 5 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 5 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 31;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 52] >> (x % 52)) & 1) << j);
-            x += 32;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_256_5(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 52] >> (x % 52)) & 1) << j);
-                x += 32;
-            }
-
-            sp_256_proj_point_dbl_5(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_256_5(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_5(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_5(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[5];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[5];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_5(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_5(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_win_add_sub_5(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 5 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 5 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_5(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_win_add_sub_5(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_5(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 5);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 5, km);
-        sp_256_point_from_ecc_point_5(point, gm);
-
-            err = sp_256_ecc_mulmod_5(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_5(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 5 + 5 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 5 + 5 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 5;
-
-        sp_256_from_mp(k, 5, km);
-        sp_256_point_from_ecc_point_5(point, gm);
-        sp_256_point_from_ecc_point_5(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_5(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_5(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_5(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_5(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_5(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_5(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_5(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_5(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_256_ecc_mulmod_5(r, &p256_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_256_ecc_mulmod_base_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_256_ecc_mulmod_5_nb(sp_ctx, r, &p256_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 32 between points.
- */
-static const sp_table_entry_256 p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x730d418a9143cL,0xfc5fedb60179eL,0x762251075ba95L,0x55c679fb732b7L,
-        0x018905f76a537L },
-      { 0x25357ce95560aL,0xe4ba19e45cddfL,0xd21f3258b4ab8L,0x5d85d2e88688dL,
-        0x08571ff182588L } },
-    /* 2 */
-    { { 0x886024147519aL,0xac26b372f0202L,0x785ebc8d0981eL,0x58e9a9d4a7caaL,
-        0x0d953c50ddbdfL },
-      { 0x361ccfd590f8fL,0x6b44e6c9179d6L,0x2eb64cf72e962L,0x88f37fd961102L,
-        0x0863ebb7e9eb2L } },
-    /* 3 */
-    { { 0x6b6235cdb6485L,0xa22f0a2f97785L,0xf7e300b808f0eL,0x80a03e68d9544L,
-        0x000076055b5ffL },
-      { 0x4eb9b838d2010L,0xbb3243708a763L,0x42a660654014fL,0x3ee0e0e47d398L,
-        0x0830877613437L } },
-    /* 4 */
-    { { 0x22fc516a0d2bbL,0x6c1a6234994f9L,0x7c62c8b0d5cc1L,0x667f9241cf3a5L,
-        0x02f5e6961fd1bL },
-      { 0x5c70bf5a01797L,0x4d609561925c1L,0x71fdb523d20b4L,0x0f7b04911b370L,
-        0x0f648f9168d6fL } },
-    /* 5 */
-    { { 0x66847e137bbbcL,0x9e8a6a0bec9e5L,0x9d73463e43446L,0x0015b1c427617L,
-        0x05abe0285133dL },
-      { 0xa837cc04c7dabL,0x4c43260c0792aL,0x8e6cc37573d9fL,0x73830c9315627L,
-        0x094bb725b6b6fL } },
-    /* 6 */
-    { { 0x9b48f720f141cL,0xcd2df5bc74bbfL,0x11045c46199b3L,0xc4efdc3f61294L,
-        0x0cdd6bbcb2f7dL },
-      { 0x6700beaf436fdL,0x6db99326beccaL,0x14f25226f647fL,0xe5f60c0fa7920L,
-        0x0a361bebd4bdaL } },
-    /* 7 */
-    { { 0xa2558597c13c7L,0x5f50b7c3e128aL,0x3c09d1dc38d63L,0x292c07039aecfL,
-        0x0ba12ca09c4b5L },
-      { 0x08fa459f91dfdL,0x66ceea07fb9e4L,0xd780b293af43bL,0xef4b1eceb0899L,
-        0x053ebb99d701fL } },
-    /* 8 */
-    { { 0x7ee31b0e63d34L,0x72a9e54fab4feL,0x5e7b5a4f46005L,0x4831c0493334dL,
-        0x08589fb9206d5L },
-      { 0x0f5cc6583553aL,0x4ae25649e5aa7L,0x0044652087909L,0x1c4fcc9045071L,
-        0x0ebb0696d0254L } },
-    /* 9 */
-    { { 0x6ca15ac1647c5L,0x47c4cf5799461L,0x64dfbacb8127dL,0x7da3dc666aa37L,
-        0x0eb2820cbd1b2L },
-      { 0x6f8d86a87e008L,0x9d922378f3940L,0x0ccecb2d87dfaL,0xda1d56ed2e428L,
-        0x01f28289b55a7L } },
-    /* 10 */
-    { { 0xaa0c03b89da99L,0x9eb8284022abbL,0x81c05e8a6f2d7L,0x4d6327847862bL,
-        0x0337a4b5905e5L },
-      { 0x7500d21f7794aL,0xb77d6d7f613c6L,0x4cfd6e8207005L,0xfbd60a5a37810L,
-        0x00d65e0d5f4c2L } },
-    /* 11 */
-    { { 0x09bbeb5275d38L,0x450be0a358d9dL,0x73eb2654268a7L,0xa232f0762ff49L,
-        0x0c23da24252f4L },
-      { 0x1b84f0b94520cL,0x63b05bd78e5daL,0x4d29ea1096667L,0xcff13a4dcb869L,
-        0x019de3b8cc790L } },
-    /* 12 */
-    { { 0xa716c26c5fe04L,0x0b3bba1bdb183L,0x4cb712c3b28deL,0xcbfd7432c586aL,
-        0x0e34dcbd491fcL },
-      { 0x8d46baaa58403L,0x8682e97a53b40L,0x6aaa8af9a6974L,0x0f7f9e3901273L,
-        0x0e7641f447b4eL } },
-    /* 13 */
-    { { 0x53941df64ba59L,0xec0b0242fc7d7L,0x1581859d33f10L,0x57bf4f06dfc6aL,
-        0x04a12df57052aL },
-      { 0x6338f9439dbd0L,0xd4bde53e1fbfaL,0x1f1b314d3c24bL,0xea46fd5e4ffa2L,
-        0x06af5aa93bb5bL } },
-    /* 14 */
-    { { 0x0b69910c91999L,0x402a580491da1L,0x8cc20900a24b4L,0x40133e0094b4bL,
-        0x05fe3475a66a4L },
-      { 0x8cabdf93e7b4bL,0x1a7c23f91ab0fL,0xd1e6263292b50L,0xa91642e889aecL,
-        0x0b544e308ecfeL } },
-    /* 15 */
-    { { 0x8c6e916ddfdceL,0x66f89179e6647L,0xd4e67e12c3291L,0xc20b4e8d6e764L,
-        0x0e0b6b2bda6b0L },
-      { 0x12df2bb7efb57L,0xde790c40070d3L,0x79bc9441aac0dL,0x3774f90336ad6L,
-        0x071c023de25a6L } },
-    /* 16 */
-    { { 0x8c244bfe20925L,0xc38fdce86762aL,0xd38706391c19aL,0x24f65a96a5d5dL,
-        0x061d587d421d3L },
-      { 0x673a2a37173eaL,0x0853778b65e87L,0x5bab43e238480L,0xefbe10f8441e0L,
-        0x0fa11fe124621L } },
-    /* 17 */
-    { { 0x91f2b2cb19ffdL,0x5bb1923c231c8L,0xac5ca8e01ba8dL,0xbedcb6d03d678L,
-        0x0586eb04c1f13L },
-      { 0x5c6e527e8ed09L,0x3c1819ede20c3L,0x6c652fa1e81a3L,0x4f11278fd6c05L,
-        0x019d5ac087086L } },
-    /* 18 */
-    { { 0x9f581309a4e1fL,0x1be92700741e9L,0xfd28d20ab7de7L,0x563f26a5ef0beL,
-        0x0e7c0073f7f9cL },
-      { 0xd663a0ef59f76L,0x5420fcb0501f6L,0xa6602d4669b3bL,0x3c0ac08c1f7a7L,
-        0x0e08504fec65bL } },
-    /* 19 */
-    { { 0x8f68da031b3caL,0x9ee6da6d66f09L,0x4f246e86d1cabL,0x96b45bfd81fa9L,
-        0x078f018825b09L },
-      { 0xefde43a25787fL,0x0d1dccac9bb7eL,0x35bfc368016f8L,0x747a0cea4877bL,
-        0x043a773b87e94L } },
-    /* 20 */
-    { { 0x77734d2b533d5L,0xf6a1bdddc0625L,0x79ec293673b8aL,0x66b1577e7c9aaL,
-        0x0bb6de651c3b2L },
-      { 0x9303ab65259b3L,0xd3d03a7480e7eL,0xb3cfc27d6a0afL,0xb99bc5ac83d19L,
-        0x060b4619a5d18L } },
-    /* 21 */
-    { { 0xa38e11ae5aa1cL,0x2b49e73658bd6L,0xe5f87edb8b765L,0xffcd0b130014eL,
-        0x09d0f27b2aeebL },
-      { 0x246317a730a55L,0x2fddbbc83aca9L,0xc019a719c955bL,0xc48d07c1dfe0aL,
-        0x0244a566d356eL } },
-    /* 22 */
-    { { 0x0394aeacf1f96L,0xa9024c271c6dbL,0x2cbd3b99f2122L,0xef692626ac1b8L,
-        0x045e58c873581L },
-      { 0xf479da38f9dbcL,0x46e888a040d3fL,0x6e0bed7a8aaf1L,0xb7a4945adfb24L,
-        0x0c040e21cc1e4L } },
-    /* 23 */
-    { { 0xaf0006f8117b6L,0xff73a35433847L,0xd9475eb651969L,0x6ec7482b35761L,
-        0x01cdf5c97682cL },
-      { 0x775b411f04839L,0xf448de16987dbL,0x70b32197dbeacL,0xff3db2921dd1bL,
-        0x0046755f8a92dL } },
-    /* 24 */
-    { { 0xac5d2bce8ffcdL,0x8b2fe61a82cc8L,0x202d6c70d53c4L,0xa5f3f6f161727L,
-        0x0046e5e113b83L },
-      { 0x8ff64d8007f01L,0x125af43183e7bL,0x5e1a03c7fb1efL,0x005b045c5ea63L,
-        0x06e0106c3303dL } },
-    /* 25 */
-    { { 0x7358488dd73b1L,0x8f995ed0d948cL,0x56a2ab7767070L,0xcf1f38385ea8cL,
-        0x0442594ede901L },
-      { 0xaa2c912d4b65bL,0x3b96c90c37f8fL,0xe978d1f94c234L,0xe68ed326e4a15L,
-        0x0a796fa514c2eL } },
-    /* 26 */
-    { { 0xfb604823addd7L,0x83e56693b3359L,0xcbf3c809e2a61L,0x66e9f885b78e3L,
-        0x0e4ad2da9c697L },
-      { 0xf7f428e048a61L,0x8cc092d9a0357L,0x03ed8ef082d19L,0x5143fc3a1af4cL,
-        0x0c5e94046c37bL } },
-    /* 27 */
-    { { 0xa538c2be75f9eL,0xe8cb123a78476L,0x109c04b6fd1a9L,0x4747d85e4df0bL,
-        0x063283dafdb46L },
-      { 0x28cf7baf2df15L,0x550ad9a7f4ce7L,0x834bcc3e592c4L,0xa938fab226adeL,
-        0x068bd19ab1981L } },
-    /* 28 */
-    { { 0xead511887d659L,0xf4b359305ac08L,0xfe74fe33374d5L,0xdfd696986981cL,
-        0x0495292f53c6fL },
-      { 0x78c9e1acec896L,0x10ec5b44844a8L,0x64d60a7d964b2L,0x68376696f7e26L,
-        0x00ec7530d2603L } },
-    /* 29 */
-    { { 0x13a05ad2687bbL,0x6af32e21fa2daL,0xdd4607ba1f83bL,0x3f0b390f5ef51L,
-        0x00f6207a66486L },
-      { 0x7e3bb0f138233L,0x6c272aa718bd6L,0x6ec88aedd66b9L,0x6dcf8ed004072L,
-        0x0ff0db07208edL } },
-    /* 30 */
-    { { 0xfa1014c95d553L,0xfd5d680a8a749L,0xf3b566fa44052L,0x0ea3183b4317fL,
-        0x0313b513c8874L },
-      { 0x2e2ac08d11549L,0x0bb4dee21cb40L,0x7f2320e071ee1L,0x9f8126b987dd4L,
-        0x02d3abcf986f1L } },
-    /* 31 */
-    { { 0x88501815581a2L,0x56632211af4c2L,0xcab2e999a0a6dL,0x8cdf19ba7a0f0L,
-        0x0c036fa10ded9L },
-      { 0xe08bac1fbd009L,0x9006d1581629aL,0xb9e0d8f0b68b1L,0x0194c2eb32779L,
-        0x0a6b2a2c4b6d4L } },
-    /* 32 */
-    { { 0x3e50f6d3549cfL,0x6ffacd665ed43L,0xe11fcb46f3369L,0x9860695bfdaccL,
-        0x0810ee252af7cL },
-      { 0x50fe17159bb2cL,0xbe758b357b654L,0x69fea72f7dfbeL,0x17452b057e74dL,
-        0x0d485717a9273L } },
-    /* 33 */
-    { { 0x41a8af0cb5a98L,0x931f3110bf117L,0xb382adfd3da8fL,0x604e1994e2cbaL,
-        0x06a6045a72f9aL },
-      { 0xc0d3fa2b2411dL,0x3e510e96e0170L,0x865b3ccbe0eb8L,0x57903bcc9f738L,
-        0x0d3e45cfaf9e1L } },
-    /* 34 */
-    { { 0xf69bbe83f7669L,0x8272877d6bce1L,0x244278d09f8aeL,0xc19c9548ae543L,
-        0x0207755dee3c2L },
-      { 0xd61d96fef1945L,0xefb12d28c387bL,0x2df64aa18813cL,0xb00d9fbcd1d67L,
-        0x048dc5ee57154L } },
-    /* 35 */
-    { { 0x790bff7e5a199L,0xcf989ccbb7123L,0xa519c79e0efb8L,0xf445c27a2bfe0L,
-        0x0f2fb0aeddff6L },
-      { 0x09575f0b5025fL,0xd740fa9f2241cL,0x80bfbd0550543L,0xd5258fa3c8ad3L,
-        0x0a13e9015db28L } },
-    /* 36 */
-    { { 0x7a350a2b65cbcL,0x722a464226f9fL,0x23f07a10b04b9L,0x526f265ce241eL,
-        0x02bf0d6b01497L },
-      { 0x4dd3f4b216fb7L,0x67fbdda26ad3dL,0x708505cf7d7b8L,0xe89faeb7b83f6L,
-        0x042a94a5a162fL } },
-    /* 37 */
-    { { 0x6ad0beaadf191L,0x9025a268d7584L,0x94dc1f60f8a48L,0xde3de86030504L,
-        0x02c2dd969c65eL },
-      { 0x2171d93849c17L,0xba1da250dd6d0L,0xc3a5485460488L,0x6dbc4810c7063L,
-        0x0f437fa1f42c5L } },
-    /* 38 */
-    { { 0x0d7144a0f7dabL,0x931776e9ac6aaL,0x5f397860f0497L,0x7aa852c0a050fL,
-        0x0aaf45b335470L },
-      { 0x37c33c18d364aL,0x063e49716585eL,0x5ec5444d40b9bL,0x72bcf41716811L,
-        0x0cdf6310df4f2L } },
-    /* 39 */
-    { { 0x3c6238ea8b7efL,0x1885bc2287747L,0xbda8e3408e935L,0x2ff2419567722L,
-        0x0f0d008bada9eL },
-      { 0x2671d2414d3b1L,0x85b019ea76291L,0x53bcbdbb37549L,0x7b8b5c61b96d4L,
-        0x05bd5c2f5ca88L } },
-    /* 40 */
-    { { 0xf469ef49a3154L,0x956e2b2e9aef0L,0xa924a9c3e85a5L,0x471945aaec1eaL,
-        0x0aa12dfc8a09eL },
-      { 0x272274df69f1dL,0x2ca2ff5e7326fL,0x7a9dd44e0e4c8L,0xa901b9d8ce73bL,
-        0x06c036e73e48cL } },
-    /* 41 */
-    { { 0xae12a0f6e3138L,0x0025ad345a5cfL,0x5672bc56966efL,0xbe248993c64b4L,
-        0x0292ff65896afL },
-      { 0x50d445e213402L,0x274392c9fed52L,0xa1c72e8f6580eL,0x7276097b397fdL,
-        0x0644e0c90311bL } },
-    /* 42 */
-    { { 0x421e1a47153f0L,0x79920418c9e1eL,0x05d7672b86c3bL,0x9a7793bdce877L,
-        0x0f25ae793cab7L },
-      { 0x194a36d869d0cL,0x824986c2641f3L,0x96e945e9d55c8L,0x0a3e49fb5ea30L,
-        0x039b8e65313dbL } },
-    /* 43 */
-    { { 0x54200b6fd2e59L,0x669255c98f377L,0xe2a573935e2c0L,0xdb06d9dab21a0L,
-        0x039122f2f0f19L },
-      { 0xce1e003cad53cL,0x0fe65c17e3cfbL,0xaa13877225b2cL,0xff8d72baf1d29L,
-        0x08de80af8ce80L } },
-    /* 44 */
-    { { 0xea8d9207bbb76L,0x7c21782758afbL,0xc0436b1921c7eL,0x8c04dfa2b74b1L,
-        0x0871949062e36L },
-      { 0x928bba3993df5L,0xb5f3b3d26ab5fL,0x5b55050639d75L,0xfde1011aa78a8L,
-        0x0fc315e6a5b74L } },
-    /* 45 */
-    { { 0xfd41ae8d6ecfaL,0xf61aec7f86561L,0x924741d5f8c44L,0x908898452a7b4L,
-        0x0e6d4a7adee38L },
-      { 0x52ed14593c75dL,0xa4dd271162605L,0xba2c7db70a70dL,0xae57d2aede937L,
-        0x035dfaf9a9be2L } },
-    /* 46 */
-    { { 0x56fcdaa736636L,0x97ae2cab7e6b9L,0xf34996609f51dL,0x0d2bfb10bf410L,
-        0x01da5c7d71c83L },
-      { 0x1e4833cce6825L,0x8ff9573c3b5c4L,0x23036b815ad11L,0xb9d6a28552c7fL,
-        0x07077c0fddbf4L } },
-    /* 47 */
-    { { 0x3ff8d46b9661cL,0x6b0d2cfd71bf6L,0x847f8f7a1dfd3L,0xfe440373e140aL,
-        0x053a8632ee50eL },
-      { 0x6ff68696d8051L,0x95c74f468a097L,0xe4e26bddaec0cL,0xfcc162994dc35L,
-        0x0028ca76d34e1L } },
-    /* 48 */
-    { { 0xd47dcfc9877eeL,0x10801d0002d11L,0x4c260b6c8b362L,0xf046d002c1175L,
-        0x004c17cd86962L },
-      { 0xbd094b0daddf5L,0x7524ce55c06d9L,0x2da03b5bea235L,0x7474663356e67L,
-        0x0f7ba4de9fed9L } },
-    /* 49 */
-    { { 0xbfa34ebe1263fL,0x3571ae7ce6d0dL,0x2a6f523557637L,0x1c41d24405538L,
-        0x0e31f96005213L },
-      { 0xb9216ea6b6ec6L,0x2e73c2fc44d1bL,0x9d0a29437a1d1L,0xd47bc10e7eac8L,
-        0x0aa3a6259ce34L } },
-    /* 50 */
-    { { 0xf9df536f3dcd3L,0x50d2bf7360fbcL,0xf504f5b6cededL,0xdaee491710fadL,
-        0x02398dd627e79L },
-      { 0x705a36d09569eL,0xbb5149f769cf4L,0x5f6034cea0619L,0x6210ff9c03773L,
-        0x05717f5b21c04L } },
-    /* 51 */
-    { { 0x229c921dd895eL,0x0040c284519feL,0xd637ecd8e5185L,0x28defa13d2391L,
-        0x0660a2c560e3cL },
-      { 0xa88aed67fcbd0L,0x780ea9f0969ccL,0x2e92b4dc84724L,0x245332b2f4817L,
-        0x0624ee54c4f52L } },
-    /* 52 */
-    { { 0x49ce4d897ecccL,0xd93f9880aa095L,0x43a7c204d49d1L,0xfbc0723c24230L,
-        0x04f392afb92bdL },
-      { 0x9f8fa7de44fd9L,0xe457b32156696L,0x68ebc3cb66cfbL,0x399cdb2fa8033L,
-        0x08a3e7977ccdbL } },
-    /* 53 */
-    { { 0x1881f06c4b125L,0x00f6e3ca8cddeL,0xc7a13e9ae34e3L,0x4404ef6999de5L,
-        0x03888d02370c2L },
-      { 0x8035644f91081L,0x615f015504762L,0x32cd36e3d9fcfL,0x23361827edc86L,
-        0x0a5e62e471810L } },
-    /* 54 */
-    { { 0x25ee32facd6c8L,0x5454bcbc661a8L,0x8df9931699c63L,0x5adc0ce3edf79L,
-        0x02c4768e6466aL },
-      { 0x6ff8c90a64bc9L,0x20e4779f5cb34L,0xc05e884630a60L,0x52a0d949d064bL,
-        0x07b5e6441f9e6L } },
-    /* 55 */
-    { { 0x9422c1d28444aL,0xd8be136a39216L,0xb0c7fcee996c5L,0x744a2387afe5fL,
-        0x0b8af73cb0c8dL },
-      { 0xe83aa338b86fdL,0x58a58a5cff5fdL,0x0ac9433fee3f1L,0x0895c9ee8f6f2L,
-        0x0a036395f7f3fL } },
-    /* 56 */
-    { { 0x3c6bba10f7770L,0x81a12a0e248c7L,0x1bc2b9fa6f16dL,0xb533100df6825L,
-        0x04be36b01875fL },
-      { 0x6086e9fb56dbbL,0x8b07e7a4f8922L,0x6d52f20306fefL,0x00c0eeaccc056L,
-        0x08cbc9a871bdcL } },
-    /* 57 */
-    { { 0x1895cc0dac4abL,0x40712ff112e13L,0xa1cee57a874a4L,0x35f86332ae7c6L,
-        0x044e7553e0c08L },
-      { 0x03fff7734002dL,0x8b0b34425c6d5L,0xe8738b59d35cbL,0xfc1895f702760L,
-        0x0470a683a5eb8L } },
-    /* 58 */
-    { { 0x761dc90513482L,0x2a01e9276a81bL,0xce73083028720L,0xc6efcda441ee0L,
-        0x016410690c63dL },
-      { 0x34a066d06a2edL,0x45189b100bf50L,0xb8218c9dd4d77L,0xbb4fd914ae72aL,
-        0x0d73479fd7abcL } },
-    /* 59 */
-    { { 0xefb165ad4c6e5L,0x8f5b06d04d7edL,0x575cb14262cf0L,0x666b12ed5bb18L,
-        0x0816469e30771L },
-      { 0xb9d79561e291eL,0x22c1de1661d7aL,0x35e0513eb9dafL,0x3f9cf49827eb1L,
-        0x00a36dd23f0ddL } },
-    /* 60 */
-    { { 0xd32c741d5533cL,0x9e8684628f098L,0x349bd117c5f5aL,0xb11839a228adeL,
-        0x0e331dfd6fdbaL },
-      { 0x0ab686bcc6ed8L,0xbdef7a260e510L,0xce850d77160c3L,0x33899063d9a7bL,
-        0x0d3b4782a492eL } },
-    /* 61 */
-    { { 0x9b6e8f3821f90L,0xed66eb7aada14L,0xa01311692edd9L,0xa5bd0bb669531L,
-        0x07281275a4c86L },
-      { 0x858f7d3ff47e5L,0xbc61016441503L,0xdfd9bb15e1616L,0x505962b0f11a7L,
-        0x02c062e7ece14L } },
-    /* 62 */
-    { { 0xf996f0159ac2eL,0x36cbdb2713a76L,0x8e46047281e77L,0x7ef12ad6d2880L,
-        0x0282a35f92c4eL },
-      { 0x54b1ec0ce5cd2L,0xc91379c2299c3L,0xe82c11ecf99efL,0x2abd992caf383L,
-        0x0c71cd513554dL } },
-    /* 63 */
-    { { 0x5de9c09b578f4L,0x58e3affa7a488L,0x9182f1f1884e2L,0xf3a38f76b1b75L,
-        0x0c50f6740cf47L },
-      { 0x4adf3374b68eaL,0x2369965fe2a9cL,0x5a53050a406f3L,0x58dc2f86a2228L,
-        0x0b9ecb3a72129L } },
-    /* 64 */
-    { { 0x8410ef4f8b16aL,0xfec47b266a56fL,0xd9c87c197241aL,0xab1b0a406b8e6L,
-        0x0803f3e02cd42L },
-      { 0x309a804dbec69L,0xf73bbad05f7f0L,0xd8e197fa83b85L,0xadc1c6097273aL,
-        0x0c097440e5067L } },
-    /* 65 */
-    { { 0xa56f2c379ab34L,0x8b841df8d1846L,0x76c68efa8ee06L,0x1f30203144591L,
-        0x0f1af32d5915fL },
-      { 0x375315d75bd50L,0xbaf72f67bc99cL,0x8d7723f837cffL,0x1c8b0613a4184L,
-        0x023d0f130e2d4L } },
-    /* 66 */
-    { { 0xab6edf41500d9L,0xe5fcbeada8857L,0x97259510d890aL,0xfadd52fe86488L,
-        0x0b0288dd6c0a3L },
-      { 0x20f30650bcb08L,0x13695d6e16853L,0x989aa7671af63L,0xc8d231f520a7bL,
-        0x0ffd3724ff408L } },
-    /* 67 */
-    { { 0x68e64b458e6cbL,0x20317a5d28539L,0xaa75f56992dadL,0x26df3814ae0b7L,
-        0x0f5590f4ad78cL },
-      { 0x24bd3cf0ba55aL,0x4a0c778bae0fcL,0x83b674a0fc472L,0x4a201ce9864f6L,
-        0x018d6da54f6f7L } },
-    /* 68 */
-    { { 0x3e225d5be5a2bL,0x835934f3c6ed9L,0x2626ffc6fe799L,0x216a431409262L,
-        0x050bbb4d97990L },
-      { 0x191c6e57ec63eL,0x40181dcdb2378L,0x236e0f665422cL,0x49c341a8099b0L,
-        0x02b10011801feL } },
-    /* 69 */
-    { { 0x8b5c59b391593L,0xa2598270fcfc6L,0x19adcbbc385f5L,0xae0c7144f3aadL,
-        0x0dd55899983fbL },
-      { 0x88b8e74b82ff4L,0x4071e734c993bL,0x3c0322ad2e03cL,0x60419a7a9eaf4L,
-        0x0e6e4c551149dL } },
-    /* 70 */
-    { { 0x655bb1e9af288L,0x64f7ada93155fL,0xb2820e5647e1aL,0x56ff43697e4bcL,
-        0x051e00db107edL },
-      { 0x169b8771c327eL,0x0b4a96c2ad43dL,0xdeb477929cdb2L,0x9177c07d51f53L,
-        0x0e22f42414982L } },
-    /* 71 */
-    { { 0x5e8f4635f1abbL,0xb568538874cd4L,0x5a8034d7edc0cL,0x48c9c9472c1fbL,
-        0x0f709373d52dcL },
-      { 0x966bba8af30d6L,0x4af137b69c401L,0x361c47e95bf5fL,0x5b113966162a9L,
-        0x0bd52d288e727L } },
-    /* 72 */
-    { { 0x55c7a9c5fa877L,0x727d3a3d48ab1L,0x3d189d817dad6L,0x77a643f43f9e7L,
-        0x0a0d0f8e4c8aaL },
-      { 0xeafd8cc94f92dL,0xbe0c4ddb3a0bbL,0x82eba14d818c8L,0x6a0022cc65f8bL,
-        0x0a56c78c7946dL } },
-    /* 73 */
-    { { 0x2391b0dd09529L,0xa63daddfcf296L,0xb5bf481803e0eL,0x367a2c77351f5L,
-        0x0d8befdf8731aL },
-      { 0x19d42fc0157f4L,0xd7fec8e650ab9L,0x2d48b0af51caeL,0x6478cdf9cb400L,
-        0x0854a68a5ce9fL } },
-    /* 74 */
-    { { 0x5f67b63506ea5L,0x89a4fe0d66dc3L,0xe95cd4d9286c4L,0x6a953f101d3bfL,
-        0x05cacea0b9884L },
-      { 0xdf60c9ceac44dL,0xf4354d1c3aa90L,0xd5dbabe3db29aL,0xefa908dd3de8aL,
-        0x0e4982d1235e4L } },
-    /* 75 */
-    { { 0x04a22c34cd55eL,0xb32680d132231L,0xfa1d94358695bL,0x0499fb345afa1L,
-        0x08046b7f616b2L },
-      { 0x3581e38e7d098L,0x8df46f0b70b53L,0x4cb78c4d7f61eL,0xaf5530dea9ea4L,
-        0x0eb17ca7b9082L } },
-    /* 76 */
-    { { 0x1b59876a145b9L,0x0fc1bc71ec175L,0x92715bba5cf6bL,0xe131d3e035653L,
-        0x0097b00bafab5L },
-      { 0x6c8e9565f69e1L,0x5ab5be5199aa6L,0xa4fd98477e8f7L,0xcc9e6033ba11dL,
-        0x0f95c747bafdbL } },
-    /* 77 */
-    { { 0xf01d3bebae45eL,0xf0c4bc6955558L,0xbc64fc6a8ebe9L,0xd837aeb705b1dL,
-        0x03512601e566eL },
-      { 0x6f1e1fa1161cdL,0xd54c65ef87933L,0x24f21e5328ab8L,0xab6b4757eee27L,
-        0x00ef971236068L } },
-    /* 78 */
-    { { 0x98cf754ca4226L,0x38f8642c8e025L,0x68e17905eede1L,0xbc9548963f744L,
-        0x0fc16d9333b4fL },
-      { 0x6fb31e7c800caL,0x312678adaabe9L,0xff3e8b5138063L,0x7a173d6244976L,
-        0x014ca4af1b95dL } },
-    /* 79 */
-    { { 0x771babd2f81d5L,0x6901f7d1967a4L,0xad9c9071a5f9dL,0x231dd898bef7cL,
-        0x04057b063f59cL },
-      { 0xd82fe89c05c0aL,0x6f1dc0df85bffL,0x35a16dbe4911cL,0x0b133befccaeaL,
-        0x01c3b5d64f133L } },
-    /* 80 */
-    { { 0x14bfe80ec21feL,0x6ac255be825feL,0xf4a5d67f6ce11L,0x63af98bc5a072L,
-        0x0fad27148db7eL },
-      { 0x0b6ac29ab05b3L,0x3c4e251ae690cL,0x2aade7d37a9a8L,0x1a840a7dc875cL,
-        0x077387de39f0eL } },
-    /* 81 */
-    { { 0xecc49a56c0dd7L,0xd846086c741e9L,0x505aecea5cffcL,0xc47e8f7a1408fL,
-        0x0b37b85c0bef0L },
-      { 0x6b6e4cc0e6a8fL,0xbf6b388f23359L,0x39cef4efd6d4bL,0x28d5aba453facL,
-        0x09c135ac8f9f6L } },
-    /* 82 */
-    { { 0xa320284e35743L,0xb185a3cdef32aL,0xdf19819320d6aL,0x851fb821b1761L,
-        0x05721361fc433L },
-      { 0xdb36a71fc9168L,0x735e5c403c1f0L,0x7bcd8f55f98baL,0x11bdf64ca87e3L,
-        0x0dcbac3c9e6bbL } },
-    /* 83 */
-    { { 0xd99684518cbe2L,0x189c9eb04ef01L,0x47feebfd242fcL,0x6862727663c7eL,
-        0x0b8c1c89e2d62L },
-      { 0x58bddc8e1d569L,0xc8b7d88cd051aL,0x11f31eb563809L,0x22d426c27fd9fL,
-        0x05d23bbda2f94L } },
-    /* 84 */
-    { { 0xc729495c8f8beL,0x803bf362bf0a1L,0xf63d4ac2961c4L,0xe9009e418403dL,
-        0x0c109f9cb91ecL },
-      { 0x095d058945705L,0x96ddeb85c0c2dL,0xa40449bb9083dL,0x1ee184692b8d7L,
-        0x09bc3344f2eeeL } },
-    /* 85 */
-    { { 0xae35642913074L,0x2748a542b10d5L,0x310732a55491bL,0x4cc1469ca665bL,
-        0x029591d525f1aL },
-      { 0xf5b6bb84f983fL,0x419f5f84e1e76L,0x0baa189be7eefL,0x332c1200d4968L,
-        0x06376551f18efL } },
-    /* 86 */
-    { { 0x5f14e562976ccL,0xe60ef12c38bdaL,0xcca985222bca3L,0x987abbfa30646L,
-        0x0bdb79dc808e2L },
-      { 0xcb5c9cb06a772L,0xaafe536dcefd2L,0xc2b5db838f475L,0xc14ac2a3e0227L,
-        0x08ee86001add3L } },
-    /* 87 */
-    { { 0x96981a4ade873L,0x4dc4fba48ccbeL,0xa054ba57ee9aaL,0xaa4b2cee28995L,
-        0x092e51d7a6f77L },
-      { 0xbafa87190a34dL,0x5bf6bd1ed1948L,0xcaf1144d698f7L,0xaaaad00ee6e30L,
-        0x05182f86f0a56L } },
-    /* 88 */
-    { { 0x6212c7a4cc99cL,0x683e6d9ca1fbaL,0xac98c5aff609bL,0xa6f25dbb27cb5L,
-        0x091dcab5d4073L },
-      { 0x6cc3d5f575a70L,0x396f8d87fa01bL,0x99817360cb361L,0x4f2b165d4e8c8L,
-        0x017a0cedb9797L } },
-    /* 89 */
-    { { 0x61e2a076c8d3aL,0x39210f924b388L,0x3a835d9701aadL,0xdf4194d0eae41L,
-        0x02e8ce36c7f4cL },
-      { 0x73dab037a862bL,0xb760e4c8fa912L,0x3baf2dd01ba9bL,0x68f3f96453883L,
-        0x0f4ccc6cb34f6L } },
-    /* 90 */
-    { { 0xf525cf1f79687L,0x9592efa81544eL,0x5c78d297c5954L,0xf3c9e1231741aL,
-        0x0ac0db4889a0dL },
-      { 0xfc711df01747fL,0x58ef17df1386bL,0xccb6bb5592b93L,0x74a2e5880e4f5L,
-        0x095a64a6194c9L } },
-    /* 91 */
-    { { 0x1efdac15a4c93L,0x738258514172cL,0x6cb0bad40269bL,0x06776a8dfb1c1L,
-        0x0231e54ba2921L },
-      { 0xdf9178ae6d2dcL,0x3f39112918a70L,0xe5b72234d6aa6L,0x31e1f627726b5L,
-        0x0ab0be032d8a7L } },
-    /* 92 */
-    { { 0xad0e98d131f2dL,0xe33b04f101097L,0x5e9a748637f09L,0xa6791ac86196dL,
-        0x0f1bcc8802cf6L },
-      { 0x69140e8daacb4L,0x5560f6500925cL,0x77937a63c4e40L,0xb271591cc8fc4L,
-        0x0851694695aebL } },
-    /* 93 */
-    { { 0x5c143f1dcf593L,0x29b018be3bde3L,0xbdd9d3d78202bL,0x55d8e9cdadc29L,
-        0x08f67d9d2daadL },
-      { 0x116567481ea5fL,0xe9e34c590c841L,0x5053fa8e7d2ddL,0x8b5dffdd43f40L,
-        0x0f84572b9c072L } },
-    /* 94 */
-    { { 0xa7a7197af71c9L,0x447a7365655e1L,0xe1d5063a14494L,0x2c19a1b4ae070L,
-        0x0edee2710616bL },
-      { 0x034f511734121L,0x554a25e9f0b2fL,0x40c2ecf1cac6eL,0xd7f48dc148f3aL,
-        0x09fd27e9b44ebL } },
-    /* 95 */
-    { { 0x7658af6e2cb16L,0x2cfe5919b63ccL,0x68d5583e3eb7dL,0xf3875a8c58161L,
-        0x0a40c2fb6958fL },
-      { 0xec560fedcc158L,0xc655f230568c9L,0xa307e127ad804L,0xdecfd93967049L,
-        0x099bc9bb87dc6L } },
-    /* 96 */
-    { { 0x9521d927dafc6L,0x695c09cd1984aL,0x9366dde52c1fbL,0x7e649d9581a0fL,
-        0x09abe210ba16dL },
-      { 0xaf84a48915220L,0x6a4dd816c6480L,0x681ca5afa7317L,0x44b0c7d539871L,
-        0x07881c25787f3L } },
-    /* 97 */
-    { { 0x99b51e0bcf3ffL,0xc5127f74f6933L,0xd01d9680d02cbL,0x89408fb465a2dL,
-        0x015e6e319a30eL },
-      { 0xd6e0d3e0e05f4L,0xdc43588404646L,0x4f850d3fad7bdL,0x72cebe61c7d1cL,
-        0x00e55facf1911L } },
-    /* 98 */
-    { { 0xd9806f8787564L,0x2131e85ce67e9L,0x819e8d61a3317L,0x65776b0158cabL,
-        0x0d73d09766fe9L },
-      { 0x834251eb7206eL,0x0fc618bb42424L,0xe30a520a51929L,0xa50b5dcbb8595L,
-        0x09250a3748f15L } },
-    /* 99 */
-    { { 0xf08f8be577410L,0x035077a8c6cafL,0xc0a63a4fd408aL,0x8c0bf1f63289eL,
-        0x077414082c1ccL },
-      { 0x40fa6eb0991cdL,0x6649fdc29605aL,0x324fd40c1ca08L,0x20b93a68a3c7bL,
-        0x08cb04f4d12ebL } },
-    /* 100 */
-    { { 0x2d0556906171cL,0xcdb0240c3fb1cL,0x89068419073e9L,0x3b51db8e6b4fdL,
-        0x0e4e429ef4712L },
-      { 0xdd53c38ec36f4L,0x01ff4b6a270b8L,0x79a9a48f9d2dcL,0x65525d066e078L,
-        0x037bca2ff3c6eL } },
-    /* 101 */
-    { { 0x2e3c7df562470L,0xa2c0964ac94cdL,0x0c793be44f272L,0xb22a7c6d5df98L,
-        0x059913edc3002L },
-      { 0x39a835750592aL,0x80e783de027a1L,0xa05d64f99e01dL,0xe226cf8c0375eL,
-        0x043786e4ab013L } },
-    /* 102 */
-    { { 0x2b0ed9e56b5a6L,0xa6d9fc68f9ff3L,0x97846a70750d9L,0x9e7aec15e8455L,
-        0x08638ca98b7e7L },
-      { 0xae0960afc24b2L,0xaf4dace8f22f5L,0xecba78f05398eL,0xa6f03b765dd0aL,
-        0x01ecdd36a7b3aL } },
-    /* 103 */
-    { { 0xacd626c5ff2f3L,0xc02873a9785d3L,0x2110d54a2d516L,0xf32dad94c9fadL,
-        0x0d85d0f85d459L },
-      { 0x00b8d10b11da3L,0x30a78318c49f7L,0x208decdd2c22cL,0x3c62556988f49L,
-        0x0a04f19c3b4edL } },
-    /* 104 */
-    { { 0x924c8ed7f93bdL,0x5d392f51f6087L,0x21b71afcb64acL,0x50b07cae330a8L,
-        0x092b2eeea5c09L },
-      { 0xc4c9485b6e235L,0xa92936c0f085aL,0x0508891ab2ca4L,0x276c80faa6b3eL,
-        0x01ee782215834L } },
-    /* 105 */
-    { { 0xa2e00e63e79f7L,0xb2f399d906a60L,0x607c09df590e7L,0xe1509021054a6L,
-        0x0f3f2ced857a6L },
-      { 0x510f3f10d9b55L,0xacd8642648200L,0x8bd0e7c9d2fcfL,0xe210e5631aa7eL,
-        0x00f56a4543da3L } },
-    /* 106 */
-    { { 0x1bffa1043e0dfL,0xcc9c007e6d5b2L,0x4a8517a6c74b6L,0xe2631a656ec0dL,
-        0x0bd8f17411969L },
-      { 0xbbb86beb7494aL,0x6f45f3b8388a9L,0x4e5a79a1567d4L,0xfa09df7a12a7aL,
-        0x02d1a1c3530ccL } },
-    /* 107 */
-    { { 0xe3813506508daL,0xc4a1d795a7192L,0xa9944b3336180L,0xba46cddb59497L,
-        0x0a107a65eb91fL },
-      { 0x1d1c50f94d639L,0x758a58b7d7e6dL,0xd37ca1c8b4af3L,0x9af21a7c5584bL,
-        0x0183d760af87aL } },
-    /* 108 */
-    { { 0x697110dde59a4L,0x070e8bef8729dL,0xf2ebe78f1ad8dL,0xd754229b49634L,
-        0x01d44179dc269L },
-      { 0xdc0cf8390d30eL,0x530de8110cb32L,0xbc0339a0a3b27L,0xd26231af1dc52L,
-        0x0771f9cc29606L } },
-    /* 109 */
-    { { 0x93e7785040739L,0xb98026a939999L,0x5f8fc2644539dL,0x718ecf40f6f2fL,
-        0x064427a310362L },
-      { 0xf2d8785428aa8L,0x3febfb49a84f4L,0x23d01ac7b7adcL,0x0d6d201b2c6dfL,
-        0x049d9b7496ae9L } },
-    /* 110 */
-    { { 0x8d8bc435d1099L,0x4e8e8d1a08cc7L,0xcb68a412adbcdL,0x544502c2e2a02L,
-        0x09037d81b3f60L },
-      { 0xbac27074c7b61L,0xab57bfd72e7cdL,0x96d5352fe2031L,0x639c61ccec965L,
-        0x008c3de6a7cc0L } },
-    /* 111 */
-    { { 0xdd020f6d552abL,0x9805cd81f120fL,0x135129156baffL,0x6b2f06fb7c3e9L,
-        0x0c69094424579L },
-      { 0x3ae9c41231bd1L,0x875cc5820517bL,0x9d6a1221eac6eL,0x3ac0208837abfL,
-        0x03fa3db02cafeL } },
-    /* 112 */
-    { { 0xa3e6505058880L,0xef643943f2d75L,0xab249257da365L,0x08ff4147861cfL,
-        0x0c5c4bdb0fdb8L },
-      { 0x13e34b272b56bL,0x9511b9043a735L,0x8844969c8327eL,0xb6b5fd8ce37dfL,
-        0x02d56db9446c2L } },
-    /* 113 */
-    { { 0x1782fff46ac6bL,0x2607a2e425246L,0x9a48de1d19f79L,0xba42fafea3c40L,
-        0x00f56bd9de503L },
-      { 0xd4ed1345cda49L,0xfc816f299d137L,0xeb43402821158L,0xb5f1e7c6a54aaL,
-        0x04003bb9d1173L } },
-    /* 114 */
-    { { 0xe8189a0803387L,0xf539cbd4043b8L,0x2877f21ece115L,0x2f9e4297208ddL,
-        0x053765522a07fL },
-      { 0x80a21a8a4182dL,0x7a3219df79a49L,0xa19a2d4a2bbd0L,0x4549674d0a2e1L,
-        0x07a056f586c5dL } },
-    /* 115 */
-    { { 0xb25589d8a2a47L,0x48c3df2773646L,0xbf0d5395b5829L,0x267551ec000eaL,
-        0x077d482f17a1aL },
-      { 0x1bd9587853948L,0xbd6cfbffeeb8aL,0x0681e47a6f817L,0xb0e4ab6ec0578L,
-        0x04115012b2b38L } },
-    /* 116 */
-    { { 0x3f0f46de28cedL,0x609b13ec473c7L,0xe5c63921d5da7L,0x094661b8ce9e6L,
-        0x0cdf04572fbeaL },
-      { 0x3c58b6c53c3b0L,0x10447b843c1cbL,0xcb9780e97fe3cL,0x3109fb2b8ae12L,
-        0x0ee703dda9738L } },
-    /* 117 */
-    { { 0x15140ff57e43aL,0xd3b1b811b8345L,0xf42b986d44660L,0xce212b3b5dff8L,
-        0x02a0ad89da162L },
-      { 0x4a6946bc277baL,0x54c141c27664eL,0xabf6274c788c9L,0x4659141aa64ccL,
-        0x0d62d0b67ac2bL } },
-    /* 118 */
-    { { 0x5d87b2c054ac4L,0x59f27df78839cL,0x18128d6570058L,0x2426edf7cbf3bL,
-        0x0b39a23f2991cL },
-      { 0x84a15f0b16ae5L,0xb1a136f51b952L,0x27007830c6a05L,0x4cc51d63c137fL,
-        0x004ed0092c067L } },
-    /* 119 */
-    { { 0x185d19ae90393L,0x294a3d64e61f4L,0x854fc143047b4L,0xc387ae0001a69L,
-        0x0a0a91fc10177L },
-      { 0xa3f01ae2c831eL,0x822b727e16ff0L,0xa3075b4bb76aeL,0x0c418f12c8a15L,
-        0x0084cf9889ed2L } },
-    /* 120 */
-    { { 0x509defca6becfL,0x807dffb328d98L,0x778e8b92fceaeL,0xf77e5d8a15c44L,
-        0x0d57955b273abL },
-      { 0xda79e31b5d4f1L,0x4b3cfa7a1c210L,0xc27c20baa52f0L,0x41f1d4d12089dL,
-        0x08e14ea4202d1L } },
-    /* 121 */
-    { { 0x50345f2897042L,0x1f43402c4aeedL,0x8bdfb218d0533L,0xd158c8d9c194cL,
-        0x0597e1a372aa4L },
-      { 0x7ec1acf0bd68cL,0xdcab024945032L,0x9fe3e846d4be0L,0x4dea5b9c8d7acL,
-        0x0ca3f0236199bL } },
-    /* 122 */
-    { { 0xa10b56170bd20L,0xf16d3f5de7592L,0x4b2ade20ea897L,0x07e4a3363ff14L,
-        0x0bde7fd7e309cL },
-      { 0xbb6d2b8f5432cL,0xcbe043444b516L,0x8f95b5a210dc1L,0xd1983db01e6ffL,
-        0x0b623ad0e0a7dL } },
-    /* 123 */
-    { { 0xbd67560c7b65bL,0x9023a4a289a75L,0x7b26795ab8c55L,0x137bf8220fd0dL,
-        0x0d6aa2e4658ecL },
-      { 0xbc00b5138bb85L,0x21d833a95c10aL,0x702a32e8c31d1L,0x513ab24ff00b1L,
-        0x0111662e02dccL } },
-    /* 124 */
-    { { 0x14015efb42b87L,0x701b6c4dff781L,0x7d7c129bd9f5dL,0x50f866ecccd7aL,
-        0x0db3ee1cb94b7L },
-      { 0xf3db0f34837cfL,0x8bb9578d4fb26L,0xc56657de7eed1L,0x6a595d2cdf937L,
-        0x0886a64425220L } },
-    /* 125 */
-    { { 0x34cfb65b569eaL,0x41f72119c13c2L,0x15a619e200111L,0x17bc8badc85daL,
-        0x0a70cf4eb018aL },
-      { 0xf97ae8c4a6a65L,0x270134378f224L,0xf7e096036e5cfL,0x7b77be3a609e4L,
-        0x0aa4772abd174L } },
-    /* 126 */
-    { { 0x761317aa60cc0L,0x610368115f676L,0xbc1bb5ac79163L,0xf974ded98bb4bL,
-        0x0611a6ddc30faL },
-      { 0x78cbcc15ee47aL,0x824e0d96a530eL,0xdd9ed882e8962L,0x9c8836f35adf3L,
-        0x05cfffaf81642L } },
-    /* 127 */
-    { { 0x54cff9b7a99cdL,0x9d843c45a1c0dL,0x2c739e17bf3b9L,0x994c038a908f6L,
-        0x06e5a6b237dc1L },
-      { 0xb454e0ba5db77L,0x7facf60d63ef8L,0x6608378b7b880L,0xabcce591c0c67L,
-        0x0481a238d242dL } },
-    /* 128 */
-    { { 0x17bc035d0b34aL,0x6b8327c0a7e34L,0xc0362d1440b38L,0xf9438fb7262daL,
-        0x02c41114ce0cdL },
-      { 0x5cef1ad95a0b1L,0xa867d543622baL,0x1e486c9c09b37L,0x929726d6cdd20L,
-        0x020477abf42ffL } },
-    /* 129 */
-    { { 0x5173c18d65dbfL,0x0e339edad82f7L,0xcf1001c77bf94L,0x96b67022d26bdL,
-        0x0ac66409ac773L },
-      { 0xbb36fc6261cc3L,0xc9190e7e908b0L,0x45e6c10213f7bL,0x2f856541cebaaL,
-        0x0ce8e6975cc12L } },
-    /* 130 */
-    { { 0x21b41bc0a67d2L,0x0a444d248a0f1L,0x59b473762d476L,0xb4a80e044f1d6L,
-        0x008fde365250bL },
-      { 0xec3da848bf287L,0x82d3369d6eaceL,0x2449482c2a621L,0x6cd73582dfdc9L,
-        0x02f7e2fd2565dL } },
-    /* 131 */
-    { { 0xb92dbc3770fa7L,0x5c379043f9ae4L,0x7761171095e8dL,0x02ae54f34e9d1L,
-        0x0c65be92e9077L },
-      { 0x8a303f6fd0a40L,0xe3bcce784b275L,0xf9767bfe7d822L,0x3b3a7ae4f5854L,
-        0x04bff8e47d119L } },
-    /* 132 */
-    { { 0x1d21f00ff1480L,0x7d0754db16cd4L,0xbe0f3ea2ab8fbL,0x967dac81d2efbL,
-        0x03e4e4ae65772L },
-      { 0x8f36d3c5303e6L,0x4b922623977e1L,0x324c3c03bd999L,0x60289ed70e261L,
-        0x05388aefd58ecL } },
-    /* 133 */
-    { { 0x317eb5e5d7713L,0xee75de49daad1L,0x74fb26109b985L,0xbe0e32f5bc4fcL,
-        0x05cf908d14f75L },
-      { 0x435108e657b12L,0xa5b96ed9e6760L,0x970ccc2bfd421L,0x0ce20e29f51f8L,
-        0x0a698ba4060f0L } },
-    /* 134 */
-    { { 0xb1686ef748fecL,0xa27e9d2cf973dL,0xe265effe6e755L,0xad8d630b6544cL,
-        0x0b142ef8a7aebL },
-      { 0x1af9f17d5770aL,0x672cb3412fad3L,0xf3359de66af3bL,0x50756bd60d1bdL,
-        0x0d1896a965851L } },
-    /* 135 */
-    { { 0x957ab33c41c08L,0xac5468e2e1ec5L,0xc472f6c87de94L,0xda3918816b73aL,
-        0x0267b0e0b7981L },
-      { 0x54e5d8e62b988L,0x55116d21e76e5L,0xd2a6f99d8ddc7L,0x93934610faf03L,
-        0x0b54e287aa111L } },
-    /* 136 */
-    { { 0x122b5178a876bL,0xff085104b40a0L,0x4f29f7651ff96L,0xd4e6050b31ab1L,
-        0x084abb28b5f87L },
-      { 0xd439f8270790aL,0x9d85e3f46bd5eL,0xc1e22122d6cb5L,0x564075f55c1b6L,
-        0x0e5436f671765L } },
-    /* 137 */
-    { { 0x9025e2286e8d5L,0xb4864453be53fL,0x408e3a0353c95L,0xe99ed832f5bdeL,
-        0x00404f68b5b9cL },
-      { 0x33bdea781e8e5L,0x18163c2f5bcadL,0x119caa33cdf50L,0xc701575769600L,
-        0x03a4263df0ac1L } },
-    /* 138 */
-    { { 0x65ecc9aeb596dL,0xe7023c92b4c29L,0xe01396101ea03L,0xa3674704b4b62L,
-        0x00ca8fd3f905eL },
-      { 0x23a42551b2b61L,0x9c390fcd06925L,0x392a63e1eb7a8L,0x0c33e7f1d2be0L,
-        0x096dca2644ddbL } },
-    /* 139 */
-    { { 0xbb43a387510afL,0xa8a9a36a01203L,0xf950378846feaL,0x59dcd23a57702L,
-        0x04363e2123aadL },
-      { 0x3a1c740246a47L,0xd2e55dd24dca4L,0xd8faf96b362b8L,0x98c4f9b086045L,
-        0x0840e115cd8bbL } },
-    /* 140 */
-    { { 0x205e21023e8a7L,0xcdd8dc7a0bf12L,0x63a5ddfc808a8L,0xd6d4e292a2721L,
-        0x05e0d6abd30deL },
-      { 0x721c27cfc0f64L,0x1d0e55ed8807aL,0xd1f9db242eec0L,0xa25a26a7bef91L,
-        0x07dea48f42945L } },
-    /* 141 */
-    { { 0xf6f1ce5060a81L,0x72f8f95615abdL,0x6ac268be79f9cL,0x16d1cfd36c540L,
-        0x0abc2a2beebfdL },
-      { 0x66f91d3e2eac7L,0x63d2dd04668acL,0x282d31b6f10baL,0xefc16790e3770L,
-        0x04ea353946c7eL } },
-    /* 142 */
-    { { 0xa2f8d5266309dL,0xc081945a3eed8L,0x78c5dc10a51c6L,0xffc3cecaf45a5L,
-        0x03a76e6891c94L },
-      { 0xce8a47d7b0d0fL,0x968f584a5f9aaL,0xe697fbe963aceL,0x646451a30c724L,
-        0x08212a10a465eL } },
-    /* 143 */
-    { { 0xc61c3cfab8caaL,0x840e142390ef7L,0xe9733ca18eb8eL,0xb164cd1dff677L,
-        0x0aa7cab71599cL },
-      { 0xc9273bc837bd1L,0xd0c36af5d702fL,0x423da49c06407L,0x17c317621292fL,
-        0x040e38073fe06L } },
-    /* 144 */
-    { { 0x80824a7bf9b7cL,0x203fbe30d0f4fL,0x7cf9ce3365d23L,0x5526bfbe53209L,
-        0x0e3604700b305L },
-      { 0xb99116cc6c2c7L,0x08ba4cbee64dcL,0x37ad9ec726837L,0xe15fdcded4346L,
-        0x06542d677a3deL } },
-    /* 145 */
-    { { 0x2b6d07b6c377aL,0x47903448be3f3L,0x0da8af76cb038L,0x6f21d6fdd3a82L,
-        0x0a6534aee09bbL },
-      { 0x1780d1035facfL,0x339dcb47e630aL,0x447f39335e55aL,0xef226ea50fe1cL,
-        0x0f3cb672fdc9aL } },
-    /* 146 */
-    { { 0x719fe3b55fd83L,0x6c875ddd10eb3L,0x5cea784e0d7a4L,0x70e733ac9fa90L,
-        0x07cafaa2eaae8L },
-      { 0x14d041d53b338L,0xa0ef87e6c69b8L,0x1672b0fe0acc0L,0x522efb93d1081L,
-        0x00aab13c1b9bdL } },
-    /* 147 */
-    { { 0xce278d2681297L,0xb1b509546addcL,0x661aaf2cb350eL,0x12e92dc431737L,
-        0x04b91a6028470L },
-      { 0xf109572f8ddcfL,0x1e9a911af4dcfL,0x372430e08ebf6L,0x1cab48f4360acL,
-        0x049534c537232L } },
-    /* 148 */
-    { { 0xf7d71f07b7e9dL,0xa313cd516f83dL,0xc047ee3a478efL,0xc5ee78ef264b6L,
-        0x0caf46c4fd65aL },
-      { 0xd0c7792aa8266L,0x66913684bba04L,0xe4b16b0edf454L,0x770f56e65168aL,
-        0x014ce9e5704c6L } },
-    /* 149 */
-    { { 0x45e3e965e8f91L,0xbacb0f2492994L,0x0c8a0a0d3aca1L,0x9a71d31cc70f9L,
-        0x01bb708a53e4cL },
-      { 0xa9e69558bdd7aL,0x08018a26b1d5cL,0xc9cf1ec734a05L,0x0102b093aa714L,
-        0x0f9d126f2da30L } },
-    /* 150 */
-    { { 0xbca7aaff9563eL,0xfeb49914a0749L,0xf5f1671dd077aL,0xcc69e27a0311bL,
-        0x0807afcb9729eL },
-      { 0xa9337c9b08b77L,0x85443c7e387f8L,0x76fd8ba86c3a7L,0xcd8c85fafa594L,
-        0x0751adcd16568L } },
-    /* 151 */
-    { { 0xa38b410715c0dL,0x718f7697f78aeL,0x3fbf06dd113eaL,0x743f665eab149L,
-        0x029ec44682537L },
-      { 0x4719cb50bebbcL,0xbfe45054223d9L,0xd2dedb1399ee5L,0x077d90cd5b3a8L,
-        0x0ff9370e392a4L } },
-    /* 152 */
-    { { 0x2d69bc6b75b65L,0xd5266651c559aL,0xde9d7d24188f8L,0xd01a28a9f33e3L,
-        0x09776478ba2a9L },
-      { 0x2622d929af2c7L,0x6d4e690923885L,0x89a51e9334f5dL,0x82face6cc7e5aL,
-        0x074a6313fac2fL } },
-    /* 153 */
-    { { 0x4dfddb75f079cL,0x9518e36fbbb2fL,0x7cd36dd85b07cL,0x863d1b6cfcf0eL,
-        0x0ab75be150ff4L },
-      { 0x367c0173fc9b7L,0x20d2594fd081bL,0x4091236b90a74L,0x59f615fdbf03cL,
-        0x04ebeac2e0b44L } },
-    /* 154 */
-    { { 0xc5fe75c9f2c53L,0x118eae9411eb6L,0x95ac5d8d25220L,0xaffcc8887633fL,
-        0x0df99887b2c1bL },
-      { 0x8eed2850aaecbL,0x1b01d6a272bb7L,0x1cdbcac9d4918L,0x4058978dd511bL,
-        0x027b040a7779fL } },
-    /* 155 */
-    { { 0x05db7f73b2eb2L,0x088e1b2118904L,0x962327ee0df85L,0xa3f5501b71525L,
-        0x0b393dd37e4cfL },
-      { 0x30e7b3fd75165L,0xc2bcd33554a12L,0xf7b5022d66344L,0x34196c36f1be0L,
-        0x009588c12d046L } },
-    /* 156 */
-    { { 0x6093f02601c3bL,0xf8cf5c335fe08L,0x94aff28fb0252L,0x648b955cf2808L,
-        0x081c879a9db9fL },
-      { 0xe687cc6f56c51L,0x693f17618c040L,0x059353bfed471L,0x1bc444f88a419L,
-        0x0fa0d48f55fc1L } },
-    /* 157 */
-    { { 0xe1c9de1608e4dL,0x113582822cbc6L,0x57ec2d7010ddaL,0x67d6f6b7ddc11L,
-        0x08ea0e156b6a3L },
-      { 0x4e02f2383b3b4L,0x943f01f53ca35L,0xde03ca569966bL,0xb5ac4ff6632b2L,
-        0x03f5ab924fa00L } },
-    /* 158 */
-    { { 0xbb0d959739efbL,0xf4e7ebec0d337L,0x11a67d1c751b0L,0x256e2da52dd64L,
-        0x08bc768872b74L },
-      { 0xe3b7282d3d253L,0xa1f58d779fa5bL,0x16767bba9f679L,0xf34fa1cac168eL,
-        0x0b386f19060fcL } },
-    /* 159 */
-    { { 0x3c1352fedcfc2L,0x6262f8af0d31fL,0x57288c25396bfL,0x9c4d9a02b4eaeL,
-        0x04cb460f71b06L },
-      { 0x7b4d35b8095eaL,0x596fc07603ae6L,0x614a16592bbf8L,0x5223e1475f66bL,
-        0x052c0d50895efL } },
-    /* 160 */
-    { { 0xc210e15339848L,0xe870778c8d231L,0x956e170e87a28L,0x9c0b9d1de6616L,
-        0x04ac3c9382bb0L },
-      { 0xe05516998987dL,0xc4ae09f4d619bL,0xa3f933d8b2376L,0x05f41de0b7651L,
-        0x0380d94c7e397L } },
-    /* 161 */
-    { { 0x355aa81542e75L,0xa1ee01b9b701aL,0x24d708796c724L,0x37af6b3a29776L,
-        0x02ce3e171de26L },
-      { 0xfeb49f5d5bc1aL,0x7e2777e2b5cfeL,0x513756ca65560L,0x4e4d4feaac2f9L,
-        0x02e6cd8520b62L } },
-    /* 162 */
-    { { 0x5954b8c31c31dL,0x005bf21a0c368L,0x5c79ec968533dL,0x9d540bd7626e7L,
-        0x0ca17754742c6L },
-      { 0xedafff6d2dbb2L,0xbd174a9d18cc6L,0xa4578e8fd0d8cL,0x2ce6875e8793aL,
-        0x0a976a7139cabL } },
-    /* 163 */
-    { { 0x51f1b93fb353dL,0x8b57fcfa720a6L,0x1b15281d75cabL,0x4999aa88cfa73L,
-        0x08720a7170a1fL },
-      { 0xe8d37693e1b90L,0x0b16f6dfc38c3L,0x52a8742d345dcL,0x893c8ea8d00abL,
-        0x09719ef29c769L } },
-    /* 164 */
-    { { 0xeed8d58e35909L,0xdc33ddc116820L,0xe2050269366d8L,0x04c1d7f999d06L,
-        0x0a5072976e157L },
-      { 0xa37eac4e70b2eL,0x576890aa8a002L,0x45b2a5c84dcf6L,0x7725cd71bf186L,
-        0x099389c9df7b7L } },
-    /* 165 */
-    { { 0xc08f27ada7a4bL,0x03fd389366238L,0x66f512c3abe9dL,0x82e46b672e897L,
-        0x0a88806aa202cL },
-      { 0x2044ad380184eL,0xc4126a8b85660L,0xd844f17a8cb78L,0xdcfe79d670c0aL,
-        0x00043bffb4738L } },
-    /* 166 */
-    { { 0x9b5dc36d5192eL,0xd34590b2af8d5L,0x1601781acf885L,0x486683566d0a1L,
-        0x052f3ef01ba6cL },
-      { 0x6732a0edcb64dL,0x238068379f398L,0x040f3090a482cL,0x7e7516cbe5fa7L,
-        0x03296bd899ef2L } },
-    /* 167 */
-    { { 0xaba89454d81d7L,0xef51eb9b3c476L,0x1c579869eade7L,0x71e9619a21cd8L,
-        0x03b90febfaee5L },
-      { 0x3023e5496f7cbL,0xd87fb51bc4939L,0x9beb5ce55be41L,0x0b1803f1dd489L,
-        0x06e88069d9f81L } },
-    /* 168 */
-    { { 0x7ab11b43ea1dbL,0xa95259d292ce3L,0xf84f1860a7ff1L,0xad13851b02218L,
-        0x0a7222beadefaL },
-      { 0xc78ec2b0a9144L,0x51f2fa59c5a2aL,0x147ce385a0240L,0xc69091d1eca56L,
-        0x0be94d523bc2aL } },
-    /* 169 */
-    { { 0x4945e0b226ce7L,0x47967e8b7072fL,0x5a6c63eb8afd7L,0xc766edea46f18L,
-        0x07782defe9be8L },
-      { 0xd2aa43db38626L,0x8776f67ad1760L,0x4499cdb460ae7L,0x2e4b341b86fc5L,
-        0x003838567a289L } },
-    /* 170 */
-    { { 0xdaefd79ec1a0fL,0xfdceb39c972d8L,0x8f61a953bbcd6L,0xb420f5575ffc5L,
-        0x0dbd986c4adf7L },
-      { 0xa881415f39eb7L,0xf5b98d976c81aL,0xf2f717d6ee2fcL,0xbbd05465475dcL,
-        0x08e24d3c46860L } },
-    /* 171 */
-    { { 0xd8e549a587390L,0x4f0cbec588749L,0x25983c612bb19L,0xafc846e07da4bL,
-        0x0541a99c4407bL },
-      { 0x41692624c8842L,0x2ad86c05ffdb2L,0xf7fcf626044c1L,0x35d1c59d14b44L,
-        0x0c0092c49f57dL } },
-    /* 172 */
-    { { 0xc75c3df2e61efL,0xc82e1b35cad3cL,0x09f29f47e8841L,0x944dc62d30d19L,
-        0x075e406347286L },
-      { 0x41fc5bbc237d0L,0xf0ec4f01c9e7dL,0x82bd534c9537bL,0x858691c51a162L,
-        0x05b7cb658c784L } },
-    /* 173 */
-    { { 0xa70848a28ead1L,0x08fd3b47f6964L,0x67e5b39802dc5L,0x97a19ae4bfd17L,
-        0x07ae13eba8df0L },
-      { 0x16ef8eadd384eL,0xd9b6b2ff06fd2L,0xbcdb5f30361a2L,0xe3fd204b98784L,
-        0x0787d8074e2a8L } },
-    /* 174 */
-    { { 0x25d6b757fbb1cL,0xb2ca201debc5eL,0xd2233ffe47bddL,0x84844a55e9a36L,
-        0x05c2228199ef2L },
-      { 0xd4a8588315250L,0x2b827097c1773L,0xef5d33f21b21aL,0xf2b0ab7c4ea1dL,
-        0x0e45d37abbaf0L } },
-    /* 175 */
-    { { 0xf1e3428511c8aL,0xc8bdca6cd3d2dL,0x27c39a7ebb229L,0xb9d3578a71a76L,
-        0x0ed7bc12284dfL },
-      { 0x2a6df93dea561L,0x8dd48f0ed1cf2L,0xbad23e85443f1L,0x6d27d8b861405L,
-        0x0aac97cc945caL } },
-    /* 176 */
-    { { 0x4ea74a16bd00aL,0xadf5c0bcc1eb5L,0xf9bfc06d839e9L,0xdc4e092bb7f11L,
-        0x0318f97b31163L },
-      { 0x0c5bec30d7138L,0x23abc30220eccL,0x022360644e8dfL,0xff4d2bb7972fbL,
-        0x0fa41faa19a84L } },
-    /* 177 */
-    { { 0x2d974a6642269L,0xce9bb783bd440L,0x941e60bc81814L,0xe9e2398d38e47L,
-        0x038bb6b2c1d26L },
-      { 0xe4a256a577f87L,0x53dc11fe1cc64L,0x22807288b52d2L,0x01a5ff336abf6L,
-        0x094dd0905ce76L } },
-    /* 178 */
-    { { 0xcf7dcde93f92aL,0xcb89b5f315156L,0x995e750a01333L,0x2ae902404df9cL,
-        0x092077867d25cL },
-      { 0x71e010bf39d44L,0x2096bb53d7e24L,0xc9c3d8f5f2c90L,0xeb514c44b7b35L,
-        0x081e8428bd29bL } },
-    /* 179 */
-    { { 0x9c2bac477199fL,0xee6b5ecdd96ddL,0xe40fd0e8cb8eeL,0xa4b18af7db3feL,
-        0x01b94ab62dbbfL },
-      { 0x0d8b3ce47f143L,0xfc63f4616344fL,0xc59938351e623L,0x90eef18f270fcL,
-        0x006a38e280555L } },
-    /* 180 */
-    { { 0xb0139b3355b49L,0x60b4ebf99b2e5L,0x269f3dc20e265L,0xd4f8c08ffa6bdL,
-        0x0a7b36c2083d9L },
-      { 0x15c3a1b3e8830L,0xe1a89f9c0b64dL,0x2d16930d5fceaL,0x2a20cfeee4a2eL,
-        0x0be54c6b4a282L } },
-    /* 181 */
-    { { 0xdb3df8d91167cL,0x79e7a6625ed6cL,0x46ac7f4517c3fL,0x22bb7105648f3L,
-        0x0bf30a5abeae0L },
-      { 0x785be93828a68L,0x327f3ef0368e7L,0x92146b25161c3L,0xd13ae11b5feb5L,
-        0x0d1c820de2732L } },
-    /* 182 */
-    { { 0xe13479038b363L,0x546b05e519043L,0x026cad158c11fL,0x8da34fe57abe6L,
-        0x0b7d17bed68a1L },
-      { 0xa5891e29c2559L,0x765bfffd8444cL,0x4e469484f7a03L,0xcc64498de4af7L,
-        0x03997fd5e6412L } },
-    /* 183 */
-    { { 0x746828bd61507L,0xd534a64d2af20L,0xa8a15e329e132L,0x13e8ffeddfb08L,
-        0x00eeb89293c6cL },
-      { 0x69a3ea7e259f8L,0xe6d13e7e67e9bL,0xd1fa685ce1db7L,0xb6ef277318f6aL,
-        0x0228916f8c922L } },
-    /* 184 */
-    { { 0xae25b0a12ab5bL,0x1f957bc136959L,0x16e2b0ccc1117L,0x097e8058429edL,
-        0x0ec05ad1d6e93L },
-      { 0xba5beac3f3708L,0x3530b59d77157L,0x18234e531baf9L,0x1b3747b552371L,
-        0x07d3141567ff1L } },
-    /* 185 */
-    { { 0x9c05cf6dfefabL,0x68dcb377077bdL,0xa38bb95be2f22L,0xd7a3e53ead973L,
-        0x0e9ce66fc9bc1L },
-      { 0xa15766f6a02a1L,0xdf60e600ed75aL,0x8cdc1b938c087L,0x0651f8947f346L,
-        0x0d9650b017228L } },
-    /* 186 */
-    { { 0xb4c4a5a057e60L,0xbe8def25e4504L,0x7c1ccbdcbccc3L,0xb7a2a63532081L,
-        0x014d6699a804eL },
-      { 0xa8415db1f411aL,0x0bf80d769c2c8L,0xc2f77ad09fbafL,0x598ab4deef901L,
-        0x06f4c68410d43L } },
-    /* 187 */
-    { { 0x6df4e96c24a96L,0x85fcbd99a3872L,0xb2ae30a534dbcL,0x9abb3c466ef28L,
-        0x04c4350fd6118L },
-      { 0x7f716f855b8daL,0x94463c38a1296L,0xae9334341a423L,0x18b5c37e1413eL,
-        0x0a726d2425a31L } },
-    /* 188 */
-    { { 0x6b3ee948c1086L,0x3dcbd3a2e1daeL,0x3d022f3f1de50L,0xf3923f35ed3f0L,
-        0x013639e82cc6cL },
-      { 0x938fbcdafaa86L,0xfb2654a2589acL,0x5051329f45bc5L,0x35a31963b26e4L,
-        0x0ca9365e1c1a3L } },
-    /* 189 */
-    { { 0x5ac754c3b2d20L,0x17904e241b361L,0xc9d071d742a54L,0x72a5b08521c4cL,
-        0x09ce29c34970bL },
-      { 0x81f736d3e0ad6L,0x9ef2f8434c8ccL,0xce862d98060daL,0xaf9835ed1d1a6L,
-        0x048c4abd7ab42L } },
-    /* 190 */
-    { { 0x1b0cc40c7485aL,0xbbe5274dbfd22L,0x263d2e8ead455L,0x33cb493c76989L,
-        0x078017c32f67bL },
-      { 0x35769930cb5eeL,0x940c408ed2b9dL,0x72f1a4dc0d14eL,0x1c04f8b7bf552L,
-        0x053cd0454de5cL } },
-    /* 191 */
-    { { 0x585fa5d28ccacL,0x56005b746ebcdL,0xd0123aa5f823eL,0xfa8f7c79f0a1cL,
-        0x0eea465c1d3d7L },
-      { 0x0659f0551803bL,0x9f7ce6af70781L,0x9288e706c0b59L,0x91934195a7702L,
-        0x01b6e42a47ae6L } },
-    /* 192 */
-    { { 0x0937cf67d04c3L,0xe289eeb8112e8L,0x2594d601e312bL,0xbd3d56b5d8879L,
-        0x00224da14187fL },
-      { 0xbb8630c5fe36fL,0x604ef51f5f87aL,0x3b429ec580f3cL,0xff33964fb1bfbL,
-        0x060838ef042bfL } },
-    /* 193 */
-    { { 0xcb2f27e0bbe99L,0xf304aa39ee432L,0xfa939037bda44L,0x16435f497c7a9L,
-        0x0636eb2022d33L },
-      { 0xd0e6193ae00aaL,0xfe31ae6d2ffcfL,0xf93901c875a00L,0x8bacf43658a29L,
-        0x08844eeb63921L } },
-    /* 194 */
-    { { 0x171d26b3bae58L,0x7117e39f3e114L,0x1a8eada7db3dfL,0x789ecd37bc7f8L,
-        0x027ba83dc51fbL },
-      { 0xf439ffbf54de5L,0x0bb5fe1a71a7dL,0xb297a48727703L,0xa4ab42ee8e35dL,
-        0x0adb62d3487f3L } },
-    /* 195 */
-    { { 0x168a2a175df2aL,0x4f618c32e99b1L,0x46b0916082aa0L,0xc8b2c9e4f2e71L,
-        0x0b990fd7675e7L },
-      { 0x9d96b4df37313L,0x79d0b40789082L,0x80877111c2055L,0xd18d66c9ae4a7L,
-        0x081707ef94d10L } },
-    /* 196 */
-    { { 0x7cab203d6ff96L,0xfc0d84336097dL,0x042db4b5b851bL,0xaa5c268823c4dL,
-        0x03792daead5a8L },
-      { 0x18865941afa0bL,0x4142d83671528L,0xbe4e0a7f3e9e7L,0x01ba17c825275L,
-        0x05abd635e94b0L } },
-    /* 197 */
-    { { 0xfa84e0ac4927cL,0x35a7c8cf23727L,0xadca0dfe38860L,0xb610a4bcd5ea4L,
-        0x05995bf21846aL },
-      { 0xf860b829dfa33L,0xae958fc18be90L,0x8630366caafe2L,0x411e9b3baf447L,
-        0x044c32ca2d483L } },
-    /* 198 */
-    { { 0xa97f1e40ed80cL,0xb131d2ca82a74L,0xc2d6ad95f938cL,0xa54c53f2124b7L,
-        0x01f2162fb8082L },
-      { 0x67cc5720b173eL,0x66085f12f97e4L,0xc9d65dc40e8a6L,0x07c98cebc20e4L,
-        0x08f1d402bc3e9L } },
-    /* 199 */
-    { { 0x92f9cfbc4058aL,0xb6292f56704f5L,0xc1d8c57b15e14L,0xdbf9c55cfe37bL,
-        0x0b1980f43926eL },
-      { 0x33e0932c76b09L,0x9d33b07f7898cL,0x63bb4611df527L,0x8e456f08ead48L,
-        0x02828ad9b3744L } },
-    /* 200 */
-    { { 0x722c4c4cf4ac5L,0x3fdde64afb696L,0x0890832f5ac1aL,0xb3900551baa2eL,
-        0x04973f1275a14L },
-      { 0xd8335322eac5dL,0xf50bd9b568e59L,0x25883935e07eeL,0x8ac7ab36720faL,
-        0x06dac8ed0db16L } },
-    /* 201 */
-    { { 0x545aeeda835efL,0xd21d10ed51f7bL,0x3741b094aa113L,0xde4c035a65e01L,
-        0x04b23ef5920b9L },
-      { 0xbb6803c4c7341L,0x6d3f58bc37e82L,0x51e3ee8d45770L,0x9a4e73527863aL,
-        0x04dd71534ddf4L } },
-    /* 202 */
-    { { 0x4467295476cd9L,0x2fe31a725bbf9L,0xc4b67e0648d07L,0x4dbb1441c8b8fL,
-        0x0fd3170002f4aL },
-      { 0x43ff48995d0e1L,0xd10ef729aa1cbL,0x179898276e695L,0xf365e0d5f9764L,
-        0x014fac58c9569L } },
-    /* 203 */
-    { { 0xa0065f312ae18L,0xc0fcc93fc9ad9L,0xa7d284651958dL,0xda50d9a142408L,
-        0x0ed7c765136abL },
-      { 0x70f1a25d4abbcL,0xf3f1a113ea462L,0xb51952f9b5dd8L,0x9f53c609b0755L,
-        0x0fefcb7f74d2eL } },
-    /* 204 */
-    { { 0x9497aba119185L,0x30aac45ba4bd0L,0xa521179d54e8cL,0xd80b492479deaL,
-        0x01801a57e87e0L },
-      { 0xd3f8dfcafffb0L,0x0bae255240073L,0xb5fdfbc6cf33cL,0x1064781d763b5L,
-        0x09f8fc11e1eadL } },
-    /* 205 */
-    { { 0x3a1715e69544cL,0x67f04b7813158L,0x78a4c320eaf85L,0x69a91e22a8fd2L,
-        0x0a9d3809d3d3aL },
-      { 0xc2c2c59a2da3bL,0xf61895c847936L,0x3d5086938ccbcL,0x8ef75e65244e6L,
-        0x03006b9aee117L } },
-    /* 206 */
-    { { 0x1f2b0c9eead28L,0x5d89f4dfbc0bbL,0x2ce89397eef63L,0xf761074757fdbL,
-        0x00ab85fd745f8L },
-      { 0xa7c933e5b4549L,0x5c97922f21ecdL,0x43b80404be2bbL,0x42c2261a1274bL,
-        0x0b122d67511e9L } },
-    /* 207 */
-    { { 0x607be66a5ae7aL,0xfa76adcbe33beL,0xeb6e5c501e703L,0xbaecaf9043014L,
-        0x09f599dc1097dL },
-      { 0x5b7180ff250edL,0x74349a20dc6d7L,0x0b227a38eb915L,0x4b78425605a41L,
-        0x07d5528e08a29L } },
-    /* 208 */
-    { { 0x58f6620c26defL,0xea582b2d1ef0fL,0x1ce3881025585L,0x1730fbe7d79b0L,
-        0x028ccea01303fL },
-      { 0xabcd179644ba5L,0xe806fff0b8d1dL,0x6b3e17b1fc643L,0x13bfa60a76fc6L,
-        0x0c18baf48a1d0L } },
-    /* 209 */
-    { { 0x638c85dc4216dL,0x67206142ac34eL,0x5f5064a00c010L,0x596bd453a1719L,
-        0x09def809db7a9L },
-      { 0x8642e67ab8d2cL,0x336237a2b641eL,0x4c4218bb42404L,0x8ce57d506a6d6L,
-        0x00357f8b06880L } },
-    /* 210 */
-    { { 0xdbe644cd2cc88L,0x8df0b8f39d8e9L,0xd30a0c8cc61c2L,0x98874a309874cL,
-        0x0e4a01add1b48L },
-      { 0x1eeacf57cd8f9L,0x3ebd594c482edL,0xbd2f7871b767dL,0xcc30a7295c717L,
-        0x0466d7d79ce10L } },
-    /* 211 */
-    { { 0x318929dada2c7L,0xc38f9aa27d47dL,0x20a59e14fa0a6L,0xad1a90e4fd288L,
-        0x0c672a522451eL },
-      { 0x07cc85d86b655L,0x3bf9ad4af1306L,0x71172a6f0235dL,0x751399a086805L,
-        0x05e3d64faf2a6L } },
-    /* 212 */
-    { { 0x410c79b3b4416L,0x85eab26d99aa6L,0xb656a74cd8fcfL,0x42fc5ebff74adL,
-        0x06c8a7a95eb8eL },
-      { 0x60ba7b02a63bdL,0x038b8f004710cL,0x12d90b06b2f23L,0xca918c6c37383L,
-        0x0348ae422ad82L } },
-    /* 213 */
-    { { 0x746635ccda2fbL,0xa18e0726d27f4L,0x92b1f2022accaL,0x2d2e85adf7824L,
-        0x0c1074de0d9efL },
-      { 0x3ce44ae9a65b3L,0xac05d7151bfcfL,0xe6a9788fd71e4L,0x4ffcd4711f50cL,
-        0x0fbadfbdbc9e5L } },
-    /* 214 */
-    { { 0x3f1cd20a99363L,0x8f6cf22775171L,0x4d359b2b91565L,0x6fcd968175cd2L,
-        0x0b7f976b48371L },
-      { 0x8e24d5d6dbf74L,0xfd71c3af36575L,0x243dfe38d23baL,0xc80548f477600L,
-        0x0f4d41b2ecafcL } },
-    /* 215 */
-    { { 0x1cf28fdabd48dL,0x3632c078a451fL,0x17146e9ce81beL,0x0f106ace29741L,
-        0x0180824eae016L },
-      { 0x7698b66e58358L,0x52ce6ca358038L,0xe41e6c5635687L,0x6d2582380e345L,
-        0x067e5f63983cfL } },
-    /* 216 */
-    { { 0xccb8dcf4899efL,0xf09ebb44c0f89L,0x2598ec9949015L,0x1fc6546f9276bL,
-        0x09fef789a04c1L },
-      { 0x67ecf53d2a071L,0x7fa4519b096d3L,0x11e2eefb10e1aL,0x4e20ca6b3fb06L,
-        0x0bc80c181a99cL } },
-    /* 217 */
-    { { 0x536f8e5eb82e6L,0xc7f56cb920972L,0x0b5da5e1a484fL,0xdf10c78e21715L,
-        0x049270e629f8cL },
-      { 0x9b7bbea6b50adL,0xc1a2388ffc1a3L,0x107197b9a0284L,0x2f7f5403eb178L,
-        0x0d2ee52f96137L } },
-    /* 218 */
-    { { 0xcd28588e0362aL,0xa78fa5d94dd37L,0x434a526442fa8L,0xb733aff836e5aL,
-        0x0dfb478bee5abL },
-      { 0xf1ce7673eede6L,0xd42b5b2f04a91L,0x530da2fa5390aL,0x473a5e66f7bf5L,
-        0x0d9a140b408dfL } },
-    /* 219 */
-    { { 0x221b56e8ea498L,0x293563ee090e0L,0x35d2ade623478L,0x4b1ae06b83913L,
-        0x0760c058d623fL },
-      { 0x9b58cc198aa79L,0xd2f07aba7f0b8L,0xde2556af74890L,0x04094e204110fL,
-        0x07141982d8f19L } },
-    /* 220 */
-    { { 0xa0e334d4b0f45L,0x38392a94e16f0L,0x3c61d5ed9280bL,0x4e473af324c6bL,
-        0x03af9d1ce89d5L },
-      { 0xf798120930371L,0x4c21c17097fd8L,0xc42309beda266L,0x7dd60e9545dcdL,
-        0x0b1f815c37395L } },
-    /* 221 */
-    { { 0xaa78e89fec44aL,0x473caa4caf84fL,0x1b6a624c8c2aeL,0xf052691c807dcL,
-        0x0a41aed141543L },
-      { 0x353997d5ffe04L,0xdf625b6e20424L,0x78177758bacb2L,0x60ef85d660be8L,
-        0x0d6e9c1dd86fbL } },
-    /* 222 */
-    { { 0x2e97ec6853264L,0xb7e2304a0b3aaL,0x8eae9be771533L,0xf8c21b912bb7bL,
-        0x09c9c6e10ae9bL },
-      { 0x09a59e030b74cL,0x4d6a631e90a23L,0x49b79f24ed749L,0x61b689f44b23aL,
-        0x0566bd59640faL } },
-    /* 223 */
-    { { 0xc0118c18061f3L,0xd37c83fc70066L,0x7273245190b25L,0x345ef05fc8e02L,
-        0x0cf2c7390f525L },
-      { 0xbceb410eb30cfL,0xba0d77703aa09L,0x50ff255cfd2ebL,0x0979e842c43a1L,
-        0x002f517558aa2L } },
-    /* 224 */
-    { { 0xef794addb7d07L,0x4224455500396L,0x78aa3ce0b4fc7L,0xd97dfaff8eaccL,
-        0x014e9ada5e8d4L },
-      { 0x480a12f7079e2L,0xcde4b0800edaaL,0x838157d45baa3L,0x9ae801765e2d7L,
-        0x0a0ad4fab8e9dL } },
-    /* 225 */
-    { { 0xb76214a653618L,0x3c31eaaa5f0bfL,0x4949d5e187281L,0xed1e1553e7374L,
-        0x0bcd530b86e56L },
-      { 0xbe85332e9c47bL,0xfeb50059ab169L,0x92bfbb4dc2776L,0x341dcdba97611L,
-        0x0909283cf6979L } },
-    /* 226 */
-    { { 0x0032476e81a13L,0x996217123967bL,0x32e19d69bee1aL,0x549a08ed361bdL,
-        0x035eeb7c9ace1L },
-      { 0x0ae5a7e4e5bdcL,0xd3b6ceec6e128L,0xe266bc12dcd2cL,0xe86452e4224c6L,
-        0x09a8b2cf4448aL } },
-    /* 227 */
-    { { 0x71bf209d03b59L,0xa3b65af2abf64L,0xbd5eec9c90e62L,0x1379ff7ff168eL,
-        0x06bdb60f4d449L },
-      { 0xafebc8a55bc30L,0x1610097fe0dadL,0xc1e3bddc79eadL,0x08a942e197414L,
-        0x001ec3cfd94baL } },
-    /* 228 */
-    { { 0x277ebdc9485c2L,0x7922fb10c7ba6L,0x0a28d8a48cc9aL,0x64f64f61d60f7L,
-        0x0d1acb1c04754L },
-      { 0x902b126f36612L,0x4ee0618d8bd26L,0x08357ee59c3a4L,0x26c24df8a8133L,
-        0x07dcd079d4056L } },
-    /* 229 */
-    { { 0x7d4d3f05a4b48L,0x52372307725ceL,0x12a915aadcd29L,0x19b8d18f79718L,
-        0x00bf53589377dL },
-      { 0xcd95a6c68ea73L,0xca823a584d35eL,0x473a723c7f3bbL,0x86fc9fb674c6fL,
-        0x0d28be4d9e166L } },
-    /* 230 */
-    { { 0xb990638fa8e4bL,0x6e893fd8fc5d2L,0x36fb6fc559f18L,0x88ce3a6de2aa4L,
-        0x0d76007aa510fL },
-      { 0x0aab6523a4988L,0x4474dd02732d1L,0x3407278b455cfL,0xbb017f467082aL,
-        0x0f2b52f68b303L } },
-    /* 231 */
-    { { 0x7eafa9835b4caL,0xfcbb669cbc0d5L,0x66431982d2232L,0xed3a8eeeb680cL,
-        0x0d8dbe98ecc5aL },
-      { 0x9be3fc5a02709L,0xe5f5ba1fa8cbaL,0x10ea85230be68L,0x9705febd43cdfL,
-        0x0e01593a3ee55L } },
-    /* 232 */
-    { { 0x5af50ea75a0a6L,0xac57858033d3eL,0x0176406512226L,0xef066fe6d50fdL,
-        0x0afec07b1aeb8L },
-      { 0x9956780bb0a31L,0xcc37309aae7fbL,0x1abf3896f1af3L,0xbfdd9153a15a0L,
-        0x0a71b93546e2dL } },
-    /* 233 */
-    { { 0xe12e018f593d2L,0x28a078122bbf8L,0xba4f2add1a904L,0x23d9150505db0L,
-        0x053a2005c6285L },
-      { 0x8b639e7f2b935L,0x5ac182961a07cL,0x518ca2c2bff97L,0x8e3d86bceea77L,
-        0x0bf47d19b3d58L } },
-    /* 234 */
-    { { 0x967a7dd7665d5L,0x572f2f4de5672L,0x0d4903f4e3030L,0xa1b6144005ae8L,
-        0x0001c2c7f39c9L },
-      { 0xa801469efc6d6L,0xaa7bc7a724143L,0x78150a4c810bdL,0xb99b5f65670baL,
-        0x0fdadf8e786ffL } },
-    /* 235 */
-    { { 0x8cb88ffc00785L,0x913b48eb67fd3L,0xf368fbc77fa75L,0x3c940454d055bL,
-        0x03a838e4d5aa4L },
-      { 0x663293e97bb9aL,0x63441d94d9561L,0xadb2a839eb933L,0x1da3515591a60L,
-        0x03cdb8257873eL } },
-    /* 236 */
-    { { 0x140a97de77eabL,0x0d41648109137L,0xeb1d0dff7e1c5L,0x7fba762dcad2cL,
-        0x05a60cc89f1f5L },
-      { 0x3638240d45673L,0x195913c65580bL,0xd64b7411b82beL,0x8fc0057284b8dL,
-        0x0922ff56fdbfdL } },
-    /* 237 */
-    { { 0x65deec9a129a1L,0x57cc284e041b2L,0xebfbe3ca5b1ceL,0xcd6204380c46cL,
-        0x072919a7df6c5L },
-      { 0xf453a8fb90f9aL,0x0b88e4031b298L,0x96f1856d719c0L,0x089ae32c0e777L,
-        0x05e7917803624L } },
-    /* 238 */
-    { { 0x6ec557f63cdfbL,0x71f1cae4fd5c1L,0x60597ca8e6a35L,0x2fabfce26bea5L,
-        0x04e0a5371e24cL },
-      { 0xa40d3a5765357L,0x440d73a2b4276L,0x1d11a323c89afL,0x04eeb8f370ae4L,
-        0x0f5ff7818d566L } },
-    /* 239 */
-    { { 0x3e3fe1a09df21L,0x8ee66e8e47fbfL,0x9c8901526d5d2L,0x5e642096bd0a2L,
-        0x0e41df0e9533fL },
-      { 0xfda40b3ba9e3fL,0xeb2604d895305L,0xf0367c7f2340cL,0x155f0866e1927L,
-        0x08edd7d6eac4fL } },
-    /* 240 */
-    { { 0x1dc0e0bfc8ff3L,0x2be936f42fc9aL,0xca381ef14efd8L,0xee9667016f7ccL,
-        0x01432c1caed8aL },
-      { 0x8482970b23c26L,0x730735b273ec6L,0xaef0f5aa64fe8L,0xd2c6e389f6e5eL,
-        0x0caef480b5ac8L } },
-    /* 241 */
-    { { 0x5c97875315922L,0x713063cca5524L,0x64ef2cbd82951L,0xe236f3ce60d0bL,
-        0x0d0ba177e8efaL },
-      { 0x9ae8fb1b3af60L,0xe53d2da20e53aL,0xf9eef281a796aL,0xae1601d63605dL,
-        0x0f31c957c1c54L } },
-    /* 242 */
-    { { 0x58d5249cc4597L,0xb0bae0a028c0fL,0x34a814adc5015L,0x7c3aefc5fc557L,
-        0x0013404cb96e1L },
-      { 0xe2585c9a824bfL,0x5e001eaed7b29L,0x1ef68acd59318L,0x3e6c8d6ee6826L,
-        0x06f377c4b9193L } },
-    /* 243 */
-    { { 0x3bad1a8333fd2L,0x025a2a95b89f9L,0xaf75acea89302L,0x9506211e5037eL,
-        0x06dba3e4ed2d0L },
-      { 0xef98cd04399cdL,0x6ee6b73adea48L,0x17ecaf31811c6L,0xf4a772f60752cL,
-        0x0f13cf3423becL } },
-    /* 244 */
-    { { 0xb9ec0a919e2ebL,0x95f62c0f68ceeL,0xaba229983a9a1L,0xbad3cfba3bb67L,
-        0x0c83fa9a9274bL },
-      { 0xd1b0b62fa1ce0L,0xf53418efbf0d7L,0x2706f04e58b60L,0x2683bfa8ef9e5L,
-        0x0b49d70f45d70L } },
-    /* 245 */
-    { { 0xc7510fad5513bL,0xecb1751e2d914L,0x9fb9d5905f32eL,0xf1cf6d850418dL,
-        0x059cfadbb0c30L },
-      { 0x7ac2355cb7fd6L,0xb8820426a3e16L,0x0a78864249367L,0x4b67eaeec58c9L,
-        0x05babf362354aL } },
-    /* 246 */
-    { { 0x981d1ee424865L,0x78f2e5577f37cL,0x9e0c0588b0028L,0xc8f0702970f1bL,
-        0x06188c6a79026L },
-      { 0x9a19bd0f244daL,0x5cfb08087306fL,0xf2136371eccedL,0xb9d935470f9b9L,
-        0x0993fe475df50L } },
-    /* 247 */
-    { { 0x31cdf9b2c3609L,0xc02c46d4ea68eL,0xa77510184eb19L,0x616b7ac9ec1a9L,
-        0x081f764664c80L },
-      { 0xc2a5a75fbe978L,0xd3f183b3561d7L,0x01dd2bf6743feL,0x060d838d1f045L,
-        0x0564a812a5fe9L } },
-    /* 248 */
-    { { 0xa64f4fa817d1dL,0x44bea82e0f7a5L,0xd57f9aa55f968L,0x1d6cb5ff5a0fcL,
-        0x0226bf3cf00e5L },
-      { 0x1a9f92f2833cfL,0x5a4f4f89a8d6dL,0xf3f7f7720a0a3L,0x783611536c498L,
-        0x068779f47ff25L } },
-    /* 249 */
-    { { 0x0c1c173043d08L,0x741fc020fa79bL,0xa6d26d0a54467L,0x2e0bd3767e289L,
-        0x097bcb0d1eb09L },
-      { 0x6eaa8f32ed3c3L,0x51b281bc482abL,0xfa178f3c8a4f1L,0x46554d1bf4f3bL,
-        0x0a872ffe80a78L } },
-    /* 250 */
-    { { 0xb7935a32b2086L,0x0e8160f486b1aL,0xb6ae6bee1eb71L,0xa36a9bd0cd913L,
-        0x002812bfcb732L },
-      { 0xfd7cacf605318L,0x50fdfd6d1da63L,0x102d619646e5dL,0x96afa1d683982L,
-        0x007391cc9fe53L } },
-    /* 251 */
-    { { 0x157f08b80d02bL,0xd162877f7fc50L,0x8d542ae6b8333L,0x2a087aca1af87L,
-        0x0355d2adc7e6dL },
-      { 0xf335a287386e1L,0x94f8e43275b41L,0x79989eafd272aL,0x3a79286ca2cdeL,
-        0x03dc2b1e37c2aL } },
-    /* 252 */
-    { { 0x9d21c04581352L,0x25376782bed68L,0xfed701f0a00c8L,0x846b203bd5909L,
-        0x0c47869103ccdL },
-      { 0xa770824c768edL,0x026841f6575dbL,0xaccce0e72feeaL,0x4d3273313ed56L,
-        0x0ccc42968d5bbL } },
-    /* 253 */
-    { { 0x50de13d7620b9L,0x8a5992a56a94eL,0x75487c9d89a5cL,0x71cfdc0076406L,
-        0x0e147eb42aa48L },
-      { 0xab4eeacf3ae46L,0xfb50350fbe274L,0x8c840eafd4936L,0x96e3df2afe474L,
-        0x0239ac047080eL } },
-    /* 254 */
-    { { 0xd1f352bfee8d4L,0xcffa7b0fec481L,0xce9af3cce80b5L,0xe59d105c4c9e2L,
-        0x0c55fa1a3f5f7L },
-      { 0x6f14e8257c227L,0x3f342be00b318L,0xa904fb2c5b165L,0xb69909afc998aL,
-        0x0094cd99cd4f4L } },
-    /* 255 */
-    { { 0x81c84d703bebaL,0x5032ceb2918a9L,0x3bd49ec8631d1L,0xad33a445f2c9eL,
-        0x0b90a30b642abL },
-      { 0x5404fb4a5abf9L,0xc375db7603b46L,0xa35d89f004750L,0x24f76f9a42cccL,
-        0x0019f8b9a1b79L } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_5(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_5(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 5);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 5, km);
-
-            err = sp_256_ecc_mulmod_base_5(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_5(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 5 + 5 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 5 + 5 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 5;
-
-        sp_256_from_mp(k, 5, km);
-        sp_256_point_from_ecc_point_5(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_5(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_5(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_5(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_5(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_5(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_5(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_5(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_add_one_5(sp_digit* a)
-{
-    a[0]++;
-    sp_256_norm_5(a);
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 44U) {
-            r[j] &= 0xfffffffffffffL;
-            s = 52U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_5(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 5, buf, (int)sizeof(buf));
-            if (sp_256_cmp_5(k, p256_order2) <= 0) {
-                sp_256_add_one_5(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 5);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_5(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_5(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_5(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_5(point->x) || sp_256_iszero_5(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_5(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_5_ctx mulmod_ctx;
-    sp_digit k[5];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_5(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_5_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_5_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_5(ctx->point->x) ||
-                    sp_256_iszero_5(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_5(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_5(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<4; i++) {
-        r[i+1] += r[i] >> 52;
-        r[i] &= 0xfffffffffffffL;
-    }
-    j = 263 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<5 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 52) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 52);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 5);
-    int err = MP_OKAY;
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 5, priv);
-        sp_256_point_from_ecc_point_5(point, pub);
-            err = sp_256_ecc_mulmod_5(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_5(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_5_ctx mulmod_ctx;
-    };
-    sp_digit k[5];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 5, priv);
-            sp_256_point_from_ecc_point_5(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_5_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_5(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_256_rshift_5(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<4; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (52 - n))) & 0xfffffffffffffL);
-    }
-#else
-    for (i=0; i<0; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (52 - n)) & 0xfffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (52 - n)) & 0xfffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (52 - n)) & 0xfffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (52 - n)) & 0xfffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (52 - n)) & 0xfffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (52 - n)) & 0xfffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (52 - n)) & 0xfffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (52 - n)) & 0xfffffffffffffL);
-    }
-    r[0] = (a[0] >> n) | (sp_digit)((a[1] << (52 - n)) & 0xfffffffffffffL);
-    r[1] = (a[1] >> n) | (sp_digit)((a[2] << (52 - n)) & 0xfffffffffffffL);
-    r[2] = (a[2] >> n) | (sp_digit)((a[3] << (52 - n)) & 0xfffffffffffffL);
-    r[3] = (a[3] >> n) | (sp_digit)((a[4] << (52 - n)) & 0xfffffffffffffL);
-#endif /* WOLFSSL_SP_SMALL */
-    r[4] = a[4] >> n;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_256_mul_d_5(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 5; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0xfffffffffffffL);
-        t >>= 52;
-    }
-    r[5] = (sp_digit)t;
-#else
-    sp_int128 tb = b;
-    sp_int128 t[5];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    r[ 0] = (sp_digit)                 (t[ 0] & 0xfffffffffffffL);
-    r[ 1] = (sp_digit)((t[ 0] >> 52) + (t[ 1] & 0xfffffffffffffL));
-    r[ 2] = (sp_digit)((t[ 1] >> 52) + (t[ 2] & 0xfffffffffffffL));
-    r[ 3] = (sp_digit)((t[ 2] >> 52) + (t[ 3] & 0xfffffffffffffL));
-    r[ 4] = (sp_digit)((t[ 3] >> 52) + (t[ 4] & 0xfffffffffffffL));
-    r[ 5] = (sp_digit) (t[ 4] >> 52);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-SP_NOINLINE static void sp_256_lshift_10(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[10] = a[9] >> (52 - n);
-    for (i=9; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (52 - n))) & 0xfffffffffffffL);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[9];
-    r[10] = s >> (52U - n);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (52U - n))) & 0xfffffffffffffUL);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0xfffffffffffffL);
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Simplified based on top word of divisor being very large.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_256_div_5(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 5 + 3);
-    int i;
-    sp_digit r1;
-    sp_digit mask;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 5 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 10 + 1;
-        sd = t2 + 5 + 1;
-
-        sp_256_mul_d_5(sd, d, (sp_digit)1 << 4);
-        sp_256_lshift_10(t1, a, 4);
-        t1[5 + 5] += t1[5 + 5 - 1] >> 52;
-        t1[5 + 5 - 1] &= 0xfffffffffffffL;
-        for (i=4; i>=0; i--) {
-            r1 = t1[5 + i];
-            sp_256_mul_d_5(t2, sd, r1);
-            (void)sp_256_sub_5(&t1[i], &t1[i], t2);
-            t1[5 + i] -= t2[5];
-            sp_256_norm_5(&t1[i + 1]);
-
-            r1 = t1[5 + i];
-            sp_256_mul_d_5(t2, sd, r1);
-            (void)sp_256_sub_5(&t1[i], &t1[i], t2);
-            t1[5 + i] -= t2[5];
-            sp_256_norm_5(&t1[i + 1]);
-
-            mask = ~((t1[5 + i] - 1) >> 63);
-            sp_256_cond_sub_5(t1 + i, t1 + i, sd, mask);
-            sp_256_norm_5(&t1[i + 1]);
-        }
-        sp_256_norm_5(t1);
-        sp_256_rshift_5(r, t1, 4);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_256_mod_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_256_div_5(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_5(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_256_mul_5(r, a, b);
-    sp_256_mont_reduce_order_5(r, p256_order, p256_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word64 p256_order_minus_2[4] = {
-    0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU,
-    0xffffffff00000000U
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[2] = {
-    0xf3b9cac2fc63254fU,0xbce6faada7179e84U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_5(sp_digit* r, const sp_digit* a)
-{
-    sp_256_sqr_5(r, a);
-    sp_256_mont_reduce_order_5(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_5(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_256_mont_sqr_order_5(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_5(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_mont_inv_order_5_ctx {
-    int state;
-    int i;
-} sp_256_mont_inv_order_5_ctx;
-static int sp_256_mont_inv_order_5_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_mont_inv_order_5_ctx* ctx = (sp_256_mont_inv_order_5_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_5_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 5);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_5(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_256_mont_mul_order_5(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 5U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 5);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_5(t, t);
-        if ((p256_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_5(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 5U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 5;
-    sp_digit* t3 = td + 4 * 5;
-    int i;
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_5(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_5(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_5(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_5(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_5(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_5(t, t2, t3);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_5(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_5(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_5(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_5(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_5(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_5(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_5(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_5(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    sp_256_mont_sqr_order_5(t2, t2);
-    sp_256_mont_mul_order_5(t2, t2, a);
-    sp_256_mont_sqr_n_order_5(t2, t2, 5);
-    sp_256_mont_mul_order_5(t2, t2, t3);
-    for (i=121; i>=112; i--) {
-        sp_256_mont_sqr_order_5(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_5(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_5(t2, t2, 4);
-    sp_256_mont_mul_order_5(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_5(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_5(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_5(t2, t2, 4);
-    sp_256_mont_mul_order_5(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_5(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_5(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_5(t2, t2, 4);
-    sp_256_mont_mul_order_5(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_5(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_5(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_5(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_5(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_5(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_5(k, k, p256_norm_order);
-    err = sp_256_mod_5(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_5(k);
-
-        /* kInv = 1/k mod order */
-            sp_256_mont_inv_order_5(kInv, k, tmp);
-        sp_256_norm_5(kInv);
-
-        /* s = r * x + e */
-            sp_256_mul_5(x, x, r);
-        err = sp_256_mod_5(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_5(x);
-        carry = sp_256_add_5(s, e, x);
-        sp_256_cond_sub_5(s, s, p256_order, 0 - carry);
-        sp_256_norm_5(s);
-        c = sp_256_cmp_5(s, p256_order);
-        sp_256_cond_sub_5(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_5(s);
-
-        /* s = s * k^-1 mod order */
-            sp_256_mont_mul_order_5(s, s, kInv);
-        sp_256_norm_5(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 5);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 5, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 5;
-        k = e + 4 * 5;
-        r = e + 6 * 5;
-        tmp = e + 8 * 5;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_5(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 5, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_256_ecc_mulmod_base_5(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 5U);
-            sp_256_norm_5(r);
-            c = sp_256_cmp_5(r, p256_order);
-            sp_256_cond_sub_5(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_5(r);
-
-            if (!sp_256_iszero_5(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 5, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 5, hash, (int)hashLen);
-
-                err = sp_256_calc_s_5(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_5(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 5, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_5_ctx mulmod_ctx;
-        sp_256_mont_inv_order_5_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*5];
-    sp_digit x[2*5];
-    sp_digit k[2*5];
-    sp_digit r[2*5];
-    sp_digit tmp[3 * 2*5];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_5(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 5, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_5_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 5U);
-        sp_256_norm_5(ctx->r);
-        c = sp_256_cmp_5(ctx->r, p256_order);
-        sp_256_cond_sub_5(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_5(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 5, priv);
-        sp_256_from_bin(ctx->e, 5, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_5(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_5(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_5(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_5_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_5(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_5(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_5(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_256_norm_5(ctx->x);
-        carry = sp_256_add_5(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_5(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_5(ctx->s);
-        c = sp_256_cmp_5(ctx->s, p256_order);
-        sp_256_cond_sub_5(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_5(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_5(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_5(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_5(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 5U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 5U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 5U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 5U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 5U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-static const char sp_256_tab64_5[64] = {
-    64,  1, 59,  2, 60, 48, 54,  3,
-    61, 40, 49, 28, 55, 34, 43,  4,
-    62, 52, 38, 41, 50, 19, 29, 21,
-    56, 31, 35, 12, 44, 15, 23,  5,
-    63, 58, 47, 53, 39, 27, 33, 42,
-    51, 37, 18, 20, 30, 11, 14, 22,
-    57, 46, 26, 32, 36, 17, 10, 13,
-    45, 25, 16,  9, 24,  8,  7,  6};
-
-static int sp_256_num_bits_52_5(sp_digit v)
-{
-    v |= v >> 1;
-    v |= v >> 2;
-    v |= v >> 4;
-    v |= v >> 8;
-    v |= v >> 16;
-    v |= v >> 32;
-    return sp_256_tab64_5[((word64)((v - (v >> 1))*0x07EDD5E59A4E28C2)) >> 58];
-}
-
-static int sp_256_num_bits_5(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i = 4; i >= 0; i--) {
-        if (a[i] != 0) {
-            r = sp_256_num_bits_52_5(a[i]);
-            r += i * 52;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- * @return  MEMEORY_E when dynamic memory allocation fails.
- */
-static int sp_256_mod_inv_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, u, 5 * 4);
-    sp_digit* v = NULL;
-    sp_digit* b = NULL;
-    sp_digit* d = NULL;
-    int ut;
-    int vt;
-
-    SP_ALLOC_VAR(sp_digit, u, 5 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        v = u + 5;
-        b = u + 2 * 5;
-        d = u + 3 * 5;
-
-        XMEMCPY(u, m, sizeof(sp_digit) * 5);
-        XMEMCPY(v, a, sizeof(sp_digit) * 5);
-
-        ut = sp_256_num_bits_5(u);
-        vt = sp_256_num_bits_5(v);
-
-        XMEMSET(b, 0, sizeof(sp_digit) * 5);
-        if ((v[0] & 1) == 0) {
-            sp_256_rshift1_5(v, v);
-            XMEMCPY(d, m, sizeof(sp_digit) * 5);
-            d[0]++;
-            sp_256_rshift1_5(d, d);
-            vt--;
-
-            while ((v[0] & 1) == 0) {
-                sp_256_rshift1_5(v, v);
-                if (d[0] & 1)
-                    sp_256_add_5(d, d, m);
-                sp_256_rshift1_5(d, d);
-                vt--;
-            }
-        }
-        else {
-            XMEMSET(d+1, 0, sizeof(sp_digit) * (5 - 1));
-            d[0] = 1;
-        }
-
-        while (ut > 1 && vt > 1) {
-            if ((ut > vt) || ((ut == vt) &&
-                    (sp_256_cmp_5(u, v) >= 0))) {
-                sp_256_sub_5(u, u, v);
-                sp_256_norm_5(u);
-
-                sp_256_sub_5(b, b, d);
-                sp_256_norm_5(b);
-                if (b[4] < 0)
-                    sp_256_add_5(b, b, m);
-                sp_256_norm_5(b);
-                ut = sp_256_num_bits_5(u);
-
-                do {
-                    sp_256_rshift1_5(u, u);
-                    if (b[0] & 1)
-                        sp_256_add_5(b, b, m);
-                    sp_256_rshift1_5(b, b);
-                    ut--;
-                }
-                while (ut > 0 && (u[0] & 1) == 0);
-            }
-            else {
-                sp_256_sub_5(v, v, u);
-                sp_256_norm_5(v);
-
-                sp_256_sub_5(d, d, b);
-                sp_256_norm_5(d);
-                if (d[4] < 0)
-                    sp_256_add_5(d, d, m);
-                sp_256_norm_5(d);
-                vt = sp_256_num_bits_5(v);
-
-                do {
-                    sp_256_rshift1_5(v, v);
-                    if (d[0] & 1)
-                        sp_256_add_5(d, d, m);
-                    sp_256_rshift1_5(d, d);
-                    vt--;
-                }
-                while (vt > 0 && (v[0] & 1) == 0);
-            }
-        }
-
-        if (ut == 1)
-            XMEMCPY(r, b, sizeof(sp_digit) * 5);
-        else
-            XMEMCPY(r, d, sizeof(sp_digit) * 5);
-    }
-    SP_FREE_VAR(u, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_5(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-
-        sp_256_proj_point_add_5(p1, p1, p2, tmp);
-    if (sp_256_iszero_5(p1->z)) {
-        if (sp_256_iszero_5(p1->x) && sp_256_iszero_5(p1->y)) {
-                sp_256_proj_point_dbl_5(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_5(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_256_mod_inv_5(s, s, p256_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_256_mul_5(s, s, p256_norm_order);
-        err = sp_256_mod_5(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_5(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_256_mont_inv_order_5(s, s, tmp);
-            sp_256_mont_mul_order_5(u1, u1, s);
-            sp_256_mont_mul_order_5(u2, u2, s);
-        }
-#else
-        {
-            sp_256_mont_mul_order_5(u1, u1, s);
-            sp_256_mont_mul_order_5(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_256_ecc_mulmod_base_5(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_5(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_5(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_5(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_5(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 5);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 5, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 5;
-        s   = u1 + 4 * 5;
-        tmp = u1 + 6 * 5;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 5, hash, (int)hashLen);
-        sp_256_from_mp(u2, 5, rm);
-        sp_256_from_mp(s, 5, sm);
-        sp_256_from_mp(p2->x, 5, pX);
-        sp_256_from_mp(p2->y, 5, pY);
-        sp_256_from_mp(p2->z, 5, pZ);
-
-        err = sp_256_calc_vfy_point_5(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 5, rm);
-        err = sp_256_mod_mul_norm_5(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_256_mont_sqr_5(p1->z, p1->z, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_5(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_5(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 5, rm);
-            carry = sp_256_add_5(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_5(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_5(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_5(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_256_mont_mul_5(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_5(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_5_ctx mulmod_ctx;
-        sp_256_mont_inv_order_5_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_5_ctx dbl_ctx;
-        sp_256_proj_point_add_5_ctx add_ctx;
-    };
-    sp_digit u1[2*5];
-    sp_digit u2[2*5];
-    sp_digit s[2*5];
-    sp_digit tmp[2*5 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 5, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 5, rm);
-        sp_256_from_mp(ctx->s, 5, sm);
-        sp_256_from_mp(ctx->p2.x, 5, pX);
-        sp_256_from_mp(ctx->p2.y, 5, pY);
-        sp_256_from_mp(ctx->p2.z, 5, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_5(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_5(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_5(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_5_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_5(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_5(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_5_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_5(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_5_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_5(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_5_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 5, rm);
-        err = sp_256_mod_mul_norm_5(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_5(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_5(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_5(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 5, rm);
-            carry = sp_256_add_5(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_5(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_5(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_5(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_5(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_5(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_5(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 5;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_5(t1, point->y);
-        (void)sp_256_mod_5(t1, t1, p256_mod);
-        sp_256_sqr_5(t2, point->x);
-        (void)sp_256_mod_5(t2, t2, p256_mod);
-        sp_256_mul_5(t2, t2, point->x);
-        (void)sp_256_mod_5(t2, t2, p256_mod);
-        sp_256_mont_sub_5(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_5(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_5(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_5(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_5(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 5, pX);
-        sp_256_from_mp(pub->y, 5, pY);
-        sp_256_from_bin(pub->z, 5, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_5(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 5);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 5, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 5, pX);
-        sp_256_from_mp(pub->y, 5, pY);
-        sp_256_from_bin(pub->z, 5, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 5, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_5(pub->x) != 0) &&
-            (sp_256_iszero_5(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_5(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_5(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_5(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_256_ecc_mulmod_5(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_5(p->x) == 0) ||
-                             (sp_256_iszero_5(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_256_ecc_mulmod_base_5(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_5(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_5(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 5 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 5 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 5, pX);
-        sp_256_from_mp(p->y, 5, pY);
-        sp_256_from_mp(p->z, 5, pZ);
-        sp_256_from_mp(q->x, 5, qX);
-        sp_256_from_mp(q->y, 5, qY);
-        sp_256_from_mp(q->z, 5, qZ);
-        p->infinity = sp_256_iszero_5(p->x) &
-                      sp_256_iszero_5(p->y);
-        q->infinity = sp_256_iszero_5(q->x) &
-                      sp_256_iszero_5(q->y);
-
-            sp_256_proj_point_add_5(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 5 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 5 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 5, pX);
-        sp_256_from_mp(p->y, 5, pY);
-        sp_256_from_mp(p->z, 5, pZ);
-        p->infinity = sp_256_iszero_5(p->x) &
-                      sp_256_iszero_5(p->y);
-
-            sp_256_proj_point_dbl_5(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 5 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 5 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 5, pX);
-        sp_256_from_mp(p->y, 5, pY);
-        sp_256_from_mp(p->z, 5, pZ);
-        p->infinity = sp_256_iszero_5(p->x) &
-                      sp_256_iszero_5(p->y);
-
-            sp_256_map_5(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_5(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 5);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 5, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 5;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_5(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_5(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_5(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_5(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_5(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_5(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_5(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_5(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_5(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_5(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_5(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 5);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 5, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 5;
-
-        sp_256_from_mp(x, 5, xm);
-        err = sp_256_mod_mul_norm_5(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_5(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_5(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_5(y, y, x, p256_mod);
-        sp_256_mont_sub_5(y, y, x, p256_mod);
-        sp_256_mont_sub_5(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_5(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_5(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_5(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 5, 0, 5U * sizeof(sp_digit));
-        sp_256_mont_reduce_5(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_5(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 7];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 7];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 7];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[7] = {
-    0x000000ffffffffL,0x7ffe0000000000L,0x7ffffffffbffffL,0x7fffffffffffffL,
-    0x7fffffffffffffL,0x7fffffffffffffL,0x3fffffffffffffL
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[7] = {
-    0x7fffff00000001L,0x0001ffffffffffL,0x00000000040000L,0x00000000000000L,
-    0x00000000000000L,0x00000000000000L,0x00000000000000L
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x0000100000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[7] = {
-    0x6c196accc52973L,0x1b6491614ef5d9L,0x07d0dcb77d6068L,0x7ffffffe3b1a6cL,
-    0x7fffffffffffffL,0x7fffffffffffffL,0x3fffffffffffffL
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[7] = {
-    0x6c196accc52971L,0x1b6491614ef5d9L,0x07d0dcb77d6068L,0x7ffffffe3b1a6cL,
-    0x7fffffffffffffL,0x7fffffffffffffL,0x3fffffffffffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[7] = {
-    0x13e695333ad68dL,0x649b6e9eb10a26L,0x782f2348829f97L,0x00000001c4e593L,
-    0x00000000000000L,0x00000000000000L,0x00000000000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0x546089e88fdc45L;
-#endif
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x545e3872760ab7L,0x64bb7eaa52d874L,0x020950a8e1540bL,0x5d3cdcc2cfba0fL,
-        0x0ad746e1d3b628L,0x26f1d638e3de64L,0x2aa1f288afa2c1L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x431d7c90ea0e5fL,0x639c3afd033af4L,0x4ed7c2e3002982L,0x44d0a3e74ed188L,
-        0x2dc29f8f41dbd2L,0x0debb3d317f252L,0x0d85f792a5898bL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000000000001L,0x00000000000000L,0x00000000000000L,0x00000000000000L,
-        0x00000000000000L,0x00000000000000L,0x00000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[7] = {
-    0x05c8edd3ec2aefL,0x731b145da33a55L,0x3d404e1d6b1958L,0x740a089018a044L,
-    0x02d19181d9c6efL,0x7c9311c0ad7c7fL,0x2ccc4be9f88fb9L
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_384_mul_7(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[6]) * b[6];
-    r[13] = (sp_digit)(c >> 55);
-    c &= 0x7fffffffffffffL;
-    for (k = 11; k >= 0; k--) {
-        if (k >= 7) {
-            i = k - 6;
-            imax = 6;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 55;
-        r[k + 2] += (sp_digit)(c >> 55);
-        r[k + 1]  = (sp_digit)(c & 0x7fffffffffffffL);
-        c = lo & 0x7fffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_384_mul_7(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int128 t0   = ((sp_int128)a[ 0]) * b[ 0];
-    sp_int128 t1   = ((sp_int128)a[ 0]) * b[ 1]
-                 + ((sp_int128)a[ 1]) * b[ 0];
-    sp_int128 t2   = ((sp_int128)a[ 0]) * b[ 2]
-                 + ((sp_int128)a[ 1]) * b[ 1]
-                 + ((sp_int128)a[ 2]) * b[ 0];
-    sp_int128 t3   = ((sp_int128)a[ 0]) * b[ 3]
-                 + ((sp_int128)a[ 1]) * b[ 2]
-                 + ((sp_int128)a[ 2]) * b[ 1]
-                 + ((sp_int128)a[ 3]) * b[ 0];
-    sp_int128 t4   = ((sp_int128)a[ 0]) * b[ 4]
-                 + ((sp_int128)a[ 1]) * b[ 3]
-                 + ((sp_int128)a[ 2]) * b[ 2]
-                 + ((sp_int128)a[ 3]) * b[ 1]
-                 + ((sp_int128)a[ 4]) * b[ 0];
-    sp_int128 t5   = ((sp_int128)a[ 0]) * b[ 5]
-                 + ((sp_int128)a[ 1]) * b[ 4]
-                 + ((sp_int128)a[ 2]) * b[ 3]
-                 + ((sp_int128)a[ 3]) * b[ 2]
-                 + ((sp_int128)a[ 4]) * b[ 1]
-                 + ((sp_int128)a[ 5]) * b[ 0];
-    sp_int128 t6   = ((sp_int128)a[ 0]) * b[ 6]
-                 + ((sp_int128)a[ 1]) * b[ 5]
-                 + ((sp_int128)a[ 2]) * b[ 4]
-                 + ((sp_int128)a[ 3]) * b[ 3]
-                 + ((sp_int128)a[ 4]) * b[ 2]
-                 + ((sp_int128)a[ 5]) * b[ 1]
-                 + ((sp_int128)a[ 6]) * b[ 0];
-    sp_int128 t7   = ((sp_int128)a[ 1]) * b[ 6]
-                 + ((sp_int128)a[ 2]) * b[ 5]
-                 + ((sp_int128)a[ 3]) * b[ 4]
-                 + ((sp_int128)a[ 4]) * b[ 3]
-                 + ((sp_int128)a[ 5]) * b[ 2]
-                 + ((sp_int128)a[ 6]) * b[ 1];
-    sp_int128 t8   = ((sp_int128)a[ 2]) * b[ 6]
-                 + ((sp_int128)a[ 3]) * b[ 5]
-                 + ((sp_int128)a[ 4]) * b[ 4]
-                 + ((sp_int128)a[ 5]) * b[ 3]
-                 + ((sp_int128)a[ 6]) * b[ 2];
-    sp_int128 t9   = ((sp_int128)a[ 3]) * b[ 6]
-                 + ((sp_int128)a[ 4]) * b[ 5]
-                 + ((sp_int128)a[ 5]) * b[ 4]
-                 + ((sp_int128)a[ 6]) * b[ 3];
-    sp_int128 t10  = ((sp_int128)a[ 4]) * b[ 6]
-                 + ((sp_int128)a[ 5]) * b[ 5]
-                 + ((sp_int128)a[ 6]) * b[ 4];
-    sp_int128 t11  = ((sp_int128)a[ 5]) * b[ 6]
-                 + ((sp_int128)a[ 6]) * b[ 5];
-    sp_int128 t12  = ((sp_int128)a[ 6]) * b[ 6];
-
-    t1   += t0  >> 55; r[ 0] = (sp_digit)(t0  & 0x7fffffffffffffL);
-    t2   += t1  >> 55; r[ 1] = (sp_digit)(t1  & 0x7fffffffffffffL);
-    t3   += t2  >> 55; r[ 2] = (sp_digit)(t2  & 0x7fffffffffffffL);
-    t4   += t3  >> 55; r[ 3] = (sp_digit)(t3  & 0x7fffffffffffffL);
-    t5   += t4  >> 55; r[ 4] = (sp_digit)(t4  & 0x7fffffffffffffL);
-    t6   += t5  >> 55; r[ 5] = (sp_digit)(t5  & 0x7fffffffffffffL);
-    t7   += t6  >> 55; r[ 6] = (sp_digit)(t6  & 0x7fffffffffffffL);
-    t8   += t7  >> 55; r[ 7] = (sp_digit)(t7  & 0x7fffffffffffffL);
-    t9   += t8  >> 55; r[ 8] = (sp_digit)(t8  & 0x7fffffffffffffL);
-    t10  += t9  >> 55; r[ 9] = (sp_digit)(t9  & 0x7fffffffffffffL);
-    t11  += t10 >> 55; r[10] = (sp_digit)(t10 & 0x7fffffffffffffL);
-    t12  += t11 >> 55; r[11] = (sp_digit)(t11 & 0x7fffffffffffffL);
-    r[13] = (sp_digit)(t12 >> 55);
-                       r[12] = (sp_digit)(t12 & 0x7fffffffffffffL);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_sqr_7(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[6]) * a[6];
-    r[13] = (sp_digit)(c >> 55);
-    c = (c & 0x7fffffffffffffL) << 55;
-    for (k = 11; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 6) {
-            imax = k;
-        }
-        else {
-            imax = 6;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 110);
-        r[k + 1]  = (sp_digit)((c >> 55) & 0x7fffffffffffffL);
-        c = (c & 0x7fffffffffffffL) << 55;
-    }
-    r[0] = (sp_digit)(c >> 55);
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_sqr_7(sp_digit* r, const sp_digit* a)
-{
-    sp_int128 t0   =  ((sp_int128)a[ 0]) * a[ 0];
-    sp_int128 t1   = (((sp_int128)a[ 0]) * a[ 1]) * 2;
-    sp_int128 t2   = (((sp_int128)a[ 0]) * a[ 2]) * 2
-                 +  ((sp_int128)a[ 1]) * a[ 1];
-    sp_int128 t3   = (((sp_int128)a[ 0]) * a[ 3]
-                 +  ((sp_int128)a[ 1]) * a[ 2]) * 2;
-    sp_int128 t4   = (((sp_int128)a[ 0]) * a[ 4]
-                 +  ((sp_int128)a[ 1]) * a[ 3]) * 2
-                 +  ((sp_int128)a[ 2]) * a[ 2];
-    sp_int128 t5   = (((sp_int128)a[ 0]) * a[ 5]
-                 +  ((sp_int128)a[ 1]) * a[ 4]
-                 +  ((sp_int128)a[ 2]) * a[ 3]) * 2;
-    sp_int128 t6   = (((sp_int128)a[ 0]) * a[ 6]
-                 +  ((sp_int128)a[ 1]) * a[ 5]
-                 +  ((sp_int128)a[ 2]) * a[ 4]) * 2
-                 +  ((sp_int128)a[ 3]) * a[ 3];
-    sp_int128 t7   = (((sp_int128)a[ 1]) * a[ 6]
-                 +  ((sp_int128)a[ 2]) * a[ 5]
-                 +  ((sp_int128)a[ 3]) * a[ 4]) * 2;
-    sp_int128 t8   = (((sp_int128)a[ 2]) * a[ 6]
-                 +  ((sp_int128)a[ 3]) * a[ 5]) * 2
-                 +  ((sp_int128)a[ 4]) * a[ 4];
-    sp_int128 t9   = (((sp_int128)a[ 3]) * a[ 6]
-                 +  ((sp_int128)a[ 4]) * a[ 5]) * 2;
-    sp_int128 t10  = (((sp_int128)a[ 4]) * a[ 6]) * 2
-                 +  ((sp_int128)a[ 5]) * a[ 5];
-    sp_int128 t11  = (((sp_int128)a[ 5]) * a[ 6]) * 2;
-    sp_int128 t12  =  ((sp_int128)a[ 6]) * a[ 6];
-
-    t1   += t0  >> 55; r[ 0] = (sp_digit)(t0  & 0x7fffffffffffffL);
-    t2   += t1  >> 55; r[ 1] = (sp_digit)(t1  & 0x7fffffffffffffL);
-    t3   += t2  >> 55; r[ 2] = (sp_digit)(t2  & 0x7fffffffffffffL);
-    t4   += t3  >> 55; r[ 3] = (sp_digit)(t3  & 0x7fffffffffffffL);
-    t5   += t4  >> 55; r[ 4] = (sp_digit)(t4  & 0x7fffffffffffffL);
-    t6   += t5  >> 55; r[ 5] = (sp_digit)(t5  & 0x7fffffffffffffL);
-    t7   += t6  >> 55; r[ 6] = (sp_digit)(t6  & 0x7fffffffffffffL);
-    t8   += t7  >> 55; r[ 7] = (sp_digit)(t7  & 0x7fffffffffffffL);
-    t9   += t8  >> 55; r[ 8] = (sp_digit)(t8  & 0x7fffffffffffffL);
-    t10  += t9  >> 55; r[ 9] = (sp_digit)(t9  & 0x7fffffffffffffL);
-    t11  += t10 >> 55; r[10] = (sp_digit)(t10 & 0x7fffffffffffffL);
-    t12  += t11 >> 55; r[11] = (sp_digit)(t11 & 0x7fffffffffffffL);
-    r[13] = (sp_digit)(t12 >> 55);
-                       r[12] = (sp_digit)(t12 & 0x7fffffffffffffL);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_add_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 7; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_add_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_sub_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 7; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_384_sub_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] - b[ 0];
-    r[ 1] = a[ 1] - b[ 1];
-    r[ 2] = a[ 2] - b[ 2];
-    r[ 3] = a[ 3] - b[ 3];
-    r[ 4] = a[ 4] - b[ 4];
-    r[ 5] = a[ 5] - b[ 5];
-    r[ 6] = a[ 6] - b[ 6];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 55
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 54);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 54);
-    }
-#elif DIGIT_BIT > 55
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x7fffffffffffffL;
-        s = 55U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 55U) <= (word32)DIGIT_BIT) {
-            s += 55U;
-            r[j] &= 0x7fffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 55) {
-            r[j] &= 0x7fffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 55 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_7(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 7, pm->x);
-    sp_384_from_mp(p->y, 7, pm->y);
-    sp_384_from_mp(p->z, 7, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 55
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 7);
-        r->used = 7;
-        mp_clamp(r);
-#elif DIGIT_BIT < 55
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 7; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 55) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 55 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 7; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 55 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 55 - s;
-            }
-            else {
-                s += 55;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_7(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_384_cmp_7(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=6; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 54);
-    }
-#else
-    r |= (a[ 6] - b[ 6]) & (0 - (sp_digit)1);
-    r |= (a[ 5] - b[ 5]) & ~(((sp_digit)0 - r) >> 54);
-    r |= (a[ 4] - b[ 4]) & ~(((sp_digit)0 - r) >> 54);
-    r |= (a[ 3] - b[ 3]) & ~(((sp_digit)0 - r) >> 54);
-    r |= (a[ 2] - b[ 2]) & ~(((sp_digit)0 - r) >> 54);
-    r |= (a[ 1] - b[ 1]) & ~(((sp_digit)0 - r) >> 54);
-    r |= (a[ 0] - b[ 0]) & ~(((sp_digit)0 - r) >> 54);
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_384_cond_sub_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 7; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    r[ 0] = a[ 0] - (b[ 0] & m);
-    r[ 1] = a[ 1] - (b[ 1] & m);
-    r[ 2] = a[ 2] - (b[ 2] & m);
-    r[ 3] = a[ 3] - (b[ 3] & m);
-    r[ 4] = a[ 4] - (b[ 4] & m);
-    r[ 5] = a[ 5] - (b[ 5] & m);
-    r[ 6] = a[ 6] - (b[ 6] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_384_mul_add_7(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 4; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x7fffffffffffffL);
-        t[1] += t[0] >> 55;
-        r[i+1] = (sp_digit)(t[1] & 0x7fffffffffffffL);
-        t[2] += t[1] >> 55;
-        r[i+2] = (sp_digit)(t[2] & 0x7fffffffffffffL);
-        t[3] += t[2] >> 55;
-        r[i+3] = (sp_digit)(t[3] & 0x7fffffffffffffL);
-        t[0]  = t[3] >> 55;
-    }
-    t[0] += (tb * a[4]) + r[4];
-    t[1]  = (tb * a[5]) + r[5];
-    t[2]  = (tb * a[6]) + r[6];
-    r[4] = (sp_digit)(t[0] & 0x7fffffffffffffL);
-    t[1] += t[0] >> 55;
-    r[5] = (sp_digit)(t[1] & 0x7fffffffffffffL);
-    t[2] += t[1] >> 55;
-    r[6] = (sp_digit)(t[2] & 0x7fffffffffffffL);
-    r[7] +=  (sp_digit)(t[2] >> 55);
-#else
-    sp_int128 tb = b;
-    sp_int128 t[7];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    r[ 0] += (sp_digit)                 (t[ 0] & 0x7fffffffffffffL);
-    r[ 1] += (sp_digit)((t[ 0] >> 55) + (t[ 1] & 0x7fffffffffffffL));
-    r[ 2] += (sp_digit)((t[ 1] >> 55) + (t[ 2] & 0x7fffffffffffffL));
-    r[ 3] += (sp_digit)((t[ 2] >> 55) + (t[ 3] & 0x7fffffffffffffL));
-    r[ 4] += (sp_digit)((t[ 3] >> 55) + (t[ 4] & 0x7fffffffffffffL));
-    r[ 5] += (sp_digit)((t[ 4] >> 55) + (t[ 5] & 0x7fffffffffffffL));
-    r[ 6] += (sp_digit)((t[ 5] >> 55) + (t[ 6] & 0x7fffffffffffffL));
-    r[ 7] += (sp_digit) (t[ 6] >> 55);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Normalize the values in each word to 55 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_384_norm_7(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 6; i++) {
-        a[i+1] += a[i] >> 55;
-        a[i] &= 0x7fffffffffffffL;
-    }
-#else
-    a[1] += a[0] >> 55; a[0] &= 0x7fffffffffffffL;
-    a[2] += a[1] >> 55; a[1] &= 0x7fffffffffffffL;
-    a[3] += a[2] >> 55; a[2] &= 0x7fffffffffffffL;
-    a[4] += a[3] >> 55; a[3] &= 0x7fffffffffffffL;
-    a[5] += a[4] >> 55; a[4] &= 0x7fffffffffffffL;
-    a[6] += a[5] >> 55; a[5] &= 0x7fffffffffffffL;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 384 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_384_mont_shift_7(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_uint64 n;
-
-    n = a[6] >> 54;
-    for (i = 0; i < 6; i++) {
-        n += (sp_uint64)a[7 + i] << 1;
-        r[i] = (sp_digit)(n & 0x7fffffffffffffL);
-        n >>= 55;
-    }
-    n += (sp_uint64)a[13] << 1;
-    r[6] = n;
-#else
-    sp_uint64 n;
-
-    n  = a[6] >> 54;
-    n += (sp_uint64)a[ 7] << 1U; r[ 0] = (sp_digit)(n & 0x7fffffffffffffUL); n >>= 55U;
-    n += (sp_uint64)a[ 8] << 1U; r[ 1] = (sp_digit)(n & 0x7fffffffffffffUL); n >>= 55U;
-    n += (sp_uint64)a[ 9] << 1U; r[ 2] = (sp_digit)(n & 0x7fffffffffffffUL); n >>= 55U;
-    n += (sp_uint64)a[10] << 1U; r[ 3] = (sp_digit)(n & 0x7fffffffffffffUL); n >>= 55U;
-    n += (sp_uint64)a[11] << 1U; r[ 4] = (sp_digit)(n & 0x7fffffffffffffUL); n >>= 55U;
-    n += (sp_uint64)a[12] << 1U; r[ 5] = (sp_digit)(n & 0x7fffffffffffffUL); n >>= 55U;
-    n += (sp_uint64)a[13] << 1U; r[ 6] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[7], 0, sizeof(*r) * 7U);
-}
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_384_mont_reduce_order_7(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_384_norm_7(a + 7);
-
-    for (i=0; i<6; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x7fffffffffffffL);
-        sp_384_mul_add_7(a+i, m, mu);
-        a[i+1] += a[i] >> 55;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x3fffffffffffffL);
-    sp_384_mul_add_7(a+i, m, mu);
-    a[i+1] += a[i] >> 55;
-    a[i] &= 0x7fffffffffffffL;
-    sp_384_mont_shift_7(a, a);
-    over = a[6] >> 54;
-    sp_384_cond_sub_7(a, a, m, ~((over - 1) >> 63));
-    sp_384_norm_7(a);
-}
-
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit am;
-
-    (void)m;
-    (void)mp;
-
-    for (i = 0; i < 6; i++) {
-        am = (sp_digit)((a[i] * 0x100000001) & 0x7fffffffffffffL);
-        a[i + 0] += (sp_digit)((am << 32) & 0x7fffffffffffffL);
-        a[i + 1] += (am >> 23) - (sp_digit)((am << 41) & 0x7fffffffffffffL);
-        a[i + 2] += -(am >> 14) - ((sp_digit)(am << 18) & 0x7fffffffffffffL);
-        a[i + 3] += -(am >> 37);
-        a[i + 6] += ((sp_digit)(am << 54) & 0x7fffffffffffffL);
-        a[i + 7] += am >> 1;
-
-        a[i + 1] += a[i] >> 55;
-    }
-    am = (sp_digit)((a[6] * 0x100000001) & 0x3fffffffffffff);
-    a[6 + 0] += (sp_digit)((am << 32) & 0x7fffffffffffffL);
-    a[6 + 1] += (am >> 23) - (sp_digit)((am << 41) & 0x7fffffffffffffL);
-    a[6 + 2] += -(am >> 14) - (sp_digit)((am << 18) & 0x7fffffffffffffL);
-    a[6 + 3] += -(am >> 37);
-    a[6 + 6] += (sp_digit)((am << 54) & 0x7fffffffffffffL);
-    a[6 + 7] += am >> 1;
-
-    a[0] = (a[6] >> 54) + (sp_digit)((a[7] << 1) & 0x7fffffffffffffL);
-    a[1] = (a[7] >> 54) + (sp_digit)((a[8] << 1) & 0x7fffffffffffffL);
-    a[2] = (a[8] >> 54) + (sp_digit)((a[9] << 1) & 0x7fffffffffffffL);
-    a[3] = (a[9] >> 54) + (sp_digit)((a[10] << 1) & 0x7fffffffffffffL);
-    a[4] = (a[10] >> 54) + (sp_digit)((a[11] << 1) & 0x7fffffffffffffL);
-    a[5] = (a[11] >> 54) + (sp_digit)((a[12] << 1) & 0x7fffffffffffffL);
-    a[6] = (a[12] >> 54) +  (a[13] << 1);
-
-    a[1] += a[0] >> 55; a[0] &= 0x7fffffffffffffL;
-    a[2] += a[1] >> 55; a[1] &= 0x7fffffffffffffL;
-    a[3] += a[2] >> 55; a[2] &= 0x7fffffffffffffL;
-    a[4] += a[3] >> 55; a[3] &= 0x7fffffffffffffL;
-    a[5] += a[4] >> 55; a[4] &= 0x7fffffffffffffL;
-    a[6] += a[5] >> 55; a[5] &= 0x7fffffffffffffL;
-
-    /* Get the bit over, if any. */
-    am = a[6] >> 54;
-    /* Create mask. */
-    am = 0 - am;
-
-    a[0] -= (sp_digit)(0x00000000ffffffffL & am);
-    a[1] -= (sp_digit)(0x007ffe0000000000L & am);
-    a[2] -= (sp_digit)(0x007ffffffffbffffL & am);
-    a[3] -= (sp_digit)(0x007fffffffffffffL & am);
-    a[4] -= (sp_digit)(0x007fffffffffffffL & am);
-    a[5] -= (sp_digit)(0x007fffffffffffffL & am);
-    a[6] -= (sp_digit)(0x003fffffffffffffL & am);
-
-    a[1] += a[0] >> 55; a[0] &= 0x7fffffffffffffL;
-    a[2] += a[1] >> 55; a[1] &= 0x7fffffffffffffL;
-    a[3] += a[2] >> 55; a[2] &= 0x7fffffffffffffL;
-    a[4] += a[3] >> 55; a[3] &= 0x7fffffffffffffL;
-    a[5] += a[4] >> 55; a[4] &= 0x7fffffffffffffL;
-    a[6] += a[5] >> 55; a[5] &= 0x7fffffffffffffL;
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_7(r, a, b);
-    sp_384_mont_reduce_7(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_7(r, a);
-    sp_384_mont_reduce_7(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_7(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_7(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_7(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word64 p384_mod_minus_2[6] = {
-    0x00000000fffffffdU,0xffffffff00000000U,0xfffffffffffffffeU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_7(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 7);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_7(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_384_mont_mul_7(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 7);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 7;
-    sp_digit* t3 = td + 4 * 7;
-    sp_digit* t4 = td + 6 * 7;
-    sp_digit* t5 = td + 8 * 7;
-
-    /* 0x2 */
-    sp_384_mont_sqr_7(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_7(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_7(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_7(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_7(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_7(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_7(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_7(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_7(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_7(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_7(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_7(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_7(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_7(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_7(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_7(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_7(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_7(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_7(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_7(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_7(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_7(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_7(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_7(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_7(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_7(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_7(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_7(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*7;
-    sp_int64 n;
-
-    sp_384_mont_inv_7(t1, p->z, t + 2*7);
-
-    sp_384_mont_sqr_7(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_7(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 7, 0, sizeof(sp_digit) * 7U);
-    sp_384_mont_reduce_7(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_7(r->x, p384_mod);
-    sp_384_cond_sub_7(r->x, r->x, p384_mod, (sp_digit)~(n >> 54));
-    sp_384_norm_7(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_7(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 7, 0, sizeof(sp_digit) * 7U);
-    sp_384_mont_reduce_7(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_7(r->y, p384_mod);
-    sp_384_cond_sub_7(r->y, r->y, p384_mod, (sp_digit)~(n >> 54));
-    sp_384_norm_7(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_add_7(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_384_add_7(r, a, b);
-    sp_384_norm_7(r);
-    over = r[6] >> 54;
-    sp_384_cond_sub_7(r, r, m, ~((over - 1) >> 63));
-    sp_384_norm_7(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_dbl_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_384_add_7(r, a, a);
-    sp_384_norm_7(r);
-    over = r[6] >> 54;
-    sp_384_cond_sub_7(r, r, m, ~((over - 1) >> 63));
-    sp_384_norm_7(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_tpl_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_384_add_7(r, a, a);
-    sp_384_norm_7(r);
-    over = r[6] >> 54;
-    sp_384_cond_sub_7(r, r, m, ~((over - 1) >> 63));
-    sp_384_norm_7(r);
-    (void)sp_384_add_7(r, r, a);
-    sp_384_norm_7(r);
-    over = r[6] >> 54;
-    sp_384_cond_sub_7(r, r, m, ~((over - 1) >> 63));
-    sp_384_norm_7(r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_384_cond_add_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 7; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_384_cond_add_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    r[ 0] = a[ 0] + (b[ 0] & m);
-    r[ 1] = a[ 1] + (b[ 1] & m);
-    r[ 2] = a[ 2] + (b[ 2] & m);
-    r[ 3] = a[ 3] + (b[ 3] & m);
-    r[ 4] = a[ 4] + (b[ 4] & m);
-    r[ 5] = a[ 5] + (b[ 5] & m);
-    r[ 6] = a[ 6] + (b[ 6] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_384_mont_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_384_sub_7(r, a, b);
-    sp_384_norm_7(r);
-    sp_384_cond_add_7(r, r, m, r[6] >> 54);
-    sp_384_norm_7(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_384_rshift1_7(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<6; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 54) & 0x7fffffffffffffL);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 54) & 0x7fffffffffffffL);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 54) & 0x7fffffffffffffL);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 54) & 0x7fffffffffffffL);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 54) & 0x7fffffffffffffL);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 54) & 0x7fffffffffffffL);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 54) & 0x7fffffffffffffL);
-#endif
-    r[6] = a[6] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_384_mont_div2_7(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_384_cond_add_7(r, a, m, 0 - (a[0] & 1));
-    sp_384_norm_7(r);
-    sp_384_rshift1_7(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_7(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*7;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_7(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_7(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_7(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_7(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_7(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_7(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_7(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_7(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_7(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_7(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_7(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_7(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_7(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_7(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_7(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_7(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_7(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_7(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_7_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_7_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_7_ctx* ctx = (sp_384_proj_point_dbl_7_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_7_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*7;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_7(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_7(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_7(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_7(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_7(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_7(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_7(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_7(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_7(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_7(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_7(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_7(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_7(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_7(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_7(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_7(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_7(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_7(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_7(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_7(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_7(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*7;
-    sp_digit* t2 = t + 4*7;
-    sp_digit* t3 = t + 6*7;
-    sp_digit* t4 = t + 8*7;
-    sp_digit* t5 = t + 10*7;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_7(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_7(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_7(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_7(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_7(t2, t1) &
-            sp_384_cmp_equal_7(t4, t3)) {
-        sp_384_proj_point_dbl_7(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_7(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_7(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_7(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_7(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_7(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(x, x, t5, p384_mod);
-        sp_384_mont_mul_7(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_7(t3, y, p384_mod);
-        sp_384_mont_sub_7(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_7(y, y, x, p384_mod);
-        sp_384_mont_mul_7(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 7; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 7; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 7; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_7_ctx {
-    int state;
-    sp_384_proj_point_dbl_7_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_7_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_7_ctx* ctx = (sp_384_proj_point_add_7_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_7_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*7;
-        ctx->t2 = t + 4*7;
-        ctx->t3 = t + 6*7;
-        ctx->t4 = t + 8*7;
-        ctx->t5 = t + 10*7;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_7(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_7(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_7(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_7(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_7(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_7(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_7(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_7(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_7(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_7(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_7(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_7(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_7(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_7(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_7(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_7(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_7(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_7(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_7(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_7(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_7(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_7(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_7(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_7(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_7(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_7(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 7; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 7; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 7; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 2 * 12);
-    int64_t* a32 = NULL;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        a32 = t + 12;
-
-        a32[0] = (sp_digit)(a[0]) & 0xffffffffL;
-        a32[1] = (sp_digit)(a[0] >> 32U);
-        a32[1] |= (sp_digit)(a[1] << 23U);
-        a32[1] &= 0xffffffffL;
-        a32[2] = (sp_digit)(a[1] >> 9U) & 0xffffffffL;
-        a32[3] = (sp_digit)(a[1] >> 41U);
-        a32[3] |= (sp_digit)(a[2] << 14U);
-        a32[3] &= 0xffffffffL;
-        a32[4] = (sp_digit)(a[2] >> 18U) & 0xffffffffL;
-        a32[5] = (sp_digit)(a[2] >> 50U);
-        a32[5] |= (sp_digit)(a[3] << 5U);
-        a32[5] &= 0xffffffffL;
-        a32[6] = (sp_digit)(a[3] >> 27U);
-        a32[6] |= (sp_digit)(a[4] << 28U);
-        a32[6] &= 0xffffffffL;
-        a32[7] = (sp_digit)(a[4] >> 4U) & 0xffffffffL;
-        a32[8] = (sp_digit)(a[4] >> 36U);
-        a32[8] |= (sp_digit)(a[5] << 19U);
-        a32[8] &= 0xffffffffL;
-        a32[9] = (sp_digit)(a[5] >> 13U) & 0xffffffffL;
-        a32[10] = (sp_digit)(a[5] >> 45U);
-        a32[10] |= (sp_digit)(a[6] << 10U);
-        a32[10] &= 0xffffffffL;
-        a32[11] = (sp_digit)(a[6] >> 22U) & 0xffffffffL;
-
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + a32[0] + a32[8] + a32[9] - a32[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - a32[0] + a32[1] - a32[8] + a32[10] + a32[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - a32[1] + a32[2] - a32[9] + a32[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + a32[0] - a32[2] + a32[3] + a32[8] + a32[9] - a32[10] - a32[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + a32[0] + a32[1] - a32[3] + a32[4] + a32[8] + 2 * a32[9] + a32[10] -  2 * a32[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + a32[1] + a32[2] - a32[4] + a32[5] + a32[9] + 2 * a32[10] + a32[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + a32[2] + a32[3] - a32[5] + a32[6] + a32[10] + 2 * a32[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + a32[3] + a32[4] - a32[6] + a32[7] + a32[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + a32[4] + a32[5] - a32[7] + a32[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + a32[5] + a32[6] - a32[8] + a32[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + a32[6] + a32[7] - a32[9] + a32[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + a32[7] + a32[8] - a32[10] + a32[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = t[0];
-        r[0] |= t[1] << 32U;
-        r[0] &= 0x7fffffffffffffLL;
-        r[1] = (t[1] >> 23);
-        r[1] |= t[2] << 9U;
-        r[1] |= t[3] << 41U;
-        r[1] &= 0x7fffffffffffffLL;
-        r[2] = (t[3] >> 14);
-        r[2] |= t[4] << 18U;
-        r[2] |= t[5] << 50U;
-        r[2] &= 0x7fffffffffffffLL;
-        r[3] = (t[5] >> 5);
-        r[3] |= t[6] << 27U;
-        r[3] &= 0x7fffffffffffffLL;
-        r[4] = (t[6] >> 28);
-        r[4] |= t[7] << 4U;
-        r[4] |= t[8] << 36U;
-        r[4] &= 0x7fffffffffffffLL;
-        r[5] = (t[8] >> 19);
-        r[5] |= t[9] << 13U;
-        r[5] |= t[10] << 45U;
-        r[5] &= 0x7fffffffffffffLL;
-        r[6] = (t[10] >> 10);
-        r[6] |= t[11] << 22U;
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 384 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 7 * 6);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 7 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_384) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_7(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_384_mod_mul_norm_7(t[1].y, g->y, p384_mod);
-    if (err == MP_OKAY)
-        err = sp_384_mod_mul_norm_7(t[1].z, g->z, p384_mod);
-
-    if (err == MP_OKAY) {
-        i = 6;
-        c = 54;
-        n = k[i--] << (55 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 55;
-            }
-
-            y = (n >> 54) & 1;
-            n <<= 1;
-
-            sp_384_proj_point_add_7(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_384));
-            sp_384_proj_point_dbl_7(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_384));
-        }
-
-        if (map != 0) {
-            sp_384_map_7(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 7 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_ecc_mulmod_7_ctx {
-    int state;
-    union {
-        sp_384_proj_point_dbl_7_ctx dbl_ctx;
-        sp_384_proj_point_add_7_ctx add_ctx;
-    };
-    sp_point_384 t[3];
-    sp_digit tmp[2 * 7 * 6];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_384_ecc_mulmod_7_ctx;
-
-static int sp_384_ecc_mulmod_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_ecc_mulmod_7_ctx* ctx = (sp_384_ecc_mulmod_7_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_ecc_mulmod_7_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_384) * 3);
-        ctx->i = 6;
-        ctx->c = 54;
-        ctx->n = k[ctx->i--] << (55 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_7(ctx->t[1].x, g->x, p384_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_384_mod_mul_norm_7(ctx->t[1].y, g->y, p384_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_384_mod_mul_norm_7(ctx->t[1].z, g->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 55;
-        }
-        ctx->y = (ctx->n >> 54) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_384_proj_point_add_7_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_384));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_384_proj_point_dbl_7_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_384));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_384_map_7(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_384));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[7];
-    sp_digit y[7];
-} sp_table_entry_384;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_384_cond_copy_7(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[7];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 7; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 7; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*7;
-    sp_digit* b = t + 4*7;
-    sp_digit* t1 = t + 6*7;
-    sp_digit* t2 = t + 8*7;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_7(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_7(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_7(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_7(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_7(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_7(t2, b, p384_mod);
-        sp_384_mont_sub_7(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_7(t2, b, x, p384_mod);
-        sp_384_mont_dbl_7(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_7(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_7(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_7(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_7(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_7(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_7(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_7(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_7(t2, b, p384_mod);
-    sp_384_mont_sub_7(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_7(t2, b, x, p384_mod);
-    sp_384_mont_dbl_7(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_7(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_7(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_7(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_7(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_7(y, y, p384_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
-        const sp_point_384* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*7;
-    sp_digit* b = t + 4*7;
-    sp_digit* t1 = t + 6*7;
-    sp_digit* t2 = t + 8*7;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<7; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<7; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<7; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_7(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_7(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_7(w, w, p384_mod, p384_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_7(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_7(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_7(t2, b, p384_mod);
-        sp_384_mont_sub_7(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_7(t2, b, x, p384_mod);
-        sp_384_mont_dbl_7(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_7(r[j].z, z, y, p384_mod, p384_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_7(t1, t1, p384_mod, p384_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_7(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_7(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(y, y, t1, p384_mod);
-        /* Y = Y/2 */
-        sp_384_mont_div2_7(r[j].y, y, p384_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_384_proj_point_add_sub_7(sp_point_384* ra,
-        sp_point_384* rs, const sp_point_384* p, const sp_point_384* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*7;
-    sp_digit* t3 = t + 4*7;
-    sp_digit* t4 = t + 6*7;
-    sp_digit* t5 = t + 8*7;
-    sp_digit* t6 = t + 10*7;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_7(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t1, t1, xa, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_7(t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t4, t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_7(t3, t3, ya, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_7(t4, t4, q->y, p384_mod, p384_mp_mod);
-    /* H = U2 - U1 */
-    sp_384_mont_sub_7(t2, t2, t1, p384_mod);
-    /* RS = S2 + S1 */
-    sp_384_mont_add_7(t6, t4, t3, p384_mod);
-    /* R = S2 - S1 */
-    sp_384_mont_sub_7(t4, t4, t3, p384_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_384_mont_mul_7(za, za, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(za, za, t2, p384_mod, p384_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_384_mont_sqr_7(xa, t4, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_7(xs, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_7(t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(ya, t1, t5, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t5, t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_7(xa, xa, t5, p384_mod);
-    sp_384_mont_sub_7(xs, xs, t5, p384_mod);
-    sp_384_mont_dbl_7(t1, ya, p384_mod);
-    sp_384_mont_sub_7(xa, xa, t1, p384_mod);
-    sp_384_mont_sub_7(xs, xs, t1, p384_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_7(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_7(ya, ya, xa, p384_mod);
-    sp_384_mont_mul_7(ya, ya, t4, p384_mod, p384_mp_mod);
-    sp_384_sub_7(t6, p384_mod, t6);
-    sp_384_mont_mul_7(ys, ys, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t5, t5, t3, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_7(ya, ya, t5, p384_mod);
-    sp_384_mont_sub_7(ys, ys, t5, p384_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_384 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_384;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_7_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_7_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<65; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 55) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 55) {
-            n >>= 6;
-            if (++j < 7)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 7) {
-            n = k[j];
-            y |= (word8)((n << (55 - o)) & 0x3f);
-            o -= 49;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_7_6[y];
-        v[i].neg = recode_neg_7_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_point_33_7(sp_point_384* r, const sp_point_384* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 7 * 6);
-    sp_point_384* rt = NULL;
-    sp_point_384* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_384 v[65];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 7 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_7(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_7(t[1].y, g->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_7(t[1].z, g->z, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_384_proj_point_dbl_n_store_7(t, &t[ 1], 5, 1, tmp);
-        sp_384_proj_point_add_7(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[ 6], &t[ 3], tmp);
-        sp_384_proj_point_add_sub_7(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[10], &t[ 5], tmp);
-        sp_384_proj_point_add_sub_7(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[12], &t[ 6], tmp);
-        sp_384_proj_point_dbl_7(&t[14], &t[ 7], tmp);
-        sp_384_proj_point_add_sub_7(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[18], &t[ 9], tmp);
-        sp_384_proj_point_add_sub_7(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[20], &t[10], tmp);
-        sp_384_proj_point_dbl_7(&t[22], &t[11], tmp);
-        sp_384_proj_point_add_sub_7(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[24], &t[12], tmp);
-        sp_384_proj_point_dbl_7(&t[26], &t[13], tmp);
-        sp_384_proj_point_add_sub_7(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_384_proj_point_dbl_7(&t[28], &t[14], tmp);
-        sp_384_proj_point_dbl_7(&t[30], &t[15], tmp);
-        sp_384_proj_point_add_sub_7(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_384_ecc_recode_6_7(k, v);
-
-        i = 64;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_33_7(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_384));
-        }
-        for (--i; i>=0; i--) {
-            sp_384_proj_point_dbl_n_7(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_33_7(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_384));
-            }
-            sp_384_sub_7(negy, p384_mod, p->y);
-            sp_384_norm_7(negy);
-            sp_384_cond_copy_7(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_384_proj_point_add_7(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_384_map_7(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*7;
-    sp_digit* t6 = t + 4*7;
-    sp_digit* t1 = t + 6*7;
-    sp_digit* t4 = t + 8*7;
-    sp_digit* t5 = t + 10*7;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_7(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_7(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_7(p->x, t2) &
-            sp_384_cmp_equal_7(p->y, t4)) {
-        sp_384_proj_point_dbl_7(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_7(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_7(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_7(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_7(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_7(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_7(t5, t3, p384_mod);
-        sp_384_mont_sub_7(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_7(t3, t3, x, p384_mod);
-        sp_384_mont_mul_7(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 7; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 7; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 7; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_7(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 7;
-    sp_digit* tmp = t + 4 * 7;
-
-    sp_384_mont_inv_7(t1, a->z, tmp);
-
-    sp_384_mont_sqr_7(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_7(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_7(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 48 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_7(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_7(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_7(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_7(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_7(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_384_proj_point_dbl_n_7(t, 48, tmp);
-            sp_384_proj_to_affine_7(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_7(t, s1, s2, tmp);
-                sp_384_proj_to_affine_7(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_256_7(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_7(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 7 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 7 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 47;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 55] >> (x % 55)) & 1) << j);
-            x += 48;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_256_7(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=46; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 55] >> (x % 55)) & 1) << j);
-                x += 48;
-            }
-
-            sp_384_proj_point_dbl_7(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_256_7(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_7(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_7(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[7];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[7];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_7(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_7(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_win_add_sub_7(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 7 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 7 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_7(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_win_add_sub_7(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_7(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 7);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 7, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 7, km);
-        sp_384_point_from_ecc_point_7(point, gm);
-
-            err = sp_384_ecc_mulmod_7(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_7(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 7 + 7 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 7 + 7 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 7;
-
-        sp_384_from_mp(k, 7, km);
-        sp_384_point_from_ecc_point_7(point, gm);
-        sp_384_point_from_ecc_point_7(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_7(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_7(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_7(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_7(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_7(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_7(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_7(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_7(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_384_ecc_mulmod_7(r, &p384_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_384_ecc_mulmod_base_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_384_ecc_mulmod_7_nb(sp_ctx, r, &p384_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 48 between points.
- */
-static const sp_table_entry_384 p384_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x50756649c0b528L,0x71c541ad9c707bL,0x71506d35b8838dL,
-        0x4d1877fc3ce1d7L,0x6de2b645486845L,0x227025fee46c29L,
-        0x134eab708a6785L },
-      { 0x043dad4b03a4feL,0x517ef769535846L,0x58ba0ec14286feL,
-        0x47a7fecc5d6f3aL,0x1a840c6c352196L,0x3d3bb00044c72dL,
-        0x0ade2af0968571L } },
-    /* 2 */
-    { { 0x0647532b0c535bL,0x52a6e0a0c52c53L,0x5085aae6b24375L,
-        0x7096bb501c66b5L,0x47bdb3df9b7b7bL,0x11227e9b2f0be6L,
-        0x088b172704fa51L },
-      { 0x0e796f2680dc64L,0x796eb06a482ebfL,0x2b441d02e04839L,
-        0x19bef7312a5aecL,0x02247c38b8efb5L,0x099ed1185c329eL,
-        0x1ed71d7cdb096fL } },
-    /* 3 */
-    { { 0x6a3cc39edffea5L,0x7a386fafd3f9c4L,0x366f78fbd8d6efL,
-        0x529c7ad7873b80L,0x79eb30380eb471L,0x07c5d3b51760b7L,
-        0x36ee4f1cc69183L },
-      { 0x5ba260f526b605L,0x2f1dfaf0aa6e6fL,0x6bb5ca812a5752L,
-        0x3002d8d1276bc9L,0x01f82269483777L,0x1df33eaaf733cdL,
-        0x2b97e555f59255L } },
-    /* 4 */
-    { { 0x480c57f26feef9L,0x4d28741c248048L,0x0c9cf8af1f0c68L,
-        0x778f6a639a8016L,0x148e88c42e9c53L,0x464051757ecfe9L,
-        0x1a940bd0e2a5e1L },
-      { 0x713a46b74536feL,0x1757b153e1d7ebL,0x30dc8c9da07486L,
-        0x3b7460c1879b5eL,0x4b766c5317b315L,0x1b9de3aaf4d377L,
-        0x245f124c2cf8f5L } },
-    /* 5 */
-    { { 0x426e2ee349ddd0L,0x7df3365f84a022L,0x03b005d29a7c45L,
-        0x422c2337f9b5a4L,0x060494f4bde761L,0x5245e5db6da0b0L,
-        0x22b71d744677f2L },
-      { 0x19d097b7d5a7ceL,0x6bcb468823d34cL,0x1c3692d3be1d09L,
-        0x3c80ec7aa01f02L,0x7170f2ebaafd97L,0x06cbcc7d79d4e8L,
-        0x04a8da511fe760L } },
-    /* 6 */
-    { { 0x79c07a4fc52870L,0x6e9034a752c251L,0x603860a367382cL,
-        0x56d912d6aa87d0L,0x0a348a24abaf76L,0x6c5a23da14adcbL,
-        0x3cf60479a522b2L },
-      { 0x18dd774c61ed22L,0x0ff30168f93b0cL,0x3f79ae15642eddL,
-        0x40510f4915fbcbL,0x2c9ddfdfd1c6d6L,0x67b81b62aee55eL,
-        0x2824de79b07a43L } },
-    /* 7 */
-    { { 0x6c66efe085c629L,0x48c212b7913470L,0x4480fd2d057f0aL,
-        0x725ec7a89a9eb1L,0x78ce97ca1972b7L,0x54760ee70154fbL,
-        0x362a40e27b9f93L },
-      { 0x474dc7e7b14461L,0x602819389ef037L,0x1a13bc284370b2L,
-        0x0193ff1295a59dL,0x79615bde6ea5d2L,0x2e76e3d886acc1L,
-        0x3bb796812e2b60L } },
-    /* 8 */
-    { { 0x04cbb3893b9a2dL,0x4c16010a18baabL,0x19f7cb50f60831L,
-        0x084f400a0936c1L,0x72f1cdd5bbbf00L,0x1b30b725dc6702L,
-        0x182753e4fcc50cL },
-      { 0x059a07eadaf9d6L,0x26d81e24bf603cL,0x45583c839dc399L,
-        0x5579d4d6b1103aL,0x2e14ea59489ae7L,0x492f6e1c5ecc97L,
-        0x03740dc05db420L } },
-    /* 9 */
-    { { 0x413be88510521fL,0x3753ee49982e99L,0x6cd4f7098e1cc5L,
-        0x613c92bda4ec1dL,0x495378b677efe0L,0x132a2143839927L,
-        0x0cf8c336291c0bL },
-      { 0x7fc89d2208353fL,0x751b9da85657e1L,0x349b8a97d405c3L,
-        0x65a964b048428fL,0x1adf481276455eL,0x5560c8d89c2ffcL,
-        0x144fc11fac21a3L } },
-    /* 10 */
-    { { 0x7611f4df5bdf53L,0x634eb16234db80L,0x3c713b8e51174cL,
-        0x52c3c68ac4b2edL,0x53025ba8bebe75L,0x7175d98143105bL,
-        0x33ca8e266a48faL },
-      { 0x0c9281d24fd048L,0x76b3177604bbf3L,0x3b26ae754e106fL,
-        0x7f782275c6efc6L,0x36662538a4cb67L,0x0ca1255843e464L,
-        0x2a4674e142d9bcL } },
-    /* 11 */
-    { { 0x303b4085d480d8L,0x68f23650f4fa7bL,0x552a3ceeba3367L,
-        0x6da0c4947926e3L,0x6e0f5482eb8003L,0x0de717f3d6738aL,
-        0x22e5dcc826a477L },
-      { 0x1b05b27209cfc2L,0x7f0a0b65b6e146L,0x63586549ed3126L,
-        0x7d628dd2b23124L,0x383423fe510391L,0x57ff609eabd569L,
-        0x301f04370131baL } },
-    /* 12 */
-    { { 0x22fe4cdb32f048L,0x7f228ebdadbf5aL,0x02a99adb2d7c8eL,
-        0x01a02e05286706L,0x62d6adf627a89fL,0x49c6ce906fbf2bL,
-        0x0207256dae90b9L },
-      { 0x23e036e71d6cebL,0x199ed8d604e3d7L,0x0c1a11c076d16fL,
-        0x389291fb3da3f3L,0x47adc60f8f942eL,0x177048468e4b9aL,
-        0x20c09f5e61d927L } },
-    /* 13 */
-    { { 0x129ea63615b0b8L,0x03fb4a9b588367L,0x5ad6da8da2d051L,
-        0x33f782f44caeaaL,0x5a27fa80d45291L,0x6d1ed796942da4L,
-        0x08435a931ef556L },
-      { 0x004abb25351130L,0x6d33207c6fd7e7L,0x702130972074b7L,
-        0x0e34748af900f7L,0x762a531a28c87aL,0x3a903b5a4a6ac7L,
-        0x1775b79c35b105L } },
-    /* 14 */
-    { { 0x7470fd846612ceL,0x7dd9b431b32e53L,0x04bcd2be1a61bcL,
-        0x36ed7c5b5c260bL,0x6795f5ef0a4084L,0x46e2880b401c93L,
-        0x17d246c5aa8bdeL },
-      { 0x707ae4db41b38dL,0x233c31f7f9558fL,0x585110ec67bdf4L,
-        0x4d0cc931d0c703L,0x26fbe4356841a7L,0x64323e95239c44L,
-        0x371dc9230f3221L } },
-    /* 15 */
-    { { 0x70ff1ae4b1ec9dL,0x7c1dcfddee0daaL,0x53286782188748L,
-        0x6a5d9381e6f207L,0x3aa6c7d6523c4cL,0x6c02d83e0d97e2L,
-        0x16a9c916b45312L },
-      { 0x78146744b74de8L,0x742ec415269c6fL,0x237a2c6a860e79L,
-        0x186baf17ba68a7L,0x4261e8789fa51fL,0x3dc136480a5903L,
-        0x1953899e0cf159L } },
-    /* 16 */
-    { { 0x0205de2f9fbe67L,0x1706fee51c886fL,0x31a0b803c712bfL,
-        0x0a6aa11ede7603L,0x2463ef2a145c31L,0x615403b30e8f4aL,
-        0x3f024d6c5f5c5eL },
-      { 0x53bc4fd4d01f95L,0x7d512ac15a692cL,0x72be38fcfe6aa0L,
-        0x437f0b77bbca1eL,0x7fdcf70774a10eL,0x392d6c5cde37f3L,
-        0x229cbce79621d1L } },
-    /* 17 */
-    { { 0x2de4da2341c342L,0x5ca9d4e08844e7L,0x60dd073bcf74c9L,
-        0x4f30aa499b63ecL,0x23efd1eafa00d5L,0x7c99a7db1257b3L,
-        0x00febc9b3171b1L },
-      { 0x7e2fcf3045f8acL,0x2a642e9e3ce610L,0x23f82be69c5299L,
-        0x66e49ad967c279L,0x1c895ddfd7a842L,0x798981e22f6d25L,
-        0x0d595cb59322f3L } },
-    /* 18 */
-    { { 0x4bac017d8c1bbaL,0x73872161e7aafdL,0x0fd865f43d8163L,
-        0x019d89457708b7L,0x1b983c4dd70684L,0x095e109b74d841L,
-        0x25f1f0b3e0c76fL },
-      { 0x4e61ddf96010e8L,0x1c40a53f542e5eL,0x01a74dfc8365f9L,
-        0x69b36b92773333L,0x08e0fccc139ed3L,0x266d216ddc4269L,
-        0x1f2b47717ce9b5L } },
-    /* 19 */
-    { { 0x0a9a81da57a41fL,0x0825d800736cccL,0x2d7876b4579d28L,
-        0x3340ea6211a1e3L,0x49e89284f3ff54L,0x6276a210fe2c6eL,
-        0x01c3c8f31be7cbL },
-      { 0x2211da5d186e14L,0x1e6ffbb61bfea8L,0x536c7d060211d2L,
-        0x320168720d1d55L,0x5835525ed667baL,0x5125e52495205eL,
-        0x16113b9f3e9129L } },
-    /* 20 */
-    { { 0x3086073f3b236fL,0x283b03c443b5f5L,0x78e49ed0a067a7L,
-        0x2a878fb79fb2b8L,0x662f04348a9337L,0x57ee2cf732d50bL,
-        0x18b50dd65fd514L },
-      { 0x5feb9ef2955926L,0x2c3edbef06a7b0L,0x32728dad651029L,
-        0x116d00b1c4b347L,0x13254052bf1a1aL,0x3e77bf7fee5ec1L,
-        0x253943ca388882L } },
-    /* 21 */
-    { { 0x32e5b33062e8afL,0x46ebd147a6d321L,0x2c8076dec6a15cL,
-        0x7328d511ff0d80L,0x10ad7e926def0eL,0x4e8ca85937d736L,
-        0x02638c26e8bf2fL },
-      { 0x1deeb3fff1d63fL,0x5014417fa6e8efL,0x6e1da3de5c8f43L,
-        0x7ca942b42295d9L,0x23faacf75bb4d1L,0x4a71fcd680053dL,
-        0x04af4f90204dceL } },
-    /* 22 */
-    { { 0x23780d104cbba5L,0x4e8ff46bba9980L,0x2072a6da8d881fL,
-        0x3cc3d881ae11c9L,0x2eee84ff19be89L,0x69b708ed77f004L,
-        0x2a82928534eef9L },
-      { 0x794331187d4543L,0x70e0f3edc0cc41L,0x3ab1fa0b84c854L,
-        0x1478355c1d87baL,0x6f35fa7748ba28L,0x37b8be0531584dL,
-        0x03c3141c23a69fL } },
-    /* 23 */
-    { { 0x5c244cdef029ddL,0x0d0f0a0cc37018L,0x17f8476604f6afL,
-        0x13a6dd6ccc95c3L,0x5a242e9801b8f6L,0x211ca9cc632131L,
-        0x264a6a46a4694fL },
-      { 0x3ffd7235285887L,0x284be28302046fL,0x57f4b9b882f1d6L,
-        0x5e21772c940661L,0x7619a735c600cfL,0x2f76f5a50c9106L,
-        0x28d89c8c69de31L } },
-    /* 24 */
-    { { 0x799b5c91361ed8L,0x36ead8c66cd95cL,0x046c9969a91f5cL,
-        0x46bbdba2a66ea9L,0x29db0e0215a599L,0x26c8849b36f756L,
-        0x22c3feb31ff679L },
-      { 0x585d1237b5d9efL,0x5ac57f522e8e8dL,0x617e66e8b56c41L,
-        0x68826f276823cfL,0x0983f0e6f39231L,0x4e1075099084bdL,
-        0x2a541f82be0416L } },
-    /* 25 */
-    { { 0x468a6e14cf381cL,0x4f7b845c6399edL,0x36aa29732ebe74L,
-        0x19c726911ab46aL,0x2ad1fe431eec0eL,0x301e35051fd1eaL,
-        0x36da815e7a1ab3L },
-      { 0x05672e4507832aL,0x4ebf10fca51251L,0x6015843421cff0L,
-        0x3affad832fc013L,0x712b58d9b45540L,0x1e4751d1f6213eL,
-        0x0e7c2b218bafa7L } },
-    /* 26 */
-    { { 0x7abf784c52edf5L,0x6fcb4b135ca7b1L,0x435e46ac5f735cL,
-        0x67f8364ca48c5fL,0x46d45b5fbd956bL,0x10deda6065db94L,
-        0x0b37fdf85068f9L },
-      { 0x74b3ba61f47ec8L,0x42c7ddf08c10ccL,0x1531a1fe422a20L,
-        0x366f913d12be38L,0x6a846e30cb2edfL,0x2785898c994fedL,
-        0x061be85f331af3L } },
-    /* 27 */
-    { { 0x23f5361dfcb91eL,0x3c26c8da6b1491L,0x6e444a1e620d65L,
-        0x0c3babd5e8ac13L,0x573723ce612b82L,0x2d10e62a142c37L,
-        0x3d1a114c2d98bdL },
-      { 0x33950b401896f6L,0x7134efe7c12110L,0x31239fd2978472L,
-        0x30333bf5978965L,0x79f93313dd769fL,0x457fb9e11662caL,
-        0x190a73b251ae3cL } },
-    /* 28 */
-    { { 0x04dd54bb75f9a4L,0x0d7253a76ae093L,0x08f5b930792bbcL,
-        0x041f79adafc265L,0x4a9ff24c61c11bL,0x0019c94e724725L,
-        0x21975945d9cc2aL },
-      { 0x3dfe76722b4a2bL,0x17f2f6107c1d94L,0x546e1ae2944b01L,
-        0x53f1f06401e72dL,0x2dbe43fc7632d6L,0x5639132e185903L,
-        0x0f2f34eb448385L } },
-    /* 29 */
-    { { 0x7b4cc7ec30ce93L,0x58fb6e4e4145f7L,0x5d1ed5540043b5L,
-        0x19ffbe1f633adfL,0x5bfc0907259033L,0x6378f872e7ca0eL,
-        0x2c127b2c01eb3cL },
-      { 0x076eaf4f58839cL,0x2db54560bc9f68L,0x42ad0319b84062L,
-        0x46c325d1fb019dL,0x76d2a19ee9eebcL,0x6fbd6d9e2aa8f7L,
-        0x2396a598fe0991L } },
-    /* 30 */
-    { { 0x662fddf7fbd5e1L,0x7ca8ed22563ad3L,0x5b4768efece3b3L,
-        0x643786a422d1eaL,0x36ce80494950e1L,0x1a30795b7f2778L,
-        0x107f395c93f332L },
-      { 0x7939c28332c144L,0x491610e3c8dc0bL,0x099ba2bfdac5fcL,
-        0x5c2e3149ec29a7L,0x31b731d06f1dc3L,0x1cbb60d465d462L,
-        0x3ca5461362cfd9L } },
-    /* 31 */
-    { { 0x653ff736ddc103L,0x7c6f2bdec0dfb2L,0x73f81b73a097d0L,
-        0x05b775f84f180fL,0x56b2085af23413L,0x0d6f36256a61feL,
-        0x26d3ed267fa68fL },
-      { 0x54f89251d27ac2L,0x4fc6ad94a71202L,0x7ebf01969b4cc5L,
-        0x7ba364dbc14760L,0x4f8370959a2587L,0x7b7631e37c6188L,
-        0x29e51845f104cbL } },
-    /* 32 */
-    { { 0x426b775e3c647bL,0x327319e0a69180L,0x0c5cb034f6ff2fL,
-        0x73aa39b98e9897L,0x7ee615f49fde6eL,0x3f712aa61e0db4L,
-        0x33ca06c2ba2ce9L },
-      { 0x14973541b8a543L,0x4b4e6101ba61faL,0x1d94e4233d0698L,
-        0x501513c715d570L,0x1b8f8c3d01436bL,0x52f41a0445cf64L,
-        0x3f709c3a75fb04L } },
-    /* 33 */
-    { { 0x073c0cbc7f41d6L,0x227c36f5ac8201L,0x508e110fef65d8L,
-        0x0f317229529b7fL,0x45fc6030d00e24L,0x118a65d30cebeaL,
-        0x3340cc4223a448L },
-      { 0x204c999797612cL,0x7c05dd4ce9c5a3L,0x7b865d0a8750e4L,
-        0x2f82c876ab7d34L,0x2243ddd2ab4808L,0x6834b9df8a4914L,
-        0x123319ed950e0fL } },
-    /* 34 */
-    { { 0x50430efc14ab48L,0x7e9e4ce0d4e89cL,0x2332207fd8656dL,
-        0x4a2809e97f4511L,0x2162bb1b968e2dL,0x29526d54af2972L,
-        0x13edd9adcd939dL },
-      { 0x793bca31e1ff7fL,0x6b959c9e4d2227L,0x628ac27809a5baL,
-        0x2c71ffc7fbaa5fL,0x0c0b058f13c9ceL,0x5676eae68de2cfL,
-        0x35508036ea19a4L } },
-    /* 35 */
-    { { 0x030bbd6dda1265L,0x67f9d12e31bb34L,0x7e4d8196e3ded3L,
-        0x7b9120e5352498L,0x75857bce72d875L,0x4ead976a396caeL,
-        0x31c5860553a64dL },
-      { 0x1a0f792ee32189L,0x564c4efb8165d0L,0x7adc7d1a7fbcbeL,
-        0x7ed7c2ccf327b7L,0x35df1b448ce33dL,0x6f67eb838997cdL,
-        0x3ee37ec0077917L } },
-    /* 36 */
-    { { 0x345fa74d5bb921L,0x097c9a56ccfd8eL,0x00a0b5e8f971f8L,
-        0x723d95223f69d4L,0x08e2e5c2777f87L,0x68b13676200109L,
-        0x26ab5df0acbad6L },
-      { 0x01bca7daac34aeL,0x49ca4d5f664dadL,0x110687b850914bL,
-        0x1203d6f06443c9L,0x7a2ac743b04d4cL,0x40d96bd3337f82L,
-        0x13728be0929c06L } },
-    /* 37 */
-    { { 0x631ca61127bc1aL,0x2b362fd5a77cd1L,0x17897d68568fb7L,
-        0x21070af33db5b2L,0x6872e76221794aL,0x436f29fb076963L,
-        0x1f2acfc0ecb7b3L },
-      { 0x19bf15ca9b3586L,0x32489a4a17aee2L,0x2b31af3c929551L,
-        0x0db7c420b9b19fL,0x538c39bd308c2bL,0x438775c0dea88fL,
-        0x1537304d7cd07fL } },
-    /* 38 */
-    { { 0x53598d943caf0dL,0x1d5244bfe266adL,0x7158feb7ab3811L,
-        0x1f46e13cf6fb53L,0x0dcab632eb9447L,0x46302968cfc632L,
-        0x0b53d3cc5b6ec7L },
-      { 0x69811ca143b7caL,0x5865bcf9f2a11aL,0x74ded7fa093b06L,
-        0x1c878ec911d5afL,0x04610e82616e49L,0x1e157fe9640eb0L,
-        0x046e6f8561d6c2L } },
-    /* 39 */
-    { { 0x631a3d3bbe682cL,0x3a4ce9dde5ba95L,0x28f11f7502f1f1L,
-        0x0a55cf0c957e88L,0x495e4ec7e0a3bcL,0x30ad4d87ba365cL,
-        0x0217b97a4c26f3L },
-      { 0x01a9088c2e67fdL,0x7501c4c3d5e5e7L,0x265b7bb854c820L,
-        0x729263c87e6b52L,0x308b9e3b8fb035L,0x33f1b86c1b23abL,
-        0x0e81b8b21fc99cL } },
-    /* 40 */
-    { { 0x59f5a87237cac0L,0x6b3a86b0cf28b9L,0x13a53db13a4fc2L,
-        0x313c169a1c253bL,0x060158304ed2bbL,0x21e171b71679bcL,
-        0x10cdb754d76f86L },
-      { 0x44355392ab473aL,0x64eb7cbda08caeL,0x3086426a900c71L,
-        0x49016ed9f3c33cL,0x7e6354ab7e04f9L,0x17c4c91a40cd2eL,
-        0x3509f461024c66L } },
-    /* 41 */
-    { { 0x2848f50f9b5a31L,0x68d1755b6c5504L,0x48cd5d5672ec00L,
-        0x4d77421919d023L,0x1e1e349ef68807L,0x4ab5130cf415d7L,
-        0x305464c6c7dbe6L },
-      { 0x64eb0bad74251eL,0x64c6957e52bda4L,0x6c12583440dee6L,
-        0x6d3bee05b00490L,0x186970de53dbc4L,0x3be03b37567a56L,
-        0x2b553b1ebdc55bL } },
-    /* 42 */
-    { { 0x74dc3579efdc58L,0x26d29fed1bb71cL,0x334c825a9515afL,
-        0x433c1e839273a6L,0x0d8a4e41cff423L,0x3454098fe42f8eL,
-        0x1046674bf98686L },
-      { 0x09a3e029c05dd2L,0x54d7cfc7fb53a7L,0x35f0ad37e14d7cL,
-        0x73a294a13767b9L,0x3f519678275f4fL,0x788c63393993a4L,
-        0x0781680b620123L } },
-    /* 43 */
-    { { 0x4c8e2ed4d5ffe8L,0x112db7d42fe4ebL,0x433b8f2d2be2edL,
-        0x23e30b29a82cbcL,0x35d2f4c06ee85aL,0x78ff31ffe4b252L,
-        0x0d31295c8cbff5L },
-      { 0x314806ea0376a2L,0x4ea09e22bc0589L,0x0879575f00ba97L,
-        0x188226d2996bb7L,0x7799368dc9411fL,0x7ab24e5c8cae36L,
-        0x2b6a8e2ee4ea33L } },
-    /* 44 */
-    { { 0x70c7127d4ed72aL,0x24c9743ef34697L,0x2fd30e7a93683aL,
-        0x538a89c246012cL,0x6c660a5394ed82L,0x79a95ea239d7e0L,
-        0x3f3af3bbfb170dL },
-      { 0x3b75aa779ae8c1L,0x33995a3cc0dde4L,0x7489d5720b7bfdL,
-        0x599677ef9fa937L,0x3defd64c5ab44bL,0x27d52dc234522bL,
-        0x2ac65d1a8450e0L } },
-    /* 45 */
-    { { 0x478585ec837d7dL,0x5f7971dc174887L,0x67576ed7bb296dL,
-        0x5a78e529a74926L,0x640f73f4fa104bL,0x7d42a8b16e4730L,
-        0x108c7eaa75fd01L },
-      { 0x60661ef96e6896L,0x18d3a0761f3aa7L,0x6e71e163455539L,
-        0x165827d6a7e583L,0x4e7f77e9527935L,0x790bebe2ae912eL,
-        0x0b8fe9561adb55L } },
-    /* 46 */
-    { { 0x4d48036a9951a8L,0x371084f255a085L,0x66aeca69cea2c5L,
-        0x04c99f40c745e7L,0x08dc4bfd9a0924L,0x0b0ec146b29df7L,
-        0x05106218d01c91L },
-      { 0x2a56ee99caedc7L,0x5d9b23a203922cL,0x1ce4c80b6a3ec4L,
-        0x2666bcb75338cbL,0x185a81aac8c4aaL,0x2b4fb60a06c39eL,
-        0x0327e1b3633f42L } },
-    /* 47 */
-    { { 0x72814710b2a556L,0x52c864f6e16534L,0x4978de66ddd9f2L,
-        0x151f5950276cf0L,0x450ac6781d2dc2L,0x114b7a22dd61b2L,
-        0x3b32b07f29faf8L },
-      { 0x68444fdc2d6e94L,0x68526bd9e437bcL,0x0ca780e8b0d887L,
-        0x69f3f850a716aaL,0x500b953e42cd57L,0x4e57744d812e7dL,
-        0x000a5f0e715f48L } },
-    /* 48 */
-    { { 0x2aab10b8243a7dL,0x727d1f4b18b675L,0x0e6b9fdd91bbbbL,
-        0x0d58269fc337e5L,0x45d6664105a266L,0x11946af1b14072L,
-        0x2c2334f91e46e1L },
-      { 0x6dc5f8756d2411L,0x21b34eaa25188bL,0x0d2797da83529eL,
-        0x324df55616784bL,0x7039ec66d267dfL,0x2de79cdb2d108cL,
-        0x14011b1ad0bde0L } },
-    /* 49 */
-    { { 0x2e160266425043L,0x55fbe11b712125L,0x7e3c58b3947fd9L,
-        0x67aacc79c37ad3L,0x4a18e18d2dea0fL,0x5eef06e5674351L,
-        0x37c3483ae33439L },
-      { 0x5d5e1d75bb4045L,0x0f9d72db296efdL,0x60b1899dd894a9L,
-        0x06e8818ded949aL,0x747fd853c39434L,0x0953b937d9efabL,
-        0x09f08c0beeb901L } },
-    /* 50 */
-    { { 0x1d208a8f2d49ceL,0x54042c5be1445aL,0x1c2681fd943646L,
-        0x219c8094e2e674L,0x442cddf07238b8L,0x574a051c590832L,
-        0x0b72f4d61c818aL },
-      { 0x7bc3cbe4680967L,0x0c8b3f25ae596bL,0x0445b0da74a9efL,
-        0x0bbf46c40363b7L,0x1df575c50677a3L,0x016ea6e73d68adL,
-        0x0b5207bd8db0fdL } },
-    /* 51 */
-    { { 0x2d39fdfea1103eL,0x2b252bf0362e34L,0x63d66c992baab9L,
-        0x5ac97706de8550L,0x0cca390c39c1acL,0x0d9bec5f01b2eaL,
-        0x369360a0f7e5f3L },
-      { 0x6dd3461e201067L,0x70b2d3f63ed614L,0x487580487c54c7L,
-        0x6020e48a44af2aL,0x1ccf80b21aab04L,0x3cf3b12d88d798L,
-        0x349368eccc506fL } },
-    /* 52 */
-    { { 0x5a053753b0a354L,0x65e818dbb9b0aeL,0x7d5855ee50e4bfL,
-        0x58dc06885c7467L,0x5ee15073e57bd3L,0x63254ebc1e07fdL,
-        0x1d48e0392aa39bL },
-      { 0x4e227c6558ffe9L,0x0c3033d8a82a3eL,0x7bde65c214e8d2L,
-        0x6e23561559c16aL,0x5094c5e6deaffdL,0x78dca2880f1f91L,
-        0x3d9d3f947d838dL } },
-    /* 53 */
-    { { 0x387ae5af63408fL,0x6d539aeb4e6edfL,0x7f3d3186368e70L,
-        0x01a6446bc19989L,0x35288fbcd4482fL,0x39288d34ec2736L,
-        0x1de9c47159ad76L },
-      { 0x695dc7944f8d65L,0x3eca2c35575094L,0x0c918059a79b69L,
-        0x4573a48c32a74eL,0x580d8bc8b93f52L,0x190be3a3d071eaL,
-        0x2333e686b3a8cbL } },
-    /* 54 */
-    { { 0x2b110c7196fee2L,0x3ac70e99128a51L,0x20a6bb6b75d5e6L,
-        0x5f447fa513149aL,0x560d69714cc7b2L,0x1d3ee25279fab1L,
-        0x369adb2ccca959L },
-      { 0x3fddb13dd821c2L,0x70bf21ba647be8L,0x64121227e3cbc9L,
-        0x12633a4c892320L,0x3c15c61660f26dL,0x1932c3b3d19900L,
-        0x18c718563eab71L } },
-    /* 55 */
-    { { 0x72ebe0fd752366L,0x681c2737d11759L,0x143c805e7ae4f0L,
-        0x78ed3c2cc7b324L,0x5c16e14820254fL,0x226a4f1c4ec9f0L,
-        0x2891bb915eaac6L },
-      { 0x061eb453763b33L,0x07f88b81781a87L,0x72b5ac7a87127cL,
-        0x7ea4e4cd7ff8b5L,0x5e8c3ce33908b6L,0x0bcb8a3d37feffL,
-        0x01da9e8e7fc50bL } },
-    /* 56 */
-    { { 0x639dfe9e338d10L,0x32dfe856823608L,0x46a1d73bca3b9aL,
-        0x2da685d4b0230eL,0x6e0bc1057b6d69L,0x7144ec724a5520L,
-        0x0b067c26b87083L },
-      { 0x0fc3f0eef4c43dL,0x63500f509552b7L,0x220d74af6f8b86L,
-        0x038996eafa2aa9L,0x7f6750f4aee4d2L,0x3e1d3f06718720L,
-        0x1ea1d37243814cL } },
-    /* 57 */
-    { { 0x322d4597c27050L,0x1beeb3ce17f109L,0x15e5ce2e6ef42eL,
-        0x6c8be27da6b3a0L,0x66e3347f4d5f5cL,0x7172133899c279L,
-        0x250aff4e548743L },
-      { 0x28f0f6a43b566dL,0x0cd2437fefbca0L,0x5b1108cb36bdbaL,
-        0x48a834d41fb7c2L,0x6cb8565680579fL,0x42da2412b45d9fL,
-        0x33dfc1abb6c06eL } },
-    /* 58 */
-    { { 0x56e3c48ef96c80L,0x65667bb6c1381eL,0x09f70514375487L,
-        0x1548ff115f4a08L,0x237de2d21a0710L,0x1425cdee9f43dfL,
-        0x26a6a42e055b0aL },
-      { 0x4ea9ea9dc7dfcbL,0x4df858583ac58aL,0x1d274f819f1d39L,
-        0x26e9c56cf91fcbL,0x6cee31c7c3a465L,0x0bb8e00b108b28L,
-        0x226158da117301L } },
-    /* 59 */
-    { { 0x5a7cd4fce73946L,0x7b6a462d0ac653L,0x732ea4bb1a3da5L,
-        0x7c8e9f54711af4L,0x0a6cd55d4655f9L,0x341e6d13e4754aL,
-        0x373c87098879a8L },
-      { 0x7bc82e61b818bfL,0x5f2db48f44879fL,0x2a2f06833f1d28L,
-        0x494e5b691a74c0L,0x17d6cf35fd6b57L,0x5f7028d1c25dfcL,
-        0x377a9ab9562cb6L } },
-    /* 60 */
-    { { 0x4de8877e787b2eL,0x183e7352621a52L,0x2ab0509974962bL,
-        0x045a450496cb8aL,0x3bf7118b5591c7L,0x7724f98d761c35L,
-        0x301607e8d5a0c1L },
-      { 0x0f58a3f24d4d58L,0x3771c19c464f3cL,0x06746f9c0bfafaL,
-        0x56564c9c8feb52L,0x0d66d9a7d8a45fL,0x403578141193caL,
-        0x00b0d0bdc19260L } },
-    /* 61 */
-    { { 0x571407157bdbc2L,0x138d5a1c2c0b99L,0x2ee4a8057dcbeaL,
-        0x051ff2b58e9ed1L,0x067378ad9e7cdaL,0x7cc2c1db97a49eL,
-        0x1e7536ccd849d6L },
-      { 0x531fd95f3497c4L,0x55dc08325f61a7L,0x144e942bce32bfL,
-        0x642d572f09e53aL,0x556ff188261678L,0x3e79c0d9d513d6L,
-        0x0bbbc6656f6d52L } },
-    /* 62 */
-    { { 0x57d3eb50596edcL,0x26c520a487451dL,0x0a92db40aea8d6L,
-        0x27df6345109616L,0x7733d611fd727cL,0x61d14171fef709L,
-        0x36169ae417c36bL },
-      { 0x6899f5d4091cf7L,0x56ce5dfe4ed0c1L,0x2c430ce5913fbcL,
-        0x1b13547e0f8caeL,0x4840a8275d3699L,0x59b8ef209e81adL,
-        0x22362dff5ea1a2L } },
-    /* 63 */
-    { { 0x7237237bd98425L,0x73258e162a9d0bL,0x0a59a1e8bb5118L,
-        0x4190a7ee5d8077L,0x13684905fdbf7cL,0x31c4033a52626bL,
-        0x010a30e4fbd448L },
-      { 0x47623f981e909aL,0x670af7c325b481L,0x3d004241fa4944L,
-        0x0905a2ca47f240L,0x58f3cdd7a187c3L,0x78b93aee05b43fL,
-        0x19b91d4ef8d63bL } },
-    /* 64 */
-    { { 0x0d34e116973cf4L,0x4116fc9e69ee0eL,0x657ae2b4a482bbL,
-        0x3522eed134d7cdL,0x741e0dde0a036aL,0x6554316a51cc7bL,
-        0x00f31c6ca89837L },
-      { 0x26770aa06b1dd7L,0x38233a4ceba649L,0x065a1110c96feaL,
-        0x18d367839e0f15L,0x794543660558d1L,0x39b605139065dcL,
-        0x29abbec071b637L } },
-    /* 65 */
-    { { 0x1464b401ab5245L,0x16db891b27ff74L,0x724eb49cb26e34L,
-        0x74fee3bc9cc33eL,0x6a8bdbebe085eaL,0x5c2e75ca207129L,
-        0x1d03f2268e6b08L },
-      { 0x28b0a328e23b23L,0x645dc26209a0bcL,0x62c28990348d49L,
-        0x4dd9be1fa333d0L,0x6183aac74a72e4L,0x1d6f3ee69e1d03L,
-        0x2fff96db0ff670L } },
-    /* 66 */
-    { { 0x2358f5c6a2123fL,0x5b2bfc51bedb63L,0x4fc6674be649ecL,
-        0x51fc16e44b813aL,0x2ffe10a73754c1L,0x69a0c7a053aeefL,
-        0x150e605fb6b9b4L },
-      { 0x179eef6b8b83c4L,0x64293b28ad05efL,0x331795fab98572L,
-        0x09823eec78727dL,0x36508042b89b81L,0x65f1106adb927eL,
-        0x2fc0234617f47cL } },
-    /* 67 */
-    { { 0x12aa244e8068dbL,0x0c834ae5348f00L,0x310fc1a4771cb3L,
-        0x6c90a2f9e19ef9L,0x77946fa0573471L,0x37f5df81e5f72fL,
-        0x204f5d72cbe048L },
-      { 0x613c724383bba6L,0x1ce14844967e0aL,0x797c85e69aa493L,
-        0x4fb15b0f2ce765L,0x5807978e2e8aa7L,0x52c75859876a75L,
-        0x1554635c763d3eL } },
-    /* 68 */
-    { { 0x4f292200623f3bL,0x6222be53d7fe07L,0x1e02a9a08c2571L,
-        0x22c6058216b912L,0x1ec20044c7ba17L,0x53f94c5efde12bL,
-        0x102b8aadfe32a4L },
-      { 0x45377aa927b102L,0x0d41b8062ee371L,0x77085a9018e62aL,
-        0x0c69980024847cL,0x14739b423a73a9L,0x52ec6961fe3c17L,
-        0x38a779c94b5a7dL } },
-    /* 69 */
-    { { 0x4d14008435af04L,0x363bfd8325b4e8L,0x48cdb715097c95L,
-        0x1b534540f8bee0L,0x4ca1e5c90c2a76L,0x4b52c193d6eee0L,
-        0x277a33c79becf5L },
-      { 0x0fee0d511d3d06L,0x4627f3d6a58f8cL,0x7c81ac245119b8L,
-        0x0c8d526ba1e07aL,0x3dbc242f55bac2L,0x2399df8f91fffdL,
-        0x353e982079ba3bL } },
-    /* 70 */
-    { { 0x6405d3b0ab9645L,0x7f31abe3ee236bL,0x456170a9babbb1L,
-        0x09634a2456a118L,0x5b1c6045acb9e5L,0x2c75c20d89d521L,
-        0x2e27ccf5626399L },
-      { 0x307cd97fed2ce4L,0x1c2fbb02b64087L,0x542a068d27e64dL,
-        0x148c030b3bc6a6L,0x671129e616ade5L,0x123f40db60dafcL,
-        0x07688f3c621220L } },
-    /* 71 */
-    { { 0x1c46b342f2c4b5L,0x27decc0b3c8f04L,0x0d9bd433464c54L,
-        0x1f3d893b818572L,0x2536043b536c94L,0x57e00c4b19ebf9L,
-        0x3938fb9e5ad55eL },
-      { 0x6b390024c8b22fL,0x4583f97e20a976L,0x2559d24abcbad7L,
-        0x67a9cabc9bd8c6L,0x73a56f09432e4aL,0x79eb0beb53a3b7L,
-        0x3e19d47f6f8221L } },
-    /* 72 */
-    { { 0x7399cb9d10e0b2L,0x32acc1b8a36e2aL,0x287d60c2407035L,
-        0x42c82420ea4b5cL,0x13f286658bc268L,0x3c91181156e064L,
-        0x234b83dcdeb963L },
-      { 0x79bc95486cfee6L,0x4d8fd3cb78af36L,0x07362ba5e80da8L,
-        0x79d024a0d681b0L,0x6b58406907f87fL,0x4b40f1e977e58fL,
-        0x38dcc6fd5fa342L } },
-    /* 73 */
-    { { 0x72282be1cd0abeL,0x02bd0fdfdf44e5L,0x19b0e0d2f753e4L,
-        0x4514e76ce8c4c0L,0x02ebc9c8cdcc1bL,0x6ac0c0373e9fddL,
-        0x0dc414af1c81a9L },
-      { 0x7a109246f32562L,0x26982e6a3768edL,0x5ecd8daed76ab5L,
-        0x2eaa70061eb261L,0x09e7c038a8c514L,0x2a2603cc300658L,
-        0x25d93ab9e55cd4L } },
-    /* 74 */
-    { { 0x11b19fcbd5256aL,0x41e4d94274770fL,0x0133c1a411001fL,
-        0x360bac481dbca3L,0x45908b18a9c22bL,0x1e34396fafb03aL,
-        0x1b84fea7486edaL },
-      { 0x183c62a71e6e16L,0x5f1dc30e93da8eL,0x6cb97b502573c3L,
-        0x3708bf0964e3fcL,0x35a7f042eeacceL,0x56370da902c27fL,
-        0x3a873c3b72797fL } },
-    /* 75 */
-    { { 0x6573c9cea4cc9bL,0x2c3b5f9d91e6dcL,0x2a90e2dbd9505eL,
-        0x66a75444025f81L,0x1571fb894b03cdL,0x5d1a1f00fd26f3L,
-        0x0d19a9fd618855L },
-      { 0x659acd56515664L,0x7279478bd616a3L,0x09a909e76d56c3L,
-        0x2fd70474250358L,0x3a1a25c850579cL,0x11b9e0f71b74ccL,
-        0x1268daef3d1bffL } },
-    /* 76 */
-    { { 0x7f5acc46d93106L,0x5bc15512f939c8L,0x504b5f92f996deL,
-        0x25965549be7a64L,0x357a3a2ae9b80dL,0x3f2bcf9c139cc0L,
-        0x0a7ddd99f23b35L },
-      { 0x6868f5a8a0b1c5L,0x319ec52f15b1beL,0x0770000a849021L,
-        0x7f4d50287bd608L,0x62c971d28a9d7fL,0x164e89309acb72L,
-        0x2a29f002cf4a32L } },
-    /* 77 */
-    { { 0x58a852ae11a338L,0x27e3a35f2dcef8L,0x494d5731ce9e18L,
-        0x49516f33f4bb3eL,0x386b26ba370097L,0x4e8fac1ec30248L,
-        0x2ac26d4c44455dL },
-      { 0x20484198eb9dd0L,0x75982a0e06512bL,0x152271b9279b05L,
-        0x5908a9857e36d2L,0x6a933ab45a60abL,0x58d8b1acb24fafL,
-        0x28fbcf19425590L } },
-    /* 78 */
-    { { 0x5420e9df010879L,0x4aba72aec2f313L,0x438e544eda7494L,
-        0x2e8e189ce6f7eaL,0x2f771e4efe45bdL,0x0d780293bce7efL,
-        0x1569ad3d0d02acL },
-      { 0x325251ebeaf771L,0x02510f1a8511e2L,0x3863816bf8aad1L,
-        0x60fdb15fe6ac19L,0x4792aef52a348cL,0x38e57a104e9838L,
-        0x0d171611a1df1bL } },
-    /* 79 */
-    { { 0x15ceb0bea65e90L,0x6e56482db339bcL,0x37f618f7b0261fL,
-        0x6351abc226dabcL,0x0e999f617b74baL,0x37d3cc57af5b69L,
-        0x21df2b987aac68L },
-      { 0x2dddaa3a358610L,0x2da264bc560e47L,0x545615d538bf13L,
-        0x1c95ac244b8cc7L,0x77de1f741852cbL,0x75d324f00996abL,
-        0x3a79b13b46aa3bL } },
-    /* 80 */
-    { { 0x7db63998683186L,0x6849bb989d530cL,0x7b53c39ef7ed73L,
-        0x53bcfbf664d3ffL,0x25ef27c57f71c7L,0x50120ee80f3ad6L,
-        0x243aba40ed0205L },
-      { 0x2aae5e0ee1fcebL,0x3449d0d8343fbeL,0x5b2864fb7cffc7L,
-        0x64dceb5407ac3eL,0x20303a5695523dL,0x3def70812010b2L,
-        0x07be937f2e9b6fL } },
-    /* 81 */
-    { { 0x5838f9e0540015L,0x728d8720efb9f7L,0x1ab5864490b0c8L,
-        0x6531754458fdcfL,0x600ff9612440c0L,0x48735b36a585b7L,
-        0x3d4aaea86b865dL },
-      { 0x6898942cac32adL,0x3c84c5531f23a1L,0x3c9dbd572f7edeL,
-        0x5691f0932a2976L,0x186f0db1ac0d27L,0x4fbed18bed5bc9L,
-        0x0e26b0dee0b38cL } },
-    /* 82 */
-    { { 0x1188b4f8e60f5bL,0x602a915455b4a2L,0x60e06af289ff99L,
-        0x579fe4bed999e5L,0x2bc03b15e6d9ddL,0x1689649edd66d5L,
-        0x3165e277dca9d2L },
-      { 0x7cb8a529cf5279L,0x57f8035b34d84dL,0x352e2eb26de8f1L,
-        0x6406820c3367c4L,0x5d148f4c899899L,0x483e1408482e15L,
-        0x1680bd1e517606L } },
-    /* 83 */
-    { { 0x5c877cc1c90202L,0x2881f158eae1f4L,0x6f45e207df4267L,
-        0x59280eba1452d8L,0x4465b61e267db5L,0x171f1137e09e5cL,
-        0x1368eb821daa93L },
-      { 0x70fe26e3e66861L,0x52a6663170da7dL,0x71d1ce5b7d79dcL,
-        0x1cffe9be1e1afdL,0x703745115a29c4L,0x73b7f897b2f65aL,
-        0x02218c3a95891aL } },
-    /* 84 */
-    { { 0x16866db8a9e8c9L,0x4770b770123d9bL,0x4c116cf34a8465L,
-        0x079b28263fc86aL,0x3751c755a72b58L,0x7bc8df1673243aL,
-        0x12fff72454f064L },
-      { 0x15c049b89554e7L,0x4ea9ef44d7cd9aL,0x42f50765c0d4f1L,
-        0x158bb603cb011bL,0x0809dde16470b1L,0x63cad7422ea819L,
-        0x38b6cd70f90d7eL } },
-    /* 85 */
-    { { 0x1e4aab6328e33fL,0x70575f026da3aeL,0x7e1b55c8c55219L,
-        0x328d4b403d24caL,0x03b6df1f0a5bd1L,0x26b4bb8b648ed0L,
-        0x17161f2f10b76aL },
-      { 0x6cdb32bae8b4c0L,0x33176266227056L,0x4975fa58519b45L,
-        0x254602ea511d96L,0x4e82e93e402a67L,0x0ca8b5929cdb4fL,
-        0x3ae7e0a07918f5L } },
-    /* 86 */
-    { { 0x60f9d1fecf5b9bL,0x6257e40d2cd469L,0x6c7aa814d28456L,
-        0x58aac7caac8e79L,0x703a55f0293cbfL,0x702390a0f48378L,
-        0x24b9ae07218b07L },
-      { 0x1ebc66cdaf24e3L,0x7d9ae5f9f8e199L,0x42055ee921a245L,
-        0x035595936e4d49L,0x129c45d425c08bL,0x6486c5f19ce6ddL,
-        0x027dbd5f18ba24L } },
-    /* 87 */
-    { { 0x7d6b78d29375fbL,0x0a3dc6ba22ae38L,0x35090fa91feaf6L,
-        0x7f18587fb7b16eL,0x6e7091dd924608L,0x54e102cdbf5ff8L,
-        0x31b131a4c22079L },
-      { 0x368f87d6a53fb0L,0x1d3f3d69a3f240L,0x36bf5f9e40e1c6L,
-        0x17f150e01f8456L,0x76e5d0835eb447L,0x662fc0a1207100L,
-        0x14e3dd97a98e39L } },
-    /* 88 */
-    { { 0x0249d9c2663b4bL,0x56b68f9a71ba1cL,0x74b119567f9c02L,
-        0x5e6f336d8c92acL,0x2ced58f9f74a84L,0x4b75a2c2a467c5L,
-        0x30557011cf740eL },
-      { 0x6a87993be454ebL,0x29b7076fb99a68L,0x62ae74aaf99bbaL,
-        0x399f9aa8fb6c1bL,0x553c24a396dd27L,0x2868337a815ea6L,
-        0x343ab6635cc776L } },
-    /* 89 */
-    { { 0x0e0b0eec142408L,0x79728229662121L,0x605d0ac75e6250L,
-        0x49a097a01edfbeL,0x1e20cd270df6b6L,0x7438a0ca9291edL,
-        0x29daa430da5f90L },
-      { 0x7a33844624825aL,0x181715986985c1L,0x53a6853cae0b92L,
-        0x6d98401bd925e8L,0x5a0a34f5dd5e24L,0x7b818ef53cf265L,
-        0x0836e43c9d3194L } },
-    /* 90 */
-    { { 0x1179b70e6c5fd9L,0x0246d9305dd44cL,0x635255edfbe2fbL,
-        0x5397b3523b4199L,0x59350cc47e6640L,0x2b57aa97ed4375L,
-        0x37efd31abd153aL },
-      { 0x7a7afa6907f4faL,0x75c10cb94e6a7eL,0x60a925ab69cc47L,
-        0x2ff5bcd9239bd5L,0x13c2113e425f11L,0x56bd3d2f8a1437L,
-        0x2c9adbab13774fL } },
-    /* 91 */
-    { { 0x4ab9f52a2e5f2bL,0x5e537e70b58903L,0x0f242658ebe4f2L,
-        0x2648a1e7a5f9aeL,0x1b4c5081e73007L,0x6827d4aff51850L,
-        0x3925e41726cd01L },
-      { 0x56dd8a55ab3cfbL,0x72d6a31b6d5beaL,0x697bd2e5575112L,
-        0x66935519a7aa12L,0x55e97dda7a3aceL,0x0e16afb4237b4cL,
-        0x00b68fbff08093L } },
-    /* 92 */
-    { { 0x4b00366481d0d9L,0x37cb031fbfc5c4L,0x14643f6800dd03L,
-        0x6793fef60fe0faL,0x4f43e329c92803L,0x1fce86b96a6d26L,
-        0x0ad416975e213aL },
-      { 0x7cc6a6711adcc9L,0x64b8a63c43c2d9L,0x1e6caa2a67c0d0L,
-        0x610deffd17a54bL,0x57d669d5f38423L,0x77364b8f022636L,
-        0x36d4d13602e024L } },
-    /* 93 */
-    { { 0x72e667ae50a2f5L,0x1b15c950c3a21aL,0x3ccc37c72e6dfeL,
-        0x027f7e1d094fb8L,0x43ae1e90aa5d7eL,0x3f5feac3d97ce5L,
-        0x0363ed0a336e55L },
-      { 0x235f73d7663784L,0x5d8cfc588ad5a4L,0x10ab6ff333016eL,
-        0x7d8886af2e1497L,0x549f34fd17988eL,0x3fc4fcaee69a33L,
-        0x0622b133a13d9eL } },
-    /* 94 */
-    { { 0x6344cfa796c53eL,0x0e9a10d00136fdL,0x5d1d284a56efd8L,
-        0x608b1968f8aca7L,0x2fa5a66776edcaL,0x13430c44f1609cL,
-        0x1499973cb2152aL },
-      { 0x3764648104ab58L,0x3226e409fadafcL,0x1513a8466459ddL,
-        0x649206ec365035L,0x46149aa3f765b1L,0x3aebf0a035248eL,
-        0x1ee60b8c373494L } },
-    /* 95 */
-    { { 0x4e9efcc15f3060L,0x5e5d50fd77cdc8L,0x071e5403516b58L,
-        0x1b7d4e89b24ceaL,0x53b1fa66d6dc03L,0x457f15f892ab5fL,
-        0x076332c9397260L },
-      { 0x31422b79d7584bL,0x0b01d47e41ba80L,0x3e5611a3171528L,
-        0x5f53b9a9fc1be4L,0x7e2fc3d82f110fL,0x006cf350ef0fbfL,
-        0x123ae98ec81c12L } },
-    /* 96 */
-    { { 0x310d41df46e2f6L,0x2ff032a286cf13L,0x64751a721c4eadL,
-        0x7b62bcc0339b95L,0x49acf0c195afa4L,0x359d48742544e5L,
-        0x276b7632d9e2afL },
-      { 0x656c6be182579aL,0x75b65a4d85b199L,0x04a911d1721bfaL,
-        0x46e023d0e33477L,0x1ec2d580acd869L,0x540b456f398a37L,
-        0x001f698210153dL } },
-    /* 97 */
-    { { 0x3ca35217b00dd0L,0x73961d034f4d3cL,0x4f520b61c4119dL,
-        0x4919fde5cccff7L,0x4d0e0e6f38134dL,0x55c22586003e91L,
-        0x24d39d5d8f1b19L },
-      { 0x4d4fc3d73234dcL,0x40c50c9d5f8368L,0x149afbc86bf2b8L,
-        0x1dbafefc21d7f1L,0x42e6b61355107fL,0x6e506cf4b54f29L,
-        0x0f498a6c615228L } },
-    /* 98 */
-    { { 0x30618f437cfaf8L,0x059640658532c4L,0x1c8a4d90e96e1dL,
-        0x4a327bcca4fb92L,0x54143b8040f1a0L,0x4ec0928c5a49e4L,
-        0x2af5ad488d9b1fL },
-      { 0x1b392bd5338f55L,0x539c0292b41823L,0x1fe35d4df86a02L,
-        0x5fa5bb17988c65L,0x02b6cb715adc26L,0x09a48a0c2cb509L,
-        0x365635f1a5a9f2L } },
-    /* 99 */
-    { { 0x58aa87bdc21f31L,0x156900c7cb1935L,0x0ec1f75ee2b6cfL,
-        0x5f3e35a77ec314L,0x582dec7b9b7621L,0x3e65deb0e8202aL,
-        0x325c314b8a66b7L },
-      { 0x702e2a22f24d66L,0x3a20e9982014f1L,0x6424c5b86bbfb0L,
-        0x424eea4d795351L,0x7fc4cce7c22055L,0x581383fceb92d7L,
-        0x32b663f49ee81bL } },
-    /* 100 */
-    { { 0x76e2d0b648b73eL,0x59ca39fa50bddaL,0x18bb44f786a7e4L,
-        0x28c8d49d464360L,0x1b8bf1d3a574eaL,0x7c670b9bf1635aL,
-        0x2efb30a291f4b3L },
-      { 0x5326c069cec548L,0x03bbe481416531L,0x08a415c8d93d6fL,
-        0x3414a52120d383L,0x1f17a0fc6e9c5cL,0x0de9a090717463L,
-        0x22d84b3c67ff07L } },
-    /* 101 */
-    { { 0x30b5014c3830ebL,0x70791dc1a18b37L,0x09e6ea4e24f423L,
-        0x65e148a5253132L,0x446f05d5d40449L,0x7ad5d3d707c0e9L,
-        0x18eedd63dd3ab5L },
-      { 0x40d2eac6bb29e0L,0x5b0e9605e83c38L,0x554f2c666a56a8L,
-        0x0ac27b6c94c48bL,0x1aaecdd91bafe5L,0x73c6e2bdf72634L,
-        0x306dab96d19e03L } },
-    /* 102 */
-    { { 0x6d3e4b42772f41L,0x1aba7796f3a39bL,0x3a03fbb980e9c0L,
-        0x2f2ea5da2186a8L,0x358ff444ef1fcfL,0x0798cc0329fcdcL,
-        0x39a28bcc9aa46dL },
-      { 0x42775c977fe4d2L,0x5eb8fc5483d6b0L,0x0bfe37c039e3f7L,
-        0x429292eaf9df60L,0x188bdf4b840cd5L,0x06e10e090749cdL,
-        0x0e52678e73192eL } },
-    /* 103 */
-    { { 0x05de80b08df5feL,0x2af8c77406c5f8L,0x53573c50a0304aL,
-        0x277b10b751bca0L,0x65cf8c559132a5L,0x4c667abe25f73cL,
-        0x0271809e05a575L },
-      { 0x41ced461f7a2fbL,0x0889a9ebdd7075L,0x320c63f2b7760eL,
-        0x4f8d4324151c63L,0x5af47315be2e5eL,0x73c62f6aee2885L,
-        0x206d6412a56a97L } },
-    /* 104 */
-    { { 0x6b1c508b21d232L,0x3781185974ead6L,0x1aba7c3ebe1fcfL,
-        0x5bdc03cd3f3a5aL,0x74a25036a0985bL,0x5929e30b7211b2L,
-        0x16a9f3bc366bd7L },
-      { 0x566a7057dcfffcL,0x23b5708a644bc0L,0x348cda2aa5ba8cL,
-        0x466aa96b9750d4L,0x6a435ed9b20834L,0x2e7730f2cf9901L,
-        0x2b5cd71d5b0410L } },
-    /* 105 */
-    { { 0x285ab3cee76ef4L,0x68895e3a57275dL,0x6fab2e48fd1265L,
-        0x0f1de060428c94L,0x668a2b080b5905L,0x1b589dc3b0cb37L,
-        0x3c037886592c9bL },
-      { 0x7fb5c0f2e90d4dL,0x334eefb3d8c91aL,0x75747124700388L,
-        0x547a2c2e2737f5L,0x2af9c080e37541L,0x0a295370d9091aL,
-        0x0bb5c36dad99e6L } },
-    /* 106 */
-    { { 0x644116586f25cbL,0x0c3f41f9ee1f5dL,0x00628d43a3dedaL,
-        0x16e1437aae9669L,0x6aba7861bf3e59L,0x60735631ff4c44L,
-        0x345609efaa615eL },
-      { 0x41f54792e6acefL,0x4791583f75864dL,0x37f2ff5c7508b1L,
-        0x1288912516c3b0L,0x51a2135f6a539bL,0x3b775511f42091L,
-        0x127c6afa7afe66L } },
-    /* 107 */
-    { { 0x79f4f4f7492b73L,0x583d967256342dL,0x51a729bff33ca3L,
-        0x3977d2c22d8986L,0x066f528ba8d40bL,0x5d759d30f8eb94L,
-        0x0f8e649192b408L },
-      { 0x22d84e752555bbL,0x76953855c728c7L,0x3b2254e72aaaa4L,
-        0x508cd4ce6c0212L,0x726296d6b5a6daL,0x7a77aa066986f3L,
-        0x2267a497bbcf31L } },
-    /* 108 */
-    { { 0x7f3651bf825dc4L,0x3988817388c56fL,0x257313ed6c3dd0L,
-        0x3feab7f3b8ffadL,0x6c0d3cb9e9c9b4L,0x1317be0a7b6ac4L,
-        0x2a5f399d7df850L },
-      { 0x2fe5a36c934f5eL,0x429199df88ded1L,0x435ea21619b357L,
-        0x6aac6a063bac2bL,0x600c149978f5edL,0x76543aa1114c95L,
-        0x163ca9c83c7596L } },
-    /* 109 */
-    { { 0x7dda4a3e4daedbL,0x1824cba360a4cdL,0x09312efd70e0c6L,
-        0x454e68a146c885L,0x40aee762fe5c47L,0x29811cbd755a59L,
-        0x34b37c95f28319L },
-      { 0x77c58b08b717d2L,0x309470d9a0f491L,0x1ab9f40448e01cL,
-        0x21c8bd819207b1L,0x6a01803e9361bcL,0x6e5e4c350ec415L,
-        0x14fd55a91f8798L } },
-    /* 110 */
-    { { 0x4cee562f512a90L,0x0008361d53e390L,0x3789b307a892cfL,
-        0x064f7be8770ae9L,0x41435d848762cfL,0x662204dd38baa6L,
-        0x23d6dcf73f6c5aL },
-      { 0x69bef2d2c75d95L,0x2b037c0c9bb43eL,0x495fb4d79a34cfL,
-        0x184e140c601260L,0x60193f8d435f9cL,0x283fa52a0c3ad2L,
-        0x1998635e3a7925L } },
-    /* 111 */
-    { { 0x1cfd458ce382deL,0x0dddbd201bbcaeL,0x14d2ae8ed45d60L,
-        0x73d764ab0c24cbL,0x2a97fe899778adL,0x0dbd1e01eddfe9L,
-        0x2ba5c72d4042c3L },
-      { 0x27eebc3af788f1L,0x53ffc827fc5a30L,0x6d1d0726d35188L,
-        0x4721275c50aa2aL,0x077125f02e690fL,0x6da8142405db5dL,
-        0x126cef68992513L } },
-    /* 112 */
-    { { 0x3c6067035b2d69L,0x2a1ad7db2361acL,0x3debece6cad41cL,
-        0x30095b30f9afc1L,0x25f50b9bd9c011L,0x79201b2f2c1da1L,
-        0x3b5c151449c5bdL },
-      { 0x76eff4127abdb4L,0x2d31e03ce0382aL,0x24ff21f8bda143L,
-        0x0671f244fd3ebaL,0x0c1c00b6bcc6fbL,0x18de9f7c3ebefbL,
-        0x33dd48c3809c67L } },
-    /* 113 */
-    { { 0x61d6c2722d94edL,0x7e426e31041cceL,0x4097439f1b47b0L,
-        0x579e798b2d205bL,0x6a430d67f830ebL,0x0d2c676700f727L,
-        0x05fea83a82f25bL },
-      { 0x3f3482df866b98L,0x3dd353b6a5a9cdL,0x77fe6ae1a48170L,
-        0x2f75cc2a8f7cddL,0x7442a3863dad17L,0x643de42d877a79L,
-        0x0fec8a38fe7238L } },
-    /* 114 */
-    { { 0x79b70c0760ac07L,0x195d3af37e9b29L,0x1317ff20f7cf27L,
-        0x624e1c739e7504L,0x67330ef50f943dL,0x775e8cf455d793L,
-        0x17b94d2d913a9fL },
-      { 0x4b627203609e7fL,0x06aac5fb93e041L,0x603c515fdc2611L,
-        0x2592ca0d7ae472L,0x02395d1f50a6cbL,0x466ef9648f85d9L,
-        0x297cf879768f72L } },
-    /* 115 */
-    { { 0x3489d67d85fa94L,0x0a6e5b739c8e04L,0x7ebb5eab442e90L,
-        0x52665a007efbd0L,0x0967ca57b0d739L,0x24891f9d932b63L,
-        0x3cc2d6dbadc9d3L },
-      { 0x4b4773c81c5338L,0x73cd47dad7a0f9L,0x7c755bab6ae158L,
-        0x50b03d6becefcaL,0x574d6e256d57f0L,0x188db4fffb92aeL,
-        0x197e10118071eaL } },
-    /* 116 */
-    { { 0x45d0cbcba1e7f1L,0x1180056abec91aL,0x6c5f86624bbc28L,
-        0x442c83f3b8e518L,0x4e16ae1843ecb4L,0x670cef2fd786c9L,
-        0x205b4acb637d2cL },
-      { 0x70b0e539aa8671L,0x67c982056bebd0L,0x645c831a5e7c36L,
-        0x09e06951a14b32L,0x5dd610ad4c89e6L,0x41c35f20164831L,
-        0x3821f29cb4cdb8L } },
-    /* 117 */
-    { { 0x2831ffaba10079L,0x70f6dac9ffe444L,0x1cfa32ccc03717L,
-        0x01519fda22a3c8L,0x23215e815aaa27L,0x390671ad65cbf7L,
-        0x03dd4d72de7d52L },
-      { 0x1ecd972ee95923L,0x166f8da3813e8eL,0x33199bbd387a1aL,
-        0x04525fe15e3dc7L,0x44d2ef54165898L,0x4b7e47d3dc47f7L,
-        0x10d5c8db0b5d44L } },
-    /* 118 */
-    { { 0x176d95ba9cdb1bL,0x14025f04f23dfcL,0x49379332891687L,
-        0x6625e5ccbb2a57L,0x7ac0abdbf9d0e5L,0x7aded4fbea15b2L,
-        0x314844ac184d67L },
-      { 0x6d9ce34f05eae3L,0x3805d2875856d2L,0x1c2122f85e40ebL,
-        0x51cb9f2d483a9aL,0x367e91e20f1702L,0x573c3559838dfdL,
-        0x0b282b0cb85af1L } },
-    /* 119 */
-    { { 0x6a12e4ef871eb5L,0x64bb517e14f5ffL,0x29e04d3aaa530bL,
-        0x1b07d88268f261L,0x411be11ed16fb0L,0x1f480536db70bfL,
-        0x17a7deadfd34e4L },
-      { 0x76d72f30646612L,0x5a3bbb43a1b0a0L,0x5e1687440e82bfL,
-        0x713b5e69481112L,0x46c3dcb499e174L,0x0862da3b4e2a24L,
-        0x31cb55b4d62681L } },
-    /* 120 */
-    { { 0x5ffc74dae5bb45L,0x18944c37adb9beL,0x6aaa63b1ee641aL,
-        0x090f4b6ee057d3L,0x4045cedd2ee00fL,0x21c2c798f7c282L,
-        0x2c2c6ef38cd6bdL },
-      { 0x40d78501a06293L,0x56f8caa5cc89a8L,0x7231d5f91b37aeL,
-        0x655f1e5a465c6dL,0x3f59a81f9cf783L,0x09bbba04c23624L,
-        0x0f71ee23bbacdeL } },
-    /* 121 */
-    { { 0x38d398c4741456L,0x5204c0654243c3L,0x34498c916ea77eL,
-        0x12238c60e5fe43L,0x0fc54f411c7625L,0x30b2ca43aa80b6L,
-        0x06bead1bb6ea92L },
-      { 0x5902ba8674b4adL,0x075ab5b0fa254eL,0x58db83426521adL,
-        0x5b66b6b3958e39L,0x2ce4e39890e07bL,0x46702513338b37L,
-        0x363690c2ded4d7L } },
-    /* 122 */
-    { { 0x765642c6b75791L,0x0f4c4300d7f673L,0x404d8bbe101425L,
-        0x61e91c88651f1bL,0x61ddc9bc60aed8L,0x0ef36910ce2e65L,
-        0x04b44367aa63b8L },
-      { 0x72822d3651b7dcL,0x4b750157a2716dL,0x091cb4f2118d16L,
-        0x662ba93b101993L,0x447cbd54a1d40aL,0x12cdd48d674848L,
-        0x16f10415cbec69L } },
-    /* 123 */
-    { { 0x0c57a3a751cd0eL,0x0833d7478fadceL,0x1e751f55686436L,
-        0x489636c58e1df7L,0x26ad6da941266fL,0x22225d3559880fL,
-        0x35b397c45ba0e2L },
-      { 0x3ca97b70e1f2ceL,0x78e50427a8680cL,0x06137e042a8f91L,
-        0x7ec40d2500b712L,0x3f0ad688ad7b0dL,0x24746fb33f9513L,
-        0x3638fcce688f0bL } },
-    /* 124 */
-    { { 0x753163750bed6fL,0x786507cd16157bL,0x1d6ec228ce022aL,
-        0x587255f42d1b31L,0x0c6adf72a3a0f6L,0x4bfeee2da33f5eL,
-        0x08b7300814de6cL },
-      { 0x00bf8df9a56e11L,0x75aead48fe42e8L,0x3de9bad911b2e2L,
-        0x0fadb233e4b8bbL,0x5b054e8fd84f7dL,0x5eb3064152889bL,
-        0x01c1c6e8c777a1L } },
-    /* 125 */
-    { { 0x5fa0e598f8fcb9L,0x11c129a1ae18dfL,0x5c41b482a2273bL,
-        0x545664e5044c9cL,0x7e01c915bfb9abL,0x7f626e19296aa0L,
-        0x20c91a9822a087L },
-      { 0x273a9fbe3c378fL,0x0f126b44b7d350L,0x493764a75df951L,
-        0x32dec3c367d24bL,0x1a7ae987fed9d3L,0x58a93055928b85L,
-        0x11626975d7775fL } },
-    /* 126 */
-    { { 0x2bb174a95540a9L,0x10de02c58b613fL,0x2fa8f7b861f3eeL,
-        0x44731260bdf3b3L,0x19c38ff7da41feL,0x3535a16e3d7172L,
-        0x21a948b83cc7feL },
-      { 0x0e6f72868bc259L,0x0c70799df3c979L,0x526919955584c3L,
-        0x4d95fda04f8fa2L,0x7bb228e6c0f091L,0x4f728b88d92194L,
-        0x2b361c5a136bedL } },
-    /* 127 */
-    { { 0x0c72ca10c53841L,0x4036ab49f9da12L,0x578408d2b7082bL,
-        0x2c4903201fbf5eL,0x14722b3f42a6a8L,0x1997b786181694L,
-        0x25c6f10de32849L },
-      { 0x79f46d517ff2ffL,0x2dc5d97528f6deL,0x518a494489aa72L,
-        0x52748f8af3cf97L,0x472da30a96bb16L,0x1be228f92465a9L,
-        0x196f0c47d60479L } },
-    /* 128 */
-    { { 0x47dd7d139b3239L,0x049c9b06775d0fL,0x627ffc00562d5eL,
-        0x04f578d5e5e243L,0x43a788ffcef8b9L,0x7db320be9dde28L,
-        0x00837528b8572fL },
-      { 0x2969eca306d695L,0x195b72795ec194L,0x5e1fa9b8e77e50L,
-        0x4c627f2b3fbfd5L,0x4b91e0d0ee10ffL,0x5698c8d0f35833L,
-        0x12d3a9431f475eL } },
-    /* 129 */
-    { { 0x6409457a0db57eL,0x795b35192e0433L,0x146f973fe79805L,
-        0x3d49c516dfb9cfL,0x50dfc3646b3cdaL,0x16a08a2210ad06L,
-        0x2b4ef5bcd5b826L },
-      { 0x5ebabfee2e3e3eL,0x2e048e724d9726L,0x0a7a7ed6abef40L,
-        0x71ff7f83e39ad8L,0x3405ac52a1b852L,0x2e3233357a608dL,
-        0x38c1bf3b0e40e6L } },
-    /* 130 */
-    { { 0x59aec823e4712cL,0x6ed9878331ddadL,0x1cc6faf629f2a0L,
-        0x445ff79f36c18cL,0x4edc7ed57aff3dL,0x22ee54c8bdd9e8L,
-        0x35398f42d72ec5L },
-      { 0x4e7a1cceee0ecfL,0x4c66a707dd1d31L,0x629ad157a23c04L,
-        0x3b2c6031dc3c83L,0x3336acbcd3d96cL,0x26ce43adfce0f0L,
-        0x3c869c98d699dcL } },
-    /* 131 */
-    { { 0x58b3cd9586ba11L,0x5d6514b8090033L,0x7c88c3bd736782L,
-        0x1735f84f2130edL,0x47784095a9dee0L,0x76312c6e47901bL,
-        0x1725f6ebc51455L },
-      { 0x6744344bc4503eL,0x16630b4d66e12fL,0x7b3481752c3ec7L,
-        0x47bb2ed1f46f95L,0x08a1a497dd1bcfL,0x1f525df2b8ed93L,
-        0x0fe492ea993713L } },
-    /* 132 */
-    { { 0x71b8dd7268b448L,0x1743dfaf3728d7L,0x23938d547f530aL,
-        0x648c3d497d0fc6L,0x26c0d769e3ad45L,0x4d25108769a806L,
-        0x3fbf2025143575L },
-      { 0x485bfd90339366L,0x2de2b99ed87461L,0x24a33347713badL,
-        0x1674bc7073958aL,0x5bb2373ee85b5fL,0x57f9bd657e662cL,
-        0x2041b248d39042L } },
-    /* 133 */
-    { { 0x5f01617d02f4eeL,0x2a8e31c4244b91L,0x2dab3e790229e0L,
-        0x72d319ea7544afL,0x01ffb8b000cb56L,0x065e63b0daafd3L,
-        0x3d7200a7111d6fL },
-      { 0x4561ce1b568973L,0x37034c532dd8ecL,0x1368215020be02L,
-        0x30e7184cf289ebL,0x199e0c27d815deL,0x7ee1b4dff324e5L,
-        0x2f4a11de7fab5cL } },
-    /* 134 */
-    { { 0x33c2f99b1cdf2bL,0x1e0d78bf42a2c0L,0x64485dececaa67L,
-        0x2242a41be93e92L,0x62297b1f15273cL,0x16ebfaafb02205L,
-        0x0f50f805f1fdabL },
-      { 0x28bb0b3a70eb28L,0x5b1c7d0160d683L,0x05c30a37959f78L,
-        0x3d9301184922d2L,0x46c1ead7dbcb1aL,0x03ee161146a597L,
-        0x2d413ed9a6ccc1L } },
-    /* 135 */
-    { { 0x685ab5f97a27c2L,0x59178214023751L,0x4ffef3c585ab17L,
-        0x2bc85302aba2a9L,0x675b001780e856L,0x103c8a37f0b33dL,
-        0x2241e98ece70a6L },
-      { 0x546738260189edL,0x086c8f7a6b96edL,0x00832ad878a129L,
-        0x0b679056ba7462L,0x020ce6264bf8c4L,0x3f9f4b4d92abfbL,
-        0x3e9c55343c92edL } },
-    /* 136 */
-    { { 0x482cec9b3f5034L,0x08b59b3cd1fa30L,0x5a55d1bc8e58b5L,
-        0x464a5259337d8eL,0x0a5b6c66ade5a5L,0x55db77b504ddadL,
-        0x015992935eac35L },
-      { 0x54fe51025e32fcL,0x5d7f52dbe4a579L,0x08c564a8c58696L,
-        0x4482a8bec4503fL,0x440e75d9d94de9L,0x6992d768020bfaL,
-        0x06c311e8ba01f6L } },
-    /* 137 */
-    { { 0x2a6ac808223878L,0x04d3ccb4aab0b8L,0x6e6ef09ff6e823L,
-        0x15cb03ee9158dcL,0x0dc58919171bf7L,0x3273568abf3cb1L,
-        0x1b55245b88d98bL },
-      { 0x28e9383b1de0c1L,0x30d5009e4f1f1bL,0x334d185a56a134L,
-        0x0875865dfa4c46L,0x266edf5eae3beeL,0x2e03ff16d1f7e5L,
-        0x29a36bd9f0c16dL } },
-    /* 138 */
-    { { 0x004cff44b2e045L,0x426c96380ba982L,0x422292281e46d7L,
-        0x508dd8d29d7204L,0x3a4ea73fb2995eL,0x4be64090ae07b2L,
-        0x3339177a0eff22L },
-      { 0x74a97ec2b3106eL,0x0c616d09169f5fL,0x1bb5d8907241a7L,
-        0x661fb67f6d41bdL,0x018a88a0daf136L,0x746333a093a7b4L,
-        0x3e19f1ac76424eL } },
-    /* 139 */
-    { { 0x542a5656527296L,0x0e7b9ce22f1bc9L,0x31b0945992b89bL,
-        0x6e0570eb85056dL,0x32daf813483ae5L,0x69eeae9d59bb55L,
-        0x315ad4b730b557L },
-      { 0x2bc16795f32923L,0x6b02b7ba55130eL,0x1e9da67c012f85L,
-        0x5616f014dabf8fL,0x777395fcd9c723L,0x2ff075e7743246L,
-        0x2993538aff142eL } },
-    /* 140 */
-    { { 0x72dae20e552b40L,0x2e4ba69aa5d042L,0x001e563e618bd2L,
-        0x28feeba3c98772L,0x648c356da2a907L,0x687e2325069ea7L,
-        0x0d34ab09a394f0L },
-      { 0x73c21813111286L,0x5829b53b304e20L,0x6fba574de08076L,
-        0x79f7058f61614eL,0x4e71c9316f1191L,0x24ef12193e0a89L,
-        0x35dc4e2bc9d848L } },
-    /* 141 */
-    { { 0x045e6d3b4ad1cdL,0x729c95493782f0L,0x77f59de85b361aL,
-        0x5309b4babf28f8L,0x4d893d9290935fL,0x736f47f2b2669eL,
-        0x23270922d757f3L },
-      { 0x23a4826f70d4e9L,0x68a8c63215d33eL,0x4d6c2069205c9cL,
-        0x46b2938a5eebe0L,0x41d1f1e2de3892L,0x5ca1775544bcb0L,
-        0x3130629e5d19dcL } },
-    /* 142 */
-    { { 0x6e2681593375acL,0x117cfbabc22621L,0x6c903cd4e13ccaL,
-        0x6f358f14d4bd97L,0x1bc58fa11089f1L,0x36aa2db4ac426aL,
-        0x15ced8464b7ea1L },
-      { 0x6966836cba7df5L,0x7c2b1851568113L,0x22b50ff2ffca66L,
-        0x50e77d9f48e49aL,0x32775e9bbc7cc9L,0x403915bb0ece71L,
-        0x1b8ec7cb9dd7aaL } },
-    /* 143 */
-    { { 0x65a888b677788bL,0x51887fac2e7806L,0x06792636f98d2bL,
-        0x47bbcd59824c3bL,0x1aca908c43e6dcL,0x2e00d15c708981L,
-        0x08e031c2c80634L },
-      { 0x77fbc3a297c5ecL,0x10a7948af2919eL,0x10cdafb1fb6b2fL,
-        0x27762309b486f0L,0x13abf26bbac641L,0x53da38478fc3eeL,
-        0x3c22eff379bf55L } },
-    /* 144 */
-    { { 0x0163f484770ee3L,0x7f28e8942e0cbfL,0x5f86cb51b43831L,
-        0x00feccd4e4782fL,0x40e5b417eafe7dL,0x79e5742bbea228L,
-        0x3717154aa469beL },
-      { 0x271d74a270f721L,0x40eb400890b70cL,0x0e37be81d4cb02L,
-        0x786907f4e8d43fL,0x5a1f5b590a7acbL,0x048861883851fdL,
-        0x11534a1e563dbbL } },
-    /* 145 */
-    { { 0x37a6357c525435L,0x6afe6f897b78a5L,0x7b7ff311d4f67bL,
-        0x38879df15dc9f4L,0x727def7b8ba987L,0x20285dd0db4436L,
-        0x156b0fc64b9243L },
-      { 0x7e3a6ec0c1c390L,0x668a88d9bcf690L,0x5925aba5440dbeL,
-        0x0f6891a044f593L,0x70b46edfed4d97L,0x1a6cc361bab201L,
-        0x046f5bc6e160bcL } },
-    /* 146 */
-    { { 0x79350f076bc9d1L,0x077d9e79a586b9L,0x0896bc0c705764L,
-        0x58e632b90e7e46L,0x14e87e0ad32488L,0x4b1bb3f72c6e00L,
-        0x3c3ce9684a5fc5L },
-      { 0x108fbaf1f703aaL,0x08405ecec17577L,0x199a8e2d44be73L,
-        0x2eb22ed0067763L,0x633944deda3300L,0x20d739eb8e5efbL,
-        0x2bbbd94086b532L } },
-    /* 147 */
-    { { 0x03c8b17a19045dL,0x6205a0a504980bL,0x67fdb3e962b9f0L,
-        0x16399e01511a4bL,0x44b09fe9dffc96L,0x00a74ff44a1381L,
-        0x14590deed3f886L },
-      { 0x54e3d5c2a23ddbL,0x310e5138209d28L,0x613f45490c1c9bL,
-        0x6bbc85d44bbec8L,0x2f85fc559e73f6L,0x0d71fa7d0fa8cbL,
-        0x2898571d17fbb9L } },
-    /* 148 */
-    { { 0x5607a84335167dL,0x3009c1eb910f91L,0x7ce63447e62d0bL,
-        0x03a0633afcf89eL,0x1234b5aaa50872L,0x5a307b534d547bL,
-        0x2f4e97138a952eL },
-      { 0x13914c2db0f658L,0x6cdcb47e6e75baL,0x5549169caca772L,
-        0x0f20423dfeb16fL,0x6b1ae19d180239L,0x0b7b3bee9b7626L,
-        0x1ca81adacfe4efL } },
-    /* 149 */
-    { { 0x219ec3ad19d96fL,0x3549f6548132dbL,0x699889c7aacd0bL,
-        0x74602a58730b19L,0x62dc63bcece81cL,0x316f991c0c317aL,
-        0x2b8627867b95e3L },
-      { 0x67a25ddced1eedL,0x7e14f0eba756e7L,0x0873fbc09b0495L,
-        0x0fefb0e16596adL,0x03e6cd98ef39bbL,0x1179b1cded249dL,
-        0x35c79c1db1edc2L } },
-    /* 150 */
-    { { 0x1368309d4245bfL,0x442e55852a7667L,0x095b0f0f348b65L,
-        0x6834cf459dfad4L,0x6645950c9be910L,0x06bd81288c71e6L,
-        0x1b015b6e944edfL },
-      { 0x7a6a83045ab0e3L,0x6afe88b9252ad0L,0x2285bd65523502L,
-        0x6c78543879a282L,0x1c5e264b5c6393L,0x3a820c6a7453eeL,
-        0x37562d1d61d3c3L } },
-    /* 151 */
-    { { 0x6c084f62230c72L,0x599490270bc6cfL,0x1d3369ddd3c53dL,
-        0x516ddb5fac5da0L,0x35ab1e15011b1aL,0x5fba9106d3a180L,
-        0x3be0f092a0917cL },
-      { 0x57328f9fdc2538L,0x0526323fc8d5f6L,0x10cbb79521e602L,
-        0x50d01167147ae2L,0x2ec7f1b3cda99eL,0x43073cc736e7beL,
-        0x1ded89cadd83a6L } },
-    /* 152 */
-    { { 0x1d51bda65d56d5L,0x63f2fd4d2dc056L,0x326413d310ea6dL,
-        0x3abba5bca92876L,0x6b9aa8bc4d6ebeL,0x1961c687f15d5dL,
-        0x311cf07464c381L },
-      { 0x2321b1064cd8aeL,0x6e3caac4443850L,0x3346fc4887d2d0L,
-        0x1640417e0e640fL,0x4a958a52a07a9eL,0x1346a1b1cb374cL,
-        0x0a793cf79beccbL } },
-    /* 153 */
-    { { 0x29d56cba89aaa5L,0x1581898c0b3c15L,0x1af5b77293c082L,
-        0x1617ba53a006ceL,0x62dd3b384e475fL,0x71a9820c3f962aL,
-        0x0e4938920b854eL },
-      { 0x0b8d98849808abL,0x64c14923546de7L,0x6a20883b78a6fcL,
-        0x72de211428acd6L,0x009678b47915bbL,0x21b5269ae5dae6L,
-        0x313cc0e60b9457L } },
-    /* 154 */
-    { { 0x69ee421b1de38bL,0x44b484c6cec1c7L,0x0240596c6a8493L,
-        0x2321a62c85fb9eL,0x7a10921802a341L,0x3d2a95507e45c3L,
-        0x0752f40f3b6714L },
-      { 0x596a38798751e6L,0x46bf186a0feb85L,0x0b23093e23b49cL,
-        0x1bfa7bc5afdc07L,0x4ba96f873eefadL,0x292e453fae9e44L,
-        0x2773646667b75cL } },
-    /* 155 */
-    { { 0x1f81a64e94f22aL,0x3125ee3d8683ddL,0x76a660a13b9582L,
-        0x5aa584c3640c6eL,0x27cc99fd472953L,0x7048f4d58061d1L,
-        0x379a1397ac81e8L },
-      { 0x5d1ecd2b6b956bL,0x0829e0366b0697L,0x49548cec502421L,
-        0x7af5e2f717c059L,0x329a25a0fec54eL,0x028e99e4bcd7f1L,
-        0x071d5fe81fca78L } },
-    /* 156 */
-    { { 0x4b5c4aeb0fdfe4L,0x1367e11326ce37L,0x7c16f020ef5f19L,
-        0x3c55303d77b471L,0x23a4457a06e46aL,0x2174426dd98424L,
-        0x226f592114bd69L },
-      { 0x4411b94455f15aL,0x52e0115381fae4L,0x45b6d8efbc8f7eL,
-        0x58b1221bd86d26L,0x284fb6f8a7ec1fL,0x045835939ddd30L,
-        0x0216960accd598L } },
-    /* 157 */
-    { { 0x4b61f9ec1f138aL,0x4460cd1e18502bL,0x277e4fce3c4726L,
-        0x0244246d6414b9L,0x28fbfcef256984L,0x3347ed0db40577L,
-        0x3b57fa9e044718L },
-      { 0x4f73bcd6d1c833L,0x2c0d0dcf7f0136L,0x2010ac75454254L,
-        0x7dc4f6151539a8L,0x0b8929ef6ea495L,0x517e20119d2bdfL,
-        0x1e29f9a126ba15L } },
-    /* 158 */
-    { { 0x683a7c10470cd8L,0x0d05f0dbe0007fL,0x2f6a5026d649cdL,
-        0x249ce2fdaed603L,0x116dc1e7a96609L,0x199bd8d82a0b98L,
-        0x0694ad0219aeb2L },
-      { 0x03a3656e864045L,0x4e552273df82a6L,0x19bcc7553d17abL,
-        0x74ac536c1df632L,0x440302fb4a86f6L,0x1becec0e31c9feL,
-        0x002045f8fa46b8L } },
-    /* 159 */
-    { { 0x5833ba384310a2L,0x1db83fad93f8baL,0x0a12713ee2f7edL,
-        0x40e0f0fdcd2788L,0x1746de5fb239a5L,0x573748965cfa15L,
-        0x1e3dedda0ef650L },
-      { 0x6c8ca1c87607aeL,0x785dab9554fc0eL,0x649d8f91860ac8L,
-        0x4436f88b52c0f9L,0x67f22ca8a5e4a3L,0x1f990fd219e4c9L,
-        0x013dd21c08573fL } },
-    /* 160 */
-    { { 0x05d116141d161cL,0x5c1d2789da2ea5L,0x11f0d861f99f34L,
-        0x692c2650963153L,0x3bd69f5329539eL,0x215898eef8885fL,
-        0x041f79dd86f7f1L },
-      { 0x76dcc5e96beebdL,0x7f2b50cb42a332L,0x067621cabef8abL,
-        0x31e0be607054edL,0x4c67c5e357a3daL,0x5b1a63fbfb1c2bL,
-        0x3112efbf5e5c31L } },
-    /* 161 */
-    { { 0x3f83e24c0c62f1L,0x51dc9c32aae4e0L,0x2ff89b33b66c78L,
-        0x21b1c7d354142cL,0x243d8d381c84bcL,0x68729ee50cf4b7L,
-        0x0ed29e0f442e09L },
-      { 0x1ad7b57576451eL,0x6b2e296d6b91dcL,0x53f2b306e30f42L,
-        0x3964ebd9ee184aL,0x0a32855df110e4L,0x31f2f90ddae05fL,
-        0x3410cd04e23702L } },
-    /* 162 */
-    { { 0x60d1522ca8f2feL,0x12909237a83e34L,0x15637f80d58590L,
-        0x3c72431b6d714dL,0x7c8e59a615bea2L,0x5f977b688ef35aL,
-        0x071c198c0b3ab0L },
-      { 0x2b54c699699b4bL,0x14da473c2fd0bcL,0x7ba818ea0ad427L,
-        0x35117013940b2fL,0x6e1df6b5e609dbL,0x3f42502720b64dL,
-        0x01ee7dc890e524L } },
-    /* 163 */
-    { { 0x12ec1448ff4e49L,0x3e2edac882522bL,0x20455ab300f93aL,
-        0x5849585bd67c14L,0x0393d5aa34ba8bL,0x30f9a1f2044fa7L,
-        0x1059c9377a93e0L },
-      { 0x4e641cc0139e73L,0x0d9f23c9b0fa78L,0x4b2ad87e2b83f9L,
-        0x1c343a9f6d9e3cL,0x1098a4cb46de4dL,0x4ddc893843a41eL,
-        0x1797f4167d6e3aL } },
-    /* 164 */
-    { { 0x4add4675856031L,0x499bd5e5f7a0ffL,0x39ea1f1202271eL,
-        0x0ecd7480d7a91eL,0x395f5e5fc10956L,0x0fa7f6b0c9f79bL,
-        0x2fad4623aed6cbL },
-      { 0x1563c33ae65825L,0x29881cafac827aL,0x50650baf4c45a1L,
-        0x034aad988fb9e9L,0x20a6224dc5904cL,0x6fb141a990732bL,
-        0x3ec9ae1b5755deL } },
-    /* 165 */
-    { { 0x3108e7c686ae17L,0x2e73a383b4ad8aL,0x4e6bb142ba4243L,
-        0x24d355922c1d80L,0x2f850dd9a088baL,0x21c50325dd5e70L,
-        0x33237dd5bd7fa4L },
-      { 0x7823a39cab7630L,0x1535f71cff830eL,0x70d92ff0599261L,
-        0x227154d2a2477cL,0x495e9bbb4f871cL,0x40d2034835686bL,
-        0x31b08f97eaa942L } },
-    /* 166 */
-    { { 0x0016c19034d8ddL,0x68961627cf376fL,0x6acc90681615aeL,
-        0x6bc7690c2e3204L,0x6ddf28d2fe19a2L,0x609b98f84dae4dL,
-        0x0f32bfd7c94413L },
-      { 0x7d7edc6b21f843L,0x49bbd2ebbc9872L,0x593d6ada7b6a23L,
-        0x55736602939e9cL,0x79461537680e39L,0x7a7ee9399ca7cdL,
-        0x008776f6655effL } },
-    /* 167 */
-    { { 0x64585f777233cfL,0x63ec12854de0f6L,0x6b7f9bbbc3f99dL,
-        0x301c014b1b55d3L,0x7cf3663bbeb568L,0x24959dcb085bd1L,
-        0x12366aa6752881L },
-      { 0x77a74c0da5e57aL,0x3279ca93ad939fL,0x33c3c8a1ef08c9L,
-        0x641b05ab42825eL,0x02f416d7d098dbL,0x7e3d58be292b68L,
-        0x1864dbc46e1f46L } },
-    /* 168 */
-    { { 0x1da167b8153a9dL,0x47593d07d9e155L,0x386d984e12927fL,
-        0x421a6f08a60c7cL,0x5ae9661c24dab3L,0x7927b2e7874507L,
-        0x3266ea80609d53L },
-      { 0x7d198f4c26b1e3L,0x430d4ea2c4048eL,0x58d8ab77e84ba3L,
-        0x1cb14299c37297L,0x6db6031e8f695cL,0x159bd855e26d55L,
-        0x3f3f6d318a73ddL } },
-    /* 169 */
-    { { 0x3ee958cca40298L,0x02a7e5eba32ad6L,0x43b4bab96f0e1eL,
-        0x534be79062b2b1L,0x029ead089b37e3L,0x4d585da558f5aaL,
-        0x1f9737eb43c376L },
-      { 0x0426dfd9b86202L,0x4162866bc0a9f3L,0x18fc518e7bb465L,
-        0x6db63380fed812L,0x421e117f709c30L,0x1597f8d0f5cee6L,
-        0x04ffbf1289b06aL } },
-    /* 170 */
-    { { 0x61a1987ffa0a5fL,0x42058c7fc213c6L,0x15b1d38447d2c9L,
-        0x3d5f5d7932565eL,0x5db754af445fa7L,0x5d489189fba499L,
-        0x02c4c55f51141bL },
-      { 0x26b15972e9993dL,0x2fc90bcbd97c45L,0x2ff60f8684b0f1L,
-        0x1dc641dd339ab0L,0x3e38e6be23f82cL,0x3368162752c817L,
-        0x19bba80ceb45ceL } },
-    /* 171 */
-    { { 0x7c6e95b4c6c693L,0x6bbc6d5efa7093L,0x74d7f90bf3bf1cL,
-        0x54d5be1f0299a1L,0x7cb24f0aa427c6L,0x0a18f3e086c941L,
-        0x058a1c90e4faefL },
-      { 0x3d6bd016927e1eL,0x1da4ce773098b8L,0x2133522e690056L,
-        0x0751416d3fc37eL,0x1beed1643eda66L,0x5288b6727d5c54L,
-        0x199320e78655c6L } },
-    /* 172 */
-    { { 0x74575027eeaf94L,0x124bd533c3ceaeL,0x69421ab7a8a1d7L,
-        0x37f2127e093f3dL,0x40281765252a08L,0x25a228798d856dL,
-        0x326eca62759c4cL },
-      { 0x0c337c51acb0a5L,0x122ba78c1ef110L,0x02498adbb68dc4L,
-        0x67240c124b089eL,0x135865d25d9f89L,0x338a76d5ae5670L,
-        0x03a8efaf130385L } },
-    /* 173 */
-    { { 0x3a450ac5e49beaL,0x282af80bb4b395L,0x6779eb0db1a139L,
-        0x737cabdd174e55L,0x017b14ca79b5f2L,0x61fdef6048e137L,
-        0x3acc12641f6277L },
-      { 0x0f730746fe5096L,0x21d05c09d55ea1L,0x64d44bddb1a560L,
-        0x75e5035c4778deL,0x158b7776613513L,0x7b5efa90c7599eL,
-        0x2caa0791253b95L } },
-    /* 174 */
-    { { 0x288e5b6d53e6baL,0x435228909d45feL,0x33b4cf23b2a437L,
-        0x45b352017d6db0L,0x4372d579d6ef32L,0x0fa9e5badbbd84L,
-        0x3a78cff24759bbL },
-      { 0x0899d2039eab6eL,0x4cf47d2f76bc22L,0x373f739a3a8c69L,
-        0x09beaa5b1000b3L,0x0acdfbe83ebae5L,0x10c10befb0e900L,
-        0x33d2ac4cc31be3L } },
-    /* 175 */
-    { { 0x765845931e08fbL,0x2a3c2a0dc58007L,0x7270da587d90e1L,
-        0x1ee648b2bc8f86L,0x5d2ca68107b29eL,0x2b7064846e9e92L,
-        0x3633ed98dbb962L },
-      { 0x5e0f16a0349b1bL,0x58d8941f570ca4L,0x20abe376a4cf34L,
-        0x0f4bd69a360977L,0x21eb07cc424ba7L,0x720d2ecdbbe6ecL,
-        0x255597d5a97c34L } },
-    /* 176 */
-    { { 0x67bbf21a0f5e94L,0x422a3b05a64fc1L,0x773ac447ebddc7L,
-        0x1a1331c08019f1L,0x01ef6d269744ddL,0x55f7be5b3b401aL,
-        0x072e031c681273L },
-      { 0x7183289e21c677L,0x5e0a3391f3162fL,0x5e02d9e65d914aL,
-        0x07c79ea1adce2fL,0x667ca5c2e1cbe4L,0x4f287f22caccdaL,
-        0x27eaa81673e75bL } },
-    /* 177 */
-    { { 0x5246180a078fe6L,0x67cc8c9fa3bb15L,0x370f8dd123db31L,
-        0x1938dafa69671aL,0x5af72624950c5eL,0x78cc5221ebddf8L,
-        0x22d616fe2a84caL },
-      { 0x723985a839327fL,0x24fa95584a5e22L,0x3d8a5b3138d38bL,
-        0x3829ef4a017acfL,0x4f09b00ae055c4L,0x01df84552e4516L,
-        0x2a7a18993e8306L } },
-    /* 178 */
-    { { 0x7b6224bc310eccL,0x69e2cff429da16L,0x01c850e5722869L,
-        0x2e4889443ee84bL,0x264a8df1b3d09fL,0x18a73fe478d0d6L,
-        0x370b52740f9635L },
-      { 0x52b7d3a9d6f501L,0x5c49808129ee42L,0x5b64e2643fd30cL,
-        0x27d903fe31b32cL,0x594cb084d078f9L,0x567fb33e3ae650L,
-        0x0db7be9932cb65L } },
-    /* 179 */
-    { { 0x19b78113ed7cbeL,0x002b2f097a1c8cL,0x70b1dc17fa5794L,
-        0x786e8419519128L,0x1a45ba376af995L,0x4f6aa84b8d806cL,
-        0x204b4b3bc7ca47L },
-      { 0x7581a05fd94972L,0x1c73cadb870799L,0x758f6fefc09b88L,
-        0x35c62ba8049b42L,0x6f5e71fc164cc3L,0x0cd738b5702721L,
-        0x10021afac9a423L } },
-    /* 180 */
-    { { 0x654f7937e3c115L,0x5d198288b515cbL,0x4add965c25a6e3L,
-        0x5a37df33cd76ffL,0x57bb7e288e1631L,0x049b69089e1a31L,
-        0x383a88f4122a99L },
-      { 0x4c0e4ef3d80a73L,0x553c77ac9f30e2L,0x20bb18c2021e82L,
-        0x2aec0d1c4225c5L,0x397fce0ac9c302L,0x2ab0c2a246e8aaL,
-        0x02e5e5190be080L } },
-    /* 181 */
-    { { 0x7a255a4ae03080L,0x0d68b01513f624L,0x29905bd4e48c8cL,
-        0x1d81507027466bL,0x1684aaeb70dee1L,0x7dd460719f0981L,
-        0x29c43b0f0a390cL },
-      { 0x272567681b1f7dL,0x1d2a5f8502e0efL,0x0fd5cd6b221befL,
-        0x5eb4749e9a0434L,0x7d1553a324e2a6L,0x2eefd8e86a7804L,
-        0x2ad80d5335109cL } },
-    /* 182 */
-    { { 0x25342aef4c209dL,0x24e811ac4e0865L,0x3f209757f8ae9dL,
-        0x1473ff8a5da57bL,0x340f61c3919cedL,0x7523bf85fb9bc0L,
-        0x319602ebca7cceL },
-      { 0x121e7541d442cbL,0x4ffa748e49c95cL,0x11493cd1d131dcL,
-        0x42b215172ab6b5L,0x045fd87e13cc77L,0x0ae305df76342fL,
-        0x373b033c538512L } },
-    /* 183 */
-    { { 0x389541e9539819L,0x769f3b29b7e239L,0x0d05f695e3232cL,
-        0x029d04f0e9a9fbL,0x58b78b7a697fb8L,0x7531b082e6386bL,
-        0x215d235bed95a9L },
-      { 0x503947c1859c5dL,0x4b82a6ba45443fL,0x78328eab71b3a5L,
-        0x7d8a77f8cb3509L,0x53fcd9802e41d4L,0x77552091976edbL,
-        0x226c60ad7a5156L } },
-    /* 184 */
-    { { 0x77ad6a43360710L,0x0fdeabd326d7aeL,0x4012886c92104aL,
-        0x2d6c378dd7ae33L,0x7e72ef2c0725f3L,0x4a4671f4ca18e0L,
-        0x0afe3b4bb6220fL },
-      { 0x212cf4b56e0d6aL,0x7c24d086521960L,0x0662cf71bd414dL,
-        0x1085b916c58c25L,0x781eed2be9a350L,0x26880e80db6ab2L,
-        0x169e356442f061L } },
-    /* 185 */
-    { { 0x57aa2ad748b02cL,0x68a34256772a9aL,0x1591c44962f96cL,
-        0x110a9edd6e53d2L,0x31eab597e091a3L,0x603e64e200c65dL,
-        0x2f66b72e8a1cfcL },
-      { 0x5c79d138543f7fL,0x412524363fdfa3L,0x547977e3b40008L,
-        0x735ca25436d9f7L,0x232b4888cae049L,0x27ce37a53d8f23L,
-        0x34d45881a9b470L } },
-    /* 186 */
-    { { 0x76b95255924f43L,0x035c9f3bd1aa5dL,0x5eb71a010b4bd0L,
-        0x6ce8dda7e39f46L,0x35679627ea70c0L,0x5c987767c7d77eL,
-        0x1fa28952b620b7L },
-      { 0x106f50b5924407L,0x1cc3435a889411L,0x0597cdce3bc528L,
-        0x738f8b0d5077d1L,0x5894dd60c7dd6aL,0x0013d0721f5e2eL,
-        0x344573480527d3L } },
-    /* 187 */
-    { { 0x2e2c1da52abf77L,0x394aa8464ad05eL,0x095259b7330a83L,
-        0x686e81cf6a11f5L,0x405c7e48c93c7cL,0x65c3ca9444a2ecL,
-        0x07bed6c59c3563L },
-      { 0x51f9d994fb1471L,0x3c3ecfa5283b4eL,0x494dccda63f6ccL,
-        0x4d07b255363a75L,0x0d2b6d3155d118L,0x3c688299fc9497L,
-        0x235692fa3dea3aL } },
-    /* 188 */
-    { { 0x16b4d452669e98L,0x72451fa85406b9L,0x674a145d39151fL,
-        0x325ffd067ae098L,0x527e7805cd1ae0L,0x422a1d1789e48dL,
-        0x3e27be63f55e07L },
-      { 0x7f95f6dee0b63fL,0x008e444cc74969L,0x01348f3a72b614L,
-        0x000cfac81348c3L,0x508ae3e5309ce5L,0x2584fcdee44d34L,
-        0x3a4dd994899ee9L } },
-    /* 189 */
-    { { 0x4d289cc0368708L,0x0e5ebc60dc3b40L,0x78cc44bfab1162L,
-        0x77ef2173b7d11eL,0x06091718e39746L,0x30fe19319b83a4L,
-        0x17e8f2988529c6L },
-      { 0x68188bdcaa9f2aL,0x0e64b1350c1bddL,0x5b18ebac7cc4b3L,
-        0x75315a9fcc046eL,0x36e9770fd43db4L,0x54c5857fc69121L,
-        0x0417e18f3e909aL } },
-    /* 190 */
-    { { 0x29795db38059adL,0x6efd20c8fd4016L,0x3b6d1ce8f95a1aL,
-        0x4db68f177f8238L,0x14ec7278d2340fL,0x47bd77ff2b77abL,
-        0x3d2dc8cd34e9fcL },
-      { 0x285980a5a83f0bL,0x08352e2d516654L,0x74894460481e1bL,
-        0x17f6f3709c480dL,0x6b590d1b55221eL,0x45c100dc4c9be9L,
-        0x1b13225f9d8b91L } },
-    /* 191 */
-    { { 0x0b905fb4b41d9dL,0x48cc8a474cb7a2L,0x4eda67e8de09b2L,
-        0x1de47c829adde8L,0x118ad5b9933d77L,0x7a12665ac3f9a4L,
-        0x05631a4fb52997L },
-      { 0x5fb2a8e6806e63L,0x27d96bbcca369bL,0x46066f1a6b8c7bL,
-        0x63b58fc7ca3072L,0x170a36229c0d62L,0x57176f1e463203L,
-        0x0c7ce083e73b9cL } },
-    /* 192 */
-    { { 0x31caf2c09e1c72L,0x6530253219e9d2L,0x7650c98b601c57L,
-        0x182469f99d56c0L,0x415f65d292b7a7L,0x30f62a55549b8eL,
-        0x30f443f643f465L },
-      { 0x6b35c575ddadd0L,0x14a23cf6d299eeL,0x2f0198c0967d7dL,
-        0x1013058178d5bfL,0x39da601c9cc879L,0x09d8963ec340baL,
-        0x1b735db13ad2a7L } },
-    /* 193 */
-    { { 0x20916ffdc83f01L,0x16892aa7c9f217L,0x6bff179888d532L,
-        0x4adf3c3d366288L,0x41a62b954726aeL,0x3139609022aeb6L,
-        0x3e8ab9b37aff7aL },
-      { 0x76bbc70f24659aL,0x33fa98513886c6L,0x13b26af62c4ea6L,
-        0x3c4d5826389a0cL,0x526ec28c02bf6aL,0x751ff083d79a7cL,
-        0x110ac647990224L } },
-    /* 194 */
-    { { 0x2c6c62fa2b6e20L,0x3d37edad30c299L,0x6ef25b44b65fcaL,
-        0x7470846914558eL,0x712456eb913275L,0x075a967a9a280eL,
-        0x186c8188f2a2a0L },
-      { 0x2f3b41a6a560b1L,0x3a8070b3f9e858L,0x140936ff0e1e78L,
-        0x5fd298abe6da8aL,0x3823a55d08f153L,0x3445eafaee7552L,
-        0x2a5fc96731a8b2L } },
-    /* 195 */
-    { { 0x06317be58edbbbL,0x4a38f3bfbe2786L,0x445b60f75896b7L,
-        0x6ec7c92b5adf57L,0x07b6be8038a441L,0x1bcfe002879655L,
-        0x2a2174037d6d0eL },
-      { 0x776790cf9e48bdL,0x73e14a2c4ed1d3L,0x7eb5ed5f2fc2f7L,
-        0x3e0aedb821b384L,0x0ee3b7e151c12fL,0x51a6a29e044bb2L,
-        0x0ba13a00cb0d86L } },
-    /* 196 */
-    { { 0x77607d563ec8d8L,0x023fc726996e44L,0x6bd63f577a9986L,
-        0x114a6351e53973L,0x3efe97989da046L,0x1051166e117ed7L,
-        0x0354933dd4fb5fL },
-      { 0x7699ca2f30c073L,0x4c973b83b9e6d3L,0x2017c2abdbc3e8L,
-        0x0cdcdd7a26522bL,0x511070f5b23c7dL,0x70672327e83d57L,
-        0x278f842b4a9f26L } },
-    /* 197 */
-    { { 0x0824f0d4ae972fL,0x60578dd08dcf52L,0x48a74858290fbbL,
-        0x7302748bf23030L,0x184b229a178acfL,0x3e8460ade089d6L,
-        0x13f2b557fad533L },
-      { 0x7f96f3ae728d15L,0x018d8d40066341L,0x01fb94955a289aL,
-        0x2d32ed6afc2657L,0x23f4f5e462c3acL,0x60eba5703bfc5aL,
-        0x1b91cc06f16c7aL } },
-    /* 198 */
-    { { 0x411d68af8219b9L,0x79cca36320f4eeL,0x5c404e0ed72e20L,
-        0x417cb8692e43f2L,0x305d29c7d98599L,0x3b754d5794a230L,
-        0x1c97fb4be404e9L },
-      { 0x7cdbafababd109L,0x1ead0eb0ca5090L,0x1a2b56095303e3L,
-        0x75dea935012c8fL,0x67e31c071b1d1dL,0x7c324fbfd172c3L,
-        0x157e257e6498f7L } },
-    /* 199 */
-    { { 0x19b00db175645bL,0x4c4f6cb69725f1L,0x36d9ce67bd47ceL,
-        0x2005e105179d64L,0x7b952e717867feL,0x3c28599204032cL,
-        0x0f5659d44fb347L },
-      { 0x1ebcdedb979775L,0x4378d45cfd11a8L,0x14c85413ca66e9L,
-        0x3dd17d681c8a4dL,0x58368e7dc23142L,0x14f3eaac6116afL,
-        0x0adb45b255f6a0L } },
-    /* 200 */
-    { { 0x2f5e76279ad982L,0x125b3917034d09L,0x3839a6399e6ed3L,
-        0x32fe0b3ebcd6a2L,0x24ccce8be90482L,0x467e26befcc187L,
-        0x2828434e2e218eL },
-      { 0x17247cd386efd9L,0x27f36a468d85c3L,0x65e181ef203bbfL,
-        0x0433a6761120afL,0x1d607a2a8f8625L,0x49f4e55a13d919L,
-        0x3367c3b7943e9dL } },
-    /* 201 */
-    { { 0x3391c7d1a46d4dL,0x38233d602d260cL,0x02127a0f78b7d4L,
-        0x56841c162c24c0L,0x4273648fd09aa8L,0x019480bb0e754eL,
-        0x3b927987b87e58L },
-      { 0x6676be48c76f73L,0x01ec024e9655aeL,0x720fe1c6376704L,
-        0x17e06b98885db3L,0x656adec85a4200L,0x73780893c3ce88L,
-        0x0a339cdd8df664L } },
-    /* 202 */
-    { { 0x69af7244544ac7L,0x31ab7402084d2fL,0x67eceb7ef7cb19L,
-        0x16f8583b996f61L,0x1e208d12faf91aL,0x4a91584ce4a42eL,
-        0x3e08337216c93eL },
-      { 0x7a6eea94f4cf77L,0x07a52894678c60L,0x302dd06b14631eL,
-        0x7fddb7225c9ceaL,0x55e441d7acd153L,0x2a00d4490b0f44L,
-        0x053ef125338cdbL } },
-    /* 203 */
-    { { 0x120c0c51584e3cL,0x78b3efca804f37L,0x662108aefb1dccL,
-        0x11deb55f126709L,0x66def11ada8125L,0x05bbc0d1001711L,
-        0x1ee1c99c7fa316L },
-      { 0x746f287de53510L,0x1733ef2e32d09cL,0x1df64a2b0924beL,
-        0x19758da8f6405eL,0x28f6eb3913e484L,0x7175a1090cc640L,
-        0x048aee0d63f0bcL } },
-    /* 204 */
-    { { 0x1f3b1e3b0b29c3L,0x48649f4882a215L,0x485eca3a9e0dedL,
-        0x4228ba85cc82e4L,0x36da1f39bc9379L,0x1659a7078499d1L,
-        0x0a67d5f6c04188L },
-      { 0x6ac39658afdce3L,0x0d667a0bde8ef6L,0x0ae6ec0bfe8548L,
-        0x6d9cb2650571bfL,0x54bea107760ab9L,0x705c53bd340cf2L,
-        0x111a86b610c70fL } },
-    /* 205 */
-    { { 0x7ecea05c6b8195L,0x4f8be93ce3738dL,0x305de9eb9f5d12L,
-        0x2c3b9d3d474b56L,0x673691a05746c3L,0x2e3482c428c6eaL,
-        0x2a8085fde1f472L },
-      { 0x69d15877fd3226L,0x4609c9ec017cc3L,0x71e9b7fc1c3dbcL,
-        0x4f8951254e2675L,0x63ee9d15afa010L,0x0f05775b645190L,
-        0x28a0a439397ae3L } },
-    /* 206 */
-    { { 0x387fa03e9de330L,0x40cc32b828b6abL,0x02a482fbc04ac9L,
-        0x68cad6e70429b7L,0x741877bff6f2c4L,0x48efe633d3b28bL,
-        0x3e612218fe24b3L },
-      { 0x6fc1d34fe37657L,0x3d04b9e1c8b5a1L,0x6a2c332ef8f163L,
-        0x7ca97e2b135690L,0x37357d2a31208aL,0x29f02f2332bd68L,
-        0x17c674c3e63a57L } },
-    /* 207 */
-    { { 0x683d9a0e6865bbL,0x5e77ec68ad4ce5L,0x4d18f236788bd6L,
-        0x7f34b87204f4e3L,0x391ca40e9e578dL,0x3470ed6ddf4e23L,
-        0x225544b3e50989L },
-      { 0x48eda8cb4e462bL,0x2a948825cf9109L,0x473adedc7e1300L,
-        0x37b843b82192edL,0x2b9ac1537dde36L,0x4efe7412732332L,
-        0x29cc5981b5262bL } },
-    /* 208 */
-    { { 0x190d2fcad260f5L,0x7c53dd81d18027L,0x003def5f55db0eL,
-        0x7f5ed25bee2df7L,0x2b87e9be167d2eL,0x2b999c7bbcd224L,
-        0x1d68a2c260ad50L },
-      { 0x010bcde84607a6L,0x0250de9b7e1bedL,0x746d36bfaf1b56L,
-        0x3359475ff56abbL,0x7e84b9bc440b20L,0x2eaa7e3b52f162L,
-        0x01165412f36a69L } },
-    /* 209 */
-    { { 0x639a02329e5836L,0x7aa3ee2e4d3a27L,0x5bc9b258ecb279L,
-        0x4cb3dfae2d62c6L,0x08d9d3b0c6c437L,0x5a2c177d47eab2L,
-        0x36120479fc1f26L },
-      { 0x7609a75bd20e4aL,0x3ba414e17551fcL,0x42cd800e1b90c9L,
-        0x04921811b88f9bL,0x4443697f9562fdL,0x3a8081b8186959L,
-        0x3f5b5c97379e73L } },
-    /* 210 */
-    { { 0x6fd0e3cf13eafbL,0x3976b5415cbf67L,0x4de40889e48402L,
-        0x17e4d36f24062aL,0x16ae7755cf334bL,0x2730ac94b7e0e1L,
-        0x377592742f48e0L },
-      { 0x5e10b18a045041L,0x682792afaae5a1L,0x19383ec971b816L,
-        0x208b17dae2ffc0L,0x439f9d933179b6L,0x55485a9090bcaeL,
-        0x1c316f42a2a35cL } },
-    /* 211 */
-    { { 0x67173897bdf646L,0x0b6956653ef94eL,0x5be3c97f7ea852L,
-        0x3110c12671f08eL,0x2474076a3fc7ecL,0x53408be503fe72L,
-        0x09155f53a5b44eL },
-      { 0x5c804bdd4c27cdL,0x61e81eb8ffd50eL,0x2f7157fdf84717L,
-        0x081f880d646440L,0x7aa892acddec51L,0x6ae70683443f33L,
-        0x31ed9e8b33a75aL } },
-    /* 212 */
-    { { 0x0d724f8e357586L,0x1febbec91b4134L,0x6ff7b98a9475fdL,
-        0x1c4d9b94e1f364L,0x2b8790499cef00L,0x42fd2080a1b31dL,
-        0x3a3bbc6d9b0145L },
-      { 0x75bfebc37e3ca9L,0x28db49c1723bd7L,0x50b12fa8a1f17aL,
-        0x733d95bbc84b98L,0x45ede81f6c109eL,0x18f5e46fb37b5fL,
-        0x34b980804aaec1L } },
-    /* 213 */
-    { { 0x56060c8a4f57bfL,0x0d2dfe223054c2L,0x718a5bbc03e5d6L,
-        0x7b3344cc19b3b9L,0x4d11c9c054bcefL,0x1f5ad422c22e33L,
-        0x2609299076f86bL },
-      { 0x7b7a5fba89fd01L,0x7013113ef3b016L,0x23d5e0a173e34eL,
-        0x736c14462f0f50L,0x1ef5f7ac74536aL,0x4baba6f4400ea4L,
-        0x17b310612c9828L } },
-    /* 214 */
-    { { 0x4ebb19a708c8d3L,0x209f8c7f03d9bbL,0x00461cfe5798fbL,
-        0x4f93b6ae822fadL,0x2e5b33b5ad5447L,0x40b024e547a84bL,
-        0x22ffad40443385L },
-      { 0x33809c888228bfL,0x559f655fefbe84L,0x0032f529fd2f60L,
-        0x5a2191ece3478cL,0x5b957fcd771246L,0x6fec181f9ed123L,
-        0x33eed3624136a3L } },
-    /* 215 */
-    { { 0x6a5df93b26139aL,0x55076598fd7134L,0x356a592f34f81dL,
-        0x493c6b5a3d4741L,0x435498a4e2a39bL,0x2cd26a0d931c88L,
-        0x01925ea3fc7835L },
-      { 0x6e8d992b1efa05L,0x79508a727c667bL,0x5f3c15e6b4b698L,
-        0x11b6c755257b93L,0x617f5af4b46393L,0x248d995b2b6656L,
-        0x339db62e2e22ecL } },
-    /* 216 */
-    { { 0x52537a083843dcL,0x6a283c82a768c7L,0x13aa6bf25227acL,
-        0x768d76ba8baf5eL,0x682977a6525808L,0x67ace52ac23b0bL,
-        0x2374b5a2ed612dL },
-      { 0x7139e60133c3a4L,0x715697a4f1d446L,0x4b018bf36677a0L,
-        0x1dd43837414d83L,0x505ec70730d4f6L,0x09ac100907fa79L,
-        0x21caad6e03217eL } },
-    /* 217 */
-    { { 0x0776d3999d4d49L,0x33bdd87e8bcff8L,0x1036b87f068fadL,
-        0x0a9b8ffde4c872L,0x7ab2533596b1eaL,0x305a88fb965378L,
-        0x3356d8fa4d65e5L },
-      { 0x3366fa77d1ff11L,0x1e0bdbdcd2075cL,0x46910cefc967caL,
-        0x7ce700737a1ff6L,0x1c5dc15409c9bdL,0x368436b9bdb595L,
-        0x3e7ccd6560b5efL } },
-    /* 218 */
-    { { 0x1443789422c792L,0x524792b1717f2bL,0x1f7c1d95048e7aL,
-        0x5cfe2a225b0d12L,0x245594d29ce85bL,0x20134d254ce168L,
-        0x1b83296803921aL },
-      { 0x79a78285b3beceL,0x3c738c3f3124d6L,0x6ab9d1fe0907cdL,
-        0x0652ceb7fc104cL,0x06b5f58c8ae3fdL,0x486959261c5328L,
-        0x0b3813ae677c90L } },
-    /* 219 */
-    { { 0x66b9941ac37b82L,0x651a4b609b0686L,0x046711edf3fc31L,
-        0x77f89f38faa89bL,0x2683ddbf2d5edbL,0x389ef1dfaa3c25L,
-        0x20b3616e66273eL },
-      { 0x3c6db6e0cb5d37L,0x5d7ae5dc342bc4L,0x74a1dc6c52062bL,
-        0x6f7c0bec109557L,0x5c51f7bc221d91L,0x0d7b5880745288L,
-        0x1c46c145c4b0ddL } },
-    /* 220 */
-    { { 0x59ed485ea99eccL,0x201b71956bc21dL,0x72d5c32f73de65L,
-        0x1aefd76547643eL,0x580a452cfb2c2dL,0x7cb1a63f5c4dc9L,
-        0x39a8df727737aaL },
-      { 0x365a341deca452L,0x714a1ad1689cbaL,0x16981d12c42697L,
-        0x5a124f4ac91c75L,0x1b2e3f2fedc0dbL,0x4a1c72b8e9d521L,
-        0x3855b4694e4e20L } },
-    /* 221 */
-    { { 0x16b3d047181ae9L,0x17508832f011afL,0x50d33cfeb2ebd1L,
-        0x1deae237349984L,0x147c641aa6adecL,0x24a9fb4ebb1ddbL,
-        0x2b367504a7a969L },
-      { 0x4c55a3d430301bL,0x379ef6a5d492cbL,0x3c56541fc0f269L,
-        0x73a546e91698ceL,0x2c2b62ee0b9b5dL,0x6284184d43d0efL,
-        0x0e1f5cf6a4b9f0L } },
-    /* 222 */
-    { { 0x44833e8cd3fdacL,0x28e6665cb71c27L,0x2f8bf87f4ddbf3L,
-        0x6cc6c767fb38daL,0x3bc114d734e8b5L,0x12963d5a78ca29L,
-        0x34532a161ece41L },
-      { 0x2443af5d2d37e9L,0x54e6008c8c452bL,0x2c55d54111cf1bL,
-        0x55ac7f7522575aL,0x00a6fba3f8575fL,0x3f92ef3b793b8dL,
-        0x387b97d69ecdf7L } },
-    /* 223 */
-    { { 0x0b464812d29f46L,0x36161daa626f9aL,0x5202fbdb264ca5L,
-        0x21245805ff1304L,0x7f9c4a65657885L,0x542d3887f9501cL,
-        0x086420deef8507L },
-      { 0x5e159aa1b26cfbL,0x3f0ef5ffd0a50eL,0x364b29663a432aL,
-        0x49c56888af32a8L,0x6f937e3e0945d1L,0x3cbdeec6d766cdL,
-        0x2d80d342ece61aL } },
-    /* 224 */
-    { { 0x255e3026d8356eL,0x4ddba628c4de9aL,0x074323b593e0d9L,
-        0x333bdb0a10eefbL,0x318b396e473c52L,0x6ebb5a95efd3d3L,
-        0x3f3bff52aa4e4fL },
-      { 0x3138a111c731d5L,0x674365e283b308L,0x5585edd9c416f2L,
-        0x466763d9070fd4L,0x1b568befce8128L,0x16eb040e7b921eL,
-        0x3d5c898687c157L } },
-    /* 225 */
-    { { 0x14827736973088L,0x4e110d53f301e6L,0x1f811b09870023L,
-        0x53b5e500dbcacaL,0x4ddf0df1e6a7dcL,0x1e9575fb10ce35L,
-        0x3fdc153644d936L },
-      { 0x763547e2260594L,0x26e5ae764efc59L,0x13be6f4d791a29L,
-        0x2021e61e3a0cf1L,0x339cd2b4a1c202L,0x5c7451e08f5121L,
-        0x3728b3a851be68L } },
-    /* 226 */
-    { { 0x78873653277538L,0x444b9ed2ee7156L,0x79ac8b8b069cd3L,
-        0x5f0e90933770e8L,0x307662c615389eL,0x40fe6d95a80057L,
-        0x04822170cf993cL },
-      { 0x677d5690fbfec2L,0x0355af4ae95cb3L,0x417411794fe79eL,
-        0x48daf87400a085L,0x33521d3b5f0aaaL,0x53567a3be00ff7L,
-        0x04712ccfb1cafbL } },
-    /* 227 */
-    { { 0x2b983283c3a7f3L,0x579f11b146a9a6L,0x1143d3b16a020eL,
-        0x20f1483ef58b20L,0x3f03e18d747f06L,0x3129d12f15de37L,
-        0x24c911f7222833L },
-      { 0x1e0febcf3d5897L,0x505e26c01cdaacL,0x4f45a9adcff0e9L,
-        0x14dfac063c5cebL,0x69e5ce713fededL,0x3481444a44611aL,
-        0x0ea49295c7fdffL } },
-    /* 228 */
-    { { 0x64554cb4093beeL,0x344b4b18dd81f6L,0x350f43b4de9b59L,
-        0x28a96a220934caL,0x4aa8da5689a515L,0x27171cbd518509L,
-        0x0cfc1753f47c95L },
-      { 0x7dfe091b615d6eL,0x7d1ee0aa0fb5c1L,0x145eef3200b7b5L,
-        0x33fe88feeab18fL,0x1d62d4f87453e2L,0x43b8db4e47fff1L,
-        0x1572f2b8b8f368L } },
-    /* 229 */
-    { { 0x6bc94e6b4e84f3L,0x60629dee586a66L,0x3bbad5fe65ca18L,
-        0x217670db6c2fefL,0x0320a7f4e3272aL,0x3ccff0d976a6deL,
-        0x3c26da8ae48cccL },
-      { 0x53ecf156778435L,0x7533064765a443L,0x6c5c12f03ca5deL,
-        0x44f8245350dabfL,0x342cdd777cf8b3L,0x2b539c42e9f58dL,
-        0x10138affc279b1L } },
-    /* 230 */
-    { { 0x1b135e204c5ddbL,0x40887dfeaa1d37L,0x7fb0ef83da76ffL,
-        0x521f2b79af55a5L,0x3f9b38b4c3f0d0L,0x20a9838cce61ceL,
-        0x24bb4e2f4b1e32L },
-      { 0x003f6aa386e27cL,0x68df59db0a0f8eL,0x21677d5192e713L,
-        0x14ab9757501276L,0x411944af961524L,0x3184f39abc5c3fL,
-        0x2a8dda80ca078dL } },
-    /* 231 */
-    { { 0x0592233cdbc95cL,0x54d5de5c66f40fL,0x351caa1512ab86L,
-        0x681bdbee020084L,0x6ee2480c853e68L,0x6a5a44262b918fL,
-        0x06574e15a3b91dL },
-      { 0x31ba03dacd7fbeL,0x0c3da7c18a57a9L,0x49aaaded492d6bL,
-        0x3071ff53469e02L,0x5efb4f0d7248c6L,0x6db5fb67f12628L,
-        0x29cff668e3d024L } },
-    /* 232 */
-    { { 0x1b9ef3bb1b17ceL,0x6ccf8c24fe6312L,0x34c15487f45008L,
-        0x1a84044095972cL,0x515073a47e449eL,0x2ddc93f9097feeL,
-        0x1008fdc894c434L },
-      { 0x08e5edb73399faL,0x65b1aa65547d4cL,0x3a117a1057c498L,
-        0x7e16c3089d13acL,0x502f2ae4b6f851L,0x57a70f3eb62673L,
-        0x111b48a9a03667L } },
-    /* 233 */
-    { { 0x5023024be164f1L,0x25ad117032401eL,0x46612b3bfe3427L,
-        0x2f4f406a8a02b7L,0x16a93a5c4ddf07L,0x7ee71968fcdbe9L,
-        0x2267875ace37daL },
-      { 0x687e88b59eb2a6L,0x3ac7368fe716d3L,0x28d953a554a036L,
-        0x34d52c0acca08fL,0x742a7cf8dd4fd9L,0x10bfeb8575ea60L,
-        0x290e454d868dccL } },
-    /* 234 */
-    { { 0x4e72a3a8a4bdd2L,0x1ba36d1dee04d5L,0x7a43136b63195bL,
-        0x6ca8e286a519f3L,0x568e64aece08a9L,0x571d5000b5c10bL,
-        0x3f75e9f5dbdd40L },
-      { 0x6fb0a698d6fa45L,0x0ce42209d7199cL,0x1f68275f708a3eL,
-        0x5749832e91ec3cL,0x6c3665521428b2L,0x14b2bf5747bd4aL,
-        0x3b6f940e42a22bL } },
-    /* 235 */
-    { { 0x4da0adbfb26c82L,0x16792a585f39acL,0x17df9dfda3975cL,
-        0x4796b4afaf479bL,0x67be67234e0020L,0x69df5f201dda25L,
-        0x09f71a4d12b3dcL },
-      { 0x64ff5ec260a46aL,0x579c5b86385101L,0x4f29a7d549f697L,
-        0x4e64261242e2ebL,0x54ecacdfb6b296L,0x46e0638b5fddadL,
-        0x31eefd3208891dL } },
-    /* 236 */
-    { { 0x5b72c749fe01b2L,0x230cf27523713aL,0x533d1810e0d1e1L,
-        0x5590db7d1dd1e2L,0x7b8ab73e8e43d3L,0x4c8a19bd1c17caL,
-        0x19222ce9f74810L },
-      { 0x6398b3dddc4582L,0x0352b7d88dfd53L,0x3c55b4e10c5a63L,
-        0x38194d13f8a237L,0x106683fd25dd87L,0x59e0b62443458eL,
-        0x196cb70aa9cbb9L } },
-    /* 237 */
-    { { 0x2885f7cd021d63L,0x162bfd4c3e1043L,0x77173dcf98fcd1L,
-        0x13d4591d6add36L,0x59311154d0d8f2L,0x74336e86e79b8aL,
-        0x13faadc5661883L },
-      { 0x18938e7d9ec924L,0x14bcda8fcaa0a1L,0x706d85d41a1355L,
-        0x0ac34520d168deL,0x5a92499fe17826L,0x36c2e3b4f00600L,
-        0x29c2fd7b5f63deL } },
-    /* 238 */
-    { { 0x41250dfe2216c5L,0x44a0ec0366a217L,0x575bc1adf8b0dfL,
-        0x5ff5cdbdb1800bL,0x7843d4dde8ca18L,0x5fa9e420865705L,
-        0x235c38be6c6b02L },
-      { 0x473b78aae91abbL,0x39470c6051e44bL,0x3f973cc2dc08c3L,
-        0x2837932c5c91f6L,0x25e39ed754ec25L,0x1371c837118e53L,
-        0x3b99f3b0aeafe2L } },
-    /* 239 */
-    { { 0x03acf51be46c65L,0x271fceacbaf5c3L,0x476589ed3a5e25L,
-        0x78ec8c3c3c399cL,0x1f5c8bf4ac4c19L,0x730bb733ec68d2L,
-        0x29a37e00dd287eL },
-      { 0x448ed1bf92b5faL,0x10827c17b86478L,0x55e6fc05b28263L,
-        0x0af1226c73a66aL,0x0b66e5df0d09c1L,0x26128315a02682L,
-        0x22d84932c5e808L } },
-    /* 240 */
-    { { 0x5ec3afc26e3392L,0x08e142e45c0084L,0x4388d5ad0f01feL,
-        0x0f7acd36e6140cL,0x028c14ed97dffbL,0x311845675a38c6L,
-        0x01c1c8f09a3062L },
-      { 0x5a302f4cf49e7dL,0x79267e254a44e1L,0x746165052317a1L,
-        0x53a09263a566e8L,0x7d478ad5f73abcL,0x187ce5c947dad3L,
-        0x18564e1a1ec45fL } },
-    /* 241 */
-    { { 0x7b9577a9aa0486L,0x766b40c7aaaef6L,0x1f6a411f5db907L,
-        0x4543dd4d80beaeL,0x0ad938c7482806L,0x451568bf4b9be1L,
-        0x3367ec85d30a22L },
-      { 0x5446425747843dL,0x18d94ac223c6b2L,0x052ff3a354d359L,
-        0x0b4933f89723f5L,0x03fb517740e056L,0x226b892871dddaL,
-        0x2768c2b753f0fdL } },
-    /* 242 */
-    { { 0x685282ccfa5200L,0x411ed433627b89L,0x77d5c9b8bc9c1dL,
-        0x4a13ef2ee5cd29L,0x5582a612407c9eL,0x2307cb42fc3aa9L,
-        0x2e661df79956b8L },
-      { 0x0e972b015254deL,0x5b63e14def8adeL,0x06995be2ca4a95L,
-        0x6cc0cc1e94bf27L,0x7ed8499fe0052aL,0x671a6ca5a5e0f9L,
-        0x31e10d4ba10f05L } },
-    /* 243 */
-    { { 0x690af07e9b2d8aL,0x6030af9e32c8ddL,0x45c7ca3bf2b235L,
-        0x40959077b76c81L,0x61eee7f70d5a96L,0x6b04f6aafe9e38L,
-        0x3c726f55f1898dL },
-      { 0x77d0142a1a6194L,0x1c1631215708b9L,0x403a4f0a9b7585L,
-        0x066c8e29f7cef0L,0x6fc32f98cf575eL,0x518a09d818c297L,
-        0x34144e99989e75L } },
-    /* 244 */
-    { { 0x6adbada859fb6aL,0x0dcfb6506ccd51L,0x68f88b8d573e0dL,
-        0x4b1ce35bd9af30L,0x241c8293ece2c9L,0x3b5f402c5c4adeL,
-        0x34b9b1ee6fde87L },
-      { 0x5e625340075e63L,0x54c3f3d9050da1L,0x2a3f9152509016L,
-        0x3274e46111bc18L,0x3a7504fd01ac73L,0x4169b387a43209L,
-        0x35626f852bc6d4L } },
-    /* 245 */
-    { { 0x576a4f4662e53bL,0x5ea3f20eecec26L,0x4e5f02be5cd7b0L,
-        0x72cc5ac3314be8L,0x0f604ed3201fe9L,0x2a29378ea54bceL,
-        0x2d52bd4d6ec4b6L },
-      { 0x6a4c2b212c1c76L,0x778fd64a1bfa6dL,0x326828691863d6L,
-        0x5616c8bd06a336L,0x5fab552564da4dL,0x46640cab3e91d2L,
-        0x1d21f06427299eL } },
-    /* 246 */
-    { { 0x2bfe37dde98e9cL,0x164c54822332ebL,0x5b736c7df266e4L,
-        0x59dab3a8da084cL,0x0ae1eab346f118L,0x182090a4327e3fL,
-        0x07b13489dae2e6L },
-      { 0x3bc92645452baaL,0x30b159894ae574L,0x5b947c5c78e1f4L,
-        0x18f0e004a3c77fL,0x48ca8f357077d9L,0x349ffdcef9bca9L,
-        0x3ed224bfd54772L } },
-    /* 247 */
-    { { 0x1bdad02db8dff8L,0x69fab4450b44b6L,0x3b6802d187518bL,
-        0x098368d8eb556cL,0x3fe1943fbefcf4L,0x008851d0de6d42L,
-        0x322cbc4605fe25L },
-      { 0x2528aaf0d51afbL,0x7d48a9363a0cecL,0x4ba8f77d9a8f8bL,
-        0x7dee903437d6c7L,0x1ff5a0d9ccc4b4L,0x34d9bd2fa99831L,
-        0x30d9e4f58667c6L } },
-    /* 248 */
-    { { 0x38909b51b85197L,0x7ba16992512bd4L,0x2c776cfcfffec5L,
-        0x2be7879075843cL,0x557e2b05d28ffcL,0x641b17bc5ce357L,
-        0x1fcaf8a3710306L },
-      { 0x54dca2299a2d48L,0x745d06ef305acaL,0x7c41c65c6944c2L,
-        0x679412ec431902L,0x48f2b15ee62827L,0x341a96d8afe06eL,
-        0x2a78fd3690c0e1L } },
-    /* 249 */
-    { { 0x6b7cec83fbc9c6L,0x238e8a82eefc67L,0x5d3c1d9ff0928cL,
-        0x55b816d6409bbfL,0x7969612adae364L,0x55b6ff96db654eL,
-        0x129beca10073a9L },
-      { 0x0b1d2acdfc73deL,0x5d1a3605fa64bdL,0x436076146743beL,
-        0x64044b89fcce0cL,0x7ae7b3c18f7fafL,0x7f083ee27cea36L,
-        0x0292cd0d7c1ff0L } },
-    /* 250 */
-    { { 0x5a3c4c019b7d2eL,0x1a35a9b89712fbL,0x38736cc4f18c72L,
-        0x603dd832a44e6bL,0x000d1d44aed104L,0x69b1f2fc274ebeL,
-        0x03a7b993f76977L },
-      { 0x299f3b3e346910L,0x5243f45295afd5L,0x34342cbfa588bdL,
-        0x72c40dd1155510L,0x718024fed2f991L,0x2f935e765ad82aL,
-        0x246799ea371fb8L } },
-    /* 251 */
-    { { 0x24fe4c76250533L,0x01cafb02fdf18eL,0x505cb25d462882L,
-        0x3e038175157d87L,0x7e3e99b10cdeb1L,0x38b7e72ebc7936L,
-        0x081845f7c73433L },
-      { 0x049e61be05ebd5L,0x6ab82d8f0581f6L,0x62adffb427ac2eL,
-        0x19431f809d198dL,0x36195f6c58b1d6L,0x22cc4c9dedc9a7L,
-        0x24b146d8e694fcL } },
-    /* 252 */
-    { { 0x7c7bc8288b364dL,0x5c10f683cb894aL,0x19a62a68452958L,
-        0x1fc24dcb4ce90eL,0x726baa4ed9581fL,0x1f34447dde73d6L,
-        0x04c56708f30a21L },
-      { 0x131e583a3f4963L,0x071215b4d502e7L,0x196aca542e5940L,
-        0x3afd5a91f7450eL,0x671b6eedf49497L,0x6aac7aca5c29e4L,
-        0x3fb512470f138bL } },
-    /* 253 */
-    { { 0x5eadc3f4eb453eL,0x16c795ba34b666L,0x5d7612a4697fddL,
-        0x24dd19bb499e86L,0x415b89ca3eeb9bL,0x7c83edf599d809L,
-        0x13bc64c9b70269L },
-      { 0x52d3243dca3233L,0x0b21444b3a96a7L,0x6d551bc0083b90L,
-        0x4f535b88c61176L,0x11e61924298010L,0x0a155b415bb61dL,
-        0x17f94fbd26658fL } },
-    /* 254 */
-    { { 0x2dd06b90c28c65L,0x48582339c8fa6eL,0x01ac8bf2085d94L,
-        0x053e660e020fdcL,0x1bece667edf07bL,0x4558f2b33ce24cL,
-        0x2f1a766e8673fcL },
-      { 0x1d77cd13c06819L,0x4d5dc5056f3a01L,0x18896c6fa18d69L,
-        0x120047ca76d625L,0x6af8457d4f4e45L,0x70ddc53358b60aL,
-        0x330e11130e82f0L } },
-    /* 255 */
-    { { 0x0643b1cd4c2356L,0x10a2ea0a8f7c92L,0x2752513011d029L,
-        0x4cd4c50321f579L,0x5fdf9ba5724792L,0x2f691653e2ddc0L,
-        0x0cfed3d84226cbL },
-      { 0x704902a950f955L,0x069bfdb87bbf0cL,0x5817eeda8a5f84L,
-        0x1914cdd9089905L,0x0e4a323d7b93f4L,0x1cc3fc340af0b2L,
-        0x23874161bd6303L } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_7(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_7(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 7);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 7, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 7, km);
-
-            err = sp_384_ecc_mulmod_base_7(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_7(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 7 + 7 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 7 + 7 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 7;
-
-        sp_384_from_mp(k, 7, km);
-        sp_384_point_from_ecc_point_7(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_7(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_7(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_7(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_7(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_7(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_7(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_7(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_384_add_one_7(sp_digit* a)
-{
-    a[0]++;
-    sp_384_norm_7(a);
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 47U) {
-            r[j] &= 0x7fffffffffffffL;
-            s = 55U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_7(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 7, buf, (int)sizeof(buf));
-            if (sp_384_cmp_7(k, p384_order2) <= 0) {
-                sp_384_add_one_7(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 7);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 7, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_7(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_7(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_7(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_7(point->x) || sp_384_iszero_7(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_7(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_7_ctx mulmod_ctx;
-    sp_digit k[7];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_7(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_7_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_7_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_7(ctx->point->x) ||
-                    sp_384_iszero_7(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_7(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_7(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<6; i++) {
-        r[i+1] += r[i] >> 55;
-        r[i] &= 0x7fffffffffffffL;
-    }
-    j = 391 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<7 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 55) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 55);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 7);
-    int err = MP_OKAY;
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 7, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 7, priv);
-        sp_384_point_from_ecc_point_7(point, pub);
-            err = sp_384_ecc_mulmod_7(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_7(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_7_ctx mulmod_ctx;
-    };
-    sp_digit k[7];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 7, priv);
-            sp_384_point_from_ecc_point_7(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_7_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_7(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_384_rshift_7(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<6; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (55 - n))) & 0x7fffffffffffffL);
-    }
-#else
-    for (i=0; i<0; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (55 - n)) & 0x7fffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (55 - n)) & 0x7fffffffffffffL);
-    }
-    r[0] = (a[0] >> n) | (sp_digit)((a[1] << (55 - n)) & 0x7fffffffffffffL);
-    r[1] = (a[1] >> n) | (sp_digit)((a[2] << (55 - n)) & 0x7fffffffffffffL);
-    r[2] = (a[2] >> n) | (sp_digit)((a[3] << (55 - n)) & 0x7fffffffffffffL);
-    r[3] = (a[3] >> n) | (sp_digit)((a[4] << (55 - n)) & 0x7fffffffffffffL);
-    r[4] = (a[4] >> n) | (sp_digit)((a[5] << (55 - n)) & 0x7fffffffffffffL);
-    r[5] = (a[5] >> n) | (sp_digit)((a[6] << (55 - n)) & 0x7fffffffffffffL);
-#endif /* WOLFSSL_SP_SMALL */
-    r[6] = a[6] >> n;
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_384_mul_d_7(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 7; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x7fffffffffffffL);
-        t >>= 55;
-    }
-    r[7] = (sp_digit)t;
-#else
-    sp_int128 tb = b;
-    sp_int128 t[7];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    r[ 0] = (sp_digit)                 (t[ 0] & 0x7fffffffffffffL);
-    r[ 1] = (sp_digit)((t[ 0] >> 55) + (t[ 1] & 0x7fffffffffffffL));
-    r[ 2] = (sp_digit)((t[ 1] >> 55) + (t[ 2] & 0x7fffffffffffffL));
-    r[ 3] = (sp_digit)((t[ 2] >> 55) + (t[ 3] & 0x7fffffffffffffL));
-    r[ 4] = (sp_digit)((t[ 3] >> 55) + (t[ 4] & 0x7fffffffffffffL));
-    r[ 5] = (sp_digit)((t[ 4] >> 55) + (t[ 5] & 0x7fffffffffffffL));
-    r[ 6] = (sp_digit)((t[ 5] >> 55) + (t[ 6] & 0x7fffffffffffffL));
-    r[ 7] = (sp_digit) (t[ 6] >> 55);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-SP_NOINLINE static void sp_384_lshift_14(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[14] = a[13] >> (55 - n);
-    for (i=13; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (55 - n))) & 0x7fffffffffffffL);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[13];
-    r[14] = s >> (55U - n);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (55U - n))) & 0x7fffffffffffffUL);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0x7fffffffffffffL);
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Simplified based on top word of divisor being (1 << 55) - 1
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_384_div_7(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 7 + 3);
-    int i;
-    sp_digit r1;
-    sp_digit mask;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 7 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 14 + 1;
-        sd = t2 + 7 + 1;
-
-        sp_384_mul_d_7(sd, d, (sp_digit)1 << 1);
-        sp_384_lshift_14(t1, a, 1);
-        t1[7 + 7] += t1[7 + 7 - 1] >> 55;
-        t1[7 + 7 - 1] &= 0x7fffffffffffffL;
-        for (i=6; i>=0; i--) {
-            r1 = t1[7 + i];
-            sp_384_mul_d_7(t2, sd, r1);
-            (void)sp_384_sub_7(&t1[i], &t1[i], t2);
-            t1[7 + i] -= t2[7];
-            sp_384_norm_7(&t1[i + 1]);
-
-            mask = ~((t1[7 + i] - 1) >> 63);
-            sp_384_cond_sub_7(t1 + i, t1 + i, sd, mask);
-            sp_384_norm_7(&t1[i + 1]);
-        }
-        sp_384_norm_7(t1);
-        sp_384_rshift_7(r, t1, 1);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_384_mod_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_384_div_7(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_7(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_7(r, a, b);
-    sp_384_mont_reduce_order_7(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word64 p384_order_minus_2[6] = {
-    0xecec196accc52971U,0x581a0db248b0a77aU,0xc7634d81f4372ddfU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word64 p384_order_low[3] = {
-    0xecec196accc52971U,0x581a0db248b0a77aU,0xc7634d81f4372ddfU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_7(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_7(r, a);
-    sp_384_mont_reduce_order_7(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_7(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_7(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_7(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_7_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_7_ctx;
-static int sp_384_mont_inv_order_7_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_7_ctx* ctx = (sp_384_mont_inv_order_7_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_7_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 7);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_7(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_384_mont_mul_order_7(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 7U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_7(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 7);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_7(t, t);
-        if ((p384_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_7(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 7U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 7;
-    sp_digit* t3 = td + 4 * 7;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_7(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_7(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_7(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_7(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_7(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_7(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_7(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_7(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_7(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_7(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_7(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_7(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_7(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_7(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_7(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_7(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_7(t2, t2);
-        if ((p384_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_7(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_7(t2, t2);
-    sp_384_mont_mul_order_7(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_7(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_7(k, k, p384_norm_order);
-    err = sp_384_mod_7(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_7(k);
-
-        /* kInv = 1/k mod order */
-            sp_384_mont_inv_order_7(kInv, k, tmp);
-        sp_384_norm_7(kInv);
-
-        /* s = r * x + e */
-            sp_384_mul_7(x, x, r);
-        err = sp_384_mod_7(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_7(x);
-        carry = sp_384_add_7(s, e, x);
-        sp_384_cond_sub_7(s, s, p384_order, 0 - carry);
-        sp_384_norm_7(s);
-        c = sp_384_cmp_7(s, p384_order);
-        sp_384_cond_sub_7(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_7(s);
-
-        /* s = s * k^-1 mod order */
-            sp_384_mont_mul_order_7(s, s, kInv);
-        sp_384_norm_7(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 7);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 7, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 7;
-        k = e + 4 * 7;
-        r = e + 6 * 7;
-        tmp = e + 8 * 7;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_7(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 7, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_384_ecc_mulmod_base_7(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 7U);
-            sp_384_norm_7(r);
-            c = sp_384_cmp_7(r, p384_order);
-            sp_384_cond_sub_7(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_7(r);
-
-            if (!sp_384_iszero_7(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 7, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 7, hash, (int)hashLen);
-
-                err = sp_384_calc_s_7(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_7(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 7, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_7_ctx mulmod_ctx;
-        sp_384_mont_inv_order_7_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*7];
-    sp_digit x[2*7];
-    sp_digit k[2*7];
-    sp_digit r[2*7];
-    sp_digit tmp[3 * 2*7];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_7(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 7, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_7_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 7U);
-        sp_384_norm_7(ctx->r);
-        c = sp_384_cmp_7(ctx->r, p384_order);
-        sp_384_cond_sub_7(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_7(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 7, priv);
-        sp_384_from_bin(ctx->e, 7, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_7(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_7(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_7(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_7_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_7(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_7(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_7(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_384_norm_7(ctx->x);
-        carry = sp_384_add_7(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_7(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_7(ctx->s);
-        c = sp_384_cmp_7(ctx->s, p384_order);
-        sp_384_cond_sub_7(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_7(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_7(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_7(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_7(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 7U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 7U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 7U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 7U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 7U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-static const char sp_384_tab64_7[64] = {
-    64,  1, 59,  2, 60, 48, 54,  3,
-    61, 40, 49, 28, 55, 34, 43,  4,
-    62, 52, 38, 41, 50, 19, 29, 21,
-    56, 31, 35, 12, 44, 15, 23,  5,
-    63, 58, 47, 53, 39, 27, 33, 42,
-    51, 37, 18, 20, 30, 11, 14, 22,
-    57, 46, 26, 32, 36, 17, 10, 13,
-    45, 25, 16,  9, 24,  8,  7,  6};
-
-static int sp_384_num_bits_55_7(sp_digit v)
-{
-    v |= v >> 1;
-    v |= v >> 2;
-    v |= v >> 4;
-    v |= v >> 8;
-    v |= v >> 16;
-    v |= v >> 32;
-    return sp_384_tab64_7[((word64)((v - (v >> 1))*0x07EDD5E59A4E28C2)) >> 58];
-}
-
-static int sp_384_num_bits_7(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i = 6; i >= 0; i--) {
-        if (a[i] != 0) {
-            r = sp_384_num_bits_55_7(a[i]);
-            r += i * 55;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- * @return  MEMEORY_E when dynamic memory allocation fails.
- */
-static int sp_384_mod_inv_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, u, 7 * 4);
-    sp_digit* v = NULL;
-    sp_digit* b = NULL;
-    sp_digit* d = NULL;
-    int ut;
-    int vt;
-
-    SP_ALLOC_VAR(sp_digit, u, 7 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        v = u + 7;
-        b = u + 2 * 7;
-        d = u + 3 * 7;
-
-        XMEMCPY(u, m, sizeof(sp_digit) * 7);
-        XMEMCPY(v, a, sizeof(sp_digit) * 7);
-
-        ut = sp_384_num_bits_7(u);
-        vt = sp_384_num_bits_7(v);
-
-        XMEMSET(b, 0, sizeof(sp_digit) * 7);
-        if ((v[0] & 1) == 0) {
-            sp_384_rshift1_7(v, v);
-            XMEMCPY(d, m, sizeof(sp_digit) * 7);
-            d[0]++;
-            sp_384_rshift1_7(d, d);
-            vt--;
-
-            while ((v[0] & 1) == 0) {
-                sp_384_rshift1_7(v, v);
-                if (d[0] & 1)
-                    sp_384_add_7(d, d, m);
-                sp_384_rshift1_7(d, d);
-                vt--;
-            }
-        }
-        else {
-            XMEMSET(d+1, 0, sizeof(sp_digit) * (7 - 1));
-            d[0] = 1;
-        }
-
-        while (ut > 1 && vt > 1) {
-            if ((ut > vt) || ((ut == vt) &&
-                    (sp_384_cmp_7(u, v) >= 0))) {
-                sp_384_sub_7(u, u, v);
-                sp_384_norm_7(u);
-
-                sp_384_sub_7(b, b, d);
-                sp_384_norm_7(b);
-                if (b[6] < 0)
-                    sp_384_add_7(b, b, m);
-                sp_384_norm_7(b);
-                ut = sp_384_num_bits_7(u);
-
-                do {
-                    sp_384_rshift1_7(u, u);
-                    if (b[0] & 1)
-                        sp_384_add_7(b, b, m);
-                    sp_384_rshift1_7(b, b);
-                    ut--;
-                }
-                while (ut > 0 && (u[0] & 1) == 0);
-            }
-            else {
-                sp_384_sub_7(v, v, u);
-                sp_384_norm_7(v);
-
-                sp_384_sub_7(d, d, b);
-                sp_384_norm_7(d);
-                if (d[6] < 0)
-                    sp_384_add_7(d, d, m);
-                sp_384_norm_7(d);
-                vt = sp_384_num_bits_7(v);
-
-                do {
-                    sp_384_rshift1_7(v, v);
-                    if (d[0] & 1)
-                        sp_384_add_7(d, d, m);
-                    sp_384_rshift1_7(d, d);
-                    vt--;
-                }
-                while (vt > 0 && (v[0] & 1) == 0);
-            }
-        }
-
-        if (ut == 1)
-            XMEMCPY(r, b, sizeof(sp_digit) * 7);
-        else
-            XMEMCPY(r, d, sizeof(sp_digit) * 7);
-    }
-    SP_FREE_VAR(u, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_7(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-
-        sp_384_proj_point_add_7(p1, p1, p2, tmp);
-    if (sp_384_iszero_7(p1->z)) {
-        if (sp_384_iszero_7(p1->x) && sp_384_iszero_7(p1->y)) {
-                sp_384_proj_point_dbl_7(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_7(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_7(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_384_mul_7(s, s, p384_norm_order);
-        err = sp_384_mod_7(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_7(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_384_mont_inv_order_7(s, s, tmp);
-            sp_384_mont_mul_order_7(u1, u1, s);
-            sp_384_mont_mul_order_7(u2, u2, s);
-        }
-#else
-        {
-            sp_384_mont_mul_order_7(u1, u1, s);
-            sp_384_mont_mul_order_7(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_384_ecc_mulmod_base_7(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_7(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_7(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_7(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_7(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 7);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 7, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 7;
-        s   = u1 + 4 * 7;
-        tmp = u1 + 6 * 7;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 7, hash, (int)hashLen);
-        sp_384_from_mp(u2, 7, rm);
-        sp_384_from_mp(s, 7, sm);
-        sp_384_from_mp(p2->x, 7, pX);
-        sp_384_from_mp(p2->y, 7, pY);
-        sp_384_from_mp(p2->z, 7, pZ);
-
-        err = sp_384_calc_vfy_point_7(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 7, rm);
-        err = sp_384_mod_mul_norm_7(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_384_mont_sqr_7(p1->z, p1->z, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_7(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_7(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 7, rm);
-            carry = sp_384_add_7(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_7(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_7(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_7(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_384_mont_mul_7(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_7(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_7_ctx mulmod_ctx;
-        sp_384_mont_inv_order_7_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_7_ctx dbl_ctx;
-        sp_384_proj_point_add_7_ctx add_ctx;
-    };
-    sp_digit u1[2*7];
-    sp_digit u2[2*7];
-    sp_digit s[2*7];
-    sp_digit tmp[2*7 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 7, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 7, rm);
-        sp_384_from_mp(ctx->s, 7, sm);
-        sp_384_from_mp(ctx->p2.x, 7, pX);
-        sp_384_from_mp(ctx->p2.y, 7, pY);
-        sp_384_from_mp(ctx->p2.z, 7, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_7(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_7(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_7(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_7_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_7(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_7(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_7_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_7(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_7_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_7(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_7_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 7, rm);
-        err = sp_384_mod_mul_norm_7(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_7(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_7(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_7(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 7, rm);
-            carry = sp_384_add_7(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_7(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_7(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_7(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_7(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_7(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_7(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 7 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 7 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 7;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_7(t1, point->y);
-        (void)sp_384_mod_7(t1, t1, p384_mod);
-        sp_384_sqr_7(t2, point->x);
-        (void)sp_384_mod_7(t2, t2, p384_mod);
-        sp_384_mul_7(t2, t2, point->x);
-        (void)sp_384_mod_7(t2, t2, p384_mod);
-        sp_384_mont_sub_7(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_7(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_7(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_7(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_7(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 7, pX);
-        sp_384_from_mp(pub->y, 7, pY);
-        sp_384_from_bin(pub->z, 7, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_7(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 7);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 7, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 7, pX);
-        sp_384_from_mp(pub->y, 7, pY);
-        sp_384_from_bin(pub->z, 7, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 7, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_7(pub->x) != 0) &&
-            (sp_384_iszero_7(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_7(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_7(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_7(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_384_ecc_mulmod_7(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_7(p->x) == 0) ||
-                             (sp_384_iszero_7(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_384_ecc_mulmod_base_7(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_7(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_7(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 7 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 7 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 7, pX);
-        sp_384_from_mp(p->y, 7, pY);
-        sp_384_from_mp(p->z, 7, pZ);
-        sp_384_from_mp(q->x, 7, qX);
-        sp_384_from_mp(q->y, 7, qY);
-        sp_384_from_mp(q->z, 7, qZ);
-        p->infinity = sp_384_iszero_7(p->x) &
-                      sp_384_iszero_7(p->y);
-        q->infinity = sp_384_iszero_7(q->x) &
-                      sp_384_iszero_7(q->y);
-
-            sp_384_proj_point_add_7(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 7 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 7 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 7, pX);
-        sp_384_from_mp(p->y, 7, pY);
-        sp_384_from_mp(p->z, 7, pZ);
-        p->infinity = sp_384_iszero_7(p->x) &
-                      sp_384_iszero_7(p->y);
-
-            sp_384_proj_point_dbl_7(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 7 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 7 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 7, pX);
-        sp_384_from_mp(p->y, 7, pY);
-        sp_384_from_mp(p->z, 7, pZ);
-        p->infinity = sp_384_iszero_7(p->x) &
-                      sp_384_iszero_7(p->y);
-
-            sp_384_map_7(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_7(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 7);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 7, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 7;
-        t3 = t1 + 4 * 7;
-        t4 = t1 + 6 * 7;
-        t5 = t1 + 8 * 7;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_7(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_7(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_7(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_7(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_7(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_7(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_7(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_7(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_7(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_7(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_7(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_7(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_7(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_7(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_7(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_7(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_7(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_7(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_7(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_7(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_7(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_7(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_7(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_7(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_7(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_7(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_7(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 7);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 7, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 7;
-
-        sp_384_from_mp(x, 7, xm);
-        err = sp_384_mod_mul_norm_7(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_384_mont_sqr_7(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_7(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_7(y, y, x, p384_mod);
-        sp_384_mont_sub_7(y, y, x, p384_mod);
-        sp_384_mont_sub_7(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_7(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_7(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_7(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 7, 0, 7U * sizeof(sp_digit));
-        sp_384_mont_reduce_7(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_7(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 9];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 9];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 9];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[9] = {
-    0x3ffffffffffffffL,0x3ffffffffffffffL,0x3ffffffffffffffL,0x3ffffffffffffffL,
-    0x3ffffffffffffffL,0x3ffffffffffffffL,0x3ffffffffffffffL,0x3ffffffffffffffL,
-    0x1ffffffffffffffL
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[9] = {
-    0x000000000000001L,0x000000000000000L,0x000000000000000L,0x000000000000000L,
-    0x000000000000000L,0x000000000000000L,0x000000000000000L,0x000000000000000L,
-    0x000000000000000L
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x00000000000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[9] = {
-    0x36fb71e91386409L,0x1726e226711ebaeL,0x0148f709a5d03bbL,0x20efcbe59adff30L,
-    0x3fffffffa518687L,0x3ffffffffffffffL,0x3ffffffffffffffL,0x3ffffffffffffffL,
-    0x1ffffffffffffffL
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[9] = {
-    0x36fb71e91386407L,0x1726e226711ebaeL,0x0148f709a5d03bbL,0x20efcbe59adff30L,
-    0x3fffffffa518687L,0x3ffffffffffffffL,0x3ffffffffffffffL,0x3ffffffffffffffL,
-    0x1ffffffffffffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[9] = {
-    0x09048e16ec79bf7L,0x28d91dd98ee1451L,0x3eb708f65a2fc44L,0x1f10341a65200cfL,
-    0x000000005ae7978L,0x000000000000000L,0x000000000000000L,0x000000000000000L,
-    0x000000000000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x12f5ccd79a995c7L;
-#endif
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0x17e7e31c2e5bd66L,0x22cf0615a90a6feL,0x0127a2ffa8de334L,
-        0x1dfbf9d64a3f877L,0x06b4d3dbaa14b5eL,0x14fed487e0a2bd8L,
-        0x15b4429c6481390L,0x3a73678fb2d988eL,0x0c6858e06b70404L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x0be94769fd16650L,0x31c21a89cb09022L,0x39013fad0761353L,
-        0x2657bd099031542L,0x3273e662c97ee72L,0x1e6d11a05ebef45L,
-        0x3d1bd998f544495L,0x3001172297ed0b1L,0x11839296a789a3bL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x000000000000001L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[9] = {
-    0x3451fd46b503f00L,0x0f7e20f4b0d3c7bL,0x00bd3bb1bf07357L,0x147b1fa4dec594bL,
-    0x18ef109e1561939L,0x26cc57cee2d2264L,0x0540eea2da725b9L,0x2687e4a688682daL,
-    0x051953eb9618e1cL
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_521_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[8]) * b[8];
-    r[17] = (sp_digit)(c >> 58);
-    c &= 0x3ffffffffffffffL;
-    for (k = 15; k >= 0; k--) {
-        if (k >= 9) {
-            i = k - 8;
-            imax = 8;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 58;
-        r[k + 2] += (sp_digit)(c >> 58);
-        r[k + 1]  = (sp_digit)(c & 0x3ffffffffffffffL);
-        c = lo & 0x3ffffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_521_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int128 t0;
-    sp_int128 t1;
-    sp_digit t[9];
-
-    t0 = ((sp_int128)a[ 0]) * b[ 0];
-    t1 = ((sp_int128)a[ 0]) * b[ 1]
-       + ((sp_int128)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 0]) * b[ 2]
-       + ((sp_int128)a[ 1]) * b[ 1]
-       + ((sp_int128)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 0]) * b[ 3]
-       + ((sp_int128)a[ 1]) * b[ 2]
-       + ((sp_int128)a[ 2]) * b[ 1]
-       + ((sp_int128)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 0]) * b[ 4]
-       + ((sp_int128)a[ 1]) * b[ 3]
-       + ((sp_int128)a[ 2]) * b[ 2]
-       + ((sp_int128)a[ 3]) * b[ 1]
-       + ((sp_int128)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 0]) * b[ 5]
-       + ((sp_int128)a[ 1]) * b[ 4]
-       + ((sp_int128)a[ 2]) * b[ 3]
-       + ((sp_int128)a[ 3]) * b[ 2]
-       + ((sp_int128)a[ 4]) * b[ 1]
-       + ((sp_int128)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 0]) * b[ 6]
-       + ((sp_int128)a[ 1]) * b[ 5]
-       + ((sp_int128)a[ 2]) * b[ 4]
-       + ((sp_int128)a[ 3]) * b[ 3]
-       + ((sp_int128)a[ 4]) * b[ 2]
-       + ((sp_int128)a[ 5]) * b[ 1]
-       + ((sp_int128)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 0]) * b[ 7]
-       + ((sp_int128)a[ 1]) * b[ 6]
-       + ((sp_int128)a[ 2]) * b[ 5]
-       + ((sp_int128)a[ 3]) * b[ 4]
-       + ((sp_int128)a[ 4]) * b[ 3]
-       + ((sp_int128)a[ 5]) * b[ 2]
-       + ((sp_int128)a[ 6]) * b[ 1]
-       + ((sp_int128)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 0]) * b[ 8]
-       + ((sp_int128)a[ 1]) * b[ 7]
-       + ((sp_int128)a[ 2]) * b[ 6]
-       + ((sp_int128)a[ 3]) * b[ 5]
-       + ((sp_int128)a[ 4]) * b[ 4]
-       + ((sp_int128)a[ 5]) * b[ 3]
-       + ((sp_int128)a[ 6]) * b[ 2]
-       + ((sp_int128)a[ 7]) * b[ 1]
-       + ((sp_int128)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 1]) * b[ 8]
-       + ((sp_int128)a[ 2]) * b[ 7]
-       + ((sp_int128)a[ 3]) * b[ 6]
-       + ((sp_int128)a[ 4]) * b[ 5]
-       + ((sp_int128)a[ 5]) * b[ 4]
-       + ((sp_int128)a[ 6]) * b[ 3]
-       + ((sp_int128)a[ 7]) * b[ 2]
-       + ((sp_int128)a[ 8]) * b[ 1];
-    t[ 8] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 2]) * b[ 8]
-       + ((sp_int128)a[ 3]) * b[ 7]
-       + ((sp_int128)a[ 4]) * b[ 6]
-       + ((sp_int128)a[ 5]) * b[ 5]
-       + ((sp_int128)a[ 6]) * b[ 4]
-       + ((sp_int128)a[ 7]) * b[ 3]
-       + ((sp_int128)a[ 8]) * b[ 2];
-    r[ 9] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 3]) * b[ 8]
-       + ((sp_int128)a[ 4]) * b[ 7]
-       + ((sp_int128)a[ 5]) * b[ 6]
-       + ((sp_int128)a[ 6]) * b[ 5]
-       + ((sp_int128)a[ 7]) * b[ 4]
-       + ((sp_int128)a[ 8]) * b[ 3];
-    r[10] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 4]) * b[ 8]
-       + ((sp_int128)a[ 5]) * b[ 7]
-       + ((sp_int128)a[ 6]) * b[ 6]
-       + ((sp_int128)a[ 7]) * b[ 5]
-       + ((sp_int128)a[ 8]) * b[ 4];
-    r[11] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 5]) * b[ 8]
-       + ((sp_int128)a[ 6]) * b[ 7]
-       + ((sp_int128)a[ 7]) * b[ 6]
-       + ((sp_int128)a[ 8]) * b[ 5];
-    r[12] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 6]) * b[ 8]
-       + ((sp_int128)a[ 7]) * b[ 7]
-       + ((sp_int128)a[ 8]) * b[ 6];
-    r[13] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = ((sp_int128)a[ 7]) * b[ 8]
-       + ((sp_int128)a[ 8]) * b[ 7];
-    r[14] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = ((sp_int128)a[ 8]) * b[ 8];
-    r[15] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    r[16] = (sp_digit)(t0 & 0x3ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 58);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[8]) * a[8];
-    r[17] = (sp_digit)(c >> 58);
-    c = (c & 0x3ffffffffffffffL) << 58;
-    for (k = 15; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 8) {
-            imax = k;
-        }
-        else {
-            imax = 8;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 116);
-        r[k + 1]  = (sp_digit)((c >> 58) & 0x3ffffffffffffffL);
-        c = (c & 0x3ffffffffffffffL) << 58;
-    }
-    r[0] = (sp_digit)(c >> 58);
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_int128 t0;
-    sp_int128 t1;
-    sp_digit t[9];
-
-    t0 =  ((sp_int128)a[ 0]) * a[ 0];
-    t1 = (((sp_int128)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 0]) * a[ 2]) * 2
-       +  ((sp_int128)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 0]) * a[ 3]
-       +  ((sp_int128)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 0]) * a[ 4]
-       +  ((sp_int128)a[ 1]) * a[ 3]) * 2
-       +  ((sp_int128)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 0]) * a[ 5]
-       +  ((sp_int128)a[ 1]) * a[ 4]
-       +  ((sp_int128)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 0]) * a[ 6]
-       +  ((sp_int128)a[ 1]) * a[ 5]
-       +  ((sp_int128)a[ 2]) * a[ 4]) * 2
-       +  ((sp_int128)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 0]) * a[ 7]
-       +  ((sp_int128)a[ 1]) * a[ 6]
-       +  ((sp_int128)a[ 2]) * a[ 5]
-       +  ((sp_int128)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 0]) * a[ 8]
-       +  ((sp_int128)a[ 1]) * a[ 7]
-       +  ((sp_int128)a[ 2]) * a[ 6]
-       +  ((sp_int128)a[ 3]) * a[ 5]) * 2
-       +  ((sp_int128)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 1]) * a[ 8]
-       +  ((sp_int128)a[ 2]) * a[ 7]
-       +  ((sp_int128)a[ 3]) * a[ 6]
-       +  ((sp_int128)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 2]) * a[ 8]
-       +  ((sp_int128)a[ 3]) * a[ 7]
-       +  ((sp_int128)a[ 4]) * a[ 6]) * 2
-       +  ((sp_int128)a[ 5]) * a[ 5];
-    r[ 9] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 3]) * a[ 8]
-       +  ((sp_int128)a[ 4]) * a[ 7]
-       +  ((sp_int128)a[ 5]) * a[ 6]) * 2;
-    r[10] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 4]) * a[ 8]
-       +  ((sp_int128)a[ 5]) * a[ 7]) * 2
-       +  ((sp_int128)a[ 6]) * a[ 6];
-    r[11] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 5]) * a[ 8]
-       +  ((sp_int128)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 = (((sp_int128)a[ 6]) * a[ 8]) * 2
-       +  ((sp_int128)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    t1 = (((sp_int128)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x3ffffffffffffffL); t1 += t0 >> 58;
-    t0 =  ((sp_int128)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x3ffffffffffffffL); t0 += t1 >> 58;
-    r[16] = (sp_digit)(t0 & 0x3ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 58);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_521_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] - b[ 0];
-    r[ 1] = a[ 1] - b[ 1];
-    r[ 2] = a[ 2] - b[ 2];
-    r[ 3] = a[ 3] - b[ 3];
-    r[ 4] = a[ 4] - b[ 4];
-    r[ 5] = a[ 5] - b[ 5];
-    r[ 6] = a[ 6] - b[ 6];
-    r[ 7] = a[ 7] - b[ 7];
-    r[ 8] = a[ 8] - b[ 8];
-
-    return 0;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 58
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 57);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 57);
-    }
-#elif DIGIT_BIT > 58
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x3ffffffffffffffL;
-        s = 58U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 58U) <= (word32)DIGIT_BIT) {
-            s += 58U;
-            r[j] &= 0x3ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 58) {
-            r[j] &= 0x3ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 58 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_9(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 9, pm->x);
-    sp_521_from_mp(p->y, 9, pm->y);
-    sp_521_from_mp(p->z, 9, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 58
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 9);
-        r->used = 9;
-        mp_clamp(r);
-#elif DIGIT_BIT < 58
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 58) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 58 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 58 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 58 - s;
-            }
-            else {
-                s += 58;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Normalize the values in each word to 58 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_521_norm_9(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 8; i++) {
-        a[i+1] += a[i] >> 58;
-        a[i] &= 0x3ffffffffffffffL;
-    }
-#else
-    a[1] += a[0] >> 58; a[0] &= 0x3ffffffffffffffL;
-    a[2] += a[1] >> 58; a[1] &= 0x3ffffffffffffffL;
-    a[3] += a[2] >> 58; a[2] &= 0x3ffffffffffffffL;
-    a[4] += a[3] >> 58; a[3] &= 0x3ffffffffffffffL;
-    a[5] += a[4] >> 58; a[4] &= 0x3ffffffffffffffL;
-    a[6] += a[5] >> 58; a[5] &= 0x3ffffffffffffffL;
-    a[7] += a[6] >> 58; a[6] &= 0x3ffffffffffffffL;
-    a[8] += a[7] >> 58; a[7] &= 0x3ffffffffffffffL;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-
-    (void)m;
-    (void)mp;
-
-    for (i = 0; i < 8; i++) {
-        a[i] += (sp_digit)(((a[8 + i] >> 57) + (a[8 + i + 1] << 1)) & 0x3ffffffffffffffL);
-    }
-    a[8] &= 0x1ffffffffffffff;
-    a[8] += (sp_digit)(((a[16] >> 57) + (a[17] << 1)) & 0x3ffffffffffffffL);
-
-    sp_521_norm_9(a);
-
-    a[0] += a[8] >> 57;
-    a[8] &= 0x1ffffffffffffff;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_521_cmp_9(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=8; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 57);
-    }
-#else
-    r |= (a[ 8] - b[ 8]) & (0 - (sp_digit)1);
-    r |= (a[ 7] - b[ 7]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 6] - b[ 6]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 5] - b[ 5]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 4] - b[ 4]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 3] - b[ 3]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 2] - b[ 2]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 1] - b[ 1]) & ~(((sp_digit)0 - r) >> 57);
-    r |= (a[ 0] - b[ 0]) & ~(((sp_digit)0 - r) >> 57);
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_521_cond_sub_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    r[ 0] = a[ 0] - (b[ 0] & m);
-    r[ 1] = a[ 1] - (b[ 1] & m);
-    r[ 2] = a[ 2] - (b[ 2] & m);
-    r[ 3] = a[ 3] - (b[ 3] & m);
-    r[ 4] = a[ 4] - (b[ 4] & m);
-    r[ 5] = a[ 5] - (b[ 5] & m);
-    r[ 6] = a[ 6] - (b[ 6] & m);
-    r[ 7] = a[ 7] - (b[ 7] & m);
-    r[ 8] = a[ 8] - (b[ 8] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_521_mul_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 8; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x3ffffffffffffffL);
-        t[1] += t[0] >> 58;
-        r[i+1] = (sp_digit)(t[1] & 0x3ffffffffffffffL);
-        t[2] += t[1] >> 58;
-        r[i+2] = (sp_digit)(t[2] & 0x3ffffffffffffffL);
-        t[3] += t[2] >> 58;
-        r[i+3] = (sp_digit)(t[3] & 0x3ffffffffffffffL);
-        t[0]  = t[3] >> 58;
-    }
-    t[0] += (tb * a[8]) + r[8];
-    r[8] = (sp_digit)(t[0] & 0x3ffffffffffffffL);
-    r[9] +=  (sp_digit)(t[0] >> 58);
-#else
-    sp_int128 tb = b;
-    sp_int128 t[9];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    t[ 7] = tb * a[ 7];
-    t[ 8] = tb * a[ 8];
-    r[ 0] += (sp_digit)                 (t[ 0] & 0x3ffffffffffffffL);
-    r[ 1] += (sp_digit)((t[ 0] >> 58) + (t[ 1] & 0x3ffffffffffffffL));
-    r[ 2] += (sp_digit)((t[ 1] >> 58) + (t[ 2] & 0x3ffffffffffffffL));
-    r[ 3] += (sp_digit)((t[ 2] >> 58) + (t[ 3] & 0x3ffffffffffffffL));
-    r[ 4] += (sp_digit)((t[ 3] >> 58) + (t[ 4] & 0x3ffffffffffffffL));
-    r[ 5] += (sp_digit)((t[ 4] >> 58) + (t[ 5] & 0x3ffffffffffffffL));
-    r[ 6] += (sp_digit)((t[ 5] >> 58) + (t[ 6] & 0x3ffffffffffffffL));
-    r[ 7] += (sp_digit)((t[ 6] >> 58) + (t[ 7] & 0x3ffffffffffffffL));
-    r[ 8] += (sp_digit)((t[ 7] >> 58) + (t[ 8] & 0x3ffffffffffffffL));
-    r[ 9] += (sp_digit) (t[ 8] >> 58);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 521 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_521_mont_shift_9(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_uint64 n;
-
-    n = a[8] >> 57;
-    for (i = 0; i < 8; i++) {
-        n += (sp_uint64)a[9 + i] << 1;
-        r[i] = (sp_digit)(n & 0x3ffffffffffffffL);
-        n >>= 58;
-    }
-    n += (sp_uint64)a[17] << 1;
-    r[8] = n;
-#else
-    sp_uint64 n;
-
-    n  = a[8] >> 57;
-    n += (sp_uint64)a[ 9] << 1U; r[ 0] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[10] << 1U; r[ 1] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[11] << 1U; r[ 2] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[12] << 1U; r[ 3] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[13] << 1U; r[ 4] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[14] << 1U; r[ 5] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[15] << 1U; r[ 6] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[16] << 1U; r[ 7] = (sp_digit)(n & 0x3ffffffffffffffUL); n >>= 58U;
-    n += (sp_uint64)a[17] << 1U; r[ 8] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[9], 0, sizeof(*r) * 9U);
-}
-
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_521_norm_9(a + 9);
-
-    for (i=0; i<8; i++) {
-        mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x3ffffffffffffffL);
-        sp_521_mul_add_9(a+i, m, mu);
-        a[i+1] += a[i] >> 58;
-    }
-    mu = (sp_digit)(((sp_uint64)a[i] * (sp_uint64)mp) & 0x1ffffffffffffffL);
-    sp_521_mul_add_9(a+i, m, mu);
-    a[i+1] += a[i] >> 58;
-    a[i] &= 0x3ffffffffffffffL;
-    sp_521_mont_shift_9(a, a);
-    over = a[8] >> 57;
-    sp_521_cond_sub_9(a, a, m, ~((over - 1) >> 63));
-    sp_521_norm_9(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mul_9(r, a, b);
-    sp_521_mont_reduce_9(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_521_sqr_9(r, a);
-    sp_521_mont_reduce_9(r, m, mp);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_9(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_9(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word64 p521_mod_minus_2[9] = {
-    0xfffffffffffffffdU,0xffffffffffffffffU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0x00000000000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_521_mont_mul_9(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-
-    /* 0x2 */
-    sp_521_mont_sqr_9(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_9(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_9(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_9(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_9(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_9(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_9(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_9(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_9(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_9(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_int64 n;
-
-    sp_521_mont_inv_9(t1, p->z, t + 2*9);
-
-    sp_521_mont_sqr_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_9(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_9(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_9(r->x, p521_mod);
-    sp_521_cond_sub_9(r->x, r->x, p521_mod, (sp_digit)~(n >> 57));
-    sp_521_norm_9(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_9(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_9(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_9(r->y, p521_mod);
-    sp_521_cond_sub_9(r->y, r->y, p521_mod, (sp_digit)~(n >> 57));
-    sp_521_norm_9(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_521_add_9(r, a, b);
-    sp_521_norm_9(r);
-    over = r[8] >> 57;
-    sp_521_cond_sub_9(r, r, m, ~((over - 1) >> 63));
-    sp_521_norm_9(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_521_add_9(r, a, a);
-    sp_521_norm_9(r);
-    over = r[8] >> 57;
-    sp_521_cond_sub_9(r, r, m, ~((over - 1) >> 63));
-    sp_521_norm_9(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_521_add_9(r, a, a);
-    sp_521_norm_9(r);
-    over = r[8] >> 57;
-    sp_521_cond_sub_9(r, r, m, ~((over - 1) >> 63));
-    sp_521_norm_9(r);
-    (void)sp_521_add_9(r, r, a);
-    sp_521_norm_9(r);
-    over = r[8] >> 57;
-    sp_521_cond_sub_9(r, r, m, ~((over - 1) >> 63));
-    sp_521_norm_9(r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_521_cond_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_521_cond_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    r[ 0] = a[ 0] + (b[ 0] & m);
-    r[ 1] = a[ 1] + (b[ 1] & m);
-    r[ 2] = a[ 2] + (b[ 2] & m);
-    r[ 3] = a[ 3] + (b[ 3] & m);
-    r[ 4] = a[ 4] + (b[ 4] & m);
-    r[ 5] = a[ 5] + (b[ 5] & m);
-    r[ 6] = a[ 6] + (b[ 6] & m);
-    r[ 7] = a[ 7] + (b[ 7] & m);
-    r[ 8] = a[ 8] + (b[ 8] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_521_sub_9(r, a, b);
-    sp_521_norm_9(r);
-    sp_521_cond_add_9(r, r, m, r[8] >> 57);
-    sp_521_norm_9(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 57) & 0x3ffffffffffffffL);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 57) & 0x3ffffffffffffffL);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 57) & 0x3ffffffffffffffL);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 57) & 0x3ffffffffffffffL);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 57) & 0x3ffffffffffffffL);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 57) & 0x3ffffffffffffffL);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 57) & 0x3ffffffffffffffL);
-    r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 57) & 0x3ffffffffffffffL);
-    r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 57) & 0x3ffffffffffffffL);
-#endif
-    r[8] = a[8] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_521_cond_add_9(r, a, m, 0 - (a[0] & 1));
-    sp_521_norm_9(r);
-    sp_521_rshift1_9(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_9(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_9(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_9(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_9(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_9(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_9(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_9(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_9(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_9(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_9(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_9(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_9(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_9(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_9(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_9(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_9_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_9_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_9(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_9(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_9(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_9(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_9(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_9(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_9(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_9(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_9(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_9(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_9(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_9(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_9(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_9(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_9(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*9;
-    sp_digit* t2 = t + 4*9;
-    sp_digit* t3 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_9(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(t2, t1) &
-            sp_521_cmp_equal_9(t4, t3)) {
-        sp_521_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_9(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(x, x, t5, p521_mod);
-        sp_521_mont_mul_9(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t3, y, p521_mod);
-        sp_521_mont_sub_9(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_9_ctx {
-    int state;
-    sp_521_proj_point_dbl_9_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_9_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_9_ctx* ctx = (sp_521_proj_point_add_9_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*9;
-        ctx->t2 = t + 4*9;
-        ctx->t3 = t + 6*9;
-        ctx->t4 = t + 8*9;
-        ctx->t5 = t + 10*9;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_9(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_9(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_9(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_9(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_9(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_9(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_9(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_9(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_9(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_9(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_9(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_9(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_9(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_9(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_9(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_9(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_9(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_9(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_9(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_9(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_9(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_9(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)m;
-
-    if (r != a) {
-        XMEMCPY(r, a, 9 * sizeof(sp_digit));
-    }
-
-    return MP_OKAY;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 521 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_521) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_9(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_521_mod_mul_norm_9(t[1].y, g->y, p521_mod);
-    if (err == MP_OKAY)
-        err = sp_521_mod_mul_norm_9(t[1].z, g->z, p521_mod);
-
-    if (err == MP_OKAY) {
-        i = 8;
-        c = 57;
-        n = k[i--] << (58 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 58;
-            }
-
-            y = (n >> 57) & 1;
-            n <<= 1;
-
-            sp_521_proj_point_add_9(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_521));
-            sp_521_proj_point_dbl_9(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_521));
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_ecc_mulmod_9_ctx {
-    int state;
-    union {
-        sp_521_proj_point_dbl_9_ctx dbl_ctx;
-        sp_521_proj_point_add_9_ctx add_ctx;
-    };
-    sp_point_521 t[3];
-    sp_digit tmp[2 * 9 * 6];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_521_ecc_mulmod_9_ctx;
-
-static int sp_521_ecc_mulmod_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_ecc_mulmod_9_ctx* ctx = (sp_521_ecc_mulmod_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_ecc_mulmod_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_521) * 3);
-        ctx->i = 8;
-        ctx->c = 57;
-        ctx->n = k[ctx->i--] << (58 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_9(ctx->t[1].x, g->x, p521_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_521_mod_mul_norm_9(ctx->t[1].y, g->y, p521_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_521_mod_mul_norm_9(ctx->t[1].z, g->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 58;
-        }
-        ctx->y = (ctx->n >> 57) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_521_proj_point_add_9_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_521));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_521_proj_point_dbl_9_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_521));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_521_map_9(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_521));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[9];
-    sp_digit y[9];
-} sp_table_entry_521;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[9];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 9; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    t[ 7] = r[ 7] ^ a[ 7];
-    t[ 8] = r[ 8] ^ a[ 8];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-    r[ 7] ^= t[ 7] & m;
-    r[ 8] ^= t[ 8] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t2, b, p521_mod);
-        sp_521_mont_sub_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_9(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_9(t2, b, p521_mod);
-    sp_521_mont_sub_9(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_9(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_9(y, y, p521_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
-        const sp_point_521* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<9; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<9; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<9; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(w, w, p521_mod, p521_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t2, b, p521_mod);
-        sp_521_mont_sub_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t1, p521_mod);
-        /* Y = Y/2 */
-        sp_521_mont_div2_9(r[j].y, y, p521_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
-        sp_point_521* rs, const sp_point_521* p, const sp_point_521* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t1, xa, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_9(t3, t3, ya, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-    /* H = U2 - U1 */
-    sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-    /* RS = S2 + S1 */
-    sp_521_mont_add_9(t6, t4, t3, p521_mod);
-    /* R = S2 - S1 */
-    sp_521_mont_sub_9(t4, t4, t3, p521_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_521_mont_mul_9(za, za, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(za, za, t2, p521_mod, p521_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_521_mont_sqr_9(xa, t4, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(xs, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(ya, t1, t5, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(xa, xa, t5, p521_mod);
-    sp_521_mont_sub_9(xs, xs, t5, p521_mod);
-    sp_521_mont_dbl_9(t1, ya, p521_mod);
-    sp_521_mont_sub_9(xa, xa, t1, p521_mod);
-    sp_521_mont_sub_9(xs, xs, t1, p521_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_9(ya, ya, xa, p521_mod);
-    sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
-    sp_521_sub_9(t6, p521_mod, t6);
-    sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t5, t5, t3, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(ya, ya, t5, p521_mod);
-    sp_521_mont_sub_9(ys, ys, t5, p521_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_521 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_521;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_9_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_9_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<87; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 58) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 58) {
-            n >>= 6;
-            if (++j < 9)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 9) {
-            n = k[j];
-            y |= (word8)((n << (58 - o)) & 0x3f);
-            o -= 52;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_9_6[y];
-        v[i].neg = recode_neg_9_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* rt = NULL;
-    sp_point_521* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_521 v[87];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_9(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t[1].y, g->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t[1].z, g->z, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_521_proj_point_dbl_n_store_9(t, &t[ 1], 5, 1, tmp);
-        sp_521_proj_point_add_9(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[ 6], &t[ 3], tmp);
-        sp_521_proj_point_add_sub_9(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[10], &t[ 5], tmp);
-        sp_521_proj_point_add_sub_9(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[12], &t[ 6], tmp);
-        sp_521_proj_point_dbl_9(&t[14], &t[ 7], tmp);
-        sp_521_proj_point_add_sub_9(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[18], &t[ 9], tmp);
-        sp_521_proj_point_add_sub_9(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[20], &t[10], tmp);
-        sp_521_proj_point_dbl_9(&t[22], &t[11], tmp);
-        sp_521_proj_point_add_sub_9(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[24], &t[12], tmp);
-        sp_521_proj_point_dbl_9(&t[26], &t[13], tmp);
-        sp_521_proj_point_add_sub_9(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[28], &t[14], tmp);
-        sp_521_proj_point_dbl_9(&t[30], &t[15], tmp);
-        sp_521_proj_point_add_sub_9(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_521_ecc_recode_6_9(k, v);
-
-        i = 86;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_33_9(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_521));
-        }
-        for (--i; i>=0; i--) {
-            sp_521_proj_point_dbl_n_9(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_33_9(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_521));
-            }
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_521_proj_point_add_9(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*9;
-    sp_digit* t6 = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(p->x, t2) &
-            sp_521_cmp_equal_9(p->y, t4)) {
-        sp_521_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_9(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_9(t5, t3, p521_mod);
-        sp_521_mont_sub_9(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_9(t3, t3, x, p521_mod);
-        sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 9;
-    sp_digit* tmp = t + 4 * 9;
-
-    sp_521_mont_inv_9(t1, a->z, tmp);
-
-    sp_521_mont_sqr_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_9(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 65 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_9(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_9(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_9(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_521_proj_point_dbl_n_9(t, 66, tmp);
-            sp_521_proj_to_affine_9(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_9(t, s1, s2, tmp);
-                sp_521_proj_to_affine_9(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_256_9(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 65;
-        for (j=0; j<8 && x<521; j++) {
-            y |= (int)(((k[x / 58] >> (x % 58)) & 1) << j);
-            x += 66;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_256_9(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=64; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8 && x<521; j++) {
-                y |= (int)(((k[x / 58] >> (x % 58)) & 1) << j);
-                x += 66;
-            }
-
-            sp_521_proj_point_dbl_9(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_256_9(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_9(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[9];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[9];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_9(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_9(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_9(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_9(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(point, gm);
-
-            err = sp_521_ecc_mulmod_9(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(point, gm);
-        sp_521_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_9(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_9(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_521_ecc_mulmod_9(r, &p521_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_521_ecc_mulmod_base_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_521_ecc_mulmod_9_nb(sp_ctx, r, &p521_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 66 between points.
- */
-static const sp_table_entry_521 p521_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x17e7e31c2e5bd66L,0x22cf0615a90a6feL,0x0127a2ffa8de334L,
-        0x1dfbf9d64a3f877L,0x06b4d3dbaa14b5eL,0x14fed487e0a2bd8L,
-        0x15b4429c6481390L,0x3a73678fb2d988eL,0x0c6858e06b70404L },
-      { 0x0be94769fd16650L,0x31c21a89cb09022L,0x39013fad0761353L,
-        0x2657bd099031542L,0x3273e662c97ee72L,0x1e6d11a05ebef45L,
-        0x3d1bd998f544495L,0x3001172297ed0b1L,0x11839296a789a3bL } },
-    /* 2 */
-    { { 0x03986670f0ccb51L,0x387404d9525d2a0L,0x0f21b2b29ed9b87L,
-        0x2aa8eb74cddfd63L,0x0e9d08ffb06c0e9L,0x19d8589fc4ecd74L,
-        0x0a3ef4dd8bf44c9L,0x0eb6e92863051d6L,0x13e96a576dda004L },
-      { 0x3de24f8632d95a3L,0x057bc5314920a4aL,0x063e9bdaba1979fL,
-        0x3d2a58adc1eab76L,0x214258d98dde053L,0x18708d7316628b7L,
-        0x3fd32c9fa5a19d0L,0x33ab03b519443a3L,0x1852aea9dd1ef78L } },
-    /* 3 */
-    { { 0x0a91dd8eaaf1fe3L,0x0e19891002d4af4L,0x06a921abf0d20dbL,
-        0x26a9da32503fda8L,0x09a1eec37941287L,0x1ce0d0f3cde46afL,
-        0x22abc1c913fbe62L,0x3cc4dca2d0aaf88L,0x157874c0a862b9eL },
-      { 0x2c8f184e6f03d49L,0x0d5f907922f80c2L,0x1ef3815cbdefa9cL,
-        0x2ad7f6370f00b39L,0x1faeb109d7a41c7L,0x213d34e12fbd9f2L,
-        0x2f0aae2f98cca1aL,0x25a2df80f51f59cL,0x00724b1ab581d58L } },
-    /* 4 */
-    { { 0x04f2d4bdf9314e0L,0x3a14379e802ab24L,0x1083582efb03daaL,
-        0x20fb1ff9b49e48cL,0x2199d74a880f1c2L,0x25401f9cb56ce65L,
-        0x33f03e5f120b9b3L,0x2da18c348ddcd1dL,0x121f4c192733b78L },
-      { 0x103ff6dfa8b51f0L,0x2bed45038af7c3cL,0x380e83254171ae7L,
-        0x2e33684365444c0L,0x24f3a8c01e83501L,0x3201c1a4415ddc7L,
-        0x2238218f52196aaL,0x29fc4d826c2aa95L,0x1db8c25790694a0L } },
-    /* 5 */
-    { { 0x00370ccb2c0958dL,0x3bc599a69ece1ccL,0x33cf480c9b3889aL,
-        0x3cbeacf85249e4bL,0x2507489670b2984L,0x34cf6caa5d4790dL,
-        0x0a4daa9cab99d5aL,0x1cc95365174cad1L,0x00aa26cca5216c7L },
-      { 0x1be1d41f9e66d18L,0x3bbe5aa845f9eb3L,0x14a2ddb0d24b80aL,
-        0x09d7262defc14c8L,0x2dfd3c8486dcfb2L,0x329354b184f9d0dL,
-        0x151e646e703fa13L,0x149f43238a5dc61L,0x1c6f5e90eacbfa8L } },
-    /* 6 */
-    { { 0x2c2f1e74ab2d58fL,0x2fe0b0a825e00a8L,0x2b24770bb76ac1bL,
-        0x3b5599fdef5960fL,0x2fd96897e8e4ed9L,0x3ef83c576300761L,
-        0x1cdcb166395a133L,0x3ac954793ce7766L,0x082de08424a720dL },
-      { 0x3aa53b260ea91afL,0x212bdde8c77f765L,0x32395cd09bbea43L,
-        0x36bcc016387360bL,0x2e5c78e97997c19L,0x1d6c611510ed831L,
-        0x02ce16faae9b5f5L,0x3ea1973a1bccc23L,0x073983ce58f4f63L } },
-    /* 7 */
-    { { 0x2e931318217609dL,0x2a7750904bf002bL,0x264c286c63297f8L,
-        0x359efc7197b845fL,0x38d03eee5cc3782L,0x2ae4de67a305136L,
-        0x3784c701acacb29L,0x3361c857ac6d6c1L,0x0f82c409fa81affL },
-      { 0x07d3766378139a4L,0x25a7aed56faa4c0L,0x0d6f68c8bc9dc6dL,
-        0x1857e4fc90b1f18L,0x2741717d9844e84L,0x02fc483a118728aL,
-        0x1699d78e930e79fL,0x2db7b85552809adL,0x07de69c77026a4fL } },
-    /* 8 */
-    { { 0x1b51bb04bee80d7L,0x3da87dda4b79a58L,0x246ca0ebc3bd0e1L,
-        0x29e4c1913c20de7L,0x3390db0771c0bffL,0x2b6873a65f19ee1L,
-        0x14b512095c33e1fL,0x21958f1402b76b1L,0x0b0c231d360d311L },
-      { 0x228929839bcab2fL,0x019e01937488281L,0x2084763dc2a0c0cL,
-        0x1cc64e30f8c18bdL,0x152e46eb988e9daL,0x297783f5a6fa3cbL,
-        0x2c0e26e55c8d2d6L,0x3fd5fce8ff58f6cL,0x14a899c6d9f1e4bL } },
-    /* 9 */
-    { { 0x3f6e3a1ec05ce88L,0x30925adabf480a7L,0x20776fbeb007f8fL,
-        0x2f7baf7b5002e74L,0x2693700f7b50ec0L,0x3dec0c3abbe5dd0L,
-        0x101f77806e37a13L,0x2b83d73c5f45c6eL,0x1599036e5dfca95L },
-      { 0x0af64b5000e8e0cL,0x0ab8101bed37e40L,0x1a67449f23bad3fL,
-        0x108956c96a57d87L,0x28e33c6500ca918L,0x0b009f07e9abcf9L,
-        0x2840a514373c00cL,0x1090267cf36865cL,0x0e798c62b79d0e8L } },
-    /* 10 */
-    { { 0x0c7c4a8ae4d0f28L,0x2957bd59b401bbaL,0x1f65066e40233a8L,
-        0x2d574c86dd8de61L,0x2b8351b078deccaL,0x1f5522ace2e59b5L,
-        0x31ab0b2e889e535L,0x14dedea7a38bf98L,0x05945c60f95e75cL },
-      { 0x0a27d347867d79cL,0x182c5607206602fL,0x19ab976b8c517f4L,
-        0x21986e47b65fb0bL,0x1d9c1d15ffcd044L,0x253276e5cc29e89L,
-        0x2c5a3b8a2cf259fL,0x0c7ba39e12e1d77L,0x004062526073e51L } },
-    /* 11 */
-    { { 0x2e04e5cf1631bbaL,0x1b077c55bd14937L,0x3f30e4c3099040eL,
-        0x10dadaafb1c1980L,0x0f6b94f6edb649aL,0x1adf82d4d53d427L,
-        0x1e6dd27fecf4693L,0x1432a9e9c41fae8L,0x022889edac56894L },
-      { 0x012916ed05596f2L,0x0076b2c08f2e2e4L,0x13ece7d4abe1e39L,
-        0x102a7240c4c9407L,0x1c6d146d0b28150L,0x13b8625a76f34fcL,
-        0x1226fb6fa1d5b17L,0x0261126ba8586a4L,0x154754ceedfb8a8L } },
-    /* 12 */
-    { { 0x24e27b04270b2f0L,0x0d3922fd35d35edL,0x3e8b0c2722ba84bL,
-        0x2767fe6dc72c61aL,0x334fd6bc4f54a58L,0x104bd276621f937L,
-        0x389d16b7c669fd7L,0x381d1002366eddfL,0x1cfafb9426bc902L },
-      { 0x0a4f2d1662935caL,0x1f1c0e65f7311b3L,0x29e5353c79f8284L,
-        0x2254857c3d30227L,0x080911b9d9ed8d9L,0x3789ea8d673c22fL,
-        0x1e320d4b03540e6L,0x064ed4bd358fbdaL,0x0e6a0217fd694efL } },
-    /* 13 */
-    { { 0x37de62774214780L,0x19a05c81d167aadL,0x39b7e9c7fb01ca0L,
-        0x3075b52df1fde15L,0x0a66caa39e55548L,0x2141693d15d5864L,
-        0x0864ebf8141b039L,0x274fe972835f132L,0x053bf8af9509e12L },
-      { 0x09b29d885285092L,0x0c76aa3bb5797efL,0x290ef618aab982fL,
-        0x3d34989bb4670cdL,0x307ed8e090eee14L,0x1cdb410108a55c2L,
-        0x27d01d1977920e8L,0x2dced1fb897ffb7L,0x1b93c921c3abc7aL } },
-    /* 14 */
-    { { 0x36a07cca08b2b14L,0x1e37aefc5d31fc2L,0x3828c40cb2a4aa9L,
-        0x1ca42b720e0a472L,0x28c1edde695c782L,0x03ef4880236a2caL,
-        0x2db94e741ceb2f9L,0x152397e272794c8L,0x07d18266085b73cL },
-      { 0x1ebf82a2defd012L,0x32c2516854dfbdaL,0x35353ef0811d01eL,
-        0x29ecaf537a8f155L,0x27bf969c859c882L,0x2c96b46c0287e5cL,
-        0x136005063adf5e0L,0x3f861307fcc1bc9L,0x1178e515bec4112L } },
-    /* 15 */
-    { { 0x314787fefe3d3d5L,0x1dbd967625c89e4L,0x3ed1e0b6acf529eL,
-        0x080717a3764571dL,0x15f5667af9c2b7bL,0x0d5dbbd1e200e3cL,
-        0x00154af38c766ffL,0x0ed4e7c188f2001L,0x09647d3c44bde88L },
-      { 0x2075638de1b21a4L,0x0e67055c420704cL,0x206775c03599bb6L,
-        0x1feb79833d4c8b9L,0x0efc190595c7fdeL,0x35ece5806c65510L,
-        0x2fa73e7e70ac8cdL,0x01d912a96a0f5a9L,0x04234f8cfac6308L } },
-    /* 16 */
-    { { 0x231e71a286492adL,0x0f791197e1ab13bL,0x00d4da713cb408fL,
-        0x3a6a1adc413a25cL,0x32572c1617ad0f5L,0x173072676698b93L,
-        0x162e0c77d223ef2L,0x2c817b7fda584eeL,0x08e818d28f381d8L },
-      { 0x21231cf8cdf1f60L,0x103cad9c5dd83dcL,0x2f8ce045a4038b6L,
-        0x3700dc1a27ef9c9L,0x372ea0dcb422285L,0x2021988dc65afe3L,
-        0x26fe48a16f7855cL,0x2fd1353867f1f0cL,0x13efdbc856e8f68L } },
-    /* 17 */
-    { { 0x234d04fe6a3ace5L,0x2d80fa258647077L,0x0007f75ed0f40dbL,
-        0x2f256c966d6d370L,0x22615f02015e0e6L,0x0c7a8fe37ef2e99L,
-        0x3ff824b2ec5433dL,0x0ccb90ac2c39040L,0x11119315060c480L },
-      { 0x197ea28045452f1L,0x19e33dc7cfdcee6L,0x3ddc41e9328e80bL,
-        0x1bb9abc708d294aL,0x1b44215e7b7f265L,0x02900a2f10e016eL,
-        0x2476e23aa734f2fL,0x033df8f1c91e508L,0x1f16dc2e8b068c6L } },
-    /* 18 */
-    { { 0x0dfae6ffffc0de5L,0x06053ead297c92fL,0x3658ea2aa8dda80L,
-        0x3d7693c11046404L,0x334100611f3b1caL,0x1b833e23c92e736L,
-        0x055c8248c324ed9L,0x0b8a52dfa8cd08cL,0x1d36e835b648909L },
-      { 0x2b77ae707372f27L,0x26d3ea0eeb8669fL,0x1ae165429ebb477L,
-        0x19bf00fbcfe85d7L,0x16991c7c4942ec2L,0x1894f4f0397f1aaL,
-        0x34e738a0f61e4f5L,0x3a465e847fd6379L,0x00260524cd4624dL } },
-    /* 19 */
-    { { 0x1b5d0ca01342e08L,0x3b53c2dd27c2bd1L,0x02d96529d804509L,
-        0x36db600d673ad54L,0x34c3848005eb087L,0x1d6a1e13aa99aa1L,
-        0x34317ee972c7a0cL,0x3efd2305a7885a1L,0x14f81c556e0e5c9L },
-      { 0x2b0b12be120674dL,0x3c26e4867c02b09L,0x332dd658caa6c6bL,
-        0x2be0a4b66787879L,0x125fdbf80c771c5L,0x199b0df57604d4aL,
-        0x0df680e61bd7983L,0x0260e36b251a874L,0x09f58dcf684c39fL } },
-    /* 20 */
-    { { 0x01691027b7dc837L,0x065d52d43ac7105L,0x092ad7e6741b2d7L,
-        0x076f20928e013d0L,0x2c8e20bcf1d0a7fL,0x286076c15c2c815L,
-        0x3b508a6732e3b9dL,0x01249e2018db829L,0x04511af502cc9f7L },
-      { 0x3820d94c56f4ffaL,0x08168b13c303e82L,0x3d4ea1a0606a1c6L,
-        0x199e6cc5bee67ccL,0x2e4f240fc1bab64L,0x0b5f710c16a8214L,
-        0x23c07322539b789L,0x198cc0d95fc481bL,0x05928405280cedbL } },
-    /* 21 */
-    { { 0x0d087114397760cL,0x082dd8727f341a4L,0x07fa987e24f7b90L,
-        0x281488cd6831ffbL,0x1ae21ca100e33b8L,0x2c0c8881cf6fabfL,
-        0x145da6458c060a3L,0x18bbe6e71cee3b8L,0x0aa31c661e527ffL },
-      { 0x3518eb081430b5eL,0x3e73a943b835a6bL,0x30b5aa6ebe8bb32L,
-        0x3ca7f875a243b36L,0x31a59cc9a1f15f7L,0x22aca98f3975a3cL,
-        0x07ce54f4d679940L,0x01ddba16c73bd0dL,0x1768ff423c0286dL } },
-    /* 22 */
-    { { 0x164104c33dcec23L,0x03586f3741d4661L,0x2f514c4f309abafL,
-        0x3d779221c5521b6L,0x1d3539ba3f01bc8L,0x28efa3b3775aebcL,
-        0x1d865fbb7e665d3L,0x12683e4676b0f2dL,0x173fe203da3f121L },
-      { 0x03ae9a178d4a3d1L,0x173d62194c5b601L,0x26c041176463a4dL,
-        0x23fe12be913abc0L,0x3ffea422d316c63L,0x188ad84d44bc8e5L,
-        0x27068d691eaa046L,0x2ccf12215ba8e5fL,0x1b542d1b2e3f4a1L } },
-    /* 23 */
-    { { 0x11b2d5e1f487402L,0x005b99eabc7757dL,0x31f56da9c20ae36L,
-        0x187b3916ff47acfL,0x3027a9e1825b7d3L,0x210459250b6c18cL,
-        0x0773d0bf228777eL,0x297c3d7f3831116L,0x01fb2b3151d2dd7L },
-      { 0x02773e8fbaa096aL,0x1c9baf824ea1e04L,0x0d072c7f1781152L,
-        0x342ad7729d9714fL,0x187ef2d4a38d3dfL,0x1fac470aed29f61L,
-        0x2da22f5c9c2013bL,0x3b2b578d4f0d02dL,0x039846d50a5a325L } },
-    /* 24 */
-    { { 0x2da77361677df58L,0x2f559c72d435b1dL,0x07d70a080ff2364L,
-        0x0a6194c90c0110fL,0x2c35101e7a0a854L,0x231735da0800b74L,
-        0x2cf13fbebc61434L,0x23703fc5646bb29L,0x0fb91c7c2e698bfL },
-      { 0x27c5cad12de14d5L,0x12317d95872089aL,0x24307cdbb3dabc4L,
-        0x0471da0475e7e37L,0x2754620499c58f0L,0x269d39247a2601bL,
-        0x3e37c3e52ad0a2cL,0x31cb480d1a172caL,0x0ec7a8632450a0bL } },
-    /* 25 */
-    { { 0x3818c218a86786eL,0x0dfdd084df8b20cL,0x10d1a7e6eb20ed5L,
-        0x1c17371200d765aL,0x024f7bd759790ecL,0x387c3c511a458b2L,
-        0x1915ca09e7ef9d4L,0x089bf4c304a2f3aL,0x02d810145f66c71L },
-      { 0x12749f5b71d87e5L,0x0ec505ec0b3b68cL,0x2d2ee0baff1625fL,
-        0x2a7f2b9989c0915L,0x337bd985f97f7b3L,0x3e9b430435bafe3L,
-        0x32f13720aa81b97L,0x376c6ca7c680487L,0x03de326a2f85cc0L } },
-    /* 26 */
-    { { 0x2f3398b38c2ee78L,0x0f44069d682fb89L,0x1706565a7f8e40cL,
-        0x38c10067974d68cL,0x2b8174b6ed12985L,0x3e0294a8878a990L,
-        0x18d80e25a15ee8aL,0x3aa6974783f9a14L,0x0848cbbc13804f6L },
-      { 0x2828690dfd45169L,0x1f8261674fa341dL,0x0811cdb8bfc238dL,
-        0x1e858b3d9208dd6L,0x3b4d15b8c849954L,0x18126699252eaceL,
-        0x21cfed822cbc57cL,0x1662eb10c893aa2L,0x0d94356346957c6L } },
-    /* 27 */
-    { { 0x306925368271323L,0x2782a12734135caL,0x1fbf2b31cc7d24dL,
-        0x13d5e8f8d86ab8dL,0x20294e85644f64bL,0x0f3b52b852411a1L,
-        0x2cda47ddc82ee74L,0x3e5a32e4a9a95f8L,0x13f989c42efbfc1L },
-      { 0x2d98bdfb8651600L,0x18d0d1e8f3ebbafL,0x254335b1a2268c3L,
-        0x3775609541e4e84L,0x3852eb1e9558da7L,0x0a57d516945cec8L,
-        0x06d101df5ae5852L,0x3e18b951b8bbd99L,0x1faf7e16a2c5d89L } },
-    /* 28 */
-    { { 0x1746c8ec7ec136dL,0x07609f3444d46c3L,0x3ad3f187a116f8eL,
-        0x23c4dba1195d928L,0x0850983c22f1b96L,0x39c5c967506a8a5L,
-        0x3c149c2123ecc4bL,0x2e0b77372ad49d8L,0x16da7f50b181022L },
-      { 0x19e532d0ca5e258L,0x22b45e5ed8a9efeL,0x242ec77fddefa14L,
-        0x335d3e6db123428L,0x07fd122d458518bL,0x2d42cb5f14ecc2eL,
-        0x01aae9bb8cd193fL,0x1b824685a6bbaf0L,0x1c57e49b10a1de2L } },
-    /* 29 */
-    { { 0x0abe67521210716L,0x0a5a8c1f809000bL,0x011d8c83795b81aL,
-        0x0d3767be9aa52bfL,0x3677d686f68f203L,0x3d7389d56f8be7aL,
-        0x357c5c6a13f277bL,0x12e33df648906e5L,0x13270c3d2f4c74fL },
-      { 0x1c8609c8d209aa4L,0x104e8b6cad50dbeL,0x2d1a2992345d46fL,
-        0x3ae521f0d3e5adcL,0x2b440a375186f2aL,0x3694d6393e9c85dL,
-        0x25b3103a4209367L,0x182e3c47ab78ffcL,0x1a99a570153505dL } },
-    /* 30 */
-    { { 0x21513936e7495bbL,0x0bf4a12421e746bL,0x2b0b29fd76fcebdL,
-        0x26f1839c872708cL,0x3517a09e2a1a0d4L,0x362eb7e27d60ae0L,
-        0x148bb4ac37809e9L,0x3121d2a937a782bL,0x027fd041312cb6cL },
-      { 0x05502eeead4fb6dL,0x3097b42980b2fb0L,0x2841bd7f4a07760L,
-        0x0c953b7385162e9L,0x10397614cc28b60L,0x207bb64ee75078eL,
-        0x2d4b0b4221b71d1L,0x3906740438f08ccL,0x096dfe58a27dab0L } },
-    /* 31 */
-    { { 0x0d6fcd67debd24eL,0x3f29826b8ac1d53L,0x022ef217c26cbe3L,
-        0x382e58838fe9f63L,0x2c7f9f87dd42d03L,0x25cbffb98d2fc85L,
-        0x0d3e7722b1ec538L,0x14dfa0ea55f0758L,0x162edfe5f860f6aL },
-      { 0x0a05400f0ea20b8L,0x0ab1f875e5a4010L,0x25c90edb0cac287L,
-        0x0c2d8a4e69ddd96L,0x2af2cb7089df5b9L,0x0bfaf04bde299dbL,
-        0x190ad3030732bf5L,0x38d04e999037ae8L,0x0d536eae15f93e7L } },
-    /* 32 */
-    { { 0x06119f6a1c88f3cL,0x397fb0bb1a5129bL,0x2c605742ff2a924L,
-        0x07b76c8b1f1322aL,0x0fa5d25bb60addeL,0x3045f7825ca24e3L,
-        0x2929c1fa5ac4f7eL,0x257d507cd6add20L,0x180d1c4e8f90afdL },
-      { 0x3c4e73da7cd8358L,0x18695fca872480bL,0x3130ad94d288393L,
-        0x198ada9e38bdbcbL,0x379c262cde37e24L,0x06d65ee42eaffe2L,
-        0x0d4e646cae01ef6L,0x3e1167078cfc298L,0x00e52a42280dd01L } },
-    /* 33 */
-    { { 0x2d640a40f013755L,0x3739dfee0e03a5cL,0x0e797eb64b310b6L,
-        0x02e4f2968d89e27L,0x358bdffc98e704bL,0x08c30dc8630d83fL,
-        0x3385d153b1f323bL,0x0efdf5ace422169L,0x04a071130f556b9L },
-      { 0x1a2096bfeef3f88L,0x2ea1a6e0ace514aL,0x184a872664a722eL,
-        0x286163fe509ff88L,0x17490c9daa0dc0bL,0x056233a0cde67adL,
-        0x32cee21d356f628L,0x2bba5f766f1fe9eL,0x0d21e61a4e8a3cfL } },
-    /* 34 */
-    { { 0x05db629e9068656L,0x2f5c327fb7937fbL,0x15bdfcd45546623L,
-        0x3498a469d071e2bL,0x2761e688ef7981dL,0x16e49cbceb14f64L,
-        0x146fec6a96892a5L,0x0bd59085f9ee019L,0x15e793c03cbab9eL },
-      { 0x0fd95436eff39beL,0x2bc1fb6ffd3da02L,0x3abdb02416165a1L,
-        0x3f751e600a60f51L,0x060b2e6fb37c5d2L,0x3a36e662761b65eL,
-        0x28b9bbe3e3284ecL,0x062ce7c127ad761L,0x18e3b3e8a789dadL } },
-    /* 35 */
-    { { 0x3026c56e51e61f0L,0x2f2a8cc1fc9d5d5L,0x26ebb1aeaf41dddL,
-        0x1f38b5fd6ea4a80L,0x2bc5ead91a33e93L,0x391a01f47df3007L,
-        0x01951990ab665d2L,0x101270a913d554dL,0x0aa099c1ca67966L },
-      { 0x161a9098f97e387L,0x145de1178775a6dL,0x112b7ff1d6abf60L,
-        0x293426a72247fe9L,0x1d2282e2b42da55L,0x1d0616b57969f1cL,
-        0x0baeffdfa5a203eL,0x0285866c4da77a8L,0x1a3a5eef9141eccL } },
-    /* 36 */
-    { { 0x2f20d0a7a573b81L,0x3072a1986533bcaL,0x2d8d0b711c347eaL,
-        0x1b2e826750bbc34L,0x05067a8ca6aea01L,0x284d47be998274aL,
-        0x1c26346a52c6007L,0x00cf36ae16062c4L,0x121f17fa45dbb1cL },
-      { 0x3b8b87afc3279d6L,0x39daaf0807c7867L,0x2a83806c21dde30L,
-        0x0af18fe093c0abdL,0x246bd1a53eafd7eL,0x084e4591ec1d389L,
-        0x32d9bfcd6f4931aL,0x273c6acb3f4e705L,0x10a62f3eb4b4db5L } },
-    /* 37 */
-    { { 0x002de36e0689a1bL,0x3327f5f72bf9cb9L,0x2d7e255d0bfb9dcL,
-        0x3b92b681367937aL,0x2bfd2e774d7ee87L,0x1c2cae6d6a140e7L,
-        0x103bba282c66577L,0x141c69eb2a09ae8L,0x11aac7028bac7cdL },
-      { 0x261d39c680c8f04L,0x271332d22ced78bL,0x09bd95744f3c2f0L,
-        0x2d2ab32d64c4c58L,0x25adfb2096d72e4L,0x3f4fb33f6dc1832L,
-        0x352a73c67d9e431L,0x215f0521e89bf85L,0x1e33d95366364d0L } },
-    /* 38 */
-    { { 0x264506b4cec9e7fL,0x1592d0c2aae63f9L,0x101f173fa284a44L,
-        0x1f85725d1c9786dL,0x082dec033e7b7bdL,0x298edd8b5b319eaL,
-        0x0e2fcd1fe2e9340L,0x39d48e821386cfeL,0x0fdccce4da89ae6L },
-      { 0x397f8eec12fd820L,0x3e24aa5b691ccc1L,0x241d55997bf4325L,
-        0x2b00add4f3d65f4L,0x1f677ceba3aef35L,0x06eeb1b229cfe57L,
-        0x1278b05b2892b7dL,0x117da41d4560f31L,0x01c2f5ed53fa47fL } },
-    /* 39 */
-    { { 0x114165eab40b79cL,0x1bbb6096d226a0eL,0x2b7d8a6c107fbfbL,
-        0x22e3807ca2f684dL,0x1a4d79907d431dbL,0x11c79a161397437L,
-        0x376ff869a91472aL,0x047f56341a5a660L,0x006ce369b74c463L },
-      { 0x00773d11add1452L,0x3a7257b63a68a9bL,0x0e32ca15a40c2e4L,
-        0x0dabd8bc63fa3feL,0x2eec9484b3fcb7dL,0x2c81016cb28cdbbL,
-        0x2d8352a4d6e7a93L,0x00f9db64340c655L,0x0e5dd375603d9caL } },
-    /* 40 */
-    { { 0x05f297d8b481bf7L,0x0a8f90a84ce0f33L,0x128cdc40b96c06aL,
-        0x17c462768f27851L,0x16cd57fa79a2bf3L,0x0d5f4caee2b6e62L,
-        0x176fadc1a4935c9L,0x0f78547ec96030bL,0x1ba98721eb424f2L },
-      { 0x002daaf52a4b397L,0x17d330342d39523L,0x0db37b7e79cdc3cL,
-        0x3b2cce5c2d8a6f9L,0x092808c7ff34336L,0x08a236c7b4f72dfL,
-        0x2ed59aec290eff0L,0x3e97ca91e7547a5L,0x0929d7ed87076d8L } },
-    /* 41 */
-    { { 0x0edaf0be660043cL,0x28b32c05b81d376L,0x28e7e2cc3b3d84aL,
-        0x0c1709a7f12748dL,0x13de33e3647b501L,0x2272941340653b8L,
-        0x0db11ddb3361b97L,0x24bc2335460ce61L,0x0c6d5b801ecc8ecL },
-      { 0x3f91c1547ab9887L,0x2178a9ad6ac044cL,0x0e5a133fc8182f2L,
-        0x1d0e361a4b26dcdL,0x043282e815c435aL,0x31ef36a8f24ad1fL,
-        0x158c86191231f59L,0x0f328eb90970d34L,0x0117f568febc5a2L } },
-    /* 42 */
-    { { 0x0cbd9d5bf5caa87L,0x3f183da37632763L,0x0dbbc7d4dede17bL,
-        0x11609c2d6fd8fadL,0x1cc098fe7bf6e59L,0x175ee3d621c4de9L,
-        0x25a533ca5eb6870L,0x029b12df7bbb92cL,0x0ef8e045c324a70L },
-      { 0x20c1c9270cf52bcL,0x0fd8ea43318a605L,0x021cbf3028fb4bfL,
-        0x35d48efbfc57ffdL,0x38b9ce1050a8102L,0x19886c7bfccc268L,
-        0x0a78078e9da4d00L,0x2184a5dd7e27f30L,0x0eb590448650017L } },
-    /* 43 */
-    { { 0x26664fdebbd33ecL,0x269983396b55e62L,0x2c0550fb56ed0cfL,
-        0x2b4756aa9bbb341L,0x3948a7f07b4ca5fL,0x3f870468db6bb96L,
-        0x12544bd2e37887eL,0x363a907d86b1247L,0x0be49df70712bffL },
-      { 0x0e2f1f565acdb56L,0x04f21179796f798L,0x1354e17a0412f2fL,
-        0x33f6724efbee5ffL,0x325a957e48a2867L,0x28618d7e72a745aL,
-        0x26ae711f55c19b4L,0x150766ce1a3d634L,0x000ac4480414c94L } },
-    /* 44 */
-    { { 0x01bcf89d4ad38dbL,0x03ce04f5c51445bL,0x2759cb70243a118L,
-        0x18c58e9c5b16d30L,0x213648bdb5dd64dL,0x137a65a6ef4bbfaL,
-        0x1e8c45a47187f9eL,0x3429d9779a44b8bL,0x048e075f29c4bdaL },
-      { 0x03354745e4dd88dL,0x20d8e2015debf00L,0x1c01227288f7182L,
-        0x2479a26277b92cdL,0x1cd3f71bad008fdL,0x3936878908508c5L,
-        0x262bb15cb023ff3L,0x13f95f9ae70d6d5L,0x072143f41657fb0L } },
-    /* 45 */
-    { { 0x06b046c26f40f2cL,0x3491b1b35f0c76cL,0x22701953a9b7bd5L,
-        0x2e23c010dbeaa95L,0x021d0660d5ac929L,0x2f5b6f9864dce4bL,
-        0x3c43f9d279ed159L,0x34094ddf1356b45L,0x179800eda50b8fcL },
-      { 0x08ddc0b36132f31L,0x3d3c04ab79ce8eeL,0x1ec3203de2b96f8L,
-        0x0508c6d94cce216L,0x0a14093caedb038L,0x30af8be6b423348L,
-        0x2bc09fb9f86d445L,0x11e37f4f654cbdbL,0x13d757b58991aefL } },
-    /* 46 */
-    { { 0x19ad100580f894bL,0x09222b649791bdfL,0x3e142e5a6865b61L,
-        0x14c5fe6a04d1525L,0x2f8a33541c86e10L,0x299b55e362aa082L,
-        0x358e23a67906607L,0x2ad711f7d82b97dL,0x107cadd4c90a7f8L },
-      { 0x16b044f6764ad0eL,0x3f8384940626ccdL,0x0a625f14db6af69L,
-        0x27c6f5df550b7abL,0x25cfa895ce9f277L,0x1bc66b0e5e6447cL,
-        0x2f44b1d4e94cedbL,0x09fd70d4cd05c06L,0x03bcac43fff50c7L } },
-    /* 47 */
-    { { 0x342951c83c1d4cfL,0x1e4742c9170d3c5L,0x0ef69c2dcc71e03L,
-        0x0a4a8c41d9faa3eL,0x3b12948bd2ea57aL,0x3fabae0c956d1aeL,
-        0x1abf592adc1e090L,0x29a26834b463112L,0x0199e8c9ff5c4a8L },
-      { 0x1f7b9cdeb28171aL,0x1e100f55da61ef2L,0x33bf22ff824cefdL,
-        0x24efcccf31562d3L,0x2b01ceb72ee09b3L,0x080a6737affe0e8L,
-        0x2bf7515bb34c452L,0x173ce8f0fa2819bL,0x1a65dee07bb49d0L } },
-    /* 48 */
-    { { 0x1a958d6b114257bL,0x2bf507525d78c02L,0x39b53aae7b11729L,
-        0x24fb746b20c1ca1L,0x11eb679750791b0L,0x099d6d2b3fbf1f4L,
-        0x29517f0e54bd37eL,0x0268e2698b5fa35L,0x06b96f805d82021L },
-      { 0x015d51757b5f9f4L,0x2790d9016d13452L,0x1de0e4870160e5cL,
-        0x2547bdacfe0d10bL,0x1f7497faf953fefL,0x05bbc2de467933dL,
-        0x12eeed24e3cc4d0L,0x05c0ff172aa1c94L,0x1b6f1ba4029a3bdL } },
-    /* 49 */
-    { { 0x2668435529252acL,0x189b01d39ec360aL,0x0cc1e0be86ab3daL,
-        0x3dd3b57714d5420L,0x00cd41fd0534a53L,0x19d22472a7bfc50L,
-        0x13b5ad0e7c945c5L,0x026237a92e257b1L,0x1ffefc67bef1515L },
-      { 0x08dc109306033fdL,0x21e5e7cda1d7666L,0x2f26e3c335c51b2L,
-        0x3f44938a75934e6L,0x0c41dbdfca47259L,0x33036255758315cL,
-        0x28ff8606224b610L,0x21c1e81075397baL,0x1fd2920e15cae4dL } },
-    /* 50 */
-    { { 0x2d15f0ccd67da85L,0x22dbd16b1528559L,0x2021f1ac71c3ae9L,
-        0x0991d564890bc17L,0x166e856dc1feb22L,0x3ed2e91ca8bc558L,
-        0x1d920b65eb14566L,0x32e6cd1a22f4a8aL,0x061943ce86ef9d4L },
-      { 0x0696218aac91174L,0x1467b1077648d2dL,0x2df29f0763a485bL,
-        0x09dc4b22ccedfbeL,0x3b053863098517fL,0x3fcf8f9280b9fb0L,
-        0x09648646bc45bb1L,0x2e4fd1aba25bca5L,0x1462aeb1649ebd2L } },
-    /* 51 */
-    { { 0x334f41fe8e4d3c3L,0x361ffd6edfa76c7L,0x2c0ad910b579c80L,
-        0x186e1cd26bbc085L,0x02b0a6cc02a24b7L,0x3cb4655c152f14aL,
-        0x3e6cdd3b4c7029aL,0x028d0392e438ab6L,0x0cf8e774f812606L },
-      { 0x07f9dbc2e229950L,0x07e11b67e0adc0fL,0x19a3f10c05f3ab1L,
-        0x13c3c608328adebL,0x0ccbfb332203eadL,0x199c1bc5476f2f2L,
-        0x059d5e3bd9caf00L,0x3993968e6f89418L,0x14c984387c8dcafL } },
-    /* 52 */
-    { { 0x08a757f8e011531L,0x16c5cb0f7355f1cL,0x09fdc2d99e297f4L,
-        0x07ee4ed9056a3abL,0x0a5488e869d4ee8L,0x2edeadc2960ced5L,
-        0x3df3a9ddd561c30L,0x0ccaed6f68e12ceL,0x124f909f8e01ddfL },
-      { 0x1b8aa84ab41e782L,0x08049a14776e1f1L,0x2a7d99482bd21deL,
-        0x3afd2d904efd26eL,0x37cd1e22405963dL,0x2eb583bbb4da7eeL,
-        0x2e30eddcf495dd1L,0x084b7ad1d5a4e24L,0x10baaf11bd8af0aL } },
-    /* 53 */
-    { { 0x146017416ec64e2L,0x052b3df5f1baf9cL,0x04a3668b7176bfdL,
-        0x3cdd06c107078d4L,0x22d3b67b072e3f3L,0x15f64a35947e952L,
-        0x08f419623edca3eL,0x2ebbca6dd3a2dcbL,0x0383d99cb47327aL },
-      { 0x08dd0b3da342a3fL,0x00918b7bd2a5520L,0x242eeab5a860120L,
-        0x0141b952db46c71L,0x310c6cf1a5e1e2aL,0x3e40f3426e85c43L,
-        0x0166f5334fc3660L,0x10d4e5a7800044dL,0x0fafaa26074155cL } },
-    /* 54 */
-    { { 0x05cd0e6712de285L,0x3fe2c21a7d77172L,0x2b92df4ed389cd2L,
-        0x0c156e67210dca8L,0x2e07a003363524dL,0x1b82524d1bfbd68L,
-        0x28952b0a2c82dadL,0x1fadacd899885caL,0x02c9afcb188af21L },
-      { 0x3b9d4769a64c5b5L,0x23577913133f874L,0x18ef11c6dbffa0dL,
-        0x23d07052bb55821L,0x235efe854ce1d97L,0x11d15d74947e79cL,
-        0x289c03f9d0c14c0L,0x2770034b20e3af6L,0x16fa25f040b36ccL } },
-    /* 55 */
-    { { 0x23d9dea9cad682dL,0x32c6cd18da4e46cL,0x19885c0f24d787aL,
-        0x31f50620f3a7d70L,0x353555e46dff62fL,0x2473681746aca77L,
-        0x0633ed569b1cb28L,0x150a36c536f114bL,0x1941acbb86c2a34L },
-      { 0x06a70c824db8127L,0x1958fd06df3d6f6L,0x1abeb908d9b484aL,
-        0x18e2670982a3613L,0x344436957aaeaaeL,0x02a4b2344fb5acaL,
-        0x0bcb973bc94f99dL,0x1597e5e3cb8af41L,0x07456a388ef716aL } },
-    /* 56 */
-    { { 0x082dfe496fc1f77L,0x310d7c4d1eb5a98L,0x14dc25ebe457b04L,
-        0x1a6dbdd92abd09aL,0x104d83da164a170L,0x03208cc380e1cf5L,
-        0x239b3eb0b9db52eL,0x0536a621acd3b50L,0x16a76587f2a5988L },
-      { 0x118f8e8ebc71a5dL,0x10690a150148cdaL,0x09ccc182cbcc491L,
-        0x34f82415e9f58fcL,0x1e239d8eb4afe59L,0x365252cb98cf6c3L,
-        0x04fd61bac8582dfL,0x3bf662e4569051cL,0x10ee0866a9dfceaL } },
-    /* 57 */
-    { { 0x350c47052e07a4dL,0x34e2e3975d1740aL,0x047ce1af12267f6L,
-        0x12ce71417ded053L,0x186f739be03e4b4L,0x1f0bc6f167cf5e5L,
-        0x23fad4ca19bca7eL,0x22bec7147007b01L,0x080da3937a57f42L },
-      { 0x1d8ca9d102369faL,0x26ffedc1b038d7aL,0x19a796b55d80e00L,
-        0x37ab0342530b828L,0x1787c187ada0e42L,0x33e812d9b06f8b1L,
-        0x1773406d4ae2cc9L,0x18a156c33a981d9L,0x0d82d525245c7c9L } },
-    /* 58 */
-    { { 0x1cb238cae93de69L,0x0f20cceff6ba6dbL,0x1f4de8b79836496L,
-        0x112ba2fe2b8cf20L,0x24c3ebacce13a22L,0x15696b582f1b9e1L,
-        0x3e9459a837a53c5L,0x1bf361d7634d6f1L,0x01fb3705534f9f4L },
-      { 0x0e9270c7fb974a1L,0x123e83a7b49205eL,0x2c3d64bffbd4234L,
-        0x10f5e7d2cf05059L,0x13b9f32a0a05aa4L,0x32408d7b615693cL,
-        0x352b484bebcf8daL,0x027459612661e36L,0x183aa4d59f1e48dL } },
-    /* 59 */
-    { { 0x2585d75dbffad9fL,0x3d85d3d06763f3bL,0x3f59e6c6934564dL,
-        0x3460f566c31bdceL,0x3929c8950b80793L,0x2658aeadaebd3f0L,
-        0x291273bd445a952L,0x1e16d4ad86517aaL,0x1be4fccdfff3d1cL },
-      { 0x1c384d97cb2857fL,0x20c1601adeafd01L,0x1d1743ace6b24cfL,
-        0x28af10f5adbd4a3L,0x314e564b92c7b8fL,0x0ae7c06a3c38a2fL,
-        0x1383e61b69bc73dL,0x251aeae2fad00f7L,0x0aeaccea0c59791L } },
-    /* 60 */
-    { { 0x268baee0163c2deL,0x342cafac9da2926L,0x3124ffdae767c42L,
-        0x3542ab2a50d5a1bL,0x2e01091cf926da5L,0x0c92fb35a670d33L,
-        0x13a0a93d2545405L,0x332746dad63c506L,0x14ff144925ed611L },
-      { 0x361a60cc1ed9259L,0x0dea8cbc7569fdfL,0x313d07aef4311beL,
-        0x12539be9ee80e11L,0x28bd3730c99f33dL,0x2e555f710e4a305L,
-        0x22bee573cf8ccf5L,0x158402f1b518346L,0x14527cd194383b1L } },
-    /* 61 */
-    { { 0x3e651353427af4eL,0x302ec4c4364df52L,0x276acaa671c32e6L,
-        0x3534ea70ddaf63aL,0x3471709aa9d7b3fL,0x060147004933a18L,
-        0x28ee1c225ce41d0L,0x13b215224a13fe7L,0x13d22d829c9535cL },
-      { 0x301ed9da1b15e02L,0x24aeb0c07961a1aL,0x21835764135b1d0L,
-        0x2ddbdc56692fe9eL,0x118090d0dc0ee59L,0x2014865a45c6814L,
-        0x1279045c1531bbbL,0x1da15d024c3f082L,0x008963b48cc7633L } },
-    /* 62 */
-    { { 0x3e8b620f4aaaed5L,0x2379f7fa1c7ba03L,0x030ffebfcb4b106L,
-        0x39f0e88556cac88L,0x02769b805d4dfbeL,0x34e7abc29e89aa3L,
-        0x15f032377de7706L,0x2dcc7c6a4911fd8L,0x12aa1b81a8442d9L },
-      { 0x19e67d0b1152e8fL,0x1cf65e4ad78530aL,0x1073f1cb57a22e7L,
-        0x272fc76928b8360L,0x2c22b449a03af0aL,0x34b5f4745a6c583L,
-        0x098ee4b82c1ac8dL,0x3a855d422b29affL,0x15054992440e3cbL } },
-    /* 63 */
-    { { 0x0004a0aa13a4602L,0x31c68f434b1839cL,0x2463a6d79bc5505L,
-        0x0eb553677d293f8L,0x373d3c7b8e878ebL,0x113b3e95fb32a41L,
-        0x24d1795b3bb2782L,0x0abc228c3d87ec4L,0x1155b7e50014f63L },
-      { 0x2c42ecc9ef0021aL,0x05ff5fe15b27518L,0x03b82e6478bc580L,
-        0x1a45416936c4389L,0x04cd7eea5af0746L,0x14abb42b66ec287L,
-        0x09f09de8ba39a2dL,0x3e9901d1d126ad5L,0x13fd5c8f7bd9e57L } },
-    /* 64 */
-    { { 0x3d8ce7b5a53c22bL,0x0cff35f2ad11a86L,0x24e248acb394787L,
-        0x07a8e31e43f1132L,0x315c34237a9888bL,0x2dc0818cdabedbaL,
-        0x3508fab913b8a8fL,0x1ccacd2ddf31645L,0x050a931d7a7f9e4L },
-      { 0x10a429056d21d18L,0x198c1d56d04286aL,0x0a8b894a6b05826L,
-        0x18e0a33dd72d1a1L,0x2127702a38a1adeL,0x37dedc253ecbe16L,
-        0x0d1db683ff7d05aL,0x3357074fd6a4a9aL,0x0f5243ce1dbc093L } },
-    /* 65 */
-    { { 0x3c183c3d37d7891L,0x140527f6197b2a3L,0x03d68f21844117bL,
-        0x095681fd9603db9L,0x3ad303202af51ecL,0x019dbbd63f969b2L,
-        0x0e000c95de68f31L,0x14951d4238c7f29L,0x159783e5a957773L },
-      { 0x01db5712e537ad9L,0x1c44b4d6fa73defL,0x2b48d57f9bcb5e8L,
-        0x242a2cf2f1eed48L,0x1e5ecdb5c1eff78L,0x0e1f9fb53cc1b84L,
-        0x321e3d30da83923L,0x299f13647f3d1c8L,0x09f8487bb62e412L } },
-    /* 66 */
-    { { 0x2f5f80f8cb8e08eL,0x34b104925bfb5a1L,0x374360b7dcdf7cfL,
-        0x37d5fd3417c0186L,0x2458061f24dbaffL,0x37a65312c664f0aL,
-        0x07e0626c6ca8d09L,0x172f3bdc349349dL,0x0ffd4e5d4e3b999L },
-      { 0x171e245c6f40077L,0x0b81141c8f9418cL,0x2f7e6a6bfd88159L,
-        0x345b6767380d721L,0x03eb5770cba0959L,0x10358f74b9fe3faL,
-        0x1e441958eb0881cL,0x07d3558ccef6baeL,0x034fb0397df3afdL } },
-    /* 67 */
-    { { 0x384e05eb358815cL,0x32cb5390421f65eL,0x188907f05d7a3abL,
-        0x355ea7520721e9dL,0x042d64cbd350778L,0x33ca27fa74d33feL,
-        0x2b2c6e0859cd5acL,0x02d8a0dcb564774L,0x06bc06d482e18b4L },
-      { 0x10695a0da4ed375L,0x2bd620a636abab4L,0x21b4f4b7092c51bL,
-        0x2b9e8cd6cd6c0a2L,0x20567efd88ab87dL,0x0c830dd29cd64d8L,
-        0x158b307a49fc103L,0x33a6dcdeb2b128dL,0x01ed30696a34c0fL } },
-    /* 68 */
-    { { 0x1550ab0bd3902feL,0x292d2e1aa74ecf6L,0x20a9975cac379bbL,
-        0x0c4ccd81770e967L,0x21afc2c58045e87L,0x3be72fc7cb16630L,
-        0x383c4281ff8d6feL,0x0c7560afb57426fL,0x1579d1d9d5b5281L },
-      { 0x07da3055519258eL,0x14e7e409f78aa1aL,0x1747d6a230d673fL,
-        0x08d7d745a11a7eaL,0x35f7e41f5ab1aebL,0x1a9ffacd6effa51L,
-        0x2d5187bd546abb1L,0x14f74abef53a385L,0x1607437be13bcc9L } },
-    /* 69 */
-    { { 0x1f165a9ee9755a3L,0x35686ae0b26ac55L,0x245aab6b97e60c8L,
-        0x2c2ac1789c59687L,0x26db0830f3004cdL,0x16b2f7ae7830ed4L,
-        0x1e8498aae1ec1a7L,0x318b904f51211d8L,0x1e9589e09bbb1b9L },
-      { 0x35120819c72258dL,0x335cd170564f519L,0x3a7b91c11fdb61dL,
-        0x2fe215e4239b189L,0x2530bc68ed1d3e9L,0x2d6d13fe6ab01bfL,
-        0x10edd5125c16bb6L,0x36d70e2182edb6eL,0x1aa96fe8b08fbbeL } },
-    /* 70 */
-    { { 0x23a5dd8f257c0f8L,0x13724b74e84364cL,0x39cebbb8ce03488L,
-        0x14e91c98aa40fcdL,0x352e06c6d6217adL,0x0c90a336877c805L,
-        0x30c62cf5b723e0cL,0x20b307974e224b0L,0x1fdd9a90f1f477fL },
-      { 0x30d27ba1763ab59L,0x1f64f9c8de0fa60L,0x0264945968aacf2L,
-        0x0c85c0357560556L,0x303146d9f63251aL,0x196fc3cb3daef9cL,
-        0x2323fb6cdcf455eL,0x11d1202a803398cL,0x1496e49e62cd96aL } },
-    /* 71 */
-    { { 0x2ff0b7e40574c09L,0x3c990cffa03a5afL,0x1352eb237d91b76L,
-        0x2ddfb70c4082cefL,0x3424a36dc3c0c62L,0x31b10d7be624e52L,
-        0x08d076e9ea64c27L,0x2792cb7f087138eL,0x139cc3852f6a4e6L },
-      { 0x238a3ffbb096b91L,0x0b2795cf6350f94L,0x1b118c577558ee7L,
-        0x34b711f52d3045bL,0x142e1955f54ec89L,0x10dd1d70801b74dL,
-        0x2e9041004aed6a7L,0x0cb2707770ca8afL,0x1fb597417a2ed93L } },
-    /* 72 */
-    { { 0x00f1981859bae66L,0x23a6c61175f06cfL,0x1c03452a3c1eab4L,
-        0x033fe040ce71b3aL,0x15f98d6fe2384a0L,0x2283756f35fb784L,
-        0x3e1c06f7a00e3d3L,0x2987d5b765228f1L,0x0d09d21a7d18e53L },
-      { 0x1cfdbaf880eb3fbL,0x3f4a5d7a0fdf27eL,0x3d6fa28a74b464cL,
-        0x17f7ec4f80d86e9L,0x3232a6128b8200dL,0x06a361b80ef23d2L,
-        0x2d6ea7d1fb92c28L,0x06309a19d7eb9c1L,0x11d9b08608aefabL } },
-    /* 73 */
-    { { 0x3cf6146bbd2f539L,0x14bf01db89ae885L,0x1d18d4be4a67960L,
-        0x08a7cfce6a0da08L,0x1433f873a8f8234L,0x05bd15a1a2e11aeL,
-        0x1477507a1d3f367L,0x3889b7d80f8a0bfL,0x00377cb02c56975L },
-      { 0x275add38c01dd59L,0x04ea7ae7068debcL,0x11044dfc54039c2L,
-        0x0181fb83619a42bL,0x1661fc40e202ee2L,0x02c0bd5a25bb7a5L,
-        0x2f1a246b4d7398dL,0x1c49732e5a64796L,0x09fd5c281afc13fL } },
-    /* 74 */
-    { { 0x058c54bd7073a5aL,0x206972187ab1f72L,0x0a39e720201a87cL,
-        0x23903800f3947e1L,0x358f199de952a9fL,0x15b300addaf712aL,
-        0x3162f31cf12322dL,0x27846d98d398e0fL,0x16984c017ee8f96L },
-      { 0x1f433625c89f1faL,0x0a98c2da5ec1e3cL,0x1e5c4b05b7f44a0L,
-        0x1453fb79330ccc4L,0x04b025aa4a7ccaeL,0x2136deb4349ba1dL,
-        0x31c1fe7d5b77bbfL,0x33480e7bc6aa3d5L,0x18d65eba928418cL } },
-    /* 75 */
-    { { 0x37866ab8abb2537L,0x3132ed96cc25be8L,0x27ed2a428ad314aL,
-        0x18843a7865a09feL,0x089801b4e95d19fL,0x2ba2e08cc7ae5e8L,
-        0x1c9642aae77a62aL,0x22e125a4f58a97dL,0x0adff5bfe973e36L },
-      { 0x3efae21492b0deeL,0x0fa7ba580b0b3a8L,0x3c996f3b99e5214L,
-        0x2c3a4ee3d6484d9L,0x01064c13edd78b2L,0x15ce39ea355070eL,
-        0x33b1a4e6b970dafL,0x0823ebdbb305a0dL,0x180dbfa3f4f74aeL } },
-    /* 76 */
-    { { 0x024621a907a6aa0L,0x1b2da101e1e7dacL,0x0b688168a934ef5L,
-        0x34e6e6a4121130eL,0x082541f2070d638L,0x3f222d41a5a32a8L,
-        0x2357840c5970531L,0x2533d55937b56bdL,0x097e7e898c7c4d4L },
-      { 0x1dc98d96b6ebb2fL,0x285ff1eaa7849b8L,0x0fdbfa2a2c68292L,
-        0x032cb86146ed83cL,0x181ca4cfe9c6327L,0x046567562636c99L,
-        0x0b8d1994082638bL,0x0c253913cc23a95L,0x0d696399eb844e6L } },
-    /* 77 */
-    { { 0x200f362b83769eeL,0x0102b0fbf132cfeL,0x388957abd68772dL,
-        0x0965029c4a30e4cL,0x3ec242a31622644L,0x168695464271323L,
-        0x1c2172d1e48f1e6L,0x1ff51a2f5c3c412L,0x041c8692d2b709bL },
-      { 0x2388aa1df816784L,0x23229406f9d7393L,0x1ffb02a678124a5L,
-        0x383b69c87826d27L,0x1e67a65eca73299L,0x15b1c6da282f47dL,
-        0x05aa30d81e91e88L,0x2efc8debb8bd300L,0x073d94007500595L } },
-    /* 78 */
-    { { 0x112ac4a010c0ef3L,0x152f613a06c682aL,0x23dc4f3535090e6L,
-        0x3ced1f4626a3c15L,0x2f238c09c10dc41L,0x106b3d9c48bb741L,
-        0x358520224c16afcL,0x2b9bc732e4cd20dL,0x1271a4b5f292275L },
-      { 0x12fd4733ce688b5L,0x19b4df72a71a2deL,0x326e541711d0145L,
-        0x3b8f30d06a3f3a4L,0x02122c11fe3ba14L,0x174de6d5ae2ad33L,
-        0x122f91c0fa763bfL,0x25696578b4abbc5L,0x0acd4e21b3d31cfL } },
-    /* 79 */
-    { { 0x013a7791d8e061aL,0x01f9c2b32128c10L,0x0266eb2f636a627L,
-        0x085dec97275ab02L,0x170ff35cfe917eaL,0x106262fb76de2efL,
-        0x0ae4455008db2b0L,0x3439c3d6293f338L,0x043ed0923972257L },
-      { 0x0ad77b3e2e129e6L,0x312a1c3c6f935cbL,0x0dff20056333fb8L,
-        0x304a9a4550ebb94L,0x2b8fe2640bc2658L,0x259682be5770332L,
-        0x11d99e694eb5841L,0x3721df4eea94fb7L,0x0832df13b208a1eL } },
-    /* 80 */
-    { { 0x2ad2247d181c3f2L,0x34d6fbccdec8fffL,0x3cba74890672915L,
-        0x23ff69e8e876d33L,0x179275686e4f70dL,0x3fc7de7889ad906L,
-        0x1fa4e8e80408636L,0x27d8263a12ce73dL,0x0da57aa0be9d8a0L },
-      { 0x00cecf54efcea66L,0x3cabb2bf1dbebb5L,0x1a48c91585a898dL,
-        0x29c4fc02a958fc6L,0x344b5cb9fb111bdL,0x149883459a1ebeaL,
-        0x0b35abc6d5fb126L,0x3134abe54fc6eebL,0x0ed99709370ff94L } },
-    /* 81 */
-    { { 0x09f56e068b54c89L,0x3305f739cdf08abL,0x283fab089b5308eL,
-        0x0a550fef46c823bL,0x0844dd706b0f3a1L,0x3b0b90346c8133eL,
-        0x19914a80975c89dL,0x137dc22c046ba4eL,0x0176b4ba1707467L },
-      { 0x1216ea98fdfc175L,0x1ff18df83d6c31cL,0x285fceb33a3477bL,
-        0x13c088faade2340L,0x351c6d922b67981L,0x304fd47641e1c82L,
-        0x2d60b55859d5a49L,0x32acb9a7e142febL,0x05c2499a8446d0cL } },
-    /* 82 */
-    { { 0x1d581fb73e7bcf1L,0x37987374f05ef90L,0x17ecfa199fd916dL,
-        0x1cf05676e5f18a6L,0x2641328301a7588L,0x250aa4613b5de25L,
-        0x2ba4bb9672ce892L,0x375ffcfb9161e05L,0x1234fb7a148ce54L },
-      { 0x05d80aff009be8cL,0x24e35de37c6e87cL,0x2e84312de62062eL,
-        0x1fd81c312e69f88L,0x3a1b5da3748d29eL,0x11c5d14d73670faL,
-        0x2b9e671e51bd2faL,0x31a8650262ac15aL,0x049bb584abc49f7L } },
-    /* 83 */
-    { { 0x1f255301ea470f7L,0x2fe023a49538c2aL,0x29ea71a0038da01L,
-        0x385644f2a1c2615L,0x3b8281fdb0d2b2eL,0x063970aab85c012L,
-        0x2943abdb5c6eb01L,0x3540695ab19307eL,0x0531aaf64771a92L },
-      { 0x279ef4906345730L,0x2aa93a11bcdf0a5L,0x26b01a7c3aab946L,
-        0x28a059b7d3be05cL,0x24e04dc3ecb808dL,0x1bb066d3a7ecff0L,
-        0x16d13e9e0b61db7L,0x14e11b9fd997bbbL,0x0e570ed8c0786a7L } },
-    /* 84 */
-    { { 0x2456e58108ce13fL,0x3f163438e5e04d9L,0x284bea3949e9b5bL,
-        0x2f1d6bd99f412daL,0x0a891566bea9b66L,0x3d856569f2d35b7L,
-        0x2e25201b3cecf0bL,0x297e90c4b1cf400L,0x14b81d768986135L },
-      { 0x047bc25841078ecL,0x2a72585e7115350L,0x06094851f8fc75aL,
-        0x0fb38d0247da858L,0x088e54102998d4eL,0x36a2b17a6a7d9c1L,
-        0x2c230cbf280f885L,0x2ddd71932b2823fL,0x02b0ac864b05094L } },
-    /* 85 */
-    { { 0x3606e398f5daf7fL,0x2152244249d419aL,0x1c5c08c58a72483L,
-        0x343243cfb8e8895L,0x008795f022f362fL,0x1097d6ab258cebdL,
-        0x06dbfb71710bd10L,0x2ef370805f817b0L,0x1c8d9c7dc82c1b8L },
-      { 0x1b41fdf18b8bed9L,0x20cc238e88c495fL,0x1de77291c4bbe94L,
-        0x0ad05122abef3e4L,0x3c44da4629b0b97L,0x06fd428a577f18cL,
-        0x1e313190b9c4630L,0x2ab6462d9bdde1aL,0x0f5a8a4e2fa121bL } },
-    /* 86 */
-    { { 0x0a55109ca0251eaL,0x3bb62c9e9b26c23L,0x0beb5620f528f2aL,
-        0x3a2b84ff15a406aL,0x085993c079a8421L,0x346ac35c4d27c71L,
-        0x35d90929e083590L,0x299be5b8a4a6ebaL,0x0ce96c2f1f8f599L },
-      { 0x0bc4b5112be8bd7L,0x11a83cf19fa66f9L,0x07d34d3a3864f48L,
-        0x049cfd0e6076273L,0x026dce5671f6471L,0x00ac25af0caf0c9L,
-        0x0682b7f7134ebffL,0x22d655813c02c34L,0x11cfd23d7eae3ceL } },
-    /* 87 */
-    { { 0x09646cca27689a6L,0x1f710d55905cafeL,0x248eb57cbfccd6aL,
-        0x3ed6c6b7f94c2f6L,0x3711d8bf49b11ffL,0x1c39696e7cb6036L,
-        0x118a1de879fdf0bL,0x354125d4d060dafL,0x114c8c526bd8cbfL },
-      { 0x1fe725bef7388bdL,0x0f6f7f9ffeba9f5L,0x1b897e6de2acf1cL,
-        0x26a7afc6fede0e5L,0x36978514681a72cL,0x1499c2bd94995c1L,
-        0x157d483925ecd9fL,0x32c090def374a0fL,0x1ceb5d732a7c80eL } },
-    /* 88 */
-    { { 0x3f9fccecfd376d7L,0x3aacfa99ac21369L,0x0d08d5b91bd86b4L,
-        0x1fa2a8c1361ab24L,0x37f866a4faa3d5bL,0x2e04eb849fcf50aL,
-        0x0a920695d19fa8bL,0x073774e1e635f8dL,0x073df7c0a69a32cL },
-      { 0x22c01bb38315b16L,0x29f226786323e6fL,0x3fb408b6b8531daL,
-        0x231a024aa068f50L,0x2836faad4b159e4L,0x11a65cc1dfa4f67L,
-        0x17e476d4ed6361aL,0x07e995a72cfd98aL,0x185b69d8183e781L } },
-    /* 89 */
-    { { 0x0f27eb3ab9cb764L,0x3bf0863af075b46L,0x0ddb0479aa79bbbL,
-        0x09027950bd51dd8L,0x1bc699b96b4d16dL,0x3236322b8d70e34L,
-        0x23a45d13b2ae258L,0x1301215e705499eL,0x0d9773b73576c55L },
-      { 0x220a4730218c299L,0x38a6ce67de28ce5L,0x2009484f414f69bL,
-        0x0de68b293511a12L,0x268db7ab3b2c749L,0x0d70d5fc2701dcfL,
-        0x3de3f26181f0599L,0x1b82024c4c0f62dL,0x060f3effcd0e0fbL } },
-    /* 90 */
-    { { 0x23c14beb25d6530L,0x056ce66a5f503dcL,0x3c4bfbf7f6225e0L,
-        0x27052d3c3c48270L,0x23f7e8ecf83d8c5L,0x3ac7bc3f3c00bf7L,
-        0x1f0c6035d353c91L,0x3b8d0e5310a9480L,0x1b5787128ab7be8L },
-      { 0x0937d3ab70110cdL,0x293bf11de446d68L,0x2f5bc53a4c19e0fL,
-        0x3cce35427cb1ab2L,0x3e54ac1c6bd3010L,0x13ca8efcfb8aa0aL,
-        0x09c7b931ea67c3eL,0x0d8bde93299bbc2L,0x0b05bda2c4f34a2L } },
-    /* 91 */
-    { { 0x024a071d1f575cdL,0x24ec06948dc60adL,0x36029a2c9d40156L,
-        0x22e72452980504cL,0x1095b31c150c434L,0x0bf5258a40915cfL,
-        0x10b2776f975fd22L,0x24dee85c1221b88L,0x1f6ac29b8136dbaL },
-      { 0x1edef55775da491L,0x14fe78adaab6082L,0x21061bb40d5b259L,
-        0x04535449f619a5aL,0x181ead062cfc453L,0x3cedc48cbc8772aL,
-        0x06f20d3f3e4f07aL,0x3d6ec4b341ae259L,0x15e241363696910L } },
-    /* 92 */
-    { { 0x0844fd03ecfc44eL,0x17cb21410ecf543L,0x27dbc9bd059a409L,
-        0x3ebd96fb37e697fL,0x1a67961cd239328L,0x2ed77f778c4091cL,
-        0x3dc5baea9e39bfbL,0x30de6008adb404cL,0x141bed7aa9b5f12L },
-      { 0x16f0059fd94d941L,0x3a7c01f53fc0602L,0x3598779f05e3fc6L,
-        0x2cc0120f26798ebL,0x372a198704c40f0L,0x192929c4134bfbbL,
-        0x367f1edb773b5b4L,0x2f4a802d9dc3d24L,0x1694f7e03012a9fL } },
-    /* 93 */
-    { { 0x1f5dd738a9095fdL,0x1e80874f3a15e83L,0x396be5edc767c4bL,
-        0x3fc6028202242a9L,0x366f10aab56497eL,0x261e5d9ae615b87L,
-        0x280601312988243L,0x2a4a585d233dceeL,0x01207d9076c555dL },
-      { 0x3049a011c44394dL,0x097bdc339279142L,0x09f0b1694265f5fL,
-        0x3f8426ccfe078e8L,0x3a30932e42c5bd9L,0x1b3e2bc81fca90fL,
-        0x366722736abfcacL,0x09ac2b7dfe813ccL,0x0e02f1e92fbfa9dL } },
-    /* 94 */
-    { { 0x124e4a663be4d4aL,0x15efb59bcf32465L,0x13fa7e7a7ccd1faL,
-        0x1aa2317474f75f2L,0x23f251f1e70e8cfL,0x0d5533d6c95e65eL,
-        0x1a71090a5ec58eeL,0x227a9a349a35c19L,0x04c7c23d4d20850L },
-      { 0x3ae575bbd52d132L,0x236a9ce32073158L,0x2e51e4e63b990fbL,
-        0x19ac8e74e1c25a9L,0x0a5d49fed51d6b3L,0x0ea301ebb57e21dL,
-        0x286ae2025091d94L,0x3bd68403e116b91L,0x1c21af59d747eb4L } },
-    /* 95 */
-    { { 0x37bc01edd441308L,0x0d251218c222417L,0x0a74759611cd0dcL,
-        0x185308f3998abceL,0x1f8bafed211a712L,0x324f81e4dfcc5edL,
-        0x0c52cf4efbb9ff4L,0x360aa203c3b763bL,0x028480cdd2cddc9L },
-      { 0x0f1ca0dc3f807acL,0x393f0af41c1527aL,0x0a1491f8bb6c6a3L,
-        0x3f4f5b7eb36b4f4L,0x15fb46ffbe3ee1cL,0x37573ef3b91ac6eL,
-        0x38e8b75207b3ac7L,0x3446b56030366c6L,0x08452c669f4c7bdL } },
-    /* 96 */
-    { { 0x02b4747c0ace6d5L,0x32d92ef9ca1eb69L,0x089989bc2614d5aL,
-        0x0dbfc171c7bccc1L,0x2d35ac450817fe8L,0x1d6a70f1dcbac91L,
-        0x00d6fd7f5fc2163L,0x25ccfedbe786b2fL,0x09a7643c315720eL },
-      { 0x32216b4f3845ccfL,0x1d3a0242f016f52L,0x0c74d60490379c1L,
-        0x2858d632019e954L,0x1aa677b6dbd7220L,0x1b8b823a0e3e710L,
-        0x2f6da537332c196L,0x18c36c0ca1d7925L,0x00c52b274cf9c30L } },
-    /* 97 */
-    { { 0x2c2e7828ea58bebL,0x013074d997e921bL,0x1fad20b40ff02b4L,
-        0x2d8a74f9a9551b5L,0x166c81991fb5df7L,0x38b3f8fbc61a11bL,
-        0x10d16bbe690bde6L,0x23a4a5ebae68050L,0x0cb59d81548baccL },
-      { 0x105d3adbaf66a23L,0x0dce1d037ec2076L,0x35de4b00f432c33L,
-        0x3a01f4e80f9b554L,0x3066bca80e17fe8L,0x2b7fe954a5513fdL,
-        0x226ea460c2b96cbL,0x13ff27c06365116L,0x11ed543816724a3L } },
-    /* 98 */
-    { { 0x2a873fbbd7f8a61L,0x2335c6ef9602ed8L,0x1eb3667f69805e1L,
-        0x1855c74f703f572L,0x1783f9bc8ab8d4fL,0x10e62c538b91485L,
-        0x1811b536c3774b2L,0x38f0cb6d28d8dd3L,0x1389f7f12972debL },
-      { 0x397f21c798fefb2L,0x1bf2d441eea9caeL,0x3760fadbb5689c7L,
-        0x39f4cfa9b144befL,0x3236134a51a648bL,0x261624ed04a8a64L,
-        0x26ada44a3d81698L,0x2d15d8512563cf9L,0x140b4dfc79b7687L } },
-    /* 99 */
-    { { 0x3b145707abe5bb9L,0x32ff63947606fa0L,0x1f49c9827affae0L,
-        0x1229a1ed550836bL,0x3eeb41733c3a725L,0x0e09f18c20098feL,
-        0x23b70e7014fdc3dL,0x1c5a1f4063e12d7L,0x0151d483e00fbcfL },
-      { 0x14e3c7c6b578aa3L,0x33a6d74c10f6b85L,0x1e9bb6008101511L,
-        0x04bd016b1bd57e2L,0x02008ac7b4ec311L,0x1714be99f99a936L,
-        0x0ac2eb73c00d392L,0x1d14fb86e66622bL,0x08fdfa31d9560b5L } },
-    /* 100 */
-    { { 0x074a0e0251cf8d8L,0x225274107caf4b3L,0x0a4933ebce52d4dL,
-        0x145716f36b82dcdL,0x016200b93e1ac5fL,0x1e4dcdbb4fb37f3L,
-        0x2e69402506a266aL,0x3e4d56168722fa9L,0x00e081cdd539190L },
-      { 0x15f995653e28412L,0x149bcb6c9c592c1L,0x25eb1df3adc70d1L,
-        0x32b74d77b773558L,0x1a838ffe2d2c453L,0x30339627b510a12L,
-        0x19b609ad20c1375L,0x3ec1cb57eea06f6L,0x1ad5be41dcc622eL } },
-    /* 101 */
-    { { 0x23af6678f850756L,0x0deab94bced65d5L,0x0a53796842f586dL,
-        0x27fdd0fe65c434eL,0x193f1a8bacdaaf9L,0x027df364be9d579L,
-        0x10650b1af04e154L,0x3f6698efe682b5bL,0x00e67b1cead55abL },
-      { 0x260a8e0b5f43178L,0x3504b6730d6cccdL,0x3a63880f680856bL,
-        0x198b988b1c4f5efL,0x36ff824457f372dL,0x36c13946b5edef9L,
-        0x115c8d0f2bde808L,0x00bcb879e07f92fL,0x1941f475bfbb8e5L } },
-    /* 102 */
-    { { 0x1482bf9d63543ecL,0x32d9f2845fbcf9eL,0x0638160ccc63985L,
-        0x355ca6f707a2b14L,0x1a22686df556cbeL,0x207addf358bb65fL,
-        0x3a2ed9b124cb5fcL,0x16e5935ed3d99cbL,0x17260b29aa77833L },
-      { 0x1bfc7b6a43df7c6L,0x32b08ef081c1b08L,0x37bc345d958085aL,
-        0x34a8ca822f3adbcL,0x2d1953c5e9d8f20L,0x13da0343c22493dL,
-        0x29912c7d25d7c6cL,0x19131939a88dcb7L,0x0ebda1c06c452ceL } },
-    /* 103 */
-    { { 0x2677c5c411dd110L,0x1e1ea8b26471289L,0x2a41a45666d60d6L,
-        0x2ab057e7c554ef9L,0x30e0cc7b273e716L,0x29892ac2a4ee18fL,
-        0x39c260a40571172L,0x3c4c3979d95b868L,0x046af8d78b52ef6L },
-      { 0x16214b170f38dffL,0x1760a048e84415eL,0x04d4957ed8123e3L,
-        0x2e83698058411a9L,0x154f84413618fa9L,0x27aa56af9f374a9L,
-        0x2a30b4f1c2563e1L,0x26aa7111678532cL,0x183c748add661ffL } },
-    /* 104 */
-    { { 0x2981f399de58cafL,0x2e03f61d4fa990cL,0x1f242d11948605bL,
-        0x0180fbac02b20feL,0x17c73d79cf490cfL,0x0935186d00dfc94L,
-        0x2420cf844209fd7L,0x23e89ac0fdb489cL,0x1526f4bd29eb343L },
-      { 0x24d034ac389e51cL,0x2957a5b6df663a5L,0x17dee913c583acdL,
-        0x1effac0d102cabaL,0x09d461e29079307L,0x10efe2faa85b8deL,
-        0x3d8c3fb0a675330L,0x0977275d2690ae9L,0x0ec7c41e6d66bb9L } },
-    /* 105 */
-    { { 0x29b345dc5da8398L,0x1a107eece310c0bL,0x05627c3bb47abc6L,
-        0x0adce34b37738ebL,0x3687311858fbeb1L,0x2f53d3d352f0ab5L,
-        0x0e1b0e9521db1cbL,0x2f8f8a9a432bbf9L,0x194375215eb7bfeL },
-      { 0x0b234f12edfd661L,0x26613bb54b07d13L,0x3260d8f8f98c014L,
-        0x391ef8e1640cb49L,0x195e8b672fe76e4L,0x0ac03a0950d61cfL,
-        0x161eb8916c397ffL,0x06ef8ee6fdc16ebL,0x0007ee90182ae13L } },
-    /* 106 */
-    { { 0x36fea9e93fbcb5cL,0x2f960e7ea14a6f4L,0x3125fd611ba0382L,
-        0x1ff362898dc2c90L,0x23d8d4704a59ae3L,0x13106de6ade3183L,
-        0x249cc51bac243d4L,0x1fa7f10007fabb6L,0x0f6988ea44a83dcL },
-      { 0x190caa4f077f79eL,0x05d807678964353L,0x3bb3d21b4b77f4dL,
-        0x18240df86d8477aL,0x2135becf0031b3fL,0x0a40f76bc44fb60L,
-        0x319296f6c01379fL,0x2b614daf79f2a9bL,0x06c57d3b6849dbbL } },
-    /* 107 */
-    { { 0x23fee389abfccb0L,0x38a892e59db98e5L,0x0f0284ba6d276c6L,
-        0x2e919614f47e1daL,0x11b8ab9b6c38ba3L,0x1e81ccc5b8eacdbL,
-        0x233f3201fc97424L,0x379ebf7505c6094L,0x0214dacfa81ac61L },
-      { 0x25a9f37eaa3198cL,0x228d17f22e6754dL,0x312ad4f5ecbccbeL,
-        0x180308dd452909fL,0x228a27b05e841ffL,0x0a167fcd767a316L,
-        0x0bde372d3774446L,0x16fe0701183ffaaL,0x1810a0e49a129cfL } },
-    /* 108 */
-    { { 0x08203af45843c3eL,0x078c0eaafaeb9daL,0x08f3624df62b460L,
-        0x22b48796aa0e5ecL,0x39a242b0e568734L,0x0a9db1b4b3c4b1cL,
-        0x2751a2c848ed013L,0x0b416dcaa870bd4L,0x0f3b63296c392c0L },
-      { 0x24b42adc6f3d1f0L,0x37314cbd4cae533L,0x333583443d9c2f0L,
-        0x3bb7237672d5e04L,0x1ee87192fb50118L,0x15d06708c0e7869L,
-        0x396b0c9977267d5L,0x30d6918bbe930c3L,0x1f7454fb7963cd3L } },
-    /* 109 */
-    { { 0x0f281949d153926L,0x0a32460ad5d5204L,0x3b30509e94c942eL,
-        0x0ab7a75ad5d2d08L,0x18b3ca314c5acc5L,0x18f56f16a9d1b0eL,
-        0x0cc9890f4ea307cL,0x2465109554e8b87L,0x08e271198bff76dL },
-      { 0x3900e463c8e672bL,0x19d734fcb7f09f1L,0x11f7af2163c9703L,
-        0x021eb3aaac1c125L,0x17e8d236974d699L,0x04f7045520bc86aL,
-        0x36cd13dcfbc1dc8L,0x2bfc8338af20013L,0x03f2a54662c82bfL } },
-    /* 110 */
-    { { 0x1cf41e61588a8bcL,0x23343884314b2c3L,0x22bd758e7a456f4L,
-        0x12d22e6e55cce15L,0x3a6b89b9e1600d5L,0x263320bd1877e02L,
-        0x177147f7fd4f170L,0x317e459fc073452L,0x048b13385116116L },
-      { 0x2b763335d2617f0L,0x295dc9bb2e181b7L,0x032d1b91fce93f9L,
-        0x22db212e65ea4f0L,0x1823ca5bef7a438L,0x168cbdaeffa0089L,
-        0x0b5c586f19c0283L,0x07767c9b356b78fL,0x1e77f5ddc776d0cL } },
-    /* 111 */
-    { { 0x09feec86ee764c9L,0x3b20dac1f20b30fL,0x32e6a005b142d1bL,
-        0x28ca7a297a9afc6L,0x23ffe241c70ef51L,0x0a59b0a145f4a63L,
-        0x3acc76bb389e287L,0x086d4e8b6a2a4b1L,0x04a902c9126732aL },
-      { 0x2c51b9c8f7ce110L,0x0cea1ebac0dbc65L,0x10980a6a59e2dccL,
-        0x29f9e36d40209a5L,0x0c95bb030ceaf26L,0x1310bd0a0bcf0e1L,
-        0x2c4a0a6dd6e9f72L,0x0bbf1da3778a5c2L,0x16f4aedce4b03d2L } },
-    /* 112 */
-    { { 0x37f032aeded03c0L,0x128149623775341L,0x3c4f9a85be0f268L,
-        0x1ff82e6daedb426L,0x2f2fb5887bdda0cL,0x30f339f865a271fL,
-        0x0d2ae5f8a96960eL,0x0866ac10f6755daL,0x06829c8081bdb21L },
-      { 0x3f872fade59f006L,0x27ff1b2e5fbd69aL,0x15db58ae7ef8c2bL,
-        0x287d332a87cdc64L,0x289c27cc4c2e23cL,0x21af73186be3183L,
-        0x18de43eee5d7e7cL,0x3c22e4896d1fe6fL,0x0b453e7f4634b24L } },
-    /* 113 */
-    { { 0x0c496d0e3048bdaL,0x19d2650f0f79395L,0x09f74c2d509ee2bL,
-        0x07950f14226b081L,0x3105a365bb01f69L,0x22c5c1273665828L,
-        0x2c946734d93ffe7L,0x29d540a7e66cfe0L,0x091785c5ea20161L },
-      { 0x055f978953dbdb6L,0x3a13665fb2867edL,0x102936d4d75aea9L,
-        0x2a30549dbe91cefL,0x347c76356a9c17cL,0x0e5ce34a73d984cL,
-        0x3336094a68360b0L,0x1fc874f90c2a1a5L,0x1b40ae532dee2b2L } },
-    /* 114 */
-    { { 0x0110e825164cb8bL,0x26bd3c954a99f5aL,0x2d0e8d185527697L,
-        0x21fed93ab138435L,0x3ac424592cf6c57L,0x33836042102058eL,
-        0x04c15c5d8fff37fL,0x0fb262ca139276aL,0x010ed8055673266L },
-      { 0x06f403051f3ee9eL,0x38fba6ce2b7c784L,0x3a6ea13d64492e8L,
-        0x1160386aec74f21L,0x10bfd729827b49fL,0x3f1e8d7f0a0f45eL,
-        0x23ad4f8fe50fa5aL,0x077c9dcf69516b7L,0x1f878bfaae4d9a2L } },
-    /* 115 */
-    { { 0x260d8e8abad5678L,0x29cb3b9803096ebL,0x20b44c288e210afL,
-        0x1db49533e7ee753L,0x0959e2ba564447fL,0x25844cb07ecdaf1L,
-        0x140f19393c44d72L,0x199235ea2207ff0L,0x09127a861288d09L },
-      { 0x136c0218a9e690cL,0x331487aad3e856dL,0x0423b00ee54c85dL,
-        0x096bcea392026bdL,0x0b7731d85b37935L,0x1073ed5787cd8c2L,
-        0x3c4529b5361d781L,0x098d3a907ca7bbfL,0x0e8cf5755b19f7dL } },
-    /* 116 */
-    { { 0x1edb80dd212b398L,0x25860754f74dcc0L,0x20478a52fa95d03L,
-        0x0ca9e0979b43821L,0x1330ece4fad1e64L,0x01e24dbf80616f1L,
-        0x3f6ea3508f7313bL,0x1ad8077260bf679L,0x0e8dbf3a602d555L },
-      { 0x3763234279e05bcL,0x3d03b3d1114f4f0L,0x1f4d7fa307937f5L,
-        0x0d84235f888c431L,0x3c2a98bbc5cffadL,0x1f51fe03cbc07bcL,
-        0x322e1c30ab1719dL,0x37e51ef27e462a6L,0x1f9f53dc52ae834L } },
-    /* 117 */
-    { { 0x266b49ec183f89bL,0x2d7c097d601b53cL,0x02b594ec3080d3fL,
-        0x100dc73645f4c29L,0x3b7f7e26d4b6b19L,0x356ded93dd506aaL,
-        0x0036c5e55269eb2L,0x099d4386a1705feL,0x1cea0ff0f22da5fL },
-      { 0x02bd56a3a8e11f8L,0x190087d7e6ad518L,0x2c5a0ccc92d7298L,
-        0x39948fd942f19d0L,0x3f7fabfb4d64569L,0x0f279b2f2391a06L,
-        0x35ff20b4275947cL,0x2ba88ace54b54e3L,0x1b0818f8e381f04L } },
-    /* 118 */
-    { { 0x3e5bffae50d90f0L,0x0ec46fd4047370eL,0x2711a691dfac4cbL,
-        0x0753a869dcf8432L,0x3e586eeb662ec21L,0x030bc7f56a5e7aeL,
-        0x3bbfea4df16ab1aL,0x09bdbfa78fdfb15L,0x15e1b05960e5ae5L },
-      { 0x08e04a58630e62eL,0x00c439911f86dc7L,0x2b6143b4447a3d0L,
-        0x145d18b9e8f3c79L,0x00002724d92abb8L,0x114a5b7e0c27a82L,
-        0x0ed8121d805d70eL,0x351383ce126ccf5L,0x0962d6bffbc6834L } },
-    /* 119 */
-    { { 0x13fe58d48e07711L,0x20d92349c28ecb4L,0x092d8cdff04c70fL,
-        0x1e145047c50545eL,0x03e4f8a5515bb65L,0x104cd8bdb0c7364L,
-        0x206d4d73f871520L,0x0c5fcbf8097bbb2L,0x0ad32a6e417954eL },
-      { 0x238c63f69d147dfL,0x2ec1b9c42fcdedfL,0x2bef28d514deb69L,
-        0x3ee34470f66e537L,0x10385c6044b2307L,0x1e003a0cecda77eL,
-        0x101c1c68ea2f49eL,0x1e063c0a2c961f5L,0x055970782215cefL } },
-    /* 120 */
-    { { 0x0c351db54c1d751L,0x114c06e83e54484L,0x334fbfdc8bed814L,
-        0x0e33c8da02a9dfaL,0x0e04f2860498d81L,0x1a96db6a4a30529L,
-        0x1a910396192dba1L,0x10409277aa56d7eL,0x08580dd45780172L },
-      { 0x10725000e09221cL,0x016c87c877815baL,0x2fa1e0e6095062eL,
-        0x1edbddd44a51232L,0x1f1f34aca657fb9L,0x27fc575974a646fL,
-        0x09ec79a66cd5ac4L,0x2baa37075a25f41L,0x067388fca84e72bL } },
-    /* 121 */
-    { { 0x120b49da6ef1dd3L,0x281178ee9b35d99L,0x180af33d5f48391L,
-        0x2cbbc1d1d2a7212L,0x278bfb1eae53cf5L,0x36a41bea8d6cba6L,
-        0x1f2cf4eca97fd6eL,0x21627c6a4de246eL,0x10d667533693ab2L },
-      { 0x351049673691fafL,0x0f4ea755fb18616L,0x21bb930a8525dc7L,
-        0x07902c16da5f8a4L,0x3413bedca094f57L,0x3469ae617a5a805L,
-        0x2de8b79e7d4f728L,0x115355450ff68faL,0x0fb859b8444d16eL } },
-    /* 122 */
-    { { 0x022083e7c667aafL,0x1172e52a4732e9fL,0x19318ca0e94a335L,
-        0x08f93aa831f287aL,0x242f56844c3afffL,0x0354b42e886b10dL,
-        0x1301d4fcc68a8b6L,0x2f3850069616daaL,0x0a3547f762c907aL },
-      { 0x3dd3ed3fbe260ceL,0x1dd4b6037007e98L,0x375d6f1da3e4271L,
-        0x1294987c43b57eaL,0x3d20cd6bb5f1686L,0x086b195af9ec7d8L,
-        0x3b918e9d638c102L,0x0bee0c4dee3d99cL,0x17423eb44384adaL } },
-    /* 123 */
-    { { 0x14e27c42a1fbcf4L,0x34a16d7eb357b86L,0x2bdd915e66074c0L,
-        0x043bc29aa69d70bL,0x1067cf4581e6965L,0x2fb87ee84f16be8L,
-        0x1279e72be013c17L,0x33d6616901b5b6bL,0x0310042951d5142L },
-      { 0x2735ec1a22bbc45L,0x14e469fd5bd361aL,0x39d0236001de4eeL,
-        0x146a8be3494c16bL,0x0187db78aa8b218L,0x06a2230c38b0db6L,
-        0x3e7d5bcfcc083faL,0x3408ee476adfef4L,0x0f462d85460f4fdL } },
-    /* 124 */
-    { { 0x168ba024972d703L,0x132874e426280fdL,0x2542ae28c855fc4L,
-        0x1816c6d14dba6e3L,0x34c7f7e484fd4f3L,0x08c208f4b822c1eL,
-        0x09fd13042f3b982L,0x20d6727ff4c4c62L,0x1bb56af0652c6c6L },
-      { 0x1bf05e206e0f16aL,0x2b0beb5d191297bL,0x0a980f92c71afc1L,
-        0x35cdb2002879668L,0x2236178dc13ae37L,0x2d1bbc417c83bf1L,
-        0x2509e4443a58b82L,0x366c32545f73d10L,0x1667d0bb415640eL } },
-    /* 125 */
-    { { 0x2a30a613d22842dL,0x3803d6cf13b380eL,0x0f876df82b798c6L,
-        0x1b5e34823161d93L,0x1e788854ada92d8L,0x166c2650294b4e4L,
-        0x05fc9a499b26fbaL,0x3c4d17704ceb413L,0x1dda5c0926934e3L },
-      { 0x30dcac2fad6d673L,0x3f7c1403cecff9bL,0x1941631756e96d8L,
-        0x24c2936038fb39cL,0x231d130013990f4L,0x156058e3cab2a4dL,
-        0x1d5679ee91966c7L,0x07369b7c3d5d39bL,0x111be124868ccd7L } },
-    /* 126 */
-    { { 0x244c726475cc1b4L,0x3f0be4adce5e33dL,0x26d10e3d7eb7915L,
-        0x06bd030e381969fL,0x1e1ad24fcbb44e2L,0x0d581b9662198aeL,
-        0x0f93f7270ba4ddcL,0x2935f0e0d28b069L,0x02193d0c9a23362L },
-      { 0x2cb7b8cf769fd7fL,0x176a5e26884ee78L,0x0c566b910fef181L,
-        0x0249a4c50e1ed3eL,0x1925b37c02088b3L,0x1a9903951dedc6fL,
-        0x21c6efa049a9212L,0x15acb4f77c6f7f4L,0x0649b5f9d7d232aL } },
-    /* 127 */
-    { { 0x240adf8679a9c35L,0x36638f2dd35e5b5L,0x0ebb5f8e9dafcdaL,
-        0x13ab5281cf1192eL,0x22edde557473861L,0x1db382e6f61b03bL,
-        0x15fb96773317385L,0x2bab66d74cc9d02L,0x13672f0aeb3ee09L },
-      { 0x388c76d64e54ba5L,0x39ebc7711d34868L,0x29d1b2a7708163fL,
-        0x27b784902b5fe8fL,0x2c720303a0447b4L,0x1af4084f67d92d9L,
-        0x203ea5b1c78029eL,0x174ac72bc71c02aL,0x103179180eb3bb8L } },
-    /* 128 */
-    { { 0x1bf4f9faf2ed12fL,0x346793ce03f62abL,0x3db5a39e81aece1L,
-        0x08589bbdaf0255eL,0x20cf5b28df98333L,0x00e4b350442b97aL,
-        0x067855ab1594502L,0x187199f12621dafL,0x04ace7e5938a3fdL },
-      { 0x1c5b9ef28c7dea9L,0x3e56e829a9c6116L,0x02578202769cd02L,
-        0x0225375a2580d37L,0x3b5dea95a213b0bL,0x05f2a2240dcc2dfL,
-        0x1ba052fe243ed06L,0x25b685b3d345fecL,0x1c0d8691d6b226fL } },
-    /* 129 */
-    { { 0x22edf3fbf8015c2L,0x208db712540b62aL,0x36e0a6a43157e7fL,
-        0x0968b412c33a243L,0x1a809dbab318ef3L,0x299f288673019a3L,
-        0x3ebc49dd26937adL,0x261123c9f04b20fL,0x02987b3db2f3c9bL },
-      { 0x3e7aed0fd2e3dc7L,0x3a2f6dd057f554dL,0x2c9a58a45f25498L,
-        0x2e882721743f035L,0x2d579e1ee83d5baL,0x140affb4c7b2371L,
-        0x01bef11f4cad0baL,0x3299710cb9b387dL,0x1913b10afaabbffL } },
-    /* 130 */
-    { { 0x19f7df053053af7L,0x011d96ca2873d2fL,0x38fc7ce90438603L,
-        0x1bab2317775105dL,0x3fb59ec618fbed3L,0x06c6fb3c9ec4c4eL,
-        0x1973a99d2656ffaL,0x2d654cd384d1651L,0x18c3261888cc362L },
-      { 0x013a414aa7f6ff8L,0x2bae20feadf1ebdL,0x086b7cc307ba092L,
-        0x0948d18403be876L,0x302140c93dc81c1L,0x184120d64f5349cL,
-        0x1795f3a1ed7e3ceL,0x3505b8ae47b3f7cL,0x191160dc11a369eL } },
-    /* 131 */
-    { { 0x272f46e8b57d7ccL,0x02c3952fc08e1a6L,0x396e05b3a91d314L,
-        0x2a693b09b8221b0L,0x3c50f58e91b9ab3L,0x1789abc1d0bfabaL,
-        0x1cd9f71592c6085L,0x0b22650f351daecL,0x17c3ed97fd4c7f0L },
-      { 0x3b02503e6d54964L,0x34458b1a8c63014L,0x2cf49cc28c22d9bL,
-        0x1000d4d190063fdL,0x2b4cc0668a45c78L,0x10b6f80e3a8ccd7L,
-        0x36c3cd7ad727f8fL,0x0b5dac55fa447f7L,0x1b3a7f894c9ec99L } },
-    /* 132 */
-    { { 0x1e6e397af09ea77L,0x1d82e5d77097164L,0x0c08b94a197b26aL,
-        0x2a2da3398663010L,0x15bd23564041bacL,0x25deccfe8668345L,
-        0x3bd02986ca5b94dL,0x07e67cc7e1fe397L,0x0b8f76c55a6b190L },
-      { 0x35bf8c33846ec9fL,0x08817277ab29185L,0x1ec0a3108df0f46L,
-        0x20f3ebb64a24b2dL,0x065049fb2879db2L,0x1bb940c51df7001L,
-        0x2dce4548d24bac9L,0x1a13e9f6dac595aL,0x0fc0110cdabab1cL } },
-    /* 133 */
-    { { 0x11b66d84d308bf2L,0x04f27f598e00105L,0x1f92fd383bf9990L,
-        0x210fff23bf1a24bL,0x0313ea287a10efdL,0x2837dd0149f8c5bL,
-        0x2bd2a18ef6e3cd3L,0x3933b2e5b90c3dbL,0x18cc1ebecf2a70eL },
-      { 0x0d14ad71a70404cL,0x087743e738a8c20L,0x3cde3aa3e0726adL,
-        0x0458d8e9a42e532L,0x1c6b1e2b40ab596L,0x1b3bb16f9c2ffd1L,
-        0x3757c01296dd0b6L,0x247a3532ca9d1d1L,0x0aa08988ca63d7dL } },
-    /* 134 */
-    { { 0x22dcfcaf8db0396L,0x3a3cded08b69daaL,0x034996485724e8aL,
-        0x311efc524fd94beL,0x2b0247a4ef647c3L,0x2baf6a3a2d802d1L,
-        0x158df0abf3e4397L,0x2eac8b8748c7e9eL,0x0ef38e692b1f881L },
-      { 0x33c168926cf3047L,0x053e51654e61607L,0x1d1c293f20b6dadL,
-        0x1bbd5eaec5ff7a1L,0x01794de382ea543L,0x2ffb34bc346a3ffL,
-        0x3860429ba508e22L,0x0c7e0443c29ff6dL,0x1962ade6f647cdeL } },
-    /* 135 */
-    { { 0x196a537fec78898L,0x2779cb783e9dff2L,0x36acd34cb08f0b3L,
-        0x20b69e34d4fdb41L,0x3a0392cc1acd8bbL,0x160552757fa0134L,
-        0x27c6d9ab7adedeeL,0x0fcde20e4068301L,0x1915855ffa24ed9L },
-      { 0x1570e36bf9ebef3L,0x011a977d2cc5dcaL,0x1a95a6816b5ce21L,
-        0x204a2343847e6e2L,0x13979159aadf392L,0x323eaecb5aeaaf9L,
-        0x07af10411afee05L,0x38defc64b0ebf97L,0x0f7aa72e81cd7dcL } },
-    /* 136 */
-    { { 0x0fa3c0f16c386eeL,0x2c11a7530260e48L,0x1722876a3136b33L,
-        0x248f101b019e783L,0x24debe27d343c0aL,0x25bc03abbc8838fL,
-        0x29dcff09d7b1e11L,0x34215283d776092L,0x1e253582ec599c1L },
-      { 0x08ef2625138c7edL,0x10c651951fe2373L,0x13addd0a9488decL,
-        0x3ea095faf70adb9L,0x31f08c989eb9f1eL,0x0058dda3160f1baL,
-        0x020e3df17369114L,0x145398a0bfe2f6fL,0x0d526b810059cbdL } },
-    /* 137 */
-    { { 0x049522fa0025949L,0x36223c2ef625149L,0x2f5fe637216fb26L,
-        0x1911ca09fd8cd10L,0x399fc2681d8ec3bL,0x231dc4364762868L,
-        0x1b27626d232ead6L,0x27e9e396ff8bf94L,0x0040f9f4fedfd10L },
-      { 0x152ea516b4a05e0L,0x3523bbc871e3ac6L,0x26191997dfdbcb0L,
-        0x0122d3087f5934dL,0x2be92303a0d11b2L,0x2317a0269bd5a6dL,
-        0x005d8e2b8f60967L,0x27289c89ad6acdaL,0x1bdd6cff180db34L } },
-    /* 138 */
-    { { 0x09f8576943cc612L,0x10c67a0cacc71e9L,0x2297cccadebdc91L,
-        0x10ac18660864897L,0x025b1cc7c4918fbL,0x191b97c2b32cc21L,
-        0x0e3e22751d3347aL,0x00023abed2ab964L,0x151821460382c4aL },
-      { 0x02481dbbf96a461L,0x048ba6d4a8ee90fL,0x058e464db08b51cL,
-        0x1e1b5a82074870aL,0x0f533cef7b1014bL,0x05517df059f4fb5L,
-        0x1b7b9f6cfb32948L,0x30a67a91b4c7112L,0x081cfad76139621L } },
-    /* 139 */
-    { { 0x3796327478a7f0eL,0x060f8b785dc177bL,0x26df572117e8914L,
-        0x026df354b3f4928L,0x3ad83c1603cdb1bL,0x027be326790ae7eL,
-        0x254ccd6971d2ea7L,0x083f06253f16e3bL,0x0fcf757b4e534a5L },
-      { 0x25518cc86b62347L,0x072749ef0aa4a16L,0x2b052966727fec5L,
-        0x0e82b90f9bcbba8L,0x205ca066bbc8a8eL,0x20ce61b6014d6d7L,
-        0x374cdd91ffcdb18L,0x0890cbd296ee8c8L,0x12408763a490d20L } },
-    /* 140 */
-    { { 0x098b9724efac14dL,0x12fe369e6a74f39L,0x0dbdd6e07c29b6fL,
-        0x3f5c5dc54e03c7aL,0x271b03263fac30cL,0x26d157d53247b48L,
-        0x3092bfbf9383351L,0x0ef65da979e2449L,0x128a97674e1b481L },
-      { 0x1b63c41583e5924L,0x26bfc63c5c7418aL,0x33cdab227a2861fL,
-        0x36a2846adc0ad16L,0x0e8db6971939d5dL,0x3b042014afed1ecL,
-        0x0e1801562379df0L,0x12aeabd69920493L,0x1508d98c43434f9L } },
-    /* 141 */
-    { { 0x2a9fe73cfffc80fL,0x38ba6f50d1cfdb7L,0x3ed3c9d37ba7e23L,
-        0x349e8ff0d5c9fecL,0x38e04a03d733766L,0x2ef83d0f436d33cL,
-        0x186f4f8ce017522L,0x2c0df61fadc676aL,0x1536d1b50ae2fe6L },
-      { 0x31f5defda40bab1L,0x1aa2be6caf698cdL,0x1c890d4aca8707dL,
-        0x3fd90ffe2ad7a29L,0x14bf8ec2f4d72f0L,0x3ae4f88a7130436L,
-        0x2dfd0136b0eaba0L,0x2820af12c3a3c74L,0x1429f252e5a9d34L } },
-    /* 142 */
-    { { 0x2ffd4c17d0e7020L,0x1a6aaad52085a12L,0x1708588f348f9b1L,
-        0x3fe21661aef6f80L,0x115f9c381daebf6L,0x12a529eecce61fdL,
-        0x2d68497e455f2c0L,0x1e630e690510a83L,0x1541c1ad4a61ef7L },
-      { 0x247b628072709c4L,0x035a2e204397f9dL,0x0874e92e0f63b33L,
-        0x2e7e2faa6eb46f6L,0x08318981a144e4fL,0x1a31a81f056bf06L,
-        0x200b66e19c5c82bL,0x1ebb216315e88dbL,0x0119b25511007cbL } },
-    /* 143 */
-    { { 0x21ced27c887027dL,0x03ccd4afeaca184L,0x3c1c19d511e2605L,
-        0x2a5fd31a7d5b8dcL,0x325226bb402d4c3L,0x0f9eb0c39bcd5abL,
-        0x18fdfb3b9011c38L,0x28d8d0ec308f4cfL,0x00ba8c390f7af2eL },
-      { 0x030c3d67e851bacL,0x070e2697d513f31L,0x3c6467fba061899L,
-        0x13a5f2f6fd001aeL,0x17734adadd49d02L,0x232db4a914e6df7L,
-        0x24b3ad90ba8f9f2L,0x1a4a1ea4860c137L,0x06ab28732efa7b9L } },
-    /* 144 */
-    { { 0x1dab52d22ed5986L,0x3989e9614cf819cL,0x237acf155fe3deeL,
-        0x035eba2c4cba3fbL,0x134a08b94cd6149L,0x270570c09c1b861L,
-        0x25ad46a85ffd52fL,0x002ef568893cd46L,0x1e644d1b6d554d7L },
-      { 0x2830686862e4e9cL,0x335db121d8ff925L,0x1679c0839caafe5L,
-        0x3ae360f58b580c2L,0x211bc4ae2c0e4cbL,0x13f2818a4478953L,
-        0x22704596a0d7c86L,0x104b3d5e17757a6L,0x1be2f4677d0f3e0L } },
-    /* 145 */
-    { { 0x00012ddab01a6dcL,0x2f5b06b86b6da53L,0x1aecb9b05079391L,
-        0x2798a84187ceb9fL,0x3a96536b7c2714fL,0x385d952dc65e3b9L,
-        0x2b3dd4eec11bd05L,0x2fd871c459b83beL,0x1d70f7aa57287edL },
-      { 0x2ea6f7d51eb5932L,0x3a82a97e20b2909L,0x20977739f7dc354L,
-        0x0aa6f95e4d05d6dL,0x378545eccd33519L,0x2d90f2766007d08L,
-        0x23abec32b8e2567L,0x19426e504775c8fL,0x0ee656dea68cf1cL } },
-    /* 146 */
-    { { 0x138e140a0890debL,0x2f61f6f3ae12f53L,0x3f72ba041decbf7L,
-        0x02a9a082fa547c3L,0x38c486298afeec7L,0x1c043b11d546428L,
-        0x3879b1ecdba558eL,0x085733b6476e231L,0x14c08de3e4cef5eL },
-      { 0x01534ed16266da2L,0x0c8baded3240267L,0x0aef699276889ceL,
-        0x1fc170a1134df7bL,0x31ac519ab652509L,0x168f321b48edf84L,
-        0x0c4575682ebb726L,0x14dcc314c76e58aL,0x0be2e00e8b87380L } },
-    /* 147 */
-    { { 0x007c80057ed32e9L,0x39033df009265ceL,0x2abbabb54830427L,
-        0x1bf3a082fd16141L,0x3b2c43e81564977L,0x3fbd9922d4d4ca4L,
-        0x3bdca5671e8353cL,0x3f5e49c85f4fe40L,0x1dc40a9c109a813L },
-      { 0x3eaa6c33db21a38L,0x088b875cfbdf91aL,0x04e7bd1d507fcaeL,
-        0x19161e9deac7fdaL,0x20c64a4d6f5bac6L,0x29f0de29631d3d8L,
-        0x02e4094ca837d96L,0x3853fd0f7d4c4f9L,0x13f8a9a4347fb49L } },
-    /* 148 */
-    { { 0x1ab4edf992f8923L,0x2a9781bf4827ce1L,0x1b871b1340eee24L,
-        0x07e4782ed009efaL,0x2f3d4c62c2957d1L,0x1ffdeabd096beb4L,
-        0x14cbe92d231286cL,0x0d4a65904acac04L,0x19f6706a231c3e2L },
-      { 0x2b3bbd2225c02afL,0x2f0598fe8fa6341L,0x2b75b84f482e53eL,
-        0x084aff1577e9b7cL,0x0512a73da912b45L,0x354faa90c2f6f50L,
-        0x27fd53ac0f43d93L,0x092d3f0d63f9030L,0x0a32cb183be9194L } },
-    /* 149 */
-    { { 0x39b0c2d3fa6a746L,0x29e488756892a38L,0x091478cdf2b5e84L,
-        0x1f4c199b2cdc296L,0x2f6d71d068a8806L,0x01974612c269c27L,
-        0x1c944850007a3e0L,0x24eb1c11abd2ee3L,0x1fd2b6a3129c654L },
-      { 0x3d5d5bde45f2771L,0x0ac22bd0cbb6574L,0x00fbf232a6bb854L,
-        0x10fa2fb32c8bb35L,0x2bf8e247f0fcb61L,0x368c0e6f3b3144eL,
-        0x02a0df955d56f78L,0x3f8aa455f18655bL,0x18ca6d35cbf3031L } },
-    /* 150 */
-    { { 0x1800b1bbe0c4923L,0x2b9d01a40a41ef7L,0x337f957bd0c7046L,
-        0x2765957e2e08e62L,0x2500f4150aa8e1aL,0x00b9ebbb34a49feL,
-        0x29692e826a9c6d2L,0x15df2d33d62ce7cL,0x11f3093868cbf41L },
-      { 0x1cb5e7a333ed442L,0x3238be41bfbdeebL,0x01233d98f228ae5L,
-        0x369fff84970b66cL,0x1ba2318354632f2L,0x0b4b14496521dccL,
-        0x17d9c4a0caae5b1L,0x003dafc03996261L,0x172c5d1008654f2L } },
-    /* 151 */
-    { { 0x09540462fc283e0L,0x0ce611fb8220396L,0x340eb7fd1622f76L,
-        0x07bd66317b7ebc6L,0x37e00d9bbecf515L,0x2310ff51ad364bdL,
-        0x11d1d27543e3b3aL,0x2db4ce65384b194L,0x0c6dd841a1daf05L },
-      { 0x3da17e023b991adL,0x0ac84dc7ee94508L,0x2c5a0ddc1879aabL,
-        0x2b57d8eb372d05fL,0x01e2a7d50173bc8L,0x041b4020bf3d484L,
-        0x3012cf63373fd06L,0x117bc7a084779f6L,0x18ca07766d95765L } },
-    /* 152 */
-    { { 0x24347b9af80dfafL,0x2d8c7e71199fce3L,0x1b266ddbc238a80L,
-        0x196aa1c6281bfc7L,0x0af31c35f6161e3L,0x31a11ba39fdeb24L,
-        0x0175b4c03831d1fL,0x1cc68799a7441a1L,0x0c76da9d620934bL },
-      { 0x01f597ba3e4e78bL,0x137b7154267e6a6L,0x399593088c612c1L,
-        0x01e6c81d162fcdcL,0x3a22769007c5683L,0x1f9b6bcf1110311L,
-        0x129103b6df23c8fL,0x1e58d3d98b0950aL,0x0f9f4ea6db18b3bL } },
-    /* 153 */
-    { { 0x269eb88ced36049L,0x13ff87d06e67e31L,0x35636a72e10887aL,
-        0x2319682ee29a42dL,0x096e4295567dd6aL,0x2aaffeb50b3e316L,
-        0x2f26a45286b5f31L,0x3940c7df7ebca3dL,0x120c5d9e0ac0e1aL },
-      { 0x3bee3ffacc10da7L,0x0b57e651251b96bL,0x3e863c4220ff67eL,
-        0x052f5bd8cba3b05L,0x3c3fc9ef4fe6f74L,0x0efee1c12a78f03L,
-        0x03342d25ff3cba0L,0x334b863f4d802ecL,0x1ac1e63e7530050L } },
-    /* 154 */
-    { { 0x183d07c8f3d6a02L,0x3050f1fbd343477L,0x0bf0d4c7af6171fL,
-        0x26209f173c32a65L,0x32b697882c8a93eL,0x2957a2e92840b1eL,
-        0x2d64f0633c87d58L,0x007f06ba208bf30L,0x1c12ce9b53f986dL },
-      { 0x19639fd95dc1b79L,0x23dd50fd3985aa1L,0x3c4cede2fb9f272L,
-        0x203543eba79b9c0L,0x3c2d530ed042f76L,0x375662b0151af0eL,
-        0x29491000a4006bcL,0x258a4fcca1b2784L,0x14677782255b6bfL } },
-    /* 155 */
-    { { 0x381421ee30c98feL,0x03fac3f0b35c16bL,0x0ca614df6ad2debL,
-        0x37a6e8c53a26cb1L,0x04f04b16dd38134L,0x01fe32a2910f7aeL,
-        0x0f3917fc556ee0fL,0x33504f0720eece9L,0x1998397dd24b1adL },
-      { 0x201e17edf4781e6L,0x1f0c651bc7e4072L,0x2613b53090da32dL,
-        0x3729f23181e889eL,0x2ddc697092495b1L,0x1582026073cbefbL,
-        0x1134d71d3d82bb4L,0x231073f37768c21L,0x0d23dd171b59679L } },
-    /* 156 */
-    { { 0x3a40f84d4dd7e96L,0x1323aa1027f0325L,0x29e6a9d11393711L,
-        0x0863f631b5b15bcL,0x200269e7c3b6066L,0x164a757eb4eeaa1L,
-        0x2e365b1413c6b00L,0x2abb306b5f90088L,0x1d36a82621a4798L },
-      { 0x2ac45c4c1003c81L,0x27bd6bd0f6180abL,0x1f5e60f774699efL,
-        0x2aefd74a160da99L,0x1c84acef1f312e7L,0x34922d48bd4fb20L,
-        0x265c6063e32ca29L,0x065cffa6a9f1607L,0x017e3686c9a5284L } },
-    /* 157 */
-    { { 0x32efe659e90de99L,0x1216f2b416ad8c2L,0x2a52e14e4892be4L,
-        0x0c0898a1a1f1229L,0x15eb3db542ad854L,0x11796104987c3a5L,
-        0x17573948e81863dL,0x2b7933f87383e3bL,0x03fbd6f1ff57d84L },
-      { 0x03711ddd1bf968cL,0x235f35237e91cb5L,0x1223e425a566d55L,
-        0x0e1709b410527c2L,0x17c2c17430cf833L,0x050f6766f9ee07cL,
-        0x3d3faee3bdc33e5L,0x2046bce16b0d653L,0x1137551cf429fd1L } },
-    /* 158 */
-    { { 0x128f55b20193bb2L,0x15e741cc42e1c92L,0x2309d345d27696eL,
-        0x0caa1c61a297b81L,0x1110386839a43e4L,0x0ccbc420a3044f8L,
-        0x05cbb48286ecf3aL,0x236bccd22a8dc0eL,0x0c6698ffcaaef15L },
-      { 0x044c54af6908745L,0x0cdb91a8cd4fee8L,0x2852d561e821a6bL,
-        0x1c0d8d245fda530L,0x181f613151b2979L,0x3d1a97bdb8408eeL,
-        0x114f7f6817dc2beL,0x316fe4f7a82be38L,0x136c3cf3cd5ed72L } },
-    /* 159 */
-    { { 0x38799ab7b080de4L,0x3de0775a760e5aeL,0x2aaa986f8f633b8L,
-        0x0e2952f1729dad0L,0x1a9c2fbb95d74c0L,0x005e24c1dbf2d81L,
-        0x286f0d8451b4408L,0x0c98d03c030e274L,0x14c3038e9520c54L },
-      { 0x14bc3816977aad9L,0x3f420b5c21ef8f2L,0x020c875fed08adbL,
-        0x350d1595bf01b42L,0x00fd6dd4ee1ce84L,0x297ead01c713638L,
-        0x2eeb6f23338b226L,0x309b351dfab042eL,0x078e4db08bb5f80L } },
-    /* 160 */
-    { { 0x111d12a1078342aL,0x11c979566841900L,0x1d590fd3ffdd053L,
-        0x27c1bc2b07fa916L,0x33e19bc69cf694aL,0x27773403db492b6L,
-        0x32dd4e3ce38f5ebL,0x07154e1003d9ad8L,0x085cab8fdfbe15eL },
-      { 0x2943f6b8d09422fL,0x0a5d583e6230ec2L,0x01fa2ef2e4d917dL,
-        0x0ecd7df04fd5691L,0x3edaad3ff674352L,0x0d1c90b49d34d01L,
-        0x38615d594114359L,0x2533472c9cc04eeL,0x07da0437004bd77L } },
-    /* 161 */
-    { { 0x24b99a62d712c44L,0x0da3e29a5895de0L,0x0432d65e2287148L,
-        0x019bd6f17e23b5aL,0x14ec3479d140283L,0x0c9b6dc39b3cc48L,
-        0x32936b96db6f449L,0x086bf296b026328L,0x04d69e248c72feaL },
-      { 0x2a89092a71269fbL,0x2f6ea061942d802L,0x02a39fb55db22f6L,
-        0x37d8c47a7407673L,0x090ac2c1d0fceb0L,0x2c7cdca9bebade7L,
-        0x0c41932393b222cL,0x399d18a9bcf7ef2L,0x0019dea30b22fe8L } },
-    /* 162 */
-    { { 0x1f689ac12b3118bL,0x3b8e75b2dba959fL,0x22c2187cd978d06L,
-        0x206354df61f3f30L,0x2e9f56db2b985b6L,0x38263055d611454L,
-        0x212cd20f8398715L,0x0711efa5a9720ecL,0x1fb3dda0338d9acL },
-      { 0x06b7fe0cfa0a9b8L,0x22eb1f88b73dd7cL,0x1e04136887c8947L,
-        0x37a453152f3ce05L,0x00f51ea64ed811dL,0x321c15df2309058L,
-        0x2bbcb463914d834L,0x3d4bbb493954aa2L,0x0019e5eb9e82644L } },
-    /* 163 */
-    { { 0x365a04e66d52313L,0x25151534fdcaf47L,0x1dafa6b7ae11fd6L,
-        0x3615c6ac91caf03L,0x2ae5a8d68921f79L,0x3b17384f5317e59L,
-        0x24bd39fde17716aL,0x19e0dc39bb692ddL,0x1efffe94085990dL },
-      { 0x3fa0e27d88f92e8L,0x3bc3f671dc48f3cL,0x174c89274dbaa21L,
-        0x296e6e89d898966L,0x246ebcaf6d4cfa4L,0x3e38a1c04324274L,
-        0x3aeea20317a10d8L,0x2c28ec1dc778514L,0x0eadf0c479168c6L } },
-    /* 164 */
-    { { 0x1bc1e484c854477L,0x3096d218e391f04L,0x202b869c54d92beL,
-        0x0caf879fb490f53L,0x06b460c4ae318deL,0x2909abfbd51c7acL,
-        0x052dc138ae7bf3aL,0x37a748eb89b7761L,0x1649d3fc1d55782L },
-      { 0x07cae310ade1979L,0x1c1074ed2f1ca36L,0x3c4056c3c9bea84L,
-        0x0ab5d2b919ce248L,0x0ecbe49ae36fe18L,0x3107e7d64affdbdL,
-        0x2307156680db80dL,0x1cc1cd6eb01bf91L,0x0c06d68b4c7d6d0L } },
-    /* 165 */
-    { { 0x3e22be7854dfcf2L,0x069f7e9ab8ef436L,0x3ad1a521ec46ee2L,
-        0x1e906a52133d18cL,0x32aa123f3ee9452L,0x2b8f2a484517ae6L,
-        0x05d9255634a82acL,0x0b63385dab283f2L,0x078504cf7fc1908L },
-      { 0x34ce7c43799793cL,0x375862d5467ed75L,0x1f9395ff980874dL,
-        0x346e2fd8798b3dbL,0x3dcfcf54f00ea45L,0x0c00d6c09a18d84L,
-        0x28a9cb67423b760L,0x01dfa7ef1d4d100L,0x0f47b52ce37051aL } },
-    /* 166 */
-    { { 0x3f7d8ad96bec962L,0x3207d85f8041ebaL,0x0509214e1058d1cL,
-        0x10d08e5327d9311L,0x11a6605136c298cL,0x037e090f644014bL,
-        0x1cdea4c36437549L,0x2dec48c4ef87bf9L,0x076249a60f7d27fL },
-      { 0x09758381cf593a0L,0x33bbee0d931679dL,0x1333e05c99910c9L,
-        0x07d0860238cbd68L,0x34f5e8f4f30ea5eL,0x1b032d1d5bece93L,
-        0x3dcc6a2cae6e2ebL,0x3045d82cc1ff422L,0x01aee17901c0ff8L } },
-    /* 167 */
-    { { 0x048336b89aa9e14L,0x0d09c7d9d9c03f0L,0x0433906b6980666L,
-        0x387aedeac8d36a8L,0x3eb59a05330247eL,0x0003d3565a6d2a9L,
-        0x026b5bd78ef8258L,0x15b13976ce3ad18L,0x03b06a43e5d7d68L },
-      { 0x20ae838ed2a0ee7L,0x2f94a3c5ba204eaL,0x1f5c4ea6413704bL,
-        0x2d81b8a619e2adbL,0x2f459ed2b5be80cL,0x1d85486bc66c6dcL,
-        0x116f3b7a9cce4d1L,0x1a494e6bfe652a9L,0x00797d92e86b341L } },
-    /* 168 */
-    { { 0x1aeede15af3a8caL,0x091e0a970d47b09L,0x23fbf93ec080339L,
-        0x3139bd096d1079eL,0x081e76009b04f93L,0x0603ff1b93b04bbL,
-        0x0aef3a797366d45L,0x076474a4f2ed438L,0x061a149694468d7L },
-      { 0x12c541c675a67a1L,0x0e34c23d7fa41bdL,0x3cccf6be988e67dL,
-        0x2f861626218a9c2L,0x27067045bae03ecL,0x032a365bb340985L,
-        0x00735d1facdd991L,0x3c871ea842a08c3L,0x0152a27e5543328L } },
-    /* 169 */
-    { { 0x1d609e0e6057e27L,0x22da9f1e915368fL,0x11451f32dd5b87eL,
-        0x22343bd478bfd66L,0x125567546ea397aL,0x08a2d20312619a8L,
-        0x01997aea45c8b13L,0x19f48f6f839df74L,0x1f80e2ea28fc518L },
-      { 0x295412d69d0820bL,0x1cc49c7a9968618L,0x0221eb06380d031L,
-        0x3f1d7fa5c1b09f2L,0x35a71d2507ffd4eL,0x1f2dd50dece5a95L,
-        0x0dbee361c80051cL,0x0b51781f6d35eb5L,0x1431c7481f49b19L } },
-    /* 170 */
-    { { 0x2ab2d0408e1cc4dL,0x1d634eb4b707b97L,0x3dfe5c9c7393e93L,
-        0x2a74cde5a0c33adL,0x2e24f86d7530d86L,0x02c6ec2fbd4a0f2L,
-        0x1b4e3cab5d1a64fL,0x031665aaaf07d53L,0x1443e3d87cc3bc0L },
-      { 0x10a82131d60e7b0L,0x2d8a6d74cf40639L,0x2e42fd05338dfc9L,
-        0x303a0871bab152bL,0x306ac09cb0678f2L,0x0c0637db97275d7L,
-        0x38c667833575135L,0x38b760729beb02fL,0x0e17fc8020e9d0aL } },
-    /* 171 */
-    { { 0x2dd47411baaa5ebL,0x2edd65e6f600da2L,0x0c40cdffed2202cL,
-        0x3c13824450761a0L,0x120748b871c23a8L,0x167a4a25974507bL,
-        0x06dbfe586a15756L,0x269d1f1a35f3540L,0x148da0ad0df2256L },
-      { 0x0fcc5db7f9069d7L,0x1f49157014c6932L,0x0899e9a2db3a248L,
-        0x0e2d3fa5c8316adL,0x0d27f35e452bfd5L,0x38b6b24dce81329L,
-        0x3ee7e27cbbc549eL,0x24d800a1c8a77fcL,0x0d03179878d28daL } },
-    /* 172 */
-    { { 0x1b7e9bb3b66c047L,0x1961a580a8f8762L,0x2297c8db9c0022eL,
-        0x28f4229d28d13e0L,0x1fcd398de0e76acL,0x0c8399abefc69c7L,
-        0x1c9fc52fbb6eaa8L,0x2cad2a0b43af05eL,0x00f4e00cf6f4e7aL },
-      { 0x24c0e9a4890c439L,0x1928aef0d69ac90L,0x079dd9b7497d375L,
-        0x03584b7a50a5691L,0x0e60d0033a1ff3fL,0x08905f68d6189ffL,
-        0x2b8385815da8c05L,0x25aa941841353bdL,0x120800728d2f16eL } },
-    /* 173 */
-    { { 0x36f2372ab039042L,0x1a5e327e8213b65L,0x1d2f58bec14310eL,
-        0x007f881170f40ffL,0x2b0a5a9283200c1L,0x187ebfe39a1a3deL,
-        0x31226526c95d1deL,0x3b45e8788049edeL,0x0898e63dd78c2a5L },
-      { 0x36533da22bba4eeL,0x3d8e5fd25a95d2eL,0x29f714f2a6b93efL,
-        0x2f477f75cfd024cL,0x269bca1b1a08248L,0x28b80c9d8bccfcbL,
-        0x1df7419a177e64bL,0x2f472f143a64dd7L,0x095b87a979f4a56L } },
-    /* 174 */
-    { { 0x03736a967c1f177L,0x34d4218004cf27aL,0x3b926eac9a5b1b6L,
-        0x29b09fbcc725092L,0x1122b48707a9c01L,0x346b2616b64eee9L,
-        0x3f175b9eb94e2a9L,0x364514470081b54L,0x0b1d13eb2525102L },
-      { 0x3e7dbeb675a1171L,0x20a5705b034ac73L,0x1b5a057c88cab22L,
-        0x25b4c03a73e36c9L,0x3269552eb73ea9eL,0x383e637ec3800dfL,
-        0x10480fea9d035c9L,0x2cc66183926e34aL,0x037a35e9512c036L } },
-    /* 175 */
-    { { 0x16729ee8f00df48L,0x329ed846b20c131L,0x17f98b3a8123b89L,
-        0x06708728fa925e9L,0x3e2bb3ce7e0431bL,0x371de065169cf7aL,
-        0x2b3df12f86cc2baL,0x373c17fc0179397L,0x05ef955dd7add27L },
-      { 0x0c22ffa00ee402fL,0x0d78a8ecc2ed338L,0x11d0643cb1015b3L,
-        0x114f3465a215095L,0x2f0be54b4c6183fL,0x3083379319993c8L,
-        0x24c475a5f4cfee4L,0x07b6772aa5cbe02L,0x19cde4af2005911L } },
-    /* 176 */
-    { { 0x29d0bc8d771f428L,0x07b36790f28e0a7L,0x2480eb93acf03acL,
-        0x2041968a8fe357bL,0x22f0b8a7316232fL,0x0951d2887f013eaL,
-        0x315f6f4a8df7e70L,0x0394946b13fc8eeL,0x06b66e21b73e095L },
-      { 0x1c9848067a41deeL,0x2a56b9ecf8acfd6L,0x0386891454e12cfL,
-        0x37fbbf29a915366L,0x011e9cb75f0dddbL,0x3bc8230d7da46c9L,
-        0x333cf6a9b9e766fL,0x1d2a7a37c400062L,0x1c4b8a55ac9d1c1L } },
-    /* 177 */
-    { { 0x19f58625c4cccb8L,0x3d4824bbd34fbeaL,0x257689efc87870bL,
-        0x25b685081b8a3d3L,0x07c52107da2366fL,0x1283c3c240cc680L,
-        0x2a47b0478d4ceadL,0x1d526ca267b891cL,0x110ae96534e6420L },
-      { 0x0c1d655cced05b0L,0x30fc2405d6550cbL,0x30a48e577cd7abaL,
-        0x24d03a635b6ebadL,0x3603d24f184b008L,0x15c85cf49a60d94L,
-        0x1141de6e1458832L,0x1fcd074d22c9984L,0x06be52257dcefa2L } },
-    /* 178 */
-    { { 0x2678f33c947e655L,0x3edda82248de564L,0x2745790239d1ff0L,
-        0x248f36edf3acb7fL,0x105f6d41cea0874L,0x2771562084c9b6eL,
-        0x0317025b1ae9ae7L,0x22a738514d033a7L,0x0c307502c29a2c3L },
-      { 0x0124f11c156ace2L,0x1c3f9de7fc94a43L,0x1a816e1171b22c1L,
-        0x20d57789e5d837eL,0x27c6cc79da19bcaL,0x3587ddc06b649faL,
-        0x1c06bb285901121L,0x10aeffa03209898L,0x15e4050d338aa26L } },
-    /* 179 */
-    { { 0x1397829eaad87bcL,0x324d9e07a132f72L,0x024d6ade4fdee0aL,
-        0x295a435fd5ad5e7L,0x3d14fb0b950b9abL,0x16839edbc26ca74L,
-        0x2f4ff3d0684f232L,0x1ccec1453a74d81L,0x077e63bdd26e8adL },
-      { 0x2fd06ece0d25c6dL,0x00086802e8b73c2L,0x17708c5bb398dd9L,
-        0x360663fe3f06c09L,0x1b7e2cd68077f06L,0x18e8d5ca1f543fcL,
-        0x125a9aef75e0572L,0x03a56fc95e24beaL,0x111847d3df0739dL } },
-    /* 180 */
-    { { 0x2ab9cc7fec82924L,0x1b75a69c8835a54L,0x27dea06ef0e21c7L,
-        0x3089c60e41298d4L,0x2716807c8ab3e51L,0x123c491bd36cd7aL,
-        0x1560958f3ede0a7L,0x0e37bc524d91104L,0x0f75f6583d1874bL },
-      { 0x39189e10b927eb7L,0x318d670b8bc49e8L,0x02337fe966f4a87L,
-        0x208417956142dcbL,0x2e58c39f9102b83L,0x246d4ca58ffb801L,
-        0x2ff97b3f052ee39L,0x14181fd6e15332eL,0x16a935e5f6c5f80L } },
-    /* 181 */
-    { { 0x19a0355dfd88d38L,0x33638f15277d03cL,0x29e304d006e1555L,
-        0x1b3f42c3398c89cL,0x135f2ad31f16b70L,0x1e8f7e7fc55b702L,
-        0x1e5fb5b30c5213fL,0x2368a7ca7324a95L,0x144a0ecfdd42b85L },
-      { 0x1c115df52658a92L,0x0fb45f10a0585adL,0x1f707fd92a91bceL,
-        0x3f67357625a9565L,0x35a9472b1663c8bL,0x00cf86f41dd8d0fL,
-        0x1c02fb14e44ca8bL,0x3ecc89e87261879L,0x1b5ece0f2c4cc4fL } },
-    /* 182 */
-    { { 0x3127bab31211943L,0x232b195a10c9705L,0x0b88d855fc3e44aL,
-        0x0333a47ba974bf8L,0x078ec7d1247ababL,0x3367fbe9748f771L,
-        0x255766a3986de70L,0x31fe8cb1ee19e09L,0x0873e54018beeaeL },
-      { 0x16e86f2b38d17c1L,0x3ef431c7e810372L,0x2b79f88499cb9cbL,
-        0x33bdc7b202f8446L,0x146c896921d47c5L,0x34c58cc6b2a8ef0L,
-        0x28765b5f921c0e3L,0x3c9c0c7e8207b9dL,0x0fed5dafd5f41efL } },
-    /* 183 */
-    { { 0x2f10b9d4cda1348L,0x1a7f48970c04ea2L,0x25b18957c22bb07L,
-        0x31fd6b3c711142aL,0x09fef80295cafd6L,0x38227d773dc6850L,
-        0x3d2ba8e12029f5eL,0x32d625d4aa3ec3eL,0x09061e2275f6f70L },
-      { 0x30a4ac51fbda16aL,0x0439e7c77e8a8adL,0x2132d9945f6f799L,
-        0x2bbad2e93bee8b3L,0x34bf2d53d450d59L,0x18831ea1aa3826cL,
-        0x13c6f476010204eL,0x3d5a98fe250f429L,0x13214c91d1987eaL } },
-    /* 184 */
-    { { 0x14fb120490d66c3L,0x35cca2837208139L,0x0c3804b4294deaeL,
-        0x2acc777119ee805L,0x28342ed113f2fa2L,0x0c0d3839c3fd57aL,
-        0x0ae3c1b18da72f2L,0x1680ab70c36faf6L,0x09c179bdf6f3e94L },
-      { 0x2c928ef7484c26fL,0x2df6c7bcab6ec51L,0x35483f58dda7206L,
-        0x0312f1fb6d8221fL,0x1975cafdcfde4e2L,0x1afbb0812134487L,
-        0x16db67c5b596708L,0x1d222d5e6aa229bL,0x01522c6d87e4118L } },
-    /* 185 */
-    { { 0x2890757c471d4aeL,0x12c6950e8769d82L,0x31826aa701a1fefL,
-        0x14967197e4ee24aL,0x1d789df35bf4d4eL,0x2de70fca48ebe4aL,
-        0x0cf1303ccb46c60L,0x03b125560b39f3dL,0x11c7da081b4257fL },
-      { 0x12c6ae59aeef274L,0x16fd3c50df020feL,0x3023e13c86afe6cL,
-        0x398a8894d82a9d2L,0x022589fa5d21dacL,0x3e9d2c3ecf55caeL,
-        0x2891a93d4a3916dL,0x33ef79db36372c4L,0x19aa0391a3f59f4L } },
-    /* 186 */
-    { { 0x14ba69e203fc3f1L,0x1a332d8841a8a41L,0x0540aad5fa9f091L,
-        0x03affdfb5bec206L,0x0bef94afdecb8f2L,0x02af476cb202986L,
-        0x0e0a7ce25d8ca0bL,0x16e69d799e9040aL,0x1b2dd7662ddd6e9L },
-      { 0x3dff279f289d7eeL,0x157567ba8881721L,0x3d54c18adac64d7L,
-        0x33dfb004066bac3L,0x2b48d70a43a8c46L,0x02ce7be1bf2439fL,
-        0x145a20965c53c11L,0x008f9155ddf30e1L,0x16ea33430f757ddL } },
-    /* 187 */
-    { { 0x29f39490ff53d2cL,0x24565ac00d26e7eL,0x1014d59979678dcL,
-        0x2aea29ade2bc429L,0x08b517b104dd72dL,0x1b4e6f83bd77950L,
-        0x217f70142b90bcaL,0x044632baa8fa7b6L,0x16da01689d606b3L },
-      { 0x26ca563f46afff7L,0x171ee8d29797cfaL,0x24c8aa998fd8394L,
-        0x11ad8fd4d7b07ffL,0x0d1f509e542a601L,0x3e33436d4205a22L,
-        0x236772d1918daa9L,0x3719994179aede2L,0x1ef4ab03a819cc6L } },
-    /* 188 */
-    { { 0x2089d14d376d986L,0x1381de8b70d6c01L,0x309a53ff2c86d0fL,
-        0x11448f0ff207045L,0x31b656fc2fef4baL,0x3fbea2ee14b3569L,
-        0x110b77b57c74891L,0x284a63c14e0f920L,0x04c4b55d3ad52c5L },
-      { 0x110cff3f3827633L,0x1e1357802bfa594L,0x38823ead32fa086L,
-        0x058ae47361b2ce1L,0x0e6f3638a3dcf4dL,0x22dff5081e2da96L,
-        0x1683e733792112eL,0x210cda5901137b9L,0x1223b84210f28e2L } },
-    /* 189 */
-    { { 0x028a9a9c3ebeb27L,0x3372d4fbd643e1bL,0x2e114dae7f37d7bL,
-        0x391c9ba9f27a228L,0x28c141388033522L,0x058855d667540e1L,
-        0x0564d859b1aeca6L,0x238d9c67f3faff3L,0x0433a577af11aebL },
-      { 0x3f26ce06feba922L,0x320fb91d695a4f0L,0x274028bf378e5f6L,
-        0x1a2f70fdbc5fde5L,0x2a6ed90aed2a5e3L,0x291f2f54f40d282L,
-        0x0e2bc83b1c3a4c4L,0x003ae93c2a9b937L,0x1c097c7af4374caL } },
-    /* 190 */
-    { { 0x037717879c28de7L,0x2a8aaaae70cc300L,0x182666bc61eb617L,
-        0x33d35e2d4110c20L,0x19870fc72e0b5b5L,0x102def175da9d4bL,
-        0x32d03a3b4689f5dL,0x182a6a5ff619e1fL,0x1c06ab7b5eefd60L },
-      { 0x19eadb1ffb71704L,0x3962ece43f8ec7aL,0x382cab4f19aa436L,
-        0x3eb83cf6773bb2aL,0x16e20ad12da492dL,0x36ef4988a83d52fL,
-        0x12eb54af89fa0f7L,0x01d637314286ba3L,0x0b79799f816ef7dL } },
-    /* 191 */
-    { { 0x2c46462104f98ccL,0x056489cabb7aba7L,0x3dd07e62186f451L,
-        0x09a35b5a6d9eba4L,0x0fd43a8f3d17ce0L,0x302ade5ed4d1d82L,
-        0x1f991de87f1c137L,0x38358efd65ea04eL,0x08de293a85be547L },
-      { 0x182add38ef668b1L,0x39acb584725d902L,0x2b121c1d4263c54L,
-        0x23bbfd939ccf39dL,0x02871612a3134b2L,0x2824d652bdc6a6bL,
-        0x1108e831c88af2bL,0x0df682d92444aeaL,0x1138febc5c55cf4L } },
-    /* 192 */
-    { { 0x29ca589c4a2daa2L,0x29c0f1003d8231fL,0x1058d517510318eL,
-        0x1c92aedbca5be33L,0x194296ab4264934L,0x314595f42f954f8L,
-        0x080ea89af9398faL,0x386c788cb7bb13eL,0x1372f81761e67b1L },
-      { 0x1014bc73a20f662L,0x1f9df127b654094L,0x096fb62b96521fbL,
-        0x19e8ba34dfa27d4L,0x25804170e3a659cL,0x3b5428d03caca89L,
-        0x03c00f1674fce69L,0x2764eaa914dfbf7L,0x198f3c3bfda4ce9L } },
-    /* 193 */
-    { { 0x2b1f5cd81614189L,0x15b11492c967deeL,0x24b245fb415ec7dL,
-        0x371ebdafbe71eeaL,0x074b48e82302bc8L,0x2db46c7e46ddc38L,
-        0x280c974a1336e09L,0x2d894a1704d5f99L,0x12d59bcb813c7ccL },
-      { 0x1ad83b47c019927L,0x3c999d8c37f56f7L,0x2c5a31e05d23e10L,
-        0x3e915ab1180576fL,0x1243cac822aa6e5L,0x372327a51a5594aL,
-        0x0a4065c69c9c7f4L,0x0c06eb6c9f82789L,0x1ccdfa7a34eae41L } },
-    /* 194 */
-    { { 0x36a864d59cb1a7dL,0x19328dabbee3b85L,0x3acb1c22b0d84d8L,
-        0x3af66037c743ba0L,0x07f94ced97e80a6L,0x29cb0457d60ab31L,
-        0x107bb7a29cd1233L,0x028c3384a8aa31cL,0x1500229ca564ed8L },
-      { 0x374bad52f1c180bL,0x2fa6635d26a8425L,0x08ab56dbd1bad08L,
-        0x3902befaa6a5e31L,0x3153dc5fc6ed3e3L,0x2fa4fb422a2fa5eL,
-        0x2e23bdadc7f0959L,0x0a77a3490a420b3L,0x016417523c6dc27L } },
-    /* 195 */
-    { { 0x0eeccf16c14a31eL,0x3894d2cb78f0b5dL,0x35997cec43c3488L,
-        0x27645ab24dbe6ecL,0x29f7e4400421045L,0x1154d60dc745700L,
-        0x14a4678c9c7c124L,0x2eb67325d5237b2L,0x14e4ca678183167L },
-      { 0x33af0558d0312bfL,0x2fd3d5505879980L,0x05a7fa41781dbd1L,
-        0x2a003bbc7549665L,0x079c3b8d033494dL,0x327db9a5b1417b0L,
-        0x030aaa70ae1ade1L,0x018300a23c305daL,0x00c7f4cfe3ba62aL } },
-    /* 196 */
-    { { 0x18b447d057d6006L,0x25db9bf5c722c03L,0x2029abcf40f538bL,
-        0x21bc40e9e0d79dfL,0x05e472c4b13bee3L,0x07f2c650829ab08L,
-        0x0abf4943b045f63L,0x1ade79770767f00L,0x1b528c0bc70a555L },
-      { 0x29d07ee8a8640b8L,0x04408f438d004aeL,0x255bbe24ae89256L,
-        0x093e95e77371f39L,0x1377bbfe5e358e5L,0x30251f915f389c5L,
-        0x29782664651c6c3L,0x305697ef63543d2L,0x08d6fcdd28fe2e1L } },
-    /* 197 */
-    { { 0x164a2f65c7202c8L,0x0d01496952c362dL,0x16721434fbf57d6L,
-        0x1787660c28e1053L,0x15ef0fbe1811421L,0x1bd5fe7f1e9d635L,
-        0x2269d35705dcf8eL,0x27e5d7752695b64L,0x0f18f015d7abdb4L },
-      { 0x3131110b4799ce6L,0x2fee64b2f2df6c1L,0x0c9ff7ba21e235bL,
-        0x04ec63d27fb07c0L,0x1abcf959b009d69L,0x350851ba3698654L,
-        0x1f23f10e6872130L,0x0e1ad560ca05eb9L,0x143c9b5bb689ae7L } },
-    /* 198 */
-    { { 0x23328db48c74424L,0x05b8474672cbad0L,0x192a40d6e217326L,
-        0x13032f71d4b94d0L,0x0d733bb01dd83a9L,0x2de914817188c14L,
-        0x0011c8cd0d631a5L,0x1f3573370289669L,0x1e622f112cc646eL },
-      { 0x3d6e29a3e1e4c4bL,0x2094e27ec552291L,0x05b54fd3e319d5fL,
-        0x2682822e599f8dcL,0x3d8cbe8db8c4ce5L,0x3bb0f5d6f29d279L,
-        0x1a313dcc4496eaaL,0x24d805f71c8ea28L,0x1a5250ff77a8cebL } },
-    /* 199 */
-    { { 0x15a0726fe29bd79L,0x12a0413e642cd29L,0x146daad56983657L,
-        0x2e543507fbda41aL,0x06e6f7f450e580aL,0x03cdc62af1d6d45L,
-        0x234087508cc97bfL,0x2244146e8b29295L,0x17275c39077e64dL },
-      { 0x37cccaff77ca6bdL,0x037d06f6c637d7cL,0x0ff8019e01f7e0aL,
-        0x112a9975cae7d1bL,0x06e3663e9be4f3dL,0x3be76db5e08b62bL,
-        0x24a9aa5f37f9223L,0x322e9fc2b4e76afL,0x098a0a57c70f69cL } },
-    /* 200 */
-    { { 0x1c50cf400fd5286L,0x16e755ca92c0f36L,0x0f9e051ae73e1eaL,
-        0x10a546ce093d798L,0x09fb4d667fe9b51L,0x3714215ac0d2cb4L,
-        0x30022e4b537a80eL,0x22bb9a7b8404a32L,0x0ed7c8b9e5c6a54L },
-      { 0x06007bcd933619bL,0x1d9a38ae77f865dL,0x15d3cc6e2a2e0ceL,
-        0x17dfbafccbea7bbL,0x167cc4f6435a14fL,0x214305b1d72e263L,
-        0x379c96cb2185fc7L,0x11d10261d29d917L,0x1397468f8ae27dbL } },
-    /* 201 */
-    { { 0x1de68adc88684f6L,0x3b6aad8669f6ff1L,0x1735b27a18f57c1L,
-        0x1963b3627ac9634L,0x2d879f7eab27e7bL,0x1f56fbecf622271L,
-        0x3ad73ca8fdc96d6L,0x15b5f21361ab8deL,0x1a4c7e91976ce8eL },
-      { 0x001a5406319ffa6L,0x3993b04d3b01314L,0x296cd541242c0caL,
-        0x3bafcb2bbb87da6L,0x028bee8059da259L,0x23a24392239e5e3L,
-        0x227fd9e9484bebbL,0x18c6039491b43ecL,0x1b78be2a54a625dL } },
-    /* 202 */
-    { { 0x223554af472f13aL,0x264edd5ccfa4728L,0x29f096c168a2facL,
-        0x0752c49d4d49abfL,0x3e77070ca7cfe76L,0x1f9f37da10c061cL,
-        0x162ed466b6aaadcL,0x3e36368b757aa85L,0x016a81a2e0039faL },
-      { 0x080759c4e3de3bfL,0x38b8454bcc222aaL,0x2d9aaa7eba5b0c1L,
-        0x14e7e70472b2cb7L,0x3b0dc5c194c65d5L,0x28fd2d842ae6f61L,
-        0x0b5f9fd32f8c96cL,0x0877d2610bf30a3L,0x0f431ae27ccb90eL } },
-    /* 203 */
-    { { 0x32a0a0d6a0ccd0aL,0x3bb209664ed554eL,0x06fd9de672a6a3eL,
-        0x1203681773ec4d2L,0x16739874d8d9c51L,0x0a68d72712a9113L,
-        0x177eadd9cf35b2eL,0x1c2875af66d7e24L,0x1d69af0f59d2a04L },
-      { 0x2f844c7ba7535fdL,0x3530f6a10bfce6cL,0x09ede951974b45bL,
-        0x25ff5114fb17f85L,0x1e6c37c0e6982e9L,0x0b0fbdaa98fdc17L,
-        0x36a8d609b0f6a9dL,0x06de2fb74d6185dL,0x1764048a46aede1L } },
-    /* 204 */
-    { { 0x07c6ee551a251d1L,0x12fc48349e77f69L,0x138cec518a28befL,
-        0x21ce202f9b930b5L,0x21be9b20b1b2b78L,0x1e5a867b1a733e3L,
-        0x10bdeae41dfeae3L,0x20300959dbf27edL,0x16a8b815a0503e1L },
-      { 0x0a085f653f5ef65L,0x3eefe5dec94414bL,0x07e3a3346fe661dL,
-        0x3b86e57dfbe23aaL,0x15b65eaec25ddfdL,0x30b808ec881d39aL,
-        0x283bb511869a154L,0x1f9f61806d5dd0bL,0x0151464652cfa87L } },
-    /* 205 */
-    { { 0x10853c857fa58f1L,0x2939a1329319c09L,0x2d0a1b81f40db58L,
-        0x041563a32f41ee5L,0x242e388cfa4651eL,0x110d8220699011bL,
-        0x2b8fd051b0d5394L,0x33f3b0afcd6cf89L,0x0fd4ae787095702L },
-      { 0x079bc29df53d498L,0x0c713844dfd890fL,0x056c17a3cedf4cfL,
-        0x071b36445764edaL,0x39228cddb246113L,0x3480afc6acc2914L,
-        0x108612e97757b68L,0x09ad2999b79f398L,0x051c200fe654f60L } },
-    /* 206 */
-    { { 0x296103cb1a2b4b5L,0x332ffa10f025a3aL,0x072d986ffb5b98dL,
-        0x3c85a74eb09a8dcL,0x2771371f12fa07aL,0x1f0a67be2ee16e6L,
-        0x372efceae10d34eL,0x15bc4f52f71a788L,0x039378df75d8dd8L },
-      { 0x1e902ffde7ff5d9L,0x2a1748c9682728cL,0x13a6f4192fcd0e9L,
-        0x0dc56c1dacf5c6eL,0x26e711d1cf52a57L,0x30a4a0675c9aaa1L,
-        0x015de60b61b1df2L,0x2791c89395d7320L,0x1dc68e893e118b7L } },
-    /* 207 */
-    { { 0x3924ff96ffeda73L,0x27d01a83688062dL,0x20eaf89584dfe70L,
-        0x0ba0d568100da38L,0x0fd777d7c009511L,0x2fe3cb20967514aL,
-        0x05311bb0c495652L,0x36755fd8c64a113L,0x0d5698d0e4f8466L },
-      { 0x10d64fa015d204dL,0x09afe9b744314f8L,0x0e63a7698c947b6L,
-        0x11c14cde95821feL,0x0df5c782f525a65L,0x157eebfd5638891L,
-        0x2e383048aa1e418L,0x18f4d23c886391fL,0x04df25239591384L } },
-    /* 208 */
-    { { 0x2f4fd69d8695310L,0x3ac27dfa1da3a9dL,0x1812e0d532a8e28L,
-        0x11315cab1e40e70L,0x0785d6293dda677L,0x369daec87e60038L,
-        0x3c72172bfe2a5a3L,0x22a39bb456e428aL,0x04cd80e61bfd178L },
-      { 0x1f4037016730056L,0x117fbf73b4f50eeL,0x363c1aa5074246fL,
-        0x14bfe4ab9cc2bf5L,0x11bb2063f21e5c6L,0x0b489501bbc20c3L,
-        0x15001c18306ecc1L,0x150913b766ce87cL,0x1f4e4eb25b8c0ccL } },
-    /* 209 */
-    { { 0x161a714a1db5c18L,0x139879d9dc1d33bL,0x3be57bf685de945L,
-        0x14f48516f97a5c3L,0x3ee49a5f2221b0cL,0x12c4740ee4c6206L,
-        0x02213700b91afa1L,0x002bf1abbf924fbL,0x13c50554e945262L },
-      { 0x02c45e77364c92eL,0x000995cd4863a35L,0x1a0284d3f3c5e05L,
-        0x0936fdd91af4a07L,0x2485f304f312f84L,0x049e944f86a23caL,
-        0x20e0bc583f56311L,0x1c293b5e5431c69L,0x0c692855e104b7bL } },
-    /* 210 */
-    { { 0x106185c644614e7L,0x01b2b91d2690923L,0x12ea2587e5282e9L,
-        0x02b44a15f356150L,0x0ba5593b5376399L,0x3574a919dc31fdcL,
-        0x29a1bac2cf6dc4dL,0x2576959369158edL,0x1c8639f7e141878L },
-      { 0x1c96b02f8589620L,0x11a28d079101501L,0x1a11096ad09c2feL,
-        0x2627194abbafc8bL,0x3547e1b8fbc73c2L,0x1df6fdcf37be7e2L,
-        0x13552d7073785a9L,0x0f4fc2a4a86a9f8L,0x15b227611403a39L } },
-    /* 211 */
-    { { 0x1a5a7b01fbfaf32L,0x298b42f99874862L,0x0f5ef5e3b44d5c5L,
-        0x3b7d0eefd891e5cL,0x1260ae5a03ea001L,0x1a5f18b2a39d0a1L,
-        0x1a7643eb899ebd2L,0x09698da800f99d4L,0x0eaef178c51ba07L },
-      { 0x2cf8e9f9bd51f28L,0x3aef6ea1c48112aL,0x2d3a5bfc836539fL,
-        0x334439bc23e1e02L,0x08241ab0e408a34L,0x22998a860413284L,
-        0x2048d6843e71ce9L,0x3461e773a14508cL,0x1fa5cba23be1cf3L } },
-    /* 212 */
-    { { 0x3e8c9d22973a15cL,0x3b237750a5e7ccbL,0x0a390b6afb3e66fL,
-        0x0daad97bc88e6bdL,0x266c5fcdb0bb1e4L,0x2bd21c2e3c98807L,
-        0x344e243cffe8a35L,0x05c8996b8a1bcaeL,0x114da2e283a51ddL },
-      { 0x29c9a56c1e3d708L,0x18b4fc72c3be992L,0x298497e875404feL,
-        0x1acf3a91bebc1c0L,0x283886263138b7dL,0x070c24241e018d3L,
-        0x03864727e842807L,0x2899fc2bde75f96L,0x104c1b86582b236L } },
-    /* 213 */
-    { { 0x2ff09eda526c894L,0x2fc48052b1f48ccL,0x0dcd3cd9293495aL,
-        0x04a4b9ad55adbe5L,0x21036c31bffaaebL,0x01ffccb864de5baL,
-        0x1d67b8a9d237e77L,0x0922f59696c360aL,0x1b348edb556db29L },
-      { 0x2e9f9b2ded46575L,0x32822bfe9a6b3dbL,0x33a1f16d37d1496L,
-        0x2c5e279740756baL,0x1c827cc454a507dL,0x259399dc178b38aL,
-        0x0e46f229b6e4a52L,0x19214158ec2e930L,0x0a3e75c24484bc4L } },
-    /* 214 */
-    { { 0x3cb476fd2f6615dL,0x3e6de36636a6a43L,0x1f1cd2bdf1074b7L,
-        0x21a6e55bcc78bf7L,0x3b596eadf2bda30L,0x156c94e3cf328bdL,
-        0x0846db91c09f8b3L,0x190b91bcfdbcf1bL,0x1ff9bb9398e2a14L },
-      { 0x118d4f5a17bd645L,0x0cfaaf6f5b55494L,0x06fc734d0957570L,
-        0x17d7d4f10d401faL,0x3fd27dd1998ca06L,0x254b472a652766fL,
-        0x2c101cddc4e3046L,0x2c01e132ad3ee06L,0x00346d079f94a56L } },
-    /* 215 */
-    { { 0x1eb8e4fa6bfdeddL,0x28a179e9d31be65L,0x14d13d09a252993L,
-        0x3986697dd9e2f57L,0x20cebb340eaa10bL,0x36fdea0f4f6c20fL,
-        0x0f23e1c633a78b1L,0x20de49992f0fb0cL,0x1c96630f8f107a0L },
-      { 0x3f4cb4bdef86a80L,0x13b1e0fe0966aeeL,0x3604609532c81faL,
-        0x3322e427a4a92fdL,0x31788416071bb7aL,0x286ae4a32875cc5L,
-        0x0455a57f7f14becL,0x3a266ffa805b97eL,0x02d7b8c76b9bf21L } },
-    /* 216 */
-    { { 0x28605634b9f8e7dL,0x05dadd8ff162a11L,0x1a7e2feed68a201L,
-        0x0f99460c6439e97L,0x2e9377ad6cc6776L,0x1c0c8c85f5f4040L,
-        0x0bb505ccfc47207L,0x09da55cfb80c54dL,0x0f31bf1ef8c0f1aL },
-      { 0x35f5c4b0c935667L,0x14b0e41834ae2d8L,0x2c2e37c3a574741L,
-        0x1302dcb8337bfeaL,0x1f4f60247fd5fccL,0x2785bccedd0fe6eL,
-        0x34ef9c05c2e3547L,0x2b38e888d311cc1L,0x1244092f279495aL } },
-    /* 217 */
-    { { 0x3fd7851b30f9170L,0x2a87a4dff396c56L,0x15e0928437b9715L,
-        0x1670cbc49cf3ff5L,0x248be1e3488acd2L,0x296f18ad685173cL,
-        0x156f463a3408607L,0x3870d8a5bac5460L,0x1e7397fad192774L },
-      { 0x22f99f49c8225b5L,0x3f39251addf134dL,0x35308541e91b33eL,
-        0x0d0e3cf5a4d1477L,0x2e727b54e0bd2d9L,0x188b65002d778b5L,
-        0x36a94b42d929c27L,0x3c814dab39c8d5bL,0x04464a18cd5fccaL } },
-    /* 218 */
-    { { 0x1be0aababa95d63L,0x203185ed2cd1b63L,0x38630e0d8142927L,
-        0x0aad5bbc13190c3L,0x1785e3633875be0L,0x04b24f930a3fae5L,
-        0x2f82a3d5401795cL,0x2bf5a27fd47078dL,0x16b3c48c89510eeL },
-      { 0x1287ebad4f064beL,0x1f555553af6a65eL,0x1ef2623727ea1a7L,
-        0x24627cd9b1919d1L,0x1c59d6ebda911f5L,0x1493484df950d73L,
-        0x15b38d3a84daea7L,0x0f1271ec774710eL,0x01cca13e7041a82L } },
-    /* 219 */
-    { { 0x399860c874d64b0L,0x16c248594f38318L,0x0000eaa11986337L,
-        0x0258873457459c0L,0x277d70dcd62c679L,0x016f5336f875f75L,
-        0x2f8f30eff0f2703L,0x16de01dbb1884d8L,0x1d8812048167e44L },
-      { 0x1749a0e161f9758L,0x2457fa8f13f38a0L,0x0e41911dd8afe60L,
-        0x2b1e6946827d4dfL,0x02ca5cf8efe36a8L,0x12415fd59fed52dL,
-        0x244b641bdcae07eL,0x1960edc7fc31690L,0x1064815a5364b60L } },
-    /* 220 */
-    { { 0x0c69c3eef39cc39L,0x011593e98d5b45eL,0x3542412fb990983L,
-        0x34de76eca96f4f0L,0x0e7e75e3da1d531L,0x2c051ec52197c62L,
-        0x129ab02dac4e220L,0x1d3bfd6794728cfL,0x0f1c964f7fe37b0L },
-      { 0x080c0a60e301262L,0x1601814e4288b5cL,0x3f9acc8a90299a4L,
-        0x15c5303c70b699dL,0x26e66d9f7dfae90L,0x1e11a490d997fc5L,
-        0x0c307cc866dd8c4L,0x1439316bfa63f13L,0x03960e3ba63e0bfL } },
-    /* 221 */
-    { { 0x2785136959ecdb3L,0x2bd85fe7a566f86L,0x32b8cde0dc88289L,
-        0x2c1f01e78554516L,0x350e22415fe9070L,0x1635b50bddfc134L,
-        0x3b629ab3ab73723L,0x3f49453f506e6e9L,0x1937b32d80e7400L },
-      { 0x1d80d4d7147886fL,0x33b5855db2072b9L,0x0692642717bbe08L,
-        0x262aed2f487853aL,0x26530308b9dcdf1L,0x2674671d962f991L,
-        0x0ab126fbf192dadL,0x378c5568f46ccc1L,0x00e943f4be5fa24L } },
-    /* 222 */
-    { { 0x14240587fe9ea48L,0x13e09586d5d21b1L,0x013c78719740af2L,
-        0x1e5c3ae1d3674b1L,0x0b62ba3aa27a9beL,0x306fc2b10ffbe38L,
-        0x3130e10a23f2862L,0x33afd4709dbcd2bL,0x185f6cd1e9aae55L },
-      { 0x0defa7f40369093L,0x076759616078289L,0x3f33e512ed9e11fL,
-        0x167b448225a6402L,0x28b73c399bf8a84L,0x3dbd53fa0c91557L,
-        0x25235554a305698L,0x0ecc4aa75b694f0L,0x16ae6a6f9042a09L } },
-    /* 223 */
-    { { 0x2e123c9152cdd35L,0x390ea21900bbc6cL,0x30dfb9ce5bd5ae6L,
-        0x129d601245224afL,0x3f502eec2b4acb8L,0x28cfbd3a31fd57fL,
-        0x1d20019c8a7b93aL,0x2f3ac1ac40d5ff6L,0x0273e319ff00ba3L },
-      { 0x02c2f77abe360a3L,0x3d7212b7fbf2986L,0x0ca6650b6fcc57eL,
-        0x15aabc2c80a693cL,0x0a24ef1563f4f8eL,0x3a917c4d7214228L,
-        0x036dbed8f62fd91L,0x040efcb248e80a0L,0x18a4a9ca4c01a4dL } },
-    /* 224 */
-    { { 0x23fb7985448e339L,0x1dc33c628e65d8aL,0x174d7a69170cde8L,
-        0x164ad819eb04581L,0x0848138ab4bb05cL,0x24279e537834b6cL,
-        0x0315f7149dab924L,0x289620e8cdad9e4L,0x13ccd9074d9a335L },
-      { 0x039c5e0ac1b784dL,0x17231bb949eb87aL,0x2146a1c88ec0ab6L,
-        0x2411b06fd634f21L,0x33fda502a2201f7L,0x096e4195c73b189L,
-        0x16dfcdff3f88eb2L,0x29731b07c326315L,0x0acaa3222aa484fL } },
-    /* 225 */
-    { { 0x3e74bc3c9b4dfd6L,0x2a014fe39d8a4c5L,0x1c059d8c352025bL,
-        0x332e16882d00c1fL,0x2238713591c9036L,0x2a57ed3bcb18fc2L,
-        0x10c6c61a99d9d8cL,0x259a0f5f13ce661L,0x169162969c96829L },
-      { 0x113c267cb63ee53L,0x04b985d7ab0d4dfL,0x1a11191abfca67bL,
-        0x277b86bda7eccdaL,0x011dc11e75ad064L,0x2e7e5d9535e9bc0L,
-        0x2b133280f030b8dL,0x3318a8800068fc2L,0x194e17c98d239d8L } },
-    /* 226 */
-    { { 0x20d80b41d8fe898L,0x28a2dcc86114d1cL,0x038504f217408d7L,
-        0x35459aa9abfc7cfL,0x0cc560e355d381cL,0x39878b367379821L,
-        0x34951acb041f0a5L,0x2b0b188445bd766L,0x0c4509e16d37ee2L },
-      { 0x02a20c42c6fd79eL,0x1fb938ebde2c3aeL,0x23c1bad819ca95bL,
-        0x37a615495a4f66dL,0x2f9c19d0f10d674L,0x1f179aa45f7992cL,
-        0x22db6fa03fabaf4L,0x3463a162f12b4b3L,0x0c976c2380a1fc9L } },
-    /* 227 */
-    { { 0x1171ef8b064f114L,0x2c55953cbc3d324L,0x185457b262b783cL,
-        0x0043cd24db0c149L,0x299a41fed468c67L,0x1fdfdaa7bc9b4bfL,
-        0x1bfc1bf6da2267aL,0x3b500958ee36e80L,0x00e14b36c85c340L },
-      { 0x257e26425db67e6L,0x3d3a25fcba417d7L,0x2514026c426885dL,
-        0x188fa1d424de0cbL,0x03c538691312be2L,0x15cd3e7615ad6f6L,
-        0x2a48615b1cae559L,0x2ed61681eff8b56L,0x1d07a4c96f0ce8aL } },
-    /* 228 */
-    { { 0x3f54d05523aa2e9L,0x107833b4f42181eL,0x36e27f9bfb69c88L,
-        0x11058af7e155a0fL,0x107b0dcc9dcb07fL,0x15e94db98b45e0eL,
-        0x347d3ca2cbb8ab6L,0x18dc262e68349f3L,0x1f2ff154d685eeaL },
-      { 0x28b768a56b232acL,0x35b8d8fca94aad5L,0x3a168837fc604e8L,
-        0x20f4429da46eba1L,0x0f9455fbeebc58aL,0x359538bab5792bcL,
-        0x3c82551a20d6c37L,0x2e4c63103f2e769L,0x0b26d7b3cd760d9L } },
-    /* 229 */
-    { { 0x3090c3ebb2eaf45L,0x1364718bfee4bdeL,0x3ea4a736f23ded2L,
-        0x2f5bfc3f78efca8L,0x1ca1102f5b5b99eL,0x1f80caa2f28ad57L,
-        0x3f17a8f6203cd80L,0x156c55042d122a2L,0x109b86660a7e1dcL },
-      { 0x148b1da02a2fbd8L,0x217a2cec8ba296cL,0x20e48712b509fedL,
-        0x1231a8f94584de2L,0x01633b503685601L,0x15449c45c402487L,
-        0x131047939251432L,0x382eded24c7481fL,0x0ea623e722b8542L } },
-    /* 230 */
-    { { 0x04823d324972688L,0x20f04800fd5d882L,0x26906d0d452858bL,
-        0x210b1bdd1f86535L,0x10146d89a842195L,0x1146ef0b23e28baL,
-        0x3284fa29ec1de77L,0x3913fd88adae3dfL,0x06083f1dbe97b71L },
-      { 0x1649333999dd56bL,0x2b02ea5e91f7a66L,0x18aebbe8fb202cfL,
-        0x363d875ef299983L,0x185adc14d47c29dL,0x3e7f5071bd7ed47L,
-        0x113e6ce65ac7884L,0x274f8739a7753fdL,0x0231ace591effe5L } },
-    /* 231 */
-    { { 0x267a438a9fda771L,0x3d94b2198c4038bL,0x1e48e133f23b626L,
-        0x3c80d74b47f7ec6L,0x28d13e878599f88L,0x2d47381c5c8e844L,
-        0x19ba82890aa292fL,0x052d397ce9c3aefL,0x155dde826733745L },
-      { 0x0b2b77ed6f59a95L,0x214f8c080810802L,0x2ac1ebac779793fL,
-        0x266d5ad99d94894L,0x19722a5006ecdcbL,0x138aeb412af6e7eL,
-        0x34dd4d26210f3f0L,0x2e034329683fcc0L,0x041333d8080dac0L } },
-    /* 232 */
-    { { 0x051070935a85a06L,0x19b9d90bbc6d13aL,0x0b71a07b3a6d4e1L,
-        0x000c0ca79aa12a4L,0x13d555259d6dd6cL,0x3e2b41788312e99L,
-        0x34cccdee3b26af6L,0x19090838f5504aaL,0x1bd79798934a940L },
-      { 0x2a1d1848e0c7ff0L,0x217bf2550ecd03cL,0x31aef51d318bbaeL,
-        0x139d61e3e9ba590L,0x3c2895f52e5d3edL,0x3c4419f134a8a76L,
-        0x3f4ee53af278771L,0x1d369b337a59279L,0x19235188da1a56dL } },
-    /* 233 */
-    { { 0x083212003d310edL,0x3ba33261ec0c46cL,0x1d2684c558a8d20L,
-        0x33adc59fb227952L,0x04bf55bb55e25f3L,0x1872405eb3c453dL,
-        0x3343c0819edc770L,0x2d7b5d669139b7aL,0x07858df9f7e04c9L },
-      { 0x3a47ebb3bf13222L,0x147737a81f68453L,0x3ac3c0d8242f1e4L,
-        0x134dbae1c786fa7L,0x2bea3190d93257dL,0x3af8accfd279dd6L,
-        0x110096406d191f4L,0x2b1e19eab14f030L,0x1f45215cf8bd381L } },
-    /* 234 */
-    { { 0x07e8a8efa493b79L,0x389c2d3ac70ab0eL,0x3fa09ff22320b20L,
-        0x2baa470e4f67ce4L,0x2138a8d965ee1baL,0x1ef543937b6a586L,
-        0x23c8e069ab238c9L,0x1305bfda352288dL,0x158af8e00e5ce4cL },
-      { 0x0cdcf06cfc509a1L,0x1047bf09b301d5bL,0x1fd64d9c57f060fL,
-        0x14ccba672b1b433L,0x18b8e9510a95148L,0x04370ff563e6acfL,
-        0x2f3509a7e98709bL,0x04b1e0e4210f5d7L,0x1b628ccc9d05a93L } },
-    /* 235 */
-    { { 0x1934f00e341463fL,0x229b3854369e807L,0x20fc4109553f14cL,
-        0x16aa4fd2a476d21L,0x32cd58067c23bdeL,0x10cf72027d1f1e1L,
-        0x232a7d1d3300548L,0x176a4302f9fe5d6L,0x12e08b777d588c7L },
-      { 0x3c1281761a10d37L,0x2d86057143d6977L,0x15db79477c60ed7L,
-        0x1dccf14c42ca2beL,0x053118267a0aa2bL,0x2d06567e417eaaeL,
-        0x337784f40e98166L,0x1ab32732d09485aL,0x0c56835d77c6986L } },
-    /* 236 */
-    { { 0x1d714cb2b450a66L,0x222171f6ff7053aL,0x0d85b466a0c0131L,
-        0x2656f7f0699956aL,0x0e67792d102a21eL,0x15429e5de835f26L,
-        0x34d3372a01bb57bL,0x352550b1188cd75L,0x08b7be4e1c088daL },
-      { 0x073b03f95812273L,0x1bb4cbb8fdd5fc6L,0x0eae6da6217a2e2L,
-        0x1d098767d3cb1c4L,0x1b7c1da2d9b50b5L,0x12a1779d0e5c7eaL,
-        0x22137b22c4fb87cL,0x0649bdcb0d147b0L,0x1731345668c77baL } },
-    /* 237 */
-    { { 0x23e8c7a8a3ba183L,0x33aeeff8e27e9cfL,0x06870f9ba60f4e8L,
-        0x0d72d806a0e3a91L,0x212e52db455176eL,0x3dc4afc7e42f709L,
-        0x2054cd95f9e4598L,0x3502e6f4c803efaL,0x17a2cf19bf6dd5fL },
-      { 0x1cf6ca266736febL,0x21bd2779f3f8bdcL,0x3ce8fc290563bdeL,
-        0x339c9adb93f182aL,0x13f29235baae8a3L,0x143fe97b48e0911L,
-        0x3ef744a4b557f56L,0x1b74a8514f95044L,0x1b07c676a533e42L } },
-    /* 238 */
-    { { 0x1e603f235d96872L,0x288f30fe96e32bdL,0x071be988dc5fab1L,
-        0x22750c302f55166L,0x0764d9cc3e32e84L,0x0b031035fb09a78L,
-        0x3b83b4f7238212fL,0x29044b651860e21L,0x010281fa6712f18L },
-      { 0x028048f64858b37L,0x0526bcd5f797660L,0x0791619ebb18e0eL,
-        0x2ce7cac2e82c886L,0x21039cbae210200L,0x255e74756a1fab9L,
-        0x08515e4efdcddb3L,0x1e2a86ce23aa89eL,0x02c1a552c3cc818L } },
-    /* 239 */
-    { { 0x2c7f5000ea723dcL,0x3c13d10ac548c5eL,0x1445be885c860a5L,
-        0x0fffc465c098f52L,0x0c4c58cea61f999L,0x273580db0fee917L,
-        0x3923bbe6d151e6bL,0x3f519d68eac555eL,0x1474ec07c52ceb2L },
-      { 0x06a3d32ed88239dL,0x2e2b9a0d6b9a531L,0x23259feeb2e70d1L,
-        0x0710ef02ed7d3f7L,0x38f62a705223bf7L,0x3f9e6694f34882dL,
-        0x2b7f932224860e9L,0x2562f61561c0c92L,0x10f8e0f7330b594L } },
-    /* 240 */
-    { { 0x335c7bb3c67d520L,0x12562c8ff2a7b2bL,0x31948bbaa808d8fL,
-        0x33884d7a2b81de3L,0x1c888eff7418c30L,0x1cc512af376366aL,
-        0x06a53472075df0fL,0x1ff16d527225514L,0x11c4ef389795fbbL },
-      { 0x3e2c9ac43f5e698L,0x1ff2f38e2978e8fL,0x090e3089c2e1ce7L,
-        0x3feb0756005b417L,0x0381b9d2a5a74f3L,0x17ce582ebbb6888L,
-        0x37abbed958b143fL,0x2dc6197ff414436L,0x0ce8e97e6807a05L } },
-    /* 241 */
-    { { 0x251e61b8ce86a83L,0x10567efdf9c5808L,0x3dd748f03377860L,
-        0x0dd1414890bf049L,0x0934ea09b87cb2cL,0x119e5106f52543dL,
-        0x3a416a5146c403cL,0x23ac7a2b51c408eL,0x1b389b81a60af63L },
-      { 0x299934ee8150c69L,0x1d642389f052f39L,0x28916a0194ff74fL,
-        0x0c86f546dd97702L,0x21877963038f49dL,0x34ed29a1af0cc17L,
-        0x0af189fe2f3fbffL,0x0426c5026cddf5fL,0x1b3029ea13b9b8fL } },
-    /* 242 */
-    { { 0x37938d225a2fd88L,0x3cbdf33ae8180fbL,0x1c80d7a6dff4890L,
-        0x0d8a20fe61930f8L,0x2998e530500c78fL,0x097771cfb64ad64L,
-        0x13708a018a8f1b3L,0x0a2edb7ff661f57L,0x059dcd3554f0d1fL },
-      { 0x3c6e41d23a74e7dL,0x187af976ccb7d85L,0x3fa79e7ffa0b94bL,
-        0x2dcbaede834f0bfL,0x201adf9c3473662L,0x119e4992a19057bL,
-        0x209c571502c3265L,0x242185a444d24beL,0x195897f34aa2474L } },
-    /* 243 */
-    { { 0x045d359abadc253L,0x12e4b31e5f25792L,0x35bd9a218212e05L,
-        0x17a94ae209c8aa6L,0x22e61c6769bb80aL,0x22c3e2cfa8e39e3L,
-        0x1d854cfb274b1a0L,0x0b5cedaa90b8f6eL,0x1638ba225235601L },
-      { 0x0ec0e6f75c8c576L,0x0839f392f1f749fL,0x20c869d80726abbL,
-        0x1aa2808fadc2562L,0x276110b15a908c6L,0x21bd869b2a7d43aL,
-        0x0a69d8668c99941L,0x2843e777c8bb4a8L,0x1e0bfee1897bbf8L } },
-    /* 244 */
-    { { 0x2d8681848319e4fL,0x1bdad56961be809L,0x1886267132656beL,
-        0x316614a73eafbd7L,0x162b29cfbac252aL,0x0a98d6379f3117cL,
-        0x00ac70ee050609aL,0x2c7c3df2e7290a5L,0x1adfb44aaeca885L },
-      { 0x2b7a936e798678eL,0x07840e655010e19L,0x1e37816860b7ca0L,
-        0x20edd17615fc924L,0x0a4705ed6eeffd4L,0x0a9743dd76ecd8aL,
-        0x09fee357d68d49bL,0x35a1b46a14a688eL,0x1addbbc25491a7fL } },
-    /* 245 */
-    { { 0x10cba20969686a3L,0x2c71578f014fd78L,0x313426f47102308L,
-        0x2c5240cc0e05c4aL,0x32d01527b1f9165L,0x2a68d38916dc805L,
-        0x3e35c86fcf6647aL,0x38e0947d52e52c2L,0x0e3fccb22a55a15L },
-      { 0x271e4ec5b4dc0beL,0x0d89236c735712aL,0x3f43046e1007bb1L,
-        0x35f6a72668fcdafL,0x28349bc505a6806L,0x04f8214272ff1bbL,
-        0x3448c126871e73eL,0x2ebe579aa889d9fL,0x1b9ba77787c2da7L } },
-    /* 246 */
-    { { 0x2be58eec5a73375L,0x37da75ea2b10e06L,0x150aceca835a175L,
-        0x027d41f4c3cb3ccL,0x3c60b0424b87b06L,0x043e43b26b94e8aL,
-        0x1689bb4931e1824L,0x06a3914b1f43eb7L,0x013ab4534914763L },
-      { 0x32dd8568c84f3afL,0x3702486eab8cfabL,0x2a858b96b070829L,
-        0x103a2a094591950L,0x05c35322b42260dL,0x27b6834ae797b6bL,
-        0x22b90abca795603L,0x14c0a1af41f1ae5L,0x10a2e22dac7b1ecL } },
-    /* 247 */
-    { { 0x25fc09d239d8f0aL,0x0b80f2ae2840859L,0x17680173477b92bL,
-        0x27e38d8581390daL,0x19eb061beab38edL,0x3a1159c1e6c0247L,
-        0x21a2e0cd4226543L,0x00c3e83ddfb1cbfL,0x0931d242162760aL },
-      { 0x29f834cf8646bc3L,0x25294902ba5be7eL,0x3890379177d17dfL,
-        0x113ffad9b364070L,0x077b924659dfd06L,0x3660753e06bb0bbL,
-        0x37b0932df3b7f2cL,0x2762f26f0fda7cdL,0x125daef34f3dd85L } },
-    /* 248 */
-    { { 0x008451ba2c123bcL,0x20e9a02063e952bL,0x170298957b8ad1eL,
-        0x0d3c3c4bc595b75L,0x30a9fa14dcc7f2eL,0x0bf9e0b07daa70cL,
-        0x1f54ddefc9a2bbbL,0x0294f4c671a5dc2L,0x1dc0b8238cbd646L },
-      { 0x249290144dfb6f6L,0x35f2d1b900749bdL,0x240e48537ad8270L,
-        0x2d5c3636f6469c2L,0x2f170d58b84d661L,0x0d13874b289c88eL,
-        0x1de1faeeb4cf146L,0x17a9c8957f256aeL,0x1f8cd6e110adbdcL } },
-    /* 249 */
-    { { 0x257c6b978b8a0a7L,0x12badba0cfb7a8aL,0x17c14bd13fe724bL,
-        0x223f0ba3b927918L,0x1fb147eefc41868L,0x3998b3ee34e6292L,
-        0x0ba2ece9f191f12L,0x35435861c8a2656L,0x02dbd6d0f1b00b8L },
-      { 0x15cfdfe24c93cc9L,0x35de02e79c639e2L,0x3a5838baf7eb29eL,
-        0x1f93772fda40722L,0x3a180d6bb022538L,0x251f1f0992c942fL,
-        0x23f3cd6d68e548cL,0x0f34a0a9ed8ca64L,0x00fb8f036132d10L } },
-    /* 250 */
-    { { 0x198b3f08cd9d494L,0x0196e653d3e7ce0L,0x22203c738fa99b2L,
-        0x0536348a72dd992L,0x0c51c54b3199f4cL,0x084e8ccb76b5d71L,
-        0x0c7b2f9a32ce0bdL,0x3c82bce88421622L,0x0d16defa3625b1fL },
-      { 0x0e0054819a296ebL,0x13fc5746a44c4d1L,0x2d2bfeaa454f1d9L,
-        0x00d3502f5ff5f7aL,0x21801a4afae65a8L,0x178379dd813c51fL,
-        0x172ca0983048f9aL,0x3445e8ec67297fdL,0x0e0a237dba71821L } },
-    /* 251 */
-    { { 0x1babf8491630ee8L,0x16270817ad4c07bL,0x2b2da051f47bde6L,
-        0x25884aefa067df4L,0x294292124aeaa9fL,0x110d796f73b4f57L,
-        0x11f66f691f5b89fL,0x3c368658130ce50L,0x0e6b7fc09ca4356L },
-      { 0x294e413f74f811cL,0x0b60c77e36376c4L,0x3217963418c91a4L,
-        0x06223af37b09fd5L,0x2ea305bc95fde52L,0x319a2d87f75781bL,
-        0x011861ed1e6088aL,0x33af0ccebc05baeL,0x1c95ecb192d15ddL } },
-    /* 252 */
-    { { 0x27b37a3e0bde442L,0x10ffa19bde9cfa4L,0x1d208ed10c2ee05L,
-        0x1069985e8cb4c36L,0x0d1d5cf8baf79c3L,0x0eaf3e2f9cd9e1cL,
-        0x2b5e7b02d0dce9eL,0x1c317f88f4b75dcL,0x10b29fceea01ffcL },
-      { 0x1bcae4d62d803ffL,0x3a44ff6f0c1aa4cL,0x27abd8c1066293eL,
-        0x0ab9e9b5962bc77L,0x2102f4e06d48578L,0x0dbebf9a449964bL,
-        0x37121391a3127f1L,0x058d11ae4d10220L,0x0ba53bb4380a31eL } },
-    /* 253 */
-    { { 0x2e517fcca5636b0L,0x1b8085aae8571d8L,0x3d7c212e7b2d429L,
-        0x1b55c5eb6116aa3L,0x398b2f3579517ceL,0x3d66c1f39d8ae16L,
-        0x3ef6f042f996b5dL,0x2d227cdccaaefcdL,0x15da5d145ea4542L },
-      { 0x277c55eaa7f6e3fL,0x36669ea92816f07L,0x3d77458282273f4L,
-        0x3eddedd23ee95b5L,0x20629f5d1db0895L,0x16600fec7121333L,
-        0x20b8d0f5b1c90a3L,0x04fc90eb13ca45cL,0x0e98c10bfe872acL } },
-    /* 254 */
-    { { 0x11c4785c06c4fd6L,0x2e40974970ae767L,0x1eb1d4982f24bf4L,
-        0x30ae93fbcac104dL,0x398de07ab3ab3edL,0x25bd2df556948e7L,
-        0x04c815d5fc49ab0L,0x1acaf1428a580e1L,0x047db1148d01567L },
-      { 0x09f9cc510f3bad9L,0x2223f008a407531L,0x15ebc47b44df490L,
-        0x31bce7cada245e9L,0x304e9962a20b2ebL,0x1cf756dc31638ebL,
-        0x29f76c52ab7c1b5L,0x328ecad52b75a8cL,0x10859dad1eb82f4L } },
-    /* 255 */
-    { { 0x22c4128a182d1adL,0x05e5b88245b1159L,0x0272ba681647775L,
-        0x3eae4b217069dc1L,0x3aefb2e07fac8b0L,0x2186ccb481eacb7L,
-        0x2ed145c73530a07L,0x292758f6fb59622L,0x0bd547bcdca0a53L },
-      { 0x3c1382f87056b51L,0x247b6c4c3e644a9L,0x1e46d3805b42c3dL,
-        0x3aff4c6a657df1fL,0x0cd3fb8aa456101L,0x3ac5ef387bf48adL,
-        0x2c0c32fe391df79L,0x3bbd2d353031985L,0x11219f023be711bL } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_9(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, km);
-
-            err = sp_521_ecc_mulmod_base_9(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_9(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_9(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_521_add_one_9(sp_digit* a)
-{
-    a[0]++;
-    sp_521_norm_9(a);
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 50U) {
-            r[j] &= 0x3ffffffffffffffL;
-            s = 58U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 9, buf, (int)sizeof(buf));
-            if (sp_521_cmp_9(k, p521_order2) <= 0) {
-                sp_521_add_one_9(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 9);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_9(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_9(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_9(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_9(point->x) || sp_521_iszero_9(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-    sp_digit k[9];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_9(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_9(ctx->point->x) ||
-                    sp_521_iszero_9(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_9(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_9(sp_digit* r, byte* a)
-{
-    int i;
-    int j;
-    int s = 0;
-    int b;
-
-    for (i=0; i<8; i++) {
-        r[i+1] += r[i] >> 58;
-        r[i] &= 0x3ffffffffffffffL;
-    }
-    j = 528 / 8 - 1;
-    a[j] = 0;
-    for (i=0; i<9 && j>=0; i++) {
-        b = 0;
-        /* lint allow cast of mismatch sp_digit and int */
-        a[j--] |= (byte)(r[i] << s); /*lint !e9033*/
-        b += 8 - s;
-        if (j < 0) {
-            break;
-        }
-        while (b < 58) {
-            a[j--] = (byte)(r[i] >> b);
-            b += 8;
-            if (j < 0) {
-                break;
-            }
-        }
-        s = 8 - (b - 58);
-        if (j >= 0) {
-            a[j] = 0;
-        }
-        if (s != 0) {
-            j++;
-        }
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, priv);
-        sp_521_point_from_ecc_point_9(point, pub);
-            err = sp_521_ecc_mulmod_9(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_9(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-    };
-    sp_digit k[9];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 9, priv);
-            sp_521_point_from_ecc_point_9(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_9(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_521_rshift_9(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<8; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (58 - n))) & 0x3ffffffffffffffL);
-    }
-#else
-    for (i=0; i<8; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (58 - n)) & 0x3ffffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (58 - n)) & 0x3ffffffffffffffL);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-    r[8] = a[8] >> n;
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 9; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x3ffffffffffffffL);
-        t >>= 58;
-    }
-    r[9] = (sp_digit)t;
-#else
-    sp_int128 tb = b;
-    sp_int128 t[9];
-
-    t[ 0] = tb * a[ 0];
-    t[ 1] = tb * a[ 1];
-    t[ 2] = tb * a[ 2];
-    t[ 3] = tb * a[ 3];
-    t[ 4] = tb * a[ 4];
-    t[ 5] = tb * a[ 5];
-    t[ 6] = tb * a[ 6];
-    t[ 7] = tb * a[ 7];
-    t[ 8] = tb * a[ 8];
-    r[ 0] = (sp_digit)                 (t[ 0] & 0x3ffffffffffffffL);
-    r[ 1] = (sp_digit)((t[ 0] >> 58) + (t[ 1] & 0x3ffffffffffffffL));
-    r[ 2] = (sp_digit)((t[ 1] >> 58) + (t[ 2] & 0x3ffffffffffffffL));
-    r[ 3] = (sp_digit)((t[ 2] >> 58) + (t[ 3] & 0x3ffffffffffffffL));
-    r[ 4] = (sp_digit)((t[ 3] >> 58) + (t[ 4] & 0x3ffffffffffffffL));
-    r[ 5] = (sp_digit)((t[ 4] >> 58) + (t[ 5] & 0x3ffffffffffffffL));
-    r[ 6] = (sp_digit)((t[ 5] >> 58) + (t[ 6] & 0x3ffffffffffffffL));
-    r[ 7] = (sp_digit)((t[ 6] >> 58) + (t[ 7] & 0x3ffffffffffffffL));
-    r[ 8] = (sp_digit)((t[ 7] >> 58) + (t[ 8] & 0x3ffffffffffffffL));
-    r[ 9] = (sp_digit) (t[ 8] >> 58);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-SP_NOINLINE static void sp_521_lshift_18(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    r[18] = a[17] >> (58 - n);
-    for (i=17; i>0; i--) {
-        r[i] = (sp_digit)(((a[i] << n) | (a[i-1] >> (58 - n))) & 0x3ffffffffffffffL);
-    }
-#else
-    sp_int_digit s;
-    sp_int_digit t;
-
-    s = (sp_int_digit)a[17];
-    r[18] = s >> (58U - n);
-    s = (sp_int_digit)(a[17]); t = (sp_int_digit)(a[16]);
-    r[17] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[16]); t = (sp_int_digit)(a[15]);
-    r[16] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[15]); t = (sp_int_digit)(a[14]);
-    r[15] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[14]); t = (sp_int_digit)(a[13]);
-    r[14] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[13]); t = (sp_int_digit)(a[12]);
-    r[13] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[12]); t = (sp_int_digit)(a[11]);
-    r[12] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[11]); t = (sp_int_digit)(a[10]);
-    r[11] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[10]); t = (sp_int_digit)(a[9]);
-    r[10] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[9]); t = (sp_int_digit)(a[8]);
-    r[9] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[8]); t = (sp_int_digit)(a[7]);
-    r[8] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[7]); t = (sp_int_digit)(a[6]);
-    r[7] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[6]); t = (sp_int_digit)(a[5]);
-    r[6] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[5]); t = (sp_int_digit)(a[4]);
-    r[5] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[4]); t = (sp_int_digit)(a[3]);
-    r[4] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[3]); t = (sp_int_digit)(a[2]);
-    r[3] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[2]); t = (sp_int_digit)(a[1]);
-    r[2] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-    s = (sp_int_digit)(a[1]); t = (sp_int_digit)(a[0]);
-    r[1] = (sp_digit)(((s << n) | (t >> (58U - n))) & 0x3ffffffffffffffUL);
-#endif /* WOLFSSL_SP_SMALL */
-    r[0] = (sp_digit)((a[0] << n) & 0x3ffffffffffffffL);
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Simplified based on top word of divisor being (1 << 58) - 1
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_521_div_9(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 9 + 3);
-    int i;
-    sp_digit r1;
-    sp_digit mask;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 9 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 18 + 1;
-        sd = t2 + 9 + 1;
-
-        sp_521_mul_d_9(sd, d, (sp_digit)1 << 1);
-        sp_521_lshift_18(t1, a, 1);
-        t1[9 + 9] += t1[9 + 9 - 1] >> 58;
-        t1[9 + 9 - 1] &= 0x3ffffffffffffffL;
-        for (i=8; i>=0; i--) {
-            r1 = t1[9 + i];
-            sp_521_mul_d_9(t2, sd, r1);
-            (void)sp_521_sub_9(&t1[i], &t1[i], t2);
-            t1[9 + i] -= t2[9];
-            sp_521_norm_9(&t1[i + 1]);
-
-            mask = ~((t1[9 + i] - 1) >> 63);
-            sp_521_cond_sub_9(t1 + i, t1 + i, sd, mask);
-            sp_521_norm_9(&t1[i + 1]);
-        }
-        sp_521_norm_9(t1);
-        sp_521_rshift_9(r, t1, 1);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_521_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_521_div_9(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_9(r, a, b);
-    sp_521_mont_reduce_order_9(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word64 p521_order_minus_2[9] = {
-    0xbb6fb71e91386407U,0x3bb5c9b8899c47aeU,0x7fcc0148f709a5d0U,
-    0x51868783bf2f966bU,0xfffffffffffffffaU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0x00000000000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word64 p521_order_low[5] = {
-    0xbb6fb71e91386407U,0x3bb5c9b8899c47aeU,0x7fcc0148f709a5d0U,
-    0x51868783bf2f966bU,0xfffffffffffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_9(r, a);
-    sp_521_mont_reduce_order_9(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_9(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_9(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_9_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_9_ctx;
-static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_9_ctx* ctx = (sp_521_mont_inv_order_9_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 9);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_9(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_9(t, t);
-        if ((p521_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_9(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_9(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_9(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_9(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_9(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_9(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_9(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_9(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_9(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_9(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_9(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_9(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_9(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_9(t2, t2);
-        if ((p521_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_9(t2, t2);
-    sp_521_mont_mul_order_9(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_9(k, k, p521_norm_order);
-    err = sp_521_mod_9(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_9(k);
-
-        /* kInv = 1/k mod order */
-            sp_521_mont_inv_order_9(kInv, k, tmp);
-        sp_521_norm_9(kInv);
-
-        /* s = r * x + e */
-            sp_521_mul_9(x, x, r);
-        err = sp_521_mod_9(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_9(x);
-        carry = sp_521_add_9(s, e, x);
-        sp_521_cond_sub_9(s, s, p521_order, 0 - carry);
-        sp_521_norm_9(s);
-        c = sp_521_cmp_9(s, p521_order);
-        sp_521_cond_sub_9(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(s);
-
-        /* s = s * k^-1 mod order */
-            sp_521_mont_mul_order_9(s, s, kInv);
-        sp_521_norm_9(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 9);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 9;
-        k = e + 4 * 9;
-        r = e + 6 * 9;
-        tmp = e + 8 * 9;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_9(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 9, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_521_ecc_mulmod_base_9(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 9U);
-            sp_521_norm_9(r);
-            c = sp_521_cmp_9(r, p521_order);
-            sp_521_cond_sub_9(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_9(r);
-
-            if (!sp_521_iszero_9(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 9, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 9, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_9(e, e, 7);
-                    e[8] |= ((sp_digit)hash[0]) << 49;
-                }
-
-                err = sp_521_calc_s_9(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_9(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_521_mont_inv_order_9_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*9];
-    sp_digit x[2*9];
-    sp_digit k[2*9];
-    sp_digit r[2*9];
-    sp_digit tmp[3 * 2*9];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_9(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 9, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 9U);
-        sp_521_norm_9(ctx->r);
-        c = sp_521_cmp_9(ctx->r, p521_order);
-        sp_521_cond_sub_9(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 9, priv);
-        sp_521_from_bin(ctx->e, 9, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_9(ctx->e, ctx->e, 7);
-            ctx->e[8] |= ((sp_digit)hash[0]) << 49;
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_9(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_9(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_9(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_9(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_9(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_9(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_521_norm_9(ctx->x);
-        carry = sp_521_add_9(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_9(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_9(ctx->s);
-        c = sp_521_cmp_9(ctx->s, p521_order);
-        sp_521_cond_sub_9(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_9(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_9(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_9(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 9U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-static const char sp_521_tab64_9[64] = {
-    64,  1, 59,  2, 60, 48, 54,  3,
-    61, 40, 49, 28, 55, 34, 43,  4,
-    62, 52, 38, 41, 50, 19, 29, 21,
-    56, 31, 35, 12, 44, 15, 23,  5,
-    63, 58, 47, 53, 39, 27, 33, 42,
-    51, 37, 18, 20, 30, 11, 14, 22,
-    57, 46, 26, 32, 36, 17, 10, 13,
-    45, 25, 16,  9, 24,  8,  7,  6};
-
-static int sp_521_num_bits_58_9(sp_digit v)
-{
-    v |= v >> 1;
-    v |= v >> 2;
-    v |= v >> 4;
-    v |= v >> 8;
-    v |= v >> 16;
-    v |= v >> 32;
-    return sp_521_tab64_9[((word64)((v - (v >> 1))*0x07EDD5E59A4E28C2)) >> 58];
-}
-
-static int sp_521_num_bits_9(const sp_digit* a)
-{
-    int i;
-    int r = 0;
-
-    for (i = 8; i >= 0; i--) {
-        if (a[i] != 0) {
-            r = sp_521_num_bits_58_9(a[i]);
-            r += i * 58;
-            break;
-        }
-    }
-
-    return r;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- * @return  MEMEORY_E when dynamic memory allocation fails.
- */
-static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, u, 9 * 4);
-    sp_digit* v = NULL;
-    sp_digit* b = NULL;
-    sp_digit* d = NULL;
-    int ut;
-    int vt;
-
-    SP_ALLOC_VAR(sp_digit, u, 9 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        v = u + 9;
-        b = u + 2 * 9;
-        d = u + 3 * 9;
-
-        XMEMCPY(u, m, sizeof(sp_digit) * 9);
-        XMEMCPY(v, a, sizeof(sp_digit) * 9);
-
-        ut = sp_521_num_bits_9(u);
-        vt = sp_521_num_bits_9(v);
-
-        XMEMSET(b, 0, sizeof(sp_digit) * 9);
-        if ((v[0] & 1) == 0) {
-            sp_521_rshift1_9(v, v);
-            XMEMCPY(d, m, sizeof(sp_digit) * 9);
-            d[0]++;
-            sp_521_rshift1_9(d, d);
-            vt--;
-
-            while ((v[0] & 1) == 0) {
-                sp_521_rshift1_9(v, v);
-                if (d[0] & 1)
-                    sp_521_add_9(d, d, m);
-                sp_521_rshift1_9(d, d);
-                vt--;
-            }
-        }
-        else {
-            XMEMSET(d+1, 0, sizeof(sp_digit) * (9 - 1));
-            d[0] = 1;
-        }
-
-        while (ut > 1 && vt > 1) {
-            if ((ut > vt) || ((ut == vt) &&
-                    (sp_521_cmp_9(u, v) >= 0))) {
-                sp_521_sub_9(u, u, v);
-                sp_521_norm_9(u);
-
-                sp_521_sub_9(b, b, d);
-                sp_521_norm_9(b);
-                if (b[8] < 0)
-                    sp_521_add_9(b, b, m);
-                sp_521_norm_9(b);
-                ut = sp_521_num_bits_9(u);
-
-                do {
-                    sp_521_rshift1_9(u, u);
-                    if (b[0] & 1)
-                        sp_521_add_9(b, b, m);
-                    sp_521_rshift1_9(b, b);
-                    ut--;
-                }
-                while (ut > 0 && (u[0] & 1) == 0);
-            }
-            else {
-                sp_521_sub_9(v, v, u);
-                sp_521_norm_9(v);
-
-                sp_521_sub_9(d, d, b);
-                sp_521_norm_9(d);
-                if (d[8] < 0)
-                    sp_521_add_9(d, d, m);
-                sp_521_norm_9(d);
-                vt = sp_521_num_bits_9(v);
-
-                do {
-                    sp_521_rshift1_9(v, v);
-                    if (d[0] & 1)
-                        sp_521_add_9(d, d, m);
-                    sp_521_rshift1_9(d, d);
-                    vt--;
-                }
-                while (vt > 0 && (v[0] & 1) == 0);
-            }
-        }
-
-        if (ut == 1)
-            XMEMCPY(r, b, sizeof(sp_digit) * 9);
-        else
-            XMEMCPY(r, d, sizeof(sp_digit) * 9);
-    }
-    SP_FREE_VAR(u, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-
-        sp_521_proj_point_add_9(p1, p1, p2, tmp);
-    if (sp_521_iszero_9(p1->z)) {
-        if (sp_521_iszero_9(p1->x) && sp_521_iszero_9(p1->y)) {
-                sp_521_proj_point_dbl_9(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_9(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_521_mul_9(s, s, p521_norm_order);
-        err = sp_521_mod_9(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_9(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_521_mont_inv_order_9(s, s, tmp);
-            sp_521_mont_mul_order_9(u1, u1, s);
-            sp_521_mont_mul_order_9(u2, u2, s);
-        }
-#else
-        {
-            sp_521_mont_mul_order_9(u1, u1, s);
-            sp_521_mont_mul_order_9(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_521_ecc_mulmod_base_9(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_9(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_9(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_9(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_9(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 9);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 9;
-        s   = u1 + 4 * 9;
-        tmp = u1 + 6 * 9;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 9, hash, (int)hashLen);
-        sp_521_from_mp(u2, 9, rm);
-        sp_521_from_mp(s, 9, sm);
-        sp_521_from_mp(p2->x, 9, pX);
-        sp_521_from_mp(p2->y, 9, pY);
-        sp_521_from_mp(p2->z, 9, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_9(u1, u1, 7);
-            u1[8] |= ((sp_digit)hash[0]) << 49;
-        }
-
-        err = sp_521_calc_vfy_point_9(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 9, rm);
-        err = sp_521_mod_mul_norm_9(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_521_mont_sqr_9(p1->z, p1->z, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_9(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 9, rm);
-            carry = sp_521_add_9(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_9(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_9(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_9(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_521_mont_mul_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_9(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_521_mont_inv_order_9_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_9_ctx dbl_ctx;
-        sp_521_proj_point_add_9_ctx add_ctx;
-    };
-    sp_digit u1[2*9];
-    sp_digit u2[2*9];
-    sp_digit s[2*9];
-    sp_digit tmp[2*9 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 9, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 9, rm);
-        sp_521_from_mp(ctx->s, 9, sm);
-        sp_521_from_mp(ctx->p2.x, 9, pX);
-        sp_521_from_mp(ctx->p2.y, 9, pY);
-        sp_521_from_mp(ctx->p2.z, 9, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_9(ctx->u1, ctx->u1, 7);
-            ctx->u1[8] |= ((sp_digit)hash[0]) << 49;
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_9(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_9(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_9(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_9(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_9(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_9(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_9(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_9_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 9, rm);
-        err = sp_521_mod_mul_norm_9(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_9(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_9(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 9, rm);
-            carry = sp_521_add_9(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_9(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_9(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_9(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_9(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_9(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 9 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 9 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 9;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_9(t1, point->y);
-        (void)sp_521_mod_9(t1, t1, p521_mod);
-        sp_521_sqr_9(t2, point->x);
-        (void)sp_521_mod_9(t2, t2, p521_mod);
-        sp_521_mul_9(t2, t2, point->x);
-        (void)sp_521_mod_9(t2, t2, p521_mod);
-        sp_521_mont_sub_9(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_9(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 9, pX);
-        sp_521_from_mp(pub->y, 9, pY);
-        sp_521_from_bin(pub->z, 9, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_9(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 9);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 9, pX);
-        sp_521_from_mp(pub->y, 9, pY);
-        sp_521_from_bin(pub->z, 9, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 9, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_9(pub->x) != 0) &&
-            (sp_521_iszero_9(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_9(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_9(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_9(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_521_ecc_mulmod_9(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_9(p->x) == 0) ||
-                             (sp_521_iszero_9(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_521_ecc_mulmod_base_9(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_9(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_9(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        sp_521_from_mp(q->x, 9, qX);
-        sp_521_from_mp(q->y, 9, qY);
-        sp_521_from_mp(q->z, 9, qZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-        q->infinity = sp_521_iszero_9(q->x) &
-                      sp_521_iszero_9(q->y);
-
-            sp_521_proj_point_add_9(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-
-            sp_521_proj_point_dbl_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-
-            sp_521_map_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word64 p521_sqrt_power[9] = {
-    0x0000000000000000,0x0000000000000000,0x0000000000000000,
-    0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000,
-    0x0000000000000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_9(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 9);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 9);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64)))
-                    sp_521_mont_mul_9(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 9);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 9);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 9;
-
-        sp_521_from_mp(x, 9, xm);
-        err = sp_521_mod_mul_norm_9(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_521_mont_sqr_9(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_9(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_9(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_9(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_9(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 9, 0, 9U * sizeof(sp_digit));
-        sp_521_mont_reduce_9(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_9(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 18];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 18];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 18];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_9(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_int128 t0;
-    sp_int128 t1;
-    sp_digit t[9];
-
-    t0 = ((sp_int128)a[ 0]) * b[ 0];
-    t1 = ((sp_int128)a[ 0]) * b[ 1]
-       + ((sp_int128)a[ 1]) * b[ 0];
-    t[ 0] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 0]) * b[ 2]
-       + ((sp_int128)a[ 1]) * b[ 1]
-       + ((sp_int128)a[ 2]) * b[ 0];
-    t[ 1] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 0]) * b[ 3]
-       + ((sp_int128)a[ 1]) * b[ 2]
-       + ((sp_int128)a[ 2]) * b[ 1]
-       + ((sp_int128)a[ 3]) * b[ 0];
-    t[ 2] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 0]) * b[ 4]
-       + ((sp_int128)a[ 1]) * b[ 3]
-       + ((sp_int128)a[ 2]) * b[ 2]
-       + ((sp_int128)a[ 3]) * b[ 1]
-       + ((sp_int128)a[ 4]) * b[ 0];
-    t[ 3] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 0]) * b[ 5]
-       + ((sp_int128)a[ 1]) * b[ 4]
-       + ((sp_int128)a[ 2]) * b[ 3]
-       + ((sp_int128)a[ 3]) * b[ 2]
-       + ((sp_int128)a[ 4]) * b[ 1]
-       + ((sp_int128)a[ 5]) * b[ 0];
-    t[ 4] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 0]) * b[ 6]
-       + ((sp_int128)a[ 1]) * b[ 5]
-       + ((sp_int128)a[ 2]) * b[ 4]
-       + ((sp_int128)a[ 3]) * b[ 3]
-       + ((sp_int128)a[ 4]) * b[ 2]
-       + ((sp_int128)a[ 5]) * b[ 1]
-       + ((sp_int128)a[ 6]) * b[ 0];
-    t[ 5] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 0]) * b[ 7]
-       + ((sp_int128)a[ 1]) * b[ 6]
-       + ((sp_int128)a[ 2]) * b[ 5]
-       + ((sp_int128)a[ 3]) * b[ 4]
-       + ((sp_int128)a[ 4]) * b[ 3]
-       + ((sp_int128)a[ 5]) * b[ 2]
-       + ((sp_int128)a[ 6]) * b[ 1]
-       + ((sp_int128)a[ 7]) * b[ 0];
-    t[ 6] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 0]) * b[ 8]
-       + ((sp_int128)a[ 1]) * b[ 7]
-       + ((sp_int128)a[ 2]) * b[ 6]
-       + ((sp_int128)a[ 3]) * b[ 5]
-       + ((sp_int128)a[ 4]) * b[ 4]
-       + ((sp_int128)a[ 5]) * b[ 3]
-       + ((sp_int128)a[ 6]) * b[ 2]
-       + ((sp_int128)a[ 7]) * b[ 1]
-       + ((sp_int128)a[ 8]) * b[ 0];
-    t[ 7] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 1]) * b[ 8]
-       + ((sp_int128)a[ 2]) * b[ 7]
-       + ((sp_int128)a[ 3]) * b[ 6]
-       + ((sp_int128)a[ 4]) * b[ 5]
-       + ((sp_int128)a[ 5]) * b[ 4]
-       + ((sp_int128)a[ 6]) * b[ 3]
-       + ((sp_int128)a[ 7]) * b[ 2]
-       + ((sp_int128)a[ 8]) * b[ 1];
-    t[ 8] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 2]) * b[ 8]
-       + ((sp_int128)a[ 3]) * b[ 7]
-       + ((sp_int128)a[ 4]) * b[ 6]
-       + ((sp_int128)a[ 5]) * b[ 5]
-       + ((sp_int128)a[ 6]) * b[ 4]
-       + ((sp_int128)a[ 7]) * b[ 3]
-       + ((sp_int128)a[ 8]) * b[ 2];
-    r[ 9] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 3]) * b[ 8]
-       + ((sp_int128)a[ 4]) * b[ 7]
-       + ((sp_int128)a[ 5]) * b[ 6]
-       + ((sp_int128)a[ 6]) * b[ 5]
-       + ((sp_int128)a[ 7]) * b[ 4]
-       + ((sp_int128)a[ 8]) * b[ 3];
-    r[10] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 4]) * b[ 8]
-       + ((sp_int128)a[ 5]) * b[ 7]
-       + ((sp_int128)a[ 6]) * b[ 6]
-       + ((sp_int128)a[ 7]) * b[ 5]
-       + ((sp_int128)a[ 8]) * b[ 4];
-    r[11] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 5]) * b[ 8]
-       + ((sp_int128)a[ 6]) * b[ 7]
-       + ((sp_int128)a[ 7]) * b[ 6]
-       + ((sp_int128)a[ 8]) * b[ 5];
-    r[12] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 6]) * b[ 8]
-       + ((sp_int128)a[ 7]) * b[ 7]
-       + ((sp_int128)a[ 8]) * b[ 6];
-    r[13] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = ((sp_int128)a[ 7]) * b[ 8]
-       + ((sp_int128)a[ 8]) * b[ 7];
-    r[14] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = ((sp_int128)a[ 8]) * b[ 8];
-    r[15] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    r[16] = (sp_digit)(t0 & 0x1ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 57);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_9(sp_digit* r, const sp_digit* a)
-{
-    sp_int128 t0;
-    sp_int128 t1;
-    sp_digit t[9];
-
-    t0 =  ((sp_int128)a[ 0]) * a[ 0];
-    t1 = (((sp_int128)a[ 0]) * a[ 1]) * 2;
-    t[ 0] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 0]) * a[ 2]) * 2
-       +  ((sp_int128)a[ 1]) * a[ 1];
-    t[ 1] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 0]) * a[ 3]
-       +  ((sp_int128)a[ 1]) * a[ 2]) * 2;
-    t[ 2] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 0]) * a[ 4]
-       +  ((sp_int128)a[ 1]) * a[ 3]) * 2
-       +  ((sp_int128)a[ 2]) * a[ 2];
-    t[ 3] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 0]) * a[ 5]
-       +  ((sp_int128)a[ 1]) * a[ 4]
-       +  ((sp_int128)a[ 2]) * a[ 3]) * 2;
-    t[ 4] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 0]) * a[ 6]
-       +  ((sp_int128)a[ 1]) * a[ 5]
-       +  ((sp_int128)a[ 2]) * a[ 4]) * 2
-       +  ((sp_int128)a[ 3]) * a[ 3];
-    t[ 5] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 0]) * a[ 7]
-       +  ((sp_int128)a[ 1]) * a[ 6]
-       +  ((sp_int128)a[ 2]) * a[ 5]
-       +  ((sp_int128)a[ 3]) * a[ 4]) * 2;
-    t[ 6] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 0]) * a[ 8]
-       +  ((sp_int128)a[ 1]) * a[ 7]
-       +  ((sp_int128)a[ 2]) * a[ 6]
-       +  ((sp_int128)a[ 3]) * a[ 5]) * 2
-       +  ((sp_int128)a[ 4]) * a[ 4];
-    t[ 7] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 1]) * a[ 8]
-       +  ((sp_int128)a[ 2]) * a[ 7]
-       +  ((sp_int128)a[ 3]) * a[ 6]
-       +  ((sp_int128)a[ 4]) * a[ 5]) * 2;
-    t[ 8] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 2]) * a[ 8]
-       +  ((sp_int128)a[ 3]) * a[ 7]
-       +  ((sp_int128)a[ 4]) * a[ 6]) * 2
-       +  ((sp_int128)a[ 5]) * a[ 5];
-    r[ 9] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 3]) * a[ 8]
-       +  ((sp_int128)a[ 4]) * a[ 7]
-       +  ((sp_int128)a[ 5]) * a[ 6]) * 2;
-    r[10] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 4]) * a[ 8]
-       +  ((sp_int128)a[ 5]) * a[ 7]) * 2
-       +  ((sp_int128)a[ 6]) * a[ 6];
-    r[11] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 5]) * a[ 8]
-       +  ((sp_int128)a[ 6]) * a[ 7]) * 2;
-    r[12] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 = (((sp_int128)a[ 6]) * a[ 8]) * 2
-       +  ((sp_int128)a[ 7]) * a[ 7];
-    r[13] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    t1 = (((sp_int128)a[ 7]) * a[ 8]) * 2;
-    r[14] = (sp_digit)(t0 & 0x1ffffffffffffffL); t1 += t0 >> 57;
-    t0 =  ((sp_int128)a[ 8]) * a[ 8];
-    r[15] = (sp_digit)(t1 & 0x1ffffffffffffffL); t0 += t1 >> 57;
-    r[16] = (sp_digit)(t0 & 0x1ffffffffffffffL);
-    r[17] = (sp_digit)(t0 >> 57);
-    XMEMCPY(r, t, sizeof(t));
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    r[ 0] = a[ 0] + b[ 0];
-    r[ 1] = a[ 1] + b[ 1];
-    r[ 2] = a[ 2] + b[ 2];
-    r[ 3] = a[ 3] + b[ 3];
-    r[ 4] = a[ 4] + b[ 4];
-    r[ 5] = a[ 5] + b[ 5];
-    r[ 6] = a[ 6] + b[ 6];
-    r[ 7] = a[ 7] + b[ 7];
-    r[ 8] = a[ 8] + b[ 8];
-
-    return 0;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + b[i + 0];
-        r[i + 1] = a[i + 1] + b[i + 1];
-        r[i + 2] = a[i + 2] + b[i + 2];
-        r[i + 3] = a[i + 3] + b[i + 3];
-        r[i + 4] = a[i + 4] + b[i + 4];
-        r[i + 5] = a[i + 5] + b[i + 5];
-        r[i + 6] = a[i + 6] + b[i + 6];
-        r[i + 7] = a[i + 7] + b[i + 7];
-    }
-    r[16] = a[16] + b[16];
-    r[17] = a[17] + b[17];
-
-    return 0;
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - b[i + 0];
-        r[i + 1] = a[i + 1] - b[i + 1];
-        r[i + 2] = a[i + 2] - b[i + 2];
-        r[i + 3] = a[i + 3] - b[i + 3];
-        r[i + 4] = a[i + 4] - b[i + 4];
-        r[i + 5] = a[i + 5] - b[i + 5];
-        r[i + 6] = a[i + 6] - b[i + 6];
-        r[i + 7] = a[i + 7] - b[i + 7];
-    }
-    r[16] = a[16] - b[16];
-    r[17] = a[17] - b[17];
-
-    return 0;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_18(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[18];
-    sp_digit* a1 = z1;
-    sp_digit b1[9];
-    sp_digit* z2 = r + 18;
-    (void)sp_1024_add_9(a1, a, &a[9]);
-    (void)sp_1024_add_9(b1, b, &b[9]);
-    sp_1024_mul_9(z2, &a[9], &b[9]);
-    sp_1024_mul_9(z0, a, b);
-    sp_1024_mul_9(z1, a1, b1);
-    (void)sp_1024_sub_18(z1, z1, z2);
-    (void)sp_1024_sub_18(z1, z1, z0);
-    (void)sp_1024_add_18(r + 9, r + 9, z1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_18(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[18];
-    sp_digit* a1 = z1;
-    sp_digit* z2 = r + 18;
-    (void)sp_1024_add_9(a1, a, &a[9]);
-    sp_1024_sqr_9(z2, &a[9]);
-    sp_1024_sqr_9(z0, a);
-    sp_1024_sqr_9(z1, a1);
-    (void)sp_1024_sub_18(z1, z1, z2);
-    (void)sp_1024_sub_18(z1, z1, z0);
-    (void)sp_1024_add_18(r + 9, r + 9, z1);
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_18(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 lo;
-
-    c = ((sp_uint128)a[17]) * b[17];
-    r[35] = (sp_digit)(c >> 57);
-    c &= 0x1ffffffffffffffL;
-    for (k = 33; k >= 0; k--) {
-        if (k >= 18) {
-            i = k - 17;
-            imax = 17;
-        }
-        else {
-            i = 0;
-            imax = k;
-        }
-        lo = 0;
-        for (; i <= imax; i++) {
-            lo += ((sp_uint128)a[i]) * b[k - i];
-        }
-        c += lo >> 57;
-        r[k + 2] += (sp_digit)(c >> 57);
-        r[k + 1]  = (sp_digit)(c & 0x1ffffffffffffffL);
-        c = lo & 0x1ffffffffffffffL;
-    }
-    r[0] = (sp_digit)c;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_18(sp_digit* r, const sp_digit* a)
-{
-    int i;
-    int imax;
-    int k;
-    sp_uint128 c;
-    sp_uint128 t;
-
-    c = ((sp_uint128)a[17]) * a[17];
-    r[35] = (sp_digit)(c >> 57);
-    c = (c & 0x1ffffffffffffffL) << 57;
-    for (k = 33; k >= 0; k--) {
-        i = (k + 1) / 2;
-        if ((k & 1) == 0) {
-           c += ((sp_uint128)a[i]) * a[i];
-           i++;
-        }
-        if (k < 17) {
-            imax = k;
-        }
-        else {
-            imax = 17;
-        }
-        t = 0;
-        for (; i <= imax; i++) {
-            t += ((sp_uint128)a[i]) * a[k - i];
-        }
-        c += t * 2;
-
-        r[k + 2] += (sp_digit) (c >> 114);
-        r[k + 1]  = (sp_digit)((c >> 57) & 0x1ffffffffffffffL);
-        c = (c & 0x1ffffffffffffffL) << 57;
-    }
-    r[0] = (sp_digit)(c >> 57);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[18] = {
-    0x06d807afea85febL,0x0ef88563d6743b3L,0x008e2615f6c2031L,0x1ead2e3e3ff9c7dL,
-    0x1c3c09aa9f94d6aL,0x02954153e79e290L,0x07386dabfd2a0c6L,0x1a8a2558b9acad0L,
-    0x0e26c6487326b4cL,0x0b693fa53335368L,0x06ce7fdf222864dL,0x01aa634b3961cf2L,
-    0x07e2fc0f1b22873L,0x19f00d177a05559L,0x0d20986fa6b8d62L,0x0caf482d819c339L,
-    0x1da65c61198dad0L,0x04cbd5d8f852b1fL
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[18] = {
-    0x1927f850157a015L,0x11077a9c298bc4cL,0x1f71d9ea093dfceL,0x0152d1c1c006382L,
-    0x03c3f655606b295L,0x1d6abeac1861d6fL,0x18c7925402d5f39L,0x0575daa7465352fL,
-    0x11d939b78cd94b3L,0x1496c05acccac97L,0x19318020ddd79b2L,0x1e559cb4c69e30dL,
-    0x181d03f0e4dd78cL,0x060ff2e885faaa6L,0x12df6790594729dL,0x1350b7d27e63cc6L,
-    0x0259a39ee67252fL,0x03342a2707ad4e0L
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x10420077c8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[18] = {
-    0x19b601ebfaa17fbL,0x0bbe2158f59d0ecL,0x082389857db080cL,0x17ab4b8f8ffe71fL,
-    0x070f026aa7e535aL,0x10a55054f9e78a4L,0x01ce1b6aff4a831L,0x06a289562e6b2b4L,
-    0x0389b1921cc9ad3L,0x0ada4fe94ccd4daL,0x11b39ff7c88a193L,0x186a98d2ce5873cL,
-    0x09f8bf03c6c8a1cL,0x167c0345de81556L,0x0b48261be9ae358L,0x032bd20b60670ceL,
-    0x1f69971846636b4L,0x0132f5763e14ac7L
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0x00dc8abeae63895L,0x023624b3f04bcc4L,0x0e96d8fdcfb203bL,
-        0x1900e51b0fdd22cL,0x1a66910dd5cfb4cL,0x106f3a53e0a8a6dL,
-        0x1cb869c0b0ce5e9L,0x19666f90ca916e5L,0x09760af765dd5bcL,
-        0x0c5ecf3a0367448L,0x17c8b36e77e955cL,0x172061613c2087aL,
-        0x00f6ce2308ab10dL,0x1b7fbe5fdaf6db6L,0x1b1a71a62cbc812L,
-        0x16a5456345fac15L,0x1ad0a7990053ed9L,0x029fe04f7199614L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x1573fd71bef16d7L,0x0dab83533ee6f3aL,0x156b56ed18dab6eL,
-        0x0fd3973353017b5L,0x05a4d5f213515adL,0x0554c4a496cbcfeL,
-        0x0bf82b1bc7a0059L,0x0d995ad2d6b6ecaL,0x170dae117ad547cL,
-        0x0b67f8654f0195cL,0x06333e68502cb90L,0x0bcbe1bcabecd6bL,
-        0x14654ec2b9e7f7fL,0x0f0a08bc7af534fL,0x0641a58f5de3608L,
-        0x1426ba7d0402c05L,0x1f1f9f1f0533634L,0x0054124831fb004L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x000000000000001L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        0x000000000000000L,0x000000000000000L,0x000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-/* Normalize the values in each word to 57 bits.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_1024_norm_18(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 17; i++) {
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-#else
-    int i;
-    for (i = 0; i < 16; i += 8) {
-        a[i+1] += a[i+0] >> 57; a[i+0] &= 0x1ffffffffffffffL;
-        a[i+2] += a[i+1] >> 57; a[i+1] &= 0x1ffffffffffffffL;
-        a[i+3] += a[i+2] >> 57; a[i+2] &= 0x1ffffffffffffffL;
-        a[i+4] += a[i+3] >> 57; a[i+3] &= 0x1ffffffffffffffL;
-        a[i+5] += a[i+4] >> 57; a[i+4] &= 0x1ffffffffffffffL;
-        a[i+6] += a[i+5] >> 57; a[i+5] &= 0x1ffffffffffffffL;
-        a[i+7] += a[i+6] >> 57; a[i+6] &= 0x1ffffffffffffffL;
-        a[i+8] += a[i+7] >> 57; a[i+7] &= 0x1ffffffffffffffL;
-    }
-    a[17] += a[16] >> 57; a[16] &= 0x1ffffffffffffffL;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_1024_mul_d_18(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 18; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-    }
-    r[18] = (sp_digit)t;
-#else
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 16; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    t += tb * a[16];
-    r[16] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    t += tb * a[17];
-    r[17] = (sp_digit)(t & 0x1ffffffffffffffL);
-    t >>= 57;
-    r[18] = (sp_digit)(t & 0x1ffffffffffffffL);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_1024_mul_d_36(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    int i;
-
-    for (i = 0; i < 36; i++) {
-        t += tb * a[i];
-        r[i] = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-    }
-    r[36] = (sp_digit)t;
-#else
-    sp_int128 tb = b;
-    sp_int128 t = 0;
-    sp_digit t2;
-    sp_int128 p[4];
-    int i;
-
-    for (i = 0; i < 36; i += 4) {
-        p[0] = tb * a[i + 0];
-        p[1] = tb * a[i + 1];
-        p[2] = tb * a[i + 2];
-        p[3] = tb * a[i + 3];
-        t += p[0];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 0] = (sp_digit)t2;
-        t += p[1];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 1] = (sp_digit)t2;
-        t += p[2];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 2] = (sp_digit)t2;
-        t += p[3];
-        t2 = (sp_digit)(t & 0x1ffffffffffffffL);
-        t >>= 57;
-        r[i + 3] = (sp_digit)t2;
-    }
-    r[36] = (sp_digit)(t & 0x1ffffffffffffffL);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 18; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] + (b[i + 0] & m);
-        r[i + 1] = a[i + 1] + (b[i + 1] & m);
-        r[i + 2] = a[i + 2] + (b[i + 2] & m);
-        r[i + 3] = a[i + 3] + (b[i + 3] & m);
-        r[i + 4] = a[i + 4] + (b[i + 4] & m);
-        r[i + 5] = a[i + 5] + (b[i + 5] & m);
-        r[i + 6] = a[i + 6] + (b[i + 6] & m);
-        r[i + 7] = a[i + 7] + (b[i + 7] & m);
-    }
-    r[16] = a[16] + (b[16] & m);
-    r[17] = a[17] + (b[17] & m);
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 18; i++) {
-        r[i] = a[i] - b[i];
-    }
-
-    return 0;
-}
-
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_1024_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    int i;
-
-    for (i = 0; i < 18; i++) {
-        r[i] = a[i] + b[i];
-    }
-
-    return 0;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-SP_NOINLINE static void sp_1024_rshift_18(sp_digit* r, const sp_digit* a,
-        byte n)
-{
-    int i;
-
-#ifdef WOLFSSL_SP_SMALL
-    for (i=0; i<17; i++) {
-        r[i] = (sp_digit)(((a[i] >> n) | (a[i + 1] << (57 - n))) & 0x1ffffffffffffffL);
-    }
-#else
-    for (i=0; i<16; i += 8) {
-        r[i+0] = (a[i+0] >> n) | (sp_digit)((a[i+1] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+1] = (a[i+1] >> n) | (sp_digit)((a[i+2] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+2] = (a[i+2] >> n) | (sp_digit)((a[i+3] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+3] = (a[i+3] >> n) | (sp_digit)((a[i+4] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+4] = (a[i+4] >> n) | (sp_digit)((a[i+5] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+5] = (a[i+5] >> n) | (sp_digit)((a[i+6] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+6] = (a[i+6] >> n) | (sp_digit)((a[i+7] << (57 - n)) & 0x1ffffffffffffffL);
-        r[i+7] = (a[i+7] >> n) | (sp_digit)((a[i+8] << (57 - n)) & 0x1ffffffffffffffL);
-    }
-    r[16] = (a[16] >> n) | (sp_digit)((a[17] << (57 - n)) & 0x1ffffffffffffffL);
-#endif /* WOLFSSL_SP_SMALL */
-    r[17] = a[17] >> n;
-}
-
-static WC_INLINE sp_digit sp_1024_div_word_18(sp_digit d1, sp_digit d0,
-    sp_digit div)
-{
-#ifdef SP_USE_DIVTI3
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-
-    return d / div;
-#elif defined(__x86_64__) || defined(__i386__)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_uint64 lo = (sp_uint64)d;
-    sp_digit hi = (sp_digit)(d >> 64);
-
-    __asm__ __volatile__ (
-        "idiv %2"
-        : "+a" (lo)
-        : "d" (hi), "r" (div)
-        : "cc"
-    );
-
-    return (sp_digit)lo;
-#elif !defined(__aarch64__) &&  !defined(SP_DIV_WORD_USE_DIV)
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit dv = (div >> 1) + 1;
-    sp_digit t1 = (sp_digit)(d >> 57);
-    sp_digit t0 = (sp_digit)(d & 0x1ffffffffffffffL);
-    sp_digit t2;
-    sp_digit sign;
-    sp_digit r;
-    int i;
-    sp_int128 m;
-
-    r = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-    t1 -= dv & (0 - r);
-    for (i = 55; i >= 1; i--) {
-        t1 += t1 + (((sp_uint64)t0 >> 56) & 1);
-        t0 <<= 1;
-        t2 = (sp_digit)(((sp_uint64)(dv - t1)) >> 63);
-        r += r + t2;
-        t1 -= dv & (0 - t2);
-        t1 += t2;
-    }
-    r += r + 1;
-
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 57);
-    m = d - ((sp_int128)r * div);
-    r += (sp_digit)(m >> 114) - (sp_digit)(d >> 114);
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-
-    m = d - ((sp_int128)r * div);
-    sign = (sp_digit)(0 - ((sp_uint64)m >> 63)) * 2 + 1;
-    m *= sign;
-    t2 = (sp_digit)(((sp_uint64)(div - m)) >> 63);
-    r += sign * t2;
-   return r;
-#else
-    sp_int128 d = ((sp_int128)d1 << 57) + d0;
-    sp_digit r = 0;
-    sp_digit t;
-    sp_digit dv = (div >> 26) + 1;
-
-    t = (sp_digit)(d >> 52);
-    t = (t / dv) << 26;
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)(d >> 21);
-    t = t / (dv << 5);
-    r += t;
-    d -= (sp_int128)t * div;
-    t = (sp_digit)d;
-    t = t / div;
-    r += t;
-    d -= (sp_int128)t * div;
-    return r;
-#endif
-}
-static WC_INLINE sp_digit sp_1024_word_div_word_18(sp_digit d, sp_digit div)
-{
-#if defined(__x86_64__) || defined(__i386__) || defined(__aarch64__) || \
-    defined(SP_DIV_WORD_USE_DIV)
-    return d / div;
-#else
-    return (sp_digit)((sp_uint64)(div - d) >> 63);
-#endif
-}
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * Full implementation.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_1024_div_18(const sp_digit* a, const sp_digit* d,
-        const sp_digit* m, sp_digit* r)
-{
-    int i;
-    SP_DECL_VAR(sp_digit, t1, 4 * 18 + 3);
-    sp_digit dv;
-    sp_digit r1;
-    sp_digit* t2 = NULL;
-    sp_digit* sd = NULL;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 18 + 3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        t2 = t1 + 36 + 1;
-        sd = t2 + 18 + 1;
-
-        sp_1024_mul_d_18(sd, d, (sp_digit)1 << 2);
-        sp_1024_mul_d_36(t1, a, (sp_digit)1 << 2);
-        dv = sd[17];
-        t1[18 + 18] += t1[18 + 18 - 1] >> 57;
-        t1[18 + 18 - 1] &= 0x1ffffffffffffffL;
-        for (i=18; i>=0; i--) {
-            r1 = sp_1024_div_word_18(t1[18 + i], t1[18 + i - 1], dv);
-
-            sp_1024_mul_d_18(t2, sd, r1);
-            (void)sp_1024_sub_18(&t1[i], &t1[i], t2);
-            sp_1024_norm_18(&t1[i]);
-            t1[18 + i] -= t2[18];
-            t1[18 + i] += t1[18 + i - 1] >> 57;
-            t1[18 + i - 1] &= 0x1ffffffffffffffL;
-            r1 = sp_1024_div_word_18(-t1[18 + i], -t1[18 + i - 1], dv);
-            r1 -= t1[18 + i];
-            sp_1024_mul_d_18(t2, sd, r1);
-            (void)sp_1024_add_18(&t1[i], &t1[i], t2);
-            t1[18 + i] += t1[18 + i - 1] >> 57;
-            t1[18 + i - 1] &= 0x1ffffffffffffffL;
-        }
-        t1[18 - 1] += t1[18 - 2] >> 57;
-        t1[18 - 2] &= 0x1ffffffffffffffL;
-        r1 = sp_1024_word_div_word_18(t1[18 - 1], dv);
-
-        sp_1024_mul_d_18(t2, sd, r1);
-        sp_1024_sub_18(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 36U);
-        for (i=0; i<17; i++) {
-            r[i+1] += r[i] >> 57;
-            r[i] &= 0x1ffffffffffffffL;
-        }
-        sp_1024_cond_add_18(r, r, sd, r[17] >> 63);
-
-        sp_1024_norm_18(r);
-        sp_1024_rshift_18(r, r, 2);
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_1024_mod_18(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_1024_div_18(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_mul_18(r, a, p1024_norm_mod);
-    return sp_1024_mod_18(r, r, m);
-}
-
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_18(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_18(heap, sp, p) sp_1024_point_new_ex_18((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_18(heap, sp, p) sp_1024_point_new_ex_18((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_18(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 57
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 56);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 56);
-    }
-#elif DIGIT_BIT > 57
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0x1ffffffffffffffL;
-        s = 57U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 57U) <= (word32)DIGIT_BIT) {
-            s += 57U;
-            r[j] &= 0x1ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 57) {
-            r[j] &= 0x1ffffffffffffffL;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 57 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_18(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 18, pm->x);
-    sp_1024_from_mp(p->y, 18, pm->y);
-    sp_1024_from_mp(p->z, 18, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 57
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 18);
-        r->used = 18;
-        mp_clamp(r);
-#elif DIGIT_BIT < 57
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 18; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 57) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 57 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 18; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 57 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 57 - s;
-            }
-            else {
-                s += 57;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_18(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_1024_cmp_18(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=17; i>=0; i--) {
-        r |= (a[i] - b[i]) & ~(((sp_digit)0 - r) >> 56);
-    }
-#else
-    int i;
-
-    r |= (a[17] - b[17]) & (0 - (sp_digit)1);
-    r |= (a[16] - b[16]) & ~(((sp_digit)0 - r) >> 56);
-    for (i = 8; i >= 0; i -= 8) {
-        r |= (a[i + 7] - b[i + 7]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 6] - b[i + 6]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 5] - b[i + 5]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 4] - b[i + 4]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 3] - b[i + 3]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 2] - b[i + 2]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 1] - b[i + 1]) & ~(((sp_digit)0 - r) >> 56);
-        r |= (a[i + 0] - b[i + 0]) & ~(((sp_digit)0 - r) >> 56);
-    }
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_sub_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 18; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i + 0] = a[i + 0] - (b[i + 0] & m);
-        r[i + 1] = a[i + 1] - (b[i + 1] & m);
-        r[i + 2] = a[i + 2] - (b[i + 2] & m);
-        r[i + 3] = a[i + 3] - (b[i + 3] & m);
-        r[i + 4] = a[i + 4] - (b[i + 4] & m);
-        r[i + 5] = a[i + 5] - (b[i + 5] & m);
-        r[i + 6] = a[i + 6] - (b[i + 6] & m);
-        r[i + 7] = a[i + 7] - (b[i + 7] & m);
-    }
-    r[16] = a[16] - (b[16] & m);
-    r[17] = a[17] - (b[17] & m);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_1024_mul_add_18(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_int128 tb = b;
-    sp_int128 t[4];
-    int i;
-
-    t[0] = 0;
-    for (i = 0; i < 16; i += 4) {
-        t[0] += (tb * a[i+0]) + r[i+0];
-        t[1]  = (tb * a[i+1]) + r[i+1];
-        t[2]  = (tb * a[i+2]) + r[i+2];
-        t[3]  = (tb * a[i+3]) + r[i+3];
-        r[i+0] = (sp_digit)(t[0] & 0x1ffffffffffffffL);
-        t[1] += t[0] >> 57;
-        r[i+1] = (sp_digit)(t[1] & 0x1ffffffffffffffL);
-        t[2] += t[1] >> 57;
-        r[i+2] = (sp_digit)(t[2] & 0x1ffffffffffffffL);
-        t[3] += t[2] >> 57;
-        r[i+3] = (sp_digit)(t[3] & 0x1ffffffffffffffL);
-        t[0]  = t[3] >> 57;
-    }
-    t[0] += (tb * a[16]) + r[16];
-    t[1]  = (tb * a[17]) + r[17];
-    r[16] = (sp_digit)(t[0] & 0x1ffffffffffffffL);
-    t[1] += t[0] >> 57;
-    r[17] = (sp_digit)(t[1] & 0x1ffffffffffffffL);
-    r[18] +=  (sp_digit)(t[1] >> 57);
-#else
-    sp_int128 tb = b;
-    sp_int128 t[8];
-    int i;
-
-    t[0] = tb * a[0]; r[0] += (sp_digit)(t[0] & 0x1ffffffffffffffL);
-    for (i = 0; i < 16; i += 8) {
-        t[1] = tb * a[i+1];
-        r[i+1] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-        t[2] = tb * a[i+2];
-        r[i+2] += (sp_digit)((t[1] >> 57) + (t[2] & 0x1ffffffffffffffL));
-        t[3] = tb * a[i+3];
-        r[i+3] += (sp_digit)((t[2] >> 57) + (t[3] & 0x1ffffffffffffffL));
-        t[4] = tb * a[i+4];
-        r[i+4] += (sp_digit)((t[3] >> 57) + (t[4] & 0x1ffffffffffffffL));
-        t[5] = tb * a[i+5];
-        r[i+5] += (sp_digit)((t[4] >> 57) + (t[5] & 0x1ffffffffffffffL));
-        t[6] = tb * a[i+6];
-        r[i+6] += (sp_digit)((t[5] >> 57) + (t[6] & 0x1ffffffffffffffL));
-        t[7] = tb * a[i+7];
-        r[i+7] += (sp_digit)((t[6] >> 57) + (t[7] & 0x1ffffffffffffffL));
-        t[0] = tb * a[i+8];
-        r[i+8] += (sp_digit)((t[7] >> 57) + (t[0] & 0x1ffffffffffffffL));
-    }
-    t[1] = tb * a[17];
-    r[17] += (sp_digit)((t[0] >> 57) + (t[1] & 0x1ffffffffffffffL));
-    r[18] +=  (sp_digit)(t[1] >> 57);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 1024 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_1024_mont_shift_18(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_uint64 n;
-
-    n = a[17] >> 55;
-    for (i = 0; i < 17; i++) {
-        n += (sp_uint64)a[18 + i] << 2;
-        r[i] = (sp_digit)(n & 0x1ffffffffffffffL);
-        n >>= 57;
-    }
-    n += (sp_uint64)a[35] << 2;
-    r[17] = n;
-#else
-    sp_uint64 n;
-    int i;
-
-    n  = (sp_uint64)a[17];
-    n  = n >> 55U;
-    for (i = 0; i < 16; i += 8) {
-        n += (sp_uint64)a[i+18] << 2U; r[i+0] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+19] << 2U; r[i+1] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+20] << 2U; r[i+2] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+21] << 2U; r[i+3] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+22] << 2U; r[i+4] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+23] << 2U; r[i+5] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+24] << 2U; r[i+6] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-        n += (sp_uint64)a[i+25] << 2U; r[i+7] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-    }
-    n += (sp_uint64)a[34] << 2U; r[16] = (sp_digit)(n & 0x1ffffffffffffffUL); n >>= 57U;
-    n += (sp_uint64)a[35] << 2U; r[17] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[18], 0, sizeof(*r) * 18U);
-}
-
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_1024_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    int i;
-    sp_digit mu;
-    sp_digit over;
-
-    sp_1024_norm_18(a + 18);
-
-    if (mp != 1) {
-        for (i=0; i<17; i++) {
-            mu = (sp_digit)((a[i] * mp) & 0x1ffffffffffffffL);
-            sp_1024_mul_add_18(a+i, m, mu);
-            a[i+1] += a[i] >> 57;
-        }
-        mu = (sp_digit)((a[i] * mp) & 0x7fffffffffffffL);
-        sp_1024_mul_add_18(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-    else {
-        for (i=0; i<17; i++) {
-            mu = (sp_digit)(a[i] & 0x1ffffffffffffffL);
-            sp_1024_mul_add_18(a+i, m, mu);
-            a[i+1] += a[i] >> 57;
-        }
-        mu = (sp_digit)(a[i] & 0x7fffffffffffffL);
-        sp_1024_mul_add_18(a+i, m, mu);
-        a[i+1] += a[i] >> 57;
-        a[i] &= 0x1ffffffffffffffL;
-    }
-    sp_1024_mont_shift_18(a, a);
-    over = a[17] - m[17];
-    sp_1024_cond_sub_18(a, a, m, ~((over - 1) >> 63));
-    sp_1024_norm_18(a);
-}
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_18(r, a, b);
-    sp_1024_mont_reduce_18(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_18(r, a);
-    sp_1024_mont_reduce_18(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_18(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 18];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 18 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 18);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_18(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_18(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 18);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_18(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_18(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_18(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_18(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*18;
-    sp_int64 n;
-
-    sp_1024_mont_inv_18(t1, p->z, t + 2*18);
-
-    sp_1024_mont_sqr_18(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_18(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 18, 0, sizeof(sp_digit) * 18U);
-    sp_1024_mont_reduce_18(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_18(r->x, p1024_mod);
-    sp_1024_cond_sub_18(r->x, r->x, p1024_mod, (sp_digit)~(n >> 56));
-    sp_1024_norm_18(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_18(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 18, 0, sizeof(sp_digit) * 18U);
-    sp_1024_mont_reduce_18(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_18(r->y, p1024_mod);
-    sp_1024_cond_sub_18(r->y, r->y, p1024_mod, (sp_digit)~(n >> 56));
-    sp_1024_norm_18(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_add_18(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_1024_add_18(r, a, b);
-    sp_1024_norm_18(r);
-    over = r[17] - m[17];
-    sp_1024_cond_sub_18(r, r, m, ~((over - 1) >> 63));
-    sp_1024_norm_18(r);
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_dbl_18(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_1024_add_18(r, a, a);
-    sp_1024_norm_18(r);
-    over = r[17] - m[17];
-    sp_1024_cond_sub_18(r, r, m, ~((over - 1) >> 63));
-    sp_1024_norm_18(r);
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_tpl_18(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit over;
-    (void)sp_1024_add_18(r, a, a);
-    sp_1024_norm_18(r);
-    over = r[17] - m[17];
-    sp_1024_cond_sub_18(r, r, m, ~((over - 1) >> 63));
-    sp_1024_norm_18(r);
-    (void)sp_1024_add_18(r, r, a);
-    sp_1024_norm_18(r);
-    over = r[17] - m[17];
-    sp_1024_cond_sub_18(r, r, m, ~((over - 1) >> 63));
-    sp_1024_norm_18(r);
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_1024_mont_sub_18(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_1024_sub_18(r, a, b);
-    sp_1024_norm_18(r);
-    sp_1024_cond_add_18(r, r, m, r[17] >> 55);
-    sp_1024_norm_18(r);
-}
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_1024_rshift1_18(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<17; i++) {
-        r[i] = (a[i] >> 1) + (sp_digit)((a[i + 1] << 56) & 0x1ffffffffffffffL);
-    }
-#else
-    r[0] = (a[0] >> 1) + (sp_digit)((a[1] << 56) & 0x1ffffffffffffffL);
-    r[1] = (a[1] >> 1) + (sp_digit)((a[2] << 56) & 0x1ffffffffffffffL);
-    r[2] = (a[2] >> 1) + (sp_digit)((a[3] << 56) & 0x1ffffffffffffffL);
-    r[3] = (a[3] >> 1) + (sp_digit)((a[4] << 56) & 0x1ffffffffffffffL);
-    r[4] = (a[4] >> 1) + (sp_digit)((a[5] << 56) & 0x1ffffffffffffffL);
-    r[5] = (a[5] >> 1) + (sp_digit)((a[6] << 56) & 0x1ffffffffffffffL);
-    r[6] = (a[6] >> 1) + (sp_digit)((a[7] << 56) & 0x1ffffffffffffffL);
-    r[7] = (a[7] >> 1) + (sp_digit)((a[8] << 56) & 0x1ffffffffffffffL);
-    r[8] = (a[8] >> 1) + (sp_digit)((a[9] << 56) & 0x1ffffffffffffffL);
-    r[9] = (a[9] >> 1) + (sp_digit)((a[10] << 56) & 0x1ffffffffffffffL);
-    r[10] = (a[10] >> 1) + (sp_digit)((a[11] << 56) & 0x1ffffffffffffffL);
-    r[11] = (a[11] >> 1) + (sp_digit)((a[12] << 56) & 0x1ffffffffffffffL);
-    r[12] = (a[12] >> 1) + (sp_digit)((a[13] << 56) & 0x1ffffffffffffffL);
-    r[13] = (a[13] >> 1) + (sp_digit)((a[14] << 56) & 0x1ffffffffffffffL);
-    r[14] = (a[14] >> 1) + (sp_digit)((a[15] << 56) & 0x1ffffffffffffffL);
-    r[15] = (a[15] >> 1) + (sp_digit)((a[16] << 56) & 0x1ffffffffffffffL);
-    r[16] = (a[16] >> 1) + (sp_digit)((a[17] << 56) & 0x1ffffffffffffffL);
-#endif
-    r[17] = a[17] >> 1;
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_1024_mont_div2_18(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_cond_add_18(r, a, m, 0 - (a[0] & 1));
-    sp_1024_norm_18(r);
-    sp_1024_rshift1_18(r, r);
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_18(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*18;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_18(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_18(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_18(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_18(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_18(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_18(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_18(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_18(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_18(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_18(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_18(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_18(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_18(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_18(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_18(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_18(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_18(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_18(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_18_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_18_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_18_ctx* ctx = (sp_1024_proj_point_dbl_18_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_18_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*18;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_18(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_18(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_18(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_18(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_18(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_18(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_18(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_18(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_18(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_18(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_18(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_18(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_18(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_18(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_18(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_18(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_18(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16]) | (a[17] ^ b[17])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_18(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16] | a[17]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_18(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*18;
-    sp_digit* t2 = t + 4*18;
-    sp_digit* t3 = t + 6*18;
-    sp_digit* t4 = t + 8*18;
-    sp_digit* t5 = t + 10*18;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_18(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_18(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_18(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_18(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_18(t2, t1) &
-            sp_1024_cmp_equal_18(t4, t3)) {
-        sp_1024_proj_point_dbl_18(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_18(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_18(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_18(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_18(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_18(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_18(t3, y, p1024_mod);
-        sp_1024_mont_sub_18(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_18(y, y, x, p1024_mod);
-        sp_1024_mont_mul_18(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 18; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 18; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 18; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_18_ctx {
-    int state;
-    sp_1024_proj_point_dbl_18_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_18_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_18_ctx* ctx = (sp_1024_proj_point_add_18_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_18_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*18;
-        ctx->t2 = t + 4*18;
-        ctx->t3 = t + 6*18;
-        ctx->t4 = t + 8*18;
-        ctx->t5 = t + 10*18;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_18(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_18(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_18(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_18(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_18(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_18(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_18(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_18(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_18(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_18(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_18(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_18(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_18(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_18(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_18(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_18(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_18(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_18(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_18(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_18(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_18(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_18(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_18(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_18(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 18; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 18; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 18; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Small implementation using add and double that is cache attack resistant but
- * allocates memory rather than use large stacks.
- * 1024 adds and doubles.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 18 * 37);
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Implementation is constant time. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 18 * 37, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        XMEMSET(t, 0, sizeof(sp_point_1024) * 3);
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_18(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_1024_mod_mul_norm_18(t[1].y, g->y, p1024_mod);
-    if (err == MP_OKAY)
-        err = sp_1024_mod_mul_norm_18(t[1].z, g->z, p1024_mod);
-
-    if (err == MP_OKAY) {
-        i = 17;
-        c = 55;
-        n = k[i--] << (57 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 57;
-            }
-
-            y = (n >> 56) & 1;
-            n <<= 1;
-
-            sp_1024_proj_point_add_18(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                   ((size_t)&t[1] & addr_mask[y])),
-                    sizeof(sp_point_1024));
-            sp_1024_proj_point_dbl_18(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                            ((size_t)&t[1] & addr_mask[y])), &t[2],
-                    sizeof(sp_point_1024));
-        }
-
-        if (map != 0) {
-            sp_1024_map_18(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point_1024));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 18 * 37, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_ecc_mulmod_18_ctx {
-    int state;
-    union {
-        sp_1024_proj_point_dbl_18_ctx dbl_ctx;
-        sp_1024_proj_point_add_18_ctx add_ctx;
-    };
-    sp_point_1024 t[3];
-    sp_digit tmp[2 * 18 * 37];
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-} sp_1024_ecc_mulmod_18_ctx;
-
-static int sp_1024_ecc_mulmod_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* g, const sp_digit* k, int map, int ct, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_ecc_mulmod_18_ctx* ctx = (sp_1024_ecc_mulmod_18_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_ecc_mulmod_18_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    /* Implementation is constant time. */
-    (void)ct;
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        XMEMSET(ctx->t, 0, sizeof(sp_point_1024) * 3);
-        ctx->i = 17;
-        ctx->c = 55;
-        ctx->n = k[ctx->i--] << (57 - ctx->c);
-
-        /* t[0] = {0, 0, 1} * norm */
-        ctx->t[0].infinity = 1;
-        ctx->state = 1;
-        break;
-    case 1: /* T1X */
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_18(ctx->t[1].x, g->x, p1024_mod);
-        ctx->state = 2;
-        break;
-    case 2: /* T1Y */
-        err = sp_1024_mod_mul_norm_18(ctx->t[1].y, g->y, p1024_mod);
-        ctx->state = 3;
-        break;
-    case 3: /* T1Z */
-        err = sp_1024_mod_mul_norm_18(ctx->t[1].z, g->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4: /* ADDPREP */
-        if (ctx->c == 0) {
-            if (ctx->i == -1) {
-                ctx->state = 7;
-                break;
-            }
-
-            ctx->n = k[ctx->i--];
-            ctx->c = 57;
-        }
-        ctx->y = (ctx->n >> 56) & 1;
-        ctx->n <<= 1;
-        XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-        ctx->state = 5;
-        break;
-    case 5: /* ADD */
-        err = sp_1024_proj_point_add_18_nb((sp_ecc_ctx_t*)&ctx->add_ctx,
-            &ctx->t[ctx->y^1], &ctx->t[0], &ctx->t[1], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY(&ctx->t[2], (void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                                        ((size_t)&ctx->t[1] & addr_mask[ctx->y])),
-                    sizeof(sp_point_1024));
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* DBL */
-        err = sp_1024_proj_point_dbl_18_nb((sp_ecc_ctx_t*)&ctx->dbl_ctx, &ctx->t[2],
-            &ctx->t[2], ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMCPY((void*)(((size_t)&ctx->t[0] & addr_mask[ctx->y^1]) +
-                            ((size_t)&ctx->t[1] & addr_mask[ctx->y])), &ctx->t[2],
-                    sizeof(sp_point_1024));
-            ctx->state = 4;
-            ctx->c--;
-        }
-        break;
-    case 7: /* MAP */
-        if (map != 0) {
-            sp_1024_map_18(r, &ctx->t[0], ctx->tmp);
-        }
-        else {
-            XMEMCPY(r, &ctx->t[0], sizeof(sp_point_1024));
-        }
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 7) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        ForceZero(ctx->tmp, sizeof(ctx->tmp));
-        ForceZero(ctx->t, sizeof(ctx->t));
-    }
-
-    (void)heap;
-
-    return err;
-}
-
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[18];
-    sp_digit y[18];
-} sp_table_entry_1024;
-
-/* Conditionally copy a into r using the mask m.
- * m is -1 to copy and 0 when not.
- *
- * r  A single precision number to copy over.
- * a  A single precision number to copy.
- * m  Mask value to apply.
- */
-static void sp_1024_cond_copy_18(sp_digit* r, const sp_digit* a, const sp_digit m)
-{
-    sp_digit t[18];
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 18; i++) {
-        t[i] = r[i] ^ a[i];
-    }
-    for (i = 0; i < 18; i++) {
-        r[i] ^= t[i] & m;
-    }
-#else
-    t[ 0] = r[ 0] ^ a[ 0];
-    t[ 1] = r[ 1] ^ a[ 1];
-    t[ 2] = r[ 2] ^ a[ 2];
-    t[ 3] = r[ 3] ^ a[ 3];
-    t[ 4] = r[ 4] ^ a[ 4];
-    t[ 5] = r[ 5] ^ a[ 5];
-    t[ 6] = r[ 6] ^ a[ 6];
-    t[ 7] = r[ 7] ^ a[ 7];
-    t[ 8] = r[ 8] ^ a[ 8];
-    t[ 9] = r[ 9] ^ a[ 9];
-    t[10] = r[10] ^ a[10];
-    t[11] = r[11] ^ a[11];
-    t[12] = r[12] ^ a[12];
-    t[13] = r[13] ^ a[13];
-    t[14] = r[14] ^ a[14];
-    t[15] = r[15] ^ a[15];
-    t[16] = r[16] ^ a[16];
-    t[17] = r[17] ^ a[17];
-    r[ 0] ^= t[ 0] & m;
-    r[ 1] ^= t[ 1] & m;
-    r[ 2] ^= t[ 2] & m;
-    r[ 3] ^= t[ 3] & m;
-    r[ 4] ^= t[ 4] & m;
-    r[ 5] ^= t[ 5] & m;
-    r[ 6] ^= t[ 6] & m;
-    r[ 7] ^= t[ 7] & m;
-    r[ 8] ^= t[ 8] & m;
-    r[ 9] ^= t[ 9] & m;
-    r[10] ^= t[10] & m;
-    r[11] ^= t[11] & m;
-    r[12] ^= t[12] & m;
-    r[13] ^= t[13] & m;
-    r[14] ^= t[14] & m;
-    r[15] ^= t[15] & m;
-    r[16] ^= t[16] & m;
-    r[17] ^= t[17] & m;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*18;
-    sp_digit* b = t + 4*18;
-    sp_digit* t1 = t + 6*18;
-    sp_digit* t2 = t + 8*18;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_18(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_18(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_18(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_18(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_18(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_18(t2, b, p1024_mod);
-        sp_1024_mont_sub_18(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_18(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_18(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_18(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_18(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_18(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_18(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_18(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_18(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_18(t2, b, p1024_mod);
-    sp_1024_mont_sub_18(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_18(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_18(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_18(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_18(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_18(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_18(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_18(y, y, p1024_mod);
-}
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
-        const sp_point_1024* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*18;
-    sp_digit* b = t + 4*18;
-    sp_digit* t1 = t + 6*18;
-    sp_digit* t2 = t + 8*18;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<18; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<18; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<18; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_18(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_18(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_18(w, w, p1024_mod, p1024_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_18(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_18(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_18(t2, b, p1024_mod);
-        sp_1024_mont_sub_18(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_18(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_18(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_18(r[j].z, z, y, p1024_mod, p1024_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_18(t1, t1, p1024_mod, p1024_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_18(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_18(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(y, y, t1, p1024_mod);
-        /* Y = Y/2 */
-        sp_1024_mont_div2_18(r[j].y, y, p1024_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_sub_18(sp_point_1024* ra,
-        sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*18;
-    sp_digit* t3 = t + 4*18;
-    sp_digit* t4 = t + 6*18;
-    sp_digit* t5 = t + 8*18;
-    sp_digit* t6 = t + 10*18;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_18(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t1, t1, xa, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_18(t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t4, t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_18(t3, t3, ya, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_18(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-    /* H = U2 - U1 */
-    sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
-    /* RS = S2 + S1 */
-    sp_1024_mont_add_18(t6, t4, t3, p1024_mod);
-    /* R = S2 - S1 */
-    sp_1024_mont_sub_18(t4, t4, t3, p1024_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_1024_mont_mul_18(za, za, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(za, za, t2, p1024_mod, p1024_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_1024_mont_sqr_18(xa, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_18(xs, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_18(t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(ya, t1, t5, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t5, t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_18(xa, xa, t5, p1024_mod);
-    sp_1024_mont_sub_18(xs, xs, t5, p1024_mod);
-    sp_1024_mont_dbl_18(t1, ya, p1024_mod);
-    sp_1024_mont_sub_18(xa, xa, t1, p1024_mod);
-    sp_1024_mont_sub_18(xs, xs, t1, p1024_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_18(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_18(ya, ya, xa, p1024_mod);
-    sp_1024_mont_mul_18(ya, ya, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_18(t6, p1024_mod, t6, p1024_mod);
-    sp_1024_mont_mul_18(ys, ys, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t5, t5, t3, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_18(ya, ya, t5, p1024_mod);
-    sp_1024_mont_sub_18(ys, ys, t5, p1024_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_1024 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_1024;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_18_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_18_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_1024_ecc_recode_7_18(const sp_digit* k, ecc_recode_1024* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<147; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 57) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 57) {
-            n >>= 7;
-            if (++j < 18)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 18) {
-            n = k[j];
-            y |= (word8)((n << (57 - o)) & 0x7f);
-            o -= 50;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_18_7[y];
-        v[i].neg = recode_neg_18_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 7 bits. (Add-Sub variation.)
- * Calculate 0..64 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 65+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 18 * 37);
-    sp_point_1024* rt = NULL;
-    sp_point_1024* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_1024 v[147];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 65+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 18 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 65;
-        p  = t + 65+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_18(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(t[1].y, g->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(t[1].z, g->z, p1024_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[64]  */
-        sp_1024_proj_point_dbl_n_store_18(t, &t[ 1], 6, 1, tmp);
-        sp_1024_proj_point_add_18(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[ 6], &t[ 3], tmp);
-        sp_1024_proj_point_add_sub_18(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[10], &t[ 5], tmp);
-        sp_1024_proj_point_add_sub_18(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[12], &t[ 6], tmp);
-        sp_1024_proj_point_dbl_18(&t[14], &t[ 7], tmp);
-        sp_1024_proj_point_add_sub_18(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[18], &t[ 9], tmp);
-        sp_1024_proj_point_add_sub_18(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[20], &t[10], tmp);
-        sp_1024_proj_point_dbl_18(&t[22], &t[11], tmp);
-        sp_1024_proj_point_add_sub_18(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[24], &t[12], tmp);
-        sp_1024_proj_point_dbl_18(&t[26], &t[13], tmp);
-        sp_1024_proj_point_add_sub_18(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[28], &t[14], tmp);
-        sp_1024_proj_point_dbl_18(&t[30], &t[15], tmp);
-        sp_1024_proj_point_add_sub_18(&t[31], &t[29], &t[30], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[34], &t[17], tmp);
-        sp_1024_proj_point_add_sub_18(&t[35], &t[33], &t[34], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[36], &t[18], tmp);
-        sp_1024_proj_point_dbl_18(&t[38], &t[19], tmp);
-        sp_1024_proj_point_add_sub_18(&t[39], &t[37], &t[38], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[40], &t[20], tmp);
-        sp_1024_proj_point_dbl_18(&t[42], &t[21], tmp);
-        sp_1024_proj_point_add_sub_18(&t[43], &t[41], &t[42], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[44], &t[22], tmp);
-        sp_1024_proj_point_dbl_18(&t[46], &t[23], tmp);
-        sp_1024_proj_point_add_sub_18(&t[47], &t[45], &t[46], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[48], &t[24], tmp);
-        sp_1024_proj_point_dbl_18(&t[50], &t[25], tmp);
-        sp_1024_proj_point_add_sub_18(&t[51], &t[49], &t[50], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[52], &t[26], tmp);
-        sp_1024_proj_point_dbl_18(&t[54], &t[27], tmp);
-        sp_1024_proj_point_add_sub_18(&t[55], &t[53], &t[54], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[56], &t[28], tmp);
-        sp_1024_proj_point_dbl_18(&t[58], &t[29], tmp);
-        sp_1024_proj_point_add_sub_18(&t[59], &t[57], &t[58], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_18(&t[60], &t[30], tmp);
-        sp_1024_proj_point_dbl_18(&t[62], &t[31], tmp);
-        sp_1024_proj_point_add_sub_18(&t[63], &t[61], &t[62], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_1024_ecc_recode_7_18(k, v);
-
-        i = 146;
-        XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_1024));
-        for (--i; i>=0; i--) {
-            sp_1024_proj_point_dbl_n_18(rt, 7, tmp);
-            XMEMCPY(p, &t[v[i].i], sizeof(sp_point_1024));
-            sp_1024_mont_sub_18(negy, p1024_mod, p->y, p1024_mod);
-            sp_1024_norm_18(negy);
-            sp_1024_cond_copy_18(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_1024_proj_point_add_18(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_18(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*18;
-    sp_digit* t6 = t + 4*18;
-    sp_digit* t1 = t + 6*18;
-    sp_digit* t4 = t + 8*18;
-    sp_digit* t5 = t + 10*18;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_18(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_18(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_18(p->x, t2) &
-            sp_1024_cmp_equal_18(p->y, t4)) {
-        sp_1024_proj_point_dbl_18(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_18(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_18(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_18(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_18(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_18(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_18(t5, t3, p1024_mod);
-        sp_1024_mont_sub_18(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_18(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_18(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 18; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 18; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 18; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_18(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 18;
-    sp_digit* tmp = t + 4 * 18;
-
-    sp_1024_mont_inv_18(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_18(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_18(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_18(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_18(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_18(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_18(t, 128, tmp);
-            sp_1024_proj_to_affine_18(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_18(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_18(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_18(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 18 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 18 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 57] >> (x % 57)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 57] >> (x % 57)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_18(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_18(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_18(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[18];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[18];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_18(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_18(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_win_add_sub_18(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 18 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 18 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_18(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_win_add_sub_18(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_18(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 18);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 18, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 18, km);
-        sp_1024_point_from_ecc_point_18(point, gm);
-
-            err = sp_1024_ecc_mulmod_18(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_18(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_18(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_1024_ecc_mulmod_18(r, &p1024_base, k, map, ct, heap);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-static int sp_1024_ecc_mulmod_base_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_1024_ecc_mulmod_18_nb(sp_ctx, r, &p1024_base, k, map, ct, heap);
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x19c7ec6e0162bc2L,0x0637188544944dfL,0x17c27926760777bL,
-        0x10da6b0430bab33L,0x10c5f8db9a96ea2L,0x1ae83300d763e9bL,
-        0x15fe39cb9265633L,0x0b585ce52fa7d23L,0x18621db92da9f2fL,
-        0x1936433ad2b3cf6L,0x0e177cb15aab052L,0x09a98d427f32466L,
-        0x13ffa8ec11b88e7L,0x0f9fcff7890a58bL,0x19ed13a80e1a89cL,
-        0x0692d7b36369d81L,0x00bafe528dceecdL,0x046fffcb50e24fcL },
-      { 0x0a4753ac03c0c83L,0x14e8c55e6e6badaL,0x0e23ddd6d925a39L,
-        0x157eb1e6a5c7073L,0x1d0bc15c803f949L,0x194c612fb8133cdL,
-        0x05dba16fd745a3fL,0x1687edd7b318d8fL,0x120618af445e3e1L,
-        0x1eaacc72a732049L,0x1ca0ed413fb6799L,0x17fae1b0ea2f608L,
-        0x1f3f5addbe450caL,0x1c65a66523eb145L,0x071242000dfbcc1L,
-        0x1b06e9c291a78d6L,0x1f3e256d3294fcfL,0x01550903def1e00L } },
-    /* 2 */
-    { { 0x15b6dae01900955L,0x04e60e75a32b6d4L,0x041f9cbfa56e977L,
-        0x0f40818668a18f1L,0x1952ea6ea1ae544L,0x04b982c88c89b83L,
-        0x1443d53fdcd0db4L,0x0e149b600e97b49L,0x0fd5306f1916440L,
-        0x05cff39c5922916L,0x036b59e127dd885L,0x143161b9a5c828dL,
-        0x015e1ad49287b29L,0x0ddd150d56ebf8dL,0x088cde66b18ea07L,
-        0x07790026f38b702L,0x161f402b2f0b0e5L,0x0461f593f85f89dL },
-      { 0x04ad3e1e513696fL,0x05d2e0c640ffd4dL,0x04d8f00cf44c0d4L,
-        0x022f4a63783c5f8L,0x1aed610d53da6e7L,0x0ffab3a17632480L,
-        0x144ab4cfa37dfa6L,0x1d7c955ae7c7bddL,0x0d983b465180f4dL,
-        0x09b2934a817985aL,0x1e66aea24635fe6L,0x096ce01f8f34fc4L,
-        0x1640bfd8c20ffe8L,0x0e9320debda2006L,0x098872f0e887485L,
-        0x03d06f307288586L,0x110ace6500bb140L,0x03dfa0b1f128e21L } },
-    /* 3 */
-    { { 0x0174f88e3fd589eL,0x00bc86fcba5018eL,0x0f8cf9c1527f6d4L,
-        0x1e2b249e69a12c4L,0x19b65ac58d091efL,0x14e167f77bce56fL,
-        0x00af34b310988fdL,0x1bb02fb2064a59bL,0x1acf4f4d9a5f1ddL,
-        0x030931aa808db5eL,0x112434bb4503274L,0x1d189b6d0da53eeL,
-        0x16776b0fcc64092L,0x0f8b575b112f778L,0x0ef60a83a3007a7L,
-        0x1c66ec506ce8309L,0x107757574e28956L,0x04c38f6e3382d3fL },
-      { 0x10b76d5776535f7L,0x06b01131ad9dc5eL,0x0b667485bd91485L,
-        0x0eaa2b7eeb8184bL,0x1e9f1675fd4df3aL,0x1439f3925312de2L,
-        0x17128f0d7bedd01L,0x115deb93467765cL,0x1a971b35e806b19L,
-        0x1ae0652d1e34876L,0x17762638788d067L,0x199d2ab5b3c951aL,
-        0x07248d34164cecbL,0x02e057b71767a20L,0x1e03ffc6aece045L,
-        0x1daae7e97dd0438L,0x1add14df768c272L,0x01cbf68851b8b1bL } },
-    /* 4 */
-    { { 0x13e0bb2755c2a27L,0x1217cacac2e2267L,0x183c64a179834e3L,
-        0x00ec4e7a1e8d627L,0x193c569ac3ecd0cL,0x08c0c53c0078428L,
-        0x0d8efc139d2ad0dL,0x1fd24b15471092cL,0x08456617cb8c894L,
-        0x1e31555157cb4d0L,0x08a02d6919a3662L,0x0b1d5325e9f4cd8L,
-        0x193f401e99bc9dfL,0x0261c6072ed85beL,0x137dacf81853f87L,
-        0x16c31aa622a3859L,0x0a41c7575ece143L,0x020123cc2efc9ccL },
-      { 0x1a251788f055746L,0x100200558f3707dL,0x13eeb0a49a5f16eL,
-        0x12b69e8e81c3632L,0x1bb7ba547715211L,0x109cd2128048e84L,
-        0x0a9f9e99d2186e6L,0x1dd75082767e6a7L,0x0afe771922443ceL,
-        0x023469b1c23dde8L,0x1e7fd8f69250b45L,0x0383a84b68acc3eL,
-        0x0d75ff46301563aL,0x159401649e1387eL,0x171c011081c8243L,
-        0x05ce8d1e19b9790L,0x180ca4372fbfa03L,0x00d37e8f3645bceL } },
-    /* 5 */
-    { { 0x07a901a8d5116a3L,0x021ca597afa3fcbL,0x114983aebcec2e1L,
-        0x0ec199f819c735aL,0x0c3f53f21e1be61L,0x088ddb5603f1e96L,
-        0x0c30b760e38387bL,0x1708a8ea60e382bL,0x170dd4748920fe5L,
-        0x1105f16f238c4b6L,0x1eb629649db1f06L,0x1987910ddc0e787L,
-        0x176e831ac4026a1L,0x16280eb2cfedb79L,0x16a15d09a8d746aL,
-        0x069ca15d3120a81L,0x15065dde0a4abd7L,0x014dbea6e0ab0a3L },
-      { 0x0b3c2cbcbf4e20bL,0x1aa47ac662262a2L,0x0d516c32b07c70fL,
-        0x0a01f00c4273013L,0x066905e00c0f02bL,0x080c4673095c480L,
-        0x1daca3c563b5e0dL,0x1c1803b88b07eaaL,0x129803272a45492L,
-        0x1d2b11d07fc9221L,0x08ac00a7437105dL,0x08b24f01d0f5a25L,
-        0x030d53f272b4125L,0x12180f468f5e7c8L,0x1f41e62eb9ba900L,
-        0x024d83cbe7e5f46L,0x17e9342c31022b4L,0x02e84940129c124L } },
-    /* 6 */
-    { { 0x03a2b7eff2f780dL,0x134106bebb58eacL,0x011e1bdd2bb0d34L,
-        0x0421047fd7c7865L,0x1b5e7bf40fd4221L,0x147c66913f20bf7L,
-        0x0efb1443526da95L,0x16ea779cfac2f03L,0x19cfe3f222f3718L,
-        0x1a2744fecef360fL,0x1154fcfeb26d55fL,0x108dcde60179e39L,
-        0x029f0ae6b19d2d0L,0x125c5df04bb6415L,0x0e96a9f98f6fd78L,
-        0x0678e9958fe8b2eL,0x05dc6eb623784ddL,0x00513721a0a17f7L },
-      { 0x081339facaa9a08L,0x18882a9237670c0L,0x05c184e4dd1d03cL,
-        0x06485e05c312590L,0x1b5de98a8d8d410L,0x1df4a92415fe901L,
-        0x0092627be51ad6aL,0x0f571a431726ed3L,0x1d5268e8966617cL,
-        0x1173aa8c5be95c8L,0x11e5cffa359f0e5L,0x0a145602f8a258bL,
-        0x1cc1a2946942e31L,0x098e3841b7a72f5L,0x1ee79428e644339L,
-        0x015a15e9edd696eL,0x0ec68cbb175da12L,0x00ca4be30dc931bL } },
-    /* 7 */
-    { { 0x120b0c6417659a8L,0x15ce3c965947fb4L,0x0602da1de5ff1deL,
-        0x03ceeb26c6ab6ceL,0x1561b1864caf58cL,0x07a4a328aadedb2L,
-        0x02c80b9938d55e0L,0x0c1d615936e4535L,0x188594d782571bdL,
-        0x0e6049cf1fd3c7cL,0x0d20c0ab0b4de57L,0x1ec1721e2888f71L,
-        0x013ce4b3c1505fbL,0x0acdae0c5630874L,0x1a80888e693c9ebL,
-        0x038f6bf4672e6f9L,0x1a6e578730b8dffL,0x04b5c8dc5a8bdfbL },
-      { 0x1a991f49aac087cL,0x17ba7367ed946e0L,0x1e697dd8035b398L,
-        0x09f22ff39211adfL,0x1de52dbfd781cd0L,0x0b90c03bcb7afb1L,
-        0x04df79f6d9380bbL,0x02c1e10edecdf48L,0x13271ee643ca1f7L,
-        0x1cd902c3e255c51L,0x05c41ce520411f2L,0x121ab318b86f974L,
-        0x0a6f20e125df9a1L,0x1a794816865b739L,0x18b73ee8c508813L,
-        0x186a285a51972f9L,0x09ddf261b8aa3d3L,0x039f9e98ae7fe12L } },
-    /* 8 */
-    { { 0x186855be6fd3673L,0x1b857ce90a5bdaeL,0x1e437311b34cc26L,
-        0x0ab2aa21bd1a665L,0x18c1251ce553c01L,0x060de4aba3504b1L,
-        0x0ea3f35f3a96e17L,0x0f89ff428d0005dL,0x110a3cb7022fcd7L,
-        0x14ccefde27502f1L,0x1683413be9d5badL,0x0f3db9dabfb066eL,
-        0x03251fd56e4d902L,0x015262f8a40c920L,0x0d0416fa1d8ce92L,
-        0x1caf062e1a26036L,0x1fa93998b0f7247L,0x04449a7b221b5d0L },
-      { 0x09f43b04713eabcL,0x1eec8d666e28bf8L,0x18efbc4f29f1329L,
-        0x144b1030964fb54L,0x195dc2698b2e5a7L,0x1978a605465b096L,
-        0x04d70d1a5d68b87L,0x1c63e5371dbc2e5L,0x0c3cbfd6ed40bc1L,
-        0x1fa359f899311edL,0x16f9b7ec2dda074L,0x068aadb48689822L,
-        0x18a8e43d985e31cL,0x05eeda7553e31f8L,0x153d631572c820dL,
-        0x0d3b362d4187094L,0x0e174eacca246fdL,0x0068c4c5d8a9aa4L } },
-    /* 9 */
-    { { 0x0a73461e35ef043L,0x1b3ec9a4b5ab227L,0x1cef43e0e8f041eL,
-        0x10a3a5386bac582L,0x11b1c1a4fad4b03L,0x1a1dcf1fa144153L,
-        0x1d50d74af3d9952L,0x1838ef62b54557bL,0x15cb38a80dabe3dL,
-        0x0fed0575240b39dL,0x05ad379ee43af85L,0x1c4a5791e7b10d3L,
-        0x1637c4e42484f87L,0x0bd3d7ec56f681eL,0x132e4eb97b7999bL,
-        0x1472301bb2b4543L,0x060a55cfd2546fbL,0x015ed58ee237c17L },
-      { 0x04de22bfa6fed61L,0x0c552e646eca73dL,0x17c41c488bd7291L,
-        0x1fcb5fe6ee7c6e5L,0x0a738e6d06a4b44L,0x18f89b5e1685d3aL,
-        0x0a444691c38757cL,0x10aefff2675c205L,0x08b380a50310c78L,
-        0x19e01143c1fe2d6L,0x1a249511c9741a7L,0x1c2cb5908443d8cL,
-        0x0fcfda6e8a878f0L,0x1c66955d4d1d78dL,0x1b43ab8060fb4ddL,
-        0x0c82a659b7ac104L,0x120b3234661cbeeL,0x01a9f5c495ce080L } },
-    /* 10 */
-    { { 0x0fdcad610b5521eL,0x0da202973817864L,0x00363ff69270684L,
-        0x1597e6d75ac604dL,0x0c10a2d7cdb9654L,0x1873f03dac6708aL,
-        0x0a04c79747df798L,0x0ff197c7afacec1L,0x1eb35866b6480d7L,
-        0x0394679bf81b10cL,0x0197b50aa29d5d6L,0x1e3b20d450e1babL,
-        0x04a51f906b283f1L,0x0a1d90543cf11fdL,0x079dd53cab1ba0dL,
-        0x02ddc9e16c6f370L,0x07d57fbc0d48400L,0x046d103b8f310dbL },
-      { 0x0855004ecce65ecL,0x0868fdba40c2f1eL,0x0f29e1e5eb49db4L,
-        0x00efca955ac97cfL,0x1e0df0ff43444dbL,0x0843520bdb5864dL,
-        0x1568e3f1095b015L,0x171f2a58877fae9L,0x0501e005a01c4edL,
-        0x08b96fe252bf194L,0x0339394d75bb8f5L,0x1cb818ca1231b68L,
-        0x07857561fcbaef1L,0x1a5112637428a2fL,0x103828b91a14da8L,
-        0x007f8d351c44e1dL,0x15fb3f52247242bL,0x04317aaf161df5eL } },
-    /* 11 */
-    { { 0x16a390f226049feL,0x152bc6e5de4fd96L,0x12925d8d3edf324L,
-        0x0c7bd4b1274a5fdL,0x0a49e9162b340cbL,0x0f20f9d1cf99c51L,
-        0x1f9009acb7cf652L,0x1458e38f9b60cb4L,0x04a9b84a0468281L,
-        0x1f75a81b98f7765L,0x0244d1db2edc958L,0x13537294cf19cdaL,
-        0x1b808fd9f10cf97L,0x1057e2dcda26c61L,0x096f9a79836984fL,
-        0x1ce9ea5b9cfbc7dL,0x1903a5d6864dc1eL,0x038d594489de403L },
-      { 0x1618fc43b5b60adL,0x1af18250618c267L,0x0732f100cc082beL,
-        0x07b63818cda4470L,0x06112a8d33cf895L,0x0b3d434e4ca726dL,
-        0x134a75eab8b0f46L,0x1f7851aa926b6f5L,0x18075bd136c9a57L,
-        0x0e01b9f4e4213fcL,0x12863464c897d72L,0x1a2688580318597L,
-        0x07fbb3a72773777L,0x0cb16e0c75f2f6aL,0x1022019c10df524L,
-        0x1e6b9e7383c125bL,0x06503e9c6f715ffL,0x046843ddb2f1b05L } },
-    /* 12 */
-    { { 0x02123023fdc1844L,0x113f7882f562b5fL,0x181bc5a28d21bb2L,
-        0x1bc3af499643074L,0x1ef5d43e295f807L,0x1812e3b92353193L,
-        0x138fab850c8171dL,0x0ea97bf8f95e690L,0x0ec939895df52c0L,
-        0x1732afb6bd4e560L,0x17f8822ebb76c20L,0x0fc8a4fbce6330bL,
-        0x1c313de1ea79c81L,0x0627b65d986707dL,0x0ec833677e56e27L,
-        0x1f603e55dbe3debL,0x1ecfc1e0a891a8cL,0x0112f69a531f6dbL },
-      { 0x013154dbabb1a85L,0x06d738f352b2d1fL,0x155aad2c403f4f6L,
-        0x1dd78f1c35a642fL,0x08e73d37d44d934L,0x0f21e5810a990daL,
-        0x02416ef242fe880L,0x1427847e3a04ea0L,0x02a2e5000c86691L,
-        0x0595d693032c20eL,0x1072bcc009ad802L,0x05e8a4ed9cc22baL,
-        0x0715932ffb1712cL,0x153a657900e261fL,0x014de91e25384f5L,
-        0x192fc05adebbe18L,0x07ba8fb7602c2b1L,0x03095b072e8443eL } },
-    /* 13 */
-    { { 0x1d495cfba245d6bL,0x065dbd1671ffb77L,0x0b037fd7fbb973cL,
-        0x119e518d4649b45L,0x0308a56b90c914fL,0x0b901a397eda86aL,
-        0x127a40f6fdde44fL,0x1039f4bd9230455L,0x10dde73c83aea3eL,
-        0x02dd4b13314489cL,0x1d922f29ab2f4d5L,0x0edd3140d0754a5L,
-        0x0ca378ed52ff6f2L,0x042d60ec929b69dL,0x0f2129cd4f0b152L,
-        0x082cf95fea5b401L,0x06e3971f81c3768L,0x007b99a70e96bccL },
-      { 0x1bb5c836596067eL,0x0a70c9c60cc0357L,0x059ce72c3730cf9L,
-        0x1a84806bf3050bbL,0x1fef90952b53f43L,0x07ab8d1c6298fc6L,
-        0x09e1e43efa3936cL,0x04134183da54739L,0x02fecc1d6606f26L,
-        0x0e44858b95be5a5L,0x129bef32ede1a27L,0x0105fce7dc93867L,
-        0x17fcb66c48d1b11L,0x0370a2b9ac85be8L,0x0fab6164d5ac29aL,
-        0x061f6ebad05880aL,0x149b2ae55fac54dL,0x033b1b5397c5774L } },
-    /* 14 */
-    { { 0x18063bcb91d6beaL,0x11d17491f65cb31L,0x064b189eb29ab89L,
-        0x14ef5f3cfd3af61L,0x04aafebbc6ed001L,0x02ad48490a56679L,
-        0x126768d592e59e0L,0x14a01333639c04eL,0x1e413a4e1e46a06L,
-        0x02e89fb1728f7f3L,0x01f4d26ea10efa8L,0x104a63062b3c6bdL,
-        0x1a546019230a633L,0x1bfe8e793011f45L,0x1cbf54e6c41dc86L,
-        0x15e708d6aa857fbL,0x165b314f4f81c18L,0x00437cc3b305644L },
-      { 0x07019548cbb9850L,0x05b98510696463bL,0x015d4cd59c31884L,
-        0x0a064975d48109aL,0x076ee9b43ecdc59L,0x07fd32303fe2f96L,
-        0x118f3ce4f403d10L,0x1cfc0222f2c5b82L,0x0f00b82519c7725L,
-        0x0f3039b2de8e8c3L,0x015530b3dcaab0dL,0x1fbddf4692fbe7bL,
-        0x0cf646ad11b4dd0L,0x0fbdc756eb89134L,0x01b7f941f082beeL,
-        0x0a934c612d3a9f8L,0x01076b7df1c7245L,0x0340fca01f30d74L } },
-    /* 15 */
-    { { 0x0ad5163c9a0623bL,0x014abb3fd5c6a3eL,0x03b206bdf1f36feL,
-        0x11d2cdab8459956L,0x10d4e41c469e38cL,0x159ace1a2186a97L,
-        0x0049d0981d68a94L,0x082485ba7c6677aL,0x0cda3f6359fed23L,
-        0x0f99b986bea97fdL,0x1d5bc1d9030fbd3L,0x0438377bcaf8bffL,
-        0x0aeb8bb3364783cL,0x15684202ec3c251L,0x0d8af507b1f14cfL,
-        0x1a95e96fe2847f3L,0x10a5543145c7075L,0x0064ef4a55d302cL },
-      { 0x0d7273595d5682bL,0x0214197613b76c7L,0x1b562cda8349c47L,
-        0x090931511fa3e95L,0x0480f45162ab40cL,0x0e7ff12c647e312L,
-        0x0d6762f23292edeL,0x0bb2156b078e034L,0x0aee31a733fd5d1L,
-        0x152acbde489199eL,0x072b92db0f8f080L,0x085853270110203L,
-        0x1df47c8199e5130L,0x195007490700141L,0x1d6b8ee435a3963L,
-        0x06164d3c5be834eL,0x196b8d2eca5871cL,0x0399ee5075d8ef1L } },
-    /* 16 */
-    { { 0x1b495d04b59213aL,0x1901cc6b810077aL,0x0698ad9dc707299L,
-        0x08573d619697961L,0x0cdba21226adeedL,0x044868f5aa23aa4L,
-        0x11ad0386aff37c2L,0x070a4a132c6d31cL,0x1e1bff0b082e9c1L,
-        0x0c4f266a884cd38L,0x0326f326e4731e8L,0x0fb826fd897c46cL,
-        0x01d1519f6e9bd4dL,0x07c19281e81ab29L,0x1ba8ad2fd7db5e3L,
-        0x06339c86020631bL,0x1d7c3132494ef4cL,0x01559dea3878fd3L },
-      { 0x153b680922c9fbbL,0x13ee4078b6368abL,0x04d6eb05bbf21a7L,
-        0x0908da3b370688aL,0x12d62c214326a3bL,0x14956ada8bff71dL,
-        0x0b04da416be882cL,0x11a54ae2634595bL,0x0cd904d8febdbcaL,
-        0x1f6d4379f9b2fd9L,0x1ec82371faa8737L,0x150948bcef80e12L,
-        0x0ccf5d118e89a35L,0x0fb74cf420bd031L,0x1e821f4f03012a0L,
-        0x055a5888e096174L,0x0296f8a27d13ea2L,0x049d25a0b2613e9L } },
-    /* 17 */
-    { { 0x0271bc11f1efb7aL,0x1347319fe6606eaL,0x03c6c47d42a2b93L,
-        0x1f5e0ec1133b379L,0x043d0e035430398L,0x11ea60a2f1217daL,
-        0x0b425cfb09467dbL,0x01f56e1ef217537L,0x0de612ad5f9add1L,
-        0x01bf2a70a74a15aL,0x095b4f76e2da2aeL,0x0678358548102ebL,
-        0x10f0c80f94e85b2L,0x04c6da7cfc7fb61L,0x09f73752dfcfedeL,
-        0x0712b458c089e8bL,0x163f3abb2f6fe3dL,0x01a16706b99773bL },
-      { 0x1261394cf491b1fL,0x1776b8c84f1caf5L,0x156a7f936fab72aL,
-        0x1a927ac09bb9880L,0x1ce5ebef17a6611L,0x0c4e5add222d1d0L,
-        0x0101ba0b8a1638eL,0x0ab72de850507ebL,0x099877b99a156cfL,
-        0x1c83533270b3507L,0x074d4eca5db44ebL,0x1e4e6d8c34039d4L,
-        0x13b0f55d86efc16L,0x0759a600ed82621L,0x1980a00f2d2c9a6L,
-        0x07d8a71a0fef055L,0x12043ac3bcb43beL,0x022afa579f0ab7eL } },
-    /* 18 */
-    { { 0x057f262754ec21cL,0x06a64f1d0dd1c60L,0x034445b07fa4fabL,
-        0x09d599156c74042L,0x0a6f32cae4ea4e9L,0x1cbae718e0064d7L,
-        0x087a572d88e761aL,0x116ca9abb19429dL,0x1230d31f45067fcL,
-        0x05dc865b1aaff65L,0x007b3b705cba392L,0x01519600ce6ef1fL,
-        0x01e162d01228838L,0x02d78a2e0cd8170L,0x0b70d503821e81bL,
-        0x180cde09b916f6eL,0x1b7f70ef2148de3L,0x0278a412189804fL },
-      { 0x0004fce6e2055e2L,0x123f543619033afL,0x16557e76aa8a278L,
-        0x1f9d6fec769d797L,0x063784a0d15f212L,0x1b0128af662e0fcL,
-        0x0a5514ece002dd5L,0x033d726038714d4L,0x00f16ba18a13cddL,
-        0x189e928c43e1692L,0x08d6166a504fda0L,0x0bcdfc7faf8bf32L,
-        0x1416e0ee0542340L,0x1fd6d55833c5759L,0x02111c47cef9eecL,
-        0x05fecf203f45905L,0x10bc950db304d66L,0x03a6ae96a1e008bL } },
-    /* 19 */
-    { { 0x1002dc02b5bfe11L,0x1a086a96990f3d1L,0x1d9659e6ea241ccL,
-        0x08d0b646dc2b241L,0x146f60400e248c1L,0x038bf8467d5aca1L,
-        0x115da7d5ebedd03L,0x08e1b756518cc08L,0x10fa099689cdc32L,
-        0x0f0157161187682L,0x185553916fbdd10L,0x13059c9af6de1b2L,
-        0x075e62d22e9688aL,0x1e965d147d6f7d6L,0x1f1d27ebc544a9aL,
-        0x0b4d6f10d1cc57cL,0x02988048d81ae9fL,0x0358d2a2162c2bdL },
-      { 0x15ab9ad43242066L,0x178da966651574fL,0x1b1e623b71382bfL,
-        0x02068361ab63687L,0x150aab370d0c00fL,0x13254ca6b45c7bdL,
-        0x1a13a6a3939bfceL,0x0b8330671f6fe34L,0x18bc0e748351a0fL,
-        0x0567966ed62228aL,0x14e6657a7fddacbL,0x167e2c7260ab829L,
-        0x05888d837654a01L,0x19193bd8b561f75L,0x076eefee1366a69L,
-        0x0e2f132264d23c2L,0x0c8597717aeabb6L,0x026109a9345d8a5L } },
-    /* 20 */
-    { { 0x06fe0a695532833L,0x111476b13683397L,0x0f659279cef6af2L,
-        0x15e0789818455deL,0x15169b452083a87L,0x083544f4aa73ae9L,
-        0x13e415dd427b9d1L,0x12293964edc55d5L,0x108275d77fa409fL,
-        0x0f5b79ef85deb5cL,0x080b2f904c9c118L,0x184363893163290L,
-        0x08361fee5935f3fL,0x087028f9bb6345dL,0x039c10a8632ef65L,
-        0x03d16470950f263L,0x134292abead80ddL,0x032b89e14ae1be1L },
-      { 0x0cca8e9ceb77b9aL,0x1f39391db4a34eeL,0x1b9a8075aca0be5L,
-        0x1ab57d9bfd8ed57L,0x09290d703925203L,0x18a21c44a240411L,
-        0x11f0fe64c5092c0L,0x04e08413be2f9a8L,0x17c6f2059c855c8L,
-        0x0bebc312b607034L,0x16dbf904b653136L,0x0b23329883bab53L,
-        0x01c89e21a319a64L,0x03501f87091a455L,0x05bfab35a412d43L,
-        0x0d276ab82a2ad4cL,0x0384e36d1b57cc7L,0x035874cb61dd71eL } },
-    /* 21 */
-    { { 0x0789fabcceced00L,0x1f38d72dbd53319L,0x09a4b77af37cc8dL,
-        0x016c3b5b1f0f65cL,0x135f803cb724512L,0x128786f08f2f246L,
-        0x0ae4bed37d75e63L,0x07ac1dcd16979a5L,0x198ab2f5c1ce336L,
-        0x0dd1ced3e6a1323L,0x15cbae0fd3ecfc5L,0x1d11cade11b634cL,
-        0x1e172562c20f77dL,0x052c787a0ba1bb0L,0x1475b8af8d27fe2L,
-        0x1e769c09b4e3709L,0x1f8368f03429e9fL,0x020115102b3c111L },
-      { 0x07bbd0583847375L,0x0b5b11fa28d7829L,0x09352cb1fc60eb9L,
-        0x168a4b731ac331eL,0x0e0884b5ee323f5L,0x0963bb54ec69cd0L,
-        0x1055340175fdbecL,0x179ae38907ce117L,0x18ca6fd28742541L,
-        0x179ee66fc1cbeedL,0x14c494fb33c90c2L,0x0210b1b0371b701L,
-        0x0171391f68c743aL,0x19ddb2bf9fa4759L,0x191f8c524ebfe20L,
-        0x0f3ec3a2bdacc0fL,0x15610159b11e082L,0x01890bce5925354L } },
-    /* 22 */
-    { { 0x14cc3ca07615ac2L,0x12f32090d6ac0d4L,0x05be9e61ade6161L,
-        0x173abc1e3b5c8ecL,0x1d9457ea395a40eL,0x1432ecd48a19321L,
-        0x0ba32379b5a8fe8L,0x1960ee3b72c2029L,0x077a7cce6976a87L,
-        0x1ef21708a1d07b0L,0x0f3027664f64d29L,0x0d2731d8987bc40L,
-        0x183a25df4b92018L,0x115816b5ebbaa36L,0x169c6242b67ad1dL,
-        0x04377f555e411a0L,0x1ea5238181f4312L,0x020beb63c399a88L },
-      { 0x0bd81b70e91e9a8L,0x0020c61b86b599eL,0x042a3aa88dcdccdL,
-        0x08d8facead04bb6L,0x14c33ded8f2b09eL,0x0af1fdf144774dcL,
-        0x1a22336109aec5aL,0x0c54c2ed90db9d3L,0x13f4c89226165e3L,
-        0x0a7208fb031fd84L,0x1eb08323e781314L,0x0d39bfa55ac2d20L,
-        0x048452199acef74L,0x09561a315d185d7L,0x0b520b4c1a04a4cL,
-        0x0132a0237d0e792L,0x00aff4cbf89e833L,0x0010c4ea968a385L } },
-    /* 23 */
-    { { 0x1e419dd92599c69L,0x0110dbff6196539L,0x0f4826efeff56e5L,
-        0x08c7db12b7657f3L,0x1f486f7961ea97aL,0x0a0d1cb3048a359L,
-        0x104d6f471e817f4L,0x0f78f3d919f07acL,0x17f8fd42f988350L,
-        0x1e5a9db8bd9e813L,0x1637359f296886bL,0x01599a292f0d0ccL,
-        0x0e34b95067a6a6cL,0x0fa24ac60b79eb8L,0x0a00848dc48238fL,
-        0x058e3a5bac9cdd8L,0x0fa33b2c4ab3078L,0x03ddfc55ea908bbL },
-      { 0x09e4aafa78b981aL,0x1a71b182764145fL,0x1ce4e5677a8de22L,
-        0x064816738e188b9L,0x08383b7d70a9bddL,0x1d081324ce6bee9L,
-        0x1c6ccc1a42cb8c1L,0x09044c5ab31dd25L,0x0c62d77deb4725aL,
-        0x0b792de3de1d507L,0x162d97457bdfea8L,0x043a172dad1ec5bL,
-        0x03a00f1906d9792L,0x15ba63a05c9442eL,0x15d888be91dae6fL,
-        0x0a09e42fbb76b8eL,0x16bc2782c305788L,0x0430684b67c0938L } },
-    /* 24 */
-    { { 0x0bc337d4d79bbf9L,0x1f55c34fba7c07fL,0x0254cc41354d754L,
-        0x1432df172ffe6d4L,0x15ce69092ab820dL,0x141baa4b0e9e8fbL,
-        0x12e6ec65fb01011L,0x1474d19c37f274dL,0x1503456ffc5f021L,
-        0x08516d8c4a07fedL,0x143e3fbc010826dL,0x02ee092cb0eaef8L,
-        0x198bb8770ad635dL,0x103c729f392bb36L,0x1f20de23866c0a2L,
-        0x073406c9a9995f3L,0x1201a3df411f0ddL,0x03f40722101d6fcL },
-      { 0x15f8a57539a1ddfL,0x073d7772432b125L,0x047605808787492L,
-        0x17fa6da58838f69L,0x0aec00d92e7b871L,0x09f8d9ed1c5a820L,
-        0x1e35bca09d84986L,0x066d387fd0df63eL,0x156c8b786e827acL,
-        0x143fb639a43e47bL,0x1c885c677b96f05L,0x0e7ffe732831571L,
-        0x14a9027c8004e84L,0x150e971479c2600L,0x197bbc6659efa6aL,
-        0x106f90d2d0da7c0L,0x063737c6b08c7bdL,0x02ee55ae8cf45ecL } },
-    /* 25 */
-    { { 0x184283a9a7d772bL,0x0f292f2a04acd83L,0x002219052ad5ad2L,
-        0x053ae96552a8d76L,0x003b0b1bd444816L,0x09fc35933c48569L,
-        0x00f1c79ea0af323L,0x19e26a57f6bb0b5L,0x1f29f16e3fad07cL,
-        0x01531dc20f0621fL,0x1c8b15acde7fbf0L,0x0ca762489e4d209L,
-        0x1f3a28bdea19d8aL,0x1b6a2ae7331adb6L,0x1fcdcd462da2147L,
-        0x17b56e958503139L,0x098ad40f9df8b2cL,0x0046616cf56e4eaL },
-      { 0x06a6866c170c84bL,0x04f45ad24d24217L,0x03834132264aee6L,
-        0x10c3674846f61c0L,0x10d0189955ad347L,0x0806599e4a92285L,
-        0x1db438e4885578cL,0x0a6324cb6dde064L,0x00fe8595a76d42bL,
-        0x14b6f707e31a9dbL,0x18372091be24f82L,0x057de14e9974ec3L,
-        0x043fdfad9b4ec90L,0x07edb4bab080434L,0x1dd642975a98391L,
-        0x0146e7ea75590fdL,0x1b0d29e6be01287L,0x04c8fd6e0aad52aL } },
-    /* 26 */
-    { { 0x0bc4b0fb4844ffeL,0x1138a307c5c38c1L,0x0389338fc7cdce4L,
-        0x082c6a33d915800L,0x08288b5ff0d548bL,0x0e4d383d57c215cL,
-        0x1f59e7a2c3130afL,0x18740daa2a4974bL,0x0d0b1afa0f93cdeL,
-        0x004aadd6fc4fc78L,0x0fa4b7ba8cb248aL,0x1f327fc0b7c90d9L,
-        0x15fa6919aa0cae3L,0x17078dc5f930384L,0x1b3e6203d51d079L,
-        0x123ae55da3ee861L,0x1e99296f76b7349L,0x03367c69412cf87L },
-      { 0x101905b226f5868L,0x174460b484f4f4dL,0x045928dfad53040L,
-        0x119302c64657a11L,0x06bac53cf72253eL,0x15557b9bfc274ecL,
-        0x011b8b8d49152bfL,0x05ccf90deee5940L,0x086bce50e666337L,
-        0x151d4b05b4a8502L,0x06535ff06aea4fdL,0x02578264dcdcc3fL,
-        0x042e56b0051957cL,0x02c93a064db2c7fL,0x1fc9a96734a5ff2L,
-        0x05d76eca99d362eL,0x048aaa699dba79dL,0x02fe5062d0765b2L } },
-    /* 27 */
-    { { 0x06e25f3569a6663L,0x0bf73f3552653f1L,0x169a3462e030256L,
-        0x0a4524ce604b499L,0x07387209450602bL,0x199d29cd7afb280L,
-        0x0a547fbbb6cd099L,0x1341eb9ced10caeL,0x1872a360b8398aeL,
-        0x01a3d4015987b61L,0x04ec8c685885618L,0x1f25dcd8dbd9a42L,
-        0x085cbcf9e66fd9cL,0x15d1ff4242f852dL,0x1b35c9f5e969b90L,
-        0x0342155fcce40a3L,0x0b4e09c6bb2a208L,0x032bd65f85cb9d8L },
-      { 0x130466fc274c8d4L,0x128bb1854ca6898L,0x0329c1e50d7d09dL,
-        0x0dd712f40c42e4bL,0x161ee1304485040L,0x0bbc5df9c6ff772L,
-        0x0e7a447d3eb3ea8L,0x064ecb8cc2f7357L,0x1b135499bd8f109L,
-        0x075b19bd39dc8acL,0x0733c5bdfa2dab0L,0x007430fbdea7e58L,
-        0x09830b9c625b32cL,0x1788729c44d68eaL,0x17d56f05cd7ab8cL,
-        0x1b61b6397b3853aL,0x1bb42428c47e539L,0x01e96d209642959L } },
-    /* 28 */
-    { { 0x1702b6e871f2865L,0x1b1cf8a14906b4bL,0x0a8116d618455b2L,
-        0x03e7627024650a4L,0x112206e8f3943adL,0x06acf5736110053L,
-        0x1dd670a24396a8dL,0x0cf56a5fa81ed6fL,0x0f522c8de180bf5L,
-        0x00f4bd9566771cbL,0x1d606713a972ec6L,0x0bd156a3a7dfc06L,
-        0x0abcb50fd80d998L,0x0bf0e406f1364b6L,0x058d5f7ee75ac4eL,
-        0x18ff6b0563029efL,0x06189a7822107f4L,0x001577796e01abfL },
-      { 0x1a7926f2c7ec9beL,0x1983f392c590095L,0x08431be9ad28a4bL,
-        0x13c5798b56e9cc5L,0x1bb8c07380c0854L,0x0f8ca6da0b06dc3L,
-        0x12a7357bc14a4caL,0x1a21d71b428dbb4L,0x00b5d43d215ea23L,
-        0x075f7817e1a5fd7L,0x0d9342121d5e9dbL,0x06d05a69994759aL,
-        0x021d2d95e2c1401L,0x1c37551404e533aL,0x0597fb30ff475b9L,
-        0x124073d6226db45L,0x0b048871baac077L,0x035a23600a58ad7L } },
-    /* 29 */
-    { { 0x019eb2e25e8fe80L,0x1bc834c11c50be4L,0x065a07906124ad7L,
-        0x0d31d4da8bade3dL,0x1fd02e4058ad8adL,0x0920b6add72d6a5L,
-        0x1f28405b70c9ea0L,0x1231663530b4668L,0x10b4da61082a653L,
-        0x05c8d96da461afdL,0x1a05f34aabe3107L,0x09079bfb9b813d2L,
-        0x0112b692541a630L,0x1c51504bb82ac9bL,0x1314a057f735c4bL,
-        0x0c12ab356c4746bL,0x12f30c8ebe0932bL,0x04309a125d84702L },
-      { 0x0902063b2231d8aL,0x11194ecd30b3394L,0x1f9c1c6a7c9ec3dL,
-        0x00c07e08fd55f41L,0x1d92a1c36bcd896L,0x0a41db08c6653b7L,
-        0x14988d05398adc7L,0x0b5424799bb74e0L,0x11a576437fd9b5cL,
-        0x0980de1264687d1L,0x02b51040909f369L,0x0bc1a754d8052deL,
-        0x00072a39960e6fbL,0x02069fd6e6c6244L,0x047550536bf284aL,
-        0x0e69a53e9947bbdL,0x17c0037c5988441L,0x043199d4cce67f2L } },
-    /* 30 */
-    { { 0x013a751ecf53b40L,0x1637917bc52a169L,0x038bc4eb95b73fcL,
-        0x1e1cc2e91c1eb3eL,0x172c414591f8ccbL,0x0e6e5b8556f65ceL,
-        0x1f1c1acbb614932L,0x0051c016e583d5fL,0x089b24285aa7281L,
-        0x13f53f05b3ce57dL,0x0e30993c29bdbeaL,0x02e61d00872eba5L,
-        0x05c85730497ed7bL,0x04c3749f2d49f5aL,0x08302bf24afd750L,
-        0x1875ea4d6b538d4L,0x0c90adf47c9b99dL,0x009592ff15d1016L },
-      { 0x1b8d78a33eea395L,0x09b0c7b19fe2e04L,0x18a49c3b3bbf1eaL,
-        0x118c51da18fd042L,0x01d68939524779bL,0x176e4848edae50dL,
-        0x1cefe189b863961L,0x039fc047d17fd67L,0x06279fde1025017L,
-        0x09763ee2af0b96fL,0x1a1a571b5329179L,0x10f17b7821e288bL,
-        0x086fc3835e42de3L,0x1f085b291588a6fL,0x039e3fa7eae9159L,
-        0x015948223b05472L,0x174576b61c2aedfL,0x010b13cd4ba5665L } },
-    /* 31 */
-    { { 0x14cdabf4047f747L,0x1119ee098ad0f60L,0x0f4d0397429c0f2L,
-        0x13768270d2b3cf9L,0x0f01fbd81fd0c4eL,0x15c11e8c4e84588L,
-        0x002854112710a9dL,0x1c9038449427316L,0x108084e4f8e8179L,
-        0x0c57cca34c720f4L,0x038df15842fcbbfL,0x087f4fa4f21e3c6L,
-        0x0cb31953884e6a0L,0x01bccefececb730L,0x1fe40bf9d7e61b4L,
-        0x082dc76951e23f1L,0x15efa9453787588L,0x010341f1fcc13a9L },
-      { 0x1582e26d0378878L,0x0a611d3ca2bc3e5L,0x02fe3d9a22ce788L,
-        0x0a80a2a4e027a00L,0x00111f5d7548d4fL,0x1ffc813889e0aeaL,
-        0x11730efd6949aa2L,0x00b7b4d60213692L,0x183dcc74ebc2f3aL,
-        0x177b14221f7efd0L,0x183ba559716fd0aL,0x021ab25e4875a5cL,
-        0x121bc3bf514f0faL,0x102bb53a3572c59L,0x1cc206a04ec21a1L,
-        0x1dcb2178047f09aL,0x1959fd03aa032dcL,0x02f20b5fa93eb63L } },
-    /* 32 */
-    { { 0x0313760026cc23cL,0x0d5775ad9482c12L,0x0be3174bb85fe06L,
-        0x17dcb988055244eL,0x17def07d8048e7cL,0x17c10f6de3eb773L,
-        0x0ee25875a4913daL,0x148bef2cddb32d9L,0x0f81b17ea96a155L,
-        0x16cf7b801f9f6abL,0x19641ba20a96cacL,0x00e55d28e300bcdL,
-        0x11658c76f486fa1L,0x0581ad501a6cfe2L,0x0f992067d80f703L,
-        0x153df6f673fd6ebL,0x1e3ca87554acf04L,0x027fb417643da7eL },
-      { 0x125627fd0a10ad5L,0x02e394b4737a298L,0x15ae01a8458dff5L,
-        0x1bbca067c653037L,0x1f4f8988b92de1cL,0x13f0ee1da25a2f5L,
-        0x161e3286e625b6bL,0x08ea42cdcb40ef1L,0x182d472bea51168L,
-        0x1ee9c157944aa22L,0x14580975bb1327eL,0x16396caa560445dL,
-        0x13a1e6210f3614eL,0x010d3a53b1e2efbL,0x172f537a4580a14L,
-        0x1c533489948018cL,0x07c48cb187e0f15L,0x028f5c0c71a0128L } },
-    /* 33 */
-    { { 0x1c1d178b92100abL,0x11eb04b02dc1c8fL,0x0956dc7967437cbL,
-        0x0a29f97c08254f8L,0x19fd06af3f8b667L,0x01068387451c9aaL,
-        0x1ef9558c9940848L,0x0a8cd2df9a2a51cL,0x16588514b0c7b76L,
-        0x06c07c62c8952daL,0x1fbc13cc932dfc3L,0x1d9f8db47aeb175L,
-        0x1831d1df2f6b53eL,0x19c095b6f6f7a46L,0x18980c7ccdae595L,
-        0x1e137905d5c95dcL,0x07f300abd32d244L,0x045857caa98ecb2L },
-      { 0x170180a2e603544L,0x19d61910d66cf5bL,0x19958901c0c8ad5L,
-        0x1b7135787a742feL,0x1793225aad3e74aL,0x012b25c51e971d6L,
-        0x14ad515eee813bcL,0x1d110eaca5ff85bL,0x0d2905d15e67143L,
-        0x0c425a1017246b8L,0x0648671d8da95dbL,0x08426bc6f1be0dfL,
-        0x1d10c64a02a8dc3L,0x060abd334ae0eb9L,0x0928d5335a93b3bL,
-        0x0653b75b983911cL,0x0d08024f1b29839L,0x029b1f2a4a6d245L } },
-    /* 34 */
-    { { 0x15523b7e23fc641L,0x07397c33338318fL,0x17d6380274bff95L,
-        0x1f18afebc252942L,0x116d64dcf203997L,0x1517fdd114b9265L,
-        0x03b59a5ef93f52eL,0x06c7ea0fc8c14ddL,0x00afe3a5d785085L,
-        0x177b66ecaa04104L,0x1f6227cb108df3bL,0x1074b870a4a6e03L,
-        0x0d72a212f1496d8L,0x0ffbc7e6f12e33fL,0x1bd05192d059e0cL,
-        0x00d2fd32ce00982L,0x0c3fa45c3a1c45bL,0x03199a00c1fde98L },
-      { 0x1c9a0cca2fbbbceL,0x1b72e55065ba21cL,0x0438d0e3b38e1dbL,
-        0x1c27005b0539cc0L,0x1cd45a1b0aad148L,0x07e0f04e1f2e304L,
-        0x137421d72e165efL,0x057633fef21b0b0L,0x12598b81ed81c2aL,
-        0x0c5ef97815f03f1L,0x1f23bae5d973a44L,0x1b11649f2b5c0e9L,
-        0x1c0c98f09d125e9L,0x105ba5939dd8966L,0x001df3929abb81eL,
-        0x004de8e47a5f381L,0x173959447d6bea8L,0x049d383ae0b1405L } },
-    /* 35 */
-    { { 0x0bbefe2715b27f9L,0x0d2f11514049193L,0x0ebff56289aaa4dL,
-        0x0cf8270d28bbbe4L,0x092a215354c83e1L,0x0684faa23ccde4cL,
-        0x1a9a139b91c426eL,0x16d8c75ec2dab11L,0x05e896706883ab1L,
-        0x009c9d01e90499bL,0x1ca4864b08f768fL,0x16f5b9edd487a05L,
-        0x08791559e1ab70cL,0x16b87f858921a75L,0x0cae914101a036dL,
-        0x1971e3421fca450L,0x1fdd69f9c08e5f0L,0x00d3a11562258a0L },
-      { 0x1a9dd2e9f40b675L,0x03301fe638f9ce1L,0x098465238d08a9fL,
-        0x11da15690831273L,0x0e31ca6b8f3b615L,0x146db1d1d53ecbfL,
-        0x18b92f07a197bdeL,0x01e62bf181258f8L,0x1a260788f9f5c6dL,
-        0x0c19894a5b79f62L,0x16f358dad36126cL,0x112178d33536e75L,
-        0x182a1175e766e14L,0x1e29e527df9bc86L,0x1fd8245fd0d816bL,
-        0x1056caefed88f0fL,0x19c827c7552600cL,0x004a26b184e92acL } },
-    /* 36 */
-    { { 0x1deb63ee6ab9620L,0x07d36bc366c0467L,0x1609158c82cf7fdL,
-        0x058928722a28bdbL,0x173b3f872ae5f86L,0x17cbd4ca847409dL,
-        0x06d88ef6017cf94L,0x1f9ee36b8519305L,0x0b394c70e86e0ceL,
-        0x1a7d8d491ded9b7L,0x1d618b6f89f9694L,0x1be70756c2d3ac9L,
-        0x1127c828cbbae23L,0x1d183d456eb6f8dL,0x0777d986406267cL,
-        0x076ee6d990cb302L,0x176a3cb77747994L,0x03ec4f9c1b7ec32L },
-      { 0x0564242c9f92b2bL,0x0353ae237195efcL,0x02ddfe669715c03L,
-        0x1006292ad127cedL,0x02ce6709b6efe85L,0x176249ddff450ceL,
-        0x10a35c868ec6fb9L,0x03a4ddddd5386e3L,0x1d798115e15177eL,
-        0x1df9de7583452d2L,0x1688811b4ad2cb5L,0x12b6b37d3bf9bf1L,
-        0x1c77640b793df09L,0x0d15e9e2e4b44bdL,0x0bf9d133833d309L,
-        0x013762de8badd13L,0x0e6b53f3acb3a85L,0x0224d7c0fb1f953L } },
-    /* 37 */
-    { { 0x0fcf132a16d9377L,0x1bbd9bf0d17cf61L,0x04ba1b466b966acL,
-        0x0da0277762e5c34L,0x0b5f66bad2b12e6L,0x0f55a804b9702aeL,
-        0x17b0b44778700e6L,0x12783e629fb8cbeL,0x0fc3118418a9ff5L,
-        0x1b9e0f670292373L,0x144d8c589415b77L,0x17aedf64bc33851L,
-        0x04845cd2d730a9dL,0x09b74296824f692L,0x0322a0f1de6e0ffL,
-        0x100670b46bf8fedL,0x0f5299bf1e1c95eL,0x007430be190448dL },
-      { 0x172060267c81b5cL,0x04ee6f39bc39e29L,0x02c2a0513f40beaL,
-        0x0e4c41190654e86L,0x18ea40f53006c5aL,0x1209d2270333306L,
-        0x0527e774097e625L,0x1857be701988d72L,0x1801566190a125cL,
-        0x06b51dba93c9e1bL,0x004dd1ade98bc81L,0x04d0b0bab2f16c0L,
-        0x188395fe66a9cfeL,0x035930fb6e56865L,0x0764862ead1a3f1L,
-        0x04805941debdf3bL,0x087c507d4a85e45L,0x037a2027899367bL } },
-    /* 38 */
-    { { 0x1e1920b4febd3ffL,0x11a6c7efe95dd51L,0x1cab866a60a7298L,
-        0x018deb78416fa35L,0x1aa39ca923de161L,0x063855f1026df9eL,
-        0x0dc2ca8b7a6e1b6L,0x01c4e5c186ef93aL,0x080914c06e56551L,
-        0x108f3d42be5db58L,0x1f1bbf6099a9badL,0x09dc612b00380edL,
-        0x02b9e24063dfac3L,0x1c3d52e2b4ffa05L,0x11c334a9ee8c6a5L,
-        0x1e0e81c9a3fbe67L,0x1e2903e31326895L,0x0482bb8fc3fdb38L },
-      { 0x199ba0da4062beeL,0x191c64a6becfca8L,0x06f078248b00639L,
-        0x03625b0abfea7e5L,0x0d68ca29de9b2a8L,0x0604bfb24f9f76bL,
-        0x0628192b7f0d314L,0x049032c95733b67L,0x000d59c477a5872L,
-        0x0ff51cb3a62c81dL,0x1f63b85410f7402L,0x14dcbe3d9840d55L,
-        0x030db9b7b4c5721L,0x13646a955b6b524L,0x120a89c1bff185dL,
-        0x1ef507bc483ad59L,0x0cc0605f05227f2L,0x035114a9db2026fL } },
-    /* 39 */
-    { { 0x0452d8f74fce389L,0x11a60157d2ab249L,0x12efc3b5e094165L,
-        0x166ee31c1b26ef9L,0x1fa69a4d89f4045L,0x0ad85d0883a73ecL,
-        0x1b79975c2ec1dcaL,0x0f7645aa95be20fL,0x15c39a3d8a1a29cL,
-        0x191b6016bcaf1d5L,0x00b400ad626544dL,0x0b7caf217dc5ee5L,
-        0x11a8e65ea25e226L,0x1000e75ec8f0750L,0x071500839c69c21L,
-        0x0d3022d201eb458L,0x027c3b2d5c0357fL,0x029464f5030cf1aL },
-      { 0x0dc86b45f26c577L,0x1a3844a1c5ea28fL,0x004de4960a9fe01L,
-        0x01bc3cad3e5bfc2L,0x1a55a356e08eacaL,0x0bb10b2fca977d4L,
-        0x1c7ca93602d4f92L,0x1e1a56cb0ab9abaL,0x0246704bf66cea3L,
-        0x09fb20fa49191e5L,0x0615726b6c4c946L,0x059c5a33aca54d0L,
-        0x105b82ed7b86d52L,0x070a8694a9b04f8L,0x04fa244ec3c0252L,
-        0x16892475b17f616L,0x157cbb1556cf794L,0x01007c849b9c5e7L } },
-    /* 40 */
-    { { 0x1b22fc58388387fL,0x178b8147441e2fcL,0x0e4346de5cf33c9L,
-        0x05edd922e288f95L,0x030cdbc08d5d4eaL,0x111e15970b7a4c6L,
-        0x11517724a443121L,0x161d629236061b7L,0x0631deb2e14de21L,
-        0x051083317f4187aL,0x1a5e70de707cfc1L,0x16d1f60d4f2b498L,
-        0x1a1619dfa98a732L,0x06df164d9d22193L,0x0627faa468c1f4eL,
-        0x0663f273791a407L,0x1dc3daabaf20f4aL,0x02e183f4c6e87aaL },
-      { 0x1c4e0c435b233daL,0x14842917b7cc2ddL,0x1486a2c091a38f4L,
-        0x1352d22dcf33ba5L,0x014bcced978f40eL,0x083b160193ec363L,
-        0x1cbb657a5540acaL,0x0661ffa432f50f3L,0x0c436513750e0bdL,
-        0x1618a450413e262L,0x004aa0ff3f02c89L,0x02fc63250b138f3L,
-        0x1e8830f42dc3d8dL,0x0583fc1fc5ab967L,0x144523df367fe49L,
-        0x1f358663952a014L,0x185d0c539684c59L,0x00ef8b6fd60a1a3L } },
-    /* 41 */
-    { { 0x07bb4ac68bcacc3L,0x169a7a187ac67e6L,0x1d3f518615681b7L,
-        0x088b93e1798b3f3L,0x0375c892f549199L,0x02cc1d6e2fbf632L,
-        0x1421c6e1c23c4f2L,0x01f6654b98905f9L,0x1efdcdc352d6b4cL,
-        0x1d9278245637d96L,0x0b53d4ce4191c52L,0x0a5f70747588b30L,
-        0x082337a223162ebL,0x05e1ede9b8986f9L,0x19eb03b739ee00bL,
-        0x0e2fd1672b2b248L,0x01721d3d2e81b56L,0x0394d3fa8232893L },
-      { 0x14ed1aa8420f90aL,0x070cf07f2642ac3L,0x0aaac2f9d2bd8daL,
-        0x01194c19536c5a9L,0x1645a86776fcc48L,0x18d92679885ad2bL,
-        0x16d104c6eb26f76L,0x09ddeefae3a5bd4L,0x04706d21072fcc6L,
-        0x0dc9348b39ebbf8L,0x002fcfa278198caL,0x19a6e80efa8045cL,
-        0x0d829232e2472d0L,0x1c6e42999f10820L,0x0e3d99cbe45b7ecL,
-        0x1c33a91776b3629L,0x15c19de9f4ad44bL,0x03fb69b249196ceL } },
-    /* 42 */
-    { { 0x1d064de6e794819L,0x1b4a77c175ed09dL,0x1f82e478a01169aL,
-        0x060f4879a43e02fL,0x030433e9190d31fL,0x1fee5a361379133L,
-        0x04702e9222a9c2aL,0x100831b210b48c8L,0x11b934fe6bffb58L,
-        0x0e8f11bf1007c24L,0x1358fe95504f6ddL,0x1aebc4767eefbe0L,
-        0x0b0f91bd30e216eL,0x1b94e284d02c336L,0x0aacb5e130e5765L,
-        0x1ad0dd92fc3108aL,0x06c8cb7c1f90093L,0x0168191cab14784L },
-      { 0x01c94074a44b4c5L,0x0343ce638164c54L,0x0a1f3ac3725ee61L,
-        0x0cdc75464396a04L,0x04c256c23030112L,0x0da422e05643b1fL,
-        0x1cd6d940d348395L,0x1b9552d4081e481L,0x0046d26d37cf7eeL,
-        0x152d4709dc0832bL,0x112e5e0f5c30ad8L,0x1f10b3c9b51f0c0L,
-        0x1a5457f5d12fbafL,0x1a98dbabc94ec80L,0x13a5ce74a787acaL,
-        0x137b2429b57b93cL,0x19b5bd724fc4eaaL,0x039a609598f7cddL } },
-    /* 43 */
-    { { 0x0fe3c2e92f9b086L,0x0dc9f59fea2a24cL,0x022d700b1971190L,
-        0x0389e064848f9c4L,0x079d29f68a52dcaL,0x037afa5af60becbL,
-        0x0a044474bfb4250L,0x07e4c1ec7b81b37L,0x0de2b056f15472aL,
-        0x18b86cf80394873L,0x08fa36dad723e46L,0x10739e6987dd45cL,
-        0x011b973ee2345a2L,0x1d9268e2cdee2a3L,0x185068596f69b0aL,
-        0x164032faa574678L,0x09f47bb16129d2eL,0x03e2ac54390fdf2L },
-      { 0x1485a523f350fecL,0x13c62b51c6a605cL,0x1a88356a9934059L,
-        0x05b2db45c91de68L,0x0f647b3cb85daa0L,0x0f4a36422f62752L,
-        0x1d2af03469b2835L,0x00683b1a3829f53L,0x143972cc59c8b13L,
-        0x1f0fa46a1a7fdfdL,0x13a4ea06748c619L,0x0120dbbde47e6a1L,
-        0x19200cf12c49f53L,0x1202197e1e17367L,0x125ad4909a47305L,
-        0x12f7d7ffee968e4L,0x14844527c9f020aL,0x01a66bee53d9e21L } },
-    /* 44 */
-    { { 0x031761a59e7fe87L,0x1718d0023e6b978L,0x19a3eb8c3d8ac7aL,
-        0x1b6e3b62864f205L,0x0e0038f4a666f48L,0x1eebb6baf7333c0L,
-        0x13570ed16b19c0aL,0x0221a5f705141adL,0x027ce7f1d9d8c5bL,
-        0x00ff0720905af4bL,0x06e612e499f0dc5L,0x0b13ac06259b2b4L,
-        0x0eda5493565206eL,0x03863a560c339a1L,0x15ec2ccdd1482e4L,
-        0x118284e07976b2aL,0x087f621f59ca6edL,0x03e758e6155fbdcL },
-      { 0x047a5bbdb7fd65bL,0x02e601b64a2be03L,0x076e7849c62b635L,
-        0x09d274ff638db53L,0x1d1566a1ed1dbbfL,0x00648ca28964ae5L,
-        0x149a52186e8036fL,0x15c78d985313cfeL,0x1671961500941aaL,
-        0x1e7ae87e4629c71L,0x1a64a68969547efL,0x130a2f941e4d5adL,
-        0x0afa89ef7e90710L,0x18d5a2a4ba1dbc7L,0x1470db4e757a8c5L,
-        0x0ad1ae885e7e7cdL,0x15c25a683e0059dL,0x00fb14d4c913e76L } },
-    /* 45 */
-    { { 0x125ddace45a1c3eL,0x149b2a0fbaa2fc4L,0x1f2cdf9fe0a1cb4L,
-        0x067c98f3a48ac45L,0x1c2645d68823451L,0x04015caeffd7c24L,
-        0x07e80c1e3d37665L,0x198acd24fe13a67L,0x19a500a1e9fd91dL,
-        0x10040c0055855ebL,0x04d68e0653977f3L,0x060f315be111b2eL,
-        0x189a45a2a79e876L,0x1c45a1cc9dd780dL,0x1ea65f5bfb58551L,
-        0x11ddb301cae45ceL,0x1a2aac90ffa2a37L,0x0253afed145ec02L },
-      { 0x09a8fbb55e74cbcL,0x19c677d58c792e8L,0x0b5a5d93b0e9cddL,
-        0x17cfc15a621f847L,0x0481cc9bc5a7d35L,0x05761a73af03477L,
-        0x18f13c30baa64f5L,0x059e2649fd01a94L,0x15dbb7c1699b059L,
-        0x016b3a6d3f07a35L,0x159b1e8c03eba91L,0x104266675906b4bL,
-        0x0e8c408496e83dcL,0x0cf7afe0b877c09L,0x0d3a18a5b8772daL,
-        0x00fb0dc56ee362eL,0x19a04629cdc5835L,0x02c0cfcd711ec0bL } },
-    /* 46 */
-    { { 0x19691216aa78811L,0x1747a1081f3e1ecL,0x01c08ae79a63d93L,
-        0x1c9eb059bdbbe02L,0x0ecfac1ae6001f9L,0x1c9804925304579L,
-        0x0a445bbd31e1018L,0x140a4c5d5cdd7eeL,0x1ddbd0af58c4ee5L,
-        0x1ad7fc8766c3de3L,0x16cd31bc93c4521L,0x0503d0cbe2e45fbL,
-        0x06886c1b9a48104L,0x0f7a118fcab4921L,0x09fa0b9bd7cc822L,
-        0x12b915eb0f59fa1L,0x150d65719179ac3L,0x03a2cb01e09b253L },
-      { 0x02475bff41ae519L,0x00fd8a57c79288eL,0x134abbecb0f4d10L,
-        0x16a39b5e10e1bbfL,0x0208bb199b2d385L,0x19f9fb4298e12b4L,
-        0x05da45b2277d930L,0x1758479f53248aeL,0x12339b51e86d010L,
-        0x06d87469131c189L,0x0785e403fb7adc2L,0x1b9746d0fde3eedL,
-        0x03914764753fd96L,0x0622e46ee682359L,0x0d0f5e3cffc8190L,
-        0x1dd21dfa2cf7b70L,0x145493ccb6d4b77L,0x019812a89d9e7bdL } },
-    /* 47 */
-    { { 0x0f0046935eaaca1L,0x025bac488c8811bL,0x19979b4a553030eL,
-        0x1363d3adaf966eaL,0x029c2757cb9199bL,0x139c683ac291a4eL,
-        0x0909e272f46eae3L,0x113371b7d20b247L,0x1a237793e18fe18L,
-        0x0138babd3a17041L,0x05e7493baf584e9L,0x00a9a9e59eef189L,
-        0x11958705de40325L,0x19ecccdd51dc504L,0x03fb8786c646f64L,
-        0x1be2975fdf74876L,0x01cb3bad1843facL,0x0499456d821c3abL },
-      { 0x1e84e80f906b872L,0x091d03c131332d5L,0x09f8ce6333ddc15L,
-        0x1beab6a647b138dL,0x0554dea82fab551L,0x0ac4e6d02bc7650L,
-        0x15d43bc9948f4ddL,0x1fdb1fac4850c95L,0x093f27fc5178fe1L,
-        0x19f37984efc3a11L,0x0b9278dd434151eL,0x0d64bb80714250cL,
-        0x0284db682b7d90cL,0x0c40c98560d0d71L,0x1cf82911fcf6adeL,
-        0x04b8a61cd7aa575L,0x1e70680025bf62dL,0x00550f9e7d6e86aL } },
-    /* 48 */
-    { { 0x182219022a10453L,0x15c8e1501d085d4L,0x16565991bcef747L,
-        0x09e716df8d5f76bL,0x18cfca1da58de34L,0x186d026723e1f2dL,
-        0x0bb5bf36385b43dL,0x11d58886937b44cL,0x09320d87bc56e2fL,
-        0x071f5040c89c72cL,0x18b7fe8ac8db027L,0x14b91cfdf61b4b0L,
-        0x0b16ac78eb6b0f9L,0x184da8d7a5a9a19L,0x14658a1bfd0c415L,
-        0x0075a11c46df11eL,0x05e1f93f176eed4L,0x02ac99bf04b1b2aL },
-      { 0x0ddf738d8fd807aL,0x0764ed589891118L,0x136d896bef0fd38L,
-        0x093e25f12a2945eL,0x0c3044fdd5b7060L,0x000a47da379e11dL,
-        0x195506c8cb47fd5L,0x0eac368b1ea7369L,0x1f694b24a0dd70bL,
-        0x1e3214c944ac0ecL,0x1526fbb97f88b43L,0x08fed4317ec780bL,
-        0x027f1929d67af34L,0x00aa8f4674b50eeL,0x1753e89abf980a3L,
-        0x059684fb595e656L,0x0d34a1631bc545cL,0x04980387cd8648aL } },
-    /* 49 */
-    { { 0x0f32c5e69a9bc05L,0x00ce32c4e25b9e9L,0x197a51997e70297L,
-        0x0779f6987212b93L,0x1ddb7c318ab0f29L,0x19c0245c83843b8L,
-        0x166f6253a59619aL,0x0d3e335219ec0d7L,0x1cc1d58dfb6fd2dL,
-        0x036e627230ec534L,0x1709dfe73920c62L,0x132cecbf150588aL,
-        0x0cc3badc8d749a5L,0x088966d597fe334L,0x10f1f2ce0060e5aL,
-        0x04449530f2b8764L,0x0148775f310010aL,0x0021d10a0ac3dafL },
-      { 0x1be9dbc3a873752L,0x049fa17a217f73dL,0x0b2306308607b85L,
-        0x01c52ed3cf30394L,0x1e768c5f00ce309L,0x0bb3bf5a3135646L,
-        0x05398cfa73918d3L,0x17ff138595bc1f5L,0x004f5cc1141f5b5L,
-        0x0b2fb9b11146096L,0x1dc1a8301733949L,0x1fff7c90f89fe37L,
-        0x09a499f1a45d07fL,0x0c6ca4001f621e0L,0x0fc4be13d39e6eeL,
-        0x01adb1466b42c0eL,0x0e84bb5eaf70f97L,0x00c683a3df92685L } },
-    /* 50 */
-    { { 0x0d3c77c84601fafL,0x12df1578e0fb92cL,0x1e63445b601b251L,
-        0x0dab61b279fec4cL,0x1ec6723a3996c0cL,0x1d29a497d0d6baaL,
-        0x1362a59aa05100eL,0x0cbb89928445586L,0x1ddf471deed6758L,
-        0x05652cbca9ea947L,0x118ed493afd9f76L,0x10e2fc4b69a765cL,
-        0x1a43159daa25824L,0x019abaa011e2d6dL,0x0e2c6995163e71aL,
-        0x1a4639ed0bb4ff2L,0x059981a4fdacefeL,0x0388849f6845dafL },
-      { 0x0aa3fc6401f161aL,0x0c2b04ba62f4389L,0x0bec5ed77e0bdcdL,
-        0x0f491cc5329544aL,0x09dd847db0b82b0L,0x14e2d30011a0ab9L,
-        0x1d4e3c795340114L,0x1979838a73cdb31L,0x136162b5328d3abL,
-        0x0d1bc9c15427866L,0x1ea06d37b9d211dL,0x0bf698477e37ee2L,
-        0x1f787e8b3e16cf3L,0x0cdbcd583fe8e14L,0x1db182edf69f9a1L,
-        0x0916a0e4201410bL,0x1d431840159e7edL,0x00bc4c5ed26ce4bL } },
-    /* 51 */
-    { { 0x18483d8ae1b8cf8L,0x0a5a174d1442b66L,0x013c81292f08c8fL,
-        0x1194f4d3f4ec66bL,0x1757bab24e0b222L,0x02fce5457ded45fL,
-        0x0570e16c90221b3L,0x0d68ff69027a835L,0x13f1bc53cc2aabeL,
-        0x1166d1f8d68acceL,0x1b02070c7aa6c7cL,0x009602c29582365L,
-        0x09c6afa7ab048f3L,0x00a06e1ee718e77L,0x1a2aee956bdd8cdL,
-        0x07dfd096f566fb9L,0x0b250de7648c7cfL,0x039d446e78a9ab5L },
-      { 0x186828806e83b39L,0x12209cfa201be9fL,0x0c3c5f6f21051deL,
-        0x1ea9a2ea93f20b1L,0x12307ffe2db64f4L,0x093130d11e75357L,
-        0x1fc98e4fbf5553cL,0x06a5e9ccb1421e6L,0x1a4437ce3f4ee1eL,
-        0x077a153d49e6f45L,0x0f27d24e6aa4059L,0x1ad47af6b9a83bdL,
-        0x11f88a3acc44223L,0x16304516bc4d350L,0x1d5b0195bee77e0L,
-        0x14601cf3b71c777L,0x01e73c56af2668fL,0x02979958bd71cb5L } },
-    /* 52 */
-    { { 0x0f524c1e714f71aL,0x109314d6ec28cabL,0x0761972b6f8f06fL,
-        0x10b41f6c935b231L,0x01d192d9d88bf5cL,0x1925b7cf7d35491L,
-        0x046738ffa0e25bdL,0x181d87f5c4964a0L,0x14b6af9f62ae0d3L,
-        0x1e75d05eb0cb126L,0x0c24acbf6db8ea3L,0x06ec64c79a52fb8L,
-        0x1ef95c43bdc91daL,0x06f5a26c98603b0L,0x1034c76244d9003L,
-        0x1133ffafb9d0887L,0x0c178fec3b19871L,0x03cf0a69477efacL },
-      { 0x18222359bb40c55L,0x1901687683d2171L,0x06a520e307d0289L,
-        0x0fb0c94f1c91cd8L,0x0c6c55c92b5f24aL,0x096a843f3f8a050L,
-        0x0784398b0412b38L,0x1ab361434fd8236L,0x0fd8a275fafbb3dL,
-        0x1f9aa7f4d1db598L,0x0176791980a8077L,0x169b2776cbeeb42L,
-        0x0b0f82fdeb3d371L,0x0f2342a2ed2e5f8L,0x0f545f918048a6fL,
-        0x1e924a0bc21738eL,0x0e277cfa541672fL,0x006c761454cab36L } },
-    /* 53 */
-    { { 0x14cf73ecbeee995L,0x1c45e6a48f40600L,0x12b766ae9752cbaL,
-        0x072609909ac2b4dL,0x0ab03c9a2f7d463L,0x1d5dca5d0280e94L,
-        0x15dcb23dc8f7a46L,0x129910bf2eea080L,0x0b5e1d2b3c7fcb0L,
-        0x0f73ccaefcb638dL,0x036aacd19126798L,0x1bbabec0f265719L,
-        0x01b1243587db425L,0x0fe3a1a038128e5L,0x00ab2249b5f4efaL,
-        0x14e9f182f262192L,0x0fc72522c154559L,0x043000f13e1b9a5L },
-      { 0x1b00ba5e7693947L,0x0320f0096031589L,0x0383a15242a191eL,
-        0x1fb2ae9abdc3487L,0x1bd3ba615173dbbL,0x1f503aca9975c64L,
-        0x04ae47d06f2e17cL,0x1695839848f1977L,0x00f34648e1ef901L,
-        0x0c94e8f6959d977L,0x1c7aaf0f5d6ff37L,0x0dee2739e9a48e1L,
-        0x0df04249535cdbcL,0x03fe59c1e6c322aL,0x17e4c30781e6049L,
-        0x1780173e413682fL,0x0c14225fc31114eL,0x00102c8e59a3ca3L } },
-    /* 54 */
-    { { 0x1003721275e0af4L,0x0a0f7f3c52525f1L,0x13db45d5d215c84L,
-        0x0e2d1ccb3cccd9fL,0x0e2842ee5fa1d73L,0x05eafb131f1f2a0L,
-        0x0412ab7b30f5252L,0x030033bc07a48d6L,0x1f8a9e903f343d8L,
-        0x1abdd252d860698L,0x1b14194789d97f2L,0x0a3eca337ecf048L,
-        0x00f2119a0180c57L,0x1c10ea7a2f82e10L,0x070e819f9921ee1L,
-        0x0c0a44c5f29544cL,0x1ef56cfe4897214L,0x0288ccc2fd0ef82L },
-      { 0x019497db18586c0L,0x00aeb637755312cL,0x1ada5f368a2c011L,
-        0x10f8328b28f8d48L,0x0ed3a5069a149b2L,0x04a65a5ab1b4fd2L,
-        0x1bb89c24aa9990fL,0x012ab79ce7553d3L,0x034bb2870778935L,
-        0x17cafd80375a993L,0x140c8e58e3d2162L,0x04d0b74eb7f10f9L,
-        0x1d9d42d58129376L,0x12e36b26f996b79L,0x137b506932b55d1L,
-        0x140cf30bea1f765L,0x19acf34ce0e9006L,0x02cf57932ac52bfL } },
-    /* 55 */
-    { { 0x1407efb6ec3876fL,0x03091f87a43243dL,0x1bfefe24c0e5e03L,
-        0x008b5235605576aL,0x18811b829592eaaL,0x0f9fe4e72dc26bbL,
-        0x184ee1a9c68d07eL,0x10182ffbb0de1cfL,0x088ed8297655a08L,
-        0x0eb6e3a40eaf333L,0x1277d8745c5e5ddL,0x191bc7ef3c3fdffL,
-        0x1d2046192e36ad4L,0x13a7ed316d8a98bL,0x1766451e327e9e8L,
-        0x12e3809d9249f05L,0x1fb059d1e383a64L,0x01da2287513105dL },
-      { 0x1b7a955c776dcdbL,0x052be40e45d239eL,0x000d415d83ecd71L,
-        0x03675d86a75c50aL,0x07117be5e3e8069L,0x1667b09c019adf2L,
-        0x1e45b8711f8e815L,0x1c24a79fbd6672eL,0x03decdfbaf5cb7eL,
-        0x1e4bca7be7a5b82L,0x05a0327fe0518bcL,0x1c237c7b553e480L,
-        0x1769f91d8a4e440L,0x05af4e2ee2e821bL,0x0df4935041b1ea3L,
-        0x169443232134267L,0x014e893c8383764L,0x0253ff1866214dbL } },
-    /* 56 */
-    { { 0x18f3a702455c7c5L,0x11b74380abbaa73L,0x1491d88c98b16ddL,
-        0x1c378f018fe6588L,0x115ed8772c98b11L,0x0932fa6a4757564L,
-        0x0803eec134f0066L,0x1d0d6a563379f4aL,0x1c46a098193ea3fL,
-        0x016399edd3ac02cL,0x12ef58625aab336L,0x05f99d1d9aa3a64L,
-        0x1d02fc44b3ac09aL,0x1550bc25a94c8c7L,0x0882173c311792aL,
-        0x0fac26ac4c681fcL,0x12353cbb676c50cL,0x041fd0f51b28935L },
-      { 0x0ac86da10ccc646L,0x031bfbd8228f4b0L,0x18c228221840b38L,
-        0x12406933057779eL,0x1c0bcda023c1901L,0x0a7ebeb83fe1ce7L,
-        0x0eeedfd347c546fL,0x0c1ad4c9ce888e2L,0x157bdc676c5ac9eL,
-        0x0b629819bdb08b4L,0x144e5b73d028751L,0x184a932fa58fa68L,
-        0x04c2c4a739f3edeL,0x1535697129a574dL,0x1a57e045004e5f9L,
-        0x1f57e40ed3a9a47L,0x1e0cee007c6de98L,0x030a04bbcc98e28L } },
-    /* 57 */
-    { { 0x1db32db15156623L,0x1bfde55bd33e11eL,0x1d41bc678f09a04L,
-        0x05132498c24c023L,0x06804c1c34218b0L,0x157353a4950587eL,
-        0x0f987596f9c1abeL,0x0d27627a47c1a03L,0x144545b47f87f4cL,
-        0x0111b71026e0d51L,0x149874f14587b35L,0x14c77b11780ec26L,
-        0x161599d7201eb46L,0x14dd7879bc636c1L,0x01ca083da557f85L,
-        0x068148cfdd7ac2eL,0x1882f1b8a2a3e3aL,0x031b6d63b1685afL },
-      { 0x0280db9b4c80af3L,0x04e68a71c4955caL,0x0b83451df772686L,
-        0x10d1f3e29e4dce0L,0x00baa0b2e91aee3L,0x18a51494327b1d4L,
-        0x1f2dab3607dce2dL,0x1fa61c370e18bfcL,0x1883ea1c3b10837L,
-        0x0d13ca9b590244fL,0x0ca9a1628b697cbL,0x17e40751f42875dL,
-        0x15dc70b1c4e2330L,0x14cb3c7a5ae2445L,0x17d9d7029e31364L,
-        0x1a6d04677a1304bL,0x13f37b5c0767b67L,0x017b6deff2685f7L } },
-    /* 58 */
-    { { 0x18472fd2e4da7c7L,0x07e48d733bc9917L,0x0228f709a389c23L,
-        0x00f33448486c95eL,0x11d58bff0f10dfeL,0x04b17377c896ac3L,
-        0x1a829afcd77f262L,0x1825172df52be8fL,0x0734a79eaaad308L,
-        0x0b9819bcfa1bdddL,0x12f639b3d53dd65L,0x1b9fcec65dd8005L,
-        0x0b5319310447606L,0x0567b94ea025af6L,0x177c7782b8225f0L,
-        0x0e89112c5170c77L,0x14eeced154ef87dL,0x02e5b70cba2c6aeL },
-      { 0x0cef197008c75edL,0x04e9f7b77557c4cL,0x180861d7a5b5f3dL,
-        0x1dbb361b143adf3L,0x19576daafcec2cfL,0x13eddc1c530e7f5L,
-        0x053d04000fce4daL,0x0a766f870d04770L,0x09fb66dcbb80e31L,
-        0x13f175d02cc23d4L,0x118ff4d69c9dc27L,0x1b23f93c1da149dL,
-        0x14d515baa4311f3L,0x10466a719e0ee04L,0x157baa9d681baf2L,
-        0x0583f56c2e4705dL,0x0e52e82bbb0e1f5L,0x010a4eb1828baebL } },
-    /* 59 */
-    { { 0x01a8e6f5f9311f6L,0x11e4fdd5e0fc2f7L,0x14bad250826b25fL,
-        0x1832ee9fc29f4f8L,0x0555844f04c2f51L,0x039d59ae77e8914L,
-        0x067f2d4e18a8ed6L,0x134ed1dfbad97daL,0x0cdc12479ee5846L,
-        0x091bf189ec0604eL,0x128a4301130a304L,0x02f57a8fc50fbaeL,
-        0x08ad0ffeef9ee65L,0x00c6940fe121091L,0x1b0378509cc223eL,
-        0x17ae7d78e897887L,0x06c5b26eccfb415L,0x00a7179a86583e1L },
-      { 0x08d2a104216946bL,0x00f83bd25ec96aaL,0x028d0da54581ba0L,
-        0x1ec7432f92b32daL,0x061f77c90f1b5c2L,0x1fbd913ced1e278L,
-        0x048fc707358d24fL,0x078bcc36ca14468L,0x0826b34c5f28403L,
-        0x0c5c8746179a10aL,0x0d5882ba01bb15cL,0x068bc64953694beL,
-        0x1e8b53cb51a2faeL,0x1ccb2bbc4605dcaL,0x077bccb253dab0bL,
-        0x11e4e0fd8c0fad7L,0x04f63bf1dbad0edL,0x02c29bf016e5b0fL } },
-    /* 60 */
-    { { 0x164b06464f80ba2L,0x02af382acd22d8fL,0x0cd3c7d2d8d3a38L,
-        0x1fbd190905864c5L,0x030c780aef4f7d5L,0x10f349ceaaef506L,
-        0x10d2c5d02bee73eL,0x1dc59fcd4cce8c1L,0x0f66959411187c1L,
-        0x1c1793bafcba6caL,0x02b390011527ac4L,0x167f757bda04394L,
-        0x064e3653eaf8244L,0x02ae2fc1e1b7a68L,0x1af3a43aae7c373L,
-        0x0284bb27739df59L,0x10d16658e721906L,0x0242bc1afc16bcbL },
-      { 0x0d525bcd2576210L,0x1c553ea8daa21eeL,0x1c5c6f60e6527cdL,
-        0x07e7158c43fd2f7L,0x018408cc930d0f6L,0x07a9fb57c7960bcL,
-        0x1d7909a4b21f898L,0x06e1dc8a80fb614L,0x10ec47ae5ffdb1bL,
-        0x14894ee3d535225L,0x04cac8b902dd75dL,0x09a12bde76ef6dfL,
-        0x1568bc63e8e0676L,0x0e000a60147ea3fL,0x065763b46041252L,
-        0x10b5f21c5a7fbafL,0x128eb39a05d6c2aL,0x036013bded10f98L } },
-    /* 61 */
-    { { 0x01b7086b509e7efL,0x1763d9ebfcfc8f2L,0x1e51549ae22e210L,
-        0x080a3ba1579a50bL,0x174f1ceb6e44e06L,0x1f330dc80cc6083L,
-        0x11f65bb2afa6048L,0x1dc8902226c65ecL,0x11dd82b4526c52aL,
-        0x128483fc9cee4eaL,0x1bbbcbf35156ff5L,0x09bb1a5cbaf97abL,
-        0x1288bc9f2a7815aL,0x0bd1d9912d6a764L,0x0e72f6f1bc4342dL,
-        0x09dd1d1a183ce41L,0x18f5a0b071a9b77L,0x01833de4d7917e7L },
-      { 0x0e589f2b7ca9326L,0x0837ed89127b1f0L,0x1485d1e95ef45e8L,
-        0x1ac561105d646a8L,0x0391ffcf2614982L,0x072206bf9d7aa22L,
-        0x0c1c46aa8cdeea1L,0x0a851d46f612837L,0x1a957dcb42e4a7fL,
-        0x1d5b3160d356afdL,0x178e07df0da8839L,0x1019375416d7a26L,
-        0x0c94e4671f42e79L,0x05849171a11b818L,0x169627c93318ffeL,
-        0x1fed9a21aa4f288L,0x195bb99d316a870L,0x01c8641e554cb60L } },
-    /* 62 */
-    { { 0x0d3fa82ffc4a73fL,0x0eb1a9dea9981a8L,0x1e28992eddf4999L,
-        0x1c45ae7b090140dL,0x0323b8aa81c04a6L,0x0626ad1204e7fa8L,
-        0x07064c773885e31L,0x1706e95501c181fL,0x10b25a38700186bL,
-        0x05bbd085578a43fL,0x0e6b56ad2637874L,0x1b4c3541822c2beL,
-        0x1d96e25ce892e32L,0x0f43236891471edL,0x1ec71a2d5f22371L,
-        0x1bd8ace5622c84cL,0x13a5d0d807f600bL,0x01f52003e911f2bL },
-      { 0x16debd0a595d0a3L,0x0bb65d7f859da6bL,0x153e6c6f6e5e9afL,
-        0x0898e298e37e582L,0x021af66362b19abL,0x0a0f7b64df99dc9L,
-        0x03db48f61f12632L,0x1824ab00987af3eL,0x16f1a10052a7acbL,
-        0x0d5bcecaa829457L,0x1e9bc32345884d7L,0x16dbbcbc2053faeL,
-        0x12f95da12b40508L,0x1ac545d0ecad607L,0x18323ee2182bdc5L,
-        0x09a6816329906e2L,0x0a0a40e6c80ce00L,0x004fc150bb58a55L } },
-    /* 63 */
-    { { 0x0abe588c21366dcL,0x00527d7baed7cb0L,0x1f66b2e4fb51ca7L,
-        0x1d0f42dae0e0a03L,0x18e7361bb97e744L,0x1aa679d217053d4L,
-        0x041e06b36bfc8a2L,0x1cfe10f99776f7bL,0x1da6f3983663250L,
-        0x16b49f75d783e04L,0x0bd30e32ebc55d9L,0x1c0fbf9533a0f37L,
-        0x07f26d8dab5a984L,0x1f5d1b7cd5a6992L,0x0374859342f9c05L,
-        0x09e066f773cca1dL,0x05a72aa4e24531cL,0x03be8f4c25ba9ecL },
-      { 0x1373239d8e62367L,0x0c245dcc10678ecL,0x0d116a725f10cd8L,
-        0x1c29f2c1f8018fcL,0x140474b59a0ec9aL,0x1032eae7a0f867bL,
-        0x0184297bb7a3fb3L,0x0bb63bcb49d3d01L,0x117c44ae4ae0cf7L,
-        0x1d2b191b58a4685L,0x09d03f4a7fcb70bL,0x17151196425cc9fL,
-        0x0d6a863016c605eL,0x103da60bf963b8dL,0x1525e15b5844b9dL,
-        0x1c1cbfd21d80e81L,0x1b0599be18be256L,0x0273755f6652a56L } },
-    /* 64 */
-    { { 0x10323d3fb99cfe6L,0x0de136499a0bc4aL,0x1905f2f7edbdec2L,
-        0x09134eaec0c8223L,0x10919cb09114174L,0x15fe97a6319efc8L,
-        0x18b6dc57f1f1ce5L,0x15919432a251956L,0x0306724734db81aL,
-        0x13d1235da6262a5L,0x1a83eafc8a591b9L,0x0be3f4b6bae1aefL,
-        0x05c2f192f35bed1L,0x1fb34856d2b436dL,0x0942df77b2b1ca9L,
-        0x15a5e1895e54595L,0x056f44631c16049L,0x0192e93cb027678L },
-      { 0x011fb554848c144L,0x11492db53d79977L,0x0384da783e69381L,
-        0x0d94a7643c24b6dL,0x0e98ea1bad9bdaeL,0x17d1cafa86b02e1L,
-        0x0cbd6f6e7854e7cL,0x1ae8ae1c65bd22aL,0x1810698ae46a250L,
-        0x1ecaa3656cec8a2L,0x19dc8447a5e979fL,0x0faa493f05d357eL,
-        0x099851df63ca29fL,0x18e871f2d4e29cdL,0x074ad5bf613552dL,
-        0x012d5a3c08b3808L,0x1d3ceb3eb6efd80L,0x00cea42a371953cL } },
-    /* 65 */
-    { { 0x019ee8fb540f5e5L,0x152978273468bffL,0x16c2b6f721c61b4L,
-        0x11a074ff91a4641L,0x08bcb916a83ad5aL,0x08f4202a5fc1e38L,
-        0x1777c2484cfa8b9L,0x10779c7084996a5L,0x0d5c7be40310635L,
-        0x0f5dcefa2c718bbL,0x0658e6f136aeff0L,0x1fc980ae4b515f6L,
-        0x1484e1cd2436350L,0x00a2dc6f5625031L,0x120c8deb7dcc553L,
-        0x04e40154dbb3d66L,0x1b0a3345c3dcbffL,0x00d9d67365a7229L },
-      { 0x143e5e990a8bdc5L,0x1dfceb183504481L,0x08d63921483a880L,
-        0x1dbcfa3a0d30913L,0x1f795d3fbd17debL,0x1d851fc7d7d36baL,
-        0x1abea933ad8c0e1L,0x005c02cd665ffbbL,0x0a2fe20547e764eL,
-        0x0d5cc127438f982L,0x14daee54bb11795L,0x0909521a4195457L,
-        0x0775bcfb537b4c1L,0x14c16272a98cf9cL,0x00a4874d08e2929L,
-        0x162fd4576c38f42L,0x0141e061b64db3aL,0x029c7619f0c9785L } },
-    /* 66 */
-    { { 0x13496fea19b56cfL,0x0bbfa3ddccd668cL,0x1ea15f42a20598fL,
-        0x0410506bfb1e095L,0x1d82cec7cced3daL,0x004e42bf10fd76aL,
-        0x08c1db85d6e67e0L,0x105b38dc6365a0bL,0x196948d4a81487dL,
-        0x175e9f96a37b32aL,0x146aa1dcf331261L,0x1e45162c814d0d0L,
-        0x0841a20b753e220L,0x08560537cf8371dL,0x0facfecb3fff97aL,
-        0x1c593eb5363b51dL,0x0012587d9976e08L,0x037eb014c01f4faL },
-      { 0x0709f8d8eb7516aL,0x0c53a5ee2cc55aaL,0x16621fa0073a0c1L,
-        0x01a2f7152da469bL,0x0e90f6abfd0f9d9L,0x1f6aadd50f2a4fbL,
-        0x13064925bfe0169L,0x0ea1b3ecaf4d84aL,0x03cdea49cb89625L,
-        0x142d1f816ff93efL,0x039ff76e2f012edL,0x01ff30e46d6078aL,
-        0x1dbb0d5055904ffL,0x10a5f46824a14c7L,0x0f4c358d2cce1b7L,
-        0x1fbb2f5a69d38f8L,0x1c01f2b32bde159L,0x04267d11e63b0f2L } },
-    /* 67 */
-    { { 0x1bc11eb8b99b964L,0x006052c717e2389L,0x11275326952e38aL,
-        0x057edc41f50e1f7L,0x17c88cfa37a334aL,0x0578ed772c1e86eL,
-        0x1e2981780a6a3bdL,0x0c4daabc468185dL,0x161b6fdfe209e9bL,
-        0x18ed6935dc70407L,0x0f058a4e4bf068eL,0x1fcc155c7e9cb5bL,
-        0x1ac2bf4d5b02ac0L,0x01417f6946ccc00L,0x0b6ccfc8ccfe4ffL,
-        0x0a5ce2db962196aL,0x18e09f90f84c557L,0x0143ea628e42506L },
-      { 0x1a582010e9867daL,0x0c4d98d43a66d2fL,0x1f17ef7b88b9851L,
-        0x0bcc257b5000bc4L,0x0d3635f9e357fefL,0x092d432706df6f9L,
-        0x08b958af9c391bcL,0x1a3413731081b29L,0x17eb99a1528b5e5L,
-        0x0dca0b73a88145aL,0x0dff5f81b4b3108L,0x0a2ffd41308a362L,
-        0x06ffcecbd76fa1fL,0x0197a29f1dd0f4bL,0x09a3e875322692aL,
-        0x12b460f63c55fd9L,0x013d0fb44534bd3L,0x0009951ee6c77cfL } },
-    /* 68 */
-    { { 0x13c7785576374c2L,0x09368c239382072L,0x17208a328113981L,
-        0x05e39c2627140cdL,0x0deb0c5d1fe1c1bL,0x1fc137957764196L,
-        0x096269d659a6672L,0x0a99a311d03bcefL,0x0e5ce0fe0118d12L,
-        0x0a154c203c85c35L,0x1c10fce6b0a33a8L,0x05210fbcb009c51L,
-        0x12f639a8c54eef8L,0x0c43bca7c1e18d9L,0x0c6ce475c11529dL,
-        0x18f2b94c6baa031L,0x025cefea07631d9L,0x009e5f73b5b7c55L },
-      { 0x1cabe0f8d3f34f3L,0x0e18e51b0bff1bcL,0x188f76509a86f6aL,
-        0x0fe539220964dbdL,0x02c6cd3be9dd962L,0x1d10cb019f58b4fL,
-        0x120f229cfd24bf2L,0x16f25c6fc1770b1L,0x0e4f2aca623b3fbL,
-        0x080fd8f325f0051L,0x1e09aa523d91220L,0x0f6920e4c1cf234L,
-        0x10e30bb83541406L,0x04cce0377bba552L,0x0821447e48b2a03L,
-        0x009e0d70c6b7217L,0x167bf936b5c25faL,0x027050d6d701744L } },
-    /* 69 */
-    { { 0x0ca66708ba29c4dL,0x12067114c404a00L,0x099c5b769d4b020L,
-        0x0b5777f468438b9L,0x1ed28b72689c0e4L,0x02b55a0ebaa2fe9L,
-        0x075957c8846635fL,0x112967b1ee870ebL,0x093490dfb8fe50bL,
-        0x120faebf4075d0bL,0x1697ade6b2d4dedL,0x092e183abcbcf61L,
-        0x0da5da429aab6b1L,0x17b69792919c734L,0x0c3ce9f804310dcL,
-        0x0117844de2da4caL,0x199efb0f7b6cbefL,0x0399f186ccfcce4L },
-      { 0x0fe1582a42a38f9L,0x16ac723985a8076L,0x0a9f7a5dacb2bb0L,
-        0x0b52d383765dc5eL,0x1cecdb4af0539dbL,0x14748118caa0b47L,
-        0x1507fcbdcd22b9eL,0x0a43ab1af986242L,0x15d25b75c2202aeL,
-        0x154cb2d7a041ad3L,0x0da9054a6d391b7L,0x16df7a4f5b367fdL,
-        0x00261f900b5c97fL,0x026ad8cf6c3aaa6L,0x0866e72d0c0c764L,
-        0x0179e67abd37196L,0x00c7a43d4923ee0L,0x02b7d659cdbcd2eL } },
-    /* 70 */
-    { { 0x19165a2a3018bfaL,0x035924ffd6cc200L,0x07d954d06a6c403L,
-        0x0e4bb8999377e36L,0x0bfffe60e6bd1d9L,0x0a84d5a942876a9L,
-        0x167c493a64b31f9L,0x091fed8a05c99d6L,0x02f0b35731aa7d1L,
-        0x0860eeef3f1d523L,0x127d174450a203aL,0x1a4ccb7cbbab75dL,
-        0x0e1febce13475cfL,0x004a169841d5d8aL,0x1fa0b21aae920a6L,
-        0x0431a3c3646ba52L,0x0bbb771cdbe50d8L,0x0442cc9336ca6b6L },
-      { 0x0847290155ccaf2L,0x0f5e3be2dbb9f04L,0x1746cb7423b619eL,
-        0x1d0fa8ebb751165L,0x0694d02a960a180L,0x1fcf4b407edb5bbL,
-        0x0db10fa1d6324fcL,0x0fb7b47edf495b0L,0x19400c58132fb38L,
-        0x0d3c2a112a81007L,0x1f0d45ddbb3c609L,0x08dcacdb6b34552L,
-        0x0026545eda03ebfL,0x07ba55a223a1d14L,0x12cfda7b45a7613L,
-        0x0e32d7557263b11L,0x11970ae932cd825L,0x03cb9125350604bL } },
-    /* 71 */
-    { { 0x12923f8441f3567L,0x018b417125f8eb1L,0x09aedd9c7fff047L,
-        0x0ef4bc3444972eeL,0x1addb417601746aL,0x0cdc2329eeef501L,
-        0x1ffdd5e19e8f1fdL,0x1516025530ead9aL,0x01bd5fec9f19ba9L,
-        0x081bcd17c1833a4L,0x0d1176ae301745dL,0x0836f207e854eecL,
-        0x0da903e46d5d7f4L,0x16e89360e008b3aL,0x1156d006c74f136L,
-        0x06add44ea5558c2L,0x12c4da42a68555cL,0x01ff84e0aec1042L },
-      { 0x00a1bcef9cb7784L,0x09cde12117982a6L,0x07f431052a9ebb1L,
-        0x19ffa85788be81fL,0x0f358e15d3aa316L,0x113b41217ad2619L,
-        0x1b3b802f7367b5bL,0x0ba0d3ef13ff14bL,0x18078018e05e14fL,
-        0x1d9f249c5a063a0L,0x123075e45fdcb4aL,0x0cc998ae2a18bb7L,
-        0x1ac3fa8920e0eeaL,0x0e3cb8b2512f662L,0x12b45acf086c3d4L,
-        0x03b351e1345e4c6L,0x04c8e730fc55839L,0x023f78c02a7efd7L } },
-    /* 72 */
-    { { 0x165f3d13da285e4L,0x0a6dd1d00f1fa4cL,0x04e984852b42e9fL,
-        0x0a4472ea928e708L,0x1a730b92d3b7d53L,0x168b2ed29edee7aL,
-        0x1fbd0c4c364acccL,0x16c89450a8305f2L,0x1bf62221c44dce1L,
-        0x1d09c2c3f150764L,0x0cb2372feb6662eL,0x1e7f6bfda89667eL,
-        0x05c66217bb409e5L,0x1e6fb8d4ae19463L,0x0481e22c036da7fL,
-        0x08c974478544371L,0x061f8ab28e63ae6L,0x00d35b74e5c6f04L },
-      { 0x16ec2b606af77aaL,0x07ae6d443f832d7L,0x10027d263158b98L,
-        0x13f9755e970fa42L,0x071ab855db595b5L,0x1a4d8607dac9509L,
-        0x032728338439750L,0x1b73ac30fb110fbL,0x103ee95f9154bd6L,
-        0x1f29909ae8364ccL,0x1ef0c3eda993423L,0x1e1acd4996c1e94L,
-        0x0f5d37367c3d22aL,0x0cbec72a8b4a967L,0x05ccb41bc3a9cd2L,
-        0x07285688f8e1ee6L,0x1d000ab3034a9cbL,0x03cee80c0142887L } },
-    /* 73 */
-    { { 0x0e0033a3ac7424eL,0x15b44307ed26802L,0x1d9af2ddcbef6c1L,
-        0x17e52f9b4846d52L,0x1b013c6e294a8e2L,0x11d1d6a58555c2eL,
-        0x129acf4abb2621cL,0x13c195c659a2790L,0x021888f5e70ec16L,
-        0x1cb19dea1544131L,0x11e4b9ed8366e1cL,0x0e4420ed3fc2d15L,
-        0x06d24bed3489f2bL,0x11f59255479fe7fL,0x131c1af4d7bee22L,
-        0x19c1bbbd9f47e90L,0x0367cc119a9929eL,0x043f2d6a2c6a02aL },
-      { 0x099aa9d7d1000a7L,0x057fe57411c19ddL,0x18a37ee0f7162e5L,
-        0x0308b4831b90452L,0x1d4170542f59fe1L,0x1b8ac0d45cb87c2L,
-        0x1745e24630995caL,0x181c9de8efb81a3L,0x1b50b4cf33afad7L,
-        0x0dd753c80c3852dL,0x021fe6ece8a1a08L,0x063c2494b39b8eeL,
-        0x0f57f4323978575L,0x00b264a576ba613L,0x052fdd357d6b894L,
-        0x1d464cc116fc5e1L,0x045f4cdb5bafdceL,0x005b8928ccc8660L } },
-    /* 74 */
-    { { 0x0290ca188d5c64dL,0x16ba4d3a4929a2dL,0x14f4a803a494165L,
-        0x1995ef6cd740961L,0x0cdded83082cd02L,0x18b2374895a8617L,
-        0x1fe5604f3a77bfcL,0x02ac55ce18f8ebfL,0x16f6852e07e2a46L,
-        0x107ebe801c027e8L,0x0a93760863a364cL,0x0df75f8c8baf634L,
-        0x01e8d9fdbe4918aL,0x02385b777d8407dL,0x05d3bdccf534229L,
-        0x1cba5a57440eedbL,0x16d8ecb95a769daL,0x03d1fa11d3eb4acL },
-      { 0x02d2ca69a929387L,0x1bac0e58e0fff9bL,0x127df946db2eaf6L,
-        0x04749c263fb125dL,0x1bd87561ee8d863L,0x13f399234071f8aL,
-        0x1fbfb8e965f8753L,0x016798e56f8ab03L,0x1f3e77f8aca8caeL,
-        0x063ebee2f17ea57L,0x09154884d56de7fL,0x09e54580e2efba7L,
-        0x0d0689621f546b2L,0x1fbc0b1f20ada99L,0x15fb484afa6bd44L,
-        0x052864fac773667L,0x0f4ab019ef29680L,0x016d2fe2a8b11fdL } },
-    /* 75 */
-    { { 0x0429cf3c8a5c600L,0x006111ff19f3e31L,0x1d00295f772e9eaL,
-        0x1b24b618e93ffb4L,0x0b100eb0d1ae156L,0x0a1e4084bd21fcbL,
-        0x13c905a7a5173beL,0x06743ee69ca2251L,0x004387c4a419f01L,
-        0x003c34580822012L,0x05aafe40d673cb0L,0x1fdc8f1aa9c7ca8L,
-        0x0642a2173ef9c76L,0x0ff180a0b310cedL,0x1bc91f98780c55aL,
-        0x0cb2541feb9c727L,0x0d3811792ba072bL,0x042af810cb8642aL },
-      { 0x1fbfb6c847314c4L,0x030aaf5a2dcb530L,0x0519ae8abeb25e4L,
-        0x0b57292f02e205cL,0x0110c4feed51f97L,0x1abb33ce97ad8beL,
-        0x1139deb2339c2bfL,0x18fce6cd442dd64L,0x0dd1bbcec551c65L,
-        0x092830570d42cefL,0x1205d22e9f4b9edL,0x0a83571d5188f40L,
-        0x036fdff078e1a2cL,0x0a43a582373c126L,0x0c7dccde6d27f1cL,
-        0x1cd9e455c66fe0dL,0x1971c3521926f8fL,0x014911b67a92e83L } },
-    /* 76 */
-    { { 0x1b8d80a7d8b29dcL,0x110120475324566L,0x117aba4afa4745eL,
-        0x11fb4e5f78fb625L,0x1e760c6f1f347d1L,0x11c6c8889ba5a04L,
-        0x107d1cd87a3c763L,0x09cee297d3ae735L,0x1c1f9701cb4df5cL,
-        0x089c76c37b96570L,0x1f87ddab4603136L,0x0b7d3c5b7f3838fL,
-        0x097c70c44df8c18L,0x1868adafc1aed93L,0x199517be65f3faaL,
-        0x09cbca20288b4c3L,0x1aa16b068842518L,0x03e7d61acba90f3L },
-      { 0x11821673c0bc53aL,0x0f6f1bf3a89b3c0L,0x17f68d95e86212dL,
-        0x09743fbb307944aL,0x05da77d8096abbfL,0x19a162ce741b4feL,
-        0x167c7c9ee6b9eaaL,0x1d20d9237ad2e40L,0x0ee0dab30914ecfL,
-        0x1b23fddc9fa9f89L,0x0e29ebfe95f83aeL,0x0ddf3e55ac0e618L,
-        0x07bb99dcc9517d0L,0x02304050a4b946cL,0x0e705f6c00d2bc5L,
-        0x045419902187e25L,0x0bd7225f14f772aL,0x03671ee3f8eefc1L } },
-    /* 77 */
-    { { 0x07cd835a4397830L,0x094867a39998360L,0x0ea0a6627a31376L,
-        0x12ac7b02a5ba6baL,0x087de61b7990255L,0x1271ae793c6c88fL,
-        0x0396671cd031c40L,0x1425a8888c2941aL,0x163e7608ff32626L,
-        0x13d1bf4e264dd54L,0x1b7145dbfff4958L,0x1f919de5439a18aL,
-        0x16efc559d9cb6deL,0x020e5b4965e606aL,0x0587827917cff14L,
-        0x0ab399a0b8473caL,0x16d2a731ee95c3bL,0x0428a889151e850L },
-      { 0x02d033586ff19e2L,0x106d50ed14301bcL,0x13f955f1fbb70b1L,
-        0x083789d16165cf1L,0x1df35c67a8f6f98L,0x122315660fcda59L,
-        0x182c25b84d80d1dL,0x0ad7f22172ef8f5L,0x127c7f305514359L,
-        0x0a6d8ae7b18f572L,0x158509f9a6cd330L,0x10a2bf825fe54a3L,
-        0x13fb887162dec82L,0x0f0a445efe67570L,0x18f9d3368ccab07L,
-        0x00d394406e9c45dL,0x004597ea1a1f0aeL,0x04588acf93bdef6L } },
-    /* 78 */
-    { { 0x0f71a442f961d30L,0x0b4543d639247a5L,0x01f2c6a41b36f7eL,
-        0x0c0957f24ba65bfL,0x19f04d4c00c10e2L,0x0b82ed5c388bacdL,
-        0x02124035539824eL,0x0ebeeb0e86793f0L,0x02e9abade6a7a23L,
-        0x13b6a3c4a560bd6L,0x01496f080b66715L,0x195b57f5ce7a994L,
-        0x183405991b95b8bL,0x02c54ce191b8f69L,0x1e32198ada791e9L,
-        0x058f8f958163056L,0x0596ceaa79be023L,0x005ec3219ac47baL },
-      { 0x0a1a8b47e734189L,0x0d64467f2fd0befL,0x1538450dd9914b1L,
-        0x115f3d2ea088949L,0x130c6b3bc252230L,0x16fa3bbc58e861eL,
-        0x0375cbb6b97c131L,0x068a6263b345dd1L,0x0c4e380eeacc93eL,
-        0x04cd8d6546d8747L,0x123059fd75275f5L,0x04ae2aad99aeee6L,
-        0x0c2611d13dc9663L,0x1ad17ee632e7074L,0x163ea84b257f99aL,
-        0x059304cd310650cL,0x107da87d1f431c3L,0x0233282cc7e6c8cL } },
-    /* 79 */
-    { { 0x06c13cc6b4a5efaL,0x0cc4d8e83d932a6L,0x1b3a2f71a703120L,
-        0x04584a63a82172cL,0x0ad0a100f54cfaaL,0x0ed224e5af8c046L,
-        0x00f32fad494e3b9L,0x0f14c48010b7dbbL,0x1e792dacfd6255cL,
-        0x01b8c83103102c7L,0x057a0fb45963062L,0x164efa51aa852ccL,
-        0x1b83b75df34b549L,0x0bfddca1757893eL,0x1df24c13d837db4L,
-        0x0f13fa10c63b7edL,0x00c17c38f986018L,0x00621aba55cd494L },
-      { 0x0eb324c1d20cad0L,0x16584c63088453bL,0x0e71bc1b4db6437L,
-        0x15781b432f4dd3aL,0x107ac5ce6cd978bL,0x04bf5aaca458e02L,
-        0x0538caf51c59315L,0x0785538981e9ab2L,0x0772c5046a759f0L,
-        0x1eb994534d6423fL,0x15f430c122ccc39L,0x09c081ef759d51aL,
-        0x13a85f1790e6003L,0x0e42cb9b411ec8cL,0x078408a9ba6d9b1L,
-        0x07f48459458f4cfL,0x1b900e7a19c0902L,0x01924ccf893936aL } },
-    /* 80 */
-    { { 0x07eaed67c834915L,0x1d5355e2f5b26b3L,0x12d8975880467ddL,
-        0x04d33fb384e53d7L,0x0b8d4f6c0aee24fL,0x04bb6b70f5ac3a1L,
-        0x1a995fc49c43053L,0x0c92272066bedb3L,0x1668b704906b500L,
-        0x0cb4d07043b7727L,0x06fcfcbe764d819L,0x0ca36933c79df20L,
-        0x1bf2dbcaaafb1a8L,0x0b9d835b405ca9fL,0x1cdb190c4b3159aL,
-        0x1b02a6a69b38675L,0x191e4463a5210ffL,0x02bf515a5f8c615L },
-      { 0x0f5e1628aa0f2f2L,0x13ae287235e5500L,0x1e6a928b10b631fL,
-        0x14297544052f568L,0x0943cc2eb4f308eL,0x0ac4025480de8a3L,
-        0x03df2ec497fbbbbL,0x038ca0591f33a30L,0x1e53539191580c6L,
-        0x113c03493880f71L,0x090287ea9c9c5dfL,0x1c0498eb62a6f41L,
-        0x0b538f1c2232edcL,0x1f183e976d11b30L,0x0bb82d135447a62L,
-        0x1e60e484edc8137L,0x1c9a78c39277ff1L,0x0302405a3753c9aL } },
-    /* 81 */
-    { { 0x1087d663872ece3L,0x0df3ecaadb87c18L,0x1f1e73e56ee17caL,
-        0x1bb7ff4c436a169L,0x0022ba5dbae3b58L,0x00a24e0730e9407L,
-        0x15215e2b9445d06L,0x01c162650819eaaL,0x1800ed1b6b8ce0bL,
-        0x0effeeabc6aef1eL,0x108dd1a695ad1cdL,0x06d31b2215cfefcL,
-        0x006313c7c7d5e32L,0x1496f4f2db7fa95L,0x08442ed68bf8836L,
-        0x0de4683668fa7a2L,0x0ccc5905edb40c1L,0x003ba5069cd47c4L },
-      { 0x0e181abe3b6c106L,0x10b1fc6f0a85b9dL,0x00bdbcd520d93afL,
-        0x06758f582d9eeb7L,0x091722afaa0d206L,0x0a2aa9ae3403341L,
-        0x18fddce50798445L,0x1b42e24fc717ebbL,0x132cfdf031afb41L,
-        0x1449e48c3de4331L,0x119d1298b272671L,0x1c5b2c58328eea0L,
-        0x1f378cdf4c96866L,0x1a03fd19244f646L,0x04a4344e981c26cL,
-        0x044e7a6fa42b2aaL,0x14b9623d303bab9L,0x0040a8caa121900L } },
-    /* 82 */
-    { { 0x1236d89fb7b2108L,0x041e656bafcd57cL,0x0c56d3876844fb3L,
-        0x1e062b86c5ef8e5L,0x1272fe3f552aeaeL,0x021f7408f0a076fL,
-        0x0c96e675e6fda1eL,0x0e99cd6a9fa3b37L,0x1b20b0e215b1badL,
-        0x05010a7adc26486L,0x0efd4bf29b3b255L,0x091b3c9beede8b3L,
-        0x0ed64cf17ee363cL,0x1b156d241822fc2L,0x1d32806100a859fL,
-        0x1885a593c37e6d4L,0x074e8cf9d41f691L,0x02d5f90bc61625cL },
-      { 0x177966bf3b3bccdL,0x1f0785f1f065523L,0x0ece31f5410c011L,
-        0x1f28dfabf997070L,0x09ec0e87e77e3baL,0x10c692bcdd53c2fL,
-        0x1f3fb60f155f322L,0x0c3372dcb5e4b7dL,0x14f05d15e98c71bL,
-        0x00fcc8d3bf316d0L,0x1b1e072ea8e0842L,0x0cbbca9b37f638dL,
-        0x1344ed14307522fL,0x0ae57eed7ae82abL,0x1e3d6fcc0d6cc7eL,
-        0x173b28fccfe86c6L,0x048029f7cad5270L,0x00ad68ac3a6c8b5L } },
-    /* 83 */
-    { { 0x0de2eceaa588ae4L,0x15e2c51b8d11900L,0x04d1c48c111154bL,
-        0x1bc963065ba01d5L,0x1689e843afbfa67L,0x1a71741490b1a0dL,
-        0x077147e5aeef587L,0x1a32a840d080985L,0x0c7fe382742317fL,
-        0x050576331a418b1L,0x0e53441c00613f8L,0x12e7fc3f7b0bf85L,
-        0x11fb07435207219L,0x023729c93245b55L,0x1e95bfc8eef6ab7L,
-        0x04bec1b71ba3e01L,0x163104815eb8667L,0x01fce266529740cL },
-      { 0x136b29732ce637eL,0x0af96fae92e6effL,0x14b62c0ab65e068L,
-        0x199f7567d2343a0L,0x014eeb752e5f3bbL,0x0d3c9d306965ebbL,
-        0x085135124610f35L,0x0cc44859eeb9b74L,0x0a20705e788b997L,
-        0x0709660763bf099L,0x0537dad86a6c159L,0x1e08e904b6b5638L,
-        0x013da312238fd97L,0x06986386cab0241L,0x04bb9a779219c9dL,
-        0x1127b79571e2a38L,0x14b5dc638b4668dL,0x0323ced6b111fabL } },
-    /* 84 */
-    { { 0x09044f3b05f2b26L,0x114a5405cfbb62bL,0x18a10a43dabacd6L,
-        0x0604d4b0ef1073fL,0x0e5ff9c3761cfb2L,0x08e2bb3b44935b1L,
-        0x0fbfaeb9b34802cL,0x075b90aeeace540L,0x00cae074ae1bad6L,
-        0x1f248d0eb84ecceL,0x177b5994076704fL,0x19438655dfeeed8L,
-        0x15c57683e81da6eL,0x0fcc6c23a8424eaL,0x166959278e4ba73L,
-        0x13165f5af305ec9L,0x097f7c3bdb7a37bL,0x00ff04fca784302L },
-      { 0x1a7eaae7648cc63L,0x11288b3e7d38a24L,0x08f194fd15644faL,
-        0x170342dd0df9172L,0x1c864674d957619L,0x0b2ccd063f40259L,
-        0x08ca3f2204d2858L,0x13c6cdd52d214caL,0x1415329604bc902L,
-        0x1cf0cca57155695L,0x0a3149fc42fbd7bL,0x0b0d8cf7f0c13c5L,
-        0x1a844cc25d73dcbL,0x1a759b29fb0d21fL,0x0903c0b5d39fba9L,
-        0x17969e66ace0dbaL,0x06aeec7694cfd83L,0x026f4abc36db129L } },
-    /* 85 */
-    { { 0x067d3153deac2f7L,0x03bc55b0ecd4724L,0x1e582adecb56821L,
-        0x0d9fbe9ef3e76edL,0x11ab8f4b00b3005L,0x1bce80e8380f0a9L,
-        0x14dc41fe5235671L,0x180f9329d7904ceL,0x01104d4ee48bad4L,
-        0x0c6705adfe4e82cL,0x0a2634c27ea02deL,0x044b59667d5f8f9L,
-        0x1c5b2f31750244fL,0x126bdf1a6a8f46fL,0x080ad0cf926e9aeL,
-        0x04eb42ec1e98f7bL,0x00c37e36a7e4435L,0x00e4a20c5f31b4cL },
-      { 0x1a2131309dc1414L,0x1b2fe21e49a9ba1L,0x01eb7d7de738181L,
-        0x150ba99f94dfe64L,0x03e995ab6f18b1fL,0x1598017ae213973L,
-        0x1fc5848682792a0L,0x04d056cba372e28L,0x04993c20c20a7feL,
-        0x0e4e5cc7338b393L,0x0b59cffad102826L,0x13c24a36978ab40L,
-        0x14a05338ea3f3faL,0x1d84fb65baede23L,0x10d1824f2d0112dL,
-        0x1d584cecfb43100L,0x1ba97851422098cL,0x0308dfdd95aa91aL } },
-    /* 86 */
-    { { 0x1baa55ef00ad2a1L,0x1d42f0a51486bdeL,0x1da3a4ac5a50a7bL,
-        0x1a23d9026076948L,0x08bd27b267111bcL,0x101e0307212b814L,
-        0x0212bca33ca8f66L,0x04176f91a5be631L,0x1e2ea1462e3aaebL,
-        0x1a9ac0221dc2ebbL,0x191209553ba6f4cL,0x1d3dcd54331f03dL,
-        0x04c26c5944eb2eeL,0x01558b3e3d2d540L,0x1f8869683bcb696L,
-        0x0531cb45568ec05L,0x08d169cb3b83370L,0x0437362a20759d5L },
-      { 0x1e033210b793d9bL,0x1d6f08eedaf6776L,0x0a49a24c2d93de7L,
-        0x1bfc9fa365ee7fbL,0x12a4dc8806aad97L,0x0bb6ba839d2d8ecL,
-        0x09b022be32f62f2L,0x00cc1695762c79cL,0x19c8300a9dcb1fbL,
-        0x1ad2ca66d4ad9e9L,0x1f5f52cdfab21ccL,0x174441ddf5563f2L,
-        0x06f3e828c8a3d2eL,0x02d5bbc0992c648L,0x0a2d85f20c985beL,
-        0x1705ae4b2e32518L,0x06dcd7196bc3233L,0x041c33f5c8cfd09L } },
-    /* 87 */
-    { { 0x14fe73e22474edbL,0x131ca0d4270d73bL,0x06b671b75b8ca9dL,
-        0x0a29f17eba4e065L,0x12267b9000c4a41L,0x0927d71e71751beL,
-        0x06de049d4c05447L,0x00cf829b0a84c74L,0x020c8401b1ae0b2L,
-        0x195008d840fa4feL,0x048fee5671b7e3cL,0x18f9001c3a0c3d0L,
-        0x1824259a9aa328dL,0x1bf7b61bac3b51bL,0x0f5327c8eb6a2d6L,
-        0x0713e047ed6dd52L,0x19e89f5414dffb6L,0x025935dd1731459L },
-      { 0x10b1cb45d318454L,0x1ba4feba1b65b69L,0x1c995a29d18448eL,
-        0x063909fa3c62218L,0x08403d55c85de12L,0x0fd5fc52fc6b730L,
-        0x17380e56db84e6cL,0x021fcdad18679fdL,0x11d90381f94b911L,
-        0x054754096e6375bL,0x00104dfa4328afcL,0x180f9144b8b4b3dL,
-        0x1a5d84663cbeb5fL,0x0885b53e004e129L,0x023e35402c541ceL,
-        0x03ccb0c0fb49882L,0x1c602c3d9c3cb90L,0x026b4bde2964b0aL } },
-    /* 88 */
-    { { 0x0db1ef0efa8fb40L,0x10e2dadd1cc4e70L,0x0c560274677ca40L,
-        0x06982433c351adfL,0x14ef05e26b787b7L,0x0bcb71320bf0b40L,
-        0x1086d124d0b6e3eL,0x06c5f0f14bd7f08L,0x1e71916d7e94a45L,
-        0x00c5dd1d708cb49L,0x1d2fa55da2013a6L,0x0e99f0849f15d8cL,
-        0x1d466ce6ab0a260L,0x049003c5ede49dcL,0x1c3c68ecfc56a63L,
-        0x10b4f3a21fa1a70L,0x180a61241d9e4e7L,0x03b6543d0f36466L },
-      { 0x157fb56e02e48b7L,0x0a589e604f4e321L,0x10d4901a73c3ef4L,
-        0x1858760353b6be4L,0x06956dadf878165L,0x0b05b472a4f3e27L,
-        0x1194fcbfa54e2efL,0x1372a5f0ad60b3bL,0x0d3f60225b377feL,
-        0x10639945ff48462L,0x0a8b4ef23d7cb5aL,0x08864884a0a19cdL,
-        0x0a3d3b3ce5f7213L,0x00b3ba890bf0933L,0x1ee2529d6d790ffL,
-        0x1c6ea2b24e0c46fL,0x1be152607532be3L,0x013f3f96336d1dbL } },
-    /* 89 */
-    { { 0x18f65ade6a15883L,0x1f3463357ed99b1L,0x1aaf4fc4b797529L,
-        0x006f70f020c40f6L,0x04acf6d31c6ff95L,0x1f3c61606a26593L,
-        0x0603858eb1807caL,0x13638c798b42c6dL,0x03e92cfe895c934L,
-        0x19c706c20f63910L,0x075d90b57ea585dL,0x0d8387c051d2c2dL,
-        0x06b16d54092aa77L,0x1836fa6cc9ee2b2L,0x071ae5e82c9fed5L,
-        0x0be813d3222e19dL,0x128ea8e42be53c8L,0x00174b21bc19232L },
-      { 0x1540addae78ea1fL,0x0dba6bdb3874b48L,0x1107dc01a099468L,
-        0x14faea418ff326cL,0x09ce12e18f97d6eL,0x1041a107d535013L,
-        0x110d89642b2a1e4L,0x11ef49070c6eac2L,0x007c6149ef38140L,
-        0x19dfac26bc29a03L,0x06c0426aeedbddcL,0x093fea5141350ecL,
-        0x182e00ae3ce4eb2L,0x10bc77fd043c0f6L,0x144e9fa19306c94L,
-        0x00c5f983cc5453aL,0x07dedb8b94e1919L,0x039cfa9ed278b29L } },
-    /* 90 */
-    { { 0x05f4a88924adc5fL,0x0360b540c7ab6bdL,0x04a5de57e552559L,
-        0x1ba338a8001d892L,0x005912b42b48753L,0x1d24a30b7d11b59L,
-        0x14199acf597cfa1L,0x0814e2e940208bfL,0x1b635031312a5e1L,
-        0x1ce25a254b5c311L,0x0e75966ac00f569L,0x018c704de634f46L,
-        0x0c6f7090cdc72f3L,0x08375f125a739c8L,0x091416966b1b0daL,
-        0x08274734fe0db77L,0x084839991e1c58cL,0x0010611ffd10707L },
-      { 0x00e4adaafc74661L,0x1e7b193bfe03289L,0x13dadb739e64deeL,
-        0x06f62c374282093L,0x09610fb25b8d6b5L,0x0ef3b49110c218dL,
-        0x018c37a7b27477fL,0x097a657f49a85b0L,0x13885702a6244dfL,
-        0x0f6e8f6a2ac96fdL,0x17d16fed3806e33L,0x1da50dc42b601c3L,
-        0x076a937e6a8f4bdL,0x00987b91c049aa4L,0x0a087e10549e2eaL,
-        0x09f158db88d2471L,0x0ef2207b119fd8bL,0x03b73dfa9fc934eL } },
-    /* 91 */
-    { { 0x112842827ebd187L,0x19055db2d56ddafL,0x1969c8961a5634cL,
-        0x131e130d576084eL,0x0ebff503da3f33fL,0x0fb8d2a08c03d3dL,
-        0x1c92c971ddb2a09L,0x16981bcf7dbfefbL,0x1da8b0f42165f1fL,
-        0x19ffb9bb98f9d71L,0x075f9c64f829497L,0x15476d67748c99aL,
-        0x17aa1f37828df84L,0x13b99d63dd425c4L,0x0606885b9e58333L,
-        0x101da9a8dad56a1L,0x1091ec12c257cbbL,0x03cf3d69395cb77L },
-      { 0x0d970dc8f30caaeL,0x15e7885375f7a1eL,0x18fb1c5185b6172L,
-        0x16a33c7530c7830L,0x04cb13d61c50db0L,0x0a3db4f9cdc4b1bL,
-        0x0c3337d9f607c89L,0x16ee2af5773acfbL,0x0ccca25ba889491L,
-        0x144903e3d13f06eL,0x1a3ef83f50ca07dL,0x1ee6ae41d812695L,
-        0x09cdfd7beda5d91L,0x0501cf19597b0c8L,0x0363f707b0408c9L,
-        0x000bba787acbdb6L,0x09432c916c84fe5L,0x03fc61bd62605f5L } },
-    /* 92 */
-    { { 0x1ec1e5443ac05e5L,0x126d266c69c1299L,0x102e22fe78af692L,
-        0x016a7023b90db11L,0x03c3aba434d71ddL,0x0b08df32a820695L,
-        0x13e80af102526d8L,0x186385a84dc4f34L,0x0535a5aa23b065aL,
-        0x1545197e2975448L,0x17b29e7f76b48b6L,0x0bfa556764deb4bL,
-        0x1bf37cd81e911f0L,0x0868b5c62ed673eL,0x1d625383839139eL,
-        0x14e9e2bcd15dbc9L,0x02fafe04999fc92L,0x00ebb81d54b873eL },
-      { 0x0a4c81d3f0062a9L,0x1595c6cb5105d54L,0x037e192f44078c7L,
-        0x0488276c28cdbb3L,0x09a555f8ba05f59L,0x05a968a8d33d06fL,
-        0x0ac8eb30bc25cb9L,0x03756bb55d8e309L,0x0ce08b43e7c7f69L,
-        0x1072985bb6213faL,0x1481a7908faf714L,0x13d069be299cfa6L,
-        0x15446305ac6b5e3L,0x1f1a66e09ee5f94L,0x07d6beda0b2cb87L,
-        0x12df3a9588ba222L,0x071c5ef63cd47f2L,0x00516207649e104L } },
-    /* 93 */
-    { { 0x1bc384faf5747dbL,0x0b04360355c3584L,0x00ba79f0551ceebL,
-        0x02ab2ef57f480d1L,0x1a81deb02d5326dL,0x05b088831d4d02eL,
-        0x1ae426a1b929d49L,0x1742805f0f49565L,0x17d0721d4d5c600L,
-        0x117ecd4f944fedfL,0x1399b7b379bc1c6L,0x04efb573f4e7ebbL,
-        0x1f6c474bab62171L,0x1b776819b696e24L,0x0a0974f7005f87dL,
-        0x0bc8772e2eb809bL,0x07e6c297e3d54b0L,0x0177da2a32b64e4L },
-      { 0x0712b008b21c064L,0x17f212538314f52L,0x0d026dd3c2bf461L,
-        0x06fd93cc52c86b6L,0x04c60d086965aa4L,0x182bd56ed0a339eL,
-        0x1bd802d9599c2fcL,0x02cfe0bd08079d0L,0x0c05073a904401aL,
-        0x158f31c14a7303fL,0x00c949a73dc1185L,0x0837d19cfa7440fL,
-        0x137577053d29411L,0x05533186e9c56c6L,0x1410d436e9a3ecfL,
-        0x0ec17d97d5fe3d2L,0x1e49f5166d51d2dL,0x019ba9967231448L } },
-    /* 94 */
-    { { 0x11118533a00bb9bL,0x1fdd722fb33429fL,0x0a1752bb8934b4bL,
-        0x1606830add35c23L,0x0731349f18ba1e1L,0x0b8adad4d640bc1L,
-        0x14bab04f7f52951L,0x14f4bee8478bb55L,0x130a483b9535b76L,
-        0x174d6d27fc39f4dL,0x18b611c8e841564L,0x12f71db589c02acL,
-        0x1a39d8fa70b9354L,0x0068ac4fb0db220L,0x0817c2855075d59L,
-        0x11210c532846fe1L,0x0bffd8b00346bb2L,0x00c9515aeea6699L },
-      { 0x1576628365ced07L,0x1997d82ef0e8fb1L,0x06f2fd029ea80a7L,
-        0x11376a148eda2f7L,0x195a62781b1b2a0L,0x07e0cdc9c4d5ddbL,
-        0x01ce54b3fd83ecdL,0x1ade757292470fbL,0x0a8f053e66920ccL,
-        0x1796ea5b1d4da78L,0x03b78547a084a4fL,0x181610717f43356L,
-        0x0c9ffc11beafba0L,0x0ae6043c15ead3dL,0x10bc318162ff656L,
-        0x06374d0da9147f1L,0x068c33abaaf1d9bL,0x0319711449de061L } },
-    /* 95 */
-    { { 0x0851d2015a1cccaL,0x114863f2915e18eL,0x155463aac14d3bfL,
-        0x0f790bc42e16e83L,0x01cf8b29ae65619L,0x0a423c57098a0f0L,
-        0x162b8b8b2d64d9aL,0x111d6af761f8637L,0x0decef5d6c264e7L,
-        0x1d42b664e5cb6c3L,0x05a04c9e460f69bL,0x1040707af2d45b6L,
-        0x1f1d0c6fedf03f3L,0x05355ecdac522b7L,0x1e5bc6495626016L,
-        0x13d4e673ea58b07L,0x145cf6ded8fda7eL,0x03461ece0ae8e66L },
-      { 0x1e26265e6b392b7L,0x0ecdfbbaeca84b3L,0x13535d9453df3b0L,
-        0x041bce5c39c2d57L,0x1adfb033d86f59bL,0x122be6533721e68L,
-        0x16a8b6cd10d0017L,0x0636cf4f22cad03L,0x1c32e7babf01147L,
-        0x137f0b769d8f4b0L,0x18a63bd8f49b981L,0x1bb0a835badb249L,
-        0x1f9982f9719bea0L,0x02f83b5677ca806L,0x0f4e5ad721db98fL,
-        0x0e8f4abc255cb64L,0x0a509efbb362ec6L,0x047902af7119943L } },
-    /* 96 */
-    { { 0x04ab9e3b82c1af0L,0x0f4f3f965713225L,0x10298061f51bf19L,
-        0x0bc72766c69fd55L,0x019bacce27d3f33L,0x153308ce4fbe004L,
-        0x0ba54fdd062d6e2L,0x113ff528aae6e55L,0x0937d78048db385L,
-        0x086436fb78fde0eL,0x1af6268bc2833b4L,0x1f446ce873d6915L,
-        0x0b3f17d2d8ae5d5L,0x008ecc4a081d350L,0x02d9e8bc8cfda29L,
-        0x17e0cffd9d16643L,0x02e0422540f2319L,0x0094964649a0699L },
-      { 0x1eb55870386463dL,0x1e15901b8ecbffaL,0x15c42e06716b52eL,
-        0x0d9e095a82366c8L,0x06939ec10cbb42dL,0x0c23f3aec0ce3b3L,
-        0x0cb921d16b04e80L,0x1009ee0960438e4L,0x12c9e58a0acb057L,
-        0x091dc59dab0f14aL,0x137c01e7e6e8d65L,0x1f843d552c50670L,
-        0x0f8aea2b9078231L,0x1868e131d17562aL,0x0ce400201d7b5dcL,
-        0x0527559689dabf6L,0x16492546ac2f011L,0x03e3c3b15f5c10bL } },
-    /* 97 */
-    { { 0x0f7d6fb067902b6L,0x11d21e8b9acc05cL,0x0c4965d07776ca0L,
-        0x0e8067f2b80c59fL,0x08589b8c6e391b0L,0x1148791c18e851bL,
-        0x07ceb8d1d352548L,0x0729b5629ac445cL,0x18f00fcde53f08dL,
-        0x0cc8bd7383f947aL,0x0a82e81a3981f15L,0x07cfafc3f0482cdL,
-        0x004d6a328f60271L,0x0c4866953e12aaaL,0x082c82834b8c992L,
-        0x1c139e440f289d9L,0x01d5c98dc0752f4L,0x034a01a826c26f4L },
-      { 0x0b7b366e5407206L,0x1aa6786c47d467cL,0x1523dc9cb9bc7b3L,
-        0x05035688d0dfdfcL,0x0e474408d653137L,0x0839bfa965af872L,
-        0x141c67909ace992L,0x15e4aed83369301L,0x191f346280f272cL,
-        0x0730527a34798e4L,0x1a8ca642113625eL,0x001972a2b0570eeL,
-        0x0514b1adbf8a557L,0x1de9a1f7d58d79bL,0x1607cd08baffe4bL,
-        0x061c265f3f6036fL,0x146ad850e06ba6bL,0x036d4f013de2fcaL } },
-    /* 98 */
-    { { 0x1eee4c25c9490ceL,0x1625186fb41c090L,0x1f8292a4da3aa5bL,
-        0x149784c5e7cd8c0L,0x060c34ffd8b0492L,0x0f99e6842351082L,
-        0x1d84bdffde990a3L,0x002218aa0884304L,0x09d25fce9149bcdL,
-        0x12b08e6e7e309eeL,0x1dfa225fd47395cL,0x1e629d18116a2b3L,
-        0x1575e7538f3fa3bL,0x08e42010750ab08L,0x00ab42b4782a546L,
-        0x11cbe1a44d1759eL,0x112a04c6ac4058bL,0x03b9da05cd9a8acL },
-      { 0x0ff2cdc3631cfd2L,0x06169c03b9bde00L,0x05a8ce2949c0531L,
-        0x1b665957bdac00cL,0x070b17cad0e3306L,0x19a9f719b39c755L,
-        0x0eb4fcbd2aa35e7L,0x1c0e25ed5b2aedeL,0x0e427985289b2bcL,
-        0x0ec7ca6ed496518L,0x0751d76124b7641L,0x0b949a2bc97b312L,
-        0x0b254eabbd3e06aL,0x0076a89e2392ea7L,0x1eab9b0c4e52b3bL,
-        0x1a26efc1f30b377L,0x175dc125546833fL,0x0095a31c2e2b627L } },
-    /* 99 */
-    { { 0x10dbebd932951deL,0x0cea12d534e4a40L,0x1013b2cbc2365a5L,
-        0x1844a17058bf893L,0x1aec4e1dac74f0cL,0x04cd66cb521cd29L,
-        0x0cebf0cf2ae6a41L,0x1165f99bccca9b3L,0x0f4af285c3863aeL,
-        0x1b99b9f237f5fc4L,0x159cb0f26adfb48L,0x0261fc240418ea3L,
-        0x0f52f3e56ec1c51L,0x12532540d6c1201L,0x1c58fc8d226adeaL,
-        0x0662e143f6cc3b3L,0x01717c69be10e55L,0x030e0c9af3ec46aL },
-      { 0x0722d9b3492ae43L,0x04eca829c782d17L,0x1620802aad8c7beL,
-        0x01d749622f5cefcL,0x1a461cb82872c12L,0x09c7932e1219641L,
-        0x1f700c56cd0d32eL,0x11a0b7e558b1898L,0x0d2e501dd596b37L,
-        0x028364fe5c48618L,0x0bd185f0d87c32aL,0x0e30b46b975c7a1L,
-        0x11f3fc013821f7bL,0x0592476fde881afL,0x1272b81d18a2bd6L,
-        0x10ee71ac843a091L,0x19475e3da392ca1L,0x013d686f938e9edL } },
-    /* 100 */
-    { { 0x03bda79305b5aedL,0x1ea522ccc6b53cfL,0x074c3dfadc00b19L,
-        0x1c28fa388990abcL,0x089540edc18a7e9L,0x15fe901f54cb0c6L,
-        0x110de94ef8829f9L,0x18d9290fcc9d982L,0x17297920734ef85L,
-        0x106a738eaf0f5eaL,0x0ac79935235adbeL,0x1c0acdc401a9fb4L,
-        0x1a5a5366a1782a1L,0x0d239b9c151e386L,0x18083a3f8fef4acL,
-        0x16ccbafdf180cffL,0x02fec686fdeeacfL,0x02ecdaf13b6e8aaL },
-      { 0x037c5a5cb3e472eL,0x1ec939850a02f1bL,0x0b96d1261560854L,
-        0x1be73410a201332L,0x15c6c56018f00ccL,0x01aa071311be08dL,
-        0x0c611063b50204dL,0x0d7fdef97e0fcfeL,0x0ecd92366bf4857L,
-        0x1badf0d5e4a648dL,0x1de379285889d86L,0x0fa78b8d79711c2L,
-        0x075ab71858c52e5L,0x1fb71cfcae61c16L,0x09cd7f384b0b0a0L,
-        0x0b32c98fc1de5acL,0x166e071deb1835aL,0x0127c48e6e5dc63L } },
-    /* 101 */
-    { { 0x0ef60bf6778c1e2L,0x0e01e806adf2e12L,0x01b8bc06827ffd2L,
-        0x095c12dcb1d8233L,0x1077984c59a728aL,0x0652d2d55de76dbL,
-        0x038f7ed1cef4a1cL,0x195192518c29bc6L,0x13fae7f9a4f67abL,
-        0x1e15975f610d4e7L,0x1c358a7366d77a0L,0x14b38c1631bf5f4L,
-        0x1e4049b54cadeaeL,0x16e98871eaff7bdL,0x18c8733f3baf1d9L,
-        0x115eaee91dfc71eL,0x012fe9c32b118eeL,0x0431d61e7ea16fbL },
-      { 0x036fca7b85a2fe2L,0x1868477214ee305L,0x08245070e513cf9L,
-        0x0cce4e541519374L,0x1968bd06306a810L,0x1e301ef34d0aaafL,
-        0x193eae1bdf91c54L,0x0992e0cc295deadL,0x1c0dc36b898780bL,
-        0x1b2bff11d0e9931L,0x05ea190d548b250L,0x0feddbfdecf203fL,
-        0x146daa17a0d9189L,0x02d667def5df18eL,0x07f0779bc5e4402L,
-        0x02859c1b4dc651fL,0x05a1c9d53dbe1e7L,0x01f1f8d8f45c339L } },
-    /* 102 */
-    { { 0x1ea15c07b7fbf05L,0x188db0f8d1c415bL,0x056b477346f264bL,
-        0x155a1efd1793bbbL,0x1ca7ab7931f5b7fL,0x12adf3149b72f5fL,
-        0x19550c3d05f7066L,0x17e3ede9c86879bL,0x0971f5e6582f044L,
-        0x1e1dc7221446204L,0x0b167ee01fd5d5cL,0x05bb0316b1e0c35L,
-        0x0097a3b0d3a64eeL,0x01ca582c37bd053L,0x0cd45f62e17b320L,
-        0x07e0d340b28e97fL,0x02589ad5977a79cL,0x04090476c380540L },
-      { 0x093509914c4ce37L,0x1dc21d0d5245308L,0x0091603563a3cd2L,
-        0x1366eb71750c00eL,0x0d3bde836db42c4L,0x0919db561b2a927L,
-        0x051bd548786d192L,0x15d78f98baac9bbL,0x19c14b035bfb5b6L,
-        0x1915d0c00a360d1L,0x0beef21c8853d5fL,0x0fef69242ec816cL,
-        0x01cb4d6df13acfdL,0x11300548aff886dL,0x16459fd98389881L,
-        0x14332f58fb53b03L,0x1c26e8e260cb6e7L,0x0221c1fdc406f59L } },
-    /* 103 */
-    { { 0x107f01de44f9af6L,0x00d26c658fd0e70L,0x0fb3edf7524cd8eL,
-        0x144d51073fccb7cL,0x1ec789d8d0b8435L,0x062f0ff7307c8a9L,
-        0x0a073897fa940afL,0x17008ef818afc89L,0x1349e9f83230ba5L,
-        0x0a17997ef0c06ecL,0x0e7abd928f44737L,0x109d7d6e1075160L,
-        0x04f12742cb80ef8L,0x190501311447306L,0x14eddfd1055b315L,
-        0x074b39aa8fbcce4L,0x0459829a6eca601L,0x04577384786aa42L },
-      { 0x0f22d9c32c54409L,0x1fd233af5d5620cL,0x04a218a12606a7aL,
-        0x1ed6751c1921c5dL,0x1d77641ed0201f6L,0x0b82bae4b980b65L,
-        0x13807e49bcbc1c0L,0x0089308091ffd81L,0x0bf696211f319d3L,
-        0x05ae422648d4462L,0x03ef3b800c2a09dL,0x0a4bc9edaa42988L,
-        0x0c29d67d1ebed67L,0x010e9a9b57bf23eL,0x0ca5017e8c1f6e3L,
-        0x100bead6d88d577L,0x1a0f059a7e3033eL,0x04b87b0ff304b52L } },
-    /* 104 */
-    { { 0x1c53d231bec8e4aL,0x0d60a1ad301a60dL,0x076942791936202L,
-        0x1b1491046a9dc10L,0x125864b6496ae1fL,0x06834fd0d74c319L,
-        0x09ad2eb284fa5d3L,0x1486e7198b163b1L,0x15fa71f58e76b9dL,
-        0x08cdf4463f58b7dL,0x03c4feb5390a772L,0x0ce24933f3dbeb9L,
-        0x15a10d8bd74583bL,0x0bc85dbf5e71008L,0x0ade377d9b5d815L,
-        0x0abf5262d5dbc90L,0x0a7e0d8fb2d75f8L,0x02025adca2d3ee6L },
-      { 0x1ee682a517a15c7L,0x067de77c401017cL,0x04e5441a8d52ab9L,
-        0x042e1fd7cf9dc58L,0x13d0c54b5de6019L,0x08495bac4f1cfebL,
-        0x1f97c6571c4d632L,0x0f396fdaa7e14f7L,0x12bd9242af61cc9L,
-        0x09778b629cafbecL,0x0b0729c2ccbc263L,0x04daa5a30b821a9L,
-        0x0a942d6195a5875L,0x128058561499582L,0x0bf48c3f896a5e6L,
-        0x04a78bf43e95cacL,0x00260f55af220daL,0x03fd508dac18a30L } },
-    /* 105 */
-    { { 0x0ba4f0c6e402149L,0x0660ecb1e608cd8L,0x106a9949d1d8d61L,
-        0x0b92ae2be4ee81bL,0x1f89fb0e3f77ff7L,0x0df1ffd9791a569L,
-        0x1fa09545640cbbeL,0x127f93f643a0846L,0x1eb2eff38a153edL,
-        0x0ea9d7008020e89L,0x19516dfc6f60a22L,0x0f9c872a7d4b9e5L,
-        0x14d85e75c8dd4a2L,0x120df0e1806972eL,0x1080cb7ae4fb588L,
-        0x1ce023ca7e4be04L,0x0bfb9957636c3a4L,0x00a5b1d2976cc7fL },
-      { 0x010b55371c43336L,0x1ea5311d24125bbL,0x0b800a18146c677L,
-        0x191ebe3db6f72f4L,0x1b67daad86abbb9L,0x0ffd7db3d2bebbcL,
-        0x0f18e2b3941b735L,0x0a10bb53f2b1358L,0x0081cbaa875a3d1L,
-        0x19a9ec7f49a3769L,0x0d87c687e680b40L,0x126e74cb38e3655L,
-        0x0b4f5df8a1b0cb0L,0x15bead0edbf0718L,0x03973c1df131d07L,
-        0x0e3591e08d938e5L,0x05532dd0bc7f7c1L,0x001242c39c1b693L } },
-    /* 106 */
-    { { 0x140dd2375a4cd8dL,0x05219cbde5d3c66L,0x1610963587d44cbL,
-        0x13b43d1cd0618b9L,0x1d65d40a0a7ec05L,0x1a86bb03d478b88L,
-        0x0b90a1a79957bd0L,0x1a17319cde0b307L,0x17b61391d9d8bebL,
-        0x1294f12d8dd2ea4L,0x1ccba47dacb3d8eL,0x18d47f476c528deL,
-        0x0cc3ef0ed2bd66eL,0x0f845a3b1cbca87L,0x16838bbba40232dL,
-        0x1790ffad7c84b2cL,0x1ae78ed513c1177L,0x033cc676fff2896L },
-      { 0x1e3f8fd1b97c5c6L,0x1d59f3c61d99fa4L,0x104903d656e8e7eL,
-        0x12bafa86ec884e8L,0x19c44777174225bL,0x0b5922c4059fe63L,
-        0x1861370eb2a0ccaL,0x0e4ab227bee2e69L,0x1a4db23d39c9344L,
-        0x15d9b99e8a10508L,0x0833e7cd822f733L,0x19ec619fc27f73aL,
-        0x115f30874ca618aL,0x0f8002d2baf8359L,0x0ff276d41bbf9feL,
-        0x0f883155d4f1803L,0x195f9179255f78eL,0x01f53d7692974b1L } },
-    /* 107 */
-    { { 0x0617e045b06ae25L,0x00a46e5aba877ccL,0x1c398130ae8af2bL,
-        0x16ed6f12eb23d45L,0x051da18100c19f6L,0x02b82dbcdcdb683L,
-        0x16fc7cc896faf25L,0x0da61686be6b800L,0x1440b4482bc24d8L,
-        0x1c784cb6b1b9bbbL,0x15b1587112d370aL,0x1dcc6120d332cbfL,
-        0x0408aa1ec1e9405L,0x1e97944a8cff849L,0x1d19e5fbbcc91a8L,
-        0x0befc02d86ecb78L,0x04462d2569fd070L,0x0354569ce029280L },
-      { 0x05f020d46be7282L,0x0d7f6909c078972L,0x16f75769ab42501L,
-        0x08ff17cc3c99b94L,0x196b8178c2d6f18L,0x06fcaa100994a9aL,
-        0x0ad3634ec79edeaL,0x0aceaf8c37672aeL,0x0d749b57b80cc3bL,
-        0x0c87fc99bd9fff6L,0x0ed94c517725365L,0x0c0c466bcae6737L,
-        0x17f763feba70c1cL,0x0630db994e17396L,0x1cfcb291da39093L,
-        0x0b19aeefa5f4d54L,0x1aadee4dbaac5cbL,0x00d0c08bcce7d70L } },
-    /* 108 */
-    { { 0x16ff62f77575ed0L,0x0a7d4be8ed4cdb7L,0x1beda7bf5fd863cL,
-        0x17bb850c665ce55L,0x186c5834c45ab4cL,0x1baeec587106a42L,
-        0x112634e5c0468e5L,0x1b002619011e826L,0x12d408ebaf5115eL,
-        0x083502e01306f6cL,0x0dcd88672ae4471L,0x118dd0d2750d3cbL,
-        0x1fcc7736174cf50L,0x0aec4e51a738922L,0x1eef260bdc6a87eL,
-        0x0ffa49774f8d4c0L,0x1a8f3a515e7212bL,0x03e96ee3ac9187aL },
-      { 0x105816d4ed2cae8L,0x15e3edce001bb9eL,0x039991ac235133dL,
-        0x0297380301847d3L,0x0f9179c1f9ee6c6L,0x0cb445708e4d09fL,
-        0x1c29e96d851fa3bL,0x0eaf5fd6c91a0ccL,0x0d670333c176852L,
-        0x04eecb4bafcf479L,0x1c8a34de9a2b7aaL,0x1abc8a99630d76aL,
-        0x0f063dd55021a05L,0x065b6579a4080acL,0x152af9e4b753c21L,
-        0x13aece189b0a4f0L,0x0ba845969dc6e72L,0x02d297c3d58dfa0L } },
-    /* 109 */
-    { { 0x1019e9109ecacbdL,0x0011ebdc4def576L,0x1c2d5c1cdc79951L,
-        0x082d91c42ef98a3L,0x01259ab514832b0L,0x11b0ea58d533414L,
-        0x170a9b8403e488fL,0x04dcb27ddd3c752L,0x1699b6bbd16c10eL,
-        0x0a43c39ca39d09fL,0x053716c9d261f2bL,0x00ea4ab3c5d3e38L,
-        0x1dc3d47ad257dc0L,0x0ea93bc9c224c24L,0x1f56e660f7c9e2bL,
-        0x00540ee1c7d91ddL,0x1fe2ae5844676bdL,0x00bf813b21f382fL },
-      { 0x1a4010d29abea1fL,0x1cb4a9203d6266eL,0x04a410cc862d8daL,
-        0x162c7aa6952d4c0L,0x0cc20565f221fc3L,0x142abb82dd0adf6L,
-        0x0134c48e3953658L,0x1c8362884af0f10L,0x196fbf304a89a9fL,
-        0x053f83625f32158L,0x0883a1b8ac217b2L,0x0f85fe94b23bba3L,
-        0x13a4a343b88f7f2L,0x1d8b9ea6e0bd83aL,0x101eef9a12c7a22L,
-        0x03aee7599d4887bL,0x17edb15c88d4c44L,0x00778184d29f2caL } },
-    /* 110 */
-    { { 0x1c25721fa8e5b60L,0x09c56b48e05d927L,0x0dd82c28892191aL,
-        0x04fbc2d0efc8da9L,0x0721c630863f9acL,0x13fd81281ddb779L,
-        0x0f4e7e306677c2dL,0x1b4f183dae5c0f5L,0x1cf9deb7bb32f0dL,
-        0x1fb9378361e44f9L,0x022cb465c8896abL,0x022e9e28beb96e0L,
-        0x0c457c4f378f5a6L,0x0e229e32270737cL,0x1a4b2022ef6a910L,
-        0x06ac2af7c64db4dL,0x12aa9bc3fd95d77L,0x01e9db6635d9bdbL },
-      { 0x06f12cc9722c880L,0x1b5739435b444b7L,0x026eb4bebfb0e86L,
-        0x14877717df74398L,0x17c3f4c3ad64ad7L,0x09d48dd2d7b5004L,
-        0x0fdacabf2c3670dL,0x1219427f956d399L,0x1699a1391f2abc1L,
-        0x0deaaa111d123f2L,0x18603e55223668bL,0x17fe24899879c40L,
-        0x1e87d3a365ba9e7L,0x1d2652f11494bd5L,0x0f86db10153e8e3L,
-        0x034896720c47acfL,0x0e71fa67c5778f4L,0x0174a3721e3daa2L } },
-    /* 111 */
-    { { 0x180fddfc60934aeL,0x13f7f8b21036894L,0x1e5905bb5d68b0fL,
-        0x06b9a165b9eebcfL,0x1faad87bfac60cfL,0x04f2eeeee25f670L,
-        0x1c6b9d4fea1f261L,0x0978baa2d465837L,0x1565dbea814732bL,
-        0x03f5f1d672434b5L,0x09d35b36e5da500L,0x04e0cbc9cf7c819L,
-        0x013aac4ebc3f5cdL,0x01eb61d0ba423e0L,0x1e81da99d8b80d1L,
-        0x0cefad21b192a8cL,0x0c2768d78d61edaL,0x004cbe72a80c0ecL },
-      { 0x097746c965a0b81L,0x0c5f372f096fd49L,0x0f11c57d0dfd22dL,
-        0x0f6acb88b2aae76L,0x1582797ce425e90L,0x12a3a7a7a1fa890L,
-        0x012b3976be9be3aL,0x10655d71f7c27bcL,0x0ed7f95f0e8a07cL,
-        0x1009537331604ffL,0x1ba6e31d0b3c5cfL,0x0b35c514388b7f2L,
-        0x145cf4e2f38ea57L,0x1c80d00ca3aca0dL,0x045acb9f74f00b7L,
-        0x17311cf49bdd4e1L,0x1e650b272b52fa9L,0x04b7cf84fe848bfL } },
-    /* 112 */
-    { { 0x0e8aac42c310a96L,0x0c181fbd1539a3cL,0x00f48e58881ccaaL,
-        0x1db2a8250188d95L,0x0cabe911ad131e6L,0x0db6342bc8fe2f1L,
-        0x021e1432ddfae10L,0x19d5ff27bd47a79L,0x106541f1df1007bL,
-        0x17394e12ae6f8feL,0x1c4c5cc8f8e5c93L,0x14835a9a1183c1eL,
-        0x1fa35e22bfa2de7L,0x04d81992d4c8955L,0x145353a814048aeL,
-        0x1c157173ca3e80cL,0x0a5423c7aad79d3L,0x038ccc713205c7fL },
-      { 0x0140fcdceb6ed78L,0x079bb8c29a28b20L,0x196ba358373194fL,
-        0x0d3b58abf008a16L,0x0e05686cce6c1a7L,0x1892b1454b5496dL,
-        0x05094bf911d8849L,0x184e8f796a149e7L,0x0f0ec6ff2fc531fL,
-        0x0be1a23887f4ff8L,0x021e0e71e4b3ff2L,0x049004df6033f69L,
-        0x1cd804c290552c5L,0x1ae46539a000d14L,0x1977e81d0ad6b60L,
-        0x0956386f03e2eddL,0x0acca6b85f03dfaL,0x041c4ca0d058699L } },
-    /* 113 */
-    { { 0x0f062a2de067dffL,0x193485e5c00b160L,0x04341c1e8af753cL,
-        0x11f5c94723319b3L,0x132ad8145afc63bL,0x0cefd8b4278dbddL,
-        0x16122c28b738bc6L,0x0c444c1c2fe91e4L,0x17393db00c2d5e8L,
-        0x1447c2a19c678b8L,0x1e50a40ab3d48a7L,0x1970d06b5e7a00cL,
-        0x12b8a2614c19157L,0x09a7623617d537cL,0x1ea04d413fe57d4L,
-        0x08e099e00c4ddf6L,0x025454b3d05b37aL,0x00fdfed18934a76L },
-      { 0x1ebb657c8f69c77L,0x013c5d1efc47d7eL,0x15c707ede2d24aaL,
-        0x14238e34668c76aL,0x089958b0d2066a1L,0x0eb3d3086440a18L,
-        0x1ee3ee5d71f833eL,0x0c3b54ba410e606L,0x15ee5005d40bf58L,
-        0x0073673bedd34d4L,0x10f2cf258b31d0cL,0x0c5299f080ab127L,
-        0x1a225c9d700ac98L,0x1c8f23f4053f7b1L,0x0be12fbf86121a6L,
-        0x0f17e373afbd718L,0x19e67788915c0e2L,0x027ca4465621378L } },
-    /* 114 */
-    { { 0x10dfcd4dd51b8ceL,0x1c93c1b11874030L,0x1c70d9665588215L,
-        0x17c595d0efdb8ffL,0x07967608905ead4L,0x1c493650e192ecfL,
-        0x02938f8e7b776f4L,0x149b52590d0bedeL,0x1e16f800af47a0fL,
-        0x05a6dadf2fb0555L,0x1504be60e14f4d4L,0x04a136f2f1386ccL,
-        0x184e0e72b264b62L,0x12aae15df52b002L,0x0a4b846aef52407L,
-        0x0431e6f08334e2eL,0x1926e0b5aaae174L,0x03447034247bcb5L },
-      { 0x1fef641313b8f64L,0x08dbdca163a3166L,0x0ddd70362af6bbcL,
-        0x015e8083520cf9fL,0x0935210f608ea5fL,0x08bd0411eadec13L,
-        0x0b4856ae413f09eL,0x13f0bb763fc8ba4L,0x0c3d5e5094d3615L,
-        0x15da9470e9cdc79L,0x12a0a3d12b3bc2bL,0x15be418af4a9babL,
-        0x1378f95f4424209L,0x1499be9baba15a1L,0x133f6df447e9f66L,
-        0x02fd9acd418138cL,0x06556e55b8f9bb8L,0x00b91e3f1f26209L } },
-    /* 115 */
-    { { 0x06486d8dc8b43f3L,0x1073093204f344dL,0x10df66d1800ff0fL,
-        0x0ac509d8f631138L,0x0a9dbaea3a85033L,0x1c499e2d1b32e23L,
-        0x05241efda5077a5L,0x05a3dab4a20d268L,0x1664a7b7a8cb800L,
-        0x01fbb723076852cL,0x01ae8c7d3afc9d8L,0x1a83e58714ff87cL,
-        0x19cf1db08a296ceL,0x06f3d1db1560c7bL,0x1da2c1b2467a20bL,
-        0x0f96a2bcefa53b7L,0x13a21978baa4e94L,0x0425faa15bb184cL },
-      { 0x1decda9e364f21eL,0x079a280972abf60L,0x0121623e438435bL,
-        0x17c76209717448dL,0x03aef57a9f6dda4L,0x193f54b5fbd1a37L,
-        0x19b1c840a67fba0L,0x08b5533e90fb52bL,0x024ff813ed2cdf6L,
-        0x0edd96945ea0a5cL,0x0406bf2be869874L,0x173539bd7b480caL,
-        0x15e41039e47d9f4L,0x02856fa157a0d9cL,0x07a79278fa79aebL,
-        0x0fe469e42675c68L,0x1534968c0f3cb15L,0x01c1fc13ded0340L } },
-    /* 116 */
-    { { 0x0c46a216583ff4cL,0x02d14a56b84f397L,0x073f013284a9399L,
-        0x0922c14fcbb8cddL,0x169c762e82f128fL,0x16dc73dfd913d8aL,
-        0x1da23e031e58f0bL,0x1994fb5fc0c9341L,0x0b7e417542d14b8L,
-        0x1062e29c36f205fL,0x014a1876de4cc4eL,0x1cd3f7fc0e37e1aL,
-        0x16210e9903b902cL,0x1b81f5dc30f234aL,0x17de2dbebbe1d3bL,
-        0x1d475ecd128fdbaL,0x0256fe865475af5L,0x01d890f8aa1fca3L },
-      { 0x126e847659275e9L,0x00e7eb687e7282dL,0x0ff62a8fc7bd1d6L,
-        0x0bc909cc1cabeb9L,0x1e9698e41e7be31L,0x1823c26c78d107fL,
-        0x16cf89751b6a5eaL,0x0134a4db6eb0699L,0x01fd408d98d08a0L,
-        0x00025902dae540bL,0x18eecd9792efa3fL,0x024aeb376ddeb67L,
-        0x17c2fac737f50ccL,0x0939ca8d782fd40L,0x12ccd9e7b840b4bL,
-        0x0a2be551ca817fdL,0x083673446fb2a6aL,0x02a82f0e89b9486L } },
-    /* 117 */
-    { { 0x03014a1d15e68a6L,0x18593326e9af286L,0x10b40eb59fe5be7L,
-        0x1da58289083186eL,0x0d41a3cb74818c0L,0x0f9f4f628c08b48L,
-        0x04e19972320ff12L,0x139364c18c2584fL,0x0f6086faeced04eL,
-        0x1d96675febe23acL,0x10c4ce40a5ff629L,0x09d012e03590967L,
-        0x07508b3762ca826L,0x0c1d46ff4fcbb54L,0x15663a575609c52L,
-        0x1a6906a1a4cd3b3L,0x17c85cb89cb0f6fL,0x030bec06a52ba18L },
-      { 0x0ef267e70022b67L,0x1b5da9bb45ca526L,0x159b49e1118a014L,
-        0x087048723262a74L,0x1df78c4a49054d4L,0x10f1ad4688f0b92L,
-        0x18c766c94a9c756L,0x01c0f0cd90102e3L,0x00a8501db1b38a0L,
-        0x16c995c673b811bL,0x1dd8263b6bdf40bL,0x1b5772600dd345aL,
-        0x04bbfeb0363aee5L,0x0710d9c5fd7fe46L,0x0a381a41dee59e1L,
-        0x108e2923f8b3fb9L,0x00b3f624f550e93L,0x028ab7a843e68bcL } },
-    /* 118 */
-    { { 0x0234e220206e8d0L,0x17aea3f8ad7992cL,0x0a2758e2543fd7dL,
-        0x12fa892be95f56eL,0x08da80a966ec4d0L,0x1c51b5d6c4862ebL,
-        0x1717f92a8248193L,0x062f33c4afc1e9aL,0x044c677ae24495eL,
-        0x101c3d9d2dc71a9L,0x1e43d1d68a1ee5cL,0x198b8783e5eee06L,
-        0x1b41a7fa4154895L,0x18058045dc3407cL,0x191cf2ff351d162L,
-        0x1c3342939907174L,0x1ba78ed5f7aac9bL,0x0292a2cce599bb2L },
-      { 0x0739679a21b54c4L,0x167155b24bece84L,0x0a4b212219000a7L,
-        0x1fd3f4f3b3e29e3L,0x06c208dbae48dcfL,0x11fb4f0a5c88e12L,
-        0x0e0e16ac3efcb6bL,0x176301590fda3dbL,0x0146fd718188586L,
-        0x0875b2a2a33e5e8L,0x0e5020599f3fb88L,0x18356e7a34c1544L,
-        0x00881c1cbedb125L,0x1be181196f34298L,0x0f23463f8d31c4cL,
-        0x09d078d8c0e1cdeL,0x14507e365bab4afL,0x0117853f6ee7c15L } },
-    /* 119 */
-    { { 0x062791fea7f1b7fL,0x0c62eee7f84ea71L,0x070ce71f716270fL,
-        0x0e84edd1810d855L,0x09fe1d564dad401L,0x1408648548c7acfL,
-        0x13712e35e59c0aaL,0x05dd6f5106c954bL,0x0fc4c23bbe7afa7L,
-        0x0ddae4f25643484L,0x0e404da831f9bd3L,0x0002938431a46fcL,
-        0x0794b324a2855d7L,0x1143d038f23ade3L,0x0d0c8f3262a3719L,
-        0x113d272b45336bfL,0x046e186c3ee0c03L,0x03cfc0f378b39a6L },
-      { 0x1f2c1f3364f3c4eL,0x1956289b3f0a5c1L,0x13f164cf90f54daL,
-        0x0a21b2c3fc894dbL,0x1e3f2aae34e5947L,0x153f928411a7673L,
-        0x084932e4b802af7L,0x0743df749e14f23L,0x0c2086fd21192d5L,
-        0x160687e5a8e457bL,0x06cb2b703c6d7ffL,0x111f025b7c3291aL,
-        0x0adedbdd45b07a3L,0x0b812c4d20439d3L,0x189ed92f0a849a3L,
-        0x0dd0b77edc7502fL,0x00073ee56636d38L,0x02217669bcef3e0L } },
-    /* 120 */
-    { { 0x0cd1ae68a2f90a6L,0x1ea0eb7ad68665aL,0x031100752e3bc9dL,
-        0x09b06ecc62d4705L,0x15e1124be817a13L,0x15caf20a15bac6fL,
-        0x078f897ef1a77f5L,0x19d46193ebfae95L,0x15ac0f163d89663L,
-        0x154f77b86731c36L,0x043a9763b55510cL,0x1fe1311284f4f4dL,
-        0x05eaaced585de23L,0x09f0c232bad69b5L,0x024e440d4529b07L,
-        0x0add07b22c586feL,0x11e5c10add9e33dL,0x0428bb5b9835534L },
-      { 0x12110fa28a21e38L,0x11bceabb9ea9c51L,0x0efcb40837125edL,
-        0x072c30679ba6d2fL,0x05fa85165917759L,0x155ae936b822fd7L,
-        0x16dc0ce43ca69e1L,0x18d5817b461b89eL,0x1cca0240adcc615L,
-        0x10f8b81628a36c8L,0x11cb429cb3be1e3L,0x0e1016cd37439d6L,
-        0x1d7e61aa0a84840L,0x0334ab05bcd847cL,0x03adc78e20582f9L,
-        0x0b2184726b85b29L,0x0b3d7fd83c09431L,0x04558aa5db72bb4L } },
-    /* 121 */
-    { { 0x0686003353c4a96L,0x03074482e6c1a94L,0x0d923d9be331397L,
-        0x113f599f3d7ab22L,0x032639e5b6b80b9L,0x0556f5de0e0fd77L,
-        0x080b4bd8e5b489eL,0x06a014f2da03130L,0x018ab548f3a4748L,
-        0x0682b61d98d871fL,0x09a374059144b6bL,0x0db29607e7782b7L,
-        0x0bd8f206c520383L,0x0f8bbcdb6b27653L,0x0acd2a24c68d87aL,
-        0x05c45b04d21f8a5L,0x0a9342bb8e09292L,0x00dfe6ec2700581L },
-      { 0x10b9a4375a365d9L,0x0f0af046c7d8198L,0x0f5f5d0b7e0f52bL,
-        0x09bc630e85392eaL,0x1360ace0cf7309dL,0x134b21891471091L,
-        0x1694c410f48e3ddL,0x12ff855b7dbf21eL,0x041d64cb77b5f93L,
-        0x100598562236808L,0x0190b48c5c83f94L,0x045b735440eb879L,
-        0x12041eae47fcc01L,0x14643b5242b71d8L,0x0d81ac516191155L,
-        0x0af7e3438f08446L,0x0f19b766d1f2277L,0x012dbc51dfbdceaL } },
-    /* 122 */
-    { { 0x0835718156707ceL,0x011cc218a7c8548L,0x016a2f95f6f66f7L,
-        0x0b5ac7497002f91L,0x15aacffdd4bba22L,0x0aa3912e738dc30L,
-        0x14f757c9991d5caL,0x1ae1501e3ee9e15L,0x0010538a3fc352eL,
-        0x0532022a101e365L,0x11ea20cc31ced3eL,0x1dcc05b95836565L,
-        0x0fed2b17c7b3433L,0x1eb194e397024ceL,0x1eb70de7e1a0692L,
-        0x112b6712f328c6dL,0x0f0dc5650c892b7L,0x03855cab832d28eL },
-      { 0x0778ec47b585d93L,0x09b085319ff2723L,0x15393a80c46b29bL,
-        0x177ac8005e43b42L,0x191cb7a9af22190L,0x141bebcf319d63eL,
-        0x1ba2bb44f0c7fb9L,0x02db4940fae2c2dL,0x0d78a27323afcd6L,
-        0x0334b72dd0a6b4aL,0x1d535d37d610830L,0x009c4ef1c792e66L,
-        0x0c55b5a5c2e85e5L,0x051d65ae182ad50L,0x0223b68c4f7d4e2L,
-        0x0bbbcb12d596a54L,0x0befc8842a084c8L,0x02ff64fbca8eef3L } },
-    /* 123 */
-    { { 0x0bc2c7cfe519f99L,0x15ec072a081a9afL,0x100a28e623cf8e5L,
-        0x0bac037b435bdb2L,0x14ce64ac1c03b73L,0x1201487e98101b0L,
-        0x025f560dfafa404L,0x073955d43474aa8L,0x1dce73d25b0b881L,
-        0x0f6a095f658485cL,0x0a7fdf58f6acf0dL,0x0fb20c5b60e3320L,
-        0x1642a4c11d55543L,0x127e488493be97aL,0x06495351dfe9914L,
-        0x0c318f625d36e4fL,0x1957ad2ae22d84cL,0x00546ab31e74768L },
-      { 0x1ac51630a21fde1L,0x1aeeb3481ec24a1L,0x07b97f758a073f3L,
-        0x00ef493468da493L,0x0875c06f4dedc6fL,0x1dc023235ed1601L,
-        0x00dbf438383d8d1L,0x08420b02d36bccfL,0x0c961912ade8a80L,
-        0x19ff505549d9e99L,0x0e3b6c315daf177L,0x1addb1a6fc8f3e2L,
-        0x19cce5e7cb7971aL,0x0e9015a0755c2b9L,0x087f49a2292d0d0L,
-        0x0df22bb084aafc7L,0x09f872fabd5b3a8L,0x04adc9a49b55231L } },
-    /* 124 */
-    { { 0x198a70199f951deL,0x0f2cb782c6da2ccL,0x107bcf40f74e3ebL,
-        0x1a676283a69a8f3L,0x0cfe8a406e928d5L,0x077d1ecd232c005L,
-        0x1c9bb4422b4bf07L,0x13ec972d243c026L,0x0b9b6a6b68e83bbL,
-        0x0f8f36e092172a2L,0x03d9d8bd9659acaL,0x012cbc20b683a7fL,
-        0x1a16011e1ca34ddL,0x128aaa0dea7489cL,0x08859b7ba9371a0L,
-        0x0c248df00615990L,0x07dbdc7ae1d31d1L,0x01712f7a8b10d7dL },
-      { 0x133cf8fdd8e7357L,0x1d10c75676edc12L,0x0c741e134ab0cceL,
-        0x0de50095c4d1c7cL,0x17e7ad7e1c927f3L,0x1fbc5000a19e913L,
-        0x09eb82d0073c161L,0x16b3bf9e06d5400L,0x0c9e46c8b1d9a46L,
-        0x136f2430f944699L,0x1b68bc6e2810f6aL,0x01cbe5a176adbaaL,
-        0x0419defb5634623L,0x10e9643a0cf85b7L,0x03916cd57b0df34L,
-        0x1d0a47b7e072f6eL,0x1d6f0862a8dac7cL,0x043cbcf53f0a0f9L } },
-    /* 125 */
-    { { 0x17e7b3f7f1c747fL,0x1260ee37319b4cdL,0x1dc2cdcb6e80546L,
-        0x09a7dca9fc84e7fL,0x133cae0fca6d223L,0x0b7886097e47066L,
-        0x073e49cca14e177L,0x12390de7f7be035L,0x05322677fe36caeL,
-        0x0d3801997f7f522L,0x128ca33a2bc85ceL,0x0eeded4e63e8593L,
-        0x1f66a96813c0256L,0x06d976d46343d9eL,0x113faf4652aac4aL,
-        0x08365bc61b8b5ddL,0x016c052236a9792L,0x01f64c401611ea6L },
-      { 0x19e760c4072f74dL,0x1586f55aca02c87L,0x090326c0270b9e3L,
-        0x00716b35cbb67bdL,0x0b4daa0647e875fL,0x079bc47a075a1b1L,
-        0x0be2e69a93e4824L,0x0addfd7d35fdb7fL,0x1f87f96a59867e2L,
-        0x137f691bad5b575L,0x09e0a8ff6c4f2c7L,0x0e3ce1f44c422feL,
-        0x0cfd4c0dbe5102cL,0x181a394bae95837L,0x19f9e014df309a0L,
-        0x1b4651b7ebc5656L,0x1142f633f3aba25L,0x01f498af477d764L } },
-    /* 126 */
-    { { 0x055cfa5239a9ea9L,0x1e34805f19d3149L,0x0d2e72d90af483cL,
-        0x0c0175ce30eb3ddL,0x13410f843316c54L,0x1894db43a53b6afL,
-        0x07c7048ed40ba43L,0x1195b91f350250aL,0x1f57b764a1b6240L,
-        0x0b7600f8d403bbdL,0x1b3bc87c3771704L,0x08f9cb4d4b4ee8dL,
-        0x0706e955ba3c49dL,0x1a2ebcd80f0aedfL,0x034421d8a7031e6L,
-        0x045ae224f0610efL,0x19122585dc78c6aL,0x017681506853413L },
-      { 0x10434164daa2682L,0x16995809acb12a9L,0x0d2af619c25c389L,
-        0x17dcef5c5c89390L,0x1af6c16911a19d2L,0x0b082a1cdea94d1L,
-        0x03f84db32970173L,0x06ac6e14b37b8d8L,0x0ca420d27b93d51L,
-        0x03986a2aaa6228dL,0x0963265b37afcb6L,0x13214a1f340bd7aL,
-        0x1a7b0f01510cb1bL,0x08e90bf0b4d464bL,0x0bdd7a0b30db4d0L,
-        0x054c3e22ed114eaL,0x1dd1db01394a09bL,0x00a313c2254f7ebL } },
-    /* 127 */
-    { { 0x1ca3aed232803cfL,0x01cc5cd4b7f9a35L,0x15fdd2ade22f079L,
-        0x00fcd1809b95eceL,0x1cb7cd20c3a53e0L,0x0345e52fcb4e0caL,
-        0x0c0cbca2d969b70L,0x029c79403a63b0cL,0x09b733b8187808eL,
-        0x0eb826cf7f30c5fL,0x1cd50ac06e51b6dL,0x033df7dbbb7e4edL,
-        0x0b903275cee057eL,0x0407bde33e8c179L,0x11db050f3717ddeL,
-        0x0a0e5ade07a7ef0L,0x028035f5557a9baL,0x03d65abdb5a014bL },
-      { 0x041356944e6b07cL,0x02664f0e39a2ee9L,0x136389cee7ed147L,
-        0x13711c69f880e88L,0x1152776dfe49607L,0x0114ce3be8c267fL,
-        0x0a25db440cee71dL,0x04053414d08ef7eL,0x059ffdf10ee8f04L,
-        0x10b8a36225dab6bL,0x141b0bee6ba1553L,0x05b7b27cf9ab063L,
-        0x063c96b607b2cb8L,0x1aa4f154419c0e2L,0x12887501abb4945L,
-        0x1f7bbdf2f1238eeL,0x16cae9807c78675L,0x0352d02dcb1b1a8L } },
-    /* 128 */
-    { { 0x0e71ea66a8f4f33L,0x037e326f547a549L,0x14b3fba21187cbfL,
-        0x1c112a9a11a6ac4L,0x068ab76659b0a83L,0x07c6822deb4611aL,
-        0x19eb900a04d5e40L,0x08230383380a570L,0x0986a516918764cL,
-        0x180efd709abae92L,0x1a6b9564d9dedf2L,0x004a8db936322e4L,
-        0x19c40097c8f6d17L,0x12ce203dc6f3424L,0x14a762ddb7c00c8L,
-        0x16bec812355b22fL,0x08ca7f46d214a7aL,0x034402a5a387672L },
-      { 0x0d168aa51a5b86cL,0x1f26c4abbb923f8L,0x01dbc5c80ca490dL,
-        0x1b2c8f4a9d5d088L,0x0405622c0a7ac87L,0x13cf978f2cbd258L,
-        0x055b7b7bf971bc2L,0x1ed5e7de1849aaaL,0x1917fb04eef047cL,
-        0x1c93ccfaa5b109bL,0x1a8cbcc52f82e0dL,0x0cb6188cd6190ebL,
-        0x0e7e218978e157cL,0x06f2c3d7e946486L,0x01defb6e43f0eebL,
-        0x0219bba65ae3917L,0x0533b432200ca8eL,0x00010fa0ceca7b7L } },
-    /* 129 */
-    { { 0x191122c43519d26L,0x1d60ea0528c2290L,0x07a5522ee27ef6bL,
-        0x182d0897f398deeL,0x178e8d559ef3375L,0x05f0e2f3bc4fbc8L,
-        0x1790013d666d87eL,0x193011193345977L,0x18939a260893206L,
-        0x0d725fffe698428L,0x12cffb823fabfa8L,0x0133fe295578cc9L,
-        0x0c2a841ef961f38L,0x0bf80edb06c1ca6L,0x1aeddcdd7eb62b4L,
-        0x04a24df868aecdbL,0x19f1e716b05a425L,0x03cc2ac4014f0f6L },
-      { 0x0cb3aaa95106473L,0x17d20ad30ed0251L,0x0d894e558f0257eL,
-        0x032a62570ffa792L,0x1f885c76baa4809L,0x063c6ab63f3ac15L,
-        0x11035c3db6ad88cL,0x10d19c60a38ee8eL,0x06dbebd14ffdb61L,
-        0x07020fd0c87204bL,0x031199bb98b8aacL,0x1c54e9e667ad742L,
-        0x04fe7b9b6693d57L,0x036941be803556eL,0x01d07abebdcbdb0L,
-        0x048ee63198bcd22L,0x08d9c5026096569L,0x04aec11e18e87d8L } },
-    /* 130 */
-    { { 0x0eebd86140528a5L,0x0615d29cbcde435L,0x0e293b0512afc9aL,
-        0x1b054fafdb63793L,0x0e0118d81efabb0L,0x00aac778963868aL,
-        0x19cf8c581c5a287L,0x1ba67c8516fc96fL,0x06317663783aec9L,
-        0x0b97fdf709561aeL,0x1c2feef05eca914L,0x10e0e83f02546fbL,
-        0x1be2888f9c4212fL,0x1ab652ae9ee765eL,0x00a3906a77056a9L,
-        0x1b607e63231d972L,0x1547ede02856aeaL,0x00713846abc32a7L },
-      { 0x070cc53cde20f88L,0x013962fad881c91L,0x0679772c76fe4ceL,
-        0x136e5ae982a085cL,0x0aaaaa554b3de21L,0x1435d30b624d459L,
-        0x05a5402110f96eeL,0x023dcd79ae4419eL,0x159ffac6ba89abdL,
-        0x01890bdf88ab1ceL,0x0a2bcbcd32e948aL,0x07ce0e4f520dc9aL,
-        0x1f69017766f27f0L,0x1d40891f342163cL,0x0a5cee32cd1a6f5L,
-        0x01b7a9181e68d48L,0x078fc5784a62399L,0x0069ed59dfd94cbL } },
-    /* 131 */
-    { { 0x18376e6ce29c3ccL,0x083f6780b65e347L,0x065978e533872c1L,
-        0x1ee78a1a83bd7ffL,0x0d16ce3d24fc526L,0x0098a0a76ead2a1L,
-        0x0181aecdef76647L,0x151c6885de5c675L,0x12ae90337c0629dL,
-        0x1fd76322c955998L,0x0e265f60ae15ed5L,0x1973466e62ec352L,
-        0x029086751fad6c8L,0x0c60b8cb412caefL,0x1a5cd5ea07a5fecL,
-        0x13ed3c9e914277eL,0x026a1387c2e5cb8L,0x02985a775ac3a5aL },
-      { 0x1f275a1bab7b5aeL,0x0ee2681d2bdfa74L,0x112a9171416eedaL,
-        0x0682d5880592e9bL,0x0ed985dc726369fL,0x0a2350b9af273c5L,
-        0x0c0a8152361e737L,0x14d099d60d33c2dL,0x0f73f6fa4789b11L,
-        0x150620fd95273c2L,0x1da40a4ea6da5daL,0x1c01e075156563eL,
-        0x1b844d66c1814ccL,0x184a9100b26592aL,0x08c89c6de539f58L,
-        0x149b3c0a5a9c87bL,0x17f5278b2e708b6L,0x0484a12a940632bL } },
-    /* 132 */
-    { { 0x069a14d0d5b4c2fL,0x1e2cdae45324e69L,0x0ceac38df528ae3L,
-        0x11222206fd2b7d9L,0x14e35322fda1a76L,0x1c7d7e2c08702d4L,
-        0x1398a8937304a85L,0x088b858c7651c7bL,0x1995c3f179452c4L,
-        0x0998761a16a28b0L,0x16982ad3be04a4dL,0x04a5175d3827404L,
-        0x06e2e3caf885493L,0x1b24dfa392e8d30L,0x13b17c7510246acL,
-        0x066678fa15f7ee0L,0x0f527bd1d62bd8bL,0x0282b8088e7f30bL },
-      { 0x0084acef534356bL,0x0ef02a5a587de68L,0x18173b81370677cL,
-        0x106c36f1c20435fL,0x0f78d38b64bde68L,0x052f2751927e63fL,
-        0x0665bfacdcb3bacL,0x09dde09f966cb02L,0x07dce5d505eb0abL,
-        0x114dac411c62c37L,0x18c65ef36000dc7L,0x08a2900d739fbcbL,
-        0x0bd18e67ab8bf5eL,0x1cfb1fd6a1984b4L,0x1062ed09a9f413bL,
-        0x1c459438fe2476bL,0x19f485b848225dcL,0x047f859b7eaa073L } },
-    /* 133 */
-    { { 0x1f2e2f43ff42cffL,0x0cfce8e1a98be4cL,0x0e4aae86d5168f0L,
-        0x0a95f53465b6e92L,0x17dcd43684232b0L,0x07cc8a85c2aea36L,
-        0x088622b0d788117L,0x00baf9e458fe003L,0x1057d35aeed4083L,
-        0x0d2528caa9e67e6L,0x195e4e4f8ae4e49L,0x05606845d84ebcaL,
-        0x1e3ac53958a2033L,0x1cf4d8b1cd84802L,0x19863598a01468dL,
-        0x1cf5f6941b813f8L,0x03e9e0e857f6748L,0x038d9477762bbebL },
-      { 0x142b0cd99726bf8L,0x051dc8e10479e24L,0x039ec1663aa84a4L,
-        0x1f44b52251fae52L,0x0037d7dac6a7791L,0x1141bd9699ed926L,
-        0x18a83087bfac1c3L,0x04f7ee1b2ddc7b5L,0x143ed8191850760L,
-        0x175855426a56bf1L,0x14407fa316dd312L,0x14dd5a4dd7bb78eL,
-        0x086b78aa4edbfb2L,0x108acc245d40903L,0x0e9713b252aa3cbL,
-        0x052b41a21b3b67dL,0x05ace7fec476318L,0x0394a388d1986c9L } },
-    /* 134 */
-    { { 0x0e4590432bbd495L,0x1a6e8df2a4b9ffeL,0x18757670fd38cc3L,
-        0x10b374e40800d7dL,0x02c2c76840ee607L,0x1f445f60ca7e9faL,
-        0x00842839dac4ba7L,0x18e2f9bbbb7d856L,0x0689d436b00811eL,
-        0x1535d1b9425f4f2L,0x0e56c801f504529L,0x13e61e23ce89578L,
-        0x08e9396402f8cdfL,0x175a3142e2ff5f6L,0x18344de29d45d0fL,
-        0x125c7337f0f058dL,0x15f3965e170beb2L,0x0000e1cec2c00feL },
-      { 0x0805cb9da4a0912L,0x05bb522085e527aL,0x0e3bb1c7596f49fL,
-        0x16902d0935de7b9L,0x08b24635780fbb2L,0x02273477b538135L,
-        0x1d2a0558972204bL,0x1c8c49846589af4L,0x081a770374b1631L,
-        0x0727bf8edc8be17L,0x1197f47d87b6541L,0x009397bcdc7a3a0L,
-        0x01d7131fcfb1048L,0x056d238ab1be706L,0x1a65c988b936f0aL,
-        0x0e8a1eea618b959L,0x113a0160dccee28L,0x0489973385dc8d7L } },
-    /* 135 */
-    { { 0x057efe27996099dL,0x1a26dd037304640L,0x1d0342561622dc8L,
-        0x0cf3cb5dd3d6950L,0x108a2fade53daf0L,0x1f383564ab054d4L,
-        0x091a9fd2f84c441L,0x1ccdabe7b365060L,0x0a5f8e8da27cca3L,
-        0x1a8ee5326147949L,0x08c43bcc77f5e3aL,0x0f845940e7ca99fL,
-        0x14a40da68392e0cL,0x1a869c7e08178b4L,0x16b80d45aec1f31L,
-        0x193bae07d07c575L,0x0d1ea93c066b4d3L,0x03e8581f2bcca07L },
-      { 0x1e7ea304dd94c63L,0x180e2b9c5859d2fL,0x1e328539ad2d5fbL,
-        0x1d4a6a64ed2a694L,0x1c22d00607622cdL,0x035904d7b4b503bL,
-        0x0ad29ccf06219f5L,0x0992ca99976c4d8L,0x0a098d3a1a84f3cL,
-        0x0cb7cf696b9a5baL,0x0c086975547240dL,0x1a5e3d8a247fbfaL,
-        0x05b2c1aa39e2ba7L,0x1c759493fcb9349L,0x064a9bf4b9d743bL,
-        0x1ca1df574e25c32L,0x060a606b43a9b83L,0x018d8bc17ed5aefL } },
-    /* 136 */
-    { { 0x18dba454034db92L,0x1bc80c79a6e26c3L,0x1cbb7dd530ce8e5L,
-        0x159aac75111a009L,0x1b5ffad1eaa5954L,0x0c5edc514eb644dL,
-        0x16d1ea2b7d956c3L,0x0b7eff7085b19b7L,0x1b72e3a0380d320L,
-        0x19ad8593e563e54L,0x182f2f62951d770L,0x0e33d749a4bfff8L,
-        0x180c50fca6736f7L,0x00600c801ec80e1L,0x007e1347f6b3deeL,
-        0x17782eb9ecb1eadL,0x11f57a7e6345cefL,0x037e07df29f03f6L },
-      { 0x16d116bb81b0e5fL,0x0e952956429dc24L,0x0b50c9ce1fc360bL,
-        0x09752258b26afc4L,0x09d5dcc13e332a8L,0x06c2e9c5b8e321aL,
-        0x135383260bba50eL,0x1c72172aa797effL,0x12cb39bbc38fed5L,
-        0x1633e4e2d621481L,0x08485efc1f69568L,0x0b5b4173c9ddd7eL,
-        0x028ee9e0c655ac0L,0x045db71f885d896L,0x011ba4573cebb95L,
-        0x0aa7e95ce4d3916L,0x1c8cb266012aa0eL,0x0380c9ad0d4a647L } },
-    /* 137 */
-    { { 0x058d41da4626deaL,0x1b3650adc81cfefL,0x0290c593996c97bL,
-        0x1ae919f99f33502L,0x0f142fa99fe6daaL,0x038bcb3d5cd35e9L,
-        0x08e6e932e85a175L,0x0ec25a6166cd787L,0x01f46a5dc8bf450L,
-        0x03472948a10d607L,0x01881966ee8712eL,0x0a5db4d31720f4dL,
-        0x14e54537072b4b5L,0x0f480b2fa81cee6L,0x15177f10a81ea7aL,
-        0x1d6615071ffe7afL,0x00041991e5a3b5cL,0x0364b0f644b4e53L },
-      { 0x03bdc1bc4e7eb46L,0x162abacb63da438L,0x1f359abf5d375aeL,
-        0x0acad9cde69f322L,0x124971755635510L,0x17fd969e8fda861L,
-        0x08af7f699e0f98fL,0x1ef7af3e3e7ddf5L,0x0a4efbe5417af9eL,
-        0x077b2312d2adbd2L,0x1cc8e069c4cc11bL,0x14ff72ac4b4622dL,
-        0x1a0b027e96db2a2L,0x041959de3505521L,0x17eab01163f9749L,
-        0x0ff34a46831beb5L,0x153c05a89cbc49eL,0x0418441ec34f125L } },
-    /* 138 */
-    { { 0x19b1c6202557389L,0x0e74bd6f7e05e4aL,0x19fe0cc3ce0d7f9L,
-        0x1e2d9f703d12777L,0x104428fd27e0c6aL,0x0f30c137b2732deL,
-        0x047294f7a4916deL,0x1261146278290fcL,0x065cec3b9445bceL,
-        0x1de018a6b3f6a4fL,0x0dac90c1e08d48cL,0x1b5f275a63a4d3eL,
-        0x10c780890cd78e5L,0x0f22f7f4f93415bL,0x12ebfa9c0570d3eL,
-        0x198d826ba9749cdL,0x18c43a378a47e3fL,0x011bb7cbfcb31c7L },
-      { 0x06e1ec0ae575b99L,0x065a7c0dcb86e05L,0x00934e9ce51df85L,
-        0x03f646b53be0147L,0x1bf629440b4b9c8L,0x0b2ebd468a88afaL,
-        0x0f8ef3f4d6d0c78L,0x0f6ba25fd4565dcL,0x0629984a6f5182eL,
-        0x121f179e1b2e847L,0x09c244c3cdb9c93L,0x1401fa68a803326L,
-        0x0ebaf96dce698b4L,0x11b3aaaa11e27e8L,0x0c95e12982e82b8L,
-        0x0c942a37b585b60L,0x0968ab4190a2154L,0x046230b30b5f881L } },
-    /* 139 */
-    { { 0x1fca2582d1f36a5L,0x1695944a62f96f7L,0x16e10f3b613c3b7L,
-        0x05b61c77366b4b9L,0x0719a112290f898L,0x11b16b667075780L,
-        0x1f91f43995f90e6L,0x028aa2d4abac4d2L,0x0269e1f778e6365L,
-        0x11ef6e5ea8134deL,0x108c0110715f157L,0x06398e0aaf1bd9dL,
-        0x131e489eabdb83fL,0x1cafe6da0def7dbL,0x076c00482d9e33cL,
-        0x059912119f239ffL,0x162cbebc6f455f5L,0x00aaf53115a6308L },
-      { 0x0be2f1f876fa42eL,0x143a4bfd6f773caL,0x03d4e32196bead7L,
-        0x09bf00b360d25ceL,0x0b5a7ac916e99b8L,0x031e958675b0374L,
-        0x026833b48cd5cb5L,0x1be5a1e4c465534L,0x12529998c3861fbL,
-        0x08c4453e0df1885L,0x08a714362ab78dcL,0x16f07626a67b362L,
-        0x18ff029708dbcf9L,0x0d41f7c41e53a37L,0x0ca111296804e87L,
-        0x095751d209a3095L,0x0c32fe84b3dbcbdL,0x047ab879212c82cL } },
-    /* 140 */
-    { { 0x0b66c8a2ca9c508L,0x0df6134eb5bc06fL,0x099a23ab5800b71L,
-        0x0e93ae4c282dac2L,0x0e472e6f61841b9L,0x13d43b20f207366L,
-        0x05e82b68909907eL,0x1e88b73fa679873L,0x1b25e8fa97c15dcL,
-        0x09267590974b14eL,0x11cb19f6cf65580L,0x1a56f834f088751L,
-        0x066dd027ff8e2deL,0x1f3d15e34a5584eL,0x1c31d8fe26815f5L,
-        0x0c4255b17e44d9eL,0x01d4cb268e7c8a2L,0x01e8b8f43d96226L },
-      { 0x02ac16e8ce49820L,0x122f1606226e49cL,0x0449cfa1631093bL,
-        0x188c64f9f21d8cfL,0x06159c1f918cb25L,0x0a2e59a1f1c3b5eL,
-        0x0d1fadadb8380ddL,0x082c9707356ba24L,0x172e09274a300d5L,
-        0x1559473440e08b4L,0x003fffadd6a10c9L,0x05946b2241be94bL,
-        0x103209f4a30a580L,0x073549c03ff7416L,0x1b8472ad46005aeL,
-        0x09d8f7338d8e185L,0x00416105af1ab9dL,0x011a74c7c1a66c8L } },
-    /* 141 */
-    { { 0x143520814db9cdaL,0x1ee23cb56f6487fL,0x09bebd162db6673L,
-        0x0ae87d546308755L,0x01735d813f1f741L,0x02caeac8af0c973L,
-        0x0f234d10688b42bL,0x06ce0977ecf8089L,0x12f960471be23a2L,
-        0x01931c40ae8eaabL,0x008c2ddac776533L,0x073e183914cf282L,
-        0x0c833c910df2e54L,0x032dc26fab58a0dL,0x1c0aded19f2667eL,
-        0x0d2a03604a3f443L,0x093de5b52609621L,0x035109871e71d0fL },
-      { 0x01b67a04b3ca1a7L,0x176a98060674069L,0x0da24cb3c1eabd0L,
-        0x02b84b86b44599aL,0x0dd04d0636523a8L,0x1c9d1df66e9cac4L,
-        0x0d4c1cf68d40acbL,0x0ee98bc1879abcbL,0x0ef9f5486132687L,
-        0x0c3ff7e0f3a1149L,0x0b0a7a89397b7bbL,0x13e067093e34db3L,
-        0x1240f2390508abcL,0x1fc9a1a9d84d914L,0x0bad5419e441cb1L,
-        0x170e02054c703cdL,0x0303ee0740996feL,0x01a7837d54e2694L } },
-    /* 142 */
-    { { 0x09dc79f2348f005L,0x02eb8efa49058c3L,0x1f29b7b992926d7L,
-        0x09d0549f69fa36aL,0x1957836621b7f73L,0x143ecb31be5c1a5L,
-        0x1b2af24d0406df4L,0x1c62b21f1580725L,0x0280dc3737f75f4L,
-        0x19b7a87b530d631L,0x160c129955a36a2L,0x0553b2610e14e9eL,
-        0x12fc8895cc80d79L,0x048a49cfb68bd8cL,0x0756e79260e4be9L,
-        0x1056b5e6c04fba8L,0x11a452d79e25caaL,0x03b26a3d8fa08aeL },
-      { 0x1f22303a2ee8b9cL,0x1b969c2efe6a42eL,0x060c4204e8dc6e7L,
-        0x167bce83ead6857L,0x1303bb5be28c523L,0x0dfcd7842bb12d7L,
-        0x16cd249bca66ab2L,0x01c437d58101a88L,0x06a523a02d6ba2cL,
-        0x18150d8bfe71432L,0x1a88d78c0307ab8L,0x06d4f69526228a2L,
-        0x08c0cc89f745437L,0x0076c46f69e05cfL,0x0dff1c01206413dL,
-        0x12e709e4d36ac79L,0x01009a1d53a321bL,0x00e06ece191851cL } },
-    /* 143 */
-    { { 0x1aa1f67c46a7d9aL,0x0199a5f6fc8e67fL,0x09d11e90bcb991dL,
-        0x02483ff5528b067L,0x135efe6b6798005L,0x059201b84bcd421L,
-        0x047717c184fd7c2L,0x1f8d7645f9ac9e4L,0x0e1b8b2a3a0572cL,
-        0x0f075a0bca850a5L,0x12eca4fadb35306L,0x164a8e144bffcc6L,
-        0x09a3d15a0a31a04L,0x1f97f6f4d20fbd6L,0x0e52803bfb617b2L,
-        0x142b83eb03ebf03L,0x1bcaa3996b09ef4L,0x0296c5f1cd83020L },
-      { 0x11536f6fd631a2fL,0x173f859a8d46e5eL,0x031e6c49884a47eL,
-        0x1e57a1e86ba34b2L,0x12b0ea7052d4875L,0x1d5c4f4d76db69cL,
-        0x064b02f42af72e0L,0x1b504f420c513fcL,0x06566a960102a0bL,
-        0x104181be701b40aL,0x1b5e7d618e50176L,0x136db7951bf2617L,
-        0x06efdaa3f597201L,0x091b5c494490094L,0x1f0b9ceccdee659L,
-        0x11b4623a7c71c51L,0x05d70787f41880eL,0x0367fb1b3ed7252L } },
-    /* 144 */
-    { { 0x13d0433f89a8bb4L,0x02619c9dcc7b8deL,0x1b200d1c28b5085L,
-        0x0fcbb4113d056c2L,0x1bf5fda698fcc75L,0x1e9a662a11aa77bL,
-        0x174346217094e7aL,0x1945c41650b7d8bL,0x0e71bbbe1782a1bL,
-        0x0cef6984dc2a778L,0x1265e6265fe9aa5L,0x1f51b03e788a2e4L,
-        0x1760c1115250cf8L,0x167c22f554d1da8L,0x1fb446f26c3bdf7L,
-        0x0c10192673c4773L,0x1e7c93e9c5c2825L,0x00e96410bb09f60L },
-      { 0x181347d987cfc93L,0x101ddf8c3fc0839L,0x1274494328c411dL,
-        0x01760ab7e67f4d7L,0x1a3af87c480091eL,0x02a055defcaf8d1L,
-        0x0116f89a1ddc050L,0x05b331bee61affcL,0x0b398135fb723bcL,
-        0x01187c60af5f623L,0x1860c17d558702bL,0x1e99b4c148ffc11L,
-        0x04e16d4bfc7c0fbL,0x1a30bf490374ae1L,0x1830839d058d255L,
-        0x1c56c72e330d295L,0x122fe2693122131L,0x012a4371b0529bbL } },
-    /* 145 */
-    { { 0x18795ca53572806L,0x04a24b2b4b470b0L,0x125cfecc8ebacb2L,
-        0x0c81378fac29385L,0x079121b3fb15de2L,0x0655ddd4866d396L,
-        0x10495b4be853881L,0x08f979b4def22c0L,0x025086261b435f9L,
-        0x1b4361c61417588L,0x05b58bc69e472f6L,0x1da2c3444cd8a20L,
-        0x06271d74a66b1c7L,0x012143d2133c033L,0x193c3ced7ffb686L,
-        0x054e997ca07ff77L,0x1f1d7f7f0beb948L,0x03a8d91ac044249L },
-      { 0x197b9d6e9c9be68L,0x05ae233e886366aL,0x10f5dd8acbd05e5L,
-        0x1543689c235119bL,0x0aa8eca86d94a63L,0x11ec3ffd85dddcdL,
-        0x01d77d2c3cb4325L,0x1136ea60c58bb8eL,0x0fed726ac499339L,
-        0x0d3031c2bfce66fL,0x10e4a9d7e31d997L,0x1b2abb8ce594443L,
-        0x02b66ecc8dcd264L,0x0c522c5d38027f9L,0x0af594fec6aa6b8L,
-        0x1bcf9d52c89bf17L,0x075a9378e802ba0L,0x00a266096e51636L } },
-    /* 146 */
-    { { 0x13a0a1d2989aa3aL,0x19141acf37326acL,0x032f4cb9ccbb60fL,
-        0x0a78796493d2716L,0x189ea6acf4c464cL,0x167e194ba852fc7L,
-        0x0e02519f96efcd1L,0x0db937f573a6f65L,0x0f8eb74533b339cL,
-        0x1f00fdf1dbb36f7L,0x150953bdaba89cfL,0x1be4f7cc3621662L,
-        0x01dd818488555c3L,0x1df38a7cb87db6cL,0x063da4f686bce92L,
-        0x17072aebe402f3aL,0x151dc08fc6b2465L,0x043a76799b5c254L },
-      { 0x04af83ebbb3f6beL,0x07ddc845da11eb1L,0x02eb5e1cd49fd5eL,
-        0x114c5c0884ac476L,0x1e236f79c3659bdL,0x1f93531481d8b3fL,
-        0x04b3d5690c31b94L,0x056444a8f5c75aeL,0x1b73890d776eb27L,
-        0x0da7b859eb146fcL,0x184ec14fab92b25L,0x0271cfe42e9d3e1L,
-        0x1998dbae175b4f5L,0x0228c2403aa4167L,0x1fbc570ada6ef79L,
-        0x15e329e4f2ca595L,0x14fa0a3ef2bb6bcL,0x018fdc2c0e72631L } },
-    /* 147 */
-    { { 0x18306d1615cd607L,0x04fd5551961d31cL,0x016ddde44c75a03L,
-        0x146ce11601d0f4eL,0x1445297f1031013L,0x13cdab40a7d070cL,
-        0x0fb51c31560ea9aL,0x1a60607397e962dL,0x118a7ca8daaaaf8L,
-        0x198acf3ae6db452L,0x039ce348e053ebcL,0x0e311a1e9f3fbd4L,
-        0x09dcdff032eb352L,0x1ea419c5d85bb30L,0x17541e996ea3aa4L,
-        0x0a16830089b04abL,0x054844a223e4a4aL,0x04c1918000c70cfL },
-      { 0x0a2102757f3d5a6L,0x12b24374656e694L,0x006c09547cefff3L,
-        0x1f26bd7be32b207L,0x0083aa6eb26cc64L,0x1267a0b0308948eL,
-        0x0c6d73662299a23L,0x03ab0387ee7baa7L,0x078c804a977fc62L,
-        0x0c3a1987d6e517dL,0x02369320f33c08cL,0x143b4f348e0fee0L,
-        0x1f4a915eb5c4122L,0x08091b304d47069L,0x1ab4a828b7855f7L,
-        0x1650a8bde8764cbL,0x0aad0a22ade188dL,0x0455df1cf491706L } },
-    /* 148 */
-    { { 0x04469053a2d2f01L,0x018c9aee3342e5aL,0x0efc75d2809f49fL,
-        0x1eb6a1d83ad5211L,0x1f3c2e2601da350L,0x1b77490e9eea2f1L,
-        0x05e73d9b84742e0L,0x068fc07211e8e97L,0x119e7c5b998b878L,
-        0x1a0e9ff5e9e8ef4L,0x1a3a347bd8166e9L,0x12726ce9c48ec78L,
-        0x073e7e67f69b9ffL,0x1774f1240ebea9fL,0x0f66131a6370c9aL,
-        0x1d14ea5e47db567L,0x095f95e31b06f8fL,0x0078ada6861e85dL },
-      { 0x12f6635790a8d85L,0x1fdd7712cad78c7L,0x1b1892d44a1d46fL,
-        0x166468e2bba2b6fL,0x0bc5441d7639b6aL,0x082c19866ea94c9L,
-        0x18d8152003a93dbL,0x02643dfaea5edadL,0x1c0b7ffe5192906L,
-        0x1452c12f7544c66L,0x16ea488a60899adL,0x036177a0d765d9dL,
-        0x004bb6b0cb678a9L,0x057c754c5921b6eL,0x0a816ef3dea679fL,
-        0x07d63725a1cdce3L,0x1dbbf8d0471f599L,0x028aed9bc101c2eL } },
-    /* 149 */
-    { { 0x043eaaa6f5bef22L,0x0934c101a438977L,0x0139e8ebdb1a54bL,
-        0x0d351928063c989L,0x1001899a18d434cL,0x07520631f2eba0aL,
-        0x01c8548e36ef3faL,0x1d194d991a52cf3L,0x073db6aee04acbdL,
-        0x1b49946dbfcc9e7L,0x1e6efeb5178cd2fL,0x1926f83e2c6147eL,
-        0x1f9b00a6de8c51eL,0x096c15e1a483992L,0x1167f25279ab2d0L,
-        0x09c76b20366da1dL,0x002cb09b7109cf3L,0x016f0243f0d5fa6L },
-      { 0x0b722f38dd9d484L,0x049c9be3bdd660cL,0x03c64f64ae2a0cdL,
-        0x011c7f584ab1b77L,0x145f4a7d80d78d5L,0x1e614ef82804c0bL,
-        0x027e341caffb61dL,0x1aecf57f1e58615L,0x092c567ea9a0820L,
-        0x12d5897451d2b9cL,0x0bebafc155486d0L,0x1e4d729d4bd382cL,
-        0x143d71e546ee1c4L,0x01f45f0e8f20a4cL,0x07ab82c96060ee1L,
-        0x094608922f905dfL,0x06e6813a4577387L,0x037b56038e6217cL } },
-    /* 150 */
-    { { 0x18822ad4dd6e3b1L,0x070e656b10434e9L,0x0114b2b37a03f1eL,
-        0x15508d3fc7cf087L,0x067e8ef2121cc14L,0x1a3a2447479ed3fL,
-        0x0c7d36e0f45b934L,0x02e7743bb30f30cL,0x1dfab59770a4c4cL,
-        0x18509831f6e380fL,0x075805b363fca07L,0x0617798ab7928c9L,
-        0x005760412a22672L,0x1947d77b0150ce3L,0x1faab671c6757c4L,
-        0x15f6a4f972d3decL,0x0cbf342530e719bL,0x0371612667fad41L },
-      { 0x113024badaf8793L,0x1e67881ae4a4731L,0x1ade54d402fe512L,
-        0x0c3a22cecbd340cL,0x1fd93c787991a94L,0x172a4acad6ed974L,
-        0x1973c174b00dfa4L,0x0e59628b6313e07L,0x181ae48ca95aa1fL,
-        0x01f938109ad3727L,0x1bd68926ca9f548L,0x120005afe546579L,
-        0x086c6745b00687aL,0x0328398297be991L,0x037163cf6a2a1d6L,
-        0x0230b7c7171085dL,0x1916b48bf34dbf1L,0x02d7bfe86cbe047L } },
-    /* 151 */
-    { { 0x1f9b950f4a224a5L,0x022ba6628139d2aL,0x0cc190fc7f55064L,
-        0x161ca1ef0669f02L,0x09581712996801bL,0x048e9b4336ba01cL,
-        0x1bf9f6e69017690L,0x0d1e3c6f3be2d48L,0x08d04a93f83bf91L,
-        0x126419a995905e5L,0x0cd2c7dca87042bL,0x12efb032bb6933aL,
-        0x1ffba14b5d8fbc9L,0x1b6d7a3b65759efL,0x16dcbd183fbc089L,
-        0x160c497291bfdb6L,0x0ae5185c925b6dfL,0x013d4e1c0cb04eaL },
-      { 0x1c37346f12a93afL,0x1b83e2a9b31a6b9L,0x035526064f440a2L,
-        0x19de436d3b1df4bL,0x0788a0e24f83a5cL,0x189e4c02e5d851dL,
-        0x1e130040c5e0596L,0x1e5fd441cb056e6L,0x1df9713a0e50361L,
-        0x0a24d07e866116cL,0x1d4b9df178b86ccL,0x0d7b6ce0899e306L,
-        0x15733e177a6e44dL,0x047716118096ef4L,0x17c6525a2d259a4L,
-        0x110dfb3760a823eL,0x04495182c716acdL,0x00e34834a7def49L } },
-    /* 152 */
-    { { 0x1b67d173a880026L,0x07850092ecaf92eL,0x1544fdb2de92271L,
-        0x02b977b94a520a0L,0x172bcbd33eb231dL,0x0ad01d7c67fe4ccL,
-        0x1f0bf2d3bd352b5L,0x14b289a8f94450cL,0x196d885480ead1aL,
-        0x152be7c65e45822L,0x16112c01795681dL,0x1c323a31412fbfcL,
-        0x0852923c745e9e7L,0x1faed99ccabd137L,0x0fb43234219ede5L,
-        0x1a4784aa6811cc7L,0x1391596e5d5689aL,0x03dc609eb528261L },
-      { 0x1c43aad52fb6901L,0x189fc8b65129d97L,0x0c29456ab718700L,
-        0x0cfeaefb8428eb0L,0x1723c0ddc93d192L,0x1cfb6d137297477L,
-        0x0ddb4bc783ae0faL,0x07332f3bd05e300L,0x143e28ecbb08349L,
-        0x116a8ee51ce1c73L,0x018ea6a38fdad66L,0x1474973664e0dccL,
-        0x02d2f8915d4cf1dL,0x08283c893729a45L,0x14e0fe979d78f81L,
-        0x1f6535dff9cae41L,0x0d01d6d53cc8fd2L,0x0071e1f7b34b7a6L } },
-    /* 153 */
-    { { 0x1c337c121ee1d83L,0x047b6bc3dbbc41dL,0x1f304e3e933a5f8L,
-        0x0f40691cb17ee13L,0x055e672dbaf7764L,0x0f62ee827c5d5e5L,
-        0x048603b4a4675f5L,0x15f19cc97fe67d3L,0x0ac09fc5724b059L,
-        0x03418fcee2f195dL,0x0899dd196bdaa54L,0x1ccd92fe3ff04d4L,
-        0x16bc6087fd3c5efL,0x15476e358a8af06L,0x1e7b4a6c68e717aL,
-        0x111707bb02d761cL,0x11c6cc13769bc37L,0x023184c71e04952L },
-      { 0x06408c7c8bd0fa7L,0x12188e735ef249dL,0x0420a0fbdefb45dL,
-        0x0f336bb271c62bcL,0x05a49a6b8213cc7L,0x14f268d7bf8ac0aL,
-        0x1275b403f6c3f94L,0x0a4aba71eef9ccdL,0x0b4f7ccc01bd4b9L,
-        0x0cbada4d7b8fcc3L,0x167f2f3593402a3L,0x0a094b4775ae256L,
-        0x042b5c89f11860eL,0x1d1f118fb6cbb02L,0x032ea4bfb431965L,
-        0x1c23cb02298662fL,0x05ae2e74c066698L,0x03fc7e849d1a45cL } },
-    /* 154 */
-    { { 0x04592cac19428afL,0x10e409d184332f9L,0x004b8c2ef5fc64aL,
-        0x0706d8d77284b13L,0x198e498710db072L,0x16b7a5ce3d20f4aL,
-        0x0b1122bfc5e79baL,0x07ce1f1f372eb0cL,0x06b3b02376f2198L,
-        0x0ec1f4dcc7328a9L,0x149aa35d4486289L,0x10353ade3b4c765L,
-        0x05a5a81f7495082L,0x12343a38c6fbc68L,0x01f63335e7b9567L,
-        0x0d92a40c194aecfL,0x131427a84ffa847L,0x043db2628f321a8L },
-      { 0x1f46f654b30d3c4L,0x0262e11da778a43L,0x1d998f2935a337bL,
-        0x139e7f6adb676e8L,0x0fd7d46a1df3426L,0x14d45eea789ce20L,
-        0x15f4a8edf1f1da9L,0x069dcad6993975bL,0x1b28ff342ac9423L,
-        0x0237efd3c378ed1L,0x145272dc0320b80L,0x1f02a12ccb2f9cbL,
-        0x09fcff4bddca30eL,0x024929342251030L,0x0087ce03cbd979dL,
-        0x177a1cb6caa59a8L,0x0f577ea9c2a042dL,0x0464a933e6ce031L } },
-    /* 155 */
-    { { 0x055032e5fc1abb1L,0x0d7aa097f23a1b3L,0x1580a7c17bd4885L,
-        0x0bb83237d3facaeL,0x008639b0b0e7332L,0x1f3339bd59e32f6L,
-        0x155559d41fd4470L,0x15ac717df8790c2L,0x15d0188cf42f0c4L,
-        0x01d180e6c4b0c36L,0x180fdecb19d07a1L,0x1819f479a3a008aL,
-        0x1d4a40672ef7545L,0x02dcf46efb0957fL,0x048b5d15865f27dL,
-        0x0b37f68a646fb0fL,0x016bf132e3a4b2dL,0x0457d0db9dc2535L },
-      { 0x13596eae793ac70L,0x077c7777b6e8835L,0x1e89c108b901325L,
-        0x1dd3cbaec724d69L,0x1512aadfc8c71dcL,0x01cbaf9a97e5b87L,
-        0x0ec4c6dee84e2a2L,0x1a2af3227200b18L,0x19692092a97740fL,
-        0x0d6ca2d8b05834bL,0x0d0e20420deac86L,0x0389e2e976e378cL,
-        0x01ab1b80eb76ee1L,0x187622c53088dfeL,0x0b4cc96f20aeb21L,
-        0x15b91ddcc024e62L,0x13cb4118b1ab240L,0x0339088c895ad04L } },
-    /* 156 */
-    { { 0x1e99306f55cf9bfL,0x029845235cb6cc8L,0x187679e9977e6c1L,
-        0x038e6379775c783L,0x04d58a61453cb15L,0x03a6610a5f2913dL,
-        0x00358e76b248a5fL,0x1be9a1ef48b045cL,0x1afeb1d51c62b03L,
-        0x18ee1d25d50c596L,0x11c5e37cadd3c2eL,0x114d12d6d466fe7L,
-        0x141dce055ffcd32L,0x152715c3f4af6a2L,0x16773a65fef1dadL,
-        0x0cf83cbd8cfe3f4L,0x1fe052368accc03L,0x03e431c8b2a7251L },
-      { 0x1e94b5eca7388cfL,0x005306019ae9c2aL,0x1e2d85be16e85f3L,
-        0x1e2024530136d36L,0x1cfd0a79705d02eL,0x0f71a92b2d37400L,
-        0x076b7add2a5b5f4L,0x01eb91065da84f7L,0x096ea8528e6d533L,
-        0x06c43158c692774L,0x0e3b567fe4e7dccL,0x1344020c04a539aL,
-        0x182303b3ff690fcL,0x0ea95a34e316c45L,0x0b4b64ff10b5e93L,
-        0x008700df1bf4519L,0x1ad502360906092L,0x0192c13ac7e742aL } },
-    /* 157 */
-    { { 0x120e45f359e8c60L,0x1dc529b2650c375L,0x01c77fe384431c6L,
-        0x069927caf00562aL,0x1829d0d8074e91dL,0x1541fd601937005L,
-        0x08278f064896189L,0x10470f4c9abf653L,0x1caaa3d34e5ac5cL,
-        0x16b42f2d6d16d14L,0x08099faca5943a3L,0x1632ec7005e724eL,
-        0x0edf6b1aeaf7184L,0x12f3092e91faee8L,0x01ca86af87e8d1cL,
-        0x1875fac50ff3a19L,0x05649aa93d2ac57L,0x00d273538aded3bL },
-      { 0x0126ede554d1267L,0x0a2998e6815a40dL,0x013338c7ec74dfeL,
-        0x1612fb8025ae15eL,0x16c7b6c5cf410b0L,0x048842c9870e8b9L,
-        0x18e3e40bfb9071aL,0x1be6937494ef3f6L,0x0a16c5821acd6f8L,
-        0x19dc1e09703b567L,0x140cef94074537eL,0x08a441e5a5b4d71L,
-        0x0d99df18800593dL,0x0ff599d31ba9293L,0x1bbd15b28c8d472L,
-        0x1b915b22687783eL,0x032c74857db35b9L,0x042b53e49c2da74L } },
-    /* 158 */
-    { { 0x007d0020d0a5583L,0x180eef6d232c550L,0x0590d364e6f8bc4L,
-        0x014e18106d2380fL,0x1e81e540a0cb678L,0x05645c605a6fcadL,
-        0x188e5b2ef34d175L,0x16caf8a5da0a8eaL,0x1cac2dca41805ceL,
-        0x0af7355bc9a212aL,0x17bcc493268a9a4L,0x0c5f18258ce86cdL,
-        0x1b7dbb7c3bbd3b9L,0x1115dcadd55b278L,0x118edd0f039154fL,
-        0x14c624811fd7589L,0x0403ca773122a4dL,0x031444842631b6dL },
-      { 0x057fd538cb8d208L,0x1c004aa1f836a52L,0x0553cbbfcaadea3L,
-        0x17ee4a2fcf6cdbcL,0x19389d2cfddb28eL,0x0dc46700a4ff337L,
-        0x10fdde7a1dcff61L,0x1808a5c1216174aL,0x1deb9b5cfb0b03fL,
-        0x089a245362f6bbdL,0x07cf3e3ff00dc8cL,0x08dab83698946c1L,
-        0x138fa59be92bc9cL,0x06d81348f3379dfL,0x07e23e44e5afd7fL,
-        0x1bfc7e3d8b3a801L,0x158c29034562ad9L,0x03cec09162d6d26L } },
-    /* 159 */
-    { { 0x0d4e4ceaa529507L,0x1040a3a32ae800aL,0x08e13c3f11d015aL,
-        0x146887971d81a61L,0x17f1728d8a8203eL,0x1077a919e317d84L,
-        0x074fa28e373f6d4L,0x0a141f21abaf959L,0x128a7b0bf873ceaL,
-        0x08ad71d363620e5L,0x05c76a84e04b074L,0x174ac49aa0fd46aL,
-        0x097e98f42f25d4bL,0x0b5209b8c8ed694L,0x0796ddfff5ac7a6L,
-        0x1ee0fa8d8424b6dL,0x17ac7d2b42420c4L,0x01559d7cac0a12aL },
-      { 0x0ca074c6a5372a6L,0x1dc1f2b1495d3c3L,0x1b71ddd073d5ca3L,
-        0x02a41de93ae8ab2L,0x01e4647270b4ceaL,0x1c562e8a397f1a3L,
-        0x101c7d35af598feL,0x0c28dca59938217L,0x128794efe371a34L,
-        0x042838c13b7f43bL,0x155dce6fbd6ad29L,0x13fe7e2b902bdb5L,
-        0x058f8395c324c2dL,0x005b542a8c44a87L,0x0200f86eb90265aL,
-        0x04bdc9ea7c45915L,0x1caaf233f61039dL,0x003ed961a928204L } },
-    /* 160 */
-    { { 0x1f3b8db037d4703L,0x1846fe2fa445ce3L,0x0c3e11c7500ba0dL,
-        0x04b45f55d23f750L,0x1404fc1ea55ee8dL,0x16ab28e172df882L,
-        0x1d7e591f5409ea8L,0x17e6f4a7818fd75L,0x07adf0bb295b30aL,
-        0x13170ff6b2649ddL,0x1063038bbd29e16L,0x13b29a59a09efffL,
-        0x175ea0af02139ddL,0x07f7cd67929fdd5L,0x1856a9df20403a8L,
-        0x040d2e98a709b90L,0x159cb28682d9fe5L,0x0045b6547e7beebL },
-      { 0x04e5bea036c3b5aL,0x130813fcf95a5f0L,0x15c0a5e5f03ce1cL,
-        0x17050f3d4753f94L,0x007f0ddf1656180L,0x1870438a99c4ddbL,
-        0x1ff1e668488f19eL,0x0321a3011d93b12L,0x09470711a916edfL,
-        0x07a97958390b88cL,0x0ca7ff462222dbeL,0x058a998df200bb1L,
-        0x05eb24877fef1e2L,0x1aa3ca92e201b0bL,0x1851a2bf6a548ccL,
-        0x17411ac454842d0L,0x1d25d043b0774faL,0x01619bd810698d3L } },
-    /* 161 */
-    { { 0x12305bcea22fa65L,0x01f7a68acfb1d3dL,0x01f4fcd648fef86L,
-        0x0d823aeea668e7bL,0x0a054cffb27fb30L,0x0c2b0cb8173f359L,
-        0x14714f3a7e5f2bcL,0x0b706aa04869cfaL,0x1a63e3d82f356acL,
-        0x13dbe556bb22898L,0x179abe99c7f2761L,0x1dbc560f9aefdd0L,
-        0x10ffda51933b985L,0x14a16e1b03eacc5L,0x18862a6c43b28e6L,
-        0x1ab942fe7b9dca0L,0x1c93d94e8d106b7L,0x0284d931a76c418L },
-      { 0x1b9414e48caed54L,0x1c63665fa8f4bd8L,0x123537a6c961de9L,
-        0x1923dc7af148d11L,0x030ee64c0024137L,0x0c86bc5347c91a7L,
-        0x1a42d5cc956f220L,0x09883d1c0bf7500L,0x050038d84ec354fL,
-        0x0c7816b6fd2940bL,0x1e401f32d8ff6acL,0x01f7d315c8ab88fL,
-        0x025d0e319d29d48L,0x0136db8ca5622e9L,0x0d61ee741bcd5d4L,
-        0x0ee4ee6773c4058L,0x152224839922c31L,0x00ac96ad3aa5dc3L } },
-    /* 162 */
-    { { 0x178d9a2cf7453f0L,0x1c4cd76c1e0f82bL,0x1b4f82a0ae9ebfeL,
-        0x15d47aa1035cca0L,0x010aa38b32c84e1L,0x1be820cd6a94604L,
-        0x1907ec7f6c082f4L,0x1ecf1ad97c3a0d9L,0x0d287f0f02e74b7L,
-        0x0e692bae21dd811L,0x03cbcfe069c6cfdL,0x03eb8c67cfe8da5L,
-        0x1cc4fc580ee65bbL,0x1dbd83d29972fe0L,0x12abceb35554e7eL,
-        0x05a5b6b5288e387L,0x17cb958bdf44cc2L,0x00b0a5edebbd13bL },
-      { 0x01f0230ed0ab04dL,0x03d803710417526L,0x118f10b16d7eb8dL,
-        0x1fbc03326b3e217L,0x05dd0825b0539e6L,0x076d0b6c4dea73bL,
-        0x128ca48983fbeefL,0x0bf1554eab9cc55L,0x0ed762fa95ec82cL,
-        0x0f326008c3283b4L,0x15891724b8d2326L,0x14ee63d4dad0afbL,
-        0x0b07b447360db88L,0x0b8eb87f7780095L,0x1e246c2e4d5ae50L,
-        0x04145cd160c5007L,0x1283a54a53ab79cL,0x0244b2b63d80583L } },
-    /* 163 */
-    { { 0x03649ba71353c25L,0x193d089fb3f1272L,0x0ce8707ae78d45fL,
-        0x18f1c537f2217a6L,0x0743f15d94e1c05L,0x0d16f8427f3ecbaL,
-        0x0ef86721d242243L,0x16304807f4ea6ceL,0x17ebf5db41baea1L,
-        0x1f0571a920c0756L,0x161cff0bd430ff3L,0x15ace0cc39b23a2L,
-        0x19a51e8c2c16851L,0x100b084cc014b46L,0x09fa95b9f46a737L,
-        0x18930562a791351L,0x1cb6d41b78906e3L,0x00415d974eb3b4eL },
-      { 0x180ef46c4d6615fL,0x14ee080dcc14e30L,0x1b003ec9932bf18L,
-        0x0c21d98589bc445L,0x1eea2c4dc5457e0L,0x0e2d964ae72ccf8L,
-        0x043e410cfe9ca3eL,0x0a7dc06a8c59ac6L,0x084c57c3bce2e22L,
-        0x047618d4b6c3f22L,0x1f8e4e914b169dbL,0x0281408f646a617L,
-        0x18c018545ec592bL,0x0e0bc6233dec5f0L,0x08c016de538041dL,
-        0x0a9e6908e328c5cL,0x0422665e237622aL,0x01b228d23480e48L } },
-    /* 164 */
-    { { 0x1802d1819893e71L,0x12ec5a9cd10410bL,0x08048c0bb3f285dL,
-        0x166cb7eb3bf8d5dL,0x0d232a808d4cf51L,0x140213c3ba0eb90L,
-        0x0e7b2b0d0facc63L,0x194aa7d965fce8eL,0x0aeca79a81a8b07L,
-        0x04ff9912b7a559dL,0x175ca4fe8747dc2L,0x135dec55342cbd2L,
-        0x12aa08ddc226056L,0x0dbddaa52f3bb11L,0x0f55b9e4feafb0cL,
-        0x17dfe914412ace8L,0x0f1749cdb12eb0eL,0x0382983d234dc7eL },
-      { 0x08e4c04e488310bL,0x137192992e6bdbdL,0x02c1260fbeb049cL,
-        0x1805bb7226ba1fbL,0x17b9685c796e552L,0x0f9251877651fbbL,
-        0x125e66dd9ba26c5L,0x0d8f84e6dac91dfL,0x03d619685a8021cL,
-        0x119f13c505978f5L,0x1a61e6d9db5ac3fL,0x063235e9c17d2b8L,
-        0x1136c4ee55a0747L,0x0cf2f9dcd17d5afL,0x12bf9b9a4e2e3fdL,
-        0x1a2403c229b4873L,0x0ecc9595ec36a6aL,0x0407bcde82bf315L } },
-    /* 165 */
-    { { 0x0ef42a760af09b3L,0x0b75ec99eff0a1eL,0x0783b617aaa0f00L,
-        0x1f9d547792e419eL,0x17106f97d4f5e99L,0x134569390b5ce95L,
-        0x1947d97cd30db25L,0x1bd51f70578b618L,0x020f42f1cf2fda4L,
-        0x198d596690fb2cfL,0x1ddb1e84f45863aL,0x004470cc57cb6f4L,
-        0x10cad08e0bec441L,0x011600c06412ed3L,0x1be7ff664a641e4L,
-        0x116a0ec477b4055L,0x119de84f4f3f5c5L,0x02fad2ed26c127fL },
-      { 0x137257e7e8311dcL,0x0a7a8a336789b2bL,0x1916c172886b7beL,
-        0x1805c9566f4e7c2L,0x0579165b38ea9b3L,0x0580d23bb07564cL,
-        0x156137ff7411f09L,0x1b4311a9fa27f72L,0x0faac38b825548bL,
-        0x13cd3782cf4ee56L,0x1dc83c2689c03c6L,0x0aa9f714fc91307L,
-        0x0847a1fad58cbbaL,0x0d5eb5af1c50ccbL,0x1c5bb084615951dL,
-        0x120f6ea227a63e6L,0x0891391e7814212L,0x0298ce40086e0acL } },
-    /* 166 */
-    { { 0x120136e6b61c3afL,0x0796f03da5db411L,0x19fce0325fc0750L,
-        0x00d5186274ca3bdL,0x0011ca10a978ba7L,0x0fa22d9162c3eb1L,
-        0x1139922ee8862acL,0x1f318bd5e0fca08L,0x15549f02a442fccL,
-        0x0b23a379ec0249eL,0x093d85e70116449L,0x143157b9110e85aL,
-        0x0aded38f8f1600fL,0x091d75a32e5c300L,0x0715e2a92fe6e42L,
-        0x1d429ac7fdc6a3cL,0x1f0f3c9c5acebb9L,0x01e8998a6f88d27L },
-      { 0x1cc662db4513d1eL,0x05462eaaca95ef2L,0x08ff9fe1b42b79eL,
-        0x08f409e18bd146fL,0x0e25d06cca2d12aL,0x09b038a6334b721L,
-        0x1872d49851a62c8L,0x0bde9a4e03713edL,0x1aafd617780efd9L,
-        0x16b9d6262ddb483L,0x01d2b10836cd6b9L,0x1bc9e4ea3f4093dL,
-        0x16a1fa2edd11631L,0x1bfebca6d94fb99L,0x0be4a993101a192L,
-        0x198ece79643a7c4L,0x0adeae904e62043L,0x033f9454fd99163L } },
-    /* 167 */
-    { { 0x017b258ca148ab5L,0x0cbb7d9e30028beL,0x1a6323ca37e6e68L,
-        0x09d1a8a02fd44c0L,0x0578a42287b2cc7L,0x1f63991b92b9948L,
-        0x0ef120757b8945eL,0x1fdae823f9e3a91L,0x146217e6b487f5cL,
-        0x1803d62a0f5c70dL,0x115e9b816803232L,0x1a57a5f3f533883L,
-        0x1b40941cad1f954L,0x1c14a84e9b85eaeL,0x1b297bb921e1e70L,
-        0x1f73c9826eaa4b9L,0x1b2e8ef7fa4fd3eL,0x02ff848ba0de8deL },
-      { 0x11912a4579c6632L,0x0d227dc51040abcL,0x0e114d58e74eec6L,
-        0x177879379de9f2fL,0x119e6410e57e2bcL,0x0becd689159f95fL,
-        0x1fd987c0627684dL,0x098ceaae776f3cbL,0x1444e5c98ef2f3cL,
-        0x17b0f1002688398L,0x08d9beb1d758d75L,0x190c590a9e461bfL,
-        0x1e0ad0850b9fc47L,0x17b906196025721L,0x14ef27573a53d90L,
-        0x074c6cfdf5ccb4eL,0x046c27d30d3b037L,0x03340809d14b90bL } },
-    /* 168 */
-    { { 0x185d913e84509dfL,0x05f6ee799c9bb09L,0x174cd08e8523a5eL,
-        0x07dd196af25be84L,0x11c4553c43fa0aeL,0x1f8ea4780a9b4e9L,
-        0x09128173c22ef7eL,0x0675bfe97cd2888L,0x001635f81a35ddaL,
-        0x02e44a4f3b7d5beL,0x1ff37859cdde0c2L,0x0a5944a9f1a497aL,
-        0x06413ec985fd8cbL,0x1d481366310b453L,0x18786dfcb6e5d05L,
-        0x1ffbc72c5dcaca1L,0x11fbee0a346d3beL,0x01d9adb9785efd5L },
-      { 0x1f8de9f535c3749L,0x0f907c56ece245fL,0x0def23e3d98c8f0L,
-        0x0bd1e75c9352eb6L,0x1d5e26282529e47L,0x03178ee197886a8L,
-        0x0f8d96b034a5d9eL,0x0c4278f26710a99L,0x148f004ef4b67e4L,
-        0x11bd0a872e88770L,0x11de374a0a2283eL,0x14cd9f6e7e9a92eL,
-        0x130780495296830L,0x0bb05b4a4fa2200L,0x0dd726608cf1c26L,
-        0x1f3390681994a4bL,0x0853f62e40bc771L,0x023e850f5e6cae3L } },
-    /* 169 */
-    { { 0x06f4fff652811f1L,0x05549b177980113L,0x0955432e832baabL,
-        0x1400fea8ced870fL,0x002f2673a350142L,0x0e3732e3fe88151L,
-        0x18f6576bb95c0cfL,0x03cc0d05d860c94L,0x146cf0bb0462b25L,
-        0x1018652aed49b73L,0x0983c90d0996d43L,0x0576d369d1eb90fL,
-        0x0c7ad7770a9637bL,0x169d0ad3300fdacL,0x057a5847c851fdbL,
-        0x0742c0b68fabc53L,0x05ccb0ca9b38321L,0x047a5b0a524cad4L },
-      { 0x0a8ec194b4eb3c1L,0x04d6210191d382dL,0x0c893db31aaa315L,
-        0x168bf34b4601a92L,0x0897abbb0e53b9bL,0x166be8723778880L,
-        0x0d623fa1cf95f5eL,0x1a2f9f99fca1ef9L,0x00ea53d65c85557L,
-        0x0ecf5a239447971L,0x17b7eb03ada2a3fL,0x08e010c07419565L,
-        0x0900feb06c58221L,0x12f2e55634a3234L,0x1246ba60133d6fcL,
-        0x0bd5db0ab30b13fL,0x001ed9378b173c4L,0x047ca168129264cL } },
-    /* 170 */
-    { { 0x11ec3028e845808L,0x15ffd5bbd5fe28fL,0x12e7e365f71f0c0L,
-        0x087558b2964d5faL,0x074d94dc3d3a83cL,0x12c88e71dba5e8bL,
-        0x0b3491192dcdf2aL,0x1fcc524aee70e38L,0x1419f24853b4440L,
-        0x0d35079f02956beL,0x0a035a11b21b037L,0x13f5f0649e84c8aL,
-        0x0807cf117aa2568L,0x06ee4edbe3a568fL,0x1bf2175589b7a82L,
-        0x1d6a6a4c406e72cL,0x0cbe0ad57c3f3b1L,0x01c1801294a4e0dL },
-      { 0x0ef5a405e744723L,0x1e7ba8d704240d0L,0x0333fb07ddbf6d6L,
-        0x03f566ff8d57f5bL,0x08fedb78fba5d83L,0x09f9885f1cf1246L,
-        0x17092973eb57eb6L,0x1eae8ffb63d227aL,0x1052a47c94518b7L,
-        0x11046b63e7da193L,0x172e71c394e2fa7L,0x0eb2b762f22d626L,
-        0x005b3106c736352L,0x0104dd8351603c4L,0x11412b74b50a81bL,
-        0x1c0696a4b68e3a7L,0x1a5c9f4b368822cL,0x00af8c3cb75a0c2L } },
-    /* 171 */
-    { { 0x14dea060aee4684L,0x10f833e6dede404L,0x0526c64c4c650acL,
-        0x03034fb74d4873cL,0x1c2ae80fea4bdd4L,0x011ee163109b831L,
-        0x046c6d62c259c4aL,0x108e887aa2b064cL,0x02e16f83113c203L,
-        0x071026b15ecc969L,0x16f35bd064e22c3L,0x1a3a3a6ef18e933L,
-        0x0fc5ddae73492deL,0x0ca5b12cceadebaL,0x01b29a35204f54aL,
-        0x18558323b39ec1dL,0x038562179eaf3e9L,0x030a378f9cff709L },
-      { 0x106d33e078e2aa6L,0x17bfbcef74932deL,0x1e076a903a11a4eL,
-        0x11373480fdaadc1L,0x0de9951905fbbb8L,0x16dd1cee7a256e7L,
-        0x1dd2dfdc7e34c24L,0x1d6ceb6bb4a8462L,0x07456a251a5f605L,
-        0x018ea57c3d1cd4fL,0x0c001816d1d2f64L,0x17e56ccb5523b68L,
-        0x156631eeb4bda5dL,0x111bbe2c2e8d1efL,0x1742ffc0a0527bdL,
-        0x0cbbc5c35e9d2d0L,0x050e0ea087582a4L,0x04aaa1fcf035e80L } },
-    /* 172 */
-    { { 0x1cbc6f485d7c6efL,0x00426b1d8de127bL,0x1a22fe32e98b2b6L,
-        0x0d68ab8325bf219L,0x174fc6ed98e4b68L,0x11003bb0a35c6abL,
-        0x094a5c388e279ebL,0x1eaa48388f2c384L,0x17d2215103884e5L,
-        0x16906710bf14139L,0x067d453c99d3e35L,0x00aae18023b7c62L,
-        0x19fcfb760e85459L,0x0f46150cefd5baeL,0x1f52c9e5518d8aaL,
-        0x0d31896da7f1494L,0x0ffa5c87104ee5dL,0x036da1a3c15d14bL },
-      { 0x04864935c3f0d95L,0x1edc1273a444a83L,0x1d89acbcf912245L,
-        0x0856feae97ee7fbL,0x0f732723c60edc5L,0x1688a65f0e04d15L,
-        0x0bfe5f4d19a75f2L,0x0392c8cc0146435L,0x0b94e2bbaed0cd6L,
-        0x1370d20ef623a87L,0x1a6436c6a27d621L,0x1ad9e4eb2d27437L,
-        0x00c0e0dddfc39e4L,0x0cce452088e7dbcL,0x070c143c2bf35ffL,
-        0x18dc99d7ff5b6dcL,0x0944f3981b096d2L,0x003d3c8f395713dL } },
-    /* 173 */
-    { { 0x10e90471e9f0300L,0x09d6cde66fc8273L,0x0277fc14c1e3809L,
-        0x1d5d1268c4a3805L,0x04846845f1ef092L,0x0d6a5a1648548d5L,
-        0x19ec8651bb683c7L,0x029e0eca1e667beL,0x1c6e988db0b15a0L,
-        0x17063375aa1787cL,0x0d8c478300de3dcL,0x1b555d0d2a1aba9L,
-        0x0db35f1c8f548baL,0x0a268d6a3400b1cL,0x11c74c84a78c85aL,
-        0x09bbd32a3759080L,0x0ac03cc29f385e9L,0x036b5661722a1f6L },
-      { 0x1999e9557b2d299L,0x1e6cdf1eb90e6f5L,0x013eed32d110e8aL,
-        0x13b80c1f545cc07L,0x0c987cdeae17770L,0x1b7df6ba787369cL,
-        0x1effe688df3e041L,0x108d35e2a26f307L,0x06c3f7a1d323f95L,
-        0x110e567b6db21ccL,0x004d3e59c0f648fL,0x131f70727eecf9bL,
-        0x1c2e82522207558L,0x1c92553e0dad945L,0x109ea2ade1e6705L,
-        0x129243b66f1e502L,0x0eed5a451b1ff28L,0x03ce8c1091e9e23L } },
-    /* 174 */
-    { { 0x03edff9109d5589L,0x0975a014da24c8dL,0x14c2d2d52b7f7b5L,
-        0x0344f7fece27d73L,0x07f0f4604f9214cL,0x1287142640bf73bL,
-        0x188deeb7e360f0eL,0x1838bb807932804L,0x15f29581b966647L,
-        0x05b5044c50343f9L,0x01f3b0c58d145c4L,0x174ac5cea3115cfL,
-        0x0745e2c3fb2001dL,0x1b3e99caaaea70dL,0x1a10bbaff2b37aeL,
-        0x0b01743415f3978L,0x1c850590a2b3e88L,0x039882248d3c266L },
-      { 0x0ca2cdf2648d676L,0x0f652a78d8958a2L,0x1250a60387ae6a1L,
-        0x1235915512373b5L,0x0719e195f30d370L,0x181bcbb983955beL,
-        0x19fdae9463208bdL,0x04f58121c295800L,0x10e6cfc708dcd29L,
-        0x1ac44f110f3ed31L,0x0a902e0dc71f193L,0x17c51ef0f193695L,
-        0x0bd84caf3f1f9daL,0x0f070ec97bc576bL,0x0909370f0e7741eL,
-        0x00132d017cbf624L,0x14ff41b214d0bdcL,0x03547c7e4a8c062L } },
-    /* 175 */
-    { { 0x0a1ed6353235132L,0x119f8acedd445b1L,0x1148a47bf76076cL,
-        0x0f64a2235d0ac4aL,0x1d701bd8c750529L,0x1a7a2edac90d7c8L,
-        0x1cffed34175ca5dL,0x070dc7a98bde31cL,0x0897d985f899b30L,
-        0x14e187de44d8aacL,0x0b468d344c60722L,0x0d744446641c792L,
-        0x0201ceed02292e8L,0x0c1f984fe7922a6L,0x03f468c9e917dd1L,
-        0x0ea70eb4c20595aL,0x1d7db4f45d2cb9cL,0x023a96c60ed941fL },
-      { 0x14d6cead5dff4d5L,0x0afeda2d413fa28L,0x18313f1c4d79d33L,
-        0x1037caef1c20e14L,0x18dc6b08dec0bb7L,0x1e124b138f0966aL,
-        0x062b2dd94226d52L,0x064dbbe58c6c321L,0x1fd6ebac6675288L,
-        0x1516812e1284578L,0x0b36a1373f07c3aL,0x0d508aa217c0278L,
-        0x0d1a8868011c783L,0x17d792a29c82344L,0x0c2a23590c4caaaL,
-        0x168e092d0aaee50L,0x152569491ca8744L,0x01d328c79bafdc2L } },
-    /* 176 */
-    { { 0x0a8ed50224042a0L,0x071d8122978f355L,0x1d31da084761b2dL,
-        0x13de9aba7fdb94bL,0x122d46e54e0fe3fL,0x0233ba99d471522L,
-        0x1406d6663887fc5L,0x072292d8a1deb25L,0x069104c2f83a677L,
-        0x03385e5a395df80L,0x020ec940c5def4aL,0x180afa4e25451d5L,
-        0x17b439c994c5d8bL,0x0e6d0d7fa0f7c98L,0x0e3dbee60074ea3L,
-        0x1f041ad0ddd6ae0L,0x017e80c5cd0fbfbL,0x02a0561b1f6e12cL },
-      { 0x11969a9fe7f43dfL,0x09c04160dcf2653L,0x1f621670a45f999L,
-        0x0b2d5488095b2ceL,0x1f1297dabaca954L,0x1753ef074ec2affL,
-        0x0fe387d8625ec8aL,0x1bf2ddb99fa6de2L,0x0627d307016e200L,
-        0x14f839b64c4c452L,0x0979825fc8c749cL,0x0437ec090ea52bcL,
-        0x094019b299af7f2L,0x135a58eceb34130L,0x1375e8c76677824L,
-        0x02bd3d88f9ecc35L,0x14f4de9f2b36ebeL,0x00bed99767d0b4bL } },
-    /* 177 */
-    { { 0x1ef69196cf40599L,0x086fd806010753aL,0x19eff2abd9e5fa8L,
-        0x0711bbacf07b4b5L,0x055bcfcd0d663caL,0x025e3f2d10fc7f1L,
-        0x018cba70fd4e38dL,0x09a6bec563aa91cL,0x1654f242543c6e6L,
-        0x1aad3d3134c9b13L,0x1f17dec3d04c931L,0x1ef2744301e7476L,
-        0x111e81675b05697L,0x129a147ab67c2fdL,0x14a2c09b4f36cd7L,
-        0x1f6f1c7542b22a5L,0x05da8470255f7a3L,0x02305e80dd0ca22L },
-      { 0x034dc23c24d8077L,0x05ac0263906965eL,0x0445bd747ffa0bdL,
-        0x0124f079c5453b5L,0x15904af3578af52L,0x1508c8714fa8d5dL,
-        0x177c11b15c35fdeL,0x0a294a45f74ae37L,0x1bf4e2a06ae89bbL,
-        0x0cd9ae62cf9a226L,0x0a0d9c9b30955deL,0x130b5f9d82ef860L,
-        0x0b7c36cbd094a4eL,0x1ae9c83bd6d7beeL,0x0f892f3b4c6de1dL,
-        0x08436a5ad209e5aL,0x18dc5ca26691f95L,0x03e9a161e0b9a43L } },
-    /* 178 */
-    { { 0x1cf2c0a11fd127fL,0x1b5dc08cf262f72L,0x0949bbd5ab0d9b4L,
-        0x1dca860ceac4356L,0x0c3e961930cfeaeL,0x1e7338976f13e95L,
-        0x130f5904d44ebe3L,0x130c2b38c360ebeL,0x1d447efe959069dL,
-        0x1c6b7b4753b5754L,0x17186c3d6f4592bL,0x08dc3d11773158bL,
-        0x161ba92320dbab4L,0x1c4c4c32b0c5c58L,0x02dfa0a83abecf1L,
-        0x0c17618f5798581L,0x1a710f09b6e20d1L,0x02df057d3472631L },
-      { 0x0ab6d381bbbf49cL,0x0e724c60381ff41L,0x0d77843d098cf82L,
-        0x03b4b48a65d94b1L,0x1618f7b7d9cc658L,0x07bff383f0c43b7L,
-        0x01af81066978c94L,0x0d376353d21bcd7L,0x0584a7deb373591L,
-        0x0759a44a8a4ed96L,0x11a8cec3aeaee0eL,0x016185f1152428aL,
-        0x070a2db0190067fL,0x031f379f5ef06ffL,0x081beb6e946c1b3L,
-        0x1b81543224f73d2L,0x0aee4eb5e87fe80L,0x00f37e67aea6f18L } },
-    /* 179 */
-    { { 0x17dff66aa8ac924L,0x0d698e14c59f45aL,0x0ca597ec20301baL,
-        0x1a3b2b927fa281cL,0x0a180caa7dab211L,0x06f6b4b6b46c214L,
-        0x1187c6a4a502288L,0x065502a2ea671beL,0x1ff5604ae60eae9L,
-        0x00dcf24bed72605L,0x0ea5ff7898ba264L,0x1349e21093068aeL,
-        0x0f64724f1ded69dL,0x1542d0afc7fd011L,0x114de5357c70b93L,
-        0x00fba98c4d9d202L,0x03780440cd6bf09L,0x022916a30aeed54L },
-      { 0x095f079ebfbe7c5L,0x10ef6c2779a2344L,0x1adb5286ae58c3aL,
-        0x04a14618d0e2d53L,0x0043bbaa1a4a5d2L,0x0872faad0b318e0L,
-        0x0155af441d40940L,0x0337ffc7d3a7b18L,0x131b30b18077724L,
-        0x07fbf78425c114bL,0x0df5d7c868630e4L,0x0c6aacb771f0018L,
-        0x0a45e3bceb18d0aL,0x11f85846dd60ed1L,0x0f16b1470e3a430L,
-        0x03f8de3743544bfL,0x0ba09d5256bdda7L,0x01a3280d4b6bf20L } },
-    /* 180 */
-    { { 0x0be448ccc2b0f1dL,0x1a2e4d6261b81c3L,0x19767f25aeff8faL,
-        0x12b5c4ffb4a70feL,0x1bc18089cef3c4eL,0x050c50d0047bbb0L,
-        0x0cdc7cdd282108bL,0x0a9dd105084a76eL,0x1cb6fc6d87cc093L,
-        0x044f60db0a4b6b5L,0x10a6e5278c97121L,0x14a4f7bd82cd525L,
-        0x0edcea281315c6cL,0x1d108aa7caa2277L,0x041873cd1a0faccL,
-        0x081771f64df31a7L,0x16dc3b08aa806c9L,0x03e0ea167f2aa64L },
-      { 0x06e703fdc110aa7L,0x1bcebf9b171bc3bL,0x1d756ab728f2adeL,
-        0x12c17c66e7a4b38L,0x06c4e8ff2a6eca7L,0x1b82dffa3a25258L,
-        0x12d4eca10b33bceL,0x1703475eb555c60L,0x17bbfa2011b2d31L,
-        0x05d375d25f7446cL,0x1597395972e0e71L,0x0d2db5efd9d05a6L,
-        0x07e695974524808L,0x14a7cc1b963e667L,0x0468c9bbf5bacf3L,
-        0x1274c1467699e70L,0x19014203f43fffaL,0x0018f4c1439e18eL } },
-    /* 181 */
-    { { 0x1efecfc765a17ffL,0x19c4468948532a7L,0x111a4e3680e2827L,
-        0x1b42d35a8d7e4cbL,0x03a62fe84bb6145L,0x04305299e7c10a1L,
-        0x0e31158b7d5c6afL,0x0eb7e5521f502b8L,0x145ba1d6e17eda8L,
-        0x0cec40d4a37d2f0L,0x0f9e12e43d68edeL,0x06f9621fea54d83L,
-        0x04a4f4fd360910aL,0x07169dd061c60ffL,0x1e9861f0c603f16L,
-        0x06b847c5fe0a162L,0x11c3a00059b943aL,0x024a69b22d14662L },
-      { 0x18426b64ba021f8L,0x04841bcb6f5b61cL,0x0e55f8db1d8b453L,
-        0x14ea39e42cda5caL,0x19b24a198f556ecL,0x1061576d650f000L,
-        0x09ccd1e21f6912cL,0x1af27da999bfe83L,0x18d717c445c7c0cL,
-        0x02431a548dfb804L,0x051be4ed66eebf3L,0x1673cac49e2b43eL,
-        0x0d303f8443dd38bL,0x05f8827e4b6a0d5L,0x1c19609ad9c3c0dL,
-        0x001ea0a07f3da52L,0x0f3768e1f47b342L,0x01e7ee62f5dea63L } },
-    /* 182 */
-    { { 0x16c2a86b523e13dL,0x0522c1490685029L,0x11e39d5c4a58405L,
-        0x0cfd6a37d47aa56L,0x07b0e9190574606L,0x144474384fbc30cL,
-        0x1f3500a2bb621a1L,0x1e6f35013afb295L,0x050c6032fe2129aL,
-        0x0f25f394c1e2041L,0x0c6eedeacefa39dL,0x06596c318e51306L,
-        0x013f59c4a4d31a0L,0x16a7b0f11b6ec2dL,0x15c5c576fb38d17L,
-        0x1d7af74f5599a3cL,0x0a1138c58da64a1L,0x04494b6879e8d77L },
-      { 0x165288fcca82c97L,0x160968a13f46e58L,0x1c1d30fb76a49b1L,
-        0x1dd5403d7ccd529L,0x10f5e86d94600e1L,0x02b5188a55e73e1L,
-        0x10b09d075c0832dL,0x0d1560b54264f3eL,0x070b60fafd42384L,
-        0x0c77f6098c69cf3L,0x1fc6b22482cc628L,0x1751b0733c07d60L,
-        0x0e3c81a30101e3cL,0x066333ec32fc499L,0x1a181f2ba2f29f7L,
-        0x142599dc35cf344L,0x0543182e64ccac0L,0x04919d17b958d26L } },
-    /* 183 */
-    { { 0x17e8df60acbee17L,0x0ace12e127e6e38L,0x021f953ff2c03c2L,
-        0x15a50a22d68de13L,0x1ba1fa51b993decL,0x190c1f05fd527c5L,
-        0x1dde6724927bf43L,0x043f27966b12d08L,0x1284bfb7f2322d4L,
-        0x066384d6a157804L,0x1c89d26ec758550L,0x1674e2f878d58d3L,
-        0x05bb9c5eeb76f50L,0x123c1dafc590f4cL,0x1870f9d63ec66baL,
-        0x035900990d736a5L,0x091aca59092f297L,0x015d9353490f6c1L },
-      { 0x0a3443515f81416L,0x13973d57fadda4cL,0x13780c5c987021bL,
-        0x18b81439fc7a3ecL,0x1368340131c0786L,0x1cda66aa17526c5L,
-        0x09fc4bddc9ce868L,0x1b829fcfdc397deL,0x1ee7fc09e16bb27L,
-        0x06e660ba0872ee3L,0x199d08650ecf770L,0x16c07e63836f468L,
-        0x19c22c107092934L,0x1ccfcb3580c36f6L,0x06c224e8dfba2e9L,
-        0x1a9bc1e77f96849L,0x108bae614472e92L,0x049be59fc70cb75L } },
-    /* 184 */
-    { { 0x1c0e77c16fbfdceL,0x1a664e4c6a6602bL,0x15c9095cb483a80L,
-        0x1800335079cec0dL,0x115971629861b55L,0x107ebdc05d1401fL,
-        0x0aa883d05077416L,0x1d910cb2276961bL,0x0e6685746aa3848L,
-        0x168ad2d1f0242e9L,0x031dd0eda417745L,0x16fb0315e575038L,
-        0x14d2b74b78cec31L,0x0a1f1794406c78cL,0x0c1f073299676c9L,
-        0x09180637074fb3fL,0x01186537fdc1f10L,0x026abdd83bc2c35L },
-      { 0x04b768a53b396b6L,0x1926249da8ed65eL,0x07ae8c2b86cef22L,
-        0x0b28a28f8a67ca2L,0x179fe3ce893bbd9L,0x0905ea366430188L,
-        0x18580d2c2859cfeL,0x107665225d6d64aL,0x0bc69a2a49d168dL,
-        0x04a4f3d7786e894L,0x0d066a1c9a6786dL,0x08ef7e426ed64c2L,
-        0x09a4f9714706c58L,0x1dcdba2ff2ad8c8L,0x17cf2158f5badd5L,
-        0x1f5c76a6cb65211L,0x0a80e257e4355fcL,0x00833e08c4bcf95L } },
-    /* 185 */
-    { { 0x045508432bf8883L,0x0943537e83333e4L,0x1e3ddf08cd751d5L,
-        0x145e945929ae161L,0x1118acf5678e60dL,0x0dc86cd2346c566L,
-        0x044133a4e0c2efdL,0x149d49638e9da9dL,0x0ac67316d27776eL,
-        0x0c56bae1b0dd589L,0x0f520a64489146eL,0x0440a614875d864L,
-        0x0e3292d5a526440L,0x0ff678de1d22299L,0x19ee2e36d21a52dL,
-        0x0d5bdc9c0a2dd8cL,0x125b3aa595fa430L,0x03f27b848f9a74bL },
-      { 0x13816e9b7f70919L,0x10b768b5801fa9fL,0x1fd1de326795d94L,
-        0x10614a30208d8d9L,0x05e728dbe6a5abeL,0x0677eb77b7a4f32L,
-        0x1cfddbf75cfab2bL,0x187d8729cdf186fL,0x173320802b6407fL,
-        0x04747bd4b312e5eL,0x048d8df2afec026L,0x13be80fe6b35065L,
-        0x05ccbfae50258baL,0x1f128c09ff80d77L,0x1c72e87efabab3bL,
-        0x19b6b38d3e2c307L,0x0bd512c58ad9eadL,0x015724e6a366674L } },
-    /* 186 */
-    { { 0x039b0e3c40849f2L,0x15266d22084c609L,0x0a67951fd92544dL,
-        0x08f537758cc2a6bL,0x13547af692e4bdcL,0x03d3a50cad0b232L,
-        0x08aca17b2cc662dL,0x05a4f0aa7f93bcdL,0x1471c038a0e2ba5L,
-        0x15d0dc41ade5d49L,0x1d4369bcc7b2884L,0x07ed0056658da97L,
-        0x113c64c8c4d146eL,0x1769094b864e009L,0x1a14c3eb4c3c4b7L,
-        0x1bca336eb7ff738L,0x1b723c0ad3e8918L,0x00c074ea9539bb8L },
-      { 0x116542f29ab77b0L,0x08ece7bd7731461L,0x1a14d4f0bd03750L,
-        0x089615c99e08980L,0x15fc266f638dc7eL,0x17f5bed04920c2cL,
-        0x05e618e7699c7f4L,0x054ad0b1daabd47L,0x17a694f3158f383L,
-        0x0a119e3698b6c18L,0x0b2c98c28d69eeaL,0x0fbbe3fee2765f9L,
-        0x0559eee2f3fef8fL,0x0ab6832545cda29L,0x173f3f346d3e46cL,
-        0x1d6822ef0cd845eL,0x1b412bc25663777L,0x010e5379e6c55c2L } },
-    /* 187 */
-    { { 0x0162b13a3e66635L,0x10515954fbb5787L,0x08c11b6ccd587bcL,
-        0x0ef005771b568e7L,0x0699b44c0840bd7L,0x1103f8adb5d7af5L,
-        0x004171b8464006cL,0x009cbbc2d52f216L,0x122b12f15db67f0L,
-        0x02fd6a2c5012e92L,0x1da54f7c2845086L,0x0537e8a06981799L,
-        0x001c277bff4c421L,0x14054f0c07ba020L,0x0aa8ad1b9102d30L,
-        0x1b29eecfbd1eb08L,0x0353de20ab805e8L,0x02d7fac2c90113bL },
-      { 0x05acd20a8458e40L,0x0abec0a4b995ec0L,0x04c57c729cb5695L,
-        0x192a56a6478e0e8L,0x0494fadf7f2e269L,0x1e93332e2c92ab3L,
-        0x0a19454edeb3469L,0x0d74dbe0c7b0dfcL,0x11e91db1357d53bL,
-        0x0caddc4f49f5680L,0x0786bca58eff9a4L,0x1385104f110c7aeL,
-        0x123b859b6ffab2bL,0x1b814ee8bbc1b34L,0x0611585b9a545d3L,
-        0x1b0938f30f0ecf7L,0x17764fb4f1d5907L,0x01f55bf0e446c54L } },
-    /* 188 */
-    { { 0x13a94b652e5718bL,0x17d2a7a6770f4e3L,0x198d54fbb7ab8ebL,
-        0x16be759434ca9d3L,0x0d083316f2541e1L,0x1fca876b894a448L,
-        0x0f929e596bd8fedL,0x179b1f93c1b8e9cL,0x0b4ee48d2eaf79eL,
-        0x02c543545bbc3f3L,0x1d887fdf33abc29L,0x1dffbecf301bb18L,
-        0x02f91067278228eL,0x183f1b149086a3aL,0x1c78a7647d8d406L,
-        0x1714a882ec38cf2L,0x144c0ccc65f03a3L,0x01a48ed279c704aL },
-      { 0x106d046cb062eaeL,0x0db9aae843bb6b3L,0x0148a48c574bb9fL,
-        0x05880577b701bd0L,0x06ed33374078566L,0x0b4769afc9a92e1L,
-        0x02c79b3a85359f5L,0x0eb22d42312cd11L,0x00fbd52055dc716L,
-        0x19e883bf22baef9L,0x0c402bb0248cd60L,0x1a02d9b0a7129d2L,
-        0x05432263682f9e1L,0x0dd267ebf75e9b9L,0x13160e100745cacL,
-        0x02fbc6efb573aaeL,0x018aeaa695880d5L,0x006421efeb568adL } },
-    /* 189 */
-    { { 0x15811ffc9373300L,0x099954cfee18022L,0x0070d4f2d95470eL,
-        0x152d507a4fc3377L,0x12ee3f1a774b924L,0x06ab63e5fe47e5dL,
-        0x0bde6bc9e3b1004L,0x17edfbcd05fc157L,0x07566d0727339aeL,
-        0x09ad6aeb8902edbL,0x0f9a51c1472742fL,0x0901a7460cf96b7L,
-        0x14572d7530577dbL,0x1036c29e96387faL,0x0afed77a1856bb3L,
-        0x11daee33339960bL,0x169eeefc96bea0aL,0x016e6234e9afb6fL },
-      { 0x0a6cd06c65f0e77L,0x03cc05eb8d8a566L,0x1e2cf24f3003773L,
-        0x075d197eaf6c443L,0x16f8e63fddfcd5bL,0x10995bde494b9fbL,
-        0x1278ba61228d01bL,0x034998b3407aa3dL,0x19c9d32bb3a3308L,
-        0x009082940742335L,0x000ca86ef9ca540L,0x0ae449270891856L,
-        0x0eb6bba0ffdbfc6L,0x0054a40174b9506L,0x0762f1fd830293fL,
-        0x14171ec588398b3L,0x1fc820c96ee312dL,0x02d0d32ede6defcL } },
-    /* 190 */
-    { { 0x1ba691a42485684L,0x08b5c94e23864dfL,0x05c798a8146584cL,
-        0x0cbfe933b569603L,0x05238efff3245aaL,0x0eaa8ae177c3fa5L,
-        0x0b2b305b71aeb32L,0x196b4fe44fc5b7bL,0x18dedaac4a9bbaeL,
-        0x1984536973e4c42L,0x1cbf0b9a25564ffL,0x050a2efc0c2298dL,
-        0x06300b1bee3655fL,0x09e0bdaa531f468L,0x05d098afb4339e4L,
-        0x0806f94957c6b89L,0x1d9f4b44a17bc4eL,0x02d74a84cf7f2fdL },
-      { 0x02e5ee7804f7455L,0x124cb9103334109L,0x10c5de578cccd06L,
-        0x19c91df9db2fa49L,0x19fbc21c12f4123L,0x11d1d77439c6c90L,
-        0x09b6eecef718419L,0x0ea6c07b1850b27L,0x1926227f2e3c1acL,
-        0x15495602f55728cL,0x05bc2ff5a04ab3fL,0x1089f85505b8b6bL,
-        0x1a63522b273ce7eL,0x09433c4a9c20240L,0x1621a220d8222c5L,
-        0x0f95843ff6f984cL,0x0980ca331612f4aL,0x02088333f51f6e9L } },
-    /* 191 */
-    { { 0x1830357c2d04b63L,0x0d1a6fa494d0c40L,0x1b688b46577cff1L,
-        0x13968648e78e77eL,0x0997f13814df2f8L,0x0b027a1a2d7f2e7L,
-        0x02b97638fd7e62eL,0x1e75af285d2a182L,0x0cefd5447eed25fL,
-        0x1b4728f0739e066L,0x0b5646ad53e932fL,0x020a256c3918b63L,
-        0x13b5abf7608bbc1L,0x00f3cb24ddc9948L,0x0332f9f6c48c6f8L,
-        0x0db73a1507d2208L,0x1ea3dde426f90a9L,0x00e675b229a6f88L },
-      { 0x1210c4f0c6d0f55L,0x0fb0dce339e4e96L,0x0466a738feedb2bL,
-        0x192760c7c9baff3L,0x145a93be135f494L,0x0977be2c05ed9e0L,
-        0x0eda9361c8cc83dL,0x1dce9b0edd11029L,0x14f6f723ac7a97dL,
-        0x0f15c781f1e6c19L,0x0bc20ab9c809c1fL,0x05a9bbf490dcc2cL,
-        0x198d3a17c6e88ecL,0x1cc00b8d6cb2e42L,0x1bdac898b967950L,
-        0x16406156c50bb77L,0x0a33cf451954d48L,0x00f8ba919a7512fL } },
-    /* 192 */
-    { { 0x08a765b3467ea91L,0x119777e96ce22c0L,0x11b673caf1bcfd1L,
-        0x006b30275cf6ebbL,0x044cbd8defc8d24L,0x092b1111f65904fL,
-        0x1866966e8438c85L,0x1eff429b2687e3dL,0x1df97c21bfb0c48L,
-        0x073144875186a1bL,0x1b8a919451d70b1L,0x03c824cce54b650L,
-        0x1c31aab3b8291f0L,0x10be91764e37ed2L,0x13c2eb6dc9de96bL,
-        0x125c37b11db0722L,0x02bd0b05d1b6a23L,0x0265c57c832c49eL },
-      { 0x0b02057bb4b1953L,0x045a27acbfb7751L,0x166d79904b21338L,
-        0x1b679a92330a9ebL,0x0e42bb5d1913262L,0x073fb04813b1723L,
-        0x105b20d57239b5eL,0x0311df55048716dL,0x0d0173790e550f6L,
-        0x0c57a3172bebbc7L,0x0b57a1c56d1c504L,0x0d8683bd49f342dL,
-        0x12280ca61090059L,0x1ba632d0954abe1L,0x0201050bebba000L,
-        0x01f43b620a24ea0L,0x0fc8c1db931ff08L,0x024352e12ebcc3cL } },
-    /* 193 */
-    { { 0x121e213941b4f36L,0x07d8a7c01da7c82L,0x08b94a952ea2eabL,
-        0x151fc8f2d9fbe3cL,0x18dbacb6acfabbbL,0x0efd28d703c46daL,
-        0x05bbb7e635cdb06L,0x0362ab850d46b4eL,0x0be7d46769c8646L,
-        0x05b1c07b1d3252fL,0x1064527d8249894L,0x0fa145bf8b66296L,
-        0x15cef466ac0919aL,0x14c35576622a6d2L,0x09273b64fe92891L,
-        0x0eb5aa12162e2e3L,0x054602f1d6cc1faL,0x02e934fc4bc7260L },
-      { 0x074030c14920419L,0x0ec34484b439c9dL,0x1313badc3e98211L,
-        0x1bb3f8b79703732L,0x158f8f2dabcaa06L,0x0e29550329ca13fL,
-        0x06ea8d7217d9ec7L,0x068b4fb1ae45922L,0x14041005caec2d8L,
-        0x0c345223d4729a3L,0x18602e37944b0edL,0x0dca4222d1d609dL,
-        0x0b2317cd8a4daa6L,0x108b26fb605eaedL,0x0eb5f2687506175L,
-        0x04d0759db944c3bL,0x10f0fe4b5ac09b0L,0x04564ccad136caaL } },
-    /* 194 */
-    { { 0x0c8dc9b2640a39dL,0x1859c76f064fcd9L,0x06f687b2e82887fL,
-        0x1a101a082ee9e8dL,0x149946048a902ccL,0x1b558af4ab7d197L,
-        0x1d248d23e173e5dL,0x0cf843f8ddc00cdL,0x135b1ebfefeeef3L,
-        0x0022c0e2309f2f6L,0x1fa39ba9ae81c5eL,0x14652a1ae7db97bL,
-        0x161da48889ddfcaL,0x0dd7fde8e4ba3c9L,0x0ebab9f3a19f233L,
-        0x02591a4ce863e39L,0x04d682550458979L,0x0063e0eee6bf50fL },
-      { 0x1aa30cc1ce963a7L,0x17b266262fd6f29L,0x0be0a0a2befdcd4L,
-        0x0d9442420e57354L,0x05a576dc64273c5L,0x1ae3be556ebb2a4L,
-        0x1ce6d865ab0fa42L,0x18841a87d3fa355L,0x1fc392062cd05cbL,
-        0x00b1c392607f97eL,0x0ae360aba087985L,0x12867f4f47e19e6L,
-        0x0df644ca925f58fL,0x0c8c53afd75f8e9L,0x01d84603018558cL,
-        0x04882f3136bdad7L,0x1abbf342445ad41L,0x0127fe4d70efb19L } },
-    /* 195 */
-    { { 0x1fcdc0593c7cb2bL,0x01dcaac8029fdc4L,0x0f3d8608d0f3049L,
-        0x1ecd8314c6c03bdL,0x0c913287364546eL,0x1c4618d2948380fL,
-        0x1df5f0d6e009be5L,0x0510a570c5525a3L,0x11809cb050aa797L,
-        0x0bea33e51e59002L,0x11df027bd6e51a2L,0x1885e4483309e41L,
-        0x0df35bb206c3372L,0x14e0a05aed029f0L,0x15beccef09b1b42L,
-        0x072d0c39f981996L,0x1a41c3cf9ef299bL,0x044f269e8a0310dL },
-      { 0x15e80e7a45a9be3L,0x152bc039ab7dee9L,0x18bae59ef0bf136L,
-        0x1c8f9a2dc6030daL,0x1f30ce9ba702679L,0x0327a865178e012L,
-        0x0759bc4816d187eL,0x13cffadaf2f0a0cL,0x047edc4f68a0880L,
-        0x0d60224cd269d71L,0x119929b47e76a17L,0x1d09af5074e3f08L,
-        0x0ceaac33f19f30cL,0x0a431155f49c15dL,0x1a07ac87c0ce0c6L,
-        0x16b8f606f4975eeL,0x0fbd156a90899a1L,0x033ae9f37f378e8L } },
-    /* 196 */
-    { { 0x1767ffd707193e5L,0x05548c081ac72ecL,0x07fcca363bdf91eL,
-        0x10db77b34eac69fL,0x1e215686913a0eeL,0x0ced1c1bcd94b43L,
-        0x0d34a40fd042a27L,0x16bb3f1af723626L,0x09fe74229bd82efL,
-        0x1ab45b11c01e3bcL,0x068d434f494d136L,0x0b60e4892fd127dL,
-        0x16a169e23b559c3L,0x062da634e2396a1L,0x11fd4c4261918cbL,
-        0x0f1113edaeb3b07L,0x04ba91cf1db1e49L,0x02fbfc97f30578dL },
-      { 0x18a1cc60545167eL,0x1170157fd447078L,0x1d450ca9ef3d57bL,
-        0x054ea210cc499bfL,0x00511af77382da4L,0x178a11f44a608faL,
-        0x14abaa93938c4aaL,0x06b187a6de1ec7bL,0x1fc5c9550d76606L,
-        0x0929b989bf53f55L,0x135660e6e543d80L,0x0c0281cc688454bL,
-        0x0ef2ac704595a0fL,0x023587b9c82f11cL,0x1215e2912eb3039L,
-        0x0f00699a840dd88L,0x18d367b1aaaa5bdL,0x012df676c8515a2L } },
-    /* 197 */
-    { { 0x19a73820c33a8fbL,0x1b6688792ee0e83L,0x0fe31b520adb3efL,
-        0x180f7f08949ff8eL,0x199162f03e51f18L,0x009c08d3b2891b2L,
-        0x06282b1669d3850L,0x1632af4d0cbcaa0L,0x1e1ec51bde3ca09L,
-        0x0063f59d4b0129fL,0x0ff451f780fe12fL,0x1da2a5f7b613d07L,
-        0x1dcea15ec1c0540L,0x05930983b5d2976L,0x0e5c81bcf4c3b55L,
-        0x0e75537af75d1d0L,0x163f20d86920963L,0x00530b525e1d85fL },
-      { 0x075f3ed6e1339c9L,0x150395fc5805310L,0x120af3366d1debeL,
-        0x1e0194a98fbf5fdL,0x18bc31ae4713158L,0x06fe45224881789L,
-        0x15352be63c560c4L,0x18993de40eab3d2L,0x1e8021af9c527a0L,
-        0x140093bbd0c9011L,0x1d4e31fec08dddbL,0x0e9fd193d2a2c6bL,
-        0x0d15cc90975df19L,0x1bd288ae0143fd7L,0x0b188f7e81ca3c3L,
-        0x1741321b7f7cc1fL,0x04ca8d40fd40311L,0x043b68aa703e323L } },
-    /* 198 */
-    { { 0x1a4d6d2c2d3ea8aL,0x1340dd421300769L,0x0037901c19c8dafL,
-        0x1cd4faf4f78a7e2L,0x1d5e1a83e3e5b6fL,0x04be153734ca7caL,
-        0x040441f2b3489d8L,0x04825b31b754cf2L,0x0ddfc4461102e0eL,
-        0x00aede16a499395L,0x03992ea50d9a592L,0x163465657f20fc7L,
-        0x05d928e28b4960eL,0x1503be4f6d22ba9L,0x1587401cbdd6ce4L,
-        0x028ac4eec1976ffL,0x100af235d1b0f4bL,0x01820611df3b68bL },
-      { 0x10dc55b4efa9a70L,0x120a7a9f4330858L,0x044c27e289ff537L,
-        0x0a0ccc3a787b2b8L,0x00eb513e505109aL,0x1e99c5e5514ca53L,
-        0x19c7cfb9054dc79L,0x1689fa28bf88ca3L,0x051bbf838cbc313L,
-        0x01cf03c0f5c90a8L,0x05ad1052fd6b1ecL,0x031117c1a919d0dL,
-        0x15dd8f2b6f2d667L,0x15c53fc55f49d97L,0x1dd4717077f479fL,
-        0x0e97d0c567bb321L,0x1a21eb1ad58a32aL,0x02a436bcd0f5de4L } },
-    /* 199 */
-    { { 0x12e34ffa1359e13L,0x0c6df940cb028e5L,0x08f48d592d7880bL,
-        0x0c85ed5825d2bc0L,0x1653725dfb1340bL,0x123356aa1dd4295L,
-        0x1ca2e06bb735a34L,0x0cb7ef00448a8f8L,0x1559f8a119569fbL,
-        0x02dbd316fd91764L,0x01d5027bb579494L,0x0510533ede220e2L,
-        0x013db6f8c79c899L,0x19e53cd4d3eb493L,0x08582c0c3adfeceL,
-        0x0813595733771f6L,0x18bd2012568d28bL,0x01c078d87ad622fL },
-      { 0x0b99e6be6a0068fL,0x1e79564539ba9e0L,0x1522cbebadf12d9L,
-        0x126804c1874d934L,0x0c0f739e7f417f9L,0x04a4ed4772b42aeL,
-        0x1bbffc22d443de0L,0x17762ee1f851ab8L,0x0b4f5abeefd96a7L,
-        0x03d889b79332d15L,0x0e0292d80773e68L,0x0c282c57d98c5f6L,
-        0x16ee6b83b3cc803L,0x1460bf759a4c7dcL,0x1dfbf0baa6c3f5aL,
-        0x0167cb0696b7542L,0x05e929044f55b11L,0x0255f6ef6f5eb94L } },
-    /* 200 */
-    { { 0x155e1b9700ef376L,0x12ecd3366d5ff99L,0x15d51fa1d91b55bL,
-        0x1401ef26d367b84L,0x00c52e2928f44b8L,0x14d9c90461958f5L,
-        0x08e7569e37848dcL,0x0d68308a33564daL,0x123f6b4b7e0ce4aL,
-        0x1afb7c5565954fcL,0x0f1153881929648L,0x006837e60c5d771L,
-        0x1b94dff6f937efdL,0x0553fd0335d6341L,0x02cdd170cd92c7aL,
-        0x1f61e0c2cee559cL,0x0d346f08d08d1e3L,0x0351055d98c7099L },
-      { 0x08310166a85cbc7L,0x084a349a7cd53f5L,0x02239de3c6cf426L,
-        0x1e448f6f3384422L,0x054484ce7ea4ff8L,0x0c61b2598b8eb8aL,
-        0x05160a500e5253eL,0x02cbb5223e72fbeL,0x0a6b58093094391L,
-        0x0fca84d0ba11c5eL,0x1460860825d635dL,0x004348f24ba1fd6L,
-        0x14af8a315eae0c6L,0x15d6825b874a334L,0x1c911f6b9ebe28dL,
-        0x0dffc8982bcffe0L,0x1775184668aa545L,0x022f1a9d3df9b5cL } },
-    /* 201 */
-    { { 0x005676493092f71L,0x15b617adc96b8bbL,0x126f8b22db17ad9L,
-        0x1441806c7d3b662L,0x03cd7097f62f583L,0x1c8b56344566998L,
-        0x06c3a174303e3aeL,0x1a237ee8c590983L,0x1c76ed5f97c4a6aL,
-        0x045c45d688cf9b4L,0x00dc6faf942e0fbL,0x0a110cce0d4cb37L,
-        0x03f8373d2c0cc69L,0x152d017da98e3adL,0x0e6874138734e8cL,
-        0x0667dd04e8ef1b4L,0x136edfc5bbb75daL,0x00aca0f92653cdeL },
-      { 0x0e8c0f8a77dd512L,0x1acd38ee1b2fb21L,0x133421d4e18aa46L,
-        0x1ba4e5f595d01a2L,0x0027cb5a1624230L,0x17cf81f751f60b2L,
-        0x0523705c02d6707L,0x1e3a823824e1b46L,0x1801ee448c4181aL,
-        0x0f942accf1d4805L,0x1ec2f43426bff7bL,0x1f2d166e0048bacL,
-        0x00e6f836b8d839dL,0x1e9900e49db183fL,0x0740aed4e0b9622L,
-        0x083d2c6db14d6f4L,0x10370b7db769686L,0x0368be1a508c7d6L } },
-    /* 202 */
-    { { 0x1608841c181c99bL,0x0e480e43dee57e7L,0x111cdc836afad97L,
-        0x0ca6eea2b768c16L,0x0a96c2774c79c39L,0x007a206a23f9170L,
-        0x00eb4365484c0abL,0x141066164d7920bL,0x0e25e977a928904L,
-        0x0f57fecc2e2858cL,0x16f2de96b57da87L,0x00339146fdab9e9L,
-        0x101e9850b6cbcd0L,0x185c7302bc236ecL,0x04cbe406b20652aL,
-        0x1c51772e50ae268L,0x14e4ce9f149f56eL,0x00d5cdad21f4f0eL },
-      { 0x06dab92314fa7a3L,0x1787823c7fcb190L,0x1c4e41367f6f312L,
-        0x1625808bfc999c2L,0x1d8f6d7dac20a2eL,0x1db7fd227e2a3c7L,
-        0x1dd6221b9cb1729L,0x1aaff48a536dfadL,0x14df1d1b192a820L,
-        0x0c097cf93c4f8a4L,0x0bc20eaaed4f48fL,0x073654075665308L,
-        0x10b151250226485L,0x198fb5eab18e704L,0x0db98d384a53455L,
-        0x0cd5f64526c3b28L,0x1ed8c4281c43ca9L,0x01259a4ab610d59L } },
-    /* 203 */
-    { { 0x1bdcb86659824e2L,0x067242709f3a624L,0x0899aef87ba9b71L,
-        0x0e3c7d88af49803L,0x0f5a8e4b47b2b8eL,0x19a986bf458af01L,
-        0x1480ba07adb9b8cL,0x13f59746d3c2f48L,0x081241431d70e4cL,
-        0x0c857a59f095f5cL,0x1c148c47d21bf70L,0x03c253f6579ca64L,
-        0x0bb70f6c089f6c4L,0x1ff5a23bdf3143fL,0x13c62ec51e61428L,
-        0x1a081f9fbf62337L,0x1f9925c292fda80L,0x01096b2f2bf1e2dL },
-      { 0x1adb386ca15cf08L,0x1256240f0b97591L,0x1e4d350b430137eL,
-        0x06e8809b8f3a3b7L,0x0932bfcdd9cf607L,0x14154c30284220fL,
-        0x073026ba4432871L,0x0612a51f8308358L,0x0e6a120aedbbed6L,
-        0x07070f618667928L,0x12e953962efcbe5L,0x169f3f54882bfd0L,
-        0x07ecee7ce5c66d0L,0x17d3439d062c78fL,0x07c4d21e8750fadL,
-        0x0f56f2d8d8b4073L,0x047e6ef9aaae672L,0x03357d2aa4d2e12L } },
-    /* 204 */
-    { { 0x05aaba8c980e91dL,0x07a84b564c77d6dL,0x182a368c998aa4fL,
-        0x0001028a7d61321L,0x1d71de8401d2153L,0x0cd00915d8699f1L,
-        0x0e39d197db600f8L,0x118b205fe98f150L,0x174e2afb7193134L,
-        0x04993abce7d82bdL,0x1a9908eb40fe3e9L,0x048ab1ff4814ec3L,
-        0x1977a87e30b7d4cL,0x04e426935af4e06L,0x0658e834717b6ebL,
-        0x17e1bd95107347aL,0x1dfbc6f2f35ebf6L,0x000f7831886ac55L },
-      { 0x1f903163ecdcbb0L,0x16b9413e0e4aa95L,0x00c255d724c0678L,
-        0x132d3072613ca4eL,0x1cd082df0dc1c5aL,0x0bf028f7cfc07fbL,
-        0x06d57364541d77eL,0x189e50dfffd398cL,0x1352db38f80f24cL,
-        0x0cdccf61b291d71L,0x0a32a042c412a7bL,0x1fce60a4075a213L,
-        0x0e769400f5c2700L,0x170622961517712L,0x1c0a90756574e67L,
-        0x0616e156ebad5efL,0x002341080990db7L,0x00727affeaf4689L } },
-    /* 205 */
-    { { 0x11c64440ff14c38L,0x1acfd576708f95eL,0x169c8abd8cc2696L,
-        0x15055e49dd548c0L,0x0b9a1159ddc9f65L,0x142757fa7725ff7L,
-        0x0ab38918f41d9d3L,0x1971197c3c01c17L,0x17ca568ead5fabdL,
-        0x0c06a9262bf5cceL,0x195cb3a6fa61cefL,0x1b9ae60170bd388L,
-        0x1240f54176918a1L,0x1ad8a11b2491098L,0x0d3c5abdf8c93feL,
-        0x1b2f881bb4a0248L,0x02008833421a133L,0x019ea08b0843b78L },
-      { 0x131a36b9878e5ecL,0x1f190a348c1193aL,0x08cf428c1191778L,
-        0x0f542e6cb3a2bf3L,0x1925d4fe734c1b8L,0x11587a56104a517L,
-        0x172f10f25968709L,0x000eb39207c88faL,0x092af215e052393L,
-        0x1fdb6af8fac9f9aL,0x10ed2f0f376d7ffL,0x05397fbaa810cb2L,
-        0x0b198d76c09d03aL,0x00793dacc7be6d3L,0x0d6333f01e4288bL,
-        0x09fb974aaf50919L,0x0665922052d76c5L,0x0169ef3d523db5aL } },
-    /* 206 */
-    { { 0x0de746265add3b7L,0x0479ad5f9261555L,0x072b8695f64f962L,
-        0x1c58edef7fa82a9L,0x1e3202b30e22e18L,0x0e878533f944755L,
-        0x0b462de699ae874L,0x1d21c156e925103L,0x17d424086c7adb0L,
-        0x186196294210997L,0x11dfc563e6827a1L,0x06e5d804ab130b0L,
-        0x1ca5098777422a9L,0x0bb3002c5f21462L,0x1fcdf3d16de5591L,
-        0x0c512d8ff8c632aL,0x0a68b7023ddd631L,0x023801ddb2d8e09L },
-      { 0x19401c1c91c1c96L,0x0e6fc93d094b86cL,0x185f0f0a441ea97L,
-        0x0f47fc8e2075725L,0x0ee998ee26fce8fL,0x1d20fc58684eaf2L,
-        0x0941abe98881238L,0x0a56380254b44d9L,0x12c6f734c99b572L,
-        0x049ebcfa897bff0L,0x0241bab3b866984L,0x07020ada3d4c5e6L,
-        0x16eff35f216bff8L,0x00d6911230e3ac2L,0x083f7a1b81fa5e3L,
-        0x1d0365994d942d6L,0x0e6ab4d6d2d633fL,0x039effa82583516L } },
-    /* 207 */
-    { { 0x1615805d8e20fb8L,0x039f2415a99f845L,0x00055aa15329f1aL,
-        0x19966d2422a40beL,0x07f092b787fec6aL,0x02ff260fd1e0766L,
-        0x1c4496cd991fba1L,0x0dfa8f03d0bf163L,0x0c65268398b0f1aL,
-        0x175c6366e5c75c9L,0x1c3ab6397db54b3L,0x1c4791b269b8267L,
-        0x1d428ac45a31883L,0x0ddfe54290a76adL,0x196b84fddf2924bL,
-        0x00bf7be8227fc0fL,0x13563e4a0d272abL,0x03aa2685bb8a47aL },
-      { 0x1e8d13480797aceL,0x0b55057c36cbf27L,0x1a23bd69a3f085bL,
-        0x0b3f364d09b7e14L,0x0999d2fc18b26f4L,0x011caaa97f7e7d4L,
-        0x0de0356be360989L,0x15f1e2468d3ec74L,0x12933454fdcd4feL,
-        0x1400c5bd39dae84L,0x07c9db9554b062eL,0x0e7bfe4d763935eL,
-        0x1006dd4f44c5d47L,0x0f9cdd24cf7a4a0L,0x1b293cab63c4be5L,
-        0x1eb34aecfedb9ecL,0x149ba8773f17922L,0x0110040f560f216L } },
-    /* 208 */
-    { { 0x043d573ba37a0baL,0x018de6e8bb6fb18L,0x13f31081c3dc169L,
-        0x1ccf85a21206645L,0x0bf8bcfa5cabd30L,0x03d8859b164aef6L,
-        0x179935d9f49dddeL,0x01cc25922bcdd80L,0x19e669631ce69c3L,
-        0x1e4eec7b417131aL,0x087c4a57ff30e09L,0x1cf31455b944f20L,
-        0x044b5d500a06a8eL,0x06c06b62c70073cL,0x17c43321dd1bf1eL,
-        0x0dfb048c0a77d22L,0x133844e328b219fL,0x03102a0d608de9bL },
-      { 0x17fd382509e5a29L,0x06be85a19298f07L,0x0d5334e20ee61d2L,
-        0x0917f762f51ee92L,0x05f2d2c5c6b8ac7L,0x058dc1d230b5330L,
-        0x0996acf6598946fL,0x0b19eea62085fdcL,0x0c70d73fbdb2250L,
-        0x108ea1a78616aabL,0x01876152c966cc4L,0x00db88567efb0c4L,
-        0x05e86a4949ffe46L,0x0b0776d6262e42cL,0x03890801377322cL,
-        0x02cac30099cceadL,0x09791f3855a4214L,0x03f9bc0cc7c995fL } },
-    /* 209 */
-    { { 0x0374bdadfa6639aL,0x0a46a0155b9c8cdL,0x08d91c0c78b432fL,
-        0x19a0b33a3eb8bdeL,0x00d38443b49ee2bL,0x09c9746942f5b07L,
-        0x14e3f6efaa4bc9aL,0x0d1228abf7f7178L,0x0ae259ff1e469b7L,
-        0x0e7658fa0ef2b41L,0x1bc1c6654b46bb0L,0x0303cf7ee88d90eL,
-        0x06282ad2f11ce25L,0x15d277b3e5c9d6cL,0x01ea8fa3e8f34c5L,
-        0x16c11f9cd1409caL,0x0d0ced74170a61bL,0x036f38b59fb5608L },
-      { 0x0e58d04172d6dc5L,0x166f331cbe32e6aL,0x1860327ad3a2fb4L,
-        0x10ebf45db6f5cefL,0x091e67385627546L,0x0e4597259819275L,
-        0x0a21d808ea1588dL,0x16b3bedad8551f2L,0x0ec2c185ff6f5e8L,
-        0x04970959d6aba45L,0x0ed3cb552bbef1eL,0x0891dd0d1042f5dL,
-        0x11b1d9bd5b14915L,0x17f806fbd1362fbL,0x16c77bb97334598L,
-        0x1eee9d7933e2f72L,0x1b0909836163fe1L,0x028fc84185d9e92L } },
-    /* 210 */
-    { { 0x1376fa1f2922461L,0x0d8e18b286868a4L,0x10cc376182376ecL,
-        0x166d71320d25723L,0x1f5600523e612c4L,0x1512a2f0cbbd85eL,
-        0x0f63be2bffdc18dL,0x1759b4fa4f022e4L,0x00b0bc4bb81bde7L,
-        0x058405976952bc7L,0x0834345c6cb808fL,0x119f2837735cb7bL,
-        0x1bc14a65c5f6df3L,0x00ceecc742eec0eL,0x081be4dfe6320b7L,
-        0x17cf18c26e8fea4L,0x1e79e13a2c25f5bL,0x02f7690c70551a5L },
-      { 0x156575401d4dc0bL,0x12f93fab35d83f0L,0x0faee088975686bL,
-        0x182313d8d7d30bdL,0x0cce4d9d5f3ad21L,0x1b2dac8bed28c67L,
-        0x1dc732128b4fb5aL,0x0f4ff3102eb1ff4L,0x150d6ae122ac69aL,
-        0x1bf9858e3734236L,0x08e9816f42ec4f2L,0x1d9bae7e480f180L,
-        0x0ce5f0a9969a10fL,0x1ec7ac034628ac6L,0x1691b8749afd856L,
-        0x1a6115e65d50f22L,0x054eaf74e810287L,0x0460a5d03531321L } },
-    /* 211 */
-    { { 0x0877895b17ee201L,0x15238c472bd3b86L,0x1d8e5e08915b016L,
-        0x019387743a3387cL,0x14389ebe0be6f8cL,0x13fddb7f42fa7fdL,
-        0x1b1914e2f333833L,0x0850edd5654ca4cL,0x15c9ac690cf9a38L,
-        0x1ae79d8e6647cc0L,0x1ef9aa73da1f7a7L,0x01f90706b82bf42L,
-        0x1b150ef2ebfcfc1L,0x04252973043587eL,0x1347ae27e5fb366L,
-        0x0077482dcdf4561L,0x05ee2bd15993eccL,0x0322e052ef55d8bL },
-      { 0x14c420550aa7e31L,0x06f8617c28ed2ecL,0x0424f1c9b9aabb2L,
-        0x0c4c337f3532c8dL,0x0253fbd572dbdc3L,0x184f030da130707L,
-        0x1b16e5f0967ee31L,0x1d3f57ef9779bb5L,0x1b4d5e8b1e4b703L,
-        0x18372b7039a77eeL,0x1293e47d57e2946L,0x11747eacb91a05aL,
-        0x12816d1d947f860L,0x0e73d89b4117a3eL,0x1410908330d8559L,
-        0x0cfedc8ddcbde63L,0x091b2a65f706835L,0x013f4ffa0697d36L } },
-    /* 212 */
-    { { 0x1251893d7e952e7L,0x182c1e39adf8c3aL,0x064a5bf8124456cL,
-        0x1100da5f94e656bL,0x1b885ed92745185L,0x0faaf638d5bb500L,
-        0x0ea72f73a765db6L,0x0567b4c164091e5L,0x16977c086592b13L,
-        0x16e54e584c828ebL,0x0aac8f4622b896dL,0x1e7fc4155e7bb38L,
-        0x0f5aad74d09f469L,0x1154f59dede8fbeL,0x1c04310f57bf970L,
-        0x004c118bdbf4426L,0x176ada2217b5787L,0x027f772b39ed64bL },
-      { 0x0e18d52b5d3d780L,0x0dae9838b33a218L,0x01b969d0855936bL,
-        0x1d1ad7770c641a7L,0x0d263dd15d8c290L,0x0c231b4c0d21919L,
-        0x0b2c4cf439f2a62L,0x1fea270f09b4a33L,0x0832e3fabdddc81L,
-        0x013c2ca18ccd21dL,0x12af3cc9d0c58ffL,0x017ae9f29f4eb69L,
-        0x1d5694a6279fa01L,0x05b2bd1261453a1L,0x1a897ab074aa223L,
-        0x0c3fefdde4a07d0L,0x00eed11a5d304c5L,0x027f40c73ce4f6fL } },
-    /* 213 */
-    { { 0x0252c9d7fc1c7ffL,0x0a0cecfd44d6880L,0x09290193a732a6fL,
-        0x1087285d9992742L,0x0749695b384cbcbL,0x08b2df802610fecL,
-        0x04409a720767d08L,0x09bc464ac51bbc0L,0x1ec9374575a9b00L,
-        0x199a35ffb6e7e10L,0x16992d34dcb1f7eL,0x15a7e40929c5589L,
-        0x15e867c150cecb7L,0x015b91ec2b1620dL,0x194c8c4a64e573bL,
-        0x0cb2f9235bf8afdL,0x1fce06f1161f10bL,0x040c8aa94dba69fL },
-      { 0x0c124316ed9d4eeL,0x1d0aa344d7f80c7L,0x127caa268fd0f7fL,
-        0x05a8cfdf6495746L,0x039102e22db1e8eL,0x1784158c6f51aa0L,
-        0x1751d08aae14f94L,0x1dce2614583da6dL,0x1ca60e86d0295d1L,
-        0x15634043e3fad69L,0x0f3b3f7a1919639L,0x18428c3a24ca1f0L,
-        0x10bd38509972e66L,0x13319144ff77a0aL,0x0b71e543c60fceaL,
-        0x0ee044ea8a97cf2L,0x0f32744c11b1136L,0x03e835e63f47537L } },
-    /* 214 */
-    { { 0x12859427090212fL,0x1bea62a90f42244L,0x108af8b6ee49a46L,
-        0x1b7b03f10098070L,0x0c89bc36317721eL,0x078026e09b65f75L,
-        0x02ae13dc6d82deeL,0x09a4d2265a09c43L,0x1b0e2496ee6cc81L,
-        0x196718bbafd6e0aL,0x0f02119b488f142L,0x154c98c25f1705cL,
-        0x0ba4b653559721cL,0x03e9ece8acd3a8fL,0x0350918d0ceab57L,
-        0x079543cc373a5d0L,0x192149f655ffc67L,0x0245a95cce87ce5L },
-      { 0x1915399efdc05beL,0x06d8c09f04af4d1L,0x0ba7376cff6b79cL,
-        0x04340128a288f0cL,0x03920ea3a2b0316L,0x1dc7f5a593cc061L,
-        0x05b52b14e53c688L,0x1342c7ee4ac7cacL,0x0aa0ff93fb71421L,
-        0x137cb6949eb123aL,0x04baa1f73f89db4L,0x1e5e8e071a2bba4L,
-        0x05f418168eab27bL,0x19954c4d72c6419L,0x127c4ef8dc1088aL,
-        0x1095b46d287217fL,0x0ecf16e26060d06L,0x00be06f43cec63bL } },
-    /* 215 */
-    { { 0x0a5f453dcc01958L,0x02caa0e7441c9deL,0x0285587d6db5f65L,
-        0x0cfc5a6d78bcc6aL,0x05ac3a6c291c3c8L,0x000366fb63f6c25L,
-        0x1b0ede44f102f66L,0x153ef17610eace3L,0x11c928f6eb43e89L,
-        0x0f946f9d70f50f6L,0x0e96c6e492cad7fL,0x0e0a3422dc0ac57L,
-        0x17167ed3e3491d2L,0x0de058230476015L,0x175fd678a473dedL,
-        0x1336e61ca02d318L,0x1d70c7c350df5c7L,0x034315cf1056370L },
-      { 0x0c6f4e79ffa1f64L,0x1548d50f121a4abL,0x183336dd48cbfb5L,
-        0x0e0645ac0fd341dL,0x062fef87bfc90b3L,0x1fe79a14a405692L,
-        0x18e3ff08525a70aL,0x138dca423c14a73L,0x02a59ec2612a514L,
-        0x0aff1096b835a99L,0x1ec423a67210a46L,0x1d46bb900905eefL,
-        0x0bbd92d29874ceaL,0x15750af752d3018L,0x01c4272b50b7296L,
-        0x1ec93ad58778e93L,0x06cc64e1c40290aL,0x02849fd16a8fc6fL } },
-    /* 216 */
-    { { 0x0cf32804c2d553bL,0x15f111dcb3614e2L,0x12708a5a452b706L,
-        0x0b3332ed92aad4aL,0x176e83f3d8c9f8bL,0x02f62be1162bdebL,
-        0x187d53ca50aadf2L,0x091de680fcadc58L,0x1f005e8caf213dbL,
-        0x186429ef9934c63L,0x12235f2b02952d1L,0x17dac16ea03dcdeL,
-        0x06714a4bd9b6bd6L,0x1704c44a7808188L,0x1e4a8014a16f0edL,
-        0x1e495d80ce835ebL,0x03832f16426ef7eL,0x0097ce226b63bd2L },
-      { 0x151e96483313a1cL,0x0e9ed19e2c59b8cL,0x1d4b1eb1011263bL,
-        0x0e1b96bdd09db77L,0x0dd422f8866ca6fL,0x10f6177605747abL,
-        0x148f041def15019L,0x07cda732275a844L,0x1d105e1e858e7cbL,
-        0x1e49cbfe4bcdda2L,0x0752a4265ed6491L,0x1147d12a5fce644L,
-        0x074e9462410ef62L,0x0cbc07a06846ac1L,0x18443b1932fb43dL,
-        0x1634627af844e11L,0x118d186d8667679L,0x0017baf2713570eL } },
-    /* 217 */
-    { { 0x1637ebf47f307d7L,0x02535680a0a3b8dL,0x1594b816a031ad9L,
-        0x07fda0f66305467L,0x1696e597c8f1a0fL,0x1fe00f604f73fc9L,
-        0x1cee736a9fb0f1fL,0x112a93f11fdf1e6L,0x1c88d1961c3bb89L,
-        0x09527f4efe553dbL,0x1e7b88eb92ac836L,0x0c83ebd9634a25fL,
-        0x1fe32fb47df5aeaL,0x12e842e073b491bL,0x11d568a5a971080L,
-        0x12e47b9224ab04dL,0x141580b985f9bceL,0x03958dab331cb0cL },
-      { 0x1708a08790e5558L,0x1b0208344d7c04eL,0x0e2908c4ed7e614L,
-        0x04ab493a35d0bcfL,0x0c371b0be6ba129L,0x07370caf3b62585L,
-        0x0688561413ce64eL,0x19d1ba82844c15dL,0x1d8b04e9b968485L,
-        0x0a625d2c43f7f21L,0x1a399fc47179cfeL,0x1c519ed73388224L,
-        0x087a0a966292623L,0x06501769f968555L,0x18ed546c999dca9L,
-        0x16b6ad1dd1c9c5aL,0x1adcdebb2992e78L,0x02ef8c90b70b912L } },
-    /* 218 */
-    { { 0x0027e1e8df2e7e3L,0x1e6346c6d03ef10L,0x09a52d2b9a52c60L,
-        0x1e794c5d119c6b7L,0x12efed2c896d97dL,0x1e84279ef2389daL,
-        0x048ef401b10389aL,0x1603d36e377f903L,0x09991c7b61aacc6L,
-        0x08649b247b2b420L,0x1587461fd1d4919L,0x16237ffa7944270L,
-        0x0ffa191418610f2L,0x0aaf2984cb48afdL,0x01cb5e63c48db7aL,
-        0x14916c2797dd543L,0x0327f7b44ea66a2L,0x0229132e170544eL },
-      { 0x0d5ec7925430010L,0x1c37ff5e8486025L,0x13fc82a74fd72b1L,
-        0x0547db8cbf4bf3eL,0x0cf3eb11fcbf411L,0x12db80441241ce0L,
-        0x02ae2e375b53a2aL,0x01dc44e3bfb6eadL,0x0e43ec373b74456L,
-        0x0757c930e7ba94bL,0x06b838fea5b66deL,0x1a5bb84bbfaa301L,
-        0x146bab77110b312L,0x1af678f235c7bc5L,0x07fb2a81a7bf236L,
-        0x17bc3832a575cc1L,0x15543e302ed5f4dL,0x00a5815fc8f03c2L } },
-    /* 219 */
-    { { 0x071c768b87e5b57L,0x03c7bfa98d2ab96L,0x1e2fdd65f7202f3L,
-        0x1a273c2ebe9ff27L,0x0b94ca6cb28e026L,0x1cfbfe35c1db93eL,
-        0x145c0babf8ec801L,0x0d85594a9bd9e77L,0x017c4133c6af0dcL,
-        0x150f332e67af1afL,0x046920d154171afL,0x17a1cc2017134cdL,
-        0x06c17d03882633aL,0x0d067c864b36338L,0x0b75931ebbffef8L,
-        0x1548c9b08f7cfa1L,0x0a5d49bcdfbaea2L,0x042f03f3a1663e8L },
-      { 0x1aae0a60bc25bcaL,0x12af8f227b27611L,0x1b62d81eddcdba3L,
-        0x0da600b213c3cd2L,0x0cbc4990aa90a74L,0x0717ae83958e669L,
-        0x03b24343f9b1b1aL,0x183241d8be0a7c5L,0x179b21fb4f0040cL,
-        0x19bade9fe625163L,0x177be786eb1f769L,0x1af26b81f1a7ebeL,
-        0x102cacd318dc315L,0x14937b8e388be0bL,0x00bce69bca08f13L,
-        0x1264671b6b177daL,0x030e5b492317db6L,0x004b201cfc6a4faL } },
-    /* 220 */
-    { { 0x1774f1656999ebaL,0x17143d8ef318290L,0x1c9b782c99a4f63L,
-        0x127f128543b035eL,0x0a03e13c3744693L,0x1139e7de7b5b0afL,
-        0x1715b4c3030d653L,0x1449fa674ad8ce4L,0x1a57534ada8be97L,
-        0x0c921533e115128L,0x06f6d674317125eL,0x0d998d484ed09caL,
-        0x0cd426bf59d7cd7L,0x1374df5948a04bdL,0x05b8fa5650128b1L,
-        0x0cda08e71fd30b9L,0x056bcbb3e0eaad6L,0x0313587e931de2fL },
-      { 0x1217dbae1a1ec42L,0x173edd5ad662823L,0x0c7a194cc746a9aL,
-        0x007a6024df6fc35L,0x1ee61851b845307L,0x144aa2140324f06L,
-        0x1d8ca201bd28fa9L,0x09e977c875b96adL,0x0036b9bdabcaff9L,
-        0x0ca0f32de831bdfL,0x1e7511a1bceaec3L,0x025955ad5fad042L,
-        0x1eff7e153414869L,0x15c37ecb4d1dc48L,0x1e4a30e23109b3bL,
-        0x13c016adcd50222L,0x0c1933e71359639L,0x004ddeeecd0bdb5L } },
-    /* 221 */
-    { { 0x1e39c1de4fd3673L,0x06ce8d32e4703baL,0x0771ca271ffbe20L,
-        0x1c6a53a4008e4b8L,0x1c747af35b6735eL,0x177efae0fc79769L,
-        0x070e573ce663e44L,0x0bbdae44c30930bL,0x123793a2f0e6979L,
-        0x1355c6b4358e953L,0x0057788aa20b922L,0x0df9f3b71afc019L,
-        0x1202267547be77dL,0x04e0876e04437d9L,0x00fb532d89a1f51L,
-        0x0cdd53e387c2ef9L,0x124e6d5d7f05af3L,0x0175500dc68f7d6L },
-      { 0x047fb701f357c74L,0x02e2554f1dbca2fL,0x1ccdba16a4164c2L,
-        0x1f7c0489929e130L,0x03b5660df53808fL,0x1caf6b48eeefc9dL,
-        0x083522dd8ddefceL,0x1e72372236f7672L,0x07ccf08bf86a13cL,
-        0x1f6c7cbf500c72cL,0x090d0de31546514L,0x1bd3c1a5ab4d63dL,
-        0x0f9b96259a8e6adL,0x1778beeefe15924L,0x1fe72165baf3abbL,
-        0x17751ed296886aaL,0x06b48cd150f07d5L,0x001698ef4da60ccL } },
-    /* 222 */
-    { { 0x0bb9e1ede79499dL,0x147fc7e87e156d3L,0x03a069f64d5bdb2L,
-        0x1fd1e0c64f7d81fL,0x1b300bebbc3d1c9L,0x1e0c0dc02e390b9L,
-        0x074040108282104L,0x1ad3d342cfde195L,0x0076c909d1aeeddL,
-        0x050ccbfc71d4539L,0x1fde9e9ded0a799L,0x17e8b929a7d279cL,
-        0x07e6d48407aac0fL,0x148c90f3f9bb4a5L,0x076ef5bd599e78aL,
-        0x1f533e47fc1e7dcL,0x165c7917566cbf9L,0x04b2c3079707a6bL },
-      { 0x134702b7fa5f79cL,0x1ea132d796936f3L,0x0e61b1cf833a4c2L,
-        0x1a9dc8945a8b7b1L,0x156c8a1a7dbe7beL,0x06fc076094f0124L,
-        0x0966dbf7016b1dfL,0x15ee14d7456b139L,0x0fc484021999825L,
-        0x09425aa3d11f85bL,0x084290a282a2bc7L,0x16625655edb163bL,
-        0x1a33935ee3b1eb1L,0x077fd3767828a21L,0x1899531e81fac9aL,
-        0x1dc982ddc810dacL,0x0527a7bc5014549L,0x0328408190fd4c5L } },
-    /* 223 */
-    { { 0x1f0e460b67ed9b2L,0x107e861b6c9e924L,0x0fa6231d7870336L,
-        0x06c297819376b2cL,0x1a768605757bbe9L,0x16e2a24d4dc400cL,
-        0x16616a2df8abd23L,0x0993cefdb3d6a34L,0x0dd025274ebbf02L,
-        0x0c5b1440aa2e31bL,0x16bb4120036e816L,0x027303c54474737L,
-        0x1c550cb4f27fc20L,0x1a903463ee337eaL,0x1a7e856b49c0cbeL,
-        0x151459341795d02L,0x12f60606f213a7cL,0x04c14a8234c3132L },
-      { 0x03746002e11c128L,0x1d72e8736e53f1fL,0x1b8b65548992037L,
-        0x051016e287c8802L,0x126b881cf65f88fL,0x1c357f651e946a2L,
-        0x1e563e71677477eL,0x09ea910c18498e9L,0x0d06ea43c9cb69fL,
-        0x1a1e4d7399a7676L,0x0b3358d4ca5c4d4L,0x0806be74d818b98L,
-        0x0cb372653ba95ffL,0x1128291e9700d0eL,0x089fac8c5443f7eL,
-        0x19a21ddca71c54cL,0x14beadfc8a0ca23L,0x025bf370d9f3c7aL } },
-    /* 224 */
-    { { 0x1c9076fdb5f928bL,0x085db5b9a3e763cL,0x1e62b003b107989L,
-        0x153b2c338ea96ceL,0x19e4343f900d20bL,0x0c9aebf6a160682L,
-        0x00738f7ce7a1514L,0x1584c722304c9eeL,0x0ce8f2554e1f87aL,
-        0x0eeb3c4b2fc8d55L,0x1458fe8c914e7ffL,0x1e589759d32b2d9L,
-        0x0aa94f9ea55c815L,0x1792722aebc6461L,0x17709a9eacabfd3L,
-        0x05045e1dac81239L,0x058954a420b00caL,0x00308e262e994bbL },
-      { 0x192001ca9e81829L,0x199900451416678L,0x17863e77b66f7b4L,
-        0x1b6f11200617fafL,0x1577a5dd6793ac0L,0x169e15dd806c8e9L,
-        0x0405385e88e9e00L,0x00fff2bf119f6a9L,0x17cd1bf4bc71b6eL,
-        0x11d925011ac4645L,0x0cd6e2904481d8bL,0x00bd880ada6136aL,
-        0x0ce916a1b52481cL,0x0280bcfa2ae3a08L,0x1344822ef80c9c6L,
-        0x1fca02bcd82ef67L,0x166509a24c090cbL,0x04103ca948e0842L } },
-    /* 225 */
-    { { 0x12d3cff1c7d353eL,0x1f666bef0671daeL,0x1d7db2a1d8d7579L,
-        0x004bf35a7d69620L,0x005cb5aeda8404eL,0x1910d0b5cb1f449L,
-        0x0b292797b836027L,0x069ac990bb3d483L,0x06a46c4e934442aL,
-        0x037fcbf1e7b2ad2L,0x19707b9505f5f2bL,0x1353dd7f3898ecaL,
-        0x1988da638868100L,0x1b5a39634adb0e9L,0x1fc45c5900ad1abL,
-        0x00bc63fbca2ca16L,0x0a794f8f273be0cL,0x03a43d81b5441a2L },
-      { 0x060e5759c3e2370L,0x0c0c9fc02438cd4L,0x1cf29b8be6a8675L,
-        0x12c288e336741b7L,0x1effec21b6c7e95L,0x08675fd4824e3a6L,
-        0x178562e8192c8fdL,0x1e5625045809343L,0x0b654b7d9b1d527L,
-        0x03842ce87fe8218L,0x1d299d3c1511af1L,0x0a37475bb32a6f8L,
-        0x0be33533b5e5532L,0x13f20ce7251f6b6L,0x146e5e4bcbd1340L,
-        0x14d3e5b09dd054bL,0x1ddcc76b123db6fL,0x041a7c2e290fd1dL } },
-    /* 226 */
-    { { 0x09347c12ce9b31aL,0x029157f1fd9db99L,0x0d354bfe43f4762L,
-        0x0c5634103a979dfL,0x0a411f0853b1738L,0x0db01d29c608dd1L,
-        0x15d05e256e4f050L,0x10c532773556217L,0x1ccbbd046099129L,
-        0x14fd7d8775055d2L,0x111888d598625d9L,0x11386cfff4a9a90L,
-        0x1d1c3478da4a63bL,0x15301a7be5d6ae8L,0x06c4e4714ce489eL,
-        0x1ea2a1cdae0bfccL,0x14cdd14b660f74fL,0x031cec58529995aL },
-      { 0x0423162162217cdL,0x12515408e14737dL,0x186085d9b700b83L,
-        0x1208d40dded1b39L,0x1de921015126373L,0x014c69a2775118eL,
-        0x15fa4181f23c845L,0x1c24fe4e574c7b2L,0x1e7ce80cca5e8caL,
-        0x00b75f1127bd31fL,0x13969e259cf8d16L,0x1444a6d757a89bdL,
-        0x0ee3bf77af13756L,0x15e7cc5e3226b0dL,0x1ea58b182cafdb8L,
-        0x000467616b3e653L,0x02cb0769a1aabb5L,0x02048189b063aa0L } },
-    /* 227 */
-    { { 0x0d2873a1670433fL,0x0a6fb12a49efe42L,0x066a03f3e27b24eL,
-        0x01b652ec2dd60b4L,0x19e63046e39e431L,0x14e54f283a16e4eL,
-        0x07437cc6b632077L,0x1a30d557f29f6f6L,0x036cda27a1b3c82L,
-        0x18d177a1cb816c2L,0x0ff77118204a67eL,0x091ba472c470501L,
-        0x137b3c9353e4b2bL,0x097dc53496d9617L,0x06011d356d6cc5cL,
-        0x04af1f370f47610L,0x1c8d85909861e95L,0x040334776f9bd15L },
-      { 0x0edcd35b39a0249L,0x1866a597c575771L,0x1791c88f7c16bc8L,
-        0x15c1d26fe852b62L,0x0cbc9162bb66982L,0x04ee5080ce95b94L,
-        0x01ed17144aba73dL,0x1d22369234ec61eL,0x148d4f34ca03874L,
-        0x0fe87532265ba19L,0x1e6b87e56cc30f0L,0x1a9bdb16c15827eL,
-        0x1f61ead81c40362L,0x04c61e944f418a7L,0x1485c0bb5803751L,
-        0x03e66bf96383384L,0x0e9592329fc3a9cL,0x00233baa40def36L } },
-    /* 228 */
-    { { 0x03de56e39233c96L,0x0204e4039bf57f7L,0x06f4806af1a21a3L,
-        0x165690c40b595c2L,0x0f19056c0f2cea9L,0x0e1520f191c3f0bL,
-        0x0fa1ba9d4d96a97L,0x09aed8535982569L,0x0a01fcab78d6329L,
-        0x0edf4458655cf92L,0x11b96fd05301520L,0x1127972d6f54eccL,
-        0x117664e097fe111L,0x09fe7ad4db24fadL,0x1ffd8d2865908b9L,
-        0x1312ab2f1937a16L,0x056b5feb38e3c22L,0x001c524fd8419e2L },
-      { 0x1e3818c13e93257L,0x15e4ed3093a0d9aL,0x0925f2ab01ac533L,
-        0x067b54222c9edd2L,0x0de2034a82278e3L,0x0dd31873e62b2f2L,
-        0x1bef6edf7257c28L,0x1ad03bb3e46cd2aL,0x1c63e6319bb132dL,
-        0x11158117e12099bL,0x12064dfa2fac71bL,0x129bb1927158470L,
-        0x0aa6bb564483b19L,0x037c8c03daa67d6L,0x1e367cc69f35138L,
-        0x151cc3ba8737751L,0x060660c2a787f74L,0x025dbb711090dabL } },
-    /* 229 */
-    { { 0x0151e8ae6354817L,0x04a75781c5a1c3dL,0x1a2216562618cf5L,
-        0x0e3b975824990d8L,0x00edad067215382L,0x0072eb7a43d7c66L,
-        0x1fd56b4cc147f94L,0x1aa14e23637adc8L,0x0a68709a78c746aL,
-        0x1f8b931320179afL,0x023bebecc304c09L,0x008380d8e92f8daL,
-        0x0edcc3e2da9ef1cL,0x04970839e863a76L,0x084add0c317e5b8L,
-        0x1d6041e27279e55L,0x18b245840162107L,0x04421e92fbdbb7cL },
-      { 0x01501dcedb2a83eL,0x147d815dc6b9227L,0x196764977d8af3fL,
-        0x1e8556df8612040L,0x00f09dfd3c715dcL,0x0c857539e0282adL,
-        0x1d278499d17638dL,0x0c6a705e9b0edfeL,0x0fc69feefa920c6L,
-        0x10b0108cfeb88e5L,0x070ef641d713577L,0x17a27bdad7e4843L,
-        0x0b6263a1163800cL,0x1e93261bc63f507L,0x1672630d6f5e561L,
-        0x0e76aadc45c8ae2L,0x14971bf2a2dfa73L,0x00281fc9cc49ae4L } },
-    /* 230 */
-    { { 0x1addc6671dad4f6L,0x124448125f50db2L,0x038bd8174f748e3L,
-        0x1d61b2d713f6ed9L,0x0601b2cb13d5f5dL,0x11e92a705add1abL,
-        0x03a9f8df524760fL,0x175d10c08464819L,0x1374182f3e91c99L,
-        0x161657cd43d6c8cL,0x0c102bd5d3ca549L,0x1da328800146962L,
-        0x1e06df42e75b9bcL,0x05e8844ea6662bdL,0x16ed4008ba3b141L,
-        0x1d5b618a62ef5bbL,0x0f9690d31d29ecfL,0x039abbc7f0bb334L },
-      { 0x186ee3e843c1137L,0x0217d1f85b9e687L,0x1e762ac838e8f07L,
-        0x082c485f5c1ceacL,0x19b092e46f95f1fL,0x11b5603dc4708e1L,
-        0x00b9858a500f930L,0x064cc20be825b58L,0x174dc28a7862e06L,
-        0x08c7fd979d91e46L,0x0905f01d17fefc8L,0x1408980ae23c230L,
-        0x14cefbe4de49b55L,0x0bdfb88396332dbL,0x13c19d873130076L,
-        0x1a1f165940db58aL,0x0a1fc599daa7450L,0x029731bd30d18c1L } },
-    /* 231 */
-    { { 0x01700f16bebc6dbL,0x1a2edfca81ec924L,0x14f17454e46529aL,
-        0x0bcb5a55798e2b9L,0x0b7b466f942a1c0L,0x09c8c59b541219dL,
-        0x19b3ae904efb6e8L,0x194d314ac4921e9L,0x1bb720da6f3f1f3L,
-        0x08b6a0eb1a38d59L,0x14889cc0f4d8248L,0x18008c774d3dc01L,
-        0x0d62845fd17fd4cL,0x0056e4e3d6304f2L,0x1ebef298d80ecb2L,
-        0x129577e2df9348bL,0x09841007f7fc4bcL,0x03e48b5a7d3a58bL },
-      { 0x1026f9178bac2d4L,0x1404c1300d43ae0L,0x1db801cf590228bL,
-        0x09f983f7115a5e4L,0x0a6b291f443610cL,0x16307e2b93dc116L,
-        0x1522c19154cb223L,0x006a3c91133db35L,0x1841b48b5f543f1L,
-        0x16658df6ac8e775L,0x0b7c3e773d6a2e9L,0x0041668fbb69f89L,
-        0x02cb44c5213a7caL,0x0293e062550d666L,0x08f3d41dceda0a0L,
-        0x1924d546e9820e0L,0x07c733d10006b74L,0x00ff9c8b7bbd468L } },
-    /* 232 */
-    { { 0x0218fe4f997939dL,0x0fdddbc8ac1d9d5L,0x176a1fdd582cf53L,
-        0x02bb525931674f6L,0x06666f4aa9c0280L,0x074eebf0f5a556aL,
-        0x0c1d8bac5e94453L,0x0dde8d4cd49df1eL,0x1900b45c6810e54L,
-        0x1d7912c25d7826eL,0x0721c9721350bfdL,0x044b1c9907bc798L,
-        0x01170d88b23093fL,0x1603b722317d6f2L,0x174506f86584b92L,
-        0x069b5e91ae68c65L,0x0c9c1b1f759925eL,0x00cf68d2b0395c8L },
-      { 0x0f7fcde6c735473L,0x04733b001de1f4eL,0x12f3ec666ee2aaeL,
-        0x033599997a2430fL,0x10f65459bb73044L,0x09314110a57f9e5L,
-        0x082e1abb2068dbeL,0x121550596653f3aL,0x182f3f90f5773ccL,
-        0x17b0735fb112bf0L,0x0d12fef51d8b7d2L,0x0253b72e0ea7e31L,
-        0x097c22c18e3948bL,0x0bdf4bd6e374907L,0x0d8dfe4e4f58821L,
-        0x1a3abd1ae70588dL,0x199f6625ccbf1feL,0x03798f07cb4340aL } },
-    /* 233 */
-    { { 0x05afe5582b8f204L,0x020db69ac5aa562L,0x1efeb357d7b6b01L,
-        0x1627379b26e427cL,0x16dbcbb01914c70L,0x09ae90b8a5a2c0cL,
-        0x07c83a4a5f4d47bL,0x00b1ec8106ed47cL,0x1150a8a9d2f3cd7L,
-        0x19b7400ee6ecfb6L,0x13ad9573d5b60beL,0x00192554b442b4aL,
-        0x023b089f0376105L,0x0215b3746886857L,0x1ba3521246c81e7L,
-        0x0de8a95e35c7a1dL,0x1e6137e4c284155L,0x043af198431ec53L },
-      { 0x080fddcaf6c0accL,0x08f335d8f3e046eL,0x0b860a1616b756bL,
-        0x004eb8fb4db8e2fL,0x126b9e15bdc5434L,0x02fd287a5a64296L,
-        0x12cc97c287efda8L,0x03b8df03c8f02f7L,0x02cbd432870ff2eL,
-        0x112480b33e3fbfeL,0x16b2ded6169b122L,0x15a88ccd80afa08L,
-        0x0fe6d7d63d2e972L,0x0713a0a263a6c3eL,0x09612bbdc19f61cL,
-        0x1fbd765942af516L,0x009495c5bfb75f0L,0x02d5d82c0f9c370L } },
-    /* 234 */
-    { { 0x1e62d2bf0c97f57L,0x02438cb179463c5L,0x119d1ed42aec3f8L,
-        0x0689f413db8a914L,0x0b05a96ef6b26e0L,0x1357417ea26371dL,
-        0x02677b6c00cb1c3L,0x184517a8057afc9L,0x043f2e9639b7c11L,
-        0x161fe0767489b8bL,0x0e2f240bf43e303L,0x0754f9578758ed3L,
-        0x1206924cc99d9cbL,0x0130480a7445444L,0x0b9e782945186a9L,
-        0x07d018fe955172cL,0x0bc4ef0210a8b1bL,0x0382a23400dff72L },
-      { 0x0b3d713121901c1L,0x11313ff56aa557dL,0x0a16f022e88fa42L,
-        0x0a6dd844fcc9edaL,0x06c191ab8d99301L,0x04e7164cd0b55c8L,
-        0x0ea021ac73d6fd9L,0x1e0b240ceb2cd7cL,0x018836279ccba2cL,
-        0x00abdc3f7fa9a43L,0x1262592c88ebc8bL,0x09e0155cf4af7f5L,
-        0x0063218a80cd0fdL,0x0fc478a76d6edcaL,0x07b67f4e112ede7L,
-        0x0a06d8367c7a96eL,0x06b6c634a13d620L,0x037ab5767dc3405L } },
-    /* 235 */
-    { { 0x01dc803d9205c5dL,0x0afbeb3891c94d8L,0x1ff6766d9595a25L,
-        0x1da76359fc7bd77L,0x0094eeffb844395L,0x0c8ff582194590bL,
-        0x141d598c7fea08aL,0x00a1bbccdcc321bL,0x175b03c55e8577cL,
-        0x048e72fc8b91203L,0x0229023aece8fdbL,0x1f140b14272d345L,
-        0x179a6e06761d376L,0x1db8e94479d2ca2L,0x130c30040c0a715L,
-        0x017381087e85168L,0x0add8e6aff8730eL,0x03db5f408a76b22L },
-      { 0x0c38e4a3d3aa54eL,0x19ca1ec1ea84d1fL,0x188490e55788408L,
-        0x0fea3a7a89f0954L,0x1eca4e372910471L,0x1d2aef316922163L,
-        0x086d6316948f617L,0x0d18deb99b50a3bL,0x0044bcaa8200014L,
-        0x1a80f34700b8170L,0x064d679a82b3b3dL,0x0d5b581de165e10L,
-        0x08fd964f0133ddaL,0x0985c86c4bd776eL,0x1048bad236b3439L,
-        0x143bc98bf5adf70L,0x0742284ec1ed700L,0x0437cd41aede52aL } },
-    /* 236 */
-    { { 0x01d9055450cc69fL,0x18a5e64f6fcc787L,0x19dfb9fae80543aL,
-        0x0f331f1ca637729L,0x1b16eef05f7a673L,0x0e2f0aac41c2718L,
-        0x14aaaee4a1c8f61L,0x0e9fca3c68b97b2L,0x0c5d0ee287e2416L,
-        0x0e0a3778800c178L,0x0e7a4b9fd6f8b3fL,0x075f6cad7a7c1eeL,
-        0x1e5168e289501abL,0x1c77082558aa96eL,0x0c111d65037f8c6L,
-        0x1522685246c0788L,0x1869306f114c460L,0x02dfd4fd781da8fL },
-      { 0x023f52c107b258eL,0x1415deb31a0ee15L,0x1b6208f3fc6a627L,
-        0x08e336923ea9479L,0x0433dfb8f45b779L,0x09287744c6110c1L,
-        0x1d9543e77647312L,0x08aa185455c9f42L,0x1f7aa1ce42c327fL,
-        0x1d0ad6b2c1d8f20L,0x03569686feb6784L,0x14511c3f7b9b354L,
-        0x16915f7f879b1caL,0x03f40d0f57c941dL,0x0034a5b04393832L,
-        0x0b7b009fb94ac21L,0x0da6acc96161275L,0x00d8933554147f7L } },
-    /* 237 */
-    { { 0x0bc0a00774ee49cL,0x1b42965b11beba7L,0x12b177e4e28dddbL,
-        0x116df7f77bf80a8L,0x145f2eaec3388ecL,0x16749bc25645e6bL,
-        0x1e84ea7159826c7L,0x0e2cadf6d58fbd1L,0x15f8ded74a532b8L,
-        0x186a145d5444f84L,0x09fca042debb0aaL,0x1c3dfdd96698876L,
-        0x0b9e89c2db26426L,0x1c90884822218dbL,0x1604162ab12f174L,
-        0x1ec1d24dee6d09fL,0x023452fa691471eL,0x019a8bfed90c6bdL },
-      { 0x1c33f46593c4a36L,0x0eb8c1b58d4f754L,0x107509defbb2b1aL,
-        0x1cfc9e2f38ab441L,0x146d88a23e8ca24L,0x03817c2b9b99b4eL,
-        0x155d1c73ac731ccL,0x18516309b2e6bddL,0x17f4517a20704ceL,
-        0x1894e8c6b831529L,0x115c6ec75df871fL,0x061306a1b1640f4L,
-        0x1f61fab8ef774acL,0x1aeec00d93d948cL,0x0d1647e9f13304eL,
-        0x12567cfcc4ab628L,0x149349937b85a35L,0x018fd631e9863baL } },
-    /* 238 */
-    { { 0x0e8cf1b04913fb6L,0x009a80bb4d35997L,0x0dc5e0f987c1f90L,
-        0x13c4fe5ffcf21d7L,0x0daf89bf1e5107fL,0x06f3468925d33ffL,
-        0x0afb86248038796L,0x1552c4e6546dbebL,0x072cc37cfacbeb4L,
-        0x062fd4b749e2d3bL,0x08c5f3798ce4eecL,0x1ccf06165ad8985L,
-        0x041be5b96a97f65L,0x19867336a57e1a8L,0x103613c2fd02981L,
-        0x0d6112d4374f326L,0x1f53ee182540762L,0x000ed9aedbd5865L },
-      { 0x00fbc2dac0efee2L,0x175e6eb8edda2b7L,0x18f866da6afa101L,
-        0x026fc03045ce57bL,0x11458b4c49cb7e6L,0x1e2eb1e5dc600e0L,
-        0x19dd9082d211da1L,0x030308fbf428a98L,0x0bede911dd1839dL,
-        0x1cee4e493c6f823L,0x0f58ae2068cdb06L,0x10f327cef5b8529L,
-        0x0543ce3ba77f096L,0x1bb2777e3d64833L,0x111973c521a57f5L,
-        0x19b63c1841e1735L,0x01d636e8d28a6e2L,0x03db5d4c66baa9aL } },
-    /* 239 */
-    { { 0x11d9e03c1881ab4L,0x12eaad98b464465L,0x151ca08d9338670L,
-        0x01e2c35449505a7L,0x01ebb2c99599439L,0x163d3abc1c5e007L,
-        0x0882a3f577f32f7L,0x0909ba407849feeL,0x15ec173b30efeffL,
-        0x0f8e9598b21459aL,0x0f679415ba04fe6L,0x0575816633e380dL,
-        0x04fd223b1592917L,0x0c6848f6b57071cL,0x151923af404167aL,
-        0x1cf30d662d1c94cL,0x1082211447f3375L,0x023f4080cb8f5a2L },
-      { 0x045d45abc8c290dL,0x089aac087d99d38L,0x02491beefcbe8cfL,
-        0x1670b8f9b2575e0L,0x0161985cacff3f1L,0x0443a462d8a8767L,
-        0x173231bb829fcaaL,0x0873b11191cbd11L,0x04dd735f2ccb864L,
-        0x00f09db9e207b79L,0x0897ffcffb5a473L,0x162e4afdcb8ff87L,
-        0x13f32db1354cb43L,0x016ff969d532a7cL,0x1298e5113d63428L,
-        0x0cd2ef1c7e31151L,0x07b39646ccef3e8L,0x03c2d8c81706e74L } },
-    /* 240 */
-    { { 0x0ce2361a92f9a20L,0x0e543ceb22a077eL,0x0a1474035f16defL,
-        0x185d2f924da8e73L,0x18da6a8b067ac8dL,0x028db495751fff3L,
-        0x05069a0a2fd518fL,0x020ede388f2e2aaL,0x0f4bcbef63977d8L,
-        0x0de24a4aa0de73dL,0x1d019b45c10695dL,0x0b7b0eeabd5fc03L,
-        0x1d59e7ae80d282dL,0x1c1559b7b71083eL,0x14758d2a95b8598L,
-        0x1b088cbdd1ded73L,0x02799a2160ace4eL,0x032abe1b3dbb896L },
-      { 0x01b0268d75b6e52L,0x09b2008c68744abL,0x0cc1a8bac6bac20L,
-        0x0cda1211299fea6L,0x15fc1d484e46222L,0x118316dd9a8913dL,
-        0x0b7164d97a81d5eL,0x10e995946f7acdcL,0x1220d7d23b90958L,
-        0x007e9c9c62239dfL,0x1cdc299e1f693e7L,0x1799a0afe9715bfL,
-        0x0c1173f33aef0aeL,0x092d135a102f3a2L,0x0beeff6e347c296L,
-        0x1a509526c9e92e4L,0x0b4c891ae778227L,0x00ae20682507045L } },
-    /* 241 */
-    { { 0x1af169a2a0e18d1L,0x0e00ba60193e14dL,0x08fdef098b3a65cL,
-        0x1b031fe6f3b0346L,0x0cd3c3302099db8L,0x0d02a9b31fb31eaL,
-        0x091c3bd4c970c04L,0x0e139ae17b9f301L,0x1e64452d11c9ed0L,
-        0x1dfa1fa5633b709L,0x1b029aba170a96bL,0x0aa08e0921892f7L,
-        0x07491e6ba92faaeL,0x157d4c8a055cbd4L,0x1c9955d0157d4deL,
-        0x1ad7ff92b5b766cL,0x037646343b9d119L,0x03c474a504e9a0fL },
-      { 0x13a6fe59c53461aL,0x044bf0471db7682L,0x0bcc1da364e5d7bL,
-        0x0d98427a9f51ebaL,0x05b0147c9bd6bffL,0x1dc0b4ac863da08L,
-        0x1e3a4828d8a2df1L,0x11f8cd410dcb79cL,0x13dd4d2824dec1dL,
-        0x08567a260cee674L,0x0b61d7610d69fa2L,0x0f83d4c70364cc6L,
-        0x17f0dcc12859016L,0x037c6a31d912cbcL,0x17be8e646984ad1L,
-        0x0cf108430baf182L,0x093df55ec37119fL,0x048d8ce633c06f5L } },
-    /* 242 */
-    { { 0x1f2709dcb5d8b80L,0x0b0c17e1ab30775L,0x0644157be5a40eeL,
-        0x1bc8f8868570e7bL,0x154f8867d1ea4b4L,0x06bbf7e625c9226L,
-        0x1d58e4ec68b2bf6L,0x0ac0d1a49cfd183L,0x15f5fabb6499730L,
-        0x192462802a11ba7L,0x178ad4fce3a44e0L,0x11d6f76d017d86dL,
-        0x17d8f313b5ed07eL,0x17e969c94b2409eL,0x1228c69eeda81a6L,
-        0x1864b80db091c10L,0x1af6867fb2fe4f0L,0x01e15d41a0339a1L },
-      { 0x162d7759d3ad63bL,0x055cbacf0758fd5L,0x098ce217845cfe7L,
-        0x1dc4165f3ce0665L,0x09eca947f22cafcL,0x146c46da94dd3f2L,
-        0x055849255085988L,0x08901d447d87247L,0x01b8907e7d43706L,
-        0x1bfd22aab1f2722L,0x060a7aca92c3e92L,0x0148900c0f25995L,
-        0x0c246991ced0a72L,0x1a468435c666ed0L,0x02bb84cde88c96cL,
-        0x04a7eacddaa13ecL,0x1d83d30e091147fL,0x00fd313d2e0839dL } },
-    /* 243 */
-    { { 0x11222a242478fd4L,0x06378b385900050L,0x013e0d671b7ab3dL,
-        0x12f7279b79ee376L,0x030db60b618e282L,0x0d9d94cb70dd719L,
-        0x15777c5ff4ed259L,0x0ff4b0c738d78e0L,0x0c3ea92ed4b817dL,
-        0x0415953691d8452L,0x048a2b705c043a4L,0x1c8c41d13b2f08eL,
-        0x1703ff77c9753b9L,0x15df3072e7bf27cL,0x03805f5b0fe0914L,
-        0x0bdb73c86597970L,0x03e150a5acdc0a4L,0x033dc5e82a3cc3aL },
-      { 0x06079b4f4797cf7L,0x04cc5681fef0173L,0x18e9532abbc78c7L,
-        0x1deec92e22b546eL,0x0f29b1a764d9a1fL,0x136549be706e39dL,
-        0x1a9e19986c20fedL,0x0c37e9ae9fc65f6L,0x125f6ef09df00a5L,
-        0x1e21c1fc18e88acL,0x1304314daf78dcaL,0x1f3f10598cb6dabL,
-        0x13451a99b8d4945L,0x15d608d240fa478L,0x029282850058735L,
-        0x150493b29a9dbe3L,0x0df65363165a467L,0x03a14bd54d264d7L } },
-    /* 244 */
-    { { 0x09758a4e21124baL,0x0c0cc543ffde962L,0x1744f598e2a266fL,
-        0x102bef7eec8bf79L,0x04e6d57e94645ffL,0x130edcafd339b7eL,
-        0x051287ab991d64bL,0x0e8f2aeb81997bfL,0x0a3d1304725b31dL,
-        0x040ef912655ad73L,0x1f4a6468a21fc9eL,0x0b2144d588b31b7L,
-        0x12d8661d4a23d07L,0x0500a07b972c4c2L,0x0cde0a8ded704eeL,
-        0x09d201f28333c7fL,0x112722aa0591bc1L,0x044d55bdd6aadddL },
-      { 0x1345a96d656bdc7L,0x0e457f0bb669dc5L,0x02d8cb59310d0efL,
-        0x0ef3705683ad2a3L,0x1fb0cf82fcf364aL,0x00943dc83d9a277L,
-        0x043bfcf4320f144L,0x0b9d3e4d4b2699bL,0x1e5f5aaf207082bL,
-        0x15b963af673e0b2L,0x042a06fa61b3593L,0x131ffe2a6d55d2bL,
-        0x03a8263d5efeef4L,0x0a574395822b012L,0x081da1a502f853dL,
-        0x09af57dcf7993c6L,0x146d496a27dc1bcL,0x00016e14baca055L } },
-    /* 245 */
-    { { 0x0533937b69d60c3L,0x1f2a97f4b93aaf7L,0x1e37031c9698982L,
-        0x1d9565cf85623f6L,0x0e2322cb6982c27L,0x13827ba5e776ecfL,
-        0x1859654ac67b448L,0x10a5be9850b0a94L,0x0ba40b5bf7b1924L,
-        0x05e54a8008cfa95L,0x1f472f96b761bffL,0x0df7b3a1e582e8cL,
-        0x14b8d4ebc99bf53L,0x02d4098b9e14b71L,0x0cd7dd81257e3d0L,
-        0x0424518b3d1ace6L,0x0730b53d324e054L,0x026ab229a9e1dedL },
-      { 0x122f8007e5c0877L,0x1a1f30654d3b239L,0x1d2e8b049c59206L,
-        0x0fda626d84463e9L,0x18db30de0959685L,0x08475e574131911L,
-        0x08c7994beb50266L,0x092171a30295e1aL,0x02680c54b09cbc3L,
-        0x0a2b179a5f9dfc7L,0x14242c24ad657ffL,0x1948bc2bf868530L,
-        0x11bc378168e6f39L,0x022d2543b80ba8cL,0x085506a41a512ceL,
-        0x19169598dae9505L,0x062adc9bab3b155L,0x00f97c4e73b9836L } },
-    /* 246 */
-    { { 0x053ef419affefdfL,0x1f672a67c92b5c1L,0x0bcad113920c175L,
-        0x1f974a8e3e6ee00L,0x15cbe015b189755L,0x05c214e44241e5eL,
-        0x1d874953df1a5a8L,0x0ae310a17a8c3e7L,0x17ba210890a2471L,
-        0x0d5de176c977586L,0x1b2afa5977b224dL,0x0e4978aad095f6aL,
-        0x0f6a7a74929da23L,0x177a5d236c5d1cbL,0x026c9ebf2e436dcL,
-        0x06cddba469fc132L,0x147bdf3c16476f4L,0x004e404bf8bf286L },
-      { 0x004b14060050c07L,0x1418c21d471bf35L,0x06caed57907f0a7L,
-        0x1459cc1c7597285L,0x1b9d82f4ed2fea5L,0x1e9bfd6e3d8ff9eL,
-        0x1d4e523afb30da1L,0x124f22a7c65d960L,0x06a60054f570756L,
-        0x038e6864003acddL,0x1ce1bcc248b7c4eL,0x0b3d066af6f82f4L,
-        0x09394151864e9fcL,0x09a6dc448e9359dL,0x1f36dc644a8088bL,
-        0x0606ccce5f9e8b3L,0x16c5a3f268d44ffL,0x037889f69b488f0L } },
-    /* 247 */
-    { { 0x0a9df591836f1c9L,0x08cfaa119183ea9L,0x1c0577b4a16be99L,
-        0x155ec4feeb080d8L,0x0ce0417d0a1545cL,0x089a21d70888f75L,
-        0x12f2feca2f7da98L,0x0b1bd3de156a5b7L,0x1e9dc181b7813e6L,
-        0x18ed5edcc893912L,0x16638c8a0531642L,0x0cddb269dcfcbe0L,
-        0x1ab99ba4bf5c3b9L,0x1e0daaf3a75c276L,0x0aa183eca4668d0L,
-        0x03fed535bb69329L,0x1e21b7220dff681L,0x0331b511de8d0c1L },
-      { 0x15d5a2d20587283L,0x01164f783fe2eefL,0x15543bdb78e02ceL,
-        0x0e4ba2ce3a2f0d7L,0x1cdb1def163cf90L,0x017e253a5fcb8f8L,
-        0x153dd5d27a0c021L,0x1961c5db78e4ff0L,0x1bb27bbdabce24aL,
-        0x0d8ce7602df6846L,0x0848fbdf2412f30L,0x1e37b13305b755bL,
-        0x0e65f6e63202429L,0x172cfe9924e9b0bL,0x07ca7d68de27ea3L,
-        0x0f1402c174775fdL,0x0f80f2d3b61af53L,0x03d77663b39e153L } },
-    /* 248 */
-    { { 0x1a4757cdc43b0dbL,0x12742cc08ce56f9L,0x0fd9185b0558f62L,
-        0x189ea67d2ff012bL,0x19cfc5ad3e2a07bL,0x14029654c121b39L,
-        0x1b198629ae8eb35L,0x12b7ac1cb211439L,0x1ae3841a502b1b6L,
-        0x036ff890c850cadL,0x0afab2b4c7f66e6L,0x044998e51ef65beL,
-        0x180cf0a9927d893L,0x0c35227561c7539L,0x057c0f2a10e6a01L,
-        0x1f10bdbcfefe02cL,0x0454824990827a1L,0x0147620035bc53bL },
-      { 0x1820c2ea2fe0009L,0x1d2e9789c3a74f0L,0x115314936d4b846L,
-        0x0cffdbca532ea44L,0x1b2500d44d47742L,0x14922580e9a0cd4L,
-        0x186e73822924861L,0x1c1742d2047ba37L,0x0242c3e5432a301L,
-        0x1ab7bdd384833c4L,0x14a8271d2a33126L,0x1083aedf2873e15L,
-        0x0b621fb60e99cd1L,0x1e1cbb1a76ed7f0L,0x1fc2a1015afb952L,
-        0x1815e8ca7f0c1feL,0x1c36bd4876f2011L,0x009a7a663864a92L } },
-    /* 249 */
-    { { 0x021a3ece938dff4L,0x00d3da4353cd1cbL,0x1e5f7a5414ddf44L,
-        0x13ccbb0fb7e589dL,0x173b8cfaf318409L,0x0148b75c4e3ffd9L,
-        0x09d91a2ea9417a1L,0x0574f21fa129d7dL,0x1679df6d4e59289L,
-        0x011998e7e7f6ba0L,0x13bf4a6203fc848L,0x1bbba0688a0217eL,
-        0x0b342858c87ca78L,0x12baa43d16584f6L,0x12c1246797adb70L,
-        0x1a8e2a0ceb42bd7L,0x0f409d2e74f7381L,0x03751bc14c1e9ebL },
-      { 0x05c094b4e5cc40aL,0x11fb50d79befde3L,0x1a77e409b911e8bL,
-        0x0b27101ea7decefL,0x1f644aa9b7878c9L,0x10461e25518583bL,
-        0x198ee83145a0cbcL,0x060f804ef5ccb1aL,0x0ef0b3c38ae1d91L,
-        0x0179bd3b4ae1f52L,0x130715a8317834cL,0x0b8841979f3fc00L,
-        0x1d568a0e7c9fd49L,0x0c94322a3836adcL,0x069c2722c8977fdL,
-        0x11ad0a4fa88cb1bL,0x07d47c558da87c0L,0x0303773735da778L } },
-    /* 250 */
-    { { 0x0d99fc757c621f6L,0x12060bff41ea401L,0x1e867bc666c0a4bL,
-        0x05cc58eccc37bf8L,0x0673875378a0410L,0x1d32d78b66d1b87L,
-        0x18826f2065d3478L,0x18c32e84091ef1fL,0x1c83a058abf5981L,
-        0x135921a4e44b816L,0x0cbc7a74699e2bcL,0x1361fe535c53311L,
-        0x181d7cf5ec472bfL,0x19346eec50a1f1cL,0x113fdda7275f916L,
-        0x0ece62cd9b4aabfL,0x1076044cdf0a4aaL,0x024edd37bf48a43L },
-      { 0x0e47fb2a758e37aL,0x198eb96c757b310L,0x17e5be708842bdaL,
-        0x0f21df86566a55aL,0x01e4b2640093f72L,0x18abcaa1ae4cee2L,
-        0x0d5d6fea1e38016L,0x0b3338a41481cceL,0x1ca68259487eea7L,
-        0x14fbdc0f8951a45L,0x1f3060aa8b38d40L,0x0e97d5abc58b4a8L,
-        0x1b55682cdfa11d8L,0x05df47334d781a4L,0x14e52afe1baffaaL,
-        0x1d71e7b570f05eaL,0x18c458bf797ebc8L,0x0244853d24dbef3L } },
-    /* 251 */
-    { { 0x12996898da995f6L,0x15573f630ab77ebL,0x1030d5aa0b574e7L,
-        0x03826b79fcd2b20L,0x0f595c78b2046b2L,0x02fda0753905b20L,
-        0x0eff00a093beb9fL,0x17d2fb1fa981db6L,0x112f0290579f24eL,
-        0x17e23e78c3f535cL,0x07f49de275708c5L,0x16d9124c7d99843L,
-        0x128b6d30a6233a6L,0x04d99b40411b1a5L,0x11dd15b28d4b897L,
-        0x00cb72711ad9481L,0x076f8e55b0b3c92L,0x02e0ba3a58121cdL },
-      { 0x088e7c28aaccab5L,0x13c1b5567682decL,0x1df733b03d94600L,
-        0x1824b8510430b70L,0x07fdc54c93cadc1L,0x1c4519a2efaa053L,
-        0x1e8b13cf21b8b09L,0x19e7d0e88d3c741L,0x1c59daa47273983L,
-        0x031e245a54b6c52L,0x14af3f0b962454cL,0x170f09c85187871L,
-        0x0cf0c4fd5390e78L,0x0a0f3002c805149L,0x094e872dfe4b6deL,
-        0x01f4f2acf2482d9L,0x08c35f6f31db1abL,0x02eb3af5a3dac20L } },
-    /* 252 */
-    { { 0x0ee1a77870c6025L,0x111dbc8d16fe557L,0x0310e1ad9313f12L,
-        0x1bcb5ce562f61ccL,0x1eefa212d5d5b17L,0x01c5cb36fe44564L,
-        0x0bb313fabbefb50L,0x00e133586ad1c5aL,0x0548ea612012af2L,
-        0x1ff6cedc4e1890cL,0x1a47138399ccc53L,0x0c9f5f0601c0383L,
-        0x1c6773c3be009bbL,0x00410cfd43c0280L,0x06c1bff8335bb7bL,
-        0x166def80abc0ff0L,0x0a382b63f9ce080L,0x0017e65d7854ff6L },
-      { 0x191d4d1b47cac61L,0x08b43d5c370964cL,0x17b0ae53c108ba7L,
-        0x1291cc91cb18d0aL,0x0f89ac57ca40051L,0x13c966cdd48fd97L,
-        0x078553d0648186fL,0x03305a443977a1eL,0x0062eb13bfc4440L,
-        0x1d4be194cbc87eeL,0x05b651819e992fcL,0x0600da46eeb49cfL,
-        0x15ed7f0f23c46ddL,0x1da7b1ebc339626L,0x189cfca08614770L,
-        0x01edea1475c19a4L,0x145800e58fceac6L,0x02b78f22b09c22aL } },
-    /* 253 */
-    { { 0x1ccb3f632c24f3bL,0x18e3f836c0bf300L,0x02edaa899dda67aL,
-        0x1c108babc11b8c8L,0x181a79a87838affL,0x140cd879a7f658fL,
-        0x092e1a8b8a0b4f9L,0x0738972ef9d046fL,0x10f46b3db876364L,
-        0x032faa04bcb824bL,0x021d8a1e46f90e9L,0x16d868331d8dafcL,
-        0x17093d94bb00220L,0x14eb48592bd9c31L,0x0ab46921004b858L,
-        0x069c605d93b6a41L,0x0f8afee2fc685dcL,0x0488e8c9b12a806L },
-      { 0x1b1bd58f5e5af5bL,0x1131dbdb5115389L,0x1137cebcab729f2L,
-        0x134088417b56d7dL,0x0ba36c1116651e5L,0x0121881da2459daL,
-        0x1b2ecf18aff37fdL,0x101bc2b894be352L,0x0be0ad8a1e4d1f9L,
-        0x095e8a71b339d1dL,0x00ebda484ab3760L,0x1738aec12b9c806L,
-        0x0a107f5ca58f6daL,0x044b51d83ef8c41L,0x18ecfc2e40f98f2L,
-        0x10fbdea090a89b0L,0x0655e5019b9c098L,0x015f3a27f507a9cL } },
-    /* 254 */
-    { { 0x14cd05f5b50f324L,0x0f5920f51e3d102L,0x0971ffe39adee6cL,
-        0x1dd8081104950b1L,0x10cba9bdd83902fL,0x0e4f0f3959324a6L,
-        0x16e07405dbe42caL,0x1f80ba9d6059d75L,0x0874405b1372b8bL,
-        0x0209440bcf568c8L,0x08f74fb0ad23357L,0x14ee7e9aa067a89L,
-        0x0d564c3a0984499L,0x1a17401dd9bd9c6L,0x1d462ca03a6525fL,
-        0x1fbc980f68f4171L,0x07ac710e3c53568L,0x039afaa17e75687L },
-      { 0x0a9a17138380039L,0x17f0bfba68ce465L,0x04fb32f06a2eb7eL,
-        0x13fc052e0b25a87L,0x130e9b363c5dbf3L,0x1ea4a522a95ad5cL,
-        0x0b10dfb98c0c8abL,0x13104d535ae7e05L,0x198c53562993562L,
-        0x0434fc3b9a15d9cL,0x04008393e6de683L,0x0349a68f1353aeaL,
-        0x1acfa856376361dL,0x045603f2786f6adL,0x1bc72f501fb9cfeL,
-        0x0b75bf58fa07e13L,0x19e25d697cb4d47L,0x00f4c264e8a5e9cL } },
-    /* 255 */
-    { { 0x16d05614850c817L,0x12d8c9a44c096e3L,0x055179632efac22L,
-        0x1497cc3cb4e4e7aL,0x17aeb8e18900b5fL,0x0d1ea5d5044348eL,
-        0x1f4f799999abf4dL,0x0b871458332afd8L,0x0a0648e8f668d6fL,
-        0x1cfe4963d6e0ba3L,0x045b0210c1970c7L,0x1440c3cd5cd2474L,
-        0x162aa47e7336370L,0x0f7fb6c231361b9L,0x0fb4b51503097cbL,
-        0x12925300904999bL,0x0014b5bfce0039aL,0x03623a52b3b4a17L },
-      { 0x0eb9a417d88e3a1L,0x09e4462423a151dL,0x0344ff9844c4417L,
-        0x16350d3d17cb3bdL,0x0a75d90a148f5b6L,0x0a3009bd455e2cdL,
-        0x13364bc326f1d88L,0x12487f54e8f8704L,0x081763a186a5d0bL,
-        0x1e1a0de4de5d75eL,0x04c583dd174776eL,0x0a5b6eb9cbe9c30L,
-        0x0cd50de4c2a53ceL,0x1aebb2b68af5733L,0x12954a97b6265b1L,
-        0x00b69c9feae2389L,0x0ce215e985a3c53L,0x03592c4aa7d0dd1L } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_18(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_18(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 18);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 18, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 18, km);
-
-            err = sp_1024_ecc_mulmod_base_18(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_18(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 18 + 18 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 18 + 18 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 18;
-
-        sp_1024_from_mp(k, 18, km);
-        sp_1024_point_from_ecc_point_18(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_18(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_18(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_18(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_1024_ecc_mulmod_base_18(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_1024_proj_point_add_18(point, point, addP, tmp);
-
-        if (map) {
-                sp_1024_map_18(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_18(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 18);
-    int err = MP_OKAY;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 18, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_18(point, gm);
-            err = sp_1024_gen_stripe_table_18(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 18);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 18, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 18, km);
-        sp_1024_point_from_ecc_point_18(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-            err = sp_1024_ecc_mulmod_stripe_18(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_18(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_18(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_18(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 18;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_18(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_18(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_18(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_18(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_18(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 18;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_18(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_18(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_18(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_18(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_18(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 18];
-    sp_digit tx[2 * 18];
-    sp_digit ty[2 * 18];
-    sp_digit b[2 * 18];
-    sp_digit e[2 * 18];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 18 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 18 * 2;
-        ty = td + 37 * 18 * 2;
-        b  = td + 38 * 18 * 2;
-        e  = td + 39 * 18 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 18, base);
-        sp_1024_from_mp(e, 18, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 18);
-        sp_1024_mul_18(b, b, p1024_norm_mod);
-        err = sp_1024_mod_18(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 18);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_18(tx, ty, t);
-            if ((e[i / 57] >> (i % 57)) & 1) {
-                sp_1024_proj_mul_qx1_18(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_18(tx, tx, t);
-
-        XMEMSET(tx + 18, 0, sizeof(sp_digit) * 18);
-        sp_1024_mont_reduce_18(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 18, 0, sizeof(sp_digit) * 18);
-        sp_1024_mont_reduce_18(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_18(r, tx, ty);
-        err = sp_1024_mod_18(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][18] = {
-    { 0x000000000000000L, 0x000000000000000L, 0x000000000000000L,
-      0x000000000000000L, 0x000000000000000L, 0x000000000000000L,
-      0x000000000000000L, 0x000000000000000L, 0x000000000000000L,
-      0x000000000000000L, 0x000000000000000L, 0x000000000000000L,
-      0x000000000000000L, 0x000000000000000L, 0x000000000000000L,
-      0x000000000000000L, 0x000000000000000L, 0x000000000000000L },
-    { 0x10a46d2335c1685L, 0x0f4b8f0803d2c0bL, 0x0f7d0f2929cfab2L,
-      0x0b04c848ea81d1eL, 0x136576d12646f81L, 0x1f8d7d9d7a4dda5L,
-      0x1479b6278b451caL, 0x0f84f7d10585fa2L, 0x1addedc858f8871L,
-      0x16c2cdf8b563637L, 0x10686cb63ab9635L, 0x1400c383e61a1ceL,
-      0x1a9b67e0966faf7L, 0x1e9da7beb36de84L, 0x09f263887c47019L,
-      0x16442c2a574058eL, 0x0f4afd58891e86cL, 0x02cf49e3535e9ddL },
-    { 0x14dd36f71dd4594L, 0x0e64f805778f372L, 0x113a867d94c2ef2L,
-      0x127ea412513d4b4L, 0x0f5c14188588aa9L, 0x09ccfd4ba9bca64L,
-      0x1aad4462f5e4b04L, 0x0a5737a75fbeb96L, 0x1813d1cb22ecb96L,
-      0x0a2b133a01c4c09L, 0x1c466d2b210c73fL, 0x152214301d6ca3eL,
-      0x179f7bfa2edd9f6L, 0x0854e86c89ca368L, 0x00dcf4c5bc618c5L,
-      0x0a572be33841adfL, 0x003be85ac6a9b6aL, 0x031f78c3dba7b17L },
-    { 0x0376b7f016f45e7L, 0x1edab95f6417c3eL, 0x1d07390a6d80706L,
-      0x058f5fb03ae725eL, 0x1241098b6fdbf0aL, 0x107c67ded20d8fbL,
-      0x0f1356d01d1d2edL, 0x17d267c1a836661L, 0x1ae182830733fa3L,
-      0x07694cd87ae3668L, 0x0cd538fe6183228L, 0x130c2aab3882ffeL,
-      0x1c129f85cbb1360L, 0x03b42fdf55865b1L, 0x06658cda0bb3125L,
-      0x059b4a0bd1d85d6L, 0x02390dcc794ddacL, 0x027f33c8e78c96dL },
-    { 0x0a423d505e8733cL, 0x02f328eab8be0caL, 0x1a23a586cc8b321L,
-      0x0db683039846f8fL, 0x113bd7210c4471cL, 0x00bd8480643af13L,
-      0x1abda77f7a7b6cbL, 0x14c8614dbcbd119L, 0x1aaa7a61a7b81ceL,
-      0x1296813119fcc6aL, 0x1bf74181a26a6baL, 0x0f9cb95895576abL,
-      0x148e95076130cfaL, 0x074d0f297d26d88L, 0x01005c0c255c311L,
-      0x1b3a431843ec234L, 0x097555d1ffebe78L, 0x00224150c2b0ed9L },
-    { 0x1758ac273d486d8L, 0x0fca330e6e0f3f3L, 0x07f08622ad3e05aL,
-      0x05e66e6c60e4793L, 0x1d8c2260a0e54f0L, 0x18de302b05f712dL,
-      0x1fad4a3f0c1f114L, 0x06fade43e34fc89L, 0x1c8e4499c57128dL,
-      0x11d829f6bd97522L, 0x09e810ca8f488a5L, 0x0a9a6a8b2cd0818L,
-      0x1fd73557e95b518L, 0x034903bd3370d24L, 0x0d09c083499ff66L,
-      0x1b689f426a1a7ceL, 0x09f1a9c3f2568ccL, 0x0419d07fc6f6dfcL },
-    { 0x0c419c7ab376b76L, 0x14a7993e8786654L, 0x078aa4314534edcL,
-      0x1d4c4aeb4dcad77L, 0x098c0a88931ba51L, 0x00b5152b7f703d8L,
-      0x0982c12f96bbad3L, 0x0e1ca266a17cdd6L, 0x1339edad6a1d5c2L,
-      0x1b376acf4edd6e8L, 0x0efa20b741bb03cL, 0x139196230fb6842L,
-      0x01d8a1058a22d63L, 0x115ba2788ff64afL, 0x1c170300fdcfa9aL,
-      0x02340e83faa35e9L, 0x05f2e2df95a85f8L, 0x034959e71f5924bL },
-    { 0x0e6cb72d2a127b4L, 0x03752c7c940b786L, 0x118d1e8dd8599a9L,
-      0x03c1572ddc87d9eL, 0x12edbe8c163d9a0L, 0x127332e40a2e36dL,
-      0x14be4bd09b2b937L, 0x0622e9a1680e9c4L, 0x054c240d77d2af8L,
-      0x00fd1cb9eb2949bL, 0x05247282751a556L, 0x0a66a8a4c8780b7L,
-      0x11d41283278c4e8L, 0x181b0f92996b219L, 0x1bc27c9911e40e1L,
-      0x0bfc0ee83236313L, 0x0d6c0cf0aaf81deL, 0x0199f21857a0021L },
-    { 0x1f04de4cf26d3b7L, 0x1b9835a9fbcdf2eL, 0x117c6022d9915e9L,
-      0x090a06e6c148027L, 0x0b061037ef291eaL, 0x0489dd8ffe4ebe8L,
-      0x0161f6741376597L, 0x0ab29146f5fe277L, 0x0b5443483fe3ee7L,
-      0x1e10f3a023189c3L, 0x041397377ad630fL, 0x10c4cae59aa5674L,
-      0x0115aaa40894fe1L, 0x02cf523175cd38dL, 0x1ac0a8e2b71bf95L,
-      0x123a37631a2ea95L, 0x108ae1276362f77L, 0x00874598eeb5debL },
-    { 0x07f03e53ed9f1afL, 0x0923bab33b0b35cL, 0x18c1d33856e00ebL,
-      0x004d63d0b671b9aL, 0x1af99c151877e2bL, 0x012a3d58b2a68b8L,
-      0x17bd65e0ba7924eL, 0x098db8ff8f84daaL, 0x19038f95d2fbeb5L,
-      0x12c86ff01b601abL, 0x0dbab93f70fdfffL, 0x18a9e6bc35119f9L,
-      0x12da0a5568cb1fbL, 0x0db7aaab9e470edL, 0x0b0281a6a1ce4fdL,
-      0x12b5670c8d665cfL, 0x0bcfd261c832a84L, 0x03242a926066e62L },
-    { 0x0bfb3e2c4a6ff2aL, 0x01fdd1ad321450dL, 0x1fc226bfdd08aa8L,
-      0x1574bb7b2710844L, 0x12a182cb2337883L, 0x100f829c0c3574eL,
-      0x079eae7c1d93526L, 0x0b724823fd722f6L, 0x0700b1903570cbbL,
-      0x0a8c0eadc8a5f3eL, 0x1110dc660460b57L, 0x1a48ae97332e26bL,
-      0x15632d28b232758L, 0x1d1c1f84d328547L, 0x08cf600901e2eb3L,
-      0x16892ca8d4c1801L, 0x03ca4061c7a2df8L, 0x00fbb79f9791a2bL },
-    { 0x0a2c14344c436b0L, 0x182ab0fb4e43d4dL, 0x05ed7db6cb7de41L,
-      0x03daad75046be62L, 0x1d0afa4885761f4L, 0x0e738f7c18a327bL,
-      0x1d222a67ca454ebL, 0x07564f7ed2622d6L, 0x0a98a5a8c9bb944L,
-      0x1c3c0131772fef4L, 0x1e4f74604ab2ddfL, 0x0999b909792474dL,
-      0x0ff1d4995aaf92aL, 0x0276c4ce9e12b15L, 0x14a94e3f67f0cf0L,
-      0x14e4d805195289dL, 0x005d0f367bb049eL, 0x0024927fd9e8847L },
-    { 0x0548e3dc673562fL, 0x19812f175724603L, 0x0cad7871a5df4ecL,
-      0x08dd7caaf7cc3faL, 0x01d6e18e424e206L, 0x0bf4adbb39c8e02L,
-      0x06e312e3aee3853L, 0x1a695d16fa84132L, 0x0f8a0df66e01290L,
-      0x0bf1251c92f2fa7L, 0x1ecb2c54209cab2L, 0x0e5c4a0e4cc2f34L,
-      0x029062fa49b40b0L, 0x19e29de76d6cf0cL, 0x0509e661e029e13L,
-      0x1084cb15056ed3eL, 0x03508cd849cc146L, 0x026fe7404e1c057L },
-    { 0x1069cb2d527b780L, 0x0d00acbbc986ea2L, 0x002f89f4098f54bL,
-      0x0d765a36562198cL, 0x154adf3c34102c2L, 0x187fa3a6329311aL,
-      0x1b9f35a244e0917L, 0x11507f5198b9522L, 0x11e10f139d15c8dL,
-      0x0b9ee1740ee2b59L, 0x1b2c11713b66ebcL, 0x0fb08fa02450ff9L,
-      0x139f3a532f307fdL, 0x110a9e111252b8aL, 0x0a2902167a7a077L,
-      0x17a478ac4b2bbc8L, 0x002dc7daff89339L, 0x00683ac845c5034L },
-    { 0x10af2a7de085f2aL, 0x06927df4cd972c3L, 0x0985672904ee23fL,
-      0x090ab3f0a31181aL, 0x1622da0d1f02a2eL, 0x051b0ac1dcb010fL,
-      0x11a0970170bd5b7L, 0x17c02919e38f221L, 0x0392f2896272695L,
-      0x01e85dad46b277bL, 0x14891073f2f14a2L, 0x19d8a4c22fcbde1L,
-      0x19f04928e9f5dafL, 0x1c9f97155b43095L, 0x0304544a0fdd134L,
-      0x01bfdf7ddafdae0L, 0x15af2cde215a436L, 0x0127d4b0e178429L },
-    { 0x167db3f616df7f6L, 0x02bec7dec819303L, 0x0a41ba0b551190cL,
-      0x0ad12c87b62e9b5L, 0x0c89a0602284f34L, 0x013e890c58c8efeL,
-      0x14516ead1abd35bL, 0x13cb4afe90d9312L, 0x0c03214e9cc942fL,
-      0x19f0e47a0ca80acL, 0x0dd67ce6b50eac9L, 0x16ffca1dc2e719dL,
-      0x1c8f4d7d4e5e1b8L, 0x1aab01f9fb1ad8fL, 0x14be9823bfddf8dL,
-      0x16dc2403ec3a2eeL, 0x11494d7a03d4a6fL, 0x01b8e611efe2780L },
-    { 0x09b115dda90c351L, 0x0b75f9b26ce0314L, 0x080bd942cc6db46L,
-      0x08deaec85eef512L, 0x08100127cc28c16L, 0x06403dee27bf1b0L,
-      0x103ca20db342371L, 0x0a62501e2adc004L, 0x03f9a6d7899cb39L,
-      0x0524a699d40101cL, 0x05fa47a1f4d1d10L, 0x1a0e4dbbc4948adL,
-      0x0d7640c30e70d97L, 0x0dd37363037b52cL, 0x0f04fa00f0b03a1L,
-      0x1af1e661ed4f5e3L, 0x17f3e602e4fc9f4L, 0x0495b5e5006407dL },
-    { 0x03d5c835f00822eL, 0x12b895c58b78917L, 0x07124ac28cc03a0L,
-      0x1b4f9832a903865L, 0x1bb1413f6b4e32aL, 0x09651385f74e770L,
-      0x0454fb7edeea92aL, 0x1f39a8e55f5d477L, 0x0e8f09e7e00f0c0L,
-      0x070ec392e6f5db8L, 0x0eb8212a6d8eda9L, 0x03707fab1ecbfc5L,
-      0x1aa3b62759f4014L, 0x1c8718446bf62f6L, 0x09df8c66abdb99dL,
-      0x10e3842b5b0603eL, 0x09de7db4b98cf33L, 0x038ffb164a7817cL },
-    { 0x04c71022a4a84d9L, 0x12566af5e38f355L, 0x0297c73595e38bbL,
-      0x1fffe2414a76235L, 0x09e6503383f5ef9L, 0x0220c05262cc708L,
-      0x0a30787a7e64328L, 0x0d717065a8deb30L, 0x0753f28a033af53L,
-      0x176e258db6a7b45L, 0x19a4a9cb3347c24L, 0x1efba444c865dbbL,
-      0x1ea3d2661cd3aa0L, 0x1ee1beed1c6ddb1L, 0x1bdad33c7867f1bL,
-      0x174d2d83166a109L, 0x073e6a83fe9df1bL, 0x0207ea3f3afcac1L },
-    { 0x188b746267140a4L, 0x1fe0f755b797dadL, 0x0239a6189521b6eL,
-      0x025d6ddf85bb3d9L, 0x0ac8ff8869beebaL, 0x110ca867e110a54L,
-      0x1eda6575725bad6L, 0x06f2671380a82e3L, 0x02d85d4521b4683L,
-      0x06b45042089a12eL, 0x1004e7b1b085d05L, 0x172fee60109bca5L,
-      0x061f578aa320cf0L, 0x1cdb57218d60b51L, 0x1529a5462e7eacfL,
-      0x1c50cd1b04223b0L, 0x18c0b334d98dffbL, 0x02d8e08abf31c99L },
-    { 0x0edaab172b6bb8fL, 0x12769017e496148L, 0x0f17f9a531ce371L,
-      0x1f96a9b9c9e8574L, 0x032420dc316dc65L, 0x16e7ca6596b351bL,
-      0x0b2745b9c1b9c15L, 0x15050138ec949e6L, 0x1ab18d830ea6edcL,
-      0x1e8d67340e32fabL, 0x059471f684b0413L, 0x1acd8ef234903f2L,
-      0x14785e67a30ac3bL, 0x0d07eac8db568e7L, 0x0718d13934ff113L,
-      0x015679c2c9002dcL, 0x0f484de9cb833e5L, 0x04b1d5c1d53ab77L },
-    { 0x04b47d8df4ea5a3L, 0x1440aae7f22ff4aL, 0x156228f0d592595L,
-      0x1dcf933c2ba2dcfL, 0x155071bc84e55b3L, 0x02bee71ff71026fL,
-      0x155c1c401bca410L, 0x159fd18721b774eL, 0x03645bcb63319adL,
-      0x0c4f4583e105fecL, 0x1425a5f5f655e20L, 0x0643733e9c771caL,
-      0x01a60cfb6a037d1L, 0x01b9c16d008d929L, 0x107701d99652aaaL,
-      0x13109913723fb07L, 0x1586b82b899076bL, 0x0221a407e5f22e2L },
-    { 0x0ffffb49114221aL, 0x027971f42bd3d7cL, 0x03903e951e1d2bbL,
-      0x03adf2c2a485c5aL, 0x1bfe9b77ef3e6b3L, 0x01d4355914b29bfL,
-      0x0ab1b0aa743cbedL, 0x0f6482509da48aeL, 0x1a3868917e721baL,
-      0x1f7be00608bd3c6L, 0x1241c74c5816b36L, 0x153c0cb51dd2702L,
-      0x18c442be82c2dadL, 0x1b6b95ac6ad89c6L, 0x0c0f9b66db0892fL,
-      0x006e373a6ab9f1dL, 0x1ebab6d1eb0a170L, 0x04b88c54467fd53L },
-    { 0x19c59a2cdecb5d8L, 0x1e40dd49d34335fL, 0x160411dd3efe020L,
-      0x154040e16849c1bL, 0x0fbfb781e779a3cL, 0x1950e24e9a97dd8L,
-      0x19406a2c36080fbL, 0x1e570b0c6f62967L, 0x15ba70a498a882fL,
-      0x13980419d8377d2L, 0x100bd040bfb8aa8L, 0x05331404474b485L,
-      0x0685c3fc72e4e76L, 0x1f297573edd15d1L, 0x03d17d9553f9d8fL,
-      0x070f8616a80b44eL, 0x082d56a177aa573L, 0x00be03bc6a5b8fdL },
-    { 0x06dff1d2735e37bL, 0x0272b32b762b907L, 0x12767aeea5e3262L,
-      0x117413e78945eb5L, 0x15b0437740fa451L, 0x1d1765461fd0bbfL,
-      0x0f50286877b3659L, 0x094ed1794e00a51L, 0x1f224952b18691cL,
-      0x1709622f436afeaL, 0x16455cde1669a85L, 0x061341ff9c1cf41L,
-      0x1ba96cc9a3723f4L, 0x0d691d1c2d46dbcL, 0x0fd7611b744ab80L,
-      0x1dacd3ffd8743c5L, 0x0c6d6ce84e1a452L, 0x0090ceae42b8ff2L },
-    { 0x1eaa67f262969ebL, 0x159ce9781f3b9a1L, 0x19455eec2424e8eL,
-      0x1b1a2a04e9cc24fL, 0x0580bdbd0f82b0eL, 0x1a1f35ffffe56c7L,
-      0x04759474f41d6a5L, 0x11029097b631758L, 0x095cd9990eb24c3L,
-      0x0b530e83fd633e3L, 0x03dd8a8139ae1c8L, 0x1ac3974af990861L,
-      0x0dd234a07a2865dL, 0x1d03c9fc9e14b58L, 0x18a7b39dbe4a0e4L,
-      0x0de84e16afc3e17L, 0x0301314a82f7e62L, 0x01646bd596b2bf9L },
-    { 0x1cf58920825e4d6L, 0x0f552b77c1da233L, 0x17604c4042377d4L,
-      0x0b1ba12c7ec7cccL, 0x1df6436a229f89fL, 0x0f5dd3c6258a6ecL,
-      0x1ce06676b91a751L, 0x1d6231556eeb49bL, 0x1da8978bd29e37fL,
-      0x0e76ad556516bf7L, 0x03417719f5aa29aL, 0x1e1aeff09468d93L,
-      0x0eed8cd59a7474bL, 0x08e9cc7dea21459L, 0x0882c46c3f47357L,
-      0x09888b2c027b729L, 0x15896eb705a1b40L, 0x0114ce93ba584ecL },
-    { 0x19cd58dc64397e6L, 0x0c78f5fb6e98f2dL, 0x0384fa7c76cab06L,
-      0x0f1f9b8d18b0cdbL, 0x053c01fd405ae28L, 0x0edafb52594066fL,
-      0x1e2837258fcb504L, 0x117dabaa3137d89L, 0x0336fd13d916ee9L,
-      0x092d8d98216fa47L, 0x158a46b3801d39aL, 0x16904a62fd2a19eL,
-      0x0b821c446be8d38L, 0x185b2c9a63d68e9L, 0x1283541c71104d7L,
-      0x0d84d2e36e6dea5L, 0x18eaf9ffa5727b4L, 0x010d633bc8c9b30L },
-    { 0x1420e3f2d7fbcd2L, 0x11239cbdefe0c55L, 0x0fe137d752d049cL,
-      0x0c700f6fa692406L, 0x133c36256fcd423L, 0x19140a6fe0cd84dL,
-      0x066e04f5bcdd683L, 0x138e12f14b206f8L, 0x14f3989970ff27bL,
-      0x0070d22b0ad21c4L, 0x0d25a8f980bdd3fL, 0x086364c39439ff4L,
-      0x1bee0164cdc3f1cL, 0x13fbdf4fb09108eL, 0x10b86ecc118fb93L,
-      0x074ac02befcf125L, 0x1d8663d88d62448L, 0x0074760f387316cL },
-    { 0x08ccc298a0878ddL, 0x00baeb320038d54L, 0x0082945cd85e66bL,
-      0x1dbab1462b20689L, 0x08d221a1316d023L, 0x0e2471983c2dea4L,
-      0x09dc6dd2cf79e56L, 0x0a685dc070498cfL, 0x159ef6cdde0b914L,
-      0x01857144d91bf48L, 0x11e93125760c95eL, 0x02fda0ee6ccdc30L,
-      0x06a294a32567b12L, 0x0326c1932c0c964L, 0x0c4f96ddaa83d5aL,
-      0x0e7fbc5457a25e9L, 0x035d850c1c01b6bL, 0x0329d3cafae881bL },
-    { 0x1e2898550dcb199L, 0x1c72f3fd015b067L, 0x1f0f25d80f42cd6L,
-      0x1a4fe2636b794faL, 0x02b12d52b0e5288L, 0x1b92e39d53826f7L,
-      0x0c44f881ac76076L, 0x0c6162507358ba3L, 0x014f970cbdb45d7L,
-      0x0cbfc9f59092f47L, 0x15ce73b9f6a89b2L, 0x1a7e3fde41d37aeL,
-      0x147c6a42b146ecbL, 0x13fd87e8fcca508L, 0x103692f4a27ad3cL,
-      0x0f2ec2230da6334L, 0x15e083f65a5fb9dL, 0x0186fe23dea2233L },
-    { 0x0fc5ae29eaadfe8L, 0x13f2a5a6a74095eL, 0x0b7e2d4cd584940L,
-      0x08ad4d4429560e0L, 0x1059068ea2b9c20L, 0x018887d8d1efbd1L,
-      0x038728d452c8662L, 0x1096f7c466d896fL, 0x017073ce63e2f69L,
-      0x1708a5316efbd63L, 0x064afc1f5f0f221L, 0x1c17d635c5124ecL,
-      0x15251849395da69L, 0x003d1d504c1d78bL, 0x03f88626b14a935L,
-      0x04a022a6b8fb55cL, 0x0cfe16fe872397fL, 0x02b952c8faa6109L },
-    { 0x166841909a5553aL, 0x0a18c193b99de24L, 0x12c8fbbf5a40fc1L,
-      0x17e4424da9f39d6L, 0x0fed9578bd3cbf9L, 0x01836c36cb38e01L,
-      0x13f96ee965f3b28L, 0x0ed6e0bdac27aceL, 0x1f1d3622b67f33fL,
-      0x0de79e308e5c618L, 0x119f7394f46aa45L, 0x1253f2115687470L,
-      0x1d8d15767a902feL, 0x0857e83db71f24cL, 0x02c643a050b6d72L,
-      0x1349c2418df78d9L, 0x03c80c865532491L, 0x032e165f0ec6416L },
-    { 0x04cda20a660bb63L, 0x01d8543743122b4L, 0x13d9ae83bb5c9f7L,
-      0x0acf3ba2b0ec8e5L, 0x08452d4479c162eL, 0x1fabcf5b44213b8L,
-      0x05dc20a6f1acd04L, 0x10725d42bd92a02L, 0x15e34e300477381L,
-      0x01e51a4b9f0e978L, 0x13c7708a6f4f7a3L, 0x1e3729defda74b8L,
-      0x0ddfae7a1a783efL, 0x0d04cc29236db9cL, 0x173d2ad0d4f5cb8L,
-      0x111724a675ab141L, 0x166d80550160e78L, 0x0418a206a9dd3bfL },
-    { 0x03e2e32f611b2daL, 0x13714e87d23567aL, 0x0fa2082cf035741L,
-      0x0c3a7c89e1d12feL, 0x1fd27a66c45c28eL, 0x0f428bc94ebfb36L,
-      0x1e375cd6e182840L, 0x035d47f9d307bc0L, 0x1c9977db5638ce1L,
-      0x0441c17a429b59dL, 0x11e8f1932b7f181L, 0x1eff0428f6e2fc1L,
-      0x0c1b411e3e3cd17L, 0x0c2fda36f4ab31eL, 0x1c467295ce6b23eL,
-      0x0502a70a7339b79L, 0x1664a985a70e15aL, 0x028261d4536afa2L },
-    { 0x0b55283b8fa53c7L, 0x07f9c284a3a7180L, 0x10710df3897e617L,
-      0x01cb4253da469a4L, 0x0abcc6742983243L, 0x140f70b569c4ab5L,
-      0x09c0a8b700075fbL, 0x17698478d6cce16L, 0x0b35e567ea6e8a3L,
-      0x03859e7534b39f5L, 0x1ea70f9b8a3ab2fL, 0x09bcaa6f6fb50b4L,
-      0x056de937dc2ae68L, 0x1c2182112f6561fL, 0x1f71482fcba9b27L,
-      0x0d5ba7195efa0efL, 0x1d2c27af0b169f5L, 0x024b7234ce38e90L },
-    { 0x014fc829fa93467L, 0x1bb420759530a5dL, 0x1ebd20cf826f0b8L,
-      0x046d0d7b98cb379L, 0x01f3216abc85975L, 0x0040dc205fe8404L,
-      0x1e4ef118ef6985fL, 0x18b7a03f50d7608L, 0x05a21ece62cd640L,
-      0x1dfb52a1101eae2L, 0x103b7254459ede5L, 0x195eecb744d19d6L,
-      0x09aeab51f9d67aaL, 0x186b431d45d06cfL, 0x1c1a54b052c857aL,
-      0x0896a6a99b9b7cbL, 0x1e84f2b5ccfcb37L, 0x0099c48b98981bfL },
-    { 0x068064045003cd1L, 0x00bde2257156377L, 0x067f7a394c53f6bL,
-      0x138f9d52b8979a8L, 0x18f37e0181e34ebL, 0x04c8645dabbb169L,
-      0x129efb3133ec098L, 0x1de178927f2a146L, 0x068074172543304L,
-      0x1607e5935e45515L, 0x0a6d18ed17fa96bL, 0x0a5cabf7b7593cfL,
-      0x060485dff44bb29L, 0x06f523cb2878605L, 0x178e8080b144135L,
-      0x1e68ba59df412d2L, 0x1bd4c8102b46da1L, 0x021175ab9f9c19fL },
-    { 0x0592eb6a6ad3f47L, 0x10fb6cb8a5d0756L, 0x04641ca05166c21L,
-      0x04c9d4b006af83dL, 0x14b12723cf7c94eL, 0x1db9b53929bb562L,
-      0x0f373ca9ae9076bL, 0x15b913d12419740L, 0x0f2e20cb45b0fd3L,
-      0x1752d2a6b302cffL, 0x0fea2e2277e2f09L, 0x0fc2cd47e57fdccL,
-      0x1c747312e140f1cL, 0x193cccff84ff5e4L, 0x1f4ac15f466e709L,
-      0x05b8d53f776996fL, 0x182cfba27d7a0daL, 0x01b42a0e7961292L },
-    { 0x10d3c9e22799d37L, 0x1bef2d67d199d28L, 0x063c203de56c6d9L,
-      0x155f91bf849cd5cL, 0x0e842dc269b53c2L, 0x033ff43cbaa0db0L,
-      0x161df569bcabeb0L, 0x1e5a04114077a0fL, 0x034b473f0654be2L,
-      0x13e08157a8af11fL, 0x16fe74ab06bd239L, 0x14836d427a01601L,
-      0x0a97e94c11e264fL, 0x0352c37a0b34bc3L, 0x1e49fa427633cb6L,
-      0x14acc0e77f0d38fL, 0x134b89778802241L, 0x02cd2dfac911309L },
-    { 0x1d1c91e81347191L, 0x00d5e75cb4cb974L, 0x1d9ea751a9fc61bL,
-      0x19b54fa72e0f110L, 0x191b9aa0da93cfcL, 0x0e9e36045f74f8eL,
-      0x00402099ff5e3e3L, 0x1f7f270c1a12845L, 0x06a6a71aadadb47L,
-      0x055035bd30ab7c5L, 0x0c1780e6122f267L, 0x046e5555226b543L,
-      0x19b13f3bd136ddcL, 0x05662fa6bbf3f03L, 0x133f4da342d72f9L,
-      0x1c1f009b48bf130L, 0x19cf14ef618d3d3L, 0x0233ab260a1f5bcL },
-    { 0x1725904b6fff5d7L, 0x199d7c96e23a946L, 0x15d5b482e2a80dfL,
-      0x028775d873212baL, 0x08a2b9b032235fcL, 0x09ae30d17f5a57bL,
-      0x1d21987140c6253L, 0x1e759256d45d50eL, 0x08eb48b15011bc6L,
-      0x147f09463cf6e59L, 0x06f032974a801a8L, 0x0e645e2b70a13eeL,
-      0x0c7a036218f3167L, 0x07c0f04f7f46b94L, 0x1f143641a3ce72dL,
-      0x03c062ee7e02cf6L, 0x0d50d0f7adbed6aL, 0x04506f70b2774c2L },
-    { 0x04991bf47366e6fL, 0x026cff4361802a8L, 0x1d46903338dae02L,
-      0x0c7e32c3c429898L, 0x00445e43bbb46aaL, 0x0f10afab53c2fcaL,
-      0x002376e346d5f24L, 0x118d51c8a7d8fddL, 0x1c0367ef8bbaa1eL,
-      0x086c8f8f1f0c084L, 0x13f439f8828b0ccL, 0x1908aa9984eff2fL,
-      0x1d7b628403f1e80L, 0x1ff050be744dde0L, 0x1c001cddde2a598L,
-      0x17da53d3b633f83L, 0x0232ce7fe7db6f6L, 0x03d825ae9774be7L },
-    { 0x1546bc782c5faf8L, 0x1a62f475c084badL, 0x01879de1478069cL,
-      0x07d2adaa3e7aacdL, 0x03c3c37c833a101L, 0x00a476639a8b98eL,
-      0x1bd0581dce3ef83L, 0x0ae5d8de177c377L, 0x00aa2ac6ecfa518L,
-      0x194816bb371d6f8L, 0x154227188b5b8c1L, 0x16474dbb005f9a9L,
-      0x15338863723ae21L, 0x146c0c1172a32d2L, 0x01a5deb61446682L,
-      0x04e589e29a0646fL, 0x11c515b081c9c7bL, 0x00e354ad264cdf1L },
-    { 0x0b14ad5c2821363L, 0x00c11a68bef0e53L, 0x0b1332b7a1220a7L,
-      0x1304913c4f5debaL, 0x1081d927f412ab3L, 0x05d68fc964e04c7L,
-      0x07ec5be1ef7d1d7L, 0x0ede955b570343bL, 0x0475a7923b75f3bL,
-      0x0ee856b6dddd47fL, 0x1d85912dc2ad166L, 0x1102697b35e306dL,
-      0x0eba9abda32a464L, 0x132b12fdae48913L, 0x06392f933b21c27L,
-      0x10f39a967233c10L, 0x0c9a5c09c8414f6L, 0x039384501185432L },
-    { 0x133c0b1f34a466cL, 0x1704e3fcea2dd27L, 0x1fb838a1e17286eL,
-      0x0d21101103ae1e1L, 0x1b043da3824c714L, 0x037a197120b6155L,
-      0x0f871ccf69c4f3bL, 0x0ca56b20c9392f2L, 0x0db62d5b0b35c93L,
-      0x0af5b711f2e0d95L, 0x02d73aec5ad454dL, 0x10d3ee12d2399fdL,
-      0x1b61a85bd59e081L, 0x1d7081fbe432fcfL, 0x119fa77c5a74f33L,
-      0x0a2272a4b88e6e6L, 0x1217db55c0b4369L, 0x03a48e3a639932eL },
-    { 0x12ed5bf80d2b94dL, 0x16319dd25930598L, 0x1633588866846e2L,
-      0x175d70591d590d8L, 0x19ef9ced317ccf6L, 0x15e6ad16fd94f72L,
-      0x0c8076a9f626390L, 0x1b927c52b90b2e9L, 0x069e75784d9fc5aL,
-      0x162384f809551ddL, 0x0a7cdf2174f2e75L, 0x1c4ba7ba957a3fbL,
-      0x010b3ba22ee5487L, 0x03746e5d807ea58L, 0x19a19932d64524fL,
-      0x0d6ed6e653f5779L, 0x0416829d1c26890L, 0x045e7e9f2ba0bb4L },
-    { 0x0882734d3c8c314L, 0x0597888c3841983L, 0x1f0f01a2e85a57cL,
-      0x10ef248f0f726feL, 0x1f9922275365e0dL, 0x0ffea78aa93f2f0L,
-      0x18e24281a59209fL, 0x15bab167be45eb0L, 0x183446b896af20eL,
-      0x0ebcb85a83a312bL, 0x034819008a9a442L, 0x115ece3d86f3b3dL,
-      0x09057fe91ed1e5fL, 0x0944820c37aa128L, 0x0e4cab7c5376a05L,
-      0x126f17af0021c3bL, 0x1493e18d1e4905aL, 0x029e56e7bde9bd5L },
-    { 0x1b5edf75e53d0ffL, 0x1303644455fb38dL, 0x03e04881b457621L,
-      0x0bc456d466c9236L, 0x1173b317b301834L, 0x04f2cad5d33ca5dL,
-      0x093463079619df7L, 0x0a69c20c904472cL, 0x061752e59da55ddL,
-      0x0c5a755cf2143ceL, 0x19e12d247cafb40L, 0x13a43cf2853d95eL,
-      0x0510f262243dcdbL, 0x1328762e1b4a0a4L, 0x06a5d8041bc642aL,
-      0x0208cea854b5d6dL, 0x0b169bd75e9c32dL, 0x048424cb25fc631L },
-    { 0x1390cf65a93c661L, 0x031324edaf82b58L, 0x0a7694685e20612L,
-      0x1ecee5bd3525527L, 0x1c71487c1b0cbb8L, 0x11211f3733ff5ebL,
-      0x10be3e6d0e0b539L, 0x1e52dfb4a1d76b4L, 0x0c921b3376089a4L,
-      0x0e996bdc3af628bL, 0x1b4b2b1040492d2L, 0x04138843f6f57b0L,
-      0x0bf6b7de33f6862L, 0x149e49341f0ca4dL, 0x171330337b863c3L,
-      0x01a45a9db7abc11L, 0x1e8c2b75be47358L, 0x01ebfb7fd23466bL },
-    { 0x07b290cdffbd5d1L, 0x0ced34b819c6ff5L, 0x0c2243fbb72675dL,
-      0x0a85b9cd1cacd01L, 0x12ae4d82bc690afL, 0x0cadb0428cef95dL,
-      0x087d1584919fdfcL, 0x066cb346859b078L, 0x055771bf5556516L,
-      0x1e3449aaa45d2b1L, 0x06480e524bc8e97L, 0x11c73938c02f6a8L,
-      0x14511e601956752L, 0x0e8b52aa9f83276L, 0x152afb8c0fe7ae4L,
-      0x09cf87c3189fa44L, 0x0e640994d6ffd43L, 0x047d8969fb6ef3aL },
-    { 0x06381a2293cb7a4L, 0x104f85c3dbf26b6L, 0x008c1e2b0fbd14fL,
-      0x00af195d229e425L, 0x116ba4dde89ffadL, 0x1ac0502515b4b53L,
-      0x04c1c51a06853dbL, 0x11226b1f2f6985eL, 0x1878969962932fbL,
-      0x0eec28513452d7bL, 0x1c7db7f88e7e0caL, 0x1a5c9e8e933b5eeL,
-      0x17867ca0e95f20fL, 0x1bacc0f64db21f3L, 0x0ac725f9e163b34L,
-      0x068a77d28d4b233L, 0x1b14f9303a206ffL, 0x01fe63398bae91bL },
-    { 0x09debd5df21f920L, 0x1870fe0a00dc828L, 0x0ff656992abfebdL,
-      0x0a586f424448539L, 0x1deb926bf212085L, 0x19f8ee0ea649fa3L,
-      0x0f1184bcf93027eL, 0x1a4ac10b4b2b6a3L, 0x02a2f5d62f10fdbL,
-      0x06eb167ef8659e1L, 0x10928dac3c952d8L, 0x00baac8c256e2a8L,
-      0x0fa1f5249cc3a5aL, 0x1f3150c45f5f186L, 0x10a64e493b1a40dL,
-      0x10d0aebe1f7595eL, 0x034d41345dcb3faL, 0x03228a37ee38a8eL },
-    { 0x0ec633aba1924f9L, 0x1789b00319370f6L, 0x1eb1f943f05eee9L,
-      0x13de7b1c00406eaL, 0x11dc5a74ca53191L, 0x0a095c4aa2d3552L,
-      0x14001b887563f4cL, 0x1860378600af763L, 0x0f1789c696ed1a9L,
-      0x17969afcc2c7d24L, 0x1426e6065efa15eL, 0x0eaa53544cba869L,
-      0x07c058fa801dc07L, 0x0a5d0a6765681dfL, 0x01429d24b5c2a7dL,
-      0x0bbb4db8f0a0ad8L, 0x12e2a7ca4a94d00L, 0x022469eb955fdcfL },
-    { 0x056f14529b33989L, 0x1a8de54d740ad6eL, 0x184d2c1d10521a0L,
-      0x1479b3e67767e8aL, 0x1ff6e4a3955ce42L, 0x07554889d6f2762L,
-      0x1bf7f4eab1c5694L, 0x01418c3d932accdL, 0x1108a28b8f6a447L,
-      0x0177ac272a42264L, 0x16c58b438bccdd0L, 0x063f68def979704L,
-      0x0c96f2fd893dcd1L, 0x12c9463c1040bc7L, 0x18f11653631759cL,
-      0x0613e50b467bf32L, 0x1a572497175d92aL, 0x03b440a3ce5b80cL },
-    { 0x043a11491767eedL, 0x0dcd6c95fb2edddL, 0x13800e978869784L,
-      0x025466a82bd1445L, 0x0a9ead626360442L, 0x195772e162b1da2L,
-      0x1875d2f01899282L, 0x0baeb71aaeb17e5L, 0x11cff0ee7d08a26L,
-      0x1c8a70ed85b8953L, 0x0497412c61a4b45L, 0x1e98ad99d02b86bL,
-      0x1c9fff0e3ade253L, 0x0ed5f68cd23c920L, 0x1eb941942e741bbL,
-      0x1c300ce26a4c0b3L, 0x026f37600fb532cL, 0x03387580e2f2d43L },
-    { 0x173c0af73cdbb43L, 0x07662bf9218d6efL, 0x1504a868e1173c2L,
-      0x052449bbe322f00L, 0x1eac7eff69a104fL, 0x16899121a979c6dL,
-      0x0d1dbf0eced39f0L, 0x1e14d3d28616bc9L, 0x07d932340975a46L,
-      0x049c4cf2eb27767L, 0x0849436c8d17a60L, 0x1264fe96f2d6f70L,
-      0x154bb90b1f23552L, 0x08897beb1774e60L, 0x0eab8c87ea723d6L,
-      0x02cd45a1e5f3039L, 0x127b77f03660075L, 0x028242973b1aeffL },
-    { 0x10f3ce5a2f392faL, 0x003b57636483c17L, 0x1a4a12eaabd8c9bL,
-      0x0797d1d3275a03bL, 0x0d950908b01b16dL, 0x09d79c38982e121L,
-      0x0a68319bf585ce1L, 0x04eee6a281da788L, 0x18a31b12a1fabf0L,
-      0x029800102c598bbL, 0x1f67f2a71f7ae68L, 0x0d37d0ccfa6157fL,
-      0x08e9a9e13fd05efL, 0x1c8f574e179d398L, 0x0339b10fd326866L,
-      0x1f160a1a19dcec3L, 0x0c4fb24dc405240L, 0x04c97f0a8fbf486L },
-    { 0x054db3138f197aaL, 0x16b4ec3c397cc22L, 0x1ec113c2a0a2937L,
-      0x1d463c918d2f684L, 0x1d98efec9821e1aL, 0x0659d771c6584feL,
-      0x155cc82e13ea120L, 0x0d774b769508e8eL, 0x0a9be080acd50e9L,
-      0x0228f4e77881aa8L, 0x1b9d7f1104c9731L, 0x1d30714bc67ac4dL,
-      0x19a2b0abd26eea5L, 0x0db04154b990df5L, 0x0af30ab2a4b9212L,
-      0x173f63b902d1532L, 0x1e0134ecf4b9c8eL, 0x02d345fd4262db8L },
-    { 0x0ff3b45ff0a2bfbL, 0x0fffcaa817c585aL, 0x02156c70309b441L,
-      0x161a773a0829bcbL, 0x026d3917ed16865L, 0x0d9e0717ad12298L,
-      0x03cb9a88bd24fd3L, 0x0c290e2a915c483L, 0x06ab363a8509befL,
-      0x0e50f1d5c65ddf6L, 0x03726100468e5a4L, 0x1c141ab94aeee3cL,
-      0x0581897bc1ff982L, 0x042d6af3f5a0582L, 0x0cdedf12f092918L,
-      0x0c51fa2b91f414cL, 0x03956ce6ef7bef1L, 0x03c567efccfaf7aL },
-    { 0x1bf7f15f8520189L, 0x1015063bfb0e222L, 0x1ae77e88b86e550L,
-      0x0e3e94690e73db8L, 0x0814cc52d2d6026L, 0x14f891e6c99c94aL,
-      0x0dbdf79da849017L, 0x1c1c460dd415c6dL, 0x053815218b83a58L,
-      0x0315dbb5020918dL, 0x0894f2fcc6f9c66L, 0x06646fbd0c3fd1bL,
-      0x1690ae48902dfc5L, 0x05d53769792e49fL, 0x02d28a59af2e3c2L,
-      0x19292de215c1f21L, 0x1668cb4b48cb061L, 0x0056c96b9e83ad1L },
-    { 0x1b95fedc2ca548aL, 0x063104066c4d5dfL, 0x152cd19b0a011deL,
-      0x07a97d12057d322L, 0x13e681edea3be09L, 0x1a00b0c23dbcca8L,
-      0x1ffa3c8aa3d2c0bL, 0x1ec7de5969a95d6L, 0x19adc5151b3aed5L,
-      0x00e67e8cc6188b1L, 0x0b05ee8f5f623fbL, 0x09a68c84212fb85L,
-      0x1794b90bcf08fa6L, 0x05a854f5af5fc05L, 0x06a99ac6de2d2e8L,
-      0x079da349fd2684fL, 0x1ae8ef4dcaf075bL, 0x04addec50385374L },
-    { 0x1f92495e614bbd0L, 0x1d443dc11f1b1acL, 0x07b3f06f5a9dd59L,
-      0x0f1d06b885c48f9L, 0x0ade066a2bfaaf4L, 0x0b699b18a77a705L,
-      0x18e241caea98d70L, 0x01ff48538e3c5e1L, 0x0cac1e5d0bd07d9L,
-      0x0ff9af528a7ae02L, 0x014ff301553b05aL, 0x0d6e546b28ff126L,
-      0x002aebe487ab1d8L, 0x0fdce790f14fd83L, 0x037f3d6828435b7L,
-      0x0f4555a28e0b3e4L, 0x119480dc66fb886L, 0x01bad4427e092d4L },
-    { 0x18cbe2e1217f7eaL, 0x10f1543ae36d58bL, 0x1b006f6c6950685L,
-      0x01c9fae795eee0fL, 0x113a0d86678864aL, 0x0983345d75e3326L,
-      0x1654100c97e6723L, 0x0cf727db3925e38L, 0x1fdf36763541e06L,
-      0x0cbfdd85c8d33b1L, 0x09a7a981e72683fL, 0x19003d55188e4d5L,
-      0x01afa63c55c7303L, 0x07e8956def63ae4L, 0x1a20e2807373789L,
-      0x0a6f33fc1bb4e32L, 0x0ec66bb093b3841L, 0x01346c0c58465c2L },
-    { 0x1dae35841580555L, 0x19733a39e881db9L, 0x004efb3306ad3f0L,
-      0x05649dd3bc48182L, 0x1fa8e066da4099fL, 0x1c6bf71bd865adcL,
-      0x00502d6b8139190L, 0x0f0fefa62c856e4L, 0x186ef4edb339e4aL,
-      0x0f3bf769d3ec1baL, 0x1eb4def5c1f0ba9L, 0x06741f2f2313107L,
-      0x0a2e7a208e816b6L, 0x021aa8b57126014L, 0x17cafd445c7f8f1L,
-      0x074ac7d7276669eL, 0x04b8419ed4b01b5L, 0x0458139ae02b652L },
-    { 0x09bb464e1019195L, 0x0601379fe1460dcL, 0x19b8aff0ec84779L,
-      0x15237bf25f58241L, 0x0d995bc9ec71bc5L, 0x048fff242ebd5a0L,
-      0x189965f19da3b99L, 0x185b2aa5a335f79L, 0x1bae6c7fe8e1b76L,
-      0x13ec140ebf1d68dL, 0x126be57a625cd05L, 0x0499141903047c2L,
-      0x1bc3006c0dd1f00L, 0x0c3b9ea67ab8ffeL, 0x0d50362ccbb3df9L,
-      0x0a084b0454f05faL, 0x1fe5ab45c3f0436L, 0x020071d5025a6c2L },
-    { 0x13216495e46e4a2L, 0x176b21209b03a23L, 0x0ec7183b1df4de8L,
-      0x07cbc1585ccb244L, 0x05107ab75e13aacL, 0x0129eded0be20deL,
-      0x08a5996c8bb25cfL, 0x137fe70cf714a02L, 0x1fed660d50621a9L,
-      0x1e14283644fe1faL, 0x0d42e7c591469e8L, 0x0064cf96b0de7daL,
-      0x19967185b127c3eL, 0x0509804de403e3bL, 0x0bc7d3427055f51L,
-      0x143306c5eec8f5bL, 0x0394a42b9acf3a6L, 0x0098e1ed146d370L },
-    { 0x0785ff1a7da83baL, 0x0da12e827a21b25L, 0x06f7b00fe04bd05L,
-      0x1501ebe944f8113L, 0x1da251b9c58d411L, 0x1d97991e996b087L,
-      0x020f266ed141334L, 0x1fa33188897e984L, 0x060c261af730e83L,
-      0x106526fe5816dc8L, 0x1e0e2e77c79f201L, 0x1f2f898d21921feL,
-      0x175d75f1546b79cL, 0x0e58747f898a8a6L, 0x105d8569f01d3c4L,
-      0x01fe17241558365L, 0x0e9de8098ad44aaL, 0x038e8d2351a2a2eL },
-    { 0x0178f76fa1b382eL, 0x07661bb96ed06bbL, 0x0cab175344c2836L,
-      0x091ae4c45954b55L, 0x0a3bed0627d38baL, 0x1e7667e2a086db6L,
-      0x18f5fd8de9621e4L, 0x0823ecbb5fadccbL, 0x1c3b44a8560a456L,
-      0x1a3d9d427bc2a05L, 0x1f6b75793583d83L, 0x12182fa76dab049L,
-      0x1f325fc13ad8ccfL, 0x1b247d5c804755eL, 0x114b52cfa435c58L,
-      0x0159672c9fe7449L, 0x121b95cc416533dL, 0x0366934cf88b3faL },
-    { 0x18c0b3b12f4f3acL, 0x0e7f14ce8defd96L, 0x13e0c3cdcc9ac0fL,
-      0x06f8b51904a8006L, 0x0d8f144222dd689L, 0x0ba17975b849e86L,
-      0x16b76249e569d61L, 0x0bdc2be505810f5L, 0x07bbdc74916ab7bL,
-      0x187f205d2c565daL, 0x105faf8aeb0e6f4L, 0x134d8c3409781bcL,
-      0x0df27355694b4b1L, 0x18558cb7c99c61aL, 0x0232597a3c0dd08L,
-      0x1704df45df970d9L, 0x1c219eee274c7eeL, 0x0193e031fed1a2eL },
-    { 0x1399eff5b47cd53L, 0x0c34e8ca1d77f55L, 0x11ec500aa19aefaL,
-      0x156384b42dcc9d9L, 0x022de271c3e7c2aL, 0x16b52fe210b5bc8L,
-      0x0ccdb9637f320d9L, 0x0f9a2b2a13db502L, 0x0370400f2130bfbL,
-      0x1f2702cc9da43c0L, 0x0e87f8e7cf34886L, 0x0565dd969f0e0c4L,
-      0x166c27b83b72aa2L, 0x0d2fd2df8d7a624L, 0x0c06bc9e90aa52fL,
-      0x0225935f7504491L, 0x056eb6b9d2a3670L, 0x001078ce8e06fb4L },
-    { 0x1051a86a4dbba20L, 0x075e36d8ef2e29bL, 0x086799496102d86L,
-      0x1ba579989b34f01L, 0x10285a249440302L, 0x04313474ff811e8L,
-      0x0451cee4dfb8ce9L, 0x19fc6fdc5e499acL, 0x079fbbfd3a3d057L,
-      0x1dd0b69e66ef7e7L, 0x0163b16c8c5c9d7L, 0x1d7ce41875b722cL,
-      0x068b4f6bba47699L, 0x18c503b81313a1cL, 0x128458152c024abL,
-      0x11ec133a121d759L, 0x144f757e1ff0c88L, 0x03cf39390580282L },
-    { 0x12acf252820a239L, 0x1cba75573598831L, 0x1ae92302877ec68L,
-      0x12b47dcf55ac3faL, 0x1980446dd2453c3L, 0x0b33b7aa422ad05L,
-      0x1d6867ca765ef78L, 0x10be4a59418f126L, 0x1e961af3e7743a9L,
-      0x063ce2b3366dec6L, 0x0e153b2f14e3e5cL, 0x0e75424d0a38294L,
-      0x052a9f558c58daaL, 0x1de8af02f4daddaL, 0x0864e74debdfe0fL,
-      0x140ad4890f24e71L, 0x06de428b2b59511L, 0x0000e9e71b80ac2L },
-    { 0x0be36b9e145b1d7L, 0x1c9c5004e2b326bL, 0x19f79f03db6fcf8L,
-      0x0d8687ea725cac5L, 0x190897b1951044eL, 0x17bcbe52d5b15c6L,
-      0x0a392c687dc2d44L, 0x0bb239baea8ea1eL, 0x1b4c80e2fffb816L,
-      0x0f69ce3aca68159L, 0x0a92755a0cfb719L, 0x0979e6d27431982L,
-      0x0afcd2c404e7369L, 0x08ea00ca1a6609aL, 0x16179181c6f57f0L,
-      0x0f4080aeb208ff8L, 0x084b3280360790bL, 0x025dc637e2057e3L },
-    { 0x120e2ddfd0f8796L, 0x05206d899e4ef18L, 0x1b02a4da71b9a5aL,
-      0x0cc00e4e77fd46cL, 0x0cb8143937e5b6dL, 0x15e0029cf276784L,
-      0x0d4f121ffa7367fL, 0x1d7d715e8880333L, 0x02f124e3b293519L,
-      0x10610c564164e0bL, 0x075bc9c27716421L, 0x0a8a6daa0a5359aL,
-      0x1959120bfc5696dL, 0x087fd348601faefL, 0x10ca09e668fa234L,
-      0x0bb13a9f39f4ad8L, 0x0782e8fea9e9a13L, 0x01b4cd440db53bfL },
-    { 0x1ca33721eb1c64dL, 0x19d16f8e940aa2dL, 0x06cd94dc41bfa73L,
-      0x029ef97e9b6fc5dL, 0x0058b37f06c1715L, 0x1a74e2e5ef20b71L,
-      0x0e9d60b14e9fa20L, 0x00529b7bfc5d358L, 0x1795ec6cbc5e67cL,
-      0x011e12f8a135406L, 0x134835aa353e7e3L, 0x14a9a76f846bdc5L,
-      0x003d7a4d52838daL, 0x1c0e5a39dcf0476L, 0x10c72ab2a51d7a5L,
-      0x0a30ee4e3e73cbdL, 0x18b1df08e9f8253L, 0x0279d258190457fL },
-    { 0x17b81071ed095f8L, 0x1bfd36d1136a707L, 0x014abecdb4748f8L,
-      0x1c0fb1c623161f3L, 0x03e0f16eb114634L, 0x0f761bdcb1a54bfL,
-      0x087049152ee7108L, 0x0f969d9abb7ae56L, 0x0f96038686df20dL,
-      0x1a9acfeefc37051L, 0x1553e96b1222aa7L, 0x0957a2093be9887L,
-      0x1eb020607a56d71L, 0x1d01192f098a959L, 0x0ba136d26f87061L,
-      0x0f70089e49e94a5L, 0x1fd9e525c030b5aL, 0x036c3a2235368bcL },
-    { 0x09d07aabe9a42f5L, 0x098b61bc0e66469L, 0x09b6771a7a847f5L,
-      0x1f11fdd234e34ebL, 0x18d44f124e19e0dL, 0x174a724ce15a6e7L,
-      0x1330817db7e48c6L, 0x1d64ff750ed9e51L, 0x06e1a0f01f57f7cL,
-      0x01f8f9a79fe9dbaL, 0x17129d0b07484f8L, 0x04e0fbd70b0141dL,
-      0x1faf0848bc5caacL, 0x03d63ace87aebc8L, 0x13f14c45fd452b4L,
-      0x01e7b2b472e6920L, 0x00995a4aca97bb7L, 0x01e79c264ffce2bL },
-    { 0x00506bace1fc9e3L, 0x10ba133b581ccb8L, 0x0e379cafdecd25cL,
-      0x10f36413ee56943L, 0x0e26a8e1ca8602aL, 0x1279cd482c05c86L,
-      0x18b847bcce6dff8L, 0x1e96d8bb322c526L, 0x151174e1a577b24L,
-      0x1c07e5a82f228f4L, 0x05ebec520c86f7cL, 0x0d76e8fcba55e9bL,
-      0x05be99a60809980L, 0x0a2af41042a92ebL, 0x15829949920a367L,
-      0x00ee11918a80bb0L, 0x1263c67e73c7103L, 0x0159244287739efL },
-    { 0x173cde68541159fL, 0x1260c27da085910L, 0x18647cb2871de08L,
-      0x0d51647c800f450L, 0x06b2344a52c207dL, 0x1694a2838d01085L,
-      0x131b36c3961f2d7L, 0x172d8ad71df021fL, 0x11248c58f62d843L,
-      0x1c81b1eba6334baL, 0x03dfcb99b19bd92L, 0x0883824d797cc69L,
-      0x0373ce49e8b2f9dL, 0x140d86f85603f95L, 0x118874549219d63L,
-      0x0943942116a9a3aL, 0x01517261ece7441L, 0x049c59de6351d61L },
-    { 0x1e4a16be4ded340L, 0x0fd954074401b54L, 0x181b735ceb2e399L,
-      0x09554caf532e112L, 0x09101b061c3a043L, 0x05db2679827e2c2L,
-      0x0b7d7983ed86b68L, 0x0bf031855d9eaa8L, 0x17402057656f76dL,
-      0x0b35bc849299ecbL, 0x195795d35bad7edL, 0x036b4ab6896f5c8L,
-      0x1b93747ea560f7aL, 0x196d672b3cb80bcL, 0x1a0f01a2b9f83a3L,
-      0x0e683308e8c0f09L, 0x16b24e8c9ed1530L, 0x0367fac52ecf44eL },
-    { 0x08c01b003e51f68L, 0x0f9128e97f3eb28L, 0x142c26f62017874L,
-      0x1407c82b6fef331L, 0x007d9798255e907L, 0x029c4b68a4233ebL,
-      0x143d01570ec7a6dL, 0x1b86a002027013eL, 0x0fbbb2fa6d0233fL,
-      0x1b405857f8c105cL, 0x101370e34c5f802L, 0x088999918fbf63aL,
-      0x066ec13f84133d5L, 0x023717243fd423fL, 0x18eceb30cfe0f60L,
-      0x0d5ee78c4ff8a90L, 0x1275f67f8aaeb93L, 0x02ff2564798dbc9L },
-    { 0x01aa4bf8b6f401eL, 0x18951d6ae3f6a2cL, 0x1c99bec1ed28176L,
-      0x09384579a8f6030L, 0x09371c95fdd11f0L, 0x123757aa2a53ea3L,
-      0x05b4019b157ee66L, 0x0b830c6f8f8ffdfL, 0x0bafc1d346b83e9L,
-      0x0e1c2c9805da16eL, 0x17b0acd39f9c495L, 0x1f6163099dd1bb1L,
-      0x0249a2786469c9cL, 0x10087973c6e6062L, 0x1de9080a43657c8L,
-      0x17b5b0dc4a992d2L, 0x14820931c89eb2aL, 0x0409bb8b2090e02L },
-    { 0x066b25e9c5a8edfL, 0x1c461083c53d6b1L, 0x0df521dbbb7db84L,
-      0x12c4e88c2ebe04eL, 0x1385382a242fa7fL, 0x1b8df79f167decdL,
-      0x02a4aeb6b5ec40bL, 0x068ac5579f4cefaL, 0x0573ebd1751fdffL,
-      0x1fb2c293e12863cL, 0x1c5bbb11f2a25b5L, 0x1360cec4593dc19L,
-      0x02f8f2c0758ccd7L, 0x1300428a98fe2c4L, 0x1a316ea48cacdfaL,
-      0x08dfc9af766c305L, 0x198bf24735cd2f1L, 0x03ce140774e696dL },
-    { 0x1cc8203f2b48122L, 0x0248b582562475eL, 0x13727f12217aa30L,
-      0x0f0582003959e0cL, 0x076de250ab83899L, 0x0d5c10399cf390bL,
-      0x12cb85ea96baa38L, 0x06049a51940d782L, 0x0570c5bb7816b62L,
-      0x02891ae67735b03L, 0x0fe27c60fab909bL, 0x078d38cc4e96365L,
-      0x06b51e38bc3e3afL, 0x19f2071df058221L, 0x0f96f909b6f1639L,
-      0x1e8107f3baaf16bL, 0x14f9fd9f79152c8L, 0x03ac039d254f1ffL },
-    { 0x127b0578691ca22L, 0x15feb09d150db3eL, 0x0e16b1e5504fc81L,
-      0x14eaa6cc0fd097aL, 0x08a0e24cc5d18a2L, 0x03a6de970b36f3eL,
-      0x010e95b55d430f1L, 0x065bde8898226cdL, 0x114646e53cf4b84L,
-      0x1e0681854fecbc1L, 0x132090a5fb880d2L, 0x017ffaf7cd8f7b4L,
-      0x1608c7f3ff3d0b1L, 0x1a7ea6229690b23L, 0x1a784101b949666L,
-      0x1a65bf7573f4293L, 0x0a89342a7fa8661L, 0x01f9f1a2c7d7b35L },
-    { 0x1ec35af951597aaL, 0x1ea5624efb275a8L, 0x16726fd3bfd6d9dL,
-      0x12a2b4526a04ed9L, 0x1d9bb9c3423eca4L, 0x10f84e4534b2a9fL,
-      0x17e63e67ba77fb7L, 0x06571f452ac333cL, 0x1b763875835292cL,
-      0x19a76ee7e20740dL, 0x157a7d9515f6561L, 0x047c618f1a57b05L,
-      0x0cc1433d67c8ee3L, 0x1e418a5773bd972L, 0x038bd8d5b67e01cL,
-      0x052bc883ddbc454L, 0x0ef1e9e17ed6c48L, 0x0320690621a614aL },
-    { 0x09a0b8e3284d513L, 0x01aa2f98a829d27L, 0x101d16b354a81d3L,
-      0x183bca1b6f66dceL, 0x0549fc46d80bdcfL, 0x1f83d446cea3ee1L,
-      0x15308a6dbbc4cc0L, 0x0e69c8c3594da95L, 0x1ca8e351dfc9f1bL,
-      0x1e204a6aba30732L, 0x00accc3ccb4d9e2L, 0x096c50ae85d16c6L,
-      0x11876c29c369a07L, 0x0895e8bd6ff2958L, 0x06a98e7ce791826L,
-      0x00b831dc81acc69L, 0x016b968902ac72eL, 0x007ce0e54606c94L },
-    { 0x0bbaab367433df3L, 0x129a38ae9b1460fL, 0x03625fc31732daaL,
-      0x16cbc811f227464L, 0x1537345172c918cL, 0x06e504a5b1c42a6L,
-      0x04c99cc4e668c2dL, 0x1119e4ace601476L, 0x15ea60dfa6608b3L,
-      0x056ba583d9486feL, 0x009e275da53e6d6L, 0x1b716cc61f63064L,
-      0x10c65e3eaf48593L, 0x1f3931fc1eda3fbL, 0x19bfccd8e527244L,
-      0x1048137359d8dcdL, 0x0c534bd9ba7098aL, 0x03f18e097a2e9b7L },
-    { 0x0281d680dfd2dd7L, 0x165801255b0ec5fL, 0x017e510c7e5c7beL,
-      0x152b39677973860L, 0x0ffbb406660c8dfL, 0x14d086feeafe186L,
-      0x1f46de918c6f9e5L, 0x0ec66dc613dbc27L, 0x176b3bfadfc9470L,
-      0x148c92eee639111L, 0x1c35cc55b13b87eL, 0x1c821c566e8ee83L,
-      0x13efc4d93c4f64eL, 0x1e27dd97435f496L, 0x1f286ef14edf80fL,
-      0x174c15832d9ea66L, 0x1574de41a307e23L, 0x00d10ce229936a9L },
-    { 0x1cf7ef8aa4db0bcL, 0x18c033db64cb1feL, 0x019cf62864bcb88L,
-      0x05ffb8eee384c72L, 0x02fc0edbc0cec2eL, 0x063021ccbe471adL,
-      0x00481e3843b060bL, 0x11dfa1bc5965619L, 0x14d6c457f69e57fL,
-      0x09f34d92da9f8e1L, 0x08cc2b13e272e25L, 0x06532aacd7cc845L,
-      0x0d437442d192ff2L, 0x1f534a01b9e6a81L, 0x00c198bc1339642L,
-      0x17f26d582a6fdf0L, 0x12fe02bcf77b6d0L, 0x00bd554ccde480cL },
-    { 0x13d56438e55db2eL, 0x0f7219dca342886L, 0x03956e2118be0d7L,
-      0x0bd42fc4f834288L, 0x1d95f7a9a6ff3b3L, 0x0b396791fcce1b6L,
-      0x11701c85ff766f7L, 0x04be801583dba40L, 0x094b55c874ff06bL,
-      0x1225072872524dfL, 0x097a46d0eda04c2L, 0x1bc2429f2d8bd12L,
-      0x0c0f97fa9778bedL, 0x12dfe93387a2b52L, 0x1d823be8a3f61aeL,
-      0x0e97876965b1f7cL, 0x04afbd5ff8c2264L, 0x03594157852f9d9L },
-    { 0x0fc025f6341a595L, 0x01c6b5222f1463cL, 0x18f7ad11a109647L,
-      0x06eaa8f066e57adL, 0x083e16c43f9466dL, 0x13d65a488a0a698L,
-      0x1ed905176519a56L, 0x162205bbe131fa5L, 0x02a2b2d2d0bfd87L,
-      0x0f4df2e2ca2a844L, 0x1e2fd2a0091779aL, 0x1ad16460d61ddc6L,
-      0x06c2be9f3d80b0bL, 0x04016122bb52a2eL, 0x104b7ed0a7459edL,
-      0x12ec427cc884e56L, 0x0bfb664f529ee8dL, 0x036a7ae91aa3837L },
-    { 0x1c8f2b600ba9f88L, 0x003f03ddb685f9aL, 0x150acee0796ff72L,
-      0x1d4f58f03c1424dL, 0x137dcba6335ce6cL, 0x04b2439f184737fL,
-      0x10d340a3729898fL, 0x04ce5d74afd1030L, 0x1a9e3d59f79b78aL,
-      0x17853ee9783d751L, 0x1919e093417dd34L, 0x02e0022dbd6dc1fL,
-      0x1258f37580b2085L, 0x1a0385d9ce152f4L, 0x05df6439e2f5e95L,
-      0x10368aa3f90e573L, 0x0ad6eda93c440dbL, 0x0255785a7eb2e9aL },
-    { 0x1ef25063514c7afL, 0x13ed6de0c0f56cdL, 0x1a1e3e8fb162c27L,
-      0x0a2e770d0bde795L, 0x121d32ddd8dbfabL, 0x0ce233592487e04L,
-      0x16f6d3bbce1ae2fL, 0x1b7839baa5f40c3L, 0x064de989a25bc04L,
-      0x17cc1b5c2b9431bL, 0x16a0122f912a801L, 0x1c9c12e0318e234L,
-      0x17b2c11fb116dedL, 0x1390f66cb95762bL, 0x1afcea45136b786L,
-      0x029aff338a4d7adL, 0x137a1d4165b1c2eL, 0x045965e9cc15e31L },
-    { 0x0ec1bf28a52e991L, 0x1017b67cea17614L, 0x04c318d3a9142e8L,
-      0x078aec5739060faL, 0x087c2a2d3fc257bL, 0x0ca4455e994c68aL,
-      0x01b4b2853c69e8cL, 0x1138e1952760d74L, 0x19aa3f4b3ee405eL,
-      0x03277599aef7573L, 0x17d5e00efc75333L, 0x016a8ac2d7fba2aL,
-      0x06086e33f6041ecL, 0x18121e7a91efc07L, 0x1333560e669e723L,
-      0x190630d85049d0eL, 0x070220eeaec8fc5L, 0x02bf141823edf1bL },
-    { 0x060b698fbcdf666L, 0x0354cc5f5d8e937L, 0x16ea012610daf74L,
-      0x1ca457911a80895L, 0x08423b20d76bf75L, 0x1cc53932ae25cd9L,
-      0x1d8059703d2494cL, 0x0b4eda9e56e1946L, 0x1469899252030faL,
-      0x159bf43db02a382L, 0x1bdcc54f786cbe5L, 0x19195aa9de0bdf2L,
-      0x0aa93617b05ecbbL, 0x1e5d10bef5944e8L, 0x1528b5ceb03ef55L,
-      0x0c0c7a1a796ac33L, 0x1a6e8bee9d4c91dL, 0x02789701bb4b7feL },
-    { 0x0cfa42215f1a610L, 0x12e2a9bc328cd26L, 0x1151ce0e04d2012L,
-      0x0896509c54248d4L, 0x146d1320fa15b48L, 0x14507d1b2326328L,
-      0x0013bedaea231c2L, 0x0d4e9cf9dcf2789L, 0x18c34d22cb95ae1L,
-      0x0cf6c4ffce0ea6eL, 0x0219b4c8094dc67L, 0x056537ac8894c34L,
-      0x0cf277bab145b23L, 0x14a245817c44749L, 0x1487b2dcf9a71baL,
-      0x15f643492dd52b6L, 0x191a8f78ea75858L, 0x041e9199f589337L },
-    { 0x063328867b478d7L, 0x10d70a8517e4e0eL, 0x0cc06348906e87bL,
-      0x111279ad2c0b6d5L, 0x08117a8769f1f28L, 0x139ebb8aceb3305L,
-      0x17c2ba0480465c3L, 0x164a51fde0127eaL, 0x1b3978db8d854dfL,
-      0x15a1f7b7a2ecfddL, 0x192ffb56fb8e5f5L, 0x1eb2d7eedb5a2fbL,
-      0x0e3d40754ca01e0L, 0x1c7437799459140L, 0x147961a3b6d848bL,
-      0x14ab7044d6d5f6fL, 0x021463532152f40L, 0x039b1789f62d18bL },
-    { 0x12eb27c73c0c430L, 0x0532fd28e1b2bbcL, 0x1b3b48653c6e330L,
-      0x110296928ea14b9L, 0x0b6fbbf41894568L, 0x1543045df8540d2L,
-      0x1e578ddbd3d63c2L, 0x1abb26c3ad0730eL, 0x1b6510cd8e3a8d0L,
-      0x1f17edfdb60d22aL, 0x04553abb2247e58L, 0x0e2bfead1ec8592L,
-      0x172f2b399e0eb1eL, 0x04f85f85f3d7ce6L, 0x060da547f0e6eb2L,
-      0x04151e10c3b2521L, 0x0add9b16f02da0aL, 0x01788349fd1c607L },
-    { 0x1a6ce910c06ded2L, 0x0421797ec843d83L, 0x1f5aa7d8d69be5dL,
-      0x023dac0c4dc8d17L, 0x169ee54804b6189L, 0x0b51008fd97c4f9L,
-      0x0ceb272f4444f72L, 0x13cceb359fc21acL, 0x164ba66fc8faa62L,
-      0x1435724a3f9c141L, 0x10e81756736a669L, 0x162811d45edd051L,
-      0x04af3953c87c7afL, 0x0ed54f2792a8e47L, 0x1bc65016d4f49e6L,
-      0x0f9b63dfed1a95aL, 0x0432775dbdd9643L, 0x04c2fc1f227f3d0L },
-    { 0x1603c16eaf45294L, 0x188b06125aba8c4L, 0x0060e75ad4b5c04L,
-      0x05db28668098224L, 0x14f41b687079cf0L, 0x0560f0862d8145bL,
-      0x13c38f70fc1da72L, 0x044b58bdd47f164L, 0x0ee6684bae34c5cL,
-      0x092cf31cd5e2295L, 0x14b347a77d17329L, 0x1926348879f560fL,
-      0x0992c003b307019L, 0x06c65e17347eed5L, 0x1e0729cb67c5e70L,
-      0x18f3377e2b4de3cL, 0x0f154d779d550dcL, 0x0064472a007f4b1L },
-    { 0x0f71a6ae8f44357L, 0x1a5fb1d1e55b542L, 0x16796baf1a03dd6L,
-      0x0914ea7de466993L, 0x075e3c8ececaf08L, 0x07c69d71400a608L,
-      0x0cabaee7568e3ddL, 0x124eb3108c9701cL, 0x17b328e6ff2bc37L,
-      0x1dd8fd7f76870cbL, 0x1ab25568cc196baL, 0x1b1f245b79d0ce9L,
-      0x05987b907a8c19fL, 0x1d9d166bc60bd74L, 0x01ddcbe27ccd89cL,
-      0x19dadd75d4033f5L, 0x1154e5de4993a25L, 0x04712b05c578883L },
-    { 0x0d3746c3141aba6L, 0x083cfdd5967cf2bL, 0x00c673749f1d168L,
-      0x053bfb2a1d6c705L, 0x1a9408ff2223763L, 0x0b008c0f058ae69L,
-      0x0ee9d26a00802c4L, 0x1aa4e33b6bb4707L, 0x16078340a651046L,
-      0x094ea6f4ba91d8fL, 0x00d1723828a2ae2L, 0x158415be138e808L,
-      0x052331d61161275L, 0x09c8e5285a0d593L, 0x0488c548c331df1L,
-      0x13453117c19251fL, 0x0e5fef3d92b92fdL, 0x02c802f91419279L },
-    { 0x1b1750c3c4c1c74L, 0x1d56074b37dbcb5L, 0x16499b165cfef9cL,
-      0x04750cad6d0b4ebL, 0x10446cde8c97f93L, 0x19c4bf95b821d8aL,
-      0x1cac952245bdcffL, 0x1cd227ba0396316L, 0x0d0a751f1488c0dL,
-      0x08bab8a42ac652cL, 0x050c0512998f686L, 0x015961c10c312eeL,
-      0x0cf39ead9c2df19L, 0x0b9c16d080407e0L, 0x18a8ce00216b1b8L,
-      0x15d1bd2f230a264L, 0x16ee4495936b43bL, 0x02bd3c7136bc1efL },
-    { 0x01b346f40dbddd8L, 0x0d493ca0861d60bL, 0x1e0c621b3cecad2L,
-      0x0467727bd718a84L, 0x00df579d72df323L, 0x077a804e46acfaaL,
-      0x0190f975e99f708L, 0x18788d67230cfe1L, 0x0ecfa2445ad96adL,
-      0x0c7ac4d8622a268L, 0x124c0782105f5d9L, 0x1ed588a9c511cddL,
-      0x0fac0f462d6ca5eL, 0x046c501b20c8824L, 0x14d6dfa14901f60L,
-      0x1b50f698a674fedL, 0x0e83251e4128f6aL, 0x00e51b862c0e239L },
-    { 0x0bd5171a801b68aL, 0x143ce7e8ccc59caL, 0x0afd0458c809cc4L,
-      0x09eb603fb6920b5L, 0x1cda128bb5fe87fL, 0x1e98fbbc6f291d4L,
-      0x130d42fc586871eL, 0x05b6bbd9fa04720L, 0x0224b2882e188f1L,
-      0x0e9400efcced73aL, 0x119ed4233473483L, 0x187b810cfc7395aL,
-      0x002b4250726c311L, 0x177ec801b8d08b9L, 0x0f4ec0e0efd1938L,
-      0x0b754a7a089143bL, 0x07932db52f4e626L, 0x012c259a62619d6L },
-    { 0x0b863892aeec688L, 0x1a05d22fdf2919eL, 0x07dff582d7e2979L,
-      0x1890e9227a845ceL, 0x1a17d80d455d185L, 0x02a29202615d9b7L,
-      0x0995cfc9c6152b0L, 0x190edba608b5173L, 0x02e42c3e162ee7cL,
-      0x013338326fb63e8L, 0x1f754771f2d2200L, 0x157c30f12fc0b24L,
-      0x0ef2d5737c6b3faL, 0x1fa8d4ffff35691L, 0x001eeaabed809a7L,
-      0x14935c3906a8ad3L, 0x085acddb6ff951cL, 0x03f4089ba1fcd58L },
-    { 0x1722a8b830a88b1L, 0x0c75467088bf0d6L, 0x02e01026d1f6464L,
-      0x06d88da3a67c05aL, 0x0589669cb53812dL, 0x1866af17e84ed87L,
-      0x1114e6117341856L, 0x19618382ab4470dL, 0x1da774de5f5ff43L,
-      0x183b5cc71c8e066L, 0x1c7bfd4013ca1aeL, 0x08d95dd817fd2faL,
-      0x0732a1ad9423e0bL, 0x1cb6d2117229c33L, 0x16caffbf8327e04L,
-      0x1f522c6ed8344c7L, 0x1a6001c7918ba56L, 0x021b5c6326fc242L },
-    { 0x0117e9d8ab764bcL, 0x10f4a503befc244L, 0x174c3063baf77e9L,
-      0x1ff928a3b8b4eecL, 0x071a347a548916aL, 0x1da0ef80d297198L,
-      0x10a198cee577ac8L, 0x0d1bafad1928791L, 0x1e4f9d41e18d970L,
-      0x0c845c846493cceL, 0x10523b51ce528deL, 0x0a2f9aa3ca7fcc2L,
-      0x1e0243dcb6e5018L, 0x0bcaa202a83003aL, 0x1f697ff97737988L,
-      0x196ccdef921c2a6L, 0x1e11df7aae40768L, 0x02933654f36df4aL },
-    { 0x0ddee6d1386b3dbL, 0x057ad3e1c72a042L, 0x1103ac13d277e79L,
-      0x11fbcb49fb66830L, 0x10257cfc2138a1eL, 0x1eb8609f3734921L,
-      0x07fc0d4671b8c67L, 0x1d11e69c2e90d86L, 0x0f1e298fd940ce1L,
-      0x1dc658e8a4b06beL, 0x104d1cacbceffdbL, 0x016828ddf1fe40fL,
-      0x0b7bd3e220899a2L, 0x1135f513bef61b1L, 0x0d32d9ea5d41139L,
-      0x0e0741e6568929fL, 0x02bc17a09201fc6L, 0x020f992dcce6c25L },
-    { 0x12ed513ce2843a4L, 0x024c70039457e18L, 0x0089361933979d2L,
-      0x094c40107751de5L, 0x0bed338d3406470L, 0x1f3d9c2c82f0ecaL,
-      0x1eee4a95e32d418L, 0x083304edb2c513cL, 0x0dfe2dc47f17b73L,
-      0x091a90f8ed644a2L, 0x1b4a348d002a9d6L, 0x00bd4ec374867b6L,
-      0x0d9bfd07ddc6477L, 0x1216547ec4a3dd3L, 0x030d1a003cb8eb0L,
-      0x031fa93de8ce1d7L, 0x09e7db3d37bd9aaL, 0x02b5987db72c675L },
-    { 0x1ecdcaacd80a428L, 0x0916e4399644883L, 0x1e60eb69107debeL,
-      0x092496011441b10L, 0x12e81c3a3bed9a4L, 0x1c03e99091a99e5L,
-      0x0bb2f0d3901d597L, 0x11a17f5df4a3e5fL, 0x178b634a5ade8a8L,
-      0x0705bfc4a1c9548L, 0x088dde42ec73631L, 0x09f5f0e4095c612L,
-      0x1585d3cd83dea9bL, 0x03291d3c9f6fc0fL, 0x10365a563e23147L,
-      0x0fe0fc8e5f7162fL, 0x146899081e5dccfL, 0x009a9e62bac5ee8L },
-    { 0x0a5649739bf6e18L, 0x05ad1324dc4e394L, 0x128373a2e39d67aL,
-      0x02408e08191b286L, 0x0a7b8e82d935bf5L, 0x1c094a1559d0b23L,
-      0x1ca5fc560fb589fL, 0x057082d4fc0e5acL, 0x149685d86cd39e4L,
-      0x13cbfe3cac6edd6L, 0x03e4a055739b7a2L, 0x0ae1f146c46b4abL,
-      0x0052877ae575f4eL, 0x1358b75ede34e7eL, 0x07307c63d064ea6L,
-      0x1cf131a3be87976L, 0x158723a830e5a21L, 0x01f610c2efa28efL },
-    { 0x1d4c7d71f0bc2d7L, 0x163663728ea095cL, 0x164e827e03d9a60L,
-      0x0a08f5c13925c05L, 0x17f351f9b7dd2d2L, 0x1c285f1a818a4f9L,
-      0x14b21a75273871dL, 0x13ac048559625e1L, 0x0ba188c567bc28bL,
-      0x1203090835e02a8L, 0x012c7e35f50ca63L, 0x15cfa712a3c161bL,
-      0x1b8bc97607b4a67L, 0x0a4bd5395a93e2bL, 0x0f7599af24f17cdL,
-      0x08f46be3bd19873L, 0x1e53087dc5ce9d4L, 0x044d9ab5b5108d5L },
-    { 0x16db0afdfdcc837L, 0x005d55438dbd4f6L, 0x1f2470752dc83eeL,
-      0x0f5b593cb882757L, 0x0b8657a3f5b56bfL, 0x00eca72b32516d4L,
-      0x0d96046c13dc839L, 0x1d4c7c23a4c6e86L, 0x0ee628ecef426daL,
-      0x08b0ce4e58b16e1L, 0x1605fe1d92190c0L, 0x0e04ab09790d39eL,
-      0x0f00bf7928e1bb9L, 0x0e30777296613e7L, 0x0b70be53bcea03bL,
-      0x09ea4fc24057d0fL, 0x126656f18e08a0dL, 0x01ce27886abe2e8L },
-    { 0x1a9b68ce88aecd3L, 0x1848c528c554ed9L, 0x16b52f53b951556L,
-      0x0e040d1b09db839L, 0x011ac72d79b68b6L, 0x0d053c3ed640684L,
-      0x18a0db479b4d6a0L, 0x0899083d3d477a2L, 0x0a7bc1775894c44L,
-      0x15b1b92f8d50901L, 0x1dd9fb1f53155bcL, 0x1767a8dfea377d8L,
-      0x0d73f7e3392817eL, 0x0d7692627ef2df4L, 0x195e73d131b25ddL,
-      0x1f79817342e0f6dL, 0x100cff164789069L, 0x020a5aa16a48a95L },
-    { 0x1c31e58606e173bL, 0x1a70dc873389d19L, 0x144b7aec82bd6dfL,
-      0x0e0a241ce084bf6L, 0x1013e4ecc788c61L, 0x03736b9f782b014L,
-      0x1a42a7e74d6b207L, 0x05dc263d11f28a0L, 0x1708f9b3244af08L,
-      0x1726b360dd15754L, 0x1d29b9d036ca72cL, 0x0491a308600f5e3L,
-      0x18ed556a6c74ab9L, 0x13868bd30999c77L, 0x023d6ffd23988f8L,
-      0x10a2a78e6c5f52cL, 0x12a43977874444eL, 0x02933c6b57005c5L },
-    { 0x1ff1c59df36aeb4L, 0x1329e5495e055aeL, 0x125a49e97e054b5L,
-      0x085bfa923e1c07eL, 0x0571f89b8509d41L, 0x19a24292c616295L,
-      0x07824af5860124cL, 0x00c3467d29e7efbL, 0x0fab418d32c1bf9L,
-      0x1ce24872d52b4aeL, 0x0465bbdb4b5fffcL, 0x00ea1ef291521c8L,
-      0x12d3053b4f3ecd4L, 0x0eccba64a5ac7cdL, 0x08bda0ae3ba10a9L,
-      0x19d4c474b383b7eL, 0x0dd045ac614c8efL, 0x038205d2de08677L },
-    { 0x0364f81515a1a96L, 0x11a818c2193f016L, 0x19406b64f53cc69L,
-      0x024e76c2e61412cL, 0x12cda9d29d7694fL, 0x0a60bbc4436c3b6L,
-      0x1a5ac78069d08a0L, 0x00c69244ed70cceL, 0x02fd4f0c65b25f0L,
-      0x0939a4ffd94a625L, 0x18362b7874cdbd9L, 0x07d1cfc70c1d83fL,
-      0x01b774c31eaf9a2L, 0x01b2bc254be95b9L, 0x1d3aa8feb0f9609L,
-      0x06491fe5bfe9ce1L, 0x1c13d281e1afe87L, 0x04821d36b05e8e4L },
-    { 0x111a0fe766c7937L, 0x0f6ae55de1df18aL, 0x0333802222b06cbL,
-      0x1ac2c401e65582cL, 0x14a2ea06928754bL, 0x1f0837dc00e41e9L,
-      0x136522b5e80ea72L, 0x10132d610459dbfL, 0x1c3c3463ae40698L,
-      0x1897526facbfb31L, 0x14e0d10324abe7eL, 0x0b8c9d1b42a8591L,
-      0x02db4e801a79bc8L, 0x0f1abcd94abb8fdL, 0x0ab41e1ef4b04e0L,
-      0x1588dc8b8ebbfffL, 0x135b0760a3cb73eL, 0x0131b15a41d092fL },
-    { 0x1c68d28eefc3e89L, 0x1743bb4f4f73892L, 0x0e1abd792dd4b43L,
-      0x05970d6667160f7L, 0x1f552bacdb70907L, 0x06d0f4fe9e90757L,
-      0x1c51697bacac530L, 0x10a723ed11489f2L, 0x121fbd3101e06d4L,
-      0x0f27952df54e6a4L, 0x0351929efc87691L, 0x11900a9aa8e2f6cL,
-      0x11bee0f2e9193f8L, 0x00a1c939ad6729eL, 0x11ad7ba4b09958fL,
-      0x0b375390dc1652dL, 0x15e452fe23109ffL, 0x0174a95902aae49L },
-    { 0x0846bcad75f886eL, 0x12edf6a1efe2c15L, 0x16d801ec6e1b9a2L,
-      0x126abfe56a207c8L, 0x0263ecc9580e2ecL, 0x0f2f19de3817935L,
-      0x081d8a0d6ce1860L, 0x0da04a227d8d824L, 0x1a5c26e3a7fbd85L,
-      0x17c1fd9ceb75e58L, 0x094fca9134bea23L, 0x1e66a763f52ef55L,
-      0x1117559a307c14eL, 0x1849bbf07fb0250L, 0x0bc09ccaf365ac2L,
-      0x1de0d4b82912db6L, 0x04b1c0a84c9eb53L, 0x0091b680b981bc7L },
-    { 0x1481c8fc084373bL, 0x123b432304bd76bL, 0x1e8184ef0d2ca6bL,
-      0x19269785602601bL, 0x0e2be7e23712714L, 0x008400432923148L,
-      0x115d9553eee7fb4L, 0x105e1d816708462L, 0x165baf594330a32L,
-      0x1eef0d438377c0bL, 0x11c9f6e9d4c3a4eL, 0x1acce9992b96fa5L,
-      0x052438906dbb0c5L, 0x08a32c79d9fe69bL, 0x05fc3a466206507L,
-      0x18fd5cc2deaaad9L, 0x16e353c2d854b9eL, 0x00152400a31065aL },
-    { 0x1d6d23d506ccd38L, 0x10e2a482cdd5308L, 0x109da74047148a6L,
-      0x0db05126fae2f93L, 0x03835083e87e1b4L, 0x0d612c7aeb1dddcL,
-      0x1347fc29ed09eabL, 0x1fb33564d7b3e2aL, 0x0dec0ffbf8ec955L,
-      0x14abe33a4fe5c40L, 0x0577b87804537bbL, 0x096e6d3e8d8e647L,
-      0x0091eb2599192a6L, 0x117461ed2182233L, 0x155b462f8b6a21eL,
-      0x0ebe7489c584b86L, 0x1e031390414b55fL, 0x00ec5ef37c790bfL },
-    { 0x1cd39f8a2028924L, 0x078ce583765cf81L, 0x12df5bc16119b95L,
-      0x0cb40c0eed0c577L, 0x110fec10dbe0671L, 0x0ddb2e49cbe4bd5L,
-      0x0e8e3d084e099bcL, 0x1cc829bd9974ce5L, 0x1594d4d43f88b05L,
-      0x0c9fabd564a6a68L, 0x10a9aafec5d8e1eL, 0x16b76df8cab4e9fL,
-      0x04ee8d2139d8196L, 0x1b069d136e1bae4L, 0x0e4ee1ee6c02808L,
-      0x0413d66dda6b9bdL, 0x1c1f565b28bcc83L, 0x01a4e34a1e30809L },
-    { 0x1b394444de6c88aL, 0x16238a380103f68L, 0x0288870ade03570L,
-      0x0810a1327d6de8bL, 0x1aef0c18749f756L, 0x1e38782005d2bcdL,
-      0x1fafcb5d0a4e1cdL, 0x0a78b51c5d8428cL, 0x0243a666e5337f4L,
-      0x0c8f8e3f685ea85L, 0x1cfa43d2f47e472L, 0x1d14be1c253674fL,
-      0x170738963596089L, 0x138c1564e869d0bL, 0x05f170a73e10b54L,
-      0x0aed24232a53210L, 0x0faa32f327e8725L, 0x002b2c3d5c4e16cL },
-    { 0x08562ed1ce4733dL, 0x1fbe5cc728a2200L, 0x087ea6ad1ae57ebL,
-      0x1d6c351826be060L, 0x16b3597689494c5L, 0x01697b2be4a81b1L,
-      0x1c0f9afa1323cabL, 0x1761cb669b137a4L, 0x1c4ad918f7e872aL,
-      0x1544f4fe2029770L, 0x0bb8fcc642d47b0L, 0x086edffe4a9f859L,
-      0x08883e097258fd1L, 0x07d8aa1c379e06bL, 0x12ab8018f4283a4L,
-      0x01ed98870ec97edL, 0x1de815f15653f1dL, 0x00dc3f976dc366dL },
-    { 0x1792bbb2b0b15b1L, 0x05ad3e735d3bc9aL, 0x1f67763cdde68f9L,
-      0x1b8531a3dff759fL, 0x047031c6005450bL, 0x0b4033071faaab6L,
-      0x14b081dc3c1ea57L, 0x0a99c7d09c05a20L, 0x1b050791e7aa8ccL,
-      0x0b10f39dd1911d1L, 0x06e534e58ca6413L, 0x168efd700adb0f7L,
-      0x08edfca0cc8df9cL, 0x0b895065712186fL, 0x0122a64dd2fd05aL,
-      0x1cb3d7c7e78ef11L, 0x023b22b87b1c4a3L, 0x0470113e21f4adeL },
-    { 0x00e22a83210964dL, 0x0aefaff82b77580L, 0x087f6bc7ab5f733L,
-      0x00cf9b95c6042e7L, 0x0bdcc90cd02833eL, 0x125a7a8e62ba65cL,
-      0x00a621bb29c50c8L, 0x1d7a01cc075767fL, 0x1b98ece1b0c1a8dL,
-      0x14523721bc6130eL, 0x077436985979748L, 0x113296fde1c58dfL,
-      0x13bda9f306b3ae3L, 0x1c50426d9d1e0b5L, 0x053a5417a689b4cL,
-      0x00d78a51cb326a7L, 0x16e848ecb114ea2L, 0x00a58ad5aa02a2eL },
-    { 0x16d86c9664c59a2L, 0x115f0b07ebd5287L, 0x15a641cb2e38f7fL,
-      0x1302ed4fc067f36L, 0x0587080b5f2325dL, 0x0ea702bcd06a73aL,
-      0x0a38693b837bc35L, 0x1dd815b3ff590f6L, 0x1d6f18d2f3f09b4L,
-      0x044b57394974ec3L, 0x0254f58251d8f33L, 0x0f5031f7f3f5951L,
-      0x094b63d701dbee9L, 0x03f53917ef90707L, 0x0ad5c7f2ee9b8c1L,
-      0x0abeb9cafc394c2L, 0x02e1e16ac76009aL, 0x03a15df6c621c4fL },
-    { 0x1ea86dcc1dc2c73L, 0x1feade0b21d5f91L, 0x087c9363287d2eeL,
-      0x01196b958e0ff1fL, 0x14e66a7dde68a6eL, 0x1bd6bc3eaa6325aL,
-      0x0ae51e276e88aa6L, 0x0229b11aa81c6c9L, 0x0c8c2e02d1f72e0L,
-      0x041302ba371513cL, 0x0d6ecd2c61f1f53L, 0x1bfdd71fc193cd8L,
-      0x087d11e415ed8b3L, 0x1c32e3fcdb5e1a7L, 0x1b305f2ce422efeL,
-      0x1ad36e2fa39cdc3L, 0x124151e3308f7cdL, 0x04bdead0a5ae4a0L },
-    { 0x01c62fe81e82861L, 0x0a5b6eea1620770L, 0x156f997a4795c0fL,
-      0x08b5777fbafca5cL, 0x072a45f4b8b4937L, 0x0794ec5a78afa96L,
-      0x19d7f3a10d6a154L, 0x12d3beed736b05bL, 0x052e84c5fa20c8bL,
-      0x1bbe9688545057aL, 0x06ef6329804f0ebL, 0x13744df060be071L,
-      0x080cec8b9ab0d9bL, 0x1fd5ed0c7829f42L, 0x10930a9358cd9ebL,
-      0x1745ca1ea77c94cL, 0x069f892c58c864fL, 0x018be3698a4662aL },
-    { 0x03525b02cb7d42bL, 0x005e49887d65706L, 0x008bfc81023d549L,
-      0x1fc1821d411aba4L, 0x118eb23d6b01402L, 0x12950cbfdf7b453L,
-      0x035ba8051ad6904L, 0x102b35f9c90221cL, 0x0e9a1d27f022de1L,
-      0x0dcb68b6e1fa4edL, 0x0b8fd7bef90021bL, 0x0c83d9978239f83L,
-      0x19525f8636f9d70L, 0x013b1e182481113L, 0x0418c2cdda5e5abL,
-      0x07e2f398690783bL, 0x0fd451651f0ee3dL, 0x03572cb9cced05cL },
-    { 0x1b13bc7bff4d2eeL, 0x0a1149858b9ec2bL, 0x0f541e524db081dL,
-      0x14bdfaab7d6c4a9L, 0x0e0c33891d5f232L, 0x10fca26037a542aL,
-      0x01edf3cb16d6639L, 0x0998ac90c3ffabfL, 0x0ee261fb15a2afaL,
-      0x07fb91316cbd3baL, 0x06b88b5b3c01eacL, 0x0a69a68de428351L,
-      0x1f97b6497e28880L, 0x1d157ffe47f39dfL, 0x1469c9a2a1656cbL,
-      0x170573df39e7de2L, 0x072a84ee5f1e744L, 0x033248246de31ffL },
-    { 0x1b7bb781e8b760dL, 0x185ec12d56d5048L, 0x167fead489bf51eL,
-      0x0d7ff8291d02927L, 0x029be3db4a6dd22L, 0x185585ad0197c55L,
-      0x121a0c636f1c0d2L, 0x08db9997f6afacaL, 0x08506ab379c581eL,
-      0x089b53714187671L, 0x1e4d5b3db2031c2L, 0x06efded63d0c916L,
-      0x0183f0f1c9fa176L, 0x0b55f6ee964e0e6L, 0x0ec37925bc149b4L,
-      0x10e747c1d31c552L, 0x1ec6f2d7ada0f13L, 0x0275c9dae79fd24L },
-    { 0x189f7e5e11fae32L, 0x0ba7ae2011fa8deL, 0x137d2470fdbf44fL,
-      0x0eaaa4f36e36002L, 0x05ba00681d849a5L, 0x1e51655dcf444b8L,
-      0x19dbe0888906704L, 0x0555f776d0bfa66L, 0x1931c3f5275878aL,
-      0x15777f7f79ea8b9L, 0x097322f629a1e04L, 0x1b67b33e182c313L,
-      0x06a19d48b682cffL, 0x14e362705fab2a0L, 0x00105c95817888fL,
-      0x03990a7cf03bd0dL, 0x168cdf5c90bc700L, 0x015ac16c9be021fL },
-    { 0x1165c8281abc2aeL, 0x1c07af15b4f6550L, 0x0f481fffd9be9ccL,
-      0x0ca8eeca0d812f6L, 0x157fa21c5d60382L, 0x06deeaee5d64f9dL,
-      0x1cca9e1d436d326L, 0x0390bc42207b3dfL, 0x1ceed172c2f11c4L,
-      0x071c9324f1a4604L, 0x0e4dae0c7b77eeaL, 0x1a0dea10c946e39L,
-      0x0de93acfcd915c3L, 0x19f97bd57f4719eL, 0x1f3ba692fb8435eL,
-      0x095fb83b1d691d6L, 0x0c04fa49ce3fa57L, 0x03c30a884c316daL },
-    { 0x1e3f4807ae72c21L, 0x150a27e8786d29fL, 0x07a3e30e91518c6L,
-      0x08a369e3578eddcL, 0x17cdbb24379ae09L, 0x1eafe6951d21cbeL,
-      0x1bd69e8533ffa0aL, 0x19f77c9da25e84fL, 0x09b0a43ee284d3cL,
-      0x1dbc5c9c776370fL, 0x1013919ee3a1ed5L, 0x180a686e984031aL,
-      0x055428deb50c8adL, 0x01d7d167b21b9b0L, 0x0a55be6d3603b03L,
-      0x038d0daa3f27875L, 0x0259f9a28ab8416L, 0x02a05b5dbb5e4e0L },
-    { 0x0e1734c321d315dL, 0x0b3096c3702e802L, 0x0516eea336053bdL,
-      0x1359b8f135d5f5cL, 0x1877570f1fb07a4L, 0x1e29ef3510f4d6aL,
-      0x063acb92a0dfae6L, 0x08a86db65263ac5L, 0x143afbc78ea362fL,
-      0x14b9ecbd55fb2c2L, 0x1f6af832493580aL, 0x11e0f95be1d3b9cL,
-      0x0175020538f69d9L, 0x0230e694f05a82dL, 0x083a060f6df468dL,
-      0x0a1edc3850eecbcL, 0x08c2ca2586752ddL, 0x044be558a49701cL },
-    { 0x1ed38130d8bab8aL, 0x09b26521c10052cL, 0x1cb101605057047L,
-      0x14f5912ce80d0f7L, 0x197411a086ad0d3L, 0x019b8e22494082dL,
-      0x00c79d2612c47ceL, 0x1c0e1a5db081a35L, 0x0d883628b6c912fL,
-      0x07c7bfd8a7d4469L, 0x1ca9373c2b24f91L, 0x13554d849f4cac9L,
-      0x03bf6cd94982f62L, 0x10528c16d5c835dL, 0x1ae4e94b208b99cL,
-      0x0e7545fe8fb5861L, 0x0c5dc62c4a4fff6L, 0x0325803b1a3b587L },
-    { 0x03f533eb3c9a404L, 0x1bfb9dbf7cca90fL, 0x18a5b094da4ec76L,
-      0x080e71dda98fe27L, 0x0e26cad07ce7f4cL, 0x162e78e67e9d99eL,
-      0x1380761e124d407L, 0x19e7f1f813bb810L, 0x0217cab32c39b5aL,
-      0x16d785dcf7aaa8eL, 0x1dbd5b8485ea550L, 0x1625846e0055f78L,
-      0x1fb070a29380178L, 0x0bb654b205a961cL, 0x15a38db8e49454dL,
-      0x01d084aab284833L, 0x18c291fb82c09e5L, 0x03ee91753330c76L },
-    { 0x1fe844b49cbb3bfL, 0x063822ab17d92bfL, 0x14de7d6a116b783L,
-      0x0dca24eff83cddcL, 0x10635718956d7f2L, 0x0abf9a163aea5c9L,
-      0x1d0ace685224a5aL, 0x0e519e9d66505caL, 0x16b0d3ddd83247bL,
-      0x1d4fb19900d211bL, 0x100f04505292159L, 0x088f6ded522c82cL,
-      0x10dac6f79060afdL, 0x1e9dcec14afca49L, 0x12b7c3da17fe52eL,
-      0x0e912b91f31f8a3L, 0x0c89559c88ab13bL, 0x0189bbe332f8c7eL },
-    { 0x1c5de097dcfb35fL, 0x0654f80e61b7c1aL, 0x0175d5db2d8cb73L,
-      0x15ef6966eafd27dL, 0x109a19b50c2dd48L, 0x1ff303cecae6a7dL,
-      0x16b49d4bb4565c6L, 0x0de8731019e4b2dL, 0x0e52efb5369e90aL,
-      0x004bb3181e9f305L, 0x0d93eaa541c3811L, 0x076c0ac49ba5f9eL,
-      0x0400d5e467d8f99L, 0x0647a29259ad4c1L, 0x02805e78a274090L,
-      0x1b57bde8a8478c9L, 0x0713a5fd695587eL, 0x01ed66286508f29L },
-    { 0x13e4f946499ae4cL, 0x0e5f0b829e293e5L, 0x13a6f9e0ba2a91bL,
-      0x11b0903c8b00febL, 0x0a286fd0b6c64d2L, 0x0e6da4f9af228c5L,
-      0x0fabfdedee6eb7cL, 0x1f7e7f6c4215d84L, 0x00a9ba385b9bfd2L,
-      0x08d06a9c403f9d0L, 0x091012c5eca10b9L, 0x0d0ff3bb3e14f56L,
-      0x14f3e9df646fd57L, 0x106f8ca6e68f7edL, 0x1a77c15774b7de9L,
-      0x114637da7e587c0L, 0x0f7469b75612324L, 0x04334a4f0b4a3a2L },
-    { 0x09a0da53f4ab07aL, 0x17999faa537df9dL, 0x0486c8f3ca40b35L,
-      0x1d091c7ab01925dL, 0x13b218abc9581c3L, 0x165a6bc9d78fdeeL,
-      0x00e80e1663a8419L, 0x16aa002729d3218L, 0x13b664b1e7d0877L,
-      0x1ced8ddeba63848L, 0x1510d538b577435L, 0x08366653b7050a5L,
-      0x107b96d4800d2b8L, 0x014aee237d42275L, 0x1dfb138de9415a7L,
-      0x062ef85a706e729L, 0x198dc3884ff5b08L, 0x02ba1a95c458fd2L },
-    { 0x12193f70d5d7ce9L, 0x0fe9305a43f57f6L, 0x0d65ef997f40f06L,
-      0x00f04e1aacf8895L, 0x1aa70198dd9da86L, 0x0cc2efc54276005L,
-      0x0a360bb09f924a1L, 0x03b32d995e1bc40L, 0x14e7648c761c220L,
-      0x0b19ade048e0cf5L, 0x08e9a7c359e0aeaL, 0x0681a528c9264a7L,
-      0x01099f68733f204L, 0x14cb008d222290dL, 0x14ea5397f2f3025L,
-      0x147427109abb1f0L, 0x04f2418c624d3b6L, 0x01f218d7903571eL },
-    { 0x167d93983d381f1L, 0x00d57686019e1fcL, 0x134151041da0d94L,
-      0x10a1274da77e75eL, 0x192f2900a86d159L, 0x185baaa1d703a0eL,
-      0x1b5bffacabe98dbL, 0x08da1214d47548aL, 0x1336a4fdaaefdb6L,
-      0x08dff220d4a17beL, 0x0a8fb6147b907bfL, 0x0d0c23d26b8aff8L,
-      0x0653bbb3434f1c9L, 0x16c4b61566abbb3L, 0x0efe907c9a4c6eaL,
-      0x19de3141f77a30dL, 0x1351c3d7d82a203L, 0x036d69f8af13326L },
-    { 0x1940b7d12ec35a1L, 0x0e2db73efd89468L, 0x031bc4cc8755886L,
-      0x14678b1d6c5984fL, 0x19903c435e76904L, 0x0cb50c8a8487aaeL,
-      0x12e9c186f249b0fL, 0x0372e953e071815L, 0x17a4140217198b2L,
-      0x034accefc4ac637L, 0x1cbc76faf404a6cL, 0x0c27be751b86a2fL,
-      0x08672375c51109aL, 0x09c1e9698472c22L, 0x1fe0df159642e92L,
-      0x1aabff87dcf8c17L, 0x03fc87a539027d2L, 0x0121c74ea2fa8bdL },
-    { 0x0a453088815af3cL, 0x18d1979e4df6ae2L, 0x17265ed9777f957L,
-      0x0825ca3d6b5de39L, 0x063f249061c61d9L, 0x19f118de86d62a7L,
-      0x18041bc510a7342L, 0x163ee6f8785e3b4L, 0x17150e04b6bbc4fL,
-      0x02da6448df140e5L, 0x118cf35dc07d6c8L, 0x1e8c54a26921e36L,
-      0x1368f1f7f28b33eL, 0x1ea0b5b3eeda3e3L, 0x1e56ecfd2b69446L,
-      0x01ccf3a552f9bfeL, 0x00100a8b7b29620L, 0x009f9c808d7f187L },
-    { 0x1d296ef7bd0c827L, 0x08879a514ffa31eL, 0x01a072694569418L,
-      0x0a4d1794eff0f26L, 0x198045dfde8d804L, 0x0072c265dc18124L,
-      0x18188fe435c41a3L, 0x016550719504c76L, 0x0293bb5e7535c5dL,
-      0x1754ceaab20a888L, 0x046b406ef680173L, 0x017f49b1a031fc6L,
-      0x001cf2b8662497eL, 0x0c625d4599eebbdL, 0x0adef26f01d6dcfL,
-      0x036165308cda8e4L, 0x1b617a7ce24cbdaL, 0x022c6a5b5b40381L },
-    { 0x026a20e4d54d8b2L, 0x0b4b726990506c5L, 0x0163e653dc00169L,
-      0x185eca9350d316bL, 0x1694d00d7a4adc3L, 0x02015e8c09740c9L,
-      0x190411ae6c001ccL, 0x041c21428934366L, 0x1eae95ea5992302L,
-      0x17e174d8da41061L, 0x0d72d61727ae28fL, 0x06332f08e0c9fcbL,
-      0x108f27d49f21ae0L, 0x17b92ab5b47785bL, 0x136c068c967bc60L,
-      0x1f2b8015c08aec4L, 0x191628e3b065668L, 0x02f89fafd5b7ddfL },
-    { 0x06ed9ae3a9b0dc6L, 0x0def4b7c41f643eL, 0x1e23aa2cd9deba8L,
-      0x1934cdc757d4cd7L, 0x08217ffddefa6abL, 0x06f82e626998bdbL,
-      0x19d3bdd0723c8a4L, 0x1943e1fbe2efa22L, 0x1fdf0ece7c35989L,
-      0x176c96fb5ce2416L, 0x04f99956fc729c3L, 0x05204b9d9338e6eL,
-      0x02e803e69c90acbL, 0x0bb89d0d1be4f1dL, 0x1685d35f028f14cL,
-      0x005ec6a1b8acadeL, 0x0a211625a4405f8L, 0x010cb24aed1bdd2L },
-    { 0x0cb2fd313142680L, 0x148ebb2e8a67a00L, 0x1aaf7f899a7aae7L,
-      0x1015c4578b8d419L, 0x0b6ec250beefce5L, 0x1c78ff9e15bcc36L,
-      0x123b212b6c68b5cL, 0x16b2e137850a2ddL, 0x1f36931298e8f7dL,
-      0x0477e35cad8cbfcL, 0x04254a6aaa90131L, 0x197a2882a9613feL,
-      0x03427f34352c3c8L, 0x090c4be099f7bdeL, 0x19522801285e503L,
-      0x1f4c4b54188fad9L, 0x1082971cea73d56L, 0x049d687580223afL },
-    { 0x00b6967988a9963L, 0x03bfbb28af46ebdL, 0x0e18edad43c9879L,
-      0x0ba67245bcc4e9cL, 0x087a5b3d63a9b8dL, 0x0171919e1c69fdbL,
-      0x1333c63dbc2704cL, 0x1ee4a980b87c05fL, 0x1c04ed0b726e662L,
-      0x0ab235c0a1ff03cL, 0x0a51232405b2307L, 0x1897f047af2fdf1L,
-      0x0fbccde451e5674L, 0x020bf56f02c37b9L, 0x1b9623717f22355L,
-      0x1a3f2572a4412aeL, 0x0344408dd425844L, 0x039fc61f87520e0L },
-    { 0x1534fc85df763ddL, 0x013f99d638c1b44L, 0x185dba3c5680ec5L,
-      0x099641111c1b6b7L, 0x057caea61d39094L, 0x0fbdf9bc0264d6cL,
-      0x0a33ea96110a146L, 0x02ac4ddd9e25275L, 0x1749e0d98ea36a0L,
-      0x1ffb6d71990f6e6L, 0x17ba98a2de4733bL, 0x0aa45a2dc6c32c7L,
-      0x1cb15ae206a14e0L, 0x1e5192f251702c7L, 0x0d06a283c9a1d17L,
-      0x0a370f9f3a80e42L, 0x175dfed25d97caaL, 0x00084571cd6df6eL },
-    { 0x0d178f3a9e88f63L, 0x0d88f55863992aaL, 0x0f9b8987629aa81L,
-      0x1d1a172390ee74aL, 0x09bb004d24db7daL, 0x118485ef085839fL,
-      0x07227f22fbf9d53L, 0x0342d5e0b32198dL, 0x0ddc838039d5951L,
-      0x1fb2dcca362ed7eL, 0x192fa07b8296670L, 0x1c6df675362ff77L,
-      0x15445dad0088891L, 0x0a84bf0f864d56bL, 0x01693877ff11aafL,
-      0x0a4671090113759L, 0x1df348bb42fa0c4L, 0x0403e036c7589e0L },
-    { 0x0a969ec98ee0ef6L, 0x0aa41c5dbdbd780L, 0x124a80be3f6eea7L,
-      0x1516e0aaf848909L, 0x00ad1af27bdb201L, 0x064afdf2c9a1f23L,
-      0x074ed4ea6a50a66L, 0x01d2e9b67bdb50cL, 0x1ce1525c9ed399cL,
-      0x0dab440fb9084deL, 0x1df456660846922L, 0x1675de1e4eb411fL,
-      0x17fa2f358b5df76L, 0x01cd831a49f8c07L, 0x160ed4eab13ff3fL,
-      0x133f84d258c4c2eL, 0x061b2fdfa36b553L, 0x00b2126364cb03dL },
-    { 0x1d65c55dd2744a9L, 0x060e17f1d7a0c2eL, 0x1a67bfa2c224951L,
-      0x0b53bed23465905L, 0x1be9967430b7ab2L, 0x1968914c1c22a84L,
-      0x1c9caf3b349632bL, 0x019115c8131798eL, 0x0d43961414b8efaL,
-      0x07fb3dcf6b26896L, 0x195790b9fcd0111L, 0x188a8b61d3d753cL,
-      0x14f03ded283d16fL, 0x16665c2e23a51f0L, 0x14e946e8f26b7feL,
-      0x063627bfcd782e4L, 0x18adddaf4b9fb58L, 0x02aa27301527a23L },
-    { 0x17c5313baa80b4fL, 0x138b7b1dee477c4L, 0x0b6ded0b16a0048L,
-      0x12110661195c4e8L, 0x0d341ab1e9d9e1eL, 0x0a2c381a96461f9L,
-      0x1676058f41403b6L, 0x0530693bae78521L, 0x02053c5e01f6c7dL,
-      0x1883a2365a1019eL, 0x022f4827426bc60L, 0x1cdd64f28d02ed9L,
-      0x1e19b1b540d0f70L, 0x114ca5a1b905aceL, 0x1b14f3e02dfb370L,
-      0x01e8583499b9c5bL, 0x061dd7d3edd1ed6L, 0x02b9accae7120e9L },
-    { 0x04ba3fba0237056L, 0x160b219d599c46eL, 0x0ef49c7b1849a15L,
-      0x07c60637d9803ddL, 0x0118a1f5abdeb03L, 0x100799a777220cbL,
-      0x01dcfb125d0856dL, 0x1fa36e30b9e110dL, 0x17b0c46cd7c1b7dL,
-      0x0a1d96d25262f44L, 0x096612ec7fe5374L, 0x09c9939e68cbb73L,
-      0x00eace64c9ac390L, 0x1b456ccd7c394deL, 0x05503097308a085L,
-      0x0d22f77a7610315L, 0x0f0e468ed5f049aL, 0x0442a436f9f622fL },
-    { 0x0942c934bdff464L, 0x138cf92d3da28b5L, 0x1c2cc96f8c90f6cL,
-      0x1633fc667399600L, 0x041ee8ff2055a31L, 0x17c6f7d6534d741L,
-      0x1cf19d81f742157L, 0x0213c492c1e3436L, 0x1bcb0e8a271d368L,
-      0x0f08d513442f35cL, 0x1742ac617ab864aL, 0x0dc81f03f239316L,
-      0x0f994fc5031a0b9L, 0x188ceb70268745eL, 0x0933830cf605a5fL,
-      0x1f3ae5210650f55L, 0x02dc5dd4d3ec91fL, 0x018e767f46a55cbL },
-    { 0x17bfd9afc8b21e8L, 0x09959d8ca1b6fa1L, 0x0b524870da83977L,
-      0x1b47a1f521fcb20L, 0x1bb523bd8e9de84L, 0x06b4bacb31f356aL,
-      0x0d672600288febbL, 0x1e2201381b369f7L, 0x1839aa7bdc9d20fL,
-      0x0817b36f66b7d1eL, 0x1b53ef1545b2a7dL, 0x0becd8e85588901L,
-      0x05ff3252f865ffaL, 0x1aece59e95be3caL, 0x15bc749cbfbf015L,
-      0x09d8623610c77adL, 0x1b35d8f3cf09a6aL, 0x034b0da356d12a3L },
-    { 0x07b587ecb35e2acL, 0x0aa35abd78a6ce8L, 0x096f6ca281307b5L,
-      0x08e13aa9e1d942fL, 0x1c6f400ea1f91d4L, 0x0670c853738cfecL,
-      0x0ff49392e23b7eeL, 0x0bbf2f03dba48dcL, 0x1d67120e6b655afL,
-      0x13c168ec9a09e53L, 0x18828a5c1fe8876L, 0x1e64a9d08246d2fL,
-      0x1e36051f9f1eb51L, 0x19e72df49712a6cL, 0x0fde53f76bb10adL,
-      0x155b31353465d9aL, 0x0121964e22f0781L, 0x03531d48629baa9L },
-    { 0x0554e003d7acbbbL, 0x0b3455ba7b0843bL, 0x19c8e231466cb00L,
-      0x087d729a9fc9452L, 0x0cd6d2f60166771L, 0x1b87bf84351e6f8L,
-      0x0f9f3e1960085ecL, 0x142cb110182b49aL, 0x1d6ed58165ba3f4L,
-      0x1e63c09ae5238eeL, 0x0fc1d3a11295daaL, 0x0366dd4a05d5013L,
-      0x070e021ed3a53a8L, 0x030bf8b2e105c98L, 0x0d7342e309fe24aL,
-      0x052c34a8ec88d04L, 0x10effc89ffd8255L, 0x028f6a51168a8ecL },
-    { 0x1d6963a449701b4L, 0x0c8d1dd93e5791bL, 0x1856d5ca597faa3L,
-      0x0bb6a17efa7df37L, 0x0e643b9b75a7a05L, 0x15aeaf7eb3a4076L,
-      0x1225fca9834b5b3L, 0x0bed1f86418bdafL, 0x041c53cf628ce68L,
-      0x114b88fb88330afL, 0x1c84e08d403b303L, 0x04c0d853fc90f50L,
-      0x0ae1ef9712af0a9L, 0x0968b4dfc9ef9f9L, 0x0a5e4f0357dbec7L,
-      0x124add6f5fc4ce9L, 0x0e54173d94ae9f4L, 0x016b4a8de15c5aeL },
-    { 0x1007d9f904e222eL, 0x19247c37a7084eeL, 0x1a2e3d0a7bb8ccfL,
-      0x0b9f8eea31a9329L, 0x0b0f42f12957341L, 0x1a1a8cb73ff51d0L,
-      0x1c6831e572df709L, 0x0ab04151ecce23cL, 0x183d95d9c2b874fL,
-      0x05b26bc73870b13L, 0x0d4fd62e4a9d0b5L, 0x116288f6bcdb248L,
-      0x0cbcf931a032204L, 0x13d7913405d6b98L, 0x0ee4fe5d7134226L,
-      0x075dc8c92098370L, 0x1f0a24eba02165bL, 0x032e2473c704662L },
-    { 0x01c73cede222c22L, 0x1ec66fe7511da0dL, 0x0c52c850ec195a0L,
-      0x1eb3f9d8ee06039L, 0x11204cef284adf8L, 0x19a883fd8e2c0e1L,
-      0x02303d534fbba51L, 0x025b7ecfe169a63L, 0x176a3f2d110f18dL,
-      0x004fd1403e9f009L, 0x1c2918979fb380eL, 0x0fdb6512ba5de0dL,
-      0x0908b0553ad8286L, 0x17922a22f0837a4L, 0x1668f2f88a03e9bL,
-      0x1745a805aaf0b51L, 0x06ff63dd9ffd438L, 0x01b5ae6963d3591L },
-    { 0x1ff4e20545679a7L, 0x005a0a29063a843L, 0x1fea6d167361936L,
-      0x1390b5e3472146aL, 0x0d935a5ea19eaf3L, 0x0d33c506a3aebccL,
-      0x1a041d140660de0L, 0x088e9072ef21985L, 0x1c6a21d112f4122L,
-      0x08742fc9b528d1bL, 0x00547baa9d37e23L, 0x054f279f3389feaL,
-      0x11376a9ab614e18L, 0x0911c4ffa2ac9efL, 0x1117a2863dcf2bdL,
-      0x03b91a4f992c1eeL, 0x1d80692f4c539a5L, 0x0046be0a26d9cdfL },
-    { 0x09c0d963ecca773L, 0x148c96a4610ab40L, 0x15d36daf59061faL,
-      0x0854cf19bfe1d99L, 0x11587b7e7731237L, 0x1852633d4b36c5eL,
-      0x05ef7cf06840584L, 0x148f98dd070bf9cL, 0x195e95bb8a8de7aL,
-      0x1f0f45ac4c18471L, 0x1c90fb8d1da528fL, 0x18857619a57e032L,
-      0x040f9b2b49f3fe9L, 0x039b3e8fdac8293L, 0x1b851ed30e17a2fL,
-      0x095b23a60a15d6bL, 0x0028e2c38790400L, 0x02f9554775d5b81L },
-    { 0x008d4641266524bL, 0x19c406850cfb371L, 0x017b6841bafedefL,
-      0x07cc85ba8d4b54dL, 0x0682e4d60a69e8dL, 0x05a9a6779a4e30eL,
-      0x19ee09bdbb8ec3fL, 0x1ecfb57424e0bd6L, 0x12babb27e18be05L,
-      0x0cd7e5d4716c2e8L, 0x1cb46b8b674e1a5L, 0x05cc3d4de0dddb9L,
-      0x14866e5ae859dc5L, 0x015e69e3e1413c5L, 0x12fa0bf67fc0d00L,
-      0x1e449d10958ecf0L, 0x149a316498083c9L, 0x031280d4c5a37fcL },
-    { 0x03f7d9aad264086L, 0x119edd2f0725eabL, 0x000a3234f59f29aL,
-      0x108dcc9633d04a6L, 0x00aa4536a288dacL, 0x0a9f567d1e48cb9L,
-      0x0af4e04c326c3b5L, 0x0eec4500dc05d51L, 0x052fbf54dceccfeL,
-      0x0cd4718a7868db8L, 0x1484cf566c5d06fL, 0x003934dfd514a33L,
-      0x00b5c4eb10fd741L, 0x08fced2f68d67bdL, 0x17a9619e1266dceL,
-      0x0a6355754989381L, 0x065cc9c5f73a1f3L, 0x024bd8aff7e9fe3L },
-    { 0x056cbaaf45568e9L, 0x0d07f638c9537c5L, 0x174e6ac94e6bd24L,
-      0x109586fb53b7607L, 0x02a0f5b4c86522fL, 0x0e29cfc6466dd10L,
-      0x1c0ba0427f1d68aL, 0x17f39a0da639521L, 0x18f31f0443e216dL,
-      0x0d534565d1f5ec8L, 0x0343490b001fd26L, 0x1f7f0d536f9c550L,
-      0x04d6308edcdd8dfL, 0x03400965202e9f4L, 0x1a841c76be8cff8L,
-      0x06fcd85dd7a27dbL, 0x0b7b7ae7e5c2ff6L, 0x00c6a35364f28a6L },
-    { 0x08cbb22a78b7802L, 0x0eed924be5d7a43L, 0x1cf90aba2b741d1L,
-      0x15699d69c989d65L, 0x0325fd40ac0abcdL, 0x1639a29706c192dL,
-      0x1c6e5b3f815c44eL, 0x056e80f4f116282L, 0x070eb06036da7a5L,
-      0x1859b7cec28bb56L, 0x0274a5f0a553ceaL, 0x1391b9ae0b5a282L,
-      0x0d7bb5e751370deL, 0x103738461f86daeL, 0x04c143517e4f506L,
-      0x1fdf221aa9f14fdL, 0x04069e6f8e45a38L, 0x02a822300e9fb17L },
-    { 0x1c5c91006cb9cc9L, 0x03a6ba0e8000a68L, 0x18f8448dbee1508L,
-      0x1c535abf04f9b0cL, 0x0951fc8339721ffL, 0x068a278e90fdfd1L,
-      0x0b9ac73781b9d00L, 0x0cd2084b2d722f2L, 0x03365c8e529ad51L,
-      0x1110742cd777f4cL, 0x14c625c30abb8f8L, 0x07b73fe20179796L,
-      0x16f532973f477caL, 0x0d15e80d9383a0bL, 0x15e7e4e848462b2L,
-      0x1afb7e684a4127bL, 0x04f563a8ff7c6f5L, 0x006d189fe6bd876L },
-    { 0x1125a8c15aa2557L, 0x0eb8600449f4e1bL, 0x06519ee2a08f288L,
-      0x08f960085490e27L, 0x09e2ce180d3e9a7L, 0x0d75611695fa7feL,
-      0x01983554c683412L, 0x0009a534c2de07aL, 0x0473d50d61f1b7fL,
-      0x178765de51ef286L, 0x166fa8270a3c9ceL, 0x1d41f0e08cc9c52L,
-      0x01731083ef6d7c2L, 0x0a0e12aa56fd727L, 0x058b40d4250309aL,
-      0x0521c882ce82142L, 0x0cc620230d81e82L, 0x031b185f46da0a5L },
-    { 0x18d52228a7d2e41L, 0x1ac11f5b17c3cdfL, 0x0f75b100b625279L,
-      0x0dbc58b35a369a6L, 0x09b9dc38883e04dL, 0x1b86265f9f9c7a2L,
-      0x081167665f462d2L, 0x0da3ed36418279dL, 0x1ca3d702558e260L,
-      0x0a7ecbb930e8dbcL, 0x1abea16850dbe8fL, 0x1d317688780ead5L,
-      0x0ce558f6be369b3L, 0x1c5647c4fe728c3L, 0x196a9cbac3351e3L,
-      0x09d60d00e9e6fabL, 0x0ed295845c06854L, 0x018354c38f8b344L },
-    { 0x0451e9d634ec136L, 0x193e50737b2c7deL, 0x054b036d04807b7L,
-      0x018b7fdccf537c0L, 0x1a2d602387b6ef2L, 0x17dc4c9a94191c4L,
-      0x10b79839593631eL, 0x05695e457801593L, 0x128e6f63182a9d2L,
-      0x03ae380fa99380dL, 0x1063e2081d7e470L, 0x051a37d54a23edaL,
-      0x176e72a13df9fa6L, 0x1bfa600e2a8f3d0L, 0x12756224c18856dL,
-      0x0f9a8e3574e6327L, 0x0376443ebe058e5L, 0x01419d620f4081fL },
-    { 0x0564b868da5ec5cL, 0x0ced40e046d923fL, 0x1c2e315e9ca2b0fL,
-      0x0f3a687b853af83L, 0x1dc603393512afeL, 0x1d0ca0da1c7267fL,
-      0x01125f5689c0373L, 0x1cdabe647f04e64L, 0x11b87a58e1393c6L,
-      0x05b45e8825d5218L, 0x1071691c8ad35fbL, 0x152e40d6bf55813L,
-      0x169976327ef42faL, 0x043bc3ecf0ee5e6L, 0x1700645956ea790L,
-      0x06a717ab38eafbcL, 0x103673020ed0bcfL, 0x009066a2a524eb1L },
-    { 0x1fdb8f4cab0f9eeL, 0x01f7816672c7775L, 0x01056a341996f00L,
-      0x0d372aeee936d4dL, 0x0721ab5c642ed3aL, 0x1278699ef243f82L,
-      0x17737bcbfce0086L, 0x1e57a2deab053b7L, 0x12ef05b4b0e93dfL,
-      0x10fd50905e4d760L, 0x0b8b0b519fea4b7L, 0x1ec8bd667c68cdbL,
-      0x168f0103cb758daL, 0x0df01218533d6cfL, 0x10152f0547da4eaL,
-      0x066ddaad3092dd6L, 0x03e8ef1677e7019L, 0x0010e7e8b3fef75L },
-    { 0x073715fdf5c36f3L, 0x1ef1beb25692a2eL, 0x1443cb3ddc4dc0eL,
-      0x0e1e732790aa6d1L, 0x104ae4ca1e5ec7bL, 0x1dd8c5fed8b3bb1L,
-      0x0f568363dc5f8f4L, 0x16aa4ce0e7ecc68L, 0x1faeb52ef156008L,
-      0x0bd6afc91252387L, 0x1b8e47b4aad46aeL, 0x1caf32e860595f0L,
-      0x17fd0ae28adc0c7L, 0x1fc76ace6447d40L, 0x04a2eda01f08b7eL,
-      0x12b46bbdb8463d6L, 0x18e71edcd9ca205L, 0x003932da3639e7bL },
-    { 0x1dd99f0bd66232fL, 0x157c4e2013b8b39L, 0x17e96e183f13166L,
-      0x14f5287e775f04dL, 0x123c428d239ea8aL, 0x19dcad07070d8d2L,
-      0x1d4ed57a838e9a5L, 0x03fd47339544aaeL, 0x0f8adf72f06957bL,
-      0x1c4f9a09de9a181L, 0x1c9f43e290ea5c0L, 0x18115b5ef2de667L,
-      0x1b49c12aa2cd9c0L, 0x1d056374b6e6524L, 0x110203b76237bb9L,
-      0x1e97b1e8eaeba0cL, 0x16c6e9d667d0cc2L, 0x01b62baa598e8a4L },
-    { 0x120046ef323d84bL, 0x088913f3c4e27c8L, 0x1d3a486e01569a6L,
-      0x1500f32e9c961d5L, 0x140f8c796339844L, 0x16f7a4e482a3353L,
-      0x192e8706343df35L, 0x18aa52fb4d69647L, 0x11c09dff3c41800L,
-      0x02483ad9bf7b3bbL, 0x10e9014144f7b5bL, 0x05d2d6162e0b529L,
-      0x14c48af5ae3d674L, 0x04ac116f603c224L, 0x193653d030054cbL,
-      0x0bd6b45bb5bcb82L, 0x04efc8a8ac9a297L, 0x0037dfc308ca34aL },
-    { 0x165338e3f45aa97L, 0x1ac640e8207f596L, 0x166c3f7be2e760eL,
-      0x15c9ae82f80bfdeL, 0x130a1a237beb071L, 0x12de81cc15b0fadL,
-      0x1afcd317ca8abedL, 0x14bc815793ab97eL, 0x0422c326df06612L,
-      0x090f34ecab8d714L, 0x02c42c8f4d0d3b2L, 0x12af3b40f266f91L,
-      0x013619cf4d96d2eL, 0x0caf77d0c19ea35L, 0x0fa3c3b6746594fL,
-      0x0b56254fb082340L, 0x1ea5e64295304bbL, 0x02f4e507e8f87d4L },
-    { 0x1d54571197c5dc4L, 0x1205ff3c54ad12dL, 0x1bf3ff6c3acb8b6L,
-      0x181a2e8cf8cbf73L, 0x0758c6a3e952dc2L, 0x01a54d60fe4e3deL,
-      0x12d5bf1e558b350L, 0x1164dc6df7cc3ecL, 0x06adc4b9e1e8472L,
-      0x18b2fe9d47cd645L, 0x04e9140f8f804dfL, 0x0a26cac8f1c6f79L,
-      0x17064ddc77eacc5L, 0x1b49b48a699c8b8L, 0x0909299d6cc6371L,
-      0x0be68d363e38e6cL, 0x0f88cc2045b4995L, 0x04a031159e341b5L },
-    { 0x110ccb70d997973L, 0x0b12ee9fc788aa3L, 0x13556e5eaf54ecaL,
-      0x14ce7c294b19e18L, 0x1d262246c6321e0L, 0x041d8882a0d7ce9L,
-      0x14a9379b61d51bfL, 0x16c8fd2fb51e02cL, 0x00f82b3a6ad9802L,
-      0x0d5203ad74e2259L, 0x1d778b3b4afdddaL, 0x151492f481b55e7L,
-      0x083c23ba9c1ef1eL, 0x18c851641707c30L, 0x178cda362a66293L,
-      0x17ae3c56939199fL, 0x1b6b9f49824bde6L, 0x0405d8b323c2df6L },
-    { 0x1e575fefd145cb5L, 0x172b0d62f344182L, 0x033e1e4ec9cc557L,
-      0x1c267646708c3ceL, 0x02a7ba079f1553dL, 0x18437d17dcf061dL,
-      0x12e4f0eff5aa0f9L, 0x17b6d750a011769L, 0x10b66d78976f82dL,
-      0x0ad37fb2a75a4ffL, 0x1748dc7c82cc89fL, 0x1384a9c539b99acL,
-      0x03cb118ff979ea4L, 0x062c0005b24bacbL, 0x031de725a566377L,
-      0x0b46b2a20f23022L, 0x150edfc154863b8L, 0x003bdd2f5209091L },
-    { 0x13a38d3cdd86f61L, 0x10a228281505585L, 0x171601b409c90c4L,
-      0x111465e21e3225dL, 0x0e80c76001dc1f9L, 0x127459dd8e98e88L,
-      0x127bb51bb1f97d1L, 0x0efaad35e6d357eL, 0x09d286ea72cdadeL,
-      0x1f38106a2d6ac90L, 0x148db98a66b9fcaL, 0x137ba7eab80f57cL,
-      0x1a52350e80c9317L, 0x17f83ac3409c4caL, 0x1ce594c24049972L,
-      0x0fa42b6790365e8L, 0x0e2baf7581d9bc7L, 0x03590036fa2c8d1L },
-    { 0x0fe50a8965b1bc1L, 0x1a9b54b15da7ed9L, 0x14cc0039fe664c7L,
-      0x0aa7aa24bdaae31L, 0x12125caf84728f2L, 0x1fb3cf27c530c26L,
-      0x1016953c69c04d5L, 0x0eae153e8182a63L, 0x110d0cb976fa8b7L,
-      0x03b7a0f4ee09674L, 0x15e9d49d57e252dL, 0x1c20c4ae8348b91L,
-      0x18c917b16cd6c12L, 0x1c6b5850131537dL, 0x10e3a0c93445b98L,
-      0x115f9092a818065L, 0x150855b911c6686L, 0x02990bf535e935aL },
-    { 0x0840473259f52b4L, 0x0d4e5f3108a367eL, 0x017b2b2f49ba5a3L,
-      0x1bc94a86892c9d7L, 0x181a4ff7ab7daa2L, 0x040af7b6e1dc241L,
-      0x0c78681ea5acd07L, 0x15189f5d3d187a9L, 0x10f938d1e42ce9eL,
-      0x193ed661ae60297L, 0x180727a681bc1e9L, 0x1b9694dacb43903L,
-      0x136044a9a6a9e08L, 0x195e94adfc7168bL, 0x1e06c4a6624f743L,
-      0x01585411a66f3f2L, 0x0ef64bd60016183L, 0x001c3498f6cd6dfL },
-    { 0x0d7abb3d09885a5L, 0x095b3f1aadd83e8L, 0x033d4dbaebb7b67L,
-      0x10d339c9ac77847L, 0x111594cd61ca2e7L, 0x18b5691aa7fa238L,
-      0x1d711572f9c240cL, 0x080830cf3fa93ffL, 0x075bacd750f9c6cL,
-      0x1bf6e4414b9390dL, 0x05a21f97bd40bd9L, 0x06cf7e641c1d04bL,
-      0x0f8bbdccb2459e9L, 0x1bb3431ec0e71b7L, 0x031b6e06e825ff2L,
-      0x0e9179a7443adabL, 0x0200e4967cdb4a8L, 0x016557ba48a820eL },
-    { 0x0f980066ed20424L, 0x0751191238aa2a2L, 0x0695e06a321acf9L,
-      0x0af5cb6e164d1daL, 0x156d398248d0ab7L, 0x198fd2365459901L,
-      0x173ca73a39a04b7L, 0x1bd7213a465b24bL, 0x1302c8f78f56723L,
-      0x0b92eb4d5d64b7cL, 0x091f295f4685c04L, 0x0a23831457cecadL,
-      0x11ad50d9d96bb5dL, 0x18582a8c5ab722fL, 0x163fe44dba21b89L,
-      0x06c3d8f8e3e7a13L, 0x1d865a1bbe29350L, 0x0436bfa9922ff1dL },
-    { 0x1f16eb6b0bf719aL, 0x1a84c45e1ec89ccL, 0x19489b3406d2da5L,
-      0x0921131a39f5ca1L, 0x087ec666d3e3ac5L, 0x1522dc26d1dcedcL,
-      0x0c16160c01913efL, 0x0266d3e77b306abL, 0x10fb239a8579bccL,
-      0x1ada29cb715ec08L, 0x1ceebc90663f493L, 0x0db7106faa3a00fL,
-      0x02eae75b1668a67L, 0x1edb041e3477753L, 0x00db1697ff97e50L,
-      0x1ff0aa5929a1efbL, 0x0dd5a4c3c6fcbc1L, 0x034152af1c3605aL },
-    { 0x0f235a4587495aaL, 0x101361a63922ee4L, 0x1316dd691b8c89dL,
-      0x0bd987cbcfad5c1L, 0x14296629890d396L, 0x03b9138d899a178L,
-      0x09a2f22649f9a2aL, 0x0342a87e4fc4649L, 0x06c44768449cdc2L,
-      0x1e3fea78a296856L, 0x0c28c7fd2c11726L, 0x0d410a5eec22598L,
-      0x12c6fdd7a6415d4L, 0x1da63e48d6b9b82L, 0x0235c3373b30eadL,
-      0x0720ba59be036edL, 0x1cd054f2542e40dL, 0x001113fd37f7f26L },
-    { 0x005efd9b751948bL, 0x176a37efe912e8cL, 0x18253cb22c8a3bfL,
-      0x1f2def8bcb96251L, 0x14cbeca09d1090bL, 0x04658204ace8225L,
-      0x13f38872557e638L, 0x135783e4f3ad1f4L, 0x0b021e14e0710aeL,
-      0x068b74fc408b3faL, 0x1708baef27c6959L, 0x0dbfc6841dd5eb4L,
-      0x15d5c4e8435f371L, 0x147fdd40cb8f5c8L, 0x14dd5e193f157f0L,
-      0x18fa0684fca9afbL, 0x178446e6a6215ebL, 0x02a3f124d14934bL },
-    { 0x106868aa1ffda27L, 0x166e63caae7a823L, 0x0784298fcf62d39L,
-      0x153bcbce15eca2aL, 0x193428235b4127eL, 0x17bea89e9604dd7L,
-      0x100946326760ea8L, 0x19d418b763bbbddL, 0x07ffddf8403dcf1L,
-      0x0bf2694b0b7ef6dL, 0x1595a5e4ca87c39L, 0x01d06323a9c7a48L,
-      0x01c220218b7475eL, 0x05e592829a3cdf5L, 0x184cb9bf3ad7242L,
-      0x183d638d0b9d478L, 0x0eac42dc745bfe6L, 0x022d20e60695847L },
-    { 0x0a9b2c74dbbf0e1L, 0x1cb17d0be7b871fL, 0x1d617bad319907fL,
-      0x05537d62fdb83d4L, 0x0285741a4f5412dL, 0x07e88f964f27a95L,
-      0x0613a4f7df69261L, 0x0eb655f7bb81be6L, 0x096323d252421e3L,
-      0x03df0f224efbc0fL, 0x1807b4f5626fab2L, 0x137a51ffedba28aL,
-      0x148a0f298c0f0bdL, 0x0c4734a216992ceL, 0x0b0abd8d8b5e9dfL,
-      0x1b40550980d6d6dL, 0x0c8ba850ac9d087L, 0x00943b1e4a17720L },
-    { 0x1a80f07acbac178L, 0x100221a5847b714L, 0x1451c3fb7b49f30L,
-      0x070cc2aecfd2c63L, 0x0b088548b2115daL, 0x174701be3afae26L,
-      0x05d496ca7484e68L, 0x179fd3fb4cd1710L, 0x13f1d8d88c1de7eL,
-      0x03b2b2f0190c091L, 0x195586c72657cedL, 0x1631627d6e360e6L,
-      0x1399b3a0eb2160cL, 0x1907e6ba3f46d28L, 0x049b5c97a3287e6L,
-      0x0c6fed4fc00cf68L, 0x0d21e8204b768bbL, 0x03af4b5e67e27baL },
-    { 0x09d1fdc0d19716eL, 0x0282c3e1c22928cL, 0x1b47aa61f4ab7d6L,
-      0x06d80e2a1ec9508L, 0x0d6fd5b712b6bf8L, 0x09faafc8ec2ea32L,
-      0x044a6a5e220d93dL, 0x090c01077b102a1L, 0x1a7672683ea876fL,
-      0x005973d60ad9244L, 0x1be3490b47664baL, 0x00539e7bc92530bL,
-      0x1cb14876279c57bL, 0x0572db43ff017c1L, 0x1ae065abae93f92L,
-      0x0a47b150de136baL, 0x149d88f566ba16eL, 0x0184d374d5d1344L },
-    { 0x127ee50bdfbe97aL, 0x1f387dc628626f7L, 0x0c05ff827d70697L,
-      0x0b7da6d98b98f7dL, 0x1550ed3a8fa15a8L, 0x084340e061d66dbL,
-      0x1732f1607be1faeL, 0x1d142b666c5893aL, 0x00fbb17141fa264L,
-      0x13fc6c7c70f7744L, 0x133f58870ad8f49L, 0x1cfaa77cfdfba63L,
-      0x1fdb2a358a924dbL, 0x1aeb4560ea1743bL, 0x13fa9573e59cf1dL,
-      0x16405c6b2f1fae2L, 0x189eeb366535769L, 0x0022c12c56bac9bL },
-    { 0x1f71a74a042dbdfL, 0x02c2babbcefd12eL, 0x0e9c34b9995cb50L,
-      0x0b945d125c1ccd9L, 0x0f0e6b5f285d674L, 0x03b3e1fab546f78L,
-      0x1ae7383ba14768cL, 0x0853180acb08668L, 0x0b35fce26d6b3c7L,
-      0x044adff9cbbbf00L, 0x03da9b9edb621b0L, 0x10869e052097079L,
-      0x1b2e84ec34bee14L, 0x0b6884c8bfba48aL, 0x07eb302eabd98f2L,
-      0x1805200970eafc8L, 0x158a2b880e56f86L, 0x029fa51f04adbb9L },
-    { 0x1bb08ce89fc48e7L, 0x062bbd7d5ad7588L, 0x0fe283072d6ae98L,
-      0x14f2eaf96de0d79L, 0x163191607d2efaeL, 0x1bdbd4f136c858bL,
-      0x1cafd0aa86ad8adL, 0x1e071dd819a50bbL, 0x1d35947f5f3a8f7L,
-      0x1e46e077e0e5adaL, 0x0332831161173e5L, 0x1312493c4de5fd7L,
-      0x0d483ed89a16e8dL, 0x08ec8839be13273L, 0x17a67c04e8fc515L,
-      0x1aac70a02ac5c60L, 0x036aaf98d746908L, 0x0054cf329eb91e9L },
-    { 0x1536f46abbc0559L, 0x1833dcd50d0b011L, 0x08a4305a06d7058L,
-      0x0226f1d20e453faL, 0x0b793a2d61254beL, 0x12a96de307fabd5L,
-      0x028da9bcb7e2d19L, 0x13535a63127182eL, 0x1c5cd9abe29b74dL,
-      0x1ba3939fbc24291L, 0x1aa4e83438c18f3L, 0x03c68491c7b1824L,
-      0x0e8323ddfafe202L, 0x19931cf3ecb9a1fL, 0x0c955227dda1dd4L,
-      0x1efd52ca1f862eaL, 0x1c0b595dbd13eebL, 0x01d4ae5a28087e5L },
-    { 0x14e68cb39d7ff2eL, 0x0e5a5e0eae247caL, 0x11ddc5a50e2a374L,
-      0x012395b19c05525L, 0x12cd08d27965c0bL, 0x0815ed062bcc559L,
-      0x14860696f0f0e9aL, 0x1b6a8ba124aa30dL, 0x0f0077cdbd27e64L,
-      0x0abe5524668496dL, 0x1e8e80914caacc0L, 0x073683995746545L,
-      0x014744aee6a5fb6L, 0x06dd49ed00b816eL, 0x05e13c5216ed0dbL,
-      0x0e58726b2fecc65L, 0x0455d713c1ddad6L, 0x01b3691170185b9L },
-    { 0x10b4875573ea5b2L, 0x1200dd486d226eaL, 0x0995e8680c403f3L,
-      0x0b9e2288c0f6a7fL, 0x0538bf49722a80aL, 0x15669085c75f82dL,
-      0x141f6b850451f4cL, 0x00ecd24e258f6b5L, 0x06dc5fee73f48caL,
-      0x0768a4c95c53c6cL, 0x0cc51774bc5d666L, 0x1bc2bf2e371c9d1L,
-      0x1dadf1b36843408L, 0x12c995bf02af536L, 0x0224ff52eddb9cfL,
-      0x17fb48850e2a7a6L, 0x125173dccd20661L, 0x048395d4cbcef7eL },
-    { 0x14de4dd9620ea39L, 0x0b24fe418e77423L, 0x0ec734ea710fefcL,
-      0x1e7e7be3aa161d1L, 0x0f0ec9b36a38286L, 0x0e04f1a7683959cL,
-      0x0890a9b93261dcaL, 0x175d47d158d15a2L, 0x06ae0e22bfbdfa5L,
-      0x10b8f67d8507ac9L, 0x0a21b5ae1c7e355L, 0x1d526bc237b4676L,
-      0x007f0f153f6b19bL, 0x1eb6017726c0ad2L, 0x0a23d19f982365dL,
-      0x02ca8fd1e47b36dL, 0x02926ac9652439dL, 0x046c9635e9aaa36L },
-    { 0x1e0d7ceabeb0ff7L, 0x1a92a1f07217c59L, 0x089b7a021267ef8L,
-      0x1e39a89786afa36L, 0x035cfee19ece2e1L, 0x1fac0e0922d6de2L,
-      0x0e51e1d3ba103e4L, 0x01522d4ef397b41L, 0x0abcc815afa57aeL,
-      0x1d6f616f85310d8L, 0x0940ae07e42f725L, 0x1bc2a77bcc7b7cdL,
-      0x1f78884c2554bf9L, 0x05ddaa385447ed5L, 0x014fbd4c2a94ac7L,
-      0x04fd5f00a72d852L, 0x1c08d43d8988dd8L, 0x02725f60bae0d72L },
-    { 0x18483a2fcc09676L, 0x0251f8cf54d4a5fL, 0x1bcf5c0a977515fL,
-      0x05087fcfb14d0a5L, 0x16e35158e7915fdL, 0x0ba3783225dd4c0L,
-      0x1c2d6346e57427bL, 0x0bc8ee08b037215L, 0x10bd4bc6bd4fd13L,
-      0x16e7033da7419d2L, 0x1a3cc3fd5aa6869L, 0x1001d858c7fc581L,
-      0x0598f508a8a9c80L, 0x1949409d224e105L, 0x1fa06880ae532ccL,
-      0x0eceec8fc7a51d8L, 0x12472e67d1ab487L, 0x03d2551fab7cef6L },
-    { 0x19ef1bae27a0045L, 0x096a7d92165a82aL, 0x0390e73e3493720L,
-      0x0b367f38a84748fL, 0x0ffa1fcf97544fcL, 0x11641dad6340995L,
-      0x12eddd3e3fb80d2L, 0x14d2d98c81f9a7eL, 0x0775dce9db0512eL,
-      0x1ee50cee6e71c0fL, 0x1acfcea74ff9559L, 0x1e8434324e9f83dL,
-      0x1428d69b1238e0bL, 0x0fe84efc0acc97dL, 0x06ad77d23f3af7aL,
-      0x0d38bb93bf49f68L, 0x1e10cbd7dc8c0a2L, 0x03014153dfbf856L },
-    { 0x007e538dceea2e7L, 0x191641e21030ebeL, 0x03e53c7d9458e28L,
-      0x178eeed420ced05L, 0x15e6b405f21b69fL, 0x13db21631d1a0bdL,
-      0x051013267c96246L, 0x19a70d25950595aL, 0x0f1e82ffe00869bL,
-      0x185b8a70b7f2335L, 0x1d0be4640644e30L, 0x0da01f4a2d5cbf6L,
-      0x0cd8c73a43e9016L, 0x1de2e1b92aa87bdL, 0x130e7b4b5a901f7L,
-      0x17ce1c8f4ea72d1L, 0x1423fd286d94a5fL, 0x02fa574e391e35cL },
-    { 0x16a2dda53f4d561L, 0x0a2e80b6d0cc96cL, 0x07eff752c144a1bL,
-      0x1b3e432bd489340L, 0x037661b325488a0L, 0x12f701620a8d855L,
-      0x0205ee6311c7be7L, 0x015497950dd50cbL, 0x1bbcadb877a68fcL,
-      0x059a324b5b9b354L, 0x1a6350559870b62L, 0x098d9202841865dL,
-      0x152f2752aff5b3bL, 0x088726ce511a939L, 0x092aa00bd9339cdL,
-      0x14a072734fe4d59L, 0x1d29cd3e291401aL, 0x049500a11ee2357L },
-    { 0x1f24be11c2f7dbdL, 0x04807dbea93fd74L, 0x16ee1923c4a36a3L,
-      0x04902832832c7c4L, 0x1a6756fb9ab713eL, 0x06c85ef43fbe80bL,
-      0x1aaf49d37617816L, 0x12b047fdcf504acL, 0x09f6230d7742401L,
-      0x02bcf96565af237L, 0x09898c5a9321f81L, 0x1487b33610ae544L,
-      0x03e488789e9ca19L, 0x0a0361dec36e15dL, 0x18255fbe582d6e6L,
-      0x0a2b6de58851712L, 0x19b90748706161cL, 0x007e47f0f554465L },
-    { 0x0ae1bedfeb90f2dL, 0x1dd9e52458aacb4L, 0x1e73d93a58d7ce4L,
-      0x01f17ceb8457cc5L, 0x1e6f7529354c241L, 0x165598debf5381aL,
-      0x1cfff09921a3858L, 0x0fd62723ce190c1L, 0x1df367c751d8983L,
-      0x0a85b5a15f994a0L, 0x03d1b9e304c63f8L, 0x1b57458962c12bdL,
-      0x0e701afbf32b3f1L, 0x0f443a62e3667aeL, 0x11b72f8eb49d4c1L,
-      0x125ba7250bca2bbL, 0x09f3c954d86d998L, 0x01685d4316fe9bcL },
-    { 0x0cd8ee8b472e1afL, 0x0a7575bb55de675L, 0x0fe34364fef7acdL,
-      0x0ffcdf8e0d36a41L, 0x04ee2f39fccd60dL, 0x00f28f549a9eef5L,
-      0x19ddd7ac2497a6aL, 0x0d3dc669b43a26cL, 0x0c1d28c9fd5354dL,
-      0x0bb8baac952f6aaL, 0x18d9fedfdc3606eL, 0x1d9552675cf4ba7L,
-      0x19e23cfbb77be7eL, 0x04a4bb40932678fL, 0x0d88d6c344a7d2aL,
-      0x0edb4e0a6eb4813L, 0x1fcccf64c7548a3L, 0x04b1e438926a0edL },
-    { 0x0e290cbde36a814L, 0x180cab99d895addL, 0x019fddff83866f6L,
-      0x1a52e419d41d75bL, 0x1029ec720a7d19fL, 0x08c88f21a6bb28cL,
-      0x1fd8215abfc5eedL, 0x00da144bb35b014L, 0x0ffca86aff848c1L,
-      0x1f45efca1d6ba4eL, 0x180a138f9a5aed4L, 0x0615dddc842bf73L,
-      0x1e2ecf3c633eb66L, 0x070060604ec7ddcL, 0x15efab1c7693fe9L,
-      0x18fdf652d7cb2baL, 0x1bd1751fbada8ceL, 0x01681f59e7faaebL },
-    { 0x116925f04f2ec1dL, 0x0793b068a3f7175L, 0x1812ab676782a1eL,
-      0x167ee206b6885beL, 0x0cb95d5b891df44L, 0x147691e1413959cL,
-      0x1cf8dbc53bed57bL, 0x0bde7888c1e2761L, 0x0889f9bd76bd733L,
-      0x04f73b8fbaadd37L, 0x0613fbb4866db22L, 0x0e6fd85dc822c4dL,
-      0x0263efcd372d44cL, 0x131bc135dca1c2dL, 0x19ade9f6424c86dL,
-      0x0c36f849f14f27dL, 0x0d9a3ca8d24a7cfL, 0x042172060e2a5d6L },
-    { 0x0268ed6a661d843L, 0x1466527ad9866adL, 0x1b444c4785dc08cL,
-      0x098cd2b2ce2dcdfL, 0x17b2e280690decbL, 0x1f21685ed62dfb2L,
-      0x128be09fe0b287bL, 0x00d8aa9d81594bfL, 0x1ac5276c1dde455L,
-      0x1fa65847183ba89L, 0x1db66b321e5f32dL, 0x10281b2665a5195L,
-      0x17285a409fd5964L, 0x1111e849e635714L, 0x0a3f025ddcf0a95L,
-      0x1fcd85aa4cd58a2L, 0x128a596b7cbbc31L, 0x0073198cd656489L },
-    { 0x1cd2fadf0360ac2L, 0x1306f142f302d5aL, 0x1c43896e6c521adL,
-      0x1b55358aa9058d9L, 0x126c070e9d5fa38L, 0x0662969efe78dc2L,
-      0x11fd40de6a5acffL, 0x143c6cb385217f9L, 0x15b1a3db569d3e6L,
-      0x00a945acdbda16aL, 0x17be92708a801adL, 0x00313699c76d269L,
-      0x04b3abaf3290f38L, 0x1fc1c4f15839de0L, 0x0968d6c9e96888bL,
-      0x14f8416f53aa3ffL, 0x05a4939ecef28e1L, 0x04441ced10c3938L },
-    { 0x0b66c30701ce29aL, 0x178932c4c0ea82bL, 0x1030417e7c84eb2L,
-      0x0c6e7c7a27a9b5fL, 0x1a2ee3cafee571eL, 0x101c2d73934e437L,
-      0x1a6b3d732992b74L, 0x1de42fe4eae6001L, 0x0c934db470e7273L,
-      0x14a7a7b9aadb3bbL, 0x08dae5bf0146010L, 0x03b760a432163f5L,
-      0x10e9eaef528f88bL, 0x0db40dc81abc8dcL, 0x0570da7cdfecbafL,
-      0x0439273a14a3a88L, 0x026fc59cca71d2eL, 0x03209467f50fa86L },
-    { 0x03678a2e8f5b0b5L, 0x1124e69a0782cf8L, 0x11064f29f3b171fL,
-      0x0d79075f3082880L, 0x1aa8bbb0075ca34L, 0x01187bf9cf8019fL,
-      0x1cd14f463c3b7ceL, 0x0eaf1bfe019a891L, 0x1849228c0d51aa4L,
-      0x0a7138418649468L, 0x0e9a1a3c4b3f4f7L, 0x13b71167440d8cdL,
-      0x19016dae0109104L, 0x1129f1beec32e82L, 0x1a61c6d1667a417L,
-      0x0265c6459e184f9L, 0x1da014f54da174aL, 0x049b1a504ded5e5L },
-    { 0x0826b27a9a2e304L, 0x10c3360d2609231L, 0x00c888e05c4315fL,
-      0x0b5308f9fd22757L, 0x0b5f46fd7e9b6b8L, 0x1c733694b2ae789L,
-      0x17aadca555cae00L, 0x103c9974c02df52L, 0x0bbc11071b9dedaL,
-      0x1f8004d1f8e7b0fL, 0x09ddecdcf833ee5L, 0x0139a273ac76a6eL,
-      0x1a4f87d78e302f9L, 0x1a0243b18f6b396L, 0x1308ac8d881de8eL,
-      0x1ddcf8811865b3bL, 0x17e4b4c5bf226deL, 0x013365a33de031aL },
-    { 0x1aa4154b56363e8L, 0x1e83c1e0d526db7L, 0x1778ae79965d2d3L,
-      0x1df4009708286b1L, 0x119911a65b34ae3L, 0x1b5fbc67a259767L,
-      0x17255572aa0ce94L, 0x03ac0dc3d7310e1L, 0x0e3c3287d09f351L,
-      0x0597a75ceae79b2L, 0x13a2498eae3279aL, 0x051d86d56c2382aL,
-      0x0ba1b7d12015488L, 0x098adc6b84995feL, 0x11ceb05fb9ed6f1L,
-      0x055e6f05fa1a3eeL, 0x0e1bcb029a83c8fL, 0x0258ead0da922a7L },
-    { 0x0fe517463d52c0cL, 0x0a92f0c4604ce89L, 0x158cd838e558dcdL,
-      0x1559f4b486b8c42L, 0x197e810788b3f1cL, 0x0f040548091d053L,
-      0x16b6ae8c7dad6c5L, 0x191afbcbc25f947L, 0x03287361b0df511L,
-      0x064006a32babea7L, 0x043cf5481fb245fL, 0x0de261dd41c6210L,
-      0x133ea5a2ec0d4e5L, 0x1f355de85dfbf70L, 0x02fd865bf01dd8aL,
-      0x1a8559063fb9c24L, 0x127e07439fab622L, 0x040c35c9fa84725L },
-    { 0x019d15409312867L, 0x01602dfd7beda63L, 0x19a07d7d7769f81L,
-      0x0f49f87b05839e2L, 0x0e68b8fe50aa505L, 0x1a6b22769876b2eL,
-      0x0125fb2c0702efaL, 0x038f6bb88890638L, 0x1351e6a009b7d9bL,
-      0x1dc31dceca3be48L, 0x196244175044292L, 0x19e886b016f5574L,
-      0x1690be357e30086L, 0x13da90a7589ce03L, 0x10ead5c4afffc68L,
-      0x137f4f39f8dae45L, 0x12a4743de57f34aL, 0x005fcbf4be4f715L },
-    { 0x0ec4ec8dda19e96L, 0x10c7536183745cbL, 0x04ad97da4629533L,
-      0x161b341b32fd06cL, 0x02fdcc091ac6f68L, 0x1e1f09cc534bd23L,
-      0x05cc1973897c656L, 0x00c312dd9b56727L, 0x19eb81a0f32f128L,
-      0x1eba0b70e96e3efL, 0x11e5dab51cd6674L, 0x15353ebde873c45L,
-      0x0b9e69d94e3de37L, 0x054e85e435bd605L, 0x1dbc4839afea780L,
-      0x1847eaed50e1aacL, 0x0bb3bd91bb4feaaL, 0x047f2a4161f2055L },
-    { 0x1ae67c2ce9a4d1eL, 0x15c01a78e901c42L, 0x1ce89741864930fL,
-      0x1a611f6838b8d91L, 0x071c294e803de0aL, 0x17586d4cb0fade7L,
-      0x1a2db71881e37c0L, 0x11f90fdea2b6c95L, 0x169679f1e50b4d1L,
-      0x0e004d0a90ccfa1L, 0x1212f83d90297f1L, 0x176247b56acd4faL,
-      0x0c64275d2c4c918L, 0x05696f6b533e08aL, 0x12d723656a44ee7L,
-      0x077ec313da316d6L, 0x03f4aeb6206b42dL, 0x01c946334dde45eL },
-    { 0x04bea4adacb4b64L, 0x115227930bcd0efL, 0x0539ea444a900fdL,
-      0x1ba6de663de7559L, 0x007b85c490448fbL, 0x10dbbda130215e2L,
-      0x1a6116b62965884L, 0x01a62ce949ecf9dL, 0x17fae8bbe4e3b2fL,
-      0x00efb6ed3e49875L, 0x1bea6309674351aL, 0x13cd7d4383fb5bdL,
-      0x0b21d405d11b14dL, 0x19c493aa1dd56e4L, 0x1c73793c077fe4dL,
-      0x1a1b30386b67de0L, 0x0f61704d2e19150L, 0x0366644479aa89aL },
-    { 0x0d36f0e7ad7504cL, 0x1932ffbcaceeefcL, 0x1b7bfb799eaaf28L,
-      0x1d75d7e65e1b9a3L, 0x014edcfc1276f4cL, 0x16c75bb412d3730L,
-      0x138782e306a0a66L, 0x034624049521371L, 0x0cb8fd98b9cbd35L,
-      0x04209bc7d58f45fL, 0x143d74e5cf2b3e9L, 0x09084b3aa4a82fdL,
-      0x0374b91393a17e1L, 0x0d651e74a9eadc2L, 0x103e0563de4ac84L,
-      0x1af7a06bfe22191L, 0x0f96afa6357ad4eL, 0x0178a8cc05937d7L },
-    { 0x08631da29d2d439L, 0x1dde15e01ccaa86L, 0x1e49b016dd6c487L,
-      0x016d9c8fd87cb52L, 0x1d88c6586d6cf4cL, 0x1aad0bdd550bb3cL,
-      0x16a140c76e79fccL, 0x1bf0703c7b015deL, 0x1c71db29015a31bL,
-      0x1c7b5ba4a4c7ebeL, 0x17cfe44efbbbd98L, 0x04e3e956cf6689dL,
-      0x10fd22df11e6173L, 0x102e27491d10163L, 0x1ae6483def80e24L,
-      0x095543843210b51L, 0x1656c805ce8beb5L, 0x01aa582db8562c6L },
-    { 0x171e2367a9170e9L, 0x16216a656a866b8L, 0x093cf37733ec07bL,
-      0x074cd95c35ff7d0L, 0x165c7d01a73e8ceL, 0x1ecb8f5b89c53fcL,
-      0x09cac001638fd70L, 0x0dea4b235865fe1L, 0x0a32fb5bcbbbce7L,
-      0x1920d5c54fc0d0cL, 0x14cccbb29a18c3cL, 0x13f88905e277e63L,
-      0x17a4681be2847afL, 0x12af7e7cb0cb710L, 0x0b31c1664e3e4cbL,
-      0x1f5847cfb5970e1L, 0x1a1d41be893cf09L, 0x0246e2ae2571a91L },
-    { 0x0623826a5092193L, 0x161b1344c4b8647L, 0x1abc9727ad0791bL,
-      0x01078fa48a5e26aL, 0x17d00e384178064L, 0x090a8e4c16f7b3cL,
-      0x021a4e0badb9e94L, 0x0042a9c20ef15ebL, 0x0187070758a51cfL,
-      0x0f5d4fbb8989e2cL, 0x1ee5cee85564133L, 0x1e963a1af674bacL,
-      0x118b8af2cd851c9L, 0x0c35c6b10cf94ebL, 0x0ee70cf2e5333feL,
-      0x118d10e4bc49772L, 0x021405ce4c566e3L, 0x02fb5476e85b6e0L },
-    { 0x1704ca58f9a8690L, 0x14bb317bb5203c1L, 0x1631a48040a0fcdL,
-      0x0d79c7499ff7825L, 0x04aab26d4cd58f1L, 0x122bd43c0233250L,
-      0x05e500173eee93aL, 0x072a6f2a367714bL, 0x14ca2b9e44fe1f7L,
-      0x0214566ef992bcbL, 0x168d083a890f6f9L, 0x0c57e879c03cc91L,
-      0x01f27db490cce65L, 0x05fdbe784207821L, 0x01e5f4c55b32dc2L,
-      0x029773666901ab5L, 0x1ac2e12e07a9eb8L, 0x00e532839653fc3L },
-    { 0x1b321cf2b9d25a0L, 0x1fee52053a36dfdL, 0x0c39678da2d59abL,
-      0x08fb000d1f8382aL, 0x1647dd6856ed1eaL, 0x1bc6d44dba6c7f2L,
-      0x0ce44765ad41e26L, 0x0be736ea487177cL, 0x0ef8d443e0d858cL,
-      0x0e96da4cb23551aL, 0x14ef47999d50f13L, 0x0180d130130aff5L,
-      0x1249facabad0d71L, 0x0a7cd0c94fbd7f9L, 0x0cc1e841577b070L,
-      0x1fec9594cc7323fL, 0x0eeac44fd9135ffL, 0x0231657db65d69eL },
-    { 0x060a647de3237ddL, 0x19ae6415c3a020bL, 0x1d6777e957e257dL,
-      0x1ce4d72295ef0f3L, 0x1c93e29815ef043L, 0x18c1988c3a9c9e8L,
-      0x084ae868af9d1bbL, 0x0fe9cfd1bf84b53L, 0x1dfefc97da9c391L,
-      0x043ae8185175f20L, 0x1748d69ccb4732fL, 0x0ffdb3754da61eeL,
-      0x0b65f4857606feeL, 0x089fc1e0553c27dL, 0x03e744c8c557889L,
-      0x1d5fba5f6ee307dL, 0x0082a291503b546L, 0x00949e4c6366c9bL },
-    { 0x078125149d53b77L, 0x1a01ecb757d63b9L, 0x1f6d28dadc469aaL,
-      0x110fcee3836faf8L, 0x13b375228238c70L, 0x03a986a4afb55f9L,
-      0x0446ac2c0a27232L, 0x13d9507970dcef6L, 0x1be1c0fb8a1bd18L,
-      0x067d97d8d74ebe3L, 0x108f1525030fa16L, 0x1c82e95b220fa0bL,
-      0x05064e714216e79L, 0x1efeb0a7d0523f8L, 0x11a622f1a4a7353L,
-      0x11f63db64b09872L, 0x0ba73e4b5f3e46fL, 0x029dbcd50b4754aL },
-    { 0x16fafce44bbb6a1L, 0x0ddd033c10b9410L, 0x0cc2a7764e6b4e9L,
-      0x1be33df5fdde3c9L, 0x1b4ec014022eaf3L, 0x16339c7f6ad5e73L,
-      0x02689925a3b9944L, 0x00a462330d253fdL, 0x00d539d8d47397cL,
-      0x0005e2a11a2cb62L, 0x01fd614d1984759L, 0x120793abb41f725L,
-      0x17c83af2a804099L, 0x1940a8f0f2f7a4cL, 0x10044132277006cL,
-      0x0593a2a1f6952b0L, 0x03340a6f7d5f387L, 0x041486b68ab6174L },
-    { 0x04637c6d8546946L, 0x1a51cb4f62bfd7cL, 0x06935e2401fb684L,
-      0x1c1b8f7013a846bL, 0x0d6784a9b42557fL, 0x056daff31572969L,
-      0x1f29689c532982fL, 0x02398411bcc6755L, 0x02380ed5ced9678L,
-      0x135aaf4ed990b30L, 0x0b40b299d48d69bL, 0x1df3667f41c237dL,
-      0x06f06a2a0851cc6L, 0x1623d9e7fe911f1L, 0x0aa613803cccb87L,
-      0x05c288b3e52f741L, 0x1b06fa1d969ee95L, 0x0283778d59827d5L },
-    { 0x1b4eb2735bff163L, 0x05cb7f54fd4c208L, 0x0cfe77ac9f39c4cL,
-      0x0b3ba387aacd59dL, 0x073075aaa2daf1aL, 0x038dac7a84853f5L,
-      0x0b670da9abce78cL, 0x02d451ac67bbee7L, 0x0dd354cacbdc89aL,
-      0x1f51a11ea6e5e1eL, 0x11d348de764b477L, 0x0adf1ddacecadddL,
-      0x03fa8feb1fe14a4L, 0x1cc7e5e3fd5f3baL, 0x069c1b8501333e2L,
-      0x18cf0d99a5f7feeL, 0x144daaf3fdb4d85L, 0x020adbedf8a9001L },
-    { 0x10105867d8377a7L, 0x11eb465c019394bL, 0x0a27c0e930c81a2L,
-      0x1b2791e521facfaL, 0x09e5a2b84bc7095L, 0x15cf9db897d09e7L,
-      0x1530bf1ab1b183fL, 0x00219b46db2dc1cL, 0x14549975186320aL,
-      0x098c648cbf80788L, 0x1130ff9a4d9423eL, 0x1df30be0d15403bL,
-      0x10a2b5511c769a2L, 0x1a0917029a91677L, 0x1d750fc01a597b6L,
-      0x03ab3f9c1f5f982L, 0x19d525dc9bdec83L, 0x00f618a78d7ac43L },
-    { 0x063feef2c8310c2L, 0x10a6d22bf1fba03L, 0x03f394d1a21ea9fL,
-      0x1ec6fd858a72562L, 0x1542f8dfcde4a38L, 0x0f0b88a83b99905L,
-      0x06f18d04c0be7dfL, 0x0de031638c75c97L, 0x0f001c46edd2f9eL,
-      0x1dd854b937667d0L, 0x06e675dd1b831f4L, 0x0defeb0eb5d9526L,
-      0x1c96939c82e0c8bL, 0x1ef2d3325d9978bL, 0x0afe9add944d748L,
-      0x00bbce326d968a5L, 0x188ad5cc08f2dc1L, 0x00bf48e893fffabL },
-    { 0x092ced3b7e051caL, 0x06a7e8ce3bb6a5fL, 0x0d480219e12f191L,
-      0x0f9d3ad66391569L, 0x1289e9c73ea6622L, 0x150cf71ca924d1eL,
-      0x16bb15142799744L, 0x01d4f7a8d25186cL, 0x1354997e477963eL,
-      0x0bb2cabdaccb996L, 0x012bae47528ed83L, 0x1d483bd67c5132bL,
-      0x0d572571df6e653L, 0x18c570fce53e4c7L, 0x1dee5fbcc068e3eL,
-      0x141aa2c53ef84c7L, 0x001df242282afc4L, 0x008c79da59eee86L },
-    { 0x0a0a0a87ad4762bL, 0x1c26d462c68babaL, 0x058133ddb6186bbL,
-      0x0cfcc1b3162dfe9L, 0x1ecc1dbac0be878L, 0x0b0a3d41b1bffd9L,
-      0x11b970912982577L, 0x00b47c2f068b610L, 0x1735eb686e77a4cL,
-      0x1e0c5a7efbac34aL, 0x06342c6f7f94bd6L, 0x181a00e2b7422acL,
-      0x1ac2dd617f878ecL, 0x10db0b880edede8L, 0x1d64f08874ad8c4L,
-      0x0e048459d14f289L, 0x1273b9b536a44f1L, 0x000e8533e4681f3L },
-    { 0x19642361e46533cL, 0x1bcc87dc461573dL, 0x145a90b12863a51L,
-      0x1bb078f48a0336bL, 0x0cb663e37135e81L, 0x1606b1ba534deeaL,
-      0x03699ed9fb36f9dL, 0x01407aa8a4223cdL, 0x1596cceb5d2e865L,
-      0x0ab96fe95781d9bL, 0x192e87eaf5654b3L, 0x08ad69db0ad2a46L,
-      0x12c950d5d47f47dL, 0x043717c22d6c5abL, 0x1aec1132b74b7e9L,
-      0x011cdbaa4f6878aL, 0x00fc9adba24997cL, 0x00db12d833ed319L },
-    { 0x0dfaa7b4fd8446dL, 0x19780d7b7f5f5a2L, 0x0e23fa20e2d7006L,
-      0x1f7752eb177e888L, 0x07156bc9f33c434L, 0x0484c595cb8e5d4L,
-      0x11775ac9179707dL, 0x1af0fb96a685683L, 0x0db1f80c634d852L,
-      0x0b7192c1219ed1aL, 0x008194fdf7c309bL, 0x0cf86c1966cbecdL,
-      0x029826656ac4ca5L, 0x1f834bb4190fd56L, 0x01d98e44fd729beL,
-      0x0e6dc2a72f2434eL, 0x08dbdf143288400L, 0x0199f654b0cfe4aL },
-    { 0x1337948ac775d81L, 0x128c7ea0edde511L, 0x093ef3f3a520e30L,
-      0x0ca8e07fcec478fL, 0x13fb3b5baad3623L, 0x0e00f8159d09d20L,
-      0x0598576cd5969fdL, 0x123ae4811b8a46bL, 0x15a17f8e51d616eL,
-      0x060b775e592dcccL, 0x1a33c4ce4dd0fa4L, 0x0e95ca96c94fe6bL,
-      0x0a65cd449d987daL, 0x1bf3d8aeaabd991L, 0x1344d3dd9420a94L,
-      0x00e8c9a4b8e85e5L, 0x135ae9d9c074ccfL, 0x0397e1088439468L },
-    { 0x106b203f96004c8L, 0x1cae7a2c02affd4L, 0x019d57cd642760fL,
-      0x17caa191ddaefabL, 0x15a060814a9ea6fL, 0x14103148e46654aL,
-      0x1e179287fb9e2f3L, 0x0cdd735bc0d347bL, 0x1fbbdcf0c7d3de6L,
-      0x1451c8dae99b6a8L, 0x1e34a170bff0f08L, 0x1bc65ef62cb6ec1L,
-      0x04561770401ee48L, 0x0ef7fcd001c01ecL, 0x1f8d69395cfd922L,
-      0x14d8dc344e71d42L, 0x12d238ef17c8840L, 0x02404a37c588f6cL },
-    { 0x0c747a8fd71f119L, 0x12e2f29f59b4ac2L, 0x1e198a6161e8679L,
-      0x135631ade81c5ecL, 0x0630b8c048a4889L, 0x157c4950d4c8126L,
-      0x15892125d4258b2L, 0x1a9910d3575c41fL, 0x03b72b04d6c2b7dL,
-      0x13baf5b04c97be8L, 0x0701b9f41b9a138L, 0x06c3c977a00e011L,
-      0x0b4ba846e4cb3b4L, 0x032326cf50d7333L, 0x1e14e7f0070bac9L,
-      0x15f8ff0de57cd83L, 0x10216e8e8aecf68L, 0x046d5b0fee39c34L },
-    { 0x0a5c903d54d1d45L, 0x014bf7fa7cdd121L, 0x1480d351e2d2b35L,
-      0x161188c4345b116L, 0x1486540235b2ba2L, 0x0f997369e91cdd9L,
-      0x1f708779dabb644L, 0x0050eff179e7e0dL, 0x1802714c19ec515L,
-      0x0822275d2c83806L, 0x108a7cc773255e8L, 0x0f57702d3fdb0d2L,
-      0x152caf080e5ece7L, 0x05ebe778aadf450L, 0x0e5fb84fac86c53L,
-      0x0d2193bdef5a2cfL, 0x1e7e03ca879118fL, 0x037bbf316fccd94L },
-    { 0x071bdede40bbf59L, 0x1d229b200d56b51L, 0x00d5cd5073445deL,
-      0x0c96e3605e2eabcL, 0x0813359f3465b46L, 0x1c75639175b889dL,
-      0x1ced65e4aa3f5bcL, 0x17e2354025ffe77L, 0x099aafabff85c3fL,
-      0x0f0517783606621L, 0x15755ddcedecea4L, 0x1cedacd30814629L,
-      0x132e5a8be6ae5e2L, 0x00e7aac04309b03L, 0x0fb440bb9b5d5e3L,
-      0x1e1d64689c01ed1L, 0x180799d78868184L, 0x031c0ce48e1e967L },
-    { 0x05392e17884b073L, 0x1d0fe758933f565L, 0x17c241c0e29e7b0L,
-      0x19c988f6e07a0feL, 0x1bf96b91cb2ac07L, 0x1527dffcb332770L,
-      0x19403afd5d624abL, 0x008b557e723f5bcL, 0x0c5b3376f171d12L,
-      0x1fb0628d069ec0dL, 0x0b3f9e5daa112c7L, 0x19357b4c24b4216L,
-      0x134ebd453ee131cL, 0x0825b5e0f07e0b6L, 0x0be32af0340c669L,
-      0x1368fc87417ce14L, 0x1eec80afeec55e4L, 0x033ea46894132ebL },
-    { 0x08d59a7ea2d56d6L, 0x15e8713a4053183L, 0x16c2b9cd9b375c6L,
-      0x140e409d78d7a23L, 0x177e6293fbb639cL, 0x1d461ec4d12173fL,
-      0x1e6a37b9f28add6L, 0x0208e5bb87ac945L, 0x084229df47561a0L,
-      0x0fb1642e2db24eaL, 0x15ac6d37249f365L, 0x0240bdcc0b2dfbaL,
-      0x10abf29401fe8bbL, 0x0868e0c21f7e552L, 0x0c077d75240343cL,
-      0x087ea59e2275251L, 0x1c7a3d7ebc31f0eL, 0x013ca871c741c26L },
-    { 0x0b21ff0e1d0fa79L, 0x1e8198245aef4f5L, 0x1a24bf8dd32d2e7L,
-      0x149d643ed699268L, 0x0925e7e7bb4827fL, 0x0a6298a338b7bcdL,
-      0x1b77c510afcd9f7L, 0x11240e72a99a5d2L, 0x14e0141ae8502aaL,
-      0x170070d4777b664L, 0x1a1245620336be3L, 0x14b8d2c5008cab9L,
-      0x185d15dfbfff3abL, 0x0fb4279299ae627L, 0x0796f629fc11032L,
-      0x04b575d008a7f76L, 0x171a1c99813ff22L, 0x02a7fbc423cd92eL },
-    { 0x1c6ee30de40b068L, 0x1232df379d28f13L, 0x1813e8ec87da489L,
-      0x1b8083022bc4948L, 0x0df90d2b50a5a5aL, 0x186007f1942a20cL,
-      0x0238eedd3963f72L, 0x1938d1e36769458L, 0x1339df0810ccd9eL,
-      0x0a9b16e5bc3754fL, 0x1178c72556bab64L, 0x003b16d4d8d6512L,
-      0x1c3678a427d6a2cL, 0x14649816034f416L, 0x08407985e1d5400L,
-      0x1650d159b52cb3fL, 0x0fe4e4e4573ee30L, 0x0456dd6c29f8c18L },
-    { 0x00ae11f0969d524L, 0x1ed7bf9cde63c83L, 0x1d99f307f30bd0bL,
-      0x05c466da9e79d8cL, 0x0e1c0f7f456b9cfL, 0x027d873550faef4L,
-      0x12ca336f0ab4826L, 0x1de81219f4c368cL, 0x140d86f301243f3L,
-      0x0d8b66666af43f3L, 0x1c5a30c09b35065L, 0x0d9702d80e60807L,
-      0x1358407a1ddbe38L, 0x0b8bf0d78a75c37L, 0x12f25b3d622d3e0L,
-      0x0e3836eb8834ccdL, 0x05ff342c1aa027eL, 0x039c9801b604a2fL },
-    { 0x14f757d22cdaf42L, 0x1ac8efa0c0d55caL, 0x0067d5453c95e22L,
-      0x11e31fab791730dL, 0x022ceb9169642e0L, 0x07b4c2c95982e88L,
-      0x072b85c5640f9a9L, 0x15497afad3ac22fL, 0x0dacdfd5dd29c01L,
-      0x02eeead6c888466L, 0x0b1ec592b23c55cL, 0x09c36a48c65e869L,
-      0x1b731fc44761a51L, 0x104b0d98a2dcf30L, 0x1abc88f3d584d23L,
-      0x133a7385152cee7L, 0x1e25bd10182aa7cL, 0x045e376257214b2L },
-    { 0x096e5c0e7f2a32bL, 0x04006049c451868L, 0x0df10078d833fd5L,
-      0x1976c0a94c0dfc8L, 0x0457aa6e6655fc9L, 0x14d95ba8870c304L,
-      0x1698682b3f288acL, 0x194e64907c6a36fL, 0x1e31471ee6be6c8L,
-      0x0b2a18e45b2e4d0L, 0x0b0ee5235972ef9L, 0x18435d365551f93L,
-      0x0daa60aa6ad308fL, 0x0c17e06a6b53ef8L, 0x11e935ca11365aaL,
-      0x112ab56025858b0L, 0x0152b3c8f71dcebL, 0x04742a1bedf4e3fL },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 18];
-    sp_digit tx[2 * 18];
-    sp_digit ty[2 * 18];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 18 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 18 * 2;
-        ty = td + 37 * 18 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 18);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 18);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_18(tx, ty, t);
-            sp_1024_proj_mul_qx1_18(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_18(tx, tx, t);
-        sp_1024_mont_mul_18(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 18, 0, sizeof(sp_digit) * 18);
-        sp_1024_mont_reduce_18(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_18(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 18;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_18(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_18(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_18(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_18(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_18(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_18(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_18(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_18(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 18;
-
-    sp_1024_mont_inv_18(t1, p->z, t2);
-    sp_1024_mont_sqr_18(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_18(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 18);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 18;
-    sp_digit* pz2 = t +  2 * 18;
-    sp_digit* rx  = t +  4 * 18;
-    sp_digit* ry  = t +  6 * 18;
-    sp_digit* l   = t +  8 * 18;
-    sp_digit* ty  = t + 10 * 18;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_18(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_18(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_18(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_18(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_18(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_18(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_18(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_18(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_18(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_18(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_18(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_18(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_18(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_18(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_18(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_18(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_18(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_18(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_18(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_18(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_18(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_18(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_18(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_18(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_18(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_18(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 18;
-    sp_digit* rx  = t +  4 * 18;
-    sp_digit* ry  = t +  6 * 18;
-    sp_digit* h   = t +  8 * 18;
-    sp_digit* r   = t + 10 * 18;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_18(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_18(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_18(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_18(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_18(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_18(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_18(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_18(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_18(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_18(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_18(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_18(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_18(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_18(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_18(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_18(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_18(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_18(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_18(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_18(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_18(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_18(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_18(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_18(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 18];
-    sp_digit vx[2 * 18];
-    sp_digit vy[2 * 18];
-    sp_digit qx_px[2 * 18];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_18(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 18 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 18 * 2;
-        vy    = td + 37 * 18 * 2;
-        qx_px = td + 38 * 18 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_18(p, pm);
-        sp_1024_point_from_ecc_point_18(q, qm);
-
-        err = sp_1024_mod_mul_norm_18(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 18);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 18);
-
-        sp_1024_mont_add_18(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_18(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 57] >> (i % 57)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_18(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_18(vx, vy, t);
-        sp_1024_proj_sqr_18(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_18(vx, vx, t);
-        sp_1024_mont_mul_18(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 18, 0, sizeof(sp_digit) * 18);
-        sp_1024_mont_reduce_18(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_18(c, 1, NULL);
-    sp_1024_point_free_18(q, 1, NULL);
-    sp_1024_point_free_18(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_18(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 18;
-    sp_digit* rx = t +  4 * 18;
-    sp_digit* ry = t +  6 * 18;
-    sp_digit* h  = t +  8 * 18;
-    sp_digit* r  = t + 10 * 18;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_18(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_18(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_18(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_18(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_18(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_18(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_18(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_18(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_18(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_18(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_18(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_18(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_18(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_18(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_18(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_18(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_18(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_18(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_18(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_18(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_18(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_18(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_18(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_18(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_18(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_18(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_18(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_18(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_18(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_18(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_18(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_18(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_18(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_18(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 18;
-    sp_digit* pz2 = t +  2 * 18;
-    sp_digit* rx  = t +  4 * 18;
-    sp_digit* ry  = t +  6 * 18;
-    sp_digit* l   = t +  8 * 18;
-    sp_digit* ty  = t + 10 * 18;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_18(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_18(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_18(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_18(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_18(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_18(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_18(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_18(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_18(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_18(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_18(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_18(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_18(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_18(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_18(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_18(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_18(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_18(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_18(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_18(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_18(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_18(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_18(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_18(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_18(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_18(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[36];
-    sp_digit (*pre_vy)[36];
-    sp_digit (*pre_nvy)[36];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 18];
-    sp_digit vx[2 * 18];
-    sp_digit vy[2 * 18];
-    sp_digit pre_vx[16][36];
-    sp_digit pre_vy[16][36];
-    sp_digit pre_nvy[16][36];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_18(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 18 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 18 * 2;
-        vy      = td + 37 * 18 * 2;
-        pre_vx  = (sp_digit(*)[36])(td + 38 * 18 * 2);
-        pre_vy  = (sp_digit(*)[36])(td + 54 * 18 * 2);
-        pre_nvy = (sp_digit(*)[36])(td + 70 * 18 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 18 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_18(p, pm);
-        sp_1024_point_from_ecc_point_18(q, qm);
-
-        err = sp_1024_mod_mul_norm_18(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 18);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 18);
-        sp_1024_mont_sub_18(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 18);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 18);
-        sp_1024_accumulate_line_dbl_18(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 18);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 18);
-            sp_1024_proj_mul_18(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_18(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_18(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 18);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 18);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_18(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_18(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_18(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_18(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_18(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_18(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_18(vx, vy, t);
-        sp_1024_proj_sqr_18(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_18(vx, vx, t);
-        sp_1024_mont_mul_18(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 18, 0, sizeof(sp_digit) * 18);
-        sp_1024_mont_reduce_18(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_18(c, 1, NULL);
-    sp_1024_point_free_18(q, 1, NULL);
-    sp_1024_point_free_18(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_18(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 18;
-    sp_digit* t2 = t + 34 * 2 * 18;
-    sp_digit* l  = t + 35 * 2 * 18;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_18(l, py, p1024_mod);
-    sp_1024_mont_inv_18(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_18(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_18(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_18(t2, t1, p1024_mod);
-    sp_1024_mont_add_18(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_18(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_18(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_18(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 18);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 18);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_18(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 18;
-    sp_digit* c  = t + 34 * 2 * 18;
-    sp_digit* l  = t + 35 * 2 * 18;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_18(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_18(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_18(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_18(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_18(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_18(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_18(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_18(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 18);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 18);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_18(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 18;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_18(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_18(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_18(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_18(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 18];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 18 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 18 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_18(p, pm);
-
-        err = sp_1024_mod_mul_norm_18(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_18(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_18(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_18(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_18(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_18(c, c, t);
-            sp_1024_mont_map_18(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_18(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_18(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_18(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_18(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_18(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_18(c, c, neg, t);
-                sp_1024_mont_map_18(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_18(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_18(c, c, t);
-                sp_1024_mont_map_18(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_18(neg, 1, NULL);
-    sp_1024_point_free_18(c, 1, NULL);
-    sp_1024_point_free_18(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[36];
-    sp_digit (*pre_vy)[36];
-    sp_digit (*pre_nvy)[36];
-#else
-    sp_digit t[36 * 2 * 18];
-    sp_digit vx[2 * 18];
-    sp_digit vy[2 * 18];
-    sp_digit pre_vx[16][36];
-    sp_digit pre_vy[16][36];
-    sp_digit pre_nvy[16][36];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_18(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 18 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 18 * 2;
-        vy      = td + 37 * 18 * 2;
-        pre_vx  = (sp_digit(*)[36])(td + 38 * 18 * 2);
-        pre_vy  = (sp_digit(*)[36])(td + 54 * 18 * 2);
-        pre_nvy = (sp_digit(*)[36])(td + 70 * 18 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_18(p, pm);
-        sp_1024_point_from_ecc_point_18(q, qm);
-
-        err = sp_1024_mod_mul_norm_18(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_18(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 18);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 18);
-        sp_1024_mont_sub_18(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 18);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 18);
-        sp_1024_accumulate_line_dbl_18(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 18);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 18);
-            sp_1024_proj_mul_18(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_18(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_18(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 18);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 18);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 18);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_18(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_18(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_18(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_18(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_18(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_18(vx, vy, t);
-        sp_1024_proj_sqr_18(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_18(vx, vx, t);
-        sp_1024_mont_mul_18(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 18, 0, sizeof(sp_digit) * 18);
-        sp_1024_mont_reduce_18(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_18(c, 1, NULL);
-    sp_1024_point_free_18(q, 1, NULL);
-    sp_1024_point_free_18(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((sp_digit)a[i]) << s);
-        if (s >= 49U) {
-            r[j] &= 0x1ffffffffffffffL;
-            s = 57U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (sp_digit)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_18(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 18 * 4);
-    sp_digit* t2 = NULL;
-    sp_int64 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 18 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 18;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_18(t1, point->y);
-        (void)sp_1024_mod_18(t1, t1, p1024_mod);
-        sp_1024_sqr_18(t2, point->x);
-        (void)sp_1024_mod_18(t2, t2, p1024_mod);
-        sp_1024_mul_18(t2, t2, point->x);
-        (void)sp_1024_mod_18(t2, t2, p1024_mod);
-        sp_1024_mont_sub_18(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_18(t1, p1024_mod);
-        sp_1024_cond_sub_18(t1, t1, p1024_mod, (sp_digit)~(n >> 56));
-        sp_1024_norm_18(t1);
-        if (!sp_1024_iszero_18(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 18, pX);
-        sp_1024_from_mp(pub->y, 18, pY);
-        sp_1024_from_bin(pub->z, 18, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_18(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 18);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 18, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 18, pX);
-        sp_1024_from_mp(pub->y, 18, pY);
-        sp_1024_from_bin(pub->z, 18, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 18, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_18(pub->x) != 0) &&
-            (sp_1024_iszero_18(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_18(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_18(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_18(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_1024_ecc_mulmod_18(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_18(p->x) == 0) ||
-                             (sp_1024_iszero_18(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_1024_ecc_mulmod_base_18(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_18(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_18(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* SP_WORD_SIZE == 64 */
-#endif /* !WOLFSSL_SP_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_cortexm.c b/src/ssl/wolfssl/wolfcrypt/sp_cortexm.c
deleted file mode 100644
index cbb2230d2..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_cortexm.c
+++ /dev/null
@@ -1,81173 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifdef WOLFSSL_SP_ARM_CORTEX_M_ASM
-#define SP_PRINT_NUM(var, name, total, words, bits)         \
-    do {                                                    \
-        int ii;                                             \
-        fprintf(stderr, name "=0x");                        \
-        for (ii = (((bits) + 31) / 32) - 1; ii >= 0; ii--)  \
-            fprintf(stderr, SP_PRINT_FMT, (var)[ii]);       \
-        fprintf(stderr, "\n");                              \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                             \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                             \
-    fprintf(stderr, name "=%d\n", var)
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_64(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 63; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_64(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_64(a)
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_ARM_ARCH_7M
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x24\n\t"
-        "STR	%[r], [sp, #32]\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        /* A[0] * B[0] */
-        "LDR	lr, [%[b]]\n\t"
-        "UMULL	r3, r4, r12, lr\n\t"
-        /* A[0] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "UMULL	r5, r6, r12, lr\n\t"
-        /* A[0] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "UMULL	r7, r8, r12, lr\n\t"
-        /* A[0] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "UMULL	r9, r10, r12, lr\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "MOV	r11, %[r]\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[0] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[0] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[0] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADC	r3, %[r], #0x0\n\t"
-        "UMLAL	r10, r3, r12, lr\n\t"
-        /* A[1] * B[0] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[1] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[1] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[1] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[1] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[1] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[1] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[1] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r4, %[r], #0x0\n\t"
-        "UMLAL	r3, r4, r12, lr\n\t"
-        /* A[2] * B[0] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[2] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[2] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[2] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[2] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[2] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[2] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[2] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r5, %[r], #0x0\n\t"
-        "UMLAL	r4, r5, r12, lr\n\t"
-        /* A[3] * B[0] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "STR	r6, [sp, #12]\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[3] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[3] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[3] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[3] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[3] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[3] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[3] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r6, %[r], #0x0\n\t"
-        "UMLAL	r5, r6, r12, lr\n\t"
-        /* A[4] * B[0] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "STR	r7, [sp, #16]\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[4] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[4] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[4] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[4] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[4] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[4] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[4] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r7, %[r], #0x0\n\t"
-        "UMLAL	r6, r7, r12, lr\n\t"
-        /* A[5] * B[0] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "STR	r8, [sp, #20]\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[5] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[5] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[5] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[5] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[5] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[5] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[5] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r8, %[r], #0x0\n\t"
-        "UMLAL	r7, r8, r12, lr\n\t"
-        /* A[6] * B[0] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[6] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[6] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[6] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[6] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[6] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[6] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[6] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r9, %[r], #0x0\n\t"
-        "UMLAL	r8, r9, r12, lr\n\t"
-        /* A[7] * B[0] */
-        "LDR	r12, [%[a], #28]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "STR	r10, [sp, #28]\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[7] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[7] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[7] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[7] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[7] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[7] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[7] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r10, %[r], #0x0\n\t"
-        "UMLAL	r9, r10, r12, lr\n\t"
-        "LDR	%[r], [sp, #32]\n\t"
-        "ADD	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "SUB	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	sp, sp, #0x24\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x2c\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        "STRD	%[r], %[a], [sp, #36]\n\t"
-#else
-        "STR	%[r], [sp, #36]\n\t"
-        "STR	%[a], [sp, #40]\n\t"
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-        "MOV	lr, %[b]\n\t"
-        "LDM	%[a], {r0, r1, r2, r3}\n\t"
-        "LDM	lr!, {r4, r5, r6}\n\t"
-        "UMULL	r10, r11, r0, r4\n\t"
-        "UMULL	r12, r7, r1, r4\n\t"
-        "UMAAL	r11, r12, r0, r5\n\t"
-        "UMULL	r8, r9, r2, r4\n\t"
-        "UMAAL	r12, r8, r1, r5\n\t"
-        "UMAAL	r12, r7, r0, r6\n\t"
-        "UMAAL	r8, r9, r3, r4\n\t"
-        "STM	sp, {r10, r11, r12}\n\t"
-        "UMAAL	r7, r8, r2, r5\n\t"
-        "LDM	lr!, {r4}\n\t"
-        "UMULL	r10, r11, r1, r6\n\t"
-        "UMAAL	r8, r9, r2, r6\n\t"
-        "UMAAL	r7, r10, r0, r4\n\t"
-        "UMAAL	r8, r11, r3, r5\n\t"
-        "STR	r7, [sp, #12]\n\t"
-        "UMAAL	r8, r10, r1, r4\n\t"
-        "UMAAL	r9, r11, r3, r6\n\t"
-        "UMAAL	r9, r10, r2, r4\n\t"
-        "UMAAL	r10, r11, r3, r4\n\t"
-        "LDM	lr, {r4, r5, r6, r7}\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMLAL	r8, r12, r0, r4\n\t"
-        "UMAAL	r9, r12, r1, r4\n\t"
-        "UMAAL	r10, r12, r2, r4\n\t"
-        "UMAAL	r11, r12, r3, r4\n\t"
-        "MOV	r4, #0x0\n\t"
-        "UMLAL	r9, r4, r0, r5\n\t"
-        "UMAAL	r10, r4, r1, r5\n\t"
-        "UMAAL	r11, r4, r2, r5\n\t"
-        "UMAAL	r12, r4, r3, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r0, r6\n\t"
-        "UMAAL	r11, r5, r1, r6\n\t"
-        "UMAAL	r12, r5, r2, r6\n\t"
-        "UMAAL	r4, r5, r3, r6\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r11, r6, r0, r7\n\t"
-        "LDR	r0, [sp, #40]\n\t"
-        "UMAAL	r12, r6, r1, r7\n\t"
-        "ADD	r0, r0, #0x10\n\t"
-        "UMAAL	r4, r6, r2, r7\n\t"
-        "SUB	lr, lr, #0x10\n\t"
-        "UMAAL	r5, r6, r3, r7\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "STR	r6, [sp, #32]\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r8, r7, r0, r6\n\t"
-        "UMAAL	r9, r7, r1, r6\n\t"
-        "STR	r8, [sp, #16]\n\t"
-        "UMAAL	r10, r7, r2, r6\n\t"
-        "UMAAL	r11, r7, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r8, #0x0\n\t"
-        "UMLAL	r9, r8, r0, r6\n\t"
-        "UMAAL	r10, r8, r1, r6\n\t"
-        "STR	r9, [sp, #20]\n\t"
-        "UMAAL	r11, r8, r2, r6\n\t"
-        "UMAAL	r12, r8, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r9, #0x0\n\t"
-        "UMLAL	r10, r9, r0, r6\n\t"
-        "UMAAL	r11, r9, r1, r6\n\t"
-        "STR	r10, [sp, #24]\n\t"
-        "UMAAL	r12, r9, r2, r6\n\t"
-        "UMAAL	r4, r9, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r10, #0x0\n\t"
-        "UMLAL	r11, r10, r0, r6\n\t"
-        "UMAAL	r12, r10, r1, r6\n\t"
-        "STR	r11, [sp, #28]\n\t"
-        "UMAAL	r4, r10, r2, r6\n\t"
-        "UMAAL	r5, r10, r3, r6\n\t"
-        "LDM	lr!, {r11}\n\t"
-        "UMAAL	r12, r7, r0, r11\n\t"
-        "UMAAL	r4, r7, r1, r11\n\t"
-        "LDR	r6, [sp, #32]\n\t"
-        "UMAAL	r5, r7, r2, r11\n\t"
-        "UMAAL	r6, r7, r3, r11\n\t"
-        "LDM	lr!, {r11}\n\t"
-        "UMAAL	r4, r8, r0, r11\n\t"
-        "UMAAL	r5, r8, r1, r11\n\t"
-        "UMAAL	r6, r8, r2, r11\n\t"
-        "UMAAL	r7, r8, r3, r11\n\t"
-        "LDM	lr, {r11, lr}\n\t"
-        "UMAAL	r5, r9, r0, r11\n\t"
-        "UMAAL	r6, r10, r0, lr\n\t"
-        "UMAAL	r6, r9, r1, r11\n\t"
-        "UMAAL	r7, r10, r1, lr\n\t"
-        "UMAAL	r7, r9, r2, r11\n\t"
-        "UMAAL	r8, r10, r2, lr\n\t"
-        "UMAAL	r8, r9, r3, r11\n\t"
-        "UMAAL	r9, r10, r3, lr\n\t"
-        "MOV	r3, r12\n\t"
-        "LDR	lr, [sp, #36]\n\t"
-        "ADD	lr, lr, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "SUB	lr, lr, #0x20\n\t"
-        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	sp, sp, #0x2c\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7",
-            "r8", "r9", "lr"
-    );
-}
-
-#endif /* WOLFSSL_ARM_ARCH_7M */
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[16];
-    sp_digit a1[8];
-    sp_digit b1[8];
-    sp_digit* z2 = r + 16;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_8(a1, a, &a[8]);
-    cb = sp_2048_add_8(b1, b, &b[8]);
-    u  = ca & cb;
-
-    sp_2048_mul_8(z2, &a[8], &b[8]);
-    sp_2048_mul_8(z0, a, b);
-    sp_2048_mul_8(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(z1, z2);
-    sp_2048_mask_8(a1, a1, 0 - cb);
-    u += sp_2048_add_8(z1 + 8, z1 + 8, a1);
-    sp_2048_mask_8(b1, b1, 0 - ca);
-    u += sp_2048_add_8(z1 + 8, z1 + 8, b1);
-
-    u += sp_2048_add_16(r + 8, r + 8, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (8 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_8(r + 24, r + 24, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_16(a1, a, &a[16]);
-    cb = sp_2048_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_2048_mul_16(z2, &a[16], &b[16]);
-    sp_2048_mul_16(z0, a, b);
-    sp_2048_mul_16(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(z1, z2);
-    sp_2048_mask_16(a1, a1, 0 - cb);
-    u += sp_2048_add_16(z1 + 16, z1 + 16, a1);
-    sp_2048_mask_16(b1, b1, 0 - ca);
-    u += sp_2048_add_16(z1 + 16, z1 + 16, b1);
-
-    u += sp_2048_add_32(r + 16, r + 16, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (16 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_16(r + 48, r + 48, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[64];
-    sp_digit a1[32];
-    sp_digit b1[32];
-    sp_digit* z2 = r + 64;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_32(a1, a, &a[32]);
-    cb = sp_2048_add_32(b1, b, &b[32]);
-    u  = ca & cb;
-
-    sp_2048_mul_32(z2, &a[32], &b[32]);
-    sp_2048_mul_32(z0, a, b);
-    sp_2048_mul_32(z1, a1, b1);
-
-    u += sp_2048_sub_in_place_64(z1, z0);
-    u += sp_2048_sub_in_place_64(z1, z2);
-    sp_2048_mask_32(a1, a1, 0 - cb);
-    u += sp_2048_add_32(z1 + 32, z1 + 32, a1);
-    sp_2048_mask_32(b1, b1, 0 - ca);
-    u += sp_2048_add_32(z1 + 32, z1 + 32, b1);
-
-    u += sp_2048_add_64(r + 32, r + 32, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (32 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_32(r + 96, r + 96, a1);
-}
-
-#ifdef WOLFSSL_ARM_ARCH_7M
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "STR	%[r], [sp, #64]\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        /* A[0] * A[1] */
-        "LDR	lr, [%[a], #4]\n\t"
-        "UMULL	r4, r5, r12, lr\n\t"
-        /* A[0] * A[3] */
-        "LDR	lr, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r12, lr\n\t"
-        /* A[0] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r12, lr\n\t"
-        /* A[0] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "UMULL	r10, r3, r12, lr\n\t"
-        /* A[0] * A[2] */
-        "LDR	lr, [%[a], #8]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[0] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[0] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[1] * A[2] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "LDR	lr, [%[a], #8]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "STR	r6, [sp, #12]\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[1] * A[3] */
-        "LDR	lr, [%[a], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "STR	r7, [sp, #16]\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[1] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[1] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[1] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[1] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r4, %[r], #0x0\n\t"
-        "UMLAL	r3, r4, r12, lr\n\t"
-        /* A[2] * A[3] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "LDR	lr, [%[a], #12]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "STR	r8, [sp, #20]\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[2] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[2] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[2] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[2] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r5, %[r], #0x0\n\t"
-        "UMLAL	r4, r5, r12, lr\n\t"
-        /* A[3] * A[4] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "LDR	lr, [%[a], #16]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "STR	r10, [sp, #28]\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[3] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[3] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[3] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r6, %[r], #0x0\n\t"
-        "UMLAL	r5, r6, r12, lr\n\t"
-        /* A[4] * A[5] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "LDR	lr, [%[a], #20]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[4] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[4] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r7, %[r], #0x0\n\t"
-        "UMLAL	r6, r7, r12, lr\n\t"
-        /* A[5] * A[6] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "LDR	lr, [%[a], #24]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[5] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r8, %[r], #0x0\n\t"
-        "UMLAL	r7, r8, r12, lr\n\t"
-        /* A[6] * A[7] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "LDR	lr, [%[a], #28]\n\t"
-        "MOV	r9, #0x0\n\t"
-        "UMLAL	r8, r9, r12, lr\n\t"
-        "ADD	lr, sp, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADD	lr, sp, #0x4\n\t"
-        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADCS	r3, r3, r3\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADC	r10, %[r], #0x0\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	lr, sp, #0x4\n\t"
-        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "MOV	lr, sp\n\t"
-        /* A[0] * A[0] */
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r3, r11, r12, r12\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[1] * A[1] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, r12\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[2] * A[2] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, r12\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[3] * A[3] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, r12\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* A[4] * A[4] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, r12\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[5] * A[5] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, r12\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[6] * A[6] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, r12\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[7] * A[7] */
-        "LDR	r12, [%[a], #28]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "UMLAL	r9, r10, r12, r12\n\t"
-        "LDR	%[r], [sp, #64]\n\t"
-        "ADD	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "SUB	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	sp, sp, #0x44\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x20\n\t"
-        "STR	%[r], [sp, #28]\n\t"
-        "LDM	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
-        "UMULL	r9, r10, r0, r0\n\t"
-        "UMULL	r11, r12, r0, r1\n\t"
-        "ADDS	r11, r11, r11\n\t"
-        "MOV	lr, #0x0\n\t"
-        "UMAAL	r10, r11, lr, lr\n\t"
-        "STM	sp, {r9, r10}\n\t"
-        "MOV	r8, lr\n\t"
-        "UMAAL	r8, r12, r0, r2\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "UMAAL	r8, r11, r1, r1\n\t"
-        "UMULL	r9, r10, r0, r3\n\t"
-        "UMAAL	r9, r12, r1, r2\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, lr, lr\n\t"
-        "STRD	r8, r9, [sp, #8]\n\t"
-        "MOV	r9, lr\n\t"
-        "UMAAL	r9, r10, r0, r4\n\t"
-        "UMAAL	r9, r12, r1, r3\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, r2, r2\n\t"
-        "STR	r9, [sp, #16]\n\t"
-        "UMULL	r9, r8, r0, r5\n\t"
-        "UMAAL	r9, r12, r1, r4\n\t"
-        "UMAAL	r9, r10, r2, r3\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, lr, lr\n\t"
-        "STR	r9, [sp, #20]\n\t"
-        "MOV	r9, lr\n\t"
-        "UMAAL	r9, r8, r0, r6\n\t"
-        "UMAAL	r9, r12, r1, r5\n\t"
-        "UMAAL	r9, r10, r2, r4\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, r3, r3\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "UMULL	r0, r9, r0, r7\n\t"
-        "UMAAL	r0, r8, r1, r6\n\t"
-        "UMAAL	r0, r12, r2, r5\n\t"
-        "UMAAL	r0, r10, r3, r4\n\t"
-        "ADCS	r0, r0, r0\n\t"
-        "UMAAL	r0, r11, lr, lr\n\t"
-        /* R[7] = r0 */
-        "UMAAL	r9, r8, r1, r7\n\t"
-        "UMAAL	r9, r10, r2, r6\n\t"
-        "UMAAL	r12, r9, r3, r5\n\t"
-        "ADCS	r12, r12, r12\n\t"
-        "UMAAL	r12, r11, r4, r4\n\t"
-        /* R[8] = r12 */
-        "UMAAL	r9, r8, r2, r7\n\t"
-        "UMAAL	r10, r9, r3, r6\n\t"
-        "MOV	r2, lr\n\t"
-        "UMAAL	r10, r2, r4, r5\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "UMAAL	r11, r10, lr, lr\n\t"
-        /* R[9] = r11 */
-        "UMAAL	r2, r8, r3, r7\n\t"
-        "UMAAL	r2, r9, r4, r6\n\t"
-        "ADCS	r3, r2, r2\n\t"
-        "UMAAL	r10, r3, r5, r5\n\t"
-        /* R[10] = r10 */
-        "MOV	r1, lr\n\t"
-        "UMAAL	r1, r8, r4, r7\n\t"
-        "UMAAL	r1, r9, r5, r6\n\t"
-        "ADCS	r4, r1, r1\n\t"
-        "UMAAL	r3, r4, lr, lr\n\t"
-        /* R[11] = r3 */
-        "UMAAL	r8, r9, r5, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "UMAAL	r4, r8, r6, r6\n\t"
-        /* R[12] = r4 */
-        "MOV	r5, lr\n\t"
-        "UMAAL	r5, r9, r6, r7\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "UMAAL	r8, r5, lr, lr\n\t"
-        /* R[13] = r8 */
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r5, r7, r7\n\t"
-        "ADCS	r7, r5, lr\n\t"
-        /* R[14] = r9 */
-        /* R[15] = r7 */
-        "LDR	lr, [sp, #28]\n\t"
-        "ADD	lr, lr, #0x1c\n\t"
-        "STM	lr!, {r0, r12}\n\t"
-        "STM	lr!, {r11}\n\t"
-        "STM	lr!, {r10}\n\t"
-        "STM	lr!, {r3, r4, r8, r9}\n\t"
-        "STM	lr!, {r7}\n\t"
-        "SUB	lr, lr, #0x40\n\t"
-        "LDM	sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "STM	lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "ADD	sp, sp, #0x20\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#endif /* WOLFSSL_ARM_ARCH_7M */
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 16;
-    sp_digit z1[16];
-    sp_digit* a1 = z1;
-    sp_digit zero[8];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 8);
-
-    mask = sp_2048_sub_8(a1, a, &a[8]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_8(a1, p1, p2);
-
-    sp_2048_sqr_8(z2, &a[8]);
-    sp_2048_sqr_8(z0, a);
-    sp_2048_sqr_8(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_16(z1, z2);
-    u -= sp_2048_sub_in_place_16(z1, z0);
-    u += sp_2048_sub_in_place_16(r + 8, z1);
-    zero[0] = u;
-    (void)sp_2048_add_8(r + 24, r + 24, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit zero[16];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_2048_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_16(a1, p1, p2);
-
-    sp_2048_sqr_16(z2, &a[16]);
-    sp_2048_sqr_16(z0, a);
-    sp_2048_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_32(z1, z2);
-    u -= sp_2048_sub_in_place_32(z1, z0);
-    u += sp_2048_sub_in_place_32(r + 16, z1);
-    zero[0] = u;
-    (void)sp_2048_add_16(r + 48, r + 48, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 64;
-    sp_digit z1[64];
-    sp_digit* a1 = z1;
-    sp_digit zero[32];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 32);
-
-    mask = sp_2048_sub_32(a1, a, &a[32]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_32(a1, p1, p2);
-
-    sp_2048_sqr_32(z2, &a[32]);
-    sp_2048_sqr_32(z0, a);
-    sp_2048_sqr_32(z1, a1);
-
-    u = 0;
-    u -= sp_2048_sub_in_place_64(z1, z2);
-    u -= sp_2048_sub_in_place_64(z1, z0);
-    u += sp_2048_sub_in_place_64(r + 32, z1);
-    zero[0] = u;
-    (void)sp_2048_add_32(r + 96, r + 96, zero);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x100\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_add_64_word:\n\t"
-#else
-    "L_sp_2048_add_64_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_2048_add_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_2048_add_64_word\n\t"
-#else
-        "BNE.N	L_sp_2048_add_64_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x100\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sub_in_pkace_64_word:\n\t"
-#else
-    "L_sp_2048_sub_in_pkace_64_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_2048_sub_in_pkace_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_2048_sub_in_pkace_64_word\n\t"
-#else
-        "BNE.N	L_sp_2048_sub_in_pkace_64_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x200\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_64_outer:\n\t"
-#else
-    "L_sp_2048_mul_64_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0xfc\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_64_inner:\n\t"
-#else
-    "L_sp_2048_mul_64_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_mul_64_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_mul_64_inner_done\n\t"
-#else
-        "BGT.N	L_sp_2048_mul_64_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mul_64_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mul_64_inner\n\t"
-#else
-        "BLT.N	L_sp_2048_mul_64_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_64_inner_done:\n\t"
-#else
-    "L_sp_2048_mul_64_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x1f4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_2048_mul_64_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_2048_mul_64_outer\n\t"
-#else
-        "BLE.N	L_sp_2048_mul_64_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #252]\n\t"
-        "LDR	r11, [%[b], #252]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_64_store:\n\t"
-#else
-    "L_sp_2048_mul_64_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_mul_64_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_mul_64_store\n\t"
-#else
-        "BGT.N	L_sp_2048_mul_64_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x200\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_64_outer:\n\t"
-#else
-    "L_sp_2048_sqr_64_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0xfc\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_64_inner:\n\t"
-#else
-    "L_sp_2048_sqr_64_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_sqr_64_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_sqr_64_inner_done\n\t"
-#else
-        "BGT.N	L_sp_2048_sqr_64_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_sqr_64_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_sqr_64_inner\n\t"
-#else
-        "BLT.N	L_sp_2048_sqr_64_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_64_inner_done:\n\t"
-#else
-    "L_sp_2048_sqr_64_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x1f4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_2048_sqr_64_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_2048_sqr_64_outer\n\t"
-#else
-        "BLE.N	L_sp_2048_sqr_64_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #252]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_64_store:\n\t"
-#else
-    "L_sp_2048_sqr_64_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_sqr_64_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_sqr_64_store\n\t"
-#else
-        "BGT.N	L_sp_2048_sqr_64_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x80\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_add_32_word:\n\t"
-#else
-    "L_sp_2048_add_32_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_2048_add_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_2048_add_32_word\n\t"
-#else
-        "BNE.N	L_sp_2048_add_32_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x80\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sub_in_pkace_32_word:\n\t"
-#else
-    "L_sp_2048_sub_in_pkace_32_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_2048_sub_in_pkace_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_2048_sub_in_pkace_32_word\n\t"
-#else
-        "BNE.N	L_sp_2048_sub_in_pkace_32_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x100\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_32_outer:\n\t"
-#else
-    "L_sp_2048_mul_32_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x7c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_32_inner:\n\t"
-#else
-    "L_sp_2048_mul_32_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_mul_32_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_mul_32_inner_done\n\t"
-#else
-        "BGT.N	L_sp_2048_mul_32_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mul_32_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mul_32_inner\n\t"
-#else
-        "BLT.N	L_sp_2048_mul_32_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_32_inner_done:\n\t"
-#else
-    "L_sp_2048_mul_32_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0xf4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_2048_mul_32_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_2048_mul_32_outer\n\t"
-#else
-        "BLE.N	L_sp_2048_mul_32_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #124]\n\t"
-        "LDR	r11, [%[b], #124]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_32_store:\n\t"
-#else
-    "L_sp_2048_mul_32_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_mul_32_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_mul_32_store\n\t"
-#else
-        "BGT.N	L_sp_2048_mul_32_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x100\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_32_outer:\n\t"
-#else
-    "L_sp_2048_sqr_32_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x7c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_32_inner:\n\t"
-#else
-    "L_sp_2048_sqr_32_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_sqr_32_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_sqr_32_inner_done\n\t"
-#else
-        "BGT.N	L_sp_2048_sqr_32_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_sqr_32_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_sqr_32_inner\n\t"
-#else
-        "BLT.N	L_sp_2048_sqr_32_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_32_inner_done:\n\t"
-#else
-    "L_sp_2048_sqr_32_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0xf4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_2048_sqr_32_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_2048_sqr_32_outer\n\t"
-#else
-        "BLE.N	L_sp_2048_sqr_32_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #124]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sqr_32_store:\n\t"
-#else
-    "L_sp_2048_sqr_32_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_2048_sqr_32_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_2048_sqr_32_store\n\t"
-#else
-        "BGT.N	L_sp_2048_sqr_32_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_d_64_word:\n\t"
-#else
-    "L_sp_2048_mul_d_64_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mul_d_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mul_d_64_word\n\t"
-#else
-        "BLT.N	L_sp_2048_mul_d_64_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #256]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_64(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[17] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[18] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[19] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[20] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[21] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[22] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[23] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[24] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[25] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[26] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[27] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[28] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[29] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[30] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[31] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[32] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[33] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[34] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[35] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[36] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[37] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[38] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[39] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[40] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[41] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[42] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[43] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[44] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[45] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[46] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[47] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[48] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[49] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[50] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[51] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[52] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[53] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[54] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[55] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[56] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[57] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[58] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[59] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[60] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[61] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[62] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[63] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "STR	r4, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 32);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_32(r, m);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_cond_sub_32_words:\n\t"
-#else
-    "L_sp_2048_cond_sub_32_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_cond_sub_32_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_cond_sub_32_words\n\t"
-#else
-        "BLT.N	L_sp_2048_cond_sub_32_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_NO_UMAAL
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_32_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_32_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r9, [%[m], #68]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r9, [%[m], #72]\n\t"
-        "LDR	r12, [%[a], #72]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #72]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r9, [%[m], #76]\n\t"
-        "LDR	r12, [%[a], #76]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #76]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r9, [%[m], #80]\n\t"
-        "LDR	r12, [%[a], #80]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #80]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r9, [%[m], #84]\n\t"
-        "LDR	r12, [%[a], #84]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #84]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r9, [%[m], #88]\n\t"
-        "LDR	r12, [%[a], #88]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #88]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r9, [%[m], #92]\n\t"
-        "LDR	r12, [%[a], #92]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #92]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r9, [%[m], #96]\n\t"
-        "LDR	r12, [%[a], #96]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #96]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r9, [%[m], #100]\n\t"
-        "LDR	r12, [%[a], #100]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #100]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r9, [%[m], #104]\n\t"
-        "LDR	r12, [%[a], #104]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #104]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r9, [%[m], #108]\n\t"
-        "LDR	r12, [%[a], #108]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #108]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r9, [%[m], #112]\n\t"
-        "LDR	r12, [%[a], #112]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #112]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r9, [%[m], #116]\n\t"
-        "LDR	r12, [%[a], #116]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #116]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r9, [%[m], #120]\n\t"
-        "LDR	r12, [%[a], #120]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #120]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r9, [%[m], #124]\n\t"
-        "LDR	r12, [%[a], #124]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #124]\n\t"
-        "LDR	r12, [%[a], #128]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #128]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_2048_mont_reduce_32_word\n\t"
-#else
-        "BLT.W	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_32_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_32_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_32_mul:\n\t"
-#else
-    "L_sp_2048_mont_reduce_32_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_32_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_32_mul\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_32_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #128]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #128]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_32_word\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#else
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_32_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_32_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r12, [%[m], #68]\n\t"
-        "LDR	r11, [%[a], #68]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r12, [%[m], #72]\n\t"
-        "LDR	r11, [%[a], #72]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r12, [%[m], #76]\n\t"
-        "LDR	r11, [%[a], #76]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r12, [%[m], #80]\n\t"
-        "LDR	r11, [%[a], #80]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r12, [%[m], #84]\n\t"
-        "LDR	r11, [%[a], #84]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r12, [%[m], #88]\n\t"
-        "LDR	r11, [%[a], #88]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r12, [%[m], #92]\n\t"
-        "LDR	r11, [%[a], #92]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r12, [%[m], #96]\n\t"
-        "LDR	r11, [%[a], #96]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r12, [%[m], #100]\n\t"
-        "LDR	r11, [%[a], #100]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r12, [%[m], #104]\n\t"
-        "LDR	r11, [%[a], #104]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r12, [%[m], #108]\n\t"
-        "LDR	r11, [%[a], #108]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r12, [%[m], #112]\n\t"
-        "LDR	r11, [%[a], #112]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r12, [%[m], #116]\n\t"
-        "LDR	r11, [%[a], #116]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r12, [%[m], #120]\n\t"
-        "LDR	r11, [%[a], #120]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r12, [%[m], #124]\n\t"
-        "LDR	r11, [%[a], #124]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #128]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #124]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #128]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_2048_mont_reduce_32_word\n\t"
-#else
-        "BLT.W	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_32_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_32_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_32_mul:\n\t"
-#else
-    "L_sp_2048_mont_reduce_32_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_32_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_32_mul\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_32_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #128]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #128]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_32_word\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_32_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_32(r, a, b);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_32(r, a);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mul_d_32_word:\n\t"
-#else
-    "L_sp_2048_mul_d_32_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mul_d_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mul_d_32_word\n\t"
-#else
-        "BLT.N	L_sp_2048_mul_d_32_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #128]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[17] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[18] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[19] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[20] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[21] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[22] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[23] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[24] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[25] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[26] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[27] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[28] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[29] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[30] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[31] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "STR	r5, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_32(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_32(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_2048_word_32_bit:\n\t"
-#else
-    "L_div_2048_word_32_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_2048_word_32_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_2048_word_32_bit\n\t"
-#else
-        "BPL.N	L_div_2048_word_32_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_32(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x7c\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_cmp_32_words:\n\t"
-#else
-    "L_sp_2048_cmp_32_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_2048_cmp_32_words\n\t"
-#else
-        "bcs	L_sp_2048_cmp_32_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #124]\n\t"
-        "LDR	r5, [%[b], #124]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "LDR	r5, [%[b], #120]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "LDR	r5, [%[b], #116]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "LDR	r5, [%[b], #112]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "LDR	r5, [%[b], #108]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "LDR	r5, [%[b], #104]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "LDR	r5, [%[b], #100]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "LDR	r5, [%[b], #96]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "LDR	r5, [%[b], #92]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "LDR	r5, [%[b], #88]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "LDR	r5, [%[b], #84]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "LDR	r5, [%[b], #80]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "LDR	r5, [%[b], #76]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "LDR	r5, [%[b], #72]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "LDR	r5, [%[b], #68]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_2048_cmp_32(&t1[32], d) >= 0;
-    sp_2048_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_2048_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_32(t1, d) >= 0;
-    sp_2048_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_32(a, m, NULL, r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 64);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 64);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 64;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_32(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_32(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_mont_mul_32(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32U);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 64);
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_64(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_cond_sub_64_words:\n\t"
-#else
-    "L_sp_2048_cond_sub_64_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_cond_sub_64_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_cond_sub_64_words\n\t"
-#else
-        "BLT.N	L_sp_2048_cond_sub_64_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_NO_UMAAL
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_64_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_64_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r9, [%[m], #68]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r9, [%[m], #72]\n\t"
-        "LDR	r12, [%[a], #72]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #72]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r9, [%[m], #76]\n\t"
-        "LDR	r12, [%[a], #76]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #76]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r9, [%[m], #80]\n\t"
-        "LDR	r12, [%[a], #80]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #80]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r9, [%[m], #84]\n\t"
-        "LDR	r12, [%[a], #84]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #84]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r9, [%[m], #88]\n\t"
-        "LDR	r12, [%[a], #88]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #88]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r9, [%[m], #92]\n\t"
-        "LDR	r12, [%[a], #92]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #92]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r9, [%[m], #96]\n\t"
-        "LDR	r12, [%[a], #96]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #96]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r9, [%[m], #100]\n\t"
-        "LDR	r12, [%[a], #100]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #100]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r9, [%[m], #104]\n\t"
-        "LDR	r12, [%[a], #104]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #104]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r9, [%[m], #108]\n\t"
-        "LDR	r12, [%[a], #108]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #108]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r9, [%[m], #112]\n\t"
-        "LDR	r12, [%[a], #112]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #112]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r9, [%[m], #116]\n\t"
-        "LDR	r12, [%[a], #116]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #116]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r9, [%[m], #120]\n\t"
-        "LDR	r12, [%[a], #120]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #120]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r9, [%[m], #124]\n\t"
-        "LDR	r12, [%[a], #124]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #124]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r9, [%[m], #128]\n\t"
-        "LDR	r12, [%[a], #128]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #128]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r9, [%[m], #132]\n\t"
-        "LDR	r12, [%[a], #132]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #132]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r9, [%[m], #136]\n\t"
-        "LDR	r12, [%[a], #136]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #136]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r9, [%[m], #140]\n\t"
-        "LDR	r12, [%[a], #140]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #140]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r9, [%[m], #144]\n\t"
-        "LDR	r12, [%[a], #144]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #144]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r9, [%[m], #148]\n\t"
-        "LDR	r12, [%[a], #148]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #148]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r9, [%[m], #152]\n\t"
-        "LDR	r12, [%[a], #152]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #152]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r9, [%[m], #156]\n\t"
-        "LDR	r12, [%[a], #156]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #156]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r9, [%[m], #160]\n\t"
-        "LDR	r12, [%[a], #160]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #160]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r9, [%[m], #164]\n\t"
-        "LDR	r12, [%[a], #164]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #164]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r9, [%[m], #168]\n\t"
-        "LDR	r12, [%[a], #168]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #168]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r9, [%[m], #172]\n\t"
-        "LDR	r12, [%[a], #172]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #172]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r9, [%[m], #176]\n\t"
-        "LDR	r12, [%[a], #176]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #176]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r9, [%[m], #180]\n\t"
-        "LDR	r12, [%[a], #180]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #180]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r9, [%[m], #184]\n\t"
-        "LDR	r12, [%[a], #184]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #184]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r9, [%[m], #188]\n\t"
-        "LDR	r12, [%[a], #188]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #188]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "LDR	r9, [%[m], #192]\n\t"
-        "LDR	r12, [%[a], #192]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #192]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "LDR	r9, [%[m], #196]\n\t"
-        "LDR	r12, [%[a], #196]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #196]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "LDR	r9, [%[m], #200]\n\t"
-        "LDR	r12, [%[a], #200]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #200]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "LDR	r9, [%[m], #204]\n\t"
-        "LDR	r12, [%[a], #204]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #204]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "LDR	r9, [%[m], #208]\n\t"
-        "LDR	r12, [%[a], #208]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #208]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "LDR	r9, [%[m], #212]\n\t"
-        "LDR	r12, [%[a], #212]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #212]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "LDR	r9, [%[m], #216]\n\t"
-        "LDR	r12, [%[a], #216]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #216]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "LDR	r9, [%[m], #220]\n\t"
-        "LDR	r12, [%[a], #220]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #220]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "LDR	r9, [%[m], #224]\n\t"
-        "LDR	r12, [%[a], #224]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #224]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "LDR	r9, [%[m], #228]\n\t"
-        "LDR	r12, [%[a], #228]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #228]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "LDR	r9, [%[m], #232]\n\t"
-        "LDR	r12, [%[a], #232]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #232]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "LDR	r9, [%[m], #236]\n\t"
-        "LDR	r12, [%[a], #236]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #236]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "LDR	r9, [%[m], #240]\n\t"
-        "LDR	r12, [%[a], #240]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #240]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "LDR	r9, [%[m], #244]\n\t"
-        "LDR	r12, [%[a], #244]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #244]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "LDR	r9, [%[m], #248]\n\t"
-        "LDR	r12, [%[a], #248]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #248]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "LDR	r9, [%[m], #252]\n\t"
-        "LDR	r12, [%[a], #252]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #252]\n\t"
-        "LDR	r12, [%[a], #256]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #256]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_2048_mont_reduce_64_word\n\t"
-#else
-        "BLT.W	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_64_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_64_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_64_mul:\n\t"
-#else
-    "L_sp_2048_mont_reduce_64_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_64_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_64_mul\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_64_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #256]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #256]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_64_word\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#else
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_64_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_64_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r12, [%[m], #68]\n\t"
-        "LDR	r11, [%[a], #68]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r12, [%[m], #72]\n\t"
-        "LDR	r11, [%[a], #72]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r12, [%[m], #76]\n\t"
-        "LDR	r11, [%[a], #76]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r12, [%[m], #80]\n\t"
-        "LDR	r11, [%[a], #80]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r12, [%[m], #84]\n\t"
-        "LDR	r11, [%[a], #84]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r12, [%[m], #88]\n\t"
-        "LDR	r11, [%[a], #88]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r12, [%[m], #92]\n\t"
-        "LDR	r11, [%[a], #92]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r12, [%[m], #96]\n\t"
-        "LDR	r11, [%[a], #96]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r12, [%[m], #100]\n\t"
-        "LDR	r11, [%[a], #100]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r12, [%[m], #104]\n\t"
-        "LDR	r11, [%[a], #104]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r12, [%[m], #108]\n\t"
-        "LDR	r11, [%[a], #108]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r12, [%[m], #112]\n\t"
-        "LDR	r11, [%[a], #112]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r12, [%[m], #116]\n\t"
-        "LDR	r11, [%[a], #116]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r12, [%[m], #120]\n\t"
-        "LDR	r11, [%[a], #120]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r12, [%[m], #124]\n\t"
-        "LDR	r11, [%[a], #124]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r12, [%[m], #128]\n\t"
-        "LDR	r11, [%[a], #128]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r12, [%[m], #132]\n\t"
-        "LDR	r11, [%[a], #132]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r12, [%[m], #136]\n\t"
-        "LDR	r11, [%[a], #136]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r12, [%[m], #140]\n\t"
-        "LDR	r11, [%[a], #140]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r12, [%[m], #144]\n\t"
-        "LDR	r11, [%[a], #144]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r12, [%[m], #148]\n\t"
-        "LDR	r11, [%[a], #148]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r12, [%[m], #152]\n\t"
-        "LDR	r11, [%[a], #152]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r12, [%[m], #156]\n\t"
-        "LDR	r11, [%[a], #156]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r12, [%[m], #160]\n\t"
-        "LDR	r11, [%[a], #160]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r12, [%[m], #164]\n\t"
-        "LDR	r11, [%[a], #164]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r12, [%[m], #168]\n\t"
-        "LDR	r11, [%[a], #168]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r12, [%[m], #172]\n\t"
-        "LDR	r11, [%[a], #172]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r12, [%[m], #176]\n\t"
-        "LDR	r11, [%[a], #176]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r12, [%[m], #180]\n\t"
-        "LDR	r11, [%[a], #180]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r12, [%[m], #184]\n\t"
-        "LDR	r11, [%[a], #184]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r12, [%[m], #188]\n\t"
-        "LDR	r11, [%[a], #188]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #188]\n\t"
-        /* a[i+48] += m[48] * mu */
-        "LDR	r12, [%[m], #192]\n\t"
-        "LDR	r11, [%[a], #192]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #192]\n\t"
-        /* a[i+49] += m[49] * mu */
-        "LDR	r12, [%[m], #196]\n\t"
-        "LDR	r11, [%[a], #196]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #196]\n\t"
-        /* a[i+50] += m[50] * mu */
-        "LDR	r12, [%[m], #200]\n\t"
-        "LDR	r11, [%[a], #200]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #200]\n\t"
-        /* a[i+51] += m[51] * mu */
-        "LDR	r12, [%[m], #204]\n\t"
-        "LDR	r11, [%[a], #204]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #204]\n\t"
-        /* a[i+52] += m[52] * mu */
-        "LDR	r12, [%[m], #208]\n\t"
-        "LDR	r11, [%[a], #208]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #208]\n\t"
-        /* a[i+53] += m[53] * mu */
-        "LDR	r12, [%[m], #212]\n\t"
-        "LDR	r11, [%[a], #212]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #212]\n\t"
-        /* a[i+54] += m[54] * mu */
-        "LDR	r12, [%[m], #216]\n\t"
-        "LDR	r11, [%[a], #216]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #216]\n\t"
-        /* a[i+55] += m[55] * mu */
-        "LDR	r12, [%[m], #220]\n\t"
-        "LDR	r11, [%[a], #220]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #220]\n\t"
-        /* a[i+56] += m[56] * mu */
-        "LDR	r12, [%[m], #224]\n\t"
-        "LDR	r11, [%[a], #224]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #224]\n\t"
-        /* a[i+57] += m[57] * mu */
-        "LDR	r12, [%[m], #228]\n\t"
-        "LDR	r11, [%[a], #228]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #228]\n\t"
-        /* a[i+58] += m[58] * mu */
-        "LDR	r12, [%[m], #232]\n\t"
-        "LDR	r11, [%[a], #232]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #232]\n\t"
-        /* a[i+59] += m[59] * mu */
-        "LDR	r12, [%[m], #236]\n\t"
-        "LDR	r11, [%[a], #236]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #236]\n\t"
-        /* a[i+60] += m[60] * mu */
-        "LDR	r12, [%[m], #240]\n\t"
-        "LDR	r11, [%[a], #240]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #240]\n\t"
-        /* a[i+61] += m[61] * mu */
-        "LDR	r12, [%[m], #244]\n\t"
-        "LDR	r11, [%[a], #244]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #244]\n\t"
-        /* a[i+62] += m[62] * mu */
-        "LDR	r12, [%[m], #248]\n\t"
-        "LDR	r11, [%[a], #248]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #248]\n\t"
-        /* a[i+63] += m[63] * mu */
-        "LDR	r12, [%[m], #252]\n\t"
-        "LDR	r11, [%[a], #252]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #256]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #252]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #256]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_2048_mont_reduce_64_word\n\t"
-#else
-        "BLT.W	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 2048 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_2048_mont_reduce_64(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_64_word:\n\t"
-#else
-    "L_sp_2048_mont_reduce_64_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_mont_reduce_64_mul:\n\t"
-#else
-    "L_sp_2048_mont_reduce_64_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_64_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_64_mul\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_64_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #256]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #256]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_mont_reduce_64_word\n\t"
-#else
-        "BLT.N	L_sp_2048_mont_reduce_64_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_64(r, a, b);
-    sp_2048_mont_reduce_64(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_64(r, a);
-    sp_2048_mont_reduce_64(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r11, #0x0\n\t"
-        "ADD	r12, %[a], #0x100\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_sub_64_word:\n\t"
-#else
-    "L_sp_2048_sub_64_word_%=:\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	r11, r3, r3\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_2048_sub_64_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_2048_sub_64_word\n\t"
-#else
-        "BNE.N	L_sp_2048_sub_64_word_%=\n\t"
-#endif
-        "MOV	%[r], r11\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_sub_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_64(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_64(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_2048_word_64_bit:\n\t"
-#else
-    "L_div_2048_word_64_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_2048_word_64_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_2048_word_64_bit\n\t"
-#else
-        "BPL.N	L_div_2048_word_64_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    for (i = 63; i > 0; i--) {
-        if (t1[i + 64] != d[i])
-            break;
-    }
-    if (t1[i + 64] >= d[i]) {
-        sp_2048_sub_in_place_64(&t1[64], d);
-    }
-    for (i = 63; i >= 0; i--) {
-        if (t1[64 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_2048_word_64(t1[64 + i], t1[64 + i - 1], div);
-        }
-
-        sp_2048_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_2048_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        if (t1[64 + i] != 0) {
-            t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], d);
-            if (t1[64 + i] != 0)
-                t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 63; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_2048_sub_64(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 64);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_64_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<64; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 64; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_2048_cmp_64(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0xfc\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_cmp_64_words:\n\t"
-#else
-    "L_sp_2048_cmp_64_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_2048_cmp_64_words\n\t"
-#else
-        "bcs	L_sp_2048_cmp_64_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #252]\n\t"
-        "LDR	r5, [%[b], #252]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #248]\n\t"
-        "LDR	r5, [%[b], #248]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #244]\n\t"
-        "LDR	r5, [%[b], #244]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #240]\n\t"
-        "LDR	r5, [%[b], #240]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #236]\n\t"
-        "LDR	r5, [%[b], #236]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #232]\n\t"
-        "LDR	r5, [%[b], #232]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #228]\n\t"
-        "LDR	r5, [%[b], #228]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #224]\n\t"
-        "LDR	r5, [%[b], #224]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #220]\n\t"
-        "LDR	r5, [%[b], #220]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #216]\n\t"
-        "LDR	r5, [%[b], #216]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #212]\n\t"
-        "LDR	r5, [%[b], #212]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #208]\n\t"
-        "LDR	r5, [%[b], #208]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #204]\n\t"
-        "LDR	r5, [%[b], #204]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #200]\n\t"
-        "LDR	r5, [%[b], #200]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #196]\n\t"
-        "LDR	r5, [%[b], #196]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #192]\n\t"
-        "LDR	r5, [%[b], #192]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #188]\n\t"
-        "LDR	r5, [%[b], #188]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #184]\n\t"
-        "LDR	r5, [%[b], #184]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #180]\n\t"
-        "LDR	r5, [%[b], #180]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #176]\n\t"
-        "LDR	r5, [%[b], #176]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #172]\n\t"
-        "LDR	r5, [%[b], #172]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #168]\n\t"
-        "LDR	r5, [%[b], #168]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #164]\n\t"
-        "LDR	r5, [%[b], #164]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #160]\n\t"
-        "LDR	r5, [%[b], #160]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #156]\n\t"
-        "LDR	r5, [%[b], #156]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #152]\n\t"
-        "LDR	r5, [%[b], #152]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #148]\n\t"
-        "LDR	r5, [%[b], #148]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #144]\n\t"
-        "LDR	r5, [%[b], #144]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #140]\n\t"
-        "LDR	r5, [%[b], #140]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #136]\n\t"
-        "LDR	r5, [%[b], #136]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #132]\n\t"
-        "LDR	r5, [%[b], #132]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #128]\n\t"
-        "LDR	r5, [%[b], #128]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #124]\n\t"
-        "LDR	r5, [%[b], #124]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "LDR	r5, [%[b], #120]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "LDR	r5, [%[b], #116]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "LDR	r5, [%[b], #112]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "LDR	r5, [%[b], #108]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "LDR	r5, [%[b], #104]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "LDR	r5, [%[b], #100]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "LDR	r5, [%[b], #96]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "LDR	r5, [%[b], #92]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "LDR	r5, [%[b], #88]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "LDR	r5, [%[b], #84]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "LDR	r5, [%[b], #80]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "LDR	r5, [%[b], #76]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "LDR	r5, [%[b], #72]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "LDR	r5, [%[b], #68]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[128], t2[65];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    r1 = sp_2048_cmp_64(&t1[64], d) >= 0;
-    sp_2048_cond_sub_64(&t1[64], &t1[64], d, (sp_digit)0 - r1);
-    for (i = 63; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[64 + i] == div);
-        sp_digit hi = t1[64 + i] + mask;
-        r1 = div_2048_word_64(hi, t1[64 + i - 1], div);
-        r1 |= mask;
-
-        sp_2048_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_2048_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        sp_2048_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], t2);
-        sp_2048_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_2048_add_64(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_64(t1, d) >= 0;
-    sp_2048_cond_sub_64(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_2048_div_64(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 128);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 128);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 128;
-        }
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64U);
-        if (reduceA != 0) {
-            err = sp_2048_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY) {
-                err = sp_2048_mod_64(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_64(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_64(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_64(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_64(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_64(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_64(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_64(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_64(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_mont_mul_64(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 64 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 256 ||
-                                                     mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 64;
-        r = a + 64 * 2;
-        m = r + 64 * 2;
-
-        sp_2048_from_bin(ah, 64, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 64, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_2048_mont_sqr_64(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_2048_mont_mul_64(r, r, ah, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_64(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_2048_sqr_64(r, ah);
-                err = sp_2048_mod_64_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_2048_mul_64(r, ah, r);
-                err = sp_2048_mod_64_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_2048_mod_64_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 64);
-                for (i--; i >= 0; i--) {
-                    sp_2048_mont_sqr_64(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_2048_mont_mul_64(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-                sp_2048_mont_reduce_64(r, m, mp);
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_2048_sub_in_place_64(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_2048_cond_add_32_words:\n\t"
-#else
-    "L_sp_2048_cond_add_32_words_%=:\n\t"
-#endif
-        "ADDS	r5, r5, #0xffffffff\n\t"
-        "LDR	r6, [%[a], r4]\n\t"
-        "LDR	r7, [%[b], r4]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "ADCS	r6, r6, r7\n\t"
-        "ADC	r5, r8, r8\n\t"
-        "STR	r6, [%[r], r4]\n\t"
-        "ADD	r4, r4, #0x4\n\t"
-        "CMP	r4, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_2048_cond_add_32_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_2048_cond_add_32_words\n\t"
-#else
-        "BLT.N	L_sp_2048_cond_add_32_words_%=\n\t"
-#endif
-        "MOV	%[r], r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_2048_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADDS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "ADC	%[r], r10, r10\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 64 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 256) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 64 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 64;
-        m = a + 128;
-        r = a;
-
-        sp_2048_from_bin(a, 64, in, inLen);
-        sp_2048_from_mp(d, 64, dm);
-        sp_2048_from_mp(m, 64, mm);
-        err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 64, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 32 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 256 || mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 64 * 2;
-        q = p + 32;
-        qi = dq = dp = q + 32;
-        tmpa = qi + 32;
-        tmpb = tmpa + 64;
-        r = a;
-
-        sp_2048_from_bin(a, 64, in, inLen);
-        sp_2048_from_mp(p, 32, pm);
-        sp_2048_from_mp(q, 32, qm);
-        sp_2048_from_mp(dp, 32, dpm);
-
-        err = sp_2048_mod_exp_32(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(dq, 32, dqm);
-        err = sp_2048_mod_exp_32(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_32(tmpa, tmpb);
-        c += sp_2048_cond_add_32(tmpa, tmpa, p, c);
-        sp_2048_cond_add_32(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 32, qim);
-        sp_2048_mul_32(tmpa, tmpa, qi);
-        err = sp_2048_mod_32(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_32(tmpa, q, tmpa);
-        XMEMSET(&tmpb[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_add_64(r, tmpb, tmpa);
-
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 64);
-        r->used = 64;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 64, base);
-        sp_2048_from_mp(e, 64, exp);
-        sp_2048_from_mp(m, 64, mod);
-
-        err = sp_2048_mod_exp_64(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_2048
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_2048_lshift_64(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register byte n __asm__ ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "RSB	r7, %[n], #0x1f\n\t"
-        "LDR	r5, [%[a], #252]\n\t"
-        "LSR	r6, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r6, r6, r7\n\t"
-        "LDR	r4, [%[a], #248]\n\t"
-        "STR	r6, [%[r], #256]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #244]\n\t"
-        "STR	r5, [%[r], #252]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #240]\n\t"
-        "STR	r4, [%[r], #248]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #236]\n\t"
-        "STR	r6, [%[r], #244]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #232]\n\t"
-        "STR	r5, [%[r], #240]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #228]\n\t"
-        "STR	r4, [%[r], #236]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #224]\n\t"
-        "STR	r6, [%[r], #232]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #220]\n\t"
-        "STR	r5, [%[r], #228]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #216]\n\t"
-        "STR	r4, [%[r], #224]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #212]\n\t"
-        "STR	r6, [%[r], #220]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #208]\n\t"
-        "STR	r5, [%[r], #216]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #204]\n\t"
-        "STR	r4, [%[r], #212]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #200]\n\t"
-        "STR	r6, [%[r], #208]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #196]\n\t"
-        "STR	r5, [%[r], #204]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #192]\n\t"
-        "STR	r4, [%[r], #200]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #188]\n\t"
-        "STR	r6, [%[r], #196]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #184]\n\t"
-        "STR	r5, [%[r], #192]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #180]\n\t"
-        "STR	r4, [%[r], #188]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #176]\n\t"
-        "STR	r6, [%[r], #184]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #172]\n\t"
-        "STR	r5, [%[r], #180]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #168]\n\t"
-        "STR	r4, [%[r], #176]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #164]\n\t"
-        "STR	r6, [%[r], #172]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #160]\n\t"
-        "STR	r5, [%[r], #168]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #156]\n\t"
-        "STR	r4, [%[r], #164]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #152]\n\t"
-        "STR	r6, [%[r], #160]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #148]\n\t"
-        "STR	r5, [%[r], #156]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #144]\n\t"
-        "STR	r4, [%[r], #152]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #140]\n\t"
-        "STR	r6, [%[r], #148]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #136]\n\t"
-        "STR	r5, [%[r], #144]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #132]\n\t"
-        "STR	r4, [%[r], #140]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #128]\n\t"
-        "STR	r6, [%[r], #136]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #124]\n\t"
-        "STR	r5, [%[r], #132]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #120]\n\t"
-        "STR	r4, [%[r], #128]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "STR	r6, [%[r], #124]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #112]\n\t"
-        "STR	r5, [%[r], #120]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #108]\n\t"
-        "STR	r4, [%[r], #116]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "STR	r6, [%[r], #112]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #100]\n\t"
-        "STR	r5, [%[r], #108]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #96]\n\t"
-        "STR	r4, [%[r], #104]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "STR	r6, [%[r], #100]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #88]\n\t"
-        "STR	r5, [%[r], #96]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #84]\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "STR	r6, [%[r], #88]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #76]\n\t"
-        "STR	r5, [%[r], #84]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #72]\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "STR	r6, [%[r], #76]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #64]\n\t"
-        "STR	r5, [%[r], #72]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #60]\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "STR	r6, [%[r], #64]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #52]\n\t"
-        "STR	r5, [%[r], #60]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #48]\n\t"
-        "STR	r4, [%[r], #56]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "STR	r6, [%[r], #52]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #40]\n\t"
-        "STR	r5, [%[r], #48]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #36]\n\t"
-        "STR	r4, [%[r], #44]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "STR	r6, [%[r], #40]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #28]\n\t"
-        "STR	r5, [%[r], #36]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #24]\n\t"
-        "STR	r4, [%[r], #32]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "STR	r6, [%[r], #28]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #16]\n\t"
-        "STR	r5, [%[r], #24]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #12]\n\t"
-        "STR	r4, [%[r], #20]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "STR	r6, [%[r], #16]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #4]\n\t"
-        "STR	r5, [%[r], #12]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a]]\n\t"
-        "STR	r4, [%[r], #8]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "STR	r6, [%[r], #4]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r7"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 193);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 193, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 128;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_64(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_2048_lshift_64(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-            sp_2048_mont_sqr_64(r, r, m, mp);
-
-            sp_2048_lshift_64(r, r, y);
-            sp_2048_mul_d_64(tmp, norm, r[64]);
-            r[64] = 0;
-            o = sp_2048_add_64(r, r, tmp);
-            sp_2048_cond_sub_64(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64U);
-        sp_2048_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_64(r, m) >= 0);
-        sp_2048_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[128];
-    sp_digit e[64];
-    sp_digit m[64];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 64, base);
-        sp_2048_from_bin(e, 64, exp, expLen);
-        sp_2048_from_mp(m, 64, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2 && m[63] == (sp_digit)-1)
-            err = sp_2048_mod_exp_2_64(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_2048_mod_exp_64(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_64(r, out);
-        *outLen = 256;
-        for (i=0; i<256 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[64];
-    sp_digit e[32];
-    sp_digit m[32];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_mp(e, 32, exp);
-        sp_2048_from_mp(m, 32, mod);
-
-        err = sp_2048_mod_exp_32(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 32, 0, sizeof(*r) * 32U);
-        err = sp_2048_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_96(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 95; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_96(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_96(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x30\n\t"
-        /* A[0] * B[0] */
-        "LDR	r11, [%[a]]\n\t"
-        "LDR	r12, [%[b]]\n\t"
-        "UMULL	r3, r4, r11, r12\n\t"
-        "MOV	r5, #0x0\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[0] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[1] */
-        "LDR	r11, [%[a], #4]\n\t"
-        "LDR	r12, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[2] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[2] */
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[1] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[0] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[1] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[2] */
-        "LDR	r11, [%[a], #8]\n\t"
-        "LDR	r12, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[3] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[4] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[4] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[2] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[1] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[0] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[1] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[2] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[3] */
-        "LDR	r11, [%[a], #12]\n\t"
-        "LDR	r12, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[4] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[5] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[0] * B[6] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[6] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[5] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[4] */
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[3] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[2] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[1] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[0] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[1] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[2] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[3] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[4] */
-        "LDR	r11, [%[a], #16]\n\t"
-        "LDR	r12, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[5] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[6] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[7] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[8] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[8] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[7] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[6] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[4] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[3] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[2] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[1] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[0] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[1] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[2] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[3] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[4] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[5] */
-        "LDR	r11, [%[a], #20]\n\t"
-        "LDR	r12, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[6] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[7] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[8] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[9] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[10] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[10] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[9] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[8] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[7] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[6] */
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[5] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[4] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[3] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[2] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[1] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[0] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #44]\n\t"
-        /* A[11] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[2] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[3] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[4] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[5] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[6] */
-        "LDR	r11, [%[a], #24]\n\t"
-        "LDR	r12, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[7] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[8] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[9] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[10] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[11] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #48]\n\t"
-        /* A[2] * B[11] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[10] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[9] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[8] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[6] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[5] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[4] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[3] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[2] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #52]\n\t"
-        /* A[11] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[4] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[5] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[6] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[7] */
-        "LDR	r11, [%[a], #28]\n\t"
-        "LDR	r12, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[8] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[9] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[10] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[11] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #56]\n\t"
-        /* A[4] * B[11] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[10] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[9] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[8] */
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[7] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[6] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[5] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[4] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #60]\n\t"
-        /* A[11] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[6] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[7] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[8] */
-        "LDR	r11, [%[a], #32]\n\t"
-        "LDR	r12, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[9] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[10] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[11] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #64]\n\t"
-        /* A[6] * B[11] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[10] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[8] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[7] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[6] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #68]\n\t"
-        /* A[11] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[8] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[9] */
-        "LDR	r11, [%[a], #36]\n\t"
-        "LDR	r12, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[10] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[11] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #72]\n\t"
-        /* A[8] * B[11] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[10] */
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[9] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[8] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #76]\n\t"
-        /* A[11] * B[9] */
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[10] */
-        "LDR	r11, [%[a], #40]\n\t"
-        "LDR	r12, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[11] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #80]\n\t"
-        /* A[10] * B[11] */
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[10] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #84]\n\t"
-        /* A[11] * B[11] */
-        "UMLAL	r4, r5, r8, r9\n\t"
-        "STR	r4, [%[r], #88]\n\t"
-        "STR	r5, [%[r], #92]\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_24(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<12; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-    r[9] = a[9] & m;
-    r[10] = a[10] & m;
-    r[11] = a[11] & m;
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[24];
-    sp_digit a1[12];
-    sp_digit b1[12];
-    sp_digit* z2 = r + 24;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_12(a1, a, &a[12]);
-    cb = sp_3072_add_12(b1, b, &b[12]);
-    u  = ca & cb;
-
-    sp_3072_mul_12(z2, &a[12], &b[12]);
-    sp_3072_mul_12(z0, a, b);
-    sp_3072_mul_12(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(z1, z2);
-    sp_3072_mask_12(a1, a1, 0 - cb);
-    u += sp_3072_add_12(z1 + 12, z1 + 12, a1);
-    sp_3072_mask_12(b1, b1, 0 - ca);
-    u += sp_3072_add_12(z1 + 12, z1 + 12, b1);
-
-    u += sp_3072_add_24(r + 12, r + 12, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (12 - 1));
-    a1[0] = u;
-    (void)sp_3072_add_12(r + 36, r + 36, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<24; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[48];
-    sp_digit a1[24];
-    sp_digit b1[24];
-    sp_digit* z2 = r + 48;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_24(a1, a, &a[24]);
-    cb = sp_3072_add_24(b1, b, &b[24]);
-    u  = ca & cb;
-
-    sp_3072_mul_24(z2, &a[24], &b[24]);
-    sp_3072_mul_24(z0, a, b);
-    sp_3072_mul_24(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(z1, z2);
-    sp_3072_mask_24(a1, a1, 0 - cb);
-    u += sp_3072_add_24(z1 + 24, z1 + 24, a1);
-    sp_3072_mask_24(b1, b1, 0 - ca);
-    u += sp_3072_add_24(z1 + 24, z1 + 24, b1);
-
-    u += sp_3072_add_48(r + 24, r + 24, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (24 - 1));
-    a1[0] = u;
-    (void)sp_3072_add_24(r + 72, r + 72, a1);
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[96];
-    sp_digit a1[48];
-    sp_digit b1[48];
-    sp_digit* z2 = r + 96;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_3072_add_48(a1, a, &a[48]);
-    cb = sp_3072_add_48(b1, b, &b[48]);
-    u  = ca & cb;
-
-    sp_3072_mul_48(z2, &a[48], &b[48]);
-    sp_3072_mul_48(z0, a, b);
-    sp_3072_mul_48(z1, a1, b1);
-
-    u += sp_3072_sub_in_place_96(z1, z0);
-    u += sp_3072_sub_in_place_96(z1, z2);
-    sp_3072_mask_48(a1, a1, 0 - cb);
-    u += sp_3072_add_48(z1 + 48, z1 + 48, a1);
-    sp_3072_mask_48(b1, b1, 0 - ca);
-    u += sp_3072_add_48(z1 + 48, z1 + 48, b1);
-
-    u += sp_3072_add_96(r + 48, r + 48, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (48 - 1));
-    a1[0] = u;
-    (void)sp_3072_add_48(r + 144, r + 144, a1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x30\n\t"
-        /* A[0] * A[0] */
-        "LDR	r10, [%[a]]\n\t"
-        "UMULL	r8, r3, r10, r10\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[1] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[2] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #44]\n\t"
-        /* A[1] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[2] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #48]\n\t"
-        /* A[2] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[3] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #52]\n\t"
-        /* A[3] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[4] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #56]\n\t"
-        /* A[4] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[5] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #60]\n\t"
-        /* A[5] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[6] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #64]\n\t"
-        /* A[6] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[7] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        /* A[7] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [%[r], #72]\n\t"
-        /* A[8] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[9] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [%[r], #76]\n\t"
-        /* A[9] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        /* A[10] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [%[r], #84]\n\t"
-        /* A[11] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "UMLAL	r3, r4, r10, r10\n\t"
-        "STR	r3, [%[r], #88]\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 24;
-    sp_digit z1[24];
-    sp_digit* a1 = z1;
-    sp_digit zero[12];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 12);
-
-    mask = sp_3072_sub_12(a1, a, &a[12]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_12(a1, p1, p2);
-
-    sp_3072_sqr_12(z2, &a[12]);
-    sp_3072_sqr_12(z0, a);
-    sp_3072_sqr_12(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_24(z1, z2);
-    u -= sp_3072_sub_in_place_24(z1, z0);
-    u += sp_3072_sub_in_place_24(r + 12, z1);
-    zero[0] = u;
-    (void)sp_3072_add_12(r + 36, r + 36, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_24(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 48;
-    sp_digit z1[48];
-    sp_digit* a1 = z1;
-    sp_digit zero[24];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 24);
-
-    mask = sp_3072_sub_24(a1, a, &a[24]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_24(a1, p1, p2);
-
-    sp_3072_sqr_24(z2, &a[24]);
-    sp_3072_sqr_24(z0, a);
-    sp_3072_sqr_24(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_48(z1, z2);
-    u -= sp_3072_sub_in_place_48(z1, z0);
-    u += sp_3072_sub_in_place_48(r + 24, z1);
-    zero[0] = u;
-    (void)sp_3072_add_24(r + 72, r + 72, zero);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 96;
-    sp_digit z1[96];
-    sp_digit* a1 = z1;
-    sp_digit zero[48];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 48);
-
-    mask = sp_3072_sub_48(a1, a, &a[48]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_3072_sub_48(a1, p1, p2);
-
-    sp_3072_sqr_48(z2, &a[48]);
-    sp_3072_sqr_48(z0, a);
-    sp_3072_sqr_48(z1, a1);
-
-    u = 0;
-    u -= sp_3072_sub_in_place_96(z1, z2);
-    u -= sp_3072_sub_in_place_96(z1, z0);
-    u += sp_3072_sub_in_place_96(r + 48, z1);
-    zero[0] = u;
-    (void)sp_3072_add_48(r + 144, r + 144, zero);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x180\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_add_96_word:\n\t"
-#else
-    "L_sp_3072_add_96_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_3072_add_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_3072_add_96_word\n\t"
-#else
-        "BNE.N	L_sp_3072_add_96_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x180\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sub_in_pkace_96_word:\n\t"
-#else
-    "L_sp_3072_sub_in_pkace_96_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_3072_sub_in_pkace_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_3072_sub_in_pkace_96_word\n\t"
-#else
-        "BNE.N	L_sp_3072_sub_in_pkace_96_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x300\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_96_outer:\n\t"
-#else
-    "L_sp_3072_mul_96_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x17c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_96_inner:\n\t"
-#else
-    "L_sp_3072_mul_96_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_mul_96_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_mul_96_inner_done\n\t"
-#else
-        "BGT.N	L_sp_3072_mul_96_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mul_96_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mul_96_inner\n\t"
-#else
-        "BLT.N	L_sp_3072_mul_96_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_96_inner_done:\n\t"
-#else
-    "L_sp_3072_mul_96_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x2f4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_3072_mul_96_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_3072_mul_96_outer\n\t"
-#else
-        "BLE.N	L_sp_3072_mul_96_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #380]\n\t"
-        "LDR	r11, [%[b], #380]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_96_store:\n\t"
-#else
-    "L_sp_3072_mul_96_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_mul_96_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_mul_96_store\n\t"
-#else
-        "BGT.N	L_sp_3072_mul_96_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x300\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_96_outer:\n\t"
-#else
-    "L_sp_3072_sqr_96_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x17c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_96_inner:\n\t"
-#else
-    "L_sp_3072_sqr_96_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_sqr_96_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_sqr_96_inner_done\n\t"
-#else
-        "BGT.N	L_sp_3072_sqr_96_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_sqr_96_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_sqr_96_inner\n\t"
-#else
-        "BLT.N	L_sp_3072_sqr_96_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_96_inner_done:\n\t"
-#else
-    "L_sp_3072_sqr_96_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x2f4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_3072_sqr_96_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_3072_sqr_96_outer\n\t"
-#else
-        "BLE.N	L_sp_3072_sqr_96_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #380]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_96_store:\n\t"
-#else
-    "L_sp_3072_sqr_96_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_sqr_96_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_sqr_96_store\n\t"
-#else
-        "BGT.N	L_sp_3072_sqr_96_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0xc0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_add_48_word:\n\t"
-#else
-    "L_sp_3072_add_48_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_3072_add_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_3072_add_48_word\n\t"
-#else
-        "BNE.N	L_sp_3072_add_48_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0xc0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sub_in_pkace_48_word:\n\t"
-#else
-    "L_sp_3072_sub_in_pkace_48_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_3072_sub_in_pkace_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_3072_sub_in_pkace_48_word\n\t"
-#else
-        "BNE.N	L_sp_3072_sub_in_pkace_48_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x180\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_48_outer:\n\t"
-#else
-    "L_sp_3072_mul_48_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0xbc\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_48_inner:\n\t"
-#else
-    "L_sp_3072_mul_48_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_mul_48_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_mul_48_inner_done\n\t"
-#else
-        "BGT.N	L_sp_3072_mul_48_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mul_48_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mul_48_inner\n\t"
-#else
-        "BLT.N	L_sp_3072_mul_48_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_48_inner_done:\n\t"
-#else
-    "L_sp_3072_mul_48_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x174\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_3072_mul_48_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_3072_mul_48_outer\n\t"
-#else
-        "BLE.N	L_sp_3072_mul_48_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #188]\n\t"
-        "LDR	r11, [%[b], #188]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_48_store:\n\t"
-#else
-    "L_sp_3072_mul_48_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_mul_48_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_mul_48_store\n\t"
-#else
-        "BGT.N	L_sp_3072_mul_48_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x180\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_48_outer:\n\t"
-#else
-    "L_sp_3072_sqr_48_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0xbc\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_48_inner:\n\t"
-#else
-    "L_sp_3072_sqr_48_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_sqr_48_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_sqr_48_inner_done\n\t"
-#else
-        "BGT.N	L_sp_3072_sqr_48_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_sqr_48_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_sqr_48_inner\n\t"
-#else
-        "BLT.N	L_sp_3072_sqr_48_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_48_inner_done:\n\t"
-#else
-    "L_sp_3072_sqr_48_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x174\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_3072_sqr_48_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_3072_sqr_48_outer\n\t"
-#else
-        "BLE.N	L_sp_3072_sqr_48_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #188]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sqr_48_store:\n\t"
-#else
-    "L_sp_3072_sqr_48_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_3072_sqr_48_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_3072_sqr_48_store\n\t"
-#else
-        "BGT.N	L_sp_3072_sqr_48_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_d_96_word:\n\t"
-#else
-    "L_sp_3072_mul_d_96_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mul_d_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mul_d_96_word\n\t"
-#else
-        "BLT.N	L_sp_3072_mul_d_96_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #384]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_96(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[17] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[18] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[19] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[20] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[21] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[22] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[23] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[24] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[25] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[26] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[27] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[28] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[29] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[30] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[31] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[32] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[33] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[34] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[35] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[36] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[37] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[38] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[39] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[40] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[41] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[42] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[43] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[44] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[45] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[46] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[47] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[48] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[49] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[50] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[51] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[52] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[53] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[54] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[55] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[56] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[57] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[58] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[59] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[60] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[61] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[62] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[63] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[64] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[65] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[66] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[67] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[68] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[69] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[70] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[71] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[72] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[73] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[74] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[75] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[76] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[77] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[78] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[79] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[80] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[81] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[82] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[83] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[84] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[85] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[86] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[87] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[88] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[89] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[90] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[91] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[92] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[93] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[94] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[95] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "STR	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 48);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_48(r, m);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_cond_sub_48_words:\n\t"
-#else
-    "L_sp_3072_cond_sub_48_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_cond_sub_48_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_cond_sub_48_words\n\t"
-#else
-        "BLT.N	L_sp_3072_cond_sub_48_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_NO_UMAAL
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_48_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_48_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r9, [%[m], #68]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r9, [%[m], #72]\n\t"
-        "LDR	r12, [%[a], #72]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #72]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r9, [%[m], #76]\n\t"
-        "LDR	r12, [%[a], #76]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #76]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r9, [%[m], #80]\n\t"
-        "LDR	r12, [%[a], #80]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #80]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r9, [%[m], #84]\n\t"
-        "LDR	r12, [%[a], #84]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #84]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r9, [%[m], #88]\n\t"
-        "LDR	r12, [%[a], #88]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #88]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r9, [%[m], #92]\n\t"
-        "LDR	r12, [%[a], #92]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #92]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r9, [%[m], #96]\n\t"
-        "LDR	r12, [%[a], #96]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #96]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r9, [%[m], #100]\n\t"
-        "LDR	r12, [%[a], #100]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #100]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r9, [%[m], #104]\n\t"
-        "LDR	r12, [%[a], #104]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #104]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r9, [%[m], #108]\n\t"
-        "LDR	r12, [%[a], #108]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #108]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r9, [%[m], #112]\n\t"
-        "LDR	r12, [%[a], #112]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #112]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r9, [%[m], #116]\n\t"
-        "LDR	r12, [%[a], #116]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #116]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r9, [%[m], #120]\n\t"
-        "LDR	r12, [%[a], #120]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #120]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r9, [%[m], #124]\n\t"
-        "LDR	r12, [%[a], #124]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #124]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r9, [%[m], #128]\n\t"
-        "LDR	r12, [%[a], #128]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #128]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r9, [%[m], #132]\n\t"
-        "LDR	r12, [%[a], #132]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #132]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r9, [%[m], #136]\n\t"
-        "LDR	r12, [%[a], #136]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #136]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r9, [%[m], #140]\n\t"
-        "LDR	r12, [%[a], #140]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #140]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r9, [%[m], #144]\n\t"
-        "LDR	r12, [%[a], #144]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #144]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r9, [%[m], #148]\n\t"
-        "LDR	r12, [%[a], #148]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #148]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r9, [%[m], #152]\n\t"
-        "LDR	r12, [%[a], #152]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #152]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r9, [%[m], #156]\n\t"
-        "LDR	r12, [%[a], #156]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #156]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r9, [%[m], #160]\n\t"
-        "LDR	r12, [%[a], #160]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #160]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r9, [%[m], #164]\n\t"
-        "LDR	r12, [%[a], #164]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #164]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r9, [%[m], #168]\n\t"
-        "LDR	r12, [%[a], #168]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #168]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r9, [%[m], #172]\n\t"
-        "LDR	r12, [%[a], #172]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #172]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r9, [%[m], #176]\n\t"
-        "LDR	r12, [%[a], #176]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #176]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r9, [%[m], #180]\n\t"
-        "LDR	r12, [%[a], #180]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #180]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r9, [%[m], #184]\n\t"
-        "LDR	r12, [%[a], #184]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #184]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r9, [%[m], #188]\n\t"
-        "LDR	r12, [%[a], #188]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #188]\n\t"
-        "LDR	r12, [%[a], #192]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #192]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_3072_mont_reduce_48_word\n\t"
-#else
-        "BLT.W	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_48_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_48_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_48_mul:\n\t"
-#else
-    "L_sp_3072_mont_reduce_48_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_48_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_48_mul\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_48_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #192]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #192]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_48_word\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#else
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_48_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_48_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r12, [%[m], #68]\n\t"
-        "LDR	r11, [%[a], #68]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r12, [%[m], #72]\n\t"
-        "LDR	r11, [%[a], #72]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r12, [%[m], #76]\n\t"
-        "LDR	r11, [%[a], #76]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r12, [%[m], #80]\n\t"
-        "LDR	r11, [%[a], #80]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r12, [%[m], #84]\n\t"
-        "LDR	r11, [%[a], #84]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r12, [%[m], #88]\n\t"
-        "LDR	r11, [%[a], #88]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r12, [%[m], #92]\n\t"
-        "LDR	r11, [%[a], #92]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r12, [%[m], #96]\n\t"
-        "LDR	r11, [%[a], #96]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r12, [%[m], #100]\n\t"
-        "LDR	r11, [%[a], #100]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r12, [%[m], #104]\n\t"
-        "LDR	r11, [%[a], #104]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r12, [%[m], #108]\n\t"
-        "LDR	r11, [%[a], #108]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r12, [%[m], #112]\n\t"
-        "LDR	r11, [%[a], #112]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r12, [%[m], #116]\n\t"
-        "LDR	r11, [%[a], #116]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r12, [%[m], #120]\n\t"
-        "LDR	r11, [%[a], #120]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r12, [%[m], #124]\n\t"
-        "LDR	r11, [%[a], #124]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r12, [%[m], #128]\n\t"
-        "LDR	r11, [%[a], #128]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r12, [%[m], #132]\n\t"
-        "LDR	r11, [%[a], #132]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r12, [%[m], #136]\n\t"
-        "LDR	r11, [%[a], #136]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r12, [%[m], #140]\n\t"
-        "LDR	r11, [%[a], #140]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r12, [%[m], #144]\n\t"
-        "LDR	r11, [%[a], #144]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r12, [%[m], #148]\n\t"
-        "LDR	r11, [%[a], #148]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r12, [%[m], #152]\n\t"
-        "LDR	r11, [%[a], #152]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r12, [%[m], #156]\n\t"
-        "LDR	r11, [%[a], #156]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r12, [%[m], #160]\n\t"
-        "LDR	r11, [%[a], #160]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r12, [%[m], #164]\n\t"
-        "LDR	r11, [%[a], #164]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r12, [%[m], #168]\n\t"
-        "LDR	r11, [%[a], #168]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r12, [%[m], #172]\n\t"
-        "LDR	r11, [%[a], #172]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r12, [%[m], #176]\n\t"
-        "LDR	r11, [%[a], #176]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r12, [%[m], #180]\n\t"
-        "LDR	r11, [%[a], #180]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r12, [%[m], #184]\n\t"
-        "LDR	r11, [%[a], #184]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r12, [%[m], #188]\n\t"
-        "LDR	r11, [%[a], #188]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #192]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #188]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #192]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_3072_mont_reduce_48_word\n\t"
-#else
-        "BLT.W	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_48(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_48_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_48_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_48_mul:\n\t"
-#else
-    "L_sp_3072_mont_reduce_48_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_48_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_48_mul\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_48_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #192]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #192]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_48_word\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_48_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_48(r, a, b);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_48(r, a);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mul_d_48_word:\n\t"
-#else
-    "L_sp_3072_mul_d_48_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mul_d_48_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mul_d_48_word\n\t"
-#else
-        "BLT.N	L_sp_3072_mul_d_48_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #192]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_mul_d_48(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[17] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[18] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[19] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[20] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[21] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[22] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[23] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[24] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[25] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[26] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[27] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[28] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[29] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[30] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[31] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[32] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[33] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[34] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[35] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[36] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[37] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[38] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[39] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[40] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[41] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[42] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[43] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[44] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[45] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[46] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[47] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "STR	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_48(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_48(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_3072_word_48_bit:\n\t"
-#else
-    "L_div_3072_word_48_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_3072_word_48_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_3072_word_48_bit\n\t"
-#else
-        "BPL.N	L_div_3072_word_48_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_48(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0xbc\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_cmp_48_words:\n\t"
-#else
-    "L_sp_3072_cmp_48_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_3072_cmp_48_words\n\t"
-#else
-        "bcs	L_sp_3072_cmp_48_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #188]\n\t"
-        "LDR	r5, [%[b], #188]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #184]\n\t"
-        "LDR	r5, [%[b], #184]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #180]\n\t"
-        "LDR	r5, [%[b], #180]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #176]\n\t"
-        "LDR	r5, [%[b], #176]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #172]\n\t"
-        "LDR	r5, [%[b], #172]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #168]\n\t"
-        "LDR	r5, [%[b], #168]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #164]\n\t"
-        "LDR	r5, [%[b], #164]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #160]\n\t"
-        "LDR	r5, [%[b], #160]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #156]\n\t"
-        "LDR	r5, [%[b], #156]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #152]\n\t"
-        "LDR	r5, [%[b], #152]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #148]\n\t"
-        "LDR	r5, [%[b], #148]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #144]\n\t"
-        "LDR	r5, [%[b], #144]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #140]\n\t"
-        "LDR	r5, [%[b], #140]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #136]\n\t"
-        "LDR	r5, [%[b], #136]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #132]\n\t"
-        "LDR	r5, [%[b], #132]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #128]\n\t"
-        "LDR	r5, [%[b], #128]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #124]\n\t"
-        "LDR	r5, [%[b], #124]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "LDR	r5, [%[b], #120]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "LDR	r5, [%[b], #116]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "LDR	r5, [%[b], #112]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "LDR	r5, [%[b], #108]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "LDR	r5, [%[b], #104]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "LDR	r5, [%[b], #100]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "LDR	r5, [%[b], #96]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "LDR	r5, [%[b], #92]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "LDR	r5, [%[b], #88]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "LDR	r5, [%[b], #84]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "LDR	r5, [%[b], #80]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "LDR	r5, [%[b], #76]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "LDR	r5, [%[b], #72]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "LDR	r5, [%[b], #68]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[96], t2[49];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    r1 = sp_3072_cmp_48(&t1[48], d) >= 0;
-    sp_3072_cond_sub_48(&t1[48], &t1[48], d, (sp_digit)0 - r1);
-    for (i = 47; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[48 + i] == div);
-        sp_digit hi = t1[48 + i] + mask;
-        r1 = div_3072_word_48(hi, t1[48 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_48(t1, d) >= 0;
-    sp_3072_cond_sub_48(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_48(a, m, NULL, r);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 96);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 32 * 96);
-    sp_digit* t[32];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 32 * 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++) {
-            t[i] = td + i * 96;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_48(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_48(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_48(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_48(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_48(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_48(t[20], t[10], m, mp);
-        sp_3072_mont_mul_48(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_48(t[22], t[11], m, mp);
-        sp_3072_mont_mul_48(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_48(t[24], t[12], m, mp);
-        sp_3072_mont_mul_48(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_48(t[26], t[13], m, mp);
-        sp_3072_mont_mul_48(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_48(t[28], t[14], m, mp);
-        sp_3072_mont_mul_48(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_48(t[30], t[15], m, mp);
-        sp_3072_mont_mul_48(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_mont_mul_48(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48U);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 96);
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_96(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_cond_sub_96_words:\n\t"
-#else
-    "L_sp_3072_cond_sub_96_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_cond_sub_96_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_cond_sub_96_words\n\t"
-#else
-        "BLT.N	L_sp_3072_cond_sub_96_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_NO_UMAAL
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_96_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_96_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r9, [%[m], #68]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r9, [%[m], #72]\n\t"
-        "LDR	r12, [%[a], #72]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #72]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r9, [%[m], #76]\n\t"
-        "LDR	r12, [%[a], #76]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #76]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r9, [%[m], #80]\n\t"
-        "LDR	r12, [%[a], #80]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #80]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r9, [%[m], #84]\n\t"
-        "LDR	r12, [%[a], #84]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #84]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r9, [%[m], #88]\n\t"
-        "LDR	r12, [%[a], #88]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #88]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r9, [%[m], #92]\n\t"
-        "LDR	r12, [%[a], #92]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #92]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r9, [%[m], #96]\n\t"
-        "LDR	r12, [%[a], #96]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #96]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r9, [%[m], #100]\n\t"
-        "LDR	r12, [%[a], #100]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #100]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r9, [%[m], #104]\n\t"
-        "LDR	r12, [%[a], #104]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #104]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r9, [%[m], #108]\n\t"
-        "LDR	r12, [%[a], #108]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #108]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r9, [%[m], #112]\n\t"
-        "LDR	r12, [%[a], #112]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #112]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r9, [%[m], #116]\n\t"
-        "LDR	r12, [%[a], #116]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #116]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r9, [%[m], #120]\n\t"
-        "LDR	r12, [%[a], #120]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #120]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r9, [%[m], #124]\n\t"
-        "LDR	r12, [%[a], #124]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #124]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r9, [%[m], #128]\n\t"
-        "LDR	r12, [%[a], #128]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #128]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r9, [%[m], #132]\n\t"
-        "LDR	r12, [%[a], #132]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #132]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r9, [%[m], #136]\n\t"
-        "LDR	r12, [%[a], #136]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #136]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r9, [%[m], #140]\n\t"
-        "LDR	r12, [%[a], #140]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #140]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r9, [%[m], #144]\n\t"
-        "LDR	r12, [%[a], #144]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #144]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r9, [%[m], #148]\n\t"
-        "LDR	r12, [%[a], #148]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #148]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r9, [%[m], #152]\n\t"
-        "LDR	r12, [%[a], #152]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #152]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r9, [%[m], #156]\n\t"
-        "LDR	r12, [%[a], #156]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #156]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r9, [%[m], #160]\n\t"
-        "LDR	r12, [%[a], #160]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #160]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r9, [%[m], #164]\n\t"
-        "LDR	r12, [%[a], #164]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #164]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r9, [%[m], #168]\n\t"
-        "LDR	r12, [%[a], #168]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #168]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r9, [%[m], #172]\n\t"
-        "LDR	r12, [%[a], #172]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #172]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r9, [%[m], #176]\n\t"
-        "LDR	r12, [%[a], #176]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #176]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r9, [%[m], #180]\n\t"
-        "LDR	r12, [%[a], #180]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #180]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r9, [%[m], #184]\n\t"
-        "LDR	r12, [%[a], #184]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #184]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r9, [%[m], #188]\n\t"
-        "LDR	r12, [%[a], #188]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #188]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "LDR	r9, [%[m], #192]\n\t"
-        "LDR	r12, [%[a], #192]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #192]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "LDR	r9, [%[m], #196]\n\t"
-        "LDR	r12, [%[a], #196]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #196]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "LDR	r9, [%[m], #200]\n\t"
-        "LDR	r12, [%[a], #200]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #200]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "LDR	r9, [%[m], #204]\n\t"
-        "LDR	r12, [%[a], #204]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #204]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "LDR	r9, [%[m], #208]\n\t"
-        "LDR	r12, [%[a], #208]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #208]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "LDR	r9, [%[m], #212]\n\t"
-        "LDR	r12, [%[a], #212]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #212]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "LDR	r9, [%[m], #216]\n\t"
-        "LDR	r12, [%[a], #216]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #216]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "LDR	r9, [%[m], #220]\n\t"
-        "LDR	r12, [%[a], #220]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #220]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "LDR	r9, [%[m], #224]\n\t"
-        "LDR	r12, [%[a], #224]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #224]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "LDR	r9, [%[m], #228]\n\t"
-        "LDR	r12, [%[a], #228]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #228]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "LDR	r9, [%[m], #232]\n\t"
-        "LDR	r12, [%[a], #232]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #232]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "LDR	r9, [%[m], #236]\n\t"
-        "LDR	r12, [%[a], #236]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #236]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "LDR	r9, [%[m], #240]\n\t"
-        "LDR	r12, [%[a], #240]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #240]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "LDR	r9, [%[m], #244]\n\t"
-        "LDR	r12, [%[a], #244]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #244]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "LDR	r9, [%[m], #248]\n\t"
-        "LDR	r12, [%[a], #248]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #248]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "LDR	r9, [%[m], #252]\n\t"
-        "LDR	r12, [%[a], #252]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #252]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+64] += m[64] * mu */
-        "LDR	r9, [%[m], #256]\n\t"
-        "LDR	r12, [%[a], #256]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #256]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+65] += m[65] * mu */
-        "LDR	r9, [%[m], #260]\n\t"
-        "LDR	r12, [%[a], #260]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #260]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+66] += m[66] * mu */
-        "LDR	r9, [%[m], #264]\n\t"
-        "LDR	r12, [%[a], #264]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #264]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+67] += m[67] * mu */
-        "LDR	r9, [%[m], #268]\n\t"
-        "LDR	r12, [%[a], #268]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #268]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+68] += m[68] * mu */
-        "LDR	r9, [%[m], #272]\n\t"
-        "LDR	r12, [%[a], #272]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #272]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+69] += m[69] * mu */
-        "LDR	r9, [%[m], #276]\n\t"
-        "LDR	r12, [%[a], #276]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #276]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+70] += m[70] * mu */
-        "LDR	r9, [%[m], #280]\n\t"
-        "LDR	r12, [%[a], #280]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #280]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+71] += m[71] * mu */
-        "LDR	r9, [%[m], #284]\n\t"
-        "LDR	r12, [%[a], #284]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #284]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+72] += m[72] * mu */
-        "LDR	r9, [%[m], #288]\n\t"
-        "LDR	r12, [%[a], #288]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #288]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+73] += m[73] * mu */
-        "LDR	r9, [%[m], #292]\n\t"
-        "LDR	r12, [%[a], #292]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #292]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+74] += m[74] * mu */
-        "LDR	r9, [%[m], #296]\n\t"
-        "LDR	r12, [%[a], #296]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #296]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+75] += m[75] * mu */
-        "LDR	r9, [%[m], #300]\n\t"
-        "LDR	r12, [%[a], #300]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #300]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+76] += m[76] * mu */
-        "LDR	r9, [%[m], #304]\n\t"
-        "LDR	r12, [%[a], #304]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #304]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+77] += m[77] * mu */
-        "LDR	r9, [%[m], #308]\n\t"
-        "LDR	r12, [%[a], #308]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #308]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+78] += m[78] * mu */
-        "LDR	r9, [%[m], #312]\n\t"
-        "LDR	r12, [%[a], #312]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #312]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+79] += m[79] * mu */
-        "LDR	r9, [%[m], #316]\n\t"
-        "LDR	r12, [%[a], #316]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #316]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+80] += m[80] * mu */
-        "LDR	r9, [%[m], #320]\n\t"
-        "LDR	r12, [%[a], #320]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #320]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+81] += m[81] * mu */
-        "LDR	r9, [%[m], #324]\n\t"
-        "LDR	r12, [%[a], #324]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #324]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+82] += m[82] * mu */
-        "LDR	r9, [%[m], #328]\n\t"
-        "LDR	r12, [%[a], #328]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #328]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+83] += m[83] * mu */
-        "LDR	r9, [%[m], #332]\n\t"
-        "LDR	r12, [%[a], #332]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #332]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+84] += m[84] * mu */
-        "LDR	r9, [%[m], #336]\n\t"
-        "LDR	r12, [%[a], #336]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #336]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+85] += m[85] * mu */
-        "LDR	r9, [%[m], #340]\n\t"
-        "LDR	r12, [%[a], #340]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #340]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+86] += m[86] * mu */
-        "LDR	r9, [%[m], #344]\n\t"
-        "LDR	r12, [%[a], #344]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #344]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+87] += m[87] * mu */
-        "LDR	r9, [%[m], #348]\n\t"
-        "LDR	r12, [%[a], #348]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #348]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+88] += m[88] * mu */
-        "LDR	r9, [%[m], #352]\n\t"
-        "LDR	r12, [%[a], #352]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #352]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+89] += m[89] * mu */
-        "LDR	r9, [%[m], #356]\n\t"
-        "LDR	r12, [%[a], #356]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #356]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+90] += m[90] * mu */
-        "LDR	r9, [%[m], #360]\n\t"
-        "LDR	r12, [%[a], #360]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #360]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+91] += m[91] * mu */
-        "LDR	r9, [%[m], #364]\n\t"
-        "LDR	r12, [%[a], #364]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #364]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+92] += m[92] * mu */
-        "LDR	r9, [%[m], #368]\n\t"
-        "LDR	r12, [%[a], #368]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #368]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+93] += m[93] * mu */
-        "LDR	r9, [%[m], #372]\n\t"
-        "LDR	r12, [%[a], #372]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #372]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+94] += m[94] * mu */
-        "LDR	r9, [%[m], #376]\n\t"
-        "LDR	r12, [%[a], #376]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #376]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+95] += m[95] * mu */
-        "LDR	r9, [%[m], #380]\n\t"
-        "LDR	r12, [%[a], #380]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #380]\n\t"
-        "LDR	r12, [%[a], #384]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #384]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_3072_mont_reduce_96_word\n\t"
-#else
-        "BLT.W	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_96_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_96_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_96_mul:\n\t"
-#else
-    "L_sp_3072_mont_reduce_96_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_96_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_96_mul\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_96_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #384]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #384]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_96_word\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#else
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_96_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_96_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r12, [%[m], #68]\n\t"
-        "LDR	r11, [%[a], #68]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r12, [%[m], #72]\n\t"
-        "LDR	r11, [%[a], #72]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r12, [%[m], #76]\n\t"
-        "LDR	r11, [%[a], #76]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r12, [%[m], #80]\n\t"
-        "LDR	r11, [%[a], #80]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r12, [%[m], #84]\n\t"
-        "LDR	r11, [%[a], #84]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r12, [%[m], #88]\n\t"
-        "LDR	r11, [%[a], #88]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r12, [%[m], #92]\n\t"
-        "LDR	r11, [%[a], #92]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r12, [%[m], #96]\n\t"
-        "LDR	r11, [%[a], #96]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r12, [%[m], #100]\n\t"
-        "LDR	r11, [%[a], #100]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r12, [%[m], #104]\n\t"
-        "LDR	r11, [%[a], #104]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r12, [%[m], #108]\n\t"
-        "LDR	r11, [%[a], #108]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r12, [%[m], #112]\n\t"
-        "LDR	r11, [%[a], #112]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r12, [%[m], #116]\n\t"
-        "LDR	r11, [%[a], #116]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r12, [%[m], #120]\n\t"
-        "LDR	r11, [%[a], #120]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r12, [%[m], #124]\n\t"
-        "LDR	r11, [%[a], #124]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r12, [%[m], #128]\n\t"
-        "LDR	r11, [%[a], #128]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r12, [%[m], #132]\n\t"
-        "LDR	r11, [%[a], #132]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r12, [%[m], #136]\n\t"
-        "LDR	r11, [%[a], #136]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r12, [%[m], #140]\n\t"
-        "LDR	r11, [%[a], #140]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r12, [%[m], #144]\n\t"
-        "LDR	r11, [%[a], #144]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r12, [%[m], #148]\n\t"
-        "LDR	r11, [%[a], #148]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r12, [%[m], #152]\n\t"
-        "LDR	r11, [%[a], #152]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r12, [%[m], #156]\n\t"
-        "LDR	r11, [%[a], #156]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r12, [%[m], #160]\n\t"
-        "LDR	r11, [%[a], #160]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r12, [%[m], #164]\n\t"
-        "LDR	r11, [%[a], #164]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r12, [%[m], #168]\n\t"
-        "LDR	r11, [%[a], #168]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r12, [%[m], #172]\n\t"
-        "LDR	r11, [%[a], #172]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r12, [%[m], #176]\n\t"
-        "LDR	r11, [%[a], #176]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r12, [%[m], #180]\n\t"
-        "LDR	r11, [%[a], #180]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r12, [%[m], #184]\n\t"
-        "LDR	r11, [%[a], #184]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r12, [%[m], #188]\n\t"
-        "LDR	r11, [%[a], #188]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #188]\n\t"
-        /* a[i+48] += m[48] * mu */
-        "LDR	r12, [%[m], #192]\n\t"
-        "LDR	r11, [%[a], #192]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #192]\n\t"
-        /* a[i+49] += m[49] * mu */
-        "LDR	r12, [%[m], #196]\n\t"
-        "LDR	r11, [%[a], #196]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #196]\n\t"
-        /* a[i+50] += m[50] * mu */
-        "LDR	r12, [%[m], #200]\n\t"
-        "LDR	r11, [%[a], #200]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #200]\n\t"
-        /* a[i+51] += m[51] * mu */
-        "LDR	r12, [%[m], #204]\n\t"
-        "LDR	r11, [%[a], #204]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #204]\n\t"
-        /* a[i+52] += m[52] * mu */
-        "LDR	r12, [%[m], #208]\n\t"
-        "LDR	r11, [%[a], #208]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #208]\n\t"
-        /* a[i+53] += m[53] * mu */
-        "LDR	r12, [%[m], #212]\n\t"
-        "LDR	r11, [%[a], #212]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #212]\n\t"
-        /* a[i+54] += m[54] * mu */
-        "LDR	r12, [%[m], #216]\n\t"
-        "LDR	r11, [%[a], #216]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #216]\n\t"
-        /* a[i+55] += m[55] * mu */
-        "LDR	r12, [%[m], #220]\n\t"
-        "LDR	r11, [%[a], #220]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #220]\n\t"
-        /* a[i+56] += m[56] * mu */
-        "LDR	r12, [%[m], #224]\n\t"
-        "LDR	r11, [%[a], #224]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #224]\n\t"
-        /* a[i+57] += m[57] * mu */
-        "LDR	r12, [%[m], #228]\n\t"
-        "LDR	r11, [%[a], #228]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #228]\n\t"
-        /* a[i+58] += m[58] * mu */
-        "LDR	r12, [%[m], #232]\n\t"
-        "LDR	r11, [%[a], #232]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #232]\n\t"
-        /* a[i+59] += m[59] * mu */
-        "LDR	r12, [%[m], #236]\n\t"
-        "LDR	r11, [%[a], #236]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #236]\n\t"
-        /* a[i+60] += m[60] * mu */
-        "LDR	r12, [%[m], #240]\n\t"
-        "LDR	r11, [%[a], #240]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #240]\n\t"
-        /* a[i+61] += m[61] * mu */
-        "LDR	r12, [%[m], #244]\n\t"
-        "LDR	r11, [%[a], #244]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #244]\n\t"
-        /* a[i+62] += m[62] * mu */
-        "LDR	r12, [%[m], #248]\n\t"
-        "LDR	r11, [%[a], #248]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #248]\n\t"
-        /* a[i+63] += m[63] * mu */
-        "LDR	r12, [%[m], #252]\n\t"
-        "LDR	r11, [%[a], #252]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #252]\n\t"
-        /* a[i+64] += m[64] * mu */
-        "LDR	r12, [%[m], #256]\n\t"
-        "LDR	r11, [%[a], #256]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #256]\n\t"
-        /* a[i+65] += m[65] * mu */
-        "LDR	r12, [%[m], #260]\n\t"
-        "LDR	r11, [%[a], #260]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #260]\n\t"
-        /* a[i+66] += m[66] * mu */
-        "LDR	r12, [%[m], #264]\n\t"
-        "LDR	r11, [%[a], #264]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #264]\n\t"
-        /* a[i+67] += m[67] * mu */
-        "LDR	r12, [%[m], #268]\n\t"
-        "LDR	r11, [%[a], #268]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #268]\n\t"
-        /* a[i+68] += m[68] * mu */
-        "LDR	r12, [%[m], #272]\n\t"
-        "LDR	r11, [%[a], #272]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #272]\n\t"
-        /* a[i+69] += m[69] * mu */
-        "LDR	r12, [%[m], #276]\n\t"
-        "LDR	r11, [%[a], #276]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #276]\n\t"
-        /* a[i+70] += m[70] * mu */
-        "LDR	r12, [%[m], #280]\n\t"
-        "LDR	r11, [%[a], #280]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #280]\n\t"
-        /* a[i+71] += m[71] * mu */
-        "LDR	r12, [%[m], #284]\n\t"
-        "LDR	r11, [%[a], #284]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #284]\n\t"
-        /* a[i+72] += m[72] * mu */
-        "LDR	r12, [%[m], #288]\n\t"
-        "LDR	r11, [%[a], #288]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #288]\n\t"
-        /* a[i+73] += m[73] * mu */
-        "LDR	r12, [%[m], #292]\n\t"
-        "LDR	r11, [%[a], #292]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #292]\n\t"
-        /* a[i+74] += m[74] * mu */
-        "LDR	r12, [%[m], #296]\n\t"
-        "LDR	r11, [%[a], #296]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #296]\n\t"
-        /* a[i+75] += m[75] * mu */
-        "LDR	r12, [%[m], #300]\n\t"
-        "LDR	r11, [%[a], #300]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #300]\n\t"
-        /* a[i+76] += m[76] * mu */
-        "LDR	r12, [%[m], #304]\n\t"
-        "LDR	r11, [%[a], #304]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #304]\n\t"
-        /* a[i+77] += m[77] * mu */
-        "LDR	r12, [%[m], #308]\n\t"
-        "LDR	r11, [%[a], #308]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #308]\n\t"
-        /* a[i+78] += m[78] * mu */
-        "LDR	r12, [%[m], #312]\n\t"
-        "LDR	r11, [%[a], #312]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #312]\n\t"
-        /* a[i+79] += m[79] * mu */
-        "LDR	r12, [%[m], #316]\n\t"
-        "LDR	r11, [%[a], #316]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #316]\n\t"
-        /* a[i+80] += m[80] * mu */
-        "LDR	r12, [%[m], #320]\n\t"
-        "LDR	r11, [%[a], #320]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #320]\n\t"
-        /* a[i+81] += m[81] * mu */
-        "LDR	r12, [%[m], #324]\n\t"
-        "LDR	r11, [%[a], #324]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #324]\n\t"
-        /* a[i+82] += m[82] * mu */
-        "LDR	r12, [%[m], #328]\n\t"
-        "LDR	r11, [%[a], #328]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #328]\n\t"
-        /* a[i+83] += m[83] * mu */
-        "LDR	r12, [%[m], #332]\n\t"
-        "LDR	r11, [%[a], #332]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #332]\n\t"
-        /* a[i+84] += m[84] * mu */
-        "LDR	r12, [%[m], #336]\n\t"
-        "LDR	r11, [%[a], #336]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #336]\n\t"
-        /* a[i+85] += m[85] * mu */
-        "LDR	r12, [%[m], #340]\n\t"
-        "LDR	r11, [%[a], #340]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #340]\n\t"
-        /* a[i+86] += m[86] * mu */
-        "LDR	r12, [%[m], #344]\n\t"
-        "LDR	r11, [%[a], #344]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #344]\n\t"
-        /* a[i+87] += m[87] * mu */
-        "LDR	r12, [%[m], #348]\n\t"
-        "LDR	r11, [%[a], #348]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #348]\n\t"
-        /* a[i+88] += m[88] * mu */
-        "LDR	r12, [%[m], #352]\n\t"
-        "LDR	r11, [%[a], #352]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #352]\n\t"
-        /* a[i+89] += m[89] * mu */
-        "LDR	r12, [%[m], #356]\n\t"
-        "LDR	r11, [%[a], #356]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #356]\n\t"
-        /* a[i+90] += m[90] * mu */
-        "LDR	r12, [%[m], #360]\n\t"
-        "LDR	r11, [%[a], #360]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #360]\n\t"
-        /* a[i+91] += m[91] * mu */
-        "LDR	r12, [%[m], #364]\n\t"
-        "LDR	r11, [%[a], #364]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #364]\n\t"
-        /* a[i+92] += m[92] * mu */
-        "LDR	r12, [%[m], #368]\n\t"
-        "LDR	r11, [%[a], #368]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #368]\n\t"
-        /* a[i+93] += m[93] * mu */
-        "LDR	r12, [%[m], #372]\n\t"
-        "LDR	r11, [%[a], #372]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #372]\n\t"
-        /* a[i+94] += m[94] * mu */
-        "LDR	r12, [%[m], #376]\n\t"
-        "LDR	r11, [%[a], #376]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #376]\n\t"
-        /* a[i+95] += m[95] * mu */
-        "LDR	r12, [%[m], #380]\n\t"
-        "LDR	r11, [%[a], #380]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #384]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #380]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #384]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_3072_mont_reduce_96_word\n\t"
-#else
-        "BLT.W	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 3072 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_3072_mont_reduce_96(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_96_word:\n\t"
-#else
-    "L_sp_3072_mont_reduce_96_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_mont_reduce_96_mul:\n\t"
-#else
-    "L_sp_3072_mont_reduce_96_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_96_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_96_mul\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_96_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #384]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #384]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x180\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_mont_reduce_96_word\n\t"
-#else
-        "BLT.N	L_sp_3072_mont_reduce_96_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_96(r, a, b);
-    sp_3072_mont_reduce_96(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_96(r, a);
-    sp_3072_mont_reduce_96(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r11, #0x0\n\t"
-        "ADD	r12, %[a], #0x180\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_sub_96_word:\n\t"
-#else
-    "L_sp_3072_sub_96_word_%=:\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	r11, r3, r3\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_3072_sub_96_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_3072_sub_96_word\n\t"
-#else
-        "BNE.N	L_sp_3072_sub_96_word_%=\n\t"
-#endif
-        "MOV	%[r], r11\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_sub_96(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_96(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_96(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_3072_word_96_bit:\n\t"
-#else
-    "L_div_3072_word_96_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_3072_word_96_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_3072_word_96_bit\n\t"
-#else
-        "BPL.N	L_div_3072_word_96_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[192], t2[97];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[95];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 96);
-    for (i = 95; i > 0; i--) {
-        if (t1[i + 96] != d[i])
-            break;
-    }
-    if (t1[i + 96] >= d[i]) {
-        sp_3072_sub_in_place_96(&t1[96], d);
-    }
-    for (i = 95; i >= 0; i--) {
-        if (t1[96 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_3072_word_96(t1[96 + i], t1[96 + i - 1], div);
-        }
-
-        sp_3072_mul_d_96(t2, d, r1);
-        t1[96 + i] += sp_3072_sub_in_place_96(&t1[i], t2);
-        t1[96 + i] -= t2[96];
-        if (t1[96 + i] != 0) {
-            t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], d);
-            if (t1[96 + i] != 0)
-                t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 95; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_3072_sub_96(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 96);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_96_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<96; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 96; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_3072_cmp_96(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x17c\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_cmp_96_words:\n\t"
-#else
-    "L_sp_3072_cmp_96_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_3072_cmp_96_words\n\t"
-#else
-        "bcs	L_sp_3072_cmp_96_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #380]\n\t"
-        "LDR	r5, [%[b], #380]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #376]\n\t"
-        "LDR	r5, [%[b], #376]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #372]\n\t"
-        "LDR	r5, [%[b], #372]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #368]\n\t"
-        "LDR	r5, [%[b], #368]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #364]\n\t"
-        "LDR	r5, [%[b], #364]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #360]\n\t"
-        "LDR	r5, [%[b], #360]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #356]\n\t"
-        "LDR	r5, [%[b], #356]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #352]\n\t"
-        "LDR	r5, [%[b], #352]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #348]\n\t"
-        "LDR	r5, [%[b], #348]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #344]\n\t"
-        "LDR	r5, [%[b], #344]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #340]\n\t"
-        "LDR	r5, [%[b], #340]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #336]\n\t"
-        "LDR	r5, [%[b], #336]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #332]\n\t"
-        "LDR	r5, [%[b], #332]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #328]\n\t"
-        "LDR	r5, [%[b], #328]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #324]\n\t"
-        "LDR	r5, [%[b], #324]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #320]\n\t"
-        "LDR	r5, [%[b], #320]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #316]\n\t"
-        "LDR	r5, [%[b], #316]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #312]\n\t"
-        "LDR	r5, [%[b], #312]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #308]\n\t"
-        "LDR	r5, [%[b], #308]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #304]\n\t"
-        "LDR	r5, [%[b], #304]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #300]\n\t"
-        "LDR	r5, [%[b], #300]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #296]\n\t"
-        "LDR	r5, [%[b], #296]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #292]\n\t"
-        "LDR	r5, [%[b], #292]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #288]\n\t"
-        "LDR	r5, [%[b], #288]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #284]\n\t"
-        "LDR	r5, [%[b], #284]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #280]\n\t"
-        "LDR	r5, [%[b], #280]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #276]\n\t"
-        "LDR	r5, [%[b], #276]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #272]\n\t"
-        "LDR	r5, [%[b], #272]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #268]\n\t"
-        "LDR	r5, [%[b], #268]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #264]\n\t"
-        "LDR	r5, [%[b], #264]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #260]\n\t"
-        "LDR	r5, [%[b], #260]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #256]\n\t"
-        "LDR	r5, [%[b], #256]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #252]\n\t"
-        "LDR	r5, [%[b], #252]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #248]\n\t"
-        "LDR	r5, [%[b], #248]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #244]\n\t"
-        "LDR	r5, [%[b], #244]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #240]\n\t"
-        "LDR	r5, [%[b], #240]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #236]\n\t"
-        "LDR	r5, [%[b], #236]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #232]\n\t"
-        "LDR	r5, [%[b], #232]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #228]\n\t"
-        "LDR	r5, [%[b], #228]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #224]\n\t"
-        "LDR	r5, [%[b], #224]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #220]\n\t"
-        "LDR	r5, [%[b], #220]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #216]\n\t"
-        "LDR	r5, [%[b], #216]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #212]\n\t"
-        "LDR	r5, [%[b], #212]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #208]\n\t"
-        "LDR	r5, [%[b], #208]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #204]\n\t"
-        "LDR	r5, [%[b], #204]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #200]\n\t"
-        "LDR	r5, [%[b], #200]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #196]\n\t"
-        "LDR	r5, [%[b], #196]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #192]\n\t"
-        "LDR	r5, [%[b], #192]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #188]\n\t"
-        "LDR	r5, [%[b], #188]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #184]\n\t"
-        "LDR	r5, [%[b], #184]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #180]\n\t"
-        "LDR	r5, [%[b], #180]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #176]\n\t"
-        "LDR	r5, [%[b], #176]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #172]\n\t"
-        "LDR	r5, [%[b], #172]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #168]\n\t"
-        "LDR	r5, [%[b], #168]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #164]\n\t"
-        "LDR	r5, [%[b], #164]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #160]\n\t"
-        "LDR	r5, [%[b], #160]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #156]\n\t"
-        "LDR	r5, [%[b], #156]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #152]\n\t"
-        "LDR	r5, [%[b], #152]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #148]\n\t"
-        "LDR	r5, [%[b], #148]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #144]\n\t"
-        "LDR	r5, [%[b], #144]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #140]\n\t"
-        "LDR	r5, [%[b], #140]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #136]\n\t"
-        "LDR	r5, [%[b], #136]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #132]\n\t"
-        "LDR	r5, [%[b], #132]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #128]\n\t"
-        "LDR	r5, [%[b], #128]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #124]\n\t"
-        "LDR	r5, [%[b], #124]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "LDR	r5, [%[b], #120]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "LDR	r5, [%[b], #116]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "LDR	r5, [%[b], #112]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "LDR	r5, [%[b], #108]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "LDR	r5, [%[b], #104]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "LDR	r5, [%[b], #100]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "LDR	r5, [%[b], #96]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "LDR	r5, [%[b], #92]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "LDR	r5, [%[b], #88]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "LDR	r5, [%[b], #84]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "LDR	r5, [%[b], #80]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "LDR	r5, [%[b], #76]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "LDR	r5, [%[b], #72]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "LDR	r5, [%[b], #68]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[192], t2[97];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[95];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 96);
-    r1 = sp_3072_cmp_96(&t1[96], d) >= 0;
-    sp_3072_cond_sub_96(&t1[96], &t1[96], d, (sp_digit)0 - r1);
-    for (i = 95; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[96 + i] == div);
-        sp_digit hi = t1[96 + i] + mask;
-        r1 = div_3072_word_96(hi, t1[96 + i - 1], div);
-        r1 |= mask;
-
-        sp_3072_mul_d_96(t2, d, r1);
-        t1[96 + i] += sp_3072_sub_in_place_96(&t1[i], t2);
-        t1[96 + i] -= t2[96];
-        sp_3072_mask_96(t2, d, t1[96 + i]);
-        t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], t2);
-        sp_3072_mask_96(t2, d, t1[96 + i]);
-        t1[96 + i] += sp_3072_add_96(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_96(t1, d) >= 0;
-    sp_3072_cond_sub_96(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_3072_div_96(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 192);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 192;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 96U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_96(t[1] + 96, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_96(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 96, a, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_96(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_96(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_96(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_96(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_96(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_96(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 96);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_mont_mul_96(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_96(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 192);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 192;
-        }
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 96U);
-        if (reduceA != 0) {
-            err = sp_3072_mod_96(t[1] + 96, a, m);
-            if (err == MP_OKAY) {
-                err = sp_3072_mod_96(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 96, a, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_96(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_96(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_96(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_96(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_96(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_96(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_96(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_96(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_96(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_96(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_96(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_96(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_96(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_96(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 96);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_mont_mul_96(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 96 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 384 ||
-                                                     mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 96 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 96;
-        r = a + 96 * 2;
-        m = r + 96 * 2;
-
-        sp_3072_from_bin(ah, 96, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 96, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_3072_mont_sqr_96(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_3072_mont_mul_96(r, r, ah, m, mp);
-
-                for (i = 95; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_96(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_3072_sqr_96(r, ah);
-                err = sp_3072_mod_96_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_3072_mul_96(r, ah, r);
-                err = sp_3072_mod_96_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 96);
-            err = sp_3072_mod_96_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 96);
-                for (i--; i >= 0; i--) {
-                    sp_3072_mont_sqr_96(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_3072_mont_mul_96(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[96], 0, sizeof(sp_digit) * 96);
-                sp_3072_mont_reduce_96(r, m, mp);
-
-                for (i = 95; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_3072_sub_in_place_96(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_3072_cond_add_48_words:\n\t"
-#else
-    "L_sp_3072_cond_add_48_words_%=:\n\t"
-#endif
-        "ADDS	r5, r5, #0xffffffff\n\t"
-        "LDR	r6, [%[a], r4]\n\t"
-        "LDR	r7, [%[b], r4]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "ADCS	r6, r6, r7\n\t"
-        "ADC	r5, r8, r8\n\t"
-        "STR	r6, [%[r], r4]\n\t"
-        "ADD	r4, r4, #0x4\n\t"
-        "CMP	r4, #0xc0\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_3072_cond_add_48_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_3072_cond_add_48_words\n\t"
-#else
-        "BLT.N	L_sp_3072_cond_add_48_words_%=\n\t"
-#endif
-        "MOV	%[r], r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_3072_cond_add_48(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADDS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "ADC	%[r], r10, r10\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 96 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 384) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 96 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 96;
-        m = a + 192;
-        r = a;
-
-        sp_3072_from_bin(a, 96, in, inLen);
-        sp_3072_from_mp(d, 96, dm);
-        sp_3072_from_mp(m, 96, mm);
-        err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 96, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 48 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 384 || mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 48 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 96 * 2;
-        q = p + 48;
-        qi = dq = dp = q + 48;
-        tmpa = qi + 48;
-        tmpb = tmpa + 96;
-        r = a;
-
-        sp_3072_from_bin(a, 96, in, inLen);
-        sp_3072_from_mp(p, 48, pm);
-        sp_3072_from_mp(q, 48, qm);
-        sp_3072_from_mp(dp, 48, dpm);
-
-        err = sp_3072_mod_exp_48(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(dq, 48, dqm);
-        err = sp_3072_mod_exp_48(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_3072_sub_in_place_48(tmpa, tmpb);
-        c += sp_3072_cond_add_48(tmpa, tmpa, p, c);
-        sp_3072_cond_add_48(tmpa, tmpa, p, c);
-
-        sp_3072_from_mp(qi, 48, qim);
-        sp_3072_mul_48(tmpa, tmpa, qi);
-        err = sp_3072_mod_48(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mul_48(tmpa, q, tmpa);
-        XMEMSET(&tmpb[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_add_96(r, tmpb, tmpa);
-
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 48 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 96);
-        r->used = 96;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 96; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 96; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[192];
-    sp_digit e[96];
-    sp_digit m[96];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 96, base);
-        sp_3072_from_mp(e, 96, exp);
-        sp_3072_from_mp(m, 96, mod);
-
-        err = sp_3072_mod_exp_96(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_3072
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_3072_lshift_96(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register byte n __asm__ ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "RSB	r7, %[n], #0x1f\n\t"
-        "LDR	r5, [%[a], #380]\n\t"
-        "LSR	r6, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r6, r6, r7\n\t"
-        "LDR	r4, [%[a], #376]\n\t"
-        "STR	r6, [%[r], #384]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #372]\n\t"
-        "STR	r5, [%[r], #380]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #368]\n\t"
-        "STR	r4, [%[r], #376]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #364]\n\t"
-        "STR	r6, [%[r], #372]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #360]\n\t"
-        "STR	r5, [%[r], #368]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #356]\n\t"
-        "STR	r4, [%[r], #364]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #352]\n\t"
-        "STR	r6, [%[r], #360]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #348]\n\t"
-        "STR	r5, [%[r], #356]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #344]\n\t"
-        "STR	r4, [%[r], #352]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #340]\n\t"
-        "STR	r6, [%[r], #348]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #336]\n\t"
-        "STR	r5, [%[r], #344]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #332]\n\t"
-        "STR	r4, [%[r], #340]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #328]\n\t"
-        "STR	r6, [%[r], #336]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #324]\n\t"
-        "STR	r5, [%[r], #332]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #320]\n\t"
-        "STR	r4, [%[r], #328]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #316]\n\t"
-        "STR	r6, [%[r], #324]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #312]\n\t"
-        "STR	r5, [%[r], #320]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #308]\n\t"
-        "STR	r4, [%[r], #316]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #304]\n\t"
-        "STR	r6, [%[r], #312]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #300]\n\t"
-        "STR	r5, [%[r], #308]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #296]\n\t"
-        "STR	r4, [%[r], #304]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #292]\n\t"
-        "STR	r6, [%[r], #300]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #288]\n\t"
-        "STR	r5, [%[r], #296]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #284]\n\t"
-        "STR	r4, [%[r], #292]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #280]\n\t"
-        "STR	r6, [%[r], #288]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #276]\n\t"
-        "STR	r5, [%[r], #284]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #272]\n\t"
-        "STR	r4, [%[r], #280]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #268]\n\t"
-        "STR	r6, [%[r], #276]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #264]\n\t"
-        "STR	r5, [%[r], #272]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #260]\n\t"
-        "STR	r4, [%[r], #268]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #256]\n\t"
-        "STR	r6, [%[r], #264]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #252]\n\t"
-        "STR	r5, [%[r], #260]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #248]\n\t"
-        "STR	r4, [%[r], #256]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #244]\n\t"
-        "STR	r6, [%[r], #252]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #240]\n\t"
-        "STR	r5, [%[r], #248]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #236]\n\t"
-        "STR	r4, [%[r], #244]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #232]\n\t"
-        "STR	r6, [%[r], #240]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #228]\n\t"
-        "STR	r5, [%[r], #236]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #224]\n\t"
-        "STR	r4, [%[r], #232]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #220]\n\t"
-        "STR	r6, [%[r], #228]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #216]\n\t"
-        "STR	r5, [%[r], #224]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #212]\n\t"
-        "STR	r4, [%[r], #220]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #208]\n\t"
-        "STR	r6, [%[r], #216]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #204]\n\t"
-        "STR	r5, [%[r], #212]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #200]\n\t"
-        "STR	r4, [%[r], #208]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #196]\n\t"
-        "STR	r6, [%[r], #204]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #192]\n\t"
-        "STR	r5, [%[r], #200]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #188]\n\t"
-        "STR	r4, [%[r], #196]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #184]\n\t"
-        "STR	r6, [%[r], #192]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #180]\n\t"
-        "STR	r5, [%[r], #188]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #176]\n\t"
-        "STR	r4, [%[r], #184]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #172]\n\t"
-        "STR	r6, [%[r], #180]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #168]\n\t"
-        "STR	r5, [%[r], #176]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #164]\n\t"
-        "STR	r4, [%[r], #172]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #160]\n\t"
-        "STR	r6, [%[r], #168]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #156]\n\t"
-        "STR	r5, [%[r], #164]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #152]\n\t"
-        "STR	r4, [%[r], #160]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #148]\n\t"
-        "STR	r6, [%[r], #156]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #144]\n\t"
-        "STR	r5, [%[r], #152]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #140]\n\t"
-        "STR	r4, [%[r], #148]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #136]\n\t"
-        "STR	r6, [%[r], #144]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #132]\n\t"
-        "STR	r5, [%[r], #140]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #128]\n\t"
-        "STR	r4, [%[r], #136]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #124]\n\t"
-        "STR	r6, [%[r], #132]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #120]\n\t"
-        "STR	r5, [%[r], #128]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #116]\n\t"
-        "STR	r4, [%[r], #124]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "STR	r6, [%[r], #120]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #108]\n\t"
-        "STR	r5, [%[r], #116]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #104]\n\t"
-        "STR	r4, [%[r], #112]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "STR	r6, [%[r], #108]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #96]\n\t"
-        "STR	r5, [%[r], #104]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #92]\n\t"
-        "STR	r4, [%[r], #100]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "STR	r6, [%[r], #96]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #84]\n\t"
-        "STR	r5, [%[r], #92]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #80]\n\t"
-        "STR	r4, [%[r], #88]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "STR	r6, [%[r], #84]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #72]\n\t"
-        "STR	r5, [%[r], #80]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #68]\n\t"
-        "STR	r4, [%[r], #76]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "STR	r6, [%[r], #72]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #60]\n\t"
-        "STR	r5, [%[r], #68]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #56]\n\t"
-        "STR	r4, [%[r], #64]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "STR	r6, [%[r], #60]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #48]\n\t"
-        "STR	r5, [%[r], #56]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #44]\n\t"
-        "STR	r4, [%[r], #52]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "STR	r6, [%[r], #48]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #36]\n\t"
-        "STR	r5, [%[r], #44]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #32]\n\t"
-        "STR	r4, [%[r], #40]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "STR	r6, [%[r], #36]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #24]\n\t"
-        "STR	r5, [%[r], #32]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #20]\n\t"
-        "STR	r4, [%[r], #28]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "STR	r6, [%[r], #24]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #12]\n\t"
-        "STR	r5, [%[r], #20]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "STR	r4, [%[r], #16]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "STR	r6, [%[r], #12]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "STR	r5, [%[r], #8]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "STR	r6, [%[r]]\n\t"
-        "STR	r4, [%[r], #4]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r7"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_96(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 289);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 289, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 192;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_96(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_3072_lshift_96(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-            sp_3072_mont_sqr_96(r, r, m, mp);
-
-            sp_3072_lshift_96(r, r, y);
-            sp_3072_mul_d_96(tmp, norm, r[96]);
-            r[96] = 0;
-            o = sp_3072_add_96(r, r, tmp);
-            sp_3072_cond_sub_96(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[96], 0, sizeof(sp_digit) * 96U);
-        sp_3072_mont_reduce_96(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_96(r, m) >= 0);
-        sp_3072_cond_sub_96(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[192];
-    sp_digit e[96];
-    sp_digit m[96];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 96, base);
-        sp_3072_from_bin(e, 96, exp, expLen);
-        sp_3072_from_mp(m, 96, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2 && m[95] == (sp_digit)-1)
-            err = sp_3072_mod_exp_2_96(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_3072_mod_exp_96(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_96(r, out);
-        *outLen = 384;
-        for (i=0; i<384 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[96];
-    sp_digit e[48];
-    sp_digit m[48];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_mp(e, 48, exp);
-        sp_3072_from_mp(m, 48, mod);
-
-        err = sp_3072_mod_exp_48(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 48, 0, sizeof(*r) * 48U);
-        err = sp_3072_to_mp(r, res);
-        res->used = mod->used;
-        mp_clamp(res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_128(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 127; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_128(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_128(a)
-
-#ifndef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[128];
-    sp_digit a1[64];
-    sp_digit b1[64];
-    sp_digit* z2 = r + 128;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_2048_add_64(a1, a, &a[64]);
-    cb = sp_2048_add_64(b1, b, &b[64]);
-    u  = ca & cb;
-
-    sp_2048_mul_64(z2, &a[64], &b[64]);
-    sp_2048_mul_64(z0, a, b);
-    sp_2048_mul_64(z1, a1, b1);
-
-    u += sp_4096_sub_in_place_128(z1, z0);
-    u += sp_4096_sub_in_place_128(z1, z2);
-    sp_2048_mask_64(a1, a1, 0 - cb);
-    u += sp_2048_add_64(z1 + 64, z1 + 64, a1);
-    sp_2048_mask_64(b1, b1, 0 - ca);
-    u += sp_2048_add_64(z1 + 64, z1 + 64, b1);
-
-    u += sp_4096_add_128(r + 64, r + 64, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (64 - 1));
-    a1[0] = u;
-    (void)sp_2048_add_64(r + 192, r + 192, a1);
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 128;
-    sp_digit z1[128];
-    sp_digit* a1 = z1;
-    sp_digit zero[64];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 64);
-
-    mask = sp_2048_sub_64(a1, a, &a[64]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_2048_sub_64(a1, p1, p2);
-
-    sp_2048_sqr_64(z2, &a[64]);
-    sp_2048_sqr_64(z0, a);
-    sp_2048_sqr_64(z1, a1);
-
-    u = 0;
-    u -= sp_4096_sub_in_place_128(z1, z2);
-    u -= sp_4096_sub_in_place_128(z1, z0);
-    u += sp_4096_sub_in_place_128(r + 64, z1);
-    zero[0] = u;
-    (void)sp_2048_add_64(r + 192, r + 192, zero);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_add_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x200\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_add_128_word:\n\t"
-#else
-    "L_sp_4096_add_128_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_4096_add_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_4096_add_128_word\n\t"
-#else
-        "BNE.N	L_sp_4096_add_128_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x200\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_sub_in_pkace_128_word:\n\t"
-#else
-    "L_sp_4096_sub_in_pkace_128_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_4096_sub_in_pkace_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_4096_sub_in_pkace_128_word\n\t"
-#else
-        "BNE.N	L_sp_4096_sub_in_pkace_128_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x400\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mul_128_outer:\n\t"
-#else
-    "L_sp_4096_mul_128_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x1fc\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mul_128_inner:\n\t"
-#else
-    "L_sp_4096_mul_128_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_4096_mul_128_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_4096_mul_128_inner_done\n\t"
-#else
-        "BGT.N	L_sp_4096_mul_128_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mul_128_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_mul_128_inner\n\t"
-#else
-        "BLT.N	L_sp_4096_mul_128_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mul_128_inner_done:\n\t"
-#else
-    "L_sp_4096_mul_128_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x3f4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_4096_mul_128_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_4096_mul_128_outer\n\t"
-#else
-        "BLE.N	L_sp_4096_mul_128_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #508]\n\t"
-        "LDR	r11, [%[b], #508]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mul_128_store:\n\t"
-#else
-    "L_sp_4096_mul_128_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_4096_mul_128_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_4096_mul_128_store\n\t"
-#else
-        "BGT.N	L_sp_4096_mul_128_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_sqr_128(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x400\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_sqr_128_outer:\n\t"
-#else
-    "L_sp_4096_sqr_128_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x1fc\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_sqr_128_inner:\n\t"
-#else
-    "L_sp_4096_sqr_128_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_4096_sqr_128_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_4096_sqr_128_inner_done\n\t"
-#else
-        "BGT.N	L_sp_4096_sqr_128_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_sqr_128_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_sqr_128_inner\n\t"
-#else
-        "BLT.N	L_sp_4096_sqr_128_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_sqr_128_inner_done:\n\t"
-#else
-    "L_sp_4096_sqr_128_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x3f4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_4096_sqr_128_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_4096_sqr_128_outer\n\t"
-#else
-        "BLE.N	L_sp_4096_sqr_128_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #508]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_sqr_128_store:\n\t"
-#else
-    "L_sp_4096_sqr_128_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_4096_sqr_128_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_4096_sqr_128_store\n\t"
-#else
-        "BGT.N	L_sp_4096_sqr_128_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mul_d_128_word:\n\t"
-#else
-    "L_sp_4096_mul_d_128_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mul_d_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_mul_d_128_word\n\t"
-#else
-        "BLT.N	L_sp_4096_mul_d_128_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #512]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_mul_d_128(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[17] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[18] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[19] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[20] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[21] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[22] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[23] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[24] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[25] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[26] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[27] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[28] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[29] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[30] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[31] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[32] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[33] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[34] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[35] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[36] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[37] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[38] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[39] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[40] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[41] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[42] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[43] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[44] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[45] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[46] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[47] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[48] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[49] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[50] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[51] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[52] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[53] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[54] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[55] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[56] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[57] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[58] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[59] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[60] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[61] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[62] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[63] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[64] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[65] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[66] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[67] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[68] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[69] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[70] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[71] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[72] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[73] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[74] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[75] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[76] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[77] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[78] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[79] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[80] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[81] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[82] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[83] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[84] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[85] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[86] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[87] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[88] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[89] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[90] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[91] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[92] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[93] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[94] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[95] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[96] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[97] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[98] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[99] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[100] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[101] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[102] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[103] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[104] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[105] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[106] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[107] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[108] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[109] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[110] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[111] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[112] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[113] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[114] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[115] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[116] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[117] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[118] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[119] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[120] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[121] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[122] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[123] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[124] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[125] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[126] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[127] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "STR	r5, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 128);
-
-    /* r = 2^n mod m */
-    sp_4096_sub_in_place_128(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_cond_sub_128_words:\n\t"
-#else
-    "L_sp_4096_cond_sub_128_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_cond_sub_128_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_cond_sub_128_words\n\t"
-#else
-        "BLT.N	L_sp_4096_cond_sub_128_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_NO_UMAAL
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mont_reduce_128_word:\n\t"
-#else
-    "L_sp_4096_mont_reduce_128_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r9, [%[m], #68]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r9, [%[m], #72]\n\t"
-        "LDR	r12, [%[a], #72]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #72]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r9, [%[m], #76]\n\t"
-        "LDR	r12, [%[a], #76]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #76]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r9, [%[m], #80]\n\t"
-        "LDR	r12, [%[a], #80]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #80]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r9, [%[m], #84]\n\t"
-        "LDR	r12, [%[a], #84]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #84]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r9, [%[m], #88]\n\t"
-        "LDR	r12, [%[a], #88]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #88]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r9, [%[m], #92]\n\t"
-        "LDR	r12, [%[a], #92]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #92]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r9, [%[m], #96]\n\t"
-        "LDR	r12, [%[a], #96]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #96]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r9, [%[m], #100]\n\t"
-        "LDR	r12, [%[a], #100]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #100]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r9, [%[m], #104]\n\t"
-        "LDR	r12, [%[a], #104]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #104]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r9, [%[m], #108]\n\t"
-        "LDR	r12, [%[a], #108]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #108]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r9, [%[m], #112]\n\t"
-        "LDR	r12, [%[a], #112]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #112]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r9, [%[m], #116]\n\t"
-        "LDR	r12, [%[a], #116]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #116]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r9, [%[m], #120]\n\t"
-        "LDR	r12, [%[a], #120]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #120]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r9, [%[m], #124]\n\t"
-        "LDR	r12, [%[a], #124]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #124]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r9, [%[m], #128]\n\t"
-        "LDR	r12, [%[a], #128]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #128]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r9, [%[m], #132]\n\t"
-        "LDR	r12, [%[a], #132]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #132]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r9, [%[m], #136]\n\t"
-        "LDR	r12, [%[a], #136]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #136]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r9, [%[m], #140]\n\t"
-        "LDR	r12, [%[a], #140]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #140]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r9, [%[m], #144]\n\t"
-        "LDR	r12, [%[a], #144]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #144]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r9, [%[m], #148]\n\t"
-        "LDR	r12, [%[a], #148]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #148]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r9, [%[m], #152]\n\t"
-        "LDR	r12, [%[a], #152]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #152]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r9, [%[m], #156]\n\t"
-        "LDR	r12, [%[a], #156]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #156]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r9, [%[m], #160]\n\t"
-        "LDR	r12, [%[a], #160]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #160]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r9, [%[m], #164]\n\t"
-        "LDR	r12, [%[a], #164]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #164]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r9, [%[m], #168]\n\t"
-        "LDR	r12, [%[a], #168]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #168]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r9, [%[m], #172]\n\t"
-        "LDR	r12, [%[a], #172]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #172]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r9, [%[m], #176]\n\t"
-        "LDR	r12, [%[a], #176]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #176]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r9, [%[m], #180]\n\t"
-        "LDR	r12, [%[a], #180]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #180]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r9, [%[m], #184]\n\t"
-        "LDR	r12, [%[a], #184]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #184]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r9, [%[m], #188]\n\t"
-        "LDR	r12, [%[a], #188]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #188]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+48] += m[48] * mu */
-        "LDR	r9, [%[m], #192]\n\t"
-        "LDR	r12, [%[a], #192]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #192]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+49] += m[49] * mu */
-        "LDR	r9, [%[m], #196]\n\t"
-        "LDR	r12, [%[a], #196]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #196]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+50] += m[50] * mu */
-        "LDR	r9, [%[m], #200]\n\t"
-        "LDR	r12, [%[a], #200]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #200]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+51] += m[51] * mu */
-        "LDR	r9, [%[m], #204]\n\t"
-        "LDR	r12, [%[a], #204]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #204]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+52] += m[52] * mu */
-        "LDR	r9, [%[m], #208]\n\t"
-        "LDR	r12, [%[a], #208]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #208]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+53] += m[53] * mu */
-        "LDR	r9, [%[m], #212]\n\t"
-        "LDR	r12, [%[a], #212]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #212]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+54] += m[54] * mu */
-        "LDR	r9, [%[m], #216]\n\t"
-        "LDR	r12, [%[a], #216]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #216]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+55] += m[55] * mu */
-        "LDR	r9, [%[m], #220]\n\t"
-        "LDR	r12, [%[a], #220]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #220]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+56] += m[56] * mu */
-        "LDR	r9, [%[m], #224]\n\t"
-        "LDR	r12, [%[a], #224]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #224]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+57] += m[57] * mu */
-        "LDR	r9, [%[m], #228]\n\t"
-        "LDR	r12, [%[a], #228]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #228]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+58] += m[58] * mu */
-        "LDR	r9, [%[m], #232]\n\t"
-        "LDR	r12, [%[a], #232]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #232]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+59] += m[59] * mu */
-        "LDR	r9, [%[m], #236]\n\t"
-        "LDR	r12, [%[a], #236]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #236]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+60] += m[60] * mu */
-        "LDR	r9, [%[m], #240]\n\t"
-        "LDR	r12, [%[a], #240]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #240]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+61] += m[61] * mu */
-        "LDR	r9, [%[m], #244]\n\t"
-        "LDR	r12, [%[a], #244]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #244]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+62] += m[62] * mu */
-        "LDR	r9, [%[m], #248]\n\t"
-        "LDR	r12, [%[a], #248]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #248]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+63] += m[63] * mu */
-        "LDR	r9, [%[m], #252]\n\t"
-        "LDR	r12, [%[a], #252]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #252]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+64] += m[64] * mu */
-        "LDR	r9, [%[m], #256]\n\t"
-        "LDR	r12, [%[a], #256]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #256]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+65] += m[65] * mu */
-        "LDR	r9, [%[m], #260]\n\t"
-        "LDR	r12, [%[a], #260]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #260]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+66] += m[66] * mu */
-        "LDR	r9, [%[m], #264]\n\t"
-        "LDR	r12, [%[a], #264]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #264]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+67] += m[67] * mu */
-        "LDR	r9, [%[m], #268]\n\t"
-        "LDR	r12, [%[a], #268]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #268]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+68] += m[68] * mu */
-        "LDR	r9, [%[m], #272]\n\t"
-        "LDR	r12, [%[a], #272]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #272]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+69] += m[69] * mu */
-        "LDR	r9, [%[m], #276]\n\t"
-        "LDR	r12, [%[a], #276]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #276]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+70] += m[70] * mu */
-        "LDR	r9, [%[m], #280]\n\t"
-        "LDR	r12, [%[a], #280]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #280]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+71] += m[71] * mu */
-        "LDR	r9, [%[m], #284]\n\t"
-        "LDR	r12, [%[a], #284]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #284]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+72] += m[72] * mu */
-        "LDR	r9, [%[m], #288]\n\t"
-        "LDR	r12, [%[a], #288]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #288]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+73] += m[73] * mu */
-        "LDR	r9, [%[m], #292]\n\t"
-        "LDR	r12, [%[a], #292]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #292]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+74] += m[74] * mu */
-        "LDR	r9, [%[m], #296]\n\t"
-        "LDR	r12, [%[a], #296]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #296]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+75] += m[75] * mu */
-        "LDR	r9, [%[m], #300]\n\t"
-        "LDR	r12, [%[a], #300]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #300]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+76] += m[76] * mu */
-        "LDR	r9, [%[m], #304]\n\t"
-        "LDR	r12, [%[a], #304]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #304]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+77] += m[77] * mu */
-        "LDR	r9, [%[m], #308]\n\t"
-        "LDR	r12, [%[a], #308]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #308]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+78] += m[78] * mu */
-        "LDR	r9, [%[m], #312]\n\t"
-        "LDR	r12, [%[a], #312]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #312]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+79] += m[79] * mu */
-        "LDR	r9, [%[m], #316]\n\t"
-        "LDR	r12, [%[a], #316]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #316]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+80] += m[80] * mu */
-        "LDR	r9, [%[m], #320]\n\t"
-        "LDR	r12, [%[a], #320]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #320]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+81] += m[81] * mu */
-        "LDR	r9, [%[m], #324]\n\t"
-        "LDR	r12, [%[a], #324]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #324]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+82] += m[82] * mu */
-        "LDR	r9, [%[m], #328]\n\t"
-        "LDR	r12, [%[a], #328]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #328]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+83] += m[83] * mu */
-        "LDR	r9, [%[m], #332]\n\t"
-        "LDR	r12, [%[a], #332]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #332]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+84] += m[84] * mu */
-        "LDR	r9, [%[m], #336]\n\t"
-        "LDR	r12, [%[a], #336]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #336]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+85] += m[85] * mu */
-        "LDR	r9, [%[m], #340]\n\t"
-        "LDR	r12, [%[a], #340]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #340]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+86] += m[86] * mu */
-        "LDR	r9, [%[m], #344]\n\t"
-        "LDR	r12, [%[a], #344]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #344]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+87] += m[87] * mu */
-        "LDR	r9, [%[m], #348]\n\t"
-        "LDR	r12, [%[a], #348]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #348]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+88] += m[88] * mu */
-        "LDR	r9, [%[m], #352]\n\t"
-        "LDR	r12, [%[a], #352]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #352]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+89] += m[89] * mu */
-        "LDR	r9, [%[m], #356]\n\t"
-        "LDR	r12, [%[a], #356]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #356]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+90] += m[90] * mu */
-        "LDR	r9, [%[m], #360]\n\t"
-        "LDR	r12, [%[a], #360]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #360]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+91] += m[91] * mu */
-        "LDR	r9, [%[m], #364]\n\t"
-        "LDR	r12, [%[a], #364]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #364]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+92] += m[92] * mu */
-        "LDR	r9, [%[m], #368]\n\t"
-        "LDR	r12, [%[a], #368]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #368]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+93] += m[93] * mu */
-        "LDR	r9, [%[m], #372]\n\t"
-        "LDR	r12, [%[a], #372]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #372]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+94] += m[94] * mu */
-        "LDR	r9, [%[m], #376]\n\t"
-        "LDR	r12, [%[a], #376]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #376]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+95] += m[95] * mu */
-        "LDR	r9, [%[m], #380]\n\t"
-        "LDR	r12, [%[a], #380]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #380]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+96] += m[96] * mu */
-        "LDR	r9, [%[m], #384]\n\t"
-        "LDR	r12, [%[a], #384]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #384]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+97] += m[97] * mu */
-        "LDR	r9, [%[m], #388]\n\t"
-        "LDR	r12, [%[a], #388]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #388]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+98] += m[98] * mu */
-        "LDR	r9, [%[m], #392]\n\t"
-        "LDR	r12, [%[a], #392]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #392]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+99] += m[99] * mu */
-        "LDR	r9, [%[m], #396]\n\t"
-        "LDR	r12, [%[a], #396]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #396]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+100] += m[100] * mu */
-        "LDR	r9, [%[m], #400]\n\t"
-        "LDR	r12, [%[a], #400]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #400]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+101] += m[101] * mu */
-        "LDR	r9, [%[m], #404]\n\t"
-        "LDR	r12, [%[a], #404]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #404]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+102] += m[102] * mu */
-        "LDR	r9, [%[m], #408]\n\t"
-        "LDR	r12, [%[a], #408]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #408]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+103] += m[103] * mu */
-        "LDR	r9, [%[m], #412]\n\t"
-        "LDR	r12, [%[a], #412]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #412]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+104] += m[104] * mu */
-        "LDR	r9, [%[m], #416]\n\t"
-        "LDR	r12, [%[a], #416]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #416]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+105] += m[105] * mu */
-        "LDR	r9, [%[m], #420]\n\t"
-        "LDR	r12, [%[a], #420]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #420]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+106] += m[106] * mu */
-        "LDR	r9, [%[m], #424]\n\t"
-        "LDR	r12, [%[a], #424]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #424]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+107] += m[107] * mu */
-        "LDR	r9, [%[m], #428]\n\t"
-        "LDR	r12, [%[a], #428]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #428]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+108] += m[108] * mu */
-        "LDR	r9, [%[m], #432]\n\t"
-        "LDR	r12, [%[a], #432]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #432]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+109] += m[109] * mu */
-        "LDR	r9, [%[m], #436]\n\t"
-        "LDR	r12, [%[a], #436]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #436]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+110] += m[110] * mu */
-        "LDR	r9, [%[m], #440]\n\t"
-        "LDR	r12, [%[a], #440]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #440]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+111] += m[111] * mu */
-        "LDR	r9, [%[m], #444]\n\t"
-        "LDR	r12, [%[a], #444]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #444]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+112] += m[112] * mu */
-        "LDR	r9, [%[m], #448]\n\t"
-        "LDR	r12, [%[a], #448]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #448]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+113] += m[113] * mu */
-        "LDR	r9, [%[m], #452]\n\t"
-        "LDR	r12, [%[a], #452]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #452]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+114] += m[114] * mu */
-        "LDR	r9, [%[m], #456]\n\t"
-        "LDR	r12, [%[a], #456]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #456]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+115] += m[115] * mu */
-        "LDR	r9, [%[m], #460]\n\t"
-        "LDR	r12, [%[a], #460]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #460]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+116] += m[116] * mu */
-        "LDR	r9, [%[m], #464]\n\t"
-        "LDR	r12, [%[a], #464]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #464]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+117] += m[117] * mu */
-        "LDR	r9, [%[m], #468]\n\t"
-        "LDR	r12, [%[a], #468]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #468]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+118] += m[118] * mu */
-        "LDR	r9, [%[m], #472]\n\t"
-        "LDR	r12, [%[a], #472]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #472]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+119] += m[119] * mu */
-        "LDR	r9, [%[m], #476]\n\t"
-        "LDR	r12, [%[a], #476]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #476]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+120] += m[120] * mu */
-        "LDR	r9, [%[m], #480]\n\t"
-        "LDR	r12, [%[a], #480]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #480]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+121] += m[121] * mu */
-        "LDR	r9, [%[m], #484]\n\t"
-        "LDR	r12, [%[a], #484]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #484]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+122] += m[122] * mu */
-        "LDR	r9, [%[m], #488]\n\t"
-        "LDR	r12, [%[a], #488]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #488]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+123] += m[123] * mu */
-        "LDR	r9, [%[m], #492]\n\t"
-        "LDR	r12, [%[a], #492]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #492]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+124] += m[124] * mu */
-        "LDR	r9, [%[m], #496]\n\t"
-        "LDR	r12, [%[a], #496]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #496]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+125] += m[125] * mu */
-        "LDR	r9, [%[m], #500]\n\t"
-        "LDR	r12, [%[a], #500]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #500]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+126] += m[126] * mu */
-        "LDR	r9, [%[m], #504]\n\t"
-        "LDR	r12, [%[a], #504]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #504]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+127] += m[127] * mu */
-        "LDR	r9, [%[m], #508]\n\t"
-        "LDR	r12, [%[a], #508]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #508]\n\t"
-        "LDR	r12, [%[a], #512]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #512]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_4096_mont_reduce_128_word\n\t"
-#else
-        "BLT.W	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mont_reduce_128_word:\n\t"
-#else
-    "L_sp_4096_mont_reduce_128_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mont_reduce_128_mul:\n\t"
-#else
-    "L_sp_4096_mont_reduce_128_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r8, r7\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        "ADC	r4, r5, #0x0\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mont_reduce_128_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_mont_reduce_128_mul\n\t"
-#else
-        "BLT.N	L_sp_4096_mont_reduce_128_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #512]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #512]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_mont_reduce_128_word\n\t"
-#else
-        "BLT.N	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#else
-#ifndef WOLFSSL_SP_SMALL
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mont_reduce_128_word:\n\t"
-#else
-    "L_sp_4096_mont_reduce_128_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r12, [%[m], #68]\n\t"
-        "LDR	r11, [%[a], #68]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r12, [%[m], #72]\n\t"
-        "LDR	r11, [%[a], #72]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r12, [%[m], #76]\n\t"
-        "LDR	r11, [%[a], #76]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r12, [%[m], #80]\n\t"
-        "LDR	r11, [%[a], #80]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r12, [%[m], #84]\n\t"
-        "LDR	r11, [%[a], #84]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r12, [%[m], #88]\n\t"
-        "LDR	r11, [%[a], #88]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r12, [%[m], #92]\n\t"
-        "LDR	r11, [%[a], #92]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r12, [%[m], #96]\n\t"
-        "LDR	r11, [%[a], #96]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r12, [%[m], #100]\n\t"
-        "LDR	r11, [%[a], #100]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r12, [%[m], #104]\n\t"
-        "LDR	r11, [%[a], #104]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r12, [%[m], #108]\n\t"
-        "LDR	r11, [%[a], #108]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r12, [%[m], #112]\n\t"
-        "LDR	r11, [%[a], #112]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r12, [%[m], #116]\n\t"
-        "LDR	r11, [%[a], #116]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r12, [%[m], #120]\n\t"
-        "LDR	r11, [%[a], #120]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r12, [%[m], #124]\n\t"
-        "LDR	r11, [%[a], #124]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #124]\n\t"
-        /* a[i+32] += m[32] * mu */
-        "LDR	r12, [%[m], #128]\n\t"
-        "LDR	r11, [%[a], #128]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #128]\n\t"
-        /* a[i+33] += m[33] * mu */
-        "LDR	r12, [%[m], #132]\n\t"
-        "LDR	r11, [%[a], #132]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #132]\n\t"
-        /* a[i+34] += m[34] * mu */
-        "LDR	r12, [%[m], #136]\n\t"
-        "LDR	r11, [%[a], #136]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #136]\n\t"
-        /* a[i+35] += m[35] * mu */
-        "LDR	r12, [%[m], #140]\n\t"
-        "LDR	r11, [%[a], #140]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #140]\n\t"
-        /* a[i+36] += m[36] * mu */
-        "LDR	r12, [%[m], #144]\n\t"
-        "LDR	r11, [%[a], #144]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #144]\n\t"
-        /* a[i+37] += m[37] * mu */
-        "LDR	r12, [%[m], #148]\n\t"
-        "LDR	r11, [%[a], #148]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #148]\n\t"
-        /* a[i+38] += m[38] * mu */
-        "LDR	r12, [%[m], #152]\n\t"
-        "LDR	r11, [%[a], #152]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #152]\n\t"
-        /* a[i+39] += m[39] * mu */
-        "LDR	r12, [%[m], #156]\n\t"
-        "LDR	r11, [%[a], #156]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #156]\n\t"
-        /* a[i+40] += m[40] * mu */
-        "LDR	r12, [%[m], #160]\n\t"
-        "LDR	r11, [%[a], #160]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #160]\n\t"
-        /* a[i+41] += m[41] * mu */
-        "LDR	r12, [%[m], #164]\n\t"
-        "LDR	r11, [%[a], #164]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #164]\n\t"
-        /* a[i+42] += m[42] * mu */
-        "LDR	r12, [%[m], #168]\n\t"
-        "LDR	r11, [%[a], #168]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #168]\n\t"
-        /* a[i+43] += m[43] * mu */
-        "LDR	r12, [%[m], #172]\n\t"
-        "LDR	r11, [%[a], #172]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #172]\n\t"
-        /* a[i+44] += m[44] * mu */
-        "LDR	r12, [%[m], #176]\n\t"
-        "LDR	r11, [%[a], #176]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #176]\n\t"
-        /* a[i+45] += m[45] * mu */
-        "LDR	r12, [%[m], #180]\n\t"
-        "LDR	r11, [%[a], #180]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #180]\n\t"
-        /* a[i+46] += m[46] * mu */
-        "LDR	r12, [%[m], #184]\n\t"
-        "LDR	r11, [%[a], #184]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #184]\n\t"
-        /* a[i+47] += m[47] * mu */
-        "LDR	r12, [%[m], #188]\n\t"
-        "LDR	r11, [%[a], #188]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #188]\n\t"
-        /* a[i+48] += m[48] * mu */
-        "LDR	r12, [%[m], #192]\n\t"
-        "LDR	r11, [%[a], #192]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #192]\n\t"
-        /* a[i+49] += m[49] * mu */
-        "LDR	r12, [%[m], #196]\n\t"
-        "LDR	r11, [%[a], #196]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #196]\n\t"
-        /* a[i+50] += m[50] * mu */
-        "LDR	r12, [%[m], #200]\n\t"
-        "LDR	r11, [%[a], #200]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #200]\n\t"
-        /* a[i+51] += m[51] * mu */
-        "LDR	r12, [%[m], #204]\n\t"
-        "LDR	r11, [%[a], #204]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #204]\n\t"
-        /* a[i+52] += m[52] * mu */
-        "LDR	r12, [%[m], #208]\n\t"
-        "LDR	r11, [%[a], #208]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #208]\n\t"
-        /* a[i+53] += m[53] * mu */
-        "LDR	r12, [%[m], #212]\n\t"
-        "LDR	r11, [%[a], #212]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #212]\n\t"
-        /* a[i+54] += m[54] * mu */
-        "LDR	r12, [%[m], #216]\n\t"
-        "LDR	r11, [%[a], #216]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #216]\n\t"
-        /* a[i+55] += m[55] * mu */
-        "LDR	r12, [%[m], #220]\n\t"
-        "LDR	r11, [%[a], #220]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #220]\n\t"
-        /* a[i+56] += m[56] * mu */
-        "LDR	r12, [%[m], #224]\n\t"
-        "LDR	r11, [%[a], #224]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #224]\n\t"
-        /* a[i+57] += m[57] * mu */
-        "LDR	r12, [%[m], #228]\n\t"
-        "LDR	r11, [%[a], #228]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #228]\n\t"
-        /* a[i+58] += m[58] * mu */
-        "LDR	r12, [%[m], #232]\n\t"
-        "LDR	r11, [%[a], #232]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #232]\n\t"
-        /* a[i+59] += m[59] * mu */
-        "LDR	r12, [%[m], #236]\n\t"
-        "LDR	r11, [%[a], #236]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #236]\n\t"
-        /* a[i+60] += m[60] * mu */
-        "LDR	r12, [%[m], #240]\n\t"
-        "LDR	r11, [%[a], #240]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #240]\n\t"
-        /* a[i+61] += m[61] * mu */
-        "LDR	r12, [%[m], #244]\n\t"
-        "LDR	r11, [%[a], #244]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #244]\n\t"
-        /* a[i+62] += m[62] * mu */
-        "LDR	r12, [%[m], #248]\n\t"
-        "LDR	r11, [%[a], #248]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #248]\n\t"
-        /* a[i+63] += m[63] * mu */
-        "LDR	r12, [%[m], #252]\n\t"
-        "LDR	r11, [%[a], #252]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #252]\n\t"
-        /* a[i+64] += m[64] * mu */
-        "LDR	r12, [%[m], #256]\n\t"
-        "LDR	r11, [%[a], #256]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #256]\n\t"
-        /* a[i+65] += m[65] * mu */
-        "LDR	r12, [%[m], #260]\n\t"
-        "LDR	r11, [%[a], #260]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #260]\n\t"
-        /* a[i+66] += m[66] * mu */
-        "LDR	r12, [%[m], #264]\n\t"
-        "LDR	r11, [%[a], #264]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #264]\n\t"
-        /* a[i+67] += m[67] * mu */
-        "LDR	r12, [%[m], #268]\n\t"
-        "LDR	r11, [%[a], #268]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #268]\n\t"
-        /* a[i+68] += m[68] * mu */
-        "LDR	r12, [%[m], #272]\n\t"
-        "LDR	r11, [%[a], #272]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #272]\n\t"
-        /* a[i+69] += m[69] * mu */
-        "LDR	r12, [%[m], #276]\n\t"
-        "LDR	r11, [%[a], #276]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #276]\n\t"
-        /* a[i+70] += m[70] * mu */
-        "LDR	r12, [%[m], #280]\n\t"
-        "LDR	r11, [%[a], #280]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #280]\n\t"
-        /* a[i+71] += m[71] * mu */
-        "LDR	r12, [%[m], #284]\n\t"
-        "LDR	r11, [%[a], #284]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #284]\n\t"
-        /* a[i+72] += m[72] * mu */
-        "LDR	r12, [%[m], #288]\n\t"
-        "LDR	r11, [%[a], #288]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #288]\n\t"
-        /* a[i+73] += m[73] * mu */
-        "LDR	r12, [%[m], #292]\n\t"
-        "LDR	r11, [%[a], #292]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #292]\n\t"
-        /* a[i+74] += m[74] * mu */
-        "LDR	r12, [%[m], #296]\n\t"
-        "LDR	r11, [%[a], #296]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #296]\n\t"
-        /* a[i+75] += m[75] * mu */
-        "LDR	r12, [%[m], #300]\n\t"
-        "LDR	r11, [%[a], #300]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #300]\n\t"
-        /* a[i+76] += m[76] * mu */
-        "LDR	r12, [%[m], #304]\n\t"
-        "LDR	r11, [%[a], #304]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #304]\n\t"
-        /* a[i+77] += m[77] * mu */
-        "LDR	r12, [%[m], #308]\n\t"
-        "LDR	r11, [%[a], #308]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #308]\n\t"
-        /* a[i+78] += m[78] * mu */
-        "LDR	r12, [%[m], #312]\n\t"
-        "LDR	r11, [%[a], #312]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #312]\n\t"
-        /* a[i+79] += m[79] * mu */
-        "LDR	r12, [%[m], #316]\n\t"
-        "LDR	r11, [%[a], #316]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #316]\n\t"
-        /* a[i+80] += m[80] * mu */
-        "LDR	r12, [%[m], #320]\n\t"
-        "LDR	r11, [%[a], #320]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #320]\n\t"
-        /* a[i+81] += m[81] * mu */
-        "LDR	r12, [%[m], #324]\n\t"
-        "LDR	r11, [%[a], #324]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #324]\n\t"
-        /* a[i+82] += m[82] * mu */
-        "LDR	r12, [%[m], #328]\n\t"
-        "LDR	r11, [%[a], #328]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #328]\n\t"
-        /* a[i+83] += m[83] * mu */
-        "LDR	r12, [%[m], #332]\n\t"
-        "LDR	r11, [%[a], #332]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #332]\n\t"
-        /* a[i+84] += m[84] * mu */
-        "LDR	r12, [%[m], #336]\n\t"
-        "LDR	r11, [%[a], #336]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #336]\n\t"
-        /* a[i+85] += m[85] * mu */
-        "LDR	r12, [%[m], #340]\n\t"
-        "LDR	r11, [%[a], #340]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #340]\n\t"
-        /* a[i+86] += m[86] * mu */
-        "LDR	r12, [%[m], #344]\n\t"
-        "LDR	r11, [%[a], #344]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #344]\n\t"
-        /* a[i+87] += m[87] * mu */
-        "LDR	r12, [%[m], #348]\n\t"
-        "LDR	r11, [%[a], #348]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #348]\n\t"
-        /* a[i+88] += m[88] * mu */
-        "LDR	r12, [%[m], #352]\n\t"
-        "LDR	r11, [%[a], #352]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #352]\n\t"
-        /* a[i+89] += m[89] * mu */
-        "LDR	r12, [%[m], #356]\n\t"
-        "LDR	r11, [%[a], #356]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #356]\n\t"
-        /* a[i+90] += m[90] * mu */
-        "LDR	r12, [%[m], #360]\n\t"
-        "LDR	r11, [%[a], #360]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #360]\n\t"
-        /* a[i+91] += m[91] * mu */
-        "LDR	r12, [%[m], #364]\n\t"
-        "LDR	r11, [%[a], #364]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #364]\n\t"
-        /* a[i+92] += m[92] * mu */
-        "LDR	r12, [%[m], #368]\n\t"
-        "LDR	r11, [%[a], #368]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #368]\n\t"
-        /* a[i+93] += m[93] * mu */
-        "LDR	r12, [%[m], #372]\n\t"
-        "LDR	r11, [%[a], #372]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #372]\n\t"
-        /* a[i+94] += m[94] * mu */
-        "LDR	r12, [%[m], #376]\n\t"
-        "LDR	r11, [%[a], #376]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #376]\n\t"
-        /* a[i+95] += m[95] * mu */
-        "LDR	r12, [%[m], #380]\n\t"
-        "LDR	r11, [%[a], #380]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #380]\n\t"
-        /* a[i+96] += m[96] * mu */
-        "LDR	r12, [%[m], #384]\n\t"
-        "LDR	r11, [%[a], #384]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #384]\n\t"
-        /* a[i+97] += m[97] * mu */
-        "LDR	r12, [%[m], #388]\n\t"
-        "LDR	r11, [%[a], #388]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #388]\n\t"
-        /* a[i+98] += m[98] * mu */
-        "LDR	r12, [%[m], #392]\n\t"
-        "LDR	r11, [%[a], #392]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #392]\n\t"
-        /* a[i+99] += m[99] * mu */
-        "LDR	r12, [%[m], #396]\n\t"
-        "LDR	r11, [%[a], #396]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #396]\n\t"
-        /* a[i+100] += m[100] * mu */
-        "LDR	r12, [%[m], #400]\n\t"
-        "LDR	r11, [%[a], #400]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #400]\n\t"
-        /* a[i+101] += m[101] * mu */
-        "LDR	r12, [%[m], #404]\n\t"
-        "LDR	r11, [%[a], #404]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #404]\n\t"
-        /* a[i+102] += m[102] * mu */
-        "LDR	r12, [%[m], #408]\n\t"
-        "LDR	r11, [%[a], #408]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #408]\n\t"
-        /* a[i+103] += m[103] * mu */
-        "LDR	r12, [%[m], #412]\n\t"
-        "LDR	r11, [%[a], #412]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #412]\n\t"
-        /* a[i+104] += m[104] * mu */
-        "LDR	r12, [%[m], #416]\n\t"
-        "LDR	r11, [%[a], #416]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #416]\n\t"
-        /* a[i+105] += m[105] * mu */
-        "LDR	r12, [%[m], #420]\n\t"
-        "LDR	r11, [%[a], #420]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #420]\n\t"
-        /* a[i+106] += m[106] * mu */
-        "LDR	r12, [%[m], #424]\n\t"
-        "LDR	r11, [%[a], #424]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #424]\n\t"
-        /* a[i+107] += m[107] * mu */
-        "LDR	r12, [%[m], #428]\n\t"
-        "LDR	r11, [%[a], #428]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #428]\n\t"
-        /* a[i+108] += m[108] * mu */
-        "LDR	r12, [%[m], #432]\n\t"
-        "LDR	r11, [%[a], #432]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #432]\n\t"
-        /* a[i+109] += m[109] * mu */
-        "LDR	r12, [%[m], #436]\n\t"
-        "LDR	r11, [%[a], #436]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #436]\n\t"
-        /* a[i+110] += m[110] * mu */
-        "LDR	r12, [%[m], #440]\n\t"
-        "LDR	r11, [%[a], #440]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #440]\n\t"
-        /* a[i+111] += m[111] * mu */
-        "LDR	r12, [%[m], #444]\n\t"
-        "LDR	r11, [%[a], #444]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #444]\n\t"
-        /* a[i+112] += m[112] * mu */
-        "LDR	r12, [%[m], #448]\n\t"
-        "LDR	r11, [%[a], #448]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #448]\n\t"
-        /* a[i+113] += m[113] * mu */
-        "LDR	r12, [%[m], #452]\n\t"
-        "LDR	r11, [%[a], #452]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #452]\n\t"
-        /* a[i+114] += m[114] * mu */
-        "LDR	r12, [%[m], #456]\n\t"
-        "LDR	r11, [%[a], #456]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #456]\n\t"
-        /* a[i+115] += m[115] * mu */
-        "LDR	r12, [%[m], #460]\n\t"
-        "LDR	r11, [%[a], #460]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #460]\n\t"
-        /* a[i+116] += m[116] * mu */
-        "LDR	r12, [%[m], #464]\n\t"
-        "LDR	r11, [%[a], #464]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #464]\n\t"
-        /* a[i+117] += m[117] * mu */
-        "LDR	r12, [%[m], #468]\n\t"
-        "LDR	r11, [%[a], #468]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #468]\n\t"
-        /* a[i+118] += m[118] * mu */
-        "LDR	r12, [%[m], #472]\n\t"
-        "LDR	r11, [%[a], #472]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #472]\n\t"
-        /* a[i+119] += m[119] * mu */
-        "LDR	r12, [%[m], #476]\n\t"
-        "LDR	r11, [%[a], #476]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #476]\n\t"
-        /* a[i+120] += m[120] * mu */
-        "LDR	r12, [%[m], #480]\n\t"
-        "LDR	r11, [%[a], #480]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #480]\n\t"
-        /* a[i+121] += m[121] * mu */
-        "LDR	r12, [%[m], #484]\n\t"
-        "LDR	r11, [%[a], #484]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #484]\n\t"
-        /* a[i+122] += m[122] * mu */
-        "LDR	r12, [%[m], #488]\n\t"
-        "LDR	r11, [%[a], #488]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #488]\n\t"
-        /* a[i+123] += m[123] * mu */
-        "LDR	r12, [%[m], #492]\n\t"
-        "LDR	r11, [%[a], #492]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #492]\n\t"
-        /* a[i+124] += m[124] * mu */
-        "LDR	r12, [%[m], #496]\n\t"
-        "LDR	r11, [%[a], #496]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #496]\n\t"
-        /* a[i+125] += m[125] * mu */
-        "LDR	r12, [%[m], #500]\n\t"
-        "LDR	r11, [%[a], #500]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #500]\n\t"
-        /* a[i+126] += m[126] * mu */
-        "LDR	r12, [%[m], #504]\n\t"
-        "LDR	r11, [%[a], #504]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #504]\n\t"
-        /* a[i+127] += m[127] * mu */
-        "LDR	r12, [%[m], #508]\n\t"
-        "LDR	r11, [%[a], #508]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #512]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #508]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #512]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_4096_mont_reduce_128_word\n\t"
-#else
-        "BLT.W	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 4096 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_4096_mont_reduce_128(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r11, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r9, #0x0\n\t"
-        /* ca = 0 */
-        "MOV	r3, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mont_reduce_128_word:\n\t"
-#else
-    "L_sp_4096_mont_reduce_128_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "LDR	r10, [%[a]]\n\t"
-        "MUL	r8, %[mp], r10\n\t"
-        /* j = 0 */
-        "MOV	r12, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_mont_reduce_128_mul:\n\t"
-#else
-    "L_sp_4096_mont_reduce_128_mul_%=:\n\t"
-#endif
-        /* a[i+j+0] += m[j+0] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+2] += m[j+2] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        /* a[i+j+3] += m[j+3] * mu */
-        "LDR	r7, [%[m], r12]\n\t"
-        "LDR	r10, [%[a], r12]\n\t"
-        "UMAAL	r10, r4, r8, r7\n\t"
-        "STR	r10, [%[a], r12]\n\t"
-        /* j += 1 */
-        "ADD	r12, r12, #0x4\n\t"
-        "CMP	r12, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mont_reduce_128_mul_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_mont_reduce_128_mul\n\t"
-#else
-        "BLT.N	L_sp_4096_mont_reduce_128_mul_%=\n\t"
-#endif
-        "LDR	r10, [%[a], #512]\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "STR	r10, [%[a], #512]\n\t"
-        /* i += 1 */
-        "ADD	r9, r9, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r9, #0x200\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_mont_reduce_128_word\n\t"
-#else
-        "BLT.N	L_sp_4096_mont_reduce_128_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_128(r, a, b);
-    sp_4096_mont_reduce_128(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_128(r, a);
-    sp_4096_mont_reduce_128(r, m, mp);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r11, #0x0\n\t"
-        "ADD	r12, %[a], #0x200\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_sub_128_word:\n\t"
-#else
-    "L_sp_4096_sub_128_word_%=:\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	r11, r3, r3\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_4096_sub_128_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_4096_sub_128_word\n\t"
-#else
-        "BNE.N	L_sp_4096_sub_128_word_%=\n\t"
-#endif
-        "MOV	%[r], r11\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_sub_128(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_4096_word_128(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_4096_word_128(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_4096_word_128_bit:\n\t"
-#else
-    "L_div_4096_word_128_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_4096_word_128_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_4096_word_128_bit\n\t"
-#else
-        "BPL.N	L_div_4096_word_128_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[256], t2[129];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[127];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 128);
-    for (i = 127; i > 0; i--) {
-        if (t1[i + 128] != d[i])
-            break;
-    }
-    if (t1[i + 128] >= d[i]) {
-        sp_4096_sub_in_place_128(&t1[128], d);
-    }
-    for (i = 127; i >= 0; i--) {
-        if (t1[128 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_4096_word_128(t1[128 + i], t1[128 + i - 1], div);
-        }
-
-        sp_4096_mul_d_128(t2, d, r1);
-        t1[128 + i] += sp_4096_sub_in_place_128(&t1[i], t2);
-        t1[128 + i] -= t2[128];
-        if (t1[128 + i] != 0) {
-            t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], d);
-            if (t1[128 + i] != 0)
-                t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 127; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_4096_sub_128(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 128);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_128_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<128; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 128; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_4096_cmp_128(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x1fc\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_cmp_128_words:\n\t"
-#else
-    "L_sp_4096_cmp_128_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_4096_cmp_128_words\n\t"
-#else
-        "bcs	L_sp_4096_cmp_128_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #508]\n\t"
-        "LDR	r5, [%[b], #508]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #504]\n\t"
-        "LDR	r5, [%[b], #504]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #500]\n\t"
-        "LDR	r5, [%[b], #500]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #496]\n\t"
-        "LDR	r5, [%[b], #496]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #492]\n\t"
-        "LDR	r5, [%[b], #492]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #488]\n\t"
-        "LDR	r5, [%[b], #488]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #484]\n\t"
-        "LDR	r5, [%[b], #484]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #480]\n\t"
-        "LDR	r5, [%[b], #480]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #476]\n\t"
-        "LDR	r5, [%[b], #476]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #472]\n\t"
-        "LDR	r5, [%[b], #472]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #468]\n\t"
-        "LDR	r5, [%[b], #468]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #464]\n\t"
-        "LDR	r5, [%[b], #464]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #460]\n\t"
-        "LDR	r5, [%[b], #460]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #456]\n\t"
-        "LDR	r5, [%[b], #456]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #452]\n\t"
-        "LDR	r5, [%[b], #452]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #448]\n\t"
-        "LDR	r5, [%[b], #448]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #444]\n\t"
-        "LDR	r5, [%[b], #444]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #440]\n\t"
-        "LDR	r5, [%[b], #440]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #436]\n\t"
-        "LDR	r5, [%[b], #436]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #432]\n\t"
-        "LDR	r5, [%[b], #432]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #428]\n\t"
-        "LDR	r5, [%[b], #428]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #424]\n\t"
-        "LDR	r5, [%[b], #424]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #420]\n\t"
-        "LDR	r5, [%[b], #420]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #416]\n\t"
-        "LDR	r5, [%[b], #416]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #412]\n\t"
-        "LDR	r5, [%[b], #412]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #408]\n\t"
-        "LDR	r5, [%[b], #408]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #404]\n\t"
-        "LDR	r5, [%[b], #404]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #400]\n\t"
-        "LDR	r5, [%[b], #400]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #396]\n\t"
-        "LDR	r5, [%[b], #396]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #392]\n\t"
-        "LDR	r5, [%[b], #392]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #388]\n\t"
-        "LDR	r5, [%[b], #388]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #384]\n\t"
-        "LDR	r5, [%[b], #384]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #380]\n\t"
-        "LDR	r5, [%[b], #380]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #376]\n\t"
-        "LDR	r5, [%[b], #376]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #372]\n\t"
-        "LDR	r5, [%[b], #372]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #368]\n\t"
-        "LDR	r5, [%[b], #368]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #364]\n\t"
-        "LDR	r5, [%[b], #364]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #360]\n\t"
-        "LDR	r5, [%[b], #360]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #356]\n\t"
-        "LDR	r5, [%[b], #356]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #352]\n\t"
-        "LDR	r5, [%[b], #352]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #348]\n\t"
-        "LDR	r5, [%[b], #348]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #344]\n\t"
-        "LDR	r5, [%[b], #344]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #340]\n\t"
-        "LDR	r5, [%[b], #340]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #336]\n\t"
-        "LDR	r5, [%[b], #336]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #332]\n\t"
-        "LDR	r5, [%[b], #332]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #328]\n\t"
-        "LDR	r5, [%[b], #328]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #324]\n\t"
-        "LDR	r5, [%[b], #324]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #320]\n\t"
-        "LDR	r5, [%[b], #320]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #316]\n\t"
-        "LDR	r5, [%[b], #316]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #312]\n\t"
-        "LDR	r5, [%[b], #312]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #308]\n\t"
-        "LDR	r5, [%[b], #308]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #304]\n\t"
-        "LDR	r5, [%[b], #304]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #300]\n\t"
-        "LDR	r5, [%[b], #300]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #296]\n\t"
-        "LDR	r5, [%[b], #296]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #292]\n\t"
-        "LDR	r5, [%[b], #292]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #288]\n\t"
-        "LDR	r5, [%[b], #288]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #284]\n\t"
-        "LDR	r5, [%[b], #284]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #280]\n\t"
-        "LDR	r5, [%[b], #280]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #276]\n\t"
-        "LDR	r5, [%[b], #276]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #272]\n\t"
-        "LDR	r5, [%[b], #272]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #268]\n\t"
-        "LDR	r5, [%[b], #268]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #264]\n\t"
-        "LDR	r5, [%[b], #264]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #260]\n\t"
-        "LDR	r5, [%[b], #260]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #256]\n\t"
-        "LDR	r5, [%[b], #256]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #252]\n\t"
-        "LDR	r5, [%[b], #252]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #248]\n\t"
-        "LDR	r5, [%[b], #248]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #244]\n\t"
-        "LDR	r5, [%[b], #244]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #240]\n\t"
-        "LDR	r5, [%[b], #240]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #236]\n\t"
-        "LDR	r5, [%[b], #236]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #232]\n\t"
-        "LDR	r5, [%[b], #232]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #228]\n\t"
-        "LDR	r5, [%[b], #228]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #224]\n\t"
-        "LDR	r5, [%[b], #224]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #220]\n\t"
-        "LDR	r5, [%[b], #220]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #216]\n\t"
-        "LDR	r5, [%[b], #216]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #212]\n\t"
-        "LDR	r5, [%[b], #212]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #208]\n\t"
-        "LDR	r5, [%[b], #208]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #204]\n\t"
-        "LDR	r5, [%[b], #204]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #200]\n\t"
-        "LDR	r5, [%[b], #200]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #196]\n\t"
-        "LDR	r5, [%[b], #196]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #192]\n\t"
-        "LDR	r5, [%[b], #192]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #188]\n\t"
-        "LDR	r5, [%[b], #188]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #184]\n\t"
-        "LDR	r5, [%[b], #184]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #180]\n\t"
-        "LDR	r5, [%[b], #180]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #176]\n\t"
-        "LDR	r5, [%[b], #176]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #172]\n\t"
-        "LDR	r5, [%[b], #172]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #168]\n\t"
-        "LDR	r5, [%[b], #168]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #164]\n\t"
-        "LDR	r5, [%[b], #164]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #160]\n\t"
-        "LDR	r5, [%[b], #160]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #156]\n\t"
-        "LDR	r5, [%[b], #156]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #152]\n\t"
-        "LDR	r5, [%[b], #152]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #148]\n\t"
-        "LDR	r5, [%[b], #148]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #144]\n\t"
-        "LDR	r5, [%[b], #144]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #140]\n\t"
-        "LDR	r5, [%[b], #140]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #136]\n\t"
-        "LDR	r5, [%[b], #136]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #132]\n\t"
-        "LDR	r5, [%[b], #132]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #128]\n\t"
-        "LDR	r5, [%[b], #128]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #124]\n\t"
-        "LDR	r5, [%[b], #124]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "LDR	r5, [%[b], #120]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "LDR	r5, [%[b], #116]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "LDR	r5, [%[b], #112]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "LDR	r5, [%[b], #108]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "LDR	r5, [%[b], #104]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "LDR	r5, [%[b], #100]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "LDR	r5, [%[b], #96]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "LDR	r5, [%[b], #92]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "LDR	r5, [%[b], #88]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "LDR	r5, [%[b], #84]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "LDR	r5, [%[b], #80]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "LDR	r5, [%[b], #76]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "LDR	r5, [%[b], #72]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "LDR	r5, [%[b], #68]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[256], t2[129];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[127];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 128);
-    r1 = sp_4096_cmp_128(&t1[128], d) >= 0;
-    sp_4096_cond_sub_128(&t1[128], &t1[128], d, (sp_digit)0 - r1);
-    for (i = 127; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[128 + i] == div);
-        sp_digit hi = t1[128 + i] + mask;
-        r1 = div_4096_word_128(hi, t1[128 + i - 1], div);
-        r1 |= mask;
-
-        sp_4096_mul_d_128(t2, d, r1);
-        t1[128 + i] += sp_4096_sub_in_place_128(&t1[i], t2);
-        t1[128 + i] -= t2[128];
-        sp_4096_mask_128(t2, d, t1[128 + i]);
-        t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], t2);
-        sp_4096_mask_128(t2, d, t1[128 + i]);
-        t1[128 + i] += sp_4096_add_128(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_4096_cmp_128(t1, d) >= 0;
-    sp_4096_cond_sub_128(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_4096_div_128(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifdef WOLFSSL_SP_SMALL
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 8 * 256);
-    sp_digit* t[8];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 8 * 256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<8; i++) {
-            t[i] = td + i * 256;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 128U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_128(t[1] + 128, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_128(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 128, a, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_128(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_128(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_128(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_128(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_128(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_128(t[ 7], t[ 4], t[ 3], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 3;
-        if (c == 32) {
-            c = 29;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 128);
-        for (; i>=0 || c>=3; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 29);
-                n <<= 3;
-                c = 29;
-            }
-            else if (c < 3) {
-                y = (byte)(n >> 29);
-                n = e[i--];
-                c = 3 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 29) & 0x7);
-                n <<= 3;
-                c -= 3;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_mont_mul_128(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#else
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_128(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, 16 * 256);
-    sp_digit* t[16];
-    sp_digit* norm = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 16 * 256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++) {
-            t[i] = td + i * 256;
-        }
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 128U);
-        if (reduceA != 0) {
-            err = sp_4096_mod_128(t[1] + 128, a, m);
-            if (err == MP_OKAY) {
-                err = sp_4096_mod_128(t[1], t[1], m);
-            }
-        }
-        else {
-            XMEMCPY(t[1] + 128, a, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_128(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_128(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_128(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_128(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_128(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_128(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_128(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_128(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_128(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_128(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_128(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_128(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_128(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_128(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 4;
-        if (c == 32) {
-            c = 28;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 128);
-        for (; i>=0 || c>=4; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 28);
-                n <<= 4;
-                c = 28;
-            }
-            else if (c < 4) {
-                y = (byte)(n >> 28);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 28) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_mont_mul_128(r, r, t[y], m, mp);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 128 * 5);
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit *ah = NULL;
-    sp_digit e[1] = {0};
-    int err = MP_OKAY;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 32 || inLen > 512 ||
-                                                     mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 128 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        ah = a + 128;
-        r = a + 128 * 2;
-        m = r + 128 * 2;
-
-        sp_4096_from_bin(ah, 128, in, inLen);
-#if DIGIT_BIT >= 32
-        e[0] = em->dp[0];
-#else
-        e[0] = em->dp[0];
-        if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-        }
-#endif
-        if (e[0] == 0) {
-            err = MP_EXPTMOD_E;
-        }
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 128, mm);
-
-        if (e[0] == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-                for (i = 15; i >= 0; i--) {
-                    sp_4096_mont_sqr_128(r, r, m, mp);
-                }
-                /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                 * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                 */
-                sp_4096_mont_mul_128(r, r, ah, m, mp);
-
-                for (i = 127; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_128(r, m);
-                }
-            }
-        }
-        else if (e[0] == 0x3) {
-            if (err == MP_OKAY) {
-                sp_4096_sqr_128(r, ah);
-                err = sp_4096_mod_128_cond(r, r, m);
-            }
-            if (err == MP_OKAY) {
-                sp_4096_mul_128(r, ah, r);
-                err = sp_4096_mod_128_cond(r, r, m);
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 128);
-            err = sp_4096_mod_128_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i = 31; i >= 0; i--) {
-                    if (e[0] >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 128);
-                for (i--; i >= 0; i--) {
-                    sp_4096_mont_sqr_128(r, r, m, mp);
-                    if (((e[0] >> i) & 1) == 1) {
-                        sp_4096_mont_mul_128(r, r, a, m, mp);
-                    }
-                }
-                XMEMSET(&r[128], 0, sizeof(sp_digit) * 128);
-                sp_4096_mont_reduce_128(r, m, mp);
-
-                for (i = 127; i > 0; i--) {
-                    if (r[i] != m[i]) {
-                        break;
-                    }
-                }
-                if (r[i] >= m[i]) {
-                    sp_4096_sub_in_place_128(r, m);
-                }
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_4096_cond_add_64_words:\n\t"
-#else
-    "L_sp_4096_cond_add_64_words_%=:\n\t"
-#endif
-        "ADDS	r5, r5, #0xffffffff\n\t"
-        "LDR	r6, [%[a], r4]\n\t"
-        "LDR	r7, [%[b], r4]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "ADCS	r6, r6, r7\n\t"
-        "ADC	r5, r8, r8\n\t"
-        "STR	r6, [%[r], r4]\n\t"
-        "ADD	r4, r4, #0x4\n\t"
-        "CMP	r4, #0x100\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_4096_cond_add_64_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_4096_cond_add_64_words\n\t"
-#else
-        "BLT.N	L_sp_4096_cond_add_64_words_%=\n\t"
-#endif
-        "MOV	%[r], r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_4096_cond_add_64(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADDS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "ADC	%[r], r10, r10\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-    SP_DECL_VAR(sp_digit, d, 128 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-           err = MP_READ_E;
-        }
-        else if (inLen > 512) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 128 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 128;
-        m = a + 256;
-        r = a;
-
-        sp_4096_from_bin(a, 128, in, inLen);
-        sp_4096_from_mp(d, 128, dm);
-        sp_4096_from_mp(m, 128, mm);
-        err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR_ALT(sp_digit, d, a, 128, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-#else
-    SP_DECL_VAR(sp_digit, a, 64 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* dq = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 512 || mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 128 * 2;
-        q = p + 64;
-        qi = dq = dp = q + 64;
-        tmpa = qi + 64;
-        tmpb = tmpa + 128;
-        r = a;
-
-        sp_4096_from_bin(a, 128, in, inLen);
-        sp_4096_from_mp(p, 64, pm);
-        sp_4096_from_mp(q, 64, qm);
-        sp_4096_from_mp(dp, 64, dpm);
-
-        err = sp_2048_mod_exp_64(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(dq, 64, dqm);
-        err = sp_2048_mod_exp_64(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_64(tmpa, tmpb);
-        c += sp_4096_cond_add_64(tmpa, tmpa, p, c);
-        sp_4096_cond_add_64(tmpa, tmpa, p, c);
-
-        sp_2048_from_mp(qi, 64, qim);
-        sp_2048_mul_64(tmpa, tmpa, qi);
-        err = sp_2048_mod_64(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mul_64(tmpa, q, tmpa);
-        XMEMSET(&tmpb[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_add_128(r, tmpb, tmpa);
-
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 64 * 11, NULL, DYNAMIC_TYPE_RSA);
-#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
-    return err;
-}
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 128);
-        r->used = 128;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 128; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 128; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    sp_digit b[256];
-    sp_digit e[128];
-    sp_digit m[128];
-    sp_digit* r = b;
-    int expBits = mp_count_bits(exp);
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 128, base);
-        sp_4096_from_mp(e, 128, exp);
-        sp_4096_from_mp(m, 128, mod);
-
-        err = sp_4096_mod_exp_128(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-
-#ifdef HAVE_FFDHE_4096
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_4096_lshift_128(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register byte n __asm__ ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "RSB	r7, %[n], #0x1f\n\t"
-        "LDR	r5, [%[a], #508]\n\t"
-        "LSR	r6, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r6, r6, r7\n\t"
-        "LDR	r4, [%[a], #504]\n\t"
-        "STR	r6, [%[r], #512]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #500]\n\t"
-        "STR	r5, [%[r], #508]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #496]\n\t"
-        "STR	r4, [%[r], #504]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #492]\n\t"
-        "STR	r6, [%[r], #500]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #488]\n\t"
-        "STR	r5, [%[r], #496]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #484]\n\t"
-        "STR	r4, [%[r], #492]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #480]\n\t"
-        "STR	r6, [%[r], #488]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #476]\n\t"
-        "STR	r5, [%[r], #484]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #472]\n\t"
-        "STR	r4, [%[r], #480]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #468]\n\t"
-        "STR	r6, [%[r], #476]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #464]\n\t"
-        "STR	r5, [%[r], #472]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #460]\n\t"
-        "STR	r4, [%[r], #468]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #456]\n\t"
-        "STR	r6, [%[r], #464]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #452]\n\t"
-        "STR	r5, [%[r], #460]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #448]\n\t"
-        "STR	r4, [%[r], #456]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #444]\n\t"
-        "STR	r6, [%[r], #452]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #440]\n\t"
-        "STR	r5, [%[r], #448]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #436]\n\t"
-        "STR	r4, [%[r], #444]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #432]\n\t"
-        "STR	r6, [%[r], #440]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #428]\n\t"
-        "STR	r5, [%[r], #436]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #424]\n\t"
-        "STR	r4, [%[r], #432]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #420]\n\t"
-        "STR	r6, [%[r], #428]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #416]\n\t"
-        "STR	r5, [%[r], #424]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #412]\n\t"
-        "STR	r4, [%[r], #420]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #408]\n\t"
-        "STR	r6, [%[r], #416]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #404]\n\t"
-        "STR	r5, [%[r], #412]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #400]\n\t"
-        "STR	r4, [%[r], #408]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #396]\n\t"
-        "STR	r6, [%[r], #404]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #392]\n\t"
-        "STR	r5, [%[r], #400]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #388]\n\t"
-        "STR	r4, [%[r], #396]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #384]\n\t"
-        "STR	r6, [%[r], #392]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #380]\n\t"
-        "STR	r5, [%[r], #388]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #376]\n\t"
-        "STR	r4, [%[r], #384]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #372]\n\t"
-        "STR	r6, [%[r], #380]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #368]\n\t"
-        "STR	r5, [%[r], #376]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #364]\n\t"
-        "STR	r4, [%[r], #372]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #360]\n\t"
-        "STR	r6, [%[r], #368]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #356]\n\t"
-        "STR	r5, [%[r], #364]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #352]\n\t"
-        "STR	r4, [%[r], #360]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #348]\n\t"
-        "STR	r6, [%[r], #356]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #344]\n\t"
-        "STR	r5, [%[r], #352]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #340]\n\t"
-        "STR	r4, [%[r], #348]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #336]\n\t"
-        "STR	r6, [%[r], #344]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #332]\n\t"
-        "STR	r5, [%[r], #340]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #328]\n\t"
-        "STR	r4, [%[r], #336]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #324]\n\t"
-        "STR	r6, [%[r], #332]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #320]\n\t"
-        "STR	r5, [%[r], #328]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #316]\n\t"
-        "STR	r4, [%[r], #324]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #312]\n\t"
-        "STR	r6, [%[r], #320]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #308]\n\t"
-        "STR	r5, [%[r], #316]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #304]\n\t"
-        "STR	r4, [%[r], #312]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #300]\n\t"
-        "STR	r6, [%[r], #308]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #296]\n\t"
-        "STR	r5, [%[r], #304]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #292]\n\t"
-        "STR	r4, [%[r], #300]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #288]\n\t"
-        "STR	r6, [%[r], #296]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #284]\n\t"
-        "STR	r5, [%[r], #292]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #280]\n\t"
-        "STR	r4, [%[r], #288]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #276]\n\t"
-        "STR	r6, [%[r], #284]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #272]\n\t"
-        "STR	r5, [%[r], #280]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #268]\n\t"
-        "STR	r4, [%[r], #276]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #264]\n\t"
-        "STR	r6, [%[r], #272]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #260]\n\t"
-        "STR	r5, [%[r], #268]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #256]\n\t"
-        "STR	r4, [%[r], #264]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #252]\n\t"
-        "STR	r6, [%[r], #260]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #248]\n\t"
-        "STR	r5, [%[r], #256]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #244]\n\t"
-        "STR	r4, [%[r], #252]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #240]\n\t"
-        "STR	r6, [%[r], #248]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #236]\n\t"
-        "STR	r5, [%[r], #244]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #232]\n\t"
-        "STR	r4, [%[r], #240]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #228]\n\t"
-        "STR	r6, [%[r], #236]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #224]\n\t"
-        "STR	r5, [%[r], #232]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #220]\n\t"
-        "STR	r4, [%[r], #228]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #216]\n\t"
-        "STR	r6, [%[r], #224]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #212]\n\t"
-        "STR	r5, [%[r], #220]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #208]\n\t"
-        "STR	r4, [%[r], #216]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #204]\n\t"
-        "STR	r6, [%[r], #212]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #200]\n\t"
-        "STR	r5, [%[r], #208]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #196]\n\t"
-        "STR	r4, [%[r], #204]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #192]\n\t"
-        "STR	r6, [%[r], #200]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #188]\n\t"
-        "STR	r5, [%[r], #196]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #184]\n\t"
-        "STR	r4, [%[r], #192]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #180]\n\t"
-        "STR	r6, [%[r], #188]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #176]\n\t"
-        "STR	r5, [%[r], #184]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #172]\n\t"
-        "STR	r4, [%[r], #180]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #168]\n\t"
-        "STR	r6, [%[r], #176]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #164]\n\t"
-        "STR	r5, [%[r], #172]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #160]\n\t"
-        "STR	r4, [%[r], #168]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #156]\n\t"
-        "STR	r6, [%[r], #164]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #152]\n\t"
-        "STR	r5, [%[r], #160]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #148]\n\t"
-        "STR	r4, [%[r], #156]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #144]\n\t"
-        "STR	r6, [%[r], #152]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #140]\n\t"
-        "STR	r5, [%[r], #148]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #136]\n\t"
-        "STR	r4, [%[r], #144]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #132]\n\t"
-        "STR	r6, [%[r], #140]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #128]\n\t"
-        "STR	r5, [%[r], #136]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #124]\n\t"
-        "STR	r4, [%[r], #132]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "STR	r6, [%[r], #128]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #116]\n\t"
-        "STR	r5, [%[r], #124]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #112]\n\t"
-        "STR	r4, [%[r], #120]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "STR	r6, [%[r], #116]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #104]\n\t"
-        "STR	r5, [%[r], #112]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #100]\n\t"
-        "STR	r4, [%[r], #108]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "STR	r6, [%[r], #104]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #92]\n\t"
-        "STR	r5, [%[r], #100]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #88]\n\t"
-        "STR	r4, [%[r], #96]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "STR	r6, [%[r], #92]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #80]\n\t"
-        "STR	r5, [%[r], #88]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #76]\n\t"
-        "STR	r4, [%[r], #84]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "STR	r6, [%[r], #80]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #68]\n\t"
-        "STR	r5, [%[r], #76]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #64]\n\t"
-        "STR	r4, [%[r], #72]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "STR	r6, [%[r], #68]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #56]\n\t"
-        "STR	r5, [%[r], #64]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #52]\n\t"
-        "STR	r4, [%[r], #60]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "STR	r6, [%[r], #56]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #44]\n\t"
-        "STR	r5, [%[r], #52]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #40]\n\t"
-        "STR	r4, [%[r], #48]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "STR	r6, [%[r], #44]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #32]\n\t"
-        "STR	r5, [%[r], #40]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #28]\n\t"
-        "STR	r4, [%[r], #36]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "STR	r6, [%[r], #32]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #20]\n\t"
-        "STR	r5, [%[r], #28]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #16]\n\t"
-        "STR	r4, [%[r], #24]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "STR	r6, [%[r], #20]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #8]\n\t"
-        "STR	r5, [%[r], #16]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "STR	r4, [%[r], #12]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "STR	r6, [%[r], #8]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "STR	r4, [%[r]]\n\t"
-        "STR	r5, [%[r], #4]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r7"
-    );
-}
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_128(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 385);
-    sp_digit* norm = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 385, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 256;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_128(norm, m);
-
-        i = (bits - 1) / 32;
-        n = e[i--];
-        c = bits & 31;
-        if (c == 0) {
-            c = 32;
-        }
-        c -= bits % 5;
-        if (c == 32) {
-            c = 27;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 32 - c;
-        }
-        sp_4096_lshift_128(r, norm, y);
-        for (; i>=0 || c>=5; ) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 27);
-                n <<= 5;
-                c = 27;
-            }
-            else if (c < 5) {
-                y = (byte)(n >> 27);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (32 - c));
-                n <<= c;
-                c = 32 - c;
-            }
-            else {
-                y = (byte)((n >> 27) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-            sp_4096_mont_sqr_128(r, r, m, mp);
-
-            sp_4096_lshift_128(r, r, y);
-            sp_4096_mul_d_128(tmp, norm, r[128]);
-            r[128] = 0;
-            o = sp_4096_add_128(r, r, tmp);
-            sp_4096_cond_sub_128(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[128], 0, sizeof(sp_digit) * 128U);
-        sp_4096_mont_reduce_128(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_128(r, m) >= 0);
-        sp_4096_cond_sub_128(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    sp_digit b[256];
-    sp_digit e[128];
-    sp_digit m[128];
-    sp_digit* r = b;
-    word32 i;
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(b, 128, base);
-        sp_4096_from_bin(e, 128, exp, expLen);
-        sp_4096_from_mp(m, 128, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2 && m[127] == (sp_digit)-1)
-            err = sp_4096_mod_exp_2_128(r, e, expLen * 8, m);
-        else
-    #endif
-            err = sp_4096_mod_exp_128(r, b, e, expLen * 8, m, 0);
-
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_128(r, out);
-        *outLen = 512;
-        for (i=0; i<512 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-
-    }
-
-    XMEMSET(e, 0, sizeof(e));
-
-    return err;
-}
-#endif /* WOLFSSL_HAVE_SP_DH */
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 8];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 8];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 8];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[8] = {
-    0xffffffff,0xffffffff,0xffffffff,0x00000000,0x00000000,0x00000000,
-    0x00000001,0xffffffff
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[8] = {
-    0x00000001,0x00000000,0x00000000,0xffffffff,0xffffffff,0xffffffff,
-    0xfffffffe,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[8] = {
-    0xfc632551,0xf3b9cac2,0xa7179e84,0xbce6faad,0xffffffff,0xffffffff,
-    0x00000000,0xffffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[8] = {
-    0xfc63254f,0xf3b9cac2,0xa7179e84,0xbce6faad,0xffffffff,0xffffffff,
-    0x00000000,0xffffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[8] = {
-    0x039cdaaf,0x0c46353d,0x58e8617b,0x43190552,0x00000000,0x00000000,
-    0xffffffff,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0xee00bc4f;
-#endif
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0xd898c296,0xf4a13945,0x2deb33a0,0x77037d81,0x63a440f2,0xf8bce6e5,
-        0xe12c4247,0x6b17d1f2,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x37bf51f5,0xcbb64068,0x6b315ece,0x2bce3357,0x7c0f9e16,0x8ee7eb4a,
-        0xfe1a7f9b,0x4fe342e2,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[8] = {
-    0x27d2604b,0x3bce3c3e,0xcc53b0f6,0x651d06b0,0x769886bc,0xb3ebbd55,
-    0xaa3a93e7,0x5ac635d8
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x40\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mul_8_outer:\n\t"
-#else
-    "L_sp_256_mul_8_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x1c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mul_8_inner:\n\t"
-#else
-    "L_sp_256_mul_8_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_256_mul_8_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_256_mul_8_inner_done\n\t"
-#else
-        "BGT.N	L_sp_256_mul_8_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_256_mul_8_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_256_mul_8_inner\n\t"
-#else
-        "BLT.N	L_sp_256_mul_8_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mul_8_inner_done:\n\t"
-#else
-    "L_sp_256_mul_8_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x34\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_256_mul_8_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_256_mul_8_outer\n\t"
-#else
-        "BLE.N	L_sp_256_mul_8_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #28]\n\t"
-        "LDR	r11, [%[b], #28]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mul_8_store:\n\t"
-#else
-    "L_sp_256_mul_8_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_256_mul_8_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_256_mul_8_store\n\t"
-#else
-        "BGT.N	L_sp_256_mul_8_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-#ifdef WOLFSSL_ARM_ARCH_7M
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x24\n\t"
-        "STR	%[r], [sp, #32]\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        /* A[0] * B[0] */
-        "LDR	lr, [%[b]]\n\t"
-        "UMULL	r3, r4, r12, lr\n\t"
-        /* A[0] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "UMULL	r5, r6, r12, lr\n\t"
-        /* A[0] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "UMULL	r7, r8, r12, lr\n\t"
-        /* A[0] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "UMULL	r9, r10, r12, lr\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "MOV	r11, %[r]\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[0] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[0] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[0] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADC	r3, %[r], #0x0\n\t"
-        "UMLAL	r10, r3, r12, lr\n\t"
-        /* A[1] * B[0] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[1] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[1] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[1] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[1] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[1] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[1] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[1] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r4, %[r], #0x0\n\t"
-        "UMLAL	r3, r4, r12, lr\n\t"
-        /* A[2] * B[0] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[2] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[2] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[2] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[2] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[2] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[2] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[2] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r5, %[r], #0x0\n\t"
-        "UMLAL	r4, r5, r12, lr\n\t"
-        /* A[3] * B[0] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "STR	r6, [sp, #12]\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[3] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[3] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[3] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[3] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[3] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[3] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[3] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r6, %[r], #0x0\n\t"
-        "UMLAL	r5, r6, r12, lr\n\t"
-        /* A[4] * B[0] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "STR	r7, [sp, #16]\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[4] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[4] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[4] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[4] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[4] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[4] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[4] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r7, %[r], #0x0\n\t"
-        "UMLAL	r6, r7, r12, lr\n\t"
-        /* A[5] * B[0] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "STR	r8, [sp, #20]\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[5] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[5] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[5] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[5] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[5] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[5] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[5] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r8, %[r], #0x0\n\t"
-        "UMLAL	r7, r8, r12, lr\n\t"
-        /* A[6] * B[0] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[6] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[6] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[6] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[6] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[6] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[6] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[6] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r9, %[r], #0x0\n\t"
-        "UMLAL	r8, r9, r12, lr\n\t"
-        /* A[7] * B[0] */
-        "LDR	r12, [%[a], #28]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "STR	r10, [sp, #28]\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[7] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[7] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[7] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[7] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[7] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[7] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[7] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r10, %[r], #0x0\n\t"
-        "UMLAL	r9, r10, r12, lr\n\t"
-        "LDR	%[r], [sp, #32]\n\t"
-        "ADD	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "SUB	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	sp, sp, #0x24\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x2c\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        "STRD	%[r], %[a], [sp, #36]\n\t"
-#else
-        "STR	%[r], [sp, #36]\n\t"
-        "STR	%[a], [sp, #40]\n\t"
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-        "MOV	lr, %[b]\n\t"
-        "LDM	%[a], {r0, r1, r2, r3}\n\t"
-        "LDM	lr!, {r4, r5, r6}\n\t"
-        "UMULL	r10, r11, r0, r4\n\t"
-        "UMULL	r12, r7, r1, r4\n\t"
-        "UMAAL	r11, r12, r0, r5\n\t"
-        "UMULL	r8, r9, r2, r4\n\t"
-        "UMAAL	r12, r8, r1, r5\n\t"
-        "UMAAL	r12, r7, r0, r6\n\t"
-        "UMAAL	r8, r9, r3, r4\n\t"
-        "STM	sp, {r10, r11, r12}\n\t"
-        "UMAAL	r7, r8, r2, r5\n\t"
-        "LDM	lr!, {r4}\n\t"
-        "UMULL	r10, r11, r1, r6\n\t"
-        "UMAAL	r8, r9, r2, r6\n\t"
-        "UMAAL	r7, r10, r0, r4\n\t"
-        "UMAAL	r8, r11, r3, r5\n\t"
-        "STR	r7, [sp, #12]\n\t"
-        "UMAAL	r8, r10, r1, r4\n\t"
-        "UMAAL	r9, r11, r3, r6\n\t"
-        "UMAAL	r9, r10, r2, r4\n\t"
-        "UMAAL	r10, r11, r3, r4\n\t"
-        "LDM	lr, {r4, r5, r6, r7}\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMLAL	r8, r12, r0, r4\n\t"
-        "UMAAL	r9, r12, r1, r4\n\t"
-        "UMAAL	r10, r12, r2, r4\n\t"
-        "UMAAL	r11, r12, r3, r4\n\t"
-        "MOV	r4, #0x0\n\t"
-        "UMLAL	r9, r4, r0, r5\n\t"
-        "UMAAL	r10, r4, r1, r5\n\t"
-        "UMAAL	r11, r4, r2, r5\n\t"
-        "UMAAL	r12, r4, r3, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r0, r6\n\t"
-        "UMAAL	r11, r5, r1, r6\n\t"
-        "UMAAL	r12, r5, r2, r6\n\t"
-        "UMAAL	r4, r5, r3, r6\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r11, r6, r0, r7\n\t"
-        "LDR	r0, [sp, #40]\n\t"
-        "UMAAL	r12, r6, r1, r7\n\t"
-        "ADD	r0, r0, #0x10\n\t"
-        "UMAAL	r4, r6, r2, r7\n\t"
-        "SUB	lr, lr, #0x10\n\t"
-        "UMAAL	r5, r6, r3, r7\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "STR	r6, [sp, #32]\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r8, r7, r0, r6\n\t"
-        "UMAAL	r9, r7, r1, r6\n\t"
-        "STR	r8, [sp, #16]\n\t"
-        "UMAAL	r10, r7, r2, r6\n\t"
-        "UMAAL	r11, r7, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r8, #0x0\n\t"
-        "UMLAL	r9, r8, r0, r6\n\t"
-        "UMAAL	r10, r8, r1, r6\n\t"
-        "STR	r9, [sp, #20]\n\t"
-        "UMAAL	r11, r8, r2, r6\n\t"
-        "UMAAL	r12, r8, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r9, #0x0\n\t"
-        "UMLAL	r10, r9, r0, r6\n\t"
-        "UMAAL	r11, r9, r1, r6\n\t"
-        "STR	r10, [sp, #24]\n\t"
-        "UMAAL	r12, r9, r2, r6\n\t"
-        "UMAAL	r4, r9, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r10, #0x0\n\t"
-        "UMLAL	r11, r10, r0, r6\n\t"
-        "UMAAL	r12, r10, r1, r6\n\t"
-        "STR	r11, [sp, #28]\n\t"
-        "UMAAL	r4, r10, r2, r6\n\t"
-        "UMAAL	r5, r10, r3, r6\n\t"
-        "LDM	lr!, {r11}\n\t"
-        "UMAAL	r12, r7, r0, r11\n\t"
-        "UMAAL	r4, r7, r1, r11\n\t"
-        "LDR	r6, [sp, #32]\n\t"
-        "UMAAL	r5, r7, r2, r11\n\t"
-        "UMAAL	r6, r7, r3, r11\n\t"
-        "LDM	lr!, {r11}\n\t"
-        "UMAAL	r4, r8, r0, r11\n\t"
-        "UMAAL	r5, r8, r1, r11\n\t"
-        "UMAAL	r6, r8, r2, r11\n\t"
-        "UMAAL	r7, r8, r3, r11\n\t"
-        "LDM	lr, {r11, lr}\n\t"
-        "UMAAL	r5, r9, r0, r11\n\t"
-        "UMAAL	r6, r10, r0, lr\n\t"
-        "UMAAL	r6, r9, r1, r11\n\t"
-        "UMAAL	r7, r10, r1, lr\n\t"
-        "UMAAL	r7, r9, r2, r11\n\t"
-        "UMAAL	r8, r10, r2, lr\n\t"
-        "UMAAL	r8, r9, r3, r11\n\t"
-        "UMAAL	r9, r10, r3, lr\n\t"
-        "MOV	r3, r12\n\t"
-        "LDR	lr, [sp, #36]\n\t"
-        "ADD	lr, lr, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "SUB	lr, lr, #0x20\n\t"
-        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	sp, sp, #0x2c\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7",
-            "r8", "r9", "lr"
-    );
-}
-
-#endif /* WOLFSSL_ARM_ARCH_7M */
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x40\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_sqr_8_outer:\n\t"
-#else
-    "L_sp_256_sqr_8_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x1c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_sqr_8_inner:\n\t"
-#else
-    "L_sp_256_sqr_8_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_256_sqr_8_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_256_sqr_8_inner_done\n\t"
-#else
-        "BGT.N	L_sp_256_sqr_8_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_256_sqr_8_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_256_sqr_8_inner\n\t"
-#else
-        "BLT.N	L_sp_256_sqr_8_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_sqr_8_inner_done:\n\t"
-#else
-    "L_sp_256_sqr_8_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x34\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_256_sqr_8_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_256_sqr_8_outer\n\t"
-#else
-        "BLE.N	L_sp_256_sqr_8_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #28]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_sqr_8_store:\n\t"
-#else
-    "L_sp_256_sqr_8_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_256_sqr_8_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_256_sqr_8_store\n\t"
-#else
-        "BGT.N	L_sp_256_sqr_8_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-#ifdef WOLFSSL_ARM_ARCH_7M
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_sqr_8(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "STR	%[r], [sp, #64]\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        /* A[0] * A[1] */
-        "LDR	lr, [%[a], #4]\n\t"
-        "UMULL	r4, r5, r12, lr\n\t"
-        /* A[0] * A[3] */
-        "LDR	lr, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r12, lr\n\t"
-        /* A[0] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r12, lr\n\t"
-        /* A[0] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "UMULL	r10, r3, r12, lr\n\t"
-        /* A[0] * A[2] */
-        "LDR	lr, [%[a], #8]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[0] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[0] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[1] * A[2] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "LDR	lr, [%[a], #8]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "STR	r6, [sp, #12]\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[1] * A[3] */
-        "LDR	lr, [%[a], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "STR	r7, [sp, #16]\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[1] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[1] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[1] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[1] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r4, %[r], #0x0\n\t"
-        "UMLAL	r3, r4, r12, lr\n\t"
-        /* A[2] * A[3] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "LDR	lr, [%[a], #12]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "STR	r8, [sp, #20]\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[2] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[2] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[2] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[2] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r5, %[r], #0x0\n\t"
-        "UMLAL	r4, r5, r12, lr\n\t"
-        /* A[3] * A[4] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "LDR	lr, [%[a], #16]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "STR	r10, [sp, #28]\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[3] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[3] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[3] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r6, %[r], #0x0\n\t"
-        "UMLAL	r5, r6, r12, lr\n\t"
-        /* A[4] * A[5] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "LDR	lr, [%[a], #20]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[4] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[4] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r7, %[r], #0x0\n\t"
-        "UMLAL	r6, r7, r12, lr\n\t"
-        /* A[5] * A[6] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "LDR	lr, [%[a], #24]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[5] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r8, %[r], #0x0\n\t"
-        "UMLAL	r7, r8, r12, lr\n\t"
-        /* A[6] * A[7] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "LDR	lr, [%[a], #28]\n\t"
-        "MOV	r9, #0x0\n\t"
-        "UMLAL	r8, r9, r12, lr\n\t"
-        "ADD	lr, sp, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADD	lr, sp, #0x4\n\t"
-        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADCS	r3, r3, r3\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADC	r10, %[r], #0x0\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	lr, sp, #0x4\n\t"
-        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "MOV	lr, sp\n\t"
-        /* A[0] * A[0] */
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r3, r11, r12, r12\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[1] * A[1] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, r12\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[2] * A[2] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, r12\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[3] * A[3] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, r12\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* A[4] * A[4] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, r12\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[5] * A[5] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, r12\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[6] * A[6] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, r12\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[7] * A[7] */
-        "LDR	r12, [%[a], #28]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "UMLAL	r9, r10, r12, r12\n\t"
-        "LDR	%[r], [sp, #64]\n\t"
-        "ADD	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "SUB	%[r], %[r], #0x20\n\t"
-        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	sp, sp, #0x44\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_sqr_8(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x20\n\t"
-        "STR	%[r], [sp, #28]\n\t"
-        "LDM	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
-        "UMULL	r9, r10, r0, r0\n\t"
-        "UMULL	r11, r12, r0, r1\n\t"
-        "ADDS	r11, r11, r11\n\t"
-        "MOV	lr, #0x0\n\t"
-        "UMAAL	r10, r11, lr, lr\n\t"
-        "STM	sp, {r9, r10}\n\t"
-        "MOV	r8, lr\n\t"
-        "UMAAL	r8, r12, r0, r2\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "UMAAL	r8, r11, r1, r1\n\t"
-        "UMULL	r9, r10, r0, r3\n\t"
-        "UMAAL	r9, r12, r1, r2\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, lr, lr\n\t"
-        "STRD	r8, r9, [sp, #8]\n\t"
-        "MOV	r9, lr\n\t"
-        "UMAAL	r9, r10, r0, r4\n\t"
-        "UMAAL	r9, r12, r1, r3\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, r2, r2\n\t"
-        "STR	r9, [sp, #16]\n\t"
-        "UMULL	r9, r8, r0, r5\n\t"
-        "UMAAL	r9, r12, r1, r4\n\t"
-        "UMAAL	r9, r10, r2, r3\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, lr, lr\n\t"
-        "STR	r9, [sp, #20]\n\t"
-        "MOV	r9, lr\n\t"
-        "UMAAL	r9, r8, r0, r6\n\t"
-        "UMAAL	r9, r12, r1, r5\n\t"
-        "UMAAL	r9, r10, r2, r4\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, r3, r3\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "UMULL	r0, r9, r0, r7\n\t"
-        "UMAAL	r0, r8, r1, r6\n\t"
-        "UMAAL	r0, r12, r2, r5\n\t"
-        "UMAAL	r0, r10, r3, r4\n\t"
-        "ADCS	r0, r0, r0\n\t"
-        "UMAAL	r0, r11, lr, lr\n\t"
-        /* R[7] = r0 */
-        "UMAAL	r9, r8, r1, r7\n\t"
-        "UMAAL	r9, r10, r2, r6\n\t"
-        "UMAAL	r12, r9, r3, r5\n\t"
-        "ADCS	r12, r12, r12\n\t"
-        "UMAAL	r12, r11, r4, r4\n\t"
-        /* R[8] = r12 */
-        "UMAAL	r9, r8, r2, r7\n\t"
-        "UMAAL	r10, r9, r3, r6\n\t"
-        "MOV	r2, lr\n\t"
-        "UMAAL	r10, r2, r4, r5\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "UMAAL	r11, r10, lr, lr\n\t"
-        /* R[9] = r11 */
-        "UMAAL	r2, r8, r3, r7\n\t"
-        "UMAAL	r2, r9, r4, r6\n\t"
-        "ADCS	r3, r2, r2\n\t"
-        "UMAAL	r10, r3, r5, r5\n\t"
-        /* R[10] = r10 */
-        "MOV	r1, lr\n\t"
-        "UMAAL	r1, r8, r4, r7\n\t"
-        "UMAAL	r1, r9, r5, r6\n\t"
-        "ADCS	r4, r1, r1\n\t"
-        "UMAAL	r3, r4, lr, lr\n\t"
-        /* R[11] = r3 */
-        "UMAAL	r8, r9, r5, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "UMAAL	r4, r8, r6, r6\n\t"
-        /* R[12] = r4 */
-        "MOV	r5, lr\n\t"
-        "UMAAL	r5, r9, r6, r7\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "UMAAL	r8, r5, lr, lr\n\t"
-        /* R[13] = r8 */
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r5, r7, r7\n\t"
-        "ADCS	r7, r5, lr\n\t"
-        /* R[14] = r9 */
-        /* R[15] = r7 */
-        "LDR	lr, [sp, #28]\n\t"
-        "ADD	lr, lr, #0x1c\n\t"
-        "STM	lr!, {r0, r12}\n\t"
-        "STM	lr!, {r11}\n\t"
-        "STM	lr!, {r10}\n\t"
-        "STM	lr!, {r3, r4, r8, r9}\n\t"
-        "STM	lr!, {r7}\n\t"
-        "SUB	lr, lr, #0x40\n\t"
-        "LDM	sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "STM	lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
-        "ADD	sp, sp, #0x20\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-}
-
-#endif /* WOLFSSL_ARM_ARCH_7M */
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x20\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_add_8_word:\n\t"
-#else
-    "L_sp_256_add_8_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_256_add_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_256_add_8_word\n\t"
-#else
-        "BNE.N	L_sp_256_add_8_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_256_mod_mul_norm_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x18\n\t"
-        "LDM	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        /* Clear overflow and underflow */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r12, #0x0\n\t"
-        /* t[0] =  1  1  0 -1 -1 -1 -1  0 */
-        "ADDS	r10, r2, r3\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "SUBS	r10, r10, r5\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r6\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r7\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r8\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[0] */
-        "STR	r10, [sp]\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r10, #0x0\n\t"
-        /* t[1] =  0  1  1  0 -1 -1 -1 -1 */
-        "ADDS	r11, r11, r3\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r4\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "SUBS	r11, r11, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r11, r11, r6\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r7\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r8\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r9\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[1] */
-        "STR	r11, [sp, #4]\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r11, #0x0\n\t"
-        /* t[2] =  0  0  1  1  0 -1 -1 -1 */
-        "ADDS	r10, r10, r4\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r5\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "SUBS	r10, r10, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r10, r10, r7\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r8\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r9\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[2] */
-        "STR	r10, [sp, #8]\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r10, #0x0\n\t"
-        /* t[3] = -1 -1  0  2  2  1  0 -1 */
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r6\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r6\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r7\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "SUBS	r11, r11, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r11, r11, r2\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r3\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r9\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[3] */
-        "STR	r11, [sp, #12]\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r11, #0x0\n\t"
-        /* t[4] =  0 -1 -1  0  2  2  1  0 */
-        "ADDS	r10, r10, r6\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r6\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r7\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r7\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r8\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "SUBS	r10, r10, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r10, r10, r3\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r4\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[4] */
-        "STR	r10, [sp, #16]\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r10, #0x0\n\t"
-        /* t[5] =  0  0 -1 -1  0  2  2  1 */
-        "ADDS	r11, r11, r7\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r7\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r8\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r8\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r9\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "SUBS	r11, r11, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r11, r11, r4\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r5\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[5] */
-        "STR	r11, [sp, #20]\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r11, #0x0\n\t"
-        /* t[6] = -1 -1  0  0  0  1  3  2 */
-        "ADDS	r10, r10, r7\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r8\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r8\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r8\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r9\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "ADDS	r10, r10, r9\n\t"
-        "ADC	r11, r11, #0x0\n\t"
-        "SUBS	r10, r10, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r10, r10, r2\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r10, r10, r3\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[6] */
-        "MOV	r8, r10\n\t"
-        "neg	r12, r12\n\t"
-        "MOV	r10, #0x0\n\t"
-        /* t[7] =  1  0 -1 -1 -1 -1  0  3 */
-        "ADDS	r11, r11, r2\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r9\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r9\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "ADDS	r11, r11, r9\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "SUBS	r11, r11, r12\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUBS	r11, r11, r4\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r5\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r6\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r7\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        /* Store t[7] */
-        /* Load intermediate */
-        "LDM	sp, {r2, r3, r4, r5, r6, r7}\n\t"
-        "neg	r12, r12\n\t"
-        /* Add overflow */
-        /* Subtract underflow - add neg underflow */
-        "ADDS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, r12\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, r12\n\t"
-        "ADCS	r11, r11, r10\n\t"
-        "MOV	r9, #0x0\n\t"
-        "ADC	r9, r9, #0x0\n\t"
-        /* Subtract overflow */
-        /* Add underflow - subtract neg underflow */
-        "SUBS	r2, r2, r12\n\t"
-        "SBCS	r3, r3, #0x0\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, r10\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, r10\n\t"
-        "SBCS	r11, r11, r12\n\t"
-        "MOV	r12, #0x0\n\t"
-        "SBC	r12, r12, #0x0\n\t"
-        "neg	r12, r12\n\t"
-        /* Add overflow */
-        /* Subtract underflow - add neg underflow */
-        "ADDS	r2, r2, r9\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, r12\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, r12\n\t"
-        "ADC	r11, r11, r9\n\t"
-        /* Subtract overflow */
-        /* Add underflow - subtract neg underflow */
-        "SUBS	r2, r2, r12\n\t"
-        "SBCS	r3, r3, #0x0\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, r9\n\t"
-        "SBC	r11, r11, r12\n\t"
-        /* Store result */
-        "STM	%[r], {r2, r3, r4, r5, r6, r7, r8, r11}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADD	sp, sp, #0x18\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-    return (word32)(size_t)r;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_8(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 8, pm->x);
-    sp_256_from_mp(p->y, 8, pm->y);
-    sp_256_from_mp(p->z, 8, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 8);
-        r->used = 8;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 8; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 8; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p,
-    sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "STR	%[r], [sp, #64]\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        /* A[0] * B[0] */
-        "LDR	lr, [%[b]]\n\t"
-        "UMULL	r3, r4, r12, lr\n\t"
-        /* A[0] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "UMULL	r5, r6, r12, lr\n\t"
-        /* A[0] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "UMULL	r7, r8, r12, lr\n\t"
-        /* A[0] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "UMULL	r9, r10, r12, lr\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "MOV	r11, %[r]\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[0] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[0] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[0] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADC	r3, %[r], #0x0\n\t"
-        "UMLAL	r10, r3, r12, lr\n\t"
-        /* A[1] * B[0] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[1] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[1] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[1] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[1] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[1] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[1] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[1] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r4, %[r], #0x0\n\t"
-        "UMLAL	r3, r4, r12, lr\n\t"
-        /* A[2] * B[0] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[2] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[2] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[2] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[2] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[2] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[2] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[2] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r5, %[r], #0x0\n\t"
-        "UMLAL	r4, r5, r12, lr\n\t"
-        /* A[3] * B[0] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "STR	r6, [sp, #12]\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[3] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[3] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[3] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[3] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[3] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[3] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[3] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r6, %[r], #0x0\n\t"
-        "UMLAL	r5, r6, r12, lr\n\t"
-        /* A[4] * B[0] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "STR	r7, [sp, #16]\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[4] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[4] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[4] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[4] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[4] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[4] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[4] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r7, %[r], #0x0\n\t"
-        "UMLAL	r6, r7, r12, lr\n\t"
-        /* A[5] * B[0] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "STR	r8, [sp, #20]\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[5] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[5] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[5] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[5] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[5] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[5] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[5] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r8, %[r], #0x0\n\t"
-        "UMLAL	r7, r8, r12, lr\n\t"
-        /* A[6] * B[0] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[6] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[6] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[6] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[6] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[6] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[6] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[6] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r9, %[r], #0x0\n\t"
-        "UMLAL	r8, r9, r12, lr\n\t"
-        /* A[7] * B[0] */
-        "LDR	r12, [%[a], #28]\n\t"
-        "LDR	lr, [%[b]]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "STR	r10, [sp, #28]\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[7] * B[1] */
-        "LDR	lr, [%[b], #4]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[7] * B[2] */
-        "LDR	lr, [%[b], #8]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[7] * B[3] */
-        "LDR	lr, [%[b], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[7] * B[4] */
-        "LDR	lr, [%[b], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[7] * B[5] */
-        "LDR	lr, [%[b], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[7] * B[6] */
-        "LDR	lr, [%[b], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[7] * B[7] */
-        "LDR	lr, [%[b], #28]\n\t"
-        "ADC	r10, %[r], #0x0\n\t"
-        "UMLAL	r9, r10, r12, lr\n\t"
-        "ADD	lr, sp, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* Start Reduction */
-        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "MOV	r3, r11\n\t"
-        "MOV	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "SUB	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "MOV	r0, r8\n\t"
-        "MOV	r1, r9\n\t"
-        "MOV	r2, r10\n\t"
-        "ADDS	r8, r8, r5\n\t"
-        "ADCS	r9, r9, r6\n\t"
-        "ADCS	r10, r10, r7\n\t"
-        "ADCS	r11, r11, r0\n\t"
-        "ADC	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "ADDS	r0, r0, r5\n\t"
-        "ADCS	r1, r1, r6\n\t"
-        "ADCS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "ADD	r0, sp, #0x20\n\t"
-        "LDM	r0, {r2, r3, r4}\n\t"
-        "ADDS	r2, r2, lr\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STM	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
-        "ADDS	r0, r0, lr\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r8\n\t"
-        "ADCS	r1, r1, r9\n\t"
-        "ADCS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r10\n\t"
-        "ADCS	r1, r1, r11\n\t"
-        "ADCS	r2, r2, r12\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r0, [sp, #44]\n\t"
-        "STR	r1, [sp, #48]\n\t"
-        "STR	r2, [sp, #52]\n\t"
-        "STR	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "ADD	r0, sp, #0x1c\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "SUBS	r0, r0, r5\n\t"
-        "SBCS	r1, r1, r6\n\t"
-        "SBCS	r2, r2, r7\n\t"
-        "SBCS	r3, r3, r8\n\t"
-        "ADD	r0, sp, #0x2c\n\t"
-        "MOV	r8, r4\n\t"
-        "LDM	r0, {r4, r5, r6, r7}\n\t"
-        "SBCS	r4, r4, r9\n\t"
-        "SBCS	r5, r5, r10\n\t"
-        "SBCS	r6, r6, r11\n\t"
-        "SBCS	r7, r7, r12\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBC	lr, lr, #0x0\n\t"
-        /* mask m and sub from result if overflow */
-        "RSB	lr, lr, #0x0\n\t"
-        "SUBS	r1, r1, lr\n\t"
-        "SBCS	r2, r2, lr\n\t"
-        "SBCS	r3, r3, lr\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, lr, LSR #31\n\t"
-        "SBC	r8, r8, lr\n\t"
-        "LDR	%[r], [sp, #64]\n\t"
-        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ADD	sp, sp, #0x44\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#else
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p,
-    sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x4c\n\t"
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-        "STRD	%[r], %[a], [sp, #68]\n\t"
-#else
-        "STR	%[r], [sp, #68]\n\t"
-        "STR	%[a], [sp, #72]\n\t"
-#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
-        "MOV	lr, %[b]\n\t"
-        "LDM	%[a], {r0, r1, r2, r3}\n\t"
-        "LDM	lr!, {r4, r5, r6}\n\t"
-        "UMULL	r10, r11, r0, r4\n\t"
-        "UMULL	r12, r7, r1, r4\n\t"
-        "UMAAL	r11, r12, r0, r5\n\t"
-        "UMULL	r8, r9, r2, r4\n\t"
-        "UMAAL	r12, r8, r1, r5\n\t"
-        "UMAAL	r12, r7, r0, r6\n\t"
-        "UMAAL	r8, r9, r3, r4\n\t"
-        "STM	sp, {r10, r11, r12}\n\t"
-        "UMAAL	r7, r8, r2, r5\n\t"
-        "LDM	lr!, {r4}\n\t"
-        "UMULL	r10, r11, r1, r6\n\t"
-        "UMAAL	r8, r9, r2, r6\n\t"
-        "UMAAL	r7, r10, r0, r4\n\t"
-        "UMAAL	r8, r11, r3, r5\n\t"
-        "STR	r7, [sp, #12]\n\t"
-        "UMAAL	r8, r10, r1, r4\n\t"
-        "UMAAL	r9, r11, r3, r6\n\t"
-        "UMAAL	r9, r10, r2, r4\n\t"
-        "UMAAL	r10, r11, r3, r4\n\t"
-        "LDM	lr, {r4, r5, r6, r7}\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMLAL	r8, r12, r0, r4\n\t"
-        "UMAAL	r9, r12, r1, r4\n\t"
-        "UMAAL	r10, r12, r2, r4\n\t"
-        "UMAAL	r11, r12, r3, r4\n\t"
-        "MOV	r4, #0x0\n\t"
-        "UMLAL	r9, r4, r0, r5\n\t"
-        "UMAAL	r10, r4, r1, r5\n\t"
-        "UMAAL	r11, r4, r2, r5\n\t"
-        "UMAAL	r12, r4, r3, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "UMLAL	r10, r5, r0, r6\n\t"
-        "UMAAL	r11, r5, r1, r6\n\t"
-        "UMAAL	r12, r5, r2, r6\n\t"
-        "UMAAL	r4, r5, r3, r6\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r11, r6, r0, r7\n\t"
-        "LDR	r0, [sp, #72]\n\t"
-        "UMAAL	r12, r6, r1, r7\n\t"
-        "ADD	r0, r0, #0x10\n\t"
-        "UMAAL	r4, r6, r2, r7\n\t"
-        "SUB	lr, lr, #0x10\n\t"
-        "UMAAL	r5, r6, r3, r7\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "STR	r6, [sp, #64]\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r8, r7, r0, r6\n\t"
-        "UMAAL	r9, r7, r1, r6\n\t"
-        "STR	r8, [sp, #16]\n\t"
-        "UMAAL	r10, r7, r2, r6\n\t"
-        "UMAAL	r11, r7, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r8, #0x0\n\t"
-        "UMLAL	r9, r8, r0, r6\n\t"
-        "UMAAL	r10, r8, r1, r6\n\t"
-        "STR	r9, [sp, #20]\n\t"
-        "UMAAL	r11, r8, r2, r6\n\t"
-        "UMAAL	r12, r8, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r9, #0x0\n\t"
-        "UMLAL	r10, r9, r0, r6\n\t"
-        "UMAAL	r11, r9, r1, r6\n\t"
-        "STR	r10, [sp, #24]\n\t"
-        "UMAAL	r12, r9, r2, r6\n\t"
-        "UMAAL	r4, r9, r3, r6\n\t"
-        "LDM	lr!, {r6}\n\t"
-        "MOV	r10, #0x0\n\t"
-        "UMLAL	r11, r10, r0, r6\n\t"
-        "UMAAL	r12, r10, r1, r6\n\t"
-        "STR	r11, [sp, #28]\n\t"
-        "UMAAL	r4, r10, r2, r6\n\t"
-        "UMAAL	r5, r10, r3, r6\n\t"
-        "LDM	lr!, {r11}\n\t"
-        "UMAAL	r12, r7, r0, r11\n\t"
-        "UMAAL	r4, r7, r1, r11\n\t"
-        "LDR	r6, [sp, #64]\n\t"
-        "UMAAL	r5, r7, r2, r11\n\t"
-        "UMAAL	r6, r7, r3, r11\n\t"
-        "LDM	lr!, {r11}\n\t"
-        "UMAAL	r4, r8, r0, r11\n\t"
-        "UMAAL	r5, r8, r1, r11\n\t"
-        "UMAAL	r6, r8, r2, r11\n\t"
-        "UMAAL	r7, r8, r3, r11\n\t"
-        "LDM	lr, {r11, lr}\n\t"
-        "UMAAL	r5, r9, r0, r11\n\t"
-        "UMAAL	r6, r10, r0, lr\n\t"
-        "UMAAL	r6, r9, r1, r11\n\t"
-        "UMAAL	r7, r10, r1, lr\n\t"
-        "UMAAL	r7, r9, r2, r11\n\t"
-        "UMAAL	r8, r10, r2, lr\n\t"
-        "UMAAL	r8, r9, r3, r11\n\t"
-        "UMAAL	r9, r10, r3, lr\n\t"
-        "MOV	r3, r12\n\t"
-        "ADD	lr, sp, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* Start Reduction */
-        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "MOV	r3, r11\n\t"
-        "MOV	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "SUB	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "MOV	r0, r8\n\t"
-        "MOV	r1, r9\n\t"
-        "MOV	r2, r10\n\t"
-        "ADDS	r8, r8, r5\n\t"
-        "ADCS	r9, r9, r6\n\t"
-        "ADCS	r10, r10, r7\n\t"
-        "ADCS	r11, r11, r0\n\t"
-        "ADC	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "ADDS	r0, r0, r5\n\t"
-        "ADCS	r1, r1, r6\n\t"
-        "ADCS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "ADD	r0, sp, #0x20\n\t"
-        "LDM	r0, {r2, r3, r4}\n\t"
-        "ADDS	r2, r2, lr\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STM	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
-        "ADDS	r0, r0, lr\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r8\n\t"
-        "ADCS	r1, r1, r9\n\t"
-        "ADCS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r10\n\t"
-        "ADCS	r1, r1, r11\n\t"
-        "ADCS	r2, r2, r12\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r0, [sp, #44]\n\t"
-        "STR	r1, [sp, #48]\n\t"
-        "STR	r2, [sp, #52]\n\t"
-        "STR	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "ADD	r0, sp, #0x1c\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "SUBS	r0, r0, r5\n\t"
-        "SBCS	r1, r1, r6\n\t"
-        "SBCS	r2, r2, r7\n\t"
-        "SBCS	r3, r3, r8\n\t"
-        "ADD	r0, sp, #0x2c\n\t"
-        "MOV	r8, r4\n\t"
-        "LDM	r0, {r4, r5, r6, r7}\n\t"
-        "SBCS	r4, r4, r9\n\t"
-        "SBCS	r5, r5, r10\n\t"
-        "SBCS	r6, r6, r11\n\t"
-        "SBCS	r7, r7, r12\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBC	lr, lr, #0x0\n\t"
-        /* mask m and sub from result if overflow */
-        "RSB	lr, lr, #0x0\n\t"
-        "SUBS	r1, r1, lr\n\t"
-        "SBCS	r2, r2, lr\n\t"
-        "SBCS	r3, r3, lr\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, lr, LSR #31\n\t"
-        "SBC	r8, r8, lr\n\t"
-        "LDR	%[r], [sp, #68]\n\t"
-        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ADD	sp, sp, #0x4c\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7",
-            "r8", "r9", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#endif
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "STR	%[r], [sp, #64]\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        /* A[0] * A[1] */
-        "LDR	lr, [%[a], #4]\n\t"
-        "UMULL	r4, r5, r12, lr\n\t"
-        /* A[0] * A[3] */
-        "LDR	lr, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r12, lr\n\t"
-        /* A[0] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r12, lr\n\t"
-        /* A[0] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "UMULL	r10, r3, r12, lr\n\t"
-        /* A[0] * A[2] */
-        "LDR	lr, [%[a], #8]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[0] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[0] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[1] * A[2] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "LDR	lr, [%[a], #8]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "STR	r6, [sp, #12]\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[1] * A[3] */
-        "LDR	lr, [%[a], #12]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, lr\n\t"
-        "STR	r7, [sp, #16]\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[1] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[1] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[1] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[1] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r4, %[r], #0x0\n\t"
-        "UMLAL	r3, r4, r12, lr\n\t"
-        /* A[2] * A[3] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "LDR	lr, [%[a], #12]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r8, r11, r12, lr\n\t"
-        "STR	r8, [sp, #20]\n\t"
-        "ADDS	r9, r9, r11\n\t"
-        /* A[2] * A[4] */
-        "LDR	lr, [%[a], #16]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, lr\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        /* A[2] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[2] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[2] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r5, %[r], #0x0\n\t"
-        "UMLAL	r4, r5, r12, lr\n\t"
-        /* A[3] * A[4] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "LDR	lr, [%[a], #16]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r10, r11, r12, lr\n\t"
-        "STR	r10, [sp, #28]\n\t"
-        "ADDS	r3, r3, r11\n\t"
-        /* A[3] * A[5] */
-        "LDR	lr, [%[a], #20]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, lr\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[3] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[3] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r6, %[r], #0x0\n\t"
-        "UMLAL	r5, r6, r12, lr\n\t"
-        /* A[4] * A[5] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "LDR	lr, [%[a], #20]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r4, r11, r12, lr\n\t"
-        "ADDS	r5, r5, r11\n\t"
-        /* A[4] * A[6] */
-        "LDR	lr, [%[a], #24]\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, lr\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[4] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r7, %[r], #0x0\n\t"
-        "UMLAL	r6, r7, r12, lr\n\t"
-        /* A[5] * A[6] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "LDR	lr, [%[a], #24]\n\t"
-        "MOV	r11, #0x0\n\t"
-        "UMLAL	r6, r11, r12, lr\n\t"
-        "ADDS	r7, r7, r11\n\t"
-        /* A[5] * A[7] */
-        "LDR	lr, [%[a], #28]\n\t"
-        "ADC	r8, %[r], #0x0\n\t"
-        "UMLAL	r7, r8, r12, lr\n\t"
-        /* A[6] * A[7] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "LDR	lr, [%[a], #28]\n\t"
-        "MOV	r9, #0x0\n\t"
-        "UMLAL	r8, r9, r12, lr\n\t"
-        "ADD	lr, sp, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADD	lr, sp, #0x4\n\t"
-        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADCS	r3, r3, r3\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADC	r10, %[r], #0x0\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "ADD	lr, sp, #0x4\n\t"
-        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "MOV	lr, sp\n\t"
-        /* A[0] * A[0] */
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r3, r11, r12, r12\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[1] * A[1] */
-        "LDR	r12, [%[a], #4]\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, r12\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[2] * A[2] */
-        "LDR	r12, [%[a], #8]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, r12\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[3] * A[3] */
-        "LDR	r12, [%[a], #12]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r9, r11, r12, r12\n\t"
-        "ADDS	r10, r10, r11\n\t"
-        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* A[4] * A[4] */
-        "LDR	r12, [%[a], #16]\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r3, r11, r12, r12\n\t"
-        "ADDS	r4, r4, r11\n\t"
-        /* A[5] * A[5] */
-        "LDR	r12, [%[a], #20]\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r5, r11, r12, r12\n\t"
-        "ADDS	r6, r6, r11\n\t"
-        /* A[6] * A[6] */
-        "LDR	r12, [%[a], #24]\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADC	r11, %[r], #0x0\n\t"
-        "UMLAL	r7, r11, r12, r12\n\t"
-        "ADDS	r8, r8, r11\n\t"
-        /* A[7] * A[7] */
-        "LDR	r12, [%[a], #28]\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADC	r10, r10, #0x0\n\t"
-        "UMLAL	r9, r10, r12, r12\n\t"
-        "ADD	lr, sp, #0x20\n\t"
-        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        /* Start Reduction */
-        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "MOV	r3, r11\n\t"
-        "MOV	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "SUB	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "MOV	r0, r8\n\t"
-        "MOV	r1, r9\n\t"
-        "MOV	r2, r10\n\t"
-        "ADDS	r8, r8, r5\n\t"
-        "ADCS	r9, r9, r6\n\t"
-        "ADCS	r10, r10, r7\n\t"
-        "ADCS	r11, r11, r0\n\t"
-        "ADC	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "ADDS	r0, r0, r5\n\t"
-        "ADCS	r1, r1, r6\n\t"
-        "ADCS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "ADD	r0, sp, #0x20\n\t"
-        "LDM	r0, {r2, r3, r4}\n\t"
-        "ADDS	r2, r2, lr\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STM	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
-        "ADDS	r0, r0, lr\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r8\n\t"
-        "ADCS	r1, r1, r9\n\t"
-        "ADCS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r10\n\t"
-        "ADCS	r1, r1, r11\n\t"
-        "ADCS	r2, r2, r12\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r0, [sp, #44]\n\t"
-        "STR	r1, [sp, #48]\n\t"
-        "STR	r2, [sp, #52]\n\t"
-        "STR	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "ADD	r0, sp, #0x1c\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "SUBS	r0, r0, r5\n\t"
-        "SBCS	r1, r1, r6\n\t"
-        "SBCS	r2, r2, r7\n\t"
-        "SBCS	r3, r3, r8\n\t"
-        "ADD	r0, sp, #0x2c\n\t"
-        "MOV	r8, r4\n\t"
-        "LDM	r0, {r4, r5, r6, r7}\n\t"
-        "SBCS	r4, r4, r9\n\t"
-        "SBCS	r5, r5, r10\n\t"
-        "SBCS	r6, r6, r11\n\t"
-        "SBCS	r7, r7, r12\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBC	lr, lr, #0x0\n\t"
-        /* mask m and sub from result if overflow */
-        "RSB	lr, lr, #0x0\n\t"
-        "SUBS	r1, r1, lr\n\t"
-        "SBCS	r2, r2, lr\n\t"
-        "SBCS	r3, r3, lr\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, lr, LSR #31\n\t"
-        "SBC	r8, r8, lr\n\t"
-        "LDR	%[r], [sp, #64]\n\t"
-        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ADD	sp, sp, #0x44\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#else
-/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "STR	%[r], [sp, #64]\n\t"
-        "LDM	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
-        "UMULL	r9, r10, r0, r0\n\t"
-        "UMULL	r11, r12, r0, r1\n\t"
-        "ADDS	r11, r11, r11\n\t"
-        "MOV	lr, #0x0\n\t"
-        "UMAAL	r10, r11, lr, lr\n\t"
-        "STM	sp, {r9, r10}\n\t"
-        "MOV	r8, lr\n\t"
-        "UMAAL	r8, r12, r0, r2\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "UMAAL	r8, r11, r1, r1\n\t"
-        "UMULL	r9, r10, r0, r3\n\t"
-        "UMAAL	r9, r12, r1, r2\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, lr, lr\n\t"
-        "STRD	r8, r9, [sp, #8]\n\t"
-        "MOV	r9, lr\n\t"
-        "UMAAL	r9, r10, r0, r4\n\t"
-        "UMAAL	r9, r12, r1, r3\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, r2, r2\n\t"
-        "STR	r9, [sp, #16]\n\t"
-        "UMULL	r9, r8, r0, r5\n\t"
-        "UMAAL	r9, r12, r1, r4\n\t"
-        "UMAAL	r9, r10, r2, r3\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, lr, lr\n\t"
-        "STR	r9, [sp, #20]\n\t"
-        "MOV	r9, lr\n\t"
-        "UMAAL	r9, r8, r0, r6\n\t"
-        "UMAAL	r9, r12, r1, r5\n\t"
-        "UMAAL	r9, r10, r2, r4\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r11, r3, r3\n\t"
-        "STR	r9, [sp, #24]\n\t"
-        "UMULL	r0, r9, r0, r7\n\t"
-        "UMAAL	r0, r8, r1, r6\n\t"
-        "UMAAL	r0, r12, r2, r5\n\t"
-        "UMAAL	r0, r10, r3, r4\n\t"
-        "ADCS	r0, r0, r0\n\t"
-        "UMAAL	r0, r11, lr, lr\n\t"
-        /* R[7] = r0 */
-        "UMAAL	r9, r8, r1, r7\n\t"
-        "UMAAL	r9, r10, r2, r6\n\t"
-        "UMAAL	r12, r9, r3, r5\n\t"
-        "ADCS	r12, r12, r12\n\t"
-        "UMAAL	r12, r11, r4, r4\n\t"
-        /* R[8] = r12 */
-        "UMAAL	r9, r8, r2, r7\n\t"
-        "UMAAL	r10, r9, r3, r6\n\t"
-        "MOV	r2, lr\n\t"
-        "UMAAL	r10, r2, r4, r5\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "UMAAL	r11, r10, lr, lr\n\t"
-        /* R[9] = r11 */
-        "UMAAL	r2, r8, r3, r7\n\t"
-        "UMAAL	r2, r9, r4, r6\n\t"
-        "ADCS	r3, r2, r2\n\t"
-        "UMAAL	r10, r3, r5, r5\n\t"
-        /* R[10] = r10 */
-        "MOV	r1, lr\n\t"
-        "UMAAL	r1, r8, r4, r7\n\t"
-        "UMAAL	r1, r9, r5, r6\n\t"
-        "ADCS	r4, r1, r1\n\t"
-        "UMAAL	r3, r4, lr, lr\n\t"
-        /* R[11] = r3 */
-        "UMAAL	r8, r9, r5, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "UMAAL	r4, r8, r6, r6\n\t"
-        /* R[12] = r4 */
-        "MOV	r5, lr\n\t"
-        "UMAAL	r5, r9, r6, r7\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "UMAAL	r8, r5, lr, lr\n\t"
-        /* R[13] = r8 */
-        "ADCS	r9, r9, r9\n\t"
-        "UMAAL	r9, r5, r7, r7\n\t"
-        "ADCS	r7, r5, lr\n\t"
-        /* R[14] = r9 */
-        /* R[15] = r7 */
-        "MOV	lr, sp\n\t"
-        "ADD	lr, lr, #0x1c\n\t"
-        "STM	lr!, {r0, r12}\n\t"
-        "STM	lr!, {r11}\n\t"
-        "STM	lr!, {r10}\n\t"
-        "STM	lr!, {r3, r4, r8, r9}\n\t"
-        "STM	lr!, {r7}\n\t"
-        /* Start Reduction */
-        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "MOV	r3, r11\n\t"
-        "MOV	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "SUB	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "MOV	r0, r8\n\t"
-        "MOV	r1, r9\n\t"
-        "MOV	r2, r10\n\t"
-        "ADDS	r8, r8, r5\n\t"
-        "ADCS	r9, r9, r6\n\t"
-        "ADCS	r10, r10, r7\n\t"
-        "ADCS	r11, r11, r0\n\t"
-        "ADC	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "ADDS	r0, r0, r5\n\t"
-        "ADCS	r1, r1, r6\n\t"
-        "ADCS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "ADD	r0, sp, #0x20\n\t"
-        "LDM	r0, {r2, r3, r4}\n\t"
-        "ADDS	r2, r2, lr\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STM	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
-        "ADDS	r0, r0, lr\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r8\n\t"
-        "ADCS	r1, r1, r9\n\t"
-        "ADCS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r10\n\t"
-        "ADCS	r1, r1, r11\n\t"
-        "ADCS	r2, r2, r12\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r0, [sp, #44]\n\t"
-        "STR	r1, [sp, #48]\n\t"
-        "STR	r2, [sp, #52]\n\t"
-        "STR	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "ADD	r0, sp, #0x1c\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "SUBS	r0, r0, r5\n\t"
-        "SBCS	r1, r1, r6\n\t"
-        "SBCS	r2, r2, r7\n\t"
-        "SBCS	r3, r3, r8\n\t"
-        "ADD	r0, sp, #0x2c\n\t"
-        "MOV	r8, r4\n\t"
-        "LDM	r0, {r4, r5, r6, r7}\n\t"
-        "SBCS	r4, r4, r9\n\t"
-        "SBCS	r5, r5, r10\n\t"
-        "SBCS	r6, r6, r11\n\t"
-        "SBCS	r7, r7, r12\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBC	lr, lr, #0x0\n\t"
-        /* mask m and sub from result if overflow */
-        "RSB	lr, lr, #0x0\n\t"
-        "SUBS	r1, r1, lr\n\t"
-        "SBCS	r2, r2, lr\n\t"
-        "SBCS	r3, r3, lr\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, lr, LSR #31\n\t"
-        "SBC	r8, r8, lr\n\t"
-        "LDR	%[r], [sp, #64]\n\t"
-        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ADD	sp, sp, #0x44\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#endif
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_8(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_8(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word32 p256_mod_minus_2[8] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0x00000000U,0x00000000U,0x00000000U,
-    0x00000001U,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 8);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_8(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_256_mont_mul_8(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 8);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 8;
-    sp_digit* t3 = td + 4 * 8;
-    /* 0x2 */
-    sp_256_mont_sqr_8(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_8(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_8(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_8(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_8(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_8(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_8(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_8(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_8(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_8(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_8(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_8(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_8(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_8(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_8(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_256_cmp_8(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x1c\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_cmp_8_words:\n\t"
-#else
-    "L_sp_256_cmp_8_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_256_cmp_8_words\n\t"
-#else
-        "bcs	L_sp_256_cmp_8_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_256_norm_8(a)
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_cond_sub_8_words:\n\t"
-#else
-    "L_sp_256_cond_sub_8_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_256_cond_sub_8_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_256_cond_sub_8_words\n\t"
-#else
-        "BLT.N	L_sp_256_cond_sub_8_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_cond_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_SP_SMALL
-#define sp_256_mont_reduce_order_8    sp_256_mont_reduce_8
-
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mont_reduce_8_word:\n\t"
-#else
-    "L_sp_256_mont_reduce_8_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x20\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_256_mont_reduce_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_256_mont_reduce_8_word\n\t"
-#else
-        "BLT.W	L_sp_256_mont_reduce_8_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mont_reduce_8_word:\n\t"
-#else
-    "L_sp_256_mont_reduce_8_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #32]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #32]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x20\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_256_mont_reduce_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_256_mont_reduce_8_word\n\t"
-#else
-        "BLT.W	L_sp_256_mont_reduce_8_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-#else
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "STR	%[a], [sp, #64]\n\t"
-        "MOV	lr, sp\n\t"
-        "LDM	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "STM	lr!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "STM	lr, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        /* Start Reduction */
-        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "MOV	r3, r11\n\t"
-        "MOV	r4, r12\n\t"
-        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
-        /*    - a[0] << 224 */
-        /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        "ADDS	r11, r11, r5\n\t"
-        "ADC	r12, r12, r6\n\t"
-        /*   - a[0] << (7 * 32) */
-        "SUB	r12, r12, r5\n\t"
-        /*   + a[0]-a[4] << (3 * 32) */
-        "MOV	r0, r8\n\t"
-        "MOV	r1, r9\n\t"
-        "MOV	r2, r10\n\t"
-        "ADDS	r8, r8, r5\n\t"
-        "ADCS	r9, r9, r6\n\t"
-        "ADCS	r10, r10, r7\n\t"
-        "ADCS	r11, r11, r0\n\t"
-        "ADC	r12, r12, r1\n\t"
-        /* a += mu * m */
-        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[0]   =                     = t[0] */
-        /* a[1]   =                     = t[1] */
-        /* a[2]   =                     = t[2] */
-        /* a[3]  +=                t[0] = t[3] */
-        /* a[4]  +=                t[1] = t[4] */
-        /* a[5]  +=                t[2] = t[5] */
-        /* a[6]  +=         t[0] + t[3] = t[6] */
-        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
-        "ADDS	r0, r0, r5\n\t"
-        "ADCS	r1, r1, r6\n\t"
-        "ADCS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* a[8]  +=  t[0] + t[2] + t[5] */
-        /* a[9]  +=  t[1] + t[3] + t[6] */
-        /* a[10] +=  t[2] + t[4] + t[7] */
-        "ADD	r0, sp, #0x20\n\t"
-        "LDM	r0, {r2, r3, r4}\n\t"
-        "ADDS	r2, r2, lr\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r7\n\t"
-        "ADCS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STM	r0!, {r2, r3, r4}\n\t"
-        /* a[11] +=  t[3] + t[5] + carry */
-        /* a[12] +=  t[4] + t[6] */
-        /* a[13] +=  t[5] + t[7] */
-        /* a[14] +=  t[6] */
-        /* a[15] +=  t[7] */
-        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
-        "ADDS	r0, r0, lr\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "MOV	lr, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r8\n\t"
-        "ADCS	r1, r1, r9\n\t"
-        "ADCS	r2, r2, r10\n\t"
-        "ADCS	r3, r3, r11\n\t"
-        "ADCS	r4, r4, r12\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r0, r0, r10\n\t"
-        "ADCS	r1, r1, r11\n\t"
-        "ADCS	r2, r2, r12\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "STR	r0, [sp, #44]\n\t"
-        "STR	r1, [sp, #48]\n\t"
-        "STR	r2, [sp, #52]\n\t"
-        "STR	r3, [sp, #56]\n\t"
-        /* a[7..15] - t[0..7] */
-        "ADD	r0, sp, #0x1c\n\t"
-        "LDM	r0, {r0, r1, r2, r3}\n\t"
-        "SUBS	r0, r0, r5\n\t"
-        "SBCS	r1, r1, r6\n\t"
-        "SBCS	r2, r2, r7\n\t"
-        "SBCS	r3, r3, r8\n\t"
-        "ADD	r0, sp, #0x2c\n\t"
-        "MOV	r8, r4\n\t"
-        "LDM	r0, {r4, r5, r6, r7}\n\t"
-        "SBCS	r4, r4, r9\n\t"
-        "SBCS	r5, r5, r10\n\t"
-        "SBCS	r6, r6, r11\n\t"
-        "SBCS	r7, r7, r12\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBC	lr, lr, #0x0\n\t"
-        /* mask m and sub from result if overflow */
-        "RSB	lr, lr, #0x0\n\t"
-        "SUBS	r1, r1, lr\n\t"
-        "SBCS	r2, r2, lr\n\t"
-        "SBCS	r3, r3, lr\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, lr, LSR #31\n\t"
-        "SBC	r8, r8, lr\n\t"
-        "LDR	%[a], [sp, #64]\n\t"
-        "STM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ADD	sp, sp, #0x44\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_order_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_order_8(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mont_reduce_order_8_word:\n\t"
-#else
-    "L_sp_256_mont_reduce_order_8_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x20\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_256_mont_reduce_order_8_word\n\t"
-#else
-        "BLT.W	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_order_8(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_reduce_order_8(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mont_reduce_order_8_word:\n\t"
-#else
-    "L_sp_256_mont_reduce_order_8_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #32]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #32]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x20\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_256_mont_reduce_order_8_word\n\t"
-#else
-        "BLT.W	L_sp_256_mont_reduce_order_8_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-#endif /* WOLFSSL_SP_SMALL */
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_int32 n;
-
-    sp_256_mont_inv_8(t1, p->z, t + 2*8);
-
-    sp_256_mont_sqr_8(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_8(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 8, 0, sizeof(sp_digit) * 8U);
-    sp_256_mont_reduce_8(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_8(r->x, p256_mod);
-    sp_256_cond_sub_8(r->x, r->x, p256_mod, (sp_digit)~(n >> 31));
-    sp_256_norm_8(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_8(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 8, 0, sizeof(sp_digit) * 8U);
-    sp_256_mont_reduce_8(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_8(r->y, p256_mod);
-    sp_256_cond_sub_8(r->y, r->y, p256_mod, (sp_digit)~(n >> 31));
-    sp_256_norm_8(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	lr, #0x0\n\t"
-        "LDM	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "ADDS	r5, r5, r3\n\t"
-        "ADCS	r6, r6, r4\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "ADCS	r7, r7, r3\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "ADCS	r9, r9, r3\n\t"
-        "ADCS	r10, r10, r4\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "ADCS	r12, r12, r4\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "RSB	lr, lr, #0x0\n\t"
-        "SUBS	r5, r5, lr\n\t"
-        "SBCS	r6, r6, lr\n\t"
-        "SBCS	r7, r7, lr\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, #0x0\n\t"
-        "SBCS	r11, r11, lr, LSR #31\n\t"
-        "SBCS	r12, r12, lr\n\t"
-        "SBC	%[b], %[b], %[b]\n\t"
-        "SUB	lr, lr, %[b]\n\t"
-        "SUBS	r5, r5, lr\n\t"
-        "SBCS	r6, r6, lr\n\t"
-        "SBCS	r7, r7, lr\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, #0x0\n\t"
-        "SBCS	r11, r11, lr, LSR #31\n\t"
-        "SBC	r12, r12, lr\n\t"
-        "STM	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0x0\n\t"
-        "LDM	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "RSB	r2, r2, #0x0\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, r2, LSR #31\n\t"
-        "SBCS	r11, r11, r2\n\t"
-        "SBC	%[a], %[a], %[a]\n\t"
-        "SUB	r2, r2, %[a]\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, r2, LSR #31\n\t"
-        "SBC	r11, r11, r2\n\t"
-        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "ADC	r12, r12, #0x0\n\t"
-        "RSB	r12, r12, #0x0\n\t"
-        "SUBS	r4, r4, r12\n\t"
-        "SBCS	r5, r5, r12\n\t"
-        "SBCS	r6, r6, r12\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, r12, LSR #31\n\t"
-        "SBCS	r11, r11, r12\n\t"
-        "SBC	r2, r2, r2\n\t"
-        "SUB	r12, r12, r2\n\t"
-        "SUBS	r4, r4, r12\n\t"
-        "SBCS	r5, r5, r12\n\t"
-        "SBCS	r6, r6, r12\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, r12, LSR #31\n\t"
-        "SBC	r11, r11, r12\n\t"
-        "LDM	%[a]!, {r2, r3}\n\t"
-        "ADDS	r4, r4, r2\n\t"
-        "ADCS	r5, r5, r3\n\t"
-        "LDM	%[a]!, {r2, r3}\n\t"
-        "ADCS	r6, r6, r2\n\t"
-        "ADCS	r7, r7, r3\n\t"
-        "LDM	%[a]!, {r2, r3}\n\t"
-        "ADCS	r8, r8, r2\n\t"
-        "ADCS	r9, r9, r3\n\t"
-        "LDM	%[a]!, {r2, r3}\n\t"
-        "ADCS	r10, r10, r2\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "ADC	r12, r12, #0x0\n\t"
-        "RSB	r12, r12, #0x0\n\t"
-        "SUBS	r4, r4, r12\n\t"
-        "SBCS	r5, r5, r12\n\t"
-        "SBCS	r6, r6, r12\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, r12, LSR #31\n\t"
-        "SBCS	r11, r11, r12\n\t"
-        "SBC	r2, r2, r2\n\t"
-        "SUB	r12, r12, r2\n\t"
-        "SUBS	r4, r4, r12\n\t"
-        "SBCS	r5, r5, r12\n\t"
-        "SBCS	r6, r6, r12\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, r12, LSR #31\n\t"
-        "SBC	r11, r11, r12\n\t"
-        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2", "r3", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	lr, #0x0\n\t"
-        "LDM	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "SUBS	r5, r5, r3\n\t"
-        "SBCS	r6, r6, r4\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "SBCS	r7, r7, r3\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "SBCS	r9, r9, r3\n\t"
-        "SBCS	r10, r10, r4\n\t"
-        "LDM	%[b]!, {r3, r4}\n\t"
-        "SBCS	r11, r11, r3\n\t"
-        "SBCS	r12, r12, r4\n\t"
-        "SBC	lr, lr, #0x0\n\t"
-        "ADDS	r5, r5, lr\n\t"
-        "ADCS	r6, r6, lr\n\t"
-        "ADCS	r7, r7, lr\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, lr, LSR #31\n\t"
-        "ADCS	r12, r12, lr\n\t"
-        "ADC	lr, lr, #0x0\n\t"
-        "ADDS	r5, r5, lr\n\t"
-        "ADCS	r6, r6, lr\n\t"
-        "ADCS	r7, r7, lr\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, lr, LSR #31\n\t"
-        "ADC	r12, r12, lr\n\t"
-        "STM	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r4, r5, r6, r7}\n\t"
-        "AND	r3, r4, #0x1\n\t"
-        "RSB	r8, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "STM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDRD	r4, r5, [%[a], #16]\n\t"
-        "LDRD	r6, r7, [%[a], #24]\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, r8, LSR #31\n\t"
-        "ADCS	r7, r7, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "LSR	r8, r4, #1\n\t"
-        "LSR	r9, r5, #1\n\t"
-        "LSR	r10, r6, #1\n\t"
-        "LSR	r11, r7, #1\n\t"
-        "ORR	r8, r8, r5, LSL #31\n\t"
-        "ORR	r9, r9, r6, LSL #31\n\t"
-        "ORR	r10, r10, r7, LSL #31\n\t"
-        "ORR	r11, r11, r3, LSL #31\n\t"
-        "MOV	r3, r4\n\t"
-        "STRD	r8, r9, [%[r], #16]\n\t"
-        "STRD	r10, r11, [%[r], #24]\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LSR	r8, r4, #1\n\t"
-        "LSR	r9, r5, #1\n\t"
-        "LSR	r10, r6, #1\n\t"
-        "LSR	r11, r7, #1\n\t"
-        "ORR	r8, r8, r5, LSL #31\n\t"
-        "ORR	r9, r9, r6, LSL #31\n\t"
-        "ORR	r10, r10, r7, LSL #31\n\t"
-        "ORR	r11, r11, r3, LSL #31\n\t"
-        "STM	%[r], {r8, r9, r10, r11}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3"
-    );
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_8(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_8(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_8(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_8(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_8(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_8(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_8(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_8(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_8(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_8(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_8(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_8(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_8(x, x, y, p256_mod);
-    /* Y = Y - X */
-    sp_256_mont_sub_8(y, y, x, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_8(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_8_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_8_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*8;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_8(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_8(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_8(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_8(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_8(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_8(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_8(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_8(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_8(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_8(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_8(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_8(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_8(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_8(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_8(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_8(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*8;
-    sp_digit* t2 = t + 4*8;
-    sp_digit* t3 = t + 6*8;
-    sp_digit* t4 = t + 8*8;
-    sp_digit* t5 = t + 10*8;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_8(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_8(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_8(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_8(t2, t1) &
-            sp_256_cmp_equal_8(t4, t3)) {
-        sp_256_proj_point_dbl_8(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_8(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(x, x, t5, p256_mod);
-        sp_256_mont_mul_8(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_8(t3, y, p256_mod);
-        sp_256_mont_sub_8(x, x, t3, p256_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_8_ctx {
-    int state;
-    sp_256_proj_point_dbl_8_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_8_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_8_ctx* ctx = (sp_256_proj_point_add_8_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*8;
-        ctx->t2 = t + 4*8;
-        ctx->t3 = t + 6*8;
-        ctx->t4 = t + 8*8;
-        ctx->t5 = t + 10*8;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_8(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_8(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_8(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_8(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_8(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_8(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_8(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_8(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_8(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_8(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_8(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_8(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_8(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_8(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_8(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_8(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_8(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_8(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_8(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_8(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_256_mont_dbl_8(ctx->t3, ctx->y, p256_mod);
-        sp_256_mont_sub_8(ctx->x, ctx->x, ctx->t3, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_8(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 256 doubles.
- * 76 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_point_256* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_256, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_256, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_256_mod_mul_norm_8(t[1].x, g->x, p256_mod);
-        (void)sp_256_mod_mul_norm_8(t[1].y, g->y, p256_mod);
-        (void)sp_256_mod_mul_norm_8(t[1].z, g->z, p256_mod);
-        t[1].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_256_proj_point_add_8(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_256_proj_point_add_8(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_256_proj_point_add_8(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_256_proj_point_dbl_8(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_256_proj_point_add_8(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 6;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_16_8(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_256));
-        }
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-            sp_256_proj_point_dbl_8(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_16_8(p, t, y);
-                p->infinity = !y;
-                sp_256_proj_point_add_8(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_256_proj_point_add_8(rt, rt, &t[y], tmp);
-            }
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 8 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_256, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_256, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*8;
-    sp_digit* b = t + 4*8;
-    sp_digit* t1 = t + 6*8;
-    sp_digit* t2 = t + 8*8;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_8(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_8(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_8(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_8(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_8(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_8(t2, b, p256_mod);
-        sp_256_mont_sub_8(x, x, t2, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_sub_8(t2, b, x, p256_mod);
-        sp_256_mont_dbl_8(b, t2, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_8(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_8(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_8(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_8(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_8(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_8(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_dbl_8(t2, b, p256_mod);
-    sp_256_mont_sub_8(x, x, t2, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_sub_8(t2, b, x, p256_mod);
-    sp_256_mont_dbl_8(b, t2, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_8(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_8(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_8(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_8(y, y, p256_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_8(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 8;
-    sp_digit* tmp = t + 4 * 8;
-
-    sp_256_mont_inv_8(t1, a->z, tmp);
-
-    sp_256_mont_sqr_8(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_8(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[8];
-    sp_digit y[8];
-} sp_table_entry_256;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*8;
-    sp_digit* t6 = t + 4*8;
-    sp_digit* t1 = t + 6*8;
-    sp_digit* t4 = t + 8*8;
-    sp_digit* t5 = t + 10*8;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_8(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_8(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_8(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_8(p->x, t2) &
-            sp_256_cmp_equal_8(p->y, t4)) {
-        sp_256_proj_point_dbl_8(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_8(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
-        sp_256_mont_dbl_8(t5, t3, p256_mod);
-        sp_256_mont_sub_8(x, t2, t5, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_8(t3, t3, x, p256_mod);
-        sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 8; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 8; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 64 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_8(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_8(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_8(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_256_proj_point_dbl_n_8(t, 64, tmp);
-            sp_256_proj_to_affine_8(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_8(t, s1, s2, tmp);
-                sp_256_proj_to_affine_8(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_16_8(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 8 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 63;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 64;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_16_8(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=62; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 64;
-            }
-
-            sp_256_proj_point_dbl_8(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_16_8(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_8(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[8];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[8];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_8(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_8(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_8(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_8(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 32 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_8(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_8(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_8(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_8(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_8(t, 32, tmp);
-            sp_256_proj_to_affine_8(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_8(t, s1, s2, tmp);
-                sp_256_proj_to_affine_8(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_256_get_entry_256_8(sp_point_256* r,
-    const sp_table_entry_256* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_8(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 8 * 6);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 31;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 32;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_256_8(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 32;
-            }
-
-            sp_256_proj_point_dbl_8(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_256_8(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_8(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_8(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[8];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[8];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_8(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_8(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_8(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_8(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(point, gm);
-
-            err = sp_256_ecc_mulmod_8(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 8 + 8 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8 + 8 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 8;
-
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(point, gm);
-        sp_256_point_from_ecc_point_8(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_8(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_8(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 64 between points.
- */
-static const sp_table_entry_256 p256_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x79e730d4,0x5fedb601,0x75ba95fc,0x77622510,0x79fb732b,
-        0xa53755c6,0x18905f76 },
-      { 0xce95560a,0xddf25357,0xba19e45c,0x8b4ab8e4,0xdd21f325,0xd2e88688,
-        0x25885d85,0x8571ff18 } },
-    /* 2 */
-    { { 0x16a0d2bb,0x4f922fc5,0x1a623499,0x0d5cc16c,0x57c62c8b,0x9241cf3a,
-        0xfd1b667f,0x2f5e6961 },
-      { 0xf5a01797,0x5c15c70b,0x60956192,0x3d20b44d,0x071fdb52,0x04911b37,
-        0x8d6f0f7b,0xf648f916 } },
-    /* 3 */
-    { { 0xe137bbbc,0x9e566847,0x8a6a0bec,0xe434469e,0x79d73463,0xb1c42761,
-        0x133d0015,0x5abe0285 },
-      { 0xc04c7dab,0x92aa837c,0x43260c07,0x573d9f4c,0x78e6cc37,0x0c931562,
-        0x6b6f7383,0x94bb725b } },
-    /* 4 */
-    { { 0xbfe20925,0x62a8c244,0x8fdce867,0x91c19ac3,0xdd387063,0x5a96a5d5,
-        0x21d324f6,0x61d587d4 },
-      { 0xa37173ea,0xe87673a2,0x53778b65,0x23848008,0x05bab43e,0x10f8441e,
-        0x4621efbe,0xfa11fe12 } },
-    /* 5 */
-    { { 0x2cb19ffd,0x1c891f2b,0xb1923c23,0x01ba8d5b,0x8ac5ca8e,0xb6d03d67,
-        0x1f13bedc,0x586eb04c },
-      { 0x27e8ed09,0x0c35c6e5,0x1819ede2,0x1e81a33c,0x56c652fa,0x278fd6c0,
-        0x70864f11,0x19d5ac08 } },
-    /* 6 */
-    { { 0xd2b533d5,0x62577734,0xa1bdddc0,0x673b8af6,0xa79ec293,0x577e7c9a,
-        0xc3b266b1,0xbb6de651 },
-      { 0xb65259b3,0xe7e9303a,0xd03a7480,0xd6a0afd3,0x9b3cfc27,0xc5ac83d1,
-        0x5d18b99b,0x60b4619a } },
-    /* 7 */
-    { { 0x1ae5aa1c,0xbd6a38e1,0x49e73658,0xb8b7652b,0xee5f87ed,0x0b130014,
-        0xaeebffcd,0x9d0f27b2 },
-      { 0x7a730a55,0xca924631,0xddbbc83a,0x9c955b2f,0xac019a71,0x07c1dfe0,
-        0x356ec48d,0x244a566d } },
-    /* 8 */
-    { { 0xf4f8b16a,0x56f8410e,0xc47b266a,0x97241afe,0x6d9c87c1,0x0a406b8e,
-        0xcd42ab1b,0x803f3e02 },
-      { 0x04dbec69,0x7f0309a8,0x3bbad05f,0xa83b85f7,0xad8e197f,0xc6097273,
-        0x5067adc1,0xc097440e } },
-    /* 9 */
-    { { 0xc379ab34,0x846a56f2,0x841df8d1,0xa8ee068b,0x176c68ef,0x20314459,
-        0x915f1f30,0xf1af32d5 },
-      { 0x5d75bd50,0x99c37531,0xf72f67bc,0x837cffba,0x48d7723f,0x0613a418,
-        0xe2d41c8b,0x23d0f130 } },
-    /* 10 */
-    { { 0xd5be5a2b,0xed93e225,0x5934f3c6,0x6fe79983,0x22626ffc,0x43140926,
-        0x7990216a,0x50bbb4d9 },
-      { 0xe57ec63e,0x378191c6,0x181dcdb2,0x65422c40,0x0236e0f6,0x41a8099b,
-        0x01fe49c3,0x2b100118 } },
-    /* 11 */
-    { { 0x9b391593,0xfc68b5c5,0x598270fc,0xc385f5a2,0xd19adcbb,0x7144f3aa,
-        0x83fbae0c,0xdd558999 },
-      { 0x74b82ff4,0x93b88b8e,0x71e734c9,0xd2e03c40,0x43c0322a,0x9a7a9eaf,
-        0x149d6041,0xe6e4c551 } },
-    /* 12 */
-    { { 0x80ec21fe,0x5fe14bfe,0xc255be82,0xf6ce116a,0x2f4a5d67,0x98bc5a07,
-        0xdb7e63af,0xfad27148 },
-      { 0x29ab05b3,0x90c0b6ac,0x4e251ae6,0x37a9a83c,0xc2aade7d,0x0a7dc875,
-        0x9f0e1a84,0x77387de3 } },
-    /* 13 */
-    { { 0xa56c0dd7,0x1e9ecc49,0x46086c74,0xa5cffcd8,0xf505aece,0x8f7a1408,
-        0xbef0c47e,0xb37b85c0 },
-      { 0xcc0e6a8f,0x3596b6e4,0x6b388f23,0xfd6d4bbf,0xc39cef4e,0xaba453fa,
-        0xf9f628d5,0x9c135ac8 } },
-    /* 14 */
-    { { 0x95c8f8be,0x0a1c7294,0x3bf362bf,0x2961c480,0xdf63d4ac,0x9e418403,
-        0x91ece900,0xc109f9cb },
-      { 0x58945705,0xc2d095d0,0xddeb85c0,0xb9083d96,0x7a40449b,0x84692b8d,
-        0x2eee1ee1,0x9bc3344f } },
-    /* 15 */
-    { { 0x42913074,0x0d5ae356,0x48a542b1,0x55491b27,0xb310732a,0x469ca665,
-        0x5f1a4cc1,0x29591d52 },
-      { 0xb84f983f,0xe76f5b6b,0x9f5f84e1,0xbe7eef41,0x80baa189,0x1200d496,
-        0x18ef332c,0x6376551f } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_8(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 32 between points.
- */
-static const sp_table_entry_256 p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x18a9143c,0x79e730d4,0x5fedb601,0x75ba95fc,0x77622510,0x79fb732b,
-        0xa53755c6,0x18905f76 },
-      { 0xce95560a,0xddf25357,0xba19e45c,0x8b4ab8e4,0xdd21f325,0xd2e88688,
-        0x25885d85,0x8571ff18 } },
-    /* 2 */
-    { { 0x4147519a,0x20288602,0x26b372f0,0xd0981eac,0xa785ebc8,0xa9d4a7ca,
-        0xdbdf58e9,0xd953c50d },
-      { 0xfd590f8f,0x9d6361cc,0x44e6c917,0x72e9626b,0x22eb64cf,0x7fd96110,
-        0x9eb288f3,0x863ebb7e } },
-    /* 3 */
-    { { 0x5cdb6485,0x7856b623,0x2f0a2f97,0x808f0ea2,0x4f7e300b,0x3e68d954,
-        0xb5ff80a0,0x00076055 },
-      { 0x838d2010,0x7634eb9b,0x3243708a,0x54014fbb,0x842a6606,0xe0e47d39,
-        0x34373ee0,0x83087761 } },
-    /* 4 */
-    { { 0x16a0d2bb,0x4f922fc5,0x1a623499,0x0d5cc16c,0x57c62c8b,0x9241cf3a,
-        0xfd1b667f,0x2f5e6961 },
-      { 0xf5a01797,0x5c15c70b,0x60956192,0x3d20b44d,0x071fdb52,0x04911b37,
-        0x8d6f0f7b,0xf648f916 } },
-    /* 5 */
-    { { 0xe137bbbc,0x9e566847,0x8a6a0bec,0xe434469e,0x79d73463,0xb1c42761,
-        0x133d0015,0x5abe0285 },
-      { 0xc04c7dab,0x92aa837c,0x43260c07,0x573d9f4c,0x78e6cc37,0x0c931562,
-        0x6b6f7383,0x94bb725b } },
-    /* 6 */
-    { { 0x720f141c,0xbbf9b48f,0x2df5bc74,0x6199b3cd,0x411045c4,0xdc3f6129,
-        0x2f7dc4ef,0xcdd6bbcb },
-      { 0xeaf436fd,0xcca6700b,0xb99326be,0x6f647f6d,0x014f2522,0x0c0fa792,
-        0x4bdae5f6,0xa361bebd } },
-    /* 7 */
-    { { 0x597c13c7,0x28aa2558,0x50b7c3e1,0xc38d635f,0xf3c09d1d,0x07039aec,
-        0xc4b5292c,0xba12ca09 },
-      { 0x59f91dfd,0x9e408fa4,0xceea07fb,0x3af43b66,0x9d780b29,0x1eceb089,
-        0x701fef4b,0x53ebb99d } },
-    /* 8 */
-    { { 0xb0e63d34,0x4fe7ee31,0xa9e54fab,0xf4600572,0xd5e7b5a4,0xc0493334,
-        0x06d54831,0x8589fb92 },
-      { 0x6583553a,0xaa70f5cc,0xe25649e5,0x0879094a,0x10044652,0xcc904507,
-        0x02541c4f,0xebb0696d } },
-    /* 9 */
-    { { 0xac1647c5,0x4616ca15,0xc4cf5799,0xb8127d47,0x764dfbac,0xdc666aa3,
-        0xd1b27da3,0xeb2820cb },
-      { 0x6a87e008,0x9406f8d8,0x922378f3,0xd87dfa9d,0x80ccecb2,0x56ed2e42,
-        0x55a7da1d,0x1f28289b } },
-    /* 10 */
-    { { 0x3b89da99,0xabbaa0c0,0xb8284022,0xa6f2d79e,0xb81c05e8,0x27847862,
-        0x05e54d63,0x337a4b59 },
-      { 0x21f7794a,0x3c67500d,0x7d6d7f61,0x207005b7,0x04cfd6e8,0x0a5a3781,
-        0xf4c2fbd6,0x0d65e0d5 } },
-    /* 11 */
-    { { 0xb5275d38,0xd9d09bbe,0x0be0a358,0x4268a745,0x973eb265,0xf0762ff4,
-        0x52f4a232,0xc23da242 },
-      { 0x0b94520c,0x5da1b84f,0xb05bd78e,0x09666763,0x94d29ea1,0x3a4dcb86,
-        0xc790cff1,0x19de3b8c } },
-    /* 12 */
-    { { 0x26c5fe04,0x183a716c,0x3bba1bdb,0x3b28de0b,0xa4cb712c,0x7432c586,
-        0x91fccbfd,0xe34dcbd4 },
-      { 0xaaa58403,0xb408d46b,0x82e97a53,0x9a697486,0x36aaa8af,0x9e390127,
-        0x7b4e0f7f,0xe7641f44 } },
-    /* 13 */
-    { { 0xdf64ba59,0x7d753941,0x0b0242fc,0xd33f10ec,0xa1581859,0x4f06dfc6,
-        0x052a57bf,0x4a12df57 },
-      { 0x9439dbd0,0xbfa6338f,0xbde53e1f,0xd3c24bd4,0x21f1b314,0xfd5e4ffa,
-        0xbb5bea46,0x6af5aa93 } },
-    /* 14 */
-    { { 0x10c91999,0xda10b699,0x2a580491,0x0a24b440,0xb8cc2090,0x3e0094b4,
-        0x66a44013,0x5fe3475a },
-      { 0xf93e7b4b,0xb0f8cabd,0x7c23f91a,0x292b501a,0xcd1e6263,0x42e889ae,
-        0xecfea916,0xb544e308 } },
-    /* 15 */
-    { { 0x16ddfdce,0x6478c6e9,0xf89179e6,0x2c329166,0x4d4e67e1,0x4e8d6e76,
-        0xa6b0c20b,0xe0b6b2bd },
-      { 0xbb7efb57,0x0d312df2,0x790c4007,0x1aac0dde,0x679bc944,0xf90336ad,
-        0x25a63774,0x71c023de } },
-    /* 16 */
-    { { 0xbfe20925,0x62a8c244,0x8fdce867,0x91c19ac3,0xdd387063,0x5a96a5d5,
-        0x21d324f6,0x61d587d4 },
-      { 0xa37173ea,0xe87673a2,0x53778b65,0x23848008,0x05bab43e,0x10f8441e,
-        0x4621efbe,0xfa11fe12 } },
-    /* 17 */
-    { { 0x2cb19ffd,0x1c891f2b,0xb1923c23,0x01ba8d5b,0x8ac5ca8e,0xb6d03d67,
-        0x1f13bedc,0x586eb04c },
-      { 0x27e8ed09,0x0c35c6e5,0x1819ede2,0x1e81a33c,0x56c652fa,0x278fd6c0,
-        0x70864f11,0x19d5ac08 } },
-    /* 18 */
-    { { 0x309a4e1f,0x1e99f581,0xe9270074,0xab7de71b,0xefd28d20,0x26a5ef0b,
-        0x7f9c563f,0xe7c0073f },
-      { 0x0ef59f76,0x1f6d663a,0x20fcb050,0x669b3b54,0x7a6602d4,0xc08c1f7a,
-        0xc65b3c0a,0xe08504fe } },
-    /* 19 */
-    { { 0xa031b3ca,0xf098f68d,0xe6da6d66,0x6d1cab9e,0x94f246e8,0x5bfd81fa,
-        0x5b0996b4,0x78f01882 },
-      { 0x3a25787f,0xb7eefde4,0x1dccac9b,0x8016f80d,0xb35bfc36,0x0cea4877,
-        0x7e94747a,0x43a773b8 } },
-    /* 20 */
-    { { 0xd2b533d5,0x62577734,0xa1bdddc0,0x673b8af6,0xa79ec293,0x577e7c9a,
-        0xc3b266b1,0xbb6de651 },
-      { 0xb65259b3,0xe7e9303a,0xd03a7480,0xd6a0afd3,0x9b3cfc27,0xc5ac83d1,
-        0x5d18b99b,0x60b4619a } },
-    /* 21 */
-    { { 0x1ae5aa1c,0xbd6a38e1,0x49e73658,0xb8b7652b,0xee5f87ed,0x0b130014,
-        0xaeebffcd,0x9d0f27b2 },
-      { 0x7a730a55,0xca924631,0xddbbc83a,0x9c955b2f,0xac019a71,0x07c1dfe0,
-        0x356ec48d,0x244a566d } },
-    /* 22 */
-    { { 0xeacf1f96,0x6db0394a,0x024c271c,0x9f2122a9,0x82cbd3b9,0x2626ac1b,
-        0x3581ef69,0x45e58c87 },
-      { 0xa38f9dbc,0xd3ff479d,0xe888a040,0xa8aaf146,0x46e0bed7,0x945adfb2,
-        0xc1e4b7a4,0xc040e21c } },
-    /* 23 */
-    { { 0x6f8117b6,0x847af000,0x73a35433,0x651969ff,0x1d9475eb,0x482b3576,
-        0x682c6ec7,0x1cdf5c97 },
-      { 0x11f04839,0x7db775b4,0x48de1698,0x7dbeacf4,0xb70b3219,0xb2921dd1,
-        0xa92dff3d,0x046755f8 } },
-    /* 24 */
-    { { 0xbce8ffcd,0xcc8ac5d2,0x2fe61a82,0x0d53c48b,0x7202d6c7,0xf6f16172,
-        0x3b83a5f3,0x046e5e11 },
-      { 0xd8007f01,0xe7b8ff64,0x5af43183,0x7fb1ef12,0x35e1a03c,0x045c5ea6,
-        0x303d005b,0x6e0106c3 } },
-    /* 25 */
-    { { 0x88dd73b1,0x48c73584,0x995ed0d9,0x7670708f,0xc56a2ab7,0x38385ea8,
-        0xe901cf1f,0x442594ed },
-      { 0x12d4b65b,0xf8faa2c9,0x96c90c37,0x94c2343b,0x5e978d1f,0xd326e4a1,
-        0x4c2ee68e,0xa796fa51 } },
-    /* 26 */
-    { { 0x823addd7,0x359fb604,0xe56693b3,0x9e2a6183,0x3cbf3c80,0xf885b78e,
-        0xc69766e9,0xe4ad2da9 },
-      { 0x8e048a61,0x357f7f42,0xc092d9a0,0x082d198c,0xc03ed8ef,0xfc3a1af4,
-        0xc37b5143,0xc5e94046 } },
-    /* 27 */
-    { { 0x2be75f9e,0x476a538c,0xcb123a78,0x6fd1a9e8,0xb109c04b,0xd85e4df0,
-        0xdb464747,0x63283daf },
-      { 0xbaf2df15,0xce728cf7,0x0ad9a7f4,0xe592c455,0xe834bcc3,0xfab226ad,
-        0x1981a938,0x68bd19ab } },
-    /* 28 */
-    { { 0x1887d659,0xc08ead51,0xb359305a,0x3374d5f4,0xcfe74fe3,0x96986981,
-        0x3c6fdfd6,0x495292f5 },
-      { 0x1acec896,0x4a878c9e,0xec5b4484,0xd964b210,0x664d60a7,0x6696f7e2,
-        0x26036837,0x0ec7530d } },
-    /* 29 */
-    { { 0xad2687bb,0x2da13a05,0xf32e21fa,0xa1f83b6a,0x1dd4607b,0x390f5ef5,
-        0x64863f0b,0x0f6207a6 },
-      { 0x0f138233,0xbd67e3bb,0x272aa718,0xdd66b96c,0x26ec88ae,0x8ed00407,
-        0x08ed6dcf,0xff0db072 } },
-    /* 30 */
-    { { 0x4c95d553,0x749fa101,0x5d680a8a,0xa44052fd,0xff3b566f,0x183b4317,
-        0x88740ea3,0x313b513c },
-      { 0x08d11549,0xb402e2ac,0xb4dee21c,0x071ee10b,0x47f2320e,0x26b987dd,
-        0x86f19f81,0x2d3abcf9 } },
-    /* 31 */
-    { { 0x815581a2,0x4c288501,0x632211af,0x9a0a6d56,0x0cab2e99,0x19ba7a0f,
-        0xded98cdf,0xc036fa10 },
-      { 0xc1fbd009,0x29ae08ba,0x06d15816,0x0b68b190,0x9b9e0d8f,0xc2eb3277,
-        0xb6d40194,0xa6b2a2c4 } },
-    /* 32 */
-    { { 0x6d3549cf,0xd433e50f,0xfacd665e,0x6f33696f,0xce11fcb4,0x695bfdac,
-        0xaf7c9860,0x810ee252 },
-      { 0x7159bb2c,0x65450fe1,0x758b357b,0xf7dfbebe,0xd69fea72,0x2b057e74,
-        0x92731745,0xd485717a } },
-    /* 33 */
-    { { 0xf0cb5a98,0x11741a8a,0x1f3110bf,0xd3da8f93,0xab382adf,0x1994e2cb,
-        0x2f9a604e,0x6a6045a7 },
-      { 0xa2b2411d,0x170c0d3f,0x510e96e0,0xbe0eb83e,0x8865b3cc,0x3bcc9f73,
-        0xf9e15790,0xd3e45cfa } },
-    /* 34 */
-    { { 0xe83f7669,0xce1f69bb,0x72877d6b,0x09f8ae82,0x3244278d,0x9548ae54,
-        0xe3c2c19c,0x207755de },
-      { 0x6fef1945,0x87bd61d9,0xb12d28c3,0x18813cef,0x72df64aa,0x9fbcd1d6,
-        0x7154b00d,0x48dc5ee5 } },
-    /* 35 */
-    { { 0xf7e5a199,0x123790bf,0x989ccbb7,0xe0efb8cf,0x0a519c79,0xc27a2bfe,
-        0xdff6f445,0xf2fb0aed },
-      { 0xf0b5025f,0x41c09575,0x40fa9f22,0x550543d7,0x380bfbd0,0x8fa3c8ad,
-        0xdb28d525,0xa13e9015 } },
-    /* 36 */
-    { { 0xa2b65cbc,0xf9f7a350,0x2a464226,0x0b04b972,0xe23f07a1,0x265ce241,
-        0x1497526f,0x2bf0d6b0 },
-      { 0x4b216fb7,0xd3d4dd3f,0xfbdda26a,0xf7d7b867,0x6708505c,0xaeb7b83f,
-        0x162fe89f,0x42a94a5a } },
-    /* 37 */
-    { { 0xeaadf191,0x5846ad0b,0x25a268d7,0x0f8a4890,0x494dc1f6,0xe8603050,
-        0xc65ede3d,0x2c2dd969 },
-      { 0x93849c17,0x6d02171d,0x1da250dd,0x460488ba,0x3c3a5485,0x4810c706,
-        0x42c56dbc,0xf437fa1f } },
-    /* 38 */
-    { { 0x4a0f7dab,0x6aa0d714,0x1776e9ac,0x0f049793,0xf5f39786,0x52c0a050,
-        0x54707aa8,0xaaf45b33 },
-      { 0xc18d364a,0x85e37c33,0x3e497165,0xd40b9b06,0x15ec5444,0xf4171681,
-        0xf4f272bc,0xcdf6310d } },
-    /* 39 */
-    { { 0x8ea8b7ef,0x7473c623,0x85bc2287,0x08e93518,0x2bda8e34,0x41956772,
-        0xda9e2ff2,0xf0d008ba },
-      { 0x2414d3b1,0x2912671d,0xb019ea76,0xb3754985,0x453bcbdb,0x5c61b96d,
-        0xca887b8b,0x5bd5c2f5 } },
-    /* 40 */
-    { { 0xf49a3154,0xef0f469e,0x6e2b2e9a,0x3e85a595,0xaa924a9c,0x45aaec1e,
-        0xa09e4719,0xaa12dfc8 },
-      { 0x4df69f1d,0x26f27227,0xa2ff5e73,0xe0e4c82c,0xb7a9dd44,0xb9d8ce73,
-        0xe48ca901,0x6c036e73 } },
-    /* 41 */
-    { { 0x0f6e3138,0x5cfae12a,0x25ad345a,0x6966ef00,0x45672bc5,0x8993c64b,
-        0x96afbe24,0x292ff658 },
-      { 0x5e213402,0xd5250d44,0x4392c9fe,0xf6580e27,0xda1c72e8,0x097b397f,
-        0x311b7276,0x644e0c90 } },
-    /* 42 */
-    { { 0xa47153f0,0xe1e421e1,0x920418c9,0xb86c3b79,0x705d7672,0x93bdce87,
-        0xcab79a77,0xf25ae793 },
-      { 0x6d869d0c,0x1f3194a3,0x4986c264,0x9d55c882,0x096e945e,0x49fb5ea3,
-        0x13db0a3e,0x39b8e653 } },
-    /* 43 */
-    { { 0xb6fd2e59,0x37754200,0x9255c98f,0x35e2c066,0x0e2a5739,0xd9dab21a,
-        0x0f19db06,0x39122f2f },
-      { 0x03cad53c,0xcfbce1e0,0xe65c17e3,0x225b2c0f,0x9aa13877,0x72baf1d2,
-        0xce80ff8d,0x8de80af8 } },
-    /* 44 */
-    { { 0x207bbb76,0xafbea8d9,0x21782758,0x921c7e7c,0x1c0436b1,0xdfa2b74b,
-        0x2e368c04,0x87194906 },
-      { 0xa3993df5,0xb5f928bb,0xf3b3d26a,0x639d75b5,0x85b55050,0x011aa78a,
-        0x5b74fde1,0xfc315e6a } },
-    /* 45 */
-    { { 0xe8d6ecfa,0x561fd41a,0x1aec7f86,0x5f8c44f6,0x4924741d,0x98452a7b,
-        0xee389088,0xe6d4a7ad },
-      { 0x4593c75d,0x60552ed1,0xdd271162,0x70a70da4,0x7ba2c7db,0xd2aede93,
-        0x9be2ae57,0x35dfaf9a } },
-    /* 46 */
-    { { 0xaa736636,0x6b956fcd,0xae2cab7e,0x09f51d97,0x0f349966,0xfb10bf41,
-        0x1c830d2b,0x1da5c7d7 },
-      { 0x3cce6825,0x5c41e483,0xf9573c3b,0x15ad118f,0xf23036b8,0xa28552c7,
-        0xdbf4b9d6,0x7077c0fd } },
-    /* 47 */
-    { { 0x46b9661c,0xbf63ff8d,0x0d2cfd71,0xa1dfd36b,0xa847f8f7,0x0373e140,
-        0xe50efe44,0x53a8632e },
-      { 0x696d8051,0x0976ff68,0xc74f468a,0xdaec0c95,0x5e4e26bd,0x62994dc3,
-        0x34e1fcc1,0x028ca76d } },
-    /* 48 */
-    { { 0xfc9877ee,0xd11d47dc,0x801d0002,0xc8b36210,0x54c260b6,0xd002c117,
-        0x6962f046,0x04c17cd8 },
-      { 0xb0daddf5,0x6d9bd094,0x24ce55c0,0xbea23575,0x72da03b5,0x663356e6,
-        0xfed97474,0xf7ba4de9 } },
-    /* 49 */
-    { { 0xebe1263f,0xd0dbfa34,0x71ae7ce6,0x55763735,0x82a6f523,0xd2440553,
-        0x52131c41,0xe31f9600 },
-      { 0xea6b6ec6,0xd1bb9216,0x73c2fc44,0x37a1d12e,0x89d0a294,0xc10e7eac,
-        0xce34d47b,0xaa3a6259 } },
-    /* 50 */
-    { { 0x36f3dcd3,0xfbcf9df5,0xd2bf7360,0x6ceded50,0xdf504f5b,0x491710fa,
-        0x7e79daee,0x2398dd62 },
-      { 0x6d09569e,0xcf4705a3,0x5149f769,0xea0619bb,0x35f6034c,0xff9c0377,
-        0x1c046210,0x5717f5b2 } },
-    /* 51 */
-    { { 0x21dd895e,0x9fe229c9,0x40c28451,0x8e518500,0x1d637ecd,0xfa13d239,
-        0x0e3c28de,0x660a2c56 },
-      { 0xd67fcbd0,0x9cca88ae,0x0ea9f096,0xc8472478,0x72e92b4d,0x32b2f481,
-        0x4f522453,0x624ee54c } },
-    /* 52 */
-    { { 0xd897eccc,0x09549ce4,0x3f9880aa,0x4d49d1d9,0x043a7c20,0x723c2423,
-        0x92bdfbc0,0x4f392afb },
-      { 0x7de44fd9,0x6969f8fa,0x57b32156,0xb66cfbe4,0x368ebc3c,0xdb2fa803,
-        0xccdb399c,0x8a3e7977 } },
-    /* 53 */
-    { { 0x06c4b125,0xdde1881f,0xf6e3ca8c,0xae34e300,0x5c7a13e9,0xef6999de,
-        0x70c24404,0x3888d023 },
-      { 0x44f91081,0x76280356,0x5f015504,0x3d9fcf61,0x632cd36e,0x1827edc8,
-        0x18102336,0xa5e62e47 } },
-    /* 54 */
-    { { 0x2facd6c8,0x1a825ee3,0x54bcbc66,0x699c6354,0x98df9931,0x0ce3edf7,
-        0x466a5adc,0x2c4768e6 },
-      { 0x90a64bc9,0xb346ff8c,0xe4779f5c,0x630a6020,0xbc05e884,0xd949d064,
-        0xf9e652a0,0x7b5e6441 } },
-    /* 55 */
-    { { 0x1d28444a,0x2169422c,0xbe136a39,0xe996c5d8,0xfb0c7fce,0x2387afe5,
-        0x0c8d744a,0xb8af73cb },
-      { 0x338b86fd,0x5fde83aa,0xa58a5cff,0xfee3f158,0x20ac9433,0xc9ee8f6f,
-        0x7f3f0895,0xa036395f } },
-    /* 56 */
-    { { 0xa10f7770,0x8c73c6bb,0xa12a0e24,0xa6f16d81,0x51bc2b9f,0x100df682,
-        0x875fb533,0x4be36b01 },
-      { 0x9fb56dbb,0x9226086e,0x07e7a4f8,0x306fef8b,0x66d52f20,0xeeaccc05,
-        0x1bdc00c0,0x8cbc9a87 } },
-    /* 57 */
-    { { 0xc0dac4ab,0xe131895c,0x712ff112,0xa874a440,0x6a1cee57,0x6332ae7c,
-        0x0c0835f8,0x44e7553e },
-      { 0x7734002d,0x6d503fff,0x0b34425c,0x9d35cb8b,0x0e8738b5,0x95f70276,
-        0x5eb8fc18,0x470a683a } },
-    /* 58 */
-    { { 0x90513482,0x81b761dc,0x01e9276a,0x0287202a,0x0ce73083,0xcda441ee,
-        0xc63dc6ef,0x16410690 },
-      { 0x6d06a2ed,0xf5034a06,0x189b100b,0xdd4d7745,0xab8218c9,0xd914ae72,
-        0x7abcbb4f,0xd73479fd } },
-    /* 59 */
-    { { 0x5ad4c6e5,0x7edefb16,0x5b06d04d,0x262cf08f,0x8575cb14,0x12ed5bb1,
-        0x0771666b,0x816469e3 },
-      { 0x561e291e,0xd7ab9d79,0xc1de1661,0xeb9daf22,0x135e0513,0xf49827eb,
-        0xf0dd3f9c,0x0a36dd23 } },
-    /* 60 */
-    { { 0x41d5533c,0x098d32c7,0x8684628f,0x7c5f5a9e,0xe349bd11,0x39a228ad,
-        0xfdbab118,0xe331dfd6 },
-      { 0x6bcc6ed8,0x5100ab68,0xef7a260e,0x7160c3bd,0xbce850d7,0x9063d9a7,
-        0x492e3389,0xd3b4782a } },
-    /* 61 */
-    { { 0xf3821f90,0xa149b6e8,0x66eb7aad,0x92edd9ed,0x1a013116,0x0bb66953,
-        0x4c86a5bd,0x7281275a },
-      { 0xd3ff47e5,0x503858f7,0x61016441,0x5e1616bc,0x7dfd9bb1,0x62b0f11a,
-        0xce145059,0x2c062e7e } },
-    /* 62 */
-    { { 0x0159ac2e,0xa76f996f,0xcbdb2713,0x281e7736,0x08e46047,0x2ad6d288,
-        0x2c4e7ef1,0x282a35f9 },
-      { 0xc0ce5cd2,0x9c354b1e,0x1379c229,0xcf99efc9,0x3e82c11e,0x992caf38,
-        0x554d2abd,0xc71cd513 } },
-    /* 63 */
-    { { 0x09b578f4,0x4885de9c,0xe3affa7a,0x1884e258,0x59182f1f,0x8f76b1b7,
-        0xcf47f3a3,0xc50f6740 },
-      { 0x374b68ea,0xa9c4adf3,0x69965fe2,0xa406f323,0x85a53050,0x2f86a222,
-        0x212958dc,0xb9ecb3a7 } },
-    /* 64 */
-    { { 0xf4f8b16a,0x56f8410e,0xc47b266a,0x97241afe,0x6d9c87c1,0x0a406b8e,
-        0xcd42ab1b,0x803f3e02 },
-      { 0x04dbec69,0x7f0309a8,0x3bbad05f,0xa83b85f7,0xad8e197f,0xc6097273,
-        0x5067adc1,0xc097440e } },
-    /* 65 */
-    { { 0xc379ab34,0x846a56f2,0x841df8d1,0xa8ee068b,0x176c68ef,0x20314459,
-        0x915f1f30,0xf1af32d5 },
-      { 0x5d75bd50,0x99c37531,0xf72f67bc,0x837cffba,0x48d7723f,0x0613a418,
-        0xe2d41c8b,0x23d0f130 } },
-    /* 66 */
-    { { 0xf41500d9,0x857ab6ed,0xfcbeada8,0x0d890ae5,0x89725951,0x52fe8648,
-        0xc0a3fadd,0xb0288dd6 },
-      { 0x650bcb08,0x85320f30,0x695d6e16,0x71af6313,0xb989aa76,0x31f520a7,
-        0xf408c8d2,0xffd3724f } },
-    /* 67 */
-    { { 0xb458e6cb,0x53968e64,0x317a5d28,0x992dad20,0x7aa75f56,0x3814ae0b,
-        0xd78c26df,0xf5590f4a },
-      { 0xcf0ba55a,0x0fc24bd3,0x0c778bae,0x0fc4724a,0x683b674a,0x1ce9864f,
-        0xf6f74a20,0x18d6da54 } },
-    /* 68 */
-    { { 0xd5be5a2b,0xed93e225,0x5934f3c6,0x6fe79983,0x22626ffc,0x43140926,
-        0x7990216a,0x50bbb4d9 },
-      { 0xe57ec63e,0x378191c6,0x181dcdb2,0x65422c40,0x0236e0f6,0x41a8099b,
-        0x01fe49c3,0x2b100118 } },
-    /* 69 */
-    { { 0x9b391593,0xfc68b5c5,0x598270fc,0xc385f5a2,0xd19adcbb,0x7144f3aa,
-        0x83fbae0c,0xdd558999 },
-      { 0x74b82ff4,0x93b88b8e,0x71e734c9,0xd2e03c40,0x43c0322a,0x9a7a9eaf,
-        0x149d6041,0xe6e4c551 } },
-    /* 70 */
-    { { 0x1e9af288,0x55f655bb,0xf7ada931,0x647e1a64,0xcb2820e5,0x43697e4b,
-        0x07ed56ff,0x51e00db1 },
-      { 0x771c327e,0x43d169b8,0x4a96c2ad,0x29cdb20b,0x3deb4779,0xc07d51f5,
-        0x49829177,0xe22f4241 } },
-    /* 71 */
-    { { 0x635f1abb,0xcd45e8f4,0x68538874,0x7edc0cb5,0xb5a8034d,0xc9472c1f,
-        0x52dc48c9,0xf709373d },
-      { 0xa8af30d6,0x401966bb,0xf137b69c,0x95bf5f4a,0x9361c47e,0x3966162a,
-        0xe7275b11,0xbd52d288 } },
-    /* 72 */
-    { { 0x9c5fa877,0xab155c7a,0x7d3a3d48,0x17dad672,0x73d189d8,0x43f43f9e,
-        0xc8aa77a6,0xa0d0f8e4 },
-      { 0xcc94f92d,0x0bbeafd8,0x0c4ddb3a,0xd818c8be,0xb82eba14,0x22cc65f8,
-        0x946d6a00,0xa56c78c7 } },
-    /* 73 */
-    { { 0x0dd09529,0x2962391b,0x3daddfcf,0x803e0ea6,0x5b5bf481,0x2c77351f,
-        0x731a367a,0xd8befdf8 },
-      { 0xfc0157f4,0xab919d42,0xfec8e650,0xf51caed7,0x02d48b0a,0xcdf9cb40,
-        0xce9f6478,0x854a68a5 } },
-    /* 74 */
-    { { 0x63506ea5,0xdc35f67b,0xa4fe0d66,0x9286c489,0xfe95cd4d,0x3f101d3b,
-        0x98846a95,0x5cacea0b },
-      { 0x9ceac44d,0xa90df60c,0x354d1c3a,0x3db29af4,0xad5dbabe,0x08dd3de8,
-        0x35e4efa9,0xe4982d12 } },
-    /* 75 */
-    { { 0xc34cd55e,0x23104a22,0x2680d132,0x58695bb3,0x1fa1d943,0xfb345afa,
-        0x16b20499,0x8046b7f6 },
-      { 0x38e7d098,0xb533581e,0xf46f0b70,0xd7f61e8d,0x44cb78c4,0x30dea9ea,
-        0x9082af55,0xeb17ca7b } },
-    /* 76 */
-    { { 0x76a145b9,0x1751b598,0xc1bc71ec,0xa5cf6b0f,0x392715bb,0xd3e03565,
-        0xfab5e131,0x097b00ba },
-      { 0x565f69e1,0xaa66c8e9,0xb5be5199,0x77e8f75a,0xda4fd984,0x6033ba11,
-        0xafdbcc9e,0xf95c747b } },
-    /* 77 */
-    { { 0xbebae45e,0x558f01d3,0xc4bc6955,0xa8ebe9f0,0xdbc64fc6,0xaeb705b1,
-        0x566ed837,0x3512601e },
-      { 0xfa1161cd,0x9336f1e1,0x4c65ef87,0x328ab8d5,0x724f21e5,0x4757eee2,
-        0x6068ab6b,0x0ef97123 } },
-    /* 78 */
-    { { 0x54ca4226,0x02598cf7,0xf8642c8e,0x5eede138,0x468e1790,0x48963f74,
-        0x3b4fbc95,0xfc16d933 },
-      { 0xe7c800ca,0xbe96fb31,0x2678adaa,0x13806331,0x6ff3e8b5,0x3d624497,
-        0xb95d7a17,0x14ca4af1 } },
-    /* 79 */
-    { { 0xbd2f81d5,0x7a4771ba,0x01f7d196,0x1a5f9d69,0xcad9c907,0xd898bef7,
-        0xf59c231d,0x4057b063 },
-      { 0x89c05c0a,0xbffd82fe,0x1dc0df85,0xe4911c6f,0xa35a16db,0x3befccae,
-        0xf1330b13,0x1c3b5d64 } },
-    /* 80 */
-    { { 0x80ec21fe,0x5fe14bfe,0xc255be82,0xf6ce116a,0x2f4a5d67,0x98bc5a07,
-        0xdb7e63af,0xfad27148 },
-      { 0x29ab05b3,0x90c0b6ac,0x4e251ae6,0x37a9a83c,0xc2aade7d,0x0a7dc875,
-        0x9f0e1a84,0x77387de3 } },
-    /* 81 */
-    { { 0xa56c0dd7,0x1e9ecc49,0x46086c74,0xa5cffcd8,0xf505aece,0x8f7a1408,
-        0xbef0c47e,0xb37b85c0 },
-      { 0xcc0e6a8f,0x3596b6e4,0x6b388f23,0xfd6d4bbf,0xc39cef4e,0xaba453fa,
-        0xf9f628d5,0x9c135ac8 } },
-    /* 82 */
-    { { 0x84e35743,0x32aa3202,0x85a3cdef,0x320d6ab1,0x1df19819,0xb821b176,
-        0xc433851f,0x5721361f },
-      { 0x71fc9168,0x1f0db36a,0x5e5c403c,0x5f98ba73,0x37bcd8f5,0xf64ca87e,
-        0xe6bb11bd,0xdcbac3c9 } },
-    /* 83 */
-    { { 0x4518cbe2,0xf01d9968,0x9c9eb04e,0xd242fc18,0xe47feebf,0x727663c7,
-        0x2d626862,0xb8c1c89e },
-      { 0xc8e1d569,0x51a58bdd,0xb7d88cd0,0x563809c8,0xf11f31eb,0x26c27fd9,
-        0x2f9422d4,0x5d23bbda } },
-    /* 84 */
-    { { 0x95c8f8be,0x0a1c7294,0x3bf362bf,0x2961c480,0xdf63d4ac,0x9e418403,
-        0x91ece900,0xc109f9cb },
-      { 0x58945705,0xc2d095d0,0xddeb85c0,0xb9083d96,0x7a40449b,0x84692b8d,
-        0x2eee1ee1,0x9bc3344f } },
-    /* 85 */
-    { { 0x42913074,0x0d5ae356,0x48a542b1,0x55491b27,0xb310732a,0x469ca665,
-        0x5f1a4cc1,0x29591d52 },
-      { 0xb84f983f,0xe76f5b6b,0x9f5f84e1,0xbe7eef41,0x80baa189,0x1200d496,
-        0x18ef332c,0x6376551f } },
-    /* 86 */
-    { { 0x562976cc,0xbda5f14e,0x0ef12c38,0x22bca3e6,0x6cca9852,0xbbfa3064,
-        0x08e2987a,0xbdb79dc8 },
-      { 0xcb06a772,0xfd2cb5c9,0xfe536dce,0x38f475aa,0x7c2b5db8,0xc2a3e022,
-        0xadd3c14a,0x8ee86001 } },
-    /* 87 */
-    { { 0xa4ade873,0xcbe96981,0xc4fba48c,0x7ee9aa4d,0x5a054ba5,0x2cee2899,
-        0x6f77aa4b,0x92e51d7a },
-      { 0x7190a34d,0x948bafa8,0xf6bd1ed1,0xd698f75b,0x0caf1144,0xd00ee6e3,
-        0x0a56aaaa,0x5182f86f } },
-    /* 88 */
-    { { 0x7a4cc99c,0xfba6212c,0x3e6d9ca1,0xff609b68,0x5ac98c5a,0x5dbb27cb,
-        0x4073a6f2,0x91dcab5d },
-      { 0x5f575a70,0x01b6cc3d,0x6f8d87fa,0x0cb36139,0x89981736,0x165d4e8c,
-        0x97974f2b,0x17a0cedb } },
-    /* 89 */
-    { { 0x076c8d3a,0x38861e2a,0x210f924b,0x701aad39,0x13a835d9,0x94d0eae4,
-        0x7f4cdf41,0x2e8ce36c },
-      { 0x037a862b,0x91273dab,0x60e4c8fa,0x01ba9bb7,0x33baf2dd,0xf9645388,
-        0x34f668f3,0xf4ccc6cb } },
-    /* 90 */
-    { { 0xf1f79687,0x44ef525c,0x92efa815,0x7c595495,0xa5c78d29,0xe1231741,
-        0x9a0df3c9,0xac0db488 },
-      { 0xdf01747f,0x86bfc711,0xef17df13,0x592b9358,0x5ccb6bb5,0xe5880e4f,
-        0x94c974a2,0x95a64a61 } },
-    /* 91 */
-    { { 0xc15a4c93,0x72c1efda,0x82585141,0x40269b73,0x16cb0bad,0x6a8dfb1c,
-        0x29210677,0x231e54ba },
-      { 0x8ae6d2dc,0xa70df917,0x39112918,0x4d6aa63f,0x5e5b7223,0xf627726b,
-        0xd8a731e1,0xab0be032 } },
-    /* 92 */
-    { { 0x8d131f2d,0x097ad0e9,0x3b04f101,0x637f09e3,0xd5e9a748,0x1ac86196,
-        0x2cf6a679,0xf1bcc880 },
-      { 0xe8daacb4,0x25c69140,0x60f65009,0x3c4e4055,0x477937a6,0x591cc8fc,
-        0x5aebb271,0x85169469 } },
-    /* 93 */
-    { { 0xf1dcf593,0xde35c143,0xb018be3b,0x78202b29,0x9bdd9d3d,0xe9cdadc2,
-        0xdaad55d8,0x8f67d9d2 },
-      { 0x7481ea5f,0x84111656,0xe34c590c,0xe7d2dde9,0x05053fa8,0xffdd43f4,
-        0xc0728b5d,0xf84572b9 } },
-    /* 94 */
-    { { 0x97af71c9,0x5e1a7a71,0x7a736565,0xa1449444,0x0e1d5063,0xa1b4ae07,
-        0x616b2c19,0xedee2710 },
-      { 0x11734121,0xb2f034f5,0x4a25e9f0,0x1cac6e55,0xa40c2ecf,0x8dc148f3,
-        0x44ebd7f4,0x9fd27e9b } },
-    /* 95 */
-    { { 0xf6e2cb16,0x3cc7658a,0xfe5919b6,0xe3eb7d2c,0x168d5583,0x5a8c5816,
-        0x958ff387,0xa40c2fb6 },
-      { 0xfedcc158,0x8c9ec560,0x55f23056,0x7ad804c6,0x9a307e12,0xd9396704,
-        0x7dc6decf,0x99bc9bb8 } },
-    /* 96 */
-    { { 0x927dafc6,0x84a9521d,0x5c09cd19,0x52c1fb69,0xf9366dde,0x9d9581a0,
-        0xa16d7e64,0x9abe210b },
-      { 0x48915220,0x480af84a,0x4dd816c6,0xfa73176a,0x1681ca5a,0xc7d53987,
-        0x87f344b0,0x7881c257 } },
-    /* 97 */
-    { { 0xe0bcf3ff,0x93399b51,0x127f74f6,0x0d02cbc5,0xdd01d968,0x8fb465a2,
-        0xa30e8940,0x15e6e319 },
-      { 0x3e0e05f4,0x646d6e0d,0x43588404,0xfad7bddc,0xc4f850d3,0xbe61c7d1,
-        0x191172ce,0x0e55facf } },
-    /* 98 */
-    { { 0xf8787564,0x7e9d9806,0x31e85ce6,0x1a331721,0xb819e8d6,0x6b0158ca,
-        0x6fe96577,0xd73d0976 },
-      { 0x1eb7206e,0x42483425,0xc618bb42,0xa519290f,0x5e30a520,0x5dcbb859,
-        0x8f15a50b,0x9250a374 } },
-    /* 99 */
-    { { 0xbe577410,0xcaff08f8,0x5077a8c6,0xfd408a03,0xec0a63a4,0xf1f63289,
-        0xc1cc8c0b,0x77414082 },
-      { 0xeb0991cd,0x05a40fa6,0x49fdc296,0xc1ca0866,0xb324fd40,0x3a68a3c7,
-        0x12eb20b9,0x8cb04f4d } },
-    /* 100 */
-    { { 0x6906171c,0xb1c2d055,0xb0240c3f,0x9073e9cd,0xd8906841,0xdb8e6b4f,
-        0x47123b51,0xe4e429ef },
-      { 0x38ec36f4,0x0b8dd53c,0xff4b6a27,0xf9d2dc01,0x879a9a48,0x5d066e07,
-        0x3c6e6552,0x37bca2ff } },
-    /* 101 */
-    { { 0xdf562470,0x4cd2e3c7,0xc0964ac9,0x44f272a2,0x80c793be,0x7c6d5df9,
-        0x3002b22a,0x59913edc },
-      { 0x5750592a,0x7a139a83,0xe783de02,0x99e01d80,0xea05d64f,0xcf8c0375,
-        0xb013e226,0x43786e4a } },
-    /* 102 */
-    { { 0x9e56b5a6,0xff32b0ed,0xd9fc68f9,0x0750d9a6,0x597846a7,0xec15e845,
-        0xb7e79e7a,0x8638ca98 },
-      { 0x0afc24b2,0x2f5ae096,0x4dace8f2,0x05398eaf,0xaecba78f,0x3b765dd0,
-        0x7b3aa6f0,0x1ecdd36a } },
-    /* 103 */
-    { { 0x6c5ff2f3,0x5d3acd62,0x2873a978,0xa2d516c0,0xd2110d54,0xad94c9fa,
-        0xd459f32d,0xd85d0f85 },
-      { 0x10b11da3,0x9f700b8d,0xa78318c4,0xd2c22c30,0x9208decd,0x556988f4,
-        0xb4ed3c62,0xa04f19c3 } },
-    /* 104 */
-    { { 0xed7f93bd,0x087924c8,0x392f51f6,0xcb64ac5d,0x821b71af,0x7cae330a,
-        0x5c0950b0,0x92b2eeea },
-      { 0x85b6e235,0x85ac4c94,0x2936c0f0,0xab2ca4a9,0xe0508891,0x80faa6b3,
-        0x5834276c,0x1ee78221 } },
-    /* 105 */
-    { { 0xe63e79f7,0xa60a2e00,0xf399d906,0xf590e7b2,0x6607c09d,0x9021054a,
-        0x57a6e150,0xf3f2ced8 },
-      { 0xf10d9b55,0x200510f3,0xd8642648,0x9d2fcfac,0xe8bd0e7c,0xe5631aa7,
-        0x3da3e210,0x0f56a454 } },
-    /* 106 */
-    { { 0x1043e0df,0x5b21bffa,0x9c007e6d,0x6c74b6cc,0xd4a8517a,0x1a656ec0,
-        0x1969e263,0xbd8f1741 },
-      { 0xbeb7494a,0x8a9bbb86,0x45f3b838,0x1567d46f,0xa4e5a79a,0xdf7a12a7,
-        0x30ccfa09,0x2d1a1c35 } },
-    /* 107 */
-    { { 0x506508da,0x192e3813,0xa1d795a7,0x336180c4,0x7a9944b3,0xcddb5949,
-        0xb91fba46,0xa107a65e },
-      { 0x0f94d639,0xe6d1d1c5,0x8a58b7d7,0x8b4af375,0xbd37ca1c,0x1a7c5584,
-        0xf87a9af2,0x183d760a } },
-    /* 108 */
-    { { 0x0dde59a4,0x29d69711,0x0e8bef87,0xf1ad8d07,0x4f2ebe78,0x229b4963,
-        0xc269d754,0x1d44179d },
-      { 0x8390d30e,0xb32dc0cf,0x0de8110c,0x0a3b2753,0x2bc0339a,0x31af1dc5,
-        0x9606d262,0x771f9cc2 } },
-    /* 109 */
-    { { 0x85040739,0x99993e77,0x8026a939,0x44539db9,0xf5f8fc26,0xcf40f6f2,
-        0x0362718e,0x64427a31 },
-      { 0x85428aa8,0x4f4f2d87,0xebfb49a8,0x7b7adc3f,0xf23d01ac,0x201b2c6d,
-        0x6ae90d6d,0x49d9b749 } },
-    /* 110 */
-    { { 0x435d1099,0xcc78d8bc,0x8e8d1a08,0x2adbcd4e,0x2cb68a41,0x02c2e2a0,
-        0x3f605445,0x9037d81b },
-      { 0x074c7b61,0x7cdbac27,0x57bfd72e,0xfe2031ab,0x596d5352,0x61ccec96,
-        0x7cc0639c,0x08c3de6a } },
-    /* 111 */
-    { { 0xf6d552ab,0x20fdd020,0x05cd81f1,0x56baff98,0x91351291,0x06fb7c3e,
-        0x45796b2f,0xc6909442 },
-      { 0x41231bd1,0x17b3ae9c,0x5cc58205,0x1eac6e87,0xf9d6a122,0x208837ab,
-        0xcafe3ac0,0x3fa3db02 } },
-    /* 112 */
-    { { 0x05058880,0xd75a3e65,0x643943f2,0x7da365ef,0xfab24925,0x4147861c,
-        0xfdb808ff,0xc5c4bdb0 },
-      { 0xb272b56b,0x73513e34,0x11b9043a,0xc8327e95,0xf8844969,0xfd8ce37d,
-        0x46c2b6b5,0x2d56db94 } },
-    /* 113 */
-    { { 0xff46ac6b,0x2461782f,0x07a2e425,0xd19f7926,0x09a48de1,0xfafea3c4,
-        0xe503ba42,0x0f56bd9d },
-      { 0x345cda49,0x137d4ed1,0x816f299d,0x821158fc,0xaeb43402,0xe7c6a54a,
-        0x1173b5f1,0x4003bb9d } },
-    /* 114 */
-    { { 0xa0803387,0x3b8e8189,0x39cbd404,0xece115f5,0xd2877f21,0x4297208d,
-        0xa07f2f9e,0x53765522 },
-      { 0xa8a4182d,0xa4980a21,0x3219df79,0xa2bbd07a,0x1a19a2d4,0x674d0a2e,
-        0x6c5d4549,0x7a056f58 } },
-    /* 115 */
-    { { 0x9d8a2a47,0x646b2558,0xc3df2773,0x5b582948,0xabf0d539,0x51ec000e,
-        0x7a1a2675,0x77d482f1 },
-      { 0x87853948,0xb8a1bd95,0x6cfbffee,0xa6f817bd,0x80681e47,0xab6ec057,
-        0x2b38b0e4,0x4115012b } },
-    /* 116 */
-    { { 0x6de28ced,0x3c73f0f4,0x9b13ec47,0x1d5da760,0x6e5c6392,0x61b8ce9e,
-        0xfbea0946,0xcdf04572 },
-      { 0x6c53c3b0,0x1cb3c58b,0x447b843c,0x97fe3c10,0x2cb9780e,0xfb2b8ae1,
-        0x97383109,0xee703dda } },
-    /* 117 */
-    { { 0xff57e43a,0x34515140,0xb1b811b8,0xd44660d3,0x8f42b986,0x2b3b5dff,
-        0xa162ce21,0x2a0ad89d },
-      { 0x6bc277ba,0x64e4a694,0xc141c276,0xc788c954,0xcabf6274,0x141aa64c,
-        0xac2b4659,0xd62d0b67 } },
-    /* 118 */
-    { { 0x2c054ac4,0x39c5d87b,0xf27df788,0x57005859,0xb18128d6,0xedf7cbf3,
-        0x991c2426,0xb39a23f2 },
-      { 0xf0b16ae5,0x95284a15,0xa136f51b,0x0c6a05b1,0xf2700783,0x1d63c137,
-        0xc0674cc5,0x04ed0092 } },
-    /* 119 */
-    { { 0x9ae90393,0x1f4185d1,0x4a3d64e6,0x3047b429,0x9854fc14,0xae0001a6,
-        0x0177c387,0xa0a91fc1 },
-      { 0xae2c831e,0xff0a3f01,0x2b727e16,0xbb76ae82,0x5a3075b4,0x8f12c8a1,
-        0x9ed20c41,0x084cf988 } },
-    /* 120 */
-    { { 0xfca6becf,0xd98509de,0x7dffb328,0x2fceae80,0x4778e8b9,0x5d8a15c4,
-        0x73abf77e,0xd57955b2 },
-      { 0x31b5d4f1,0x210da79e,0x3cfa7a1c,0xaa52f04b,0xdc27c20b,0xd4d12089,
-        0x02d141f1,0x8e14ea42 } },
-    /* 121 */
-    { { 0xf2897042,0xeed50345,0x43402c4a,0x8d05331f,0xc8bdfb21,0xc8d9c194,
-        0x2aa4d158,0x597e1a37 },
-      { 0xcf0bd68c,0x0327ec1a,0xab024945,0x6d4be0dc,0xc9fe3e84,0x5b9c8d7a,
-        0x199b4dea,0xca3f0236 } },
-    /* 122 */
-    { { 0x6170bd20,0x592a10b5,0x6d3f5de7,0x0ea897f1,0x44b2ade2,0xa3363ff1,
-        0x309c07e4,0xbde7fd7e },
-      { 0xb8f5432c,0x516bb6d2,0xe043444b,0x210dc1cb,0xf8f95b5a,0x3db01e6f,
-        0x0a7dd198,0xb623ad0e } },
-    /* 123 */
-    { { 0x60c7b65b,0xa75bd675,0x23a4a289,0xab8c5590,0xd7b26795,0xf8220fd0,
-        0x58ec137b,0xd6aa2e46 },
-      { 0x5138bb85,0x10abc00b,0xd833a95c,0x8c31d121,0x1702a32e,0xb24ff00b,
-        0x2dcc513a,0x111662e0 } },
-    /* 124 */
-    { { 0xefb42b87,0x78114015,0x1b6c4dff,0xbd9f5d70,0xa7d7c129,0x66ecccd7,
-        0x94b750f8,0xdb3ee1cb },
-      { 0xf34837cf,0xb26f3db0,0xb9578d4f,0xe7eed18b,0x7c56657d,0x5d2cdf93,
-        0x52206a59,0x886a6442 } },
-    /* 125 */
-    { { 0x65b569ea,0x3c234cfb,0xf72119c1,0x20011141,0xa15a619e,0x8badc85d,
-        0x018a17bc,0xa70cf4eb },
-      { 0x8c4a6a65,0x224f97ae,0x0134378f,0x36e5cf27,0x4f7e0960,0xbe3a609e,
-        0xd1747b77,0xaa4772ab } },
-    /* 126 */
-    { { 0x7aa60cc0,0x67676131,0x0368115f,0xc7916361,0xbbc1bb5a,0xded98bb4,
-        0x30faf974,0x611a6ddc },
-      { 0xc15ee47a,0x30e78cbc,0x4e0d96a5,0x2e896282,0x3dd9ed88,0x36f35adf,
-        0x16429c88,0x5cfffaf8 } },
-    /* 127 */
-    { { 0x9b7a99cd,0xc0d54cff,0x843c45a1,0x7bf3b99d,0x62c739e1,0x038a908f,
-        0x7dc1994c,0x6e5a6b23 },
-      { 0x0ba5db77,0xef8b454e,0xacf60d63,0xb7b8807f,0x76608378,0xe591c0c6,
-        0x242dabcc,0x481a238d } },
-    /* 128 */
-    { { 0x35d0b34a,0xe3417bc0,0x8327c0a7,0x440b386b,0xac0362d1,0x8fb7262d,
-        0xe0cdf943,0x2c41114c },
-      { 0xad95a0b1,0x2ba5cef1,0x67d54362,0xc09b37a8,0x01e486c9,0x26d6cdd2,
-        0x42ff9297,0x20477abf } },
-    /* 129 */
-    { { 0x18d65dbf,0x2f75173c,0x339edad8,0x77bf940e,0xdcf1001c,0x7022d26b,
-        0xc77396b6,0xac66409a },
-      { 0xc6261cc3,0x8b0bb36f,0x190e7e90,0x213f7bc9,0xa45e6c10,0x6541ceba,
-        0xcc122f85,0xce8e6975 } },
-    /* 130 */
-    { { 0xbc0a67d2,0x0f121b41,0x444d248a,0x62d4760a,0x659b4737,0x0e044f1d,
-        0x250bb4a8,0x08fde365 },
-      { 0x848bf287,0xaceec3da,0xd3369d6e,0xc2a62182,0x92449482,0x3582dfdc,
-        0x565d6cd7,0x2f7e2fd2 } },
-    /* 131 */
-    { { 0xc3770fa7,0xae4b92db,0x379043f9,0x095e8d5c,0x17761171,0x54f34e9d,
-        0x907702ae,0xc65be92e },
-      { 0xf6fd0a40,0x2758a303,0xbcce784b,0xe7d822e3,0x4f9767bf,0x7ae4f585,
-        0xd1193b3a,0x4bff8e47 } },
-    /* 132 */
-    { { 0x00ff1480,0xcd41d21f,0x0754db16,0x2ab8fb7d,0xbbe0f3ea,0xac81d2ef,
-        0x5772967d,0x3e4e4ae6 },
-      { 0x3c5303e6,0x7e18f36d,0x92262397,0x3bd9994b,0x1324c3c0,0x9ed70e26,
-        0x58ec6028,0x5388aefd } },
-    /* 133 */
-    { { 0x5e5d7713,0xad1317eb,0x75de49da,0x09b985ee,0xc74fb261,0x32f5bc4f,
-        0x4f75be0e,0x5cf908d1 },
-      { 0x8e657b12,0x76043510,0xb96ed9e6,0xbfd421a5,0x8970ccc2,0x0e29f51f,
-        0x60f00ce2,0xa698ba40 } },
-    /* 134 */
-    { { 0xef748fec,0x73db1686,0x7e9d2cf9,0xe6e755a2,0xce265eff,0x630b6544,
-        0x7aebad8d,0xb142ef8a },
-      { 0x17d5770a,0xad31af9f,0x2cb3412f,0x66af3b67,0xdf3359de,0x6bd60d1b,
-        0x58515075,0xd1896a96 } },
-    /* 135 */
-    { { 0x33c41c08,0xec5957ab,0x5468e2e1,0x87de94ac,0xac472f6c,0x18816b73,
-        0x7981da39,0x267b0e0b },
-      { 0x8e62b988,0x6e554e5d,0x116d21e7,0xd8ddc755,0x3d2a6f99,0x4610faf0,
-        0xa1119393,0xb54e287a } },
-    /* 136 */
-    { { 0x178a876b,0x0a0122b5,0x085104b4,0x51ff96ff,0x14f29f76,0x050b31ab,
-        0x5f87d4e6,0x84abb28b },
-      { 0x8270790a,0xd5ed439f,0x85e3f46b,0x2d6cb59d,0x6c1e2212,0x75f55c1b,
-        0x17655640,0xe5436f67 } },
-    /* 137 */
-    { { 0x2286e8d5,0x53f9025e,0x864453be,0x353c95b4,0xe408e3a0,0xd832f5bd,
-        0x5b9ce99e,0x0404f68b },
-      { 0xa781e8e5,0xcad33bde,0x163c2f5b,0x3cdf5018,0x0119caa3,0x57576960,
-        0x0ac1c701,0x3a4263df } },
-    /* 138 */
-    { { 0x9aeb596d,0xc2965ecc,0x023c92b4,0x01ea03e7,0x2e013961,0x4704b4b6,
-        0x905ea367,0x0ca8fd3f },
-      { 0x551b2b61,0x92523a42,0x390fcd06,0x1eb7a89c,0x0392a63e,0xe7f1d2be,
-        0x4ddb0c33,0x96dca264 } },
-    /* 139 */
-    { { 0x387510af,0x203bb43a,0xa9a36a01,0x846feaa8,0x2f950378,0xd23a5770,
-        0x3aad59dc,0x4363e212 },
-      { 0x40246a47,0xca43a1c7,0xe55dd24d,0xb362b8d2,0x5d8faf96,0xf9b08604,
-        0xd8bb98c4,0x840e115c } },
-    /* 140 */
-    { { 0x1023e8a7,0xf12205e2,0xd8dc7a0b,0xc808a8cd,0x163a5ddf,0xe292a272,
-        0x30ded6d4,0x5e0d6abd },
-      { 0x7cfc0f64,0x07a721c2,0x0e55ed88,0x42eec01d,0x1d1f9db2,0x26a7bef9,
-        0x2945a25a,0x7dea48f4 } },
-    /* 141 */
-    { { 0xe5060a81,0xabdf6f1c,0xf8f95615,0xe79f9c72,0x06ac268b,0xcfd36c54,
-        0xebfd16d1,0xabc2a2be },
-      { 0xd3e2eac7,0x8ac66f91,0xd2dd0466,0x6f10ba63,0x0282d31b,0x6790e377,
-        0x6c7eefc1,0x4ea35394 } },
-    /* 142 */
-    { { 0x5266309d,0xed8a2f8d,0x81945a3e,0x0a51c6c0,0x578c5dc1,0xcecaf45a,
-        0x1c94ffc3,0x3a76e689 },
-      { 0x7d7b0d0f,0x9aace8a4,0x8f584a5f,0x963ace96,0x4e697fbe,0x51a30c72,
-        0x465e6464,0x8212a10a } },
-    /* 143 */
-    { { 0xcfab8caa,0xef7c61c3,0x0e142390,0x18eb8e84,0x7e9733ca,0xcd1dff67,
-        0x599cb164,0xaa7cab71 },
-      { 0xbc837bd1,0x02fc9273,0xc36af5d7,0xc06407d0,0xf423da49,0x17621292,
-        0xfe0617c3,0x40e38073 } },
-    /* 144 */
-    { { 0xa7bf9b7c,0xf4f80824,0x3fbe30d0,0x365d2320,0x97cf9ce3,0xbfbe5320,
-        0xb3055526,0xe3604700 },
-      { 0x6cc6c2c7,0x4dcb9911,0xba4cbee6,0x72683708,0x637ad9ec,0xdcded434,
-        0xa3dee15f,0x6542d677 } },
-    /* 145 */
-    { { 0x7b6c377a,0x3f32b6d0,0x903448be,0x6cb03847,0x20da8af7,0xd6fdd3a8,
-        0x09bb6f21,0xa6534aee },
-      { 0x1035facf,0x30a1780d,0x9dcb47e6,0x35e55a33,0xc447f393,0x6ea50fe1,
-        0xdc9aef22,0xf3cb672f } },
-    /* 146 */
-    { { 0x3b55fd83,0xeb3719fe,0x875ddd10,0xe0d7a46c,0x05cea784,0x33ac9fa9,
-        0xaae870e7,0x7cafaa2e },
-      { 0x1d53b338,0x9b814d04,0xef87e6c6,0xe0acc0a0,0x11672b0f,0xfb93d108,
-        0xb9bd522e,0x0aab13c1 } },
-    /* 147 */
-    { { 0xd2681297,0xddcce278,0xb509546a,0xcb350eb1,0x7661aaf2,0x2dc43173,
-        0x847012e9,0x4b91a602 },
-      { 0x72f8ddcf,0xdcff1095,0x9a911af4,0x08ebf61e,0xc372430e,0x48f4360a,
-        0x72321cab,0x49534c53 } },
-    /* 148 */
-    { { 0xf07b7e9d,0x83df7d71,0x13cd516f,0xa478efa3,0x6c047ee3,0x78ef264b,
-        0xd65ac5ee,0xcaf46c4f },
-      { 0x92aa8266,0xa04d0c77,0x913684bb,0xedf45466,0xae4b16b0,0x56e65168,
-        0x04c6770f,0x14ce9e57 } },
-    /* 149 */
-    { { 0x965e8f91,0x99445e3e,0xcb0f2492,0xd3aca1ba,0x90c8a0a0,0xd31cc70f,
-        0x3e4c9a71,0x1bb708a5 },
-      { 0x558bdd7a,0xd5ca9e69,0x018a26b1,0x734a0508,0x4c9cf1ec,0xb093aa71,
-        0xda300102,0xf9d126f2 } },
-    /* 150 */
-    { { 0xaff9563e,0x749bca7a,0xb49914a0,0xdd077afe,0xbf5f1671,0xe27a0311,
-        0x729ecc69,0x807afcb9 },
-      { 0xc9b08b77,0x7f8a9337,0x443c7e38,0x86c3a785,0x476fd8ba,0x85fafa59,
-        0x6568cd8c,0x751adcd1 } },
-    /* 151 */
-    { { 0x10715c0d,0x8aea38b4,0x8f7697f7,0xd113ea71,0x93fbf06d,0x665eab14,
-        0x2537743f,0x29ec4468 },
-      { 0xb50bebbc,0x3d94719c,0xe4505422,0x399ee5bf,0x8d2dedb1,0x90cd5b3a,
-        0x92a4077d,0xff9370e3 } },
-    /* 152 */
-    { { 0xc6b75b65,0x59a2d69b,0x266651c5,0x4188f8d5,0x3de9d7d2,0x28a9f33e,
-        0xa2a9d01a,0x9776478b },
-      { 0x929af2c7,0x8852622d,0x4e690923,0x334f5d6d,0xa89a51e9,0xce6cc7e5,
-        0xac2f82fa,0x74a6313f } },
-    /* 153 */
-    { { 0xb75f079c,0xb2f4dfdd,0x18e36fbb,0x85b07c95,0xe7cd36dd,0x1b6cfcf0,
-        0x0ff4863d,0xab75be15 },
-      { 0x173fc9b7,0x81b367c0,0xd2594fd0,0xb90a7420,0xc4091236,0x15fdbf03,
-        0x0b4459f6,0x4ebeac2e } },
-    /* 154 */
-    { { 0x5c9f2c53,0xeb6c5fe7,0x8eae9411,0xd2522011,0xf95ac5d8,0xc8887633,
-        0x2c1baffc,0xdf99887b },
-      { 0x850aaecb,0xbb78eed2,0x01d6a272,0x9d49181b,0xb1cdbcac,0x978dd511,
-        0x779f4058,0x27b040a7 } },
-    /* 155 */
-    { { 0xf73b2eb2,0x90405db7,0x8e1b2118,0xe0df8508,0x5962327e,0x501b7152,
-        0xe4cfa3f5,0xb393dd37 },
-      { 0x3fd75165,0xa1230e7b,0xbcd33554,0xd66344c2,0x0f7b5022,0x6c36f1be,
-        0xd0463419,0x09588c12 } },
-    /* 156 */
-    { { 0x02601c3b,0xe086093f,0xcf5c335f,0xfb0252f8,0x894aff28,0x955cf280,
-        0xdb9f648b,0x81c879a9 },
-      { 0xc6f56c51,0x040e687c,0x3f17618c,0xfed47169,0x9059353b,0x44f88a41,
-        0x5fc11bc4,0xfa0d48f5 } },
-    /* 157 */
-    { { 0xe1608e4d,0xbc6e1c9d,0x3582822c,0x010dda11,0x157ec2d7,0xf6b7ddc1,
-        0xb6a367d6,0x8ea0e156 },
-      { 0x2383b3b4,0xa354e02f,0x3f01f53c,0x69966b94,0x2de03ca5,0x4ff6632b,
-        0xfa00b5ac,0x3f5ab924 } },
-    /* 158 */
-    { { 0x59739efb,0x337bb0d9,0xe7ebec0d,0xc751b0f4,0x411a67d1,0x2da52dd6,
-        0x2b74256e,0x8bc76887 },
-      { 0x82d3d253,0xa5be3b72,0xf58d779f,0xa9f679a1,0xe16767bb,0xa1cac168,
-        0x60fcf34f,0xb386f190 } },
-    /* 159 */
-    { { 0x2fedcfc2,0x31f3c135,0x62f8af0d,0x5396bf62,0xe57288c2,0x9a02b4ea,
-        0x1b069c4d,0x4cb460f7 },
-      { 0x5b8095ea,0xae67b4d3,0x6fc07603,0x92bbf859,0xb614a165,0xe1475f66,
-        0x95ef5223,0x52c0d508 } },
-    /* 160 */
-    { { 0x15339848,0x231c210e,0x70778c8d,0xe87a28e8,0x6956e170,0x9d1de661,
-        0x2bb09c0b,0x4ac3c938 },
-      { 0x6998987d,0x19be0551,0xae09f4d6,0x8b2376c4,0x1a3f933d,0x1de0b765,
-        0xe39705f4,0x380d94c7 } },
-    /* 161 */
-    { { 0x81542e75,0x01a355aa,0xee01b9b7,0x96c724a1,0x624d7087,0x6b3a2977,
-        0xde2637af,0x2ce3e171 },
-      { 0xf5d5bc1a,0xcfefeb49,0x2777e2b5,0xa655607e,0x9513756c,0x4feaac2f,
-        0x0b624e4d,0x2e6cd852 } },
-    /* 162 */
-    { { 0x8c31c31d,0x3685954b,0x5bf21a0c,0x68533d00,0x75c79ec9,0x0bd7626e,
-        0x42c69d54,0xca177547 },
-      { 0xf6d2dbb2,0xcc6edaff,0x174a9d18,0xfd0d8cbd,0xaa4578e8,0x875e8793,
-        0x9cab2ce6,0xa976a713 } },
-    /* 163 */
-    { { 0x93fb353d,0x0a651f1b,0x57fcfa72,0xd75cab8b,0x31b15281,0xaa88cfa7,
-        0x0a1f4999,0x8720a717 },
-      { 0x693e1b90,0x8c3e8d37,0x16f6dfc3,0xd345dc0b,0xb52a8742,0x8ea8d00a,
-        0xc769893c,0x9719ef29 } },
-    /* 164 */
-    { { 0x58e35909,0x820eed8d,0x33ddc116,0x9366d8dc,0x6e205026,0xd7f999d0,
-        0xe15704c1,0xa5072976 },
-      { 0xc4e70b2e,0x002a37ea,0x6890aa8a,0x84dcf657,0x645b2a5c,0xcd71bf18,
-        0xf7b77725,0x99389c9d } },
-    /* 165 */
-    { { 0x7ada7a4b,0x238c08f2,0xfd389366,0x3abe9d03,0x766f512c,0x6b672e89,
-        0x202c82e4,0xa88806aa },
-      { 0xd380184e,0x6602044a,0x126a8b85,0xa8cb78c4,0xad844f17,0x79d670c0,
-        0x4738dcfe,0x0043bffb } },
-    /* 166 */
-    { { 0x36d5192e,0x8d59b5dc,0x4590b2af,0xacf885d3,0x11601781,0x83566d0a,
-        0xba6c4866,0x52f3ef01 },
-      { 0x0edcb64d,0x3986732a,0x8068379f,0x0a482c23,0x7040f309,0x16cbe5fa,
-        0x9ef27e75,0x3296bd89 } },
-    /* 167 */
-    { { 0x454d81d7,0x476aba89,0x51eb9b3c,0x9eade7ef,0x81c57986,0x619a21cd,
-        0xaee571e9,0x3b90febf },
-      { 0x5496f7cb,0x9393023e,0x7fb51bc4,0x55be41d8,0x99beb5ce,0x03f1dd48,
-        0x9f810b18,0x6e88069d } },
-    /* 168 */
-    { { 0xb43ea1db,0xce37ab11,0x5259d292,0x0a7ff1a9,0x8f84f186,0x851b0221,
-        0xdefaad13,0xa7222bea },
-      { 0x2b0a9144,0xa2ac78ec,0xf2fa59c5,0x5a024051,0x6147ce38,0x91d1eca5,
-        0xbc2ac690,0xbe94d523 } },
-    /* 169 */
-    { { 0x0b226ce7,0x72f4945e,0x967e8b70,0xb8afd747,0x85a6c63e,0xedea46f1,
-        0x9be8c766,0x7782defe },
-      { 0x3db38626,0x760d2aa4,0x76f67ad1,0x460ae787,0x54499cdb,0x341b86fc,
-        0xa2892e4b,0x03838567 } },
-    /* 170 */
-    { { 0x79ec1a0f,0x2d8daefd,0xceb39c97,0x3bbcd6fd,0x58f61a95,0xf5575ffc,
-        0xadf7b420,0xdbd986c4 },
-      { 0x15f39eb7,0x81aa8814,0xb98d976c,0x6ee2fcf5,0xcf2f717d,0x5465475d,
-        0x6860bbd0,0x8e24d3c4 } },
-    /* 171 */
-    { { 0x9a587390,0x749d8e54,0x0cbec588,0x12bb194f,0xb25983c6,0x46e07da4,
-        0x407bafc8,0x541a99c4 },
-      { 0x624c8842,0xdb241692,0xd86c05ff,0x6044c12a,0x4f7fcf62,0xc59d14b4,
-        0xf57d35d1,0xc0092c49 } },
-    /* 172 */
-    { { 0xdf2e61ef,0xd3cc75c3,0x2e1b35ca,0x7e8841c8,0x909f29f4,0xc62d30d1,
-        0x7286944d,0x75e40634 },
-      { 0xbbc237d0,0xe7d41fc5,0xec4f01c9,0xc9537bf0,0x282bd534,0x91c51a16,
-        0xc7848586,0x5b7cb658 } },
-    /* 173 */
-    { { 0x8a28ead1,0x964a7084,0xfd3b47f6,0x802dc508,0x767e5b39,0x9ae4bfd1,
-        0x8df097a1,0x7ae13eba },
-      { 0xeadd384e,0xfd216ef8,0xb6b2ff06,0x0361a2d9,0x4bcdb5f3,0x204b9878,
-        0xe2a8e3fd,0x787d8074 } },
-    /* 174 */
-    { { 0x757fbb1c,0xc5e25d6b,0xca201deb,0xe47bddb2,0x6d2233ff,0x4a55e9a3,
-        0x9ef28484,0x5c222819 },
-      { 0x88315250,0x773d4a85,0x827097c1,0x21b21a2b,0xdef5d33f,0xab7c4ea1,
-        0xbaf0f2b0,0xe45d37ab } },
-    /* 175 */
-    { { 0x28511c8a,0xd2df1e34,0xbdca6cd3,0xebb229c8,0x627c39a7,0x578a71a7,
-        0x84dfb9d3,0xed7bc122 },
-      { 0x93dea561,0xcf22a6df,0xd48f0ed1,0x5443f18d,0x5bad23e8,0xd8b86140,
-        0x45ca6d27,0xaac97cc9 } },
-    /* 176 */
-    { { 0xa16bd00a,0xeb54ea74,0xf5c0bcc1,0xd839e9ad,0x1f9bfc06,0x092bb7f1,
-        0x1163dc4e,0x318f97b3 },
-      { 0xc30d7138,0xecc0c5be,0xabc30220,0x44e8df23,0xb0223606,0x2bb7972f,
-        0x9a84ff4d,0xfa41faa1 } },
-    /* 177 */
-    { { 0xa6642269,0x4402d974,0x9bb783bd,0xc81814ce,0x7941e60b,0x398d38e4,
-        0x1d26e9e2,0x38bb6b2c },
-      { 0x6a577f87,0xc64e4a25,0xdc11fe1c,0x8b52d253,0x62280728,0xff336abf,
-        0xce7601a5,0x94dd0905 } },
-    /* 178 */
-    { { 0xde93f92a,0x156cf7dc,0x89b5f315,0xa01333cb,0xc995e750,0x02404df9,
-        0xd25c2ae9,0x92077867 },
-      { 0x0bf39d44,0xe2471e01,0x96bb53d7,0x5f2c9020,0x5c9c3d8f,0x4c44b7b3,
-        0xd29beb51,0x81e8428b } },
-    /* 179 */
-    { { 0xc477199f,0x6dd9c2ba,0x6b5ecdd9,0x8cb8eeee,0xee40fd0e,0x8af7db3f,
-        0xdbbfa4b1,0x1b94ab62 },
-      { 0xce47f143,0x44f0d8b3,0x63f46163,0x51e623fc,0xcc599383,0xf18f270f,
-        0x055590ee,0x06a38e28 } },
-    /* 180 */
-    { { 0xb3355b49,0x2e5b0139,0xb4ebf99b,0x20e26560,0xd269f3dc,0xc08ffa6b,
-        0x83d9d4f8,0xa7b36c20 },
-      { 0x1b3e8830,0x64d15c3a,0xa89f9c0b,0xd5fceae1,0xe2d16930,0xcfeee4a2,
-        0xa2822a20,0xbe54c6b4 } },
-    /* 181 */
-    { { 0x8d91167c,0xd6cdb3df,0xe7a6625e,0x517c3f79,0x346ac7f4,0x7105648f,
-        0xeae022bb,0xbf30a5ab },
-      { 0x93828a68,0x8e7785be,0x7f3ef036,0x5161c332,0x592146b2,0xe11b5feb,
-        0x2732d13a,0xd1c820de } },
-    /* 182 */
-    { { 0x9038b363,0x043e1347,0x6b05e519,0x58c11f54,0x6026cad1,0x4fe57abe,
-        0x68a18da3,0xb7d17bed },
-      { 0xe29c2559,0x44ca5891,0x5bfffd84,0x4f7a0376,0x74e46948,0x498de4af,
-        0x6412cc64,0x3997fd5e } },
-    /* 183 */
-    { { 0x8bd61507,0xf2074682,0x34a64d2a,0x29e132d5,0x8a8a15e3,0xffeddfb0,
-        0x3c6c13e8,0x0eeb8929 },
-      { 0xa7e259f8,0xe9b69a3e,0xd13e7e67,0xce1db7e6,0xad1fa685,0x277318f6,
-        0xc922b6ef,0x228916f8 } },
-    /* 184 */
-    { { 0x0a12ab5b,0x959ae25b,0x957bc136,0xcc11171f,0xd16e2b0c,0x8058429e,
-        0x6e93097e,0xec05ad1d },
-      { 0xac3f3708,0x157ba5be,0x30b59d77,0x31baf935,0x118234e5,0x47b55237,
-        0x7ff11b37,0x7d314156 } },
-    /* 185 */
-    { { 0xf6dfefab,0x7bd9c05c,0xdcb37707,0xbe2f2268,0x3a38bb95,0xe53ead97,
-        0x9bc1d7a3,0xe9ce66fc },
-      { 0x6f6a02a1,0x75aa1576,0x60e600ed,0x38c087df,0x68cdc1b9,0xf8947f34,
-        0x72280651,0xd9650b01 } },
-    /* 186 */
-    { { 0x5a057e60,0x504b4c4a,0x8def25e4,0xcbccc3be,0x17c1ccbd,0xa6353208,
-        0x804eb7a2,0x14d6699a },
-      { 0xdb1f411a,0x2c8a8415,0xf80d769c,0x09fbaf0b,0x1c2f77ad,0xb4deef90,
-        0x0d43598a,0x6f4c6841 } },
-    /* 187 */
-    { { 0x96c24a96,0x8726df4e,0xfcbd99a3,0x534dbc85,0x8b2ae30a,0x3c466ef2,
-        0x61189abb,0x4c4350fd },
-      { 0xf855b8da,0x2967f716,0x463c38a1,0x41a42394,0xeae93343,0xc37e1413,
-        0x5a3118b5,0xa726d242 } },
-    /* 188 */
-    { { 0x948c1086,0xdae6b3ee,0xcbd3a2e1,0xf1de503d,0x03d022f3,0x3f35ed3f,
-        0xcc6cf392,0x13639e82 },
-      { 0xcdafaa86,0x9ac938fb,0x2654a258,0xf45bc5fb,0x45051329,0x1963b26e,
-        0xc1a335a3,0xca9365e1 } },
-    /* 189 */
-    { { 0x4c3b2d20,0x3615ac75,0x904e241b,0x742a5417,0xcc9d071d,0xb08521c4,
-        0x970b72a5,0x9ce29c34 },
-      { 0x6d3e0ad6,0x8cc81f73,0xf2f8434c,0x8060da9e,0x6ce862d9,0x35ed1d1a,
-        0xab42af98,0x48c4abd7 } },
-    /* 190 */
-    { { 0x40c7485a,0xd221b0cc,0xe5274dbf,0xead455bb,0x9263d2e8,0x493c7698,
-        0xf67b33cb,0x78017c32 },
-      { 0x930cb5ee,0xb9d35769,0x0c408ed2,0xc0d14e94,0x272f1a4d,0xf8b7bf55,
-        0xde5c1c04,0x53cd0454 } },
-    /* 191 */
-    { { 0x5d28ccac,0xbcd585fa,0x005b746e,0x5f823e56,0xcd0123aa,0x7c79f0a1,
-        0xd3d7fa8f,0xeea465c1 },
-      { 0x0551803b,0x7810659f,0x7ce6af70,0x6c0b599f,0x29288e70,0x4195a770,
-        0x7ae69193,0x1b6e42a4 } },
-    /* 192 */
-    { { 0xf67d04c3,0x2e80937c,0x89eeb811,0x1e312be2,0x92594d60,0x56b5d887,
-        0x187fbd3d,0x0224da14 },
-      { 0x0c5fe36f,0x87abb863,0x4ef51f5f,0x580f3c60,0xb3b429ec,0x964fb1bf,
-        0x42bfff33,0x60838ef0 } },
-    /* 193 */
-    { { 0x7e0bbe99,0x432cb2f2,0x04aa39ee,0x7bda44f3,0x9fa93903,0x5f497c7a,
-        0x2d331643,0x636eb202 },
-      { 0x93ae00aa,0xfcfd0e61,0x31ae6d2f,0x875a00fe,0x9f93901c,0xf43658a2,
-        0x39218bac,0x8844eeb6 } },
-    /* 194 */
-    { { 0x6b3bae58,0x114171d2,0x17e39f3e,0x7db3df71,0x81a8eada,0xcd37bc7f,
-        0x51fb789e,0x27ba83dc },
-      { 0xfbf54de5,0xa7df439f,0xb5fe1a71,0x7277030b,0xdb297a48,0x42ee8e35,
-        0x87f3a4ab,0xadb62d34 } },
-    /* 195 */
-    { { 0xa175df2a,0x9b1168a2,0x618c32e9,0x082aa04f,0x146b0916,0xc9e4f2e7,
-        0x75e7c8b2,0xb990fd76 },
-      { 0x4df37313,0x0829d96b,0xd0b40789,0x1c205579,0x78087711,0x66c9ae4a,
-        0x4d10d18d,0x81707ef9 } },
-    /* 196 */
-    { { 0x03d6ff96,0x97d7cab2,0x0d843360,0x5b851bfc,0xd042db4b,0x268823c4,
-        0xd5a8aa5c,0x3792daea },
-      { 0x941afa0b,0x52818865,0x42d83671,0xf3e9e741,0x5be4e0a7,0x17c82527,
-        0x94b001ba,0x5abd635e } },
-    /* 197 */
-    { { 0x0ac4927c,0x727fa84e,0xa7c8cf23,0xe3886035,0x4adca0df,0xa4bcd5ea,
-        0x846ab610,0x5995bf21 },
-      { 0x829dfa33,0xe90f860b,0x958fc18b,0xcaafe2ae,0x78630366,0x9b3baf44,
-        0xd483411e,0x44c32ca2 } },
-    /* 198 */
-    { { 0xe40ed80c,0xa74a97f1,0x31d2ca82,0x5f938cb1,0x7c2d6ad9,0x53f2124b,
-        0x8082a54c,0x1f2162fb },
-      { 0x720b173e,0x7e467cc5,0x085f12f9,0x40e8a666,0x4c9d65dc,0x8cebc20e,
-        0xc3e907c9,0x8f1d402b } },
-    /* 199 */
-    { { 0xfbc4058a,0x4f592f9c,0x292f5670,0xb15e14b6,0xbc1d8c57,0xc55cfe37,
-        0x926edbf9,0xb1980f43 },
-      { 0x32c76b09,0x98c33e09,0x33b07f78,0x1df5279d,0x863bb461,0x6f08ead4,
-        0x37448e45,0x2828ad9b } },
-    /* 200 */
-    { { 0xc4cf4ac5,0x696722c4,0xdde64afb,0xf5ac1a3f,0xe0890832,0x0551baa2,
-        0x5a14b390,0x4973f127 },
-      { 0x322eac5d,0xe59d8335,0x0bd9b568,0x5e07eef5,0xa2588393,0xab36720f,
-        0xdb168ac7,0x6dac8ed0 } },
-    /* 201 */
-    { { 0xeda835ef,0xf7b545ae,0x1d10ed51,0x4aa113d2,0x13741b09,0x035a65e0,
-        0x20b9de4c,0x4b23ef59 },
-      { 0x3c4c7341,0xe82bb680,0x3f58bc37,0xd457706d,0xa51e3ee8,0x73527863,
-        0xddf49a4e,0x4dd71534 } },
-    /* 202 */
-    { { 0x95476cd9,0xbf944672,0xe31a725b,0x648d072f,0xfc4b67e0,0x1441c8b8,
-        0x2f4a4dbb,0xfd317000 },
-      { 0x8995d0e1,0x1cb43ff4,0x0ef729aa,0x76e695d1,0x41798982,0xe0d5f976,
-        0x9569f365,0x14fac58c } },
-    /* 203 */
-    { { 0xf312ae18,0xad9a0065,0xfcc93fc9,0x51958dc0,0x8a7d2846,0xd9a14240,
-        0x36abda50,0xed7c7651 },
-      { 0x25d4abbc,0x46270f1a,0xf1a113ea,0x9b5dd8f3,0x5b51952f,0xc609b075,
-        0x4d2e9f53,0xfefcb7f7 } },
-    /* 204 */
-    { { 0xba119185,0xbd09497a,0xaac45ba4,0xd54e8c30,0xaa521179,0x492479de,
-        0x87e0d80b,0x1801a57e },
-      { 0xfcafffb0,0x073d3f8d,0xae255240,0x6cf33c0b,0x5b5fdfbc,0x781d763b,
-        0x1ead1064,0x9f8fc11e } },
-    /* 205 */
-    { { 0x5e69544c,0x1583a171,0xf04b7813,0x0eaf8567,0x278a4c32,0x1e22a8fd,
-        0x3d3a69a9,0xa9d3809d },
-      { 0x59a2da3b,0x936c2c2c,0x1895c847,0x38ccbcf6,0x63d50869,0x5e65244e,
-        0xe1178ef7,0x3006b9ae } },
-    /* 206 */
-    { { 0xc9eead28,0x0bb1f2b0,0x89f4dfbc,0x7eef635d,0xb2ce8939,0x074757fd,
-        0x45f8f761,0x0ab85fd7 },
-      { 0x3e5b4549,0xecda7c93,0x97922f21,0x4be2bb5c,0xb43b8040,0x261a1274,
-        0x11e942c2,0xb122d675 } },
-    /* 207 */
-    { { 0x66a5ae7a,0x3be607be,0x76adcbe3,0x01e703fa,0x4eb6e5c5,0xaf904301,
-        0x097dbaec,0x9f599dc1 },
-      { 0x0ff250ed,0x6d75b718,0x349a20dc,0x8eb91574,0x10b227a3,0x425605a4,
-        0x8a294b78,0x7d5528e0 } },
-    /* 208 */
-    { { 0x20c26def,0xf0f58f66,0x582b2d1e,0x025585ea,0x01ce3881,0xfbe7d79b,
-        0x303f1730,0x28ccea01 },
-      { 0x79644ba5,0xd1dabcd1,0x06fff0b8,0x1fc643e8,0x66b3e17b,0xa60a76fc,
-        0xa1d013bf,0xc18baf48 } },
-    /* 209 */
-    { { 0x5dc4216d,0x34e638c8,0x206142ac,0x00c01067,0x95f5064a,0xd453a171,
-        0xb7a9596b,0x9def809d },
-      { 0x67ab8d2c,0x41e8642e,0x6237a2b6,0xb4240433,0x64c4218b,0x7d506a6d,
-        0x68808ce5,0x0357f8b0 } },
-    /* 210 */
-    { { 0x4cd2cc88,0x8e9dbe64,0xf0b8f39d,0xcc61c28d,0xcd30a0c8,0x4a309874,
-        0x1b489887,0xe4a01add },
-      { 0xf57cd8f9,0x2ed1eeac,0xbd594c48,0x1b767d3e,0x7bd2f787,0xa7295c71,
-        0xce10cc30,0x466d7d79 } },
-    /* 211 */
-    { { 0x9dada2c7,0x47d31892,0x8f9aa27d,0x4fa0a6c3,0x820a59e1,0x90e4fd28,
-        0x451ead1a,0xc672a522 },
-      { 0x5d86b655,0x30607cc8,0xf9ad4af1,0xf0235d3b,0x571172a6,0x99a08680,
-        0xf2a67513,0x5e3d64fa } },
-    /* 212 */
-    { { 0x9b3b4416,0xaa6410c7,0xeab26d99,0xcd8fcf85,0xdb656a74,0x5ebff74a,
-        0xeb8e42fc,0x6c8a7a95 },
-      { 0xb02a63bd,0x10c60ba7,0x8b8f0047,0x6b2f2303,0x312d90b0,0x8c6c3738,
-        0xad82ca91,0x348ae422 } },
-    /* 213 */
-    { { 0x5ccda2fb,0x7f474663,0x8e0726d2,0x22accaa1,0x492b1f20,0x85adf782,
-        0xd9ef2d2e,0xc1074de0 },
-      { 0xae9a65b3,0xfcf3ce44,0x05d7151b,0xfd71e4ac,0xce6a9788,0xd4711f50,
-        0xc9e54ffc,0xfbadfbdb } },
-    /* 214 */
-    { { 0x20a99363,0x1713f1cd,0x6cf22775,0xb915658f,0x24d359b2,0x968175cd,
-        0x83716fcd,0xb7f976b4 },
-      { 0x5d6dbf74,0x5758e24d,0x71c3af36,0x8d23bafd,0x0243dfe3,0x48f47760,
-        0xcafcc805,0xf4d41b2e } },
-    /* 215 */
-    { { 0xfdabd48d,0x51f1cf28,0x32c078a4,0xce81be36,0x117146e9,0x6ace2974,
-        0xe0160f10,0x180824ea },
-      { 0x66e58358,0x0387698b,0xce6ca358,0x63568752,0x5e41e6c5,0x82380e34,
-        0x83cf6d25,0x67e5f639 } },
-    /* 216 */
-    { { 0xcf4899ef,0xf89ccb8d,0x9ebb44c0,0x949015f0,0xb2598ec9,0x546f9276,
-        0x04c11fc6,0x9fef789a },
-      { 0x53d2a071,0x6d367ecf,0xa4519b09,0xb10e1a7f,0x611e2eef,0xca6b3fb0,
-        0xa99c4e20,0xbc80c181 } },
-    /* 217 */
-    { { 0xe5eb82e6,0x972536f8,0xf56cb920,0x1a484fc7,0x50b5da5e,0xc78e2171,
-        0x9f8cdf10,0x49270e62 },
-      { 0xea6b50ad,0x1a39b7bb,0xa2388ffc,0x9a0284c1,0x8107197b,0x5403eb17,
-        0x61372f7f,0xd2ee52f9 } },
-    /* 218 */
-    { { 0x88e0362a,0xd37cd285,0x8fa5d94d,0x442fa8a7,0xa434a526,0xaff836e5,
-        0xe5abb733,0xdfb478be },
-      { 0x673eede6,0xa91f1ce7,0x2b5b2f04,0xa5390ad4,0x5530da2f,0x5e66f7bf,
-        0x08df473a,0xd9a140b4 } },
-    /* 219 */
-    { { 0x6e8ea498,0x0e0221b5,0x3563ee09,0x62347829,0x335d2ade,0xe06b8391,
-        0x623f4b1a,0x760c058d },
-      { 0xc198aa79,0x0b89b58c,0xf07aba7f,0xf74890d2,0xfde2556a,0x4e204110,
-        0x8f190409,0x7141982d } },
-    /* 220 */
-    { { 0x4d4b0f45,0x6f0a0e33,0x392a94e1,0xd9280b38,0xb3c61d5e,0x3af324c6,
-        0x89d54e47,0x3af9d1ce },
-      { 0x20930371,0xfd8f7981,0x21c17097,0xeda2664c,0xdc42309b,0x0e9545dc,
-        0x73957dd6,0xb1f815c3 } },
-    /* 221 */
-    { { 0x89fec44a,0x84faa78e,0x3caa4caf,0xc8c2ae47,0xc1b6a624,0x691c807d,
-        0x1543f052,0xa41aed14 },
-      { 0x7d5ffe04,0x42435399,0x625b6e20,0x8bacb2df,0x87817775,0x85d660be,
-        0x86fb60ef,0xd6e9c1dd } },
-    /* 222 */
-    { { 0xc6853264,0x3aa2e97e,0xe2304a0b,0x771533b7,0xb8eae9be,0x1b912bb7,
-        0xae9bf8c2,0x9c9c6e10 },
-      { 0xe030b74c,0xa2309a59,0x6a631e90,0x4ed7494d,0xa49b79f2,0x89f44b23,
-        0x40fa61b6,0x566bd596 } },
-    /* 223 */
-    { { 0xc18061f3,0x066c0118,0x7c83fc70,0x190b25d3,0x27273245,0xf05fc8e0,
-        0xf525345e,0xcf2c7390 },
-      { 0x10eb30cf,0xa09bceb4,0x0d77703a,0xcfd2ebba,0x150ff255,0xe842c43a,
-        0x8aa20979,0x02f51755 } },
-    /* 224 */
-    { { 0xaddb7d07,0x396ef794,0x24455500,0x0b4fc742,0xc78aa3ce,0xfaff8eac,
-        0xe8d4d97d,0x14e9ada5 },
-      { 0x2f7079e2,0xdaa480a1,0xe4b0800e,0x45baa3cd,0x7838157d,0x01765e2d,
-        0x8e9d9ae8,0xa0ad4fab } },
-    /* 225 */
-    { { 0x4a653618,0x0bfb7621,0x31eaaa5f,0x1872813c,0x44949d5e,0x1553e737,
-        0x6e56ed1e,0xbcd530b8 },
-      { 0x32e9c47b,0x169be853,0xb50059ab,0xdc2776fe,0x192bfbb4,0xcdba9761,
-        0x6979341d,0x909283cf } },
-    /* 226 */
-    { { 0x76e81a13,0x67b00324,0x62171239,0x9bee1a99,0xd32e19d6,0x08ed361b,
-        0xace1549a,0x35eeb7c9 },
-      { 0x7e4e5bdc,0x1280ae5a,0xb6ceec6e,0x2dcd2cd3,0x6e266bc1,0x52e4224c,
-        0x448ae864,0x9a8b2cf4 } },
-    /* 227 */
-    { { 0x09d03b59,0xf6471bf2,0xb65af2ab,0xc90e62a3,0xebd5eec9,0xff7ff168,
-        0xd4491379,0x6bdb60f4 },
-      { 0x8a55bc30,0xdadafebc,0x10097fe0,0xc79ead16,0x4c1e3bdd,0x42e19741,
-        0x94ba08a9,0x01ec3cfd } },
-    /* 228 */
-    { { 0xdc9485c2,0xba6277eb,0x22fb10c7,0x48cc9a79,0x70a28d8a,0x4f61d60f,
-        0x475464f6,0xd1acb1c0 },
-      { 0x26f36612,0xd26902b1,0xe0618d8b,0x59c3a44e,0x308357ee,0x4df8a813,
-        0x405626c2,0x7dcd079d } },
-    /* 229 */
-    { { 0xf05a4b48,0x5ce7d4d3,0x37230772,0xadcd2952,0x812a915a,0xd18f7971,
-        0x377d19b8,0x0bf53589 },
-      { 0x6c68ea73,0x35ecd95a,0x823a584d,0xc7f3bbca,0xf473a723,0x9fb674c6,
-        0xe16686fc,0xd28be4d9 } },
-    /* 230 */
-    { { 0x38fa8e4b,0x5d2b9906,0x893fd8fc,0x559f186e,0x436fb6fc,0x3a6de2aa,
-        0x510f88ce,0xd76007aa },
-      { 0x523a4988,0x2d10aab6,0x74dd0273,0xb455cf44,0xa3407278,0x7f467082,
-        0xb303bb01,0xf2b52f68 } },
-    /* 231 */
-    { { 0x9835b4ca,0x0d57eafa,0xbb669cbc,0x2d2232fc,0xc6643198,0x8eeeb680,
-        0xcc5aed3a,0xd8dbe98e },
-      { 0xc5a02709,0xcba9be3f,0xf5ba1fa8,0x30be68e5,0xf10ea852,0xfebd43cd,
-        0xee559705,0xe01593a3 } },
-    /* 232 */
-    { { 0xea75a0a6,0xd3e5af50,0x57858033,0x512226ac,0xd0176406,0x6fe6d50f,
-        0xaeb8ef06,0xafec07b1 },
-      { 0x80bb0a31,0x7fb99567,0x37309aae,0x6f1af3cc,0x01abf389,0x9153a15a,
-        0x6e2dbfdd,0xa71b9354 } },
-    /* 233 */
-    { { 0x18f593d2,0xbf8e12e0,0xa078122b,0xd1a90428,0x0ba4f2ad,0x150505db,
-        0x628523d9,0x53a2005c },
-      { 0xe7f2b935,0x07c8b639,0xc182961a,0x2bff975a,0x7518ca2c,0x86bceea7,
-        0x3d588e3d,0xbf47d19b } },
-    /* 234 */
-    { { 0xdd7665d5,0x672967a7,0x2f2f4de5,0x4e303057,0x80d4903f,0x144005ae,
-        0x39c9a1b6,0x001c2c7f },
-      { 0x69efc6d6,0x143a8014,0x7bc7a724,0xc810bdaa,0xa78150a4,0x5f65670b,
-        0x86ffb99b,0xfdadf8e7 } },
-    /* 235 */
-    { { 0xffc00785,0xfd38cb88,0x3b48eb67,0x77fa7591,0xbf368fbc,0x0454d055,
-        0x5aa43c94,0x3a838e4d },
-      { 0x3e97bb9a,0x56166329,0x441d94d9,0x9eb93363,0x0adb2a83,0x515591a6,
-        0x873e1da3,0x3cdb8257 } },
-    /* 236 */
-    { { 0x7de77eab,0x137140a9,0x41648109,0xf7e1c50d,0xceb1d0df,0x762dcad2,
-        0xf1f57fba,0x5a60cc89 },
-      { 0x40d45673,0x80b36382,0x5913c655,0x1b82be19,0xdd64b741,0x057284b8,
-        0xdbfd8fc0,0x922ff56f } },
-    /* 237 */
-    { { 0xc9a129a1,0x1b265dee,0xcc284e04,0xa5b1ce57,0xcebfbe3c,0x04380c46,
-        0xf6c5cd62,0x72919a7d },
-      { 0x8fb90f9a,0x298f453a,0x88e4031b,0xd719c00b,0x796f1856,0xe32c0e77,
-        0x3624089a,0x5e791780 } },
-    /* 238 */
-    { { 0x7f63cdfb,0x5c16ec55,0xf1cae4fd,0x8e6a3571,0x560597ca,0xfce26bea,
-        0xe24c2fab,0x4e0a5371 },
-      { 0xa5765357,0x276a40d3,0x0d73a2b4,0x3c89af44,0x41d11a32,0xb8f370ae,
-        0xd56604ee,0xf5ff7818 } },
-    /* 239 */
-    { { 0x1a09df21,0xfbf3e3fe,0xe66e8e47,0x26d5d28e,0x29c89015,0x2096bd0a,
-        0x533f5e64,0xe41df0e9 },
-      { 0xb3ba9e3f,0x305fda40,0x2604d895,0xf2340ceb,0x7f0367c7,0x0866e192,
-        0xac4f155f,0x8edd7d6e } },
-    /* 240 */
-    { { 0x0bfc8ff3,0xc9a1dc0e,0xe936f42f,0x14efd82b,0xcca381ef,0x67016f7c,
-        0xed8aee96,0x1432c1ca },
-      { 0x70b23c26,0xec684829,0x0735b273,0xa64fe873,0xeaef0f5a,0xe389f6e5,
-        0x5ac8d2c6,0xcaef480b } },
-    /* 241 */
-    { { 0x75315922,0x5245c978,0x3063cca5,0xd8295171,0xb64ef2cb,0xf3ce60d0,
-        0x8efae236,0xd0ba177e },
-      { 0xb1b3af60,0x53a9ae8f,0x3d2da20e,0x1a796ae5,0xdf9eef28,0x01d63605,
-        0x1c54ae16,0xf31c957c } },
-    /* 242 */
-    { { 0x49cc4597,0xc0f58d52,0xbae0a028,0xdc5015b0,0x734a814a,0xefc5fc55,
-        0x96e17c3a,0x013404cb },
-      { 0xc9a824bf,0xb29e2585,0x001eaed7,0xd593185e,0x61ef68ac,0x8d6ee682,
-        0x91933e6c,0x6f377c4b } },
-    /* 243 */
-    { { 0xa8333fd2,0x9f93bad1,0x5a2a95b8,0xa8930202,0xeaf75ace,0x211e5037,
-        0xd2d09506,0x6dba3e4e },
-      { 0xd04399cd,0xa48ef98c,0xe6b73ade,0x1811c66e,0xc17ecaf3,0x72f60752,
-        0x3becf4a7,0xf13cf342 } },
-    /* 244 */
-    { { 0xa919e2eb,0xceeb9ec0,0xf62c0f68,0x83a9a195,0x7aba2299,0xcfba3bb6,
-        0x274bbad3,0xc83fa9a9 },
-      { 0x62fa1ce0,0x0d7d1b0b,0x3418efbf,0xe58b60f5,0x52706f04,0xbfa8ef9e,
-        0x5d702683,0xb49d70f4 } },
-    /* 245 */
-    { { 0xfad5513b,0x914c7510,0xb1751e2d,0x05f32eec,0xd9fb9d59,0x6d850418,
-        0x0c30f1cf,0x59cfadbb },
-      { 0x55cb7fd6,0xe167ac23,0x820426a3,0x249367b8,0x90a78864,0xeaeec58c,
-        0x354a4b67,0x5babf362 } },
-    /* 246 */
-    { { 0xee424865,0x37c981d1,0xf2e5577f,0x8b002878,0xb9e0c058,0x702970f1,
-        0x9026c8f0,0x6188c6a7 },
-      { 0xd0f244da,0x06f9a19b,0xfb080873,0x1ecced5c,0x9f213637,0x35470f9b,
-        0xdf50b9d9,0x993fe475 } },
-    /* 247 */
-    { { 0x9b2c3609,0x68e31cdf,0x2c46d4ea,0x84eb19c0,0x9a775101,0x7ac9ec1a,
-        0x4c80616b,0x81f76466 },
-      { 0x75fbe978,0x1d7c2a5a,0xf183b356,0x6743fed3,0x501dd2bf,0x838d1f04,
-        0x5fe9060d,0x564a812a } },
-    /* 248 */
-    { { 0xfa817d1d,0x7a5a64f4,0xbea82e0f,0x55f96844,0xcd57f9aa,0xb5ff5a0f,
-        0x00e51d6c,0x226bf3cf },
-      { 0x2f2833cf,0xd6d1a9f9,0x4f4f89a8,0x20a0a35a,0x8f3f7f77,0x11536c49,
-        0xff257836,0x68779f47 } },
-    /* 249 */
-    { { 0x73043d08,0x79b0c1c1,0x1fc020fa,0xa5446774,0x9a6d26d0,0xd3767e28,
-        0xeb092e0b,0x97bcb0d1 },
-      { 0xf32ed3c3,0x2ab6eaa8,0xb281bc48,0xc8a4f151,0xbfa178f3,0x4d1bf4f3,
-        0x0a784655,0xa872ffe8 } },
-    /* 250 */
-    { { 0xa32b2086,0xb1ab7935,0x8160f486,0xe1eb710e,0x3b6ae6be,0x9bd0cd91,
-        0xb732a36a,0x02812bfc },
-      { 0xcf605318,0xa63fd7ca,0xfdfd6d1d,0x646e5d50,0x2102d619,0xa1d68398,
-        0xfe5396af,0x07391cc9 } },
-    /* 251 */
-    { { 0x8b80d02b,0xc50157f0,0x62877f7f,0x6b8333d1,0x78d542ae,0x7aca1af8,
-        0x7e6d2a08,0x355d2adc },
-      { 0x287386e1,0xb41f335a,0xf8e43275,0xfd272a94,0xe79989ea,0x286ca2cd,
-        0x7c2a3a79,0x3dc2b1e3 } },
-    /* 252 */
-    { { 0x04581352,0xd689d21c,0x376782be,0x0a00c825,0x9fed701f,0x203bd590,
-        0x3ccd846b,0xc4786910 },
-      { 0x24c768ed,0x5dba7708,0x6841f657,0x72feea02,0x6accce0e,0x73313ed5,
-        0xd5bb4d32,0xccc42968 } },
-    /* 253 */
-    { { 0x3d7620b9,0x94e50de1,0x5992a56a,0xd89a5c8a,0x675487c9,0xdc007640,
-        0xaa4871cf,0xe147eb42 },
-      { 0xacf3ae46,0x274ab4ee,0x50350fbe,0xfd4936fb,0x48c840ea,0xdf2afe47,
-        0x080e96e3,0x239ac047 } },
-    /* 254 */
-    { { 0x2bfee8d4,0x481d1f35,0xfa7b0fec,0xce80b5cf,0x2ce9af3c,0x105c4c9e,
-        0xf5f7e59d,0xc55fa1a3 },
-      { 0x8257c227,0x3186f14e,0x342be00b,0xc5b1653f,0xaa904fb2,0x09afc998,
-        0xd4f4b699,0x094cd99c } },
-    /* 255 */
-    { { 0xd703beba,0x8a981c84,0x32ceb291,0x8631d150,0xe3bd49ec,0xa445f2c9,
-        0x42abad33,0xb90a30b6 },
-      { 0xb4a5abf9,0xb465404f,0x75db7603,0x004750c3,0xca35d89f,0x6f9a42cc,
-        0x1b7924f7,0x019f8b9a } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^32, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_8(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_8(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, km);
-
-            err = sp_256_ecc_mulmod_base_8(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 8 + 8 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8 + 8 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 8;
-
-        sp_256_from_mp(k, 8, km);
-        sp_256_point_from_ecc_point_8(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_8(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_8(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_8(point, point, addP, tmp);
-
-        if (map) {
-                sp_256_map_8(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_8(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_add_one_8(sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADDS	r1, r1, #0x1\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_8(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 8, buf, (int)sizeof(buf));
-            if (sp_256_cmp_8(k, p256_order2) <= 0) {
-                sp_256_add_one_8(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 8);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_8(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_base_8(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_8(point->x) || sp_256_iszero_8(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_8(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-    sp_digit k[8];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_8(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_8(ctx->point->x) ||
-                    sp_256_iszero_8(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_8(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_8(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 7; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 8);
-    int err = MP_OKAY;
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 8, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 8, priv);
-        sp_256_point_from_ecc_point_8(point, pub);
-            err = sp_256_ecc_mulmod_8(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_8(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-    };
-    sp_digit k[8];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 8, priv);
-            sp_256_point_from_ecc_point_8(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_8(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x20\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_sub_in_pkace_8_word:\n\t"
-#else
-    "L_sp_256_sub_in_pkace_8_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_256_sub_in_pkace_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_256_sub_in_pkace_8_word\n\t"
-#else
-        "BNE.N	L_sp_256_sub_in_pkace_8_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_mul_d_8_word:\n\t"
-#else
-    "L_sp_256_mul_d_8_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x20\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_256_mul_d_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_256_mul_d_8_word\n\t"
-#else
-        "BLT.N	L_sp_256_mul_d_8_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #32]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "STR	r5, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_256_word_8_bit:\n\t"
-#else
-    "L_div_256_word_8_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_256_word_8_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_256_word_8_bit\n\t"
-#else
-        "BPL.N	L_div_256_word_8_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<8; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[16], t2[9];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[7];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 8);
-    r1 = sp_256_cmp_8(&t1[8], d) >= 0;
-    sp_256_cond_sub_8(&t1[8], &t1[8], d, (sp_digit)0 - r1);
-    for (i = 7; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[8 + i] == div);
-        sp_digit hi = t1[8 + i] + mask;
-        r1 = div_256_word_8(hi, t1[8 + i - 1], div);
-        r1 |= mask;
-
-        sp_256_mul_d_8(t2, d, r1);
-        t1[8 + i] += sp_256_sub_in_place_8(&t1[i], t2);
-        t1[8 + i] -= t2[8];
-        sp_256_mask_8(t2, d, t1[8 + i]);
-        t1[8 + i] += sp_256_add_8(&t1[i], &t1[i], t2);
-        sp_256_mask_8(t2, d, t1[8 + i]);
-        t1[8 + i] += sp_256_add_8(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_256_cmp_8(t1, d) >= 0;
-    sp_256_cond_sub_8(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_256_div_8(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_256_mul_8(r, a, b);
-    sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word32 p256_order_minus_2[8] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU,0xffffffffU,0xffffffffU,
-    0x00000000U,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[4] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_8(sp_digit* r, const sp_digit* a)
-{
-    sp_256_sqr_8(r, a);
-    sp_256_mont_reduce_order_8(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_8(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_256_mont_sqr_order_8(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_8(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_mont_inv_order_8_ctx {
-    int state;
-    int i;
-} sp_256_mont_inv_order_8_ctx;
-static int sp_256_mont_inv_order_8_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_mont_inv_order_8_ctx* ctx = (sp_256_mont_inv_order_8_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_8_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 8);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_8(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 8U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 8);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_8(t, t);
-        if ((p256_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 8U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 8;
-    sp_digit* t3 = td + 4 * 8;
-    int i;
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_8(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_8(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_8(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_8(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_8(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_8(t, t2, t3);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_8(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_8(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_8(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_8(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_8(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_8(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    sp_256_mont_sqr_order_8(t2, t2);
-    sp_256_mont_mul_order_8(t2, t2, a);
-    sp_256_mont_sqr_n_order_8(t2, t2, 5);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    for (i=121; i>=112; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    sp_256_mont_mul_order_8(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_8(t2, t2);
-        if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_8(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_8(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_8(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_8(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_8(k, k, p256_norm_order);
-    err = sp_256_mod_8(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_8(k);
-
-        /* kInv = 1/k mod order */
-            sp_256_mont_inv_order_8(kInv, k, tmp);
-        sp_256_norm_8(kInv);
-
-        /* s = r * x + e */
-            sp_256_mul_8(x, x, r);
-        err = sp_256_mod_8(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_8(x);
-        carry = sp_256_add_8(s, e, x);
-        sp_256_cond_sub_8(s, s, p256_order, 0 - carry);
-        sp_256_norm_8(s);
-        c = sp_256_cmp_8(s, p256_order);
-        sp_256_cond_sub_8(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(s);
-
-        /* s = s * k^-1 mod order */
-            sp_256_mont_mul_order_8(s, s, kInv);
-        sp_256_norm_8(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 8);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 8;
-        k = e + 4 * 8;
-        r = e + 6 * 8;
-        tmp = e + 8 * 8;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_8(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 8, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_256_ecc_mulmod_base_8(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 8U);
-            sp_256_norm_8(r);
-            c = sp_256_cmp_8(r, p256_order);
-            sp_256_cond_sub_8(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_8(r);
-
-            if (!sp_256_iszero_8(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 8, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 8, hash, (int)hashLen);
-
-                err = sp_256_calc_s_8(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_8(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 8, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-        sp_256_mont_inv_order_8_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*8];
-    sp_digit x[2*8];
-    sp_digit k[2*8];
-    sp_digit r[2*8];
-    sp_digit tmp[3 * 2*8];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_8(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 8, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 8U);
-        sp_256_norm_8(ctx->r);
-        c = sp_256_cmp_8(ctx->r, p256_order);
-        sp_256_cond_sub_8(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 8, priv);
-        sp_256_from_bin(ctx->e, 8, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_8(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_8(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_8(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_8_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_8(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_8(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_8(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_256_norm_8(ctx->x);
-        carry = sp_256_add_8(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_8(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_8(ctx->s);
-        c = sp_256_cmp_8(ctx->s, p256_order);
-        sp_256_cond_sub_8(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_8(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_8(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_8(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_8(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 8U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 8U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r11, #0x0\n\t"
-        "ADD	r12, %[a], #0x20\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_sub_8_word:\n\t"
-#else
-    "L_sp_256_sub_8_word_%=:\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	r11, r3, r3\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_256_sub_8_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_256_sub_8_word\n\t"
-#else
-        "BNE.N	L_sp_256_sub_8_word_%=\n\t"
-#endif
-        "MOV	%[r], r11\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_256_sub_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_rshift1_8(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "LDRD	r2, r3, [%[a], #16]\n\t"
-        "LDRD	r4, r5, [%[a], #24]\n\t"
-        "LSR	r6, r2, #1\n\t"
-        "LSR	r7, r3, #1\n\t"
-        "LSR	r8, r4, #1\n\t"
-        "LSR	r9, r5, #1\n\t"
-        "ORR	r6, r6, r3, lsl #31\n\t"
-        "ORR	r7, r7, r4, lsl #31\n\t"
-        "ORR	r8, r8, r5, lsl #31\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "MOV	r10, r2\n\t"
-        "STRD	r6, r7, [%[r], #16]\n\t"
-        "STRD	r8, r9, [%[r], #24]\n\t"
-        "LDRD	r2, r3, [%[a]]\n\t"
-        "LDRD	r4, r5, [%[a], #8]\n\t"
-        "LSR	r6, r2, #1\n\t"
-        "LSR	r7, r3, #1\n\t"
-        "LSR	r8, r4, #1\n\t"
-        "LSR	r9, r5, #1\n\t"
-        "ORR	r6, r6, r3, lsl #31\n\t"
-        "ORR	r7, r7, r4, lsl #31\n\t"
-        "ORR	r8, r8, r5, lsl #31\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "STRD	r6, r7, [%[r]]\n\t"
-        "STRD	r8, r9, [%[r], #8]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-}
-
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_256_div2_mod_8(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r4}\n\t"
-        "ANDS	r3, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_div2_mod_8_even_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_div2_mod_8_even\n\t"
-#else
-        "BEQ.N	L_sp_256_div2_mod_8_even_%=\n\t"
-#endif
-        "LDM	%[a]!, {r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "ADC	r3, r12, r12\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_div2_mod_8_div2_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_div2_mod_8_div2\n\t"
-#else
-        "B.N	L_sp_256_div2_mod_8_div2_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_div2_mod_8_even:\n\t"
-#else
-    "L_sp_256_div2_mod_8_even_%=:\n\t"
-#endif
-        "LDRD	r4, r5, [%[a], #12]\n\t"
-        "LDRD	r6, r7, [%[a], #20]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_div2_mod_8_div2:\n\t"
-#else
-    "L_sp_256_div2_mod_8_div2_%=:\n\t"
-#endif
-        "LSR	r8, r4, #1\n\t"
-        "AND	r4, r4, #0x1\n\t"
-        "LSR	r9, r5, #1\n\t"
-        "LSR	r10, r6, #1\n\t"
-        "LSR	r11, r7, #1\n\t"
-        "ORR	r8, r8, r5, lsl #31\n\t"
-        "ORR	r9, r9, r6, lsl #31\n\t"
-        "ORR	r10, r10, r7, lsl #31\n\t"
-        "ORR	r11, r11, r3, lsl #31\n\t"
-        "MOV	r3, r4\n\t"
-        "STRD	r8, r9, [%[r], #16]\n\t"
-        "STRD	r10, r11, [%[r], #24]\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LSR	r8, r4, #1\n\t"
-        "LSR	r9, r5, #1\n\t"
-        "LSR	r10, r6, #1\n\t"
-        "LSR	r11, r7, #1\n\t"
-        "ORR	r8, r8, r5, lsl #31\n\t"
-        "ORR	r9, r9, r6, lsl #31\n\t"
-        "ORR	r10, r10, r7, lsl #31\n\t"
-        "ORR	r11, r11, r3, lsl #31\n\t"
-        "STM	%[r], {r8, r9, r10, r11}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_256_num_bits_8(const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r1, [%[a], #28]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_7_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_7\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_7_%=\n\t"
-#endif
-        "MOV	r2, #0x100\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_7:\n\t"
-#else
-    "L_sp_256_num_bits_8_7_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #24]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_6_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_6\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_6_%=\n\t"
-#endif
-        "MOV	r2, #0xe0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_6:\n\t"
-#else
-    "L_sp_256_num_bits_8_6_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #20]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_5_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_5\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_5_%=\n\t"
-#endif
-        "MOV	r2, #0xc0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_5:\n\t"
-#else
-    "L_sp_256_num_bits_8_5_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #16]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_4_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_4\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_4_%=\n\t"
-#endif
-        "MOV	r2, #0xa0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_4:\n\t"
-#else
-    "L_sp_256_num_bits_8_4_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #12]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_3_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_3\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_3_%=\n\t"
-#endif
-        "MOV	r2, #0x80\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_3:\n\t"
-#else
-    "L_sp_256_num_bits_8_3_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #8]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_2_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_2\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_2_%=\n\t"
-#endif
-        "MOV	r2, #0x60\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_2:\n\t"
-#else
-    "L_sp_256_num_bits_8_2_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #4]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_256_num_bits_8_1_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_256_num_bits_8_1\n\t"
-#else
-        "BEQ.N	L_sp_256_num_bits_8_1_%=\n\t"
-#endif
-        "MOV	r2, #0x40\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_256_num_bits_8_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_256_num_bits_8_9\n\t"
-#else
-        "B.N	L_sp_256_num_bits_8_9_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_1:\n\t"
-#else
-    "L_sp_256_num_bits_8_1_%=:\n\t"
-#endif
-        "LDR	r1, [%[a]]\n\t"
-        "MOV	r2, #0x20\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_256_num_bits_8_9:\n\t"
-#else
-    "L_sp_256_num_bits_8_9_%=:\n\t"
-#endif
-        "MOV	%[a], r4\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[8];
-    sp_digit v[8];
-    sp_digit b[8];
-    sp_digit d[8];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_256_num_bits_8(u);
-    vt = sp_256_num_bits_8(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_256_rshift1_8(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_256_rshift1_8(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_256_rshift1_8(v, v);
-            sp_256_div2_mod_8(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
-            sp_256_sub_8(u, u, v);
-            o = sp_256_sub_8(b, b, d);
-            if (o != 0)
-                sp_256_add_8(b, b, m);
-            ut = sp_256_num_bits_8(u);
-
-            do {
-                sp_256_rshift1_8(u, u);
-                sp_256_div2_mod_8(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_256_sub_8(v, v, u);
-            o = sp_256_sub_8(d, d, b);
-            if (o != 0)
-                sp_256_add_8(d, d, m);
-            vt = sp_256_num_bits_8(v);
-
-            do {
-                sp_256_rshift1_8(v, v);
-                sp_256_div2_mod_8(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-
-        sp_256_proj_point_add_8(p1, p1, p2, tmp);
-    if (sp_256_iszero_8(p1->z)) {
-        if (sp_256_iszero_8(p1->x) && sp_256_iszero_8(p1->y)) {
-                sp_256_proj_point_dbl_8(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_8(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_256_mod_inv_8(s, s, p256_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_256_mul_8(s, s, p256_norm_order);
-        err = sp_256_mod_8(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_8(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_256_mont_inv_order_8(s, s, tmp);
-            sp_256_mont_mul_order_8(u1, u1, s);
-            sp_256_mont_mul_order_8(u2, u2, s);
-        }
-#else
-        {
-            sp_256_mont_mul_order_8(u1, u1, s);
-            sp_256_mont_mul_order_8(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_256_ecc_mulmod_base_8(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_8(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_8(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_8(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_8(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 8);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 8;
-        s   = u1 + 4 * 8;
-        tmp = u1 + 6 * 8;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 8, hash, (int)hashLen);
-        sp_256_from_mp(u2, 8, rm);
-        sp_256_from_mp(s, 8, sm);
-        sp_256_from_mp(p2->x, 8, pX);
-        sp_256_from_mp(p2->y, 8, pY);
-        sp_256_from_mp(p2->z, 8, pZ);
-
-        err = sp_256_calc_vfy_point_8(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 8, rm);
-        err = sp_256_mod_mul_norm_8(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_256_mont_sqr_8(p1->z, p1->z, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_8(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_8(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 8, rm);
-            carry = sp_256_add_8(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_8(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_8(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_8(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_256_mont_mul_8(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_8(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_8_ctx mulmod_ctx;
-        sp_256_mont_inv_order_8_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_8_ctx dbl_ctx;
-        sp_256_proj_point_add_8_ctx add_ctx;
-    };
-    sp_digit u1[2*8];
-    sp_digit u2[2*8];
-    sp_digit s[2*8];
-    sp_digit tmp[2*8 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 8, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 8, rm);
-        sp_256_from_mp(ctx->s, 8, sm);
-        sp_256_from_mp(ctx->p2.x, 8, pX);
-        sp_256_from_mp(ctx->p2.y, 8, pY);
-        sp_256_from_mp(ctx->p2.z, 8, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_8(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_8(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_8(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_8_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_8(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_8(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_8(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_8_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_8(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_8_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 8, rm);
-        err = sp_256_mod_mul_norm_8(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_8(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_8(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_8(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 8, rm);
-            carry = sp_256_add_8(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_8(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_8(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_8(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_8(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_8(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_8(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 8 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 8 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 8;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_8(t1, point->y);
-        (void)sp_256_mod_8(t1, t1, p256_mod);
-        sp_256_sqr_8(t2, point->x);
-        (void)sp_256_mod_8(t2, t2, p256_mod);
-        sp_256_mul_8(t2, t2, point->x);
-        (void)sp_256_mod_8(t2, t2, p256_mod);
-        sp_256_mont_sub_8(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_8(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_8(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 8, pX);
-        sp_256_from_mp(pub->y, 8, pY);
-        sp_256_from_bin(pub->z, 8, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_8(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 8);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 8, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 8, pX);
-        sp_256_from_mp(pub->y, 8, pY);
-        sp_256_from_bin(pub->z, 8, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 8, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_8(pub->x) != 0) &&
-            (sp_256_iszero_8(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_8(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_8(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_8(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_256_ecc_mulmod_8(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_8(p->x) == 0) ||
-                             (sp_256_iszero_8(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_8(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_8(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        sp_256_from_mp(q->x, 8, qX);
-        sp_256_from_mp(q->y, 8, qY);
-        sp_256_from_mp(q->z, 8, qZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-        q->infinity = sp_256_iszero_8(q->x) &
-                      sp_256_iszero_8(q->y);
-
-            sp_256_proj_point_add_8(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-
-            sp_256_proj_point_dbl_8(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 8 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 8 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 8, pX);
-        sp_256_from_mp(p->y, 8, pY);
-        sp_256_from_mp(p->z, 8, pZ);
-        p->infinity = sp_256_iszero_8(p->x) &
-                      sp_256_iszero_8(p->y);
-
-            sp_256_map_8(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_8(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 8);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 8;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_8(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_8(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_8(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_8(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_8(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_8(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_8(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_8(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_8(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_8(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 8);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 8;
-
-        sp_256_from_mp(x, 8, xm);
-        err = sp_256_mod_mul_norm_8(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_8(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_8(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        sp_256_mont_sub_8(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_8(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_8(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_8(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 8, 0, 8U * sizeof(sp_digit));
-        sp_256_mont_reduce_8(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_8(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 12];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 12];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 12];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[12] = {
-    0xffffffff,0x00000000,0x00000000,0xffffffff,0xfffffffe,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[12] = {
-    0x00000001,0xffffffff,0xffffffff,0x00000000,0x00000001,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[12] = {
-    0xccc52973,0xecec196a,0x48b0a77a,0x581a0db2,0xf4372ddf,0xc7634d81,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[12] = {
-    0xccc52971,0xecec196a,0x48b0a77a,0x581a0db2,0xf4372ddf,0xc7634d81,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[12] = {
-    0x333ad68d,0x1313e695,0xb74f5885,0xa7e5f24d,0x0bc8d220,0x389cb27e,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0xe88fdc45;
-#endif
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x72760ab7,0x3a545e38,0xbf55296c,0x5502f25d,0x82542a38,0x59f741e0,
-        0x8ba79b98,0x6e1d3b62,0xf320ad74,0x8eb1c71e,0xbe8b0537,0xaa87ca22,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x90ea0e5f,0x7a431d7c,0x1d7e819d,0x0a60b1ce,0xb5f0b8c0,0xe9da3113,
-        0x289a147c,0xf8f41dbd,0x9292dc29,0x5d9e98bf,0x96262c6f,0x3617de4a,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[12] = {
-    0xd3ec2aef,0x2a85c8ed,0x8a2ed19d,0xc656398d,0x5013875a,0x0314088f,
-    0xfe814112,0x181d9c6e,0xe3f82d19,0x988e056b,0xe23ee7e4,0xb3312fa7
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x60\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mul_12_outer:\n\t"
-#else
-    "L_sp_384_mul_12_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x2c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mul_12_inner:\n\t"
-#else
-    "L_sp_384_mul_12_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_384_mul_12_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_384_mul_12_inner_done\n\t"
-#else
-        "BGT.N	L_sp_384_mul_12_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_384_mul_12_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_384_mul_12_inner\n\t"
-#else
-        "BLT.N	L_sp_384_mul_12_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mul_12_inner_done:\n\t"
-#else
-    "L_sp_384_mul_12_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x54\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_384_mul_12_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_384_mul_12_outer\n\t"
-#else
-        "BLE.N	L_sp_384_mul_12_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #44]\n\t"
-        "LDR	r11, [%[b], #44]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mul_12_store:\n\t"
-#else
-    "L_sp_384_mul_12_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_384_mul_12_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_384_mul_12_store\n\t"
-#else
-        "BGT.N	L_sp_384_mul_12_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x30\n\t"
-        /* A[0] * B[0] */
-        "LDR	r11, [%[a]]\n\t"
-        "LDR	r12, [%[b]]\n\t"
-        "UMULL	r3, r4, r11, r12\n\t"
-        "MOV	r5, #0x0\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[0] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[1] */
-        "LDR	r11, [%[a], #4]\n\t"
-        "LDR	r12, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[2] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[2] */
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[1] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[0] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[1] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[2] */
-        "LDR	r11, [%[a], #8]\n\t"
-        "LDR	r12, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[3] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[4] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[4] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[2] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[1] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[0] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[1] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[2] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[3] */
-        "LDR	r11, [%[a], #12]\n\t"
-        "LDR	r12, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[4] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[5] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[0] * B[6] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[6] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[5] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[4] */
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[3] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[2] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[1] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[0] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[1] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[2] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[3] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[4] */
-        "LDR	r11, [%[a], #16]\n\t"
-        "LDR	r12, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[5] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[6] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[7] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[8] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[8] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[7] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[6] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[4] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[3] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[2] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[1] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[0] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[1] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[2] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[3] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[4] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[5] */
-        "LDR	r11, [%[a], #20]\n\t"
-        "LDR	r12, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[6] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[7] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[8] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[9] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[10] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[10] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[9] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[8] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[7] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[6] */
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[5] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[4] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[3] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[2] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[1] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[0] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #44]\n\t"
-        /* A[11] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[2] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[3] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[4] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[5] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[6] */
-        "LDR	r11, [%[a], #24]\n\t"
-        "LDR	r12, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[7] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[8] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[9] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[10] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[11] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #48]\n\t"
-        /* A[2] * B[11] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[10] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[9] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[8] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[6] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[5] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[4] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[3] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[2] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #52]\n\t"
-        /* A[11] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[4] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[5] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[6] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[7] */
-        "LDR	r11, [%[a], #28]\n\t"
-        "LDR	r12, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[8] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[9] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[10] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[11] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #56]\n\t"
-        /* A[4] * B[11] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[10] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[9] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[8] */
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[7] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[6] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[5] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[4] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #60]\n\t"
-        /* A[11] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[6] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[7] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[8] */
-        "LDR	r11, [%[a], #32]\n\t"
-        "LDR	r12, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[9] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[10] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[11] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #64]\n\t"
-        /* A[6] * B[11] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[10] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[8] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[7] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[6] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #68]\n\t"
-        /* A[11] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[8] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[9] */
-        "LDR	r11, [%[a], #36]\n\t"
-        "LDR	r12, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[10] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[11] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #72]\n\t"
-        /* A[8] * B[11] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[10] */
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[9] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[8] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #76]\n\t"
-        /* A[11] * B[9] */
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[10] */
-        "LDR	r11, [%[a], #40]\n\t"
-        "LDR	r12, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[11] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #80]\n\t"
-        /* A[10] * B[11] */
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[10] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #84]\n\t"
-        /* A[11] * B[11] */
-        "UMLAL	r4, r5, r8, r9\n\t"
-        "STR	r4, [%[r], #88]\n\t"
-        "STR	r5, [%[r], #92]\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x60\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_sqr_12_outer:\n\t"
-#else
-    "L_sp_384_sqr_12_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x2c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_sqr_12_inner:\n\t"
-#else
-    "L_sp_384_sqr_12_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_384_sqr_12_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_384_sqr_12_inner_done\n\t"
-#else
-        "BGT.N	L_sp_384_sqr_12_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_384_sqr_12_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_384_sqr_12_inner\n\t"
-#else
-        "BLT.N	L_sp_384_sqr_12_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_sqr_12_inner_done:\n\t"
-#else
-    "L_sp_384_sqr_12_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x54\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_384_sqr_12_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_384_sqr_12_outer\n\t"
-#else
-        "BLE.N	L_sp_384_sqr_12_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #44]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_sqr_12_store:\n\t"
-#else
-    "L_sp_384_sqr_12_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_384_sqr_12_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_384_sqr_12_store\n\t"
-#else
-        "BGT.N	L_sp_384_sqr_12_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x30\n\t"
-        /* A[0] * A[0] */
-        "LDR	r10, [%[a]]\n\t"
-        "UMULL	r8, r3, r10, r10\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[1] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[2] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #44]\n\t"
-        /* A[1] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[2] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #48]\n\t"
-        /* A[2] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[3] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #52]\n\t"
-        /* A[3] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[4] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #56]\n\t"
-        /* A[4] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[5] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #60]\n\t"
-        /* A[5] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[6] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #64]\n\t"
-        /* A[6] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[7] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        /* A[7] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [%[r], #72]\n\t"
-        /* A[8] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[9] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [%[r], #76]\n\t"
-        /* A[9] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        /* A[10] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [%[r], #84]\n\t"
-        /* A[11] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "UMLAL	r3, r4, r10, r10\n\t"
-        "STR	r3, [%[r], #88]\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x30\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_add_12_word:\n\t"
-#else
-    "L_sp_384_add_12_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_384_add_12_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_384_add_12_word\n\t"
-#else
-        "BNE.N	L_sp_384_add_12_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 12);
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + (int64_t)a[0] + (int64_t)a[8] + (int64_t)a[9] - (int64_t)a[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - (int64_t)a[0] + (int64_t)a[1] - (int64_t)a[8] + (int64_t)a[10] + (int64_t)a[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - (int64_t)a[1] + (int64_t)a[2] - (int64_t)a[9] + (int64_t)a[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + (int64_t)a[0] - (int64_t)a[2] + (int64_t)a[3] + (int64_t)a[8] + (int64_t)a[9] - (int64_t)a[10] - (int64_t)a[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + (int64_t)a[0] + (int64_t)a[1] - (int64_t)a[3] + (int64_t)a[4] + (int64_t)a[8] + 2 * (int64_t)a[9] + (int64_t)a[10] -  2 * (int64_t)a[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + (int64_t)a[1] + (int64_t)a[2] - (int64_t)a[4] + (int64_t)a[5] + (int64_t)a[9] + 2 * (int64_t)a[10] + (int64_t)a[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + (int64_t)a[2] + (int64_t)a[3] - (int64_t)a[5] + (int64_t)a[6] + (int64_t)a[10] + 2 * (int64_t)a[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + (int64_t)a[3] + (int64_t)a[4] - (int64_t)a[6] + (int64_t)a[7] + (int64_t)a[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + (int64_t)a[4] + (int64_t)a[5] - (int64_t)a[7] + (int64_t)a[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + (int64_t)a[5] + (int64_t)a[6] - (int64_t)a[8] + (int64_t)a[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + (int64_t)a[6] + (int64_t)a[7] - (int64_t)a[9] + (int64_t)a[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + (int64_t)a[7] + (int64_t)a[8] - (int64_t)a[10] + (int64_t)a[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = (sp_digit)t[0];
-        r[1] = (sp_digit)t[1];
-        r[2] = (sp_digit)t[2];
-        r[3] = (sp_digit)t[3];
-        r[4] = (sp_digit)t[4];
-        r[5] = (sp_digit)t[5];
-        r[6] = (sp_digit)t[6];
-        r[7] = (sp_digit)t[7];
-        r[8] = (sp_digit)t[8];
-        r[9] = (sp_digit)t[9];
-        r[10] = (sp_digit)t[10];
-        r[11] = (sp_digit)t[11];
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_12(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 12, pm->x);
-    sp_384_from_mp(p->y, 12, pm->y);
-    sp_384_from_mp(p->z, 12, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 12);
-        r->used = 12;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 12; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 12; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_cond_sub_12_words:\n\t"
-#else
-    "L_sp_384_cond_sub_12_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x30\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_384_cond_sub_12_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_384_cond_sub_12_words\n\t"
-#else
-        "BLT.N	L_sp_384_cond_sub_12_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#define sp_384_mont_reduce_order_12   sp_384_mont_reduce_12
-
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_reduce_12(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mont_reduce_12_word:\n\t"
-#else
-    "L_sp_384_mont_reduce_12_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x30\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_384_mont_reduce_12_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_384_mont_reduce_12_word\n\t"
-#else
-        "BLT.W	L_sp_384_mont_reduce_12_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 384 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_reduce_12(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mont_reduce_12_word:\n\t"
-#else
-    "L_sp_384_mont_reduce_12_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #48]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #48]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x30\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_384_mont_reduce_12_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_384_mont_reduce_12_word\n\t"
-#else
-        "BLT.W	L_sp_384_mont_reduce_12_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_12(r, a, b);
-    sp_384_mont_reduce_12(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_12(r, a);
-    sp_384_mont_reduce_12(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_12(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_12(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word32 p384_mod_minus_2[12] = {
-    0xfffffffdU,0x00000000U,0x00000000U,0xffffffffU,0xfffffffeU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 12);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_12(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_384_mont_mul_12(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 12);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 12;
-    sp_digit* t3 = td + 4 * 12;
-    sp_digit* t4 = td + 6 * 12;
-    sp_digit* t5 = td + 8 * 12;
-
-    /* 0x2 */
-    sp_384_mont_sqr_12(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_12(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_12(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_12(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_12(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_12(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_12(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_12(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_12(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_12(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_12(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_12(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_12(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_12(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_12(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_12(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_12(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_384_cmp_12(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x2c\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_cmp_12_words:\n\t"
-#else
-    "L_sp_384_cmp_12_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_384_cmp_12_words\n\t"
-#else
-        "bcs	L_sp_384_cmp_12_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_384_norm_12(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_int32 n;
-
-    sp_384_mont_inv_12(t1, p->z, t + 2*12);
-
-    sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_12(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 12, 0, sizeof(sp_digit) * 12U);
-    sp_384_mont_reduce_12(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_12(r->x, p384_mod);
-    sp_384_cond_sub_12(r->x, r->x, p384_mod, (sp_digit)~(n >> 31));
-    sp_384_norm_12(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_12(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 12, 0, sizeof(sp_digit) * 12U);
-    sp_384_mont_reduce_12(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_12(r->y, p384_mod);
-    sp_384_cond_sub_12(r->y, r->y, p384_mod, (sp_digit)~(n >> 31));
-    sp_384_norm_12(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADDS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "RSB	r3, r3, #0x0\n\t"
-        "LSR	r12, r3, #1\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "SUBS	r8, r8, r3\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, #0x0\n\t"
-        "SBCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "SBCS	r8, r8, r12, LSL #1\n\t"
-        "SBCS	r9, r9, r3\n\t"
-        "SBCS	r10, r10, r3\n\t"
-        "SBCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "SBCS	r8, r8, r3\n\t"
-        "SBCS	r9, r9, r3\n\t"
-        "SBCS	r10, r10, r3\n\t"
-        "SBCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "SBC	%[b], %[b], %[b]\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "SUB	r3, r3, %[b]\n\t"
-        "LSR	r12, r3, #1\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "SUBS	r8, r8, r3\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, #0x0\n\t"
-        "SBCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "SBCS	r8, r8, r12, LSL #1\n\t"
-        "SBCS	r9, r9, r3\n\t"
-        "SBCS	r10, r10, r3\n\t"
-        "SBCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "SBCS	r8, r8, r3\n\t"
-        "SBCS	r9, r9, r3\n\t"
-        "SBCS	r10, r10, r3\n\t"
-        "SBC	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "RSB	r2, r2, #0x0\n\t"
-        "LSR	r3, r2, #1\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r3, LSL #1\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBCS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r2\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBC	%[a], %[a], %[a]\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "SUB	r2, r2, %[a]\n\t"
-        "LSR	r3, r2, #1\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r3, LSL #1\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBCS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r2\n\t"
-        "SBC	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r3"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "RSB	r2, r2, #0x0\n\t"
-        "LSR	r3, r2, #1\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r3, LSL #1\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBCS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r2\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "SUB	r2, r2, r12\n\t"
-        "LSR	r3, r2, #1\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r3, LSL #1\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBCS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r2\n\t"
-        "SBC	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "SUB	%[a], %[a], #0x30\n\t"
-        "MOV	r2, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADDS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "RSB	r2, r2, #0x0\n\t"
-        "LSR	r3, r2, #1\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r3, LSL #1\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBCS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r2\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "SUB	r2, r2, r12\n\t"
-        "LSR	r3, r2, #1\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SUBS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r3, LSL #1\n\t"
-        "SBCS	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9}\n\t"
-        "SBCS	r4, r4, r2\n\t"
-        "SBCS	r5, r5, r2\n\t"
-        "SBCS	r6, r6, r2\n\t"
-        "SBCS	r7, r7, r2\n\t"
-        "SBCS	r8, r8, r2\n\t"
-        "SBC	r9, r9, r2\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r11, #0x0\n\t"
-        "ADD	r12, %[a], #0x30\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_sub_12_word:\n\t"
-#else
-    "L_sp_384_sub_12_word_%=:\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	r11, r3, r3\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_384_sub_12_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_384_sub_12_word\n\t"
-#else
-        "BNE.N	L_sp_384_sub_12_word_%=\n\t"
-#endif
-        "MOV	%[r], r11\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_cond_add_12_words:\n\t"
-#else
-    "L_sp_384_cond_add_12_words_%=:\n\t"
-#endif
-        "ADDS	r5, r5, #0xffffffff\n\t"
-        "LDR	r6, [%[a], r4]\n\t"
-        "LDR	r7, [%[b], r4]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "ADCS	r6, r6, r7\n\t"
-        "ADC	r5, r8, r8\n\t"
-        "STR	r6, [%[r], r4]\n\t"
-        "ADD	r4, r4, #0x4\n\t"
-        "CMP	r4, #0x30\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_384_cond_add_12_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_384_cond_add_12_words\n\t"
-#else
-        "BLT.N	L_sp_384_cond_add_12_words_%=\n\t"
-#endif
-        "MOV	%[r], r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_cond_add_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADDS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "ADC	%[r], r10, r10\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SUBS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "SBC	r3, r3, #0x0\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "LSR	r12, r3, #1\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADDS	r8, r8, r3\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r12, LSL #1\n\t"
-        "ADCS	r9, r9, r3\n\t"
-        "ADCS	r10, r10, r3\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r3\n\t"
-        "ADCS	r9, r9, r3\n\t"
-        "ADCS	r10, r10, r3\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "SUB	%[r], %[r], #0x30\n\t"
-        "LSR	r12, r3, #1\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADDS	r8, r8, r3\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r12, LSL #1\n\t"
-        "ADCS	r9, r9, r3\n\t"
-        "ADCS	r10, r10, r3\n\t"
-        "ADCS	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r3\n\t"
-        "ADCS	r9, r9, r3\n\t"
-        "ADCS	r10, r10, r3\n\t"
-        "ADC	r11, r11, r3\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#else
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_rshift1_12(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3}\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "STR	r2, [%[r]]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #12]\n\t"
-        "STR	r3, [%[r], #4]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #16]\n\t"
-        "STR	r4, [%[r], #8]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "STR	r2, [%[r], #12]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #24]\n\t"
-        "STR	r3, [%[r], #16]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #28]\n\t"
-        "STR	r4, [%[r], #20]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "STR	r2, [%[r], #24]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #36]\n\t"
-        "STR	r3, [%[r], #28]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #40]\n\t"
-        "STR	r4, [%[r], #32]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "STR	r2, [%[r], #36]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "STR	r3, [%[r], #40]\n\t"
-        "STR	r4, [%[r], #44]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_384_cond_add_12(r, a, m, 0 - (a[0] & 1));
-    sp_384_rshift1_12(r, r);
-    r[11] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_12(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_12(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_12(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_12(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_12(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_12(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_12(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_12(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_12(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_12(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_12(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_12(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_12(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_12(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_12(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_12_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_12_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*12;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_12(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_12(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_12(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_12(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_12(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_12(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_12(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_12(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_12(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_12(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_12(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_12(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_12(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_12(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_12(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_12(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*12;
-    sp_digit* t2 = t + 4*12;
-    sp_digit* t3 = t + 6*12;
-    sp_digit* t4 = t + 8*12;
-    sp_digit* t5 = t + 10*12;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_12(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_12(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_12(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_12(t2, t1) &
-            sp_384_cmp_equal_12(t4, t3)) {
-        sp_384_proj_point_dbl_12(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_12(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(x, x, t5, p384_mod);
-        sp_384_mont_mul_12(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_12(t3, y, p384_mod);
-        sp_384_mont_sub_12(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_12_ctx {
-    int state;
-    sp_384_proj_point_dbl_12_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_12_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_12_ctx* ctx = (sp_384_proj_point_add_12_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*12;
-        ctx->t2 = t + 4*12;
-        ctx->t3 = t + 6*12;
-        ctx->t4 = t + 8*12;
-        ctx->t5 = t + 10*12;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_12(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_12(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_12(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_12(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_12(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_12(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_12(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_12(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_12(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_12(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_12(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_12(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_12(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_12(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_12(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_12(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_12(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_12(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_12(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_12(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_12(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_12(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_12(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 384 doubles.
- * 108 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    sp_point_384* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_384, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_384, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_384_mod_mul_norm_12(t[1].x, g->x, p384_mod);
-        (void)sp_384_mod_mul_norm_12(t[1].y, g->y, p384_mod);
-        (void)sp_384_mod_mul_norm_12(t[1].z, g->z, p384_mod);
-        t[1].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_384_proj_point_add_12(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_384_proj_point_add_12(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_384_proj_point_add_12(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_384_proj_point_dbl_12(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_384_proj_point_add_12(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 10;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_16_12(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_384));
-        }
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-            sp_384_proj_point_dbl_12(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_16_12(p, t, y);
-                p->infinity = !y;
-                sp_384_proj_point_add_12(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_384_proj_point_add_12(rt, rt, &t[y], tmp);
-            }
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 12 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_384, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_384, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*12;
-    sp_digit* b = t + 4*12;
-    sp_digit* t1 = t + 6*12;
-    sp_digit* t2 = t + 8*12;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_12(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_12(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_12(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_12(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_12(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_12(t2, b, p384_mod);
-        sp_384_mont_sub_12(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_12(t2, b, x, p384_mod);
-        sp_384_mont_dbl_12(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_12(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_12(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_12(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_12(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_12(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_12(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_12(t2, b, p384_mod);
-    sp_384_mont_sub_12(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_12(t2, b, x, p384_mod);
-    sp_384_mont_dbl_12(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_12(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_12(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_12(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_12(y, y, p384_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_12(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 12;
-    sp_digit* tmp = t + 4 * 12;
-
-    sp_384_mont_inv_12(t1, a->z, tmp);
-
-    sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_12(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[12];
-    sp_digit y[12];
-} sp_table_entry_384;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*12;
-    sp_digit* t6 = t + 4*12;
-    sp_digit* t1 = t + 6*12;
-    sp_digit* t4 = t + 8*12;
-    sp_digit* t5 = t + 10*12;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_12(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_12(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_12(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_12(p->x, t2) &
-            sp_384_cmp_equal_12(p->y, t4)) {
-        sp_384_proj_point_dbl_12(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_12(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_12(t5, t3, p384_mod);
-        sp_384_mont_sub_12(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_12(t3, t3, x, p384_mod);
-        sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 12; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 12; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 96 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_12(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_12(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_12(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_384_proj_point_dbl_n_12(t, 96, tmp);
-            sp_384_proj_to_affine_12(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_12(t, s1, s2, tmp);
-                sp_384_proj_to_affine_12(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_16_12(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^96, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 12 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 95;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 96;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_16_12(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=94; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 96;
-            }
-
-            sp_384_proj_point_dbl_12(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_16_12(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_12(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[12];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[12];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_12(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_12(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_12(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_12(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 48 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_12(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_12(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_12(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_12(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_384_proj_point_dbl_n_12(t, 48, tmp);
-            sp_384_proj_to_affine_12(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_12(t, s1, s2, tmp);
-                sp_384_proj_to_affine_12(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_384_get_entry_256_12(sp_point_384* r,
-    const sp_table_entry_384* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_12(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 12 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 12 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 47;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 48;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_256_12(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=46; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 48;
-            }
-
-            sp_384_proj_point_dbl_12(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_256_12(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_12(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_12(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[12];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[12];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_12(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_12(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_12(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_12(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(point, gm);
-
-            err = sp_384_ecc_mulmod_12(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 12 + 12 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12 + 12 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 12;
-
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(point, gm);
-        sp_384_point_from_ecc_point_12(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_12(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_12(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 96 between points.
- */
-static const sp_table_entry_384 p384_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x49c0b528,0x3dd07566,0xa0d6ce38,0x20e378e2,0x541b4d6e,0x879c3afc,
-        0x59a30eff,0x64548684,0x614ede2b,0x812ff723,0x299e1513,0x4d3aadc2 },
-      { 0x4b03a4fe,0x23043dad,0x7bb4a9ac,0xa1bfa8bf,0x2e83b050,0x8bade756,
-        0x68f4ffd9,0xc6c35219,0x3969a840,0xdd800226,0x5a15c5e9,0x2b78abc2 } },
-    /* 2 */
-    { { 0xf26feef9,0x24480c57,0x3a0e1240,0xc31a2694,0x273e2bc7,0x735002c3,
-        0x3ef1ed4c,0x8c42e9c5,0x7f4948e8,0x028babf6,0x8a978632,0x6a502f43 },
-      { 0xb74536fe,0xf5f13a46,0xd8a9f0eb,0x1d218bab,0x37232768,0x30f36bcc,
-        0x576e8c18,0xc5317b31,0x9bbcb766,0xef1d57a6,0xb3e3d4dc,0x917c4930 } },
-    /* 3 */
-    { { 0xe349ddd0,0x11426e2e,0x9b2fc250,0x9f117ef9,0xec0174a6,0xff36b480,
-        0x18458466,0x4f4bde76,0x05806049,0x2f2edb6d,0x19dfca92,0x8adc75d1 },
-      { 0xb7d5a7ce,0xa619d097,0xa34411e9,0x874275e5,0x0da4b4ef,0x5403e047,
-        0x77901d8f,0x2ebaafd9,0xa747170f,0x5e63ebce,0x7f9d8036,0x12a36944 } },
-    /* 4 */
-    { { 0x2f9fbe67,0x378205de,0x7f728e44,0xc4afcb83,0x682e00f1,0xdbcec06c,
-        0x114d5423,0xf2a145c3,0x7a52463e,0xa01d9874,0x7d717b0a,0xfc0935b1 },
-      { 0xd4d01f95,0x9653bc4f,0x9560ad34,0x9aa83ea8,0xaf8e3f3f,0xf77943dc,
-        0xe86fe16e,0x70774a10,0xbf9ffdcf,0x6b62e6f1,0x588745c9,0x8a72f39e } },
-    /* 5 */
-    { { 0x2341c342,0x73ade4da,0xea704422,0xdd326e54,0x3741cef3,0x336c7d98,
-        0x59e61549,0x1eafa00d,0xbd9a3efd,0xcd3ed892,0xc5c6c7e4,0x03faf26c },
-      { 0x3045f8ac,0x087e2fcf,0x174f1e73,0x14a65532,0xfe0af9a7,0x2cf84f28,
-        0x2cdc935b,0xddfd7a84,0x6929c895,0x4c0f117b,0x4c8bcfcc,0x356572d6 } },
-    /* 6 */
-    { { 0x3f3b236f,0xfab08607,0x81e221da,0x19e9d41d,0x3927b428,0xf3f6571e,
-        0x7550f1f6,0x4348a933,0xa85e62f0,0x7167b996,0x7f5452bf,0x62d43759 },
-      { 0xf2955926,0xd85feb9e,0x6df78353,0x440a561f,0x9ca36b59,0x389668ec,
-        0xa22da016,0x052bf1a1,0xf6093254,0xbdfbff72,0xe22209f3,0x94e50f28 } },
-    /* 7 */
-    { { 0x3062e8af,0x90b2e5b3,0xe8a3d369,0xa8572375,0x201db7b1,0x3fe1b00b,
-        0xee651aa2,0xe926def0,0xb9b10ad7,0x6542c9be,0xa2fcbe74,0x098e309b },
-      { 0xfff1d63f,0x779deeb3,0x20bfd374,0x23d0e80a,0x8768f797,0x8452bb3b,
-        0x1f952856,0xcf75bb4d,0x29ea3faa,0x8fe6b400,0x81373a53,0x12bd3e40 } },
-    /* 8 */
-    { { 0x16973cf4,0x070d34e1,0x7e4f34f7,0x20aee08b,0x5eb8ad29,0x269af9b9,
-        0xa6a45dda,0xdde0a036,0x63df41e0,0xa18b528e,0xa260df2a,0x03cc71b2 },
-      { 0xa06b1dd7,0x24a6770a,0x9d2675d3,0x5bfa9c11,0x96844432,0x73c1e2a1,
-        0x131a6cf0,0x3660558d,0x2ee79454,0xb0289c83,0xc6d8ddcd,0xa6aefb01 } },
-    /* 9 */
-    { { 0x01ab5245,0xba1464b4,0xc48d93ff,0x9b8d0b6d,0x93ad272c,0x939867dc,
-        0xae9fdc77,0xbebe085e,0x894ea8bd,0x73ae5103,0x39ac22e1,0x740fc89a },
-      { 0x28e23b23,0x5e28b0a3,0xe13104d0,0x2352722e,0xb0a2640d,0xf4667a18,
-        0x49bb37c3,0xac74a72e,0xe81e183a,0x79f734f0,0x3fd9c0eb,0xbffe5b6c } },
-    /* 10 */
-    { { 0x00623f3b,0x03cf2922,0x5f29ebff,0x095c7111,0x80aa6823,0x42d72247,
-        0x7458c0b0,0x044c7ba1,0x0959ec20,0xca62f7ef,0xf8ca929f,0x40ae2ab7 },
-      { 0xa927b102,0xb8c5377a,0xdc031771,0x398a86a0,0xc216a406,0x04908f9d,
-        0x918d3300,0xb423a73a,0xe0b94739,0x634b0ff1,0x2d69f697,0xe29de725 } },
-    /* 11 */
-    { { 0x8435af04,0x744d1400,0xfec192da,0x5f255b1d,0x336dc542,0x1f17dc12,
-        0x636a68a8,0x5c90c2a7,0x7704ca1e,0x960c9eb7,0x6fb3d65a,0x9de8cf1e },
-      { 0x511d3d06,0xc60fee0d,0xf9eb52c7,0x466e2313,0x206b0914,0x743c0f5f,
-        0x2191aa4d,0x42f55bac,0xffebdbc2,0xcefc7c8f,0xe6e8ed1c,0xd4fa6081 } },
-    /* 12 */
-    { { 0x98683186,0x867db639,0xddcc4ea9,0xfb5cf424,0xd4f0e7bd,0xcc9a7ffe,
-        0x7a779f7e,0x7c57f71c,0xd6b25ef2,0x90774079,0xb4081680,0x90eae903 },
-      { 0x0ee1fceb,0xdf2aae5e,0xe86c1a1f,0x3ff1da24,0xca193edf,0x80f587d6,
-        0xdc9b9d6a,0xa5695523,0x85920303,0x7b840900,0xba6dbdef,0x1efa4dfc } },
-    /* 13 */
-    { { 0xe0540015,0xfbd838f9,0xc39077dc,0x2c323946,0xad619124,0x8b1fb9e6,
-        0x0ca62ea8,0x9612440c,0x2dbe00ff,0x9ad9b52c,0xae197643,0xf52abaa1 },
-      { 0x2cac32ad,0xd0e89894,0x62a98f91,0xdfb79e42,0x276f55cb,0x65452ecf,
-        0x7ad23e12,0xdb1ac0d2,0xde4986f0,0xf68c5f6a,0x82ce327d,0x389ac37b } },
-    /* 14 */
-    { { 0xb8a9e8c9,0xcd96866d,0x5bb8091e,0xa11963b8,0x045b3cd2,0xc7f90d53,
-        0x80f36504,0x755a72b5,0x21d3751c,0x46f8b399,0x53c193de,0x4bffdc91 },
-      { 0xb89554e7,0xcd15c049,0xf7a26be6,0x353c6754,0xbd41d970,0x79602370,
-        0x12b176c0,0xde16470b,0x40c8809d,0x56ba1175,0xe435fb1e,0xe2db35c3 } },
-    /* 15 */
-    { { 0x6328e33f,0xd71e4aab,0xaf8136d1,0x5486782b,0x86d57231,0x07a4995f,
-        0x1651a968,0xf1f0a5bd,0x76803b6d,0xa5dc5b24,0x42dda935,0x5c587cbc },
-      { 0xbae8b4c0,0x2b6cdb32,0xb1331138,0x66d1598b,0x5d7e9614,0x4a23b2d2,
-        0x74a8c05d,0x93e402a6,0xda7ce82e,0x45ac94e6,0xe463d465,0xeb9f8281 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^96, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_12(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 48 between points.
- */
-static const sp_table_entry_384 p384_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x49c0b528,0x3dd07566,0xa0d6ce38,0x20e378e2,0x541b4d6e,0x879c3afc,
-        0x59a30eff,0x64548684,0x614ede2b,0x812ff723,0x299e1513,0x4d3aadc2 },
-      { 0x4b03a4fe,0x23043dad,0x7bb4a9ac,0xa1bfa8bf,0x2e83b050,0x8bade756,
-        0x68f4ffd9,0xc6c35219,0x3969a840,0xdd800226,0x5a15c5e9,0x2b78abc2 } },
-    /* 2 */
-    { { 0x2b0c535b,0x29864753,0x70506296,0x90dd6953,0x216ab9ac,0x038cd6b4,
-        0xbe12d76a,0x3df9b7b7,0x5f347bdb,0x13f4d978,0x13e94489,0x222c5c9c },
-      { 0x2680dc64,0x5f8e796f,0x58352417,0x120e7cb7,0xd10740b8,0x254b5d8a,
-        0x5337dee6,0xc38b8efb,0x94f02247,0xf688c2e1,0x6c25bc4c,0x7b5c75f3 } },
-    /* 3 */
-    { { 0x9edffea5,0xe26a3cc3,0x37d7e9fc,0x35bbfd1c,0x9bde3ef6,0xf0e7700d,
-        0x1a538f5a,0x0380eb47,0x05bf9eb3,0x2e9da8bb,0x1a460c3e,0xdbb93c73 },
-      { 0xf526b605,0x37dba260,0xfd785537,0x95d4978e,0xed72a04a,0x24ed793a,
-        0x76005b1a,0x26948377,0x9e681f82,0x99f557b9,0xd64954ef,0xae5f9557 } },
-    /* 4 */
-    { { 0xf26feef9,0x24480c57,0x3a0e1240,0xc31a2694,0x273e2bc7,0x735002c3,
-        0x3ef1ed4c,0x8c42e9c5,0x7f4948e8,0x028babf6,0x8a978632,0x6a502f43 },
-      { 0xb74536fe,0xf5f13a46,0xd8a9f0eb,0x1d218bab,0x37232768,0x30f36bcc,
-        0x576e8c18,0xc5317b31,0x9bbcb766,0xef1d57a6,0xb3e3d4dc,0x917c4930 } },
-    /* 5 */
-    { { 0xe349ddd0,0x11426e2e,0x9b2fc250,0x9f117ef9,0xec0174a6,0xff36b480,
-        0x18458466,0x4f4bde76,0x05806049,0x2f2edb6d,0x19dfca92,0x8adc75d1 },
-      { 0xb7d5a7ce,0xa619d097,0xa34411e9,0x874275e5,0x0da4b4ef,0x5403e047,
-        0x77901d8f,0x2ebaafd9,0xa747170f,0x5e63ebce,0x7f9d8036,0x12a36944 } },
-    /* 6 */
-    { { 0x4fc52870,0x28f9c07a,0x1a53a961,0xce0b3748,0x0e1828d9,0xd550fa18,
-        0x6adb225a,0xa24abaf7,0x6e58a348,0xd11ed0a5,0x948acb62,0xf3d811e6 },
-      { 0x4c61ed22,0x8618dd77,0x80b47c9d,0x0bb747f9,0xde6b8559,0x22bf796f,
-        0x680a21e9,0xfdfd1c6d,0x2af2c9dd,0xc0db1577,0xc1e90f3d,0xa09379e6 } },
-    /* 7 */
-    { { 0xe085c629,0x386c66ef,0x095bc89a,0x5fc2a461,0x203f4b41,0x1353d631,
-        0x7e4bd8f5,0x7ca1972b,0xa7df8ce9,0xb077380a,0xee7e4ea3,0xd8a90389 },
-      { 0xe7b14461,0x1bc74dc7,0x0c9c4f78,0xdc2cb014,0x84ef0a10,0x52b4b3a6,
-        0x20327fe2,0xbde6ea5d,0x660f9615,0xb71ec435,0xb8ad8173,0xeede5a04 } },
-    /* 8 */
-    { { 0x893b9a2d,0x5584cbb3,0x00850c5d,0x820c660b,0x7df2d43d,0x4126d826,
-        0x0109e801,0xdd5bbbf0,0x38172f1c,0x85b92ee3,0xf31430d9,0x609d4f93 },
-      { 0xeadaf9d6,0x1e059a07,0x0f125fb0,0x70e6536c,0x560f20e7,0xd6220751,
-        0x7aaf3a9a,0xa59489ae,0x64bae14e,0x7b70e2f6,0x76d08249,0x0dd03701 } },
-    /* 9 */
-    { { 0x8510521f,0x4cc13be8,0xf724cc17,0x87315ba9,0x353dc263,0xb49d83bb,
-        0x0c279257,0x8b677efe,0xc93c9537,0x510a1c1c,0xa4702c99,0x33e30cd8 },
-      { 0x2208353f,0xf0ffc89d,0xced42b2b,0x0170fa8d,0x26e2a5f5,0x090851ed,
-        0xecb52c96,0x81276455,0x7fe1adf4,0x0646c4e1,0xb0868eab,0x513f047e } },
-    /* 10 */
-    { { 0xdf5bdf53,0xc07611f4,0x58b11a6d,0x45d331a7,0x1c4ee394,0x58965daf,
-        0x5a5878d1,0xba8bebe7,0x82dd3025,0xaecc0a18,0xa923eb8b,0xcf2a3899 },
-      { 0xd24fd048,0xf98c9281,0x8bbb025d,0x841bfb59,0xc9ab9d53,0xb8ddf8ce,
-        0x7fef044e,0x538a4cb6,0x23236662,0x092ac21f,0x0b66f065,0xa919d385 } },
-    /* 11 */
-    { { 0x85d480d8,0x3db03b40,0x1b287a7d,0x8cd9f479,0x4a8f3bae,0x8f24dc75,
-        0x3db41892,0x482eb800,0x9c56e0f5,0x38bf9eb3,0x9a91dc6f,0x8b977320 },
-      { 0x7209cfc2,0xa31b05b2,0x05b2db70,0x4c49bf85,0xd619527b,0x56462498,
-        0x1fac51ba,0x3fe51039,0xab4b8342,0xfb04f55e,0x04c6eabf,0xc07c10dc } },
-    /* 12 */
-    { { 0xdb32f048,0xad22fe4c,0x475ed6df,0x5f23bf91,0xaa66b6cb,0xa50ce0c0,
-        0xf03405c0,0xdf627a89,0xf95e2d6a,0x3674837d,0xba42e64e,0x081c95b6 },
-      { 0xe71d6ceb,0xeba3e036,0x6c6b0271,0xb45bcccf,0x0684701d,0x67b47e63,
-        0xe712523f,0x60f8f942,0x5cd47adc,0x82423472,0x87649cbb,0x83027d79 } },
-    /* 13 */
-    { { 0x3615b0b8,0xb3929ea6,0xa54dac41,0xb41441fd,0xb5b6a368,0x8995d556,
-        0x167ef05e,0xa80d4529,0x6d25a27f,0xf6bcb4a1,0x7bd55b68,0x210d6a4c },
-      { 0x25351130,0xf3804abb,0x903e37eb,0x1d2df699,0x084c25c8,0x5f201efc,
-        0xa1c68e91,0x31a28c87,0x563f62a5,0x81dad253,0xd6c415d4,0x5dd6de70 } },
-    /* 14 */
-    { { 0x846612ce,0x29f470fd,0xda18d997,0x986f3eec,0x2f34af86,0x6b84c161,
-        0x46ddaf8b,0x5ef0a408,0xe49e795f,0x14405a00,0xaa2f7a37,0x5f491b16 },
-      { 0xdb41b38d,0xc7f07ae4,0x18fbfcaa,0xef7d119e,0x14443b19,0x3a18e076,
-        0x79a19926,0x4356841a,0xe2226fbe,0x91f4a91c,0x3cc88721,0xdc77248c } },
-    /* 15 */
-    { { 0xe4b1ec9d,0xd570ff1a,0xe7eef706,0x21d23e0e,0xca19e086,0x3cde40f4,
-        0xcd4bb270,0x7d6523c4,0xbf13aa6c,0x16c1f06c,0xd14c4b60,0x5aa7245a },
-      { 0x44b74de8,0x37f81467,0x620a934e,0x839e7a17,0xde8b1aa1,0xf74d14e8,
-        0xf30d75e2,0x8789fa51,0xc81c261e,0x09b24052,0x33c565ee,0x654e2678 } },
-    /* 16 */
-    { { 0x2f9fbe67,0x378205de,0x7f728e44,0xc4afcb83,0x682e00f1,0xdbcec06c,
-        0x114d5423,0xf2a145c3,0x7a52463e,0xa01d9874,0x7d717b0a,0xfc0935b1 },
-      { 0xd4d01f95,0x9653bc4f,0x9560ad34,0x9aa83ea8,0xaf8e3f3f,0xf77943dc,
-        0xe86fe16e,0x70774a10,0xbf9ffdcf,0x6b62e6f1,0x588745c9,0x8a72f39e } },
-    /* 17 */
-    { { 0x2341c342,0x73ade4da,0xea704422,0xdd326e54,0x3741cef3,0x336c7d98,
-        0x59e61549,0x1eafa00d,0xbd9a3efd,0xcd3ed892,0xc5c6c7e4,0x03faf26c },
-      { 0x3045f8ac,0x087e2fcf,0x174f1e73,0x14a65532,0xfe0af9a7,0x2cf84f28,
-        0x2cdc935b,0xddfd7a84,0x6929c895,0x4c0f117b,0x4c8bcfcc,0x356572d6 } },
-    /* 18 */
-    { { 0x7d8c1bba,0x7ecbac01,0x90b0f3d5,0x6058f9c3,0xf6197d0f,0xaee116e3,
-        0x4033b128,0xc4dd7068,0xc209b983,0xf084dba6,0x831dbc4a,0x97c7c2cf },
-      { 0xf96010e8,0x2f4e61dd,0x529faa17,0xd97e4e20,0x69d37f20,0x4ee66660,
-        0x3d366d72,0xccc139ed,0x13488e0f,0x690b6ee2,0xf3a6d533,0x7cad1dc5 } },
-    /* 19 */
-    { { 0xda57a41f,0x660a9a81,0xec0039b6,0xe74a0412,0x5e1dad15,0x42343c6b,
-        0x46681d4c,0x284f3ff5,0x63749e89,0xb51087f1,0x6f9f2f13,0x070f23cc },
-      { 0x5d186e14,0x542211da,0xfddb0dff,0x84748f37,0xdb1f4180,0x41a3aab4,
-        0xa6402d0e,0x25ed667b,0x02f58355,0x2f2924a9,0xfa44a689,0x5844ee7c } },
-    /* 20 */
-    { { 0x3f3b236f,0xfab08607,0x81e221da,0x19e9d41d,0x3927b428,0xf3f6571e,
-        0x7550f1f6,0x4348a933,0xa85e62f0,0x7167b996,0x7f5452bf,0x62d43759 },
-      { 0xf2955926,0xd85feb9e,0x6df78353,0x440a561f,0x9ca36b59,0x389668ec,
-        0xa22da016,0x052bf1a1,0xf6093254,0xbdfbff72,0xe22209f3,0x94e50f28 } },
-    /* 21 */
-    { { 0x3062e8af,0x90b2e5b3,0xe8a3d369,0xa8572375,0x201db7b1,0x3fe1b00b,
-        0xee651aa2,0xe926def0,0xb9b10ad7,0x6542c9be,0xa2fcbe74,0x098e309b },
-      { 0xfff1d63f,0x779deeb3,0x20bfd374,0x23d0e80a,0x8768f797,0x8452bb3b,
-        0x1f952856,0xcf75bb4d,0x29ea3faa,0x8fe6b400,0x81373a53,0x12bd3e40 } },
-    /* 22 */
-    { { 0x104cbba5,0xc023780d,0xfa35dd4c,0x6207e747,0x1ca9b6a3,0x35c23928,
-        0x97987b10,0x4ff19be8,0x8022eee8,0xb8476bbf,0xd3bbe74d,0xaa0a4a14 },
-      { 0x187d4543,0x20f94331,0x79f6e066,0x32153870,0xac7e82e1,0x83b0f74e,
-        0x828f06ab,0xa7748ba2,0xc26ef35f,0xc5f0298a,0x8e9a7dbd,0x0f0c5070 } },
-    /* 23 */
-    { { 0xdef029dd,0x0c5c244c,0x850661b8,0x3dabc687,0xfe11d981,0x9992b865,
-        0x6274dbad,0xe9801b8f,0x098da242,0xe54e6319,0x91a53d08,0x9929a91a },
-      { 0x35285887,0x37bffd72,0xf1418102,0xbc759425,0xfd2e6e20,0x9280cc35,
-        0xfbc42ee5,0x735c600c,0x8837619a,0xb7ad2864,0xa778c57b,0xa3627231 } },
-    /* 24 */
-    { { 0x91361ed8,0xae799b5c,0x6c63366c,0x47d71b75,0x1b265a6a,0x54cdd521,
-        0x98d77b74,0xe0215a59,0xbab29db0,0x4424d9b7,0x7fd9e536,0x8b0ffacc },
-      { 0x37b5d9ef,0x46d85d12,0xbfa91747,0x5b106d62,0x5f99ba2d,0xed0479f8,
-        0x1d104de4,0x0e6f3923,0x25e8983f,0x83a84c84,0xf8105a70,0xa9507e0a } },
-    /* 25 */
-    { { 0x14cf381c,0xf6c68a6e,0xc22e31cc,0xaf9d27bd,0xaa8a5ccb,0x23568d4d,
-        0xe338e4d2,0xe431eec0,0x8f52ad1f,0xf1a828fe,0xe86acd80,0xdb6a0579 },
-      { 0x4507832a,0x2885672e,0x887e5289,0x73fc275f,0x05610d08,0x65f80278,
-        0x075ff5b0,0x8d9b4554,0x09f712b5,0x3a8e8fb1,0x2ebe9cf2,0x39f0ac86 } },
-    /* 26 */
-    { { 0x4c52edf5,0xd8fabf78,0xa589ae53,0xdcd737e5,0xd791ab17,0x94918bf0,
-        0xbcff06c9,0xb5fbd956,0xdca46d45,0xf6d3032e,0x41a3e486,0x2cdff7e1 },
-      { 0x61f47ec8,0x6674b3ba,0xeef84608,0x8a882163,0x4c687f90,0xa257c705,
-        0xf6cdf227,0xe30cb2ed,0x7f6ea846,0x2c4c64ca,0xcc6bcd3c,0x186fa17c } },
-    /* 27 */
-    { { 0x1dfcb91e,0x48a3f536,0x646d358a,0x83595e13,0x91128798,0xbd15827b,
-        0x2187757a,0x3ce612b8,0x61bd7372,0x873150a1,0xb662f568,0xf4684530 },
-      { 0x401896f6,0x8833950b,0x77f3e090,0xe11cb89a,0x48e7f4a5,0xb2f12cac,
-        0xf606677e,0x313dd769,0x16579f93,0xfdcf08b3,0x46b8f22b,0x6429cec9 } },
-    /* 28 */
-    { { 0xbb75f9a4,0x4984dd54,0x29d3b570,0x4aef06b9,0x3d6e4c1e,0xb5f84ca2,
-        0xb083ef35,0x24c61c11,0x392ca9ff,0xce4a7392,0x6730a800,0x865d6517 },
-      { 0x722b4a2b,0xca3dfe76,0x7b083e0e,0x12c04bf9,0x1b86b8a5,0x803ce5b5,
-        0x6a7e3e0c,0x3fc7632d,0xc81adbe4,0xc89970c2,0x120e16b1,0x3cbcd3ad } },
-    /* 29 */
-    { { 0xec30ce93,0xfbfb4cc7,0xb72720a2,0x10ed6c7d,0x47b55500,0xec675bf7,
-        0x333ff7c3,0x90725903,0x5075bfc0,0xc7c3973e,0x07acf31b,0xb049ecb0 },
-      { 0x4f58839c,0xb4076eaf,0xa2b05e4f,0x101896da,0xab40c66e,0x3f6033b0,
-        0xc8d864ba,0x19ee9eeb,0x47bf6d2a,0xeb6cf155,0xf826477d,0x8e5a9663 } },
-    /* 30 */
-    { { 0xf7fbd5e1,0x69e62fdd,0x76912b1d,0x38ecfe54,0xd1da3bfb,0x845a3d56,
-        0x1c86f0d4,0x0494950e,0x3bc36ce8,0x83cadbf9,0x4fccc8d1,0x41fce572 },
-      { 0x8332c144,0x05f939c2,0x0871e46e,0xb17f248b,0x66e8aff6,0x3d8534e2,
-        0x3b85c629,0x1d06f1dc,0xa3131b73,0xdb06a32e,0x8b3f64e5,0xf295184d } },
-    /* 31 */
-    { { 0x36ddc103,0xd9653ff7,0x95ef606f,0x25f43e37,0xfe06dce8,0x09e301fc,
-        0x30b6eebf,0x85af2341,0x0ff56b20,0x79b12b53,0xfe9a3c6b,0x9b4fb499 },
-      { 0x51d27ac2,0x0154f892,0x56ca5389,0xd33167e3,0xafc065a6,0x7828ec1f,
-        0x7f746c9b,0x0959a258,0x0c44f837,0xb18f1be3,0xc4132fdb,0xa7946117 } },
-    /* 32 */
-    { { 0x5e3c647b,0xc0426b77,0x8cf05348,0xbfcbd939,0x172c0d3d,0x31d312e3,
-        0xee754737,0x5f49fde6,0x6da7ee61,0x895530f0,0xe8b3a5fb,0xcf281b0a },
-      { 0x41b8a543,0xfd149735,0x3080dd30,0x41a625a7,0x653908cf,0xe2baae07,
-        0xba02a278,0xc3d01436,0x7b21b8f8,0xa0d0222e,0xd7ec1297,0xfdc270e9 } },
-    /* 33 */
-    { { 0xbc7f41d6,0x00873c0c,0x1b7ad641,0xd976113e,0x238443fb,0x2a536ff4,
-        0x41e62e45,0x030d00e2,0x5f545fc6,0x532e9867,0x8e91208c,0xcd033108 },
-      { 0x9797612c,0xd1a04c99,0xeea674e2,0xd4393e02,0xe19742a1,0xd56fa69e,
-        0x85f0590e,0xdd2ab480,0x48a2243d,0xa5cefc52,0x54383f41,0x48cc67b6 } },
-    /* 34 */
-    { { 0xfc14ab48,0x4e50430e,0x26706a74,0x195b7f4f,0xcc881ff6,0x2fe8a228,
-        0xd945013d,0xb1b968e2,0x4b92162b,0x936aa579,0x364e754a,0x4fb766b7 },
-      { 0x31e1ff7f,0x13f93bca,0xce4f2691,0x696eb5ca,0xa2b09e02,0xff754bf8,
-        0xe58e3ff8,0x58f13c9c,0x1678c0b0,0xb757346f,0xa86692b3,0xd54200db } },
-    /* 35 */
-    { { 0x6dda1265,0x9a030bbd,0xe89718dd,0xf7b4f3fc,0x936065b8,0xa6a4931f,
-        0x5f72241c,0xbce72d87,0x65775857,0x6cbb51cb,0x4e993675,0xc7161815 },
-      { 0x2ee32189,0xe81a0f79,0x277dc0b2,0xef2fab26,0xb71f469f,0x9e64f6fe,
-        0xdfdaf859,0xb448ce33,0xbe6b5df1,0x3f5c1c4c,0x1de45f7b,0xfb8dfb00 } },
-    /* 36 */
-    { { 0x4d5bb921,0xc7345fa7,0x4d2b667e,0x5c7e04be,0x282d7a3e,0x47ed3a80,
-        0x7e47b2a4,0x5c2777f8,0x08488e2e,0x89b3b100,0xb2eb5b45,0x9aad77c2 },
-      { 0xdaac34ae,0xd681bca7,0x26afb326,0x2452e4e5,0x41a1ee14,0x0c887924,
-        0xc2407ade,0x743b04d4,0xfc17a2ac,0xcb5e999b,0x4a701a06,0x4dca2f82 } },
-    /* 37 */
-    { { 0x1127bc1a,0x68e31ca6,0x17ead3be,0xa3edd59b,0xe25f5a15,0x67b6b645,
-        0xa420e15e,0x76221794,0x4b1e872e,0x794fd83b,0xb2dece1b,0x7cab3f03 },
-      { 0xca9b3586,0x7119bf15,0x4d250bd7,0xa5545924,0xcc6bcf24,0x173633ea,
-        0xb1b6f884,0x9bd308c2,0x447d38c3,0x3bae06f5,0xf341fe1c,0x54dcc135 } },
-    /* 38 */
-    { { 0x943caf0d,0x56d3598d,0x225ff133,0xce044ea9,0x563fadea,0x9edf6a7c,
-        0x73e8dc27,0x632eb944,0x3190dcab,0x814b467e,0x6dbb1e31,0x2d4f4f31 },
-      { 0xa143b7ca,0x8d69811c,0xde7cf950,0x4ec1ac32,0x37b5fe82,0x223ab5fd,
-        0x9390f1d9,0xe82616e4,0x75804610,0xabff4b20,0x875b08f0,0x11b9be15 } },
-    /* 39 */
-    { { 0x3bbe682c,0x4ae31a3d,0x74eef2dd,0xbc7c5d26,0x3c47dd40,0x92afd10a,
-        0xc14ab9e1,0xec7e0a3b,0xb2e495e4,0x6a6c3dd1,0x309bcd85,0x085ee5e9 },
-      { 0x8c2e67fd,0xf381a908,0xe261eaf2,0x32083a80,0x96deee15,0x0fcd6a49,
-        0x5e524c79,0xe3b8fb03,0x1d5b08b9,0x8dc360d9,0x7f26719f,0x3a06e2c8 } },
-    /* 40 */
-    { { 0x7237cac0,0x5cd9f5a8,0x43586794,0x93f0b59d,0xe94f6c4e,0x4384a764,
-        0xb62782d3,0x8304ed2b,0xcde06015,0x0b8db8b3,0x5dbe190f,0x4336dd53 },
-      { 0x92ab473a,0x57443553,0xbe5ed046,0x031c7275,0x21909aa4,0x3e78678c,
-        0x99202ddb,0x4ab7e04f,0x6977e635,0x2648d206,0x093198be,0xd427d184 } },
-    /* 41 */
-    { { 0x0f9b5a31,0x822848f5,0xbaadb62a,0xbb003468,0x3357559c,0x233a0472,
-        0x79aee843,0x49ef6880,0xaeb9e1e3,0xa89867a0,0x1f6f9a55,0xc151931b },
-      { 0xad74251e,0xd264eb0b,0x4abf295e,0x37b9b263,0x04960d10,0xb600921b,
-        0x4da77dc0,0x0de53dbc,0xd2b18697,0x01d9bab3,0xf7156ddf,0xad54ec7a } },
-    /* 42 */
-    { { 0x79efdc58,0x8e74dc35,0x4ff68ddb,0x456bd369,0xd32096a5,0x724e74cc,
-        0x386783d0,0xe41cff42,0x7c70d8a4,0xa04c7f21,0xe61a19a2,0x41199d2f },
-      { 0x29c05dd2,0xd389a3e0,0xe7e3fda9,0x535f2a6b,0x7c2b4df8,0x26ecf72d,
-        0xfe745294,0x678275f4,0x9d23f519,0x6319c9cc,0x88048fc4,0x1e05a02d } },
-    /* 43 */
-    { { 0xd4d5ffe8,0x75cc8e2e,0xdbea17f2,0xf8bb4896,0xcee3cb4a,0x35059790,
-        0xa47c6165,0x4c06ee85,0x92935d2f,0xf98fff25,0x32ffd7c7,0x34c4a572 },
-      { 0xea0376a2,0xc4b14806,0x4f115e02,0x2ea5e750,0x1e55d7c0,0x532d76e2,
-        0xf31044da,0x68dc9411,0x71b77993,0x9272e465,0x93a8cfd5,0xadaa38bb } },
-    /* 44 */
-    { { 0x7d4ed72a,0x4bf0c712,0xba1f79a3,0xda0e9264,0xf4c39ea4,0x48c0258b,
-        0x2a715138,0xa5394ed8,0xbf06c660,0x4af511ce,0xec5c37cd,0xfcebceef },
-      { 0x779ae8c1,0xf23b75aa,0xad1e606e,0xdeff59cc,0x22755c82,0xf3f526fd,
-        0xbb32cefd,0x64c5ab44,0x915bdefd,0xa96e11a2,0x1143813e,0xab19746a } },
-    /* 45 */
-    { { 0xec837d7d,0x43c78585,0xb8ee0ba4,0xca5b6fbc,0xd5dbb5ee,0x34e924d9,
-        0xbb4f1ca5,0x3f4fa104,0x398640f7,0x15458b72,0xd7f407ea,0x4231faa9 },
-      { 0xf96e6896,0x53e0661e,0xd03b0f9d,0x554e4c69,0x9c7858d1,0xd4fcb07b,
-        0x52cb04fa,0x7e952793,0x8974e7f7,0x5f5f1574,0x6b6d57c8,0x2e3fa558 } },
-    /* 46 */
-    { { 0x6a9951a8,0x42cd4803,0x42792ad0,0xa8b15b88,0xabb29a73,0x18e8bcf9,
-        0x409933e8,0xbfd9a092,0xefb88dc4,0x760a3594,0x40724458,0x14418863 },
-      { 0x99caedc7,0x162a56ee,0x91d101c9,0x8fb12ecd,0x393202da,0xea671967,
-        0xa4ccd796,0x1aac8c4a,0x1cf185a8,0x7db05036,0x8cfd095a,0x0c9f86cd } },
-    /* 47 */
-    { { 0x10b2a556,0x9a728147,0x327b70b2,0x767ca964,0x5e3799b7,0x04ed9e12,
-        0x22a3eb2a,0x6781d2dc,0x0d9450ac,0x5bd116eb,0xa7ebe08a,0xeccac1fc },
-      { 0xdc2d6e94,0xde68444f,0x35ecf21b,0x3621f429,0x29e03a2c,0x14e2d543,
-        0x7d3e7f0a,0x53e42cd5,0x73ed00b9,0xbba26c09,0xc57d2272,0x00297c39 } },
-    /* 48 */
-    { { 0xb8243a7d,0x3aaaab10,0x8fa58c5b,0x6eeef93e,0x9ae7f764,0xf866fca3,
-        0x61ab04d3,0x64105a26,0x03945d66,0xa3578d8a,0x791b848c,0xb08cd3e4 },
-      { 0x756d2411,0x45edc5f8,0xa755128c,0xd4a790d9,0x49e5f6a0,0xc2cf0963,
-        0xf649beaa,0xc66d267d,0x8467039e,0x3ce6d968,0x42f7816f,0x50046c6b } },
-    /* 49 */
-    { { 0x66425043,0x92ae1602,0xf08db890,0x1ff66afd,0x8f162ce5,0x386f5a7f,
-        0xfcf5598f,0x18d2dea0,0x1a8ca18e,0x78372b3a,0x8cd0e6f7,0xdf0d20eb },
-      { 0x75bb4045,0x7edd5e1d,0xb96d94b7,0x252a47ce,0x2c626776,0xbdb29358,
-        0x40dd1031,0x853c3943,0x7d5f47fd,0x9dc9becf,0xbae4044a,0x27c2302f } },
-    /* 50 */
-    { { 0x8f2d49ce,0x2d1d208a,0x162df0a2,0x0d91aa02,0x09a07f65,0x9c5cce87,
-        0x84339012,0xdf07238b,0x419442cd,0x5028e2c8,0x72062aba,0x2dcbd358 },
-      { 0xe4680967,0xb5fbc3cb,0x9f92d72c,0x2a7bc645,0x116c369d,0x806c76e1,
-        0x3177e8d8,0x5c50677a,0x4569df57,0x753739eb,0x36c3f40b,0x2d481ef6 } },
-    /* 51 */
-    { { 0xfea1103e,0x1a2d39fd,0x95f81b17,0xeaae5592,0xf59b264a,0xdbd0aa18,
-        0xcb592ee0,0x90c39c1a,0x9750cca3,0xdf62f80d,0xdf97cc6c,0xda4d8283 },
-      { 0x1e201067,0x0a6dd346,0x69fb1f6b,0x1531f859,0x1d60121f,0x4895e552,
-        0x4c041c91,0x0b21aab0,0xbcc1ccf8,0x9d896c46,0x3141bde7,0xd24da3b3 } },
-    /* 52 */
-    { { 0x53b0a354,0x575a0537,0x0c6ddcd8,0x392ff2f4,0x56157b94,0x0b8e8cff,
-        0x3b1b80d1,0x073e57bd,0x3fedee15,0x2a75e0f0,0xaa8e6f19,0x752380e4 },
-      { 0x6558ffe9,0x1f4e227c,0x19ec5415,0x3a348618,0xf7997085,0xab382d5e,
-        0xddc46ac2,0x5e6deaff,0xfc8d094c,0xe5144078,0xf60e37c6,0xf674fe51 } },
-    /* 53 */
-    { { 0xaf63408f,0x6fb87ae5,0xcd75a737,0xa39c36a9,0xcf4c618d,0x7833313f,
-        0xf034c88d,0xfbcd4482,0x39b35288,0x4469a761,0x66b5d9c9,0x77a711c5 },
-      { 0x944f8d65,0x4a695dc7,0x161aaba8,0xe6da5f65,0x24601669,0x8654e9c3,
-        0x28ae7491,0xbc8b93f5,0x8f5580d8,0x5f1d1e83,0xcea32cc8,0x8ccf9a1a } },
-    /* 54 */
-    { { 0x7196fee2,0x28ab110c,0x874c8945,0x75799d63,0x29aedadd,0xa2629348,
-        0x2be88ff4,0x9714cc7b,0xd58d60d6,0xf71293cf,0x32a564e9,0xda6b6cb3 },
-      { 0x3dd821c2,0xf43fddb1,0x90dd323d,0xf2f2785f,0x048489f8,0x91246419,
-        0xd24c6749,0x61660f26,0xc803c15c,0x961d9e8c,0xfaadc4c9,0x631c6158 } },
-    /* 55 */
-    { { 0xfd752366,0xacf2ebe0,0x139be88b,0xb93c340e,0x0f20179e,0x98f66485,
-        0xff1da785,0x14820254,0x4f85c16e,0x5278e276,0x7aab1913,0xa246ee45 },
-      { 0x53763b33,0x43861eb4,0x45c0bc0d,0xc49f03fc,0xad6b1ea1,0xafff16bc,
-        0x6fd49c99,0xce33908b,0xf7fde8c3,0x5c51e9bf,0xff142c5e,0x076a7a39 } },
-    /* 56 */
-    { { 0x9e338d10,0x04639dfe,0xf42b411b,0x8ee6996f,0xa875cef2,0x960461d1,
-        0x95b4d0ba,0x1057b6d6,0xa906e0bc,0x27639252,0xe1c20f8a,0x2c19f09a },
-      { 0xeef4c43d,0x5b8fc3f0,0x07a84aa9,0xe2e1b1a8,0x835d2bdb,0x5f455528,
-        0x207132dd,0x0f4aee4d,0x3907f675,0xe9f8338c,0x0e0531f0,0x7a874dc9 } },
-    /* 57 */
-    { { 0x97c27050,0x84b22d45,0x59e70bf8,0xbd0b8df7,0x79738b9b,0xb4d67405,
-        0xcd917c4f,0x47f4d5f5,0x13ce6e33,0x9099c4ce,0x521d0f8b,0x942bfd39 },
-      { 0xa43b566d,0x5028f0f6,0x21bff7de,0xaf6e8669,0xc44232cd,0x83f6f856,
-        0xf915069a,0x65680579,0xecfecb85,0xd12095a2,0xdb01ba16,0xcf7f06ae } },
-    /* 58 */
-    { { 0x8ef96c80,0x0f56e3c4,0x3ddb609c,0xd521f2b3,0x7dc1450d,0x2be94102,
-        0x02a91fe2,0x2d21a071,0x1efa37de,0x2e6f74fa,0x156c28a1,0x9a9a90b8 },
-      { 0x9dc7dfcb,0xc54ea9ea,0x2c2c1d62,0xc74e66fc,0x49d3e067,0x9f23f967,
-        0x54dd38ad,0x1c7c3a46,0x5946cee3,0xc7005884,0x45cc045d,0x89856368 } },
-    /* 59 */
-    { { 0xfce73946,0x29da7cd4,0x23168563,0x8f697db5,0xcba92ec6,0x8e235e9c,
-        0x9f91d3ea,0x55d4655f,0xaa50a6cd,0xf3689f23,0x21e6a1a0,0xdcf21c26 },
-      { 0x61b818bf,0xcffbc82e,0xda47a243,0xc74a2f96,0x8bc1a0cf,0x234e980a,
-        0x7929cb6d,0xf35fd6b5,0xefe17d6c,0x81468e12,0x58b2dafb,0xddea6ae5 } },
-    /* 60 */
-    { { 0x7e787b2e,0x294de887,0x39a9310d,0x258acc1f,0xac14265d,0x92d9714a,
-        0x708b48a0,0x18b5591c,0xe1abbf71,0x27cc6bb0,0x568307b9,0xc0581fa3 },
-      { 0xf24d4d58,0x9e0f58a3,0xe0ce2327,0xfebe9bb8,0x9d1be702,0x91fd6a41,
-        0xfacac993,0x9a7d8a45,0x9e50d66d,0xabc0a08c,0x06498201,0x02c342f7 } },
-    /* 61 */
-    { { 0x157bdbc2,0xccd71407,0xad0e1605,0x72fa89c6,0xb92a015f,0xb1d3da2b,
-        0xa0a3fe56,0x8ad9e7cd,0x24f06737,0x160edcbd,0x61275be6,0x79d4db33 },
-      { 0x5f3497c4,0xd3d31fd9,0x04192fb0,0x8cafeaee,0x13a50af3,0xe13ca745,
-        0x8c85aae5,0x18826167,0x9eb556ff,0xce06cea8,0xbdb549f3,0x2eef1995 } },
-    /* 62 */
-    { { 0x50596edc,0x8ed7d3eb,0x905243a2,0xaa359362,0xa4b6d02b,0xa212c2c2,
-        0xc4fbec68,0x611fd727,0xb84f733d,0x8a0b8ff7,0x5f0daf0e,0xd85a6b90 },
-      { 0xd4091cf7,0x60e899f5,0x2eff2768,0x4fef2b67,0x10c33964,0xc1f195cb,
-        0x93626a8f,0x8275d369,0x0d6c840a,0xc77904f4,0x7a868acd,0x88d8b7fd } },
-    /* 63 */
-    { { 0x7bd98425,0x85f23723,0xc70b154e,0xd4463992,0x96687a2e,0xcbb00ee2,
-        0xc83214fd,0x905fdbf7,0x13593684,0x2019d293,0xef51218e,0x0428c393 },
-      { 0x981e909a,0x40c7623f,0x7be192da,0x92513385,0x4010907e,0x48fe480f,
-        0x3120b459,0xdd7a187c,0xa1fd8f3c,0xc9d7702d,0xe358efc5,0x66e4753b } },
-    /* 64 */
-    { { 0x16973cf4,0x070d34e1,0x7e4f34f7,0x20aee08b,0x5eb8ad29,0x269af9b9,
-        0xa6a45dda,0xdde0a036,0x63df41e0,0xa18b528e,0xa260df2a,0x03cc71b2 },
-      { 0xa06b1dd7,0x24a6770a,0x9d2675d3,0x5bfa9c11,0x96844432,0x73c1e2a1,
-        0x131a6cf0,0x3660558d,0x2ee79454,0xb0289c83,0xc6d8ddcd,0xa6aefb01 } },
-    /* 65 */
-    { { 0x01ab5245,0xba1464b4,0xc48d93ff,0x9b8d0b6d,0x93ad272c,0x939867dc,
-        0xae9fdc77,0xbebe085e,0x894ea8bd,0x73ae5103,0x39ac22e1,0x740fc89a },
-      { 0x28e23b23,0x5e28b0a3,0xe13104d0,0x2352722e,0xb0a2640d,0xf4667a18,
-        0x49bb37c3,0xac74a72e,0xe81e183a,0x79f734f0,0x3fd9c0eb,0xbffe5b6c } },
-    /* 66 */
-    { { 0xc6a2123f,0xb1a358f5,0xfe28df6d,0x927b2d95,0xf199d2f9,0x89702753,
-        0x1a3f82dc,0x0a73754c,0x777affe1,0x063d029d,0xdae6d34d,0x5439817e },
-      { 0x6b8b83c4,0xf7979eef,0x9d945682,0x615cb214,0xc5e57eae,0x8f0e4fac,
-        0x113047dd,0x042b89b8,0x93f36508,0x888356dc,0x5fd1f32f,0xbf008d18 } },
-    /* 67 */
-    { { 0x4e8068db,0x8012aa24,0xa5729a47,0xc72cc641,0x43f0691d,0x3c33df2c,
-        0x1d92145f,0xfa057347,0xb97f7946,0xaefc0f2f,0x2f8121bf,0x813d75cb },
-      { 0x4383bba6,0x05613c72,0xa4224b3f,0xa924ce70,0x5f2179a6,0xe59cecbe,
-        0x79f62b61,0x78e2e8aa,0x53ad8079,0x3ac2cc3b,0xd8f4fa96,0x55518d71 } },
-    /* 68 */
-    { { 0x00623f3b,0x03cf2922,0x5f29ebff,0x095c7111,0x80aa6823,0x42d72247,
-        0x7458c0b0,0x044c7ba1,0x0959ec20,0xca62f7ef,0xf8ca929f,0x40ae2ab7 },
-      { 0xa927b102,0xb8c5377a,0xdc031771,0x398a86a0,0xc216a406,0x04908f9d,
-        0x918d3300,0xb423a73a,0xe0b94739,0x634b0ff1,0x2d69f697,0xe29de725 } },
-    /* 69 */
-    { { 0x8435af04,0x744d1400,0xfec192da,0x5f255b1d,0x336dc542,0x1f17dc12,
-        0x636a68a8,0x5c90c2a7,0x7704ca1e,0x960c9eb7,0x6fb3d65a,0x9de8cf1e },
-      { 0x511d3d06,0xc60fee0d,0xf9eb52c7,0x466e2313,0x206b0914,0x743c0f5f,
-        0x2191aa4d,0x42f55bac,0xffebdbc2,0xcefc7c8f,0xe6e8ed1c,0xd4fa6081 } },
-    /* 70 */
-    { { 0xb0ab9645,0xb5e405d3,0xd5f1f711,0xaeec7f98,0x585c2a6e,0x8ad42311,
-        0x512c6944,0x045acb9e,0xa90db1c6,0xae106c4e,0x898e6563,0xb89f33d5 },
-      { 0x7fed2ce4,0x43b07cd9,0xdd815b20,0xf9934e17,0x0a81a349,0x6778d4d5,
-        0x52918061,0x9e616ade,0xd7e67112,0xfa06db06,0x88488091,0x1da23cf1 } },
-    /* 71 */
-    { { 0x42f2c4b5,0x821c46b3,0x66059e47,0x931513ef,0x66f50cd1,0x7030ae43,
-        0x43e7b127,0x43b536c9,0x5fca5360,0x006258cf,0x6b557abf,0xe4e3ee79 },
-      { 0x24c8b22f,0xbb6b3900,0xfcbf1054,0x2eb5e2c1,0x567492af,0x937b18c9,
-        0xacf53957,0xf09432e4,0x1dbf3a56,0x585f5a9d,0xbe0887cf,0xf86751fd } },
-    /* 72 */
-    { { 0x9d10e0b2,0x157399cb,0x60dc51b7,0x1c0d5956,0x1f583090,0x1d496b8a,
-        0x88590484,0x6658bc26,0x03213f28,0x88c08ab7,0x7ae58de4,0x8d2e0f73 },
-      { 0x486cfee6,0x9b79bc95,0xe9e5bc57,0x036a26c7,0xcd8ae97a,0x1ad03601,
-        0xff3a0494,0x06907f87,0x2c7eb584,0x078f4bbf,0x7e8d0a5a,0xe3731bf5 } },
-    /* 73 */
-    { { 0xe1cd0abe,0x72f2282b,0x87efefa2,0xd4f9015e,0x6c3834bd,0x9d189806,
-        0xb8a29ced,0x9c8cdcc1,0xfee82ebc,0x0601b9f4,0x7206a756,0x371052bc },
-      { 0x46f32562,0x76fa1092,0x17351bb4,0xdaad534c,0xb3636bb5,0xc3d64c37,
-        0x45d54e00,0x038a8c51,0x32c09e7c,0x301e6180,0x95735151,0x9764eae7 } },
-    /* 74 */
-    { { 0xcbd5256a,0x8791b19f,0x6ca13a3b,0x4007e0f2,0x4cf06904,0x03b79460,
-        0xb6c17589,0xb18a9c22,0x81d45908,0xa1cb7d7d,0x21bb68f1,0x6e13fa9d },
-      { 0xa71e6e16,0x47183c62,0xe18749ed,0x5cf0ef8e,0x2e5ed409,0x2c9c7f9b,
-        0xe6e117e1,0x042eeacc,0x13fb5a7f,0xb86d4816,0xc9e5feb1,0xea1cf0ed } },
-    /* 75 */
-    { { 0xcea4cc9b,0x6e6573c9,0xafcec8f3,0x5417961d,0xa438b6f6,0x804bf02a,
-        0xdcd4ea88,0xb894b03c,0x3799571f,0xd0f807e9,0x862156e8,0x3466a7f5 },
-      { 0x56515664,0x51e59acd,0xa3c5eb0b,0x55b0f93c,0x6a4279db,0x84a06b02,
-        0xc5fae08e,0x5c850579,0xa663a1a2,0xcf07b8db,0xf46ffc8d,0x49a36bbc } },
-    /* 76 */
-    { { 0x46d93106,0xe47f5acc,0xaa897c9c,0x65b7ade0,0x12d7e4be,0x37cf4c94,
-        0xd4b2caa9,0xa2ae9b80,0xe60357a3,0x5e7ce09c,0xc8ecd5f9,0x29f77667 },
-      { 0xa8a0b1c5,0xdf6868f5,0x62978ad8,0x240858cf,0xdc0002a1,0x0f7ac101,
-        0xffe9aa05,0x1d28a9d7,0x5b962c97,0x744984d6,0x3d28c8b2,0xa8a7c00b } },
-    /* 77 */
-    { { 0xae11a338,0x7c58a852,0xd1af96e7,0xa78613f1,0x5355cc73,0x7e9767d2,
-        0x792a2de6,0x6ba37009,0x124386b2,0x7d60f618,0x11157674,0xab09b531 },
-      { 0x98eb9dd0,0x95a04841,0x15070328,0xe6c17acc,0x489c6e49,0xafc6da45,
-        0xbb211530,0xab45a60a,0x7d7ea933,0xc58d6592,0x095642c6,0xa3ef3c65 } },
-    /* 78 */
-    { { 0xdf010879,0x89d420e9,0x39576179,0x9d25255d,0xe39513b6,0x9cdefd50,
-        0xd5d1c313,0xe4efe45b,0x3f7af771,0xc0149de7,0x340ab06b,0x55a6b4f4 },
-      { 0xebeaf771,0xf1325251,0x878d4288,0x2ab44128,0x18e05afe,0xfcd5832e,
-        0xcc1fb62b,0xef52a348,0xc1c4792a,0x2bd08274,0x877c6dc7,0x345c5846 } },
-    /* 79 */
-    { { 0xbea65e90,0xde15ceb0,0x2416d99c,0x0987f72b,0xfd863dec,0x44db578d,
-        0xac6a3578,0xf617b74b,0xdb48e999,0x9e62bd7a,0xeab1a1be,0x877cae61 },
-      { 0x3a358610,0x23adddaa,0x325e2b07,0x2fc4d6d1,0x1585754e,0x897198f5,
-        0xb392b584,0xf741852c,0xb55f7de1,0x9927804c,0x1aa8efae,0xe9e6c4ed } },
-    /* 80 */
-    { { 0x98683186,0x867db639,0xddcc4ea9,0xfb5cf424,0xd4f0e7bd,0xcc9a7ffe,
-        0x7a779f7e,0x7c57f71c,0xd6b25ef2,0x90774079,0xb4081680,0x90eae903 },
-      { 0x0ee1fceb,0xdf2aae5e,0xe86c1a1f,0x3ff1da24,0xca193edf,0x80f587d6,
-        0xdc9b9d6a,0xa5695523,0x85920303,0x7b840900,0xba6dbdef,0x1efa4dfc } },
-    /* 81 */
-    { { 0xe0540015,0xfbd838f9,0xc39077dc,0x2c323946,0xad619124,0x8b1fb9e6,
-        0x0ca62ea8,0x9612440c,0x2dbe00ff,0x9ad9b52c,0xae197643,0xf52abaa1 },
-      { 0x2cac32ad,0xd0e89894,0x62a98f91,0xdfb79e42,0x276f55cb,0x65452ecf,
-        0x7ad23e12,0xdb1ac0d2,0xde4986f0,0xf68c5f6a,0x82ce327d,0x389ac37b } },
-    /* 82 */
-    { { 0xf8e60f5b,0x511188b4,0x48aa2ada,0x7fe67015,0x381abca2,0xdb333cb8,
-        0xdaf3fc97,0xb15e6d9d,0x36aabc03,0x4b24f6eb,0x72a748b4,0xc59789df },
-      { 0x29cf5279,0x26fcb8a5,0x01ad9a6c,0x7a3c6bfc,0x4b8bac9b,0x866cf88d,
-        0x9c80d041,0xf4c89989,0x70add148,0xf0a04241,0x45d81a41,0x5a02f479 } },
-    /* 83 */
-    { { 0xc1c90202,0xfa5c877c,0xf8ac7570,0xd099d440,0xd17881f7,0x428a5b1b,
-        0x5b2501d7,0x61e267db,0xf2e4465b,0xf889bf04,0x76aa4cb8,0x4da3ae08 },
-      { 0xe3e66861,0x3ef0fe26,0x3318b86d,0x5e772953,0x747396df,0xc3c35fbc,
-        0x439ffd37,0x5115a29c,0xb2d70374,0xbfc4bd97,0x56246b9d,0x088630ea } },
-    /* 84 */
-    { { 0xb8a9e8c9,0xcd96866d,0x5bb8091e,0xa11963b8,0x045b3cd2,0xc7f90d53,
-        0x80f36504,0x755a72b5,0x21d3751c,0x46f8b399,0x53c193de,0x4bffdc91 },
-      { 0xb89554e7,0xcd15c049,0xf7a26be6,0x353c6754,0xbd41d970,0x79602370,
-        0x12b176c0,0xde16470b,0x40c8809d,0x56ba1175,0xe435fb1e,0xe2db35c3 } },
-    /* 85 */
-    { { 0x6328e33f,0xd71e4aab,0xaf8136d1,0x5486782b,0x86d57231,0x07a4995f,
-        0x1651a968,0xf1f0a5bd,0x76803b6d,0xa5dc5b24,0x42dda935,0x5c587cbc },
-      { 0xbae8b4c0,0x2b6cdb32,0xb1331138,0x66d1598b,0x5d7e9614,0x4a23b2d2,
-        0x74a8c05d,0x93e402a6,0xda7ce82e,0x45ac94e6,0xe463d465,0xeb9f8281 } },
-    /* 86 */
-    { { 0xfecf5b9b,0x34e0f9d1,0xf206966a,0xa115b12b,0x1eaa0534,0x5591cf3b,
-        0xfb1558f9,0x5f0293cb,0x1bc703a5,0x1c8507a4,0x862c1f81,0x92e6b81c },
-      { 0xcdaf24e3,0xcc9ebc66,0x72fcfc70,0x68917ecd,0x8157ba48,0x6dc9a930,
-        0xb06ab2b2,0x5d425c08,0x36e929c4,0x362f8ce7,0x62e89324,0x09f6f57c } },
-    /* 87 */
-    { { 0xd29375fb,0x1c7d6b78,0xe35d1157,0xfabd851e,0x4243ea47,0xf6f62dcd,
-        0x8fe30b0f,0x1dd92460,0xffc6e709,0x08166dfa,0x0881e6a7,0xc6c4c693 },
-      { 0xd6a53fb0,0x20368f87,0x9eb4d1f9,0x38718e9f,0xafd7e790,0x03f08acd,
-        0x72fe2a1c,0x0835eb44,0x88076e5d,0x7e050903,0xa638e731,0x538f765e } },
-    /* 88 */
-    { { 0xc2663b4b,0x0e0249d9,0x47cd38dd,0xe700ab5b,0x2c46559f,0xb192559d,
-        0x4bcde66d,0x8f9f74a8,0x3e2aced5,0xad161523,0x3dd03a5b,0xc155c047 },
-      { 0x3be454eb,0x346a8799,0x83b7dccd,0x66ee94db,0xab9d2abe,0x1f6d8378,
-        0x7733f355,0x4a396dd2,0xf53553c2,0x419bd40a,0x731dd943,0xd0ead98d } },
-    /* 89 */
-    { { 0xec142408,0x908e0b0e,0x4114b310,0x98943cb9,0x1742b1d7,0x03dbf7d8,
-        0x693412f4,0xd270df6b,0x8f69e20c,0xc5065494,0x697e43a1,0xa76a90c3 },
-      { 0x4624825a,0xe0fa3384,0x8acc34c2,0x82e48c0b,0xe9a14f2b,0x7b24bd14,
-        0x4db30803,0x4f5dd5e2,0x932da0a3,0x0c77a9e7,0x74c653dc,0x20db90f2 } },
-    /* 90 */
-    { { 0x0e6c5fd9,0x261179b7,0x6c982eea,0xf8bec123,0xd4957b7e,0x47683338,
-        0x0a72f66a,0xcc47e664,0x1bad9350,0xbd54bf6a,0xf454e95a,0xdfbf4c6a },
-      { 0x6907f4fa,0x3f7a7afa,0x865ca735,0x7311fae0,0x2a496ada,0x24737ab8,
-        0x15feb79b,0x13e425f1,0xa1b93c21,0xe9e97c50,0x4ddd3eb5,0xb26b6eac } },
-    /* 91 */
-    { { 0x2a2e5f2b,0x81cab9f5,0xbf385ac4,0xf93caf29,0xc909963a,0xf4bf35c3,
-        0x74c9143c,0x081e7300,0xc281b4c5,0x3ea57fa8,0x9b340741,0xe497905c },
-      { 0x55ab3cfb,0xf556dd8a,0x518db6ad,0xd444b96b,0x5ef4b955,0x34f5425a,
-        0xecd26aa3,0xdda7a3ac,0xda655e97,0xb57da11b,0xc2024c70,0x02da3eff } },
-    /* 92 */
-    { { 0x6481d0d9,0xe24b0036,0x818fdfe2,0x3740dbe5,0x190fda00,0xc1fc1f45,
-        0x3cf27fde,0x329c9280,0x6934f43e,0x7435cb53,0x7884e8fe,0x2b505a5d },
-      { 0x711adcc9,0x6cfcc6a6,0x531e21e1,0xf034325c,0x9b2a8a99,0xa2f4a967,
-        0x3c21bdff,0x9d5f3842,0x31b57d66,0xb25c7811,0x0b8093b9,0xdb5344d8 } },
-    /* 93 */
-    { { 0xae50a2f5,0x0d72e667,0xe4a861d1,0x9b7f8d8a,0x330df1cb,0xa129f70f,
-        0xe04fefc3,0xe90aa5d7,0xe72c3ae1,0xff561ecb,0xcdb955fa,0x0d8fb428 },
-      { 0xd7663784,0xd2235f73,0x7e2c456a,0xc05baec6,0x2adbfccc,0xe5c292e4,
-        0xefb110d5,0x4fd17988,0xd19d49f3,0x27e57734,0x84f679fe,0x188ac4ce } },
-    /* 94 */
-    { { 0xa796c53e,0x7ee344cf,0x0868009b,0xbbf6074d,0x474a1295,0x1f1594f7,
-        0xac11632d,0x66776edc,0x04e2fa5a,0x1862278b,0xc854a89a,0x52665cf2 },
-      { 0x8104ab58,0x7e376464,0x7204fd6d,0x16775913,0x44ea1199,0x86ca06a5,
-        0x1c9240dd,0xaa3f765b,0x24746149,0x5f8501a9,0xdcd251d7,0x7b982e30 } },
-    /* 95 */
-    { { 0xc15f3060,0xe44e9efc,0xa87ebbe6,0x5ad62f2e,0xc79500d4,0x36499d41,
-        0x336fa9d1,0xa66d6dc0,0x5afd3b1f,0xf8afc495,0xe5c9822b,0x1d8ccb24 },
-      { 0x79d7584b,0x4031422b,0xea3f20dd,0xc54a0580,0x958468c5,0x3f837c8f,
-        0xfbea7735,0x3d82f110,0x7dffe2fc,0x679a8778,0x20704803,0x48eba63b } },
-    /* 96 */
-    { { 0xdf46e2f6,0x89b10d41,0x19514367,0x13ab57f8,0x1d469c87,0x067372b9,
-        0x4f6c5798,0x0c195afa,0x272c9acf,0xea43a12a,0x678abdac,0x9dadd8cb },
-      { 0xe182579a,0xcce56c6b,0x2d26c2d8,0x86febadb,0x2a44745c,0x1c668ee1,
-        0x98dc047a,0x580acd86,0x51b9ec2d,0x5a2b79cc,0x4054f6a0,0x007da608 } },
-    /* 97 */
-    { { 0x17b00dd0,0x9e3ca352,0x0e81a7a6,0x046779cb,0xd482d871,0xb999fef3,
-        0xd9233fbc,0xe6f38134,0xf48cd0e0,0x112c3001,0x3c6c66ae,0x934e7576 },
-      { 0xd73234dc,0xb44d4fc3,0x864eafc1,0xfcae2062,0x26bef21a,0x843afe25,
-        0xf3b75fdf,0x61355107,0x794c2e6b,0x8367a5aa,0x8548a372,0x3d2629b1 } },
-    /* 98 */
-    { { 0x437cfaf8,0x6230618f,0x2032c299,0x5b8742cb,0x2293643a,0x949f7247,
-        0x09464f79,0xb8040f1a,0x4f254143,0x049462d2,0x366c7e76,0xabd6b522 },
-      { 0xd5338f55,0x119b392b,0x01495a0c,0x1a80a9ce,0xf8d7537e,0xf3118ca7,
-        0x6bf4b762,0xb715adc2,0xa8482b6c,0x24506165,0x96a7c84d,0xd958d7c6 } },
-    /* 99 */
-    { { 0xbdc21f31,0x9ad8aa87,0x8063e58c,0xadb3cab4,0xb07dd7b8,0xefd86283,
-        0x1be7c6b4,0xc7b9b762,0x015582de,0x2ef58741,0x299addf3,0xc970c52e },
-      { 0x22f24d66,0x78f02e2a,0x74cc100a,0xefec1d10,0x09316e1a,0xaf2a6a39,
-        0x5849dd49,0xce7c2205,0x96bffc4c,0x9c1fe75c,0x7ba06ec0,0xcad98fd2 } },
-    /* 100 */
-    { { 0xb648b73e,0xed76e2d0,0x1cfd285e,0xa9f92ce5,0x2ed13de1,0xa8c86c06,
-        0xa5191a93,0x1d3a574e,0x1ad1b8bf,0x385cdf8b,0x47d2cfe3,0xbbecc28a },
-      { 0x69cec548,0x98d326c0,0xf240a0b2,0x4f5bc1dd,0x29057236,0x241a7062,
-        0xc68294a4,0x0fc6e9c5,0xa319f17a,0x4d04838b,0x9ffc1c6f,0x8b612cf1 } },
-    /* 101 */
-    { { 0x4c3830eb,0x9bb0b501,0x8ee0d0c5,0x3d08f83c,0x79ba9389,0xa4a62642,
-        0x9cbc2914,0x5d5d4044,0x074c46f0,0xae9eb83e,0x74ead7d6,0x63bb758f },
-      { 0xc6bb29e0,0x1c40d2ea,0x4b02f41e,0x95aa2d87,0x53cb199a,0x92989175,
-        0x51584f6d,0xdd91bafe,0x31a1aaec,0x3715efb9,0x46780f9e,0xc1b6ae5b } },
-    /* 102 */
-    { { 0x42772f41,0xcded3e4b,0x3bcb79d1,0x3a700d5d,0x80feee60,0x4430d50e,
-        0xf5e5d4bb,0x444ef1fc,0xe6e358ff,0xc660194f,0x6a91b43c,0xe68a2f32 },
-      { 0x977fe4d2,0x5842775c,0x7e2a41eb,0x78fdef5c,0xff8df00e,0x5f3bec02,
-        0x5852525d,0xf4b840cd,0x4e6988bd,0x0870483a,0xcc64b837,0x39499e39 } },
-    /* 103 */
-    { { 0xb08df5fe,0xfc05de80,0x63ba0362,0x0c12957c,0xd5cf1428,0xea379414,
-        0x54ef6216,0xc559132a,0xb9e65cf8,0x33d5f12f,0x1695d663,0x09c60278 },
-      { 0x61f7a2fb,0x3ac1ced4,0xd4f5eeb8,0xdd838444,0x8318fcad,0x82a38c6c,
-        0xe9f1a864,0x315be2e5,0x442daf47,0x317b5771,0x95aa5f9e,0x81b5904a } },
-    /* 104 */
-    { { 0x8b21d232,0x6b6b1c50,0x8c2cba75,0x87f3dbc0,0xae9f0faf,0xa7e74b46,
-        0xbb7b8079,0x036a0985,0x8d974a25,0x4f185b90,0xd9af5ec9,0x5aa7cef0 },
-      { 0x57dcfffc,0xe0566a70,0xb8453225,0x6ea311da,0x23368aa9,0x72ea1a8d,
-        0x48cd552d,0xed9b2083,0xc80ea435,0xb987967c,0x6c104173,0xad735c75 } },
-    /* 105 */
-    { { 0xcee76ef4,0xaea85ab3,0xaf1d2b93,0x44997444,0xeacb923f,0x0851929b,
-        0x51e3bc0c,0xb080b590,0x59be68a2,0xc4ee1d86,0x64b26cda,0xf00de219 },
-      { 0xf2e90d4d,0x8d7fb5c0,0x77d9ec64,0x00e219a7,0x5d1c491c,0xc4e6febd,
-        0x1a8f4585,0x080e3754,0x48d2af9c,0x4a9b86c8,0xb6679851,0x2ed70db6 } },
-    /* 106 */
-    { { 0x586f25cb,0xaee44116,0xa0fcf70f,0xf7b6861f,0x18a350e8,0x55d2cd20,
-        0x92dc286f,0x861bf3e5,0x6226aba7,0x9ab18ffa,0xa9857b03,0xd15827be },
-      { 0x92e6acef,0x26c1f547,0xac1fbac3,0x422c63c8,0xfcbfd71d,0xa2d8760d,
-        0xb2511224,0x35f6a539,0x048d1a21,0xbaa88fa1,0xebf999db,0x49f1abe9 } },
-    /* 107 */
-    { { 0xf7492b73,0x16f9f4f4,0xcb392b1a,0xcf28ec1e,0x69ca6ffc,0x45b130d4,
-        0xb72efa58,0x28ba8d40,0x5ca066f5,0xace987c7,0x4ad022eb,0x3e399246 },
-      { 0x752555bb,0x63a2d84e,0x9c2ae394,0xaaa93b4a,0xc89539ca,0xcd80424e,
-        0xaa119a99,0x6d6b5a6d,0x379f2629,0xbd50334c,0xef3cc7d3,0x899e925e } },
-    /* 108 */
-    { { 0xbf825dc4,0xb7ff3651,0x40b9c462,0x0f741cc4,0x5cc4fb5b,0x771ff5a9,
-        0x47fd56fe,0xcb9e9c9b,0x5626c0d3,0xbdf053db,0xf7e14098,0xa97ce675 },
-      { 0x6c934f5e,0x68afe5a3,0xccefc46f,0x6cd5e148,0xd7a88586,0xc7758570,
-        0xdd558d40,0x49978f5e,0x64ae00c1,0xa1d5088a,0xf1d65bb2,0x58f2a720 } },
-    /* 109 */
-    { { 0x3e4daedb,0x66fdda4a,0x65d1b052,0x38318c12,0x4c4bbf5c,0x28d910a2,
-        0x78a9cd14,0x762fe5c4,0xd2cc0aee,0x08e5ebaa,0xca0c654c,0xd2cdf257 },
-      { 0x08b717d2,0x48f7c58b,0x386cd07a,0x3807184a,0xae7d0112,0x3240f626,
-        0xc43917b0,0x03e9361b,0x20aea018,0xf261a876,0x7e1e6372,0x53f556a4 } },
-    /* 110 */
-    { { 0x2f512a90,0xc84cee56,0x1b0ea9f1,0x24b3c004,0xe26cc1ea,0x0ee15d2d,
-        0xf0c9ef7d,0xd848762c,0xd5341435,0x1026e9c5,0xfdb16b31,0x8f5b73dc },
-      { 0xd2c75d95,0x1f69bef2,0xbe064dda,0x8d33d581,0x57ed35e6,0x8c024c12,
-        0xc309c281,0xf8d435f9,0xd6960193,0xfd295061,0xe9e49541,0x66618d78 } },
-    /* 111 */
-    { { 0x8ce382de,0x571cfd45,0xde900dde,0x175806ee,0x34aba3b5,0x61849965,
-        0xde7aec95,0xe899778a,0xff4aa97f,0xe8f00f6e,0x010b0c6d,0xae971cb5 },
-      { 0x3af788f1,0x1827eebc,0xe413fe2d,0xd46229ff,0x4741c9b4,0x8a15455b,
-        0xf8e424eb,0x5f02e690,0xdae87712,0x40a1202e,0x64944f6d,0x49b3bda2 } },
-    /* 112 */
-    { { 0x035b2d69,0xd63c6067,0x6bed91b0,0xb507150d,0x7afb39b2,0x1f35f82f,
-        0x16012b66,0xb9bd9c01,0xed0a5f50,0x00d97960,0x2716f7c9,0xed705451 },
-      { 0x127abdb4,0x1576eff4,0xf01e701c,0x6850d698,0x3fc87e2f,0x9fa7d749,
-        0xb0ce3e48,0x0b6bcc6f,0xf7d8c1c0,0xf4fbe1f5,0x02719cc6,0xcf75230e } },
-    /* 113 */
-    { { 0x722d94ed,0x6761d6c2,0x3718820e,0xd1ec3f21,0x25d0e7c6,0x65a40b70,
-        0xbaf3cf31,0xd67f830e,0xb93ea430,0x633b3807,0x0bc96c69,0x17faa0ea },
-      { 0xdf866b98,0xe6bf3482,0xa9db52d4,0x205c1ee9,0xff9ab869,0x51ef9bbd,
-        0x75eeb985,0x3863dad1,0xd3cf442a,0xef216c3b,0xf9c8e321,0x3fb228e3 } },
-    /* 114 */
-    { { 0x0760ac07,0x94f9b70c,0x9d79bf4d,0xf3c9ccae,0xc5ffc83d,0x73cea084,
-        0xdc49c38e,0xef50f943,0xbc9e7330,0xf467a2ae,0x44ea7fba,0x5ee534b6 },
-      { 0x03609e7f,0x20cb6272,0x62fdc9f0,0x09844355,0x0f1457f7,0xaf5c8e58,
-        0xb4b25941,0xd1f50a6c,0x2ec82395,0x77cb247c,0xda3dca33,0xa5f3e1e5 } },
-    /* 115 */
-    { { 0x7d85fa94,0x023489d6,0x2db9ce47,0x0ba40537,0xaed7aad1,0x0fdf7a1f,
-        0x9a4ccb40,0xa57b0d73,0x5b18967c,0x48fcec99,0xb7274d24,0xf30b5b6e },
-      { 0xc81c5338,0x7ccb4773,0xa3ed6bd0,0xb85639e6,0x1d56eada,0x7d9df95f,
-        0x0a1607ad,0xe256d57f,0x957574d6,0x6da7ffdc,0x01c7a8c4,0x65f84046 } },
-    /* 116 */
-    { { 0xcba1e7f1,0x8d45d0cb,0x02b55f64,0xef0a08c0,0x17e19892,0x771ca31b,
-        0x4885907e,0xe1843ecb,0x364ce16a,0x67797ebc,0x8df4b338,0x816d2b2d },
-      { 0x39aa8671,0xe870b0e5,0xc102b5f5,0x9f0db3e4,0x1720c697,0x34296659,
-        0x613c0d2a,0x0ad4c89e,0x418ddd61,0x1af900b2,0xd336e20e,0xe087ca72 } },
-    /* 117 */
-    { { 0xaba10079,0x222831ff,0x6d64fff2,0x0dc5f87b,0x3e8cb330,0x44547907,
-        0x702a33fb,0xe815aaa2,0x5fba3215,0x338d6b2e,0x79f549c8,0x0f7535cb },
-      { 0x2ee95923,0x471ecd97,0xc6d1c09f,0x1e868b37,0xc666ef4e,0x2bc7b8ec,
-        0x808a4bfc,0xf5416589,0x3fbc4d2e,0xf23e9ee2,0x2d75125b,0x4357236c } },
-    /* 118 */
-    { { 0xba9cdb1b,0xfe176d95,0x2f82791e,0x45a1ca01,0x4de4cca2,0x97654af2,
-        0x5cc4bcb9,0xbdbf9d0e,0xad97ac0a,0xf6a7df50,0x61359fd6,0xc52112b0 },
-      { 0x4f05eae3,0x696d9ce3,0xe943ac2b,0x903adc02,0x0848be17,0xa9075347,
-        0x2a3973e5,0x1e20f170,0x6feb67e9,0xe1aacc1c,0xe16bc6b9,0x2ca0ac32 } },
-    /* 119 */
-    { { 0xef871eb5,0xffea12e4,0xa8bf0a7a,0x94c2f25d,0x78134eaa,0x4d1e4c2a,
-        0x0360fb10,0x11ed16fb,0x85fc11be,0x4029b6db,0xf4d390fa,0x5e9f7ab7 },
-      { 0x30646612,0x5076d72f,0xdda1d0d8,0xa0afed1d,0x85a1d103,0x29022257,
-        0x4e276bcd,0xcb499e17,0x51246c3d,0x16d1da71,0x589a0443,0xc72d56d3 } },
-    /* 120 */
-    { { 0xdae5bb45,0xdf5ffc74,0x261bd6dc,0x99068c4a,0xaa98ec7b,0xdc0afa7a,
-        0xf121e96d,0xedd2ee00,0x1414045c,0x163cc7be,0x335af50e,0xb0b1bbce },
-      { 0x01a06293,0xd440d785,0x6552e644,0xcdebab7c,0x8c757e46,0x48cb8dbc,
-        0x3cabe3cb,0x81f9cf78,0xb123f59a,0xddd02611,0xeeb3784d,0x3dc7b88e } },
-    /* 121 */
-    { { 0xc4741456,0xe1b8d398,0x6032a121,0xa9dfa902,0x1263245b,0x1cbfc86d,
-        0x5244718c,0xf411c762,0x05b0fc54,0x96521d54,0xdbaa4985,0x1afab46e },
-      { 0x8674b4ad,0xa75902ba,0x5ad87d12,0x486b43ad,0x36e0d099,0x72b1c736,
-        0xbb6cd6d6,0x39890e07,0x59bace4e,0x8128999c,0x7b535e33,0xd8da430b } },
-    /* 122 */
-    { { 0xc6b75791,0x39f65642,0x21806bfb,0x050947a6,0x1362ef84,0x0ca3e370,
-        0x8c3d2391,0x9bc60aed,0x732e1ddc,0x9b488671,0xa98ee077,0x12d10d9e },
-      { 0x3651b7dc,0xb6f2822d,0x80abd138,0x6345a5ba,0x472d3c84,0x62033262,
-        0xacc57527,0xd54a1d40,0x424447cb,0x6ea46b3a,0x2fb1a496,0x5bc41057 } },
-    /* 123 */
-    { { 0xa751cd0e,0xe70c57a3,0xeba3c7d6,0x190d8419,0x9d47d55a,0xb1c3bee7,
-        0xf912c6d8,0xda941266,0x407a6ad6,0x12e9aacc,0x6e838911,0xd6ce5f11 },
-      { 0x70e1f2ce,0x063ca97b,0x8213d434,0xa3e47c72,0x84df810a,0xa016e241,
-        0xdfd881a4,0x688ad7b0,0xa89bf0ad,0xa37d99fc,0xa23c2d23,0xd8e3f339 } },
-    /* 124 */
-    { { 0x750bed6f,0xbdf53163,0x83e68b0a,0x808abc32,0x5bb08a33,0x85a36627,
-        0x6b0e4abe,0xf72a3a0f,0xfaf0c6ad,0xf7716d19,0x5379b25f,0x22dcc020 },
-      { 0xf9a56e11,0x7400bf8d,0x56a47f21,0x6cb8bad7,0x7a6eb644,0x7c97176f,
-        0xd1f5b646,0xe8fd84f7,0x44ddb054,0x98320a94,0x1dde86f5,0x07071ba3 } },
-    /* 125 */
-    { { 0x98f8fcb9,0x6fdfa0e5,0x94d0d70c,0x89cec8e0,0x106d20a8,0xa0899397,
-        0xba8acc9c,0x915bfb9a,0x5507e01c,0x1370c94b,0x8a821ffb,0x83246a60 },
-      { 0xbe3c378f,0xa8273a9f,0x35a25be9,0x7e544789,0x4dd929d7,0x6cfa4972,
-        0x365bd878,0x987fed9d,0x5c29a7ae,0x4982ac94,0x5ddd7ec5,0x4589a5d7 } },
-    /* 126 */
-    { { 0xa95540a9,0x9fabb174,0x0162c5b0,0x7cfb886f,0xea3dee18,0x17be766b,
-        0xe88e624c,0xff7da41f,0x8b919c38,0xad0b71eb,0xf31ff9a9,0x86a522e0 },
-      { 0x868bc259,0xbc8e6f72,0x3ccef9e4,0x6130c638,0x9a466555,0x09f1f454,
-        0x19b2bfb4,0x8e6c0f09,0x0ca7bb22,0x945c46c9,0x4dafb67b,0xacd87168 } },
-    /* 127 */
-    { { 0x10c53841,0x090c72ca,0x55a4fced,0xc20ae01b,0xe10234ad,0x03f7ebd5,
-        0x85892064,0xb3f42a6a,0xb4a14722,0xbdbc30c0,0x8ca124cc,0x971bc437 },
-      { 0x517ff2ff,0x6f79f46d,0xecba947b,0x6a9c96e2,0x62925122,0x5e79f2f4,
-        0x6a4e91f1,0x30a96bb1,0x2d4c72da,0x1147c923,0x5811e4df,0x65bc311f } },
-    /* 128 */
-    { { 0x139b3239,0x87c7dd7d,0x4d833bae,0x8b57824e,0x9fff0015,0xbcbc4878,
-        0x909eaf1a,0x8ffcef8b,0xf1443a78,0x9905f4ee,0xe15cbfed,0x020dd4a2 },
-      { 0xa306d695,0xca2969ec,0xb93caf60,0xdf940cad,0x87ea6e39,0x67f7fab7,
-        0xf98c4fe5,0x0d0ee10f,0xc19cb91e,0xc646879a,0x7d1d7ab4,0x4b4ea50c } },
-    /* 129 */
-    { { 0x7a0db57e,0x19e40945,0x9a8c9702,0xe6017cad,0x1be5cff9,0xdbf739e5,
-        0xa7a938a2,0x3646b3cd,0x68350dfc,0x04511085,0x56e098b5,0xad3bd6f3 },
-      { 0xee2e3e3e,0x935ebabf,0x473926cb,0xfbd01702,0x9e9fb5aa,0x7c735b02,
-        0x2e3feff0,0xc52a1b85,0x046b405a,0x9199abd3,0x39039971,0xe306fcec } },
-    /* 130 */
-    { { 0x23e4712c,0xd6d9aec8,0xc3c198ee,0x7ca8376c,0x31bebd8a,0xe6d83187,
-        0xd88bfef3,0xed57aff3,0xcf44edc7,0x72a645ee,0x5cbb1517,0xd4e63d0b },
-      { 0xceee0ecf,0x98ce7a1c,0x5383ee8e,0x8f012633,0xa6b455e8,0x3b879078,
-        0xc7658c06,0xcbcd3d96,0x0783336a,0x721d6fe7,0x5a677136,0xf21a7263 } },
-    /* 131 */
-    { { 0x9586ba11,0x19d8b3cd,0x8a5c0480,0xd9e0aeb2,0x2230ef5c,0xe4261dbf,
-        0x02e6bf09,0x095a9dee,0x80dc7784,0x8963723c,0x145157b1,0x5c97dbaf },
-      { 0x4bc4503e,0x97e74434,0x85a6b370,0x0fb1cb31,0xcd205d4b,0x3e8df2be,
-        0xf8f765da,0x497dd1bc,0x6c988a1a,0x92ef95c7,0x64dc4cfa,0x3f924baa } },
-    /* 132 */
-    { { 0x7268b448,0x6bf1b8dd,0xefd79b94,0xd4c28ba1,0xe4e3551f,0x2fa1f8c8,
-        0x5c9187a9,0x769e3ad4,0x40326c0d,0x28843b4d,0x50d5d669,0xfefc8094 },
-      { 0x90339366,0x30c85bfd,0x5ccf6c3a,0x4eeb56f1,0x28ccd1dc,0x0e72b149,
-        0xf2ce978e,0x73ee85b5,0x3165bb23,0xcdeb2bf3,0x4e410abf,0x8106c923 } },
-    /* 133 */
-    { { 0x7d02f4ee,0xc8df0161,0x18e21225,0x8a781547,0x6acf9e40,0x4ea895eb,
-        0x6e5a633d,0x8b000cb5,0x7e981ffb,0xf31d86d5,0x4475bc32,0xf5c8029c },
-      { 0x1b568973,0x764561ce,0xa62996ec,0x2f809b81,0xda085408,0x9e513d64,
-        0xe61ce309,0xc27d815d,0x272999e0,0x0da6ff99,0xfead73f7,0xbd284779 } },
-    /* 134 */
-    { { 0x9b1cdf2b,0x6033c2f9,0xbc5fa151,0x2a99cf06,0x12177b3b,0x7d27d259,
-        0xc4485483,0xb1f15273,0x102e2297,0x5fd57d81,0xc7f6acb7,0x3d43e017 },
-      { 0x3a70eb28,0x41a8bb0b,0x3e80b06b,0x67de2d8e,0x70c28de5,0x09245a41,
-        0xa7b26023,0xad7dbcb1,0x2cbc6c1e,0x70b08a35,0x9b33041f,0xb504fb66 } },
-    /* 135 */
-    { { 0xf97a27c2,0xa8e85ab5,0xc10a011b,0x6ac5ec8b,0xffbcf161,0x55745533,
-        0x65790a60,0x01780e85,0x99ee75b0,0xe451bf85,0x39c29881,0x8907a63b },
-      { 0x260189ed,0x76d46738,0x47bd35cb,0x284a4436,0x20cab61e,0xd74e8c40,
-        0x416cf20a,0x6264bf8c,0x5fd820ce,0xfa5a6c95,0xf24bb5fc,0xfa7154d0 } },
-    /* 136 */
-    { { 0x9b3f5034,0x18482cec,0xcd9e68fd,0x962d445a,0x95746f23,0x266fb1d6,
-        0x58c94a4b,0xc66ade5a,0xed68a5b6,0xdbbda826,0x7ab0d6ae,0x05664a4d },
-      { 0x025e32fc,0xbcd4fe51,0xa96df252,0x61a5aebf,0x31592a31,0xd88a07e2,
-        0x98905517,0x5d9d94de,0x5fd440e7,0x96bb4010,0xe807db4c,0x1b0c47a2 } },
-    /* 137 */
-    { { 0x08223878,0x5c2a6ac8,0xe65a5558,0xba08c269,0x9bbc27fd,0xd22b1b9b,
-        0x72b9607d,0x919171bf,0xe588dc58,0x9ab455f9,0x23662d93,0x6d54916e },
-      { 0x3b1de0c1,0x8da8e938,0x804f278f,0xa84d186a,0xd3461695,0xbf4988cc,
-        0xe10eb0cb,0xf5eae3be,0xbf2a66ed,0x1ff8b68f,0xc305b570,0xa68daf67 } },
-    /* 138 */
-    { { 0x44b2e045,0xc1004cff,0x4b1c05d4,0x91b5e136,0x88a48a07,0x53ae4090,
-        0xea11bb1a,0x73fb2995,0x3d93a4ea,0x32048570,0x3bfc8a5f,0xcce45de8 },
-      { 0xc2b3106e,0xaff4a97e,0xb6848b4f,0x9069c630,0xed76241c,0xeda837a6,
-        0x6cc3f6cf,0x8a0daf13,0x3da018a8,0x199d049d,0xd9093ba3,0xf867c6b1 } },
-    /* 139 */
-    { { 0x56527296,0xe4d42a56,0xce71178d,0xae26c73d,0x6c251664,0x70a0adac,
-        0x5dc0ae1d,0x813483ae,0xdaab2daf,0x7574eacd,0xc2d55f4f,0xc56b52dc },
-      { 0x95f32923,0x872bc167,0x5bdd2a89,0x4be17581,0xa7699f00,0x9b57f1e7,
-        0x3ac2de02,0x5fcd9c72,0x92377739,0x83af3ba1,0xfc50b97f,0xa64d4e2b } },
-    /* 140 */
-    { { 0x0e552b40,0x2172dae2,0xd34d52e8,0x62f49725,0x07958f98,0x7930ee40,
-        0x751fdd74,0x56da2a90,0xf53e48c3,0xf1192834,0x8e53c343,0x34d2ac26 },
-      { 0x13111286,0x1073c218,0xda9d9827,0x201dac14,0xee95d378,0xec2c29db,
-        0x1f3ee0b1,0x9316f119,0x544ce71c,0x7890c9f0,0x27612127,0xd77138af } },
-    /* 141 */
-    { { 0x3b4ad1cd,0x78045e6d,0x4aa49bc1,0xcd86b94e,0xfd677a16,0x57e51f1d,
-        0xfa613697,0xd9290935,0x34f4d893,0x7a3f9593,0x5d5fcf9b,0x8c9c248b },
-      { 0x6f70d4e9,0x9f23a482,0x63190ae9,0x17273454,0x5b081a48,0x4bdd7c13,
-        0x28d65271,0x1e2de389,0xe5841d1f,0x0bbaaa25,0x746772e5,0xc4c18a79 } },
-    /* 142 */
-    { { 0x593375ac,0x10ee2681,0x7dd5e113,0x4f3288be,0x240f3538,0x9a97b2fb,
-        0x1de6b1e2,0xfa11089f,0x1351bc58,0x516da562,0x2dfa85b5,0x573b6119 },
-      { 0x6cba7df5,0x89e96683,0x8c28ab40,0xf299be15,0xad43fcbf,0xe91c9348,
-        0x9a1cefb3,0xe9bbc7cc,0x738b2775,0xc8add876,0x775eaa01,0x6e3b1f2e } },
-    /* 143 */
-    { { 0xb677788b,0x0365a888,0x3fd6173c,0x634ae8c4,0x9e498dbe,0x30498761,
-        0xc8f779ab,0x08c43e6d,0x4c09aca9,0x068ae384,0x2018d170,0x2380c70b },
-      { 0xa297c5ec,0xcf77fbc3,0xca457948,0xdacbc853,0x336bec7e,0x3690de04,
-        0x14eec461,0x26bbac64,0x1f713abf,0xd1c23c7e,0xe6fd569e,0xf08bbfcd } },
-    /* 144 */
-    { { 0x84770ee3,0x5f8163f4,0x744a1706,0x0e0c7f94,0xe1b2d46d,0x9c8f05f7,
-        0xd01fd99a,0x417eafe7,0x11440e5b,0x2ba15df5,0x91a6fbcf,0xdc5c552a },
-      { 0xa270f721,0x86271d74,0xa004485b,0x32c0a075,0x8defa075,0x9d1a87e3,
-        0xbf0d20fe,0xb590a7ac,0x8feda1f5,0x430c41c2,0x58f6ec24,0x454d2879 } },
-    /* 145 */
-    { { 0x7c525435,0x52b7a635,0x37c4bdbc,0x3d9ef57f,0xdffcc475,0x2bb93e9e,
-        0x7710f3be,0xf7b8ba98,0x21b727de,0x42ee86da,0x2e490d01,0x55ac3f19 },
-      { 0xc0c1c390,0x487e3a6e,0x446cde7b,0x036fb345,0x496ae951,0x089eb276,
-        0x71ed1234,0xedfed4d9,0x900f0b46,0x661b0dd5,0x8582f0d3,0x11bd6f1b } },
-    /* 146 */
-    { { 0x076bc9d1,0x5cf9350f,0xcf3cd2c3,0x15d903be,0x25af031c,0x21cfc8c2,
-        0x8b1cc657,0xe0ad3248,0x70014e87,0xdd9fb963,0x297f1658,0xf0f3a5a1 },
-      { 0xf1f703aa,0xbb908fba,0x2f6760ba,0x2f9cc420,0x66a38b51,0x00ceec66,
-        0x05d645da,0x4deda330,0xf7de3394,0xb9cf5c72,0x1ad4c906,0xaeef6502 } },
-    /* 147 */
-    { { 0x7a19045d,0x0583c8b1,0xd052824c,0xae7c3102,0xff6cfa58,0x2a234979,
-        0x62c733c0,0xfe9dffc9,0x9c0c4b09,0x3a7fa250,0x4fe21805,0x516437bb },
-      { 0xc2a23ddb,0x9454e3d5,0x289c104e,0x0726d887,0x4fd15243,0x8977d918,
-        0x6d7790ba,0xc559e73f,0x465af85f,0x8fd3e87d,0x5feee46b,0xa2615c74 } },
-    /* 148 */
-    { { 0x4335167d,0xc8d607a8,0xe0f5c887,0x8b42d804,0x398d11f9,0x5f9f13df,
-        0x20740c67,0x5aaa5087,0xa3d9234b,0x83da9a6a,0x2a54bad1,0xbd3a5c4e },
-      { 0x2db0f658,0xdd13914c,0x5a3f373a,0x29dcb66e,0x5245a72b,0xbfd62df5,
-        0x91e40847,0x19d18023,0xb136b1ae,0xd9df74db,0x3f93bc5b,0x72a06b6b } },
-    /* 149 */
-    { { 0xad19d96f,0x6da19ec3,0xfb2a4099,0xb342daa4,0x662271ea,0x0e61633a,
-        0xce8c054b,0x3bcece81,0x8bd62dc6,0x7cc8e061,0xee578d8b,0xae189e19 },
-      { 0xdced1eed,0x73e7a25d,0x7875d3ab,0xc1257f0a,0x1cfef026,0x2cb2d5a2,
-        0xb1fdf61c,0xd98ef39b,0x24e83e6c,0xcd8e6f69,0xc7b7088b,0xd71e7076 } },
-    /* 150 */
-    { { 0x9d4245bf,0x33936830,0x2ac2953b,0x22d96217,0x56c3c3cd,0xb3bf5a82,
-        0x0d0699e8,0x50c9be91,0x8f366459,0xec094463,0x513b7c35,0x6c056dba },
-      { 0x045ab0e3,0x687a6a83,0x445c9295,0x8d40b57f,0xa16f5954,0x0f345048,
-        0x3d8f0a87,0x64b5c639,0x9f71c5e2,0x106353a2,0x874f0dd4,0xdd58b475 } },
-    /* 151 */
-    { { 0x62230c72,0x67ec084f,0x481385e3,0xf14f6cca,0x4cda7774,0xf58bb407,
-        0xaa2dbb6b,0xe15011b1,0x0c035ab1,0xd488369d,0x8245f2fd,0xef83c24a },
-      { 0x9fdc2538,0xfb57328f,0x191fe46a,0x79808293,0x32ede548,0xe28f5c44,
-        0xea1a022c,0x1b3cda99,0x3df2ec7f,0x39e639b7,0x760e9a18,0x77b6272b } },
-    /* 152 */
-    { { 0xa65d56d5,0x2b1d51bd,0x7ea696e0,0x3a9b71f9,0x9904f4c4,0x95250ecc,
-        0xe75774b7,0x8bc4d6eb,0xeaeeb9aa,0x0e343f8a,0x930e04cb,0xc473c1d1 },
-      { 0x064cd8ae,0x282321b1,0x5562221c,0xf4b4371e,0xd1bf1221,0xc1cc81ec,
-        0xe2c8082f,0xa52a07a9,0xba64a958,0x350d8e59,0x6fb32c9a,0x29e4f3de } },
-    /* 153 */
-    { { 0xba89aaa5,0x0aa9d56c,0xc4c6059e,0xf0208ac0,0xbd6ddca4,0x7400d9c6,
-        0xf2c2f74a,0xb384e475,0xb1562dd3,0x4c1061fc,0x2e153b8d,0x3924e248 },
-      { 0x849808ab,0xf38b8d98,0xa491aa36,0x29bf3260,0x88220ede,0x85159ada,
-        0xbe5bc422,0x8b47915b,0xd7300967,0xa934d72e,0x2e515d0d,0xc4f30398 } },
-    /* 154 */
-    { { 0x1b1de38b,0xe3e9ee42,0x42636760,0xa124e25a,0x90165b1a,0x90bf73c0,
-        0x146434c5,0x21802a34,0x2e1fa109,0x54aa83f2,0xed9c51e9,0x1d4bd03c },
-      { 0x798751e6,0xc2d96a38,0x8c3507f5,0xed27235f,0xc8c24f88,0xb5fb80e2,
-        0xd37f4f78,0xf873eefa,0xf224ba96,0x7229fd74,0x9edd7149,0x9dcd9199 } },
-    /* 155 */
-    { { 0x4e94f22a,0xee9f81a6,0xf71ec341,0xe5609892,0xa998284e,0x6c818ddd,
-        0x3b54b098,0x9fd47295,0x0e8a7cc9,0x47a6ac03,0xb207a382,0xde684e5e },
-      { 0x2b6b956b,0x4bdd1ecd,0xf01b3583,0x09084414,0x55233b14,0xe2f80b32,
-        0xef5ebc5e,0x5a0fec54,0xbf8b29a2,0x74cf25e6,0x7f29e014,0x1c757fa0 } },
-    /* 156 */
-    { { 0xeb0fdfe4,0x1bcb5c4a,0xf0899367,0xd7c649b3,0x05bc083b,0xaef68e3f,
-        0xa78aa607,0x57a06e46,0x21223a44,0xa2136ecc,0x52f5a50b,0x89bd6484 },
-      { 0x4455f15a,0x724411b9,0x08a9c0fd,0x23dfa970,0x6db63bef,0x7b0da4d1,
-        0xfb162443,0x6f8a7ec1,0xe98284fb,0xc1ac9cee,0x33566022,0x085a582b } },
-    /* 157 */
-    { { 0xec1f138a,0x15cb61f9,0x668f0c28,0x11c9a230,0xdf93f38f,0xac829729,
-        0x4048848d,0xcef25698,0x2bba8fbf,0x3f686da0,0x111c619a,0xed5fea78 },
-      { 0xd6d1c833,0x9b4f73bc,0x86e7bf80,0x50951606,0x042b1d51,0xa2a73508,
-        0x5fb89ec2,0x9ef6ea49,0x5ef8b892,0xf1008ce9,0x9ae8568b,0x78a7e684 } },
-    /* 158 */
-    { { 0x10470cd8,0x3fe83a7c,0xf86df000,0x92734682,0xda9409b5,0xb5dac06b,
-        0x94939c5f,0x1e7a9660,0x5cc116dc,0xdec6c150,0x66bac8cc,0x1a52b408 },
-      { 0x6e864045,0x5303a365,0x9139efc1,0x45eae72a,0x6f31d54f,0x83bec646,
-        0x6e958a6d,0x2fb4a86f,0x4ff44030,0x6760718e,0xe91ae0df,0x008117e3 } },
-    /* 159 */
-    { { 0x384310a2,0x5d5833ba,0x1fd6c9fc,0xbdfb4edc,0x849c4fb8,0xb9a4f102,
-        0x581c1e1f,0xe5fb239a,0xd0a9746d,0xba44b2e7,0x3bd942b9,0x78f7b768 },
-      { 0xc87607ae,0x076c8ca1,0xd5caaa7e,0x82b23c2e,0x2763e461,0x6a581f39,
-        0x3886df11,0xca8a5e4a,0x264e7f22,0xc87e90cf,0x215cfcfc,0x04f74870 } },
-    /* 160 */
-    { { 0x141d161c,0x5285d116,0x93c4ed17,0x67cd2e0e,0x7c36187e,0x12c62a64,
-        0xed2584ca,0xf5329539,0x42fbbd69,0xc4c777c4,0x1bdfc50a,0x107de776 },
-      { 0xe96beebd,0x9976dcc5,0xa865a151,0xbe2aff95,0x9d8872af,0x0e0a9da1,
-        0xa63c17cc,0x5e357a3d,0xe15cc67c,0xd31fdfd8,0x7970c6d8,0xc44bbefd } },
-    /* 161 */
-    { { 0x4c0c62f1,0x703f83e2,0x4e195572,0x9b1e28ee,0xfe26cced,0x6a82858b,
-        0xc43638fa,0xd381c84b,0xa5ba43d8,0x94f72867,0x10b82743,0x3b4a783d },
-      { 0x7576451e,0xee1ad7b5,0x14b6b5c8,0xc3d0b597,0xfcacc1b8,0x3dc30954,
-        0x472c9d7b,0x55df110e,0x02f8a328,0x97c86ed7,0x88dc098f,0xd0433413 } },
-    /* 162 */
-    { { 0x2ca8f2fe,0x1a60d152,0x491bd41f,0x61640948,0x58dfe035,0x6dae29a5,
-        0x278e4863,0x9a615bea,0x9ad7c8e5,0xbbdb4477,0x2ceac2fc,0x1c706630 },
-      { 0x99699b4b,0x5e2b54c6,0x239e17e8,0xb509ca6d,0xea063a82,0x728165fe,
-        0xb6a22e02,0x6b5e609d,0xb26ee1df,0x12813905,0x439491fa,0x07b9f722 } },
-    /* 163 */
-    { { 0x48ff4e49,0x1592ec14,0x6d644129,0x3e4e9f17,0x1156acc0,0x7acf8288,
-        0xbb092b0b,0x5aa34ba8,0x7d38393d,0xcd0f9022,0xea4f8187,0x416724dd },
-      { 0xc0139e73,0x3c4e641c,0x91e4d87d,0xe0fe46cf,0xcab61f8a,0xedb3c792,
-        0xd3868753,0x4cb46de4,0x20f1098a,0xe449c21d,0xf5b8ea6e,0x5e5fd059 } },
-    /* 164 */
-    { { 0x75856031,0x7fcadd46,0xeaf2fbd0,0x89c7a4cd,0x7a87c480,0x1af523ce,
-        0x61d9ae90,0xe5fc1095,0xbcdb95f5,0x3fb5864f,0xbb5b2c7d,0xbeb5188e },
-      { 0x3ae65825,0x3d1563c3,0x0e57d641,0x116854c4,0x1942ebd3,0x11f73d34,
-        0xc06955b3,0x24dc5904,0x995a0a62,0x8a0d4c83,0x5d577b7d,0xfb26b86d } },
-    /* 165 */
-    { { 0xc686ae17,0xc53108e7,0xd1c1da56,0x9090d739,0x9aec50ae,0x4583b013,
-        0xa49a6ab2,0xdd9a088b,0xf382f850,0x28192eea,0xf5fe910e,0xcc8df756 },
-      { 0x9cab7630,0x877823a3,0xfb8e7fc1,0x64984a9a,0x364bfc16,0x5448ef9c,
-        0xc44e2a9a,0xbbb4f871,0x435c95e9,0x901a41ab,0xaaa50a06,0xc6c23e5f } },
-    /* 166 */
-    { { 0x9034d8dd,0xb78016c1,0x0b13e79b,0x856bb44b,0xb3241a05,0x85c6409a,
-        0x2d78ed21,0x8d2fe19a,0x726eddf2,0xdcc7c26d,0x25104f04,0x3ccaff5f },
-      { 0x6b21f843,0x397d7edc,0xe975de4c,0xda88e4dd,0x4f5ab69e,0x5273d396,
-        0x9aae6cc0,0x537680e3,0x3e6f9461,0xf749cce5,0x957bffd3,0x021ddbd9 } },
-    /* 167 */
-    { { 0x777233cf,0x7b64585f,0x0942a6f0,0xfe6771f6,0xdfe6eef0,0x636aba7a,
-        0x86038029,0x63bbeb56,0xde8fcf36,0xacee5842,0xd4a20524,0x48d9aa99 },
-      { 0x0da5e57a,0xcff7a74c,0xe549d6c9,0xc232593c,0xf0f2287b,0x68504bcc,
-        0xbc8360b5,0x6d7d098d,0x5b402f41,0xeac5f149,0xb87d1bf1,0x61936f11 } },
-    /* 168 */
-    { { 0xb8153a9d,0xaa9da167,0x9e83ecf0,0xa49fe3ac,0x1b661384,0x14c18f8e,
-        0x38434de1,0x61c24dab,0x283dae96,0x3d973c3a,0x82754fc9,0xc99baa01 },
-      { 0x4c26b1e3,0x477d198f,0xa7516202,0x12e8e186,0x362addfa,0x386e52f6,
-        0xc3962853,0x31e8f695,0x6aaedb60,0xdec2af13,0x29cf74ac,0xfcfdb4c6 } },
-    /* 169 */
-    { { 0xcca40298,0x6b3ee958,0xf2f5d195,0xc3878153,0xed2eae5b,0x0c565630,
-        0x3a697cf2,0xd089b37e,0xad5029ea,0xc2ed2ac7,0x0f0dda6a,0x7e5cdfad },
-      { 0xd9b86202,0xf98426df,0x4335e054,0xed1960b1,0x3f14639e,0x1fdb0246,
-        0x0db6c670,0x17f709c3,0x773421e1,0xbfc687ae,0x26c1a8ac,0x13fefc4a } },
-    /* 170 */
-    { { 0x7ffa0a5f,0xe361a198,0xc63fe109,0xf4b26102,0x6c74e111,0x264acbc5,
-        0x77abebaf,0x4af445fa,0x24cddb75,0x448c4fdd,0x44506eea,0x0b13157d },
-      { 0x72e9993d,0x22a6b159,0x85e5ecbe,0x2c3c57e4,0xfd83e1a1,0xa673560b,
-        0xc3b8c83b,0x6be23f82,0x40bbe38e,0x40b13a96,0xad17399b,0x66eea033 } },
-    /* 171 */
-    { { 0xb4c6c693,0x49fc6e95,0x36af7d38,0xefc735de,0x35fe42fc,0xe053343d,
-        0x6a9ab7c3,0xf0aa427c,0x4a0fcb24,0xc79f0436,0x93ebbc50,0x16287243 },
-      { 0x16927e1e,0x5c3d6bd0,0x673b984c,0x40158ed2,0x4cd48b9a,0xa7f86fc8,
-        0x60ea282d,0x1643eda6,0xe2a1beed,0x45b393ea,0x19571a94,0x664c839e } },
-    /* 172 */
-    { { 0x27eeaf94,0x57745750,0xea99e1e7,0x2875c925,0x5086adea,0xc127e7ba,
-        0x86fe424f,0x765252a0,0x2b6c0281,0x1143cc6c,0xd671312d,0xc9bb2989 },
-      { 0x51acb0a5,0x880c337c,0xd3c60f78,0xa3710915,0x9262b6ed,0x496113c0,
-        0x9ce48182,0x5d25d9f8,0xb3813586,0x53b6ad72,0x4c0e159c,0x0ea3bebc } },
-    /* 173 */
-    { { 0xc5e49bea,0xcaba450a,0x7c05da59,0x684e5415,0xde7ac36c,0xa2e9cab9,
-        0x2e6f957b,0x4ca79b5f,0x09b817b1,0xef7b0247,0x7d89df0f,0xeb304990 },
-      { 0x46fe5096,0x508f7307,0x2e04eaaf,0x695810e8,0x3512f76c,0x88ef1bd9,
-        0x3ebca06b,0x77661351,0xccf158b7,0xf7d4863a,0x94ee57da,0xb2a81e44 } },
-    /* 174 */
-    { { 0x6d53e6ba,0xff288e5b,0x14484ea2,0xa90de1a9,0xed33c8ec,0x2fadb60c,
-        0x28b66a40,0x579d6ef3,0xec24372d,0x4f2dd6dd,0x1d66ec7d,0xe9e33fc9 },
-      { 0x039eab6e,0x110899d2,0x3e97bb5e,0xa31a667a,0xcfdce68e,0x6200166d,
-        0x5137d54b,0xbe83ebae,0x4800acdf,0x085f7d87,0x0c6f8c86,0xcf4ab133 } },
-    /* 175 */
-    { { 0x931e08fb,0x03f65845,0x1506e2c0,0x6438551e,0x9c36961f,0x5791f0dc,
-        0xe3dcc916,0x68107b29,0xf495d2ca,0x83242374,0x6ee5895b,0xd8cfb663 },
-      { 0xa0349b1b,0x525e0f16,0x4a0fab86,0x33cd2c6c,0x2af8dda9,0x46c12ee8,
-        0x71e97ad3,0x7cc424ba,0x37621eb0,0x69766ddf,0xa5f0d390,0x95565f56 } },
-    /* 176 */
-    { { 0x1a0f5e94,0xe0e7bbf2,0x1d82d327,0xf771e115,0xceb111fa,0x10033e3d,
-        0xd3426638,0xd269744d,0x00d01ef6,0xbdf2d9da,0xa049ceaf,0x1cb80c71 },
-      { 0x9e21c677,0x17f18328,0x19c8f98b,0x6452af05,0x80b67997,0x35b9c5f7,
-        0x40f8f3d4,0x5c2e1cbe,0x66d667ca,0x43f91656,0xcf9d6e79,0x9faaa059 } },
-    /* 177 */
-    { { 0x0a078fe6,0x8ad24618,0x464fd1dd,0xf6cc73e6,0xc3e37448,0x4d2ce34d,
-        0xe3271b5f,0x624950c5,0xefc5af72,0x62910f5e,0xaa132bc6,0x8b585bf8 },
-      { 0xa839327f,0x11723985,0x4aac252f,0x34e2d27d,0x6296cc4e,0x402f59ef,
-        0x47053de9,0x00ae055c,0x28b4f09b,0xfc22a972,0xfa0c180e,0xa9e86264 } },
-    /* 178 */
-    { { 0xbc310ecc,0x0b7b6224,0x67fa14ed,0x8a1a74f1,0x7214395c,0x87dd0960,
-        0xf5c91128,0xdf1b3d09,0x86b264a8,0x39ff23c6,0x3e58d4c5,0xdc2d49d0 },
-      { 0xa9d6f501,0x2152b7d3,0xc04094f7,0xf4c32e24,0xd938990f,0xc6366596,
-        0x94fb207f,0x084d078f,0x328594cb,0xfd99f1d7,0xcb2d96b3,0x36defa64 } },
-    /* 179 */
-    { { 0x13ed7cbe,0x4619b781,0x9784bd0e,0x95e50015,0x2c7705fe,0x2a32251c,
-        0x5f0dd083,0xa376af99,0x0361a45b,0x55425c6c,0x1f291e7b,0x812d2cef },
-      { 0x5fd94972,0xccf581a0,0xe56dc383,0x26e20e39,0x63dbfbf0,0x0093685d,
-        0x36b8c575,0x1fc164cc,0x390ef5e7,0xb9c5ab81,0x26908c66,0x40086beb } },
-    /* 180 */
-    { { 0x37e3c115,0xe5e54f79,0xc1445a8a,0x69b8ee8c,0xb7659709,0x79aedff2,
-        0x1b46fbe6,0xe288e163,0xd18d7bb7,0xdb4844f0,0x48aa6424,0xe0ea23d0 },
-      { 0xf3d80a73,0x714c0e4e,0x3bd64f98,0x87a0aa9e,0x2ec63080,0x8844b8a8,
-        0x255d81a3,0xe0ac9c30,0x455397fc,0x86151237,0x2f820155,0x0b979464 } },
-    /* 181 */
-    { { 0x4ae03080,0x127a255a,0x580a89fb,0x232306b4,0x6416f539,0x04e8cd6a,
-        0x13b02a0e,0xaeb70dee,0x4c09684a,0xa3038cf8,0x28e433ee,0xa710ec3c },
-      { 0x681b1f7d,0x77a72567,0x2fc28170,0x86fbce95,0xf5735ac8,0xd3408683,
-        0x6bd68e93,0x3a324e2a,0xc027d155,0x7ec74353,0xd4427177,0xab60354c } },
-    /* 182 */
-    { { 0xef4c209d,0x32a5342a,0x08d62704,0x2ba75274,0xc825d5fe,0x4bb4af6f,
-        0xd28e7ff1,0x1c3919ce,0xde0340f6,0x1dfc2fdc,0x29f33ba9,0xc6580baf },
-      { 0x41d442cb,0xae121e75,0x3a4724e4,0x4c7727fd,0x524f3474,0xe556d6a4,
-        0x785642a2,0x87e13cc7,0xa17845fd,0x182efbb1,0x4e144857,0xdcec0cf1 } },
-    /* 183 */
-    { { 0xe9539819,0x1cb89541,0x9d94dbf1,0xc8cb3b4f,0x417da578,0x1d353f63,
-        0x8053a09e,0xb7a697fb,0xc35d8b78,0x8d841731,0xb656a7a9,0x85748d6f },
-      { 0xc1859c5d,0x1fd03947,0x535d22a2,0x6ce965c1,0x0ca3aadc,0x1966a13e,
-        0x4fb14eff,0x9802e41d,0x76dd3fcd,0xa9048cbb,0xe9455bba,0x89b182b5 } },
-    /* 184 */
-    { { 0x43360710,0xd777ad6a,0x55e9936b,0x841287ef,0x04a21b24,0xbaf5c670,
-        0x35ad86f1,0xf2c0725f,0xc707e72e,0x338fa650,0xd8883e52,0x2bf8ed2e },
-      { 0xb56e0d6a,0xb0212cf4,0x6843290c,0x50537e12,0x98b3dc6f,0xd8b184a1,
-        0x0210b722,0xd2be9a35,0x559781ee,0x407406db,0x0bc18534,0x5a78d591 } },
-    /* 185 */
-    { { 0xd748b02c,0x4d57aa2a,0xa12b3b95,0xbe5b3451,0x64711258,0xadca7a45,
-        0x322153db,0x597e091a,0x32eb1eab,0xf3271006,0x2873f301,0xbd9adcba },
-      { 0x38543f7f,0xd1dc79d1,0x921b1fef,0x00022092,0x1e5df8ed,0x86db3ef5,
-        0x9e6b944a,0x888cae04,0x791a32b4,0x71bd29ec,0xa6d1c13e,0xd3516206 } },
-    /* 186 */
-    { { 0x55924f43,0x2ef6b952,0x4f9de8d5,0xd2f401ae,0xadc68042,0xfc73e8d7,
-        0x0d9d1bb4,0x627ea70c,0xbbf35679,0xc3bb3e3e,0xd882dee4,0x7e8a254a },
-      { 0xb5924407,0x08906f50,0xa1ad444a,0xf14a0e61,0x65f3738e,0xaa0efa21,
-        0xae71f161,0xd60c7dd6,0xf175894d,0x9e8390fa,0x149f4c00,0xd115cd20 } },
-    /* 187 */
-    { { 0xa52abf77,0x2f2e2c1d,0x54232568,0xc2a0dca5,0x54966dcc,0xed423ea2,
-        0xcd0dd039,0xe48c93c7,0x176405c7,0x1e54a225,0x70d58f2e,0x1efb5b16 },
-      { 0x94fb1471,0xa751f9d9,0x67d2941d,0xfdb31e1f,0x53733698,0xa6c74eb2,
-        0x89a0f64a,0xd3155d11,0xa4b8d2b6,0x4414cfe4,0xf7a8e9e3,0x8d5a4be8 } },
-    /* 188 */
-    { { 0x52669e98,0x5c96b4d4,0x8fd42a03,0x4547f922,0xd285174e,0xcf5c1319,
-        0x064bffa0,0x805cd1ae,0x246d27e7,0x50e8bc4f,0xd5781e11,0xf89ef98f },
-      { 0xdee0b63f,0xb4ff95f6,0x222663a4,0xad850047,0x4d23ce9c,0x02691860,
-        0x50019f59,0x3e5309ce,0x69a508ae,0x27e6f722,0x267ba52c,0xe9376652 } },
-    /* 189 */
-    { { 0xc0368708,0xa04d289c,0x5e306e1d,0xc458872f,0x33112fea,0x76fa23de,
-        0x6efde42e,0x718e3974,0x1d206091,0xf0c98cdc,0x14a71987,0x5fa3ca62 },
-      { 0xdcaa9f2a,0xeee8188b,0x589a860d,0x312cc732,0xc63aeb1f,0xf9808dd6,
-        0x4ea62b53,0x70fd43db,0x890b6e97,0x2c2bfe34,0xfa426aa6,0x105f863c } },
-    /* 190 */
-    { { 0xb38059ad,0x0b29795d,0x90647ea0,0x5686b77e,0xdb473a3e,0xeff0470e,
-        0xf9b6d1e2,0x278d2340,0xbd594ec7,0xebbff95b,0xd3a7f23d,0xf4b72334 },
-      { 0xa5a83f0b,0x2a285980,0x9716a8b3,0x0786c41a,0x22511812,0x138901bd,
-        0xe2fede6e,0xd1b55221,0xdf4eb590,0x0806e264,0x762e462e,0x6c4c897e } },
-    /* 191 */
-    { { 0xb4b41d9d,0xd10b905f,0x4523a65b,0x826ca466,0xb699fa37,0x535bbd13,
-        0x73bc8f90,0x5b9933d7,0xcd2118ad,0x9332d61f,0xd4a65fd0,0x158c693e },
-      { 0xe6806e63,0x4ddfb2a8,0xb5de651b,0xe31ed3ec,0x819bc69a,0xf9460e51,
-        0x2c76b1f8,0x6229c0d6,0x901970a3,0xbb78f231,0x9cee72b8,0x31f3820f } },
-    /* 192 */
-    { { 0xc09e1c72,0xe931caf2,0x12990cf4,0x0715f298,0x943262d8,0x33aad81d,
-        0x73048d3f,0x5d292b7a,0xdc7415f6,0xb152aaa4,0x0fd19587,0xc3d10fd9 },
-      { 0x75ddadd0,0xf76b35c5,0x1e7b694c,0x9f5f4a51,0xc0663025,0x2f1ab7eb,
-        0x920260b0,0x01c9cc87,0x05d39da6,0xc4b1f61a,0xeb4a9c4e,0x6dcd76c4 } },
-    /* 193 */
-    { { 0xfdc83f01,0x0ba0916f,0x9553e4f9,0x354c8b44,0xffc5e622,0xa6cc511a,
-        0xe95be787,0xb954726a,0x75b41a62,0xcb048115,0xebfde989,0xfa2ae6cd },
-      { 0x0f24659a,0x6376bbc7,0x4c289c43,0x13a999fd,0xec9abd8b,0xc7134184,
-        0xa789ab04,0x28c02bf6,0xd3e526ec,0xff841ebc,0x640893a8,0x442b191e } },
-    /* 194 */
-    { { 0xfa2b6e20,0x4cac6c62,0xf6d69861,0x97f29e9b,0xbc96d12d,0x228ab1db,
-        0x5e8e108d,0x6eb91327,0x40771245,0xd4b3d4d1,0xca8a803a,0x61b20623 },
-      { 0xa6a560b1,0x2c2f3b41,0x3859fcf4,0x879e1d40,0x024dbfc3,0x7cdb5145,
-        0x3bfa5315,0x55d08f15,0xaa93823a,0x2f57d773,0xc6a2c9a2,0xa97f259c } },
-    /* 195 */
-    { { 0xe58edbbb,0xc306317b,0x79dfdf13,0x25ade51c,0x16d83dd6,0x6b5beaf1,
-        0x1dd8f925,0xe8038a44,0xb2a87b6b,0x7f00143c,0xf5b438de,0xa885d00d },
-      { 0xcf9e48bd,0xe9f76790,0xa5162768,0xf0bdf9f0,0xad7b57cb,0x0436709f,
-        0xf7c15db7,0x7e151c12,0x5d90ee3b,0x3514f022,0x2c361a8d,0x2e84e803 } },
-    /* 196 */
-    { { 0x563ec8d8,0x2277607d,0xe3934cb7,0xa661811f,0xf58fd5de,0x3ca72e7a,
-        0x62294c6a,0x7989da04,0xf6bbefe9,0x88b3708b,0x53ed7c82,0x0d524cf7 },
-      { 0x2f30c073,0x69f699ca,0x9dc1dcf3,0xf0fa264b,0x05f0aaf6,0x44ca4568,
-        0xd19b9baf,0x0f5b23c7,0xeabd1107,0x39193f41,0x2a7c9b83,0x9e3e10ad } },
-    /* 197 */
-    { { 0xd4ae972f,0xa90824f0,0xc6e846e7,0x43eef02b,0x29d2160a,0x7e460612,
-        0xfe604e91,0x29a178ac,0x4eb184b2,0x23056f04,0xeb54cdf4,0x4fcad55f },
-      { 0xae728d15,0xa0ff96f3,0xc6a00331,0x8a2680c6,0x7ee52556,0x5f84cae0,
-        0xc5a65dad,0x5e462c3a,0xe2d23f4f,0x5d2b81df,0xc5b1eb07,0x6e47301b } },
-    /* 198 */
-    { { 0xaf8219b9,0x77411d68,0x51b1907a,0xcb883ce6,0x101383b5,0x25c87e57,
-        0x982f970d,0x9c7d9859,0x118305d2,0xaa6abca5,0x9013a5db,0x725fed2f },
-      { 0xababd109,0x487cdbaf,0x87586528,0xc0f8cf56,0x8ad58254,0xa02591e6,
-        0xdebbd526,0xc071b1d1,0x961e7e31,0x927dfe8b,0x9263dfe1,0x55f895f9 } },
-    /* 199 */
-    { { 0xb175645b,0xf899b00d,0xb65b4b92,0x51f3a627,0xb67399ef,0xa2f3ac8d,
-        0xe400bc20,0xe717867f,0x1967b952,0x42cc9020,0x3ecd1de1,0x3d596751 },
-      { 0xdb979775,0xd41ebcde,0x6a2e7e88,0x99ba61bc,0x321504f2,0x039149a5,
-        0x27ba2fad,0xe7dc2314,0xb57d8368,0x9f556308,0x57da80a7,0x2b6d16c9 } },
-    /* 200 */
-    { { 0x279ad982,0x84af5e76,0x9c8b81a6,0x9bb4c92d,0x0e698e67,0xd79ad44e,
-        0x265fc167,0xe8be9048,0x0c3a4ccc,0xf135f7e6,0xb8863a33,0xa0a10d38 },
-      { 0xd386efd9,0xe197247c,0xb52346c2,0x0eefd3f9,0x78607bc8,0xc22415f9,
-        0x508674ce,0xa2a8f862,0xc8c9d607,0xa72ad09e,0x50fa764f,0xcd9f0ede } },
-    /* 201 */
-    { { 0xd1a46d4d,0x063391c7,0x9eb01693,0x2df51c11,0x849e83de,0xc5849800,
-        0x8ad08382,0x48fd09aa,0xaa742736,0xa405d873,0xe1f9600c,0xee49e61e },
-      { 0x48c76f73,0xd76676be,0x01274b2a,0xd9c100f6,0x83f8718d,0x110bb67c,
-        0x02fc0d73,0xec85a420,0x744656ad,0xc0449e1e,0x37d9939b,0x28ce7376 } },
-    /* 202 */
-    { { 0x44544ac7,0x97e9af72,0xba010426,0xf2c658d5,0xfb3adfbd,0x732dec39,
-        0xa2df0b07,0xd12faf91,0x2171e208,0x8ac26725,0x5b24fa54,0xf820cdc8 },
-      { 0x94f4cf77,0x307a6eea,0x944a33c6,0x18c783d2,0x0b741ac5,0x4b939d4c,
-        0x3ffbb6e4,0x1d7acd15,0x7a255e44,0x06a24858,0xce336d50,0x14fbc494 } },
-    /* 203 */
-    { { 0x51584e3c,0x9b920c0c,0xf7e54027,0xc7733c59,0x88422bbe,0xe24ce139,
-        0x523bd6ab,0x11ada812,0xb88e6def,0xde068800,0xfe8c582d,0x7b872671 },
-      { 0x7de53510,0x4e746f28,0xf7971968,0x492f8b99,0x7d928ac2,0x1ec80bc7,
-        0x432eb1b5,0xb3913e48,0x32028f6e,0xad084866,0x8fc2f38b,0x122bb835 } },
-    /* 204 */
-    { { 0x3b0b29c3,0x0a9f3b1e,0x4fa44151,0x837b6432,0x17b28ea7,0xb9905c92,
-        0x98451750,0xf39bc937,0xce8b6da1,0xcd383c24,0x010620b2,0x299f57db },
-      { 0x58afdce3,0x7b6ac396,0x3d05ef47,0xa15206b3,0xb9bb02ff,0xa0ae37e2,
-        0x9db3964c,0x107760ab,0x67954bea,0xe29de9a0,0x431c3f82,0x446a1ad8 } },
-    /* 205 */
-    { { 0x5c6b8195,0xc6fecea0,0xf49e71b9,0xd744a7c5,0x177a7ae7,0xa8e96acc,
-        0x358773a7,0x1a05746c,0x37567369,0xa4162146,0x87d1c971,0xaa0217f7 },
-      { 0x77fd3226,0x61e9d158,0xe4f600be,0x0f6f2304,0x7a6dff07,0xa9c4cebc,
-        0x09f12a24,0xd15afa01,0x8c863ee9,0x2bbadb22,0xe5eb8c78,0xa28290e4 } },
-    /* 206 */
-    { { 0x3e9de330,0x55b87fa0,0x195c145b,0x12b26066,0xa920bef0,0xe08536e0,
-        0x4d195adc,0x7bff6f2c,0x945f4187,0x7f319e9d,0xf892ce47,0xf9848863 },
-      { 0x4fe37657,0xd0efc1d3,0x5cf0e45a,0x3c58de82,0x8b0ccbbe,0x626ad21a,
-        0xaf952fc5,0xd2a31208,0xeb437357,0x81791995,0x98e95d4f,0x5f19d30f } },
-    /* 207 */
-    { { 0x0e6865bb,0x72e83d9a,0xf63456a6,0x22f5af3b,0x463c8d9e,0x409e9c73,
-        0xdfe6970e,0x40e9e578,0x711b91ca,0x876b6efa,0x942625a3,0x895512cf },
-      { 0xcb4e462b,0x84c8eda8,0x4412e7c8,0x84c0154a,0xceb7b71f,0x04325db1,
-        0x66f70877,0x1537dde3,0x1992b9ac,0xf3a09399,0xd498ae77,0xa7316606 } },
-    /* 208 */
-    { { 0xcad260f5,0x13990d2f,0xeec0e8c0,0x76c3be29,0x0f7bd7d5,0x7dc5bee0,
-        0xefebda4b,0x9be167d2,0x9122b87e,0xcce3dde6,0x82b5415c,0x75a28b09 },
-      { 0xe84607a6,0xf6810bcd,0x6f4dbf0d,0xc6d58128,0x1b4dafeb,0xfead577d,
-        0x066b28eb,0x9bc440b2,0x8b17e84b,0x53f1da97,0xcda9a575,0x0459504b } },
-    /* 209 */
-    { { 0x329e5836,0x13e39a02,0xf717269d,0x2c9e7d51,0xf26c963b,0xc5ac58d6,
-        0x79967bf5,0x3b0c6c43,0x55908d9d,0x60bbea3f,0xf07c9ad1,0xd84811e7 },
-      { 0x5bd20e4a,0xfe7609a7,0x0a70baa8,0xe4325dd2,0xb3600386,0x3711f370,
-        0xd0924302,0x97f9562f,0x4acc4436,0x040dc0c3,0xde79cdd4,0xfd6d725c } },
-    /* 210 */
-    { { 0xcf13eafb,0xb3efd0e3,0x5aa0ae5f,0x21009cbb,0x79022279,0xe480c553,
-        0xb2fc9a6d,0x755cf334,0x07096ae7,0x8564a5bf,0xbd238139,0xddd649d0 },
-      { 0x8a045041,0xd0de10b1,0xc957d572,0x6e05b413,0x4e0fb25c,0x5c5ff806,
-        0x641162fb,0xd933179b,0xe57439f9,0x42d48485,0x8a8d72aa,0x70c5bd0a } },
-    /* 211 */
-    { { 0x97bdf646,0xa7671738,0xab329f7c,0xaa1485b4,0xf8f25fdf,0xce3e11d6,
-        0xc6221824,0x76a3fc7e,0xf3924740,0x045f281f,0x96d13a9a,0x24557d4e },
-      { 0xdd4c27cd,0x875c804b,0x0f5c7fea,0x11c5f0f4,0xdc55ff7e,0xac8c880b,
-        0x1103f101,0x2acddec5,0xf99faa89,0x38341a21,0xce9d6b57,0xc7b67a2c } },
-    /* 212 */
-    { { 0x8e357586,0x9a0d724f,0xdf648da0,0x1d7f4ff5,0xfdee62a5,0x9c3e6c9b,
-        0x0389b372,0x0499cef0,0x98eab879,0xe904050d,0x6c051617,0xe8eef1b6 },
-      { 0xc37e3ca9,0xebf5bfeb,0xa4e0b91d,0x7c5e946d,0x2c4bea28,0x79097314,
-        0xee67b2b7,0x81f6c109,0xdafc5ede,0xaf237d9b,0x2abb04c7,0xd2e60201 } },
-    /* 213 */
-    { { 0x8a4f57bf,0x6156060c,0xff11182a,0xf9758696,0x6296ef00,0x8336773c,
-        0xff666899,0x9c054bce,0x719cd11c,0xd6a11611,0xdbe1acfa,0x9824a641 },
-      { 0xba89fd01,0x0b7b7a5f,0x889f79d8,0xf8d3b809,0xf578285c,0xc5e1ea08,
-        0xae6d8288,0x7ac74536,0x7521ef5f,0x5d37a200,0xb260a25d,0x5ecc4184 } },
-    /* 214 */
-    { { 0xa708c8d3,0xddcebb19,0xc63f81ec,0xe63ed04f,0x11873f95,0xd045f5a0,
-        0x79f276d5,0x3b5ad544,0x425ae5b3,0x81272a3d,0x10ce1605,0x8bfeb501 },
-      { 0x888228bf,0x4233809c,0xb2aff7df,0x4bd82acf,0x0cbd4a7f,0x9c68f180,
-        0x6b44323d,0xfcd77124,0x891db957,0x60c0fcf6,0x04da8f7f,0xcfbb4d89 } },
-    /* 215 */
-    { { 0x3b26139a,0x9a6a5df9,0xb2cc7eb8,0x3e076a83,0x5a964bcd,0x47a8e82d,
-        0xb9278d6b,0x8a4e2a39,0xe4443549,0x93506c98,0xf1e0d566,0x06497a8f },
-      { 0x2b1efa05,0x3dee8d99,0x45393e33,0x2da63ca8,0xcf0579ad,0xa4af7277,
-        0x3236d8ea,0xaf4b4639,0x32b617f5,0x6ccad95b,0xb88bb124,0xce76d8b8 } },
-    /* 216 */
-    { { 0x083843dc,0x63d2537a,0x1e4153b4,0x89eb3514,0xea9afc94,0x5175ebc4,
-        0x8ed1aed7,0x7a652580,0xd85e8297,0x67295611,0xb584b73d,0x8dd2d68b },
-      { 0x0133c3a4,0x237139e6,0x4bd278ea,0x9de838ab,0xc062fcd9,0xe829b072,
-        0x63ba8706,0x70730d4f,0xd3cd05ec,0x6080483f,0x0c85f84d,0x872ab5b8 } },
-    /* 217 */
-    { { 0x999d4d49,0xfc0776d3,0xec3f45e7,0xa3eb59de,0x0dae1fc1,0xbc990e44,
-        0xa15371ff,0x33596b1e,0x9bc7ab25,0xd447dcb2,0x35979582,0xcd5b63e9 },
-      { 0x77d1ff11,0xae3366fa,0xedee6903,0x59f28f05,0xa4433bf2,0x6f43fed1,
-        0xdf9ce00e,0x15409c9b,0xaca9c5dc,0x21b5cded,0x82d7bdb4,0xf9f33595 } },
-    /* 218 */
-    { { 0x9422c792,0x95944378,0xc958b8bf,0x239ea923,0xdf076541,0x4b61a247,
-        0xbb9fc544,0x4d29ce85,0x0b424559,0x9a692a67,0x0e486900,0x6e0ca5a0 },
-      { 0x85b3bece,0x6b79a782,0xc61f9892,0x41f35e39,0xae747f82,0xff82099a,
-        0xd0ca59d6,0x58c8ae3f,0x99406b5f,0x4ac930e2,0x9df24243,0x2ce04eb9 } },
-    /* 219 */
-    { { 0x1ac37b82,0x4366b994,0x25b04d83,0xff0c728d,0x19c47b7c,0x1f551361,
-        0xbeff13e7,0xdbf2d5ed,0xe12a683d,0xf78efd51,0x989cf9c4,0x82cd85b9 },
-      { 0xe0cb5d37,0xe23c6db6,0x72ee1a15,0x818aeebd,0x28771b14,0x8212aafd,
-        0x1def817d,0x7bc221d9,0x9445c51f,0xdac403a2,0x12c3746b,0x711b0517 } },
-    /* 220 */
-    { { 0x5ea99ecc,0x0ed9ed48,0xb8cab5e1,0xf799500d,0xb570cbdc,0xa8ec87dc,
-        0xd35dfaec,0x52cfb2c2,0x6e4d80a4,0x8d31fae2,0xdcdeabe5,0xe6a37dc9 },
-      { 0x1deca452,0x5d365a34,0x0d68b44e,0x09a5f8a5,0xa60744b1,0x59238ea5,
-        0xbb4249e9,0xf2fedc0d,0xa909b2e3,0xe395c74e,0x39388250,0xe156d1a5 } },
-    /* 221 */
-    { { 0x47181ae9,0xd796b3d0,0x44197808,0xbaf44ba8,0x34cf3fac,0xe6933094,
-        0xc3bd5c46,0x41aa6ade,0xeed947c6,0x4fda75d8,0x9ea5a525,0xacd9d412 },
-      { 0xd430301b,0x65cc55a3,0x7b52ea49,0x3c9a5bcf,0x159507f0,0x22d319cf,
-        0xde74a8dd,0x2ee0b9b5,0x877ac2b6,0x20c26a1e,0x92e7c314,0x387d73da } },
-    /* 222 */
-    { { 0x8cd3fdac,0x13c4833e,0x332e5b8e,0x76fcd473,0xe2fe1fd3,0xff671b4b,
-        0x5d98d8ec,0x4d734e8b,0x514bbc11,0xb1ead3c6,0x7b390494,0xd14ca858 },
-      { 0x5d2d37e9,0x95a443af,0x00464622,0x73c6ea73,0x15755044,0xa44aeb4b,
-        0xfab58fee,0xba3f8575,0xdc680a6f,0x9779dbc9,0x7b37ddfc,0xe1ee5f5a } },
-    /* 223 */
-    { { 0x12d29f46,0xcd0b4648,0x0ed53137,0x93295b0b,0x80bef6c9,0xbfe26094,
-        0x54248b00,0xa6565788,0x80e7f9c4,0x69c43fca,0xbe141ea1,0x2190837b },
-      { 0xa1b26cfb,0x875e159a,0x7affe852,0x90ca9f87,0x92ca598e,0x15e6550d,
-        0x1938ad11,0xe3e0945d,0x366ef937,0xef7636bb,0xb39869e5,0xb6034d0b } },
-    /* 224 */
-    { { 0x26d8356e,0x4d255e30,0xd314626f,0xf83666ed,0xd0c8ed64,0x421ddf61,
-        0x26677b61,0x96e473c5,0x9e9b18b3,0xdad4af7e,0xa9393f75,0xfceffd4a },
-      { 0x11c731d5,0x843138a1,0xb2f141d9,0x05bcb3a1,0x617b7671,0x20e1fa95,
-        0x88ccec7b,0xbefce812,0x90f1b568,0x582073dc,0x1f055cb7,0xf572261a } },
-    /* 225 */
-    { { 0x36973088,0xf3148277,0x86a9f980,0xc008e708,0xe046c261,0x1b795947,
-        0xca76bca0,0xdf1e6a7d,0x71acddf0,0xabafd886,0x1364d8f4,0xff7054d9 },
-      { 0xe2260594,0x2cf63547,0xd73b277e,0x468a5372,0xef9bd35e,0xc7419e24,
-        0x24043cc3,0x2b4a1c20,0x890b39cd,0xa28f047a,0x46f9a2e3,0xdca2cea1 } },
-    /* 226 */
-    { { 0x53277538,0xab788736,0xcf697738,0xa734e225,0x6b22e2c1,0x66ee1d1e,
-        0xebe1d212,0x2c615389,0x02bb0766,0xf36cad40,0x3e64f207,0x120885c3 },
-      { 0x90fbfec2,0x59e77d56,0xd7a574ae,0xf9e781aa,0x5d045e53,0x801410b0,
-        0xa91b5f0e,0xd3b5f0aa,0x7fbb3521,0xb3d1df00,0xc72bee9a,0x11c4b33e } },
-    /* 227 */
-    { { 0x83c3a7f3,0xd32b9832,0x88d8a354,0x8083abcf,0x50f4ec5a,0xdeb16404,
-        0x641e2907,0x18d747f0,0xf1bbf03e,0x4e8978ae,0x88a0cd89,0x932447dc },
-      { 0xcf3d5897,0x561e0feb,0x13600e6d,0xfc3a682f,0xd16a6b73,0xc78b9d73,
-        0xd29bf580,0xe713fede,0x08d69e5c,0x0a225223,0x1ff7fda4,0x3a924a57 } },
-    /* 228 */
-    { { 0xb4093bee,0xfb64554c,0xa58c6ec0,0xa6d65a25,0x43d0ed37,0x4126994d,
-        0x55152d44,0xa5689a51,0x284caa8d,0xb8e5ea8c,0xd1f25538,0x33f05d4f },
-      { 0x1b615d6e,0xe0fdfe09,0x705507da,0x2ded7e8f,0x17bbcc80,0xdd5631e5,
-        0x267fd11f,0x4f87453e,0xff89d62d,0xc6da723f,0xe3cda21d,0x55cbcae2 } },
-    /* 229 */
-    { { 0x6b4e84f3,0x336bc94e,0x4ef72c35,0x72863031,0xeeb57f99,0x6d85fdee,
-        0xa42ece1b,0x7f4e3272,0x36f0320a,0x7f86cbb5,0x923331e6,0xf09b6a2b },
-      { 0x56778435,0x21d3ecf1,0x8323b2d2,0x2977ba99,0x1704bc0f,0x6a1b57fb,
-        0x389f048a,0xd777cf8b,0xac6b42cd,0x9ce2174f,0x09e6c55a,0x404e2bff } },
-    /* 230 */
-    { { 0x204c5ddb,0x9b9b135e,0x3eff550e,0x9dbfe044,0xec3be0f6,0x35eab4bf,
-        0x0a43e56f,0x8b4c3f0d,0x0e73f9b3,0x4c1c6673,0x2c78c905,0x92ed38bd },
-      { 0xa386e27c,0xc7003f6a,0xaced8507,0xb9c4f46f,0x59df5464,0xea024ec8,
-        0x429572ea,0x4af96152,0xe1fc1194,0x279cd5e2,0x281e358c,0xaa376a03 } },
-    /* 231 */
-    { { 0x3cdbc95c,0x07859223,0xef2e337a,0xaae1aa6a,0x472a8544,0xc040108d,
-        0x8d037b7d,0x80c853e6,0x8c7eee24,0xd221315c,0x8ee47752,0x195d3856 },
-      { 0xdacd7fbe,0xd4b1ba03,0xd3e0c52b,0x4b5ac61e,0x6aab7b52,0x68d3c052,
-        0x660e3fea,0xf0d7248c,0x3145efb4,0xafdb3f89,0x8f40936d,0xa73fd9a3 } },
-    /* 232 */
-    { { 0xbb1b17ce,0x891b9ef3,0xc6127f31,0x14023667,0x305521fd,0x12b2e58d,
-        0xe3508088,0x3a47e449,0xff751507,0xe49fc84b,0x5310d16e,0x4023f722 },
-      { 0xb73399fa,0xa608e5ed,0xd532aa3e,0xf12632d8,0x845e8415,0x13a2758e,
-        0x1fc2d861,0xae4b6f85,0x339d02f2,0x3879f5b1,0x80d99ebd,0x446d22a6 } },
-    /* 233 */
-    { { 0x4be164f1,0x0f502302,0x88b81920,0x8d09d2d6,0x984aceff,0x514056f1,
-        0x75e9e80d,0xa5c4ddf0,0xdf496a93,0x38cb47e6,0x38df6bf7,0x899e1d6b },
-      { 0xb59eb2a6,0x69e87e88,0x9b47f38b,0x280d9d63,0x3654e955,0x599411ea,
-        0x969aa581,0xcf8dd4fd,0x530742a7,0xff5c2baf,0x1a373085,0xa4391536 } },
-    /* 234 */
-    { { 0xa8a4bdd2,0x6ace72a3,0xb68ef702,0xc656cdd1,0x90c4dad8,0xd4a33e7e,
-        0x9d951c50,0x4aece08a,0x085d68e6,0xea8005ae,0x6f7502b8,0xfdd7a7d7 },
-      { 0x98d6fa45,0xce6fb0a6,0x1104eb8c,0x228f8672,0xda09d7dc,0xd23d8787,
-        0x2ae93065,0x5521428b,0xea56c366,0x95faba3d,0x0a88aca5,0xedbe5039 } },
-    /* 235 */
-    { { 0xbfb26c82,0xd64da0ad,0x952c2f9c,0xe5d70b3c,0xf7e77f68,0xf5e8f365,
-        0x08f2d695,0x7234e002,0xd12e7be6,0xfaf900ee,0x4acf734e,0x27dc6934 },
-      { 0xc260a46a,0x80e4ff5e,0x2dc31c28,0x7da5ebce,0xca69f552,0x485c5d73,
-        0x69cc84c2,0xcdfb6b29,0xed6d4eca,0x031c5afe,0x22247637,0xc7bbf4c8 } },
-    /* 236 */
-    { { 0x49fe01b2,0x9d5b72c7,0x793a91b8,0x34785186,0xcf460438,0xa3ba3c54,
-        0x3ab21b6f,0x73e8e43d,0xbe57b8ab,0x50cde8e0,0xdd204264,0x6488b3a7 },
-      { 0xdddc4582,0xa9e398b3,0x5bec46fe,0x1698c1a9,0x156d3843,0x7f1446ef,
-        0x770329a2,0x3fd25dd8,0x2c710668,0x05b1221a,0xa72ee6cf,0x65b2dc2a } },
-    /* 237 */
-    { { 0xcd021d63,0x21a885f7,0xfea61f08,0x3f344b15,0xc5cf73e6,0xad5ba6dd,
-        0x227a8b23,0x154d0d8f,0xdc559311,0x9b74373c,0x98620fa1,0x4feab715 },
-      { 0x7d9ec924,0x5098938e,0x6d47e550,0x84d54a5e,0x1b617506,0x1a2d1bdc,
-        0x615868a4,0x99fe1782,0x3005a924,0x171da780,0x7d8f79b6,0xa70bf5ed } },
-    /* 238 */
-    { { 0xfe2216c5,0x0bc1250d,0x7601b351,0x2c37e250,0xd6f06b7e,0xb6300175,
-        0x8bfeb9b7,0x4dde8ca1,0xb82f843d,0x4f210432,0xb1ac0afd,0x8d70e2f9 },
-      { 0xaae91abb,0x25c73b78,0x863028f2,0x0230dca3,0xe5cf30b7,0x8b923ecf,
-        0x5506f265,0xed754ec2,0x729a5e39,0x8e41b88c,0xbabf889b,0xee67cec2 } },
-    /* 239 */
-    { { 0x1be46c65,0xe183acf5,0xe7565d7a,0x9789538f,0xd9627b4e,0x87873391,
-        0x9f1d9187,0xbf4ac4c1,0x4691f5c8,0x5db99f63,0x74a1fb98,0xa68df803 },
-      { 0xbf92b5fa,0x3c448ed1,0x3e0bdc32,0xa098c841,0x79bf016c,0x8e74cd55,
-        0x115e244d,0x5df0d09c,0x3410b66e,0x9418ad01,0x17a02130,0x8b6124cb } },
-    /* 240 */
-    { { 0xc26e3392,0x425ec3af,0xa1722e00,0xc07f8470,0xe2356b43,0xdcc28190,
-        0xb1ef59a6,0x4ed97dff,0xc63028c1,0xc22b3ad1,0x68c18988,0x070723c2 },
-      { 0x4cf49e7d,0x70da302f,0x3f12a522,0xc5e87c93,0x18594148,0x74acdd1d,
-        0xca74124c,0xad5f73ab,0xd69fd478,0xe72e4a3e,0x7b117cc3,0x61593868 } },
-    /* 241 */
-    { { 0xa9aa0486,0x7b7b9577,0xa063d557,0x6e41fb35,0xda9047d7,0xb017d5c7,
-        0x68a87ba9,0x8c748280,0xdf08ad93,0xab45fa5c,0x4c288a28,0xcd9fb217 },
-      { 0x5747843d,0x59544642,0xa56111e3,0x34d64c6c,0x4bfce8d5,0x12e47ea1,
-        0x6169267f,0x17740e05,0xeed03fb5,0x5c49438e,0x4fc3f513,0x9da30add } },
-    /* 242 */
-    { { 0xccfa5200,0xc4e85282,0x6a19b13d,0x2707608f,0xf5726e2f,0xdcb9a53d,
-        0xe9427de5,0x612407c9,0xd54d582a,0x3e5a17e1,0x655ae118,0xb99877de },
-      { 0x015254de,0x6f0e972b,0xf0a6f7c5,0x92a56db1,0xa656f8b2,0xd297e4e1,
-        0xad981983,0x99fe0052,0x07cfed84,0xd3652d2f,0x843c1738,0xc784352e } },
-    /* 243 */
-    { { 0x7e9b2d8a,0x6ee90af0,0x57cf1964,0xac8d7018,0x71f28efc,0xf6ed9031,
-        0x6812b20e,0x7f70d5a9,0xf1c61eee,0x27b557f4,0xc6263758,0xf1c9bd57 },
-      { 0x2a1a6194,0x5cf7d014,0x1890ab84,0xdd614e0b,0x0e93c2a6,0x3ef9de10,
-        0xe0cd91c5,0xf98cf575,0x14befc32,0x504ec0c6,0x6279d68c,0xd0513a66 } },
-    /* 244 */
-    { { 0xa859fb6a,0xa8eadbad,0xdb283666,0xcf8346e7,0x3e22e355,0x7b35e61a,
-        0x99639c6b,0x293ece2c,0x56f241c8,0xfa0162e2,0xbf7a1dda,0xd2e6c7b9 },
-      { 0x40075e63,0xd0de6253,0xf9ec8286,0x2405aa61,0x8fe45494,0x2237830a,
-        0x364e9c8c,0x4fd01ac7,0x904ba750,0x4d9c3d21,0xaf1b520b,0xd589be14 } },
-    /* 245 */
-    { { 0x4662e53b,0x13576a4f,0xf9077676,0x35ec2f51,0x97c0af97,0x66297d13,
-        0x9e598b58,0xed3201fe,0x5e70f604,0x49bc752a,0xbb12d951,0xb54af535 },
-      { 0x212c1c76,0x36ea4c2b,0xeb250dfd,0x18f5bbc7,0x9a0a1a46,0xa0d466cc,
-        0xdac2d917,0x52564da4,0x8e95fab5,0x206559f4,0x9ca67a33,0x7487c190 } },
-    /* 246 */
-    { { 0xdde98e9c,0x75abfe37,0x2a411199,0x99b90b26,0xdcdb1f7c,0x1b410996,
-        0x8b3b5675,0xab346f11,0xf1f8ae1e,0x04852193,0x6b8b98c1,0x1ec4d227 },
-      { 0x45452baa,0xba3bc926,0xacc4a572,0x387d1858,0xe51f171e,0x9478eff6,
-        0x931e1c00,0xf357077d,0xe54c8ca8,0xffee77cd,0x551dc9a4,0xfb4892ff } },
-    /* 247 */
-    { { 0x2db8dff8,0x5b1bdad0,0x5a2285a2,0xd462f4fd,0xda00b461,0x1d6aad8e,
-        0x41306d1b,0x43fbefcf,0x6a13fe19,0x428e86f3,0x17f89404,0xc8b2f118 },
-      { 0xf0d51afb,0x762528aa,0x549b1d06,0xa3e2fea4,0xea3ddf66,0x86fad8f2,
-        0x4fbdd206,0x0d9ccc4b,0xc189ff5a,0xcde97d4c,0x199f19a6,0xc36793d6 } },
-    /* 248 */
-    { { 0x51b85197,0xea38909b,0xb4c92895,0xffb17dd0,0x1ddb3f3f,0x0eb0878b,
-        0xc57cf0f2,0xb05d28ff,0x1abd57e2,0xd8bde2e7,0xc40c1b20,0x7f2be28d },
-      { 0x299a2d48,0x6554dca2,0x8377982d,0x5130ba2e,0x1071971a,0x8863205f,
-        0x7cf2825d,0x15ee6282,0x03748f2b,0xd4b6c57f,0x430385a0,0xa9e3f4da } },
-    /* 249 */
-    { { 0x83fbc9c6,0x33eb7cec,0x4541777e,0x24a311c7,0x4f0767fc,0xc81377f7,
-        0x4ab702da,0x12adae36,0x2a779696,0xb7fcb6db,0x01cea6ad,0x4a6fb284 },
-      { 0xcdfc73de,0x5e8b1d2a,0x1b02fd32,0xd0efae8d,0xd81d8519,0x3f99c190,
-        0xfc808971,0x3c18f7fa,0x51b7ae7b,0x41f713e7,0xf07fc3f8,0x0a4b3435 } },
-    /* 250 */
-    { { 0x019b7d2e,0x7dda3c4c,0xd4dc4b89,0x631c8d1a,0x1cdb313c,0x5489cd6e,
-        0x4c07bb06,0xd44aed10,0x75f000d1,0x8f97e13a,0xdda5df4d,0x0e9ee64f },
-      { 0x3e346910,0xeaa99f3b,0xfa294ad7,0x622f6921,0x0d0b2fe9,0x22aaa20d,
-        0x1e5881ba,0x4fed2f99,0xc1571802,0x9af3b2d6,0xdc7ee17c,0x919e67a8 } },
-    /* 251 */
-    { { 0x76250533,0xc724fe4c,0x7d817ef8,0x8a2080e5,0x172c9751,0xa2afb0f4,
-        0x17c0702e,0x9b10cdeb,0xc9b7e3e9,0xbf3975e3,0x1cd0cdc5,0x206117df },
-      { 0xbe05ebd5,0xfb049e61,0x16c782c0,0xeb0bb55c,0xab7fed09,0x13a331b8,
-        0x632863f0,0xf6c58b1d,0x4d3b6195,0x6264ef6e,0x9a53f116,0x92c51b63 } },
-    /* 252 */
-    { { 0x288b364d,0xa57c7bc8,0x7b41e5c4,0x4a562e08,0x698a9a11,0x699d21c6,
-        0xf3f849b9,0xa4ed9581,0x9eb726ba,0xa223eef3,0xcc2884f9,0x13159c23 },
-      { 0x3a3f4963,0x73931e58,0x0ada6a81,0x96500389,0x5ab2950b,0x3ee8a1c6,
-        0x775fab52,0xeedf4949,0x4f2671b6,0x63d652e1,0x3c4e2f55,0xfed4491c } },
-    /* 253 */
-    { { 0xf4eb453e,0x335eadc3,0xcadd1a5b,0x5ff74b63,0x5d84a91a,0x6933d0d7,
-        0xb49ba337,0x9ca3eeb9,0xc04c15b8,0x1f6facce,0xdc09a7e4,0x4ef19326 },
-      { 0x3dca3233,0x53d2d324,0xa2259d4b,0x0ee40590,0x5546f002,0x18c22edb,
-        0x09ea6b71,0x92429801,0xb0e91e61,0xaada0add,0x99963c50,0x5fe53ef4 } },
-    /* 254 */
-    { { 0x90c28c65,0x372dd06b,0x119ce47d,0x1765242c,0x6b22fc82,0xc041fb80,
-        0xb0a7ccc1,0x667edf07,0x1261bece,0xc79599e7,0x19cff22a,0xbc69d9ba },
-      { 0x13c06819,0x009d77cd,0xe282b79d,0x635a66ae,0x225b1be8,0x4edac4a6,
-        0x524008f9,0x57d4f4e4,0xb056af84,0xee299ac5,0x3a0bc386,0xcc38444c } },
-    /* 255 */
-    { { 0xcd4c2356,0x490643b1,0x750547be,0x740a4851,0xd4944c04,0x643eaf29,
-        0x299a98a0,0xba572479,0xee05fdf9,0x48b29f16,0x089b2d7b,0x33fb4f61 },
-      { 0xa950f955,0x86704902,0xfedc3ddf,0x97e1034d,0x05fbb6a2,0x211320b6,
-        0x432299bb,0x23d7b93f,0x8590e4a3,0x1fe1a057,0xf58c0ce6,0x8e1d0586 } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^48, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_12(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_12(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, km);
-
-            err = sp_384_ecc_mulmod_base_12(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 12 + 12 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12 + 12 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 12;
-
-        sp_384_from_mp(k, 12, km);
-        sp_384_point_from_ecc_point_12(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_12(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_12(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_384_proj_point_add_12(point, point, addP, tmp);
-
-        if (map) {
-                sp_384_map_12(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_12(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_add_one_12(sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADDS	r1, r1, #0x1\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_12(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 12, buf, (int)sizeof(buf));
-            if (sp_384_cmp_12(k, p384_order2) <= 0) {
-                sp_384_add_one_12(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 12);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_12(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_base_12(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_12(point->x) || sp_384_iszero_12(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_12(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-    sp_digit k[12];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_12(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_12(ctx->point->x) ||
-                    sp_384_iszero_12(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_12(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_12(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    for (i = 11; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 12);
-    int err = MP_OKAY;
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 12, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 12, priv);
-        sp_384_point_from_ecc_point_12(point, pub);
-            err = sp_384_ecc_mulmod_12(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_12(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-    };
-    sp_digit k[12];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 12, priv);
-            sp_384_point_from_ecc_point_12(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_12(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x30\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_sub_in_pkace_12_word:\n\t"
-#else
-    "L_sp_384_sub_in_pkace_12_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_384_sub_in_pkace_12_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_384_sub_in_pkace_12_word\n\t"
-#else
-        "BNE.N	L_sp_384_sub_in_pkace_12_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_mul_d_12_word:\n\t"
-#else
-    "L_sp_384_mul_d_12_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x30\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_384_mul_d_12_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_384_mul_d_12_word\n\t"
-#else
-        "BLT.N	L_sp_384_mul_d_12_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #48]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_mul_d_12(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "STR	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_384_word_12_bit:\n\t"
-#else
-    "L_div_384_word_12_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_384_word_12_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_384_word_12_bit\n\t"
-#else
-        "BPL.N	L_div_384_word_12_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<12; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-    r[9] = a[9] & m;
-    r[10] = a[10] & m;
-    r[11] = a[11] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[24], t2[13];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[11];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 12);
-    r1 = sp_384_cmp_12(&t1[12], d) >= 0;
-    sp_384_cond_sub_12(&t1[12], &t1[12], d, (sp_digit)0 - r1);
-    for (i = 11; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[12 + i] == div);
-        sp_digit hi = t1[12 + i] + mask;
-        r1 = div_384_word_12(hi, t1[12 + i - 1], div);
-        r1 |= mask;
-
-        sp_384_mul_d_12(t2, d, r1);
-        t1[12 + i] += sp_384_sub_in_place_12(&t1[i], t2);
-        t1[12 + i] -= t2[12];
-        sp_384_mask_12(t2, d, t1[12 + i]);
-        t1[12 + i] += sp_384_add_12(&t1[i], &t1[i], t2);
-        sp_384_mask_12(t2, d, t1[12 + i]);
-        t1[12 + i] += sp_384_add_12(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_384_cmp_12(t1, d) >= 0;
-    sp_384_cond_sub_12(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_384_div_12(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_12(r, a, b);
-    sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word32 p384_order_minus_2[12] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word32 p384_order_low[6] = {
-    0xccc52971U,0xecec196aU,0x48b0a77aU,0x581a0db2U,0xf4372ddfU,0xc7634d81U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_12(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_12(r, a);
-    sp_384_mont_reduce_order_12(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_12(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_12(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_12(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_12_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_12_ctx;
-static int sp_384_mont_inv_order_12_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_12_ctx* ctx = (sp_384_mont_inv_order_12_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_12_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 12);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_12(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 12U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_12(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 12);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_12(t, t);
-        if ((p384_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 12U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 12;
-    sp_digit* t3 = td + 4 * 12;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_12(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_12(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_12(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_12(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_12(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_12(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_12(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_12(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_12(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_12(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_12(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_12(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_12(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_12(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_12(t2, t2);
-        if ((p384_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_384_mont_mul_order_12(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_12(t2, t2);
-    sp_384_mont_mul_order_12(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_12(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_12(k, k, p384_norm_order);
-    err = sp_384_mod_12(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_12(k);
-
-        /* kInv = 1/k mod order */
-            sp_384_mont_inv_order_12(kInv, k, tmp);
-        sp_384_norm_12(kInv);
-
-        /* s = r * x + e */
-            sp_384_mul_12(x, x, r);
-        err = sp_384_mod_12(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_12(x);
-        carry = sp_384_add_12(s, e, x);
-        sp_384_cond_sub_12(s, s, p384_order, 0 - carry);
-        sp_384_norm_12(s);
-        c = sp_384_cmp_12(s, p384_order);
-        sp_384_cond_sub_12(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(s);
-
-        /* s = s * k^-1 mod order */
-            sp_384_mont_mul_order_12(s, s, kInv);
-        sp_384_norm_12(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 12);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 12;
-        k = e + 4 * 12;
-        r = e + 6 * 12;
-        tmp = e + 8 * 12;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_12(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 12, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_384_ecc_mulmod_base_12(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 12U);
-            sp_384_norm_12(r);
-            c = sp_384_cmp_12(r, p384_order);
-            sp_384_cond_sub_12(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_12(r);
-
-            if (!sp_384_iszero_12(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 12, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 12, hash, (int)hashLen);
-
-                err = sp_384_calc_s_12(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_12(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 12, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-        sp_384_mont_inv_order_12_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*12];
-    sp_digit x[2*12];
-    sp_digit k[2*12];
-    sp_digit r[2*12];
-    sp_digit tmp[3 * 2*12];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_12(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 12, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 12U);
-        sp_384_norm_12(ctx->r);
-        c = sp_384_cmp_12(ctx->r, p384_order);
-        sp_384_cond_sub_12(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 12, priv);
-        sp_384_from_bin(ctx->e, 12, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_12(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_12(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_12(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_12_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_12(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_12(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_12(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_384_norm_12(ctx->x);
-        carry = sp_384_add_12(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_12(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_12(ctx->s);
-        c = sp_384_cmp_12(ctx->s, p384_order);
-        sp_384_cond_sub_12(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_12(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_12(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_12(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_12(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 12U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 12U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_384_div2_mod_12(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r4}\n\t"
-        "ANDS	r3, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_div2_mod_12_even_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_div2_mod_12_even\n\t"
-#else
-        "BEQ.N	L_sp_384_div2_mod_12_even_%=\n\t"
-#endif
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "ADC	r3, r12, r12\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_div2_mod_12_div2_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_div2_mod_12_div2\n\t"
-#else
-        "B.N	L_sp_384_div2_mod_12_div2_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_div2_mod_12_even:\n\t"
-#else
-    "L_sp_384_div2_mod_12_even_%=:\n\t"
-#endif
-        "LDM	%[a]!, {r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_div2_mod_12_div2:\n\t"
-#else
-    "L_sp_384_div2_mod_12_div2_%=:\n\t"
-#endif
-        "SUB	%[r], %[r], #0x30\n\t"
-        "LDRD	r8, r9, [%[r]]\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #8]\n\t"
-        "STR	r8, [%[r]]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #12]\n\t"
-        "STR	r9, [%[r], #4]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #16]\n\t"
-        "STR	r10, [%[r], #8]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #20]\n\t"
-        "STR	r8, [%[r], #12]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #24]\n\t"
-        "STR	r9, [%[r], #16]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #28]\n\t"
-        "STR	r10, [%[r], #20]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #32]\n\t"
-        "STR	r8, [%[r], #24]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #36]\n\t"
-        "STR	r9, [%[r], #28]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #40]\n\t"
-        "STR	r10, [%[r], #32]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #44]\n\t"
-        "STR	r8, [%[r], #36]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "ORR	r10, r10, r3, lsl #31\n\t"
-        "STR	r9, [%[r], #40]\n\t"
-        "STR	r10, [%[r], #44]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_384_num_bits_12(const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r1, [%[a], #44]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_11_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_11\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_11_%=\n\t"
-#endif
-        "MOV	r2, #0x180\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_11:\n\t"
-#else
-    "L_sp_384_num_bits_12_11_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #40]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_10_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_10\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_10_%=\n\t"
-#endif
-        "MOV	r2, #0x160\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_10:\n\t"
-#else
-    "L_sp_384_num_bits_12_10_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #36]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_9\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_9_%=\n\t"
-#endif
-        "MOV	r2, #0x140\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_9:\n\t"
-#else
-    "L_sp_384_num_bits_12_9_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #32]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_8_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_8\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_8_%=\n\t"
-#endif
-        "MOV	r2, #0x120\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_8:\n\t"
-#else
-    "L_sp_384_num_bits_12_8_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #28]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_7_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_7\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_7_%=\n\t"
-#endif
-        "MOV	r2, #0x100\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_7:\n\t"
-#else
-    "L_sp_384_num_bits_12_7_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #24]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_6_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_6\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_6_%=\n\t"
-#endif
-        "MOV	r2, #0xe0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_6:\n\t"
-#else
-    "L_sp_384_num_bits_12_6_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #20]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_5_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_5\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_5_%=\n\t"
-#endif
-        "MOV	r2, #0xc0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_5:\n\t"
-#else
-    "L_sp_384_num_bits_12_5_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #16]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_4_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_4\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_4_%=\n\t"
-#endif
-        "MOV	r2, #0xa0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_4:\n\t"
-#else
-    "L_sp_384_num_bits_12_4_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #12]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_3_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_3\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_3_%=\n\t"
-#endif
-        "MOV	r2, #0x80\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_3:\n\t"
-#else
-    "L_sp_384_num_bits_12_3_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #8]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_2_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_2\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_2_%=\n\t"
-#endif
-        "MOV	r2, #0x60\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_2:\n\t"
-#else
-    "L_sp_384_num_bits_12_2_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #4]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_384_num_bits_12_1_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_384_num_bits_12_1\n\t"
-#else
-        "BEQ.N	L_sp_384_num_bits_12_1_%=\n\t"
-#endif
-        "MOV	r2, #0x40\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_384_num_bits_12_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_384_num_bits_12_13\n\t"
-#else
-        "B.N	L_sp_384_num_bits_12_13_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_1:\n\t"
-#else
-    "L_sp_384_num_bits_12_1_%=:\n\t"
-#endif
-        "LDR	r1, [%[a]]\n\t"
-        "MOV	r2, #0x20\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_384_num_bits_12_13:\n\t"
-#else
-    "L_sp_384_num_bits_12_13_%=:\n\t"
-#endif
-        "MOV	%[a], r4\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[12];
-    sp_digit v[12];
-    sp_digit b[12];
-    sp_digit d[12];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_384_num_bits_12(u);
-    vt = sp_384_num_bits_12(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_384_rshift1_12(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_384_rshift1_12(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_384_rshift1_12(v, v);
-            sp_384_div2_mod_12(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
-            sp_384_sub_12(u, u, v);
-            o = sp_384_sub_12(b, b, d);
-            if (o != 0)
-                sp_384_add_12(b, b, m);
-            ut = sp_384_num_bits_12(u);
-
-            do {
-                sp_384_rshift1_12(u, u);
-                sp_384_div2_mod_12(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_384_sub_12(v, v, u);
-            o = sp_384_sub_12(d, d, b);
-            if (o != 0)
-                sp_384_add_12(d, d, m);
-            vt = sp_384_num_bits_12(v);
-
-            do {
-                sp_384_rshift1_12(v, v);
-                sp_384_div2_mod_12(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-
-        sp_384_proj_point_add_12(p1, p1, p2, tmp);
-    if (sp_384_iszero_12(p1->z)) {
-        if (sp_384_iszero_12(p1->x) && sp_384_iszero_12(p1->y)) {
-                sp_384_proj_point_dbl_12(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_12(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_12(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_384_mul_12(s, s, p384_norm_order);
-        err = sp_384_mod_12(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_12(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_384_mont_inv_order_12(s, s, tmp);
-            sp_384_mont_mul_order_12(u1, u1, s);
-            sp_384_mont_mul_order_12(u2, u2, s);
-        }
-#else
-        {
-            sp_384_mont_mul_order_12(u1, u1, s);
-            sp_384_mont_mul_order_12(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_384_ecc_mulmod_base_12(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_12(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_384_ecc_mulmod_12(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_12(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_12(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 12);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 12;
-        s   = u1 + 4 * 12;
-        tmp = u1 + 6 * 12;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 12, hash, (int)hashLen);
-        sp_384_from_mp(u2, 12, rm);
-        sp_384_from_mp(s, 12, sm);
-        sp_384_from_mp(p2->x, 12, pX);
-        sp_384_from_mp(p2->y, 12, pY);
-        sp_384_from_mp(p2->z, 12, pZ);
-
-        err = sp_384_calc_vfy_point_12(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 12, rm);
-        err = sp_384_mod_mul_norm_12(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_384_mont_sqr_12(p1->z, p1->z, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_12(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_12(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 12, rm);
-            carry = sp_384_add_12(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_12(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_12(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_12(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_384_mont_mul_12(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_12(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_12_ctx mulmod_ctx;
-        sp_384_mont_inv_order_12_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_12_ctx dbl_ctx;
-        sp_384_proj_point_add_12_ctx add_ctx;
-    };
-    sp_digit u1[2*12];
-    sp_digit u2[2*12];
-    sp_digit s[2*12];
-    sp_digit tmp[2*12 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 12, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 12, rm);
-        sp_384_from_mp(ctx->s, 12, sm);
-        sp_384_from_mp(ctx->p2.x, 12, pX);
-        sp_384_from_mp(ctx->p2.y, 12, pY);
-        sp_384_from_mp(ctx->p2.z, 12, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_12(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_12(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_12(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_12_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_12(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_12(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_12(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_12_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_12(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_12_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 12, rm);
-        err = sp_384_mod_mul_norm_12(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_12(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_12(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_12(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 12, rm);
-            carry = sp_384_add_12(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_12(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_12(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_12(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_12(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_12(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_12(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 12 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 12 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 12;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_12(t1, point->y);
-        (void)sp_384_mod_12(t1, t1, p384_mod);
-        sp_384_sqr_12(t2, point->x);
-        (void)sp_384_mod_12(t2, t2, p384_mod);
-        sp_384_mul_12(t2, t2, point->x);
-        (void)sp_384_mod_12(t2, t2, p384_mod);
-        sp_384_mont_sub_12(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_12(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_12(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 12, pX);
-        sp_384_from_mp(pub->y, 12, pY);
-        sp_384_from_bin(pub->z, 12, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_12(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 12);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 12, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 12, pX);
-        sp_384_from_mp(pub->y, 12, pY);
-        sp_384_from_bin(pub->z, 12, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 12, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_12(pub->x) != 0) &&
-            (sp_384_iszero_12(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_12(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_12(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_12(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_384_ecc_mulmod_12(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_12(p->x) == 0) ||
-                             (sp_384_iszero_12(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_12(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_12(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        sp_384_from_mp(q->x, 12, qX);
-        sp_384_from_mp(q->y, 12, qY);
-        sp_384_from_mp(q->z, 12, qZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-        q->infinity = sp_384_iszero_12(q->x) &
-                      sp_384_iszero_12(q->y);
-
-            sp_384_proj_point_add_12(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-
-            sp_384_proj_point_dbl_12(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 12 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 12 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 12, pX);
-        sp_384_from_mp(p->y, 12, pY);
-        sp_384_from_mp(p->z, 12, pZ);
-        p->infinity = sp_384_iszero_12(p->x) &
-                      sp_384_iszero_12(p->y);
-
-            sp_384_map_12(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_12(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 12);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 12;
-        t3 = t1 + 4 * 12;
-        t4 = t1 + 6 * 12;
-        t5 = t1 + 8 * 12;
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_12(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_12(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_12(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_12(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_12(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_12(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_12(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_12(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_12(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_12(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_12(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_12(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_12(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_12(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_12(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_12(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_12(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_12(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_12(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_12(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_12(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 12);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 12;
-
-        sp_384_from_mp(x, 12, xm);
-        err = sp_384_mod_mul_norm_12(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_384_mont_sqr_12(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_12(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        sp_384_mont_sub_12(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_12(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_12(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_12(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 12, 0, 12U * sizeof(sp_digit));
-        sp_384_mont_reduce_12(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_12(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 17];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 17];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 17];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[17] = {
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[17] = {
-    0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x00000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[17] = {
-    0x91386409,0xbb6fb71e,0x899c47ae,0x3bb5c9b8,0xf709a5d0,0x7fcc0148,
-    0xbf2f966b,0x51868783,0xfffffffa,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[17] = {
-    0x91386407,0xbb6fb71e,0x899c47ae,0x3bb5c9b8,0xf709a5d0,0x7fcc0148,
-    0xbf2f966b,0x51868783,0xfffffffa,0xffffffff,0xffffffff,0xffffffff,
-    0xffffffff,0xffffffff,0xffffffff,0xffffffff,0x000001ff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[17] = {
-    0x6ec79bf7,0x449048e1,0x7663b851,0xc44a3647,0x08f65a2f,0x8033feb7,
-    0x40d06994,0xae79787c,0x00000005,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x79a995c7;
-#endif
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[17] = {
-    0x6b503f00,0xef451fd4,0x3d2c34f1,0x3573df88,0x3bb1bf07,0x1652c0bd,
-    0xec7e937b,0x56193951,0x8ef109e1,0xb8b48991,0x99b315f3,0xa2da725b,
-    0xb68540ee,0x929a21a0,0x8e1c9a1f,0x953eb961,0x00000051
-};
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x88\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mul_17_outer:\n\t"
-#else
-    "L_sp_521_mul_17_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x40\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mul_17_inner:\n\t"
-#else
-    "L_sp_521_mul_17_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_521_mul_17_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_521_mul_17_inner_done\n\t"
-#else
-        "BGT.N	L_sp_521_mul_17_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_521_mul_17_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_521_mul_17_inner\n\t"
-#else
-        "BLT.N	L_sp_521_mul_17_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mul_17_inner_done:\n\t"
-#else
-    "L_sp_521_mul_17_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x7c\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_521_mul_17_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_521_mul_17_outer\n\t"
-#else
-        "BLE.N	L_sp_521_mul_17_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #64]\n\t"
-        "LDR	r11, [%[b], #64]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "LDM	sp!, {r6, r7}\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SUB	r5, r5, #0x8\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mul_17_store:\n\t"
-#else
-    "L_sp_521_mul_17_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_521_mul_17_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_521_mul_17_store\n\t"
-#else
-        "BGT.N	L_sp_521_mul_17_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        /* A[0] * B[0] */
-        "LDR	r11, [%[a]]\n\t"
-        "LDR	r12, [%[b]]\n\t"
-        "UMULL	r3, r4, r11, r12\n\t"
-        "MOV	r5, #0x0\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[0] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[1] */
-        "LDR	r11, [%[a], #4]\n\t"
-        "LDR	r12, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[2] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[2] */
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[1] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[0] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[1] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[2] */
-        "LDR	r11, [%[a], #8]\n\t"
-        "LDR	r12, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[3] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[4] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[4] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[2] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[1] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[0] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[1] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[2] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[3] */
-        "LDR	r11, [%[a], #12]\n\t"
-        "LDR	r12, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[4] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[5] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[0] * B[6] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[6] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[5] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[4] */
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[3] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[2] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[1] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[0] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[1] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[2] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[3] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[4] */
-        "LDR	r11, [%[a], #16]\n\t"
-        "LDR	r12, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[5] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[6] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[7] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[8] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[8] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[7] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[6] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[4] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[3] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[2] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[1] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[0] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[1] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[2] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[3] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[4] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[5] */
-        "LDR	r11, [%[a], #20]\n\t"
-        "LDR	r12, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[6] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[7] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[8] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[9] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[10] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[10] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[9] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[8] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[7] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[6] */
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[5] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[4] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[3] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[2] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[1] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[0] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #44]\n\t"
-        /* A[12] * B[0] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[1] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[2] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[3] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[4] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[5] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[6] */
-        "LDR	r11, [%[a], #24]\n\t"
-        "LDR	r12, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[7] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[8] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[9] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[10] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[11] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[0] * B[12] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #48]\n\t"
-        /* A[0] * B[13] */
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[12] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[11] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[10] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[9] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[8] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[6] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[5] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[4] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[3] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[2] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[1] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[0] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #52]\n\t"
-        /* A[14] * B[0] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[1] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[2] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[3] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[4] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[5] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[6] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[7] */
-        "LDR	r11, [%[a], #28]\n\t"
-        "LDR	r12, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[8] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[9] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[10] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[11] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[12] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[13] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[14] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #56]\n\t"
-        /* A[0] * B[15] */
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[14] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[13] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[12] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[11] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[10] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[9] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[8] */
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[7] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[6] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[5] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[4] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[3] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[2] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[1] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[0] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #60]\n\t"
-        /* A[16] * B[0] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[1] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[2] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[3] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[4] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[5] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[6] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[7] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[8] */
-        "LDR	r11, [%[a], #32]\n\t"
-        "LDR	r12, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[9] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[10] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[11] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[12] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[13] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[14] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[15] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[16] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #64]\n\t"
-        /* A[1] * B[16] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[15] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[14] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[13] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[12] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[11] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[10] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[8] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[7] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[6] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[5] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[4] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[3] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[2] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[16] * B[1] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #68]\n\t"
-        /* A[16] * B[2] */
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[3] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[4] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[5] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[6] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[7] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[8] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[9] */
-        "LDR	r11, [%[a], #36]\n\t"
-        "LDR	r12, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[10] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[11] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[12] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[13] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[14] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[15] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[16] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #72]\n\t"
-        /* A[3] * B[16] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[15] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[14] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[13] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[12] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[11] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[10] */
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[9] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[8] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[7] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[6] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[5] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[4] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[16] * B[3] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #76]\n\t"
-        /* A[16] * B[4] */
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[5] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[6] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[7] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[8] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[9] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[10] */
-        "LDR	r11, [%[a], #40]\n\t"
-        "LDR	r12, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[11] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[12] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[13] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[14] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[15] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[16] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #80]\n\t"
-        /* A[5] * B[16] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[15] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[14] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[13] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[12] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[10] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[9] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[8] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[7] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[6] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[16] * B[5] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #84]\n\t"
-        /* A[16] * B[6] */
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[7] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[8] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[9] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[10] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[11] */
-        "LDR	r11, [%[a], #44]\n\t"
-        "LDR	r12, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[12] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[13] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[14] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[15] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[16] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #88]\n\t"
-        /* A[7] * B[16] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[15] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[14] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[13] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[12] */
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[11] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[10] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[9] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[8] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[16] * B[7] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #92]\n\t"
-        /* A[16] * B[8] */
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[9] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[10] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[11] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[12] */
-        "LDR	r11, [%[a], #48]\n\t"
-        "LDR	r12, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[13] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[14] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[15] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[16] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #96]\n\t"
-        /* A[9] * B[16] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[15] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[14] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[13] */
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[12] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[11] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[10] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[16] * B[9] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #100]\n\t"
-        /* A[16] * B[10] */
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[11] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[12] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[13] */
-        "LDR	r11, [%[a], #52]\n\t"
-        "LDR	r12, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[14] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[15] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[16] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #104]\n\t"
-        /* A[11] * B[16] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[15] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[14] */
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[13] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[12] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[16] * B[11] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #108]\n\t"
-        /* A[16] * B[12] */
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[13] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[14] */
-        "LDR	r11, [%[a], #56]\n\t"
-        "LDR	r12, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[15] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[16] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #112]\n\t"
-        /* A[13] * B[16] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[15] */
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[14] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[16] * B[13] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #116]\n\t"
-        /* A[16] * B[14] */
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[15] */
-        "LDR	r11, [%[a], #60]\n\t"
-        "LDR	r12, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[16] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #64]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #120]\n\t"
-        /* A[15] * B[16] */
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[16] * B[15] */
-        "LDR	r8, [%[a], #64]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #124]\n\t"
-        /* A[16] * B[16] */
-        "UMLAL	r5, r3, r8, r9\n\t"
-        "STR	r5, [%[r], #128]\n\t"
-        "STR	r3, [%[r], #132]\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3}\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x88\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_sqr_17_outer:\n\t"
-#else
-    "L_sp_521_sqr_17_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x40\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_sqr_17_inner:\n\t"
-#else
-    "L_sp_521_sqr_17_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_521_sqr_17_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_521_sqr_17_inner_done\n\t"
-#else
-        "BGT.N	L_sp_521_sqr_17_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_521_sqr_17_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_521_sqr_17_inner\n\t"
-#else
-        "BLT.N	L_sp_521_sqr_17_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_sqr_17_inner_done:\n\t"
-#else
-    "L_sp_521_sqr_17_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x7c\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_521_sqr_17_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_521_sqr_17_outer\n\t"
-#else
-        "BLE.N	L_sp_521_sqr_17_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #64]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "LDM	sp!, {r6, r7}\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SUB	r5, r5, #0x8\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_sqr_17_store:\n\t"
-#else
-    "L_sp_521_sqr_17_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_521_sqr_17_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_521_sqr_17_store\n\t"
-#else
-        "BGT.N	L_sp_521_sqr_17_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#else
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        /* A[0] * A[0] */
-        "LDR	r10, [%[a]]\n\t"
-        "UMULL	r8, r3, r10, r10\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[1] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[2] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #44]\n\t"
-        /* A[0] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #48]\n\t"
-        /* A[0] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #52]\n\t"
-        /* A[0] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #56]\n\t"
-        /* A[0] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #60]\n\t"
-        /* A[0] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #64]\n\t"
-        /* A[1] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[2] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        /* A[2] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[3] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #72]\n\t"
-        /* A[3] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[4] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #76]\n\t"
-        /* A[4] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[5] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        /* A[5] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[6] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #84]\n\t"
-        /* A[6] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[7] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #88]\n\t"
-        /* A[7] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[8] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        /* A[8] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[9] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[12] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #96]\n\t"
-        /* A[9] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[10] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[12] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #100]\n\t"
-        /* A[10] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[11] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[12] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[13] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #104]\n\t"
-        /* A[11] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[12] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[13] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #108]\n\t"
-        /* A[12] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[13] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[14] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [%[r], #112]\n\t"
-        /* A[13] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #116]\n\t"
-        /* A[14] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [%[r], #120]\n\t"
-        /* A[15] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [%[r], #124]\n\t"
-        /* A[16] * A[16] */
-        "LDR	r10, [%[a], #64]\n\t"
-        "UMLAL	r4, r2, r10, r10\n\t"
-        "STR	r4, [%[r], #128]\n\t"
-        "STR	r2, [%[r], #132]\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2}\n\t"
-        "STM	%[r]!, {r2}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x40\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_add_17_word:\n\t"
-#else
-    "L_sp_521_add_17_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_521_add_17_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_521_add_17_word\n\t"
-#else
-        "BNE.N	L_sp_521_add_17_word_%=\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a], {r4}\n\t"
-        "LDM	%[b], {r8}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	%[r], r4, #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_add_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3}\n\t"
-        "LDM	%[b]!, {r7}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)m;
-
-    if (r != a) {
-        XMEMCPY(r, a, 17 * sizeof(sp_digit));
-    }
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_17(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 17, pm->x);
-    sp_521_from_mp(p->y, 17, pm->y);
-    sp_521_from_mp(p->z, 17, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 17);
-        r->used = 17;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 17; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 17; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_cond_sub_17_words:\n\t"
-#else
-    "L_sp_521_cond_sub_17_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x44\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_521_cond_sub_17_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_521_cond_sub_17_words\n\t"
-#else
-        "BLT.N	L_sp_521_cond_sub_17_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_cond_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r8, [%[b]]\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "STR	r6, [%[r]]\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_reduce_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a,
-    const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x44\n\t"
-        "MOV	r12, sp\n\t"
-        /* Shift top down by 9 bits */
-        "ADD	lr, %[a], #0x40\n\t"
-        /*  0-7 */
-        "LDM	lr!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "LSR	r1, r1, #9\n\t"
-        "ORR	r1, r1, r2, LSL #23\n\t"
-        "LSR	r2, r2, #9\n\t"
-        "ORR	r2, r2, r3, LSL #23\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r4, LSL #23\n\t"
-        "LSR	r4, r4, #9\n\t"
-        "ORR	r4, r4, r5, LSL #23\n\t"
-        "LSR	r5, r5, #9\n\t"
-        "ORR	r5, r5, r6, LSL #23\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r8, LSL #23\n\t"
-        "LSR	r8, r8, #9\n\t"
-        "ORR	r8, r8, r9, LSL #23\n\t"
-        "STM	r12!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "MOV	r1, r9\n\t"
-        /*  8-16 */
-        "LDM	lr!, {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "LSR	r1, r1, #9\n\t"
-        "ORR	r1, r1, r2, LSL #23\n\t"
-        "LSR	r2, r2, #9\n\t"
-        "ORR	r2, r2, r3, LSL #23\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r4, LSL #23\n\t"
-        "LSR	r4, r4, #9\n\t"
-        "ORR	r4, r4, r5, LSL #23\n\t"
-        "LSR	r5, r5, #9\n\t"
-        "ORR	r5, r5, r6, LSL #23\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r8, LSL #23\n\t"
-        "LSR	r8, r8, #9\n\t"
-        "ORR	r8, r8, r9, LSL #23\n\t"
-        "LSR	r9, r9, #9\n\t"
-        "STM	r12!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        /* Add top to bottom */
-        /*  0-5 */
-        "LDM	%[a], {r1, r2, r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r7, r8, r9, r10, r11, r12}\n\t"
-        "ADDS	r1, r1, r7\n\t"
-        "ADCS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADCS	r4, r4, r10\n\t"
-        "ADCS	r5, r5, r11\n\t"
-        "ADCS	r6, r6, r12\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
-        /*  6-11 */
-        "LDM	%[a], {r1, r2, r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r7, r8, r9, r10, r11, r12}\n\t"
-        "ADCS	r1, r1, r7\n\t"
-        "ADCS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADCS	r4, r4, r10\n\t"
-        "ADCS	r5, r5, r11\n\t"
-        "ADCS	r6, r6, r12\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
-        /*  12-16 */
-        "LDM	%[a], {r1, r2, r3, r4, r5}\n\t"
-        "LDM	sp!, {r7, r8, r9, r10, r11}\n\t"
-        "MOV	lr, #0x1ff\n\t"
-        "AND	r5, r5, lr\n\t"
-        "ADCS	r1, r1, r7\n\t"
-        "ADCS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADCS	r4, r4, r10\n\t"
-        "ADCS	r5, r5, r11\n\t"
-        "LSR	r12, r5, #9\n\t"
-        "AND	r5, r5, lr\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4, r5}\n\t"
-        "SUB	%[a], %[a], #0x44\n\t"
-        /* Add overflow */
-        /*  0-8 */
-        "LDM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ADDS	r1, r1, r12\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        /*  9-16 */
-        "LDM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9",
-            "r10", "r11", "r12", "lr"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)mp_p;
-#else
-    (void)mp;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_reduce_order_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_reduce_order_17(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mont_reduce_order_17_word:\n\t"
-#else
-    "L_sp_521_mont_reduce_order_17_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        "CMP	r11, #0x40\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_521_mont_reduce_order_17_nomask\n\t"
-#else
-        "BNE.N	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#endif
-        "MOV	r9, #0x1ff\n\t"
-        "AND	r10, r10, r9\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mont_reduce_order_17_nomask:\n\t"
-#else
-    "L_sp_521_mont_reduce_order_17_nomask_%=:\n\t"
-#endif
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        "STR	r4, [%[a]]\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r6, r6, r8\n\t"
-        "ADCS	r7, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "ADCS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x44\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_521_mont_reduce_order_17_word\n\t"
-#else
-        "BLT.W	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "SUB	%[a], %[a], #0x4\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #4]\n\t"
-        "LDR	r6, [%[a], #8]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #8]\n\t"
-        "LDR	r7, [%[a], #12]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #12]\n\t"
-        "LDR	r6, [%[a], #16]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #16]\n\t"
-        "LDR	r7, [%[a], #20]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #20]\n\t"
-        "LDR	r6, [%[a], #24]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #24]\n\t"
-        "LDR	r7, [%[a], #28]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #28]\n\t"
-        "LDR	r6, [%[a], #32]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #32]\n\t"
-        "LDR	r7, [%[a], #36]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #36]\n\t"
-        "LDR	r6, [%[a], #40]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #40]\n\t"
-        "LDR	r7, [%[a], #44]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #44]\n\t"
-        "LDR	r6, [%[a], #48]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #48]\n\t"
-        "LDR	r7, [%[a], #52]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #52]\n\t"
-        "LDR	r6, [%[a], #56]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #56]\n\t"
-        "LDR	r7, [%[a], #60]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "ORR	r6, r6, r7, LSL #23\n\t"
-        "STR	r6, [%[a], #60]\n\t"
-        "LDR	r6, [%[a], #64]\n\t"
-        "LSR	r7, r7, #9\n\t"
-        "ORR	r7, r7, r6, LSL #23\n\t"
-        "STR	r7, [%[a], #64]\n\t"
-        "LSR	r6, r6, #9\n\t"
-        "STR	r6, [%[a], #68]\n\t"
-        "LSR	r3, r6, #9\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
-}
-
-#else
-/* Reduce the number back to 521 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_reduce_order_17(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_reduce_order_17(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mont_reduce_order_17_word:\n\t"
-#else
-    "L_sp_521_mont_reduce_order_17_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        "CMP	r4, #0x40\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_521_mont_reduce_order_17_nomask\n\t"
-#else
-        "BNE.N	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#endif
-        "MOV	r12, #0x1ff\n\t"
-        "AND	lr, lr, r12\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mont_reduce_order_17_nomask:\n\t"
-#else
-    "L_sp_521_mont_reduce_order_17_nomask_%=:\n\t"
-#endif
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        "STR	r6, [%[a]]\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #68]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #68]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x44\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_521_mont_reduce_order_17_word\n\t"
-#else
-        "BLT.W	L_sp_521_mont_reduce_order_17_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "SUB	%[a], %[a], #0x4\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "LDR	r3, [%[a], #4]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #4]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #8]\n\t"
-        "LDR	r3, [%[a], #12]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #16]\n\t"
-        "LDR	r3, [%[a], #20]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #24]\n\t"
-        "LDR	r3, [%[a], #28]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #32]\n\t"
-        "LDR	r3, [%[a], #36]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #40]\n\t"
-        "LDR	r3, [%[a], #44]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #48]\n\t"
-        "LDR	r3, [%[a], #52]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #56]\n\t"
-        "LDR	r3, [%[a], #60]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "ORR	r12, r12, r3, LSL #23\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "LSR	r3, r3, #9\n\t"
-        "ORR	r3, r3, r12, LSL #23\n\t"
-        "STR	r3, [%[a], #64]\n\t"
-        "LSR	r12, r12, #9\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "LSR	r5, r12, #9\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mul_17(r, a, b);
-    sp_521_mont_reduce_17(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_521_sqr_17(r, a);
-    sp_521_mont_reduce_17(r, m, mp);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_17(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_17(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word32 p521_mod_minus_2[17] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 17);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_521_mont_mul_17(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 17);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 17;
-    sp_digit* t3 = td + 4 * 17;
-
-    /* 0x2 */
-    sp_521_mont_sqr_17(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_17(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_17(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_17(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_17(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_17(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_17(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_17(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_17(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_17(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_17(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_17(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_17(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_17(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_521_cmp_17(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x40\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_cmp_17_words:\n\t"
-#else
-    "L_sp_521_cmp_17_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_521_cmp_17_words\n\t"
-#else
-        "bcs	L_sp_521_cmp_17_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_521_norm_17(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_int32 n;
-
-    sp_521_mont_inv_17(t1, p->z, t + 2*17);
-
-    sp_521_mont_sqr_17(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_17(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 17, 0, sizeof(sp_digit) * 17U);
-    sp_521_mont_reduce_17(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_17(r->x, p521_mod);
-    sp_521_cond_sub_17(r->x, r->x, p521_mod, (sp_digit)~(n >> 31));
-    sp_521_norm_17(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_17(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 17, 0, sizeof(sp_digit) * 17U);
-    sp_521_mont_reduce_17(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_17(r->y, p521_mod);
-    sp_521_cond_sub_17(r->y, r->y, p521_mod, (sp_digit)~(n >> 31));
-    sp_521_norm_17(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADDS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8}\n\t"
-        "LDM	%[b]!, {r4}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "MOV	r12, #0x1ff\n\t"
-        "LSR	r3, r8, #9\n\t"
-        "AND	r8, r8, r12\n\t"
-        "STM	%[r]!, {r8}\n\t"
-        "SUB	%[r], %[r], #0x44\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r3\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4}\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "MOV	r3, #0x1ff\n\t"
-        "LSR	r2, r4, #9\n\t"
-        "AND	r4, r4, r3\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "SUB	%[r], %[r], #0x44\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r2\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "ADCS	r5, r5, #0x0\n\t"
-        "ADCS	r6, r6, #0x0\n\t"
-        "ADCS	r7, r7, #0x0\n\t"
-        "ADCS	r8, r8, #0x0\n\t"
-        "ADCS	r9, r9, #0x0\n\t"
-        "ADCS	r10, r10, #0x0\n\t"
-        "ADCS	r11, r11, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4}\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2", "r3"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "SUB	%[r], %[r], #0x44\n\t"
-        "SUB	%[a], %[a], #0x44\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4}\n\t"
-        "LDM	%[a]!, {r8}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "MOV	r3, #0x1ff\n\t"
-        "LSR	r2, r4, #9\n\t"
-        "AND	r4, r4, r3\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "SUB	%[r], %[r], #0x44\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r2\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4}\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r2", "r3"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SUBS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "SBCS	r9, r9, r5\n\t"
-        "SBCS	r10, r10, r6\n\t"
-        "SBCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r8}\n\t"
-        "LDM	%[b]!, {r4}\n\t"
-        "SBCS	r8, r8, r4\n\t"
-        "MOV	r12, #0x1ff\n\t"
-        "ASR	r3, r8, #9\n\t"
-        "AND	r8, r8, r12\n\t"
-        "neg	r3, r3\n\t"
-        "STM	%[r]!, {r8}\n\t"
-        "SUB	%[r], %[r], #0x44\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r4, r4, r3\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, #0x0\n\t"
-        "SBCS	r11, r11, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "SBCS	r5, r5, #0x0\n\t"
-        "SBCS	r6, r6, #0x0\n\t"
-        "SBCS	r7, r7, #0x0\n\t"
-        "SBCS	r8, r8, #0x0\n\t"
-        "SBCS	r9, r9, #0x0\n\t"
-        "SBCS	r10, r10, #0x0\n\t"
-        "SBCS	r11, r11, #0x0\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[r], {r4}\n\t"
-        "SBCS	r4, r4, #0x0\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    (void)m_p;
-#else
-    (void)m;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_rshift1_17(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3}\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "STR	r2, [%[r]]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #12]\n\t"
-        "STR	r3, [%[r], #4]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #16]\n\t"
-        "STR	r4, [%[r], #8]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "STR	r2, [%[r], #12]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #24]\n\t"
-        "STR	r3, [%[r], #16]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #28]\n\t"
-        "STR	r4, [%[r], #20]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "STR	r2, [%[r], #24]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #36]\n\t"
-        "STR	r3, [%[r], #28]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #40]\n\t"
-        "STR	r4, [%[r], #32]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "STR	r2, [%[r], #36]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #48]\n\t"
-        "STR	r3, [%[r], #40]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #52]\n\t"
-        "STR	r4, [%[r], #44]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "STR	r2, [%[r], #48]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #60]\n\t"
-        "STR	r3, [%[r], #52]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #64]\n\t"
-        "STR	r4, [%[r], #56]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "STR	r2, [%[r], #60]\n\t"
-        "STR	r3, [%[r], #64]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit o = a[0] & 1;
-
-    (void)m;
-
-    sp_521_rshift1_17(r, r);
-    r[16] |= o << 8;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_17(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_17(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_17(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_17(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_17(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_17(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_17(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_17(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_17(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_17(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_17(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_17(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_17(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_17(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_17(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_17_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_17_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*17;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_17(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_17(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_17(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_17(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_17(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_17(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_17(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_17(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_17(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_17(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_17(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_17(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_17(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_17(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_17(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_17(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*17;
-    sp_digit* t2 = t + 4*17;
-    sp_digit* t3 = t + 6*17;
-    sp_digit* t4 = t + 8*17;
-    sp_digit* t5 = t + 10*17;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_17(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_17(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_17(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_17(t2, t1) &
-            sp_521_cmp_equal_17(t4, t3)) {
-        sp_521_proj_point_dbl_17(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_17(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(x, x, t5, p521_mod);
-        sp_521_mont_mul_17(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_17(t3, y, p521_mod);
-        sp_521_mont_sub_17(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_17_ctx {
-    int state;
-    sp_521_proj_point_dbl_17_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_17_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_17_ctx* ctx = (sp_521_proj_point_add_17_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*17;
-        ctx->t2 = t + 4*17;
-        ctx->t3 = t + 6*17;
-        ctx->t4 = t + 8*17;
-        ctx->t5 = t + 10*17;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_17(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_17(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_17(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_17(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_17(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_17(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_17(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_17(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_17(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_17(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_17(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_17(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_17(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_17(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_17(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_17(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_17(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_17(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_17(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_17(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_17(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_17(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_17(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible point that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
-    int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
-    r->z[9] = 0;
-    r->z[10] = 0;
-    r->z[11] = 0;
-    r->z[12] = 0;
-    r->z[13] = 0;
-    r->z[14] = 0;
-    r->z[15] = 0;
-    r->z[16] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-        r->z[9] |= mask & table[i].z[9];
-        r->z[10] |= mask & table[i].z[10];
-        r->z[11] |= mask & table[i].z[11];
-        r->z[12] |= mask & table[i].z[12];
-        r->z[13] |= mask & table[i].z[13];
-        r->z[14] |= mask & table[i].z[14];
-        r->z[15] |= mask & table[i].z[15];
-        r->z[16] |= mask & table[i].z[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 521 doubles.
- * 143 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_point_521* rt = NULL;
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_DECL_VAR(sp_point_521, p, 1);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ALLOC_VAR(sp_point_521, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_521_mod_mul_norm_17(t[1].x, g->x, p521_mod);
-        (void)sp_521_mod_mul_norm_17(t[1].y, g->y, p521_mod);
-        (void)sp_521_mod_mul_norm_17(t[1].z, g->z, p521_mod);
-        t[1].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_521_proj_point_add_17(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_521_proj_point_add_17(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_521_proj_point_add_17(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_521_proj_point_dbl_17(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_521_proj_point_add_17(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 15;
-        n = k[i+1] << 0;
-        c = 5;
-        y = (int)(n >> 5);
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_16_17(rt, t, y);
-            rt->infinity = !y;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[y], sizeof(sp_point_521));
-        }
-        n <<= 27;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n = (k[i+1] << 31) | (k[i] >> 1);
-                i--;
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-            sp_521_proj_point_dbl_17(rt, rt, tmp);
-
-    #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_16_17(p, t, y);
-                p->infinity = !y;
-                sp_521_proj_point_add_17(rt, rt, p, tmp);
-            }
-            else
-    #endif
-            {
-                sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
-            }
-        }
-        y = k[0] & 0x1;
-        sp_521_proj_point_dbl_17(rt, rt, tmp);
-        sp_521_proj_point_add_17(rt, rt, &t[y], tmp);
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 17 * 6, heap,
-        DYNAMIC_TYPE_ECC);
-#ifndef WC_NO_CACHE_RESISTANT
-    SP_ZEROFREE_VAR(sp_point_521, p, 1, heap, DYNAMIC_TYPE_ECC);
-#endif /* !WC_NO_CACHE_RESISTANT */
-    SP_ZEROFREE_VAR(sp_point_521, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*17;
-    sp_digit* b = t + 4*17;
-    sp_digit* t1 = t + 6*17;
-    sp_digit* t2 = t + 8*17;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_17(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_17(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_17(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_17(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_17(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_17(t2, b, p521_mod);
-        sp_521_mont_sub_17(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_17(t2, b, x, p521_mod);
-        sp_521_mont_dbl_17(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_17(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_17(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_17(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_17(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_17(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_17(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_17(t2, b, p521_mod);
-    sp_521_mont_sub_17(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_17(t2, b, x, p521_mod);
-    sp_521_mont_dbl_17(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_17(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_17(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_17(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_17(y, y, p521_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_17(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 17;
-    sp_digit* tmp = t + 4 * 17;
-
-    sp_521_mont_inv_17(t1, a->z, tmp);
-
-    sp_521_mont_sqr_17(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_17(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-#endif /* FP_ECC */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[17];
-    sp_digit y[17];
-} sp_table_entry_521;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*17;
-    sp_digit* t6 = t + 4*17;
-    sp_digit* t1 = t + 6*17;
-    sp_digit* t4 = t + 8*17;
-    sp_digit* t5 = t + 10*17;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_17(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_17(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_17(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_17(p->x, t2) &
-            sp_521_cmp_equal_17(p->y, t4)) {
-        sp_521_proj_point_dbl_17(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_17(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_17(t5, t3, p521_mod);
-        sp_521_mont_sub_17(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_17(t3, t3, x, p521_mod);
-        sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 17; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 17; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 130 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_17(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_17(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_17(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_521_proj_point_dbl_n_17(t, 131, tmp);
-            sp_521_proj_to_affine_17(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_17(t, s1, s2, tmp);
-                sp_521_proj_to_affine_17(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_16_17(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    for (i = 1; i < 16; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^130, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 17 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 130;
-        for (j=0; j<4 && x<521; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 131;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_16_17(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=129; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4 && x<521; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 131;
-            }
-
-            sp_521_proj_point_dbl_17(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_16_17(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_17(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[17];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[17];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_17(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_17(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_17(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_17(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#ifdef FP_ECC
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 65 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_17(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_17(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_17(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_17(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_521_proj_point_dbl_n_17(t, 66, tmp);
-            sp_521_proj_to_affine_17(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_17(t, s1, s2, tmp);
-                sp_521_proj_to_affine_17(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#ifndef WC_NO_CACHE_RESISTANT
-/* Touch each possible entry that could be being copied.
- *
- * r      Point to copy into.
- * table  Table - start of the entries to access
- * idx    Index of entry to retrieve.
- */
-static void sp_521_get_entry_256_17(sp_point_521* r,
-    const sp_table_entry_521* table, int idx)
-{
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->x[9] = 0;
-    r->x[10] = 0;
-    r->x[11] = 0;
-    r->x[12] = 0;
-    r->x[13] = 0;
-    r->x[14] = 0;
-    r->x[15] = 0;
-    r->x[16] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->y[9] = 0;
-    r->y[10] = 0;
-    r->y[11] = 0;
-    r->y[12] = 0;
-    r->y[13] = 0;
-    r->y[14] = 0;
-    r->y[15] = 0;
-    r->y[16] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = (sp_digit)0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->x[9] |= mask & table[i].x[9];
-        r->x[10] |= mask & table[i].x[10];
-        r->x[11] |= mask & table[i].x[11];
-        r->x[12] |= mask & table[i].x[12];
-        r->x[13] |= mask & table[i].x[13];
-        r->x[14] |= mask & table[i].x[14];
-        r->x[15] |= mask & table[i].x[15];
-        r->x[16] |= mask & table[i].x[16];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->y[9] |= mask & table[i].y[9];
-        r->y[10] |= mask & table[i].y[10];
-        r->y[11] |= mask & table[i].y[11];
-        r->y[12] |= mask & table[i].y[12];
-        r->y[13] |= mask & table[i].y[13];
-        r->y[14] |= mask & table[i].y[14];
-        r->y[15] |= mask & table[i].y[15];
-        r->y[16] |= mask & table[i].y[16];
-    }
-}
-#endif /* !WC_NO_CACHE_RESISTANT */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_17(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 17 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 65;
-        for (j=0; j<8 && x<521; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 66;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_256_17(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=64; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8 && x<521; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 66;
-            }
-
-            sp_521_proj_point_dbl_17(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_256_17(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_17(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_17(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[17];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[17];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_17(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_17(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_17(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_17(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(point, gm);
-
-            err = sp_521_ecc_mulmod_17(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 17 + 17 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17 + 17 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 17;
-
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(point, gm);
-        sp_521_point_from_ecc_point_17(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_17(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_17(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 131 between points.
- */
-static const sp_table_entry_521 p521_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6 },
-      { 0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118 } },
-    /* 2 */
-    { { 0x66fd07ca,0x1036eb9b,0x6b7fb490,0x6ca52cc1,0xd3e0c270,0x512e973e,
-        0x73d92d11,0x889980bf,0xa4005eea,0x38b4cfe4,0x8ceb4313,0xb6f992cc,
-        0x6daf7c23,0xd0ac2f8d,0xe32a93cb,0x1ccfbf17,0x000000c2 },
-      { 0x2f508cca,0x7bd9d6f1,0x595a72af,0xe82d7171,0x97512873,0x25d02976,
-        0x8cf39fbc,0xefc1de8b,0x9a1237f4,0x25e6b77f,0xd4d98b5d,0x9f3b73e7,
-        0xeccb07fe,0xe1fda62b,0x625350cf,0xdb813b03,0x00000014 } },
-    /* 3 */
-    { { 0x9b27bd61,0x415a1c9b,0x606854d6,0x74522753,0x92e73538,0x9e331ef4,
-        0x817e7a6d,0x0b3dba85,0x49ac273b,0x55c4bd53,0xfcb5417f,0xad42c78d,
-        0x92e08d38,0x528998b9,0xcc1914cc,0x14c2fff6,0x000000c1 },
-      { 0x767e9645,0x35b26fb0,0xc5e5a659,0x162b512f,0xcc47fbb8,0xa6e03696,
-        0x0a29a69b,0x732db065,0xd56bdf5d,0x058a74ed,0x25c858d9,0x4b7b60a0,
-        0xbd43373d,0x17f8a6d4,0xedf610b4,0x7b968f51,0x0000011f } },
-    /* 4 */
-    { { 0x1bc0fa77,0x5f56b5a4,0x64fd36f5,0x6cdd6bb5,0x8a5b7c7f,0xd0ac68b5,
-        0x09919ef9,0x4a92d9bf,0x71c3c520,0xc305e12b,0xdb699aee,0x554a9d1c,
-        0x61f54643,0x7fde0077,0x479115ce,0x99c13124,0x00000039 },
-      { 0xc271ac2d,0x25f890e1,0x94b370ac,0x1353ccd3,0x744d4011,0xc7b5adf6,
-        0xbe378127,0x9ccd7687,0x06c4e3cd,0xa8489b5c,0x305505f9,0x1945580a,
-        0x4ab3b12b,0x07190a20,0x1534ea4d,0x0ff53eb1,0x00000159 } },
-    /* 5 */
-    { { 0x91798548,0x877d4edd,0x031d657a,0xc43c7b25,0xfab18a04,0x47603671,
-        0xf670b476,0x7e39e7f2,0xb02fcc03,0xf7b76431,0x877f46f5,0x7c5662f3,
-        0x1c8b0c61,0x5bf8327e,0x4a8be322,0xe9cdb353,0x000001ae },
-      { 0x9d264420,0xa2d7092e,0x533ff3db,0x1f970352,0x99b5b52e,0x31dd232b,
-        0x850f45e9,0x8a9ce16b,0xc3011849,0x01c99023,0xc8e9301e,0x4bc30989,
-        0xcd95f64c,0x77a4de70,0x1026f289,0xbc8797bb,0x000000d7 } },
-    /* 6 */
-    { { 0x2be9edf8,0x98ea0934,0xfcb98199,0x6c2f3132,0xfaf83aeb,0xf579893d,
-        0xc73fda0f,0x858e87bb,0x7a0b9d1c,0xd3c0b3fb,0x71ee68b1,0x21fe6305,
-        0x66aa6f16,0x5bf8f01f,0xbca825ed,0x30934c99,0x000000d1 },
-      { 0x913022f2,0xe4309850,0xde5b80ce,0xfdc336c9,0x8b6130ef,0xb716d689,
-        0xa758d2f4,0x8a58b405,0xaa5cbc1c,0x98879df8,0xc12ce0bb,0x847cfd06,
-        0x8c02ff3c,0xa1006360,0x3438695b,0x836e906a,0x00000136 } },
-    /* 7 */
-    { { 0x259ce02d,0xac8fe351,0xdae5e0f7,0xa506da0c,0xf043421d,0x77b56e98,
-        0xa1647490,0xe0d041c7,0x9cb90101,0xe41f0789,0xda3e72e6,0x29bbf572,
-        0x04a14df0,0x6b635c47,0xe81ef5d3,0x56873f58,0x000001dd },
-      { 0x5cf9e33f,0x77abe79e,0x0a1117fd,0x91aab581,0xcbac2fe1,0x11edf3b1,
-        0xd72113b7,0xef43e017,0x06b74002,0xf9ad685c,0x8fbd3b1a,0x7e6370ce,
-        0x42f73a82,0x550dd50b,0xc5e64a9b,0x8f2146be,0x000001f2 } },
-    /* 8 */
-    { { 0x2934ed82,0x05a704cc,0x989edd8c,0x647089fb,0x0ce7c62d,0xe0b239d4,
-        0x105a5eff,0x4c892ea6,0xd5ed6b04,0xa519395f,0x509ed794,0x806c7003,
-        0xe70ce5c4,0x882e9886,0xff01f6a9,0x50730ca1,0x00000088 },
-      { 0xdbcc5484,0x90a78a16,0xfd454b50,0xc1ab078c,0xcb09e525,0x6f488252,
-        0xe19b2ed7,0xdd663f53,0xa67bf59c,0x16b10da1,0x36bb770a,0xb47f6b95,
-        0x777b2bce,0x6bdc8428,0x561553f8,0xcd02ae3d,0x00000017 } },
-    /* 9 */
-    { { 0x1579d15a,0x1e3633a0,0x3e98cd1f,0x574f0c23,0xc60f4f99,0x45969dca,
-        0x49fb9f24,0x10062c93,0xd378f640,0xd29a29d7,0xd7d48c2f,0xec941760,
-        0x31fbea5c,0xf0591c59,0xb40f9ebf,0xd6173e6b,0x00000063 },
-      { 0x5a984a72,0x220f4f39,0x32510f26,0x9a3f82ce,0x8c069a1d,0xf3d04c76,
-        0x69a21e57,0xf1d6d891,0xdc4db601,0x6b96b30b,0x64dcf3e0,0x71eeb728,
-        0xc7caaff3,0x6f80c483,0x571b66e4,0x45533092,0x000000b0 } },
-    /* 10 */
-    { { 0x87140dad,0x49ae4521,0x57e2803e,0xda73032b,0x026ea20a,0x13f5e5eb,
-        0x6e00afb9,0x2d54c4b0,0x7a150474,0x4393b92b,0x13f1a7da,0xb5b41bf8,
-        0x02b5867a,0x6d786907,0xaf2ea4d1,0x5193a9ac,0x000001b3 },
-      { 0xa6b186cb,0x2a1563f7,0xe28e57b6,0x73a70a44,0x78fc8a1d,0xd7c4fc6d,
-        0xdf3d6d99,0x4c9b4581,0x1e373aab,0x544f5249,0xe913498e,0xe99434a2,
-        0xc4700f4c,0x30159749,0xe5142766,0xb8ef02cc,0x000001d0 } },
-    /* 11 */
-    { { 0xb9e6ffc9,0xe99805a6,0xf74d977b,0x1a357f05,0x5c9941bc,0xc8ddef31,
-        0xcbe842e7,0x4b6d66ca,0xa20dc12d,0x84e1f75f,0x5f0c02fc,0x8b1b2c50,
-        0x037b493d,0x3fa1889e,0x95705046,0x720bd9e0,0x000001c2 },
-      { 0x93ab9309,0x1a1f3378,0x226a8f94,0xe05a30a2,0x4045f1bd,0x2c01a52d,
-        0xab5f5115,0xf42e8fd5,0x0c05fecf,0x954d1d09,0x8d0650d3,0x47e964d1,
-        0x3c860801,0x6866fa5d,0x5abbb4af,0xac2fecbf,0x0000012c } },
-    /* 12 */
-    { { 0xe5537747,0x846dc3d2,0x1f5f9f46,0xe28e00df,0x3f31e42d,0x041af624,
-        0x256af225,0x4948947f,0xff4f9550,0x3896c61a,0x34bb5a3e,0xcb40c773,
-        0xeceafacc,0xb9becb07,0x4d45e83e,0xfe29f049,0x000001aa },
-      { 0x6b5578db,0x83fb71b3,0x0a710526,0x3017f115,0x5f220d77,0x189ec946,
-        0x48465e68,0xba87ae07,0x70e0cbea,0x1da474d5,0x2b2ba7c5,0xb92cb0a6,
-        0x8b1fb7e2,0x35cb356d,0x2cc8cb18,0x1155296a,0x0000000f } },
-    /* 13 */
-    { { 0x6ed0f604,0x7f9c9d9b,0xcb49c6d7,0x765e43e9,0xae9be5ca,0x03c4dd67,
-        0x405aed36,0x5480888b,0x920ccddb,0x3a69ebb2,0x03f0c7cc,0x44ec0573,
-        0xce89b026,0x158e2437,0x4f179a17,0x86795029,0x0000003a },
-      { 0x9f193dd9,0xf7854032,0xdcc158a9,0x531e4068,0x3642b1a5,0x774171bf,
-        0xc1e53aa3,0x12b4920f,0xfd87478d,0xd1c5fb53,0xa7cba7ca,0x48958c58,
-        0x3f66f2c7,0x375b2cb2,0x598899bd,0x1b510d0f,0x000001b8 } },
-    /* 14 */
-    { { 0x52007e41,0xfe96299d,0xcd708dcd,0x997140b5,0xf655f6fa,0xe9294eed,
-        0xd58b839d,0x7701d45d,0xb6f77cdb,0x5dbdf5ad,0x95a572f0,0x265189f4,
-        0xb3515e7b,0xc162794e,0x72655e0b,0xbfb571e0,0x00000168 },
-      { 0xbda82a6b,0xf0d2b863,0x390a9cc7,0x3df5b283,0x700fcd7b,0xbab9995a,
-        0xfa4e6c06,0xc01ef0af,0x76a392d4,0x10a98513,0x955392f0,0xa7e3fc72,
-        0x1d7a8550,0x8e3c0128,0x361898a8,0xcbca551a,0x0000010f } },
-    /* 15 */
-    { { 0x3ab71115,0xc8a4cd40,0xbcb9b55b,0xb783170d,0xabd9b426,0x1be20f6a,
-        0x5377b714,0x32d2ea64,0x6b358bbf,0xda342480,0x6e202211,0x782bc800,
-        0xaa27c499,0xf80974c4,0x50341cde,0xc2e66fa9,0x0000004e },
-      { 0x24ae60c3,0x082cb95b,0x83ad7484,0xd4b80af4,0x6205256b,0x84b739ce,
-        0xae1fe063,0x616f505e,0x342f218f,0xef14ea68,0x64a01186,0x2b17d66c,
-        0x50858bce,0x60e889ce,0xd5881005,0xdb046c59,0x000001e1 } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^130, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_17(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 66 between points.
- */
-static const sp_table_entry_521 p521_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xc2e5bd66,0xf97e7e31,0x856a429b,0x3348b3c1,0xa2ffa8de,0xfe1dc127,
-        0xefe75928,0xa14b5e77,0x6b4d3dba,0xf828af60,0x053fb521,0x9c648139,
-        0x2395b442,0x9e3ecb66,0x0404e9cd,0x858e06b7,0x000000c6 },
-      { 0x9fd16650,0x88be9476,0xa272c240,0x353c7086,0x3fad0761,0xc550b901,
-        0x5ef42640,0x97ee7299,0x273e662c,0x17afbd17,0x579b4468,0x98f54449,
-        0x2c7d1bd9,0x5c8a5fb4,0x9a3bc004,0x39296a78,0x00000118 } },
-    /* 2 */
-    { { 0x0f0ccb51,0x80398667,0x3654974a,0xb87e1d01,0xb2b29ed9,0x7f58cf21,
-        0xa3add337,0x06c0e9aa,0xe9d08ffb,0xf13b35d0,0x96761627,0xdd8bf44c,
-        0x758a3ef4,0xa4a18c14,0xa0043adb,0x96a576dd,0x0000013e },
-      { 0x632d95a3,0x2bde24f8,0x4c524829,0x79f15ef1,0x9bdaba19,0xaadd863e,
-        0xa962b707,0xdde053f4,0x14258d98,0xc598a2de,0x061c235c,0x9fa5a19d,
-        0xe8ffd32c,0x0ed46510,0xef78ceac,0x2aea9dd1,0x00000185 } },
-    /* 3 */
-    { { 0xeaaf1fe3,0xd0a91dd8,0x4400b52b,0x0db38662,0x21abf0d2,0xff6a06a9,
-        0xa768c940,0x9412879a,0x9a1eec37,0xf3791abc,0x2738343c,0xc913fbe6,
-        0xe222abc1,0x728b42ab,0x2b9ef313,0x874c0a86,0x00000157 },
-      { 0xe6f03d49,0x0ac8f184,0x1e48be03,0xa9c357e4,0x815cbdef,0x02ce5ef3,
-        0x5fd8dc3c,0x7a41c7ab,0xfaeb109d,0x4bef67c9,0xa84f4d38,0x2f98cca1,
-        0x672f0aae,0x7e03d47d,0x1d58968b,0x24b1ab58,0x00000007 } },
-    /* 4 */
-    { { 0xdf9314e0,0x904f2d4b,0xe7a00aac,0xdaae850d,0x582efb03,0x79231083,
-        0xec7fe6d2,0x80f1c283,0x199d74a8,0x2d5b3996,0x395007e7,0x5f120b9b,
-        0x4773f03e,0x30d23773,0x3b78b686,0xf4c19273,0x00000121 },
-      { 0xfa8b51f0,0xf103ff6d,0x40e2bdf0,0xae7afb51,0x83254171,0x1130380e,
-        0xcda10d95,0xe83501b8,0x4f3a8c01,0x1057771e,0xac807069,0x8f52196a,
-        0xa5623821,0x3609b0aa,0x94a0a7f1,0x8c257906,0x000001db } },
-    /* 5 */
-    { { 0xb2c0958d,0x300370cc,0x69a7b387,0x89aef166,0x480c9b38,0x2792f3cf,
-        0xfab3e149,0x0b2984f2,0x50748967,0x9751e436,0xad33db2a,0x9cab99d5,
-        0xb44a4daa,0x4d945d32,0x16c77325,0xa26cca52,0x0000000a },
-      { 0xf9e66d18,0xcdbe1d41,0xaa117e7a,0x80aeef96,0xddb0d24b,0x053214a2,
-        0x5c98b7bf,0x6dcfb227,0xdfd3c848,0x613e7436,0x3ca4d52c,0x6e703fa1,
-        0x18551e64,0x0c8e2977,0xbfa8527d,0xf5e90eac,0x000001c6 } },
-    /* 6 */
-    { { 0x4ab2d58f,0xa2c2f1e7,0x2a097802,0xc1bbf82c,0x770bb76a,0x6583eb24,
-        0x5667f7bd,0x8e4ed9ed,0xfd96897e,0xd8c01d86,0x3fbe0f15,0x66395a13,
-        0xd99cdcb1,0x51e4f39d,0x720deb25,0xde08424a,0x00000082 },
-      { 0x60ea91af,0x97aa53b2,0x7a31dfdd,0xa4384af7,0x5cd09bbe,0xcd82f239,
-        0xf30058e1,0x997c19da,0xe5c78e97,0x443b60c6,0x575b1845,0xfaae9b5f,
-        0x08c2ce16,0x5ce86f33,0x4f63fa86,0x983ce58f,0x00000073 } },
-    /* 7 */
-    { { 0x8217609d,0xaee93131,0x2412fc00,0x7f8a9dd4,0x286c6329,0xe117e64c,
-        0x7bf1c65e,0xcc3782d6,0x8d03eee5,0xe8c144db,0x9ab93799,0x01acacb2,
-        0xb07784c7,0x215eb1b5,0x1affcd87,0x2c409fa8,0x000000f8 },
-      { 0x378139a4,0x007d3766,0xb55bea93,0xc6d969eb,0x68c8bc9d,0xc7c60d6f,
-        0x5f93f242,0x844e8461,0x741717d9,0x8461ca2a,0xf0bf120e,0x8e930e79,
-        0x6b5699d7,0xe1554a02,0x6a4fb6de,0xe69c7702,0x0000007d } },
-    /* 8 */
-    { { 0x4bee80d7,0x61b51bb0,0x7692de69,0x0e1f6a1f,0xa0ebc3bd,0x8379e46c,
-        0x930644f0,0x1c0bffa7,0x390db077,0x97c67b87,0xfada1ce9,0x095c33e1,
-        0xac54b512,0x3c500add,0xd3118656,0xc231d360,0x000000b0 },
-      { 0x39bcab2f,0x06289298,0x64dd220a,0xc0c06780,0x763dc2a0,0x062f6084,
-        0x1938c3e3,0x88e9da73,0x52e46eb9,0x69be8f2d,0x6a5de0fd,0xe55c8d2d,
-        0xdb2c0e26,0xf3a3fd63,0x1e4bff57,0x899c6d9f,0x0000014a } },
-    /* 9 */
-    { { 0xec05ce88,0x9ff6e3a1,0xb6afd202,0xf8fc2496,0x6fbeb007,0x0b9d2077,
-        0xeebded40,0xb50ec0bd,0x693700f7,0xaef97742,0x3f7b030e,0x806e37a1,
-        0x1b901f77,0x5cf17d17,0xca95ae0f,0x9036e5df,0x00000159 },
-      { 0x000e8e0c,0x00af64b5,0x06fb4df9,0xd3f2ae04,0x449f23ba,0x5f61da67,
-        0x255b25a9,0x0ca91842,0x8e33c650,0xfa6af3e6,0xc2c027c1,0x14373c00,
-        0x972840a5,0x99f3cda1,0xd0e84240,0x98c62b79,0x000000e7 } },
-    /* 10 */
-    { { 0xae4d0f28,0xe8c7c4a8,0x566d006e,0x3a8a55ef,0x066e4023,0x37985f65,
-        0x5d321b76,0x8deccab5,0xb8351b07,0x38b966d6,0x57d548ab,0x2e889e53,
-        0xe631ab0b,0x7a9e8e2f,0xe75c537b,0x45c60f95,0x00000059 },
-      { 0x7867d79c,0xbca27d34,0x81c81980,0x7f460b15,0x976b8c51,0x7ec2d9ab,
-        0x61b91ed9,0xfcd04486,0xd9c1d15f,0x730a7a25,0xf94c9db9,0x8a2cf259,
-        0x5dec5a3b,0x8e784b87,0x3e5131ee,0x06252607,0x00000004 } },
-    /* 11 */
-    { { 0xf1631bba,0xdee04e5c,0x156f4524,0x40e6c1df,0xe4c30990,0x06603f30,
-        0x6b6abec7,0xdb649a43,0xf6b94f6e,0x354f509c,0x36b7e0b5,0x7fecf469,
-        0xba1e6dd2,0xa7a7107e,0x689450ca,0x889edac5,0x00000022 },
-      { 0xd05596f2,0x9012916e,0xb023cb8b,0xe3901dac,0xe7d4abe1,0x2501d3ec,
-        0xa9c90313,0xb2815040,0xc6d146d0,0x9dbcd3f1,0x74ee1896,0x6fa1d5b1,
-        0xa91226fb,0x49aea161,0xb8a80984,0x754ceedf,0x00000154 } },
-    /* 12 */
-    { { 0x4270b2f0,0xb64e27b0,0xbf4d74d7,0x84b34e48,0x0c2722ba,0xb186be8b,
-        0x9ff9b71c,0xf54a589d,0x34fd6bc4,0x9887e4df,0x7412f49d,0xb7c669fd,
-        0x77f89d16,0x4008d9bb,0xc902e074,0xafb9426b,0x000001cf },
-      { 0x662935ca,0xcca4f2d1,0x997dcc46,0x2847c703,0x353c79f8,0xc089e9e5,
-        0x5215f0f4,0x9ed8d989,0x80911b9d,0x59cf08bc,0x6de27aa3,0x4b03540e,
-        0xf69e320d,0x52f4d63e,0x94ef193b,0xa0217fd6,0x000000e6 } },
-    /* 13 */
-    { { 0x74214780,0xb77de627,0x207459ea,0xca066817,0xe9c7fb01,0xf78579b7,
-        0xd6d4b7c7,0xe55548c1,0xa66caa39,0x45756190,0x98505a4f,0xf8141b03,
-        0x4c8864eb,0xa5ca0d7c,0x9e129d3f,0xbf8af950,0x00000053 },
-      { 0x85285092,0xbc9b29d8,0x8eed5e5f,0x82f31daa,0xf618aab9,0x9c33690e,
-        0xd2626ed1,0x0eee14f4,0x07ed8e09,0x4229570b,0x8736d040,0x1977920e,
-        0xede7d01d,0x47ee25ff,0xbc7ab73b,0x3c921c3a,0x000001b9 } },
-    /* 14 */
-    { { 0xa08b2b14,0x0b6a07cc,0xbf174c7f,0xaa978deb,0xc40cb2a4,0x291cb828,
-        0x90adc838,0x95c78272,0x8c1edde6,0x08da8b2a,0x90fbd220,0x741ceb2f,
-        0x322db94e,0x5f89c9e5,0xb73c548e,0x18266085,0x0000007d },
-      { 0x2defd012,0x69ebf82a,0x5a1537ef,0x01ecb094,0x3ef0811d,0x3c557535,
-        0xb2bd4dea,0x59c882a7,0x7bf969c8,0x00a1f972,0x0b25ad1b,0x063adf5e,
-        0xf2536005,0x4c1ff306,0x4112fe18,0x8e515bec,0x00000117 } },
-    /* 15 */
-    { { 0xefe3d3d5,0x9314787f,0x9d897227,0x29e76f65,0xe0b6acf5,0x15c77ed1,
-        0x1c5e8dd9,0x9c2b7b20,0x5f5667af,0x788038f1,0xf3576ef4,0xf38c766f,
-        0x0040154a,0x9f0623c8,0xde883b53,0x47d3c44b,0x00000096 },
-      { 0xde1b21a4,0x32075638,0x571081c1,0xbb6399c1,0x75c03599,0x322e6067,
-        0xade60cf5,0x5c7fde7f,0xefc19059,0x1b195440,0xdd7b3960,0x7e70ac8c,
-        0x6a6fa73e,0x4aa5a83d,0x63080764,0x34f8cfac,0x00000042 } },
-    /* 16 */
-    { { 0x286492ad,0xee31e71a,0x65f86ac4,0x08f3de44,0xda713cb4,0xe89700d4,
-        0xa86b7104,0x7ad0f5e9,0x2572c161,0xd9a62e4f,0x25cc1c99,0x77d223ef,
-        0x3b962e0c,0xedff6961,0x81d8b205,0x818d28f3,0x0000008e },
-      { 0x8cdf1f60,0x721231cf,0x6717760f,0x8b640f2b,0xe045a403,0xbe726f8c,
-        0x0370689f,0x422285dc,0x72ea0dcb,0x7196bf8f,0xc8086623,0xa16f7855,
-        0xc326fe48,0xd4e19fc7,0x8f68bf44,0xfdbc856e,0x0000013e } },
-    /* 17 */
-    { { 0xe6a3ace5,0xde34d04f,0x896191c1,0x0dbb603e,0xf75ed0f4,0xb4dc0007,
-        0x95b259b5,0x15e0e6bc,0x2615f020,0xdfbcba66,0xd31ea3f8,0xb2ec5433,
-        0x103ff824,0x42b0b0e4,0xc480332e,0x19315060,0x00000111 },
-      { 0x045452f1,0x9997ea28,0x71f3f73b,0x80b678cf,0x41e9328e,0x4a52bddc,
-        0xe6af1c23,0xb7f2656e,0xb44215e7,0xc43805b9,0xf0a4028b,0x3aa734f2,
-        0x422476e2,0xe3c72479,0x68c60cf7,0x6dc2e8b0,0x000001f1 } },
-    /* 18 */
-    { { 0xfffc0de5,0xbcdfae6f,0xab4a5f24,0xa801814f,0xea2aa8dd,0x19013658,
-        0xda4f0441,0xf3b1caf5,0x34100611,0xf24b9cdb,0x96e0cf88,0x48c324ed,
-        0x23055c82,0x4b7ea334,0x89092e29,0x6e835b64,0x000001d3 },
-      { 0x07372f27,0x7eb77ae7,0x83bae19a,0x4779b4fa,0x65429ebb,0xa175dae1,
-        0xfc03ef3f,0x942ec266,0x6991c7c4,0x0e5fc6a9,0x56253d3c,0xa0f61e4f,
-        0xde74e738,0x7a11ff58,0x624de919,0x60524cd4,0x00000002 } },
-    /* 19 */
-    { { 0x01342e08,0x45b5d0ca,0xb749f0af,0x509ed4f0,0x6529d804,0xeb5502d9,
-        0x6d80359c,0x5eb087db,0x4c384800,0xeaa66a87,0xc75a8784,0xe972c7a0,
-        0x6874317e,0x8c169e21,0xe5c9fbf4,0x81c556e0,0x0000014f },
-      { 0xe120674d,0x26b0b12b,0x219f00ac,0xc6bf09b9,0xd658caa6,0x1e1e732d,
-        0x8292d99e,0xc771c5af,0x25fdbf80,0x5d813529,0x3666c37d,0xe61bd798,
-        0x1d0df680,0x8dac946a,0xc39f0983,0x58dcf684,0x0000009f } },
-    /* 20 */
-    { { 0x7b7dc837,0x14169102,0xb50eb1c4,0x2d719754,0xd7e6741b,0x04f4092a,
-        0xbc824a38,0x1d0a7f1d,0xc8e20bcf,0x570b2056,0xda181db0,0x6732e3b9,
-        0x0a7b508a,0x7880636e,0xc9f70492,0x11af502c,0x00000045 },
-      { 0xc56f4ffa,0x0b820d94,0xc4f0c0fa,0x1c6205a2,0xa1a0606a,0x99f33d4e,
-        0x79b316fb,0x1bab6466,0xe4f240fc,0x05aa0852,0x92d7dc43,0x22539b78,
-        0x06e3c073,0x03657f12,0xcedb6633,0x28405280,0x00000059 } },
-    /* 21 */
-    { { 0x4397760c,0x90d08711,0x1c9fcd06,0xb9020b76,0x987e24f7,0xc7fec7fa,
-        0x522335a0,0x0e33b8a0,0xae21ca10,0x73dbeafd,0x3b032220,0x458c060a,
-        0xee145da6,0x9b9c73b8,0x27ff62ef,0x31c661e5,0x000000aa },
-      { 0x81430b5e,0xaf518eb0,0x50ee0d69,0xb32f9cea,0xaa6ebe8b,0x0ecdb0b5,
-        0x9fe1d689,0x1f15f7f2,0x1a59cc9a,0xce5d68f3,0x08ab2a63,0xf4d67994,
-        0x4347ce54,0xe85b1cef,0x286d0776,0x8ff423c0,0x00000176 } },
-    /* 22 */
-    { { 0x33dcec23,0x8564104c,0xcdd07519,0xbaf0d61b,0x4c4f309a,0x486daf51,
-        0xde488715,0xf01bc8f5,0xd3539ba3,0xddd6baf1,0x3a3be8ec,0xbb7e665d,
-        0xcb5d865f,0xf919dac3,0xf12149a0,0xfe203da3,0x00000173 },
-      { 0x78d4a3d1,0x043ae9a1,0x865316d8,0xa4d5cf58,0x41176463,0xeaf026c0,
-        0xf84afa44,0x316c638f,0xffea422d,0x512f2397,0x6622b613,0x691eaa04,
-        0x97e7068d,0x48856ea3,0xf4a1b33c,0x42d1b2e3,0x000001b5 } },
-    /* 23 */
-    { { 0x1f487402,0xf51b2d5e,0x7aaf1dd5,0xe36016e6,0x6da9c20a,0x1eb3f1f5,
-        0xece45bfd,0x25b7d361,0x027a9e18,0x42db0633,0xe8411649,0xbf228777,
-        0x458773d0,0xf5fce0c4,0x2dd7a5f0,0xb2b3151d,0x0000001f },
-      { 0xfbaa096a,0x102773e8,0xe093a878,0x152726eb,0x2c7f1781,0x5c53cd07,
-        0xab5dca76,0x38d3dfd0,0x87ef2d4a,0xbb4a7d85,0xb7eb11c2,0x5c9c2013,
-        0x0b6da22f,0x5e353c34,0xa325ecad,0x846d50a5,0x00000039 } },
-    /* 24 */
-    { { 0x1677df58,0x76da7736,0x1cb50d6c,0x364bd567,0x0a080ff2,0x0443c7d7,
-        0x86532430,0xa0a85429,0xc35101e7,0x82002dd2,0x48c5cd76,0xbebc6143,
-        0xca6cf13f,0xff1591ae,0x98bf8dc0,0x91c7c2e6,0x000000fb },
-      { 0x12de14d5,0x6a7c5cad,0x6561c822,0xbc448c5f,0x7cdbb3da,0x9f8de430,
-        0xc76811d7,0x9c58f011,0x75462049,0x1e89806e,0xc9a74e49,0xe52ad0a2,
-        0xb2be37c3,0x2034685c,0x0a0bc72d,0x7a863245,0x000000ec } },
-    /* 25 */
-    { { 0x8a86786e,0x33818c21,0x2137e2c8,0xed537f74,0xa7e6eb20,0x5d9690d1,
-        0x5cdc4803,0x9790ec70,0x24f7bd75,0x469162c8,0x4e1f0f14,0x09e7ef9d,
-        0xce9915ca,0xd30c128b,0x6c71226f,0x810145f6,0x0000002d },
-      { 0xb71d87e5,0x312749f5,0x7b02ceda,0x25f3b141,0xe0baff16,0x02456d2e,
-        0xfcae6627,0x97f7b3a9,0x37bd985f,0x0d6ebf8f,0x7fa6d0c1,0x20aa81b9,
-        0x21f2f137,0xb29f1a01,0x5cc0ddb1,0xe326a2f8,0x0000003d } },
-    /* 26 */
-    { { 0x38c2ee78,0x26f3398b,0xa75a0bee,0x40c3d101,0x565a7f8e,0x35a31706,
-        0x04019e5d,0xd12985e3,0xb8174b6e,0x21e2a642,0xaf80a52a,0x25a15ee8,
-        0x8518d80e,0x5d1e0fe6,0x04f6ea9a,0x8cbbc138,0x00000084 },
-      { 0xdfd45169,0x76828690,0x59d3e8d0,0x38d7e098,0xcdb8bfc2,0x23758811,
-        0x162cf648,0x8499547a,0xb4d15b8c,0x494bab3b,0xc60499a6,0x822cbc57,
-        0xa8a1cfed,0xac43224e,0x57c6598b,0x43563469,0x000000d9 } },
-    /* 27 */
-    { { 0x68271323,0x2b069253,0x49cd04d7,0x24d9e0a8,0x2b31cc7d,0xaae35fbf,
-        0x57a3e361,0x44f64b4f,0x0294e856,0x14904686,0x43ced4ae,0xddc82ee7,
-        0x7e2cda47,0xcb92a6a5,0xbfc1f968,0x989c42ef,0x0000013f },
-      { 0xb8651600,0xbed98bdf,0x7a3cfaee,0x8c363434,0x35b1a226,0x93a12543,
-        0xd5825507,0x558da7dd,0x852eb1e9,0xa5173b23,0x2295f545,0xdf5ae585,
-        0x6646d101,0xe546e2ef,0x5d89f862,0xf7e16a2c,0x000001fa } },
-    /* 28 */
-    { { 0xc7ec136d,0x0d746c8e,0xcd11351b,0xf8e1d827,0xf187a116,0x764a3ad3,
-        0x136e8465,0x2f1b968f,0x850983c2,0xd41aa294,0xbe717259,0x2123ecc4,
-        0x763c149c,0xdcdcab52,0x1022b82d,0xa7f50b18,0x0000016d },
-      { 0x0ca5e258,0xf99e532d,0x97b62a7b,0xa148ad17,0xc77fddef,0x8d0a242e,
-        0x74f9b6c4,0x58518bcd,0x7fd122d4,0xc53b30b8,0xfb50b2d7,0xbb8cd193,
-        0xbc01aae9,0x1a169aee,0x1de26e09,0x7e49b10a,0x000001c5 } },
-    /* 29 */
-    { { 0x21210716,0x2cabe675,0x07e02400,0x81a296a3,0x8c83795b,0x94afc11d,
-        0xdd9efa6a,0x68f20334,0x677d686f,0x5be2f9eb,0xbf5ce275,0x6a13f277,
-        0xb9757c5c,0xf7d92241,0xc74f4b8c,0x70c3d2f4,0x00000132 },
-      { 0x8d209aa4,0xf9c8609c,0xdb2b5436,0x46f413a2,0x2992345d,0x96b72d1a,
-        0x9487c34f,0x186f2aeb,0xb440a375,0x4fa72176,0x7da5358e,0x3a420936,
-        0xff25b310,0xf11eade3,0x505d60b8,0x9a570153,0x000001a9 } },
-    /* 30 */
-    { { 0x6e7495bb,0xae151393,0x490879d1,0xebd2fd28,0x29fd76fc,0x9c232b0b,
-        0xc60e721c,0xa1a0d49b,0x517a09e2,0x9f582b83,0x9d8badf8,0xac37809e,
-        0x0ad48bb4,0x4aa4de9e,0xcb6cc487,0xfd041312,0x00000027 },
-      { 0xead4fb6d,0xc05502ee,0x0a602cbe,0x760c25ed,0xbd7f4a07,0x58ba6841,
-        0x54edce14,0xc28b6032,0x0397614c,0xb9d41e39,0x181eed93,0x4221b71d,
-        0x332d4b0b,0xd010e3c2,0xdab0e419,0xdfe58a27,0x00000096 } },
-    /* 31 */
-    { { 0x7debd24e,0x4cd6fcd6,0x9ae2b075,0xbe3fca60,0xf217c26c,0xa7d8c22e,
-        0xb9620e3f,0xd42d03e0,0xc7f9f87d,0x634bf216,0x8972ffee,0x22b1ec53,
-        0xd60d3e77,0x83a957c1,0x0f6a537e,0xedfe5f86,0x00000162 },
-      { 0xf0ea20b8,0x40a05400,0x1d796900,0x2872ac7e,0x0edb0cac,0x7765a5c9,
-        0xb62939a7,0x9df5b930,0xaf2cb708,0xf78a676e,0x52febc12,0x030732bf,
-        0xba190ad3,0x3a6640de,0x93e7e341,0x36eae15f,0x000000d5 } },
-    /* 32 */
-    { { 0xa1c88f3c,0x6c6119f6,0x2ec6944a,0x924e5fec,0x5742ff2a,0x4c8aac60,
-        0xddb22c7c,0x60adde1e,0xfa5d25bb,0x9728938c,0xec117de0,0xfa5ac4f7,
-        0x482929c1,0x41f35ab7,0x0afd95f5,0xd1c4e8f9,0x00000180 },
-      { 0xa7cd8358,0x2fc4e73d,0xf2a1c920,0x39361a57,0xad94d288,0xf6f2f130,
-        0x2b6a78e2,0xe37e2466,0x79c262cd,0x0babff8b,0x61b597b9,0x6cae01ef,
-        0xa60d4e64,0x9c1e33f0,0xdd01f845,0x52a42280,0x0000000e } },
-    /* 33 */
-    { { 0x0f013755,0x72d640a4,0xfb8380e9,0x0b6dce77,0x7eb64b31,0x2789ce79,
-        0x93ca5a36,0x8e704b0b,0x58bdffc9,0x18c360ff,0xb230c372,0x53b1f323,
-        0x5a7385d1,0xd6b39088,0x56b93bf7,0x071130f5,0x0000004a },
-      { 0xfeef3f88,0x29a2096b,0xb82b3945,0x22eba869,0x872664a7,0x7fe2184a,
-        0x858ff942,0xa0dc0ba1,0x7490c9da,0x33799eb5,0x81588ce8,0x1d356f62,
-        0xa7b2cee2,0x7dd9bc7f,0xa3cfaee9,0x1e61a4e8,0x000000d2 } },
-    /* 34 */
-    { { 0xe9068656,0xec5db629,0x9fede4df,0x623bd70c,0xfcd45546,0xc78ad5bd,
-        0x6291a741,0xf7981dd2,0x761e688e,0x3ac53d92,0x55b9272f,0x6a96892a,
-        0x06546fec,0x4217e7b8,0xab9e2f56,0x793c03cb,0x0000015e },
-      { 0x6eff39be,0x08fd9543,0xdbff4f68,0x5a1af07e,0xb0241616,0x83d47abd,
-        0xd4798029,0x37c5d2fd,0x60b2e6fb,0x9d86d978,0xce8db998,0xe3e3284e,
-        0xd868b9bb,0x9f049eb5,0x9dad18b3,0x3b3e8a78,0x0000018e } },
-    /* 35 */
-    { { 0xe51e61f0,0x57026c56,0x307f2757,0xdddbcaa3,0xb1aeaf41,0x92a026eb,
-        0xe2d7f5ba,0xa33e937c,0xbc5ead91,0x1f7cc01e,0x2e46807d,0x90ab665d,
-        0x53419519,0xc2a44f55,0x79664049,0x099c1ca6,0x000000aa },
-      { 0x8f97e387,0xb561a909,0x45e1dd69,0xf6051778,0x7ff1d6ab,0x1ffa512b,
-        0xd09a9c89,0x42da55a4,0xd2282e2b,0x5e5a7c71,0xe74185ad,0xdfa5a203,
-        0xea0baeff,0x19b1369d,0x1ecc0a16,0xa5eef914,0x000001a3 } },
-    /* 36 */
-    { { 0x7a573b81,0x2af20d0a,0x66194cef,0x7eac1ca8,0x0b711c34,0xef0d2d8d,
-        0xba099d42,0x6aea016c,0x5067a8ca,0xa6609d28,0x7a1351ef,0x6a52c600,
-        0xb11c2634,0xdab85818,0xbb1c033c,0xf17fa45d,0x00000121 },
-      { 0xfc3279d6,0x9fb8b87a,0xc201f1e1,0xe30e76ab,0x806c21dd,0x02af6a83,
-        0xc63f824f,0xeafd7e2b,0x46bd1a53,0x7b074e26,0xa2139164,0xcd6f4931,
-        0xc172d9bf,0xab2cfd39,0x4db59cf1,0x62f3eb4b,0x0000010a } },
-    /* 37 */
-    { { 0xe0689a1b,0xe402de36,0x7dcafe72,0x9dccc9fd,0x255d0bfb,0xe4dead7e,
-        0x4ada04d9,0xd7ee87ee,0xbfd2e774,0x5a85039e,0x770b2b9b,0x282c6657,
-        0xba103bba,0xa7aca826,0xc7cd5071,0xac7028ba,0x0000011a },
-      { 0x680c8f04,0x2e61d39c,0xb48b3b5e,0x2f09c4cc,0x95744f3c,0x131609bd,
-        0xaaccb593,0x6d72e4b4,0x5adfb209,0xdb7060ca,0x1fd3eccf,0xc67d9e43,
-        0xe1752a73,0x1487a26f,0x64d0857c,0x3d953663,0x000001e3 } },
-    /* 38 */
-    { { 0x4cec9e7f,0xe664506b,0x30aab98f,0xa44564b4,0x173fa284,0x5e1b501f,
-        0x15c97472,0xe7b7bd7e,0x82dec033,0xd6cc67a8,0x0a63b762,0x1fe2e934,
-        0x3f8e2fcd,0x3a084e1b,0x9ae6e752,0xccce4da8,0x000000fd },
-      { 0xc12fd820,0x0797f8ee,0x96da4733,0x325f892a,0x55997bf4,0x597d241d,
-        0x02b753cf,0x3aef35ac,0xf677ceba,0x8a73f95d,0xd1bbac6c,0x5b2892b7,
-        0xcc5278b0,0x90751583,0xa47f45f6,0x2f5ed53f,0x0000001c } },
-    /* 39 */
-    { { 0xab40b79c,0x3914165e,0x25b489a8,0xbfb6eed8,0x8a6c107f,0xda136b7d,
-        0x8e01f28b,0xd431db8b,0xa4d79907,0x84e5d0dd,0xa471e685,0x69a91472,
-        0x98376ff8,0x58d06969,0xc46311fd,0xce369b74,0x00000006 },
-      { 0x1add1452,0x6c0773d1,0xed8e9a2a,0x2e4e9c95,0xca15a40c,0xe8ff8e32,
-        0xaf62f18f,0x3fcb7d36,0xeec9484b,0x2ca336ee,0x3b20405b,0xa4d6e7a9,
-        0x956d8352,0x6d90d031,0xd9ca03e7,0xdd375603,0x000000e5 } },
-    /* 40 */
-    { { 0x8b481bf7,0xcc5f297d,0x2a13383c,0x06a2a3e4,0xdc40b96c,0x9e14528c,
-        0x1189da3c,0x9a2bf35f,0x6cd57fa7,0xb8adb989,0x9357d32b,0xc1a4935c,
-        0xc2d76fad,0x51fb2580,0x24f23de1,0x98721eb4,0x000001ba },
-      { 0x52a4b397,0x8c02daaf,0x0d0b4e54,0xc3c5f4cc,0x7b7e79cd,0x29be4db3,
-        0xb33970b6,0xf34336ec,0x92808c7f,0xed3dcb7c,0x02288db1,0xec290eff,
-        0xe96ed59a,0x2a479d51,0x76d8fa5f,0x9d7ed870,0x00000092 } },
-    /* 41 */
-    { { 0xe660043c,0xd8edaf0b,0x016e074d,0x84aa2ccb,0xe2cc3b3d,0x9d2368e7,
-        0x5c269fc4,0x47b50130,0x3de33e36,0xd0194ee1,0x789ca504,0xdb3361b9,
-        0x984db11d,0x8cd51833,0xc8ec92f0,0xd5b801ec,0x000000c6 },
-      { 0x47ab9887,0x33f91c15,0x6b5ab011,0x2f285e2a,0x133fc818,0x9b734e5a,
-        0x38d8692c,0x5c435a74,0x43282e81,0x3c92b47c,0x9c7bcdaa,0x191231f5,
-        0x4d158c86,0x3ae425c3,0xc5a23cca,0x7f568feb,0x00000011 } },
-    /* 42 */
-    { { 0xbf5caa87,0x8ccbd9d5,0x68dd8c9d,0x17bfc60f,0xc7d4dede,0x63eb4dbb,
-        0x8270b5bf,0xbf6e5945,0xcc098fe7,0x887137a5,0x05d7b8f5,0xca5eb687,
-        0x4b25a533,0x4b7deeee,0x4a700a6c,0x8e045c32,0x000000ef },
-      { 0x70cf52bc,0x160c1c92,0x90cc6298,0x4bf3f63a,0xbf3028fb,0x5fff421c,
-        0x523beff1,0x0a8102d7,0x8b9ce105,0xff3309a3,0x06621b1e,0x8e9da4d0,
-        0xcc0a7807,0x9775f89f,0x00178612,0x59044865,0x000000eb } },
-    /* 43 */
-    { { 0xebbd33ec,0x8a6664fd,0xce5ad579,0x0cf9a660,0x50fb56ed,0xecd06c05,
-        0x1d5aaa6e,0xb4ca5fad,0x948a7f07,0x36daee5b,0xefe1c11a,0xd2e37887,
-        0x91d2544b,0x41f61ac4,0x2bffd8ea,0x49df7071,0x000000be },
-      { 0x65acdb56,0x60e2f1f5,0x5e5e5bde,0xf2f13c84,0xe17a0412,0xb97fd354,
-        0xd9c93bef,0x8a2867cf,0x25a957e4,0x9ca9d16b,0x4a18635f,0x1f55c19b,
-        0x8d26ae71,0x9b3868f5,0x4c94541d,0xac448041,0x00000000 } },
-    /* 44 */
-    { { 0xd4ad38db,0x6c1bcf89,0x3d714511,0x1180f381,0xcb70243a,0x5b4c2759,
-        0x163a716c,0x5dd64d63,0x13648bdb,0xbbd2efea,0xe4de9969,0xa47187f9,
-        0xe2de8c45,0x65de6912,0x4bdad0a7,0xe075f29c,0x00000048 },
-      { 0x5e4dd88d,0x00335474,0x80577afc,0x18283638,0x227288f7,0xe4b35c01,
-        0xe68989de,0xd008fd91,0xcd3f71ba,0x42142315,0x3e4da1e2,0x5cb023ff,
-        0xb5662bb1,0x7e6b9c35,0x7fb04fe5,0x143f4165,0x00000072 } },
-    /* 45 */
-    { { 0x26f40f2c,0xb06b046c,0x6cd7c31d,0xbd5d246c,0x1953a9b7,0xaaa56270,
-        0x8f00436f,0x5ac929b8,0x21d0660d,0x1937392c,0x9bd6dbe6,0xd279ed15,
-        0xd17c43f9,0x377c4d5a,0xb8fcd025,0x800eda50,0x00000179 },
-      { 0x36132f31,0xb88ddc0b,0x2ade73a3,0x6f8f4f01,0x203de2b9,0x38859ec3,
-        0x231b6533,0xedb03814,0xa14093ca,0xad08cd20,0x5c2be2f9,0xb9f86d44,
-        0xf6ebc09f,0xfd3d9532,0x1aef478d,0x757b5899,0x0000013d } },
-    /* 46 */
-    { { 0x580f894b,0x7d9ad100,0xd925e46f,0xb612488a,0x2e5a6865,0x45497e14,
-        0x17f9a813,0xc86e1053,0xf8a33541,0xd8aa820a,0x7a66d578,0xa6790660,
-        0x5f758e23,0x47df60ae,0xa7f8ab5c,0xcadd4c90,0x00000107 },
-      { 0x6764ad0e,0x356b044f,0x250189b3,0xf69fe0e1,0x5f14db6a,0x2deaca62,
-        0x1bd77d54,0xe9f2779f,0x5cfa895c,0x979911f2,0xb6f19ac3,0xd4e94ced,
-        0x01af44b1,0xc3533417,0x50c727f5,0xcac43fff,0x0000003b } },
-    /* 47 */
-    { { 0x83c1d4cf,0x1742951c,0xb245c34f,0xe03791d0,0x9c2dcc71,0xea8f8ef6,
-        0x2a310767,0x2ea57a29,0xb12948bd,0x255b46bb,0x0feaeb83,0x2adc1e09,
-        0x449abf59,0xa0d2d18c,0xc4a8a689,0x9e8c9ff5,0x00000019 },
-      { 0xeb28171a,0xc9f7b9cd,0xd576987b,0xefd78403,0x22ff824c,0x58b4f3bf,
-        0xbf333cc5,0xee09b393,0xb01ceb72,0xebff83a2,0x220299cd,0x5bb34c45,
-        0x66ebf751,0xa3c3e8a0,0x49d05cf3,0x5dee07bb,0x000001a6 } },
-    /* 48 */
-    { { 0xb114257b,0x09a958d6,0xd4975e30,0x729afd41,0x3aae7b11,0x072879b5,
-        0xedd1ac83,0x0791b093,0x1eb67975,0xcfefc7d1,0xe2675b4a,0x0e54bd37,
-        0x8d69517f,0x89a62d7e,0x202109a3,0x96f805d8,0x0000006b },
-      { 0x57b5f9f4,0x4815d517,0x405b44d1,0xe5c9e436,0xe4870160,0x3442dde0,
-        0x1ef6b3f8,0x953fef95,0xf7497faf,0x919e4cf5,0x016ef0b7,0x24e3cc4d,
-        0x2512eeed,0xfc5caa87,0xa3bd1703,0xf1ba4029,0x000001b6 } },
-    /* 49 */
-    { { 0x529252ac,0x2a668435,0x74e7b0d8,0x3da626c0,0xe0be86ab,0x55080cc1,
-        0x4ed5dc53,0x534a53f7,0x0cd41fd0,0xa9eff140,0x5674891c,0x0e7c945c,
-        0xec53b5ad,0xdea4b895,0x15150988,0xefc67bef,0x000001ff },
-      { 0x306033fd,0x988dc109,0xf36875d9,0x1b287979,0xe3c335c5,0x4d39af26,
-        0x124e29d6,0xa47259fd,0xc41dbdfc,0x5d60c570,0x0cc0d895,0x06224b61,
-        0xeea8ff86,0xa041d4e5,0xae4d8707,0x2920e15c,0x000001fd } },
-    /* 50 */
-    { { 0xcd67da85,0x66d15f0c,0x5ac54a15,0xae98b6f4,0xf1ac71c3,0x2f05e021,
-        0x47559224,0x1feb2226,0x66e856dc,0x2a2f1561,0x6fb4ba47,0x65eb1456,
-        0xa29d920b,0x34688bd2,0xf9d4cb9b,0x943ce86e,0x00000061 },
-      { 0xaac91174,0xb4696218,0x41dd9234,0x85b519ec,0x9f0763a4,0xb7efadf2,
-        0x712c8b33,0x98517f27,0xb0538630,0xa02e7ec3,0x1ff3e3e4,0x46bc45bb,
-        0x29496486,0x46ae896f,0xebd2b93f,0x2aeb1649,0x00000146 } },
-    /* 51 */
-    { { 0xe8e4d3c3,0x1f34f41f,0x5bb7e9db,0xc80d87ff,0xd910b579,0xf0216c0a,
-        0xb87349ae,0x2a24b761,0x2b0a6cc0,0x054bc528,0xaf2d1957,0x3b4c7029,
-        0xadbe6cdd,0x0e4b90e2,0x26060a34,0x8e774f81,0x000000cf },
-      { 0x2e229950,0x3c7f9dbc,0xd9f82b70,0xab11f846,0xf10c05f3,0x2b7ad9a3,
-        0x0f1820ca,0x203ead4f,0xccbfb332,0x51dbcbc8,0x066706f1,0x3bd9caf0,
-        0x06059d5e,0x5a39be25,0xdcafe64e,0x984387c8,0x0000014c } },
-    /* 52 */
-    { { 0x8e011531,0x708a757f,0xc3dcd57c,0x7f45b172,0xc2d99e29,0xa8eac9fd,
-        0xb93b6415,0x9d4ee81f,0xa5488e86,0xa5833b54,0x0bb7ab70,0xddd561c3,
-        0xb3bdf3a9,0xb5bda384,0x1ddf332b,0xf909f8e0,0x00000124 },
-      { 0xab41e782,0xc5b8aa84,0x851ddb87,0x1de20126,0x99482bd2,0xf49baa7d,
-        0xf4b6413b,0x05963deb,0x7cd1e224,0xed369fbb,0x1bad60ee,0xdcf495dd,
-        0x892e30ed,0xeb475693,0xaf0a212d,0xaaf11bd8,0x0000010b } },
-    /* 53 */
-    { { 0x16ec64e2,0x71460174,0x7d7c6ebe,0xbfd14acf,0x668b7176,0x1e3504a3,
-        0x741b041c,0x72e3f3f3,0x2d3b67b0,0x651fa54a,0xe57d928d,0x623edca3,
-        0x72c8f419,0x29b74e8b,0x327abaef,0x3d99cb47,0x00000038 },
-      { 0xda342a3f,0x808dd0b3,0xdef4a954,0x12002462,0xeab5a860,0x1b1c642e,
-        0x06e54b6d,0x5e1e2a05,0x10c6cf1a,0x9ba1710f,0x0f903cd0,0x334fc366,
-        0x134166f5,0x969e0001,0x155c4353,0xfaa26074,0x000000fa } },
-    /* 54 */
-    { { 0x712de285,0xc85cd0e6,0x869f5dc5,0xcd2ff8b0,0xdf4ed389,0x372a2b92,
-        0x55b99c84,0x63524d30,0xe07a0033,0x46fef5a2,0xd6e09493,0x0a2c82da,
-        0x72a8952b,0xb3626621,0xaf217eb6,0x9afcb188,0x0000002c },
-      { 0x9a64c5b5,0xd3b9d476,0x44c4cfe1,0xa0d8d5de,0x11c6dbff,0x560858ef,
-        0x41c14aed,0xce1d978f,0x35efe854,0x251f9e72,0x0474575d,0xf9d0c14c,
-        0xbda89c03,0x0d2c838e,0x36cc9dc0,0xa25f040b,0x0000016f } },
-    /* 55 */
-    { { 0x9cad682d,0xb23d9dea,0x46369391,0x87acb1b3,0x5c0f24d7,0x9f5c1988,
-        0xd41883ce,0xdff62fc7,0x53555e46,0xd1ab29df,0x891cda05,0x569b1cb2,
-        0x52c633ed,0xdb14dbc4,0x2a345428,0x1acbb86c,0x00000194 },
-      { 0x24db8127,0xd86a70c8,0x41b7cf5b,0x84a6563f,0xb908d9b4,0x8d84dabe,
-        0x899c260a,0xaaeaae63,0x44436957,0x13ed6b2b,0xd0a92c8d,0x3bc94f99,
-        0xd04bcb97,0x978f2e2b,0x716a565f,0x56a388ef,0x00000074 } },
-    /* 56 */
-    { { 0x96fc1f77,0x6082dfe4,0x1347ad6a,0xb04c435f,0x25ebe457,0xf42694dc,
-        0xb6f764aa,0x64a17069,0x04d83da1,0xe03873d5,0xe0c82330,0xb0b9db52,
-        0xd4239b3e,0x9886b34e,0x598814da,0x76587f2a,0x0000016a },
-      { 0xebc71a5d,0x6918f8e8,0x85405233,0x49141a42,0xc182cbcc,0xd63f09cc,
-        0xe09057a7,0x4afe59d3,0xe239d8eb,0xe633db0d,0xfd9494b2,0xbac8582d,
-        0x4704fd61,0x8b915a41,0xfceaefd9,0xe0866a9d,0x0000010e } },
-    /* 57 */
-    { { 0x52e07a4d,0x2b50c470,0xe5d745d0,0x7f6d38b8,0xe1af1226,0xb414c47c,
-        0x39c505f7,0x03e4b44b,0x86f739be,0x59f3d795,0xe7c2f1bc,0xca19bca7,
-        0xc063fad4,0x1c51c01e,0x7f428afb,0xda3937a5,0x00000080 },
-      { 0x102369fa,0xe9d8ca9d,0x706c0e35,0xe009bffb,0x96b55d80,0x2e0a19a7,
-        0xac0d094c,0xda0e42de,0x787c187a,0x6c1be2c5,0x9cfa04b6,0x6d4ae2cc,
-        0x76577340,0x5b0cea60,0xc7c96285,0x2d525245,0x000000d8 } },
-    /* 58 */
-    { { 0xae93de69,0x6dcb238c,0x3bfdae9b,0x4963c833,0xe8b79836,0x33c81f4d,
-        0xae8bf8ae,0xe13a2244,0x4c3ebacc,0x0bc6e786,0x555a5ad6,0xa837a53c,
-        0xbc7e9459,0x875d8d35,0xf9f46fcd,0xb3705534,0x0000001f },
-      { 0x7fb974a1,0x78e9270c,0xe9ed2481,0x23448fa0,0x64bffbd4,0x14166c3d,
-        0xd79f4b3c,0xa05aa443,0x3b9f32a0,0xd855a4f1,0xac90235e,0x4bebcf8d,
-        0x8db52b48,0x65849987,0xe48d09d1,0xaa4d59f1,0x00000183 } },
-    /* 59 */
-    { { 0xdbffad9f,0xee585d75,0xf419d8fc,0x64df6174,0xe6c69345,0x6f73bf59,
-        0x83d59b0c,0xb80793d1,0x929c8950,0x6baf4fc3,0x29962bab,0xbd445a95,
-        0xeaa91273,0x52b61945,0x3d1c785b,0x4fccdfff,0x000001be },
-      { 0x7cb2857f,0x05c384d9,0x06b7abf4,0x4cf83058,0x43ace6b2,0xf528dd17,
-        0xbc43d6b6,0x2c7b8fa2,0x14e564b9,0x8f0e28bf,0xd2b9f01a,0x1b69bc73,
-        0x3dd383e6,0xab8beb40,0x9791946b,0xaccea0c5,0x000000ae } },
-    /* 60 */
-    { { 0x0163c2de,0x9a68baee,0xeb2768a4,0xc42d0b2b,0xffdae767,0x5686f124,
-        0x0aaca943,0x926da5d5,0xe01091cf,0x699c34ce,0x5324becd,0x3d254540,
-        0x4193a0a9,0x1b6b58f1,0xd611cc9d,0xf144925e,0x0000014f },
-      { 0xc1ed9259,0x7f61a60c,0x2f1d5a7f,0x1be37aa3,0x07aef431,0x0384713d,
-        0x4e6fa7ba,0x99f33d49,0x8bd3730c,0x43928c16,0x5b9557dc,0x73cf8ccf,
-        0xd1a2bee5,0x0bc6d460,0x83b15610,0x27cd1943,0x00000145 } },
-    /* 61 */
-    { { 0x3427af4e,0x4be65135,0x310d937d,0x2e6c0bb1,0xcaa671c3,0xbd8ea76a,
-        0xd3a9c376,0x9d7b3fd4,0x471709aa,0x124ce863,0x018051c0,0x225ce41d,
-        0xf9e8ee1c,0x5489284f,0x535c4ec8,0x22d829c9,0x0000013d },
-      { 0xa1b15e02,0x6b01ed9d,0x301e5868,0x1d092bac,0x5764135b,0xbfa7a183,
-        0x6f7159a4,0xc0ee59b7,0x18090d0d,0x9171a051,0xb8052196,0x5c1531bb,
-        0x20927904,0x740930fc,0x76337685,0x963b48cc,0x00000008 } },
-    /* 62 */
-    { { 0xf4aaaed5,0x0fe8b620,0xfe871ee8,0x1068de7d,0xfebfcb4b,0x2b22030f,
-        0xc3a2155b,0xd4dfbee7,0x2769b805,0xa7a26a8c,0x6d39eaf0,0x377de770,
-        0xf615f032,0xf1a92447,0x42d9b731,0xa1b81a84,0x0000012a },
-      { 0xb1152e8f,0x299e67d0,0x92b5e14c,0x2e773d97,0xf1cb57a2,0xe0d81073,
-        0xbf1da4a2,0x03af0a9c,0xc22b449a,0x169b160e,0xdd2d7d1d,0xb82c1ac8,
-        0xbfc98ee4,0x7508aca6,0xe3cbea15,0x54992440,0x00000150 } },
-    /* 63 */
-    { { 0xa13a4602,0x70004a0a,0xd0d2c60e,0x505c71a3,0xa6d79bc5,0xa4fe2463,
-        0xd54d9df4,0xe878eb3a,0x73d3c7b8,0x7ecca907,0x244ecfa5,0x5b3bb278,
-        0xb124d179,0x8a30f61f,0x4f632af0,0x5b7e5001,0x00000115 },
-      { 0x9ef0021a,0x62c42ecc,0xf856c9d4,0x58017fd7,0x2e6478bc,0x10e243b8,
-        0x1505a4db,0xaf074669,0x4cd7eea5,0xd9bb0a1c,0xd52aed0a,0xe8ba39a2,
-        0xb549f09d,0x0747449a,0x9e57fa64,0xd5c8f7bd,0x0000013f } },
-    /* 64 */
-    { { 0x5a53c22b,0x1bd8ce7b,0x7cab446a,0x78733fcd,0x48acb394,0xc44ca4e2,
-        0xa38c790f,0xa9888b1e,0x15c34237,0x36afb6eb,0xfb702063,0xb913b8a8,
-        0x917508fa,0x34b77cc5,0xf9e4732b,0xa931d7a7,0x00000050 },
-      { 0x56d21d18,0xa90a4290,0x55b410a1,0x82666307,0x894a6b05,0xb4684a8b,
-        0x828cf75c,0x8a1ade63,0x127702a3,0x4fb2f85a,0xadf7b709,0x83ff7d05,
-        0xa68d1db6,0x1d3f5a92,0xc093cd5c,0x243ce1db,0x000000f5 } },
-    /* 65 */
-    { { 0xd37d7891,0x8fc183c3,0xfd865eca,0x17b50149,0x8f218441,0x0f6e43d6,
-        0x5a07f658,0xaf51ec25,0xad303202,0x8fe5a6cb,0x10676ef5,0x95de68f3,
-        0xca4e000c,0x7508e31f,0x77735254,0x783e5a95,0x00000159 },
-      { 0x2e537ad9,0xbc1db571,0x35be9cf7,0x5e87112d,0xd57f9bcb,0xbb522b48,
-        0xa8b3cbc7,0x1eff7890,0xe5ecdb5c,0x4f306e11,0x3387e7ed,0x30da8392,
-        0x72321e3d,0x4d91fcf4,0xe412a67c,0x8487bb62,0x0000009f } },
-    /* 66 */
-    { { 0x8cb8e08e,0x86f5f80f,0x2496fed6,0x7cfd2c41,0x60b7dcdf,0x0061b743,
-        0x57f4d05f,0x4dbaffdf,0x458061f2,0xb1993c2a,0x9de994c4,0x6c6ca8d0,
-        0x2747e062,0xef70d24d,0xb9995cbc,0xd4e5d4e3,0x000000ff },
-      { 0xc6f40077,0x3171e245,0x0723e506,0x1592e045,0x6a6bfd88,0x35c86f7e,
-        0x6d9d9ce0,0xba0959d1,0x3eb5770c,0x2e7f8fe8,0xc40d63dd,0x58eb0881,
-        0xeb9e4419,0x56333bda,0x3afd1f4d,0xfb0397df,0x00000034 } },
-    /* 67 */
-    { { 0xb358815c,0x7b84e05e,0xe41087d9,0x3abcb2d4,0x07f05d7a,0x87a75889,
-        0x7a9d481c,0x350778d5,0x42d64cbd,0x9d34cff8,0xccf289fe,0x0859cd5a,
-        0xdd2b2c6e,0x8372d591,0x18b40b62,0xc06d482e,0x0000006b },
-      { 0xda4ed375,0xd10695a0,0x298daaea,0x51baf588,0xf4b7092c,0xb028a1b4,
-        0x7a335b35,0x8ab87dae,0x0567efd8,0xa7359362,0x3320c374,0x7a49fc10,
-        0xa3558b30,0x737acac4,0x4c0fce9b,0xd30696a3,0x0000001e } },
-    /* 68 */
-    { { 0xbd3902fe,0xd9550ab0,0x86a9d3b3,0x9bba4b4b,0x975cac37,0x3a59e0a9,
-        0x333605dc,0x045e8731,0x1afc2c58,0xf2c598c2,0xeef9cbf1,0x81ff8d6f,
-        0x9bf83c42,0x82bed5d0,0x528131d5,0x9d1d9d5b,0x00000157 },
-      { 0x5519258e,0x687da305,0x027de2a8,0x73f539f9,0xd6a230d6,0x69fa9747,
-        0x5f5d1684,0xab1aeb23,0x5f7e41f5,0x5bbfe947,0x16a7feb3,0xbd546abb,
-        0xe16d5187,0x2afbd4e8,0xbcc953dd,0x7437be13,0x00000160 } },
-    /* 69 */
-    { { 0xee9755a3,0x55f165a9,0xb82c9ab1,0x0c8d5a1a,0xab6b97e6,0x65a1e45a,
-        0xab05e271,0x3004cdb0,0x6db0830f,0x9e0c3b52,0x75acbdeb,0xaae1ec1a,
-        0x761e8498,0x413d4484,0xb1b9c62e,0x589e09bb,0x000001e9 },
-      { 0x9c72258d,0x67512081,0x5c1593d4,0x61dcd734,0x91c11fdb,0x6c627a7b,
-        0x8857908e,0xd1d3e9bf,0x530bc68e,0x9aac06fe,0x6b5b44ff,0x125c16bb,
-        0xdb90edd5,0x38860bb6,0xfbbedb5c,0x96fe8b08,0x000001aa } },
-    /* 70 */
-    { { 0xf257c0f8,0x323a5dd8,0xdd3a10d9,0x4884dc92,0xbbb8ce03,0x03f379ce,
-        0xa47262a9,0x6217ad53,0x52e06c6d,0xa1df2017,0xc32428cd,0xf5b723e0,
-        0x2c30c62c,0x1e5d3889,0x477f82cc,0xd9a90f1f,0x000001fd },
-      { 0x1763ab59,0x830d27ba,0x723783e9,0xcf27d93e,0x945968aa,0x81558264,
-        0x1700d5d5,0x63251a32,0x03146d9f,0xcf6bbe73,0xe65bf0f2,0x6cdcf455,
-        0x632323fb,0x80aa00ce,0xd96a4744,0x6e49e62c,0x00000149 } },
-    /* 71 */
-    { { 0x40574c09,0xbeff0b7e,0x3fe80e96,0xb76f2643,0xeb237d91,0x0b3bd352,
-        0x7edc3102,0x3c0c62b7,0x424a36dc,0xf989394b,0x7c6c435e,0xe9ea64c2,
-        0xe388d076,0x2dfc21c4,0xa4e69e4b,0xcc3852f6,0x00000139 },
-      { 0xbb096b91,0x5238a3ff,0x73d8d43e,0xee72c9e5,0x8c577558,0xc116db11,
-        0xdc47d4b4,0x54ec89d2,0x42e1955f,0x2006dd35,0x7437475c,0x004aed6a,
-        0x2bee9041,0xc1ddc32a,0xed9332c9,0x597417a2,0x000001fb } },
-    /* 72 */
-    { { 0x859bae66,0x3c0f1981,0x845d7c1b,0xab48e9b1,0x452a3c1e,0xc6ce9c03,
-        0xff810339,0x2384a00c,0x5f98d6fe,0xcd7ede11,0x38a0dd5b,0xf7a00e3d,
-        0x3c7e1c06,0x56dd948a,0x8e53a61f,0x9d21a7d1,0x000000d0 },
-      { 0x880eb3fb,0xf9cfdbaf,0x5e83f7c9,0x64cfd297,0xa28a74b4,0x61ba7d6f,
-        0xdfb13e03,0xb8200d5f,0x232a6128,0x03bc8f4b,0x81a8d86e,0xd1fb92c2,
-        0x706d6ea7,0x68675fae,0xefab18c2,0x9b08608a,0x0000011d } },
-    /* 73 */
-    { { 0xbbd2f539,0x17cf6146,0x76e26ba2,0x96052fc0,0xd4be4a67,0x36821d18,
-        0x9f3f39a8,0x8f823422,0x433f873a,0x68b846b9,0x716f4568,0x7a1d3f36,
-        0x2fd47750,0xdf603e28,0x6975e226,0x77cb02c5,0x00000003 },
-      { 0x8c01dd59,0xf275add3,0xb9c1a37a,0x9c213a9e,0x4dfc5403,0x690ad104,
-        0x07ee0d86,0x202ee206,0x661fc40e,0x896ede95,0xd0b02f56,0x6b4d7398,
-        0xe5af1a24,0xccb96991,0xc13f7125,0xd5c281af,0x0000009f } },
-    /* 74 */
-    { { 0xd7073a5a,0xc858c54b,0x861eac7d,0x87c81a5c,0xe720201a,0x51f84a39,
-        0x40e003ce,0x952a9f8e,0x58f199de,0x76bdc4ab,0xd56cc02b,0x1cf12322,
-        0x83f162f3,0xb6634e63,0x8f969e11,0x84c017ee,0x00000169 },
-      { 0x5c89f1fa,0xf1f43362,0xb697b078,0x4a02a630,0x4b05b7f4,0x33311e5c,
-        0x4fede4cc,0xa7ccae51,0x4b025aa4,0x0d26e874,0xf84db7ad,0x7d5b77bb,
-        0xf571c1fe,0x39ef1aa8,0x418ccd20,0x65eba928,0x0000018d } },
-    /* 75 */
-    { { 0x8abb2537,0xa37866ab,0x65b3096f,0x14ac4cbb,0x2a428ad3,0x827fa7ed,
-        0x10e9e196,0x95d19f62,0x89801b4e,0x31eb97a0,0xaae8b823,0xaae77a62,
-        0x5f5c9642,0x9693d62a,0x3e368b84,0xff5bfe97,0x000000ad },
-      { 0x492b0dee,0xa3efae21,0x9602c2ce,0x2143e9ee,0x6f3b99e5,0x21367c99,
-        0xe93b8f59,0xdd78b2b0,0x1064c13e,0x8d541c38,0xf5738e7a,0xe6b970da,
-        0x8373b1a4,0xaf6ecc16,0x74ae208f,0xdbfa3f4f,0x00000180 } },
-    /* 76 */
-    { { 0x907a6aa0,0xb024621a,0x407879f6,0xef56cb68,0x8168a934,0x44c38b68,
-        0x9b9a9048,0x70d638d3,0x82541f20,0x6968caa0,0x1fc88b50,0x0c597053,
-        0xaf635784,0x5564ded5,0xc4d494cf,0xe7e898c7,0x00000097 },
-      { 0x6b6ebb2f,0xe1dc98d9,0x7aa9e126,0x292a17fc,0xfa2a2c68,0xb60f0fdb,
-        0xb2e1851b,0x9c63270c,0x81ca4cfe,0x898db265,0xb11959d5,0x94082638,
-        0xa54b8d19,0xe44f308e,0x44e63094,0x96399eb8,0x000000d6 } },
-    /* 77 */
-    { { 0xb83769ee,0xfa00f362,0x3efc4cb3,0x72d040ac,0x57abd687,0xc3933889,
-        0x940a7128,0x62264425,0xec242a31,0x909c4c8f,0x65a1a551,0xd1e48f1e,
-        0x049c2172,0x68bd70f1,0x709b7fd4,0xc8692d2b,0x00000041 },
-      { 0xdf816784,0x4e388aa1,0x01be75ce,0x4a58c8a5,0x02a67812,0x9b49dffb,
-        0xeda721e0,0xa73299e0,0xe67a65ec,0x8a0bd1f5,0x856c71b6,0xd81e91e8,
-        0xc005aa30,0x37aee2f4,0x0595bbf2,0xd9400750,0x00000073 } },
-    /* 78 */
-    { { 0x010c0ef3,0xa912ac4a,0x4e81b1a0,0x0e654bd8,0x4f353509,0x8f0563dc,
-        0xb47d189a,0x10dc41f3,0xf238c09c,0x122edd06,0xc41acf67,0x224c16af,
-        0x83758520,0x1ccb9334,0x2275ae6f,0x1a4b5f29,0x00000127 },
-      { 0x3ce688b5,0x792fd473,0xdca9c68b,0x14566d37,0x541711d0,0xfce9326e,
-        0x3cc341a8,0xe3ba14ee,0x2122c11f,0x6b8ab4cc,0xf5d379b5,0xc0fa763b,
-        0xf1522f91,0x95e2d2ae,0x31cf95a5,0xd4e21b3d,0x000000ac } },
-    /* 79 */
-    { { 0x1d8e061a,0x4013a779,0xacc84a30,0x62707e70,0xeb2f636a,0x6ac08266,
-        0x77b25c9d,0xe917ea21,0x70ff35cf,0xddb78bbd,0x041898be,0x5008db2b,
-        0xce0ae445,0x0f58a4fc,0x2257d0e7,0xed092397,0x00000043 },
-      { 0xe2e129e6,0x2cad77b3,0x0f1be4d7,0xfb8c4a87,0x20056333,0xaee50dff,
-        0x2a691543,0xbc2658c1,0xb8fe2640,0x95dc0cca,0x1965a0af,0x694eb584,
-        0xedd1d99e,0x7d3baa53,0x8a1edc87,0x2df13b20,0x00000083 } },
-    /* 80 */
-    { { 0xd181c3f2,0xfead2247,0xf337b23f,0x915d35be,0x74890672,0xdb4cfcba,
-        0xfda7a3a1,0xe4f70d8f,0x79275686,0x226b6419,0x6ff1f79e,0xe8040863,
-        0xcf5fa4e8,0x98e84b39,0xd8a09f60,0x57aa0be9,0x000000da },
-      { 0x4efcea66,0xd40cecf5,0xafc76fae,0x98df2aec,0xc91585a8,0x63f19a48,
-        0x13f00aa5,0xb111bda7,0x44b5cb9f,0x6687afab,0x652620d1,0xc6d5fb12,
-        0xbacb35ab,0xaf953f1b,0xff94c4d2,0x99709370,0x000000ed } },
-    /* 81 */
-    { { 0x68b54c89,0xac9f56e0,0xce737c22,0x08ecc17d,0xab089b53,0x208ee83f,
-        0x543fbd1b,0xb0f3a129,0x844dd706,0x1b204cf8,0xdec2e40d,0x80975c89,
-        0x9399914a,0x08b011ae,0x74674df7,0x6b4ba170,0x00000017 },
-      { 0x8fdfc175,0x71216ea9,0x7e0f5b0c,0x77b7fc63,0xceb33a34,0x88d0285f,
-        0x0223eab7,0xb679814f,0x51c6d922,0x9078720b,0x9c13f51d,0x5859d5a4,
-        0xfaed60b5,0xe69f850b,0x6d0ccab2,0x2499a844,0x0000005c } },
-    /* 82 */
-    { { 0x73e7bcf1,0x41d581fb,0xdd3c17be,0x16dde61c,0xfa199fd9,0xc62997ec,
-        0xc159db97,0x1a758873,0x64132830,0x4ed77896,0x2942a918,0x9672ce89,
-        0x816ba4bb,0xf3ee4587,0xce54dd7f,0x4fb7a148,0x00000123 },
-      { 0xf009be8c,0xf05d80af,0x78df1ba1,0x62e938d7,0x312de620,0xa7e22e84,
-        0x6070c4b9,0x48d29e7f,0xa1b5da37,0x5cd9c3eb,0xa4717453,0x1e51bd2f,
-        0x56ab9e67,0x94098ab0,0x49f7c6a1,0xbb584abc,0x00000049 } },
-    /* 83 */
-    { { 0x1ea470f7,0xa9f25530,0xe9254e30,0xa01bf808,0x71a0038d,0x098569ea,
-        0x5913ca87,0x0d2b2ee1,0xb8281fdb,0xae17004b,0x118e5c2a,0xdb5c6eb0,
-        0x1fa943ab,0xa56ac64c,0x1a92d501,0x1aaf6477,0x00000053 },
-      { 0x06345730,0x9679ef49,0x846f37c2,0x946aaa4e,0x1a7c3aab,0xf81726b0,
-        0x8166df4e,0xcb808da2,0x4e04dc3e,0xe9fb3fc2,0x76ec19b4,0x9e0b61db,
-        0xeed6d13e,0x6e7f665e,0x86a75384,0x70ed8c07,0x000000e5 } },
-    /* 84 */
-    { { 0x108ce13f,0x66456e58,0x0e397813,0xb5bfc58d,0xea3949e9,0x04b6a84b,
-        0x75af667d,0xea9b66bc,0xa891566b,0x7cb4d6dc,0xbf61595a,0x1b3cecf0,
-        0x002e2520,0x4312c73d,0x6135a5fa,0x81d76898,0x0000014b },
-      { 0x841078ec,0x4047bc25,0x179c454d,0x75aa9c96,0x4851f8fc,0x6a160609,
-        0xce34091f,0x998d4e3e,0x88e54102,0x9a9f6704,0x5da8ac5e,0xbf280f88,
-        0x8fec230c,0xc64caca0,0x5094b775,0x0ac864b0,0x0000002b } },
-    /* 85 */
-    { { 0x8f5daf7f,0x6b606e39,0x10927506,0x48385489,0x08c58a72,0xa2255c5c,
-        0xc90f3ee3,0x2f362fd0,0x08795f02,0xc9633af4,0x0425f5aa,0x71710bd1,
-        0xec06dbfb,0xc2017e05,0xc1b8bbcd,0xd9c7dc82,0x000001c8 },
-      { 0x18b8bed9,0x7db41fdf,0xe3a23125,0xe9483308,0x7291c4bb,0xbcf91de7,
-        0x41448aaf,0x9b0b972b,0xc44da462,0x95dfc633,0x01bf50a2,0x90b9c463,
-        0x869e3131,0x18b66f77,0x121baad9,0xa8a4e2fa,0x000000f5 } },
-    /* 86 */
-    { { 0xca0251ea,0x8ca55109,0x27a6c9b0,0xf2aeed8b,0x5620f528,0x901a8beb,
-        0xae13fc56,0x9a8421e8,0x85993c07,0x1349f1c4,0x0d1ab0d7,0x29e08359,
-        0xaeb5d909,0x96e2929b,0xf599a66f,0x96c2f1f8,0x000000ce },
-      { 0x12be8bd7,0xe4bc4b51,0x3c67e99b,0xf4846a0f,0x4d3a3864,0xd89cc7d3,
-        0x73f43981,0x1f647112,0x26dce567,0xc32bc324,0xf02b096b,0xf7134ebf,
-        0x0d0682b7,0x5604f00b,0xe3ce8b59,0xfd23d7ea,0x0000011c } },
-    /* 87 */
-    { { 0xa27689a6,0xf89646cc,0x5564172b,0xd6a7dc43,0xb57cbfcc,0x30bda48e,
-        0x5b1adfe5,0x9b11fffb,0x711d8bf4,0x9f2d80db,0xb70e5a5b,0xe879fdf0,
-        0x6bd18a1d,0x97534183,0x8cbfd504,0xc8c526bd,0x00000114 },
-      { 0xef7388bd,0xd5fe725b,0xe7ffaea7,0xf1c3dbdf,0x7e6de2ac,0x78395b89,
-        0x9ebf1bfb,0x81a72c9a,0x69785146,0x65265707,0xf52670af,0x3925ecd9,
-        0x83d57d48,0x437bcdd2,0xc80ecb02,0xb5d732a7,0x000001ce } },
-    /* 88 */
-    { { 0xcfd376d7,0xa7f9fcce,0xa66b084d,0x6b4eab3e,0xd5b91bd8,0x6ac90d08,
-        0x8aa304d8,0xaa3d5b7e,0x7f866a4f,0x27f3d42b,0xbb813ae1,0x95d19fa8,
-        0xe34a9206,0xd38798d7,0xa32c1cdd,0xdf7c0a69,0x00000073 },
-      { 0x38315b16,0xbe2c01bb,0x9e18c8f9,0x1daa7c89,0x08b6b853,0xa3d43fb4,
-        0x68092a81,0xb159e48c,0x836faad4,0x77e93d9e,0xa4699730,0xd4ed6361,
-        0x6297e476,0x569cb3f6,0xe7811fa6,0xb69d8183,0x00000185 } },
-    /* 89 */
-    { { 0xab9cb764,0x18f27eb3,0x8ebc1d6d,0xbbbefc21,0x0479aa79,0x47760ddb,
-        0x09e542f5,0xb4d16d24,0xbc699b96,0xe35c38d1,0x8c8d8c8a,0x13b2ae25,
-        0x67a3a45d,0x8579c152,0x6c554c04,0x773b7357,0x000000d9 },
-      { 0x0218c299,0x9620a473,0x99f78a33,0x69be29b3,0x484f414f,0x4684a009,
-        0x9a2ca4d4,0xb2c74937,0x68db7ab3,0x09c0773e,0x935c357f,0x6181f059,
-        0x8b7de3f2,0x0931303d,0xe0fb6e08,0xf3effcd0,0x00000060 } },
-    /* 90 */
-    { { 0xb25d6530,0x723c14be,0x9a97d40f,0x5e015b39,0xfbf7f622,0x209c3c4b,
-        0x14b4f0f1,0x83d8c59c,0x3f7e8ecf,0xcf002fde,0x1eb1ef0f,0x35d353c9,
-        0x201f0c60,0x394c42a5,0x7be8ee34,0x787128ab,0x000001b5 },
-      { 0xb70110cd,0xa0937d3a,0x477911b5,0xe0fa4efc,0xc53a4c19,0xc6acaf5b,
-        0x38d509f2,0xbd3010f3,0xe54ac1c6,0x3ee2a82b,0xe4f2a3bf,0x31ea67c3,
-        0xf089c7b9,0x7a4ca66e,0x34a2362f,0x5bda2c4f,0x000000b0 } },
-    /* 91 */
-    { { 0xd1f575cd,0xb424a071,0xa5237182,0x15693b01,0x9a2c9d40,0x14133602,
-        0x9c914a60,0x50c4348b,0x095b31c1,0x9024573d,0x22fd4962,0x6f975fd2,
-        0xe210b277,0xa1704886,0x6dba937b,0xac29b813,0x000001f6 },
-      { 0x775da491,0x09edef55,0x2b6aad82,0x25953f9e,0x1bb40d5b,0x6696a106,
-        0x4d5127d8,0xcfc45311,0x81ead062,0x2f21dca9,0xaf3b7123,0x3f3e4f07,
-        0x9646f20d,0x12cd06b8,0x6910f5bb,0x24136369,0x0000015e } },
-    /* 92 */
-    { { 0x3ecfc44e,0x0c844fd0,0x5043b3d5,0x4095f2c8,0xc9bd059a,0x9a5fe7db,
-        0xf65becdf,0x239328fa,0xa67961cd,0xe3102471,0xbbb5dfdd,0xea9e39bf,
-        0x133dc5ba,0x8022b6d0,0x5f12c379,0xbed7aa9b,0x00000141 },
-      { 0xfd94d941,0x096f0059,0x7d4ff018,0xfc6e9f00,0x779f05e3,0xe63af598,
-        0x00483c99,0x4c40f0b3,0x72a19870,0x04d2feef,0x464a4a71,0xdb773b5b,
-        0x49367f1e,0x00b6770f,0x2a9fbd2a,0x4f7e0301,0x00000169 } },
-    /* 93 */
-    { { 0x8a9095fd,0x0df5dd73,0xd3ce857a,0xc4b7a021,0xe5edc767,0x90aa796b,
-        0x180a0808,0x56497eff,0x66f10aab,0xb9856e1f,0x39879766,0x31298824,
-        0x3ba80601,0x61748cf7,0x555da929,0x07d9076c,0x00000012 },
-      { 0x1c44394d,0x0b049a01,0x0ce49e45,0xf5f25ef7,0xb1694265,0x1e3a09f0,
-        0x109b33f8,0x2c5bd9fe,0xa30932e4,0x07f2a43f,0xc6cf8af2,0x736abfca,
-        0xf3366722,0xadf7fa04,0xfa9d26b0,0x2f1e92fb,0x000000e0 } },
-    /* 94 */
-    { { 0x63be4d4a,0x9524e4a6,0x66f3cc91,0x1fa57bed,0x7e7a7ccd,0xdd7c93fa,
-        0x88c5d1d3,0x70e8cf6a,0x3f251f1e,0xb257997a,0xe3554cf5,0x0a5ec58e,
-        0x065a7109,0x68d268d7,0x085089ea,0x7c23d4d2,0x0000004c },
-      { 0xbd52d132,0x63ae575b,0x38c81cc5,0x0fb8daa7,0xe4e63b99,0x096a6e51,
-        0xb239d387,0x51d6b366,0xa5d49fed,0xed5f8874,0x43a8c07a,0x025091d9,
-        0xe4686ae2,0x100f845a,0x7eb4ef5a,0x1af59d74,0x000001c2 } },
-    /* 95 */
-    { { 0xdd441308,0x5f7bc01e,0x86308890,0x0dc34944,0x759611cd,0x2af38a74,
-        0x4c23ce66,0x11a71261,0xf8bafed2,0x37f317b5,0x4c93e079,0x4efbb9ff,
-        0x8ecc52cf,0x880f0edd,0xddc9d82a,0x480cdd2c,0x00000028 },
-      { 0xc3f807ac,0xe8f1ca0d,0xbd070549,0x6a3e4fc2,0x91f8bb6c,0xad3d0a14,
-        0x3d6dfacd,0xe3ee1cfd,0x5fb46ffb,0xee46b1b9,0x7dd5cfbc,0x5207b3ac,
-        0xb1b8e8b7,0xd580c0d9,0xc7bdd11a,0x52c669f4,0x00000084 } },
-    /* 96 */
-    { { 0xc0ace6d5,0xa42b4747,0xbe7287ad,0xd5acb64b,0x89bc2614,0xf3304899,
-        0xff05c71e,0x817fe836,0xd35ac450,0x772eb246,0x375a9c3c,0x7f5fc216,
-        0xcbc0d6fd,0xfb6f9e1a,0x720e9733,0x7643c315,0x0000009a },
-      { 0xf3845ccf,0x4b2216b4,0x90bc05bd,0x9c174e80,0xd6049037,0x7a550c74,
-        0x6358c806,0xbd7220a1,0xaa677b6d,0x838f9c41,0x66e2e08e,0x37332c19,
-        0x496f6da5,0xb032875e,0x9c30630d,0x52b274cf,0x0000000c } },
-    /* 97 */
-    { { 0x8ea58beb,0x6ec2e782,0x3665fa48,0x2b404c1d,0x20b40ff0,0x546d5fad,
-        0x29d3e6a5,0xfb5df7b6,0x66c81991,0xf186846d,0x6e2cfe3e,0xbe690bde,
-        0x1410d16b,0x97aeb9a0,0xbacc8e92,0x59d81548,0x000000cb },
-      { 0xbaf66a23,0xd905d3ad,0x40dfb081,0xc3337387,0x4b00f432,0x6d5535de,
-        0x07d3a03e,0xe17fe8e8,0x066bca80,0x29544ff7,0xbadffa55,0x60c2b96c,
-        0x45a26ea4,0x9f018d94,0x24a34ffc,0xd5438167,0x0000011e } },
-    /* 98 */
-    { { 0xbd7f8a61,0x62a873fb,0xbbe580bb,0x5e18cd71,0x667f6980,0xfd5c9eb3,
-        0x571d3dc0,0xab8d4f61,0x783f9bc8,0xe2e45215,0x24398b14,0x36c3774b,
-        0x74d811b5,0x2db4a363,0x2debe3c3,0x9f7f1297,0x00000138 },
-      { 0x798fefb2,0xbb97f21c,0x107baa72,0x9c76fcb5,0xfadbb568,0x12fbf760,
-        0xd33ea6c5,0x1a648be7,0x236134a5,0x412a2993,0x8985893b,0x4a3d8169,
-        0x3e66ada4,0x6144958f,0x7687b457,0xb4dfc79b,0x00000140 } },
-    /* 99 */
-    { { 0x7abe5bb9,0x83b14570,0xe51d81be,0xae0cbfd8,0xc9827aff,0x20dadf49,
-        0xa687b554,0xc3a72548,0xeeb41733,0x080263fb,0xd3827c63,0x7014fdc3,
-        0xb5e3b70e,0x7d018f84,0xfbcf7168,0x1d483e00,0x00000015 },
-      { 0x6b578aa3,0x154e3c7c,0xd3043dae,0x511ce9b5,0xb6008101,0x55f89e9b,
-        0xf405ac6f,0x4ec31112,0x2008ac7b,0x7e66a4d8,0x25c52fa6,0x73c00d39,
-        0x8acac2eb,0xee1b9998,0x60b57453,0xdfa31d95,0x0000008f } },
-    /* 100 */
-    { { 0x251cf8d8,0xcc74a0e0,0x041f2bd2,0xd4d8949d,0x33ebce52,0x0b734a49,
-        0x5c5bcdae,0xe1ac5f51,0x16200b93,0xd3ecdfcc,0xa793736e,0x2506a266,
-        0xea6e6940,0x585a1c8b,0x9190f935,0x081cdd53,0x0000000e },
-      { 0x53e28412,0x055f9956,0xdb27164b,0x0d1526f2,0x1df3adc7,0xcd5625eb,
-        0xdd35dedd,0xd2c453ca,0xa838ffe2,0xed442849,0x5c0ce589,0xad20c137,
-        0xbd99b609,0x2d5fba81,0x622efb07,0x5be41dcc,0x000001ad } },
-    /* 101 */
-    { { 0x8f850756,0x563af667,0x52f3b597,0x86d37aae,0x796842f5,0x10d38a53,
-        0xf743f997,0xcdaaf99f,0x93f1a8ba,0x2fa755e5,0x409f7cd9,0x1af04e15,
-        0xd6d0650b,0x63bf9a0a,0x55abfd9a,0x67b1cead,0x0000000e },
-      { 0xb5f43178,0x3660a8e0,0x9cc35b33,0x56bd412d,0x880f6808,0x3d7bfa63,
-        0x2e622c71,0x7f372d66,0x6ff82445,0xad7b7be7,0x8db04e51,0x0f2bde80,
-        0x4bd15c8d,0xe1e781fe,0xb8e502f2,0x1f475bfb,0x00000194 } },
-    /* 102 */
-    { { 0xd63543ec,0x79482bf9,0xa117ef3e,0x985cb67c,0x160ccc63,0x8ac50638,
-        0x729bdc1e,0x556cbed5,0xa22686df,0xd62ed97d,0xc81eb77c,0xb124cb5f,
-        0x72fa2ed9,0x4d7b4f66,0x78335b96,0x60b29aa7,0x00000172 },
-      { 0xa43df7c6,0x21bfc7b6,0xbc20706c,0x85acac23,0x345d9580,0xeb6f37bc,
-        0xa32a08bc,0x9d8f20d2,0xd1953c5e,0xf08924f6,0xc4f680d0,0x7d25d7c6,
-        0x2de9912c,0x64e6a237,0x52ce644c,0xda1c06c4,0x000000eb } },
-    /* 103 */
-    { { 0x411dd110,0x26677c5c,0x2c991c4a,0x0d6787aa,0xa45666d6,0x53be6a41,
-        0xc15f9f15,0x73e716aa,0x0e0cc7b2,0xa93b863f,0x2a624ab0,0xa4057117,
-        0x1a39c260,0xe5e7656e,0x2ef6f130,0xaf8d78b5,0x00000046 },
-      { 0x70f38dff,0x796214b1,0x123a1105,0x3e35d828,0x957ed812,0x046a44d4,
-        0x0da60161,0x618fa9ba,0x54f84413,0xe7cdd2a5,0x19ea95ab,0xf1c2563e,
-        0xcb2a30b4,0xc4459e14,0x61ff9aa9,0xc748add6,0x00000183 } },
-    /* 104 */
-    { { 0x9de58caf,0x32981f39,0x8753ea64,0x05bb80fd,0x2d119486,0xc83f9f24,
-        0x03eeb00a,0xf490cf06,0x7c73d79c,0x4037f251,0x724d461b,0x844209fd,
-        0x272420cf,0x6b03f6d2,0xb3438fa2,0x6f4bd29e,0x00000152 },
-      { 0xc389e51c,0x964d034a,0x6db7d98e,0xacda55e9,0xe913c583,0xb2ae97de,
-        0xfeb03440,0x0793077b,0x9d461e29,0xaa16e378,0x043bf8be,0xb0a67533,
-        0xba7d8c3f,0x9d749a42,0x6bb925dc,0x7c41e6d6,0x000000ec } },
-    /* 105 */
-    { { 0xc5da8398,0x2e9b345d,0xbb38c430,0xbc66841f,0x7c3bb47a,0xce3ac562,
-        0x738d2cdd,0x8fbeb12b,0x68731185,0xd4bc2ad7,0xbbd4f4f4,0x9521db1c,
-        0xfe4e1b0e,0x2a690cae,0x7bfebe3e,0x375215eb,0x00000194 },
-      { 0x2edfd661,0x4cb234f1,0xed52c1f4,0x0149984e,0xd8f8f98c,0x32d27260,
-        0x7be38590,0xfe76e4e4,0x95e8b672,0x5435873d,0xf2b00e82,0x916c397f,
-        0xbad61eb8,0x3b9bf705,0xae131bbe,0x7ee90182,0x00000000 } },
-    /* 106 */
-    { { 0x93fbcb5c,0xd36fea9e,0x9fa8529b,0x382be583,0xfd611ba0,0x0b243125,
-        0xcd8a2637,0xa59ae37f,0x3d8d4704,0xab78c60e,0x44c41b79,0x1bac243d,
-        0xeda49cc5,0xc4001fea,0x83dc7e9f,0x988ea44a,0x000000f6 },
-      { 0xf077f79e,0x4d90caa4,0xd9e2590d,0xf4d17601,0xd21b4b77,0x11debbb3,
-        0x9037e1b6,0x031b3f60,0x135becf0,0xf113ed82,0xf2903dda,0xf6c01379,
-        0xa6f19296,0x36bde7ca,0x9dbbad85,0x57d3b684,0x0000006c } },
-    /* 107 */
-    { { 0x9abfccb0,0x963fee38,0xb9676e63,0x6c6e2a24,0x84ba6d27,0xf8768f02,
-        0x465853d1,0xc38ba3ba,0x1b8ab9b6,0x6e3ab36d,0x47a07331,0x01fc9742,
-        0x25233f32,0xfdd41718,0xac61de7a,0x4dacfa81,0x00000021 },
-      { 0xeaa3198c,0x365a9f37,0xfc8b99d5,0xcbe8a345,0xd4f5ecbc,0xa427f12a,
-        0x0c237514,0xe841ff60,0x28a27b05,0x5d9e8c5a,0x62859ff3,0x2d377444,
-        0xea8bde37,0x1c0460ff,0x29cf5bf8,0x0a0e49a1,0x00000181 } },
-    /* 108 */
-    { { 0x45843c3e,0x688203af,0xaabebae7,0x4601e303,0x624df62b,0x397b08f3,
-        0xd21e5aa8,0x5687348a,0x9a242b0e,0x2cf12c73,0x32a76c6d,0xc848ed01,
-        0xf52751a2,0xb72aa1c2,0x92c02d05,0xb63296c3,0x000000f3 },
-      { 0xc6f3d1f0,0xce4b42ad,0x2f532b94,0x2f0dcc53,0x83443d9c,0x57813335,
-        0xdc8dd9cb,0xb50118ee,0xee87192f,0x3039e1a5,0x557419c2,0x9977267d,
-        0x30f96b0c,0x462efa4c,0x3cd3c35a,0x454fb796,0x000001f7 } },
-    /* 109 */
-    { { 0x9d153926,0x10f28194,0x82b57548,0x42e28c91,0x509e94c9,0x4b423b30,
-        0xde9d6b57,0xc5acc52a,0x8b3ca314,0xaa746c39,0xc63d5bc5,0x0f4ea307,
-        0xe1ccc989,0x425553a2,0xf76d9194,0x271198bf,0x0000008e },
-      { 0x3c8e672b,0xc7900e46,0x3f2dfc27,0x703675cd,0xaf2163c9,0x704951f7,
-        0x7aceaab0,0x74d69908,0x7e8d2369,0x482f21a9,0x813dc115,0xdcfbc1dc,
-        0x04f6cd13,0x0ce2bc80,0x82bfaff2,0x2a54662c,0x0000003f } },
-    /* 110 */
-    { { 0x1588a8bc,0x0dcf41e6,0x210c52cb,0x6f48cd0e,0x758e7a45,0x338562bd,
-        0x48b9b957,0x1600d54b,0xa6b89b9e,0x461df80b,0x098cc82f,0xf7fd4f17,
-        0x14977147,0x167f01cd,0x6116c5f9,0xb1338511,0x00000048 },
-      { 0x5d2617f0,0xdeb76333,0x6ecb8606,0x3f9a5772,0x1b91fce9,0xa93c032d,
-        0x6c84b997,0xf7a4388b,0x823ca5be,0xbfe80225,0x35a32f6b,0x6f19c028,
-        0xe3cb5c58,0xf26cd5ad,0x6d0c1dd9,0x7f5ddc77,0x000001e7 } },
-    /* 111 */
-    { { 0x6ee764c9,0x3c9feec8,0xb07c82cc,0xd1bec836,0xa005b142,0x6bf1b2e6,
-        0x29e8a5ea,0x70ef51a3,0x3ffe241c,0x517d298e,0x72966c28,0xbb389e28,
-        0x2c7acc76,0x3a2da8a9,0x732a21b5,0x902c9126,0x0000004a },
-      { 0x8f7ce110,0x96c51b9c,0xaeb036f1,0xdcc33a87,0x0a6a59e2,0x82695098,
-        0xe78db500,0xceaf26a7,0xc95bb030,0x82f3c384,0x24c42f42,0x6dd6e9f7,
-        0x70ac4a0a,0x768dde29,0x03d22efc,0x4aedce4b,0x0000016f } },
-    /* 112 */
-    { { 0xeded03c0,0x077f032a,0x588ddd4d,0x2684a052,0x9a85be0f,0x6d09bc4f,
-        0xe0b9b6bb,0xbdda0c7f,0xf2fb5887,0x19689c7e,0xec3cce7e,0xf8a96960,
-        0x768d2ae5,0xb043d9d5,0xdb21219a,0x29c8081b,0x00000068 },
-      { 0xde59f006,0x6bf872fa,0xcb97ef5a,0xc2b9ffc6,0x58ae7ef8,0x371915db,
-        0xf4ccaa1f,0xc2e23ca1,0x89c27cc4,0x1af8c60e,0xc86bdcc6,0xeee5d7e7,
-        0x9bd8de43,0x9225b47f,0x4b24f08b,0x53e7f463,0x000000b4 } },
-    /* 113 */
-    { { 0xe3048bda,0x54c496d0,0x43c3de4e,0xe2b67499,0x4c2d509e,0xac2049f7,
-        0x543c5089,0xb01f691e,0x105a365b,0xcd9960a3,0x78b17049,0x34d93ffe,
-        0xf82c9467,0x029f99b3,0x0161a755,0x785c5ea2,0x00000091 },
-      { 0x953dbdb6,0xb455f978,0x97eca19f,0xea9e84d9,0x36d4d75a,0x473bd029,
-        0xc15276fa,0xa9c17ca8,0x47c76356,0x9cf66133,0x039738d2,0x4a68360b,
-        0x69733609,0xd3e430a8,0xe2b27f21,0x0ae532de,0x000001b4 } },
-    /* 114 */
-    { { 0x5164cb8b,0x68110e82,0x2552a67d,0x6979af4f,0x8d185527,0xe10d6d0e,
-        0xfb64eac4,0xcf6c5787,0xac424592,0x8408163b,0xfce0d810,0x5d8fff37,
-        0xda84c15c,0x8b284e49,0x32663ec9,0xed805567,0x00000010 },
-      { 0x51f3ee9e,0x106f4030,0xb38adf1e,0x2e8e3ee9,0xa13d6449,0xd3c87a6e,
-        0x80e1abb1,0x27b49f45,0x0bfd7298,0xc283d179,0xafc7a35f,0x8fe50fa5,
-        0xade3ad4f,0x773da545,0xd9a21df2,0x78bfaae4,0x000001f8 } },
-    /* 115 */
-    { { 0xabad5678,0xae60d8e8,0xe600c25b,0x0afa72ce,0x4c288e21,0xb9d4e0b4,
-        0xd254cf9f,0x64447f76,0x959e2ba5,0x1fb36bc4,0x2961132c,0x393c44d7,
-        0xfc140f19,0xd7a8881f,0x8d096648,0x27a86128,0x00000091 },
-      { 0x8a9e690c,0xb536c021,0xeab4fa15,0x85dcc521,0xb00ee54c,0x09af4423,
-        0xaf3a8e48,0xb3793525,0xb7731d85,0xe1f36308,0x141cfb55,0xb5361d78,
-        0xeffc4529,0xea41f29e,0x9f7d2634,0xcf5755b1,0x000000e8 } },
-    /* 116 */
-    { { 0xd212b398,0x01edb80d,0xd53dd373,0xd0396181,0x8a52fa95,0x0e086047,
-        0xa7825e6d,0xad1e6432,0x330ece4f,0xe0185bc5,0xb078936f,0x508f7313,
-        0x9e7f6ea3,0x1dc982fd,0xd5556b60,0xdbf3a602,0x000000e8 },
-      { 0x279e05bc,0xc3763234,0xf44453d3,0x7f5f40ec,0x7fa30793,0x310c5f4d,
-        0x108d7e22,0x5cffad36,0xc2a98bbc,0xf2f01ef3,0xd7d47f80,0x30ab1719,
-        0xa9b22e1c,0x7bc9f918,0xe834df94,0xf53dc52a,0x000001f9 } },
-    /* 117 */
-    { { 0xc183f89b,0xf266b49e,0x5f5806d4,0xd3fb5f02,0x94ec3080,0xd30a42b5,
-        0x371cd917,0x4b6b1940,0xb7f7e26d,0xf7541aab,0x2d5b7b64,0xe55269eb,
-        0x7f8036c5,0x0e1a85c1,0xda5f2675,0xa0ff0f22,0x000001ce },
-      { 0x3a8e11f8,0x602bd56a,0xf5f9ab54,0x29864021,0x0ccc92d7,0xc6742c5a,
-        0x523f650b,0xd64569e6,0xf7fabfb4,0xc8e4681b,0xc3c9e6cb,0xb4275947,
-        0x38f5ff20,0x2b3952d5,0x1f04aea2,0x818f8e38,0x000001b0 } },
-    /* 118 */
-    { { 0xe50d90f0,0x3be5bffa,0xf5011cdc,0x4cb3b11b,0xa691dfac,0xe10ca711,
-        0x4ea1a773,0x62ec211d,0xe586eeb6,0x5a979ebb,0xa0c2f1fd,0x4df16ab1,
-        0xc57bbfea,0xfe9e3f7e,0x5ae526f6,0x1b05960e,0x0000015e },
-      { 0x8630e62e,0x1c8e04a5,0x6447e1b7,0x3d00310e,0x43b4447a,0xcf1e6b61,
-        0x7462e7a3,0x92abb851,0x0002724d,0x8309ea08,0xe45296df,0x1d805d70,
-        0x3d4ed812,0x0f3849b3,0x6834d44e,0x2d6bffbc,0x00000096 } },
-    /* 119 */
-    { { 0x48e07711,0xd13fe58d,0xd270a3b2,0x70f83648,0x8cdff04c,0x1517892d,
-        0x51411f14,0x15bb6578,0x3e4f8a55,0x6c31cd90,0x0413362f,0x73f87152,
-        0xeca06d4d,0x2fe025ee,0x954e317f,0x32a6e417,0x000000ad },
-      { 0x69d147df,0x7e38c63f,0x710bf37b,0xb69bb06e,0x28d514de,0xb94debef,
-        0x8d11c3d9,0x4b2307fb,0x0385c604,0x3b369df9,0xe7800e83,0x68ea2f49,
-        0x7d501c1c,0xf028b258,0x5cef7818,0x97078221,0x00000055 } },
-    /* 120 */
-    { { 0x54c1d751,0x10c351db,0xba0f9512,0x81445301,0xbfdc8bed,0xa77eb34f,
-        0xcf23680a,0x498d8138,0xe04f2860,0x928c14a4,0x16a5b6da,0x96192dba,
-        0x5f9a9103,0x49dea95b,0x01724102,0x80dd4578,0x00000085 },
-      { 0x0e09221c,0xe9072500,0xf21de056,0x62e05b21,0xe0e60950,0x448cafa1,
-        0x6f775129,0x657fb97b,0xf1f34aca,0x5d2991bd,0x49ff15d6,0xa66cd5ac,
-        0xd049ec79,0xdc1d6897,0xe72baea8,0x388fca84,0x00000067 } },
-    /* 121 */
-    { { 0xa6ef1dd3,0x6520b49d,0x3ba6cd76,0x391a045e,0xf33d5f48,0x9c84980a,
-        0xef07474a,0xe53cf5b2,0x78bfb1ea,0xa35b2e9a,0xeda906fa,0xeca97fd6,
-        0x1b9f2cf4,0xf1a93789,0x3ab28589,0x66753369,0x0000010d },
-      { 0x73691faf,0x5b510496,0xd57ec618,0xdc73d3a9,0x930a8525,0x7e2921bb,
-        0x40b05b69,0x094f571e,0x413bedca,0x5e96a017,0x8d1a6b98,0x9e7d4f72,
-        0x3eade8b7,0x55143fda,0xd16e454d,0x859b8444,0x000000fb } },
-    /* 122 */
-    { { 0x7c667aaf,0x7c22083e,0x4a91ccba,0x33545cb9,0x8ca0e94a,0xca1e9931,
-        0xe4eaa0c7,0xc3afff23,0x42f56844,0xa21ac436,0x60d52d0b,0xfcc68a8b,
-        0x6a9301d4,0x401a585b,0x907abce1,0x547f762c,0x000000a3 },
-      { 0xfbe260ce,0x63dd3ed3,0x80dc01fa,0x2717752d,0x6f1da3e4,0xd5fab75d,
-        0x5261f10e,0x5f16864a,0xd20cd6bb,0xbe7b1f63,0x221ac656,0x9d638c10,
-        0x673b918e,0x3137b8f6,0x4ada2fb8,0x23eb4438,0x00000174 } },
-    /* 123 */
-    { { 0x2a1fbcf4,0x194e27c4,0x5facd5ee,0x4c0d285b,0x915e6607,0x75c2ebdd,
-        0xef0a6a9a,0x1e696510,0x067cf458,0x13c5afa1,0x7bee1fba,0x2be013c1,
-        0xdad279e7,0x85a406d6,0x5142cf59,0x0042951d,0x00000031 },
-      { 0xa22bbc45,0x6a735ec1,0x7f56f4d8,0x4ee5391a,0x236001de,0x305af9d0,
-        0xaa2f8d25,0xa8b21851,0x187db78a,0x0e2c36d8,0xa1a888c3,0xcfcc083f,
-        0xbd3e7d5b,0xb91dab7f,0xf4fdd023,0x62d85460,0x000000f4 } },
-    /* 124 */
-    { { 0x4972d703,0xf568ba02,0x39098a03,0xfc44ca1d,0xae28c855,0xe9b8e542,
-        0x5b1b4536,0x4fd4f360,0x4c7f7e48,0x2e08b07b,0x2230823d,0x042f3b98,
-        0x1889fd13,0xc9ffd313,0xc6c68359,0x56af0652,0x000001bb },
-      { 0x06e0f16a,0xedbf05e2,0xd74644a5,0xfc1ac2fa,0x0f92c71a,0xe59a0a98,
-        0x36c800a1,0x13ae37d7,0x236178dc,0x5f20efc6,0x2b46ef10,0x443a58b8,
-        0x442509e4,0xc9517dcf,0x640ed9b0,0x7d0bb415,0x00000166 } },
-    /* 125 */
-    { { 0x3d22842d,0x3aa30a61,0xb3c4ece0,0x8c6e00f5,0x6df82b79,0x8764cf87,
-        0x78d208c5,0xda92d86d,0xe788854a,0x0a52d391,0xa59b0994,0x499b26fb,
-        0x04c5fc9a,0x5dc133ad,0x34e3f134,0xa5c09269,0x000001dd },
-      { 0xfad6d673,0x6f0dcac2,0x00f3b3fe,0x6d8fdf05,0x631756e9,0xece71941,
-        0x0a4d80e3,0x3990f493,0x31d13001,0xf2aca936,0x75581638,0xee91966c,
-        0xe6dd5679,0x6df0f574,0xccd71cda,0xbe124868,0x00000111 } },
-    /* 126 */
-    { { 0x475cc1b4,0xf644c726,0x2b73978c,0x915fc2f9,0x0e3d7eb7,0x65a7e6d1,
-        0xf40c38e0,0xbb44e21a,0xe1ad24fc,0x988662b9,0xc35606e5,0x270ba4dd,
-        0x1a4f93f7,0xc3834a2c,0x3362a4d7,0x93d0c9a2,0x00000021 },
-      { 0xf769fd7f,0xe2cb7b8c,0x89a213b9,0x1815da97,0x6b910fef,0x7b4f8c56,
-        0x26931438,0x2088b309,0x925b37c0,0x477b71bd,0x26a640e5,0xa049a921,
-        0xfd21c6ef,0xd3ddf1bd,0x232a56b2,0x9b5f9d7d,0x00000064 } },
-    /* 127 */
-    { { 0x679a9c35,0xd640adf8,0xcb74d796,0xcdad98e3,0x5f8e9daf,0x464b8ebb,
-        0xad4a073c,0x4738614e,0x2edde557,0xbd86c0ee,0x576ce0b9,0x77331738,
-        0x4095fb96,0x9b5d3327,0xee09aead,0x72f0aeb3,0x00000136 },
-      { 0x64e54ba5,0xa388c76d,0xdc474d21,0x63fe7af1,0xb2a77081,0x7fa3e9d1,
-        0xde1240ad,0x0447b49e,0xc720303a,0xd9f64b66,0xe6bd0213,0xb1c78029,
-        0x0aa03ea5,0x1caf1c70,0x3bb85d2b,0x179180eb,0x00000103 } },
-    /* 128 */
-    { { 0xaf2ed12f,0xadbf4f9f,0xf380fd8a,0xce1d19e4,0xa39e81ae,0x0957bdb5,
-        0x626ef6bc,0xf9833321,0x0cf5b28d,0x110ae5ea,0x20392cd4,0xab159450,
-        0x6bc67855,0x67c49887,0xa3fd61c6,0xce7e5938,0x0000004a },
-      { 0x28c7dea9,0x59c5b9ef,0x0a6a7184,0xd02f95ba,0x8202769c,0x034dc257,
-        0x94dd6896,0x213b0b08,0xb5dea95a,0x03730b7f,0x617ca889,0xfe243ed0,
-        0xfb1ba052,0x16cf4d17,0x226f96da,0xd8691d6b,0x000001c0 } },
-    /* 129 */
-    { { 0xbf8015c2,0xaa2edf3f,0xc49502d8,0xe7f8236d,0xa6a43157,0xe890f6e0,
-        0xa2d04b0c,0x318ef325,0xa809dbab,0x9cc0668d,0xda67ca21,0xdd26937a,
-        0x83febc49,0x8f27c12c,0x3c9b9844,0x87b3db2f,0x00000029 },
-      { 0xfd2e3dc7,0x37e7aed0,0x7415fd55,0x498e8bdb,0x58a45f25,0xfc0d6c9a,
-        0x209c85d0,0x83d5baba,0xd579e1ee,0x31ec8dc6,0xa502bfed,0x1f4cad0b,
-        0x1f41bef1,0xc432e6ce,0xbbffca65,0x3b10afaa,0x00000191 } },
-    /* 130 */
-    { { 0x53053af7,0xbd9f7df0,0xb28a1cf4,0x60304765,0x7ce90438,0x441778fc,
-        0xac8c5ddd,0x8fbed36e,0xfb59ec61,0x27b1313b,0xa1b1becf,0x9d2656ff,
-        0x945973a9,0x334e1345,0xc362b595,0x3261888c,0x0000018c },
-      { 0xaa7f6ff8,0xf413a414,0x3fab7c7a,0x092aeb88,0x7cc307ba,0xfa1d886b,
-        0x2346100e,0xdc81c125,0x02140c93,0x93d4d273,0xe6104835,0xa1ed7e3c,
-        0xdf1795f3,0xe2b91ecf,0x369ed416,0x160dc11a,0x00000191 } },
-    /* 131 */
-    { { 0x8b57d7cc,0x9a72f46e,0x4bf02386,0x3140b0e5,0x05b3a91d,0x886c396e,
-        0xa4ec26e0,0x1b9ab3a9,0xc50f58e9,0x742feaeb,0x55e26af0,0x1592c608,
-        0xbb1cd9f7,0x943cd476,0xc7f02c89,0x3ed97fd4,0x0000017c },
-      { 0xe6d54964,0x53b02503,0xc6a318c0,0xd9bd1162,0x9cc28c22,0x18ff6cf4,
-        0x03534640,0xa45c7840,0xb4cc0668,0x8ea3335e,0xf42dbe03,0x7ad727f8,
-        0xfdf6c3cd,0xb157e911,0xec992d76,0xa7f894c9,0x000001b3 } },
-    /* 132 */
-    { { 0xaf09ea77,0x91e6e397,0x75dc25c5,0x26a760b9,0xb94a197b,0x8c040c08,
-        0xb68ce619,0x041baca8,0x5bd23564,0xa19a0d15,0xd977b33f,0x86ca5b94,
-        0xe5fbd029,0xf31f87f8,0xb1901f99,0xf76c55a6,0x000000b8 },
-      { 0x3846ec9f,0x175bf8c3,0x9deaca46,0xf462205c,0xa3108df0,0x92cb5ec0,
-        0xcfaed928,0x879db283,0x65049fb2,0x477dc004,0x96ee5031,0x48d24bac,
-        0x56adce45,0xa7db6b16,0xab1c684f,0x0110cdab,0x000000fc } },
-    /* 133 */
-    { { 0x4d308bf2,0x151b66d8,0xd6638004,0x99013c9f,0xfd383bf9,0x6892df92,
-        0x3ffc8efc,0xa10efd84,0x313ea287,0x527e316c,0x3a0df740,0x8ef6e3cd,
-        0xf6ebd2a1,0xcb96e430,0xa70ee4ce,0xc1ebecf2,0x0000018c },
-      { 0x1a70404c,0x80d14ad7,0xf9ce2a30,0x6ad21dd0,0x3aa3e072,0xb94cbcde,
-        0x6363a690,0x0ab59611,0xc6b1e2b4,0xe70bff45,0x66ceec5b,0x1296dd0b,
-        0x747757c0,0xd4cb2a74,0x3d7d91e8,0x08988ca6,0x000000aa } },
-    /* 134 */
-    { { 0xf8db0396,0xaa2dcfca,0xb422da76,0xe8ae8f37,0x96485724,0x652f8349,
-        0x7bf1493f,0xf647c3c4,0xb0247a4e,0x8b600b46,0x7aebda8e,0xabf3e439,
-        0xa7958df0,0x2e1d231f,0xf881bab2,0x38e692b1,0x000000ef },
-      { 0x26cf3047,0x1f3c1689,0x59539858,0xdad14f94,0x293f20b6,0xfde85d1c,
-        0xf57abb17,0x2ea5436e,0x1794de38,0x0d1a8ffc,0x2bfecd2f,0x9ba508e2,
-        0xdb786042,0x110f0a7f,0x7cde31f8,0x2ade6f64,0x00000196 } },
-    /* 135 */
-    { { 0xfec78898,0xc996a537,0xde0fa77f,0x0b39de72,0xd34cb08f,0xf6d076ac,
-        0xda78d353,0xacd8bb82,0xa0392cc1,0x5fe804d3,0xe581549d,0xab7adede,
-        0xc067c6d9,0x883901a0,0x4ed93f37,0x5855ffa2,0x00000191 },
-      { 0xbf9ebef3,0x29570e36,0xdf4b3177,0xe21046a5,0xa6816b5c,0xf9b89a95,
-        0x288d0e11,0xadf39281,0x3979159a,0xd6baabe5,0x5c8fabb2,0x411afee0,
-        0xe5c7af10,0xf192c3af,0xd7dce37b,0xaa72e81c,0x000000f7 } },
-    /* 136 */
-    { { 0x16c386ee,0x20fa3c0f,0xd4c09839,0xb33b0469,0x876a3136,0x79e0d722,
-        0x3c406c06,0x343c0a92,0x4debe27d,0xef220e3e,0x196f00ea,0x09d7b1e1,
-        0x24a9dcff,0x4a0f5dd8,0x99c1d085,0x53582ec5,0x000001e2 },
-      { 0x5138c7ed,0xcc8ef262,0x6547f88d,0xdec43194,0xdd0a9488,0x2b6e53ad,
-        0x8257ebdc,0xeb9f1efa,0x1f08c989,0xc583c6eb,0x40163768,0xf1736911,
-        0xdbc20e3d,0x6282ff8b,0x9cbd514e,0x26b81005,0x000000d5 } },
-    /* 137 */
-    { { 0xa0025949,0x2449522f,0x0bbd8945,0xb26d888f,0xe637216f,0x33442f5f,
-        0x472827f6,0xd8ec3b64,0x99fc2681,0x91d8a1a3,0x68c7710d,0x6d232ead,
-        0xe51b2762,0x8e5bfe2f,0xfd109fa7,0x0f9f4fed,0x00000004 },
-      { 0x6b4a05e0,0x1952ea51,0xf21c78eb,0xcb0d48ee,0x1997dfdb,0x64d36619,
-        0x8b4c21fd,0x0d11b204,0xbe92303a,0xa6f569b6,0x78c5e809,0x2b8f6096,
-        0x36805d8e,0x7226b5ab,0xdb349ca2,0xd6cff180,0x000001bd } },
-    /* 138 */
-    { { 0x943cc612,0xa49f8576,0x832b31c7,0xc914319e,0xcccadebd,0x9225e297,
-        0xb0619821,0x4918fb42,0x25b1cc7c,0xaccb3084,0xa646e5f0,0x751d3347,
-        0x590e3e22,0xeafb4aae,0x2c4a0008,0x82146038,0x00000151 },
-      { 0xbf96a461,0x3c2481db,0xb52a3ba4,0x51c122e9,0x464db08b,0x21c2858e,
-        0x6d6a081d,0xb1014b78,0xf533cef7,0x167d3ed4,0x81545f7c,0x6cfb3294,
-        0x449b7b9f,0xea46d31c,0x9621c299,0xcfad7613,0x00000081 } },
-    /* 139 */
-    { { 0x478a7f0e,0xef796327,0xde17705d,0x914183e2,0x572117e8,0xd24a26df,
-        0xb7cd52cf,0x3cdb1b09,0xad83c160,0x9e42b9fb,0x709ef8c9,0x6971d2ea,
-        0x8ee54ccd,0x1894fc5b,0x34a520fc,0xf757b4e5,0x000000fc },
-      { 0x86b62347,0x5a5518cc,0x7bc2a928,0xec51c9d2,0x2966727f,0x2eea2b05,
-        0x0ae43e6f,0xbc8a8e3a,0x05ca066b,0x80535b5e,0x8833986d,0x91ffcdb1,
-        0x32374cdd,0x2f4a5bba,0x0d202243,0x08763a49,0x00000124 } },
-    /* 140 */
-    { { 0x4efac14d,0xe498b972,0xa79a9d3c,0xb6f4bf8d,0xd6e07c29,0x0f1e8dbd,
-        0x71771538,0xfac30cfd,0x71b03263,0x4c91ed22,0x19b455f5,0xbf938335,
-        0x127092bf,0x76a5e789,0xb4813bd9,0xa97674e1,0x00000128 },
-      { 0x583e5924,0x29b63c41,0x8f171d06,0x61f9aff1,0xab227a28,0x2b45b3cd,
-        0x8a11ab70,0x939d5dda,0xe8db6971,0x2bfb47b0,0x0ec10805,0x562379df,
-        0x24ce1801,0xaf5a6481,0x34f94aba,0x8d98c434,0x00000150 } },
-    /* 141 */
-    { { 0xcfffc80f,0xdea9fe73,0xd43473f6,0xe23e2e9b,0xc9d37ba7,0x27fb3ed3,
-        0x7a3fc357,0x733766d2,0x8e04a03d,0xd0db4cf3,0x2bbe0f43,0x8ce01752,
-        0xda986f4f,0xd87eb719,0x2fe6b037,0x6d1b50ae,0x00000153 },
-      { 0xda40bab1,0x371f5def,0x9b2bda63,0x07d6a8af,0x0d4aca87,0x5e8a5c89,
-        0x643ff8ab,0x4d72f0ff,0x4bf8ec2f,0x9c4c10d9,0x0eb93e22,0x36b0eaba,
-        0x1d2dfd01,0xbc4b0e8f,0x9d34a082,0x9f252e5a,0x00000142 } },
-    /* 142 */
-    { { 0x7d0e7020,0x4affd4c1,0xb5482168,0x9b169aaa,0x588f348f,0xdbe01708,
-        0x885986bb,0xdaebf6ff,0x15f9c381,0xb33987f5,0x04a94a7b,0x7e455f2c,
-        0xa0ed6849,0x39a41442,0x1ef7798c,0x1c1ad4a6,0x00000154 },
-      { 0x072709c4,0x7647b628,0x8810e5fe,0xb330d68b,0xe92e0f63,0xd1bd8874,
-        0xf8bea9ba,0x144e4fb9,0x8318981a,0xc15afc18,0xb68c6a07,0xe19c5c82,
-        0x36e00b66,0x858c57a2,0x07cb7aec,0x9b255110,0x00000011 } },
-    /* 143 */
-    { { 0xc887027d,0x121ced27,0x2bfab286,0x6050f335,0x19d511e2,0x6e373c1c,
-        0x7f4c69f5,0x02d4c3a9,0x25226bb4,0xe6f356af,0x83e7ac30,0x3b9011c3,
-        0x33d8fdfb,0x43b0c23d,0xaf2ea363,0xa8c390f7,0x0000000b },
-      { 0x7e851bac,0xc430c3d6,0xa5f544fc,0x8991c389,0x67fba061,0x006bbc64,
-        0x97cbdbf4,0xd49d024e,0x7734adad,0x4539b7dd,0x28cb6d2a,0x90ba8f9f,
-        0x4de4b3ad,0x7a921830,0xa7b96928,0xb28732ef,0x0000006a } },
-    /* 144 */
-    { { 0x22ed5986,0x71dab52d,0x58533e06,0xdeee627a,0xcf155fe3,0xe8fee37a,
-        0x7ae8b132,0xcd61490d,0x34a08b94,0x2706e185,0xf9c15c30,0xa85ffd52,
-        0x51a5ad46,0xd5a224f3,0x54d700bb,0x44d1b6d5,0x000001e6 },
-      { 0x862e4e9c,0x96830686,0x48763fe4,0xfe5cd76c,0xc0839caa,0x60309679,
-        0x8d83d62d,0xc0e4cbeb,0x11bc4ae2,0x911e254e,0x64fca062,0x96a0d7c8,
-        0xe9a27045,0xf5785dd5,0xf3e0412c,0x2f4677d0,0x000001be } },
-    /* 145 */
-    { { 0xab01a6dc,0x4c0012dd,0xae1adb69,0x391bd6c1,0xb9b05079,0x3ae7daec,
-        0x62a1061f,0xc2714f9e,0xa96536b7,0x71978ee7,0x5e17654b,0xeec11bd0,
-        0xefab3dd4,0xc71166e0,0x87edbf61,0x0f7aa572,0x000001d7 },
-      { 0x51eb5932,0x26ea6f7d,0x5f882ca4,0x354ea0aa,0x7739f7dc,0x175b6097,
-        0x9be57934,0xd335192a,0x78545ecc,0x9801f423,0x7b643c9d,0x32b8e256,
-        0x23e3abec,0xb9411dd7,0xcf1c6509,0x656dea68,0x000000ee } },
-    /* 146 */
-    { { 0xa0890deb,0x4d38e140,0xbceb84bd,0xbf7bd87d,0xba041dec,0x51f0ff72,
-        0xa6820be9,0xafeec70a,0x8c486298,0x755190a3,0xe7010ec4,0xecdba558,
-        0x8c7879b1,0xced91db8,0xef5e215c,0x08de3e4c,0x0000014c },
-      { 0x16266da2,0x9c1534ed,0x7b4c9009,0x9ce322eb,0x69927688,0x37decaef,
-        0x05c2844d,0x6525097f,0x1ac519ab,0xd23b7e13,0x65a3cc86,0x682ebb72,
-        0x628c4575,0x0c531db9,0x73805373,0x2e00e8b8,0x000000be } },
-    /* 147 */
-    { { 0x57ed32e9,0x3807c800,0x7c024997,0x427e40cf,0xabb54830,0x58506abb,
-        0xce820bf4,0x5649776f,0xb2c43e81,0xb5353293,0xcfef6648,0x671e8353,
-        0x903bdca5,0x27217d3f,0xa813fd79,0x40a9c109,0x000001dc },
-      { 0x3db21a38,0x6beaa6c3,0xd73ef7e4,0xcae222e1,0xbd1d507f,0x1ff684e7,
-        0x587a77ab,0xf5bac664,0x0c64a4d6,0x58c74f62,0x6a7c378a,0x4ca837d9,
-        0x3e42e409,0xf43df531,0xfb49e14f,0x8a9a4347,0x0000013f } },
-    /* 148 */
-    { { 0x992f8923,0x85ab4edf,0x6fd209f3,0xe24aa5e0,0x1b1340ee,0x27be9b87,
-        0x91e0bb40,0x2957d11f,0xf3d4c62c,0x425afad2,0xc7ff7aaf,0x2d231286,
-        0x0114cbe9,0x96412b2b,0xc3e23529,0x6706a231,0x0000019f },
-      { 0x225c02af,0x06b3bbd2,0x3fa3e98d,0x53ebc166,0xb84f482e,0xa6df2b75,
-        0x2bfc55df,0x912b4521,0x512a73da,0x30bdbd40,0x3d53eaa4,0xac0f43d9,
-        0x0c27fd53,0xfc358fe4,0x919424b4,0x2cb183be,0x000000a3 } },
-    /* 149 */
-    { { 0x3fa6a746,0xe39b0c2d,0x1d5a24a8,0xe84a7922,0x78cdf2b5,0x70a58914,
-        0x30666cb3,0x8a88067d,0xf6d71d06,0xb09a709e,0x0065d184,0x50007a3e,
-        0xb8dc9448,0x7046af4b,0xc65493ac,0x2b6a3129,0x000001fd },
-      { 0xe45f2771,0xd3d5d5bd,0xf432ed95,0x8542b08a,0xf232a6bb,0x2ecd40fb,
-        0xe8beccb2,0x0fcb6143,0xbf8e247f,0xcecc513a,0x8da3039b,0x955d56f7,
-        0x56c2a0df,0x9157c619,0x3031fe2a,0xa6d35cbf,0x0000018c } },
-    /* 150 */
-    { { 0xbe0c4923,0xdd800b1b,0x6902907b,0x046ae740,0x957bd0c7,0x2398b37f,
-        0x9655f8b8,0xaa8e1a9d,0x500f4150,0xcd2927fa,0x202e7aee,0x826a9c6d,
-        0x9f29692e,0xb4cf58b3,0xbf41577c,0x3093868c,0x0000011f },
-      { 0x333ed442,0xadcb5e7a,0x906fef7b,0xae5c8e2f,0x3d98f228,0x2d9b0123,
-        0x7ffe125c,0x4632f2da,0xba231835,0x59487731,0x12d2c512,0xa0caae5b,
-        0x9857d9c4,0xbf00e658,0x54f200f6,0xc5d10086,0x00000172 } },
-    /* 151 */
-    { { 0x2fc283e0,0x58954046,0x7ee0880e,0xf7633984,0xb7fd1622,0xfaf1b40e,
-        0xf598c5ed,0xecf5151e,0x7e00d9bb,0x6b4d92f7,0xa8c43fd4,0x7543e3b3,
-        0x6511d1d2,0x3994e12c,0xaf05b6d3,0xdd841a1d,0x000000c6 },
-      { 0x23b991ad,0x23da17e0,0x71fba514,0xaab2b213,0x0ddc1879,0xb417ec5a,
-        0x5f63acdc,0x173bc8ad,0x1e2a7d50,0x2fcf5210,0x6106d008,0x63373fd0,
-        0x7db012cf,0x1e8211de,0x576545ef,0xa07766d9,0x0000018c } },
-    /* 152 */
-    { { 0xaf80dfaf,0x8e4347b9,0x9c4667f3,0xa80b631f,0x6ddbc238,0x6ff1db26,
-        0xaa8718a0,0x6161e365,0xaf31c35f,0xe7f7ac90,0xfc6846e8,0xc03831d1,
-        0x684175b4,0x1e669d10,0x934b731a,0x6da9d620,0x000000c7 },
-      { 0xa3e4e78b,0x981f597b,0x55099f9a,0x2c14dedc,0x93088c61,0xbf373995,
-        0x9b207458,0x7c568307,0xa2276900,0xc4440c47,0xf7e6daf3,0xb6df23c8,
-        0x42929103,0x4f662c25,0x8b3b7963,0xf4ea6db1,0x000000f9 } },
-    /* 153 */
-    { { 0xced36049,0xc669eb88,0xf41b99f8,0x87a4ffe1,0x6a72e108,0x690b7563,
-        0x65a0bb8a,0x67dd6a8c,0x96e42955,0x42cf8c58,0x1aabffad,0x5286b5f3,
-        0x8f6f26a4,0x1f7dfaf2,0x0e1ae503,0xc5d9e0ac,0x00000120 },
-      { 0xacc10da7,0xafbee3ff,0x944946e5,0x67e2d5f9,0x3c4220ff,0x8ec17e86,
-        0xbd6f632e,0xfe6f7414,0xc3fc9ef4,0x4a9e3c0f,0x03bfb870,0x25ff3cba,
-        0xbb03342d,0x18fd3600,0x0050cd2e,0x1e63e753,0x000001ac } },
-    /* 154 */
-    { { 0x8f3d6a02,0xdd83d07c,0x7ef4d0d1,0x71fc143c,0xd4c7af61,0xca994bf0,
-        0x827c5cf0,0xc8a93e98,0x2b697882,0x4a102c7b,0x8a55e8ba,0x633c87d5,
-        0xcc2d64f0,0x1ae8822f,0x986d01fc,0x2ce9b53f,0x000001c1 },
-      { 0x95dc1b79,0x859639fd,0x3f4e616a,0x2728f754,0xede2fb9f,0x6e703c4c,
-        0xd50fae9e,0x042f7680,0xc2d530ed,0x0546bc3b,0xcdd598ac,0x00a4006b,
-        0xe1294910,0x3f3286c9,0xb6bf9629,0x77782255,0x00000146 } },
-    /* 155 */
-    { { 0xe30c98fe,0xaf81421e,0xfc2cd705,0xdeb0feb0,0x14df6ad2,0x9b2c4ca6,
-        0x9ba314e8,0xd38134de,0x4f04b16d,0xa443deb8,0xf07f8ca8,0xfc556ee0,
-        0x3a4f3917,0x3c1c83bb,0xb1adcd41,0x8397dd24,0x00000199 },
-      { 0xdf4781e6,0xca01e17e,0x46f1f901,0x32d7c319,0xb53090da,0xa227a613,
-        0xa7c8c607,0x2495b1dc,0xddc69709,0x1cf2fbee,0x45608098,0x1d3d82bb,
-        0x085134d7,0xcfcddda3,0x96798c41,0x3dd171b5,0x000000d2 } },
-    /* 156 */
-    { { 0xd4dd7e96,0x97a40f84,0x8409fc0c,0x7114c8ea,0xa9d11393,0xc56f29e6,
-        0x8fd8c6d6,0x3b606621,0x00269e7c,0xad3baa86,0x05929d5f,0x1413c6b0,
-        0x222e365b,0xc1ad7e40,0x4798aaec,0x6a82621a,0x000001d3 },
-      { 0xc1003c81,0xaeac45c4,0xf43d8602,0x9ef9ef5a,0x60f77469,0x36a65f5e,
-        0xbf5d2858,0xf312e7ab,0xc84acef1,0x2f53ec81,0x9d248b52,0x63e32ca2,
-        0x81e65c60,0xfe9aa7c5,0x52841973,0xe3686c9a,0x00000017 } },
-    /* 157 */
-    { { 0x9e90de99,0x0b2efe65,0xad05ab63,0xbe4485bc,0xe14e4892,0xc48a6a52,
-        0x22628687,0x2ad85430,0x5eb3db54,0x261f0e95,0xd45e5841,0x48e81863,
-        0x8ed75739,0xcfe1ce0f,0x7d84ade4,0xbd6f1ff5,0x0000003f },
-      { 0xd1bf968c,0xd43711dd,0x48dfa472,0xd558d7cd,0xe425a566,0x49f09223,
-        0x5c26d041,0x0cf83338,0x7c2c1743,0xbe7b81f1,0x5143d9d9,0xe3bdc33e,
-        0x94fd3fae,0xf385ac35,0x9fd1811a,0x7551cf42,0x00000113 } },
-    /* 158 */
-    { { 0x20193bb2,0x4928f55b,0x7310b872,0x96e579d0,0xd345d276,0x5ee06309,
-        0xa871868a,0x9a43e432,0x11038683,0x28c113e1,0xa332f108,0x8286ecf3,
-        0x0385cbb4,0x3348aa37,0xef158daf,0x698ffcaa,0x000000c6 },
-      { 0xf6908745,0xa044c54a,0x6a3353fb,0xa6b336e4,0xd561e821,0x694c2852,
-        0x3634917f,0x1b297970,0x81f61315,0x6e1023b9,0xef46a5ef,0x6817dc2b,
-        0x8e114f7f,0x93dea0af,0xed72c5bf,0xc3cf3cd5,0x00000136 } },
-    /* 159 */
-    { { 0x7b080de4,0xbb8799ab,0xd69d8396,0x3b8f781d,0x986f8f63,0x76b42aaa,
-        0xa54bc5ca,0x5d74c038,0xa9c2fbb9,0x76fcb605,0x80178930,0x8451b440,
-        0x9d286f0d,0x40f00c38,0x0c543263,0x3038e952,0x0000014c },
-      { 0x6977aad9,0xc94bc381,0xd7087be3,0xadbfd082,0x875fed08,0x06d0820c,
-        0x345656fc,0xe1ce84d4,0x0fd6dd4e,0x71c4d8e0,0x6a5fab40,0x23338b22,
-        0x0baeeb6f,0xd477eac1,0x5f80c26c,0xe4db08bb,0x00000078 } },
-    /* 160 */
-    { { 0x1078342a,0x0111d12a,0x559a1064,0x0534725e,0x0fd3ffdd,0xea459d59,
-        0x06f0ac1f,0xcf694a9f,0x3e19bc69,0xf6d24adb,0xb9ddcd00,0x3ce38f5e,
-        0xb632dd4e,0x38400f66,0xe15e1c55,0xcab8fdfb,0x00000085 },
-      { 0x8d09422f,0x0a943f6b,0x0f988c3b,0x17d29756,0x2ef2e4d9,0x55a441fa,
-        0x35f7c13f,0x6743523b,0xedaad3ff,0x274d3407,0x9347242d,0x59411435,
-        0x3bb8615d,0x1cb27301,0xbd7794cd,0xa0437004,0x0000007d } },
-    /* 161 */
-    { { 0x2d712c44,0x824b99a6,0xa6962577,0x148368f8,0xd65e2287,0x8ed68432,
-        0x6f5bc5f8,0x14028306,0x4ec3479d,0xe6cf3121,0x9326db70,0x96db6f44,
-        0xca32936b,0xca5ac098,0x2fea21af,0x69e248c7,0x0000004d },
-      { 0xa71269fb,0x0aa89092,0x18650b60,0x2f6bdba8,0x9fb55db2,0x1d9cc2a3,
-        0x6311e9d0,0x0fceb0df,0x90ac2c1d,0x6faeb79c,0xcb1f372a,0x2393b222,
-        0xbc8c4193,0x62a6f3df,0x2fe8e674,0x9dea30b2,0x00000001 } },
-    /* 162 */
-    { { 0x12b3118b,0x7df689ac,0x6cb6ea56,0xd06ee39d,0x187cd978,0xcfcc22c2,
-        0x8d537d87,0xb985b681,0xe9f56db2,0x75845152,0x5e098c15,0x0f839871,
-        0x3b212cd2,0xbe96a5c8,0xd9ac1c47,0x3dda0338,0x000001fb },
-      { 0xcfa0a9b8,0xf06b7fe0,0xe22dcf75,0x9478bac7,0x136887c8,0xf3815e04,
-        0x914c54bc,0xed811dde,0x0f51ea64,0xc8c24160,0x4c870577,0x63914d83,
-        0xa8abbcb4,0xed24e552,0x2644f52e,0x9e5eb9e8,0x00000001 } },
-    /* 163 */
-    { { 0x66d52313,0x1f65a04e,0x4d3f72bd,0xfd694545,0xa6b7ae11,0x2bc0ddaf,
-        0x571ab247,0x921f79d8,0xae5a8d68,0xd4c5f966,0xaec5ce13,0xfde17716,
-        0xb764bd39,0x70e6eda4,0x990d6783,0xffe94085,0x000001ef },
-      { 0xd88f92e8,0xf3fa0e27,0x9c77123c,0xa21ef0fd,0x89274dba,0x6259974c,
-        0xb9ba2762,0xd4cfa4a5,0x46ebcaf6,0x10c909d2,0x8f8e2870,0x0317a10d,
-        0x453aeea2,0xb0771de1,0x68c6b0a3,0xdf0c4791,0x000000ea } },
-    /* 164 */
-    { { 0x4c854477,0x11bc1e48,0x8638e47c,0x2bec25b4,0x869c54d9,0x43d4e02b,
-        0xbe1e7ed2,0xe318de32,0x6b460c4a,0xf5471eb0,0xaa426afe,0x38ae7bf3,
-        0xd8452dc1,0x23ae26dd,0x5782de9d,0x9d3fc1d5,0x00000164 },
-      { 0x0ade1979,0xd87cae31,0x3b4bc728,0xa847041d,0x56c3c9be,0x38923c40,
-        0xd74ae467,0x36fe182a,0xecbe49ae,0x92bff6f4,0xdc41f9f5,0x6680db80,
-        0xe4630715,0x35bac06f,0xd6d07307,0x6d68b4c7,0x000000c0 } },
-    /* 165 */
-    { { 0x854dfcf2,0xdbe22be7,0xa6ae3bd0,0xee21a7df,0xa521ec46,0xf4633ad1,
-        0x41a9484c,0xee94527a,0x2aa123f3,0x1145eb9b,0xcae3ca92,0x5634a82a,
-        0xfc85d925,0xe176aca0,0x19082d8c,0x504cf7fc,0x00000078 },
-      { 0x3799793c,0xd74ce7c4,0xb5519fb5,0x74ddd618,0x95ff9808,0x2cf6df93,
-        0xb8bf61e6,0x00ea45d1,0xdcfcf54f,0x26863613,0x030035b0,0x67423b76,
-        0x4028a9cb,0x9fbc7534,0x051a077e,0x7b52ce37,0x000000f4 } },
-    /* 166 */
-    { { 0x96bec962,0xebf7d8ad,0x17e0107a,0xd1cc81f6,0x214e1058,0x64c44509,
-        0x42394c9f,0x6c298c43,0x1a660513,0xd910052d,0x90df8243,0xc3643754,
-        0xfe5cdea4,0x2313be1e,0xd27fb7b1,0x249a60f7,0x00000076 },
-      { 0x1cf593a0,0x74975838,0x8364c59e,0x0c9ceefb,0xe05c9991,0x2f5a1333,
-        0x421808e3,0x30ea5e1f,0x4f5e8f4f,0x56fb3a4f,0xb6c0cb47,0x2cae6e2e,
-        0x08bdcc6a,0x60b307fd,0x0ff8c117,0xee17901c,0x0000001a } },
-    /* 167 */
-    { { 0x89aa9e14,0xc048336b,0xf676700f,0x66634271,0x906b6980,0x4daa0433,
-        0xebb7ab23,0x30247ee1,0xeb59a053,0x969b4aa7,0x8000f4d5,0xd78ef825,
-        0x46026b5b,0xe5db38eb,0x7d6856c4,0x06a43e5d,0x0000003b },
-      { 0xed2a0ee7,0xaa0ae838,0xf16e8813,0x04bbe528,0x4ea64137,0x8ab6df5c,
-        0x06e29867,0x5be80cb6,0xf459ed2b,0xf19b1b72,0x1761521a,0x7a9cce4d,
-        0xaa516f3b,0x39aff994,0xb3416925,0x97d92e86,0x00000007 } },
-    /* 168 */
-    { { 0x5af3a8ca,0x25aeede1,0xa5c351ec,0x33924782,0xf93ec080,0x41e7a3fb,
-        0xe6f425b4,0xb04f93c4,0x81e76009,0xe4ec12ec,0x5180ffc6,0x797366d4,
-        0x0e0aef3a,0xd293cbb5,0x68d71d91,0xa1496944,0x00000061 },
-      { 0x675a67a1,0xf52c541c,0x8f5fe906,0x67d38d30,0xf6be988e,0x2a70bccc,
-        0x18589886,0xae03ecbe,0x7067045b,0xecd02616,0x10ca8d96,0x1facdd99,
-        0x30c0735d,0x7aa10a82,0x3328f21c,0x2a27e554,0x00000015 } },
-    /* 169 */
-    { { 0xe6057e27,0x3dd609e0,0xc7a454da,0x87e8b6a7,0x1f32dd5b,0xff599145,
-        0xd0ef51e2,0xea397a88,0x25567546,0xc49866a1,0x3228b480,0xea45c8b1,
-        0xdd01997a,0x3dbe0e77,0xc51867d2,0x0e2ea28f,0x000001f8 },
-      { 0x69d0820b,0x6295412d,0x1ea65a18,0x03173127,0xeb06380d,0xc27c8221,
-        0x75fe9706,0x7ffd4efc,0x5a71d250,0x7b396a57,0xc7cb7543,0x61c80051,
-        0xad4dbee3,0xe07db4d7,0x9b192d45,0x1c7481f4,0x00000143 } },
-    /* 170 */
-    { { 0x08e1cc4d,0x5eab2d04,0xad2dc1ee,0xe93758d3,0x5c9c7393,0x0ceb7dfe,
-        0xd3379683,0x530d86a9,0xe24f86d7,0xef5283ca,0xf0b1bb0b,0xab5d1a64,
-        0x54db4e3c,0x96aabc1f,0x3bc00c59,0x3e3d87cc,0x00000144 },
-      { 0x1d60e7b0,0xe50a8213,0x5d33d018,0xfc9b629b,0xfd05338d,0xc54aee42,
-        0xe821c6ea,0x0678f2c0,0x06ac09cb,0xe5c9d75f,0x53018df6,0x83357513,
-        0x0bf8c667,0x81ca6fac,0x9d0ae2dd,0x7fc8020e,0x000000e1 } },
-    /* 171 */
-    { { 0x1baaa5eb,0x8add4741,0x79bd8036,0x02cbb759,0xcdffed22,0xd8680c40,
-        0x4e091141,0x1c23a8f0,0x20748b87,0x65d141ed,0x659e9289,0x586a1575,
-        0x5006dbfe,0x7c68d7cd,0x22569a74,0xda0ad0df,0x00000148 },
-      { 0x7f9069d7,0xc8fcc5db,0x5c0531a4,0x2487d245,0xe9a2db3a,0xc5ab4899,
-        0xb4fe9720,0x52bfd538,0xd27f35e4,0x73a04ca4,0xee2dac93,0x7cbbc549,
-        0xff3ee7e2,0x0287229d,0x28da9360,0x3179878d,0x000000d0 } },
-    /* 172 */
-    { { 0x3b66c047,0x89b7e9bb,0x602a3e1d,0x22e65869,0xc8db9c00,0x44f82297,
-        0xd08a74a3,0x0e76aca3,0xfcd398de,0xfbf1a71d,0x8320e66a,0x2fbb6eaa,
-        0x179c9fc5,0xa82d0ebc,0x4e7ab2b4,0x4e00cf6f,0x0000000f },
-      { 0x4890c439,0x424c0e9a,0xbc35a6b2,0x37564a2b,0xd9b7497d,0x95a4479d,
-        0x612de942,0xa1ff3f0d,0xe60d0033,0x358627fc,0x522417da,0x815da8c0,
-        0xef6b8385,0x506104d4,0xf16e96aa,0x800728d2,0x00000120 } },
-    /* 173 */
-    { { 0xab039042,0x976f2372,0x9fa084ed,0x10e6978c,0x58bec143,0xd03fdd2f,
-        0xfe2045c3,0x3200c101,0xb0a5a928,0xe6868f7a,0xe61faff8,0x26c95d1d,
-        0xb7b12265,0xa1e20127,0xc2a5ed17,0x8e63dd78,0x00000089 },
-      { 0x22bba4ee,0xbb6533da,0xf496a574,0x3eff6397,0x14f2a6b9,0x409329f7,
-        0x1dfdd73f,0xa08248bd,0x69bca1b1,0x62f33f2e,0xba2e0327,0x9a177e64,
-        0x75ddf741,0xbc50e993,0x4a56bd1c,0xb87a979f,0x00000095 } },
-    /* 174 */
-    { { 0x67c1f177,0xe83736a9,0x600133c9,0x1b6d3508,0x6eac9a5b,0x9424bb92,
-        0xc27ef31c,0x7a9c01a6,0x122b4870,0xad93bba5,0x9d1ac985,0x9eb94e2a,
-        0xd53f175b,0x511c0206,0x5102d914,0xd13eb252,0x000000b1 },
-      { 0x675a1171,0xcfe7dbeb,0x16c0d2b1,0xb228295c,0x057c88ca,0x8db25b5a,
-        0xd300e9cf,0x73ea9e96,0x269552eb,0xb0e0037f,0x9e0f98df,0xea9d035c,
-        0xd290480f,0x860e49b8,0xc036b319,0xa35e9512,0x00000037 } },
-    /* 175 */
-    { { 0x8f00df48,0xc56729ee,0x11ac8304,0xb89ca7b6,0x8b3a8123,0x497a57f9,
-        0xc21ca3ea,0xe0431b19,0xe2bb3ce7,0x45a73deb,0xadc77819,0x2f86cc2b,
-        0xe5eb3df1,0x5ff005e4,0xdd27dcf0,0xf955dd7a,0x0000005e },
-      { 0x00ee402f,0xe0c22ffa,0x3b30bb4c,0x5b335e2a,0x643cb101,0x542551d0,
-        0x3cd19688,0xc6183f45,0xf0be54b4,0xc6664f22,0x4c20cde4,0xa5f4cfee,
-        0x80a4c475,0xdcaa972f,0x59111ed9,0xde4af200,0x0000019c } },
-    /* 176 */
-    { { 0xd771f428,0x9e9d0bc8,0xe43ca382,0x3ac1ecd9,0xeb93acf0,0x8d5ee480,
-        0x065a2a3f,0x16232f81,0x2f0b8a73,0x1fc04faa,0x025474a2,0x4a8df7e7,
-        0x3bb15f6f,0x51ac4ff2,0xe0950e52,0x66e21b73,0x0000006b },
-      { 0x67a41dee,0x59c98480,0x7b3e2b3f,0x2cfa95ae,0x891454e1,0x54d98386,
-        0xeefca6a4,0xf0dddbdf,0x11e9cb75,0x5f691b24,0xfef208c3,0xa9b9e766,
-        0x18b33cf6,0xe8df1000,0xd1c174a9,0xb8a55ac9,0x000001c4 } },
-    /* 177 */
-    { { 0x5c4cccb8,0xa99f5862,0x2ef4d3ef,0x70bf5209,0x89efc878,0x28f4e576,
-        0xda14206e,0xa2366f96,0x7c52107d,0x90331a00,0xd4a0f0f0,0x478d4cea,
-        0x472a47b0,0xb2899ee2,0x64207549,0xae96534e,0x00000110 },
-      { 0xcced05b0,0x2cc1d655,0x01759543,0xabac3f09,0x8e577cd7,0xbaeb70a4,
-        0x40e98d6d,0x84b00893,0x603d24f1,0x26983653,0x2572173d,0x6e145883,
-        0x611141de,0x1d348b26,0xefa27f34,0xe52257dc,0x0000006b } },
-    /* 178 */
-    { { 0xc947e655,0x92678f33,0x08923795,0xff0fb76a,0x790239d1,0xb2dfe745,
-        0x3cdbb7ce,0xea087492,0x05f6d41c,0x21326db9,0x79dc5588,0x5b1ae9ae,
-        0xe9c31702,0xe145340c,0xa2c38a9c,0x07502c29,0x000000c3 },
-      { 0xc156ace2,0x0c124f11,0x79ff2529,0x2c170fe7,0x6e1171b2,0x60df9a81,
-        0x55de2797,0xa19bca83,0x7c6cc79d,0x1ad927ea,0x1d61f770,0x28590112,
-        0x261c06bb,0xfe80c826,0xaa2642bb,0x4050d338,0x0000015e } },
-    /* 179 */
-    { { 0xeaad87bc,0xc9397829,0x81e84cbd,0xe0ac9367,0x6ade4fde,0xb579c24d,
-        0x690d7f56,0x50b9aba5,0xd14fb0b9,0xf09b29d3,0x25a0e7b6,0xd0684f23,
-        0x606f4ff3,0x0514e9d3,0xe8ad733b,0xe63bdd26,0x00000077 },
-      { 0xe0d25c6d,0x0afd06ec,0x00ba2dcf,0xdd90021a,0x8c5bb398,0x1b025770,
-        0x198ff8fc,0x077f06d8,0xb7e2cd68,0x87d50ff1,0x263a3572,0xef75e057,
-        0xfa925a9a,0xbf257892,0x739d0e95,0x847d3df0,0x00000111 } },
-    /* 180 */
-    { { 0xfec82924,0x52ab9cc7,0xa7220d69,0x1c76dd69,0xa06ef0e2,0xa63527de,
-        0x27183904,0xab3e51c2,0x716807c8,0xf4db35ea,0x748f1246,0x8f3ede0a,
-        0x41156095,0xf1493644,0x874b38de,0x5f6583d1,0x000000f7 },
-      { 0x0b927eb7,0xa39189e1,0xc2e2f127,0xa87c6359,0x7fe966f4,0x0b72c233,
-        0x105e5585,0x102b8382,0xe58c39f9,0x63fee006,0x991b5329,0x3f052ee3,
-        0xcbaff97b,0x7f5b854c,0x5f805060,0x935e5f6c,0x0000016a } },
-    /* 181 */
-    { { 0xdfd88d38,0xf19a0355,0xc549df40,0x555cd8e3,0x04d006e1,0x322729e3,
-        0xfd0b0ce6,0xf16b706c,0x35f2ad31,0xf156dc09,0xf7a3df9f,0xb30c5213,
-        0xa55e5fb5,0x9f29cc92,0x2b858da2,0xa0ecfdd4,0x00000144 },
-      { 0x52658a92,0xb5c115df,0xc4281616,0xbce3ed17,0x7fd92a91,0xa5595f70,
-        0x9cd5d896,0x663c8bfd,0x5a9472b1,0x0776343f,0xb033e1bd,0x14e44ca8,
-        0x1e5c02fb,0x27a1c986,0xcc4ffb32,0xece0f2c4,0x000001b5 } },
-    /* 182 */
-    { { 0x31211943,0x17127bab,0x5684325c,0x44a8cac6,0xd855fc3e,0xd2fe0b88,
-        0xce91eea5,0x47abab0c,0x78ec7d12,0x5d23ddc4,0x0cd9fefa,0xa3986de7,
-        0x82655766,0x32c7b867,0xeeaec7fa,0x3e54018b,0x00000087 },
-      { 0xb38d17c1,0xc96e86f2,0x71fa040d,0x9cbfbd0c,0xf88499cb,0xe111ab79,
-        0xf71ec80b,0x1d47c5ce,0x46c89692,0xacaa3bc1,0x3d316331,0x5f921c0e,
-        0xe768765b,0x31fa081e,0x41eff270,0xd5dafd5f,0x000000fe } },
-    /* 183 */
-    { { 0x4cda1348,0x8af10b9d,0x25c3013a,0xb0769fd2,0x8957c22b,0x450aa5b1,
-        0xf5acf1c4,0x5cafd6c7,0x9fef8029,0xcf71a140,0xee089f5d,0xe12029f5,
-        0x0fbd2ba8,0x9752a8fb,0x6f70cb58,0x61e2275f,0x00000090 },
-      { 0x1fbda16a,0xb70a4ac5,0xf1dfa2a2,0x79910e79,0xd9945f6f,0xba2ce132,
-        0xeb4ba4ef,0x450d59ae,0x4bf2d53d,0x6a8e09b3,0xe620c7a8,0x76010204,
-        0x0a53c6f4,0x63f8943d,0x87eaf56a,0x14c91d19,0x00000132 } },
-    /* 184 */
-    { { 0x490d66c3,0xe54fb120,0xa0dc8204,0xeaed7328,0x04b4294d,0xba014c38,
-        0x31ddc467,0x3f2fa2ab,0x8342ed11,0x70ff55ea,0x23034e0e,0xb18da72f,
-        0xbd8ae3c1,0xadc30dbe,0x3e945a02,0x179bdf6f,0x0000009c },
-      { 0x7484c26f,0x46c928ef,0xef2adbb1,0x206b7db1,0x3f58dda7,0x0887f548,
-        0x4bc7edb6,0xfde4e20c,0x975cafdc,0x484d121d,0x86beec20,0xc5b59670,
-        0xa6d6db67,0xb579aa88,0x41187488,0x22c6d87e,0x00000015 } },
-    /* 185 */
-    { { 0xc471d4ae,0x0a890757,0x43a1da76,0xfef4b1a5,0x6aa701a1,0xb892b182,
-        0x59c65f93,0xbf4d4e52,0xd789df35,0x923af929,0x0b79c3f2,0x3ccb46c6,
-        0xcf4cf130,0x95582ce7,0x257f0ec4,0x7da081b4,0x0000011c },
-      { 0x9aeef274,0xf92c6ae5,0x1437c083,0xe6c5bf4f,0xe13c86af,0xaa74b023,
-        0x2a225360,0xd21dace6,0x22589fa5,0xb3d572b8,0xdfa74b0f,0x3d4a3916,
-        0xb12891a9,0xe76cd8dc,0x59f4cfbd,0xa0391a3f,0x0000019a } },
-    /* 186 */
-    { { 0x203fc3f1,0x054ba69e,0x62106a29,0x09168ccb,0xaad5fa9f,0xb0818540,
-        0xbff7ed6f,0xecb8f20e,0xbef94afd,0x2c80a618,0xb0abd1db,0xe25d8ca0,
-        0x028e0a7c,0x75e67a41,0xd6e95b9a,0xdd7662dd,0x000001b2 },
-      { 0xf289d7ee,0x87dff279,0xeea2205c,0x4d755d59,0xc18adac6,0xaeb0fd54,
-        0x7ec01019,0x3a8c46cf,0xb48d70a4,0x6fc90e7e,0x10b39ef8,0x965c53c1,
-        0x38545a20,0x455777cc,0x57dd023e,0xa33430f7,0x0000016e } },
-    /* 187 */
-    { { 0x0ff53d2c,0xfa9f3949,0xb00349b9,0x8dc91596,0xd5997967,0xf10a5014,
-        0xa8a6b78a,0x4dd72dab,0x8b517b10,0xef5de540,0xa6d39be0,0x142b90bc,
-        0xeda17f70,0xcaeaa3e9,0x06b31118,0xa01689d6,0x0000016d },
-      { 0xf46afff7,0xea6ca563,0x34a5e5f3,0x3945c7ba,0xaa998fd8,0xc1ffe4c8,
-        0xb63f535e,0x42a60146,0xd1f509e5,0x50816888,0x9f8cd0db,0xd1918daa,
-        0x78a36772,0x6505e6bb,0x9cc6dc66,0x4ab03a81,0x000001ef } },
-    /* 188 */
-    { { 0xd376d986,0x06089d14,0xa2dc35b0,0xd0f4e077,0x53ff2c86,0x1c11709a,
-        0x123c3fc8,0xfef4ba45,0x1b656fc2,0x852cd5a7,0x1fefa8bb,0xb57c7489,
-        0x48110b77,0x8f05383e,0x52c5a129,0x4b55d3ad,0x0000004c },
-      { 0xf3827633,0x5110cff3,0xe00afe96,0x086784d5,0x3ead32fa,0xcb387882,
-        0x2b91cd86,0x3dcf4d16,0xe6f3638a,0x078b6a58,0xe8b7fd42,0x33792112,
-        0xee5683e7,0x6964044d,0x28e28433,0x3b84210f,0x00000122 } },
-    /* 189 */
-    { { 0xc3ebeb27,0x6c28a9a9,0x3ef590f8,0xd7bcdcb5,0x4dae7f37,0xe88a2e11,
-        0x726ea7c9,0x033522e4,0x8c141388,0x99d50386,0x61621575,0x59b1aeca,
-        0xfcc564d8,0x719fcfeb,0x1aeb8e36,0x3a577af1,0x00000043 },
-      { 0x6feba922,0xc3f26ce0,0x475a5693,0x5f6c83ee,0x28bf378e,0x7f796740,
-        0xbdc3f6f1,0xd2a5e368,0xa6ed90ae,0x3d034a0a,0x4a47cbd5,0x3b1c3a4c,
-        0x4dce2bc8,0xa4f0aa6e,0x74ca00eb,0x97c7af43,0x000001c0 } },
-    /* 190 */
-    { { 0x79c28de7,0x00377178,0xab9c330c,0x617aa2aa,0x66bc61eb,0x43081826,
-        0x4d78b504,0xe0b5b5cf,0x9870fc72,0xd76a752d,0xd40b7bc5,0x3b4689f5,
-        0x87f2d03a,0xa97fd867,0xfd6060a9,0x6ab7b5ee,0x000001c0 },
-      { 0xffb71704,0xe99eadb1,0x390fe3b1,0x436e58bb,0xab4f19aa,0xeecab82c,
-        0xe0f3d9dc,0xda492dfa,0x6e20ad12,0x2a0f54bd,0x7dbbd262,0xaf89fa0f,
-        0xe8d2eb54,0xdcc50a1a,0xef7d0758,0x9799f816,0x000000b7 } },
-    /* 191 */
-    { { 0x104f98cc,0x9ec46462,0x72aedeae,0x45115922,0x7e62186f,0x7ae93dd0,
-        0x8d6d69b6,0xd17ce026,0xfd43a8f3,0xb5347608,0x7c0ab797,0xe87f1c13,
-        0x139f991d,0x3bf597a8,0xe547e0d6,0xe293a85b,0x0000008d },
-      { 0x8ef668b1,0x0982add3,0x611c9764,0xc54e6b2d,0x1c1d4263,0x3ce76b12,
-        0xeff64e73,0x3134b28e,0x2871612a,0xaf71a9ac,0xba093594,0x31c88af2,
-        0xba9108e8,0x0b649112,0x5cf437da,0x8febc5c5,0x00000113 } },
-    /* 192 */
-    { { 0xc4a2daa2,0x7e9ca589,0x400f608c,0x18ea703c,0xd5175103,0x6f8cd058,
-        0x4abb6f29,0x26493472,0x94296ab4,0x0be553e1,0xac51657d,0x9af9398f,
-        0x4f880ea8,0xe232deec,0x67b1e1b1,0x2f81761e,0x00000137 },
-      { 0x3a20f662,0x51014bc7,0x49ed9502,0x1fb7e77c,0xb62b9652,0x89f5096f,
-        0xa2e8d37e,0x3a659c67,0x5804170e,0x0f2b2a26,0x9ed50a34,0x1674fce6,
-        0xfdc3c00f,0xaaa4537e,0x4ce99d93,0xf3c3bfda,0x00000198 } },
-    /* 193 */
-    { { 0x81614189,0xbab1f5cd,0x24b259f7,0xc7d56c45,0x45fb415e,0xc7baa4b2,
-        0x7af6bef9,0x302bc8dc,0x74b48e82,0x91b770e0,0x9b6d1b1f,0x4a1336e0,
-        0xe6680c97,0x285c1357,0xc7ccb625,0x59bcb813,0x0000012d },
-      { 0x7c019927,0xddad83b4,0x630dfd5b,0xe10f2667,0x31e05d23,0x15dbec5a,
-        0x456ac460,0x2aa6e5fa,0x243cac82,0x46956529,0x4dc8c9e9,0xc69c9c7f,
-        0xe24a4065,0xadb27e09,0xae41301b,0xdfa7a34e,0x000001cc } },
-    /* 194 */
-    { { 0x59cb1a7d,0x176a864d,0x6aefb8ee,0x4d864ca3,0x1c22b0d8,0x0ee83acb,
-        0xd980df1d,0x7e80a6eb,0x7f94ced9,0xf582acc4,0x3a72c115,0xa29cd123,
-        0xc7107bb7,0xce12a2a8,0x4ed80a30,0x0229ca56,0x00000150 },
-      { 0x2f1c180b,0x9774bad5,0xd749aa10,0xd08be998,0x56dbd1ba,0x978c48ab,
-        0x0afbea9a,0x6ed3e3e4,0x153dc5fc,0x8a8be97b,0x9be93ed0,0xadc7f095,
-        0x2cee23bd,0x8d242908,0xdc2729de,0x417523c6,0x00000016 } },
-    /* 195 */
-    { { 0x6c14a31e,0x74eeccf1,0xb2de3c2d,0x488e2534,0x7cec43c3,0xf9bb3599,
-        0x916ac936,0x4210459d,0x9f7e4400,0x71d15c02,0x44553583,0x8c9c7c12,
-        0xec94a467,0xcc97548d,0x3167bad9,0x4ca67818,0x0000014e },
-      { 0x8d0312bf,0x033af055,0x54161e66,0xbd1bf4f5,0xfa41781d,0x259945a7,
-        0x00eef1d5,0x33494da8,0x79c3b8d0,0x6c505ec0,0x1c9f6e69,0x70ae1ade,
-        0x76830aaa,0x0288f0c1,0xa62a060c,0x7f4cfe3b,0x0000000c } },
-    /* 196 */
-    { { 0x057d6006,0x0d8b447d,0xfd71c8b0,0x38b976e6,0xabcf40f5,0x5e77e029,
-        0xf103a783,0x13bee386,0x5e472c4b,0x20a6ac20,0x31fcb194,0x43b045f6,
-        0xc00abf49,0xe5dc1d9f,0xa5556b79,0x28c0bc70,0x000001b5 },
-      { 0x8a8640b8,0xba9d07ee,0xd0e34012,0x25611023,0xbe24ae89,0xc7ce655b,
-        0xfa579dcd,0xe358e524,0x377bbfe5,0x57ce2715,0x3c0947e4,0x64651c6c,
-        0xf4a97826,0x5fbd8d50,0xe2e1c15a,0x6fcdd28f,0x0000008d } },
-    /* 197 */
-    { { 0x5c7202c8,0xb564a2f6,0x5a54b0d8,0x7d634052,0x1434fbf5,0x8414d672,
-        0x1d9830a3,0x8114215e,0x5ef0fbe1,0xc7a758d5,0xe6f57f9f,0x5705dcf8,
-        0xd92269d3,0x5dd49a56,0xbdb49f97,0x8f015d7a,0x000000f1 },
-      { 0xb4799ce6,0x07131110,0x2cbcb7db,0x35bbfb99,0xf7ba21e2,0xc1f00c9f,
-        0xb18f49fe,0x009d6913,0xabcf959b,0x8da61951,0x0d42146e,0x0e687213,
-        0xae5f23f1,0x55832817,0x9ae7386b,0xc9b5bb68,0x00000143 } },
-    /* 198 */
-    { { 0x48c74424,0x423328db,0xd19cb2eb,0x32616e11,0x40d6e217,0xe534192a,
-        0x0cbdc752,0xdd83a94c,0xd733bb01,0x5c623050,0x5b7a4520,0xcd0d631a,
-        0x9a4011c8,0xccdc0a25,0x646e7cd5,0x22f112cc,0x000001e6 },
-      { 0x3e1e4c4b,0x47d6e29a,0x9fb1548a,0xd5f82538,0x4fd3e319,0x7e3705b5,
-        0x0a08b966,0x8c4ce59a,0xd8cbe8db,0xbca749e7,0xaeec3d75,0xcc4496ea,
-        0x8a1a313d,0x17dc723a,0x8ceb9360,0x250ff77a,0x000001a5 } },
-    /* 199 */
-    { { 0xfe29bd79,0xa55a0726,0x4f990b34,0x6574a810,0xaad56983,0x6906946d,
-        0x50d41fef,0x0e580ab9,0x6e6f7f45,0xbc75b514,0xf0f3718a,0x508cc97b,
-        0xa5634087,0x51ba2ca4,0xe64d8910,0x75c39077,0x00000172 },
-      { 0xf77ca6bd,0xf37cccaf,0xbdb18df5,0xe0a0df41,0x019e01f7,0x9f46cff8,
-        0xaa65d72b,0xbe4f3d44,0x6e3663e9,0x7822d8ac,0x3ef9db6d,0x5f37f922,
-        0xabe4a9aa,0x7f0ad39d,0xf69cc8ba,0xa0a57c70,0x00000098 } },
-    /* 200 */
-    { { 0x00fd5286,0xd9c50cf4,0x72a4b03c,0x1ea5b9d5,0x051ae73e,0xf5e60f9e,
-        0x951b3824,0xfe9b5142,0x9fb4d667,0xb034b2d0,0xedc50856,0x4b537a80,
-        0x8cb0022e,0x69ee1012,0x6a548aee,0x7c8b9e5c,0x000000ed },
-      { 0xd933619b,0x746007bc,0x2b9dfe19,0x0ce7668e,0xcc6e2a2e,0xa9eed5d3,
-        0x7eebf32f,0x35a14f5f,0x67cc4f64,0x75cb898d,0x7850c16c,0xcb2185fc,
-        0x45f79c96,0x09874a76,0x27db4744,0x7468f8ae,0x00000139 } },
-    /* 201 */
-    { { 0xc88684f6,0xc5de68ad,0x619a7dbf,0x7c1edaab,0xb27a18f5,0x258d1735,
-        0x8ecd89eb,0xb27e7b65,0xd879f7ea,0x3d8889c6,0x67d5befb,0xa8fdc96d,
-        0x37bad73c,0xc84d86ae,0xce8e56d7,0xc7e91976,0x000001a4 },
-      { 0x6319ffa6,0x5001a540,0x134ec04c,0x0cae64ec,0xd541242c,0x1f69a96c,
-        0xbf2caeee,0x9da259ee,0x28bee805,0x88e7978c,0xb8e890e4,0xe9484beb,
-        0xfb227fd9,0x0e5246d0,0x625d6318,0x8be2a54a,0x000001b7 } },
-    /* 202 */
-    { { 0xf472f13a,0xa223554a,0x5733e91c,0xfac993b7,0x96c168a2,0x26afe9f0,
-        0x4b127535,0x7cfe761d,0xe77070ca,0x84301873,0xc7e7cdf6,0x66b6aaad,
-        0xa1562ed4,0xda2dd5ea,0x39faf8d8,0xa81a2e00,0x00000016 },
-      { 0x4e3de3bf,0xa880759c,0x52f3088a,0x0c1e2e11,0xaa7eba5b,0xcb2ded9a,
-        0x9f9c11ca,0x4c65d553,0xb0dc5c19,0x0ab9bd87,0xca3f4b61,0xd32f8c96,
-        0x28cb5f9f,0x49842fcc,0xb90e21df,0x31ae27cc,0x000000f4 } },
-    /* 203 */
-    { { 0x6a0ccd0a,0x3b2a0a0d,0x5993b555,0xa3eeec82,0x9de672a6,0xb13486fd,
-        0x0da05dcf,0x8d9c5148,0x6739874d,0xc4aa444d,0xe29a35c9,0xd9cf35b2,
-        0x89177ead,0xd6bd9b5f,0x2a0470a1,0x9af0f59d,0x000001d6 },
-      { 0xba7535fd,0xb2f844c7,0xa842ff39,0x45bd4c3d,0xe951974b,0x5fe149ed,
-        0xfd4453ec,0x6982e997,0xe6c37c0e,0xa63f705d,0xd2c3ef6a,0x09b0f6a9,
-        0x1776a8d6,0xbedd3586,0xede11b78,0x4048a46a,0x00000176 } },
-    /* 204 */
-    { { 0x51a251d1,0xa47c6ee5,0x0d279dfd,0xbef4bf12,0xec518a28,0x4c2d538c,
-        0x3880be6e,0x1b2b7887,0x1be9b20b,0xc69ccf8e,0x3796a19e,0xe41dfeae,
-        0xfb50bdea,0x25676fc9,0x03e180c0,0x8b815a05,0x0000016a },
-      { 0x53f5ef65,0x2ca085f6,0x77b25105,0x61dfbbf9,0xa3346fe6,0x88ea87e3,
-        0x1b95f7ef,0x25ddfdee,0x5b65eaec,0x22074e69,0x4c2e023b,0x11869a15,
-        0x42e83bb5,0x8601b577,0xfa877e7d,0x1464652c,0x00000015 } },
-    /* 205 */
-    { { 0x57fa58f1,0x250853c8,0x4ca4c670,0xb58a4e68,0x1b81f40d,0x07b96d0a,
-        0x558e8cbd,0xa4651e10,0x42e388cf,0x1a64046e,0x44436088,0x51b0d539,
-        0xe26b8fd0,0xc2bf35b3,0x5702cfce,0x4ae78709,0x000000fd },
-      { 0xdf53d498,0x3c79bc29,0x1137f624,0x4cf31c4e,0x17a3cedf,0x93b6856c,
-        0x6cd9115d,0x2461131c,0x9228cddb,0xab30a453,0x8d202bf1,0xe97757b6,
-        0xe6108612,0xa666de7c,0x4f6026b4,0xc200fe65,0x00000051 } },
-    /* 206 */
-    { { 0xb1a2b4b5,0xea96103c,0x843c0968,0x98dccbfe,0x986ffb5b,0x6a37072d,
-        0x169d3ac2,0x2fa07af2,0x771371f1,0x8bb85b9a,0xe7c299ef,0xeae10d34,
-        0xe2372efc,0x3d4bdc69,0x8dd856f1,0x378df75d,0x00000039 },
-      { 0xde7ff5d9,0x31e902ff,0x325a09ca,0x0e9a85d2,0xf4192fcd,0xd71b93a6,
-        0x15b076b3,0xf52a5737,0x6e711d1c,0xd726aa86,0x2c292819,0x0b61b1df,
-        0xc8015de6,0x224e575c,0x18b79e47,0x68e893e1,0x000001dc } },
-    /* 207 */
-    { { 0x6ffeda73,0xb7924ff9,0xa0da2018,0xe709f406,0xf89584df,0x368e20ea,
-        0x8355a040,0x0095112e,0xfd777d7c,0x259d4528,0x2bf8f2c8,0xb0c49565,
-        0x44c5311b,0x7f631928,0x8466d9d5,0x698d0e4f,0x000000d5 },
-      { 0x015d204d,0xe10d64fa,0x6dd10c53,0x7b626bfa,0xa7698c94,0x087f8e63,
-        0x05337a56,0x525a6547,0xdf5c782f,0x558e2244,0x855fbaff,0x48aa1e41,
-        0x47ee3830,0x48f2218e,0x138463d3,0xf2523959,0x0000004d } },
-    /* 208 */
-    { { 0xd8695310,0x76f4fd69,0x7e8768ea,0xe28eb09f,0xe0d532a8,0x039c1812,
-        0xc572ac79,0xdda67744,0x785d6293,0x1f9800e0,0x3da76bb2,0x2bfe2a5a,
-        0xa2bc7217,0x6ed15b90,0xd1788a8e,0xd80e61bf,0x0000004c },
-      { 0x16730056,0xb9f40370,0xdced3d43,0x46f45fef,0x1aa50742,0x0afd763c,
-        0xff92ae73,0x21e5c652,0x1bb2063f,0x6ef0830d,0x12d22540,0x18306ecc,
-        0x1f15001c,0x4edd9b3a,0xc0cc5424,0xe4eb25b8,0x000001f4 } },
-    /* 209 */
-    { { 0xa1db5c18,0xed61a714,0x7677074c,0x9454e61e,0x7bf685de,0xe970fbe5,
-        0xd2145be5,0x221b0c53,0xee49a5f2,0xb931881b,0x14b11d03,0x00b91afa,
-        0x3ec22137,0xc6aefe49,0x526200af,0x50554e94,0x0000013c },
-      { 0x7364c92e,0xd42c45e7,0x735218e8,0xe0500265,0x84d3f3c5,0xd281da02,
-        0xdbf7646b,0x312f8424,0x485f304f,0xe1a88f2a,0x1127a513,0x583f5631,
-        0x1a60e0bc,0xed7950c7,0x4b7b70a4,0x92855e10,0x000000c6 } },
-    /* 210 */
-    { { 0x644614e7,0x8d06185c,0x4749a424,0x2e906cae,0x2587e528,0x585412ea,
-        0xd12857cd,0x3763990a,0xba5593b5,0x770c7f70,0xdd5d2a46,0xc2cf6dc4,
-        0x3b69a1ba,0x564da456,0x187895da,0x639f7e14,0x000001c8 },
-      { 0xf8589620,0x05c96b02,0x41e44054,0x2fe468a3,0x096ad09c,0xbf22da11,
-        0x9c652aee,0xbc73c298,0x547e1b8f,0xcdef9f8b,0x977dbf73,0x7073785a,
-        0x7e13552d,0x0a92a1aa,0x3a393d3f,0x22761140,0x0000015b } },
-    /* 211 */
-    { { 0x1fbfaf32,0x89a5a7b0,0xbe661d21,0x5c5a62d0,0xf5e3b44d,0x47970f5e,
-        0xf43bbf62,0x3ea001ed,0x260ae5a0,0xa8e74285,0x2697c62c,0xeb899ebd,
-        0x751a7643,0x36a003e6,0xba0725a6,0xef178c51,0x000000ea },
-      { 0x9bd51f28,0xaacf8e9f,0xa8712044,0x39febbdb,0x5bfc8365,0x8780ad3a,
-        0x10e6f08f,0x408a34cd,0x8241ab0e,0x8104ca10,0x98a662a1,0x843e71ce,
-        0x232048d6,0x9dce8514,0x1cf3d187,0x5cba23be,0x000001fa } },
-    /* 212 */
-    { { 0x2973a15c,0x2fe8c9d2,0xd42979f3,0x66fec8dd,0x0b6afb3e,0x39af4a39,
-        0xab65ef22,0x0bb1e436,0x66c5fcdb,0x8f26201e,0x5af4870b,0x3cffe8a3,
-        0x2bb44e24,0x65ae286f,0x51dd1722,0xda2e283a,0x00000114 },
-      { 0xc1e3d708,0x4a9c9a56,0x1cb0efa6,0x4fe62d3f,0x97e87540,0xf0702984,
-        0x3cea46fa,0x138b7d6b,0x83886263,0x0780634e,0x71c30909,0x27e84280,
-        0xe5838647,0xf0af79d7,0xb236a267,0xc1b86582,0x00000104 } },
-    /* 213 */
-    { { 0xa526c894,0x32ff09ed,0x14ac7d23,0x95abf120,0x3cd92934,0xb6f94dcd,
-        0x92e6b556,0xffaaeb12,0x1036c31b,0x193796ea,0x707ff32e,0xa9d237e7,
-        0x829d67b8,0xd65a5b0d,0xdb29248b,0x48edb556,0x000001b3 },
-      { 0xded46575,0x6ee9f9b2,0xffa69acf,0x496ca08a,0xf16d37d1,0xd5aeb3a1,
-        0x789e5d01,0x4a507db1,0xc827cc45,0x05e2ce29,0x2964e677,0x29b6e4a5,
-        0x4c0e46f2,0x0563b0ba,0x4bc46485,0xe75c2448,0x000000a3 } },
-    /* 214 */
-    { { 0xd2f6615d,0x0fcb476f,0xd98da9a9,0x4b7f9b78,0xd2bdf107,0xe2fddf1c,
-        0x9b956f31,0x2bda3086,0xb596eadf,0xf3cca2f7,0x355b2538,0x91c09f8b,
-        0xc6c846db,0x46f3f6f3,0x2a14642e,0x9bb9398e,0x000001ff },
-      { 0xa17bd645,0x5118d4f5,0xdbd6d552,0x57033eab,0x734d0957,0x007e86fc,
-        0x5f53c435,0x98ca065f,0xfd27dd19,0x9949d9bf,0x6952d1ca,0xddc4e304,
-        0x81ac101c,0x84cab4fb,0x4a56b007,0x46d079f9,0x00000003 } },
-    /* 215 */
-    { { 0xa6bfdedd,0x95eb8e4f,0x7a74c6f9,0x993a285e,0x3d09a252,0x8bd5d4d1,
-        0x19a5f767,0xeaa10be6,0x0cebb340,0xd3db083e,0x1dbf7a83,0xc633a78b,
-        0xc30f23e1,0x2664bc3e,0x07a08379,0x6630f8f1,0x000001c9 },
-      { 0xdef86a80,0xbbf4cb4b,0x3f8259ab,0x1fa4ec78,0x609532c8,0xa4bf7604,
-        0x8b909e92,0x71bb7acc,0x17884160,0xca1d7317,0xca1ab928,0x7f7f14be,
-        0x5f8455a5,0xbfea016e,0xbf21e899,0x7b8c76b9,0x0000002d } },
-    /* 216 */
-    { { 0x4b9f8e7d,0x46860563,0x63fc58a8,0x201176b7,0x2feed68a,0xe7a5da7e,
-        0x65183190,0xcc67763e,0xe9377ad6,0x7d7d0102,0x77032321,0xccfc4720,
-        0x534bb505,0x573ee031,0x0f1a2769,0x1bf1ef8c,0x000000f3 },
-      { 0x0c935667,0x635f5c4b,0x060d2b8b,0x74152c39,0x37c3a574,0xeffaac2e,
-        0x0b72e0cd,0xfd5fcc4c,0xf4f60247,0xb743f9b9,0x79e16f33,0x05c2e354,
-        0x3074ef9c,0xa2234c47,0x495aace3,0x4092f279,0x00000124 } },
-    /* 217 */
-    { { 0xb30f9170,0x5bfd7851,0x37fce5b1,0x715aa1e9,0x928437b9,0xcffd55e0,
-        0xc32f1273,0x88acd259,0x48be1e34,0x5a145cf2,0x7a5bc62b,0x3a340860,
-        0x18156f46,0x6296eb15,0x2774e1c3,0x397fad19,0x000001e7 },
-      { 0x9c8225b5,0x362f99f4,0x46b77c4d,0x33efce49,0x8541e91b,0x451df530,
-        0x38f3d693,0x0bd2d934,0xe727b54e,0x0b5de2d6,0x7622d940,0x42d929c2,
-        0x56f6a94b,0x36ace723,0xfccaf205,0x64a18cd5,0x00000044 } },
-    /* 218 */
-    { { 0xaba95d63,0x8dbe0aab,0x7b4b346d,0x92780c61,0x0e0d8142,0x6430f863,
-        0xb56ef04c,0x875be02a,0x785e3633,0xc28feb95,0xc12c93e4,0xd5401795,
-        0xe36f82a3,0x89ff51c1,0x10eeafd6,0x3c48c895,0x0000016b },
-      { 0xd4f064be,0x79287eba,0x54ebda99,0x1a77d555,0x623727ea,0x46745ef2,
-        0x89f366c6,0xa911f591,0xc59d6ebd,0x7e5435cd,0x7524d213,0x3a84daea,
-        0x4395b38d,0xc7b1dd1c,0x1a823c49,0xca13e704,0x0000001c } },
-    /* 219 */
-    { { 0x874d64b0,0x6399860c,0x1653ce0c,0x3375b092,0xeaa11986,0x16700000,
-        0x621cd15d,0x62c67909,0x77d70dcd,0xbe1d7dd6,0x305bd4cd,0xeff0f270,
-        0x362f8f30,0x076ec621,0x7e445b78,0x81204816,0x000001d8 },
-      { 0x161f9758,0x81749a0e,0xa3c4fce2,0xe60915fe,0x911dd8af,0xf537ce41,
-        0x79a51a09,0xfe36a8ac,0x2ca5cf8e,0x67fb54b4,0xe49057f5,0x1bdcae07,
-        0xa4244b64,0xb71ff0c5,0x4b606583,0x4815a536,0x00000106 } },
-    /* 220 */
-    { { 0xef39cc39,0x78c69c3e,0xfa6356d1,0x98304564,0x412fb990,0xbd3c3542,
-        0x79dbb2a5,0xa1d531d3,0xe7e75e3d,0x4865f188,0x0b0147b1,0x2dac4e22,
-        0x33d29ab0,0xf59e51ca,0x37b074ef,0xc964f7fe,0x000000f1 },
-      { 0x0e301262,0x7080c0a6,0x5390a22d,0x9a458060,0xcc8a9029,0xda677f9a,
-        0x14c0f1c2,0xdfae9057,0x6e66d9f7,0x3665ff16,0x47846924,0xc866dd8c,
-        0xc4cc307c,0xc5afe98f,0xe0bf50e4,0x60e3ba63,0x00000039 } },
-    /* 221 */
-    { { 0x959ecdb3,0x1a785136,0xf9e959be,0x289af617,0xcde0dc88,0x5145b2b8,
-        0x7c079e15,0xfe9070b0,0x50e22415,0xf77f04d3,0x358d6d42,0xb3ab7372,
-        0xba7b629a,0x14fd41b9,0x7400fd25,0x7b32d80e,0x00000193 },
-      { 0x7147886f,0xe5d80d4d,0x576c81ca,0xe08ced61,0x642717bb,0xe14e8692,
-        0xabb4bd21,0x9dcdf198,0x6530308b,0x658be646,0xd99d19c7,0xfbf192da,
-        0x304ab126,0x55a3d1b3,0xfa24de31,0x943f4be5,0x0000000e } },
-    /* 222 */
-    { { 0x7fe9ea48,0xc5424058,0x61b57486,0xaf24f825,0x78719740,0x9d2c413c,
-        0x70eb874d,0x27a9be79,0xb62ba3aa,0x43fef8e0,0x2c1bf0ac,0x0a23f286,
-        0x4af130e1,0x51c276f3,0xae55cebf,0xf6cd1e9a,0x00000185 },
-      { 0x40369093,0x24defa7f,0x58581e0a,0x11f1d9d6,0xe512ed9e,0x9900bf33,
-        0xed120896,0xbf8a8459,0x8b73c399,0x8324555e,0x8f6f54fe,0x54a30569,
-        0x3c252355,0x2a9d6da5,0x2a093b31,0xe6a6f904,0x0000016a } },
-    /* 223 */
-    { { 0x152cdd35,0xb2e123c9,0x86402ef1,0xae6e43a8,0xb9ce5bd5,0x892bf0df,
-        0x75804914,0xb4acb84a,0xf502eec2,0x8c7f55ff,0xaa33ef4e,0x9c8a7b93,
-        0xfd9d2001,0x06b10357,0x0ba3bceb,0x3e319ff0,0x00000027 },
-      { 0xabe360a3,0x182c2f77,0xadfefca6,0x57ef5c84,0x650b6fcc,0x9a4f0ca6,
-        0xaaf0b202,0x3f4f8e56,0xa24ef156,0x5c8508a0,0x1ea45f13,0xd8f62fd9,
-        0x28036dbe,0xf2c923a0,0x1a4d103b,0x4a9ca4c0,0x0000018a } },
-    /* 224 */
-    { { 0x5448e339,0x2a3fb798,0x18a39976,0xde8770cf,0x7a69170c,0x1160574d,
-        0x2b6067ac,0x4bb05c59,0x848138ab,0xde0d2db0,0x4909e794,0x149dab92,
-        0x790315f7,0x83a336b6,0xa335a258,0xcd9074d9,0x0000013c },
-      { 0xac1b784d,0xe839c5e0,0xee527ae1,0xab65c8c6,0xa1c88ec0,0xd3c86146,
-        0x46c1bf58,0x2201f790,0x3fda502a,0x71cec627,0x225b9065,0xff3f88eb,
-        0xc556dfcd,0x6c1f0c98,0x484fa5cc,0xaa3222aa,0x000000ac } },
-    /* 225 */
-    { { 0xc9b4dfd6,0x17e74bc3,0xf8e76293,0x25ba8053,0x9d8c3520,0x0307dc05,
-        0xb85a20b4,0x1c9036cc,0x23871359,0xf2c63f0a,0xca95fb4e,0x1a99d9d8,
-        0x9850c6c6,0x3d7c4f39,0x68299668,0x162969c9,0x00000169 },
-      { 0xcb63ee53,0x7d13c267,0x75eac353,0x67b12e61,0x191abfca,0xb3369a11,
-        0xee1af69f,0x5ad0649d,0x11dc11e7,0x4d7a6f00,0xdb9f9765,0x80f030b8,
-        0xf0ab1332,0xa20001a3,0x39d8cc62,0xe17c98d2,0x00000194 } },
-    /* 226 */
-    { { 0x1d8fe898,0x720d80b4,0x32184534,0x8d7a28b7,0x04f21740,0xf1f3c385,
-        0x166aa6af,0x5d381cd5,0xcc560e35,0x9cde6084,0x5e61e2cd,0xcb041f0a,
-        0xd9b4951a,0x621116f5,0x7ee2ac2c,0x509e16d3,0x000000c4 },
-      { 0x2c6fd79e,0xb82a20c4,0x3af78b0e,0x95b7ee4e,0xbad819ca,0x3d9b63c1,
-        0x98552569,0x10d674de,0xf9c19d0f,0x17de64b2,0x47c5e6a9,0xa03fabaf,
-        0x2ce2db6f,0x858bc4ad,0x1fc9d18e,0x76c2380a,0x000000c9 } },
-    /* 227 */
-    { { 0xb064f114,0x91171ef8,0x4f2f0f4c,0x83cb1565,0x57b262b7,0x30525854,
-        0x0f34936c,0x468c6701,0x99a41fed,0xef26d2fe,0xa7f7f6a9,0xf6da2267,
-        0xa01bfc1b,0x2563b8db,0xc340ed40,0x14b36c85,0x0000000e },
-      { 0x25db67e6,0x5e57e264,0x7f2e905f,0x85df4e89,0x026c4268,0x7832e514,
-        0x3e875093,0x312be262,0x3c538691,0x856b5bd8,0x95734f9d,0x5b1cae55,
-        0xd5aa4861,0x5a07bfe2,0xce8abb58,0x7a4c96f0,0x000001d0 } },
-    /* 228 */
-    { { 0x523aa2e9,0x7bf54d05,0xed3d0860,0xc8841e0c,0x7f9bfb69,0x5683f6e2,
-        0x162bdf85,0xdcb07f44,0x07b0dcc9,0x62d17839,0x657a536e,0xa2cbb8ab,
-        0x7cf47d3c,0x98b9a0d2,0x5eea6370,0xff154d68,0x000001f2 },
-      { 0x56b232ac,0x568b768a,0x3f2a52ab,0x4e8d6e36,0x8837fc60,0xbae87a16,
-        0xd10a7691,0xebc58a83,0xf9455fbe,0xad5e4af0,0x7d654e2e,0x1a20d6c3,
-        0xda7c8255,0x8c40fcb9,0x60d9b931,0x6d7b3cd7,0x000000b2 } },
-    /* 229 */
-    { { 0xbb2eaf45,0x7b090c3e,0x62ffb92f,0xed24d91c,0xa736f23d,0xbf2a3ea4,
-        0x6ff0fde3,0xb5b99ebd,0xca1102f5,0xbca2b55d,0x07e032a8,0xf6203cd8,
-        0xa8bf17a8,0x5410b448,0xe1dc55b1,0xb86660a7,0x00000109 },
-      { 0x02a2fbd8,0xb148b1da,0x3b22e8a5,0xfed85e8b,0x8712b509,0x1378a0e4,
-        0xc6a3e516,0x68560148,0x1633b503,0x7100921c,0x25512711,0x93925143,
-        0x07d31047,0x7b4931d2,0x8542e0bb,0x623e722b,0x000000ea } },
-    /* 230 */
-    { { 0x24972688,0x084823d3,0x003f5762,0x58b83c12,0x6d0d4528,0x194d6690,
-        0x2c6f747e,0x84219584,0x0146d89a,0xc8f8a2e9,0x7451bbc2,0x29ec1de7,
-        0xf7f284fa,0xf622b6b8,0x7b71e44f,0x83f1dbe9,0x00000060 },
-      { 0x999dd56b,0x99649333,0x97a47de9,0x2cfac0ba,0xbbe8fb20,0x6660d8ae,
-        0xf61d7bca,0x47c29dd8,0x85adc14d,0x6f5fb51d,0x4f9fd41c,0xe65ac788,
-        0xff513e6c,0x1ce69dd4,0xffe59d3e,0x1ace591e,0x00000023 } },
-    /* 231 */
-    { { 0xa9fda771,0x2e67a438,0x8663100e,0x626f652c,0xe133f23b,0xdfb19e48,
-        0x035d2d1f,0x599f88f2,0x8d13e878,0x1723a112,0xfb51ce07,0x890aa292,
-        0xbbd9ba82,0xe5f3a70e,0x374514b4,0xdde82673,0x00000155 },
-      { 0xd6f59a95,0x08b2b77e,0x02020420,0x93f853e3,0xebac7797,0x52252ac1,
-        0xb56b6676,0x6ecdcb99,0x9722a500,0x4abdb9f9,0x04e2bad0,0x26210f3f,
-        0x3034dd4d,0x0ca5a0ff,0xdac0b80d,0x333d8080,0x00000041 } },
-    /* 232 */
-    { { 0x35a85a06,0xe8510709,0x42ef1b44,0x4e166e76,0xa07b3a6d,0x84a90b71,
-        0x30329e6a,0xd6dd6c00,0x3d555259,0x20c4ba65,0x6f8ad05e,0xee3b26af,
-        0x2ab4cccd,0x20e3d541,0xa9406424,0x79798934,0x000001bd },
-      { 0x8e0c7ff0,0xf2a1d184,0x9543b340,0xbae85efc,0xf51d318b,0xe96431ae,
-        0x75878fa6,0xe5d3ed4e,0xc2895f52,0x4d2a29db,0x1f11067c,0x3af27877,
-        0x9e7f4ee5,0x6ccde964,0xa56d74da,0x35188da1,0x00000192 } },
-    /* 233 */
-    { { 0x03d310ed,0xb0832120,0x987b0311,0xd20ee8cc,0x84c558a8,0x9e549d26,
-        0xb7167ec8,0x5e25f3ce,0x4bf55bb5,0xacf114f4,0x061c9017,0x819edc77,
-        0xdeb343c0,0x759a44e6,0x04c9b5ed,0x58df9f7e,0x00000078 },
-      { 0x3bf13222,0x4fa47ebb,0xea07da11,0x1e451dcd,0xc0d8242f,0x1be9fac3,
-        0x36eb871e,0x93257d4d,0xbea3190d,0xf49e775a,0x4ebe2b33,0x406d191f,
-        0x0c110096,0x67aac53c,0xd381ac78,0x5215cf8b,0x000001f4 } },
-    /* 234 */
-    { { 0xfa493b79,0x387e8a8e,0x4eb1c2ac,0xb20e270b,0x9ff22320,0x9f393fa0,
-        0xa91c393d,0x5ee1baae,0x138a8d96,0xdeda961a,0x97bd50e4,0x69ab238c,
-        0x2363c8e0,0xff68d48a,0xce4c4c16,0xaf8e00e5,0x00000158 },
-      { 0xcfc509a1,0x6ccdcf06,0xc26cc075,0x60f411ef,0x4d9c57f0,0x6d0cdfd6,
-        0x32e99cac,0xa9514853,0x8b8e9510,0x58f9ab3d,0xb10dc3fd,0xa7e98709,
-        0x75ef3509,0x8390843d,0x5a9312c7,0x28ccc9d0,0x000001b6 } },
-    /* 235 */
-    { { 0xe341463f,0x1d934f00,0x150da7a0,0x14c8a6ce,0x4109553f,0xdb4860fc,
-        0xa93f4a91,0xc23bde5a,0x2cd58067,0x9f47c787,0x8433dc80,0x1d330054,
-        0x75a32a7d,0x0c0be7f9,0x88c75da9,0x08b777d5,0x0000012e },
-      { 0x61a10d37,0xdfc12817,0x5c50f5a5,0xed7b6181,0x79477c60,0x28af95db,
-        0x33c5310b,0xa0aa2b77,0x53118267,0x905faab8,0x6b41959f,0xf40e9816,
-        0x16b37784,0x9ccb4252,0x69866acc,0x6835d77c,0x000000c5 } },
-    /* 236 */
-    { { 0x2b450a66,0xe9d714cb,0x7dbfdc14,0x1318885c,0xb466a0c0,0x655a8d85,
-        0x5bdfc1a6,0x02a21e99,0xe67792d1,0x7a0d7c98,0xb550a797,0x2a01bb57,
-        0x5d74d337,0x42c46233,0x88dad495,0x7be4e1c0,0x0000008b },
-      { 0x95812273,0x1873b03f,0xee3f757f,0x2e26ed32,0x6da6217a,0x2c710eae,
-        0x261d9f4f,0x9b50b574,0xb7c1da2d,0x43971fa9,0xc4a85de7,0x22c4fb87,
-        0xec22137b,0xf72c3451,0x77ba1926,0x1345668c,0x00000173 } },
-    /* 237 */
-    { { 0x8a3ba183,0x3e3e8c7a,0xfe389fa7,0x4e8cebbb,0x0f9ba60f,0x8ea44687,
-        0xcb601a83,0x55176e35,0x12e52db4,0xf90bdc26,0x8f712bf1,0x95f9e459,
-        0xbea054cd,0x9bd3200f,0xdd5fd40b,0x2cf19bf6,0x0000017a },
-      { 0x66736feb,0x71cf6ca2,0xde7cfe2f,0xbde86f49,0xfc290563,0xc60abce8,
-        0x726b6e4f,0xaae8a3ce,0x3f29235b,0xd2382445,0x650ffa5e,0xa4b557f5,
-        0x113ef744,0xa1453e54,0x3e426dd2,0x7c676a53,0x000001b0 } },
-    /* 238 */
-    { { 0x35d96872,0xf5e603f2,0x3fa5b8ca,0xab1a23cc,0xe988dc5f,0x5459871b,
-        0xd430c0bd,0xe32e8489,0x764d9cc3,0x7ec269e0,0xf2c0c40d,0xf7238212,
-        0x887b83b4,0x2d946183,0x2f18a411,0x281fa671,0x00000010 },
-      { 0x64858b37,0x8028048f,0x357de5d9,0xe0e149af,0x619ebb18,0xb2218791,
-        0x9f2b0ba0,0x210200b3,0x1039cbae,0x5a87eae6,0x39579d1d,0x4efdcddb,
-        0x2788515e,0x1b388eaa,0xc81878aa,0x1a552c3c,0x0000002c } },
-    /* 239 */
-    { { 0x0ea723dc,0x7ac7f500,0x42b15231,0x0a5f04f4,0xbe885c86,0x63d49445,
-        0xff119702,0x61f9993f,0xc4c58cea,0xc3fba45c,0xb9cd6036,0xe6d151e6,
-        0x57b923bb,0x75a3ab15,0xceb2fd46,0x4ec07c52,0x00000147 },
-      { 0xed88239d,0xc46a3d32,0x835ae694,0x0d1b8ae6,0x9feeb2e7,0xf4fde325,
-        0x43bc0bb5,0x223bf71c,0x8f62a705,0x3cd220b7,0x9fe799a5,0x2224860e,
-        0x24ab7f93,0xd8558703,0xb594958b,0x8e0f7330,0x0000010f } },
-    /* 240 */
-    { { 0x3c67d520,0xaf35c7bb,0x23fca9ec,0xd8f4958b,0x8bbaa808,0x0778f194,
-        0x2135e8ae,0x418c30ce,0xc888eff7,0xcdd8d9a9,0xf73144ab,0x72075df0,
-        0x4506a534,0xb549c895,0x5fbb7fc5,0x4ef38979,0x0000011c },
-      { 0x43f5e698,0x3fe2c9ac,0xe38a5e3a,0xce77fcbc,0x3089c2e1,0x6d05c90e,
-        0xac1d5801,0x5a74f3ff,0x381b9d2a,0xaeeda220,0xf5f3960b,0xd958b143,
-        0x0db7abbe,0x65ffd051,0x7a05b718,0x8e97e680,0x000000ce } },
-    /* 241 */
-    { { 0x8ce86a83,0x2251e61b,0xbf7e7160,0x8604159f,0x48f03377,0xfc127dd7,
-        0x45052242,0x87cb2c37,0x934ea09b,0xbd4950f4,0xc4679441,0x5146c403,
-        0x23ba416a,0xe8ad4710,0xaf638eb1,0x89b81a60,0x000001b3 },
-      { 0xe8150c69,0xe699934e,0xe27c14bc,0x74f75908,0x6a0194ff,0x5dc0a891,
-        0x1bd51b76,0x38f49d32,0x18779630,0x6bc3305e,0xfd3b4a68,0xfe2f3fbf,
-        0xd7caf189,0x1409b377,0x9b8f109b,0x029ea13b,0x000001b3 } },
-    /* 242 */
-    { { 0x25a2fd88,0xef7938d2,0xceba0603,0x890f2f7c,0xd7a6dff4,0x4c3e1c80,
-        0x2883f986,0x00c78f36,0x998e5305,0xed92b592,0x325ddc73,0x018a8f1b,
-        0xd5d3708a,0x6dffd987,0x0d1f28bb,0xdcd3554f,0x00000059 },
-      { 0x23a74e7d,0x17c6e41d,0x5db32df6,0x94b61ebe,0x9e7ffa0b,0x3c2fffa7,
-        0x2ebb7a0d,0x473662b7,0x01adf9c3,0xa86415ee,0x54679264,0x1502c326,
-        0x2fa09c57,0x16911349,0x24749086,0x897f34aa,0x00000195 } },
-    /* 243 */
-    { { 0xabadc253,0x4845d359,0xc797c95e,0xe054b92c,0x9a218212,0x22a9b5bd,
-        0xa52b8827,0x9bb80a5e,0x2e61c676,0xea38e78e,0x08b0f8b3,0xfb274b1a,
-        0xdb9d854c,0xb6aa42e3,0x56012d73,0x8ba22523,0x00000163 },
-      { 0x75c8c576,0x7cec0e6f,0xe4bc7dd2,0xabb20e7c,0x69d80726,0x0958a0c8,
-        0x8a023eb7,0xa908c66a,0x76110b15,0xca9f50ea,0x186f61a6,0x668c9994,
-        0x2a0a69d8,0x9ddf22ed,0xbbf8a10f,0xbfee1897,0x000001e0 } },
-    /* 244 */
-    { { 0x48319e4f,0x26d86818,0x5a586fa0,0x6be6f6b5,0x26713265,0xbef5d886,
-        0x98529cfa,0xac252ac5,0x62b29cfb,0xe7cc45f1,0xa2a6358d,0xee050609,
-        0x2940ac70,0xf7cb9ca4,0xa885b1f0,0xfb44aaec,0x000001ad },
-      { 0xe798678e,0x66b7a936,0x99540438,0xca01e103,0x816860b7,0xf2491e37,
-        0xb745d857,0xeeffd483,0xa4705ed6,0x5dbb3628,0xb2a5d0f7,0x57d68d49,
-        0x2389fee3,0xd1a8529a,0x1a7fd686,0xdbbc2549,0x000001ad } },
-    /* 245 */
-    { { 0x969686a3,0xe10cba20,0xe3c053f5,0x308b1c55,0x26f47102,0x1712b134,
-        0x49033038,0x1f9165b1,0x2d01527b,0x45b72017,0xaa9a34e2,0x6fcf6647,
-        0xb0be35c8,0x51f54b94,0x5a15e382,0xfccb22a5,0x000000e3 },
-      { 0x5b4dc0be,0xaa71e4ec,0xdb1cd5c4,0xbb136248,0x046e1007,0xf36bff43,
-        0xda9c99a3,0x5a6806d7,0x8349bc50,0x9cbfc6ee,0xe13e0850,0x26871e73,
-        0x67f448c1,0x5e6aa227,0x2da7baf9,0xba77787c,0x000001b9 } },
-    /* 246 */
-    { { 0xc5a73375,0x1abe58ee,0x7a8ac438,0x175df69d,0xceca835a,0x2cf3150a,
-        0xf507d30f,0xb87b0609,0xc60b0424,0x9ae53a2b,0x410f90ec,0x4931e182,
-        0xadd689bb,0x452c7d0f,0x47631a8e,0xab453491,0x00000013 },
-      { 0x8c84f3af,0xaf2dd856,0x1baae33e,0x829dc092,0x8b96b070,0x46542a85,
-        0xe8a82516,0x42260d40,0x5c35322b,0xb9e5edac,0x39eda0d2,0xbca79560,
-        0xb962b90a,0x86bd07c6,0xb1ec5302,0x2e22dac7,0x0000010a } },
-    /* 247 */
-    { { 0x239d8f0a,0x665fc09d,0xab8a1021,0x92b2e03c,0x0173477b,0xe4369768,
-        0x8e361604,0xab38ed9f,0x9eb061be,0x79b0091d,0x3e845670,0xcd422654,
-        0x2fe1a2e0,0xa0f77ec7,0x760a030f,0x1d242162,0x00000093 },
-      { 0xf8646bc3,0xfa9f834c,0x40ae96f9,0x7df94a52,0x379177d1,0x901c3890,
-        0xffeb66cd,0x9dfd0644,0x77b92465,0x81aec2ec,0xcd981d4f,0x2df3b7f2,
-        0xf377b093,0xc9bc3f69,0xdd859d8b,0xdaef34f3,0x00000125 } },
-    /* 248 */
-    { { 0xa2c123bc,0xac08451b,0x0818fa54,0xd1e83a68,0x98957b8a,0x56dd5702,
-        0xf0f12f16,0xcc7f2e34,0x0a9fa14d,0x1f6a9c33,0xb2fe782c,0xefc9a2bb,
-        0x709f54dd,0xd319c697,0xd6460a53,0x0b8238cb,0x000001dc },
-      { 0x44dfb6f6,0xf6492901,0x6e401d26,0x270d7cb4,0x48537ad8,0x1a70a40e,
-        0x70d8dbd9,0x84d661b5,0xf170d58b,0xca27223a,0x6344e1d2,0xeeb4cf14,
-        0xab9de1fa,0x2255fc95,0xdbdc5ea7,0xcd6e110a,0x000001f8 } },
-    /* 249 */
-    { { 0x78b8a0a7,0x2a57c6b9,0xe833edea,0x24b4aeb6,0x4bd13fe7,0x9e4617c1,
-        0xfc2e8ee4,0xc4186888,0xfb147eef,0x8d398a49,0x2e662cfb,0xe9f191f1,
-        0x958ba2ec,0x61872289,0x00b8d50d,0xbd6d0f1b,0x0000002d },
-      { 0x24c93cc9,0x895cfdfe,0xb9e718e7,0x29ed7780,0x38baf7eb,0x01c8ba58,
-        0x4ddcbf69,0x0225387e,0xa180d6bb,0x64b250bf,0xc947c7c2,0x6d68e548,
-        0x9923f3cd,0x82a7b632,0x2d103cd2,0xb8f03613,0x0000000f } },
-    /* 250 */
-    { { 0x8cd9d494,0x8198b3f0,0x94f4f9f3,0x9b2065b9,0x3c738fa9,0x7664a220,
-        0xd8d229cb,0x199f4c14,0xc51c54b3,0xddad75c4,0xd213a332,0x9a32ce0b,
-        0x888c7b2f,0xf3a21085,0x5b1ff20a,0x6defa362,0x000000d1 },
-      { 0x19a296eb,0x44e00548,0xd1a91313,0x1d94ff15,0xfeaa454f,0xd7dead2b,
-        0x4d40bd7f,0xae65a803,0x1801a4af,0x604f147e,0xa5e0de77,0x983048f9,
-        0xff572ca0,0xa3b19ca5,0x1821d117,0xa237dba7,0x000000e0 } },
-    /* 251 */
-    { { 0x91630ee8,0xedbabf84,0x05eb5301,0xde6589c2,0xa051f47b,0x9f7d2b2d,
-        0x212bbe81,0xaeaa9f96,0x94292124,0xdced3d5e,0xf4435e5b,0x691f5b89,
-        0x9411f66f,0x19604c33,0x4356f0da,0xb7fc09ca,0x000000e6 },
-      { 0xf74f811c,0x1294e413,0xdf8d8ddb,0x1a42d831,0x963418c9,0x27f57217,
-        0x88ebcdec,0x5fde5218,0xea305bc9,0xfdd5e06e,0xac668b61,0xed1e6088,
-        0xeb811861,0x333af016,0x15ddcebc,0x5ecb192d,0x000001c9 } },
-    /* 252 */
-    { { 0xe0bde442,0x927b37a3,0x66f7a73e,0xe0543fe8,0x8ed10c2e,0xd30d9d20,
-        0xa6617a32,0xaf79c341,0xd1d5cf8b,0xe7367870,0xe3abcf8b,0x02d0dce9,
-        0x772b5e7b,0xfe23d2dd,0x1ffc70c5,0x29fceea0,0x0000010b },
-      { 0x62d803ff,0x31bcae4d,0xdbc306a9,0x93ee913f,0xd8c10662,0xaf1de7ab,
-        0xe7a6d658,0xd485782a,0x102f4e06,0x9126592e,0x136fafe6,0x91a3127f,
-        0x88371213,0x46b93440,0xa31e1634,0x53bb4380,0x000000ba } },
-    /* 253 */
-    { { 0xca5636b0,0x62e517fc,0x6aba15c7,0x4296e021,0x212e7b2d,0x5aa8fd7c,
-        0x5717ad84,0x9517ce6d,0x98b2f357,0xe762b85b,0xdf59b07c,0x42f996b5,
-        0xf37ef6f0,0xf3732abb,0x4542b489,0xa5d145ea,0x0000015d },
-      { 0xaa7f6e3f,0x1e77c55e,0xaa4a05bc,0x3f4d99a7,0x45828227,0xa56d7d77,
-        0x77b748fb,0xdb0895fb,0x0629f5d1,0x1c484cce,0x359803fb,0xf5b1c90a,
-        0x1720b8d0,0x43ac4f29,0x72ac13f2,0x8c10bfe8,0x000000e9 } },
-    /* 254 */
-    { { 0xc06c4fd6,0x9d1c4785,0xd25c2b9d,0xbf4b9025,0xd4982f24,0x04135eb1,
-        0xba4fef2b,0x3ab3edc2,0x98de07ab,0x55a5239f,0x096f4b7d,0xd5fc49ab,
-        0x3844c815,0xc50a2960,0x15676b2b,0xdb1148d0,0x00000047 },
-      { 0x10f3bad9,0xc49f9cc5,0x022901d4,0x490888fc,0xc47b44df,0x917a55eb,
-        0xf39f2b68,0x20b2ebc6,0x04e9962a,0x0c58e3af,0x573dd5b7,0x52ab7c1b,
-        0xa329f76c,0x2b54add6,0x82f4ca3b,0x59dad1eb,0x00000108 } },
-    /* 255 */
-    { { 0xa182d1ad,0x662c4128,0x20916c45,0x7751796e,0xba681647,0xa7704272,
-        0xb92c85c1,0xfac8b0fa,0xaefb2e07,0x207ab2df,0x7861b32d,0xc73530a0,
-        0x88aed145,0x63dbed65,0x0a53a49d,0x547bcdca,0x000000bd },
-      { 0x87056b51,0xa7c1382f,0x130f9912,0xc3d91edb,0xd3805b42,0xf7c7de46,
-        0xfd31a995,0x456101eb,0xcd3fb8aa,0x1efd22b4,0x9eb17bce,0xfe391df7,
-        0x616c0c32,0xb4d4c0c6,0x711beef4,0x19f023be,0x00000112 } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^65, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_17(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_17(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, km);
-
-            err = sp_521_ecc_mulmod_base_17(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 17 + 17 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17 + 17 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 17;
-
-        sp_521_from_mp(k, 17, km);
-        sp_521_point_from_ecc_point_17(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_17(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_17(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_521_proj_point_add_17(point, point, addP, tmp);
-
-        if (map) {
-                sp_521_map_17(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_17(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-/* Add 1 to a. (a = a + 1)
- *
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_add_one_17(sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADDS	r1, r1, #0x1\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1, r2, r3, r4}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "ADCS	r2, r2, #0x0\n\t"
-        "ADCS	r3, r3, #0x0\n\t"
-        "ADCS	r4, r4, #0x0\n\t"
-        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
-        "LDM	%[a], {r1}\n\t"
-        "ADCS	r1, r1, #0x0\n\t"
-        "STM	%[a]!, {r1}\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4"
-    );
-}
-
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_17(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 17, buf, (int)sizeof(buf));
-            if (sp_521_cmp_17(k, p521_order2) <= 0) {
-                sp_521_add_one_17(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 17);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_17(rng, k);
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_base_17(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_17(point->x) || sp_521_iszero_17(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_17(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-    sp_digit k[17];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_17(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_17(ctx->point->x) ||
-                    sp_521_iszero_17(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_17(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_17(sp_digit* r, byte* a)
-{
-    int i;
-    int j = 0;
-
-    a[j++] = r[16] >> 8;
-    a[j++] = r[16] >> 0;
-    for (i = 15; i >= 0; i--) {
-        a[j++] = r[i] >> 24;
-        a[j++] = r[i] >> 16;
-        a[j++] = r[i] >> 8;
-        a[j++] = r[i] >> 0;
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 17);
-    int err = MP_OKAY;
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 17, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 17, priv);
-        sp_521_point_from_ecc_point_17(point, pub);
-            err = sp_521_ecc_mulmod_17(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_17(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-    };
-    sp_digit k[17];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 17, priv);
-            sp_521_point_from_ecc_point_17(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_17(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_rshift_17(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register byte n __asm__ ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "RSB	r7, %[n], #0x20\n\t"
-        "LDRD	r4, r5, [%[a]]\n\t"
-        "LSR	r4, r4, %[n]\n\t"
-        "LSL	r3, r5, r7\n\t"
-        "LSR	r5, r5, %[n]\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r6, [%[a], #8]\n\t"
-        "STR	r4, [%[a]]\n\t"
-        "LSL	r3, r6, r7\n\t"
-        "LSR	r6, r6, %[n]\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "LSL	r3, r4, r7\n\t"
-        "LSR	r4, r4, %[n]\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r5, [%[a], #16]\n\t"
-        "STR	r6, [%[a], #8]\n\t"
-        "LSL	r3, r5, r7\n\t"
-        "LSR	r5, r5, %[n]\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r6, [%[a], #20]\n\t"
-        "STR	r4, [%[a], #12]\n\t"
-        "LSL	r3, r6, r7\n\t"
-        "LSR	r6, r6, %[n]\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "STR	r5, [%[a], #16]\n\t"
-        "LSL	r3, r4, r7\n\t"
-        "LSR	r4, r4, %[n]\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r5, [%[a], #28]\n\t"
-        "STR	r6, [%[a], #20]\n\t"
-        "LSL	r3, r5, r7\n\t"
-        "LSR	r5, r5, %[n]\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r6, [%[a], #32]\n\t"
-        "STR	r4, [%[a], #24]\n\t"
-        "LSL	r3, r6, r7\n\t"
-        "LSR	r6, r6, %[n]\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "STR	r5, [%[a], #28]\n\t"
-        "LSL	r3, r4, r7\n\t"
-        "LSR	r4, r4, %[n]\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r5, [%[a], #40]\n\t"
-        "STR	r6, [%[a], #32]\n\t"
-        "LSL	r3, r5, r7\n\t"
-        "LSR	r5, r5, %[n]\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r6, [%[a], #44]\n\t"
-        "STR	r4, [%[a], #36]\n\t"
-        "LSL	r3, r6, r7\n\t"
-        "LSR	r6, r6, %[n]\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "STR	r5, [%[a], #40]\n\t"
-        "LSL	r3, r4, r7\n\t"
-        "LSR	r4, r4, %[n]\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r5, [%[a], #52]\n\t"
-        "STR	r6, [%[a], #44]\n\t"
-        "LSL	r3, r5, r7\n\t"
-        "LSR	r5, r5, %[n]\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r6, [%[a], #56]\n\t"
-        "STR	r4, [%[a], #48]\n\t"
-        "LSL	r3, r6, r7\n\t"
-        "LSR	r6, r6, %[n]\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "STR	r5, [%[a], #52]\n\t"
-        "LSL	r3, r4, r7\n\t"
-        "LSR	r4, r4, %[n]\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r5, [%[a], #64]\n\t"
-        "STR	r6, [%[a], #56]\n\t"
-        "LSL	r3, r5, r7\n\t"
-        "LSR	r5, r5, %[n]\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "STRD	r4, r5, [%[r], #60]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r7"
-    );
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_17(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register byte n __asm__ ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "RSB	r7, %[n], #0x1f\n\t"
-        "LDR	r5, [%[a], #64]\n\t"
-        "LSR	r6, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r6, r6, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "STR	r6, [%[r], #68]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #56]\n\t"
-        "STR	r5, [%[r], #64]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #52]\n\t"
-        "STR	r4, [%[r], #60]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "STR	r6, [%[r], #56]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #44]\n\t"
-        "STR	r5, [%[r], #52]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #40]\n\t"
-        "STR	r4, [%[r], #48]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "STR	r6, [%[r], #44]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #32]\n\t"
-        "STR	r5, [%[r], #40]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #28]\n\t"
-        "STR	r4, [%[r], #36]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "STR	r6, [%[r], #32]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #20]\n\t"
-        "STR	r5, [%[r], #28]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #16]\n\t"
-        "STR	r4, [%[r], #24]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "STR	r6, [%[r], #20]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #8]\n\t"
-        "STR	r5, [%[r], #16]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "STR	r4, [%[r], #12]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "STR	r6, [%[r], #8]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "STR	r4, [%[r]]\n\t"
-        "STR	r5, [%[r], #4]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r7"
-    );
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r_p,
-    const sp_digit* a_p, byte n_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_lshift_34(sp_digit* r,
-    const sp_digit* a, byte n)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register byte n __asm__ ("r2") = (byte)n_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "RSB	r7, %[n], #0x1f\n\t"
-        "LDR	r5, [%[a], #132]\n\t"
-        "LSR	r6, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r6, r6, r7\n\t"
-        "LDR	r4, [%[a], #128]\n\t"
-        "STR	r6, [%[r], #136]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #124]\n\t"
-        "STR	r5, [%[r], #132]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #120]\n\t"
-        "STR	r4, [%[r], #128]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "STR	r6, [%[r], #124]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #112]\n\t"
-        "STR	r5, [%[r], #120]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #108]\n\t"
-        "STR	r4, [%[r], #116]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "STR	r6, [%[r], #112]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #100]\n\t"
-        "STR	r5, [%[r], #108]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #96]\n\t"
-        "STR	r4, [%[r], #104]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "STR	r6, [%[r], #100]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #88]\n\t"
-        "STR	r5, [%[r], #96]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #84]\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "STR	r6, [%[r], #88]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #76]\n\t"
-        "STR	r5, [%[r], #84]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #72]\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "STR	r6, [%[r], #76]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #64]\n\t"
-        "STR	r5, [%[r], #72]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #60]\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "STR	r6, [%[r], #64]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #52]\n\t"
-        "STR	r5, [%[r], #60]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #48]\n\t"
-        "STR	r4, [%[r], #56]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "STR	r6, [%[r], #52]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #40]\n\t"
-        "STR	r5, [%[r], #48]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #36]\n\t"
-        "STR	r4, [%[r], #44]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "STR	r6, [%[r], #40]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #28]\n\t"
-        "STR	r5, [%[r], #36]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #24]\n\t"
-        "STR	r4, [%[r], #32]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "STR	r6, [%[r], #28]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #16]\n\t"
-        "STR	r5, [%[r], #24]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a], #12]\n\t"
-        "STR	r4, [%[r], #20]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "STR	r6, [%[r], #16]\n\t"
-        "LSR	r3, r4, #1\n\t"
-        "LSL	r4, r4, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "LDR	r6, [%[a], #4]\n\t"
-        "STR	r5, [%[r], #12]\n\t"
-        "LSR	r3, r6, #1\n\t"
-        "LSL	r6, r6, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r4, r4, r3\n\t"
-        "LDR	r5, [%[a]]\n\t"
-        "STR	r4, [%[r], #8]\n\t"
-        "LSR	r3, r5, #1\n\t"
-        "LSL	r5, r5, %[n]\n\t"
-        "LSR	r3, r3, r7\n\t"
-        "ORR	r6, r6, r3\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "STR	r6, [%[r], #4]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r3", "r7"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x40\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_sub_in_pkace_17_word:\n\t"
-#else
-    "L_sp_521_sub_in_pkace_17_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_521_sub_in_pkace_17_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_521_sub_in_pkace_17_word\n\t"
-#else
-        "BNE.N	L_sp_521_sub_in_pkace_17_word_%=\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2}\n\t"
-        "LDM	%[b]!, {r6}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "STM	%[a]!, {r2}\n\t"
-        "SBC	%[a], %[a], %[a]\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#else
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2}\n\t"
-        "LDM	%[b]!, {r6}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "STM	%[a]!, {r2}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_mul_d_17_word:\n\t"
-#else
-    "L_sp_521_mul_d_17_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x44\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_521_mul_d_17_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_521_mul_d_17_word\n\t"
-#else
-        "BLT.N	L_sp_521_mul_d_17_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #68]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_mul_d_17(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "STR	r5, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1_p,
-    sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_521_word_17_bit:\n\t"
-#else
-    "L_div_521_word_17_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_521_word_17_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_521_word_17_bit\n\t"
-#else
-        "BPL.N	L_div_521_word_17_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<17; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-    r[16] = a[16] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[35];
-    sp_digit t2[18];
-    sp_digit sd[18];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-    div = (d[16] << 23) | (d[15] >> 9);
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 17);
-    r1 = sp_521_cmp_17(&t1[17], d) >= 0;
-    sp_521_cond_sub_17(&t1[17], &t1[17], d, (sp_digit)0 - r1);
-    sp_521_lshift_17(sd, d, 23);
-    sp_521_lshift_34(t1, t1, 23);
-
-    for (i = 16; i >= 0; i--) {
-        sp_digit hi = t1[17 + i] - (t1[17 + i] == div);
-        r1 = div_521_word_17(hi, t1[17 + i - 1], div);
-
-        sp_521_mul_d_17(t2, sd, r1);
-        t1[17 + i] += sp_521_sub_in_place_17(&t1[i], t2);
-        t1[17 + i] -= t2[17];
-        sp_521_mask_17(t2, sd, t1[17 + i]);
-        t1[17 + i] += sp_521_add_17(&t1[i], &t1[i], t2);
-        sp_521_mask_17(t2, sd, t1[17 + i]);
-        t1[17 + i] += sp_521_add_17(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_521_cmp_17(t1, sd) >= 0;
-    sp_521_cond_sub_17(r, t1, sd, (sp_digit)0 - r1);
-    sp_521_rshift_17(r, r, 23);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_521_div_17(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_17(r, a, b);
-    sp_521_mont_reduce_order_17(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word32 p521_order_minus_2[17] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU,0xffffffffU,0xffffffffU,0xffffffffU,
-    0xffffffffU,0xffffffffU,0xffffffffU,0xffffffffU,0x000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word32 p521_order_low[9] = {
-    0x91386407U,0xbb6fb71eU,0x899c47aeU,0x3bb5c9b8U,0xf709a5d0U,0x7fcc0148U,
-    0xbf2f966bU,0x51868783U,0xfffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_17(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_17(r, a);
-    sp_521_mont_reduce_order_17(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_17(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_17(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_17(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_17_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_17_ctx;
-static int sp_521_mont_inv_order_17_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_17_ctx* ctx = (sp_521_mont_inv_order_17_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_17_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 17);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_17(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 32] & ((sp_int_digit)1 << (ctx->i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 17U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_17(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 17);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_17(t, t);
-        if ((p521_order_minus_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 17U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 17;
-    sp_digit* t3 = td + 4 * 17;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_17(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_17(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_17(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_17(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_17(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_17(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_17(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_17(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_17(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_17(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_17(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_17(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_17(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_17(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_17(t2, t2);
-        if ((p521_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_521_mont_mul_order_17(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_17(t2, t2);
-    sp_521_mont_mul_order_17(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_17(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int32 c;
-    sp_digit* kInv = k;
-
-    /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_17(k, k, p521_norm_order);
-    err = sp_521_mod_17(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_17(k);
-
-        /* kInv = 1/k mod order */
-            sp_521_mont_inv_order_17(kInv, k, tmp);
-        sp_521_norm_17(kInv);
-
-        /* s = r * x + e */
-            sp_521_mul_17(x, x, r);
-        err = sp_521_mod_17(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_17(x);
-        carry = sp_521_add_17(s, e, x);
-        sp_521_cond_sub_17(s, s, p521_order, 0 - carry);
-        sp_521_norm_17(s);
-        c = sp_521_cmp_17(s, p521_order);
-        sp_521_cond_sub_17(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(s);
-
-        /* s = s * k^-1 mod order */
-            sp_521_mont_mul_order_17(s, s, kInv);
-        sp_521_norm_17(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 17);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int32 c;
-    int err = MP_OKAY;
-    int i;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 17;
-        k = e + 4 * 17;
-        r = e + 6 * 17;
-        tmp = e + 8 * 17;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_17(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 17, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-                err = sp_521_ecc_mulmod_base_17(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 17U);
-            sp_521_norm_17(r);
-            c = sp_521_cmp_17(r, p521_order);
-            sp_521_cond_sub_17(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_17(r);
-
-            if (!sp_521_iszero_17(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 17, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 17, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_17(e, e, 7);
-                }
-
-                err = sp_521_calc_s_17(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_17(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 17, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-        sp_521_mont_inv_order_17_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*17];
-    sp_digit x[2*17];
-    sp_digit k[2*17];
-    sp_digit r[2*17];
-    sp_digit tmp[3 * 2*17];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_17(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 17, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int32 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 17U);
-        sp_521_norm_17(ctx->r);
-        c = sp_521_cmp_17(ctx->r, p521_order);
-        sp_521_cond_sub_17(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 17, priv);
-        sp_521_from_bin(ctx->e, 17, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_17(ctx->e, ctx->e, 7);
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_17(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_17(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_17(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_17_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_17(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_17(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_17(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int32 c;
-        sp_521_norm_17(ctx->x);
-        carry = sp_521_add_17(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_17(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_17(ctx->s);
-        c = sp_521_cmp_17(ctx->s, p521_order);
-        sp_521_cond_sub_17(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_17(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_17(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_17(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_17(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 17U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 17U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r11, #0x0\n\t"
-        "ADD	r12, %[a], #0x40\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_sub_17_word:\n\t"
-#else
-    "L_sp_521_sub_17_word_%=:\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	r11, r3, r3\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_521_sub_17_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_521_sub_17_word\n\t"
-#else
-        "BNE.N	L_sp_521_sub_17_word_%=\n\t"
-#endif
-        "RSBS	r11, r11, #0x0\n\t"
-        "LDM	%[a]!, {r3}\n\t"
-        "LDM	%[b]!, {r7}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_521_sub_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3}\n\t"
-        "LDM	%[b]!, {r7}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_521_div2_mod_17(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r4}\n\t"
-        "ANDS	r3, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_div2_mod_17_even_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_div2_mod_17_even\n\t"
-#else
-        "BEQ.N	L_sp_521_div2_mod_17_even_%=\n\t"
-#endif
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4}\n\t"
-        "LDM	%[m]!, {r8}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "ADC	r3, r12, r12\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_div2_mod_17_div2_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_div2_mod_17_div2\n\t"
-#else
-        "B.N	L_sp_521_div2_mod_17_div2_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_div2_mod_17_even:\n\t"
-#else
-    "L_sp_521_div2_mod_17_even_%=:\n\t"
-#endif
-        "LDM	%[a]!, {r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4}\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_div2_mod_17_div2:\n\t"
-#else
-    "L_sp_521_div2_mod_17_div2_%=:\n\t"
-#endif
-        "SUB	%[r], %[r], #0x44\n\t"
-        "LDRD	r8, r9, [%[r]]\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #8]\n\t"
-        "STR	r8, [%[r]]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #12]\n\t"
-        "STR	r9, [%[r], #4]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #16]\n\t"
-        "STR	r10, [%[r], #8]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #20]\n\t"
-        "STR	r8, [%[r], #12]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #24]\n\t"
-        "STR	r9, [%[r], #16]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #28]\n\t"
-        "STR	r10, [%[r], #20]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #32]\n\t"
-        "STR	r8, [%[r], #24]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #36]\n\t"
-        "STR	r9, [%[r], #28]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #40]\n\t"
-        "STR	r10, [%[r], #32]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #44]\n\t"
-        "STR	r8, [%[r], #36]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #48]\n\t"
-        "STR	r9, [%[r], #40]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #52]\n\t"
-        "STR	r10, [%[r], #44]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "LDR	r10, [%[r], #56]\n\t"
-        "STR	r8, [%[r], #48]\n\t"
-        "ORR	r9, r9, r10, lsl #31\n\t"
-        "LSR	r10, r10, #1\n\t"
-        "LDR	r8, [%[r], #60]\n\t"
-        "STR	r9, [%[r], #52]\n\t"
-        "ORR	r10, r10, r8, lsl #31\n\t"
-        "LSR	r8, r8, #1\n\t"
-        "LDR	r9, [%[r], #64]\n\t"
-        "STR	r10, [%[r], #56]\n\t"
-        "ORR	r8, r8, r9, lsl #31\n\t"
-        "LSR	r9, r9, #1\n\t"
-        "ORR	r9, r9, r3, lsl #31\n\t"
-        "STR	r8, [%[r], #60]\n\t"
-        "STR	r9, [%[r], #64]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-}
-
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static int sp_521_num_bits_17(const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	r1, [%[a], #64]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_16_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_16\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_16_%=\n\t"
-#endif
-        "MOV	r2, #0x220\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_16:\n\t"
-#else
-    "L_sp_521_num_bits_17_16_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #60]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_15_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_15\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_15_%=\n\t"
-#endif
-        "MOV	r2, #0x200\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_15:\n\t"
-#else
-    "L_sp_521_num_bits_17_15_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #56]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_14_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_14\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_14_%=\n\t"
-#endif
-        "MOV	r2, #0x1e0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_14:\n\t"
-#else
-    "L_sp_521_num_bits_17_14_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #52]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_13_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_13\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_13_%=\n\t"
-#endif
-        "MOV	r2, #0x1c0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_13:\n\t"
-#else
-    "L_sp_521_num_bits_17_13_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #48]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_12_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_12\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_12_%=\n\t"
-#endif
-        "MOV	r2, #0x1a0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_12:\n\t"
-#else
-    "L_sp_521_num_bits_17_12_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #44]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_11_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_11\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_11_%=\n\t"
-#endif
-        "MOV	r2, #0x180\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_11:\n\t"
-#else
-    "L_sp_521_num_bits_17_11_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #40]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_10_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_10\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_10_%=\n\t"
-#endif
-        "MOV	r2, #0x160\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_10:\n\t"
-#else
-    "L_sp_521_num_bits_17_10_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #36]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_9_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_9\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_9_%=\n\t"
-#endif
-        "MOV	r2, #0x140\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_9:\n\t"
-#else
-    "L_sp_521_num_bits_17_9_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #32]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_8_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_8\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_8_%=\n\t"
-#endif
-        "MOV	r2, #0x120\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_8:\n\t"
-#else
-    "L_sp_521_num_bits_17_8_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #28]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_7_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_7\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_7_%=\n\t"
-#endif
-        "MOV	r2, #0x100\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_7:\n\t"
-#else
-    "L_sp_521_num_bits_17_7_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #24]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_6_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_6\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_6_%=\n\t"
-#endif
-        "MOV	r2, #0xe0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_6:\n\t"
-#else
-    "L_sp_521_num_bits_17_6_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #20]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_5_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_5\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_5_%=\n\t"
-#endif
-        "MOV	r2, #0xc0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_5:\n\t"
-#else
-    "L_sp_521_num_bits_17_5_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #16]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_4_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_4\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_4_%=\n\t"
-#endif
-        "MOV	r2, #0xa0\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_4:\n\t"
-#else
-    "L_sp_521_num_bits_17_4_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #12]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_3_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_3\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_3_%=\n\t"
-#endif
-        "MOV	r2, #0x80\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_3:\n\t"
-#else
-    "L_sp_521_num_bits_17_3_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #8]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_2_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_2\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_2_%=\n\t"
-#endif
-        "MOV	r2, #0x60\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_2:\n\t"
-#else
-    "L_sp_521_num_bits_17_2_%=:\n\t"
-#endif
-        "LDR	r1, [%[a], #4]\n\t"
-        "CMP	r1, #0x0\n\t"
-#if defined(__GNUC__)
-        "BEQ	L_sp_521_num_bits_17_1_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BEQ.N	L_sp_521_num_bits_17_1\n\t"
-#else
-        "BEQ.N	L_sp_521_num_bits_17_1_%=\n\t"
-#endif
-        "MOV	r2, #0x40\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-#if defined(__GNUC__)
-        "B	L_sp_521_num_bits_17_18_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "B.N	L_sp_521_num_bits_17_18\n\t"
-#else
-        "B.N	L_sp_521_num_bits_17_18_%=\n\t"
-#endif
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_1:\n\t"
-#else
-    "L_sp_521_num_bits_17_1_%=:\n\t"
-#endif
-        "LDR	r1, [%[a]]\n\t"
-        "MOV	r2, #0x20\n\t"
-        "CLZ	r4, r1\n\t"
-        "SUB	r4, r2, r4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_521_num_bits_17_18:\n\t"
-#else
-    "L_sp_521_num_bits_17_18_%=:\n\t"
-#endif
-        "MOV	%[a], r4\n\t"
-        : [a] "+r" (a)
-        :
-        : "memory", "cc", "r1", "r2", "r3", "r4", "r5"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[17];
-    sp_digit v[17];
-    sp_digit b[17];
-    sp_digit d[17];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_521_num_bits_17(u);
-    vt = sp_521_num_bits_17(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_521_rshift1_17(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_521_rshift1_17(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_521_rshift1_17(v, v);
-            sp_521_div2_mod_17(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
-            sp_521_sub_17(u, u, v);
-            o = sp_521_sub_17(b, b, d);
-            if (o != 0)
-                sp_521_add_17(b, b, m);
-            ut = sp_521_num_bits_17(u);
-
-            do {
-                sp_521_rshift1_17(u, u);
-                sp_521_div2_mod_17(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_521_sub_17(v, v, u);
-            o = sp_521_sub_17(d, d, b);
-            if (o != 0)
-                sp_521_add_17(d, d, m);
-            vt = sp_521_num_bits_17(v);
-
-            do {
-                sp_521_rshift1_17(v, v);
-                sp_521_div2_mod_17(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-
-        sp_521_proj_point_add_17(p1, p1, p2, tmp);
-    if (sp_521_iszero_17(p1->z)) {
-        if (sp_521_iszero_17(p1->x) && sp_521_iszero_17(p1->y)) {
-                sp_521_proj_point_dbl_17(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            p1->x[9] = 0;
-            p1->x[10] = 0;
-            p1->x[11] = 0;
-            p1->x[12] = 0;
-            p1->x[13] = 0;
-            p1->x[14] = 0;
-            p1->x[15] = 0;
-            p1->x[16] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_17(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_17(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-        sp_521_mul_17(s, s, p521_norm_order);
-        err = sp_521_mod_17(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_17(s);
-#ifdef WOLFSSL_SP_SMALL
-        {
-            sp_521_mont_inv_order_17(s, s, tmp);
-            sp_521_mont_mul_order_17(u1, u1, s);
-            sp_521_mont_mul_order_17(u2, u2, s);
-        }
-#else
-        {
-            sp_521_mont_mul_order_17(u1, u1, s);
-            sp_521_mont_mul_order_17(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-        {
-            err = sp_521_ecc_mulmod_base_17(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_17(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-            err = sp_521_ecc_mulmod_17(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_17(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_17(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 17);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int32 c = 0;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 17;
-        s   = u1 + 4 * 17;
-        tmp = u1 + 6 * 17;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 17, hash, (int)hashLen);
-        sp_521_from_mp(u2, 17, rm);
-        sp_521_from_mp(s, 17, sm);
-        sp_521_from_mp(p2->x, 17, pX);
-        sp_521_from_mp(p2->y, 17, pY);
-        sp_521_from_mp(p2->z, 17, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_17(u1, u1, 7);
-        }
-
-        err = sp_521_calc_vfy_point_17(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 17, rm);
-        err = sp_521_mod_mul_norm_17(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-            sp_521_mont_sqr_17(p1->z, p1->z, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_17(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_17(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 17, rm);
-            carry = sp_521_add_17(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_17(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_17(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_17(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                {
-                    sp_521_mont_mul_17(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_17(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_17_ctx mulmod_ctx;
-        sp_521_mont_inv_order_17_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_17_ctx dbl_ctx;
-        sp_521_proj_point_add_17_ctx add_ctx;
-    };
-    sp_digit u1[2*17];
-    sp_digit u2[2*17];
-    sp_digit s[2*17];
-    sp_digit tmp[2*17 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 17, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 17, rm);
-        sp_521_from_mp(ctx->s, 17, sm);
-        sp_521_from_mp(ctx->p2.x, 17, pX);
-        sp_521_from_mp(ctx->p2.y, 17, pY);
-        sp_521_from_mp(ctx->p2.z, 17, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_17(ctx->u1, ctx->u1, 7);
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_17(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_17(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_17(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_17_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_17(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_17(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_17(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_17_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_17(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_17_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 17, rm);
-        err = sp_521_mod_mul_norm_17(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_17(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_17(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int32 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_17(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 17, rm);
-            carry = sp_521_add_17(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_17(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_17(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_17(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_17(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_17(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_17(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 17 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 17 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 17;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_17(t1, point->y);
-        (void)sp_521_mod_17(t1, t1, p521_mod);
-        sp_521_sqr_17(t2, point->x);
-        (void)sp_521_mod_17(t2, t2, p521_mod);
-        sp_521_mul_17(t2, t2, point->x);
-        (void)sp_521_mod_17(t2, t2, p521_mod);
-        sp_521_mont_sub_17(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_17(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_17(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 17, pX);
-        sp_521_from_mp(pub->y, 17, pY);
-        sp_521_from_bin(pub->z, 17, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_17(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 17);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 17, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 17, pX);
-        sp_521_from_mp(pub->y, 17, pY);
-        sp_521_from_bin(pub->z, 17, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 17, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_17(pub->x) != 0) &&
-            (sp_521_iszero_17(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_17(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_17(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_17(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_521_ecc_mulmod_17(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_17(p->x) == 0) ||
-                             (sp_521_iszero_17(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_521_ecc_mulmod_base_17(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_17(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_17(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        sp_521_from_mp(q->x, 17, qX);
-        sp_521_from_mp(q->y, 17, qY);
-        sp_521_from_mp(q->z, 17, qZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-        q->infinity = sp_521_iszero_17(q->x) &
-                      sp_521_iszero_17(q->y);
-
-            sp_521_proj_point_add_17(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-
-            sp_521_proj_point_dbl_17(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 17 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 17 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 17, pX);
-        sp_521_from_mp(p->y, 17, pY);
-        sp_521_from_mp(p->z, 17, pZ);
-        p->infinity = sp_521_iszero_17(p->x) &
-                      sp_521_iszero_17(p->y);
-
-            sp_521_map_17(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word32 p521_sqrt_power[17] = {
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-    0x00000000,0x00000000,0x00000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_17(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 17);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 17, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 17);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_17(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 32] & ((sp_digit)1 << (i % 32)))
-                    sp_521_mont_mul_17(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 17);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 17);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 17, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 17;
-
-        sp_521_from_mp(x, 17, xm);
-        err = sp_521_mod_mul_norm_17(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_521_mont_sqr_17(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_17(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        sp_521_mont_sub_17(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_17(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_17(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_17(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 17, 0, 17U * sizeof(sp_digit));
-        sp_521_mont_reduce_17(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_17(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 32];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 32];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 32];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifndef WOLFSSL_SP_SMALL
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x40\n\t"
-        /* A[0] * B[0] */
-        "LDR	r11, [%[a]]\n\t"
-        "LDR	r12, [%[b]]\n\t"
-        "UMULL	r3, r4, r11, r12\n\t"
-        "MOV	r5, #0x0\n\t"
-        "STR	r3, [sp]\n\t"
-        /* A[0] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[0] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #4]\n\t"
-        /* A[2] * B[0] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[1] */
-        "LDR	r11, [%[a], #4]\n\t"
-        "LDR	r12, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[2] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #8]\n\t"
-        /* A[0] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[2] */
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[1] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[0] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #12]\n\t"
-        /* A[4] * B[0] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[1] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[2] */
-        "LDR	r11, [%[a], #8]\n\t"
-        "LDR	r12, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[3] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[4] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #16]\n\t"
-        /* A[0] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[4] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[2] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[1] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[0] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #20]\n\t"
-        /* A[6] * B[0] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[1] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[2] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[3] */
-        "LDR	r11, [%[a], #12]\n\t"
-        "LDR	r12, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[4] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[5] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[0] * B[6] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #24]\n\t"
-        /* A[0] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[6] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[5] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[4] */
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[3] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[2] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[1] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[0] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #28]\n\t"
-        /* A[8] * B[0] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[1] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[2] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[3] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[4] */
-        "LDR	r11, [%[a], #16]\n\t"
-        "LDR	r12, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[5] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[6] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[7] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[8] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #32]\n\t"
-        /* A[0] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[8] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[7] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[6] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[4] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[3] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[2] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[1] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[0] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #36]\n\t"
-        /* A[10] * B[0] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[1] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[2] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[3] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[4] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[5] */
-        "LDR	r11, [%[a], #20]\n\t"
-        "LDR	r12, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[6] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[7] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[8] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[9] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[0] * B[10] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #40]\n\t"
-        /* A[0] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[10] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[9] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[8] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[7] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[6] */
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[5] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[4] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[3] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[2] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[1] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[0] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #44]\n\t"
-        /* A[12] * B[0] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[1] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[2] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[3] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[4] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[5] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[6] */
-        "LDR	r11, [%[a], #24]\n\t"
-        "LDR	r12, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[7] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[8] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[9] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[10] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[11] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[0] * B[12] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #48]\n\t"
-        /* A[0] * B[13] */
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[12] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[11] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[10] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[9] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[8] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[6] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[5] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[4] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[3] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[2] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[1] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[0] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #52]\n\t"
-        /* A[14] * B[0] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[1] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[2] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[3] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[4] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[5] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[6] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[7] */
-        "LDR	r11, [%[a], #28]\n\t"
-        "LDR	r12, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[8] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[9] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[10] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[11] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[2] * B[12] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * B[13] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[0] * B[14] */
-        "LDR	r8, [%[a]]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [sp, #56]\n\t"
-        /* A[0] * B[15] */
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[1] * B[14] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[2] * B[13] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[12] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[11] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[10] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[9] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[8] */
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[7] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[6] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[5] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[4] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[3] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[2] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[1] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[0] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b]]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [sp, #60]\n\t"
-        /* A[15] * B[1] */
-        "LDR	r9, [%[b], #4]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[2] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[3] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[4] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[5] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[6] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[7] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[8] */
-        "LDR	r11, [%[a], #32]\n\t"
-        "LDR	r12, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[9] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[10] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[11] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[4] * B[12] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[3] * B[13] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[2] * B[14] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * B[15] */
-        "LDR	r8, [%[a], #4]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #64]\n\t"
-        /* A[2] * B[15] */
-        "LDR	r8, [%[a], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[3] * B[14] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[4] * B[13] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[12] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[11] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[10] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[8] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[7] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[6] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[5] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[4] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[3] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[2] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #8]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #68]\n\t"
-        /* A[15] * B[3] */
-        "LDR	r9, [%[b], #12]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[4] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[5] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[6] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[7] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[8] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[9] */
-        "LDR	r11, [%[a], #36]\n\t"
-        "LDR	r12, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[10] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[11] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[6] * B[12] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[5] * B[13] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[4] * B[14] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[3] * B[15] */
-        "LDR	r8, [%[a], #12]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #72]\n\t"
-        /* A[4] * B[15] */
-        "LDR	r8, [%[a], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[5] * B[14] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[6] * B[13] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[12] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[11] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[10] */
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[9] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[8] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[7] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[6] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[5] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[4] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #16]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #76]\n\t"
-        /* A[15] * B[5] */
-        "LDR	r9, [%[b], #20]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[6] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[7] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[8] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[9] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[10] */
-        "LDR	r11, [%[a], #40]\n\t"
-        "LDR	r12, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[11] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[8] * B[12] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[7] * B[13] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[6] * B[14] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[5] * B[15] */
-        "LDR	r8, [%[a], #20]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #80]\n\t"
-        /* A[6] * B[15] */
-        "LDR	r8, [%[a], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[7] * B[14] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[8] * B[13] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[12] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[10] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[9] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[8] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[7] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[6] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #24]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #84]\n\t"
-        /* A[15] * B[7] */
-        "LDR	r9, [%[b], #28]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[8] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[9] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[10] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[11] */
-        "LDR	r11, [%[a], #44]\n\t"
-        "LDR	r12, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[10] * B[12] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[9] * B[13] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[8] * B[14] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[7] * B[15] */
-        "LDR	r8, [%[a], #28]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #88]\n\t"
-        /* A[8] * B[15] */
-        "LDR	r8, [%[a], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[9] * B[14] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[10] * B[13] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[12] */
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[11] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[10] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[9] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[8] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #32]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #92]\n\t"
-        /* A[15] * B[9] */
-        "LDR	r9, [%[b], #36]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[10] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[11] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[12] * B[12] */
-        "LDR	r11, [%[a], #48]\n\t"
-        "LDR	r12, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[11] * B[13] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[10] * B[14] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[9] * B[15] */
-        "LDR	r8, [%[a], #36]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #96]\n\t"
-        /* A[10] * B[15] */
-        "LDR	r8, [%[a], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[11] * B[14] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * B[13] */
-        "LDR	r9, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[12] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[11] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[15] * B[10] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #40]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #100]\n\t"
-        /* A[15] * B[11] */
-        "LDR	r9, [%[b], #44]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[14] * B[12] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * B[13] */
-        "LDR	r11, [%[a], #52]\n\t"
-        "LDR	r12, [%[b], #52]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[12] * B[14] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[11] * B[15] */
-        "LDR	r8, [%[a], #44]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #104]\n\t"
-        /* A[12] * B[15] */
-        "LDR	r8, [%[a], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[13] * B[14] */
-        "LDR	r9, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[14] * B[13] */
-        "LDR	r8, [%[a], #56]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        /* A[15] * B[12] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "LDR	r9, [%[b], #48]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], #108]\n\t"
-        /* A[15] * B[13] */
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[14] * B[14] */
-        "LDR	r11, [%[a], #56]\n\t"
-        "LDR	r12, [%[b], #56]\n\t"
-        "UMULL	r6, r7, r11, r12\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * B[15] */
-        "LDR	r8, [%[a], #52]\n\t"
-        "LDR	r9, [%[b], #60]\n\t"
-        "UMULL	r6, r7, r8, r9\n\t"
-        "ADDS	r4, r4, r6\n\t"
-        "ADCS	r5, r5, r7\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #112]\n\t"
-        /* A[14] * B[15] */
-        "UMULL	r6, r7, r11, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[15] * B[14] */
-        "LDR	r8, [%[a], #60]\n\t"
-        "UMULL	r6, r7, r8, r12\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r5, [%[r], #116]\n\t"
-        /* A[15] * B[15] */
-        "UMLAL	r3, r4, r8, r9\n\t"
-        "STR	r3, [%[r], #120]\n\t"
-        "STR	r4, [%[r], #124]\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	sp!, {r3, r4, r5, r6}\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11",
-            "r12"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x40\n\t"
-        /* A[0] * A[0] */
-        "LDR	r10, [%[a]]\n\t"
-        "UMULL	r8, r3, r10, r10\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r8, [sp]\n\t"
-        /* A[0] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #4]\n\t"
-        /* A[0] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[1] * A[1] */
-        "LDR	r10, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [sp, #8]\n\t"
-        /* A[0] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[1] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [sp, #12]\n\t"
-        /* A[0] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[1] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[2] * A[2] */
-        "LDR	r10, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [sp, #16]\n\t"
-        /* A[0] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #20]\n\t"
-        /* A[0] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[3] */
-        "LDR	r10, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #24]\n\t"
-        /* A[0] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #28]\n\t"
-        /* A[0] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[4] */
-        "LDR	r10, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #32]\n\t"
-        /* A[0] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #36]\n\t"
-        /* A[0] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[5] */
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #40]\n\t"
-        /* A[0] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #44]\n\t"
-        /* A[0] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[6] */
-        "LDR	r10, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #48]\n\t"
-        /* A[0] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [sp, #52]\n\t"
-        /* A[0] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[7] */
-        "LDR	r10, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [sp, #56]\n\t"
-        /* A[0] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a]]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[1] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[2] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [sp, #60]\n\t"
-        /* A[1] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #4]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[2] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[3] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[8] */
-        "LDR	r10, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #64]\n\t"
-        /* A[2] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #8]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[3] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[4] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        /* A[3] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[4] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[5] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[9] */
-        "LDR	r10, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #72]\n\t"
-        /* A[4] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[5] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[6] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #76]\n\t"
-        /* A[5] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[6] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[7] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[10] */
-        "LDR	r10, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        /* A[6] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[7] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[8] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #84]\n\t"
-        /* A[7] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[8] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[9] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[11] */
-        "LDR	r10, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #88]\n\t"
-        /* A[8] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r3, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[9] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[10] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r4, r4, r5\n\t"
-        "ADCS	r2, r2, r6\n\t"
-        "ADC	r3, r3, r7\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        /* A[9] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[10] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[11] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[12] * A[12] */
-        "LDR	r10, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r5\n\t"
-        "ADCS	r3, r3, r6\n\t"
-        "ADC	r4, r4, r7\n\t"
-        "STR	r2, [%[r], #96]\n\t"
-        /* A[10] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "UMULL	r5, r6, r10, r12\n\t"
-        "MOV	r2, #0x0\n\t"
-        "MOV	r7, #0x0\n\t"
-        /* A[11] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* A[12] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r5, r5, r8\n\t"
-        "ADCS	r6, r6, r9\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        "ADDS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADCS	r4, r4, r6\n\t"
-        "ADC	r2, r2, r7\n\t"
-        "STR	r3, [%[r], #100]\n\t"
-        /* A[11] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[12] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* A[13] * A[13] */
-        "LDR	r10, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #104]\n\t"
-        /* A[12] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        /* A[13] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "ADDS	r2, r2, r8\n\t"
-        "ADCS	r3, r3, r9\n\t"
-        "ADC	r4, r4, #0x0\n\t"
-        "STR	r2, [%[r], #108]\n\t"
-        /* A[13] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "MOV	r2, #0x0\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        /* A[14] * A[14] */
-        "LDR	r10, [%[a], #56]\n\t"
-        "UMULL	r8, r9, r10, r10\n\t"
-        "ADDS	r3, r3, r8\n\t"
-        "ADCS	r4, r4, r9\n\t"
-        "ADC	r2, r2, #0x0\n\t"
-        "STR	r3, [%[r], #112]\n\t"
-        /* A[14] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "UMULL	r8, r9, r10, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r2, r2, r9\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        "STR	r4, [%[r], #116]\n\t"
-        /* A[15] * A[15] */
-        "LDR	r10, [%[a], #60]\n\t"
-        "UMLAL	r2, r3, r10, r10\n\t"
-        "STR	r2, [%[r], #120]\n\t"
-        "STR	r3, [%[r], #124]\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        "LDM	sp!, {r2, r3, r4, r8}\n\t"
-        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r12"
-    );
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer and result.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SUBS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	%[a], r9, r9\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADDS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "ADCS	r3, r3, r7\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "MOV	%[r], #0x0\n\t"
-        "ADC	%[r], %[r], #0x0\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit* z0 = r;
-    sp_digit z1[32];
-    sp_digit a1[16];
-    sp_digit b1[16];
-    sp_digit* z2 = r + 32;
-    sp_digit u;
-    sp_digit ca;
-    sp_digit cb;
-
-    ca = sp_1024_add_16(a1, a, &a[16]);
-    cb = sp_1024_add_16(b1, b, &b[16]);
-    u  = ca & cb;
-
-    sp_1024_mul_16(z2, &a[16], &b[16]);
-    sp_1024_mul_16(z0, a, b);
-    sp_1024_mul_16(z1, a1, b1);
-
-    u += sp_1024_sub_in_place_32(z1, z0);
-    u += sp_1024_sub_in_place_32(z1, z2);
-    sp_1024_mask_16(a1, a1, 0 - cb);
-    u += sp_1024_add_16(z1 + 16, z1 + 16, a1);
-    sp_1024_mask_16(b1, b1, 0 - ca);
-    u += sp_1024_add_16(z1 + 16, z1 + 16, b1);
-
-    u += sp_1024_add_32(r + 16, r + 16, z1);
-    XMEMSET(a1 + 1, 0, sizeof(sp_digit) * (16 - 1));
-    a1[0] = u;
-    (void)sp_1024_add_16(r + 48, r + 48, a1);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_16(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SUBS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
-        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
-        "SBC	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
-{
-    sp_digit* z0 = r;
-    sp_digit* z2 = r + 32;
-    sp_digit z1[32];
-    sp_digit* a1 = z1;
-    sp_digit zero[16];
-    sp_digit u;
-    sp_digit mask;
-    sp_digit* p1;
-    sp_digit* p2;
-
-    XMEMSET(zero, 0, sizeof(sp_digit) * 16);
-
-    mask = sp_1024_sub_16(a1, a, &a[16]);
-    p1 = (sp_digit*)(((sp_digit)zero &   mask ) | ((sp_digit)a1 & (~mask)));
-    p2 = (sp_digit*)(((sp_digit)zero & (~mask)) | ((sp_digit)a1 &   mask ));
-    (void)sp_1024_sub_16(a1, p1, p2);
-
-    sp_1024_sqr_16(z2, &a[16]);
-    sp_1024_sqr_16(z0, a);
-    sp_1024_sqr_16(z1, a1);
-
-    u = 0;
-    u -= sp_1024_sub_in_place_32(z1, z2);
-    u -= sp_1024_sub_in_place_32(z1, z0);
-    u += sp_1024_sub_in_place_32(r + 16, z1);
-    zero[0] = u;
-    (void)sp_1024_add_16(r + 48, r + 48, zero);
-}
-
-#else
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x100\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "LDR	r11, [%[b]]\n\t"
-        "UMULL	r8, r6, lr, r11\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mul_32_outer:\n\t"
-#else
-    "L_sp_1024_mul_32_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x7c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mul_32_inner:\n\t"
-#else
-    "L_sp_1024_mul_32_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "LDR	lr, [%[a], r4]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_1024_mul_32_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_1024_mul_32_inner_done\n\t"
-#else
-        "BGT.N	L_sp_1024_mul_32_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_mul_32_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_1024_mul_32_inner\n\t"
-#else
-        "BLT.N	L_sp_1024_mul_32_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[b], r3]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mul_32_inner_done:\n\t"
-#else
-    "L_sp_1024_mul_32_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0xf4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_1024_mul_32_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_1024_mul_32_outer\n\t"
-#else
-        "BLE.N	L_sp_1024_mul_32_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #124]\n\t"
-        "LDR	r11, [%[b], #124]\n\t"
-        "UMLAL	r6, r7, lr, r11\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mul_32_store:\n\t"
-#else
-    "L_sp_1024_mul_32_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_1024_mul_32_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_1024_mul_32_store\n\t"
-#else
-        "BGT.N	L_sp_1024_mul_32_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "SUB	sp, sp, #0x100\n\t"
-        "LDR	lr, [%[a]]\n\t"
-        "UMULL	r8, r6, lr, lr\n\t"
-        "STR	r8, [sp]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r5, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_sqr_32_outer:\n\t"
-#else
-    "L_sp_1024_sqr_32_outer_%=:\n\t"
-#endif
-        "SUBS	r3, r5, #0x7c\n\t"
-        "IT	cc\n\t"
-        "MOVCC	r3, #0x0\n\t"
-        "SUB	r4, r5, r3\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_sqr_32_inner:\n\t"
-#else
-    "L_sp_1024_sqr_32_inner_%=:\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "LDR	r11, [%[a], r4]\n\t"
-        "UMULL	r9, r10, lr, r11\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "ADD	r3, r3, #0x4\n\t"
-        "SUB	r4, r4, #0x4\n\t"
-        "CMP	r3, r4\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_1024_sqr_32_inner_done_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_1024_sqr_32_inner_done\n\t"
-#else
-        "BGT.N	L_sp_1024_sqr_32_inner_done_%=\n\t"
-#endif
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_sqr_32_inner_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_1024_sqr_32_inner\n\t"
-#else
-        "BLT.N	L_sp_1024_sqr_32_inner_%=\n\t"
-#endif
-        "LDR	lr, [%[a], r3]\n\t"
-        "UMULL	r9, r10, lr, lr\n\t"
-        "ADDS	r6, r6, r9\n\t"
-        "ADCS	r7, r7, r10\n\t"
-        "ADC	r8, r8, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_sqr_32_inner_done:\n\t"
-#else
-    "L_sp_1024_sqr_32_inner_done_%=:\n\t"
-#endif
-        "STR	r6, [sp, r5]\n\t"
-        "MOV	r6, r7\n\t"
-        "MOV	r7, r8\n\t"
-        "MOV	r8, #0x0\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0xf4\n\t"
-#if defined(__GNUC__)
-        "BLE	L_sp_1024_sqr_32_outer_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLE.N	L_sp_1024_sqr_32_outer\n\t"
-#else
-        "BLE.N	L_sp_1024_sqr_32_outer_%=\n\t"
-#endif
-        "LDR	lr, [%[a], #124]\n\t"
-        "UMLAL	r6, r7, lr, lr\n\t"
-        "STR	r6, [sp, r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "STR	r7, [sp, r5]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_sqr_32_store:\n\t"
-#else
-    "L_sp_1024_sqr_32_store_%=:\n\t"
-#endif
-        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
-        "SUBS	r5, r5, #0x20\n\t"
-#if defined(__GNUC__)
-        "BGT	L_sp_1024_sqr_32_store_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BGT.N	L_sp_1024_sqr_32_store\n\t"
-#else
-        "BGT.N	L_sp_1024_sqr_32_store_%=\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr",
-            "r11"
-    );
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[32] = {
-    0xfea85feb,0x666d807a,0xac7ace87,0x80c5df10,0x89857db0,0xfce3e823,
-    0x56971f1f,0x9f94d6af,0x1c3c09aa,0xa7cf3c52,0x31852a82,0xb6aff4a8,
-    0x65681ce1,0x512ac5cd,0x326b4cd4,0xe26c6487,0xa666a6d0,0x356d27f4,
-    0xf7c88a19,0xe791b39f,0x31a59cb0,0x228730d5,0xe2fc0f1b,0xf40aab27,
-    0xb3e01a2e,0xbe9ae358,0x9cb48261,0x416c0ce1,0xdad0657a,0x65c61198,
-    0x0a563fda,0x997abb1f
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[32] = {
-    0x0157a015,0x99927f85,0x53853178,0x7f3a20ef,0x767a824f,0x031c17dc,
-    0xa968e0e0,0x606b2950,0xe3c3f655,0x5830c3ad,0xce7ad57d,0x49500b57,
-    0x9a97e31e,0xaed53a32,0xcd94b32b,0x1d939b78,0x5999592f,0xca92d80b,
-    0x083775e6,0x186e4c60,0xce5a634f,0xdd78cf2a,0x1d03f0e4,0x0bf554d8,
-    0x4c1fe5d1,0x41651ca7,0x634b7d9e,0xbe93f31e,0x252f9a85,0x9a39ee67,
-    0xf5a9c025,0x668544e0
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x7c8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[32] = {
-    0xbfaa17fb,0xd99b601e,0x2b1eb3a1,0x203177c4,0xe2615f6c,0xff38fa08,
-    0xd5a5c7c7,0xa7e535ab,0x870f026a,0xa9f3cf14,0x0c614aa0,0x6dabfd2a,
-    0x595a0738,0x144ab173,0xcc9ad335,0x389b1921,0x2999a9b4,0x4d5b49fd,
-    0xfdf22286,0x39e46ce7,0x4c69672c,0xc8a1cc35,0xf8bf03c6,0xbd02aac9,
-    0x2cf8068b,0x6fa6b8d6,0x672d2098,0x905b0338,0x36b4195e,0x99718466,
-    0xc2958ff6,0x265eaec7
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0xeae63895,0x880dc8ab,0x967e0979,0x80ec46c4,0xb63f73ec,0xee9163a5,
-        0x80728d87,0xd5cfb4cc,0xba66910d,0xa7c1514d,0x7a60de74,0xa702c339,
-        0x8b72f2e1,0x337c8654,0x5dd5bccb,0x9760af76,0x406ce890,0x718bd9e7,
-        0xdb9dfa55,0x43d5f22c,0x30b09e10,0xab10db90,0xf6ce2308,0xb5edb6c0,
-        0xb6ff7cbf,0x98b2f204,0x0aec69c6,0x2b1a2fd6,0x3ed9b52a,0x0a799005,
-        0x332c29ad,0x53fc09ee,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x1bef16d7,0x75573fd7,0x6a67dcde,0xadb9b570,0xd5bb4636,0x80bdad5a,
-        0xe9cb99a9,0x13515ad7,0xc5a4d5f2,0x492d979f,0x164aa989,0xac6f1e80,
-        0xb7652fe0,0xcad696b5,0xad547c6c,0x70dae117,0xa9e032b9,0x416cff0c,
-        0x9a140b2e,0x6b598ccf,0xf0de55f6,0xe7f7f5e5,0x654ec2b9,0xf5ea69f4,
-        0x1e141178,0x3d778d82,0x02990696,0xd3e82016,0x3634a135,0xf9f1f053,
-        0x3f6009f1,0x0a824906,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x00000001,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,0x00000000,
-        0x00000000,0x00000000,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into a. (a -= b)
- *
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "ADD	r11, %[a], #0x80\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_sub_in_pkace_32_word:\n\t"
-#else
-    "L_sp_1024_sub_in_pkace_32_word_%=:\n\t"
-#endif
-        "RSBS	r10, r10, #0x0\n\t"
-        "LDM	%[a], {r2, r3, r4, r5}\n\t"
-        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
-        "SBCS	r2, r2, r6\n\t"
-        "SBCS	r3, r3, r7\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
-        "SBC	r10, r10, r10\n\t"
-        "CMP	%[a], r11\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_1024_sub_in_pkace_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_1024_sub_in_pkace_32_word\n\t"
-#else
-        "BNE.N	L_sp_1024_sub_in_pkace_32_word_%=\n\t"
-#endif
-        "MOV	%[a], r10\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11"
-    );
-    return (word32)(size_t)a;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_cond_sub_32_words:\n\t"
-#else
-    "L_sp_1024_cond_sub_32_words_%=:\n\t"
-#endif
-        "SUBS	r4, r8, r4\n\t"
-        "LDR	r6, [%[a], r5]\n\t"
-        "LDR	r7, [%[b], r5]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "SBCS	r6, r6, r7\n\t"
-        "SBC	r4, r8, r8\n\t"
-        "STR	r6, [%[r], r5]\n\t"
-        "ADD	r5, r5, #0x4\n\t"
-        "CMP	r5, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_cond_sub_32_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_1024_cond_sub_32_words\n\t"
-#else
-        "BLT.N	L_sp_1024_cond_sub_32_words_%=\n\t"
-#endif
-        "MOV	%[r], r4\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SUBS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "SBCS	r6, r6, r8\n\t"
-        "SBCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "SBC	%[r], r5, r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r3, #0x0\n\t"
-        "ADD	r12, %[a], #0x80\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_add_32_word:\n\t"
-#else
-    "L_sp_1024_add_32_word_%=:\n\t"
-#endif
-        "ADDS	r3, r3, #0xffffffff\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "MOV	r4, #0x0\n\t"
-        "ADC	r3, r4, #0x0\n\t"
-        "CMP	%[a], r12\n\t"
-#if defined(__GNUC__)
-        "BNE	L_sp_1024_add_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BNE.N	L_sp_1024_add_32_word\n\t"
-#else
-        "BNE.N	L_sp_1024_add_32_word_%=\n\t"
-#endif
-        "MOV	%[r], r3\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r3", "r12"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDR	r8, [%[a]]\n\t"
-        "UMULL	r5, r3, %[b], r8\n\t"
-        "MOV	r4, #0x0\n\t"
-        "STR	r5, [%[r]]\n\t"
-        "MOV	r5, #0x0\n\t"
-        "MOV	r9, #0x4\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mul_d_32_word:\n\t"
-#else
-    "L_sp_1024_mul_d_32_word_%=:\n\t"
-#endif
-        /* A[i] * B */
-        "LDR	r8, [%[a], r9]\n\t"
-        "UMULL	r6, r7, %[b], r8\n\t"
-        "ADDS	r3, r3, r6\n\t"
-        "ADCS	r4, r4, r7\n\t"
-        "ADC	r5, r5, #0x0\n\t"
-        "STR	r3, [%[r], r9]\n\t"
-        "MOV	r3, r4\n\t"
-        "MOV	r4, r5\n\t"
-        "MOV	r5, #0x0\n\t"
-        "ADD	r9, r9, #0x4\n\t"
-        "CMP	r9, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_mul_d_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_1024_mul_d_32_word\n\t"
-#else
-        "BLT.N	L_sp_1024_mul_d_32_word_%=\n\t"
-#endif
-        "STR	r3, [%[r], #128]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
-    );
-}
-
-#else
-/* Mul a by digit b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision digit.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r_p,
-    const sp_digit* a_p, sp_digit b_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_mul_d_32(sp_digit* r,
-    const sp_digit* a, sp_digit b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* A[0] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMULL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[1] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[2] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[3] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[4] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[5] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[6] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[7] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[8] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[9] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[10] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[11] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[12] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[13] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[14] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[15] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[16] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[17] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[18] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[19] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[20] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[21] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[22] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[23] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[24] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[25] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[26] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[27] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[28] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "MOV	r3, #0x0\n\t"
-        /* A[29] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r5, r3, %[b], r8\n\t"
-        "STM	%[r]!, {r5}\n\t"
-        "MOV	r4, #0x0\n\t"
-        /* A[30] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r3, r4, %[b], r8\n\t"
-        "STM	%[r]!, {r3}\n\t"
-        "MOV	r5, #0x0\n\t"
-        /* A[31] * B */
-        "LDM	%[a]!, {r8}\n\t"
-        "UMLAL	r4, r5, %[b], r8\n\t"
-        "STM	%[r]!, {r4}\n\t"
-        "STR	r5, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_USE_UDIV
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_1024_word_32(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r8, %[div], #16\n\t"
-        "ADD	r5, r8, #0x1\n\t"
-        "UDIV	r6, %[d1], r5\n\t"
-        "LSL	r7, %[div], #16\n\t"
-        "LSL	r6, r6, #16\n\t"
-        "UMULL	r3, r4, %[div], r6\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "SUBS	r3, %[d1], r5\n\t"
-        "SBC	r9, r9, r9\n\t"
-        "ADD	r9, r9, #0x1\n\t"
-        "RSB	r10, r9, #0x0\n\t"
-        "LSL	r9, r9, #16\n\t"
-        "AND	r7, r7, r10\n\t"
-        "AND	r8, r8, r10\n\t"
-        "SUBS	%[d0], %[d0], r7\n\t"
-        "ADD	r6, r6, r9\n\t"
-        "SBC	%[d1], %[d1], r8\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "UMULL	r3, r4, %[div], r3\n\t"
-        "SUBS	%[d0], %[d0], r3\n\t"
-        "SBC	%[d1], %[d1], r4\n\t"
-        "LSL	r4, %[d1], #16\n\t"
-        "LSR	r3, %[d0], #16\n\t"
-        "ORR	r3, r3, r4\n\t"
-        "UDIV	r3, r3, r5\n\t"
-        "ADD	r6, r6, r3\n\t"
-        "MUL	r3, %[div], r3\n\t"
-        "SUB	%[d0], %[d0], r3\n\t"
-        "UDIV	r3, %[d0], %[div]\n\t"
-        "ADD	%[d1], r6, r3\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#else
-/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The divisor.
- * returns the result of the division.
- *
- * Note that this is an approximate div. It may give an answer 1 larger.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_1024_word_32(
-    sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1,
-    sp_digit d0, sp_digit div)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
-    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
-    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LSR	r5, %[div], #1\n\t"
-        "ADD	r5, r5, #0x1\n\t"
-        "MOV	r6, %[d0]\n\t"
-        "MOV	r7, %[d1]\n\t"
-        /* Do top 32 */
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "MOV	r3, #0x0\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        /* Next 30 bits */
-        "MOV	r4, #0x1d\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_div_1024_word_32_bit:\n\t"
-#else
-    "L_div_1024_word_32_bit_%=:\n\t"
-#endif
-        "LSLS	r6, r6, #1\n\t"
-        "ADC	r7, r7, r7\n\t"
-        "SUBS	r8, r5, r7\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "ADD	r3, r3, r3\n\t"
-        "SUB	r3, r3, r8\n\t"
-        "AND	r8, r8, r5\n\t"
-        "SUBS	r7, r7, r8\n\t"
-        "SUBS	r4, r4, #0x1\n\t"
-#if defined(__GNUC__)
-        "BPL	L_div_1024_word_32_bit_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BPL.N	L_div_1024_word_32_bit\n\t"
-#else
-        "BPL.N	L_div_1024_word_32_bit_%=\n\t"
-#endif
-        "ADD	r3, r3, r3\n\t"
-        "ADD	r3, r3, #0x1\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "UMULL	r6, r7, r3, %[div]\n\t"
-        "SUBS	r9, %[d0], r6\n\t"
-        "SBC	r10, %[d1], r7\n\t"
-        "ADD	r3, r3, r10\n\t"
-        "SUBS	r8, %[div], r9\n\t"
-        "SBC	r8, r8, r8\n\t"
-        "SUB	%[d1], r3, r8\n\t"
-        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)d1;
-}
-
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a_p,
-    const sp_digit* b_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_int32 sp_1024_cmp_32(const sp_digit* a,
-    const sp_digit* b)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r2, #0xffffffff\n\t"
-        "MOV	r8, #0x1\n\t"
-        "MOV	r7, #0x0\n\t"
-        "MOV	r3, #0xffffffff\n\t"
-#ifdef WOLFSSL_SP_SMALL
-        "MOV	r6, #0x7c\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_cmp_32_words:\n\t"
-#else
-    "L_sp_1024_cmp_32_words_%=:\n\t"
-#endif
-        "LDR	r4, [%[a], r6]\n\t"
-        "LDR	r5, [%[b], r6]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "SUBS	r6, r6, #0x4\n\t"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "bcs	L_sp_1024_cmp_32_words\n\t"
-#else
-        "bcs	L_sp_1024_cmp_32_words_%=\n\t"
-#endif
-        "EOR	r2, r2, r3\n\t"
-#else
-        "LDR	r4, [%[a], #124]\n\t"
-        "LDR	r5, [%[b], #124]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #120]\n\t"
-        "LDR	r5, [%[b], #120]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "LDR	r5, [%[b], #116]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #112]\n\t"
-        "LDR	r5, [%[b], #112]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #108]\n\t"
-        "LDR	r5, [%[b], #108]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "LDR	r5, [%[b], #104]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #100]\n\t"
-        "LDR	r5, [%[b], #100]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #96]\n\t"
-        "LDR	r5, [%[b], #96]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "LDR	r5, [%[b], #92]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #88]\n\t"
-        "LDR	r5, [%[b], #88]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #84]\n\t"
-        "LDR	r5, [%[b], #84]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "LDR	r5, [%[b], #80]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #76]\n\t"
-        "LDR	r5, [%[b], #76]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #72]\n\t"
-        "LDR	r5, [%[b], #72]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "LDR	r5, [%[b], #68]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #64]\n\t"
-        "LDR	r5, [%[b], #64]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #60]\n\t"
-        "LDR	r5, [%[b], #60]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "LDR	r5, [%[b], #56]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #52]\n\t"
-        "LDR	r5, [%[b], #52]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #48]\n\t"
-        "LDR	r5, [%[b], #48]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "LDR	r5, [%[b], #44]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #40]\n\t"
-        "LDR	r5, [%[b], #40]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #36]\n\t"
-        "LDR	r5, [%[b], #36]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "LDR	r5, [%[b], #32]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #28]\n\t"
-        "LDR	r5, [%[b], #28]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #24]\n\t"
-        "LDR	r5, [%[b], #24]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "LDR	r5, [%[b], #20]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #16]\n\t"
-        "LDR	r5, [%[b], #16]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #12]\n\t"
-        "LDR	r5, [%[b], #12]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "LDR	r5, [%[b], #8]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a], #4]\n\t"
-        "LDR	r5, [%[b], #4]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[b]]\n\t"
-        "AND	r4, r4, r3\n\t"
-        "AND	r5, r5, r3\n\t"
-        "SUBS	r4, r4, r5\n\t"
-        "IT	hi\n\t"
-        "movhi	r2, r8\n\t"
-        "IT	lo\n\t"
-        "movlo	r2, r3\n\t"
-        "IT	ne\n\t"
-        "movne	r3, r7\n\t"
-        "EOR	r2, r2, r3\n\t"
-#endif /*WOLFSSL_SP_SMALL */
-        "MOV	%[a], r2\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "cc", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)a;
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
-        sp_digit* m, sp_digit* r)
-{
-    sp_digit t1[64], t2[33];
-    sp_digit div, r1;
-    int i;
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_1024_cmp_32(&t1[32], d) >= 0;
-    sp_1024_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        volatile sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_1024_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-        sp_1024_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_1024_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_1024_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_1024_add_32(&t1[i], &t1[i], t2);
-        sp_1024_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_1024_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_1024_cmp_32(t1, d) >= 0;
-    sp_1024_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_1024_div_32(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    sp_1024_mul_32(r, a, p1024_norm_mod);
-    return sp_1024_mod_32(r, r, m);
-}
-
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_32(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_32(heap, sp, p) sp_1024_point_new_ex_32((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_32(heap, sp, p) sp_1024_point_new_ex_32((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_32(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 32
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 31);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 31);
-    }
-#elif DIGIT_BIT > 32
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffff;
-        s = 32U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 32U) <= (word32)DIGIT_BIT) {
-            s += 32U;
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 32) {
-            r[j] &= 0xffffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 32 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_32(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 32, pm->x);
-    sp_1024_from_mp(p->y, 32, pm->y);
-    sp_1024_from_mp(p->z, 32, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 32
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 32);
-        r->used = 32;
-        mp_clamp(r);
-#elif DIGIT_BIT < 32
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 32) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 32 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 32 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 32 - s;
-            }
-            else {
-                s += 32;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NO_UMAAL
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDR	lr, [%[m]]\n\t"
-        /* i = 0 */
-        "MOV	r11, #0x0\n\t"
-        "MOV	r3, #0x0\n\t"
-        "LDR	r4, [%[a]]\n\t"
-        "LDR	r5, [%[a], #4]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mont_reduce_32_word:\n\t"
-#else
-    "L_sp_1024_mont_reduce_32_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	r10, %[mp], r4\n\t"
-        /* a[i+0] += m[0] * mu */
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r4, r7, r10, lr\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r9, [%[m], #4]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r5, r6, r10, r9\n\t"
-        "MOV	r4, r5\n\t"
-        "ADDS	r4, r4, r7\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r9, [%[m], #8]\n\t"
-        "LDR	r5, [%[a], #8]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r5, r7, r10, r9\n\t"
-        "ADDS	r5, r5, r6\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r9, [%[m], #12]\n\t"
-        "LDR	r12, [%[a], #12]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #12]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r9, [%[m], #16]\n\t"
-        "LDR	r12, [%[a], #16]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #16]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r9, [%[m], #20]\n\t"
-        "LDR	r12, [%[a], #20]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #20]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r9, [%[m], #24]\n\t"
-        "LDR	r12, [%[a], #24]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #24]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r9, [%[m], #28]\n\t"
-        "LDR	r12, [%[a], #28]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #28]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r9, [%[m], #32]\n\t"
-        "LDR	r12, [%[a], #32]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #32]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r9, [%[m], #36]\n\t"
-        "LDR	r12, [%[a], #36]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #36]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r9, [%[m], #40]\n\t"
-        "LDR	r12, [%[a], #40]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #40]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r9, [%[m], #44]\n\t"
-        "LDR	r12, [%[a], #44]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #44]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r9, [%[m], #48]\n\t"
-        "LDR	r12, [%[a], #48]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #48]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r9, [%[m], #52]\n\t"
-        "LDR	r12, [%[a], #52]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #52]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r9, [%[m], #56]\n\t"
-        "LDR	r12, [%[a], #56]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #56]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r9, [%[m], #60]\n\t"
-        "LDR	r12, [%[a], #60]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #60]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r9, [%[m], #64]\n\t"
-        "LDR	r12, [%[a], #64]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #64]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r9, [%[m], #68]\n\t"
-        "LDR	r12, [%[a], #68]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #68]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r9, [%[m], #72]\n\t"
-        "LDR	r12, [%[a], #72]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #72]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r9, [%[m], #76]\n\t"
-        "LDR	r12, [%[a], #76]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #76]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r9, [%[m], #80]\n\t"
-        "LDR	r12, [%[a], #80]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #80]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r9, [%[m], #84]\n\t"
-        "LDR	r12, [%[a], #84]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #84]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r9, [%[m], #88]\n\t"
-        "LDR	r12, [%[a], #88]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #88]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r9, [%[m], #92]\n\t"
-        "LDR	r12, [%[a], #92]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #92]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r9, [%[m], #96]\n\t"
-        "LDR	r12, [%[a], #96]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #96]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r9, [%[m], #100]\n\t"
-        "LDR	r12, [%[a], #100]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #100]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r9, [%[m], #104]\n\t"
-        "LDR	r12, [%[a], #104]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #104]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r9, [%[m], #108]\n\t"
-        "LDR	r12, [%[a], #108]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #108]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r9, [%[m], #112]\n\t"
-        "LDR	r12, [%[a], #112]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #112]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r9, [%[m], #116]\n\t"
-        "LDR	r12, [%[a], #116]\n\t"
-        "MOV	r6, #0x0\n\t"
-        "UMLAL	r12, r6, r10, r9\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #116]\n\t"
-        "ADC	r6, r6, #0x0\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r9, [%[m], #120]\n\t"
-        "LDR	r12, [%[a], #120]\n\t"
-        "MOV	r7, #0x0\n\t"
-        "UMLAL	r12, r7, r10, r9\n\t"
-        "ADDS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #120]\n\t"
-        "ADC	r7, r7, #0x0\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r9, [%[m], #124]\n\t"
-        "LDR	r12, [%[a], #124]\n\t"
-        "UMULL	r8, r9, r10, r9\n\t"
-        "ADDS	r7, r7, r8\n\t"
-        "ADCS	r6, r9, r3\n\t"
-        "MOV	r3, #0x0\n\t"
-        "ADC	r3, r3, r3\n\t"
-        "ADDS	r12, r12, r7\n\t"
-        "STR	r12, [%[a], #124]\n\t"
-        "LDR	r12, [%[a], #128]\n\t"
-        "ADCS	r12, r12, r6\n\t"
-        "STR	r12, [%[a], #128]\n\t"
-        "ADC	r3, r3, #0x0\n\t"
-        /* i += 1 */
-        "ADD	r11, r11, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r11, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_mont_reduce_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_1024_mont_reduce_32_word\n\t"
-#else
-        "BLT.W	L_sp_1024_mont_reduce_32_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r4, [%[a]]\n\t"
-        "STR	r5, [%[a], #4]\n\t"
-        "LDR	r8, [%[m], #124]\n\t"
-        "SUBS	r12, r8, r12\n\t"
-        "neg	r3, r3\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "ORR	r3, r3, r12\n\t"
-        "MOV	%[mp], r3\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_1024_cond_sub_32(a - 32, a, m, mp);
-}
-
-#else
-/* Reduce the number back to 1024 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_reduce_32(
-    sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_reduce_32(
-    sp_digit* a, const sp_digit* m, sp_digit mp)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
-    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        /* i = 0 */
-        "MOV	r4, #0x0\n\t"
-        "MOV	r5, #0x0\n\t"
-        "LDR	r6, [%[a]]\n\t"
-        "LDR	r7, [%[a], #4]\n\t"
-        "LDR	r8, [%[a], #8]\n\t"
-        "LDR	r9, [%[a], #12]\n\t"
-        "LDR	r10, [%[a], #16]\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_mont_reduce_32_word:\n\t"
-#else
-    "L_sp_1024_mont_reduce_32_word_%=:\n\t"
-#endif
-        /* mu = a[i] * mp */
-        "MUL	lr, %[mp], r6\n\t"
-        /* a[i+0] += m[0] * mu */
-        "LDR	r12, [%[m]]\n\t"
-        "MOV	r3, #0x0\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+1] += m[1] * mu */
-        "LDR	r12, [%[m], #4]\n\t"
-        "MOV	r6, r7\n\t"
-        "UMAAL	r6, r3, lr, r12\n\t"
-        /* a[i+2] += m[2] * mu */
-        "LDR	r12, [%[m], #8]\n\t"
-        "MOV	r7, r8\n\t"
-        "UMAAL	r7, r3, lr, r12\n\t"
-        /* a[i+3] += m[3] * mu */
-        "LDR	r12, [%[m], #12]\n\t"
-        "MOV	r8, r9\n\t"
-        "UMAAL	r8, r3, lr, r12\n\t"
-        /* a[i+4] += m[4] * mu */
-        "LDR	r12, [%[m], #16]\n\t"
-        "MOV	r9, r10\n\t"
-        "UMAAL	r9, r3, lr, r12\n\t"
-        /* a[i+5] += m[5] * mu */
-        "LDR	r12, [%[m], #20]\n\t"
-        "LDR	r10, [%[a], #20]\n\t"
-        "UMAAL	r10, r3, lr, r12\n\t"
-        /* a[i+6] += m[6] * mu */
-        "LDR	r12, [%[m], #24]\n\t"
-        "LDR	r11, [%[a], #24]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #24]\n\t"
-        /* a[i+7] += m[7] * mu */
-        "LDR	r12, [%[m], #28]\n\t"
-        "LDR	r11, [%[a], #28]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #28]\n\t"
-        /* a[i+8] += m[8] * mu */
-        "LDR	r12, [%[m], #32]\n\t"
-        "LDR	r11, [%[a], #32]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #32]\n\t"
-        /* a[i+9] += m[9] * mu */
-        "LDR	r12, [%[m], #36]\n\t"
-        "LDR	r11, [%[a], #36]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #36]\n\t"
-        /* a[i+10] += m[10] * mu */
-        "LDR	r12, [%[m], #40]\n\t"
-        "LDR	r11, [%[a], #40]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #40]\n\t"
-        /* a[i+11] += m[11] * mu */
-        "LDR	r12, [%[m], #44]\n\t"
-        "LDR	r11, [%[a], #44]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #44]\n\t"
-        /* a[i+12] += m[12] * mu */
-        "LDR	r12, [%[m], #48]\n\t"
-        "LDR	r11, [%[a], #48]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #48]\n\t"
-        /* a[i+13] += m[13] * mu */
-        "LDR	r12, [%[m], #52]\n\t"
-        "LDR	r11, [%[a], #52]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #52]\n\t"
-        /* a[i+14] += m[14] * mu */
-        "LDR	r12, [%[m], #56]\n\t"
-        "LDR	r11, [%[a], #56]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #56]\n\t"
-        /* a[i+15] += m[15] * mu */
-        "LDR	r12, [%[m], #60]\n\t"
-        "LDR	r11, [%[a], #60]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #60]\n\t"
-        /* a[i+16] += m[16] * mu */
-        "LDR	r12, [%[m], #64]\n\t"
-        "LDR	r11, [%[a], #64]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #64]\n\t"
-        /* a[i+17] += m[17] * mu */
-        "LDR	r12, [%[m], #68]\n\t"
-        "LDR	r11, [%[a], #68]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #68]\n\t"
-        /* a[i+18] += m[18] * mu */
-        "LDR	r12, [%[m], #72]\n\t"
-        "LDR	r11, [%[a], #72]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #72]\n\t"
-        /* a[i+19] += m[19] * mu */
-        "LDR	r12, [%[m], #76]\n\t"
-        "LDR	r11, [%[a], #76]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #76]\n\t"
-        /* a[i+20] += m[20] * mu */
-        "LDR	r12, [%[m], #80]\n\t"
-        "LDR	r11, [%[a], #80]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #80]\n\t"
-        /* a[i+21] += m[21] * mu */
-        "LDR	r12, [%[m], #84]\n\t"
-        "LDR	r11, [%[a], #84]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #84]\n\t"
-        /* a[i+22] += m[22] * mu */
-        "LDR	r12, [%[m], #88]\n\t"
-        "LDR	r11, [%[a], #88]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #88]\n\t"
-        /* a[i+23] += m[23] * mu */
-        "LDR	r12, [%[m], #92]\n\t"
-        "LDR	r11, [%[a], #92]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #92]\n\t"
-        /* a[i+24] += m[24] * mu */
-        "LDR	r12, [%[m], #96]\n\t"
-        "LDR	r11, [%[a], #96]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #96]\n\t"
-        /* a[i+25] += m[25] * mu */
-        "LDR	r12, [%[m], #100]\n\t"
-        "LDR	r11, [%[a], #100]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #100]\n\t"
-        /* a[i+26] += m[26] * mu */
-        "LDR	r12, [%[m], #104]\n\t"
-        "LDR	r11, [%[a], #104]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #104]\n\t"
-        /* a[i+27] += m[27] * mu */
-        "LDR	r12, [%[m], #108]\n\t"
-        "LDR	r11, [%[a], #108]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #108]\n\t"
-        /* a[i+28] += m[28] * mu */
-        "LDR	r12, [%[m], #112]\n\t"
-        "LDR	r11, [%[a], #112]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #112]\n\t"
-        /* a[i+29] += m[29] * mu */
-        "LDR	r12, [%[m], #116]\n\t"
-        "LDR	r11, [%[a], #116]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #116]\n\t"
-        /* a[i+30] += m[30] * mu */
-        "LDR	r12, [%[m], #120]\n\t"
-        "LDR	r11, [%[a], #120]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "STR	r11, [%[a], #120]\n\t"
-        /* a[i+31] += m[31] * mu */
-        "LDR	r12, [%[m], #124]\n\t"
-        "LDR	r11, [%[a], #124]\n\t"
-        "UMAAL	r11, r3, lr, r12\n\t"
-        "LDR	lr, [%[a], #128]\n\t"
-        "MOV	r12, #0x0\n\t"
-        "UMAAL	r3, lr, r12, r12\n\t"
-        "STR	r11, [%[a], #124]\n\t"
-        "ADDS	r3, r3, r5\n\t"
-        "ADC	r5, lr, #0x0\n\t"
-        "STR	r3, [%[a], #128]\n\t"
-        /* i += 1 */
-        "ADD	r4, r4, #0x4\n\t"
-        "ADD	%[a], %[a], #0x4\n\t"
-        "CMP	r4, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_mont_reduce_32_word_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.W	L_sp_1024_mont_reduce_32_word\n\t"
-#else
-        "BLT.W	L_sp_1024_mont_reduce_32_word_%=\n\t"
-#endif
-        /* Loop Done */
-        "STR	r6, [%[a]]\n\t"
-        "STR	r7, [%[a], #4]\n\t"
-        "STR	r8, [%[a], #8]\n\t"
-        "STR	r9, [%[a], #12]\n\t"
-        "STR	r10, [%[a], #16]\n\t"
-        "LDR	r12, [%[m], #124]\n\t"
-        "SUBS	r3, r12, r3\n\t"
-        "neg	r5, r5\n\t"
-        "SBC	r3, r3, r3\n\t"
-        "ORR	r5, r5, r3\n\t"
-        "MOV	%[mp], r5\n\t"
-        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
-        :
-        : "memory", "cc", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10",
-            "r11", "r12", "lr"
-    );
-    sp_1024_cond_sub_32(a - 32, a, m, mp);
-}
-
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_32(r, a, b);
-    sp_1024_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_32(r, a);
-    sp_1024_mont_reduce_32(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_32(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 32];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 32 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 32);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_32(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_32(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 32);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_32(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_32(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_32(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Normalize the values in each word to 32.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_1024_norm_32(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_int32 n;
-
-    sp_1024_mont_inv_32(t1, p->z, t + 2*32);
-
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_32(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 32, 0, sizeof(sp_digit) * 32U);
-    sp_1024_mont_reduce_32(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_32(r->x, p1024_mod);
-    sp_1024_cond_sub_32(r->x, r->x, p1024_mod, (sp_digit)~(n >> 31));
-    sp_1024_norm_32(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_32(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 32, 0, sizeof(sp_digit) * 32U);
-    sp_1024_mont_reduce_32(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_32(r->y, p1024_mod);
-    sp_1024_cond_sub_32(r->y, r->y, p1024_mod, (sp_digit)~(n >> 31));
-    sp_1024_norm_32(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDR	r11, [%[m], #124]\n\t"
-        "ADC	r12, r12, #0x0\n\t"
-        "SUBS	r11, r11, r7\n\t"
-        "neg	r12, r12\n\t"
-        "SBC	r11, r11, r11\n\t"
-        "SUB	%[r], %[r], #0x80\n\t"
-        "ORR	r12, r12, r11\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SUBS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBC	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDR	r4, [%[m], #124]\n\t"
-        "ADC	r12, r12, #0x0\n\t"
-        "SUBS	r4, r4, r11\n\t"
-        "neg	r12, r12\n\t"
-        "SBC	r4, r4, r4\n\t"
-        "SUB	%[r], %[r], #0x80\n\t"
-        "ORR	r12, r12, r4\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SUBS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBC	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7",
-            "r12"
-    );
-}
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADDS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "ADCS	r4, r4, r4\n\t"
-        "ADCS	r5, r5, r5\n\t"
-        "ADCS	r6, r6, r6\n\t"
-        "ADCS	r7, r7, r7\n\t"
-        "ADCS	r8, r8, r8\n\t"
-        "ADCS	r9, r9, r9\n\t"
-        "ADCS	r10, r10, r10\n\t"
-        "ADCS	r11, r11, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "LDR	r4, [%[m], #124]\n\t"
-        "ADC	r12, r12, #0x0\n\t"
-        "SUBS	r4, r4, r11\n\t"
-        "neg	r12, r12\n\t"
-        "SBC	r4, r4, r4\n\t"
-        "SUB	%[r], %[r], #0x80\n\t"
-        "ORR	r12, r12, r4\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SUBS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBC	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "SUB	%[r], %[r], #0x80\n\t"
-        "SUB	%[m], %[m], #0x80\n\t"
-        "SUB	%[a], %[a], #0x80\n\t"
-        "MOV	r12, #0x0\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADDS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r8, r9, r10, r11}\n\t"
-        "ADCS	r8, r8, r4\n\t"
-        "ADCS	r9, r9, r5\n\t"
-        "ADCS	r10, r10, r6\n\t"
-        "ADCS	r11, r11, r7\n\t"
-        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
-        "LDR	r7, [%[m], #124]\n\t"
-        "ADC	r12, r12, #0x0\n\t"
-        "SUBS	r7, r7, r11\n\t"
-        "neg	r12, r12\n\t"
-        "SBC	r7, r7, r7\n\t"
-        "SUB	%[r], %[r], #0x80\n\t"
-        "ORR	r12, r12, r7\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SUBS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBC	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
-        :
-        : "memory", "cc", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7",
-            "r12"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
-#else
-WC_OMIT_FRAME_POINTER SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, const sp_digit* m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SUBS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
-        "SBCS	r4, r4, r8\n\t"
-        "SBCS	r5, r5, r9\n\t"
-        "SBCS	r6, r6, r10\n\t"
-        "SBCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "SBC	r12, r12, r12\n\t"
-        "SUB	%[r], %[r], #0x80\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADDS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADCS	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        "LDM	%[r], {r4, r5, r6, r7}\n\t"
-        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
-        "AND	r8, r8, r12\n\t"
-        "AND	r9, r9, r12\n\t"
-        "AND	r10, r10, r12\n\t"
-        "AND	r11, r11, r12\n\t"
-        "ADCS	r4, r4, r8\n\t"
-        "ADCS	r5, r5, r9\n\t"
-        "ADCS	r6, r6, r10\n\t"
-        "ADC	r7, r7, r11\n\t"
-        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11",
-            "r12"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r5, #0x0\n\t"
-        "MOV	r8, #0x0\n\t"
-        "MOV	r4, #0x0\n\t"
-        "\n"
-#if defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-    "L_sp_1024_cond_add_32_words:\n\t"
-#else
-    "L_sp_1024_cond_add_32_words_%=:\n\t"
-#endif
-        "ADDS	r5, r5, #0xffffffff\n\t"
-        "LDR	r6, [%[a], r4]\n\t"
-        "LDR	r7, [%[b], r4]\n\t"
-        "AND	r7, r7, %[m]\n\t"
-        "ADCS	r6, r6, r7\n\t"
-        "ADC	r5, r8, r8\n\t"
-        "STR	r6, [%[r], r4]\n\t"
-        "ADD	r4, r4, #0x4\n\t"
-        "CMP	r4, #0x80\n\t"
-#if defined(__GNUC__)
-        "BLT	L_sp_1024_cond_add_32_words_%=\n\t"
-#elif defined(__IAR_SYSTEMS_ICC__) && (__VER__ < 9000000)
-        "BLT.N	L_sp_1024_cond_add_32_words\n\t"
-#else
-        "BLT.N	L_sp_1024_cond_add_32_words_%=\n\t"
-#endif
-        "MOV	%[r], r5\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (word32)(size_t)r;
-}
-
-#else
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r_p,
-    const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
-#else
-WC_OMIT_FRAME_POINTER static sp_digit sp_1024_cond_add_32(sp_digit* r,
-    const sp_digit* a, const sp_digit* b, sp_digit m)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
-    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "MOV	r10, #0x0\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADDS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "LDM	%[a]!, {r6, r7}\n\t"
-        "LDM	%[b]!, {r8, r9}\n\t"
-        "AND	r8, r8, %[m]\n\t"
-        "AND	r9, r9, %[m]\n\t"
-        "ADCS	r6, r6, r8\n\t"
-        "ADCS	r7, r7, r9\n\t"
-        "STM	%[r]!, {r6, r7}\n\t"
-        "ADC	%[r], r10, r10\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
-        :
-        : "memory", "cc", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (word32)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r_p,
-    const sp_digit* a_p)
-#else
-WC_OMIT_FRAME_POINTER static void sp_1024_rshift1_32(sp_digit* r,
-    const sp_digit* a)
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-{
-#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
-    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
-    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
-#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
-
-    __asm__ __volatile__ (
-        "LDM	%[a], {r2, r3}\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #8]\n\t"
-        "STR	r2, [%[r]]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #12]\n\t"
-        "STR	r3, [%[r], #4]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #16]\n\t"
-        "STR	r4, [%[r], #8]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #20]\n\t"
-        "STR	r2, [%[r], #12]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #24]\n\t"
-        "STR	r3, [%[r], #16]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #28]\n\t"
-        "STR	r4, [%[r], #20]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #32]\n\t"
-        "STR	r2, [%[r], #24]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #36]\n\t"
-        "STR	r3, [%[r], #28]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #40]\n\t"
-        "STR	r4, [%[r], #32]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #44]\n\t"
-        "STR	r2, [%[r], #36]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #48]\n\t"
-        "STR	r3, [%[r], #40]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #52]\n\t"
-        "STR	r4, [%[r], #44]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #56]\n\t"
-        "STR	r2, [%[r], #48]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #60]\n\t"
-        "STR	r3, [%[r], #52]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #64]\n\t"
-        "STR	r4, [%[r], #56]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #68]\n\t"
-        "STR	r2, [%[r], #60]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #72]\n\t"
-        "STR	r3, [%[r], #64]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #76]\n\t"
-        "STR	r4, [%[r], #68]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #80]\n\t"
-        "STR	r2, [%[r], #72]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #84]\n\t"
-        "STR	r3, [%[r], #76]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #88]\n\t"
-        "STR	r4, [%[r], #80]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #92]\n\t"
-        "STR	r2, [%[r], #84]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #96]\n\t"
-        "STR	r3, [%[r], #88]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #100]\n\t"
-        "STR	r4, [%[r], #92]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #104]\n\t"
-        "STR	r2, [%[r], #96]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #108]\n\t"
-        "STR	r3, [%[r], #100]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #112]\n\t"
-        "STR	r4, [%[r], #104]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "LDR	r4, [%[a], #116]\n\t"
-        "STR	r2, [%[r], #108]\n\t"
-        "ORR	r3, r3, r4, lsl #31\n\t"
-        "LSR	r4, r4, #1\n\t"
-        "LDR	r2, [%[a], #120]\n\t"
-        "STR	r3, [%[r], #112]\n\t"
-        "ORR	r4, r4, r2, lsl #31\n\t"
-        "LSR	r2, r2, #1\n\t"
-        "LDR	r3, [%[a], #124]\n\t"
-        "STR	r4, [%[r], #116]\n\t"
-        "ORR	r2, r2, r3, lsl #31\n\t"
-        "LSR	r3, r3, #1\n\t"
-        "STR	r2, [%[r], #120]\n\t"
-        "STR	r3, [%[r], #124]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "cc", "r2", "r3", "r4"
-    );
-}
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit o;
-
-    o = sp_1024_cond_add_32(r, a, m, 0 - (a[0] & 1));
-    sp_1024_rshift1_32(r, r);
-    r[31] |= o << 31;
-}
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_32(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_32(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_32(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_32(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_32(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_32(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_32(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_32(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_32(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_32(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_32(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_32(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_32(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_32(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_32_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_32_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_32_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*32;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_32(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_32(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_32(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_32(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_32(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_32(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_32(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_32(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_32(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_32(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_32(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_32(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_32(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_32(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15]) | (a[16] ^ b[16]) | (a[17] ^ b[17]) |
-            (a[18] ^ b[18]) | (a[19] ^ b[19]) | (a[20] ^ b[20]) |
-            (a[21] ^ b[21]) | (a[22] ^ b[22]) | (a[23] ^ b[23]) |
-            (a[24] ^ b[24]) | (a[25] ^ b[25]) | (a[26] ^ b[26]) |
-            (a[27] ^ b[27]) | (a[28] ^ b[28]) | (a[29] ^ b[29]) |
-            (a[30] ^ b[30]) | (a[31] ^ b[31])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_32(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15] |
-            a[16] | a[17] | a[18] | a[19] | a[20] | a[21] | a[22] | a[23] |
-            a[24] | a[25] | a[26] | a[27] | a[28] | a[29] | a[30] | a[31]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_32(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*32;
-    sp_digit* t2 = t + 4*32;
-    sp_digit* t3 = t + 6*32;
-    sp_digit* t4 = t + 8*32;
-    sp_digit* t5 = t + 10*32;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_32(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_32(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_32(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_32(t2, t1) &
-            sp_1024_cmp_equal_32(t4, t3)) {
-        sp_1024_proj_point_dbl_32(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_32(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_32(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_32(t3, y, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_32(y, y, x, p1024_mod);
-        sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_32_ctx {
-    int state;
-    sp_1024_proj_point_dbl_32_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_32_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_32_ctx* ctx = (sp_1024_proj_point_add_32_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_32_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*32;
-        ctx->t2 = t + 4*32;
-        ctx->t3 = t + 6*32;
-        ctx->t4 = t + 8*32;
-        ctx->t5 = t + 10*32;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_32(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_32(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_32(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_32(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_32(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_32(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_32(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_32(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_32(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_32(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_32(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_32(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_32(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_32(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_32(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_32(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_32(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_32(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_32(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_32(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_32(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_32(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_32(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Fast implementation that generates a pre-computation table.
- * 4 bits of window (no sliding!).
- * Uses add and double for calculating table.
- * 1024 doubles.
- * 268 adds.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 16 + 1);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 37);
-    sp_point_1024* rt = NULL;
-    sp_digit n;
-    int i;
-    int c;
-    int y;
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-
-    if (err == MP_OKAY) {
-        rt = t + 16;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_1024_mod_mul_norm_32(t[1].x, g->x, p1024_mod);
-        (void)sp_1024_mod_mul_norm_32(t[1].y, g->y, p1024_mod);
-        (void)sp_1024_mod_mul_norm_32(t[1].z, g->z, p1024_mod);
-        t[1].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_1024_proj_point_add_32(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_1024_proj_point_add_32(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_1024_proj_point_add_32(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_1024_proj_point_dbl_32(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_1024_proj_point_add_32(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 30;
-        n = k[i+1] << 0;
-        c = 28;
-        y = (int)(n >> 28);
-        XMEMCPY(rt, &t[y], sizeof(sp_point_1024));
-        n <<= 4;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--];
-                c += 32;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_dbl_32(rt, rt, tmp);
-            sp_1024_proj_point_add_32(rt, rt, &t[y], tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 32 * 37, heap,
-        DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_point_1024, t, 16 + 1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*32;
-    sp_digit* b = t + 4*32;
-    sp_digit* t1 = t + 6*32;
-    sp_digit* t2 = t + 8*32;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_32(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_32(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_32(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_32(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_32(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_32(t2, b, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_32(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_32(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_32(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_32(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_32(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_32(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_32(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_32(t2, b, p1024_mod);
-    sp_1024_mont_sub_32(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_32(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_32(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_32(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_32(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_32(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_32(y, y, p1024_mod);
-}
-
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_32(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-    sp_digit* tmp = t + 4 * 32;
-
-    sp_1024_mont_inv_32(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_32(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[32];
-    sp_digit y[32];
-} sp_table_entry_1024;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*32;
-    sp_digit* t6 = t + 4*32;
-    sp_digit* t1 = t + 6*32;
-    sp_digit* t4 = t + 8*32;
-    sp_digit* t5 = t + 10*32;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_32(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_32(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_32(p->x, t2) &
-            sp_1024_cmp_equal_32(p->y, t4)) {
-        sp_1024_proj_point_dbl_32(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_32(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_32(t5, t3, p1024_mod);
-        sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 32; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 32; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 4
- * 16 entries
- * 256 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_32(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_32(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_32(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<4; i++) {
-            sp_1024_proj_point_dbl_n_32(t, 256, tmp);
-            sp_1024_proj_to_affine_32(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<4; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_32(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_32(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^256, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 32 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 255;
-        for (j=0; j<4; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 256;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=254; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<4; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 256;
-            }
-
-            sp_1024_proj_point_dbl_32(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_32(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[32];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[32];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[16];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_32(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_32(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_32(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_32(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#else
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_32(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_32(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_32(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_32(t, 128, tmp);
-            sp_1024_proj_to_affine_32(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_32(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_32(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC || !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 32 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 32 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 32] >> (x % 32)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_32(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_32(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_32(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[32];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[32];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_32(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_32(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 32 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 32 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_32(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_32(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(point, gm);
-
-            err = sp_1024_ecc_mulmod_32(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 4 points combined into a table of 16 points.
- * Distance of 256 between points.
- */
-static const sp_table_entry_1024 p1024_table[16] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xe0162bc2,0xbf9c7ec6,0x10a89289,0xddecc6e3,0x9e499d81,0x5d599df0,
-        0x6d358218,0x9a96ea28,0x70c5f8db,0x01aec7d3,0x8cf5d066,0xe72e4995,
-        0x3e91d7f8,0xc2e7297d,0xda9f2f5a,0x8621db92,0x5a5679ed,0x4b26c867,
-        0x2c56aac1,0x233385df,0xc6a13f99,0xb88e74d4,0xffa8ec11,0x1214b173,
-        0x1f3f9fef,0xa0386a27,0xc0e7b44e,0xbd9b1b4e,0xeecd3496,0xafe528dc,
-        0x1c49f80b,0x8dfff96a },
-      { 0xc03c0c83,0xb4a4753a,0xabcdcd75,0x68e69d18,0xf775b649,0xe3839b88,
-        0xbf58f352,0x803f949a,0xbd0bc15c,0x5f702679,0x8ff298c2,0x85bf5d16,
-        0xc6c7976e,0x3f6ebd98,0x45e3e1b4,0x20618af4,0x54e64093,0x67d5598e,
-        0x504fed9e,0xb047283b,0x70d87517,0x450cabfd,0x3f5addbe,0x47d628bf,
-        0x78cb4cca,0x0037ef30,0x6b1c4908,0x4e148d3c,0x4fcfd837,0xe256d329,
-        0xde3c01f3,0x2aa1207b } },
-    /* 2 */
-    { { 0x755c2a27,0xcf3e0bb2,0x59585c44,0xd38e42f9,0x19285e60,0x46b13e0f,
-        0x76273d0f,0xc3ecd0c0,0x193c569a,0x7800f085,0x4351818a,0xf04e74ab,
-        0x8496363b,0x9258aa38,0xb8c894fe,0x8456617c,0x2af969a0,0x8bc62aaa,
-        0x5a4668d9,0x66c2280b,0xa992f4fa,0xbc9df58e,0x3f401e99,0x5db0b7d9,
-        0xc4c38c0e,0xe0614fe1,0x2ccdf6b3,0xd531151c,0xe143b618,0x1c7575ec,
-        0xdf9398a4,0x40247985 },
-      { 0x8f055746,0xfba25178,0x0ab1e6e0,0xc5ba0040,0xac292697,0xe1b194fb,
-        0x5b4f4740,0x77152119,0x9bb7ba54,0x250091d0,0xb9a139a4,0x7a674861,
-        0xf353aa7e,0xba8413b3,0x2443ceee,0xafe77192,0x3847bbd0,0x14468d36,
-        0x3da4942d,0x61f79ff6,0xd425b456,0x1563a1c1,0x75ff4630,0x3c270fcd,
-        0xeb2802c9,0x42072090,0xc85c7004,0x68f0cdcb,0xfa032e74,0xca4372fb,
-        0xc8b79d80,0x1a6fd1e6 } },
-    /* 3 */
-    { { 0x8d5116a3,0x967a901a,0xb2f5f47f,0x0b844394,0x60ebaf3b,0xe39ad452,
-        0x60ccfc0c,0x1e1be617,0xcc3f53f2,0xac07e3d2,0x1ed11bb6,0xdd838e0e,
-        0x1c15b0c2,0x45475307,0x920fe5b8,0x70dd4748,0xe471896d,0x1a20be2d,
-        0x59276c7c,0x3c3fad8a,0xc886ee07,0x026a1cc3,0x6e831ac4,0x9fdb6f37,
-        0xac501d65,0x26a35d1a,0x40da8574,0x0ae98905,0xabd734e5,0x65dde0a4,
-        0x15614750,0x29b7d4dc },
-      { 0xcbf4e20b,0x44b3c2cb,0x58cc44c5,0x1c3f548f,0x5b0cac1f,0x39809b54,
-        0x00f80621,0x0c0f02b5,0x066905e0,0xe612b890,0x8350188c,0x8f158ed7,
-        0x3f5576b2,0xc01dc458,0xa45492e0,0x29803272,0x0ff92443,0x77a5623a,
-        0x29d0dc41,0xd12a2b00,0x2780e87a,0xb4125459,0x0d53f272,0x1ebcf903,
-        0x24301e8d,0xbae6ea40,0xa37d0798,0x1e5f3f2f,0x22b4126c,0x9342c310,
-        0x5382497e,0x5d092802 } },
-    /* 4 */
-    { { 0x4b59213a,0xf5b495d0,0x8d70200e,0xca672039,0x2b6771c1,0x4bcb09a6,
-        0x2b9eb0cb,0x26adeed4,0x8cdba212,0xeb544754,0xf08890d1,0x0e1abfcd,
-        0x698e46b4,0x52509963,0x82e9c138,0xe1bff0b0,0x51099a71,0xa189e4cd,
-        0xc9b91cc7,0x2360c9bc,0x137ec4be,0x9bd4d7dc,0xd1519f6e,0xd0356521,
-        0xcf832503,0xbf5f6d78,0x8deea2b4,0xe4301031,0xef4c319c,0xc3132494,
-        0x0f1fa7d7,0x2ab3bd47 },
-      { 0x922c9fbb,0x5753b680,0x0f16c6d1,0x869e7dc8,0xbac16efc,0x83445135,
-        0x846d1d9b,0x4326a3b4,0xb2d62c21,0xb517fee3,0x0b292ad5,0x6905afa2,
-        0x2cadac13,0x2a57131a,0xebdbca8d,0xcd904d8f,0x3f365fb2,0xdfeda86f,
-        0xdc7eaa1c,0x7097b208,0xa45e77c0,0x89a35a84,0xcf5d118e,0x417a062c,
-        0x1f6e99e8,0x3c0c04a8,0xba7a087d,0xc44704b0,0x3ea22ad2,0x6f8a27d1,
-        0x4c27d229,0x93a4b416 } },
-    /* 5 */
-    { { 0x1f1efb7a,0xd4271bc1,0x33fccc0d,0xae4e68e6,0xb11f50a8,0x9d9bc8f1,
-        0xaf076089,0x5430398f,0x443d0e03,0x45e242fb,0xf6e3d4c1,0x73ec2519,
-        0xba9bad09,0xab70f790,0xf9add10f,0xde612ad5,0x14e942b4,0xb837e54e,
-        0xddb8b68a,0x175a56d3,0x1ac2a408,0xe85b233c,0xf0c80f94,0xf8ff6c30,
-        0x898db4f9,0x4b7f3fb7,0x45a7dcdd,0xa2c6044f,0xfe3d3895,0xf3abb2f6,
-        0x32ee7763,0x342ce0d7 },
-      { 0xcf491b1f,0xeb261394,0x1909e395,0xdcaaeed7,0x9fe4dbea,0xdcc4055a,
-        0x493d604d,0x17a6611d,0x1ce5ebef,0xba445a3a,0xe3989cb5,0xe82e2858,
-        0x83f58406,0xb96f4282,0xa156cf55,0x99877b99,0x4e166a0e,0xaf906a66,
-        0xb2976d13,0xcea1d353,0x36c61a01,0xefc16f27,0xb0f55d86,0xdb04c433,
-        0x8eb34c01,0x3cb4b269,0x2ae60280,0x38d07f78,0x43be3ec5,0x43ac3bcb,
-        0xe156fd20,0x455f4af3 } },
-    /* 6 */
-    { { 0x95532833,0x2e6fe0a6,0xd626d067,0xabca228e,0x649e73bd,0x22aef3d9,
-        0xf03c4c0c,0x2083a87a,0x35169b45,0xe954e75d,0x74506a89,0x577509ee,
-        0x2aeacf90,0x49cb276e,0xfa409f91,0x08275d77,0xf0bbd6b9,0x61eb6f3d,
-        0xe4132704,0x948202cb,0xb1c498b1,0x35f3fc21,0x361fee59,0x76c68ba8,
-        0x50e051f3,0xa18cbbd9,0x318e7042,0x2384a879,0x80dd1e8b,0x292abead,
-        0x5c37c334,0x65713c29 },
-      { 0xceb77b9a,0xdccca8e9,0x23b69469,0x2f97e727,0xa01d6b28,0xc76abee6,
-        0x5abecdfe,0x3925203d,0x29290d70,0x89448082,0xb0314438,0xf9931424,
-        0x7cd447c3,0x04209df1,0xc855c827,0x7c6f2059,0x56c0e069,0xd97d7862,
-        0x412d94c4,0x5a9db6fe,0x994c41dd,0x19a64591,0xc89e21a3,0x12348aa1,
-        0xc6a03f0e,0xd6904b50,0xa616feac,0x55c15156,0x7cc7693b,0x4e36d1b5,
-        0x3bae3c38,0x6b0e996c } },
-    /* 7 */
-    { { 0xcceced00,0x32789fab,0xe5b7aa66,0x3237e71a,0x2ddebcdf,0x87b2e269,
-        0xb61dad8f,0xb7245120,0xd35f803c,0xe11e5e48,0x98e50f0d,0xfb4df5d7,
-        0xbcd2ab92,0x60ee68b4,0x1ce3363d,0x98ab2f5c,0x7cd42647,0x15ba39da,
-        0x83f4fb3f,0x1a6572eb,0xe56f08db,0x0f77de88,0x172562c2,0x1743761e,
-        0x8a58f0f4,0xbe349ff8,0x84d1d6e2,0xe04da71b,0x9e9ff3b4,0x368f0342,
-        0x678223f8,0x4022a205 },
-      { 0x83847375,0x527bbd05,0x3f451af0,0x3ae56b62,0x4b2c7f18,0x6198f24d,
-        0x4525b98d,0xee323f5b,0x0e0884b5,0xa9d8d39a,0xfb12c776,0xd005d7f6,
-        0x708bc154,0xd71c483e,0x742541bc,0x8ca6fd28,0xf8397ddb,0x0af3dccd,
-        0x3eccf243,0xb80d3125,0x58d81b8d,0xc743a108,0x71391f68,0x3f48eb21,
-        0x33bb657f,0x493aff88,0x07e47e31,0x1d15ed66,0xe08279f6,0x10159b11,
-        0x24a6a956,0x312179cb } },
-    /* 8 */
-    { { 0xfb99cfe6,0x950323d3,0xc9334178,0x7b09bc26,0x7cbdfb6f,0x64111e41,
-        0x89a75760,0x91141744,0x10919cb0,0x4c633df9,0x396bfd2f,0x715fc7c7,
-        0x8cab62db,0x8ca19512,0x4db81aac,0x30672473,0xb4c4c54a,0xe67a246b,
-        0xbf229646,0xd77ea0fa,0xfa5b5d70,0x5bed15f1,0xc2f192f3,0xa5686da5,
-        0x7f6690ad,0xdecac72a,0xcaa50b7d,0x0c4af2a2,0x6049ad2f,0xf44631c1,
-        0x04ecf056,0x325d2796 },
-      { 0x4848c144,0xee11fb55,0xb6a7af32,0x4e062925,0x369e0f9a,0x125b68e1,
-        0xca53b21e,0xad9bdae6,0x2e98ea1b,0xf50d605c,0x9f2fa395,0xbdb9e153,
-        0xe91532f5,0x4570e32d,0x46a250d7,0x810698ae,0xad9d9145,0x7fd9546c,
-        0x11e97a5e,0xabf67721,0x249f82e9,0xca29f7d5,0x9851df63,0xa9c539a9,
-        0x71d0e3e5,0xfd84d54b,0x041d2b56,0xd1e0459c,0xfd80096a,0xceb3eb6e,
-        0xe32a79d3,0x19d48546 } },
-    /* 9 */
-    { { 0xb540f5e5,0xfe19ee8f,0x04e68d17,0x86d2a52f,0xadbdc871,0xd2320db0,
-        0xd03a7fc8,0xa83ad5a8,0x08bcb916,0x54bf83c7,0x2e51e840,0x092133ea,
-        0xcb52dddf,0xbce38424,0x31063583,0xd5c7be40,0x458e3176,0xc1ebb9df,
-        0xbc4dabbf,0xafb19639,0xc05725a8,0x36350fe4,0x84e1cd24,0xac4a0634,
-        0xc145b8de,0xadf73154,0xb3483237,0x0aa6dd9e,0xcbff2720,0xa3345c3d,
-        0xb4e453b0,0x1b3ace6c },
-      { 0x90a8bdc5,0x0343e5e9,0x6306a089,0xa203bf9d,0x8e48520e,0x98489a35,
-        0xde7d1d06,0xbd17debe,0x5f795d3f,0x8fafa6d7,0x387b0a3f,0xa4ceb630,
-        0xffddeafa,0xe0166b32,0x7e764e02,0xa2fe2054,0xe871f304,0x55ab9824,
-        0x952ec45e,0xa2bd36bb,0xa90d20ca,0x7b4c1484,0x75bcfb53,0x5319f387,
-        0x6982c4e5,0x34238a4a,0xa102921d,0xa2bb61c7,0xdb3ab17e,0x1e061b64,
-        0x192f0a14,0x538ec33e } },
-    /* 10 */
-    { { 0x576374c2,0xe53c7785,0x84727040,0xe60526d1,0x228ca044,0x8a066dc8,
-        0xf1ce1313,0x1fe1c1b2,0xcdeb0c5d,0x2aeec832,0x9cbf826f,0xa7596699,
-        0xde77a589,0xcd188e81,0x118d1254,0xe5ce0fe0,0x0790b86a,0xa142a984,
-        0x39ac28ce,0xe28f043f,0x87de5804,0x4eef8290,0xf639a8c5,0x83c31b32,
-        0x5887794f,0xd70454a7,0x18b1b391,0xca635d50,0x31d9c795,0xcefea076,
-        0xb6f8aa25,0x13cbee76 },
-      { 0x8d3f34f3,0x79cabe0f,0xa3617fe3,0xbda9c31c,0xdd9426a1,0xb26dee23,
-        0xf29c9104,0xe9dd9627,0xe2c6cd3b,0x033eb169,0xfcba2196,0x8a73f492,
-        0xb858c83c,0x92e37e0b,0x23b3fbb7,0xe4f2aca6,0x64be00a2,0x8101fb1e,
-        0x948f6448,0x91a7826a,0x907260e7,0x414067b4,0xe30bb835,0xf774aa50,
-        0xc999c06e,0xf922ca80,0x0ba08511,0x6b8635b9,0x25fa04f0,0xbf936b5c,
-        0xe02e8967,0x4e0a1ada } },
-    /* 11 */
-    { { 0x8ba29c4d,0x00ca6670,0x22988094,0xc08240ce,0x16dda752,0x21c5ca67,
-        0xabbbfa34,0x689c0e45,0x3ed28b72,0x1d7545fd,0xd7c56ab4,0x5f221198,
-        0x38759d65,0x4b3d8f74,0x8fe50b89,0x93490dfb,0xe80eba16,0xb641f5d7,
-        0x79acb537,0x7b0da5eb,0x0c1d5e5e,0xab6b1497,0xa5da429a,0x2338e68d,
-        0x2f6d2f25,0xe010c437,0x6530f3a7,0x226f16d2,0xcbef08bc,0xefb0f7b6,
-        0x9f99c999,0x733e30d9 },
-      { 0xa42a38f9,0xecfe1582,0x4730b500,0xaec2d58e,0xde976b2c,0x2ee2f2a7,
-        0xa969c1bb,0xf0539db5,0xfcecdb4a,0x31954168,0xe7a8e902,0xf2f7348a,
-        0x3121541f,0x1d58d7cc,0x2202ae52,0x5d25b75c,0xf40835a7,0xdea9965a,
-        0x529b4e46,0x3feb6a41,0xbd27ad9b,0x5c97fb6f,0x261f900b,0xd87554c0,
-        0x04d5b19e,0xb43031d9,0xcb219b9c,0x33d5e9b8,0x3ee00bcf,0x7a43d492,
-        0xb79a5c0c,0x56facb39 } },
-    /* 12 */
-    { { 0x7c834915,0x667eaed6,0xbc5eb64d,0x9f77aa6a,0x25d62011,0x729ebcb6,
-        0x699fd9c2,0x0aee24f2,0x2b8d4f6c,0xe1eb5874,0x14c976d6,0x7f12710c,
-        0xf6d9ea65,0x91390335,0x06b50064,0x668b7049,0x0876ee4f,0x65969a0e,
-        0x2f9d9360,0xf901bf3f,0xb499e3ce,0xfb1a8651,0xf2dbcaaa,0x80b953fb,
-        0x973b06b6,0x312cc566,0x3af36c64,0x3534d9c3,0x10ffd815,0xe4463a52,
-        0xf18c2b91,0x57ea2b4b },
-      { 0x8aa0f2f2,0x00f5e162,0x0e46bcaa,0x8c7e75c5,0xa4a2c42d,0x97ab479a,
-        0x14baa202,0xb4f308ea,0x6943cc2e,0xa901bd14,0xeed58804,0xbb125fee,
-        0x9d180f7c,0x6502c8f9,0x1580c61c,0xe5353919,0x27101ee3,0x7e278069,
-        0xfaa72717,0x7a0a40a1,0x4c75b153,0x32edce02,0x538f1c22,0xda23660b,
-        0xbe307d2e,0x4d511e98,0x9baee0b4,0x24276e40,0x7ff1f307,0xa78c3927,
-        0xea7935c9,0x60480b46 } },
-    /* 13 */
-    { { 0x3872ece3,0x31087d66,0x955b70f8,0x5f29be7d,0x9cf95bb8,0xb50b4fc7,
-        0xdbffa621,0xbae3b58d,0xe022ba5d,0x0e61d280,0x4181449c,0x78ae5117,
-        0xcf555485,0x0b132840,0xb8ce0b0e,0x800ed1b6,0x78d5de3d,0x35dffdd5,
-        0x69a56b47,0xf7e42374,0x8d910ae7,0xd5e32369,0x6313c7c7,0xb6ff52a0,
-        0xa92de9e5,0x5a2fe20d,0xd12110bb,0x41b347d3,0x40c16f23,0xc5905edb,
-        0x9a8f88cc,0x0774a0d3 },
-      { 0xe3b6c106,0x3ae181ab,0x8de150b7,0x4ebe163f,0x6f354836,0xcf75b82f,
-        0x3ac7ac16,0xaa0d2063,0x291722af,0x5c680668,0x11545553,0x73941e61,
-        0xbf5de3f7,0x17127e38,0x1afb41da,0x32cfdf03,0x87bc8663,0xc6893c91,
-        0xa62c9c99,0x75046744,0x962c1947,0x96866e2d,0x378cdf4c,0x489ec8df,
-        0x3407fa32,0x3a60709b,0x551290d1,0xd37d2159,0xbab92273,0x9623d303,
-        0x2432014b,0x08151954 } },
-    /* 14 */
-    { { 0xb05f2b26,0x569044f3,0x80b9f76c,0xb35a294a,0x4290f6ae,0x8839fe28,
-        0x026a5877,0x761cfb23,0x2e5ff9c3,0x768926b6,0x0b11c576,0xbae6cd20,
-        0x72a03efe,0xdc857756,0xe1bad63a,0x0cae074a,0xd709d99c,0x3fe491a1,
-        0x6501d9c1,0x76c5ded6,0xc32aeff7,0x1da6eca1,0xc57683e8,0x50849d55,
-        0xdf98d847,0x9e392e9c,0x64d9a564,0xfad7982f,0xa37b98b2,0xf7c3bdb7,
-        0xf0860497,0x1fe09f94 },
-      { 0x7648cc63,0x49a7eaae,0x67cfa714,0x13ea2511,0x653f4559,0xfc8b923c,
-        0x81a16e86,0xd957619b,0x3c864674,0x0c7e804b,0x1616599a,0xfc88134a,
-        0x0a652328,0x366ea969,0x4bc9029e,0x41532960,0xae2aad2b,0xef9e1994,
-        0x7f10bef5,0x9e2a8c52,0xc67bf860,0x73dcb586,0x844cc25d,0xf61a43fa,
-        0x74eb3653,0xd74e7eea,0xdd240f02,0xf3356706,0xfd83bcb4,0xeec7694c,
-        0xdb62526a,0x4de95786 } },
-    /* 15 */
-    { { 0x3deac2f7,0x4867d315,0xb61d9a8e,0xa084778a,0x0ab7b2d5,0xf3b76f96,
-        0xcfdf4f79,0x00b30056,0x31ab8f4b,0xd0701e15,0x9c779d01,0x07f948d5,
-        0x82675371,0x7c994ebc,0x48bad4c0,0x1104d4ee,0xbfc9d058,0x798ce0b5,
-        0x309fa80b,0xc7ca898d,0xacb33eaf,0x0244f225,0x5b2f3175,0xd51e8dfc,
-        0xa4d7be34,0x3e49ba6b,0xbda02b43,0x1760f4c7,0x4435275a,0x37e36a7e,
-        0xe636980c,0x1c94418b },
-      { 0x09dc1414,0x43a21313,0x43c93537,0x060765fc,0xdf5f79ce,0x6ff3207a,
-        0x85d4cfca,0x6f18b1fa,0x63e995ab,0xf5c4272e,0xa82b3002,0x121a09e4,
-        0x97147f16,0x82b65d1b,0x20a7fe26,0x4993c20c,0xe6716726,0x99c9cb98,
-        0xfeb440a0,0x5a02d673,0x251b4bc5,0x3f3fa9e1,0xa05338ea,0x75dbc474,
-        0x7b09f6cb,0x3cb4044b,0x80434609,0x6767da18,0x098ceac2,0x97851422,
-        0xb55235ba,0x611bfbb2 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^256, ...
- * Pre-generated: products of all combinations of above.
- * 4 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_32(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#else
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xe0162bc2,0xbf9c7ec6,0x10a89289,0xddecc6e3,0x9e499d81,0x5d599df0,
-        0x6d358218,0x9a96ea28,0x70c5f8db,0x01aec7d3,0x8cf5d066,0xe72e4995,
-        0x3e91d7f8,0xc2e7297d,0xda9f2f5a,0x8621db92,0x5a5679ed,0x4b26c867,
-        0x2c56aac1,0x233385df,0xc6a13f99,0xb88e74d4,0xffa8ec11,0x1214b173,
-        0x1f3f9fef,0xa0386a27,0xc0e7b44e,0xbd9b1b4e,0xeecd3496,0xafe528dc,
-        0x1c49f80b,0x8dfff96a },
-      { 0xc03c0c83,0xb4a4753a,0xabcdcd75,0x68e69d18,0xf775b649,0xe3839b88,
-        0xbf58f352,0x803f949a,0xbd0bc15c,0x5f702679,0x8ff298c2,0x85bf5d16,
-        0xc6c7976e,0x3f6ebd98,0x45e3e1b4,0x20618af4,0x54e64093,0x67d5598e,
-        0x504fed9e,0xb047283b,0x70d87517,0x450cabfd,0x3f5addbe,0x47d628bf,
-        0x78cb4cca,0x0037ef30,0x6b1c4908,0x4e148d3c,0x4fcfd837,0xe256d329,
-        0xde3c01f3,0x2aa1207b } },
-    /* 2 */
-    { { 0x01900955,0xa95b6dae,0xceb4656d,0xa5dc9cc1,0xe72fe95b,0x50c78907,
-        0xa040c334,0xa1ae5447,0x7952ea6e,0x91191370,0x6d097305,0x54ff7343,
-        0xbda4d10f,0xa4db0074,0x91644070,0xfd5306f1,0x8b24522c,0x14b9fe73,
-        0x7849f762,0x1468dad6,0xb0dcd2e4,0x87b29a18,0x5e1ad492,0xadd7f1a1,
-        0xdbba2a1a,0x9ac63a81,0x81223379,0x01379c5b,0xb0e53bc8,0xf402b2f0,
-        0x0bf13b61,0x8c3eb27f },
-      { 0xe513696f,0x9a4ad3e1,0x18c81ffa,0x0350ba5c,0x3c033d13,0x1e2fc136,
-        0x17a531bc,0x53da6e71,0x1aed610d,0x42ec6490,0xe99ff567,0xd33e8df7,
-        0x3deed12a,0xe4aad73e,0x180f4deb,0xd983b465,0x502f30b4,0x99365269,
-        0xa8918d7f,0x7e2799ab,0x700fc79a,0x0ffe84b6,0x40bfd8c2,0x7b4400d6,
-        0x5d2641bd,0xc3a21d21,0xc32621cb,0x79839442,0xb1401e83,0xace6500b,
-        0x251c4310,0x7bf4163e } },
-    /* 3 */
-    { { 0xe3fd589e,0x1c174f88,0xdf974a03,0xdb501790,0x3e70549f,0xd09623e3,
-        0x15924f34,0x8d091eff,0xf9b65ac5,0xeef79cad,0x3f69c2cf,0xd2cc4262,
-        0x52cd82bc,0x817d9032,0xa5f1dddd,0xacf4f4d9,0x5011b6bd,0xd0612635,
-        0x2ed140c9,0x9f74490d,0x4db686d2,0x64092e8c,0x776b0fcc,0x225eef16,
-        0xdf16aeb6,0x0e8c01e9,0x84bbd82a,0x62836741,0x8956e337,0x757574e2,
-        0x705a7f07,0x9871edc6 },
-      { 0x776535f7,0xbd0b76d5,0x2635b3b8,0x5214d602,0x9d216f64,0xc0c25ad9,
-        0x5515bf75,0xfd4df3a7,0x5e9f1675,0x24a625bc,0x406873e7,0x3c35efb7,
-        0xbb2e5c4a,0xef5c9a33,0x806b198a,0xa971b35e,0xa3c690ed,0x9f5c0ca5,
-        0x8e1e2341,0xa8d5dd89,0x955ad9e4,0x4cecbcce,0x248d3416,0x2ecf4407,
-        0x45c0af6e,0x1abb3811,0x1c780fff,0x3f4bee82,0xc272ed57,0xd14df768,
-        0x371637ad,0x397ed10a } },
-    /* 4 */
-    { { 0x755c2a27,0xcf3e0bb2,0x59585c44,0xd38e42f9,0x19285e60,0x46b13e0f,
-        0x76273d0f,0xc3ecd0c0,0x193c569a,0x7800f085,0x4351818a,0xf04e74ab,
-        0x8496363b,0x9258aa38,0xb8c894fe,0x8456617c,0x2af969a0,0x8bc62aaa,
-        0x5a4668d9,0x66c2280b,0xa992f4fa,0xbc9df58e,0x3f401e99,0x5db0b7d9,
-        0xc4c38c0e,0xe0614fe1,0x2ccdf6b3,0xd531151c,0xe143b618,0x1c7575ec,
-        0xdf9398a4,0x40247985 },
-      { 0x8f055746,0xfba25178,0x0ab1e6e0,0xc5ba0040,0xac292697,0xe1b194fb,
-        0x5b4f4740,0x77152119,0x9bb7ba54,0x250091d0,0xb9a139a4,0x7a674861,
-        0xf353aa7e,0xba8413b3,0x2443ceee,0xafe77192,0x3847bbd0,0x14468d36,
-        0x3da4942d,0x61f79ff6,0xd425b456,0x1563a1c1,0x75ff4630,0x3c270fcd,
-        0xeb2802c9,0x42072090,0xc85c7004,0x68f0cdcb,0xfa032e74,0xca4372fb,
-        0xc8b79d80,0x1a6fd1e6 } },
-    /* 5 */
-    { { 0x8d5116a3,0x967a901a,0xb2f5f47f,0x0b844394,0x60ebaf3b,0xe39ad452,
-        0x60ccfc0c,0x1e1be617,0xcc3f53f2,0xac07e3d2,0x1ed11bb6,0xdd838e0e,
-        0x1c15b0c2,0x45475307,0x920fe5b8,0x70dd4748,0xe471896d,0x1a20be2d,
-        0x59276c7c,0x3c3fad8a,0xc886ee07,0x026a1cc3,0x6e831ac4,0x9fdb6f37,
-        0xac501d65,0x26a35d1a,0x40da8574,0x0ae98905,0xabd734e5,0x65dde0a4,
-        0x15614750,0x29b7d4dc },
-      { 0xcbf4e20b,0x44b3c2cb,0x58cc44c5,0x1c3f548f,0x5b0cac1f,0x39809b54,
-        0x00f80621,0x0c0f02b5,0x066905e0,0xe612b890,0x8350188c,0x8f158ed7,
-        0x3f5576b2,0xc01dc458,0xa45492e0,0x29803272,0x0ff92443,0x77a5623a,
-        0x29d0dc41,0xd12a2b00,0x2780e87a,0xb4125459,0x0d53f272,0x1ebcf903,
-        0x24301e8d,0xbae6ea40,0xa37d0798,0x1e5f3f2f,0x22b4126c,0x9342c310,
-        0x5382497e,0x5d092802 } },
-    /* 6 */
-    { { 0xff2f780d,0x583a2b7e,0xd7d76b1d,0x34d26820,0x86f74aec,0xe3c32847,
-        0x10823feb,0x0fd42212,0xfb5e7bf4,0x227e417e,0xa568f8cd,0x510d49b6,
-        0x1781bbec,0x53bce7d6,0x2f3718b7,0x9cfe3f22,0xd9de6c1f,0x7f44e89f,
-        0x3fac9b55,0xf1cc553f,0xe6f300bc,0x9d2d0846,0x9f0ae6b1,0x976c82a2,
-        0x24b8bbe0,0xe63dbf5e,0x973a5aa7,0x4cac7f45,0x84dd33c7,0xc6eb6237,
-        0x142fee5d,0x0a26e434 },
-      { 0xacaa9a08,0x8081339f,0x5246ece1,0x40f31105,0x61393747,0x892c8170,
-        0x242f02e1,0x8d8d4103,0x3b5de98a,0x482bfd20,0x5abbe952,0x89ef946b,
-        0x37698249,0xb8d218b9,0x66617c7a,0xd5268e89,0x8b7d2b91,0x962e7551,
-        0xfe8d67c3,0x2c5c7973,0x2b017c51,0x42e3150a,0xc1a29469,0x6f4e5ebc,
-        0x531c7083,0xa39910ce,0xb77b9e50,0xaf4f6eb4,0xda120ad0,0x68cbb175,
-        0xb92636ec,0x19497c61 } },
-    /* 7 */
-    { { 0x417659a8,0x6920b0c6,0x92cb28ff,0xc77ab9c7,0xb687797f,0x55b67180,
-        0xe7759363,0x4caf58c1,0x5561b186,0x5155bdb6,0x780f4946,0x2e64e355,
-        0x229a8b20,0xeb0ac9b7,0x2571bd60,0x88594d78,0xe3fa78f9,0x5dcc0939,
-        0x2ac2d379,0x7b8b4830,0xb90f1444,0x505fbf60,0x3ce4b3c1,0xac610e81,
-        0xd59b5c18,0x39a4f27a,0x7cea0222,0x5fa33973,0x8dff1c7b,0xe578730b,
-        0x517bf7a6,0x96b91b8b },
-      { 0x9aac087c,0xc1a991f4,0x6cfdb28d,0xce62f74e,0x5f7600d6,0x08d6ff9a,
-        0xf917f9c9,0xd781cd04,0x3de52dbf,0x7796f5f6,0x2ed72180,0xe7db64e0,
-        0x6fa4137d,0x0f0876f6,0x3ca1f716,0x3271ee64,0x7c4ab8a3,0xcb9b2058,
-        0x39481047,0xcba17107,0x598c5c37,0xdf9a190d,0x6f20e125,0x0cb6e72a,
-        0xf4f2902d,0xa3142204,0x7ce2dcfb,0x42d28cb9,0xa3d3c351,0xdf261b8a,
-        0xcffc249d,0x73f3d315 } },
-    /* 8 */
-    { { 0xe6fd3673,0x5d86855b,0x9d214b7b,0x309b70af,0xdcc46cd3,0x8d332f90,
-        0x595510de,0xe553c015,0x38c1251c,0x5746a096,0x85cc1bc9,0xcd7cea5b,
-        0x002eba8f,0x4ffa1468,0x22fcd77c,0x10a3cb70,0xc4ea05e3,0xb6999dfb,
-        0x4efa756e,0x3375a0d0,0xdced5fd8,0x4d90279e,0x251fd56e,0x48192403,
-        0x82a4c5f1,0xe87633a4,0x1b34105b,0x3170d130,0x7247e578,0x93998b0f,
-        0x436ba1fa,0x88934f64 },
-      { 0x4713eabc,0xf09f43b0,0xaccdc517,0x4ca7dd91,0xef13ca7c,0x27daa63b,
-        0x2588184b,0x8b2e5a7a,0xd95dc269,0x0a8cb612,0xe1f2f14c,0x346975a2,
-        0xe172935c,0x1f29b8ed,0xd40bc1e3,0xc3cbfd6e,0x132623da,0xd3f46b3f,
-        0xfb0b7681,0xc115be6d,0x56da4344,0x5e31c345,0xa8e43d98,0xa7c63f18,
-        0x4bddb4ea,0x55cb2083,0x4a54f58c,0xb16a0c38,0x46fd69d9,0x74eacca2,
-        0x153548e1,0x0d1898bb } },
-    /* 9 */
-    { { 0xe35ef043,0x4ea73461,0x3496b564,0x107b67d9,0xd0f83a3c,0xd62c173b,
-        0x51d29c35,0xfad4b038,0x71b1c1a4,0x3f42882a,0x54b43b9e,0x5d2bcf66,
-        0x2abdf543,0xc77b15aa,0xdabe3dc1,0x5cb38a80,0xa481673b,0x15fda0ae,
-        0xe7b90ebe,0x86996b4d,0x2bc8f3d8,0x84f87e25,0x37c4e424,0xaded03d6,
-        0xd7a7afd8,0xe5ede666,0xa1ccb93a,0x80dd95a2,0x46fba391,0xa55cfd25,
-        0x46f82e60,0x2bdab1dc },
-      { 0xfa6fed61,0x7a4de22b,0xcc8dd94e,0xca458aa5,0x071222f5,0x3e372df1,
-        0xe5aff377,0x06a4b44f,0x4a738e6d,0xbc2d0ba7,0x5f31f136,0x1a470e1d,
-        0xe102a911,0x77ff933a,0x310c7885,0x8b380a50,0x783fc5ac,0x9f3c0228,
-        0x44725d06,0xec668925,0x5ac84221,0x878f0e16,0xcfda6e8a,0x9a3af1af,
-        0x78cd2aba,0x0183ed37,0x826d0eae,0x32cdbd60,0xcbee6415,0xb3234661,
-        0xb9c10120,0x353eb892 } },
-    /* 10 */
-    { { 0x10b5521e,0xc8fdcad6,0x52e702f0,0x1a11b440,0x8ffda49c,0x6302680d,
-        0xcbf36bad,0xcdb9654a,0x4c10a2d7,0x7b58ce11,0xe630e7e0,0x1e5d1f7d,
-        0x6760a813,0x8cbe3d7d,0x6480d77f,0xeb35866b,0x7f036219,0x58728cf3,
-        0x42a8a757,0xdd5865ed,0x906a2870,0x283f1f1d,0xa51f906b,0x79e23fa4,
-        0x543b20a8,0xf2ac6e83,0xb81e7754,0x4f0b6379,0x840016ee,0x57fbc0d4,
-        0xe621b67d,0x8da20771 },
-      { 0xecce65ec,0x3c855004,0xb748185e,0x76d10d1f,0x78797ad2,0x64be7bca,
-        0x77e54aad,0x43444db0,0xbe0df0ff,0x17b6b0c9,0x055086a4,0x8fc4256c,
-        0xfd74d5a3,0xf952c43b,0x01c4edb8,0x501e005a,0x4a57e328,0xd5172dfc,
-        0x535d6ee3,0xdb40ce4e,0x0c650918,0xbaef1e5c,0x857561fc,0xe85145e7,
-        0x34a224c6,0xe468536a,0x0ec0e0a2,0x69a8e227,0x242b03fc,0xb3f52247,
-        0xc3bebd5f,0x862f55e2 } },
-    /* 11 */
-    { { 0x226049fe,0x2d6a390f,0xdcbbc9fb,0xcc92a578,0x97634fb7,0xa52feca4,
-        0x3dea5893,0x2b340cb6,0x2a49e916,0xa39f338a,0x949e41f3,0x26b2df3d,
-        0x065a7e40,0xc71c7cdb,0x468281a2,0x4a9b84a0,0x731eeeca,0x63eeb503,
-        0x76cbb725,0xe6d09134,0xb94a678c,0x0cf979a9,0x808fd9f1,0xb44d8c3b,
-        0xe0afc5b9,0xe60da613,0x3ea5be69,0x52dce7de,0xdc1ee74f,0x3a5d6864,
-        0x3bc80790,0x71ab2891 },
-      { 0x3b5b60ad,0xcf618fc4,0x4a0c3184,0x0afb5e30,0xbc403302,0xd22381cc,
-        0xdb1c0c66,0x33cf8953,0xa6112a8d,0x9c994e4d,0xd1967a86,0xd7aae2c3,
-        0x5b7acd29,0xc28d5493,0x6c9a57fb,0x8075bd13,0x9c8427f9,0xc9c0373e,
-        0x193225f5,0x2cbca18d,0x442c018c,0x73777d13,0xfbb3a727,0xebe5ed47,
-        0x1962dc18,0x70437d49,0x2dc08806,0xf39c1e09,0x15fff35c,0x03e9c6f7,
-        0x5e360a65,0x8d087bb6 } },
-    /* 12 */
-    { { 0x3fdc1844,0xbe212302,0x105eac56,0x6eca27ef,0xf168a348,0x2183a606,
-        0xe1d7a4cb,0x295f807d,0x7ef5d43e,0x7246a632,0xc77025c7,0xae143205,
-        0xf3484e3e,0x4bdfc7ca,0xdf52c075,0xec939895,0xd7a9cac0,0x82e655f6,
-        0x8baeddb0,0x985dfe20,0x527de731,0x79c817e4,0x313de1ea,0x30ce0fbc,
-        0xcc4f6cbb,0x9df95b89,0xf5bb20cd,0xf2aedf1e,0x1a8cfb01,0xfc1e0a89,
-        0x63edb7ec,0x225ed34a },
-      { 0xbabb1a85,0x3e13154d,0x1e6a565a,0xd3d8dae7,0xab4b100f,0xd3217d56,
-        0xebc78e1a,0xd44d934e,0x48e73d37,0x0215321b,0x201e43cb,0xbbc90bfa,
-        0x27500905,0x3c23f1d0,0xc86691a1,0x2a2e5000,0x6065841c,0x08b2bad2,
-        0x30026b60,0x15d41caf,0x5276ce61,0x1712c2f4,0x15932ffb,0x01c4c3e7,
-        0x6a74caf2,0x7894e13d,0x0c0537a4,0x02d6f5df,0xc2b1c97e,0xa8fb7602,
-        0xd0887c7b,0x612b60e5 } },
-    /* 13 */
-    { { 0xba245d6b,0xefd495cf,0xa2ce3ff6,0x5cf0cbb7,0xdff5feee,0x24da2ac0,
-        0xcf28c6a3,0x90c914f8,0x4308a56b,0x72fdb50d,0x13d72034,0x03dbf779,
-        0x822ac9e9,0xcfa5ec91,0x3aea3e81,0x0dde73c8,0x66289139,0x545ba962,
-        0xca6acbd3,0xa52f648b,0x98a0683a,0xff6f276e,0xa378ed52,0x2536d3ac,
-        0x885ac1d9,0x353c2c54,0x00bc84a7,0xcaff52da,0x37684167,0x3971f81c,
-        0xd2d7986e,0x0f7334e1 },
-      { 0x6596067e,0xafbb5c83,0x38c19806,0x33e54e19,0x39cb0dcc,0x8285d967,
-        0x424035f9,0x2b53f43d,0xdfef9095,0x38c531f8,0xdb0f571a,0x90fbe8e4,
-        0xa39ca787,0x9a0c1ed2,0x606f2620,0x2fecc1d6,0x72b7cb4a,0x9dc890b1,
-        0xccbb7868,0xc33ca6fb,0xfe73ee49,0xd1b11082,0xfcb66c48,0x590b7d17,
-        0x86e14573,0x9356b0a6,0x053ead85,0x75d682c4,0xc54d30fb,0xb2ae55fa,
-        0xf8aee949,0x67636a72 } },
-    /* 14 */
-    { { 0xb91d6bea,0x638063bc,0x923ecb96,0xae263a2e,0xc627aca6,0x9d7b0992,
-        0x77af9e7e,0xc6ed001a,0x24aafebb,0x9214accf,0x78055a90,0xa3564b96,
-        0xe027499d,0x00999b1c,0xe46a06a5,0xe413a4e1,0x2e51efe7,0xa05d13f6,
-        0x9ba843be,0x35e87d34,0x3183159e,0x0a633825,0x54601923,0x6023e8ba,
-        0xb7fd1cf2,0x9b107721,0xfdf2fd53,0x46b5542b,0x1c18af38,0xb314f4f8,
-        0x60ac8965,0x086f9876 },
-      { 0x8cbb9850,0x76701954,0xa20d2c8c,0x6210b730,0x5335670c,0x4084d057,
-        0x0324baea,0x3ecdc595,0xc76ee9b4,0x607fc5f2,0x440ffa64,0xf393d00f,
-        0x2dc1463c,0xe0111796,0x9c7725e7,0xf00b8251,0x5bd1d186,0x35e60736,
-        0x2cf72aac,0xf3d8554c,0xefa3497d,0xb4dd0fde,0xf646ad11,0xd712268c,
-        0x9f7b8ead,0x07c20afb,0xfc06dfe5,0x630969d4,0x7245549a,0x76b7df1c,
-        0xe61ae810,0x681f9403 } },
-    /* 15 */
-    { { 0xc9a0623b,0x7cad5163,0x67fab8d4,0xdbf82957,0x81af7c7c,0x2ccab0ec,
-        0xe966d5c2,0x469e38c8,0xf0d4e41c,0x34430d52,0xa52b359c,0x426075a2,
-        0x33bd0127,0x242dd3e3,0x9fed2341,0xcda3f635,0xd7d52ffa,0x4df33730,
-        0x7640c3ef,0x5fff56f0,0x1bbde57c,0x4783c21c,0xeb8bb336,0xd8784a2a,
-        0xead08405,0x1ec7c533,0xf9b62bd4,0x4b7f1423,0x7075d4af,0x5543145c,
-        0xba60590a,0x0c9de94a },
-      { 0x95d5682b,0x8ed72735,0x2ec276ed,0x711c4283,0x8b36a0d2,0xd1f4aed5,
-        0x8498a88f,0x62ab40c4,0x4480f451,0x58c8fc62,0xb79cffe2,0x8bc8ca4b,
-        0x701a359d,0x90ab583c,0x3fd5d15d,0xaee31a73,0xc912333c,0x02a5597b,
-        0xb6c3e3c2,0x1019cae4,0x29938088,0xe513042c,0xf47c8199,0x0e00283d,
-        0xf2a00e92,0x90d68e58,0xa775ae3b,0x69e2df41,0x871c30b2,0xb8d2eca5,
-        0xbb1de396,0x733dca0e } },
-    /* 16 */
-    { { 0x4b59213a,0xf5b495d0,0x8d70200e,0xca672039,0x2b6771c1,0x4bcb09a6,
-        0x2b9eb0cb,0x26adeed4,0x8cdba212,0xeb544754,0xf08890d1,0x0e1abfcd,
-        0x698e46b4,0x52509963,0x82e9c138,0xe1bff0b0,0x51099a71,0xa189e4cd,
-        0xc9b91cc7,0x2360c9bc,0x137ec4be,0x9bd4d7dc,0xd1519f6e,0xd0356521,
-        0xcf832503,0xbf5f6d78,0x8deea2b4,0xe4301031,0xef4c319c,0xc3132494,
-        0x0f1fa7d7,0x2ab3bd47 },
-      { 0x922c9fbb,0x5753b680,0x0f16c6d1,0x869e7dc8,0xbac16efc,0x83445135,
-        0x846d1d9b,0x4326a3b4,0xb2d62c21,0xb517fee3,0x0b292ad5,0x6905afa2,
-        0x2cadac13,0x2a57131a,0xebdbca8d,0xcd904d8f,0x3f365fb2,0xdfeda86f,
-        0xdc7eaa1c,0x7097b208,0xa45e77c0,0x89a35a84,0xcf5d118e,0x417a062c,
-        0x1f6e99e8,0x3c0c04a8,0xba7a087d,0xc44704b0,0x3ea22ad2,0x6f8a27d1,
-        0x4c27d229,0x93a4b416 } },
-    /* 17 */
-    { { 0x1f1efb7a,0xd4271bc1,0x33fccc0d,0xae4e68e6,0xb11f50a8,0x9d9bc8f1,
-        0xaf076089,0x5430398f,0x443d0e03,0x45e242fb,0xf6e3d4c1,0x73ec2519,
-        0xba9bad09,0xab70f790,0xf9add10f,0xde612ad5,0x14e942b4,0xb837e54e,
-        0xddb8b68a,0x175a56d3,0x1ac2a408,0xe85b233c,0xf0c80f94,0xf8ff6c30,
-        0x898db4f9,0x4b7f3fb7,0x45a7dcdd,0xa2c6044f,0xfe3d3895,0xf3abb2f6,
-        0x32ee7763,0x342ce0d7 },
-      { 0xcf491b1f,0xeb261394,0x1909e395,0xdcaaeed7,0x9fe4dbea,0xdcc4055a,
-        0x493d604d,0x17a6611d,0x1ce5ebef,0xba445a3a,0xe3989cb5,0xe82e2858,
-        0x83f58406,0xb96f4282,0xa156cf55,0x99877b99,0x4e166a0e,0xaf906a66,
-        0xb2976d13,0xcea1d353,0x36c61a01,0xefc16f27,0xb0f55d86,0xdb04c433,
-        0x8eb34c01,0x3cb4b269,0x2ae60280,0x38d07f78,0x43be3ec5,0x43ac3bcb,
-        0xe156fd20,0x455f4af3 } },
-    /* 18 */
-    { { 0x754ec21c,0xc057f262,0xe3a1ba38,0x3eacd4c9,0x116c1fe9,0x3a0210d1,
-        0xeacc8ab6,0xe4ea4e94,0xea6f32ca,0x31c00c9a,0x86b975ce,0x5cb6239d,
-        0xa14ea1e9,0x654d5d8c,0x5067fc8b,0x230d31f4,0x6355fecb,0x48bb90cb,
-        0xdc172e8e,0x78f81ece,0xcb006737,0x288380a8,0xe162d012,0x19b02e01,
-        0xc5af145c,0x0e087a06,0xb72dc354,0xf04dc8b7,0x8de3c066,0xf70ef214,
-        0x13009fb7,0x4f148243 },
-      { 0x6e2055e2,0x5e004fce,0x86c32067,0x89e247ea,0x5f9daaa2,0x4ebcbd95,
-        0xceb7f63b,0xd15f212f,0x863784a0,0x5ecc5c1f,0x75760251,0x53b3800b,
-        0x8a6a2954,0xeb9301c3,0xa13cdd19,0x0f16ba18,0x887c2d24,0x8313d251,
-        0x9a9413f6,0xf9923585,0xfe3fd7c5,0x423405e6,0x16e0ee05,0x678aeb34,
-        0x3fadaab0,0x1f3be7bb,0x82884471,0x7901fa2c,0x4d662ff6,0xc950db30,
-        0x3c01170b,0x74d5d2d4 } },
-    /* 19 */
-    { { 0x2b5bfe11,0xa3002dc0,0x52d321e7,0x0733410d,0x9679ba89,0x15920f65,
-        0x685b236e,0x0e248c14,0x346f6040,0x8cfab594,0x40c717f0,0x9f57afb7,
-        0x66044576,0x0dbab28c,0x9cdc3247,0x0fa09968,0xc230ed05,0x41e02ae2,
-        0xe45bef74,0x0d961554,0xce4d7b6f,0x9688a982,0x5e62d22e,0xfadefac7,
-        0xbd2cba28,0xaf1512a6,0xbe7c749f,0x78868e62,0xae9f5a6b,0x88048d81,
-        0xc5857a29,0x6b1a5442 },
-      { 0x43242066,0x9f5ab9ad,0x2ccca2ae,0x0afef1b5,0x988edc4e,0xb1b43ec7,
-        0x0341b0d5,0x0d0c00f1,0xb50aab37,0x4d68b8f7,0xf3a64a99,0x9a8e4e6f,
-        0x7f1a684e,0x198338fb,0x351a0f5c,0x8bc0e748,0xdac44515,0x2cacf2cd,
-        0x5e9ff76b,0xc14d3999,0x16393055,0x54a01b3f,0x888d8376,0x6ac3eea5,
-        0x723277b1,0xb84d9a9a,0xe11dbbbf,0x99132691,0xabb67178,0x597717ae,
-        0x8bb14ac8,0x4c213526 } },
-    /* 20 */
-    { { 0x95532833,0x2e6fe0a6,0xd626d067,0xabca228e,0x649e73bd,0x22aef3d9,
-        0xf03c4c0c,0x2083a87a,0x35169b45,0xe954e75d,0x74506a89,0x577509ee,
-        0x2aeacf90,0x49cb276e,0xfa409f91,0x08275d77,0xf0bbd6b9,0x61eb6f3d,
-        0xe4132704,0x948202cb,0xb1c498b1,0x35f3fc21,0x361fee59,0x76c68ba8,
-        0x50e051f3,0xa18cbbd9,0x318e7042,0x2384a879,0x80dd1e8b,0x292abead,
-        0x5c37c334,0x65713c29 },
-      { 0xceb77b9a,0xdccca8e9,0x23b69469,0x2f97e727,0xa01d6b28,0xc76abee6,
-        0x5abecdfe,0x3925203d,0x29290d70,0x89448082,0xb0314438,0xf9931424,
-        0x7cd447c3,0x04209df1,0xc855c827,0x7c6f2059,0x56c0e069,0xd97d7862,
-        0x412d94c4,0x5a9db6fe,0x994c41dd,0x19a64591,0xc89e21a3,0x12348aa1,
-        0xc6a03f0e,0xd6904b50,0xa616feac,0x55c15156,0x7cc7693b,0x4e36d1b5,
-        0x3bae3c38,0x6b0e996c } },
-    /* 21 */
-    { { 0xcceced00,0x32789fab,0xe5b7aa66,0x3237e71a,0x2ddebcdf,0x87b2e269,
-        0xb61dad8f,0xb7245120,0xd35f803c,0xe11e5e48,0x98e50f0d,0xfb4df5d7,
-        0xbcd2ab92,0x60ee68b4,0x1ce3363d,0x98ab2f5c,0x7cd42647,0x15ba39da,
-        0x83f4fb3f,0x1a6572eb,0xe56f08db,0x0f77de88,0x172562c2,0x1743761e,
-        0x8a58f0f4,0xbe349ff8,0x84d1d6e2,0xe04da71b,0x9e9ff3b4,0x368f0342,
-        0x678223f8,0x4022a205 },
-      { 0x83847375,0x527bbd05,0x3f451af0,0x3ae56b62,0x4b2c7f18,0x6198f24d,
-        0x4525b98d,0xee323f5b,0x0e0884b5,0xa9d8d39a,0xfb12c776,0xd005d7f6,
-        0x708bc154,0xd71c483e,0x742541bc,0x8ca6fd28,0xf8397ddb,0x0af3dccd,
-        0x3eccf243,0xb80d3125,0x58d81b8d,0xc743a108,0x71391f68,0x3f48eb21,
-        0x33bb657f,0x493aff88,0x07e47e31,0x1d15ed66,0xe08279f6,0x10159b11,
-        0x24a6a956,0x312179cb } },
-    /* 22 */
-    { { 0x07615ac2,0xa94cc3ca,0x121ad581,0x85865e64,0xa7986b79,0xae47616f,
-        0x9d5e0f1d,0x395a40eb,0x3d9457ea,0xa9143264,0xfa2865d9,0x8de6d6a3,
-        0x1014ae8c,0x0771db96,0x976a87cb,0x77a7cce6,0x143a0f60,0xa7de42e1,
-        0xd993d934,0xe203cc09,0x98ec4c3d,0x92018693,0x3a25df4b,0xd77546d8,
-        0x62b02d6b,0x0ad9eb47,0xd05a7189,0xfaaaf208,0x431221bb,0x5238181f,
-        0x733511ea,0x417d6c78 },
-      { 0x0e91e9a8,0x3cbd81b7,0xc370d6b3,0x73340418,0x8eaa2373,0x825db10a,
-        0x6c7d6756,0x8f2b09e4,0x94c33ded,0xe288ee9b,0x1695e3fb,0xcd8426bb,
-        0xdce9e888,0xa6176c86,0x6165e362,0x3f4c8922,0x6063fb09,0x514e411f,
-        0xc8f9e04c,0x6907ac20,0xdfd2ad61,0xcef7469c,0x8452199a,0xba30bae4,
-        0x12ac3462,0x30681293,0xc92d482d,0x011be873,0xe8330995,0xff4cbf89,
-        0xd1470a0a,0x02189d52 } },
-    /* 23 */
-    { { 0x92599c69,0x73e419dd,0x7fec32ca,0x5b94221b,0x09bbfbfd,0xb2bf9bd2,
-        0x63ed895b,0x61ea97a4,0x3f486f79,0x6609146b,0xfd141a39,0xbd1c7a05,
-        0x83d64135,0xc79ec8cf,0x9883507b,0x7f8fd42f,0x17b3d027,0xafcb53b7,
-        0x67ca5a21,0x86658dcd,0xcd149786,0xa6a6c0ac,0x34b95067,0x16f3d70e,
-        0xdf44958c,0x371208e3,0xec280212,0xd2dd64e6,0x30782c71,0x33b2c4ab,
-        0x521176fa,0x7bbf8abd },
-      { 0xa78b981a,0xbe9e4aaf,0x304ec828,0x788b4e36,0x3959dea3,0x0c45cf39,
-        0x240b39c7,0x70a9bdd3,0x28383b7d,0x499cd7dd,0x307a1026,0x30690b2e,
-        0xee92f1b3,0x2262d598,0xb4725a48,0xc62d77de,0x7bc3aa0e,0xa16f25bc,
-        0xd15ef7fa,0x62dd8b65,0x0b96d68f,0xd979221d,0xa00f1906,0xb92885c3,
-        0xeb74c740,0xfa476b9b,0xc7576222,0x217ddbb5,0x5788504f,0xc2782c30,
-        0xf812716b,0x860d096c } },
-    /* 24 */
-    { { 0x4d79bbf9,0xfebc337d,0x69f74f80,0x5d53eab8,0x33104d53,0xff36a095,
-        0x196f8b97,0x2ab820da,0x75ce6909,0x961d3d1f,0x04683754,0xb197ec04,
-        0x93a6cb9b,0xa68ce1bf,0xc5f021a3,0x503456ff,0x8940ffdb,0xb50a2db1,
-        0xef004209,0x77c50f8f,0x04965875,0xd635d177,0x8bb8770a,0x725766d9,
-        0xa078e53e,0x8e19b028,0xf9fc8378,0x364d4cca,0xf0dd39a0,0x1a3df411,
-        0x03adf920,0x7e80e442 },
-      { 0x539a1ddf,0x4b5f8a57,0xee486562,0xd248e7ae,0x816021e1,0x1c7b491d,
-        0xfd36d2c4,0x2e7b871b,0x0aec00d9,0xda38b504,0x6193f1b3,0xf2827612,
-        0xfb1f78d6,0x69c3fe86,0xe827ac33,0x56c8b786,0x3487c8f7,0x1687f6c7,
-        0x19dee5bc,0xab8f2217,0xff399418,0x04e8473f,0xa9027c80,0xf384c014,
-        0xaa1d2e28,0x9967be9a,0xe065eef1,0x869686d3,0xc7bd837c,0x737c6b08,
-        0x9e8bd863,0x5dcab5d1 } },
-    /* 25 */
-    { { 0x9a7d772b,0x0784283a,0xe540959b,0x6b49e525,0x86414ab5,0x546bb008,
-        0x9d74b2a9,0xd4448162,0x203b0b1b,0x267890ad,0xc8d3f86b,0x1e7a82bc,
-        0xd85a83c7,0x1352bfb5,0xfad07ccf,0xf29f16e3,0x41e0c43f,0xc02a63b8,
-        0x6b379fef,0x904f22c5,0xb1244f26,0x19d8a653,0x3a28bdea,0x6635b6df,
-        0xf6d455ce,0x18b68851,0x9cff3735,0x74ac2818,0x8b2cbdab,0xad40f9df,
-        0xadc9d498,0x08cc2d9e },
-      { 0xc170c84b,0x2e6a6866,0x5a49a484,0xbb989e8b,0xd04c8992,0x7b0e00e0,
-        0x61b3a423,0x55ad3478,0xb0d01899,0x3c952450,0xe3100cb3,0xe3922155,
-        0xf03276d0,0x19265b6e,0x76d42b53,0x0fe8595a,0xfc6353b6,0x0a96dee0,
-        0x246f893e,0x761e0dc8,0xf0a74cba,0x4ec902be,0x3fdfad9b,0x61008684,
-        0x4fdb6975,0x5d6a60e4,0x7ef7590a,0x3f53aac8,0x12870a37,0xd29e6be0,
-        0x55aa55b0,0x991fadc1 } },
-    /* 26 */
-    { { 0xb4844ffe,0x82bc4b0f,0x60f8b871,0x73922714,0x4ce3f1f3,0x8ac000e2,
-        0x163519ec,0xf0d548b4,0x88288b5f,0x7aaf842b,0x2bdc9a70,0x9e8b0c4c,
-        0x4ba5fd67,0xa06d5152,0xf93cdec3,0xd0b1afa0,0xdf89f8f0,0x280955ba,
-        0xeea32c92,0x86cbe92d,0x3fe05be4,0x0cae3f99,0xfa6919aa,0xf2607095,
-        0x6e0f1b8b,0x0f54741e,0x30ecf988,0x2aed1f74,0x734991d7,0x9296f76b,
-        0x259f0fe9,0x66cf8d28 },
-      { 0x226f5868,0x9b01905b,0x16909e9e,0xc102e88c,0x4a37eb54,0x2bd08916,
-        0xc9816323,0xf72253e8,0x86bac53c,0x37f84e9d,0xafeaaaf7,0x2e352454,
-        0x2ca0046e,0x67c86f77,0x6663372e,0x86bce50e,0xb6950a04,0xf6a3a960,
-        0xfc1aba93,0x61f994d7,0xc1326e6e,0x1957c12b,0x2e56b005,0x9b658fe4,
-        0x8592740c,0x9cd297fc,0x177f26a5,0x7654ce9b,0xa79d2ebb,0xaaa699db,
-        0x0ecb6448,0x5fca0c5a } },
-    /* 27 */
-    { { 0x569a6663,0xe26e25f3,0xe6aa4ca7,0x09597ee7,0x8d18b80c,0x25a4cda6,
-        0x22926730,0x450602b5,0x07387209,0x9af5f650,0x26733a53,0xfeeedb34,
-        0x86572951,0x0f5ce768,0x8398ae9a,0x872a360b,0x2b30f6c3,0x60347a80,
-        0x1a162158,0xd2113b23,0xee6c6dec,0x6fd9cf92,0x5cbcf9e6,0x85f0a5a8,
-        0x2ba3fe84,0xd7a5a6e4,0x51ecd727,0xaafe6720,0xa2081a10,0xe09c6bb2,
-        0xb973b0b4,0x657acbf0 },
-      { 0xc274c8d4,0x3130466f,0x30a994d1,0x42765176,0x7079435f,0x217258ca,
-        0xeb897a06,0x44850406,0x561ee130,0xf38dfeee,0xaa1778bb,0x11f4facf,
-        0xb9abb9e9,0x765c6617,0xd8f10932,0xb135499b,0xa73b9159,0xc0eb6337,
-        0x6f7e8b6a,0xf2c1ccf1,0x187def53,0x5b32c03a,0x830b9c62,0x89ad1d49,
-        0x2f10e538,0x1735eae3,0x9d5f55bc,0xb1cbd9c2,0xe539db0d,0x42428c47,
-        0xc852b3bb,0x3d2da412 } },
-    /* 28 */
-    { { 0x871f2865,0x97702b6e,0x142920d6,0x56cb639f,0x45b58611,0x328522a0,
-        0xf3b13812,0xf3943ad1,0x712206e8,0xe6c2200a,0xa34d59ea,0xc2890e5a,
-        0xf6b7f759,0xab52fd40,0x180bf567,0xf522c8de,0xaccee396,0x181e97b2,
-        0xc4ea5cbb,0xe0375819,0xab51d3ef,0x0d9985e8,0xbcb50fd8,0xe26c96ca,
-        0x97e1c80d,0xfb9d6b13,0xf796357d,0x582b1814,0x07f4c7fb,0x89a78221,
-        0xc0357e61,0x02aeef2d },
-      { 0x2c7ec9be,0x2ba7926f,0x7258b201,0x292f307e,0xc6fa6b4a,0x74e62a10,
-        0xe2bcc5ab,0x80c08549,0x7bb8c073,0xb4160db8,0x329f194d,0xd5ef0529,
-        0x6dda4a9c,0x0eb8da14,0x15ea23d1,0x0b5d43d2,0xfc34bfae,0x6cebef02,
-        0x848757a7,0xacd364d0,0x2d34cca3,0xc1401368,0x1d2d95e2,0x09ca6742,
-        0x786eaa28,0xc3fd1d6e,0xa2965fec,0x9eb1136d,0xc0779203,0x48871baa,
-        0x4b15aeb0,0x6b446c01 } },
-    /* 29 */
-    { { 0x25e8fe80,0xc819eb2e,0x98238a17,0x2b5f7906,0x81e41849,0xd6f1e996,
-        0x98ea6d45,0x58ad8ad6,0xbfd02e40,0x5bae5ad4,0xa812416d,0x016dc327,
-        0xa3347ca1,0x8b31a985,0x82a65391,0x0b4da610,0xb48c35fb,0x1cb91b2d,
-        0xd2aaf8c4,0x9e96817c,0xcdfdcdc0,0x1a630483,0x12b69254,0x70559361,
-        0xf8a2a097,0x5fdcd712,0x35cc5281,0x59ab623a,0x932b6095,0x30c8ebe0,
-        0xb08e052f,0x8613424b },
-      { 0xb2231d8a,0x28902063,0xd9a61667,0xb0f62329,0x071a9f27,0xaafa0fe7,
-        0x603f047e,0x6bcd8960,0xfd92a1c3,0x118cca76,0x71d483b6,0x3414e62b,
-        0xba705262,0xa123ccdd,0xfd9b5c5a,0x1a576437,0x4c8d0fa3,0xa5301bc2,
-        0x102427cd,0x96f0ad44,0xd3aa6c02,0x0e6fb5e0,0x072a3996,0xcd8c4880,
-        0x840d3fad,0x4dafca12,0xde91d541,0x29f4ca3d,0x8441734d,0x0037c598,
-        0x9ccfe57c,0x86333a99 } },
-    /* 30 */
-    { { 0xecf53b40,0xd213a751,0x2f78a542,0xcff2c6f2,0xf13ae56d,0x0f59f0e2,
-        0x0e61748e,0x91f8ccbf,0xd72c4145,0x0aadecb9,0x4c9cdcb7,0x6b2ed852,
-        0x1eaffc70,0x8e00b72c,0xaa728102,0x89b24285,0xb679cafa,0xaa7ea7e0,
-        0x4f0a6f6f,0x5d2b8c26,0x0e804397,0x7ed7b173,0xc8573049,0x5a93eb45,
-        0x0986e93e,0xc92bf5d4,0x6a20c0af,0x526b5a9c,0xb99dc3af,0x0adf47c9,
-        0xba202cc9,0x12b25fe2 },
-      { 0x33eea395,0x09b8d78a,0xf633fc5c,0xc7a93618,0x270eceef,0x7e821629,
-        0xc628ed0c,0x524779b8,0xa1d68939,0x91db5ca1,0x586edc90,0x8626e18e,
-        0xfeb3f3bf,0xfe023e8b,0x0250171c,0x6279fde1,0x55e172de,0xe52ec7dc,
-        0xc6d4ca45,0x445e8695,0xbdbc10f1,0x42de3878,0x6fc3835e,0x2b114de8,
-        0x7e10b652,0x9faba456,0x390e78fe,0x4111d82a,0xaedf0aca,0x576b61c2,
-        0x74accb74,0x216279a9 } },
-    /* 31 */
-    { { 0x4047f747,0xc14cdabf,0xc1315a1e,0x03ca233d,0x40e5d0a7,0x59e7cbd3,
-        0xbb413869,0x1fd0c4e9,0x0f01fbd8,0x189d08b1,0xa76b823d,0x50449c42,
-        0x398b00a1,0x81c224a1,0x8e8179e4,0x08084e4f,0x698e41e9,0xfd8af994,
-        0x5610bf2e,0x1e30e37c,0xa7d2790f,0x4e6a043f,0xb3195388,0x9d96e60c,
-        0x03799dfd,0xe75f986d,0xf8ff902f,0x3b4a8f11,0x7588416e,0xfa945378,
-        0x9827535e,0x20683e3f },
-      { 0xd0378878,0xcb582e26,0xa7945787,0x9e214c23,0x8f6688b3,0x13d000bf,
-        0x40515270,0x7548d4f5,0x40111f5d,0x7113c15d,0xa8bff902,0x3bf5a526,
-        0x9b4945cc,0xbda6b010,0xbc2f3a05,0x83dcc74e,0x43efdfa1,0x2aef6284,
-        0x565c5bf4,0xd2e60ee9,0x592f243a,0x4f0fa10d,0x1bc3bf51,0x6ae58b32,
-        0x60576a74,0x813b0868,0x4d73081a,0x0bc023f8,0x32dcee59,0x9fd03aa0,
-        0x27d6c795,0x5e416bf5 } },
-    /* 32 */
-    { { 0x026cc23c,0x24313760,0xb5b29058,0xf819aaee,0xc5d2ee17,0xa92272f8,
-        0xee5cc402,0x8048e7cb,0x77def07d,0xdbc7d6ee,0xf6af821e,0x61d69244,
-        0x996cbb89,0x5f7966ed,0x96a155a4,0xf81b17ea,0x03f3ed56,0xb2d9ef70,
-        0xe882a5b2,0x5e6e5906,0xae947180,0x86fa1072,0x658c76f4,0x34d9fc51,
-        0xcb035aa0,0x9f603dc0,0x75be6481,0xb7b39feb,0xcf04a9ef,0xca87554a,
-        0x87b4fde3,0x4ff682ec },
-      { 0xd0a10ad5,0x3125627f,0x968e6f45,0x7fd45c72,0x806a1163,0x2981bd6b,
-        0xde5033e3,0xb92de1cd,0xbf4f8988,0x3b44b45e,0xdae7e1dc,0xca1b9896,
-        0x0778d878,0x52166e5a,0xa5116847,0x82d472be,0xf2895445,0xfbdd382a,
-        0x5d6ec4c9,0x22ed1602,0xb6552b02,0x3614eb1c,0xa1e6210f,0x63c5df73,
-        0x021a74a7,0xe9160285,0xc65cbd4d,0xa44ca400,0x0f15e299,0x48cb187e,
-        0x3402507c,0x51eb818e } },
-    /* 33 */
-    { { 0xb92100ab,0x1fc1d178,0x9605b839,0xdf2e3d60,0xb71e59d0,0x12a7c255,
-        0x14fcbe04,0x3f8b6675,0x59fd06af,0x0e8a3935,0x12020d07,0x56326502,
-        0x528e7be5,0x6696fcd1,0x0c7b7654,0x6588514b,0x5912a5b5,0x0cd80f8c,
-        0xf324cb7f,0x8bafef04,0xc6da3d75,0x6b53eecf,0x31d1df2f,0xedef48d8,
-        0x73812b6d,0xf336b965,0xee626031,0xc82eae4a,0xd244f09b,0x300abd32,
-        0x31d9647f,0x8b0af955 },
-      { 0x2e603544,0xb770180a,0x221acd9e,0x2b573ac3,0x62407032,0x3a17f665,
-        0xb89abc3d,0xad3e74ad,0xd793225a,0x8a3d2e3a,0xef02564b,0x457bba04,
-        0xfc2dd2b5,0x8875652f,0xe67143e8,0xd2905d15,0x02e48d70,0x6d884b42,
-        0xc7636a57,0x06f99219,0x35e378df,0xa8dc3421,0x10c64a02,0x95c1d73d,
-        0xcc157a66,0xcd6a4ece,0x8e24a354,0xbadcc1c8,0x9839329d,0x8024f1b2,
-        0x4da48ad0,0x5363e549 } },
-    /* 34 */
-    { { 0xe23fc641,0x1f5523b7,0x86667063,0xfe54e72f,0x8e009d2f,0x294a15f5,
-        0x8c57f5e1,0xf203997f,0xb16d64dc,0xa229724c,0x4baa2ffb,0x697be4fd,
-        0x0a6e8ed6,0x3f507e46,0x78508536,0x0afe3a5d,0x95408208,0xeeef6cdd,
-        0xf2c4237c,0x701fd889,0x5c385253,0x496d883a,0x72a212f1,0xe25c67ed,
-        0x1ff78fcd,0x4b416783,0xc16f4146,0xe9967004,0xc45b0697,0xfa45c3a1,
-        0x3fbd30c3,0x63334018 },
-      { 0xa2fbbbce,0x39c9a0cc,0xaa0cb744,0x876f6e5c,0x3438ece3,0x9ce6010e,
-        0x13802d82,0x0aad148e,0x9cd45a1b,0x9c3e5c60,0x7bcfc1e0,0x875cb859,
-        0xd8584dd0,0xb19ff790,0xd81c2a2b,0x2598b81e,0x02be07e3,0x118bdf2f,
-        0xb9765ce9,0x074fc8ee,0xb24f95ae,0x125e9d88,0x0c98f09d,0x3bb12cdc,
-        0xa0b74b27,0x4a6aee07,0xc08077ce,0x4723d2f9,0xbea8026f,0x959447d6,
-        0x16280b73,0x93a7075c } },
-    /* 35 */
-    { { 0x715b27f9,0x26bbefe2,0x2a280923,0xa935a5e2,0xfd58a26a,0x5ddf23af,
-        0x7c138694,0x54c83e16,0x892a2153,0x44799bc9,0x9b8d09f5,0x4e6e4710,
-        0xd588ea68,0xc63af616,0x883ab1b6,0x5e896706,0x3d209336,0x3c1393a0,
-        0x92c23dda,0xd02f2921,0xdcf6ea43,0xab70cb7a,0x791559e1,0x12434ea8,
-        0x6d70ff0b,0x040680db,0x2832ba45,0x1a10fe52,0xe5f0cb8f,0xd69f9c08,
-        0x44b141fd,0x1a7422ac },
-      { 0x9f40b675,0xc3a9dd2e,0xfcc71f39,0x2a7c6603,0x1948e342,0x18939a61,
-        0xed0ab484,0x8f3b6158,0xee31ca6b,0xa3aa7d97,0xf7a8db63,0xbc1e865e,
-        0x2c7c62e4,0x315f8c09,0x9f5c6d0f,0xa260788f,0x4b6f3ec5,0xb1833129,
-        0x36b4d849,0x73adbcd6,0xbc699a9b,0x66e14890,0x2a1175e7,0xbf3790d8,
-        0xfc53ca4f,0x7f43605a,0x87ff6091,0x577f6c47,0x600c82b6,0x827c7552,
-        0x9d25599c,0x0944d630 } },
-    /* 36 */
-    { { 0xe6ab9620,0xcfdeb63e,0x786cd808,0xdff4fa6d,0x456320b3,0x145edd82,
-        0xc4943915,0x2ae5f862,0xb73b3f87,0x9508e813,0xe52f97a9,0x3bd805f3,
-        0xc9829b62,0xf71b5c28,0x86e0cefc,0xb394c70e,0x23bdb36e,0x534fb1a9,
-        0xdbe27e5a,0xd64f5862,0x83ab6169,0xbae23df3,0x27c828cb,0xdd6df1b1,
-        0x3a307a8a,0x1901899f,0x811ddf66,0x36cc8659,0x79943b77,0xa3cb7774,
-        0x6fd86576,0x7d89f383 },
-      { 0xc9f92b2b,0xf8564242,0xc46e32bd,0x700c6a75,0x7f99a5c5,0x93e768b7,
-        0x03149568,0xb6efe858,0xc2ce6709,0xbbfe8a19,0xee6ec493,0x721a3b1b,
-        0xc371c28d,0x26eeeea9,0x15177e1d,0xd798115e,0xb068a5a5,0xd7bf3bce,
-        0x46d2b4b2,0xdf8da220,0x59be9dfc,0x3df0995b,0x77640b79,0xc96897bc,
-        0x5a2bd3c5,0xce0cf4c2,0x89afe744,0x16f45d6e,0x3a8509bb,0xb53f3acb,
-        0x63f2a6e6,0x449af81f } },
-    /* 37 */
-    { { 0xa16d9377,0xc2fcf132,0x7e1a2f9e,0x9ab377b3,0x86d19ae5,0x72e1a12e,
-        0xd013bbb1,0xd2b12e66,0xcb5f66ba,0x0972e055,0x399eab50,0xd11de1c0,
-        0xc65f5ec2,0xc1f314fd,0x8a9ff593,0xfc311841,0xe05246e6,0xdf73c1ec,
-        0x1625056d,0xc28d1363,0x6fb25e19,0x30a9dbd7,0x845cd2d7,0x049ed244,
-        0xd36e852d,0xc779b83f,0xf68c8a83,0x85a35fc7,0xc95e8033,0x299bf1e1,
-        0x20891af5,0x0e8617c3 },
-      { 0x67c81b5c,0x53720602,0xe737873c,0x2fa89dcd,0xa8144fd0,0x2a7430b0,
-        0x26208c83,0x3006c5a7,0xd8ea40f5,0x4e066660,0x896413a4,0x9dd025f9,
-        0x46b9149f,0xbdf380cc,0x0a125cc2,0x80156619,0x52793c37,0x04d6a3b7,
-        0x6b7a62f2,0xb6001374,0x585d5978,0xa9cfe268,0x8395fe66,0xdcad0cb8,
-        0x46b261f6,0xbab468fc,0x9d9d9218,0xca0ef5ef,0x5e452402,0xc507d4a8,
-        0x326cf687,0x6f4404f1 } },
-    /* 38 */
-    { { 0x4febd3ff,0xa3e1920b,0xfdfd2bba,0xca6234d8,0xe19a9829,0xb7d1af2a,
-        0xc6f5bc20,0x23de1610,0xdaa39ca9,0xe204dbf3,0x6d8c70ab,0x2a2de9b8,
-        0x7c9d370b,0x272e0c37,0xe565510e,0x80914c06,0x57cbb6b0,0xb611e7a8,
-        0xd8266a6e,0x076fc6ef,0x3095801c,0xdfac34ee,0xb9e24063,0x69ff40a2,
-        0x787aa5c5,0xa7ba31a9,0x33c70cd2,0x0e4d1fdf,0x6895f074,0x903e3132,
-        0x7fb671e2,0x905771f8 },
-      { 0xa4062bee,0x5199ba0d,0x94d7d9f9,0x18e7238c,0x1e0922c0,0xf53f29bc,
-        0xb12d855f,0xde9b2a81,0x6d68ca29,0x649f3eed,0xc50c097f,0x64adfc34,
-        0x9db398a0,0x81964ab9,0x7a587224,0x00d59c47,0x74c5903a,0x09fea396,
-        0x15043dd0,0x6aafd8ee,0x5f1ecc20,0xc5721a6e,0x0db9b7b4,0xb6d6a483,
-        0x66c8d52a,0x06ffc617,0xacc82a27,0x3de241d6,0x27f2f7a8,0x0605f052,
-        0x6404decc,0x6a22953b } },
-    /* 39 */
-    { { 0x74fce389,0x92452d8f,0x2afa5564,0x059634c0,0xf0ed7825,0x9377ccbb,
-        0x37718e0d,0x89f4045b,0x9fa69a4d,0x11074e7d,0x7295b0ba,0x5d70bb07,
-        0xf107ede6,0xb22d54ad,0xa1a29c7b,0x5c39a3d8,0xd795e3ab,0x37236c02,
-        0x2b589951,0xf7282d00,0x5790bee2,0x5e2265be,0xa8e65ea2,0x91e0ea11,
-        0x6001cebd,0x0e71a708,0x2c1c5402,0x16900f5a,0x357f6981,0xc3b2d5c0,
-        0x619e3427,0x528c9ea0 },
-      { 0x5f26c577,0x1edc86b4,0x9438bd45,0xf8074708,0x792582a7,0x2dfe1013,
-        0xde1e569f,0xe08eaca0,0x9a55a356,0x5f952efa,0xe4976216,0xa4d80b53,
-        0xcd5d71f2,0xd2b65855,0x66cea3f0,0x246704bf,0x492323ca,0x193f641f,
-        0x9adb1325,0xa681855c,0x2d19d652,0x86d522ce,0x5b82ed7b,0x53609f10,
-        0x8e150d29,0x3b0f0094,0x0b13e891,0x23ad8bfb,0xf794b449,0xcbb1556c,
-        0x738bcf57,0x200f9093 } },
-    /* 40 */
-    { { 0x8388387f,0xf9b22fc5,0x28e883c5,0xcf26f170,0xd1b7973c,0x447cab90,
-        0xf6ec9171,0x8d5d4ea2,0xc30cdbc0,0x2e16f498,0x48623c2b,0xdc92910c,
-        0x30dbc545,0xeb1491b0,0x14de21b0,0x631deb2e,0x2fe830f4,0x04a21066,
-        0x379c1f3f,0xa4c6979c,0xfb06a795,0x8a732b68,0x1619dfa9,0x3a44327a,
-        0x8dbe2c9b,0x91a307d3,0x03989fea,0x939bc8d2,0x0f4a331f,0x3daabaf2,
-        0xdd0f55dc,0x5c307e98 },
-      { 0x35b233da,0xbbc4e0c4,0x22f6f985,0xe3d29085,0xa8b02468,0x99dd2d21,
-        0xa96916e7,0x978f40e9,0x614bcced,0x0327d86c,0xb290762c,0x95e95502,
-        0xa879f2ed,0x0ffd2197,0x50e0bd33,0xc4365137,0x0827c4c4,0x26c3148a,
-        0x3fcfc0b2,0xc79812a8,0x31928589,0xc3d8d17e,0x8830f42d,0x8b572cfe,
-        0x4b07f83f,0x7cd9ff92,0x0a51148f,0x331ca950,0x4c59f9ac,0xd0c53968,
-        0xc1434785,0x1df16dfa } },
-    /* 41 */
-    { { 0x68bcacc3,0xcc7bb4ac,0x430f58cf,0x06ded34f,0xd461855a,0xc59f9f4f,
-        0x45c9f0bc,0xf5491994,0x4375c892,0xdc5f7ec6,0x3c85983a,0x1b8708f1,
-        0x82fcd087,0xb32a5cc4,0x2d6b4c0f,0xefdcdc35,0x8ac6fb2d,0x4bb24f04,
-        0x33906471,0x5982d4f5,0xb83a3ac4,0x162eb52f,0x2337a223,0x7130df28,
-        0xcbc3dbd3,0xdce7b802,0x2467ac0e,0x8b395959,0x1b56717e,0x21d3d2e8,
-        0x46512617,0x729a7f50 },
-      { 0x8420f90a,0x874ed1aa,0x0fe4c855,0x6368e19e,0xb0be74af,0xb62d4aaa,
-        0x8ca60ca9,0x76fcc480,0x7645a867,0xf310b5a5,0xddb1b24c,0x131bac9b,
-        0x2dea5b44,0xef77d71d,0x72fcc64e,0x4706d210,0x673d77f0,0x29b92691,
-        0xe89e0663,0x22e00bf3,0x74077d40,0x472d0cd3,0x829232e2,0x3e21040d,
-        0x38dc8533,0x2f916dfb,0x14b8f667,0x48bbb59b,0xd44be19d,0x19de9f4a,
-        0x232d9d5c,0x7f6d3649 } },
-    /* 42 */
-    { { 0x6e794819,0x3bd064de,0xf82ebda1,0x5a6b694e,0xb91e2804,0x1f017fe0,
-        0x07a43cd2,0x190d31f3,0x630433e9,0x6c26f226,0x0abfdcb4,0xba488aa7,
-        0xa46411c0,0x418d9085,0xbffb5880,0x1b934fe6,0xe200f849,0x75d1e237,
-        0xa55413db,0xdf04d63f,0xe23b3f77,0xe216ed75,0x0f91bd30,0xa05866cb,
-        0x7729c509,0x84c395d9,0x452ab2d7,0xec97e188,0x0093d686,0x8cb7c1f9,
-        0x628f086c,0x2d032395 },
-      { 0x4a44b4c5,0xa81c9407,0xcc702c98,0xb9846879,0xceb0dc97,0xcb502287,
-        0x6e3aa321,0x30301126,0xe4c256c2,0xc0ac8763,0xe55b4845,0x65034d20,
-        0xf240f35b,0xaa96a040,0x7cf7eedc,0x046d26d3,0x3b810656,0x62a5a8e1,
-        0x83d70c2b,0x86044b97,0x59e4da8f,0x2fbaff88,0x5457f5d1,0x929d901a,
-        0xb531b757,0xd29e1eb2,0x9e4e9739,0x214dabdc,0x4eaa9bd9,0x5bd724fc,
-        0x1ef9bb9b,0x734c12b3 } },
-    /* 43 */
-    { { 0x92f9b086,0x98fe3c2e,0xb3fd4544,0x4641b93e,0x5c02c65c,0x47ce208b,
-        0xc4f03242,0x8a52dca1,0x679d29f6,0xb5ec17d9,0x9406f5f4,0x11d2fed0,
-        0x0d9ba811,0x260f63dc,0x15472a3f,0xde2b056f,0x007290e6,0x1b170d9f,
-        0xb6b5c8f9,0xa2e23e8d,0xcf34c3ee,0x345a2839,0x1b973ee2,0x9bdc5461,
-        0xbb24d1c5,0x65bda6c2,0x3c6141a1,0x97d52ba3,0x9d2eb201,0x47bb1612,
-        0x21fbe49f,0x7c558a87 },
-      { 0x3f350fec,0xb9485a52,0x6a38d4c0,0x016678c5,0x0d5aa64d,0x8ef346a2,
-        0xd96da2e4,0xb85daa02,0x4f647b3c,0x845ec4ea,0x0d5e946c,0xc0d1a6ca,
-        0x4fa9f4ab,0x41d8d1c1,0x9c8b1303,0x43972cc5,0x434ffbfb,0x67e1f48d,
-        0x819d2318,0x350ce93a,0x6ddef23f,0x49f53090,0x200cf12c,0x3c2e6cf9,
-        0x640432fc,0x42691cc1,0x72496b52,0xbfff74b4,0x020a97be,0x44527c9f,
-        0x7b3c4348,0x34cd7dca } },
-    /* 44 */
-    { { 0x59e7fe87,0xf031761a,0x0047cd72,0xb1eae31a,0xfae30f62,0x27902e68,
-        0xb71db143,0xa666f48d,0x0e0038f4,0x75ee6678,0x02bdd76d,0x3b45ac67,
-        0xa0d6cd5c,0x0d2fb828,0x9d8c5b11,0x27ce7f1d,0x120b5e96,0x141fe0e4,
-        0xb9267c37,0x95a1b984,0xd60312cd,0x5206e589,0xda549356,0x1867342e,
-        0x070c74ac,0x374520b9,0x9557b0b3,0x2703cbb5,0xa6ed8c14,0xf621f59c,
-        0xabf7b887,0x7ceb1cc2 },
-      { 0xdb7fd65b,0x0647a5bb,0x36c9457c,0xd8d45cc0,0x9e12718a,0xc6da99db,
-        0xe93a7fb1,0xed1dbbf4,0xbd1566a1,0x4512c95c,0xdbc0c919,0x4861ba00,
-        0x9e7f5269,0x3c6cc298,0x0941aaae,0x67196150,0xc8c538e3,0xbfcf5d0f,
-        0xa25a551f,0xad6e9929,0x17ca0f26,0x90710985,0xfa89ef7e,0x743b78ea,
-        0x71ab4549,0x39d5ea31,0xe6d1c36d,0x7442f3f3,0x059d568d,0x25a683e0,
-        0x227ced5c,0x1f629a99 } },
-    /* 45 */
-    { { 0xe45a1c3e,0x8925ddac,0x41f7545f,0x72d29365,0x37e7f828,0x45622fcb,
-        0x3e4c79d2,0x88234513,0x9c2645d6,0x5dffaf84,0x994802b9,0x3078f4dd,
-        0x9d339fa0,0x566927f0,0x9fd91dcc,0x9a500a1e,0x0ab0abd7,0xce008180,
-        0x8194e5df,0xd97135a3,0x98adf088,0x9e876307,0x9a45a2a7,0x3baf01b8,
-        0x788b4399,0x6fed6154,0xe77a997d,0x980e5722,0x2a378eed,0xaac90ffa,
-        0x8bd805a2,0x4a75fda2 },
-      { 0x55e74cbc,0xd09a8fbb,0xfab18f25,0x737738ce,0x9764ec3a,0x0fc23ad6,
-        0xe7e0ad31,0xc5a7d35b,0xe481cc9b,0xe75e068e,0x3d4aec34,0xf0c2ea99,
-        0x0d4a63c4,0xf1324fe8,0x99b0592c,0x5dbb7c16,0xa7e0f46b,0x442d674d,
-        0xa300faea,0x5a5d66c7,0x3333ac83,0xe83dc821,0x8c408496,0x70ef812e,
-        0x99ef5fc1,0x96e1dcb6,0x1734e862,0x6e2b771b,0x583507d8,0x04629cdc,
-        0x23d8179a,0x5819f9ae } },
-    /* 46 */
-    { { 0x6aa78811,0xd9969121,0x2103e7c3,0xf64ee8f4,0x22b9e698,0xddf01070,
-        0x4f582cde,0xe6001f9e,0x2ecfac1a,0x24a608af,0x06393009,0x6ef4c784,
-        0xebf72911,0x5262eae6,0x8c4ee5a0,0xddbd0af5,0xecd87bc7,0x875aff90,
-        0x6f24f114,0x2fddb34c,0xe865f172,0x48104281,0x886c1b9a,0x95692426,
-        0x9ef4231f,0x6f5f3208,0xd0a7e82e,0xaf587acf,0x9ac395c8,0xd6571917,
-        0x1364a750,0x7459603c },
-      { 0xf41ae519,0x1c2475bf,0x4af8f251,0x34401fb1,0xaefb2c3d,0x70ddfcd2,
-        0x51cdaf08,0x9b2d385b,0x8208bb19,0x8531c256,0x4c33f3f6,0x16c89df6,
-        0x24571769,0xc23cfa99,0x86d010ba,0x2339b51e,0x22638313,0x08db0e8d,
-        0x00fedeb7,0xf769e179,0xa3687ef1,0x3fd96dcb,0x91476475,0xcd046b23,
-        0x0c45c8dd,0xf3ff2064,0xb8343d78,0xefd167bd,0x4b77ee90,0x493ccb6d,
-        0xb3cf7b45,0x33025513 } },
-    /* 47 */
-    { { 0x35eaaca1,0x36f00469,0x89119102,0x0c384b75,0xe6d2954c,0xcb375665,
-        0xb1e9d6d7,0xcb9199b9,0xc29c2757,0x75852349,0xb8e738d0,0x89cbd1ba,
-        0x5923a427,0x9b8dbe90,0x18fe1889,0xa237793e,0xa742e083,0xa4271757,
-        0x4eebd613,0x8c4979d2,0xd4f2cf77,0x40325054,0x958705de,0xa3b8a091,
-        0x33d999ba,0x1b191bd9,0x3b0fee1e,0xbafefba4,0x3facdf14,0xb3bad184,
-        0x4387561c,0x9328adb0 },
-      { 0xf906b872,0xabe84e80,0x78262665,0x705523a0,0x3398ccf7,0xd89c6a7e,
-        0xf55b5323,0x2fab551d,0x0554dea8,0xa0578eca,0x375589cd,0xef26523d,
-        0x864ad750,0xd8fd6242,0x178fe1fe,0x93f27fc5,0x9df87422,0x7b3e6f30,
-        0x3750d054,0x2862e49e,0x5dc038a1,0x7d90c6b2,0x84db682b,0xc1a1ae22,
-        0x9881930a,0x47f3dab7,0xbaf3e0a4,0x30e6bd52,0xf62d25c5,0x0680025b,
-        0xadd0d5e7,0x0aa1f3cf } },
-    /* 48 */
-    { { 0x22a10453,0xa9822190,0x2a03a10b,0xdd1eb91c,0x96646f3b,0xafbb5d95,
-        0xf38b6fc6,0xa58de344,0xb8cfca1d,0xce47c3e5,0x0f70da04,0xfcd8e16d,
-        0xda262ed6,0xac44349b,0xc56e2f8e,0x9320d87b,0x19138e58,0x9ce3ea08,
-        0xa2b236c0,0xa5862dff,0x8e7efb0d,0x6b0f9a5c,0x16ac78eb,0x4b53432b,
-        0x709b51af,0x6ff43105,0x8f519628,0x08e236f8,0xeed403ad,0x1f93f176,
-        0x9636545e,0x559337e0 },
-      { 0xd8fd807a,0x30ddf738,0xab131222,0xf4e0ec9d,0x625afbc3,0x14a2f4db,
-        0x9f12f895,0xd5b70604,0xac3044fd,0xb46f3c23,0xf540148f,0x1b232d1f,
-        0x39b4e554,0x61b458f5,0x0dd70b75,0xf694b24a,0x289581d9,0x0fc64299,
-        0xee5fe22d,0xc05d49be,0x6a18bf63,0x7af3447f,0x7f1929d6,0xe96a1dc2,
-        0xc1551e8c,0x6afe6028,0x2b5d4fa2,0x27dacaf3,0x545c2cb4,0x4a1631bc,
-        0xb0c914d3,0x930070f9 } },
-    /* 49 */
-    { { 0x69a9bc05,0xd2f32c5e,0x589c4b73,0x0a5c19c6,0x94665f9c,0x095c9e5e,
-        0xbcfb4c39,0x8ab0f293,0x1ddb7c31,0xb9070877,0x66b38048,0x894e9658,
-        0x606bd9bd,0xf19a90cf,0xb6fd2d69,0xcc1d58df,0x461d8a69,0x886dcc4e,
-        0xf9ce4831,0xc455c277,0x765f8a82,0x749a5996,0xc3badc8d,0x2ffc668c,
-        0x9112cdab,0x38018396,0xb243c7cb,0xa98795c3,0x010a2224,0x8775f310,
-        0x587b5e14,0x043a2141 },
-      { 0x3a873752,0x7bbe9dbc,0x2f442fee,0xee1493f4,0xc18c2181,0x981ca2c8,
-        0xe29769e7,0x00ce3090,0xde768c5f,0xb4626ac8,0x34d7677e,0x33e9ce46,
-        0xe0fa94e6,0xf89c2cad,0x41f5b5bf,0x04f5cc11,0x2228c12c,0x2565f736,
-        0x0c05cce5,0xf1bf706a,0xbe487c4f,0x5d07ffff,0xa499f1a4,0x3ec43c09,
-        0x98d94800,0x4f4e79bb,0x073f12f8,0x8a335a16,0x0f970d6d,0x4bb5eaf7,
-        0xf24d0ae8,0x18d0747b } },
-    /* 50 */
-    { { 0x84601faf,0x58d3c77c,0xaf1c1f72,0xc9465be2,0xd116d806,0xff626798,
-        0xd5b0d93c,0x3996c0c6,0x5ec6723a,0x2fa1ad75,0x03ba5349,0x966a8144,
-        0x2ac34d8a,0xdc4c9422,0xed675865,0xddf471de,0x953d528f,0xd8aca597,
-        0x24ebf67d,0xb2e463b5,0x7e25b4d3,0x25824871,0x43159daa,0x23c5adba,
-        0x83357540,0x5458f9c6,0xf938b1a6,0xcf685da7,0xcefed231,0x981a4fda,
-        0x08bb5e59,0x711093ed },
-      { 0x401f161a,0x12aa3fc6,0x974c5e87,0xf7358560,0x17b5df82,0x4aa252fb,
-        0xa48e6299,0xb0b82b07,0x29dd847d,0x00234157,0x4529c5a6,0xf1e54d00,
-        0x6d98f538,0xcc1c539e,0x28d3abcb,0x36162b53,0x2a84f0cd,0x75a37938,
-        0x4dee7484,0xf717a81b,0x4c23bf1b,0x16cf35fb,0x787e8b3e,0x7fd1c29f,
-        0x59b79ab0,0xb7da7e68,0x85f6c60b,0x072100a0,0xe7ed48b5,0x31840159,
-        0x4d9c97d4,0x17898bda } },
-    /* 51 */
-    { { 0xae1b8cf8,0xcd8483d8,0xe9a28856,0x323d4b42,0x204a4bc2,0x7633584f,
-        0xca7a69fa,0x4e0b2228,0xf757bab2,0x8afbda8b,0x6cc5f9ca,0x85b24088,
-        0xd41a95c3,0x47fb4813,0xc2aabe6b,0x3f1bc53c,0x1ad1599d,0xf22cda3f,
-        0xc31ea9b1,0x1b2ec081,0x01614ac1,0x048f304b,0xc6afa7ab,0xce31cee9,
-        0x4140dc3d,0x55af7633,0xdce8abba,0x84b7ab37,0xc7cf3efe,0x50de7648,
-        0x15356ab2,0x73a88dcf },
-      { 0x06e83b39,0x3f868288,0x9f44037d,0x477a4413,0x17dbc841,0xf9058b0f,
-        0x54d17549,0x2db64f4f,0xf2307ffe,0xa23cea6a,0x4f126261,0x393efd55,
-        0x10f37f26,0x2f4e658a,0xf4ee1e35,0xa4437ce3,0xa93cde8b,0x64ef42a7,
-        0x939aa901,0x1debc9f4,0x3d7b5cd4,0x44223d6a,0xf88a3acc,0x789a6a11,
-        0x2c608a2d,0x56fb9df8,0xbbf56c06,0xe79db8e3,0x668fa300,0x73c56af2,
-        0xae396a1e,0x52f32b17 } },
-    /* 52 */
-    { { 0xe714f71a,0x56f524c1,0x9add8519,0xc1be1262,0x65cadbe3,0xad9189d8,
-        0x5a0fb649,0xd88bf5c8,0x21d192d9,0x9efa6a92,0x6f724b6f,0xe3fe8389,
-        0xb250119c,0xec3fae24,0x2ae0d3c0,0x4b6af9f6,0xd619624d,0x8fceba0b,
-        0x2fdb6e3a,0x7dc3092b,0x3263cd29,0xc91da376,0xf95c43bd,0x30c0761e,
-        0xcdeb44d9,0x89136400,0x43c0d31d,0xfd7dce84,0x9871899f,0x78fec3b1,
-        0xefdf58c1,0x79e14d28 },
-      { 0x9bb40c55,0xe3822235,0x0ed07a42,0x0a27202d,0x4838c1f4,0x48e6c1a9,
-        0xd864a78e,0x2b5f24a7,0x0c6c55c9,0x7e7f140a,0xce12d508,0xe62c104a,
-        0xc11b1e10,0x9b0a1a7e,0xafbb3dd5,0xfd8a275f,0x9a3b6b30,0xdff354fe,
-        0x46602a01,0x5a105d9e,0x93bb65f7,0x3d371b4d,0x0f82fdeb,0xda5cbf0b,
-        0xde468545,0x4601229b,0xc73d517e,0x505e10b9,0x672ff492,0x77cfa541,
-        0x99566ce2,0x0d8ec28a } },
-    /* 53 */
-    { { 0xcbeee995,0x014cf73e,0xd491e80c,0xb2eb88bc,0xd9aba5d4,0x615a6cad,
-        0x9304c84d,0x2f7d4633,0x8ab03c9a,0xba0501d2,0x91babb94,0xc8f723de,
-        0x50405772,0xc885f977,0xc7fcb094,0xb5e1d2b3,0xdf96c71a,0x61ee7995,
-        0x3464499e,0xb8c8daab,0x5f607932,0xdb425ddd,0xb1243587,0x70251ca1,
-        0x9fc74340,0x26d7d3be,0xc902ac89,0x8c179310,0x4559a74f,0x72522c15,
-        0xc3734afc,0x86001e27 },
-      { 0xe7693947,0x13b00ba5,0x012c062b,0x6478641e,0xe85490a8,0xe1a438e0,
-        0xd9574d5e,0x5173dbbf,0x9bd3ba61,0x9532eb8c,0x5f3ea075,0x1f41bcb8,
-        0x8cbb92b9,0xac1cc247,0x1ef901b4,0x0f34648e,0xd2b3b2ee,0xdd929d1e,
-        0xc3d75bfc,0x470f1eab,0x139cf4d2,0x5cdbc6f7,0xf0424953,0xcd86454d,
-        0x47fcb383,0x1e079812,0x17df930c,0xb9f209b4,0x114ebc00,0x4225fc31,
-        0x347946c1,0x020591cb } },
-    /* 54 */
-    { { 0x275e0af4,0xe3003721,0xe78a4a4b,0x721141ef,0xd1757485,0x666cfcf6,
-        0x168e659e,0x5fa1d737,0x0e2842ee,0x263e3e54,0x948bd5f6,0xadecc3d4,
-        0x246b104a,0x019de03d,0xf343d818,0xf8a9e903,0x5b0c0d31,0xcb57ba4a,
-        0x51e2765f,0x8246c506,0x6519bf67,0x80c5751f,0xf2119a01,0x5f05c200,
-        0x7821d4f4,0x7e6487b8,0x261c3a06,0x262f94aa,0x72146052,0x56cfe489,
-        0xa1df05ef,0x5119985f },
-      { 0xb18586c0,0x5819497d,0xc6eeaa62,0x004415d6,0x97cda28b,0x7c6a46b6,
-        0x7c194594,0x9a149b28,0x4ed3a506,0xb56369fa,0x43c94cb4,0x7092aa66,
-        0xa9e9eee2,0x55bce73a,0x77893509,0x34bb2870,0x06eb5326,0x8af95fb0,
-        0x9638f485,0x87cd0323,0x5ba75bf8,0x29376268,0x9d42d581,0xf32d6f3d,
-        0x65c6d64d,0xa4cad574,0xb2cded41,0x985f50fb,0x9006a067,0xcf34ce0e,
-        0x58a57f9a,0x59eaf265 } },
-    /* 55 */
-    { { 0x6ec3876f,0x7b407efb,0xf0f48648,0x780c6123,0xbf893039,0x2abb56ff,
-        0x45a91ab0,0x9592eaa0,0x78811b82,0xce5b84d7,0x1f9f3fc9,0x86a71a34,
-        0xf0e7e13b,0xc17fdd86,0x655a0880,0x88ed8297,0x81d5e666,0x75d6dc74,
-        0x1d171797,0xeffc9df6,0xe3f79e1f,0x36ad4c8d,0x2046192e,0xdb15317d,
-        0x274fda62,0x78c9fa7a,0x82dd9914,0x04ec924f,0x3a64971c,0x059d1e38,
-        0x2620bbfb,0x3b4450ea },
-      { 0xc776dcdb,0x3db7a955,0x81c8ba47,0x35c4a57c,0x505760fb,0xae285003,
-        0xb3aec353,0xe3e80691,0x47117be5,0x380335be,0x056ccf61,0xe1c47e3a,
-        0x33977916,0x253cfdeb,0xf5cb7ee1,0x3decdfba,0x7cf4b704,0xf3c9794f,
-        0x9ff81462,0x2401680c,0xbe3daa9f,0x4e440e11,0x69f91d8a,0xc5d04377,
-        0xcb5e9c5d,0x4106c7a8,0x33b7d24d,0x191909a1,0x3764b4a2,0xe893c838,
-        0xc429b614,0x4a7fe30c } },
-    /* 56 */
-    { { 0x2455c7c5,0xe78f3a70,0x70157754,0x5b7636e8,0x7623262c,0xf32c4524,
-        0x1bc780c7,0x2c98b11e,0x915ed877,0xd48eaeac,0x199265f4,0xbb04d3c0,
-        0xcfa5200f,0x6b52b19b,0x93ea3fe8,0xc46a0981,0xba758059,0xd82c733d,
-        0x1896aacc,0xd324bbd6,0xce8ecd51,0xac09a2fc,0x02fc44b3,0x529918fd,
-        0xaaa1784b,0xf0c45e4a,0xfe22085c,0x35626340,0xc50c7d61,0x53cbb676,
-        0x65126b23,0x83fa1ea3 },
-      { 0x10ccc646,0x60ac86da,0x7b0451e9,0x2ce0637f,0x8a088610,0xbbbcf630,
-        0x20349982,0x23c19019,0xfc0bcda0,0x707fc39c,0x1bd4fd7d,0x7f4d1f15,
-        0x44713bbb,0xd6a64e74,0xc5ac9e60,0x57bdc676,0x37b61169,0x456c5303,
-        0xdcf40a1d,0xd3451396,0x4997d2c7,0xf3edec25,0xc2c4a739,0x534ae9a4,
-        0x6a6ad2e2,0x1401397e,0x23e95f81,0x20769d4d,0xde98fabf,0xcee007c6,
-        0x931c51e0,0x61409779 } },
-    /* 57 */
-    { { 0x15156623,0x3ddb32db,0xab7a67c2,0x68137fbc,0x6f19e3c2,0x26011f50,
-        0x89924c61,0x34218b02,0xc6804c1c,0x492a0b0f,0xafaae6a7,0xd65be706,
-        0x0d01be61,0x3b13d23e,0xf87f4c69,0x44545b47,0x04dc1aa3,0xd42236e2,
-        0x3c5161ec,0x6135261d,0xbd88bc07,0x1eb46a63,0x1599d720,0x78c6d836,
-        0x69baf0f3,0xf6955fe1,0x17072820,0x467eebd6,0x3e3a340a,0x2f1b8a2a,
-        0x2d0b5f88,0x636dac76 },
-      { 0xb4c80af3,0x94280db9,0x4e3892ab,0x9a189cd1,0xd1477ddc,0x26e702e0,
-        0x68f9f14f,0xe91aee38,0x80baa0b2,0x2864f63a,0x8b714a29,0xacd81f73,
-        0xc5fe7cb6,0x30e1b870,0xb10837fd,0x883ea1c3,0x6b20489f,0x2da27953,
-        0x58a2da5f,0x3aeb2a68,0x03a8fa14,0xe2330bf2,0xdc70b1c4,0xb5c488b5,
-        0x299678f4,0x0a78c4d9,0x25df675c,0x233bd098,0x7b67d368,0x37b5c076,
-        0x4d0bef3f,0x2f6dbdfe } },
-    /* 58 */
-    { { 0x2e4da7c7,0x2f8472fd,0xae677932,0x708cfc91,0x3dc268e2,0x364af08a,
-        0x799a2424,0x0f10dfe0,0x71d58bff,0xef912d58,0x988962e6,0x6bf35dfc,
-        0x5f47ea0a,0x28b96fa9,0xaad308c1,0x734a79ea,0x9f437bba,0x95730337,
-        0x6cf54f75,0x002cbd8e,0xe7632eec,0x47606dcf,0x53193104,0x404b5ecb,
-        0x0acf729d,0x0ae0897c,0x3bddf1de,0x89628b86,0xf87d7448,0xeced154e,
-        0x458d5d4e,0x5cb6e197 },
-      { 0x008c75ed,0x98cef197,0xf6eeaaf8,0x7cf49d3e,0x1875e96d,0x1d6f9e02,
-        0xdd9b0d8a,0xfcec2cfe,0xb9576daa,0x38a61cfe,0x36a7dbb8,0x10003f39,
-        0x23b814f4,0xb37c3868,0xb80e3153,0x9fb66dcb,0x059847a8,0x9e7e2eba,
-        0x35a72770,0xa4ec63fd,0xfc9e0ed0,0x311f3d91,0xd515baa4,0x3c1dc094,
-        0xa08cd4e3,0x75a06ebc,0x2ed5eeaa,0xab617238,0xe1f52c1f,0x2e82bbb0,
-        0x5175d6e5,0x2149d630 } },
-    /* 59 */
-    { { 0x5f9311f6,0xee1a8e6f,0xbabc1f85,0xc97e3c9f,0xb494209a,0x4fa7c52e,
-        0x19774fe1,0x04c2f51c,0x8555844f,0x5cefd122,0xb5873ab3,0xb53862a3,
-        0xcbed19fc,0x768efdd6,0xee58469a,0xcdc12479,0x3d80c09c,0x11237e31,
-        0xc044c28c,0xdd74a290,0xbd47e287,0x9ee6517a,0xad0ffeef,0xc2421228,
-        0x818d281f,0x4273088f,0x43ec0de1,0xebc744bc,0xb415bd73,0x5b26eccf,
-        0xcb07c26c,0x14e2f350 },
-      { 0x4216946b,0x548d2a10,0x7a4bd92d,0x6e801f07,0x43695160,0x5996d0a3,
-        0x63a197c9,0x0f1b5c2f,0x061f77c9,0x79da3c4f,0x93ff7b22,0x1c1cd634,
-        0xa234123f,0x5e61b650,0xf284033c,0x826b34c5,0xc2f34214,0x718b90e8,
-        0xae806ec5,0xa5f35620,0xe324a9b4,0xa2fae345,0x8b53cb51,0x8c0bb95e,
-        0xf9965778,0xc94f6ac2,0x6b9def32,0x07ec607d,0xd0ed8f27,0x63bf1dba,
-        0xdcb61e4f,0x58537e02 } },
-    /* 60 */
-    { { 0x64f80ba2,0x1f64b064,0x0559a45b,0xe8e055e7,0xf1f4b634,0xc3262b34,
-        0xde8c8482,0xef4f7d5f,0xc30c780a,0x9d55dea0,0xcfa1e693,0x1740afb9,
-        0x7460c34b,0x2cfe6a66,0x1187c1ee,0xf6695941,0x5f974d94,0x1382f277,
-        0x004549eb,0x1ca0ace4,0xbabded02,0xf8244b3f,0x4e3653ea,0xc36f4d06,
-        0xc55c5f83,0xeab9f0dc,0xacebce90,0xd93b9cef,0x19061425,0x16658e72,
-        0x82d7970d,0x4857835f },
-      { 0xd2576210,0xdcd525bc,0xd51b5443,0x9f378aa7,0x1bd83994,0xfe97bf17,
-        0xf38ac621,0x930d0f63,0x818408cc,0xaf8f2c17,0x260f53f6,0x2692c87e,
-        0xdb0a75e4,0x0ee45407,0xffdb1b37,0x0ec47ae5,0x7aa6a44b,0x769129dc,
-        0x2e40b75d,0xb6f932b2,0x95ef3b77,0xe06764d0,0x68bc63e8,0x28fd47f5,
-        0x9c0014c0,0xd1810494,0xd7995d8e,0x90e2d3fd,0x6c2a85af,0xeb39a05d,
-        0xa21f3128,0x6c0277bd } },
-    /* 61 */
-    { { 0xb509e7ef,0xe41b7086,0x3d7f9f91,0x8842ec7b,0x5526b88b,0xcd285f94,
-        0x051dd0ab,0x6e44e064,0x774f1ceb,0x90198c10,0x123e661b,0x6ecabe98,
-        0x32f647d9,0x44811136,0x26c52aee,0x1dd82b45,0x939dc9d5,0xd650907f,
-        0xfcd455bf,0xbd5eeef2,0x8d2e5d7c,0x7815a4dd,0x88bc9f2a,0x5ad4ec92,
-        0x57a3b322,0xc6f10d0b,0x20b9cbdb,0xe8d0c1e7,0x9b774ee8,0x5a0b071a,
-        0xf22fcf8f,0x3067bc9a },
-      { 0xb7ca9326,0xe0e589f2,0xb1224f63,0x17a106fd,0x747a57bd,0xb2354521,
-        0x62b0882e,0x2614982d,0x4391ffcf,0x7f3af544,0xa84e440d,0x1aaa337b,
-        0x941bb071,0x28ea37b0,0x2e4a7f54,0xa957dcb4,0x1a6ad5fb,0xe7ab662c,
-        0xf7c36a20,0xd135e381,0x9baa0b6b,0x42e7980c,0x94e4671f,0x4237030c,
-        0x8b0922e3,0x24cc63ff,0x445a589f,0xd10d5279,0xa870ff6c,0xbb99d316,
-        0xa996c195,0x390c83ca } },
-    /* 62 */
-    { { 0xffc4a73f,0x50d3fa82,0x3bd53303,0x2665d635,0x264bb77d,0x80a06f8a,
-        0x22d73d84,0x81c04a6e,0x0323b8aa,0x2409cff5,0x8c4c4d5a,0x31dce217,
-        0x0c0f9c19,0x374aa80e,0x00186bb8,0x0b25a387,0xaaf1487f,0xd0b77a10,
-        0xab498de1,0x15f39ad5,0x1aa0c116,0x92e32da6,0x96e25ce8,0x228e3dbd,
-        0x5e8646d1,0xb57c88dc,0x267b1c68,0x672b1164,0x600bdec5,0x5d0d807f,
-        0x223e573a,0x3ea4007d },
-      { 0xa595d0a3,0xd76debd0,0xaff0b3b4,0xa6bd76cb,0x9b1bdb97,0xbf2c154f,
-        0x4c714c71,0x62b19ab4,0x221af663,0xc9bf33b9,0x8c941ef6,0x23d87c49,
-        0xd79f0f6d,0x255804c3,0x2a7acbc1,0x6f1a1005,0x550528af,0x5dab79d9,
-        0xc8d16213,0xfd77a6f0,0xde5e1029,0x40508b6d,0xf95da12b,0xd95ac0f2,
-        0x758a8ba1,0x8860af71,0x7160c8fb,0x0b194c83,0xce004d34,0xa40e6c80,
-        0x6b14aaa0,0x09f82a17 } },
-    /* 63 */
-    { { 0xc21366dc,0x60abe588,0xaf75daf9,0x729c0a4f,0xacb93ed4,0x70501fd9,
-        0x87a16d70,0xb97e744e,0x98e7361b,0xa42e0a7a,0x28b54cf3,0x1acdaff2,
-        0xb7bd9078,0xf087ccbb,0x663250e7,0xda6f3983,0xbaf07c09,0x66d693ee,
-        0x8cbaf157,0x79baf4c3,0xdfca99d0,0x5a984e07,0xf26d8dab,0xab4d3247,
-        0x7eba36f9,0x4d0be701,0x0e8dd216,0x37bb9e65,0x531c4f03,0x72aa4e24,
-        0xb753d85a,0x77d1e984 },
-      { 0xd8e62367,0xd9373239,0xb9820cf1,0x3361848b,0x5a9c97c4,0x00c7e344,
-        0x14f960fc,0x9a0ec9ae,0x740474b5,0xcf41f0cf,0xece065d5,0xa5eede8f,
-        0x9e808610,0xb1de5a4e,0xae0cf75d,0x17c44ae4,0x6b148d0b,0x2fa56323,
-        0xd29ff2dc,0x64fa740f,0x88cb212e,0xc605eb8a,0x6a863016,0xf2c771ad,
-        0x607b4c17,0x6d6112e7,0x40d49785,0xfe90ec07,0xe256e0e5,0x599be18b,
-        0xca54adb0,0x4e6eabec } },
-    /* 64 */
-    { { 0xfb99cfe6,0x950323d3,0xc9334178,0x7b09bc26,0x7cbdfb6f,0x64111e41,
-        0x89a75760,0x91141744,0x10919cb0,0x4c633df9,0x396bfd2f,0x715fc7c7,
-        0x8cab62db,0x8ca19512,0x4db81aac,0x30672473,0xb4c4c54a,0xe67a246b,
-        0xbf229646,0xd77ea0fa,0xfa5b5d70,0x5bed15f1,0xc2f192f3,0xa5686da5,
-        0x7f6690ad,0xdecac72a,0xcaa50b7d,0x0c4af2a2,0x6049ad2f,0xf44631c1,
-        0x04ecf056,0x325d2796 },
-      { 0x4848c144,0xee11fb55,0xb6a7af32,0x4e062925,0x369e0f9a,0x125b68e1,
-        0xca53b21e,0xad9bdae6,0x2e98ea1b,0xf50d605c,0x9f2fa395,0xbdb9e153,
-        0xe91532f5,0x4570e32d,0x46a250d7,0x810698ae,0xad9d9145,0x7fd9546c,
-        0x11e97a5e,0xabf67721,0x249f82e9,0xca29f7d5,0x9851df63,0xa9c539a9,
-        0x71d0e3e5,0xfd84d54b,0x041d2b56,0xd1e0459c,0xfd80096a,0xceb3eb6e,
-        0xe32a79d3,0x19d48546 } },
-    /* 65 */
-    { { 0xb540f5e5,0xfe19ee8f,0x04e68d17,0x86d2a52f,0xadbdc871,0xd2320db0,
-        0xd03a7fc8,0xa83ad5a8,0x08bcb916,0x54bf83c7,0x2e51e840,0x092133ea,
-        0xcb52dddf,0xbce38424,0x31063583,0xd5c7be40,0x458e3176,0xc1ebb9df,
-        0xbc4dabbf,0xafb19639,0xc05725a8,0x36350fe4,0x84e1cd24,0xac4a0634,
-        0xc145b8de,0xadf73154,0xb3483237,0x0aa6dd9e,0xcbff2720,0xa3345c3d,
-        0xb4e453b0,0x1b3ace6c },
-      { 0x90a8bdc5,0x0343e5e9,0x6306a089,0xa203bf9d,0x8e48520e,0x98489a35,
-        0xde7d1d06,0xbd17debe,0x5f795d3f,0x8fafa6d7,0x387b0a3f,0xa4ceb630,
-        0xffddeafa,0xe0166b32,0x7e764e02,0xa2fe2054,0xe871f304,0x55ab9824,
-        0x952ec45e,0xa2bd36bb,0xa90d20ca,0x7b4c1484,0x75bcfb53,0x5319f387,
-        0x6982c4e5,0x34238a4a,0xa102921d,0xa2bb61c7,0xdb3ab17e,0x1e061b64,
-        0x192f0a14,0x538ec33e } },
-    /* 66 */
-    { { 0xa19b56cf,0x193496fe,0x7bb99acd,0x663d77f4,0x57d0a881,0x8f04afa8,
-        0x082835fd,0xcced3da2,0x5d82cec7,0x7e21faed,0xf8009c85,0x6e175b99,
-        0x2d05a307,0xd9c6e31b,0x81487d82,0x96948d4a,0xd46f6655,0x86ebd3f2,
-        0x773ccc49,0x86851aa8,0x8b1640a6,0x3e220f22,0x41a20b75,0x9f06e3a8,
-        0x90ac0a6f,0x2cfffe5e,0x8ebeb3fb,0xf5a9b1da,0x6e08e2c9,0x2587d997,
-        0x03e9f401,0x6fd60298 },
-      { 0x8eb7516a,0x54709f8d,0xbdc598ab,0x83058a74,0x87e801ce,0xd234dd98,
-        0xd17b8a96,0xfd0f9d90,0x6e90f6ab,0xaa1e549f,0x5a7ed55b,0x2496ff80,
-        0x6c254c19,0x0d9f657a,0xb8962575,0x3cdea49c,0x2dff27de,0xb685a3f0,
-        0xdb8bc04b,0x3c50e7fd,0x987236b0,0x904ff0ff,0xbb0d5055,0x494298fd,
-        0xe14be8d0,0x34b3386d,0x7c3d30d6,0x7ad34e9c,0xe159fdd9,0x1f2b32bd,
-        0xc761e5c0,0x84cfa23c } },
-    /* 67 */
-    { { 0x8b99b964,0x13bc11eb,0x58e2fc47,0x8e280c0a,0xd4c9a54b,0x870fbc49,
-        0xbf6e20fa,0x37a334a2,0xd7c88cfa,0xee583d0d,0xef4af1da,0x05e029a8,
-        0x0c2ef8a6,0x6d55e234,0x209e9b62,0x61b6fdfe,0xbb8e080f,0x3b1dad26,
-        0x9392fc1a,0x5adbc162,0x0aae3f4e,0x02ac0fe6,0xc2bf4d5b,0x8d99801a,
-        0xc282fed2,0x2333f93f,0xb52db33f,0x16dcb10c,0xc55752e7,0x09f90f84,
-        0xc84a0d8e,0x287d4c51 },
-      { 0x0e9867da,0x5fa58201,0x1a874cda,0x614589b3,0xfbdee22e,0x005e27c5,
-        0xe612bda8,0xe357fef5,0x2d3635f9,0x4e0dbedf,0x6f125a86,0x62be70e4,
-        0x0d94a2e5,0xa09b9884,0x28b5e5d1,0x7eb99a15,0x751028b5,0x21b9416e,
-        0xe06d2cc4,0x1b137fd7,0xfea09845,0x6fa1f517,0xffcecbd7,0x3ba1e966,
-        0x832f453e,0xd4c89a4a,0xeca68fa1,0x07b1e2af,0x4bd395a3,0xd0fb4453,
-        0xd8ef9e13,0x0132a3dc } },
-    /* 68 */
-    { { 0x576374c2,0xe53c7785,0x84727040,0xe60526d1,0x228ca044,0x8a066dc8,
-        0xf1ce1313,0x1fe1c1b2,0xcdeb0c5d,0x2aeec832,0x9cbf826f,0xa7596699,
-        0xde77a589,0xcd188e81,0x118d1254,0xe5ce0fe0,0x0790b86a,0xa142a984,
-        0x39ac28ce,0xe28f043f,0x87de5804,0x4eef8290,0xf639a8c5,0x83c31b32,
-        0x5887794f,0xd70454a7,0x18b1b391,0xca635d50,0x31d9c795,0xcefea076,
-        0xb6f8aa25,0x13cbee76 },
-      { 0x8d3f34f3,0x79cabe0f,0xa3617fe3,0xbda9c31c,0xdd9426a1,0xb26dee23,
-        0xf29c9104,0xe9dd9627,0xe2c6cd3b,0x033eb169,0xfcba2196,0x8a73f492,
-        0xb858c83c,0x92e37e0b,0x23b3fbb7,0xe4f2aca6,0x64be00a2,0x8101fb1e,
-        0x948f6448,0x91a7826a,0x907260e7,0x414067b4,0xe30bb835,0xf774aa50,
-        0xc999c06e,0xf922ca80,0x0ba08511,0x6b8635b9,0x25fa04f0,0xbf936b5c,
-        0xe02e8967,0x4e0a1ada } },
-    /* 69 */
-    { { 0x8ba29c4d,0x00ca6670,0x22988094,0xc08240ce,0x16dda752,0x21c5ca67,
-        0xabbbfa34,0x689c0e45,0x3ed28b72,0x1d7545fd,0xd7c56ab4,0x5f221198,
-        0x38759d65,0x4b3d8f74,0x8fe50b89,0x93490dfb,0xe80eba16,0xb641f5d7,
-        0x79acb537,0x7b0da5eb,0x0c1d5e5e,0xab6b1497,0xa5da429a,0x2338e68d,
-        0x2f6d2f25,0xe010c437,0x6530f3a7,0x226f16d2,0xcbef08bc,0xefb0f7b6,
-        0x9f99c999,0x733e30d9 },
-      { 0xa42a38f9,0xecfe1582,0x4730b500,0xaec2d58e,0xde976b2c,0x2ee2f2a7,
-        0xa969c1bb,0xf0539db5,0xfcecdb4a,0x31954168,0xe7a8e902,0xf2f7348a,
-        0x3121541f,0x1d58d7cc,0x2202ae52,0x5d25b75c,0xf40835a7,0xdea9965a,
-        0x529b4e46,0x3feb6a41,0xbd27ad9b,0x5c97fb6f,0x261f900b,0xd87554c0,
-        0x04d5b19e,0xb43031d9,0xcb219b9c,0x33d5e9b8,0x3ee00bcf,0x7a43d492,
-        0xb79a5c0c,0x56facb39 } },
-    /* 70 */
-    { { 0xa3018bfa,0x019165a2,0x9ffad984,0x100c6b24,0x55341a9b,0xbbf1b1f6,
-        0x25dc4cc9,0xe6bd1d97,0x2bfffe60,0x52850ed5,0x7e5509ab,0x24e992cc,
-        0x4ceb59f1,0xff6c502e,0x1aa7d148,0x2f0b3573,0xe7e3aa46,0xe90c1ddd,
-        0xd1142880,0xbaec9f45,0x65be5dd5,0x475cfd26,0x1febce13,0x83abb14e,
-        0x80942d30,0x6aba4829,0x297e82c8,0x1e1b235d,0x50d8218d,0xb771cdbe,
-        0xd94d6cbb,0x88599266 },
-      { 0x155ccaf2,0x08847290,0x7c5b773e,0x8679ebc7,0xb2dd08ed,0xa88b2dd1,
-        0x87d475db,0x960a180e,0x6694d02a,0x80fdb6b7,0x3f3f9e96,0x3e8758c9,
-        0x4ad836c4,0xbda3f6fa,0x32fb387d,0x9400c581,0x2550200f,0x25a78542,
-        0x776ecf18,0x2a97c351,0x566db59a,0x03ebf46e,0x26545eda,0x4743a280,
-        0xcf74ab44,0xed169d84,0x88cb3f69,0xbaab931d,0xd8257196,0x70ae932c,
-        0xa0c09719,0x797224a6 } },
-    /* 71 */
-    { { 0x441f3567,0x632923f8,0x2e24bf1d,0xc11c3168,0xb7671fff,0x4b97726b,
-        0x7a5e1a22,0x601746a7,0x3addb417,0x53dddea0,0x7f59b846,0x57867a3c,
-        0x56cd7ff7,0xb012a987,0xf19ba9a8,0x1bd5fec9,0xf8306748,0x750379a2,
-        0xab8c05d1,0x7763445d,0x7903f42a,0x5d7f441b,0xa903e46d,0xc011674d,
-        0xadd126c1,0x1b1d3c4d,0x61455b40,0xa2752aac,0x555c356e,0x4da42a68,
-        0xd820852c,0x3ff09c15 },
-      { 0xf9cb7784,0x4c0a1bce,0x2422f305,0xaec539bc,0x0c414aa7,0x5f40f9fd,
-        0xffd42bc4,0xd3aa316c,0x2f358e15,0x42f5a4c3,0xd6e27682,0x00bdcd9e,
-        0xf8a5ecee,0x069f789f,0x05e14f5d,0x8078018e,0x8b40c741,0x2bb3e493,
-        0x7917f72d,0x5dbc8c1d,0xcc57150c,0xe0eea664,0xc3fa8920,0xa25ecc5a,
-        0x1c797164,0x3c21b0f5,0x634ad16b,0x8f09a2f2,0x58391d9a,0x8e730fc5,
-        0x4fdfae4c,0x47ef1805 } },
-    /* 72 */
-    { { 0x3da285e4,0x9965f3d1,0x3a01e3f4,0xba7d4dba,0x61214ad0,0x4738413a,
-        0x22397549,0xd3b7d535,0x5a730b92,0xa53dbdcf,0x332d165d,0x3130d92b,
-        0x82f97ef4,0x44a28541,0x44dce1b6,0xbf62221c,0x7e2a0ec9,0xbba13858,
-        0xcbfad998,0x33f32c8d,0xb5fed44b,0x409e5f3f,0xc66217bb,0x5c328c65,
-        0xfcdf71a9,0xb00db69f,0xb8920788,0xa23c2a21,0x3ae6464b,0xf8ab28e6,
-        0xb8de0861,0x1a6b6e9c },
-      { 0x06af77aa,0xaf6ec2b6,0xa887f065,0x2e60f5cd,0x9f498c56,0x87d21400,
-        0xfcbaaf4b,0xdb595b59,0x271ab855,0x0fb592a1,0xd4349b0c,0xa0ce10e5,
-        0x887d8c9c,0x9d6187d8,0x154bd6db,0x03ee95f9,0x5d06c999,0x8fe53213,
-        0xfb6a64d0,0xf4a7bc30,0x66a4cb60,0x3d22af0d,0x5d37367c,0x16952cef,
-        0x997d8e55,0x6f0ea734,0x731732d0,0xb447c70f,0xa9cb3942,0x00ab3034,
-        0x28510fd0,0x79dd0180 } },
-    /* 73 */
-    { { 0x3ac7424e,0x04e0033a,0x60fda4d0,0xdb06b688,0xbcb772fb,0x236a9766,
-        0xf297cda4,0x294a8e2b,0xdb013c6e,0x4b0aab85,0x8723a3ad,0x3d2aec98,
-        0x13c84a6b,0x0cae32cd,0x70ec169e,0x21888f5e,0x42a88262,0x739633bd,
-        0x7b60d9b8,0x68ac792e,0x10769fe1,0x89f2b722,0xd24bed34,0x8f3fcfe6,
-        0xa3eb24aa,0xd35efb88,0x484c706b,0xddecfa3f,0x929ece0d,0x7cc119a9,
-        0x8d405436,0x87e5ad45 },
-      { 0x7d1000a7,0xba99aa9d,0xae823833,0x8b94affc,0xdfb83dc5,0xc8229628,
-        0x845a418d,0x2f59fe11,0x5d417054,0xa8b970f8,0x72b71581,0x8918c265,
-        0xc0d1dd17,0xe4ef477d,0x3afad7c0,0xb50b4cf3,0x01870a5b,0x21baea79,
-        0xbb3a2868,0xc77087f9,0x124a59cd,0x7857531e,0x57f43239,0xed74c26f,
-        0x0164c94a,0xd5f5ae25,0xf094bf74,0x6608b7e2,0xfdceea32,0xf4cdb5ba,
-        0x990cc045,0x0b712519 } },
-    /* 74 */
-    { { 0x88d5c64d,0x5a290ca1,0xa7492534,0x0596d749,0x2a00e925,0xa04b0d3d,
-        0xcaf7b66b,0x082cd02c,0xecdded83,0x912b50c2,0xff31646e,0x813ce9de,
-        0xc75fff95,0x62ae70c7,0x7e2a4615,0x6f6852e0,0x03804fd1,0x320fd7d0,
-        0x8218e8d9,0xb1a2a4dd,0xafc645d7,0x4918a6fb,0xe8d9fdbe,0xfb080fa1,
-        0x4470b6ee,0x33d4d08a,0x6d974ef7,0xd2ba2077,0x69dae5d2,0x8ecb95a7,
-        0x7d69596d,0x7a3f423a },
-      { 0x9a929387,0x362d2ca6,0xcb1c1fff,0xabdb7581,0x7e51b6cb,0xd892ec9f,
-        0x3a4e131f,0xee8d8632,0x5bd87561,0x4680e3f1,0xd4e7e732,0xe3a597e1,
-        0x5581fefe,0x3cc72b7c,0xca8cae0b,0xf3e77f8a,0x5e2fd4af,0xfcc7d7dc,
-        0x21355b79,0xdd3a4552,0xa2c07177,0x546b24f2,0x0689621f,0x415b532d,
-        0x3f78163e,0x2be9af51,0x33d7ed21,0x27d63b9b,0x96802943,0xab019ef2,
-        0x1623faf4,0x2da5fc55 } },
-    /* 75 */
-    { { 0xc8a5c600,0x62429cf3,0x3fe33e7c,0xa7a80c22,0x0a57ddcb,0x9ffda740,
-        0x925b0c74,0xd1ae156d,0x6b100eb0,0x097a43f9,0xef943c81,0x169e945c,
-        0x1128cf24,0xa1f734e5,0x419f0133,0x04387c4a,0x01044024,0xc007868b,
-        0x90359cf2,0xe5416abf,0x478d54e3,0xf9c76fee,0x42a2173e,0x66219da6,
-        0x9fe30141,0x61e03156,0x93ef247e,0xa0ff5ce3,0x072b6592,0x811792ba,
-        0x70c854d3,0x855f0219 },
-      { 0x847314c4,0x61fbfb6c,0xeb45b96a,0x97906155,0x6ba2afac,0x7102e146,
-        0xab949781,0xed51f975,0xc110c4fe,0x9d2f5b17,0xaff57667,0x7ac8ce70,
-        0x6eb244e7,0xe7366a21,0x551c65c7,0xdd1bbcec,0xe1a859de,0xb525060a,
-        0x8ba7d2e7,0x7a048174,0xab8ea8c4,0xe1a2c541,0x6fdff078,0x6e7824c3,
-        0x14874b04,0x79b49fc7,0x06b1f733,0x22ae337f,0x6f8fe6cf,0x1c352192,
-        0x525d0797,0x292236cf } },
-    /* 76 */
-    { { 0x7d8b29dc,0xcdb8d80a,0x08ea648a,0xd17a2024,0xae92be91,0x7db12c5e,
-        0xfda72fbc,0x1f347d18,0x9e760c6f,0x11374b40,0xd8e38d91,0x7361e8f1,
-        0x739ac1f4,0x7714be9d,0xb4df5c4e,0xc1f9701c,0x6f72cae1,0xd9138ed8,
-        0x6ad180c4,0x1c7fe1f7,0x9e2dbf9c,0xf8c185be,0x7c70c44d,0x835db269,
-        0xb0d15b5f,0xf997cfea,0x61e6545e,0x5101445a,0x25184e5e,0x16b06884,
-        0x7521e7aa,0x7cfac359 },
-      { 0x3c0bc53a,0x81182167,0x7e751367,0x84b5ede3,0xa3657a18,0x3ca255fd,
-        0xba1fdd98,0x096abbf4,0xc5da77d8,0x9ce8369f,0xaab342c5,0xf27b9ae7,
-        0x972059f1,0x06c91bd6,0x914ecfe9,0xee0dab30,0x93f53f12,0xbb647fbb,
-        0xffa57e0e,0x30c38a7a,0x9f2ad607,0x517d06ef,0xbb99dcc9,0x49728d87,
-        0x446080a1,0xb0034af1,0x12b9c17d,0xcc810c3f,0x772a22a0,0x7225f14f,
-        0x1ddf82bd,0x6ce3dc7f } },
-    /* 77 */
-    { { 0xa4397830,0xc07cd835,0xf4733306,0x4dd9290c,0x29989e8c,0xdd35d3a8,
-        0x563d8152,0x79902559,0xe87de61b,0xf278d911,0x1024e35c,0x9c7340c7,
-        0x4a0d0e59,0x2d444461,0xf32626a1,0x63e7608f,0xc4c9baa9,0x627a37e9,
-        0x76fffd25,0x0c56dc51,0xcef2a1cd,0xcb6defc8,0xefc559d9,0xcbcc0d56,
-        0x041cb692,0xe45f3fc5,0xe5161e09,0xcd05c239,0x5c3b559c,0x2a731ee9,
-        0xa3d0a16d,0x85151122 },
-      { 0x86ff19e2,0x782d0335,0x1da28603,0xc2c60daa,0x557c7eed,0xb2e78cfe,
-        0x1bc4e8b0,0xa8f6f984,0x3df35c67,0xcc1f9b4b,0x4764462a,0x96e13603,
-        0x7c7ae0b0,0xbf910b97,0x51435956,0x27c7f305,0xf631eae5,0xc14db15c,
-        0x7e69b34c,0xa51d6142,0x5fc12ff2,0xdec82851,0xfb887162,0xfcceae13,
-        0xde1488bd,0xda332ac1,0x2ee3e74c,0xa20374e2,0xf0ae069c,0x597ea1a1,
-        0x77bdec04,0x8b1159f2 } },
-    /* 78 */
-    { { 0x2f961d30,0x4af71a44,0x7ac7248f,0xbdf968a8,0xb1a906cd,0xd32df87c,
-        0x04abf925,0x00c10e26,0xb9f04d4c,0xb8711759,0x939705da,0x00d54e60,
-        0xc9f80849,0xf7587433,0x6a7a2375,0x2e9abade,0x94ac17ac,0x5676d478,
-        0xc202d99c,0x4ca0525b,0xabfae73d,0x95b8bcad,0x3405991b,0x2371ed38,
-        0x458a99c3,0x2b69e47a,0x2b78c866,0x7cac0b18,0xe0232c7c,0x6ceaa79b,
-        0x588f7459,0x0bd86433 },
-      { 0x7e734189,0xdea1a8b4,0xcfe5fa17,0x52c5ac88,0x11437664,0x444a4d4e,
-        0xaf9e9750,0xc2522308,0xd30c6b3b,0x78b1d0c3,0x4c6df477,0x2edae5f0,
-        0x2ee88dd7,0x53131d9a,0xacc93e34,0xc4e380ee,0xa8db0e8e,0xd499b1ac,
-        0x7f5d49d7,0x77348c16,0x1556ccd7,0xc9663257,0x2611d13d,0x65ce0e8c,
-        0xb5a2fdcc,0x2c95fe66,0x8658faa1,0x26698832,0x31c32c98,0xda87d1f4,
-        0xfcd91907,0x46650598 } },
-    /* 79 */
-    { { 0x6b4a5efa,0x4c6c13cc,0x1d07b265,0xc481989b,0x8bdc69c0,0x10b966ce,
-        0x2c2531d4,0xf54cfaa2,0xcad0a100,0xcb5f1808,0xee5da449,0xbeb52538,
-        0xbedd83cc,0xa6240085,0xd6255c78,0xe792dacf,0x2062058f,0x88371906,
-        0xed1658c1,0x96615e83,0x7d28d542,0x4b549b27,0x83b75df3,0xeaf127db,
-        0x17fbb942,0x4f60df6d,0xf6f7c930,0xd08631db,0x6018789f,0x17c38f98,
-        0xb9a9280c,0x0c43574a },
-      { 0x1d20cad0,0x76eb324c,0x8c61108a,0x90decb09,0x6f06d36d,0xa6e9d39c,
-        0xbc0da197,0x6cd978ba,0x507ac5ce,0x5948b1c0,0xc5497eb5,0x2bd47164,
-        0x4d5914e3,0x2a9c4c0f,0xa759f03c,0x772c5046,0x69ac847e,0xe7d7328a,
-        0x3048b330,0xa8d57d0c,0x40f7bace,0xe60034e0,0xa85f1790,0x823d9193,
-        0x5c859736,0xa6e9b66c,0x679e1022,0x22ca2c7a,0x09023fa4,0x00e7a19c,
-        0x2726d5b9,0x324999f1 } },
-    /* 80 */
-    { { 0x7c834915,0x667eaed6,0xbc5eb64d,0x9f77aa6a,0x25d62011,0x729ebcb6,
-        0x699fd9c2,0x0aee24f2,0x2b8d4f6c,0xe1eb5874,0x14c976d6,0x7f12710c,
-        0xf6d9ea65,0x91390335,0x06b50064,0x668b7049,0x0876ee4f,0x65969a0e,
-        0x2f9d9360,0xf901bf3f,0xb499e3ce,0xfb1a8651,0xf2dbcaaa,0x80b953fb,
-        0x973b06b6,0x312cc566,0x3af36c64,0x3534d9c3,0x10ffd815,0xe4463a52,
-        0xf18c2b91,0x57ea2b4b },
-      { 0x8aa0f2f2,0x00f5e162,0x0e46bcaa,0x8c7e75c5,0xa4a2c42d,0x97ab479a,
-        0x14baa202,0xb4f308ea,0x6943cc2e,0xa901bd14,0xeed58804,0xbb125fee,
-        0x9d180f7c,0x6502c8f9,0x1580c61c,0xe5353919,0x27101ee3,0x7e278069,
-        0xfaa72717,0x7a0a40a1,0x4c75b153,0x32edce02,0x538f1c22,0xda23660b,
-        0xbe307d2e,0x4d511e98,0x9baee0b4,0x24276e40,0x7ff1f307,0xa78c3927,
-        0xea7935c9,0x60480b46 } },
-    /* 81 */
-    { { 0x3872ece3,0x31087d66,0x955b70f8,0x5f29be7d,0x9cf95bb8,0xb50b4fc7,
-        0xdbffa621,0xbae3b58d,0xe022ba5d,0x0e61d280,0x4181449c,0x78ae5117,
-        0xcf555485,0x0b132840,0xb8ce0b0e,0x800ed1b6,0x78d5de3d,0x35dffdd5,
-        0x69a56b47,0xf7e42374,0x8d910ae7,0xd5e32369,0x6313c7c7,0xb6ff52a0,
-        0xa92de9e5,0x5a2fe20d,0xd12110bb,0x41b347d3,0x40c16f23,0xc5905edb,
-        0x9a8f88cc,0x0774a0d3 },
-      { 0xe3b6c106,0x3ae181ab,0x8de150b7,0x4ebe163f,0x6f354836,0xcf75b82f,
-        0x3ac7ac16,0xaa0d2063,0x291722af,0x5c680668,0x11545553,0x73941e61,
-        0xbf5de3f7,0x17127e38,0x1afb41da,0x32cfdf03,0x87bc8663,0xc6893c91,
-        0xa62c9c99,0x75046744,0x962c1947,0x96866e2d,0x378cdf4c,0x489ec8df,
-        0x3407fa32,0x3a60709b,0x551290d1,0xd37d2159,0xbab92273,0x9623d303,
-        0x2432014b,0x08151954 } },
-    /* 82 */
-    { { 0xfb7b2108,0xf9236d89,0xad75f9aa,0x3ecc83cc,0xb4e1da11,0xf7c72b15,
-        0x0315c362,0x552aeaef,0xf272fe3f,0x11e140ed,0x87843ee8,0x99d79bf6,
-        0x1d9bb25b,0xce6b54fd,0x5b1bad74,0xb20b0e21,0x5b84c90d,0x54a0214f,
-        0xfca6cec9,0x459bbf52,0x9e4df76f,0xe363c48d,0xd64cf17e,0x3045f84e,
-        0xf62ada48,0x8402a167,0x6a74ca01,0x2c9e1bf3,0xf691c42d,0xe8cf9d41,
-        0xc2c4b874,0x5abf2178 },
-      { 0xf3b3bccd,0x4777966b,0xbe3e0caa,0x0047e0f0,0x8c7d5043,0xcb8383b3,
-        0x946fd5fc,0xe77e3baf,0xe9ec0e87,0x79baa785,0xc8a18d25,0xd83c557c,
-        0x25befcfe,0x9b96e5af,0x98c71b61,0x4f05d15e,0x77e62da1,0x081f991a,
-        0xcbaa3821,0x1c6ec781,0xe54d9bfb,0x7522f65d,0x44ed1430,0xf5d05573,
-        0x95cafdda,0x3035b31f,0x6378f5bf,0x47e67f43,0x5270b9d9,0x029f7cad,
-        0x4d916a48,0x15ad1587 } },
-    /* 83 */
-    { { 0xaa588ae4,0x00de2ece,0xa371a232,0x552ebc58,0x71230444,0xd00ea934,
-        0xe4b1832d,0xafbfa67d,0xb689e843,0x29216341,0x61f4e2e8,0x1f96bbbd,
-        0x04c29dc5,0x95420684,0x42317fd1,0xc7fe3827,0x63483162,0xe0a0aec6,
-        0x0700184f,0xfc2b94d1,0xfe1fbd85,0x07219973,0xfb074352,0x648b6ab1,
-        0xc46e5392,0x23bbdaad,0x00fa56ff,0x0db8dd1f,0x866725f6,0x104815eb,
-        0x52e81963,0x3f9c4cca },
-      { 0x32ce637e,0xff36b297,0xf5d25cdd,0x81a15f2d,0x8b02ad97,0x1a1d052d,
-        0xcfbab3e9,0x2e5f3bbc,0x614eeb75,0x60d2cbd7,0xcd5a793a,0xd4491843,
-        0xcdba2144,0x2242cf75,0x88b99766,0xa20705e7,0xec77e132,0x64e12cc0,
-        0xb61a9b05,0xb1c14df6,0x74825b5a,0x8fd97f04,0x3da31223,0x95604821,
-        0x4d30c70d,0xde486727,0x1c12ee69,0xbcab8f15,0x668d893d,0x5dc638b4,
-        0x223f574b,0x6479dad6 } },
-    /* 84 */
-    { { 0xb05f2b26,0x569044f3,0x80b9f76c,0xb35a294a,0x4290f6ae,0x8839fe28,
-        0x026a5877,0x761cfb23,0x2e5ff9c3,0x768926b6,0x0b11c576,0xbae6cd20,
-        0x72a03efe,0xdc857756,0xe1bad63a,0x0cae074a,0xd709d99c,0x3fe491a1,
-        0x6501d9c1,0x76c5ded6,0xc32aeff7,0x1da6eca1,0xc57683e8,0x50849d55,
-        0xdf98d847,0x9e392e9c,0x64d9a564,0xfad7982f,0xa37b98b2,0xf7c3bdb7,
-        0xf0860497,0x1fe09f94 },
-      { 0x7648cc63,0x49a7eaae,0x67cfa714,0x13ea2511,0x653f4559,0xfc8b923c,
-        0x81a16e86,0xd957619b,0x3c864674,0x0c7e804b,0x1616599a,0xfc88134a,
-        0x0a652328,0x366ea969,0x4bc9029e,0x41532960,0xae2aad2b,0xef9e1994,
-        0x7f10bef5,0x9e2a8c52,0xc67bf860,0x73dcb586,0x844cc25d,0xf61a43fa,
-        0x74eb3653,0xd74e7eea,0xdd240f02,0xf3356706,0xfd83bcb4,0xeec7694c,
-        0xdb62526a,0x4de95786 } },
-    /* 85 */
-    { { 0x3deac2f7,0x4867d315,0xb61d9a8e,0xa084778a,0x0ab7b2d5,0xf3b76f96,
-        0xcfdf4f79,0x00b30056,0x31ab8f4b,0xd0701e15,0x9c779d01,0x07f948d5,
-        0x82675371,0x7c994ebc,0x48bad4c0,0x1104d4ee,0xbfc9d058,0x798ce0b5,
-        0x309fa80b,0xc7ca898d,0xacb33eaf,0x0244f225,0x5b2f3175,0xd51e8dfc,
-        0xa4d7be34,0x3e49ba6b,0xbda02b43,0x1760f4c7,0x4435275a,0x37e36a7e,
-        0xe636980c,0x1c94418b },
-      { 0x09dc1414,0x43a21313,0x43c93537,0x060765fc,0xdf5f79ce,0x6ff3207a,
-        0x85d4cfca,0x6f18b1fa,0x63e995ab,0xf5c4272e,0xa82b3002,0x121a09e4,
-        0x97147f16,0x82b65d1b,0x20a7fe26,0x4993c20c,0xe6716726,0x99c9cb98,
-        0xfeb440a0,0x5a02d673,0x251b4bc5,0x3f3fa9e1,0xa05338ea,0x75dbc474,
-        0x7b09f6cb,0x3cb4044b,0x80434609,0x6767da18,0x098ceac2,0x97851422,
-        0xb55235ba,0x611bfbb2 } },
-    /* 86 */
-    { { 0xf00ad2a1,0xbdbaa55e,0x14a290d7,0x29efa85e,0xe92b1694,0x3b4a4768,
-        0x11ec8130,0x67111bcd,0x88bd27b2,0x0e425702,0xd9a03c06,0xf28cf2a3,
-        0xf318884a,0xbb7c8d2d,0xe3aaeb20,0xe2ea1462,0x43b85d77,0x33535804,
-        0x554ee9bd,0x81ee4482,0xe6aa198f,0xeb2eee9e,0xc26c5944,0x7a5aa804,
-        0x82ab167c,0xa0ef2da5,0x02fe21a5,0x5a2ab476,0x3370298e,0x169cb3b8,
-        0x0eb3aa8d,0x86e6c544 },
-      { 0x0b793d9b,0xede03321,0x1ddb5ece,0xf79fade1,0x68930b64,0xf73fda92,
-        0xfe4fd1b2,0x06aad97d,0x92a4dc88,0x073a5b1d,0xbc976d75,0x8af8cbd8,
-        0x63ce26c0,0x60b4abb1,0xdcb1fb06,0x9c8300a9,0xda95b3d3,0x335a594c,
-        0xb37eac87,0x1f97d7d4,0x20eefaab,0xa3d2eba2,0xf3e828c8,0x3258c906,
-        0x85ab7781,0xc832616f,0x8c28b617,0x72597192,0x3233b82d,0xcd7196bc,
-        0x19fa126d,0x83867eb9 } },
-    /* 87 */
-    { { 0x22474edb,0x774fe73e,0x1a84e1ae,0x2a766394,0x9c6dd6e3,0x270329ad,
-        0x14f8bf5d,0x00c4a415,0xd2267b90,0x3ce2ea37,0x11d24fae,0x12753015,
-        0x263a1b78,0x7c14d854,0x1ae0b206,0x20c8401b,0x081f49fc,0xf32a011b,
-        0x959c6df8,0x1e8123fb,0x800e1d06,0xa328dc7c,0x24259a9a,0x5876a378,
-        0xb7ef6c37,0x23ada8b5,0xa93d4c9f,0x023f6b6e,0xffb6389f,0x89f5414d,
-        0xe628b39e,0x4b26bba2 },
-      { 0x5d318454,0xd30b1cb4,0xd7436cb6,0x123b749f,0x568a7461,0x3110c726,
-        0x1c84fd1e,0xc85de123,0x08403d55,0xa5f8d6e6,0x9b1fabf8,0x395b6e13,
-        0x3cfedce0,0xfe6d68c3,0x94b91110,0x1d90381f,0x2dcc6eb7,0xf0a8ea81,
-        0x7e90ca2b,0x59e80413,0xc8a25c5a,0xbeb5fc07,0x5d84663c,0x009c253a,
-        0x910b6a7c,0x00b15073,0x4108f8d5,0x8607da4c,0xcb901e65,0x02c3d9c3,
-        0x2c9615c6,0x4d697bc5 } },
-    /* 88 */
-    { { 0xefa8fb40,0xe0db1ef0,0x5ba3989c,0x29021c5b,0x809d19df,0xa8d6fb15,
-        0x4c1219e1,0x6b787b73,0x14ef05e2,0x6417e168,0x8f9796e2,0x449342db,
-        0xbf84421b,0x2f878a5e,0xe94a4536,0xe71916d7,0xae119693,0x9818bba3,
-        0x5768804e,0xec674be9,0xf8424f8a,0x0a26074c,0x466ce6ab,0xdbc93b9d,
-        0xc920078b,0xb3f15a98,0x3870f1a3,0x9d10fd0d,0xe4e785a7,0xa61241d9,
-        0xe6c8cd80,0x76ca87a1 },
-      { 0xe02e48b7,0x4357fb56,0xcc09e9c6,0xfbd14b13,0x24069cf0,0xdb5f2435,
-        0x2c3b01a9,0xf878165c,0xe6956dad,0xe549e7c4,0xbbd60b68,0xf2fe9538,
-        0x059dc653,0x952f856b,0xb377fe9b,0xd3f60225,0xbfe908c4,0x6a0c7328,
-        0xbc8f5f2d,0xce6aa2d3,0x24425050,0xf7213443,0x3d3b3ce5,0x17e1266a,
-        0xc1677512,0x75b5e43f,0x37fb894a,0x15927062,0x2be3e375,0x15260753,
-        0x6da3b7be,0x27e7f2c6 } },
-    /* 89 */
-    { { 0xe6a15883,0x638f65ad,0x66afdb33,0xd4a7e68c,0xd3f12de5,0x6207b6ab,
-        0x37b87810,0x1c6ff950,0x64acf6d3,0xc0d44cb2,0xf2be78c2,0x163ac601,
-        0x1636980e,0x1c63cc5a,0x95c9349b,0x3e92cfe8,0x41ec7220,0x7738e0d8,
-        0x2d5fa961,0x6169d764,0xc3e028e9,0x2aa776c1,0xb16d5409,0x93dc5646,
-        0x706df4d9,0xa0b27fb5,0xce9c6b97,0x9e991170,0x53c85f40,0xea8e42be,
-        0x83246528,0x02e96437 },
-      { 0xae78ea1f,0x91540add,0x7b670e96,0x51a1b74d,0xf7006826,0xf9936441,
-        0x7d7520c7,0x8f97d6ea,0x69ce12e1,0x0faa6a02,0x79208342,0x2590aca8,
-        0x75614436,0x7a483863,0xf381408f,0x07c6149e,0xd7853406,0x733bf584,
-        0x9abbb6f7,0x8761b010,0xf528a09a,0xe4eb249f,0x2e00ae3c,0x08781ed8,
-        0x2178effa,0x864c1b25,0x9d513a7e,0xcc1e62a2,0x1919062f,0xedb8b94e,
-        0x4f16527d,0x739f53da } },
-    /* 90 */
-    { { 0x924adc5f,0x7a5f4a88,0xa818f56d,0x95646c16,0x7795f954,0x0ec49129,
-        0xd19c5400,0x2b48753d,0x205912b4,0x16fa236b,0xe87a4946,0x6b3d65f3,
-        0x045fd066,0xa7174a01,0x12a5e140,0xb6350313,0xa96b8623,0xa79c4b44,
-        0x9ab003d5,0x7a339d65,0x3826f31a,0xc72f30c6,0x6f7090cd,0xb4e7390c,
-        0x906ebe24,0x59ac6c36,0xbba4505a,0x39a7f06d,0xc58c413a,0x839991e1,
-        0xa20e0e84,0x020c23ff },
-      { 0xafc74661,0x120e4ada,0x277fc065,0x37bbcf63,0xb6dce799,0x41049cf6,
-        0x7b161ba1,0x5b8d6b53,0xa9610fb2,0x22218431,0xdfdde769,0xde9ec9d1,
-        0x42d80630,0xd32bfa4d,0x6244df4b,0x3885702a,0x45592dfb,0xcdedd1ed,
-        0xfb4e01b8,0x0e1df45b,0x86e215b0,0x8f4bded2,0x6a937e6a,0x80935487,
-        0x8130f723,0x415278ba,0x38a821f8,0xc6dc4692,0xfd8b4f8a,0x2207b119,
-        0xf9269cef,0x76e7bf53 } },
-    /* 91 */
-    { { 0x27ebd187,0x5f128428,0xb65aadbb,0x8d3320ab,0x72258695,0xb042765a,
-        0x8f0986ab,0xda3f33f9,0xaebff503,0x411807a7,0x825f71a5,0x25c776ca,
-        0xff7df24b,0xc0de7bed,0x165f1fb4,0xda8b0f42,0x731f3ae3,0x5f3ff737,
-        0x193e0a52,0x4cd1d7e7,0xb6b3ba46,0x8df84aa3,0xaa1f3782,0xba84b897,
-        0xe7733ac7,0x6e7960cc,0x50981a21,0x4d46d6ab,0x7cbb80ed,0x1ec12c25,
-        0x2b96ef09,0x79e7ad27 },
-      { 0x8f30caae,0x3cd970dc,0x0a6ebef4,0x85cabcf1,0xc714616d,0x63c1863e,
-        0x519e3a98,0x1c50db0b,0x64cb13d6,0xf39b8963,0x22547b69,0xdf67d81f,
-        0xd67db0cc,0x7157abb9,0x889491b7,0xccca25ba,0x7a27e0dc,0xf689207c,
-        0x0fd43281,0x34ae8fbe,0x5720ec09,0xa5d91f73,0xcdfd7bed,0xb2f61909,
-        0x4a039e32,0x1ec10232,0xdb0d8fdc,0xd3c3d65e,0x4fe5005d,0x32c916c8,
-        0x4c0bea94,0x7f8c37ac } },
-    /* 92 */
-    { { 0x43ac05e5,0x33ec1e54,0xcd8d3825,0xda4a4da4,0x88bf9e2b,0x86d88c0b,
-        0xb53811dc,0x34d71dd0,0xa3c3aba4,0x655040d2,0xb61611be,0x2bc40949,
-        0x279a4fa0,0x1c2d426e,0x3b065ac3,0x535a5aa2,0xc52ea890,0xdaa8a32f,
-        0x9fddad22,0x5a5deca7,0x2ab3b26f,0x911f05fd,0xf37cd81e,0x5dace7db,
-        0x90d16b8c,0x0e0e44e7,0xe4f5894e,0x15e68aed,0xfc92a74f,0xafe04999,
-        0x970e7c2f,0x1d7703aa },
-      { 0x3f0062a9,0xa8a4c81d,0xd96a20ba,0xe31eb2b8,0x864bd101,0x66dd98df,
-        0x4413b614,0xba05f592,0xe9a555f8,0x51a67a0d,0x2e4b52d1,0xacc2f097,
-        0x7184ab23,0xab5daaec,0x7c7f691b,0xce08b43e,0x76c427f4,0x520e530b,
-        0xe423ebdc,0x7d352069,0x34df14ce,0x6b5e39e8,0x446305ac,0x3dcbf295,
-        0xfe34cdc1,0x682cb2e1,0x111f5afb,0xd4ac45d1,0x47f296f9,0xc5ef63cd,
-        0x93c20871,0x0a2c40ec } },
-    /* 93 */
-    { { 0xaf5747db,0x09bc384f,0xc06ab86b,0x3bad6086,0x9e7c1547,0xa406882e,
-        0x55977abf,0x2d5326d1,0xda81deb0,0x063a9a05,0x524b6111,0x9a86e4a7,
-        0x4ab2eb90,0x1402f87a,0xd5c600ba,0x7d0721d4,0xf289fdbf,0x1a2fd9a9,
-        0xecde6f07,0xf5dce66d,0xdab9fa73,0x62171277,0x6c474bab,0x6d2dc49f,
-        0x76eed033,0xdc017e1f,0x4da825d3,0xb97175c0,0x54b05e43,0x6c297e3d,
-        0x56c9c87e,0x2efb4546 },
-      { 0x8b21c064,0xa4712b00,0x4a70629e,0xd186fe42,0x9b74f0af,0x6435b340,
-        0x7ec9e629,0x6965aa43,0xc4c60d08,0xdda14673,0xbf3057aa,0x0b656670,
-        0x3ce86f60,0x7f05e840,0x04401a16,0xc05073a9,0x294e607e,0x16b1e638,
-        0x69cf7046,0x20783252,0xe8ce7d3a,0x2941141b,0x7577053d,0xd38ad8d3,
-        0xcaa6630d,0xdba68fb3,0xe9504350,0xecbeaff1,0x1d2d760b,0x9f5166d5,
-        0x462891e4,0x337532ce } },
-    /* 94 */
-    { { 0x3a00bb9b,0x3f111853,0x45f66685,0x2d2ffbae,0xd4aee24d,0x9ae11a85,
-        0x0341856e,0x18ba1e1b,0x2731349f,0xa9ac8178,0x545715b5,0xc13dfd4a,
-        0x5daad2ea,0xa5f7423c,0x535b76a7,0x30a483b9,0xff873e9b,0x92e9ada4,
-        0x723a1055,0x15662d84,0x8edac4e0,0xb935497b,0x39d8fa70,0x61b6441a,
-        0x40d1589f,0x1541d756,0xf0a05f0a,0x62994237,0x6bb28908,0xfd8b0034,
-        0xd4cd32bf,0x192a2b5d },
-      { 0x365ced07,0x63576628,0x05de1d1f,0x029f32fb,0xbf40a7aa,0x6d17b9bc,
-        0x9bb50a47,0x1b1b2a08,0x795a6278,0x9389abbb,0xb34fc19b,0x52cff60f,
-        0x387d8739,0xf3ab9492,0x6920ccd6,0xa8f053e6,0x63a9b4f0,0x3ef2dd4b,
-        0x51e82129,0x9ab0ede1,0x0838bfa1,0xafba0c0b,0x9ffc11be,0x2bd5a7ac,
-        0x95cc0878,0x058bfd95,0xf8c2f0c6,0x686d48a3,0x1d9b31ba,0xc33abaaf,
-        0x3bc0c268,0x632e2289 } },
-    /* 95 */
-    { { 0x15a1ccca,0x1c851d20,0x7e522bc3,0x4efe290c,0x18eab053,0x0b741d55,
-        0xbc85e217,0xae656197,0x01cf8b29,0xae13141e,0x66948478,0x2e2cb593,
-        0xc31bd8ae,0xeb57bb0f,0xc264e788,0xdecef5d6,0x9cb96d86,0x6fa856cc,
-        0x279183da,0x2db16813,0x383d796a,0xf03f3820,0x1d0c6fed,0x58a456ff,
-        0x8a6abd9b,0x25589805,0x83f96f19,0x339f52c5,0xda7e9ea7,0xcf6ded8f,
-        0x5d1ccd45,0x68c3d9c1 },
-      { 0xe6b392b7,0x67e26265,0x775d9509,0xcec1d9bf,0xd76514f7,0xe16abcd4,
-        0x0de72e1c,0xd86f59b2,0x1adfb033,0xa66e43cd,0x05e457cc,0xdb344340,
-        0x5681daa2,0xb67a7916,0xf0114731,0xc32e7bab,0xd3b1e961,0x066fe16e,
-        0xf63d26e6,0x924e298e,0x541add6d,0x9bea0dd8,0x9982f971,0xef9500df,
-        0xc5f076ac,0x5c876e63,0xb23d396b,0x55e12ae5,0x2ec6747a,0x09efbb36,
-        0x233286a5,0x8f2055ee } },
-    /* 96 */
-    { { 0xb82c1af0,0x4a4ab9e3,0xf2cae264,0xfc65e9e7,0x60187d46,0x4feaac0a,
-        0xe393b363,0x27d3f335,0x819bacce,0x9c9f7c00,0xb8aa6611,0x3f7418b5,
-        0x372aae95,0xffa94557,0x8db38589,0x937d7804,0x6f1fbc1c,0xd10c86df,
-        0xa2f0a0ce,0x48aebd89,0x367439eb,0xae5d5fa2,0x3f17d2d8,0x103a6a0b,
-        0x411d9894,0xf233f68a,0x218b67a2,0x7fece8b3,0x2319bf06,0x0422540f,
-        0x340d322e,0x1292c8c9 },
-      { 0x0386463d,0xf5eb5587,0x0371d97f,0xd4bbc2b2,0x0b819c5a,0x1b364571,
-        0xcf04ad41,0x0cbb42d6,0x66939ec1,0x5d819c76,0xa01847e7,0x8745ac13,
-        0x1c7232e4,0x4f704b02,0xacb05780,0x2c9e58a0,0xb561e295,0x9523b8b3,
-        0x79f9ba35,0x3384df00,0x1eaa9628,0x78231fc2,0x8aea2b90,0xa2eac54f,
-        0x30d1c263,0x8075ed77,0xfb339000,0xacb44ed5,0xf011293a,0x92546ac2,
-        0xeb821764,0x7c78762b } },
-    /* 97 */
-    { { 0x067902b6,0xb8f7d6fb,0xd1735980,0xb2823a43,0x59741ddd,0x062cfb12,
-        0x4033f95c,0x6e391b07,0x68589b8c,0x3831d0a3,0x522290f2,0xe3474d49,
-        0x222e1f3a,0x4dab14d6,0x53f08d39,0x8f00fcde,0x707f28f5,0x559917ae,
-        0x068e607c,0x166aa0ba,0xd7e1f824,0x602713e7,0x4d6a328f,0x7c255540,
-        0x9890cd2a,0x0d2e3264,0xeca0b20a,0xf2207944,0x52f4e09c,0x5c98dc07,
-        0xd84de81d,0x69403504 },
-      { 0xe5407206,0xf8b7b366,0x0d88fa8c,0x1ecf54cf,0xf7272e6f,0x6fefe548,
-        0x81ab4468,0xd6531372,0x4e474408,0x52cb5f0e,0x6490737f,0x9e426b3a,
-        0x4980d071,0x2576c19b,0x0f272caf,0x91f34628,0x468f31c9,0x78e60a4f,
-        0x90844d89,0x8776a329,0xb951582b,0x8a55700c,0x14b1adbf,0xab1af365,
-        0xfbd343ef,0x22ebff92,0xb7d81f34,0x32f9fb01,0xba6b30e1,0xad850e06,
-        0xbc5f9546,0x6da9e027 } },
-    /* 98 */
-    { { 0x5c9490ce,0x21eee4c2,0x0df68381,0xa96ec4a3,0xa4a9368e,0xe6c607e0,
-        0x4bc262f3,0xd8b0492a,0x460c34ff,0x0846a210,0x28df33cd,0xf7ff7a64,
-        0x21827612,0x10c55044,0x149bcd01,0x9d25fce9,0xcfc613dc,0x725611cd,
-        0x97f51ce5,0x159f7e88,0x4e8c08b5,0x3fa3bf31,0x75e7538f,0xea156115,
-        0x91c84020,0xd1e0a951,0xcf02ad0a,0x0d2268ba,0x058b8e5f,0xa04c6ac4,
-        0xb3515912,0x773b40b9 },
-      { 0x3631cfd2,0x00ff2cdc,0x807737bc,0x14c4c2d3,0x338a5270,0xd600616a,
-        0xb32cabde,0xd0e3306d,0xa70b17ca,0x336738ea,0x79f353ee,0xf2f4aa8d,
-        0x576f3ad3,0x712f6ad9,0x89b2bce0,0xe4279852,0xda92ca30,0x05d8f94d,
-        0xd8492dd9,0x9891d475,0x4d15e4bd,0x3e06a5ca,0x254eabbd,0x4725d4eb,
-        0xc0ed513c,0x31394ace,0xbbfaae6c,0x7e0f9859,0x833fd137,0xdc125546,
-        0xc56c4f75,0x12b46385 } },
-    /* 99 */
-    { { 0x932951de,0x810dbebd,0x5aa69c94,0x96959d42,0xecb2f08d,0x5fc49c04,
-        0x2250b82c,0xac74f0cc,0x3aec4e1d,0x96a439a5,0x90499acd,0xc33cab9a,
-        0x54d9b3af,0x2fccde66,0x3863ae8b,0xf4af285c,0x46febf88,0x2373373e,
-        0x3c9ab7ed,0x751d672c,0xfe12020c,0xc1c51130,0x52f3e56e,0xad82402f,
-        0xa4a64a81,0x3489ab7a,0xd9f163f2,0x0a1fb661,0x0e553317,0x17c69be1,
-        0x7d88d417,0x61c1935e },
-      { 0x3492ae43,0x2e722d9b,0x0538f05a,0x1ef89d95,0x200aab63,0xae77e588,
-        0xeba4b117,0x2872c120,0x3a461cb8,0x5c2432c8,0xcb938f26,0x315b3434,
-        0x8c4c7dc0,0x05bf2ac5,0x596b378d,0xd2e501dd,0xcb890c30,0xa8506c9f,
-        0x7c361f0c,0x3d0af461,0x5a35cbae,0x21f7b718,0xf3fc0138,0xbd1035f1,
-        0x8b248edf,0x74628af5,0x48c9cae0,0x8d6421d0,0x2ca18773,0x75e3da39,
-        0x71d3db94,0x27ad0df2 } },
-    /* 100 */
-    { { 0x305b5aed,0x9e3bda79,0x5998d6a7,0x2c67d4a4,0x0f7eb700,0xc855e1d3,
-        0x147d1c44,0xc18a7e9e,0xc89540ed,0x3ea99618,0x7e6bfd20,0xa53be20a,
-        0xecc14437,0xc9487e64,0x34ef85c6,0x72979207,0xd5e1ebd5,0xfa0d4e71,
-        0x4d48d6b6,0xfda2b1e6,0x66e200d4,0x782a1e05,0x5a5366a1,0x2a3c70da,
-        0x1a473738,0xfe3fbd2b,0x7fe020e8,0xd7ef8c06,0xeacfb665,0xec686fde,
-        0x6dd1542f,0x5d9b5e27 },
-      { 0xcb3e472e,0x3637c5a5,0x30a1405e,0x2153d927,0xb4498558,0x009992e5,
-        0xf39a0851,0x18f00ccd,0xb5c6c560,0x26237c11,0x1343540e,0x418ed408,
-        0x7e7f3184,0xfef7cbf0,0xbf48576b,0xecd92366,0xbc94c91a,0x1b75be1a,
-        0x4a162276,0x8e1778de,0xc5c6bcb8,0xc52e57d3,0x5ab71858,0x5cc382c7,
-        0x3f6e39f9,0xe12c2c28,0xd62735fc,0x4c7e0ef2,0x835a5996,0xe071deb1,
-        0xcbb8c766,0x24f891cd } },
-    /* 101 */
-    { { 0x6778c1e2,0x24ef60bf,0x00d5be5c,0xff49c03d,0x2f01a09f,0xec11986e,
-        0xae096e58,0x59a728a4,0x7077984c,0xaabbcedb,0x870ca5a5,0xfb473bd2,
-        0x4de30e3d,0x8c928c61,0x4f67abca,0x3fae7f9a,0xec21a9cf,0x83c2b2eb,
-        0x9cd9b5de,0xafa70d62,0xc60b18df,0xadeaea59,0x4049b54c,0xd5fef7be,
-        0x6dd310e3,0xfceebc76,0x8f6321cc,0x7748efe3,0x18ee8af5,0xfe9c32b1,
-        0xd42df612,0x863ac3cf },
-      { 0xb85a2fe2,0x0a36fca7,0xee429dc6,0xf3e70d08,0x141c3944,0x8c9ba209,
-        0x67272a0a,0x306a8106,0xf968bd06,0xe69a1555,0x153c603d,0xb86f7e47,
-        0xef56e4fa,0x9706614a,0x98780b4c,0xc0dc36b8,0x3a1d3263,0x43657fe2,
-        0x435522c9,0x01f97a86,0xedfef679,0xd91897f6,0x6daa17a0,0xebbe31d4,
-        0x85accfbd,0x6f179100,0x8f9fc1de,0xe0da6e32,0xe1e7142c,0x1c9d53db,
-        0x8b86725a,0x3e3f1b1e } },
-    /* 102 */
-    { { 0x7b7fbf05,0xb7ea15c0,0x1f1a3882,0x992f11b6,0xd1dcd1bc,0xc9ddd95a,
-        0xad0f7e8b,0x31f5b7fa,0xfca7ab79,0x2936e5eb,0x19a55be6,0x30f417dc,
-        0x43cde554,0x1f6f4e43,0x82f044bf,0x971f5e65,0x4288c408,0x73c3b8e4,
-        0xb807f575,0x61aac59f,0x818b58f0,0xa64ee2dd,0x97a3b0d3,0x6f7a0a60,
-        0x0394b058,0x8b85ecc8,0xbfb3517d,0x9a059474,0xa79c3f06,0x89ad5977,
-        0x700a8025,0x81208ed8 },
-      { 0x14c4ce37,0x10935099,0xa1aa48a6,0xf34bb843,0x580d58e8,0x86007024,
-        0xb375b8ba,0x6db42c49,0xed3bde83,0xac365524,0x649233b6,0x5521e1b4,
-        0x64dd946f,0xbc7cc5d5,0xbfb5b6ae,0x9c14b035,0x0146c1a3,0x7f22ba18,
-        0x872214f5,0x0b62fbbc,0xb4921764,0x3acfd7f7,0xcb4d6df1,0x5ff10da1,
-        0x62600a91,0x660e2620,0x81d9167f,0x7ac7da9d,0xb6e7a199,0x6e8e260c,
-        0x80deb3c2,0x44383fb8 } },
-    /* 103 */
-    { { 0xe44f9af6,0xe107f01d,0x8cb1fa1c,0x36381a4d,0xfb7dd493,0xe65be3ec,
-        0x26a8839f,0xd0b8435a,0x3ec789d8,0xee60f915,0x2bcc5e1f,0xe25fea50,
-        0x7e44a81c,0x0477c0c5,0x230ba5b8,0x349e9f83,0xde180dd9,0xdd42f32f,
-        0x64a3d11c,0x8b039eaf,0xbeb7083a,0x80ef884e,0xf12742cb,0x288e60c4,
-        0x720a0262,0x44156cc5,0x7253b77f,0xcd547de6,0xa6013a59,0x9829a6ec,
-        0x0d548445,0x8aee708f },
-      { 0x32c54409,0x18f22d9c,0x75ebaac4,0xa9ebfa46,0x86284981,0x90e2e928,
-        0x6b3a8e0c,0xd0201f6f,0xbd77641e,0xc973016c,0x70170575,0xf926f2f0,
-        0xfec0ce01,0x4984048f,0xf319d304,0xbf696211,0xc91a88c4,0x74b5c844,
-        0xe0030a82,0x4c40fbce,0xe4f6d521,0xbed67525,0x29d67d1e,0xaf7e47cc,
-        0xc21d3536,0xfa307db8,0xbbb29405,0x56b6c46a,0x033e805f,0xf059a7e3,
-        0x6096a5a0,0x970f61fe } },
-    /* 104 */
-    { { 0x1bec8e4a,0x1bc53d23,0x35a6034c,0x8809ac14,0x509e464d,0x4ee081da,
-        0x8a488235,0x496ae1fd,0x325864b6,0xa1ae9863,0x74cd069f,0xbaca13e9,
-        0xb1d8a6b4,0x3738cc58,0xe76b9da4,0x5fa71f58,0xc7eb16fb,0xc919be88,
-        0xad4e429d,0xf5c8f13f,0x2499f9ed,0x4583b671,0xa10d8bd7,0xbce20115,
-        0x5790bb7e,0xf66d7605,0x482b78dd,0x9316aede,0x75f855fa,0xe0d8fb2d,
-        0x5a7dcca7,0x404b5b94 },
-      { 0x517a15c7,0xf9ee682a,0xef880202,0xaae4cfbc,0x5106a354,0xcee2c139,
-        0x170febe7,0x5de60192,0x73d0c54b,0x589e39fd,0x8c9092b7,0x195c7135,
-        0x0a7bfe5f,0xcb7ed53f,0xf61cc979,0x2bd9242a,0x5395f7d9,0x8d2ef16c,
-        0x70b32f09,0x0d4ac1ca,0x52d185c1,0xa587526d,0x942d6195,0x2932b04a,
-        0xa500b0ac,0xfe25a979,0x562fd230,0x5fa1f4ae,0x20da253c,0x60f55af2,
-        0x83146002,0x7faa11b5 } },
-    /* 105 */
-    { { 0x6e402149,0xb0ba4f0c,0x963cc119,0x3584cc1d,0xa6527476,0x7740dc1a,
-        0xc95715f2,0x3f77ff75,0x3f89fb0e,0xb2f234ad,0xef9be3ff,0x55159032,
-        0x04237e82,0xfc9fb21d,0xa153ed93,0xeb2eff38,0x10041d13,0x89d53ae0,
-        0x7f1bd828,0xcf2e545b,0x43953ea5,0xdd4a27ce,0xd85e75c8,0x00d2e5d4,
-        0x241be1c3,0xeb93ed62,0x0242032d,0x1e53f25f,0xc3a4e701,0xb9957636,
-        0xed98febf,0x14b63a52 },
-      { 0x71c43336,0x7610b553,0x23a4824b,0x19dfd4a6,0x0286051b,0x7b97a2e0,
-        0x8f5f1edb,0x86abbb9c,0x9b67daad,0x67a57d77,0xcd5ffafb,0x8ace506d,
-        0x89ac3c63,0x85da9f95,0x75a3d150,0x081cbaa8,0xe9346ed2,0x03353d8f,
-        0xa1f9a02d,0xb2ab61f1,0x3a659c71,0xb0cb0937,0x4f5df8a1,0xb7e0e30b,
-        0xeb7d5a1d,0x77c4c741,0x728e5cf0,0x8f046c9c,0xf7c171ac,0x32dd0bc7,
-        0x836d2655,0x02485873 } },
-    /* 106 */
-    { { 0x75a4cd8d,0xcd40dd23,0x97bcba78,0x132ca433,0x258d61f5,0x30c5cd84,
-        0xda1e8e68,0x0a7ec059,0x1d65d40a,0x07a8f171,0xf4350d76,0x869e655e,
-        0x5983ae42,0xb98ce6f0,0x9d8bebd0,0x7b61391d,0xb1ba5d49,0x3a529e25,
-        0x1f6b2cf6,0x46f732e9,0x3fa3b629,0xbd66ec6a,0xc3ef0ed2,0x397950ec,
-        0x5f08b476,0xee9008cb,0x965a0e2e,0xfd6be425,0x1177bc87,0x78ed513c,
-        0xfe512dae,0x6798cedf },
-      { 0x1b97c5c6,0x49e3f8fd,0x78c3b33f,0x39fbab3e,0x40f595ba,0x44274412,
-        0x5d7d4376,0x174225b9,0x79c44777,0x880b3fcc,0x3296b245,0xdc3aca83,
-        0x1734e184,0x55913df7,0x9c934472,0xa4db23d3,0xd1420a11,0xcebb3733,
-        0xf3608bdc,0xb9d20cf9,0x30cfe13f,0xa618acf6,0x5f30874c,0x75f06b31,
-        0x9f0005a5,0x506efe7f,0x01bfc9db,0x8aaea78c,0xf78e7c41,0xf9179255,
-        0x52e96395,0x3ea7aed2 } },
-    /* 107 */
-    { { 0x5b06ae25,0x98617e04,0xcb5750ef,0xbcac148d,0x604c2ba2,0x91ea2f0e,
-        0x76b78975,0x00c19f6b,0x651da181,0x79b9b6d0,0xc945705b,0xf3225beb,
-        0x5c005bf1,0x30b435f3,0xbc24d86d,0x440b4482,0xd6373777,0x2b8f0996,
-        0x1c44b4dc,0x65fd6c56,0x30906999,0xe9405ee6,0x08aa1ec1,0x19ff0924,
-        0x3d2f2895,0xeef3246a,0xbc746797,0x016c3765,0xd0705f7e,0x62d2569f,
-        0x05250044,0x6a8ad39c },
-      { 0x46be7282,0xe45f020d,0x21380f12,0x9405afed,0xd5da6ad0,0x4cdca5bd,
-        0x7f8be61e,0xc2d6f184,0x596b8178,0x20132953,0x7a8df954,0x8d3b1e7b,
-        0x39572b4d,0x757c61bb,0x80cc3b56,0xd749b57b,0x37b3ffec,0x9590ff93,
-        0x145dc94d,0x39bbb653,0x2335e573,0x70c1c606,0xf763feba,0x9c2e72d7,
-        0xcc61b732,0x4768e424,0xaa73f2ca,0x777d2fa6,0xc5cb58cd,0xdee4dbaa,
-        0x9cfae1aa,0x1a181179 } },
-    /* 108 */
-    { { 0x77575ed0,0x6f6ff62f,0x7d1da99b,0x18f14fa9,0x69efd7f6,0x2e72aefb,
-        0xddc28633,0xc45ab4cb,0x586c5834,0xb0e20d48,0x39775dd8,0xd397011a,
-        0xf4134498,0x0130c808,0xf5115ed8,0x2d408eba,0x0260ded9,0xc506a05c,
-        0x19cab911,0x9e5b7362,0xe8693a86,0x4cf508c6,0xcc773617,0x4e71245f,
-        0x95d89ca3,0x2f71aa1f,0x607bbc98,0x4bba7c6a,0x212b7fd2,0xf3a515e7,
-        0x9230f5a8,0x7d2ddc75 },
-      { 0x4ed2cae8,0x3d05816d,0xb9c00377,0x4cf6bc7d,0x646b08d4,0xc23e98e6,
-        0x4b9c0180,0xf9ee6c61,0xef9179c1,0xe11c9a13,0x8ed9688a,0xa5b6147e,
-        0xd06670a7,0x7afeb648,0x17685275,0xd670333c,0x75f9e8f2,0xa89dd969,
-        0x37a68ade,0xbb57228d,0x454cb186,0x21a05d5e,0x063dd550,0x4810158f,
-        0x4cb6caf3,0x92dd4f08,0x7854abe7,0x70c4d852,0x6e729d76,0x845969dc,
-        0xb1bf40ba,0x5a52f87a } },
-    /* 109 */
-    { { 0x09ecacbd,0xed019e91,0x7b89bdea,0x6544023d,0x5707371e,0x7cc51f0b,
-        0x16c8e217,0x14832b04,0x81259ab5,0xb1aa6682,0x23e361d4,0x6e100f92,
-        0xe3a95c2a,0xe593eee9,0x16c10e26,0x699b6bbd,0x9473a13f,0xad487873,
-        0xb274987c,0xf1c14dc5,0x2559e2e9,0x57dc0075,0xc3d47ad2,0x8449849d,
-        0xdd527793,0x83df278a,0xeefd5b99,0x770e3ec8,0x76bd02a0,0x2ae58446,
-        0x3e705ffe,0x17f02764 },
-      { 0x29abea1f,0xdda4010d,0x2407ac4c,0x636b9695,0x0433218b,0x96a60129,
-        0x163d534a,0xf221fc3b,0xccc20565,0x05ba15be,0x96285577,0x1238e54d,
-        0x878804d3,0x1b144257,0xa89a9fe4,0x96fbf304,0x4be642b1,0xc8a7f06c,
-        0x6e2b085e,0xdd1a20e8,0xff4a591d,0x8f7f27c2,0xa4a343b8,0xc17b0753,
-        0xbb173d4d,0x684b1e88,0x3dc07bbe,0x3accea44,0x4c441d77,0xdb15c88d,
-        0x53e5957e,0x0ef0309a } },
-    /* 110 */
-    { { 0xfa8e5b60,0x4fc25721,0x691c0bb2,0x646938ad,0x0b0a2248,0xe46d4b76,
-        0x7de16877,0x863f9ac2,0x2721c630,0x503bb6ef,0x0b67fb02,0xf8c199df,
-        0xe07abd39,0x78c1ed72,0xb32f0dda,0xcf9deb7b,0x6c3c89f3,0xaff726f0,
-        0x1972225a,0xb7008b2d,0x4f145f5c,0x8f5a6117,0x457c4f37,0x4e0e6f8c,
-        0x1c453c64,0x8bbdaa44,0xa6e92c80,0x57be326d,0x5d773561,0xa9bc3fd9,
-        0xbb37b72a,0x3d3b6cc6 },
-      { 0x9722c880,0x6e6f12cc,0x286b6889,0x3a1b6ae7,0xad2fafec,0xba1cc09b,
-        0x43bb8bef,0xad64ad7a,0x97c3f4c3,0xa5af6a00,0xc353a91b,0x2afcb0d9,
-        0x69ccbf6b,0xca13fcab,0xf2abc190,0x699a1391,0x23a247e5,0x2dbd5542,
-        0x95488d9a,0xe206180f,0x1244cc3c,0xba9e7bff,0x87d3a365,0x29297abe,
-        0xfa4ca5e2,0x4054fa38,0x67be1b6c,0xb390623d,0x78f41a44,0x1fa67c57,
-        0xc7b544e7,0x2e946e43 } },
-    /* 111 */
-    { { 0xc60934ae,0x2980fddf,0x164206d1,0x2c3e7eff,0x416ed75a,0xf75e7f96,
-        0x5cd0b2dc,0xfac60cf3,0x1faad87b,0xddc4bece,0x9849e5dd,0x753fa87c,
-        0x2c1bf1ae,0xc5d516a3,0x14732b4b,0x565dbea8,0xce48696b,0x007ebe3a,
-        0xcdb97694,0x40ca74d6,0x65e4e7be,0x3f5cd270,0x3aac4ebc,0x74847c01,
-        0x43d6c3a1,0x6762e034,0x467a076a,0x690d8c95,0x1eda677d,0x768d78d6,
-        0x0181d8c2,0x0997ce55 },
-      { 0x965a0b81,0x9297746c,0xe5e12dfa,0x48b58be6,0x715f437f,0x5573b3c4,
-        0xb565c459,0xe425e907,0x1582797c,0x4f43f512,0x8ea5474f,0xe5dafa6f,
-        0x13de04ac,0x2aeb8fbe,0xe8a07c83,0xed7f95f0,0x662c09fe,0x3e012a6e,
-        0xc742cf17,0xbf96e9b8,0xe28a1c45,0x8ea5759a,0x5cf4e2f3,0x475941b4,
-        0xf901a019,0x7dd3c02d,0x70916b2e,0xe7a4deea,0x2fa9b988,0x50b272b5,
-        0xd0917fe6,0x96f9f09f } },
-    /* 112 */
-    { { 0x2c310a96,0x78e8aac4,0xf7a2a734,0x32a98303,0x23962207,0xc46ca83d,
-        0xd9541280,0xad131e6e,0x2cabe911,0x5791fc5e,0x841b6c68,0x50cb77eb,
-        0x3d3c8878,0xaff93dea,0xf1007bce,0x06541f1d,0x55cdf1fd,0x4ee729c2,
-        0x323e3972,0xe0f71317,0xad4d08c1,0xa2de7a41,0xa35e22bf,0xa9912abf,
-        0x89b03325,0xa050122b,0x06514d4e,0x8b9e51f4,0x79d3e0ab,0x423c7aad,
-        0x40b8fea5,0x71998e26 },
-      { 0xceb6ed78,0x40140fcd,0x18534516,0x653cf377,0xe8d60dcc,0x0450b65a,
-        0x9dac55f8,0xce6c1a76,0xae05686c,0x8a96a92d,0x12712562,0x2fe44762,
-        0xa4f39425,0x747bcb50,0xfc531fc2,0xf0ec6ff2,0x10fe9ff0,0xc97c3447,
-        0x9c792cff,0xfb488783,0x026fb019,0x552c5248,0xd804c290,0x4001a29c,
-        0x35c8ca73,0x742b5ad8,0x6ee5dfa0,0xc3781f17,0x3dfa4ab1,0xca6b85f0,
-        0x0b0d32ac,0x8389941a } },
-    /* 113 */
-    { { 0xde067dff,0xc0f062a2,0xbcb80162,0xd4f32690,0x0707a2bd,0x98cd990d,
-        0xfae4a391,0x5afc63b8,0xb32ad814,0x684f1b7b,0xf199dfb1,0xb0a2dce2,
-        0x48f25848,0x2260e17f,0xc2d5e862,0x7393db00,0x338cf171,0x9e88f854,
-        0x02acf522,0x00679429,0x6835af3d,0x19157cb8,0xb8a2614c,0x2faa6f92,
-        0x134ec46c,0x04ff95f5,0xfb7a8135,0xcf00626e,0xb37a4704,0x454b3d05,
-        0x2694ec25,0x1fbfda31 },
-      { 0xc8f69c77,0xfdebb657,0xa3df88fa,0x92a8278b,0xc1fb78b4,0x463b5571,
-        0x11c71a33,0xd2066a1a,0x089958b0,0x10c88143,0xcf9d67a6,0xb975c7e0,
-        0x73037b8f,0xdaa5d208,0x40bf5861,0x5ee5005d,0x7dba69a9,0x300e6ce7,
-        0xc962cc74,0x893c3cb3,0x4cf84055,0x0ac98629,0x225c9d70,0x0a7ef63a,
-        0xb91e47e8,0xfe184869,0x8c2f84be,0x1b9d7deb,0xc0e278bf,0x67788915,
-        0xc426f19e,0x4f9488ca } },
-    /* 114 */
-    { { 0xdd51b8ce,0x610dfcd4,0x36230e80,0x08579278,0x36599562,0xedc7ff1c,
-        0xe2cae877,0x905ead4b,0xe7967608,0xa1c325d9,0xbd38926c,0x3e39eddd,
-        0x5f6f0a4e,0xda92c868,0xf47a0fa4,0xe16f800a,0xe5f60aab,0x50b4db5b,
-        0x983853d3,0x3665412f,0x9b79789c,0x64b62250,0x4e0e72b2,0xea560058,
-        0xe555c2bb,0xabbd4901,0x17292e11,0x378419a7,0xe174218f,0x6e0b5aaa,
-        0x8f796b92,0x688e0684 },
-      { 0x313b8f64,0xcdfef641,0x942c7462,0xaef11b7b,0x5c0d8abd,0x067cfb77,
-        0xaf4041a9,0x608ea5f0,0x6935210f,0x23d5bd82,0x27917a08,0x5ab904fc,
-        0x45d22d21,0x85dbb1fe,0x4d36159f,0xc3d5e509,0x1d39b8f2,0xaebb528e,
-        0xf44acef0,0xdd5ca828,0x20c57a54,0x24209adf,0x78f95f44,0x5742b433,
-        0xa9337d37,0xd11fa7d9,0xc64cfdb7,0xd66a0c09,0x9bb817ec,0x56e55b8f,
-        0xe4c41265,0x1723c7e3 } },
-    /* 115 */
-    { { 0xdc8b43f3,0x9a6486d8,0x26409e68,0xfc3e0e61,0xd9b46003,0x1889c437,
-        0x6284ec7b,0x3a850335,0x6a9dbaea,0x5a3665c4,0xe978933c,0x7bf6941d,
-        0x69341490,0x1ed5a510,0x8cb8002d,0x664a7b7a,0x60ed0a59,0x603f76e4,
-        0x1f4ebf27,0xc3e06ba3,0xf2c38a7f,0x296ced41,0xcf1db08a,0x2ac18f79,
-        0xcde7a3b6,0xc919e882,0xdbf68b06,0x15e77d29,0x4e947cb5,0x21978baa,
-        0x7630993a,0x84bf542b },
-      { 0xe364f21e,0xc1decda9,0x012e557e,0x0d6cf345,0x588f90e1,0xba246848,
-        0xe3b104b8,0x9f6dda4b,0xe3aef57a,0x6bf7a346,0xe8327ea9,0x210299fe,
-        0xda95e6c7,0xaa99f487,0xd2cdf645,0x24ff813e,0x8bd414b8,0xd1dbb2d2,
-        0xcafa1a61,0x065101af,0x9cdebda4,0x7d9f4b9a,0xe41039e4,0xaf41b395,
-        0xc50adf42,0xe3e9e6ba,0x341e9e49,0x4f2133ae,0xcb157f23,0x4968c0f3,
-        0xda068153,0x383f827b } },
-    /* 116 */
-    { { 0x6583ff4c,0x2ec46a21,0x4ad709e7,0x4e645a29,0xc04ca12a,0xdc66e9cf,
-        0x9160a7e5,0x82f128f4,0x569c762e,0xbfb227b1,0xc2edb8e7,0xf80c7963,
-        0x49a0f688,0xa7dafe06,0x2d14b8cc,0xb7e41754,0x86de40be,0x3a0c5c53,
-        0x1db79331,0xf0d05286,0xfbfe071b,0xb902ce69,0x210e9903,0x61e46956,
-        0xf703ebb8,0xfaef874e,0xdd5f78b6,0xf668947e,0x5af5ea3a,0x6fe86547,
-        0x43f94625,0x3b121f15 },
-      { 0x659275e9,0x5b26e847,0x6d0fce50,0x47581cfd,0x8aa3f1ef,0x55f5cbfd,
-        0xe484e60e,0x1e7be315,0xfe9698e4,0xd8f1a20f,0x7ab04784,0x25d46da9,
-        0x834cdb3e,0xa526db75,0x8d08a009,0x1fd408d9,0x5b5ca816,0xfc004b20,
-        0x65e4bbe8,0x5b3e3bb3,0x759bb6ef,0xf50cc125,0xc2fac737,0xf05fa817,
-        0xd273951a,0x9ee102d2,0xfecb3367,0x2a8e540b,0x2a6a515f,0x673446fb,
-        0x37290c83,0x5505e1d1 } },
-    /* 117 */
-    { { 0xd15e68a6,0x0c3014a1,0x64dd35e5,0x6f9f0b26,0x03ad67f9,0x18c3742d,
-        0xd2c14484,0x74818c0e,0x0d41a3cb,0xc5181169,0xc49f3e9e,0x65c8c83f,
-        0x2c279386,0x9b260c61,0xced04e9c,0xf6086fae,0xfd7c4758,0xa7b2cceb,
-        0x90297fd8,0x4b3c3133,0x09701ac8,0xca8264e8,0x508b3762,0x9f976a87,
-        0x983a8dfe,0x5d582714,0xd9d598e9,0x350d2669,0x0f6fd348,0x85cb89cb,
-        0xa574317c,0x617d80d4 },
-      { 0x70022b67,0x4cef267e,0x3768b94a,0x80536bb5,0xd2784462,0x3153a566,
-        0x38243919,0x49054d44,0x5df78c4a,0x8d11e172,0xd5a1e35a,0x9b252a71,
-        0x8171e31d,0x07866c80,0x1b38a00e,0x0a8501db,0xce770236,0x2ed932b8,
-        0x8edaf7d0,0xa2d77609,0xb93006e9,0x3aee5dab,0xbbfeb036,0xfaffc8c4,
-        0x4e21b38b,0x077b9678,0xdca8e069,0x491fc59f,0x0e938471,0x3f624f55,
-        0x7cd1780b,0x5156f508 } },
-    /* 118 */
-    { { 0x0206e8d0,0x58234e22,0x7f15af32,0xf5f6f5d4,0xd638950f,0xafab7289,
-        0x7d4495f4,0x66ec4d09,0x68da80a9,0xad890c5d,0x64f8a36b,0xe4aa0920,
-        0x0f4d5c5f,0x799e257e,0x24495e31,0x44c677ae,0xa5b8e352,0x720387b3,
-        0x75a287b9,0x703790f4,0xc3c1f2f7,0x54895cc5,0x41a7fa41,0xb8680f9b,
-        0xb00b008b,0xfcd47458,0xba6473cb,0x149cc838,0xac9be19a,0x78ed5f7a,
-        0xb33765ba,0x5254599c },
-      { 0xa21b54c4,0x08739679,0xb6497d9d,0x029ece2a,0xc8488640,0xf14f1a92,
-        0xe9fa79d9,0xae48dcff,0x46c208db,0x14b911c2,0xdae3f69e,0x5ab0fbf2,
-        0xd1edb838,0x180ac87e,0x188586bb,0x146fd718,0x5467cbd0,0x210eb654,
-        0x1667cfee,0xaa239408,0xb73d1a60,0xdb125c1a,0x881c1cbe,0xde685300,
-        0x37c30232,0xfe34c713,0x6f3c8d18,0xc6c6070e,0xb4af4e83,0x07e365ba,
-        0xdcf82b45,0x22f0a7ed } },
-    /* 119 */
-    { { 0xea7f1b7f,0xe262791f,0xdcff09d4,0x9c3d8c5d,0x39c7dc58,0x86c2a9c3,
-        0x4276e8c0,0x4dad4017,0xe9fe1d56,0x0a918f59,0x2aa810c9,0xb8d79670,
-        0x4aa5cdc4,0xeb7a8836,0xe7afa72e,0xfc4c23bb,0x4ac86908,0x4dbb5c9e,
-        0x6a0c7e6f,0x37e39013,0x49c218d2,0x855d7001,0x94b324a2,0xe475bc67,
-        0x6287a071,0xc98a8dc6,0x5fb4323c,0x395a299b,0x0c0389e9,0xe186c3ee,
-        0x16734c46,0x79f81e6f },
-      { 0x364f3c4e,0x83f2c1f3,0x1367e14b,0x536b2ac5,0x5933e43d,0x44a6dcfc,
-        0x10d961fe,0x34e59475,0x7e3f2aae,0x08234ece,0xbdea7f25,0xcb92e00a,
-        0xa791a124,0x1efba4f0,0x1192d53a,0xc2086fd2,0xb51c8af6,0xfec0d0fc,
-        0xdc0f1b5f,0x48d1b2ca,0x812dbe19,0xb07a388f,0xdedbdd45,0x40873a6a,
-        0xd702589a,0xbc2a1268,0x17e27b64,0xbbf6e3a8,0x6d386e85,0x73ee5663,
-        0x9de7c000,0x442ecd37 } },
-    /* 120 */
-    { { 0x8a2f90a6,0xb4cd1ae6,0x6f5ad0cc,0xf277d41d,0x401d4b8e,0x6a3828c4,
-        0xd8376631,0xe817a134,0xf5e1124b,0x142b758d,0xfd6b95e4,0x25fbc69d,
-        0xd74a9e3e,0xa30c9f5f,0xd89663ce,0x5ac0f163,0x0ce6386d,0x32a9eef7,
-        0xd8ed5544,0x7a690ea5,0x9889427a,0x5de23ff0,0xeaaced58,0x75ad36a5,
-        0xd3e18465,0x3514a6c1,0x7f093910,0x3d9162c3,0xe33d56e8,0x5c10add9,
-        0x06aa691e,0x85176b73 },
-      { 0x28a21e38,0xa32110fa,0x5773d538,0x97b6379d,0x2d020dc4,0xd3697bbf,
-        0x961833cd,0x59177593,0xe5fa8516,0x6d7045fa,0x786ab5d2,0x3390f29a,
-        0xdc4f5b70,0xac0bda30,0xdcc615c6,0xcca0240a,0xc5146d91,0x8e1f1702,
-        0xa72cef87,0xceb472d0,0x0b669ba1,0x84840708,0x7e61aa0a,0x79b08f9d,
-        0x4669560b,0x388160be,0x948eb71e,0x23935c2d,0x9431590c,0xd7fd83c0,
-        0x6e5768b3,0x8ab154bb } },
-    /* 121 */
-    { { 0x353c4a96,0x28686003,0x905cd835,0x4e5c60e8,0x8f66f8cc,0xbd591364,
-        0x9faccf9e,0xb6b80b98,0xe32639e5,0xbc1c1fae,0x278aadeb,0x2f6396d2,
-        0x1898202d,0x00a796d0,0x3a474835,0x18ab548f,0xb31b0e3e,0xacd056c3,
-        0x0164512d,0x15ba68dd,0x4b03f3bc,0x203836d9,0xd8f206c5,0xd64eca6b,
-        0x9f1779b6,0x931a361e,0x52ab34a8,0xd82690fc,0x92922e22,0x342bb8e0,
-        0xe00b02a9,0x1bfcdd84 },
-      { 0x75a365d9,0x310b9a43,0x08d8fb03,0xd4ade15e,0xd742df83,0x9c9753d7,
-        0xde318742,0xcf7309d4,0x3360ace0,0x1228e212,0xf7669643,0x1043d238,
-        0xf90f5a53,0xfc2adbed,0x7b5f9397,0x41d64cb7,0xc446d010,0x5200b30a,
-        0x231720fe,0xc3c8642d,0xb9aa2075,0xfcc0122d,0x041eae47,0x856e3b12,
-        0x68c876a4,0x45864455,0x233606b1,0x1a1c7842,0x227757bf,0x9b766d1f,
-        0xf7b9d4f1,0x25b78a3b } },
-    /* 122 */
-    { { 0x156707ce,0x90835718,0x4314f90a,0x9bdc2398,0x8be57dbd,0x017c885a,
-        0xad63a4b8,0xd4bba225,0x15aacffd,0x5ce71b86,0x72954722,0x5f266475,
-        0x4f0ad3dd,0x0a80f1f7,0xfc352ed7,0x010538a3,0x4203c6ca,0xf8a64045,
-        0x330c73b4,0x2b2c7a88,0x02dcac1b,0xb3433ee6,0xed2b17c7,0x2e0499cf,
-        0xbd6329c7,0x9f8681a4,0x36fadc37,0x38979946,0x92b7895b,0xdc5650c8,
-        0x65a51cf0,0x70ab9570 },
-      { 0x7b585d93,0x46778ec4,0xa633fe4e,0xca6d3610,0x4ea0311a,0x21da154e,
-        0xbd64002f,0xaf22190b,0xd91cb7a9,0x9e633ac7,0xee6837d7,0xed13c31f,
-        0x1616ee8a,0xda4a07d7,0x3afcd616,0xd78a2732,0xba14d694,0xc06696e5,
-        0x4df58420,0x733754d7,0x2778e3c9,0xe85e504e,0x55b5a5c2,0x3055aa0c,
-        0x8a3acb5c,0x313df538,0x2a088eda,0x5896acb5,0x84c85dde,0xfc8842a0,
-        0x51dde6be,0x5fec9f79 } },
-    /* 123 */
-    { { 0xfe519f99,0x5ebc2c7c,0xe5410353,0xe396bd80,0x8a3988f3,0xaded9402,
-        0xd601bda1,0x1c03b735,0x14ce64ac,0xfd302036,0x01240290,0x5837ebe9,
-        0xa554097d,0xcaaea1a3,0xb0b88139,0xdce73d25,0xecb090b9,0x35ed412b,
-        0xd63dab3c,0x99029ff7,0x062db071,0x555437d9,0x42a4c11d,0x277d2f56,
-        0x24fc9109,0x477fa645,0x2799254d,0x7b12e9b7,0xd84c618c,0x7ad2ae22,
-        0xce8ed195,0x0a8d5663 },
-      { 0x0a21fde1,0x43ac5163,0x6903d849,0xcfcf5dd6,0x5fdd6281,0x6d2499ee,
-        0x77a49a34,0x4dedc6f0,0x2875c06f,0x46bda2c0,0x347b8046,0xd0e0e0f6,
-        0x5e67836f,0x1058169b,0xde8a8042,0xc961912a,0xa93b3d32,0xdf3fea0a,
-        0x0c576bc5,0x9f138edb,0xd8d37e47,0x7971ad6e,0xcce5e7cb,0xeab85739,
-        0x1d202b40,0x88a4b434,0xe3a1fd26,0x5d842557,0xb3a86f91,0x872fabd5,
-        0x6aa4629f,0x95b93493 } },
-    /* 124 */
-    { { 0x99f951de,0x9998a701,0xf058db45,0x8fade596,0xf3d03dd3,0x4d479c1e,
-        0x33b141d3,0x6e928d5d,0xacfe8a40,0x9a465800,0xc1cefa3d,0xd108ad2f,
-        0xe013726e,0x64b96921,0x8e83bb9f,0xb9b6a6b6,0x1242e544,0x29f1e6dc,
-        0x2f65966b,0xd3f8f676,0x5e105b41,0xa34dd096,0x16011e1c,0xd4e9139a,
-        0x2515541b,0xeea4dc68,0xc822166d,0x6f8030ac,0x31d16124,0xbdc7ae1d,
-        0x621afa7d,0x2e25ef51 },
-      { 0xdd8e7357,0x2533cf8f,0xeaceddb8,0x333ba218,0x0784d2ac,0x68e3e31d,
-        0xf2804ae2,0x1c927f36,0x77e7ad7e,0x01433d22,0x587f78a0,0x0b401cf0,
-        0xaa0027ae,0x9dfcf036,0x1d9a46b5,0xc9e46c8b,0x1f288d32,0xaa6de486,
-        0x1b8a043d,0xdd56da2f,0xf2d0bb56,0x346230e5,0x19defb56,0x19f0b6e4,
-        0x21d2c874,0x55ec37cd,0xb70e45b3,0x3dbf0397,0xac7ce852,0xf0862a8d,
-        0xe141f3d6,0x87979ea7 } },
-    /* 125 */
-    { { 0x7f1c747f,0x9b7e7b3f,0xc6e63369,0x151a4c1d,0xb372dba0,0x4273ff70,
-        0xd3ee54fe,0xca6d2234,0xd33cae0f,0x12fc8e0c,0x5dd6f10c,0x27328538,
-        0xf01a9cf9,0xc86f3fbd,0xe36cae91,0x5322677f,0x2fefea44,0x39a70033,
-        0xce8af217,0x2c9ca328,0xf6a731f4,0xc0256776,0x66a96813,0xc687b3df,
-        0x8db2eda8,0x194aab12,0xeec4febd,0xde30dc5a,0x979241b2,0xc052236a,
-        0xc23d4c16,0x3ec98802 },
-      { 0x4072f74d,0x0f9e760c,0xab594059,0xe78eb0de,0xc9b009c2,0xdb3dea40,
-        0x38b59ae5,0x47e875f0,0x2b4daa06,0xf40eb436,0x090f3788,0x9a6a4f92,
-        0xedbfaf8b,0xefebe9af,0x9867e256,0xf87f96a5,0x75ab6aeb,0x1e6fed23,
-        0x3fdb13cb,0x17f2782a,0x70fa2621,0x5102c71e,0xfd4c0dbe,0x5d2b06ec,
-        0x30347297,0x537cc268,0x2b67e780,0x8dbf5e2b,0xba25da32,0x2f633f3a,
-        0xefaec914,0x3e9315e8 } },
-    /* 126 */
-    { { 0x239a9ea9,0x9255cfa5,0x0be33a62,0x20f3c690,0x9cb642bd,0x759eeb4b,
-        0x00bae718,0x3316c546,0xf3410f84,0x874a76d5,0x90f129b6,0x123b502e,
-        0x12851f1c,0xadc8f9a8,0x1b62408c,0xf57b764a,0x1a80777b,0x116ec01f,
-        0x1f0ddc5c,0x746ecef2,0xe5a6a5a7,0x3c49d47c,0x06e955ba,0x1e15dbe7,
-        0xb45d79b0,0x629c0c79,0x778d1087,0x11278308,0x8c6a22d7,0x22585dc7,
-        0x0a682791,0x2ed02a0d },
-      { 0x4daa2682,0x53043416,0x01359625,0x0e26d32b,0xbd867097,0x449c834a,
-        0xee77ae2e,0x11a19d2b,0x3af6c169,0x39bd529a,0x5cd61054,0x36cca5c0,
-        0xdc6c0fe1,0x6370a59b,0xb93d5135,0xca420d27,0x554c451a,0xd8730d45,
-        0x96cdebf2,0xebd258c9,0xa50f9a05,0x0cb1b990,0x7b0f0151,0x69a8c97a,
-        0x11d217e1,0x2cc36d34,0x752f75e8,0xf117688a,0xa09b2a61,0x1db01394,
-        0xa9efd7dd,0x14627844 } },
-    /* 127 */
-    { { 0x232803cf,0x6bca3aed,0x9a96ff34,0xc1e4398b,0x74ab788b,0xcaf6757f,
-        0x7e68c04d,0xc3a53e00,0x5cb7cd20,0x5f969c19,0xdc068bca,0xf28b65a6,
-        0x1d863032,0xe3ca01d3,0x87808e14,0x9b733b81,0xefe618be,0xb5d704d9,
-        0xb01b946d,0x276f3542,0xfbedddbf,0xe057e19e,0x903275ce,0x7d182f2b,
-        0x880f7bc6,0x3cdc5f77,0x78476c14,0xd6f03d3f,0xa9ba5072,0x035f5557,
-        0xb4029628,0x7acb57b6 },
-      { 0x44e6b07c,0xd2413569,0xe1c7345d,0x451c4cc9,0xe273b9fb,0x407444d8,
-        0xb88e34fc,0xfe496079,0xf152776d,0x77d184cf,0xc742299c,0x6d1033b9,
-        0x77bf2897,0x29a0a684,0xee8f0420,0x59ffdf10,0x44bb56d6,0x4e17146c,
-        0xfb9ae855,0x831d06c2,0xd93e7cd5,0xb2cb82db,0x3c96b607,0x83381c46,
-        0x7549e2a8,0x06aed251,0x774a21d4,0xef97891c,0x8675fbdd,0xae9807c7,
-        0x6363516c,0x6a5a05b9 } },
-    /* 128 */
-    { { 0x6a8f4f33,0x92e71ea6,0x4dea8f4a,0xf2fc6fc6,0xfee88461,0xd356252c,
-        0x08954d08,0x59b0a83e,0x468ab766,0x5bd68c23,0x900f8d04,0x40281357,
-        0x52b867ae,0x181c19c0,0x18764c41,0x986a5169,0x13575d24,0xcb01dfae,
-        0x593677b7,0x17269ae5,0x46dc9b19,0xf6d17025,0xc40097c8,0x8de68499,
-        0x259c407b,0x76df0032,0x17d29d8b,0x4091aad9,0x4a7ab5f6,0xa7f46d21,
-        0x70ece48c,0x688054b4 },
-      { 0x51a5b86c,0xf0d168aa,0x95777247,0x2437e4d8,0xf1720329,0xae844076,
-        0x9647a54e,0x0a7ac87d,0x0405622c,0x1e597a4b,0xf0a79f2f,0xedefe5c6,
-        0x4d55156d,0xaf3ef0c2,0xef047cf6,0x917fb04e,0x54b62137,0x3792799f,
-        0x314be0b8,0x875ea32f,0x0c466b0c,0xe157c65b,0x7e218978,0xd28c90ce,
-        0xcde587af,0xb90fc3ba,0x8b877bed,0xdd32d71c,0xca8e10cd,0x3b432200,
-        0xd94f6e53,0x0021f419 } },
-    /* 129 */
-    { { 0x43519d26,0x2191122c,0x40a51845,0xbdafac1d,0x548bb89f,0xcc6f71e9,
-        0x16844bf9,0x9ef3375c,0x178e8d55,0xe7789f79,0x1f8be1c5,0x04f599b6,
-        0x2cbbde40,0x8088c99a,0x893206c9,0x8939a260,0xfcd30851,0xa1ae4bff,
-        0xe08feafe,0x664cb3fe,0xff14aabc,0x61f38099,0x2a841ef9,0x0d8394cc,
-        0x17f01db6,0x75fad8ad,0x6debb773,0x6fc34576,0xa4252512,0x1e716b05,
-        0x29e1ed9f,0x79855880 },
-      { 0x95106473,0xa2cb3aaa,0x5a61da04,0x95fafa41,0x539563c0,0xfd3c9362,
-        0x95312b87,0xbaa48091,0xbf885c76,0x6c7e7582,0x230c78d5,0x70f6dab6,
-        0x7747440d,0x8ce3051c,0xffdb6186,0x6dbebd14,0x190e4096,0xb0e041fa,
-        0x6ee62e2a,0xba10c466,0x74f333d6,0x93d57e2a,0xfe7b9b66,0x006aadc4,
-        0x06d2837d,0xfaf72f6c,0x910741ea,0x318cc5e6,0x65692477,0x9c502609,
-        0x1d0fb08d,0x95d823c3 } },
-    /* 130 */
-    { { 0x140528a5,0x6aeebd86,0x53979bc8,0xf268c2ba,0x4ec144ab,0xb1bc9b8a,
-        0x82a7d7ed,0x1efabb0d,0x4e0118d8,0xf12c70d1,0xa1c1558e,0x31607168,
-        0xe4b7e73e,0x33e428b7,0x83aec9dd,0x63176637,0xe12ac35c,0x5172ffbe,
-        0xbc17b2a4,0x37df0bfb,0x741f812a,0x4212f870,0xe2888f9c,0x3dcecbdb,
-        0x756ca55d,0xa9dc15aa,0xb9028e41,0xf31918ec,0x6aeadb03,0x7ede0285,
-        0x78654f54,0x0e2708d5 },
-      { 0xcde20f88,0x2270cc53,0x5f5b1039,0x9338272c,0x5dcb1dbf,0x5042e19e,
-        0xb72d74c1,0x4b3de219,0x2aaaaa55,0x16c49a8b,0xbba86ba6,0x008443e5,
-        0x20cf1695,0xee6bcd72,0xa89abd11,0x59ffac6b,0xf115639d,0x2831217b,
-        0xf34cba52,0xe4d28af2,0x0727a906,0xf27f03e7,0x69017766,0x6842c79f,
-        0x7a81123e,0xcb3469bd,0xa42973b8,0x48c0f346,0x23990dbd,0xfc5784a6,
-        0xfb299678,0x0d3dab3b } },
-    /* 131 */
-    { { 0xce29c3cc,0x8f8376e6,0xf016cbc6,0xcb0507ec,0x5e394ce1,0xdebff996,
-        0x73c50d41,0x24fc526f,0x2d16ce3d,0x4edd5a54,0x91c13141,0xbb37bdd9,
-        0xe33a8606,0xe3442ef2,0xc0629da8,0x2ae90337,0x592ab331,0x57faec64,
-        0xd82b857b,0x1a938997,0xa3373176,0xad6c8cb9,0x9086751f,0x82595de2,
-        0x18c17196,0xa81e97fb,0xbf697357,0xe4f48a13,0x5cb89f69,0xa1387c2e,
-        0x5874b426,0x530b4eeb },
-      { 0xbab7b5ae,0xe9f275a1,0x03a57bf4,0xbb69dc4d,0xa45c505b,0xc974dc4a,
-        0x416ac402,0x726369f3,0xaed985dc,0x735e4e78,0xcdd446a1,0x0548d879,
-        0x9e16b02a,0x84ceb069,0x789b11a6,0xf73f6fa4,0xb2a4e784,0x6aa0c41f,
-        0x93a9b697,0xb1f76902,0xf03a8ab2,0x814cce00,0x844d66c1,0x64cb255b,
-        0x30952201,0xb794e7d6,0x3da32271,0xe052d4e4,0x08b6a4d9,0x5278b2e7,
-        0x80c6577f,0x90942552 } },
-    /* 132 */
-    { { 0x0d5b4c2f,0xd269a14d,0x5c8a649c,0x2b8fc59b,0xb0e37d4a,0x95becb3a,
-        0x9111037e,0xfda1a768,0x94e35322,0x5810e05a,0xa178fafc,0xa24dcc12,
-        0x8e3dce62,0x5c2c63b2,0x9452c444,0x995c3f17,0x42d45161,0x35330ec3,
-        0xb4ef8129,0xa025a60a,0x8bae9c13,0x85493252,0xe2e3caf8,0x25d1a606,
-        0x3649bf47,0xd44091ab,0x704ec5f1,0xc7d0afbf,0xbd8b3333,0x27bd1d62,
-        0xcfe616f5,0x50570111 },
-      { 0xf534356b,0xd0084ace,0x4b4b0fbc,0x9df1de05,0xcee04dc1,0x021afe05,
-        0x361b78e1,0x64bde688,0xef78d38b,0xa324fcc7,0xeb0a5e4e,0xfeb372ce,
-        0x65811996,0xef04fcb3,0x5eb0ab4e,0x7dce5d50,0x238c586e,0x1e29b588,
-        0xbcd80037,0xde5e3197,0x4806b9cf,0x8bf5e451,0xd18e67ab,0x4330968b,
-        0xf9f63fad,0x26a7d04e,0xb5c18bb4,0xa1c7f123,0x25dce22c,0x485b8482,
-        0xd540e79f,0x8ff0b36f } },
-    /* 133 */
-    { { 0x3ff42cff,0x99f2e2f4,0x1c35317c,0xa3c19f9d,0xaba1b545,0xdb749392,
-        0x4afa9a32,0x84232b05,0xd7dcd436,0x0b855d46,0x45cf9915,0x8ac35e20,
-        0xf001a218,0xd7cf22c7,0xed408305,0x057d35ae,0x553ccfcd,0x25a4a519,
-        0x93e2b939,0x5e565793,0x3422ec27,0xa20332b0,0x3ac53958,0x9b09005e,
-        0x79e9b163,0x628051a3,0xfc6618d6,0xb4a0dc09,0x6748e7af,0x9e0e857f,
-        0xc577d63e,0x71b28eee },
-      { 0x99726bf8,0x4942b0cd,0x1c208f3c,0x1290a3b9,0xb0598eaa,0xfd7290e7,
-        0xa25a9128,0xc6a7791f,0xc037d7da,0x2d33db24,0x70e2837b,0xc21efeb0,
-        0xe3dae2a0,0xbf70d96e,0x85076027,0x43ed8191,0x4d4ad7e3,0x4aeb0aa8,
-        0xe8c5b74c,0xbc75101f,0xad26ebdd,0xdbfb2a6e,0x6b78aa4e,0xba812068,
-        0xe1159848,0xc94aa8f2,0x3eba5c4e,0x0d10d9db,0x6318295a,0xce7fec47,
-        0x330d925a,0x7294711a } },
-    /* 134 */
-    { { 0x32bbd495,0xfce45904,0xbe54973f,0x330f4dd1,0x5d9c3f4e,0x006bee1d,
-        0x59ba7204,0x40ee6078,0x42c2c768,0xc194fd3f,0xe9fe88be,0xa0e76b12,
-        0xec2b0210,0x17cddddb,0x00811ec7,0x689d436b,0x284be9e4,0xa6a6ba37,
-        0x007d4114,0xabc395b2,0x0f11e744,0xf8cdf9f3,0xe9396402,0xc5febec8,
-        0xeeb46285,0x8a751743,0xc6e0d137,0x99bf8782,0xbeb292e3,0x3965e170,
-        0x5801fd5f,0x001c39d8 },
-      { 0xda4a0912,0xf4805cb9,0x4410bca4,0xd27cb76a,0xec71d65b,0xef3dcb8e,
-        0x4816849a,0x780fbb2b,0xa8b24635,0xef6a7026,0x12c44e68,0x15625c88,
-        0x4d7a74a8,0x624c232c,0x4b1631e4,0x81a77037,0xdb917c2e,0x04e4f7f1,
-        0x1f61ed95,0x1d0465fd,0xcbde6e3d,0xb1048049,0xd7131fcf,0x637ce0c1,
-        0x8ada4715,0x22e4dbc2,0xace99726,0xf7530c5c,0xee287450,0xa0160dcc,
-        0xbb91af13,0x9132e670 } },
-    /* 135 */
-    { { 0x7996099d,0x8057efe2,0xa06e608c,0xb72344db,0xd0958588,0xeb4a8740,
-        0x79e5aee9,0xe53daf06,0x908a2fad,0xc9560a9a,0x107e706a,0x7f4be131,
-        0x2830246a,0x6d5f3d9b,0x27cca3e6,0xa5f8e8da,0x4c28f292,0xeb51dca6,
-        0xf31dfd78,0x4cfa310e,0x2ca073e5,0x92e0c7c2,0xa40da683,0x102f1694,
-        0x750d38fc,0x16bb07cc,0xbadae035,0x703e83e2,0xb4d3c9dd,0xea93c066,
-        0x79940ed1,0x7d0b03e5 },
-      { 0x4dd94c63,0x5fe7ea30,0x738b0b3a,0x57ef01c5,0xa14e6b4b,0x9534a78c,
-        0xa5353276,0x07622cde,0x7c22d006,0xaf696a07,0x7d46b209,0x733c1886,
-        0x626c2b4a,0x9654ccbb,0xa84f3c4c,0xa098d3a1,0x2d734b74,0x3596f9ed,
-        0x5d551c90,0xdfd3021a,0x1ec5123f,0xe2ba7d2f,0xb2c1aa39,0xf9726925,
-        0xf8eb2927,0xd2e75d0e,0x19192a6f,0xfaba712e,0x9b83e50e,0xa606b43a,
-        0xdab5de60,0x31b1782f } },
-    /* 136 */
-    { { 0x4034db92,0x878dba45,0x8f34dc4d,0xa3977901,0xdf754c33,0x8d004f2e,
-        0xcd563a88,0xeaa5954a,0xbb5ffad1,0xa29d6c89,0xb0d8bdb8,0xa8adf655,
-        0x8cdbdb47,0xf7fb842d,0x80d3205b,0xb72e3a03,0x7cac7ca9,0xc335b0b2,
-        0xd8a5475d,0xffc60bcb,0xeba4d25f,0x736f7719,0x0c50fca6,0x3d901c38,
-        0x80c01900,0x1fdacf7b,0x5681f84d,0x75cf658f,0x5cefbbc1,0x57a7e634,
-        0x3e07ed1f,0x6fc0fbe5 },
-      { 0xb81b0e5f,0x496d116b,0x2ac853b8,0xd82dd2a5,0x327387f0,0x357e22d4,
-        0xba912c59,0x3e332a84,0x49d5dcc1,0x8b71c643,0x438d85d3,0x0c982ee9,
-        0xbf7fcd4e,0x90b9553c,0x38fed5e3,0x2cb39bbc,0x5ac42903,0xa2c67c9c,
-        0xbf07da55,0xebf21217,0xa0b9e4ee,0x55ac05ad,0x8ee9e0c6,0x10bb12c2,
-        0x48bb6e3f,0x5cf3aee5,0x8b046e91,0x4ae7269c,0xaa0e553f,0xcb266012,
-        0xa94c8fc8,0x701935a1 } },
-    /* 137 */
-    { { 0xa4626dea,0xde58d41d,0x15b9039f,0x25ef66ca,0x3164e65b,0x99a810a4,
-        0x748cfccf,0x9fe6daad,0x2f142fa9,0x7ab9a6bd,0x5d471796,0xa4cba168,
-        0x6bc3a39b,0x12d30b36,0x8bf45076,0x1f46a5dc,0x1421ac0e,0xb868e529,
-        0x59bba1c4,0x7a686206,0xda698b90,0x2b4b552e,0xe5453707,0x5039dcd4,
-        0x9e90165f,0x42a07a9e,0xd7d45dfc,0xa838fff3,0x3b5ceb30,0x41991e5a,
-        0x969ca600,0x6c961ec8 },
-      { 0xc4e7eb46,0x703bdc1b,0x596c7b48,0xd6bac557,0x66afd74d,0x4f9917cd,
-        0x656ce6f3,0x56355105,0x32497175,0x3d1fb50c,0x63effb2d,0xfda6783e,
-        0xeefaa2bd,0xbd79f1f3,0x17af9ef7,0xa4efbe54,0x5a55b7a4,0x6cef6462,
-        0x1a713304,0x116f3238,0xb95625a3,0xdb2a2a7f,0x0b027e96,0x6a0aa43a,
-        0x4832b3bc,0x458fe5d2,0x5adfaac0,0x523418df,0xc49e7f9a,0xc05a89cb,
-        0x69e24b53,0x830883d8 } },
-    /* 138 */
-    { { 0x02557389,0x959b1c62,0xadefc0bc,0x5fe5ce97,0x8330f383,0x893bbe7f,
-        0x16cfb81e,0x27e0c6af,0xd04428fd,0x6f64e65b,0xb79e6182,0x53de9245,
-        0x487e11ca,0x08a313c1,0x445bce93,0x65cec3b9,0xd67ed49e,0x33bc0314,
-        0x30782352,0x69f36b24,0x93ad31d2,0xd78e5daf,0xc780890c,0xf2682b70,
-        0x9e45efe9,0x7015c34f,0xe6cbafea,0x135d4ba4,0x7e3fcc6c,0x43a378a4,
-        0x96638f8c,0x2376f97f },
-      { 0xae575b99,0x0a6e1ec0,0x81b970dc,0x7e14cb4f,0xd3a73947,0xf00a3824,
-        0xfb235a9d,0x0b4b9c81,0x5bf62944,0x8d15115f,0x1e165d7a,0xcfd35b43,
-        0xb2ee3e3b,0x5d12fea2,0xf5182e7b,0x629984a6,0xc365d08e,0x4e43e2f3,
-        0x30f36e72,0x99327091,0xfd345401,0x698b4a00,0xbaf96dce,0x23c4fd0e,
-        0x23675554,0xa60ba0ae,0xb0325784,0x51bdac2d,0x215464a1,0x8ab4190a,
-        0x6bf10296,0x8c461661 } },
-    /* 139 */
-    { { 0x2d1f36a5,0xeffca258,0x894c5f2d,0x0eded2b2,0x43ced84f,0x35a5cdb8,
-        0xdb0e3b9b,0x290f8982,0x0719a112,0xcce0eaf0,0x39a362d6,0xd0e657e4,
-        0x62697e47,0x5516a55d,0x8e636514,0x269e1f77,0xd50269bc,0x5e3dedcb,
-        0x441c57c5,0xecec2300,0xc705578d,0xdb83f31c,0x1e489eab,0x1bdefb73,
-        0x395fcdb4,0x20b678cf,0xff9db001,0x908cf91c,0x55f52cc8,0xcbebc6f4,
-        0xb4c61162,0x155ea622 },
-      { 0x876fa42e,0x94be2f1f,0x7fadeee7,0xab5e8749,0x38c865af,0x692e70f5,
-        0xdf8059b0,0x16e99b84,0x8b5a7ac9,0x0ceb606e,0x2d463d2b,0xced23357,
-        0x2a9a09a0,0x2d0f2623,0x3861fbdf,0x2529998c,0xc1be310b,0x711888a7,
-        0x0d8aade3,0x9b1229c5,0x3b13533d,0xdbcf9b78,0xff029708,0x3ca746f8,
-        0xda83ef88,0xa5a013a1,0x4ab28444,0x8e904d18,0xbcbd4aba,0x2fe84b3d,
-        0x259058c3,0x8f570f24 } },
-    /* 140 */
-    { { 0x2ca9c508,0xdeb66c8a,0x69d6b780,0x2dc5bec2,0x88ead600,0x16d61266,
-        0x49d72614,0x61841b97,0xce472e6f,0x41e40e6c,0x1fa7a876,0xada24264,
-        0xcc3997a0,0x45b9fd33,0x7c15dcf4,0xb25e8fa9,0x12e9629d,0x0124ceb2,
-        0x7db3d956,0x3a8c72c6,0x7c1a7844,0x8e2ded2b,0x6dd027ff,0x94ab09c6,
-        0x7e7a2bc6,0xf89a057d,0xcf70c763,0xad8bf226,0xc8a26212,0x4cb268e7,
-        0xb2c44c1d,0x3d171e87 },
-      { 0x8ce49820,0x382ac16e,0xc0c44dc9,0x24ee45e2,0x73e858c4,0x0ec67912,
-        0x46327cf9,0x918cb25c,0xc6159c1f,0x43e3876b,0x37545cb3,0xb6b6e0e0,
-        0x5d12347e,0x64b839ab,0xa300d541,0x72e09274,0x881c1169,0x26ab28e6,
-        0xeb75a843,0x4a580fff,0x359120df,0x0a5802ca,0x3209f4a3,0x7fee82d0,
-        0x8e6a9380,0xb518016b,0xc2ee11ca,0xb99c6c70,0xab9d4ec7,0x16105af1,
-        0x34cd9004,0x234e98f8 } },
-    /* 141 */
-    { { 0x14db9cda,0xff435208,0x96adec90,0x99cfdc47,0xaf458b6d,0x843aaa6f,
-        0x743eaa31,0x3f1f7415,0x61735d81,0x915e192e,0x0ac595d5,0x3441a22d,
-        0xc044bc8d,0x704bbf67,0xbe23a236,0x2f960471,0x15d1d557,0xcc326388,
-        0x76b1dd94,0x9410230b,0x0c1c8a67,0xf2e5439f,0x833c910d,0x56b141ac,
-        0x865b84df,0x467c999f,0x21f02b7b,0x1b0251fa,0x96216950,0xde5b5260,
-        0xce3a1e93,0x6a2130e3 },
-      { 0x4b3ca1a7,0xd21b67a0,0x00c0ce80,0xaf42ed53,0x932cf07a,0x22ccd368,
-        0x5c25c35a,0x36523a81,0x8dd04d06,0xecdd3958,0xb2f93a3b,0x73da3502,
-        0xd5e5b530,0x4c5e0c3c,0x13268777,0xef9f5486,0x1e742292,0xed87fefc,
-        0xa24e5ede,0x6d9ac29e,0x33849f1a,0x08abc9f0,0x40f23905,0xb09b2292,
-        0x7f934353,0x6791072c,0xe6aeb550,0x102a6381,0x96feb870,0x3ee07409,
-        0x9c4d2830,0x34f06faa } },
-    /* 142 */
-    { { 0x2348f005,0x869dc79f,0xdf4920b1,0x9b5c5d71,0x6dee64a4,0xfd1b57ca,
-        0xe82a4fb4,0x21b7f734,0xb9578366,0x637cb834,0x7d287d96,0xc934101b,
-        0x0392ecab,0x1590f8ac,0x7f75f4e3,0x280dc373,0x6a61ac62,0x8b36f50f,
-        0xa65568da,0x74f58304,0xd930870a,0x80d792a9,0xfc8895cc,0x6d17b192,
-        0x4914939f,0x498392fa,0xd41d5b9e,0xaf36027d,0x5caa82b5,0x452d79e2,
-        0xf4115d1a,0x764d47b1 },
-      { 0xa2ee8b9c,0x5df22303,0x85dfcd48,0x1b9f72d3,0x10813a37,0x6b42b983,
-        0x3de741f5,0xe28c523b,0xf303bb5b,0x0857625a,0xac9bf9af,0x926f299a,
-        0x0d445b34,0x21beac08,0xd6ba2c0e,0x6a523a02,0x7fce2864,0xe302a1b1,
-        0xe300c1ea,0x4516a235,0x7b4a9311,0x4543736a,0xc0cc89f7,0xd3c0b9e8,
-        0x40ed88de,0x0481904f,0x3cb7fc70,0x4f269b56,0x321b9738,0x09a1d53a,
-        0x230a3810,0x1c0dd9c3 } },
-    /* 143 */
-    { { 0xc46a7d9a,0xffaa1f67,0xbedf91cc,0x64743334,0x47a42f2e,0x45833a74,
-        0x241ffaa9,0x67980051,0x335efe6b,0x70979a84,0xf08b2403,0x5f0613f5,
-        0x64f211dc,0x6bb22fcd,0xa0572cfc,0xe1b8b2a3,0x7950a14a,0x19e0eb41,
-        0x3eb6cd4c,0xe634bb29,0x470a25ff,0x31a04b25,0xa3d15a0a,0xa41f7ac9,
-        0xbf2fede9,0xefed85ec,0x81b94a00,0x1f581f5f,0x9ef4a15c,0xaa3996b0,
-        0xb06041bc,0x52d8be39 },
-      { 0xfd631a2f,0xbd1536f6,0xb351a8dc,0x91fae7f0,0x9b126212,0xd1a590c7,
-        0x2bd0f435,0x52d4875f,0x92b0ea70,0x9aedb6d3,0xb83ab89e,0x0bd0abdc,
-        0x89fe192c,0x827a1062,0x102a0bda,0x6566a960,0xce036814,0xda083037,
-        0x58639405,0x30bed79f,0xdbca8df9,0x972019b6,0xefdaa3f5,0x89201286,
-        0x5236b892,0xb337b996,0x28fc2e73,0x11d3e38e,0x880e8da3,0x70787f41,
-        0xdae4a45d,0x6cff6367 } },
-    /* 144 */
-    { { 0xf89a8bb4,0xbd3d0433,0x93b98f71,0x42144c33,0x03470a2d,0x82b616c8,
-        0xe5da089e,0x98fcc757,0x7bf5fda6,0x542354ef,0x9ebd34cc,0x1885c253,
-        0xbec5dd0d,0x2e20b285,0x782a1bca,0xe71bbbe1,0x9b854ef0,0x959ded30,
-        0x8997fa6a,0x17249979,0xd81f3c45,0x50cf8fa8,0x60c11152,0xa9a3b517,
-        0xecf845ea,0xc9b0ef7d,0xb9fed11b,0xc9339e23,0x28256080,0xc93e9c5c,
-        0x613ec1e7,0x1d2c8217 },
-      { 0x987cfc93,0x7381347d,0xf187f810,0x047603bb,0x1250ca31,0x3fa6bc9d,
-        0xbb055bf3,0x480091e0,0x3a3af87c,0xbdf95f1a,0x140540ab,0xe2687770,
-        0xd7fe045b,0x998df730,0xb723bc2d,0xb398135f,0x15ebec46,0xac230f8c,
-        0x5f5561c0,0xe08e1830,0xda60a47f,0x7c0fbf4c,0xe16d4bfc,0x06e95c24,
-        0x74617e92,0x74163495,0x4ae0c20e,0x39719869,0x2131e2b6,0xfe269312,
-        0x0a537722,0x25486e36 } },
-    /* 145 */
-    { { 0x53572806,0x618795ca,0x656968e1,0xb2c89449,0x3fb323ae,0x149c2c97,
-        0x409bc7d6,0xfb15de26,0xc79121b3,0xa90cda72,0x204cabbb,0x6d2fa14e,
-        0x91604125,0xcbcda6f7,0xb435f947,0x25086261,0xc282eb10,0xdb686c38,
-        0xf1a791cb,0x51016d62,0x61a2266c,0x6b1c7ed1,0x271d74a6,0x26780666,
-        0x824287a4,0xb5ffeda1,0xbbe4f0f3,0xcbe503ff,0xb9482a74,0xd7f7f0be,
-        0x088493f1,0x751b2358 },
-      { 0xe9c9be68,0xd597b9d6,0x67d10c6c,0x1794b5c4,0x7762b2f4,0xa88cdc3d,
-        0xa1b44e11,0x6d94a63a,0xaaa8eca8,0xfb0bbbb9,0xc963d87f,0xf4b0f2d0,
-        0x5dc7075d,0xb753062c,0x49933989,0xfed726ac,0x57f9ccde,0x5da60638,
-        0x75f8c766,0x221c392a,0x5dc672ca,0xcd264d95,0xb66ecc8d,0x7004ff22,
-        0x18a458ba,0xfb1aa9ae,0x8babd653,0xea9644df,0x2ba0de7c,0xa9378e80,
-        0xca2c6c75,0x144cc12d } },
-    /* 146 */
-    { { 0x2989aa3a,0x593a0a1d,0x59e6e64d,0xd83f2283,0xd32e732e,0xe938b0cb,
-        0x3c3cb249,0xf4c464c5,0xf89ea6ac,0x9750a5f8,0x346cfc32,0x467e5bbf,
-        0x37b2b809,0xc9bfab9d,0x3b339c6d,0xf8eb7453,0x3b766dee,0x3fe01fbe,
-        0xef6aea27,0xb3154254,0x7be61b10,0x555c3df2,0xdd818488,0x70fb6d81,
-        0xbbe714f9,0xda1af3a4,0x9d18f693,0x575f2017,0x2465b839,0xdc08fc6b,
-        0x6b84a951,0x874ecf33 },
-      { 0xbbb3f6be,0x624af83e,0x08bb423d,0xf578fbb9,0xd7873527,0x5623b0ba,
-        0xa62e0442,0xc3659bd8,0xfe236f79,0x2903b167,0xe53f26a6,0x55a430c6,
-        0x3ad712cf,0x222547ae,0x76eb272b,0xb73890d7,0x3d628df9,0x95b4f70b,
-        0x53eae4ac,0x9f0e13b0,0xe7f2174e,0x5b4f5138,0x98dbae17,0x75482cf9,
-        0x44518480,0x2b69bbde,0xcafef15c,0x4f279652,0xb6bcaf19,0xa0a3ef2b,
-        0xce4c634f,0x31fb8581 } },
-    /* 147 */
-    { { 0x615cd607,0x398306d1,0xaa32c3a6,0x680c9faa,0x7779131d,0xe87a705b,
-        0x36708b00,0x1031013a,0x9445297f,0x814fa0e1,0xa6a79b56,0x70c5583a,
-        0x4b16bed4,0x03039cbf,0xaaaaf8d3,0x18a7ca8d,0x5cdb68a5,0xf33159e7,
-        0xd23814fa,0xdea0e738,0x8d0f4f9f,0xeb352718,0xdcdff032,0xb0b76609,
-        0x3d48338b,0x65ba8ea9,0x55dd507a,0x18044d82,0x4a4a50b4,0x844a223e,
-        0x18e19e54,0x98323000 },
-      { 0x57f3d5a6,0x28a21027,0x6e8cadcd,0xffce5648,0x02551f3b,0x9590381b,
-        0x935ebdf1,0xb26cc64f,0xc083aa6e,0x60611291,0x88e4cf41,0xcd988a66,
-        0xdd53b1b5,0x581c3f73,0x77fc621d,0x78c804a9,0xfadca2fa,0x31874330,
-        0xc83ccf02,0xf7008da4,0xa79a4707,0xc4122a1d,0x4a915eb5,0x9a8e0d3f,
-        0xd0123660,0xa2de157d,0x65ead2a0,0x45ef43b2,0x188db285,0xd0a22ade,
-        0x922e0caa,0x8abbe39e } },
-    /* 148 */
-    { { 0x3a2d2f01,0xb4446905,0x5dc6685c,0xd27c3193,0x1d74a027,0x6a908bbf,
-        0x5b50ec1d,0x01da350f,0x3f3c2e26,0x1d3dd45e,0xb836ee92,0xf66e11d0,
-        0x474b979c,0x7e03908f,0x98b87834,0x19e7c5b9,0xbd3d1de9,0xa741d3fe,
-        0x1ef6059b,0x63c68e8d,0x3674e247,0x9b9ff939,0x3e7e67f6,0x1d7d53e7,
-        0xaee9e248,0x698dc326,0xb3bd984c,0x52f23eda,0x6f8fe8a7,0xf95e31b0,
-        0xc3d0ba95,0x0f15b4d0 },
-      { 0x790a8d85,0x8f2f6635,0xe2595af1,0x51bffbae,0x24b51287,0xd15b7ec6,
-        0x3234715d,0x7639b6ab,0x2bc5441d,0x0cdd5299,0xf6d05833,0x54800ea4,
-        0xf6d6e360,0x21efd752,0x19290613,0xc0b7ffe5,0xeea898cd,0xb68a5825,
-        0x22982266,0xecedba92,0xbbd06bb2,0x678a91b0,0x4bb6b0cb,0xb2436dc0,
-        0xcaf8ea98,0xcf7a99e7,0x71aa05bb,0xb92d0e6e,0xf5993eb1,0xbf8d0471,
-        0x20385ddb,0x515db378 } },
-    /* 149 */
-    { { 0x6f5bef22,0xee43eaaa,0x20348712,0x952d2698,0x7a3af6c6,0x1e4c484e,
-        0x9a8c9403,0x18d434c6,0x5001899a,0x63e5d741,0xfe8ea40c,0x5238dbbc,
-        0x96798721,0xca6cc8d2,0x04acbde8,0x73db6aee,0xb7f993ce,0xbf69328d,
-        0xad45e334,0xa3f79bbf,0x7c1f1630,0x8c51ec93,0x9b00a6de,0x4907325f,
-        0x12d82bc3,0x49e6acb4,0x0ec59fc9,0x5901b36d,0x9cf34e3b,0xcb09b710,
-        0x1abf4c02,0x2de0487e },
-      { 0x8dd9d484,0x18b722f3,0x7c77bacc,0x83349393,0x93d92b8a,0x58dbb8f1,
-        0x8e3fac25,0x80d78d50,0x745f4a7d,0xf0500981,0x877cc29d,0xd072bfed,
-        0xc30a89f8,0x67abf8f2,0x9a0820d7,0x92c567ea,0x8a3a5738,0x425ab12e,
-        0xf055521b,0xc162faeb,0xb94ea5e9,0xee1c4f26,0x3d71e546,0x1e414994,
-        0x43e8be1d,0x258183b8,0xef9eae0b,0x44917c82,0x73874a30,0x6813a457,
-        0xcc42f86e,0x6f6ac071 } },
-    /* 150 */
-    { { 0x4dd6e3b1,0xd38822ad,0xad620869,0xfc78e1cc,0x2cacde80,0xe7843845,
-        0xa8469fe3,0x121cc14a,0xe67e8ef2,0x8e8f3da7,0x4d347448,0xdb83d16e,
-        0x798631f4,0x3ba1dd98,0x0a4c4c17,0xdfab5977,0x3edc701f,0x1f0a1306,
-        0x6cd8ff28,0x4649d601,0xbcc55bc9,0x2267230b,0x5760412a,0x02a19c60,
-        0x328faef6,0xc719d5f1,0xf67eaad9,0x27cb969e,0x719bafb5,0xf342530e,
-        0xff5a82cb,0x6e2c24cc },
-      { 0xadaf8793,0x6313024b,0x035c948e,0x944bccf1,0x953500bf,0xe9a066b7,
-        0x1d116765,0x7991a946,0x9fd93c78,0x95addb2e,0xe92e5495,0x05d2c037,
-        0x9f03e5cf,0xcb145b18,0x95aa1f72,0x81ae48ca,0x135a6e4f,0x203f2702,
-        0x49b2a7d5,0x2bcef5a2,0x02d7f2a3,0x0687a900,0x6c6745b0,0x2f7d3228,
-        0x86507305,0x3da8a875,0x2e8dc58f,0xbe38b884,0xdbf11185,0x6b48bf34,
-        0x97c08f91,0x5af7fd0d } },
-    /* 151 */
-    { { 0xf4a224a5,0x55f9b950,0xcc50273a,0x41904574,0x643f1fd5,0x34f81330,
-        0x0e50f783,0x996801bb,0x89581712,0x866d7403,0xa4091d36,0xdb9a405d,
-        0x16a46fe7,0xf1e379df,0x83bf9168,0x8d04a93f,0x32b20bca,0xae4c8335,
-        0xf72a1c10,0x99d334b1,0xd8195db4,0x8fbc9977,0xfba14b5d,0xcaeb3dff,
-        0x76daf476,0x60fef022,0xdb5b72f4,0x4b948dfe,0xb6dfb062,0x5185c925,
-        0x9609d4ae,0x27a9c381 },
-      { 0xf12a93af,0x73c37346,0x5536634d,0x028b707c,0x498193d1,0x8efa58d5,
-        0xef21b69d,0x4f83a5cc,0xa788a0e2,0x05cbb0a3,0x65b13c98,0x01031781,
-        0x2b73784c,0xfea20e58,0xe50361f2,0xdf9713a0,0xd0cc22d9,0x31449a0f,
-        0x7c5e2e1b,0x183752e7,0xb67044cf,0x6e44d6bd,0x733e177a,0x012dde95,
-        0x08ee2c23,0x68b49669,0x1f5f1949,0xd9bb0541,0x6acd886f,0x95182c71,
-        0xfbde9244,0x1c690694 } },
-    /* 152 */
-    { { 0x3a880026,0x5db67d17,0x125d95f2,0x89c4f0a0,0x3f6cb7a4,0x29050551,
-        0x5cbbdca5,0x3eb231d1,0x972bcbd3,0xf8cffc99,0xad55a03a,0xcb4ef4d4,
-        0x22867c2f,0x944d47ca,0x0ead1aa5,0x96d88548,0xcbc8b045,0x76a57cf8,
-        0x005e55a0,0xdfe5844b,0x1d18a097,0x5e9e7e19,0x52923c74,0x957a26e8,
-        0x7f5db339,0xd0867b79,0x63bed0c8,0x2553408e,0x689ad23c,0x1596e5d5,
-        0xa504c339,0x7b8c13d6 },
-      { 0x52fb6901,0x2fc43aad,0x16ca253b,0x1c0313f9,0x515aadc6,0x1475830a,
-        0x7f577dc2,0xc93d1926,0xf723c0dd,0x26e52e8e,0x3eb9f6da,0x2f1e0eb8,
-        0xf180376d,0x9979de82,0xb0834939,0x43e28ecb,0xa39c38e7,0x9a2d51dc,
-        0xa8e3f6b5,0x6e6063a9,0x4b9b3270,0x4cf1da3a,0xd2f8915d,0x6e5348a2,
-        0x50507912,0x5e75e3e0,0x20d383fa,0xaeffce57,0x8fd2fb29,0x1d6d53cc,
-        0x696f4cd0,0x0e3c3ef6 } },
-    /* 153 */
-    { { 0x21ee1d83,0x3bc337c1,0x787b7788,0x97e08f6d,0x138fa4ce,0xbf709fcc,
-        0xa0348e58,0xbaf77647,0xa55e672d,0x04f8babc,0x7d5ec5dd,0x0ed2919d,
-        0x33e99218,0x8ce64bff,0x24b059af,0xac09fc57,0xdc5e32ba,0x506831f9,
-        0x465af6a9,0x26a22677,0xc97f1ff8,0x3c5efe66,0xbc6087fd,0x1515e0d6,
-        0xaa8edc6b,0xb1a39c5e,0x0e79ed29,0x3dd816bb,0xbc3788b8,0x6cc13769,
-        0xc092a51c,0x463098e3 },
-      { 0xc8bd0fa7,0x3a6408c7,0xce6bde49,0xd1764311,0x283ef7be,0xe315e108,
-        0x99b5d938,0x8213cc77,0x45a49a6b,0xaf7f1581,0xe529e4d1,0xd00fdb0f,
-        0xce66c9d6,0x55d38f77,0x1bd4b952,0xb4f7ccc0,0xaf71f986,0x8d975b49,
-        0xcd64d00a,0x12b59fcb,0xa5a3bad7,0x1860e504,0x2b5c89f1,0x6d976044,
-        0x7a3e231f,0xfed0c659,0x178cba92,0x58114c33,0x6698e11e,0xe2e74c06,
-        0xa348b85a,0x7f8fd093 } },
-    /* 154 */
-    { { 0xc19428af,0xf24592ca,0x3a308665,0x192a1c81,0xe30bbd7f,0x42589812,
-        0x836c6bb9,0x10db0723,0x598e4987,0x9c7a41e9,0x6ead6f4b,0x8aff179e,
-        0x75862c44,0x70f8f9b9,0x6f21983e,0x6b3b0237,0x98e65152,0x25d83e9b,
-        0xd751218a,0x3b2d26a8,0x9d6f1da6,0x9508281a,0xa5a81f74,0x8df78d05,
-        0xe4687471,0xd79ee559,0x6787d8cc,0x2060ca57,0xa8476c95,0x427a84ff,
-        0xe6435131,0x87b64c51 },
-      { 0x4b30d3c4,0x87f46f65,0x23b4ef14,0xcdec4c5c,0x63ca4d68,0xb3b74766,
-        0xcf3fb56d,0x1df34269,0x0fd7d46a,0xd4f139c4,0x6a69a8bd,0xa3b7c7c7,
-        0xcbadd7d2,0xee56b4c9,0xac942334,0xb28ff342,0x786f1da3,0x0046fdfa,
-        0xb700c82e,0xce5d149c,0x50966597,0xca30ef81,0xfcff4bdd,0x44a20609,
-        0x44925268,0x0f2f65e7,0xd4021f38,0xe5b6552c,0x042dbbd0,0x77ea9c2a,
-        0xd9c062f5,0x8c95267c } },
-    /* 155 */
-    { { 0x5fc1abb1,0x6655032e,0x12fe4743,0x2215af54,0x29f05ef5,0xfd657560,
-        0xdc191be9,0xb0e73325,0xc08639b0,0x7ab3c65e,0x1c3e6673,0x67507f51,
-        0xc8615555,0x638befc3,0x42f0c4ad,0x5d0188cf,0xd896186d,0x843a301c,
-        0xb2c6741e,0x045603f7,0xfa3cd1d0,0xf7545c0c,0x4a40672e,0xf612affd,
-        0x45b9e8dd,0x56197c9f,0x87922d74,0xb453237d,0x4b2d59bf,0xbf132e3a,
-        0xb84a6a16,0x8afa1b73 },
-      { 0xe793ac70,0x6b3596ea,0xeef6dd10,0x4c94ef8e,0x70422e40,0x926b4fa2,
-        0xe9e5d763,0xc8c71dce,0xf512aadf,0x352fcb70,0xa883975f,0x1b7ba138,
-        0x058c3b13,0x57991390,0x97740fd1,0x9692092a,0x160b0697,0x19ad945b,
-        0x10837ab2,0xbc634388,0xf174bb71,0x76ee11c4,0xab1b80eb,0x6111bfc1,
-        0x70ec458a,0xbc82bac8,0x312d3325,0xeee60127,0xb240adc8,0xb4118b1a,
-        0x2b5a093c,0x67211191 } },
-    /* 156 */
-    { { 0xf55cf9bf,0x91e99306,0xa46b96d9,0x9b045308,0x9e7a65df,0xae3c1e1d,
-        0xc731bcbb,0x453cb151,0xa4d58a61,0x14be5227,0x97c74cc2,0x39dac922,
-        0x822e00d6,0x4d0f7a45,0xc62b03df,0xafeb1d51,0xbaa18b2d,0xbb1dc3a4,
-        0xdf2b74f0,0x7f3c7178,0x896b6a33,0xfcd328a6,0x1dce055f,0xe95ed454,
-        0x6a4e2b87,0x97fbc76b,0xfa59dce9,0xe5ec67f1,0xcc0367c1,0x052368ac,
-        0x54e4a3fe,0x7c863916 },
-      { 0xca7388cf,0x55e94b5e,0xc0335d38,0x17cc0a60,0x616f85ba,0x9b69b78b,
-        0x10122980,0x705d02ef,0x1cfd0a79,0x565a6e80,0x7d1ee352,0xeb74a96d,
-        0x427b9dad,0x5c8832ed,0xe6d5330f,0x96ea8528,0x18d24ee8,0x30d8862b,
-        0x9ff939f7,0x9cd38ed5,0x01060252,0x690fc9a2,0x2303b3ff,0xc62d88b8,
-        0xdd52b469,0xfc42d7a4,0x8cad2d93,0x06f8dfa2,0x60920438,0x50236090,
-        0xfce855ad,0x32582758 } },
-    /* 157 */
-    { { 0x359e8c60,0xeb20e45f,0x364ca186,0xc71bb8a5,0xdff8e110,0x02b15071,
-        0x4c93e578,0x074e91d3,0xb829d0d8,0xc0326e00,0x626a83fa,0x3c192258,
-        0xfb29a09e,0x387a64d5,0xe5ac5c82,0xcaaa3d34,0xada2da29,0x8ed685e5,
-        0xeb29650e,0x92720267,0x763802f3,0xf7184b19,0xdf6b1aea,0x23f5dd0e,
-        0x25e6125d,0xbe1fa347,0x0c872a1a,0xd6287f9d,0xac57c3af,0x49aa93d2,
-        0x5bda7656,0x1a4e6a71 },
-      { 0x554d1267,0x1a126ede,0x1cd02b48,0x37f94533,0xce31fb1d,0xd70af04c,
-        0x097dc012,0xcf410b0b,0x36c7b6c5,0x930e1d17,0xc6891085,0x902fee41,
-        0x79fb638f,0x349ba4a7,0xacd6f8df,0xa16c5821,0x2e076ace,0xfb3b83c1,
-        0xe501d14d,0x6b8d033b,0x20f2d2da,0x0593d452,0x99df1880,0x3752526d,
-        0x9feb33a6,0xca32351c,0x1f6ef456,0xd91343bc,0x35b9dc8a,0xc74857db,
-        0x85b4e832,0x856a7c93 } },
-    /* 158 */
-    { { 0x0d0a5583,0xa007d002,0xeda4658a,0x2f1301dd,0x34d939be,0x91c07964,
-        0xa70c0836,0xa0cb6780,0xbe81e540,0xc0b4df95,0x5d4ac8b8,0x6cbbcd34,
-        0x54756239,0x57c52ed0,0x1805ceb6,0xcac2dca4,0x79344255,0x915ee6ab,
-        0x24c9a2a6,0x366def31,0x8c12c674,0xbd3b962f,0x7dbb7c3b,0xaab64f1b,
-        0xe22bb95b,0x3c0e4553,0xc4c63b74,0x2408feba,0x2a4da631,0x3ca77312,
-        0xc636da40,0x62889084 },
-      { 0x8cb8d208,0xa457fd53,0x543f06d4,0x7a8f8009,0xf2eff2ab,0xb66de154,
-        0xf72517e7,0xfddb28eb,0xf9389d2c,0x0149fe66,0xd85b88ce,0x79e8773f,
-        0x0ba543f7,0x452e090b,0xb0b03fc0,0xdeb9b5cf,0x6c5ed77b,0x3113448a,
-        0x8ffc0372,0x3609f3cf,0x5c1b4c4a,0x2bc9c46d,0x8fa59be9,0xe66f3bf3,
-        0xcdb02691,0x1396bf5f,0x009f88f9,0xf1ec59d4,0x2ad9dfe3,0xc2903456,
-        0x5ada4d58,0x79d8122c } },
-    /* 159 */
-    { { 0xaa529507,0x14d4e4ce,0x74655d00,0x056a0814,0x4f0fc474,0xc0d30a38,
-        0x3443cb8e,0x8a8203ea,0x97f1728d,0x33c62fb0,0xb520ef52,0x8a38dcfd,
-        0x7cac9d3e,0xa0f90d5d,0x873cea50,0x28a7b0bf,0x6c6c41cb,0xd115ae3a,
-        0xa13812c1,0xa35171da,0x624d507e,0x25d4bba5,0x7e98f42f,0x91dad289,
-        0x96a41371,0xffd6b1e9,0xb69e5b77,0xd46c2125,0x20c4f707,0xc7d2b424,
-        0x8142557a,0x2ab3af95 },
-      { 0x6a5372a6,0x86ca074c,0x56292ba7,0x728fb83e,0x77741cf5,0x745596dc,
-        0x520ef49d,0x70b4cea1,0x61e46472,0x1472fe34,0x3fb8ac5d,0xf4d6bd66,
-        0xc10bc071,0x46e52cc9,0x371a3461,0x28794efe,0x276fe877,0xa4850718,
-        0x9bef5ab4,0xedad5773,0x3f15c815,0x24c2d9ff,0x8f8395c3,0x188950e5,
-        0x80b6a855,0xbae40996,0x8a8803e1,0x4f53e22c,0x039d25ee,0xaf233f61,
-        0x250409ca,0x07db2c35 } },
-    /* 160 */
-    { { 0x037d4703,0xc7f3b8db,0xc5f488b9,0xe83708df,0x8471d402,0x1fba830f,
-        0x5a2faae9,0xa55ee8d2,0x5404fc1e,0xc2e5bf10,0xaa2d5651,0x647d5027,
-        0x7ebaf5f9,0x37a53c0c,0x95b30abf,0x7adf0bb2,0xd64c93ba,0x5a62e1fe,
-        0xe2ef4a78,0x7ffc18c0,0x4d2cd04f,0x139dd9d9,0x5ea0af02,0x253fbab7,
-        0x0fef9acf,0x7c8100ea,0xc8615aa7,0x74c5384d,0x9fe52069,0xcb28682d,
-        0xcf7dd759,0x08b6ca8f },
-      { 0x036c3b5a,0xe04e5bea,0x7f9f2b4b,0x38726102,0x29797c0f,0xa9fca570,
-        0x82879ea3,0x1656180b,0x607f0ddf,0x153389bb,0x67b0e087,0x99a1223c,
-        0x9d897fc7,0x0d1808ec,0x916edf19,0x9470711a,0x07217118,0xf8f52f2b,
-        0xd18888b6,0x5d8b29ff,0x4cc6f900,0xef1e22c5,0xeb24877f,0xc4036165,
-        0x35479525,0xfda95233,0x6861468a,0xd622a421,0x74faba08,0x5d043b07,
-        0x0d31a7d2,0x2c337b02 } },
-    /* 161 */
-    { { 0xea22fa65,0x7b2305bc,0xd159f63a,0xbe183ef4,0x3f35923f,0x3473d87d,
-        0xc11d7753,0xb27fb306,0x2a054cff,0x702e7e6b,0xaf185619,0x3ce9f97c,
-        0x4e7d51c5,0x83550243,0xf356ac5b,0xa63e3d82,0xd7645131,0x867b7caa,
-        0xa671fc9d,0xee85e6af,0x2b07cd77,0x3b985ede,0xffda5193,0x07d598b0,
-        0xa942dc36,0xb10eca39,0x506218a9,0x17f3dcee,0x06b7d5ca,0x3d94e8d1,
-        0xed8831c9,0x509b2634 },
-      { 0x48caed54,0xb1b9414e,0xcbf51e97,0x77a78c6c,0x4de9b258,0xa4688c8d,
-        0x91ee3d78,0x0024137c,0xe30ee64c,0xa68f9234,0x88190d78,0x573255bc,
-        0xba80690b,0x41e8e05f,0xec354f4c,0x50038d84,0xdfa52816,0xb18f02d6,
-        0xccb63fda,0xc47f9007,0xe98ae455,0x29d480fb,0x5d0e319d,0x4ac45d22,
-        0x026db719,0xd06f3575,0x2c3587b9,0x733b9e20,0x2c317727,0x22483992,
-        0x54bb8752,0x1592d5a7 } },
-    /* 162 */
-    { { 0xcf7453f0,0x5778d9a2,0xed83c1f0,0xaffb899a,0xe0a82ba7,0xae6506d3,
-        0xea3d5081,0x32c84e1a,0x810aa38b,0x9ad528c0,0xbd37d041,0xb1fdb020,
-        0xd06ce41f,0x78d6cbe1,0x2e74b7f6,0xd287f0f0,0xc43bb022,0xf5cd2575,
-        0xf81a71b3,0x6d28f2f3,0xc633e7f4,0xe65bb1f5,0xc4fc580e,0x32e5fc1c,
-        0xbb7b07a5,0xcd55539f,0xc3caaf3a,0xb5a94471,0x4cc22d2d,0xb958bdf4,
-        0x77a2777c,0x1614bdbd },
-      { 0xed0ab04d,0x4c1f0230,0x6e2082ea,0xae347b00,0xc42c5b5f,0x9f10bc63,
-        0xde019935,0xb0539e6f,0x65dd0825,0xd89bd4e7,0xbbceda16,0x92260fef,
-        0xe62aca32,0x8aaa755c,0x5ec82c5f,0xed762fa9,0x18650768,0x99e64c01,
-        0xc92e348c,0x57dd6245,0x31ea6d68,0x0db88a77,0x07b44736,0xef0012ab,
-        0x171d70fe,0xb9356b94,0x03f891b0,0xe68b0628,0xb79c20a2,0x3a54a53a,
-        0xb00b0728,0x489656c7 } },
-    /* 163 */
-    { { 0x71353c25,0xe43649ba,0x13f67e24,0x517f27a1,0x1c1eb9e3,0x10bd333a,
-        0x78e29bf9,0x94e1c05c,0x4743f15d,0x84fe7d97,0x90da2df0,0x9c874908,
-        0x53673be1,0x82403fa7,0x1baea1b1,0x7ebf5db4,0x24180ead,0xcfe0ae35,
-        0xc2f50c3f,0x1d15873f,0x70661cd9,0x16851ad6,0xa51e8c2c,0x802968d9,
-        0xe0161099,0xe7d1a9cd,0xa8a7ea56,0x2b153c89,0x06e3c498,0x6d41b789,
-        0xd6769dcb,0x082bb2e9 },
-      { 0xc4d6615f,0x6180ef46,0x01b9829c,0xfc629dc1,0x0fb264ca,0xde222ec0,
-        0x10ecc2c4,0xc5457e06,0x1eea2c4d,0x95ce599f,0x8f9c5b2c,0x0433fa72,
-        0xcd6310f9,0xee035462,0xce2e2253,0x84c57c3b,0x96d87e44,0x6c8ec31a,
-        0xa452c5a7,0x30bfe393,0xa047b235,0xc592b140,0xc018545e,0x7bd8be18,
-        0x5c178c46,0x794e0107,0x2e23005b,0x48471946,0x622a54f3,0x2665e237,
-        0x901c9042,0x36451a46 } },
-    /* 164 */
-    { { 0x19893e71,0x17802d18,0x539a2082,0xa1765d8b,0x2302ecfc,0xfc6aea01,
-        0x365bf59d,0x8d4cf51b,0x0d232a80,0x87741d72,0x18e80427,0xac343eb3,
-        0xe74739ec,0x553ecb2f,0x1a8b07ca,0xaeca79a8,0x56f4ab3a,0x089ff322,
-        0x3fa1d1f7,0x5e95d729,0xf62a9a16,0x260569ae,0xaa08ddc2,0x5e776232,
-        0x1b7bb54a,0x93fabec3,0x743d56e7,0x48a20956,0xeb0ebeff,0x749cdb12,
-        0x69b8fcf1,0x705307a4 },
-      { 0xe488310b,0x7a8e4c04,0x5325cd7b,0x12726e32,0x4983efac,0x5d0fd8b0,
-        0x02ddb913,0x796e552c,0x77b9685c,0x0eeca3f7,0xb15f24a3,0x9b766e89,
-        0x48efc979,0x7c2736d6,0xa8021c6c,0x3d619685,0xa0b2f1ea,0xfe33e278,
-        0xb676d6b0,0x95c69879,0x1af4e0be,0xa0747319,0x36c4ee55,0xa2fab5f1,
-        0x59e5f3b9,0x6938b8ff,0x39cafe6e,0x1e114da4,0x6a6ad120,0xc9595ec3,
-        0x57e62aec,0x80f79bd0 } },
-    /* 165 */
-    { { 0x60af09b3,0x3cef42a7,0x933dfe14,0x3c016ebd,0xed85eaa8,0x720cf1e0,
-        0xceaa3bc9,0xd4f5e99f,0xb7106f97,0x7216b9d2,0xc9668ad2,0x65f34c36,
-        0x5b0c651f,0xa8fb82bc,0xf2fda4de,0x20f42f1c,0xd21f659e,0xeb31ab2c,
-        0xa13d1618,0xb7a776c7,0x38662be5,0xec441022,0xcad08e0b,0xc825da70,
-        0x022c0180,0x99299079,0x2aef9ffd,0x7623bda0,0xf5c58b50,0xde84f4f3,
-        0xd824ff19,0x5f5a5da4 },
-      { 0x7e8311dc,0x5737257e,0x466cf136,0xdef94f51,0xb05ca21a,0xa73e1645,
-        0x02e4ab37,0x38ea9b3c,0x8579165b,0x7760eac9,0xc24b01a4,0xdffdd047,
-        0x3fb95584,0x188d4fd1,0x25548bda,0xfaac38b8,0x59e9dcac,0x1a79a6f0,
-        0x09a2700f,0x983f720f,0xfb8a7e48,0x8cbba554,0x47a1fad5,0x38a19968,
-        0x5abd6b5e,0x11856547,0xf3716ec2,0x75113d31,0x4212907b,0x1391e781,
-        0x0dc15889,0x5319c801 } },
-    /* 166 */
-    { { 0x6b61c3af,0x2320136e,0x07b4bb68,0x1d40f2de,0x380c97f0,0x651dee7f,
-        0x6a8c313a,0xa978ba70,0x2011ca10,0x22c587d6,0xab1f445b,0x48bba218,
-        0xe50444e6,0x8c5eaf07,0x442fccf9,0x5549f02a,0x3d80493d,0x2564746f,
-        0x79c04591,0x42d24f61,0xabdc8887,0x1600fa18,0xded38f8f,0x5cb8600a,
-        0x923aeb46,0xa4bf9b90,0x1e1c578a,0xd63fee35,0xebb9ea14,0xf3c9c5ac,
-        0xf11a4ff0,0x3d13314d },
-      { 0xb4513d1e,0xe5cc662d,0xd55952bd,0xde78a8c5,0xe7f86d0a,0xe8a37a3f,
-        0x7a04f0c5,0xca2d12a4,0x2e25d06c,0x4c6696e4,0xb2136071,0x52614698,
-        0x89f6e1cb,0xf4d2701b,0x80efd95e,0xaafd6177,0xc5bb6907,0xe6d73ac4,
-        0x420db35a,0x49e874ac,0xf2751fa0,0x11631de4,0xa1fa2edd,0xb29f7336,
-        0xb7fd794d,0x4c406864,0xe22f92a6,0x73cb21d3,0x2043cc76,0xeae904e6,
-        0xb322c6ad,0x67f28a9f } },
-    /* 167 */
-    { { 0xca148ab5,0x7c17b258,0xb3c60051,0xb9a1976f,0xc8f28df9,0xea260698,
-        0xe8d45017,0x87b2cc74,0x0578a422,0x37257329,0x17bec732,0x81d5ee25,
-        0x1d48bbc4,0xd7411fcf,0x487f5cfe,0x46217e6b,0x41eb8e1b,0xcb007ac5,
-        0xe05a00c8,0xc41c57a6,0xd2f9fa99,0x1f954d2b,0x40941cad,0x370bd5db,
-        0x3829509d,0xe487879c,0x5ceca5ee,0x4c137552,0xfd3efb9e,0xe8ef7fa4,
-        0x1bd1bdb2,0x5ff09174 },
-      { 0x579c6632,0x791912a4,0xb8a20815,0xbb19a44f,0x535639d3,0xf4f97b84,
-        0xbc3c9bce,0xe57e2bcb,0xf19e6410,0x122b3f2b,0x1357d9ad,0x1f0189da,
-        0x79e5ff66,0x675573bb,0xef2f3c4c,0x444e5c98,0x04d10731,0xd6f61e20,
-        0xac75d635,0x0dfa366f,0x2c854f23,0x9fc47c86,0x0ad0850b,0xc04ae43e,
-        0x2f720c32,0x5ce94f64,0xa753bc9d,0x67efae65,0xb0373a63,0xc27d30d3,
-        0x29721646,0x6681013a } },
-    /* 168 */
-    { { 0xe84509df,0x1385d913,0xcf339376,0xe978bedd,0x3423a148,0x2df425d3,
-        0xee8cb579,0x43fa0ae3,0x31c4553c,0xf015369d,0xdfbf1d48,0x05cf08bb,
-        0x9444244a,0xadff4be6,0xa35dda33,0x01635f81,0xe76fab7c,0x085c8949,
-        0x16737783,0x4bd7fcde,0xa254f8d2,0xfd8cb52c,0x413ec985,0x62168a66,
-        0x7a9026cc,0xf2db9741,0x50e1e1b7,0x3962ee56,0xd3beffde,0xbee0a346,
-        0x0bdfab1f,0x3b35b72f },
-      { 0x535c3749,0xbff8de9f,0x8add9c48,0x23c1f20f,0xc8f8f663,0xa975b37b,
-        0xe8f3ae49,0x2529e475,0x1d5e2628,0xc32f10d5,0x67862f1d,0x5ac0d297,
-        0x854cbe36,0x13c79338,0x4b67e462,0x48f004ef,0xe5d10ee1,0xfa37a150,
-        0xd28288a0,0x4974778d,0xcfb73f4d,0x96830a66,0x07804952,0x9f444013,
-        0x9760b694,0x8233c709,0x25b75c99,0x8340cca5,0xc771f99c,0x3f62e40b,
-        0xcd95c685,0x47d0a1eb } },
-    /* 169 */
-    { { 0x652811f1,0x266f4fff,0x62ef3002,0xeaacaa93,0x50cba0ca,0x6c387a55,
-        0x007f5467,0xa350142a,0x202f2673,0xc7fd102a,0x33dc6e65,0x5daee570,
-        0x064a63d9,0x60682ec3,0x462b251e,0x46cf0bb0,0x5da936e7,0x0e030ca5,
-        0x434265b5,0xc87a60f2,0x69b4e8f5,0x9637b2bb,0x7ad7770a,0x601fb58c,
-        0xed3a15a6,0x1f2147f6,0x2995e961,0x05b47d5e,0x83213a16,0xcb0ca9b3,
-        0x4995a85c,0x8f4b614a },
-      { 0x4b4eb3c1,0x5aa8ec19,0x20323a70,0x8c549ac4,0x4f6cc6aa,0x00d49322,
-        0x45f9a5a3,0x0e53b9bb,0x0897abbb,0xe46ef110,0xd7acd7d0,0xfe873e57,
-        0x0f7cb588,0x7cfccfe5,0xc85557d1,0x0ea53d65,0x7288f2e2,0xfdd9eb44,
-        0xc0eb68a8,0xab2dedfa,0x08603a0c,0x58221470,0x00feb06c,0x69464689,
-        0x25e5caac,0x804cf5bf,0x9fc91ae9,0xd8559858,0x73c45eae,0xed9378b1,
-        0x524c9801,0x8f942d02 } },
-    /* 170 */
-    { { 0x8e845808,0x1f1ec302,0xb77abfc5,0xc302bffa,0xf8d97dc7,0x26afd4b9,
-        0x3aac594b,0x3d3a83c4,0x674d94dc,0xe3b74bd1,0xcaa5911c,0x4464b737,
-        0x871c2cd2,0x62925773,0x3b4440fe,0x419f2485,0xe052ad7d,0xdda6a0f3,
-        0x846c86c0,0x645280d6,0xf8324f42,0xa25689fa,0x07cf117a,0xc74ad1e8,
-        0x8ddc9db7,0x5626dea0,0x966fc85d,0x52620373,0xf3b1eb53,0xe0ad57c3,
-        0x949c1acb,0x38300252 },
-      { 0x5e744723,0xa0ef5a40,0x1ae08481,0xdb5bcf75,0xfec1f76f,0xabfad8cc,
-        0xfab37fc6,0xfba5d831,0xc8fedb78,0xbe39e248,0xad93f310,0xa5cfad5f,
-        0x913d5c24,0x747fdb1e,0x4518b7f5,0x052a47c9,0x7cfb4327,0x9e208d6c,
-        0x70e538be,0xb135cb9c,0x5bb17916,0x36352759,0x5b3106c7,0xa2c07880,
-        0xc209bb06,0xd2d42a06,0xd3c504ad,0xb525b471,0x822ce034,0xc9f4b368,
-        0xeb4185a5,0x15f18796 } },
-    /* 171 */
-    { { 0x0aee4684,0x094dea06,0x7cdbdbc8,0x42b21f06,0xb1931319,0xa439e149,
-        0x81a7dba6,0xea4bdd41,0x3c2ae80f,0xc6213706,0x12823dc2,0xb58b0967,
-        0x832611b1,0x7443d515,0x13c20384,0x2e16f831,0x2bd992d2,0x0ce204d6,
-        0xf419388b,0x499dbcd6,0x1d3778c7,0x492ded1d,0xc5ddae73,0x9d5bd74f,
-        0x994b6259,0xd4813d52,0x0e86ca68,0x191d9cf6,0xf3e9c2ac,0x562179ea,
-        0x9fee1238,0x6146f1f3 },
-      { 0x078e2aa6,0xbd06d33e,0x9dee9265,0x693af7f7,0xdaa40e84,0xd56e0f81,
-        0x9b9a407e,0x05fbbb88,0xede99519,0xdcf44adc,0x092dba39,0x7f71f8d3,
-        0x4231774b,0x675b5da5,0xa5f605eb,0x7456a251,0x87a39a9e,0x9031d4af,
-        0x05b474bd,0xdb430006,0xb665aa91,0xbda5dbf2,0x6631eeb4,0x5d1a3df5,
-        0x62377c58,0x028149ef,0x685d0bff,0x2e1af4e9,0x82a465de,0xe0ea0875,
-        0x06bd0050,0x95543f9e } },
-    /* 172 */
-    { { 0x85d7c6ef,0xf7cbc6f4,0x63b1bc24,0xcad8084d,0xbf8cba62,0xdf90ce88,
-        0xb455c192,0x98e4b686,0x774fc6ed,0x6146b8d5,0x7ae20077,0x70e2389e,
-        0x61c22529,0x5241c479,0x3884e5f5,0x7d221510,0x17e28273,0xd6d20ce2,
-        0x4f2674f8,0xe3119f51,0x70c011db,0x85459055,0xfcfb760e,0xdfab75d9,
-        0x9e8c2a19,0x9546362a,0x4a7d4b27,0x4b6d3f8a,0xee5d698c,0xa5c87104,
-        0x2ba296ff,0x6db43478 },
-      { 0x5c3f0d95,0x06486493,0x4e748895,0x8917db82,0x6b2f3e44,0xf73fdf62,
-        0x2b7f574b,0xc60edc54,0xaf732723,0xbe1c09a2,0x7cad114c,0x7d34669d,
-        0x321aaff9,0x9646600a,0xed0cd61c,0xb94e2bba,0xdec4750e,0x866e1a41,
-        0xb1a89f58,0xa1be990d,0xf2759693,0xc39e4d6c,0xc0e0dddf,0x11cfb780,
-        0xd99c8a41,0xf0afcd7f,0x6e1c3050,0xcebffadb,0x96d2c6e4,0x4f3981b0,
-        0x2ae27a94,0x07a791e7 } },
-    /* 173 */
-    { { 0x1e9f0300,0xe70e9047,0xbccdf904,0xe0253ad9,0xff053078,0x51c0289d,
-        0xae893462,0xf1ef092e,0xa4846845,0x2c90a91a,0xf1dad4b4,0x1946eda0,
-        0x33df67b2,0xf07650f3,0x0b15a014,0xc6e988db,0xb542f0f9,0x72e0c66e,
-        0xe0c0378f,0x5d4b6311,0xae86950d,0x548badaa,0xb35f1c8f,0x6801638d,
-        0x944d1ad4,0x129e3216,0x40471d32,0x9951bac8,0x85e94dde,0x03cc29f3,
-        0x4543ecac,0x6d6acc2e },
-      { 0x57b2d299,0xeb999e95,0xe3d721cd,0x3a2bcd9b,0xbb4cb444,0x2e60384f,
-        0xdc060faa,0xae177709,0x8c987cde,0x74f0e6d3,0x1076fbed,0x9a237cf8,
-        0x7983fbff,0x69af1513,0x323f9584,0x6c3f7a1d,0x6db64398,0x3e21cacf,
-        0x96703d92,0x7cd8134f,0xb8393f76,0x0755898f,0x2e825222,0x1b5b28bc,
-        0x7924aa7c,0xb78799c1,0x81427a8a,0x1db378f2,0xff289492,0xd5a451b1,
-        0x3d3c46ee,0x79d18212 } },
-    /* 174 */
-    { { 0x109d5589,0x1a3edff9,0x029b4499,0xded52eb4,0xb4b54adf,0x13eb9d30,
-        0xa27bff67,0x4f9214c1,0x67f0f460,0x4c817ee7,0xc3a50e28,0xbadf8d83,
-        0x94026237,0xc5dc03c9,0x966647c1,0x5f29581b,0x8a0687f3,0x10b6a089,
-        0x31634517,0xae787cec,0x62e75188,0x2001dba5,0x45e2c3fb,0x55d4e1a7,
-        0xb67d3395,0xbfcacdeb,0xbc6842ee,0xa1a0af9c,0x3e88580b,0x50590a2b,
-        0xa784cdc8,0x73104491 },
-      { 0x2648d676,0x44ca2cdf,0x4f1b12b1,0x9a85eca5,0x2980e1eb,0x1b9dac94,
-        0x1ac8aa89,0xf30d3709,0xc719e195,0x73072ab7,0x2f703797,0xba518c82,
-        0xac0067f6,0xac090e14,0x8dcd2927,0x0e6cfc70,0x21e7da63,0x4f5889e2,
-        0x8371c7c6,0xb4aaa40b,0x8f7878c9,0x1f9dabe2,0xd84caf3f,0xf78aed6b,
-        0x9e0e1d92,0x3c39dd07,0x122424dc,0x680be5fb,0x0bdc0099,0xf41b214d,
-        0x5180c54f,0x6a8f8fc9 } },
-    /* 175 */
-    { { 0x53235132,0x62a1ed63,0x59dba88b,0x1db233f1,0x291efdd8,0x85625452,
-        0xb25111ae,0xc7505297,0x1d701bd8,0xb5921af9,0x9774f45d,0xb4d05d72,
-        0xf18e73ff,0x6e3d4c5e,0x899b3038,0x897d985f,0xc89b1558,0x8a9c30fb,
-        0x4d13181c,0x3c92d1a3,0x2223320e,0x292e86ba,0x01ceed02,0xcf2454c2,
-        0x583f309f,0x27a45f74,0xad0fd1a3,0x75a6102c,0xcb9c7538,0xdb4f45d2,
-        0xdb283fd7,0x4752d8c1 },
-      { 0xd5dff4d5,0x514d6cea,0x45a827f4,0x74cd5fdb,0x4fc7135e,0x1070a60c,
-        0x1be5778e,0xdec0bb78,0x58dc6b08,0x271e12cd,0x54bc2496,0xb765089b,
-        0x619098ac,0x6ddf2c63,0x67528832,0xfd6ebac6,0xc2508af1,0xeaa2d025,
-        0x4dcfc1f0,0x13c2cda8,0x45510be0,0x1c7836a8,0x1a886801,0x3904688d,
-        0xafaf2545,0x643132aa,0x2830a88d,0x49685577,0x8744b470,0x569491ca,
-        0x75fb8552,0x3a6518f3 } },
-    /* 176 */
-    { { 0x224042a0,0xaaa8ed50,0x2452f1e6,0x6cb4e3b0,0x768211d8,0xedca5f4c,
-        0xef4d5d3f,0x4e0fe3f9,0x522d46e5,0x33a8e2a4,0xf1446775,0x5998e21f,
-        0xf592d01b,0x1496c50e,0x83a67739,0x69104c2f,0x472bbf00,0x28670bcb,
-        0x503177bd,0x8ea883b2,0x7d2712a2,0xc5d8bc05,0xb439c994,0x41ef9317,
-        0xdcda1aff,0x9801d3a8,0x7038f6fb,0xd686eeb5,0xfbfbf820,0xe80c5cd0,
-        0xedc25817,0x540ac363 },
-      { 0xfe7f43df,0xa71969a9,0x2c1b9e4c,0xe6653808,0x859c2917,0xad9677d8,
-        0x96aa4404,0xbaca9545,0xff1297da,0x0e9d855f,0x22aea7de,0x1f61897b,
-        0x36f13f8e,0x96edccfd,0x16e200df,0x627d3070,0xc98988a4,0x729f0736,
-        0x97f231d2,0x95e25e60,0xf6048752,0xaf7f221b,0x4019b299,0xd6682609,
-        0x26b4b1d9,0x1d99de09,0x1acdd7a3,0xec47cf66,0x6ebe15e9,0x4de9f2b3,
-        0xfa16974f,0x17db32ec } },
-    /* 177 */
-    { { 0x6cf40599,0x75ef6919,0x00c020ea,0x7ea10dfb,0xfcaaf679,0x3da5ae7b,
-        0x88ddd678,0x0d663ca3,0x255bcfcd,0x5a21f8fe,0xe344bc7e,0xe9c3f538,
-        0x548e0632,0x35f62b1d,0x43c6e64d,0x654f2425,0x26993627,0xc755a7a6,
-        0xb0f41324,0xa3b7c5f7,0x3a2180f3,0x05697f79,0x1e81675b,0x6cf85fb1,
-        0xe53428f5,0x6d3cdb35,0x52d28b02,0xe3aa1591,0xf7a3fb78,0xa8470255,
-        0xa194445d,0x460bd01b },
-      { 0xc24d8077,0xbc34dc23,0x4c720d2c,0x82f4b580,0x6f5d1ffe,0xa29da911,
-        0x92783ce2,0x578af520,0xb5904af3,0xe29f51ab,0xf7aa1190,0x46c570d7,
-        0x571bddf0,0x4a522fba,0xae89bb51,0xbf4e2a06,0x59f3444d,0x799b35cc,
-        0x26cc2557,0xc3028367,0xafcec177,0x94a4e985,0x7c36cbd0,0xadaf7dcb,
-        0x75d39077,0xed31b787,0x2d3e24bc,0x52d6904f,0x1f95421b,0xc5ca2669,
-        0x1734878d,0x7d342c3c } },
-    /* 178 */
-    { { 0x11fd127f,0xe5cf2c0a,0x119e4c5e,0x66d36bb8,0x6ef56ac3,0x621ab252,
-        0xe5430675,0x30cfeaee,0xac3e9619,0x2ede27d2,0xf8fce671,0x6413513a,
-        0x075f4c3d,0x6159c61b,0x59069d98,0xd447efe9,0xea76aea9,0xaf8d6f68,
-        0x0f5bd164,0xac5dc61b,0x1e88bb98,0xdbab446e,0x1ba92320,0x618b8b16,
-        0x78989865,0xa0eafb3c,0xc08b7e82,0x0c7abcc2,0x20d160bb,0x10f09b6e,
-        0x8e4c63a7,0x5be0afa6 },
-      { 0x1bbbf49c,0x82ab6d38,0x8c0703fe,0x3e09ce49,0xe10f4263,0xeca58b5d,
-        0xda5a4532,0xd9cc6581,0xf618f7b7,0x07e18876,0x250f7fe7,0x0419a5e3,
-        0xde6b86be,0xbb1a9e90,0x37359169,0x584a7deb,0x5149db2c,0x38eb3489,
-        0xb0ebabb8,0x14546a33,0xc2f88a92,0x0067f0b0,0x0a2db019,0xbde0dfe7,
-        0xc63e6f3e,0xba51b06c,0xe9206fad,0xa19127b9,0xfe80dc0a,0xe4eb5e87,
-        0xd4de30ae,0x1e6fccf5 } },
-    /* 179 */
-    { { 0xaa8ac924,0xb57dff66,0xc298b3e8,0x06e9ad31,0x65fb080c,0xd140e329,
-        0x1d95c93f,0x7dab211d,0x8a180caa,0x6d68d842,0xa20ded69,0x1a929408,
-        0x38df461f,0xa8151753,0x60eae932,0xff5604ae,0x7dae4c0b,0x901b9e49,
-        0xde262e89,0x4573a97f,0xf1084983,0xed69d9a4,0x64724f1d,0x8ffa022f,
-        0xea85a15f,0xd5f1c2e4,0x01453794,0x4c626ce9,0xbf0907dd,0x80440cd6,
-        0x5ddaa837,0x4522d461 },
-      { 0xebfbe7c5,0x8895f079,0x84ef3446,0x30ea1ded,0xd4a1ab96,0x716a9eb6,
-        0x50a30c68,0x1a4a5d22,0x0043bbaa,0x5a16631c,0x5010e5f5,0xbd107502,
-        0x3d8c0556,0xbffe3e9d,0x07772419,0x31b30b18,0x84b82297,0x90ff7ef0,
-        0xf21a18c3,0x00c37d75,0x565bb8f8,0x18d0a635,0x45e3bceb,0xbac1da2a,
-        0x23f0b08d,0x1c38e90c,0x5fbc5ac5,0xf1ba1aa2,0xdda71fc6,0x09d5256b,
-        0x6d7e40ba,0x346501a9 } },
-    /* 180 */
-    { { 0xcc2b0f1d,0x86be448c,0xac4c3703,0xe3eb45c9,0x9fc96bbf,0x5387f65d,
-        0x5ae27fda,0xcef3c4e9,0x1bc18089,0xa008f776,0x22ca18a1,0xf374a084,
-        0x53b73371,0xee882842,0x7cc09354,0xcb6fc6d8,0x61496d6b,0x8489ec1b,
-        0x49e325c4,0xa92c29b9,0x7bdec166,0x15c6ca52,0xdcea2813,0x95444eee,
-        0x3a21154f,0x34683eb3,0xd39061cf,0x8fb26f98,0x06c940bb,0xc3b08aa8,
-        0xe554c96d,0x7c1d42cf },
-      { 0xdc110aa7,0x766e703f,0xf362e378,0xab7b79d7,0x5aadca3c,0xd259c75d,
-        0x60be3373,0x2a6eca79,0x06c4e8ff,0xf4744a4b,0xf3b705bf,0xb2842cce,
-        0xae304b53,0x1a3af5aa,0x1b2d31b8,0x7bbfa201,0x4bee88d9,0xc4ba6eba,
-        0x565cb839,0x2d3565ce,0xdaf7ece8,0x24808696,0xe6959745,0x2c7ccce7,
-        0xe94f9837,0xefd6eb3c,0x3811a326,0x0a33b4cf,0xfffa93a6,0x14203f43,
-        0x73c31d90,0x031e9828 } },
-    /* 181 */
-    { { 0x765a17ff,0x4fefecfc,0xd1290a65,0xa09f3888,0x938da038,0xbf265c46,
-        0xa169ad46,0x4bb6145d,0x23a62fe8,0x33cf8214,0xabc860a5,0x562df571,
-        0x815c38c4,0xbf2a90fa,0x17eda875,0x45ba1d6e,0x946fa5e1,0x799d881a,
-        0xb90f5a3b,0x6c1be784,0xb10ff52a,0x0910a37c,0xa4f4fd36,0xc38c1fe4,
-        0x8e2d3ba0,0xc3180fc5,0xb17a6187,0x3e2ff050,0x943a35c2,0x3a00059b,
-        0xa28cc51c,0x494d3645 },
-      { 0x4ba021f8,0x398426b6,0x796deb6c,0xd14c9083,0x7e36c762,0x6d2e5395,
-        0x751cf216,0x8f556eca,0x19b24a19,0xdaca1e00,0x4b20c2ae,0x47887da4,
-        0xff41a733,0x93ed4ccd,0x5c7c0cd7,0x8d717c44,0x91bf7009,0xcc48634a,
-        0x3b59bbaf,0xa1f146f9,0xe5624f15,0xdd38bb39,0x303f8443,0x96d41aad,
-        0x4bf104fc,0x6b670f03,0x29706582,0x0503f9ed,0xb34200f5,0x768e1f47,
-        0xbbd4c6f3,0x3cfdcc5e } },
-    /* 182 */
-    { { 0xb523e13d,0x536c2a86,0x2920d0a0,0x1014a458,0xe7571296,0x3d52b478,
-        0x7eb51bea,0x05746066,0x87b0e919,0x709f7861,0x686888e8,0x028aed88,
-        0xd94afcd4,0x79a809d7,0xe2129af3,0x50c6032f,0x983c4082,0x75e4be72,
-        0x7ab3be8e,0x98331bbb,0xb618c728,0xd31a032c,0x3f59c4a4,0x36dd85a1,
-        0xed4f61e2,0xdbece345,0x1e571715,0xba7aaccd,0x64a1ebd7,0x138c58da,
-        0x3d1aeea1,0x89296d0f },
-      { 0xcca82c97,0xb165288f,0x1427e8dc,0x26c6c12d,0x4c3edda9,0x66a94f07,
-        0xeaa01ebe,0x94600e1e,0x30f5e86d,0x14abce7c,0xcb456a31,0x741d7020,
-        0x279f42c2,0xab05aa13,0xd4238468,0x70b60faf,0x318d39e6,0xa18efec1,
-        0x8920b318,0xeb07f1ac,0xd8399e03,0x01e3cba8,0x3c81a301,0x65f8932e,
-        0xccc667d8,0xae8bca7d,0xa268607c,0xcee1ae79,0xcac0a12c,0x3182e64c,
-        0x2b1a4c54,0x9233a2f7 } },
-    /* 183 */
-    { { 0x0acbee17,0x717e8df6,0x5c24fcdc,0x0f0959c2,0xe54ffcb0,0x46f09887,
-        0xd285116b,0xb993deca,0xbba1fa51,0x0bfaa4f8,0xd0f2183e,0x9c9249ef,
-        0x96847779,0xf93cb358,0x2322d421,0x284bfb7f,0xd42af009,0x40cc709a,
-        0x9bb1d615,0xc69f2274,0x717c3c6a,0x76f50b3a,0xbb9c5eeb,0x8b21e985,
-        0xa4783b5f,0x58fb19ae,0x52e1c3e7,0x04c86b9b,0xf2971ac8,0xaca59092,
-        0x21ed8291,0x2bb26a69 },
-      { 0x15f81416,0x98a34435,0xaaff5bb4,0x086e72e7,0x0317261c,0x3d1f64de,
-        0x5c0a1cfe,0x31c0786c,0xb3683401,0x542ea4d8,0x1a39b4cd,0x2f77273a,
-        0xcbef27f1,0x14fe7ee1,0x16bb27dc,0xee7fc09e,0x410e5dc7,0xc0dccc17,
-        0x1943b3dd,0xa3466742,0x3f31c1b7,0x92934b60,0xc22c1070,0x0186ded9,
-        0x799f966b,0xa37ee8ba,0x249b0893,0x0f3bfcb4,0x2e92d4de,0xbae61447,
-        0xe196eb08,0x937cb3f8 } },
-    /* 184 */
-    { { 0x16fbfdce,0x57c0e77c,0xc98d4cc0,0xea034cc9,0x42572d20,0xe7606d72,
-        0x0019a83c,0x9861b55c,0xf1597162,0x80ba2803,0x05a0fd7b,0x0f4141dd,
-        0x4b0daaa2,0x8865913b,0xaa3848ec,0xe6685746,0x3e0485d2,0x16d15a5a,
-        0x3b6905dd,0x81c0c774,0x818af2ba,0xcec31b7d,0xd2b74b78,0x80d8f194,
-        0x543e2f28,0xca659db2,0x9fb07c1c,0x31b83a7d,0x1f1048c0,0x86537fdc,
-        0x78586a11,0x4d57bb07 },
-      { 0x53b396b6,0xbc4b768a,0x93b51dac,0xbc8b24c4,0xa30ae1b3,0x33e511eb,
-        0x945147c5,0x893bbd95,0x179fe3ce,0x6cc86031,0x3f920bd4,0x34b0a167,
-        0x6b256160,0xb32912eb,0x9d168d83,0xbc69a2a4,0xef0dd128,0xb4949e7a,
-        0x872699e1,0x2613419a,0xbf21376b,0x06c58477,0xa4f97147,0xe55b1909,
-        0x7b9b745f,0x63d6eb75,0x08df3c85,0xb5365b29,0x55fcfae3,0x0e257e43,
-        0x979f2aa8,0x1067c118 } },
-    /* 185 */
-    { { 0x32bf8883,0xc8455084,0x6fd06667,0x4755286a,0x77c2335d,0xd70b0f8f,
-        0x2f4a2c94,0x678e60da,0xd118acf5,0xa468d8ac,0xbf5b90d9,0xce93830b,
-        0xed4e9104,0xea4b1c74,0x27776ea4,0xac67316d,0x361bab12,0xb98ad75c,
-        0x99122451,0xc323d482,0x530a43ae,0x26440220,0x3292d5a5,0x3a44532e,
-        0x5fecf1bc,0xdb48694b,0xc667b8b8,0xe4e0516e,0xa4306ade,0xb3aa595f,
-        0xf34e9725,0x7e4f7091 },
-      { 0xb7f70919,0x3f3816e9,0x16b003f5,0x765216ed,0x778c99e5,0x46c6cff4,
-        0x30a51810,0xe6a5abe8,0x45e728db,0xef6f49e6,0xcaccefd6,0x6fdd73ea,
-        0x8c37f3f7,0xec394e6f,0xb6407fc3,0x73320802,0x96625cbd,0x988e8f7a,
-        0x7cabfb00,0x83292363,0x407f359a,0x258ba9df,0xccbfae50,0xff01aee5,
-        0xfe251813,0xfbeaeace,0x83f1cba1,0x9c69f161,0x9eadcdb5,0x512c58ad,
-        0x6ccce8bd,0x2ae49cd4 } },
-    /* 186 */
-    { { 0xc40849f2,0x1239b0e3,0xa441098c,0x5136a4cd,0xe547f649,0x61535a99,
-        0x7a9bbac6,0x92e4bdc4,0x53547af6,0x195a1646,0x8b47a74a,0x85ecb319,
-        0x9de6a2b2,0x278553fc,0x0e2ba52d,0x471c038a,0x35bcba93,0x12ba1b88,
-        0x6f31eca2,0xd4bf50da,0x802b32c6,0xd146e3f6,0x3c64c8c4,0x0c9c0131,
-        0xeed21297,0xad30f12d,0x9c68530f,0x9b75bffb,0x8918de51,0x23c0ad3e,
-        0xa73771b7,0x180e9d52 },
-      { 0x29ab77b0,0xc316542f,0xf7aee628,0xdd411d9c,0x353c2f40,0x044c0685,
-        0x4b0ae4cf,0x638dc7e4,0x95fc266f,0xa0924185,0xfd2feb7d,0x639da671,
-        0x5ea39798,0x56858ed5,0x58f3832a,0x7a694f31,0xd316d831,0xa94233c6,
-        0x30a35a7b,0x2fcacb26,0xf1ff713b,0xfef8f7dd,0x59eee2f3,0x8b9b4525,
-        0x156d064a,0xd1b4f91b,0x2f5cfcfc,0x177866c2,0x3777eb41,0x12bc2566,
-        0xd8ab85b4,0x21ca6f3c } },
-    /* 187 */
-    { { 0xa3e66635,0x0e162b13,0x2a9f76af,0x1ef20a2b,0x46db3356,0xab473a30,
-        0x7802bb8d,0x0840bd77,0xa699b44c,0x5b6baf5e,0x1b2207f1,0xc6e11900,
-        0x790b0105,0xe5de16a9,0xdb67f004,0x22b12f15,0x8a025d25,0x185fad45,
-        0xdf0a1142,0xbccf6953,0xf45034c0,0x4c42129b,0x1c277bff,0x0f740400,
-        0x280a9e18,0x6e440b4c,0x842aa2b4,0x767de8f5,0x05e8d94f,0x3de20ab8,
-        0x20227635,0x5aff5859 },
-      { 0xa8458e40,0x805acd20,0x149732bd,0x5a5557d8,0x5f1ca72d,0xc7074131,
-        0x952b5323,0x7f2e269c,0x6494fadf,0x5c592556,0x1a7d2666,0x153b7acd,
-        0x86fe2865,0xa6df063d,0x57d53b6b,0x1e91db13,0xe93ead01,0x9195bb89,
-        0x2963bfe6,0x3d71e1af,0x88278886,0xfab2b9c2,0x3b859b6f,0x77836692,
-        0xf7029dd1,0x6e695174,0x7b984561,0xc7987876,0x5907d849,0x64fb4f1d,
-        0x88d8a977,0x3eab7e1c } },
-    /* 188 */
-    { { 0x52e5718b,0xc73a94b6,0xf4cee1e9,0xe3aefa54,0x553eedea,0x654e9e63,
-        0x5f3aca1a,0xf2541e1b,0x0d083316,0xd7129489,0xfb7f950e,0x7965af63,
-        0xc74e3e4a,0xd8fc9e0d,0xeaf79ebc,0xb4ee48d2,0x8b7787e6,0xa458a86a,
-        0xf7cceaf0,0xd8c7621f,0xdf67980d,0x8228eeff,0xf9106727,0x210d4742,
-        0xb07e3629,0x91f63501,0x7971e29d,0x441761c6,0x03a3b8a5,0xc0ccc65f,
-        0x38e09544,0x3491da4f },
-      { 0xcb062eae,0x6706d046,0x5d08776d,0xee7db735,0x292315d2,0x80de8052,
-        0xc402bbdb,0x40785662,0x26ed3337,0x5f93525c,0x7d568ed3,0x6cea14d6,
-        0x66888b1e,0x916a1189,0x5dc71675,0x0fbd5205,0xe4575df2,0x833d1077,
-        0xec092335,0x4e93100a,0x6cd85389,0x2f9e1d01,0x43226368,0xeebd3725,
-        0x1ba4cfd7,0x401d172b,0x574c5838,0x377dab9d,0x80d517de,0xaeaa6958,
-        0x6ad15a18,0x0c843dfd } },
-    /* 189 */
-    { { 0xc9373300,0x455811ff,0x99fdc300,0x1c39332a,0x353cb655,0xe19bb81c,
-        0x96a83d27,0x774b924a,0xb2ee3f1a,0xcbfc8fcb,0x010d56c7,0xaf278ec4,
-        0xe0abaf79,0x6fde682f,0x7339aebf,0x7566d072,0x71205db6,0xbd35ad5d,
-        0x7051c9d0,0xb5bbe694,0xd3a3067c,0x577db480,0x572d7530,0x2c70ff54,
-        0xe06d853d,0xe8615aec,0x05abfb5d,0x71999ccb,0xea0a8ed7,0xeeefc96b,
-        0x35f6df69,0x2dcc469d },
-      { 0xc65f0e77,0xcca6cd06,0xbd71b14a,0xddcc7980,0x3c93cc00,0xb6221f8b,
-        0xae8cbf57,0xddfcd5b3,0x76f8e63f,0xbc92973f,0x06e132b7,0xe9848a34,
-        0xd51ec9e2,0x4cc59a03,0x3a33081a,0x9c9d32bb,0x80e8466b,0x00121052,
-        0x1bbe7295,0xc2b0032a,0x24938448,0xdbfc6572,0xb6bba0ff,0xe972a0ce,
-        0xc0a94802,0xf60c0a4f,0x599d8bc7,0xf62c41cc,0x312da0b8,0x820c96ee,
-        0xcdbdf9fc,0x5a1a65db } },
-    /* 190 */
-    { { 0x42485684,0xbfba691a,0x29c470c9,0x613116b9,0xe62a0519,0xb4b01971,
-        0x5ff499da,0xf3245aa6,0xa5238eff,0xc2ef87f4,0xcc9d5515,0xc16dc6ba,
-        0x2dbdacac,0x5a7f227e,0xa9bbaecb,0x8dedaac4,0x2e7c9885,0xff308a6d,
-        0xe6895593,0x4c6f2fc2,0x177e0611,0x3655f285,0x300b1bee,0xa63e8d06,
-        0x13c17b54,0xbed0ce79,0xc4974262,0xca4abe35,0xbc4e4037,0xf4b44a17,
-        0xefe5fbd9,0x5ae95099 },
-      { 0x804f7455,0x122e5ee7,0x22066682,0x341a4997,0x7795e333,0x97d24c31,
-        0xe48efced,0x12f4123c,0x19fbc21c,0xe8738d92,0x0663a3ae,0xbb3bdc61,
-        0x8593a6db,0x3603d8c2,0xe3c1ac75,0x926227f2,0x5eaae519,0xfea92ac0,
-        0xfd6812ac,0x5b596f0b,0xfc2a82dc,0x3ce7e844,0x63522b27,0x3840481a,
-        0x52867895,0x836088b1,0x26588688,0x21ffb7cc,0x2f4a7cac,0x0ca33161,
-        0xa3edd298,0x4110667e } },
-    /* 191 */
-    { { 0xc2d04b63,0x81830357,0xf4929a18,0x3fc5a34d,0x22d195df,0xc73bf6da,
-        0xcb432473,0x14df2f89,0xe997f138,0x345afe5c,0x8b9604f4,0xd8e3f5f9,
-        0x50c10ae5,0xad7942e9,0xeed25ff3,0xcefd5447,0x0e73c0cc,0xbf68e51e,
-        0xab54fa4c,0x5b1ad591,0x12b61c8c,0x8bbc1105,0xb5abf760,0xbb932913,
-        0x01e79649,0xdb1231be,0x040ccbe7,0xd0a83e91,0x90a96db9,0x3dde426f,
-        0x34df11ea,0x1cceb645 },
-      { 0x0c6d0f55,0x2d210c4f,0x9c673c9d,0x6cadf61b,0xa9ce3fbb,0xdd7f9919,
-        0x93b063e4,0x135f494c,0x145a93be,0x580bdb3c,0x0f52ef7c,0x4d872332,
-        0x8814bb6a,0x74d876e8,0xc7a97dee,0x4f6f723a,0x3e3cd833,0x7de2b8f0,
-        0xae720270,0x6162f082,0xddfa486e,0xe88ec2d4,0x8d3a17c6,0xd965c859,
-        0x3980171a,0x62e59e54,0xbbef6b22,0x0ab6285d,0x4d48b203,0x3cf45195,
-        0x4ea25ea3,0x1f175233 } },
-    /* 192 */
-    { { 0x3467ea91,0x808a765b,0xfd2d9c45,0x3f4632ee,0x9cf2bc6f,0x7b75dc6d,
-        0x359813ae,0xefc8d240,0xe44cbd8d,0x23ecb209,0x21525622,0x59ba10e3,
-        0x3f1ee19a,0xfa14d934,0xfb0c48f7,0xdf97c21b,0xea30d437,0xc4e62890,
-        0x651475c2,0xb286e2a4,0x126672a5,0x291f01e4,0x31aab3b8,0x9c6fda5c,
-        0xe17d22ec,0xb7277a5a,0x914f0bad,0xbd88ed83,0x6a2392e1,0xd0b05d1b,
-        0x65893c2b,0x4cb8af90 },
-      { 0xbb4b1953,0xa2b02057,0xf597f6ee,0x4ce08b44,0x5e6412c8,0x854f5d9b,
-        0xb3cd4919,0x1913262d,0x6e42bb5d,0x902762e4,0xd78e7f60,0x8355c8e6,
-        0x38b6c16c,0x8efaa824,0xe550f618,0xd0173790,0xe57d778e,0x118af462,
-        0x715b4714,0xa16ad5e8,0x41dea4f9,0x900596c3,0x280ca610,0x2a957c32,
-        0x374c65a1,0x2faee800,0x50080414,0xdb105127,0xff080fa1,0x8c1db931,
-        0xd79878fc,0x486a5c25 } },
-    /* 193 */
-    { { 0x941b4f36,0x0521e213,0xf803b4f9,0xbaacfb14,0x52a54ba8,0xfdf1e22e,
-        0x8fe4796c,0xacfabbba,0x58dbacb6,0xae0788db,0xc19dfa51,0xdf98d736,
-        0x35a716ee,0x155c286a,0x9c86461b,0xbe7d4676,0x63a64a5e,0x50b6380f,
-        0x9f609262,0x14b41914,0xa2dfc5b3,0x0919a7d0,0xcef466ac,0xc454da55,
-        0x6986aaec,0x93fa4a24,0x71a49ced,0x5090b171,0xc1fa75ad,0x602f1d6c,
-        0x78e4c054,0x5d269f89 },
-      { 0x14920419,0x3a74030c,0x90968739,0x0845d868,0xeeb70fa6,0x81b994c4,
-        0xd9fc5bcb,0xabcaa06d,0xf58f8f2d,0x06539427,0xb1dc52aa,0x35c85f67,
-        0x2c911baa,0x5a7d8d72,0xaec2d834,0x4041005c,0x7a8e5347,0xb5868a44,
-        0x8de512c3,0x04ee180b,0x211168eb,0x4daa66e5,0x2317cd8a,0xc0bd5dab,
-        0x61164df6,0xa1d4185d,0x1dbad7c9,0xacedca26,0x09b02683,0x0fe4b5ac,
-        0x26d9550f,0x8ac9995a } },
-    /* 194 */
-    { { 0x2640a39d,0xb2c8dc9b,0xede0c9f9,0x21ff0b38,0xa1ecba0a,0x74f469bd,
-        0x080d0417,0x8a902ccd,0xf4994604,0xe956fa32,0x9776ab15,0x348f85cf,
-        0x0066f492,0xc21fc6ee,0xfeeef367,0x35b1ebfe,0x4613e5ed,0x7804581c,
-        0xea6ba071,0xcbdfe8e6,0x950d73ed,0xddfcaa32,0x1da48889,0xc9747936,
-        0xdbaffbd1,0xce867c8c,0x1cbaeae7,0xd267431f,0x897912c8,0x68255045,
-        0xd7ea1e4d,0x0c7c1ddc },
-      { 0x1ce963a7,0x53aa30cc,0xc4c5fade,0x7352f64c,0x2828afbf,0x2b9aa2f8,
-        0xca212107,0x64273c56,0x85a576dc,0xaadd7654,0x90b5c77c,0x6196ac3e,
-        0xd1aaf39b,0x20d43e9f,0xcd05cbc4,0xfc392062,0x4c0ff2fd,0x14163872,
-        0x2ae821e6,0xcf32b8d8,0x3fa7a3f0,0x5f58f943,0xf644ca92,0xaebf1d2d,
-        0x1918a75f,0x0c061563,0x6b876118,0x7989b5ed,0xad412441,0xbf342445,
-        0x1df633ab,0x24ffc9ae } },
-    /* 195 */
-    { { 0x93c7cb2b,0x89fcdc05,0x590053fb,0xc1243b95,0x6182343c,0x601debcf,
-        0x66c18a63,0x364546ef,0xec913287,0xa5290701,0xf9788c31,0xc35b8026,
-        0x92d1f7d7,0x852b862a,0x0aa79728,0x1809cb05,0xa3cb2005,0x897d467c,
-        0x9ef5b946,0xf20c77c0,0xf2241984,0xc3372c42,0xf35bb206,0xda053e0d,
-        0xa9c140b5,0xbc26c6d0,0xcb56fb33,0x61cfcc0c,0x299b3968,0x1c3cf9ef,
-        0x40621ba4,0x89e4d3d1 },
-      { 0xa45a9be3,0xd35e80e7,0x07356fbd,0xc4daa578,0xb967bc2f,0x0186d62e,
-        0x47cd16e3,0xa702679e,0x5f30ce9b,0xca2f1c02,0x1f864f50,0xf1205b46,
-        0x85061d66,0x7fd6d797,0x8a08809e,0x47edc4f6,0x9a4d3ae2,0x5dac0449,
-        0x6d1f9da8,0xf844664a,0xd7a83a71,0x9f30ce84,0xeaac33f1,0xe9382bac,
-        0x948622ab,0x1f033831,0xf7681eb2,0xb037a4ba,0x99a1b5c7,0xd156a908,
-        0xe6f1d0fb,0x675d3e6f } },
-    /* 196 */
-    { { 0x707193e5,0xd9767ffd,0x810358e5,0xe478aa91,0x328d8ef7,0x5634f9ff,
-        0x6dbbd9a7,0x913a0ee8,0x7e215686,0x379b2968,0x89d9da38,0x903f410a,
-        0x1b1334d2,0xd9f8d7b9,0xbd82efb5,0x9fe74229,0x3803c778,0xdb568b62,
-        0xd3d25344,0x93e9a350,0x724497e8,0x559c35b0,0xa169e23b,0xc472d436,
-        0xcc5b4c69,0x09864632,0x83c7f531,0x9f6d759d,0x1e497888,0xa91cf1db,
-        0x60af1a4b,0x5f7f92fe },
-      { 0x0545167e,0xf18a1cc6,0xaffa88e0,0x55ee2e02,0x432a7bcf,0x24cdff51,
-        0xa7510866,0x7382da42,0x40511af7,0xe894c11f,0x2aaf1423,0xaa4e4e31,
-        0xf63dd2ae,0x8c3d36f0,0xd7660635,0xfc5c9550,0x37ea7eab,0x01253731,
-        0x39b950f6,0x2a5cd598,0x40e63442,0x95a0f601,0xf2ac7045,0x905e238e,
-        0x446b0f73,0x44bacc0e,0xc448578a,0x4cd4206e,0xa5bd7803,0x367b1aaa,
-        0x0a2b458d,0x25beced9 } },
-    /* 197 */
-    { { 0x0c33a8fb,0x079a7382,0x0f25dc1d,0xcfbf6cd1,0xc6d482b6,0x4ffc73f8,
-        0x07bf844a,0x3e51f18c,0x599162f0,0xa7651236,0x14013811,0xac59a74e,
-        0xe55018a0,0x957a6865,0xe3ca09b1,0xe1ec51bd,0xa960253f,0xbc0c7eb3,
-        0x7de03f84,0xe83bfd14,0x52fbdb09,0xc0540ed1,0xcea15ec1,0x6ba52edd,
-        0x4b261307,0xf3d30ed5,0xe8397206,0x9bd7bae8,0x096373aa,0xf20d8692,
-        0xc3b0bf63,0x0a616a4b },
-      { 0x6e1339c9,0x2075f3ed,0xbf8b00a6,0x7afaa072,0xbccd9b47,0xdfafec82,
-        0x00ca54c7,0x4713158f,0x38bc31ae,0x449102f1,0x310dfc8a,0xaf98f158,
-        0x59e954d4,0xc9ef2075,0xc527a0c4,0xe8021af9,0x7a192023,0x6e801277,
-        0x7fb02377,0x635f538c,0xe8c9e951,0x5df1974f,0x15cc9097,0x0287faed,
-        0xf7a5115c,0xfa0728f0,0x0fac623d,0x90dbfbe6,0x0311ba09,0xa8d40fd4,
-        0x07c6464c,0x876d154e } },
-    /* 198 */
-    { { 0xc2d3ea8a,0xd3a4d6d2,0xa842600e,0x36be681b,0xe4070672,0xc53f100d,
-        0x6a7d7a7b,0xe3e5b6fe,0x5d5e1a83,0x6e6994f9,0x76097c2a,0x07cacd22,
-        0xa6791011,0x12d98dba,0x102e0e24,0xddfc4461,0xd493272a,0x4815dbc2,
-        0xa9436696,0x7e38e64b,0x32b2bf90,0x4960eb1a,0xd928e28b,0xda457525,
-        0x2a077c9e,0x72f75b39,0x7fd61d00,0x27760cbb,0x0f4b1456,0xaf235d1b,
-        0xe76d1700,0x3040c23b },
-      { 0x4efa9a70,0xb10dc55b,0x53e86610,0xd4de414f,0x09f8a27f,0x3d95c113,
-        0x06661d3c,0x505109a5,0x60eb513e,0xcaa2994a,0x1e7d338b,0x3ee41537,
-        0x4651e71f,0x4fd145fc,0xcbc313b4,0x51bbf838,0x1eb92150,0xb039e078,
-        0x14bf5ac7,0xe8696b44,0x8be0d48c,0x2d667188,0xdd8f2b6f,0xbe93b2f5,
-        0xeb8a7f8a,0xc1dfd1e7,0x90f751c5,0x862b3dd9,0xa32a74be,0x1eb1ad58,
-        0x1ebbc9a2,0x5486d79a } },
-    /* 199 */
-    { { 0xa1359e13,0xcb2e34ff,0x28196051,0x202d8dbf,0x23564b5e,0xe95e023d,
-        0x42f6ac12,0xfb1340b6,0xb653725d,0x543ba852,0x8d2466ad,0x81aedcd6,
-        0x547c728b,0xbf780224,0x9569fb65,0x559f8a11,0xdfb22ec9,0x505b7a62,
-        0x9eed5e52,0x07107540,0x299f6f11,0x9c899288,0x3db6f8c7,0xa7d69261,
-        0xb3ca79a9,0x30eb7fb3,0xfb2160b0,0xcab99bb8,0xd28b409a,0xd2012568,
-        0x5ac45f8b,0x380f1b0f },
-      { 0xe6a0068f,0xc0b99e6b,0xc8a73753,0x4b67cf2a,0xb2faeb7c,0xa6c9a548,
-        0x340260c3,0x7f417f99,0xcc0f739e,0x8ee56855,0x780949da,0xf08b510f,
-        0x8d5c6eff,0xb1770fc2,0xfd96a7bb,0xb4f5abee,0xf2665a2a,0xa07b1136,
-        0xb601dcf9,0x2fb380a4,0x162becc6,0xcc803614,0xee6b83b3,0x3498fb96,
-        0xa8c17eeb,0xea9b0fd6,0xa177efc2,0x5834b5ba,0x5b110b3e,0x929044f5,
-        0xebd7285e,0x4abedded } },
-    /* 200 */
-    { { 0x700ef376,0x3355e1b9,0x66cdabff,0xd56e5d9a,0x47e87646,0xb3dc2575,
-        0x00f79369,0x28f44b8a,0xa0c52e29,0x08c32b1e,0x3729b392,0x5a78de12,
-        0xb26d239d,0x4184519a,0xe0ce4a6b,0x23f6b4b7,0xacb2a9f9,0x235f6f8a,
-        0xe2064a59,0xbb8bc454,0x1bf3062e,0x37efd034,0x94dff6f9,0x6bac683b,
-        0x8aa7fa06,0xc3364b1e,0xce0b3745,0x0616772a,0xd1e3fb0f,0x46f08d08,
-        0x18e132d3,0x6a20abb3 },
-      { 0x6a85cbc7,0xea831016,0x934f9aa7,0xd0990946,0xe778f1b3,0xc2211088,
-        0x2247b799,0x7ea4ff8f,0x454484ce,0xb3171d71,0x4f98c364,0x29403949,
-        0x97df1458,0x5da911f3,0x09439116,0xa6b58093,0x174238bc,0x75f9509a,
-        0x8209758d,0xfeb51821,0xa47925d0,0xae0c6021,0xaf8a315e,0x0e946694,
-        0x6bad04b7,0xae7af8a3,0xf072447d,0x44c15e7f,0xa5456ffe,0x5184668a,
-        0xbf36b977,0x45e353a7 } },
-    /* 201 */
-    { { 0x93092f71,0x76056764,0xf5b92d71,0xeb66b6c2,0xe2c8b6c5,0x9db3149b,
-        0x20c0363e,0xf62f583a,0x03cd7097,0x688acd33,0xebb916ac,0x85d0c0f8,
-        0x84c19b0e,0x1bf7462c,0x7c4a6ad1,0xc76ed5f9,0xd119f369,0xec8b88ba,
-        0xebe50b83,0x59b8371b,0x866706a6,0x0cc69508,0xf8373d2c,0x531c75a3,
-        0x2a5a02fb,0x4e1cd3a3,0xda39a1d0,0xe8274778,0x75da333e,0xedfc5bbb,
-        0xca79bd36,0x15941f24 },
-      { 0xa77dd512,0x42e8c0f8,0x1dc365f6,0xa91b59a7,0x08753862,0xe80d14cd,
-        0xd272faca,0x1624230d,0x4027cb5a,0xeea3ec16,0xc1ef9f03,0xc1700b59,
-        0x0da3148d,0xd411c127,0xc4181af1,0x801ee448,0x9e3a900b,0xedf28559,
-        0x0d09affd,0x5d67b0bd,0x8b370024,0xd839df96,0xe6f836b8,0x3b6307e0,
-        0xbd3201c9,0x5382e588,0x7a1d02bb,0x636d8a6b,0x968641e9,0x70b7db76,
-        0x118fad03,0x6d17c34a } },
-    /* 202 */
-    { { 0xc181c99b,0xcf608841,0xc87bdcaf,0xb65dc901,0x3720dabe,0xb460b447,
-        0x5377515b,0x4c79c396,0x0a96c277,0xd447f22e,0x2ac0f440,0x0d952130,
-        0xc90583ad,0x8330b26b,0x928904a0,0xe25e977a,0x85c50b18,0x1deaffd9,
-        0xa5ad5f6a,0xcf4dbcb7,0xc8a37ed5,0xcbcd0019,0x1e9850b6,0x7846dd90,
-        0xb0b8e605,0x1ac8194a,0x34132f90,0xb9728571,0xf56ee28b,0x4ce9f149,
-        0x3e9e1d4e,0x1ab9b5a4 },
-      { 0x314fa7a3,0x206dab92,0x478ff963,0xcc4af0f0,0x904d9fdb,0x4cce1713,
-        0x12c045fe,0xac20a2eb,0xfd8f6d7d,0x44fc5478,0xca7b6ffa,0x886e72c5,
-        0x6fd6f758,0x7fa4529b,0x92a820d5,0x4df1d1b1,0x2789f149,0x3d812f9f,
-        0xaabb53d2,0x9842f083,0x2a03ab32,0x2648539b,0xb1512502,0x631ce090,
-        0x731f6bd5,0xe1294d15,0x9436e634,0xb229361d,0x3ca966af,0x8c4281c4,
-        0xc21ab3ed,0x24b34956 } },
-    /* 203 */
-    { { 0x659824e2,0x49bdcb86,0x4e13e74c,0x6dc4ce48,0x6bbe1eea,0xa4c01a26,
-        0x1e3ec457,0x47b2b8e7,0x2f5a8e4b,0x7e8b15e0,0xe333530d,0xe81eb6e6,
-        0x17a45202,0xacba369e,0xd70e4c9f,0x81241431,0x3e12beb8,0xc190af4b,
-        0x11f486fd,0x53270523,0x29fb2bce,0x9f6c41e1,0xb70f6c08,0xbe6287eb,
-        0x3feb4477,0x1479850a,0x9bcf18bb,0xfcfdfb11,0xda80d040,0x925c292f,
-        0x7e3c5bf9,0x212d65e5 },
-      { 0xca15cf08,0x23adb386,0x81e172eb,0x4dfa4ac4,0x4d42d0c0,0x9d1dbf93,
-        0x74404dc7,0xd9cf6073,0xe932bfcd,0x60508441,0x1c682a98,0x9ae910ca,
-        0x41ac1cc0,0x9528fc18,0xdbbed630,0xe6a120ae,0x30ccf250,0x94e0e1ec,
-        0xe58bbf2f,0xfe84ba54,0x9faa4415,0xc66d0b4f,0xecee7ce5,0x0c58f1e7,
-        0x6fa6873a,0x7a1d43eb,0x399f1348,0x96c6c5a0,0xe6727ab7,0xe6ef9aaa,
-        0x9a5c2447,0x66afa554 } },
-    /* 204 */
-    { { 0xc980e91d,0xda5aaba8,0x6ac98efa,0xa93cf509,0x8da32662,0xb0990e0a,
-        0x0081453e,0x01d21530,0x3d71de84,0x2bb0d33e,0x3e19a012,0x465f6d80,
-        0x78a838e7,0x5902ff4c,0x1931348c,0x74e2afb7,0x9cfb057b,0xa4932757,
-        0x3ad03f8f,0x761ea642,0x58ffa40a,0xb7d4c245,0x77a87e30,0xb5e9c0d9,
-        0xc9c84d26,0xd1c5edba,0x3d1963a0,0xeca8839a,0xebf6bf0d,0xbc6f2f35,
-        0x0d58abdf,0x01ef0631 },
-      { 0x3ecdcbb0,0x2bf90316,0x27c1c955,0x19e2d728,0x9575c930,0x9e527030,
-        0x96983930,0x0dc1c5a9,0x7cd082df,0xef9f80ff,0xdf97e051,0xcd915075,
-        0x9cc61b55,0xf286fffe,0x80f24cc4,0x352db38f,0x36523ae3,0xed9b99ec,
-        0x10b104a9,0x109a8ca8,0x305203ad,0xc2700fe7,0x769400f5,0x2a2ee24e,
-        0xee0c452c,0xd595d399,0xf7f02a41,0x0ab75d6a,0x0db730b7,0x34108099,
-        0x5e8d1202,0x0e4f5ffd } },
-    /* 205 */
-    { { 0x0ff14c38,0xbd1c6444,0xaece11f2,0x9a5b59fa,0x22af6330,0xaa4605a7,
-        0x82af24ee,0xddc9f65a,0xeb9a1159,0xf4ee4bfe,0x74e84eaf,0x2463d076,
-        0x0e0baace,0x88cbe1e0,0xd5fabdcb,0x7ca568ea,0xc57eb99d,0xbd80d524,
-        0xe9be9873,0x9c46572c,0x7300b85e,0x918a1dcd,0x40f54176,0x49221312,
-        0xb5b14236,0xf7e324ff,0x2434f16a,0x40dda501,0xa133d97c,0x08833421,
-        0x0876f020,0x33d41161 },
-      { 0x9878e5ec,0x7531a36b,0x46918232,0x5de3e321,0xd0a30464,0xd15f9a33,
-        0xaa173659,0x734c1b87,0xf925d4fe,0xac2094a2,0xc262b0f4,0x43c965a1,
-        0x447d5cbc,0x759c903e,0x05239300,0x92af215e,0x1f593f34,0xfffb6d5f,
-        0xc3cddb5f,0x65943b4b,0xbfdd5408,0x9d03a29c,0x198d76c0,0x8f7cda6b,
-        0xc0f27b59,0xc0790a22,0x8cb58ccf,0xba557a84,0x76c54fdc,0x5922052d,
-        0x47b6b466,0x2d3de7aa } },
-    /* 206 */
-    { { 0x65add3b7,0xaade7462,0xabf24c2a,0xe5888f35,0xe1a57d93,0xd41549ca,
-        0x2c76f7bf,0x0e22e18e,0xbe3202b3,0x67f288ea,0x1d1d0f0a,0xb79a66ba,
-        0x2881ad18,0x0e0ab749,0xc7adb0e9,0x7d424086,0x2842132f,0x870c32c5,
-        0x58f9a09e,0x858477f1,0xec025589,0x422a9372,0xa5098777,0xbe428c5c,
-        0x57660058,0x45b79564,0x957f37cf,0x6c7fc631,0xd6316289,0x8b7023dd,
-        0x5b1c12a6,0x47003bb6 },
-      { 0xc91c1c96,0xd99401c1,0x27a12970,0xaa5dcdf9,0xc3c29107,0x3ab92e17,
-        0xa3fe4710,0x26fce8f7,0x4ee998ee,0xb0d09d5e,0x8e3a41f8,0xafa62204,
-        0xa26ca506,0xb1c012a5,0x99b57252,0x2c6f734c,0x512f7fe1,0x1093d79f,
-        0xacee19a6,0x2f30906e,0x056d1ea6,0x6bff8381,0xeff35f21,0x61c75856,
-        0xc1ad2224,0x6e07e978,0x6b20fde8,0x2cca6ca1,0x633fe81b,0xab4d6d2d,
-        0xb06a2ce6,0x73dff504 } },
-    /* 207 */
-    { { 0xd8e20fb8,0x8b615805,0x82b533f0,0x7c6873e4,0x56a854ca,0x5205f001,
-        0xcb369211,0x87fec6ac,0xc7f092b7,0x1fa3c0ec,0xe845fe4c,0x5b36647e,
-        0xf8b1f112,0xd4781e85,0x8b0f1a6f,0xc6526839,0xdcb8eb92,0xceeb8c6c,
-        0x8e5f6d52,0x133f0ead,0xc8d934dc,0x31883e23,0x428ac45a,0x214ed5bd,
-        0xdbbfca85,0xf77ca492,0x07e5ae13,0xdf4113fe,0x72ab05fb,0x63e4a0d2,
-        0x7148f535,0x7544d0b7 },
-      { 0x80797ace,0x4fe8d134,0xaf86d97e,0x216d6aa0,0xef5a68fc,0xdbf0a688,
-        0x9f9b2684,0x18b26f45,0x8999d2fc,0x52fefcfa,0x62423955,0xd5af8d82,
-        0xf63a3780,0x8f123469,0xdcd4feaf,0x2933454f,0xa73b5d09,0xba8018b7,
-        0xe5552c18,0x9af1f276,0xff26bb1c,0xc5d4773d,0x06dd4f44,0x9ef49410,
-        0x5f39ba49,0xad8f12f9,0xf66ca4f2,0x5767f6dc,0x7922f59a,0xba8773f1,
-        0xc1e42d49,0x220081ea } },
-    /* 208 */
-    { { 0xba37a0ba,0x3043d573,0xdd176df6,0x05a431bc,0xc42070f7,0x03322cfc,
-        0x67c2d109,0x5cabd30e,0xcbf8bcfa,0x362c95de,0x7787b10b,0xd767d277,
-        0x6ec05e64,0x612c915e,0xce69c30e,0x9e669631,0x682e2635,0x27c9dd8f,
-        0x95ffcc38,0x79021f12,0x8a2adca2,0x06a8ee79,0x4b5d500a,0x8e00e784,
-        0x8d80d6c5,0x87746fc7,0x915f10cc,0x246053be,0x219f6fd8,0x844e328b,
-        0x11bd3733,0x620541ac },
-      { 0x509e5a29,0x0f7fd382,0xb432531e,0x8748d7d0,0xcd3883b9,0x8f749354,
-        0x8bfbb17a,0xc6b8ac74,0x05f2d2c5,0xa4616a66,0x1bcb1b83,0xb3d96625,
-        0x2fee265a,0xcf753104,0xdb225058,0xc70d73fb,0xf0c2d556,0x1211d434,
-        0x54b259b3,0x862061d8,0xc42b3f7d,0xffe4606d,0xe86a4949,0x4c5c8585,
-        0x160eedac,0x04ddcc8b,0x568e2420,0x1804ce67,0x42141656,0x91f3855a,
-        0xf932be97,0x7f378198 } },
-    /* 209 */
-    { { 0xdfa6639a,0x9a374bda,0x02ab7391,0x0cbd48d4,0x47031e2d,0x5c5ef236,
-        0xd0599d1f,0xb49ee2bc,0xe0d38443,0xd285eb60,0x269392e8,0xdbbea92f,
-        0xb8bc538f,0x91455fbf,0xe469b768,0xae259ff1,0x41de5682,0xc1cecb1f,
-        0x9952d1ae,0xc876f071,0xe7bf7446,0x1ce25181,0x282ad2f1,0xcb93ad86,
-        0x6ba4ef67,0x8fa3cd31,0xe507aa3e,0xfce68a04,0xa61bb608,0xced74170,
-        0xf6ac10d0,0x6de716b3 },
-      { 0x172d6dc5,0xd4e58d04,0x6397c65c,0xbed2cde6,0x0c9eb4e8,0x7ae77e18,
-        0x75fa2edb,0x56275468,0xa91e6738,0x4b30324e,0x235c8b2e,0x6023a856,
-        0xa8f92887,0x9df6d6c2,0xf6f5e8b5,0xec2c185f,0x3ad5748a,0x7892e12b,
-        0xd54aefbc,0x7aebb4f2,0xee868821,0x14915448,0xb1d9bd5b,0xa26c5f71,
-        0x2ff00df7,0xe5ccd166,0xb95b1dee,0xebc99f17,0x3fe1f774,0x90983616,
-        0xbb3d25b0,0x51f90830 } },
-    /* 210 */
-    { { 0xf2922461,0x49376fa1,0x1650d0d1,0xdbb1b1c3,0x0dd8608d,0x92b91c33,
-        0x36b89906,0x3e612c4b,0xdf560052,0xe1977b0b,0x636a2545,0xf8afff70,
-        0x11723d8e,0xcda7d278,0x81bde7ba,0x0b0bc4bb,0xed2a578e,0x3cb080b2,
-        0x171b2e02,0x5bda0d0d,0x941bb9ae,0xf6df38cf,0xc14a65c5,0x85dd81db,
-        0xc19dd98e,0x7f98c82d,0x52206f93,0xc613747f,0x5f5bbe78,0x9e13a2c2,
-        0x0aa34be7,0x5eed218e },
-      { 0x01d4dc0b,0xe1565754,0xf566bb07,0xa1ae5f27,0xb82225d5,0xe985ebeb,
-        0x1189ec6b,0x5f3ad21c,0xecce4d9d,0x17da518c,0xd6b65b59,0xc84a2d3e,
-        0x8ffa771c,0x7f988175,0x2ac69a7a,0x50d6ae12,0xc6e6846d,0xcb7f30b1,
-        0x5bd0bb13,0x8c023a60,0xd73f2407,0x9a10fecd,0xe5f0a996,0x8c5158cc,
-        0xbd8f5806,0xd26bf615,0x915a46e1,0xaf32ea87,0x0287d308,0xeaf74e81,
-        0xa6264254,0x8c14ba06 } },
-    /* 211 */
-    { { 0xb17ee201,0x0c877895,0x88e57a77,0xc05aa471,0x97822456,0x19c3e763,
-        0xc9c3ba1d,0x0be6f8c0,0xb4389ebe,0xfe85f4ff,0x0ce7fbb6,0x538bccce,
-        0x65266c64,0x876eab2a,0xcf9a3842,0x5c9ac690,0xccc8f981,0x9f5cf3b1,
-        0x9cf687de,0xfa17be6a,0x83835c15,0xfcfc10fc,0x150ef2eb,0x086b0fdb,
-        0x884a52e6,0x9f97ecd9,0xb0cd1eb8,0x416e6fa2,0x3ecc03ba,0xe2bd1599,
-        0xeabb165e,0x645c0a5d },
-      { 0x50aa7e31,0xd94c4205,0x2f851da5,0xaec8df0c,0x3c726e6a,0x99646909,
-        0x2619bf9a,0x72dbdc36,0xe253fbd5,0x1b4260e0,0x8c709e06,0x97c259fb,
-        0xcddaec5b,0xfabf7cbb,0xe4b703e9,0xb4d5e8b1,0x0734efdd,0x1b06e56e,
-        0x1f55f8a5,0x02d4a4f9,0x3f565c8d,0x7f8608ba,0x816d1d94,0x822f47d2,
-        0x5ce7b136,0x0cc36156,0x31d04242,0xe46ee5ef,0x683567f6,0xb2a65f70,
-        0xd2fa6c91,0x27e9ff40 } },
-    /* 212 */
-    { { 0xd7e952e7,0x75251893,0xc735bf18,0x15b30583,0x96fe0491,0x732b5992,
-        0x806d2fca,0x27451858,0x1b885ed9,0x71ab76a0,0x6d9f55ec,0xbdce9d97,
-        0x48f2ba9c,0x3da60b20,0x592b132b,0x6977c086,0x099051d7,0xb6dca9cb,
-        0xd188ae25,0xd9c2ab23,0xe20aaf3d,0x9f469f3f,0x5aad74d0,0xdbd1f7cf,
-        0x22a9eb3b,0x3d5efe5c,0x137010c4,0x8c5edfa2,0x57870260,0xada2217b,
-        0x3dac9776,0x4feee567 },
-      { 0xb5d3d780,0x30e18d52,0x07166744,0x4dadb5d3,0x5a742156,0x320d386e,
-        0x8d6bbb86,0x5d8c290e,0x2d263dd1,0x981a4323,0x98984636,0x33d0e7ca,
-        0xa519acb1,0x5138784d,0xdddc81ff,0x832e3fab,0x3199a43a,0xfc278594,
-        0x32743163,0x5b4cabcf,0x74f94fa7,0x9fa010bd,0x5694a627,0xc28a743d,
-        0xcb657a24,0xc1d2a888,0xe86a25ea,0x7eef2503,0x04c561ff,0xed11a5d3,
-        0x9c9ede0e,0x4fe818e7 } },
-    /* 213 */
-    { { 0x7fc1c7ff,0x00252c9d,0x9fa89ad1,0xa9bd419d,0x4064e9cc,0xc93a124a,
-        0x43942ecc,0x384cbcb8,0x8749695b,0x004c21fd,0x421165bf,0x69c81d9f,
-        0xdde01102,0xe2325628,0x5a9b004d,0xec937457,0xf6dcfc21,0xfb3346bf,
-        0x4d372c7d,0xac4da64b,0xf20494e2,0xcecb7ad3,0xe867c150,0x562c41b5,
-        0xc2b723d8,0x299395ce,0x7ee53231,0xc91adfc5,0xf10b6597,0xe06f1161,
-        0xb74d3ffc,0x81915529 },
-      { 0x6ed9d4ee,0x8ec12431,0x689aff01,0x3dffa154,0x2a89a3f4,0x4aba349f,
-        0xd467efb2,0x2db1e8e2,0x039102e2,0x18dea354,0xe52f082b,0x422ab853,
-        0xed36dd47,0x7130a2c1,0x0295d1ee,0xca60e86d,0x7c7f5ad3,0xe6ac6808,
-        0xde864658,0x0f83cecf,0x461d1265,0x72e66c21,0xbd385099,0xfeef4150,
-        0xa6632289,0x0f183f3a,0x792dc795,0x275454be,0x11367702,0x2744c11b,
-        0xe8ea6ef3,0x7d06bcc7 } },
-    /* 214 */
-    { { 0x7090212f,0x89285942,0x5521e844,0x691b7d4c,0xbe2dbb92,0x4c038422,
-        0xbd81f880,0x317721ed,0xac89bc36,0xc136cbee,0x7b8f004d,0x4f71b60b,
-        0x4e218ab8,0x269132d0,0xe6cc814d,0xb0e2496e,0x75fadc15,0x0b2ce317,
-        0x66d223c5,0x82e3c084,0x4c612f8b,0x9721caa6,0xa4b65355,0x59a751eb,
-        0xc7d3d9d1,0x3433aad5,0xe80d4246,0x1e61b9d2,0xfc673caa,0x149f655f,
-        0xd0f9cb92,0x48b52b99 },
-      { 0xefdc05be,0xa3915399,0x13e095e9,0xde70db18,0xcddb3fda,0x447862e9,
-        0x1a009451,0xa2b03162,0x23920ea3,0x4b27980c,0xa23b8feb,0xac5394f1,
-        0x3e5616d4,0x163f7256,0xb714219a,0xaa0ff93f,0x93d62474,0xd26f96d2,
-        0x7dcfe276,0xdd212ea8,0x47038d15,0xab27bf2f,0xf418168e,0xe58c8325,
-        0xb32a989a,0xe3704222,0xbfc9f13b,0xa3694390,0x0d0684ad,0xf16e2606,
-        0x9d8c76ec,0x17c0de87 } },
-    /* 215 */
-    { { 0xdcc01958,0xbca5f453,0x1ce88393,0x7d945954,0x561f5b6d,0x5e6350a1,
-        0x7e2d36bc,0x291c3c86,0xa5ac3a6c,0xf6c7ed84,0xd98006cd,0x7913c40b,
-        0x5671ec3b,0xf78bb087,0xb43e89a9,0x1c928f6e,0xae1ea1ed,0xfdf28df3,
-        0xb924b2b5,0x62bba5b1,0x1a116e05,0x491d2705,0x167ed3e3,0x08ec02b7,
-        0x5bc0b046,0xe291cf7b,0x8c5d7f59,0x30e50169,0xf5c799b7,0x0c7c350d,
-        0x0ac6e1d7,0x6862b9e2 },
-      { 0x9ffa1f64,0x56c6f4e7,0xa1e24349,0xfed6a91a,0xcdb75232,0xe9a0ee0c,
-        0x0322d607,0xbfc90b37,0x462fef87,0x29480ad2,0xc2bfcf34,0xfc214969,
-        0xa539e38f,0x6e5211e0,0x12a5149c,0x2a59ec26,0xd706b532,0x195fe212,
-        0xe99c8429,0xf77fb108,0x5dc80482,0x74ceaea3,0xbd92d298,0xa5a6030b,
-        0xaaea15ee,0xad42dca5,0x4987109c,0xd6ac3bc7,0x290af649,0xc64e1c40,
-        0x51f8de6c,0x5093fa2d } },
-    /* 216 */
-    { { 0x4c2d553b,0xc4cf3280,0x3b966c29,0xdc1abe22,0x2296914a,0x556a549c,
-        0x999976c9,0xd8c9f8b5,0x776e83f3,0xc22c57bd,0x7c85ec57,0x4f2942ab,
-        0x6e2c61f5,0xef3407e5,0xf213db48,0xf005e8ca,0xf32698c7,0x470c853d,
-        0xcac0a54b,0xe6f488d7,0x60b7501e,0xb6bd6bed,0x714a4bd9,0xf0103106,
-        0x6e098894,0x5285bc3b,0xf5f92a00,0xec06741a,0xef7ef24a,0x32f16426,
-        0x6c77a438,0x12f9c44d },
-      { 0x83313a1c,0x1951e964,0x33c58b37,0x98edd3da,0xc7ac4044,0x4edbbf52,
-        0x0dcb5ee8,0x866ca6f7,0x6dd422f8,0xec0ae8f5,0x0661ec2e,0x1077bc54,
-        0xd422523c,0x6d39913a,0x58e7cb3e,0xd105e1e8,0xc979bb45,0x47c9397f,
-        0x0997b592,0x3221d4a9,0xe8952fe7,0x0ef628a3,0x4e946241,0xd08d5827,
-        0x59780f40,0x64cbed0f,0x08e110ec,0x13d7c227,0x7679b1a3,0xd186d866,
-        0x26ae1d18,0x02f75e4e } },
-    /* 217 */
-    { { 0x47f307d7,0x1b637ebf,0xd0141477,0x6b644a6a,0x2e05a80c,0x82a33d65,
-        0xfed07b31,0xc8f1a0f3,0x3696e597,0xc09ee7f9,0xc7ffc01e,0xcdaa7ec3,
-        0xf8f373b9,0x549f88fe,0xc3bb8989,0xc88d1961,0xdfcaa7b7,0xd92a4fe9,
-        0x3ae4ab20,0x12ff9ee2,0xf5ecb1a5,0xf5aea641,0xe32fb47d,0xe769237f,
-        0x25d085c0,0x96a5c420,0x26c755a2,0xdc912558,0x9bce9723,0x580b985f,
-        0x63961941,0x72b1b566 },
-      { 0x790e5558,0x9d708a08,0x0689af80,0x98536041,0x42313b5f,0xe85e7b8a,
-        0x55a49d1a,0xe6ba1292,0xac371b0b,0x5e76c4b0,0x938e6e19,0x58504f39,
-        0x60ae9a21,0x8dd41422,0x968485ce,0xd8b04e9b,0x887efe43,0xf94c4ba5,
-        0xf11c5e73,0x11268e67,0xcf6b99c4,0x92623e28,0x7a0a9662,0xf2d0aaa8,
-        0x4ca02ed3,0xb266772a,0x2d63b551,0x68ee8e4e,0x2e78b5b5,0xcdebb299,
-        0xe17225ad,0x5df19216 } },
-    /* 218 */
-    { { 0x8df2e7e3,0x20027e1e,0xd8da07de,0xb183cc68,0x4b4ae694,0xce35ba69,
-        0x3ca62e88,0x896d97df,0x52efed2c,0x3de4713b,0x26bd084f,0xd006c40e,
-        0xfc81923b,0x1e9b71bb,0x1aacc6b0,0x9991c7b6,0x8f656840,0x650c9364,
-        0x87f47524,0x138561d1,0xbffd3ca2,0x610f2b11,0xfa191418,0x96915faf,
-        0x955e5309,0x8f1236de,0xa1872d79,0x613cbeea,0x66a2a48b,0x7f7b44ea,
-        0xe0a89c32,0x452265c2 },
-      { 0x25430010,0x4ad5ec79,0xebd090c0,0xcac786ff,0x20a9d3f5,0xa5f9f4ff,
-        0xa3edc65f,0xfcbf4112,0x0cf3eb11,0x8824839c,0x8aa5b700,0xb8dd6d4e,
-        0xb7568ab8,0xe2271dfd,0xb744560e,0xe43ec373,0x1cf75296,0x78eaf926,
-        0x3fa96d9b,0x1809ae0e,0xdc25dfd5,0x0b312d2d,0x6bab7711,0x6b8f78b4,
-        0xb5ecf1e4,0x069efc8d,0x609fecaa,0xc1952bae,0x5f4dbde1,0x43e302ed,
-        0x1e078555,0x14b02bf9 } },
-    /* 219 */
-    { { 0xb87e5b57,0x2c71c768,0xf531a557,0x0bcc78f7,0xf7597dc8,0x4ff93f8b,
-        0x139e175f,0xb28e026d,0xcb94ca6c,0x6b83b727,0x0079f7fc,0x2eafe3b2,
-        0xcf3bd170,0x2aca54de,0x6af0dc6c,0x17c4133c,0xccf5e35e,0xbea1e665,
-        0x345505c6,0xa6691a48,0xe6100b89,0x2633abd0,0xc17d0388,0x966c6706,
-        0x1a0cf90c,0x7aefffbe,0xd0add64c,0x4d847be7,0xaea2aa46,0xd49bcdfb,
-        0x2cc7d0a5,0x85e07e74 },
-      { 0x0bc25bca,0x23aae0a6,0xe44f64ec,0x6e8e55f1,0xb607b773,0xe1e696d8,
-        0xd3005909,0xaa90a746,0x2cbc4990,0x072b1ccd,0xc68e2f5d,0x0d0fe6c6,
-        0x53e28ec9,0x920ec5f0,0xf0040cc1,0x79b21fb4,0xfcc4a2c7,0xa7375bd3,
-        0xe1bac7dd,0xf5f5def9,0x35c0f8d3,0xdc315d79,0x2cacd318,0x7117c170,
-        0xe926f71c,0x6f2823c4,0xed02f39a,0x38db58bb,0x7db69323,0xe5b49231,
-        0x8d49f430,0x0964039f } },
-    /* 220 */
-    { { 0x56999eba,0x21774f16,0xb1de6305,0x3d8ee287,0xde0b2669,0xd81af726,
-        0x3f8942a1,0x37446939,0xea03e13c,0xbcf6b615,0x94e273cf,0xd30c0c35,
-        0xc6725c56,0x4fd33a56,0xa8be97a2,0xa57534ad,0x7c22a251,0x799242a6,
-        0x9d0c5c49,0x4e51bdb5,0xc6a42768,0xd7cd76cc,0xd426bf59,0x914097ac,
-        0x66e9beb2,0x59404a2c,0x5c96e3e9,0x4738fe98,0xaad666d0,0xbcbb3e0e,
-        0x63bc5e56,0x626b0fd2 },
-      { 0xe1a1ec42,0x47217dba,0xab5acc50,0xaa6ae7db,0x865331d1,0xb7e1ab1e,
-        0x3d30126f,0xb8453070,0xdee61851,0x280649e0,0xea689544,0x8806f4a3,
-        0xcb56f632,0x4bbe43ad,0xbcaff94f,0x036b9bda,0xbd0637be,0x0d941e65,
-        0x686f3abb,0x82179d44,0xaad6afd6,0x1486912c,0xff7e1534,0x9a3b891e,
-        0xeb86fd96,0x88c426ce,0x117928c3,0xb56e6a81,0x96399e00,0x933e7135,
-        0xa17b6ac1,0x09bbddd9 } },
-    /* 221 */
-    { { 0xe4fd3673,0x75e39c1d,0xa65c8e07,0xf880d9d1,0x7289c7fe,0x4725c1dc,
-        0x3529d200,0x5b6735ee,0x3c747af3,0xc1f8f2ed,0x912efdf5,0x5cf3998f,
-        0x49859c39,0xed722618,0x0e69795d,0x23793a2f,0x86b1d2a7,0x8a6ab8d6,
-        0x22a882e4,0x00c815de,0xf9db8d7e,0xbe77d6fc,0x02267547,0x0886fb32,
-        0x49c10edc,0xb62687d4,0x7c83ed4c,0x9f1c3e17,0x5af366ea,0xe6d5d7f0,
-        0xd1efad24,0x2eaa01b8 },
-      { 0x1f357c74,0x5e47fb70,0xa9e3b794,0x93085c4a,0x6e85a905,0x4f098733,
-        0xbe0244c9,0xf53808ff,0xa3b5660d,0x91dddf93,0xf3b95ed6,0x8b76377b,
-        0xbb3920d4,0x91b911b7,0x86a13cf3,0x7ccf08bf,0xea018e58,0x53ed8f97,
-        0x78c55194,0xb1ea4343,0xe0d2d5a6,0x8e6adde9,0x9b96259a,0xfc2b248f,
-        0xeef17ddd,0x96ebceae,0x557f9c85,0xf694b443,0x07d5bba8,0x48cd150f,
-        0xb4c1986b,0x02d31de9 } },
-    /* 222 */
-    { { 0xde79499d,0xa6bb9e1e,0xfd0fc2ad,0xf6ca8ff8,0x1a7d9356,0xbec0f8e8,
-        0xe8f06327,0xbc3d1c9f,0x3b300beb,0x805c7217,0x413c181b,0x00420a08,
-        0xf0ca9d01,0x9e9a167e,0x1aeeddd6,0x076c909d,0x8e3a8a72,0x64a1997f,
-        0xa77b429e,0x3ce7f7a7,0x5c94d3e9,0xaac0fbf4,0xe6d48407,0xf37694a7,
-        0xa91921e7,0xf56679e2,0xee1dbbd6,0xf23fe0f3,0xcbf9fa99,0xc7917566,
-        0xe0f4d765,0x965860f2 },
-      { 0x7fa5f79c,0xe734702b,0x5af2d26d,0x930bd426,0x6c73e0ce,0x45bd8b98,
-        0x4ee44a2d,0x7dbe7bed,0x956c8a1a,0xc129e024,0x77cdf80e,0x6fdc05ac,
-        0x589ca59b,0x70a6ba2b,0x999825af,0xfc484021,0x7a23f0b6,0x1d284b54,
-        0x28a0a8af,0xb1da10a4,0x2b2af6d8,0xb1eb1b31,0x33935ee3,0xf051443a,
-        0x8effa6ec,0x7a07eb26,0xd662654c,0x16ee4086,0x4549ee4c,0x7a7bc501,
-        0x1fa98a52,0x65081032 } },
-    /* 223 */
-    { { 0xb67ed9b2,0x49f0e460,0xc36d93d2,0x0cda0fd0,0x88c75e1c,0xbb5963e9,
-        0x614bc0c9,0x757bbe93,0x9a768605,0x9a9b8801,0x48edc544,0xa8b7e2af,
-        0xb51a5985,0x9e77ed9e,0xebbf024c,0xdd025274,0x1545c636,0x598b6288,
-        0x4800dba0,0x39bdaed0,0x81e2a23a,0x7fc20139,0x550cb4f2,0xdc66fd5c,
-        0xb52068c7,0xad27032f,0x8169fa15,0xc9a0bcae,0x3a7ca8a2,0x60606f21,
-        0x9862652f,0x98295046 },
-      { 0x2e11c128,0x3e374600,0x0e6dca7e,0x80dfae5d,0xd9552264,0xe44016e2,
-        0x880b7143,0xf65f88f2,0x526b881c,0xca3d28d4,0xdfb86afe,0xf9c59dd1,
-        0x4c74f958,0x548860c2,0x9cb69f4f,0xd06ea43c,0x7334ecec,0x5343c9ae,
-        0x35329713,0x5cc2ccd6,0x5f3a6c0c,0xa95ff403,0xb372653b,0x2e01a1cc,
-        0xa250523d,0x31510fdf,0xa6227eb2,0xeee538e2,0xca23cd10,0xeadfc8a0,
-        0x3e78f54b,0x4b7e6e1b } },
-    /* 224 */
-    { { 0xdb5f928b,0x79c9076f,0xb7347cec,0xe6250bb6,0xac00ec41,0x54b67798,
-        0x9d9619c7,0x900d20ba,0x59e4343f,0xed42c0d0,0x451935d7,0x3df39e85,
-        0x64f701ce,0x26391182,0xe1f87aac,0xce8f2554,0x65f91aaa,0xfddd6789,
-        0xa324539f,0x96cd163f,0x4bace995,0x5c815f2c,0xa94f9ea5,0xd78c8c2a,
-        0xef24e455,0x7ab2aff4,0x1cddc26a,0xf0ed6409,0x00ca2822,0x954a420b,
-        0xd3297658,0x0611c4c5 },
-      { 0xa9e81829,0xf192001c,0x08a282cc,0xded33320,0x8f9ded9b,0x0bfd7de1,
-        0xb7889003,0x6793ac0d,0x3577a5dd,0xbb00d91d,0x802d3c2b,0xe17a23a7,
-        0xfb549014,0xff95f88c,0xc71b6e07,0x7cd1bf4b,0x23588c8b,0x2e3b24a0,
-        0xa4112076,0x9b5335b8,0xc4056d30,0x2481c05e,0xe916a1b5,0x55c7410c,
-        0x850179f4,0xbbe03271,0xb3cd1208,0x15e6c177,0x90cbfe50,0x509a24c0,
-        0x1c108566,0x82079529 } },
-    /* 225 */
-    { { 0x1c7d353e,0x5d2d3cff,0x7de0ce3b,0xd5e7eccd,0x6ca87635,0xb4b1075f,
-        0x25f9ad3e,0xda8404e0,0x205cb5ae,0x6b963e89,0x09f221a1,0x9e5ee0d8,
-        0xea41aca4,0xd64c85d9,0x34442a34,0x6a46c4e9,0x3cf655a4,0xac6ff97e,
-        0xe5417d7c,0x76565c1e,0xeebf9c4c,0x681009a9,0x88da6388,0x95b61d39,
-        0xf6b472c6,0x6402b46a,0x0b7f1171,0x1fde5165,0xbe0c05e3,0x94f8f273,
-        0xa88344a7,0x7487b036 },
-      { 0x9c3e2370,0xa860e575,0xf8048719,0x19d58193,0xa6e2f9aa,0x3a0dbf3c,
-        0x6144719b,0xb6c7e959,0xdeffec21,0xa9049c74,0x3f50cebf,0x8ba064b2,
-        0x49a1de15,0xb12822c0,0xb1d527f2,0xb654b7d9,0x0ffd0430,0xc470859d,
-        0x4f05446b,0x37c74a67,0xa3add995,0xe553251b,0xe33533b5,0x4a3ed6cb,
-        0x27e419ce,0x2f2f44d0,0xa5d1b979,0x2d84ee82,0xdb6fa69f,0xcc76b123,
-        0x21fa3bdd,0x834f85c5 } },
-    /* 226 */
-    { { 0x2ce9b31a,0x329347c1,0xfe3fb3b7,0x1d88522a,0x52ff90fd,0x4bcefb4d,
-        0x2b1a081d,0x53b17386,0x2a411f08,0x538c11ba,0x141b603a,0x7895b93c,
-        0xb10bd741,0x2993b9aa,0x09912986,0xccbbd046,0xeea0aba5,0x669fafb0,
-        0x35661897,0xd4844622,0x367ffa54,0x4a63b89c,0x1c3478da,0xcbad5d1d,
-        0xaa6034f7,0xc5339227,0xe61b1391,0x0e6d705f,0xf74ff515,0xdd14b660,
-        0x5332b54c,0x639d8b0a },
-      { 0x162217cd,0xfa423162,0x811c28e6,0x2e0e4a2a,0x21766dc0,0x68d9ce18,
-        0x046a06ef,0x51263739,0xdde92101,0x44eea231,0x114298d3,0x0607c8f2,
-        0x63d957e9,0x27f272ba,0xa5e8cae1,0xe7ce80cc,0x24f7a63f,0x5816ebe2,
-        0x89673e34,0x4dece5a7,0x536babd4,0x13756a22,0xe3bf77af,0x644d61ae,
-        0x2bcf98bc,0x60b2bf6e,0x29fa962c,0x3b0b59f3,0xabb50023,0xb0769a1a,
-        0x0c75402c,0x40903136 } },
-    /* 227 */
-    { { 0x1670433f,0x84d2873a,0x25493dfc,0xc9394df6,0x80fcf89e,0xeb05a19a,
-        0xdb297616,0xe39e4310,0xd9e63046,0x50742dc9,0x1de9ca9e,0xf31ad8c8,
-        0xfb7b1d0d,0x86aabf94,0x1b3c82d1,0x36cda27a,0x39702d84,0xfb1a2ef4,
-        0x46081299,0x280bfddc,0xd2396238,0xe4b2b48d,0x7b3c9353,0x2db2c2f3,
-        0x12fb8a69,0xd5b5b317,0x08180474,0xf9b87a3b,0x1e952578,0xd8590986,
-        0xf37a2bc8,0x80668eed },
-      { 0xb39a0249,0xe2edcd35,0xb2f8aeae,0xaf230cd4,0x7223df05,0x295b15e4,
-        0xe0e937f4,0xbb66982a,0x8cbc9162,0x019d2b72,0xcf49dca1,0x5c512ae9,
-        0x630f07b4,0x11b491a7,0xa03874e9,0x48d4f34c,0x44cb7433,0xc1fd0ea6,
-        0xf95b30c3,0x13f79ae1,0xed8b60ac,0x40362d4d,0x61ead81c,0x9e8314ff,
-        0x498c3d28,0xed600dd4,0xc2521702,0x5fcb1c19,0x3a9c1f33,0x592329fc,
-        0x1bde6ce9,0x04677548 } },
-    /* 228 */
-    { { 0x39233c96,0xee3de56e,0x80737eaf,0x868c409c,0x201abc68,0xacae11bd,
-        0x2b486205,0x0f2cea9b,0x6f19056c,0xe32387e1,0xa5dc2a41,0xea75365a,
-        0x12b4be86,0x76c29acc,0x8d63294d,0xa01fcab7,0x0cab9f24,0x81dbe88b,
-        0xf414c054,0x76646e5b,0xcb96b7aa,0xfe111893,0x7664e097,0xb649f5b1,
-        0x53fcf5a9,0xa196422e,0x0b7ff634,0x5978c9bd,0x3c229895,0xb5feb38e,
-        0x0833c456,0x038a49fb },
-      { 0x13e93257,0x35e3818c,0xa612741b,0x14cebc9d,0x7caac06b,0x4f6e9249,
-        0x3daa1116,0x82278e33,0x4de2034a,0xe7cc565e,0x0a1ba630,0xbb7dc95f,
-        0x66956fbd,0x81dd9f23,0xbb132dd6,0xc63e6319,0xfc241337,0x6e22b022,
-        0x7e8beb1c,0x23848193,0xd8c938ac,0x83b1994d,0xa6bb5644,0xb54cfaca,
-        0x06f91807,0x1a7cd44e,0xa8f8d9f3,0x1dd439bb,0x7f74a8e6,0x660c2a78,
-        0x121b5660,0x4bb76e22 } },
-    /* 229 */
-    { { 0xe6354817,0x7a151e8a,0xf038b438,0x33d494ea,0x85958986,0x4c86c688,
-        0x1dcbac12,0x72153827,0xc0edad06,0xf487af8c,0xe500e5d6,0xad33051f,
-        0xd6e47f55,0x0a711b1b,0x8c746ad5,0xa68709a7,0x6402f35e,0x27f17262,
-        0xfb30c130,0xc6d08efa,0xc06c7497,0x9ef1c041,0xdcc3e2da,0xd0c74ece,
-        0x092e1073,0x30c5f96e,0x2aa12b74,0x0f1393cf,0x2107eb02,0x24584016,
-        0x7b76f98b,0x8843d25f },
-      { 0xedb2a83e,0x4e1501dc,0x2bb8d724,0xbcfe8fb0,0xd925df62,0x09020659,
-        0x42ab6fc3,0x3c715dcf,0xa0f09dfd,0x73c05055,0xe3590aea,0x126745d8,
-        0x76ff749e,0x5382f4d8,0xa920c663,0xfc69feef,0x9fd711ca,0xde160211,
-        0x9075c4d5,0x4219c3bd,0x3ded6bf2,0x3800cbd1,0x6263a116,0x8c7ea0eb,
-        0x7d264c37,0x35bd7958,0x7159c98c,0x56e22e45,0xfa7373b5,0x71bf2a2d,
-        0x8935c949,0x0503f939 } },
-    /* 230 */
-    { { 0x71dad4f6,0x65addc66,0x024bea1b,0x238e4889,0xf605d3dd,0xfb76c8e2,
-        0xb0d96b89,0x13d5f5de,0x6601b2cb,0xe0b5ba35,0x83e3d254,0xe37d491d,
-        0x240c8ea7,0xe8860423,0xe91c99ba,0x374182f3,0xa87ad919,0x26c2caf9,
-        0xf574f295,0x4b13040a,0x944000a3,0x5b9bced1,0x06df42e7,0x4ccc57be,
-        0x4bd1089d,0x22e8ec50,0xdddbb500,0x0c53177a,0x9ecfeadb,0x690d31d2,
-        0x176668f9,0x735778fe },
-      { 0x843c1137,0x0f86ee3e,0x3f0b73cd,0x3c1c42fa,0x8ab20e3a,0x0e75679d,
-        0x16242fae,0x6f95f1f4,0x39b092e4,0x7b88e11c,0x4c236ac0,0x1629403e,
-        0x2dac02e6,0x66105f41,0x862e0632,0x74dc28a7,0xf3b23c8d,0x2118ffb2,
-        0x0745ffbf,0x1182417c,0x4c05711e,0x49b55a04,0xcefbe4de,0x2c665b74,
-        0x97bf7107,0x1cc4c01d,0xc54f0676,0xb2ca06da,0x7450d0f8,0xfc599daa,
-        0x1a3182a1,0x52e637a6 } },
-    /* 231 */
-    { { 0x6bebc6db,0x481700f1,0xf9503d92,0x4a6b45db,0x5d153919,0xc715cd3c,
-        0xe5ad2abc,0x942a1c05,0xab7b466f,0x36a82433,0xba13918b,0xba413bed,
-        0x90f4e6ce,0x698a5624,0xf3f1f3ca,0xbb720da6,0x63471ab3,0x2116d41d,
-        0x303d3609,0xe00d2227,0x463ba69e,0x7fd4cc00,0x62845fd1,0xac609e4d,
-        0x80adc9c7,0x63603b2c,0x45fafbca,0xbf16fc9a,0xc4bc94ab,0x41007f7f,
-        0xa74b1698,0x7c916b4f },
-      { 0x78bac2d4,0xc1026f91,0x2601a875,0x8a2e8098,0x0073d640,0xad2f276e,
-        0xfcc1fb88,0x443610c4,0xca6b291f,0x5727b822,0x88ec60fc,0x0645532c,
-        0xed9ad48b,0x51e48899,0xf543f103,0x841b48b5,0xd591ceeb,0xa6ccb1be,
-        0x9dcf5a8b,0xfc4adf0f,0xb347ddb4,0x3a7ca020,0xcb44c521,0xaa1accc2,
-        0x0527c0c4,0x773b6828,0x7023cf50,0xaa374c10,0x6b74c926,0x733d1000,
-        0x77a8d07c,0x1ff3916f } },
-    /* 232 */
-    { { 0xf997939d,0xaa218fe4,0x791583b3,0x3d4dfbbb,0x87f7560b,0xb3a7b5da,
-        0x5da92c98,0xa9c02801,0x46666f4a,0xe1eb4aad,0x14ce9dd7,0x2eb17a51,
-        0xef8f3076,0xf46a66a4,0x810e546e,0x900b45c6,0x4baf04dd,0xf7af2258,
-        0x5c84d42f,0x3cc1c872,0x8e4c83de,0x3093f225,0x170d88b2,0x62fade41,
-        0xac076e44,0xe19612e4,0x32dd141b,0xf48d7346,0x925e34da,0xc1b1f759,
-        0x072b90c9,0x19ed1a56 },
-      { 0x6c735473,0x9cf7fcde,0x6003bc3e,0xaab88e67,0xfb199bb8,0x12187cbc,
-        0x9accccbd,0xbb730441,0xb0f65459,0x214aff3c,0x6f926282,0x6aec81a3,
-        0x9f9d20b8,0xaa82cb32,0x5773cc90,0x82f3f90f,0xf62257e1,0x4af60e6b,
-        0xbd4762df,0xf18b44bf,0xdb970753,0x3948b129,0x7c22c18e,0xc6e920e9,
-        0x57be97ad,0x393d6208,0x46b637f9,0xe8d7382c,0xf1fed1d5,0xf6625ccb,
-        0x68681599,0x6f31e0f9 } },
-    /* 233 */
-    { { 0x82b8f204,0xc45afe55,0xd358b54a,0xac0441b6,0xacd5f5ed,0x7213e7bf,
-        0x139bcd93,0x1914c70b,0x96dbcbb0,0x714b4581,0x1ed35d21,0xe9297d35,
-        0x6a3e1f20,0x8f640837,0x2f3cd705,0x150a8a9d,0xdcdd9f6d,0xfb36e801,
-        0x5cf56d82,0x5a54eb65,0x92aa5a21,0x7610500c,0x3b089f03,0xd10d0ae2,
-        0xc42b66e8,0x491b2079,0x0eee8d48,0x4af1ae3d,0x41556f45,0x137e4c28,
-        0x63d8a7e6,0x875e3308 },
-      { 0xaf6c0acc,0xdc80fddc,0xbb1e7c08,0xd5ad1e66,0x828585ad,0xdc717ae1,
-        0x275c7da6,0xbdc54340,0xd26b9e15,0xf4b4c852,0x6a05fa50,0x5f0a1fbf,
-        0x817bcb32,0xc6f81e47,0x70ff2e1d,0x2cbd4328,0x67c7f7fc,0x8a249016,
-        0xb585a6c4,0xd045acb7,0x4666c057,0x2e972ad4,0xe6d7d63d,0xc74d87cf,
-        0x0e274144,0xf7067d87,0x8b2584ae,0xb2ca157a,0x75f0fdeb,0x495c5bfb,
-        0xf386e009,0x5abb0581 } },
-    /* 234 */
-    { { 0xf0c97f57,0x8be62d2b,0x962f28c7,0x0fe04871,0x47b50abb,0xc548a467,
-        0x44fa09ed,0xf6b26e03,0xab05a96e,0xfd44c6e3,0x70e6ae82,0xedb0032c,
-        0xd7e4899d,0x28bd402b,0x9b7c11c2,0x43f2e963,0xce913716,0x0ec3fc0e,
-        0x02fd0f8c,0x769b8bc9,0x7cabc3ac,0x9d9cb3aa,0x06924cc9,0xe88a8892,
-        0x42609014,0xa51461aa,0x962e79e0,0xc7f4aa8b,0x8b1b3e80,0x4ef0210a,
-        0x1bfee4bc,0x70544680 },
-      { 0x121901c1,0xfab3d713,0xfead54aa,0xe90a2627,0xbc08ba23,0x64f6d285,
-        0x36ec227e,0x8d993015,0x06c191ab,0x99a16ab9,0xf649ce2c,0x86b1cf5b,
-        0x66be3a80,0x59206759,0xccba2cf0,0x18836279,0xeff53486,0x2c157b87,
-        0x4b223af2,0xbfac9896,0x0aae7a57,0xcd0fd4f0,0x63218a80,0xdaddb940,
-        0xdf88f14e,0x3844bb79,0xb71ed9fd,0xc1b3e3d4,0xd6205036,0x6c634a13,
-        0xb8680a6b,0x6f56aecf } },
-    /* 235 */
-    { { 0xd9205c5d,0xb01dc803,0x67123929,0x68955f7d,0x9d9b6565,0x3debbffd,
-        0xd3b1acfe,0xb844395e,0x6094eeff,0x04328b21,0x22991feb,0x6631ffa8,
-        0x190dd075,0x0dde66e6,0xe8577c05,0x75b03c55,0x91722407,0x6c91ce5f,
-        0x8ebb3a3f,0x9a288a40,0x058a1396,0x1d376f8a,0x9a6e0676,0xf3a59457,
-        0x7b71d288,0x103029c5,0xb44c30c0,0x0843f428,0x730e0b9c,0xd8e6aff8,
-        0x4ed644ad,0x7b6be811 },
-      { 0x3d3aa54e,0x3ec38e4a,0xd83d509a,0x10233943,0x243955e2,0xf84aa621,
-        0xf51d3d44,0x29104717,0x7eca4e37,0x62d2442c,0x85fa55de,0x8c5a523d,
-        0x851da1b5,0xc6f5ccda,0x20001468,0x044bcaa8,0xe01702e0,0xf7501e68,
-        0xe6a0acec,0xf0819359,0xac0ef0b2,0x33dda6ad,0xfd964f01,0x97aeedc8,
-        0x530b90d8,0x48dacd0e,0xb84122eb,0x4c5fad6f,0xd700a1de,0x2284ec1e,
-        0xdbca5474,0x86f9a835 } },
-    /* 236 */
-    { { 0x450cc69f,0x0e1d9055,0xc9edf98f,0x50eb14bc,0xee7eba01,0x1bb94e77,
-        0x998f8e53,0x5f7a6737,0x1b16eef0,0x588384e3,0xd85c5e15,0xbb928723,
-        0xcbd952aa,0xfe51e345,0x7e241674,0xc5d0ee28,0x100182f0,0xfdc146ef,
-        0xe7f5be2c,0x0f739e92,0xb656bd3e,0x501ab3af,0x5168e289,0xb1552dde,
-        0xb8ee104a,0x940dfe31,0xc4304475,0x42923603,0xc460a913,0x9306f114,
-        0x03b51f86,0x5bfa9faf },
-      { 0x107b258e,0x2a23f52c,0xd66341dc,0x989e82bb,0x823cff1a,0x54a3ced8,
-        0x719b491f,0xf45b7794,0x2433dfb8,0x898c2218,0xc49250ee,0x0f9dd91c,
-        0x4fa17655,0x50c2a2ae,0x2c327f45,0xf7aa1ce4,0x583b1e41,0x13a15ad6,
-        0xa1bfad9e,0x9aa0d5a5,0x8e1fbdcd,0x9b1caa28,0x915f7f87,0xaf9283b6,
-        0x87e81a1e,0xc10e4e0c,0x1080d296,0x04fdca56,0x12755bd8,0x6acc9616,
-        0x828feeda,0x1b1266aa } },
-    /* 237 */
-    { { 0x774ee49c,0x4ebc0a00,0xcb6237d7,0x776f6852,0x5df938a3,0xfc0544ac,
-        0xb6fbfbbd,0xc3388ec8,0x745f2eae,0x84ac8bcd,0xb1ece937,0xa9c56609,
-        0x7de8fa13,0x656fb6ac,0xa532b871,0x5f8ded74,0xaa889f09,0xab0d428b,
-        0x10b7aec2,0x43b27f28,0xfeecb34c,0x26426e1e,0x9e89c2db,0x44431b6b,
-        0x39211090,0xaac4bc5d,0x4fd81058,0x926f7368,0x471ef60e,0x452fa691,
-        0x218d7a23,0x33517fdb },
-      { 0x593c4a36,0xa9c33f46,0x36b1a9ee,0xac69d718,0x4277beec,0x55a20c1d,
-        0x7e4f179c,0x3e8ca24e,0xd46d88a2,0x57373369,0x730702f8,0x71ceb1cc,
-        0x35eed574,0x8b184d97,0x0704cec2,0x7f4517a2,0xd7062a53,0x7f129d18,
-        0xb1d77e1c,0x07a4571b,0x8350d8b2,0x774ac309,0x61fab8ef,0x27b2919f,
-        0xb5dd801b,0xa7c4cc13,0x1434591f,0xe7e6255b,0x5a3592b3,0x349937b8,
-        0x30c77549,0x31fac63d } },
-    /* 238 */
-    { { 0x04913fb6,0x2ee8cf1b,0x1769a6b3,0x7e401350,0x783e61f0,0x790ebb71,
-        0xe27f2ffe,0x1e5107f9,0xedaf89bf,0x124ba67f,0xe58de68d,0x189200e1,
-        0x6df5abee,0x962732a3,0xacbeb4aa,0x72cc37cf,0xe93c5a76,0xb0c5fa96,
-        0xde63393b,0x4c2a317c,0x830b2d6c,0x97f65e67,0x1be5b96a,0x4afc3504,
-        0x730ce66d,0x0bf40a60,0x9340d84f,0x96a1ba79,0x07626b08,0x3ee18254,
-        0x7ab0cbf5,0x01db35db },
-      { 0xac0efee2,0x6e0fbc2d,0xd71dbb45,0x8406ebcd,0x19b69abe,0xe72bde3e,
-        0x37e01822,0x49cb7e61,0x11458b4c,0xcbb8c01c,0x687c5d63,0x420b4847,
-        0x454c6776,0x1847dfa1,0xd1839d18,0xbede911d,0x278df046,0x1b9dc9c9,
-        0x881a336c,0x294bd62b,0x93e77adc,0x7f096879,0x43ce3ba7,0x7ac90665,
-        0x7764eefc,0x148695fd,0x9ac465cf,0xe0c20f0b,0xa6e2cdb1,0x636e8d28,
-        0xd755341d,0x7b6ba98c } },
-    /* 239 */
-    { { 0xc1881ab4,0xcb1d9e03,0xb3168c88,0x19c25d55,0x282364ce,0xa82d3d47,
-        0xf161aa24,0x95994390,0xe1ebb2c9,0x7838bc00,0xbdec7a75,0x8fd5dfcc,
-        0x4ff7220a,0x4dd203c2,0x0efeff48,0x5ec173b3,0x16428b35,0x99f1d2b3,
-        0x056e813f,0xc06bd9e5,0xc0b319f1,0x929172ba,0xfd223b15,0x6ae0e384,
-        0x98d091ed,0xbd01059e,0xa654648e,0x6b3168e4,0x3375e798,0x2211447f,
-        0x71eb4508,0x47e81019 },
-      { 0xbc8c290d,0x7045d45a,0x810fb33a,0xa33d1355,0x46fbbf2f,0x2baf0092,
-        0x385c7cd9,0xacff3f1b,0xe161985c,0xc5b150ec,0x2a888748,0xc6ee0a7f,
-        0x5e88dcc8,0x9d888c8e,0xccb86443,0x4dd735f2,0x3c40f6f2,0xcc1e13b7,
-        0xf3fed691,0xfc3a25ff,0x257ee5c7,0x4cb43b17,0xf32db135,0xaa654f93,
-        0x02dff2d3,0x44f58d0a,0xa8ca6394,0x78e3f188,0xf3e86697,0x39646cce,
-        0xe0dce87b,0x785b1902 } },
-    /* 240 */
-    { { 0xa92f9a20,0xfcce2361,0x9d64540e,0xb7bdca87,0x1d00d7c5,0xd4739a85,
-        0x2e97c926,0x067ac8dc,0x78da6a8b,0x2aea3ffe,0x63c51b69,0x6828bf54,
-        0x7155141a,0x76f1c479,0x3977d810,0xf4bcbef6,0x541bce7a,0x75bc4949,
-        0xd17041a5,0xe01f4066,0x87755eaf,0xd282d5bd,0x59e7ae80,0x6e2107dd,
-        0x382ab36f,0xaa56e166,0xb9d1d634,0x65ee8ef6,0xce4ed844,0x99a2160a,
-        0xb7712c27,0x6557c367 },
-      { 0xd75b6e52,0x561b0268,0x118d0e89,0xb0813640,0x6a2eb1ae,0xcff53330,
-        0x6d090894,0x4e462226,0xb5fc1d48,0xbb351227,0x57a3062d,0x9365ea07,
-        0xd66e2dc5,0x4caca37b,0xb9095887,0x220d7d23,0x8c4473bf,0x9c0fd393,
-        0x6787da4f,0xadff370a,0xd057f4b8,0xef0aebcc,0x1173f33a,0x205e744c,
-        0x925a26b4,0xb8d1f0a5,0x722fbbfd,0xa9364f49,0x8227d284,0xc891ae77,
-        0xa0e08ab4,0x15c40d04 } },
-    /* 241 */
-    { { 0x2a0e18d1,0x9baf169a,0x4c0327c2,0x9971c017,0x7bc262ce,0xd81a323f,
-        0x818ff379,0x2099db8d,0x4cd3c330,0x663f663d,0x011a0553,0xef5325c3,
-        0xf980a470,0x9cd70bdc,0x1c9ed070,0xe64452d1,0xac676e13,0xafbf43f4,
-        0xae85c2a5,0x97bec0a6,0x470490c4,0x2faae550,0x491e6ba9,0x0ab97a87,
-        0xaafa9914,0x4055f537,0x36726557,0xfc95adbb,0xd119d6bf,0x646343b9,
-        0x9d341e37,0x788e94a0 },
-      { 0x9c53461a,0x053a6fe5,0x08e3b6ed,0x75ec897e,0x0768d939,0xa8f5d2f3,
-        0xcc213d4f,0x9bd6bff6,0x05b0147c,0x590c7b41,0x7c7b8169,0x20a3628b,
-        0x5bce78e9,0xc66a086e,0x4dec1d8f,0x3dd4d282,0xc19dcce9,0x890acf44,
-        0xd8435a7e,0x6632d875,0xea6381b2,0x590167c1,0xf0dcc128,0xb2259797,
-        0x46f8d463,0x91a612b4,0xc15efa39,0x42185d78,0x119f6788,0xdf55ec37,
-        0x780dea93,0x91b19cc6 } },
-    /* 242 */
-    { { 0xcb5d8b80,0xebf2709d,0xfc35660e,0x03b96182,0x055ef969,0xb873d991,
-        0xe47c4342,0xd1ea4b4d,0xd54f8867,0xcc4b9244,0xfd8d77ef,0x93b1a2ca,
-        0xe8c1f563,0x068d24e7,0x49973056,0x5f5fabb6,0x0542374f,0x83248c50,
-        0x3f38e913,0xc36de2b5,0x7bb680be,0xed07e8eb,0xd8f313b5,0x964813d7,
-        0xafd2d392,0x7bb6a069,0x0848a31a,0xc06d848e,0xe4f0c325,0x6867fb2f,
-        0x067343af,0x3c2ba834 },
-      { 0x9d3ad63b,0xab62d775,0x59e0eb1f,0x3f9cab97,0x3885e117,0x70332a63,
-        0xe20b2f9e,0xf22cafce,0x49eca947,0xb529ba7e,0x6228d88d,0x24954216,
-        0x39239561,0x80ea23ec,0xd4370644,0x1b8907e7,0x563e4e44,0x4b7fa455,
-        0xb2a4b0fa,0xcca9829e,0x48060792,0xd0a720a4,0x246991ce,0x8ccdda0c,
-        0x348d086b,0x37a2325b,0xf60aee13,0x566ed509,0x147f253f,0x3d30e091,
-        0xc1073bd8,0x1fa627a5 } },
-    /* 243 */
-    { { 0x42478fd4,0xa11222a2,0x670b2000,0xacf4c6f1,0x8359c6de,0xf71bb04f,
-        0x7b93cdbc,0x618e2829,0x230db60b,0x96e1bae3,0x965b3b29,0xf17fd3b4,
-        0xbc7055dd,0xa58639c6,0x4b817d7f,0xc3ea92ed,0xd23b08a4,0x9082b2a6,
-        0xdc17010e,0x8471228a,0x20e89d97,0x753b9e46,0x03ff77c9,0xcf7e4f97,
-        0x2bbe60e5,0x6c3f8245,0xb80e017d,0x9e432cbc,0xc0a45edb,0x150a5acd,
-        0x4798743e,0x67b8bd05 },
-      { 0xf4797cf7,0xe66079b4,0xd03fde02,0xe31c998a,0x54caaef1,0x5aa3763a,
-        0xf7649711,0x64d9a1fe,0xaf29b1a7,0x7ce0dc73,0xfb66ca93,0x6661b083,
-        0x32fb6a78,0xbf4d74fe,0xdf00a561,0x25f6ef09,0x831d1159,0x2bc4383f,
-        0x536bde37,0x6d5cc10c,0x882cc65b,0xd4945f9f,0x451a99b8,0x81f48f13,
-        0x6bac11a4,0x140161cd,0xf18a4a0a,0x9d94d4ed,0xa467a824,0x65363165,
-        0xa4c9aedf,0x74297aa9 } },
-    /* 244 */
-    { { 0xe21124ba,0xc49758a4,0xa87ffbd2,0x99bd8198,0x3d6638a8,0x45fbcdd1,
-        0x15f7bf76,0x94645ff8,0xc4e6d57e,0x5fa6736f,0x92e61db9,0x1eae6475,
-        0xcbdf944a,0x79575c0c,0x25b31d74,0xa3d13047,0x4cab5ae6,0x7881df22,
-        0x1a2887f2,0x8dbfd299,0xa26ac459,0x23d07590,0xd8661d4a,0x2e589852,
-        0x8a0140f7,0x37b5c13b,0x3fb3782a,0x0f94199e,0x1bc14e90,0x722aa059,
-        0xd55bbb12,0x89aab7ba },
-      { 0xd656bdc7,0x8b345a96,0xe176cd3b,0x43bdc8af,0x32d64c43,0xd69518b6,
-        0x79b82b41,0xfcf364a7,0xffb0cf82,0x907b344e,0x5101287b,0xf3d0c83c,
-        0x34cd90ef,0xe9f26a59,0x07082b5c,0xe5f5aaf2,0xece7c165,0x4eb72c75,
-        0xbe986cd6,0xe9590a81,0xff1536aa,0xfeef498f,0xa8263d5e,0x04560243,
-        0x54ae872b,0x940be14f,0xe3207686,0xbee7bcc9,0xc1bc4d7a,0xd496a27d,
-        0x5940ab46,0x002dc297 } },
-    /* 245 */
-    { { 0xb69d60c3,0xee533937,0xfe972755,0x260be552,0xc0c725a6,0xb11fb78d,
-        0xcab2e7c2,0x6982c27e,0xee2322cb,0x4bceedd9,0x122704f7,0x952b19ed,
-        0x854a6165,0x2df4c285,0x7b192485,0xba40b5bf,0x0119f52a,0xfcbca950,
-        0xe5add86f,0x7467d1cb,0xd9d0f2c1,0x9bf536fb,0xb8d4ebc9,0x3c296e34,
-        0x05a81317,0x0495f8f4,0x73335f76,0x8c59e8d6,0xe0542122,0x0b53d324,
-        0x3c3bda73,0x4d564535 },
-      { 0x7e5c0877,0x7322f800,0x0ca9a764,0x481b43e6,0xa2c12716,0x231f4f4b,
-        0xed3136c2,0x09596857,0x38db30de,0xae826322,0x99908ebc,0x652fad40,
-        0xaf0d231e,0x0b8d1814,0x09cbc349,0x2680c54b,0x4bf3bf8e,0xfd4562f3,
-        0x092b595f,0x2985090b,0x5e15fc34,0xe6f39ca4,0xbc378168,0x70175191,
-        0x845a4a87,0x906944b3,0x82a1541a,0xacc6d74a,0xb155c8b4,0xadc9bab3,
-        0x77306c62,0x1f2f89ce } },
-    /* 246 */
-    { { 0x9affefdf,0x8253ef41,0x4cf9256b,0x05d7ece5,0xb444e483,0x377002f2,
-        0xcba5471f,0xb189755f,0xd5cbe015,0xc88483cb,0x6a0b8429,0x254f7c69,
-        0x61f3f61d,0x18850bd4,0x0a247157,0x7ba21089,0xd92eeb0d,0x35abbc2e,
-        0x965dec89,0xfb56cabe,0xbc55684a,0x9da23724,0x6a7a7492,0xd8ba396f,
-        0x2ef4ba46,0xfcb90db7,0x9909b27a,0xdd234fe0,0x76f4366e,0xbdf3c164,
-        0x17e50d47,0x09c8097f },
-      { 0x60050c07,0x6a04b140,0x43a8e37e,0xc29e8318,0xbb55e41f,0xcb9429b2,
-        0x2ce60e3a,0xed2fea5a,0xdb9d82f4,0xdc7b1ff3,0x687d37fa,0x48ebecc3,
-        0xecb07539,0x79153e32,0x57075692,0x6a60054f,0x800759ba,0x3871cd0c,
-        0x30922df1,0x17a7386f,0x83357b7c,0x4e9fc59e,0x39415186,0x1d26b3a9,
-        0xd34db889,0x912a0222,0x59fcdb71,0x6672fcf4,0x44ff3036,0x5a3f268d,
-        0x6911e16c,0x6f113ed3 } },
-    /* 247 */
-    { { 0x1836f1c9,0x52a9df59,0x4232307d,0xfa6519f5,0x5ded285a,0x8406c701,
-        0xaf627f75,0x0a1545ca,0xace0417d,0xae1111ee,0xa6113443,0xfb28bdf6,
-        0x52dbcbcb,0xde9ef0ab,0x7813e658,0xe9dc181b,0x99127225,0x0b1dabdb,
-        0x22814c59,0x5f0598e3,0xd934ee7e,0x5c3b966e,0xb99ba4bf,0x4eb84eda,
-        0x3c1b55e7,0xb2919a34,0x94aa860f,0xa9addb49,0xf6811ff6,0x1b7220df,
-        0xd1a183e2,0x6636a23b },
-      { 0x20587283,0xdf5d5a2d,0xef07fc5d,0x0b3822c9,0x0ef6de38,0x1786bd55,
-        0x25d1671d,0x163cf907,0x1cdb1def,0x74bf971f,0x0842fc4a,0x5749e830,
-        0x27f854f7,0x0e2edbc7,0xbce24acb,0xbb27bbda,0x05bed08d,0xc1b19cec,
-        0xf7c904bc,0xaada123e,0xd89982db,0x02429f1b,0x65f6e632,0x49d3616e,
-        0xee59fd32,0xa3789fa8,0xfe9f29f5,0x160ba3ba,0xaf5378a0,0x0f2d3b61,
-        0x73c2a6f8,0x7aeecc76 } },
-    /* 248 */
-    { { 0xdc43b0db,0xf3a4757c,0x98119cad,0x3d8a4e85,0x4616c156,0xf8095bf6,
-        0x4f533e97,0x3e2a07bc,0x39cfc5ad,0xa9824367,0xcd68052c,0x18a6ba3a,
-        0x8a1cec66,0xbd60e590,0x02b1b695,0xae3841a5,0x190a195b,0x986dff12,
-        0xad31fd9b,0x2df2beac,0xcc728f7b,0x7d893224,0x0cf0a992,0xc38ea738,
-        0x586a44ea,0xa8439a80,0x1615f03c,0xede7f7f0,0x27a1f885,0x48249908,
-        0xb78a7645,0x28ec4006 },
-      { 0xa2fe0009,0xe1820c2e,0xf13874e9,0xe11ba5d2,0xc524db52,0x97522454,
-        0x7fede529,0x4d477426,0x9b2500d4,0x01d3419a,0x1869244b,0xce08a492,
-        0xdd1be1b9,0xba169023,0x32a301e0,0x242c3e54,0x70906788,0x9b56f7ba,
-        0xc74a8cc4,0xf0ad2a09,0xd76f9439,0x99cd1841,0x621fb60e,0xeddafe0b,
-        0xbc397634,0x056bee54,0xff7f0a84,0x4653f860,0x2011c0af,0x6bd4876f,
-        0x0c9525c3,0x134f4cc7 } },
-    /* 249 */
-    { { 0xe938dff4,0x9621a3ec,0x486a79a3,0x7d101a7b,0xde950537,0xf2c4ef97,
-        0xe65d87db,0xf3184099,0x373b8cfa,0xb89c7ffb,0xe842916e,0x68baa505,
-        0x4ebea764,0xa790fd09,0xe592892b,0x679df6d4,0xfcfed741,0x2023331c,
-        0x9880ff21,0x0bf4efd2,0xd0344501,0x7ca78ddd,0x342858c8,0x2cb09ecb,
-        0x2575487a,0x9e5eb6dc,0xebcb0491,0x50675a15,0x7381d471,0x09d2e74f,
-        0x83d3d6f4,0x6ea37829 },
-      { 0x4e5cc40a,0xc65c094b,0x1af37dfb,0x7a2e3f6a,0xf9026e44,0xef677e9d,
-        0x93880f53,0xb7878c95,0x7f644aa9,0x4aa30b07,0x2f208c3c,0xa0c51683,
-        0x658d663b,0x7c0277ae,0xae1d9130,0xef0b3c38,0x695c3ea4,0x302f37a7,
-        0x6a0c5e0d,0xe004c1c5,0x20cbcf9f,0x9fd495c4,0x568a0e7c,0x706d5b9d,
-        0x59286454,0x8b225dff,0x8d9a709c,0x527d4465,0x87c08d68,0x47c558da,
-        0xbb4ef07d,0x606ee6e6 } },
-    /* 250 */
-    { { 0x57c621f6,0x02d99fc7,0x7fe83d48,0x292e40c1,0x9ef199b0,0x1bdfc7a1,
-        0xe62c7666,0x78a04102,0xe6738753,0x16cda370,0x1e3a65af,0xbc81974d,
-        0xf78fe209,0x19742048,0xbf5981c6,0xc83a058a,0x9c89702d,0xf26b2434,
-        0x9d1a678a,0x988b2f1e,0xff29ae29,0x472bf9b0,0x1d7cf5ec,0xa143e398,
-        0xb268ddd8,0x9c9d7e45,0x5fc4ff76,0x166cda55,0xa4aa7673,0x6044cdf0,
-        0xe9148707,0x49dba6f7 },
-      { 0xa758e37a,0x20e47fb2,0x2d8eaf66,0xaf6b31d7,0x6f9c2210,0x352ad5f9,
-        0x90efc32b,0x0093f727,0x41e4b264,0x435c99dc,0x05b15795,0xbfa878e0,
-        0x0e673575,0x99c520a4,0x87eea759,0xca682594,0xf12a348b,0x029f7b81,
-        0x2aa2ce35,0xa547cc18,0xead5e2c5,0xa11d874b,0x55682cdf,0x9af0349b,
-        0x8bbe8e66,0xf86ebfea,0xf55394ab,0x3dab8782,0xebc8eb8f,0x458bf797,
-        0x9b7de78c,0x4890a7a4 } },
-    /* 251 */
-    { { 0x8da995f6,0xd7299689,0xec6156ef,0xd39eaae7,0x356a82d5,0x6959040c,
-        0xc135bcfe,0xb2046b21,0x0f595c78,0xea720b64,0xe7c5fb40,0x02824efa,
-        0x0edb3bfc,0x97d8fd4c,0x79f24ebe,0x12f02905,0x187ea6b9,0x16fc47cf,
-        0x789d5c23,0xc219fd27,0x89263ecc,0x233a6b6c,0x8b6d30a6,0x823634b2,
-        0xc9b33680,0xca352e25,0x40c77456,0x9388d6ca,0x3c92065b,0xf8e55b0b,
-        0x02439a76,0x5c17474b },
-      { 0x8aaccab5,0xd888e7c2,0xaaced05b,0x18027836,0xccec0f65,0x185b877d,
-        0x125c2882,0x93cadc1c,0x67fdc54c,0x45df540a,0xc2788a33,0x4f3c86e2,
-        0xe3a0fa2c,0x3e874469,0x273983cf,0xc59daa47,0x4a96d8a5,0x3063c48b,
-        0xc2e58915,0xc38d2bcf,0x84e428c3,0x90e78b87,0xf0c4fd53,0x900a292c,
-        0x941e6005,0xb7f92db7,0x6ca53a1c,0x95679241,0xb1ab0fa7,0x35f6f31d,
-        0x7b58408c,0x5d675eb4 } },
-    /* 252 */
-    { { 0x870c6025,0xaeee1a77,0x91a2dfca,0xfc4a23b7,0x386b64c4,0x7b0e60c4,
-        0xe5ae72b1,0xd5d5b17d,0x9eefa212,0x6dfc88ac,0xd4038b96,0x4feaefbe,
-        0x8e2d2ecc,0x099ac356,0x012af207,0x548ea612,0x89c31218,0x4ffed9db,
-        0xe0e67331,0x1c1e91c4,0xaf8300e0,0x009bb64f,0x6773c3be,0x8780501c,
-        0xc08219fa,0xe0cd6ede,0xf81b06ff,0x7c055e07,0xe080b36f,0x82b63f9c,
-        0x0a9feca3,0x02fccbaf },
-      { 0xb47cac61,0x9991d4d1,0xab86e12c,0x2e9d1687,0x2b94f042,0x8c6855ec,
-        0x48e648e5,0xca400519,0xef89ac57,0x9ba91fb2,0x1be792cd,0x4f419206,
-        0xbd0f1e15,0x82d221cb,0xfc444019,0x062eb13b,0x99790fdc,0xf3a97c32,
-        0x6067a64b,0x4e796d94,0x6d23775a,0xc46dd300,0xed7f0f23,0x8672c4d5,
-        0x3b4f63d7,0x821851dc,0xd26273f2,0x50a3ae0c,0xeac60f6f,0x800e58fc,
-        0x13845545,0x56f1e456 } },
-    /* 253 */
-    { { 0x32c24f3b,0x01ccb3f6,0x06d817e6,0x99eb1c7f,0x6aa26776,0x8dc640bb,
-        0x0845d5e0,0x7838affe,0xf81a79a8,0xf34fecb1,0x3e6819b0,0x6a2e282d,
-        0x8237a4b8,0xc4b977ce,0x87636439,0x0f46b3db,0x97970497,0xa465f540,
-        0x8791be43,0xd7e08762,0x34198ec6,0x00220b6c,0x093d94bb,0x57b38637,
-        0x29d690b2,0x84012e16,0x20aad1a4,0x02ec9db5,0x85dc34e3,0xafee2fc6,
-        0x25500cf8,0x911d1936 },
-      { 0xf5e5af5b,0x13b1bd58,0x7b6a22a7,0xa7ca263b,0xf3af2adc,0xab6bec4d,
-        0xa04420bd,0x16651e59,0x4ba36c11,0x3b448b3b,0xff424310,0x3c62bfcd,
-        0xf1a96cbb,0xde15c4a5,0xe4d1f980,0xbe0ad8a1,0x36673a3a,0x812bd14e,
-        0x9212acdd,0x40303af6,0x576095ce,0x8f6dab9c,0x107f5ca5,0x7df1882a,
-        0x8896a3b0,0xb903e63c,0xd863b3f0,0xf5048544,0xc09887de,0x5e5019b9,
-        0xa0f53865,0x2be744fe } },
-    /* 254 */
-    { { 0x5b50f324,0x054cd05f,0x1ea3c7a2,0xb9b1eb24,0x7ff8e6b7,0x4a858a5c,
-        0xec040882,0xd83902fe,0xd0cba9bd,0x72b26494,0xb29c9e1e,0xd0176f90,
-        0xcebadb81,0x05d4eb02,0x372b8bfc,0x874405b1,0x79ead190,0x5c412881,
-        0xec2b48cd,0xd44a3dd3,0x3f4d5033,0x84499a77,0x564c3a09,0xb37b38cd,
-        0xf42e803b,0x80e99497,0xb8f518b2,0xc07b47a0,0x3568fde4,0xc710e3c5,
-        0xcead0e7a,0x735f542f },
-      { 0x38380039,0xcaa9a171,0xf74d19c8,0xadfafe17,0xccbc1a8b,0x92d4393e,
-        0xfe029705,0x3c5dbf39,0x930e9b36,0x4552b5ab,0x2afd494a,0x7ee63032,
-        0x3f02ac43,0x826a9ad7,0x99356298,0x98c53562,0x7342bb39,0x0c869f87,
-        0xe4f9b79a,0xd7510020,0xd34789a9,0x6361d1a4,0xcfa85637,0xf0ded5ba,
-        0x88ac07e4,0x407ee73f,0x09ef1cbd,0xfac7d03f,0x4d475bad,0x25d697cb,
-        0x14bd399e,0x1e984c9d } },
-    /* 255 */
-    { { 0x4850c817,0xc76d0561,0x3489812d,0xb08a5b19,0x5e58cbbe,0x7273d154,
-        0x4be61e5a,0x8900b5fa,0xd7aeb8e1,0xaa088691,0xd35a3d4b,0xe66666af,
-        0x57ec7d3d,0x38a2c199,0x668d6f5c,0xa0648e8f,0x7adc1746,0x1f9fc92c,
-        0x843065c3,0x23a116c0,0x61e6ae69,0x36370a20,0x2aa47e73,0x626c3736,
-        0xdeff6d84,0x540c25f2,0xcdbed2d4,0x9804824c,0x039a9492,0x4b5bfce0,
-        0x76942e01,0x6c474a56 },
-      { 0x7d88e3a1,0x3aeb9a41,0xc484742a,0x105d3c88,0x3fe61131,0xe59de8d1,
-        0x1a869e8b,0x148f5b6b,0xaa75d90a,0x7a8abc59,0x62146013,0x2f0c9bc7,
-        0xc3824cd9,0x43faa747,0x6a5d0b92,0x81763a18,0x9bcbaebc,0xbbc341bc,
-        0xf745d1dd,0xe1813160,0xb75ce5f4,0xa53ce52d,0xd50de4c2,0x15eae66c,
-        0x75d7656d,0x5ed8996c,0xc4ca552a,0xe4ff5711,0x3c5305b4,0x215e985a,
-        0xfa1ba2ce,0x6b258954 } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_32(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_32(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#endif
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-
-            err = sp_1024_ecc_mulmod_base_32(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 32 + 32 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32 + 32 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 32;
-
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_32(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-            err = sp_1024_ecc_mulmod_base_32(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            sp_1024_proj_point_add_32(point, point, addP, tmp);
-
-        if (map) {
-                sp_1024_map_32(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 32);
-    int err = MP_OKAY;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_32(point, gm);
-            err = sp_1024_gen_stripe_table_32(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 32);
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 32, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 32, km);
-        sp_1024_point_from_ecc_point_32(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-            err = sp_1024_ecc_mulmod_stripe_32(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_32(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_32(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_32(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_32(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_32(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_32(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_32(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_32(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_32(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_32(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_32(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_32(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit tx[2 * 32];
-    sp_digit ty[2 * 32];
-    sp_digit b[2 * 32];
-    sp_digit e[2 * 32];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 32 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 32 * 2;
-        ty = td + 37 * 32 * 2;
-        b  = td + 38 * 32 * 2;
-        e  = td + 39 * 32 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 32, base);
-        sp_1024_from_mp(e, 32, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 32);
-        sp_1024_mul_32(b, b, p1024_norm_mod);
-        err = sp_1024_mod_32(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 32);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_32(tx, ty, t);
-            if ((e[i / 32] >> (i % 32)) & 1) {
-                sp_1024_proj_mul_qx1_32(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_32(tx, tx, t);
-
-        XMEMSET(tx + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_32(r, tx, ty);
-        err = sp_1024_mod_32(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][32] = {
-    { 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-      0x00000000, 0x00000000 },
-    { 0x335c1685, 0x170a46d2, 0xe1007a58, 0xeac9e971, 0x43ca4a73,
-      0x40e8f3df, 0x82642475, 0x2646f815, 0xb36576d1, 0x3af49bb4,
-      0x72bf1afb, 0xd89e2d14, 0x2fd151e6, 0x27be882c, 0x8f88717c,
-      0xaddedc85, 0x16ac6c6f, 0xd6d859bf, 0x2d8eae58, 0x0e741a1b,
-      0x61c1f30d, 0x6faf7a00, 0x9b67e096, 0x66dbd09a, 0x7d3b4f7d,
-      0x21f11c06, 0xc727c98e, 0x6152ba02, 0xe86cb221, 0xafd58891,
-      0x6bd3baf4, 0x59e93c6a },
-    { 0x71dd4594, 0xe54dd36f, 0x00aef1e6, 0xbbc9cc9f, 0xa19f6530,
-      0x9ea5a44e, 0x3f520928, 0x8588aa99, 0x8f5c1418, 0x9753794c,
-      0xc11399fa, 0x118bd792, 0xf5cb6ab5, 0xb9bd3afd, 0x2ecb9652,
-      0x813d1cb2, 0x40389813, 0xfd456267, 0x4ac8431c, 0x51f7119b,
-      0x0a180eb6, 0xdd9f6a91, 0x9f7bfa2e, 0x13946d17, 0x50a9d0d9,
-      0x16f18631, 0x6f8373d3, 0x5f19c20d, 0x9b6a52b9, 0xbe85ac6a,
-      0x74f62e03, 0x63ef187b },
-    { 0x016f45e7, 0x7c376b7f, 0x2bec82f8, 0x1c1bdb57, 0xce429b60,
-      0x7392f741, 0xc7afd81d, 0x6fdbf0a2, 0x7241098b, 0xbda41b1f,
-      0xbb60f8cf, 0x5b407474, 0xb330bc4d, 0x933e0d41, 0x733fa3be,
-      0xae182830, 0x0f5c6cd1, 0xa0ed299b, 0x3f9860c8, 0x7ff3354e,
-      0x15559c41, 0xb1360986, 0x129f85cb, 0xab0cb63c, 0x47685fbe,
-      0x682ecc49, 0xeb199633, 0x505e8ec2, 0xddac2cda, 0x90dcc794,
-      0xf192da23, 0x4fe6791c },
-    { 0x05e8733c, 0x94a423d5, 0x1d5717c1, 0xcc845e65, 0xe961b322,
-      0x237c7e88, 0xdb4181cc, 0x0c4471c6, 0x713bd721, 0x00c875e2,
-      0xb2c17b09, 0x9dfde9ed, 0xe88ceaf6, 0x430a6de5, 0x7b81cea6,
-      0xaaa7a61a, 0x233f98d5, 0xea52d026, 0x60689a9a, 0xb55efdd0,
-      0x5cac4aab, 0x30cfa7ce, 0x8e950761, 0xfa4db114, 0x4e9a1e52,
-      0x309570c4, 0x1a040170, 0x18c21f61, 0xbe78d9d2, 0x555d1ffe,
-      0x561db297, 0x04482a18 },
-    { 0x73d486d8, 0xe7758ac2, 0x61cdc1e7, 0x8169f946, 0x2188ab4f,
-      0x723c99fc, 0xf3373630, 0xa0e54f02, 0xbd8c2260, 0x560bee25,
-      0x4531bc60, 0x28fc307c, 0x7e44feb5, 0xd6f21f1a, 0x57128d37,
-      0xc8e4499c, 0xd7b2ea45, 0x963b053e, 0x32a3d222, 0x40c27a04,
-      0x35459668, 0x5b51854d, 0xd73557e9, 0x66e1a49f, 0x8692077a,
-      0x0d267fd9, 0xe7342702, 0xfa1350d3, 0x68ccdb44, 0x1a9c3f25,
-      0xdedbf89f, 0x833a0ff8 },
-    { 0xab376b76, 0xa8c419c7, 0x27d0f0cc, 0x3b7294f3, 0xa90c514d,
-      0xe56bb9e2, 0xa62575a6, 0x931ba51e, 0x098c0a88, 0x56fee07b,
-      0xb4c16a2a, 0x04be5aee, 0xe6eb260b, 0xe513350b, 0xa1d5c270,
-      0x339edad6, 0xe9dbadd1, 0xf366ed59, 0x2dd06ec0, 0x4213be88,
-      0xcb1187db, 0x22d639c8, 0xd8a1058a, 0x1fec95e1, 0xa2b744f1,
-      0x03f73ea6, 0xf4f05c0c, 0x741fd51a, 0x85f811a0, 0x2e2df95a,
-      0xeb24965f, 0x692b3ce3 },
-    { 0xd2a127b4, 0x0ce6cb72, 0x8f92816f, 0x66a46ea5, 0x47a37616,
-      0x43ecf463, 0xe0ab96ee, 0x163d9a01, 0xb2edbe8c, 0xc8145c6d,
-      0x4de4e665, 0x2f426cae, 0x74e252f9, 0x174d0b40, 0x7d2af831,
-      0x54c240d7, 0x3d652936, 0x581fa397, 0xa09d4695, 0x05b9491c,
-      0x5452643c, 0x8c4e8533, 0xd4128327, 0x32d64331, 0x70361f25,
-      0x64479038, 0x89ef09f2, 0x774191b1, 0x81de5fe0, 0xc0cf0aaf,
-      0xf40042d6, 0x333e430a },
-    { 0xcf26d3b7, 0x5df04de4, 0xb53f79be, 0x57a77306, 0x1808b664,
-      0xa4013c5f, 0x85037360, 0xef291ea4, 0x0b061037, 0x1ffc9d7d,
-      0x65c913bb, 0xd9d04dd9, 0xf13b8587, 0x948a37af, 0xfe3ee755,
-      0xb5443483, 0x04631386, 0x3fc21e74, 0xcddeb58c, 0xb3a104e5,
-      0x6572cd52, 0x94fe1862, 0x15aaa408, 0xeb9a71a1, 0x459ea462,
-      0x8adc6fe5, 0x4aeb02a3, 0xbb18d175, 0x2f7791d1, 0xae127636,
-      0xd6bbd708, 0x10e8b31d },
-    { 0x3ed9f1af, 0xb87f03e5, 0x56676166, 0x03ad2477, 0x74ce15b8,
-      0x38dcd630, 0x26b1e85b, 0x1877e2b0, 0x1af99c15, 0xb1654d17,
-      0x9382547a, 0x9782e9e4, 0x26d55ef5, 0x6dc7fc7c, 0x2fbeb54c,
-      0x9038f95d, 0x036c0357, 0xfe590dfe, 0x4fdc3f7f, 0xcfcb6eae,
-      0xf35e1a88, 0xcb1fbc54, 0xda0a5568, 0x3c8e1db2, 0x5b6f5557,
-      0x9a87393f, 0xe7ac0a06, 0x38646b32, 0x2a8495ab, 0xfd261c83,
-      0x0cdcc4bc, 0x6485524c },
-    { 0xc4a6ff2a, 0x1abfb3e2, 0x35a6428a, 0x2aa03fba, 0x89aff742,
-      0x884227f0, 0xba5dbd93, 0x2337883a, 0xd2a182cb, 0x38186ae9,
-      0x49a01f05, 0xb9f0764d, 0x917b1e7a, 0x92411feb, 0x570cbb5b,
-      0x700b1903, 0xb914be7c, 0x5d5181d5, 0x1981182d, 0x135c4437,
-      0x574b9997, 0x32758d24, 0x632d28b2, 0xa650a8f5, 0xfa383f09,
-      0x24078bac, 0x00a33d80, 0x6546a60c, 0x2df8b449, 0xa4061c7a,
-      0xf234563c, 0x1f76f3f2 },
-    { 0x44c436b0, 0x9aa2c143, 0x1f69c87a, 0x79070556, 0x5f6db2df,
-      0x35f3117b, 0xed56ba82, 0x85761f41, 0x7d0afa48, 0xf831464f,
-      0x3adce71e, 0xa99f2915, 0x116b7488, 0xb27bf693, 0x9bb9443a,
-      0xa98a5a8c, 0x2ee5fde8, 0x7f878026, 0x1812acb7, 0x3a6f93dd,
-      0xdc84bc92, 0xaf92a4cc, 0xf1d4995a, 0x3c2562af, 0x04ed899d,
-      0xfd9fc33c, 0x4ed2a538, 0xc028ca94, 0x049ea726, 0xd0f367bb,
-      0x3d108e05, 0x04924ffb },
-    { 0xc673562f, 0x06548e3d, 0xe2eae48c, 0xd3b33025, 0x5e1c6977,
-      0xe61fd32b, 0x6ebe557b, 0x424e2064, 0x41d6e18e, 0x767391c0,
-      0x14d7e95b, 0x4b8ebb8e, 0x20991b8c, 0x4ae8b7d4, 0xe01290d3,
-      0xf8a0df66, 0x925e5f4e, 0xc97e24a3, 0x1508272a, 0x79a7b2cb,
-      0x25072661, 0xb40b072e, 0x9062fa49, 0xdad9e182, 0xf3c53bce,
-      0x8780a784, 0x9f142799, 0x58a82b76, 0xc1468426, 0x08cd849c,
-      0xc380ae35, 0x4dfce809 },
-    { 0xd527b780, 0x45069cb2, 0x977930dd, 0xd52da015, 0xe27d0263,
-      0x10cc600b, 0xbb2d1b2b, 0x34102c26, 0x554adf3c, 0x4c652623,
-      0x45f0ff47, 0xd6891382, 0xca916e7c, 0x83fa8cc5, 0xd15c8d8a,
-      0x1e10f139, 0x81dc56b3, 0xf173dc2e, 0x5c4ed9ba, 0x7fcecb04,
-      0x47d01228, 0x307fd7d8, 0x9f3a532f, 0x24a57153, 0xe2153c22,
-      0x59e9e81d, 0xe428a408, 0xc562595d, 0x9339bd23, 0xdc7daff8,
-      0xb8a06802, 0x0d075908 },
-    { 0xde085f2a, 0x870af2a7, 0xbe99b2e5, 0x88fcd24f, 0x59ca413b,
-      0x88c0d261, 0x8559f851, 0x1f02a2e4, 0xf622da0d, 0x83b96021,
-      0x6dca3615, 0x5c05c2f5, 0x7910c682, 0x0148cf1c, 0x272695be,
-      0x392f2896, 0xa8d64ef6, 0x883d0bb5, 0x1cfcbc52, 0xef0d2244,
-      0x526117e5, 0xf5dafcec, 0xf04928e9, 0xb68612b9, 0x393f2e2a,
-      0x283f744d, 0x700c1151, 0xfbeed7ed, 0xa4360dfe, 0xf2cde215,
-      0x2f08535a, 0x24fa961c },
-    { 0x616df7f6, 0x0767db3f, 0xfbd90326, 0x643057d8, 0x6e82d544,
-      0x174daa90, 0x689643db, 0x2284f345, 0xcc89a060, 0x18b191df,
-      0xd6c27d12, 0xbab46af4, 0xc9895145, 0x5a57f486, 0xcc942f9e,
-      0xc03214e9, 0x41950158, 0x273e1c8f, 0x39ad43ab, 0x8ceb759f,
-      0xe50ee173, 0x5e1b8b7f, 0x8f4d7d4e, 0xf635b1fc, 0x755603f3,
-      0x8eff77e3, 0x7752fa60, 0x201f61d1, 0x4a6fb6e1, 0x94d7a03d,
-      0xfc4f0114, 0x371cc23d },
-    { 0xda90c351, 0x289b115d, 0x364d9c06, 0x6d196ebf, 0xf650b31b,
-      0x77a89202, 0x6f57642f, 0xcc28c164, 0x08100127, 0xdc4f7e36,
-      0xdc4c807b, 0x8836cd08, 0xe00240f2, 0x1280f156, 0x99cb3953,
-      0x3f9a6d78, 0x3a802038, 0x40a494d3, 0xe87d3474, 0x45697e91,
-      0x26dde24a, 0x70d97d07, 0x7640c30e, 0x06f6a58d, 0x5ba6e6c6,
-      0x03c2c0e8, 0xf1bc13e8, 0x330f6a7a, 0xc9f4d78f, 0x3e602e4f,
-      0x0c80fb7f, 0x92b6bca0 },
-    { 0x5f00822e, 0x2e3d5c83, 0xb8b16f12, 0x0e825712, 0x92b0a330,
-      0x81c329c4, 0xa7cc1954, 0x6b4e32ad, 0x1bb1413f, 0x0bee9cee,
-      0x4a92ca27, 0xedfb7baa, 0xea3b9153, 0xcd472afa, 0x00f0c0f9,
-      0xe8f09e7e, 0x5cdebb70, 0xa4e1d872, 0x4a9b63b6, 0xfe2bae08,
-      0x3fd58f65, 0xf40141b8, 0xa3b62759, 0xd7ec5eda, 0x790e3088,
-      0x9aaf6e67, 0x1f277e31, 0x215ad830, 0xcf33871c, 0xe7db4b98,
-      0x4f02f89d, 0x71ff62c9 },
-    { 0x2a4a84d9, 0xaa4c7102, 0x5ebc71e6, 0xe2ee4acd, 0xf1cd6578,
-      0x3b11a8a5, 0xfff120a5, 0x83f5ef9f, 0x09e65033, 0xa4c598e1,
-      0xca044180, 0xe1e9f990, 0xf59828c1, 0x8b832d46, 0x33af536b,
-      0x753f28a0, 0xb6d4f68a, 0x92edc4b1, 0x72ccd1f0, 0xedde692a,
-      0xd2226432, 0xd3aa0f7d, 0xa3d2661c, 0x38dbb63e, 0xfdc37dda,
-      0xf1e19fc6, 0x84ef6b4c, 0x6c18b350, 0xdf1bba69, 0xe6a83fe9,
-      0x5f958273, 0x40fd47e7 },
-    { 0x267140a4, 0x5b88b746, 0xeab6f2fb, 0x6dbbfc1e, 0x69862548,
-      0xdd9ec88e, 0x2eb6efc2, 0x69beeba1, 0x8ac8ff88, 0xcfc2214a,
-      0xb5a21950, 0x95d5c96e, 0x4171fb69, 0x93389c05, 0x1b468337,
-      0x2d85d452, 0x4113425c, 0x14d68a08, 0xec6c2174, 0xe52c0139,
-      0xf730084d, 0x20cf0b97, 0x1f578aa3, 0x1ac16a26, 0xf9b6ae43,
-      0x18b9fab3, 0xd854a695, 0x68d82111, 0xdffbe286, 0x0b334d98,
-      0xe639338c, 0x5b1c1157 },
-    { 0x72b6bb8f, 0x90edaab1, 0x02fc92c2, 0x8dc64ed2, 0xfe694c73,
-      0xf42ba3c5, 0xcb54dce4, 0x316dc65f, 0x632420dc, 0xcb2d66a3,
-      0x056dcf94, 0x16e706e7, 0xa4f32c9d, 0x2809c764, 0xea6edca8,
-      0xab18d830, 0x81c65f57, 0x4fd1ace6, 0x7da12c10, 0x1f91651c,
-      0xc7791a48, 0x0ac3bd66, 0x785e67a3, 0xb6ad1cf4, 0xda0fd591,
-      0xe4d3fc44, 0x6e1c6344, 0xce164801, 0x33e50ab3, 0x84de9cb8,
-      0xa756eef4, 0x963ab83a },
-    { 0xdf4ea5a3, 0x944b47d8, 0x5cfe45fe, 0x96568815, 0x8a3c3564,
-      0xd16e7d58, 0xe7c99e15, 0x84e55b3e, 0xf55071bc, 0x3fee204d,
-      0x04057dce, 0x71006f29, 0xbba75570, 0xfe8c390d, 0x3319adac,
-      0x3645bcb6, 0x7c20bfd8, 0x8189e8b0, 0x7d7d9578, 0x8e550969,
-      0xb99f4e3b, 0x037d1321, 0xa60cfb6a, 0x011b2521, 0x837382da,
-      0x66594aaa, 0x83c1dc07, 0xc89b91fd, 0x076b9884, 0x6b82b899,
-      0xbe45c558, 0x443480fc },
-    { 0x9114221a, 0xf8ffffb4, 0x3e857a7a, 0x4aec4f2e, 0x0fa54787,
-      0x42e2d0e4, 0xd6f96152, 0xef3e6b31, 0xfbfe9b77, 0xb2296537,
-      0xfb43a86a, 0xc2a9d0f2, 0x24572ac6, 0x241284ed, 0xe721ba7b,
-      0xa3868917, 0xc117a78d, 0xdbef7c00, 0xd31605ac, 0x38149071,
-      0x065a8ee9, 0xc2dada9e, 0xc442be82, 0xd5b138d8, 0xf6d72b58,
-      0x9b6c224b, 0x8eb03e6d, 0xb9d355cf, 0xa1700371, 0xab6d1eb0,
-      0xcffaa7eb, 0x97118a88 },
-    { 0xcdecb5d8, 0xbf9c59a2, 0xa93a6866, 0x8083c81b, 0x04774fbf,
-      0x24e0dd81, 0xa02070b4, 0xe779a3ca, 0x0fbfb781, 0x9d352fbb,
-      0x3ef2a1c4, 0xa8b0d820, 0x14b3e501, 0xb858637b, 0x8a882ff2,
-      0x5ba70a49, 0x3b06efa5, 0xa2730083, 0x102fee2a, 0xa42c02f4,
-      0x8a0223a5, 0xe4e76299, 0x85c3fc72, 0xdba2ba26, 0xfe52eae7,
-      0x554fe763, 0x270f45f6, 0x30b5405a, 0xa573387c, 0xd56a177a,
-      0x4b71fa82, 0x17c0778d },
-    { 0x2735e37b, 0x0e6dff1d, 0x656ec572, 0xc9884e56, 0x9ebba978,
-      0xa2f5ac9d, 0xba09f3c4, 0x40fa4518, 0xf5b04377, 0x8c3fa177,
-      0x967a2eca, 0xa1a1decd, 0x0528bd40, 0x768bca70, 0x18691c4a,
-      0xf224952b, 0xe86d5fd5, 0x16e12c45, 0x37859a6a, 0x7a0d9157,
-      0xa0ffce0e, 0x723f4309, 0xa96cc9a3, 0x5a8db79b, 0x1ad23a38,
-      0x6dd12ae0, 0xe2bf5d84, 0x9ffec3a1, 0xa452ed66, 0xd6ce84e1,
-      0x571fe4c6, 0x1219d5c8 },
-    { 0x262969eb, 0x43eaa67f, 0x2f03e773, 0x3a3ab39d, 0x57bb0909,
-      0xe6127e51, 0x8d150274, 0x0f82b0ed, 0xe580bdbd, 0xffffcad8,
-      0xa9743e6b, 0x51d3d075, 0x8bac11d6, 0x1484bdb1, 0xeb24c388,
-      0x95cd9990, 0x7fac67c6, 0x216a61d0, 0xa04e6b87, 0x4308f762,
-      0xcba57cc8, 0x2865dd61, 0xd234a07a, 0x3c296b0d, 0x3a0793f9,
-      0x76f92839, 0x0be29ece, 0x70b57e1f, 0x7e626f42, 0x1314a82f,
-      0xd657f230, 0x2c8d7ab2 },
-    { 0x0825e4d6, 0x67cf5892, 0x6ef83b44, 0xdf51eaa5, 0x1310108d,
-      0x63e665d8, 0x8dd0963f, 0x229f89f5, 0x9df6436a, 0x8c4b14dd,
-      0xd45ebba7, 0x99dae469, 0x5a4df381, 0x118aab77, 0x29e37feb,
-      0xda8978bd, 0xaca2d7ef, 0x69ced5aa, 0xc67d6a8a, 0x6c98d05d,
-      0x77f84a34, 0x7474bf0d, 0xed8cd59a, 0xd4428b2e, 0xd1d398fb,
-      0xb0fd1cd5, 0x94a20b11, 0x596013db, 0x1b404c44, 0x96eb705a,
-      0x4b09d958, 0x2299d277 },
-    { 0xc64397e6, 0x5b9cd58d, 0xbf6dd31e, 0xac198f1e, 0x3e9f1db2,
-      0x5866d8e1, 0x8fcdc68c, 0x405ae287, 0xe53c01fd, 0xa4b280cd,
-      0x411db5f6, 0xdc963f2d, 0xbec4f8a0, 0xed5d5189, 0x916ee98b,
-      0x336fd13d, 0x042df48e, 0x6925b1b3, 0xace0074e, 0x0cf56291,
-      0x25317e95, 0xe8d38b48, 0x821c446b, 0xc7ad1d2b, 0xf0b65934,
-      0x71c44135, 0x52ca0d50, 0x971b736f, 0x27b46c26, 0xaf9ffa57,
-      0x1936618e, 0x21ac6779 },
-    { 0x2d7fbcd2, 0xab420e3f, 0x97bdfc18, 0x12722473, 0x4df5d4b4,
-      0x492033f8, 0x3807b7d3, 0x6fcd4236, 0xb33c3625, 0xdfc19b09,
-      0xa0f22814, 0x13d6f375, 0x037c19b8, 0x70978a59, 0x0ff27b9c,
-      0x4f398997, 0x615a4389, 0xfc0e1a45, 0x3e602f74, 0xffa3496a,
-      0xb261ca1c, 0xc3f1c431, 0xee0164cd, 0x612211db, 0xe7f7be9f,
-      0x30463ee4, 0x92c2e1bb, 0x015f7e78, 0x24483a56, 0x663d88d6,
-      0x0e62d9d8, 0x0e8ec1e7 },
-    { 0x8a0878dd, 0xa88ccc29, 0x6640071a, 0x99ac175d, 0xa5173617,
-      0x90344820, 0xdd58a315, 0x316d023e, 0x88d221a1, 0x30785bd4,
-      0x959c48e3, 0xb74b3de7, 0x4c67a771, 0x42ee0382, 0xe0b91453,
-      0x59ef6cdd, 0x9b237e91, 0x7830ae28, 0x495d8325, 0xe1847a4c,
-      0xd0773666, 0x67b1217e, 0xa294a325, 0x58192c86, 0x864d8326,
-      0x76aa0f56, 0xf4b13e5b, 0xe2a2bd12, 0x1b6b73fd, 0xd850c1c0,
-      0x5d103635, 0x653a795f },
-    { 0x50dcb199, 0xcfe28985, 0x7fa02b60, 0xb35b8e5e, 0xc97603d0,
-      0xbca7d7c3, 0x27f131b5, 0xb0e5288d, 0xe2b12d52, 0x3aa704de,
-      0x1db725c7, 0xe206b1d8, 0xc5d1b113, 0x0b12839a, 0xdb45d763,
-      0x14f970cb, 0xb2125e8e, 0xc997f93e, 0xee7daa26, 0xbd75739c,
-      0x1fef20e9, 0x46ecbd3f, 0x7c6a42b1, 0xf994a114, 0x27fb0fd1,
-      0xd289eb4f, 0x9a40da4b, 0x11186d31, 0xfb9d7976, 0x083f65a5,
-      0xd444675e, 0x30dfc47b },
-    { 0x9eaadfe8, 0xbcfc5ae2, 0xb4d4e812, 0x25027e54, 0x8b533561,
-      0xab0702df, 0x56a6a214, 0xa2b9c204, 0x3059068e, 0xb1a3df7a,
-      0x9883110f, 0xa3514b21, 0xc4b78e1c, 0xb7be2336, 0x3e2f6984,
-      0x17073ce6, 0x2ddf7ac6, 0x86e114a6, 0x07d7c3c8, 0x276192bf,
-      0xeb1ae289, 0x5da69e0b, 0x25184939, 0x983af175, 0x407a3aa0,
-      0x9ac52a4d, 0xae0fe218, 0x1535c7da, 0x397f2501, 0xe16fe872,
-      0x54c212cf, 0x572a591f },
-    { 0x09a5553a, 0x49668419, 0x327733bc, 0x3f054318, 0x3eefd690,
-      0xf9ceb4b2, 0xf22126d4, 0xbd3cbf9b, 0x2fed9578, 0x6d9671c0,
-      0xca0306d8, 0xbba597ce, 0x3d674fe5, 0xb705ed61, 0x67f33f76,
-      0xf1d3622b, 0x11cb8c31, 0x15bcf3c6, 0xe53d1aa9, 0xa38467dc,
-      0xf908ab43, 0x902fe929, 0x8d15767a, 0x6e3e499d, 0x90afd07b,
-      0x8142db5c, 0x6c8b190e, 0x120c6fbc, 0x24919a4e, 0x80c86553,
-      0xd8c82c3c, 0x65c2cbe1 },
-    { 0xa660bb63, 0x684cda20, 0x86e86245, 0x27dc3b0a, 0x6ba0eed7,
-      0x76472cf6, 0x679dd158, 0x79c162e5, 0x08452d44, 0xb6884277,
-      0x413f579e, 0x829bc6b3, 0x95011770, 0x92ea15ec, 0x47738183,
-      0x5e34e300, 0x73e1d2f1, 0x8c3ca349, 0x229bd3de, 0xa5c4f1dc,
-      0x94ef7ed3, 0x783eff1b, 0xdfae7a1a, 0x46db738d, 0x1a099852,
-      0x4353d72e, 0xa0dcf4ab, 0x2533ad58, 0x0e7888b9, 0xd8055016,
-      0x3ba77f66, 0x831440d5 },
-    { 0xf611b2da, 0xf43e2e32, 0xd0fa46ac, 0x5d066e29, 0x820b3c0d,
-      0xe897f3e8, 0x1d3e44f0, 0xc45c28e6, 0xdfd27a66, 0x929d7f66,
-      0x101e8517, 0x735b860a, 0x3de078dd, 0xea3fce98, 0x638ce11a,
-      0xc9977db5, 0x48536b3b, 0x0488382f, 0x64cadfc6, 0x7e0c7a3c,
-      0x82147b71, 0x3cd17f7f, 0x1b411e3e, 0xe95663cc, 0x985fb46d,
-      0x5739ac8f, 0xbcf119ca, 0x385399cd, 0xe15a2815, 0x4a985a70,
-      0x6d5f4566, 0x504c3a8a },
-    { 0xb8fa53c7, 0x00b55283, 0x509474e3, 0x985cff38, 0x437ce25f,
-      0x234d241c, 0xe5a129ed, 0x29832430, 0xaabcc674, 0x6ad38956,
-      0x7ee81ee1, 0xa2dc001d, 0x670b2702, 0x4c23c6b6, 0xa6e8a3bb,
-      0xb35e567e, 0xa69673ea, 0xbc70b3ce, 0xe6e28eac, 0x85a7a9c3,
-      0x5537b7da, 0x2ae684de, 0x6de937dc, 0x5ecac3e5, 0xf8430422,
-      0xbf2ea6c9, 0x77fdc520, 0x38caf7d0, 0x69f56add, 0xc27af0b1,
-      0xc71d21d2, 0x496e4699 },
-    { 0x9fa93467, 0xba14fc82, 0x0eb2a614, 0xc2e37684, 0x4833e09b,
-      0x659bcfaf, 0x3686bdcc, 0xbc859752, 0x81f3216a, 0x40bfd080,
-      0x17c081b8, 0xc463bda6, 0xbb04793b, 0xbd01fa86, 0x2cd640c5,
-      0x5a21ece6, 0x2203d5c4, 0x97bf6a54, 0x951167b7, 0xceb40edc,
-      0x765ba268, 0xd67aacaf, 0xaeab51f9, 0x8ba0d9e9, 0xb0d6863a,
-      0xc14b215e, 0xe5f06952, 0x354cdcdb, 0xcb3744b5, 0x4f2b5ccf,
-      0x13037fe8, 0x13389173 },
-    { 0x45003cd1, 0xee680640, 0x44ae2ac6, 0xfdac17bc, 0xde8e5314,
-      0x4bcd419f, 0xc7cea95c, 0x81e34eb9, 0x38f37e01, 0xbb57762d,
-      0x260990c8, 0xecc4cfb0, 0x50a34a7b, 0x0bc493f9, 0x543304ef,
-      0x68074172, 0x6bc8aa2a, 0xaec0fcb2, 0x3b45fea5, 0x9e7a9b46,
-      0x55fbdbac, 0x4bb2952e, 0x0485dff4, 0x50f0c0a6, 0x4dea4796,
-      0x02c5104d, 0x695e3a02, 0xd2cefa09, 0x6da1f345, 0x4c8102b4,
-      0xf3833fbd, 0x422eb573 },
-    { 0xa6ad3f47, 0xac592eb6, 0x9714ba0e, 0xb0861f6d, 0x07281459,
-      0x57c1e919, 0x64ea5803, 0xcf7c94e2, 0x54b12723, 0x725376ac,
-      0xdafb736a, 0xf2a6ba41, 0xcba03cdc, 0xc89e8920, 0x5b0fd3ad,
-      0xf2e20cb4, 0xd66059fe, 0x26ea5a54, 0x889df8bc, 0xee63fa8b,
-      0x66a3f2bf, 0x40f1c7e1, 0x747312e1, 0x09febc9c, 0x727999ff,
-      0x7d19b9c2, 0xb7fd2b05, 0xa9fbbb4c, 0xa0da2dc6, 0xcfba27d7,
-      0x2c252582, 0x368541cf },
-    { 0x22799d37, 0x510d3c9e, 0xacfa333a, 0x1b677de5, 0x080f795b,
-      0x4e6ae18f, 0xafc8dfc2, 0x69b53c2a, 0x0e842dc2, 0x797541b6,
-      0xac067fe8, 0xd5a6f2af, 0xbd07d877, 0xd0208a03, 0x654be2f2,
-      0x34b473f0, 0xf515e23e, 0xe67c102a, 0x2ac1af48, 0xb00dbf9d,
-      0xb6a13d00, 0xe264fa41, 0x97e94c11, 0x1669786a, 0x86a586f4,
-      0x09d8cf2d, 0xc7f927e9, 0x073bf869, 0x2241a566, 0xb8977880,
-      0x22261334, 0x59a5bf59 },
-    { 0x81347191, 0xe9d1c91e, 0xeb969972, 0x186c1abc, 0xa9d46a7f,
-      0x07888767, 0xdaa7d397, 0xda93cfcc, 0xd91b9aa0, 0x08bee9f1,
-      0xf8dd3c6c, 0x8267fd78, 0x94228100, 0xf93860d0, 0xdadb47fb,
-      0x6a6a71aa, 0xa6156f8a, 0x9caa06b7, 0x39848bc9, 0xaa1b05e0,
-      0x2aaa9135, 0x36ddc237, 0xb13f3bd1, 0x77e7e079, 0x4acc5f4d,
-      0x8d0b5cbe, 0x984cfd36, 0x04da45f8, 0xd3d3e0f8, 0xf14ef618,
-      0x43eb799c, 0x467564c1 },
-    { 0xb6fff5d7, 0x8d725904, 0x92dc4752, 0x037f33af, 0x6d20b8aa,
-      0x9095d575, 0x43baec39, 0x32235fc1, 0x68a2b9b0, 0xa2feb4af,
-      0x94d35c61, 0x61c50318, 0xea877486, 0xac92b6a2, 0x011bc6f3,
-      0x8eb48b15, 0xc79edcb2, 0xa28fe128, 0xa5d2a006, 0x9f71bc0c,
-      0x2f15b850, 0xf3167732, 0x7a036218, 0xfe8d728c, 0x4f81e09e,
-      0x068f39cb, 0x7b7c50d9, 0x1773f016, 0xed6a1e03, 0x0d0f7adb,
-      0x4ee984d5, 0x8a0dee16 },
-    { 0x47366e6f, 0x504991bf, 0xe86c3005, 0xb8084d9f, 0xa40cce36,
-      0x14c4c751, 0x3f1961e2, 0xbbb46aa6, 0x40445e43, 0x56a785f9,
-      0xc91e215f, 0xdb8d1b57, 0xc7ee808d, 0x6a8e453e, 0xbbaa1e8c,
-      0xc0367ef8, 0xe3e18109, 0x310d91f1, 0x7e20a2c3, 0xf97cfd0e,
-      0x554cc277, 0xf1e80c84, 0x7b628403, 0xe89bbc1d, 0x3fe0a17c,
-      0x7778a966, 0xc1f00073, 0x9e9db19f, 0xb6f6bed2, 0x2ce7fe7d,
-      0xee97ce23, 0x7b04b5d2 },
-    { 0x82c5faf8, 0x5b546bc7, 0x8eb81097, 0x1a734c5e, 0xe77851e0,
-      0x3d566861, 0xe956d51f, 0x833a1013, 0xc3c3c37c, 0xc7351731,
-      0xe0c148ec, 0x607738fb, 0xe1bbef41, 0x2ec6f0bb, 0xcfa51857,
-      0x0aa2ac6e, 0x66e3adf0, 0x072902d7, 0xc622d6e3, 0xcd4d5089,
-      0xa6dd802f, 0x3ae21b23, 0x33886372, 0xe5465a55, 0xa8d81822,
-      0xd85119a0, 0x3786977a, 0x4f14d032, 0x9c7b272c, 0x515b081c,
-      0xc99be31c, 0x1c6a95a4 },
-    { 0xc2821363, 0xa6b14ad5, 0x4d17de1c, 0x829c1823, 0xccade848,
-      0xaef5d2c4, 0x82489e27, 0xf412ab39, 0xf081d927, 0x92c9c098,
-      0x75cbad1f, 0x6f87bdf4, 0x1a1d9fb1, 0xf4aadab8, 0xb75f3b76,
-      0x475a7923, 0xdbbba8fe, 0x99dd0ad6, 0x4b70ab45, 0x836f6164,
-      0x34bd9af1, 0x2a464881, 0xba9abda3, 0x5c91226e, 0xe65625fb,
-      0x4cec8709, 0x0818e4be, 0xd4b3919e, 0x14f6879c, 0xa5c09c84,
-      0x30a864c9, 0x72708a02 },
-    { 0xf34a466c, 0x4f33c0b1, 0x7f9d45ba, 0xa1bae09c, 0x0e28785c,
-      0xd70f0fee, 0x90880881, 0x824c7146, 0xbb043da3, 0xe2416c2a,
-      0xcec6f432, 0x733da713, 0xc9793e1c, 0x2b590649, 0xb35c9365,
-      0xdb62d5b0, 0x3e5c1b2a, 0x355eb6e2, 0xbb16b515, 0xcfe8b5ce,
-      0xf709691c, 0x9e081869, 0x61a85bd5, 0xc865f9fb, 0xfae103f7,
-      0xf169d3cc, 0x73467e9d, 0x9525c473, 0x43695113, 0x7db55c0b,
-      0x73265d21, 0x7491c74c },
-    { 0x80d2b94d, 0x312ed5bf, 0xba4b260b, 0x1b8ac633, 0xd62219a1,
-      0xac86c58c, 0xaeb82c8e, 0x317ccf6b, 0x59ef9ced, 0x2dfb29ee,
-      0xe42bcd5a, 0xdaa7d898, 0x5974b201, 0x93e295c8, 0xd9fc5adc,
-      0x69e75784, 0x012aa3ba, 0xd6c4709f, 0xc85d3cb9, 0x1fda9f37,
-      0xd3dd4abd, 0xe5487e25, 0x0b3ba22e, 0x00fd4b01, 0xc6e8dcbb,
-      0xcb591493, 0xbce68664, 0xb7329fab, 0x68906b76, 0x6829d1c2,
-      0x74176841, 0x8bcfd3e5 },
-    { 0xd3c8c314, 0x06882734, 0x11870833, 0x95f0b2f1, 0xc068ba16,
-      0xb937f7c3, 0x77924787, 0x5365e0d8, 0x1f992227, 0x15527e5e,
-      0x27dffd4f, 0x0a069648, 0x2f586389, 0xd58b3df2, 0x6af20ead,
-      0x83446b89, 0x50746257, 0x09d7970b, 0x4022a691, 0xd9e8d206,
-      0x671ec379, 0xd1e5f8af, 0x057fe91e, 0x6f542509, 0x52890418,
-      0xf14dda81, 0x1db932ad, 0xbd78010e, 0x905a9378, 0x3e18d1e4,
-      0xbd37ab49, 0x53cadcf7 },
-    { 0x5e53d0ff, 0x1bb5edf7, 0x888abf67, 0xd886606c, 0x12206d15,
-      0x6491b0f8, 0xe22b6a33, 0xb3018345, 0xb173b317, 0xaba6794b,
-      0x7dc9e595, 0x8c1e5867, 0x239624d1, 0x4e106482, 0xda55dd53,
-      0x61752e59, 0x9e42879c, 0x018b4eab, 0x491f2bed, 0xcaf6784b,
-      0x1e79429e, 0x3dcdb9d2, 0x10f26224, 0x36941485, 0xa650ec5c,
-      0x106f190a, 0xb69a9760, 0x7542a5ae, 0xc32d1046, 0x69bd75e9,
-      0xbf8c62b1, 0x90849964 },
-    { 0x5a93c661, 0xb1390cf6, 0x9db5f056, 0x18486264, 0xa51a1788,
-      0x92a93a9d, 0x6772de9a, 0x1b0cbb8f, 0x7c71487c, 0x6e67febd,
-      0x4e62423e, 0xf9b4382d, 0xbb5a42f8, 0x96fda50e, 0x6089a4f2,
-      0xc921b337, 0x875ec516, 0x49d32d7b, 0xc410124b, 0xbd86d2ca,
-      0xc421fb7a, 0xf6862209, 0xf6b7de33, 0x3e1949ab, 0xe93c9268,
-      0xcdee18f0, 0x08dc4cc0, 0xd4edbd5e, 0x73580d22, 0xc2b75be4,
-      0x468cd7e8, 0x3d7f6ffa },
-    { 0xdffbd5d1, 0xea7b290c, 0x970338df, 0x9d759da6, 0x90feedc9,
-      0x56680b08, 0x42dce68e, 0xbc690af5, 0xb2ae4d82, 0x8519df2b,
-      0x7f195b60, 0x5612467f, 0xd83c21f4, 0x659a342c, 0x55651633,
-      0x55771bf5, 0x548ba562, 0x5fc68935, 0x9492f23a, 0xb5419203,
-      0x9c9c6017, 0x567528e3, 0x511e6019, 0x3f064ed4, 0x1d16a555,
-      0x303f9eb9, 0x2254abee, 0x3e18c4fd, 0xfd434e7c, 0x40994d6f,
-      0x6dde74e6, 0x8fb12d3f },
-    { 0x293cb7a4, 0x6c6381a2, 0xb87b7e4d, 0x453e09f0, 0x078ac3ef,
-      0x4f212823, 0x578cae91, 0xe89ffad0, 0x716ba4dd, 0x4a2b696a,
-      0xf6f580a0, 0x14681a14, 0x4c2f1307, 0x1358f97b, 0x2932fb89,
-      0x87896996, 0x268a5af7, 0x29dd850a, 0xfe239f83, 0xaf771f6d,
-      0x4f47499d, 0x5f20fd2e, 0x867ca0e9, 0x9b643e77, 0x375981ec,
-      0xe7858ecd, 0x19ab1c97, 0xbe946a59, 0x06ff3453, 0x4f9303a2,
-      0x75d237b1, 0x3fcc6731 },
-    { 0xdf21f920, 0x509debd5, 0xc1401b90, 0xfaf70e1f, 0x95a64aaf,
-      0x2429cbfd, 0x2c37a122, 0xf2120855, 0x7deb926b, 0x1d4c93f4,
-      0x9fb3f1dc, 0x12f3e4c0, 0x5b51bc46, 0x56085a59, 0xf10fdbd2,
-      0x2a2f5d62, 0xdf0cb3c2, 0x60dd62cf, 0x6b0f254b, 0x154424a3,
-      0x564612b7, 0xc3a5a05d, 0xa1f5249c, 0xbebe30cf, 0x7e62a188,
-      0x24ec6903, 0xaf429939, 0x75f0fbac, 0xb3fa8685, 0xd41345dc,
-      0xc7151c34, 0x645146fd },
-    { 0xba1924f9, 0xecec633a, 0x006326e1, 0xbba6f136, 0x7e50fc17,
-      0x203757ac, 0xef3d8e00, 0xca531919, 0x51dc5a74, 0x9545a6aa,
-      0xd31412b8, 0x6e21d58f, 0x7bb1d000, 0x01bc3005, 0x6ed1a9c3,
-      0xf1789c69, 0x9858fa48, 0x7af2d35f, 0x8197be85, 0x434d09b9,
-      0x29aa265d, 0x1dc07755, 0xc058fa80, 0xcad03be7, 0x54ba14ce,
-      0x92d70a9f, 0x6c050a74, 0x6dc78505, 0x4d005dda, 0x2a7ca4a9,
-      0xabfb9f2e, 0x448d3d72 },
-    { 0x29b33989, 0xdc56f145, 0xa9ae815a, 0x868351bc, 0x4b074414,
-      0xb3f45613, 0x3cd9f33b, 0x955ce42a, 0x5ff6e4a3, 0x13ade4ec,
-      0xa50eaa91, 0xd3aac715, 0x5666efdf, 0x0c61ec99, 0xf6a4470a,
-      0x108a28b8, 0xe54844c9, 0x402ef584, 0xd0e2f337, 0xb825b162,
-      0xb46f7cbc, 0x3dcd131f, 0x96f2fd89, 0x208178ec, 0x25928c78,
-      0x4d8c5d67, 0x9963c459, 0x285a33df, 0xd92a309f, 0x72497175,
-      0xcb7019a5, 0x76881479 },
-    { 0x91767eed, 0xba43a114, 0x92bf65db, 0x5e11b9ad, 0x03a5e21a,
-      0xe8a22ce0, 0x2a335415, 0x63604421, 0x4a9ead62, 0xc2c563b4,
-      0xa0b2aee5, 0x4bc06264, 0x8bf2e1d7, 0x75b8d575, 0xd08a265d,
-      0x1cff0ee7, 0xb0b712a7, 0x17914e1d, 0x4b18692d, 0xc35925d0,
-      0x56cce815, 0xde253f4c, 0x9fff0e3a, 0xa479241c, 0xddabed19,
-      0x50b9d06e, 0x59fae506, 0x67135260, 0x532ce180, 0xf37600fb,
-      0x5e5a8626, 0x670eb01c },
-    { 0x73cdbb43, 0xdf73c0af, 0x7f2431ad, 0xcf08ecc5, 0x2a1a3845,
-      0x91780541, 0x9224ddf1, 0x69a104f2, 0xbeac7eff, 0x4352f38d,
-      0x7c2d1322, 0xfc3b3b4e, 0xb5e4b476, 0xa69e9430, 0x975a46f0,
-      0x7d932340, 0x5d64eece, 0x8093899e, 0xdb2345e9, 0x7b821250,
-      0x7f4b796b, 0x23552932, 0x4bb90b1f, 0x2ee9cc15, 0x9112f7d6,
-      0x1fa9c8f5, 0x1cbaae32, 0x2d0f2f98, 0x0075166a, 0xb77f0366,
-      0x635dff27, 0x504852e7 },
-    { 0xa2f392fa, 0x2f0f3ce5, 0xec6c9078, 0x326c076a, 0x84baaaf6,
-      0xad01de92, 0xcbe8e993, 0xb01b16d3, 0x2d950908, 0x71305c24,
-      0x3853af38, 0xc66fd617, 0xd3c429a0, 0x7735140e, 0x1fabf027,
-      0x8a31b12a, 0x058b3177, 0xa0530002, 0xa9c7deb9, 0xabffd9fc,
-      0xe8667d30, 0xd05ef69b, 0xe9a9e13f, 0x2f3a7308, 0xb91eae9c,
-      0x3f4c9a19, 0x618ce6c4, 0x50d0cee7, 0x5240f8b0, 0xfb24dc40,
-      0xf7e90cc4, 0x992fe151 },
-    { 0x38f197aa, 0x4454db31, 0x87872f98, 0xa4ded69d, 0x44f0a828,
-      0x97b427b0, 0xa31e48c6, 0x9821e1ae, 0xdd98efec, 0xe38cb09f,
-      0x480cb3ae, 0x20b84fa8, 0x47475573, 0xba5bb4a8, 0xcd50e96b,
-      0xa9be080a, 0xef103550, 0xc4451e9c, 0xc441325c, 0x626ee75f,
-      0x38a5e33d, 0x6eea5e98, 0xa2b0abd2, 0x7321beb9, 0x9b6082a9,
-      0xca92e484, 0x992bcc2a, 0x1dc8168a, 0x9c8eb9fb, 0x134ecf4b,
-      0x4c5b71e0, 0x5a68bfa8 },
-    { 0xff0a2bfb, 0xb4ff3b45, 0x5502f8b0, 0xd105fff9, 0x5b1c0c26,
-      0x14de5885, 0x0d3b9d04, 0xed16865b, 0x026d3917, 0x2f5a2453,
-      0xf4db3c0e, 0x6a22f493, 0xe2418f2e, 0x4871548a, 0x509bef61,
-      0x6ab363a8, 0xb8cbbbec, 0x91ca1e3a, 0x4011a396, 0x71e0dc98,
-      0x0d5ca577, 0xff982e0a, 0x81897bc1, 0xeb40b045, 0x085ad5e7,
-      0x4bc24a46, 0xa6337b7c, 0xd15c8fa0, 0xbef1628f, 0x56ce6ef7,
-      0x9f5ef439, 0x78acfdf9 },
-    { 0xf8520189, 0x45bf7f15, 0xc77f61c4, 0x954202a0, 0xdfa22e1b,
-      0x39edc6b9, 0x1f4a3487, 0xd2d60267, 0x4814cc52, 0xcd933929,
-      0x05e9f123, 0xde76a124, 0xae36b6f7, 0xe2306ea0, 0xb83a58e0,
-      0x53815218, 0xa041231a, 0x9862bb76, 0xbf31be71, 0xe8da253c,
-      0x37de861f, 0x2dfc5332, 0x90ae4890, 0xf25c93f6, 0x8baa6ed2,
-      0x66bcb8f0, 0x908b4a29, 0x6f10ae0f, 0xb061c949, 0x8cb4b48c,
-      0xd075a366, 0x0ad92d73 },
-    { 0xc2ca548a, 0xbfb95fed, 0x80cd89ab, 0x4778c620, 0x3466c280,
-      0xbe99154b, 0xd4be8902, 0xea3be093, 0x13e681ed, 0x847b7995,
-      0x02f40161, 0xf22a8f4b, 0x4aeb7fe8, 0x3ef2cb4d, 0xb3aed5f6,
-      0x9adc5151, 0x98c31163, 0xec1ccfd1, 0xa3d7d88f, 0xdc2ac17b,
-      0x46421097, 0x08fa64d3, 0x94b90bcf, 0x5ebf80b7, 0x0b50a9eb,
-      0x1b78b4ba, 0x279aa66b, 0x1a4fe934, 0x075b3ced, 0x8ef4dcaf,
-      0x70a6e9ae, 0x95bbd8a0 },
-    { 0xe614bbd0, 0x59f92495, 0xb823e363, 0x7567a887, 0xfc1bd6a7,
-      0xe247c9ec, 0x8e835c42, 0x2bfaaf47, 0xaade066a, 0x314ef4e0,
-      0x5c16d336, 0x072baa63, 0xe2f0e389, 0xfa429c71, 0xbd07d90f,
-      0xcac1e5d0, 0x514f5c04, 0x69ff35ea, 0xc0554ec1, 0x893053fc,
-      0x2a35947f, 0xab1d86b7, 0x2aebe487, 0xe29fb060, 0xdfb9cf21,
-      0xa0a10d6d, 0xf20dfcf5, 0xad147059, 0xb8867a2a, 0x480dc66f,
-      0xc125a919, 0x375a884f },
-    { 0x1217f7ea, 0x178cbe2e, 0x875c6dab, 0x1a161e2a, 0x1bdb1a54,
-      0xf7707ec0, 0xe4fd73ca, 0x678864a0, 0xd13a0d86, 0xbaebc664,
-      0xc8d30668, 0x40325f99, 0x2f1c5950, 0xb93ed9c9, 0x541e0667,
-      0xfdf36763, 0xb91a6763, 0xfd97fbb0, 0x6079c9a0, 0x26aa69ea,
-      0x1eaa8c47, 0xc7303c80, 0xafa63c55, 0xdec75c81, 0x4fd12adb,
-      0x01cdcde2, 0x1968838a, 0x9fe0dda7, 0x38415379, 0x66bb093b,
-      0x08cb84ec, 0x268d818b },
-    { 0x41580555, 0x73dae358, 0x473d103b, 0x4fc32e67, 0xbeccc1ab,
-      0x240c1013, 0xb24ee9de, 0xda4099f2, 0x9fa8e066, 0x37b0cb5b,
-      0x6438d7ee, 0xb5ae04e4, 0x2b720140, 0x7f7d3164, 0x339e4a78,
-      0x86ef4edb, 0x3a7d8375, 0xa5e77eed, 0xbd707c2e, 0x883fad37,
-      0x0f979189, 0x816b633a, 0x2e7a208e, 0xe24c028a, 0x4435516a,
-      0x1171fe3c, 0x4f5f2bf5, 0x3eb93b33, 0x01b53a56, 0x8419ed4b,
-      0x056ca44b, 0x8b02735c },
-    { 0xe1019195, 0xb89bb464, 0xf3fc28c1, 0x1de4c026, 0x2bfc3b21,
-      0xac120e6e, 0x91bdf92f, 0xec71bc5a, 0x0d995bc9, 0x485d7ab4,
-      0xe6491ffe, 0x97c6768e, 0xafbce265, 0xd9552d19, 0x8e1b76c2,
-      0xbae6c7fe, 0xd7e3ad1b, 0x167d8281, 0x5e989734, 0x3e149af9,
-      0x8a0c8182, 0xd1f0024c, 0xc3006c0d, 0xf571ffdb, 0x58773d4c,
-      0xb32ecf7e, 0xfd3540d8, 0x5822a782, 0x04365042, 0x5ab45c3f,
-      0x4b4d85fe, 0x400e3aa0 },
-    { 0x5e46e4a2, 0x47321649, 0x24136074, 0x37a2ed64, 0xc60ec77d,
-      0x659223b1, 0xe5e0ac2e, 0x5e13aac3, 0xc5107ab7, 0xda17c41b,
-      0x73c253db, 0x65b22ec9, 0xa5012296, 0xff3867b8, 0x0621a99b,
-      0xfed660d5, 0xc89fc3f5, 0xa3c28506, 0xf16451a7, 0x3ed350b9,
-      0x67cb586f, 0x27c3e032, 0x967185b1, 0xc807c779, 0x4a13009b,
-      0x09c157d4, 0xadaf1f4d, 0x362f7647, 0xf3a6a198, 0x4a42b9ac,
-      0x8da6e039, 0x131c3da2 },
-    { 0xa7da83ba, 0x4a785ff1, 0xd04f4436, 0xf415b425, 0xec03f812,
-      0x7c0899bd, 0x80f5f4a2, 0xc58d411a, 0xfda251b9, 0x3d32d610,
-      0xcd3b2f32, 0x99bb4504, 0xf4c2083c, 0x198c444b, 0x730e83fd,
-      0x60c261af, 0xcb02db90, 0x060ca4df, 0x9df1e7c8, 0x0ff7838b,
-      0xc4c690c9, 0x6b79cf97, 0x5d75f154, 0x131514d7, 0x1cb0e8ff,
-      0xa7c074f1, 0xb2c17615, 0xb920aac1, 0x44aa0ff0, 0xde8098ad,
-      0x34545ce9, 0x71d1a46a },
-    { 0xfa1b382e, 0x76178f76, 0x772dda0d, 0xa0d8ecc3, 0xc5d4d130,
-      0xaa5aab2a, 0x8d72622c, 0x27d38ba4, 0xca3bed06, 0xc5410db6,
-      0x793ceccf, 0xf637a588, 0x6e65e3d7, 0x1f65dafd, 0x60a45641,
-      0xc3b44a85, 0x4f78540b, 0x0f47b3a8, 0x5e4d60f6, 0x824fdadd,
-      0x17d3b6d5, 0xd8ccf90c, 0x325fc13a, 0x008eabdf, 0x3648fab9,
-      0x3e90d716, 0x24c52d4b, 0x3964ff3a, 0x533d0acb, 0xb95cc416,
-      0x1167f521, 0x6cd2699f },
-    { 0x12f4f3ac, 0x2d8c0b3b, 0x99d1bdfb, 0xb03dcfe2, 0x30f37326,
-      0x540034f8, 0x7c5a8c82, 0x22dd6893, 0xcd8f1442, 0xeb7093d0,
-      0x585742f2, 0x892795a7, 0x087adadd, 0xe15f282c, 0x16ab7b5e,
-      0x7bbdc749, 0xa58acbb4, 0xd30fe40b, 0xe2bac39b, 0x0de417eb,
-      0xc61a04bc, 0x4b4b19a6, 0xf2735569, 0x9338c34d, 0x30ab196f,
-      0xe8f03742, 0x6c88c965, 0xfa2efcb8, 0xc7eeb826, 0x19eee274,
-      0xda345dc2, 0x327c063f },
-    { 0x5b47cd53, 0xab399eff, 0x1943aefe, 0xbbe9869d, 0x1402a866,
-      0xe64ecc7b, 0xb1c25a16, 0xc3e7c2aa, 0x022de271, 0xc4216b79,
-      0x366d6a5f, 0xe58dfcc8, 0xda813336, 0xd159509e, 0x130bfb7c,
-      0x370400f2, 0x93b48780, 0x1be4e059, 0x39f3cd22, 0x0623a1fe,
-      0xeecb4f87, 0x72aa22b2, 0x6c27b83b, 0x1af4c496, 0xda5fa5bf,
-      0x7a42a94b, 0x48b01af2, 0x9afba822, 0x3670112c, 0xeb6b9d2a,
-      0xc0df6856, 0x020f19d1 },
-    { 0xa4dbba20, 0x37051a86, 0xdb1de5c5, 0xb618ebc6, 0xe6525840,
-      0x9a780a19, 0xd2bccc4d, 0x9440302d, 0x10285a24, 0xe9ff023d,
-      0x3a486268, 0x3b937ee3, 0x4cd61147, 0xe37ee2f2, 0xa3d057cf,
-      0x79fbbfd3, 0xccddefce, 0x5fba16d3, 0x5b231727, 0x916058ec,
-      0x720c3adb, 0x47699ebe, 0x8b4f6bba, 0x26274386, 0xf18a0770,
-      0x54b0092a, 0xacca1160, 0x99d090eb, 0x0c888f60, 0xf757e1ff,
-      0xb0050544, 0x79e72720 },
-    { 0x2820a239, 0x632acf25, 0xaae6b310, 0xb1a3974e, 0x48c0a1df,
-      0xd61fd6ba, 0x5a3ee7aa, 0xd2453c39, 0xb980446d, 0x548455a0,
-      0xde16676f, 0x9f29d97b, 0x789375a1, 0xf252ca0c, 0x7743a985,
-      0xe961af3e, 0x66cdbd8d, 0x70c79c56, 0xcbc538f9, 0x14a3854e,
-      0xa126851c, 0x58daa73a, 0x2a9f558c, 0xe9b5bb45, 0xfbd15e05,
-      0x37af7f83, 0x38a1939d, 0xa4487927, 0x9511a056, 0xe428b2b5,
-      0x7015846d, 0x001d3ce3 },
-    { 0xe145b1d7, 0xd6be36b9, 0x009c5664, 0xf3e3938a, 0xe7c0f6db,
-      0x2e562e7d, 0xc343f539, 0x951044e6, 0xd90897b1, 0xa5ab62b8,
-      0x512f797c, 0xb1a1f70b, 0x750f28e4, 0x91cdd754, 0xffb8165d,
-      0xb4c80e2f, 0x594d02b3, 0x65ed39c7, 0x56833edc, 0xcc12a49d,
-      0xf3693a18, 0xe73694bc, 0xfcd2c404, 0x34cc134a, 0x11d40194,
-      0x071bd5fc, 0xfc585e46, 0x05759047, 0x790b7a04, 0xb3280360,
-      0x40afc684, 0x4bb8c6fc },
-    { 0xfd0f8796, 0x3120e2dd, 0xb133c9de, 0x6968a40d, 0xa9369c6e,
-      0xfea366c0, 0x6007273b, 0x37e5b6d6, 0x8cb81439, 0x39e4ecf0,
-      0x9febc005, 0x487fe9cd, 0x0199b53c, 0xeb8af444, 0x293519eb,
-      0x2f124e3b, 0xc82c9c16, 0x860c218a, 0x709dc590, 0xacd1d6f2,
-      0x36d50529, 0x5696d545, 0x59120bfc, 0xc03f5df9, 0x10ffa690,
-      0x99a3e88d, 0x6c432827, 0xd4f9cfa5, 0x9a135d89, 0x2e8fea9e,
-      0xb6a77e78, 0x3699a881 },
-    { 0x1eb1c64d, 0x5bca3372, 0xf1d28154, 0xe9cf3a2d, 0x6537106f,
-      0xb7e2e9b3, 0x4f7cbf4d, 0x06c17151, 0x2058b37f, 0xcbde416e,
-      0x8834e9c5, 0x82c53a7e, 0xe9ac3a75, 0x94dbdfe2, 0xc5e67c02,
-      0x795ec6cb, 0x1426a80d, 0x8c23c25f, 0x6a8d4f9f, 0xee2cd20d,
-      0xd3b7c235, 0x838daa54, 0x3d7a4d52, 0xb9e08ec0, 0x781cb473,
-      0xca9475e9, 0x5ec31caa, 0x7271f39e, 0x82535187, 0x1df08e9f,
-      0x208aff8b, 0x4f3a4b03 },
-    { 0x1ed095f8, 0x0f7b8107, 0xda226d4e, 0x23e37fa6, 0xafb36d1d,
-      0x8b0f9852, 0x07d8e311, 0xb114634e, 0xe3e0f16e, 0xb9634a97,
-      0x421eec37, 0x2454bb9c, 0xd72b21c1, 0xb4ecd5db, 0x6df20d7c,
-      0xf9603868, 0xdf86e0a2, 0x9f5359fd, 0x5ac488aa, 0xc43d54fa,
-      0xd1049df4, 0x56d714ab, 0xb020607a, 0x13152b3e, 0x7a02325e,
-      0x49be1c18, 0x52ae84db, 0x44f24f4a, 0x0b5a7b80, 0x9e525c03,
-      0xa6d179fd, 0x6d874446 },
-    { 0xbe9a42f5, 0xd29d07aa, 0x3781ccc8, 0x1fd5316c, 0x9dc69ea1,
-      0x71a75a6d, 0x88fee91a, 0x4e19e0df, 0xf8d44f12, 0x99c2b4dc,
-      0x31ae94e4, 0x05f6df92, 0xcf28ccc2, 0x27fba876, 0xf57f7ceb,
-      0x6e1a0f01, 0xf3fd3b74, 0xe03f1f34, 0x42c1d213, 0xa0edc4a7,
-      0x7deb8580, 0x5caac270, 0xaf0848bc, 0x0f5d791f, 0x07ac759d,
-      0x17f514ad, 0x904fc531, 0x95a39734, 0x7bb70f3d, 0x95a4aca9,
-      0xff9c5609, 0x3cf384c9 },
-    { 0xce1fc9e3, 0x700506ba, 0x676b0399, 0x49721742, 0xe72bf7b3,
-      0x2b4a1b8d, 0x79b209f7, 0xca8602a8, 0xce26a8e1, 0x90580b90,
-      0xfe24f39a, 0x1ef339b7, 0x629362e1, 0xb6c5d991, 0x577b24f4,
-      0x51174e1a, 0x05e451e9, 0xf380fcb5, 0x148321bd, 0xf4d97afb,
-      0x747e5d2a, 0x099806bb, 0xbe99a608, 0x85525d65, 0xd455e820,
-      0x264828d9, 0xd8560a65, 0x8c8c5405, 0x71030770, 0x3c67e73c,
-      0xee73df26, 0x2b248850 },
-    { 0x8541159f, 0x2173cde6, 0x4fb410b2, 0x78224c18, 0x1f2ca1c7,
-      0x07a28619, 0xa8b23e40, 0x52c207d6, 0xa6b2344a, 0x071a0210,
-      0xb5ed2945, 0xdb0e587c, 0x810fcc6c, 0x6c56b8ef, 0x62d843b9,
-      0x1248c58f, 0x74c66975, 0x4b90363d, 0xe66c66f6, 0x6348f7f2,
-      0xc126bcbe, 0xb2f9d441, 0x73ce49e8, 0xac07f2a3, 0xe81b0df0,
-      0x52486758, 0x1d4621d1, 0xa108b54d, 0x74414a1c, 0x17261ece,
-      0x6a3ac215, 0x938b3bcc },
-    { 0xe4ded340, 0xa9e4a16b, 0x80e88036, 0x8e65fb2a, 0xdcd73acb,
-      0x97089606, 0xaaa657a9, 0x1c3a0434, 0x49101b06, 0xf304fc58,
-      0xda0bb64c, 0xe60fb61a, 0xf5542df5, 0x818c2aec, 0x56f76d5f,
-      0x74020576, 0x92533d97, 0xb566b790, 0x74d6eb5f, 0xae4655e5,
-      0xa55b44b7, 0x60f7a1b5, 0x93747ea5, 0x7970179b, 0xf2dace56,
-      0x8ae7e0e8, 0x84e83c06, 0x98474607, 0x15307341, 0x24e8c9ed,
-      0xd9e89d6b, 0x6cff58a5 },
-    { 0x03e51f68, 0x508c01b0, 0x1d2fe7d6, 0xe1d1f225, 0x09bd8805,
-      0xf7998d0b, 0x03e415b7, 0x255e907a, 0x607d9798, 0xd148467d,
-      0x9b453896, 0x055c3b1e, 0x809f50f4, 0x35001013, 0xd0233fdc,
-      0xfbbb2fa6, 0xff1820b8, 0x0b680b0a, 0x38d317e0, 0xb1d404dc,
-      0xccc8c7df, 0x133d5444, 0x6ec13f84, 0x7fa847e6, 0x046e2e48,
-      0xc33f83d8, 0x4863b3ac, 0x3c627fc5, 0xeb936af7, 0x5f67f8aa,
-      0x31b79327, 0x5fe4ac8f },
-    { 0x8b6f401e, 0x581aa4bf, 0xad5c7ed4, 0x05db12a3, 0x6fb07b4a,
-      0x7b018726, 0x9c22bcd4, 0xfdd11f04, 0x69371c95, 0x5454a7d4,
-      0x99a46eaf, 0x066c55fb, 0x7fef96d0, 0x18637c7c, 0x6b83e95c,
-      0xbafc1d34, 0x00bb42dc, 0x55c38593, 0x34e7e712, 0xdd8dec2b,
-      0xb184cee8, 0x69c9cfb0, 0x49a27864, 0x8dcc0c42, 0x2010f2e7,
-      0x290d95f2, 0x6977a420, 0x86e254c9, 0xeb2abdad, 0x20931c89,
-      0x121c0548, 0x81377164 },
-    { 0x9c5a8edf, 0x6266b25e, 0x1078a7ad, 0x6e1388c2, 0x4876eedf,
-      0x5f02737d, 0x62744617, 0x242fa7f9, 0xb385382a, 0x3e2cfbd9,
-      0x02f71bef, 0xbadad7b1, 0x677d0a92, 0x562abcfa, 0x51fdff34,
-      0x573ebd17, 0x7c250c78, 0xd7f65852, 0xc47ca896, 0xe0cf16ee,
-      0x67622c9e, 0x8ccd79b0, 0xf8f2c075, 0x31fc5882, 0xa6008515,
-      0x9232b37e, 0x82e8c5ba, 0x4d7bb361, 0xd2f146fe, 0xbf24735c,
-      0x9cd2db98, 0x79c280ee },
-    { 0xf2b48122, 0xbdcc8203, 0xb04ac48e, 0xa8c04916, 0x9fc4885e,
-      0xacf064dc, 0x82c1001c, 0xab838997, 0x676de250, 0x7339e721,
-      0x8e1ab820, 0x17aa5aea, 0x6bc14b2e, 0x24d28ca0, 0x816b6230,
-      0x570c5bb7, 0xcee6b606, 0x6c51235c, 0x183eae42, 0x1b2bf89f,
-      0x9c66274b, 0x3e3af3c6, 0xb51e38bc, 0xe0b04426, 0x73e40e3b,
-      0x26dbc58e, 0xb5be5be4, 0x3f9dd578, 0x52c8f408, 0x9fd9f791,
-      0xa9e3ff4f, 0x758073a4 },
-    { 0x8691ca22, 0x7d27b057, 0x13a2a1b6, 0xf206bfd6, 0xac795413,
-      0xe84bd385, 0x75536607, 0xc5d18a2a, 0xc8a0e24c, 0x2e166de7,
-      0x3c474dbd, 0x56d5750c, 0x1366843a, 0xdef444c1, 0xcf4b8432,
-      0x14646e53, 0xa9fd9783, 0x4bc0d030, 0x297ee203, 0xbda4c824,
-      0xfd7be6c7, 0x3d0b10bf, 0x08c7f3ff, 0x2d216476, 0xb4fd4c45,
-      0x06e52599, 0x49e9e104, 0xfbab9fa1, 0x8661d32d, 0x9342a7fa,
-      0xfaf66aa8, 0x3f3e3458 },
-    { 0x951597aa, 0x51ec35af, 0x49df64eb, 0xb677d4ac, 0x9bf4eff5,
-      0x0276cd9c, 0x515a2935, 0x423eca49, 0xfd9bb9c3, 0x8a696553,
-      0xede1f09c, 0xf99ee9df, 0x199e5f98, 0xb8fa2956, 0x35292c32,
-      0xb7638758, 0xfc40e81b, 0x8734eddc, 0x65457d95, 0xd82d5e9f,
-      0x30c78d2b, 0xc8ee323e, 0xc1433d67, 0xe77b2e4c, 0x3c8314ae,
-      0x56d9f807, 0x2a0e2f63, 0x441eede2, 0x6c48295e, 0x1e9e17ed,
-      0x34c294ef, 0x640d20c4 },
-    { 0x3284d513, 0x4e9a0b8e, 0xf315053a, 0x074c3545, 0x45acd52a,
-      0xb36e7407, 0x1de50db7, 0xd80bdcfc, 0x2549fc46, 0x8d9d47dc,
-      0x303f07a8, 0x29b6ef13, 0x6d4ad4c2, 0x4e461aca, 0xfc9f1b73,
-      0xca8e351d, 0x57460e65, 0x8bc4094d, 0x0f32d367, 0xb6302b33,
-      0x285742e8, 0x69a074b6, 0x876c29c3, 0xdfe52b11, 0x912bd17a,
-      0xf39e4609, 0x349aa639, 0x8ee40d66, 0xc72e05c1, 0xb968902a,
-      0xc0d92816, 0x0f9c1ca8 },
-    { 0x67433df3, 0x1ebbaab3, 0x15d3628c, 0xb6aa5347, 0x97f0c5cc,
-      0x13a320d8, 0x65e408f9, 0x72c918cb, 0xd5373451, 0x4b638854,
-      0x0b4dca09, 0x731399a3, 0x0a3b1326, 0xcf256730, 0x6608b388,
-      0x5ea60dfa, 0x7b290dfd, 0x58ad74b0, 0xd7694f9b, 0x83202789,
-      0xb6630fb1, 0x48593db8, 0xc65e3eaf, 0x3db47f70, 0x3e7263f8,
-      0x63949c91, 0xe6e6ff33, 0x9b9acec6, 0x098a8240, 0x34bd9ba7,
-      0x45d36ec5, 0x7e31c12f },
-    { 0x0dfd2dd7, 0xbe281d68, 0x24ab61d8, 0x1efacb00, 0x94431f97,
-      0xb9c3005f, 0x959cb3bc, 0x660c8dfa, 0xcffbb406, 0xfdd5fc30,
-      0x7969a10d, 0x7a4631be, 0xde13fd1b, 0x336e309e, 0xfc947076,
-      0x76b3bfad, 0xdcc72223, 0xfa91925d, 0x156c4ee1, 0x741f0d73,
-      0x0e2b3747, 0x4f64ee41, 0xefc4d93c, 0x86be92d3, 0xfc4fbb2e,
-      0xc53b7e03, 0x337ca1bb, 0xac196cf5, 0x7e23ba60, 0x4de41a30,
-      0x326d5357, 0x1a219c45 },
-    { 0xaa4db0bc, 0xfdcf7ef8, 0x7b6c9963, 0x2e231806, 0x3d8a192f,
-      0xc2639067, 0xffdc7771, 0xc0cec2e2, 0xa2fc0edb, 0x997c8e35,
-      0x82cc6043, 0x78e10ec1, 0x2b0c8120, 0xfd0de2cb, 0x69e57f8e,
-      0x4d6c457f, 0x5b53f1c3, 0x953e69b2, 0xc4f89cb8, 0x422a330a,
-      0x95566be6, 0x92ff2329, 0x437442d1, 0x73cd502d, 0xbea69403,
-      0xf04ce590, 0xf8030662, 0x6ac1537e, 0xb6d0bf93, 0xe02bcf77,
-      0xbc90192f, 0x17aaa999 },
-    { 0x8e55db2e, 0x0d3d5643, 0x3b946851, 0x835dee43, 0x5b88462f,
-      0x1a1440e5, 0xea17e27c, 0xa6ff3b35, 0xdd95f7a9, 0x23f99c36,
-      0xbdd672cf, 0x7217fdd9, 0xdd2045c0, 0xf400ac1e, 0x4ff06b25,
-      0x94b55c87, 0x0e4a49be, 0x0a44a0e5, 0xb43b6813, 0xe8925e91,
-      0x214f96c5, 0x78bedde1, 0x0f97fa97, 0x0f456a4c, 0xa5bfd267,
-      0xa28fd86b, 0xbe7608ef, 0x3b4b2d8f, 0x226474bc, 0xfbd5ff8c,
-      0xa5f3b24a, 0x6b282af0 },
-    { 0x6341a595, 0x78fc025f, 0xa445e28c, 0x591c38d6, 0xeb446842,
-      0x72bd6e3d, 0x75547833, 0x3f9466d3, 0x083e16c4, 0x911414d3,
-      0x95a7acb4, 0x145d9466, 0x8fd2fb64, 0x102ddf09, 0x0bfd87b1,
-      0x2a2b2d2d, 0x59455088, 0x69e9be5c, 0xa80245de, 0xee378bf4,
-      0xb2306b0e, 0x80b0bd68, 0xc2be9f3d, 0x76a545c6, 0x4802c245,
-      0x429d167b, 0x2b412dfb, 0x13e64427, 0xee8d9762, 0xb664f529,
-      0x54706ebf, 0x6d4f5d23 },
-    { 0x00ba9f88, 0x35c8f2b6, 0x7bb6d0bf, 0xfdc807e0, 0xb3b81e5b,
-      0x0a126d42, 0xa7ac781e, 0x335ce6ce, 0xf37dcba6, 0x3e308e6f,
-      0x63c96487, 0x028dca62, 0x8818434d, 0x72eba57e, 0x79b78a26,
-      0xa9e3d59f, 0x2f07aea3, 0xd2f0a7dd, 0x24d05f74, 0xe0fe4678,
-      0x0116deb6, 0xb2085170, 0x58f37580, 0x9c2a5e92, 0x74070bb3,
-      0xe78bd7a5, 0xb9977d90, 0x551fc872, 0x40db81b4, 0x6eda93c4,
-      0xd65d34ad, 0x4aaf0b4f },
-    { 0x3514c7af, 0x9bef2506, 0xbc181ead, 0xb09e7dad, 0x8fa3ec58,
-      0xef3cae87, 0x173b8685, 0xd8dbfab5, 0x921d32dd, 0xb2490fc0,
-      0x8bd9c466, 0x4eef386b, 0xa061dbdb, 0xc1cdd52f, 0x25bc04db,
-      0x64de989a, 0x85728636, 0x06f9836b, 0x8be44aa0, 0x11a5a804,
-      0x097018c7, 0x16dede4e, 0xb2c11fb1, 0x72aec577, 0xa721ecd9,
-      0x144dade1, 0xd6ebf3a9, 0xf99c526b, 0x1c2e14d7, 0xa1d4165b,
-      0x82bc6337, 0x8b2cbd39 },
-    { 0x8a52e991, 0x28ec1bf2, 0xcf9d42ec, 0x0ba202f6, 0xc634ea45,
-      0x8307d130, 0xc5762b9c, 0x3fc257b3, 0x487c2a2d, 0xbd3298d1,
-      0xa319488a, 0xca14f1a7, 0x06ba06d2, 0xc70ca93b, 0xee405e89,
-      0x9aa3f4b3, 0x35deeae7, 0xcc64eeb3, 0x03bf1d4c, 0xd155f578,
-      0x45616bfd, 0x041ec0b5, 0x086e33f6, 0x23df80e6, 0xf0243cf5,
-      0x399a79c8, 0x874ccd58, 0x86c2824e, 0x8fc5c831, 0x220eeaec,
-      0x7dbe3670, 0x57e28304 },
-    { 0xfbcdf666, 0x6e60b698, 0x8bebb1d2, 0xbdd06a99, 0x80498436,
-      0x4044adba, 0x522bc88d, 0xd76bf75e, 0x28423b20, 0x655c4b9b,
-      0x53398a72, 0x65c0f492, 0x0ca37601, 0x76d4f2b7, 0x2030fa5a,
-      0x46989925, 0xb6054705, 0x96b37e87, 0x53de1b2f, 0xef96f731,
-      0xad54ef05, 0x5ecbbc8c, 0xa93617b0, 0xeb289d0a, 0x7cba217d,
-      0x3ac0fbd5, 0x19d4a2d7, 0xd0d3cb56, 0xc91d6063, 0xe8bee9d4,
-      0x696ffda6, 0x4f12e037 },
-    { 0x15f1a610, 0x4ccfa422, 0x3786519a, 0x804a5c55, 0x73838134,
-      0x1246a454, 0x4b284e2a, 0xfa15b484, 0x146d1320, 0x36464c65,
-      0x70a8a0fa, 0xfb6ba88c, 0x93c4804e, 0x74e7cee7, 0xb95ae16a,
-      0x8c34d22c, 0xf9c1d4dd, 0x9d9ed89f, 0x32025371, 0x61a0866d,
-      0x9bd6444a, 0x45b232b2, 0xf277bab1, 0xf888e92c, 0xa9448b02,
-      0x73e69c6e, 0x5b521ecb, 0x1a496ea9, 0x5858afb2, 0xa8f78ea7,
-      0xb1266f91, 0x83d2333e },
-    { 0x67b478d7, 0x1c633288, 0x50a2fc9c, 0xa1ee1ae1, 0x18d2241b,
-      0x05b6ab30, 0x893cd696, 0x69f1f288, 0xa8117a87, 0x159d6660,
-      0x70e73d77, 0xe8120119, 0x93f55f0a, 0x528fef00, 0xd854dfb2,
-      0xb3978db8, 0xf45d9fbb, 0xd6b43ef6, 0xd5bee397, 0x17de4bfe,
-      0x6bf76dad, 0xa01e0f59, 0x3d40754c, 0x28b2280e, 0xf8e86ef3,
-      0x8edb6122, 0xb7d1e586, 0x8226b6af, 0x2f40a55b, 0x46353215,
-      0xc5a31621, 0x7362f13e },
-    { 0x73c0c430, 0x792eb27c, 0xa51c3657, 0x8cc0a65f, 0xd2194f1b,
-      0x50a5cece, 0x814b4947, 0x18945688, 0x4b6fbbf4, 0xbbf0a81a,
-      0xf0aa8608, 0x376f4f58, 0x3987795e, 0xd9361d68, 0xe3a8d0d5,
-      0xb6510cd8, 0xb6c1a455, 0x63e2fdbf, 0xaec891f9, 0x2c91154e,
-      0xff568f64, 0x0eb1e715, 0x2f2b399e, 0xe7af9cd7, 0x89f0bf0b,
-      0x1fc39bac, 0x90983695, 0xf0861d92, 0xda0a20a8, 0xd9b16f02,
-      0xa38c0ead, 0x2f10693f },
-    { 0x0c06ded2, 0x07a6ce91, 0x2fd9087b, 0xf974842f, 0xa9f635a6,
-      0xe468bfd6, 0x1ed60626, 0x04b61891, 0x369ee548, 0x1fb2f89f,
-      0xdc96a201, 0x9cbd1113, 0x10d633ac, 0x6759acfe, 0x8faa629e,
-      0x64ba66fc, 0x47f38283, 0xa686ae49, 0xd59cda99, 0x828c3a05,
-      0x08ea2f6e, 0x7c7afb14, 0xaf3953c8, 0x2551c8e4, 0x9daa9e4f,
-      0x5b53d279, 0xad6f1940, 0x1eff68d4, 0x96437cdb, 0x2775dbdd,
-      0x4fe7a043, 0x985f83e4 },
-    { 0xeaf45294, 0x89603c16, 0xc24b5751, 0x70131160, 0x39d6b52d,
-      0x4c112018, 0xed943340, 0x7079cf02, 0x74f41b68, 0x0c5b028b,
-      0x9c8ac1e1, 0x3dc3f076, 0xf8b24f0e, 0x5ac5eea3, 0xe34c5c22,
-      0xee6684ba, 0x9abc452a, 0xa5259e63, 0xe9df45cc, 0xb07d2cd1,
-      0x1a443cfa, 0x07019c93, 0x92c003b3, 0x68fddaa9, 0x0d8cbc2e,
-      0x2d9f179c, 0x1e781ca7, 0xbbf15a6f, 0x50dcc799, 0x54d779d5,
-      0x0fe962f1, 0x0c88e540 },
-    { 0xe8f44357, 0x84f71a6a, 0x3a3cab6a, 0xf75b4bf6, 0x5aebc680,
-      0x334c9d9e, 0x8a753ef2, 0xcecaf084, 0x075e3c8e, 0xe28014c1,
-      0xf74f8d3a, 0xbb9d5a38, 0xb80e32ae, 0x75988464, 0xf2bc3792,
-      0x7b328e6f, 0xeed0e197, 0xebbb1faf, 0x5a33065a, 0x674eac95,
-      0x922dbce8, 0x8c19fd8f, 0x987b907a, 0x8c17ae85, 0x3b3a2cd7,
-      0x89f33627, 0xfa87772f, 0xebaea019, 0x3a25ced6, 0x4e5de499,
-      0xaf110715, 0x8e2560b8 },
-    { 0x3141aba6, 0x56d3746c, 0xbab2cf9e, 0x45a1079f, 0x9cdd27c7,
-      0xb6382831, 0x9dfd950e, 0x22237632, 0x3a9408ff, 0x1e0b15cd,
-      0xb1160118, 0x49a80200, 0xa383bba7, 0x2719db5d, 0x651046d5,
-      0x6078340a, 0x97523b1f, 0x8929d4de, 0x8e0a28ab, 0x4040345c,
-      0x0adf09c7, 0x61275ac2, 0x2331d611, 0xb41ab265, 0x5391ca50,
-      0x230cc77c, 0x8f922315, 0x88be0c92, 0x92fd9a29, 0xfef3d92b,
-      0x8324f2e5, 0x59005f22 },
-    { 0x3c4c1c74, 0x6bb1750c, 0xe966fb79, 0xbe73aac0, 0x66c5973f,
-      0x85a75d92, 0x3a8656b6, 0x8c97f932, 0x50446cde, 0x2b7043b1,
-      0x3ff3897f, 0x548916f7, 0xb18b72b2, 0x913dd01c, 0x488c0de6,
-      0xd0a751f1, 0x8558ca58, 0x19175714, 0x44a663da, 0x97714301,
-      0xb0e08618, 0x2df190ac, 0xf39ead9c, 0x0080fc0c, 0x17382da1,
-      0x0085ac6e, 0x3262a338, 0xe9791851, 0xb43bae8d, 0xe4495936,
-      0xd783df6e, 0x57a78e26 },
-    { 0x40dbddd8, 0x161b346f, 0x9410c3ac, 0x2b49a927, 0x1886cf3b,
-      0x8c542783, 0x33b93deb, 0x72df3232, 0x40df579d, 0x9c8d59f5,
-      0xc20ef500, 0xe5d7a67d, 0x67f08643, 0xc46b3918, 0xad96adc3,
-      0xecfa2445, 0x0c4544d0, 0x658f589b, 0xe08417d7, 0xe6ec9301,
-      0xc454e288, 0x6ca5ef6a, 0xac0f462d, 0x4191048f, 0x08d8a036,
-      0x852407d8, 0xf6d35b7e, 0xb4c533a7, 0x8f6ada87, 0x3251e412,
-      0x81c472e8, 0x1ca370c5 },
-    { 0xa801b68a, 0x94bd5171, 0xfd1998b3, 0x7312879c, 0x41163202,
-      0x4905aabf, 0xf5b01fdb, 0xb5fe87f4, 0x9cda128b, 0x78de523a,
-      0xc7bd31f7, 0x0bf161a1, 0x23904c35, 0xb5decfd0, 0xe188f12d,
-      0x224b2882, 0xf99dae74, 0x0dd2801d, 0x08cd1cd2, 0xcad467b5,
-      0xc0867e39, 0x6c311c3d, 0x2b425072, 0x71a11720, 0x2efd9003,
-      0x83bf464e, 0x1dbd3b03, 0x53d0448a, 0xe6265baa, 0x32db52f4,
-      0x4c33ac79, 0x2584b34c },
-    { 0x2aeec688, 0x3cb86389, 0x45fbe523, 0xa5e740ba, 0xfd60b5f8,
-      0x422e71f7, 0x4874913d, 0x455d185c, 0xfa17d80d, 0x04c2bb36,
-      0xac054524, 0x3f271854, 0xa8b9a657, 0x76dd3045, 0x62ee7cc8,
-      0x2e42c3e1, 0x4df6c7d0, 0x00266706, 0xdc7cb488, 0x5927dd51,
-      0x187897e0, 0x6b3faabe, 0xf2d5737c, 0xfe6ad22e, 0xff51a9ff,
-      0xafb60269, 0x69807baa, 0xe1c83545, 0x951ca49a, 0xacddb6ff,
-      0x3f9ab085, 0x7e811374 },
-    { 0x830a88b1, 0xad722a8b, 0xce1117e1, 0x91918ea8, 0x0409b47d,
-      0x3e02d0b8, 0x6c46d1d3, 0xb53812d3, 0xe589669c, 0x2fd09db0,
-      0x15b0cd5e, 0x9845cd06, 0x2386c453, 0x0c1c155a, 0xf5ff43cb,
-      0xda774de5, 0xe391c0cd, 0xbb076b98, 0x5004f286, 0x97d71eff,
-      0xaeec0bfe, 0x23e0b46c, 0x32a1ad94, 0xe4538667, 0x396da422,
-      0xfe0c9f81, 0x63db2bfe, 0x6376c1a2, 0xba56fa91, 0x001c7918,
-      0xdf8485a6, 0x436b8c64 },
-    { 0x8ab764bc, 0x88117e9d, 0xa077df84, 0xdfa61e94, 0x0c18eebd,
-      0x5a7765d3, 0xfc9451dc, 0x548916af, 0x071a347a, 0x01a52e33,
-      0xb23b41df, 0x633b95de, 0x43c8c286, 0xdd7d68c9, 0x18d97068,
-      0xe4f9d41e, 0x8c92799d, 0x79908b90, 0xd47394a3, 0xe614148e,
-      0xcd51e53f, 0xe5018517, 0x0243dcb6, 0x5060075e, 0x17954405,
-      0xe5dcde62, 0x537da5ff, 0x6f7c90e1, 0x0768cb66, 0x1df7aae4,
-      0x6dbe95e1, 0x5266ca9e },
-    { 0x1386b3db, 0x84ddee6d, 0x7c38e540, 0xf9e4af5a, 0xeb04f49d,
-      0xb3418440, 0xfde5a4fd, 0x2138a1e8, 0x30257cfc, 0x3e6e6924,
-      0x19fd70c1, 0x3519c6e3, 0x86c31ff0, 0x8f34e174, 0x940ce1e8,
-      0xf1e298fd, 0x14960d7c, 0x6fb8cb1d, 0x2b2f3bff, 0x207c1347,
-      0x146ef8ff, 0x899a20b4, 0x7bd3e220, 0x7dec362b, 0x626bea27,
-      0xa975044e, 0x4fb4cb67, 0x0f32b449, 0x1fc6703a, 0xc17a0920,
-      0x9cd84a2b, 0x41f325b9 },
-    { 0xce2843a4, 0x312ed513, 0x00728afc, 0xe748498e, 0x4d864ce5,
-      0xa8ef2822, 0xa620083b, 0x34064704, 0x4bed338d, 0x5905e1d9,
-      0x063e7b38, 0x2a578cb5, 0x289e7bb9, 0x98276d96, 0xf17b7341,
-      0xdfe2dc47, 0x1dac8944, 0x5923521f, 0x23400aa7, 0x3db6d28d,
-      0xa761ba43, 0xc647705e, 0x9bfd07dd, 0x8947ba6d, 0x242ca8fd,
-      0x00f2e3ac, 0xeb8c3468, 0x49ef4670, 0xd9aa18fd, 0x7db3d37b,
-      0xe58cea9e, 0x56b30fb6 },
-    { 0xcd80a428, 0x07ecdcaa, 0x8732c891, 0x7af922dc, 0x3ada441f,
-      0x20d88798, 0x924b008a, 0x3bed9a44, 0xb2e81c3a, 0x2123533c,
-      0x65f807d3, 0xc34e4075, 0x1f2faecb, 0x0bfaefa5, 0xade8a88d,
-      0x78b634a5, 0x94392a91, 0xc4e0b7f8, 0x90bb1cd8, 0x30922377,
-      0xf87204ae, 0xdea9b4fa, 0x85d3cd83, 0x3edf81f5, 0xc6523a79,
-      0x58f88c51, 0x17c0d969, 0xe472fb8b, 0xdccf7f07, 0x899081e5,
-      0x58bdd146, 0x1353cc57 },
-    { 0x39bf6e18, 0x28a56497, 0x649b89c7, 0x59e8b5a2, 0xdce8b8e7,
-      0x8d9434a0, 0x2047040c, 0xd935bf51, 0x6a7b8e82, 0x2ab3a164,
-      0x27f81294, 0xf1583ed6, 0x72d67297, 0x8416a7e0, 0xcd39e42b,
-      0x49685d86, 0x958ddbad, 0x8a797fc7, 0x155ce6de, 0xa558f928,
-      0xf8a36235, 0x75f4e570, 0x52877ae5, 0xbc69cfc0, 0xa6b16ebd,
-      0x8f4193a9, 0xbb1cc1f1, 0x8d1df43c, 0x5a21e789, 0x723a830e,
-      0xf451df58, 0x3ec2185d },
-    { 0x1f0bc2d7, 0xb9d4c7d7, 0x6e51d412, 0x6982c6cc, 0xa09f80f6,
-      0x92e02d93, 0x047ae09c, 0xb7dd2d25, 0x37f351f9, 0x3503149f,
-      0xc77850be, 0x69d49ce1, 0x12f0d2c8, 0x60242acb, 0x7bc28b9d,
-      0xba188c56, 0x06bc0550, 0x8e406121, 0x8d7d4329, 0xb0d84b1f,
-      0xd38951e0, 0xb4a67ae7, 0x8bc97607, 0xb527c57b, 0x5497aa72,
-      0xbc93c5f3, 0x39bdd666, 0x5f1de8cc, 0xe9d447a3, 0x3087dc5c,
-      0xa211abe5, 0x89b356b6 },
-    { 0xdfdcc837, 0xed6db0af, 0xa871b7a9, 0x0fb80baa, 0x1c1d4b72,
-      0x413abfc9, 0xadac9e5c, 0xf5b56bf7, 0x8b8657a3, 0x5664a2da,
-      0x0e41d94e, 0x11b04f72, 0x37433658, 0x63e11d26, 0xf426daea,
-      0xee628ece, 0xcb162dc2, 0x011619c9, 0x87648643, 0x9cf5817f,
-      0x5584bc86, 0xe1bb9702, 0x00bf7928, 0x2cc27cef, 0xdc60eee5,
-      0x4ef3a80e, 0x87adc2f9, 0x7e1202be, 0x8a0d4f52, 0x656f18e0,
-      0x57c5d126, 0x39c4f10d },
-    { 0xe88aecd3, 0xb3a9b68c, 0xa518aa9d, 0x555b0918, 0x4bd4ee54,
-      0xedc1cdad, 0x02068d84, 0x79b68b67, 0x811ac72d, 0x7dac80d0,
-      0xa81a0a78, 0x6d1e6d35, 0x3bd16283, 0xc841e9ea, 0x894c4444,
-      0xa7bc1775, 0xf1aa1202, 0xf2b63725, 0xc7d4c556, 0xbec7767e,
-      0xd46ff51b, 0x2817ebb3, 0x73f7e339, 0xfde5be8d, 0x5aed24c4,
-      0x44c6c977, 0xb6e579cf, 0x0b9a1707, 0x9069fbcc, 0xcff16478,
-      0x49152b00, 0x414b542d },
-    { 0x606e173b, 0x33c31e58, 0x90e6713a, 0x5b7f4e1b, 0xdebb20af,
-      0x425fb512, 0x05120e70, 0xc788c617, 0x9013e4ec, 0x3ef05602,
-      0x81c6e6d7, 0x9f9d35ac, 0x9450690a, 0xe131e88f, 0x44af082e,
-      0x708f9b32, 0x1ba2aea9, 0xb2e4d66c, 0x740db29c, 0xaf1f4a6e,
-      0xd1843007, 0x74ab9248, 0xed556a6c, 0x13338ef8, 0x270d17a6,
-      0xf48e623e, 0x9608f5bf, 0x3c7362fa, 0x444e8515, 0x43977874,
-      0xe00b8b2a, 0x52678d6a },
-    { 0xdf36aeb4, 0x5dff1c59, 0xa92bc0ab, 0x52d6653c, 0x927a5f81,
-      0x0e03f496, 0x2dfd491f, 0x8509d414, 0xa571f89b, 0x258c2c52,
-      0x93334485, 0x2bd61804, 0x3f7d9e09, 0x1a33e94f, 0x2c1bf906,
-      0xfab418d3, 0x5aa5695c, 0xf39c490e, 0xf6d2d7ff, 0x0e41196e,
-      0x0f7948a9, 0x3ecd4075, 0xd3053b4f, 0x4b58f9b2, 0x5d9974c9,
-      0xb8ee842a, 0xbf22f682, 0x23a59c1d, 0xc8efcea6, 0x045ac614,
-      0xc10ceedd, 0x7040ba5b },
-    { 0x515a1a96, 0x2c364f81, 0x184327e0, 0x31a63503, 0x1ad93d4f,
-      0x0a096650, 0x273b6173, 0x9d7694f1, 0xd2cda9d2, 0x8886d876,
-      0x2814c177, 0x1e01a742, 0x8667696b, 0x3492276b, 0x5b25f006,
-      0x2fd4f0c6, 0xfb294c4a, 0x6527349f, 0xde1d336f, 0xc1fe0d8a,
-      0xe7e3860e, 0xaf9a23e8, 0xb774c31e, 0x97d2b721, 0x4365784a,
-      0xfac3e582, 0x70f4eaa3, 0xff2dff4e, 0xfe873248, 0x3d281e1a,
-      0x0bd1c9c1, 0x9043a6d6 },
-    { 0x766c7937, 0x1511a0fe, 0xabbc3be3, 0x1b2ded5c, 0xe00888ac,
-      0x2ac160cc, 0x616200f3, 0x928754bd, 0x34a2ea06, 0xb801c83d,
-      0x9cbe106f, 0x8ad7a03a, 0xcedfcd94, 0x996b0822, 0xe4069880,
-      0xc3c3463a, 0xf597f663, 0xfb12ea4d, 0x40c92af9, 0x2c8d3834,
-      0x4e8da154, 0x79bc85c6, 0xdb4e801a, 0x95771fa2, 0x1e3579b2,
-      0x7bd2c138, 0xffaad078, 0xe45c75df, 0xb73eac46, 0xb0760a3c,
-      0x3a125f35, 0x26362b48 },
-    { 0xeefc3e89, 0x25c68d28, 0x69e9ee71, 0x2d0ee877, 0xaf5e4b75,
-      0x8b07bb86, 0xcb86b333, 0xdb709072, 0xff552bac, 0xfd3d20ea,
-      0x4c0da1e9, 0xa5eeb2b1, 0x44f97145, 0x391f688a, 0x1e06d485,
-      0x21fbd310, 0xbea9cd49, 0x45e4f2a5, 0xa7bf21da, 0x7b60d464,
-      0x054d5471, 0x193f88c8, 0xbee0f2e9, 0x5ace53d1, 0xc1439273,
-      0x92c26563, 0x96c6b5ee, 0x9c86e0b2, 0x09ff59ba, 0x452fe231,
-      0x555c935e, 0x2e952b20 },
-    { 0xd75f886e, 0x2a846bca, 0xd43dfc58, 0xe68a5dbe, 0x007b1b86,
-      0x103e45b6, 0x355ff2b5, 0x580e2ec9, 0xa263ecc9, 0xbc702f26,
-      0x181e5e33, 0x2835b386, 0x6c122076, 0x025113ec, 0x7fbd856d,
-      0xa5c26e3a, 0x9d6ebcb1, 0x8ef83fb3, 0xa44d2fa8, 0x7aaa53f2,
-      0x53b1fa97, 0x7c14ef33, 0x17559a30, 0xff604a11, 0xb09377e0,
-      0x2bcd96b0, 0xdb2f0273, 0xa5c14896, 0xeb53ef06, 0x1c0a84c9,
-      0x30378e4b, 0x1236d017 },
-    { 0xc084373b, 0xd7481c8f, 0x646097ae, 0x29ae4768, 0x613bc34b,
-      0x1300dfa0, 0x934bc2b0, 0x3712714c, 0x0e2be7e2, 0x86524629,
-      0xed010800, 0x554fbb9f, 0x42314576, 0xf0ec0b38, 0x330a3282,
-      0x65baf594, 0x706ef817, 0x3bdde1a8, 0xba7530e9, 0x7d2c727d,
-      0x74cc95cb, 0xbb0c5d66, 0x2438906d, 0xb3fcd365, 0xd14658f3,
-      0x19881941, 0x6c97f0e9, 0xe616f555, 0x4b9ec7ea, 0x353c2d85,
-      0x620cb56e, 0x02a48014 },
-    { 0x506ccd38, 0x11d6d23d, 0x9059baa6, 0x229a1c54, 0x69d011c5,
-      0x717c9c27, 0xd828937d, 0xe87e1b46, 0x83835083, 0xf5d63bbb,
-      0xaadac258, 0xf0a7b427, 0x9f154d1f, 0x99ab26bd, 0x8ec955fd,
-      0xdec0ffbf, 0x49fcb880, 0xee957c67, 0x1e0114de, 0x32395dee,
-      0x369f46c7, 0x192a64b7, 0x91eb2599, 0x43044660, 0xa2e8c3da,
-      0xbe2da887, 0xc3556d18, 0xa44e2c25, 0xb55f75f3, 0x31390414,
-      0x8f217fe0, 0x1d8bde6f },
-    { 0xa2028924, 0x03cd39f8, 0xb06ecb9f, 0x6e54f19c, 0xd6f05846,
-      0x862bbcb7, 0x5a060776, 0xdbe06716, 0xb10fec10, 0x9397c97a,
-      0x6f1bb65c, 0xf4213826, 0xa672ba38, 0x414deccb, 0xf88b05e6,
-      0x594d4d43, 0xac94d4d1, 0x7993f57a, 0xbfb17638, 0x74fc2a6a,
-      0xb6fc655a, 0xd8196b5b, 0xee8d2139, 0xdc375c84, 0x360d3a26,
-      0xb9b00a02, 0xdeb93b87, 0xb36ed35c, 0xcc83209e, 0xf565b28b,
-      0xc61013c1, 0x349c6943 },
-    { 0x4de6c88a, 0xd1b39444, 0x4700207e, 0xd5c2c471, 0x21c2b780,
-      0xb6f458a2, 0x0850993e, 0x749f7564, 0xbaef0c18, 0x400ba579,
-      0x737c70f0, 0x2d742938, 0x21467ebf, 0xc5a8e2ec, 0x5337f453,
-      0x243a666e, 0xed0bd50a, 0xc991f1c7, 0xf4bd1f91, 0x3a7f3e90,
-      0x5f0e129b, 0x96089e8a, 0x07389635, 0xd0d3a177, 0x27182ac9,
-      0x9cf842d5, 0x0817c5c2, 0x21195299, 0x87255769, 0xa32f327e,
-      0x89c2d8fa, 0x056587ab },
-    { 0x1ce4733d, 0x008562ed, 0x98e51444, 0x5faff7cb, 0xa9ab46b9,
-      0x5f03021f, 0xb61a8c13, 0x89494c5e, 0x36b35976, 0x57c95036,
-      0x2ac2d2f6, 0x6be84c8f, 0x9bd2703e, 0x0e5b34d8, 0x7e872abb,
-      0xc4ad918f, 0xc4052ee1, 0xc2a89e9f, 0x3190b51e, 0xc2caee3f,
-      0x6fff254f, 0x58fd1437, 0x883e0972, 0x6f3c0d68, 0x0fb15438,
-      0x63d0a0e9, 0xf6caae00, 0xc438764b, 0x3f1d0f6c, 0x815f1565,
-      0xb86cdbde, 0x1b87f2ed },
-    { 0x2b0b15b1, 0x35792bbb, 0xce6ba779, 0xa3e4b5a7, 0xdd8f3779,
-      0xfbacffd9, 0xc298d1ef, 0x005450bd, 0xc47031c6, 0x0e3f5556,
-      0x95d68066, 0x0770f07a, 0x2d1052c2, 0xce3e84e0, 0x7aa8cc54,
-      0xb050791e, 0xba3223a3, 0x4d621e73, 0x39632990, 0x87b9b94d,
-      0x7eb8056d, 0x8df9cb47, 0xedfca0cc, 0xe2430de8, 0x9712a0ca,
-      0x374bf416, 0x88848a99, 0xbe3f3c77, 0xc4a3e59e, 0xb22b87b1,
-      0x3e95bc23, 0x8e0227c4 },
-    { 0x3210964d, 0x000e22a8, 0xff056eeb, 0xdccd5df5, 0xdaf1ead7,
-      0x02173a1f, 0x67cdcae3, 0xd02833e0, 0x8bdcc90c, 0x1cc574cb,
-      0x3224b4f5, 0x86eca714, 0xbb3f8298, 0xd00e603a, 0x0c1a8deb,
-      0xb98ece1b, 0x378c261d, 0x228a46e4, 0xa6165e5d, 0xc6f9dd0d,
-      0x4b7ef0e2, 0xb3ae3899, 0xbda9f306, 0x3a3c16b3, 0x38a084db,
-      0x5e9a26d3, 0x5394e950, 0x528e5993, 0x4ea206bc, 0x848ecb11,
-      0x40545d6e, 0x14b15ab5 },
-    { 0x664c59a2, 0x0f6d86c9, 0x60fd7aa5, 0x3dfe2be1, 0x9072cb8e,
-      0x33f9b569, 0x8176a7e0, 0x5f2325d9, 0x4587080b, 0x79a0d4e7,
-      0x0d5d4e05, 0xa4ee0def, 0xc87b28e1, 0xc0ad9ffa, 0x3f09b4ee,
-      0xd6f18d2f, 0x292e9d87, 0xcc896ae7, 0x6094763c, 0xca88953d,
-      0x18fbf9fa, 0xdbee97a8, 0x4b63d701, 0xdf20e0e9, 0x47ea722f,
-      0xcbba6e30, 0x612b571f, 0xce57e1ca, 0x009a55f5, 0x1e16ac76,
-      0xc4389e2e, 0x742bbed8 },
-    { 0xc1dc2c73, 0x23ea86dc, 0xc1643abf, 0x4bbbfd5b, 0x24d8ca1f,
-      0x07f8fa1f, 0x8cb5cac7, 0xde68a6e0, 0x54e66a7d, 0x7d54c64b,
-      0xa9b7ad78, 0x789dba22, 0xe364ab94, 0x4d88d540, 0x1f72e011,
-      0xc8c2e02d, 0x46e2a278, 0x4c826057, 0x4b187c7d, 0xe6c35bb3,
-      0xeb8fe0c9, 0xed8b3dfe, 0x7d11e415, 0xb6bc34e8, 0xb865c7f9,
-      0xb3908bbf, 0xe1ecc17c, 0x717d1ce6, 0xf7cdd69b, 0x151e3308,
-      0xb5c94124, 0x97bd5a14 },
-    { 0x81e82861, 0xe01c62fe, 0xdd42c40e, 0x703d4b6d, 0xe65e91e5,
-      0x7e52e55b, 0x5abbbfdd, 0xb8b49374, 0xc72a45f4, 0xb4f15f52,
-      0x550f29d8, 0xce8435a8, 0x582de75f, 0x9df76b9b, 0xa20c8b96,
-      0x52e84c5f, 0x0a8a0af4, 0xaf77d2d1, 0xca6013c3, 0x0389bbd8,
-      0x26f8305f, 0xb0d9b9ba, 0x0cec8b9a, 0xf053e848, 0xffabda18,
-      0x4d63367a, 0xa6424c2a, 0x50f53be4, 0x864fba2e, 0xf892c58c,
-      0x48cc5469, 0x317c6d31 },
-    { 0x2cb7d42b, 0x0c3525b0, 0x310facae, 0x55240bc9, 0xff20408f,
-      0x8d5d2022, 0xe0c10ea0, 0x6b01402f, 0x718eb23d, 0x7fbef68a,
-      0x41252a19, 0xa0146b5a, 0x110e0d6e, 0x59afce48, 0x022de181,
-      0xe9a1d27f, 0xdc3f49da, 0x6db96d16, 0xefbe4008, 0xfc1ae3f5,
-      0xeccbc11c, 0xf9d70641, 0x525f8636, 0x49022279, 0xc2763c30,
-      0x3769796a, 0x1d90630b, 0x9cc3483c, 0xee3d3f17, 0x451651f0,
-      0x9da0b8fd, 0x6ae59739 },
-    { 0xbff4d2ee, 0x57b13bc7, 0x30b173d8, 0x20754229, 0x0794936c,
-      0xb6254bd5, 0x5efd55be, 0x1d5f232a, 0x4e0c3389, 0xc06f4a85,
-      0x8e61f944, 0xcf2c5b59, 0xfd5f87b7, 0xc564861f, 0x5a2afa4c,
-      0xee261fb1, 0x2d97a774, 0xb0ff7226, 0xd6cf007a, 0x1a89ae22,
-      0xd346f214, 0x28880534, 0x97b6497e, 0x8fe73bff, 0xfa2afffc,
-      0x8a8595b2, 0xf151a726, 0x9ef9cf3e, 0xe744b82b, 0xa84ee5f1,
-      0xbc63fe72, 0x6649048d },
-    { 0x1e8b760d, 0x91b7bb78, 0x25aadaa0, 0xd47b0bd8, 0xfab5226f,
-      0x81493d9f, 0xbffc148e, 0x4a6dd226, 0xa29be3db, 0x5a032f8a,
-      0x34b0ab0b, 0x318dbc70, 0x7d654868, 0xdcccbfb5, 0x9c581e46,
-      0x8506ab37, 0x2830ece2, 0x09136a6e, 0xcf6c80c7, 0x48b79356,
-      0xef6b1e86, 0xfa176377, 0x83f0f1c9, 0x2c9c1cc1, 0x16abeddd,
-      0x96f0526d, 0xa93b0de4, 0x3e0e98e2, 0x0f13873a, 0x6f2d7ada,
-      0xf3fa49ec, 0x4eb93b5c },
-    { 0xe11fae32, 0xbd89f7e5, 0xc4023f51, 0xd13d74f5, 0x491c3f6f,
-      0x1b0014df, 0x555279b7, 0x1d849a57, 0x05ba0068, 0xbb9e8897,
-      0xc13ca2ca, 0x82222419, 0xfd33676f, 0xafbbb685, 0x75878a2a,
-      0x931c3f52, 0xef3d5173, 0x12aeefef, 0xbd8a6878, 0x189a5cc8,
-      0xd99f0c16, 0x82cffdb3, 0xa19d48b6, 0xbf565406, 0xe9c6c4e0,
-      0x5605e223, 0x86804172, 0x53e781de, 0xc7001cc8, 0xcdf5c90b,
-      0x7c043f68, 0x2b582d93 },
-    { 0x81abc2ae, 0xa1165c82, 0xe2b69eca, 0xa73380f5, 0x07fff66f,
-      0xc097b3d2, 0x54776506, 0x5d603826, 0xb57fa21c, 0xdcbac9f3,
-      0xc98dbdd5, 0x78750db4, 0xd9eff32a, 0x85e21103, 0x2f11c41c,
-      0xceed172c, 0x9e348c09, 0xa8e39264, 0x831eddfb, 0x71cb936b,
-      0xf50864a3, 0x915c3d06, 0xe93acfcd, 0xfe8e33cd, 0xb3f2f7aa,
-      0x4bee10d7, 0xeb7cee9a, 0xc1d8eb48, 0xfa574afd, 0x4fa49ce3,
-      0x862db4c0, 0x78615109 },
-    { 0x7ae72c21, 0x3fe3f480, 0xfd0f0da5, 0x631aa144, 0xf8c3a454,
-      0xc76ee1e8, 0x51b4f1ab, 0x379ae094, 0xd7cdbb24, 0x2a3a4397,
-      0x82bd5fcd, 0x7a14cffe, 0xf427ef5a, 0xbbe4ed12, 0x284d3ccf,
-      0x9b0a43ee, 0x8eec6e1e, 0x57b78b93, 0x67b8e87b, 0x18d404e4,
-      0x34374c20, 0x0c8adc05, 0x5428deb5, 0x64373605, 0xc3afa2cf,
-      0xb4d80ec0, 0x3aa956f9, 0x6d51f93c, 0x84161c68, 0x9f9a28ab,
-      0x6bc9c025, 0x540b6bb7 },
-    { 0x321d315d, 0x04e1734c, 0xd86e05d0, 0x4ef56612, 0xbba8cd81,
-      0xeafae145, 0xacdc789a, 0x1fb07a49, 0x5877570f, 0x6a21e9ad,
-      0xb9bc53de, 0x2e4a837e, 0x1d6298eb, 0x436db293, 0xea362f45,
-      0x43afbc78, 0xaabf6585, 0x2a973d97, 0x0c924d60, 0xdce7dabe,
-      0x7cadf0e9, 0xf69d98f0, 0x75020538, 0xe0b505a1, 0x4461cd29,
-      0x3db7d1a3, 0x5e20e818, 0xe1c28776, 0x52dd50f6, 0x2ca25867,
-      0x92e0388c, 0x897cab14 },
-    { 0x0d8bab8a, 0x59ed3813, 0xa438200a, 0xc11d364c, 0x40581415,
-      0x0687bf2c, 0x7ac89674, 0x86ad0d3a, 0xb97411a0, 0x44928105,
-      0xf383371c, 0x74984b11, 0x0d1a831e, 0x70d2ed84, 0x6c912fe0,
-      0xd883628b, 0x14fa88d2, 0x44f8f7fb, 0xcf0ac93e, 0x564f2a4d,
-      0xa6c24fa6, 0x82f629aa, 0xbf6cd949, 0xab906ba3, 0x20a5182d,
-      0x2c822e67, 0x30eb93a5, 0x2ff47dac, 0xfff673aa, 0xdc62c4a4,
-      0x476b0ec5, 0x64b00763 },
-    { 0xb3c9a404, 0x1e3f533e, 0xb7ef9952, 0xb1db7f73, 0x6c253693,
-      0xc7f13e29, 0x0738eed4, 0x7ce7f4c4, 0xce26cad0, 0xccfd3b33,
-      0x01ec5cf1, 0xd8784935, 0xdc084e01, 0x3f8fc09d, 0xc39b5acf,
-      0x217cab32, 0x9ef5551c, 0x42daf0bb, 0xe1217a95, 0xfbc76f56,
-      0xc237002a, 0x80178b12, 0xb070a293, 0x0b52c39f, 0x576ca964,
-      0xe3925153, 0x19d68e36, 0x25559424, 0x09e50e84, 0x291fb82c,
-      0x6618ed8c, 0x7dd22ea6 },
-    { 0x49cbb3bf, 0x7ffe844b, 0x5562fb25, 0xde0cc704, 0x9f5a845a,
-      0x1e6ee537, 0xe51277fc, 0x956d7f26, 0x30635718, 0x2c75d4b9,
-      0x96957f34, 0x39a14892, 0x82e5742b, 0x8cf4eb32, 0x83247b72,
-      0x6b0d3ddd, 0x201a4237, 0x67a9f633, 0x1414a485, 0x416403c1,
-      0xb6f6a916, 0x60afd447, 0xdac6f790, 0x95f94930, 0xbd3b9d82,
-      0x685ff94b, 0x51cadf0f, 0x5c8f98fc, 0xb13b7489, 0x9559c88a,
-      0x5f18fcc8, 0x31377c66 },
-    { 0x7dcfb35f, 0x35c5de09, 0x01cc36f8, 0x2dccca9f, 0x7576cb63,
-      0x7e93e85d, 0xf7b4b375, 0x0c2dd48a, 0xb09a19b5, 0x9d95cd4f,
-      0x71bfe607, 0x752ed159, 0x2596dad2, 0x439880cf, 0x69e90a6f,
-      0xe52efb53, 0x03d3e60a, 0x44097663, 0xa95070e0, 0xfcf364fa,
-      0x05624dd2, 0xd8f993b6, 0x00d5e467, 0xb35a9824, 0x0c8f4524,
-      0xe289d024, 0x648a0179, 0xef45423c, 0x587edabd, 0x3a5fd695,
-      0xa11e5271, 0x3dacc50c },
-    { 0x6499ae4c, 0xcb3e4f94, 0x7053c527, 0xa46dcbe1, 0xbe782e8a,
-      0x807f5ce9, 0xd8481e45, 0xb6c64d28, 0xaa286fd0, 0xf35e4518,
-      0xdf1cdb49, 0xf7b7b9ba, 0xaec23eaf, 0xf3fb6210, 0xb9bfd2fb,
-      0x0a9ba385, 0x8807f3a0, 0xe51a0d53, 0xb17b2842, 0x7ab24404,
-      0xf9dd9f0a, 0x6fd57687, 0xf3e9df64, 0xcd1efdb4, 0x60df194d,
-      0x5dd2df7a, 0xe069df05, 0xbed3f2c3, 0x23248a31, 0x469b7561,
-      0x694744f7, 0x866949e1 },
-    { 0x3f4ab07a, 0x3a9a0da5, 0xf54a6fbf, 0x2cd6f333, 0xb23cf290,
-      0x0c92e921, 0x848e3d58, 0xc9581c3e, 0xd3b218ab, 0x93af1fbd,
-      0x066cb4d7, 0x38598ea1, 0x990c03a0, 0x5001394e, 0x7d0877b5,
-      0x3b664b1e, 0xd74c7091, 0xd79db1bb, 0x4e2d5dd0, 0x852d4435,
-      0x3329db82, 0x0d2b841b, 0x7b96d480, 0xfa844eb0, 0xc295dc46,
-      0x37a50569, 0x94f7ec4e, 0xc2d38373, 0x5b083177, 0xdc3884ff,
-      0x8b1fa598, 0x574352b8 },
-    { 0x0d5d7ce9, 0xed2193f7, 0x0b487eaf, 0x3c19fd26, 0x7be65fd0,
-      0x7c44ab59, 0x78270d56, 0xdd9da860, 0xbaa70198, 0x8a84ec00,
-      0x285985df, 0x2ec27e49, 0xde2028d8, 0x996ccaf0, 0x61c2201d,
-      0x4e7648c7, 0x091c19eb, 0xa96335bc, 0xf0d6782b, 0x253a3a69,
-      0xd2946493, 0x3f204340, 0x099f6873, 0x444521a1, 0x6996011a,
-      0x5fcbcc09, 0xf853a94e, 0x3884d5d8, 0xd3b6a3a1, 0x2418c624,
-      0x06ae3c4f, 0x3e431af2 },
-    { 0x83d381f1, 0xf967d939, 0xd0c033c3, 0x36501aae, 0x54410768,
-      0xbf3af4d0, 0x5093a6d3, 0xa86d1598, 0xd92f2900, 0x43ae0741,
-      0x36f0b755, 0xfeb2afa6, 0xaa456d6f, 0xd090a6a3, 0xaefdb646,
-      0x336a4fda, 0x1a942f7d, 0xfd1bfe44, 0x851ee41e, 0x7fc2a3ed,
-      0x11e935c5, 0x4f1c9686, 0x53bbb343, 0xcd577666, 0xad896c2a,
-      0xf26931ba, 0x86bbfa41, 0x8a0fbbd1, 0xa203cef1, 0x1c3d7d82,
-      0xe2664d35, 0x6dad3f15 },
-    { 0x12ec35a1, 0xd1940b7d, 0xe7dfb128, 0x6219c5b6, 0xf13321d5,
-      0x2cc278c6, 0x33c58eb6, 0x5e76904a, 0xd9903c43, 0x15090f55,
-      0xc3d96a19, 0x061bc926, 0x8c0acba7, 0x974a9f03, 0x7198b21b,
-      0x7a414021, 0xf8958c6f, 0xb069599d, 0xbebd0129, 0x517f2f1d,
-      0xdf3a8dc3, 0x1109a613, 0x672375c5, 0x08e58448, 0x9383d2d3,
-      0x56590ba4, 0x0bff837c, 0xfc3ee7c6, 0x27d2d55f, 0xc87a5390,
-      0x5f517a3f, 0x2438e9d4 },
-    { 0x8815af3c, 0xc4a45308, 0xf3c9bed5, 0xe55f1a32, 0x97b65ddf,
-      0xaef1cdc9, 0x12e51eb5, 0x61c61d94, 0xe63f2490, 0xbd0dac54,
-      0xd0b3e231, 0x6f14429c, 0xf1da6010, 0xf737c3c2, 0x6bbc4fb1,
-      0x7150e04b, 0x1be281cb, 0x205b4c89, 0xd7701f5b, 0xf1b4633c,
-      0x2a513490, 0x8b33ef46, 0x68f1f7f2, 0xddb47c73, 0xbd416b67,
-      0xf4ada511, 0xff795bb3, 0x9d2a97cd, 0x96200e67, 0x00a8b7b2,
-      0xafe30e01, 0x13f39011 },
-    { 0x7bd0c827, 0x3dd296ef, 0x4a29ff46, 0x506110f3, 0x1c9a515a,
-      0xf8793068, 0x268bca77, 0xde8d8045, 0x998045df, 0xcbb83024,
-      0x68c0e584, 0x3f90d710, 0x263b6062, 0x2a838ca8, 0x535c5d0b,
-      0x293bb5e7, 0x56415110, 0xceea99d5, 0x1bbda005, 0xfe311ad0,
-      0xa4d8d018, 0x2497e0bf, 0x1cf2b866, 0x33dd77a0, 0xd8c4ba8b,
-      0xbc075b73, 0x722b7bc9, 0x298466d4, 0xcbda1b0b, 0x17a7ce24,
-      0x680703b6, 0x458d4b6b },
-    { 0x4d54d8b2, 0x8a26a20e, 0x4d320a0d, 0x05a5696e, 0xf994f700,
-      0x698b5858, 0x2f6549a8, 0x7a4adc3c, 0x3694d00d, 0x1812e819,
-      0x730402bd, 0x46b9b000, 0xa1b36410, 0xe10a1449, 0x99230220,
-      0xeae95ea5, 0x1b4820c3, 0x3efc2e9b, 0x85c9eb8a, 0xfe5b5cb5,
-      0x97847064, 0x21ae0319, 0x8f27d49f, 0x68ef0b70, 0x2f72556b,
-      0x3259ef18, 0x624db01a, 0x00ae0457, 0x5668f95c, 0x628e3b06,
-      0xb6fbbf91, 0x5f13f5fa },
-    { 0x3a9b0dc6, 0x7c6ed9ae, 0x6f883ec8, 0xaea1bde9, 0xea8b3677,
-      0xea66bf88, 0x9a66e3ab, 0xdefa6abc, 0x68217ffd, 0xc4d3317b,
-      0x290df05c, 0xf741c8f2, 0x7d11674e, 0x1f0fdf17, 0xc35989ca,
-      0xfdf0ece7, 0x6b9c482d, 0x0eed92df, 0x55bf1ca7, 0x73713e66,
-      0x25cec99c, 0x90acb290, 0xe803e69c, 0x37c9e3a2, 0x17713a1a,
-      0x7c0a3c53, 0x6f5a174d, 0x350dc565, 0x05f802f6, 0x11625a44,
-      0xa37ba4a2, 0x2196495d },
-    { 0x13142680, 0x00cb2fd3, 0x65d14cf4, 0xab9e91d7, 0xdfe2669e,
-      0xc6a0ceab, 0x0ae22bc5, 0xbeefce58, 0xcb6ec250, 0x3c2b7986,
-      0xd738f1ff, 0x84adb1a2, 0x516ec8ec, 0x9709bc28, 0x8e8f7db5,
-      0xf3693129, 0x95b197f9, 0xc48efc6b, 0x9aaaa404, 0x9ff10952,
-      0x144154b0, 0x2c3c8cbd, 0x427f3435, 0x33ef7bc3, 0xd21897c1,
-      0x04a17940, 0x6ce548a0, 0x5aa0c47d, 0x3d56fa62, 0x2971cea7,
-      0x04475f08, 0x93ad0eb0 },
-    { 0x988a9963, 0x7a0b6967, 0x6515e8dd, 0x61e477f7, 0x3b6b50f2,
-      0x6274e386, 0xd33922de, 0x63a9b8d5, 0x687a5b3d, 0x3c38d3fb,
-      0x1302e323, 0x18f6f09c, 0xe02fcccf, 0x254c05c3, 0x26e662f7,
-      0xc04ed0b7, 0x143fe079, 0x1d5646b8, 0xc9016c8c, 0xef8a9448,
-      0xf823d797, 0xe5674c4b, 0xbccde451, 0x0586f72f, 0x4417eade,
-      0xc5fc88d5, 0x576e588d, 0x2b952209, 0x5844d1f9, 0x4408dd42,
-      0xea41c034, 0x73f8c3f0 },
-    { 0x5df763dd, 0x89534fc8, 0x3ac71836, 0x3b1427f3, 0x6e8f15a0,
-      0x0db5be17, 0xcb20888e, 0x1d390944, 0x857caea6, 0x7804c9ad,
-      0x519f7bf3, 0xaa584428, 0x293aa8cf, 0x626eecf1, 0xea36a015,
-      0x749e0d98, 0x3321edcd, 0xefff6dae, 0x28b791cc, 0x963deea6,
-      0x2d16e361, 0xa14e0552, 0xb15ae206, 0xa2e058fc, 0xfca325e4,
-      0x0f268745, 0x21341a8a, 0x7cf9d407, 0x7caa51b8, 0xdfed25d9,
-      0xadbedd75, 0x0108ae39 },
-    { 0xa9e88f63, 0x54d178f3, 0xab0c7325, 0xaa05b11e, 0xe261d8a6,
-      0x773a53e6, 0x8d0b91c8, 0x24db7dae, 0xe9bb004d, 0xde10b073,
-      0x54e3090b, 0xfc8befe7, 0x0cc69c89, 0x16af0599, 0x9d59511a,
-      0xddc83803, 0x46c5dafc, 0xc3f65b99, 0x1ee0a599, 0xfbbe4be8,
-      0xfb3a9b17, 0x88891e36, 0x445dad00, 0x0c9aad75, 0xd5097e1f,
-      0xdffc46ab, 0xac85a4e1, 0x8848089b, 0xa0c45233, 0x348bb42f,
-      0xeb13c1df, 0x807c06d8 },
-    { 0x98ee0ef6, 0x00a969ec, 0x8bb7b7af, 0xba9d5483, 0xa02f8fdb,
-      0x24484c92, 0x8b70557c, 0x7bdb201a, 0x60ad1af2, 0xe59343e4,
-      0x998c95fb, 0x53a9a942, 0xda861d3b, 0x974db3de, 0xed399c0e,
-      0xce1525c9, 0xf72109bd, 0x89b56881, 0x998211a4, 0x08ff7d15,
-      0xef0f275a, 0x5df76b3a, 0xfa2f358b, 0x93f180f7, 0xc39b0634,
-      0xaac4ffcf, 0x17583b53, 0x2692c626, 0xb55399fc, 0xb2fdfa36,
-      0x99607a61, 0x16424c6c },
-    { 0xdd2744a9, 0x5dd65c55, 0xfe3af418, 0x2544c1c2, 0xefe8b089,
-      0x32c82e99, 0xa9df691a, 0x30b7ab25, 0x9be99674, 0x98384550,
-      0xcaf2d122, 0xbcecd258, 0xbcc77272, 0x88ae4098, 0x4b8efa0c,
-      0xd4396141, 0xed64d12c, 0x44ff67b9, 0x2e7f3404, 0xa9e655e4,
-      0x45b0e9eb, 0x3d16fc45, 0xf03ded28, 0x474a3e14, 0xacccb85c,
-      0xa3c9adff, 0x7253a51b, 0x3dfe6bc1, 0xfb5831b1, 0xdddaf4b9,
-      0xa4f4478a, 0x5544e602 },
-    { 0xbaa80b4f, 0x897c5313, 0x63bdc8ef, 0x0122716f, 0x7b42c5a8,
-      0xae2742db, 0x0883308c, 0xe9d9e1e9, 0x2d341ab1, 0x352c8c3f,
-      0xed945870, 0x163d0500, 0xc290d9d8, 0x8349dd73, 0x1f6c7d29,
-      0x2053c5e0, 0xcb42033c, 0x83107446, 0x09d09af1, 0x76c88bd2,
-      0xb2794681, 0xd0f70e6e, 0x19b1b540, 0x720b59de, 0x22994b43,
-      0x80b7ecdc, 0x2dec53cf, 0xc1a4cdce, 0x1ed60f42, 0xdd7d3edd,
-      0xe241d261, 0x5735995c },
-    { 0xa0237056, 0xdc4ba3fb, 0x33ab3388, 0x6856c164, 0x271ec612,
-      0xc01eebbd, 0xe3031bec, 0xabdeb033, 0x6118a1f5, 0x4eee4419,
-      0x5b600f33, 0xec497421, 0x08868773, 0x1b7185cf, 0x7c1b7dfd,
-      0x7b0c46cd, 0x4a4c5e89, 0xd143b2da, 0xbb1ff94d, 0xdb9a5984,
-      0xc9cf3465, 0xac3904e4, 0xeace64c9, 0xf8729bc0, 0x768ad99a,
-      0x5cc22821, 0x8a9540c2, 0xbbd3b081, 0x049a6917, 0xe468ed5f,
-      0x3ec45ef0, 0x885486df },
-    { 0x4bdff464, 0x6a942c93, 0x25a7b451, 0x3db2719f, 0x325be324,
-      0xccb0070b, 0x19fe3339, 0x2055a31b, 0x241ee8ff, 0xaca69ae8,
-      0x55ef8def, 0x7607dd08, 0x1a1b73c6, 0x9e24960f, 0x71d36810,
-      0xbcb0e8a2, 0x6885e6b9, 0x29e11aa2, 0x185eae19, 0x98b5d0ab,
-      0x0f81f91c, 0x1a0b96e4, 0x994fc503, 0x4d0e8bcf, 0xf119d6e0,
-      0x33d81697, 0xaaa4ce0c, 0x29083287, 0xc91ff9d7, 0xc5dd4d3e,
-      0xd4ab962d, 0x31cecfe8 },
-    { 0xfc8b21e8, 0x437bfd9a, 0xb19436df, 0xe5dd32b3, 0x921c36a0,
-      0xfe5902d4, 0xa3d0fa90, 0x8e9de84d, 0x5bb523bd, 0x9663e6ad,
-      0xaecd6975, 0x9800a23f, 0xb4fbb59c, 0x1009c0d9, 0xc9d20ff1,
-      0x839aa7bd, 0xecd6fa3d, 0xf502f66d, 0xc5516ca9, 0x480ed4fb,
-      0x6c742ac4, 0x65ffa5f6, 0xff3252f8, 0x2b7c7945, 0x75d9cb3d,
-      0x72fefc05, 0xd6d6f1d2, 0x11b0863b, 0x9a6a4ec3, 0x5d8f3cf0,
-      0xda2547b3, 0x6961b46a },
-    { 0xcb35e2ac, 0xd07b587e, 0x57af14d9, 0x1ed5546b, 0xdb28a04c,
-      0xeca17a5b, 0x709d54f0, 0xa1f91d44, 0x9c6f400e, 0xa6e719fd,
-      0xfb8ce190, 0x4e4b88ed, 0x246e3fd2, 0xf9781edd, 0xb655af5d,
-      0xd67120e6, 0x93413ca7, 0xda782d1d, 0x9707fa21, 0x697e20a2,
-      0x54e84123, 0x1eb51f32, 0x36051f9f, 0x2e254d9e, 0x73ce5be9,
-      0xddaec42b, 0xcd3f794f, 0x89a9a32e, 0x0781aad9, 0x1964e22f,
-      0x53755212, 0x6a63a90c },
-    { 0x3d7acbbb, 0x76554e00, 0xb74f6108, 0x2c01668a, 0x388c519b,
-      0xe4a29672, 0x3eb94d4f, 0x01667714, 0x0cd6d2f6, 0x086a3cdf,
-      0x7b370f7f, 0xf8658021, 0x5a4d3e7c, 0x658880c1, 0x5ba3f4a1,
-      0xd6ed5816, 0x5ca471dd, 0xabcc7813, 0xe844a576, 0x809bf074,
-      0x6ea502ea, 0xa53a81b3, 0x0e021ed3, 0xc20b9307, 0x8617f165,
-      0x8c27f892, 0x8235cd0b, 0xa5476446, 0x82552961, 0xffc89ffd,
-      0xd151d90e, 0x51ed4a22 },
-    { 0x449701b4, 0x37d6963a, 0xbb27caf2, 0xea8d91a3, 0xb572965f,
-      0x3ef9be15, 0xdb50bf7d, 0x75a7a055, 0xce643b9b, 0xfd67480e,
-      0x6ceb5d5e, 0xf2a60d2d, 0x5ed7c897, 0x68fc320c, 0x28ce685f,
-      0x41c53cf6, 0x7106615e, 0x0e29711f, 0x23500ecc, 0x7a872138,
-      0x6c29fe48, 0xaf0a9260, 0xe1ef9712, 0x93df3f2a, 0xd2d169bf,
-      0x0d5f6fb1, 0x74a9793c, 0xeb7afe26, 0xe9f49256, 0x4173d94a,
-      0x2b8b5ce5, 0x2d6951bc },
-    { 0x904e222e, 0xdd007d9f, 0x86f4e109, 0x333f248f, 0x8f429eee,
-      0xd4994e8b, 0xcfc77518, 0x29573415, 0x0b0f42f1, 0x6e7fea3a,
-      0xc2743519, 0xc795cb7d, 0x711e71a0, 0x820a8f66, 0x2b874f55,
-      0x83d95d9c, 0xe70e1627, 0xd4b64d78, 0x8b92a742, 0x924353f5,
-      0x447b5e6d, 0x322048b1, 0xbcf931a0, 0x0bad730c, 0xa7af2268,
-      0x75c4d089, 0xb83b93f9, 0x464904c1, 0x165b3aee, 0xa24eba02,
-      0xe08cc5f0, 0x65c48e78 },
-    { 0xde222c22, 0x1a1c73ce, 0xfcea23b4, 0x5683d8cd, 0xb2143b06,
-      0x0301cb14, 0x59fcec77, 0x284adf8f, 0x31204cef, 0xfb1c581c,
-      0x94735107, 0xf54d3eee, 0x4d3188c0, 0xdbf67f0b, 0x10f18d12,
-      0x76a3f2d1, 0x07d3e013, 0x3809fa28, 0x25e7ece0, 0xf06f0a46,
-      0xb2895d2e, 0xd82867ed, 0x08b0553a, 0xe106f489, 0xef245445,
-      0xe2280fa6, 0xa8d9a3cb, 0x402d5785, 0xd438ba2d, 0xf63dd9ff,
-      0x7a6b226f, 0x36b5cd2c },
-    { 0x545679a7, 0x87ff4e20, 0x4520c750, 0x64d80b41, 0x9b459cd8,
-      0x90a357fa, 0xc85af1a3, 0xa19eaf39, 0x8d935a5e, 0x0d475d79,
-      0x781a678a, 0x74501983, 0x0cc2e810, 0x74839779, 0x2f412244,
-      0xc6a21d11, 0x36a51a37, 0x8d0e85f9, 0xeaa74df8, 0xff50151e,
-      0x93cf99c4, 0x14e182a7, 0x376a9ab6, 0x45593df1, 0x522389ff,
-      0x18f73caf, 0xf7445e8a, 0xd27cc960, 0x39a51dc8, 0x0692f4c5,
-      0xdb39bfd8, 0x08d7c144 },
-    { 0x3ecca773, 0x809c0d96, 0xd48c2156, 0x87ea9192, 0xdb6bd641,
-      0xf0eccd74, 0x2a678cdf, 0x77312374, 0xd1587b7e, 0x7a966d8b,
-      0x6130a4c6, 0xf3c1a101, 0x5fce17bd, 0x7cc6e838, 0xa8de7aa4,
-      0x95e95bb8, 0x898308e3, 0x3fe1e8b5, 0xe347694a, 0x0197243e,
-      0xbb0cd2bf, 0xf3fe9c42, 0x0f9b2b49, 0xb5905264, 0xc7367d1f,
-      0x4c385e8b, 0xb5ee147b, 0x1d3050ae, 0x04004ad9, 0x8e2c3879,
-      0xbab70202, 0x5f2aa8ee },
-    { 0x1266524b, 0xe208d464, 0xd0a19f66, 0xb7bf3880, 0xda106ebf,
-      0xa5aa685e, 0xe642dd46, 0x0a69e8d3, 0xc682e4d6, 0xef349c61,
-      0x0fcb534c, 0x26f6ee3b, 0x05eb67b8, 0x7daba127, 0x18be05f6,
-      0x2babb27e, 0x8e2d85d1, 0x959afcba, 0xe2d9d386, 0xedcf2d1a,
-      0x1ea6f06e, 0x59dc52e6, 0x866e5ae8, 0xc28278b4, 0x02bcd3c7,
-      0xd9ff0340, 0x784be82f, 0xe884ac76, 0x83c9f224, 0xa3164980,
-      0xb46ff949, 0x62501a98 },
-    { 0xad264086, 0x563f7d9a, 0xa5e0e4bd, 0xca6a33db, 0x8c8d3d67,
-      0xe8253002, 0x46e64b19, 0xa288dac8, 0x20aa4536, 0xfa3c9197,
-      0xed553eac, 0x8130c9b0, 0x2ea8abd3, 0x622806e0, 0xceccfe77,
-      0x52fbf54d, 0x4f0d1b70, 0xbd9a8e31, 0xd59b1741, 0x519d2133,
-      0x9a6fea8a, 0xfd74101c, 0xb5c4eb10, 0xd1acf7a0, 0x91f9da5e,
-      0x78499b73, 0xc0dea586, 0xabaa4c49, 0xa1f3531a, 0xcc9c5f73,
-      0xfd3fc665, 0x497b15fe },
-    { 0xf45568e9, 0x8a56cbaa, 0xc7192a6f, 0xf491a0fe, 0x9ab2539a,
-      0xdbb03dd3, 0x4ac37da9, 0xc86522f8, 0x02a0f5b4, 0x8c8cdba2,
-      0xa29c539f, 0x8109fc75, 0xca90f02e, 0x9cd06d31, 0x3e216dbf,
-      0x8f31f044, 0xba3ebd91, 0x99aa68ac, 0x42c007f4, 0x2a80d0d2,
-      0x86a9b7ce, 0xdd8dffbf, 0xd6308edc, 0x405d3e84, 0x068012ca,
-      0xdafa33fe, 0xedea1071, 0xc2eebd13, 0x2ff637e6, 0xb7ae7e5c,
-      0x9e514cb7, 0x18d46a6c },
-    { 0xa78b7802, 0x868cbb22, 0x497cbaf4, 0x0745ddb2, 0x42ae8add,
-      0xc4eb2f3e, 0xb4ceb4e4, 0xac0abcda, 0xa325fd40, 0x2e0d8325,
-      0x13ac7345, 0x6cfe0571, 0xb14171b9, 0x7407a788, 0x6da7a52b,
-      0x70eb0603, 0xd85176ac, 0xab0b36f9, 0x7c2954f3, 0x14109d29,
-      0xdcd705ad, 0x370de9c8, 0x7bb5e751, 0x3f0db5cd, 0xa06e708c,
-      0x45f93d41, 0x7e93050d, 0x10d54f8a, 0x5a38fef9, 0x69e6f8e4,
-      0xd3f62e40, 0x55044601 },
-    { 0x06cb9cc9, 0xd1c5c910, 0x41d00014, 0x542074d7, 0x11236fb8,
-      0x7cd8663e, 0x29ad5f82, 0x39721ffe, 0x2951fc83, 0x1d21fbfa,
-      0x400d144f, 0x1cde06e7, 0x91792e6b, 0x9042596b, 0x29ad5166,
-      0x3365c8e5, 0x9aeefe98, 0xe2220e85, 0x70c2aee3, 0xbcb53189,
-      0x9ff100bc, 0x477ca3db, 0xf532973f, 0x27074176, 0x9a2bd01b,
-      0xa12118ac, 0x3dd79f93, 0xf3425209, 0xc6f5d7db, 0x563a8ff7,
-      0xd7b0ec4f, 0x0da313fc },
-    { 0x15aa2557, 0x37125a8c, 0x00893e9c, 0xca21d70c, 0x67b8a823,
-      0x48713994, 0x7cb0042a, 0x0d3e9a74, 0xc9e2ce18, 0x2d2bf4ff,
-      0x049aeac2, 0xd5531a0d, 0xf03d0660, 0x4d29a616, 0x1f1b7f00,
-      0x473d50d6, 0xca3de50c, 0x3af0ecbb, 0x09c28f27, 0xe2959bea,
-      0xf8704664, 0x6d7c2ea0, 0x731083ef, 0xadfae4e1, 0x941c2554,
-      0x50940c26, 0xa1162d03, 0x44167410, 0x1e82290e, 0x620230d8,
-      0xdb414acc, 0x63630be8 },
-    { 0x8a7d2e41, 0xbf8d5222, 0xeb62f879, 0x49e75823, 0x6c402d89,
-      0x1b4d33dd, 0xde2c59ad, 0x883e04d6, 0x49b9dc38, 0xbf3f38f4,
-      0xb4b70c4c, 0x9d997d18, 0x13cea045, 0x1f69b20c, 0x58e2606d,
-      0xca3d7025, 0x261d1b79, 0x3d4fd977, 0x5a1436fa, 0x56aeafa8,
-      0xbb443c07, 0x369b3e98, 0xe558f6be, 0xfce5186c, 0xf8ac8f89,
-      0xeb0cd478, 0xd5e5aa72, 0x68074f37, 0x68544eb0, 0x295845c0,
-      0xf16688ed, 0x306a9871 },
-    { 0x634ec136, 0xbc451e9d, 0x0e6f658f, 0x1edf27ca, 0xc0db4120,
-      0xa9be0152, 0xc5bfee67, 0x87b6ef20, 0x9a2d6023, 0x35283238,
-      0xc7afb899, 0x60e564d8, 0x0ac9c2de, 0x4af22bc0, 0x82a9d22b,
-      0x28e6f631, 0xf532701b, 0xc075c701, 0x82075f91, 0xf6d418f8,
-      0x1beaa511, 0xf9fa628d, 0x6e72a13d, 0x551e7a17, 0x77f4c01c,
-      0x9306215b, 0x93c9d588, 0x71aba731, 0x58e57cd4, 0x6443ebe0,
-      0xe8103e37, 0x2833ac41 },
-    { 0x8da5ec5c, 0x7e564b86, 0x1c08db24, 0xac3d9da8, 0x8c57a728,
-      0x9d7c1f0b, 0x9d343dc2, 0x3512afe7, 0xfdc60339, 0xb438e4cf,
-      0xdcfa1941, 0x7d5a2700, 0x27320449, 0xd5f323f8, 0x1393c6e6,
-      0x1b87a58e, 0x04baa431, 0xecb68bd1, 0x4722b4d7, 0xc09c1c5a,
-      0x206b5faa, 0xf42faa97, 0x9976327e, 0xe1dcbcd6, 0x087787d9,
-      0x655ba9e4, 0xde5c0191, 0xbd59c757, 0x0bcf3538, 0x673020ed,
-      0xa49d6303, 0x120cd454 },
-    { 0xcab0f9ee, 0xebfdb8f4, 0x2cce58ee, 0xbc003ef0, 0x5a8d0665,
-      0x9b6a6841, 0x9b957774, 0x642ed3a6, 0x4721ab5c, 0x3de487f0,
-      0x21a4f0d3, 0xef2ff380, 0x29dbddcd, 0xbd16f558, 0x0e93dff2,
-      0x2ef05b4b, 0x0bc9aec1, 0xde1faa12, 0xd467fa92, 0x66dae2c2,
-      0x5eb33e34, 0x758daf64, 0x8f0103cb, 0xa67ad9f6, 0x9be02430,
-      0x151f693a, 0xeb4054bc, 0xd5698496, 0x7019336e, 0x8ef1677e,
-      0x7fdeea3e, 0x021cfd16 },
-    { 0xdf5c36f3, 0x5c73715f, 0xd64ad254, 0x703bde37, 0xf2cf7713,
-      0x55368d10, 0x0f3993c8, 0x1e5ec7b7, 0x304ae4ca, 0xfdb16776,
-      0x3d3bb18b, 0x0d8f717e, 0x66343d5a, 0x5267073f, 0x156008b5,
-      0xfaeb52ef, 0x224a470f, 0xb97ad5f9, 0xed2ab51a, 0xaf86e391,
-      0x9974302c, 0xdc0c7e57, 0xfd0ae28a, 0xc88fa817, 0xbf8ed59c,
-      0x807c22df, 0xeb128bb6, 0x5dedc231, 0xa20595a3, 0x71edcd9c,
-      0xc73cf78e, 0x07265b46 },
-    { 0xbd66232f, 0x73dd99f0, 0xc4027716, 0xc59aaf89, 0x5b860fc4,
-      0xaf826dfa, 0x7a943f3b, 0x239ea8aa, 0x523c428d, 0x0e0e1b1a,
-      0x6973b95a, 0x55ea0e3a, 0x2557753b, 0xea399caa, 0x06957b1f,
-      0xf8adf72f, 0x3bd34302, 0x0389f341, 0xf8a43a97, 0x333f27d0,
-      0xadaf796f, 0xcd9c0c08, 0x49c12aa2, 0x6dcca49b, 0x7a0ac6e9,
-      0xdd88deee, 0x0644080e, 0x8f47575d, 0x0cc2f4bd, 0x6e9d667d,
-      0x31d1496c, 0x36c5754b },
-    { 0xf323d84b, 0x9120046e, 0x7e789c4f, 0xa6991122, 0x921b8055,
-      0x4b0eaf4e, 0x8079974e, 0x6339844a, 0x740f8c79, 0xc905466a,
-      0xcd6def49, 0x1c18d0f7, 0x4b23e4ba, 0x5297da6b, 0xc41800c5,
-      0x1c09dff3, 0x37ef6777, 0x6c49075b, 0x50513ded, 0xa94c3a40,
-      0x6b0b1705, 0x3d6742e9, 0xc48af5ae, 0xc0784494, 0xc95822de,
-      0x40c01532, 0xc164d94f, 0xa2ddade5, 0xa2975eb5, 0xfc8a8ac9,
-      0x1946944e, 0x06fbf861 },
-    { 0x3f45aa97, 0x2d65338e, 0x1d040feb, 0xd83b58c8, 0x0fdef8b9,
-      0x05fef59b, 0xe4d7417c, 0x7beb071a, 0xb30a1a23, 0x982b61f5,
-      0xfb65bd03, 0x4c5f2a2a, 0x5cbf6bf3, 0xe40abc9d, 0xf06612a5,
-      0x422c326d, 0x9571ae28, 0xc921e69d, 0x23d3434e, 0x7c88b10b,
-      0x9da07933, 0x96d2e957, 0x3619cf4d, 0x833d46a1, 0xd95eefa1,
-      0xd9d19653, 0xa03e8f0e, 0x2a7d8411, 0x04bb5ab1, 0x5e642953,
-      0x1f0fa9ea, 0x5e9ca0fd },
-    { 0x197c5dc4, 0x5bd54571, 0xe78a95a2, 0xe2da40bf, 0xffdb0eb2,
-      0x65fb9efc, 0x0d17467c, 0xe952dc2c, 0xc758c6a3, 0xc1fc9c7b,
-      0xd4034a9a, 0xfc79562c, 0x61f64b56, 0x26e36fbe, 0x1e84728b,
-      0x6adc4b9e, 0xa8f9ac8a, 0x7f165fd3, 0x03e3e013, 0x7bc93a45,
-      0x656478e3, 0xeacc5513, 0x064ddc77, 0xd3391717, 0x76936914,
-      0x75b318dc, 0x362424a6, 0x69b1f1c7, 0x49955f34, 0x8cc2045b,
-      0xc6836af8, 0x940622b3 },
-    { 0x0d997973, 0x4710ccb7, 0xd3f8f115, 0x3b29625d, 0x5b97abd5,
-      0x8cf0c4d5, 0x673e14a5, 0xc6321e0a, 0x3d262246, 0x0541af9d,
-      0x6fc83b11, 0xde6d8754, 0xf01652a4, 0x47e97da8, 0xad9802b6,
-      0x0f82b3a6, 0xae9c44b2, 0x69aa4075, 0xced2bf77, 0xaf3f5de2,
-      0x497a40da, 0x1ef1ea8a, 0x3c23ba9c, 0x2e0f8608, 0xf190a2c8,
-      0xd8a998a4, 0xcfde3368, 0xe2b49c8c, 0xbde6bd71, 0xb9f49824,
-      0x785bedb6, 0x80bb1664 },
-    { 0xfd145cb5, 0x05e575fe, 0xac5e6883, 0x155ee561, 0x8793b273,
-      0x461e70cf, 0x133b2338, 0x9f1553de, 0xa2a7ba07, 0x2fb9e0c3,
-      0x3e7086fa, 0xc3bfd6a8, 0x8bb4cb93, 0xb6ba8500, 0x76f82dbd,
-      0x0b66d789, 0x54eb49ff, 0x7d5a6ff6, 0x1f20b322, 0xcd65d237,
-      0x54e29cdc, 0x79ea49c2, 0xcb118ff9, 0x64975963, 0xcc58000b,
-      0x969598dd, 0x110c779c, 0x95107918, 0x63b85a35, 0xedfc1548,
-      0x41212350, 0x077ba5ea },
-    { 0xcdd86f61, 0x0b3a38d3, 0x0502a0ab, 0x43121445, 0x806d0272,
-      0x1912edc5, 0x8a32f10f, 0x01dc1f98, 0x0e80c760, 0xbb1d31d1,
-      0xf464e8b3, 0xd46ec7e5, 0x9abf49ee, 0xd569af36, 0x2cdade77,
-      0x9d286ea7, 0x45ad5920, 0x2be7020d, 0x6299ae7f, 0xabe5236e,
-      0xd3f55c07, 0xc93179bd, 0x52350e80, 0x8138995a, 0xaff07586,
-      0x0901265c, 0xf4739653, 0x5b3c81b2, 0x9bc77d21, 0xbaf7581d,
-      0x4591a2e2, 0x6b2006df },
-    { 0x965b1bc1, 0xb2fe50a8, 0x962bb4fd, 0x931f536a, 0x000e7f99,
-      0xd5718d33, 0x53d5125e, 0x84728f25, 0xd2125caf, 0x4f8a6184,
-      0x357f679e, 0x54f1a701, 0x1531c05a, 0x70a9f40c, 0x6fa8b775,
-      0x10d0cb97, 0x9dc12ce9, 0xb476f41e, 0x2755f894, 0x5c8d7a75,
-      0x625741a4, 0xd6c12e10, 0xc917b16c, 0x262a6fb8, 0x38d6b0a0,
-      0x24d116e6, 0x32c38e83, 0x849540c0, 0x66868afc, 0x855b911c,
-      0xbd26b550, 0x53217ea6 },
-    { 0x259f52b4, 0xfc840473, 0xe621146c, 0x968da9cb, 0xcacbd26e,
-      0x964eb85e, 0xe4a54344, 0xab7daa2d, 0x381a4ff7, 0x6dc3b848,
-      0x41c815ef, 0xa07a96b3, 0xc3d4b1e1, 0xc4fae9e8, 0x42ce9ea8,
-      0x0f938d1e, 0x35cc052f, 0xa727dacc, 0xe9a06f07, 0xc81e01c9,
-      0x4a6d65a1, 0xa9e08dcb, 0x6044a9a6, 0xf8e2d173, 0xf2bd295b,
-      0x99893dd0, 0xf9781b12, 0xa08d3379, 0x61830ac2, 0x64bd6001,
-      0xd9adbeef, 0x0386931e },
-    { 0xd09885a5, 0xd0d7abb3, 0xe355bb07, 0xed9d2b67, 0x536ebaed,
-      0x3bc238cf, 0x699ce4d6, 0x61ca2e78, 0x111594cd, 0x354ff447,
-      0x03316ad2, 0x55cbe709, 0x49fff5c4, 0x418679fd, 0x0f9c6c40,
-      0x75bacd75, 0x2972721a, 0x677edc88, 0xe5ef502f, 0x82596887,
-      0xbf320e0e, 0x459e9367, 0x8bbdccb2, 0x81ce36ef, 0xb766863d,
-      0x1ba097fc, 0xd58c6db8, 0xcd3a21d6, 0xb4a8748b, 0x0e4967cd,
-      0x15041c20, 0x2caaf749 },
-    { 0x6ed20424, 0x44f98006, 0x22471545, 0xb3e4ea23, 0x781a8c86,
-      0x268ed1a5, 0x7ae5b70b, 0x48d0ab75, 0x356d3982, 0x6ca8b320,
-      0x2df31fa4, 0x9ce8e681, 0xd925dcf2, 0xb909d232, 0xf56723de,
-      0x302c8f78, 0xabac96f9, 0x11725d69, 0x57d1a170, 0x656a47ca,
-      0xc18a2be7, 0x6bb5d511, 0xad50d9d9, 0xb56e45f1, 0x70b05518,
-      0x36e886e2, 0x09d8ff91, 0xc7c71f3d, 0x9350361e, 0x65a1bbe2,
-      0x45fe3bd8, 0x86d7f532 },
-    { 0xb0bf719a, 0x99f16eb6, 0x8bc3d913, 0xb6975098, 0x26cd01b4,
-      0xfae50e52, 0x90898d1c, 0xd3e3ac54, 0x887ec666, 0x4da3b9db,
-      0xfbea45b8, 0x58300644, 0x8355b058, 0x369f3bd9, 0x579bcc13,
-      0x0fb239a8, 0x6e2bd811, 0x4f5b4539, 0x24198fd2, 0x007f3baf,
-      0x8837d51d, 0x68a676db, 0xeae75b16, 0x68eeea62, 0x3db6083c,
-      0x5ffe5f94, 0x7d836c5a, 0x52c94d0f, 0xcbc1ff85, 0x5a4c3c6f,
-      0x86c0b4dd, 0x682a55e3 },
-    { 0x587495aa, 0xc8f235a4, 0x34c7245d, 0x2276026c, 0xb75a46e3,
-      0xd6ae0cc5, 0xecc3e5e7, 0x890d3965, 0x14296629, 0x1b13342f,
-      0x8a877227, 0xc89927e6, 0x2324a68b, 0x1543f27e, 0x49cdc21a,
-      0x6c447684, 0x1452d0ac, 0x9bc7fd4f, 0xff4b045c, 0x2cc30a31,
-      0x852f7611, 0x415d46a0, 0xc6fdd7a6, 0xad737052, 0x7b4c7c91,
-      0xdcecc3ab, 0x7688d70c, 0xd2cdf01b, 0xe40d3905, 0x054f2542,
-      0xfefe4dcd, 0x02227fa6 },
-    { 0xb751948b, 0x1805efd9, 0xfdfd225d, 0x8efeed46, 0x4f2c8b22,
-      0xcb128e09, 0x96f7c5e5, 0x9d1090bf, 0xb4cbeca0, 0x0959d044,
-      0x8e08cb04, 0x21c955f9, 0x68fa4fce, 0xbc1f279d, 0x0710ae9a,
-      0xb021e14e, 0x881167f4, 0x64d16e9f, 0xbbc9f1a5, 0xf5a5c22e,
-      0xe3420eea, 0x5f3716df, 0xd5c4e843, 0x971eb915, 0x28ffba81,
-      0x64fc55fc, 0x7dd37578, 0x3427e54d, 0x15ebc7d0, 0x446e6a62,
-      0x29269778, 0x547e249a },
-    { 0xa1ffda27, 0x4706868a, 0x7955cf50, 0xb4e6cdcc, 0x0a63f3d8,
-      0xf65151e1, 0x9de5e70a, 0x5b4127ea, 0xf9342823, 0x3d2c09ba,
-      0xaa2f7d51, 0x18c99d83, 0xddeec025, 0xa0c5bb1d, 0x03dcf1ce,
-      0x7ffddf84, 0x616fdeda, 0xe57e4d29, 0x7932a1f0, 0xd2456569,
-      0x3191d4e3, 0x7475e0e8, 0xc220218b, 0x3479bea1, 0x8bcb2505,
-      0xfceb5c90, 0x3c6132e6, 0x1c685cea, 0xbfe6c1eb, 0xc42dc745,
-      0xd2b08eea, 0x45a41cc0 },
-    { 0x4dbbf0e1, 0x3ea9b2c7, 0xa17cf70e, 0x41ff962f, 0x5eeb4c66,
-      0xdc1ea758, 0xa9beb17e, 0x4f5412d2, 0xa285741a, 0x2c9e4f52,
-      0x984fd11f, 0x93df7da4, 0x0df3184e, 0xb2afbddc, 0x2421e375,
-      0x96323d25, 0x49df781e, 0xc87be1e4, 0x3d589bea, 0x145601ed,
-      0x28fff6dd, 0x0f0bd9bd, 0x8a0f298c, 0x2d3259d4, 0xd88e6944,
-      0x362d7a77, 0xb6ac2af6, 0xa84c06b6, 0xd087da02, 0xba850ac9,
-      0x42ee40c8, 0x128763c9 },
-    { 0xacbac178, 0x29a80f07, 0x34b08f6e, 0x7cc20044, 0x70feded2,
-      0xe9631d14, 0x86615767, 0xb2115da3, 0xcb088548, 0x7c75f5c4,
-      0x9a2e8e03, 0x5b29d213, 0x8b881752, 0xfe9fda66, 0xc1de7ebc,
-      0x3f1d8d88, 0x03218123, 0xb476565e, 0xb1c995f3, 0x07365561,
-      0xb13eb71b, 0x2160cb18, 0x99b3a0eb, 0x7e8da513, 0xb20fcd74,
-      0x5e8ca1f9, 0xb4126d72, 0x6a7e0067, 0x68bb637f, 0x1e8204b7,
-      0xfc4f74d2, 0x75e96bcc },
-    { 0x0d19716e, 0x189d1fdc, 0x7c384525, 0xdf585058, 0xea987d2a,
-      0x64a846d1, 0x6c07150f, 0x12b6bf83, 0x4d6fd5b7, 0x91d85d46,
-      0x4f53f55f, 0xa9788836, 0x81509129, 0x60083bd8, 0xea876f48,
-      0xa7672683, 0xc15b2489, 0xe80b2e7a, 0x42d1d992, 0x985ef8d2,
-      0xcf3de492, 0x9c57b029, 0xb1487627, 0xfe02f83c, 0x8ae5b687,
-      0xaeba4fe4, 0x5d6b8196, 0x8a86f09b, 0xa16e523d, 0xd88f566b,
-      0xba268949, 0x309a6e9a },
-    { 0xbdfbe97a, 0xef27ee50, 0xb8c50c4d, 0x1a5fe70f, 0x7fe09f5c,
-      0xcc7beb01, 0xbed36cc5, 0x8fa15a85, 0x7550ed3a, 0xc0c3acdb,
-      0xeb908681, 0xc581ef87, 0xc49d5ccb, 0xa15b3362, 0x1fa264e8,
-      0x0fbb1714, 0x8e1eee88, 0x267f8d8f, 0x21c2b63d, 0xd31ccfd6,
-      0x53be7efd, 0x924dbe7d, 0xdb2a358a, 0xd42e877f, 0x75d68ac1,
-      0xcf9673c7, 0x714fea55, 0xe35978fd, 0x5769b202, 0xeeb36653,
-      0xd7593789, 0x0458258a },
-    { 0xa042dbdf, 0x5df71a74, 0x5779dfa2, 0x2d405857, 0x0d2e6657,
-      0x0e66cba7, 0xca2e892e, 0x285d6745, 0x0f0e6b5f, 0xf56a8def,
-      0xa30767c3, 0xe0ee851d, 0x43346b9c, 0x98c05658, 0xd6b3c742,
-      0xb35fce26, 0x39777e00, 0xc0895bff, 0xe7b6d886, 0x83c8f6a6,
-      0x4f02904b, 0xbee14843, 0x2e84ec34, 0x7f74915b, 0x96d10991,
-      0xbaaf663c, 0xe41facc0, 0x004b8757, 0x6f86c029, 0xa2b880e5,
-      0x95b77358, 0x53f4a3e0 },
-    { 0x89fc48e7, 0x11bb08ce, 0xafab5aeb, 0xba60c577, 0xa0c1cb5a,
-      0xf06bcbf8, 0x79757cb6, 0x7d2efaea, 0x76319160, 0xe26d90b1,
-      0x2b77b7a9, 0x42aa1ab6, 0x285df2bf, 0x38eec0cd, 0xf3a8f7f0,
-      0xd35947f5, 0xfc1cb5b5, 0x97c8dc0e, 0xc45845cf, 0xfeb8cca0,
-      0x249e26f2, 0x16e8d989, 0x483ed89a, 0x7c264e6d, 0x51d91073,
-      0x13a3f145, 0x305e99f0, 0x8501562e, 0x6908d563, 0xaaf98d74,
-      0xd723d236, 0x0a99e653 },
-    { 0xabbc0559, 0x23536f46, 0x9aa1a160, 0xc163067b, 0x0c1681b5,
-      0x229fd229, 0x1378e907, 0x61254be1, 0xab793a2d, 0xc60ff57a,
-      0x466552db, 0xa6f2df8b, 0x8c170a36, 0x9ad31893, 0x29b74d9a,
-      0xc5cd9abe, 0xf7848523, 0xcf747273, 0x0d0e3063, 0xc126a93a,
-      0x4248e3d8, 0xfe2021e3, 0x8323ddfa, 0xd97343ee, 0x332639e7,
-      0x9f768775, 0x75325548, 0x9650fc31, 0x3eebf7ea, 0xb595dbd1,
-      0x010fcbc0, 0x3a95cb45 },
-    { 0x39d7ff2e, 0x954e68cb, 0xc1d5c48f, 0x8dd1cb4b, 0x7169438a,
-      0x02a92c77, 0x91cad8ce, 0x7965c0b0, 0x32cd08d2, 0x0c5798ab,
-      0xa6902bda, 0x1a5bc3c3, 0x5186d218, 0x545d0925, 0xd27e64db,
-      0xf0077cdb, 0x8cd092da, 0x0157caa4, 0x24532ab3, 0x2a2fa3a0,
-      0x41ccaba3, 0xa5fb639b, 0x4744aee6, 0x01702dc1, 0xcdba93da,
-      0x485bb436, 0x329784f1, 0x93597f66, 0xdad672c3, 0x5d713c1d,
-      0x030b7245, 0x366d222e },
-    { 0x573ea5b2, 0xd50b4875, 0xa90da44d, 0x0fce401b, 0x7a1a0310,
-      0x7b53fa65, 0xcf114460, 0x722a80a5, 0xa538bf49, 0x0b8ebf05,
-      0xd32acd21, 0xae141147, 0x7b5ad07d, 0x6692712c, 0x3f48ca07,
-      0x6dc5fee7, 0x2b8a78d8, 0x98ed1499, 0xdd2f1759, 0x4e8b3145,
-      0x5f971b8e, 0x43408de1, 0xadf1b368, 0x055ea6dd, 0xe5932b7e,
-      0x4bb76e73, 0xd30893fd, 0x44287153, 0x0661bfda, 0x173dccd2,
-      0x79defd25, 0x9072ba99 },
-    { 0x9620ea39, 0x474de4dd, 0xc831cee8, 0xfbf1649f, 0xcd3a9c43,
-      0x0b0e8bb1, 0x3f3df1d5, 0x6a38286f, 0x8f0ec9b3, 0x4ed072b3,
-      0x729c09e3, 0xa6e4c987, 0x8ad12242, 0xea3e8ac6, 0xfbdfa5ba,
-      0x6ae0e22b, 0xb0a0f592, 0x56171ecf, 0x6b871f8d, 0x33b2886d,
-      0x35e11bda, 0x6b19bea9, 0x7f0f153f, 0x4d815a40, 0x7d6c02ee,
-      0x7e608d97, 0xb6a88f46, 0x7e8f23d9, 0x439d1654, 0x26ac9652,
-      0x35546c29, 0x8d92c6bd },
-    { 0xabeb0ff7, 0xb3e0d7ce, 0x3e0e42f8, 0xfbe35254, 0xde808499,
-      0x57d1b226, 0x1cd44bc3, 0x9ece2e1f, 0x435cfee1, 0x1245adbc,
-      0xf93f581c, 0x874ee840, 0xbda0b947, 0x916a779c, 0xfa57ae0a,
-      0xabcc815a, 0xf0a621b0, 0x97adec2d, 0x81f90bdc, 0xbe6a502b,
-      0x53bde63d, 0x54bf9de1, 0x78884c25, 0xa88fdabf, 0xcbbb5470,
-      0x30aa52b1, 0x29053ef5, 0xf805396c, 0x8dd827ea, 0x8d43d898,
-      0x5c1ae5c0, 0x4e4bec17 },
-    { 0xfcc09676, 0xbf8483a2, 0x19ea9a94, 0x457c4a3f, 0xd702a5dd,
-      0xa6852ef3, 0x843fe7d8, 0xe7915fd2, 0x16e35158, 0x644bba98,
-      0x9ed746f0, 0x8d1b95d0, 0xb90af0b5, 0x47704581, 0xd4fd135e,
-      0x0bd4bc6b, 0xb4e833a5, 0xa6dce067, 0xff56a9a1, 0x2c0e8f30,
-      0xec2c63fe, 0xa9c80800, 0x98f508a8, 0x449c20a5, 0x3292813a,
-      0x02b94cb3, 0xec7e81a2, 0x647e3d28, 0xb4877677, 0x72e67d1a,
-      0x6f9ded24, 0x7a4aa3f5 },
-    { 0xe27a0045, 0x559ef1ba, 0xb242cb50, 0xdc812d4f, 0x39cf8d24,
-      0x23a478e4, 0x9b3f9c54, 0x97544fc5, 0xaffa1fcf, 0x5ac68132,
-      0x34a2c83b, 0x74f8fee0, 0xcd3f4bb7, 0x96cc640f, 0xb0512ea6,
-      0x775dce9d, 0xcdce381e, 0x67dca19d, 0xa9d3fe55, 0xc1eeb3f3,
-      0x1a19274f, 0x38e0bf42, 0x28d69b12, 0x15992fb4, 0x9fd09df8,
-      0x48fcebde, 0xb41ab5df, 0xdc9dfa4f, 0xc0a269c5, 0x0cbd7dc8,
-      0xf7f0ade1, 0x60282a7b },
-    { 0xdceea2e7, 0x7c07e538, 0x3c42061d, 0x38a322c8, 0x4f1f6516,
-      0x676828f9, 0xc7776a10, 0xf21b69fb, 0xb5e6b405, 0xc63a3417,
-      0x91a7b642, 0x4c99f258, 0x2cad1440, 0x38692ca8, 0x00869bcd,
-      0xf1e82ffe, 0x16fe466a, 0xc30b714e, 0x19019138, 0x5fb742f9,
-      0x0fa516ae, 0xe90166d0, 0xd8c73a43, 0x5550f7ac, 0xfbc5c372,
-      0x2d6a407d, 0x68cc39ed, 0xe47a7539, 0x4a5fbe70, 0x3fd286d9,
-      0x23c6b942, 0x5f4ae9c7 },
-    { 0x53f4d561, 0xd96a2dda, 0x16da1992, 0x286d45d0, 0xfdd4b051,
-      0x449a01fb, 0x9f2195ea, 0x25488a0d, 0xa37661b3, 0xc4151b0a,
-      0xf9e5ee02, 0xb98c471e, 0xa8658817, 0xa4bca86e, 0x7a68fc0a,
-      0xbbcadb87, 0x6b7366a9, 0x88b34649, 0x15661c2d, 0x32ee98d4,
-      0xc901420c, 0xf5b3b4c6, 0x2f2752af, 0xa2352735, 0x510e4d9c,
-      0x2f64ce73, 0xaca4aa80, 0x939a7f26, 0x401aa503, 0x9cd3e291,
-      0xdc46afd2, 0x92a01423 },
-    { 0x1c2f7dbd, 0xe9f24be1, 0xb7d527fa, 0xda8c900f, 0x8648f128,
-      0x963e25bb, 0x48141941, 0x9ab713e2, 0x7a6756fb, 0xe87f7d01,
-      0x058d90bd, 0x274dd85e, 0x82566abd, 0x823fee7a, 0x74240195,
-      0x9f6230d7, 0xacb5e46e, 0x04579f2c, 0x16a4c87e, 0x2a226263,
-      0xd99b0857, 0x9ca19a43, 0xe488789e, 0x86dc2ba3, 0x9406c3bd,
-      0xf960b5b9, 0x8960957e, 0x6f2c428b, 0x161c515b, 0x90748706,
-      0xaa88cb9b, 0x0fc8fe1e },
-    { 0xfeb90f2d, 0x68ae1bed, 0xa48b1559, 0xf393bb3c, 0xf64e9635,
-      0x2be62f9c, 0xf8be75c2, 0x354c2410, 0x5e6f7529, 0xbd7ea703,
-      0x162cab31, 0xc264868e, 0xc860f3ff, 0xb1391e70, 0x1d89837e,
-      0xdf367c75, 0x2bf32941, 0xe150b6b4, 0x78c1318f, 0x95e8f46e,
-      0xa2c4b160, 0x2b3f1dab, 0x701afbf3, 0xc6ccf5ce, 0x5e8874c5,
-      0x3ad27530, 0x5dc6dcbe, 0x39285e51, 0xd99892dd, 0x3c954d86,
-      0xdfd3789f, 0x2d0ba862 },
-    { 0xb472e1af, 0xeacd8ee8, 0xb76abbcc, 0xeb354eae, 0xd0d93fbd,
-      0x9b520bf8, 0xfe6fc706, 0xfccd60d7, 0xa4ee2f39, 0xa9353dde,
-      0x9a81e51e, 0x5eb0925e, 0xd1366777, 0xee334da1, 0xd5354d69,
-      0xc1d28c9f, 0x92a5ed54, 0xb9771755, 0xb7f70d81, 0x5d3e367f,
-      0xa933ae7a, 0x7be7eeca, 0xe23cfbb7, 0x264cf1f9, 0x89497681,
-      0x0d129f4a, 0x09b6235b, 0x705375a4, 0x48a376da, 0xccf64c75,
-      0x4d41dbfc, 0x963c8712 },
-    { 0xde36a814, 0xbae290cb, 0x733b12b5, 0x9bdb0195, 0xf77fe0e1,
-      0x0ebad867, 0x29720cea, 0x0a7d19fd, 0x9029ec72, 0x434d7651,
-      0xbb51911e, 0x856aff17, 0xd80a7f60, 0xd0a25d9a, 0xf848c106,
-      0xffca86af, 0x43ad749c, 0x53e8bdf9, 0xe3e696bb, 0xfb9e0284,
-      0xeeee4215, 0x3eb6630a, 0x2ecf3c63, 0x9d8fbb9e, 0x4e00c0c0,
-      0x71da4ffa, 0x5d57beac, 0xb296be59, 0xa8cec7ef, 0x1751fbad,
-      0xff55d7bd, 0x2d03eb3c },
-    { 0x04f2ec1d, 0xeb16925f, 0x0d147ee2, 0xa878f276, 0xaad9d9e0,
-      0x442df604, 0x3f71035b, 0x891df44b, 0x8cb95d5b, 0xc28272b3,
-      0x5ee8ed23, 0x6f14efb5, 0x13b0f3e3, 0xf3c4460f, 0x6bd7335e,
-      0x889f9bd7, 0xf755ba6e, 0x889ee771, 0xed219b6c, 0x626984fe,
-      0xec2ee411, 0x2d44c737, 0x63efcd37, 0xb94385a2, 0x6637826b,
-      0xd909321b, 0x3ee6b7a7, 0xc24f8a79, 0xa7cf61b7, 0xa3ca8d24,
-      0xc54bacd9, 0x842e40c1 },
-    { 0xa661d843, 0x5a268ed6, 0x4f5b30cd, 0x02328cca, 0x1311e177,
-      0x16e6fed1, 0xc6695967, 0x690decb4, 0x57b2e280, 0xbdac5bf6,
-      0x1efe42d0, 0x827f82ca, 0xca5fca2f, 0xc554ec0a, 0xdde45506,
-      0xac5276c1, 0xe3077513, 0xb7f4cb08, 0xcc8797cc, 0x8caf6d9a,
-      0x0d9332d2, 0xd5964814, 0x285a409f, 0xcc6ae297, 0x6223d093,
-      0x7773c2a5, 0x5128fc09, 0x2d5266ac, 0xbc31fe6c, 0xa596b7cb,
-      0xcac91328, 0x0e63319a },
-    { 0xf0360ac2, 0xb5cd2fad, 0x285e605a, 0x86b660de, 0xe25b9b14,
-      0x82c6cf10, 0xaa9ac554, 0x9d5fa38d, 0x526c070e, 0x3dfcf1b8,
-      0x3fccc52d, 0x0379a96b, 0x0bfcc7f5, 0xe3659c29, 0x69d3e6a1,
-      0x5b1a3db5, 0x9b7b42d5, 0xb41528b5, 0x9c22a006, 0x934defa4,
-      0x9b4ce3b6, 0x90f38018, 0xb3abaf32, 0xb073bc04, 0xff8389e2,
-      0x27a5a222, 0xffa5a35b, 0x0b7a9d51, 0x28e1a7c2, 0x4939ecef,
-      0x1872705a, 0x88839da2 },
-    { 0x701ce29a, 0x56b66c30, 0x58981d50, 0x3acaf126, 0x105f9f21,
-      0xd4dafc0c, 0x373e3d13, 0xfee571e6, 0xfa2ee3ca, 0xe7269c86,
-      0xdd20385a, 0xf5cca64a, 0x3000e9ac, 0x217f2757, 0x0e7273ef,
-      0xc934db47, 0x355b6776, 0x4294f4f7, 0x6fc05180, 0x1faa36b9,
-      0xb052190b, 0x8f88b1db, 0xe9eaef52, 0x35791b90, 0xdb681b90,
-      0xf37fb2eb, 0x4415c369, 0x39d0a51d, 0x1d2e21c9, 0xfc59cca7,
-      0xa1f50c26, 0x64128cfe },
-    { 0xe8f5b0b5, 0xf03678a2, 0xd340f059, 0x5c7e249c, 0x93ca7cec,
-      0x41440441, 0xbc83af98, 0x075ca346, 0xfaa8bbb0, 0xf39f0033,
-      0xf38230f7, 0x3d18f0ed, 0xd448f345, 0x78dff00c, 0xd51aa475,
-      0x849228c0, 0x30c928d1, 0xdd4e2708, 0x8f12cfd3, 0xc66ba686,
-      0x88b3a206, 0x091049db, 0x016dae01, 0xd865d059, 0xe253e37d,
-      0x4599e905, 0x7ce9871b, 0x322cf0c2, 0x174a132e, 0x014f54da,
-      0xbdabcbda, 0x93634a09 },
-    { 0xa9a2e304, 0x62826b27, 0xc1a4c124, 0xc57e1866, 0x22381710,
-      0x913ab832, 0xa9847cfe, 0x7e9b6b85, 0x2b5f46fd, 0x29655cf1,
-      0x8038e66d, 0x7295572b, 0x6fa95eab, 0xe4cba601, 0xb9deda81,
-      0xbbc11071, 0x3f1cf61e, 0x97f0009a, 0x373e0cfb, 0x5372777b,
-      0xd139d63b, 0x302f909c, 0x4f87d78e, 0x1ed672da, 0xb4048763,
-      0x362077a3, 0x9dcc22b2, 0xc408c32d, 0x26deeee7, 0x4b4c5bf2,
-      0xbc06357e, 0x266cb467 },
-    { 0xb56363e8, 0x6faa4154, 0x3c1aa4db, 0x4b4fd078, 0x2b9e6597,
-      0x14358dde, 0xfa004b84, 0x5b34ae3e, 0xf19911a6, 0xcf44b2ec,
-      0xa536bf78, 0x55caa833, 0x8870dc95, 0x606e1eb9, 0x09f3511d,
-      0xe3c3287d, 0x9d5cf364, 0x68b2f4eb, 0x63ab8c9e, 0xc154e892,
-      0xc36ab611, 0x1548828e, 0xa1b7d120, 0x0932bfcb, 0x5315b8d7,
-      0x7ee7b5bc, 0xf7473ac1, 0x782fd0d1, 0x3c8f2af3, 0xbcb029a8,
-      0x52454ee1, 0x4b1d5a1b },
-    { 0x63d52c0c, 0x12fe5174, 0x188c099d, 0x3735525e, 0x360e3956,
-      0x5c621563, 0xacfa5a43, 0x88b3f1ca, 0x797e8107, 0x90123a0a,
-      0xb15e080a, 0xba31f6b5, 0xfca3dada, 0xd7de5e12, 0x0df511c8,
-      0x3287361b, 0x65757d4e, 0x7cc800d4, 0x5207ec91, 0x10810f3d,
-      0x30eea0e3, 0x0d4e56f1, 0x3ea5a2ec, 0xbbf7ee13, 0xbe6abbd0,
-      0x6fc07762, 0x120bf619, 0xc831fdce, 0xb622d42a, 0xe07439fa,
-      0x508e4b27, 0x8186b93f },
-    { 0x09312867, 0xc619d154, 0xbfaf7db4, 0x7e042c05, 0x1f5f5dda,
-      0xc1cf1668, 0xa4fc3d82, 0x50aa5057, 0xce68b8fe, 0xed30ed65,
-      0xbeb4d644, 0xecb01c0b, 0x831c0497, 0x7b5dc444, 0x9b7d9b1c,
-      0x351e6a00, 0xd9477c91, 0x4bb863b9, 0x05d4110a, 0xaba65891,
-      0x43580b7a, 0x30086cf4, 0x90be357e, 0xb139c076, 0x27b5214e,
-      0x12bfff1a, 0x22c3ab57, 0x79cfc6d7, 0xf34a9bfa, 0x4743de57,
-      0xc9ee2b2a, 0x0bf97e97 },
-    { 0xdda19e96, 0x96ec4ec8, 0x6c306e8b, 0x54ce18ea, 0x65f6918a,
-      0x7e83612b, 0x0d9a0d99, 0x1ac6f68b, 0x62fdcc09, 0x98a697a4,
-      0x95bc3e13, 0x65ce25f1, 0xb3939730, 0x1896ecda, 0x32f12806,
-      0x9eb81a0f, 0x1d2dc7df, 0xd3d7416e, 0xad473599, 0xe22c7976,
-      0x9f5ef439, 0x3de37a9a, 0x9e69d94e, 0x6b7ac0ab, 0x0a9d0bc8,
-      0xe6bfa9e0, 0x5676f120, 0x576a870d, 0xfeaac23f, 0x3bd91bb4,
-      0x3e40aabb, 0x8fe5482c },
-    { 0xce9a4d1e, 0x85ae67c2, 0x4f1d2038, 0x4c3eb803, 0x25d06192,
-      0x5c6c8f3a, 0x308fb41c, 0x803de0ad, 0xe71c294e, 0x9961f5bc,
-      0xf02eb0da, 0xdc62078d, 0xb64ae8b6, 0xc87ef515, 0x50b4d18f,
-      0x69679f1e, 0x52199f43, 0xc5c009a1, 0x0f640a5f, 0xa7d484be,
-      0x23dab566, 0x4c918bb1, 0x64275d2c, 0xa67c114c, 0xcad2ded6,
-      0x95a913b9, 0x6b4b5c8d, 0x189ed18b, 0xb42d3bf6, 0x4aeb6206,
-      0xbbc8bc3f, 0x3928c669 },
-    { 0xdacb4b64, 0xde4bea4a, 0xf26179a1, 0x03f62a44, 0x7a9112a4,
-      0xf3aac94e, 0xd36f331e, 0x90448fbd, 0x407b85c4, 0x426042bc,
-      0x2121b77b, 0x5ad8a596, 0x67cee984, 0x31674a4f, 0x4e3b2f0d,
-      0x7fae8bbe, 0xa7c930eb, 0x681df6dd, 0xc259d0d4, 0xadeefa98,
-      0xbea1c1fd, 0x1b14d9e6, 0x21d405d1, 0x3baadc8b, 0x73892754,
-      0xf01dff93, 0xf071cde4, 0x81c35b3e, 0x9150d0d9, 0x1704d2e1,
-      0x355134f6, 0x6ccc888f },
-    { 0x7ad7504c, 0xf8d36f0e, 0xf7959ddd, 0xbca3265f, 0xfede67aa,
-      0x0dcd1ede, 0xbaebf32f, 0x1276f4ce, 0x014edcfc, 0x6825a6e6,
-      0x99ad8eb7, 0x0b8c1a82, 0x09b8ce1e, 0x312024a9, 0x9cbd351a,
-      0xcb8fd98b, 0xfab1e8be, 0xa4841378, 0x3973cacf, 0x17ed0f5d,
-      0x259d5254, 0xa17e1484, 0x74b91393, 0x53d5b843, 0x1aca3ce9,
-      0x8f792b21, 0xc8c0f815, 0x035ff110, 0xad4ed7bd, 0x6afa6357,
-      0xb26faef9, 0x2f151980 },
-    { 0x29d2d439, 0x0c8631da, 0xbc039955, 0x121fbbc2, 0x6c05b75b,
-      0x3e5a9792, 0xb6ce47ec, 0x6d6cf4c0, 0x9d88c658, 0xbaaa1767,
-      0xf3355a17, 0x031db9e7, 0x0aef5a85, 0x8381e3d8, 0x15a31bdf,
-      0xc71db290, 0x9498fd7d, 0x638f6b74, 0x13beeef6, 0x44edf3f9,
-      0xf4ab67b3, 0xe6173271, 0xfd22df11, 0x3a202c70, 0x205c4e92,
-      0xf7be0389, 0xa8eb9920, 0x1c219085, 0xbeb54aaa, 0x6c805ce8,
-      0x0ac58d65, 0x354b05b7 },
-    { 0x7a9170e9, 0x7171e236, 0x4cad50cd, 0x01eec42d, 0x3cddccfb,
-      0xffbe824f, 0xa66cae1a, 0xa73e8ce3, 0x965c7d01, 0xb7138a7f,
-      0x5c3d971e, 0x00058e3f, 0x2ff0a72b, 0x52591ac3, 0xbbbce76f,
-      0xa32fb5bc, 0xa9f81a18, 0xf3241ab8, 0xeca68630, 0xf31d3332,
-      0x4482f13b, 0x847af9fc, 0xa4681be2, 0x6196e217, 0xe55efcf9,
-      0x9938f932, 0x70acc705, 0x3e7dacb8, 0xcf09fac2, 0xd41be893,
-      0xae3523a1, 0x48dc55c4 },
-    { 0xa5092193, 0x8e623826, 0x6898970c, 0xe46ec362, 0x25c9eb41,
-      0x2f1356af, 0x83c7d245, 0x41780640, 0x97d00e38, 0x982def67,
-      0xa512151c, 0x382eb6e7, 0x8af58869, 0x154e1077, 0x8a51cf02,
-      0x18707075, 0x71313c58, 0xcdeba9f7, 0xba155904, 0x5d67b973,
-      0x1d0d7b3a, 0x851c9f4b, 0x8b8af2cd, 0x19f29d71, 0x986b8d62,
-      0xcb94ccff, 0xb93b9c33, 0x8725e24b, 0x66e38c68, 0x405ce4c5,
-      0x0b6dc021, 0x5f6a8edd },
-    { 0x8f9a8690, 0x83704ca5, 0x2f76a407, 0x3f369766, 0x69201028,
-      0xfbc12d8c, 0xbce3a4cf, 0x4cd58f16, 0x04aab26d, 0x7804664a,
-      0x4ea457a8, 0x005cfbba, 0xb8a59794, 0x537951b3, 0x4fe1f739,
-      0x4ca2b9e4, 0xdf325797, 0xe4428acd, 0x0ea243db, 0x648da342,
-      0xf43ce01e, 0xcce6562b, 0xf27db490, 0x840f0421, 0x8bfb7cf0,
-      0x156ccb70, 0x5a8797d3, 0x9b33480d, 0x9eb814bb, 0x2e12e07a,
-      0xca7f87ac, 0x1ca65072 },
-    { 0x2b9d25a0, 0xfbb321cf, 0x40a746db, 0x66affdca, 0x59e368b5,
-      0xc1c1530e, 0x7d80068f, 0x56ed1ea4, 0x5647dd68, 0x9b74d8fe,
-      0x89b78da8, 0x1d96b507, 0x8bbe3391, 0x39b75243, 0x0d858c5f,
-      0xef8d443e, 0x9646aa34, 0x4dd2db49, 0xe667543c, 0x7fad3bd1,
-      0x68980985, 0xd0d710c0, 0x49facaba, 0x9f7aff32, 0x14f9a192,
-      0x055dec1c, 0x1fb307a1, 0xaca66399, 0x35ffff64, 0xac44fd91,
-      0xcbad3cee, 0x462cafb6 },
-    { 0xde3237dd, 0x1660a647, 0x82b87404, 0x95f735cc, 0xddfa55f8,
-      0xf7879f59, 0x726b914a, 0x15ef043e, 0x1c93e298, 0x1875393d,
-      0x6ef18331, 0xa1a2be74, 0x25a9a12b, 0x4e7e8dfc, 0xa9c3917f,
-      0xdfefc97d, 0x0a2ebe41, 0xbc875d03, 0xa732d1cc, 0x0f75d235,
-      0xd9baa6d3, 0x06fee7fe, 0x65f48576, 0xaa784fab, 0x513f83c0,
-      0x23155e22, 0x3e8f9d13, 0xd2fb7718, 0xb546eafd, 0x2a291503,
-      0x6cd93608, 0x1293c98c },
-    { 0x49d53b77, 0x72781251, 0x96eafac7, 0xa6ab403d, 0x4a36b711,
-      0xb7d7c7db, 0x87e771c1, 0x8238c708, 0x33b37522, 0x495f6abf,
-      0x8c87530d, 0xb0b0289c, 0xe77b111a, 0xca83cb86, 0xa1bd189e,
-      0xbe1c0fb8, 0x1ae9d7c7, 0x58cfb2fb, 0x4940c3e8, 0xd05c23c5,
-      0x74ad9107, 0x16e79e41, 0x064e7142, 0xa0a47f05, 0xfdfd614f,
-      0xc6929cd4, 0x3946988b, 0xedb2584c, 0xe46f8fb1, 0x73e4b5f3,
-      0x68ea94ba, 0x53b79aa1 },
-    { 0x44bbb6a1, 0x216fafce, 0x67821728, 0xd3a5bba0, 0xa9dd939a,
-      0xef1e4b30, 0xf19efafe, 0x022eaf3d, 0x7b4ec014, 0xfed5abce,
-      0x512c6738, 0x64968ee6, 0x29fe89a2, 0x23119869, 0x47397c05,
-      0x0d539d8d, 0x234596c4, 0x6400bc54, 0x5346611d, 0xb9287f58,
-      0xc9d5da0f, 0x04099903, 0xc83af2a8, 0xe5ef4997, 0x328151e1,
-      0xc89dc01b, 0x58401104, 0x150fb4a9, 0xf3872c9d, 0x40a6f7d5,
-      0x56c2e833, 0x8290d6d1 },
-    { 0xd8546946, 0xf84637c6, 0x69ec57fa, 0xda134a39, 0xd789007e,
-      0xd42359a4, 0x0dc7b809, 0xb42557fe, 0x2d6784a9, 0xe62ae52d,
-      0x0bcadb5f, 0xa2714ca6, 0x33aafca5, 0xcc208de6, 0xed967811,
-      0x2380ed5c, 0xdb321660, 0x6e6b55e9, 0xa675235a, 0x1bead02c,
-      0xb33fa0e1, 0x51cc6ef9, 0xf06a2a08, 0xfd223e26, 0xec47b3cf,
-      0x00f332e1, 0xa0aa984e, 0x459f297b, 0xee952e14, 0x6fa1d969,
-      0x304fabb0, 0x506ef1ab },
-    { 0x35bff163, 0x11b4eb27, 0xea9fa984, 0x7130b96f, 0x9deb27ce,
-      0x66aceb3f, 0x9dd1c3d5, 0xa2daf1a5, 0xa73075aa, 0xf5090a7e,
-      0xe3071b58, 0x36a6af39, 0xdf73ad9c, 0xa28d633d, 0xbdc89a16,
-      0xdd354cac, 0xd4dcbc3c, 0xdfea3423, 0x379d92d1, 0x6eec74d2,
-      0x8eed6765, 0xe14a456f, 0xfa8feb1f, 0xfabe7743, 0xb98fcbc7,
-      0x1404ccf8, 0xf71a706e, 0x6ccd2fbf, 0x4d85c678, 0xdaaf3fdb,
-      0x15200344, 0x415b7dbf },
-    { 0x7d8377a7, 0x97010586, 0xcb803272, 0x068a3d68, 0xf03a4c32,
-      0xfd67d289, 0x93c8f290, 0x4bc7095d, 0xe9e5a2b8, 0x712fa13c,
-      0x0feb9f3b, 0xfc6ac6c6, 0x6e0e54c2, 0x0cda36d9, 0x86320a01,
-      0x45499751, 0x97f00f11, 0xf9318c91, 0xe6936508, 0x01dc4c3f,
-      0x85f068aa, 0x769a2ef9, 0xa2b5511c, 0x3522cef0, 0xb4122e05,
-      0x006965ed, 0xc175d43f, 0xfce0fafc, 0xec831d59, 0x525dc9bd,
-      0xaf58879d, 0x1ec314f1 },
-    { 0x2c8310c2, 0x0663feef, 0x457e3f74, 0xaa7e14da, 0xe5346887,
-      0x392b10fc, 0x637ec2c5, 0xcde4a38f, 0xb542f8df, 0x50773320,
-      0xf7de1711, 0x341302f9, 0xae4b9bc6, 0x018b1c63, 0xdd2f9e6f,
-      0xf001c46e, 0x26eccfa0, 0xd3bb0a97, 0x7746e0c7, 0xa931b99d,
-      0xf5875aec, 0xe0c8b6f7, 0x96939c82, 0xbb32f17c, 0x3de5a664,
-      0x765135d2, 0x52abfa6b, 0x71936cb4, 0x2dc105de, 0xad5cc08f,
-      0x7fff5788, 0x17e91d12 },
-    { 0xb7e051ca, 0xbe92ced3, 0x19c776d4, 0xc644d4fd, 0x0086784b,
-      0xc8ab4b52, 0xce9d6b31, 0x3ea66227, 0xd289e9c7, 0x395249a3,
-      0xd12a19ee, 0x54509e65, 0x8c365aec, 0xa7bd4692, 0x77963e0e,
-      0x354997e4, 0xb599732d, 0x0d765957, 0x91d4a3b6, 0x99584aeb,
-      0x1deb3e28, 0x6e653ea4, 0x572571df, 0xca7c98ed, 0xb18ae1f9,
-      0xf301a38f, 0x63f7b97e, 0x1629f7c2, 0xafc4a0d5, 0xdf242282,
-      0x3ddd0c01, 0x118f3b4b },
-    { 0x7ad4762b, 0x74a0a0a8, 0x8c58d175, 0x1aef84da, 0x4cf76d86,
-      0x16ff4960, 0x7e60d98b, 0xc0be8786, 0x3ecc1dba, 0x83637ffb,
-      0x5dd6147a, 0xc244a609, 0x5b0846e5, 0xa3e17834, 0xe77a4c05,
-      0x735eb686, 0xdf758695, 0x5bc18b4f, 0x1bdfe52f, 0x15618d0b,
-      0x00715ba1, 0x878ecc0d, 0xc2dd617f, 0x1dbdbd1a, 0x21b61710,
-      0x21d2b631, 0x44f593c2, 0x22ce8a79, 0x44f17024, 0x3b9b536a,
-      0x8d03e727, 0x01d0a67c },
-    { 0x1e46533c, 0x7b964236, 0xfb88c2ae, 0xe9477990, 0xa42c4a18,
-      0x019b5d16, 0xd83c7a45, 0x7135e81d, 0x4cb663e3, 0x74a69bdd,
-      0xe76c0d63, 0x7b67ecdb, 0x11e68da6, 0x03d54521, 0xd2e8650a,
-      0x596cceb5, 0x2af03b37, 0xcd572dfd, 0xfabd5952, 0x52364ba1,
-      0xb4ed8569, 0x7f47d456, 0xc950d5d4, 0x5ad8b572, 0x486e2f84,
-      0xcadd2dfa, 0xc56bb044, 0xdd527b43, 0x997c08e6, 0xc9adba24,
-      0x7da6320f, 0x1b625b06 },
-    { 0x4fd8446d, 0x44dfaa7b, 0xaf6febeb, 0xc01b2f01, 0xfe8838b5,
-      0xbf444388, 0xbba9758b, 0xf33c434f, 0x87156bc9, 0x2b971cba,
-      0x1f49098b, 0x6b245e5c, 0x2b41c5dd, 0x87dcb534, 0x34d852d7,
-      0xdb1f80c6, 0x2433da34, 0x6d6e3258, 0x3f7df0c2, 0xf6682065,
-      0x360cb365, 0xc4ca567c, 0x9826656a, 0x321faac2, 0xbf069768,
-      0x13f5ca6f, 0xa7076639, 0x15397921, 0x8400736e, 0xbdf14328,
-      0x19fc948d, 0x333eca96 },
-    { 0xac775d81, 0x23337948, 0xd41dbbca, 0x38c2518f, 0xbcfce948,
-      0x623c7a4f, 0x54703fe7, 0xaad36236, 0x13fb3b5b, 0x2b3a13a4,
-      0x7f5c01f0, 0x5db3565a, 0x52359661, 0xd72408dc, 0x1d616e91,
-      0x5a17f8e5, 0xcb25b999, 0x90c16eeb, 0x3393743e, 0xf35e8cf1,
-      0xe54b64a7, 0x987da74a, 0x65cd449d, 0x557b322a, 0x37e7b15d,
-      0x765082a5, 0xf2cd134f, 0x4d25c742, 0x4ccf0746, 0xae9d9c07,
-      0x8728d135, 0x72fc2110 },
-    { 0xf96004c8, 0xa906b203, 0x458055ff, 0xd83f95cf, 0x55f35909,
-      0xd77d5867, 0xe550c8ee, 0x4a9ea6fb, 0x55a06081, 0x91c8cca9,
-      0xbce82062, 0x4a1fee78, 0x9a3df85e, 0xeb9ade06, 0x7d3de666,
-      0xfbbdcf0c, 0x5d336d51, 0x228a391b, 0x5c2ffc3c, 0x760f8d28,
-      0x2f7b165b, 0x1ee48de3, 0x56177040, 0x03803d84, 0x9deff9a0,
-      0xe573f648, 0xa17e35a4, 0xe1a2738e, 0x8840a6c6, 0x238ef17c,
-      0xb11ed92d, 0x480946f8 },
-    { 0xfd71f119, 0x84c747a8, 0x53eb3695, 0x19e65c5e, 0x6298587a,
-      0x0e2f6786, 0xab18d6f4, 0x48a48899, 0xc630b8c0, 0xa1a99024,
-      0x2caaf892, 0x84975096, 0xe20fd624, 0xc8869aba, 0x6c2b7dd4,
-      0x3b72b04d, 0x0992f7d0, 0xe2775eb6, 0x7d06e684, 0x0089c06e,
-      0xe4bbd007, 0xcb3b4361, 0x4ba846e4, 0xa1ae666b, 0x46464d9e,
-      0xc01c2eb2, 0xc1f8539f, 0xf86f2be6, 0xcf68afc7, 0x16e8e8ae,
-      0xc7386902, 0x8dab61fd },
-    { 0xd54d1d45, 0x42a5c903, 0xff4f9ba2, 0xacd4297e, 0x34d478b4,
-      0x2d88b520, 0x08c4621a, 0x35b2ba2b, 0x34865402, 0xd3d239bb,
-      0x911f32e6, 0x1de76aed, 0x3f06fdc2, 0x877f8bcf, 0x9ec51502,
-      0x802714c1, 0xa590700d, 0xa10444eb, 0x31dcc957, 0x8694229f,
-      0xb8169fed, 0x5ece77ab, 0x2caf080e, 0x55be8a15, 0xcbd7cef1,
-      0x3eb21b14, 0x67b97ee1, 0x9def7ad1, 0x118f690c, 0xe03ca879,
-      0xf99b29e7, 0x6f77e62d },
-    { 0xe40bbf59, 0xa271bded, 0x6401aad6, 0x177ba453, 0x73541cd1,
-      0x1755e035, 0x4b71b02f, 0x3465b466, 0xa813359f, 0x22eb7113,
-      0x6f38eac7, 0x9792a8fd, 0xff3bf3b5, 0x11aa012f, 0xf85c3fbf,
-      0x99aafabf, 0x06c0cc42, 0x91e0a2ef, 0x773b7b3a, 0x314d5d57,
-      0xd669840a, 0xae5e2e76, 0x2e5a8be6, 0x86136073, 0xc1cf5580,
-      0xee6d7578, 0x68bed102, 0x2344e00f, 0x8184f0eb, 0x799d7886,
-      0xc3d2cf80, 0x63819c91 },
-    { 0x7884b073, 0xca5392e1, 0xeb1267ea, 0x9ec3a1fc, 0x907038a7,
-      0x3d07f5f0, 0xe4c47b70, 0xcb2ac07c, 0x1bf96b91, 0xf96664ee,
-      0x2aea4fbf, 0xebf57589, 0xfade6500, 0x5aabf391, 0x171d1204,
-      0xc5b3376f, 0xa0d3d81a, 0x1ff60c51, 0x976a844b, 0x10b2cfe7,
-      0xbda6125a, 0xe131cc9a, 0x4ebd453e, 0xe0fc16d3, 0x504b6bc1,
-      0xc0d0319a, 0x0a2f8cab, 0xe43a0be7, 0x55e49b47, 0xc80afeec,
-      0x8265d7ee, 0x67d48d12 },
-    { 0xea2d56d6, 0x068d59a7, 0x27480a63, 0xd71abd0e, 0xae7366cd,
-      0x6bd11db0, 0x07204ebc, 0xfbb639ca, 0xf77e6293, 0x89a242e7,
-      0x75ba8c3d, 0xdee7ca2b, 0x64a2f9a8, 0x472ddc3d, 0x7561a010,
-      0x84229df4, 0xc5b649d4, 0x95f62c85, 0x4dc927cd, 0xfdd56b1b,
-      0x5ee60596, 0xfe8bb120, 0xabf29401, 0x3efcaa50, 0x10d1c184,
-      0xd4900d0f, 0x28b01df5, 0x2cf113a9, 0x1f0e43f5, 0xa3d7ebc3,
-      0xe8384dc7, 0x27950e38 },
-    { 0xe1d0fa79, 0xeab21ff0, 0x048b5de9, 0x4b9fd033, 0x2fe374cb,
-      0x4c934689, 0x4eb21f6b, 0xbb4827fa, 0xa925e7e7, 0x46716f79,
-      0x7dd4c531, 0x1442bf36, 0xd2e96ddf, 0x2073954c, 0x8502aa89,
-      0x4e0141ae, 0x8eef6cc9, 0x8ee00e1a, 0x5880cdaf, 0x55ce8491,
-      0x69628046, 0xff3aba5c, 0x5d15dfbf, 0x335cc4f8, 0x9f684f25,
-      0xa7f0440c, 0xbb1e5bd8, 0xae80453f, 0xff2225ab, 0xa1c99813,
-      0x79b25d71, 0x54ff7884 },
-    { 0xde40b068, 0x27c6ee30, 0xe6f3a51e, 0x9226465b, 0xfa3b21f6,
-      0xe24a4604, 0xc0418115, 0x50a5a5ad, 0x8df90d2b, 0xe3285441,
-      0xdcb0c00f, 0xbb74e58f, 0x4a2c08e3, 0xc68f1b3b, 0x0ccd9ec9,
-      0x339df081, 0xb786ea9f, 0x915362dc, 0xc955aead, 0x28945e31,
-      0x8b6a6c6b, 0xd6a2c01d, 0x3678a427, 0x069e82dc, 0x28c9302c,
-      0x17875500, 0x9fa101e6, 0x8acda965, 0xee30b286, 0x4e4e4573,
-      0x3f1830fe, 0x8adbad85 },
-    { 0x0969d524, 0x060ae11f, 0xf39bcc79, 0xf42fdaf7, 0x7cc1fcc2,
-      0x3cec6766, 0xe2336d4f, 0x456b9cf2, 0x8e1c0f7f, 0x6aa1f5de,
-      0x0984fb0e, 0xcdbc2ad2, 0x1b464b28, 0x4090cfa6, 0x1243f3ef,
-      0x40d86f30, 0xcd5e87e7, 0x95b16ccc, 0x3026cd41, 0x403f168c,
-      0x816c0730, 0xdbe386cb, 0x58407a1d, 0x14eb86f3, 0x1717e1af,
-      0xf588b4f8, 0x66cbc96c, 0xb75c41a6, 0x027e71c1, 0xf342c1aa,
-      0xc0945e5f, 0x73930036 },
-    { 0x22cdaf42, 0x954f757d, 0xf4181aab, 0x788b591d, 0xf5514f25,
-      0x8b986819, 0xf18fd5bc, 0x69642e08, 0x022ceb91, 0x92b305d1,
-      0x6a4f6985, 0x1715903e, 0x61179cae, 0x4bd7d69d, 0xd29c01aa,
-      0xdacdfd5d, 0xd91108cc, 0x705ddd5a, 0x64ac8f15, 0x434ac7b1,
-      0xb524632f, 0x61a514e1, 0x731fc447, 0x45b9e61b, 0xe0961b31,
-      0xcf561348, 0x73eaf223, 0x9c28a967, 0xaa7c99d3, 0x5bd10182,
-      0xe42965e2, 0x8bc6ec4a },
-    { 0xe7f2a32b, 0xd096e5c0, 0x09388a30, 0xff54800c, 0x401e360c,
-      0x06fe437c, 0xbb6054a6, 0x6655fc9c, 0x8457aa6e, 0x510e1860,
-      0x2b29b2b7, 0xa0acfca2, 0x51b7da61, 0x732483e3, 0x6be6c8ca,
-      0xe31471ee, 0x8b65c9a1, 0xe565431c, 0x48d65cbb, 0xfc9ac3b9,
-      0xae9b2aa8, 0xd308fc21, 0xaa60aa6a, 0xd6a7df0d, 0x982fc0d4,
-      0x2844d96a, 0x5847a4d7, 0xab012c2c, 0xdceb8955, 0x2b3c8f71,
-      0xbe9c7e15, 0x8e85437d },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit tx[2 * 32];
-    sp_digit ty[2 * 32];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 32 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 32 * 2;
-        ty = td + 37 * 32 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 32);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 32);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_32(tx, ty, t);
-            sp_1024_proj_mul_qx1_32(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_32(tx, tx, t);
-        sp_1024_mont_mul_32(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_32(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_32(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_32(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_32(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_32(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_32(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_32(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_32(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_32(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 32;
-
-    sp_1024_mont_inv_32(t1, p->z, t2);
-    sp_1024_mont_sqr_32(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_32(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 32);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 32;
-    sp_digit* pz2 = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* l   = t +  8 * 32;
-    sp_digit* ty  = t + 10 * 32;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_32(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_32(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_32(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_32(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_32(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_32(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_32(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_32(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_32(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_32(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_32(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_32(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_32(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_32(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_32(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_32(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_32(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* h   = t +  8 * 32;
-    sp_digit* r   = t + 10 * 32;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_32(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_32(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_32(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_32(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_32(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_32(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_32(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_32(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_32(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_32(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_32(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_32(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_32(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_32(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_32(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_32(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_32(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_32(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_32(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_32(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit qx_px[2 * 32];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_32(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 32 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 32 * 2;
-        vy    = td + 37 * 32 * 2;
-        qx_px = td + 38 * 32 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-
-        sp_1024_mont_add_32(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 32] >> (i % 32)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_32(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_32(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 32;
-    sp_digit* rx = t +  4 * 32;
-    sp_digit* ry = t +  6 * 32;
-    sp_digit* h  = t +  8 * 32;
-    sp_digit* r  = t + 10 * 32;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_32(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_32(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_32(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_32(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_32(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_32(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_32(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_32(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_32(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_32(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_32(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_32(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_32(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_32(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_32(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_32(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_32(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_32(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_32(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_32(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_32(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_32(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_32(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_32(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_32(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_32(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_32(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_32(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_32(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_32(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 32;
-    sp_digit* pz2 = t +  2 * 32;
-    sp_digit* rx  = t +  4 * 32;
-    sp_digit* ry  = t +  6 * 32;
-    sp_digit* l   = t +  8 * 32;
-    sp_digit* ty  = t + 10 * 32;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_32(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_32(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_32(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_32(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_32(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_32(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_32(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_32(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_32(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_32(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_32(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_32(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_32(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_32(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_32(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_32(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_32(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_32(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_32(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_32(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[64];
-    sp_digit (*pre_vy)[64];
-    sp_digit (*pre_nvy)[64];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit pre_vx[16][64];
-    sp_digit pre_vy[16][64];
-    sp_digit pre_nvy[16][64];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_32(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 32 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 32 * 2;
-        vy      = td + 37 * 32 * 2;
-        pre_vx  = (sp_digit(*)[64])(td + 38 * 32 * 2);
-        pre_vy  = (sp_digit(*)[64])(td + 54 * 32 * 2);
-        pre_nvy = (sp_digit(*)[64])(td + 70 * 32 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 32 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 32);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_mont_sub_32(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 32);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 32);
-            sp_1024_proj_mul_32(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_32(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_32(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 32);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 32);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_32(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_32(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_32(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_32(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_32(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 32;
-    sp_digit* t2 = t + 34 * 2 * 32;
-    sp_digit* l  = t + 35 * 2 * 32;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_32(l, py, p1024_mod);
-    sp_1024_mont_inv_32(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_32(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_32(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_32(t2, t1, p1024_mod);
-    sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_32(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_32(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_32(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 32);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 32);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_32(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 32;
-    sp_digit* c  = t + 34 * 2 * 32;
-    sp_digit* l  = t + 35 * 2 * 32;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_32(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_32(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_32(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_32(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_32(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_32(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_32(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_32(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 32);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 32);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_32(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 32;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_32(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_32(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_32(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_32(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 32 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 32 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_32(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_32(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_32(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_32(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_32(c, c, t);
-            sp_1024_mont_map_32(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_32(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_32(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_32(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_32(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_32(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_32(c, c, neg, t);
-                sp_1024_mont_map_32(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_32(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_32(c, c, t);
-                sp_1024_mont_map_32(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(neg, 1, NULL);
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[64];
-    sp_digit (*pre_vy)[64];
-    sp_digit (*pre_nvy)[64];
-#else
-    sp_digit t[36 * 2 * 32];
-    sp_digit vx[2 * 32];
-    sp_digit vy[2 * 32];
-    sp_digit pre_vx[16][64];
-    sp_digit pre_vy[16][64];
-    sp_digit pre_nvy[16][64];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_32(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 32 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 32 * 2;
-        vy      = td + 37 * 32 * 2;
-        pre_vx  = (sp_digit(*)[64])(td + 38 * 32 * 2);
-        pre_vy  = (sp_digit(*)[64])(td + 54 * 32 * 2);
-        pre_nvy = (sp_digit(*)[64])(td + 70 * 32 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_32(p, pm);
-        sp_1024_point_from_ecc_point_32(q, qm);
-
-        err = sp_1024_mod_mul_norm_32(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_32(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 32);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_mont_sub_32(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 32);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 32);
-        sp_1024_accumulate_line_dbl_32(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 32);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 32);
-            sp_1024_proj_mul_32(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_32(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_32(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 32);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 32);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 32);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_32(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_32(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_32(vx, vy, t);
-        sp_1024_proj_sqr_32(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_32(vx, vx, t);
-        sp_1024_mont_mul_32(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 32, 0, sizeof(sp_digit) * 32);
-        sp_1024_mont_reduce_32(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_32(c, 1, NULL);
-    sp_1024_point_free_32(q, 1, NULL);
-    sp_1024_point_free_32(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-    int i;
-    int j;
-    byte* d;
-
-    j = 0;
-    for (i = n - 1; i >= 3; i -= 4) {
-        r[j]  = ((sp_digit)a[i - 0] <<  0) |
-                ((sp_digit)a[i - 1] <<  8) |
-                ((sp_digit)a[i - 2] << 16) |
-                ((sp_digit)a[i - 3] << 24);
-        j++;
-    }
-
-    if (i >= 0) {
-        r[j] = 0;
-
-        d = (byte*)(r + j);
-#ifdef BIG_ENDIAN_ORDER
-        switch (i) {
-            case 2: d[1] = *(a++); //fallthrough
-            case 1: d[2] = *(a++); //fallthrough
-            case 0: d[3] = *a    ; //fallthrough
-        }
-#else
-        switch (i) {
-            case 2: d[i-2] = a[2]; //fallthrough
-            case 1: d[i-1] = a[1]; //fallthrough
-            case 0: d[i-0] = a[0]; //fallthrough
-        }
-#endif
-        j++;
-    }
-
-    for (; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 32 * 4);
-    sp_digit* t2 = NULL;
-    sp_int32 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 32 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 32;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_32(t1, point->y);
-        (void)sp_1024_mod_32(t1, t1, p1024_mod);
-        sp_1024_sqr_32(t2, point->x);
-        (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        sp_1024_mul_32(t2, t2, point->x);
-        (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_32(t1, p1024_mod);
-        sp_1024_cond_sub_32(t1, t1, p1024_mod, (sp_digit)~(n >> 31));
-        sp_1024_norm_32(t1);
-        if (!sp_1024_iszero_32(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 32, pX);
-        sp_1024_from_mp(pub->y, 32, pY);
-        sp_1024_from_bin(pub->z, 32, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_32(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 32);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 32, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 32, pX);
-        sp_1024_from_mp(pub->y, 32, pY);
-        sp_1024_from_bin(pub->z, 32, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 32, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_32(pub->x) != 0) &&
-            (sp_1024_iszero_32(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_32(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_32(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_32(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-            err = sp_1024_ecc_mulmod_32(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_32(p->x) == 0) ||
-                             (sp_1024_iszero_32(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-                err = sp_1024_ecc_mulmod_base_32(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_32(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_32(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_SP_ARM_CORTEX_M_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_dsp32.c b/src/ssl/wolfssl/wolfcrypt/sp_dsp32.c
deleted file mode 100644
index b47c57fa6..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_dsp32.c
+++ /dev/null
@@ -1,4900 +0,0 @@
-/* sp_cdsp_signed.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/* from wolfcrypt/src/sp_c32.c */
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_HAVE_SP_ECC)
-#ifdef WOLFSSL_DSP
-
-#include <wolfssl/wolfcrypt/sp.h>
-#include "remote.h"
-#include "hexagon_protos.h"
-#include "hexagon_types.h"
-
-#if (!defined(WC_NO_CACHE_RESISTANT) || defined(WOLFSSL_SP_SMALL)) && \
-             (defined(WOLFSSL_HAVE_SP_ECC) || !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Mask for address to obfuscate which of the two address will be used. */
-static const size_t addr_mask[2] = { 0, (size_t)-1 };
-#endif
-
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point {
-    sp_digit x[2 * 10] __attribute__((aligned(128)));
-    sp_digit y[2 * 10] __attribute__((aligned(128)));
-    sp_digit z[2 * 10] __attribute__((aligned(128)));
-    int infinity;
-} sp_point;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[10] __attribute__((aligned(128))) = {
-    0x3ffffff,0x3ffffff,0x3ffffff,0x003ffff,0x0000000,0x0000000,0x0000000,
-    0x0000400,0x3ff0000,0x03fffff
-};
-#ifndef WOLFSSL_SP_SMALL
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[10] __attribute__((aligned(128))) = {
-    0x0000001,0x0000000,0x0000000,0x3fc0000,0x3ffffff,0x3ffffff,0x3ffffff,
-    0x3fffbff,0x000ffff,0x0000000
-};
-#endif /* WOLFSSL_SP_SMALL */
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod __attribute__((aligned(128))) = 0x000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[10] __attribute__((aligned(128))) = {
-    0x0632551,0x272b0bf,0x1e84f3b,0x2b69c5e,0x3bce6fa,0x3ffffff,0x3ffffff,
-    0x00003ff,0x3ff0000,0x03fffff
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[10] __attribute__((aligned(128))) = {
-    0x39cdaaf,0x18d4f40,0x217b0c4,0x14963a1,0x0431905,0x0000000,0x0000000,
-    0x3fffc00,0x000ffff,0x0000000
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order __attribute__((aligned(128))) = 0x200bc4f;
-#endif
-/* The base point of curve P256. */
-static const sp_point p256_base __attribute__((aligned(128))) = {
-    /* X ordinate */
-    {
-        0x098c296,0x04e5176,0x33a0f4a,0x204b7ac,0x277037d,0x0e9103c,0x3ce6e56,
-        0x1091fe2,0x1f2e12c,0x01ac5f4, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L
-    },
-    /* Y ordinate */
-    {
-        0x3bf51f5,0x1901a0d,0x1ececbb,0x15dacc5,0x22bce33,0x303e785,0x27eb4a7,
-        0x1fe6e3b,0x2e2fe1a,0x013f8d0, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L
-    },
-    /* Z ordinate */
-    {
-        0x0000001,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,0x0000000,
-        0x0000000,0x0000000,0x0000000, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L, 0L
-    },
-    /* infinity */
-    0
-};
-
-static int sp_ecc_point_new_ex(void* heap, sp_point* sp, sp_point** p)
-{
-    int ret = MP_OKAY;
-
-    if (p == NULL) {
-        ret = MEMORY_E;
-    } else {
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-        (void)sp;
-        *p = (sp_point*)XMALLOC(sizeof(sp_point), heap, DYNAMIC_TYPE_ECC);
-        if (*p == NULL) {
-            ret = MEMORY_E;
-        }
-#else
-        (void)heap;
-        if (sp == NULL) {
-            ret = MEMORY_E;
-        } else {
-            *p = sp;
-        }
-#endif
-    }
-
-    return ret;
-}
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_ecc_point_new(heap, sp, p) sp_ecc_point_new_ex((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_ecc_point_new(heap, sp, p) sp_ecc_point_new_ex((heap), &(sp), &(p))
-#endif
-
-
-static void sp_ecc_point_free(sp_point* p, int clear, void* heap)
-{
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-/* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear != 0) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-/* Clear point data if requested. */
-    if (clear != 0) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mod_mul_norm_10(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    int64_t* td;
-#else
-    int64_t td[8];
-    int64_t a32d[8];
-#endif
-    int64_t* t;
-    int64_t* a32;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    td = (int64_t*)XMALLOC(sizeof(int64_t) * 2 * 8, NULL, DYNAMIC_TYPE_ECC);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-        t = td;
-        a32 = td + 8;
-#else
-        t = td;
-        a32 = a32d;
-#endif
-
-        a32[0] = a[0];
-        a32[0] |= a[1] << 26U;
-        a32[0] &= 0xffffffffL;
-        a32[1] = (sp_digit)(a[1] >> 6);
-        a32[1] |= a[2] << 20U;
-        a32[1] &= 0xffffffffL;
-        a32[2] = (sp_digit)(a[2] >> 12);
-        a32[2] |= a[3] << 14U;
-        a32[2] &= 0xffffffffL;
-        a32[3] = (sp_digit)(a[3] >> 18);
-        a32[3] |= a[4] << 8U;
-        a32[3] &= 0xffffffffL;
-        a32[4] = (sp_digit)(a[4] >> 24);
-        a32[4] |= a[5] << 2U;
-        a32[4] |= a[6] << 28U;
-        a32[4] &= 0xffffffffL;
-        a32[5] = (sp_digit)(a[6] >> 4);
-        a32[5] |= a[7] << 22U;
-        a32[5] &= 0xffffffffL;
-        a32[6] = (sp_digit)(a[7] >> 10);
-        a32[6] |= a[8] << 16U;
-        a32[6] &= 0xffffffffL;
-        a32[7] = (sp_digit)(a[8] >> 16);
-        a32[7] |= a[9] << 10U;
-        a32[7] &= 0xffffffffL;
-
-        /*  1  1  0 -1 -1 -1 -1  0 */
-        t[0] = 0 + a32[0] + a32[1] - a32[3] - a32[4] - a32[5] - a32[6];
-        /*  0  1  1  0 -1 -1 -1 -1 */
-        t[1] = 0 + a32[1] + a32[2] - a32[4] - a32[5] - a32[6] - a32[7];
-        /*  0  0  1  1  0 -1 -1 -1 */
-        t[2] = 0 + a32[2] + a32[3] - a32[5] - a32[6] - a32[7];
-        /* -1 -1  0  2  2  1  0 -1 */
-        t[3] = 0 - a32[0] - a32[1] + 2 * a32[3] + 2 * a32[4] + a32[5] - a32[7];
-        /*  0 -1 -1  0  2  2  1  0 */
-        t[4] = 0 - a32[1] - a32[2] + 2 * a32[4] + 2 * a32[5] + a32[6];
-        /*  0  0 -1 -1  0  2  2  1 */
-        t[5] = 0 - a32[2] - a32[3] + 2 * a32[5] + 2 * a32[6] + a32[7];
-        /* -1 -1  0  0  0  1  3  2 */
-        t[6] = 0 - a32[0] - a32[1] + a32[5] + 3 * a32[6] + 2 * a32[7];
-        /*  1  0 -1 -1 -1 -1  0  3 */
-        t[7] = 0 + a32[0] - a32[2] - a32[3] - a32[4] - a32[5] + 3 * a32[7];
-
-        t[1] += t[0] >> 32U; t[0] &= 0xffffffffL;
-        t[2] += t[1] >> 32U; t[1] &= 0xffffffffL;
-        t[3] += t[2] >> 32U; t[2] &= 0xffffffffL;
-        t[4] += t[3] >> 32U; t[3] &= 0xffffffffL;
-        t[5] += t[4] >> 32U; t[4] &= 0xffffffffL;
-        t[6] += t[5] >> 32U; t[5] &= 0xffffffffL;
-        t[7] += t[6] >> 32U; t[6] &= 0xffffffffL;
-        o     = t[7] >> 32U; t[7] &= 0xffffffffL;
-        t[0] += o;
-        t[3] -= o;
-        t[6] -= o;
-        t[7] += o;
-        t[1] += t[0] >> 32U; t[0] &= 0xffffffffL;
-        t[2] += t[1] >> 32U; t[1] &= 0xffffffffL;
-        t[3] += t[2] >> 32U; t[2] &= 0xffffffffL;
-        t[4] += t[3] >> 32U; t[3] &= 0xffffffffL;
-        t[5] += t[4] >> 32U; t[4] &= 0xffffffffL;
-        t[6] += t[5] >> 32U; t[5] &= 0xffffffffL;
-        t[7] += t[6] >> 32U; t[6] &= 0xffffffffL;
-
-        r[0] = (sp_digit)(t[0]) & 0x3ffffffL;
-        r[1] = (sp_digit)(t[0] >> 26U);
-        r[1] |= t[1] << 6U;
-        r[1] &= 0x3ffffffL;
-        r[2] = (sp_digit)(t[1] >> 20U);
-        r[2] |= t[2] << 12U;
-        r[2] &= 0x3ffffffL;
-        r[3] = (sp_digit)(t[2] >> 14U);
-        r[3] |= t[3] << 18U;
-        r[3] &= 0x3ffffffL;
-        r[4] = (sp_digit)(t[3] >> 8U);
-        r[4] |= t[4] << 24U;
-        r[4] &= 0x3ffffffL;
-        r[5] = (sp_digit)(t[4] >> 2U) & 0x3ffffffL;
-        r[6] = (sp_digit)(t[4] >> 28U);
-        r[6] |= t[5] << 4U;
-        r[6] &= 0x3ffffffL;
-        r[7] = (sp_digit)(t[5] >> 22U);
-        r[7] |= t[6] << 10U;
-        r[7] &= 0x3ffffffL;
-        r[8] = (sp_digit)(t[6] >> 16U);
-        r[8] |= t[7] << 16U;
-        r[8] &= 0x3ffffffL;
-        r[9] = (sp_digit)(t[7] >> 10U);
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_ECC);
-#endif
-
-    return err;
-}
-
-
-/* Compare a with b in constant time.
- *
- * a  A single precision integer.
- * b  A single precision integer.
- * return -ve, 0 or +ve if a is less than, equal to or greater than b
- * respectively.
- */
-static sp_digit sp_256_cmp_10(const sp_digit* a, const sp_digit* b)
-{
-    sp_digit r = 0;
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=9; i>=0; i--) {
-        r |= (a[i] - b[i]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    }
-#else
-    r |= (a[ 9] - b[ 9]) & (0 - (sp_digit)1);
-    r |= (a[ 8] - b[ 8]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 7] - b[ 7]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 6] - b[ 6]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 5] - b[ 5]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 4] - b[ 4]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 3] - b[ 3]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 2] - b[ 2]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 1] - b[ 1]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-    r |= (a[ 0] - b[ 0]) & (0 - ((r == 0) ? (sp_digit)1 : (sp_digit)0));
-#endif /* WOLFSSL_SP_SMALL */
-
-    return r;
-}
-
-/* Normalize the values in each word to 26.
- *
- * a  Array of sp_digit to normalize.
- */
-static void sp_256_norm_10(sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    for (i = 0; i < 9; i++) {
-        a[i+1] += a[i] >> 26;
-        a[i] &= 0x3ffffff;
-    }
-#else
-    a[1] += a[0] >> 26; a[0] = Q6_R_and_RR(a[0], 0x3ffffff);
-    a[2] += a[1] >> 26; a[1] = Q6_R_and_RR(a[1], 0x3ffffff);
-    a[3] += a[2] >> 26; a[2] = Q6_R_and_RR(a[2], 0x3ffffff);
-    a[4] += a[3] >> 26; a[3] = Q6_R_and_RR(a[3], 0x3ffffff);
-    a[5] += a[4] >> 26; a[4] = Q6_R_and_RR(a[4], 0x3ffffff);
-    a[6] += a[5] >> 26; a[5] = Q6_R_and_RR(a[5], 0x3ffffff);
-    a[7] += a[6] >> 26; a[6] = Q6_R_and_RR(a[6], 0x3ffffff);
-    a[8] += a[7] >> 26; a[7] = Q6_R_and_RR(a[7], 0x3ffffff);
-    a[9] += a[8] >> 26; a[8] = Q6_R_and_RR(a[8], 0x3ffffff);
-#endif
-}
-
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-static void sp_256_cond_sub_10(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 10; i++) {
-        r[i] = a[i] - (b[i] & m);
-    }
-#else
-    r[ 0] = Q6_R_sub_RR(a[ 0], Q6_R_and_RR(b[ 0], m));
-    r[ 1] = Q6_R_sub_RR(a[ 1], Q6_R_and_RR(b[ 1], m));
-    r[ 2] = Q6_R_sub_RR(a[ 2], Q6_R_and_RR(b[ 2], m));
-    r[ 3] = Q6_R_sub_RR(a[ 3], Q6_R_and_RR(b[ 3], m));
-    r[ 4] = Q6_R_sub_RR(a[ 4], Q6_R_and_RR(b[ 4], m));
-    r[ 5] = Q6_R_sub_RR(a[ 5], Q6_R_and_RR(b[ 5], m));
-    r[ 6] = Q6_R_sub_RR(a[ 6], Q6_R_and_RR(b[ 6], m));
-    r[ 7] = Q6_R_sub_RR(a[ 7], Q6_R_and_RR(b[ 7], m));
-    r[ 8] = Q6_R_sub_RR(a[ 8], Q6_R_and_RR(b[ 8], m));
-    r[ 9] = Q6_R_sub_RR(a[ 9], Q6_R_and_RR(b[ 9], m));
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#define sp_256_mont_reduce_order_10         sp_256_mont_reduce_10
-
-/* Mul a by scalar b and add into r. (r += a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_256_mul_add_10(sp_digit* r, const sp_digit* a,
-        const sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int64_t tb = b;
-    int64_t t = 0;
-    int i;
-
-    for (i = 0; i < 10; i++) {
-        t += (tb * a[i]) + r[i];
-        r[i] = t & 0x3ffffff;
-        t >>= 26;
-    }
-    r[10] += t;
-#else
-    int64_t tb = b;
-    int64_t t[10];
-
-    t[ 0] = Q6_P_mpy_RR(tb, a[ 0]);
-    t[ 1] = Q6_P_mpy_RR(tb, a[ 1]);
-    t[ 2] = Q6_P_mpy_RR(tb, a[ 2]);
-    t[ 3] = Q6_P_mpy_RR(tb, a[ 3]);
-    t[ 4] = Q6_P_mpy_RR(tb, a[ 4]);
-    t[ 5] = Q6_P_mpy_RR(tb, a[ 5]);
-    t[ 6] = Q6_P_mpy_RR(tb, a[ 6]);
-    t[ 7] = Q6_P_mpy_RR(tb, a[ 7]);
-    t[ 8] = Q6_P_mpy_RR(tb, a[ 8]);
-    t[ 9] = Q6_P_mpy_RR(tb, a[ 9]);
-    r[ 0] +=                 (t[ 0] & 0x3ffffff);
-    r[ 1] += (t[ 0] >> 26) + (t[ 1] & 0x3ffffff);
-    r[ 2] += (t[ 1] >> 26) + (t[ 2] & 0x3ffffff);
-    r[ 3] += (t[ 2] >> 26) + (t[ 3] & 0x3ffffff);
-    r[ 4] += (t[ 3] >> 26) + (t[ 4] & 0x3ffffff);
-    r[ 5] += (t[ 4] >> 26) + (t[ 5] & 0x3ffffff);
-    r[ 6] += (t[ 5] >> 26) + (t[ 6] & 0x3ffffff);
-    r[ 7] += (t[ 6] >> 26) + (t[ 7] & 0x3ffffff);
-    r[ 8] += (t[ 7] >> 26) + (t[ 8] & 0x3ffffff);
-    r[ 9] += (t[ 8] >> 26) + (t[ 9] & 0x3ffffff);
-    r[10] +=  t[ 9] >> 26;
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-/* Shift the result in the high 256 bits down to the bottom.
- *
- * r  A single precision number.
- * a  A single precision number.
- */
-static void sp_256_mont_shift_10(sp_digit* r, const sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-    sp_digit n, s;
-
-    s = a[10];
-    n = a[9] >> 22;
-    for (i = 0; i < 9; i++) {
-        n += (s & 0x3ffffff) << 4;
-        r[i] = n & 0x3ffffff;
-        n >>= 26;
-        s = a[11 + i] + (s >> 26);
-    }
-    n += s << 4;
-    r[9] = n;
-#else
-    sp_digit n, s;
-
-    s = a[10]; n = a[9] >> 22;
-    n += (s & 0x3ffffff) << 4; r[ 0] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[11] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 1] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[12] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 2] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[13] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 3] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[14] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 4] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[15] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 5] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[16] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 6] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[17] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 7] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[18] + (s >> 26);
-    n += (s & 0x3ffffff) << 4; r[ 8] = Q6_R_and_RR(n, 0x3ffffff);
-    n >>= 26; s = a[19] + (s >> 26);
-    n += s << 4;              r[ 9] = n;
-#endif /* WOLFSSL_SP_SMALL */
-    XMEMSET(&r[10], 0, sizeof(*r) * 10U);
-}
-
-
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-static void sp_256_mont_reduce_10(sp_digit* a, const sp_digit* m, sp_digit mp)
-{
-    sp_digit mu;
-
-
-    /* unrolled for loops due to unexpected behavior with -O optimizations */
-    if (mp != 1) {
-        mu = Q6_P_mpy_RR(a[0], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+0, m, mu);
-        a[0+1] += a[0] >> 26;
-
-        mu = Q6_P_mpy_RR(a[1], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+1, m, mu);
-        a[1+1] += a[1] >> 26;
-
-        mu = Q6_P_mpy_RR(a[2], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+2, m, mu);
-        a[2+1] += a[2] >> 26;
-
-        mu = Q6_P_mpy_RR(a[3], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+3, m, mu);
-        a[3+1] += a[3] >> 26;
-
-        mu = Q6_P_mpy_RR(a[4], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+4, m, mu);
-        a[4+1] += a[4] >> 26;
-
-        mu = Q6_P_mpy_RR(a[5], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+5, m, mu);
-        a[5+1] += a[5] >> 26;
-
-        mu = Q6_P_mpy_RR(a[6], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+6, m, mu);
-        a[6+1] += a[6] >> 26;
-
-        mu = Q6_P_mpy_RR(a[7], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+7, m, mu);
-        a[7+1] += a[7] >> 26;
-
-        mu = Q6_P_mpy_RR(a[8], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+8, m, mu);
-        a[8+1] += a[8] >> 26;
-
-        mu = Q6_P_mpy_RR(a[9], mp) & 0x3fffffL;
-        sp_256_mul_add_10(a+9, m, mu);
-        a[9+1] += a[9] >> 26;
-        a[9] &= 0x3ffffff;
-    }
-    else {
-        mu = Q6_P_mpy_RR(a[0], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+0, p256_mod, mu);
-        a[0+1] += a[0] >> 26;
-
-        mu = Q6_P_mpy_RR(a[1], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+1, p256_mod, mu);
-        a[1+1] += a[1] >> 26;
-
-        mu = Q6_P_mpy_RR(a[2], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+2, p256_mod, mu);
-        a[2+1] += a[2] >> 26;
-
-        mu = Q6_P_mpy_RR(a[3], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+3, p256_mod, mu);
-        a[3+1] += a[3] >> 26;
-
-        mu = Q6_P_mpy_RR(a[4], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+4, p256_mod, mu);
-        a[4+1] += a[4] >> 26;
-
-        mu = Q6_P_mpy_RR(a[5], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+5, p256_mod, mu);
-        a[5+1] += a[5] >> 26;
-
-        mu = Q6_P_mpy_RR(a[6], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+6, p256_mod, mu);
-        a[6+1] += a[6] >> 26;
-
-        mu = Q6_P_mpy_RR(a[7], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+7, p256_mod, mu);
-        a[7+1] += a[7] >> 26;
-
-        mu = Q6_P_mpy_RR(a[8], mp) & 0x3ffffff;
-        sp_256_mul_add_10(a+8, p256_mod, mu);
-        a[8+1] += a[8] >> 26;
-
-        mu = Q6_P_mpy_RR(a[9], mp) & 0x3fffffL;
-        sp_256_mul_add_10(a+9, p256_mod, mu);
-        a[9+1] += a[9] >> 26;
-        a[9] &= 0x3ffffff;
-    }
-
-
-    sp_256_mont_shift_10(a, a);
-    sp_256_cond_sub_10(a, a, m, 0 - (((a[9] >> 22) > 0) ?
-            (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(a);
-}
-
-/* Multiply a and b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static void sp_256_mul_10(sp_digit* r, const sp_digit* a,
-    const sp_digit* b)
-{
-#if 1
-    int64_t t0   = Q6_P_mpy_RR(a[0], b[0]);
-    int64_t t1   = Q6_P_mpy_RR(a[0], b[1])
-                 + Q6_P_mpy_RR(a[1], b[0]);
-    int64_t t2   = Q6_P_mpy_RR(a[0], b[2])
-                 + Q6_P_mpy_RR(a[1], b[1])
-                 + Q6_P_mpy_RR(a[2], b[0]);
-    int64_t t3   = Q6_P_mpy_RR(a[0], b[3])
-                 + Q6_P_mpy_RR(a[1], b[2])
-                 + Q6_P_mpy_RR(a[2], b[1])
-                 + Q6_P_mpy_RR(a[3], b[0]);
-    int64_t t4   = Q6_P_mpy_RR(a[0], b[4])
-                 + Q6_P_mpy_RR(a[1], b[3])
-                 + Q6_P_mpy_RR(a[2], b[2])
-                 + Q6_P_mpy_RR(a[3], b[1])
-                 + Q6_P_mpy_RR(a[4], b[0]);
-    int64_t t5   = Q6_P_mpy_RR(a[0], b[5])
-                 + Q6_P_mpy_RR(a[1], b[4])
-                 + Q6_P_mpy_RR(a[2], b[3])
-                 + Q6_P_mpy_RR(a[3], b[2])
-                 + Q6_P_mpy_RR(a[4], b[1])
-                 + Q6_P_mpy_RR(a[5], b[0]);
-    int64_t t6   = Q6_P_mpy_RR(a[0], b[6])
-                 + Q6_P_mpy_RR(a[1], b[5])
-                 + Q6_P_mpy_RR(a[2], b[4])
-                 + Q6_P_mpy_RR(a[3], b[3])
-                 + Q6_P_mpy_RR(a[4], b[2])
-                 + Q6_P_mpy_RR(a[5], b[1])
-                 + Q6_P_mpy_RR(a[6], b[0]);
-    int64_t t7   = Q6_P_mpy_RR(a[0], b[7])
-                 + Q6_P_mpy_RR(a[1], b[6])
-                 + Q6_P_mpy_RR(a[2], b[5])
-                 + Q6_P_mpy_RR(a[3], b[4])
-                 + Q6_P_mpy_RR(a[4], b[3])
-                 + Q6_P_mpy_RR(a[5], b[2])
-                 + Q6_P_mpy_RR(a[6], b[1])
-                 + Q6_P_mpy_RR(a[7], b[0]);
-    int64_t t8   = Q6_P_mpy_RR(a[0], b[8])
-                 + Q6_P_mpy_RR(a[1], b[7])
-                 + Q6_P_mpy_RR(a[2], b[6])
-                 + Q6_P_mpy_RR(a[3], b[5])
-                 + Q6_P_mpy_RR(a[4], b[4])
-                 + Q6_P_mpy_RR(a[5], b[3])
-                 + Q6_P_mpy_RR(a[6], b[2])
-                 + Q6_P_mpy_RR(a[7], b[1])
-                 + Q6_P_mpy_RR(a[8], b[0]);
-    int64_t t9   = Q6_P_mpy_RR(a[0], b[9])
-                 + Q6_P_mpy_RR(a[1], b[8])
-                 + Q6_P_mpy_RR(a[2], b[7])
-                 + Q6_P_mpy_RR(a[3], b[6])
-                 + Q6_P_mpy_RR(a[4], b[5])
-                 + Q6_P_mpy_RR(a[5], b[4])
-                 + Q6_P_mpy_RR(a[6], b[3])
-                 + Q6_P_mpy_RR(a[7], b[2])
-                 + Q6_P_mpy_RR(a[8], b[1])
-                 + Q6_P_mpy_RR(a[9], b[0]);
-    int64_t t10  = Q6_P_mpy_RR(a[1], b[9])
-                 + Q6_P_mpy_RR(a[2], b[8])
-                 + Q6_P_mpy_RR(a[3], b[7])
-                 + Q6_P_mpy_RR(a[4], b[6])
-                 + Q6_P_mpy_RR(a[5], b[5])
-                 + Q6_P_mpy_RR(a[6], b[4])
-                 + Q6_P_mpy_RR(a[7], b[3])
-                 + Q6_P_mpy_RR(a[8], b[2])
-                 + Q6_P_mpy_RR(a[9], b[1]);
-    int64_t t11  = Q6_P_mpy_RR(a[2], b[9])
-                 + Q6_P_mpy_RR(a[3], b[8])
-                 + Q6_P_mpy_RR(a[4], b[7])
-                 + Q6_P_mpy_RR(a[5], b[6])
-                 + Q6_P_mpy_RR(a[6], b[5])
-                 + Q6_P_mpy_RR(a[7], b[4])
-                 + Q6_P_mpy_RR(a[8], b[3])
-                 + Q6_P_mpy_RR(a[9], b[2]);
-    int64_t t12  = Q6_P_mpy_RR(a[3], b[9])
-                 + Q6_P_mpy_RR(a[4], b[8])
-                 + Q6_P_mpy_RR(a[5], b[7])
-                 + Q6_P_mpy_RR(a[6], b[6])
-                 + Q6_P_mpy_RR(a[7], b[5])
-                 + Q6_P_mpy_RR(a[8], b[4])
-                 + Q6_P_mpy_RR(a[9], b[3]);
-    int64_t t13  = Q6_P_mpy_RR(a[4], b[9])
-                 + Q6_P_mpy_RR(a[5], b[8])
-                 + Q6_P_mpy_RR(a[6], b[7])
-                 + Q6_P_mpy_RR(a[7], b[6])
-                 + Q6_P_mpy_RR(a[8], b[5])
-                 + Q6_P_mpy_RR(a[9], b[4]);
-    int64_t t14  = Q6_P_mpy_RR(a[5], b[9])
-                 + Q6_P_mpy_RR(a[6], b[8])
-                 + Q6_P_mpy_RR(a[7], b[7])
-                 + Q6_P_mpy_RR(a[8], b[6])
-                 + Q6_P_mpy_RR(a[9], b[5]);
-    int64_t t15  = Q6_P_mpy_RR(a[6], b[9])
-                 + Q6_P_mpy_RR(a[7], b[8])
-                 + Q6_P_mpy_RR(a[8], b[7])
-                 + Q6_P_mpy_RR(a[9], b[6]);
-    int64_t t16  = Q6_P_mpy_RR(a[7], b[9])
-                 + Q6_P_mpy_RR(a[8], b[8])
-                 + Q6_P_mpy_RR(a[9], b[7]);
-    int64_t t17  = Q6_P_mpy_RR(a[8], b[9])
-                 + Q6_P_mpy_RR(a[9], b[8]);
-    int64_t t18  = Q6_P_mpy_RR(a[9], b[9]);
-
-
-    t1   += t0  >> 26; r[ 0] = t0  & 0x3ffffff;
-    t2   += t1  >> 26; r[ 1] = t1  & 0x3ffffff;
-    t3   += t2  >> 26; r[ 2] = t2  & 0x3ffffff;
-    t4   += t3  >> 26; r[ 3] = t3  & 0x3ffffff;
-    t5   += t4  >> 26; r[ 4] = t4  & 0x3ffffff;
-    t6   += t5  >> 26; r[ 5] = t5  & 0x3ffffff;
-    t7   += t6  >> 26; r[ 6] = t6  & 0x3ffffff;
-    t8   += t7  >> 26; r[ 7] = t7  & 0x3ffffff;
-    t9   += t8  >> 26; r[ 8] = t8  & 0x3ffffff;
-    t10  += t9  >> 26; r[ 9] = t9  & 0x3ffffff;
-    t11  += t10 >> 26; r[10] = t10 & 0x3ffffff;
-    t12  += t11 >> 26; r[11] = t11 & 0x3ffffff;
-    t13  += t12 >> 26; r[12] = t12 & 0x3ffffff;
-    t14  += t13 >> 26; r[13] = t13 & 0x3ffffff;
-    t15  += t14 >> 26; r[14] = t14 & 0x3ffffff;
-    t16  += t15 >> 26; r[15] = t15 & 0x3ffffff;
-    t17  += t16 >> 26; r[16] = t16 & 0x3ffffff;
-    t18  += t17 >> 26; r[17] = t17 & 0x3ffffff;
-    r[19] = (sp_digit)(t18 >> 26);
-                       r[18] = t18 & 0x3ffffff;
-#endif
-#if 0
-    /* Testing speeds with using HVX_Vectors */
-    {
-    int64_t t0, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13, t14, t15, t16, t17, t18;
-    HVX_Vector av, splat;
-    HVX_Vector vlow, vhi;
-    
-    av = Q6_V_vzero();
-    vlow = Q6_V_vzero();
-    vhi = Q6_V_vzero();
-    
-    XMEMCPY((byte*)&av, (byte*)a, 40);
-    
-    splat = Q6_V_vsplat_R(b[0]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    unsigned int* loi = (unsigned int*)&vlow;
-    int* hii = (int*)&vhi;
-    
-    /* a[0] * b[0] */
-    t0 = loi[0] | ((int64_t)hii[0] << 31);
-    
-    /* a[1] * b[0] */
-    t1 = loi[1] | ((int64_t)hii[1] << 31);
-    
-    /* a[2] * b[0] */
-    t2 = loi[2] | ((int64_t)hii[2] << 31);
-    
-    /* a[3] * b[0] */
-    t3 = loi[3] | ((int64_t)hii[3] << 31);
-    
-    /* a[4] * b[0] */
-    t4 = loi[4] | ((int64_t)hii[4] << 31);
-    
-    /* a[5] * b[0] */
-    t5 = loi[5] | ((int64_t)hii[5] << 31);
-    
-    /* a[6] * b[0] */
-    t6 = loi[6] | ((int64_t)hii[6] << 31);
-    
-    /* a[7] * b[0] */
-    t7 = loi[7] | ((int64_t)hii[7] << 31);
-    
-    /* a[8] * b[0] */
-    t8 = loi[8] | ((int64_t)hii[8] << 31);
-    
-    /* a[9] * b[0] */
-    t9 = loi[9] | ((int64_t)hii[9] << 31);
-    
-    /* a[*] * b[1] */
-    splat = Q6_V_vsplat_R(b[1]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    /* a[0] * b[1] */
-    t1 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[1] */
-    t2 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[1] */
-    t3 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[1] */
-    t4 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[1] */
-    t5 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[1] */
-    t6 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[1] */
-    t7 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[1] */
-    t8 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[1] */
-    t9 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[1] */
-    t10 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    /* a[*] * b[2] */
-    splat = Q6_V_vsplat_R(b[2]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[2] */
-    t2 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[2] */
-    t3 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[2] */
-    t4 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[2] */
-    t5 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[2] */
-    t6 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[2] */
-    t7 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[2] */
-    t8 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[2] */
-    t9 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[2] */
-    t10 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[2] */
-    t11 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    /* a[*] * b[3] */
-    splat = Q6_V_vsplat_R(b[3]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[3] */
-    t3 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[3] */
-    t4 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[3] */
-    t5 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[3] */
-    t6 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[3] */
-    t7 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[3] */
-    t8 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[3] */
-    t9 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[3] */
-    t10 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[3] */
-    t11 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[3] */
-    t12 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    /* a[*] * b[4] */
-    splat = Q6_V_vsplat_R(b[4]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[4] */
-    t4 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[4] */
-    t5 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[4] */
-    t6 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[4] */
-    t7 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[4] */
-    t8 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[4] */
-    t9 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[4] */
-    t10 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[4] */
-    t11 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[4] */
-    t12 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[4] */
-    t13 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    /* a[*] * b[5] */
-    splat = Q6_V_vsplat_R(b[5]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[5] */
-    t5 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[5] */
-    t6 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[5] */
-    t7 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[5] */
-    t8 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[5] */
-    t9 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[5] */
-    t10 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[5] */
-    t11 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[5] */
-    t12 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[5] */
-    t13 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[5] */
-    t14 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    /* a[*] * b[6] */
-    splat = Q6_V_vsplat_R(b[6]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[6] */
-    t6 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[6] */
-    t7 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[6] */
-    t8 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[6] */
-    t9 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[6] */
-    t10 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[6] */
-    t11 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[6] */
-    t12 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[6] */
-    t13 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[6] */
-    t14 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[6] */
-    t15 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    
-    /* a[*] * b[7] */
-    splat = Q6_V_vsplat_R(b[7]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[7] */
-    t7 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[7] */
-    t8 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[7] */
-    t9 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[7] */
-    t10 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[7] */
-    t11 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[7] */
-    t12 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[7] */
-    t13 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[7] */
-    t14 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[7] */
-    t15 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[7] */
-    t16 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    /* a[*] * b[8] */
-    splat = Q6_V_vsplat_R(b[8]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[8] */
-    t8 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[8] */
-    t9 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[8] */
-    t10 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[8] */
-    t11 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[8] */
-    t12 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[8] */
-    t13 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[8] */
-    t14 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[8] */
-    t15 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[8] */
-    t16 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[8] */
-    t17 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-    
-    /* a[*] * b[9] */
-    splat = Q6_V_vsplat_R(b[9]);
-    vlow = Q6_Vw_vmpyieo_VhVh(av, splat);
-    vlow = Q6_Vw_vmpyieacc_VwVwVuh(vlow, av, splat);
-    vhi = Q6_Vw_vmpye_VwVuh(av, splat);
-    vhi = Q6_Vw_vmpyoacc_VwVwVh_s1_sat_shift(vhi, av, splat);
-    loi = (unsigned int*)&vlow;
-    hii = (int*)&vhi;
-    
-    
-    /* a[0] * b[9] */
-    t9 += (loi[0] | ((int64_t)hii[0] << 31));
-    
-    /* a[1] * b[9] */
-    t10 += (loi[1] | ((int64_t)hii[1] << 31));
-    
-    /* a[2] * b[9] */
-    t11 += (loi[2] | ((int64_t)hii[2] << 31));
-    
-    /* a[3] * b[9] */
-    t12 += (loi[3] | ((int64_t)hii[3] << 31));
-    
-    /* a[4] * b[9] */
-    t13 += (loi[4] | ((int64_t)hii[4] << 31));
-    
-    /* a[5] * b[9] */
-    t14 += (loi[5] | ((int64_t)hii[5] << 31));
-    
-    /* a[6] * b[9] */
-    t15 += (loi[6] | ((int64_t)hii[6] << 31));
-    
-    /* a[7] * b[9] */
-    t16 += (loi[7] | ((int64_t)hii[7] << 31));
-    
-    /* a[8] * b[9] */
-    t17 += (loi[8] | ((int64_t)hii[8] << 31));
-    
-    /* a[9] * b[9] */
-    t18 = (loi[9] | ((int64_t)hii[9] << 31));
-    
-        t1   += t0  >> 26; r[ 0] = t0  & 0x3ffffff;
-        t2   += t1  >> 26; r[ 1] = t1  & 0x3ffffff;
-        t3   += t2  >> 26; r[ 2] = t2  & 0x3ffffff;
-        t4   += t3  >> 26; r[ 3] = t3  & 0x3ffffff;
-        t5   += t4  >> 26; r[ 4] = t4  & 0x3ffffff;
-        t6   += t5  >> 26; r[ 5] = t5  & 0x3ffffff;
-        t7   += t6  >> 26; r[ 6] = t6  & 0x3ffffff;
-        t8   += t7  >> 26; r[ 7] = t7  & 0x3ffffff;
-        t9   += t8  >> 26; r[ 8] = t8  & 0x3ffffff;
-        t10  += t9  >> 26; r[ 9] = t9  & 0x3ffffff;
-        t11  += t10 >> 26; r[10] = t10 & 0x3ffffff;
-        t12  += t11 >> 26; r[11] = t11 & 0x3ffffff;
-        t13  += t12 >> 26; r[12] = t12 & 0x3ffffff;
-        t14  += t13 >> 26; r[13] = t13 & 0x3ffffff;
-        t15  += t14 >> 26; r[14] = t14 & 0x3ffffff;
-        t16  += t15 >> 26; r[15] = t15 & 0x3ffffff;
-        t17  += t16 >> 26; r[16] = t16 & 0x3ffffff;
-        t18  += t17 >> 26; r[17] = t17 & 0x3ffffff;
-        r[19] = (sp_digit)(t18 >> 26);
-                           r[18] = t18 & 0x3ffffff;
-    }
-#endif
-}
-
-
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-static void sp_256_mont_mul_10(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_256_mul_10(r, a, b);
-    sp_256_mont_reduce_10(r, m, mp);
-}
-
-
-/* Square a and put result in r. (r = a * a)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- */
-SP_NOINLINE static void sp_256_sqr_10(sp_digit* r, const sp_digit* a)
-{
-    int64_t t0   = Q6_P_mpy_RR(a[0], a[0]);
-    int64_t t1   = Q6_P_mpy_RR(a[0], a[1]) * 2;
-    int64_t t2   = Q6_P_mpy_RR(a[0], a[2]) * 2
-                 + Q6_P_mpy_RR(a[1], a[1]);
-    int64_t t3   = (Q6_P_mpy_RR(a[0], a[3])
-                 + Q6_P_mpy_RR(a[1], a[2])) * 2;
-    int64_t t4   = (Q6_P_mpy_RR(a[ 0], a[ 4])
-                 + Q6_P_mpy_RR(a[ 1], a[ 3])) * 2
-                 + Q6_P_mpy_RR(a[ 2], a[ 2]);
-    int64_t t5   = (Q6_P_mpy_RR(a[ 0], a[ 5])
-                 + Q6_P_mpy_RR(a[ 1], a[ 4])
-                 + Q6_P_mpy_RR(a[ 2], a[ 3])) * 2;
-    int64_t t6   = (Q6_P_mpy_RR(a[ 0], a[ 6])
-                 + Q6_P_mpy_RR(a[ 1], a[ 5])
-                 + Q6_P_mpy_RR(a[ 2], a[ 4])) * 2
-                 + Q6_P_mpy_RR(a[ 3], a[ 3]);
-    int64_t t7   = (Q6_P_mpy_RR(a[ 0], a[ 7])
-                 + Q6_P_mpy_RR(a[ 1], a[ 6])
-                 + Q6_P_mpy_RR(a[ 2], a[ 5])
-                 + Q6_P_mpy_RR(a[ 3], a[ 4])) * 2;
-    int64_t t8   = (Q6_P_mpy_RR(a[ 0], a[ 8])
-                 + Q6_P_mpy_RR(a[ 1], a[ 7])
-                 + Q6_P_mpy_RR(a[ 2], a[ 6])
-                 + Q6_P_mpy_RR(a[ 3], a[ 5])) * 2
-                 + Q6_P_mpy_RR(a[ 4], a[ 4]);
-    int64_t t9   = (Q6_P_mpy_RR(a[ 0], a[ 9])
-                 + Q6_P_mpy_RR(a[ 1], a[ 8])
-                 + Q6_P_mpy_RR(a[ 2], a[ 7])
-                 + Q6_P_mpy_RR(a[ 3], a[ 6])
-                 + Q6_P_mpy_RR(a[ 4], a[ 5])) * 2;
-    int64_t t10  = (Q6_P_mpy_RR(a[ 1], a[ 9])
-                 + Q6_P_mpy_RR(a[ 2], a[ 8])
-                 + Q6_P_mpy_RR(a[ 3], a[ 7])
-                 + Q6_P_mpy_RR(a[ 4], a[ 6])) * 2
-                 + Q6_P_mpy_RR(a[ 5], a[ 5]);
-    int64_t t11  = (Q6_P_mpy_RR(a[ 2], a[ 9])
-                 + Q6_P_mpy_RR(a[ 3], a[ 8])
-                 + Q6_P_mpy_RR(a[ 4], a[ 7])
-                 + Q6_P_mpy_RR(a[ 5], a[ 6])) * 2;
-    int64_t t12  = (Q6_P_mpy_RR(a[ 3], a[ 9])
-                 + Q6_P_mpy_RR(a[ 4], a[ 8])
-                 + Q6_P_mpy_RR(a[ 5], a[ 7])) * 2
-                 + Q6_P_mpy_RR(a[ 6], a[ 6]);
-    int64_t t13  = (Q6_P_mpy_RR(a[ 4], a[ 9])
-                 + Q6_P_mpy_RR(a[ 5], a[ 8])
-                 + Q6_P_mpy_RR(a[ 6], a[ 7])) * 2;
-    int64_t t14  = (Q6_P_mpy_RR(a[ 5], a[ 9])
-                 + Q6_P_mpy_RR(a[ 6], a[ 8])) * 2
-                 + Q6_P_mpy_RR(a[ 7], a[ 7]);
-    int64_t t15  =( Q6_P_mpy_RR(a[ 6], a[ 9])
-                 + Q6_P_mpy_RR(a[ 7], a[ 8])) * 2;
-    int64_t t16  = Q6_P_mpy_RR(a[ 7], a[ 9]) * 2
-                 + Q6_P_mpy_RR(a[ 8], a[ 8]);
-    int64_t t17  = Q6_P_mpy_RR(a[ 8], a[ 9]) * 2;
-    int64_t t18  = Q6_P_mpy_RR(a[ 9], a[ 9]);
-
-    t1   += t0  >> 26; r[ 0] = t0  & 0x3ffffff;
-    t2   += t1  >> 26; r[ 1] = t1  & 0x3ffffff;
-    t3   += t2  >> 26; r[ 2] = t2  & 0x3ffffff;
-    t4   += t3  >> 26; r[ 3] = t3  & 0x3ffffff;
-    t5   += t4  >> 26; r[ 4] = t4  & 0x3ffffff;
-    t6   += t5  >> 26; r[ 5] = t5  & 0x3ffffff;
-    t7   += t6  >> 26; r[ 6] = t6  & 0x3ffffff;
-    t8   += t7  >> 26; r[ 7] = t7  & 0x3ffffff;
-    t9   += t8  >> 26; r[ 8] = t8  & 0x3ffffff;
-    t10  += t9  >> 26; r[ 9] = t9  & 0x3ffffff;
-    t11  += t10 >> 26; r[10] = t10 & 0x3ffffff;
-    t12  += t11 >> 26; r[11] = t11 & 0x3ffffff;
-    t13  += t12 >> 26; r[12] = t12 & 0x3ffffff;
-    t14  += t13 >> 26; r[13] = t13 & 0x3ffffff;
-    t15  += t14 >> 26; r[14] = t14 & 0x3ffffff;
-    t16  += t15 >> 26; r[15] = t15 & 0x3ffffff;
-    t17  += t16 >> 26; r[16] = t16 & 0x3ffffff;
-    t18  += t17 >> 26; r[17] = t17 & 0x3ffffff;
-    r[19] = (sp_digit)(t18 >> 26);
-                       r[18] = t18 & 0x3ffffff;
-}
-
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-static void sp_256_mont_sqr_10(sp_digit* r, const sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    sp_256_sqr_10(r, a);
-    sp_256_mont_reduce_10(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-static void sp_256_mont_sqr_n_10(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_10(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_10(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word32 p256_mod_2[8] = {
-    0xfffffffdU,0xffffffffU,0xffffffffU,0x00000000U,0x00000000U,0x00000000U,
-    0x00000001U,0xffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_10(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 10);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_10(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_2[i / 32] & ((sp_digit)1 << (i % 32)))
-            sp_256_mont_mul_10(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 10);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + Q6_P_mpy_RR(2, 10);
-    sp_digit* t3 = td + Q6_P_mpy_RR(4, 10);
-
-    /* t = a^2 */
-    sp_256_mont_sqr_10(t, a, p256_mod, p256_mp_mod);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_10(t, t, a, p256_mod, p256_mp_mod);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_10(t2, t, 2, p256_mod, p256_mp_mod);
-    /* t3= a^d = t2 * a */
-    sp_256_mont_mul_10(t3, t2, a, p256_mod, p256_mp_mod);
-    /* t = a^f = t2 * t */
-    sp_256_mont_mul_10(t, t2, t, p256_mod, p256_mp_mod);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_10(t2, t, 4, p256_mod, p256_mp_mod);
-    /* t3= a^fd = t2 * t3 */
-    sp_256_mont_mul_10(t3, t2, t3, p256_mod, p256_mp_mod);
-    /* t = a^ff = t2 * t */
-    sp_256_mont_mul_10(t, t2, t, p256_mod, p256_mp_mod);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_10(t2, t, 8, p256_mod, p256_mp_mod);
-    /* t3= a^fffd = t2 * t3 */
-    sp_256_mont_mul_10(t3, t2, t3, p256_mod, p256_mp_mod);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_10(t, t2, t, p256_mod, p256_mp_mod);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_10(t2, t, 16, p256_mod, p256_mp_mod);
-    /* t3= a^fffffffd = t2 * t3 */
-    sp_256_mont_mul_10(t3, t2, t3, p256_mod, p256_mp_mod);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_10(t, t2, t, p256_mod, p256_mp_mod);
-    /* t = a^ffffffff00000000 = t ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_10(t2, t, 32, p256_mod, p256_mp_mod);
-    /* t2= a^ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_10(t, t2, t, p256_mod, p256_mp_mod);
-    /* t2= a^ffffffff00000001 = t2 * a */
-    sp_256_mont_mul_10(t2, t2, a, p256_mod, p256_mp_mod);
-    /* t2= a^ffffffff000000010000000000000000000000000000000000000000
-     *   = t2 ^ 2 ^ 160 */
-    sp_256_mont_sqr_n_10(t2, t2, 160, p256_mod, p256_mp_mod);
-    /* t2= a^ffffffff00000001000000000000000000000000ffffffffffffffff
-     *   = t2 * t */
-    sp_256_mont_mul_10(t2, t2, t, p256_mod, p256_mp_mod);
-    /* t2= a^ffffffff00000001000000000000000000000000ffffffffffffffff00000000
-     *   = t2 ^ 2 ^ 32 */
-    sp_256_mont_sqr_n_10(t2, t2, 32, p256_mod, p256_mp_mod);
-    /* r = a^ffffffff00000001000000000000000000000000fffffffffffffffffffffffd
-     *   = t2 * t3 */
-    sp_256_mont_mul_10(r, t2, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_10(sp_point* r, const sp_point* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + Q6_P_mpy_RR(2, 10);
-    int32_t n;
-
-    sp_256_mont_inv_10(t1, p->z, t + 2*10);
-
-    sp_256_mont_sqr_10(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_10(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_10(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 10, 0, sizeof(r->x) / 2U);
-    sp_256_mont_reduce_10(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_10(r->x, p256_mod);
-    sp_256_cond_sub_10(r->x, r->x, p256_mod, 0 - ((n >= 0) ?
-                (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_10(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 10, 0, sizeof(r->y) / 2U);
-    sp_256_mont_reduce_10(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_10(r->y, p256_mod);
-    sp_256_cond_sub_10(r->y, r->y, p256_mod, 0 - ((n >= 0) ?
-                (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z));
-    r->z[0] = 1;
-
-}
-
-
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_add_10(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-#if 0
-    r[ 0] = Q6_R_add_RR(a[0], b[0]);
-    r[ 1] = Q6_R_add_RR(a[1], b[1]);
-    r[ 2] = Q6_R_add_RR(a[2], b[2]);
-    r[ 3] = Q6_R_add_RR(a[3], b[3]);
-    r[ 4] = Q6_R_add_RR(a[4], b[4]);
-    r[ 5] = Q6_R_add_RR(a[5], b[5]);
-    r[ 6] = Q6_R_add_RR(a[6], b[6]);
-    r[ 7] = Q6_R_add_RR(a[7], b[7]);
-    r[ 8] = Q6_R_add_RR(a[8], b[8]);
-    r[ 9] = Q6_R_add_RR(a[9], b[9]);
-#endif
-#if 1
-    __asm__ __volatile__ (
-        "{ r1 = memw(%[a]+#0)  \n"
-        "  r2 = memw(%[b]+#0) }\n"
-        "{ r3 = memw(%[a]+#4)  \n"
-        "  r19 = add(r1,r2)    \n"
-        "  r4 = memw(%[b]+#4) }\n"
-        "{ r5 = memw(%[a]+#8)  \n"
-        "  r20 = add(r3,r4)    \n"
-        "  r6 = memw(%[b]+#8) }\n"
-        "{ memw(%[r]+#0) = r19 }\n"
-        "{ r7 = memw(%[a]+#12)  \n"
-        "  r21 = add(r5,r6)    \n"
-        "  r8 = memw(%[b]+#12) }\n"
-        "{ memw(%[r]+#4) = r20 }\n"
-        "{ r9 = memw(%[a]+#16)  \n"
-        "  r22 = add(r7,r8)     \n"
-        "  r10 = memw(%[b]+#16) }\n"
-        "{ memw(%[r]+#8) = r21 }\n"
-        "{ r11 = memw(%[a]+#20)  \n"
-        "  r23 = add(r9,r10)     \n"
-        "  r12 = memw(%[b]+#20) }\n"
-        "{ memw(%[r]+#12) = r22 }\n"
-        "{ r13 = memw(%[a]+#24)  \n"
-        "  r24 = add(r11,r12)     \n"
-        "  r14 = memw(%[b]+#24) }\n"
-        "{ memw(%[r]+#16) = r23 }\n"
-        "{ r15 = memw(%[a]+#28)  \n"
-        "  r25 = add(r13,r14)     \n"
-        "  r16 = memw(%[b]+#28) }\n"
-        "{ memw(%[r]+#20) = r24 }\n"
-        "{ r17 = memw(%[a]+#32)  \n"
-        "  r26 = add(r15,r16)     \n"
-        "  r18 = memw(%[b]+#32) }\n"
-        "{ memw(%[r]+#24) = r25 }\n"
-        "{ r5 = memw(%[a]+#36)  \n"
-        "  r19 = add(r17,r18)    \n"
-        "  r6 = memw(%[b]+#36) }\n"
-        "{ memw(%[r]+#28) = r26 }\n"
-        "{ r20 = add(r5,r6)      \n"
-            "  memw(%[r]+#32) = r19 }\n"
-        "{ memw(%[r]+#36) = r20 }\n"
-        : [r] "+r" (r)
-        : [a] "r"(a), [b] "r"(b)
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "r26"
-    );
-#endif
-    return 0;
-}
-
-
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_add_10(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_256_add_10(r, a, b);
-    sp_256_norm_10(r);
-    sp_256_cond_sub_10(r, r, m, 0 - (((r[9] >> 22) > 0) ?
-                (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(r);
-}
-
-
-/* Double a Montgomery form number (r = a + a % m).
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_dbl_10(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)sp_256_add_10(r, a, a);
-    sp_256_norm_10(r);
-    sp_256_cond_sub_10(r, r, m, 0 - (((r[9] >> 22) > 0) ?
-                (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(r);
-}
-
-
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_tpl_10(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)sp_256_add_10(r, a, a);
-    sp_256_norm_10(r);
-    sp_256_cond_sub_10(r, r, m, 0 - (((r[9] >> 22) > 0) ?
-                (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(r);
-    (void)sp_256_add_10(r, r, a);
-    sp_256_norm_10(r);
-    sp_256_cond_sub_10(r, r, m, 0 - (((r[9] >> 22) > 0) ?
-                (sp_digit)1 : (sp_digit)0));
-    sp_256_norm_10(r);
-}
-
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static int sp_256_sub_10(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-#if 0
-    r[ 0] = Q6_R_sub_RR(a[0], b[0]);
-    r[ 1] = Q6_R_sub_RR(a[1], b[1]);
-    r[ 2] = Q6_R_sub_RR(a[2], b[2]);
-    r[ 3] = Q6_R_sub_RR(a[3], b[3]);
-    r[ 4] = Q6_R_sub_RR(a[4], b[4]);
-    r[ 5] = Q6_R_sub_RR(a[5], b[5]);
-    r[ 6] = Q6_R_sub_RR(a[6], b[6]);
-    r[ 7] = Q6_R_sub_RR(a[7], b[7]);
-    r[ 8] = Q6_R_sub_RR(a[8], b[8]);
-    r[ 9] = Q6_R_sub_RR(a[9], b[9]);
-#endif
-#if 1
-    __asm__ __volatile__ (
-        "{ r1 = memw(%[a]+#0)  \n"
-        "  r2 = memw(%[b]+#0) }\n"
-        "{ r3 = memw(%[a]+#4)  \n"
-        "  r19 = sub(r1,r2)    \n"
-        "  r4 = memw(%[b]+#4) }\n"
-        "{ r5 = memw(%[a]+#8)  \n"
-        "  r20 = sub(r3,r4)    \n"
-        "  r6 = memw(%[b]+#8) }\n"
-        "{ memw(%[r]+#0) = r19 }\n"
-        "{ r7 = memw(%[a]+#12)  \n"
-        "  r21 = sub(r5,r6)    \n"
-        "  r8 = memw(%[b]+#12) }\n"
-        "{ memw(%[r]+#4) = r20 }\n"
-        "{ r9 = memw(%[a]+#16)  \n"
-        "  r22 = sub(r7,r8)     \n"
-        "  r10 = memw(%[b]+#16) }\n"
-        "{ memw(%[r]+#8) = r21 }\n"
-        "{ r11 = memw(%[a]+#20)  \n"
-        "  r23 = sub(r9,r10)     \n"
-        "  r12 = memw(%[b]+#20) }\n"
-        "{ memw(%[r]+#12) = r22 }\n"
-        "{ r13 = memw(%[a]+#24)  \n"
-        "  r24 = sub(r11,r12)     \n"
-        "  r14 = memw(%[b]+#24) }\n"
-        "{ memw(%[r]+#16) = r23 }\n"
-        "{ r15 = memw(%[a]+#28)  \n"
-        "  r25 = sub(r13,r14)     \n"
-        "  r16 = memw(%[b]+#28) }\n"
-        "{ memw(%[r]+#20) = r24 }\n"
-        "{ r17 = memw(%[a]+#32)  \n"
-        "  r26 = sub(r15,r16)     \n"
-        "  r18 = memw(%[b]+#32) }\n"
-        "{ memw(%[r]+#24) = r25 }\n"
-        "{ r5 = memw(%[a]+#36)  \n"
-        "  r19 = sub(r17,r18)    \n"
-        "  r6 = memw(%[b]+#36) }\n"
-        "{ memw(%[r]+#28) = r26 }\n"
-        "{ r20 = sub(r5,r6)      \n"
-            "  memw(%[r]+#32) = r19 }\n"
-        "{ memw(%[r]+#36) = r20 }\n"
-        : [r] "+r" (r)
-        : [a] "r"(a), [b] "r"(b)
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15", "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23", "r24", "r25", "r26"
-    );
-#endif
-    return 0;
-}
-
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-static void sp_256_cond_add_10(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i = 0; i < 10; i++) {
-        r[i] = a[i] + (b[i] & m);
-    }
-#else
-    r[ 0] = Q6_R_add_RR(a[ 0], Q6_R_and_RR(b[ 0], m));
-    r[ 1] = Q6_R_add_RR(a[ 1], Q6_R_and_RR(b[ 1], m));
-    r[ 2] = Q6_R_add_RR(a[ 2], Q6_R_and_RR(b[ 2], m));
-    r[ 3] = Q6_R_add_RR(a[ 3], Q6_R_and_RR(b[ 3], m));
-    r[ 4] = Q6_R_add_RR(a[ 4], Q6_R_and_RR(b[ 4], m));
-    r[ 5] = Q6_R_add_RR(a[ 5], Q6_R_and_RR(b[ 5], m));
-    r[ 6] = Q6_R_add_RR(a[ 6], Q6_R_and_RR(b[ 6], m));
-    r[ 7] = Q6_R_add_RR(a[ 7], Q6_R_and_RR(b[ 7], m));
-    r[ 8] = Q6_R_add_RR(a[ 8], Q6_R_and_RR(b[ 8], m));
-    r[ 9] = Q6_R_add_RR(a[ 9], Q6_R_and_RR(b[ 9], m));
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_sub_10(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    (void)sp_256_sub_10(r, a, b);
-    sp_256_cond_add_10(r, r, m, r[9] >> 22);
-    sp_256_norm_10(r);
-}
-
-
-/* Shift number left one bit.
- * Bottom bit is lost.
- *
- * r  Result of shift.
- * a  Number to shift.
- */
-SP_NOINLINE static void sp_256_rshift1_10(sp_digit* r, sp_digit* a)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<9; i++) {
-        r[i] = ((a[i] >> 1) | (a[i + 1] << 25)) & 0x3ffffff;
-    }
-#else
-    r[0] = ((a[0] >> 1) | Q6_R_and_RR((a[1] << 25), 0x3ffffff));
-    r[1] = ((a[1] >> 1) | Q6_R_and_RR((a[2] << 25), 0x3ffffff));
-    r[2] = ((a[2] >> 1) | Q6_R_and_RR((a[3] << 25), 0x3ffffff));
-    r[3] = ((a[3] >> 1) | Q6_R_and_RR((a[4] << 25), 0x3ffffff));
-    r[4] = ((a[4] >> 1) | Q6_R_and_RR((a[5] << 25), 0x3ffffff));
-    r[5] = ((a[5] >> 1) | Q6_R_and_RR((a[6] << 25), 0x3ffffff));
-    r[6] = ((a[6] >> 1) | Q6_R_and_RR((a[7] << 25), 0x3ffffff));
-    r[7] = ((a[7] >> 1) | Q6_R_and_RR((a[8] << 25), 0x3ffffff));
-    r[8] = ((a[8] >> 1) | Q6_R_and_RR((a[9] << 25), 0x3ffffff));
-#endif
-    r[9] = a[9] >> 1;
-}
-
-
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
- *
- * r  Result of division by 2.
- * a  Number to divide.
- * m  Modulus (prime).
- */
-static void sp_256_div2_10(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_256_cond_add_10(r, a, m, 0 - (a[0] & 1));
-    sp_256_norm_10(r);
-    sp_256_rshift1_10(r, r);
-}
-
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_10(sp_point* r, const sp_point* p, sp_digit* t)
-{
-    sp_point* rp[2];
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*10;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    int i;
-
-    /* When infinity don't double point passed in - constant time. */
-    rp[0] = r;
-
-    /*lint allow cast to different type of pointer*/
-    rp[1] = (sp_point*)t; /*lint !e9087 !e740*/
-    XMEMSET(rp[1], 0, sizeof(sp_point));
-    x = rp[p->infinity]->x;
-    y = rp[p->infinity]->y;
-    z = rp[p->infinity]->z;
-    /* Put point to double into result - good for infinity. */
-    if (r != p) {
-        for (i=0; i<10; i++) {
-            r->x[i] = p->x[i];
-        }
-        for (i=0; i<10; i++) {
-            r->y[i] = p->y[i];
-        }
-        for (i=0; i<10; i++) {
-            r->z[i] = p->z[i];
-        }
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_10(t1, z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_10(z, y, z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_10(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_10(t2, x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_10(t1, x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_10(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_10(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_10(y, y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_10(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_10(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_div2_10(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_10(y, y, x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_mul_10(x, t1, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_10(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_10(x, x, y, p256_mod);
-    /* Y = Y - X */
-    sp_256_mont_sub_10(y, y, x, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_10(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_10(y, y, t2, p256_mod);
-
-}
-
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_10(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) | (a[3] ^ b[3]) |
-            (a[4] ^ b[4]) | (a[5] ^ b[5]) | (a[6] ^ b[6]) | (a[7] ^ b[7]) |
-            (a[8] ^ b[8]) | (a[9] ^ b[9])) == 0;
-}
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_10(sp_point* r, const sp_point* p, const sp_point* q,
-        sp_digit* t)
-{
-    const sp_point* ap[2];
-    sp_point* rp[2];
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*10;
-    sp_digit* t3 = t + 4*10;
-    sp_digit* t4 = t + 6*10;
-    sp_digit* t5 = t + 8*10;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    int i;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point* a = p;
-        p = q;
-        q = a;
-    }
-
-    /* Check double */
-    (void)sp_256_sub_10(t1, p256_mod, q->y);
-    sp_256_norm_10(t1);
-    if ((sp_256_cmp_equal_10(p->x, q->x) & sp_256_cmp_equal_10(p->z, q->z) &
-        (sp_256_cmp_equal_10(p->y, q->y) | sp_256_cmp_equal_10(p->y, t1))) != 0) {
-        sp_256_proj_point_dbl_10(r, p, t);
-    }
-    else {
-        rp[0] = r;
-
-        /*lint allow cast to different type of pointer*/
-        rp[1] = (sp_point*)t; /*lint !e9087 !e740*/
-        XMEMSET(rp[1], 0, sizeof(sp_point));
-        x = rp[p->infinity | q->infinity]->x;
-        y = rp[p->infinity | q->infinity]->y;
-        z = rp[p->infinity | q->infinity]->z;
-
-        ap[0] = p;
-        ap[1] = q;
-        for (i=0; i<10; i++) {
-            r->x[i] = ap[p->infinity]->x[i];
-        }
-        for (i=0; i<10; i++) {
-            r->y[i] = ap[p->infinity]->y[i];
-        }
-        for (i=0; i<10; i++) {
-            r->z[i] = ap[p->infinity]->z[i];
-        }
-        r->infinity = ap[p->infinity]->infinity;
-
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_10(t1, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t3, t1, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t1, t1, x, p256_mod, p256_mp_mod);
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_10(t2, z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t4, t2, z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t2, t2, q->x, p256_mod, p256_mp_mod);
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_10(t3, t3, y, p256_mod, p256_mp_mod);
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_10(t4, t4, q->y, p256_mod, p256_mp_mod);
-        /* H = U2 - U1 */
-        sp_256_mont_sub_10(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_10(t4, t4, t3, p256_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_10(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(z, z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_10(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_10(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_10(x, x, t5, p256_mod);
-        sp_256_mont_dbl_10(t1, y, p256_mod);
-        sp_256_mont_sub_10(x, x, t1, p256_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_10(y, y, x, p256_mod);
-        sp_256_mont_mul_10(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_10(y, y, t5, p256_mod);
-    }
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_10(sp_point* r, const sp_point* g, const sp_digit* k,
-        int map, void* heap)
-{
-    sp_point* td;
-    sp_point* t[3];
-    sp_digit* tmp;
-    sp_digit n;
-    int i;
-    int c, y;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    td = (sp_point*)XMALLOC(sizeof(sp_point) * 3, heap, DYNAMIC_TYPE_ECC);
-    if (td == NULL)
-        err = MEMORY_E;
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 5, heap,
-                                                              DYNAMIC_TYPE_ECC);
-    if (tmp == NULL)
-        err = MEMORY_E;
-
-    if (err == MP_OKAY) {
-        XMEMSET(td, 0, sizeof(*td) * 3);
-
-        t[0] = &td[0];
-        t[1] = &td[1];
-        t[2] = &td[2];
-
-        /* t[0] = {0, 0, 1} * norm */
-        t[0]->infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_10(t[1]->x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_10(t[1]->y, g->y, p256_mod);
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_10(t[1]->z, g->z, p256_mod);
-
-    if (err == MP_OKAY) {
-        i = 9;
-        c = 22;
-        n = k[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 26;
-            }
-
-            y = (n >> 25) & 1;
-            n <<= 1;
-
-            sp_256_proj_point_add_10(t[y^1], t[0], t[1], tmp);
-
-            XMEMCPY(t[2], (void*)(((size_t)t[0] & addr_mask[y^1]) +
-                                  ((size_t)t[1] & addr_mask[y])),
-                    sizeof(sp_point));
-            sp_256_proj_point_dbl_10(t[2], t[2], tmp);
-            XMEMCPY((void*)(((size_t)t[0] & addr_mask[y^1]) +
-                            ((size_t)t[1] & addr_mask[y])), t[2],
-                    sizeof(sp_point));
-        }
-
-        if (map != 0) {
-            sp_256_map_10(r, t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, t[0], sizeof(sp_point));
-        }
-    }
-
-    if (tmp != NULL) {
-        XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 10 * 5);
-        XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
-    }
-    if (td != NULL) {
-        XMEMSET(td, 0, sizeof(sp_point) * 3);
-        XFREE(td, NULL, DYNAMIC_TYPE_ECC);
-    }
-
-    return err;
-}
-
-#elif !defined(WC_NO_CACHE_RESISTANT)
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_10(sp_point* r, const sp_point* g, const sp_digit* k,
-        int map, void* heap)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_point td[3];
-    sp_digit tmpd[2 * 10 * 5];
-#endif
-    sp_point* t;
-    sp_digit* tmp;
-    sp_digit n;
-    int i;
-    int c, y;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    sp_point td[3];
-    t = (sp_point*)XMALLOC(sizeof(*td) * 3, heap, DYNAMIC_TYPE_ECC);
-    if (t == NULL)
-        err = MEMORY_E;
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 5, heap,
-                             DYNAMIC_TYPE_ECC);
-    if (tmp == NULL)
-        err = MEMORY_E;
-#else
-    t = td;
-    tmp = tmpd;
-#endif
-
-    if (err == MP_OKAY) {
-        t[0] = &td[0];
-        t[1] = &td[1];
-        t[2] = &td[2];
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_10(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_10(t[1].y, g->y, p256_mod);
-    if (err == MP_OKAY)
-        err = sp_256_mod_mul_norm_10(t[1].z, g->z, p256_mod);
-
-    if (err == MP_OKAY) {
-        i = 9;
-        c = 22;
-        n = k[i--] << (26 - c);
-        for (; ; c--) {
-            if (c == 0) {
-                if (i == -1)
-                    break;
-
-                n = k[i--];
-                c = 26;
-            }
-
-            y = (n >> 25) & 1;
-            n <<= 1;
-
-            sp_256_proj_point_add_10(&t[y^1], &t[0], &t[1], tmp);
-
-            XMEMCPY(&t[2], (void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                                 ((size_t)&t[1] & addr_mask[y])), sizeof(t[2]));
-            sp_256_proj_point_dbl_10(&t[2], &t[2], tmp);
-            XMEMCPY((void*)(((size_t)&t[0] & addr_mask[y^1]) +
-                          ((size_t)&t[1] & addr_mask[y])), &t[2], sizeof(t[2]));
-        }
-
-        if (map != 0) {
-            sp_256_map_10(r, &t[0], tmp);
-        }
-        else {
-            XMEMCPY(r, &t[0], sizeof(sp_point));
-        }
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    if (tmp != NULL) {
-        XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 10 * 5);
-        XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
-    }
-    if (t != NULL) {
-        XMEMSET(t, 0, sizeof(sp_point) * 3);
-        XFREE(t, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    ForceZero(tmpd, sizeof(tmpd));
-    ForceZero(td, sizeof(td));
-#endif
-
-    return err;
-}
-
-#else
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry {
-    sp_digit x[10] __attribute__((aligned(128)));
-    sp_digit y[10] __attribute__((aligned(128)));
-} sp_table_entry;
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_fast_10(sp_point* r, const sp_point* g, const sp_digit* k,
-        int map, void* heap)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_point td[16];
-    sp_point rtd;
-    sp_digit tmpd[2 * 10 * 5];
-#endif
-    sp_point* t;
-    sp_point* rt;
-    sp_digit* tmp;
-    sp_digit n;
-    int i;
-    int c, y;
-    int err;
-
-    (void)heap;
-
-    err = sp_ecc_point_new(heap, rtd, rt);
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    t = (sp_point*)XMALLOC(sizeof(sp_point) * 16, heap, DYNAMIC_TYPE_ECC);
-    if (t == NULL)
-        err = MEMORY_E;
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 5, heap,
-                             DYNAMIC_TYPE_ECC);
-    if (tmp == NULL)
-        err = MEMORY_E;
-#else
-    t = td;
-    tmp = tmpd;
-#endif
-
-    if (err == MP_OKAY) {
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        (void)sp_256_mod_mul_norm_10(t[1].x, g->x, p256_mod);
-        (void)sp_256_mod_mul_norm_10(t[1].y, g->y, p256_mod);
-        (void)sp_256_mod_mul_norm_10(t[1].z, g->z, p256_mod);
-        t[1].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[ 2], &t[ 1], tmp);
-        t[ 2].infinity = 0;
-        sp_256_proj_point_add_10(&t[ 3], &t[ 2], &t[ 1], tmp);
-        t[ 3].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[ 4], &t[ 2], tmp);
-        t[ 4].infinity = 0;
-        sp_256_proj_point_add_10(&t[ 5], &t[ 3], &t[ 2], tmp);
-        t[ 5].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[ 6], &t[ 3], tmp);
-        t[ 6].infinity = 0;
-        sp_256_proj_point_add_10(&t[ 7], &t[ 4], &t[ 3], tmp);
-        t[ 7].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[ 8], &t[ 4], tmp);
-        t[ 8].infinity = 0;
-        sp_256_proj_point_add_10(&t[ 9], &t[ 5], &t[ 4], tmp);
-        t[ 9].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[10], &t[ 5], tmp);
-        t[10].infinity = 0;
-        sp_256_proj_point_add_10(&t[11], &t[ 6], &t[ 5], tmp);
-        t[11].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[12], &t[ 6], tmp);
-        t[12].infinity = 0;
-        sp_256_proj_point_add_10(&t[13], &t[ 7], &t[ 6], tmp);
-        t[13].infinity = 0;
-        sp_256_proj_point_dbl_10(&t[14], &t[ 7], tmp);
-        t[14].infinity = 0;
-        sp_256_proj_point_add_10(&t[15], &t[ 8], &t[ 7], tmp);
-        t[15].infinity = 0;
-
-        i = 8;
-        n = k[i+1] << 6;
-        c = 18;
-        y = n >> 24;
-        XMEMCPY(rt, &t[y], sizeof(sp_point));
-        n <<= 8;
-        for (; i>=0 || c>=4; ) {
-            if (c < 4) {
-                n |= k[i--] << (6 - c);
-                c += 26;
-            }
-            y = (n >> 28) & 0xf;
-            n <<= 4;
-            c -= 4;
-
-            sp_256_proj_point_dbl_10(rt, rt, tmp);
-            sp_256_proj_point_dbl_10(rt, rt, tmp);
-            sp_256_proj_point_dbl_10(rt, rt, tmp);
-            sp_256_proj_point_dbl_10(rt, rt, tmp);
-
-            sp_256_proj_point_add_10(rt, rt, &t[y], tmp);
-        }
-
-        if (map != 0) {
-            sp_256_map_10(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point));
-        }
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    if (tmp != NULL) {
-        XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 10 * 5);
-        XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
-    }
-    if (t != NULL) {
-        XMEMSET(t, 0, sizeof(sp_point) * 16);
-        XFREE(t, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    ForceZero(tmpd, sizeof(tmpd));
-    ForceZero(td, sizeof(td));
-#endif
-    sp_ecc_point_free(rt, 1, heap);
-
-    return err;
-}
-
-#ifdef FP_ECC
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_10(sp_point* r, const sp_point* p, int n,
-        sp_digit* t)
-{
-    sp_point* rp[2];
-    sp_digit* w = t;
-    sp_digit* a = t + 2*10;
-    sp_digit* b = t + 4*10;
-    sp_digit* t1 = t + 6*10;
-    sp_digit* t2 = t + 8*10;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    int i;
-
-    rp[0] = r;
-
-    /*lint allow cast to different type of pointer*/
-    rp[1] = (sp_point*)t; /*lint !e9087 !e740*/
-    XMEMSET(rp[1], 0, sizeof(sp_point));
-    x = rp[p->infinity]->x;
-    y = rp[p->infinity]->y;
-    z = rp[p->infinity]->z;
-    if (r != p) {
-        for (i=0; i<10; i++) {
-            r->x[i] = p->x[i];
-        }
-        for (i=0; i<10; i++) {
-            r->y[i] = p->y[i];
-        }
-        for (i=0; i<10; i++) {
-            r->z[i] = p->z[i];
-        }
-        r->infinity = p->infinity;
-    }
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_10(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_10(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_10(w, w, p256_mod, p256_mp_mod);
-    while (n-- > 0) {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_10(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_10(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_10(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_10(t2, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(b, t2, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_10(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_10(t1, b, p256_mod);
-        sp_256_mont_sub_10(x, x, t1, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_10(z, z, y, p256_mod, p256_mp_mod);
-        /* t2 = Y^4 */
-        sp_256_mont_sqr_10(t2, t2, p256_mod, p256_mp_mod);
-        if (n != 0) {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_10(w, w, t2, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_sub_10(y, b, x, p256_mod);
-        sp_256_mont_mul_10(y, y, a, p256_mod, p256_mp_mod);
-        sp_256_mont_dbl_10(y, y, p256_mod);
-        sp_256_mont_sub_10(y, y, t2, p256_mod);
-    }
-    /* Y = Y/2 */
-    sp_256_div2_10(y, y, p256_mod);
-}
-
-#endif /* FP_ECC */
-
-
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_10(sp_point* r, const sp_point* p,
-        const sp_point* q, sp_digit* t)
-{
-    const sp_point* ap[2];
-    sp_point* rp[2];
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*10;
-    sp_digit* t3 = t + 4*10;
-    sp_digit* t4 = t + 6*10;
-    sp_digit* t5 = t + 8*10;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    int i;
-
-    /* Check double */
-    (void)sp_256_sub_10(t1, p256_mod, q->y);
-    sp_256_norm_10(t1);
-    if ((sp_256_cmp_equal_10(p->x, q->x) & sp_256_cmp_equal_10(p->z, q->z) &
-        (sp_256_cmp_equal_10(p->y, q->y) | sp_256_cmp_equal_10(p->y, t1))) != 0) {
-        sp_256_proj_point_dbl_10(r, p, t);
-    }
-    else {
-        rp[0] = r;
-
-        /*lint allow cast to different type of pointer*/
-        rp[1] = (sp_point*)t; /*lint !e9087 !e740*/
-        XMEMSET(rp[1], 0, sizeof(sp_point));
-        x = rp[p->infinity | q->infinity]->x;
-        y = rp[p->infinity | q->infinity]->y;
-        z = rp[p->infinity | q->infinity]->z;
-
-        ap[0] = p;
-        ap[1] = q;
-        for (i=0; i<10; i++) {
-            r->x[i] = ap[p->infinity]->x[i];
-        }
-        for (i=0; i<10; i++) {
-            r->y[i] = ap[p->infinity]->y[i];
-        }
-        for (i=0; i<10; i++) {
-            r->z[i] = ap[p->infinity]->z[i];
-        }
-        r->infinity = ap[p->infinity]->infinity;
-
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_10(t2, z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t4, t2, z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t2, t2, q->x, p256_mod, p256_mp_mod);
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_10(t4, t4, q->y, p256_mod, p256_mp_mod);
-        /* H = U2 - X1 */
-        sp_256_mont_sub_10(t2, t2, x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_10(t4, t4, y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_10(z, z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_10(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_10(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t3, x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_10(x, t1, t5, p256_mod);
-        sp_256_mont_dbl_10(t1, t3, p256_mod);
-        sp_256_mont_sub_10(x, x, t1, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_10(t3, t3, x, p256_mod);
-        sp_256_mont_mul_10(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(t5, t5, y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_10(y, t3, t5, p256_mod);
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_10(sp_point* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 10;
-    sp_digit* tmp = t + 4 * 10;
-
-    sp_256_mont_inv_10(t1, a->z, tmp);
-
-    sp_256_mont_sqr_10(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_10(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_10(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_10(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-
-/* Generate the pre-computed table of points for the base point.
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_10(const sp_point* a,
-        sp_table_entry* table, sp_digit* tmp, void* heap)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_point td, s1d, s2d;
-#endif
-    sp_point* t;
-    sp_point* s1 = NULL;
-    sp_point* s2 = NULL;
-    int i, j;
-    int err;
-
-    (void)heap;
-
-    err = sp_ecc_point_new(heap, td, t);
-    if (err == MP_OKAY) {
-        err = sp_ecc_point_new(heap, s1d, s1);
-    }
-    if (err == MP_OKAY) {
-        err = sp_ecc_point_new(heap, s2d, s2);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_10(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_10(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_10(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_10(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_256_proj_point_dbl_n_10(t, t, 32, tmp);
-            sp_256_proj_to_affine_10(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_10(t, s1, s2, tmp);
-                sp_256_proj_to_affine_10(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    sp_ecc_point_free(s2, 0, heap);
-    sp_ecc_point_free(s1, 0, heap);
-    sp_ecc_point_free( t, 0, heap);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_10(sp_point* r, const sp_point* g,
-        const sp_table_entry* table, const sp_digit* k, int map, void* heap)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_point rtd;
-    sp_point pd;
-    sp_digit td[2 * 10 * 5];
-#endif
-    sp_point* rt;
-    sp_point* p = NULL;
-    sp_digit* t;
-    int i, j;
-    int y, x;
-    int err;
-
-    (void)g;
-    (void)heap;
-
-    err = sp_ecc_point_new(heap, rtd, rt);
-    if (err == MP_OKAY) {
-        err = sp_ecc_point_new(heap, pd, p);
-    }
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 5, heap,
-                           DYNAMIC_TYPE_ECC);
-    if (t == NULL) {
-        err = MEMORY_E;
-    }
-#else
-    t = td;
-#endif
-
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        for (j=0,x=31; j<8; j++,x+=32) {
-            y |= ((k[x / 26] >> (x % 26)) & 1) << j;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=30; i>=0; i--) {
-            y = 0;
-            for (j=0,x=i; j<8; j++,x+=32) {
-                y |= ((k[x / 26] >> (x % 26)) & 1) << j;
-            }
-
-            sp_256_proj_point_dbl_10(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_10(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_10(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point));
-        }
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(t, heap, DYNAMIC_TYPE_ECC);
-#endif
-    sp_ecc_point_free(p, 0, heap);
-    sp_ecc_point_free(rt, 0, heap);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-typedef struct sp_cache_t {
-    sp_digit x[10] __attribute__((aligned(128)));
-    sp_digit y[10] __attribute__((aligned(128)));
-    sp_table_entry table[256] __attribute__((aligned(128)));
-    word32 cnt;
-    int set;
-} sp_cache_t;
-
-static THREAD_LS_T sp_cache_t sp_cache[FP_ENTRIES];
-static THREAD_LS_T int sp_cache_last = -1;
-static THREAD_LS_T int sp_cache_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    static wolfSSL_Mutex sp_cache_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_lock);
-#ifdef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex = 0;
-#endif
-#endif
-
-static void sp_ecc_get_cache(const sp_point* g, sp_cache_t** cache)
-{
-    int i, j;
-    word32 least;
-
-    if (sp_cache_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache[i].set = 0;
-        }
-        sp_cache_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_10(g->x, sp_cache[i].x) &
-                           sp_256_cmp_equal_10(g->y, sp_cache[i].y)) {
-            sp_cache[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_last) {
-            least = sp_cache[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache[j].cnt < least) {
-                    i = j;
-                    least = sp_cache[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache[i].x, g->x, sizeof(sp_cache[i].x));
-        XMEMCPY(sp_cache[i].y, g->y, sizeof(sp_cache[i].y));
-        sp_cache[i].set = 1;
-        sp_cache[i].cnt = 1;
-    }
-
-    *cache = &sp_cache[i];
-    sp_cache_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_10(sp_point* r, const sp_point* g, const sp_digit* k,
-        int map, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_fast_10(r, g, k, map, heap);
-#else
-    sp_digit tmp[2 * 10 * 5];
-    sp_cache_t* cache;
-    int err = MP_OKAY;
-
-#ifndef HAVE_THREAD_LS
-#ifndef WOLFSSL_MUTEX_INITIALIZER
-    if (initCacheMutex == 0) {
-         wc_InitMutex(&sp_cache_lock);
-         initCacheMutex = 1;
-    }
-#endif
-    if (wc_LockMutex(&sp_cache_lock) != 0)
-       err = BAD_MUTEX_E;
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_10(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_fast_10(r, g, k, map, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_10(r, g, cache->table, k,
-                    map, heap);
-        }
-    }
-
-    return err;
-#endif
-}
-
-#endif
-
-#ifdef WOLFSSL_SP_SMALL
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_10(sp_point* r, const sp_digit* k,
-        int map, void* heap)
-{
-    /* No pre-computed values. */
-    return sp_256_ecc_mulmod_10(r, &p256_base, k, map, heap);
-}
-
-#else
-static const sp_table_entry p256_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x0a9143c,0x1cc3506,0x360179e,0x3f17fb6,0x075ba95,0x1d88944,
-        0x3b732b7,0x15719e7,0x376a537,0x0062417 },
-      { 0x295560a,0x094d5f3,0x245cddf,0x392e867,0x18b4ab8,0x3487cc9,
-        0x288688d,0x176174b,0x3182588,0x0215c7f } },
-    /* 2 */
-    { { 0x147519a,0x2218090,0x32f0202,0x2b09acd,0x0d0981e,0x1e17af2,
-        0x14a7caa,0x163a6a7,0x10ddbdf,0x03654f1 },
-      { 0x1590f8f,0x0d8733f,0x09179d6,0x1ad139b,0x372e962,0x0bad933,
-        0x1961102,0x223cdff,0x37e9eb2,0x0218fae } },
-    /* 3 */
-    { { 0x0db6485,0x1ad88d7,0x2f97785,0x288bc28,0x3808f0e,0x3df8c02,
-        0x28d9544,0x20280f9,0x055b5ff,0x00001d8 },
-      { 0x38d2010,0x13ae6e0,0x308a763,0x2ecc90d,0x254014f,0x10a9981,
-        0x247d398,0x0fb8383,0x3613437,0x020c21d } },
-    /* 4 */
-    { { 0x2a0d2bb,0x08bf145,0x34994f9,0x1b06988,0x30d5cc1,0x1f18b22,
-        0x01cf3a5,0x199fe49,0x161fd1b,0x00bd79a },
-      { 0x1a01797,0x171c2fd,0x21925c1,0x1358255,0x23d20b4,0x1c7f6d4,
-        0x111b370,0x03dec12,0x1168d6f,0x03d923e } },
-    /* 5 */
-    { { 0x137bbbc,0x19a11f8,0x0bec9e5,0x27a29a8,0x3e43446,0x275cd18,
-        0x0427617,0x00056c7,0x285133d,0x016af80 },
-      { 0x04c7dab,0x2a0df30,0x0c0792a,0x1310c98,0x3573d9f,0x239b30d,
-        0x1315627,0x1ce0c32,0x25b6b6f,0x0252edc } },
-    /* 6 */
-    { { 0x20f141c,0x26d23dc,0x3c74bbf,0x334b7d6,0x06199b3,0x0441171,
-        0x3f61294,0x313bf70,0x3cb2f7d,0x03375ae },
-      { 0x2f436fd,0x19c02fa,0x26becca,0x1b6e64c,0x26f647f,0x053c948,
-        0x0fa7920,0x397d830,0x2bd4bda,0x028d86f } },
-    /* 7 */
-    { { 0x17c13c7,0x2895616,0x03e128a,0x17d42df,0x1c38d63,0x0f02747,
-        0x039aecf,0x0a4b01c,0x209c4b5,0x02e84b2 },
-      { 0x1f91dfd,0x023e916,0x07fb9e4,0x19b3ba8,0x13af43b,0x35e02ca,
-        0x0eb0899,0x3bd2c7b,0x19d701f,0x014faee } },
-    /* 8 */
-    { { 0x0e63d34,0x1fb8c6c,0x0fab4fe,0x1caa795,0x0f46005,0x179ed69,
-        0x093334d,0x120c701,0x39206d5,0x021627e },
-      { 0x183553a,0x03d7319,0x09e5aa7,0x12b8959,0x2087909,0x0011194,
-        0x1045071,0x0713f32,0x16d0254,0x03aec1a } },
-    /* 9 */
-    { { 0x01647c5,0x1b2856b,0x1799461,0x11f133d,0x0b8127d,0x1937eeb,
-        0x266aa37,0x1f68f71,0x0cbd1b2,0x03aca08 },
-      { 0x287e008,0x1be361a,0x38f3940,0x276488d,0x2d87dfa,0x0333b2c,
-        0x2d2e428,0x368755b,0x09b55a7,0x007ca0a } },
-    /* 10 */
-    { { 0x389da99,0x2a8300e,0x0022abb,0x27ae0a1,0x0a6f2d7,0x207017a,
-        0x047862b,0x1358c9e,0x35905e5,0x00cde92 },
-      { 0x1f7794a,0x1d40348,0x3f613c6,0x2ddf5b5,0x0207005,0x133f5ba,
-        0x1a37810,0x3ef5829,0x0d5f4c2,0x0035978 } },
-    /* 11 */
-    { { 0x1275d38,0x026efad,0x2358d9d,0x1142f82,0x14268a7,0x1cfac99,
-        0x362ff49,0x288cbc1,0x24252f4,0x0308f68 },
-      { 0x394520c,0x06e13c2,0x178e5da,0x18ec16f,0x1096667,0x134a7a8,
-        0x0dcb869,0x33fc4e9,0x38cc790,0x006778e } },
-    /* 12 */
-    { { 0x2c5fe04,0x29c5b09,0x1bdb183,0x02ceee8,0x03b28de,0x132dc4b,
-        0x32c586a,0x32ff5d0,0x3d491fc,0x038d372 },
-      { 0x2a58403,0x2351aea,0x3a53b40,0x21a0ba5,0x39a6974,0x1aaaa2b,
-        0x3901273,0x03dfe78,0x3447b4e,0x039d907 } },
-    /* 13 */
-    { { 0x364ba59,0x14e5077,0x02fc7d7,0x3b02c09,0x1d33f10,0x0560616,
-        0x06dfc6a,0x15efd3c,0x357052a,0x01284b7 },
-      { 0x039dbd0,0x18ce3e5,0x3e1fbfa,0x352f794,0x0d3c24b,0x07c6cc5,
-        0x1e4ffa2,0x3a91bf5,0x293bb5b,0x01abd6a } },
-    /* 14 */
-    { { 0x0c91999,0x02da644,0x0491da1,0x100a960,0x00a24b4,0x2330824,
-        0x0094b4b,0x1004cf8,0x35a66a4,0x017f8d1 },
-      { 0x13e7b4b,0x232af7e,0x391ab0f,0x069f08f,0x3292b50,0x3479898,
-        0x2889aec,0x2a4590b,0x308ecfe,0x02d5138 } },
-    /* 15 */
-    { { 0x2ddfdce,0x231ba45,0x39e6647,0x19be245,0x12c3291,0x35399f8,
-        0x0d6e764,0x3082d3a,0x2bda6b0,0x0382dac },
-      { 0x37efb57,0x04b7cae,0x00070d3,0x379e431,0x01aac0d,0x1e6f251,
-        0x0336ad6,0x0ddd3e4,0x3de25a6,0x01c7008 } },
-    /* 16 */
-    { { 0x3e20925,0x230912f,0x286762a,0x30e3f73,0x391c19a,0x34e1c18,
-        0x16a5d5d,0x093d96a,0x3d421d3,0x0187561 },
-      { 0x37173ea,0x19ce8a8,0x0b65e87,0x0214dde,0x2238480,0x16ead0f,
-        0x38441e0,0x3bef843,0x2124621,0x03e847f } },
-    /* 17 */
-    { { 0x0b19ffd,0x247cacb,0x3c231c8,0x16ec648,0x201ba8d,0x2b172a3,
-        0x103d678,0x2fb72db,0x04c1f13,0x0161bac },
-      { 0x3e8ed09,0x171b949,0x2de20c3,0x0f06067,0x21e81a3,0x1b194be,
-        0x0fd6c05,0x13c449e,0x0087086,0x006756b } },
-    /* 18 */
-    { { 0x09a4e1f,0x27d604c,0x00741e9,0x06fa49c,0x0ab7de7,0x3f4a348,
-        0x25ef0be,0x158fc9a,0x33f7f9c,0x039f001 },
-      { 0x2f59f76,0x3598e83,0x30501f6,0x15083f2,0x0669b3b,0x29980b5,
-        0x0c1f7a7,0x0f02b02,0x0fec65b,0x0382141 } },
-    /* 19 */
-    { { 0x031b3ca,0x23da368,0x2d66f09,0x27b9b69,0x06d1cab,0x13c91ba,
-        0x3d81fa9,0x25ad16f,0x0825b09,0x01e3c06 },
-      { 0x225787f,0x3bf790e,0x2c9bb7e,0x0347732,0x28016f8,0x0d6ff0d,
-        0x2a4877b,0x1d1e833,0x3b87e94,0x010e9dc } },
-    /* 20 */
-    { { 0x2b533d5,0x1ddcd34,0x1dc0625,0x3da86f7,0x3673b8a,0x1e7b0a4,
-        0x3e7c9aa,0x19ac55d,0x251c3b2,0x02edb79 },
-      { 0x25259b3,0x24c0ead,0x3480e7e,0x34f40e9,0x3d6a0af,0x2cf3f09,
-        0x2c83d19,0x2e66f16,0x19a5d18,0x0182d18 } },
-    /* 21 */
-    { { 0x2e5aa1c,0x28e3846,0x3658bd6,0x0ad279c,0x1b8b765,0x397e1fb,
-        0x130014e,0x3ff342c,0x3b2aeeb,0x02743c9 },
-      { 0x2730a55,0x0918c5e,0x083aca9,0x0bf76ef,0x19c955b,0x300669c,
-        0x01dfe0a,0x312341f,0x26d356e,0x0091295 } },
-    /* 22 */
-    { { 0x2cf1f96,0x00e52ba,0x271c6db,0x2a40930,0x19f2122,0x0b2f4ee,
-        0x26ac1b8,0x3bda498,0x0873581,0x0117963 },
-      { 0x38f9dbc,0x3d1e768,0x2040d3f,0x11ba222,0x3a8aaf1,0x1b82fb5,
-        0x1adfb24,0x2de9251,0x21cc1e4,0x0301038 } },
-    /* 23 */
-    { { 0x38117b6,0x2bc001b,0x1433847,0x3fdce8d,0x3651969,0x3651d7a,
-        0x2b35761,0x1bb1d20,0x097682c,0x00737d7 },
-      { 0x1f04839,0x1dd6d04,0x16987db,0x3d12378,0x17dbeac,0x1c2cc86,
-        0x121dd1b,0x3fcf6ca,0x1f8a92d,0x00119d5 } },
-    /* 24 */
-    { { 0x0e8ffcd,0x2b174af,0x1a82cc8,0x22cbf98,0x30d53c4,0x080b5b1,
-        0x3161727,0x297cfdb,0x2113b83,0x0011b97 },
-      { 0x0007f01,0x23fd936,0x3183e7b,0x0496bd0,0x07fb1ef,0x178680f,
-        0x1c5ea63,0x0016c11,0x2c3303d,0x01b8041 } },
-    /* 25 */
-    { { 0x0dd73b1,0x1cd6122,0x10d948c,0x23e657b,0x3767070,0x15a8aad,
-        0x385ea8c,0x33c7ce0,0x0ede901,0x0110965 },
-      { 0x2d4b65b,0x2a8b244,0x0c37f8f,0x0ee5b24,0x394c234,0x3a5e347,
-        0x26e4a15,0x39a3b4c,0x2514c2e,0x029e5be } },
-    /* 26 */
-    { { 0x23addd7,0x3ed8120,0x13b3359,0x20f959a,0x09e2a61,0x32fcf20,
-        0x05b78e3,0x19ba7e2,0x1a9c697,0x0392b4b },
-      { 0x2048a61,0x3dfd0a3,0x19a0357,0x233024b,0x3082d19,0x00fb63b,
-        0x3a1af4c,0x1450ff0,0x046c37b,0x0317a50 } },
-    /* 27 */
-    { { 0x3e75f9e,0x294e30a,0x3a78476,0x3a32c48,0x36fd1a9,0x0427012,
-        0x1e4df0b,0x11d1f61,0x1afdb46,0x018ca0f },
-      { 0x2f2df15,0x0a33dee,0x27f4ce7,0x1542b66,0x3e592c4,0x20d2f30,
-        0x3226ade,0x2a4e3ea,0x1ab1981,0x01a2f46 } },
-    /* 28 */
-    { { 0x087d659,0x3ab5446,0x305ac08,0x3d2cd64,0x33374d5,0x3f9d3f8,
-        0x186981c,0x37f5a5a,0x2f53c6f,0x01254a4 },
-      { 0x2cec896,0x1e32786,0x04844a8,0x043b16d,0x3d964b2,0x1935829,
-        0x16f7e26,0x1a0dd9a,0x30d2603,0x003b1d4 } },
-    /* 29 */
-    { { 0x12687bb,0x04e816b,0x21fa2da,0x1abccb8,0x3a1f83b,0x375181e,
-        0x0f5ef51,0x0fc2ce4,0x3a66486,0x003d881 },
-      { 0x3138233,0x1f8eec3,0x2718bd6,0x1b09caa,0x2dd66b9,0x1bb222b,
-        0x1004072,0x1b73e3b,0x07208ed,0x03fc36c } },
-    /* 30 */
-    { { 0x095d553,0x3e84053,0x0a8a749,0x3f575a0,0x3a44052,0x3ced59b,
-        0x3b4317f,0x03a8c60,0x13c8874,0x00c4ed4 },
-      { 0x0d11549,0x0b8ab02,0x221cb40,0x02ed37b,0x2071ee1,0x1fc8c83,
-        0x3987dd4,0x27e049a,0x0f986f1,0x00b4eaf } },
-    /* 31 */
-    { { 0x15581a2,0x2214060,0x11af4c2,0x1598c88,0x19a0a6d,0x32acba6,
-        0x3a7a0f0,0x2337c66,0x210ded9,0x0300dbe },
-      { 0x1fbd009,0x3822eb0,0x181629a,0x2401b45,0x30b68b1,0x2e78363,
-        0x2b32779,0x006530b,0x2c4b6d4,0x029aca8 } },
-    /* 32 */
-    { { 0x13549cf,0x0f943db,0x265ed43,0x1bfeb35,0x06f3369,0x3847f2d,
-        0x1bfdacc,0x26181a5,0x252af7c,0x02043b8 },
-      { 0x159bb2c,0x143f85c,0x357b654,0x2f9d62c,0x2f7dfbe,0x1a7fa9c,
-        0x057e74d,0x05d14ac,0x17a9273,0x035215c } },
-    /* 33 */
-    { { 0x0cb5a98,0x106a2bc,0x10bf117,0x24c7cc4,0x3d3da8f,0x2ce0ab7,
-        0x14e2cba,0x1813866,0x1a72f9a,0x01a9811 },
-      { 0x2b2411d,0x3034fe8,0x16e0170,0x0f9443a,0x0be0eb8,0x2196cf3,
-        0x0c9f738,0x15e40ef,0x0faf9e1,0x034f917 } },
-    /* 34 */
-    { { 0x03f7669,0x3da6efa,0x3d6bce1,0x209ca1d,0x109f8ae,0x09109e3,
-        0x08ae543,0x3067255,0x1dee3c2,0x0081dd5 },
-      { 0x3ef1945,0x358765b,0x28c387b,0x3bec4b4,0x218813c,0x0b7d92a,
-        0x3cd1d67,0x2c0367e,0x2e57154,0x0123717 } },
-    /* 35 */
-    { { 0x3e5a199,0x1e42ffd,0x0bb7123,0x33e6273,0x1e0efb8,0x294671e,
-        0x3a2bfe0,0x3d11709,0x2eddff6,0x03cbec2 },
-      { 0x0b5025f,0x0255d7c,0x1f2241c,0x35d03ea,0x0550543,0x202fef4,
-        0x23c8ad3,0x354963e,0x015db28,0x0284fa4 } },
-    /* 36 */
-    { { 0x2b65cbc,0x1e8d428,0x0226f9f,0x1c8a919,0x10b04b9,0x08fc1e8,
-        0x1ce241e,0x149bc99,0x2b01497,0x00afc35 },
-      { 0x3216fb7,0x1374fd2,0x226ad3d,0x19fef76,0x0f7d7b8,0x1c21417,
-        0x37b83f6,0x3a27eba,0x25a162f,0x010aa52 } },
-    /* 37 */
-    { { 0x2adf191,0x1ab42fa,0x28d7584,0x2409689,0x20f8a48,0x253707d,
-        0x2030504,0x378f7a1,0x169c65e,0x00b0b76 },
-      { 0x3849c17,0x085c764,0x10dd6d0,0x2e87689,0x1460488,0x30e9521,
-        0x10c7063,0x1b6f120,0x21f42c5,0x03d0dfe } },
-    /* 38 */
-    { { 0x20f7dab,0x035c512,0x29ac6aa,0x24c5ddb,0x20f0497,0x17ce5e1,
-        0x00a050f,0x1eaa14b,0x3335470,0x02abd16 },
-      { 0x18d364a,0x0df0cf0,0x316585e,0x018f925,0x0d40b9b,0x17b1511,
-        0x1716811,0x1caf3d0,0x10df4f2,0x0337d8c } },
-    /* 39 */
-    { { 0x2a8b7ef,0x0f188e3,0x2287747,0x06216f0,0x008e935,0x2f6a38d,
-        0x1567722,0x0bfc906,0x0bada9e,0x03c3402 },
-      { 0x014d3b1,0x099c749,0x2a76291,0x216c067,0x3b37549,0x14ef2f6,
-        0x21b96d4,0x1ee2d71,0x2f5ca88,0x016f570 } },
-    /* 40 */
-    { { 0x09a3154,0x3d1a7bd,0x2e9aef0,0x255b8ac,0x03e85a5,0x2a492a7,
-        0x2aec1ea,0x11c6516,0x3c8a09e,0x02a84b7 },
-      { 0x1f69f1d,0x09c89d3,0x1e7326f,0x0b28bfd,0x0e0e4c8,0x1ea7751,
-        0x18ce73b,0x2a406e7,0x273e48c,0x01b00db } },
-    /* 41 */
-    { { 0x36e3138,0x2b84a83,0x345a5cf,0x00096b4,0x16966ef,0x159caf1,
-        0x13c64b4,0x2f89226,0x25896af,0x00a4bfd },
-      { 0x2213402,0x1435117,0x09fed52,0x09d0e4b,0x0f6580e,0x2871cba,
-        0x3b397fd,0x1c9d825,0x090311b,0x0191383 } },
-    /* 42 */
-    { { 0x07153f0,0x1087869,0x18c9e1e,0x1e64810,0x2b86c3b,0x0175d9c,
-        0x3dce877,0x269de4e,0x393cab7,0x03c96b9 },
-      { 0x1869d0c,0x06528db,0x02641f3,0x209261b,0x29d55c8,0x25ba517,
-        0x3b5ea30,0x028f927,0x25313db,0x00e6e39 } },
-    /* 43 */
-    { { 0x2fd2e59,0x150802d,0x098f377,0x19a4957,0x135e2c0,0x38a95ce,
-        0x1ab21a0,0x36c1b67,0x32f0f19,0x00e448b },
-      { 0x3cad53c,0x3387800,0x17e3cfb,0x03f9970,0x3225b2c,0x2a84e1d,
-        0x3af1d29,0x3fe35ca,0x2f8ce80,0x0237a02 } },
-    /* 44 */
-    { { 0x07bbb76,0x3aa3648,0x2758afb,0x1f085e0,0x1921c7e,0x3010dac,
-        0x22b74b1,0x230137e,0x1062e36,0x021c652 },
-      { 0x3993df5,0x24a2ee8,0x126ab5f,0x2d7cecf,0x0639d75,0x16d5414,
-        0x1aa78a8,0x3f78404,0x26a5b74,0x03f0c57 } },
-    /* 45 */
-    { { 0x0d6ecfa,0x3f506ba,0x3f86561,0x3d86bb1,0x15f8c44,0x2491d07,
-        0x052a7b4,0x2422261,0x3adee38,0x039b529 },
-      { 0x193c75d,0x14bb451,0x1162605,0x293749c,0x370a70d,0x2e8b1f6,
-        0x2ede937,0x2b95f4a,0x39a9be2,0x00d77eb } },
-    /* 46 */
-    { { 0x2736636,0x15bf36a,0x2b7e6b9,0x25eb8b2,0x209f51d,0x3cd2659,
-        0x10bf410,0x034afec,0x3d71c83,0x0076971 },
-      { 0x0ce6825,0x07920cf,0x3c3b5c4,0x23fe55c,0x015ad11,0x08c0dae,
-        0x0552c7f,0x2e75a8a,0x0fddbf4,0x01c1df0 } },
-    /* 47 */
-    { { 0x2b9661c,0x0ffe351,0x3d71bf6,0x1ac34b3,0x3a1dfd3,0x211fe3d,
-        0x33e140a,0x3f9100d,0x32ee50e,0x014ea18 },
-      { 0x16d8051,0x1bfda1a,0x068a097,0x2571d3d,0x1daec0c,0x39389af,
-        0x194dc35,0x3f3058a,0x36d34e1,0x000a329 } },
-    /* 48 */
-    { { 0x09877ee,0x351f73f,0x0002d11,0x0420074,0x2c8b362,0x130982d,
-        0x02c1175,0x3c11b40,0x0d86962,0x001305f },
-      { 0x0daddf5,0x2f4252c,0x15c06d9,0x1d49339,0x1bea235,0x0b680ed,
-        0x3356e67,0x1d1d198,0x1e9fed9,0x03dee93 } },
-    /* 49 */
-    { { 0x3e1263f,0x2fe8d3a,0x3ce6d0d,0x0d5c6b9,0x3557637,0x0a9bd48,
-        0x0405538,0x0710749,0x2005213,0x038c7e5 },
-      { 0x26b6ec6,0x2e485ba,0x3c44d1b,0x0b9cf0b,0x037a1d1,0x27428a5,
-        0x0e7eac8,0x351ef04,0x259ce34,0x02a8e98 } },
-    /* 50 */
-    { { 0x2f3dcd3,0x3e77d4d,0x3360fbc,0x1434afd,0x36ceded,0x3d413d6,
-        0x1710fad,0x36bb924,0x1627e79,0x008e637 },
-      { 0x109569e,0x1c168db,0x3769cf4,0x2ed4527,0x0ea0619,0x17d80d3,
-        0x1c03773,0x18843fe,0x1b21c04,0x015c5fd } },
-    /* 51 */
-    { { 0x1dd895e,0x08a7248,0x04519fe,0x001030a,0x18e5185,0x358dfb3,
-        0x13d2391,0x0a37be8,0x0560e3c,0x019828b },
-      { 0x27fcbd0,0x2a22bb5,0x30969cc,0x1e03aa7,0x1c84724,0x0ba4ad3,
-        0x32f4817,0x0914cca,0x14c4f52,0x01893b9 } },
-    /* 52 */
-    { { 0x097eccc,0x1273936,0x00aa095,0x364fe62,0x04d49d1,0x10e9f08,
-        0x3c24230,0x3ef01c8,0x2fb92bd,0x013ce4a },
-      { 0x1e44fd9,0x27e3e9f,0x2156696,0x3915ecc,0x0b66cfb,0x1a3af0f,
-        0x2fa8033,0x0e6736c,0x177ccdb,0x0228f9e } },
-    /* 53 */
-    { { 0x2c4b125,0x06207c1,0x0a8cdde,0x003db8f,0x1ae34e3,0x31e84fa,
-        0x2999de5,0x11013bd,0x02370c2,0x00e2234 },
-      { 0x0f91081,0x200d591,0x1504762,0x1857c05,0x23d9fcf,0x0cb34db,
-        0x27edc86,0x08cd860,0x2471810,0x029798b } },
-    /* 54 */
-    { { 0x3acd6c8,0x097b8cb,0x3c661a8,0x15152f2,0x1699c63,0x237e64c,
-        0x23edf79,0x16b7033,0x0e6466a,0x00b11da },
-      { 0x0a64bc9,0x1bfe324,0x1f5cb34,0x08391de,0x0630a60,0x3017a21,
-        0x09d064b,0x14a8365,0x041f9e6,0x01ed799 } },
-    /* 55 */
-    { { 0x128444a,0x2508b07,0x2a39216,0x362f84d,0x2e996c5,0x2c31ff3,
-        0x07afe5f,0x1d1288e,0x3cb0c8d,0x02e2bdc },
-      { 0x38b86fd,0x3a0ea8c,0x1cff5fd,0x1629629,0x3fee3f1,0x02b250c,
-        0x2e8f6f2,0x0225727,0x15f7f3f,0x0280d8e } },
-    /* 56 */
-    { { 0x10f7770,0x0f1aee8,0x0e248c7,0x20684a8,0x3a6f16d,0x06f0ae7,
-        0x0df6825,0x2d4cc40,0x301875f,0x012f8da },
-      { 0x3b56dbb,0x1821ba7,0x24f8922,0x22c1f9e,0x0306fef,0x1b54bc8,
-        0x2ccc056,0x00303ba,0x2871bdc,0x0232f26 } },
-    /* 57 */
-    { { 0x0dac4ab,0x0625730,0x3112e13,0x101c4bf,0x3a874a4,0x2873b95,
-        0x32ae7c6,0x0d7e18c,0x13e0c08,0x01139d5 },
-      { 0x334002d,0x00fffdd,0x025c6d5,0x22c2cd1,0x19d35cb,0x3a1ce2d,
-        0x3702760,0x3f06257,0x03a5eb8,0x011c29a } },
-    /* 58 */
-    { { 0x0513482,0x1d87724,0x276a81b,0x0a807a4,0x3028720,0x339cc20,
-        0x2441ee0,0x31bbf36,0x290c63d,0x0059041 },
-      { 0x106a2ed,0x0d2819b,0x100bf50,0x114626c,0x1dd4d77,0x2e08632,
-        0x14ae72a,0x2ed3f64,0x1fd7abc,0x035cd1e } },
-    /* 59 */
-    { { 0x2d4c6e5,0x3bec596,0x104d7ed,0x23d6c1b,0x0262cf0,0x15d72c5,
-        0x2d5bb18,0x199ac4b,0x1e30771,0x020591a },
-      { 0x21e291e,0x2e75e55,0x1661d7a,0x08b0778,0x3eb9daf,0x0d78144,
-        0x1827eb1,0x0fe73d2,0x123f0dd,0x0028db7 } },
-    /* 60 */
-    { { 0x1d5533c,0x34cb1d0,0x228f098,0x27a1a11,0x17c5f5a,0x0d26f44,
-        0x2228ade,0x2c460e6,0x3d6fdba,0x038cc77 },
-      { 0x3cc6ed8,0x02ada1a,0x260e510,0x2f7bde8,0x37160c3,0x33a1435,
-        0x23d9a7b,0x0ce2641,0x02a492e,0x034ed1e } },
-    /* 61 */
-    { { 0x3821f90,0x26dba3c,0x3aada14,0x3b59bad,0x292edd9,0x2804c45,
-        0x3669531,0x296f42e,0x35a4c86,0x01ca049 },
-      { 0x3ff47e5,0x2163df4,0x2441503,0x2f18405,0x15e1616,0x37f66ec,
-        0x30f11a7,0x141658a,0x27ece14,0x00b018b } },
-    /* 62 */
-    { { 0x159ac2e,0x3e65bc0,0x2713a76,0x0db2f6c,0x3281e77,0x2391811,
-        0x16d2880,0x1fbc4ab,0x1f92c4e,0x00a0a8d },
-      { 0x0ce5cd2,0x152c7b0,0x02299c3,0x3244de7,0x2cf99ef,0x3a0b047,
-        0x2caf383,0x0aaf664,0x113554d,0x031c735 } },
-    /* 63 */
-    { { 0x1b578f4,0x177a702,0x3a7a488,0x1638ebf,0x31884e2,0x2460bc7,
-        0x36b1b75,0x3ce8e3d,0x340cf47,0x03143d9 },
-      { 0x34b68ea,0x12b7ccd,0x1fe2a9c,0x08da659,0x0a406f3,0x1694c14,
-        0x06a2228,0x16370be,0x3a72129,0x02e7b2c } },
-    /* 64 */
-    { { 0x0f8b16a,0x21043bd,0x266a56f,0x3fb11ec,0x197241a,0x36721f0,
-        0x006b8e6,0x2ac6c29,0x202cd42,0x0200fcf },
-      { 0x0dbec69,0x0c26a01,0x105f7f0,0x3dceeeb,0x3a83b85,0x363865f,
-        0x097273a,0x2b70718,0x00e5067,0x03025d1 } },
-    /* 65 */
-    { { 0x379ab34,0x295bcb0,0x38d1846,0x22e1077,0x3a8ee06,0x1db1a3b,
-        0x3144591,0x07cc080,0x2d5915f,0x03c6bcc },
-      { 0x175bd50,0x0dd4c57,0x27bc99c,0x2ebdcbd,0x3837cff,0x235dc8f,
-        0x13a4184,0x0722c18,0x130e2d4,0x008f43c } },
-    /* 66 */
-    { { 0x01500d9,0x2adbb7d,0x2da8857,0x397f2fa,0x10d890a,0x25c9654,
-        0x3e86488,0x3eb754b,0x1d6c0a3,0x02c0a23 },
-      { 0x10bcb08,0x083cc19,0x2e16853,0x04da575,0x271af63,0x2626a9d,
-        0x3520a7b,0x32348c7,0x24ff408,0x03ff4dc } },
-    /* 67 */
-    { { 0x058e6cb,0x1a3992d,0x1d28539,0x080c5e9,0x2992dad,0x2a9d7d5,
-        0x14ae0b7,0x09b7ce0,0x34ad78c,0x03d5643 },
-      { 0x30ba55a,0x092f4f3,0x0bae0fc,0x12831de,0x20fc472,0x20ed9d2,
-        0x29864f6,0x1288073,0x254f6f7,0x00635b6 } },
-    /* 68 */
-    { { 0x1be5a2b,0x0f88975,0x33c6ed9,0x20d64d3,0x06fe799,0x0989bff,
-        0x1409262,0x085a90c,0x0d97990,0x0142eed },
-      { 0x17ec63e,0x06471b9,0x0db2378,0x1006077,0x265422c,0x08db83d,
-        0x28099b0,0x1270d06,0x11801fe,0x00ac400 } },
-    /* 69 */
-    { { 0x3391593,0x22d7166,0x30fcfc6,0x2896609,0x3c385f5,0x066b72e,
-        0x04f3aad,0x2b831c5,0x19983fb,0x0375562 },
-      { 0x0b82ff4,0x222e39d,0x34c993b,0x101c79c,0x2d2e03c,0x0f00c8a,
-        0x3a9eaf4,0x1810669,0x151149d,0x039b931 } },
-    /* 70 */
-    { { 0x29af288,0x1956ec7,0x293155f,0x193deb6,0x1647e1a,0x2ca0839,
-        0x297e4bc,0x15bfd0d,0x1b107ed,0x0147803 },
-      { 0x31c327e,0x05a6e1d,0x02ad43d,0x02d2a5b,0x129cdb2,0x37ad1de,
-        0x3d51f53,0x245df01,0x2414982,0x0388bd0 } },
-    /* 71 */
-    { { 0x35f1abb,0x17a3d18,0x0874cd4,0x2d5a14e,0x17edc0c,0x16a00d3,
-        0x072c1fb,0x1232725,0x33d52dc,0x03dc24d },
-      { 0x0af30d6,0x259aeea,0x369c401,0x12bc4de,0x295bf5f,0x0d8711f,
-        0x26162a9,0x16c44e5,0x288e727,0x02f54b4 } },
-    /* 72 */
-    { { 0x05fa877,0x1571ea7,0x3d48ab1,0x1c9f4e8,0x017dad6,0x0f46276,
-        0x343f9e7,0x1de990f,0x0e4c8aa,0x028343e },
-      { 0x094f92d,0x3abf633,0x1b3a0bb,0x2f83137,0x0d818c8,0x20bae85,
-        0x0c65f8b,0x1a8008b,0x0c7946d,0x0295b1e } },
-    /* 73 */
-    { { 0x1d09529,0x08e46c3,0x1fcf296,0x298f6b7,0x1803e0e,0x2d6fd20,
-        0x37351f5,0x0d9e8b1,0x1f8731a,0x0362fbf },
-      { 0x00157f4,0x06750bf,0x2650ab9,0x35ffb23,0x2f51cae,0x0b522c2,
-        0x39cb400,0x191e337,0x0a5ce9f,0x021529a } },
-    /* 74 */
-    { { 0x3506ea5,0x17d9ed8,0x0d66dc3,0x22693f8,0x19286c4,0x3a57353,
-        0x101d3bf,0x1aa54fc,0x20b9884,0x0172b3a },
-      { 0x0eac44d,0x37d8327,0x1c3aa90,0x3d0d534,0x23db29a,0x3576eaf,
-        0x1d3de8a,0x3bea423,0x11235e4,0x039260b } },
-    /* 75 */
-    { { 0x34cd55e,0x01288b0,0x1132231,0x2cc9a03,0x358695b,0x3e87650,
-        0x345afa1,0x01267ec,0x3f616b2,0x02011ad },
-      { 0x0e7d098,0x0d6078e,0x0b70b53,0x237d1bc,0x0d7f61e,0x132de31,
-        0x1ea9ea4,0x2bd54c3,0x27b9082,0x03ac5f2 } },
-    /* 76 */
-    { { 0x2a145b9,0x06d661d,0x31ec175,0x03f06f1,0x3a5cf6b,0x249c56e,
-        0x2035653,0x384c74f,0x0bafab5,0x0025ec0 },
-      { 0x25f69e1,0x1b23a55,0x1199aa6,0x16ad6f9,0x077e8f7,0x293f661,
-        0x33ba11d,0x3327980,0x07bafdb,0x03e571d } },
-    /* 77 */
-    { { 0x2bae45e,0x3c074ef,0x2955558,0x3c312f1,0x2a8ebe9,0x2f193f1,
-        0x3705b1d,0x360deba,0x01e566e,0x00d4498 },
-      { 0x21161cd,0x1bc787e,0x2f87933,0x3553197,0x1328ab8,0x093c879,
-        0x17eee27,0x2adad1d,0x1236068,0x003be5c } },
-    /* 78 */
-    { { 0x0ca4226,0x2633dd5,0x2c8e025,0x0e3e190,0x05eede1,0x1a385e4,
-        0x163f744,0x2f25522,0x1333b4f,0x03f05b6 },
-      { 0x3c800ca,0x1becc79,0x2daabe9,0x0c499e2,0x1138063,0x3fcfa2d,
-        0x2244976,0x1e85cf5,0x2f1b95d,0x0053292 } },
-    /* 79 */
-    { { 0x12f81d5,0x1dc6eaf,0x11967a4,0x1a407df,0x31a5f9d,0x2b67241,
-        0x18bef7c,0x08c7762,0x063f59c,0x01015ec },
-      { 0x1c05c0a,0x360bfa2,0x1f85bff,0x1bc7703,0x3e4911c,0x0d685b6,
-        0x2fccaea,0x02c4cef,0x164f133,0x0070ed7 } },
-    /* 80 */
-    { { 0x0ec21fe,0x052ffa0,0x3e825fe,0x1ab0956,0x3f6ce11,0x3d29759,
-        0x3c5a072,0x18ebe62,0x148db7e,0x03eb49c },
-      { 0x1ab05b3,0x02dab0a,0x1ae690c,0x0f13894,0x137a9a8,0x0aab79f,
-        0x3dc875c,0x06a1029,0x1e39f0e,0x01dce1f } },
-    /* 81 */
-    { { 0x16c0dd7,0x3b31269,0x2c741e9,0x3611821,0x2a5cffc,0x1416bb3,
-        0x3a1408f,0x311fa3d,0x1c0bef0,0x02cdee1 },
-      { 0x00e6a8f,0x1adb933,0x0f23359,0x2fdace2,0x2fd6d4b,0x0e73bd3,
-        0x2453fac,0x0a356ae,0x2c8f9f6,0x02704d6 } },
-    /* 82 */
-    { { 0x0e35743,0x28c80a1,0x0def32a,0x2c6168f,0x1320d6a,0x37c6606,
-        0x21b1761,0x2147ee0,0x21fc433,0x015c84d },
-      { 0x1fc9168,0x36cda9c,0x003c1f0,0x1cd7971,0x15f98ba,0x1ef363d,
-        0x0ca87e3,0x046f7d9,0x3c9e6bb,0x0372eb0 } },
-    /* 83 */
-    { { 0x118cbe2,0x3665a11,0x304ef01,0x062727a,0x3d242fc,0x11ffbaf,
-        0x3663c7e,0x1a189c9,0x09e2d62,0x02e3072 },
-      { 0x0e1d569,0x162f772,0x0cd051a,0x322df62,0x3563809,0x047cc7a,
-        0x027fd9f,0x08b509b,0x3da2f94,0x01748ee } },
-    /* 84 */
-    { { 0x1c8f8be,0x31ca525,0x22bf0a1,0x200efcd,0x02961c4,0x3d8f52b,
-        0x018403d,0x3a40279,0x1cb91ec,0x030427e },
-      { 0x0945705,0x0257416,0x05c0c2d,0x25b77ae,0x3b9083d,0x2901126,
-        0x292b8d7,0x07b8611,0x04f2eee,0x026f0cd } },
-    /* 85 */
-    { { 0x2913074,0x2b8d590,0x02b10d5,0x09d2295,0x255491b,0x0c41cca,
-        0x1ca665b,0x133051a,0x1525f1a,0x00a5647 },
-      { 0x04f983f,0x3d6daee,0x04e1e76,0x1067d7e,0x1be7eef,0x02ea862,
-        0x00d4968,0x0ccb048,0x11f18ef,0x018dd95 } },
-    /* 86 */
-    { { 0x22976cc,0x17c5395,0x2c38bda,0x3983bc4,0x222bca3,0x332a614,
-        0x3a30646,0x261eaef,0x1c808e2,0x02f6de7 },
-      { 0x306a772,0x32d7272,0x2dcefd2,0x2abf94d,0x038f475,0x30ad76e,
-        0x23e0227,0x3052b0a,0x001add3,0x023ba18 } },
-    /* 87 */
-    { { 0x0ade873,0x25a6069,0x248ccbe,0x13713ee,0x17ee9aa,0x28152e9,
-        0x2e28995,0x2a92cb3,0x17a6f77,0x024b947 },
-      { 0x190a34d,0x2ebea1c,0x1ed1948,0x16fdaf4,0x0d698f7,0x32bc451,
-        0x0ee6e30,0x2aaab40,0x06f0a56,0x01460be } },
-    /* 88 */
-    { { 0x24cc99c,0x1884b1e,0x1ca1fba,0x1a0f9b6,0x2ff609b,0x2b26316,
-        0x3b27cb5,0x29bc976,0x35d4073,0x024772a },
-      { 0x3575a70,0x1b30f57,0x07fa01b,0x0e5be36,0x20cb361,0x26605cd,
-        0x1d4e8c8,0x13cac59,0x2db9797,0x005e833 } },
-    /* 89 */
-    { { 0x36c8d3a,0x1878a81,0x124b388,0x0e4843e,0x1701aad,0x0ea0d76,
-        0x10eae41,0x37d0653,0x36c7f4c,0x00ba338 },
-      { 0x37a862b,0x1cf6ac0,0x08fa912,0x2dd8393,0x101ba9b,0x0eebcb7,
-        0x2453883,0x1a3cfe5,0x2cb34f6,0x03d3331 } },
-    /* 90 */
-    { { 0x1f79687,0x3d4973c,0x281544e,0x2564bbe,0x17c5954,0x171e34a,
-        0x231741a,0x3cf2784,0x0889a0d,0x02b036d },
-      { 0x301747f,0x3f1c477,0x1f1386b,0x163bc5f,0x1592b93,0x332daed,
-        0x080e4f5,0x1d28b96,0x26194c9,0x0256992 } },
-    /* 91 */
-    { { 0x15a4c93,0x07bf6b0,0x114172c,0x1ce0961,0x140269b,0x1b2c2eb,
-        0x0dfb1c1,0x019ddaa,0x0ba2921,0x008c795 },
-      { 0x2e6d2dc,0x37e45e2,0x2918a70,0x0fce444,0x34d6aa6,0x396dc88,
-        0x27726b5,0x0c787d8,0x032d8a7,0x02ac2f8 } },
-    /* 92 */
-    { { 0x1131f2d,0x2b43a63,0x3101097,0x38cec13,0x0637f09,0x17a69d2,
-        0x086196d,0x299e46b,0x0802cf6,0x03c6f32 },
-      { 0x0daacb4,0x1a4503a,0x100925c,0x15583d9,0x23c4e40,0x1de4de9,
-        0x1cc8fc4,0x2c9c564,0x0695aeb,0x02145a5 } },
-    /* 93 */
-    { { 0x1dcf593,0x17050fc,0x3e3bde3,0x0a6c062,0x178202b,0x2f7674f,
-        0x0dadc29,0x15763a7,0x1d2daad,0x023d9f6 },
-      { 0x081ea5f,0x045959d,0x190c841,0x3a78d31,0x0e7d2dd,0x1414fea,
-        0x1d43f40,0x22d77ff,0x2b9c072,0x03e115c } },
-    /* 94 */
-    { { 0x3af71c9,0x29e9c65,0x25655e1,0x111e9cd,0x3a14494,0x3875418,
-        0x34ae070,0x0b06686,0x310616b,0x03b7b89 },
-      { 0x1734121,0x00d3d44,0x29f0b2f,0x1552897,0x31cac6e,0x1030bb3,
-        0x0148f3a,0x35fd237,0x29b44eb,0x027f49f } },
-    /* 95 */
-    { { 0x2e2cb16,0x1d962bd,0x19b63cc,0x0b3f964,0x3e3eb7d,0x1a35560,
-        0x0c58161,0x3ce1d6a,0x3b6958f,0x029030b },
-      { 0x2dcc158,0x3b1583f,0x30568c9,0x31957c8,0x27ad804,0x28c1f84,
-        0x3967049,0x37b3f64,0x3b87dc6,0x0266f26 } },
-    /* 96 */
-    { { 0x27dafc6,0x2548764,0x0d1984a,0x1a57027,0x252c1fb,0x24d9b77,
-        0x1581a0f,0x1f99276,0x10ba16d,0x026af88 },
-      { 0x0915220,0x2be1292,0x16c6480,0x1a93760,0x2fa7317,0x1a07296,
-        0x1539871,0x112c31f,0x25787f3,0x01e2070 } },
-    /* 97 */
-    { { 0x0bcf3ff,0x266d478,0x34f6933,0x31449fd,0x00d02cb,0x340765a,
-        0x3465a2d,0x225023e,0x319a30e,0x00579b8 },
-      { 0x20e05f4,0x35b834f,0x0404646,0x3710d62,0x3fad7bd,0x13e1434,
-        0x21c7d1c,0x1cb3af9,0x2cf1911,0x003957e } },
-    /* 98 */
-    { { 0x0787564,0x36601be,0x1ce67e9,0x084c7a1,0x21a3317,0x2067a35,
-        0x0158cab,0x195ddac,0x1766fe9,0x035cf42 },
-      { 0x2b7206e,0x20d0947,0x3b42424,0x03f1862,0x0a51929,0x38c2948,
-        0x0bb8595,0x2942d77,0x3748f15,0x0249428 } },
-    /* 99 */
-    { { 0x2577410,0x3c23e2f,0x28c6caf,0x00d41de,0x0fd408a,0x30298e9,
-        0x363289e,0x2302fc7,0x082c1cc,0x01dd050 },
-      { 0x30991cd,0x103e9ba,0x029605a,0x19927f7,0x0c1ca08,0x0c93f50,
-        0x28a3c7b,0x082e4e9,0x34d12eb,0x0232c13 } },
-    /* 100 */
-    { { 0x106171c,0x0b4155a,0x0c3fb1c,0x336c090,0x19073e9,0x2241a10,
-        0x0e6b4fd,0x0ed476e,0x1ef4712,0x039390a },
-      { 0x0ec36f4,0x3754f0e,0x2a270b8,0x007fd2d,0x0f9d2dc,0x1e6a692,
-        0x066e078,0x1954974,0x2ff3c6e,0x00def28 } },
-    /* 101 */
-    { { 0x3562470,0x0b8f1f7,0x0ac94cd,0x28b0259,0x244f272,0x031e4ef,
-        0x2d5df98,0x2c8a9f1,0x2dc3002,0x016644f },
-      { 0x350592a,0x0e6a0d5,0x1e027a1,0x2039e0f,0x399e01d,0x2817593,
-        0x0c0375e,0x3889b3e,0x24ab013,0x010de1b } },
-    /* 102 */
-    { { 0x256b5a6,0x0ac3b67,0x28f9ff3,0x29b67f1,0x30750d9,0x25e11a9,
-        0x15e8455,0x279ebb0,0x298b7e7,0x0218e32 },
-      { 0x2fc24b2,0x2b82582,0x28f22f5,0x2bd36b3,0x305398e,0x3b2e9e3,
-        0x365dd0a,0x29bc0ed,0x36a7b3a,0x007b374 } },
-    /* 103 */
-    { { 0x05ff2f3,0x2b3589b,0x29785d3,0x300a1ce,0x0a2d516,0x0844355,
-        0x14c9fad,0x3ccb6b6,0x385d459,0x0361743 },
-      { 0x0b11da3,0x002e344,0x18c49f7,0x0c29e0c,0x1d2c22c,0x08237b3,
-        0x2988f49,0x0f18955,0x1c3b4ed,0x02813c6 } },
-    /* 104 */
-    { { 0x17f93bd,0x249323b,0x11f6087,0x174e4bd,0x3cb64ac,0x086dc6b,
-        0x2e330a8,0x142c1f2,0x2ea5c09,0x024acbb },
-      { 0x1b6e235,0x3132521,0x00f085a,0x2a4a4db,0x1ab2ca4,0x0142224,
-        0x3aa6b3e,0x09db203,0x2215834,0x007b9e0 } },
-    /* 105 */
-    { { 0x23e79f7,0x28b8039,0x1906a60,0x2cbce67,0x1f590e7,0x181f027,
-        0x21054a6,0x3854240,0x2d857a6,0x03cfcb3 },
-      { 0x10d9b55,0x1443cfc,0x2648200,0x2b36190,0x09d2fcf,0x22f439f,
-        0x231aa7e,0x3884395,0x0543da3,0x003d5a9 } },
-    /* 106 */
-    { { 0x043e0df,0x06ffe84,0x3e6d5b2,0x3327001,0x26c74b6,0x12a145e,
-        0x256ec0d,0x3898c69,0x3411969,0x02f63c5 },
-      { 0x2b7494a,0x2eee1af,0x38388a9,0x1bd17ce,0x21567d4,0x13969e6,
-        0x3a12a7a,0x3e8277d,0x03530cc,0x00b4687 } },
-    /* 107 */
-    { { 0x06508da,0x38e04d4,0x15a7192,0x312875e,0x3336180,0x2a6512c,
-        0x1b59497,0x2e91b37,0x25eb91f,0x02841e9 },
-      { 0x394d639,0x0747143,0x37d7e6d,0x1d62962,0x08b4af3,0x34df287,
-        0x3c5584b,0x26bc869,0x20af87a,0x0060f5d } },
-    /* 108 */
-    { { 0x1de59a4,0x1a5c443,0x2f8729d,0x01c3a2f,0x0f1ad8d,0x3cbaf9e,
-        0x1b49634,0x35d508a,0x39dc269,0x0075105 },
-      { 0x390d30e,0x37033e0,0x110cb32,0x14c37a0,0x20a3b27,0x2f00ce6,
-        0x2f1dc52,0x34988c6,0x0c29606,0x01dc7e7 } },
-    /* 109 */
-    { { 0x1040739,0x24f9de1,0x2939999,0x2e6009a,0x244539d,0x17e3f09,
-        0x00f6f2f,0x1c63b3d,0x2310362,0x019109e },
-      { 0x1428aa8,0x3cb61e1,0x09a84f4,0x0ffafed,0x07b7adc,0x08f406b,
-        0x1b2c6df,0x035b480,0x3496ae9,0x012766d } },
-    /* 110 */
-    { { 0x35d1099,0x2362f10,0x1a08cc7,0x13a3a34,0x12adbcd,0x32da290,
-        0x02e2a02,0x151140b,0x01b3f60,0x0240df6 },
-      { 0x34c7b61,0x2eb09c1,0x172e7cd,0x2ad5eff,0x2fe2031,0x25b54d4,
-        0x0cec965,0x18e7187,0x26a7cc0,0x00230f7 } },
-    /* 111 */
-    { { 0x2d552ab,0x374083d,0x01f120f,0x2601736,0x156baff,0x04d44a4,
-        0x3b7c3e9,0x1acbc1b,0x0424579,0x031a425 },
-      { 0x1231bd1,0x0eba710,0x020517b,0x21d7316,0x21eac6e,0x275a848,
-        0x0837abf,0x0eb0082,0x302cafe,0x00fe8f6 } },
-    /* 112 */
-    { { 0x1058880,0x28f9941,0x03f2d75,0x3bd90e5,0x17da365,0x2ac9249,
-        0x07861cf,0x023fd05,0x1b0fdb8,0x031712f },
-      { 0x272b56b,0x04f8d2c,0x043a735,0x25446e4,0x1c8327e,0x221125a,
-        0x0ce37df,0x2dad7f6,0x39446c2,0x00b55b6 } },
-    /* 113 */
-    { { 0x346ac6b,0x05e0bff,0x2425246,0x0981e8b,0x1d19f79,0x2692378,
-        0x3ea3c40,0x2e90beb,0x19de503,0x003d5af },
-      { 0x05cda49,0x353b44d,0x299d137,0x3f205bc,0x2821158,0x3ad0d00,
-        0x06a54aa,0x2d7c79f,0x39d1173,0x01000ee } },
-    /* 114 */
-    { { 0x0803387,0x3a06268,0x14043b8,0x3d4e72f,0x1ece115,0x0a1dfc8,
-        0x17208dd,0x0be790a,0x122a07f,0x014dd95 },
-      { 0x0a4182d,0x202886a,0x1f79a49,0x1e8c867,0x0a2bbd0,0x28668b5,
-        0x0d0a2e1,0x115259d,0x3586c5d,0x01e815b } },
-    /* 115 */
-    { { 0x18a2a47,0x2c95627,0x2773646,0x1230f7c,0x15b5829,0x2fc354e,
-        0x2c000ea,0x099d547,0x2f17a1a,0x01df520 },
-      { 0x3853948,0x06f6561,0x3feeb8a,0x2f5b3ef,0x3a6f817,0x01a0791,
-        0x2ec0578,0x2c392ad,0x12b2b38,0x0104540 } },
-    /* 116 */
-    { { 0x1e28ced,0x0fc3d1b,0x2c473c7,0x1826c4f,0x21d5da7,0x39718e4,
-        0x38ce9e6,0x0251986,0x172fbea,0x0337c11 },
-      { 0x053c3b0,0x0f162db,0x043c1cb,0x04111ee,0x297fe3c,0x32e5e03,
-        0x2b8ae12,0x0c427ec,0x1da9738,0x03b9c0f } },
-    /* 117 */
-    { { 0x357e43a,0x054503f,0x11b8345,0x34ec6e0,0x2d44660,0x3d0ae61,
-        0x3b5dff8,0x33884ac,0x09da162,0x00a82b6 },
-      { 0x3c277ba,0x129a51a,0x027664e,0x1530507,0x0c788c9,0x2afd89d,
-        0x1aa64cc,0x1196450,0x367ac2b,0x0358b42 } },
-    /* 118 */
-    { { 0x0054ac4,0x1761ecb,0x378839c,0x167c9f7,0x2570058,0x0604a35,
-        0x37cbf3b,0x0909bb7,0x3f2991c,0x02ce688 },
-      { 0x0b16ae5,0x212857c,0x351b952,0x2c684db,0x30c6a05,0x09c01e0,
-        0x23c137f,0x1331475,0x092c067,0x0013b40 } },
-    /* 119 */
-    { { 0x2e90393,0x0617466,0x24e61f4,0x0a528f5,0x03047b4,0x2153f05,
-        0x0001a69,0x30e1eb8,0x3c10177,0x0282a47 },
-      { 0x22c831e,0x28fc06b,0x3e16ff0,0x208adc9,0x0bb76ae,0x28c1d6d,
-        0x12c8a15,0x031063c,0x1889ed2,0x002133e } },
-    /* 120 */
-    { { 0x0a6becf,0x14277bf,0x3328d98,0x201f7fe,0x12fceae,0x1de3a2e,
-        0x0a15c44,0x3ddf976,0x1b273ab,0x0355e55 },
-      { 0x1b5d4f1,0x369e78c,0x3a1c210,0x12cf3e9,0x3aa52f0,0x309f082,
-        0x112089d,0x107c753,0x24202d1,0x023853a } },
-    /* 121 */
-    { { 0x2897042,0x140d17c,0x2c4aeed,0x07d0d00,0x18d0533,0x22f7ec8,
-        0x19c194c,0x3456323,0x2372aa4,0x0165f86 },
-      { 0x30bd68c,0x1fb06b3,0x0945032,0x372ac09,0x06d4be0,0x27f8fa1,
-        0x1c8d7ac,0x137a96e,0x236199b,0x0328fc0 } },
-    /* 122 */
-    { { 0x170bd20,0x2842d58,0x1de7592,0x3c5b4fd,0x20ea897,0x12cab78,
-        0x363ff14,0x01f928c,0x17e309c,0x02f79ff },
-      { 0x0f5432c,0x2edb4ae,0x044b516,0x32f810d,0x2210dc1,0x23e56d6,
-        0x301e6ff,0x34660f6,0x10e0a7d,0x02d88eb } },
-    /* 123 */
-    { { 0x0c7b65b,0x2f59d58,0x2289a75,0x2408e92,0x1ab8c55,0x1ec99e5,
-        0x220fd0d,0x04defe0,0x24658ec,0x035aa8b },
-      { 0x138bb85,0x2f002d4,0x295c10a,0x08760ce,0x28c31d1,0x1c0a8cb,
-        0x0ff00b1,0x144eac9,0x2e02dcc,0x0044598 } },
-    /* 124 */
-    { { 0x3b42b87,0x050057b,0x0dff781,0x1c06db1,0x1bd9f5d,0x1f5f04a,
-        0x2cccd7a,0x143e19b,0x1cb94b7,0x036cfb8 },
-      { 0x34837cf,0x3cf6c3c,0x0d4fb26,0x22ee55e,0x1e7eed1,0x315995f,
-        0x2cdf937,0x1a96574,0x0425220,0x0221a99 } },
-    /* 125 */
-    { { 0x1b569ea,0x0d33ed9,0x19c13c2,0x107dc84,0x2200111,0x0569867,
-        0x2dc85da,0x05ef22e,0x0eb018a,0x029c33d },
-      { 0x04a6a65,0x3e5eba3,0x378f224,0x09c04d0,0x036e5cf,0x3df8258,
-        0x3a609e4,0x1eddef8,0x2abd174,0x02a91dc } },
-    /* 126 */
-    { { 0x2a60cc0,0x1d84c5e,0x115f676,0x1840da0,0x2c79163,0x2f06ed6,
-        0x198bb4b,0x3e5d37b,0x1dc30fa,0x018469b },
-      { 0x15ee47a,0x1e32f30,0x16a530e,0x2093836,0x02e8962,0x3767b62,
-        0x335adf3,0x27220db,0x2f81642,0x0173ffe } },
-    /* 127 */
-    { { 0x37a99cd,0x1533fe6,0x05a1c0d,0x27610f1,0x17bf3b9,0x0b1ce78,
-        0x0a908f6,0x265300e,0x3237dc1,0x01b969a },
-      { 0x3a5db77,0x2d15382,0x0d63ef8,0x1feb3d8,0x0b7b880,0x19820de,
-        0x11c0c67,0x2af3396,0x38d242d,0x0120688 } },
-    /* 128 */
-    { { 0x1d0b34a,0x05ef00d,0x00a7e34,0x1ae0c9f,0x1440b38,0x300d8b4,
-        0x37262da,0x3e50e3e,0x14ce0cd,0x00b1044 },
-      { 0x195a0b1,0x173bc6b,0x03622ba,0x2a19f55,0x1c09b37,0x07921b2,
-        0x16cdd20,0x24a5c9b,0x2bf42ff,0x00811de } },
-    /* 129 */
-    { { 0x0d65dbf,0x145cf06,0x1ad82f7,0x038ce7b,0x077bf94,0x33c4007,
-        0x22d26bd,0x25ad9c0,0x09ac773,0x02b1990 },
-      { 0x2261cc3,0x2ecdbf1,0x3e908b0,0x3246439,0x0213f7b,0x1179b04,
-        0x01cebaa,0x0be1595,0x175cc12,0x033a39a } },
-    /* 130 */
-    { { 0x00a67d2,0x086d06f,0x248a0f1,0x0291134,0x362d476,0x166d1cd,
-        0x044f1d6,0x2d2a038,0x365250b,0x0023f78 },
-      { 0x08bf287,0x3b0f6a1,0x1d6eace,0x20b4cda,0x2c2a621,0x0912520,
-        0x02dfdc9,0x1b35cd6,0x3d2565d,0x00bdf8b } },
-    /* 131 */
-    { { 0x3770fa7,0x2e4b6f0,0x03f9ae4,0x170de41,0x1095e8d,0x1dd845c,
-        0x334e9d1,0x00ab953,0x12e9077,0x03196fa },
-      { 0x2fd0a40,0x228c0fd,0x384b275,0x38ef339,0x3e7d822,0x3e5d9ef,
-        0x24f5854,0x0ece9eb,0x247d119,0x012ffe3 } },
-    /* 132 */
-    { { 0x0ff1480,0x07487c0,0x1b16cd4,0x1f41d53,0x22ab8fb,0x2f83cfa,
-        0x01d2efb,0x259f6b2,0x2e65772,0x00f9392 },
-      { 0x05303e6,0x23cdb4f,0x23977e1,0x12e4898,0x03bd999,0x0c930f0,
-        0x170e261,0x180a27b,0x2fd58ec,0x014e22b } },
-    /* 133 */
-    { { 0x25d7713,0x0c5fad7,0x09daad1,0x3b9d779,0x109b985,0x1d3ec98,
-        0x35bc4fc,0x2f838cb,0x0d14f75,0x0173e42 },
-      { 0x2657b12,0x10d4423,0x19e6760,0x296e5bb,0x2bfd421,0x25c3330,
-        0x29f51f8,0x0338838,0x24060f0,0x029a62e } },
-    /* 134 */
-    { { 0x3748fec,0x2c5a1bb,0x2cf973d,0x289fa74,0x3e6e755,0x38997bf,
-        0x0b6544c,0x2b6358c,0x38a7aeb,0x02c50bb },
-      { 0x3d5770a,0x06be7c5,0x012fad3,0x19cb2cd,0x266af3b,0x3ccd677,
-        0x160d1bd,0x141d5af,0x2965851,0x034625a } },
-    /* 135 */
-    { { 0x3c41c08,0x255eacc,0x22e1ec5,0x2b151a3,0x087de94,0x311cbdb,
-        0x016b73a,0x368e462,0x20b7981,0x0099ec3 },
-      { 0x262b988,0x1539763,0x21e76e5,0x15445b4,0x1d8ddc7,0x34a9be6,
-        0x10faf03,0x24e4d18,0x07aa111,0x02d538a } },
-    /* 136 */
-    { { 0x38a876b,0x048ad45,0x04b40a0,0x3fc2144,0x251ff96,0x13ca7dd,
-        0x0b31ab1,0x3539814,0x28b5f87,0x0212aec },
-      { 0x270790a,0x350e7e0,0x346bd5e,0x276178f,0x22d6cb5,0x3078884,
-        0x355c1b6,0x15901d7,0x3671765,0x03950db } },
-    /* 137 */
-    { { 0x286e8d5,0x2409788,0x13be53f,0x2d21911,0x0353c95,0x10238e8,
-        0x32f5bde,0x3a67b60,0x28b5b9c,0x001013d },
-      { 0x381e8e5,0x0cef7a9,0x2f5bcad,0x06058f0,0x33cdf50,0x04672a8,
-        0x1769600,0x31c055d,0x3df0ac1,0x00e9098 } },
-    /* 138 */
-    { { 0x2eb596d,0x197b326,0x12b4c29,0x39c08f2,0x101ea03,0x3804e58,
-        0x04b4b62,0x28d9d1c,0x13f905e,0x0032a3f },
-      { 0x11b2b61,0x08e9095,0x0d06925,0x270e43f,0x21eb7a8,0x0e4a98f,
-        0x31d2be0,0x030cf9f,0x2644ddb,0x025b728 } },
-    /* 139 */
-    { { 0x07510af,0x2ed0e8e,0x2a01203,0x2a2a68d,0x0846fea,0x3e540de,
-        0x3a57702,0x1677348,0x2123aad,0x010d8f8 },
-      { 0x0246a47,0x0e871d0,0x124dca4,0x34b9577,0x2b362b8,0x363ebe5,
-        0x3086045,0x26313e6,0x15cd8bb,0x0210384 } },
-    /* 140 */
-    { { 0x023e8a7,0x0817884,0x3a0bf12,0x3376371,0x3c808a8,0x18e9777,
-        0x12a2721,0x35b538a,0x2bd30de,0x017835a },
-      { 0x0fc0f64,0x1c8709f,0x2d8807a,0x0743957,0x242eec0,0x347e76c,
-        0x27bef91,0x289689a,0x0f42945,0x01f7a92 } },
-    /* 141 */
-    { { 0x1060a81,0x3dbc739,0x1615abd,0x1cbe3e5,0x3e79f9c,0x1ab09a2,
-        0x136c540,0x05b473f,0x2beebfd,0x02af0a8 },
-      { 0x3e2eac7,0x19be474,0x04668ac,0x18f4b74,0x36f10ba,0x0a0b4c6,
-        0x10e3770,0x3bf059e,0x3946c7e,0x013a8d4 } },
-    /* 142 */
-    { { 0x266309d,0x28be354,0x1a3eed8,0x3020651,0x10a51c6,0x1e31770,
-        0x0af45a5,0x3ff0f3b,0x2891c94,0x00e9db9 },
-      { 0x17b0d0f,0x33a291f,0x0a5f9aa,0x25a3d61,0x2963ace,0x39a5fef,
-        0x230c724,0x1919146,0x10a465e,0x02084a8 } },
-    /* 143 */
-    { { 0x3ab8caa,0x31870f3,0x2390ef7,0x2103850,0x218eb8e,0x3a5ccf2,
-        0x1dff677,0x2c59334,0x371599c,0x02a9f2a },
-      { 0x0837bd1,0x3249cef,0x35d702f,0x3430dab,0x1c06407,0x108f692,
-        0x221292f,0x05f0c5d,0x073fe06,0x01038e0 } },
-    /* 144 */
-    { { 0x3bf9b7c,0x2020929,0x30d0f4f,0x080fef8,0x3365d23,0x1f3e738,
-        0x3e53209,0x1549afe,0x300b305,0x038d811 },
-      { 0x0c6c2c7,0x2e6445b,0x3ee64dc,0x022e932,0x0726837,0x0deb67b,
-        0x1ed4346,0x3857f73,0x277a3de,0x01950b5 } },
-    /* 145 */
-    { { 0x36c377a,0x0adb41e,0x08be3f3,0x11e40d1,0x36cb038,0x036a2bd,
-        0x3dd3a82,0x1bc875b,0x2ee09bb,0x02994d2 },
-      { 0x035facf,0x05e0344,0x07e630a,0x0ce772d,0x335e55a,0x111fce4,
-        0x250fe1c,0x3bc89ba,0x32fdc9a,0x03cf2d9 } },
-    /* 146 */
-    { { 0x355fd83,0x1c67f8e,0x1d10eb3,0x1b21d77,0x0e0d7a4,0x173a9e1,
-        0x2c9fa90,0x1c39cce,0x22eaae8,0x01f2bea },
-      { 0x153b338,0x0534107,0x26c69b8,0x283be1f,0x3e0acc0,0x059cac3,
-        0x13d1081,0x148bbee,0x3c1b9bd,0x002aac4 } },
-    /* 147 */
-    { { 0x2681297,0x3389e34,0x146addc,0x2c6d425,0x2cb350e,0x1986abc,
-        0x0431737,0x04ba4b7,0x2028470,0x012e469 },
-      { 0x2f8ddcf,0x3c4255c,0x1af4dcf,0x07a6a44,0x208ebf6,0x0dc90c3,
-        0x34360ac,0x072ad23,0x0537232,0x01254d3 } },
-    /* 148 */
-    { { 0x07b7e9d,0x3df5c7c,0x116f83d,0x28c4f35,0x3a478ef,0x3011fb8,
-        0x2f264b6,0x317b9e3,0x04fd65a,0x032bd1b },
-      { 0x2aa8266,0x3431de4,0x04bba04,0x19a44da,0x0edf454,0x392c5ac,
-        0x265168a,0x1dc3d5b,0x25704c6,0x00533a7 } },
-    /* 149 */
-    { { 0x25e8f91,0x1178fa5,0x2492994,0x2eb2c3c,0x0d3aca1,0x0322828,
-        0x1cc70f9,0x269c74c,0x0a53e4c,0x006edc2 },
-      { 0x18bdd7a,0x2a79a55,0x26b1d5c,0x0200628,0x0734a05,0x3273c7b,
-        0x13aa714,0x0040ac2,0x2f2da30,0x03e7449 } },
-    /* 150 */
-    { { 0x3f9563e,0x2f29eab,0x14a0749,0x3fad264,0x1dd077a,0x3d7c59c,
-        0x3a0311b,0x331a789,0x0b9729e,0x0201ebf },
-      { 0x1b08b77,0x2a4cdf2,0x3e387f8,0x21510f1,0x286c3a7,0x1dbf62e,
-        0x3afa594,0x3363217,0x0d16568,0x01d46b7 } },
-    /* 151 */
-    { { 0x0715c0d,0x28e2d04,0x17f78ae,0x1c63dda,0x1d113ea,0x0fefc1b,
-        0x1eab149,0x1d0fd99,0x0682537,0x00a7b11 },
-      { 0x10bebbc,0x11c672d,0x14223d9,0x2ff9141,0x1399ee5,0x34b7b6c,
-        0x0d5b3a8,0x01df643,0x0e392a4,0x03fe4dc } },
-    /* 152 */
-    { { 0x2b75b65,0x0b5a6f1,0x11c559a,0x3549999,0x24188f8,0x37a75f4,
-        0x29f33e3,0x34068a2,0x38ba2a9,0x025dd91 },
-      { 0x29af2c7,0x0988b64,0x0923885,0x1b539a4,0x1334f5d,0x226947a,
-        0x2cc7e5a,0x20beb39,0x13fac2f,0x01d298c } },
-    /* 153 */
-    { { 0x35f079c,0x137f76d,0x2fbbb2f,0x254638d,0x185b07c,0x1f34db7,
-        0x2cfcf0e,0x218f46d,0x2150ff4,0x02add6f },
-      { 0x33fc9b7,0x0d9f005,0x0fd081b,0x0834965,0x2b90a74,0x102448d,
-        0x3dbf03c,0x167d857,0x02e0b44,0x013afab } },
-    /* 154 */
-    { { 0x09f2c53,0x317f9d7,0x1411eb6,0x0463aba,0x0d25220,0x256b176,
-        0x087633f,0x2bff322,0x07b2c1b,0x037e662 },
-      { 0x10aaecb,0x23bb4a1,0x2272bb7,0x06c075a,0x09d4918,0x0736f2b,
-        0x0dd511b,0x101625e,0x0a7779f,0x009ec10 } },
-    /* 155 */
-    { { 0x33b2eb2,0x0176dfd,0x2118904,0x022386c,0x2e0df85,0x2588c9f,
-        0x1b71525,0x28fd540,0x137e4cf,0x02ce4f7 },
-      { 0x3d75165,0x0c39ecf,0x3554a12,0x30af34c,0x2d66344,0x3ded408,
-        0x36f1be0,0x0d065b0,0x012d046,0x0025623 } },
-    /* 156 */
-    { { 0x2601c3b,0x1824fc0,0x335fe08,0x3e33d70,0x0fb0252,0x252bfca,
-        0x1cf2808,0x1922e55,0x1a9db9f,0x020721e },
-      { 0x2f56c51,0x39a1f31,0x218c040,0x1a4fc5d,0x3fed471,0x0164d4e,
-        0x388a419,0x06f1113,0x0f55fc1,0x03e8352 } },
-    /* 157 */
-    { { 0x1608e4d,0x3872778,0x022cbc6,0x044d60a,0x3010dda,0x15fb0b5,
-        0x37ddc11,0x19f5bda,0x156b6a3,0x023a838 },
-      { 0x383b3b4,0x1380bc8,0x353ca35,0x250fc07,0x169966b,0x3780f29,
-        0x36632b2,0x2d6b13f,0x124fa00,0x00fd6ae } },
-    /* 158 */
-    { { 0x1739efb,0x2ec3656,0x2c0d337,0x3d39faf,0x1c751b0,0x04699f4,
-        0x252dd64,0x095b8b6,0x0872b74,0x022f1da },
-      { 0x2d3d253,0x38edca0,0x379fa5b,0x287d635,0x3a9f679,0x059d9ee,
-        0x0ac168e,0x3cd3e87,0x19060fc,0x02ce1bc } },
-    /* 159 */
-    { { 0x3edcfc2,0x0f04d4b,0x2f0d31f,0x1898be2,0x25396bf,0x15ca230,
-        0x02b4eae,0x2713668,0x0f71b06,0x0132d18 },
-      { 0x38095ea,0x1ed34d6,0x3603ae6,0x165bf01,0x192bbf8,0x1852859,
-        0x075f66b,0x1488f85,0x10895ef,0x014b035 } },
-    /* 160 */
-    { { 0x1339848,0x3084385,0x0c8d231,0x3a1c1de,0x0e87a28,0x255b85c,
-        0x1de6616,0x2702e74,0x1382bb0,0x012b0f2 },
-      { 0x198987d,0x381545a,0x34d619b,0x312b827,0x18b2376,0x28fe4cf,
-        0x20b7651,0x017d077,0x0c7e397,0x00e0365 } },
-    /* 161 */
-    { { 0x1542e75,0x0d56aa0,0x39b701a,0x287b806,0x396c724,0x0935c21,
-        0x3a29776,0x0debdac,0x171de26,0x00b38f8 },
-      { 0x1d5bc1a,0x3fad27d,0x22b5cfe,0x1f89ddf,0x0a65560,0x144dd5b,
-        0x2aac2f9,0x139353f,0x0520b62,0x00b9b36 } },
-    /* 162 */
-    { { 0x031c31d,0x16552e3,0x1a0c368,0x0016fc8,0x168533d,0x171e7b2,
-        0x17626e7,0x275502f,0x14742c6,0x03285dd },
-      { 0x2d2dbb2,0x3b6bffd,0x1d18cc6,0x2f45d2a,0x0fd0d8c,0x2915e3a,
-        0x1e8793a,0x0b39a1d,0x3139cab,0x02a5da9 } },
-    /* 163 */
-    { { 0x3fb353d,0x147c6e4,0x3a720a6,0x22d5ff3,0x1d75cab,0x06c54a0,
-        0x08cfa73,0x12666aa,0x3170a1f,0x021c829 },
-      { 0x13e1b90,0x3a34dda,0x1fc38c3,0x02c5bdb,0x2d345dc,0x14aa1d0,
-        0x28d00ab,0x224f23a,0x329c769,0x025c67b } },
-    /* 164 */
-    { { 0x0e35909,0x3bb6356,0x0116820,0x370cf77,0x29366d8,0x3881409,
-        0x3999d06,0x013075f,0x176e157,0x02941ca },
-      { 0x0e70b2e,0x28dfab1,0x2a8a002,0x15da242,0x084dcf6,0x116ca97,
-        0x31bf186,0x1dc9735,0x09df7b7,0x0264e27 } },
-    /* 165 */
-    { { 0x2da7a4b,0x3023c9e,0x1366238,0x00ff4e2,0x03abe9d,0x19bd44b,
-        0x272e897,0x20b91ad,0x2aa202c,0x02a2201 },
-      { 0x380184e,0x08112b4,0x0b85660,0x31049aa,0x3a8cb78,0x36113c5,
-        0x1670c0a,0x373f9e7,0x3fb4738,0x00010ef } },
-    /* 166 */
-    { { 0x2d5192e,0x26d770d,0x32af8d5,0x34d1642,0x1acf885,0x05805e0,
-        0x166d0a1,0x1219a0d,0x301ba6c,0x014bcfb },
-      { 0x2dcb64d,0x19cca83,0x379f398,0x08e01a0,0x10a482c,0x0103cc2,
-        0x0be5fa7,0x1f9d45b,0x1899ef2,0x00ca5af } },
-    /* 167 */
-    { { 0x14d81d7,0x2aea251,0x1b3c476,0x3bd47ae,0x29eade7,0x0715e61,
-        0x1a21cd8,0x1c7a586,0x2bfaee5,0x00ee43f },
-      { 0x096f7cb,0x0c08f95,0x1bc4939,0x361fed4,0x255be41,0x26fad73,
-        0x31dd489,0x02c600f,0x29d9f81,0x01ba201 } },
-    /* 168 */
-    { { 0x03ea1db,0x1eac46d,0x1292ce3,0x2a54967,0x20a7ff1,0x3e13c61,
-        0x1b02218,0x2b44e14,0x3eadefa,0x029c88a },
-      { 0x30a9144,0x31e3b0a,0x19c5a2a,0x147cbe9,0x05a0240,0x051f38e,
-        0x11eca56,0x31a4247,0x123bc2a,0x02fa535 } },
-    /* 169 */
-    { { 0x3226ce7,0x1251782,0x0b7072f,0x11e59fa,0x2b8afd7,0x169b18f,
-        0x2a46f18,0x31d9bb7,0x2fe9be8,0x01de0b7 },
-      { 0x1b38626,0x34aa90f,0x3ad1760,0x21ddbd9,0x3460ae7,0x1126736,
-        0x1b86fc5,0x0b92cd0,0x167a289,0x000e0e1 } },
-    /* 170 */
-    { { 0x1ec1a0f,0x36bbf5e,0x1c972d8,0x3f73ace,0x13bbcd6,0x23d86a5,
-        0x175ffc5,0x2d083d5,0x2c4adf7,0x036f661 },
-      { 0x1f39eb7,0x2a20505,0x176c81a,0x3d6e636,0x16ee2fc,0x3cbdc5f,
-        0x25475dc,0x2ef4151,0x3c46860,0x0238934 } },
-    /* 171 */
-    { { 0x2587390,0x3639526,0x0588749,0x13c32fb,0x212bb19,0x09660f1,
-        0x207da4b,0x2bf211b,0x1c4407b,0x01506a6 },
-      { 0x24c8842,0x105a498,0x05ffdb2,0x0ab61b0,0x26044c1,0x3dff3d8,
-        0x1d14b44,0x0d74716,0x049f57d,0x030024b } },
-    /* 172 */
-    { { 0x32e61ef,0x31d70f7,0x35cad3c,0x320b86c,0x07e8841,0x027ca7d,
-        0x2d30d19,0x2513718,0x2347286,0x01d7901 },
-      { 0x3c237d0,0x107f16e,0x01c9e7d,0x3c3b13c,0x0c9537b,0x20af54d,
-        0x051a162,0x2161a47,0x258c784,0x016df2d } },
-    /* 173 */
-    { { 0x228ead1,0x29c2122,0x07f6964,0x023f4ed,0x1802dc5,0x19f96ce,
-        0x24bfd17,0x25e866b,0x2ba8df0,0x01eb84f },
-      { 0x2dd384e,0x05bbe3a,0x3f06fd2,0x366dacb,0x30361a2,0x2f36d7c,
-        0x0b98784,0x38ff481,0x074e2a8,0x01e1f60 } },
-    /* 174 */
-    { { 0x17fbb1c,0x0975add,0x1debc5e,0x2cb2880,0x3e47bdd,0x3488cff,
-        0x15e9a36,0x2121129,0x0199ef2,0x017088a },
-      { 0x0315250,0x352a162,0x17c1773,0x0ae09c2,0x321b21a,0x3bd74cf,
-        0x3c4ea1d,0x3cac2ad,0x3abbaf0,0x039174d } },
-    /* 175 */
-    { { 0x0511c8a,0x3c78d0a,0x2cd3d2d,0x322f729,0x3ebb229,0x09f0e69,
-        0x0a71a76,0x2e74d5e,0x12284df,0x03b5ef0 },
-      { 0x3dea561,0x0a9b7e4,0x0ed1cf2,0x237523c,0x05443f1,0x2eb48fa,
-        0x3861405,0x1b49f62,0x0c945ca,0x02ab25f } },
-    /* 176 */
-    { { 0x16bd00a,0x13a9d28,0x3cc1eb5,0x2b7d702,0x2d839e9,0x3e6ff01,
-        0x2bb7f11,0x3713824,0x3b31163,0x00c63e5 },
-      { 0x30d7138,0x0316fb0,0x0220ecc,0x08eaf0c,0x244e8df,0x0088d81,
-        0x37972fb,0x3fd34ae,0x2a19a84,0x03e907e } },
-    /* 177 */
-    { { 0x2642269,0x0b65d29,0x03bd440,0x33a6ede,0x3c81814,0x2507982,
-        0x0d38e47,0x3a788e6,0x32c1d26,0x00e2eda },
-      { 0x2577f87,0x392895a,0x3e1cc64,0x14f7047,0x08b52d2,0x08a01ca,
-        0x336abf6,0x00697fc,0x105ce76,0x0253742 } },
-    /* 178 */
-    { { 0x293f92a,0x33df737,0x3315156,0x32e26d7,0x0a01333,0x26579d4,
-        0x004df9c,0x0aba409,0x067d25c,0x02481de },
-      { 0x3f39d44,0x1c78042,0x13d7e24,0x0825aed,0x35f2c90,0x3270f63,
-        0x04b7b35,0x3ad4531,0x28bd29b,0x0207a10 } },
-    /* 179 */
-    { { 0x077199f,0x270aeb1,0x0dd96dd,0x3b9ad7b,0x28cb8ee,0x3903f43,
-        0x37db3fe,0x292c62b,0x362dbbf,0x006e52a },
-      { 0x247f143,0x0362cf3,0x216344f,0x3f18fd1,0x351e623,0x31664e0,
-        0x0f270fc,0x243bbc6,0x2280555,0x001a8e3 } },
-    /* 180 */
-    { { 0x3355b49,0x2c04e6c,0x399b2e5,0x182d3af,0x020e265,0x09a7cf7,
-        0x0ffa6bd,0x353e302,0x02083d9,0x029ecdb },
-      { 0x33e8830,0x0570e86,0x1c0b64d,0x386a27e,0x0d5fcea,0x0b45a4c,
-        0x2ee4a2e,0x0a8833f,0x2b4a282,0x02f9531 } },
-    /* 181 */
-    { { 0x191167c,0x36cf7e3,0x225ed6c,0x1e79e99,0x0517c3f,0x11ab1fd,
-        0x05648f3,0x08aedc4,0x1abeae0,0x02fcc29 },
-      { 0x3828a68,0x1e16fa4,0x30368e7,0x0c9fcfb,0x25161c3,0x24851ac,
-        0x1b5feb5,0x344eb84,0x0de2732,0x0347208 } },
-    /* 182 */
-    { { 0x038b363,0x384d1e4,0x2519043,0x151ac17,0x158c11f,0x009b2b4,
-        0x257abe6,0x2368d3f,0x3ed68a1,0x02df45e },
-      { 0x29c2559,0x2962478,0x3d8444c,0x1d96fff,0x04f7a03,0x1391a52,
-        0x0de4af7,0x3319126,0x15e6412,0x00e65ff } },
-    /* 183 */
-    { { 0x3d61507,0x1d1a0a2,0x0d2af20,0x354d299,0x329e132,0x2a28578,
-        0x2ddfb08,0x04fa3ff,0x1293c6c,0x003bae2 },
-      { 0x3e259f8,0x1a68fa9,0x3e67e9b,0x39b44f9,0x1ce1db7,0x347e9a1,
-        0x3318f6a,0x2dbbc9d,0x2f8c922,0x008a245 } },
-    /* 184 */
-    { { 0x212ab5b,0x2b896c2,0x0136959,0x07e55ef,0x0cc1117,0x05b8ac3,
-        0x18429ed,0x025fa01,0x11d6e93,0x03b016b },
-      { 0x03f3708,0x2e96fab,0x1d77157,0x0d4c2d6,0x131baf9,0x0608d39,
-        0x3552371,0x06cdd1e,0x1567ff1,0x01f4c50 } },
-    /* 185 */
-    { { 0x2dfefab,0x270173d,0x37077bd,0x1a372cd,0x1be2f22,0x28e2ee5,
-        0x3ead973,0x35e8f94,0x2fc9bc1,0x03a7399 },
-      { 0x36a02a1,0x2855d9b,0x00ed75a,0x37d8398,0x138c087,0x233706e,
-        0x147f346,0x01947e2,0x3017228,0x0365942 } },
-    /* 186 */
-    { { 0x2057e60,0x2d31296,0x25e4504,0x2fa37bc,0x1cbccc3,0x1f0732f,
-        0x3532081,0x2de8a98,0x19a804e,0x005359a },
-      { 0x31f411a,0x2a10576,0x369c2c8,0x02fe035,0x109fbaf,0x30bddeb,
-        0x1eef901,0x1662ad3,0x0410d43,0x01bd31a } },
-    /* 187 */
-    { { 0x2c24a96,0x1b7d3a5,0x19a3872,0x217f2f6,0x2534dbc,0x2cab8c2,
-        0x066ef28,0x26aecf1,0x0fd6118,0x01310d4 },
-      { 0x055b8da,0x1fdc5be,0x38a1296,0x25118f0,0x341a423,0x2ba4cd0,
-        0x3e1413e,0x062d70d,0x2425a31,0x029c9b4 } },
-    /* 188 */
-    { { 0x08c1086,0x1acfba5,0x22e1dae,0x0f72f4e,0x3f1de50,0x0f408bc,
-        0x35ed3f0,0x3ce48fc,0x282cc6c,0x004d8e7 },
-      { 0x1afaa86,0x24e3ef3,0x22589ac,0x3ec9952,0x1f45bc5,0x14144ca,
-        0x23b26e4,0x0d68c65,0x1e1c1a3,0x032a4d9 } },
-    /* 189 */
-    { { 0x03b2d20,0x16b1d53,0x241b361,0x05e4138,0x1742a54,0x32741c7,
-        0x0521c4c,0x1ca96c2,0x034970b,0x02738a7 },
-      { 0x13e0ad6,0x207dcdb,0x034c8cc,0x27bcbe1,0x18060da,0x33a18b6,
-        0x2d1d1a6,0x2be60d7,0x3d7ab42,0x012312a } },
-    /* 190 */
-    { { 0x0c7485a,0x06c3310,0x0dbfd22,0x2ef949d,0x0ead455,0x098f4ba,
-        0x3c76989,0x0cf2d24,0x032f67b,0x01e005f },
-      { 0x30cb5ee,0x0d5da64,0x0ed2b9d,0x2503102,0x1c0d14e,0x1cbc693,
-        0x37bf552,0x07013e2,0x054de5c,0x014f341 } },
-    /* 191 */
-    { { 0x128ccac,0x1617e97,0x346ebcd,0x158016d,0x25f823e,0x34048ea,
-        0x39f0a1c,0x3ea3df1,0x1c1d3d7,0x03ba919 },
-      { 0x151803b,0x01967c1,0x2f70781,0x27df39a,0x06c0b59,0x24a239c,
-        0x15a7702,0x2464d06,0x2a47ae6,0x006db90 } },
-    /* 192 */
-    { { 0x27d04c3,0x024df3d,0x38112e8,0x38a27ba,0x01e312b,0x0965358,
-        0x35d8879,0x2f4f55a,0x214187f,0x0008936 },
-      { 0x05fe36f,0x2ee18c3,0x1f5f87a,0x1813bd4,0x0580f3c,0x0ed0a7b,
-        0x0fb1bfb,0x3fcce59,0x2f042bf,0x01820e3 } },
-    /* 193 */
-    { { 0x20bbe99,0x32cbc9f,0x39ee432,0x3cc12a8,0x37bda44,0x3ea4e40,
-        0x097c7a9,0x0590d7d,0x2022d33,0x018dbac },
-      { 0x3ae00aa,0x3439864,0x2d2ffcf,0x3f8c6b9,0x0875a00,0x3e4e407,
-        0x3658a29,0x22eb3d0,0x2b63921,0x022113b } },
-    /* 194 */
-    { { 0x33bae58,0x05c749a,0x1f3e114,0x1c45f8e,0x27db3df,0x06a3ab6,
-        0x37bc7f8,0x1e27b34,0x3dc51fb,0x009eea0 },
-      { 0x3f54de5,0x3d0e7fe,0x1a71a7d,0x02ed7f8,0x0727703,0x2ca5e92,
-        0x2e8e35d,0x292ad0b,0x13487f3,0x02b6d8b } },
-    /* 195 */
-    { { 0x175df2a,0x05a28a8,0x32e99b1,0x13d8630,0x2082aa0,0x11ac245,
-        0x24f2e71,0x322cb27,0x17675e7,0x02e643f },
-      { 0x1f37313,0x2765ad3,0x0789082,0x1e742d0,0x11c2055,0x2021dc4,
-        0x09ae4a7,0x346359b,0x2f94d10,0x0205c1f } },
-    /* 196 */
-    { { 0x3d6ff96,0x1f2ac80,0x336097d,0x3f03610,0x35b851b,0x010b6d2,
-        0x0823c4d,0x2a9709a,0x2ead5a8,0x00de4b6 },
-      { 0x01afa0b,0x0621965,0x3671528,0x1050b60,0x3f3e9e7,0x2f93829,
-        0x0825275,0x006e85f,0x35e94b0,0x016af58 } },
-    /* 197 */
-    { { 0x2c4927c,0x3ea1382,0x0f23727,0x0d69f23,0x3e38860,0x2b72837,
-        0x3cd5ea4,0x2d84292,0x321846a,0x016656f },
-      { 0x29dfa33,0x3e182e0,0x018be90,0x2ba563f,0x2caafe2,0x218c0d9,
-        0x3baf447,0x1047a6c,0x0a2d483,0x01130cb } },
-    /* 198 */
-    { { 0x00ed80c,0x2a5fc79,0x0a82a74,0x2c4c74b,0x15f938c,0x30b5ab6,
-        0x32124b7,0x295314f,0x2fb8082,0x007c858 },
-      { 0x20b173e,0x19f315c,0x12f97e4,0x198217c,0x040e8a6,0x3275977,
-        0x2bc20e4,0x01f2633,0x02bc3e9,0x023c750 } },
-    /* 199 */
-    { { 0x3c4058a,0x24be73e,0x16704f5,0x2d8a4bd,0x3b15e14,0x3076315,
-        0x1cfe37b,0x36fe715,0x343926e,0x02c6603 },
-      { 0x2c76b09,0x0cf824c,0x3f7898c,0x274cec1,0x11df527,0x18eed18,
-        0x08ead48,0x23915bc,0x19b3744,0x00a0a2b } },
-    /* 200 */
-    { { 0x0cf4ac5,0x1c8b131,0x0afb696,0x0ff7799,0x2f5ac1a,0x022420c,
-        0x11baa2e,0x2ce4015,0x1275a14,0x0125cfc },
-      { 0x22eac5d,0x360cd4c,0x3568e59,0x3d42f66,0x35e07ee,0x09620e4,
-        0x36720fa,0x22b1eac,0x2d0db16,0x01b6b23 } },
-    /* 201 */
-    { { 0x1a835ef,0x1516bbb,0x2d51f7b,0x3487443,0x14aa113,0x0dd06c2,
-        0x1a65e01,0x379300d,0x35920b9,0x012c8fb },
-      { 0x04c7341,0x2eda00f,0x3c37e82,0x1b4fd62,0x0d45770,0x1478fba,
-        0x127863a,0x26939cd,0x134ddf4,0x01375c5 } },
-    /* 202 */
-    { { 0x1476cd9,0x1119ca5,0x325bbf9,0x0bf8c69,0x0648d07,0x312d9f8,
-        0x01c8b8f,0x136ec51,0x0002f4a,0x03f4c5c },
-      { 0x195d0e1,0x10ffd22,0x29aa1cb,0x3443bdc,0x276e695,0x05e6260,
-        0x15f9764,0x3cd9783,0x18c9569,0x0053eb1 } },
-    /* 203 */
-    { { 0x312ae18,0x280197c,0x3fc9ad9,0x303f324,0x251958d,0x29f4a11,
-        0x2142408,0x3694366,0x25136ab,0x03b5f1d },
-      { 0x1d4abbc,0x1c3c689,0x13ea462,0x3cfc684,0x39b5dd8,0x2d4654b,
-        0x09b0755,0x27d4f18,0x3f74d2e,0x03fbf2d } },
-    /* 204 */
-    { { 0x2119185,0x2525eae,0x1ba4bd0,0x0c2ab11,0x1d54e8c,0x294845e,
-        0x2479dea,0x3602d24,0x17e87e0,0x0060069 },
-      { 0x0afffb0,0x34fe37f,0x1240073,0x02eb895,0x06cf33c,0x2d7f7ef,
-        0x1d763b5,0x04191e0,0x11e1ead,0x027e3f0 } },
-    /* 205 */
-    { { 0x269544c,0x0e85c57,0x3813158,0x19fc12d,0x20eaf85,0x1e2930c,
-        0x22a8fd2,0x1a6a478,0x09d3d3a,0x02a74e0 },
-      { 0x1a2da3b,0x30b0b16,0x0847936,0x3d86257,0x138ccbc,0x0f5421a,
-        0x25244e6,0x23bdd79,0x1aee117,0x00c01ae } },
-    /* 206 */
-    { { 0x1eead28,0x07cac32,0x1fbc0bb,0x17627d3,0x17eef63,0x0b3a24e,
-        0x0757fdb,0x3dd841d,0x3d745f8,0x002ae17 },
-      { 0x25b4549,0x29f24cf,0x2f21ecd,0x1725e48,0x04be2bb,0x10ee010,
-        0x1a1274b,0x10b0898,0x27511e9,0x02c48b5 } },
-    /* 207 */
-    { { 0x2a5ae7a,0x181ef99,0x0be33be,0x3e9dab7,0x101e703,0x3adb971,
-        0x1043014,0x2ebb2be,0x1c1097d,0x027d667 },
-      { 0x3f250ed,0x16dc603,0x20dc6d7,0x1d0d268,0x38eb915,0x02c89e8,
-        0x1605a41,0x12de109,0x0e08a29,0x01f554a } },
-    /* 208 */
-    { { 0x0c26def,0x163d988,0x2d1ef0f,0x3a960ac,0x1025585,0x0738e20,
-        0x27d79b0,0x05cc3ef,0x201303f,0x00a333a },
-      { 0x1644ba5,0x2af345e,0x30b8d1d,0x3a01bff,0x31fc643,0x1acf85e,
-        0x0a76fc6,0x04efe98,0x348a1d0,0x03062eb } },
-    /* 209 */
-    { { 0x1c4216d,0x18e3217,0x02ac34e,0x19c8185,0x200c010,0x17d4192,
-        0x13a1719,0x165af51,0x09db7a9,0x0277be0 },
-      { 0x3ab8d2c,0x2190b99,0x22b641e,0x0cd88de,0x3b42404,0x1310862,
-        0x106a6d6,0x23395f5,0x0b06880,0x000d5fe } },
-    /* 210 */
-    { { 0x0d2cc88,0x36f9913,0x339d8e9,0x237c2e3,0x0cc61c2,0x34c2832,
-        0x309874c,0x2621d28,0x2dd1b48,0x0392806 },
-      { 0x17cd8f9,0x07bab3d,0x0c482ed,0x0faf565,0x31b767d,0x2f4bde1,
-        0x295c717,0x330c29c,0x179ce10,0x0119b5f } },
-    /* 211 */
-    { { 0x1ada2c7,0x0c624a7,0x227d47d,0x30e3e6a,0x14fa0a6,0x0829678,
-        0x24fd288,0x2b46a43,0x122451e,0x0319ca9 },
-      { 0x186b655,0x01f3217,0x0af1306,0x0efe6b5,0x2f0235d,0x1c45ca9,
-        0x2086805,0x1d44e66,0x0faf2a6,0x0178f59 } },
-    /* 212 */
-    { { 0x33b4416,0x10431e6,0x2d99aa6,0x217aac9,0x0cd8fcf,0x2d95a9d,
-        0x3ff74ad,0x10bf17a,0x295eb8e,0x01b229e },
-      { 0x02a63bd,0x182e9ec,0x004710c,0x00e2e3c,0x06b2f23,0x04b642c,
-        0x2c37383,0x32a4631,0x022ad82,0x00d22b9 } },
-    /* 213 */
-    { { 0x0cda2fb,0x1d198d7,0x26d27f4,0x286381c,0x022acca,0x24ac7c8,
-        0x2df7824,0x0b4ba16,0x1e0d9ef,0x03041d3 },
-      { 0x29a65b3,0x0f3912b,0x151bfcf,0x2b0175c,0x0fd71e4,0x39aa5e2,
-        0x311f50c,0x13ff351,0x3dbc9e5,0x03eeb7e } },
-    /* 214 */
-    { { 0x0a99363,0x0fc7348,0x2775171,0x23db3c8,0x2b91565,0x134d66c,
-        0x0175cd2,0x1bf365a,0x2b48371,0x02dfe5d },
-      { 0x16dbf74,0x2389357,0x2f36575,0x3f5c70e,0x38d23ba,0x090f7f8,
-        0x3477600,0x3201523,0x32ecafc,0x03d3506 } },
-    /* 215 */
-    { { 0x1abd48d,0x073ca3f,0x38a451f,0x0d8cb01,0x1ce81be,0x05c51ba,
-        0x0e29741,0x03c41ab,0x0eae016,0x0060209 },
-      { 0x2e58358,0x1da62d9,0x2358038,0x14b39b2,0x1635687,0x39079b1,
-        0x380e345,0x1b49608,0x23983cf,0x019f97d } },
-    /* 216 */
-    { { 0x34899ef,0x332e373,0x04c0f89,0x3c27aed,0x1949015,0x09663b2,
-        0x2f9276b,0x07f1951,0x09a04c1,0x027fbde },
-      { 0x3d2a071,0x19fb3d4,0x1b096d3,0x1fe9146,0x3b10e1a,0x0478bbb,
-        0x2b3fb06,0x1388329,0x181a99c,0x02f2030 } },
-    /* 217 */
-    { { 0x1eb82e6,0x14dbe39,0x3920972,0x31fd5b2,0x21a484f,0x02d7697,
-        0x0e21715,0x37c431e,0x2629f8c,0x01249c3 },
-      { 0x26b50ad,0x26deefa,0x0ffc1a3,0x30688e2,0x39a0284,0x041c65e,
-        0x03eb178,0x0bdfd50,0x2f96137,0x034bb94 } },
-    /* 218 */
-    { { 0x0e0362a,0x334a162,0x194dd37,0x29e3e97,0x2442fa8,0x10d2949,
-        0x3836e5a,0x2dccebf,0x0bee5ab,0x037ed1e },
-      { 0x33eede6,0x3c739d9,0x2f04a91,0x350ad6c,0x3a5390a,0x14c368b,
-        0x26f7bf5,0x11ce979,0x0b408df,0x0366850 } },
-    /* 219 */
-    { { 0x28ea498,0x0886d5b,0x2e090e0,0x0a4d58f,0x2623478,0x0d74ab7,
-        0x2b83913,0x12c6b81,0x18d623f,0x01d8301 },
-      { 0x198aa79,0x26d6330,0x3a7f0b8,0x34bc1ea,0x2f74890,0x378955a,
-        0x204110f,0x0102538,0x02d8f19,0x01c5066 } },
-    /* 220 */
-    { { 0x14b0f45,0x2838cd3,0x14e16f0,0x0e0e4aa,0x2d9280b,0x0f18757,
-        0x3324c6b,0x1391ceb,0x1ce89d5,0x00ebe74 },
-      { 0x0930371,0x3de6048,0x3097fd8,0x1308705,0x3eda266,0x3108c26,
-        0x1545dcd,0x1f7583a,0x1c37395,0x02c7e05 } },
-    /* 221 */
-    { { 0x1fec44a,0x2a9e3a2,0x0caf84f,0x11cf2a9,0x0c8c2ae,0x06da989,
-        0x1c807dc,0x3c149a4,0x1141543,0x02906bb },
-      { 0x15ffe04,0x0d4e65f,0x2e20424,0x37d896d,0x18bacb2,0x1e05ddd,
-        0x1660be8,0x183be17,0x1dd86fb,0x035ba70 } },
-    /* 222 */
-    { { 0x2853264,0x0ba5fb1,0x0a0b3aa,0x2df88c1,0x2771533,0x23aba6f,
-        0x112bb7b,0x3e3086e,0x210ae9b,0x027271b },
-      { 0x030b74c,0x0269678,0x1e90a23,0x135a98c,0x24ed749,0x126de7c,
-        0x344b23a,0x186da27,0x19640fa,0x0159af5 } },
-    /* 223 */
-    { { 0x18061f3,0x3004630,0x3c70066,0x34df20f,0x1190b25,0x1c9cc91,
-        0x1fc8e02,0x0d17bc1,0x390f525,0x033cb1c },
-      { 0x0eb30cf,0x2f3ad04,0x303aa09,0x2e835dd,0x1cfd2eb,0x143fc95,
-        0x02c43a1,0x025e7a1,0x3558aa2,0x000bd45 } },
-    /* 224 */
-    { { 0x1db7d07,0x3bde52b,0x1500396,0x1089115,0x20b4fc7,0x1e2a8f3,
-        0x3f8eacc,0x365f7eb,0x1a5e8d4,0x0053a6b },
-      { 0x37079e2,0x120284b,0x000edaa,0x33792c2,0x145baa3,0x20e055f,
-        0x365e2d7,0x26ba005,0x3ab8e9d,0x0282b53 } },
-    /* 225 */
-    { { 0x2653618,0x2dd8852,0x2a5f0bf,0x0f0c7aa,0x2187281,0x1252757,
-        0x13e7374,0x3b47855,0x0b86e56,0x02f354c },
-      { 0x2e9c47b,0x2fa14cc,0x19ab169,0x3fad401,0x0dc2776,0x24afeed,
-        0x3a97611,0x0d07736,0x3cf6979,0x02424a0 } },
-    /* 226 */
-    { { 0x2e81a13,0x000c91d,0x123967b,0x265885c,0x29bee1a,0x0cb8675,
-        0x2d361bd,0x1526823,0x3c9ace1,0x00d7bad },
-      { 0x24e5bdc,0x02b969f,0x2c6e128,0x34edb3b,0x12dcd2c,0x3899af0,
-        0x24224c6,0x3a1914b,0x0f4448a,0x026a2cb } },
-    /* 227 */
-    { { 0x1d03b59,0x1c6fc82,0x32abf64,0x28ed96b,0x1c90e62,0x2f57bb2,
-        0x3ff168e,0x04de7fd,0x0f4d449,0x01af6d8 },
-      { 0x255bc30,0x2bfaf22,0x3fe0dad,0x0584025,0x1c79ead,0x3078ef7,
-        0x2197414,0x022a50b,0x0fd94ba,0x0007b0f } },
-    /* 228 */
-    { { 0x09485c2,0x09dfaf7,0x10c7ba6,0x1e48bec,0x248cc9a,0x028a362,
-        0x21d60f7,0x193d93d,0x1c04754,0x0346b2c },
-      { 0x2f36612,0x240ac49,0x0d8bd26,0x13b8186,0x259c3a4,0x020d5fb,
-        0x38a8133,0x09b0937,0x39d4056,0x01f7341 } },
-    /* 229 */
-    { { 0x05a4b48,0x1f534fc,0x07725ce,0x148dc8c,0x2adcd29,0x04aa456,
-        0x0f79718,0x066e346,0x189377d,0x002fd4d },
-      { 0x068ea73,0x336569b,0x184d35e,0x32a08e9,0x3c7f3bb,0x11ce9c8,
-        0x3674c6f,0x21bf27e,0x0d9e166,0x034a2f9 } },
-    /* 230 */
-    { { 0x0fa8e4b,0x2e6418e,0x18fc5d2,0x1ba24ff,0x0559f18,0x0dbedbf,
-        0x2de2aa4,0x22338e9,0x3aa510f,0x035d801 },
-      { 0x23a4988,0x02aad94,0x02732d1,0x111d374,0x0b455cf,0x0d01c9e,
-        0x067082a,0x2ec05fd,0x368b303,0x03cad4b } },
-    /* 231 */
-    { { 0x035b4ca,0x1fabea6,0x1cbc0d5,0x3f2ed9a,0x02d2232,0x1990c66,
-        0x2eb680c,0x3b4ea3b,0x18ecc5a,0x03636fa },
-      { 0x1a02709,0x26f8ff1,0x1fa8cba,0x397d6e8,0x230be68,0x043aa14,
-        0x3d43cdf,0x25c17fa,0x3a3ee55,0x0380564 } },
-    /* 232 */
-    { { 0x275a0a6,0x16bd43a,0x0033d3e,0x2b15e16,0x2512226,0x005d901,
-        0x26d50fd,0x3bc19bf,0x3b1aeb8,0x02bfb01 },
-      { 0x0bb0a31,0x26559e0,0x1aae7fb,0x330dcc2,0x16f1af3,0x06afce2,
-        0x13a15a0,0x2ff7645,0x3546e2d,0x029c6e4 } },
-    /* 233 */
-    { { 0x0f593d2,0x384b806,0x122bbf8,0x0a281e0,0x1d1a904,0x2e93cab,
-        0x0505db0,0x08f6454,0x05c6285,0x014e880 },
-      { 0x3f2b935,0x22d8e79,0x161a07c,0x16b060a,0x02bff97,0x146328b,
-        0x3ceea77,0x238f61a,0x19b3d58,0x02fd1f4 } },
-    /* 234 */
-    { { 0x17665d5,0x259e9f7,0x0de5672,0x15cbcbd,0x34e3030,0x035240f,
-        0x0005ae8,0x286d851,0x07f39c9,0x000070b },
-      { 0x1efc6d6,0x2a0051a,0x2724143,0x2a9ef1e,0x0c810bd,0x1e05429,
-        0x25670ba,0x2e66d7d,0x0e786ff,0x03f6b7e } },
-    /* 235 */
-    { { 0x3c00785,0x232e23f,0x2b67fd3,0x244ed23,0x077fa75,0x3cda3ef,
-        0x14d055b,0x0f25011,0x24d5aa4,0x00ea0e3 },
-      { 0x297bb9a,0x198ca4f,0x14d9561,0x18d1076,0x39eb933,0x2b6caa0,
-        0x1591a60,0x0768d45,0x257873e,0x00f36e0 } },
-    /* 236 */
-    { { 0x1e77eab,0x0502a5f,0x0109137,0x0350592,0x3f7e1c5,0x3ac7437,
-        0x2dcad2c,0x1fee9d8,0x089f1f5,0x0169833 },
-      { 0x0d45673,0x0d8e090,0x065580b,0x065644f,0x11b82be,0x3592dd0,
-        0x3284b8d,0x23f0015,0x16fdbfd,0x0248bfd } },
-    /* 237 */
-    { { 0x1a129a1,0x1977bb2,0x0e041b2,0x15f30a1,0x0a5b1ce,0x3afef8f,
-        0x380c46c,0x3358810,0x27df6c5,0x01ca466 },
-      { 0x3b90f9a,0x3d14ea3,0x031b298,0x02e2390,0x2d719c0,0x25bc615,
-        0x2c0e777,0x0226b8c,0x3803624,0x0179e45 } },
-    /* 238 */
-    { { 0x363cdfb,0x1bb155f,0x24fd5c1,0x1c7c72b,0x28e6a35,0x18165f2,
-        0x226bea5,0x0beaff3,0x371e24c,0x0138294 },
-      { 0x1765357,0x29034e9,0x22b4276,0x11035ce,0x23c89af,0x074468c,
-        0x3370ae4,0x013bae3,0x018d566,0x03d7fde } },
-    /* 239 */
-    { { 0x209df21,0x0f8ff86,0x0e47fbf,0x23b99ba,0x126d5d2,0x2722405,
-        0x16bd0a2,0x1799082,0x0e9533f,0x039077c },
-      { 0x3ba9e3f,0x3f6902c,0x1895305,0x3ac9813,0x3f2340c,0x3c0d9f1,
-        0x26e1927,0x0557c21,0x16eac4f,0x023b75f } },
-    /* 240 */
-    { { 0x3fc8ff3,0x0770382,0x342fc9a,0x0afa4db,0x314efd8,0x328e07b,
-        0x016f7cc,0x3ba599c,0x1caed8a,0x0050cb0 },
-      { 0x0b23c26,0x2120a5c,0x3273ec6,0x1cc1cd6,0x2a64fe8,0x2bbc3d6,
-        0x09f6e5e,0x34b1b8e,0x00b5ac8,0x032bbd2 } },
-    /* 241 */
-    { { 0x1315922,0x1725e1d,0x0ca5524,0x1c4c18f,0x3d82951,0x193bcb2,
-        0x0e60d0b,0x388dbcf,0x37e8efa,0x0342e85 },
-      { 0x1b3af60,0x26ba3ec,0x220e53a,0x394f4b6,0x01a796a,0x3e7bbca,
-        0x163605d,0x2b85807,0x17c1c54,0x03cc725 } },
-    /* 242 */
-    { { 0x1cc4597,0x1635492,0x2028c0f,0x2c2eb82,0x2dc5015,0x0d2a052,
-        0x05fc557,0x1f0ebbf,0x0cb96e1,0x0004d01 },
-      { 0x1a824bf,0x3896172,0x2ed7b29,0x178007a,0x0d59318,0x07bda2b,
-        0x2ee6826,0x0f9b235,0x04b9193,0x01bcddf } },
-    /* 243 */
-    { { 0x0333fd2,0x0eeb46a,0x15b89f9,0x00968aa,0x2a89302,0x2bdd6b3,
-        0x1e5037e,0x2541884,0x24ed2d0,0x01b6e8f },
-      { 0x04399cd,0x3be6334,0x3adea48,0x1bb9adc,0x31811c6,0x05fb2bc,
-        0x360752c,0x3d29dcb,0x3423bec,0x03c4f3c } },
-    /* 244 */
-    { { 0x119e2eb,0x2e7b02a,0x0f68cee,0x257d8b0,0x183a9a1,0x2ae88a6,
-        0x3a3bb67,0x2eb4f3e,0x1a9274b,0x0320fea },
-      { 0x2fa1ce0,0x346c2d8,0x2fbf0d7,0x3d4d063,0x0e58b60,0x09c1bc1,
-        0x28ef9e5,0x09a0efe,0x0f45d70,0x02d275c } },
-    /* 245 */
-    { { 0x2d5513b,0x31d443e,0x1e2d914,0x3b2c5d4,0x105f32e,0x27ee756,
-        0x050418d,0x3c73db6,0x1bb0c30,0x01673eb },
-      { 0x1cb7fd6,0x1eb08d5,0x26a3e16,0x2e20810,0x0249367,0x029e219,
-        0x2ec58c9,0x12d9fab,0x362354a,0x016eafc } },
-    /* 246 */
-    { { 0x2424865,0x260747b,0x177f37c,0x1e3cb95,0x08b0028,0x2783016,
-        0x2970f1b,0x323c1c0,0x2a79026,0x0186231 },
-      { 0x0f244da,0x26866f4,0x087306f,0x173ec20,0x31ecced,0x3c84d8d,
-        0x070f9b9,0x2e764d5,0x075df50,0x0264ff9 } },
-    /* 247 */
-    { { 0x32c3609,0x0c737e6,0x14ea68e,0x300b11b,0x184eb19,0x29dd440,
-        0x09ec1a9,0x185adeb,0x0664c80,0x0207dd9 },
-      { 0x1fbe978,0x30a969d,0x33561d7,0x34fc60e,0x36743fe,0x00774af,
-        0x0d1f045,0x018360e,0x12a5fe9,0x01592a0 } },
-    /* 248 */
-    { { 0x2817d1d,0x2993d3e,0x2e0f7a5,0x112faa0,0x255f968,0x355fe6a,
-        0x3f5a0fc,0x075b2d7,0x3cf00e5,0x0089afc },
-      { 0x32833cf,0x06a7e4b,0x09a8d6d,0x1693d3e,0x320a0a3,0x3cfdfdd,
-        0x136c498,0x1e0d845,0x347ff25,0x01a1de7 } },
-    /* 249 */
-    { { 0x3043d08,0x030705c,0x20fa79b,0x1d07f00,0x0a54467,0x29b49b4,
-        0x367e289,0x0b82f4d,0x0d1eb09,0x025ef2c },
-      { 0x32ed3c3,0x1baaa3c,0x3c482ab,0x146ca06,0x3c8a4f1,0x3e85e3c,
-        0x1bf4f3b,0x1195534,0x3e80a78,0x02a1cbf } },
-    /* 250 */
-    { { 0x32b2086,0x2de4d68,0x3486b1a,0x03a0583,0x2e1eb71,0x2dab9af,
-        0x10cd913,0x28daa6f,0x3fcb732,0x000a04a },
-      { 0x3605318,0x3f5f2b3,0x2d1da63,0x143f7f5,0x1646e5d,0x040b586,
-        0x1683982,0x25abe87,0x0c9fe53,0x001ce47 } },
-    /* 251 */
-    { { 0x380d02b,0x055fc22,0x3f7fc50,0x3458a1d,0x26b8333,0x23550ab,
-        0x0a1af87,0x0a821eb,0x2dc7e6d,0x00d574a },
-      { 0x07386e1,0x3ccd68a,0x3275b41,0x253e390,0x2fd272a,0x1e6627a,
-        0x2ca2cde,0x0e9e4a1,0x1e37c2a,0x00f70ac } },
-    /* 252 */
-    { { 0x0581352,0x2748701,0x02bed68,0x094dd9e,0x30a00c8,0x3fb5c07,
-        0x3bd5909,0x211ac80,0x1103ccd,0x0311e1a },
-      { 0x0c768ed,0x29dc209,0x36575db,0x009a107,0x272feea,0x2b33383,
-        0x313ed56,0x134c9cc,0x168d5bb,0x033310a } },
-    /* 253 */
-    { { 0x17620b9,0x143784f,0x256a94e,0x229664a,0x1d89a5c,0x1d521f2,
-        0x0076406,0x1c73f70,0x342aa48,0x03851fa },
-      { 0x0f3ae46,0x2ad3bab,0x0fbe274,0x3ed40d4,0x2fd4936,0x232103a,
-        0x2afe474,0x25b8f7c,0x047080e,0x008e6b0 } },
-    /* 254 */
-    { { 0x3fee8d4,0x347cd4a,0x0fec481,0x33fe9ec,0x0ce80b5,0x33a6bcf,
-        0x1c4c9e2,0x3967441,0x1a3f5f7,0x03157e8 },
-      { 0x257c227,0x1bc53a0,0x200b318,0x0fcd0af,0x2c5b165,0x2a413ec,
-        0x2fc998a,0x2da6426,0x19cd4f4,0x0025336 } },
-    /* 255 */
-    { { 0x303beba,0x2072135,0x32918a9,0x140cb3a,0x08631d1,0x0ef527b,
-        0x05f2c9e,0x2b4ce91,0x0b642ab,0x02e428c },
-      { 0x0a5abf9,0x15013ed,0x3603b46,0x30dd76d,0x3004750,0x28d7627,
-        0x1a42ccc,0x093ddbe,0x39a1b79,0x00067e2 } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_10(sp_point* r, const sp_digit* k,
-        int map, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_10(r, &p256_base, p256_table,
-                                      k, map, heap);
-}
-
-#endif
-
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply a by scalar b into r. (r = a * b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A scalar.
- */
-SP_NOINLINE static void sp_256_mul_d_10(sp_digit* r, const sp_digit* a,
-    sp_digit b)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int64_t tb = b;
-    int64_t t = 0;
-    int i;
-
-    for (i = 0; i < 10; i++) {
-        t += tb * a[i];
-        r[i] = t & 0x3ffffff;
-        t >>= 26;
-    }
-    r[10] = (sp_digit)t;
-#else
-    int64_t tb = b;
-    int64_t t[10];
-
-    t[ 0] = Q6_P_mpy_RR(tb, a[0]);
-    t[ 1] = Q6_P_mpy_RR(tb, a[1]);
-    t[ 2] = Q6_P_mpy_RR(tb, a[2]);
-    t[ 3] = Q6_P_mpy_RR(tb, a[3]);
-    t[ 4] = Q6_P_mpy_RR(tb, a[4]);
-    t[ 5] = Q6_P_mpy_RR(tb, a[5]);
-    t[ 6] = Q6_P_mpy_RR(tb, a[6]);
-    t[ 7] = Q6_P_mpy_RR(tb, a[7]);
-    t[ 8] = Q6_P_mpy_RR(tb, a[8]);
-    t[ 9] = Q6_P_mpy_RR(tb, a[9]);
-    r[ 0] =                           Q6_R_and_RR(t[ 0], 0x3ffffff);
-    r[ 1] = (sp_digit)(t[ 0] >> 26) + Q6_R_and_RR(t[ 1], 0x3ffffff);
-    r[ 2] = (sp_digit)(t[ 1] >> 26) + Q6_R_and_RR(t[ 2], 0x3ffffff);
-    r[ 3] = (sp_digit)(t[ 2] >> 26) + Q6_R_and_RR(t[ 3], 0x3ffffff);
-    r[ 4] = (sp_digit)(t[ 3] >> 26) + Q6_R_and_RR(t[ 4], 0x3ffffff);
-    r[ 5] = (sp_digit)(t[ 4] >> 26) + Q6_R_and_RR(t[ 5], 0x3ffffff);
-    r[ 6] = (sp_digit)(t[ 5] >> 26) + Q6_R_and_RR(t[ 6], 0x3ffffff);
-    r[ 7] = (sp_digit)(t[ 6] >> 26) + Q6_R_and_RR(t[ 7], 0x3ffffff);
-    r[ 8] = (sp_digit)(t[ 7] >> 26) + Q6_R_and_RR(t[ 8], 0x3ffffff);
-    r[ 9] = (sp_digit)(t[ 8] >> 26) + Q6_R_and_RR(t[ 9], 0x3ffffff);
-    r[10] = (sp_digit)(t[ 9] >> 26);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef WOLFSSL_SP_DIV_32
-static WC_INLINE sp_digit sp_256_div_word_10(sp_digit d1, sp_digit d0,
-    sp_digit dv)
-{
-    sp_digit d, r, t, dv;
-    int64_t t0, t1;
-
-    /* dv has 14 bits. */
-    dv = (div >> 12) + 1;
-    /* All 26 bits from d1 and top 5 bits from d0. */
-    d = (d1 << 5) | (d0 >> 21);
-    r = d / dv;
-    d -= r * dv;
-    /* Up to 17 bits in r */
-    /* Next 9 bits from d0. */
-    d <<= 9;
-    r <<= 9;
-    d |= (d0 >> 12) & ((1 << 9) - 1);
-    t = d / dv;
-    d -= t * dv;
-    r += t;
-    /* Up to 26 bits in r */
-
-    /* Handle rounding error with dv - top part */
-    t0 = ((int64_t)d1 << 26) + d0;
-    t1 = (int64_t)r * dv;
-    t1 = t0 - t1;
-    t = (sp_digit)(t1 >> 12) / dv;
-    r += t;
-
-    /* Handle rounding error with dv - bottom 32 bits */
-    t1 = (sp_digit)t0 - (r * dv);
-    t = (sp_digit)t1 / dv;
-    r += t;
-
-    return r;
-}
-#endif /* WOLFSSL_SP_DIV_32 */
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_256_div_10(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    int i;
-#ifndef WOLFSSL_SP_DIV_32
-    int64_t d1;
-#endif
-    sp_digit dv, r1;
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    sp_digit* td;
-#else
-    sp_digit t1d[20], t2d[10 + 1];
-#endif
-    sp_digit* t1;
-    sp_digit* t2;
-    int err = MP_OKAY;
-
-    (void)m;
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * (3 * 10 + 1), NULL,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-        t1 = td;
-        t2 = td + 2 * 10;
-#else
-        t1 = t1d;
-        t2 = t2d;
-#endif
-
-        dv = d[9];
-        XMEMCPY(t1, a, sizeof(*t1) * 2U * 10U);
-        for (i=9; i>=0; i--) {
-            t1[10 + i] += t1[10 + i - 1] >> 26;
-            t1[10 + i - 1] = Q6_R_and_RR(t1[10 + i - 1], 0x3ffffff);
-#ifndef WOLFSSL_SP_DIV_32
-            d1 = t1[10 + i];
-            d1 <<= 26;
-            d1 += t1[10 + i - 1];
-            r1 = (sp_digit)(d1 / dv);
-#else
-            r1 = sp_256_div_word_10(t1[10 + i], t1[10 + i - 1], dv);
-#endif
-
-            sp_256_mul_d_10(t2, d, r1);
-            (void)sp_256_sub_10(&t1[i], &t1[i], t2);
-            t1[10 + i] -= t2[10];
-            t1[10 + i] += t1[10 + i - 1] >> 26;
-            t1[10 + i - 1] = Q6_R_and_RR(t1[10 + i - 1], 0x3ffffff);
-            r1 = (((-t1[10 + i]) << 26) - t1[10 + i - 1]) / dv;
-            r1++;
-            sp_256_mul_d_10(t2, d, r1);
-            (void)sp_256_add_10(&t1[i], &t1[i], t2);
-            t1[10 + i] += t1[10 + i - 1] >> 26;
-            t1[10 + i - 1] = Q6_R_and_RR(t1[10 + i - 1], 0x3ffffff);
-        }
-        t1[10 - 1] += t1[10 - 2] >> 26;
-        t1[10 - 2] &= 0x3ffffff;
-        d1 = t1[10 - 1];
-        r1 = (sp_digit)(d1 / dv);
-
-        sp_256_mul_d_10(t2, d, r1);
-        (void)sp_256_sub_10(t1, t1, t2);
-        XMEMCPY(r, t1, sizeof(*r) * 2U * 10U);
-        for (i=0; i<8; i++) {
-            r[i+1] += r[i] >> 26;
-            r[i] &= 0x3ffffff;
-        }
-        sp_256_cond_add_10(r, r, d, 0 - ((r[9] < 0) ?
-                    (sp_digit)1 : (sp_digit)0));
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return err;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MEMORY_E when unable to allocate memory and MP_OKAY otherwise.
- */
-static int sp_256_mod_10(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    return sp_256_div_10(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word32 p256_order_2[8] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU,0xffffffffU,0xffffffffU,
-    0x00000000U,0xffffffffU
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const word32 p256_order_low[4] = {
-    0xfc63254fU,0xf3b9cac2U,0xa7179e84U,0xbce6faadU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_10(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_256_mul_10(r, a, b);
-    sp_256_mont_reduce_order_10(r, p256_order, p256_mp_order);
-}
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_10(sp_digit* r, const sp_digit* a)
-{
-    sp_256_sqr_10(r, a);
-    sp_256_mont_reduce_order_10(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_10(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_256_mont_sqr_order_10(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_10(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_order_10(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 10);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_10(t, t);
-        if ((p256_order_2[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_10(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 10U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 10;
-    sp_digit* t3 = td + 4 * 10;
-    int i;
-
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_10(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_10(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_10(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_10(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_10(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_10(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_10(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_10(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_10(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_10(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_10(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_10(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_10(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_10(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-
-    for (i=127; i>=112; i--) {
-        sp_256_mont_sqr_order_10(t2, t2);
-        if (((sp_digit)p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_10(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_10(t2, t2, 4);
-    sp_256_mont_mul_order_10(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_10(t2, t2);
-        if (((sp_digit)p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_10(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_10(t2, t2, 4);
-    sp_256_mont_mul_order_10(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_10(t2, t2);
-        if (((sp_digit)p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_10(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_10(t2, t2, 4);
-    sp_256_mont_mul_order_10(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_10(t2, t2);
-        if (((sp_digit)p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
-            sp_256_mont_mul_order_10(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_10(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_10(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || HAVE_ECC_VERIFY */
-
-#ifdef HAVE_ECC_VERIFY
-
-
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32* r, int rSz, int32* s, int sSz,
-	int32* x, int xSz, int32* y, int ySz, int32* z, int zSz, int* res)
-{
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    sp_digit* d = NULL;
-#else
-    sp_digit u2d[2*10] __attribute__((aligned(128)));
-    sp_digit tmpd[2*10 * 5] __attribute__((aligned(128)));
-    sp_point p1d;
-    sp_point p2d;
-#endif
-    sp_digit* u2 = NULL;
-    sp_digit* tmp = NULL;
-    sp_point* p1;
-    sp_point* p2 = NULL;
-    sp_digit carry;
-    int32_t c;
-    int err;
-    void* heap = NULL;
-
-    (void)h;
-    (void)hashLen;
-
-    err = sp_ecc_point_new(heap, p1d, p1);
-    if (err == MP_OKAY) {
-        err = sp_ecc_point_new(heap, p2d, p2);
-    }
-
-    if (err == MP_OKAY) {
-        u2 = u2d;
-        tmp = tmpd;
-
-        XMEMCPY(u2, r, 40);
-        XMEMCPY(p2->x, x, 40);
-        XMEMCPY(p2->y, y, 40);
-        XMEMCPY(p2->z, z, 40);
-
-            sp_256_mul_10(s, s, p256_norm_order);
-        err = sp_256_mod_10(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_10(s);
-        {
-
-            sp_256_mont_inv_order_10(s, s, tmp);
-            sp_256_mont_mul_order_10(u1, u1, s);
-            sp_256_mont_mul_order_10(u2, u2, s);
-        }
-
-            err = sp_256_ecc_mulmod_base_10(p1, u1, 0, heap);
-    }
-    if (err == MP_OKAY) {
-            err = sp_256_ecc_mulmod_10(p2, p2, u2, 0, heap);
-    }
-
-    if (err == MP_OKAY) {
-            sp_256_proj_point_add_10(p1, p1, p2, tmp);
-
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        XMEMCPY(u2, r, 40);
-        err = sp_256_mod_mul_norm_10(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_10(p1->z, p1->z, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_10(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_10(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            XMEMCPY(u2, r, 40);
-            carry = sp_256_add_10(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_10(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_10(u2, p256_mod);
-                if (c < 0) {
-                    /* Convert to Montogomery form */
-                    err = sp_256_mod_mul_norm_10(u2, u2, p256_mod);
-                    if (err == MP_OKAY) {
-                        /* u1 = (r + 1*order).z'.z' mod prime */
-                        sp_256_mont_mul_10(u1, u2, p1->z, p256_mod,
-                                                                  p256_mp_mod);
-                        *res = (int)(sp_256_cmp_10(p1->x, u2) == 0);
-                    }
-                }
-            }
-        }
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(d, heap, DYNAMIC_TYPE_ECC);
-#endif
-    sp_ecc_point_free(p1, 0, heap);
-    sp_ecc_point_free(p2, 0, heap);
-
-    return err;
-}
-
-/** Free the Fixed Point cache */
-void wc_ecc_fp_free(void)
-{
-}
-
-
-AEEResult wolfSSL_open(const char *uri, remote_handle64 *handle)
-{
-  /* can be any value or ignored, rpc layer doesn't care
-   * also ok
-   * *handle = 0;
-   * *handle = 0xdeadc0de;
-   */
-   *handle = (remote_handle64)XMALLOC(1, NULL, DYNAMIC_TYPE_ECC);
-   return 0;
-}
-
-AEEResult wolfSSL_close(remote_handle64 handle)
-{
-   if (handle)
-      XFREE((void*)handle, NULL, DYNAMIC_TYPE_ECC);
-   return 0;
-}
-#endif /* HAVE_ECC_VERIFY */
-
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_digit tmpd[2 * 10 * 5];
-    sp_point pd;
-    sp_point qd;
-#endif
-    sp_digit* tmp;
-    sp_point* p;
-    sp_point* q = NULL;
-    int err;
-
-    err = sp_ecc_point_new(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_ecc_point_new(NULL, qd, q);
-    }
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    if (err == MP_OKAY) {
-        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 5, NULL,
-                                                              DYNAMIC_TYPE_ECC);
-        if (tmp == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#else
-    tmp = tmpd;
-#endif
-
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 10, pX);
-        sp_256_from_mp(p->y, 10, pY);
-        sp_256_from_mp(p->z, 10, pZ);
-        sp_256_from_mp(q->x, 10, qX);
-        sp_256_from_mp(q->y, 10, qY);
-        sp_256_from_mp(q->z, 10, qZ);
-
-            sp_256_proj_point_add_10(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
-#endif
-    sp_ecc_point_free(q, 0, NULL);
-    sp_ecc_point_free(p, 0, NULL);
-
-    return err;
-}
-
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_digit tmpd[2 * 10 * 2];
-    sp_point pd;
-#endif
-    sp_digit* tmp;
-    sp_point* p;
-    int err;
-
-    err = sp_ecc_point_new(NULL, pd, p);
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    if (err == MP_OKAY) {
-        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 2, NULL,
-                                                              DYNAMIC_TYPE_ECC);
-        if (tmp == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#else
-    tmp = tmpd;
-#endif
-
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 10, pX);
-        sp_256_from_mp(p->y, 10, pY);
-        sp_256_from_mp(p->z, 10, pZ);
-
-            sp_256_proj_point_dbl_10(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
-#endif
-    sp_ecc_point_free(p, 0, NULL);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
-    sp_digit tmpd[2 * 10 * 4];
-    sp_point pd;
-#endif
-    sp_digit* tmp;
-    sp_point* p;
-    int err;
-
-    err = sp_ecc_point_new(NULL, pd, p);
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    if (err == MP_OKAY) {
-        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 4, NULL,
-                                                              DYNAMIC_TYPE_ECC);
-        if (tmp == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#else
-    tmp = tmpd;
-#endif
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 10, pX);
-        sp_256_from_mp(p->y, 10, pY);
-        sp_256_from_mp(p->z, 10, pZ);
-
-        sp_256_map_10(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
-#endif
-    sp_ecc_point_free(p, 0, NULL);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_10(sp_digit* y)
-{
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    sp_digit* d;
-#else
-    sp_digit t1d[2 * 10];
-    sp_digit t2d[2 * 10];
-#endif
-    sp_digit* t1;
-    sp_digit* t2;
-    int err = MP_OKAY;
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 4 * 10, NULL, DYNAMIC_TYPE_ECC);
-    if (d == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-        t1 = d + 0 * 10;
-        t2 = d + 2 * 10;
-#else
-        t1 = t1d;
-        t2 = t2d;
-#endif
-
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_10(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_10(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_10(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_10(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_10(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_10(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_10(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_10(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_10(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_10(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_10(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_10(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_10(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_10(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_10(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(d, NULL, DYNAMIC_TYPE_ECC);
-#endif
-
-    return err;
-}
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    sp_digit* d;
-#else
-    sp_digit xd[2 * 10];
-    sp_digit yd[2 * 10];
-#endif
-    sp_digit* x = NULL;
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 4 * 10, NULL, DYNAMIC_TYPE_ECC);
-    if (d == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-        x = d + 0 * 10;
-        y = d + 2 * 10;
-#else
-        x = xd;
-        y = yd;
-#endif
-
-        sp_256_from_mp(x, 10, xm);
-        err = sp_256_mod_mul_norm_10(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-        {
-            sp_256_mont_sqr_10(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_10(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_10(y, y, x, p256_mod);
-        sp_256_mont_sub_10(y, y, x, p256_mod);
-        sp_256_mont_sub_10(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_10(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_10(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_10(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 10, 0, 10U * sizeof(sp_digit));
-        sp_256_mont_reduce_10(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_10(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
-    XFREE(d, NULL, DYNAMIC_TYPE_ECC);
-#endif
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_DSP */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/sp_x86_64.c b/src/ssl/wolfssl/wolfcrypt/sp_x86_64.c
deleted file mode 100644
index b79217597..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sp_x86_64.c
+++ /dev/null
@@ -1,103540 +0,0 @@
-/* sp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation by Sean Parkinson. */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
-    defined(WOLFSSL_HAVE_SP_ECC)
-
-#include <wolfssl/wolfcrypt/cpuid.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifdef RSA_LOW_MEM
-#ifndef WOLFSSL_SP_SMALL
-#define WOLFSSL_SP_SMALL
-#endif
-#endif
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SP_NO_MALLOC)
-#undef WOLFSSL_SP_SMALL_STACK
-#define WOLFSSL_SP_SMALL_STACK
-#endif
-
-#include <wolfssl/wolfcrypt/sp.h>
-
-#ifdef __IAR_SYSTEMS_ICC__
-#define __asm__        asm
-#define __volatile__   volatile
-#define WOLFSSL_NO_VAR_ASSIGN_REG
-#endif /* __IAR_SYSTEMS_ICC__ */
-#ifdef __KEIL__
-#define __asm__        __asm
-#define __volatile__   volatile
-#endif
-
-#ifdef WOLFSSL_SP_SMALL_STACK
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE* NAME = NULL
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        if (err == MP_OKAY) {                                           \
-            (NAME) = (TYPE*)XMALLOC(sizeof(TYPE) * (CNT), (HEAP), DT);  \
-            if ((NAME) == NULL) {                                       \
-                err = MEMORY_E;                                         \
-            }                                                           \
-        }
-
-    #define SP_VAR_OK(NAME)          ((NAME) != NULL)
-
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        XFREE(NAME, (HEAP), DT)
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-            SP_FREE_VAR(NAME, HEAP, DT);                                \
-        } while (0)
-#else
-    #define SP_DECL_VAR(TYPE, NAME, CNT)                                \
-        TYPE NAME[CNT]
-    #define SP_ALLOC_VAR(TYPE, NAME, CNT, HEAP, DT)                     \
-        WC_DO_NOTHING
-    #define SP_VAR_OK(NAME)          (1)
-    #define SP_FREE_VAR(NAME, HEAP, DT)                                 \
-        WC_DO_NOTHING
-    #define SP_ZEROFREE_VAR(TYPE, NAME, CNT, HEAP, DT)                  \
-        do {                                                            \
-            if ((NAME) != NULL) {                                       \
-                ForceZero(NAME, sizeof(TYPE) * (CNT));                  \
-            }                                                           \
-        } while (0)
-    #define SP_ZEROFREE_VAR_ALT(TYPE, NAME, FZ_NAME, CNT, HEAP, DT)     \
-        do {                                                            \
-            if ((FZ_NAME) != NULL) {                                    \
-                ForceZero(FZ_NAME, sizeof(TYPE) * (CNT));               \
-            }                                                           \
-        } while (0)
-#endif
-
-#ifdef WOLFSSL_SP_X86_64_ASM
-#define SP_PRINT_NUM(var, name, total, words, bits)         \
-    do {                                                    \
-        int ii;                                             \
-        fprintf(stderr, name "=0x");                        \
-        for (ii = (((bits) + 63) / 64) - 1; ii >= 0; ii--)  \
-            fprintf(stderr, SP_PRINT_FMT, (var)[ii]);       \
-        fprintf(stderr, "\n");                              \
-    } while (0)
-
-#define SP_PRINT_VAL(var, name)                             \
-    fprintf(stderr, name "=0x" SP_PRINT_FMT "\n", var)
-
-#define SP_PRINT_INT(var, name)                             \
-    fprintf(stderr, name "=%d\n", var)
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_2048_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_2048_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_to_bin_bswap_32(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_to_bin_movbe_32(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 256
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_2048_to_bin_32(sp_digit* r, byte* a)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_2048_to_bin_movbe_32(r, a);
-    }
-    else
-#endif
-    {
-        sp_2048_to_bin_bswap_32(r, a);
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_32(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_2048_norm_32(a)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_sqr_16(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_sqr_avx2_16(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_sqr_32(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_sqr_avx2_32(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_16(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 16);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_16(r, m);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_16(r, a, b);
-    sp_2048_mont_reduce_16(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_16(r, a);
-    sp_2048_mont_reduce_16(r, m, mp);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_cond_sub_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_d_16(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_d_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_2048_word_asm_16(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_2048_word_16(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_2048_word_asm_16(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_2048_word_16(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[32];
-    sp_digit t2[17];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[15];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 16);
-    r1 = sp_2048_cmp_16(&t1[16], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_2048_cond_sub_avx2_16(&t1[16], &t1[16], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_2048_cond_sub_16(&t1[16], &t1[16], d, (sp_digit)0 - r1);
-    for (i = 15; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[16 + i] == div);
-        sp_digit hi = t1[16 + i] + mask;
-        r1 = div_2048_word_16(hi, t1[16 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_2048_mul_d_avx2_16(t2, d, r1);
-        else
-#endif
-            sp_2048_mul_d_16(t2, d, r1);
-        t1[16 + i] += sp_2048_sub_in_place_16(&t1[i], t2);
-        t1[16 + i] -= t2[16];
-        sp_2048_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_2048_add_16(&t1[i], &t1[i], t2);
-        sp_2048_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_2048_add_16(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_16(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_2048_cond_sub_avx2_16(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_2048_cond_sub_16(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_2048_div_16(a, m, NULL, r);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_get_from_table_16(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_16(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (33 * 32) + 32);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (33 * 32) + 32, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 32;
-        rt = td + 1024;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_16(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 16);
-        if (reduceA) {
-            err = sp_2048_mod_16(t[1] + 16, a, m);
-            if (err == MP_OKAY)
-                err = sp_2048_mod_16(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 16, a, sizeof(sp_digit) * 16);
-            err = sp_2048_mod_16(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_16(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_16(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_16(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_16(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_16(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_16(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_16(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_16(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_16(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_16(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_16(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_16(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_16(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_16(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_16(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_16(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_16(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_16(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_16(t[20], t[10], m, mp);
-        sp_2048_mont_mul_16(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_16(t[22], t[11], m, mp);
-        sp_2048_mont_mul_16(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_16(t[24], t[12], m, mp);
-        sp_2048_mont_mul_16(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_16(t[26], t[13], m, mp);
-        sp_2048_mont_mul_16(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_16(t[28], t[14], m, mp);
-        sp_2048_mont_mul_16(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_16(t[30], t[15], m, mp);
-        sp_2048_mont_mul_16(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 5. */
-        if ((bits % 5) == 0) {
-            c -= 5;
-        }
-        else {
-            c -= bits % 5;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_2048_get_from_table_16(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 16);
-    #endif
-        for (; i>=0 || c>=5; ) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_2048_sqr_16(rt, r);
-            sp_2048_mont_reduce_16(rt, m, mp);
-            sp_2048_sqr_16(r, rt);
-            sp_2048_mont_reduce_16(r, m, mp);
-            sp_2048_sqr_16(rt, r);
-            sp_2048_mont_reduce_16(rt, m, mp);
-            sp_2048_sqr_16(r, rt);
-            sp_2048_mont_reduce_16(r, m, mp);
-            sp_2048_sqr_16(rt, r);
-            sp_2048_mont_reduce_16(rt, m, mp);
-
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_2048_get_from_table_16(r, t, y);
-                sp_2048_mul_16(r, rt, r);
-            #else
-                sp_2048_mul_16(r, rt, t[y]);
-            #endif
-            sp_2048_mont_reduce_16(r, m, mp);
-        }
-
-        XMEMSET(&r[16], 0, sizeof(sp_digit) * 16);
-        sp_2048_mont_reduce_16(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_16(r, m) >= 0);
-        sp_2048_cond_sub_16(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_avx2_16(r, a, b);
-    sp_2048_mont_reduce_avx2_16(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_avx2_16(r, a);
-    sp_2048_mont_reduce_avx2_16(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_get_from_table_avx2_16(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (33 * 32) + 32);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (33 * 32) + 32, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 32;
-        rt = td + 1024;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_16(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 16);
-        if (reduceA) {
-            err = sp_2048_mod_16(t[1] + 16, a, m);
-            if (err == MP_OKAY)
-                err = sp_2048_mod_16(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 16, a, sizeof(sp_digit) * 16);
-            err = sp_2048_mod_16(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_avx2_16(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_avx2_16(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_avx2_16(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_avx2_16(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_avx2_16(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_avx2_16(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_avx2_16(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_avx2_16(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_avx2_16(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_avx2_16(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[20], t[10], m, mp);
-        sp_2048_mont_mul_avx2_16(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[22], t[11], m, mp);
-        sp_2048_mont_mul_avx2_16(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[24], t[12], m, mp);
-        sp_2048_mont_mul_avx2_16(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[26], t[13], m, mp);
-        sp_2048_mont_mul_avx2_16(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[28], t[14], m, mp);
-        sp_2048_mont_mul_avx2_16(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_avx2_16(t[30], t[15], m, mp);
-        sp_2048_mont_mul_avx2_16(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 5. */
-        if ((bits % 5) == 0) {
-            c -= 5;
-        }
-        else {
-            c -= bits % 5;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_2048_get_from_table_avx2_16(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 16);
-    #endif
-        for (; i>=0 || c>=5; ) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_2048_sqr_avx2_16(rt, r);
-            sp_2048_mont_reduce_avx2_16(rt, m, mp);
-            sp_2048_sqr_avx2_16(r, rt);
-            sp_2048_mont_reduce_avx2_16(r, m, mp);
-            sp_2048_sqr_avx2_16(rt, r);
-            sp_2048_mont_reduce_avx2_16(rt, m, mp);
-            sp_2048_sqr_avx2_16(r, rt);
-            sp_2048_mont_reduce_avx2_16(r, m, mp);
-            sp_2048_sqr_avx2_16(rt, r);
-            sp_2048_mont_reduce_avx2_16(rt, m, mp);
-
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_2048_get_from_table_avx2_16(r, t, y);
-                sp_2048_mul_avx2_16(r, rt, r);
-            #else
-                sp_2048_mul_avx2_16(r, rt, t[y]);
-            #endif
-            sp_2048_mont_reduce_avx2_16(r, m, mp);
-        }
-
-        XMEMSET(&r[16], 0, sizeof(sp_digit) * 16);
-        sp_2048_mont_reduce_avx2_16(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_16(r, m) >= 0);
-        sp_2048_cond_sub_avx2_16(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 2048 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 32);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* r = 2^n mod m */
-    sp_2048_sub_in_place_32(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_32(r, a, b);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_32(r, a);
-    sp_2048_mont_reduce_32(r, m, mp);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mul_d_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_2048_word_asm_32(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_2048_word_asm_32(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[64];
-    sp_digit t2[33];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    for (i = 31; i > 0; i--) {
-        if (t1[i + 32] != d[i])
-            break;
-    }
-    if (t1[i + 32] >= d[i]) {
-        sp_2048_sub_in_place_32(&t1[32], d);
-    }
-    for (i = 31; i >= 0; i--) {
-        if (t1[32 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_2048_word_32(t1[32 + i], t1[32 + i - 1], div);
-        }
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_2048_mul_d_avx2_32(t2, d, r1);
-        else
-#endif
-            sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        if (t1[32 + i] != 0) {
-            t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], d);
-            if (t1[32 + i] != 0)
-                t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 31; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_2048_sub_32(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 32);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32_cond(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_2048_div_32_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_cond_sub_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<32; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 32; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[64];
-    sp_digit t2[33];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[31];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 32);
-    r1 = sp_2048_cmp_32(&t1[32], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_2048_cond_sub_avx2_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_2048_cond_sub_32(&t1[32], &t1[32], d, (sp_digit)0 - r1);
-    for (i = 31; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[32 + i] == div);
-        sp_digit hi = t1[32 + i] + mask;
-        r1 = div_2048_word_32(hi, t1[32 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_2048_mul_d_avx2_32(t2, d, r1);
-        else
-#endif
-            sp_2048_mul_d_32(t2, d, r1);
-        t1[32 + i] += sp_2048_sub_in_place_32(&t1[i], t2);
-        t1[32 + i] -= t2[32];
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-        sp_2048_mask_32(t2, d, t1[32 + i]);
-        t1[32 + i] += sp_2048_add_32(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_2048_cmp_32(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_2048_cond_sub_avx2_32(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_2048_cond_sub_32(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_2048_div_32(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_get_from_table_32(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (65 * 64) + 64);
-    sp_digit* t[64];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (65 * 64) + 64, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<64; i++)
-            t[i] = td + i * 64;
-        rt = td + 4096;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32);
-        if (reduceA) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY)
-                err = sp_2048_mod_32(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_32(t[31], t[16], t[15], m, mp);
-        sp_2048_mont_sqr_32(t[32], t[16], m, mp);
-        sp_2048_mont_mul_32(t[33], t[17], t[16], m, mp);
-        sp_2048_mont_sqr_32(t[34], t[17], m, mp);
-        sp_2048_mont_mul_32(t[35], t[18], t[17], m, mp);
-        sp_2048_mont_sqr_32(t[36], t[18], m, mp);
-        sp_2048_mont_mul_32(t[37], t[19], t[18], m, mp);
-        sp_2048_mont_sqr_32(t[38], t[19], m, mp);
-        sp_2048_mont_mul_32(t[39], t[20], t[19], m, mp);
-        sp_2048_mont_sqr_32(t[40], t[20], m, mp);
-        sp_2048_mont_mul_32(t[41], t[21], t[20], m, mp);
-        sp_2048_mont_sqr_32(t[42], t[21], m, mp);
-        sp_2048_mont_mul_32(t[43], t[22], t[21], m, mp);
-        sp_2048_mont_sqr_32(t[44], t[22], m, mp);
-        sp_2048_mont_mul_32(t[45], t[23], t[22], m, mp);
-        sp_2048_mont_sqr_32(t[46], t[23], m, mp);
-        sp_2048_mont_mul_32(t[47], t[24], t[23], m, mp);
-        sp_2048_mont_sqr_32(t[48], t[24], m, mp);
-        sp_2048_mont_mul_32(t[49], t[25], t[24], m, mp);
-        sp_2048_mont_sqr_32(t[50], t[25], m, mp);
-        sp_2048_mont_mul_32(t[51], t[26], t[25], m, mp);
-        sp_2048_mont_sqr_32(t[52], t[26], m, mp);
-        sp_2048_mont_mul_32(t[53], t[27], t[26], m, mp);
-        sp_2048_mont_sqr_32(t[54], t[27], m, mp);
-        sp_2048_mont_mul_32(t[55], t[28], t[27], m, mp);
-        sp_2048_mont_sqr_32(t[56], t[28], m, mp);
-        sp_2048_mont_mul_32(t[57], t[29], t[28], m, mp);
-        sp_2048_mont_sqr_32(t[58], t[29], m, mp);
-        sp_2048_mont_mul_32(t[59], t[30], t[29], m, mp);
-        sp_2048_mont_sqr_32(t[60], t[30], m, mp);
-        sp_2048_mont_mul_32(t[61], t[31], t[30], m, mp);
-        sp_2048_mont_sqr_32(t[62], t[31], m, mp);
-        sp_2048_mont_mul_32(t[63], t[32], t[31], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_2048_get_from_table_32(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-    #endif
-        for (; i>=0 || c>=6; ) {
-            if (c >= 6) {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_2048_sqr_32(rt, r);
-            sp_2048_mont_reduce_32(rt, m, mp);
-            sp_2048_sqr_32(r, rt);
-            sp_2048_mont_reduce_32(r, m, mp);
-            sp_2048_sqr_32(rt, r);
-            sp_2048_mont_reduce_32(rt, m, mp);
-            sp_2048_sqr_32(r, rt);
-            sp_2048_mont_reduce_32(r, m, mp);
-            sp_2048_sqr_32(rt, r);
-            sp_2048_mont_reduce_32(rt, m, mp);
-            sp_2048_sqr_32(r, rt);
-            sp_2048_mont_reduce_32(r, m, mp);
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_2048_get_from_table_32(rt, t, y);
-                sp_2048_mul_32(r, r, rt);
-            #else
-                sp_2048_mul_32(r, r, t[y]);
-            #endif
-            sp_2048_mont_reduce_32(r, m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_mont_reduce_avx2_32(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_2048_mul_avx2_32(r, a, b);
-    sp_2048_mont_reduce_avx2_32(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_2048_mont_sqr_avx2_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_2048_sqr_avx2_32(r, a);
-    sp_2048_mont_reduce_avx2_32(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_get_from_table_avx2_32(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_2048_mod_exp_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (65 * 64) + 64);
-    sp_digit* t[64];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (65 * 64) + 64, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<64; i++)
-            t[i] = td + i * 64;
-        rt = td + 4096;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 32);
-        if (reduceA) {
-            err = sp_2048_mod_32(t[1] + 32, a, m);
-            if (err == MP_OKAY)
-                err = sp_2048_mod_32(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 32, a, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_mont_sqr_avx2_32(t[ 2], t[ 1], m, mp);
-        sp_2048_mont_mul_avx2_32(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[ 4], t[ 2], m, mp);
-        sp_2048_mont_mul_avx2_32(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[ 6], t[ 3], m, mp);
-        sp_2048_mont_mul_avx2_32(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[ 8], t[ 4], m, mp);
-        sp_2048_mont_mul_avx2_32(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[10], t[ 5], m, mp);
-        sp_2048_mont_mul_avx2_32(t[11], t[ 6], t[ 5], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[12], t[ 6], m, mp);
-        sp_2048_mont_mul_avx2_32(t[13], t[ 7], t[ 6], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[14], t[ 7], m, mp);
-        sp_2048_mont_mul_avx2_32(t[15], t[ 8], t[ 7], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[16], t[ 8], m, mp);
-        sp_2048_mont_mul_avx2_32(t[17], t[ 9], t[ 8], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[18], t[ 9], m, mp);
-        sp_2048_mont_mul_avx2_32(t[19], t[10], t[ 9], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[20], t[10], m, mp);
-        sp_2048_mont_mul_avx2_32(t[21], t[11], t[10], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[22], t[11], m, mp);
-        sp_2048_mont_mul_avx2_32(t[23], t[12], t[11], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[24], t[12], m, mp);
-        sp_2048_mont_mul_avx2_32(t[25], t[13], t[12], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[26], t[13], m, mp);
-        sp_2048_mont_mul_avx2_32(t[27], t[14], t[13], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[28], t[14], m, mp);
-        sp_2048_mont_mul_avx2_32(t[29], t[15], t[14], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[30], t[15], m, mp);
-        sp_2048_mont_mul_avx2_32(t[31], t[16], t[15], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[32], t[16], m, mp);
-        sp_2048_mont_mul_avx2_32(t[33], t[17], t[16], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[34], t[17], m, mp);
-        sp_2048_mont_mul_avx2_32(t[35], t[18], t[17], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[36], t[18], m, mp);
-        sp_2048_mont_mul_avx2_32(t[37], t[19], t[18], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[38], t[19], m, mp);
-        sp_2048_mont_mul_avx2_32(t[39], t[20], t[19], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[40], t[20], m, mp);
-        sp_2048_mont_mul_avx2_32(t[41], t[21], t[20], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[42], t[21], m, mp);
-        sp_2048_mont_mul_avx2_32(t[43], t[22], t[21], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[44], t[22], m, mp);
-        sp_2048_mont_mul_avx2_32(t[45], t[23], t[22], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[46], t[23], m, mp);
-        sp_2048_mont_mul_avx2_32(t[47], t[24], t[23], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[48], t[24], m, mp);
-        sp_2048_mont_mul_avx2_32(t[49], t[25], t[24], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[50], t[25], m, mp);
-        sp_2048_mont_mul_avx2_32(t[51], t[26], t[25], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[52], t[26], m, mp);
-        sp_2048_mont_mul_avx2_32(t[53], t[27], t[26], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[54], t[27], m, mp);
-        sp_2048_mont_mul_avx2_32(t[55], t[28], t[27], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[56], t[28], m, mp);
-        sp_2048_mont_mul_avx2_32(t[57], t[29], t[28], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[58], t[29], m, mp);
-        sp_2048_mont_mul_avx2_32(t[59], t[30], t[29], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[60], t[30], m, mp);
-        sp_2048_mont_mul_avx2_32(t[61], t[31], t[30], m, mp);
-        sp_2048_mont_sqr_avx2_32(t[62], t[31], m, mp);
-        sp_2048_mont_mul_avx2_32(t[63], t[32], t[31], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_2048_get_from_table_avx2_32(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 32);
-    #endif
-        for (; i>=0 || c>=6; ) {
-            if (c >= 6) {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_2048_sqr_avx2_32(rt, r);
-            sp_2048_mont_reduce_avx2_32(rt, m, mp);
-            sp_2048_sqr_avx2_32(r, rt);
-            sp_2048_mont_reduce_avx2_32(r, m, mp);
-            sp_2048_sqr_avx2_32(rt, r);
-            sp_2048_mont_reduce_avx2_32(rt, m, mp);
-            sp_2048_sqr_avx2_32(r, rt);
-            sp_2048_mont_reduce_avx2_32(r, m, mp);
-            sp_2048_sqr_avx2_32(rt, r);
-            sp_2048_mont_reduce_avx2_32(rt, m, mp);
-            sp_2048_sqr_avx2_32(r, rt);
-            sp_2048_mont_reduce_avx2_32(r, m, mp);
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_2048_get_from_table_avx2_32(rt, t, y);
-                sp_2048_mul_avx2_32(r, r, rt);
-            #else
-                sp_2048_mul_avx2_32(r, r, t[y]);
-            #endif
-            sp_2048_mont_reduce_avx2_32(r, m, mp);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_mont_reduce_avx2_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_avx2_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 32 * 5);
-    sp_digit* ah = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit  e = 0;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 64 || inLen > 256 ||
-                                                     mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 32 * 2;
-        m = r + 32 * 2;
-        ah = a + 32;
-
-        sp_2048_from_bin(ah, 32, in, (int)inLen);
-#if DIGIT_BIT >= 64
-        e = em->dp[0];
-#else
-        e = em->dp[0];
-        if (em->used > 1)
-            e |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-#endif
-        if (e == 0)
-            err = MP_EXPTMOD_E;
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(m, 32, mm);
-
-        if (e == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    for (i = 15; i >= 0; i--) {
-                        sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-                    }
-                    /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                     * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                     */
-                    sp_2048_mont_mul_avx2_32(r, r, ah, m, mp);
-                }
-                else
-#endif
-                {
-                    for (i = 15; i >= 0; i--) {
-                        sp_2048_mont_sqr_32(r, r, m, mp);
-                    }
-                    /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                     * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                     */
-                    sp_2048_mont_mul_32(r, r, ah, m, mp);
-                }
-
-                for (i = 31; i > 0; i--) {
-                    if (r[i] != m[i])
-                        break;
-                }
-                if (r[i] >= m[i])
-                    sp_2048_sub_in_place_32(r, m);
-            }
-        }
-        else if (e == 0x3) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                if (err == MP_OKAY) {
-                    sp_2048_sqr_avx2_32(r, ah);
-                    err = sp_2048_mod_32_cond(r, r, m);
-                }
-                if (err == MP_OKAY) {
-                    sp_2048_mul_avx2_32(r, ah, r);
-                    err = sp_2048_mod_32_cond(r, r, m);
-                }
-            }
-            else
-#endif
-            {
-                if (err == MP_OKAY) {
-                    sp_2048_sqr_32(r, ah);
-                    err = sp_2048_mod_32_cond(r, r, m);
-                }
-                if (err == MP_OKAY) {
-                    sp_2048_mul_32(r, ah, r);
-                    err = sp_2048_mod_32_cond(r, r, m);
-                }
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_2048_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 32);
-            err = sp_2048_mod_32_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if (e >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 32);
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    for (i--; i>=0; i--) {
-                        sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-                        if (((e >> i) & 1) == 1) {
-                            sp_2048_mont_mul_avx2_32(r, r, a, m, mp);
-                        }
-                    }
-                    XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-                    sp_2048_mont_reduce_avx2_32(r, m, mp);
-                }
-                else
-#endif
-                {
-                    for (i--; i>=0; i--) {
-                        sp_2048_mont_sqr_32(r, r, m, mp);
-                        if (((e >> i) & 1) == 1) {
-                            sp_2048_mont_mul_32(r, r, a, m, mp);
-                        }
-                    }
-                    XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-                    sp_2048_mont_reduce_32(r, m, mp);
-                }
-
-                for (i = 31; i > 0; i--) {
-                    if (r[i] != m[i])
-                        break;
-                }
-                if (r[i] >= m[i])
-                    sp_2048_sub_in_place_32(r, m);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm,const  mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, d, 32 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 256U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 2048) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 256U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 2048) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 32 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 32;
-        m = a + 64;
-
-        r = a;
-
-        sp_2048_from_bin(a, 32, in, (int)inLen);
-        sp_2048_from_mp(d, 32, dm);
-        sp_2048_from_mp(m, 32, mm);
-        err = sp_2048_mod_exp_32(r, a, d, 2048, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-    }
-
-    /* only zeroing private "d" */
-    SP_ZEROFREE_VAR(sp_digit, d, 32, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#else
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_2048_cond_add_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 256 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 16 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 256) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 256 || mp_count_bits(mm) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 16 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 32 * 2;
-        q = p + 16;
-        qi = dq = dp = q + 16;
-        tmpa = qi + 16;
-        tmpb = tmpa + 32;
-        r = a + 32;
-
-        sp_2048_from_bin(a, 32, in, (int)inLen);
-        sp_2048_from_mp(p, 16, pm);
-        sp_2048_from_mp(q, 16, qm);
-        sp_2048_from_mp(dp, 16, dpm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_2048_mod_exp_avx2_16(tmpa, a, dp, 1024, p, 1);
-        }
-        else
-#endif
-            err = sp_2048_mod_exp_16(tmpa, a, dp, 1024, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_2048_from_mp(dq, 16, dqm);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_2048_mod_exp_avx2_16(tmpb, a, dq, 1024, q, 1);
-       }
-       else
-#endif
-            err = sp_2048_mod_exp_16(tmpb, a, dq, 1024, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_16(tmpa, tmpb);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            c += sp_2048_cond_add_avx2_16(tmpa, tmpa, p, c);
-            sp_2048_cond_add_avx2_16(tmpa, tmpa, p, c);
-        }
-        else
-#endif
-        {
-            c += sp_2048_cond_add_16(tmpa, tmpa, p, c);
-            sp_2048_cond_add_16(tmpa, tmpa, p, c);
-        }
-
-        sp_2048_from_mp(qi, 16, qim);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_2048_mul_avx2_16(tmpa, tmpa, qi);
-        }
-        else
-#endif
-        {
-            sp_2048_mul_16(tmpa, tmpa, qi);
-        }
-        err = sp_2048_mod_16(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_2048_mul_avx2_16(tmpa, q, tmpa);
-        }
-        else
-#endif
-        {
-            sp_2048_mul_16(tmpa, q, tmpa);
-        }
-        XMEMSET(&tmpb[16], 0, sizeof(sp_digit) * 16);
-        sp_2048_add_32(r, tmpb, tmpa);
-
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 16 * 11, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-#endif /* SP_RSA_PRIVATE_EXP_D | RSA_LOW_MEM */
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_2048_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (2048 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 32);
-        r->used = 32;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 32; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (2048 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 64);
-    SP_DECL_VAR(sp_digit, e, 32);
-    SP_DECL_VAR(sp_digit, m, 32);
-    sp_digit* r;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-    int expBits = mp_count_bits(exp);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_mp(e, 32, exp);
-        sp_2048_from_mp(m, 32, mod);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_2048_mod_exp_avx2_32(r, b, e, expBits, m, 0);
-        }
-        else
-#endif
-            err = sp_2048_mod_exp_32(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-#ifdef HAVE_FFDHE_2048
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_2048_lshift_32(sp_digit* r, const sp_digit* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_avx2_32(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 33 + 64);
-    sp_digit* norm;
-    sp_digit* tmp;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 33 + 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 64;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_2048_lshift_32(r, norm, y);
-        while ((i >= 0) || (c >= 6)) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-            sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-            sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-            sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-            sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-            sp_2048_mont_sqr_avx2_32(r, r, m, mp);
-
-            sp_2048_lshift_32(r, r, y);
-            sp_2048_mul_d_avx2_32(tmp, norm, r[32]);
-            r[32] = 0;
-            o = sp_2048_add_32(r, r, tmp);
-            sp_2048_cond_sub_avx2_32(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_mont_reduce_avx2_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_avx2_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_2048_mod_exp_2_32(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 33 + 64);
-    sp_digit* norm;
-    sp_digit* tmp;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 33 + 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 64;
-
-        sp_2048_mont_setup(m, &mp);
-        sp_2048_mont_norm_32(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_2048_lshift_32(r, norm, y);
-        while ((i >= 0) || (c >= 6)) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-            sp_2048_mont_sqr_32(r, r, m, mp);
-
-            sp_2048_lshift_32(r, r, y);
-            sp_2048_mul_d_32(tmp, norm, r[32]);
-            r[32] = 0;
-            o = sp_2048_add_32(r, r, tmp);
-            sp_2048_cond_sub_32(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[32], 0, sizeof(sp_digit) * 32);
-        sp_2048_mont_reduce_32(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_2048_cmp_32(r, m) >= 0);
-        sp_2048_cond_sub_32(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_2048 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 256 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_2048(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 64);
-    SP_DECL_VAR(sp_digit, e, 32);
-    SP_DECL_VAR(sp_digit, m, 32);
-    sp_digit* r;
-    word32 i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 2048) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 256U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 2048) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_2048_from_mp(b, 32, base);
-        sp_2048_from_bin(e, 32, exp, (int)expLen);
-        sp_2048_from_mp(m, 32, mod);
-
-    #ifdef HAVE_FFDHE_2048
-        if (base->used == 1 && base->dp[0] == 2 && m[31] == (sp_digit)-1) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_2048_mod_exp_2_avx2_32(r, e, (int)expLen * 8, m);
-            }
-            else
-#endif
-                err = sp_2048_mod_exp_2_32(r, e, (int)expLen * 8, m);
-        }
-        else
-    #endif
-        {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_2048_mod_exp_avx2_32(r, b, e, (int)expLen * 8, m, 0);
-            }
-            else
-#endif
-                err = sp_2048_mod_exp_32(r, b, e, (int)expLen * 8, m, 0);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_2048_to_bin_32(r, out);
-        *outLen = 256;
-        for (i=0; i<256 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1024(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 32);
-    SP_DECL_VAR(sp_digit, e, 16);
-    SP_DECL_VAR(sp_digit, m, 16);
-    sp_digit* r;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-    int expBits = mp_count_bits(exp);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 1024) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1024) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 32, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_2048_from_mp(b, 16, base);
-        sp_2048_from_mp(e, 16, exp);
-        sp_2048_from_mp(m, 16, mod);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_2048_mod_exp_avx2_16(r, b, e, expBits, m, 0);
-        }
-        else
-#endif
-            err = sp_2048_mod_exp_16(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 16, 0, sizeof(*r) * 16);
-        err = sp_2048_to_mp(r, res);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_2048 */
-
-#ifndef WOLFSSL_SP_NO_3072
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_3072_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_3072_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_to_bin_bswap_48(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_to_bin_movbe_48(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 384
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_3072_to_bin_48(sp_digit* r, byte* a)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_3072_to_bin_movbe_48(r, a);
-    }
-    else
-#endif
-    {
-        sp_3072_to_bin_bswap_48(r, a);
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_48(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_3072_norm_48(a)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_avx2_12(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_24(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_sqr_12(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_sqr_avx2_12(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_sqr_24(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_sqr_avx2_24(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_sqr_48(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_sqr_avx2_48(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_24(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 24);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_24(r, m);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_cond_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_24(r, a, b);
-    sp_3072_mont_reduce_24(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_24(r, a);
-    sp_3072_mont_reduce_24(r, m, mp);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_cond_sub_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_d_24(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_d_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_3072_word_asm_24(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_3072_word_24(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_3072_word_asm_24(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_3072_word_24(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_24(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<24; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 24; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[48];
-    sp_digit t2[25];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[23];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 24);
-    r1 = sp_3072_cmp_24(&t1[24], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_3072_cond_sub_avx2_24(&t1[24], &t1[24], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_3072_cond_sub_24(&t1[24], &t1[24], d, (sp_digit)0 - r1);
-    for (i = 23; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[24 + i] == div);
-        sp_digit hi = t1[24 + i] + mask;
-        r1 = div_3072_word_24(hi, t1[24 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_3072_mul_d_avx2_24(t2, d, r1);
-        else
-#endif
-            sp_3072_mul_d_24(t2, d, r1);
-        t1[24 + i] += sp_3072_sub_in_place_24(&t1[i], t2);
-        t1[24 + i] -= t2[24];
-        sp_3072_mask_24(t2, d, t1[24 + i]);
-        t1[24 + i] += sp_3072_add_24(&t1[i], &t1[i], t2);
-        sp_3072_mask_24(t2, d, t1[24 + i]);
-        t1[24 + i] += sp_3072_add_24(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_24(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_3072_cond_sub_avx2_24(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_3072_cond_sub_24(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_3072_div_24(a, m, NULL, r);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_get_from_table_24(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_24(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (33 * 48) + 48);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (33 * 48) + 48, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 48;
-        rt = td + 1536;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_24(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 24);
-        if (reduceA) {
-            err = sp_3072_mod_24(t[1] + 24, a, m);
-            if (err == MP_OKAY)
-                err = sp_3072_mod_24(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 24, a, sizeof(sp_digit) * 24);
-            err = sp_3072_mod_24(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_24(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_24(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_24(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_24(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_24(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_24(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_24(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_24(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_24(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_24(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_24(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_24(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_24(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_24(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_24(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_24(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_24(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_24(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_24(t[20], t[10], m, mp);
-        sp_3072_mont_mul_24(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_24(t[22], t[11], m, mp);
-        sp_3072_mont_mul_24(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_24(t[24], t[12], m, mp);
-        sp_3072_mont_mul_24(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_24(t[26], t[13], m, mp);
-        sp_3072_mont_mul_24(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_24(t[28], t[14], m, mp);
-        sp_3072_mont_mul_24(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_24(t[30], t[15], m, mp);
-        sp_3072_mont_mul_24(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 5. */
-        if ((bits % 5) == 0) {
-            c -= 5;
-        }
-        else {
-            c -= bits % 5;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_3072_get_from_table_24(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 24);
-    #endif
-        for (; i>=0 || c>=5; ) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_3072_sqr_24(rt, r);
-            sp_3072_mont_reduce_24(rt, m, mp);
-            sp_3072_sqr_24(r, rt);
-            sp_3072_mont_reduce_24(r, m, mp);
-            sp_3072_sqr_24(rt, r);
-            sp_3072_mont_reduce_24(rt, m, mp);
-            sp_3072_sqr_24(r, rt);
-            sp_3072_mont_reduce_24(r, m, mp);
-            sp_3072_sqr_24(rt, r);
-            sp_3072_mont_reduce_24(rt, m, mp);
-
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_3072_get_from_table_24(r, t, y);
-                sp_3072_mul_24(r, rt, r);
-            #else
-                sp_3072_mul_24(r, rt, t[y]);
-            #endif
-            sp_3072_mont_reduce_24(r, m, mp);
-        }
-
-        XMEMSET(&r[24], 0, sizeof(sp_digit) * 24);
-        sp_3072_mont_reduce_24(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_24(r, m) >= 0);
-        sp_3072_cond_sub_24(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mont_reduce_avx2_24(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_avx2_24(r, a, b);
-    sp_3072_mont_reduce_avx2_24(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_avx2_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_avx2_24(r, a);
-    sp_3072_mont_reduce_avx2_24(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_get_from_table_avx2_24(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (33 * 48) + 48);
-    sp_digit* t[32];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (33 * 48) + 48, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<32; i++)
-            t[i] = td + i * 48;
-        rt = td + 1536;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_24(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 24);
-        if (reduceA) {
-            err = sp_3072_mod_24(t[1] + 24, a, m);
-            if (err == MP_OKAY)
-                err = sp_3072_mod_24(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 24, a, sizeof(sp_digit) * 24);
-            err = sp_3072_mod_24(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_avx2_24(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_avx2_24(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_avx2_24(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_avx2_24(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_avx2_24(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_avx2_24(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_avx2_24(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_avx2_24(t[15], t[ 8], t[ 7], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[16], t[ 8], m, mp);
-        sp_3072_mont_mul_avx2_24(t[17], t[ 9], t[ 8], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[18], t[ 9], m, mp);
-        sp_3072_mont_mul_avx2_24(t[19], t[10], t[ 9], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[20], t[10], m, mp);
-        sp_3072_mont_mul_avx2_24(t[21], t[11], t[10], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[22], t[11], m, mp);
-        sp_3072_mont_mul_avx2_24(t[23], t[12], t[11], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[24], t[12], m, mp);
-        sp_3072_mont_mul_avx2_24(t[25], t[13], t[12], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[26], t[13], m, mp);
-        sp_3072_mont_mul_avx2_24(t[27], t[14], t[13], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[28], t[14], m, mp);
-        sp_3072_mont_mul_avx2_24(t[29], t[15], t[14], m, mp);
-        sp_3072_mont_sqr_avx2_24(t[30], t[15], m, mp);
-        sp_3072_mont_mul_avx2_24(t[31], t[16], t[15], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 5. */
-        if ((bits % 5) == 0) {
-            c -= 5;
-        }
-        else {
-            c -= bits % 5;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_3072_get_from_table_avx2_24(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 24);
-    #endif
-        for (; i>=0 || c>=5; ) {
-            if (c >= 5) {
-                y = (byte)((n >> 59) & 0x1f);
-                n <<= 5;
-                c -= 5;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 59);
-                n <<= 5;
-                c = 59;
-            }
-            else {
-                y = (byte)(n >> 59);
-                n = e[i--];
-                c = 5 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_3072_sqr_avx2_24(rt, r);
-            sp_3072_mont_reduce_avx2_24(rt, m, mp);
-            sp_3072_sqr_avx2_24(r, rt);
-            sp_3072_mont_reduce_avx2_24(r, m, mp);
-            sp_3072_sqr_avx2_24(rt, r);
-            sp_3072_mont_reduce_avx2_24(rt, m, mp);
-            sp_3072_sqr_avx2_24(r, rt);
-            sp_3072_mont_reduce_avx2_24(r, m, mp);
-            sp_3072_sqr_avx2_24(rt, r);
-            sp_3072_mont_reduce_avx2_24(rt, m, mp);
-
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_3072_get_from_table_avx2_24(r, t, y);
-                sp_3072_mul_avx2_24(r, rt, r);
-            #else
-                sp_3072_mul_avx2_24(r, rt, t[y]);
-            #endif
-            sp_3072_mont_reduce_avx2_24(r, m, mp);
-        }
-
-        XMEMSET(&r[24], 0, sizeof(sp_digit) * 24);
-        sp_3072_mont_reduce_avx2_24(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_24(r, m) >= 0);
-        sp_3072_cond_sub_avx2_24(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 3072 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 48);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* r = 2^n mod m */
-    sp_3072_sub_in_place_48(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_48(r, a, b);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_48(r, a);
-    sp_3072_mont_reduce_48(r, m, mp);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mul_d_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_3072_word_asm_48(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_3072_word_asm_48(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[96];
-    sp_digit t2[49];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    for (i = 47; i > 0; i--) {
-        if (t1[i + 48] != d[i])
-            break;
-    }
-    if (t1[i + 48] >= d[i]) {
-        sp_3072_sub_in_place_48(&t1[48], d);
-    }
-    for (i = 47; i >= 0; i--) {
-        if (t1[48 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_3072_word_48(t1[48 + i], t1[48 + i - 1], div);
-        }
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_3072_mul_d_avx2_48(t2, d, r1);
-        else
-#endif
-            sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        if (t1[48 + i] != 0) {
-            t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], d);
-            if (t1[48 + i] != 0)
-                t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 47; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_3072_sub_48(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 48);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48_cond(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_3072_div_48_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_cond_sub_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<48; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 48; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[96];
-    sp_digit t2[49];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[47];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 48);
-    r1 = sp_3072_cmp_48(&t1[48], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_3072_cond_sub_avx2_48(&t1[48], &t1[48], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_3072_cond_sub_48(&t1[48], &t1[48], d, (sp_digit)0 - r1);
-    for (i = 47; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[48 + i] == div);
-        sp_digit hi = t1[48 + i] + mask;
-        r1 = div_3072_word_48(hi, t1[48 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_3072_mul_d_avx2_48(t2, d, r1);
-        else
-#endif
-            sp_3072_mul_d_48(t2, d, r1);
-        t1[48 + i] += sp_3072_sub_in_place_48(&t1[i], t2);
-        t1[48 + i] -= t2[48];
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-        sp_3072_mask_48(t2, d, t1[48 + i]);
-        t1[48 + i] += sp_3072_add_48(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_3072_cmp_48(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_3072_cond_sub_avx2_48(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_3072_cond_sub_48(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_3072_div_48(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_get_from_table_48(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (17 * 96) + 96);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (17 * 96) + 96, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 96;
-        rt = td + 1536;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48);
-        if (reduceA) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY)
-                err = sp_3072_mod_48(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_48(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 4. */
-        if ((bits % 4) == 0) {
-            c -= 4;
-        }
-        else {
-            c -= bits % 4;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_3072_get_from_table_48(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-    #endif
-        for (; i>=0 || c>=4; ) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_3072_sqr_48(rt, r);
-            sp_3072_mont_reduce_48(rt, m, mp);
-            sp_3072_sqr_48(r, rt);
-            sp_3072_mont_reduce_48(r, m, mp);
-            sp_3072_sqr_48(rt, r);
-            sp_3072_mont_reduce_48(rt, m, mp);
-            sp_3072_sqr_48(r, rt);
-            sp_3072_mont_reduce_48(r, m, mp);
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_3072_get_from_table_48(rt, t, y);
-                sp_3072_mul_48(r, r, rt);
-            #else
-                sp_3072_mul_48(r, r, t[y]);
-            #endif
-            sp_3072_mont_reduce_48(r, m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_mont_reduce_avx2_48(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_3072_mul_avx2_48(r, a, b);
-    sp_3072_mont_reduce_avx2_48(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_3072_mont_sqr_avx2_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_3072_sqr_avx2_48(r, a);
-    sp_3072_mont_reduce_avx2_48(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_get_from_table_avx2_48(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_3072_mod_exp_avx2_48(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (17 * 96) + 96);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (17 * 96) + 96, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 96;
-        rt = td + 1536;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 48);
-        if (reduceA) {
-            err = sp_3072_mod_48(t[1] + 48, a, m);
-            if (err == MP_OKAY)
-                err = sp_3072_mod_48(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 48, a, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_mont_sqr_avx2_48(t[ 2], t[ 1], m, mp);
-        sp_3072_mont_mul_avx2_48(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_3072_mont_sqr_avx2_48(t[ 4], t[ 2], m, mp);
-        sp_3072_mont_mul_avx2_48(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_3072_mont_sqr_avx2_48(t[ 6], t[ 3], m, mp);
-        sp_3072_mont_mul_avx2_48(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_3072_mont_sqr_avx2_48(t[ 8], t[ 4], m, mp);
-        sp_3072_mont_mul_avx2_48(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_3072_mont_sqr_avx2_48(t[10], t[ 5], m, mp);
-        sp_3072_mont_mul_avx2_48(t[11], t[ 6], t[ 5], m, mp);
-        sp_3072_mont_sqr_avx2_48(t[12], t[ 6], m, mp);
-        sp_3072_mont_mul_avx2_48(t[13], t[ 7], t[ 6], m, mp);
-        sp_3072_mont_sqr_avx2_48(t[14], t[ 7], m, mp);
-        sp_3072_mont_mul_avx2_48(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 4. */
-        if ((bits % 4) == 0) {
-            c -= 4;
-        }
-        else {
-            c -= bits % 4;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_3072_get_from_table_avx2_48(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 48);
-    #endif
-        for (; i>=0 || c>=4; ) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_3072_sqr_avx2_48(rt, r);
-            sp_3072_mont_reduce_avx2_48(rt, m, mp);
-            sp_3072_sqr_avx2_48(r, rt);
-            sp_3072_mont_reduce_avx2_48(r, m, mp);
-            sp_3072_sqr_avx2_48(rt, r);
-            sp_3072_mont_reduce_avx2_48(rt, m, mp);
-            sp_3072_sqr_avx2_48(r, rt);
-            sp_3072_mont_reduce_avx2_48(r, m, mp);
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_3072_get_from_table_avx2_48(rt, t, y);
-                sp_3072_mul_avx2_48(r, r, rt);
-            #else
-                sp_3072_mul_avx2_48(r, r, t[y]);
-            #endif
-            sp_3072_mont_reduce_avx2_48(r, m, mp);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_mont_reduce_avx2_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_avx2_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 48 * 5);
-    sp_digit* ah = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit  e = 0;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 64 || inLen > 384 ||
-                                                     mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 48 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 48 * 2;
-        m = r + 48 * 2;
-        ah = a + 48;
-
-        sp_3072_from_bin(ah, 48, in, (int)inLen);
-#if DIGIT_BIT >= 64
-        e = em->dp[0];
-#else
-        e = em->dp[0];
-        if (em->used > 1)
-            e |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-#endif
-        if (e == 0)
-            err = MP_EXPTMOD_E;
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(m, 48, mm);
-
-        if (e == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    for (i = 15; i >= 0; i--) {
-                        sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-                    }
-                    /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                     * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                     */
-                    sp_3072_mont_mul_avx2_48(r, r, ah, m, mp);
-                }
-                else
-#endif
-                {
-                    for (i = 15; i >= 0; i--) {
-                        sp_3072_mont_sqr_48(r, r, m, mp);
-                    }
-                    /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                     * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                     */
-                    sp_3072_mont_mul_48(r, r, ah, m, mp);
-                }
-
-                for (i = 47; i > 0; i--) {
-                    if (r[i] != m[i])
-                        break;
-                }
-                if (r[i] >= m[i])
-                    sp_3072_sub_in_place_48(r, m);
-            }
-        }
-        else if (e == 0x3) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                if (err == MP_OKAY) {
-                    sp_3072_sqr_avx2_48(r, ah);
-                    err = sp_3072_mod_48_cond(r, r, m);
-                }
-                if (err == MP_OKAY) {
-                    sp_3072_mul_avx2_48(r, ah, r);
-                    err = sp_3072_mod_48_cond(r, r, m);
-                }
-            }
-            else
-#endif
-            {
-                if (err == MP_OKAY) {
-                    sp_3072_sqr_48(r, ah);
-                    err = sp_3072_mod_48_cond(r, r, m);
-                }
-                if (err == MP_OKAY) {
-                    sp_3072_mul_48(r, ah, r);
-                    err = sp_3072_mod_48_cond(r, r, m);
-                }
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_3072_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 48);
-            err = sp_3072_mod_48_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if (e >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 48);
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    for (i--; i>=0; i--) {
-                        sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-                        if (((e >> i) & 1) == 1) {
-                            sp_3072_mont_mul_avx2_48(r, r, a, m, mp);
-                        }
-                    }
-                    XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-                    sp_3072_mont_reduce_avx2_48(r, m, mp);
-                }
-                else
-#endif
-                {
-                    for (i--; i>=0; i--) {
-                        sp_3072_mont_sqr_48(r, r, m, mp);
-                        if (((e >> i) & 1) == 1) {
-                            sp_3072_mont_mul_48(r, r, a, m, mp);
-                        }
-                    }
-                    XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-                    sp_3072_mont_reduce_48(r, m, mp);
-                }
-
-                for (i = 47; i > 0; i--) {
-                    if (r[i] != m[i])
-                        break;
-                }
-                if (r[i] >= m[i])
-                    sp_3072_sub_in_place_48(r, m);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm,const  mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, d, 48 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 384U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 3072) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 384U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 3072) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 48 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 48;
-        m = a + 96;
-
-        r = a;
-
-        sp_3072_from_bin(a, 48, in, (int)inLen);
-        sp_3072_from_mp(d, 48, dm);
-        sp_3072_from_mp(m, 48, mm);
-        err = sp_3072_mod_exp_48(r, a, d, 3072, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-    }
-
-    /* only zeroing private "d" */
-    SP_ZEROFREE_VAR(sp_digit, d, 48, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#else
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_3072_cond_add_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 384 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 24 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 384) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 384 || mp_count_bits(mm) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 24 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 48 * 2;
-        q = p + 24;
-        qi = dq = dp = q + 24;
-        tmpa = qi + 24;
-        tmpb = tmpa + 48;
-        r = a + 48;
-
-        sp_3072_from_bin(a, 48, in, (int)inLen);
-        sp_3072_from_mp(p, 24, pm);
-        sp_3072_from_mp(q, 24, qm);
-        sp_3072_from_mp(dp, 24, dpm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_3072_mod_exp_avx2_24(tmpa, a, dp, 1536, p, 1);
-        }
-        else
-#endif
-            err = sp_3072_mod_exp_24(tmpa, a, dp, 1536, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_3072_from_mp(dq, 24, dqm);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_3072_mod_exp_avx2_24(tmpb, a, dq, 1536, q, 1);
-       }
-       else
-#endif
-            err = sp_3072_mod_exp_24(tmpb, a, dq, 1536, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_3072_sub_in_place_24(tmpa, tmpb);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            c += sp_3072_cond_add_avx2_24(tmpa, tmpa, p, c);
-            sp_3072_cond_add_avx2_24(tmpa, tmpa, p, c);
-        }
-        else
-#endif
-        {
-            c += sp_3072_cond_add_24(tmpa, tmpa, p, c);
-            sp_3072_cond_add_24(tmpa, tmpa, p, c);
-        }
-
-        sp_3072_from_mp(qi, 24, qim);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_3072_mul_avx2_24(tmpa, tmpa, qi);
-        }
-        else
-#endif
-        {
-            sp_3072_mul_24(tmpa, tmpa, qi);
-        }
-        err = sp_3072_mod_24(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_3072_mul_avx2_24(tmpa, q, tmpa);
-        }
-        else
-#endif
-        {
-            sp_3072_mul_24(tmpa, q, tmpa);
-        }
-        XMEMSET(&tmpb[24], 0, sizeof(sp_digit) * 24);
-        sp_3072_add_48(r, tmpb, tmpa);
-
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 24 * 11, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-#endif /* SP_RSA_PRIVATE_EXP_D | RSA_LOW_MEM */
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_3072_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (3072 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 48);
-        r->used = 48;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 48; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 48; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (3072 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 96);
-    SP_DECL_VAR(sp_digit, e, 48);
-    SP_DECL_VAR(sp_digit, m, 48);
-    sp_digit* r;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-    int expBits = mp_count_bits(exp);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_mp(e, 48, exp);
-        sp_3072_from_mp(m, 48, mod);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_3072_mod_exp_avx2_48(r, b, e, expBits, m, 0);
-        }
-        else
-#endif
-            err = sp_3072_mod_exp_48(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-#ifdef HAVE_FFDHE_3072
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_3072_lshift_48(sp_digit* r, const sp_digit* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_avx2_48(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 49 + 96);
-    sp_digit* norm;
-    sp_digit* tmp;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 49 + 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 96;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_3072_lshift_48(r, norm, y);
-        while ((i >= 0) || (c >= 6)) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-            sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-            sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-            sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-            sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-            sp_3072_mont_sqr_avx2_48(r, r, m, mp);
-
-            sp_3072_lshift_48(r, r, y);
-            sp_3072_mul_d_avx2_48(tmp, norm, r[48]);
-            r[48] = 0;
-            o = sp_3072_add_48(r, r, tmp);
-            sp_3072_cond_sub_avx2_48(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_mont_reduce_avx2_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_avx2_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_3072_mod_exp_2_48(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 49 + 96);
-    sp_digit* norm;
-    sp_digit* tmp;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 49 + 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 96;
-
-        sp_3072_mont_setup(m, &mp);
-        sp_3072_mont_norm_48(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_3072_lshift_48(r, norm, y);
-        while ((i >= 0) || (c >= 6)) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-            sp_3072_mont_sqr_48(r, r, m, mp);
-
-            sp_3072_lshift_48(r, r, y);
-            sp_3072_mul_d_48(tmp, norm, r[48]);
-            r[48] = 0;
-            o = sp_3072_add_48(r, r, tmp);
-            sp_3072_cond_sub_48(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[48], 0, sizeof(sp_digit) * 48);
-        sp_3072_mont_reduce_48(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_3072_cmp_48(r, m) >= 0);
-        sp_3072_cond_sub_48(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_3072 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 384 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_3072(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 96);
-    SP_DECL_VAR(sp_digit, e, 48);
-    SP_DECL_VAR(sp_digit, m, 48);
-    sp_digit* r;
-    word32 i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 3072) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 384U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 3072) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 96, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_3072_from_mp(b, 48, base);
-        sp_3072_from_bin(e, 48, exp, (int)expLen);
-        sp_3072_from_mp(m, 48, mod);
-
-    #ifdef HAVE_FFDHE_3072
-        if (base->used == 1 && base->dp[0] == 2 && m[47] == (sp_digit)-1) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_3072_mod_exp_2_avx2_48(r, e, (int)expLen * 8, m);
-            }
-            else
-#endif
-                err = sp_3072_mod_exp_2_48(r, e, (int)expLen * 8, m);
-        }
-        else
-    #endif
-        {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_3072_mod_exp_avx2_48(r, b, e, (int)expLen * 8, m, 0);
-            }
-            else
-#endif
-                err = sp_3072_mod_exp_48(r, b, e, (int)expLen * 8, m, 0);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_3072_to_bin_48(r, out);
-        *outLen = 384;
-        for (i=0; i<384 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_1536(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 48);
-    SP_DECL_VAR(sp_digit, e, 24);
-    SP_DECL_VAR(sp_digit, m, 24);
-    sp_digit* r;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-    int expBits = mp_count_bits(exp);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 1536) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 1536) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 48, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 24, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 24, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_3072_from_mp(b, 24, base);
-        sp_3072_from_mp(e, 24, exp);
-        sp_3072_from_mp(m, 24, mod);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_3072_mod_exp_avx2_24(r, b, e, expBits, m, 0);
-        }
-        else
-#endif
-            err = sp_3072_mod_exp_24(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        XMEMSET(r + 24, 0, sizeof(*r) * 24);
-        err = sp_3072_to_mp(r, res);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 24, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* !WOLFSSL_SP_NO_3072 */
-
-#ifdef WOLFSSL_SP_4096
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_4096_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_4096_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_to_bin_bswap_64(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_to_bin_movbe_64(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 512
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_4096_to_bin_64(sp_digit* r, byte* a)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_4096_to_bin_movbe_64(r, a);
-    }
-    else
-#endif
-    {
-        sp_4096_to_bin_bswap_64(r, a);
-    }
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && (!defined(WOLFSSL_RSA_PUBLIC_ONLY) || !defined(WOLFSSL_SP_SMALL))) || defined(WOLFSSL_HAVE_SP_DH)
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_64(a)
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && (!WOLFSSL_RSA_PUBLIC_ONLY || !WOLFSSL_SP_SMALL)) || WOLFSSL_HAVE_SP_DH */
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_4096_norm_64(a)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_sub_in_place_64(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_mul_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_sqr_64(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_sqr_avx2_64(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-/* Calculate the bottom digit of -1/a mod 2^n.
- *
- * a    A single precision number.
- * rho  Bottom word of inverse.
- */
-static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
-{
-    sp_digit x;
-    sp_digit b;
-
-    b = a[0];
-    x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-    x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-
-    /* rho = -1/m mod b */
-    *rho = (sp_digit)0 - x;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-/* r = 2^n mod m where n is the number of bits to reduce by.
- * Given m must be 4096 bits, just need to subtract.
- *
- * r  A single precision number.
- * m  A single precision number.
- */
-static void sp_4096_mont_norm_64(sp_digit* r, const sp_digit* m)
-{
-    XMEMSET(r, 0, sizeof(sp_digit) * 64);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* r = 2^n mod m */
-    sp_4096_sub_in_place_64(r, m);
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_64(r, a, b);
-    sp_4096_mont_reduce_64(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_64(r, a);
-    sp_4096_mont_reduce_64(r, m, mp);
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_mul_d_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_4096_word_asm_64(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_4096_word_64(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_4096_word_asm_64(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_4096_word_64(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[128];
-    sp_digit t2[65];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    for (i = 63; i > 0; i--) {
-        if (t1[i + 64] != d[i])
-            break;
-    }
-    if (t1[i + 64] >= d[i]) {
-        sp_4096_sub_in_place_64(&t1[64], d);
-    }
-    for (i = 63; i >= 0; i--) {
-        if (t1[64 + i] == div) {
-            r1 = SP_DIGIT_MAX;
-        }
-        else {
-            r1 = div_4096_word_64(t1[64 + i], t1[64 + i - 1], div);
-        }
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_4096_mul_d_avx2_64(t2, d, r1);
-        else
-#endif
-            sp_4096_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_4096_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        if (t1[64 + i] != 0) {
-            t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], d);
-            if (t1[64 + i] != 0)
-                t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], d);
-        }
-    }
-
-    for (i = 63; i > 0; i--) {
-        if (t1[i] != d[i])
-            break;
-    }
-    if (t1[i] >= d[i]) {
-        sp_4096_sub_64(r, t1, d);
-    }
-    else {
-        XMEMCPY(r, t1, sizeof(*t1) * 64);
-    }
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_64_cond(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_4096_div_64_cond(a, m, NULL, r);
-}
-
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_cond_sub_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_4096_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<64; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 64; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[128];
-    sp_digit t2[65];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[63];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 64);
-    r1 = sp_4096_cmp_64(&t1[64], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_4096_cond_sub_avx2_64(&t1[64], &t1[64], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_4096_cond_sub_64(&t1[64], &t1[64], d, (sp_digit)0 - r1);
-    for (i = 63; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[64 + i] == div);
-        sp_digit hi = t1[64 + i] + mask;
-        r1 = div_4096_word_64(hi, t1[64 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_4096_mul_d_avx2_64(t2, d, r1);
-        else
-#endif
-            sp_4096_mul_d_64(t2, d, r1);
-        t1[64 + i] += sp_4096_sub_in_place_64(&t1[i], t2);
-        t1[64 + i] -= t2[64];
-        sp_4096_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], t2);
-        sp_4096_mask_64(t2, d, t1[64 + i]);
-        t1[64 + i] += sp_4096_add_64(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_4096_cmp_64(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_4096_cond_sub_avx2_64(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_4096_cond_sub_64(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_4096_mod_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_4096_div_64(a, m, NULL, r);
-}
-
-#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_get_from_table_64(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (17 * 128) + 128);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (17 * 128) + 128, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 128;
-        rt = td + 2048;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64);
-        if (reduceA) {
-            err = sp_4096_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY)
-                err = sp_4096_mod_64(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_64(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_64(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_64(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_64(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_64(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_64(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_64(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_64(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_64(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_64(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_64(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_64(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 4. */
-        if ((bits % 4) == 0) {
-            c -= 4;
-        }
-        else {
-            c -= bits % 4;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_4096_get_from_table_64(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-    #endif
-        for (; i>=0 || c>=4; ) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_4096_sqr_64(rt, r);
-            sp_4096_mont_reduce_64(rt, m, mp);
-            sp_4096_sqr_64(r, rt);
-            sp_4096_mont_reduce_64(r, m, mp);
-            sp_4096_sqr_64(rt, r);
-            sp_4096_mont_reduce_64(rt, m, mp);
-            sp_4096_sqr_64(r, rt);
-            sp_4096_mont_reduce_64(r, m, mp);
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_4096_get_from_table_64(rt, t, y);
-                sp_4096_mul_64(r, r, rt);
-            #else
-                sp_4096_mul_64(r, r, t[y]);
-            #endif
-            sp_4096_mont_reduce_64(r, m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_mont_reduce_avx2_64(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_4096_mul_avx2_64(r, a, b);
-    sp_4096_mont_reduce_avx2_64(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_4096_mont_sqr_avx2_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_4096_sqr_avx2_64(r, a);
-    sp_4096_mont_reduce_avx2_64(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_get_from_table_avx2_64(sp_digit* r, sp_digit** table, int idx);
-#ifdef __cplusplus
-}
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate a to the e mod m. (r = a^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * a     A single precision number being exponentiated.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even or exponent is 0.
- */
-static int sp_4096_mod_exp_avx2_64(sp_digit* r, const sp_digit* a, const sp_digit* e,
-        int bits, const sp_digit* m, int reduceA)
-{
-    SP_DECL_VAR(sp_digit, td, (17 * 128) + 128);
-    sp_digit* t[16];
-    sp_digit* rt = NULL;
-    sp_digit* norm;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, (17 * 128) + 128, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        for (i=0; i<16; i++)
-            t[i] = td + i * 128;
-        rt = td + 2048;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        XMEMSET(t[1], 0, sizeof(sp_digit) * 64);
-        if (reduceA) {
-            err = sp_4096_mod_64(t[1] + 64, a, m);
-            if (err == MP_OKAY)
-                err = sp_4096_mod_64(t[1], t[1], m);
-        }
-        else {
-            XMEMCPY(t[1] + 64, a, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64(t[1], t[1], m);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_mont_sqr_avx2_64(t[ 2], t[ 1], m, mp);
-        sp_4096_mont_mul_avx2_64(t[ 3], t[ 2], t[ 1], m, mp);
-        sp_4096_mont_sqr_avx2_64(t[ 4], t[ 2], m, mp);
-        sp_4096_mont_mul_avx2_64(t[ 5], t[ 3], t[ 2], m, mp);
-        sp_4096_mont_sqr_avx2_64(t[ 6], t[ 3], m, mp);
-        sp_4096_mont_mul_avx2_64(t[ 7], t[ 4], t[ 3], m, mp);
-        sp_4096_mont_sqr_avx2_64(t[ 8], t[ 4], m, mp);
-        sp_4096_mont_mul_avx2_64(t[ 9], t[ 5], t[ 4], m, mp);
-        sp_4096_mont_sqr_avx2_64(t[10], t[ 5], m, mp);
-        sp_4096_mont_mul_avx2_64(t[11], t[ 6], t[ 5], m, mp);
-        sp_4096_mont_sqr_avx2_64(t[12], t[ 6], m, mp);
-        sp_4096_mont_mul_avx2_64(t[13], t[ 7], t[ 6], m, mp);
-        sp_4096_mont_sqr_avx2_64(t[14], t[ 7], m, mp);
-        sp_4096_mont_mul_avx2_64(t[15], t[ 8], t[ 7], m, mp);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 4. */
-        if ((bits % 4) == 0) {
-            c -= 4;
-        }
-        else {
-            c -= bits % 4;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        sp_4096_get_from_table_avx2_64(r, t, y);
-    #else
-        XMEMCPY(r, t[y], sizeof(sp_digit) * 64);
-    #endif
-        for (; i>=0 || c>=4; ) {
-            if (c >= 4) {
-                y = (byte)((n >> 60) & 0xf);
-                n <<= 4;
-                c -= 4;
-            }
-            else if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 60);
-                n <<= 4;
-                c = 60;
-            }
-            else {
-                y = (byte)(n >> 60);
-                n = e[i--];
-                c = 4 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-
-            sp_4096_sqr_avx2_64(rt, r);
-            sp_4096_mont_reduce_avx2_64(rt, m, mp);
-            sp_4096_sqr_avx2_64(r, rt);
-            sp_4096_mont_reduce_avx2_64(r, m, mp);
-            sp_4096_sqr_avx2_64(rt, r);
-            sp_4096_mont_reduce_avx2_64(rt, m, mp);
-            sp_4096_sqr_avx2_64(r, rt);
-            sp_4096_mont_reduce_avx2_64(r, m, mp);
-            #ifndef WC_NO_CACHE_RESISTANT
-                sp_4096_get_from_table_avx2_64(rt, t, y);
-                sp_4096_mul_avx2_64(r, r, rt);
-            #else
-                sp_4096_mul_avx2_64(r, r, t[y]);
-            #endif
-            sp_4096_mont_reduce_avx2_64(r, m, mp);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_mont_reduce_avx2_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_avx2_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-#endif /* (WOLFSSL_HAVE_SP_RSA && !WOLFSSL_RSA_PUBLIC_ONLY) || WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_RSA
-/* RSA public key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * em      Public exponent.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
-    const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 64 * 5);
-    sp_digit* ah = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    sp_digit  e = 0;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (mp_count_bits(em) > 64 || inLen > 512 ||
-                                                     mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 64 * 5, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        r = a + 64 * 2;
-        m = r + 64 * 2;
-        ah = a + 64;
-
-        sp_4096_from_bin(ah, 64, in, (int)inLen);
-#if DIGIT_BIT >= 64
-        e = em->dp[0];
-#else
-        e = em->dp[0];
-        if (em->used > 1)
-            e |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
-#endif
-        if (e == 0)
-            err = MP_EXPTMOD_E;
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(m, 64, mm);
-
-        if (e == 0x10001) {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64_cond(r, a, m);
-            /* Montgomery form: r = a.R mod m */
-
-            if (err == MP_OKAY) {
-                /* r = a ^ 0x10000 => r = a squared 16 times */
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    for (i = 15; i >= 0; i--) {
-                        sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-                    }
-                    /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                     * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                     */
-                    sp_4096_mont_mul_avx2_64(r, r, ah, m, mp);
-                }
-                else
-#endif
-                {
-                    for (i = 15; i >= 0; i--) {
-                        sp_4096_mont_sqr_64(r, r, m, mp);
-                    }
-                    /* mont_red(r.R.R) = (r.R.R / R) mod m = r.R mod m
-                     * mont_red(r.R * a) = (r.R.a / R) mod m = r.a mod m
-                     */
-                    sp_4096_mont_mul_64(r, r, ah, m, mp);
-                }
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i])
-                        break;
-                }
-                if (r[i] >= m[i])
-                    sp_4096_sub_in_place_64(r, m);
-            }
-        }
-        else if (e == 0x3) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                if (err == MP_OKAY) {
-                    sp_4096_sqr_avx2_64(r, ah);
-                    err = sp_4096_mod_64_cond(r, r, m);
-                }
-                if (err == MP_OKAY) {
-                    sp_4096_mul_avx2_64(r, ah, r);
-                    err = sp_4096_mod_64_cond(r, r, m);
-                }
-            }
-            else
-#endif
-            {
-                if (err == MP_OKAY) {
-                    sp_4096_sqr_64(r, ah);
-                    err = sp_4096_mod_64_cond(r, r, m);
-                }
-                if (err == MP_OKAY) {
-                    sp_4096_mul_64(r, ah, r);
-                    err = sp_4096_mod_64_cond(r, r, m);
-                }
-            }
-        }
-        else {
-            int i;
-            sp_digit mp;
-
-            sp_4096_mont_setup(m, &mp);
-
-            /* Convert to Montgomery form. */
-            XMEMSET(a, 0, sizeof(sp_digit) * 64);
-            err = sp_4096_mod_64_cond(a, a, m);
-
-            if (err == MP_OKAY) {
-                for (i=63; i>=0; i--) {
-                    if (e >> i) {
-                        break;
-                    }
-                }
-
-                XMEMCPY(r, a, sizeof(sp_digit) * 64);
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    for (i--; i>=0; i--) {
-                        sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-                        if (((e >> i) & 1) == 1) {
-                            sp_4096_mont_mul_avx2_64(r, r, a, m, mp);
-                        }
-                    }
-                    XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-                    sp_4096_mont_reduce_avx2_64(r, m, mp);
-                }
-                else
-#endif
-                {
-                    for (i--; i>=0; i--) {
-                        sp_4096_mont_sqr_64(r, r, m, mp);
-                        if (((e >> i) & 1) == 1) {
-                            sp_4096_mont_mul_64(r, r, a, m, mp);
-                        }
-                    }
-                    XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-                    sp_4096_mont_reduce_64(r, m, mp);
-                }
-
-                for (i = 63; i > 0; i--) {
-                    if (r[i] != m[i])
-                        break;
-                }
-                if (r[i] >= m[i])
-                    sp_4096_sub_in_place_64(r, m);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-    }
-
-    SP_FREE_VAR(a, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm,const  mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, d, 64 * 4);
-    sp_digit* a = NULL;
-    sp_digit* m = NULL;
-    sp_digit* r = NULL;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)pm;
-    (void)qm;
-    (void)dpm;
-    (void)dqm;
-    (void)qim;
-
-    if (*outLen < 512U) {
-        err = MP_TO_E;
-    }
-    if (err == MP_OKAY) {
-        if (mp_count_bits(dm) > 4096) {
-            err = MP_READ_E;
-        }
-        else if (inLen > 512U) {
-            err = MP_READ_E;
-        }
-        else if (mp_count_bits(mm) != 4096) {
-            err = MP_READ_E;
-        }
-        else if (mp_iseven(mm)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_ALLOC_VAR(sp_digit, d, 64 * 4, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        a = d + 64;
-        m = a + 128;
-
-        r = a;
-
-        sp_4096_from_bin(a, 64, in, (int)inLen);
-        sp_4096_from_mp(d, 64, dm);
-        sp_4096_from_mp(m, 64, mm);
-        err = sp_4096_mod_exp_64(r, a, d, 4096, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-    }
-
-    /* only zeroing private "d" */
-    SP_ZEROFREE_VAR(sp_digit, d, 64, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-
-#else
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_4096_cond_add_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* RSA private key operation.
- *
- * in      Array of bytes representing the number to exponentiate, base.
- * inLen   Number of bytes in base.
- * dm      Private exponent.
- * pm      First prime.
- * qm      Second prime.
- * dpm     First prime's CRT exponent.
- * dqm     Second prime's CRT exponent.
- * qim     Inverse of second prime mod p.
- * mm      Modulus.
- * out     Buffer to hold big-endian bytes of exponentiation result.
- *         Must be at least 512 bytes long.
- * outLen  Number of bytes in result.
- * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
- * an array is too long and MEMORY_E when dynamic memory allocation fails.
- */
-int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
-    const mp_int* pm, const mp_int* qm, const mp_int* dpm, const mp_int* dqm,
-    const mp_int* qim, const mp_int* mm, byte* out, word32* outLen)
-{
-    SP_DECL_VAR(sp_digit, a, 32 * 11);
-    sp_digit* p = NULL;
-    sp_digit* q = NULL;
-    sp_digit* dp = NULL;
-    sp_digit* dq = NULL;
-    sp_digit* qi = NULL;
-    sp_digit* tmpa = NULL;
-    sp_digit* tmpb = NULL;
-    sp_digit* r = NULL;
-    sp_digit c;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)dm;
-    (void)mm;
-
-    if (*outLen < 512) {
-        err = MP_TO_E;
-    }
-    else if (inLen > 512 || mp_count_bits(mm) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(pm)) {
-        err = MP_VAL;
-    }
-    else if (mp_iseven(qm)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-    if (err == MP_OKAY) {
-        p = a + 64 * 2;
-        q = p + 32;
-        qi = dq = dp = q + 32;
-        tmpa = qi + 32;
-        tmpb = tmpa + 64;
-        r = a + 64;
-
-        sp_4096_from_bin(a, 64, in, (int)inLen);
-        sp_4096_from_mp(p, 32, pm);
-        sp_4096_from_mp(q, 32, qm);
-        sp_4096_from_mp(dp, 32, dpm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_2048_mod_exp_avx2_32(tmpa, a, dp, 2048, p, 1);
-        }
-        else
-#endif
-            err = sp_2048_mod_exp_32(tmpa, a, dp, 2048, p, 1);
-    }
-    if (err == MP_OKAY) {
-        sp_4096_from_mp(dq, 32, dqm);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_2048_mod_exp_avx2_32(tmpb, a, dq, 2048, q, 1);
-       }
-       else
-#endif
-            err = sp_2048_mod_exp_32(tmpb, a, dq, 2048, q, 1);
-    }
-
-    if (err == MP_OKAY) {
-        c = sp_2048_sub_in_place_32(tmpa, tmpb);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            c += sp_4096_cond_add_avx2_32(tmpa, tmpa, p, c);
-            sp_4096_cond_add_avx2_32(tmpa, tmpa, p, c);
-        }
-        else
-#endif
-        {
-            c += sp_4096_cond_add_32(tmpa, tmpa, p, c);
-            sp_4096_cond_add_32(tmpa, tmpa, p, c);
-        }
-
-        sp_2048_from_mp(qi, 32, qim);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_2048_mul_avx2_32(tmpa, tmpa, qi);
-        }
-        else
-#endif
-        {
-            sp_2048_mul_32(tmpa, tmpa, qi);
-        }
-        err = sp_2048_mod_32(tmpa, tmpa, p);
-    }
-
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_2048_mul_avx2_32(tmpa, q, tmpa);
-        }
-        else
-#endif
-        {
-            sp_2048_mul_32(tmpa, q, tmpa);
-        }
-        XMEMSET(&tmpb[32], 0, sizeof(sp_digit) * 32);
-        sp_4096_add_64(r, tmpb, tmpa);
-
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, a, 32 * 11, NULL, DYNAMIC_TYPE_RSA);
-
-    return err;
-}
-#endif /* SP_RSA_PRIVATE_EXP_D | RSA_LOW_MEM */
-#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
-#endif /* WOLFSSL_HAVE_SP_RSA */
-#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
-                                              !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_4096_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (4096 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 64);
-        r->used = 64;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 64; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (4096 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * mod   Modulus. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
-    mp_int* res)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 128);
-    SP_DECL_VAR(sp_digit, e, 64);
-    SP_DECL_VAR(sp_digit, m, 64);
-    sp_digit* r;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-    int expBits = mp_count_bits(exp);
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expBits > 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_4096_from_mp(b, 64, base);
-        sp_4096_from_mp(e, 64, exp);
-        sp_4096_from_mp(m, 64, mod);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_4096_mod_exp_avx2_64(r, b, e, expBits, m, 0);
-        }
-        else
-#endif
-            err = sp_4096_mod_exp_64(r, b, e, expBits, m, 0);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_4096_to_mp(r, res);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#ifdef WOLFSSL_HAVE_SP_DH
-#ifdef HAVE_FFDHE_4096
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_4096_lshift_64(sp_digit* r, const sp_digit* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_avx2_64(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 65 + 128);
-    sp_digit* norm;
-    sp_digit* tmp;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 65 + 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 128;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_4096_lshift_64(r, norm, y);
-        while ((i >= 0) || (c >= 6)) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-            sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-            sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-            sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-            sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-            sp_4096_mont_sqr_avx2_64(r, r, m, mp);
-
-            sp_4096_lshift_64(r, r, y);
-            sp_4096_mul_d_avx2_64(tmp, norm, r[64]);
-            r[64] = 0;
-            o = sp_4096_add_64(r, r, tmp);
-            sp_4096_cond_sub_avx2_64(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_mont_reduce_avx2_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_avx2_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif /* HAVE_INTEL_AVX2 */
-
-/* Modular exponentiate 2 to the e mod m. (r = 2^e mod m)
- *
- * r     A single precision number that is the result of the operation.
- * e     A single precision number that is the exponent.
- * bits  The number of bits in the exponent.
- * m     A single precision number that is the modulus.
- * returns  0 on success.
- * returns  MEMORY_E on dynamic memory allocation failure.
- * returns  MP_VAL when base is even.
- */
-static int sp_4096_mod_exp_2_64(sp_digit* r, const sp_digit* e, int bits,
-        const sp_digit* m)
-{
-    SP_DECL_VAR(sp_digit, td, 65 + 128);
-    sp_digit* norm;
-    sp_digit* tmp;
-    sp_digit mp = 1;
-    sp_digit n;
-    sp_digit o;
-    sp_digit mask;
-    int i;
-    int c;
-    byte y;
-    int err = MP_OKAY;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (bits == 0) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, td, 65 + 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        norm = td;
-        tmp = td + 128;
-
-        sp_4096_mont_setup(m, &mp);
-        sp_4096_mont_norm_64(norm, m);
-
-        i = (bits - 1) / 64;
-        n = e[i--];
-        /* Number of bits available in top word. */
-        c = bits & 63;
-        if (c == 0) {
-            c = 64;
-        }
-        /* Minus the number of top bits to use so rest is a multiple of 6. */
-        if ((bits % 6) == 0) {
-            c -= 6;
-        }
-        else {
-            c -= bits % 6;
-        }
-        if (c < 0) {
-            /* Number of bits in top word is less than number needed. */
-            c = -c;
-            y = (byte)(n << c);
-            n = e[i--];
-            y |= (byte)(n >> (64 - c));
-            n <<= c;
-            c = 64 - c;
-        }
-        else if (c == 0) {
-            /* All bits in top word used. */
-            y = (byte)n;
-        }
-        else {
-            y = (byte)(n >> c);
-            n <<= 64 - c;
-        }
-        sp_4096_lshift_64(r, norm, y);
-        while ((i >= 0) || (c >= 6)) {
-            if (c == 0) {
-                n = e[i--];
-                y = (byte)(n >> 58);
-                n <<= 6;
-                c = 58;
-            }
-            else if (c < 6) {
-                y = (byte)(n >> 58);
-                n = e[i--];
-                c = 6 - c;
-                y |= (byte)(n >> (64 - c));
-                n <<= c;
-                c = 64 - c;
-            }
-            else {
-                y = (byte)((n >> 58) & 0x3f);
-                n <<= 6;
-                c -= 6;
-            }
-
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-            sp_4096_mont_sqr_64(r, r, m, mp);
-
-            sp_4096_lshift_64(r, r, y);
-            sp_4096_mul_d_64(tmp, norm, r[64]);
-            r[64] = 0;
-            o = sp_4096_add_64(r, r, tmp);
-            sp_4096_cond_sub_64(r, r, m, (sp_digit)0 - o);
-        }
-
-        XMEMSET(&r[64], 0, sizeof(sp_digit) * 64);
-        sp_4096_mont_reduce_64(r, m, mp);
-
-        mask = (sp_digit)0 - (sp_4096_cmp_64(r, m) >= 0);
-        sp_4096_cond_sub_64(r, r, m, mask);
-    }
-
-    SP_FREE_VAR(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-
-#endif /* HAVE_FFDHE_4096 */
-
-/* Perform the modular exponentiation for Diffie-Hellman.
- *
- * base     Base.
- * exp      Array of bytes that is the exponent.
- * expLen   Length of data, in bytes, in exponent.
- * mod      Modulus.
- * out      Buffer to hold big-endian bytes of exponentiation result.
- *          Must be at least 512 bytes long.
- * outLen   Length, in bytes, of exponentiation result.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_DhExp_4096(const mp_int* base, const byte* exp, word32 expLen,
-    const mp_int* mod, byte* out, word32* outLen)
-{
-    int err = MP_OKAY;
-    SP_DECL_VAR(sp_digit, b, 128);
-    SP_DECL_VAR(sp_digit, e, 64);
-    SP_DECL_VAR(sp_digit, m, 64);
-    sp_digit* r;
-    word32 i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    if (mp_count_bits(base) > 4096) {
-        err = MP_READ_E;
-    }
-    else if (expLen > 512U) {
-        err = MP_READ_E;
-    }
-    else if (mp_count_bits(mod) != 4096) {
-        err = MP_READ_E;
-    }
-    else if (mp_iseven(mod)) {
-        err = MP_VAL;
-    }
-
-    SP_ALLOC_VAR(sp_digit, b, 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, e, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ALLOC_VAR(sp_digit, m, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (err == MP_OKAY) {
-        r = b;
-
-        sp_4096_from_mp(b, 64, base);
-        sp_4096_from_bin(e, 64, exp, (int)expLen);
-        sp_4096_from_mp(m, 64, mod);
-
-    #ifdef HAVE_FFDHE_4096
-        if (base->used == 1 && base->dp[0] == 2 && m[63] == (sp_digit)-1) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_4096_mod_exp_2_avx2_64(r, e, (int)expLen * 8, m);
-            }
-            else
-#endif
-                err = sp_4096_mod_exp_2_64(r, e, (int)expLen * 8, m);
-        }
-        else
-    #endif
-        {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_4096_mod_exp_avx2_64(r, b, e, (int)expLen * 8, m, 0);
-            }
-            else
-#endif
-                err = sp_4096_mod_exp_64(r, b, e, (int)expLen * 8, m, 0);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_4096_to_bin_64(r, out);
-        *outLen = 512;
-        for (i=0; i<512 && out[i] == 0; i++) {
-            /* Search for first non-zero. */
-        }
-        *outLen -= i;
-        XMEMMOVE(out, out + i, *outLen);
-    }
-
-    SP_FREE_VAR(m, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_ZEROFREE_VAR(sp_digit, e, 64, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    SP_FREE_VAR(b, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_HAVE_SP_DH | (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) */
-
-#endif /* WOLFSSL_SP_4096 */
-
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH */
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
-
-/* Point structure to use. */
-typedef struct sp_point_256 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 4];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 4];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 4];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_256;
-
-/* The modulus (prime) of the curve P256. */
-static const sp_digit p256_mod[4] = {
-    0xffffffffffffffffL,0x00000000ffffffffL,0x0000000000000000L,
-    0xffffffff00000001L
-};
-/* The Montgomery normalizer for modulus of the curve P256. */
-static const sp_digit p256_norm_mod[4] = {
-    0x0000000000000001L,0xffffffff00000000L,0xffffffffffffffffL,
-    0x00000000fffffffeL
-};
-/* The Montgomery multiplier for modulus of the curve P256. */
-static const sp_digit p256_mp_mod = 0x0000000000000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P256. */
-static const sp_digit p256_order[4] = {
-    0xf3b9cac2fc632551L,0xbce6faada7179e84L,0xffffffffffffffffL,
-    0xffffffff00000000L
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P256 minus 2. */
-static const sp_digit p256_order2[4] = {
-    0xf3b9cac2fc63254fL,0xbce6faada7179e84L,0xffffffffffffffffL,
-    0xffffffff00000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P256. */
-static const sp_digit p256_norm_order[4] = {
-    0x0c46353d039cdaafL,0x4319055258e8617bL,0x0000000000000000L,
-    0x00000000ffffffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P256. */
-static const sp_digit p256_mp_order = 0xccd1c8aaee00bc4fL;
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* The base point of curve P256. */
-static const sp_point_256 p256_base = {
-    /* X ordinate */
-    {
-        0xf4a13945d898c296L,0x77037d812deb33a0L,0xf8bce6e563a440f2L,
-        0x6b17d1f2e12c4247L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0xcbb6406837bf51f5L,0x2bce33576b315eceL,0x8ee7eb4a7c0f9e16L,
-        0x4fe342e2fe1a7f9bL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p256_b[4] = {
-    0x3bce3c3e27d2604bL,0x651d06b0cc53b0f6L,0xb3ebbd55769886bcL,
-    0x5ac635d8aa3a93e7L
-};
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mul_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_sqr_4(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_sqr_avx2_4(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_256_add_4(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_256_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- */
-static int sp_256_mod_mul_norm_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    int64_t t[8];
-    int64_t a32[8];
-    int64_t o;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    a32[0] = (int64_t)(a[0] & 0xffffffff);
-    a32[1] = (int64_t)(a[0] >> 32);
-    a32[2] = (int64_t)(a[1] & 0xffffffff);
-    a32[3] = (int64_t)(a[1] >> 32);
-    a32[4] = (int64_t)(a[2] & 0xffffffff);
-    a32[5] = (int64_t)(a[2] >> 32);
-    a32[6] = (int64_t)(a[3] & 0xffffffff);
-    a32[7] = (int64_t)(a[3] >> 32);
-
-    /*  1  1  0 -1 -1 -1 -1  0 */
-    t[0] = 0 + a32[0] + a32[1] - a32[3] - a32[4] - a32[5] - a32[6];
-    /*  0  1  1  0 -1 -1 -1 -1 */
-    t[1] = 0 + a32[1] + a32[2] - a32[4] - a32[5] - a32[6] - a32[7];
-    /*  0  0  1  1  0 -1 -1 -1 */
-    t[2] = 0 + a32[2] + a32[3] - a32[5] - a32[6] - a32[7];
-    /* -1 -1  0  2  2  1  0 -1 */
-    t[3] = 0 - a32[0] - a32[1] + 2 * a32[3] + 2 * a32[4] + a32[5] - a32[7];
-    /*  0 -1 -1  0  2  2  1  0 */
-    t[4] = 0 - a32[1] - a32[2] + 2 * a32[4] + 2 * a32[5] + a32[6];
-    /*  0  0 -1 -1  0  2  2  1 */
-    t[5] = 0 - a32[2] - a32[3] + 2 * a32[5] + 2 * a32[6] + a32[7];
-    /* -1 -1  0  0  0  1  3  2 */
-    t[6] = 0 - a32[0] - a32[1] + a32[5] + 3 * a32[6] + 2 * a32[7];
-    /*  1  0 -1 -1 -1 -1  0  3 */
-    t[7] = 0 + a32[0] - a32[2] - a32[3] - a32[4] - a32[5] + 3 * a32[7];
-
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    o     = t[7] >> 32; t[7] &= 0xffffffff;
-    t[0] += o;
-    t[3] -= o;
-    t[6] -= o;
-    t[7] += o;
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    o     = t[7] >> 32; t[7] &= 0xffffffff;
-    t[0] += o;
-    t[3] -= o;
-    t[6] -= o;
-    t[7] += o;
-    t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-    t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-    t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-    t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-    t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-    t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-    t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-    r[0] = (sp_digit)((t[1] << 32) | t[0]);
-    r[1] = (sp_digit)((t[3] << 32) | t[2]);
-    r[2] = (sp_digit)((t[5] << 32) | t[4]);
-    r[3] = (sp_digit)((t[7] << 32) | t[6]);
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_256.
- *
- * p   Point of type sp_point_256 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_256_point_from_ecc_point_4(sp_point_256* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_256_from_mp(p->x, 4, pm->x);
-    sp_256_from_mp(p->y, 4, pm->y);
-    sp_256_from_mp(p->z, 4, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_256_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (256 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 4);
-        r->used = 4;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 4; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 4; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (256 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_256 to type ecc_point.
- *
- * p   Point of type sp_point_256.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_256_point_to_ecc_point_4(const sp_point_256* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_256_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_cond_copy_4(sp_digit* r, const sp_digit* a, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_4(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_4(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P256 curve. */
-static const word64 p256_mod_minus_2[4] = {
-    0xfffffffffffffffdU,0x00000000ffffffffU,0x0000000000000000U,
-    0xffffffff00000001U
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_4(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 4);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_4(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_256_mont_mul_4(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 4);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 4;
-    sp_digit* t3 = td + 4 * 4;
-    /* 0x2 */
-    sp_256_mont_sqr_4(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_4(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_4(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_4(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_4(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_4(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_4(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_4(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_4(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_4(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_4(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_4(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_4(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_256_cmp_4(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_256_norm_4(a)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_256_cond_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_reduce_order_4(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_4(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_int64 n;
-
-    sp_256_mont_inv_4(t1, p->z, t + 2*4);
-
-    sp_256_mont_sqr_4(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_4(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 4, 0, sizeof(sp_digit) * 4U);
-    sp_256_mont_reduce_4(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_4(r->x, p256_mod);
-    sp_256_cond_sub_4(r->x, r->x, p256_mod, (sp_digit)~(n >> 63));
-    sp_256_norm_4(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_4(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 4, 0, sizeof(sp_digit) * 4U);
-    sp_256_mont_reduce_4(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_4(r->y, p256_mod);
-    sp_256_cond_sub_4(r->y, r->y, p256_mod, (sp_digit)~(n >> 63));
-    sp_256_norm_4(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_add_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_rsb_sub_dbl_4(sp_digit* r, const sp_digit* a, sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_4(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_4(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_4(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_4(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_4(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_4(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_4(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_4(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_4(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_4(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_4(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_4(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - 2*Y */
-    /* Y = Y - X */
-    sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_4(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_4(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_4_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_4_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_4_ctx* ctx = (sp_256_proj_point_dbl_4_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*4;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_4(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_4(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_4(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_4(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_4(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_4(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_4(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_4(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_4(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_4(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_4(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_4(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_4(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - 2*Y */
-        /* Y = Y - X */
-        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        ctx->state = 16;
-        break;
-    case 16:
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_4(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_4(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*4;
-    sp_digit* b = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_4(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_4(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_4(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_dbl_4(b, b, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_4(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_4(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_4(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_dbl_4(b, b, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_4(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_4(y, y, p256_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_256_cmp_equal_4(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_256_iszero_4(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_4(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*4;
-    sp_digit* t2 = t + 4*4;
-    sp_digit* t3 = t + 6*4;
-    sp_digit* t4 = t + 8*4;
-    sp_digit* t5 = t + 10*4;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_4(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_4(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_4(t2, t1) &
-            sp_256_cmp_equal_4(t4, t3)) {
-        sp_256_proj_point_dbl_4(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_4(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_4(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(x, x, t5, p256_mod);
-        sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
-        sp_256_mont_mul_4(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 4; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_4_ctx {
-    int state;
-    sp_256_proj_point_dbl_4_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_4_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_4_ctx* ctx = (sp_256_proj_point_add_4_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*4;
-        ctx->t2 = t + 4*4;
-        ctx->t3 = t + 6*4;
-        ctx->t4 = t + 8*4;
-        ctx->t5 = t + 10*4;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_4(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_4(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_4(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_4(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_4(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_4(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_4(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_4(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_4(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_4(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_4(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_4(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_4(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_4(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_4(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_4(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_4(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_4(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_4(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_4(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_4(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_4(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_4(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 4; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
-        const sp_point_256* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*4;
-    sp_digit* b = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<4; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<4; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<4; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_4(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_4(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(w, w, p256_mod, p256_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_4(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_dbl_4(b, b, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_4(r[j].z, z, y, p256_mod, p256_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_4(t1, t1, p256_mod, p256_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_4(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, y, t1, p256_mod);
-        /* Y = Y/2 */
-        sp_256_mont_div2_4(r[j].y, y, p256_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
-        sp_point_256* rs, const sp_point_256* p, const sp_point_256* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t1, xa, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_4(t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t4, t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_4(t3, t3, ya, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-    /* H = U2 - U1 */
-    sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-    /* RS = S2 + S1 */
-    sp_256_mont_add_4(t6, t4, t3, p256_mod);
-    /* R = S2 - S1 */
-    sp_256_mont_sub_4(t4, t4, t3, p256_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_256_mont_mul_4(za, za, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(za, za, t2, p256_mod, p256_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_256_mont_sqr_4(xa, t4, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(xs, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(ya, t1, t5, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(xa, xa, t5, p256_mod);
-    sp_256_mont_sub_4(xs, xs, t5, p256_mod);
-    sp_256_mont_dbl_4(t1, ya, p256_mod);
-    sp_256_mont_sub_4(xa, xa, t1, p256_mod);
-    sp_256_mont_sub_4(xs, xs, t1, p256_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_4(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_4(ya, ya, xa, p256_mod);
-    sp_256_mont_mul_4(ya, ya, t4, p256_mod, p256_mp_mod);
-    sp_256_sub_4(t6, p256_mod, t6);
-    sp_256_mont_mul_4(ys, ys, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_4(ya, ya, t5, p256_mod);
-    sp_256_mont_sub_4(ys, ys, t5, p256_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_256 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_256;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_4_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_4_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<43; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 64) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 64) {
-            n >>= 6;
-            if (++j < 4)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 4) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x3f);
-            o -= 58;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_4_6[y];
-        v[i].neg = recode_neg_4_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_get_point_33_4(sp_point_256* r, const sp_point_256* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_get_point_33_avx2_4(sp_point_256* r, const sp_point_256* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 6);
-    sp_point_256* rt = NULL;
-    sp_point_256* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_256 v[43];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_4(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t[1].y, g->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t[1].z, g->z, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_256_proj_point_dbl_n_store_4(t, &t[ 1], 5, 1, tmp);
-        sp_256_proj_point_add_4(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[ 6], &t[ 3], tmp);
-        sp_256_proj_point_add_sub_4(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[10], &t[ 5], tmp);
-        sp_256_proj_point_add_sub_4(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[12], &t[ 6], tmp);
-        sp_256_proj_point_dbl_4(&t[14], &t[ 7], tmp);
-        sp_256_proj_point_add_sub_4(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[18], &t[ 9], tmp);
-        sp_256_proj_point_add_sub_4(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[20], &t[10], tmp);
-        sp_256_proj_point_dbl_4(&t[22], &t[11], tmp);
-        sp_256_proj_point_add_sub_4(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[24], &t[12], tmp);
-        sp_256_proj_point_dbl_4(&t[26], &t[13], tmp);
-        sp_256_proj_point_add_sub_4(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_256_proj_point_dbl_4(&t[28], &t[14], tmp);
-        sp_256_proj_point_dbl_4(&t[30], &t[15], tmp);
-        sp_256_proj_point_add_sub_4(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_256_ecc_recode_6_4(k, v);
-
-        i = 42;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_33_4(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_256));
-        }
-        for (--i; i>=0; i--) {
-            sp_256_proj_point_dbl_n_4(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_33_4(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_256));
-            }
-            sp_256_sub_4(negy, p256_mod, p->y);
-            sp_256_norm_4(negy);
-            sp_256_cond_copy_4(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_256_proj_point_add_4(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_256_map_4(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef HAVE_INTEL_AVX2
-#define sp_256_mod_mul_norm_avx2_4 sp_256_mod_mul_norm_4
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_mul_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_sqr_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_256_mont_sqr_n_avx2_4(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_256_mont_sqr_avx2_4(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_256_mont_sqr_avx2_4(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P256 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_avx2_4(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 4);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_avx2_4(t, t, p256_mod, p256_mp_mod);
-        if (p256_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_256_mont_mul_avx2_4(t, t, a, p256_mod, p256_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 4);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 4;
-    sp_digit* t3 = td + 4 * 4;
-    /* 0x2 */
-    sp_256_mont_sqr_avx2_4(t1, a, p256_mod, p256_mp_mod);
-    /* 0x3 */
-    sp_256_mont_mul_avx2_4(t2, t1, a, p256_mod, p256_mp_mod);
-    /* 0xc */
-    sp_256_mont_sqr_n_avx2_4(t1, t2, 2, p256_mod, p256_mp_mod);
-    /* 0xd */
-    sp_256_mont_mul_avx2_4(t3, t1, a, p256_mod, p256_mp_mod);
-    /* 0xf */
-    sp_256_mont_mul_avx2_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xf0 */
-    sp_256_mont_sqr_n_avx2_4(t1, t2, 4, p256_mod, p256_mp_mod);
-    /* 0xfd */
-    sp_256_mont_mul_avx2_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xff */
-    sp_256_mont_mul_avx2_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xff00 */
-    sp_256_mont_sqr_n_avx2_4(t1, t2, 8, p256_mod, p256_mp_mod);
-    /* 0xfffd */
-    sp_256_mont_mul_avx2_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffff */
-    sp_256_mont_mul_avx2_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffff0000 */
-    sp_256_mont_sqr_n_avx2_4(t1, t2, 16, p256_mod, p256_mp_mod);
-    /* 0xfffffffd */
-    sp_256_mont_mul_avx2_4(t3, t3, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff */
-    sp_256_mont_mul_avx2_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_256_mont_sqr_n_avx2_4(t1, t2, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_256_mont_mul_avx2_4(t2, t2, t1, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001 */
-    sp_256_mont_mul_avx2_4(r, t1, a, p256_mod, p256_mp_mod);
-    /* 0xffffffff000000010000000000000000000000000000000000000000 */
-    sp_256_mont_sqr_n_avx2_4(r, r, 160, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff */
-    sp_256_mont_mul_avx2_4(r, r, t2, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000ffffffffffffffff00000000 */
-    sp_256_mont_sqr_n_avx2_4(r, r, 32, p256_mod, p256_mp_mod);
-    /* 0xffffffff00000001000000000000000000000000fffffffffffffffffffffffd */
-    sp_256_mont_mul_avx2_4(r, r, t3, p256_mod, p256_mp_mod);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_256_cond_sub_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#define sp_256_mont_reduce_avx2_4         sp_256_mont_reduce_4
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_reduce_order_avx2_4(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_256_map_avx2_4(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_int64 n;
-
-    sp_256_mont_inv_avx2_4(t1, p->z, t + 2*4);
-
-    sp_256_mont_sqr_avx2_4(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    /* x /= z^2 */
-    sp_256_mont_mul_avx2_4(r->x, p->x, t2, p256_mod, p256_mp_mod);
-    XMEMSET(r->x + 4, 0, sizeof(sp_digit) * 4U);
-    sp_256_mont_reduce_avx2_4(r->x, p256_mod, p256_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_256_cmp_4(r->x, p256_mod);
-    sp_256_cond_sub_4(r->x, r->x, p256_mod, (sp_digit)~(n >> 63));
-    sp_256_norm_4(r->x);
-
-    /* y /= z^3 */
-    sp_256_mont_mul_avx2_4(r->y, p->y, t1, p256_mod, p256_mp_mod);
-    XMEMSET(r->y + 4, 0, sizeof(sp_digit) * 4U);
-    sp_256_mont_reduce_avx2_4(r->y, p256_mod, p256_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_256_cmp_4(r->y, p256_mod);
-    sp_256_cond_sub_4(r->y, r->y, p256_mod, (sp_digit)~(n >> 63));
-    sp_256_norm_4(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#define sp_256_mont_add_avx2_4 sp_256_mont_add_4
-#define sp_256_mont_dbl_avx2_4 sp_256_mont_dbl_4
-#define sp_256_mont_tpl_avx2_4 sp_256_mont_tpl_4
-#define sp_256_mont_sub_avx2_4 sp_256_mont_sub_4
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_div2_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#define sp_256_mont_rsb_sub_dbl_avx2_4 sp_256_mont_rsb_sub_dbl_4
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_avx2_4(sp_point_256* r, const sp_point_256* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_256_mont_sqr_avx2_4(t1, p->z, p256_mod, p256_mp_mod);
-    /* Z = Y * Z */
-    sp_256_mont_mul_avx2_4(z, p->y, p->z, p256_mod, p256_mp_mod);
-    /* Z = 2Z */
-    sp_256_mont_dbl_avx2_4(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_avx2_4(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_avx2_4(t1, p->x, t1, p256_mod);
-    /* T2 = T1 * T2 */
-    sp_256_mont_mul_avx2_4(t2, t1, t2, p256_mod, p256_mp_mod);
-    /* T1 = 3T2 */
-    sp_256_mont_tpl_avx2_4(t1, t2, p256_mod);
-    /* Y = 2Y */
-    sp_256_mont_dbl_avx2_4(y, p->y, p256_mod);
-    /* Y = Y * Y */
-    sp_256_mont_sqr_avx2_4(y, y, p256_mod, p256_mp_mod);
-    /* T2 = Y * Y */
-    sp_256_mont_sqr_avx2_4(t2, y, p256_mod, p256_mp_mod);
-    /* T2 = T2/2 */
-    sp_256_mont_div2_avx2_4(t2, t2, p256_mod);
-    /* Y = Y * X */
-    sp_256_mont_mul_avx2_4(y, y, p->x, p256_mod, p256_mp_mod);
-    /* X = T1 * T1 */
-    sp_256_mont_sqr_avx2_4(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - 2*Y */
-    /* Y = Y - X */
-    sp_256_mont_rsb_sub_dbl_avx2_4(x, x, y, p256_mod);
-    /* Y = Y * T1 */
-    sp_256_mont_mul_avx2_4(y, y, t1, p256_mod, p256_mp_mod);
-    /* Y = Y - T2 */
-    sp_256_mont_sub_avx2_4(y, y, t2, p256_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_dbl_avx2_4_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_dbl_avx2_4_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-        const sp_point_256* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_dbl_avx2_4_ctx* ctx = (sp_256_proj_point_dbl_avx2_4_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_dbl_avx2_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*4;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_256_mont_sqr_avx2_4(ctx->t1, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_256_mont_mul_avx2_4(ctx->z, p->y, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_256_mont_dbl_avx2_4(ctx->z, ctx->z, p256_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_avx2_4(ctx->t2, p->x, ctx->t1, p256_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_avx2_4(ctx->t1, p->x, ctx->t1, p256_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_256_mont_mul_avx2_4(ctx->t2, ctx->t1, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_256_mont_tpl_avx2_4(ctx->t1, ctx->t2, p256_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_256_mont_dbl_avx2_4(ctx->y, p->y, p256_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_256_mont_sqr_avx2_4(ctx->y, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_256_mont_sqr_avx2_4(ctx->t2, ctx->y, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_256_mont_div2_avx2_4(ctx->t2, ctx->t2, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_256_mont_mul_avx2_4(ctx->y, ctx->y, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_256_mont_sqr_avx2_4(ctx->x, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - 2*Y */
-        /* Y = Y - X */
-        sp_256_mont_rsb_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        ctx->state = 16;
-        break;
-    case 16:
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_256_mont_mul_avx2_4(ctx->y, ctx->y, ctx->t1, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_256_mont_sub_avx2_4(ctx->y, ctx->y, ctx->t2, p256_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*4;
-    sp_digit* b = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_avx2_4(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_avx2_4(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_avx2_4(w, w, p256_mod, p256_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_dbl_avx2_4(b, b, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_avx2_4(z, z, y, p256_mod, p256_mp_mod);
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_avx2_4(t1, t1, p256_mod, p256_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_avx2_4(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_avx2_4(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
-    /* B = X*Y^2 */
-    sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
-    /* X = A^2 - 2B */
-    sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
-    /* B = 2.(B - X) */
-    sp_256_mont_dbl_avx2_4(b, b, p256_mod);
-    /* Z = Z*Y */
-    sp_256_mont_mul_avx2_4(z, z, y, p256_mod, p256_mp_mod);
-    /* t1 = Y^4 */
-    sp_256_mont_sqr_avx2_4(t1, t1, p256_mod, p256_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_256_mont_mul_avx2_4(y, b, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_256_mont_div2_avx2_4(y, y, p256_mod);
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
-        const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*4;
-    sp_digit* t2 = t + 4*4;
-    sp_digit* t3 = t + 6*4;
-    sp_digit* t4 = t + 8*4;
-    sp_digit* t5 = t + 10*4;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_avx2_4(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t1, t1, p->x, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_avx2_4(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_avx2_4(t3, t3, p->y, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_avx2_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_4(t2, t1) &
-            sp_256_cmp_equal_4(t4, t3)) {
-        sp_256_proj_point_dbl_avx2_4(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
-        /* R = S2 - S1 */
-        sp_256_mont_sub_avx2_4(t4, t4, t3, p256_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_avx2_4(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(y, t1, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t5, t5, t2, p256_mod, p256_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_avx2_4(z, p->z, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(z, z, q->z, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_avx2_4(x, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(x, x, t5, p256_mod);
-        sp_256_mont_mul_avx2_4(t5, t5, t3, p256_mod, p256_mp_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_rsb_sub_dbl_avx2_4(x, x, y, p256_mod);
-        sp_256_mont_mul_avx2_4(y, y, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(y, y, t5, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 4; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_256_proj_point_add_avx2_4_ctx {
-    int state;
-    sp_256_proj_point_dbl_avx2_4_ctx dbl_ctx;
-    const sp_point_256* ap[2];
-    sp_point_256* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_256_proj_point_add_avx2_4_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_256_proj_point_add_avx2_4_ctx* ctx = (sp_256_proj_point_add_avx2_4_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_256* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_256_proj_point_add_avx2_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*4;
-        ctx->t2 = t + 4*4;
-        ctx->t3 = t + 6*4;
-        ctx->t4 = t + 8*4;
-        ctx->t5 = t + 10*4;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_256_mont_sqr_avx2_4(ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_256_mont_mul_avx2_4(ctx->t3, ctx->t1, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_256_mont_mul_avx2_4(ctx->t1, ctx->t1, p->x, p256_mod, p256_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_256_mont_sqr_avx2_4(ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_256_mont_mul_avx2_4(ctx->t4, ctx->t2, p->z, p256_mod, p256_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_256_mont_mul_avx2_4(ctx->t2, ctx->t2, q->x, p256_mod, p256_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_256_mont_mul_avx2_4(ctx->t3, ctx->t3, p->y, p256_mod, p256_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_256_mont_mul_avx2_4(ctx->t4, ctx->t4, q->y, p256_mod, p256_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_256_cmp_equal_4(ctx->t2, ctx->t1) &
-                sp_256_cmp_equal_4(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_256_proj_point_dbl_avx2_4(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_256_mont_sub_avx2_4(ctx->t2, ctx->t2, ctx->t1, p256_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_256_mont_sub_avx2_4(ctx->t4, ctx->t4, ctx->t3, p256_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_256_mont_sqr_avx2_4(ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_256_mont_mul_avx2_4(ctx->y, ctx->t1, ctx->t5, p256_mod, p256_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_256_mont_mul_avx2_4(ctx->t5, ctx->t5, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_256_mont_mul_avx2_4(ctx->z, p->z, ctx->t2, p256_mod, p256_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_256_mont_mul_avx2_4(ctx->z, ctx->z, q->z, p256_mod, p256_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_256_mont_sqr_avx2_4(ctx->x, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_256_mont_sub_avx2_4(ctx->x, ctx->x, ctx->t5, p256_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_256_mont_mul_avx2_4(ctx->t5, ctx->t5, ctx->t3, p256_mod, p256_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_rsb_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_256_mont_mul_avx2_4(ctx->y, ctx->y, ctx->t4, p256_mod, p256_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_256_mont_sub_avx2_4(ctx->y, ctx->y, ctx->t5, p256_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 4; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r,
-        const sp_point_256* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*4;
-    sp_digit* b = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<4; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<4; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<4; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_256_mont_dbl_avx2_4(y, y, p256_mod);
-    /* W = Z^4 */
-    sp_256_mont_sqr_avx2_4(w, z, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_avx2_4(w, w, p256_mod, p256_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
-        /* B = X*Y^2 */
-        sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
-        /* B = 2.(B - X) */
-        sp_256_mont_dbl_avx2_4(b, b, p256_mod);
-        /* Z = Z*Y */
-        sp_256_mont_mul_avx2_4(r[j].z, z, y, p256_mod, p256_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_256_mont_sqr_avx2_4(t1, t1, p256_mod, p256_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_256_mont_mul_avx2_4(w, w, t1, p256_mod, p256_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_256_mont_mul_avx2_4(y, b, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
-        /* Y = Y/2 */
-        sp_256_mont_div2_avx2_4(r[j].y, y, p256_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_256_proj_point_add_sub_avx2_4(sp_point_256* ra,
-        sp_point_256* rs, const sp_point_256* p, const sp_point_256* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_256_mont_sqr_avx2_4(t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t3, t1, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t1, t1, xa, p256_mod, p256_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_avx2_4(t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t4, t2, za, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_256_mont_mul_avx2_4(t3, t3, ya, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_avx2_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-    /* H = U2 - U1 */
-    sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
-    /* RS = S2 + S1 */
-    sp_256_mont_add_avx2_4(t6, t4, t3, p256_mod);
-    /* R = S2 - S1 */
-    sp_256_mont_sub_avx2_4(t4, t4, t3, p256_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_256_mont_mul_avx2_4(za, za, q->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(za, za, t2, p256_mod, p256_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_256_mont_sqr_avx2_4(xa, t4, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_avx2_4(xs, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_sqr_avx2_4(t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(ya, t1, t5, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t5, t5, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_avx2_4(xa, xa, t5, p256_mod);
-    sp_256_mont_sub_avx2_4(xs, xs, t5, p256_mod);
-    sp_256_mont_dbl_avx2_4(t1, ya, p256_mod);
-    sp_256_mont_sub_avx2_4(xa, xa, t1, p256_mod);
-    sp_256_mont_sub_avx2_4(xs, xs, t1, p256_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_avx2_4(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_avx2_4(ya, ya, xa, p256_mod);
-    sp_256_mont_mul_avx2_4(ya, ya, t4, p256_mod, p256_mp_mod);
-    sp_256_sub_4(t6, p256_mod, t6);
-    sp_256_mont_mul_avx2_4(ys, ys, t6, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t5, t5, t3, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_avx2_4(ya, ya, t5, p256_mod);
-    sp_256_mont_sub_avx2_4(ys, ys, t5, p256_mod);
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_win_add_sub_avx2_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 6);
-    sp_point_256* rt = NULL;
-    sp_point_256* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_256 v[43];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_256_mod_mul_norm_avx2_4(t[1].x, g->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_avx2_4(t[1].y, g->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_avx2_4(t[1].z, g->z, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_256_proj_point_dbl_n_store_avx2_4(t, &t[ 1], 5, 1, tmp);
-        sp_256_proj_point_add_avx2_4(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[ 6], &t[ 3], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[10], &t[ 5], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[12], &t[ 6], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[14], &t[ 7], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[18], &t[ 9], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[20], &t[10], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[22], &t[11], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[24], &t[12], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[26], &t[13], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[28], &t[14], tmp);
-        sp_256_proj_point_dbl_avx2_4(&t[30], &t[15], tmp);
-        sp_256_proj_point_add_sub_avx2_4(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_256_ecc_recode_6_4(k, v);
-
-        i = 42;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_point_33_avx2_4(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_256));
-        }
-        for (--i; i>=0; i--) {
-            sp_256_proj_point_dbl_n_avx2_4(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_point_33_avx2_4(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_256));
-            }
-            sp_256_sub_4(negy, p256_mod, p->y);
-            sp_256_norm_4(negy);
-            sp_256_cond_copy_4(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_256_proj_point_add_avx2_4(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_256_map_avx2_4(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_256 {
-    sp_digit x[4];
-    sp_digit y[4];
-} sp_table_entry_256;
-
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*4;
-    sp_digit* t6 = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* t4 = t + 8*4;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_4(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_4(p->x, t2) &
-            sp_256_cmp_equal_4(p->y, t4)) {
-        sp_256_proj_point_dbl_4(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_4(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_4(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_4(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_4(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-        sp_256_mont_rsb_sub_dbl_4(x, t2, t3, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_mul_4(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 4; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_4(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 4;
-    sp_digit* tmp = t + 4 * 4;
-
-    sp_256_mont_inv_4(t1, a->z, tmp);
-
-    sp_256_mont_sqr_4(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_4(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_4(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 42 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_4(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_4(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_4(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_4(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_256_proj_point_dbl_n_4(t, 43, tmp);
-            sp_256_proj_to_affine_4(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_4(t, s1, s2, tmp);
-                sp_256_proj_to_affine_4(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_get_entry_64_4(sp_point_256* r, const sp_table_entry_256* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_get_entry_64_avx2_4(sp_point_256* r, const sp_table_entry_256* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^42, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 42;
-        for (j=0; j<6 && x<256; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 43;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_64_4(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=41; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6 && x<256; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 43;
-            }
-
-            sp_256_proj_point_dbl_4(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_64_4(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_4(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_4(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_256_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[4];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[4];
-    /* Precomputation table for point. */
-    sp_table_entry_256 table[64];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_256_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_256_t sp_cache_256[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_256_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_256_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_256 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_256_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_256_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_256_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_256[i].set = 0;
-        }
-        sp_cache_256_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_256[i].set)
-            continue;
-
-        if (sp_256_cmp_equal_4(g->x, sp_cache_256[i].x) &
-                           sp_256_cmp_equal_4(g->y, sp_cache_256[i].y)) {
-            sp_cache_256[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_256_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_256_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_256[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_256_last) {
-            least = sp_cache_256[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_256[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_256[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_256[i].x, g->x, sizeof(sp_cache_256[i].x));
-        XMEMCPY(sp_cache_256[i].y, g->y, sizeof(sp_cache_256[i].y));
-        sp_cache_256[i].set = 1;
-        sp_cache_256[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_256[i];
-    sp_cache_256_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_4(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_4(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#ifdef HAVE_INTEL_AVX2
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
-    const sp_point_256* p, const sp_point_256* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*4;
-    sp_digit* t6 = t + 4*4;
-    sp_digit* t1 = t + 6*4;
-    sp_digit* t4 = t + 8*4;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_256_mont_sqr_avx2_4(t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t4, t2, p->z, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t2, t2, q->x, p256_mod, p256_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_256_mont_mul_avx2_4(t4, t4, q->y, p256_mod, p256_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_256_cmp_equal_4(p->x, t2) &
-            sp_256_cmp_equal_4(p->y, t4)) {
-        sp_256_proj_point_dbl_avx2_4(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_256_mont_sub_avx2_4(t2, t2, p->x, p256_mod);
-        /* R = S2 - Y1 */
-        sp_256_mont_sub_avx2_4(t4, t4, p->y, p256_mod);
-        /* Z3 = H*Z1 */
-        sp_256_mont_mul_avx2_4(z, p->z, t2, p256_mod, p256_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_avx2_4(t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t3, p->x, t1, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_avx2_4(t2, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
-        sp_256_mont_rsb_sub_dbl_avx2_4(x, t2, t3, p256_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_mul_avx2_4(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t1, t1, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(y, t3, t1, p256_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 4; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 4; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_256_proj_to_affine_avx2_4(sp_point_256* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 4;
-    sp_digit* tmp = t + 4 * 4;
-
-    sp_256_mont_inv_avx2_4(t1, a->z, tmp);
-
-    sp_256_mont_sqr_avx2_4(t2, t1, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(t1, t2, t1, p256_mod, p256_mp_mod);
-
-    sp_256_mont_mul_avx2_4(a->x, a->x, t2, p256_mod, p256_mp_mod);
-    sp_256_mont_mul_avx2_4(a->y, a->y, t1, p256_mod, p256_mp_mod);
-    XMEMCPY(a->z, p256_norm_mod, sizeof(p256_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 42 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_256_gen_stripe_table_avx2_4(const sp_point_256* a,
-        sp_table_entry_256* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, t, 3);
-    sp_point_256* s1 = NULL;
-    sp_point_256* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_256, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_256_mod_mul_norm_avx2_4(t->x, a->x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_avx2_4(t->y, a->y, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_mod_mul_norm_avx2_4(t->z, a->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_256_proj_to_affine_avx2_4(t, tmp);
-
-        XMEMCPY(s1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p256_norm_mod, sizeof(p256_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_256));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_256_proj_point_dbl_n_avx2_4(t, 43, tmp);
-            sp_256_proj_to_affine_avx2_4(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_256_proj_point_add_qz1_avx2_4(t, s1, s2, tmp);
-                sp_256_proj_to_affine_avx2_4(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^42, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        y = 0;
-        x = 42;
-        for (j=0; j<6 && x<256; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 43;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_64_avx2_4(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=41; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6 && x<256; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 43;
-            }
-
-            sp_256_proj_point_dbl_avx2_4(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_64_avx2_4(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_256_proj_point_add_qz1_avx2_4(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_256_map_avx2_4(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_256_ecc_mulmod_win_add_sub_avx2_4(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_cache_256_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_256 == 0) {
-            wc_InitMutex(&sp_cache_256_lock);
-            initCacheMutex_256 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_256_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_256(g, &cache);
-        if (cache->cnt == 2)
-            sp_256_gen_stripe_table_avx2_4(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_256_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_256_ecc_mulmod_win_add_sub_avx2_4(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_256_ecc_mulmod_stripe_avx2_4(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 4);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 4, km);
-        sp_256_point_from_ecc_point_4(point, gm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_avx2_4(point, point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_4(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 4 + 4 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4 + 4 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 4;
-
-        sp_256_from_mp(k, 4, km);
-        sp_256_point_from_ecc_point_4(point, gm);
-        sp_256_point_from_ecc_point_4(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_avx2_4(point, point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_4(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_proj_point_add_avx2_4(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_256_proj_point_add_4(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_256_map_avx2_4(point, point, tmp);
-            }
-            else
-#endif
-                sp_256_map_4(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 6 points combined into a table of 64 points.
- * Distance of 43 between points.
- */
-static const sp_table_entry_256 p256_table[64] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x79e730d418a9143cL,0x75ba95fc5fedb601L,0x79fb732b77622510L,
-        0x18905f76a53755c6L },
-      { 0xddf25357ce95560aL,0x8b4ab8e4ba19e45cL,0xd2e88688dd21f325L,
-        0x8571ff1825885d85L } },
-    /* 2 */
-    { { 0x8910507903605c39L,0xf0843d9ea142c96cL,0xf374493416923684L,
-        0x732caa2ffa0a2893L },
-      { 0xb2e8c27061160170L,0xc32788cc437fbaa3L,0x39cd818ea6eda3acL,
-        0xe2e942399e2b2e07L } },
-    /* 3 */
-    { { 0xb9c0d276abc3e190L,0x610e3d4dcb55b9caL,0xd16dbd025720f50aL,
-        0xd0ed73dca607de84L },
-      { 0x3bbde5bf49219fb5L,0x698e12c057771843L,0xdb606a9763470a5eL,
-        0x61c71975853635d5L } },
-    /* 4 */
-    { { 0xeb5ddcb6ec7fae9fL,0x995f2714efb66e5aL,0xdee95d8e69445d52L,
-        0x1b6c2d4609e27620L },
-      { 0x32621c318129d716L,0xb03909f10958c1aaL,0x8c468ef91af4af63L,
-        0x162c429ffba5cdf6L } },
-    /* 5 */
-    { { 0x4615d912c1d85f12L,0x1f0880b0e1f4e302L,0x336bcc896f1fca13L,
-        0xda59ad0dc70dedbcL },
-      { 0x3897efaeb0f62eceL,0xbaed81cdf4990cfdL,0xa3b1c2f260321bbbL,
-        0x2aefd95addc84f79L } },
-    /* 6 */
-    { { 0x2d427e3cee9e92e6L,0x43d40da0437fe629L,0x0006e4e06ab72b31L,
-        0x21ccfbb46f5c8e02L },
-      { 0x53a2f1a753e821ecL,0x5d72d201e209d591L,0xfd84a26445e8ad41L,
-        0x86ee0e684059cc6eL } },
-    /* 7 */
-    { { 0x3d8242d09248fce2L,0x32d4bf827f49f33dL,0x78807beb29d41fd1L,
-        0xfce48b99f8f562cbL },
-      { 0x72a7d4849f38f097L,0x1b482c10a37059adL,0xc1aa8284472e5ed3L,
-        0xc5d6f3bbef23e9c9L } },
-    /* 8 */
-    { { 0x23f949feb8a24a20L,0x17ebfed1f52ca53fL,0x9b691bbebcfb4853L,
-        0x5617ff6b6278a05dL },
-      { 0x241b34c5e3c99ebdL,0xfc64242e1784156aL,0x4206482f695d67dfL,
-        0xb967ce0eee27c011L } },
-    /* 9 */
-    { { 0x569aacdf9fc3df19L,0x0c6782c7c34c6fb2L,0xbb5f98b2c4ec873dL,
-        0x5578433b9fe9e475L },
-      { 0xfa14f3869ca84821L,0xb8ef658d39589501L,0x4022c48e07127b8eL,
-        0xcbc4dfe35402ea12L } },
-    /* 10 */
-    { { 0x092ef96a2ad408a3L,0xf1e1a4c4cfbc45a3L,0x966b2676efeecdeeL,
-        0xa0e2c6713a6216c5L },
-      { 0xcd6e22a292c4bf61L,0x56d99a11d830dfc7L,0xb8c612bd259de547L,
-        0x3d8e9a72e91f8ff7L } },
-    /* 11 */
-    { { 0x0b885e962352b4ffL,0x6be320d2a6545766L,0xbd22a444b9a59e72L,
-        0x2f2d32d6ccc55d7dL },
-      { 0xd86e4c4cddcec70bL,0x19cdb0e97a25c934L,0x542ade069ca97e28L,
-        0x58c5927c746517f7L } },
-    /* 12 */
-    { { 0x24abb0f08d087091L,0x6aa2c2ef51add8deL,0xc3e1cb4ccc2a2134L,
-        0x3563112895589212L },
-      { 0x3bf17d2a7984344bL,0xbcb6f7b2f8a142ccL,0xd6057d8a08ec9266L,
-        0x75c150d22852405aL } },
-    /* 13 */
-    { { 0xa8f88eb5a9fee73eL,0x72a84174576ea39bL,0x671fa0ade2692e7dL,
-        0x2556288596769f9eL },
-      { 0x254323bce850a6b0L,0x74b61c18fff6c89aL,0x2e7c563fcfae2690L,
-        0x2cf454b7164afb0fL } },
-    /* 14 */
-    { { 0xe312a5618f10f423L,0x59a1f1fff2b85df4L,0x56c5991941c48122L,
-        0x74953c1eae3d175fL },
-      { 0x4d767fc78859244cL,0xc486bc00719a4cc1L,0xdd282985df1c1787L,
-        0x1143301aae93c719L } },
-    /* 15 */
-    { { 0x7201a1d61fab7d71L,0x65931f5432cbbee8L,0x202955d3dcb387eeL,
-        0xa5045ba5c4678432L },
-      { 0xcfb5ee87dca85ff6L,0xdd25a7c6dfec0f67L,0xfee47169356a87c6L,
-        0x20a8f159c3d7ece9L } },
-    /* 16 */
-    { { 0xe4ac8b33070d3aabL,0x2643672b9a2cd5e5L,0x52eff79b1cfc9173L,
-        0x665ca49b90a7c13fL },
-      { 0x5a8dda59b3efb998L,0x8a5b922d052f1341L,0xae9ebbab3cf9a530L,
-        0x35986e7bf56da4d7L } },
-    /* 17 */
-    { { 0x21e07f9abc0a70c0L,0xecfdb3a2989a0182L,0x360682c0e40e8125L,
-        0x73a637952f837f32L },
-      { 0xf4eb8cef9c0d326bL,0xefb97fecebf4c7a5L,0xf9352123af3d5d7eL,
-        0xb71ef4ef34e22ab1L } },
-    /* 18 */
-    { { 0xd6bd0d810d488032L,0x1676df9971f0b92eL,0xa7acdcfcb6d215acL,
-        0x82461a26cd0ff939L },
-      { 0x827189c0b635d2e5L,0x18f3b6dda92f1622L,0x10d738aa05cef325L,
-        0x12c2a13f39bb0aa6L } },
-    /* 19 */
-    { { 0x5f94d8deb50b4e82L,0xbcd9144e34bd93e9L,0x61c3392107c08623L,
-        0xedec947e7e3de8eeL },
-      { 0x9d2da51d2f21b202L,0xc0c885cd96692a89L,0x4a613462a5e7309cL,
-        0x227788550f28dee6L } },
-    /* 20 */
-    { { 0x1ff0bd527695447aL,0x63534a4a42ae2627L,0xd96af0dad0cc09f2L,
-        0xb59ea545412d3e1aL },
-      { 0xd10518cf6a759072L,0xffeec37c10475dfdL,0xacbc29ccb25089c4L,
-        0xbf3dfc8521b6d4eeL } },
-    /* 21 */
-    { { 0x8f2eacfe49388995L,0x000fc8d4841be9edL,0x2ed8085a6955c290L,
-        0x1929cf606d8e176fL },
-      { 0x2efd26a5fd1a09dbL,0x58d767ad6cb626cdL,0x13a81b95b26c6e05L,
-        0x68fe61078f61832bL } },
-    /* 22 */
-    { { 0x4ad7de2e2d85c2f6L,0xcd552fcb510101a1L,0x638d122b02acdabfL,
-        0x117221e850bfd921L },
-      { 0x08571ee199a99129L,0xebd046d1ba2f03a9L,0x035ed7baa6f8a181L,
-        0x8aabf98d3187c6f3L } },
-    /* 23 */
-    { { 0xaf8e65cae3ab5f4eL,0x8b0b8b897561a69cL,0x37e83aa0b17c1e66L,
-        0xe894d84cf8d80edcL },
-      { 0xf1e465e7ce514e22L,0xc7fa324ca72340efL,0x08297fcae7370673L,
-        0x4f799682b119ae5eL } },
-    /* 24 */
-    { { 0x014d6bd8f180f206L,0x56640c8b7ab44f55L,0x9a39660d93f9a5b8L,
-        0xcac069e9959b68f1L },
-      { 0x2bf6b65e208d9918L,0xb7e45dfb3f943291L,0xad5770f0d439c712L,
-        0xfec635e17654d805L } },
-    /* 25 */
-    { { 0x37221cd13f031a88L,0xe4d53d2f0b5558d4L,0x2ede8e8fdafc51cdL,
-        0xb587284ca8a883eaL },
-      { 0xfa37674044fa5251L,0x5e5e18f95c5e3528L,0x8af51fac6e10b958L,
-        0x09be79032c429b30L } },
-    /* 26 */
-    { { 0x7a468ba47f29936dL,0xacbbe3657cfb8176L,0xe892c10a4db9cd5dL,
-        0xcb2f29d7a1aade8bL },
-      { 0x3087eef4efffcb14L,0x92a7f3ec2afe8f2eL,0x199d89b8136f29d2L,
-        0x3131604eb4836623L } },
-    /* 27 */
-    { { 0xf5cca5da31b5df76L,0x9431318676a4abc0L,0x5db8e6f71877c7c7L,
-        0x3ce3f5f96031ac99L },
-      { 0x585961d07e7cef80L,0x5ed6e841d424f16aL,0x18289cd056b16a49L,
-        0x8008d03b2e5770faL } },
-    /* 28 */
-    { { 0xc8c2af64254e39deL,0x783cea738582571cL,0x2f2f55f1a6edd971L,
-        0x7e00cc92c86bf30aL },
-      { 0xa0db735447d7491fL,0xb3eb751ca5b12260L,0x3bc39a23297fb234L,
-        0xd1330c20b8b4bfe4L } },
-    /* 29 */
-    { { 0xfb776af07824d53aL,0x04709096422dea35L,0x6f480b6b5fec3ac7L,
-        0xdb2b1b62e27edda4L },
-      { 0x0bba904cda78b494L,0x37ef59b691a147f7L,0xf880517726a4730aL,
-        0xecc9d79aa8ab368eL } },
-    /* 30 */
-    { { 0x628e05c185a4bd0eL,0xebf7b67800e244e8L,0xf645947b8b176eebL,
-        0xc92bf8301641ab35L },
-      { 0x7a039c1a21be7a6fL,0x11e4354d2fd4bd92L,0x42552422886fd224L,
-        0xdbf3194cc44ced37L } },
-    /* 31 */
-    { { 0x832da983c56f6b04L,0x7aaa84eb8ef098aeL,0x602e3eefa6a616a2L,
-        0xc2824ddcb7b717a3L },
-      { 0x19f50324ddb0a2e9L,0x04553a285bedfbbdL,0x37ea8b12aa1aee0aL,
-        0xc1844e79945959a1L } },
-    /* 32 */
-    { { 0x5043dea7e0f222c2L,0x309d42ac72e65142L,0x94fe9ddd9216cd30L,
-        0xd6539c7d0f87feecL },
-      { 0x03c5a57c432ac7d7L,0x72692cf0327fda10L,0xec28c85f280698deL,
-        0x2331fb467ec283b1L } },
-    /* 33 */
-    { { 0x651cfdeb43248e67L,0x2c3d72ceee561de8L,0xa48b8f33443dac8bL,
-        0xe6b042fe7991f986L },
-      { 0xd091636de810bcd2L,0xfc1e96aea97416d7L,0x2b6087cb2892694dL,
-        0x0f8ac2459985a628L } },
-    /* 34 */
-    { { 0x54e908747f2326a2L,0xce43dd44fa9e1131L,0x4b2c740cd3d2d948L,
-        0x9b0b126aa86e8b07L },
-      { 0x228ef320b77f5af2L,0x14fc8a01ca07661cL,0x1d72509ed34f1a3aL,
-        0xd169031729d9086eL } },
-    /* 35 */
-    { { 0x13e44acc03c5fe33L,0x13f4374e0105bbc6L,0x0cba5018cb4451b8L,
-        0xa1a38e4afa29a4e1L },
-      { 0x063fb9a8f4403917L,0x7afe108f996ea7f2L,0xec252363f93a1f87L,
-        0xc029c8117e432609L } },
-    /* 36 */
-    { { 0x25080c29486e548eL,0xdaa411327868ab32L,0x46891511d61d1a3aL,
-        0xc87f3f533efc8facL },
-      { 0x984f613ff3e31393L,0x10bb15f67648f5d2L,0xe4990f2bdefaa440L,
-        0xce647f03dd51c31dL } },
-    /* 37 */
-    { { 0x3161ebdd9c2c0abfL,0x48b7ee7bf497cf35L,0x9233e31d94dd9c97L,
-        0x4aef9a62c5d2988fL },
-      { 0x89a54161a03e6456L,0x9d25e003c1f02b47L,0x8784cdbfc1857782L,
-        0x7928cafd0222b49cL } },
-    /* 38 */
-    { { 0x5a591abdecf4ea23L,0xb2725e8a80bd9b8aL,0xf569679f29ff348bL,
-        0xa28163d36f22536aL },
-      { 0x89e7a8f621c43971L,0x60cbe4a1c4a09567L,0x41046c8f5928b03dL,
-        0x646feda7ef74a95aL } },
-    /* 39 */
-    { { 0x3aef6bc05d75d310L,0xf3e7f03c82476e5cL,0x9dcf3d508419b8a0L,
-        0x221a3885eaf07f07L },
-      { 0x16d533f337bdcb7dL,0xd778066bbb49550dL,0xf6f4540936c2600cL,
-        0x7544396fc1c61709L } },
-    /* 40 */
-    { { 0xf79f556fde08cd42L,0x7d0aba1ee13cadc8L,0x841d9df6d4d81fefL,
-        0x8f7ae1f2602d2043L },
-      { 0x950c4de4b57ee181L,0xfe51e045c55cf490L,0xdb60b56a1efdd0a8L,
-        0x276bccb3bf0fa497L } },
-    /* 41 */
-    { { 0x7926625b19e5a603L,0xf1b98e93e1bf712bL,0x933ecb52e33abeccL,
-        0x9ebfc506f826619bL },
-      { 0xd2965f67a1692c52L,0x8ac4012dfc4f9564L,0xa8af57036739f003L,
-        0x7dd2282dbc715e13L } },
-    /* 42 */
-    { { 0x3ec01587cf2bb490L,0x5346082c3f1ea428L,0xf2c679e26739e506L,
-        0xeab710d6930c28e4L },
-      { 0xe9947ff8e043249aL,0x63640678ad54b0e6L,0x8cde42591854eaafL,
-        0xf1feeaec6b25bdceL } },
-    /* 43 */
-    { { 0x49f7e8991bdd2aa2L,0x88fd273534e3cae9L,0x5ac0510182cbfea2L,
-        0x324c9d414cf84578L },
-      { 0xa242311719f13061L,0x69d67cf15f3b9932L,0x32ecdb3cdde2dfadL,
-        0x2f74d995b916f7a6L } },
-    /* 44 */
-    { { 0x35f7ed423d14bc68L,0x32f63a0445574f91L,0xd04108335e8801e7L,
-        0x63b6f13c1c9c1462L },
-      { 0x180dcbcd9dc7201fL,0xa07b5b2c360350dfL,0x2582b2774236f5ccL,
-        0x90163924a7ab06b9L } },
-    /* 45 */
-    { { 0x35e751b50767cdf2L,0x808372e69d8e2838L,0xcbad6b30646914d7L,
-        0x4eeeb1de6c7b3cabL },
-      { 0x3ef3af968c965004L,0xd162290fd281920bL,0x4626c313181f811bL,
-        0x5fa42f4fbe61dd14L } },
-    /* 46 */
-    { { 0x1f5a9c53a185e98eL,0x13c28277ea9e83c3L,0xb566e4c0b693a226L,
-        0x2ea3f1c001533e9eL },
-      { 0xb4dbcc336215a21fL,0x7df608c3cb4e98f0L,0x677df928b4dd95ddL,
-        0x4c1d7142eeed2934L } },
-    /* 47 */
-    { { 0x30bf236c86a2ee12L,0x74d5a12705ecb4c0L,0x9ef43b0f1601cca9L,
-        0xbe1b1bf9ac4dd202L },
-      { 0x84943e4717b6f93bL,0x6f789757cd5214b3L,0x5e0db1a97f313dfaL,
-        0x0515efacece0b72bL } },
-    /* 48 */
-    { { 0x433a677ca78c3f8bL,0x204a9feaf376a9c1L,0xb6bfbea444baeadfL,
-        0x5a43cafd2b48a3f4L },
-      { 0xe25a7d0b67d1d226L,0xb2115844f6837985L,0x8c9cca3ed87c2b88L,
-        0xecd4bc73894772e1L } },
-    /* 49 */
-    { { 0x368abec6783490e7L,0xf26da8bdd925c359L,0xf9b643e5e8fb0679L,
-        0x7ab803d9b555d175L },
-      { 0x1b4059994ebae595L,0x07fbbf25ba417a49L,0x02d7cf1cc617957aL,
-        0x79070ea5565c1fbbL } },
-    /* 50 */
-    { { 0x70194602d9b028faL,0x9c49969d9ff06760L,0xbf4add816ad27b42L,
-        0x7d1f226d8651524eL },
-      { 0xb0779b40eecd7724L,0xd356077265938707L,0xe3a61fe5d054b903L,
-        0xd6f5a3433365136bL } },
-    /* 51 */
-    { { 0x25c87c76d2970fcfL,0x7c9f60a04d5546a8L,0x7dab072f8dd8bf8cL,
-        0x3d10907ce8ff9f28L },
-      { 0xb08d6d0e34bb2a29L,0x5dfd4907c3fcfdafL,0xe4a2d4b147123ba6L,
-        0x6e9eef0b42de6d8dL } },
-    /* 52 */
-    { { 0x81255af5cbb55f9dL,0x579f27055328d39eL,0xa7bfc9173e5ae663L,
-        0xe9b55d57a1246e42L },
-      { 0x240ecd9475629188L,0x8748d297457bd3c0L,0x50e215ef373c361cL,
-        0xaf9d8a8618c967b9L } },
-    /* 53 */
-    { { 0x79a041040a04143fL,0x03f7410fc700c616L,0xe8f2a3f291108ca6L,
-        0xa26d67e8f5ac679aL },
-      { 0xa15dbfebb83fbd9aL,0xf1aaebd23a0b5587L,0x639a97ddce0ead44L,
-        0xf253b00c71d12ee0L } },
-    /* 54 */
-    { { 0x7baecf4c9e35e57cL,0x522e26a16786e3a5L,0x600b538b8af829a2L,
-        0x19fa80b72c6de44aL },
-      { 0xb52364f0aaf0ff52L,0x2e4bc21a6714587fL,0x401377a3c245967dL,
-        0x65178766a23cf3ebL } },
-    /* 55 */
-    { { 0xc1c81838923ac000L,0x42021f02c4abc0eeL,0xcde3bc9a47132a20L,
-        0x6f52a864c69f55fbL },
-      { 0x0bdfd3e4df89ff6aL,0x244c943bc88bd74eL,0x649e0b532612998bL,
-        0xce61ebc3d3413d4aL } },
-    /* 56 */
-    { { 0xe31629042cba5a90L,0xa72710aedb6c224eL,0x51831390d87e44dbL,
-        0xa687dc9848fe2ef3L },
-      { 0x857e985516a21ca9L,0xe3428d8ec9a7bc12L,0x16d3bcd012b044a2L,
-        0xe6fa0c69e85f6704L } },
-    /* 57 */
-    { { 0xe4cca34b8fd42692L,0xc86d49a6e15f3acfL,0xbfe1f263a6b18392L,
-        0x0664c933dcd266f6L },
-      { 0x86738cf519399d88L,0x1cbcc8c3749ce6bcL,0x28171f7bc773b884L,
-        0x306fc95701acf19eL } },
-    /* 58 */
-    { { 0x0da7a737afb6a419L,0x637fc26a195fbc40L,0x0fc8f8769c64e8e7L,
-        0x2a68579b208c0626L },
-      { 0x82e823108628abc3L,0xe4e09313ab23ae94L,0x66bf9adbe5155cf1L,
-        0x17909f6ce8a2dd0cL } },
-    /* 59 */
-    { { 0x767c359643d7ad31L,0x7ba3a1aa49ccef62L,0x5261c3160242bf5aL,
-        0x85f452199eb82dfbL },
-      { 0x554cb38237b42e47L,0xc9771ec14cf66133L,0xde70617a153905a3L,
-        0x2cab26fcbc61316dL } },
-    /* 60 */
-    { { 0x7dababbd75c10315L,0x9a8fbe88a48df64eL,0x2b076fe5e1b8f912L,
-        0x1a530ce9ccbd50dcL },
-      { 0x47361ab76647d225L,0xf84e73be4d636a15L,0xd58fcaaf5904a2faL,
-        0x73747d4b38523a19L } },
-    /* 61 */
-    { { 0x6e6b0fb8b6864cc0L,0x5d8a0027ab3b623cL,0x5e6665389a1cfc9cL,
-        0x816b19de521e4ff3L },
-      { 0x56709ad00bc447f8L,0x1d46cb1c8f1464d7L,0x49cef820a949873dL,
-        0x02804692d9d3e65fL } },
-    /* 62 */
-    { { 0x1ae0ea28ad8b5976L,0x4e9ad48e869458fbL,0xe9437ec996cfedf8L,
-        0xa4f924a22afa74d9L },
-      { 0xcb5b1845aaf797c0L,0xe5d6dd0eba6f557fL,0xa1496fe691dc2e7cL,
-        0xad31edac8c179fc7L } },
-    /* 63 */
-    { { 0xf9c5e9de44b06ed7L,0x6ce7c4f74a597159L,0xd02ec441833accb5L,
-        0xf30205996296e8fcL },
-      { 0x7df6c5c6c2afbe06L,0xff429dda9c849b09L,0x42170166f5dd78d6L,
-        0x2403ea21830c388bL } },
-};
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^42, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_4(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^42, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_avx2_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_stripe_avx2_4(r, &p256_base, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#else /* WOLFSSL_SP_SMALL */
-/* The index into pre-computation table to use. */
-static const word8 recode_index_4_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_4_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<37; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 4)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 4) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_4_7[y];
-        v[i].neg = recode_neg_4_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_get_entry_65_4(sp_point_256* r, const sp_table_entry_256* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_get_entry_65_avx2_4(sp_point_256* r, const sp_table_entry_256* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-static const sp_table_entry_256 p256_table[2405] = {
-    /* 0 << 0 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 0 */
-    { { 0x79e730d418a9143cL,0x75ba95fc5fedb601L,0x79fb732b77622510L,
-        0x18905f76a53755c6L },
-      { 0xddf25357ce95560aL,0x8b4ab8e4ba19e45cL,0xd2e88688dd21f325L,
-        0x8571ff1825885d85L } },
-    /* 2 << 0 */
-    { { 0x850046d410ddd64dL,0xaa6ae3c1a433827dL,0x732205038d1490d9L,
-        0xf6bb32e43dcf3a3bL },
-      { 0x2f3648d361bee1a5L,0x152cd7cbeb236ff8L,0x19a8fb0e92042dbeL,
-        0x78c577510a5b8a3bL } },
-    /* 3 << 0 */
-    { { 0xffac3f904eebc127L,0xb027f84a087d81fbL,0x66ad77dd87cbbc98L,
-        0x26936a3fb6ff747eL },
-      { 0xb04c5c1fc983a7ebL,0x583e47ad0861fe1aL,0x788208311a2ee98eL,
-        0xd5f06a29e587cc07L } },
-    /* 4 << 0 */
-    { { 0x74b0b50d46918dccL,0x4650a6edc623c173L,0x0cdaacace8100af2L,
-        0x577362f541b0176bL },
-      { 0x2d96f24ce4cbaba6L,0x17628471fad6f447L,0x6b6c36dee5ddd22eL,
-        0x84b14c394c5ab863L } },
-    /* 5 << 0 */
-    { { 0xbe1b8aaec45c61f5L,0x90ec649a94b9537dL,0x941cb5aad076c20cL,
-        0xc9079605890523c8L },
-      { 0xeb309b4ae7ba4f10L,0x73c568efe5eb882bL,0x3540a9877e7a1f68L,
-        0x73a076bb2dd1e916L } },
-    /* 6 << 0 */
-    { { 0x403947373e77664aL,0x55ae744f346cee3eL,0xd50a961a5b17a3adL,
-        0x13074b5954213673L },
-      { 0x93d36220d377e44bL,0x299c2b53adff14b5L,0xf424d44cef639f11L,
-        0xa4c9916d4a07f75fL } },
-    /* 7 << 0 */
-    { { 0x0746354ea0173b4fL,0x2bd20213d23c00f7L,0xf43eaab50c23bb08L,
-        0x13ba5119c3123e03L },
-      { 0x2847d0303f5b9d4dL,0x6742f2f25da67bddL,0xef933bdc77c94195L,
-        0xeaedd9156e240867L } },
-    /* 8 << 0 */
-    { { 0x27f14cd19499a78fL,0x462ab5c56f9b3455L,0x8f90f02af02cfc6bL,
-        0xb763891eb265230dL },
-      { 0xf59da3a9532d4977L,0x21e3327dcf9eba15L,0x123c7b84be60bbf0L,
-        0x56ec12f27706df76L } },
-    /* 9 << 0 */
-    { { 0x75c96e8f264e20e8L,0xabe6bfed59a7a841L,0x2cc09c0444c8eb00L,
-        0xe05b3080f0c4e16bL },
-      { 0x1eb7777aa45f3314L,0x56af7bedce5d45e3L,0x2b6e019a88b12f1aL,
-        0x086659cdfd835f9bL } },
-    /* 10 << 0 */
-    { { 0x2c18dbd19dc21ec8L,0x98f9868a0fcf8139L,0x737d2cd648250b49L,
-        0xcc61c94724b3428fL },
-      { 0x0c2b407880dd9e76L,0xc43a8991383fbe08L,0x5f7d2d65779be5d2L,
-        0x78719a54eb3b4ab5L } },
-    /* 11 << 0 */
-    { { 0xea7d260a6245e404L,0x9de407956e7fdfe0L,0x1ff3a4158dac1ab5L,
-        0x3e7090f1649c9073L },
-      { 0x1a7685612b944e88L,0x250f939ee57f61c8L,0x0c0daa891ead643dL,
-        0x68930023e125b88eL } },
-    /* 12 << 0 */
-    { { 0x04b71aa7d2697768L,0xabdedef5ca345a33L,0x2409d29dee37385eL,
-        0x4ee1df77cb83e156L },
-      { 0x0cac12d91cbb5b43L,0x170ed2f6ca895637L,0x28228cfa8ade6d66L,
-        0x7ff57c9553238acaL } },
-    /* 13 << 0 */
-    { { 0xccc425634b2ed709L,0x0e356769856fd30dL,0xbcbcd43f559e9811L,
-        0x738477ac5395b759L },
-      { 0x35752b90c00ee17fL,0x68748390742ed2e3L,0x7cd06422bd1f5bc1L,
-        0xfbc08769c9e7b797L } },
-    /* 14 << 0 */
-    { { 0xa242a35bb0cf664aL,0x126e48f77f9707e3L,0x1717bf54c6832660L,
-        0xfaae7332fd12c72eL },
-      { 0x27b52db7995d586bL,0xbe29569e832237c2L,0xe8e4193e2a65e7dbL,
-        0x152706dc2eaa1bbbL } },
-    /* 15 << 0 */
-    { { 0x72bcd8b7bc60055bL,0x03cc23ee56e27e4bL,0xee337424e4819370L,
-        0xe2aa0e430ad3da09L },
-      { 0x40b8524f6383c45dL,0xd766355442a41b25L,0x64efa6de778a4797L,
-        0x2042170a7079adf4L } },
-    /* 16 << 0 */
-    { { 0x808b0b650bc6fb80L,0x5882e0753ffe2e6bL,0xd5ef2f7c2c83f549L,
-        0x54d63c809103b723L },
-      { 0xf2f11bd652a23f9bL,0x3670c3194b0b6587L,0x55c4623bb1580e9eL,
-        0x64edf7b201efe220L } },
-    /* 17 << 0 */
-    { { 0x97091dcbd53c5c9dL,0xf17624b6ac0a177bL,0xb0f139752cfe2dffL,
-        0xc1a35c0a6c7a574eL },
-      { 0x227d314693e79987L,0x0575bf30e89cb80eL,0x2f4e247f0d1883bbL,
-        0xebd512263274c3d0L } },
-    /* 18 << 0 */
-    { { 0x5f3e51c856ada97aL,0x4afc964d8f8b403eL,0xa6f247ab412e2979L,
-        0x675abd1b6f80ebdaL },
-      { 0x66a2bd725e485a1dL,0x4b2a5caf8f4f0b3cL,0x2626927f1b847bbaL,
-        0x6c6fc7d90502394dL } },
-    /* 19 << 0 */
-    { { 0xfea912baa5659ae8L,0x68363aba25e1a16eL,0xb8842277752c41acL,
-        0xfe545c282897c3fcL },
-      { 0x2d36e9e7dc4c696bL,0x5806244afba977c5L,0x85665e9be39508c1L,
-        0xf720ee256d12597bL } },
-    /* 20 << 0 */
-    { { 0x8a979129d2337a31L,0x5916868f0f862bdcL,0x048099d95dd283baL,
-        0xe2d1eeb6fe5bfb4eL },
-      { 0x82ef1c417884005dL,0xa2d4ec17ffffcbaeL,0x9161c53f8aa95e66L,
-        0x5ee104e1c5fee0d0L } },
-    /* 21 << 0 */
-    { { 0x562e4cecc135b208L,0x74e1b2654783f47dL,0x6d2a506c5a3f3b30L,
-        0xecead9f4c16762fcL },
-      { 0xf29dd4b2e286e5b9L,0x1b0fadc083bb3c61L,0x7a75023e7fac29a4L,
-        0xc086d5f1c9477fa3L } },
-    /* 22 << 0 */
-    { { 0x0fc611352f6f3076L,0xc99ffa23e3912a9aL,0x6a0b0685d2f8ba3dL,
-        0xfdc777e8e93358a4L },
-      { 0x94a787bb35415f04L,0x640c2d6a4d23fea4L,0x9de917da153a35b5L,
-        0x793e8d075d5cd074L } },
-    /* 23 << 0 */
-    { { 0xf4f876532de45068L,0x37c7a7e89e2e1f6eL,0xd0825fa2a3584069L,
-        0xaf2cea7c1727bf42L },
-      { 0x0360a4fb9e4785a9L,0xe5fda49c27299f4aL,0x48068e1371ac2f71L,
-        0x83d0687b9077666fL } },
-    /* 24 << 0 */
-    { { 0x6d3883b215d02819L,0x6d0d755040dd9a35L,0x61d7cbf91d2b469fL,
-        0xf97b232f2efc3115L },
-      { 0xa551d750b24bcbc7L,0x11ea494988a1e356L,0x7669f03193cb7501L,
-        0x595dc55eca737b8aL } },
-    /* 25 << 0 */
-    { { 0xa4a319acd837879fL,0x6fc1b49eed6b67b0L,0xe395993332f1f3afL,
-        0x966742eb65432a2eL },
-      { 0x4b8dc9feb4966228L,0x96cc631243f43950L,0x12068859c9b731eeL,
-        0x7b948dc356f79968L } },
-    /* 26 << 0 */
-    { { 0x61e4ad32ed1f8008L,0xe6c9267ad8b17538L,0x1ac7c5eb857ff6fbL,
-        0x994baaa855f2fb10L },
-      { 0x84cf14e11d248018L,0x5a39898b628ac508L,0x14fde97b5fa944f5L,
-        0xed178030d12e5ac7L } },
-    /* 27 << 0 */
-    { { 0x042c2af497e2feb4L,0xd36a42d7aebf7313L,0x49d2c9eb084ffdd7L,
-        0x9f8aa54b2ef7c76aL },
-      { 0x9200b7ba09895e70L,0x3bd0c66fddb7fb58L,0x2d97d10878eb4cbbL,
-        0x2d431068d84bde31L } },
-    /* 28 << 0 */
-    { { 0x4b523eb7172ccd1fL,0x7323cb2830a6a892L,0x97082ec0cfe153ebL,
-        0xe97f6b6af2aadb97L },
-      { 0x1d3d393ed1a83da1L,0xa6a7f9c7804b2a68L,0x4a688b482d0cb71eL,
-        0xa9b4cc5f40585278L } },
-    /* 29 << 0 */
-    { { 0x5e5db46acb66e132L,0xf1be963a0d925880L,0x944a70270317b9e2L,
-        0xe266f95948603d48L },
-      { 0x98db66735c208899L,0x90472447a2fb18a3L,0x8a966939777c619fL,
-        0x3798142a2a3be21bL } },
-    /* 30 << 0 */
-    { { 0xb4241cb13298b343L,0xa3a14e49b44f65a1L,0xc5f4d6cd3ac77acdL,
-        0xd0288cb552b6fc3cL },
-      { 0xd5cc8c2f1c040abcL,0xb675511e06bf9b4aL,0xd667da379b3aa441L,
-        0x460d45ce51601f72L } },
-    /* 31 << 0 */
-    { { 0xe2f73c696755ff89L,0xdd3cf7e7473017e6L,0x8ef5689d3cf7600dL,
-        0x948dc4f8b1fc87b4L },
-      { 0xd9e9fe814ea53299L,0x2d921ca298eb6028L,0xfaecedfd0c9803fcL,
-        0xf38ae8914d7b4745L } },
-    /* 32 << 0 */
-    { { 0xd8c5fccfc5e3a3d8L,0xbefd904c4079dfbfL,0xbc6d6a58fead0197L,
-        0x39227077695532a4L },
-      { 0x09e23e6ddbef42f5L,0x7e449b64480a9908L,0x7b969c1aad9a2e40L,
-        0x6231d7929591c2a4L } },
-    /* 33 << 0 */
-    { { 0x871514560f664534L,0x85ceae7c4b68f103L,0xac09c4ae65578ab9L,
-        0x33ec6868f044b10cL },
-      { 0x6ac4832b3a8ec1f1L,0x5509d1285847d5efL,0xf909604f763f1574L,
-        0xb16c4303c32f63c4L } },
-    /* 34 << 0 */
-    { { 0xb6ab20147ca23cd3L,0xcaa7a5c6a391849dL,0x5b0673a375678d94L,
-        0xc982ddd4dd303e64L },
-      { 0xfd7b000b5db6f971L,0xbba2cb1f6f876f92L,0xc77332a33c569426L,
-        0xa159100c570d74f8L } },
-    /* 35 << 0 */
-    { { 0xfd16847fdec67ef5L,0x742ee464233e76b7L,0x0b8e4134efc2b4c8L,
-        0xca640b8642a3e521L },
-      { 0x653a01908ceb6aa9L,0x313c300c547852d5L,0x24e4ab126b237af7L,
-        0x2ba901628bb47af8L } },
-    /* 36 << 0 */
-    { { 0x3d5e58d6a8219bb7L,0xc691d0bd1b06c57fL,0x0ae4cb10d257576eL,
-        0x3569656cd54a3dc3L },
-      { 0xe5ebaebd94cda03aL,0x934e82d3162bfe13L,0x450ac0bae251a0c6L,
-        0x480b9e11dd6da526L } },
-    /* 37 << 0 */
-    { { 0x00467bc58cce08b5L,0xb636458c7f178d55L,0xc5748baea677d806L,
-        0x2763a387dfa394ebL },
-      { 0xa12b448a7d3cebb6L,0xe7adda3e6f20d850L,0xf63ebce51558462cL,
-        0x58b36143620088a8L } },
-    /* 38 << 0 */
-    { { 0x8a2cc3ca4d63c0eeL,0x512331170fe948ceL,0x7463fd85222ef33bL,
-        0xadf0c7dc7c603d6cL },
-      { 0x0ec32d3bfe7765e5L,0xccaab359bf380409L,0xbdaa84d68e59319cL,
-        0xd9a4c2809c80c34dL } },
-    /* 39 << 0 */
-    { { 0xa9d89488a059c142L,0x6f5ae714ff0b9346L,0x068f237d16fb3664L,
-        0x5853e4c4363186acL },
-      { 0xe2d87d2363c52f98L,0x2ec4a76681828876L,0x47b864fae14e7b1cL,
-        0x0c0bc0e569192408L } },
-    /* 40 << 0 */
-    { { 0xe4d7681db82e9f3eL,0x83200f0bdf25e13cL,0x8909984c66f27280L,
-        0x462d7b0075f73227L },
-      { 0xd90ba188f2651798L,0x74c6e18c36ab1c34L,0xab256ea35ef54359L,
-        0x03466612d1aa702fL } },
-    /* 41 << 0 */
-    { { 0x624d60492ed22e91L,0x6fdfe0b56f072822L,0xeeca111539ce2271L,
-        0x98100a4fdb01614fL },
-      { 0xb6b0daa2a35c628fL,0xb6f94d2ec87e9a47L,0xc67732591d57d9ceL,
-        0xf70bfeec03884a7bL } },
-    /* 42 << 0 */
-    { { 0x5fb35ccfed2bad01L,0xa155cbe31da6a5c7L,0xc2e2594c30a92f8fL,
-        0x649c89ce5bfafe43L },
-      { 0xd158667de9ff257aL,0x9b359611f32c50aeL,0x4b00b20b906014cfL,
-        0xf3a8cfe389bc7d3dL } },
-    /* 43 << 0 */
-    { { 0x4ff23ffd248a7d06L,0x80c5bfb4878873faL,0xb7d9ad9005745981L,
-        0x179c85db3db01994L },
-      { 0xba41b06261a6966cL,0x4d82d052eadce5a8L,0x9e91cd3ba5e6a318L,
-        0x47795f4f95b2dda0L } },
-    /* 44 << 0 */
-    { { 0xecfd7c1fd55a897cL,0x009194abb29110fbL,0x5f0e2046e381d3b0L,
-        0x5f3425f6a98dd291L },
-      { 0xbfa06687730d50daL,0x0423446c4b083b7fL,0x397a247dd69d3417L,
-        0xeb629f90387ba42aL } },
-    /* 45 << 0 */
-    { { 0x1ee426ccd5cd79bfL,0x0032940b946c6e18L,0x1b1e8ae057477f58L,
-        0xe94f7d346d823278L },
-      { 0xc747cb96782ba21aL,0xc5254469f72b33a5L,0x772ef6dec7f80c81L,
-        0xd73acbfe2cd9e6b5L } },
-    /* 46 << 0 */
-    { { 0x4075b5b149ee90d9L,0x785c339aa06e9ebaL,0xa1030d5babf825e0L,
-        0xcec684c3a42931dcL },
-      { 0x42ab62c9c1586e63L,0x45431d665ab43f2bL,0x57c8b2c055f7835dL,
-        0x033da338c1b7f865L } },
-    /* 47 << 0 */
-    { { 0x283c7513caa76097L,0x0a624fa936c83906L,0x6b20afec715af2c7L,
-        0x4b969974eba78bfdL },
-      { 0x220755ccd921d60eL,0x9b944e107baeca13L,0x04819d515ded93d4L,
-        0x9bbff86e6dddfd27L } },
-    /* 48 << 0 */
-    { { 0x6b34413077adc612L,0xa7496529bbd803a0L,0x1a1baaa76d8805bdL,
-        0xc8403902470343adL },
-      { 0x39f59f66175adff1L,0x0b26d7fbb7d8c5b7L,0xa875f5ce529d75e3L,
-        0x85efc7e941325cc2L } },
-    /* 49 << 0 */
-    { { 0x21950b421ff6acd3L,0xffe7048453dc6909L,0xff4cd0b228766127L,
-        0xabdbe6084fb7db2bL },
-      { 0x837c92285e1109e8L,0x26147d27f4645b5aL,0x4d78f592f7818ed8L,
-        0xd394077ef247fa36L } },
-    /* 50 << 0 */
-    { { 0x0fb9c2d0488c171aL,0xa78bfbaa13685278L,0xedfbe268d5b1fa6aL,
-        0x0dceb8db2b7eaba7L },
-      { 0xbf9e80899ae2b710L,0xefde7ae6a4449c96L,0x43b7716bcc143a46L,
-        0xd7d34194c3628c13L } },
-    /* 51 << 0 */
-    { { 0x508cec1c3b3f64c9L,0xe20bc0ba1e5edf3fL,0xda1deb852f4318d4L,
-        0xd20ebe0d5c3fa443L },
-      { 0x370b4ea773241ea3L,0x61f1511c5e1a5f65L,0x99a5e23d82681c62L,
-        0xd731e383a2f54c2dL } },
-    /* 52 << 0 */
-    { { 0x2692f36e83445904L,0x2e0ec469af45f9c0L,0x905a3201c67528b7L,
-        0x88f77f34d0e5e542L },
-      { 0xf67a8d295864687cL,0x23b92eae22df3562L,0x5c27014b9bbec39eL,
-        0x7ef2f2269c0f0f8dL } },
-    /* 53 << 0 */
-    { { 0x97359638546c4d8dL,0x5f9c3fc492f24679L,0x912e8beda8c8acd9L,
-        0xec3a318d306634b0L },
-      { 0x80167f41c31cb264L,0x3db82f6f522113f2L,0xb155bcd2dcafe197L,
-        0xfba1da5943465283L } },
-    /* 54 << 0 */
-    { { 0xa0425b8eb212cf53L,0x4f2e512ef8557c5fL,0xc1286ff925c4d56cL,
-        0xbb8a0feaee26c851L },
-      { 0xc28f70d2e7d6107eL,0x7ee0c444e76265aaL,0x3df277a41d1936b1L,
-        0x1a556e3fea9595ebL } },
-    /* 55 << 0 */
-    { { 0x258bbbf9e7305683L,0x31eea5bf07ef5be6L,0x0deb0e4a46c814c1L,
-        0x5cee8449a7b730ddL },
-      { 0xeab495c5a0182bdeL,0xee759f879e27a6b4L,0xc2cf6a6880e518caL,
-        0x25e8013ff14cf3f4L } },
-    /* 56 << 0 */
-    { { 0x8fc441407e8d7a14L,0xbb1ff3ca9556f36aL,0x6a84438514600044L,
-        0xba3f0c4a7451ae63L },
-      { 0xdfcac25b1f9af32aL,0x01e0db86b1f2214bL,0x4e9a5bc2a4b596acL,
-        0x83927681026c2c08L } },
-    /* 57 << 0 */
-    { { 0x3ec832e77acaca28L,0x1bfeea57c7385b29L,0x068212e3fd1eaf38L,
-        0xc13298306acf8cccL },
-      { 0xb909f2db2aac9e59L,0x5748060db661782aL,0xc5ab2632c79b7a01L,
-        0xda44c6c600017626L } },
-    /* 58 << 0 */
-    { { 0xf26c00e8a7ea82f0L,0x99cac80de4299aafL,0xd66fe3b67ed78be1L,
-        0x305f725f648d02cdL },
-      { 0x33ed1bc4623fb21bL,0xfa70533e7a6319adL,0x17ab562dbe5ffb3eL,
-        0x0637499456674741L } },
-    /* 59 << 0 */
-    { { 0x69d44ed65c46aa8eL,0x2100d5d3a8d063d1L,0xcb9727eaa2d17c36L,
-        0x4c2bab1b8add53b7L },
-      { 0xa084e90c15426704L,0x778afcd3a837ebeaL,0x6651f7017ce477f8L,
-        0xa062499846fb7a8bL } },
-    /* 60 << 0 */
-    { { 0xdc1e6828ed8a6e19L,0x33fc23364189d9c7L,0x026f8fe2671c39bcL,
-        0xd40c4ccdbc6f9915L },
-      { 0xafa135bbf80e75caL,0x12c651a022adff2cL,0xc40a04bd4f51ad96L,
-        0x04820109bbe4e832L } },
-    /* 61 << 0 */
-    { { 0x3667eb1a7f4c04ccL,0x59556621a9404f84L,0x71cdf6537eceb50aL,
-        0x994a44a69b8335faL },
-      { 0xd7faf819dbeb9b69L,0x473c5680eed4350dL,0xb6658466da44bba2L,
-        0x0d1bc780872bdbf3L } },
-    /* 62 << 0 */
-    { { 0xe535f175a1962f91L,0x6ed7e061ed58f5a7L,0x177aa4c02089a233L,
-        0x0dbcb03ae539b413L },
-      { 0xe3dc424ebb32e38eL,0x6472e5ef6806701eL,0xdd47ff98814be9eeL,
-        0x6b60cfff35ace009L } },
-    /* 63 << 0 */
-    { { 0xb8d3d9319ff91fe5L,0x039c4800f0518eedL,0x95c376329182cb26L,
-        0x0763a43482fc568dL },
-      { 0x707c04d5383e76baL,0xac98b930824e8197L,0x92bf7c8f91230de0L,
-        0x90876a0140959b70L } },
-    /* 64 << 0 */
-    { { 0xdb6d96f305968b80L,0x380a0913089f73b9L,0x7da70b83c2c61e01L,
-        0x95fb8394569b38c7L },
-      { 0x9a3c651280edfe2fL,0x8f726bb98faeaf82L,0x8010a4a078424bf8L,
-        0x296720440e844970L } },
-    /* 0 << 7 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 7 */
-    { { 0x63c5cb817a2ad62aL,0x7ef2b6b9ac62ff54L,0x3749bba4b3ad9db5L,
-        0xad311f2c46d5a617L },
-      { 0xb77a8087c2ff3b6dL,0xb46feaf3367834ffL,0xf8aa266d75d6b138L,
-        0xfa38d320ec008188L } },
-    /* 2 << 7 */
-    { { 0x486d8ffa696946fcL,0x50fbc6d8b9cba56dL,0x7e3d423e90f35a15L,
-        0x7c3da195c0dd962cL },
-      { 0xe673fdb03cfd5d8bL,0x0704b7c2889dfca5L,0xf6ce581ff52305aaL,
-        0x399d49eb914d5e53L } },
-    /* 3 << 7 */
-    { { 0x380a496d6ec293cdL,0x733dbda78e7051f5L,0x037e388db849140aL,
-        0xee4b32b05946dbf6L },
-      { 0xb1c4fda9cae368d1L,0x5001a7b0fdb0b2f3L,0x6df593742e3ac46eL,
-        0x4af675f239b3e656L } },
-    /* 4 << 7 */
-    { { 0x44e3811039949296L,0x5b63827b361db1b5L,0x3e5323ed206eaff5L,
-        0x942370d2c21f4290L },
-      { 0xf2caaf2ee0d985a1L,0x192cc64b7239846dL,0x7c0b8f47ae6312f8L,
-        0x7dc61f9196620108L } },
-    /* 5 << 7 */
-    { { 0xb830fb5bc2da7de9L,0xd0e643df0ff8d3beL,0x31ee77ba188a9641L,
-        0x4e8aa3aabcf6d502L },
-      { 0xf9fb65329a49110fL,0xd18317f62dd6b220L,0x7e3ced4152c3ea5aL,
-        0x0d296a147d579c4aL } },
-    /* 6 << 7 */
-    { { 0x35d6a53eed4c3717L,0x9f8240cf3d0ed2a3L,0x8c0d4d05e5543aa5L,
-        0x45d5bbfbdd33b4b4L },
-      { 0xfa04cc73137fd28eL,0x862ac6efc73b3ffdL,0x403ff9f531f51ef2L,
-        0x34d5e0fcbc73f5a2L } },
-    /* 7 << 7 */
-    { { 0xf252682008913f4fL,0xea20ed61eac93d95L,0x51ed38b46ca6b26cL,
-        0x8662dcbcea4327b0L },
-      { 0x6daf295c725d2aaaL,0xbad2752f8e52dcdaL,0x2210e7210b17daccL,
-        0xa37f7912d51e8232L } },
-    /* 8 << 7 */
-    { { 0x4f7081e144cc3addL,0xd5ffa1d687be82cfL,0x89890b6c0edd6472L,
-        0xada26e1a3ed17863L },
-      { 0x276f271563483caaL,0xe6924cd92f6077fdL,0x05a7fe980a466e3cL,
-        0xf1c794b0b1902d1fL } },
-    /* 9 << 7 */
-    { { 0xe521368882a8042cL,0xd931cfafcd278298L,0x069a0ae0f597a740L,
-        0x0adbb3f3eb59107cL },
-      { 0x983e951e5eaa8eb8L,0xe663a8b511b48e78L,0x1631cc0d8a03f2c5L,
-        0x7577c11e11e271e2L } },
-    /* 10 << 7 */
-    { { 0x33b2385c08369a90L,0x2990c59b190eb4f8L,0x819a6145c68eac80L,
-        0x7a786d622ec4a014L },
-      { 0x33faadbe20ac3a8dL,0x31a217815aba2d30L,0x209d2742dba4f565L,
-        0xdb2ce9e355aa0fbbL } },
-    /* 11 << 7 */
-    { { 0x8cef334b168984dfL,0xe81dce1733879638L,0xf6e6949c263720f0L,
-        0x5c56feaff593cbecL },
-      { 0x8bff5601fde58c84L,0x74e241172eccb314L,0xbcf01b614c9a8a78L,
-        0xa233e35e544c9868L } },
-    /* 12 << 7 */
-    { { 0xb3156bf38bd7aff1L,0x1b5ee4cb1d81b146L,0x7ba1ac41d628a915L,
-        0x8f3a8f9cfd89699eL },
-      { 0x7329b9c9a0748be7L,0x1d391c95a92e621fL,0xe51e6b214d10a837L,
-        0xd255f53a4947b435L } },
-    /* 13 << 7 */
-    { { 0x07669e04f1788ee3L,0xc14f27afa86938a2L,0x8b47a334e93a01c0L,
-        0xff627438d9366808L },
-      { 0x7a0985d8ca2a5965L,0x3d9a5542d6e9b9b3L,0xc23eb80b4cf972e8L,
-        0x5c1c33bb4fdf72fdL } },
-    /* 14 << 7 */
-    { { 0x0c4a58d474a86108L,0xf8048a8fee4c5d90L,0xe3c7c924e86d4c80L,
-        0x28c889de056a1e60L },
-      { 0x57e2662eb214a040L,0xe8c48e9837e10347L,0x8774286280ac748aL,
-        0xf1c24022186b06f2L } },
-    /* 15 << 7 */
-    { { 0xac2dd4c35f74040aL,0x409aeb71fceac957L,0x4fbad78255c4ec23L,
-        0xb359ed618a7b76ecL },
-      { 0x12744926ed6f4a60L,0xe21e8d7f4b912de3L,0xe2575a59fc705a59L,
-        0x72f1d4deed2dbc0eL } },
-    /* 16 << 7 */
-    { { 0x3d2b24b9eb7926b8L,0xbff88cb3cdbe5509L,0xd0f399afe4dd640bL,
-        0x3c5fe1302f76ed45L },
-      { 0x6f3562f43764fb3dL,0x7b5af3183151b62dL,0xd5bd0bc7d79ce5f3L,
-        0xfdaf6b20ec66890fL } },
-    /* 17 << 7 */
-    { { 0x735c67ec6063540cL,0x50b259c2e5f9cb8fL,0xb8734f9a3f99c6abL,
-        0xf8cc13d5a3a7bc85L },
-      { 0x80c1b305c5217659L,0xfe5364d44ec12a54L,0xbd87045e681345feL,
-        0x7f8efeb1582f897fL } },
-    /* 18 << 7 */
-    { { 0xe8cbf1e5d5923359L,0xdb0cea9d539b9fb0L,0x0c5b34cf49859b98L,
-        0x5e583c56a4403cc6L },
-      { 0x11fc1a2dd48185b7L,0xc93fbc7e6e521787L,0x47e7a05805105b8bL,
-        0x7b4d4d58db8260c8L } },
-    /* 19 << 7 */
-    { { 0xe33930b046eb842aL,0x8e844a9a7bdae56dL,0x34ef3a9e13f7fdfcL,
-        0xb3768f82636ca176L },
-      { 0x2821f4e04e09e61cL,0x414dc3a1a0c7cddcL,0xd537943754945fcdL,
-        0x151b6eefb3555ff1L } },
-    /* 20 << 7 */
-    { { 0xb31bd6136339c083L,0x39ff8155dfb64701L,0x7c3388d2e29604abL,
-        0x1e19084ba6b10442L },
-      { 0x17cf54c0eccd47efL,0x896933854a5dfb30L,0x69d023fb47daf9f6L,
-        0x9222840b7d91d959L } },
-    /* 21 << 7 */
-    { { 0x439108f5803bac62L,0x0b7dd91d379bd45fL,0xd651e827ca63c581L,
-        0x5c5d75f6509c104fL },
-      { 0x7d5fc7381f2dc308L,0x20faa7bfd98454beL,0x95374beea517b031L,
-        0xf036b9b1642692acL } },
-    /* 22 << 7 */
-    { { 0xc510610939842194L,0xb7e2353e49d05295L,0xfc8c1d5cefb42ee0L,
-        0xe04884eb08ce811cL },
-      { 0xf1f75d817419f40eL,0x5b0ac162a995c241L,0x120921bbc4c55646L,
-        0x713520c28d33cf97L } },
-    /* 23 << 7 */
-    { { 0xb4a65a5ce98c5100L,0x6cec871d2ddd0f5aL,0x251f0b7f9ba2e78bL,
-        0x224a8434ce3a2a5fL },
-      { 0x26827f6125f5c46fL,0x6a22bedc48545ec0L,0x25ae5fa0b1bb5cdcL,
-        0xd693682ffcb9b98fL } },
-    /* 24 << 7 */
-    { { 0x32027fe891e5d7d3L,0xf14b7d1773a07678L,0xf88497b3c0dfdd61L,
-        0xf7c2eec02a8c4f48L },
-      { 0xaa5573f43756e621L,0xc013a2401825b948L,0x1c03b34563878572L,
-        0xa0472bea653a4184L } },
-    /* 25 << 7 */
-    { { 0xf4222e270ac69a80L,0x34096d25f51e54f6L,0x00a648cb8fffa591L,
-        0x4e87acdc69b6527fL },
-      { 0x0575e037e285ccb4L,0x188089e450ddcf52L,0xaa96c9a8870ff719L,
-        0x74a56cd81fc7e369L } },
-    /* 26 << 7 */
-    { { 0x41d04ee21726931aL,0x0bbbb2c83660ecfdL,0xa6ef6de524818e18L,
-        0xe421cc51e7d57887L },
-      { 0xf127d208bea87be6L,0x16a475d3b1cdd682L,0x9db1b684439b63f7L,
-        0x5359b3dbf0f113b6L } },
-    /* 27 << 7 */
-    { { 0xdfccf1de8bf06e31L,0x1fdf8f44dd383901L,0x10775cad5017e7d2L,
-        0xdfc3a59758d11eefL },
-      { 0x6ec9c8a0b1ecff10L,0xee6ed6cc28400549L,0xb5ad7bae1b4f8d73L,
-        0x61b4f11de00aaab9L } },
-    /* 28 << 7 */
-    { { 0x7b32d69bd4eff2d7L,0x88ae67714288b60fL,0x159461b437a1e723L,
-        0x1f3d4789570aae8cL },
-      { 0x869118c07f9871daL,0x35fbda78f635e278L,0x738f3641e1541dacL,
-        0x6794b13ac0dae45fL } },
-    /* 29 << 7 */
-    { { 0x065064ac09cc0917L,0x27c53729c68540fdL,0x0d2d4c8eef227671L,
-        0xd23a9f80a1785a04L },
-      { 0x98c5952852650359L,0xfa09ad0174a1acadL,0x082d5a290b55bf5cL,
-        0xa40f1c67419b8084L } },
-    /* 30 << 7 */
-    { { 0x3a5c752edcc18770L,0x4baf1f2f8825c3a5L,0xebd63f7421b153edL,
-        0xa2383e47b2f64723L },
-      { 0xe7bf620a2646d19aL,0x56cb44ec03c83ffdL,0xaf7267c94f6be9f1L,
-        0x8b2dfd7bc06bb5e9L } },
-    /* 31 << 7 */
-    { { 0xb87072f2a672c5c7L,0xeacb11c80d53c5e2L,0x22dac29dff435932L,
-        0x37bdb99d4408693cL },
-      { 0xf6e62fb62899c20fL,0x3535d512447ece24L,0xfbdc6b88ff577ce3L,
-        0x726693bd190575f2L } },
-    /* 32 << 7 */
-    { { 0x6772b0e5ab4b35a2L,0x1d8b6001f5eeaacfL,0x728f7ce4795b9580L,
-        0x4a20ed2a41fb81daL },
-      { 0x9f685cd44fec01e6L,0x3ed7ddcca7ff50adL,0x460fd2640c2d97fdL,
-        0x3a241426eb82f4f9L } },
-    /* 33 << 7 */
-    { { 0x17d1df2c6a8ea820L,0xb2b50d3bf22cc254L,0x03856cbab7291426L,
-        0x87fd26ae04f5ee39L },
-      { 0x9cb696cc02bee4baL,0x5312180406820fd6L,0xa5dfc2690212e985L,
-        0x666f7ffa160f9a09L } },
-    /* 34 << 7 */
-    { { 0xc503cd33bccd9617L,0x365dede4ba7730a3L,0x798c63555ddb0786L,
-        0xa6c3200efc9cd3bcL },
-      { 0x060ffb2ce5e35efdL,0x99a4e25b5555a1c1L,0x11d95375f70b3751L,
-        0x0a57354a160e1bf6L } },
-    /* 35 << 7 */
-    { { 0xecb3ae4bf8e4b065L,0x07a834c42e53022bL,0x1cd300b38692ed96L,
-        0x16a6f79261ee14ecL },
-      { 0x8f1063c66a8649edL,0xfbcdfcfe869f3e14L,0x2cfb97c100a7b3ecL,
-        0xcea49b3c7130c2f1L } },
-    /* 36 << 7 */
-    { { 0x462d044fe9d96488L,0x4b53d52e8182a0c1L,0x84b6ddd30391e9e9L,
-        0x80ab7b48b1741a09L },
-      { 0xec0e15d427d3317fL,0x8dfc1ddb1a64671eL,0x93cc5d5fd49c5b92L,
-        0xc995d53d3674a331L } },
-    /* 37 << 7 */
-    { { 0x302e41ec090090aeL,0x2278a0ccedb06830L,0x1d025932fbc99690L,
-        0x0c32fbd2b80d68daL },
-      { 0xd79146daf341a6c1L,0xae0ba1391bef68a0L,0xc6b8a5638d774b3aL,
-        0x1cf307bd880ba4d7L } },
-    /* 38 << 7 */
-    { { 0xc033bdc719803511L,0xa9f97b3b8888c3beL,0x3d68aebc85c6d05eL,
-        0xc3b88a9d193919ebL },
-      { 0x2d300748c48b0ee3L,0x7506bc7c07a746c1L,0xfc48437c6e6d57f3L,
-        0x5bd71587cfeaa91aL } },
-    /* 39 << 7 */
-    { { 0xa4ed0408c1bc5225L,0xd0b946db2719226dL,0x109ecd62758d2d43L,
-        0x75c8485a2751759bL },
-      { 0xb0b75f499ce4177aL,0x4fa61a1e79c10c3dL,0xc062d300a167fcd7L,
-        0x4df3874c750f0fa8L } },
-    /* 40 << 7 */
-    { { 0x29ae2cf983dfedc9L,0xf84371348d87631aL,0xaf5717117429c8d2L,
-        0x18d15867146d9272L },
-      { 0x83053ecf69769bb7L,0xc55eb856c479ab82L,0x5ef7791c21b0f4b2L,
-        0xaa5956ba3d491525L } },
-    /* 41 << 7 */
-    { { 0x407a96c29fe20ebaL,0xf27168bbe52a5ad3L,0x43b60ab3bf1d9d89L,
-        0xe45c51ef710e727aL },
-      { 0xdfca5276099b4221L,0x8dc6407c2557a159L,0x0ead833591035895L,
-        0x0a9db9579c55dc32L } },
-    /* 42 << 7 */
-    { { 0xe40736d3df61bc76L,0x13a619c03f778cdbL,0x6dd921a4c56ea28fL,
-        0x76a524332fa647b4L },
-      { 0x23591891ac5bdc5dL,0xff4a1a72bac7dc01L,0x9905e26162df8453L,
-        0x3ac045dfe63b265fL } },
-    /* 43 << 7 */
-    { { 0x8a3f341bad53dba7L,0x8ec269cc837b625aL,0xd71a27823ae31189L,
-        0x8fb4f9a355e96120L },
-      { 0x804af823ff9875cfL,0x23224f575d442a9bL,0x1c4d3b9eecc62679L,
-        0x91da22fba0e7ddb1L } },
-    /* 44 << 7 */
-    { { 0xa370324d6c04a661L,0x9710d3b65e376d17L,0xed8c98f03044e357L,
-        0xc364ebbe6422701cL },
-      { 0x347f5d517733d61cL,0xd55644b9cea826c3L,0x80c6e0ad55a25548L,
-        0x0aa7641d844220a7L } },
-    /* 45 << 7 */
-    { { 0x1438ec8131810660L,0x9dfa6507de4b4043L,0x10b515d8cc3e0273L,
-        0x1b6066dd28d8cfb2L },
-      { 0xd3b045919c9efebdL,0x425d4bdfa21c1ff4L,0x5fe5af19d57607d3L,
-        0xbbf773f754481084L } },
-    /* 46 << 7 */
-    { { 0x8435bd6994b03ed1L,0xd9ad1de3634cc546L,0x2cf423fc00e420caL,
-        0xeed26d80a03096ddL },
-      { 0xd7f60be7a4db09d2L,0xf47f569d960622f7L,0xe5925fd77296c729L,
-        0xeff2db2626ca2715L } },
-    /* 47 << 7 */
-    { { 0xa6fcd014b913e759L,0x53da47868ff4de93L,0x14616d79c32068e1L,
-        0xb187d664ccdf352eL },
-      { 0xf7afb6501dc90b59L,0x8170e9437daa1b26L,0xc8e3bdd8700c0a84L,
-        0x6e8d345f6482bdfaL } },
-    /* 48 << 7 */
-    { { 0x84cfbfa1c5c5ea50L,0xd3baf14c67960681L,0x263984030dd50942L,
-        0xe4b7839c4716a663L },
-      { 0xd5f1f794e7de6dc0L,0x5cd0f4d4622aa7ceL,0x5295f3f159acfeecL,
-        0x8d933552953e0607L } },
-    /* 49 << 7 */
-    { { 0xc7db8ec5776c5722L,0xdc467e622b5f290cL,0xd4297e704ff425a9L,
-        0x4be924c10cf7bb72L },
-      { 0x0d5dc5aea1892131L,0x8bf8a8e3a705c992L,0x73a0b0647a305ac5L,
-        0x00c9ca4e9a8c77a8L } },
-    /* 50 << 7 */
-    { { 0x5dfee80f83774bddL,0x6313160285734485L,0xa1b524ae914a69a9L,
-        0xebc2ffafd4e300d7L },
-      { 0x52c93db77cfa46a5L,0x71e6161f21653b50L,0x3574fc57a4bc580aL,
-        0xc09015dde1bc1253L } },
-    /* 51 << 7 */
-    { { 0x4b7b47b2d174d7aaL,0x4072d8e8f3a15d04L,0xeeb7d47fd6fa07edL,
-        0x6f2b9ff9edbdafb1L },
-      { 0x18c516153760fe8aL,0x7a96e6bff06c6c13L,0x4d7a04100ea2d071L,
-        0xa1914e9b0be2a5ceL } },
-    /* 52 << 7 */
-    { { 0x5726e357d8a3c5cfL,0x1197ecc32abb2b13L,0x6c0d7f7f31ae88ddL,
-        0x15b20d1afdbb3efeL },
-      { 0xcd06aa2670584039L,0x2277c969a7dc9747L,0xbca695877855d815L,
-        0x899ea2385188b32aL } },
-    /* 53 << 7 */
-    { { 0x37d9228b760c1c9dL,0xc7efbb119b5c18daL,0x7f0d1bc819f6dbc5L,
-        0x4875384b07e6905bL },
-      { 0xc7c50baa3ba8cd86L,0xb0ce40fbc2905de0L,0x708406737a231952L,
-        0xa912a262cf43de26L } },
-    /* 54 << 7 */
-    { { 0x9c38ddcceb5b76c1L,0x746f528526fc0ab4L,0x52a63a50d62c269fL,
-        0x60049c5599458621L },
-      { 0xe7f48f823c2f7c9eL,0x6bd99043917d5cf3L,0xeb1317a88701f469L,
-        0xbd3fe2ed9a449fe0L } },
-    /* 55 << 7 */
-    { { 0x421e79ca12ef3d36L,0x9ee3c36c3e7ea5deL,0xe48198b5cdff36f7L,
-        0xaff4f967c6b82228L },
-      { 0x15e19dd0c47adb7eL,0x45699b23032e7dfaL,0x40680c8b1fae026aL,
-        0x5a347a48550dbf4dL } },
-    /* 56 << 7 */
-    { { 0xe652533b3cef0d7dL,0xd94f7b182bbb4381L,0x838752be0e80f500L,
-        0x8e6e24889e9c9bfbL },
-      { 0xc975169716caca6aL,0x866c49d838531ad9L,0xc917e2397151ade1L,
-        0x2d016ec16037c407L } },
-    /* 57 << 7 */
-    { { 0xa407ccc900eac3f9L,0x835f6280e2ed4748L,0xcc54c3471cc98e0dL,
-        0x0e969937dcb572ebL },
-      { 0x1b16c8e88f30c9cbL,0xa606ae75373c4661L,0x47aa689b35502cabL,
-        0xf89014ae4d9bb64fL } },
-    /* 58 << 7 */
-    { { 0x202f6a9c31c71f7bL,0x01f95aa3296ffe5cL,0x5fc0601453cec3a3L,
-        0xeb9912375f498a45L },
-      { 0xae9a935e5d91ba87L,0xc6ac62810b564a19L,0x8a8fe81c3bd44e69L,
-        0x7c8b467f9dd11d45L } },
-    /* 59 << 7 */
-    { { 0xf772251fea5b8e69L,0xaeecb3bdc5b75fbcL,0x1aca3331887ff0e5L,
-        0xbe5d49ff19f0a131L },
-      { 0x582c13aae5c8646fL,0xdbaa12e820e19980L,0x8f40f31af7abbd94L,
-        0x1f13f5a81dfc7663L } },
-    /* 60 << 7 */
-    { { 0x5d81f1eeaceb4fc0L,0x362560025e6f0f42L,0x4b67d6d7751370c8L,
-        0x2608b69803e80589L },
-      { 0xcfc0d2fc05268301L,0xa6943d3940309212L,0x192a90c21fd0e1c2L,
-        0xb209f11337f1dc76L } },
-    /* 61 << 7 */
-    { { 0xefcc5e0697bf1298L,0xcbdb6730219d639eL,0xd009c116b81e8c6fL,
-        0xa3ffdde31a7ce2e5L },
-      { 0xc53fbaaaa914d3baL,0x836d500f88df85eeL,0xd98dc71b66ee0751L,
-        0x5a3d7005714516fdL } },
-    /* 62 << 7 */
-    { { 0x21d3634d39eedbbaL,0x35cd2e680455a46dL,0xc8cafe65f9d7eb0cL,
-        0xbda3ce9e00cefb3eL },
-      { 0xddc17a602c9cf7a4L,0x01572ee47bcb8773L,0xa92b2b018c7548dfL,
-        0x732fd309a84600e3L } },
-    /* 63 << 7 */
-    { { 0xe22109c716543a40L,0x9acafd36fede3c6cL,0xfb2068526824e614L,
-        0x2a4544a9da25dca0L },
-      { 0x2598526291d60b06L,0x281b7be928753545L,0xec667b1a90f13b27L,
-        0x33a83aff940e2eb4L } },
-    /* 64 << 7 */
-    { { 0x80009862d5d721d5L,0x0c3357a35bd3a182L,0x27f3a83b7aa2cda4L,
-        0xb58ae74ef6f83085L },
-      { 0x2a911a812e6dad6bL,0xde286051f43d6c5bL,0x4bdccc41f996c4d8L,
-        0xe7312ec00ae1e24eL } },
-    /* 0 << 14 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 14 */
-    { { 0xf8d112e76e6485b3L,0x4d3e24db771c52f8L,0x48e3ee41684a2f6dL,
-        0x7161957d21d95551L },
-      { 0x19631283cdb12a6cL,0xbf3fa8822e50e164L,0xf6254b633166cc73L,
-        0x3aefa7aeaee8cc38L } },
-    /* 2 << 14 */
-    { { 0x79b0fe623b36f9fdL,0x26543b23fde19fc0L,0x136e64a0958482efL,
-        0x23f637719b095825L },
-      { 0x14cfd596b6a1142eL,0x5ea6aac6335aac0bL,0x86a0e8bdf3081dd5L,
-        0x5fb89d79003dc12aL } },
-    /* 3 << 14 */
-    { { 0xf615c33af72e34d4L,0x0bd9ea40110eec35L,0x1c12bc5bc1dea34eL,
-        0x686584c949ae4699L },
-      { 0x13ad95d38c97b942L,0x4609561a4e5c7562L,0x9e94a4aef2737f89L,
-        0xf57594c6371c78b6L } },
-    /* 4 << 14 */
-    { { 0x0f0165fce3779ee3L,0xe00e7f9dbd495d9eL,0x1fa4efa220284e7aL,
-        0x4564bade47ac6219L },
-      { 0x90e6312ac4708e8eL,0x4f5725fba71e9adfL,0xe95f55ae3d684b9fL,
-        0x47f7ccb11e94b415L } },
-    /* 5 << 14 */
-    { { 0x7322851b8d946581L,0xf0d13133bdf4a012L,0xa3510f696584dae0L,
-        0x03a7c1713c9f6c6dL },
-      { 0x5be97f38e475381aL,0xca1ba42285823334L,0xf83cc5c70be17ddaL,
-        0x158b14940b918c0fL } },
-    /* 6 << 14 */
-    { { 0xda3a77e5522e6b69L,0x69c908c3bbcd6c18L,0x1f1b9e48d924fd56L,
-        0x37c64e36aa4bb3f7L },
-      { 0x5a4fdbdfee478d7dL,0xba75c8bc0193f7a0L,0x84bc1e8456cd16dfL,
-        0x1fb08f0846fad151L } },
-    /* 7 << 14 */
-    { { 0x8a7cabf9842e9f30L,0xa331d4bf5eab83afL,0xd272cfba017f2a6aL,
-        0x27560abc83aba0e3L },
-      { 0x94b833870e3a6b75L,0x25c6aea26b9f50f5L,0x803d691db5fdf6d0L,
-        0x03b77509e6333514L } },
-    /* 8 << 14 */
-    { { 0x3617890361a341c1L,0x3604dc600cfd6142L,0x022295eb8533316cL,
-        0x3dbde4ac44af2922L },
-      { 0x898afc5d1c7eef69L,0x58896805d14f4fa1L,0x05002160203c21caL,
-        0x6f0d1f3040ef730bL } },
-    /* 9 << 14 */
-    { { 0x8e8c44d4196224f8L,0x75a4ab95374d079dL,0x79085ecc7d48f123L,
-        0x56f04d311bf65ad8L },
-      { 0xe220bf1cbda602b2L,0x73ee1742f9612c69L,0x76008fc8084fd06bL,
-        0x4000ef9ff11380d1L } },
-    /* 10 << 14 */
-    { { 0x48201b4b12cfe297L,0x3eee129c292f74e5L,0xe1fe114ec9e874e8L,
-        0x899b055c92c5fc41L },
-      { 0x4e477a643a39c8cfL,0x82f09efe78963cc9L,0x6fd3fd8fd333f863L,
-        0x85132b2adc949c63L } },
-    /* 11 << 14 */
-    { { 0x7e06a3ab516eb17bL,0x73bec06fd2c7372bL,0xe4f74f55ba896da6L,
-        0xbb4afef88e9eb40fL },
-      { 0x2d75bec8e61d66b0L,0x02bda4b4ef29300bL,0x8bbaa8de026baa5aL,
-        0xff54befda07f4440L } },
-    /* 12 << 14 */
-    { { 0xbd9b8b1dbe7a2af3L,0xec51caa94fb74a72L,0xb9937a4b63879697L,
-        0x7c9a9d20ec2687d5L },
-      { 0x1773e44f6ef5f014L,0x8abcf412e90c6900L,0x387bd0228142161eL,
-        0x50393755fcb6ff2aL } },
-    /* 13 << 14 */
-    { { 0x9813fd56ed6def63L,0x53cf64827d53106cL,0x991a35bd431f7ac1L,
-        0xf1e274dd63e65fafL },
-      { 0xf63ffa3c44cc7880L,0x411a426b7c256981L,0xb698b9fd93a420e0L,
-        0x89fdddc0ae53f8feL } },
-    /* 14 << 14 */
-    { { 0x766e072232398baaL,0x205fee425cfca031L,0xa49f53417a029cf2L,
-        0xa88c68b84023890dL },
-      { 0xbc2750417337aaa8L,0x9ed364ad0eb384f4L,0xe0816f8529aba92fL,
-        0x2e9e194104e38a88L } },
-    /* 15 << 14 */
-    { { 0x57eef44a3dafd2d5L,0x35d1fae597ed98d8L,0x50628c092307f9b1L,
-        0x09d84aaed6cba5c6L },
-      { 0x67071bc788aaa691L,0x2dea57a9afe6cb03L,0xdfe11bb43d78ac01L,
-        0x7286418c7fd7aa51L } },
-    /* 16 << 14 */
-    { { 0xfabf770977f7195aL,0x8ec86167adeb838fL,0xea1285a8bb4f012dL,
-        0xd68835039a3eab3fL },
-      { 0xee5d24f8309004c2L,0xa96e4b7613ffe95eL,0x0cdffe12bd223ea4L,
-        0x8f5c2ee5b6739a53L } },
-    /* 17 << 14 */
-    { { 0x5cb4aaa5dd968198L,0xfa131c5272413a6cL,0x53d46a909536d903L,
-        0xb270f0d348606d8eL },
-      { 0x518c7564a053a3bcL,0x088254b71a86caefL,0xb3ba8cb40ab5efd0L,
-        0x5c59900e4605945dL } },
-    /* 18 << 14 */
-    { { 0xecace1dda1887395L,0x40960f36932a65deL,0x9611ff5c3aa95529L,
-        0xc58215b07c1e5a36L },
-      { 0xd48c9b58f0e1a524L,0xb406856bf590dfb8L,0xc7605e049cd95662L,
-        0x0dd036eea33ecf82L } },
-    /* 19 << 14 */
-    { { 0xa50171acc33156b3L,0xf09d24ea4a80172eL,0x4e1f72c676dc8eefL,
-        0xe60caadc5e3d44eeL },
-      { 0x006ef8a6979b1d8fL,0x60908a1c97788d26L,0x6e08f95b266feec0L,
-        0x618427c222e8c94eL } },
-    /* 20 << 14 */
-    { { 0x3d61333959145a65L,0xcd9bc368fa406337L,0x82d11be32d8a52a0L,
-        0xf6877b2797a1c590L },
-      { 0x837a819bf5cbdb25L,0x2a4fd1d8de090249L,0x622a7de774990e5fL,
-        0x840fa5a07945511bL } },
-    /* 21 << 14 */
-    { { 0x30b974be6558842dL,0x70df8c6417f3d0a6L,0x7c8035207542e46dL,
-        0x7251fe7fe4ecc823L },
-      { 0xe59134cb5e9aac9aL,0x11bb0934f0045d71L,0x53e5d9b5dbcb1d4eL,
-        0x8d97a90592defc91L } },
-    /* 22 << 14 */
-    { { 0xfe2893277946d3f9L,0xe132bd2407472273L,0xeeeb510c1eb6ae86L,
-        0x777708c5f0595067L },
-      { 0x18e2c8cd1297029eL,0x2c61095cbbf9305eL,0xe466c2586b85d6d9L,
-        0x8ac06c36da1ea530L } },
-    /* 23 << 14 */
-    { { 0xa365dc39a1304668L,0xe4a9c88507f89606L,0x65a4898facc7228dL,
-        0x3e2347ff84ca8303L },
-      { 0xa5f6fb77ea7d23a3L,0x2fac257d672a71cdL,0x6908bef87e6a44d3L,
-        0x8ff87566891d3d7aL } },
-    /* 24 << 14 */
-    { { 0xe58e90b36b0cf82eL,0x6438d2462615b5e7L,0x07b1f8fc669c145aL,
-        0xb0d8b2da36f1e1cbL },
-      { 0x54d5dadbd9184c4dL,0x3dbb18d5f93d9976L,0x0a3e0f56d1147d47L,
-        0x2afa8c8da0a48609L } },
-    /* 25 << 14 */
-    { { 0x275353e8bc36742cL,0x898f427eeea0ed90L,0x26f4947e3e477b00L,
-        0x8ad8848a308741e3L },
-      { 0x6c703c38d74a2a46L,0x5e3e05a99ba17ba2L,0xc1fa6f664ab9a9e4L,
-        0x474a2d9a3841d6ecL } },
-    /* 26 << 14 */
-    { { 0x871239ad653ae326L,0x14bcf72aa74cbb43L,0x8737650e20d4c083L,
-        0x3df86536110ed4afL },
-      { 0xd2d86fe7b53ca555L,0x688cb00dabd5d538L,0xcf81bda31ad38468L,
-        0x7ccfe3ccf01167b6L } },
-    /* 27 << 14 */
-    { { 0xcf4f47e06c4c1fe6L,0x557e1f1a298bbb79L,0xf93b974f30d45a14L,
-        0x174a1d2d0baf97c4L },
-      { 0x7a003b30c51fbf53L,0xd8940991ee68b225L,0x5b0aa7b71c0f4173L,
-        0x975797c9a20a7153L } },
-    /* 28 << 14 */
-    { { 0x26e08c07e3533d77L,0xd7222e6a2e341c99L,0x9d60ec3d8d2dc4edL,
-        0xbdfe0d8f7c476cf8L },
-      { 0x1fe59ab61d056605L,0xa9ea9df686a8551fL,0x8489941e47fb8d8cL,
-        0xfeb874eb4a7f1b10L } },
-    /* 29 << 14 */
-    { { 0xfe5fea867ee0d98fL,0x201ad34bdbf61864L,0x45d8fe4737c031d4L,
-        0xd5f49fae795f0822L },
-      { 0xdb0fb291c7f4a40cL,0x2e69d9c1730ddd92L,0x754e105449d76987L,
-        0x8a24911d7662db87L } },
-    /* 30 << 14 */
-    { { 0x61fc181060a71676L,0xe852d1a8f66a8ad1L,0x172bbd656417231eL,
-        0x0d6de7bd3babb11fL },
-      { 0x6fde6f88c8e347f8L,0x1c5875479bd99cc3L,0x78e54ed034076950L,
-        0x97f0f334796e83baL } },
-    /* 31 << 14 */
-    { { 0xe4dbe1ce4924867aL,0xbd5f51b060b84917L,0x375300403cb09a79L,
-        0xdb3fe0f8ff1743d8L },
-      { 0xed7894d8556fa9dbL,0xfa26216923412fbfL,0x563be0dbba7b9291L,
-        0x6ca8b8c00c9fb234L } },
-    /* 32 << 14 */
-    { { 0xed406aa9bd763802L,0xc21486a065303da1L,0x61ae291ec7e62ec4L,
-        0x622a0492df99333eL },
-      { 0x7fd80c9dbb7a8ee0L,0xdc2ed3bc6c01aedbL,0x35c35a1208be74ecL,
-        0xd540cb1a469f671fL } },
-    /* 33 << 14 */
-    { { 0xd16ced4ecf84f6c7L,0x8561fb9c2d090f43L,0x7e693d796f239db4L,
-        0xa736f92877bd0d94L },
-      { 0x07b4d9292c1950eeL,0xda17754356dc11b3L,0xa5dfbbaa7a6a878eL,
-        0x1c70cb294decb08aL } },
-    /* 34 << 14 */
-    { { 0xfba28c8b6f0f7c50L,0xa8eba2b8854dcc6dL,0x5ff8e89a36b78642L,
-        0x070c1c8ef6873adfL },
-      { 0xbbd3c3716484d2e4L,0xfb78318f0d414129L,0x2621a39c6ad93b0bL,
-        0x979d74c2a9e917f7L } },
-    /* 35 << 14 */
-    { { 0xfc19564761fb0428L,0x4d78954abee624d4L,0xb94896e0b8ae86fdL,
-        0x6667ac0cc91c8b13L },
-      { 0x9f18051243bcf832L,0xfbadf8b7a0010137L,0xc69b4089b3ba8aa7L,
-        0xfac4bacde687ce85L } },
-    /* 36 << 14 */
-    { { 0x9164088d977eab40L,0x51f4c5b62760b390L,0xd238238f340dd553L,
-        0x358566c3db1d31c9L },
-      { 0x3a5ad69e5068f5ffL,0xf31435fcdaff6b06L,0xae549a5bd6debff0L,
-        0x59e5f0b775e01331L } },
-    /* 37 << 14 */
-    { { 0x5d492fb898559acfL,0x96018c2e4db79b50L,0x55f4a48f609f66aaL,
-        0x1943b3af4900a14fL },
-      { 0xc22496df15a40d39L,0xb2a446844c20f7c5L,0x76a35afa3b98404cL,
-        0xbec75725ff5d1b77L } },
-    /* 38 << 14 */
-    { { 0xb67aa163bea06444L,0x27e95bb2f724b6f2L,0x3c20e3e9d238c8abL,
-        0x1213754eddd6ae17L },
-      { 0x8c431020716e0f74L,0x6679c82effc095c2L,0x2eb3adf4d0ac2932L,
-        0x2cc970d301bb7a76L } },
-    /* 39 << 14 */
-    { { 0x70c71f2f740f0e66L,0x545c616b2b6b23ccL,0x4528cfcbb40a8bd7L,
-        0xff8396332ab27722L },
-      { 0x049127d9025ac99aL,0xd314d4a02b63e33bL,0xc8c310e728d84519L,
-        0x0fcb8983b3bc84baL } },
-    /* 40 << 14 */
-    { { 0x2cc5226138634818L,0x501814f4b44c2e0bL,0xf7e181aa54dfdba3L,
-        0xcfd58ff0e759718cL },
-      { 0xf90cdb14d3b507a8L,0x57bd478ec50bdad8L,0x29c197e250e5f9aaL,
-        0x4db6eef8e40bc855L } },
-    /* 41 << 14 */
-    { { 0x2cc8f21ad1fc0654L,0xc71cc96381269d73L,0xecfbb204077f49f9L,
-        0xdde92571ca56b793L },
-      { 0x9abed6a3f97ad8f7L,0xe6c19d3f924de3bdL,0x8dce92f4a140a800L,
-        0x85f44d1e1337af07L } },
-    /* 42 << 14 */
-    { { 0x5953c08b09d64c52L,0xa1b5e49ff5df9749L,0x336a8fb852735f7dL,
-        0xb332b6db9add676bL },
-      { 0x558b88a0b4511aa4L,0x09788752dbd5cc55L,0x16b43b9cd8cd52bdL,
-        0x7f0bc5a0c2a2696bL } },
-    /* 43 << 14 */
-    { { 0x146e12d4c11f61efL,0x9ce107543a83e79eL,0x08ec73d96cbfca15L,
-        0x09ff29ad5b49653fL },
-      { 0xe31b72bde7da946eL,0xebf9eb3bee80a4f2L,0xd1aabd0817598ce4L,
-        0x18b5fef453f37e80L } },
-    /* 44 << 14 */
-    { { 0xd5d5cdd35958cd79L,0x3580a1b51d373114L,0xa36e4c91fa935726L,
-        0xa38c534def20d760L },
-      { 0x7088e40a2ff5845bL,0xe5bb40bdbd78177fL,0x4f06a7a8857f9920L,
-        0xe3cc3e50e968f05dL } },
-    /* 45 << 14 */
-    { { 0x1d68b7fee5682d26L,0x5206f76faec7f87cL,0x41110530041951abL,
-        0x58ec52c1d4b5a71aL },
-      { 0xf3488f990f75cf9aL,0xf411951fba82d0d5L,0x27ee75be618895abL,
-        0xeae060d46d8aab14L } },
-    /* 46 << 14 */
-    { { 0x9ae1df737fb54dc2L,0x1f3e391b25963649L,0x242ec32afe055081L,
-        0x5bd450ef8491c9bdL },
-      { 0x367efc67981eb389L,0xed7e19283a0550d5L,0x362e776bab3ce75cL,
-        0xe890e3081f24c523L } },
-    /* 47 << 14 */
-    { { 0xb961b682feccef76L,0x8b8e11f58bba6d92L,0x8f2ccc4c2b2375c4L,
-        0x0d7f7a52e2f86cfaL },
-      { 0xfd94d30a9efe5633L,0x2d8d246b5451f934L,0x2234c6e3244e6a00L,
-        0xde2b5b0dddec8c50L } },
-    /* 48 << 14 */
-    { { 0x2ce53c5abf776f5bL,0x6f72407160357b05L,0xb259371771bf3f7aL,
-        0x87d2501c440c4a9fL },
-      { 0x440552e187b05340L,0xb7bf7cc821624c32L,0x4155a6ce22facddbL,
-        0x5a4228cb889837efL } },
-    /* 49 << 14 */
-    { { 0xef87d6d6fd4fd671L,0xa233687ec2daa10eL,0x7562224403c0eb96L,
-        0x7632d1848bf19be6L },
-      { 0x05d0f8e940735ff4L,0x3a3e6e13c00931f1L,0x31ccde6adafe3f18L,
-        0xf381366acfe51207L } },
-    /* 50 << 14 */
-    { { 0x24c222a960167d92L,0x62f9d6f87529f18cL,0x412397c00353b114L,
-        0x334d89dcef808043L },
-      { 0xd9ec63ba2a4383ceL,0xcec8e9375cf92ba0L,0xfb8b4288c8be74c0L,
-        0x67d6912f105d4391L } },
-    /* 51 << 14 */
-    { { 0x7b996c461b913149L,0x36aae2ef3a4e02daL,0xb68aa003972de594L,
-        0x284ec70d4ec6d545L },
-      { 0xf3d2b2d061391d54L,0x69c5d5d6fe114e92L,0xbe0f00b5b4482dffL,
-        0xe1596fa5f5bf33c5L } },
-    /* 52 << 14 */
-    { { 0x10595b5696a71cbaL,0x944938b2fdcadeb7L,0xa282da4cfccd8471L,
-        0x98ec05f30d37bfe1L },
-      { 0xe171ce1b0698304aL,0x2d69144421bdf79bL,0xd0cd3b741b21dec1L,
-        0x712ecd8b16a15f71L } },
-    /* 53 << 14 */
-    { { 0x8d4c00a700fd56e1L,0x02ec9692f9527c18L,0x21c449374a3e42e1L,
-        0x9176fbab1392ae0aL },
-      { 0x8726f1ba44b7b618L,0xb4d7aae9f1de491cL,0xf91df7b907b582c0L,
-        0x7e116c30ef60aa3aL } },
-    /* 54 << 14 */
-    { { 0x99270f81466265d7L,0xb15b6fe24df7adf0L,0xfe33b2d3f9738f7fL,
-        0x48553ab9d6d70f95L },
-      { 0x2cc72ac8c21e94dbL,0x795ac38dbdc0bbeeL,0x0a1be4492e40478fL,
-        0x81bd3394052bde55L } },
-    /* 55 << 14 */
-    { { 0x63c8dbe956b3c4f2L,0x017a99cf904177ccL,0x947bbddb4d010fc1L,
-        0xacf9b00bbb2c9b21L },
-      { 0x2970bc8d47173611L,0x1a4cbe08ac7d756fL,0x06d9f4aa67d541a2L,
-        0xa3e8b68959c2cf44L } },
-    /* 56 << 14 */
-    { { 0xaad066da4d88f1ddL,0xc604f1657ad35deaL,0x7edc07204478ca67L,
-        0xa10dfae0ba02ce06L },
-      { 0xeceb1c76af36f4e4L,0x994b2292af3f8f48L,0xbf9ed77b77c8a68cL,
-        0x74f544ea51744c9dL } },
-    /* 57 << 14 */
-    { { 0x82d05bb98113a757L,0x4ef2d2b48a9885e4L,0x1e332be51aa7865fL,
-        0x22b76b18290d1a52L },
-      { 0x308a231044351683L,0x9d861896a3f22840L,0x5959ddcd841ed947L,
-        0x0def0c94154b73bfL } },
-    /* 58 << 14 */
-    { { 0xf01054174c7c15e0L,0x539bfb023a277c32L,0xe699268ef9dccf5fL,
-        0x9f5796a50247a3bdL },
-      { 0x8b839de84f157269L,0xc825c1e57a30196bL,0x6ef0aabcdc8a5a91L,
-        0xf4a8ce6c498b7fe6L } },
-    /* 59 << 14 */
-    { { 0x1cce35a770cbac78L,0x83488e9bf6b23958L,0x0341a070d76cb011L,
-        0xda6c9d06ae1b2658L },
-      { 0xb701fb30dd648c52L,0x994ca02c52fb9fd1L,0x069331176f563086L,
-        0x3d2b810017856babL } },
-    /* 60 << 14 */
-    { { 0xe89f48c85963a46eL,0x658ab875a99e61c7L,0x6e296f874b8517b4L,
-        0x36c4fcdcfc1bc656L },
-      { 0xde5227a1a3906defL,0x9fe95f5762418945L,0x20c91e81fdd96cdeL,
-        0x5adbe47eda4480deL } },
-    /* 61 << 14 */
-    { { 0xa009370f396de2b6L,0x98583d4bf0ecc7bdL,0xf44f6b57e51d0672L,
-        0x03d6b078556b1984L },
-      { 0x27dbdd93b0b64912L,0x9b3a343415687b09L,0x0dba646151ec20a9L,
-        0xec93db7fff28187cL } },
-    /* 62 << 14 */
-    { { 0x00ff8c2466e48bddL,0x2514f2f911ccd78eL,0xeba11f4fe1250603L,
-        0x8a22cd41243fa156L },
-      { 0xa4e58df4b283e4c6L,0x78c298598b39783fL,0x5235aee2a5259809L,
-        0xc16284b50e0227ddL } },
-    /* 63 << 14 */
-    { { 0xa5f579161338830dL,0x6d4b8a6bd2123fcaL,0x236ea68af9c546f8L,
-        0xc1d36873fa608d36L },
-      { 0xcd76e4958d436d13L,0xd4d9c2218fb080afL,0x665c1728e8ad3fb5L,
-        0xcf1ebe4db3d572e0L } },
-    /* 64 << 14 */
-    { { 0xa7a8746a584c5e20L,0x267e4ea1b9dc7035L,0x593a15cfb9548c9bL,
-        0x5e6e21354bd012f3L },
-      { 0xdf31cc6a8c8f936eL,0x8af84d04b5c241dcL,0x63990a6f345efb86L,
-        0x6fef4e61b9b962cbL } },
-    /* 0 << 21 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 21 */
-    { { 0xf6368f0925722608L,0x131260db131cf5c6L,0x40eb353bfab4f7acL,
-        0x85c7888037eee829L },
-      { 0x4c1581ffc3bdf24eL,0x5bff75cbf5c3c5a8L,0x35e8c83fa14e6f40L,
-        0xb81d1c0f0295e0caL } },
-    /* 2 << 21 */
-    { { 0xfcde7cc8f43a730fL,0xe89b6f3c33ab590eL,0xc823f529ad03240bL,
-        0x82b79afe98bea5dbL },
-      { 0x568f2856962fe5deL,0x0c590adb60c591f3L,0x1fc74a144a28a858L,
-        0x3b662498b3203f4cL } },
-    /* 3 << 21 */
-    { { 0x91e3cf0d6c39765aL,0xa2db3acdac3cca0bL,0x288f2f08cb953b50L,
-        0x2414582ccf43cf1aL },
-      { 0x8dec8bbc60eee9a8L,0x54c79f02729aa042L,0xd81cd5ec6532f5d5L,
-        0xa672303acf82e15fL } },
-    /* 4 << 21 */
-    { { 0x376aafa8719c0563L,0xcd8ad2dcbc5fc79fL,0x303fdb9fcb750cd3L,
-        0x14ff052f4418b08eL },
-      { 0xf75084cf3e2d6520L,0x7ebdf0f8144ed509L,0xf43bf0f2d3f25b98L,
-        0x86ad71cfa354d837L } },
-    /* 5 << 21 */
-    { { 0xb827fe9226f43572L,0xdfd3ab5b5d824758L,0x315dd23a539094c1L,
-        0x85c0e37a66623d68L },
-      { 0x575c79727be19ae0L,0x616a3396df0d36b5L,0xa1ebb3c826b1ff7eL,
-        0x635b9485140ad453L } },
-    /* 6 << 21 */
-    { { 0x92bf3cdada430c0bL,0x4702850e3a96dac6L,0xc91cf0a515ac326aL,
-        0x95de4f49ab8c25e4L },
-      { 0xb01bad09e265c17cL,0x24e45464087b3881L,0xd43e583ce1fac5caL,
-        0xe17cb3186ead97a6L } },
-    /* 7 << 21 */
-    { { 0x6cc3924374dcec46L,0x33cfc02d54c2b73fL,0x82917844f26cd99cL,
-        0x8819dd95d1773f89L },
-      { 0x09572aa60871f427L,0x8e0cf365f6f01c34L,0x7fa52988bff1f5afL,
-        0x4eb357eae75e8e50L } },
-    /* 8 << 21 */
-    { { 0xd9d0c8c4868af75dL,0xd7325cff45c8c7eaL,0xab471996cc81ecb0L,
-        0xff5d55f3611824edL },
-      { 0xbe3145411977a0eeL,0x5085c4c5722038c6L,0x2d5335bff94bb495L,
-        0x894ad8a6c8e2a082L } },
-    /* 9 << 21 */
-    { { 0x5c3e2341ada35438L,0xf4a9fc89049b8c4eL,0xbeeb355a9f17cf34L,
-        0x3f311e0e6c91fe10L },
-      { 0xc2d2003892ab9891L,0x257bdcc13e8ce9a9L,0x1b2d978988c53beeL,
-        0x927ce89acdba143aL } },
-    /* 10 << 21 */
-    { { 0xb0a32cca523db280L,0x5c889f8a50d43783L,0x503e04b34897d16fL,
-        0x8cdb6e7808f5f2e8L },
-      { 0x6ab91cf0179c8e74L,0xd8874e5248211d60L,0xf948d4d5ea851200L,
-        0x4076d41ee6f9840aL } },
-    /* 11 << 21 */
-    { { 0xc20e263c47b517eaL,0x79a448fd30685e5eL,0xe55f6f78f90631a0L,
-        0x88a790b1a79e6346L },
-      { 0x62160c7d80969fe8L,0x54f92fd441491bb9L,0xa6645c235c957526L,
-        0xf44cc5aebea3ce7bL } },
-    /* 12 << 21 */
-    { { 0xf76283278b1e68b7L,0xc731ad7a303f29d3L,0xfe5a9ca957d03ecbL,
-        0x96c0d50c41bc97a7L },
-      { 0xc4669fe79b4f7f24L,0xfdd781d83d9967efL,0x7892c7c35d2c208dL,
-        0x8bf64f7cae545cb3L } },
-    /* 13 << 21 */
-    { { 0xc01f862c467be912L,0xf4c85ee9c73d30ccL,0x1fa6f4be6ab83ec7L,
-        0xa07a3c1c4e3e3cf9L },
-      { 0x87f8ef450c00beb3L,0x30e2c2b3000d4c3eL,0x1aa00b94fe08bf5bL,
-        0x32c133aa9224ef52L } },
-    /* 14 << 21 */
-    { { 0x38df16bb32e5685dL,0x68a9e06958e6f544L,0x495aaff7cdc5ebc6L,
-        0xf894a645378b135fL },
-      { 0xf316350a09e27ecfL,0xeced201e58f7179dL,0x2eec273ce97861baL,
-        0x47ec2caed693be2eL } },
-    /* 15 << 21 */
-    { { 0xfa4c97c4f68367ceL,0xe4f47d0bbe5a5755L,0x17de815db298a979L,
-        0xd7eca659c177dc7dL },
-      { 0x20fdbb7149ded0a3L,0x4cb2aad4fb34d3c5L,0x2cf31d2860858a33L,
-        0x3b6873efa24aa40fL } },
-    /* 16 << 21 */
-    { { 0x540234b22c11bb37L,0x2d0366dded4c74a3L,0xf9a968daeec5f25dL,
-        0x3660106867b63142L },
-      { 0x07cd6d2c68d7b6d4L,0xa8f74f090c842942L,0xe27514047768b1eeL,
-        0x4b5f7e89fe62aee4L } },
-    /* 17 << 21 */
-    { { 0xc6a7717789070d26L,0xa1f28e4edd1c8bc7L,0xea5f4f06469e1f17L,
-        0x78fc242afbdb78e0L },
-      { 0xc9c7c5928b0588f1L,0xb6b7a0fd1535921eL,0xcc5bdb91bde5ae35L,
-        0xb42c485e12ff1864L } },
-    /* 18 << 21 */
-    { { 0xa1113e13dbab98aaL,0xde9d469ba17b1024L,0x23f48b37c0462d3aL,
-        0x3752e5377c5c078dL },
-      { 0xe3a86add15544eb9L,0xf013aea780fba279L,0x8b5bb76cf22001b5L,
-        0xe617ba14f02891abL } },
-    /* 19 << 21 */
-    { { 0xd39182a6936219d3L,0x5ce1f194ae51cb19L,0xc78f8598bf07a74cL,
-        0x6d7158f222cbf1bcL },
-      { 0x3b846b21e300ce18L,0x35fba6302d11275dL,0x5fe25c36a0239b9bL,
-        0xd8beb35ddf05d940L } },
-    /* 20 << 21 */
-    { { 0x4db02bb01f7e320dL,0x0641c3646da320eaL,0x6d95fa5d821389a3L,
-        0x926997488fcd8e3dL },
-      { 0x316fef17ceb6c143L,0x67fcb841d933762bL,0xbb837e35118b17f8L,
-        0x4b92552f9fd24821L } },
-    /* 21 << 21 */
-    { { 0xae6bc70e46aca793L,0x1cf0b0e4e579311bL,0x8dc631be5802f716L,
-        0x099bdc6fbddbee4dL },
-      { 0xcc352bb20caf8b05L,0xf74d505a72d63df2L,0xb9876d4b91c4f408L,
-        0x1ce184739e229b2dL } },
-    /* 22 << 21 */
-    { { 0x4950759783abdb4aL,0x850fbcb6dee84b18L,0x6325236e609e67dcL,
-        0x04d831d99336c6d8L },
-      { 0x8deaae3bfa12d45dL,0xe425f8ce4746e246L,0x8004c17524f5f31eL,
-        0xaca16d8fad62c3b7L } },
-    /* 23 << 21 */
-    { { 0x0dc15a6a9152f934L,0xf1235e5ded0e12c1L,0xc33c06ecda477dacL,
-        0x76be8732b2ea0006L },
-      { 0xcf3f78310c0cd313L,0x3c524553a614260dL,0x31a756f8cab22d15L,
-        0x03ee10d177827a20L } },
-    /* 24 << 21 */
-    { { 0xd1e059b21994ef20L,0x2a653b69638ae318L,0x70d5eb582f699010L,
-        0x279739f709f5f84aL },
-      { 0x5da4663c8b799336L,0xfdfdf14d203c37ebL,0x32d8a9dca1dbfb2dL,
-        0xab40cff077d48f9bL } },
-    /* 25 << 21 */
-    { { 0xc018b383d20b42d5L,0xf9a810ef9f78845fL,0x40af3753bdba9df0L,
-        0xb90bdcfc131dfdf9L },
-      { 0x18720591f01ab782L,0xc823f2116af12a88L,0xa51b80f30dc14401L,
-        0xde248f77fb2dfbe3L } },
-    /* 26 << 21 */
-    { { 0xef5a44e50cafe751L,0x73997c9cd4dcd221L,0x32fd86d1de854024L,
-        0xd5b53adca09b84bbL },
-      { 0x008d7a11dcedd8d1L,0x406bd1c874b32c84L,0x5d4472ff05dde8b1L,
-        0x2e25f2cdfce2b32fL } },
-    /* 27 << 21 */
-    { { 0xbec0dd5e29dfc254L,0x4455fcf62b98b267L,0x0b4d43a5c72df2adL,
-        0xea70e6be48a75397L },
-      { 0x2aad61695820f3bfL,0xf410d2dd9e37f68fL,0x70fb7dba7be5ac83L,
-        0x636bb64536ec3eecL } },
-    /* 28 << 21 */
-    { { 0x27104ea39754e21cL,0xbc87a3e68d63c373L,0x483351d74109db9aL,
-        0x0fa724e360134da7L },
-      { 0x9ff44c29b0720b16L,0x2dd0cf1306aceeadL,0x5942758ce26929a6L,
-        0x96c5db92b766a92bL } },
-    /* 29 << 21 */
-    { { 0xcec7d4c05f18395eL,0xd3f227441f80d032L,0x7a68b37acb86075bL,
-        0x074764ddafef92dbL },
-      { 0xded1e9507bc7f389L,0xc580c850b9756460L,0xaeeec2a47da48157L,
-        0x3f0b4e7f82c587b3L } },
-    /* 30 << 21 */
-    { { 0x231c6de8a9f19c53L,0x5717bd736974e34eL,0xd9e1d216f1508fa9L,
-        0x9f112361dadaa124L },
-      { 0x80145e31823b7348L,0x4dd8f0d5ac634069L,0xe3d82fc72297c258L,
-        0x276fcfee9cee7431L } },
-    /* 31 << 21 */
-    { { 0x8eb61b5e2bc0aea9L,0x4f668fd5de329431L,0x03a32ab138e4b87eL,
-        0xe137451773d0ef0bL },
-      { 0x1a46f7e6853ac983L,0xc3bdf42e68e78a57L,0xacf207852ea96dd1L,
-        0xa10649b9f1638460L } },
-    /* 32 << 21 */
-    { { 0xf2369f0b879fbbedL,0x0ff0ae86da9d1869L,0x5251d75956766f45L,
-        0x4984d8c02be8d0fcL },
-      { 0x7ecc95a6d21008f0L,0x29bd54a03a1a1c49L,0xab9828c5d26c50f3L,
-        0x32c0087c51d0d251L } },
-    /* 33 << 21 */
-    { { 0x9bac3ce60c1cdb26L,0xcd94d947557ca205L,0x1b1bd5989db1fdcdL,
-        0x0eda0108a3d8b149L },
-      { 0x9506661056152fccL,0xc2f037e6e7192b33L,0xdeffb41ac92e05a4L,
-        0x1105f6c2c2f6c62eL } },
-    /* 34 << 21 */
-    { { 0x68e735008733913cL,0xcce861633f3adc40L,0xf407a94238a278e9L,
-        0xd13c1b9d2ab21292L },
-      { 0x93ed7ec71c74cf5cL,0x8887dc48f1a4c1b4L,0x3830ff304b3a11f1L,
-        0x358c5a3c58937cb6L } },
-    /* 35 << 21 */
-    { { 0x027dc40489022829L,0x40e939773b798f79L,0x90ad333738be6eadL,
-        0x9c23f6bcf34c0a5dL },
-      { 0xd1711a35fbffd8bbL,0x60fcfb491949d3ddL,0x09c8ef4b7825d93aL,
-        0x24233cffa0a8c968L } },
-    /* 36 << 21 */
-    { { 0x67ade46ce6d982afL,0xebb6bf3ee7544d7cL,0xd6b9ba763d8bd087L,
-        0x46fe382d4dc61280L },
-      { 0xbd39a7e8b5bdbd75L,0xab381331b8f228feL,0x0709a77cce1c4300L,
-        0x6a247e56f337ceacL } },
-    /* 37 << 21 */
-    { { 0x8f34f21b636288beL,0x9dfdca74c8a7c305L,0x6decfd1bea919e04L,
-        0xcdf2688d8e1991f8L },
-      { 0xe607df44d0f8a67eL,0xd985df4b0b58d010L,0x57f834c50c24f8f4L,
-        0xe976ef56a0bf01aeL } },
-    /* 38 << 21 */
-    { { 0x536395aca1c32373L,0x351027aa734c0a13L,0xd2f1b5d65e6bd5bcL,
-        0x2b539e24223debedL },
-      { 0xd4994cec0eaa1d71L,0x2a83381d661dcf65L,0x5f1aed2f7b54c740L,
-        0x0bea3fa5d6dda5eeL } },
-    /* 39 << 21 */
-    { { 0x9d4fb68436cc6134L,0x8eb9bbf3c0a443ddL,0xfc500e2e383b7d2aL,
-        0x7aad621c5b775257L },
-      { 0x69284d740a8f7cc0L,0xe820c2ce07562d65L,0xbf9531b9499758eeL,
-        0x73e95ca56ee0cc2dL } },
-    /* 40 << 21 */
-    { { 0xf61790abfbaf50a5L,0xdf55e76b684e0750L,0xec516da7f176b005L,
-        0x575553bb7a2dddc7L },
-      { 0x37c87ca3553afa73L,0x315f3ffc4d55c251L,0xe846442aaf3e5d35L,
-        0x61b911496495ff28L } },
-    /* 41 << 21 */
-    { { 0x23cc95d3fa326dc3L,0x1df4da1f18fc2ceaL,0x24bf9adcd0a37d59L,
-        0xb6710053320d6e1eL },
-      { 0x96f9667e618344d1L,0xcc7ce042a06445afL,0xa02d8514d68dbc3aL,
-        0x4ea109e4280b5a5bL } },
-    /* 42 << 21 */
-    { { 0x5741a7acb40961bfL,0x4ada59376aa56bfaL,0x7feb914502b765d1L,
-        0x561e97bee6ad1582L },
-      { 0xbbc4a5b6da3982f5L,0x0c2659edb546f468L,0xb8e7e6aa59612d20L,
-        0xd83dfe20ac19e8e0L } },
-    /* 43 << 21 */
-    { { 0x8530c45fb835398cL,0x6106a8bfb38a41c2L,0x21e8f9a635f5dcdbL,
-        0x39707137cae498edL },
-      { 0x70c23834d8249f00L,0x9f14b58fab2537a0L,0xd043c3655f61c0c2L,
-        0xdc5926d609a194a7L } },
-    /* 44 << 21 */
-    { { 0xddec03398e77738aL,0xd07a63effba46426L,0x2e58e79cee7f6e86L,
-        0xe59b0459ff32d241L },
-      { 0xc5ec84e520fa0338L,0x97939ac8eaff5aceL,0x0310a4e3b4a38313L,
-        0x9115fba28f9d9885L } },
-    /* 45 << 21 */
-    { { 0x8dd710c25fadf8c3L,0x66be38a2ce19c0e2L,0xd42a279c4cfe5022L,
-        0x597bb5300e24e1b8L },
-      { 0x3cde86b7c153ca7fL,0xa8d30fb3707d63bdL,0xac905f92bd60d21eL,
-        0x98e7ffb67b9a54abL } },
-    /* 46 << 21 */
-    { { 0xd7147df8e9726a30L,0xb5e216ffafce3533L,0xb550b7992ff1ec40L,
-        0x6b613b87a1e953fdL },
-      { 0x87b88dba792d5610L,0x2ee1270aa190fbe1L,0x02f4e2dc2ef581daL,
-        0x016530e4eff82a95L } },
-    /* 47 << 21 */
-    { { 0xcbb93dfd8fd6ee89L,0x16d3d98646848fffL,0x600eff241da47adfL,
-        0x1b9754a00ad47a71L },
-      { 0x8f9266df70c33b98L,0xaadc87aedf34186eL,0x0d2ce8e14ad24132L,
-        0x8a47cbfc19946ebaL } },
-    /* 48 << 21 */
-    { { 0x47feeb6662b5f3afL,0xcefab5610abb3734L,0x449de60e19f35cb1L,
-        0x39f8db14157f0eb9L },
-      { 0xffaecc5b3c61bfd6L,0xa5a4d41d41216703L,0x7f8fabed224e1cc2L,
-        0x0d5a8186871ad953L } },
-    /* 49 << 21 */
-    { { 0xf10774f7d22da9a9L,0x45b8a678cc8a9b0dL,0xd9c2e722bdc32cffL,
-        0xbf71b5f5337202a5L },
-      { 0x95c57f2f69fc4db9L,0xb6dad34c765d01e1L,0x7e0bd13fcb904635L,
-        0x61751253763a588cL } },
-    /* 50 << 21 */
-    { { 0xd85c299781af2c2dL,0xc0f7d9c481b9d7daL,0x838a34ae08533e8dL,
-        0x15c4cb08311d8311L },
-      { 0x97f832858e121e14L,0xeea7dc1e85000a5fL,0x0c6059b65d256274L,
-        0xec9beaceb95075c0L } },
-    /* 51 << 21 */
-    { { 0x173daad71df97828L,0xbf851cb5a8937877L,0xb083c59401646f3cL,
-        0x3bad30cf50c6d352L },
-      { 0xfeb2b202496bbceaL,0x3cf9fd4f18a1e8baL,0xd26de7ff1c066029L,
-        0x39c81e9e4e9ed4f8L } },
-    /* 52 << 21 */
-    { { 0xd8be0cb97b390d35L,0x01df2bbd964aab27L,0x3e8c1a65c3ef64f8L,
-        0x567291d1716ed1ddL },
-      { 0x95499c6c5f5406d3L,0x71fdda395ba8e23fL,0xcfeb320ed5096eceL,
-        0xbe7ba92bca66dd16L } },
-    /* 53 << 21 */
-    { { 0x4608d36bc6fb5a7dL,0xe3eea15a6d2dd0e0L,0x75b0a3eb8f97a36aL,
-        0xf59814cc1c83de1eL },
-      { 0x56c9c5b01c33c23fL,0xa96c1da46faa4136L,0x46bf2074de316551L,
-        0x3b866e7b1f756c8fL } },
-    /* 54 << 21 */
-    { { 0x727727d81495ed6bL,0xb2394243b682dce7L,0x8ab8454e758610f3L,
-        0xc243ce84857d72a4L },
-      { 0x7b320d71dbbf370fL,0xff9afa3778e0f7caL,0x0119d1e0ea7b523fL,
-        0xb997f8cb058c7d42L } },
-    /* 55 << 21 */
-    { { 0x285bcd2a37bbb184L,0x51dcec49a45d1fa6L,0x6ade3b64e29634cbL,
-        0x080c94a726b86ef1L },
-      { 0xba583db12283fbe3L,0x902bddc85a9315edL,0x07c1ccb386964becL,
-        0x78f4eacfb6258301L } },
-    /* 56 << 21 */
-    { { 0x4bdf3a4956f90823L,0xba0f5080741d777bL,0x091d71c3f38bf760L,
-        0x9633d50f9b625b02L },
-      { 0x03ecb743b8c9de61L,0xb47512545de74720L,0x9f9defc974ce1cb2L,
-        0x774a4f6a00bd32efL } },
-    /* 57 << 21 */
-    { { 0xaca385f773848f22L,0x53dad716f3f8558eL,0xab7b34b093c471f9L,
-        0xf530e06919644bc7L },
-      { 0x3d9fb1ffdd59d31aL,0x4382e0df08daa795L,0x165c6f4bd5cc88d7L,
-        0xeaa392d54a18c900L } },
-    /* 58 << 21 */
-    { { 0x94203c67648024eeL,0x188763f28c2fabcdL,0xa80f87acbbaec835L,
-        0x632c96e0f29d8d54L },
-      { 0x29b0a60e4c00a95eL,0x2ef17f40e011e9faL,0xf6c0e1d115b77223L,
-        0xaaec2c6214b04e32L } },
-    /* 59 << 21 */
-    { { 0xd35688d83d84e58cL,0x2af5094c958571dbL,0x4fff7e19760682a6L,
-        0x4cb27077e39a407cL },
-      { 0x0f59c5474ff0e321L,0x169f34a61b34c8ffL,0x2bff109652bc1ba7L,
-        0xa25423b783583544L } },
-    /* 60 << 21 */
-    { { 0x5d55d5d50ac8b782L,0xff6622ec2db3c892L,0x48fce7416b8bb642L,
-        0x31d6998c69d7e3dcL },
-      { 0xdbaf8004cadcaed0L,0x801b0142d81d053cL,0x94b189fc59630ec6L,
-        0x120e9934af762c8eL } },
-    /* 61 << 21 */
-    { { 0x53a29aa4fdc6a404L,0x19d8e01ea1909948L,0x3cfcabf1d7e89681L,
-        0x3321a50d4e132d37L },
-      { 0xd0496863e9a86111L,0x8c0cde6106a3bc65L,0xaf866c49fc9f8eefL,
-        0x2066350eff7f5141L } },
-    /* 62 << 21 */
-    { { 0x4f8a4689e56ddfbdL,0xea1b0c07fe32983aL,0x2b317462873cb8cbL,
-        0x658deddc2d93229fL },
-      { 0x65efaf4d0f64ef58L,0xfe43287d730cc7a8L,0xaebc0c723d047d70L,
-        0x92efa539d92d26c9L } },
-    /* 63 << 21 */
-    { { 0x06e7845794b56526L,0x415cb80f0961002dL,0x89e5c56576dcb10fL,
-        0x8bbb6982ff9259feL },
-      { 0x4fe8795b9abc2668L,0xb5d4f5341e678fb1L,0x6601f3be7b7da2b9L,
-        0x98da59e2a13d6805L } },
-    /* 64 << 21 */
-    { { 0x190d8ea601799a52L,0xa20cec41b86d2952L,0x3062ffb27fff2a7cL,
-        0x741b32e579f19d37L },
-      { 0xf80d81814eb57d47L,0x7a2d0ed416aef06bL,0x09735fb01cecb588L,
-        0x1641caaac6061f5bL } },
-    /* 0 << 28 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 28 */
-    { { 0x7f99824f20151427L,0x206828b692430206L,0xaa9097d7e1112357L,
-        0xacf9a2f209e414ecL },
-      { 0xdbdac9da27915356L,0x7e0734b7001efee3L,0x54fab5bbd2b288e2L,
-        0x4c630fc4f62dd09cL } },
-    /* 2 << 28 */
-    { { 0x8537107a1ac2703bL,0xb49258d86bc857b5L,0x57df14debcdaccd1L,
-        0x24ab68d7c4ae8529L },
-      { 0x7ed8b5d4734e59d0L,0x5f8740c8c495cc80L,0x84aedd5a291db9b3L,
-        0x80b360f84fb995beL } },
-    /* 3 << 28 */
-    { { 0xae915f5d5fa067d1L,0x4134b57f9668960cL,0xbd3656d6a48edaacL,
-        0xdac1e3e4fc1d7436L },
-      { 0x674ff869d81fbb26L,0x449ed3ecb26c33d4L,0x85138705d94203e8L,
-        0xccde538bbeeb6f4aL } },
-    /* 4 << 28 */
-    { { 0x55d5c68da61a76faL,0x598b441dca1554dcL,0xd39923b9773b279cL,
-        0x33331d3c36bf9efcL },
-      { 0x2d4c848e298de399L,0xcfdb8e77a1a27f56L,0x94c855ea57b8ab70L,
-        0xdcdb9dae6f7879baL } },
-    /* 5 << 28 */
-    { { 0x7bdff8c2019f2a59L,0xb3ce5bb3cb4fbc74L,0xea907f688a9173ddL,
-        0x6cd3d0d395a75439L },
-      { 0x92ecc4d6efed021cL,0x09a9f9b06a77339aL,0x87ca6b157188c64aL,
-        0x10c2996844899158L } },
-    /* 6 << 28 */
-    { { 0x5859a229ed6e82efL,0x16f338e365ebaf4eL,0x0cd313875ead67aeL,
-        0x1c73d22854ef0bb4L },
-      { 0x4cb5513174a5c8c7L,0x01cd29707f69ad6aL,0xa04d00dde966f87eL,
-        0xd96fe4470b7b0321L } },
-    /* 7 << 28 */
-    { { 0x342ac06e88fbd381L,0x02cd4a845c35a493L,0xe8fa89de54f1bbcdL,
-        0x341d63672575ed4cL },
-      { 0xebe357fbd238202bL,0x600b4d1aa984ead9L,0xc35c9f4452436ea0L,
-        0x96fe0a39a370751bL } },
-    /* 8 << 28 */
-    { { 0x4c4f07367f636a38L,0x9f943fb70e76d5cbL,0xb03510baa8b68b8bL,
-        0xc246780a9ed07a1fL },
-      { 0x3c0514156d549fc2L,0xc2953f31607781caL,0x955e2c69d8d95413L,
-        0xb300fadc7bd282e3L } },
-    /* 9 << 28 */
-    { { 0x81fe7b5087e9189fL,0xdb17375cf42dda27L,0x22f7d896cf0a5904L,
-        0xa0e57c5aebe348e6L },
-      { 0xa61011d3f40e3c80L,0xb11893218db705c5L,0x4ed9309e50fedec3L,
-        0xdcf14a104d6d5c1dL } },
-    /* 10 << 28 */
-    { { 0x056c265b55691342L,0xe8e0850491049dc7L,0x131329f5c9bae20aL,
-        0x96c8b3e8d9dccdb4L },
-      { 0x8c5ff838fb4ee6b4L,0xfc5a9aeb41e8ccf0L,0x7417b764fae050c6L,
-        0x0953c3d700452080L } },
-    /* 11 << 28 */
-    { { 0x2137268238dfe7e8L,0xea417e152bb79d4bL,0x59641f1c76e7cf2dL,
-        0x271e3059ea0bcfccL },
-      { 0x624c7dfd7253ecbdL,0x2f552e254fca6186L,0xcbf84ecd4d866e9cL,
-        0x73967709f68d4610L } },
-    /* 12 << 28 */
-    { { 0xa14b1163c27901b4L,0xfd9236e0899b8bf3L,0x42b091eccbc6da0aL,
-        0xbb1dac6f5ad1d297L },
-      { 0x80e61d53a91cf76eL,0x4110a412d31f1ee7L,0x2d87c3ba13efcf77L,
-        0x1f374bb4df450d76L } },
-    /* 13 << 28 */
-    { { 0x5e78e2f20d188dabL,0xe3968ed0f4b885efL,0x46c0568e7314570fL,
-        0x3161633801170521L },
-      { 0x18e1e7e24f0c8afeL,0x4caa75ffdeea78daL,0x82db67f27c5d8a51L,
-        0x36a44d866f505370L } },
-    /* 14 << 28 */
-    { { 0xd72c5bda0333974fL,0x5db516ae27a70146L,0x34705281210ef921L,
-        0xbff17a8f0c9c38e5L },
-      { 0x78f4814e12476da1L,0xc1e1661333c16980L,0x9e5b386f424d4bcaL,
-        0x4c274e87c85740deL } },
-    /* 15 << 28 */
-    { { 0xb6a9b88d6c2f5226L,0x14d1b944550d7ca8L,0x580c85fc1fc41709L,
-        0xc1da368b54c6d519L },
-      { 0x2b0785ced5113cf7L,0x0670f6335a34708fL,0x46e2376715cc3f88L,
-        0x1b480cfa50c72c8fL } },
-    /* 16 << 28 */
-    { { 0x202886024147519aL,0xd0981eac26b372f0L,0xa9d4a7caa785ebc8L,
-        0xd953c50ddbdf58e9L },
-      { 0x9d6361ccfd590f8fL,0x72e9626b44e6c917L,0x7fd9611022eb64cfL,
-        0x863ebb7e9eb288f3L } },
-    /* 17 << 28 */
-    { { 0x6e6ab7616aca8ee7L,0x97d10b39d7b40358L,0x1687d3771e5feb0dL,
-        0xc83e50e48265a27aL },
-      { 0x8f75a9fec954b313L,0xcc2e8f47310d1f61L,0xf5ba81c56557d0e0L,
-        0x25f9680c3eaf6207L } },
-    /* 18 << 28 */
-    { { 0xf95c66094354080bL,0x5225bfa57bf2fe1cL,0xc5c004e25c7d98faL,
-        0x3561bf1c019aaf60L },
-      { 0x5e6f9f17ba151474L,0xdec2f934b04f6ecaL,0x64e368a1269acb1eL,
-        0x1332d9e40cdda493L } },
-    /* 19 << 28 */
-    { { 0x60d6cf69df23de05L,0x66d17da2009339a0L,0x9fcac9850a693923L,
-        0xbcf057fced7c6a6dL },
-      { 0xc3c5c8c5f0b5662cL,0x25318dd8dcba4f24L,0x60e8cb75082b69ffL,
-        0x7c23b3ee1e728c01L } },
-    /* 20 << 28 */
-    { { 0x15e10a0a097e4403L,0xcb3d0a8619854665L,0x88d8e211d67d4826L,
-        0xb39af66e0b9d2839L },
-      { 0xa5f94588bd475ca8L,0xe06b7966c077b80bL,0xfedb1485da27c26cL,
-        0xd290d33afe0fd5e0L } },
-    /* 21 << 28 */
-    { { 0xa40bcc47f34fb0faL,0xb4760cc81fb1ab09L,0x8fca0993a273bfe3L,
-        0x13e4fe07f70b213cL },
-      { 0x3bcdb992fdb05163L,0x8c484b110c2b19b6L,0x1acb815faaf2e3e2L,
-        0xc6905935b89ff1b4L } },
-    /* 22 << 28 */
-    { { 0xb2ad6f9d586e74e1L,0x488883ad67b80484L,0x758aa2c7369c3ddbL,
-        0x8ab74e699f9afd31L },
-      { 0x10fc2d285e21beb1L,0x3484518a318c42f9L,0x377427dc53cf40c3L,
-        0x9de0781a391bc1d9L } },
-    /* 23 << 28 */
-    { { 0x8faee858693807e1L,0xa38653274e81ccc7L,0x02c30ff26f835b84L,
-        0xb604437b0d3d38d4L },
-      { 0xb3fc8a985ca1823dL,0xb82f7ec903be0324L,0xee36d761cf684a33L,
-        0x5a01df0e9f29bf7dL } },
-    /* 24 << 28 */
-    { { 0x686202f31306583dL,0x05b10da0437c622eL,0xbf9aaa0f076a7bc8L,
-        0x25e94efb8f8f4e43L },
-      { 0x8a35c9b7fa3dc26dL,0xe0e5fb9396ff03c5L,0xa77e3843ebc394ceL,
-        0xcede65958361de60L } },
-    /* 25 << 28 */
-    { { 0xd27c22f6a1993545L,0xab01cc3624d671baL,0x63fa2877a169c28eL,
-        0x925ef9042eb08376L },
-      { 0x3b2fa3cf53aa0b32L,0xb27beb5b71c49d7aL,0xb60e1834d105e27fL,
-        0xd60897884f68570dL } },
-    /* 26 << 28 */
-    { { 0x23094ce0d6fbc2acL,0x738037a1815ff551L,0xda73b1bb6bef119cL,
-        0xdcf6c430eef506baL },
-      { 0x00e4fe7be3ef104aL,0xebdd9a2c0a065628L,0x853a81c38792043eL,
-        0x22ad6eceb3b59108L } },
-    /* 27 << 28 */
-    { { 0x9fb813c039cd297dL,0x8ec7e16e05bda5d9L,0x2834797c0d104b96L,
-        0xcc11a2e77c511510L },
-      { 0x96ca5a5396ee6380L,0x054c8655cea38742L,0xb5946852d54dfa7dL,
-        0x97c422e71f4ab207L } },
-    /* 28 << 28 */
-    { { 0xbf9075090c22b540L,0x2cde42aab7c267d4L,0xba18f9ed5ab0d693L,
-        0x3ba62aa66e4660d9L },
-      { 0xb24bf97bab9ea96aL,0x5d039642e3b60e32L,0x4e6a45067c4d9bd5L,
-        0x666c5b9e7ed4a6a4L } },
-    /* 29 << 28 */
-    { { 0xfa3fdcd98edbd7ccL,0x4660bb87c6ccd753L,0x9ae9082021e6b64fL,
-        0x8a56a713b36bfb3fL },
-      { 0xabfce0965726d47fL,0x9eed01b20b1a9a7fL,0x30e9cad44eb74a37L,
-        0x7b2524cc53e9666dL } },
-    /* 30 << 28 */
-    { { 0x6a29683b8f4b002fL,0xc2200d7a41f4fc20L,0xcf3af47a3a338accL,
-        0x6539a4fbe7128975L },
-      { 0xcec31c14c33c7fcfL,0x7eb6799bc7be322bL,0x119ef4e96646f623L,
-        0x7b7a26a554d7299bL } },
-    /* 31 << 28 */
-    { { 0xcb37f08d403f46f2L,0x94b8fc431a0ec0c7L,0xbb8514e3c332142fL,
-        0xf3ed2c33e80d2a7aL },
-      { 0x8d2080afb639126cL,0xf7b6be60e3553adeL,0x3950aa9f1c7e2b09L,
-        0x847ff9586410f02bL } },
-    /* 32 << 28 */
-    { { 0x877b7cf5678a31b0L,0xd50301ae3998b620L,0x734257c5c00fb396L,
-        0xf9fb18a004e672a6L },
-      { 0xff8bd8ebe8758851L,0x1e64e4c65d99ba44L,0x4b8eaedf7dfd93b7L,
-        0xba2f2a9804e76b8cL } },
-    /* 33 << 28 */
-    { { 0x7d790cbae8053433L,0xc8e725a03d2c9585L,0x58c5c476cdd8f5edL,
-        0xd106b952efa9fe1dL },
-      { 0x3c5c775b0eff13a9L,0x242442bae057b930L,0xe9f458d4c9b70cbdL,
-        0x69b71448a3cdb89aL } },
-    /* 34 << 28 */
-    { { 0x41ee46f60e2ed742L,0x573f104540067493L,0xb1e154ff9d54c304L,
-        0x2ad0436a8d3a7502L },
-      { 0xee4aaa2d431a8121L,0xcd38b3ab886f11edL,0x57d49ea6034a0eb7L,
-        0xd2b773bdf7e85e58L } },
-    /* 35 << 28 */
-    { { 0x4a559ac49b5c1f14L,0xc444be1a3e54df2bL,0x13aad704eda41891L,
-        0xcd927bec5eb5c788L },
-      { 0xeb3c8516e48c8a34L,0x1b7ac8124b546669L,0x1815f896594df8ecL,
-        0x87c6a79c79227865L } },
-    /* 36 << 28 */
-    { { 0xae02a2f09b56ddbdL,0x1339b5ac8a2f1cf3L,0xf2b569c7839dff0dL,
-        0xb0b9e864fee9a43dL },
-      { 0x4ff8ca4177bb064eL,0x145a2812fd249f63L,0x3ab7beacf86f689aL,
-        0x9bafec2701d35f5eL } },
-    /* 37 << 28 */
-    { { 0x28054c654265aa91L,0xa4b18304035efe42L,0x6887b0e69639dec7L,
-        0xf4b8f6ad3d52aea5L },
-      { 0xfb9293cc971a8a13L,0x3f159e5d4c934d07L,0x2c50e9b109acbc29L,
-        0x08eb65e67154d129L } },
-    /* 38 << 28 */
-    { { 0x4feff58930b75c3eL,0x0bb82fe294491c93L,0xd8ac377a89af62bbL,
-        0xd7b514909685e49fL },
-      { 0xabca9a7b04497f19L,0x1b35ed0a1a7ad13fL,0x6b601e213ec86ed6L,
-        0xda91fcb9ce0c76f1L } },
-    /* 39 << 28 */
-    { { 0x9e28507bd7ab27e1L,0x7c19a55563945b7bL,0x6b43f0a1aafc9827L,
-        0x443b4fbd3aa55b91L },
-      { 0x962b2e656962c88fL,0x139da8d4ce0db0caL,0xb93f05dd1b8d6c4fL,
-        0x779cdff7180b9824L } },
-    /* 40 << 28 */
-    { { 0xbba23fddae57c7b7L,0x345342f21b932522L,0xfd9c80fe556d4aa3L,
-        0xa03907ba6525bb61L },
-      { 0x38b010e1ff218933L,0xc066b654aa52117bL,0x8e14192094f2e6eaL,
-        0x66a27dca0d32f2b2L } },
-    /* 41 << 28 */
-    { { 0x69c7f993048b3717L,0xbf5a989ab178ae1cL,0x49fa9058564f1d6bL,
-        0x27ec6e15d31fde4eL },
-      { 0x4cce03737276e7fcL,0x64086d7989d6bf02L,0x5a72f0464ccdd979L,
-        0x909c356647775631L } },
-    /* 42 << 28 */
-    { { 0x1c07bc6b75dd7125L,0xb4c6bc9787a0428dL,0x507ece52fdeb6b9dL,
-        0xfca56512b2c95432L },
-      { 0x15d97181d0e8bd06L,0x384dd317c6bb46eaL,0x5441ea203952b624L,
-        0xbcf70dee4e7dc2fbL } },
-    /* 43 << 28 */
-    { { 0x372b016e6628e8c3L,0x07a0d667b60a7522L,0xcf05751b0a344ee2L,
-        0x0ec09a48118bdeecL },
-      { 0x6e4b3d4ed83dce46L,0x43a6316d99d2fc6eL,0xa99d898956cf044cL,
-        0x7c7f4454ae3e5fb7L } },
-    /* 44 << 28 */
-    { { 0xb2e6b121fbabbe92L,0x281850fbe1330076L,0x093581ec97890015L,
-        0x69b1dded75ff77f5L },
-      { 0x7cf0b18fab105105L,0x953ced31a89ccfefL,0x3151f85feb914009L,
-        0x3c9f1b8788ed48adL } },
-    /* 45 << 28 */
-    { { 0xc9aba1a14a7eadcbL,0x928e7501522e71cfL,0xeaede7273a2e4f83L,
-        0x467e10d11ce3bbd3L },
-      { 0xf3442ac3b955dcf0L,0xba96307dd3d5e527L,0xf763a10efd77f474L,
-        0x5d744bd06a6e1ff0L } },
-    /* 46 << 28 */
-    { { 0xd287282aa777899eL,0xe20eda8fd03f3cdeL,0x6a7e75bb50b07d31L,
-        0x0b7e2a946f379de4L },
-      { 0x31cb64ad19f593cfL,0x7b1a9e4f1e76ef1dL,0xe18c9c9db62d609cL,
-        0x439bad6de779a650L } },
-    /* 47 << 28 */
-    { { 0x219d9066e032f144L,0x1db632b8e8b2ec6aL,0xff0d0fd4fda12f78L,
-        0x56fb4c2d2a25d265L },
-      { 0x5f4e2ee1255a03f1L,0x61cd6af2e96af176L,0xe0317ba8d068bc97L,
-        0x927d6bab264b988eL } },
-    /* 48 << 28 */
-    { { 0xa18f07e0e90fb21eL,0x00fd2b80bba7fca1L,0x20387f2795cd67b5L,
-        0x5b89a4e7d39707f7L },
-      { 0x8f83ad3f894407ceL,0xa0025b946c226132L,0xc79563c7f906c13bL,
-        0x5f548f314e7bb025L } },
-    /* 49 << 28 */
-    { { 0x2b4c6b8feac6d113L,0xa67e3f9c0e813c76L,0x3982717c3fe1f4b9L,
-        0x5886581926d8050eL },
-      { 0x99f3640cf7f06f20L,0xdc6102162a66ebc2L,0x52f2c175767a1e08L,
-        0x05660e1a5999871bL } },
-    /* 50 << 28 */
-    { { 0x6b0f17626d3c4693L,0xf0e7d62737ed7beaL,0xc51758c7b75b226dL,
-        0x40a886281f91613bL },
-      { 0x889dbaa7bbb38ce0L,0xe0404b65bddcad81L,0xfebccd3a8bc9671fL,
-        0xfbf9a357ee1f5375L } },
-    /* 51 << 28 */
-    { { 0x5dc169b028f33398L,0xb07ec11d72e90f65L,0xae7f3b4afaab1eb1L,
-        0xd970195e5f17538aL },
-      { 0x52b05cbe0181e640L,0xf5debd622643313dL,0x761481545df31f82L,
-        0x23e03b333a9e13c5L } },
-    /* 52 << 28 */
-    { { 0xff7589494fde0c1fL,0xbf8a1abee5b6ec20L,0x702278fb87e1db6cL,
-        0xc447ad7a35ed658fL },
-      { 0x48d4aa3803d0ccf2L,0x80acb338819a7c03L,0x9bc7c89e6e17ceccL,
-        0x46736b8b03be1d82L } },
-    /* 53 << 28 */
-    { { 0xd65d7b60c0432f96L,0xddebe7a3deb5442fL,0x79a253077dff69a2L,
-        0x37a56d9402cf3122L },
-      { 0x8bab8aedf2350d0aL,0x13c3f276037b0d9aL,0xc664957c44c65caeL,
-        0x88b44089c2e71a88L } },
-    /* 54 << 28 */
-    { { 0xdb88e5a35cb02664L,0x5d4c0bf18686c72eL,0xea3d9b62a682d53eL,
-        0x9b605ef40b2ad431L },
-      { 0x71bac202c69645d0L,0xa115f03a6a1b66e7L,0xfe2c563a158f4dc4L,
-        0xf715b3a04d12a78cL } },
-    /* 55 << 28 */
-    { { 0x8f7f0a48d413213aL,0x2035806dc04becdbL,0xecd34a995d8587f5L,
-        0x4d8c30799f6d3a71L },
-      { 0x1b2a2a678d95a8f6L,0xc58c9d7df2110d0dL,0xdeee81d5cf8fba3fL,
-        0xa42be3c00c7cdf68L } },
-    /* 56 << 28 */
-    { { 0x2126f742d43b5eaaL,0x054a0766dfa59b85L,0x9d0d5e36126bfd45L,
-        0xa1f8fbd7384f8a8fL },
-      { 0x317680f5d563fcccL,0x48ca5055f280a928L,0xe00b81b227b578cfL,
-        0x10aad9182994a514L } },
-    /* 57 << 28 */
-    { { 0xd9e07b62b7bdc953L,0x9f0f6ff25bc086ddL,0x09d1ccff655eee77L,
-        0x45475f795bef7df1L },
-      { 0x3faa28fa86f702ccL,0x92e609050f021f07L,0xe9e629687f8fa8c6L,
-        0xbd71419af036ea2cL } },
-    /* 58 << 28 */
-    { { 0x171ee1cc6028da9aL,0x5352fe1ac251f573L,0xf8ff236e3fa997f4L,
-        0xd831b6c9a5749d5fL },
-      { 0x7c872e1de350e2c2L,0xc56240d91e0ce403L,0xf9deb0776974f5cbL,
-        0x7d50ba87961c3728L } },
-    /* 59 << 28 */
-    { { 0xd6f894265a3a2518L,0xcf817799c6303d43L,0x510a0471619e5696L,
-        0xab049ff63a5e307bL },
-      { 0xe4cdf9b0feb13ec7L,0xd5e971179d8ff90cL,0xf6f64d069afa96afL,
-        0x00d0bf5e9d2012a2L } },
-    /* 60 << 28 */
-    { { 0xe63f301f358bcdc0L,0x07689e990a9d47f8L,0x1f689e2f4f43d43aL,
-        0x4d542a1690920904L },
-      { 0xaea293d59ca0a707L,0xd061fe458ac68065L,0x1033bf1b0090008cL,
-        0x29749558c08a6db6L } },
-    /* 61 << 28 */
-    { { 0x74b5fc59c1d5d034L,0xf712e9f667e215e0L,0xfd520cbd860200e6L,
-        0x0229acb43ea22588L },
-      { 0x9cd1e14cfff0c82eL,0x87684b6259c69e73L,0xda85e61c96ccb989L,
-        0x2d5dbb02a3d06493L } },
-    /* 62 << 28 */
-    { { 0xf22ad33ae86b173cL,0xe8e41ea5a79ff0e3L,0x01d2d725dd0d0c10L,
-        0x31f39088032d28f9L },
-      { 0x7b3f71e17829839eL,0x0cf691b44502ae58L,0xef658dbdbefc6115L,
-        0xa5cd6ee5b3ab5314L } },
-    /* 63 << 28 */
-    { { 0x206c8d7b5f1d2347L,0x794645ba4cc2253aL,0xd517d8ff58389e08L,
-        0x4fa20dee9f847288L },
-      { 0xeba072d8d797770aL,0x7360c91dbf429e26L,0x7200a3b380af8279L,
-        0x6a1c915082dadce3L } },
-    /* 64 << 28 */
-    { { 0x0ee6d3a7c35d8794L,0x042e65580356bae5L,0x9f59698d643322fdL,
-        0x9379ae1550a61967L },
-      { 0x64b9ae62fcc9981eL,0xaed3d6316d2934c6L,0x2454b3025e4e65ebL,
-        0xab09f647f9950428L } },
-    /* 0 << 35 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 35 */
-    { { 0xb2083a1222248accL,0x1f6ec0ef3264e366L,0x5659b7045afdee28L,
-        0x7a823a40e6430bb5L },
-      { 0x24592a04e1900a79L,0xcde09d4ac9ee6576L,0x52b6463f4b5ea54aL,
-        0x1efe9ed3d3ca65a7L } },
-    /* 2 << 35 */
-    { { 0xe27a6dbe305406ddL,0x8eb7dc7fdd5d1957L,0xf54a6876387d4d8fL,
-        0x9c479409c7762de4L },
-      { 0xbe4d5b5d99b30778L,0x25380c566e793682L,0x602d37f3dac740e3L,
-        0x140deabe1566e4aeL } },
-    /* 3 << 35 */
-    { { 0x4481d067afd32acfL,0xd8f0fccae1f71ccfL,0xd208dd0cb596f2daL,
-        0xd049d7309aad93f9L },
-      { 0xc79f263d42ab580eL,0x09411bb123f707b4L,0x8cfde1ff835e0edaL,
-        0x7270749090f03402L } },
-    /* 4 << 35 */
-    { { 0xeaee6126c49a861eL,0x024f3b65e14f0d06L,0x51a3f1e8c69bfc17L,
-        0xc3c3a8e9a7686381L },
-      { 0x3400752cb103d4c8L,0x02bc46139218b36bL,0xc67f75eb7651504aL,
-        0xd6848b56d02aebfaL } },
-    /* 5 << 35 */
-    { { 0xbd9802e6c30fa92bL,0x5a70d96d9a552784L,0x9085c4ea3f83169bL,
-        0xfa9423bb06908228L },
-      { 0x2ffebe12fe97a5b9L,0x85da604971b99118L,0x9cbc2f7f63178846L,
-        0xfd96bc709153218eL } },
-    /* 6 << 35 */
-    { { 0x958381db1782269bL,0xae34bf792597e550L,0xbb5c60645f385153L,
-        0x6f0e96afe3088048L },
-      { 0xbf6a021577884456L,0xb3b5688c69310ea7L,0x17c9429504fad2deL,
-        0xe020f0e517896d4dL } },
-    /* 7 << 35 */
-    { { 0x730ba0ab0976505fL,0x567f6813095e2ec5L,0x470620106331ab71L,
-        0x72cfa97741d22b9fL },
-      { 0x33e55ead8a2373daL,0xa8d0d5f47ba45a68L,0xba1d8f9c03029d15L,
-        0x8f34f1ccfc55b9f3L } },
-    /* 8 << 35 */
-    { { 0xcca4428dbbe5a1a9L,0x8187fd5f3126bd67L,0x0036973a48105826L,
-        0xa39b6663b8bd61a0L },
-      { 0x6d42deef2d65a808L,0x4969044f94636b19L,0xf611ee47dd5d564cL,
-        0x7b2f3a49d2873077L } },
-    /* 9 << 35 */
-    { { 0x94157d45300eb294L,0x2b2a656e169c1494L,0xc000dd76d3a47aa9L,
-        0xa2864e4fa6243ea4L },
-      { 0x82716c47db89842eL,0x12dfd7d761479fb7L,0x3b9a2c56e0b2f6dcL,
-        0x46be862ad7f85d67L } },
-    /* 10 << 35 */
-    { { 0x03b0d8dd0f82b214L,0x460c34f9f103cbc6L,0xf32e5c0318d79e19L,
-        0x8b8888baa84117f8L },
-      { 0x8f3c37dcc0722677L,0x10d21be91c1c0f27L,0xd47c8468e0f7a0c6L,
-        0x9bf02213adecc0e0L } },
-    /* 11 << 35 */
-    { { 0x0baa7d1242b48b99L,0x1bcb665d48424096L,0x8b847cd6ebfb5cfbL,
-        0x87c2ae569ad4d10dL },
-      { 0xf1cbb1220de36726L,0xe7043c683fdfbd21L,0x4bd0826a4e79d460L,
-        0x11f5e5984bd1a2cbL } },
-    /* 12 << 35 */
-    { { 0x97554160b7fe7b6eL,0x7d16189a400a3fb2L,0xd73e9beae328ca1eL,
-        0x0dd04b97e793d8ccL },
-      { 0xa9c83c9b506db8ccL,0x5cd47aaecf38814cL,0x26fc430db64b45e6L,
-        0x079b5499d818ea84L } },
-    /* 13 << 35 */
-    { { 0xebb01102c1c24a3bL,0xca24e5681c161c1aL,0x103eea6936f00a4aL,
-        0x9ad76ee876176c7bL },
-      { 0x97451fc2538e0ff7L,0x94f898096604b3b0L,0x6311436e3249cfd7L,
-        0x27b4a7bd41224f69L } },
-    /* 14 << 35 */
-    { { 0x03b5d21ae0ac2941L,0x279b0254c2d31937L,0x3307c052cac992d0L,
-        0x6aa7cb92efa8b1f3L },
-      { 0x5a1825800d37c7a5L,0x13380c37342d5422L,0x92ac2d66d5d2ef92L,
-        0x035a70c9030c63c6L } },
-    /* 15 << 35 */
-    { { 0xc16025dd4ce4f152L,0x1f419a71f9df7c06L,0x6d5b221491e4bb14L,
-        0xfc43c6cc839fb4ceL },
-      { 0x49f06591925d6b2dL,0x4b37d9d362186598L,0x8c54a971d01b1629L,
-        0xe1a9c29f51d50e05L } },
-    /* 16 << 35 */
-    { { 0x5109b78571ba1861L,0x48b22d5cd0c8f93dL,0xe8fa84a78633bb93L,
-        0x53fba6ba5aebbd08L },
-      { 0x7ff27df3e5eea7d8L,0x521c879668ca7158L,0xb9d5133bce6f1a05L,
-        0x2d50cd53fd0ebee4L } },
-    /* 17 << 35 */
-    { { 0xc82115d6c5a3ef16L,0x993eff9dba079221L,0xe4da2c5e4b5da81cL,
-        0x9a89dbdb8033fd85L },
-      { 0x60819ebf2b892891L,0x53902b215d14a4d5L,0x6ac35051d7fda421L,
-        0xcc6ab88561c83284L } },
-    /* 18 << 35 */
-    { { 0x14eba133f74cff17L,0x240aaa03ecb813f2L,0xcfbb65406f665beeL,
-        0x084b1fe4a425ad73L },
-      { 0x009d5d16d081f6a6L,0x35304fe8eef82c90L,0xf20346d5aa9eaa22L,
-        0x0ada9f07ac1c91e3L } },
-    /* 19 << 35 */
-    { { 0xa6e21678968a6144L,0x54c1f77c07b31a1eL,0xd6bb787e5781fbe1L,
-        0x61bd2ee0e31f1c4aL },
-      { 0xf25aa1e9781105fcL,0x9cf2971f7b2f8e80L,0x26d15412cdff919bL,
-        0x01db4ebe34bc896eL } },
-    /* 20 << 35 */
-    { { 0x7d9b3e23b40df1cfL,0x5933737394e971b4L,0xbf57bd14669cf921L,
-        0x865daedf0c1a1064L },
-      { 0x3eb70bd383279125L,0xbc3d5b9f34ecdaabL,0x91e3ed7e5f755cafL,
-        0x49699f54d41e6f02L } },
-    /* 21 << 35 */
-    { { 0x185770e1d4a7a15bL,0x08f3587aeaac87e7L,0x352018db473133eaL,
-        0x674ce71904fd30fcL },
-      { 0x7b8d9835088b3e0eL,0x7a0356a95d0d47a1L,0x9d9e76596474a3c4L,
-        0x61ea48a7ff66966cL } },
-    /* 22 << 35 */
-    { { 0x304177580f3e4834L,0xfdbb21c217a9afcbL,0x756fa17f2f9a67b3L,
-        0x2a6b2421a245c1a8L },
-      { 0x64be27944af02291L,0xade465c62a5804feL,0x8dffbd39a6f08fd7L,
-        0xc4efa84caa14403bL } },
-    /* 23 << 35 */
-    { { 0xa1b91b2a442b0f5cL,0xb748e317cf997736L,0x8d1b62bfcee90e16L,
-        0x907ae2710b2078c0L },
-      { 0xdf31534b0c9bcdddL,0x043fb05439adce83L,0x99031043d826846aL,
-        0x61a9c0d6b144f393L } },
-    /* 24 << 35 */
-    { { 0xdab4804647718427L,0xdf17ff9b6e830f8bL,0x408d7ee8e49a1347L,
-        0x6ac71e2391c1d4aeL },
-      { 0xc8cbb9fd1defd73cL,0x19840657bbbbfec5L,0x39db1cb59e7ef8eaL,
-        0x78aa829664105f30L } },
-    /* 25 << 35 */
-    { { 0xa3d9b7f0a3738c29L,0x0a2f235abc3250a3L,0x55e506f6445e4cafL,
-        0x0974f73d33475f7aL },
-      { 0xd37dbba35ba2f5a8L,0x542c6e636af40066L,0x26d99b53c5d73e2cL,
-        0x06060d7d6c3ca33eL } },
-    /* 26 << 35 */
-    { { 0xcdbef1c2065fef4aL,0x77e60f7dfd5b92e3L,0xd7c549f026708350L,
-        0x201b3ad034f121bfL },
-      { 0x5fcac2a10334fc14L,0x8a9a9e09344552f6L,0x7dd8a1d397653082L,
-        0x5fc0738f79d4f289L } },
-    /* 27 << 35 */
-    { { 0x787d244d17d2d8c3L,0xeffc634570830684L,0x5ddb96dde4f73ae5L,
-        0x8efb14b1172549a5L },
-      { 0x6eb73eee2245ae7aL,0xbca4061eea11f13eL,0xb577421d30b01f5dL,
-        0xaa688b24782e152cL } },
-    /* 28 << 35 */
-    { { 0x67608e71bd3502baL,0x4ef41f24b4de75a0L,0xb08dde5efd6125e5L,
-        0xde484825a409543fL },
-      { 0x1f198d9865cc2295L,0x428a37716e0edfa2L,0x4f9697a2adf35fc7L,
-        0x01a43c79f7cac3c7L } },
-    /* 29 << 35 */
-    { { 0xb05d70590fd3659aL,0x8927f30cbb7f2d9aL,0x4023d1ac8cf984d3L,
-        0x32125ed302897a45L },
-      { 0xfb572dad3d414205L,0x73000ef2e3fa82a9L,0x4c0868e9f10a5581L,
-        0x5b61fc676b0b3ca5L } },
-    /* 30 << 35 */
-    { { 0xc1258d5b7cae440cL,0x21c08b41402b7531L,0xf61a8955de932321L,
-        0x3568faf82d1408afL },
-      { 0x71b15e999ecf965bL,0xf14ed248e917276fL,0xc6f4caa1820cf9e2L,
-        0x681b20b218d83c7eL } },
-    /* 31 << 35 */
-    { { 0x6cde738dc6c01120L,0x71db0813ae70e0dbL,0x95fc064474afe18cL,
-        0x34619053129e2be7L },
-      { 0x80615ceadb2a3b15L,0x0a49a19edb4c7073L,0x0e1b84c88fd2d367L,
-        0xd74bf462033fb8aaL } },
-    /* 32 << 35 */
-    { { 0x889f6d65533ef217L,0x7158c7e4c3ca2e87L,0xfb670dfbdc2b4167L,
-        0x75910a01844c257fL },
-      { 0xf336bf07cf88577dL,0x22245250e45e2aceL,0x2ed92e8d7ca23d85L,
-        0x29f8be4c2b812f58L } },
-    /* 33 << 35 */
-    { { 0xdd9ebaa7076fe12bL,0x3f2400cbae1537f9L,0x1aa9352817bdfb46L,
-        0xc0f9843067883b41L },
-      { 0x5590ede10170911dL,0x7562f5bb34d4b17fL,0xe1fa1df21826b8d2L,
-        0xb40b796a6bd80d59L } },
-    /* 34 << 35 */
-    { { 0xd65bf1973467ba92L,0x8c9b46dbf70954b0L,0x97c8a0f30e78f15dL,
-        0xa8f3a69a85a4c961L },
-      { 0x4242660f61e4ce9bL,0xbf06aab36ea6790cL,0xc6706f8eec986416L,
-        0x9e56dec19a9fc225L } },
-    /* 35 << 35 */
-    { { 0x527c46f49a9898d9L,0xd799e77b5633cdefL,0x24eacc167d9e4297L,
-        0xabb61cea6b1cb734L },
-      { 0xbee2e8a7f778443cL,0x3bb42bf129de2fe6L,0xcbed86a13003bb6fL,
-        0xd3918e6cd781cdf6L } },
-    /* 36 << 35 */
-    { { 0x4bee32719a5103f1L,0x5243efc6f50eac06L,0xb8e122cb6adcc119L,
-        0x1b7faa84c0b80a08L },
-      { 0x32c3d1bd6dfcd08cL,0x129dec4e0be427deL,0x98ab679c1d263c83L,
-        0xafc83cb7cef64effL } },
-    /* 37 << 35 */
-    { { 0x85eb60882fa6be76L,0x892585fb1328cbfeL,0xc154d3edcf618ddaL,
-        0xc44f601b3abaf26eL },
-      { 0x7bf57d0b2be1fdfdL,0xa833bd2d21137feeL,0x9353af362db591a8L,
-        0xc76f26dc5562a056L } },
-    /* 38 << 35 */
-    { { 0x1d87e47d3fdf5a51L,0x7afb5f9355c9cab0L,0x91bbf58f89e0586eL,
-        0x7c72c0180d843709L },
-      { 0xa9a5aafb99b5c3dcL,0xa48a0f1d3844aeb0L,0x7178b7ddb667e482L,
-        0x453985e96e23a59aL } },
-    /* 39 << 35 */
-    { { 0x4a54c86001b25dd8L,0x0dd37f48fb897c8aL,0x5f8aa6100ea90cd9L,
-        0xc8892c6816d5830dL },
-      { 0xeb4befc0ef514ca5L,0x478eb679e72c9ee6L,0x9bca20dadbc40d5fL,
-        0xf015de21dde4f64aL } },
-    /* 40 << 35 */
-    { { 0xaa6a4de0eaf4b8a5L,0x68cfd9ca4bc60e32L,0x668a4b017fd15e70L,
-        0xd9f0694af27dc09dL },
-      { 0xf6c3cad5ba708bcdL,0x5cd2ba695bb95c2aL,0xaa28c1d333c0a58fL,
-        0x23e274e3abc77870L } },
-    /* 41 << 35 */
-    { { 0x44c3692ddfd20a4aL,0x091c5fd381a66653L,0x6c0bb69109a0757dL,
-        0x9072e8b9667343eaL },
-      { 0x31d40eb080848becL,0x95bd480a79fd36ccL,0x01a77c6165ed43f5L,
-        0xafccd1272e0d40bfL } },
-    /* 42 << 35 */
-    { { 0xeccfc82d1cc1884bL,0xc85ac2015d4753b4L,0xc7a6caac658e099fL,
-        0xcf46369e04b27390L },
-      { 0xe2e7d049506467eaL,0x481b63a237cdecccL,0x4029abd8ed80143aL,
-        0x28bfe3c7bcb00b88L } },
-    /* 43 << 35 */
-    { { 0x3bec10090643d84aL,0x885f3668abd11041L,0xdb02432cf83a34d6L,
-        0x32f7b360719ceebeL },
-      { 0xf06c7837dad1fe7aL,0x60a157a95441a0b0L,0x704970e9e2d47550L,
-        0xcd2bd553271b9020L } },
-    /* 44 << 35 */
-    { { 0xff57f82f33e24a0bL,0x9cbee23ff2565079L,0x16353427eb5f5825L,
-        0x276feec4e948d662L },
-      { 0xd1b62bc6da10032bL,0x718351ddf0e72a53L,0x934520762420e7baL,
-        0x96368fff3a00118dL } },
-    /* 45 << 35 */
-    { { 0x00ce2d26150a49e4L,0x0c28b6363f04706bL,0xbad65a4658b196d0L,
-        0x6c8455fcec9f8b7cL },
-      { 0xe90c895f2d71867eL,0x5c0be31bedf9f38cL,0x2a37a15ed8f6ec04L,
-        0x239639e78cd85251L } },
-    /* 46 << 35 */
-    { { 0xd89753159c7c4c6bL,0x603aa3c0d7409af7L,0xb8d53d0c007132fbL,
-        0x68d12af7a6849238L },
-      { 0xbe0607e7bf5d9279L,0x9aa50055aada74ceL,0xe81079cbba7e8ccbL,
-        0x610c71d1a5f4ff5eL } },
-    /* 47 << 35 */
-    { { 0x9e2ee1a75aa07093L,0xca84004ba75da47cL,0x074d39513de75401L,
-        0xf938f756bb311592L },
-      { 0x9619761800a43421L,0x39a2536207bc78c8L,0x278f710a0a171276L,
-        0xb28446ea8d1a8f08L } },
-    /* 48 << 35 */
-    { { 0x184781bfe3b6a661L,0x7751cb1de6d279f7L,0xf8ff95d6c59eb662L,
-        0x186d90b758d3dea7L },
-      { 0x0e4bb6c1dfb4f754L,0x5c5cf56b2b2801dcL,0xc561e4521f54564dL,
-        0xb4fb8c60f0dd7f13L } },
-    /* 49 << 35 */
-    { { 0xf884963033ff98c7L,0x9619fffacf17769cL,0xf8090bf61bfdd80aL,
-        0x14d9a149422cfe63L },
-      { 0xb354c3606f6df9eaL,0xdbcf770d218f17eaL,0x207db7c879eb3480L,
-        0x213dbda8559b6a26L } },
-    /* 50 << 35 */
-    { { 0xac4c200b29fc81b3L,0xebc3e09f171d87c1L,0x917995301481aa9eL,
-        0x051b92e192e114faL },
-      { 0xdf8f92e9ecb5537fL,0x44b1b2cc290c7483L,0xa711455a2adeb016L,
-        0x964b685681a10c2cL } },
-    /* 51 << 35 */
-    { { 0x4f159d99cec03623L,0x05532225ef3271eaL,0xb231bea3c5ee4849L,
-        0x57a54f507094f103L },
-      { 0x3e2d421d9598b352L,0xe865a49c67412ab4L,0xd2998a251cc3a912L,
-        0x5d0928080c74d65dL } },
-    /* 52 << 35 */
-    { { 0x73f459084088567aL,0xeb6b280e1f214a61L,0x8c9adc34caf0c13dL,
-        0x39d12938f561fb80L },
-      { 0xb2dc3a5ebc6edfb4L,0x7485b1b1fe4d210eL,0x062e0400e186ae72L,
-        0x91e32d5c6eeb3b88L } },
-    /* 53 << 35 */
-    { { 0x6df574d74be59224L,0xebc88ccc716d55f3L,0x26c2e6d0cad6ed33L,
-        0xc6e21e7d0d3e8b10L },
-      { 0x2cc5840e5bcc36bbL,0x9292445e7da74f69L,0x8be8d3214e5193a8L,
-        0x3ec236298df06413L } },
-    /* 54 << 35 */
-    { { 0xc7e9ae85b134defaL,0x6073b1d01bb2d475L,0xb9ad615e2863c00dL,
-        0x9e29493d525f4ac4L },
-      { 0xc32b1dea4e9acf4fL,0x3e1f01c8a50db88dL,0xb05d70ea04da916cL,
-        0x714b0d0ad865803eL } },
-    /* 55 << 35 */
-    { { 0x4bd493fc9920cb5eL,0x5b44b1f792c7a3acL,0xa2a77293bcec9235L,
-        0x5ee06e87cd378553L },
-      { 0xceff8173da621607L,0x2bb03e4c99f5d290L,0x2945106aa6f734acL,
-        0xb5056604d25c4732L } },
-    /* 56 << 35 */
-    { { 0x5945920ce079afeeL,0x686e17a06789831fL,0x5966bee8b74a5ae5L,
-        0x38a673a21e258d46L },
-      { 0xbd1cc1f283141c95L,0x3b2ecf4f0e96e486L,0xcd3aa89674e5fc78L,
-        0x415ec10c2482fa7aL } },
-    /* 57 << 35 */
-    { { 0x1523441980503380L,0x513d917ad314b392L,0xb0b52f4e63caecaeL,
-        0x07bf22ad2dc7780bL },
-      { 0xe761e8a1e4306839L,0x1b3be9625dd7feaaL,0x4fe728de74c778f1L,
-        0xf1fa0bda5e0070f6L } },
-    /* 58 << 35 */
-    { { 0x85205a316ec3f510L,0x2c7e4a14d2980475L,0xde3c19c06f30ebfdL,
-        0xdb1c1f38d4b7e644L },
-      { 0xfe291a755dce364aL,0xb7b22a3c058f5be3L,0x2cd2c30237fea38cL,
-        0x2930967a2e17be17L } },
-    /* 59 << 35 */
-    { { 0x87f009de0c061c65L,0xcb014aacedc6ed44L,0x49bd1cb43bafb1ebL,
-        0x81bd8b5c282d3688L },
-      { 0x1cdab87ef01a17afL,0x21f37ac4e710063bL,0x5a6c567642fc8193L,
-        0xf4753e7056a6015cL } },
-    /* 60 << 35 */
-    { { 0x020f795ea15b0a44L,0x8f37c8d78958a958L,0x63b7e89ba4b675b5L,
-        0xb4fb0c0c0fc31aeaL },
-      { 0xed95e639a7ff1f2eL,0x9880f5a3619614fbL,0xdeb6ff02947151abL,
-        0x5bc5118ca868dcdbL } },
-    /* 61 << 35 */
-    { { 0xd8da20554c20cea5L,0xcac2776e14c4d69aL,0xcccb22c1622d599bL,
-        0xa4ddb65368a9bb50L },
-      { 0x2c4ff1511b4941b4L,0xe1ff19b46efba588L,0x35034363c48345e0L,
-        0x45542e3d1e29dfc4L } },
-    /* 62 << 35 */
-    { { 0xf197cb91349f7aedL,0x3b2b5a008fca8420L,0x7c175ee823aaf6d8L,
-        0x54dcf42135af32b6L },
-      { 0x0ba1430727d6561eL,0x879d5ee4d175b1e2L,0xc7c4367399807db5L,
-        0x77a544559cd55bcdL } },
-    /* 63 << 35 */
-    { { 0xe6c2ff130105c072L,0x18f7a99f8dda7da4L,0x4c3018200e2d35c1L,
-        0x06a53ca0d9cc6c82L },
-      { 0xaa21cc1ef1aa1d9eL,0x324143344a75b1e8L,0x2a6d13280ebe9fdcL,
-        0x16bd173f98a4755aL } },
-    /* 64 << 35 */
-    { { 0xfbb9b2452133ffd9L,0x39a8b2f1830f1a20L,0x484bc97dd5a1f52aL,
-        0xd6aebf56a40eddf8L },
-      { 0x32257acb76ccdac6L,0xaf4d36ec1586ff27L,0x8eaa8863f8de7dd1L,
-        0x0045d5cf88647c16L } },
-    /* 0 << 42 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 42 */
-    { { 0xa6f3d574c005979dL,0xc2072b426a40e350L,0xfca5c1568de2ecf9L,
-        0xa8c8bf5ba515344eL },
-      { 0x97aee555114df14aL,0xd4374a4dfdc5ec6bL,0x754cc28f2ca85418L,
-        0x71cb9e27d3c41f78L } },
-    /* 2 << 42 */
-    { { 0x8910507903605c39L,0xf0843d9ea142c96cL,0xf374493416923684L,
-        0x732caa2ffa0a2893L },
-      { 0xb2e8c27061160170L,0xc32788cc437fbaa3L,0x39cd818ea6eda3acL,
-        0xe2e942399e2b2e07L } },
-    /* 3 << 42 */
-    { { 0x6967d39b0260e52aL,0xd42585cc90653325L,0x0d9bd60521ca7954L,
-        0x4fa2087781ed57b3L },
-      { 0x60c1eff8e34a0bbeL,0x56b0040c84f6ef64L,0x28be2b24b1af8483L,
-        0xb2278163f5531614L } },
-    /* 4 << 42 */
-    { { 0x8df275455922ac1cL,0xa7b3ef5ca52b3f63L,0x8e77b21471de57c4L,
-        0x31682c10834c008bL },
-      { 0xc76824f04bd55d31L,0xb6d1c08617b61c71L,0x31db0903c2a5089dL,
-        0x9c092172184e5d3fL } },
-    /* 5 << 42 */
-    { { 0xdd7ced5bc00cc638L,0x1a2015eb61278fc2L,0x2e8e52886a37f8d6L,
-        0xc457786fe79933adL },
-      { 0xb3fe4cce2c51211aL,0xad9b10b224c20498L,0x90d87a4fd28db5e5L,
-        0x698cd1053aca2fc3L } },
-    /* 6 << 42 */
-    { { 0x4f112d07e91b536dL,0xceb982f29eba09d6L,0x3c157b2c197c396fL,
-        0xe23c2d417b66eb24L },
-      { 0x480c57d93f330d37L,0xb3a4c8a179108debL,0x702388decb199ce5L,
-        0x0b019211b944a8d4L } },
-    /* 7 << 42 */
-    { { 0x24f2a692840bb336L,0x7c353bdca669fa7bL,0xda20d6fcdec9c300L,
-        0x625fbe2fa13a4f17L },
-      { 0xa2b1b61adbc17328L,0x008965bfa9515621L,0x49690939c620ff46L,
-        0x182dd27d8717e91cL } },
-    /* 8 << 42 */
-    { { 0x5ace5035ea6c3997L,0x54259aaac2610befL,0xef18bb3f3c80dd39L,
-        0x6910b95b5fc3fa39L },
-      { 0xfce2f51043e09aeeL,0xced56c9fa7675665L,0x10e265acd872db61L,
-        0x6982812eae9fce69L } },
-    /* 9 << 42 */
-    { { 0x29be11c6ce800998L,0x72bb1752b90360d9L,0x2c1931975a4ad590L,
-        0x2ba2f5489fc1dbc0L },
-      { 0x7fe4eebbe490ebe0L,0x12a0a4cd7fae11c0L,0x7197cf81e903ba37L,
-        0xcf7d4aa8de1c6dd8L } },
-    /* 10 << 42 */
-    { { 0x92af6bf43fd5684cL,0x2b26eecf80360aa1L,0xbd960f3000546a82L,
-        0x407b3c43f59ad8feL },
-      { 0x86cae5fe249c82baL,0x9e0faec72463744cL,0x87f551e894916272L,
-        0x033f93446ceb0615L } },
-    /* 11 << 42 */
-    { { 0x1e5eb0d18be82e84L,0x89967f0e7a582fefL,0xbcf687d5a6e921faL,
-        0xdfee4cf3d37a09baL },
-      { 0x94f06965b493c465L,0x638b9a1c7635c030L,0x7666786466f05e9fL,
-        0xccaf6808c04da725L } },
-    /* 12 << 42 */
-    { { 0xca2eb690768fccfcL,0xf402d37db835b362L,0x0efac0d0e2fdfcceL,
-        0xefc9cdefb638d990L },
-      { 0x2af12b72d1669a8bL,0x33c536bc5774ccbdL,0x30b21909fb34870eL,
-        0xc38fa2f77df25acaL } },
-    /* 13 << 42 */
-    { { 0x74c5f02bbf81f3f5L,0x0525a5aeaf7e4581L,0x88d2aaba433c54aeL,
-        0xed9775db806a56c5L },
-      { 0xd320738ac0edb37dL,0x25fdb6ee66cc1f51L,0xac661d1710600d76L,
-        0x931ec1f3bdd1ed76L } },
-    /* 14 << 42 */
-    { { 0x65c11d6219ee43f1L,0x5cd57c3e60829d97L,0xd26c91a3984be6e8L,
-        0xf08d93098b0c53bdL },
-      { 0x94bc9e5bc016e4eaL,0xd391683911d43d2bL,0x886c5ad773701155L,
-        0xe037762620b00715L } },
-    /* 15 << 42 */
-    { { 0x7f01c9ecaa80ba59L,0x3083411a68538e51L,0x970370f1e88128afL,
-        0x625cc3db91dec14bL },
-      { 0xfef9666c01ac3107L,0xb2a8d577d5057ac3L,0xb0f2629992be5df7L,
-        0xf579c8e500353924L } },
-    /* 16 << 42 */
-    { { 0xb8fa3d931341ed7aL,0x4223272ca7b59d49L,0x3dcb194783b8c4a4L,
-        0x4e413c01ed1302e4L },
-      { 0x6d999127e17e44ceL,0xee86bf7533b3adfbL,0xf6902fe625aa96caL,
-        0xb73540e4e5aae47dL } },
-    /* 17 << 42 */
-    { { 0x32801d7b1b4a158cL,0xe571c99e27e2a369L,0x40cb76c010d9f197L,
-        0xc308c2893167c0aeL },
-      { 0xa6ef9dd3eb7958f2L,0xa7226dfc300879b1L,0x6cd0b3627edf0636L,
-        0x4efbce6c7bc37eedL } },
-    /* 18 << 42 */
-    { { 0x75f92a058d699021L,0x586d4c79772566e3L,0x378ca5f1761ad23aL,
-        0x650d86fc1465a8acL },
-      { 0x7a4ed457842ba251L,0x6b65e3e642234933L,0xaf1543b731aad657L,
-        0xa4cefe98cbfec369L } },
-    /* 19 << 42 */
-    { { 0xb587da909f47befbL,0x6562e9fb41312d13L,0xa691ea59eff1cefeL,
-        0xcc30477a05fc4cf6L },
-      { 0xa16324610b0ffd3dL,0xa1f16f3b5b355956L,0x5b148d534224ec24L,
-        0xdc834e7bf977012aL } },
-    /* 20 << 42 */
-    { { 0x7bfc5e75b2c69dbcL,0x3aa77a2903c3da6cL,0xde0df03cca910271L,
-        0xcbd5ca4a7806dc55L },
-      { 0xe1ca58076db476cbL,0xfde15d625f37a31eL,0xf49af520f41af416L,
-        0x96c5c5b17d342db5L } },
-    /* 21 << 42 */
-    { { 0x155c43b7eb4ceb9bL,0x2e9930104e77371aL,0x1d2987da675d43afL,
-        0xef2bc1c08599fd72L },
-      { 0x96894b7b9342f6b2L,0x201eadf27c8e71f0L,0xf3479d9f4a1f3efcL,
-        0xe0f8a742702a9704L } },
-    /* 22 << 42 */
-    { { 0xeafd44b6b3eba40cL,0xf9739f29c1c1e0d0L,0x0091471a619d505eL,
-        0xc15f9c969d7c263eL },
-      { 0x5be4728583afbe33L,0xa3b6d6af04f1e092L,0xe76526b9751a9d11L,
-        0x2ec5b26d9a4ae4d2L } },
-    /* 23 << 42 */
-    { { 0xeb66f4d902f6fb8dL,0x4063c56196912164L,0xeb7050c180ef3000L,
-        0x288d1c33eaa5b3f0L },
-      { 0xe87c68d607806fd8L,0xb2f7f9d54bbbf50fL,0x25972f3aac8d6627L,
-        0xf854777410e8c13bL } },
-    /* 24 << 42 */
-    { { 0xcc50ef6c872b4a60L,0xab2a34a44613521bL,0x39c5c190983e15d1L,
-        0x61dde5df59905512L },
-      { 0xe417f6219f2275f3L,0x0750c8b6451d894bL,0x75b04ab978b0bdaaL,
-        0x3bfd9fd4458589bdL } },
-    /* 25 << 42 */
-    { { 0xf1013e30ee9120b6L,0x2b51af9323a4743eL,0xea96ffae48d14d9eL,
-        0x71dc0dbe698a1d32L },
-      { 0x914962d20180cca4L,0x1ae60677c3568963L,0x8cf227b1437bc444L,
-        0xc650c83bc9962c7aL } },
-    /* 26 << 42 */
-    { { 0x23c2c7ddfe7ccfc4L,0xf925c89d1b929d48L,0x4460f74b06783c33L,
-        0xac2c8d49a590475aL },
-      { 0xfb40b407b807bba0L,0x9d1e362d69ff8f3aL,0xa33e9681cbef64a4L,
-        0x67ece5fa332fb4b2L } },
-    /* 27 << 42 */
-    { { 0x6900a99b739f10e3L,0xc3341ca9ff525925L,0xee18a626a9e2d041L,
-        0xa5a8368529580dddL },
-      { 0xf3470c819d7de3cdL,0xedf025862062cf9cL,0xf43522fac010edb0L,
-        0x3031413513a4b1aeL } },
-    /* 28 << 42 */
-    { { 0xc792e02adb22b94bL,0x993d8ae9a1eaa45bL,0x8aad6cd3cd1e1c63L,
-        0x89529ca7c5ce688aL },
-      { 0x2ccee3aae572a253L,0xe02b643802a21efbL,0xa7091b6ec9430358L,
-        0x06d1b1fa9d7db504L } },
-    /* 29 << 42 */
-    { { 0x58846d32c4744733L,0x40517c71379f9e34L,0x2f65655f130ef6caL,
-        0x526e4488f1f3503fL },
-      { 0x8467bd177ee4a976L,0x1d9dc913921363d1L,0xd8d24c33b069e041L,
-        0x5eb5da0a2cdf7f51L } },
-    /* 30 << 42 */
-    { { 0x1c0f3cb1197b994fL,0x3c95a6c52843eae9L,0x7766ffc9a6097ea5L,
-        0x7bea4093d723b867L },
-      { 0xb48e1f734db378f9L,0x70025b00e37b77acL,0x943dc8e7af24ad46L,
-        0xb98a15ac16d00a85L } },
-    /* 31 << 42 */
-    { { 0x3adc38ba2743b004L,0xb1c7f4f7334415eeL,0xea43df8f1e62d05aL,
-        0x326189059d76a3b6L },
-      { 0x2fbd0bb5a23a0f46L,0x5bc971db6a01918cL,0x7801d94ab4743f94L,
-        0xb94df65e676ae22bL } },
-    /* 32 << 42 */
-    { { 0xaafcbfabaf95894cL,0x7b9bdc07276b2241L,0xeaf983625bdda48bL,
-        0x5977faf2a3fcb4dfL },
-      { 0xbed042ef052c4b5bL,0x9fe87f71067591f0L,0xc89c73ca22f24ec7L,
-        0x7d37fa9ee64a9f1bL } },
-    /* 33 << 42 */
-    { { 0x2710841a15562627L,0x2c01a613c243b034L,0x1d135c562bc68609L,
-        0xc2ca17158b03f1f6L },
-      { 0xc9966c2d3eb81d82L,0xc02abf4a8f6df13eL,0x77b34bd78f72b43bL,
-        0xaff6218f360c82b0L } },
-    /* 34 << 42 */
-    { { 0x0aa5726c8d55b9d2L,0xdc0adbe999e9bffbL,0x9097549cefb9e72aL,
-        0x167557129dfb3111L },
-      { 0xdd8bf984f26847f9L,0xbcb8e387dfb30cb7L,0xc1fd32a75171ef9cL,
-        0x977f3fc7389b363fL } },
-    /* 35 << 42 */
-    { { 0x116eaf2bf4babda0L,0xfeab68bdf7113c8eL,0xd1e3f064b7def526L,
-        0x1ac30885e0b3fa02L },
-      { 0x1c5a6e7b40142d9dL,0x839b560330921c0bL,0x48f301fa36a116a3L,
-        0x380e1107cfd9ee6dL } },
-    /* 36 << 42 */
-    { { 0x7945ead858854be1L,0x4111c12ecbd4d49dL,0xece3b1ec3a29c2efL,
-        0x6356d4048d3616f5L },
-      { 0x9f0d6a8f594d320eL,0x0989316df651ccd2L,0x6c32117a0f8fdde4L,
-        0x9abe5cc5a26a9bbcL } },
-    /* 37 << 42 */
-    { { 0xcff560fb9723f671L,0x21b2a12d7f3d593cL,0xe4cb18da24ba0696L,
-        0x186e2220c3543384L },
-      { 0x722f64e088312c29L,0x94282a9917dc7752L,0x62467bbf5a85ee89L,
-        0xf435c650f10076a0L } },
-    /* 38 << 42 */
-    { { 0xc9ff153943b3a50bL,0x7132130c1a53efbcL,0x31bfe063f7b0c5b7L,
-        0xb0179a7d4ea994ccL },
-      { 0x12d064b3c85f455bL,0x472593288f6e0062L,0xf64e590bb875d6d9L,
-        0x22dd6225ad92bcc7L } },
-    /* 39 << 42 */
-    { { 0xb658038eb9c3bd6dL,0x00cdb0d6fbba27c8L,0x0c6813371062c45dL,
-        0xd8515b8c2d33407dL },
-      { 0xcb8f699e8cbb5ecfL,0x8c4347f8c608d7d8L,0x2c11850abb3e00dbL,
-        0x20a8dafdecb49d19L } },
-    /* 40 << 42 */
-    { { 0xbd78148045ee2f40L,0x75e354af416b60cfL,0xde0b58a18d49a8c4L,
-        0xe40e94e2fa359536L },
-      { 0xbd4fa59f62accd76L,0x05cf466a8c762837L,0xb5abda99448c277bL,
-        0x5a9e01bf48b13740L } },
-    /* 41 << 42 */
-    { { 0x9d457798326aad8dL,0xbdef4954c396f7e7L,0x6fb274a2c253e292L,
-        0x2800bf0a1cfe53e7L },
-      { 0x22426d3144438fd4L,0xef2339235e259f9aL,0x4188503c03f66264L,
-        0x9e5e7f137f9fdfabL } },
-    /* 42 << 42 */
-    { { 0x565eb76c5fcc1abaL,0xea63254859b5bff8L,0x5587c087aab6d3faL,
-        0x92b639ea6ce39c1bL },
-      { 0x0706e782953b135cL,0x7308912e425268efL,0x599e92c7090e7469L,
-        0x83b90f529bc35e75L } },
-    /* 43 << 42 */
-    { { 0x4750b3d0244975b3L,0xf3a4435811965d72L,0x179c67749c8dc751L,
-        0xff18cdfed23d9ff0L },
-      { 0xc40138332028e247L,0x96e280e2f3bfbc79L,0xf60417bdd0880a84L,
-        0x263c9f3d2a568151L } },
-    /* 44 << 42 */
-    { { 0x36be15b32d2ce811L,0x846dc0c2f8291d21L,0x5cfa0ecb789fcfdbL,
-        0x45a0beedd7535b9aL },
-      { 0xec8e9f0796d69af1L,0x31a7c5b8599ab6dcL,0xd36d45eff9e2e09fL,
-        0x3cf49ef1dcee954bL } },
-    /* 45 << 42 */
-    { { 0x6be34cf3086cff9bL,0x88dbd49139a3360fL,0x1e96b8cc0dbfbd1dL,
-        0xc1e5f7bfcb7e2552L },
-      { 0x0547b21428819d98L,0xc770dd9c7aea9dcbL,0xaef0d4c7041d68c8L,
-        0xcc2b981813cb9ba8L } },
-    /* 46 << 42 */
-    { { 0x7fc7bc76fe86c607L,0x6b7b9337502a9a95L,0x1948dc27d14dab63L,
-        0x249dd198dae047beL },
-      { 0xe8356584a981a202L,0x3531dd183a893387L,0x1be11f90c85c7209L,
-        0x93d2fe1ee2a52b5aL } },
-    /* 47 << 42 */
-    { { 0x8225bfe2ec6d6b97L,0x9cf6d6f4bd0aa5deL,0x911459cb54779f5fL,
-        0x5649cddb86aeb1f3L },
-      { 0x321335793f26ce5aL,0xc289a102550f431eL,0x559dcfda73b84c6fL,
-        0x84973819ee3ac4d7L } },
-    /* 48 << 42 */
-    { { 0xb51e55e6f2606a82L,0xe25f706190f2fb57L,0xacef6c2ab1a4e37cL,
-        0x864e359d5dcf2706L },
-      { 0x479e6b187ce57316L,0x2cab25003a96b23dL,0xed4898628ef16df7L,
-        0x2056538cef3758b5L } },
-    /* 49 << 42 */
-    { { 0xa7df865ef15d3101L,0x80c5533a61b553d7L,0x366e19974ed14294L,
-        0x6620741fb3c0bcd6L },
-      { 0x21d1d9c4edc45418L,0x005b859ec1cc4a9dL,0xdf01f630a1c462f0L,
-        0x15d06cf3f26820c7L } },
-    /* 50 << 42 */
-    { { 0x9f7f24ee3484be47L,0x2ff33e964a0c902fL,0x00bdf4575a0bc453L,
-        0x2378dfaf1aa238dbL },
-      { 0x272420ec856720f2L,0x2ad9d95b96797291L,0xd1242cc6768a1558L,
-        0x2e287f8b5cc86aa8L } },
-    /* 51 << 42 */
-    { { 0x796873d0990cecaaL,0xade55f81675d4080L,0x2645eea321f0cd84L,
-        0x7a1efa0fb4e17d02L },
-      { 0xf6858420037cc061L,0x682e05f0d5d43e12L,0x59c3699427218710L,
-        0x85cbba4d3f7cd2fcL } },
-    /* 52 << 42 */
-    { { 0x726f97297a3cd22aL,0x9f8cd5dc4a628397L,0x17b93ab9c23165edL,
-        0xff5f5dbf122823d4L },
-      { 0xc1e4e4b5654a446dL,0xd1a9496f677257baL,0x6387ba94de766a56L,
-        0x23608bc8521ec74aL } },
-    /* 53 << 42 */
-    { { 0x16a522d76688c4d4L,0x9d6b428207373abdL,0xa62f07acb42efaa3L,
-        0xf73e00f7e3b90180L },
-      { 0x36175fec49421c3eL,0xc4e44f9b3dcf2678L,0x76df436b7220f09fL,
-        0x172755fb3aa8b6cfL } },
-    /* 54 << 42 */
-    { { 0xbab89d57446139ccL,0x0a0a6e025fe0208fL,0xcdbb63e211e5d399L,
-        0x33ecaa12a8977f0bL },
-      { 0x59598b21f7c42664L,0xb3e91b32ab65d08aL,0x035822eef4502526L,
-        0x1dcf0176720a82a9L } },
-    /* 55 << 42 */
-    { { 0x50f8598f3d589e02L,0xdf0478ffb1d63d2cL,0x8b8068bd1571cd07L,
-        0x30c3aa4fd79670cdL },
-      { 0x25e8fd4b941ade7fL,0x3d1debdc32790011L,0x65b6dcbd3a3f9ff0L,
-        0x282736a4793de69cL } },
-    /* 56 << 42 */
-    { { 0xef69a0c3d41d3bd3L,0xb533b8c907a26bdeL,0xe2801d97db2edf9fL,
-        0xdc4a8269e1877af0L },
-      { 0x6c1c58513d590dbeL,0x84632f6bee4e9357L,0xd36d36b779b33374L,
-        0xb46833e39bbca2e6L } },
-    /* 57 << 42 */
-    { { 0x37893913f7fc0586L,0x385315f766bf4719L,0x72c56293b31855dcL,
-        0xd1416d4e849061feL },
-      { 0xbeb3ab7851047213L,0x447f6e61f040c996L,0xd06d310d638b1d0cL,
-        0xe28a413fbad1522eL } },
-    /* 58 << 42 */
-    { { 0x685a76cb82003f86L,0x610d07f70bcdbca3L,0x6ff660219ca4c455L,
-        0x7df39b87cea10eecL },
-      { 0xb9255f96e22db218L,0x8cc6d9eb08a34c44L,0xcd4ffb86859f9276L,
-        0x8fa15eb250d07335L } },
-    /* 59 << 42 */
-    { { 0xdf553845cf2c24b5L,0x89f66a9f52f9c3baL,0x8f22b5b9e4a7ceb3L,
-        0xaffef8090e134686L },
-      { 0x3e53e1c68eb8fac2L,0x93c1e4eb28aec98eL,0xb6b91ec532a43bcbL,
-        0x2dbfa947b2d74a51L } },
-    /* 60 << 42 */
-    { { 0xe065d190ca84bad7L,0xfb13919fad58e65cL,0x3c41718bf1cb6e31L,
-        0x688969f006d05c3fL },
-      { 0xd4f94ce721264d45L,0xfdfb65e97367532bL,0x5b1be8b10945a39dL,
-        0x229f789c2b8baf3bL } },
-    /* 61 << 42 */
-    { { 0xd8f41f3e6f49f15dL,0x678ce828907f0792L,0xc69ace82fca6e867L,
-        0x106451aed01dcc89L },
-      { 0x1bb4f7f019fc32d2L,0x64633dfcb00c52d2L,0x8f13549aad9ea445L,
-        0x99a3bf50fb323705L } },
-    /* 62 << 42 */
-    { { 0x0c9625a2534d4dbcL,0x45b8f1d1c2a2fea3L,0x76ec21a1a530fc1aL,
-        0x4bac9c2a9e5bd734L },
-      { 0x5996d76a7b4e3587L,0x0045cdee1182d9e3L,0x1aee24b91207f13dL,
-        0x66452e9797345a41L } },
-    /* 63 << 42 */
-    { { 0x16e5b0549f950cd0L,0x9cc72fb1d7fdd075L,0x6edd61e766249663L,
-        0xde4caa4df043cccbL },
-      { 0x11b1f57a55c7ac17L,0x779cbd441a85e24dL,0x78030f86e46081e7L,
-        0xfd4a60328e20f643L } },
-    /* 64 << 42 */
-    { { 0xcc7a64880a750c0fL,0x39bacfe34e548e83L,0x3d418c760c110f05L,
-        0x3e4daa4cb1f11588L },
-      { 0x2733e7b55ffc69ffL,0x46f147bc92053127L,0x885b2434d722df94L,
-        0x6a444f65e6fc6b7cL } },
-    /* 0 << 49 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 49 */
-    { { 0x7a1a465ac3f16ea8L,0x115a461db2f1d11cL,0x4767dd956c68a172L,
-        0x3392f2ebd13a4698L },
-      { 0xc7a99ccde526cdc7L,0x8e537fdc22292b81L,0x76d8cf69a6d39198L,
-        0xffc5ff432446852dL } },
-    /* 2 << 49 */
-    { { 0x97b14f7ea90567e6L,0x513257b7b6ae5cb7L,0x85454a3c9f10903dL,
-        0xd8d2c9ad69bc3724L },
-      { 0x38da93246b29cb44L,0xb540a21d77c8cbacL,0x9bbfe43501918e42L,
-        0xfffa707a56c3614eL } },
-    /* 3 << 49 */
-    { { 0x0ce4e3f1d4e353b7L,0x062d8a14ef46b0a0L,0x6408d5ab574b73fdL,
-        0xbc41d1c9d3273ffdL },
-      { 0x3538e1e76be77800L,0x71fe8b37c5655031L,0x1cd916216b9b331aL,
-        0xad825d0bbb388f73L } },
-    /* 4 << 49 */
-    { { 0x56c2e05b1cb76219L,0x0ec0bf9171567e7eL,0xe7076f8661c4c910L,
-        0xd67b085bbabc04d9L },
-      { 0x9fb904595e93a96aL,0x7526c1eafbdc249aL,0x0d44d367ecdd0bb7L,
-        0x953999179dc0d695L } },
-    /* 5 << 49 */
-    { { 0x61360ee99e240d18L,0x057cdcacb4b94466L,0xe7667cd12fe5325cL,
-        0x1fa297b521974e3bL },
-      { 0xfa4081e7db083d76L,0x31993be6f206bd15L,0x8949269b14c19f8cL,
-        0x21468d72a9d92357L } },
-    /* 6 << 49 */
-    { { 0x2ccbc583a4c506ecL,0x957ed188d1acfe97L,0x8baed83312f1aea2L,
-        0xef2a6cb48325362dL },
-      { 0x130dde428e195c43L,0xc842025a0e6050c6L,0x2da972a708686a5dL,
-        0xb52999a1e508b4a8L } },
-    /* 7 << 49 */
-    { { 0xd9f090b910a5a8bdL,0xca91d249096864daL,0x8e6a93be3f67dbc1L,
-        0xacae6fbaf5f4764cL },
-      { 0x1563c6e0d21411a0L,0x28fa787fda0a4ad8L,0xd524491c908c8030L,
-        0x1257ba0e4c795f07L } },
-    /* 8 << 49 */
-    { { 0x83f49167ceca9754L,0x426d2cf64b7939a0L,0x2555e355723fd0bfL,
-        0xa96e6d06c4f144e2L },
-      { 0x4768a8dd87880e61L,0x15543815e508e4d5L,0x09d7e772b1b65e15L,
-        0x63439dd6ac302fa0L } },
-    /* 9 << 49 */
-    { { 0xb93f802fc14e35c2L,0x71735b7c4341333cL,0x03a2510416d4f362L,
-        0x3f4d069bbf433c8eL },
-      { 0x0d83ae01f78f5a7cL,0x50a8ffbe7c4eed07L,0xc74f890676e10f83L,
-        0x7d0809669ddaf8e1L } },
-    /* 10 << 49 */
-    { { 0xb11df8e1698e04ccL,0x877be203169005c8L,0x32749e8c4f3c6179L,
-        0x2dbc9d0a7853fc05L },
-      { 0x187d4f939454d937L,0xe682ce9db4800e1bL,0xa9129ad8165e68e8L,
-        0x0fe29735be7f785bL } },
-    /* 11 << 49 */
-    { { 0x5303f40c5b9e02b7L,0xa37c969235ee04e8L,0x5f46cc2034d6632bL,
-        0x55ef72b296ac545bL },
-      { 0xabec5c1f7b91b062L,0x0a79e1c7bb33e821L,0xbb04b4283a9f4117L,
-        0x0de1f28ffd2a475aL } },
-    /* 12 << 49 */
-    { { 0x31019ccf3a4434b4L,0xa34581111a7954dcL,0xa9dac80de34972a7L,
-        0xb043d05474f6b8ddL },
-      { 0x021c319e11137b1aL,0x00a754ceed5cc03fL,0x0aa2c794cbea5ad4L,
-        0x093e67f470c015b6L } },
-    /* 13 << 49 */
-    { { 0x72cdfee9c97e3f6bL,0xc10bcab4b6da7461L,0x3b02d2fcb59806b9L,
-        0x85185e89a1de6f47L },
-      { 0x39e6931f0eb6c4d4L,0x4d4440bdd4fa5b04L,0x5418786e34be7eb8L,
-        0x6380e5219d7259bcL } },
-    /* 14 << 49 */
-    { { 0x20ac0351d598d710L,0x272c4166cb3a4da4L,0xdb82fe1aca71de1fL,
-        0x746e79f2d8f54b0fL },
-      { 0x6e7fc7364b573e9bL,0x75d03f46fd4b5040L,0x5c1cc36d0b98d87bL,
-        0x513ba3f11f472da1L } },
-    /* 15 << 49 */
-    { { 0x79d0af26abb177ddL,0xf82ab5687891d564L,0x2b6768a972232173L,
-        0xefbb3bb08c1f6619L },
-      { 0xb29c11dba6d18358L,0x519e2797b0916d3aL,0xd4dc18f09188e290L,
-        0x648e86e398b0ca7fL } },
-    /* 16 << 49 */
-    { { 0x859d3145983c38b5L,0xb14f176c637abc8bL,0x2793fb9dcaff7be6L,
-        0xebe5a55f35a66a5aL },
-      { 0x7cec1dcd9f87dc59L,0x7c595cd3fbdbf560L,0x5b543b2226eb3257L,
-        0x69080646c4c935fdL } },
-    /* 17 << 49 */
-    { { 0x7f2e440381e9ede3L,0x243c3894caf6df0aL,0x7c605bb11c073b11L,
-        0xcd06a541ba6a4a62L },
-      { 0x2916894949d4e2e5L,0x33649d074af66880L,0xbfc0c885e9a85035L,
-        0xb4e52113fc410f4bL } },
-    /* 18 << 49 */
-    { { 0xdca3b70678a6513bL,0x92ea4a2a9edb1943L,0x02642216db6e2dd8L,
-        0x9b45d0b49fd57894L },
-      { 0x114e70dbc69d11aeL,0x1477dd194c57595fL,0xbc2208b4ec77c272L,
-        0x95c5b4d7db68f59cL } },
-    /* 19 << 49 */
-    { { 0xb8c4fc6342e532b7L,0x386ba4229ae35290L,0xfb5dda42d201ecbcL,
-        0x2353dc8ba0e38fd6L },
-      { 0x9a0b85ea68f7e978L,0x96ec56822ad6d11fL,0x5e279d6ce5f6886dL,
-        0xd3fe03cd3cb1914dL } },
-    /* 20 << 49 */
-    { { 0xfe541fa47ea67c77L,0x952bd2afe3ea810cL,0x791fef568d01d374L,
-        0xa3a1c6210f11336eL },
-      { 0x5ad0d5a9c7ec6d79L,0xff7038af3225c342L,0x003c6689bc69601bL,
-        0x25059bc745e8747dL } },
-    /* 21 << 49 */
-    { { 0xfa4965b2f2086fbfL,0xf6840ea686916078L,0xd7ac762070081d6cL,
-        0xe600da31b5328645L },
-      { 0x01916f63529b8a80L,0xe80e48582d7d6f3eL,0x29eb0fe8d664ca7cL,
-        0xf017637be7b43b0cL } },
-    /* 22 << 49 */
-    { { 0x9a75c80676cb2566L,0x8f76acb1b24892d9L,0x7ae7b9cc1f08fe45L,
-        0x19ef73296a4907d8L },
-      { 0x2db4ab715f228bf0L,0xf3cdea39817032d7L,0x0b1f482edcabe3c0L,
-        0x3baf76b4bb86325cL } },
-    /* 23 << 49 */
-    { { 0xd49065e010089465L,0x3bab5d298e77c596L,0x7636c3a6193dbd95L,
-        0xdef5d294b246e499L },
-      { 0xb22c58b9286b2475L,0xa0b93939cd80862bL,0x3002c83af0992388L,
-        0x6de01f9beacbe14cL } },
-    /* 24 << 49 */
-    { { 0x6aac688eadd70482L,0x708de92a7b4a4e8aL,0x75b6dd73758a6eefL,
-        0xea4bf352725b3c43L },
-      { 0x10041f2c87912868L,0xb1b1be95ef09297aL,0x19ae23c5a9f3860aL,
-        0xc4f0f839515dcf4bL } },
-    /* 25 << 49 */
-    { { 0x3c7ecca397f6306aL,0x744c44ae68a3a4b0L,0x69cd13a0b3a1d8a2L,
-        0x7cad0a1e5256b578L },
-      { 0xea653fcd33791d9eL,0x9cc2a05d74b2e05fL,0x73b391dcfd7affa2L,
-        0xddb7091eb6b05442L } },
-    /* 26 << 49 */
-    { { 0xc71e27bf8538a5c6L,0x195c63dd89abff17L,0xfd3152851b71e3daL,
-        0x9cbdfda7fa680fa0L },
-      { 0x9db876ca849d7eabL,0xebe2764b3c273271L,0x663357e3f208dceaL,
-        0x8c5bd833565b1b70L } },
-    /* 27 << 49 */
-    { { 0xccc3b4f59837fc0dL,0x9b641ba8a79cf00fL,0x7428243ddfdf3990L,
-        0x83a594c4020786b1L },
-      { 0xb712451a526c4502L,0x9d39438e6adb3f93L,0xfdb261e3e9ff0ccdL,
-        0x80344e3ce07af4c3L } },
-    /* 28 << 49 */
-    { { 0x75900d7c2fa4f126L,0x08a3b8655c99a232L,0x2478b6bfdb25e0c3L,
-        0x482cc2c271db2edfL },
-      { 0x37df7e645f321bb8L,0x8a93821b9a8005b4L,0x3fa2f10ccc8c1958L,
-        0x0d3322182c269d0aL } },
-    /* 29 << 49 */
-    { { 0x20ab8119e246b0e6L,0xb39781e4d349fd17L,0xd293231eb31aa100L,
-        0x4b779c97bb032168L },
-      { 0x4b3f19e1c8470500L,0x45b7efe90c4c869dL,0xdb84f38aa1a6bbccL,
-        0x3b59cb15b2fddbc1L } },
-    /* 30 << 49 */
-    { { 0xba5514df3fd165e8L,0x499fd6a9061f8811L,0x72cd1fe0bfef9f00L,
-        0x120a4bb979ad7e8aL },
-      { 0xf2ffd0955f4a5ac5L,0xcfd174f195a7a2f0L,0xd42301ba9d17baf1L,
-        0xd2fa487a77f22089L } },
-    /* 31 << 49 */
-    { { 0x9cb09efeb1dc77e1L,0xe956693921c99682L,0x8c5469016c6067bbL,
-        0xfd37857461c24456L },
-      { 0x2b6a6cbe81796b33L,0x62d550f658e87f8bL,0x1b763e1c7f1b01b4L,
-        0x4b93cfea1b1b5e12L } },
-    /* 32 << 49 */
-    { { 0xb93452381d531696L,0x57201c0088cdde69L,0xdde922519a86afc7L,
-        0xe3043895bd35cea8L },
-      { 0x7608c1e18555970dL,0x8267dfa92535935eL,0xd4c60a57322ea38bL,
-        0xe0bf7977804ef8b5L } },
-    /* 33 << 49 */
-    { { 0x1a0dab28c06fece4L,0xd405991e94e7b49dL,0xc542b6d2706dab28L,
-        0xcb228da3a91618fbL },
-      { 0x224e4164107d1ceaL,0xeb9fdab3d0f5d8f1L,0xc02ba3860d6e41cdL,
-        0x676a72c59b1f7146L } },
-    /* 34 << 49 */
-    { { 0xffd6dd984d6cb00bL,0xcef9c5cade2e8d7cL,0xa1bbf5d7641c7936L,
-        0x1b95b230ee8f772eL },
-      { 0xf765a92ee8ac25b1L,0xceb04cfc3a18b7c6L,0x27944cef0acc8966L,
-        0xcbb3c957434c1004L } },
-    /* 35 << 49 */
-    { { 0x9c9971a1a43ff93cL,0x5bc2db17a1e358a9L,0x45b4862ea8d9bc82L,
-        0x70ebfbfb2201e052L },
-      { 0xafdf64c792871591L,0xea5bcae6b42d0219L,0xde536c552ad8f03cL,
-        0xcd6c3f4da76aa33cL } },
-    /* 36 << 49 */
-    { { 0xbeb5f6230bca6de3L,0xdd20dd99b1e706fdL,0x90b3ff9dac9059d4L,
-        0x2d7b29027ccccc4eL },
-      { 0x8a090a59ce98840fL,0xa5d947e08410680aL,0x49ae346a923379a5L,
-        0x7dbc84f9b28a3156L } },
-    /* 37 << 49 */
-    { { 0xfd40d91654a1aff2L,0xabf318ba3a78fb9bL,0x50152ed83029f95eL,
-        0x9fc1dd77c58ad7faL },
-      { 0x5fa5791513595c17L,0xb95046688f62b3a9L,0x907b5b24ff3055b0L,
-        0x2e995e359a84f125L } },
-    /* 38 << 49 */
-    { { 0x87dacf697e9bbcfbL,0x95d0c1d6e86d96e3L,0x65726e3c2d95a75cL,
-        0x2c3c9001acd27f21L },
-      { 0x1deab5616c973f57L,0x108b7e2ca5221643L,0x5fee9859c4ef79d4L,
-        0xbd62b88a40d4b8c6L } },
-    /* 39 << 49 */
-    { { 0xb4dd29c4197c75d6L,0x266a6df2b7076febL,0x9512d0ea4bf2df11L,
-        0x1320c24f6b0cc9ecL },
-      { 0x6bb1e0e101a59596L,0x8317c5bbeff9aaacL,0x65bb405e385aa6c9L,
-        0x613439c18f07988fL } },
-    /* 40 << 49 */
-    { { 0xd730049f16a66e91L,0xe97f2820fa1b0e0dL,0x4131e003304c28eaL,
-        0x820ab732526bac62L },
-      { 0xb2ac9ef928714423L,0x54ecfffaadb10cb2L,0x8781476ef886a4ccL,
-        0x4b2c87b5db2f8d49L } },
-    /* 41 << 49 */
-    { { 0xe857cd200a44295dL,0x707d7d2158c6b044L,0xae8521f9f596757cL,
-        0x87448f0367b2b714L },
-      { 0x13a9bc455ebcd58dL,0x79bcced99122d3c1L,0x3c6442479e076642L,
-        0x0cf227782df4767dL } },
-    /* 42 << 49 */
-    { { 0x5e61aee471d444b6L,0x211236bfc5084a1dL,0x7e15bc9a4fd3eaf6L,
-        0x68df2c34ab622bf5L },
-      { 0x9e674f0f59bf4f36L,0xf883669bd7f34d73L,0xc48ac1b831497b1dL,
-        0x323b925d5106703bL } },
-    /* 43 << 49 */
-    { { 0x22156f4274082008L,0xeffc521ac8482bcbL,0x5c6831bf12173479L,
-        0xcaa2528fc4739490L },
-      { 0x84d2102a8f1b3c4dL,0xcf64dfc12d9bec0dL,0x433febad78a546efL,
-        0x1f621ec37b73cef1L } },
-    /* 44 << 49 */
-    { { 0x6aecd62737338615L,0x162082ab01d8edf6L,0x833a811919e86b66L,
-        0x6023a251d299b5dbL },
-      { 0xf5bb0c3abbf04b89L,0x6735eb69ae749a44L,0xd0e058c54713de3bL,
-        0xfdf2593e2c3d4ccdL } },
-    /* 45 << 49 */
-    { { 0x1b8f414efdd23667L,0xdd52aacafa2015eeL,0x3e31b517bd9625ffL,
-        0x5ec9322d8db5918cL },
-      { 0xbc73ac85a96f5294L,0x82aa5bf361a0666aL,0x49755810bf08ac42L,
-        0xd21cdfd5891cedfcL } },
-    /* 46 << 49 */
-    { { 0x918cb57b67f8be10L,0x365d1a7c56ffa726L,0x2435c5046532de93L,
-        0xc0fc5e102674cd02L },
-      { 0x6e51fcf89cbbb142L,0x1d436e5aafc50692L,0x766bffff3fbcae22L,
-        0x3148c2fdfd55d3b8L } },
-    /* 47 << 49 */
-    { { 0x52c7fdc9233222faL,0x89ff1092e419fb6bL,0x3cd6db9925254977L,
-        0x2e85a1611cf12ca7L },
-      { 0xadd2547cdc810bc9L,0xea3f458f9d257c22L,0x642c1fbe27d6b19bL,
-        0xed07e6b5140481a6L } },
-    /* 48 << 49 */
-    { { 0x6ada1d4286d2e0f8L,0xe59201220e8a9fd5L,0x02c936af708c1b49L,
-        0x60f30fee2b4bfaffL },
-      { 0x6637ad06858e6a61L,0xce4c77673fd374d0L,0x39d54b2d7188defbL,
-        0xa8c9d250f56a6b66L } },
-    /* 49 << 49 */
-    { { 0x58fc0f5eb24fe1dcL,0x9eaf9dee6b73f24cL,0xa90d588b33650705L,
-        0xde5b62c5af2ec729L },
-      { 0x5c72cfaed3c2b36eL,0x868c19d5034435daL,0x88605f93e17ee145L,
-        0xaa60c4ee77a5d5b1L } },
-    /* 50 << 49 */
-    { { 0xbcf5bfd23b60c472L,0xaf4ef13ceb1d3049L,0x373f44fce13895c9L,
-        0xf29b382f0cbc9822L },
-      { 0x1bfcb85373efaef6L,0xcf56ac9ca8c96f40L,0xd7adf1097a191e24L,
-        0x98035f44bf8a8dc2L } },
-    /* 51 << 49 */
-    { { 0xf40a71b91e750c84L,0xc57f7b0c5dc6c469L,0x49a0e79c6fbc19c1L,
-        0x6b0f5889a48ebdb8L },
-      { 0x5d3fd084a07c4e9fL,0xc3830111ab27de14L,0x0e4929fe33e08dccL,
-        0xf4a5ad2440bb73a3L } },
-    /* 52 << 49 */
-    { { 0xde86c2bf490f97caL,0x288f09c667a1ce18L,0x364bb8861844478dL,
-        0x7840fa42ceedb040L },
-      { 0x1269fdd25a631b37L,0x94761f1ea47c8b7dL,0xfc0c2e17481c6266L,
-        0x85e16ea23daa5fa7L } },
-    /* 53 << 49 */
-    { { 0xccd8603392491048L,0x0c2f6963f4d402d7L,0x6336f7dfdf6a865cL,
-        0x0a2a463cb5c02a87L },
-      { 0xb0e29be7bf2f12eeL,0xf0a2200266bad988L,0x27f87e039123c1d7L,
-        0x21669c55328a8c98L } },
-    /* 54 << 49 */
-    { { 0x186b980392f14529L,0xd3d056cc63954df3L,0x2f03fd58175a46f6L,
-        0x63e34ebe11558558L },
-      { 0xe13fedee5b80cfa5L,0xe872a120d401dbd1L,0x52657616e8a9d667L,
-        0xbc8da4b6e08d6693L } },
-    /* 55 << 49 */
-    { { 0x370fb9bb1b703e75L,0x6773b186d4338363L,0x18dad378ecef7bffL,
-        0xaac787ed995677daL },
-      { 0x4801ea8b0437164bL,0xf430ad2073fe795eL,0xb164154d8ee5eb73L,
-        0x0884ecd8108f7c0eL } },
-    /* 56 << 49 */
-    { { 0x0e6ec0965f520698L,0x640631fe44f7b8d9L,0x92fd34fca35a68b9L,
-        0x9c5a4b664d40cf4eL },
-      { 0x949454bf80b6783dL,0x80e701fe3a320a10L,0x8d1a564a1a0a39b2L,
-        0x1436d53d320587dbL } },
-    /* 57 << 49 */
-    { { 0xf5096e6d6556c362L,0xbc23a3c0e2455d7eL,0x3a7aee54807230f9L,
-        0x9ba1cfa622ae82fdL },
-      { 0x833a057a99c5d706L,0x8be85f4b842315c9L,0xd083179a66a72f12L,
-        0x2fc77d5dcdcc73cdL } },
-    /* 58 << 49 */
-    { { 0x22b88a805616ee30L,0xfb09548fe7ab1083L,0x8ad6ab0d511270cdL,
-        0x61f6c57a6924d9abL },
-      { 0xa0f7bf7290aecb08L,0x849f87c90df784a4L,0x27c79c15cfaf1d03L,
-        0xbbf9f675c463faceL } },
-    /* 59 << 49 */
-    { { 0x91502c65765ba543L,0x18ce3cac42ea60ddL,0xe5cee6ac6e43ecb3L,
-        0x63e4e91068f2aeebL },
-      { 0x26234fa3c85932eeL,0x96883e8b4c90c44dL,0x29b9e738a18a50f6L,
-        0xbfc62b2a3f0420dfL } },
-    /* 60 << 49 */
-    { { 0xd22a7d906d3e1fa9L,0x17115618fe05b8a3L,0x2a0c9926bb2b9c01L,
-        0xc739fcc6e07e76a2L },
-      { 0x540e9157165e439aL,0x06353a626a9063d8L,0x84d9559461e927a3L,
-        0x013b9b26e2e0be7fL } },
-    /* 61 << 49 */
-    { { 0x4feaec3b973497f1L,0x15c0f94e093ebc2dL,0x6af5f22733af0583L,
-        0x0c2af206c61f3340L },
-      { 0xd25dbdf14457397cL,0x2e8ed017cabcbae0L,0xe3010938c2815306L,
-        0xbaa99337e8c6cd68L } },
-    /* 62 << 49 */
-    { { 0x085131823b0ec7deL,0x1e1b822b58df05dfL,0x5c14842fa5c3b683L,
-        0x98fe977e3eba34ceL },
-      { 0xfd2316c20d5e8873L,0xe48d839abd0d427dL,0x495b2218623fc961L,
-        0x24ee56e7b46fba5eL } },
-    /* 63 << 49 */
-    { { 0x9184a55b91e4de58L,0xa7488ca5dfdea288L,0xa723862ea8dcc943L,
-        0x92d762b2849dc0fcL },
-      { 0x3c444a12091ff4a9L,0x581113fa0cada274L,0xb9de0a4530d8eae2L,
-        0x5e0fcd85df6b41eaL } },
-    /* 64 << 49 */
-    { { 0x6233ea68c094dbb5L,0xb77d062ed968d410L,0x3e719bbc58b3002dL,
-        0x68e7dd3d3dc49d58L },
-      { 0x8d825740013a5e58L,0x213117473c9e3c1bL,0x0cb0a2a77c99b6abL,
-        0x5c48a3b3c2f888f2L } },
-    /* 0 << 56 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 56 */
-    { { 0xc7913e91991724f3L,0x5eda799c39cbd686L,0xddb595c763d4fc1eL,
-        0x6b63b80bac4fed54L },
-      { 0x6ea0fc697e5fb516L,0x737708bad0f1c964L,0x9628745f11a92ca5L,
-        0x61f379589a86967aL } },
-    /* 2 << 56 */
-    { { 0x9af39b2caa665072L,0x78322fa4efd324efL,0x3d153394c327bd31L,
-        0x81d5f2713129dab0L },
-      { 0xc72e0c42f48027f5L,0xaa40cdbc8536e717L,0xf45a657a2d369d0fL,
-        0xb03bbfc4ea7f74e6L } },
-    /* 3 << 56 */
-    { { 0x46a8c4180d738dedL,0x6f1a5bb0e0de5729L,0xf10230b98ba81675L,
-        0x32c6f30c112b33d4L },
-      { 0x7559129dd8fffb62L,0x6a281b47b459bf05L,0x77c1bd3afa3b6776L,
-        0x0709b3807829973aL } },
-    /* 4 << 56 */
-    { { 0x8c26b232a3326505L,0x38d69272ee1d41bfL,0x0459453effe32afaL,
-        0xce8143ad7cb3ea87L },
-      { 0x932ec1fa7e6ab666L,0x6cd2d23022286264L,0x459a46fe6736f8edL,
-        0x50bf0d009eca85bbL } },
-    /* 5 << 56 */
-    { { 0x0b825852877a21ecL,0x300414a70f537a94L,0x3f1cba4021a9a6a2L,
-        0x50824eee76943c00L },
-      { 0xa0dbfcecf83cba5dL,0xf953814893b4f3c0L,0x6174416248f24dd7L,
-        0x5322d64de4fb09ddL } },
-    /* 6 << 56 */
-    { { 0x574473843d9325f3L,0xa9bef2d0f371cb84L,0x77d2188ba61e36c5L,
-        0xbbd6a7d7c602df72L },
-      { 0xba3aa9028f61bc0bL,0xf49085ed6ed0b6a1L,0x8bc625d6ae6e8298L,
-        0x832b0b1da2e9c01dL } },
-    /* 7 << 56 */
-    { { 0xa337c447f1f0ced1L,0x800cc7939492dd2bL,0x4b93151dbea08efaL,
-        0x820cf3f8de0a741eL },
-      { 0xff1982dc1c0f7d13L,0xef92196084dde6caL,0x1ad7d97245f96ee3L,
-        0x319c8dbe29dea0c7L } },
-    /* 8 << 56 */
-    { { 0xd3ea38717b82b99bL,0x75922d4d470eb624L,0x8f66ec543b95d466L,
-        0x66e673ccbee1e346L },
-      { 0x6afe67c4b5f2b89aL,0x3de9c1e6290e5cd3L,0x8c278bb6310a2adaL,
-        0x420fa3840bdb323bL } },
-    /* 9 << 56 */
-    { { 0x0ae1d63b0eb919b0L,0xd74ee51da74b9620L,0x395458d0a674290cL,
-        0x324c930f4620a510L },
-      { 0x2d1f4d19fbac27d4L,0x4086e8ca9bedeeacL,0x0cdd211b9b679ab8L,
-        0x5970167d7090fec4L } },
-    /* 10 << 56 */
-    { { 0x3420f2c9faf1fc63L,0x616d333a328c8bb4L,0x7d65364c57f1fe4aL,
-        0x9343e87755e5c73aL },
-      { 0x5795176be970e78cL,0xa36ccebf60533627L,0xfc7c738009cdfc1bL,
-        0xb39a2afeb3fec326L } },
-    /* 11 << 56 */
-    { { 0xb7ff1ba16224408aL,0xcc856e92247cfc5eL,0x01f102e7c18bc493L,
-        0x4613ab742091c727L },
-      { 0xaa25e89cc420bf2bL,0x00a5317690337ec2L,0xd2be9f437d025fc7L,
-        0x3316fb856e6fe3dcL } },
-    /* 12 << 56 */
-    { { 0x27520af59ac50814L,0xfdf95e789a8e4223L,0xb7e7df2a56bec5a0L,
-        0xf7022f7ddf159e5dL },
-      { 0x93eeeab1cac1fe8fL,0x8040188c37451168L,0x7ee8aa8ad967dce6L,
-        0xfa0e79e73abc9299L } },
-    /* 13 << 56 */
-    { { 0x67332cfc2064cfd1L,0x339c31deb0651934L,0x719b28d52a3bcbeaL,
-        0xee74c82b9d6ae5c6L },
-      { 0x0927d05ebaf28ee6L,0x82cecf2c9d719028L,0x0b0d353eddb30289L,
-        0xfe4bb977fddb2e29L } },
-    /* 14 << 56 */
-    { { 0xbb5bb990640bfd9eL,0xd226e27782f62108L,0x4bf0098502ffdd56L,
-        0x7756758a2ca1b1b5L },
-      { 0xc32b62a35285fe91L,0xedbc546a8c9cd140L,0x1e47a013af5cb008L,
-        0xbca7e720073ce8f2L } },
-    /* 15 << 56 */
-    { { 0xe10b2ab817a91caeL,0xb89aab6508e27f63L,0x7b3074a7dba3ddf9L,
-        0x1c20ce09330c2972L },
-      { 0x6b9917b45fcf7e33L,0xe6793743945ceb42L,0x18fc22155c633d19L,
-        0xad1adb3cc7485474L } },
-    /* 16 << 56 */
-    { { 0x646f96796424c49bL,0xf888dfe867c241c9L,0xe12d4b9324f68b49L,
-        0x9a6b62d8a571df20L },
-      { 0x81b4b26d179483cbL,0x666f96329511fae2L,0xd281b3e4d53aa51fL,
-        0x7f96a7657f3dbd16L } },
-    /* 17 << 56 */
-    { { 0xa7f8b5bf074a30ceL,0xd7f52107005a32e6L,0x6f9e090750237ed4L,
-        0x2f21da478096fa2bL },
-      { 0xf3e19cb4eec863a0L,0xd18f77fd9527620aL,0x9505c81c407c1cf8L,
-        0x9998db4e1b6ec284L } },
-    /* 18 << 56 */
-    { { 0x7e3389e5c247d44dL,0x125071413f4f3d80L,0xd4ba01104a78a6c7L,
-        0x312874a0767720beL },
-      { 0xded059a675944370L,0xd6123d903b2c0bddL,0xa56b717b51c108e3L,
-        0x9bb7940e070623e9L } },
-    /* 19 << 56 */
-    { { 0x794e2d5984ac066cL,0xf5954a92e68c69a0L,0x28c524584fd99dccL,
-        0x60e639fcb1012517L },
-      { 0xc2e601257de79248L,0xe9ef6404f12fc6d7L,0x4c4f28082a3b5d32L,
-        0x865ad32ec768eb8aL } },
-    /* 20 << 56 */
-    { { 0xac02331b13fb70b6L,0x037b44c195599b27L,0x1a860fc460bd082cL,
-        0xa2e25745c980cd01L },
-      { 0xee3387a81da0263eL,0x931bfb952d10f3d6L,0x5b687270a1f24a32L,
-        0xf140e65dca494b86L } },
-    /* 21 << 56 */
-    { { 0x4f4ddf91b2f1ac7aL,0xf99eaabb760fee27L,0x57f4008a49c228e5L,
-        0x090be4401cf713bbL },
-      { 0xac91fbe45004f022L,0xd838c2c2569e1af6L,0xd6c7d20b0f1daaa5L,
-        0xaa063ac11bbb02c0L } },
-    /* 22 << 56 */
-    { { 0x0938a42259558a78L,0x5343c6698435da2fL,0x96f67b18034410dcL,
-        0x7cc1e42484510804L },
-      { 0x86a1543f16dfbb7dL,0x921fa9425b5bd592L,0x9dcccb6eb33dd03cL,
-        0x8581ddd9b843f51eL } },
-    /* 23 << 56 */
-    { { 0x54935fcb81d73c9eL,0x6d07e9790a5e97abL,0x4dc7b30acf3a6babL,
-        0x147ab1f3170bee11L },
-      { 0x0aaf8e3d9fafdee4L,0xfab3dbcb538a8b95L,0x405df4b36ef13871L,
-        0xf1f4e9cb088d5a49L } },
-    /* 24 << 56 */
-    { { 0x9bcd24d366b33f1dL,0x3b97b8205ce445c0L,0xe2926549ba93ff61L,
-        0xd9c341ce4dafe616L },
-      { 0xfb30a76e16efb6f3L,0xdf24b8ca605b953cL,0x8bd52afec2fffb9fL,
-        0xbbac5ff7e19d0b96L } },
-    /* 25 << 56 */
-    { { 0x43c01b87459afccdL,0x6bd45143b7432652L,0x8473453055b5d78eL,
-        0x81088fdb1554ba7dL },
-      { 0xada0a52c1e269375L,0xf9f037c42dc5ec10L,0xc066060794bfbc11L,
-        0xc0a630bbc9c40d2fL } },
-    /* 26 << 56 */
-    { { 0x5efc797eab64c31eL,0xffdb1dab74507144L,0xf61242871ca6790cL,
-        0xe9609d81e69bf1bfL },
-      { 0xdb89859500d24fc9L,0x9c750333e51fb417L,0x51830a91fef7bbdeL,
-        0x0ce67dc8945f585cL } },
-    /* 27 << 56 */
-    { { 0x9a730ed44763eb50L,0x24a0e221c1ab0d66L,0x643b6393648748f3L,
-        0x1982daa16d3c6291L },
-      { 0x6f00a9f78bbc5549L,0x7a1783e17f36384eL,0xe8346323de977f50L,
-        0x91ab688db245502aL } },
-    /* 28 << 56 */
-    { { 0x331ab6b56d0bdd66L,0x0a6ef32e64b71229L,0x1028150efe7c352fL,
-        0x27e04350ce7b39d3L },
-      { 0x2a3c8acdc1070c82L,0xfb2034d380c9feefL,0x2d729621709f3729L,
-        0x8df290bf62cb4549L } },
-    /* 29 << 56 */
-    { { 0x02f99f33fc2e4326L,0x3b30076d5eddf032L,0xbb21f8cf0c652fb5L,
-        0x314fb49eed91cf7bL },
-      { 0xa013eca52f700750L,0x2b9e3c23712a4575L,0xe5355557af30fbb0L,
-        0x1ada35167c77e771L } },
-    /* 30 << 56 */
-    { { 0x45f6ecb27b135670L,0xe85d19df7cfc202eL,0x0f1b50c758d1be9fL,
-        0x5ebf2c0aead2e344L },
-      { 0x1531fe4eabc199c9L,0xc703259256bab0aeL,0x16ab2e486c1fec54L,
-        0x0f87fda804280188L } },
-    /* 31 << 56 */
-    { { 0xdc9f46fc609e4a74L,0x2a44a143ba667f91L,0xbc3d8b95b4d83436L,
-        0xa01e4bd0c7bd2958L },
-      { 0x7b18293273483c90L,0xa79c6aa1a7c7b598L,0xbf3983c6eaaac07eL,
-        0x8f18181e96e0d4e6L } },
-    /* 32 << 56 */
-    { { 0x8553d37c051af62bL,0xe9a998eb0bf94496L,0xe0844f9fb0d59aa1L,
-        0x983fd558e6afb813L },
-      { 0x9670c0ca65d69804L,0x732b22de6ea5ff2dL,0xd7640ba95fd8623bL,
-        0x9f619163a6351782L } },
-    /* 33 << 56 */
-    { { 0x0bfc27eeacee5043L,0xae419e732eb10f02L,0x19c028d18943fb05L,
-        0x71f01cf7ff13aa2aL },
-      { 0x7790737e8887a132L,0x6751330966318410L,0x9819e8a37ddb795eL,
-        0xfecb8ef5dad100b2L } },
-    /* 34 << 56 */
-    { { 0x59f74a223021926aL,0xb7c28a496f9b4c1cL,0xed1a733f912ad0abL,
-        0x42a910af01a5659cL },
-      { 0x3842c6e07bd68cabL,0x2b57fa3876d70ac8L,0x8a6707a83c53aaebL,
-        0x62c1c51065b4db18L } },
-    /* 35 << 56 */
-    { { 0x8de2c1fbb2d09dc7L,0xc3dfed12266bd23bL,0x927d039bd5b27db6L,
-        0x2fb2f0f1103243daL },
-      { 0xf855a07b80be7399L,0xed9327ce1f9f27a8L,0xa0bd99c7729bdef7L,
-        0x2b67125e28250d88L } },
-    /* 36 << 56 */
-    { { 0x784b26e88670ced7L,0xe3dfe41fc31bd3b4L,0x9e353a06bcc85cbcL,
-        0x302e290960178a9dL },
-      { 0x860abf11a6eac16eL,0x76447000aa2b3aacL,0x46ff9d19850afdabL,
-        0x35bdd6a5fdb2d4c1L } },
-    /* 37 << 56 */
-    { { 0xe82594b07e5c9ce9L,0x0f379e5320af346eL,0x608b31e3bc65ad4aL,
-        0x710c6b12267c4826L },
-      { 0x51c966f971954cf1L,0xb1cec7930d0aa215L,0x1f15598986bd23a8L,
-        0xae2ff99cf9452e86L } },
-    /* 38 << 56 */
-    { { 0xd8dd953c340ceaa2L,0x263552752e2e9333L,0x15d4e5f98586f06dL,
-        0xd6bf94a8f7cab546L },
-      { 0x33c59a0ab76a9af0L,0x52740ab3ba095af7L,0xc444de8a24389ca0L,
-        0xcc6f9863706da0cbL } },
-    /* 39 << 56 */
-    { { 0xb5a741a76b2515cfL,0x71c416019585c749L,0x78350d4fe683de97L,
-        0x31d6152463d0b5f5L },
-      { 0x7a0cc5e1fbce090bL,0xaac927edfbcb2a5bL,0xe920de4920d84c35L,
-        0x8c06a0b622b4de26L } },
-    /* 40 << 56 */
-    { { 0xd34dd58bafe7ddf3L,0x55851fedc1e6e55bL,0xd1395616960696e7L,
-        0x940304b25f22705fL },
-      { 0x6f43f861b0a2a860L,0xcf1212820e7cc981L,0x121862120ab64a96L,
-        0x09215b9ab789383cL } },
-    /* 41 << 56 */
-    { { 0x311eb30537387c09L,0xc5832fcef03ee760L,0x30358f5832f7ea19L,
-        0xe01d3c3491d53551L },
-      { 0x1ca5ee41da48ea80L,0x34e71e8ecf4fa4c1L,0x312abd257af1e1c7L,
-        0xe3afcdeb2153f4a5L } },
-    /* 42 << 56 */
-    { { 0x9d5c84d700235e9aL,0x0308d3f48c4c836fL,0xc0a66b0489332de5L,
-        0x610dd39989e566efL },
-      { 0xf8eea460d1ac1635L,0x84cbb3fb20a2c0dfL,0x40afb488e74a48c5L,
-        0x29738198d326b150L } },
-    /* 43 << 56 */
-    { { 0x2a17747fa6d74081L,0x60ea4c0555a26214L,0x53514bb41f88c5feL,
-        0xedd645677e83426cL },
-      { 0xd5d6cbec96460b25L,0xa12fd0ce68dc115eL,0xc5bc3ed2697840eaL,
-        0x969876a8a6331e31L } },
-    /* 44 << 56 */
-    { { 0x60c36217472ff580L,0xf42297054ad41393L,0x4bd99ef0a03b8b92L,
-        0x501c7317c144f4f6L },
-      { 0x159009b318464945L,0x6d5e594c74c5c6beL,0x2d587011321a3660L,
-        0xd1e184b13898d022L } },
-    /* 45 << 56 */
-    { { 0x5ba047524c6a7e04L,0x47fa1e2b45550b65L,0x9419daf048c0a9a5L,
-        0x663629537c243236L },
-      { 0xcd0744b15cb12a88L,0x561b6f9a2b646188L,0x599415a566c2c0c0L,
-        0xbe3f08590f83f09aL } },
-    /* 46 << 56 */
-    { { 0x9141c5beb92041b8L,0x01ae38c726477d0dL,0xca8b71f3d12c7a94L,
-        0xfab5b31f765c70dbL },
-      { 0x76ae7492487443e9L,0x8595a310990d1349L,0xf8dbeda87d460a37L,
-        0x7f7ad0821e45a38fL } },
-    /* 47 << 56 */
-    { { 0xed1d4db61059705aL,0xa3dd492ae6b9c697L,0x4b92ee3a6eb38bd5L,
-        0xbab2609d67cc0bb7L },
-      { 0x7fc4fe896e70ee82L,0xeff2c56e13e6b7e3L,0x9b18959e34d26fcaL,
-        0x2517ab66889d6b45L } },
-    /* 48 << 56 */
-    { { 0xf167b4e0bdefdd4fL,0x69958465f366e401L,0x5aa368aba73bbec0L,
-        0x121487097b240c21L },
-      { 0x378c323318969006L,0xcb4d73cee1fe53d1L,0x5f50a80e130c4361L,
-        0xd67f59517ef5212bL } },
-    /* 49 << 56 */
-    { { 0xf145e21e9e70c72eL,0xb2e52e295566d2fbL,0x44eaba4a032397f5L,
-        0x5e56937b7e31a7deL },
-      { 0x68dcf517456c61e1L,0xbc2e954aa8b0a388L,0xe3552fa760a8b755L,
-        0x03442dae73ad0cdeL } },
-    /* 50 << 56 */
-    { { 0x37ffe747ceb26210L,0x983545e8787baef9L,0x8b8c853586a3de31L,
-        0xc621dbcbfacd46dbL },
-      { 0x82e442e959266fbbL,0xa3514c37339d471cL,0x3a11b77162cdad96L,
-        0xf0cb3b3cecf9bdf0L } },
-    /* 51 << 56 */
-    { { 0x3fcbdbce478e2135L,0x7547b5cfbda35342L,0xa97e81f18a677af6L,
-        0xc8c2bf8328817987L },
-      { 0xdf07eaaf45580985L,0xc68d1f05c93b45cbL,0x106aa2fec77b4cacL,
-        0x4c1d8afc04a7ae86L } },
-    /* 52 << 56 */
-    { { 0xdb41c3fd9eb45ab2L,0x5b234b5bd4b22e74L,0xda253decf215958aL,
-        0x67e0606ea04edfa0L },
-      { 0xabbbf070ef751b11L,0xf352f175f6f06dceL,0xdfc4b6af6839f6b4L,
-        0x53ddf9a89959848eL } },
-    /* 53 << 56 */
-    { { 0xda49c379c21520b0L,0x90864ff0dbd5d1b6L,0x2f055d235f49c7f7L,
-        0xe51e4e6aa796b2d8L },
-      { 0xc361a67f5c9dc340L,0x5ad53c37bca7c620L,0xda1d658832c756d0L,
-        0xad60d9118bb67e13L } },
-    /* 54 << 56 */
-    { { 0xd6c47bdf0eeec8c6L,0x4a27fec1078a1821L,0x081f7415c3099524L,
-        0x8effdf0b82cd8060L },
-      { 0xdb70ec1c65842df8L,0x8821b358d319a901L,0x72ee56eede42b529L,
-        0x5bb39592236e4286L } },
-    /* 55 << 56 */
-    { { 0xd1183316fd6f7140L,0xf9fadb5bbd8e81f7L,0x701d5e0c5a02d962L,
-        0xfdee4dbf1b601324L },
-      { 0xbed1740735d7620eL,0x04e3c2c3f48c0012L,0x9ee29da73455449aL,
-        0x562cdef491a836c4L } },
-    /* 56 << 56 */
-    { { 0x8f682a5f47701097L,0x617125d8ff88d0c2L,0x948fda2457bb86ddL,
-        0x348abb8f289f7286L },
-      { 0xeb10eab599d94bbdL,0xd51ba28e4684d160L,0xabe0e51c30c8f41aL,
-        0x66588b4513254f4aL } },
-    /* 57 << 56 */
-    { { 0x147ebf01fad097a5L,0x49883ea8610e815dL,0xe44d60ba8a11de56L,
-        0xa970de6e827a7a6dL },
-      { 0x2be414245e17fc19L,0xd833c65701214057L,0x1375813b363e723fL,
-        0x6820bb88e6a52e9bL } },
-    /* 58 << 56 */
-    { { 0x7e7f6970d875d56aL,0xd6a0a9ac51fbf6bfL,0x54ba8790a3083c12L,
-        0xebaeb23d6ae7eb64L },
-      { 0xa8685c3ab99a907aL,0xf1e74550026bf40bL,0x7b73a027c802cd9eL,
-        0x9a8a927c4fef4635L } },
-    /* 59 << 56 */
-    { { 0xe1b6f60c08191224L,0xc4126ebbde4ec091L,0xe1dff4dc4ae38d84L,
-        0xde3f57db4f2ef985L },
-      { 0x34964337d446a1ddL,0x7bf217a0859e77f6L,0x8ff105278e1d13f5L,
-        0xa304ef0374eeae27L } },
-    /* 60 << 56 */
-    { { 0xfc6f5e47d19dfa5aL,0xdb007de37fad982bL,0x28205ad1613715f5L,
-        0x251e67297889529eL },
-      { 0x727051841ae98e78L,0xf818537d271cac32L,0xc8a15b7eb7f410f5L,
-        0xc474356f81f62393L } },
-    /* 61 << 56 */
-    { { 0x92dbdc5ac242316bL,0xabe060acdbf4aff5L,0x6e8c38fe909a8ec6L,
-        0x43e514e56116cb94L },
-      { 0x2078fa3807d784f9L,0x1161a880f4b5b357L,0x5283ce7913adea3dL,
-        0x0756c3e6cc6a910bL } },
-    /* 62 << 56 */
-    { { 0x60bcfe01aaa79697L,0x04a73b2956391db1L,0xdd8dad47189b45a0L,
-        0xbfac0dd048d5b8d9L },
-      { 0x34ab3af57d3d2ec2L,0x6fa2fc2d207bd3afL,0x9ff4009266550dedL,
-        0x719b3e871fd5b913L } },
-    /* 63 << 56 */
-    { { 0xa573a4966d17fbc7L,0x0cd1a70a73d2b24eL,0x34e2c5cab2676937L,
-        0xe7050b06bf669f21L },
-      { 0xfbe948b61ede9046L,0xa053005197662659L,0x58cbd4edf10124c5L,
-        0xde2646e4dd6c06c8L } },
-    /* 64 << 56 */
-    { { 0x332f81088cad38c0L,0x471b7e906bd68ae2L,0x56ac3fb20d8e27a3L,
-        0xb54660db136b4b0dL },
-      { 0x123a1e11a6fd8de4L,0x44dbffeaa37799efL,0x4540b977ce6ac17cL,
-        0x495173a8af60acefL } },
-    /* 0 << 63 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 63 */
-    { { 0x9ebb284d391c2a82L,0xbcdd4863158308e8L,0x006f16ec83f1edcaL,
-        0xa13e2c37695dc6c8L },
-      { 0x2ab756f04a057a87L,0xa8765500a6b48f98L,0x4252face68651c44L,
-        0xa52b540be1765e02L } },
-    /* 2 << 63 */
-    { { 0x4f922fc516a0d2bbL,0x0d5cc16c1a623499L,0x9241cf3a57c62c8bL,
-        0x2f5e6961fd1b667fL },
-      { 0x5c15c70bf5a01797L,0x3d20b44d60956192L,0x04911b37071fdb52L,
-        0xf648f9168d6f0f7bL } },
-    /* 3 << 63 */
-    { { 0x6dc1acafe60b7cf7L,0x25860a5084a9d869L,0x56fc6f09e7ba8ac4L,
-        0x828c5bd06148d29eL },
-      { 0xac6b435edc55ae5fL,0xa527f56cc0117411L,0x94d5045efd24342cL,
-        0x2c4c0a3570b67c0dL } },
-    /* 4 << 63 */
-    { { 0x027cc8b8fac61d9aL,0x7d25e062e3c6fe8aL,0xe08805bfe5bff503L,
-        0x13271e6c6ff632f7L },
-      { 0x55dca6c0232f76a5L,0x8957c32d701ef426L,0xee728bcba10a5178L,
-        0x5ea60411b62c5173L } },
-    /* 5 << 63 */
-    { { 0xfc4e964ed0b8892bL,0x9ea176839301bb74L,0x6265c5aefcc48626L,
-        0xe60cf82ebb3e9102L },
-      { 0x57adf797d4df5531L,0x235b59a18deeefe2L,0x60adcf583f306eb1L,
-        0x105c27533d09492dL } },
-    /* 6 << 63 */
-    { { 0x4090914bb5def996L,0x1cb69c83233dd1e7L,0xc1e9c1d39b3d5e76L,
-        0x1f3338edfccf6012L },
-      { 0xb1e95d0d2f5378a8L,0xacf4c2c72f00cd21L,0x6e984240eb5fe290L,
-        0xd66c038d248088aeL } },
-    /* 7 << 63 */
-    { { 0x804d264af94d70cfL,0xbdb802ef7314bf7eL,0x8fb54de24333ed02L,
-        0x740461e0285635d9L },
-      { 0x4113b2c8365e9383L,0xea762c833fdef652L,0x4eec6e2e47b956c1L,
-        0xa3d814be65620fa4L } },
-    /* 8 << 63 */
-    { { 0x9ad5462bb4d8bc50L,0x181c0b16a9195770L,0xebd4fe1c78412a68L,
-        0xae0341bcc0dff48cL },
-      { 0xb6bc45cf7003e866L,0xf11a6dea8a24a41bL,0x5407151ad04c24c2L,
-        0x62c9d27dda5b7b68L } },
-    /* 9 << 63 */
-    { { 0x2e96423588cceff6L,0x8594c54f8b07ed69L,0x1578e73cc84d0d0dL,
-        0x7b4e1055ff532868L },
-      { 0xa348c0d5b5ec995aL,0xbf4b9d5514289a54L,0x9ba155a658fbd777L,
-        0x186ed7a81a84491dL } },
-    /* 10 << 63 */
-    { { 0xd4992b30614c0900L,0xda98d121bd00c24bL,0x7f534dc87ec4bfa1L,
-        0x4a5ff67437dc34bcL },
-      { 0x68c196b81d7ea1d7L,0x38cf289380a6d208L,0xfd56cd09e3cbbd6eL,
-        0xec72e27e4205a5b6L } },
-    /* 11 << 63 */
-    { { 0x15ea68f5a44f77f7L,0x7aa5f9fdb43c52bcL,0x86ff676f94f0e609L,
-        0xa4cde9632e2d432bL },
-      { 0x8cafa0c0eee470afL,0x84137d0e8a3f5ec8L,0xebb40411faa31231L,
-        0xa239c13f6f7f7ccfL } },
-    /* 12 << 63 */
-    { { 0x32865719a8afd30bL,0x867983288a826dceL,0xdf04e891c4a8fbe0L,
-        0xbb6b6e1bebf56ad3L },
-      { 0x0a695b11471f1ff0L,0xd76c3389be15baf0L,0x018edb95be96c43eL,
-        0xf2beaaf490794158L } },
-    /* 13 << 63 */
-    { { 0x152db09ec3076a27L,0x5e82908ee416545dL,0xa2c41272356d6f2eL,
-        0xdc9c964231fd74e1L },
-      { 0x66ceb88d519bf615L,0xe29ecd7605a2274eL,0x3a0473c4bf5e2fa0L,
-        0x6b6eb67164284e67L } },
-    /* 14 << 63 */
-    { { 0xe8b97932b88756ddL,0xed4e8652f17e3e61L,0xc2dd14993ee1c4a4L,
-        0xc0aaee17597f8c0eL },
-      { 0x15c4edb96c168af3L,0x6563c7bfb39ae875L,0xadfadb6f20adb436L,
-        0xad55e8c99a042ac0L } },
-    /* 15 << 63 */
-    { { 0x975a1ed8b76da1f5L,0x10dfa466a58acb94L,0x8dd7f7e3ac060282L,
-        0x6813e66a572a051eL },
-      { 0xb4ccae1e350cb901L,0xb653d65650cb7822L,0x42484710dfab3b87L,
-        0xcd7ee5379b670fd0L } },
-    /* 16 << 63 */
-    { { 0x0a50b12e523b8bf6L,0x8009eb5b8f910c1bL,0xf535af824a167588L,
-        0x0f835f9cfb2a2abdL },
-      { 0xf59b29312afceb62L,0xc797df2a169d383fL,0xeb3f5fb066ac02b0L,
-        0x029d4c6fdaa2d0caL } },
-    /* 17 << 63 */
-    { { 0xd4059bc1afab4bc5L,0x833f5c6f56783247L,0xb53466308d2d3605L,
-        0x83387891d34d8433L },
-      { 0xd973b30fadd9419aL,0xbcca1099afe3fce8L,0x081783150809aac6L,
-        0x01b7f21a540f0f11L } },
-    /* 18 << 63 */
-    { { 0x65c29219909523c8L,0xa62f648fa3a1c741L,0x88598d4f60c9e55aL,
-        0xbce9141b0e4f347aL },
-      { 0x9af97d8435f9b988L,0x0210da62320475b6L,0x3c076e229191476cL,
-        0x7520dbd944fc7834L } },
-    /* 19 << 63 */
-    { { 0x6a6b2cfec1ab1bbdL,0xef8a65bedc650938L,0x72855540805d7bc4L,
-        0xda389396ed11fdfdL },
-      { 0xa9d5bd3674660876L,0x11d67c54b45dff35L,0x6af7d148a4f5da94L,
-        0xbb8d4c3fc0bbeb31L } },
-    /* 20 << 63 */
-    { { 0x87a7ebd1e0a1b12aL,0x1e4ef88d770ba95fL,0x8c33345cdc2ae9cbL,
-        0xcecf127601cc8403L },
-      { 0x687c012e1b39b80fL,0xfd90d0ad35c33ba4L,0xa3ef5a675c9661c2L,
-        0x368fc88ee017429eL } },
-    /* 21 << 63 */
-    { { 0xd30c6761196a2fa2L,0x931b9817bd5b312eL,0xba01000c72f54a31L,
-        0xa203d2c866eaa541L },
-      { 0xf2abdee098939db3L,0xe37d6c2c3e606c02L,0xf2921574521ff643L,
-        0x2781b3c4d7e2fca3L } },
-    /* 22 << 63 */
-    { { 0x664300b07850ec06L,0xac5a38b97d3a10cfL,0x9233188de34ab39dL,
-        0xe77057e45072cbb9L },
-      { 0xbcf0c042b59e78dfL,0x4cfc91e81d97de52L,0x4661a26c3ee0ca4aL,
-        0x5620a4c1fb8507bcL } },
-    /* 23 << 63 */
-    { { 0x4b44d4aa049f842cL,0xceabc5d51540e82bL,0x306710fd15c6f156L,
-        0xbe5ae52b63db1d72L },
-      { 0x06f1e7e6334957f1L,0x57e388f031144a70L,0xfb69bb2fdf96447bL,
-        0x0f78ebd373e38a12L } },
-    /* 24 << 63 */
-    { { 0xb82226052b7ce542L,0xe6d4ce997472bde1L,0x53e16ebe09d2f4daL,
-        0x180ff42e53b92b2eL },
-      { 0xc59bcc022c34a1c6L,0x3803d6f9422c46c2L,0x18aff74f5c14a8a2L,
-        0x55aebf8010a08b28L } },
-    /* 25 << 63 */
-    { { 0x66097d587135593fL,0x32e6eff72be570cdL,0x584e6a102a8c860dL,
-        0xcd185890a2eb4163L },
-      { 0x7ceae99d6d97e134L,0xd42c6b70dd8447ceL,0x59ddbb4ab8c50273L,
-        0x03c612df3cf34e1eL } },
-    /* 26 << 63 */
-    { { 0x84b9ca1504b6c5a0L,0x35216f3918f0e3a3L,0x3ec2d2bcbd986c00L,
-        0x8bf546d9d19228feL },
-      { 0xd1c655a44cd623c3L,0x366ce718502b8e5aL,0x2cfc84b4eea0bfe7L,
-        0xe01d5ceecf443e8eL } },
-    /* 27 << 63 */
-    { { 0x8ec045d9036520f8L,0xdfb3c3d192d40e98L,0x0bac4ccecc559a04L,
-        0x35eccae5240ea6b1L },
-      { 0x180b32dbf8a5a0acL,0x547972a5eb699700L,0xa3765801ca26bca0L,
-        0x57e09d0ea647f25aL } },
-    /* 28 << 63 */
-    { { 0xb956970e2fdd23ccL,0xb80288bc5682e971L,0xe6e6d91e9ae86ebcL,
-        0x0564c83f8c9f1939L },
-      { 0x551932a239560368L,0xe893752b049c28e2L,0x0b03cee5a6a158c3L,
-        0xe12d656b04964263L } },
-    /* 29 << 63 */
-    { { 0x4b47554e63e3bc1dL,0xc719b6a245044ff7L,0x4f24d30ae48daa07L,
-        0xa3f37556c8c1edc3L },
-      { 0x9a47bf760700d360L,0xbb1a1824822ae4e2L,0x22e275a389f1fb4cL,
-        0x72b1aa239968c5f5L } },
-    /* 30 << 63 */
-    { { 0xa75feacabe063f64L,0x9b392f43bce47a09L,0xd42415091ad07acaL,
-        0x4b0c591b8d26cd0fL },
-      { 0x2d42ddfd92f1169aL,0x63aeb1ac4cbf2392L,0x1de9e8770691a2afL,
-        0xebe79af7d98021daL } },
-    /* 31 << 63 */
-    { { 0xcfdf2a4e40e50acfL,0xf0a98ad7af01d665L,0xefb640bf1831be1fL,
-        0x6fe8bd2f80e9ada0L },
-      { 0x94c103a16cafbc91L,0x170f87598308e08cL,0x5de2d2ab9780ff4fL,
-        0x666466bc45b201f2L } },
-    /* 32 << 63 */
-    { { 0x58af2010f5b343bcL,0x0f2e400af2f142feL,0x3483bfdea85f4bdfL,
-        0xf0b1d09303bfeaa9L },
-      { 0x2ea01b95c7081603L,0xe943e4c93dba1097L,0x47be92adb438f3a6L,
-        0x00bb7742e5bf6636L } },
-    /* 33 << 63 */
-    { { 0x136b7083824297b4L,0x9d0e55805584455fL,0xab48cedcf1c7d69eL,
-        0x53a9e4812a256e76L },
-      { 0x0402b0e065eb2413L,0xdadbbb848fc407a7L,0xa65cd5a48d7f5492L,
-        0x21d4429374bae294L } },
-    /* 34 << 63 */
-    { { 0x66917ce63b5f1cc4L,0x37ae52eace872e62L,0xbb087b722905f244L,
-        0x120770861e6af74fL },
-      { 0x4b644e491058edeaL,0x827510e3b638ca1dL,0x8cf2b7046038591cL,
-        0xffc8b47afe635063L } },
-    /* 35 << 63 */
-    { { 0x3ae220e61b4d5e63L,0xbd8647429d961b4bL,0x610c107e9bd16bedL,
-        0x4270352a1127147bL },
-      { 0x7d17ffe664cfc50eL,0x50dee01a1e36cb42L,0x068a762235dc5f9aL,
-        0x9a08d536df53f62cL } },
-    /* 36 << 63 */
-    { { 0x4ed714576be5f7deL,0xd93006f8c2263c9eL,0xe073694ccacacb36L,
-        0x2ff7a5b43ae118abL },
-      { 0x3cce53f1cd871236L,0xf156a39dc2aa6d52L,0x9cc5f271b198d76dL,
-        0xbc615b6f81383d39L } },
-    /* 37 << 63 */
-    { { 0xa54538e8de3eee6bL,0x58c77538ab910d91L,0x31e5bdbc58d278bdL,
-        0x3cde4adfb963acaeL },
-      { 0xb1881fd25302169cL,0x8ca60fa0a989ed8bL,0xa1999458ff96a0eeL,
-        0xc1141f03ac6c283dL } },
-    /* 38 << 63 */
-    { { 0x7677408d6dfafed3L,0x33a0165339661588L,0x3c9c15ec0b726fa0L,
-        0x090cfd936c9b56daL },
-      { 0xe34f4baea3c40af5L,0x3469eadbd21129f1L,0xcc51674a1e207ce8L,
-        0x1e293b24c83b1ef9L } },
-    /* 39 << 63 */
-    { { 0x17173d131e6c0bb4L,0x1900469590776d35L,0xe7980e346de6f922L,
-        0x873554cbf4dd9a22L },
-      { 0x0316c627cbf18a51L,0x4d93651b3032c081L,0x207f27713946834dL,
-        0x2c08d7b430cdbf80L } },
-    /* 40 << 63 */
-    { { 0x137a4fb486df2a61L,0xa1ed9c07ecf7b4a2L,0xb2e460e27bd042ffL,
-        0xb7f5e2fa5f62f5ecL },
-      { 0x7aa6ec6bcc2423b7L,0x75ce0a7fba63eea7L,0x67a45fb1f250a6e1L,
-        0x93bc919ce53cdc9fL } },
-    /* 41 << 63 */
-    { { 0x9271f56f871942dfL,0x2372ff6f7859ad66L,0x5f4c2b9633cb1a78L,
-        0xe3e291015838aa83L },
-      { 0xa7ed1611e4e8110cL,0x2a2d70d5330198ceL,0xbdf132e86720efe0L,
-        0xe61a896266a471bfL } },
-    /* 42 << 63 */
-    { { 0x796d3a85825808bdL,0x51dc3cb73fd6e902L,0x643c768a916219d1L,
-        0x36cd7685a2ad7d32L },
-      { 0xe3db9d05b22922a4L,0x6494c87edba29660L,0xf0ac91dfbcd2ebc7L,
-        0x4deb57a045107f8dL } },
-    /* 43 << 63 */
-    { { 0x42271f59c3d12a73L,0x5f71687ca5c2c51dL,0xcb1f50c605797bcbL,
-        0x29ed0ed9d6d34eb0L },
-      { 0xe5fe5b474683c2ebL,0x4956eeb597447c46L,0x5b163a4371207167L,
-        0x93fa2fed0248c5efL } },
-    /* 44 << 63 */
-    { { 0x67930af231f63950L,0xa77797c114caa2c9L,0x526e80ee27ac7e62L,
-        0xe1e6e62658b28aecL },
-      { 0x636178b0b3c9fef0L,0xaf7752e06d5f90beL,0x94ecaf18eece51cfL,
-        0x2864d0edca806e1fL } },
-    /* 45 << 63 */
-    { { 0x6de2e38397c69134L,0x5a42c316eb291293L,0xc77792196a60bae0L,
-        0xa24de3466b7599d1L },
-      { 0x49d374aab75d4941L,0x989005862d501ff0L,0x9f16d40eeb7974cfL,
-        0x1033860bcdd8c115L } },
-    /* 46 << 63 */
-    { { 0xb6c69ac82094cec3L,0x9976fb88403b770cL,0x1dea026c4859590dL,
-        0xb6acbb468562d1fdL },
-      { 0x7cd6c46144569d85L,0xc3190a3697f0891dL,0xc6f5319548d5a17dL,
-        0x7d919966d749abc8L } },
-    /* 47 << 63 */
-    { { 0x65104837dd1c8a20L,0x7e5410c82f683419L,0x958c3ca8be94022eL,
-        0x605c31976145dac2L },
-      { 0x3fc0750101683d54L,0x1d7127c5595b1234L,0x10b8f87c9481277fL,
-        0x677db2a8e65a1adbL } },
-    /* 48 << 63 */
-    { { 0xec2fccaaddce3345L,0x2a6811b7012a4350L,0x96760ff1ac598bdcL,
-        0x054d652ad1bf4128L },
-      { 0x0a1151d492a21005L,0xad7f397133110fdfL,0x8c95928c1960100fL,
-        0x6c91c8257bf03362L } },
-    /* 49 << 63 */
-    { { 0xc8c8b2a2ce309f06L,0xfdb27b59ca27204bL,0xd223eaa50848e32eL,
-        0xb93e4b2ee7bfaf1eL },
-      { 0xc5308ae644aa3dedL,0x317a666ac015d573L,0xc888ce231a979707L,
-        0xf141c1e60d5c4958L } },
-    /* 50 << 63 */
-    { { 0xb53b7de561906373L,0x858dbadeeb999595L,0x8cbb47b2a59e5c36L,
-        0x660318b3dcf4e842L },
-      { 0xbd161ccd12ba4b7aL,0xf399daabf8c8282aL,0x1587633aeeb2130dL,
-        0xa465311ada38dd7dL } },
-    /* 51 << 63 */
-    { { 0x5f75eec864d3779bL,0x3c5d0476ad64c171L,0x874103712a914428L,
-        0x8096a89190e2fc29L },
-      { 0xd3d2ae9d23b3ebc2L,0x90bdd6dba580cfd6L,0x52dbb7f3c5b01f6cL,
-        0xe68eded4e102a2dcL } },
-    /* 52 << 63 */
-    { { 0x17785b7799eb6df0L,0x26c3cc517386b779L,0x345ed9886417a48eL,
-        0xe990b4e407d6ef31L },
-      { 0x0f456b7e2586abbaL,0x239ca6a559c96e9aL,0xe327459ce2eb4206L,
-        0x3a4c3313a002b90aL } },
-    /* 53 << 63 */
-    { { 0x2a114806f6a3f6fbL,0xad5cad2f85c251ddL,0x92c1f613f5a784d3L,
-        0xec7bfacf349766d5L },
-      { 0x04b3cd333e23cb3bL,0x3979fe84c5a64b2dL,0x192e27207e589106L,
-        0xa60c43d1a15b527fL } },
-    /* 54 << 63 */
-    { { 0x2dae9082be7cf3a6L,0xcc86ba92bc967274L,0xf28a2ce8aea0a8a9L,
-        0x404ca6d96ee988b3L },
-      { 0xfd7e9c5d005921b8L,0xf56297f144e79bf9L,0xa163b4600d75ddc2L,
-        0x30b23616a1f2be87L } },
-    /* 55 << 63 */
-    { { 0x4b070d21bfe50e2bL,0x7ef8cfd0e1bfede1L,0xadba00112aac4ae0L,
-        0x2a3e7d01b9ebd033L },
-      { 0x995277ece38d9d1cL,0xb500249e9c5d2de3L,0x8912b820f13ca8c9L,
-        0xc8798114877793afL } },
-    /* 56 << 63 */
-    { { 0x19e6125dec3f1decL,0x07b1f040911178daL,0xd93ededa904a6738L,
-        0x55187a5a0bebedcdL },
-      { 0xf7d04722eb329d41L,0xf449099ef170b391L,0xfd317a69ca99f828L,
-        0x50c3db2b34a4976dL } },
-    /* 57 << 63 */
-    { { 0xe9ba77843757b392L,0x326caefdaa3ca05aL,0x78e5293bf1e593d4L,
-        0x7842a9370d98fd13L },
-      { 0xe694bf965f96b10dL,0x373a9df606a8cd05L,0x997d1e51e8f0c7fcL,
-        0x1d01979063fd972eL } },
-    /* 58 << 63 */
-    { { 0x0064d8585499fb32L,0x7b67bad977a8aeb7L,0x1d3eb9772d08eec5L,
-        0x5fc047a6cbabae1dL },
-      { 0x0577d159e54a64bbL,0x8862201bc43497e4L,0xad6b4e282ce0608dL,
-        0x8b687b7d0b167aacL } },
-    /* 59 << 63 */
-    { { 0x6ed4d3678b2ecfa9L,0x24dfe62da90c3c38L,0xa1862e103fe5c42bL,
-        0x1ca73dcad5732a9fL },
-      { 0x35f038b776bb87adL,0x674976abf242b81fL,0x4f2bde7eb0fd90cdL,
-        0x6efc172ea7fdf092L } },
-    /* 60 << 63 */
-    { { 0x3806b69b92222f1fL,0x5a2459ca6cf7ae70L,0x6789f69ca85217eeL,
-        0x5f232b5ee3dc85acL },
-      { 0x660e3ec548e9e516L,0x124b4e473197eb31L,0x10a0cb13aafcca23L,
-        0x7bd63ba48213224fL } },
-    /* 61 << 63 */
-    { { 0xaffad7cc290a7f4fL,0x6b409c9e0286b461L,0x58ab809fffa407afL,
-        0xc3122eedc68ac073L },
-      { 0x17bf9e504ef24d7eL,0x5d9297943e2a5811L,0x519bc86702902e01L,
-        0x76bba5da39c8a851L } },
-    /* 62 << 63 */
-    { { 0xe9f9669cda94951eL,0x4b6af58d66b8d418L,0xfa32107417d426a4L,
-        0xc78e66a99dde6027L },
-      { 0x0516c0834a53b964L,0xfc659d38ff602330L,0x0ab55e5c58c5c897L,
-        0x985099b2838bc5dfL } },
-    /* 63 << 63 */
-    { { 0x061d9efcc52fc238L,0x712b27286ac1da3fL,0xfb6581499283fe08L,
-        0x4954ac94b8aaa2f7L },
-      { 0x85c0ada47fb2e74fL,0xee8ba98eb89926b0L,0xe4f9d37d23d1af5bL,
-        0x14ccdbf9ba9b015eL } },
-    /* 64 << 63 */
-    { { 0xb674481b7bfe7178L,0x4e1debae65405868L,0x061b2821c48c867dL,
-        0x69c15b35513b30eaL },
-      { 0x3b4a166636871088L,0xe5e29f5d1220b1ffL,0x4b82bb35233d9f4dL,
-        0x4e07633318cdc675L } },
-    /* 0 << 70 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 70 */
-    { { 0x0d53f5c7a3e6fcedL,0xe8cbbdd5f45fbdebL,0xf85c01df13339a70L,
-        0x0ff71880142ceb81L },
-      { 0x4c4e8774bd70437aL,0x5fb32891ba0bda6aL,0x1cdbebd2f18bd26eL,
-        0x2f9526f103a9d522L } },
-    /* 2 << 70 */
-    { { 0x40ce305192c4d684L,0x8b04d7257612efcdL,0xb9dcda366f9cae20L,
-        0x0edc4d24f058856cL },
-      { 0x64f2e6bf85427900L,0x3de81295dc09dfeaL,0xd41b4487379bf26cL,
-        0x50b62c6d6df135a9L } },
-    /* 3 << 70 */
-    { { 0xd4f8e3b4c72dfe67L,0xc416b0f690e19fdfL,0x18b9098d4c13bd35L,
-        0xac11118a15b8cb9eL },
-      { 0xf598a318f0062841L,0xbfe0602f89f356f4L,0x7ae3637e30177a0cL,
-        0x3409774761136537L } },
-    /* 4 << 70 */
-    { { 0x0db2fb5ed005832aL,0x5f5efd3b91042e4fL,0x8c4ffdc6ed70f8caL,
-        0xe4645d0bb52da9ccL },
-      { 0x9596f58bc9001d1fL,0x52c8f0bc4e117205L,0xfd4aa0d2e398a084L,
-        0x815bfe3a104f49deL } },
-    /* 5 << 70 */
-    { { 0x97e5443f23885e5fL,0xf72f8f99e8433aabL,0xbd00b154e4d4e604L,
-        0xd0b35e6ae5e173ffL },
-      { 0x57b2a0489164722dL,0x3e3c665b88761ec8L,0x6bdd13973da83832L,
-        0x3c8b1a1e73dafe3bL } },
-    /* 6 << 70 */
-    { { 0x4497ace654317cacL,0xbe600ab9521771b3L,0xb42e409eb0dfe8b8L,
-        0x386a67d73942310fL },
-      { 0x25548d8d4431cc28L,0xa7cff142985dc524L,0x4d60f5a193c4be32L,
-        0x83ebd5c8d071c6e1L } },
-    /* 7 << 70 */
-    { { 0xba3a80a7b1fd2b0bL,0x9b3ad3965bec33e8L,0xb3868d6179743fb3L,
-        0xcfd169fcfdb462faL },
-      { 0xd3b499d79ce0a6afL,0x55dc1cf1e42d3ff8L,0x04fb9e6cc6c3e1b2L,
-        0x47e6961d6f69a474L } },
-    /* 8 << 70 */
-    { { 0x54eb3acce548b37bL,0xb38e754284d40549L,0x8c3daa517b341b4fL,
-        0x2f6928ec690bf7faL },
-      { 0x0496b32386ce6c41L,0x01be1c5510adadcdL,0xc04e67e74bb5faf9L,
-        0x3cbaf678e15c9985L } },
-    /* 9 << 70 */
-    { { 0x8cd1214550ca4247L,0xba1aa47ae7dd30aaL,0x2f81ddf1e58fee24L,
-        0x03452936eec9b0e8L },
-      { 0x8bdc3b81243aea96L,0x9a2919af15c3d0e5L,0x9ea640ec10948361L,
-        0x5ac86d5b6e0bcccfL } },
-    /* 10 << 70 */
-    { { 0xf892d918c36cf440L,0xaed3e837c939719cL,0xb07b08d2c0218b64L,
-        0x6f1bcbbace9790ddL },
-      { 0x4a84d6ed60919b8eL,0xd89007918ac1f9ebL,0xf84941aa0dd5daefL,
-        0xb22fe40a67fd62c5L } },
-    /* 11 << 70 */
-    { { 0x97e15ba2157f2db3L,0xbda2fc8f8e28ca9cL,0x5d050da437b9f454L,
-        0x3d57eb572379d72eL },
-      { 0xe9b5eba2fb5ee997L,0x01648ca2e11538caL,0x32bb76f6f6327974L,
-        0x338f14b8ff3f4bb7L } },
-    /* 12 << 70 */
-    { { 0x524d226ad7ab9a2dL,0x9c00090d7dfae958L,0x0ba5f5398751d8c2L,
-        0x8afcbcdd3ab8262dL },
-      { 0x57392729e99d043bL,0xef51263baebc943aL,0x9feace9320862935L,
-        0x639efc03b06c817bL } },
-    /* 13 << 70 */
-    { { 0x1fe054b366b4be7aL,0x3f25a9de84a37a1eL,0xf39ef1ad78d75cd9L,
-        0xd7b58f495062c1b5L },
-      { 0x6f74f9a9ff563436L,0xf718ff29e8af51e7L,0x5234d31315e97fecL,
-        0xb6a8e2b1292f1c0aL } },
-    /* 14 << 70 */
-    { { 0xa7f53aa8327720c1L,0x956ca322ba092cc8L,0x8f03d64a28746c4dL,
-        0x51fe178266d0d392L },
-      { 0xd19b34db3c832c80L,0x60dccc5c6da2e3b4L,0x245dd62e0a104cccL,
-        0xa7ab1de1620b21fdL } },
-    /* 15 << 70 */
-    { { 0xb293ae0b3893d123L,0xf7b75783b15ee71cL,0x5aa3c61442a9468bL,
-        0xd686123cdb15d744L },
-      { 0x8c616891a7ab4116L,0x6fcd72c8a4e6a459L,0xac21911077e5fad7L,
-        0xfb6a20e7704fa46bL } },
-    /* 16 << 70 */
-    { { 0xe839be7d341d81dcL,0xcddb688932148379L,0xda6211a1f7026eadL,
-        0xf3b2575ff4d1cc5eL },
-      { 0x40cfc8f6a7a73ae6L,0x83879a5e61d5b483L,0xc5acb1ed41a50ebcL,
-        0x59a60cc83c07d8faL } },
-    /* 17 << 70 */
-    { { 0x1b73bdceb1876262L,0x2b0d79f012af4ee9L,0x8bcf3b0bd46e1d07L,
-        0x17d6af9de45d152fL },
-      { 0x735204616d736451L,0x43cbbd9756b0bf5aL,0xb0833a5bd5999b9dL,
-        0x702614f0eb72e398L } },
-    /* 18 << 70 */
-    { { 0x0aadf01a59c3e9f8L,0x40200e77ce6b3d16L,0xda22bdd3deddafadL,
-        0x76dedaf4310d72e1L },
-      { 0x49ef807c4bc2e88fL,0x6ba81291146dd5a5L,0xa1a4077a7d8d59e9L,
-        0x87b6a2e7802db349L } },
-    /* 19 << 70 */
-    { { 0xd56799971b4e598eL,0xf499ef1f06fe4b1dL,0x3978d3aefcb267c5L,
-        0xb582b557235786d0L },
-      { 0x32b3b2ca1715cb07L,0x4c3de6a28480241dL,0x63b5ffedcb571ecdL,
-        0xeaf53900ed2fe9a9L } },
-    /* 20 << 70 */
-    { { 0xdec98d4ac3b81990L,0x1cb837229e0cc8feL,0xfe0b0491d2b427b9L,
-        0x0f2386ace983a66cL },
-      { 0x930c4d1eb3291213L,0xa2f82b2e59a62ae4L,0x77233853f93e89e3L,
-        0x7f8063ac11777c7fL } },
-    /* 21 << 70 */
-    { { 0xff0eb56759ad2877L,0x6f4546429865c754L,0xe6fe701a236e9a84L,
-        0xc586ef1606e40fc3L },
-      { 0x3f62b6e024bafad9L,0xc8b42bd264da906aL,0xc98e1eb4da3276a0L,
-        0x30d0e5fc06cbf852L } },
-    /* 22 << 70 */
-    { { 0x1b6b2ae1e8b4dfd4L,0xd754d5c78301cbacL,0x66097629112a39acL,
-        0xf86b599993ba4ab9L },
-      { 0x26c9dea799f9d581L,0x0473b1a8c2fafeaaL,0x1469af553b2505a5L,
-        0x227d16d7d6a43323L } },
-    /* 23 << 70 */
-    { { 0x3316f73cad3d97f9L,0x52bf3bb51f137455L,0x953eafeb09954e7cL,
-        0xa721dfeddd732411L },
-      { 0xb4929821141d4579L,0x3411321caa3bd435L,0xafb355aa17fa6015L,
-        0xb4e7ef4a18e42f0eL } },
-    /* 24 << 70 */
-    { { 0x604ac97c59371000L,0xe1c48c707f759c18L,0x3f62ecc5a5db6b65L,
-        0x0a78b17338a21495L },
-      { 0x6be1819dbcc8ad94L,0x70dc04f6d89c3400L,0x462557b4a6b4840aL,
-        0x544c6ade60bd21c0L } },
-    /* 25 << 70 */
-    { { 0x6a00f24e907a544bL,0xa7520dcb313da210L,0xfe939b7511e4994bL,
-        0x918b6ba6bc275d70L },
-      { 0xd3e5e0fc644be892L,0x707a9816fdaf6c42L,0x60145567f15c13feL,
-        0x4818ebaae130a54aL } },
-    /* 26 << 70 */
-    { { 0x28aad3ad58d2f767L,0xdc5267fdd7e7c773L,0x4919cc88c3afcc98L,
-        0xaa2e6ab02db8cd4bL },
-      { 0xd46fec04d0c63eaaL,0xa1cb92c519ffa832L,0x678dd178e43a631fL,
-        0xfb5ae1cd3dc788b3L } },
-    /* 27 << 70 */
-    { { 0x68b4fb906e77de04L,0x7992bcf0f06dbb97L,0x896e6a13c417c01dL,
-        0x8d96332cb956be01L },
-      { 0x902fc93a413aa2b9L,0x99a4d915fc98c8a5L,0x52c29407565f1137L,
-        0x4072690f21e4f281L } },
-    /* 28 << 70 */
-    { { 0x36e607cf02ff6072L,0xa47d2ca98ad98cdcL,0xbf471d1ef5f56609L,
-        0xbcf86623f264ada0L },
-      { 0xb70c0687aa9e5cb6L,0xc98124f217401c6cL,0x8189635fd4a61435L,
-        0xd28fb8afa9d98ea6L } },
-    /* 29 << 70 */
-    { { 0xb9a67c2a40c251f8L,0x88cd5d87a2da44beL,0x437deb96e09b5423L,
-        0x150467db64287dc1L },
-      { 0xe161debbcdabb839L,0xa79e9742f1839a3eL,0xbb8dd3c2652d202bL,
-        0x7b3e67f7e9f97d96L } },
-    /* 30 << 70 */
-    { { 0x5aa5d78fb1cb6ac9L,0xffa13e8eca1d0d45L,0x369295dd2ba5bf95L,
-        0xd68bd1f839aff05eL },
-      { 0xaf0d86f926d783f2L,0x543a59b3fc3aafc1L,0x3fcf81d27b7da97cL,
-        0xc990a056d25dee46L } },
-    /* 31 << 70 */
-    { { 0x3e6775b8519cce2cL,0xfc9af71fae13d863L,0x774a4a6f47c1605cL,
-        0x46ba42452fd205e8L },
-      { 0xa06feea4d3fd524dL,0x1e7246416de1acc2L,0xf53816f1334e2b42L,
-        0x49e5918e922f0024L } },
-    /* 32 << 70 */
-    { { 0x439530b665c7322dL,0xcf12cc01b3c1b3fbL,0xc70b01860172f685L,
-        0xb915ee221b58391dL },
-      { 0x9afdf03ba317db24L,0x87dec65917b8ffc4L,0x7f46597be4d3d050L,
-        0x80a1c1ed006500e7L } },
-    /* 33 << 70 */
-    { { 0x84902a9678bf030eL,0xfb5e9c9a50560148L,0x6dae0a9263362426L,
-        0xdcaeecf4a9e30c40L },
-      { 0xc0d887bb518d0c6bL,0x99181152cb985b9dL,0xad186898ef7bc381L,
-        0x18168ffb9ee46201L } },
-    /* 34 << 70 */
-    { { 0x9a04cdaa2502753cL,0xbb279e2651407c41L,0xeacb03aaf23564e5L,
-        0x1833658271e61016L },
-      { 0x8684b8c4eb809877L,0xb336e18dea0e672eL,0xefb601f034ee5867L,
-        0x2733edbe1341cfd1L } },
-    /* 35 << 70 */
-    { { 0xb15e809a26025c3cL,0xe6e981a69350df88L,0x923762378502fd8eL,
-        0x4791f2160c12be9bL },
-      { 0xb725678925f02425L,0xec8631947a974443L,0x7c0ce882fb41cc52L,
-        0xc266ff7ef25c07f2L } },
-    /* 36 << 70 */
-    { { 0x3d4da8c3017025f3L,0xefcf628cfb9579b4L,0x5c4d00161f3716ecL,
-        0x9c27ebc46801116eL },
-      { 0x5eba0ea11da1767eL,0xfe15145247004c57L,0x3ace6df68c2373b7L,
-        0x75c3dffe5dbc37acL } },
-    /* 37 << 70 */
-    { { 0x3dc32a73ddc925fcL,0xb679c8412f65ee0bL,0x715a3295451cbfebL,
-        0xd9889768f76e9a29L },
-      { 0xec20ce7fb28ad247L,0xe99146c400894d79L,0x71457d7c9f5e3ea7L,
-        0x097b266238030031L } },
-    /* 38 << 70 */
-    { { 0xdb7f6ae6cf9f82a8L,0x319decb9438f473aL,0xa63ab386283856c3L,
-        0x13e3172fb06a361bL },
-      { 0x2959f8dc7d5a006cL,0x2dbc27c675fba752L,0xc1227ab287c22c9eL,
-        0x06f61f7571a268b2L } },
-    /* 39 << 70 */
-    { { 0x1b6bb97104779ce2L,0xaca838120aadcb1dL,0x297ae0bcaeaab2d5L,
-        0xa5c14ee75bfb9f13L },
-      { 0xaa00c583f17a62c7L,0x39eb962c173759f6L,0x1eeba1d486c9a88fL,
-        0x0ab6c37adf016c5eL } },
-    /* 40 << 70 */
-    { { 0xa2a147dba28a0749L,0x246c20d6ee519165L,0x5068d1b1d3810715L,
-        0xb1e7018c748160b9L },
-      { 0x03f5b1faf380ff62L,0xef7fb1ddf3cb2c1eL,0xeab539a8fc91a7daL,
-        0x83ddb707f3f9b561L } },
-    /* 41 << 70 */
-    { { 0xc550e211fe7df7a4L,0xa7cd07f2063f6f40L,0xb0de36352976879cL,
-        0xb5f83f85e55741daL },
-      { 0x4ea9d25ef3d8ac3dL,0x6fe2066f62819f02L,0x4ab2b9c2cef4a564L,
-        0x1e155d965ffa2de3L } },
-    /* 42 << 70 */
-    { { 0x0eb0a19bc3a72d00L,0x4037665b8513c31bL,0x2fb2b6bf04c64637L,
-        0x45c34d6e08cdc639L },
-      { 0x56f1e10ff01fd796L,0x4dfb8101fe3667b8L,0xe0eda2539021d0c0L,
-        0x7a94e9ff8a06c6abL } },
-    /* 43 << 70 */
-    { { 0x2d3bb0d9bb9aa882L,0xea20e4e5ec05fd10L,0xed7eeb5f1a1ca64eL,
-        0x2fa6b43cc6327cbdL },
-      { 0xb577e3cf3aa91121L,0x8c6bd5ea3a34079bL,0xd7e5ba3960e02fc0L,
-        0xf16dd2c390141bf8L } },
-    /* 44 << 70 */
-    { { 0xb57276d980101b98L,0x760883fdb82f0f66L,0x89d7de754bc3eff3L,
-        0x03b606435dc2ab40L },
-      { 0xcd6e53dfe05beeacL,0xf2f1e862bc3325cdL,0xdd0f7921774f03c3L,
-        0x97ca72214552cc1bL } },
-    /* 45 << 70 */
-    { { 0x5a0d6afe1cd19f72L,0xa20915dcf183fbebL,0x9fda4b40832c403cL,
-        0x32738eddbe425442L },
-      { 0x469a1df6b5eccf1aL,0x4b5aff4228bbe1f0L,0x31359d7f570dfc93L,
-        0xa18be235f0088628L } },
-    /* 46 << 70 */
-    { { 0xa5b30fbab00ed3a9L,0x34c6137473cdf8beL,0x2c5c5f46abc56797L,
-        0x5cecf93db82a8ae2L },
-      { 0x7d3dbe41a968fbf0L,0xd23d45831a5c7f3dL,0xf28f69a0c087a9c7L,
-        0xc2d75471474471caL } },
-    /* 47 << 70 */
-    { { 0x36ec9f4a4eb732ecL,0x6c943bbdb1ca6bedL,0xd64535e1f2457892L,
-        0x8b84a8eaf7e2ac06L },
-      { 0xe0936cd32499dd5fL,0x12053d7e0ed04e57L,0x4bdd0076e4305d9dL,
-        0x34a527b91f67f0a2L } },
-    /* 48 << 70 */
-    { { 0xe79a4af09cec46eaL,0xb15347a1658b9bc7L,0x6bd2796f35af2f75L,
-        0xac9579904051c435L },
-      { 0x2669dda3c33a655dL,0x5d503c2e88514aa3L,0xdfa113373753dd41L,
-        0x3f0546730b754f78L } },
-    /* 49 << 70 */
-    { { 0xbf185677496125bdL,0xfb0023c83775006cL,0xfa0f072f3a037899L,
-        0x4222b6eb0e4aea57L },
-      { 0x3dde5e767866d25aL,0xb6eb04f84837aa6fL,0x5315591a2cf1cdb8L,
-        0x6dfb4f412d4e683cL } },
-    /* 50 << 70 */
-    { { 0x7e923ea448ee1f3aL,0x9604d9f705a2afd5L,0xbe1d4a3340ea4948L,
-        0x5b45f1f4b44cbd2fL },
-      { 0x5faf83764acc757eL,0xa7cf9ab863d68ff7L,0x8ad62f69df0e404bL,
-        0xd65f33c212bdafdfL } },
-    /* 51 << 70 */
-    { { 0xc365de15a377b14eL,0x6bf5463b8e39f60cL,0x62030d2d2ce68148L,
-        0xd95867efe6f843a8L },
-      { 0xd39a0244ef5ab017L,0x0bd2d8c14ab55d12L,0xc9503db341639169L,
-        0x2d4e25b0f7660c8aL } },
-    /* 52 << 70 */
-    { { 0x760cb3b5e224c5d7L,0xfa3baf8c68616919L,0x9fbca1138d142552L,
-        0x1ab18bf17669ebf5L },
-      { 0x55e6f53e9bdf25ddL,0x04cc0bf3cb6cd154L,0x595bef4995e89080L,
-        0xfe9459a8104a9ac1L } },
-    /* 53 << 70 */
-    { { 0xad2d89cacce9bb32L,0xddea65e1f7de8285L,0x62ed8c35b351bd4bL,
-        0x4150ff360c0e19a7L },
-      { 0x86e3c801345f4e47L,0x3bf21f71203a266cL,0x7ae110d4855b1f13L,
-        0x5d6aaf6a07262517L } },
-    /* 54 << 70 */
-    { { 0x1e0f12e1813d28f1L,0x6000e11d7ad7a523L,0xc7d8deefc744a17bL,
-        0x1e990b4814c05a00L },
-      { 0x68fddaee93e976d5L,0x696241d146610d63L,0xb204e7c3893dda88L,
-        0x8bccfa656a3a6946L } },
-    /* 55 << 70 */
-    { { 0xb59425b4c5cd1411L,0x701b4042ff3658b1L,0xe3e56bca4784cf93L,
-        0x27de5f158fe68d60L },
-      { 0x4ab9cfcef8d53f19L,0xddb10311a40a730dL,0x6fa73cd14eee0a8aL,
-        0xfd5487485249719dL } },
-    /* 56 << 70 */
-    { { 0x49d66316a8123ef0L,0x73c32db4e7f95438L,0x2e2ed2090d9e7854L,
-        0xf98a93299d9f0507L },
-      { 0xc5d33cf60c6aa20aL,0x9a32ba1475279bb2L,0x7e3202cb774a7307L,
-        0x64ed4bc4e8c42dbdL } },
-    /* 57 << 70 */
-    { { 0xc20f1a06d4caed0dL,0xb8021407171d22b3L,0xd426ca04d13268d7L,
-        0x9237700725f4d126L },
-      { 0x4204cbc371f21a85L,0x18461b7af82369baL,0xc0c07d313fc858f9L,
-        0x5deb5a50e2bab569L } },
-    /* 58 << 70 */
-    { { 0xd5959d46d5eea89eL,0xfdff842408437f4bL,0xf21071e43cfe254fL,
-        0x7241769695468321L },
-      { 0x5d8288b9102cae3eL,0x2d143e3df1965dffL,0x00c9a376a078d847L,
-        0x6fc0da3126028731L } },
-    /* 59 << 70 */
-    { { 0xa2baeadfe45083a2L,0x66bc72185e5b4bcdL,0x2c826442d04b8e7fL,
-        0xc19f54516c4b586bL },
-      { 0x60182c495b7eeed5L,0xd9954ecd7aa9dfa1L,0xa403a8ecc73884adL,
-        0x7fb17de29bb39041L } },
-    /* 60 << 70 */
-    { { 0x694b64c5abb020e8L,0x3d18c18419c4eec7L,0x9c4673ef1c4793e5L,
-        0xc7b8aeb5056092e6L },
-      { 0x3aa1ca43f0f8c16bL,0x224ed5ecd679b2f6L,0x0d56eeaf55a205c9L,
-        0xbfe115ba4b8e028bL } },
-    /* 61 << 70 */
-    { { 0x97e608493927f4feL,0xf91fbf94759aa7c5L,0x985af7696be90a51L,
-        0xc1277b7878ccb823L },
-      { 0x395b656ee7a75952L,0x00df7de0928da5f5L,0x09c231754ca4454fL,
-        0x4ec971f47aa2d3c1L } },
-    /* 62 << 70 */
-    { { 0x45c3c507e75d9cccL,0x63b7be8a3dc90306L,0x37e09c665db44bdcL,
-        0x50d60da16841c6a2L },
-      { 0x6f9b65ee08df1b12L,0x387348797ff089dfL,0x9c331a663fe8013dL,
-        0x017f5de95f42fcc8L } },
-    /* 63 << 70 */
-    { { 0x43077866e8e57567L,0xc9f781cef9fcdb18L,0x38131dda9b12e174L,
-        0x25d84aa38a03752aL },
-      { 0x45e09e094d0c0ce2L,0x1564008b92bebba5L,0xf7e8ad31a87284c7L,
-        0xb7c4b46c97e7bbaaL } },
-    /* 64 << 70 */
-    { { 0x3e22a7b397acf4ecL,0x0426c4005ea8b640L,0x5e3295a64e969285L,
-        0x22aabc59a6a45670L },
-      { 0xb929714c5f5942bcL,0x9a6168bdfa3182edL,0x2216a665104152baL,
-        0x46908d03b6926368L } },
-    /* 0 << 77 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 77 */
-    { { 0xa9f5d8745a1251fbL,0x967747a8c72725c7L,0x195c33e531ffe89eL,
-        0x609d210fe964935eL },
-      { 0xcafd6ca82fe12227L,0xaf9b5b960426469dL,0x2e9ee04c5693183cL,
-        0x1084a333c8146fefL } },
-    /* 2 << 77 */
-    { { 0x96649933aed1d1f7L,0x566eaff350563090L,0x345057f0ad2e39cfL,
-        0x148ff65b1f832124L },
-      { 0x042e89d4cf94cf0dL,0x319bec84520c58b3L,0x2a2676265361aa0dL,
-        0xc86fa3028fbc87adL } },
-    /* 3 << 77 */
-    { { 0xfc83d2ab5c8b06d5L,0xb1a785a2fe4eac46L,0xb99315bc846f7779L,
-        0xcf31d816ef9ea505L },
-      { 0x2391fe6a15d7dc85L,0x2f132b04b4016b33L,0x29547fe3181cb4c7L,
-        0xdb66d8a6650155a1L } },
-    /* 4 << 77 */
-    { { 0x6b66d7e1adc1696fL,0x98ebe5930acd72d0L,0x65f24550cc1b7435L,
-        0xce231393b4b9a5ecL },
-      { 0x234a22d4db067df9L,0x98dda095caff9b00L,0x1bbc75a06100c9c1L,
-        0x1560a9c8939cf695L } },
-    /* 5 << 77 */
-    { { 0xcf006d3e99e0925fL,0x2dd74a966322375aL,0xc58b446ab56af5baL,
-        0x50292683e0b9b4f1L },
-      { 0xe2c34cb41aeaffa3L,0x8b17203f9b9587c1L,0x6d559207ead1350cL,
-        0x2b66a215fb7f9604L } },
-    /* 6 << 77 */
-    { { 0x0850325efe51bf74L,0x9c4f579e5e460094L,0x5c87b92a76da2f25L,
-        0x889de4e06febef33L },
-      { 0x6900ec06646083ceL,0xbe2a0335bfe12773L,0xadd1da35c5344110L,
-        0x757568b7b802cd20L } },
-    /* 7 << 77 */
-    { { 0x7555977900f7e6c8L,0x38e8b94f0facd2f0L,0xfea1f3af03fde375L,
-        0x5e11a1d875881dfcL },
-      { 0xb3a6b02ec1e2f2efL,0x193d2bbbc605a6c5L,0x325ffeee339a0b2dL,
-        0x27b6a7249e0c8846L } },
-    /* 8 << 77 */
-    { { 0xe4050f1cf1c367caL,0x9bc85a9bc90fbc7dL,0xa373c4a2e1a11032L,
-        0xb64232b7ad0393a9L },
-      { 0xf5577eb0167dad29L,0x1604f30194b78ab2L,0x0baa94afe829348bL,
-        0x77fbd8dd41654342L } },
-    /* 9 << 77 */
-    { { 0xdab50ea5b964e39aL,0xd4c29e3cd0d3c76eL,0x80dae67c56d11964L,
-        0x7307a8bfe5ffcc2fL },
-      { 0x65bbc1aa91708c3bL,0xa151e62c28bf0eebL,0x6cb533816fa34db7L,
-        0x5139e05ca29403a8L } },
-    /* 10 << 77 */
-    { { 0x6ff651b494a7cd2eL,0x5671ffd10699336cL,0x6f5fd2cc979a896aL,
-        0x11e893a8d8148cefL },
-      { 0x988906a165cf7b10L,0x81b67178c50d8485L,0x7c0deb358a35b3deL,
-        0x423ac855c1d29799L } },
-    /* 11 << 77 */
-    { { 0xaf580d87dac50b74L,0x28b2b89f5869734cL,0x99a3b936874e28fbL,
-        0xbb2c919025f3f73aL },
-      { 0x199f691884a9d5b7L,0x7ebe23257e770374L,0xf442e1070738efe2L,
-        0xcf9f3f56cf9082d2L } },
-    /* 12 << 77 */
-    { { 0x719f69e109618708L,0xcc9e8364c183f9b1L,0xec203a95366a21afL,
-        0x6aec5d6d068b141fL },
-      { 0xee2df78a994f04e9L,0xb39ccae8271245b0L,0xb875a4a997e43f4fL,
-        0x507dfe11db2cea98L } },
-    /* 13 << 77 */
-    { { 0x4fbf81cb489b03e9L,0xdb86ec5b6ec414faL,0xfad444f9f51b3ae5L,
-        0xca7d33d61914e3feL },
-      { 0xa9c32f5c0ae6c4d0L,0xa9ca1d1e73969568L,0x98043c311aa7467eL,
-        0xe832e75ce21b5ac6L } },
-    /* 14 << 77 */
-    { { 0x314b7aea5232123dL,0x08307c8c65ae86dbL,0x06e7165caa4668edL,
-        0xb170458bb4d3ec39L },
-      { 0x4d2e3ec6c19bb986L,0xc5f34846ae0304edL,0x917695a06c9f9722L,
-        0x6c7f73174cab1c0aL } },
-    /* 15 << 77 */
-    { { 0x6295940e9d6d2e8bL,0xd318b8c1549f7c97L,0x2245320497713885L,
-        0x468d834ba8a440feL },
-      { 0xd81fe5b2bfba796eL,0x152364db6d71f116L,0xbb8c7c59b5b66e53L,
-        0x0b12c61b2641a192L } },
-    /* 16 << 77 */
-    { { 0x31f14802fcf0a7fdL,0x42fd07895488b01eL,0x71d78d6d9952b498L,
-        0x8eb572d907ac5201L },
-      { 0xe0a2a44c4d194a88L,0xd2b63fd9ba017e66L,0x78efc6c8f888aefcL,
-        0xb76f6bda4a881a11L } },
-    /* 17 << 77 */
-    { { 0x187f314bb46c2397L,0x004cf5665ded2819L,0xa9ea570438764d34L,
-        0xbba4521778084709L },
-      { 0x064745711171121eL,0xad7b7eb1e7c9b671L,0xdacfbc40730f7507L,
-        0x178cd8c6c7ad7bd1L } },
-    /* 18 << 77 */
-    { { 0xbf0be101b2a67238L,0x3556d367af9c14f2L,0x104b7831a5662075L,
-        0x58ca59bb79d9e60aL },
-      { 0x4bc45392a569a73bL,0x517a52e85698f6c9L,0x85643da5aeadd755L,
-        0x1aed0cd52a581b84L } },
-    /* 19 << 77 */
-    { { 0xb9b4ff8480af1372L,0x244c3113f1ba5d1fL,0x2a5dacbef5f98d31L,
-        0x2c3323e84375bc2aL },
-      { 0x17a3ab4a5594b1ddL,0xa1928bfbceb4797eL,0xe83af245e4886a19L,
-        0x8979d54672b5a74aL } },
-    /* 20 << 77 */
-    { { 0xa0f726bc19f9e967L,0xd9d03152e8fbbf4eL,0xcfd6f51db7707d40L,
-        0x633084d963f6e6e0L },
-      { 0xedcd9cdc55667eafL,0x73b7f92b2e44d56fL,0xfb2e39b64e962b14L,
-        0x7d408f6ef671fcbfL } },
-    /* 21 << 77 */
-    { { 0xcc634ddc164a89bbL,0x74a42bb23ef3bd05L,0x1280dbb2428decbbL,
-        0x6103f6bb402c8596L },
-      { 0xfa2bf581355a5752L,0x562f96a800946674L,0x4e4ca16d6da0223bL,
-        0xfe47819f28d3aa25L } },
-    /* 22 << 77 */
-    { { 0x9eea3075f8dfcf8aL,0xa284f0aa95669825L,0xb3fca250867d3fd8L,
-        0x20757b5f269d691eL },
-      { 0xf2c2402093b8a5deL,0xd3f93359ebc06da6L,0x1178293eb2739c33L,
-        0xd2a3e770bcd686e5L } },
-    /* 23 << 77 */
-    { { 0xa76f49f4cd941534L,0x0d37406be3c71c0eL,0x172d93973b97f7e3L,
-        0xec17e239bd7fd0deL },
-      { 0xe32905516f496ba2L,0x6a69317236ad50e7L,0xc4e539a283e7eff5L,
-        0x752737e718e1b4cfL } },
-    /* 24 << 77 */
-    { { 0xa2f7932c68af43eeL,0x5502468e703d00bdL,0xe5dc978f2fb061f5L,
-        0xc9a1904a28c815adL },
-      { 0xd3af538d470c56a4L,0x159abc5f193d8cedL,0x2a37245f20108ef3L,
-        0xfa17081e223f7178L } },
-    /* 25 << 77 */
-    { { 0x27b0fb2b10c8c0f5L,0x2102c3ea40650547L,0x594564df8ac3bfa7L,
-        0x98102033509dad96L },
-      { 0x6989643ff1d18a13L,0x35eebd91d7fc5af0L,0x078d096afaeaafd8L,
-        0xb7a89341def3de98L } },
-    /* 26 << 77 */
-    { { 0x2a206e8decf2a73aL,0x066a63978e551994L,0x3a6a088ab98d53a2L,
-        0x0ce7c67c2d1124aaL },
-      { 0x48cec671759a113cL,0xe3b373d34f6f67faL,0x5455d479fd36727bL,
-        0xe5a428eea13c0d81L } },
-    /* 27 << 77 */
-    { { 0xb853dbc81c86682bL,0xb78d2727b8d02b2aL,0xaaf69bed8ebc329aL,
-        0xdb6b40b3293b2148L },
-      { 0xe42ea77db8c4961fL,0xb1a12f7c20e5e0abL,0xa0ec527479e8b05eL,
-        0x68027391fab60a80L } },
-    /* 28 << 77 */
-    { { 0x6bfeea5f16b1bd5eL,0xf957e4204de30ad3L,0xcbaf664e6a353b9eL,
-        0x5c87331226d14febL },
-      { 0x4e87f98cb65f57cbL,0xdb60a6215e0cdd41L,0x67c16865a6881440L,
-        0x1093ef1a46ab52aaL } },
-    /* 29 << 77 */
-    { { 0xc095afb53f4ece64L,0x6a6bb02e7604551aL,0x55d44b4e0b26b8cdL,
-        0xe5f9a999f971268aL },
-      { 0xc08ec42511a7de84L,0x83568095fda469ddL,0x737bfba16c6c90a2L,
-        0x1cb9c4a0be229831L } },
-    /* 30 << 77 */
-    { { 0x93bccbbabb2eec64L,0xa0c23b64da03adbeL,0x5f7aa00ae0e86ac4L,
-        0x470b941efc1401e6L },
-      { 0x5ad8d6799df43574L,0x4ccfb8a90f65d810L,0x1bce80e3aa7fbd81L,
-        0x273291ad9508d20aL } },
-    /* 31 << 77 */
-    { { 0xf5c4b46b42a92806L,0x810684eca86ab44aL,0x4591640bca0bc9f8L,
-        0xb5efcdfc5c4b6054L },
-      { 0x16fc89076e9edd12L,0xe29d0b50d4d792f9L,0xa45fd01c9b03116dL,
-        0x85035235c81765a4L } },
-    /* 32 << 77 */
-    { { 0x1fe2a9b2b4b4b67cL,0xc1d10df0e8020604L,0x9d64abfcbc8058d8L,
-        0x8943b9b2712a0fbbL },
-      { 0x90eed9143b3def04L,0x85ab3aa24ce775ffL,0x605fd4ca7bbc9040L,
-        0x8b34a564e2c75dfbL } },
-    /* 33 << 77 */
-    { { 0x41ffc94a10358560L,0x2d8a50729e5c28aaL,0xe915a0fc4cc7eb15L,
-        0xe9efab058f6d0f5dL },
-      { 0xdbab47a9d19e9b91L,0x8cfed7450276154cL,0x154357ae2cfede0dL,
-        0x520630df19f5a4efL } },
-    /* 34 << 77 */
-    { { 0x25759f7ce382360fL,0xb6db05c988bf5857L,0x2917d61d6c58d46cL,
-        0x14f8e491fd20cb7aL },
-      { 0xb68a727a11c20340L,0x0386f86faf7ccbb6L,0x5c8bc6ccfee09a20L,
-        0x7d76ff4abb7eea35L } },
-    /* 35 << 77 */
-    { { 0xa7bdebe7db15be7aL,0x67a08054d89f0302L,0x56bf0ea9c1193364L,
-        0xc824446762837ebeL },
-      { 0x32bd8e8b20d841b8L,0x127a0548dbb8a54fL,0x83dd4ca663b20236L,
-        0x87714718203491faL } },
-    /* 36 << 77 */
-    { { 0x4dabcaaaaa8a5288L,0x91cc0c8aaf23a1c9L,0x34c72c6a3f220e0cL,
-        0xbcc20bdf1232144aL },
-      { 0x6e2f42daa20ede1bL,0xc441f00c74a00515L,0xbf46a5b6734b8c4bL,
-        0x574095037b56c9a4L } },
-    /* 37 << 77 */
-    { { 0x9f735261e4585d45L,0x9231faed6734e642L,0x1158a176be70ee6cL,
-        0x35f1068d7c3501bfL },
-      { 0x6beef900a2d26115L,0x649406f2ef0afee3L,0x3f43a60abc2420a1L,
-        0x509002a7d5aee4acL } },
-    /* 38 << 77 */
-    { { 0xb46836a53ff3571bL,0x24f98b78837927c1L,0x6254256a4533c716L,
-        0xf27abb0bd07ee196L },
-      { 0xd7cf64fc5c6d5bfdL,0x6915c751f0cd7a77L,0xd9f590128798f534L,
-        0x772b0da8f81d8b5fL } },
-    /* 39 << 77 */
-    { { 0x1244260c2e03fa69L,0x36cf0e3a3be1a374L,0x6e7c1633ef06b960L,
-        0xa71a4c55671f90f6L },
-      { 0x7a94125133c673dbL,0xc0bea51073e8c131L,0x61a8a699d4f6c734L,
-        0x25e78c88341ed001L } },
-    /* 40 << 77 */
-    { { 0x5c18acf88e2f7d90L,0xfdbf33d777be32cdL,0x0a085cd7d2eb5ee9L,
-        0x2d702cfbb3201115L },
-      { 0xb6e0ebdb85c88ce8L,0x23a3ce3c1e01d617L,0x3041618e567333acL,
-        0x9dd0fd8f157edb6bL } },
-    /* 41 << 77 */
-    { { 0x27f74702b57872b8L,0x2ef26b4f657d5fe1L,0x95426f0a57cf3d40L,
-        0x847e2ad165a6067aL },
-      { 0xd474d9a009996a74L,0x16a56acd2a26115cL,0x02a615c3d16f4d43L,
-        0xcc3fc965aadb85b7L } },
-    /* 42 << 77 */
-    { { 0x386bda73ce07d1b0L,0xd82910c258ad4178L,0x124f82cfcd2617f4L,
-        0xcc2f5e8def691770L },
-      { 0x82702550b8c30cccL,0x7b856aea1a8e575aL,0xbb822fefb1ab9459L,
-        0x085928bcec24e38eL } },
-    /* 43 << 77 */
-    { { 0x5d0402ecba8f4b4dL,0xc07cd4ba00b4d58bL,0x5d8dffd529227e7aL,
-        0x61d44d0c31bf386fL },
-      { 0xe486dc2b135e6f4dL,0x680962ebe79410efL,0xa61bd343f10088b5L,
-        0x6aa76076e2e28686L } },
-    /* 44 << 77 */
-    { { 0x80463d118fb98871L,0xcb26f5c3bbc76affL,0xd4ab8eddfbe03614L,
-        0xc8eb579bc0cf2deeL },
-      { 0xcc004c15c93bae41L,0x46fbae5d3aeca3b2L,0x671235cf0f1e9ab1L,
-        0xadfba9349ec285c1L } },
-    /* 45 << 77 */
-    { { 0x88ded013f216c980L,0xc8ac4fb8f79e0bc1L,0xa29b89c6fb97a237L,
-        0xb697b7809922d8e7L },
-      { 0x3142c639ddb945b5L,0x447b06c7e094c3a9L,0xcdcb364272266c90L,
-        0x633aad08a9385046L } },
-    /* 46 << 77 */
-    { { 0xa36c936bb57c6477L,0x871f8b64e94dbcc6L,0x28d0fb62a591a67bL,
-        0x9d40e081c1d926f5L },
-      { 0x3111eaf6f2d84b5aL,0x228993f9a565b644L,0x0ccbf5922c83188bL,
-        0xf87b30ab3df3e197L } },
-    /* 47 << 77 */
-    { { 0xb8658b317642bca8L,0x1a032d7f52800f17L,0x051dcae579bf9445L,
-        0xeba6b8ee54a2e253L },
-      { 0x5c8b9cadd4485692L,0x84bda40e8986e9beL,0xd16d16a42f0db448L,
-        0x8ec80050a14d4188L } },
-    /* 48 << 77 */
-    { { 0xb2b2610798fa7aaaL,0x41209ee4f073aa4eL,0xf1570359f2d6b19bL,
-        0xcbe6868cfc577cafL },
-      { 0x186c4bdc32c04dd3L,0xa6c35faecfeee397L,0xb4a1b312f086c0cfL,
-        0xe0a5ccc6d9461fe2L } },
-    /* 49 << 77 */
-    { { 0xc32278aa1536189fL,0x1126c55fba6df571L,0x0f71a602b194560eL,
-        0x8b2d7405324bd6e1L },
-      { 0x8481939e3738be71L,0xb5090b1a1a4d97a9L,0x116c65a3f05ba915L,
-        0x21863ad3aae448aaL } },
-    /* 50 << 77 */
-    { { 0xd24e2679a7aae5d3L,0x7076013d0de5c1c4L,0x2d50f8babb05b629L,
-        0x73c1abe26e66efbbL },
-      { 0xefd4b422f2488af7L,0xe4105d02663ba575L,0x7eb60a8b53a69457L,
-        0x62210008c945973bL } },
-    /* 51 << 77 */
-    { { 0xfb25547877a50ec6L,0xbf0392f70a37a72cL,0xa0a7a19c4be18e7aL,
-        0x90d8ea1625b1e0afL },
-      { 0x7582a293ef953f57L,0x90a64d05bdc5465aL,0xca79c497e2510717L,
-        0x560dbb7c18cb641fL } },
-    /* 52 << 77 */
-    { { 0x1d8e32864b66abfbL,0xd26f52e559030900L,0x1ee3f6435584941aL,
-        0x6d3b3730569f5958L },
-      { 0x9ff2a62f4789dba5L,0x91fcb81572b5c9b7L,0xf446cb7d6c8f9a0eL,
-        0x48f625c139b7ecb5L } },
-    /* 53 << 77 */
-    { { 0xbabae8011c6219b8L,0xe7a562d928ac2f23L,0xe1b4873226e20588L,
-        0x06ee1cad775af051L },
-      { 0xda29ae43faff79f7L,0xc141a412652ee9e0L,0x1e127f6f195f4bd0L,
-        0x29c6ab4f072f34f8L } },
-    /* 54 << 77 */
-    { { 0x7b7c147730448112L,0x82b51af1e4a38656L,0x2bf2028a2f315010L,
-        0xc9a4a01f6ea88cd4L },
-      { 0xf63e95d8257e5818L,0xdd8efa10b4519b16L,0xed8973e00da910bfL,
-        0xed49d0775c0fe4a9L } },
-    /* 55 << 77 */
-    { { 0xac3aac5eb7caee1eL,0x1033898da7f4da57L,0x42145c0e5c6669b9L,
-        0x42daa688c1aa2aa0L },
-      { 0x629cc15c1a1d885aL,0x25572ec0f4b76817L,0x8312e4359c8f8f28L,
-        0x8107f8cd81965490L } },
-    /* 56 << 77 */
-    { { 0x516ff3a36fa6110cL,0x74fb1eb1fb93561fL,0x6c0c90478457522bL,
-        0xcfd321046bb8bdc6L },
-      { 0x2d6884a2cc80ad57L,0x7c27fc3586a9b637L,0x3461baedadf4e8cdL,
-        0x1d56251a617242f0L } },
-    /* 57 << 77 */
-    { { 0x0b80d209c955bef4L,0xdf02cad206adb047L,0xf0d7cb915ec74feeL,
-        0xd25033751111ba44L },
-      { 0x9671755edf53cb36L,0x54dcb6123368551bL,0x66d69aacc8a025a4L,
-        0x6be946c6e77ef445L } },
-    /* 58 << 77 */
-    { { 0x719946d1a995e094L,0x65e848f6e51e04d8L,0xe62f33006a1e3113L,
-        0x1541c7c1501de503L },
-      { 0x4daac9faf4acfadeL,0x0e58589744cd0b71L,0x544fd8690a51cd77L,
-        0x60fc20ed0031016dL } },
-    /* 59 << 77 */
-    { { 0x58b404eca4276867L,0x46f6c3cc34f34993L,0x477ca007c636e5bdL,
-        0x8018f5e57c458b47L },
-      { 0xa1202270e47b668fL,0xcef48ccdee14f203L,0x23f98bae62ff9b4dL,
-        0x55acc035c589edddL } },
-    /* 60 << 77 */
-    { { 0x3fe712af64db4444L,0x19e9d634becdd480L,0xe08bc047a930978aL,
-        0x2dbf24eca1280733L },
-      { 0x3c0ae38c2cd706b2L,0x5b012a5b359017b9L,0x3943c38c72e0f5aeL,
-        0x786167ea57176fa3L } },
-    /* 61 << 77 */
-    { { 0xe5f9897d594881dcL,0x6b5efad8cfb820c1L,0xb2179093d55018deL,
-        0x39ad7d320bac56ceL },
-      { 0xb55122e02cfc0e81L,0x117c4661f6d89daaL,0x362d01e1cb64fa09L,
-        0x6a309b4e3e9c4dddL } },
-    /* 62 << 77 */
-    { { 0xfa979fb7abea49b1L,0xb4b1d27d10e2c6c5L,0xbd61c2c423afde7aL,
-        0xeb6614f89786d358L },
-      { 0x4a5d816b7f6f7459L,0xe431a44f09360e7bL,0x8c27a032c309914cL,
-        0xcea5d68acaede3d8L } },
-    /* 63 << 77 */
-    { { 0x3668f6653a0a3f95L,0x893694167ceba27bL,0x89981fade4728fe9L,
-        0x7102c8a08a093562L },
-      { 0xbb80310e235d21c8L,0x505e55d1befb7f7bL,0xa0a9081112958a67L,
-        0xd67e106a4d851fefL } },
-    /* 64 << 77 */
-    { { 0xb84011a9431dd80eL,0xeb7c7cca73306cd9L,0x20fadd29d1b3b730L,
-        0x83858b5bfe37b3d3L },
-      { 0xbf4cd193b6251d5cL,0x1cca1fd31352d952L,0xc66157a490fbc051L,
-        0x7990a63889b98636L } },
-    /* 0 << 84 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 84 */
-    { { 0xe5aa692a87dec0e1L,0x010ded8df7b39d00L,0x7b1b80c854cfa0b5L,
-        0x66beb876a0f8ea28L },
-      { 0x50d7f5313476cd0eL,0xa63d0e65b08d3949L,0x1a09eea953479fc6L,
-        0x82ae9891f499e742L } },
-    /* 2 << 84 */
-    { { 0xab58b9105ca7d866L,0x582967e23adb3b34L,0x89ae4447cceac0bcL,
-        0x919c667c7bf56af5L },
-      { 0x9aec17b160f5dcd7L,0xec697b9fddcaadbcL,0x0b98f341463467f5L,
-        0xb187f1f7a967132fL } },
-    /* 3 << 84 */
-    { { 0x90fe7a1d214aeb18L,0x1506af3c741432f7L,0xbb5565f9e591a0c4L,
-        0x10d41a77b44f1bc3L },
-      { 0xa09d65e4a84bde96L,0x42f060d8f20a6a1cL,0x652a3bfdf27f9ce7L,
-        0xb6bdb65c3b3d739fL } },
-    /* 4 << 84 */
-    { { 0xeb5ddcb6ec7fae9fL,0x995f2714efb66e5aL,0xdee95d8e69445d52L,
-        0x1b6c2d4609e27620L },
-      { 0x32621c318129d716L,0xb03909f10958c1aaL,0x8c468ef91af4af63L,
-        0x162c429ffba5cdf6L } },
-    /* 5 << 84 */
-    { { 0x2f682343753b9371L,0x29cab45a5f1f9cd7L,0x571623abb245db96L,
-        0xc507db093fd79999L },
-      { 0x4e2ef652af036c32L,0x86f0cc7805018e5cL,0xc10a73d4ab8be350L,
-        0x6519b3977e826327L } },
-    /* 6 << 84 */
-    { { 0xe8cb5eef9c053df7L,0x8de25b37b300ea6fL,0xdb03fa92c849cffbL,
-        0x242e43a7e84169bbL },
-      { 0xe4fa51f4dd6f958eL,0x6925a77ff4445a8dL,0xe6e72a50e90d8949L,
-        0xc66648e32b1f6390L } },
-    /* 7 << 84 */
-    { { 0xb2ab1957173e460cL,0x1bbbce7530704590L,0xc0a90dbddb1c7162L,
-        0x505e399e15cdd65dL },
-      { 0x68434dcb57797ab7L,0x60ad35ba6a2ca8e8L,0x4bfdb1e0de3336c1L,
-        0xbbef99ebd8b39015L } },
-    /* 8 << 84 */
-    { { 0x6c3b96f31711ebecL,0x2da40f1fce98fdc4L,0xb99774d357b4411fL,
-        0x87c8bdf415b65bb6L },
-      { 0xda3a89e3c2eef12dL,0xde95bb9b3c7471f3L,0x600f225bd812c594L,
-        0x54907c5d2b75a56bL } },
-    /* 9 << 84 */
-    { { 0xa93cc5f08db60e35L,0x743e3cd6fa833319L,0x7dad5c41f81683c9L,
-        0x70c1e7d99c34107eL },
-      { 0x0edc4a39a6be0907L,0x36d4703586d0b7d3L,0x8c76da03272bfa60L,
-        0x0b4a07ea0f08a414L } },
-    /* 10 << 84 */
-    { { 0x699e4d2945c1dd53L,0xcadc5898231debb5L,0xdf49fcc7a77f00e0L,
-        0x93057bbfa73e5a0eL },
-      { 0x2f8b7ecd027a4cd1L,0x114734b3c614011aL,0xe7a01db767677c68L,
-        0x89d9be5e7e273f4fL } },
-    /* 11 << 84 */
-    { { 0xd225cb2e089808efL,0xf1f7a27dd59e4107L,0x53afc7618211b9c9L,
-        0x0361bc67e6819159L },
-      { 0x2a865d0b7f071426L,0x6a3c1810e7072567L,0x3e3bca1e0d6bcabdL,
-        0xa1b02bc1408591bcL } },
-    /* 12 << 84 */
-    { { 0xe0deee5931fba239L,0xf47424d398bd91d1L,0x0f8886f4071a3c1dL,
-        0x3f7d41e8a819233bL },
-      { 0x708623c2cf6eb998L,0x86bb49af609a287fL,0x942bb24963c90762L,
-        0x0ef6eea555a9654bL } },
-    /* 13 << 84 */
-    { { 0x5f6d2d7236f5defeL,0xfa9922dc56f99176L,0x6c8c5ecef78ce0c7L,
-        0x7b44589dbe09b55eL },
-      { 0xe11b3bca9ea83770L,0xd7fa2c7f2ab71547L,0x2a3dd6fa2a1ddcc0L,
-        0x09acb4305a7b7707L } },
-    /* 14 << 84 */
-    { { 0x4add4a2e649d4e57L,0xcd53a2b01917526eL,0xc526233020b44ac4L,
-        0x4028746abaa2c31dL },
-      { 0x5131839064291d4cL,0xbf48f151ee5ad909L,0xcce57f597b185681L,
-        0x7c3ac1b04854d442L } },
-    /* 15 << 84 */
-    { { 0x65587dc3c093c171L,0xae7acb2424f42b65L,0x5a338adb955996cbL,
-        0xc8e656756051f91bL },
-      { 0x66711fba28b8d0b1L,0x15d74137b6c10a90L,0x70cdd7eb3a232a80L,
-        0xc9e2f07f6191ed24L } },
-    /* 16 << 84 */
-    { { 0xa80d1db6f79588c0L,0xfa52fc69b55768ccL,0x0b4df1ae7f54438aL,
-        0x0cadd1a7f9b46a4fL },
-      { 0xb40ea6b31803dd6fL,0x488e4fa555eaae35L,0x9f047d55382e4e16L,
-        0xc9b5b7e02f6e0c98L } },
-    /* 17 << 84 */
-    { { 0x6b1bd2d395762649L,0xa9604ee7c7aea3f6L,0x3646ff276dc6f896L,
-        0x9bf0e7f52860bad1L },
-      { 0x2d92c8217cb44b92L,0xa2f5ce63aea9c182L,0xd0a2afb19154a5fdL,
-        0x482e474c95801da6L } },
-    /* 18 << 84 */
-    { { 0xc19972d0b611c24bL,0x1d468e6560a8f351L,0xeb7580697bcf6421L,
-        0xec9dd0ee88fbc491L },
-      { 0x5b59d2bf956c2e32L,0x73dc6864dcddf94eL,0xfd5e2321bcee7665L,
-        0xa7b4f8ef5e9a06c4L } },
-    /* 19 << 84 */
-    { { 0xfba918dd7280f855L,0xbbaac2608baec688L,0xa3b3f00f33400f42L,
-        0x3d2dba2966f2e6e4L },
-      { 0xb6f71a9498509375L,0x8f33031fcea423ccL,0x009b8dd04807e6fbL,
-        0x5163cfe55cdb954cL } },
-    /* 20 << 84 */
-    { { 0x03cc8f17cf41c6e8L,0xf1f03c2a037b925cL,0xc39c19cc66d2427cL,
-        0x823d24ba7b6c18e4L },
-      { 0x32ef9013901f0b4fL,0x684360f1f8941c2eL,0x0ebaff522c28092eL,
-        0x7891e4e3256c932fL } },
-    /* 21 << 84 */
-    { { 0x51264319ac445e3dL,0x553432e78ea74381L,0xe6eeaa6967e9c50aL,
-        0x27ced28462e628c7L },
-      { 0x3f96d3757a4afa57L,0xde0a14c3e484c150L,0x364a24eb38bd9923L,
-        0x1df18da0e5177422L } },
-    /* 22 << 84 */
-    { { 0x174e8f82d8d38a9bL,0x2e97c600e7de1391L,0xc5709850a1c175ddL,
-        0x969041a032ae5035L },
-      { 0xcbfd533b76a2086bL,0xd6bba71bd7c2e8feL,0xb2d58ee6099dfb67L,
-        0x3a8b342d064a85d9L } },
-    /* 23 << 84 */
-    { { 0x3bc07649522f9be3L,0x690c075bdf1f49a8L,0x80e1aee83854ec42L,
-        0x2a7dbf4417689dc7L },
-      { 0xc004fc0e3faf4078L,0xb2f02e9edf11862cL,0xf10a5e0fa0a1b7b3L,
-        0x30aca6238936ec80L } },
-    /* 24 << 84 */
-    { { 0xf83cbf0502f40d9aL,0x4681c4682c318a4dL,0x985756180e9c2674L,
-        0xbe79d0461847092eL },
-      { 0xaf1e480a78bd01e0L,0x6dd359e472a51db9L,0x62ce3821e3afbab6L,
-        0xc5cee5b617733199L } },
-    /* 25 << 84 */
-    { { 0xe08b30d46ffd9fbbL,0x6e5bc69936c610b7L,0xf343cff29ce262cfL,
-        0xca2e4e3568b914c1L },
-      { 0x011d64c016de36c5L,0xe0b10fdd42e2b829L,0x789429816685aaf8L,
-        0xe7511708230ede97L } },
-    /* 26 << 84 */
-    { { 0x671ed8fc3b922bf8L,0xe4d8c0a04c29b133L,0x87eb12393b6e99c4L,
-        0xaff3974c8793bebaL },
-      { 0x037494052c18df9bL,0xc5c3a29391007139L,0x6a77234fe37a0b95L,
-        0x02c29a21b661c96bL } },
-    /* 27 << 84 */
-    { { 0xc3aaf1d6141ecf61L,0x9195509e3bb22f53L,0x2959740422d51357L,
-        0x1b083822537bed60L },
-      { 0xcd7d6e35e07289f0L,0x1f94c48c6dd86effL,0xc8bb1f82eb0f9cfaL,
-        0x9ee0b7e61b2eb97dL } },
-    /* 28 << 84 */
-    { { 0x5a52fe2e34d74e31L,0xa352c3103bf79ab6L,0x97ff6c5aabfeeb8fL,
-        0xbfbe8feff5c97305L },
-      { 0xd6081ce6a7904608L,0x1f812f3ac4fca249L,0x9b24bc9ab9e5e200L,
-        0x91022c6738012ee8L } },
-    /* 29 << 84 */
-    { { 0xe83d9c5d30a713a1L,0x4876e3f084ef0f93L,0xc9777029c1fbf928L,
-        0xef7a6bb3bce7d2a4L },
-      { 0xb8067228dfa2a659L,0xd5cd3398d877a48fL,0xbea4fd8f025d0f3fL,
-        0xd67d2e352eae7c2bL } },
-    /* 30 << 84 */
-    { { 0x184de7d7cc5f4394L,0xb5551b5c4536e142L,0x2e89b212d34aa60aL,
-        0x14a96feaf50051d5L },
-      { 0x4e21ef740d12bb0bL,0xc522f02060b9677eL,0x8b12e4672df7731dL,
-        0x39f803827b326d31L } },
-    /* 31 << 84 */
-    { { 0xdfb8630c39024a94L,0xaacb96a897319452L,0xd68a3961eda3867cL,
-        0x0c58e2b077c4ffcaL },
-      { 0x3d545d634da919faL,0xef79b69af15e2289L,0x54bc3d3d808bab10L,
-        0xc8ab300745f82c37L } },
-    /* 32 << 84 */
-    { { 0xc12738b67c4a658aL,0xb3c4763940e72182L,0x3b77be468798e44fL,
-        0xdc047df217a7f85fL },
-      { 0x2439d4c55e59d92dL,0xcedca475e8e64d8dL,0xa724cd0d87ca9b16L,
-        0x35e4fd59a5540dfeL } },
-    /* 33 << 84 */
-    { { 0xf8c1ff18e4bcf6b1L,0x856d6285295018faL,0x433f665c3263c949L,
-        0xa6a76dd6a1f21409L },
-      { 0x17d32334cc7b4f79L,0xa1d0312206720e4aL,0xadb6661d81d9bed5L,
-        0xf0d6fb0211db15d1L } },
-    /* 34 << 84 */
-    { { 0x7fd11ad51fb747d2L,0xab50f9593033762bL,0x2a7e711bfbefaf5aL,
-        0xc73932783fef2bbfL },
-      { 0xe29fa2440df6f9beL,0x9092757b71efd215L,0xee60e3114f3d6fd9L,
-        0x338542d40acfb78bL } },
-    /* 35 << 84 */
-    { { 0x44a23f0838961a0fL,0x1426eade986987caL,0x36e6ee2e4a863cc6L,
-        0x48059420628b8b79L },
-      { 0x30303ad87396e1deL,0x5c8bdc4838c5aad1L,0x3e40e11f5c8f5066L,
-        0xabd6e7688d246bbdL } },
-    /* 36 << 84 */
-    { { 0x68aa40bb23330a01L,0xd23f5ee4c34eafa0L,0x3bbee3155de02c21L,
-        0x18dd4397d1d8dd06L },
-      { 0x3ba1939a122d7b44L,0xe6d3b40aa33870d6L,0x8e620f701c4fe3f8L,
-        0xf6bba1a5d3a50cbfL } },
-    /* 37 << 84 */
-    { { 0x4a78bde5cfc0aee0L,0x847edc46c08c50bdL,0xbaa2439cad63c9b2L,
-        0xceb4a72810fc2acbL },
-      { 0xa419e40e26da033dL,0x6cc3889d03e02683L,0x1cd28559fdccf725L,
-        0x0fd7e0f18d13d208L } },
-    /* 38 << 84 */
-    { { 0x01b9733b1f0df9d4L,0x8cc2c5f3a2b5e4f3L,0x43053bfa3a304fd4L,
-        0x8e87665c0a9f1aa7L },
-      { 0x087f29ecd73dc965L,0x15ace4553e9023dbL,0x2370e3092bce28b4L,
-        0xf9723442b6b1e84aL } },
-    /* 39 << 84 */
-    { { 0xbeee662eb72d9f26L,0xb19396def0e47109L,0x85b1fa73e13289d0L,
-        0x436cf77e54e58e32L },
-      { 0x0ec833b3e990ef77L,0x7373e3ed1b11fc25L,0xbe0eda870fc332ceL,
-        0xced049708d7ea856L } },
-    /* 40 << 84 */
-    { { 0xf85ff7857e977ca0L,0xb66ee8dadfdd5d2bL,0xf5e37950905af461L,
-        0x587b9090966d487cL },
-      { 0x6a198a1b32ba0127L,0xa7720e07141615acL,0xa23f3499996ef2f2L,
-        0xef5f64b4470bcb3dL } },
-    /* 41 << 84 */
-    { { 0xa526a96292b8c559L,0x0c14aac069740a0fL,0x0d41a9e3a6bdc0a5L,
-        0x97d521069c48aef4L },
-      { 0xcf16bd303e7c253bL,0xcc834b1a47fdedc1L,0x7362c6e5373aab2eL,
-        0x264ed85ec5f590ffL } },
-    /* 42 << 84 */
-    { { 0x7a46d9c066d41870L,0xa50c20b14787ba09L,0x185e7e51e3d44635L,
-        0xb3b3e08031e2d8dcL },
-      { 0xbed1e558a179e9d9L,0x2daa3f7974a76781L,0x4372baf23a40864fL,
-        0x46900c544fe75cb5L } },
-    /* 43 << 84 */
-    { { 0xb95f171ef76765d0L,0x4ad726d295c87502L,0x2ec769da4d7c99bdL,
-        0x5e2ddd19c36cdfa8L },
-      { 0xc22117fca93e6deaL,0xe8a2583b93771123L,0xbe2f6089fa08a3a2L,
-        0x4809d5ed8f0e1112L } },
-    /* 44 << 84 */
-    { { 0x3b414aa3da7a095eL,0x9049acf126f5aaddL,0x78d46a4d6be8b84aL,
-        0xd66b1963b732b9b3L },
-      { 0x5c2ac2a0de6e9555L,0xcf52d098b5bd8770L,0x15a15fa60fd28921L,
-        0x56ccb81e8b27536dL } },
-    /* 45 << 84 */
-    { { 0x0f0d8ab89f4ccbb8L,0xed5f44d2db221729L,0x4314198800bed10cL,
-        0xc94348a41d735b8bL },
-      { 0x79f3e9c429ef8479L,0x4c13a4e3614c693fL,0x32c9af568e143a14L,
-        0xbc517799e29ac5c4L } },
-    /* 46 << 84 */
-    { { 0x05e179922774856fL,0x6e52fb056c1bf55fL,0xaeda4225e4f19e16L,
-        0x70f4728aaf5ccb26L },
-      { 0x5d2118d1b2947f22L,0xc827ea16281d6fb9L,0x8412328d8cf0eabdL,
-        0x45ee9fb203ef9dcfL } },
-    /* 47 << 84 */
-    { { 0x8e700421bb937d63L,0xdf8ff2d5cc4b37a6L,0xa4c0d5b25ced7b68L,
-        0x6537c1efc7308f59L },
-      { 0x25ce6a263b37f8e8L,0x170e9a9bdeebc6ceL,0xdd0379528728d72cL,
-        0x445b0e55850154bcL } },
-    /* 48 << 84 */
-    { { 0x4b7d0e0683a7337bL,0x1e3416d4ffecf249L,0x24840eff66a2b71fL,
-        0xd0d9a50ab37cc26dL },
-      { 0xe21981506fe28ef7L,0x3cc5ef1623324c7fL,0x220f3455769b5263L,
-        0xe2ade2f1a10bf475L } },
-    /* 49 << 84 */
-    { { 0x28cd20fa458d3671L,0x1549722c2dc4847bL,0x6dd01e55591941e3L,
-        0x0e6fbcea27128ccbL },
-      { 0xae1a1e6b3bef0262L,0xfa8c472c8f54e103L,0x7539c0a872c052ecL,
-        0xd7b273695a3490e9L } },
-    /* 50 << 84 */
-    { { 0x143fe1f171684349L,0x36b4722e32e19b97L,0xdc05922790980affL,
-        0x175c9c889e13d674L },
-      { 0xa7de5b226e6bfdb1L,0x5ea5b7b2bedb4b46L,0xd5570191d34a6e44L,
-        0xfcf60d2ea24ff7e6L } },
-    /* 51 << 84 */
-    { { 0x614a392d677819e1L,0x7be74c7eaa5a29e8L,0xab50fece63c85f3fL,
-        0xaca2e2a946cab337L },
-      { 0x7f700388122a6fe3L,0xdb69f703882a04a8L,0x9a77935dcf7aed57L,
-        0xdf16207c8d91c86fL } },
-    /* 52 << 84 */
-    { { 0x2fca49ab63ed9998L,0xa3125c44a77ddf96L,0x05dd8a8624344072L,
-        0xa023dda2fec3fb56L },
-      { 0x421b41fc0c743032L,0x4f2120c15e438639L,0xfb7cae51c83c1b07L,
-        0xb2370caacac2171aL } },
-    /* 53 << 84 */
-    { { 0x2eb2d9626cc820fbL,0x59feee5cb85a44bfL,0x94620fca5b6598f0L,
-        0x6b922cae7e314051L },
-      { 0xff8745ad106bed4eL,0x546e71f5dfa1e9abL,0x935c1e481ec29487L,
-        0x9509216c4d936530L } },
-    /* 54 << 84 */
-    { { 0xc7ca306785c9a2dbL,0xd6ae51526be8606fL,0x09dbcae6e14c651dL,
-        0xc9536e239bc32f96L },
-      { 0xa90535a934521b03L,0xf39c526c878756ffL,0x383172ec8aedf03cL,
-        0x20a8075eefe0c034L } },
-    /* 55 << 84 */
-    { { 0xf22f9c6264026422L,0x8dd1078024b9d076L,0x944c742a3bef2950L,
-        0x55b9502e88a2b00bL },
-      { 0xa59e14b486a09817L,0xa39dd3ac47bb4071L,0x55137f663be0592fL,
-        0x07fcafd4c9e63f5bL } },
-    /* 56 << 84 */
-    { { 0x963652ee346eb226L,0x7dfab085ec2facb7L,0x273bf2b8691add26L,
-        0x30d74540f2b46c44L },
-      { 0x05e8e73ef2c2d065L,0xff9b8a00d42eeac9L,0x2fcbd20597209d22L,
-        0xeb740ffade14ea2cL } },
-    /* 57 << 84 */
-    { { 0xc71ff913a8aef518L,0x7bfc74bbfff4cfa2L,0x1716680cb6b36048L,
-        0x121b2cce9ef79af1L },
-      { 0xbff3c836a01eb3d3L,0x50eb1c6a5f79077bL,0xa48c32d6a004bbcfL,
-        0x47a593167d64f61dL } },
-    /* 58 << 84 */
-    { { 0x6068147f93102016L,0x12c5f65494d12576L,0xefb071a7c9bc6b91L,
-        0x7c2da0c56e23ea95L },
-      { 0xf4fd45b6d4a1dd5dL,0x3e7ad9b69122b13cL,0x342ca118e6f57a48L,
-        0x1c2e94a706f8288fL } },
-    /* 59 << 84 */
-    { { 0x99e68f075a97d231L,0x7c80de974d838758L,0xbce0f5d005872727L,
-        0xbe5d95c219c4d016L },
-      { 0x921d5cb19c2492eeL,0x42192dc1404d6fb3L,0x4c84dcd132f988d3L,
-        0xde26d61fa17b8e85L } },
-    /* 60 << 84 */
-    { { 0xc466dcb6137c7408L,0x9a38d7b636a266daL,0x7ef5cb0683bebf1bL,
-        0xe5cdcbbf0fd014e3L },
-      { 0x30aa376df65965a0L,0x60fe88c2ebb3e95eL,0x33fd0b6166ee6f20L,
-        0x8827dcdb3f41f0a0L } },
-    /* 61 << 84 */
-    { { 0xbf8a9d240c56c690L,0x40265dadddb7641dL,0x522b05bf3a6b662bL,
-        0x466d1dfeb1478c9bL },
-      { 0xaa6169621484469bL,0x0db6054902df8f9fL,0xc37bca023cb8bf51L,
-        0x5effe34621371ce8L } },
-    /* 62 << 84 */
-    { { 0xe8f65264ff112c32L,0x8a9c736d7b971fb2L,0xa4f194707b75080dL,
-        0xfc3f2c5a8839c59bL },
-      { 0x1d6c777e5aeb49c2L,0xf3db034dda1addfeL,0xd76fee5a5535affcL,
-        0x0853ac70b92251fdL } },
-    /* 63 << 84 */
-    { { 0x37e3d5948b2a29d5L,0x28f1f4574de00ddbL,0x8083c1b5f42c328bL,
-        0xd8ef1d8fe493c73bL },
-      { 0x96fb626041dc61bdL,0xf74e8a9d27ee2f8aL,0x7c605a802c946a5dL,
-        0xeed48d653839ccfdL } },
-    /* 64 << 84 */
-    { { 0x9894344f3a29467aL,0xde81e949c51eba6dL,0xdaea066ba5e5c2f2L,
-        0x3fc8a61408c8c7b3L },
-      { 0x7adff88f06d0de9fL,0xbbc11cf53b75ce0aL,0x9fbb7accfbbc87d5L,
-        0xa1458e267badfde2L } },
-    /* 0 << 91 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 91 */
-    { { 0x1cb43668e039c256L,0x5f26fb8b7c17fd5dL,0xeee426af79aa062bL,
-        0x072002d0d78fbf04L },
-      { 0x4c9ca237e84fb7e3L,0xb401d8a10c82133dL,0xaaa525926d7e4181L,
-        0xe943083373dbb152L } },
-    /* 2 << 91 */
-    { { 0xf92dda31be24319aL,0x03f7d28be095a8e7L,0xa52fe84098782185L,
-        0x276ddafe29c24dbcL },
-      { 0x80cd54961d7a64ebL,0xe43608897f1dbe42L,0x2f81a8778438d2d5L,
-        0x7e4d52a885169036L } },
-    /* 3 << 91 */
-    { { 0x19e3d5b11d59715dL,0xc7eaa762d788983eL,0xe5a730b0abf1f248L,
-        0xfbab8084fae3fd83L },
-      { 0x65e50d2153765b2fL,0xbdd4e083fa127f3dL,0x9cf3c074397b1b10L,
-        0x59f8090cb1b59fd3L } },
-    /* 4 << 91 */
-    { { 0x7b15fd9d615faa8fL,0x8fa1eb40968554edL,0x7bb4447e7aa44882L,
-        0x2bb2d0d1029fff32L },
-      { 0x075e2a646caa6d2fL,0x8eb879de22e7351bL,0xbcd5624e9a506c62L,
-        0x218eaef0a87e24dcL } },
-    /* 5 << 91 */
-    { { 0x37e5684744ddfa35L,0x9ccfc5c5dab3f747L,0x9ac1df3f1ee96cf4L,
-        0x0c0571a13b480b8fL },
-      { 0x2fbeb3d54b3a7b3cL,0x35c036695dcdbb99L,0x52a0f5dcb2415b3aL,
-        0xd57759b44413ed9aL } },
-    /* 6 << 91 */
-    { { 0x1fe647d83d30a2c5L,0x0857f77ef78a81dcL,0x11d5a334131a4a9bL,
-        0xc0a94af929d393f5L },
-      { 0xbc3a5c0bdaa6ec1aL,0xba9fe49388d2d7edL,0xbb4335b4bb614797L,
-        0x991c4d6872f83533L } },
-    /* 7 << 91 */
-    { { 0x53258c28d2f01cb3L,0x93d6eaa3d75db0b1L,0x419a2b0de87d0db4L,
-        0xa1e48f03d8fe8493L },
-      { 0xf747faf6c508b23aL,0xf137571a35d53549L,0x9f5e58e2fcf9b838L,
-        0xc7186ceea7fd3cf5L } },
-    /* 8 << 91 */
-    { { 0x77b868cee978a1d3L,0xe3a68b337ab92d04L,0x5102979487a5b862L,
-        0x5f0606c33a61d41dL },
-      { 0x2814be276f9326f1L,0x2f521c14c6fe3c2eL,0x17464d7dacdf7351L,
-        0x10f5f9d3777f7e44L } },
-    /* 9 << 91 */
-    { { 0xce8e616b269fb37dL,0xaaf738047de62de5L,0xaba111754fdd4153L,
-        0x515759ba3770b49bL },
-      { 0x8b09ebf8aa423a61L,0x592245a1cd41fb92L,0x1cba8ec19b4c8936L,
-        0xa87e91e3af36710eL } },
-    /* 10 << 91 */
-    { { 0x1fd84ce43d34a2e3L,0xee3759ceb43b5d61L,0x895bc78c619186c7L,
-        0xf19c3809cbb9725aL },
-      { 0xc0be21aade744b1fL,0xa7d222b060f8056bL,0x74be6157b23efe11L,
-        0x6fab2b4f0cd68253L } },
-    /* 11 << 91 */
-    { { 0xad33ea5f4bf1d725L,0x9c1d8ee24f6c950fL,0x544ee78aa377af06L,
-        0x54f489bb94a113e1L },
-      { 0x8f11d634992fb7e8L,0x0169a7aaa2a44347L,0x1d49d4af95020e00L,
-        0x95945722e08e120bL } },
-    /* 12 << 91 */
-    { { 0xb6e33878a4d32282L,0xe36e029d48020ae7L,0xe05847fb37a9b750L,
-        0xf876812cb29e3819L },
-      { 0x84ad138ed23a17f0L,0x6d7b4480f0b3950eL,0xdfa8aef42fd67ae0L,
-        0x8d3eea2452333af6L } },
-    /* 13 << 91 */
-    { { 0x0d052075b15d5accL,0xc6d9c79fbd815bc4L,0x8dcafd88dfa36cf2L,
-        0x908ccbe238aa9070L },
-      { 0x638722c4ba35afceL,0x5a3da8b0fd6abf0bL,0x2dce252cc9c335c1L,
-        0x84e7f0de65aa799bL } },
-    /* 14 << 91 */
-    { { 0x2101a522b99a72cbL,0x06de6e6787618016L,0x5ff8c7cde6f3653eL,
-        0x0a821ab5c7a6754aL },
-      { 0x7e3fa52b7cb0b5a2L,0xa7fb121cc9048790L,0x1a72502006ce053aL,
-        0xb490a31f04e929b0L } },
-    /* 15 << 91 */
-    { { 0xe17be47d62dd61adL,0x781a961c6be01371L,0x1063bfd3dae3cbbaL,
-        0x356474067f73c9baL },
-      { 0xf50e957b2736a129L,0xa6313702ed13f256L,0x9436ee653a19fcc5L,
-        0xcf2bdb29e7a4c8b6L } },
-    /* 16 << 91 */
-    { { 0xb06b1244c5f95cd8L,0xda8c8af0f4ab95f4L,0x1bae59c2b9e5836dL,
-        0x07d51e7e3acffffcL },
-      { 0x01e15e6ac2ccbcdaL,0x3bc1923f8528c3e0L,0x43324577a49fead4L,
-        0x61a1b8842aa7a711L } },
-    /* 17 << 91 */
-    { { 0xf9a86e08700230efL,0x0af585a1bd19adf8L,0x7645f361f55ad8f2L,
-        0x6e67622346c3614cL },
-      { 0x23cb257c4e774d3fL,0x82a38513ac102d1bL,0x9bcddd887b126aa5L,
-        0xe716998beefd3ee4L } },
-    /* 18 << 91 */
-    { { 0x4239d571fb167583L,0xdd011c78d16c8f8aL,0x271c289569a27519L,
-        0x9ce0a3b7d2d64b6aL },
-      { 0x8c977289d5ec6738L,0xa3b49f9a8840ef6bL,0x808c14c99a453419L,
-        0x5c00295b0cf0a2d5L } },
-    /* 19 << 91 */
-    { { 0x524414fb1d4bcc76L,0xb07691d2459a88f1L,0x77f43263f70d110fL,
-        0x64ada5e0b7abf9f3L },
-      { 0xafd0f94e5b544cf5L,0xb4a13a15fd2713feL,0xb99b7d6e250c74f4L,
-        0x097f2f7320324e45L } },
-    /* 20 << 91 */
-    { { 0x994b37d8affa8208L,0xc3c31b0bdc29aafcL,0x3da746517a3a607fL,
-        0xd8e1b8c1fe6955d6L },
-      { 0x716e1815c8418682L,0x541d487f7dc91d97L,0x48a04669c6996982L,
-        0xf39cab1583a6502eL } },
-    /* 21 << 91 */
-    { { 0x025801a0e68db055L,0xf3569758ba3338d5L,0xb0c8c0aaee2afa84L,
-        0x4f6985d3fb6562d1L },
-      { 0x351f1f15132ed17aL,0x510ed0b4c04365feL,0xa3f98138e5b1f066L,
-        0xbc9d95d632df03dcL } },
-    /* 22 << 91 */
-    { { 0xa83ccf6e19abd09eL,0x0b4097c14ff17edbL,0x58a5c478d64a06ceL,
-        0x2ddcc3fd544a58fdL },
-      { 0xd449503d9e8153b8L,0x3324fd027774179bL,0xaf5d47c8dbd9120cL,
-        0xeb86016234fa94dbL } },
-    /* 23 << 91 */
-    { { 0x5817bdd1972f07f4L,0xe5579e2ed27bbcebL,0x86847a1f5f11e5a6L,
-        0xb39ed2557c3cf048L },
-      { 0xe1076417a2f62e55L,0x6b9ab38f1bcf82a2L,0x4bb7c3197aeb29f9L,
-        0xf6d17da317227a46L } },
-    /* 24 << 91 */
-    { { 0xab53ddbd0f968c00L,0xa03da7ec000c880bL,0x7b2396246a9ad24dL,
-        0x612c040101ec60d0L },
-      { 0x70d10493109f5df1L,0xfbda403080af7550L,0x30b93f95c6b9a9b3L,
-        0x0c74ec71007d9418L } },
-    /* 25 << 91 */
-    { { 0x941755646edb951fL,0x5f4a9d787f22c282L,0xb7870895b38d1196L,
-        0xbc593df3a228ce7cL },
-      { 0xc78c5bd46af3641aL,0x7802200b3d9b3dccL,0x0dc73f328be33304L,
-        0x847ed87d61ffb79aL } },
-    /* 26 << 91 */
-    { { 0xf85c974e6d671192L,0x1e14100ade16f60fL,0x45cb0d5a95c38797L,
-        0x18923bba9b022da4L },
-      { 0xef2be899bbe7e86eL,0x4a1510ee216067bfL,0xd98c815484d5ce3eL,
-        0x1af777f0f92a2b90L } },
-    /* 27 << 91 */
-    { { 0x9fbcb4004ef65724L,0x3e04a4c93c0ca6feL,0xfb3e2cb555002994L,
-        0x1f3a93c55363ecabL },
-      { 0x1fe00efe3923555bL,0x744bedd91e1751eaL,0x3fb2db596ab69357L,
-        0x8dbd7365f5e6618bL } },
-    /* 28 << 91 */
-    { { 0x99d53099df1ea40eL,0xb3f24a0b57d61e64L,0xd088a198596eb812L,
-        0x22c8361b5762940bL },
-      { 0x66f01f97f9c0d95cL,0x884611728e43cdaeL,0x11599a7fb72b15c3L,
-        0x135a7536420d95ccL } },
-    /* 29 << 91 */
-    { { 0x2dcdf0f75f7ae2f6L,0x15fc6e1dd7fa6da2L,0x81ca829ad1d441b6L,
-        0x84c10cf804a106b6L },
-      { 0xa9b26c95a73fbbd0L,0x7f24e0cb4d8f6ee8L,0x48b459371e25a043L,
-        0xf8a74fca036f3dfeL } },
-    /* 30 << 91 */
-    { { 0x1ed46585c9f84296L,0x7fbaa8fb3bc278b0L,0xa8e96cd46c4fcbd0L,
-        0x940a120273b60a5fL },
-      { 0x34aae12055a4aec8L,0x550e9a74dbd742f0L,0x794456d7228c68abL,
-        0x492f8868a4e25ec6L } },
-    /* 31 << 91 */
-    { { 0x682915adb2d8f398L,0xf13b51cc5b84c953L,0xcda90ab85bb917d6L,
-        0x4b6155604ea3dee1L },
-      { 0x578b4e850a52c1c8L,0xeab1a69520b75fc4L,0x60c14f3caa0bb3c6L,
-        0x220f448ab8216094L } },
-    /* 32 << 91 */
-    { { 0x4fe7ee31b0e63d34L,0xf4600572a9e54fabL,0xc0493334d5e7b5a4L,
-        0x8589fb9206d54831L },
-      { 0xaa70f5cc6583553aL,0x0879094ae25649e5L,0xcc90450710044652L,
-        0xebb0696d02541c4fL } },
-    /* 33 << 91 */
-    { { 0x5a171fdeb9718710L,0x38f1bed8f374a9f5L,0xc8c582e1ba39bdc1L,
-        0xfc457b0a908cc0ceL },
-      { 0x9a187fd4883841e2L,0x8ec25b3938725381L,0x2553ed0596f84395L,
-        0x095c76616f6c6897L } },
-    /* 34 << 91 */
-    { { 0x917ac85c4bdc5610L,0xb2885fe4179eb301L,0x5fc655478b78bdccL,
-        0x4a9fc893e59e4699L },
-      { 0xbb7ff0cd3ce299afL,0x195be9b3adf38b20L,0x6a929c87d38ddb8fL,
-        0x55fcc99cb21a51b9L } },
-    /* 35 << 91 */
-    { { 0x2b695b4c721a4593L,0xed1e9a15768eaac2L,0xfb63d71c7489f914L,
-        0xf98ba31c78118910L },
-      { 0x802913739b128eb4L,0x7801214ed448af4aL,0xdbd2e22b55418dd3L,
-        0xeffb3c0dd3998242L } },
-    /* 36 << 91 */
-    { { 0xdfa6077cc7bf3827L,0xf2165bcb47f8238fL,0xfe37cf688564d554L,
-        0xe5f825c40a81fb98L },
-      { 0x43cc4f67ffed4d6fL,0xbc609578b50a34b0L,0x8aa8fcf95041faf1L,
-        0x5659f053651773b6L } },
-    /* 37 << 91 */
-    { { 0xe87582c36044d63bL,0xa60894090cdb0ca0L,0x8c993e0fbfb2bcf6L,
-        0xfc64a71945985cfcL },
-      { 0x15c4da8083dbedbaL,0x804ae1122be67df7L,0xda4c9658a23defdeL,
-        0x12002ddd5156e0d3L } },
-    /* 38 << 91 */
-    { { 0xe68eae895dd21b96L,0x8b99f28bcf44624dL,0x0ae008081ec8897aL,
-        0xdd0a93036712f76eL },
-      { 0x962375224e233de4L,0x192445b12b36a8a5L,0xabf9ff74023993d9L,
-        0x21f37bf42aad4a8fL } },
-    /* 39 << 91 */
-    { { 0x340a4349f8bd2bbdL,0x1d902cd94868195dL,0x3d27bbf1e5fdb6f1L,
-        0x7a5ab088124f9f1cL },
-      { 0xc466ab06f7a09e03L,0x2f8a197731f2c123L,0xda355dc7041b6657L,
-        0xcb840d128ece2a7cL } },
-    /* 40 << 91 */
-    { { 0xb600ad9f7db32675L,0x78fea13307a06f1bL,0x5d032269b31f6094L,
-        0x07753ef583ec37aaL },
-      { 0x03485aed9c0bea78L,0x41bb3989bc3f4524L,0x09403761697f726dL,
-        0x6109beb3df394820L } },
-    /* 41 << 91 */
-    { { 0x804111ea3b6d1145L,0xb6271ea9a8582654L,0x619615e624e66562L,
-        0xa2554945d7b6ad9cL },
-      { 0xd9c4985e99bfe35fL,0x9770ccc07b51cdf6L,0x7c32701392881832L,
-        0x8777d45f286b26d1L } },
-    /* 42 << 91 */
-    { { 0x9bbeda22d847999dL,0x03aa33b6c3525d32L,0x4b7b96d428a959a1L,
-        0xbb3786e531e5d234L },
-      { 0xaeb5d3ce6961f247L,0x20aa85af02f93d3fL,0x9cd1ad3dd7a7ae4fL,
-        0xbf6688f0781adaa8L } },
-    /* 43 << 91 */
-    { { 0xb1b40e867469ceadL,0x1904c524309fca48L,0x9b7312af4b54bbc7L,
-        0xbe24bf8f593affa2L },
-      { 0xbe5e0790bd98764bL,0xa0f45f17a26e299eL,0x4af0d2c26b8fe4c7L,
-        0xef170db18ae8a3e6L } },
-    /* 44 << 91 */
-    { { 0x0e8d61a029e0ccc1L,0xcd53e87e60ad36caL,0x328c6623c8173822L,
-        0x7ee1767da496be55L },
-      { 0x89f13259648945afL,0x9e45a5fd25c8009cL,0xaf2febd91f61ab8cL,
-        0x43f6bc868a275385L } },
-    /* 45 << 91 */
-    { { 0x87792348f2142e79L,0x17d89259c6e6238aL,0x7536d2f64a839d9bL,
-        0x1f428fce76a1fbdcL },
-      { 0x1c1096010db06dfeL,0xbfc16bc150a3a3ccL,0xf9cbd9ec9b30f41bL,
-        0x5b5da0d600138cceL } },
-    /* 46 << 91 */
-    { { 0xec1d0a4856ef96a7L,0xb47eb848982bf842L,0x66deae32ec3f700dL,
-        0x4e43c42caa1181e0L },
-      { 0xa1d72a31d1a4aa2aL,0x440d4668c004f3ceL,0x0d6a2d3b45fe8a7aL,
-        0x820e52e2fb128365L } },
-    /* 47 << 91 */
-    { { 0x29ac5fcf25e51b09L,0x180cd2bf2023d159L,0xa9892171a1ebf90eL,
-        0xf97c4c877c132181L },
-      { 0x9f1dc724c03dbb7eL,0xae043765018cbbe4L,0xfb0b2a360767d153L,
-        0xa8e2f4d6249cbaebL } },
-    /* 48 << 91 */
-    { { 0x172a5247d95ea168L,0x1758fada2970764aL,0xac803a511d978169L,
-        0x299cfe2ede77e01bL },
-      { 0x652a1e17b0a98927L,0x2e26e1d120014495L,0x7ae0af9f7175b56aL,
-        0xc2e22a80d64b9f95L } },
-    /* 49 << 91 */
-    { { 0x4d0ff9fbd90a060aL,0x496a27dbbaf38085L,0x32305401da776bcfL,
-        0xb8cdcef6725f209eL },
-      { 0x61ba0f37436a0bbaL,0x263fa10876860049L,0x92beb98eda3542cfL,
-        0xa2d4d14ad5849538L } },
-    /* 50 << 91 */
-    { { 0x989b9d6812e9a1bcL,0x61d9075c5f6e3268L,0x352c6aa999ace638L,
-        0xde4e4a55920f43ffL },
-      { 0xe5e4144ad673c017L,0x667417ae6f6e05eaL,0x613416aedcd1bd56L,
-        0x5eb3620186693711L } },
-    /* 51 << 91 */
-    { { 0x2d7bc5043a1aa914L,0x175a129976dc5975L,0xe900e0f23fc8125cL,
-        0x569ef68c11198875L },
-      { 0x9012db6363a113b4L,0xe3bd3f5698835766L,0xa5c94a5276412deaL,
-        0xad9e2a09aa735e5cL } },
-    /* 52 << 91 */
-    { { 0x405a984c508b65e9L,0xbde4a1d16df1a0d1L,0x1a9433a1dfba80daL,
-        0xe9192ff99440ad2eL },
-      { 0x9f6496965099fe92L,0x25ddb65c0b27a54aL,0x178279ddc590da61L,
-        0x5479a999fbde681aL } },
-    /* 53 << 91 */
-    { { 0xd0e84e05013fe162L,0xbe11dc92632d471bL,0xdf0b0c45fc0e089fL,
-        0x04fb15b04c144025L },
-      { 0xa61d5fc213c99927L,0xa033e9e03de2eb35L,0xf8185d5cb8dacbb4L,
-        0x9a88e2658644549dL } },
-    /* 54 << 91 */
-    { { 0xf717af6254671ff6L,0x4bd4241b5fa58603L,0x06fba40be67773c0L,
-        0xc1d933d26a2847e9L },
-      { 0xf4f5acf3689e2c70L,0x92aab0e746bafd31L,0x798d76aa3473f6e5L,
-        0xcc6641db93141934L } },
-    /* 55 << 91 */
-    { { 0xcae27757d31e535eL,0x04cc43b687c2ee11L,0x8d1f96752e029ffaL,
-        0xc2150672e4cc7a2cL },
-      { 0x3b03c1e08d68b013L,0xa9d6816fedf298f3L,0x1bfbb529a2804464L,
-        0x95a52fae5db22125L } },
-    /* 56 << 91 */
-    { { 0x55b321600e1cb64eL,0x004828f67e7fc9feL,0x13394b821bb0fb93L,
-        0xb6293a2d35f1a920L },
-      { 0xde35ef21d145d2d9L,0xbe6225b3bb8fa603L,0x00fc8f6b32cf252dL,
-        0xa28e52e6117cf8c2L } },
-    /* 57 << 91 */
-    { { 0x9d1dc89b4c371e6dL,0xcebe067536ef0f28L,0x5de05d09a4292f81L,
-        0xa8303593353e3083L },
-      { 0xa1715b0a7e37a9bbL,0x8c56f61e2b8faec3L,0x5250743133c9b102L,
-        0x0130cefca44431f0L } },
-    /* 58 << 91 */
-    { { 0x56039fa0bd865cfbL,0x4b03e578bc5f1dd7L,0x40edf2e4babe7224L,
-        0xc752496d3a1988f6L },
-      { 0xd1572d3b564beb6bL,0x0db1d11039a1c608L,0x568d193416f60126L,
-        0x05ae9668f354af33L } },
-    /* 59 << 91 */
-    { { 0x19de6d37c92544f2L,0xcc084353a35837d5L,0xcbb6869c1a514eceL,
-        0xb633e7282e1d1066L },
-      { 0xf15dd69f936c581cL,0x96e7b8ce7439c4f9L,0x5e676f482e448a5bL,
-        0xb2ca7d5bfd916bbbL } },
-    /* 60 << 91 */
-    { { 0xd55a2541f5024025L,0x47bc5769e4c2d937L,0x7d31b92a0362189fL,
-        0x83f3086eef7816f9L },
-      { 0xf9f46d94b587579aL,0xec2d22d830e76c5fL,0x27d57461b000ffcfL,
-        0xbb7e65f9364ffc2cL } },
-    /* 61 << 91 */
-    { { 0x7c7c94776652a220L,0x61618f89d696c981L,0x5021701d89effff3L,
-        0xf2c8ff8e7c314163L },
-      { 0x2da413ad8efb4d3eL,0x937b5adfce176d95L,0x22867d342a67d51cL,
-        0x262b9b1018eb3ac9L } },
-    /* 62 << 91 */
-    { { 0x4e314fe4c43ff28bL,0x764766276a664e7aL,0x3e90e40bb7a565c2L,
-        0x8588993ac1acf831L },
-      { 0xd7b501d68f938829L,0x996627ee3edd7d4cL,0x37d44a6290cd34c7L,
-        0xa8327499f3833e8dL } },
-    /* 63 << 91 */
-    { { 0x2e18917d4bf50353L,0x85dd726b556765fbL,0x54fe65d693d5ab66L,
-        0x3ddbaced915c25feL },
-      { 0xa799d9a412f22e85L,0xe2a248676d06f6bcL,0xf4f1ee5643ca1637L,
-        0xfda2828b61ece30aL } },
-    /* 64 << 91 */
-    { { 0x758c1a3ea2dee7a6L,0xdcde2f3c734b2284L,0xaba445d24eaba6adL,
-        0x35aaf66876cee0a7L },
-      { 0x7e0b04a9e5aa049aL,0xe74083ad91103e84L,0xbeb183ce40afecc3L,
-        0x6b89de9fea043f7aL } },
-    /* 0 << 98 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 98 */
-    { { 0x0e299d23fe67ba66L,0x9145076093cf2f34L,0xf45b5ea997fcf913L,
-        0x5be008438bd7dddaL },
-      { 0x358c3e05d53ff04dL,0xbf7ccdc35de91ef7L,0xad684dbfb69ec1a0L,
-        0x367e7cf2801fd997L } },
-    /* 2 << 98 */
-    { { 0x0ca1f3b7b0dc8595L,0x27de46089f1d9f2eL,0x1af3bf39badd82a7L,
-        0x79356a7965862448L },
-      { 0xc0602345f5f9a052L,0x1a8b0f89139a42f9L,0xb53eee42844d40fcL,
-        0x93b0bfe54e5b6368L } },
-    /* 3 << 98 */
-    { { 0x5434dd02c024789cL,0x90dca9ea41b57bfcL,0x8aa898e2243398dfL,
-        0xf607c834894a94bbL },
-      { 0xbb07be97c2c99b76L,0x6576ba6718c29302L,0x3d79efcce703a88cL,
-        0xf259ced7b6a0d106L } },
-    /* 4 << 98 */
-    { { 0x0f893a5dc8de610bL,0xe8c515fb67e223ceL,0x7774bfa64ead6dc5L,
-        0x89d20f95925c728fL },
-      { 0x7a1e0966098583ceL,0xa2eedb9493f2a7d7L,0x1b2820974c304d4aL,
-        0x0842e3dac077282dL } },
-    /* 5 << 98 */
-    { { 0xe4d972a33b9e2d7bL,0x7cc60b27c48218ffL,0x8fc7083884149d91L,
-        0x5c04346f2f461eccL },
-      { 0xebe9fdf2614650a9L,0x5e35b537c1f666acL,0x645613d188babc83L,
-        0x88cace3ac5e1c93eL } },
-    /* 6 << 98 */
-    { { 0x209ca3753de92e23L,0xccb03cc85fbbb6e3L,0xccb90f03d7b1487eL,
-        0xfa9c2a38c710941fL },
-      { 0x756c38236724ceedL,0x3a902258192d0323L,0xb150e519ea5e038eL,
-        0xdcba2865c7427591L } },
-    /* 7 << 98 */
-    { { 0xe549237f78890732L,0xc443bef953fcb4d9L,0x9884d8a6eb3480d6L,
-        0x8a35b6a13048b186L },
-      { 0xb4e4471665e9a90aL,0x45bf380d653006c0L,0x8f3f820d4fe9ae3bL,
-        0x244a35a0979a3b71L } },
-    /* 8 << 98 */
-    { { 0xa1010e9d74cd06ffL,0x9c17c7dfaca3eeacL,0x74c86cd38063aa2bL,
-        0x8595c4b3734614ffL },
-      { 0xa3de00ca990f62ccL,0xd9bed213ca0c3be5L,0x7886078adf8ce9f5L,
-        0xddb27ce35cd44444L } },
-    /* 9 << 98 */
-    { { 0xed374a6658926dddL,0x138b2d49908015b8L,0x886c6579de1f7ab8L,
-        0x888b9aa0c3020b7aL },
-      { 0xd3ec034e3a96e355L,0xba65b0b8f30fbe9aL,0x064c8e50ff21367aL,
-        0x1f508ea40b04b46eL } },
-    /* 10 << 98 */
-    { { 0x98561a49747c866cL,0xbbb1e5fe0518a062L,0x20ff4e8becdc3608L,
-        0x7f55cded20184027L },
-      { 0x8d73ec95f38c85f0L,0x5b589fdf8bc3b8c3L,0xbe95dd980f12b66fL,
-        0xf5bd1a090e338e01L } },
-    /* 11 << 98 */
-    { { 0x65163ae55e915918L,0x6158d6d986f8a46bL,0x8466b538eeebf99cL,
-        0xca8761f6bca477efL },
-      { 0xaf3449c29ebbc601L,0xef3b0f41e0c3ae2fL,0xaa6c577d5de63752L,
-        0xe916660164682a51L } },
-    /* 12 << 98 */
-    { { 0x5a3097befc15aa1eL,0x40d12548b54b0745L,0x5bad4706519a5f12L,
-        0xed03f717a439dee6L },
-      { 0x0794bb6c4a02c499L,0xf725083dcffe71d2L,0x2cad75190f3adcafL,
-        0x7f68ea1c43729310L } },
-    /* 13 << 98 */
-    { { 0xe747c8c7b7ffd977L,0xec104c3580761a22L,0x8395ebaf5a3ffb83L,
-        0xfb3261f4e4b63db7L },
-      { 0x53544960d883e544L,0x13520d708cc2eeb8L,0x08f6337bd3d65f99L,
-        0x83997db2781cf95bL } },
-    /* 14 << 98 */
-    { { 0xce6ff1060dbd2c01L,0x4f8eea6b1f9ce934L,0x546f7c4b0e993921L,
-        0x6236a3245e753fc7L },
-      { 0x65a41f84a16022e9L,0x0c18d87843d1dbb2L,0x73c556402d4cef9cL,
-        0xa042810870444c74L } },
-    /* 15 << 98 */
-    { { 0x68e4f15e9afdfb3cL,0x49a561435bdfb6dfL,0xa9bc1bd45f823d97L,
-        0xbceb5970ea111c2aL },
-      { 0x366b455fb269bbc4L,0x7cd85e1ee9bc5d62L,0xc743c41c4f18b086L,
-        0xa4b4099095294fb9L } },
-    /* 16 << 98 */
-    { { 0x9c7c581d26ee8382L,0xcf17dcc5359d638eL,0xee8273abb728ae3dL,
-        0x1d112926f821f047L },
-      { 0x1149847750491a74L,0x687fa761fde0dfb9L,0x2c2580227ea435abL,
-        0x6b8bdb9491ce7e3fL } },
-    /* 17 << 98 */
-    { { 0x4c5b5dc93bf834aaL,0x043718194f6c7e4bL,0xc284e00a3736bcadL,
-        0x0d88111821ae8f8dL },
-      { 0xf9cf0f82f48c8e33L,0xa11fd075a1bf40dbL,0xdceab0dedc2733e5L,
-        0xc560a8b58e986bd7L } },
-    /* 18 << 98 */
-    { { 0x48dd1fe23929d097L,0x3885b29092f188f1L,0x0f2ae613da6fcdacL,
-        0x9054303eb662a46cL },
-      { 0xb6871e440738042aL,0x98e6a977bdaf6449L,0xd8bc0650d1c9df1bL,
-        0xef3d645136e098f9L } },
-    /* 19 << 98 */
-    { { 0x03fbae82b6d72d28L,0x77ca9db1f5d84080L,0x8a112cffa58efc1cL,
-        0x518d761cc564cb4aL },
-      { 0x69b5740ef0d1b5ceL,0x717039cce9eb1785L,0x3fe29f9022f53382L,
-        0x8e54ba566bc7c95cL } },
-    /* 20 << 98 */
-    { { 0x9c806d8af7f91d0fL,0x3b61b0f1a82a5728L,0x4640032d94d76754L,
-        0x273eb5de47d834c6L },
-      { 0x2988abf77b4e4d53L,0xb7ce66bfde401777L,0x9fba6b32715071b3L,
-        0x82413c24ad3a1a98L } },
-    /* 21 << 98 */
-    { { 0x5b7fc8c4e0e8ad93L,0xb5679aee5fab868dL,0xb1f9d2fa2b3946f3L,
-        0x458897dc5685b50aL },
-      { 0x1e98c93089d0caf3L,0x39564c5f78642e92L,0x1b77729a0dbdaf18L,
-        0xf9170722579e82e6L } },
-    /* 22 << 98 */
-    { { 0x680c0317e4515fa5L,0xf85cff84fb0c790fL,0xc7a82aab6d2e0765L,
-        0x7446bca935c82b32L },
-      { 0x5de607aa6d63184fL,0x7c1a46a8262803a6L,0xd218313daebe8035L,
-        0x92113ffdc73c51f8L } },
-    /* 23 << 98 */
-    { { 0x4b38e08312e7e46cL,0x69d0a37a56126bd5L,0xfb3f324b73c07e04L,
-        0xa0c22f678fda7267L },
-      { 0x8f2c00514d2c7d8fL,0xbc45ced3cbe2cae5L,0xe1c6cf07a8f0f277L,
-        0xbc3923121eb99a98L } },
-    /* 24 << 98 */
-    { { 0x75537b7e3cc8ac85L,0x8d725f57dd02753bL,0xfd05ff64b737df2fL,
-        0x55fe8712f6d2531dL },
-      { 0x57ce04a96ab6b01cL,0x69a02a897cd93724L,0x4f82ac35cf86699bL,
-        0x8242d3ad9cb4b232L } },
-    /* 25 << 98 */
-    { { 0x713d0f65d62105e5L,0xbb222bfa2d29be61L,0xf2f9a79e6cfbef09L,
-        0xfc24d8d3d5d6782fL },
-      { 0x5db77085d4129967L,0xdb81c3ccdc3c2a43L,0x9d655fc005d8d9a3L,
-        0x3f5d057a54298026L } },
-    /* 26 << 98 */
-    { { 0x1157f56d88c54694L,0xb26baba59b09573eL,0x2cab03b022adffd1L,
-        0x60a412c8dd69f383L },
-      { 0xed76e98b54b25039L,0xd4ee67d3687e714dL,0x877396487b00b594L,
-        0xce419775c9ef709bL } },
-    /* 27 << 98 */
-    { { 0x40f76f851c203a40L,0x30d352d6eafd8f91L,0xaf196d3d95578dd2L,
-        0xea4bb3d777cc3f3dL },
-      { 0x42a5bd03b98e782bL,0xac958c400624920dL,0xb838134cfc56fcc8L,
-        0x86ec4ccf89572e5eL } },
-    /* 28 << 98 */
-    { { 0x69c435269be47be0L,0x323b7dd8cb28fea1L,0xfa5538ba3a6c67e5L,
-        0xef921d701d378e46L },
-      { 0xf92961fc3c4b880eL,0x3f6f914e98940a67L,0xa990eb0afef0ff39L,
-        0xa6c2920ff0eeff9cL } },
-    /* 29 << 98 */
-    { { 0xca80416651b8d9a3L,0x42531bc90ffb0db1L,0x72ce4718aa82e7ceL,
-        0x6e199913df574741L },
-      { 0xd5f1b13dd5d36946L,0x8255dc65f68f0194L,0xdc9df4cd8710d230L,
-        0x3453c20f138c1988L } },
-    /* 30 << 98 */
-    { { 0x9af98dc089a6ef01L,0x4dbcc3f09857df85L,0x348056015c1ad924L,
-        0x40448da5d0493046L },
-      { 0xf629926d4ee343e2L,0x6343f1bd90e8a301L,0xefc9349140815b3fL,
-        0xf882a423de8f66fbL } },
-    /* 31 << 98 */
-    { { 0x3a12d5f4e7db9f57L,0x7dfba38a3c384c27L,0x7a904bfd6fc660b1L,
-        0xeb6c5db32773b21cL },
-      { 0xc350ee661cdfe049L,0x9baac0ce44540f29L,0xbc57b6aba5ec6aadL,
-        0x167ce8c30a7c1baaL } },
-    /* 32 << 98 */
-    { { 0xb23a03a553fb2b56L,0x6ce141e74e057f78L,0x796525c389e490d9L,
-        0x0bc95725a31a7e75L },
-      { 0x1ec567911220fd06L,0x716e3a3c408b0bd6L,0x31cd6bf7e8ebeba9L,
-        0xa7326ca6bee6b670L } },
-    /* 33 << 98 */
-    { { 0x3d9f851ccd090c43L,0x561e8f13f12c3988L,0x50490b6a904b7be4L,
-        0x61690ce10410737bL },
-      { 0x299e9a370f009052L,0x258758f0f026092eL,0x9fa255f3fdfcdc0fL,
-        0xdbc9fb1fc0e1bcd2L } },
-    /* 34 << 98 */
-    { { 0x35f9dd6e24651840L,0xdca45a84a5c59abcL,0x103d396fecca4938L,
-        0x4532da0ab97b3f29L },
-      { 0xc4135ea51999a6bfL,0x3aa9505a5e6bf2eeL,0xf77cef063f5be093L,
-        0x97d1a0f8a943152eL } },
-    /* 35 << 98 */
-    { { 0x2cb0ebba2e1c21ddL,0xf41b29fc2c6797c4L,0xc6e17321b300101fL,
-        0x4422b0e9d0d79a89L },
-      { 0x49e4901c92f1bfc4L,0x06ab1f8fe1e10ed9L,0x84d35577db2926b8L,
-        0xca349d39356e8ec2L } },
-    /* 36 << 98 */
-    { { 0x70b63d32343bf1a9L,0x8fd3bd2837d1a6b1L,0x0454879c316865b4L,
-        0xee959ff6c458efa2L },
-      { 0x0461dcf89706dc3fL,0x737db0e2164e4b2eL,0x092626802f8843c8L,
-        0x54498bbc7745e6f6L } },
-    /* 37 << 98 */
-    { { 0x359473faa29e24afL,0xfcc3c45470aa87a1L,0xfd2c4bf500573aceL,
-        0xb65b514e28dd1965L },
-      { 0xe46ae7cf2193e393L,0x60e9a4e1f5444d97L,0xe7594e9600ff38edL,
-        0x43d84d2f0a0e0f02L } },
-    /* 38 << 98 */
-    { { 0x8b6db141ee398a21L,0xb88a56aee3bcc5beL,0x0a1aa52f373460eaL,
-        0x20da1a56160bb19bL },
-      { 0xfb54999d65bf0384L,0x71a14d245d5a180eL,0xbc44db7b21737b04L,
-        0xd84fcb1801dd8e92L } },
-    /* 39 << 98 */
-    { { 0x80de937bfa44b479L,0x535054995c98fd4fL,0x1edb12ab28f08727L,
-        0x4c58b582a5f3ef53L },
-      { 0xbfb236d88327f246L,0xc3a3bfaa4d7df320L,0xecd96c59b96024f2L,
-        0xfc293a537f4e0433L } },
-    /* 40 << 98 */
-    { { 0x5341352b5acf6e10L,0xc50343fdafe652c3L,0x4af3792d18577a7fL,
-        0xe1a4c617af16823dL },
-      { 0x9b26d0cd33425d0aL,0x306399ed9b7bc47fL,0x2a792f33706bb20bL,
-        0x3121961498111055L } },
-    /* 41 << 98 */
-    { { 0x864ec06487f5d28bL,0x11392d91962277fdL,0xb5aa7942bb6aed5fL,
-        0x080094dc47e799d9L },
-      { 0x4afa588c208ba19bL,0xd3e7570f8512f284L,0xcbae64e602f5799aL,
-        0xdeebe7ef514b9492L } },
-    /* 42 << 98 */
-    { { 0x30300f98e5c298ffL,0x17f561be3678361fL,0xf52ff31298cb9a16L,
-        0x6233c3bc5562d490L },
-      { 0x7bfa15a192e3a2cbL,0x961bcfd1e6365119L,0x3bdd29bf2c8c53b1L,
-        0x739704df822844baL } },
-    /* 43 << 98 */
-    { { 0x7dacfb587e7b754bL,0x23360791a806c9b9L,0xe7eb88c923504452L,
-        0x2983e996852c1783L },
-      { 0xdd4ae529958d881dL,0x026bae03262c7b3cL,0x3a6f9193960b52d1L,
-        0xd0980f9092696cfbL } },
-    /* 44 << 98 */
-    { { 0x4c1f428cd5f30851L,0x94dfed272a4f6630L,0x4df53772fc5d48a4L,
-        0xdd2d5a2f933260ceL },
-      { 0x574115bdd44cc7a5L,0x4ba6b20dbd12533aL,0x30e93cb8243057c9L,
-        0x794c486a14de320eL } },
-    /* 45 << 98 */
-    { { 0xe925d4cef21496e4L,0xf951d198ec696331L,0x9810e2de3e8d812fL,
-        0xd0a47259389294abL },
-      { 0x513ba2b50e3bab66L,0x462caff5abad306fL,0xe2dc6d59af04c49eL,
-        0x1aeb8750e0b84b0bL } },
-    /* 46 << 98 */
-    { { 0xc034f12f2f7d0ca2L,0x6d2e8128e06acf2fL,0x801f4f8321facc2fL,
-        0xa1170c03f40ef607L },
-      { 0xfe0a1d4f7805a99cL,0xbde56a36cc26aba5L,0x5b1629d035531f40L,
-        0xac212c2b9afa6108L } },
-    /* 47 << 98 */
-    { { 0x30a06bf315697be5L,0x6f0545dc2c63c7c1L,0x5d8cb8427ccdadafL,
-        0xd52e379bac7015bbL },
-      { 0xc4f56147f462c23eL,0xd44a429846bc24b0L,0xbc73d23ae2856d4fL,
-        0x61cedd8c0832bcdfL } },
-    /* 48 << 98 */
-    { { 0x6095355699f241d7L,0xee4adbd7001a349dL,0x0b35bf6aaa89e491L,
-        0x7f0076f4136f7546L },
-      { 0xd19a18ba9264da3dL,0x6eb2d2cd62a7a28bL,0xcdba941f8761c971L,
-        0x1550518ba3be4a5dL } },
-    /* 49 << 98 */
-    { { 0xd0e8e2f057d0b70cL,0xeea8612ecd133ba3L,0x814670f044416aecL,
-        0x424db6c330775061L },
-      { 0xd96039d116213fd1L,0xc61e7fa518a3478fL,0xa805bdcccb0c5021L,
-        0xbdd6f3a80cc616ddL } },
-    /* 50 << 98 */
-    { { 0x060096675d97f7e2L,0x31db0fc1af0bf4b6L,0x23680ed45491627aL,
-        0xb99a3c667d741fb1L },
-      { 0xe9bb5f5536b1ff92L,0x29738577512b388dL,0xdb8a2ce750fcf263L,
-        0x385346d46c4f7b47L } },
-    /* 51 << 98 */
-    { { 0xbe86c5ef31631f9eL,0xbf91da2103a57a29L,0xc3b1f7967b23f821L,
-        0x0f7d00d2770db354L },
-      { 0x8ffc6c3bd8fe79daL,0xcc5e8c40d525c996L,0x4640991dcfff632aL,
-        0x64d97e8c67112528L } },
-    /* 52 << 98 */
-    { { 0xc232d97302f1cd1eL,0xce87eacb1dd212a4L,0x6e4c8c73e69802f7L,
-        0x12ef02901fffddbdL },
-      { 0x941ec74e1bcea6e2L,0xd0b540243cb92cbbL,0x809fb9d47e8f9d05L,
-        0x3bf16159f2992aaeL } },
-    /* 53 << 98 */
-    { { 0xad40f279f8a7a838L,0x11aea63105615660L,0xbf52e6f1a01f6fa1L,
-        0xef0469953dc2aec9L },
-      { 0x785dbec9d8080711L,0xe1aec60a9fdedf76L,0xece797b5fa21c126L,
-        0xc66e898f05e52732L } },
-    /* 54 << 98 */
-    { { 0x39bb69c408811fdbL,0x8bfe1ef82fc7f082L,0xc8e7a393174f4138L,
-        0xfba8ad1dd58d1f98L },
-      { 0xbc21d0cebfd2fd5bL,0x0b839a826ee60d61L,0xaacf7658afd22253L,
-        0xb526bed8aae396b3L } },
-    /* 55 << 98 */
-    { { 0xccc1bbc238564464L,0x9e3ff9478c45bc73L,0xcde9bca358188a78L,
-        0x138b8ee0d73bf8f7L },
-      { 0x5c7e234c4123c489L,0x66e69368fa643297L,0x0629eeee39a15fa3L,
-        0x95fab881a9e2a927L } },
-    /* 56 << 98 */
-    { { 0xb2497007eafbb1e1L,0xd75c9ce6e75b7a93L,0x3558352defb68d78L,
-        0xa2f26699223f6396L },
-      { 0xeb911ecfe469b17aL,0x62545779e72d3ec2L,0x8ea47de782cb113fL,
-        0xebe4b0864e1fa98dL } },
-    /* 57 << 98 */
-    { { 0xec2d5ed78cdfedb1L,0xa535c077fe211a74L,0x9678109b11d244c5L,
-        0xf17c8bfbbe299a76L },
-      { 0xb651412efb11fbc4L,0xea0b548294ab3f65L,0xd8dffd950cf78243L,
-        0x2e719e57ce0361d4L } },
-    /* 58 << 98 */
-    { { 0x9007f085304ddc5bL,0x095e8c6d4daba2eaL,0x5a33cdb43f9d28a9L,
-        0x85b95cd8e2283003L },
-      { 0xbcd6c819b9744733L,0x29c5f538fc7f5783L,0x6c49b2fad59038e4L,
-        0x68349cc13bbe1018L } },
-    /* 59 << 98 */
-    { { 0xcc490c1d21830ee5L,0x36f9c4eee9bfa297L,0x58fd729448de1a94L,
-        0xaadb13a84e8f2cdcL },
-      { 0x515eaaa081313dbaL,0xc76bb468c2152dd8L,0x357f8d75a653dbf8L,
-        0xe4d8c4d1b14ac143L } },
-    /* 60 << 98 */
-    { { 0xbdb8e675b055cb40L,0x898f8e7b977b5167L,0xecc65651b82fb863L,
-        0x565448146d88f01fL },
-      { 0xb0928e95263a75a9L,0xcfb6836f1a22fcdaL,0x651d14db3f3bd37cL,
-        0x1d3837fbb6ad4664L } },
-    /* 61 << 98 */
-    { { 0x7c5fb538ff4f94abL,0x7243c7126d7fb8f2L,0xef13d60ca85c5287L,
-        0x18cfb7c74bb8dd1bL },
-      { 0x82f9bfe672908219L,0x35c4592b9d5144abL,0x52734f379cf4b42fL,
-        0x6bac55e78c60ddc4L } },
-    /* 62 << 98 */
-    { { 0xb5cd811e94dea0f6L,0x259ecae4e18cc1a3L,0x6a0e836e15e660f8L,
-        0x6c639ea60e02bff2L },
-      { 0x8721b8cb7e1026fdL,0x9e73b50b63261942L,0xb8c7097477f01da3L,
-        0x1839e6a68268f57fL } },
-    /* 63 << 98 */
-    { { 0x571b94155150b805L,0x1892389ef92c7097L,0x8d69c18e4a084b95L,
-        0x7014c512be5b495cL },
-      { 0x4780db361b07523cL,0x2f6219ce2c1c64faL,0xc38b81b0602c105aL,
-        0xab4f4f205dc8e360L } },
-    /* 64 << 98 */
-    { { 0x20d3c982cf7d62d2L,0x1f36e29d23ba8150L,0x48ae0bf092763f9eL,
-        0x7a527e6b1d3a7007L },
-      { 0xb4a89097581a85e3L,0x1f1a520fdc158be5L,0xf98db37d167d726eL,
-        0x8802786e1113e862L } },
-    /* 0 << 105 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 105 */
-    { { 0xefb2149e36f09ab0L,0x03f163ca4a10bb5bL,0xd029704506e20998L,
-        0x56f0af001b5a3babL },
-      { 0x7af4cfec70880e0dL,0x7332a66fbe3d913fL,0x32e6c84a7eceb4bdL,
-        0xedc4a79a9c228f55L } },
-    /* 2 << 105 */
-    { { 0xc37c7dd0c55c4496L,0xa6a9635725bbabd2L,0x5b7e63f2add7f363L,
-        0x9dce37822e73f1dfL },
-      { 0xe1e5a16ab2b91f71L,0xe44898235ba0163cL,0xf2759c32f6e515adL,
-        0xa5e2f1f88615eecfL } },
-    /* 3 << 105 */
-    { { 0x74519be7abded551L,0x03d358b8c8b74410L,0x4d00b10b0e10d9a9L,
-        0x6392b0b128da52b7L },
-      { 0x6744a2980b75c904L,0xc305b0aea8f7f96cL,0x042e421d182cf932L,
-        0xf6fc5d509e4636caL } },
-    /* 4 << 105 */
-    { { 0x795847c9d64cc78cL,0x6c50621b9b6cb27bL,0x07099bf8df8022abL,
-        0x48f862ebc04eda1dL },
-      { 0xd12732ede1603c16L,0x19a80e0f5c9a9450L,0xe2257f54b429b4fcL,
-        0x66d3b2c645460515L } },
-    /* 5 << 105 */
-    { { 0x6ca4f87e822e37beL,0x73f237b4253bda4eL,0xf747f3a241190aebL,
-        0xf06fa36f804cf284L },
-      { 0x0a6bbb6efc621c12L,0x5d624b6440b80ec6L,0x4b0724257ba556f3L,
-        0x7fa0c3543e2d20a8L } },
-    /* 6 << 105 */
-    { { 0xe921fa31e3229d41L,0xa929c65294531bd4L,0x84156027a6d38209L,
-        0xf3d69f736bdb97bdL },
-      { 0x8906d19a16833631L,0x68a34c2e03d51be3L,0xcb59583b0e511cd8L,
-        0x99ce6bfdfdc132a8L } },
-    /* 7 << 105 */
-    { { 0x3facdaaaffcdb463L,0x658bbc1a34a38b08L,0x12a801f8f1a9078dL,
-        0x1567bcf96ab855deL },
-      { 0xe08498e03572359bL,0xcf0353e58659e68bL,0xbb86e9c87d23807cL,
-        0xbc08728d2198e8a2L } },
-    /* 8 << 105 */
-    { { 0x8de2b7bc453cadd6L,0x203900a7bc0bc1f8L,0xbcd86e47a6abd3afL,
-        0x911cac128502effbL },
-      { 0x2d550242ec965469L,0x0e9f769229e0017eL,0x633f078f65979885L,
-        0xfb87d4494cf751efL } },
-    /* 9 << 105 */
-    { { 0xe1790e4bfc25419aL,0x364672034bff3cfdL,0xc8db638625b6e83fL,
-        0x6cc69f236cad6fd2L },
-      { 0x0219e45a6bc68bb9L,0xe43d79b6297f7334L,0x7d445368465dc97cL,
-        0x4b9eea322a0b949aL } },
-    /* 10 << 105 */
-    { { 0x1b96c6ba6102d021L,0xeaafac782f4461eaL,0xd4b85c41c49f19a8L,
-        0x275c28e4cf538875L },
-      { 0x35451a9ddd2e54e0L,0x6991adb50605618bL,0x5b8b4bcd7b36cd24L,
-        0x372a4f8c56f37216L } },
-    /* 11 << 105 */
-    { { 0xc890bd73a6a5da60L,0x6f083da0dc4c9ff0L,0xf4e14d94f0536e57L,
-        0xf9ee1edaaaec8243L },
-      { 0x571241ec8bdcf8e7L,0xa5db82710b041e26L,0x9a0b9a99e3fff040L,
-        0xcaaf21dd7c271202L } },
-    /* 12 << 105 */
-    { { 0xb4e2b2e14f0dd2e8L,0xe77e7c4f0a377ac7L,0x69202c3f0d7a2198L,
-        0xf759b7ff28200eb8L },
-      { 0xc87526eddcfe314eL,0xeb84c52453d5cf99L,0xb1b52ace515138b6L,
-        0x5aa7ff8c23fca3f4L } },
-    /* 13 << 105 */
-    { { 0xff0b13c3b9791a26L,0x960022dacdd58b16L,0xdbd55c9257aad2deL,
-        0x3baaaaa3f30fe619L },
-      { 0x9a4b23460d881efdL,0x506416c046325e2aL,0x91381e76035c18d4L,
-        0xb3bb68bef27817b0L } },
-    /* 14 << 105 */
-    { { 0x15bfb8bf5116f937L,0x7c64a586c1268943L,0x71e25cc38419a2c8L,
-        0x9fd6b0c48335f463L },
-      { 0x4bf0ba3ce8ee0e0eL,0x6f6fba60298c21faL,0x57d57b39ae66bee0L,
-        0x292d513022672544L } },
-    /* 15 << 105 */
-    { { 0xf451105dbab093b3L,0x012f59b902839986L,0x8a9158023474a89cL,
-        0x048c919c2de03e97L },
-      { 0xc476a2b591071cd5L,0x791ed89a034970a5L,0x89bd9042e1b7994bL,
-        0x8eaf5179a1057ffdL } },
-    /* 16 << 105 */
-    { { 0x6066e2a2d551ee10L,0x87a8f1d8727e09a6L,0x00d08bab2c01148dL,
-        0x6da8e4f1424f33feL },
-      { 0x466d17f0cf9a4e71L,0xff5020103bf5cb19L,0xdccf97d8d062ecc0L,
-        0x80c0d9af81d80ac4L } },
-    /* 17 << 105 */
-    { { 0xe87771d8033f2876L,0xb0186ec67d5cc3dbL,0x58e8bb803bc9bc1dL,
-        0x4d1395cc6f6ef60eL },
-      { 0xa73c62d6186244a0L,0x918e5f23110a5b53L,0xed4878ca741b7eabL,
-        0x3038d71adbe03e51L } },
-    /* 18 << 105 */
-    { { 0x840204b7a93c3246L,0x21ab6069a0b9b4cdL,0xf5fa6e2bb1d64218L,
-        0x1de6ad0ef3d56191L },
-      { 0x570aaa88ff1929c7L,0xc6df4c6b640e87b5L,0xde8a74f2c65f0cccL,
-        0x8b972fd5e6f6cc01L } },
-    /* 19 << 105 */
-    { { 0x3fff36b60b846531L,0xba7e45e610a5e475L,0x84a1d10e4145b6c5L,
-        0xf1f7f91a5e046d9dL },
-      { 0x0317a69244de90d7L,0x951a1d4af199c15eL,0x91f78046c9d73debL,
-        0x74c82828fab8224fL } },
-    /* 20 << 105 */
-    { { 0xaa6778fce7560b90L,0xb4073e61a7e824ceL,0xff0d693cd642eba8L,
-        0x7ce2e57a5dccef38L },
-      { 0x89c2c7891df1ad46L,0x83a06922098346fdL,0x2d715d72da2fc177L,
-        0x7b6dd71d85b6cf1dL } },
-    /* 21 << 105 */
-    { { 0xc60a6d0a73fa9cb0L,0xedd3992e328bf5a9L,0xc380ddd0832c8c82L,
-        0xd182d410a2a0bf50L },
-      { 0x7d9d7438d9a528dbL,0xe8b1a0e9caf53994L,0xddd6e5fe0e19987cL,
-        0xacb8df03190b059dL } },
-    /* 22 << 105 */
-    { { 0x53703a328300129fL,0x1f63766268c43bfdL,0xbcbd191300e54051L,
-        0x812fcc627bf5a8c5L },
-      { 0x3f969d5f29fb85daL,0x72f4e00a694759e8L,0x426b6e52790726b7L,
-        0x617bbc873bdbb209L } },
-    /* 23 << 105 */
-    { { 0x511f8bb997aee317L,0x812a4096e81536a8L,0x137dfe593ac09b9bL,
-        0x0682238fba8c9a7aL },
-      { 0x7072ead6aeccb4bdL,0x6a34e9aa692ba633L,0xc82eaec26fff9d33L,
-        0xfb7535121d4d2b62L } },
-    /* 24 << 105 */
-    { { 0x1a0445ff1d7aadabL,0x65d38260d5f6a67cL,0x6e62fb0891cfb26fL,
-        0xef1e0fa55c7d91d6L },
-      { 0x47e7c7ba33db72cdL,0x017cbc09fa7c74b2L,0x3c931590f50a503cL,
-        0xcac54f60616baa42L } },
-    /* 25 << 105 */
-    { { 0x9b6cd380b2369f0fL,0x97d3a70d23c76151L,0x5f9dd6fc9862a9c6L,
-        0x044c4ab212312f51L },
-      { 0x035ea0fd834a2ddcL,0x49e6b862cc7b826dL,0xb03d688362fce490L,
-        0x62f2497ab37e36e9L } },
-    /* 26 << 105 */
-    { { 0x04b005b6c6458293L,0x36bb5276e8d10af7L,0xacf2dc138ee617b8L,
-        0x470d2d35b004b3d4L },
-      { 0x06790832feeb1b77L,0x2bb75c3985657f9cL,0xd70bd4edc0f60004L,
-        0xfe797ecc219b018bL } },
-    /* 27 << 105 */
-    { { 0x9b5bec2a753aebccL,0xdaf9f3dcc939eca5L,0xd6bc6833d095ad09L,
-        0x98abdd51daa4d2fcL },
-      { 0xd9840a318d168be5L,0xcf7c10e02325a23cL,0xa5c02aa07e6ecfafL,
-        0x2462e7e6b5bfdf18L } },
-    /* 28 << 105 */
-    { { 0xab2d8a8ba0cc3f12L,0x68dd485dbc672a29L,0x72039752596f2cd3L,
-        0x5d3eea67a0cf3d8dL },
-      { 0x810a1a81e6602671L,0x8f144a4014026c0cL,0xbc753a6d76b50f85L,
-        0xc4dc21e8645cd4a4L } },
-    /* 29 << 105 */
-    { { 0xc5262dea521d0378L,0x802b8e0e05011c6fL,0x1ba19cbb0b4c19eaL,
-        0x21db64b5ebf0aaecL },
-      { 0x1f394ee970342f9dL,0x93a10aee1bc44a14L,0xa7eed31b3efd0baaL,
-        0x6e7c824e1d154e65L } },
-    /* 30 << 105 */
-    { { 0xee23fa819966e7eeL,0x64ec4aa805b7920dL,0x2d44462d2d90aad4L,
-        0xf44dd195df277ad5L },
-      { 0x8d6471f1bb46b6a1L,0x1e65d313fd885090L,0x33a800f513a977b4L,
-        0xaca9d7210797e1efL } },
-    /* 31 << 105 */
-    { { 0x9a5a85a0fcff6a17L,0x9970a3f31eca7ceeL,0xbb9f0d6bc9504be3L,
-        0xe0c504beadd24ee2L },
-      { 0x7e09d95677fcc2f4L,0xef1a522765bb5fc4L,0x145d4fb18b9286aaL,
-        0x66fd0c5d6649028bL } },
-    /* 32 << 105 */
-    { { 0x98857ceb1bf4581cL,0xe635e186aca7b166L,0x278ddd22659722acL,
-        0xa0903c4c1db68007L },
-      { 0x366e458948f21402L,0x31b49c14b96abda2L,0x329c4b09e0403190L,
-        0x97197ca3d29f43feL } },
-    /* 33 << 105 */
-    { { 0x8073dd1e274983d8L,0xda1a3bde55717c8fL,0xfd3d4da20361f9d1L,
-        0x1332d0814c7de1ceL },
-      { 0x9b7ef7a3aa6d0e10L,0x17db2e73f54f1c4aL,0xaf3dffae4cd35567L,
-        0xaaa2f406e56f4e71L } },
-    /* 34 << 105 */
-    { { 0x8966759e7ace3fc7L,0x9594eacf45a8d8c6L,0x8de3bd8b91834e0eL,
-        0xafe4ca53548c0421L },
-      { 0xfdd7e856e6ee81c6L,0x8f671beb6b891a3aL,0xf7a58f2bfae63829L,
-        0x9ab186fb9c11ac9fL } },
-    /* 35 << 105 */
-    { { 0x8d6eb36910b5be76L,0x046b7739fb040bcdL,0xccb4529fcb73de88L,
-        0x1df0fefccf26be03L },
-      { 0xad7757a6bcfcd027L,0xa8786c75bb3165caL,0xe9db1e347e99a4d9L,
-        0x99ee86dfb06c504bL } },
-    /* 36 << 105 */
-    { { 0x5b7c2dddc15c9f0aL,0xdf87a7344295989eL,0x59ece47c03d08fdaL,
-        0xb074d3ddad5fc702L },
-      { 0x2040790351a03776L,0x2bb1f77b2a608007L,0x25c58f4fe1153185L,
-        0xe6df62f6766e6447L } },
-    /* 37 << 105 */
-    { { 0xefb3d1beed51275aL,0x5de47dc72f0f483fL,0x7932d98e97c2bedfL,
-        0xd5c119270219f8a1L },
-      { 0x9d751200a73a294eL,0x5f88434a9dc20172L,0xd28d9fd3a26f506aL,
-        0xa890cd319d1dcd48L } },
-    /* 38 << 105 */
-    { { 0x0aebaec170f4d3b4L,0xfd1a13690ffc8d00L,0xb9d9c24057d57838L,
-        0x45929d2668bac361L },
-      { 0x5a2cd06025b15ca6L,0x4b3c83e16e474446L,0x1aac7578ee1e5134L,
-        0xa418f5d6c91e2f41L } },
-    /* 39 << 105 */
-    { { 0x6936fc8a213ed68bL,0x860ae7ed510a5224L,0x63660335def09b53L,
-        0x641b2897cd79c98dL },
-      { 0x29bd38e101110f35L,0x79c26f42648b1937L,0x64dae5199d9164f4L,
-        0xd85a23100265c273L } },
-    /* 40 << 105 */
-    { { 0x7173dd5d4b07e2b1L,0xd144c4cb8d9ea221L,0xe8b04ea41105ab14L,
-        0x92dda542fe80d8f1L },
-      { 0xe9982fa8cf03dce6L,0x8b5ea9651a22cffcL,0xf7f4ea7f3fad88c4L,
-        0x62db773e6a5ba95cL } },
-    /* 41 << 105 */
-    { { 0xd20f02fb93f24567L,0xfd46c69a315257caL,0x0ac74cc78bcab987L,
-        0x46f31c015ceca2f5L },
-      { 0x40aedb59888b219eL,0xe50ecc37e1fccd02L,0x1bcd9dad911f816cL,
-        0x583cc1ec8db9b00cL } },
-    /* 42 << 105 */
-    { { 0xf3cd2e66a483bf11L,0xfa08a6f5b1b2c169L,0xf375e2454be9fa28L,
-        0x99a7ffec5b6d011fL },
-      { 0x6a3ebddbc4ae62daL,0x6cea00ae374aef5dL,0xab5fb98d9d4d05bcL,
-        0x7cba1423d560f252L } },
-    /* 43 << 105 */
-    { { 0x49b2cc21208490deL,0x1ca66ec3bcfb2879L,0x7f1166b71b6fb16fL,
-        0xfff63e0865fe5db3L },
-      { 0xb8345abe8b2610beL,0xb732ed8039de3df4L,0x0e24ed50211c32b4L,
-        0xd10d8a69848ff27dL } },
-    /* 44 << 105 */
-    { { 0xc1074398ed4de248L,0xd7cedace10488927L,0xa4aa6bf885673e13L,
-        0xb46bae916daf30afL },
-      { 0x07088472fcef7ad8L,0x61151608d4b35e97L,0xbcfe8f26dde29986L,
-        0xeb84c4c7d5a34c79L } },
-    /* 45 << 105 */
-    { { 0xc1eec55c164e1214L,0x891be86da147bb03L,0x9fab4d100ba96835L,
-        0xbf01e9b8a5c1ae9fL },
-      { 0x6b4de139b186ebc0L,0xd5c74c2685b91bcaL,0x5086a99cc2d93854L,
-        0xeed62a7ba7a9dfbcL } },
-    /* 46 << 105 */
-    { { 0x8778ed6f76b7618aL,0xbff750a503b66062L,0x4cb7be22b65186dbL,
-        0x369dfbf0cc3a6d13L },
-      { 0xc7dab26c7191a321L,0x9edac3f940ed718eL,0xbc142b36d0cfd183L,
-        0xc8af82f67c991693L } },
-    /* 47 << 105 */
-    { { 0xb3d1e4d897ce0b2aL,0xe6d7c87fc3a55cdfL,0x35846b9568b81afeL,
-        0x018d12afd3c239d8L },
-      { 0x2b2c620801206e15L,0xe0e42453a3b882c6L,0x854470a3a50162d5L,
-        0x081574787017a62aL } },
-    /* 48 << 105 */
-    { { 0x18bd3fb4820357c7L,0x992039ae6f1458adL,0x9a1df3c525b44aa1L,
-        0x2d780357ed3d5281L },
-      { 0x58cf7e4dc77ad4d4L,0xd49a7998f9df4fc4L,0x4465a8b51d71205eL,
-        0xa0ee0ea6649254aaL } },
-    /* 49 << 105 */
-    { { 0x4b5eeecfab7bd771L,0x6c87307335c262b9L,0xdc5bd6483c9d61e7L,
-        0x233d6d54321460d2L },
-      { 0xd20c5626fc195bccL,0x2544595804d78b63L,0xe03fcb3d17ec8ef3L,
-        0x54b690d146b8f781L } },
-    /* 50 << 105 */
-    { { 0x82fa2c8a21230646L,0xf51aabb9084f418cL,0xff4fbec11a30ba43L,
-        0x6a5acf73743c9df7L },
-      { 0x1da2b357d635b4d5L,0xc3de68ddecd5c1daL,0xa689080bd61af0ddL,
-        0xdea5938ad665bf99L } },
-    /* 51 << 105 */
-    { { 0x0231d71afe637294L,0x01968aa6a5a81cd8L,0x11252d50048e63b5L,
-        0xc446bc526ca007e9L },
-      { 0xef8c50a696d6134bL,0x9361fbf59e09a05cL,0xf17f85a6dca3291aL,
-        0xb178d548ff251a21L } },
-    /* 52 << 105 */
-    { { 0x87f6374ba4df3915L,0x566ce1bf2fd5d608L,0x425cba4d7de35102L,
-        0x6b745f8f58c5d5e2L },
-      { 0x88402af663122edfL,0x3190f9ed3b989a89L,0x4ad3d387ebba3156L,
-        0xef385ad9c7c469a5L } },
-    /* 53 << 105 */
-    { { 0xb08281de3f642c29L,0x20be0888910ffb88L,0xf353dd4ad5292546L,
-        0x3f1627de8377a262L },
-      { 0xa5faa013eefcd638L,0x8f3bf62674cc77c3L,0x32618f65a348f55eL,
-        0x5787c0dc9fefeb9eL } },
-    /* 54 << 105 */
-    { { 0xf1673aa2d9a23e44L,0x88dfa9934e10690dL,0x1ced1b362bf91108L,
-        0x9193ceca3af48649L },
-      { 0xfb34327d2d738fc5L,0x6697b037975fee6cL,0x2f485da0c04079a5L,
-        0x2cdf57352feaa1acL } },
-    /* 55 << 105 */
-    { { 0x76944420bd55659eL,0x7973e32b4376090cL,0x86bb4fe1163b591aL,
-        0x10441aedc196f0caL },
-      { 0x3b431f4a045ad915L,0x6c11b437a4afacb1L,0x30b0c7db71fdbbd8L,
-        0xb642931feda65acdL } },
-    /* 56 << 105 */
-    { { 0x4baae6e89c92b235L,0xa73bbd0e6b3993a1L,0xd06d60ec693dd031L,
-        0x03cab91b7156881cL },
-      { 0xd615862f1db3574bL,0x485b018564bb061aL,0x27434988a0181e06L,
-        0x2cd61ad4c1c0c757L } },
-    /* 57 << 105 */
-    { { 0x3effed5a2ff9f403L,0x8dc98d8b62239029L,0x2206021e1f17b70dL,
-        0xafbec0cabf510015L },
-      { 0x9fed716480130dfaL,0x306dc2b58a02dcf5L,0x48f06620feb10fc0L,
-        0x78d1e1d55a57cf51L } },
-    /* 58 << 105 */
-    { { 0xadef8c5a192ef710L,0x88afbd4b3b7431f9L,0x7e1f740764250c9eL,
-        0x6e31318db58bec07L },
-      { 0xfd4fc4b824f89b4eL,0x65a5dd8848c36a2aL,0x4f1eccfff024baa7L,
-        0x22a21cf2cba94650L } },
-    /* 59 << 105 */
-    { { 0x95d29dee42a554f7L,0x828983a5002ec4baL,0x8112a1f78badb73dL,
-        0x79ea8897a27c1839L },
-      { 0x8969a5a7d065fd83L,0xf49af791b262a0bcL,0xfcdea8b6af2b5127L,
-        0x10e913e1564c2dbcL } },
-    /* 60 << 105 */
-    { { 0x51239d14bc21ef51L,0xe51c3ceb4ce57292L,0x795ff06847bbcc3bL,
-        0x86b46e1ebd7e11e6L },
-      { 0x0ea6ba2380041ef4L,0xd72fe5056262342eL,0x8abc6dfd31d294d4L,
-        0xbbe017a21278c2c9L } },
-    /* 61 << 105 */
-    { { 0xb1fcfa09b389328aL,0x322fbc62d01771b5L,0x04c0d06360b045bfL,
-        0xdb652edc10e52d01L },
-      { 0x50ef932c03ec6627L,0xde1b3b2dc1ee50e3L,0x5ab7bdc5dc37a90dL,
-        0xfea6721331e33a96L } },
-    /* 62 << 105 */
-    { { 0x6482b5cb4f2999aaL,0x38476cc6b8cbf0ddL,0x93ebfacb173405bbL,
-        0x15cdafe7e52369ecL },
-      { 0xd42d5ba4d935b7dbL,0x648b60041c99a4cdL,0x785101bda3b5545bL,
-        0x4bf2c38a9dd67fafL } },
-    /* 63 << 105 */
-    { { 0xb1aadc634442449cL,0xe0e9921a33ad4fb8L,0x5c552313aa686d82L,
-        0xdee635fa465d866cL },
-      { 0xbc3c224a18ee6e8aL,0xeed748a6ed42e02fL,0xe70f930ad474cd08L,
-        0x774ea6ecfff24adfL } },
-    /* 64 << 105 */
-    { { 0x03e2de1cf3480d4aL,0xf0d8edc7bc8acf1aL,0xf23e330368295a9cL,
-        0xfadd5f68c546a97dL },
-      { 0x895597ad96f8acb1L,0xbddd49d5671bdae2L,0x16fcd52821dd43f4L,
-        0xa5a454126619141aL } },
-    /* 0 << 112 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 112 */
-    { { 0x8ce9b6bfc360e25aL,0xe6425195075a1a78L,0x9dc756a8481732f4L,
-        0x83c0440f5432b57aL },
-      { 0xc670b3f1d720281fL,0x2205910ed135e051L,0xded14b0edb052be7L,
-        0x697b3d27c568ea39L } },
-    /* 2 << 112 */
-    { { 0x2e599b9afb3ff9edL,0x28c2e0ab17f6515cL,0x1cbee4fd474da449L,
-        0x071279a44f364452L },
-      { 0x97abff6601fbe855L,0x3ee394e85fda51c4L,0x190385f667597c0bL,
-        0x6e9fccc6a27ee34bL } },
-    /* 3 << 112 */
-    { { 0x0b89de9314092ebbL,0xf17256bd428e240cL,0xcf89a7f393d2f064L,
-        0x4f57841ee1ed3b14L },
-      { 0x4ee14405e708d855L,0x856aae7203f1c3d0L,0xc8e5424fbdd7eed5L,
-        0x3333e4ef73ab4270L } },
-    /* 4 << 112 */
-    { { 0x3bc77adedda492f8L,0xc11a3aea78297205L,0x5e89a3e734931b4cL,
-        0x17512e2e9f5694bbL },
-      { 0x5dc349f3177bf8b6L,0x232ea4ba08c7ff3eL,0x9c4f9d16f511145dL,
-        0xccf109a333b379c3L } },
-    /* 5 << 112 */
-    { { 0xe75e7a88a1f25897L,0x7ac6961fa1b5d4d8L,0xe3e1077308f3ed5cL,
-        0x208a54ec0a892dfbL },
-      { 0xbe826e1978660710L,0x0cf70a97237df2c8L,0x418a7340ed704da5L,
-        0xa3eeb9a908ca33fdL } },
-    /* 6 << 112 */
-    { { 0x49d96233169bca96L,0x04d286d42da6aafbL,0xc09606eca0c2fa94L,
-        0x8869d0d523ff0fb3L },
-      { 0xa99937e5d0150d65L,0xa92e2503240c14c9L,0x656bf945108e2d49L,
-        0x152a733aa2f59e2bL } },
-    /* 7 << 112 */
-    { { 0xb4323d588434a920L,0xc0af8e93622103c5L,0x667518ef938dbf9aL,
-        0xa184307383a9cdf2L },
-      { 0x350a94aa5447ab80L,0xe5e5a325c75a3d61L,0x74ba507f68411a9eL,
-        0x10581fc1594f70c5L } },
-    /* 8 << 112 */
-    { { 0x60e2857080eb24a9L,0x7bedfb4d488e0cfdL,0x721ebbd7c259cdb8L,
-        0x0b0da855bc6390a9L },
-      { 0x2b4d04dbde314c70L,0xcdbf1fbc6c32e846L,0x33833eabb162fc9eL,
-        0x9939b48bb0dd3ab7L } },
-    /* 9 << 112 */
-    { { 0x5aaa98a7cb0c9c8cL,0x75105f3081c4375cL,0xceee50575ef1c90fL,
-        0xb31e065fc23a17bfL },
-      { 0x5364d275d4b6d45aL,0xd363f3ad62ec8996L,0xb5d212394391c65bL,
-        0x84564765ebb41b47L } },
-    /* 10 << 112 */
-    { { 0x20d18ecc37107c78L,0xacff3b6b570c2a66L,0x22f975d99bd0d845L,
-        0xef0a0c46ba178fa0L },
-      { 0x1a41965176b6028eL,0xc49ec674248612d4L,0x5b6ac4f27338af55L,
-        0x06145e627bee5a36L } },
-    /* 11 << 112 */
-    { { 0x33e95d07e75746b5L,0x1c1e1f6dc40c78beL,0x967833ef222ff8e2L,
-        0x4bedcf6ab49180adL },
-      { 0x6b37e9c13d7a4c8aL,0x2748887c6ddfe760L,0xf7055123aa3a5bbcL,
-        0x954ff2257bbb8e74L } },
-    /* 12 << 112 */
-    { { 0xc42b8ab197c3dfb9L,0x55a549b0cf168154L,0xad6748e7c1b50692L,
-        0x2775780f6fc5cbcbL },
-      { 0x4eab80b8e1c9d7c8L,0x8c69dae13fdbcd56L,0x47e6b4fb9969eaceL,
-        0x002f1085a705cb5aL } },
-    /* 13 << 112 */
-    { { 0x4e23ca446d3fea55L,0xb4ae9c86f4810568L,0x47bfb91b2a62f27dL,
-        0x60deb4c9d9bac28cL },
-      { 0xa892d8947de6c34cL,0x4ee682594494587dL,0x914ee14e1a3f8a5bL,
-        0xbb113eaa28700385L } },
-    /* 14 << 112 */
-    { { 0x81ca03b92115b4c9L,0x7c163d388908cad1L,0xc912a118aa18179aL,
-        0xe09ed750886e3081L },
-      { 0xa676e3fa26f516caL,0x753cacf78e732f91L,0x51592aea833da8b4L,
-        0xc626f42f4cbea8aaL } },
-    /* 15 << 112 */
-    { { 0xef9dc899a7b56eafL,0x00c0e52c34ef7316L,0x5b1e4e24fe818a86L,
-        0x9d31e20dc538be47L },
-      { 0x22eb932d3ed68974L,0xe44bbc087c4e87c4L,0x4121086e0dde9aefL,
-        0x8e6b9cff134f4345L } },
-    /* 16 << 112 */
-    { { 0x96892c1f711b0eb9L,0xb905f2c8780ab954L,0xace26309a20792dbL,
-        0xec8ac9b30684e126L },
-      { 0x486ad8b6b40a2447L,0x60121fc19fe3fb24L,0x5626fccf1a8e3b3fL,
-        0x4e5686226ad1f394L } },
-    /* 17 << 112 */
-    { { 0xda7aae0d196aa5a1L,0xe0df8c771041b5fbL,0x451465d926b318b7L,
-        0xc29b6e557ab136e9L },
-      { 0x2c2ab48b71148463L,0xb5738de364454a76L,0x54ccf9a05a03abe4L,
-        0x377c02960427d58eL } },
-    /* 18 << 112 */
-    { { 0x73f5f0b92bb39c1fL,0x14373f2ce608d8c5L,0xdcbfd31400fbb805L,
-        0xdf18fb2083afdcfbL },
-      { 0x81a57f4242b3523fL,0xe958532d87f650fbL,0xaa8dc8b68b0a7d7cL,
-        0x1b75dfb7150166beL } },
-    /* 19 << 112 */
-    { { 0x90e4f7c92d7d1413L,0x67e2d6b59834f597L,0x4fd4f4f9a808c3e8L,
-        0xaf8237e0d5281ec1L },
-      { 0x25ab5fdc84687ceeL,0xc5ded6b1a5b26c09L,0x8e4a5aecc8ea7650L,
-        0x23b73e5c14cc417fL } },
-    /* 20 << 112 */
-    { { 0x2bfb43183037bf52L,0xb61e6db578c725d7L,0x8efd4060bbb3e5d7L,
-        0x2e014701dbac488eL },
-      { 0xac75cf9a360aa449L,0xb70cfd0579634d08L,0xa591536dfffb15efL,
-        0xb2c37582d07c106cL } },
-    /* 21 << 112 */
-    { { 0xb4293fdcf50225f9L,0xc52e175cb0e12b03L,0xf649c3bad0a8bf64L,
-        0x745a8fefeb8ae3c6L },
-      { 0x30d7e5a358321bc3L,0xb1732be70bc4df48L,0x1f217993e9ea5058L,
-        0xf7a71cde3e4fd745L } },
-    /* 22 << 112 */
-    { { 0x86cc533e894c5bbbL,0x6915c7d969d83082L,0xa6aa2d055815c244L,
-        0xaeeee59249b22ce5L },
-      { 0x89e39d1378135486L,0x3a275c1f16b76f2fL,0xdb6bcc1be036e8f5L,
-        0x4df69b215e4709f5L } },
-    /* 23 << 112 */
-    { { 0xa188b2502d0f39aaL,0x622118bb15a85947L,0x2ebf520ffde0f4faL,
-        0xa40e9f294860e539L },
-      { 0x7b6a51eb22b57f0fL,0x849a33b97e80644aL,0x50e5d16f1cf095feL,
-        0xd754b54eec55f002L } },
-    /* 24 << 112 */
-    { { 0x5cfbbb22236f4a98L,0x0b0c59e9066800bbL,0x4ac69a8f5a9a7774L,
-        0x2b33f804d6bec948L },
-      { 0xb372929532e6c466L,0x68956d0f4e599c73L,0xa47a249f155c31ccL,
-        0x24d80f0de1ce284eL } },
-    /* 25 << 112 */
-    { { 0xcd821dfb988baf01L,0xe6331a7ddbb16647L,0x1eb8ad33094cb960L,
-        0x593cca38c91bbca5L },
-      { 0x384aac8d26567456L,0x40fa0309c04b6490L,0x97834cd6dab6c8f6L,
-        0x68a7318d3f91e55fL } },
-    /* 26 << 112 */
-    { { 0xa00fd04efc4d3157L,0xb56f8ab22bf3bdeaL,0x014f56484fa57172L,
-        0x948c5860450abdb3L },
-      { 0x342b5df00ebd4f08L,0x3e5168cd0e82938eL,0x7aedc1ceb0df5dd0L,
-        0x6bbbc6d9e5732516L } },
-    /* 27 << 112 */
-    { { 0xc7bfd486605daaa6L,0x46fd72b7bb9a6c9eL,0xe4847fb1a124fb89L,
-        0x75959cbda2d8ffbcL },
-      { 0x42579f65c8a588eeL,0x368c92e6b80b499dL,0xea4ef6cd999a5df1L,
-        0xaa73bb7f936fe604L } },
-    /* 28 << 112 */
-    { { 0xf347a70d6457d188L,0x86eda86b8b7a388bL,0xb7cdff060ccd6013L,
-        0xbeb1b6c7d0053fb2L },
-      { 0x0b02238799240a9fL,0x1bbb384f776189b2L,0x8695e71e9066193aL,
-        0x2eb5009706ffac7eL } },
-    /* 29 << 112 */
-    { { 0x0654a9c04a7d2caaL,0x6f3fb3d1a5aaa290L,0x835db041ff476e8fL,
-        0x540b8b0bc42295e4L },
-      { 0xa5c73ac905e214f5L,0x9a74075a56a0b638L,0x2e4b1090ce9e680bL,
-        0x57a5b4796b8d9afaL } },
-    /* 30 << 112 */
-    { { 0x0dca48e726bfe65cL,0x097e391c7290c307L,0x683c462e6669e72eL,
-        0xf505be1e062559acL },
-      { 0x5fbe3ea1e3a3035aL,0x6431ebf69cd50da8L,0xfd169d5c1f6407f2L,
-        0x8d838a9560fce6b8L } },
-    /* 31 << 112 */
-    { { 0x2a2bfa7f650006f0L,0xdfd7dad350c0fbb2L,0x92452495ccf9ad96L,
-        0x183bf494d95635f9L },
-      { 0x02d5df434a7bd989L,0x505385cca5431095L,0xdd98e67dfd43f53eL,
-        0xd61e1a6c500c34a9L } },
-    /* 32 << 112 */
-    { { 0x5a4b46c64a8a3d62L,0x8469c4d0247743d2L,0x2bb3a13d88f7e433L,
-        0x62b23a1001be5849L },
-      { 0xe83596b4a63d1a4cL,0x454e7fea7d183f3eL,0x643fce6117afb01cL,
-        0x4e65e5e61c4c3638L } },
-    /* 33 << 112 */
-    { { 0x41d85ea1ef74c45bL,0x2cfbfa66ae328506L,0x98b078f53ada7da9L,
-        0xd985fe37ec752fbbL },
-      { 0xeece68fe5a0148b4L,0x6f9a55c72d78136dL,0x232dccc4d2b729ceL,
-        0xa27e0dfd90aafbc4L } },
-    /* 34 << 112 */
-    { { 0x9647445212b4603eL,0xa876c5516b706d14L,0xdf145fcf69a9d412L,
-        0xe2ab75b72d479c34L },
-      { 0x12df9a761a23ff97L,0xc61389925d359d10L,0x6e51c7aefa835f22L,
-        0x69a79cb1c0fcc4d9L } },
-    /* 35 << 112 */
-    { { 0xf57f350d594cc7e1L,0x3079ca633350ab79L,0x226fb6149aff594aL,
-        0x35afec026d59a62bL },
-      { 0x9bee46f406ed2c6eL,0x58da17357d939a57L,0x44c504028fd1797eL,
-        0xd8853e7c5ccea6caL } },
-    /* 36 << 112 */
-    { { 0x4065508da35fcd5fL,0x8965df8c495ccaebL,0x0f2da85012e1a962L,
-        0xee471b94c1cf1cc4L },
-      { 0xcef19bc80a08fb75L,0x704958f581de3591L,0x2867f8b23aef4f88L,
-        0x8d749384ea9f9a5fL } },
-    /* 37 << 112 */
-    { { 0x1b3855378c9049f4L,0x5be948f37b92d8b6L,0xd96f725db6e2bd6bL,
-        0x37a222bc958c454dL },
-      { 0xe7c61abb8809bf61L,0x46f07fbc1346f18dL,0xfb567a7ae87c0d1cL,
-        0x84a461c87ef3d07aL } },
-    /* 38 << 112 */
-    { { 0x0a5adce6d9278d98L,0x24d948139dfc73e1L,0x4f3528b6054321c3L,
-        0x2e03fdde692ea706L },
-      { 0x10e6061947b533c0L,0x1a8bc73f2ca3c055L,0xae58d4b21bb62b8fL,
-        0xb2045a73584a24e3L } },
-    /* 39 << 112 */
-    { { 0x3ab3d5afbd76e195L,0x478dd1ad6938a810L,0x6ffab3936ee3d5cbL,
-        0xdfb693db22b361e4L },
-      { 0xf969449651dbf1a7L,0xcab4b4ef08a2e762L,0xe8c92f25d39bba9aL,
-        0x850e61bcf1464d96L } },
-    /* 40 << 112 */
-    { { 0xb7e830e3dc09508bL,0xfaf6d2cf74317655L,0x72606cebdf690355L,
-        0x48bb92b3d0c3ded6L },
-      { 0x65b754845c7cf892L,0xf6cd7ac9d5d5f01fL,0xc2c30a5996401d69L,
-        0x91268650ed921878L } },
-    /* 41 << 112 */
-    { { 0x380bf913b78c558fL,0x43c0baebc8afdaa9L,0x377f61d554f169d3L,
-        0xf8da07e3ae5ff20bL },
-      { 0xb676c49da8a90ea8L,0x81c1ff2b83a29b21L,0x383297ac2ad8d276L,
-        0x3001122fba89f982L } },
-    /* 42 << 112 */
-    { { 0xe1d794be6718e448L,0x246c14827c3e6e13L,0x56646ef85d26b5efL,
-        0x80f5091e88069cddL },
-      { 0xc5992e2f724bdd38L,0x02e915b48471e8c7L,0x96ff320a0d0ff2a9L,
-        0xbf8864874384d1a0L } },
-    /* 43 << 112 */
-    { { 0xbbe1e6a6c93f72d6L,0xd5f75d12cad800eaL,0xfa40a09fe7acf117L,
-        0x32c8cdd57581a355L },
-      { 0x742219927023c499L,0xa8afe5d738ec3901L,0x5691afcba90e83f0L,
-        0x41bcaa030b8f8eacL } },
-    /* 44 << 112 */
-    { { 0xe38b5ff98d2668d5L,0x0715281a7ad81965L,0x1bc8fc7c03c6ce11L,
-        0xcbbee6e28b650436L },
-      { 0x06b00fe80cdb9808L,0x17d6e066fe3ed315L,0x2e9d38c64d0b5018L,
-        0xab8bfd56844dcaefL } },
-    /* 45 << 112 */
-    { { 0x42894a59513aed8bL,0xf77f3b6d314bd07aL,0xbbdecb8f8e42b582L,
-        0xf10e2fa8d2390fe6L },
-      { 0xefb9502262a2f201L,0x4d59ea5050ee32b0L,0xd87f77286da789a8L,
-        0xcf98a2cff79492c4L } },
-    /* 46 << 112 */
-    { { 0xf9577239720943c2L,0xba044cf53990b9d0L,0x5aa8e82395f2884aL,
-        0x834de6ed0278a0afL },
-      { 0xc8e1ee9a5f25bd12L,0x9259ceaa6f7ab271L,0x7e6d97a277d00b76L,
-        0x5c0c6eeaa437832aL } },
-    /* 47 << 112 */
-    { { 0x5232c20f5606b81dL,0xabd7b3750d991ee5L,0x4d2bfe358632d951L,
-        0x78f8514698ed9364L },
-      { 0x951873f0f30c3282L,0x0da8ac80a789230bL,0x3ac7789c5398967fL,
-        0xa69b8f7fbdda0fb5L } },
-    /* 48 << 112 */
-    { { 0xe5db77176add8545L,0x1b71cb6672c49b66L,0xd856073968421d77L,
-        0x03840fe883e3afeaL },
-      { 0xb391dad51ec69977L,0xae243fb9307f6726L,0xc88ac87be8ca160cL,
-        0x5174cced4ce355f4L } },
-    /* 49 << 112 */
-    { { 0x98a35966e58ba37dL,0xfdcc8da27817335dL,0x5b75283083fbc7bfL,
-        0x68e419d4d9c96984L },
-      { 0x409a39f402a40380L,0x88940faf1fe977bcL,0xc640a94b8f8edea6L,
-        0x1e22cd17ed11547dL } },
-    /* 50 << 112 */
-    { { 0xe28568ce59ffc3e2L,0x60aa1b55c1dee4e7L,0xc67497c8837cb363L,
-        0x06fb438a105a2bf2L },
-      { 0x30357ec4500d8e20L,0x1ad9095d0670db10L,0x7f589a05c73b7cfdL,
-        0xf544607d880d6d28L } },
-    /* 51 << 112 */
-    { { 0x17ba93b1a20ef103L,0xad8591306ba6577bL,0x65c91cf66fa214a0L,
-        0xd7d49c6c27990da5L },
-      { 0xecd9ec8d20bb569dL,0xbd4b2502eeffbc33L,0x2056ca5a6bed0467L,
-        0x7916a1f75b63728cL } },
-    /* 52 << 112 */
-    { { 0xd4f9497d53a4f566L,0x8973466497b56810L,0xf8e1da740494a621L,
-        0x82546a938d011c68L },
-      { 0x1f3acb19c61ac162L,0x52f8fa9cabad0d3eL,0x15356523b4b7ea43L,
-        0x5a16ad61ae608125L } },
-    /* 53 << 112 */
-    { { 0xb0bcb87f4faed184L,0x5f236b1d5029f45fL,0xd42c76070bc6b1fcL,
-        0xc644324e68aefce3L },
-      { 0x8e191d595c5d8446L,0xc020807713ae1979L,0xadcaee553ba59cc7L,
-        0x20ed6d6ba2cb81baL } },
-    /* 54 << 112 */
-    { { 0x0952ba19b6efcffcL,0x60f12d6897c0b87cL,0x4ee2c7c49caa30bcL,
-        0x767238b797fbff4eL },
-      { 0xebc73921501b5d92L,0x3279e3dfc2a37737L,0x9fc12bc86d197543L,
-        0xfa94dc6f0a40db4eL } },
-    /* 55 << 112 */
-    { { 0x7392b41a530ccbbdL,0x87c82146ea823525L,0xa52f984c05d98d0cL,
-        0x2ae57d735ef6974cL },
-      { 0x9377f7bf3042a6ddL,0xb1a007c019647a64L,0xfaa9079a0cca9767L,
-        0x3d81a25bf68f72d5L } },
-    /* 56 << 112 */
-    { { 0x752067f8ff81578eL,0x786221509045447dL,0xc0c22fcf0505aa6fL,
-        0x1030f0a66bed1c77L },
-      { 0x31f29f151f0bd739L,0x2d7989c7e6debe85L,0x5c070e728e677e98L,
-        0x0a817bd306e81fd5L } },
-    /* 57 << 112 */
-    { { 0xc110d830b0f2ac95L,0x48d0995aab20e64eL,0x0f3e00e17729cd9aL,
-        0x2a570c20dd556946L },
-      { 0x912dbcfd4e86214dL,0x2d014ee2cf615498L,0x55e2b1e63530d76eL,
-        0xc5135ae4fd0fd6d1L } },
-    /* 58 << 112 */
-    { { 0x0066273ad4f3049fL,0xbb8e9893e7087477L,0x2dba1ddb14c6e5fdL,
-        0xdba3788651f57e6cL },
-      { 0x5aaee0a65a72f2cfL,0x1208bfbf7bea5642L,0xf5c6aa3b67872c37L,
-        0xd726e08343f93224L } },
-    /* 59 << 112 */
-    { { 0x1854daa5061f1658L,0xc0016df1df0cd2b3L,0xc2a3f23e833d50deL,
-        0x73b681d2bbbd3017L },
-      { 0x2f046dc43ac343c0L,0x9c847e7d85716421L,0xe1e13c910917eed4L,
-        0x3fc9eebd63a1b9c6L } },
-    /* 60 << 112 */
-    { { 0x0f816a727fe02299L,0x6335ccc2294f3319L,0x3820179f4745c5beL,
-        0xe647b782922f066eL },
-      { 0xc22e49de02cafb8aL,0x299bc2fffcc2ecccL,0x9a8feea26e0e8282L,
-        0xa627278bfe893205L } },
-    /* 61 << 112 */
-    { { 0xa7e197337933e47bL,0xf4ff6b132e766402L,0xa4d8be0a98440d9fL,
-        0x658f5c2f38938808L },
-      { 0x90b75677c95b3b3eL,0xfa0442693137b6ffL,0x077b039b43c47c29L,
-        0xcca95dd38a6445b2L } },
-    /* 62 << 112 */
-    { { 0x0b498ba42333fc4cL,0x274f8e68f736a1b1L,0x6ca348fd5f1d4b2eL,
-        0x24d3be78a8f10199L },
-      { 0x8535f858ca14f530L,0xa6e7f1635b982e51L,0x847c851236e1bf62L,
-        0xf6a7c58e03448418L } },
-    /* 63 << 112 */
-    { { 0x583f3703f9374ab6L,0x864f91956e564145L,0x33bc3f4822526d50L,
-        0x9f323c801262a496L },
-      { 0xaa97a7ae3f046a9aL,0x70da183edf8a039aL,0x5b68f71c52aa0ba6L,
-        0x9be0fe5121459c2dL } },
-    /* 64 << 112 */
-    { { 0xc1e17eb6cbc613e5L,0x33131d55497ea61cL,0x2f69d39eaf7eded5L,
-        0x73c2f434de6af11bL },
-      { 0x4ca52493a4a375faL,0x5f06787cb833c5c2L,0x814e091f3e6e71cfL,
-        0x76451f578b746666L } },
-    /* 0 << 119 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 119 */
-    { { 0x80f9bdef694db7e0L,0xedca8787b9fcddc6L,0x51981c3403b8dce1L,
-        0x4274dcf170e10ba1L },
-      { 0xf72743b86def6d1aL,0xd25b1670ebdb1866L,0xc4491e8c050c6f58L,
-        0x2be2b2ab87fbd7f5L } },
-    /* 2 << 119 */
-    { { 0x3e0e5c9dd111f8ecL,0xbcc33f8db7c4e760L,0x702f9a91bd392a51L,
-        0x7da4a795c132e92dL },
-      { 0x1a0b0ae30bb1151bL,0x54febac802e32251L,0xea3a5082694e9e78L,
-        0xe58ffec1e4fe40b8L } },
-    /* 3 << 119 */
-    { { 0xf85592fcd1e0cf9eL,0xdea75f0dc0e7b2e8L,0xc04215cfc135584eL,
-        0x174fc7272f57092aL },
-      { 0xe7277877eb930beaL,0x504caccb5eb02a5aL,0xf9fe08f7f5241b9bL,
-        0xe7fb62f48d5ca954L } },
-    /* 4 << 119 */
-    { { 0xfbb8349d29c4120bL,0x9f94391fc0d0d915L,0xc4074fa75410ba51L,
-        0xa66adbf6150a5911L },
-      { 0xc164543c34bfca38L,0xe0f27560b9e1ccfcL,0x99da0f53e820219cL,
-        0xe8234498c6b4997aL } },
-    /* 5 << 119 */
-    { { 0xcfb88b769d4c5423L,0x9e56eb10b0521c49L,0x418e0b5ebe8700a1L,
-        0x00cbaad6f93cb58aL },
-      { 0xe923fbded92a5e67L,0xca4979ac1f347f11L,0x89162d856bc0585bL,
-        0xdd6254afac3c70e3L } },
-    /* 6 << 119 */
-    { { 0x7b23c513516e19e4L,0x56e2e847c5c4d593L,0x9f727d735ce71ef6L,
-        0x5b6304a6f79a44c5L },
-      { 0x6638a7363ab7e433L,0x1adea470fe742f83L,0xe054b8545b7fc19fL,
-        0xf935381aba1d0698L } },
-    /* 7 << 119 */
-    { { 0x546eab2d799e9a74L,0x96239e0ea949f729L,0xca274c6b7090055aL,
-        0x835142c39020c9b0L },
-      { 0xa405667aa2e8807fL,0x29f2c0851aa3d39eL,0xcc555d6442fc72f5L,
-        0xe856e0e7fbeacb3cL } },
-    /* 8 << 119 */
-    { { 0xb5504f9d918e4936L,0x65035ef6b2513982L,0x0553a0c26f4d9cb9L,
-        0x6cb10d56bea85509L },
-      { 0x48d957b7a242da11L,0x16a4d3dd672b7268L,0x3d7e637c8502a96bL,
-        0x27c7032b730d463bL } },
-    /* 9 << 119 */
-    { { 0xbdc02b18e4136a14L,0xbacf969d678e32bfL,0xc98d89a3dd9c3c03L,
-        0x7b92420a23becc4fL },
-      { 0xd4b41f78c64d565cL,0x9f969d0010f28295L,0xec7f7f76b13d051aL,
-        0x08945e1ea92da585L } },
-    /* 10 << 119 */
-    { { 0x55366b7d5846426fL,0xe7d09e89247d441dL,0x510b404d736fbf48L,
-        0x7fa003d0e784bd7dL },
-      { 0x25f7614f17fd9596L,0x49e0e0a135cb98dbL,0x2c65957b2e83a76aL,
-        0x5d40da8dcddbe0f8L } },
-    /* 11 << 119 */
-    { { 0xf2b8c405050bad24L,0x8918426dc2aa4823L,0x2aeab3dda38365a7L,
-        0x720317177c91b690L },
-      { 0x8b00d69960a94120L,0x478a255de99eaeecL,0xbf656a5f6f60aafdL,
-        0xdfd7cb755dee77b3L } },
-    /* 12 << 119 */
-    { { 0x37f68bb4a595939dL,0x0355647928740217L,0x8e740e7c84ad7612L,
-        0xd89bc8439044695fL },
-      { 0xf7f3da5d85a9184dL,0x562563bb9fc0b074L,0x06d2e6aaf88a888eL,
-        0x612d8643161fbe7cL } },
-    /* 13 << 119 */
-    { { 0x465edba7f64085e7L,0xb230f30429aa8511L,0x53388426cda2d188L,
-        0x908857354b666649L },
-      { 0x6f02ff9a652f54f6L,0x65c822945fae2bf0L,0x7816ade062f5eee3L,
-        0xdcdbdf43fcc56d70L } },
-    /* 14 << 119 */
-    { { 0x9fb3bba354530bb2L,0xbde3ef77cb0869eaL,0x89bc90460b431163L,
-        0x4d03d7d2e4819a35L },
-      { 0x33ae4f9e43b6a782L,0x216db3079c88a686L,0x91dd88e000ffedd9L,
-        0xb280da9f12bd4840L } },
-    /* 15 << 119 */
-    { { 0x32a7cb8a1635e741L,0xfe14008a78be02a7L,0x3fafb3341b7ae030L,
-        0x7fd508e75add0ce9L },
-      { 0x72c83219d607ad51L,0x0f229c0a8d40964aL,0x1be2c3361c878da2L,
-        0xe0c96742eab2ab86L } },
-    /* 16 << 119 */
-    { { 0x458f86913e538cd7L,0xa7001f6c8e08ad53L,0x52b8c6e6bf5d15ffL,
-        0x548234a4011215ddL },
-      { 0xff5a9d2d3d5b4045L,0xb0ffeeb64a904190L,0x55a3aca448607f8bL,
-        0x8cbd665c30a0672aL } },
-    /* 17 << 119 */
-    { { 0x87f834e042583068L,0x02da2aebf3f6e683L,0x6b763e5d05c12248L,
-        0x7230378f65a8aefcL },
-      { 0x93bd80b571e8e5caL,0x53ab041cb3b62524L,0x1b8605136c9c552eL,
-        0xe84d402cd5524e66L } },
-    /* 18 << 119 */
-    { { 0xa37f3573f37f5937L,0xeb0f6c7dd1e4fca5L,0x2965a554ac8ab0fcL,
-        0x17fbf56c274676acL },
-      { 0x2e2f6bd9acf7d720L,0x41fc8f8810224766L,0x517a14b385d53befL,
-        0xdae327a57d76a7d1L } },
-    /* 19 << 119 */
-    { { 0x6ad0a065c4818267L,0x33aa189b37c1bbc1L,0x64970b5227392a92L,
-        0x21699a1c2d1535eaL },
-      { 0xcd20779cc2d7a7fdL,0xe318605999c83cf2L,0x9b69440b72c0b8c7L,
-        0xa81497d77b9e0e4dL } },
-    /* 20 << 119 */
-    { { 0x515d5c891f5f82dcL,0x9a7f67d76361079eL,0xa8da81e311a35330L,
-        0xe44990c44b18be1bL },
-      { 0xc7d5ed95af103e59L,0xece8aba78dac9261L,0xbe82b0999394b8d3L,
-        0x6830f09a16adfe83L } },
-    /* 21 << 119 */
-    { { 0x250a29b488172d01L,0x8b20bd65caff9e02L,0xb8a7661ee8a6329aL,
-        0x4520304dd3fce920L },
-      { 0xae45da1f2b47f7efL,0xe07f52885bffc540L,0xf79970093464f874L,
-        0x2244c2cda6fa1f38L } },
-    /* 22 << 119 */
-    { { 0x43c41ac194d7d9b1L,0x5bafdd82c82e7f17L,0xdf0614c15fda0fcaL,
-        0x74b043a7a8ae37adL },
-      { 0x3ba6afa19e71734cL,0x15d5437e9c450f2eL,0x4a5883fe67e242b1L,
-        0x5143bdc22c1953c2L } },
-    /* 23 << 119 */
-    { { 0x542b8b53fc5e8920L,0x363bf9a89a9cee08L,0x02375f10c3486e08L,
-        0x2037543b8c5e70d2L },
-      { 0x7109bccc625640b4L,0xcbc1051e8bc62c3bL,0xf8455fed803f26eaL,
-        0x6badceabeb372424L } },
-    /* 24 << 119 */
-    { { 0xa2a9ce7c6b53f5f9L,0x642465951b176d99L,0xb1298d36b95c081bL,
-        0x53505bb81d9a9ee6L },
-      { 0x3f6f9e61f2ba70b0L,0xd07e16c98afad453L,0x9f1694bbe7eb4a6aL,
-        0xdfebced93cb0bc8eL } },
-    /* 25 << 119 */
-    { { 0x92d3dcdc53868c8bL,0x174311a2386107a6L,0x4109e07c689b4e64L,
-        0x30e4587f2df3dcb6L },
-      { 0x841aea310811b3b2L,0x6144d41d0cce43eaL,0x464c45812a9a7803L,
-        0xd03d371f3e158930L } },
-    /* 26 << 119 */
-    { { 0xc676d7f2b1f3390bL,0x9f7a1b8ca5b61272L,0x4ebebfc9c2e127a9L,
-        0x4602500c5dd997bfL },
-      { 0x7f09771c4711230fL,0x058eb37c020f09c1L,0xab693d4bfee5e38bL,
-        0x9289eb1f4653cbc0L } },
-    /* 27 << 119 */
-    { { 0xbecf46abd51b9cf5L,0xd2aa9c029f0121afL,0x36aaf7d2e90dc274L,
-        0x909e4ea048b95a3cL },
-      { 0xe6b704966f32dbdbL,0x672188a08b030b3eL,0xeeffe5b3cfb617e2L,
-        0x87e947de7c82709eL } },
-    /* 28 << 119 */
-    { { 0xa44d2b391770f5a7L,0xe4d4d7910e44eb82L,0x42e69d1e3f69712aL,
-        0xbf11c4d6ac6a820eL },
-      { 0xb5e7f3e542c4224cL,0xd6b4e81c449d941cL,0x5d72bd165450e878L,
-        0x6a61e28aee25ac54L } },
-    /* 29 << 119 */
-    { { 0x33272094e6f1cd95L,0x7512f30d0d18673fL,0x32f7a4ca5afc1464L,
-        0x2f0956566bbb977bL },
-      { 0x586f47caa8226200L,0x02c868ad1ac07369L,0x4ef2b845c613acbeL,
-        0x43d7563e0386054cL } },
-    /* 30 << 119 */
-    { { 0x54da9dc7ab952578L,0xb5423df226e84d0bL,0xa8b64eeb9b872042L,
-        0xac2057825990f6dfL },
-      { 0x4ff696eb21f4c77aL,0x1a79c3e4aab273afL,0x29bc922e9436b3f1L,
-        0xff807ef8d6d9a27aL } },
-    /* 31 << 119 */
-    { { 0x82acea3d778f22a0L,0xfb10b2e85b5e7469L,0xc0b169802818ee7dL,
-        0x011afff4c91c1a2fL },
-      { 0x95a6d126ad124418L,0x31c081a5e72e295fL,0x36bb283af2f4db75L,
-        0xd115540f7acef462L } },
-    /* 32 << 119 */
-    { { 0xc7f3a8f833f6746cL,0x21e46f65fea990caL,0x915fd5c5caddb0a9L,
-        0xbd41f01678614555L },
-      { 0x346f4434426ffb58L,0x8055943614dbc204L,0xf3dd20fe5a969b7fL,
-        0x9d59e956e899a39aL } },
-    /* 33 << 119 */
-    { { 0xf1b0971c8ad4cf4bL,0x034488602ffb8fb8L,0xf071ac3c65340ba4L,
-        0x408d0596b27fd758L },
-      { 0xe7c78ea498c364b0L,0xa4aac4a5051e8ab5L,0xb9e1d560485d9002L,
-        0x9acd518a88844455L } },
-    /* 34 << 119 */
-    { { 0xe4ca688fd06f56c0L,0xa48af70ddf027972L,0x691f0f045e9a609dL,
-        0xa9dd82cdee61270eL },
-      { 0x8903ca63a0ef18d3L,0x9fb7ee353d6ca3bdL,0xa7b4a09cabf47d03L,
-        0x4cdada011c67de8eL } },
-    /* 35 << 119 */
-    { { 0x520037499355a244L,0xe77fd2b64f2151a9L,0x695d6cf666b4efcbL,
-        0xc5a0cacfda2cfe25L },
-      { 0x104efe5cef811865L,0xf52813e89ea5cc3dL,0x855683dc40b58dbcL,
-        0x0338ecde175fcb11L } },
-    /* 36 << 119 */
-    { { 0xf9a0563774921592L,0xb4f1261db9bb9d31L,0x551429b74e9c5459L,
-        0xbe182e6f6ea71f53L },
-      { 0xd3a3b07cdfc50573L,0x9ba1afda62be8d44L,0x9bcfd2cb52ab65d3L,
-        0xdf11d547a9571802L } },
-    /* 37 << 119 */
-    { { 0x099403ee02a2404aL,0x497406f421088a71L,0x994794095004ae71L,
-        0xbdb42078a812c362L },
-      { 0x2b72a30fd8828442L,0x283add27fcb5ed1cL,0xf7c0e20066a40015L,
-        0x3e3be64108b295efL } },
-    /* 38 << 119 */
-    { { 0xac127dc1e038a675L,0x729deff38c5c6320L,0xb7df8fd4a90d2c53L,
-        0x9b74b0ec681e7cd3L },
-      { 0x5cb5a623dab407e5L,0xcdbd361576b340c6L,0xa184415a7d28392cL,
-        0xc184c1d8e96f7830L } },
-    /* 39 << 119 */
-    { { 0xc3204f1981d3a80fL,0xfde0c841c8e02432L,0x78203b3e8149e0c1L,
-        0x5904bdbb08053a73L },
-      { 0x30fc1dd1101b6805L,0x43c223bc49aa6d49L,0x9ed671417a174087L,
-        0x311469a0d5997008L } },
-    /* 40 << 119 */
-    { { 0xb189b6845e43fc61L,0xf3282375e0d3ab57L,0x4fa34b67b1181da8L,
-        0x621ed0b299ee52b8L },
-      { 0x9b178de1ad990676L,0xd51de67b56d54065L,0x2a2c27c47538c201L,
-        0x33856ec838a40f5cL } },
-    /* 41 << 119 */
-    { { 0x2522fc15be6cdcdeL,0x1e603f339f0c6f89L,0x7994edc3103e30a6L,
-        0x033a00db220c853eL },
-      { 0xd3cfa409f7bb7fd7L,0x70f8781e462d18f6L,0xbbd82980687fe295L,
-        0x6eef4c32595669f3L } },
-    /* 42 << 119 */
-    { { 0x86a9303b2f7e85c3L,0x5fce462171988f9bL,0x5b935bf6c138acb5L,
-        0x30ea7d6725661212L },
-      { 0xef1eb5f4e51ab9a2L,0x0587c98aae067c78L,0xb3ce1b3c77ca9ca6L,
-        0x2a553d4d54b5f057L } },
-    /* 43 << 119 */
-    { { 0xc78982364da29ec2L,0xdbdd5d13b9c57316L,0xc57d6e6b2cd80d47L,
-        0x80b460cffe9e7391L },
-      { 0x98648cabf963c31eL,0x67f9f633cc4d32fdL,0x0af42a9dfdf7c687L,
-        0x55f292a30b015ea7L } },
-    /* 44 << 119 */
-    { { 0x89e468b2cd21ab3dL,0xe504f022c393d392L,0xab21e1d4a5013af9L,
-        0xe3283f78c2c28acbL },
-      { 0xf38b35f6226bf99fL,0xe83542740e291e69L,0x61673a15b20c162dL,
-        0xc101dc75b04fbdbeL } },
-    /* 45 << 119 */
-    { { 0x8323b4c2255bd617L,0x6c9696936c2a9154L,0xc6e6586062679387L,
-        0x8e01db0cb8c88e23L },
-      { 0x33c42873893a5559L,0x7630f04b47a3e149L,0xb5d80805ddcf35f8L,
-        0x582ca08077dfe732L } },
-    /* 46 << 119 */
-    { { 0x2c7156e10b1894a0L,0x92034001d81c68c0L,0xed225d00c8b115b5L,
-        0x237f9c2283b907f2L },
-      { 0x0ea2f32f4470e2c0L,0xb725f7c158be4e95L,0x0f1dcafab1ae5463L,
-        0x59ed51871ba2fc04L } },
-    /* 47 << 119 */
-    { { 0xf6e0f316d0115d4dL,0x5180b12fd3691599L,0x157e32c9527f0a41L,
-        0x7b0b081da8e0ecc0L },
-      { 0x6dbaaa8abf4f0dd0L,0x99b289c74d252696L,0x79b7755edbf864feL,
-        0x6974e2b176cad3abL } },
-    /* 48 << 119 */
-    { { 0x35dbbee206ddd657L,0xe7cbdd112ff3a96dL,0x88381968076be758L,
-        0x2d737e7208c91f5dL },
-      { 0x5f83ab6286ec3776L,0x98aa649d945fa7a1L,0xf477ec3772ef0933L,
-        0x66f52b1e098c17b1L } },
-    /* 49 << 119 */
-    { { 0x9eec58fbd803738bL,0x91aaade7e4e86aa4L,0x6b1ae617a5b51492L,
-        0x63272121bbc45974L },
-      { 0x7e0e28f0862c5129L,0x0a8f79a93321a4a0L,0xe26d16645041c88fL,
-        0x0571b80553233e3aL } },
-    /* 50 << 119 */
-    { { 0xd1b0ccdec9520711L,0x55a9e4ed3c8b84bfL,0x9426bd39a1fef314L,
-        0x4f5f638e6eb93f2bL },
-      { 0xba2a1ed32bf9341bL,0xd63c13214d42d5a9L,0xd2964a89316dc7c5L,
-        0xd1759606ca511851L } },
-    /* 51 << 119 */
-    { { 0xd8a9201ff9e6ed35L,0xb7b5ee456736925aL,0x0a83fbbc99581af7L,
-        0x3076bc4064eeb051L },
-      { 0x5511c98c02dec312L,0x270de898238dcb78L,0x2cf4cf9c539c08c9L,
-        0xa70cb65e38d3b06eL } },
-    /* 52 << 119 */
-    { { 0xb12ec10ecfe57bbdL,0x82c7b65635a0c2b5L,0xddc7d5cd161c67bdL,
-        0xe32e8985ae3a32ccL },
-      { 0x7aba9444d11a5529L,0xe964ed022427fa1aL,0x1528392d24a1770aL,
-        0xa152ce2c12c72fcdL } },
-    /* 53 << 119 */
-    { { 0x714553a48ec07649L,0x18b4c290459dd453L,0xea32b7147b64b110L,
-        0xb871bfa52e6f07a2L },
-      { 0xb67112e59e2e3c9bL,0xfbf250e544aa90f6L,0xf77aedb8bd539006L,
-        0x3b0cdf9ad172a66fL } },
-    /* 54 << 119 */
-    { { 0xedf69feaf8c51187L,0x05bb67ec741e4da7L,0x47df0f3208114345L,
-        0x56facb07bb9792b1L },
-      { 0xf3e007e98f6229e4L,0x62d103f4526fba0fL,0x4f33bef7b0339d79L,
-        0x9841357bb59bfec1L } },
-    /* 55 << 119 */
-    { { 0xfa8dbb59c34e6705L,0xc3c7180b7fdaa84cL,0xf95872fca4108537L,
-        0x8750cc3b932a3e5aL },
-      { 0xb61cc69db7275d7dL,0xffa0168b2e59b2e9L,0xca032abc6ecbb493L,
-        0x1d86dbd32c9082d8L } },
-    /* 56 << 119 */
-    { { 0xae1e0b67e28ef5baL,0x2c9a4699cb18e169L,0x0ecd0e331e6bbd20L,
-        0x571b360eaf5e81d2L },
-      { 0xcd9fea58101c1d45L,0x6651788e18880452L,0xa99726351f8dd446L,
-        0x44bed022e37281d0L } },
-    /* 57 << 119 */
-    { { 0x094b2b2d33da525dL,0xf193678e13144fd8L,0xb8ab5ba4f4c1061dL,
-        0x4343b5fadccbe0f4L },
-      { 0xa870237163812713L,0x47bf6d2df7611d93L,0x46729b8cbd21e1d7L,
-        0x7484d4e0d629e77dL } },
-    /* 58 << 119 */
-    { { 0x830e6eea60dbac1fL,0x23d8c484da06a2f7L,0x896714b050ca535bL,
-        0xdc8d3644ebd97a9bL },
-      { 0x106ef9fab12177b4L,0xf79bf464534d5d9cL,0x2537a349a6ab360bL,
-        0xc7c54253a00c744fL } },
-    /* 59 << 119 */
-    { { 0xb3c7a047e5911a76L,0x61ffa5c8647f1ee7L,0x15aed36f8f56ab42L,
-        0x6a0d41b0a3ff9ac9L },
-      { 0x68f469f5cc30d357L,0xbe9adf816b72be96L,0x1cd926fe903ad461L,
-        0x7e89e38fcaca441bL } },
-    /* 60 << 119 */
-    { { 0xf0f82de5facf69d4L,0x363b7e764775344cL,0x6894f312b2e36d04L,
-        0x3c6cb4fe11d1c9a5L },
-      { 0x85d9c3394008e1f2L,0x5e9a85ea249f326cL,0xdc35c60a678c5e06L,
-        0xc08b944f9f86fba9L } },
-    /* 61 << 119 */
-    { { 0xde40c02c89f71f0fL,0xad8f3e31ff3da3c0L,0x3ea5096b42125dedL,
-        0x13879cbfa7379183L },
-      { 0x6f4714a56b306a0bL,0x359c2ea667646c5eL,0xfacf894307726368L,
-        0x07a5893565ff431eL } },
-    /* 62 << 119 */
-    { { 0x24d661d168754ab0L,0x801fce1d6f429a76L,0xc068a85fa58ce769L,
-        0xedc35c545d5eca2bL },
-      { 0xea31276fa3f660d1L,0xa0184ebeb8fc7167L,0x0f20f21a1d8db0aeL,
-        0xd96d095f56c35e12L } },
-    /* 63 << 119 */
-    { { 0xedf402b5f8c2a25bL,0x1bb772b9059204b6L,0x50cbeae219b4e34cL,
-        0x93109d803fa0845aL },
-      { 0x54f7ccf78ef59fb5L,0x3b438fe288070963L,0x9e28c65931f3ba9bL,
-        0x9cc31b46ead9da92L } },
-    /* 64 << 119 */
-    { { 0x3c2f0ba9b733aa5fL,0xdece47cbf05af235L,0xf8e3f715a2ac82a5L,
-        0xc97ba6412203f18aL },
-      { 0xc3af550409c11060L,0x56ea2c0546af512dL,0xfac28daff3f28146L,
-        0x87fab43a959ef494L } },
-    /* 0 << 126 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 126 */
-    { { 0x09891641d4c5105fL,0x1ae80f8e6d7fbd65L,0x9d67225fbee6bdb0L,
-        0x3b433b597fc4d860L },
-      { 0x44e66db693e85638L,0xf7b59252e3e9862fL,0xdb785157665c32ecL,
-        0x702fefd7ae362f50L } },
-    /* 2 << 126 */
-    { { 0x3754475d0fefb0c3L,0xd48fb56b46d7c35dL,0xa070b633363798a4L,
-        0xae89f3d28fdb98e6L },
-      { 0x970b89c86363d14cL,0x8981752167abd27dL,0x9bf7d47444d5a021L,
-        0xb3083bafcac72aeeL } },
-    /* 3 << 126 */
-    { { 0x389741debe949a44L,0x638e9388546a4fa5L,0x3fe6419ca0047bdcL,
-        0x7047f648aaea57caL },
-      { 0x54e48a9041fbab17L,0xda8e0b28576bdba2L,0xe807eebcc72afddcL,
-        0x07d3336df42577bfL } },
-    /* 4 << 126 */
-    { { 0x62a8c244bfe20925L,0x91c19ac38fdce867L,0x5a96a5d5dd387063L,
-        0x61d587d421d324f6L },
-      { 0xe87673a2a37173eaL,0x2384800853778b65L,0x10f8441e05bab43eL,
-        0xfa11fe124621efbeL } },
-    /* 5 << 126 */
-    { { 0x047b772e81685d7bL,0x23f27d81bf34a976L,0xc27608e2915f48efL,
-        0x3b0b43faa521d5c3L },
-      { 0x7613fb2663ca7284L,0x7f5729b41d4db837L,0x87b14898583b526bL,
-        0x00b732a6bbadd3d1L } },
-    /* 6 << 126 */
-    { { 0x8e02f4262048e396L,0x436b50b6383d9de4L,0xf78d3481471e85adL,
-        0x8b01ea6ad005c8d6L },
-      { 0xd3c7afee97015c07L,0x46cdf1a94e3ba2aeL,0x7a42e50183d3a1d2L,
-        0xd54b5268b541dff4L } },
-    /* 7 << 126 */
-    { { 0x3f24cf304e23e9bcL,0x4387f816126e3624L,0x26a46a033b0b6d61L,
-        0xaf1bc8458b2d777cL },
-      { 0x25c401ba527de79cL,0x0e1346d44261bbb6L,0x4b96c44b287b4bc7L,
-        0x658493c75254562fL } },
-    /* 8 << 126 */
-    { { 0x23f949feb8a24a20L,0x17ebfed1f52ca53fL,0x9b691bbebcfb4853L,
-        0x5617ff6b6278a05dL },
-      { 0x241b34c5e3c99ebdL,0xfc64242e1784156aL,0x4206482f695d67dfL,
-        0xb967ce0eee27c011L } },
-    /* 9 << 126 */
-    { { 0x65db375121c80b5dL,0x2e7a563ca31ecca0L,0xe56ffc4e5238a07eL,
-        0x3d6c296632ced854L },
-      { 0xe99d7d1aaf70b885L,0xafc3bad92d686459L,0x9c78bf460cc8ba5bL,
-        0x5a43951918955aa3L } },
-    /* 10 << 126 */
-    { { 0xf8b517a85fe4e314L,0xe60234d0fcb8906fL,0xffe542acf2061b23L,
-        0x287e191f6b4cb59cL },
-      { 0x21857ddc09d877d8L,0x1c23478c14678941L,0xbbf0c056b6e05ea4L,
-        0x82da4b53b01594feL } },
-    /* 11 << 126 */
-    { { 0xf7526791fadb8608L,0x049e832d7b74cdf6L,0xa43581ccc2b90a34L,
-        0x73639eb89360b10cL },
-      { 0x4fba331fe1e4a71bL,0x6ffd6b938072f919L,0x6e53271c65679032L,
-        0x67206444f14272ceL } },
-    /* 12 << 126 */
-    { { 0xc0f734a3b2335834L,0x9526205a90ef6860L,0xcb8be71704e2bb0dL,
-        0x2418871e02f383faL },
-      { 0xd71776814082c157L,0xcc914ad029c20073L,0xf186c1ebe587e728L,
-        0x6fdb3c2261bcd5fdL } },
-    /* 13 << 126 */
-    { { 0x30d014a6f2f9f8e9L,0x963ece234fec49d2L,0x862025c59605a8d9L,
-        0x3987444519f8929aL },
-      { 0x01b6ff6512bf476aL,0x598a64d809cf7d91L,0xd7ec774993be56caL,
-        0x10899785cbb33615L } },
-    /* 14 << 126 */
-    { { 0xb8a092fd02eee3adL,0xa86b3d3530145270L,0x323d98c68512b675L,
-        0x4b8bc78562ebb40fL },
-      { 0x7d301f54413f9cdeL,0xa5e4fb4f2bab5664L,0x1d2b252d1cbfec23L,
-        0xfcd576bbe177120dL } },
-    /* 15 << 126 */
-    { { 0x04427d3e83731a34L,0x2bb9028eed836e8eL,0xb36acff8b612ca7cL,
-        0xb88fe5efd3d9c73aL },
-      { 0xbe2a6bc6edea4eb3L,0x43b93133488eec77L,0xf41ff566b17106e1L,
-        0x469e9172654efa32L } },
-    /* 16 << 126 */
-    { { 0xb4480f0441c23fa3L,0xb4712eb0c1989a2eL,0x3ccbba0f93a29ca7L,
-        0x6e205c14d619428cL },
-      { 0x90db7957b3641686L,0x0432691d45ac8b4eL,0x07a759acf64e0350L,
-        0x0514d89c9c972517L } },
-    /* 17 << 126 */
-    { { 0x1701147fa8e67fc3L,0x9e2e0b8bab2085beL,0xd5651824ac284e57L,
-        0x890d432574893664L },
-      { 0x8a7c5e6ec55e68a3L,0xbf12e90b4339c85aL,0x31846b85f922b655L,
-        0x9a54ce4d0bf4d700L } },
-    /* 18 << 126 */
-    { { 0xd7f4e83af1a14295L,0x916f955cb285d4f9L,0xe57bb0e099ffdabaL,
-        0x28a43034eab0d152L },
-      { 0x0a36ffa2b8a9cef8L,0x5517407eb9ec051aL,0x9c796096ea68e672L,
-        0x853db5fbfb3c77fbL } },
-    /* 19 << 126 */
-    { { 0x21474ba9e864a51aL,0x6c2676996e8a1b8bL,0x7c82362694120a28L,
-        0xe61e9a488383a5dbL },
-      { 0x7dd750039f84216dL,0xab020d07ad43cd85L,0x9437ae48da12c659L,
-        0x6449c2ebe65452adL } },
-    /* 20 << 126 */
-    { { 0xcc7c4c1c2cf9d7c1L,0x1320886aee95e5abL,0xbb7b9056beae170cL,
-        0xc8a5b250dbc0d662L },
-      { 0x4ed81432c11d2303L,0x7da669121f03769fL,0x3ac7a5fd84539828L,
-        0x14dada943bccdd02L } },
-    /* 21 << 126 */
-    { { 0x8b84c3217ef6b0d1L,0x52a9477a7c933f22L,0x5ef6728afd440b82L,
-        0x5c3bd8596ce4bd5eL },
-      { 0x918b80f5f22c2d3eL,0x368d5040b7bb6cc5L,0xb66142a12695a11cL,
-        0x60ac583aeb19ea70L } },
-    /* 22 << 126 */
-    { { 0x317cbb980eab2437L,0x8cc08c555e2654c8L,0xfe2d6520e6d8307fL,
-        0xe9f147f357428993L },
-      { 0x5f9c7d14d2fd6cf1L,0xa3ecd0642d4fcbb0L,0xad83fef08e7341f7L,
-        0x643f23a03a63115cL } },
-    /* 23 << 126 */
-    { { 0xd38a78abe65ab743L,0xbf7c75b135edc89cL,0x3dd8752e530df568L,
-        0xf85c4a76e308c682L },
-      { 0x4c9955b2e68acf37L,0xa544df3dab32af85L,0x4b8ec3f5a25cf493L,
-        0x4d8f27641a622febL } },
-    /* 24 << 126 */
-    { { 0x7bb4f7aaf0dcbc49L,0x7de551f970bbb45bL,0xcfd0f3e49f2ca2e5L,
-        0xece587091f5c76efL },
-      { 0x32920edd167d79aeL,0x039df8a2fa7d7ec1L,0xf46206c0bb30af91L,
-        0x1ff5e2f522676b59L } },
-    /* 25 << 126 */
-    { { 0x11f4a0396ea51d66L,0x506c1445807d7a26L,0x60da5705755a9b24L,
-        0x8fc8cc321f1a319eL },
-      { 0x83642d4d9433d67dL,0x7fa5cb8f6a7dd296L,0x576591db9b7bde07L,
-        0x13173d25419716fbL } },
-    /* 26 << 126 */
-    { { 0xea30599dd5b340ffL,0xfc6b5297b0fe76c5L,0x1c6968c8ab8f5adcL,
-        0xf723c7f5901c928dL },
-      { 0x4203c3219773d402L,0xdf7c6aa31b51dd47L,0x3d49e37a552be23cL,
-        0x57febee80b5a6e87L } },
-    /* 27 << 126 */
-    { { 0xc5ecbee47bd8e739L,0x79d44994ae63bf75L,0x168bd00f38fb8923L,
-        0x75d48ee4d0533130L },
-      { 0x554f77aadb5cdf33L,0x3396e8963c696769L,0x2fdddbf2d3fd674eL,
-        0xbbb8f6ee99d0e3e5L } },
-    /* 28 << 126 */
-    { { 0x51b90651cbae2f70L,0xefc4bc0593aaa8ebL,0x8ecd8689dd1df499L,
-        0x1aee99a822f367a5L },
-      { 0x95d485b9ae8274c5L,0x6c14d4457d30b39cL,0xbafea90bbcc1ef81L,
-        0x7c5f317aa459a2edL } },
-    /* 29 << 126 */
-    { { 0x012110754ef44227L,0xa17bed6edc20f496L,0x0cdfe424819853cdL,
-        0x13793298f71e2ce7L },
-      { 0x3c1f3078dbbe307bL,0x6dd1c20e76ee9936L,0x23ee4b57423caa20L,
-        0x4ac3793b8efb840eL } },
-    /* 30 << 126 */
-    { { 0x934438ebed1f8ca0L,0x3e5466584ebb25a2L,0xc415af0ec069896fL,
-        0xc13eddb09a5aa43dL },
-      { 0x7a04204fd49eb8f6L,0xd0d5bdfcd74f1670L,0x3697e28656fc0558L,
-        0x1020737101cebadeL } },
-    /* 31 << 126 */
-    { { 0x5f87e6900647a82bL,0x908e0ed48f40054fL,0xa9f633d479853803L,
-        0x8ed13c9a4a28b252L },
-      { 0x3e2ef6761f460f64L,0x53930b9b36d06336L,0x347073ac8fc4979bL,
-        0x84380e0e5ecd5597L } },
-    /* 32 << 126 */
-    { { 0xe3b22c6bc4fe3c39L,0xba4a81536c7bebdfL,0xf23ab6b725693459L,
-        0x53bc377014922b11L },
-      { 0x4645c8ab5afc60dbL,0xaa02235520b9f2a3L,0x52a2954cce0fc507L,
-        0x8c2731bb7ce1c2e7L } },
-    /* 33 << 126 */
-    { { 0xf39608ab18a0339dL,0xac7a658d3735436cL,0xb22c2b07cd992b4fL,
-        0x4e83daecf40dcfd4L },
-      { 0x8a34c7be2f39ea3eL,0xef0c005fb0a56d2eL,0x62731f6a6edd8038L,
-        0x5721d7404e3cb075L } },
-    /* 34 << 126 */
-    { { 0x1ea41511fbeeee1bL,0xd1ef5e73ef1d0c05L,0x42feefd173c07d35L,
-        0xe530a00a8a329493L },
-      { 0x5d55b7fef15ebfb0L,0x549de03cd322491aL,0xf7b5f602745b3237L,
-        0x3632a3a21ab6e2b6L } },
-    /* 35 << 126 */
-    { { 0x0d3bba890ef59f78L,0x0dfc6443c9e52b9aL,0x1dc7969972631447L,
-        0xef033917b3be20b1L },
-      { 0x0c92735db1383948L,0xc1fc29a2c0dd7d7dL,0x6485b697403ed068L,
-        0x13bfaab3aac93bdcL } },
-    /* 36 << 126 */
-    { { 0x410dc6a90deeaf52L,0xb003fb024c641c15L,0x1384978c5bc504c4L,
-        0x37640487864a6a77L },
-      { 0x05991bc6222a77daL,0x62260a575e47eb11L,0xc7af6613f21b432cL,
-        0x22f3acc9ab4953e9L } },
-    /* 37 << 126 */
-    { { 0x529349228e41d155L,0x4d0245683ac059efL,0xb02017554d884411L,
-        0xce8055cfa59a178fL },
-      { 0xcd77d1aff6204549L,0xa0a00a3ec7066759L,0x471071ef0272c229L,
-        0x009bcf6bd3c4b6b0L } },
-    /* 38 << 126 */
-    { { 0x2a2638a822305177L,0xd51d59df41645bbfL,0xa81142fdc0a7a3c0L,
-        0xa17eca6d4c7063eeL },
-      { 0x0bb887ed60d9dcecL,0xd6d28e5120ad2455L,0xebed6308a67102baL,
-        0x042c31148bffa408L } },
-    /* 39 << 126 */
-    { { 0xfd099ac58aa68e30L,0x7a6a3d7c1483513eL,0xffcc6b75ba2d8f0cL,
-        0x54dacf961e78b954L },
-      { 0xf645696fa4a9af89L,0x3a41194006ac98ecL,0x41b8b3f622a67a20L,
-        0x2d0b1e0f99dec626L } },
-    /* 40 << 126 */
-    { { 0x27c8919240be34e8L,0xc7162b3791907f35L,0x90188ec1a956702bL,
-        0xca132f7ddf93769cL },
-      { 0x3ece44f90e2025b4L,0x67aaec690c62f14cL,0xad74141822e3cc11L,
-        0xcf9b75c37ff9a50eL } },
-    /* 41 << 126 */
-    { { 0x02fa2b164d348272L,0xbd99d61a9959d56dL,0xbc4f19db18762916L,
-        0xcc7cce5049c1ac80L },
-      { 0x4d59ebaad846bd83L,0x8775a9dca9202849L,0x07ec4ae16e1f4ca9L,
-        0x27eb5875ba893f11L } },
-    /* 42 << 126 */
-    { { 0x00284d51662cc565L,0x82353a6b0db4138dL,0xd9c7aaaaaa32a594L,
-        0xf5528b5ea5669c47L },
-      { 0xf32202312f23c5ffL,0xe3e8147a6affa3a1L,0xfb423d5c202ddda0L,
-        0x3d6414ac6b871bd4L } },
-    /* 43 << 126 */
-    { { 0x586f82e1a51a168aL,0xb712c67148ae5448L,0x9a2e4bd176233eb8L,
-        0x0188223a78811ca9L },
-      { 0x553c5e21f7c18de1L,0x7682e451b27bb286L,0x3ed036b30e51e929L,
-        0xf487211bec9cb34fL } },
-    /* 44 << 126 */
-    { { 0x0d0942770c24efc8L,0x0349fd04bef737a4L,0x6d1c9dd2514cdd28L,
-        0x29c135ff30da9521L },
-      { 0xea6e4508f78b0b6fL,0x176f5dd2678c143cL,0x081484184be21e65L,
-        0x27f7525ce7df38c4L } },
-    /* 45 << 126 */
-    { { 0x1fb70e09748ab1a4L,0x9cba50a05efe4433L,0x7846c7a615f75af2L,
-        0x2a7c2c575ee73ea8L },
-      { 0x42e566a43f0a449aL,0x45474c3bad90fc3dL,0x7447be3d8b61d057L,
-        0x3e9d1cf13a4ec092L } },
-    /* 46 << 126 */
-    { { 0x1603e453f380a6e6L,0x0b86e4319b1437c2L,0x7a4173f2ef29610aL,
-        0x8fa729a7f03d57f7L },
-      { 0x3e186f6e6c9c217eL,0xbe1d307991919524L,0x92a62a70153d4fb1L,
-        0x32ed3e34d68c2f71L } },
-    /* 47 << 126 */
-    { { 0xd785027f9eb1a8b7L,0xbc37eb77c5b22fe8L,0x466b34f0b9d6a191L,
-        0x008a89af9a05f816L },
-      { 0x19b028fb7d42c10aL,0x7fe8c92f49b3f6b8L,0x58907cc0a5a0ade3L,
-        0xb3154f51559d1a7cL } },
-    /* 48 << 126 */
-    { { 0x5066efb6d9790ed6L,0xa77a0cbca6aa793bL,0x1a915f3c223e042eL,
-        0x1c5def0469c5874bL },
-      { 0x0e83007873b6c1daL,0x55cf85d2fcd8557aL,0x0f7c7c760460f3b1L,
-        0x87052acb46e58063L } },
-    /* 49 << 126 */
-    { { 0x09212b80907eae66L,0x3cb068e04d721c89L,0xa87941aedd45ac1cL,
-        0xde8d5c0d0daa0dbbL },
-      { 0xda421fdce3502e6eL,0xc89442014d89a084L,0x7307ba5ef0c24bfbL,
-        0xda212beb20bde0efL } },
-    /* 50 << 126 */
-    { { 0xea2da24bf82ce682L,0x058d381607f71fe4L,0x35a024625ffad8deL,
-        0xcd7b05dcaadcefabL },
-      { 0xd442f8ed1d9f54ecL,0x8be3d618b2d3b5caL,0xe2220ed0e06b2ce2L,
-        0x82699a5f1b0da4c0L } },
-    /* 51 << 126 */
-    { { 0x3ff106f571c0c3a7L,0x8f580f5a0d34180cL,0x4ebb120e22d7d375L,
-        0x5e5782cce9513675L },
-      { 0x2275580c99c82a70L,0xe8359fbf15ea8c4cL,0x53b48db87b415e70L,
-        0xaacf2240100c6014L } },
-    /* 52 << 126 */
-    { { 0x9faaccf5e4652f1dL,0xbd6fdd2ad56157b2L,0xa4f4fb1f6261ec50L,
-        0x244e55ad476bcd52L },
-      { 0x881c9305047d320bL,0x1ca983d56181263fL,0x354e9a44278fb8eeL,
-        0xad2dbc0f396e4964L } },
-    /* 53 << 126 */
-    { { 0x723f3aa29268b3deL,0x0d1ca29ae6e0609aL,0x794866aa6cf44252L,
-        0x0b59f3e301af87edL },
-      { 0xe234e5ff7f4a6c51L,0xa8768fd261dc2f7eL,0xdafc73320a94d81fL,
-        0xd7f8428206938ce1L } },
-    /* 54 << 126 */
-    { { 0xae0b3c0e0546063eL,0x7fbadcb25d61abc6L,0xd5d7a2c9369ac400L,
-        0xa5978d09ae67d10cL },
-      { 0x290f211e4f85eaacL,0xe61e2ad1facac681L,0xae125225388384cdL,
-        0xa7fb68e9ccfde30fL } },
-    /* 55 << 126 */
-    { { 0x7a59b9363daed4c2L,0x80a9aa402606f789L,0xb40c1ea5f6a6d90aL,
-        0x948364d3514d5885L },
-      { 0x062ebc6070985182L,0xa6db5b0e33310895L,0x64a12175e329c2f5L,
-        0xc5f25bd290ea237eL } },
-    /* 56 << 126 */
-    { { 0x7915c5242d0a4c23L,0xeb5d26e46bb3cc52L,0x369a9116c09e2c92L,
-        0x0c527f92cf182cf8L },
-      { 0x9e5919382aede0acL,0xb29222086cc34939L,0x3c9d896299a34361L,
-        0x3c81836dc1905fe6L } },
-    /* 57 << 126 */
-    { { 0x4bfeb57fa001ec5aL,0xe993f5bba0dc5dbaL,0x47884109724a1380L,
-        0x8a0369ab32fe9a04L },
-      { 0xea068d608c927db8L,0xbf5f37cf94655741L,0x47d402a204b6c7eaL,
-        0x4551c2956af259cbL } },
-    /* 58 << 126 */
-    { { 0x698b71e7ed77ee8bL,0xbddf7bd0f309d5c7L,0x6201c22c34e780caL,
-        0xab04f7d84c295ef4L },
-      { 0x1c9472944313a8ceL,0xe532e4ac92ca4cfeL,0x89738f80d0a7a97aL,
-        0xec088c88a580fd5bL } },
-    /* 59 << 126 */
-    { { 0x612b1ecc42ce9e51L,0x8f9840fdb25fdd2aL,0x3cda78c001e7f839L,
-        0x546b3d3aece05480L },
-      { 0x271719a980d30916L,0x45497107584c20c4L,0xaf8f94785bc78608L,
-        0x28c7d484277e2a4cL } },
-    /* 60 << 126 */
-    { { 0xfce0176788a2ffe4L,0xdc506a3528e169a5L,0x0ea108617af9c93aL,
-        0x1ed2436103fa0e08L },
-      { 0x96eaaa92a3d694e7L,0xc0f43b4def50bc74L,0xce6aa58c64114db4L,
-        0x8218e8ea7c000fd4L } },
-    /* 61 << 126 */
-    { { 0xac815dfb185f8844L,0xcd7e90cb1557abfbL,0x23d16655afbfecdfL,
-        0x80f3271f085cac4aL },
-      { 0x7fc39aa7d0e62f47L,0x88d519d1460a48e5L,0x59559ac4d28f101eL,
-        0x7981d9e9ca9ae816L } },
-    /* 62 << 126 */
-    { { 0x5c38652c9ac38203L,0x86eaf87f57657fe5L,0x568fc472e21f5416L,
-        0x2afff39ce7e597b5L },
-      { 0x3adbbb07256d4eabL,0x225986928285ab89L,0x35f8112a041caefeL,
-        0x95df02e3a5064c8bL } },
-    /* 63 << 126 */
-    { { 0x4d63356ec7004bf3L,0x230a08f4db83c7deL,0xca27b2708709a7b7L,
-        0x0d1c4cc4cb9abd2dL },
-      { 0x8a0bc66e7550fee8L,0x369cd4c79cf7247eL,0x75562e8492b5b7e7L,
-        0x8fed0da05802af7bL } },
-    /* 64 << 126 */
-    { { 0x6a7091c2e48fb889L,0x26882c137b8a9d06L,0xa24986631b82a0e2L,
-        0x844ed7363518152dL },
-      { 0x282f476fd86e27c7L,0xa04edaca04afefdcL,0x8b256ebc6119e34dL,
-        0x56a413e90787d78bL } },
-    /* 0 << 133 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 133 */
-    { { 0x82ee061d5a74be50L,0xe41781c4dea16ff5L,0xe0b0c81e99bfc8a2L,
-        0x624f4d690b547e2dL },
-      { 0x3a83545dbdcc9ae4L,0x2573dbb6409b1e8eL,0x482960c4a6c93539L,
-        0xf01059ad5ae18798L } },
-    /* 2 << 133 */
-    { { 0x715c9f973112795fL,0xe8244437984e6ee1L,0x55cb4858ecb66bcdL,
-        0x7c136735abaffbeeL },
-      { 0x546615955dbec38eL,0x51c0782c388ad153L,0x9ba4c53ac6e0952fL,
-        0x27e6782a1b21dfa8L } },
-    /* 3 << 133 */
-    { { 0x682f903d4ed2dbc2L,0x0eba59c87c3b2d83L,0x8e9dc84d9c7e9335L,
-        0x5f9b21b00eb226d7L },
-      { 0xe33bd394af267baeL,0xaa86cc25be2e15aeL,0x4f0bf67d6a8ec500L,
-        0x5846aa44f9630658L } },
-    /* 4 << 133 */
-    { { 0xfeb09740e2c2bf15L,0x627a2205a9e99704L,0xec8d73d0c2fbc565L,
-        0x223eed8fc20c8de8L },
-      { 0x1ee32583a8363b49L,0x1a0b6cb9c9c2b0a6L,0x49f7c3d290dbc85cL,
-        0xa8dfbb971ef4c1acL } },
-    /* 5 << 133 */
-    { { 0xafb34d4c65c7c2abL,0x1d4610e7e2c5ea84L,0x893f6d1b973c4ab5L,
-        0xa3cdd7e9945ba5c4L },
-      { 0x60514983064417eeL,0x1459b23cad6bdf2bL,0x23b2c3415cf726c3L,
-        0x3a82963532d6354aL } },
-    /* 6 << 133 */
-    { { 0x294f901fab192c18L,0xec5fcbfe7030164fL,0xe2e2fcb7e2246ba6L,
-        0x1e7c88b3221a1a0cL },
-      { 0x72c7dd93c92d88c5L,0x41c2148e1106fb59L,0x547dd4f5a0f60f14L,
-        0xed9b52b263960f31L } },
-    /* 7 << 133 */
-    { { 0x6c8349ebb0a5b358L,0xb154c5c29e7e2ed6L,0xcad5eccfeda462dbL,
-        0xf2d6dbe42de66b69L },
-      { 0x426aedf38665e5b2L,0x488a85137b7f5723L,0x15cc43b38bcbb386L,
-        0x27ad0af3d791d879L } },
-    /* 8 << 133 */
-    { { 0xc16c236e846e364fL,0x7f33527cdea50ca0L,0xc48107750926b86dL,
-        0x6c2a36090598e70cL },
-      { 0xa6755e52f024e924L,0xe0fa07a49db4afcaL,0x15c3ce7d66831790L,
-        0x5b4ef350a6cbb0d6L } },
-    /* 9 << 133 */
-    { { 0x2c4aafc4b6205969L,0x42563f02f6c7854fL,0x016aced51d983b48L,
-        0xfeb356d899949755L },
-      { 0x8c2a2c81d1a39bd7L,0x8f44340fe6934ae9L,0x148cf91c447904daL,
-        0x7340185f0f51a926L } },
-    /* 10 << 133 */
-    { { 0x2f8f00fb7409ab46L,0x057e78e680e289b2L,0x03e5022ca888e5d1L,
-        0x3c87111a9dede4e2L },
-      { 0x5b9b0e1c7809460bL,0xe751c85271c9abc7L,0x8b944e28c7cc1dc9L,
-        0x4f201ffa1d3cfa08L } },
-    /* 11 << 133 */
-    { { 0x02fc905c3e6721ceL,0xd52d70dad0b3674cL,0x5dc2e5ca18810da4L,
-        0xa984b2735c69dd99L },
-      { 0x63b9252784de5ca4L,0x2f1c9872c852dec4L,0x18b03593c2e3de09L,
-        0x19d70b019813dc2fL } },
-    /* 12 << 133 */
-    { { 0x42806b2da6dc1d29L,0xd3030009f871e144L,0xa1feb333aaf49276L,
-        0xb5583b9ec70bc04bL },
-      { 0x1db0be7895695f20L,0xfc84181189d012b5L,0x6409f27205f61643L,
-        0x40d34174d5883128L } },
-    /* 13 << 133 */
-    { { 0xd79196f567419833L,0x6059e252863b7b08L,0x84da18171c56700cL,
-        0x5758ee56b28d3ec4L },
-      { 0x7da2771d013b0ea6L,0xfddf524b54c5e9b9L,0x7df4faf824305d80L,
-        0x58f5c1bf3a97763fL } },
-    /* 14 << 133 */
-    { { 0xa5af37f17c696042L,0xd4cba22c4a2538deL,0x211cb9959ea42600L,
-        0xcd105f417b069889L },
-      { 0xb1e1cf19ddb81e74L,0x472f2d895157b8caL,0x086fb008ee9db885L,
-        0x365cd5700f26d131L } },
-    /* 15 << 133 */
-    { { 0x284b02bba2be7053L,0xdcbbf7c67ab9a6d6L,0x4425559c20f7a530L,
-        0x961f2dfa188767c8L },
-      { 0xe2fd943570dc80c4L,0x104d6b63f0784120L,0x7f592bc153567122L,
-        0xf6bc1246f688ad77L } },
-    /* 16 << 133 */
-    { { 0x05214c050f15dde9L,0xa47a76a80d5f2b82L,0xbb254d3062e82b62L,
-        0x11a05fe03ec955eeL },
-      { 0x7eaff46e9d529b36L,0x55ab13018f9e3df6L,0xc463e37199317698L,
-        0xfd251438ccda47adL } },
-    /* 17 << 133 */
-    { { 0xca9c354723d695eaL,0x48ce626e16e589b5L,0x6b5b64c7b187d086L,
-        0xd02e1794b2207948L },
-      { 0x8b58e98f7198111dL,0x90ca6305dcf9c3ccL,0x5691fe72f34089b0L,
-        0x60941af1fc7c80ffL } },
-    /* 18 << 133 */
-    { { 0xa09bc0a222eb51e5L,0xc0bb7244aa9cf09aL,0x36a8077f80159f06L,
-        0x8b5c989edddc560eL },
-      { 0x19d2f316512e1f43L,0x02eac554ad08ff62L,0x012ab84c07d20b4eL,
-        0x37d1e115d6d4e4e1L } },
-    /* 19 << 133 */
-    { { 0xb6443e1aab7b19a8L,0xf08d067edef8cd45L,0x63adf3e9685e03daL,
-        0xcf15a10e4792b916L },
-      { 0xf44bcce5b738a425L,0xebe131d59636b2fdL,0x940688417850d605L,
-        0x09684eaab40d749dL } },
-    /* 20 << 133 */
-    { { 0x8c3c669c72ba075bL,0x89f78b55ba469015L,0x5706aade3e9f8ba8L,
-        0x6d8bd565b32d7ed7L },
-      { 0x25f4e63b805f08d6L,0x7f48200dc3bcc1b5L,0x4e801968b025d847L,
-        0x74afac0487cbe0a8L } },
-    /* 21 << 133 */
-    { { 0x43ed2c2b7e63d690L,0xefb6bbf00223cdb8L,0x4fec3cae2884d3feL,
-        0x065ecce6d75e25a4L },
-      { 0x6c2294ce69f79071L,0x0d9a8e5f044b8666L,0x5009f23817b69d8fL,
-        0x3c29f8fec5dfdaf7L } },
-    /* 22 << 133 */
-    { { 0x9067528febae68c4L,0x5b38563230c5ba21L,0x540df1191fdd1aecL,
-        0xcf37825bcfba4c78L },
-      { 0x77eff980beb11454L,0x40a1a99160c1b066L,0xe8018980f889a1c7L,
-        0xb9c52ae976c24be0L } },
-    /* 23 << 133 */
-    { { 0x05fbbcce45650ef4L,0xae000f108aa29ac7L,0x884b71724f04c470L,
-        0x7cd4fde219bb5c25L },
-      { 0x6477b22ae8840869L,0xa88688595fbd0686L,0xf23cc02e1116dfbaL,
-        0x76cd563fd87d7776L } },
-    /* 24 << 133 */
-    { { 0xe2a37598a9d82abfL,0x5f188ccbe6c170f5L,0x816822005066b087L,
-        0xda22c212c7155adaL },
-      { 0x151e5d3afbddb479L,0x4b606b846d715b99L,0x4a73b54bf997cb2eL,
-        0x9a1bfe433ecd8b66L } },
-    /* 25 << 133 */
-    { { 0x1c3128092a67d48aL,0xcd6a671e031fa9e2L,0xbec3312a0e43a34aL,
-        0x1d93563955ef47d3L },
-      { 0x5ea024898fea73eaL,0x8247b364a035afb2L,0xb58300a65265b54cL,
-        0x3286662f722c7148L } },
-    /* 26 << 133 */
-    { { 0xb77fd76bb4ec4c20L,0xf0a12fa70f3fe3fdL,0xf845bbf541d8c7e8L,
-        0xe4d969ca5ec10aa8L },
-      { 0x4c0053b743e232a3L,0xdc7a3fac37f8a45aL,0x3c4261c520d81c8fL,
-        0xfd4b3453b00eab00L } },
-    /* 27 << 133 */
-    { { 0x76d48f86d36e3062L,0x626c5277a143ff02L,0x538174deaf76f42eL,
-        0x2267aa866407ceacL },
-      { 0xfad7635172e572d5L,0xab861af7ba7330ebL,0xa0a1c8c7418d8657L,
-        0x988821cb20289a52L } },
-    /* 28 << 133 */
-    { { 0x79732522cccc18adL,0xaadf3f8df1a6e027L,0xf7382c9317c2354dL,
-        0x5ce1680cd818b689L },
-      { 0x359ebbfcd9ecbee9L,0x4330689c1cae62acL,0xb55ce5b4c51ac38aL,
-        0x7921dfeafe238ee8L } },
-    /* 29 << 133 */
-    { { 0x3972bef8271d1ca5L,0x3e423bc7e8aabd18L,0x57b09f3f44a3e5e3L,
-        0x5da886ae7b444d66L },
-      { 0x68206634a9964375L,0x356a2fa3699cd0ffL,0xaf0faa24dba515e9L,
-        0x536e1f5cb321d79aL } },
-    /* 30 << 133 */
-    { { 0xd3b9913a5c04e4eaL,0xd549dcfed6f11513L,0xee227bf579fd1d94L,
-        0x9f35afeeb43f2c67L },
-      { 0xd2638d24f1314f53L,0x62baf948cabcd822L,0x5542de294ef48db0L,
-        0xb3eb6a04fc5f6bb2L } },
-    /* 31 << 133 */
-    { { 0x23c110ae1208e16aL,0x1a4d15b5f8363e24L,0x30716844164be00bL,
-        0xa8e24824f6f4690dL },
-      { 0x548773a290b170cfL,0xa1bef33142f191f4L,0x70f418d09247aa97L,
-        0xea06028e48be9147L } },
-    /* 32 << 133 */
-    { { 0xe13122f3dbfb894eL,0xbe9b79f6ce274b18L,0x85a49de5ca58aadfL,
-        0x2495775811487351L },
-      { 0x111def61bb939099L,0x1d6a974a26d13694L,0x4474b4ced3fc253bL,
-        0x3a1485e64c5db15eL } },
-    /* 33 << 133 */
-    { { 0xe79667b4147c15b4L,0xe34f553b7bc61301L,0x032b80f817094381L,
-        0x55d8bafd723eaa21L },
-      { 0x5a987995f1c0e74eL,0x5a9b292eebba289cL,0x413cd4b2eb4c8251L,
-        0x98b5d243d162db0aL } },
-    /* 34 << 133 */
-    { { 0xbb47bf6668342520L,0x08d68949baa862d1L,0x11f349c7e906abcdL,
-        0x454ce985ed7bf00eL },
-      { 0xacab5c9eb55b803bL,0xb03468ea31e3c16dL,0x5c24213dd273bf12L,
-        0x211538eb71587887L } },
-    /* 35 << 133 */
-    { { 0x198e4a2f731dea2dL,0xd5856cf274ed7b2aL,0x86a632eb13a664feL,
-        0x932cd909bda41291L },
-      { 0x850e95d4c0c4ddc0L,0xc0f422f8347fc2c9L,0xe68cbec486076bcbL,
-        0xf9e7c0c0cd6cd286L } },
-    /* 36 << 133 */
-    { { 0x65994ddb0f5f27caL,0xe85461fba80d59ffL,0xff05481a66601023L,
-        0xc665427afc9ebbfbL },
-      { 0xb0571a697587fd52L,0x935289f88d49efceL,0x61becc60ea420688L,
-        0xb22639d913a786afL } },
-    /* 37 << 133 */
-    { { 0x1a8e6220361ecf90L,0x001f23e025506463L,0xe4ae9b5d0a5c2b79L,
-        0xebc9cdadd8149db5L },
-      { 0xb33164a1934aa728L,0x750eb00eae9b60f3L,0x5a91615b9b9cfbfdL,
-        0x97015cbfef45f7f6L } },
-    /* 38 << 133 */
-    { { 0xb462c4a5bf5151dfL,0x21adcc41b07118f2L,0xd60c545b043fa42cL,
-        0xfc21aa54e96be1abL },
-      { 0xe84bc32f4e51ea80L,0x3dae45f0259b5d8dL,0xbb73c7ebc38f1b5eL,
-        0xe405a74ae8ae617dL } },
-    /* 39 << 133 */
-    { { 0xbb1ae9c69f1c56bdL,0x8c176b9849f196a4L,0xc448f3116875092bL,
-        0xb5afe3de9f976033L },
-      { 0xa8dafd49145813e5L,0x687fc4d9e2b34226L,0xf2dfc92d4c7ff57fL,
-        0x004e3fc1401f1b46L } },
-    /* 40 << 133 */
-    { { 0x5afddab61430c9abL,0x0bdd41d32238e997L,0xf0947430418042aeL,
-        0x71f9addacdddc4cbL },
-      { 0x7090c016c52dd907L,0xd9bdf44d29e2047fL,0xe6f1fe801b1011a6L,
-        0xb63accbcd9acdc78L } },
-    /* 41 << 133 */
-    { { 0xcfc7e2351272a95bL,0x0c667717a6276ac8L,0x3c0d3709e2d7eef7L,
-        0x5add2b069a685b3eL },
-      { 0x363ad32d14ea5d65L,0xf8e01f068d7dd506L,0xc9ea221375b4aac6L,
-        0xed2a2bf90d353466L } },
-    /* 42 << 133 */
-    { { 0x439d79b5e9d3a7c3L,0x8e0ee5a681b7f34bL,0xcf3dacf51dc4ba75L,
-        0x1d3d1773eb3310c7L },
-      { 0xa8e671127747ae83L,0x31f43160197d6b40L,0x0521cceecd961400L,
-        0x67246f11f6535768L } },
-    /* 43 << 133 */
-    { { 0x702fcc5aef0c3133L,0x247cc45d7e16693bL,0xfd484e49c729b749L,
-        0x522cef7db218320fL },
-      { 0xe56ef40559ab93b3L,0x225fba119f181071L,0x33bd659515330ed0L,
-        0xc4be69d51ddb32f7L } },
-    /* 44 << 133 */
-    { { 0x264c76680448087cL,0xac30903f71432daeL,0x3851b26600f9bf47L,
-        0x400ed3116cdd6d03L },
-      { 0x045e79fef8fd2424L,0xfdfd974afa6da98bL,0x45c9f6410c1e673aL,
-        0x76f2e7335b2c5168L } },
-    /* 45 << 133 */
-    { { 0x1adaebb52a601753L,0xb286514cc57c2d49L,0xd87696701e0bfd24L,
-        0x950c547e04478922L },
-      { 0xd1d41969e5d32bfeL,0x30bc1472750d6c3eL,0x8f3679fee0e27f3aL,
-        0x8f64a7dca4a6ee0cL } },
-    /* 46 << 133 */
-    { { 0x2fe59937633dfb1fL,0xea82c395977f2547L,0xcbdfdf1a661ea646L,
-        0xc7ccc591b9085451L },
-      { 0x8217796281761e13L,0xda57596f9196885cL,0xbc17e84928ffbd70L,
-        0x1e6e0a412671d36fL } },
-    /* 47 << 133 */
-    { { 0x61ae872c4152fcf5L,0x441c87b09e77e754L,0xd0799dd5a34dff09L,
-        0x766b4e4488a6b171L },
-      { 0xdc06a51211f1c792L,0xea02ae934be35c3eL,0xe5ca4d6de90c469eL,
-        0x4df4368e56e4ff5cL } },
-    /* 48 << 133 */
-    { { 0x7817acab4baef62eL,0x9f5a2202a85b91e8L,0x9666ebe66ce57610L,
-        0x32ad31f3f73bfe03L },
-      { 0x628330a425bcf4d6L,0xea950593515056e6L,0x59811c89e1332156L,
-        0xc89cf1fe8c11b2d7L } },
-    /* 49 << 133 */
-    { { 0x75b6391304e60cc0L,0xce811e8d4625d375L,0x030e43fc2d26e562L,
-        0xfbb30b4b608d36a0L },
-      { 0x634ff82c48528118L,0x7c6fe085cd285911L,0x7f2830c099358f28L,
-        0x2e60a95e665e6c09L } },
-    /* 50 << 133 */
-    { { 0x08407d3d9b785dbfL,0x530889aba759bce7L,0xf228e0e652f61239L,
-        0x2b6d14616879be3cL },
-      { 0xe6902c0451a7bbf7L,0x30ad99f076f24a64L,0x66d9317a98bc6da0L,
-        0xf4f877f3cb596ac0L } },
-    /* 51 << 133 */
-    { { 0xb05ff62d4c44f119L,0x4555f536e9b77416L,0xc7c0d0598caed63bL,
-        0x0cd2b7cec358b2a9L },
-      { 0x3f33287b46945fa3L,0xf8785b20d67c8791L,0xc54a7a619637bd08L,
-        0x54d4598c18be79d7L } },
-    /* 52 << 133 */
-    { { 0x889e5acbc46d7ce1L,0x9a515bb78b085877L,0xfac1a03d0b7a5050L,
-        0x7d3e738af2926035L },
-      { 0x861cc2ce2a6cb0ebL,0x6f2e29558f7adc79L,0x61c4d45133016376L,
-        0xd9fd2c805ad59090L } },
-    /* 53 << 133 */
-    { { 0xe5a83738b2b836a1L,0x855b41a07c0d6622L,0x186fe3177cc19af1L,
-        0x6465c1fffdd99acbL },
-      { 0x46e5c23f6974b99eL,0x75a7cf8ba2717cbeL,0x4d2ebc3f062be658L,
-        0x094b44475f209c98L } },
-    /* 54 << 133 */
-    { { 0x4af285edb940cb5aL,0x6706d7927cc82f10L,0xc8c8776c030526faL,
-        0xfa8e6f76a0da9140L },
-      { 0x77ea9d34591ee4f0L,0x5f46e33740274166L,0x1bdf98bbea671457L,
-        0xd7c08b46862a1fe2L } },
-    /* 55 << 133 */
-    { { 0x46cc303c1c08ad63L,0x995434404c845e7bL,0x1b8fbdb548f36bf7L,
-        0x5b82c3928c8273a7L },
-      { 0x08f712c4928435d5L,0x071cf0f179330380L,0xc74c2d24a8da054aL,
-        0xcb0e720143c46b5cL } },
-    /* 56 << 133 */
-    { { 0x0ad7337ac0b7eff3L,0x8552225ec5e48b3cL,0xe6f78b0c73f13a5fL,
-        0x5e70062e82349cbeL },
-      { 0x6b8d5048e7073969L,0x392d2a29c33cb3d2L,0xee4f727c4ecaa20fL,
-        0xa068c99e2ccde707L } },
-    /* 57 << 133 */
-    { { 0xfcd5651fb87a2913L,0xea3e3c153cc252f0L,0x777d92df3b6cd3e4L,
-        0x7a414143c5a732e7L },
-      { 0xa895951aa71ff493L,0xfe980c92bbd37cf6L,0x45bd5e64decfeeffL,
-        0x910dc2a9a44c43e9L } },
-    /* 58 << 133 */
-    { { 0xcb403f26cca9f54dL,0x928bbdfb9303f6dbL,0x3c37951ea9eee67cL,
-        0x3bd61a52f79961c3L },
-      { 0x09a238e6395c9a79L,0x6940ca2d61eb352dL,0x7d1e5c5ec1875631L,
-        0x1e19742c1e1b20d1L } },
-    /* 59 << 133 */
-    { { 0x4633d90823fc2e6eL,0xa76e29a908959149L,0x61069d9c84ed7da5L,
-        0x0baa11cf5dbcad51L },
-      { 0xd01eec64961849daL,0x93b75f1faf3d8c28L,0x57bc4f9f1ca2ee44L,
-        0x5a26322d00e00558L } },
-    /* 60 << 133 */
-    { { 0x1888d65861a023efL,0x1d72aab4b9e5246eL,0xa9a26348e5563ec0L,
-        0xa0971963c3439a43L },
-      { 0x567dd54badb9b5b7L,0x73fac1a1c45a524bL,0x8fe97ef7fe38e608L,
-        0x608748d23f384f48L } },
-    /* 61 << 133 */
-    { { 0xb0571794c486094fL,0x869254a38bf3a8d6L,0x148a8dd1310b0e25L,
-        0x99ab9f3f9aa3f7d8L },
-      { 0x0927c68a6706c02eL,0x22b5e76c69790e6cL,0x6c3252606c71376cL,
-        0x53a5769009ef6657L } },
-    /* 62 << 133 */
-    { { 0x8d63f852edffcf3aL,0xb4d2ed043c0a6f55L,0xdb3aa8de12519b9eL,
-        0x5d38e9c41e0a569aL },
-      { 0x871528bf303747e2L,0xa208e77cf5b5c18dL,0x9d129c88ca6bf923L,
-        0xbcbf197fbf02839fL } },
-    /* 63 << 133 */
-    { { 0x9b9bf03027323194L,0x3b055a8b339ca59dL,0xb46b23120f669520L,
-        0x19789f1f497e5f24L },
-      { 0x9c499468aaf01801L,0x72ee11908b69d59cL,0x8bd39595acf4c079L,
-        0x3ee11ece8e0cd048L } },
-    /* 64 << 133 */
-    { { 0xebde86ec1ed66f18L,0x225d906bd61fce43L,0x5cab07d6e8bed74dL,
-        0x16e4617f27855ab7L },
-      { 0x6568aaddb2fbc3ddL,0xedb5484f8aeddf5bL,0x878f20e86dcf2fadL,
-        0x3516497c615f5699L } },
-    /* 0 << 140 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 140 */
-    { { 0xef0a3fecfa181e69L,0x9ea02f8130d69a98L,0xb2e9cf8e66eab95dL,
-        0x520f2beb24720021L },
-      { 0x621c540a1df84361L,0x1203772171fa6d5dL,0x6e3c7b510ff5f6ffL,
-        0x817a069babb2bef3L } },
-    /* 2 << 140 */
-    { { 0x83572fb6b294cda6L,0x6ce9bf75b9039f34L,0x20e012f0095cbb21L,
-        0xa0aecc1bd063f0daL },
-      { 0x57c21c3af02909e5L,0xc7d59ecf48ce9cdcL,0x2732b8448ae336f8L,
-        0x056e37233f4f85f4L } },
-    /* 3 << 140 */
-    { { 0x8a10b53189e800caL,0x50fe0c17145208fdL,0x9e43c0d3b714ba37L,
-        0x427d200e34189accL },
-      { 0x05dee24fe616e2c0L,0x9c25f4c8ee1854c1L,0x4d3222a58f342a73L,
-        0x0807804fa027c952L } },
-    /* 4 << 140 */
-    { { 0xc222653a4f0d56f3L,0x961e4047ca28b805L,0x2c03f8b04a73434bL,
-        0x4c966787ab712a19L },
-      { 0xcc196c42864fee42L,0xc1be93da5b0ece5cL,0xa87d9f22c131c159L,
-        0x2bb6d593dce45655L } },
-    /* 5 << 140 */
-    { { 0x22c49ec9b809b7ceL,0x8a41486be2c72c2cL,0x813b9420fea0bf36L,
-        0xb3d36ee9a66dac69L },
-      { 0x6fddc08a328cc987L,0x0a3bcd2c3a326461L,0x7103c49dd810dbbaL,
-        0xf9d81a284b78a4c4L } },
-    /* 6 << 140 */
-    { { 0x3de865ade4d55941L,0xdedafa5e30384087L,0x6f414abb4ef18b9bL,
-        0x9ee9ea42faee5268L },
-      { 0x260faa1637a55a4aL,0xeb19a514015f93b9L,0x51d7ebd29e9c3598L,
-        0x523fc56d1932178eL } },
-    /* 7 << 140 */
-    { { 0x501d070cb98fe684L,0xd60fbe9a124a1458L,0xa45761c892bc6b3fL,
-        0xf5384858fe6f27cbL },
-      { 0x4b0271f7b59e763bL,0x3d4606a95b5a8e5eL,0x1eda5d9b05a48292L,
-        0xda7731d0e6fec446L } },
-    /* 8 << 140 */
-    { { 0xa3e3369390d45871L,0xe976404006166d8dL,0xb5c3368289a90403L,
-        0x4bd1798372f1d637L },
-      { 0xa616679ed5d2c53aL,0x5ec4bcd8fdcf3b87L,0xae6d7613b66a694eL,
-        0x7460fc76e3fc27e5L } },
-    /* 9 << 140 */
-    { { 0x70469b8295caabeeL,0xde024ca5889501e3L,0x6bdadc06076ed265L,
-        0x0cb1236b5a0ef8b2L },
-      { 0x4065ddbf0972ebf9L,0xf1dd387522aca432L,0xa88b97cf744aff76L,
-        0xd1359afdfe8e3d24L } },
-    /* 10 << 140 */
-    { { 0x52a3ba2b91502cf3L,0x2c3832a8084db75dL,0x04a12dddde30b1c9L,
-        0x7802eabce31fd60cL },
-      { 0x33707327a37fddabL,0x65d6f2abfaafa973L,0x3525c5b811e6f91aL,
-        0x76aeb0c95f46530bL } },
-    /* 11 << 140 */
-    { { 0xe8815ff62f93a675L,0xa6ec968405f48679L,0x6dcbb556358ae884L,
-        0x0af61472e19e3873L },
-      { 0x72334372a5f696beL,0xc65e57ea6f22fb70L,0x268da30c946cea90L,
-        0x136a8a8765681b2aL } },
-    /* 12 << 140 */
-    { { 0xad5e81dc0f9f44d4L,0xf09a69602c46585aL,0xd1649164c447d1b1L,
-        0x3b4b36c8879dc8b1L },
-      { 0x20d4177b3b6b234cL,0x096a25051730d9d0L,0x0611b9b8ef80531dL,
-        0xba904b3b64bb495dL } },
-    /* 13 << 140 */
-    { { 0x1192d9d493a3147aL,0x9f30a5dc9a565545L,0x90b1f9cb6ef07212L,
-        0x299585460d87fc13L },
-      { 0xd3323effc17db9baL,0xcb18548ccb1644a8L,0x18a306d44f49ffbcL,
-        0x28d658f14c2e8684L } },
-    /* 14 << 140 */
-    { { 0x44ba60cda99f8c71L,0x67b7abdb4bf742ffL,0x66310f9c914b3f99L,
-        0xae430a32f412c161L },
-      { 0x1e6776d388ace52fL,0x4bc0fa2452d7067dL,0x03c286aa8f07cd1bL,
-        0x4cb8f38ca985b2c1L } },
-    /* 15 << 140 */
-    { { 0x83ccbe808c3bff36L,0x005a0bd25263e575L,0x460d7dda259bdcd1L,
-        0x4a1c5642fa5cab6bL },
-      { 0x2b7bdbb99fe4fc88L,0x09418e28cc97bbb5L,0xd8274fb4a12321aeL,
-        0xb137007d5c87b64eL } },
-    /* 16 << 140 */
-    { { 0x80531fe1c63c4962L,0x50541e89981fdb25L,0xdc1291a1fd4c2b6bL,
-        0xc0693a17a6df4fcaL },
-      { 0xb2c4604e0117f203L,0x245f19630a99b8d0L,0xaedc20aac6212c44L,
-        0xb1ed4e56520f52a8L } },
-    /* 17 << 140 */
-    { { 0xfe48f575f8547be3L,0x0a7033cda9e45f98L,0x4b45d3a918c50100L,
-        0xb2a6cd6aa61d41daL },
-      { 0x60bbb4f557933c6bL,0xa7538ebd2b0d7ffcL,0x9ea3ab8d8cd626b6L,
-        0x8273a4843601625aL } },
-    /* 18 << 140 */
-    { { 0x888598450168e508L,0x8cbc9bb299a94abdL,0x713ac792fab0a671L,
-        0xa3995b196c9ebffcL },
-      { 0xe711668e1239e152L,0x56892558bbb8dff4L,0x8bfc7dabdbf17963L,
-        0x5b59fe5ab3de1253L } },
-    /* 19 << 140 */
-    { { 0x7e3320eb34a9f7aeL,0xe5e8cf72d751efe4L,0x7ea003bcd9be2f37L,
-        0xc0f551a0b6c08ef7L },
-      { 0x56606268038f6725L,0x1dd38e356d92d3b6L,0x07dfce7cc3cbd686L,
-        0x4e549e04651c5da8L } },
-    /* 20 << 140 */
-    { { 0x4058f93b08b19340L,0xc2fae6f4cac6d89dL,0x4bad8a8c8f159cc7L,
-        0x0ddba4b3cb0b601cL },
-      { 0xda4fc7b51dd95f8cL,0x1d163cd7cea5c255L,0x30707d06274a8c4cL,
-        0x79d9e0082802e9ceL } },
-    /* 21 << 140 */
-    { { 0x02a29ebfe6ddd505L,0x37064e74b50bed1aL,0x3f6bae65a7327d57L,
-        0x3846f5f1f83920bcL },
-      { 0x87c3749160df1b9bL,0x4cfb28952d1da29fL,0x10a478ca4ed1743cL,
-        0x390c60303edd47c6L } },
-    /* 22 << 140 */
-    { { 0x8f3e53128c0a78deL,0xccd02bda1e85df70L,0xd6c75c03a61b6582L,
-        0x0762921cfc0eebd1L },
-      { 0xd34d0823d85010c0L,0xd73aaacb0044cf1fL,0xfb4159bba3b5e78aL,
-        0x2287c7f7e5826f3fL } },
-    /* 23 << 140 */
-    { { 0x4aeaf742580b1a01L,0xf080415d60423b79L,0xe12622cda7dea144L,
-        0x49ea499659d62472L },
-      { 0xb42991ef571f3913L,0x0610f214f5b25a8aL,0x47adc58530b79e8fL,
-        0xf90e3df607a065a2L } },
-    /* 24 << 140 */
-    { { 0x5d0a5deb43e2e034L,0x53fb5a34444024aaL,0xa8628c686b0c9f7fL,
-        0x9c69c29cac563656L },
-      { 0x5a231febbace47b6L,0xbdce02899ea5a2ecL,0x05da1fac9463853eL,
-        0x96812c52509e78aaL } },
-    /* 25 << 140 */
-    { { 0xd3fb577157151692L,0xeb2721f8d98e1c44L,0xc050608732399be1L,
-        0xda5a5511d979d8b8L },
-      { 0x737ed55dc6f56780L,0xe20d30040dc7a7f4L,0x02ce7301f5941a03L,
-        0x91ef5215ed30f83aL } },
-    /* 26 << 140 */
-    { { 0x28727fc14092d85fL,0x72d223c65c49e41aL,0xa7cf30a2ba6a4d81L,
-        0x7c086209b030d87dL },
-      { 0x04844c7dfc588b09L,0x728cd4995874bbb0L,0xcc1281eee84c0495L,
-        0x0769b5baec31958fL } },
-    /* 27 << 140 */
-    { { 0x665c228bf99c2471L,0xf2d8a11b191eb110L,0x4594f494d36d7024L,
-        0x482ded8bcdcb25a1L },
-      { 0xc958a9d8dadd4885L,0x7004477ef1d2b547L,0x0a45f6ef2a0af550L,
-        0x4fc739d62f8d6351L } },
-    /* 28 << 140 */
-    { { 0x75cdaf27786f08a9L,0x8700bb2642c2737fL,0x855a71411c4e2670L,
-        0x810188c115076fefL },
-      { 0xc251d0c9abcd3297L,0xae4c8967f48108ebL,0xbd146de718ceed30L,
-        0xf9d4f07ac986bcedL } },
-    /* 29 << 140 */
-    { { 0x5ad98ed583fa1e08L,0x7780d33ebeabd1fbL,0xe330513c903b1196L,
-        0xba11de9ea47bc8c4L },
-      { 0x684334da02c2d064L,0x7ecf360da48de23bL,0x57a1b4740a9089d8L,
-        0xf28fa439ff36734cL } },
-    /* 30 << 140 */
-    { { 0xf2a482cbea4570b3L,0xee65d68ba5ebcee9L,0x988d0036b9694cd5L,
-        0x53edd0e937885d32L },
-      { 0xe37e3307beb9bc6dL,0xe9abb9079f5c6768L,0x4396ccd551f2160fL,
-        0x2500888c47336da6L } },
-    /* 31 << 140 */
-    { { 0x383f9ed9926fce43L,0x809dd1c704da2930L,0x30f6f5968a4cb227L,
-        0x0d700c7f73a56b38L },
-      { 0x1825ea33ab64a065L,0xaab9b7351338df80L,0x1516100d9b63f57fL,
-        0x2574395a27a6a634L } },
-    /* 32 << 140 */
-    { { 0xb5560fb6700a1acdL,0xe823fd73fd999681L,0xda915d1f6cb4e1baL,
-        0x0d0301186ebe00a3L },
-      { 0x744fb0c989fca8cdL,0x970d01dbf9da0e0bL,0x0ad8c5647931d76fL,
-        0xb15737bff659b96aL } },
-    /* 33 << 140 */
-    { { 0xdc9933e8a8b484e7L,0xb2fdbdf97a26dec7L,0x2349e9a49f1f0136L,
-        0x7860368e70fddddbL },
-      { 0xd93d2c1cf9ad3e18L,0x6d6c5f17689f4e79L,0x7a544d91b24ff1b6L,
-        0x3e12a5ebfe16cd8cL } },
-    /* 34 << 140 */
-    { { 0x543574e9a56b872fL,0xa1ad550cfcf68ea2L,0x689e37d23f560ef7L,
-        0x8c54b9cac9d47a8bL },
-      { 0x46d40a4a088ac342L,0xec450c7c1576c6d0L,0xb589e31c1f9689e9L,
-        0xdacf2602b8781718L } },
-    /* 35 << 140 */
-    { { 0xa89237c6c8cb6b42L,0x1326fc93b96ef381L,0x55d56c6db5f07825L,
-        0xacba2eea7449e22dL },
-      { 0x74e0887a633c3000L,0xcb6cd172d7cbcf71L,0x309e81dec36cf1beL,
-        0x07a18a6d60ae399bL } },
-    /* 36 << 140 */
-    { { 0xb36c26799edce57eL,0x52b892f4df001d41L,0xd884ae5d16a1f2c6L,
-        0x9b329424efcc370aL },
-      { 0x3120daf2bd2e21dfL,0x55298d2d02470a99L,0x0b78af6ca05db32eL,
-        0x5c76a331601f5636L } },
-    /* 37 << 140 */
-    { { 0xaae861fff8a4f29cL,0x70dc9240d68f8d49L,0x960e649f81b1321cL,
-        0x3d2c801b8792e4ceL },
-      { 0xf479f77242521876L,0x0bed93bc416c79b1L,0xa67fbc05263e5bc9L,
-        0x01e8e630521db049L } },
-    /* 38 << 140 */
-    { { 0x76f26738c6f3431eL,0xe609cb02e3267541L,0xb10cff2d818c877cL,
-        0x1f0e75ce786a13cbL },
-      { 0xf4fdca641158544dL,0x5d777e896cb71ed0L,0x3c233737a9aa4755L,
-        0x7b453192e527ab40L } },
-    /* 39 << 140 */
-    { { 0xdb59f68839f05ffeL,0x8f4f4be06d82574eL,0xcce3450cee292d1bL,
-        0xaa448a1261ccd086L },
-      { 0xabce91b3f7914967L,0x4537f09b1908a5edL,0xa812421ef51042e7L,
-        0xfaf5cebcec0b3a34L } },
-    /* 40 << 140 */
-    { { 0x730ffd874ca6b39aL,0x70fb72ed02efd342L,0xeb4735f9d75c8edbL,
-        0xc11f2157c278aa51L },
-      { 0xc459f635bf3bfebfL,0x3a1ff0b46bd9601fL,0xc9d12823c420cb73L,
-        0x3e9af3e23c2915a3L } },
-    /* 41 << 140 */
-    { { 0xe0c82c72b41c3440L,0x175239e5e3039a5fL,0xe1084b8a558795a3L,
-        0x328d0a1dd01e5c60L },
-      { 0x0a495f2ed3788a04L,0x25d8ff1666c11a9fL,0xf5155f059ed692d6L,
-        0x954fa1074f425fe4L } },
-    /* 42 << 140 */
-    { { 0xd16aabf2e98aaa99L,0x90cd8ba096b0f88aL,0x957f4782c154026aL,
-        0x54ee073452af56d2L },
-      { 0xbcf89e5445b4147aL,0x3d102f219a52816cL,0x6808517e39b62e77L,
-        0x92e2542169169ad8L } },
-    /* 43 << 140 */
-    { { 0xd721d871bb608558L,0x60e4ebaef6d4ff9bL,0x0ba1081941f2763eL,
-        0xca2e45be51ee3247L },
-      { 0x66d172ec2bfd7a5fL,0x528a8f2f74d0b12dL,0xe17f1e38dabe70dcL,
-        0x1d5d73169f93983cL } },
-    /* 44 << 140 */
-    { { 0x51b2184adf423e31L,0xcb417291aedb1a10L,0x2054ca93625bcab9L,
-        0x54396860a98998f0L },
-      { 0x4e53f6c4a54ae57eL,0x0ffeb590ee648e9dL,0xfbbdaadc6afaf6bcL,
-        0xf88ae796aa3bfb8aL } },
-    /* 45 << 140 */
-    { { 0x209f1d44d2359ed9L,0xac68dd03f3544ce2L,0xf378da47fd51e569L,
-        0xe1abd8602cc80097L },
-      { 0x23ca18d9343b6e3aL,0x480797e8b40a1baeL,0xd1f0c717533f3e67L,
-        0x4489697006e6cdfcL } },
-    /* 46 << 140 */
-    { { 0x8ca2105552a82e8dL,0xb2caf78578460cdcL,0x4c1b7b62e9037178L,
-        0xefc09d2cdb514b58L },
-      { 0x5f2df9ee9113be5cL,0x2fbda78fb3f9271cL,0xe09a81af8f83fc54L,
-        0x06b138668afb5141L } },
-    /* 47 << 140 */
-    { { 0x38f6480f43e3865dL,0x72dd77a81ddf47d9L,0xf2a8e9714c205ff7L,
-        0x46d449d89d088ad8L },
-      { 0x926619ea185d706fL,0xe47e02ebc7dd7f62L,0xe7f120a78cbc2031L,
-        0xc18bef00998d4ac9L } },
-    /* 48 << 140 */
-    { { 0x18f37a9c6bdf22daL,0xefbc432f90dc82dfL,0xc52cef8e5d703651L,
-        0x82887ba0d99881a5L },
-      { 0x7cec9ddab920ec1dL,0xd0d7e8c3ec3e8d3bL,0x445bc3954ca88747L,
-        0xedeaa2e09fd53535L } },
-    /* 49 << 140 */
-    { { 0x461b1d936cc87475L,0xd92a52e26d2383bdL,0xfabccb59d7903546L,
-        0x6111a7613d14b112L },
-      { 0x0ae584feb3d5f612L,0x5ea69b8d60e828ecL,0x6c07898554087030L,
-        0x649cab04ac4821feL } },
-    /* 50 << 140 */
-    { { 0x25ecedcf8bdce214L,0xb5622f7286af7361L,0x0e1227aa7038b9e2L,
-        0xd0efb273ac20fa77L },
-      { 0x817ff88b79df975bL,0x856bf2861999503eL,0xb4d5351f5038ec46L,
-        0x740a52c5fc42af6eL } },
-    /* 51 << 140 */
-    { { 0x2e38bb152cbb1a3fL,0xc3eb99fe17a83429L,0xca4fcbf1dd66bb74L,
-        0x880784d6cde5e8fcL },
-      { 0xddc84c1cb4e7a0beL,0x8780510dbd15a72fL,0x44bcf1af81ec30e1L,
-        0x141e50a80a61073eL } },
-    /* 52 << 140 */
-    { { 0x0d95571847be87aeL,0x68a61417f76a4372L,0xf57e7e87c607c3d3L,
-        0x043afaf85252f332L },
-      { 0xcc14e1211552a4d2L,0xb6dee692bb4d4ab4L,0xb6ab74c8a03816a4L,
-        0x84001ae46f394a29L } },
-    /* 53 << 140 */
-    { { 0x5bed8344d795fb45L,0x57326e7db79f55a5L,0xc9533ce04accdffcL,
-        0x53473caf3993fa04L },
-      { 0x7906eb93a13df4c8L,0xa73e51f697cbe46fL,0xd1ab3ae10ae4ccf8L,
-        0x256145088a5b3dbcL } },
-    /* 54 << 140 */
-    { { 0x61eff96211a71b27L,0xdf71412b6bb7fa39L,0xb31ba6b82bd7f3efL,
-        0xb0b9c41569180d29L },
-      { 0xeec14552014cdde5L,0x702c624b227b4bbbL,0x2b15e8c2d3e988f3L,
-        0xee3bcc6da4f7fd04L } },
-    /* 55 << 140 */
-    { { 0x9d00822a42ac6c85L,0x2db0cea61df9f2b7L,0xd7cad2ab42de1e58L,
-        0x346ed5262d6fbb61L },
-      { 0xb39629951a2faf09L,0x2fa8a5807c25612eL,0x30ae04da7cf56490L,
-        0x756629080eea3961L } },
-    /* 56 << 140 */
-    { { 0x3609f5c53d080847L,0xcb081d395241d4f6L,0xb4fb381077961a63L,
-        0xc20c59842abb66fcL },
-      { 0x3d40aa7cf902f245L,0x9cb127364e536b1eL,0x5eda24da99b3134fL,
-        0xafbd9c695cd011afL } },
-    /* 57 << 140 */
-    { { 0x9a16e30ac7088c7dL,0x5ab657103207389fL,0x1b09547fe7407a53L,
-        0x2322f9d74fdc6eabL },
-      { 0xc0f2f22d7430de4dL,0x19382696e68ca9a9L,0x17f1eff1918e5868L,
-        0xe3b5b635586f4204L } },
-    /* 58 << 140 */
-    { { 0x146ef9803fbc4341L,0x359f2c805b5eed4eL,0x9f35744e7482e41dL,
-        0x9a9ac3ecf3b224c2L },
-      { 0x9161a6fe91fc50aeL,0x89ccc66bc613fa7cL,0x89268b14c732f15aL,
-        0x7cd6f4e2b467ed03L } },
-    /* 59 << 140 */
-    { { 0xfbf79869ce56b40eL,0xf93e094cc02dde98L,0xefe0c3a8edee2cd7L,
-        0x90f3ffc0b268fd42L },
-      { 0x81a7fd5608241aedL,0x95ab7ad800b1afe8L,0x401270563e310d52L,
-        0xd3ffdeb109d9fc43L } },
-    /* 60 << 140 */
-    { { 0xc8f85c91d11a8594L,0x2e74d25831cf6db8L,0x829c7ca302b5dfd0L,
-        0xe389cfbe69143c86L },
-      { 0xd01b6405941768d8L,0x4510399503bf825dL,0xcc4ee16656cd17e2L,
-        0xbea3c283ba037e79L } },
-    /* 61 << 140 */
-    { { 0x4e1ac06ed9a47520L,0xfbfe18aaaf852404L,0x5615f8e28087648aL,
-        0x7301e47eb9d150d9L },
-      { 0x79f9f9ddb299b977L,0x76697a7ba5b78314L,0x10d674687d7c90e7L,
-        0x7afffe03937210b5L } },
-    /* 62 << 140 */
-    { { 0x5aef3e4b28c22ceeL,0xefb0ecd809fd55aeL,0x4cea71320d2a5d6aL,
-        0x9cfb5fa101db6357L },
-      { 0x395e0b57f36e1ac5L,0x008fa9ad36cafb7dL,0x8f6cdf705308c4dbL,
-        0x51527a3795ed2477L } },
-    /* 63 << 140 */
-    { { 0xba0dee305bd21311L,0x6ed41b22909c90d7L,0xc5f6b7587c8696d3L,
-        0x0db8eaa83ce83a80L },
-      { 0xd297fe37b24b4b6fL,0xfe58afe8522d1f0dL,0x973587368c98dbd9L,
-        0x6bc226ca9454a527L } },
-    /* 64 << 140 */
-    { { 0xa12b384ece53c2d0L,0x779d897d5e4606daL,0xa53e47b073ec12b0L,
-        0x462dbbba5756f1adL },
-      { 0x69fe09f2cafe37b6L,0x273d1ebfecce2e17L,0x8ac1d5383cf607fdL,
-        0x8035f7ff12e10c25L } },
-    /* 0 << 147 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 147 */
-    { { 0x854d34c77e6c5520L,0xc27df9efdcb9ea58L,0x405f2369d686666dL,
-        0x29d1febf0417aa85L },
-      { 0x9846819e93470afeL,0x3e6a9669e2a27f9eL,0x24d008a2e31e6504L,
-        0xdba7cecf9cb7680aL } },
-    /* 2 << 147 */
-    { { 0xecaff541338d6e43L,0x56f7dd734541d5ccL,0xb5d426de96bc88caL,
-        0x48d94f6b9ed3a2c3L },
-      { 0x6354a3bb2ef8279cL,0xd575465b0b1867f2L,0xef99b0ff95225151L,
-        0xf3e19d88f94500d8L } },
-    /* 3 << 147 */
-    { { 0x92a83268e32dd620L,0x913ec99f627849a2L,0xedd8fdfa2c378882L,
-        0xaf96f33eee6f8cfeL },
-      { 0xc06737e5dc3fa8a5L,0x236bb531b0b03a1dL,0x33e59f2989f037b0L,
-        0x13f9b5a7d9a12a53L } },
-    /* 4 << 147 */
-    { { 0x0d0df6ce51efb310L,0xcb5b2eb4958df5beL,0xd6459e2936158e59L,
-        0x82aae2b91466e336L },
-      { 0xfb658a39411aa636L,0x7152ecc5d4c0a933L,0xf10c758a49f026b7L,
-        0xf4837f97cb09311fL } },
-    /* 5 << 147 */
-    { { 0xddfb02c4c753c45fL,0x18ca81b6f9c840feL,0x846fd09ab0f8a3e6L,
-        0xb1162adde7733dbcL },
-      { 0x7070ad20236e3ab6L,0xf88cdaf5b2a56326L,0x05fc8719997cbc7aL,
-        0x442cd4524b665272L } },
-    /* 6 << 147 */
-    { { 0x7807f364b71698f5L,0x6ba418d29f7b605eL,0xfd20b00fa03b2cbbL,
-        0x883eca37da54386fL },
-      { 0xff0be43ff3437f24L,0xe910b432a48bb33cL,0x4963a128329df765L,
-        0xac1dd556be2fe6f7L } },
-    /* 7 << 147 */
-    { { 0x557610f924a0a3fcL,0x38e17bf4e881c3f9L,0x6ba84fafed0dac99L,
-        0xd4a222c359eeb918L },
-      { 0xc79c1dbe13f542b6L,0x1fc65e0de425d457L,0xeffb754f1debb779L,
-        0x638d8fd09e08af60L } },
-    /* 8 << 147 */
-    { { 0x994f523a626332d5L,0x7bc388335561bb44L,0x005ed4b03d845ea2L,
-        0xd39d3ee1c2a1f08aL },
-      { 0x6561fdd3e7676b0dL,0x620e35fffb706017L,0x36ce424ff264f9a8L,
-        0xc4c3419fda2681f7L } },
-    /* 9 << 147 */
-    { { 0xfb6afd2f69beb6e8L,0x3a50b9936d700d03L,0xc840b2ad0c83a14fL,
-        0x573207be54085befL },
-      { 0x5af882e309fe7e5bL,0x957678a43b40a7e1L,0x172d4bdd543056e2L,
-        0x9c1b26b40df13c0aL } },
-    /* 10 << 147 */
-    { { 0x1c30861cf405ff06L,0xebac86bd486e828bL,0xe791a971636933fcL,
-        0x50e7c2be7aeee947L },
-      { 0xc3d4a095fa90d767L,0xae60eb7be670ab7bL,0x17633a64397b056dL,
-        0x93a21f33105012aaL } },
-    /* 11 << 147 */
-    { { 0x663c370babb88643L,0x91df36d722e21599L,0x183ba8358b761671L,
-        0x381eea1d728f3bf1L },
-      { 0xb9b2f1ba39966e6cL,0x7c464a28e7295492L,0x0fd5f70a09b26b7fL,
-        0xa9aba1f9fbe009dfL } },
-    /* 12 << 147 */
-    { { 0x857c1f22369b87adL,0x3c00e5d932fca556L,0x1ad74cab90b06466L,
-        0xa7112386550faaf2L },
-      { 0x7435e1986d9bd5f5L,0x2dcc7e3859c3463fL,0xdc7df748ca7bd4b2L,
-        0x13cd4c089dec2f31L } },
-    /* 13 << 147 */
-    { { 0x0d3b5df8e3237710L,0x0dadb26ecbd2f7b0L,0x9f5966abe4aa082bL,
-        0x666ec8de350e966eL },
-      { 0x1bfd1ed5ee524216L,0xcd93c59b41dab0b6L,0x658a8435d186d6baL,
-        0x1b7d34d2159d1195L } },
-    /* 14 << 147 */
-    { { 0x5936e46022caf46bL,0x6a45dd8f9a96fe4fL,0xf7925434b98f474eL,
-        0x414104120053ef15L },
-      { 0x71cf8d1241de97bfL,0xb8547b61bd80bef4L,0xb47d3970c4db0037L,
-        0xf1bcd328fef20dffL } },
-    /* 15 << 147 */
-    { { 0x31a92e0910caad67L,0x1f5919605531a1e1L,0x3bb852e05f4fc840L,
-        0x63e297ca93a72c6cL },
-      { 0x3c2b0b2e49abad67L,0x6ec405fced3db0d9L,0xdc14a5307fef1d40L,
-        0xccd19846280896fcL } },
-    /* 16 << 147 */
-    { { 0x00f831769bb81648L,0xd69eb485653120d0L,0xd17d75f44ccabc62L,
-        0x34a07f82b749fcb1L },
-      { 0x2c3af787bbfb5554L,0xb06ed4d062e283f8L,0x5722889fa19213a0L,
-        0x162b085edcf3c7b4L } },
-    /* 17 << 147 */
-    { { 0xbcaecb31e0dd3ecaL,0xc6237fbce52f13a5L,0xcc2b6b0327bac297L,
-        0x2ae1cac5b917f54aL },
-      { 0x474807d47845ae4fL,0xfec7dd92ce5972e0L,0xc3bd25411d7915bbL,
-        0x66f85dc4d94907caL } },
-    /* 18 << 147 */
-    { { 0xd981b888bdbcf0caL,0xd75f5da6df279e9fL,0x128bbf247054e934L,
-        0x3c6ff6e581db134bL },
-      { 0x795b7cf4047d26e4L,0xf370f7b85049ec37L,0xc6712d4dced945afL,
-        0xdf30b5ec095642bcL } },
-    /* 19 << 147 */
-    { { 0x9b034c624896246eL,0x5652c016ee90bbd1L,0xeb38636f87fedb73L,
-        0x5e32f8470135a613L },
-      { 0x0703b312cf933c83L,0xd05bb76e1a7f47e6L,0x825e4f0c949c2415L,
-        0x569e56227250d6f8L } },
-    /* 20 << 147 */
-    { { 0xbbe9eb3a6568013eL,0x8dbd203f22f243fcL,0x9dbd7694b342734aL,
-        0x8f6d12f846afa984L },
-      { 0xb98610a2c9eade29L,0xbab4f32347dd0f18L,0x5779737b671c0d46L,
-        0x10b6a7c6d3e0a42aL } },
-    /* 21 << 147 */
-    { { 0xfb19ddf33035b41cL,0xd336343f99c45895L,0x61fe493854c857e5L,
-        0xc4d506beae4e57d5L },
-      { 0x3cd8c8cbbbc33f75L,0x7281f08a9262c77dL,0x083f4ea6f11a2823L,
-        0x8895041e9fba2e33L } },
-    /* 22 << 147 */
-    { { 0xfcdfea499c438edfL,0x7678dcc391edba44L,0xf07b3b87e2ba50f0L,
-        0xc13888ef43948c1bL },
-      { 0xc2135ad41140af42L,0x8e5104f3926ed1a7L,0xf24430cb88f6695fL,
-        0x0ce0637b6d73c120L } },
-    /* 23 << 147 */
-    { { 0xb2db01e6fe631e8fL,0x1c5563d7d7bdd24bL,0x8daea3ba369ad44fL,
-        0x000c81b68187a9f9L },
-      { 0x5f48a951aae1fd9aL,0xe35626c78d5aed8aL,0x209527630498c622L,
-        0x76d17634773aa504L } },
-    /* 24 << 147 */
-    { { 0x36d90ddaeb300f7aL,0x9dcf7dfcedb5e801L,0x645cb26874d5244cL,
-        0xa127ee79348e3aa2L },
-      { 0x488acc53575f1dbbL,0x95037e8580e6161eL,0x57e59283292650d0L,
-        0xabe67d9914938216L } },
-    /* 25 << 147 */
-    { { 0x3c7f944b3f8e1065L,0xed908cb6330e8924L,0x08ee8fd56f530136L,
-        0x2227b7d5d7ffc169L },
-      { 0x4f55c893b5cd6dd5L,0x82225e11a62796e8L,0x5c6cead1cb18e12cL,
-        0x4381ae0c84f5a51aL } },
-    /* 26 << 147 */
-    { { 0x345913d37fafa4c8L,0x3d9180820491aac0L,0x9347871f3e69264cL,
-        0xbea9dd3cb4f4f0cdL },
-      { 0xbda5d0673eadd3e7L,0x0033c1b80573bcd8L,0x255893795da2486cL,
-        0xcb89ee5b86abbee7L } },
-    /* 27 << 147 */
-    { { 0x8fe0a8f322532e5dL,0xb6410ff0727dfc4cL,0x619b9d58226726dbL,
-        0x5ec256697a2b2dc7L },
-      { 0xaf4d2e064c3beb01L,0x852123d07acea556L,0x0e9470faf783487aL,
-        0x75a7ea045664b3ebL } },
-    /* 28 << 147 */
-    { { 0x4ad78f356798e4baL,0x9214e6e5c7d0e091L,0xc420b488b1290403L,
-        0x64049e0afc295749L },
-      { 0x03ef5af13ae9841fL,0xdbe4ca19b0b662a6L,0x46845c5ffa453458L,
-        0xf8dabf1910b66722L } },
-    /* 29 << 147 */
-    { { 0xb650f0aacce2793bL,0x71db851ec5ec47c1L,0x3eb78f3e3b234fa9L,
-        0xb0c60f35fc0106ceL },
-      { 0x05427121774eadbdL,0x25367fafce323863L,0x7541b5c9cd086976L,
-        0x4ff069e2dc507ad1L } },
-    /* 30 << 147 */
-    { { 0x741452568776e667L,0x6e76142cb23c6bb5L,0xdbf307121b3a8a87L,
-        0x60e7363e98450836L },
-      { 0x5741450eb7366d80L,0xe4ee14ca4837dbdfL,0xa765eb9b69d4316fL,
-        0x04548dca8ef43825L } },
-    /* 31 << 147 */
-    { { 0x9c9f4e4c5ae888ebL,0x733abb5156e9ac99L,0xdaad3c20ba6ac029L,
-        0x9b8dd3d32ba3e38eL },
-      { 0xa9bb4c920bc5d11aL,0xf20127a79c5f88a3L,0x4f52b06e161d3cb8L,
-        0x26c1ff096afaf0a6L } },
-    /* 32 << 147 */
-    { { 0x32670d2f7189e71fL,0xc64387485ecf91e7L,0x15758e57db757a21L,
-        0x427d09f8290a9ce5L },
-      { 0x846a308f38384a7aL,0xaac3acb4b0732b99L,0x9e94100917845819L,
-        0x95cba111a7ce5e03L } },
-    /* 33 << 147 */
-    { { 0x6f3d4f7fb00009c4L,0xb8396c278ff28b5fL,0xb1a9ae431c97975dL,
-        0x9d7ba8afe5d9fed5L },
-      { 0x338cf09f34f485b6L,0xbc0ddacc64122516L,0xa450da1205d471feL,
-        0x4c3a6250628dd8c9L } },
-    /* 34 << 147 */
-    { { 0x69c7d103d1295837L,0xa2893e503807eb2fL,0xd6e1e1debdb41491L,
-        0xc630745b5e138235L },
-      { 0xc892109e48661ae1L,0x8d17e7ebea2b2674L,0x00ec0f87c328d6b5L,
-        0x6d858645f079ff9eL } },
-    /* 35 << 147 */
-    { { 0x6cdf243e19115eadL,0x1ce1393e4bac4fcfL,0x2c960ed09c29f25bL,
-        0x59be4d8e9d388a05L },
-      { 0x0d46e06cd0def72bL,0xb923db5de0342748L,0xf7d3aacd936d4a3dL,
-        0x558519cc0b0b099eL } },
-    /* 36 << 147 */
-    { { 0x3ea8ebf8827097efL,0x259353dbd054f55dL,0x84c89abc6d2ed089L,
-        0x5c548b698e096a7cL },
-      { 0xd587f616994b995dL,0x4d1531f6a5845601L,0x792ab31e451fd9f0L,
-        0xc8b57bb265adf6caL } },
-    /* 37 << 147 */
-    { { 0x68440fcb1cd5ad73L,0xb9c860e66144da4fL,0x2ab286aa8462beb8L,
-        0xcc6b8fffef46797fL },
-      { 0xac820da420c8a471L,0x69ae05a177ff7fafL,0xb9163f39bfb5da77L,
-        0xbd03e5902c73ab7aL } },
-    /* 38 << 147 */
-    { { 0x7e862b5eb2940d9eL,0x3c663d864b9af564L,0xd8309031bde3033dL,
-        0x298231b2d42c5bc6L },
-      { 0x42090d2c552ad093L,0xa4799d1cff854695L,0x0a88b5d6d31f0d00L,
-        0xf8b40825a2f26b46L } },
-    /* 39 << 147 */
-    { { 0xec29b1edf1bd7218L,0xd491c53b4b24c86eL,0xd2fe588f3395ea65L,
-        0x6f3764f74456ef15L },
-      { 0xdb43116dcdc34800L,0xcdbcd456c1e33955L,0xefdb554074ab286bL,
-        0x948c7a51d18c5d7cL } },
-    /* 40 << 147 */
-    { { 0xeb81aa377378058eL,0x41c746a104411154L,0xa10c73bcfb828ac7L,
-        0x6439be919d972b29L },
-      { 0x4bf3b4b043a2fbadL,0x39e6dadf82b5e840L,0x4f7164086397bd4cL,
-        0x0f7de5687f1eeccbL } },
-    /* 41 << 147 */
-    { { 0x5865c5a1d2ffbfc1L,0xf74211fa4ccb6451L,0x66368a88c0b32558L,
-        0x5b539dc29ad7812eL },
-      { 0x579483d02f3af6f6L,0x5213207899934eceL,0x50b9650fdcc9e983L,
-        0xca989ec9aee42b8aL } },
-    /* 42 << 147 */
-    { { 0x6a44c829d6f62f99L,0x8f06a3094c2a7c0cL,0x4ea2b3a098a0cb0aL,
-        0x5c547b70beee8364L },
-      { 0x461d40e1682afe11L,0x9e0fc77a7b41c0a8L,0x79e4aefde20d5d36L,
-        0x2916e52032dd9f63L } },
-    /* 43 << 147 */
-    { { 0xf59e52e83f883fafL,0x396f96392b868d35L,0xc902a9df4ca19881L,
-        0x0fc96822db2401a6L },
-      { 0x4123758766f1c68dL,0x10fc6de3fb476c0dL,0xf8b6b579841f5d90L,
-        0x2ba8446cfa24f44aL } },
-    /* 44 << 147 */
-    { { 0xa237b920ef4a9975L,0x60bb60042330435fL,0xd6f4ab5acfb7e7b5L,
-        0xb2ac509783435391L },
-      { 0xf036ee2fb0d1ea67L,0xae779a6a74c56230L,0x59bff8c8ab838ae6L,
-        0xcd83ca999b38e6f0L } },
-    /* 45 << 147 */
-    { { 0xbb27bef5e33deed3L,0xe6356f6f001892a8L,0xbf3be6cc7adfbd3eL,
-        0xaecbc81c33d1ac9dL },
-      { 0xe4feb909e6e861dcL,0x90a247a453f5f801L,0x01c50acb27346e57L,
-        0xce29242e461acc1bL } },
-    /* 46 << 147 */
-    { { 0x04dd214a2f998a91L,0x271ee9b1d4baf27bL,0x7e3027d1e8c26722L,
-        0x21d1645c1820dce5L },
-      { 0x086f242c7501779cL,0xf0061407fa0e8009L,0xf23ce47760187129L,
-        0x05bbdedb0fde9bd0L } },
-    /* 47 << 147 */
-    { { 0x682f483225d98473L,0xf207fe855c658427L,0xb6fdd7ba4166ffa1L,
-        0x0c3140569eed799dL },
-      { 0x0db8048f4107e28fL,0x74ed387141216840L,0x74489f8f56a3c06eL,
-        0x1e1c005b12777134L } },
-    /* 48 << 147 */
-    { { 0xdb332a73f37ec3c3L,0xc65259bddd59eba0L,0x2291709cdb4d3257L,
-        0x9a793b25bd389390L },
-      { 0xf39fe34be43756f0L,0x2f76bdce9afb56c9L,0x9f37867a61208b27L,
-        0xea1d4307089972c3L } },
-    /* 49 << 147 */
-    { { 0x8c5953308bdf623aL,0x5f5accda8441fb7dL,0xfafa941832ddfd95L,
-        0x6ad40c5a0fde9be7L },
-      { 0x43faba89aeca8709L,0xc64a7cf12c248a9dL,0x1662025272637a76L,
-        0xaee1c79122b8d1bbL } },
-    /* 50 << 147 */
-    { { 0xf0f798fd21a843b2L,0x56e4ed4d8d005cb1L,0x355f77801f0d8abeL,
-        0x197b04cf34522326L },
-      { 0x41f9b31ffd42c13fL,0x5ef7feb2b40f933dL,0x27326f425d60bad4L,
-        0x027ecdb28c92cf89L } },
-    /* 51 << 147 */
-    { { 0x04aae4d14e3352feL,0x08414d2f73591b90L,0x5ed6124eb7da7d60L,
-        0xb985b9314d13d4ecL },
-      { 0xa592d3ab96bf36f9L,0x012dbed5bbdf51dfL,0xa57963c0df6c177dL,
-        0x010ec86987ca29cfL } },
-    /* 52 << 147 */
-    { { 0xba1700f6bf926dffL,0x7c9fdbd1f4bf6bc2L,0xdc18dc8f64da11f5L,
-        0xa6074b7ad938ae75L },
-      { 0x14270066e84f44a4L,0x99998d38d27b954eL,0xc1be8ab2b4f38e9aL,
-        0x8bb55bbf15c01016L } },
-    /* 53 << 147 */
-    { { 0xf73472b40ea2ab30L,0xd365a340f73d68ddL,0xc01a716819c2e1ebL,
-        0x32f49e3734061719L },
-      { 0xb73c57f101d8b4d6L,0x03c8423c26b47700L,0x321d0bc8a4d8826aL,
-        0x6004213c4bc0e638L } },
-    /* 54 << 147 */
-    { { 0xf78c64a1c1c06681L,0x16e0a16fef018e50L,0x31cbdf91db42b2b3L,
-        0xf8f4ffcee0d36f58L },
-      { 0xcdcc71cd4cc5e3e0L,0xd55c7cfaa129e3e0L,0xccdb6ba00fb2cbf1L,
-        0x6aba0005c4bce3cbL } },
-    /* 55 << 147 */
-    { { 0x501cdb30d232cfc4L,0x9ddcf12ed58a3cefL,0x02d2cf9c87e09149L,
-        0xdc5d7ec72c976257L },
-      { 0x6447986e0b50d7ddL,0x88fdbaf7807f112aL,0x58c9822ab00ae9f6L,
-        0x6abfb9506d3d27e0L } },
-    /* 56 << 147 */
-    { { 0xd0a744878a429f4fL,0x0649712bdb516609L,0xb826ba57e769b5dfL,
-        0x82335df21fc7aaf2L },
-      { 0x2389f0675c93d995L,0x59ac367a68677be6L,0xa77985ff21d9951bL,
-        0x038956fb85011cceL } },
-    /* 57 << 147 */
-    { { 0x608e48cbbb734e37L,0xc08c0bf22be5b26fL,0x17bbdd3bf9b1a0d9L,
-        0xeac7d89810483319L },
-      { 0xc95c4bafbc1a6deaL,0xfdd0e2bf172aafdbL,0x40373cbc8235c41aL,
-        0x14303f21fb6f41d5L } },
-    /* 58 << 147 */
-    { { 0xba0636210408f237L,0xcad3b09aecd2d1edL,0x4667855a52abb6a2L,
-        0xba9157dcaa8b417bL },
-      { 0xfe7f35074f013efbL,0x1b112c4baa38c4a2L,0xa1406a609ba64345L,
-        0xe53cba336993c80bL } },
-    /* 59 << 147 */
-    { { 0x45466063ded40d23L,0x3d5f1f4d54908e25L,0x9ebefe62403c3c31L,
-        0x274ea0b50672a624L },
-      { 0xff818d99451d1b71L,0x80e826438f79cf79L,0xa165df1373ce37f5L,
-        0xa744ef4ffe3a21fdL } },
-    /* 60 << 147 */
-    { { 0x73f1e7f5cf551396L,0xc616898e868c676bL,0x671c28c78c442c36L,
-        0xcfe5e5585e0a317dL },
-      { 0x1242d8187051f476L,0x56fad2a614f03442L,0x262068bc0a44d0f6L,
-        0xdfa2cd6ece6edf4eL } },
-    /* 61 << 147 */
-    { { 0x0f43813ad15d1517L,0x61214cb2377d44f5L,0xd399aa29c639b35fL,
-        0x42136d7154c51c19L },
-      { 0x9774711b08417221L,0x0a5546b352545a57L,0x80624c411150582dL,
-        0x9ec5c418fbc555bcL } },
-    /* 62 << 147 */
-    { { 0x2c87dcad771849f1L,0xb0c932c501d7bf6fL,0x6aa5cd3e89116eb2L,
-        0xd378c25a51ca7bd3L },
-      { 0xc612a0da9e6e3e31L,0x0417a54db68ad5d0L,0x00451e4a22c6edb8L,
-        0x9fbfe019b42827ceL } },
-    /* 63 << 147 */
-    { { 0x2fa92505ba9384a2L,0x21b8596e64ad69c1L,0x8f4fcc49983b35a6L,
-        0xde09376072754672L },
-      { 0x2f14ccc8f7bffe6dL,0x27566bff5d94263dL,0xb5b4e9c62df3ec30L,
-        0x94f1d7d53e6ea6baL } },
-    /* 64 << 147 */
-    { { 0x97b7851aaaca5e9bL,0x518aa52156713b97L,0x3357e8c7150a61f6L,
-        0x7842e7e2ec2c2b69L },
-      { 0x8dffaf656868a548L,0xd963bd82e068fc81L,0x64da5c8b65917733L,
-        0x927090ff7b247328L } },
-    /* 0 << 154 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 154 */
-    { { 0x214bc9a7d298c241L,0xe3b697ba56807cfdL,0xef1c78024564eadbL,
-        0xdde8cdcfb48149c5L },
-      { 0x946bf0a75a4d2604L,0x27154d7f6c1538afL,0x95cc9230de5b1fccL,
-        0xd88519e966864f82L } },
-    /* 2 << 154 */
-    { { 0xb828dd1a7cb1282cL,0xa08d7626be46973aL,0x6baf8d40e708d6b2L,
-        0x72571fa14daeb3f3L },
-      { 0x85b1732ff22dfd98L,0x87ab01a70087108dL,0xaaaafea85988207aL,
-        0xccc832f869f00755L } },
-    /* 3 << 154 */
-    { { 0x964d950e36ff3bf0L,0x8ad20f6ff0b34638L,0x4d9177b3b5d7585fL,
-        0xcf839760ef3f019fL },
-      { 0x582fc5b38288c545L,0x2f8e4e9b13116bd1L,0xf91e1b2f332120efL,
-        0xcf5687242a17dd23L } },
-    /* 4 << 154 */
-    { { 0x488f1185ca8d9d1aL,0xadf2c77dd987ded2L,0x5f3039f060c46124L,
-        0xe5d70b7571e095f4L },
-      { 0x82d586506260e70fL,0x39d75ea7f750d105L,0x8cf3d0b175bac364L,
-        0xf3a7564d21d01329L } },
-    /* 5 << 154 */
-    { { 0x182f04cd2f52d2a7L,0x4fde149ae2df565aL,0xb80c5eeca79fb2f7L,
-        0xab491d7b22ddc897L },
-      { 0x99d76c18c6312c7fL,0xca0d5f3d6aa41a57L,0x71207325d15363a0L,
-        0xe82aa265beb252c2L } },
-    /* 6 << 154 */
-    { { 0x94ab4700ec3128c2L,0x6c76d8628e383f49L,0xdc36b150c03024ebL,
-        0xfb43947753daac69L },
-      { 0xfc68764a8dc79623L,0x5b86995db440fbb2L,0xd66879bfccc5ee0dL,
-        0x0522894295aa8bd3L } },
-    /* 7 << 154 */
-    { { 0xb51a40a51e6a75c1L,0x24327c760ea7d817L,0x0663018207774597L,
-        0xd6fdbec397fa7164L },
-      { 0x20c99dfb13c90f48L,0xd6ac5273686ef263L,0xc6a50bdcfef64eebL,
-        0xcd87b28186fdfc32L } },
-    /* 8 << 154 */
-    { { 0xb24aa43e3fcd3efcL,0xdd26c034b8088e9aL,0xa5ef4dc9bd3d46eaL,
-        0xa2f99d588a4c6a6fL },
-      { 0xddabd3552f1da46cL,0x72c3f8ce1afacdd1L,0xd90c4eee92d40578L,
-        0xd28bb41fca623b94L } },
-    /* 9 << 154 */
-    { { 0x50fc0711745edc11L,0x9dd9ad7d3dc87558L,0xce6931fbb49d1e64L,
-        0x6c77a0a2c98bd0f9L },
-      { 0x62b9a6296baf7cb1L,0xcf065f91ccf72d22L,0x7203cce979639071L,
-        0x09ae4885f9cb732fL } },
-    /* 10 << 154 */
-    { { 0x5e7c3becee8314f3L,0x1c068aeddbea298fL,0x08d381f17c80acecL,
-        0x03b56be8e330495bL },
-      { 0xaeffb8f29222882dL,0x95ff38f6c4af8bf7L,0x50e32d351fc57d8cL,
-        0x6635be5217b444f0L } },
-    /* 11 << 154 */
-    { { 0x04d15276a5177900L,0x4e1dbb47f6858752L,0x5b475622c615796cL,
-        0xa6fa0387691867bfL },
-      { 0xed7f5d562844c6d0L,0xc633cf9b03a2477dL,0xf6be5c402d3721d6L,
-        0xaf312eb7e9fd68e6L } },
-    /* 12 << 154 */
-    { { 0x242792d2e7417ce1L,0xff42bc71970ee7f5L,0x1ff4dc6d5c67a41eL,
-        0x77709b7b20882a58L },
-      { 0x3554731dbe217f2cL,0x2af2a8cd5bb72177L,0x58eee769591dd059L,
-        0xbb2930c94bba6477L } },
-    /* 13 << 154 */
-    { { 0x863ee0477d930cfcL,0x4c262ad1396fd1f4L,0xf4765bc8039af7e1L,
-        0x2519834b5ba104f6L },
-      { 0x7cd61b4cd105f961L,0xa5415da5d63bca54L,0x778280a088a1f17cL,
-        0xc49689492329512cL } },
-    /* 14 << 154 */
-    { { 0x174a9126cecdaa7aL,0xfc8c7e0e0b13247bL,0x29c110d23484c1c4L,
-        0xf8eb8757831dfc3bL },
-      { 0x022f0212c0067452L,0x3f6f69ee7b9b926cL,0x09032da0ef42daf4L,
-        0x79f00ade83f80de4L } },
-    /* 15 << 154 */
-    { { 0x6210db7181236c97L,0x74f7685b3ee0781fL,0x4df7da7ba3e41372L,
-        0x2aae38b1b1a1553eL },
-      { 0x1688e222f6dd9d1bL,0x576954485b8b6487L,0x478d21274b2edeaaL,
-        0xb2818fa51e85956aL } },
-    /* 16 << 154 */
-    { { 0x1e6adddaf176f2c0L,0x01ca4604e2572658L,0x0a404ded85342ffbL,
-        0x8cf60f96441838d6L },
-      { 0x9bbc691cc9071c4aL,0xfd58874434442803L,0x97101c85809c0d81L,
-        0xa7fb754c8c456f7fL } },
-    /* 17 << 154 */
-    { { 0xc95f3c5cd51805e1L,0xab4ccd39b299dca8L,0x3e03d20b47eaf500L,
-        0xfa3165c1d7b80893L },
-      { 0x005e8b54e160e552L,0xdc4972ba9019d11fL,0x21a6972e0c9a4a7aL,
-        0xa52c258f37840fd7L } },
-    /* 18 << 154 */
-    { { 0xf8559ff4c1e99d81L,0x08e1a7d6a3c617c0L,0xb398fd43248c6ba7L,
-        0x6ffedd91d1283794L },
-      { 0x8a6a59d2d629d208L,0xa9d141d53490530eL,0x42f6fc1838505989L,
-        0x09bf250d479d94eeL } },
-    /* 19 << 154 */
-    { { 0x223ad3b1b3822790L,0x6c5926c093b8971cL,0x609efc7e75f7fa62L,
-        0x45d66a6d1ec2d989L },
-      { 0x4422d663987d2792L,0x4a73caad3eb31d2bL,0xf06c2ac1a32cb9e6L,
-        0xd9445c5f91aeba84L } },
-    /* 20 << 154 */
-    { { 0x6af7a1d5af71013fL,0xe68216e50bedc946L,0xf4cba30bd27370a0L,
-        0x7981afbf870421ccL },
-      { 0x02496a679449f0e1L,0x86cfc4be0a47edaeL,0x3073c936b1feca22L,
-        0xf569461203f8f8fbL } },
-    /* 21 << 154 */
-    { { 0xd063b723901515eaL,0x4c6c77a5749cf038L,0x6361e360ab9e5059L,
-        0x596cf171a76a37c0L },
-      { 0x800f53fa6530ae7aL,0x0f5e631e0792a7a6L,0x5cc29c24efdb81c9L,
-        0xa269e8683f9c40baL } },
-    /* 22 << 154 */
-    { { 0xec14f9e12cb7191eL,0x78ea1bd8e5b08ea6L,0x3c65aa9b46332bb9L,
-        0x84cc22b3bf80ce25L },
-      { 0x0098e9e9d49d5bf1L,0xcd4ec1c619087da4L,0x3c9d07c5aef6e357L,
-        0x839a02689f8f64b8L } },
-    /* 23 << 154 */
-    { { 0xc5e9eb62c6d8607fL,0x759689f56aa995e4L,0x70464669bbb48317L,
-        0x921474bfe402417dL },
-      { 0xcabe135b2a354c8cL,0xd51e52d2812fa4b5L,0xec74109653311fe8L,
-        0x4f774535b864514bL } },
-    /* 24 << 154 */
-    { { 0xbcadd6715bde48f8L,0xc97038732189bc7dL,0x5d45299ec709ee8aL,
-        0xd1287ee2845aaff8L },
-      { 0x7d1f8874db1dbf1fL,0xea46588b990c88d6L,0x60ba649a84368313L,
-        0xd5fdcbce60d543aeL } },
-    /* 25 << 154 */
-    { { 0x90b46d43810d5ab0L,0x6739d8f904d7e5ccL,0x021c1a580d337c33L,
-        0x00a6116268e67c40L },
-      { 0x95ef413b379f0a1fL,0xfe126605e9e2ab95L,0x67578b852f5f199cL,
-        0xf5c003292cb84913L } },
-    /* 26 << 154 */
-    { { 0xf795643037577dd8L,0x83b82af429c5fe88L,0x9c1bea26cdbdc132L,
-        0x589fa0869c04339eL },
-      { 0x033e9538b13799dfL,0x85fa8b21d295d034L,0xdf17f73fbd9ddccaL,
-        0xf32bd122ddb66334L } },
-    /* 27 << 154 */
-    { { 0x55ef88a7858b044cL,0x1f0d69c25aa9e397L,0x55fd9cc340d85559L,
-        0xc774df727785ddb2L },
-      { 0x5dcce9f6d3bd2e1cL,0xeb30da20a85dfed0L,0x5ed7f5bbd3ed09c4L,
-        0x7d42a35c82a9c1bdL } },
-    /* 28 << 154 */
-    { { 0xcf3de9959890272dL,0x75f3432a3e713a10L,0x5e13479fe28227b8L,
-        0xb8561ea9fefacdc8L },
-      { 0xa6a297a08332aafdL,0x9b0d8bb573809b62L,0xd2fa1cfd0c63036fL,
-        0x7a16eb55bd64bda8L } },
-    /* 29 << 154 */
-    { { 0x3f5cf5f678e62ddcL,0x2267c45407fd752bL,0x5e361b6b5e437bbeL,
-        0x95c595018354e075L },
-      { 0xec725f85f2b254d9L,0x844b617d2cb52b4eL,0xed8554f5cf425fb5L,
-        0xab67703e2af9f312L } },
-    /* 30 << 154 */
-    { { 0x4cc34ec13cf48283L,0xb09daa259c8a705eL,0xd1e9d0d05b7d4f84L,
-        0x4df6ef64db38929dL },
-      { 0xe16b0763aa21ba46L,0xc6b1d178a293f8fbL,0x0ff5b602d520aabfL,
-        0x94d671bdc339397aL } },
-    /* 31 << 154 */
-    { { 0x7c7d98cf4f5792faL,0x7c5e0d6711215261L,0x9b19a631a7c5a6d4L,
-        0xc8511a627a45274dL },
-      { 0x0c16621ca5a60d99L,0xf7fbab88cf5e48cbL,0xab1e6ca2f7ddee08L,
-        0x83bd08cee7867f3cL } },
-    /* 32 << 154 */
-    { { 0xf7e48e8a2ac13e27L,0x4494f6df4eb1a9f5L,0xedbf84eb981f0a62L,
-        0x49badc32536438f0L },
-      { 0x50bea541004f7571L,0xbac67d10df1c94eeL,0x253d73a1b727bc31L,
-        0xb3d01cf230686e28L } },
-    /* 33 << 154 */
-    { { 0x51b77b1b55fd0b8bL,0xa099d183feec3173L,0x202b1fb7670e72b7L,
-        0xadc88b33a8e1635fL },
-      { 0x34e8216af989d905L,0xc2e68d2029b58d01L,0x11f81c926fe55a93L,
-        0x15f1462a8f296f40L } },
-    /* 34 << 154 */
-    { { 0x1915d375ea3d62f2L,0xa17765a301c8977dL,0x7559710ae47b26f6L,
-        0xe0bd29c8535077a5L },
-      { 0x615f976d08d84858L,0x370dfe8569ced5c1L,0xbbc7503ca734fa56L,
-        0xfbb9f1ec91ac4574L } },
-    /* 35 << 154 */
-    { { 0x95d7ec53060dd7efL,0xeef2dacd6e657979L,0x54511af3e2a08235L,
-        0x1e324aa41f4aea3dL },
-      { 0x550e7e71e6e67671L,0xbccd5190bf52faf7L,0xf880d316223cc62aL,
-        0x0d402c7e2b32eb5dL } },
-    /* 36 << 154 */
-    { { 0xa40bc039306a5a3bL,0x4e0a41fd96783a1bL,0xa1e8d39a0253cdd4L,
-        0x6480be26c7388638L },
-      { 0xee365e1d2285f382L,0x188d8d8fec0b5c36L,0x34ef1a481f0f4d82L,
-        0x1a8f43e1a487d29aL } },
-    /* 37 << 154 */
-    { { 0x8168226d77aefb3aL,0xf69a751e1e72c253L,0x8e04359ae9594df1L,
-        0x475ffd7dd14c0467L },
-      { 0xb5a2c2b13844e95cL,0x85caf647dd12ef94L,0x1ecd2a9ff1063d00L,
-        0x1dd2e22923843311L } },
-    /* 38 << 154 */
-    { { 0x38f0e09d73d17244L,0x3ede77468fc653f1L,0xae4459f5dc20e21cL,
-        0x00db2ffa6a8599eaL },
-      { 0x11682c3930cfd905L,0x4934d074a5c112a6L,0xbdf063c5568bfe95L,
-        0x779a440a016c441aL } },
-    /* 39 << 154 */
-    { { 0x0c23f21897d6fbdcL,0xd3a5cd87e0776aacL,0xcee37f72d712e8dbL,
-        0xfb28c70d26f74e8dL },
-      { 0xffe0c728b61301a0L,0xa6282168d3724354L,0x7ff4cb00768ffedcL,
-        0xc51b308803b02de9L } },
-    /* 40 << 154 */
-    { { 0xa5a8147c3902dda5L,0x35d2f706fe6973b4L,0x5ac2efcfc257457eL,
-        0x933f48d48700611bL },
-      { 0xc365af884912beb2L,0x7f5a4de6162edf94L,0xc646ba7c0c32f34bL,
-        0x632c6af3b2091074L } },
-    /* 41 << 154 */
-    { { 0x58d4f2e3753e43a9L,0x70e1d21724d4e23fL,0xb24bf729afede6a6L,
-        0x7f4a94d8710c8b60L },
-      { 0xaad90a968d4faa6aL,0xd9ed0b32b066b690L,0x52fcd37b78b6dbfdL,
-        0x0b64615e8bd2b431L } },
-    /* 42 << 154 */
-    { { 0x228e2048cfb9fad5L,0xbeaa386d240b76bdL,0x2d6681c890dad7bcL,
-        0x3e553fc306d38f5eL },
-      { 0xf27cdb9b9d5f9750L,0x3e85c52ad28c5b0eL,0x190795af5247c39bL,
-        0x547831ebbddd6828L } },
-    /* 43 << 154 */
-    { { 0xf327a2274a82f424L,0x36919c787e47f89dL,0xe478391943c7392cL,
-        0xf101b9aa2316fefeL },
-      { 0xbcdc9e9c1c5009d2L,0xfb55ea139cd18345L,0xf5b5e231a3ce77c7L,
-        0xde6b4527d2f2cb3dL } },
-    /* 44 << 154 */
-    { { 0x10f6a3339bb26f5fL,0x1e85db8e044d85b6L,0xc3697a0894197e54L,
-        0x65e18cc0a7cb4ea8L },
-      { 0xa38c4f50a471fe6eL,0xf031747a2f13439cL,0x53c4a6bac007318bL,
-        0xa8da3ee51deccb3dL } },
-    /* 45 << 154 */
-    { { 0x0555b31c558216b1L,0x90c7810c2f79e6c2L,0x9b669f4dfe8eed3cL,
-        0x70398ec8e0fac126L },
-      { 0xa96a449ef701b235L,0x0ceecdb3eb94f395L,0x285fc368d0cb7431L,
-        0x0d37bb5216a18c64L } },
-    /* 46 << 154 */
-    { { 0x05110d38b880d2ddL,0xa60f177b65930d57L,0x7da34a67f36235f5L,
-        0x47f5e17c183816b9L },
-      { 0xc7664b57db394af4L,0x39ba215d7036f789L,0x46d2ca0e2f27b472L,
-        0xc42647eef73a84b7L } },
-    /* 47 << 154 */
-    { { 0x44bc754564488f1dL,0xaa922708f4cf85d5L,0x721a01d553e4df63L,
-        0x649c0c515db46cedL },
-      { 0x6bf0d64e3cffcb6cL,0xe3bf93fe50f71d96L,0x75044558bcc194a0L,
-        0x16ae33726afdc554L } },
-    /* 48 << 154 */
-    { { 0xbfc01adf5ca48f3fL,0x64352f06e22a9b84L,0xcee54da1c1099e4aL,
-        0xbbda54e8fa1b89c0L },
-      { 0x166a3df56f6e55fbL,0x1ca44a2420176f88L,0x936afd88dfb7b5ffL,
-        0xe34c24378611d4a0L } },
-    /* 49 << 154 */
-    { { 0x7effbb7586142103L,0x6704ba1b1f34fc4dL,0x7c2a468f10c1b122L,
-        0x36b3a6108c6aace9L },
-      { 0xabfcc0a775a0d050L,0x066f91973ce33e32L,0xce905ef429fe09beL,
-        0x89ee25baa8376351L } },
-    /* 50 << 154 */
-    { { 0x2a3ede22fd29dc76L,0x7fd32ed936f17260L,0x0cadcf68284b4126L,
-        0x63422f08a7951fc8L },
-      { 0x562b24f40807e199L,0xfe9ce5d122ad4490L,0xc2f51b100db2b1b4L,
-        0xeb3613ffe4541d0dL } },
-    /* 51 << 154 */
-    { { 0xbd2c4a052680813bL,0x527aa55d561b08d6L,0xa9f8a40ea7205558L,
-        0xe3eea56f243d0becL },
-      { 0x7b853817a0ff58b3L,0xb67d3f651a69e627L,0x0b76bbb9a869b5d6L,
-        0xa3afeb82546723edL } },
-    /* 52 << 154 */
-    { { 0x5f24416d3e554892L,0x8413b53d430e2a45L,0x99c56aee9032a2a0L,
-        0x09432bf6eec367b1L },
-      { 0x552850c6daf0ecc1L,0x49ebce555bc92048L,0xdfb66ba654811307L,
-        0x1b84f7976f298597L } },
-    /* 53 << 154 */
-    { { 0x795904818d1d7a0dL,0xd9fabe033a6fa556L,0xa40f9c59ba9e5d35L,
-        0xcb1771c1f6247577L },
-      { 0x542a47cae9a6312bL,0xa34b3560552dd8c5L,0xfdf94de00d794716L,
-        0xd46124a99c623094L } },
-    /* 54 << 154 */
-    { { 0x56b7435d68afe8b4L,0x27f205406c0d8ea1L,0x12b77e1473186898L,
-        0xdbc3dd467479490fL },
-      { 0x951a9842c03b0c05L,0x8b1b3bb37921bc96L,0xa573b3462b202e0aL,
-        0x77e4665d47254d56L } },
-    /* 55 << 154 */
-    { { 0x08b70dfcd23e3984L,0xab86e8bcebd14236L,0xaa3e07f857114ba7L,
-        0x5ac71689ab0ef4f2L },
-      { 0x88fca3840139d9afL,0x72733f8876644af0L,0xf122f72a65d74f4aL,
-        0x13931577a5626c7aL } },
-    /* 56 << 154 */
-    { { 0xd5b5d9eb70f8d5a4L,0x375adde7d7bbb228L,0x31e88b860c1c0b32L,
-        0xd1f568c4173edbaaL },
-      { 0x1592fc835459df02L,0x2beac0fb0fcd9a7eL,0xb0a6fdb81b473b0aL,
-        0xe3224c6f0fe8fc48L } },
-    /* 57 << 154 */
-    { { 0x680bd00ee87edf5bL,0x30385f0220e77cf5L,0xe9ab98c04d42d1b2L,
-        0x72d191d2d3816d77L },
-      { 0x1564daca0917d9e5L,0x394eab591f8fed7fL,0xa209aa8d7fbb3896L,
-        0x5564f3b9be6ac98eL } },
-    /* 58 << 154 */
-    { { 0xead21d05d73654efL,0x68d1a9c413d78d74L,0x61e017086d4973a0L,
-        0x83da350046e6d32aL },
-      { 0x6a3dfca468ae0118L,0xa1b9a4c9d02da069L,0x0b2ff9c7ebab8302L,
-        0x98af07c3944ba436L } },
-    /* 59 << 154 */
-    { { 0x85997326995f0f9fL,0x467fade071b58bc6L,0x47e4495abd625a2bL,
-        0xfdd2d01d33c3b8cdL },
-      { 0x2c38ae28c693f9faL,0x48622329348f7999L,0x97bf738e2161f583L,
-        0x15ee2fa7565e8cc9L } },
-    /* 60 << 154 */
-    { { 0xa1a5c8455777e189L,0xcc10bee0456f2829L,0x8ad95c56da762bd5L,
-        0x152e2214e9d91da8L },
-      { 0x975b0e727cb23c74L,0xfd5d7670a90c66dfL,0xb5b5b8ad225ffc53L,
-        0xab6dff73faded2aeL } },
-    /* 61 << 154 */
-    { { 0xebd567816f4cbe9dL,0x0ed8b2496a574bd7L,0x41c246fe81a881faL,
-        0x91564805c3db9c70L },
-      { 0xd7c12b085b862809L,0x1facd1f155858d7bL,0x7693747caf09e92aL,
-        0x3b69dcba189a425fL } },
-    /* 62 << 154 */
-    { { 0x0be28e9f967365efL,0x57300eb2e801f5c9L,0x93b8ac6ad583352fL,
-        0xa2cf1f89cd05b2b7L },
-      { 0x7c0c9b744dcc40ccL,0xfee38c45ada523fbL,0xb49a4dec1099cc4dL,
-        0x325c377f69f069c6L } },
-    /* 63 << 154 */
-    { { 0xe12458ce476cc9ffL,0x580e0b6cc6d4cb63L,0xd561c8b79072289bL,
-        0x0377f264a619e6daL },
-      { 0x2668536288e591a5L,0xa453a7bd7523ca2bL,0x8a9536d2c1df4533L,
-        0xc8e50f2fbe972f79L } },
-    /* 64 << 154 */
-    { { 0xd433e50f6d3549cfL,0x6f33696ffacd665eL,0x695bfdacce11fcb4L,
-        0x810ee252af7c9860L },
-      { 0x65450fe17159bb2cL,0xf7dfbebe758b357bL,0x2b057e74d69fea72L,
-        0xd485717a92731745L } },
-    /* 0 << 161 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 161 */
-    { { 0x896c42e8ee36860cL,0xdaf04dfd4113c22dL,0x1adbb7b744104213L,
-        0xe5fd5fa11fd394eaL },
-      { 0x68235d941a4e0551L,0x6772cfbe18d10151L,0x276071e309984523L,
-        0xe4e879de5a56ba98L } },
-    /* 2 << 161 */
-    { { 0xaaafafb0285b9491L,0x01a0be881e4c705eL,0xff1d4f5d2ad9caabL,
-        0x6e349a4ac37a233fL },
-      { 0xcf1c12464a1c6a16L,0xd99e6b6629383260L,0xea3d43665f6d5471L,
-        0x36974d04ff8cc89bL } },
-    /* 3 << 161 */
-    { { 0xc26c49a1cfe89d80L,0xb42c026dda9c8371L,0xca6c013adad066d2L,
-        0xfb8f722856a4f3eeL },
-      { 0x08b579ecd850935bL,0x34c1a74cd631e1b3L,0xcb5fe596ac198534L,
-        0x39ff21f6e1f24f25L } },
-    /* 4 << 161 */
-    { { 0x27f29e148f929057L,0x7a64ae06c0c853dfL,0x256cd18358e9c5ceL,
-        0x9d9cce82ded092a5L },
-      { 0xcc6e59796e93b7c7L,0xe1e4709231bb9e27L,0xb70b3083aa9e29a0L,
-        0xbf181a753785e644L } },
-    /* 5 << 161 */
-    { { 0xf53f2c658ead09f7L,0x1335e1d59780d14dL,0x69cc20e0cd1b66bcL,
-        0x9b670a37bbe0bfc8L },
-      { 0xce53dc8128efbeedL,0x0c74e77c8326a6e5L,0x3604e0d2b88e9a63L,
-        0xbab38fca13dc2248L } },
-    /* 6 << 161 */
-    { { 0x8ed6e8c85c0a3f1eL,0xbcad24927c87c37fL,0xfdfb62bb9ee3b78dL,
-        0xeba8e477cbceba46L },
-      { 0x37d38cb0eeaede4bL,0x0bc498e87976deb6L,0xb2944c046b6147fbL,
-        0x8b123f35f71f9609L } },
-    /* 7 << 161 */
-    { { 0xa155dcc7de79dc24L,0xf1168a32558f69cdL,0xbac215950d1850dfL,
-        0x15c8295bb204c848L },
-      { 0xf661aa367d8184ffL,0xc396228e30447bdbL,0x11cd5143bde4a59eL,
-        0xe3a26e3b6beab5e6L } },
-    /* 8 << 161 */
-    { { 0xd3b3a13f1402b9d0L,0x573441c32c7bc863L,0x4b301ec4578c3e6eL,
-        0xc26fc9c40adaf57eL },
-      { 0x96e71bfd7493cea3L,0xd05d4b3f1af81456L,0xdaca2a8a6a8c608fL,
-        0x53ef07f60725b276L } },
-    /* 9 << 161 */
-    { { 0x07a5fbd27824fc56L,0x3467521813289077L,0x5bf69fd5e0c48349L,
-        0xa613ddd3b6aa7875L },
-      { 0x7f78c19c5450d866L,0x46f4409c8f84a481L,0x9f1d192890fce239L,
-        0x016c4168b2ce44b9L } },
-    /* 10 << 161 */
-    { { 0xbae023f0c7435978L,0xb152c88820e30e19L,0x9c241645e3fa6fafL,
-        0x735d95c184823e60L },
-      { 0x0319757303955317L,0x0b4b02a9f03b4995L,0x076bf55970274600L,
-        0x32c5cc53aaf57508L } },
-    /* 11 << 161 */
-    { { 0xe8af6d1f60624129L,0xb7bc5d649a5e2b5eL,0x3814b0485f082d72L,
-        0x76f267f2ce19677aL },
-      { 0x626c630fb36eed93L,0x55230cd73bf56803L,0x78837949ce2736a0L,
-        0x0d792d60aa6c55f1L } },
-    /* 12 << 161 */
-    { { 0x0318dbfdd5c7c5d2L,0xb38f8da7072b342dL,0x3569bddc7b8de38aL,
-        0xf25b5887a1c94842L },
-      { 0xb2d5b2842946ad60L,0x854f29ade9d1707eL,0xaa5159dc2c6a4509L,
-        0x899f94c057189837L } },
-    /* 13 << 161 */
-    { { 0xcf6adc51f4a55b03L,0x261762de35e3b2d5L,0x4cc4301204827b51L,
-        0xcd22a113c6021442L },
-      { 0xce2fd61a247c9569L,0x59a50973d152becaL,0x6c835a1163a716d4L,
-        0xc26455ed187dedcfL } },
-    /* 14 << 161 */
-    { { 0x27f536e049ce89e7L,0x18908539cc890cb5L,0x308909abd83c2aa1L,
-        0xecd3142b1ab73bd3L },
-      { 0x6a85bf59b3f5ab84L,0x3c320a68f2bea4c6L,0xad8dc5386da4541fL,
-        0xeaf34eb0b7c41186L } },
-    /* 15 << 161 */
-    { { 0x1c780129977c97c4L,0x5ff9beebc57eb9faL,0xa24d0524c822c478L,
-        0xfd8eec2a461cd415L },
-      { 0xfbde194ef027458cL,0xb4ff53191d1be115L,0x63f874d94866d6f4L,
-        0x35c75015b21ad0c9L } },
-    /* 16 << 161 */
-    { { 0xa6b5c9d646ac49d2L,0x42c77c0b83137aa9L,0x24d000fc68225a38L,
-        0x0f63cfc82fe1e907L },
-      { 0x22d1b01bc6441f95L,0x7d38f719ec8e448fL,0x9b33fa5f787fb1baL,
-        0x94dcfda1190158dfL } },
-    /* 17 << 161 */
-    { { 0xc47cb3395f6d4a09L,0x6b4f355cee52b826L,0x3d100f5df51b930aL,
-        0xf4512fac9f668f69L },
-      { 0x546781d5206c4c74L,0xd021d4d4cb4d2e48L,0x494a54c2ca085c2dL,
-        0xf1dbaca4520850a8L } },
-    /* 18 << 161 */
-    { { 0x63c79326490a1acaL,0xcb64dd9c41526b02L,0xbb772591a2979258L,
-        0x3f58297048d97846L },
-      { 0xd66b70d17c213ba7L,0xc28febb5e8a0ced4L,0x6b911831c10338c1L,
-        0x0d54e389bf0126f3L } },
-    /* 19 << 161 */
-    { { 0x7048d4604af206eeL,0x786c88f677e97cb9L,0xd4375ae1ac64802eL,
-        0x469bcfe1d53ec11cL },
-      { 0xfc9b340d47062230L,0xe743bb57c5b4a3acL,0xfe00b4aa59ef45acL,
-        0x29a4ef2359edf188L } },
-    /* 20 << 161 */
-    { { 0x40242efeb483689bL,0x2575d3f6513ac262L,0xf30037c80ca6db72L,
-        0xc9fcce8298864be2L },
-      { 0x84a112ff0149362dL,0x95e575821c4ae971L,0x1fa4b1a8945cf86cL,
-        0x4525a7340b024a2fL } },
-    /* 21 << 161 */
-    { { 0xe76c8b628f338360L,0x483ff59328edf32bL,0x67e8e90a298b1aecL,
-        0x9caab338736d9a21L },
-      { 0x5c09d2fd66892709L,0x2496b4dcb55a1d41L,0x93f5fb1ae24a4394L,
-        0x08c750496fa8f6c1L } },
-    /* 22 << 161 */
-    { { 0xcaead1c2c905d85fL,0xe9d7f7900733ae57L,0x24c9a65cf07cdd94L,
-        0x7389359ca4b55931L },
-      { 0xf58709b7367e45f7L,0x1f203067cb7e7adcL,0x82444bffc7b72818L,
-        0x07303b35baac8033L } },
-    /* 23 << 161 */
-    { { 0x1e1ee4e4d13b7ea1L,0xe6489b24e0e74180L,0xa5f2c6107e70ef70L,
-        0xa1655412bdd10894L },
-      { 0x555ebefb7af4194eL,0x533c1c3c8e89bd9cL,0x735b9b5789895856L,
-        0x15fb3cd2567f5c15L } },
-    /* 24 << 161 */
-    { { 0x057fed45526f09fdL,0xe8a4f10c8128240aL,0x9332efc4ff2bfd8dL,
-        0x214e77a0bd35aa31L },
-      { 0x32896d7314faa40eL,0x767867ec01e5f186L,0xc9adf8f117a1813eL,
-        0xcb6cda7854741795L } },
-    /* 25 << 161 */
-    { { 0xb7521b6d349d51aaL,0xf56b5a9ee3c7b8e9L,0xc6f1e5c932a096dfL,
-        0x083667c4a3635024L },
-      { 0x365ea13518087f2fL,0xf1b8eaacd136e45dL,0xc8a0e48473aec989L,
-        0xd75a324b142c9259L } },
-    /* 26 << 161 */
-    { { 0xb7b4d00101dae185L,0x45434e0b9b7a94bcL,0xf54339affbd8cb0bL,
-        0xdcc4569ee98ef49eL },
-      { 0x7789318a09a51299L,0x81b4d206b2b025d8L,0xf64aa418fae85792L,
-        0x3e50258facd7baf7L } },
-    /* 27 << 161 */
-    { { 0xdce84cdb2996864bL,0xa2e670891f485fa4L,0xb28b2bb6534c6a5aL,
-        0x31a7ec6bc94b9d39L },
-      { 0x1d217766d6bc20daL,0x4acdb5ec86761190L,0x6872632873701063L,
-        0x4d24ee7c2128c29bL } },
-    /* 28 << 161 */
-    { { 0xc072ebd3a19fd868L,0x612e481cdb8ddd3bL,0xb4e1d7541a64d852L,
-        0x00ef95acc4c6c4abL },
-      { 0x1536d2edaa0a6c46L,0x6129408643774790L,0x54af25e8343fda10L,
-        0x9ff9d98dfd25d6f2L } },
-    /* 29 << 161 */
-    { { 0x0746af7c468b8835L,0x977a31cb730ecea7L,0xa5096b80c2cf4a81L,
-        0xaa9868336458c37aL },
-      { 0x6af29bf3a6bd9d34L,0x6a62fe9b33c5d854L,0x50e6c304b7133b5eL,
-        0x04b601597d6e6848L } },
-    /* 30 << 161 */
-    { { 0x4cd296df5579bea4L,0x10e35ac85ceedaf1L,0x04c4c5fde3bcc5b1L,
-        0x95f9ee8a89412cf9L },
-      { 0x2c9459ee82b6eb0fL,0x2e84576595c2aaddL,0x774a84aed327fcfeL,
-        0xd8c937220368d476L } },
-    /* 31 << 161 */
-    { { 0x0dbd5748f83e8a3bL,0xa579aa968d2495f3L,0x535996a0ae496e9bL,
-        0x07afbfe9b7f9bcc2L },
-      { 0x3ac1dc6d5b7bd293L,0x3b592cff7022323dL,0xba0deb989c0a3e76L,
-        0x18e78e9f4b197acbL } },
-    /* 32 << 161 */
-    { { 0x211cde10296c36efL,0x7ee8967282c4da77L,0xb617d270a57836daL,
-        0xf0cd9c319cb7560bL },
-      { 0x01fdcbf7e455fe90L,0x3fb53cbb7e7334f3L,0x781e2ea44e7de4ecL,
-        0x8adab3ad0b384fd0L } },
-    /* 33 << 161 */
-    { { 0x129eee2f53d64829L,0x7a471e17a261492bL,0xe4f9adb9e4cb4a2cL,
-        0x3d359f6f97ba2c2dL },
-      { 0x346c67860aacd697L,0x92b444c375c2f8a8L,0xc79fa117d85df44eL,
-        0x56782372398ddf31L } },
-    /* 34 << 161 */
-    { { 0x60e690f2bbbab3b8L,0x4851f8ae8b04816bL,0xc72046ab9c92e4d2L,
-        0x518c74a17cf3136bL },
-      { 0xff4eb50af9877d4cL,0x14578d90a919cabbL,0x8218f8c4ac5eb2b6L,
-        0xa3ccc547542016e4L } },
-    /* 35 << 161 */
-    { { 0x025bf48e327f8349L,0xf3e97346f43cb641L,0xdc2bafdf500f1085L,
-        0x571678762f063055L },
-      { 0x5bd914b9411925a6L,0x7c078d48a1123de5L,0xee6bf835182b165dL,
-        0xb11b5e5bba519727L } },
-    /* 36 << 161 */
-    { { 0xe33ea76c1eea7b85L,0x2352b46192d4f85eL,0xf101d334afe115bbL,
-        0xfabc1294889175a3L },
-      { 0x7f6bcdc05233f925L,0xe0a802dbe77fec55L,0xbdb47b758069b659L,
-        0x1c5e12def98fbd74L } },
-    /* 37 << 161 */
-    { { 0x869c58c64b8457eeL,0xa5360f694f7ea9f7L,0xe576c09ff460b38fL,
-        0x6b70d54822b7fb36L },
-      { 0x3fd237f13bfae315L,0x33797852cbdff369L,0x97df25f525b516f9L,
-        0x46f388f2ba38ad2dL } },
-    /* 38 << 161 */
-    { { 0x656c465889d8ddbbL,0x8830b26e70f38ee8L,0x4320fd5cde1212b0L,
-        0xc34f30cfe4a2edb2L },
-      { 0xabb131a356ab64b8L,0x7f77f0ccd99c5d26L,0x66856a37bf981d94L,
-        0x19e76d09738bd76eL } },
-    /* 39 << 161 */
-    { { 0xe76c8ac396238f39L,0xc0a482bea830b366L,0xb7b8eaff0b4eb499L,
-        0x8ecd83bc4bfb4865L },
-      { 0x971b2cb7a2f3776fL,0xb42176a4f4b88adfL,0xb9617df5be1fa446L,
-        0x8b32d508cd031bd2L } },
-    /* 40 << 161 */
-    { { 0x1c6bd47d53b618c0L,0xc424f46c6a227923L,0x7303ffdedd92d964L,
-        0xe971287871b5abf2L },
-      { 0x8f48a632f815561dL,0x85f48ff5d3c055d1L,0x222a14277525684fL,
-        0xd0d841a067360cc3L } },
-    /* 41 << 161 */
-    { { 0x4245a9260b9267c6L,0xc78913f1cf07f863L,0xaa844c8e4d0d9e24L,
-        0xa42ad5223d5f9017L },
-      { 0xbd371749a2c989d5L,0x928292dfe1f5e78eL,0x493b383e0a1ea6daL,
-        0x5136fd8d13aee529L } },
-    /* 42 << 161 */
-    { { 0x860c44b1f2c34a99L,0x3b00aca4bf5855acL,0xabf6aaa0faaf37beL,
-        0x65f436822a53ec08L },
-      { 0x1d9a5801a11b12e1L,0x78a7ab2ce20ed475L,0x0de1067e9a41e0d5L,
-        0x30473f5f305023eaL } },
-    /* 43 << 161 */
-    { { 0xdd3ae09d169c7d97L,0x5cd5baa4cfaef9cdL,0x5cd7440b65a44803L,
-        0xdc13966a47f364deL },
-      { 0x077b2be82b8357c1L,0x0cb1b4c5e9d57c2aL,0x7a4ceb3205ff363eL,
-        0xf310fa4dca35a9efL } },
-    /* 44 << 161 */
-    { { 0xdbb7b352f97f68c6L,0x0c773b500b02cf58L,0xea2e48213c1f96d9L,
-        0xffb357b0eee01815L },
-      { 0xb9c924cde0f28039L,0x0b36c95a46a3fbe4L,0x1faaaea45e46db6cL,
-        0xcae575c31928aaffL } },
-    /* 45 << 161 */
-    { { 0x7f671302a70dab86L,0xfcbd12a971c58cfcL,0xcbef9acfbee0cb92L,
-        0x573da0b9f8c1b583L },
-      { 0x4752fcfe0d41d550L,0xe7eec0e32155cffeL,0x0fc39fcb545ae248L,
-        0x522cb8d18065f44eL } },
-    /* 46 << 161 */
-    { { 0x263c962a70cbb96cL,0xe034362abcd124a9L,0xf120db283c2ae58dL,
-        0xb9a38d49fef6d507L },
-      { 0xb1fd2a821ff140fdL,0xbd162f3020aee7e0L,0x4e17a5d4cb251949L,
-        0x2aebcb834f7e1c3dL } },
-    /* 47 << 161 */
-    { { 0x608eb25f937b0527L,0xf42e1e47eb7d9997L,0xeba699c4b8a53a29L,
-        0x1f921c71e091b536L },
-      { 0xcce29e7b5b26bbd5L,0x7a8ef5ed3b61a680L,0xe5ef8043ba1f1c7eL,
-        0x16ea821718158ddaL } },
-    /* 48 << 161 */
-    { { 0x01778a2b599ff0f9L,0x68a923d78104fc6bL,0x5bfa44dfda694ff3L,
-        0x4f7199dbf7667f12L },
-      { 0xc06d8ff6e46f2a79L,0x08b5deade9f8131dL,0x02519a59abb4ce7cL,
-        0xc4f710bcb42aec3eL } },
-    /* 49 << 161 */
-    { { 0x3d77b05778bde41aL,0x6474bf80b4186b5aL,0x048b3f6788c65741L,
-        0xc64519de03c7c154L },
-      { 0xdf0738460edfcc4fL,0x319aa73748f1aa6bL,0x8b9f8a02ca909f77L,
-        0x902581397580bfefL } },
-    /* 50 << 161 */
-    { { 0xd8bfd3cac0c22719L,0xc60209e4c9ca151eL,0x7a744ab5d9a1a69cL,
-        0x6de5048b14937f8fL },
-      { 0x171938d8e115ac04L,0x7df709401c6b16d2L,0xa6aeb6637f8e94e7L,
-        0xc130388e2a2cf094L } },
-    /* 51 << 161 */
-    { { 0x1850be8477f54e6eL,0x9f258a7265d60fe5L,0xff7ff0c06c9146d6L,
-        0x039aaf90e63a830bL },
-      { 0x38f27a739460342fL,0x4703148c3f795f8aL,0x1bb5467b9681a97eL,
-        0x00931ba5ecaeb594L } },
-    /* 52 << 161 */
-    { { 0xcdb6719d786f337cL,0xd9c01cd2e704397dL,0x0f4a3f20555c2fefL,
-        0x004525097c0af223L },
-      { 0x54a5804784db8e76L,0x3bacf1aa93c8aa06L,0x11ca957cf7919422L,
-        0x5064105378cdaa40L } },
-    /* 53 << 161 */
-    { { 0x7a3038749f7144aeL,0x170c963f43d4acfdL,0x5e14814958ddd3efL,
-        0xa7bde5829e72dba8L },
-      { 0x0769da8b6fa68750L,0xfa64e532572e0249L,0xfcaadf9d2619ad31L,
-        0x87882daaa7b349cdL } },
-    /* 54 << 161 */
-    { { 0x9f6eb7316c67a775L,0xcb10471aefc5d0b1L,0xb433750ce1b806b2L,
-        0x19c5714d57b1ae7eL },
-      { 0xc0dc8b7bed03fd3fL,0xdd03344f31bc194eL,0xa66c52a78c6320b5L,
-        0x8bc82ce3d0b6fd93L } },
-    /* 55 << 161 */
-    { { 0xf8e13501b35f1341L,0xe53156dd25a43e42L,0xd3adf27e4daeb85cL,
-        0xb81d8379bbeddeb5L },
-      { 0x1b0b546e2e435867L,0x9020eb94eba5dd60L,0x37d911618210cb9dL,
-        0x4c596b315c91f1cfL } },
-    /* 56 << 161 */
-    { { 0xb228a90f0e0b040dL,0xbaf02d8245ff897fL,0x2aac79e600fa6122L,
-        0x248288178e36f557L },
-      { 0xb9521d31113ec356L,0x9e48861e15eff1f8L,0x2aa1d412e0d41715L,
-        0x71f8620353f131b8L } },
-    /* 57 << 161 */
-    { { 0xf60da8da3fd19408L,0x4aa716dc278d9d99L,0x394531f7a8c51c90L,
-        0xb560b0e8f59db51cL },
-      { 0xa28fc992fa34bdadL,0xf024fa149cd4f8bdL,0x5cf530f723a9d0d3L,
-        0x615ca193e28c9b56L } },
-    /* 58 << 161 */
-    { { 0x6d2a483d6f73c51eL,0xa4cb2412ea0dc2ddL,0x50663c411eb917ffL,
-        0x3d3a74cfeade299eL },
-      { 0x29b3990f4a7a9202L,0xa9bccf59a7b15c3dL,0x66a3ccdca5df9208L,
-        0x48027c1443f2f929L } },
-    /* 59 << 161 */
-    { { 0xd385377c40b557f0L,0xe001c366cd684660L,0x1b18ed6be2183a27L,
-        0x879738d863210329L },
-      { 0xa687c74bbda94882L,0xd1bbcc48a684b299L,0xaf6f1112863b3724L,
-        0x6943d1b42c8ce9f8L } },
-    /* 60 << 161 */
-    { { 0xe044a3bb098cafb4L,0x27ed231060d48cafL,0x542b56753a31b84dL,
-        0xcbf3dd50fcddbed7L },
-      { 0x25031f1641b1d830L,0xa7ec851dcb0c1e27L,0xac1c8fe0b5ae75dbL,
-        0xb24c755708c52120L } },
-    /* 61 << 161 */
-    { { 0x57f811dc1d4636c3L,0xf8436526681a9939L,0x1f6bc6d99c81adb3L,
-        0x840f8ac35b7d80d4L },
-      { 0x731a9811f4387f1aL,0x7c501cd3b5156880L,0xa5ca4a07dfe68867L,
-        0xf123d8f05fcea120L } },
-    /* 62 << 161 */
-    { { 0x1fbb0e71d607039eL,0x2b70e215cd3a4546L,0x32d2f01d53324091L,
-        0xb796ff08180ab19bL },
-      { 0x32d87a863c57c4aaL,0x2aed9cafb7c49a27L,0x9fb35eac31630d98L,
-        0x338e8cdf5c3e20a3L } },
-    /* 63 << 161 */
-    { { 0x80f1618266cde8dbL,0x4e1599802d72fd36L,0xd7b8f13b9b6e5072L,
-        0xf52139073b7b5dc1L },
-      { 0x4d431f1d8ce4396eL,0x37a1a680a7ed2142L,0xbf375696d01aaf6bL,
-        0xaa1c0c54e63aab66L } },
-    /* 64 << 161 */
-    { { 0x3014368b4ed80940L,0x67e6d0567a6fceddL,0x7c208c49ca97579fL,
-        0xfe3d7a81a23597f6L },
-      { 0x5e2032027e096ae2L,0xb1f3e1e724b39366L,0x26da26f32fdcdffcL,
-        0x79422f1d6097be83L } },
-    /* 0 << 168 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 168 */
-    { { 0x263a2cfb9db3b381L,0x9c3a2deed4df0a4bL,0x728d06e97d04e61fL,
-        0x8b1adfbc42449325L },
-      { 0x6ec1d9397e053a1bL,0xee2be5c766daf707L,0x80ba1e14810ac7abL,
-        0xdd2ae778f530f174L } },
-    /* 2 << 168 */
-    { { 0x0435d97a205b9d8bL,0x6eb8f064056756d4L,0xd5e88a8bb6f8210eL,
-        0x070ef12dec9fd9eaL },
-      { 0x4d8495053bcc876aL,0x12a75338a7404ce3L,0xd22b49e1b8a1db5eL,
-        0xec1f205114bfa5adL } },
-    /* 3 << 168 */
-    { { 0xadbaeb79b6828f36L,0x9d7a025801bd5b9eL,0xeda01e0d1e844b0cL,
-        0x4b625175887edfc9L },
-      { 0x14109fdd9669b621L,0x88a2ca56f6f87b98L,0xfe2eb788170df6bcL,
-        0x0cea06f4ffa473f9L } },
-    /* 4 << 168 */
-    { { 0x43ed81b5c4e83d33L,0xd9f358795efd488bL,0x164a620f9deb4d0fL,
-        0xc6927bdbac6a7394L },
-      { 0x45c28df79f9e0f03L,0x2868661efcd7e1a9L,0x7cf4e8d0ffa348f1L,
-        0x6bd4c284398538e0L } },
-    /* 5 << 168 */
-    { { 0x2618a091289a8619L,0xef796e606671b173L,0x664e46e59090c632L,
-        0xa38062d41e66f8fbL },
-      { 0x6c744a200573274eL,0xd07b67e4a9271394L,0x391223b26bdc0e20L,
-        0xbe2d93f1eb0a05a7L } },
-    /* 6 << 168 */
-    { { 0xf23e2e533f36d141L,0xe84bb3d44dfca442L,0xb804a48d6b7c023aL,
-        0x1e16a8fa76431c3bL },
-      { 0x1b5452adddd472e0L,0x7d405ee70d1ee127L,0x50fc6f1dffa27599L,
-        0x351ac53cbf391b35L } },
-    /* 7 << 168 */
-    { { 0x7efa14b84444896bL,0x64974d2ff94027fbL,0xefdcd0e8de84487dL,
-        0x8c45b2602b48989bL },
-      { 0xa8fcbbc2d8463487L,0xd1b2b3f73fbc476cL,0x21d005b7c8f443c0L,
-        0x518f2e6740c0139cL } },
-    /* 8 << 168 */
-    { { 0x56036e8c06d75fc1L,0x2dcf7bb73249a89fL,0x81dd1d3de245e7ddL,
-        0xf578dc4bebd6e2a7L },
-      { 0x4c028903df2ce7a0L,0xaee362889c39afacL,0xdc847c31146404abL,
-        0x6304c0d8a4e97818L } },
-    /* 9 << 168 */
-    { { 0xae51dca2a91f6791L,0x2abe41909baa9efcL,0xd9d2e2f4559c7ac1L,
-        0xe82f4b51fc9f773aL },
-      { 0xa77130274073e81cL,0xc0276facfbb596fcL,0x1d819fc9a684f70cL,
-        0x29b47fddc9f7b1e0L } },
-    /* 10 << 168 */
-    { { 0x358de103459b1940L,0xec881c595b013e93L,0x51574c9349532ad3L,
-        0x2db1d445b37b46deL },
-      { 0xc6445b87df239fd8L,0xc718af75151d24eeL,0xaea1c4a4f43c6259L,
-        0x40c0e5d770be02f7L } },
-    /* 11 << 168 */
-    { { 0x6a4590f4721b33f2L,0x2124f1fbfedf04eaL,0xf8e53cde9745efe7L,
-        0xe7e1043265f046d9L },
-      { 0xc3fca28ee4d0c7e6L,0x847e339a87253b1bL,0x9b5953483743e643L,
-        0xcb6a0a0b4fd12fc5L } },
-    /* 12 << 168 */
-    { { 0xfb6836c327d02dccL,0x5ad009827a68bcc2L,0x1b24b44c005e912dL,
-        0xcc83d20f811fdcfeL },
-      { 0x36527ec1666fba0cL,0x6994819714754635L,0xfcdcb1a8556da9c2L,
-        0xa593426781a732b2L } },
-    /* 13 << 168 */
-    { { 0xec1214eda714181dL,0x609ac13b6067b341L,0xff4b4c97a545df1fL,
-        0xa124050134d2076bL },
-      { 0x6efa0c231409ca97L,0x254cc1a820638c43L,0xd4e363afdcfb46cdL,
-        0x62c2adc303942a27L } },
-    /* 14 << 168 */
-    { { 0xc67b9df056e46483L,0xa55abb2063736356L,0xab93c098c551bc52L,
-        0x382b49f9b15fe64bL },
-      { 0x9ec221ad4dff8d47L,0x79caf615437df4d6L,0x5f13dc64bb456509L,
-        0xe4c589d9191f0714L } },
-    /* 15 << 168 */
-    { { 0x27b6a8ab3fd40e09L,0xe455842e77313ea9L,0x8b51d1e21f55988bL,
-        0x5716dd73062bbbfcL },
-      { 0x633c11e54e8bf3deL,0x9a0e77b61b85be3bL,0x565107290911cca6L,
-        0x27e76495efa6590fL } },
-    /* 16 << 168 */
-    { { 0xe4ac8b33070d3aabL,0x2643672b9a2cd5e5L,0x52eff79b1cfc9173L,
-        0x665ca49b90a7c13fL },
-      { 0x5a8dda59b3efb998L,0x8a5b922d052f1341L,0xae9ebbab3cf9a530L,
-        0x35986e7bf56da4d7L } },
-    /* 17 << 168 */
-    { { 0x3a636b5cff3513ccL,0xbb0cf8ba3198f7ddL,0xb8d4052241f16f86L,
-        0x760575d8de13a7bfL },
-      { 0x36f74e169f7aa181L,0x163a3ecff509ed1cL,0x6aead61f3c40a491L,
-        0x158c95fcdfe8fcaaL } },
-    /* 18 << 168 */
-    { { 0xa3991b6e13cda46fL,0x79482415342faed0L,0xf3ba5bde666b5970L,
-        0x1d52e6bcb26ab6ddL },
-      { 0x768ba1e78608dd3dL,0x4930db2aea076586L,0xd9575714e7dc1afaL,
-        0x1fc7bf7df7c58817L } },
-    /* 19 << 168 */
-    { { 0x6b47accdd9eee96cL,0x0ca277fbe58cec37L,0x113fe413e702c42aL,
-        0xdd1764eec47cbe51L },
-      { 0x041e7cde7b3ed739L,0x50cb74595ce9e1c0L,0x355685132925b212L,
-        0x7cff95c4001b081cL } },
-    /* 20 << 168 */
-    { { 0x63ee4cbd8088b454L,0xdb7f32f79a9e0c8aL,0xb377d4186b2447cbL,
-        0xe3e982aad370219bL },
-      { 0x06ccc1e4c2a2a593L,0x72c368650773f24fL,0xa13b4da795859423L,
-        0x8bbf1d3375040c8fL } },
-    /* 21 << 168 */
-    { { 0x726f0973da50c991L,0x48afcd5b822d6ee2L,0xe5fc718b20fd7771L,
-        0xb9e8e77dfd0807a1L },
-      { 0x7f5e0f4499a7703dL,0x6972930e618e36f3L,0x2b7c77b823807bbeL,
-        0xe5b82405cb27ff50L } },
-    /* 22 << 168 */
-    { { 0xba8b8be3bd379062L,0xd64b7a1d2dce4a92L,0x040a73c5b2952e37L,
-        0x0a9e252ed438aecaL },
-      { 0xdd43956bc39d3bcbL,0x1a31ca00b32b2d63L,0xd67133b85c417a18L,
-        0xd08e47902ef442c8L } },
-    /* 23 << 168 */
-    { { 0x98cb1ae9255c0980L,0x4bd863812b4a739fL,0x5a5c31e11e4a45a1L,
-        0x1e5d55fe9cb0db2fL },
-      { 0x74661b068ff5cc29L,0x026b389f0eb8a4f4L,0x536b21a458848c24L,
-        0x2e5bf8ec81dc72b0L } },
-    /* 24 << 168 */
-    { { 0x03c187d0ad886aacL,0x5c16878ab771b645L,0xb07dfc6fc74045abL,
-        0x2c6360bf7800caedL },
-      { 0x24295bb5b9c972a3L,0xc9e6f88e7c9a6dbaL,0x90ffbf2492a79aa6L,
-        0xde29d50a41c26ac2L } },
-    /* 25 << 168 */
-    { { 0x9f0af483d309cbe6L,0x5b020d8ae0bced4fL,0x606e986db38023e3L,
-        0xad8f2c9d1abc6933L },
-      { 0x19292e1de7400e93L,0xfe3e18a952be5e4dL,0xe8e9771d2e0680bfL,
-        0x8c5bec98c54db063L } },
-    /* 26 << 168 */
-    { { 0x2af9662a74a55d1fL,0xe3fbf28f046f66d8L,0xa3a72ab4d4dc4794L,
-        0x09779f455c7c2dd8L },
-      { 0xd893bdafc3d19d8dL,0xd5a7509457d6a6dfL,0x8cf8fef9952e6255L,
-        0x3da67cfbda9a8affL } },
-    /* 27 << 168 */
-    { { 0x4c23f62a2c160dcdL,0x34e6c5e38f90eaefL,0x35865519a9a65d5aL,
-        0x07c48aae8fd38a3dL },
-      { 0xb7e7aeda50068527L,0x2c09ef231c90936aL,0x31ecfeb6e879324cL,
-        0xa0871f6bfb0ec938L } },
-    /* 28 << 168 */
-    { { 0xb1f0fb68d84d835dL,0xc90caf39861dc1e6L,0x12e5b0467594f8d7L,
-        0x26897ae265012b92L },
-      { 0xbcf68a08a4d6755dL,0x403ee41c0991fbdaL,0x733e343e3bbf17e8L,
-        0xd2c7980d679b3d65L } },
-    /* 29 << 168 */
-    { { 0x33056232d2e11305L,0x966be492f3c07a6fL,0x6a8878ffbb15509dL,
-        0xff2211010a9b59a4L },
-      { 0x6c9f564aabe30129L,0xc6f2c940336e64cfL,0x0fe752628b0c8022L,
-        0xbe0267e96ae8db87L } },
-    /* 30 << 168 */
-    { { 0x22e192f193bc042bL,0xf085b534b237c458L,0xa0d192bd832c4168L,
-        0x7a76e9e3bdf6271dL },
-      { 0x52a882fab88911b5L,0xc85345e4b4db0eb5L,0xa3be02a681a7c3ffL,
-        0x51889c8cf0ec0469L } },
-    /* 31 << 168 */
-    { { 0x9d031369a5e829e5L,0xcbb4c6fc1607aa41L,0x75ac59a6241d84c1L,
-        0xc043f2bf8829e0eeL },
-      { 0x82a38f758ea5e185L,0x8bda40b9d87cbd9fL,0x9e65e75e2d8fc601L,
-        0x3d515f74a35690b3L } },
-    /* 32 << 168 */
-    { { 0x534acf4fda79e5acL,0x68b83b3a8630215fL,0x5c748b2ed085756eL,
-        0xb0317258e5d37cb2L },
-      { 0x6735841ac5ccc2c4L,0x7d7dc96b3d9d5069L,0xa147e410fd1754bdL,
-        0x65296e94d399ddd5L } },
-    /* 33 << 168 */
-    { { 0xf6b5b2d0bc8fa5bcL,0x8a5ead67500c277bL,0x214625e6dfa08a5dL,
-        0x51fdfedc959cf047L },
-      { 0x6bc9430b289fca32L,0xe36ff0cf9d9bdc3fL,0x2fe187cb58ea0edeL,
-        0xed66af205a900b3fL } },
-    /* 34 << 168 */
-    { { 0x00e0968b5fa9f4d6L,0x2d4066ce37a362e7L,0xa99a9748bd07e772L,
-        0x710989c006a4f1d0L },
-      { 0xd5dedf35ce40cbd8L,0xab55c5f01743293dL,0x766f11448aa24e2cL,
-        0x94d874f8605fbcb4L } },
-    /* 35 << 168 */
-    { { 0xa365f0e8a518001bL,0xee605eb69d04ef0fL,0x5a3915cdba8d4d25L,
-        0x44c0e1b8b5113472L },
-      { 0xcbb024e88b6740dcL,0x89087a53ee1d4f0cL,0xa88fa05c1fc4e372L,
-        0x8bf395cbaf8b3af2L } },
-    /* 36 << 168 */
-    { { 0x1e71c9a1deb8568bL,0xa35daea080fb3d32L,0xe8b6f2662cf8fb81L,
-        0x6d51afe89490696aL },
-      { 0x81beac6e51803a19L,0xe3d24b7f86219080L,0x727cfd9ddf6f463cL,
-        0x8c6865ca72284ee8L } },
-    /* 37 << 168 */
-    { { 0x32c88b7db743f4efL,0x3793909be7d11dceL,0xd398f9222ff2ebe8L,
-        0x2c70ca44e5e49796L },
-      { 0xdf4d9929cb1131b1L,0x7826f29825888e79L,0x4d3a112cf1d8740aL,
-        0x00384cb6270afa8bL } },
-    /* 38 << 168 */
-    { { 0xcb64125b3ab48095L,0x3451c25662d05106L,0xd73d577da4955845L,
-        0x39570c16bf9f4433L },
-      { 0xd7dfaad3adecf263L,0xf1c3d8d1dc76e102L,0x5e774a5854c6a836L,
-        0xdad4b6723e92d47bL } },
-    /* 39 << 168 */
-    { { 0xbe7e990ff0d796a0L,0x5fc62478df0e8b02L,0x8aae8bf4030c00adL,
-        0x3d2db93b9004ba0fL },
-      { 0xe48c8a79d85d5ddcL,0xe907caa76bb07f34L,0x58db343aa39eaed5L,
-        0x0ea6e007adaf5724L } },
-    /* 40 << 168 */
-    { { 0xe00df169d23233f3L,0x3e32279677cb637fL,0x1f897c0e1da0cf6cL,
-        0xa651f5d831d6bbddL },
-      { 0xdd61af191a230c76L,0xbd527272cdaa5e4aL,0xca753636d0abcd7eL,
-        0x78bdd37c370bd8dcL } },
-    /* 41 << 168 */
-    { { 0xc23916c217cd93feL,0x65b97a4ddadce6e2L,0xe04ed4eb174e42f8L,
-        0x1491ccaabb21480aL },
-      { 0x145a828023196332L,0x3c3862d7587b479aL,0x9f4a88a301dcd0edL,
-        0x4da2b7ef3ea12f1fL } },
-    /* 42 << 168 */
-    { { 0xf8e7ae33b126e48eL,0x404a0b32f494e237L,0x9beac474c55acadbL,
-        0x4ee5cf3bcbec9fd9L },
-      { 0x336b33b97df3c8c3L,0xbd905fe3b76808fdL,0x8f436981aa45c16aL,
-        0x255c5bfa3dd27b62L } },
-    /* 43 << 168 */
-    { { 0x71965cbfc3dd9b4dL,0xce23edbffc068a87L,0xb78d4725745b029bL,
-        0x74610713cefdd9bdL },
-      { 0x7116f75f1266bf52L,0x0204672218e49bb6L,0xdf43df9f3d6f19e3L,
-        0xef1bc7d0e685cb2fL } },
-    /* 44 << 168 */
-    { { 0xcddb27c17078c432L,0xe1961b9cb77fedb7L,0x1edc2f5cc2290570L,
-        0x2c3fefca19cbd886L },
-      { 0xcf880a36c2af389aL,0x96c610fdbda71ceaL,0xf03977a932aa8463L,
-        0x8eb7763f8586d90aL } },
-    /* 45 << 168 */
-    { { 0x3f3424542a296e77L,0xc871868342837a35L,0x7dc710906a09c731L,
-        0x54778ffb51b816dbL },
-      { 0x6b33bfecaf06defdL,0xfe3c105f8592b70bL,0xf937fda461da6114L,
-        0x3c13e6514c266ad7L } },
-    /* 46 << 168 */
-    { { 0xe363a829855938e8L,0x2eeb5d9e9de54b72L,0xbeb93b0e20ccfab9L,
-        0x3dffbb5f25e61a25L },
-      { 0x7f655e431acc093dL,0x0cb6cc3d3964ce61L,0x6ab283a1e5e9b460L,
-        0x55d787c5a1c7e72dL } },
-    /* 47 << 168 */
-    { { 0x4d2efd47deadbf02L,0x11e80219ac459068L,0x810c762671f311f0L,
-        0xfa17ef8d4ab6ef53L },
-      { 0xaf47fd2593e43bffL,0x5cb5ff3f0be40632L,0x546871068ee61da3L,
-        0x7764196eb08afd0fL } },
-    /* 48 << 168 */
-    { { 0x831ab3edf0290a8fL,0xcae81966cb47c387L,0xaad7dece184efb4fL,
-        0xdcfc53b34749110eL },
-      { 0x6698f23c4cb632f9L,0xc42a1ad6b91f8067L,0xb116a81d6284180aL,
-        0xebedf5f8e901326fL } },
-    /* 49 << 168 */
-    { { 0xf2274c9f97e3e044L,0x4201852011d09fc9L,0x56a65f17d18e6e23L,
-        0x2ea61e2a352b683cL },
-      { 0x27d291bc575eaa94L,0x9e7bc721b8ff522dL,0x5f7268bfa7f04d6fL,
-        0x5868c73faba41748L } },
-    /* 50 << 168 */
-    { { 0x9f85c2db7be0eeadL,0x511e7842ff719135L,0x5a06b1e9c5ea90d7L,
-        0x0c19e28326fab631L },
-      { 0x8af8f0cfe9206c55L,0x89389cb43553c06aL,0x39dbed97f65f8004L,
-        0x0621b037c508991dL } },
-    /* 51 << 168 */
-    { { 0x1c52e63596e78cc4L,0x5385c8b20c06b4a8L,0xd84ddfdbb0e87d03L,
-        0xc49dfb66934bafadL },
-      { 0x7071e17059f70772L,0x3a073a843a1db56bL,0x034949033b8af190L,
-        0x7d882de3d32920f0L } },
-    /* 52 << 168 */
-    { { 0x91633f0ab2cf8940L,0x72b0b1786f948f51L,0x2d28dc30782653c8L,
-        0x88829849db903a05L },
-      { 0xb8095d0c6a19d2bbL,0x4b9e7f0c86f782cbL,0x7af739882d907064L,
-        0xd12be0fe8b32643cL } },
-    /* 53 << 168 */
-    { { 0x358ed23d0e165dc3L,0x3d47ce624e2378ceL,0x7e2bb0b9feb8a087L,
-        0x3246e8aee29e10b9L },
-      { 0x459f4ec703ce2b4dL,0xe9b4ca1bbbc077cfL,0x2613b4f20e9940c1L,
-        0xfc598bb9047d1eb1L } },
-    /* 54 << 168 */
-    { { 0x9744c62b45036099L,0xa9dee742167c65d8L,0x0c511525dabe1943L,
-        0xda11055493c6c624L },
-      { 0xae00a52c651a3be2L,0xcda5111d884449a6L,0x063c06f4ff33bed1L,
-        0x73baaf9a0d3d76b4L } },
-    /* 55 << 168 */
-    { { 0x52fb0c9d7fc63668L,0x6886c9dd0c039cdeL,0x602bd59955b22351L,
-        0xb00cab02360c7c13L },
-      { 0x8cb616bc81b69442L,0x41486700b55c3ceeL,0x71093281f49ba278L,
-        0xad956d9c64a50710L } },
-    /* 56 << 168 */
-    { { 0x9561f28b638a7e81L,0x54155cdf5980ddc3L,0xb2db4a96d26f247aL,
-        0x9d774e4e4787d100L },
-      { 0x1a9e6e2e078637d2L,0x1c363e2d5e0ae06aL,0x7493483ee9cfa354L,
-        0x76843cb37f74b98dL } },
-    /* 57 << 168 */
-    { { 0xbaca6591d4b66947L,0xb452ce9804460a8cL,0x6830d24643768f55L,
-        0xf4197ed87dff12dfL },
-      { 0x6521b472400dd0f7L,0x59f5ca8f4b1e7093L,0x6feff11b080338aeL,
-        0x0ada31f6a29ca3c6L } },
-    /* 58 << 168 */
-    { { 0x24794eb694a2c215L,0xd83a43ab05a57ab4L,0x264a543a2a6f89feL,
-        0x2c2a3868dd5ec7c2L },
-      { 0xd33739408439d9b2L,0x715ea6720acd1f11L,0x42c1d235e7e6cc19L,
-        0x81ce6e96b990585cL } },
-    /* 59 << 168 */
-    { { 0x04e5dfe0d809c7bdL,0xd7b2580c8f1050abL,0x6d91ad78d8a4176fL,
-        0x0af556ee4e2e897cL },
-      { 0x162a8b73921de0acL,0x52ac9c227ea78400L,0xee2a4eeaefce2174L,
-        0xbe61844e6d637f79L } },
-    /* 60 << 168 */
-    { { 0x0491f1bc789a283bL,0x72d3ac3d880836f4L,0xaa1c5ea388e5402dL,
-        0x1b192421d5cc473dL },
-      { 0x5c0b99989dc84cacL,0xb0a8482d9c6e75b8L,0x639961d03a191ce2L,
-        0xda3bc8656d837930L } },
-    /* 61 << 168 */
-    { { 0xca990653056e6f8fL,0x84861c4164d133a7L,0x8b403276746abe40L,
-        0xb7b4d51aebf8e303L },
-      { 0x05b43211220a255dL,0xc997152c02419e6eL,0x76ff47b6630c2feaL,
-        0x50518677281fdadeL } },
-    /* 62 << 168 */
-    { { 0x3283b8bacf902b0bL,0x8d4b4eb537db303bL,0xcc89f42d755011bcL,
-        0xb43d74bbdd09d19bL },
-      { 0x65746bc98adba350L,0x364eaf8cb51c1927L,0x13c7659610ad72ecL,
-        0x30045121f8d40c20L } },
-    /* 63 << 168 */
-    { { 0x6d2d99b7ea7b979bL,0xcd78cd74e6fb3bcdL,0x11e45a9e86cffbfeL,
-        0x78a61cf4637024f6L },
-      { 0xd06bc8723d502295L,0xf1376854458cb288L,0xb9db26a1342f8586L,
-        0xf33effcf4beee09eL } },
-    /* 64 << 168 */
-    { { 0xd7e0c4cdb30cfb3aL,0x6d09b8c16c9db4c8L,0x40ba1a4207c8d9dfL,
-        0x6fd495f71c52c66dL },
-      { 0xfb0e169f275264daL,0x80c2b746e57d8362L,0xedd987f749ad7222L,
-        0xfdc229af4398ec7bL } },
-    /* 0 << 175 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 175 */
-    { { 0xb0d1ed8452666a58L,0x4bcb6e00e6a9c3c2L,0x3c57411c26906408L,
-        0xcfc2075513556400L },
-      { 0xa08b1c505294dba3L,0xa30ba2868b7dd31eL,0xd70ba90e991eca74L,
-        0x094e142ce762c2b9L } },
-    /* 2 << 175 */
-    { { 0xb81d783e979f3925L,0x1efd130aaf4c89a7L,0x525c2144fd1bf7faL,
-        0x4b2969041b265a9eL },
-      { 0xed8e9634b9db65b6L,0x35c82e3203599d8aL,0xdaa7a54f403563f3L,
-        0x9df088ad022c38abL } },
-    /* 3 << 175 */
-    { { 0xe5cfb066bb3fd30aL,0x429169daeff0354eL,0x809cf8523524e36cL,
-        0x136f4fb30155be1dL },
-      { 0x4826af011fbba712L,0x6ef0f0b4506ba1a1L,0xd9928b3177aea73eL,
-        0xe2bf6af25eaa244eL } },
-    /* 4 << 175 */
-    { { 0x8d084f124237b64bL,0x688ebe99e3ecfd07L,0x57b8a70cf6845dd8L,
-        0x808fc59c5da4a325L },
-      { 0xa9032b2ba3585862L,0xb66825d5edf29386L,0xb5a5a8db431ec29bL,
-        0xbb143a983a1e8dc8L } },
-    /* 5 << 175 */
-    { { 0x35ee94ce12ae381bL,0x3a7f176c86ccda90L,0xc63a657e4606eacaL,
-        0x9ae5a38043cd04dfL },
-      { 0x9bec8d15ed251b46L,0x1f5d6d30caca5e64L,0x347b3b359ff20f07L,
-        0x4d65f034f7e4b286L } },
-    /* 6 << 175 */
-    { { 0x9e93ba24f111661eL,0xedced484b105eb04L,0x96dc9ba1f424b578L,
-        0xbf8f66b7e83e9069L },
-      { 0x872d4df4d7ed8216L,0xbf07f3778e2cbecfL,0x4281d89998e73754L,
-        0xfec85fbb8aab8708L } },
-    /* 7 << 175 */
-    { { 0x9a3c0deea5ba5b0bL,0xe6a116ce42d05299L,0xae9775fee9b02d42L,
-        0x72b05200a1545cb6L },
-      { 0xbc506f7d31a3b4eaL,0xe58930788bbd9b32L,0xc8bc5f37e4b12a97L,
-        0x6b000c064a73b671L } },
-    /* 8 << 175 */
-    { { 0x13b5bf22765fa7d0L,0x59805bf01d6a5370L,0x67a5e29d4280db98L,
-        0x4f53916f776b1ce3L },
-      { 0x714ff61f33ddf626L,0x4206238ea085d103L,0x1c50d4b7e5809ee3L,
-        0x999f450d85f8eb1dL } },
-    /* 9 << 175 */
-    { { 0x658a6051e4c79e9bL,0x1394cb73c66a9feaL,0x27f31ed5c6be7b23L,
-        0xf4c88f365aa6f8feL },
-      { 0x0fb0721f4aaa499eL,0x68b3a7d5e3fb2a6bL,0xa788097d3a92851dL,
-        0x060e7f8ae96f4913L } },
-    /* 10 << 175 */
-    { { 0x82eebe731a3a93bcL,0x42bbf465a21adc1aL,0xc10b6fa4ef030efdL,
-        0x247aa4c787b097bbL },
-      { 0x8b8dc632f60c77daL,0x6ffbc26ac223523eL,0xa4f6ff11344579cfL,
-        0x5825653c980250f6L } },
-    /* 11 << 175 */
-    { { 0xb2dd097ebc1aa2b9L,0x0788939337a0333aL,0x1cf55e7137a0db38L,
-        0x2648487f792c1613L },
-      { 0xdad013363fcef261L,0x6239c81d0eabf129L,0x8ee761de9d276be2L,
-        0x406a7a341eda6ad3L } },
-    /* 12 << 175 */
-    { { 0x4bf367ba4a493b31L,0x54f20a529bf7f026L,0xb696e0629795914bL,
-        0xcddab96d8bf236acL },
-      { 0x4ff2c70aed25ea13L,0xfa1d09eb81cbbbe7L,0x88fc8c87468544c5L,
-        0x847a670d696b3317L } },
-    /* 13 << 175 */
-    { { 0xf133421e64bcb626L,0xaea638c826dee0b5L,0xd6e7680bb310346cL,
-        0xe06f4097d5d4ced3L },
-      { 0x099614527512a30bL,0xf3d867fde589a59aL,0x2e73254f52d0c180L,
-        0x9063d8a3333c74acL } },
-    /* 14 << 175 */
-    { { 0xeda6c595d314e7bcL,0x2ee7464b467899edL,0x1cef423c0a1ed5d3L,
-        0x217e76ea69cc7613L },
-      { 0x27ccce1fe7cda917L,0x12d8016b8a893f16L,0xbcd6de849fc74f6bL,
-        0xfa5817e2f3144e61L } },
-    /* 15 << 175 */
-    { { 0x1f3541640821ee4cL,0x1583eab40bc61992L,0x7490caf61d72879fL,
-        0x998ad9f3f76ae7b2L },
-      { 0x1e181950a41157f7L,0xa9d7e1e6e8da3a7eL,0x963784eb8426b95fL,
-        0x0ee4ed6e542e2a10L } },
-    /* 16 << 175 */
-    { { 0xb79d4cc5ac751e7bL,0x93f96472fd4211bdL,0x8c72d3d2c8de4fc6L,
-        0x7b69cbf5df44f064L },
-      { 0x3da90ca2f4bf94e1L,0x1a5325f8f12894e2L,0x0a437f6c7917d60bL,
-        0x9be7048696c9cb5dL } },
-    /* 17 << 175 */
-    { { 0xb4d880bfe1dc5c05L,0xd738addaeebeeb57L,0x6f0119d3df0fe6a3L,
-        0x5c686e5566eaaf5aL },
-      { 0x9cb10b50dfd0b7ecL,0xbdd0264b6a497c21L,0xfc0935148c546c96L,
-        0x58a947fa79dbf42aL } },
-    /* 18 << 175 */
-    { { 0xc0b48d4e49ccd6d7L,0xff8fb02c88bd5580L,0xc75235e907d473b2L,
-        0x4fab1ac5a2188af3L },
-      { 0x030fa3bc97576ec0L,0xe8c946e80b7e7d2fL,0x40a5c9cc70305600L,
-        0x6d8260a9c8b013b4L } },
-    /* 19 << 175 */
-    { { 0x0368304f70bba85cL,0xad090da1a4a0d311L,0x7170e8702415eec1L,
-        0xbfba35fe8461ea47L },
-      { 0x6279019ac1e91938L,0xa47638f31afc415fL,0x36c65cbbbcba0e0fL,
-        0x02160efb034e2c48L } },
-    /* 20 << 175 */
-    { { 0xe6c51073615cd9e4L,0x498ec047f1243c06L,0x3e5a8809b17b3d8cL,
-        0x5cd99e610cc565f1L },
-      { 0x81e312df7851dafeL,0xf156f5baa79061e2L,0x80d62b71880c590eL,
-        0xbec9746f0a39faa1L } },
-    /* 21 << 175 */
-    { { 0x1d98a9c1c8ed1f7aL,0x09e43bb5a81d5ff2L,0xd5f00f680da0794aL,
-        0x412050d9661aa836L },
-      { 0xa89f7c4e90747e40L,0x6dc05ebbb62a3686L,0xdf4de847308e3353L,
-        0x53868fbb9fb53bb9L } },
-    /* 22 << 175 */
-    { { 0x2b09d2c3cfdcf7ddL,0x41a9fce3723fcab4L,0x73d905f707f57ca3L,
-        0x080f9fb1ac8e1555L },
-      { 0x7c088e849ba7a531L,0x07d35586ed9a147fL,0x602846abaf48c336L,
-        0x7320fd320ccf0e79L } },
-    /* 23 << 175 */
-    { { 0xaa780798b18bd1ffL,0x52c2e300afdd2905L,0xf27ea3d6434267cdL,
-        0x8b96d16d15605b5fL },
-      { 0x7bb310494b45706bL,0xe7f58b8e743d25f8L,0xe9b5e45b87f30076L,
-        0xd19448d65d053d5aL } },
-    /* 24 << 175 */
-    { { 0x1ecc8cb9d3210a04L,0x6bc7d463dafb5269L,0x3e59b10a67c3489fL,
-        0x1769788c65641e1bL },
-      { 0x8a53b82dbd6cb838L,0x7066d6e6236d5f22L,0x03aa1c616908536eL,
-        0xc971da0d66ae9809L } },
-    /* 25 << 175 */
-    { { 0x01b3a86bc49a2facL,0x3b8420c03092e77aL,0x020573007d6fb556L,
-        0x6941b2a1bff40a87L },
-      { 0x140b63080658ff2aL,0x878043633424ab36L,0x0253bd515751e299L,
-        0xc75bcd76449c3e3aL } },
-    /* 26 << 175 */
-    { { 0x92eb40907f8f875dL,0x9c9d754e56c26bbfL,0x158cea618110bbe7L,
-        0x62a6b802745f91eaL },
-      { 0xa79c41aac6e7394bL,0x445b6a83ad57ef10L,0x0c5277eb6ea6f40cL,
-        0x319fe96b88633365L } },
-    /* 27 << 175 */
-    { { 0x0b0fc61f385f63cbL,0x41250c8422bdd127L,0x67d153f109e942c2L,
-        0x60920d08c021ad5dL },
-      { 0x229f5746724d81a5L,0xb7ffb8925bba3299L,0x518c51a1de413032L,
-        0x2a9bfe773c2fd94cL } },
-    /* 28 << 175 */
-    { { 0xcbcde2393191f4fdL,0x43093e16d3d6ada1L,0x184579f358769606L,
-        0x2c94a8b3d236625cL },
-      { 0x6922b9c05c437d8eL,0x3d4ae423d8d9f3c8L,0xf72c31c12e7090a2L,
-        0x4ac3f5f3d76a55bdL } },
-    /* 29 << 175 */
-    { { 0x342508fc6b6af991L,0x0d5271001b5cebbdL,0xb84740d0dd440dd7L,
-        0x748ef841780162fdL },
-      { 0xa8dbfe0edfc6fafbL,0xeadfdf05f7300f27L,0x7d06555ffeba4ec9L,
-        0x12c56f839e25fa97L } },
-    /* 30 << 175 */
-    { { 0x77f84203d39b8c34L,0xed8b1be63125eddbL,0x5bbf2441f6e39dc5L,
-        0xb00f6ee66a5d678aL },
-      { 0xba456ecf57d0ea99L,0xdcae0f5817e06c43L,0x01643de40f5b4baaL,
-        0x2c324341d161b9beL } },
-    /* 31 << 175 */
-    { { 0x80177f55e126d468L,0xed325f1f76748e09L,0x6116004acfa9bdc2L,
-        0x2d8607e63a9fb468L },
-      { 0x0e573e276009d660L,0x3a525d2e8d10c5a1L,0xd26cb45c3b9009a0L,
-        0xb6b0cdc0de9d7448L } },
-    /* 32 << 175 */
-    { { 0x949c9976e1337c26L,0x6faadebdd73d68e5L,0x9e158614f1b768d9L,
-        0x22dfa5579cc4f069L },
-      { 0xccd6da17be93c6d6L,0x24866c61a504f5b9L,0x2121353c8d694da1L,
-        0x1c6ca5800140b8c6L } },
-    /* 33 << 175 */
-    { { 0xc245ad8ce964021eL,0xb83bffba032b82b3L,0xfaa220c647ef9898L,
-        0x7e8d3ac6982c948aL },
-      { 0x1faa2091bc2d124aL,0xbd54c3dd05b15ff4L,0x386bf3abc87c6fb7L,
-        0xfb2b0563fdeb6f66L } },
-    /* 34 << 175 */
-    { { 0x4e77c5575b45afb4L,0xe9ded649efb8912dL,0x7ec9bbf542f6e557L,
-        0x2570dfff62671f00L },
-      { 0x2b3bfb7888e084bdL,0xa024b238f37fe5b4L,0x44e7dc0495649aeeL,
-        0x498ca2555e7ec1d8L } },
-    /* 35 << 175 */
-    { { 0x3bc766eaaaa07e86L,0x0db6facbf3608586L,0xbadd2549bdc259c8L,
-        0x95af3c6e041c649fL },
-      { 0xb36a928c02e30afbL,0x9b5356ad008a88b8L,0x4b67a5f1cf1d9e9dL,
-        0xc6542e47a5d8d8ceL } },
-    /* 36 << 175 */
-    { { 0x73061fe87adfb6ccL,0xcc826fd398678141L,0x00e758b13c80515aL,
-        0x6afe324741485083L },
-      { 0x0fcb08b9b6ae8a75L,0xb8cf388d4acf51e1L,0x344a55606961b9d6L,
-        0x1a6778b86a97fd0cL } },
-    /* 37 << 175 */
-    { { 0xd840fdc1ecc4c7e3L,0xde9fe47d16db68ccL,0xe95f89dea3e216aaL,
-        0x84f1a6a49594a8beL },
-      { 0x7ddc7d725a7b162bL,0xc5cfda19adc817a3L,0x80a5d35078b58d46L,
-        0x93365b1382978f19L } },
-    /* 38 << 175 */
-    { { 0x2e44d22526a1fc90L,0x0d6d10d24d70705dL,0xd94b6b10d70c45f4L,
-        0x0f201022b216c079L },
-      { 0xcec966c5658fde41L,0xa8d2bc7d7e27601dL,0xbfcce3e1ff230be7L,
-        0x3394ff6b0033ffb5L } },
-    /* 39 << 175 */
-    { { 0xd890c5098132c9afL,0xaac4b0eb361e7868L,0x5194ded3e82d15aaL,
-        0x4550bd2e23ae6b7dL },
-      { 0x3fda318eea5399d4L,0xd989bffa91638b80L,0x5ea124d0a14aa12dL,
-        0x1fb1b8993667b944L } },
-    /* 40 << 175 */
-    { { 0x95ec796944c44d6aL,0x91df144a57e86137L,0x915fd62073adac44L,
-        0x8f01732d59a83801L },
-      { 0xec579d253aa0a633L,0x06de5e7cc9d6d59cL,0xc132f958b1ef8010L,
-        0x29476f96e65c1a02L } },
-    /* 41 << 175 */
-    { { 0x336a77c0d34c3565L,0xef1105b21b9f1e9eL,0x63e6d08bf9e08002L,
-        0x9aff2f21c613809eL },
-      { 0xb5754f853a80e75dL,0xde71853e6bbda681L,0x86f041df8197fd7aL,
-        0x8b332e08127817faL } },
-    /* 42 << 175 */
-    { { 0x05d99be8b9c20cdaL,0x89f7aad5d5cd0c98L,0x7ef936fe5bb94183L,
-        0x92ca0753b05cd7f2L },
-      { 0x9d65db1174a1e035L,0x02628cc813eaea92L,0xf2d9e24249e4fbf2L,
-        0x94fdfd9be384f8b7L } },
-    /* 43 << 175 */
-    { { 0x65f5605463428c6bL,0x2f7205b290b409a5L,0xf778bb78ff45ae11L,
-        0xa13045bec5ee53b2L },
-      { 0xe00a14ff03ef77feL,0x689cd59fffef8befL,0x3578f0ed1e9ade22L,
-        0xe99f3ec06268b6a8L } },
-    /* 44 << 175 */
-    { { 0xa2057d91ea1b3c3eL,0x2d1a7053b8823a4aL,0xabbb336a2cca451eL,
-        0xcd2466e32218bb5dL },
-      { 0x3ac1f42fc8cb762dL,0x7e312aae7690211fL,0xebb9bd7345d07450L,
-        0x207c4b8246c2213fL } },
-    /* 45 << 175 */
-    { { 0x99d425c1375913ecL,0x94e45e9667908220L,0xc08f3087cd67dbf6L,
-        0xa5670fbec0887056L },
-      { 0x6717b64a66f5b8fcL,0xd5a56aea786fec28L,0xa8c3f55fc0ff4952L,
-        0xa77fefae457ac49bL } },
-    /* 46 << 175 */
-    { { 0x29882d7c98379d44L,0xd000bdfb509edc8aL,0xc6f95979e66fe464L,
-        0x504a6115fa61bde0L },
-      { 0x56b3b871effea31aL,0x2d3de26df0c21a54L,0x21dbff31834753bfL,
-        0xe67ecf4969269d86L } },
-    /* 47 << 175 */
-    { { 0x7a176952151fe690L,0x035158047f2adb5fL,0xee794b15d1b62a8dL,
-        0xf004ceecaae454e6L },
-      { 0x0897ea7cf0386facL,0x3b62ff12d1fca751L,0x154181df1b7a04ecL,
-        0x2008e04afb5847ecL } },
-    /* 48 << 175 */
-    { { 0xd147148e41dbd772L,0x2b419f7322942654L,0x669f30d3e9c544f7L,
-        0x52a2c223c8540149L },
-      { 0x5da9ee14634dfb02L,0x5f074ff0f47869f3L,0x74ee878da3933accL,
-        0xe65106514fe35ed1L } },
-    /* 49 << 175 */
-    { { 0xb3eb9482f1012e7aL,0x51013cc0a8a566aeL,0xdd5e924347c00d3bL,
-        0x7fde089d946bb0e5L },
-      { 0x030754fec731b4b3L,0x12a136a499fda062L,0x7c1064b85a1a35bcL,
-        0xbf1f5763446c84efL } },
-    /* 50 << 175 */
-    { { 0xed29a56da16d4b34L,0x7fba9d09dca21c4fL,0x66d7ac006d8de486L,
-        0x6006198773a2a5e1L },
-      { 0x8b400f869da28ff0L,0x3133f70843c4599cL,0x9911c9b8ee28cb0dL,
-        0xcd7e28748e0af61dL } },
-    /* 51 << 175 */
-    { { 0x5a85f0f272ed91fcL,0x85214f319cd4a373L,0x881fe5be1925253cL,
-        0xd8dc98e091e8bc76L },
-      { 0x7120affe585cc3a2L,0x724952ed735bf97aL,0x5581e7dc3eb34581L,
-        0x5cbff4f2e52ee57dL } },
-    /* 52 << 175 */
-    { { 0x8d320a0e87d8cc7bL,0x9beaa7f3f1d280d0L,0x7a0b95719beec704L,
-        0x9126332e5b7f0057L },
-      { 0x01fbc1b48ed3bd6dL,0x35bb2c12d945eb24L,0x6404694e9a8ae255L,
-        0xb6092eec8d6abfb3L } },
-    /* 53 << 175 */
-    { { 0x4d76143fcc058865L,0x7b0a5af26e249922L,0x8aef94406a50d353L,
-        0xe11e4bcc64f0e07aL },
-      { 0x4472993aa14a90faL,0x7706e20cba0c51d4L,0xf403292f1532672dL,
-        0x52573bfa21829382L } },
-    /* 54 << 175 */
-    { { 0x6a7bb6a93b5bdb83L,0x08da65c0a4a72318L,0xc58d22aa63eb065fL,
-        0x1717596c1b15d685L },
-      { 0x112df0d0b266d88bL,0xf688ae975941945aL,0x487386e37c292cacL,
-        0x42f3b50d57d6985cL } },
-    /* 55 << 175 */
-    { { 0x6da4f9986a90fc34L,0xc8f257d365ca8a8dL,0xc2feabca6951f762L,
-        0xe1bc81d074c323acL },
-      { 0x1bc68f67251a2a12L,0x10d86587be8a70dcL,0xd648af7ff0f84d2eL,
-        0xf0aa9ebc6a43ac92L } },
-    /* 56 << 175 */
-    { { 0x69e3be0427596893L,0xb6bb02a645bf452bL,0x0875c11af4c698c8L,
-        0x6652b5c7bece3794L },
-      { 0x7b3755fd4f5c0499L,0x6ea16558b5532b38L,0xd1c69889a2e96ef7L,
-        0x9c773c3a61ed8f48L } },
-    /* 57 << 175 */
-    { { 0x2b653a409b323abcL,0xe26605e1f0e1d791L,0x45d410644a87157aL,
-        0x8f9a78b7cbbce616L },
-      { 0xcf1e44aac407edddL,0x81ddd1d8a35b964fL,0x473e339efd083999L,
-        0x6c94bdde8e796802L } },
-    /* 58 << 175 */
-    { { 0x5a304ada8545d185L,0x82ae44ea738bb8cbL,0x628a35e3df87e10eL,
-        0xd3624f3da15b9fe3L },
-      { 0xcc44209b14be4254L,0x7d0efcbcbdbc2ea5L,0x1f60336204c37bbeL,
-        0x21f363f556a5852cL } },
-    /* 59 << 175 */
-    { { 0xa1503d1ca8501550L,0x2251e0e1d8ab10bbL,0xde129c966961c51cL,
-        0x1f7246a481910f68L },
-      { 0x2eb744ee5f2591f2L,0x3c47d33f5e627157L,0x4d6d62c922f3bd68L,
-        0x6120a64bcb8df856L } },
-    /* 60 << 175 */
-    { { 0x3a9ac6c07b5d07dfL,0xa92b95587ef39783L,0xe128a134ab3a9b4fL,
-        0x41c18807b1252f05L },
-      { 0xfc7ed08980ba9b1cL,0xac8dc6dec532a9ddL,0xbf829cef55246809L,
-        0x101b784f5b4ee80fL } },
-    /* 61 << 175 */
-    { { 0xc09945bbb6f11603L,0x57b09dbe41d2801eL,0xfba5202fa97534a8L,
-        0x7fd8ae5fc17b9614L },
-      { 0xa50ba66678308435L,0x9572f77cd3868c4dL,0x0cef7bfd2dd7aab0L,
-        0xe7958e082c7c79ffL } },
-    /* 62 << 175 */
-    { { 0x81262e4225346689L,0x716da290b07c7004L,0x35f911eab7950ee3L,
-        0x6fd72969261d21b5L },
-      { 0x5238980308b640d3L,0x5b0026ee887f12a1L,0x20e21660742e9311L,
-        0x0ef6d5415ff77ff7L } },
-    /* 63 << 175 */
-    { { 0x969127f0f9c41135L,0xf21d60c968a64993L,0x656e5d0ce541875cL,
-        0xf1e0f84ea1d3c233L },
-      { 0x9bcca35906002d60L,0xbe2da60c06191552L,0x5da8bbae61181ec3L,
-        0x9f04b82365806f19L } },
-    /* 64 << 175 */
-    { { 0xf1604a7dd4b79bb8L,0xaee806fb52c878c8L,0x34144f118d47b8e8L,
-        0x72edf52b949f9054L },
-      { 0xebfca84e2127015aL,0x9051d0c09cb7cef3L,0x86e8fe58296deec8L,
-        0x33b2818841010d74L } },
-    /* 0 << 182 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 182 */
-    { { 0x01079383171b445fL,0x9bcf21e38131ad4cL,0x8cdfe205c93987e8L,
-        0xe63f4152c92e8c8fL },
-      { 0x729462a930add43dL,0x62ebb143c980f05aL,0x4f3954e53b06e968L,
-        0xfe1d75ad242cf6b1L } },
-    /* 2 << 182 */
-    { { 0x5f95c6c7af8685c8L,0xd4c1c8ce2f8f01aaL,0xc44bbe322574692aL,
-        0xb8003478d4a4a068L },
-      { 0x7c8fc6e52eca3cdbL,0xea1db16bec04d399L,0xb05bc82e8f2bc5cfL,
-        0x763d517ff44793d2L } },
-    /* 3 << 182 */
-    { { 0x4451c1b808bd98d0L,0x644b1cd46575f240L,0x6907eb337375d270L,
-        0x56c8bebdfa2286bdL },
-      { 0xc713d2acc4632b46L,0x17da427aafd60242L,0x313065b7c95c7546L,
-        0xf8239898bf17a3deL } },
-    /* 4 << 182 */
-    { { 0xf3b7963f4c830320L,0x842c7aa0903203e3L,0xaf22ca0ae7327afbL,
-        0x38e13092967609b6L },
-      { 0x73b8fb62757558f1L,0x3cc3e831f7eca8c1L,0xe4174474f6331627L,
-        0xa77989cac3c40234L } },
-    /* 5 << 182 */
-    { { 0xe5fd17a144a081e0L,0xd797fb7db70e296aL,0x2b472b30481f719cL,
-        0x0e632a98fe6f8c52L },
-      { 0x89ccd116c5f0c284L,0xf51088af2d987c62L,0x2a2bccda4c2de6cfL,
-        0x810f9efef679f0f9L } },
-    /* 6 << 182 */
-    { { 0xb0f394b97ffe4b3eL,0x0b691d21e5fa5d21L,0xb0bd77479dfbbc75L,
-        0xd2830fdafaf78b00L },
-      { 0xf78c249c52434f57L,0x4b1f754598096dabL,0x73bf6f948ff8c0b3L,
-        0x34aef03d454e134cL } },
-    /* 7 << 182 */
-    { { 0xf8d151f4b7ac7ec5L,0xd6ceb95ae50da7d5L,0xa1b492b0dc3a0eb8L,
-        0x75157b69b3dd2863L },
-      { 0xe2c4c74ec5413d62L,0xbe329ff7bc5fc4c7L,0x835a2aea60fa9ddaL,
-        0xf117f5ad7445cb87L } },
-    /* 8 << 182 */
-    { { 0xae8317f4b0166f7aL,0xfbd3e3f7ceec74e6L,0xfdb516ace0874bfdL,
-        0x3d846019c681f3a3L },
-      { 0x0b12ee5c7c1620b0L,0xba68b4dd2b63c501L,0xac03cd326668c51eL,
-        0x2a6279f74e0bcb5bL } },
-    /* 9 << 182 */
-    { { 0x17bd69b06ae85c10L,0x729469791dfdd3a6L,0xd9a032682c078becL,
-        0x41c6a658bfd68a52L },
-      { 0xcdea10240e023900L,0xbaeec121b10d144dL,0x5a600e74058ab8dcL,
-        0x1333af21bb89ccddL } },
-    /* 10 << 182 */
-    { { 0xdf25eae03aaba1f1L,0x2cada16e3b7144cfL,0x657ee27d71ab98bcL,
-        0x99088b4c7a6fc96eL },
-      { 0x05d5c0a03549dbd4L,0x42cbdf8ff158c3acL,0x3fb6b3b087edd685L,
-        0x22071cf686f064d0L } },
-    /* 11 << 182 */
-    { { 0xd2d6721fff2811e5L,0xdb81b703fe7fae8cL,0x3cfb74efd3f1f7bbL,
-        0x0cdbcd7616cdeb5dL },
-      { 0x4f39642a566a808cL,0x02b74454340064d6L,0xfabbadca0528fa6fL,
-        0xe4c3074cd3fc0bb6L } },
-    /* 12 << 182 */
-    { { 0xb32cb8b0b796d219L,0xc3e95f4f34741dd9L,0x8721212568edf6f5L,
-        0x7a03aee4a2b9cb8eL },
-      { 0x0cd3c376f53a89aaL,0x0d8af9b1948a28dcL,0xcf86a3f4902ab04fL,
-        0x8aacb62a7f42002dL } },
-    /* 13 << 182 */
-    { { 0x106985ebf62ffd52L,0xe670b54e5797bf10L,0x4b405209c5e30aefL,
-        0x12c97a204365b5e9L },
-      { 0x104646ce1fe32093L,0x13cb4ff63907a8c9L,0x8b9f30d1d46e726bL,
-        0xe1985e21aba0f499L } },
-    /* 14 << 182 */
-    { { 0xc573dea910a230cdL,0x24f46a93cd30f947L,0xf2623fcfabe2010aL,
-        0x3f278cb273f00e4fL },
-      { 0xed55c67d50b920ebL,0xf1cb9a2d8e760571L,0x7c50d1090895b709L,
-        0x4207cf07190d4369L } },
-    /* 15 << 182 */
-    { { 0x3b027e81c4127fe1L,0xa9f8b9ad3ae9c566L,0x5ab10851acbfbba5L,
-        0xa747d648569556f5L },
-      { 0xcc172b5c2ba97bf7L,0x15e0f77dbcfa3324L,0xa345b7977686279dL,
-        0x5a723480e38003d3L } },
-    /* 16 << 182 */
-    { { 0xfd8e139f8f5fcda8L,0xf3e558c4bdee5bfdL,0xd76cbaf4e33f9f77L,
-        0x3a4c97a471771969L },
-      { 0xda27e84bf6dce6a7L,0xff373d9613e6c2d1L,0xf115193cd759a6e9L,
-        0x3f9b702563d2262cL } },
-    /* 17 << 182 */
-    { { 0xd9764a31317cd062L,0x30779d8e199f8332L,0xd807410616b11b0bL,
-        0x7917ab9f78aeaed8L },
-      { 0xb67a9cbe28fb1d8eL,0x2e313563136eda33L,0x010b7069a371a86cL,
-        0x44d90fa26744e6b7L } },
-    /* 18 << 182 */
-    { { 0x68190867d6b3e243L,0x9fe6cd9d59048c48L,0xb900b02895731538L,
-        0xa012062f32cae04fL },
-      { 0x8107c8bc9399d082L,0x47e8c54a41df12e2L,0x14ba5117b6ef3f73L,
-        0x22260bea81362f0bL } },
-    /* 19 << 182 */
-    { { 0x90ea261e1a18cc20L,0x2192999f2321d636L,0xef64d314e311b6a0L,
-        0xd7401e4c3b54a1f5L },
-      { 0x190199836fbca2baL,0x46ad32938fbffc4bL,0xa142d3f63786bf40L,
-        0xeb5cbc26b67039fcL } },
-    /* 20 << 182 */
-    { { 0x9cb0ae6c252bd479L,0x05e0f88a12b5848fL,0x78f6d2b2a5c97663L,
-        0x6f6e149bc162225cL },
-      { 0xe602235cde601a89L,0xd17bbe98f373be1fL,0xcaf49a5ba8471827L,
-        0x7e1a0a8518aaa116L } },
-    /* 21 << 182 */
-    { { 0x6c833196270580c3L,0x1e233839f1c98a14L,0x67b2f7b4ae34e0a5L,
-        0x47ac8745d8ce7289L },
-      { 0x2b74779a100dd467L,0x274a43374ee50d09L,0x603dcf1383608bc9L,
-        0xcd9da6c3c89e8388L } },
-    /* 22 << 182 */
-    { { 0x2660199f355116acL,0xcc38bb59b6d18eedL,0x3075f31f2f4bc071L,
-        0x9774457f265dc57eL },
-      { 0x06a6a9c8c6db88bbL,0x6429d07f4ec98e04L,0x8d05e57b05ecaa8bL,
-        0x20f140b17872ea7bL } },
-    /* 23 << 182 */
-    { { 0xdf8c0f09ca494693L,0x48d3a020f252e909L,0x4c5c29af57b14b12L,
-        0x7e6fa37dbf47ad1cL },
-      { 0x66e7b50649a0c938L,0xb72c0d486be5f41fL,0x6a6242b8b2359412L,
-        0xcd35c7748e859480L } },
-    /* 24 << 182 */
-    { { 0x12536fea87baa627L,0x58c1fec1f72aa680L,0x6c29b637601e5dc9L,
-        0x9e3c3c1cde9e01b9L },
-      { 0xefc8127b2bcfe0b0L,0x351071022a12f50dL,0x6ccd6cb14879b397L,
-        0xf792f804f8a82f21L } },
-    /* 25 << 182 */
-    { { 0x509d4804a9b46402L,0xedddf85dc10f0850L,0x928410dc4b6208aaL,
-        0xf6229c46391012dcL },
-      { 0xc5a7c41e7727b9b6L,0x289e4e4baa444842L,0x049ba1d9e9a947eaL,
-        0x44f9e47f83c8debcL } },
-    /* 26 << 182 */
-    { { 0xfa77a1fe611f8b8eL,0xfd2e416af518f427L,0xc5fffa70114ebac3L,
-        0xfe57c4e95d89697bL },
-      { 0xfdd053acb1aaf613L,0x31df210fea585a45L,0x318cc10e24985034L,
-        0x1a38efd15f1d6130L } },
-    /* 27 << 182 */
-    { { 0xbf86f2370b1e9e21L,0xb258514d1dbe88aaL,0x1e38a58890c1baf9L,
-        0x2936a01ebdb9b692L },
-      { 0xd576de986dd5b20cL,0xb586bf7170f98ecfL,0xcccf0f12c42d2fd7L,
-        0x8717e61cfb35bd7bL } },
-    /* 28 << 182 */
-    { { 0x8b1e572235e6fc06L,0x3477728f0b3e13d5L,0x150c294daa8a7372L,
-        0xc0291d433bfa528aL },
-      { 0xc6c8bc67cec5a196L,0xdeeb31e45c2e8a7cL,0xba93e244fb6e1c51L,
-        0xb9f8b71b2e28e156L } },
-    /* 29 << 182 */
-    { { 0xce65a287968a2ab9L,0xe3c5ce6946bbcb1fL,0xf8c835b9e7ae3f30L,
-        0x16bbee26ff72b82bL },
-      { 0x665e2017fd42cd22L,0x1e139970f8b1d2a0L,0x125cda2979204932L,
-        0x7aee94a549c3bee5L } },
-    /* 30 << 182 */
-    { { 0x68c7016089821a66L,0xf7c376788f981669L,0xd90829fc48cc3645L,
-        0x346af049d70addfcL },
-      { 0x2057b232370bf29cL,0xf90c73ce42e650eeL,0xe03386eaa126ab90L,
-        0x0e266e7e975a087bL } },
-    /* 31 << 182 */
-    { { 0x80578eb90fca65d9L,0x7e2989ea16af45b8L,0x7438212dcac75a4eL,
-        0x38c7ca394fef36b8L },
-      { 0x8650c494d402676aL,0x26ab5a66f72c7c48L,0x4e6cb426ce3a464eL,
-        0xf8f998962b72f841L } },
-    /* 32 << 182 */
-    { { 0x8c3184911a335cc8L,0x563459ba6a5913e4L,0x1b920d61c7b32919L,
-        0x805ab8b6a02425adL },
-      { 0x2ac512da8d006086L,0x6ca4846abcf5c0fdL,0xafea51d8ac2138d7L,
-        0xcb647545344cd443L } },
-    /* 33 << 182 */
-    { { 0x0429ee8fbd7d9040L,0xee66a2de819b9c96L,0x54f9ec25dea7d744L,
-        0x2ffea642671721bbL },
-      { 0x4f19dbd1114344eaL,0x04304536fd0dbc8bL,0x014b50aa29ec7f91L,
-        0xb5fc22febb06014dL } },
-    /* 34 << 182 */
-    { { 0x60d963a91ee682e0L,0xdf48abc0fe85c727L,0x0cadba132e707c2dL,
-        0xde608d3aa645aeffL },
-      { 0x05f1c28bedafd883L,0x3c362edebd94de1fL,0x8dd0629d13593e41L,
-        0x0a5e736f766d6eafL } },
-    /* 35 << 182 */
-    { { 0xbfa92311f68cf9d1L,0xa4f9ef87c1797556L,0x10d75a1f5601c209L,
-        0x651c374c09b07361L },
-      { 0x49950b5888b5ceadL,0x0ef000586fa9dbaaL,0xf51ddc264e15f33aL,
-        0x1f8b5ca62ef46140L } },
-    /* 36 << 182 */
-    { { 0x343ac0a3ee9523f0L,0xbb75eab2975ea978L,0x1bccf332107387f4L,
-        0x790f92599ab0062eL },
-      { 0xf1a363ad1e4f6a5fL,0x06e08b8462519a50L,0x609151877265f1eeL,
-        0x6a80ca3493ae985eL } },
-    /* 37 << 182 */
-    { { 0x81b29768aaba4864L,0xb13cabf28d52a7d6L,0xb5c363488ead03f1L,
-        0xc932ad9581c7c1c0L },
-      { 0x5452708ecae1e27bL,0x9dac42691b0df648L,0x233e3f0cdfcdb8bcL,
-        0xe6ceccdfec540174L } },
-    /* 38 << 182 */
-    { { 0xbd0d845e95081181L,0xcc8a7920699355d5L,0x111c0f6dc3b375a8L,
-        0xfd95bc6bfd51e0dcL },
-      { 0x4a106a266888523aL,0x4d142bd6cb01a06dL,0x79bfd289adb9b397L,
-        0x0bdbfb94e9863914L } },
-    /* 39 << 182 */
-    { { 0x29d8a2291660f6a6L,0x7f6abcd6551c042dL,0x13039deb0ac3ffe8L,
-        0xa01be628ec8523fbL },
-      { 0x6ea341030ca1c328L,0xc74114bdb903928eL,0x8aa4ff4e9e9144b0L,
-        0x7064091f7f9a4b17L } },
-    /* 40 << 182 */
-    { { 0xa3f4f521e447f2c4L,0x81b8da7a604291f0L,0xd680bc467d5926deL,
-        0x84f21fd534a1202fL },
-      { 0x1d1e31814e9df3d8L,0x1ca4861a39ab8d34L,0x809ddeec5b19aa4aL,
-        0x59f72f7e4d329366L } },
-    /* 41 << 182 */
-    { { 0xa2f93f41386d5087L,0x40bf739cdd67d64fL,0xb449420566702158L,
-        0xc33c65be73b1e178L },
-      { 0xcdcd657c38ca6153L,0x97f4519adc791976L,0xcc7c7f29cd6e1f39L,
-        0x38de9cfb7e3c3932L } },
-    /* 42 << 182 */
-    { { 0xe448eba37b793f85L,0xe9f8dbf9f067e914L,0xc0390266f114ae87L,
-        0x39ed75a7cd6a8e2aL },
-      { 0xadb148487ffba390L,0x67f8cb8b6af9bc09L,0x322c38489c7476dbL,
-        0xa320fecf52a538d6L } },
-    /* 43 << 182 */
-    { { 0xe0493002b2aced2bL,0xdfba1809616bd430L,0x531c4644c331be70L,
-        0xbc04d32e90d2e450L },
-      { 0x1805a0d10f9f142dL,0x2c44a0c547ee5a23L,0x31875a433989b4e3L,
-        0x6b1949fd0c063481L } },
-    /* 44 << 182 */
-    { { 0x2dfb9e08be0f4492L,0x3ff0da03e9d5e517L,0x03dbe9a1f79466a8L,
-        0x0b87bcd015ea9932L },
-      { 0xeb64fc83ab1f58abL,0x6d9598da817edc8aL,0x699cff661d3b67e5L,
-        0x645c0f2992635853L } },
-    /* 45 << 182 */
-    { { 0x253cdd82eabaf21cL,0x82b9602a2241659eL,0x2cae07ec2d9f7091L,
-        0xbe4c720c8b48cd9bL },
-      { 0x6ce5bc036f08d6c9L,0x36e8a997af10bf40L,0x83422d213e10ff12L,
-        0x7b26d3ebbcc12494L } },
-    /* 46 << 182 */
-    { { 0xb240d2d0c9469ad6L,0xc4a11b4d30afa05bL,0x4b604acedd6ba286L,
-        0x184866003ee2864cL },
-      { 0x5869d6ba8d9ce5beL,0x0d8f68c5ff4bfb0dL,0xb69f210b5700cf73L,
-        0x61f6653a6d37c135L } },
-    /* 47 << 182 */
-    { { 0xff3d432b5aff5a48L,0x0d81c4b972ba3a69L,0xee879ae9fa1899efL,
-        0xbac7e2a02d6acafdL },
-      { 0xd6d93f6c1c664399L,0x4c288de15bcb135dL,0x83031dab9dab7cbfL,
-        0xfe23feb03abbf5f0L } },
-    /* 48 << 182 */
-    { { 0x9f1b2466cdedca85L,0x140bb7101a09538cL,0xac8ae8515e11115dL,
-        0x0d63ff676f03f59eL },
-      { 0x755e55517d234afbL,0x61c2db4e7e208fc1L,0xaa9859cef28a4b5dL,
-        0xbdd6d4fc34af030fL } },
-    /* 49 << 182 */
-    { { 0xd1c4a26d3be01cb1L,0x9ba14ffc243aa07cL,0xf95cd3a9b2503502L,
-        0xe379bc067d2a93abL },
-      { 0x3efc18e9d4ca8d68L,0x083558ec80bb412aL,0xd903b9409645a968L,
-        0xa499f0b69ba6054fL } },
-    /* 50 << 182 */
-    { { 0x208b573cb8349abeL,0x3baab3e530b4fc1cL,0x87e978bacb524990L,
-        0x3524194eccdf0e80L },
-      { 0x627117257d4bcc42L,0xe90a3d9bb90109baL,0x3b1bdd571323e1e0L,
-        0xb78e9bd55eae1599L } },
-    /* 51 << 182 */
-    { { 0x0794b7469e03d278L,0x80178605d70e6297L,0x171792f899c97855L,
-        0x11b393eef5a86b5cL },
-      { 0x48ef6582d8884f27L,0xbd44737abf19ba5fL,0x8698de4ca42062c6L,
-        0x8975eb8061ce9c54L } },
-    /* 52 << 182 */
-    { { 0xd50e57c7d7fe71f3L,0x15342190bc97ce38L,0x51bda2de4df07b63L,
-        0xba12aeae200eb87dL },
-      { 0xabe135d2a9b4f8f6L,0x04619d65fad6d99cL,0x4a6683a77994937cL,
-        0x7a778c8b6f94f09aL } },
-    /* 53 << 182 */
-    { { 0x8c50862320a71b89L,0x241a2aed1c229165L,0x352be595aaf83a99L,
-        0x9fbfee7f1562bac8L },
-      { 0xeaf658b95c4017e3L,0x1dc7f9e015120b86L,0xd84f13dd4c034d6fL,
-        0x283dd737eaea3038L } },
-    /* 54 << 182 */
-    { { 0x197f2609cd85d6a2L,0x6ebbc345fae60177L,0xb80f031b4e12fedeL,
-        0xde55d0c207a2186bL },
-      { 0x1fb3e37f24dcdd5aL,0x8d602da57ed191fbL,0x108fb05676023e0dL,
-        0x70178c71459c20c0L } },
-    /* 55 << 182 */
-    { { 0xfad5a3863fe54cf0L,0xa4a3ec4f02bbb475L,0x1aa5ec20919d94d7L,
-        0x5d3b63b5a81e4ab3L },
-      { 0x7fa733d85ad3d2afL,0xfbc586ddd1ac7a37L,0x282925de40779614L,
-        0xfe0ffffbe74a242aL } },
-    /* 56 << 182 */
-    { { 0x3f39e67f906151e5L,0xcea27f5f55e10649L,0xdca1d4e1c17cf7b7L,
-        0x0c326d122fe2362dL },
-      { 0x05f7ac337dd35df3L,0x0c3b7639c396dbdfL,0x0912f5ac03b7db1cL,
-        0x9dea4b705c9ed4a9L } },
-    /* 57 << 182 */
-    { { 0x475e6e53aae3f639L,0xfaba0e7cfc278bacL,0x16f9e2219490375fL,
-        0xaebf9746a5a7ed0aL },
-      { 0x45f9af3ff41ad5d6L,0x03c4623cb2e99224L,0x82c5bb5cb3cf56aaL,
-        0x6431181934567ed3L } },
-    /* 58 << 182 */
-    { { 0xec57f2118be489acL,0x2821895db9a1104bL,0x610dc8756064e007L,
-        0x8e526f3f5b20d0feL },
-      { 0x6e71ca775b645aeeL,0x3d1dcb9f800e10ffL,0x36b51162189cf6deL,
-        0x2c5a3e306bb17353L } },
-    /* 59 << 182 */
-    { { 0xc186cd3e2a6c6fbfL,0xa74516fa4bf97906L,0x5b4b8f4b279d6901L,
-        0x0c4e57b42b573743L },
-      { 0x75fdb229b6e386b6L,0xb46793fd99deac27L,0xeeec47eacf712629L,
-        0xe965f3c4cbc3b2ddL } },
-    /* 60 << 182 */
-    { { 0x8dd1fb83425c6559L,0x7fc00ee60af06fdaL,0xe98c922533d956dfL,
-        0x0f1ef3354fbdc8a2L },
-      { 0x2abb5145b79b8ea2L,0x40fd2945bdbff288L,0x6a814ac4d7185db7L,
-        0xc4329d6fc084609aL } },
-    /* 61 << 182 */
-    { { 0xc9ba7b52ed1be45dL,0x891dd20de4cd2c74L,0x5a4d4a7f824139b1L,
-        0x66c17716b873c710L },
-      { 0x5e5bc1412843c4e0L,0xd5ac4817b97eb5bfL,0xc0f8af54450c95c7L,
-        0xc91b3fa0318406c5L } },
-    /* 62 << 182 */
-    { { 0x360c340aab9d97f8L,0xfb57bd0790a2d611L,0x4339ae3ca6a6f7e5L,
-        0x9c1fcd2a2feb8a10L },
-      { 0x972bcca9c7ea7432L,0x1b0b924c308076f6L,0x80b2814a2a5b4ca5L,
-        0x2f78f55b61ef3b29L } },
-    /* 63 << 182 */
-    { { 0xf838744ac18a414fL,0xc611eaae903d0a86L,0x94dabc162a453f55L,
-        0xe6f2e3da14efb279L },
-      { 0x5b7a60179320dc3cL,0x692e382f8df6b5a4L,0x3f5e15e02d40fa90L,
-        0xc87883ae643dd318L } },
-    /* 64 << 182 */
-    { { 0x511053e453544774L,0x834d0ecc3adba2bcL,0x4215d7f7bae371f5L,
-        0xfcfd57bf6c8663bcL },
-      { 0xded2383dd6901b1dL,0x3b49fbb4b5587dc3L,0xfd44a08d07625f62L,
-        0x3ee4d65b9de9b762L } },
-    /* 0 << 189 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 189 */
-    { { 0x64e5137d0d63d1faL,0x658fc05202a9d89fL,0x4889487450436309L,
-        0xe9ae30f8d598da61L },
-      { 0x2ed710d1818baf91L,0xe27e9e068b6a0c20L,0x1e28dcfb1c1a6b44L,
-        0x883acb64d6ac57dcL } },
-    /* 2 << 189 */
-    { { 0x8735728dc2c6ff70L,0x79d6122fc5dc2235L,0x23f5d00319e277f9L,
-        0x7ee84e25dded8cc7L },
-      { 0x91a8afb063cd880aL,0x3f3ea7c63574af60L,0x0cfcdc8402de7f42L,
-        0x62d0792fb31aa152L } },
-    /* 3 << 189 */
-    { { 0x8e1b4e438a5807ceL,0xad283893e4109a7eL,0xc30cc9cbafd59ddaL,
-        0xf65f36c63d8d8093L },
-      { 0xdf31469ea60d32b2L,0xee93df4b3e8191c8L,0x9c1017c5355bdeb5L,
-        0xd26231858616aa28L } },
-    /* 4 << 189 */
-    { { 0xb02c83f9dec31a21L,0x988c8b236ad9d573L,0x53e983aea57be365L,
-        0xe968734d646f834eL },
-      { 0x9137ea8f5da6309bL,0x10f3a624c1f1ce16L,0x782a9ea2ca440921L,
-        0xdf94739e5b46f1b5L } },
-    /* 5 << 189 */
-    { { 0x9f9be006cce85c9bL,0x360e70d6a4c7c2d3L,0x2cd5beeaaefa1e60L,
-        0x64cf63c08c3d2b6dL },
-      { 0xfb107fa3e1cf6f90L,0xb7e937c6d5e044e6L,0x74e8ca78ce34db9fL,
-        0x4f8b36c13e210bd0L } },
-    /* 6 << 189 */
-    { { 0x1df165a434a35ea8L,0x3418e0f74d4412f6L,0x5af1f8af518836c3L,
-        0x42ceef4d130e1965L },
-      { 0x5560ca0b543a1957L,0xc33761e5886cb123L,0x66624b1ffe98ed30L,
-        0xf772f4bf1090997dL } },
-    /* 7 << 189 */
-    { { 0xf4e540bb4885d410L,0x7287f8109ba5f8d7L,0x22d0d865de98dfb1L,
-        0x49ff51a1bcfbb8a3L },
-      { 0xb6b6fa536bc3012eL,0x3d31fd72170d541dL,0x8018724f4b0f4966L,
-        0x79e7399f87dbde07L } },
-    /* 8 << 189 */
-    { { 0x56f8410ef4f8b16aL,0x97241afec47b266aL,0x0a406b8e6d9c87c1L,
-        0x803f3e02cd42ab1bL },
-      { 0x7f0309a804dbec69L,0xa83b85f73bbad05fL,0xc6097273ad8e197fL,
-        0xc097440e5067adc1L } },
-    /* 9 << 189 */
-    { { 0x730eafb63524ff16L,0xd7f9b51e823fc6ceL,0x27bd0d32443e4ac0L,
-        0x40c59ad94d66f217L },
-      { 0x6c33136f17c387a4L,0x5043b8d5eb86804dL,0x74970312675a73c9L,
-        0x838fdb31f16669b6L } },
-    /* 10 << 189 */
-    { { 0xc507b6dd418e7dddL,0x39888d93472f19d6L,0x7eae26be0c27eb4dL,
-        0x17b53ed3fbabb884L },
-      { 0xfc27021b2b01ae4fL,0x88462e87cf488682L,0xbee096ec215e2d87L,
-        0xeb2fea9ad242e29bL } },
-    /* 11 << 189 */
-    { { 0x5d985b5fb821fc28L,0x89d2e197dc1e2ad2L,0x55b566b89030ba62L,
-        0xe3fd41b54f41b1c6L },
-      { 0xb738ac2eb9a96d61L,0x7f8567ca369443f4L,0x8698622df803a440L,
-        0x2b5862368fe2f4dcL } },
-    /* 12 << 189 */
-    { { 0xbbcc00c756b95bceL,0x5ec03906616da680L,0x79162ee672214252L,
-        0x43132b6386a892d2L },
-      { 0x4bdd3ff22f3263bfL,0xd5b3733c9cd0a142L,0x592eaa8244415ccbL,
-        0x663e89248d5474eaL } },
-    /* 13 << 189 */
-    { { 0x8058a25e5236344eL,0x82e8df9dbda76ee6L,0xdcf6efd811cc3d22L,
-        0x00089cda3b4ab529L },
-      { 0x91d3a071bd38a3dbL,0x4ea97fc0ef72b925L,0x0c9fc15bea3edf75L,
-        0x5a6297cda4348ed3L } },
-    /* 14 << 189 */
-    { { 0x0d38ab35ce7c42d4L,0x9fd493ef82feab10L,0x46056b6d82111b45L,
-        0xda11dae173efc5c3L },
-      { 0xdc7402785545a7fbL,0xbdb2601c40d507e6L,0x121dfeeb7066fa58L,
-        0x214369a839ae8c2aL } },
-    /* 15 << 189 */
-    { { 0x195709cb06e0956cL,0x4c9d254f010cd34bL,0xf51e13f70471a532L,
-        0xe19d67911e73054dL },
-      { 0xf702a628db5c7be3L,0xc7141218b24dde05L,0xdc18233cf29b2e2eL,
-        0x3a6bd1e885342dbaL } },
-    /* 16 << 189 */
-    { { 0x3f747fa0b311898cL,0xe2a272e4cd0eac65L,0x4bba5851f914d0bcL,
-        0x7a1a9660c4a43ee3L },
-      { 0xe5a367cea1c8cde9L,0x9d958ba97271abe3L,0xf3ff7eb63d1615cdL,
-        0xa2280dcef5ae20b0L } },
-    /* 17 << 189 */
-    { { 0x56dba5c1cf640147L,0xea5a2e3d5e83d118L,0x04cd6b6dda24c511L,
-        0x1c0f4671e854d214L },
-      { 0x91a6b7a969565381L,0xdc966240decf1f5bL,0x1b22d21cfcf5d009L,
-        0x2a05f6419021dbd5L } },
-    /* 18 << 189 */
-    { { 0x8c0ed566d4312483L,0x5179a95d643e216fL,0xcc185fec17044493L,
-        0xb306333954991a21L },
-      { 0xd801ecdb0081a726L,0x0149b0c64fa89bbbL,0xafe9065a4391b6b9L,
-        0xedc92786d633f3a3L } },
-    /* 19 << 189 */
-    { { 0xe408c24aae6a8e13L,0x85833fde9f3897abL,0x43800e7ed81a0715L,
-        0xde08e346b44ffc5fL },
-      { 0x7094184ccdeff2e0L,0x49f9387b165eaed1L,0x635d6129777c468aL,
-        0x8c0dcfd1538c2dd8L } },
-    /* 20 << 189 */
-    { { 0xd6d9d9e37a6a308bL,0x623758304c2767d3L,0x874a8bc6f38cbeb6L,
-        0xd94d3f1accb6fd9eL },
-      { 0x92a9735bba21f248L,0x272ad0e56cd1efb0L,0x7437b69c05b03284L,
-        0xe7f047026948c225L } },
-    /* 21 << 189 */
-    { { 0x8a56c04acba2ececL,0x0c181270e3a73e41L,0x6cb34e9d03e93725L,
-        0xf77c8713496521a9L },
-      { 0x94569183fa7f9f90L,0xf2e7aa4c8c9707adL,0xced2c9ba26c1c9a3L,
-        0x9109fe9640197507L } },
-    /* 22 << 189 */
-    { { 0x9ae868a9e9adfe1cL,0x3984403d314e39bbL,0xb5875720f2fe378fL,
-        0x33f901e0ba44a628L },
-      { 0xea1125fe3652438cL,0xae9ec4e69dd1f20bL,0x1e740d9ebebf7fbdL,
-        0x6dbd3ddc42dbe79cL } },
-    /* 23 << 189 */
-    { { 0x62082aecedd36776L,0xf612c478e9859039L,0xa493b201032f7065L,
-        0xebd4d8f24ff9b211L },
-      { 0x3f23a0aaaac4cb32L,0xea3aadb715ed4005L,0xacf17ea4afa27e63L,
-        0x56125c1ac11fd66cL } },
-    /* 24 << 189 */
-    { { 0x266344a43794f8dcL,0xdcca923a483c5c36L,0x2d6b6bbf3f9d10a0L,
-        0xb320c5ca81d9bdf3L },
-      { 0x620e28ff47b50a95L,0x933e3b01cef03371L,0xf081bf8599100153L,
-        0x183be9a0c3a8c8d6L } },
-    /* 25 << 189 */
-    { { 0x4e3ddc5ad6bbe24dL,0xc6c7463053843795L,0x78193dd765ec2d4cL,
-        0xb8df26cccd3c89b2L },
-      { 0x98dbe3995a483f8dL,0x72d8a9577dd3313aL,0x65087294ab0bd375L,
-        0xfcd892487c259d16L } },
-    /* 26 << 189 */
-    { { 0x8a9443d77613aa81L,0x8010080085fe6584L,0x70fc4dbc7fb10288L,
-        0xf58280d3e86beee8L },
-      { 0x14fdd82f7c978c38L,0xdf1204c10de44d7bL,0xa08a1c844160252fL,
-        0x591554cac17646a5L } },
-    /* 27 << 189 */
-    { { 0x214a37d6a05bd525L,0x48d5f09b07957b3cL,0x0247cdcbd7109bc9L,
-        0x40f9e4bb30599ce7L },
-      { 0xc325fa03f46ad2ecL,0x00f766cfc3e3f9eeL,0xab556668d43a4577L,
-        0x68d30a613ee03b93L } },
-    /* 28 << 189 */
-    { { 0x7ddc81ea77b46a08L,0xcf5a6477c7480699L,0x43a8cb346633f683L,
-        0x1b867e6b92363c60L },
-      { 0x439211141f60558eL,0xcdbcdd632f41450eL,0x7fc04601cc630e8bL,
-        0xea7c66d597038b43L } },
-    /* 29 << 189 */
-    { { 0x7259b8a504e99fd8L,0x98a8dd124785549aL,0x0e459a7c840552e1L,
-        0xcdfcf4d04bb0909eL },
-      { 0x34a86db253758da7L,0xe643bb83eac997e1L,0x96400bd7530c5b7eL,
-        0x9f97af87b41c8b52L } },
-    /* 30 << 189 */
-    { { 0x34fc8820fbeee3f9L,0x93e5349049091afdL,0x764b9be59a31f35cL,
-        0x71f3786457e3d924L },
-      { 0x02fb34e0943aa75eL,0xa18c9c58ab8ff6e4L,0x080f31b133cf0d19L,
-        0x5c9682db083518a7L } },
-    /* 31 << 189 */
-    { { 0x873d4ca6b709c3deL,0x64a842623575b8f0L,0x6275da1f020154bbL,
-        0x97678caad17cf1abL },
-      { 0x8779795f951a95c3L,0xdd35b16350fccc08L,0x3270962733d8f031L,
-        0x3c5ab10a498dd85cL } },
-    /* 32 << 189 */
-    { { 0xb6c185c341dca566L,0x7de7fedad8622aa3L,0x99e84d92901b6dfbL,
-        0x30a02b0e7c4ad288L },
-      { 0xc7c81daa2fd3cf36L,0xd1319547df89e59fL,0xb2be8184cd496733L,
-        0xd5f449eb93d3412bL } },
-    /* 33 << 189 */
-    { { 0x7ea41b1b25fe531dL,0xf97974326a1d5646L,0x86067f722bde501aL,
-        0xf91481c00c85e89cL },
-      { 0xca8ee465f8b05bc6L,0x1844e1cf02e83cdaL,0xca82114ab4dbe33bL,
-        0x0f9f87694eabfde2L } },
-    /* 34 << 189 */
-    { { 0x4936b1c038b27fe2L,0x63b6359baba402dfL,0x40c0ea2f656bdbabL,
-        0x9c992a896580c39cL },
-      { 0x600e8f152a60aed1L,0xeb089ca4e0bf49dfL,0x9c233d7d2d42d99aL,
-        0x648d3f954c6bc2faL } },
-    /* 35 << 189 */
-    { { 0xdcc383a8e1add3f3L,0xf42c0c6a4f64a348L,0x2abd176f0030dbdbL,
-        0x4de501a37d6c215eL },
-      { 0x4a107c1f4b9a64bcL,0xa77f0ad32496cd59L,0xfb78ac627688dffbL,
-        0x7025a2ca67937d8eL } },
-    /* 36 << 189 */
-    { { 0xfde8b2d1d1a8f4e7L,0xf5b3da477354927cL,0xe48606a3d9205735L,
-        0xac477cc6e177b917L },
-      { 0xfb1f73d2a883239aL,0xe12572f6cc8b8357L,0x9d355e9cfb1f4f86L,
-        0x89b795f8d9f3ec6eL } },
-    /* 37 << 189 */
-    { { 0x27be56f1b54398dcL,0x1890efd73fedeed5L,0x62f77f1f9c6d0140L,
-        0x7ef0e314596f0ee4L },
-      { 0x50ca6631cc61dab3L,0x4a39801df4866e4fL,0x66c8d032ae363b39L,
-        0x22c591e52ead66aaL } },
-    /* 38 << 189 */
-    { { 0x954ba308de02a53eL,0x2a6c060fd389f357L,0xe6cfcde8fbf40b66L,
-        0x8e02fc56c6340ce1L },
-      { 0xe495779573adb4baL,0x7b86122ca7b03805L,0x63f835120c8e6fa6L,
-        0x83660ea0057d7804L } },
-    /* 39 << 189 */
-    { { 0xbad7910521ba473cL,0xb6c50beeded5389dL,0xee2caf4daa7c9bc0L,
-        0xd97b8de48c4e98a7L },
-      { 0xa9f63e70ab3bbddbL,0x3898aabf2597815aL,0x7659af89ac15b3d9L,
-        0xedf7725b703ce784L } },
-    /* 40 << 189 */
-    { { 0x25470fabe085116bL,0x04a4337587285310L,0x4e39187ee2bfd52fL,
-        0x36166b447d9ebc74L },
-      { 0x92ad433cfd4b322cL,0x726aa817ba79ab51L,0xf96eacd8c1db15ebL,
-        0xfaf71e910476be63L } },
-    /* 41 << 189 */
-    { { 0xdd69a640641fad98L,0xb799591829622559L,0x03c6daa5de4199dcL,
-        0x92cadc97ad545eb4L },
-      { 0x1028238b256534e4L,0x73e80ce68595409aL,0x690d4c66d05dc59bL,
-        0xc95f7b8f981dee80L } },
-    /* 42 << 189 */
-    { { 0xf4337014d856ac25L,0x441bd9ddac524dcaL,0x640b3d855f0499f5L,
-        0x39cf84a9d5fda182L },
-      { 0x04e7b055b2aa95a0L,0x29e33f0a0ddf1860L,0x082e74b5423f6b43L,
-        0x217edeb90aaa2b0fL } },
-    /* 43 << 189 */
-    { { 0x58b83f3583cbea55L,0xc485ee4dbc185d70L,0x833ff03b1e5f6992L,
-        0xb5b9b9cccf0c0dd5L },
-      { 0x7caaee8e4e9e8a50L,0x462e907b6269dafdL,0x6ed5cee9fbe791c6L,
-        0x68ca3259ed430790L } },
-    /* 44 << 189 */
-    { { 0x2b72bdf213b5ba88L,0x60294c8a35ef0ac4L,0x9c3230ed19b99b08L,
-        0x560fff176c2589aaL },
-      { 0x552b8487d6770374L,0xa373202d9a56f685L,0xd3e7f90745f175d9L,
-        0x3c2f315fd080d810L } },
-    /* 45 << 189 */
-    { { 0x1130e9dd7b9520e8L,0xc078f9e20af037b5L,0x38cd2ec71e9c104cL,
-        0x0f684368c472fe92L },
-      { 0xd3f1b5ed6247e7efL,0xb32d33a9396dfe21L,0x46f59cf44a9aa2c2L,
-        0x69cd5168ff0f7e41L } },
-    /* 46 << 189 */
-    { { 0x3f59da0f4b3234daL,0xcf0b0235b4579ebeL,0x6d1cbb256d2476c7L,
-        0x4f0837e69dc30f08L },
-      { 0x9a4075bb906f6e98L,0x253bb434c761e7d1L,0xde2e645f6e73af10L,
-        0xb89a40600c5f131cL } },
-    /* 47 << 189 */
-    { { 0xd12840c5b8cc037fL,0x3d093a5b7405bb47L,0x6202c253206348b8L,
-        0xbf5d57fcc55a3ca7L },
-      { 0x89f6c90c8c3bef48L,0x23ac76235a0a960aL,0xdfbd3d6b552b42abL,
-        0x3ef22458132061f6L } },
-    /* 48 << 189 */
-    { { 0xd74e9bdac97e6516L,0x88779360c230f49eL,0xa6ec1de31e74ea49L,
-        0x581dcee53fb645a2L },
-      { 0xbaef23918f483f14L,0x6d2dddfcd137d13bL,0x54cde50ed2743a42L,
-        0x89a34fc5e4d97e67L } },
-    /* 49 << 189 */
-    { { 0x13f1f5b312e08ce5L,0xa80540b8a7f0b2caL,0x854bcf7701982805L,
-        0xb8653ffd233bea04L },
-      { 0x8e7b878702b0b4c9L,0x2675261f9acb170aL,0x061a9d90930c14e5L,
-        0xb59b30e0def0abeaL } },
-    /* 50 << 189 */
-    { { 0x1dc19ea60200ec7dL,0xb6f4a3f90bce132bL,0xb8d5de90f13e27e0L,
-        0xbaee5ef01fade16fL },
-      { 0x6f406aaae4c6cf38L,0xab4cfe06d1369815L,0x0dcffe87efd550c6L,
-        0x9d4f59c775ff7d39L } },
-    /* 51 << 189 */
-    { { 0xb02553b151deb6adL,0x812399a4b1877749L,0xce90f71fca6006e1L,
-        0xc32363a6b02b6e77L },
-      { 0x02284fbedc36c64dL,0x86c81e31a7e1ae61L,0x2576c7e5b909d94aL,
-        0x8b6f7d02818b2bb0L } },
-    /* 52 << 189 */
-    { { 0xeca3ed0756faa38aL,0xa3790e6c9305bb54L,0xd784eeda7bc73061L,
-        0xbd56d3696dd50614L },
-      { 0xd6575949229a8aa9L,0xdcca8f474595ec28L,0x814305c106ab4fe6L,
-        0xc8c3976824f43f16L } },
-    /* 53 << 189 */
-    { { 0xe2a45f36523f2b36L,0x995c6493920d93bbL,0xf8afdab790f1632bL,
-        0x79ebbecd1c295954L },
-      { 0xc7bb3ddb79592f48L,0x67216a7b5f88e998L,0xd91f098bbc01193eL,
-        0xf7d928a5b1db83fcL } },
-    /* 54 << 189 */
-    { { 0x55e38417e991f600L,0x2a91113e2981a934L,0xcbc9d64806b13bdeL,
-        0xb011b6ac0755ff44L },
-      { 0x6f4cb518045ec613L,0x522d2d31c2f5930aL,0x5acae1af382e65deL,
-        0x5764306727bc966fL } },
-    /* 55 << 189 */
-    { { 0x5e12705d1c7193f0L,0xf0f32f473be8858eL,0x785c3d7d96c6dfc7L,
-        0xd75b4a20bf31795dL },
-      { 0x91acf17b342659d4L,0xe596ea3444f0378fL,0x4515708fce52129dL,
-        0x17387e1e79f2f585L } },
-    /* 56 << 189 */
-    { { 0x72cfd2e949dee168L,0x1ae052233e2af239L,0x009e75be1d94066aL,
-        0x6cca31c738abf413L },
-      { 0xb50bd61d9bc49908L,0x4a9b4a8cf5e2bc1eL,0xeb6cc5f7946f83acL,
-        0x27da93fcebffab28L } },
-    /* 57 << 189 */
-    { { 0xea314c964821c8c5L,0x8de49deda83c15f4L,0x7a64cf207af33004L,
-        0x45f1bfebc9627e10L },
-      { 0x878b062654b9df60L,0x5e4fdc3ca95c0b33L,0xe54a37cac2035d8eL,
-        0x9087cda980f20b8cL } },
-    /* 58 << 189 */
-    { { 0x36f61c238319ade4L,0x766f287ade8cfdf8L,0x48821948346f3705L,
-        0x49a7b85316e4f4a2L },
-      { 0xb9b3f8a75cedadfdL,0x8f5628158db2a815L,0xc0b7d55401f68f95L,
-        0x12971e27688a208eL } },
-    /* 59 << 189 */
-    { { 0xc9f8b696d0ff34fcL,0x20824de21222718cL,0x7213cf9f0c95284dL,
-        0xe2ad741bdc158240L },
-      { 0x0ee3a6df54043ccfL,0x16ff479bd84412b3L,0xf6c74ee0dfc98af0L,
-        0xa78a169f52fcd2fbL } },
-    /* 60 << 189 */
-    { { 0xd8ae874699c930e9L,0x1d33e85849e117a5L,0x7581fcb46624759fL,
-        0xde50644f5bedc01dL },
-      { 0xbeec5d00caf3155eL,0x672d66acbc73e75fL,0x86b9d8c6270b01dbL,
-        0xd249ef8350f55b79L } },
-    /* 61 << 189 */
-    { { 0x6131d6d473978fe3L,0xcc4e4542754b00a1L,0x4e05df0557dfcfe9L,
-        0x94b29cdd51ef6bf0L },
-      { 0xe4530cff9bc7edf2L,0x8ac236fdd3da65f3L,0x0faf7d5fc8eb0b48L,
-        0x4d2de14c660eb039L } },
-    /* 62 << 189 */
-    { { 0xc006bba760430e54L,0x10a2d0d6da3289abL,0x9c037a5dd7979c59L,
-        0x04d1f3d3a116d944L },
-      { 0x9ff224738a0983cdL,0x28e25b38c883cabbL,0xe968dba547a58995L,
-        0x2c80b505774eebdfL } },
-    /* 63 << 189 */
-    { { 0xee763b714a953bebL,0x502e223f1642e7f6L,0x6fe4b64161d5e722L,
-        0x9d37c5b0dbef5316L },
-      { 0x0115ed70f8330bc7L,0x139850e675a72789L,0x27d7faecffceccc2L,
-        0x3016a8604fd9f7f6L } },
-    /* 64 << 189 */
-    { { 0xc492ec644cd8f64cL,0x58a2d790279d7b51L,0x0ced1fc51fc75256L,
-        0x3e658aed8f433017L },
-      { 0x0b61942e05da59ebL,0xba3d60a30ddc3722L,0x7c311cd1742e7f87L,
-        0x6473ffeef6b01b6eL } },
-    /* 0 << 196 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 196 */
-    { { 0x8303604f692ac542L,0xf079ffe1227b91d3L,0x19f63e6315aaf9bdL,
-        0xf99ee565f1f344fbL },
-      { 0x8a1d661fd6219199L,0x8c883bc6d48ce41cL,0x1065118f3c74d904L,
-        0x713889ee0faf8b1bL } },
-    /* 2 << 196 */
-    { { 0x972b3f8f81a1b3beL,0x4f3ce145ce2764a0L,0xe2d0f1cc28c4f5f7L,
-        0xdeee0c0dc7f3985bL },
-      { 0x7df4adc0d39e25c3L,0x40619820c467a080L,0x440ebc9361cf5a58L,
-        0x527729a6422ad600L } },
-    /* 3 << 196 */
-    { { 0xca6c0937b1b76ba6L,0x1a2eab854d2026dcL,0xb1715e1519d9ae0aL,
-        0xf1ad9199bac4a026L },
-      { 0x35b3dfb807ea7b0eL,0xedf5496f3ed9eb89L,0x8932e5ff2d6d08abL,
-        0xf314874e25bd2731L } },
-    /* 4 << 196 */
-    { { 0xefb26a753f73f449L,0x1d1c94f88d44fc79L,0x49f0fbc53bc0dc4dL,
-        0xb747ea0b3698a0d0L },
-      { 0x5218c3fe228d291eL,0x35b804b543c129d6L,0xfac859b8d1acc516L,
-        0x6c10697d95d6e668L } },
-    /* 5 << 196 */
-    { { 0xc38e438f0876fd4eL,0x45f0c30783d2f383L,0x203cc2ecb10934cbL,
-        0x6a8f24392c9d46eeL },
-      { 0xf16b431b65ccde7bL,0x41e2cd1827e76a6fL,0xb9c8cf8f4e3484d7L,
-        0x64426efd8315244aL } },
-    /* 6 << 196 */
-    { { 0x1c0a8e44fc94dea3L,0x34c8cdbfdad6a0b0L,0x919c384004113cefL,
-        0xfd32fba415490ffaL },
-      { 0x58d190f6795dcfb7L,0xfef01b0383588bafL,0x9e6d1d63ca1fc1c0L,
-        0x53173f96f0a41ac9L } },
-    /* 7 << 196 */
-    { { 0x2b1d402aba16f73bL,0x2fb310148cf9b9fcL,0x2d51e60e446ef7bfL,
-        0xc731021bb91e1745L },
-      { 0x9d3b47244fee99d4L,0x4bca48b6fac5c1eaL,0x70f5f514bbea9af7L,
-        0x751f55a5974c283aL } },
-    /* 8 << 196 */
-    { { 0x6e30251acb452fdbL,0x31ee696550f30650L,0xb0b3e508933548d9L,
-        0xb8949a4ff4b0ef5bL },
-      { 0x208b83263c88f3bdL,0xab147c30db1d9989L,0xed6515fd44d4df03L,
-        0x17a12f75e72eb0c5L } },
-    /* 9 << 196 */
-    { { 0x3b59796d36cf69dbL,0x1219eee956670c18L,0xfe3341f77a070d8eL,
-        0x9b70130ba327f90cL },
-      { 0x36a324620ae18e0eL,0x2021a62346c0a638L,0x251b5817c62eb0d4L,
-        0x87bfbcdf4c762293L } },
-    /* 10 << 196 */
-    { { 0xf78ab505cdd61d64L,0x8c7a53fcc8c18857L,0xa653ce6f16147515L,
-        0x9c923aa5ea7d52d5L },
-      { 0xc24709cb5c18871fL,0x7d53bec873b3cc74L,0x59264afffdd1d4c4L,
-        0x5555917e240da582L } },
-    /* 11 << 196 */
-    { { 0xcae8bbda548f5a0eL,0x1910eaba3bbfbbe1L,0xae5796857677afc3L,
-        0x49ea61f173ff0b5cL },
-      { 0x786554784f7c3922L,0x95d337cd20c68eefL,0x68f1e1e5df779ab9L,
-        0x14b491b0b5cf69a8L } },
-    /* 12 << 196 */
-    { { 0x7a6cbbe028e3fe89L,0xe7e1fee4c5aac0ebL,0x7f47eda5697e5140L,
-        0x4f450137b454921fL },
-      { 0xdb625f8495cd8185L,0x74be0ba1cdb2e583L,0xaee4fd7cdd5e6de4L,
-        0x4251437de8101739L } },
-    /* 13 << 196 */
-    { { 0x686d72a0ac620366L,0x4be3fb9cb6d59344L,0x6e8b44e7a1eb75b9L,
-        0x84e39da391a5c10cL },
-      { 0x37cc1490b38f0409L,0x029519432c2ade82L,0x9b6887831190a2d8L,
-        0x25627d14231182baL } },
-    /* 14 << 196 */
-    { { 0x6eb550aa658a6d87L,0x1405aaa7cf9c7325L,0xd147142e5c8748c9L,
-        0x7f637e4f53ede0e0L },
-      { 0xf8ca277614ffad2cL,0xe58fb1bdbafb6791L,0x17158c23bf8f93fcL,
-        0x7f15b3730a4a4655L } },
-    /* 15 << 196 */
-    { { 0x39d4add2d842ca72L,0xa71e43913ed96305L,0x5bb09cbe6700be14L,
-        0x68d69d54d8befcf6L },
-      { 0xa45f536737183bcfL,0x7152b7bb3370dff7L,0xcf887baabf12525bL,
-        0xe7ac7bddd6d1e3cdL } },
-    /* 16 << 196 */
-    { { 0x25914f7881fdad90L,0xcf638f560d2cf6abL,0xb90bc03fcc054de5L,
-        0x932811a718b06350L },
-      { 0x2f00b3309bbd11ffL,0x76108a6fb4044974L,0x801bb9e0a851d266L,
-        0x0dd099bebf8990c1L } },
-    /* 17 << 196 */
-    { { 0x58c5aaaaabe32986L,0x0fe9dd2a50d59c27L,0x84951ff48d307305L,
-        0x6c23f82986529b78L },
-      { 0x50bb22180b136a79L,0x7e2174de77a20996L,0x6f00a4b9c0bb4da6L,
-        0x89a25a17efdde8daL } },
-    /* 18 << 196 */
-    { { 0xf728a27ec11ee01dL,0xf900553ae5f10dfbL,0x189a83c802ec893cL,
-        0x3ca5bdc123f66d77L },
-      { 0x9878153797eada9fL,0x59c50ab310256230L,0x346042d9323c69b3L,
-        0x1b715a6d2c460449L } },
-    /* 19 << 196 */
-    { { 0xa41dd4766ae06e0bL,0xcdd7888e9d42e25fL,0x0f395f7456b25a20L,
-        0xeadfe0ae8700e27eL },
-      { 0xb09d52a969950093L,0x3525d9cb327f8d40L,0xb8235a9467df886aL,
-        0x77e4b0dd035faec2L } },
-    /* 20 << 196 */
-    { { 0x115eb20a517d7061L,0x77fe34336c2df683L,0x6870ddc7cdc6fc67L,
-        0xb16105880b87de83L },
-      { 0x343584cad9c4ddbeL,0xb3164f1c3d754be2L,0x0731ed3ac1e6c894L,
-        0x26327dec4f6b904cL } },
-    /* 21 << 196 */
-    { { 0x9d49c6de97b5cd32L,0x40835daeb5eceecdL,0xc66350edd9ded7feL,
-        0x8aeebb5c7a678804L },
-      { 0x51d42fb75b8ee9ecL,0xd7a17bdd8e3ca118L,0x40d7511a2ef4400eL,
-        0xc48990ac875a66f4L } },
-    /* 22 << 196 */
-    { { 0x8de07d2a2199e347L,0xbee755562a39e051L,0x56918786916e51dcL,
-        0xeb1913134a2d89ecL },
-      { 0x6679610d37d341edL,0x434fbb4156d51c2bL,0xe54b7ee7d7492dbaL,
-        0xaa33a79a59021493L } },
-    /* 23 << 196 */
-    { { 0x49fc5054e4bd6d3dL,0x09540f045ab551d0L,0x8acc90854942d3a6L,
-        0x231af02f2d28323bL },
-      { 0x93458cac0992c163L,0x1fef8e71888e3bb4L,0x27578da5be8c268cL,
-        0xcc8be792e805ec00L } },
-    /* 24 << 196 */
-    { { 0x29267baec61c3855L,0xebff429d58c1fd3bL,0x22d886c08c0b93b8L,
-        0xca5e00b22ddb8953L },
-      { 0xcf330117c3fed8b7L,0xd49ac6fa819c01f6L,0x6ddaa6bd3c0fbd54L,
-        0x917430688049a2cfL } },
-    /* 25 << 196 */
-    { { 0xd67f981eaff2ef81L,0xc3654d352818ae80L,0x81d050441b2aa892L,
-        0x2db067bf3d099328L },
-      { 0xe7c79e86703dcc97L,0xe66f9b37e133e215L,0xcdf119a6e39a7a5cL,
-        0x47c60de3876f1b61L } },
-    /* 26 << 196 */
-    { { 0x6e405939d860f1b2L,0x3e9a1dbcf5ed4d4aL,0x3f23619ec9b6bcbdL,
-        0x5ee790cf734e4497L },
-      { 0xf0a834b15bdaf9bbL,0x02cedda74ca295f0L,0x4619aa2bcb8e378cL,
-        0xe5613244cc987ea4L } },
-    /* 27 << 196 */
-    { { 0x0bc022cc76b23a50L,0x4a2793ad0a6c21ceL,0x3832878089cac3f5L,
-        0x29176f1bcba26d56L },
-      { 0x062961874f6f59ebL,0x86e9bca98bdc658eL,0x2ca9c4d357e30402L,
-        0x5438b216516a09bbL } },
-    /* 28 << 196 */
-    { { 0x0a6a063c7672765aL,0x37a3ce640547b9bfL,0x42c099c898b1a633L,
-        0xb5ab800d05ee6961L },
-      { 0xf1963f5911a5acd6L,0xbaee615746201063L,0x36d9a649a596210aL,
-        0xaed043631ba7138cL } },
-    /* 29 << 196 */
-    { { 0xcf817d1ca4a82b76L,0x5586960ef3806be9L,0x7ab67c8909dc6bb5L,
-        0x52ace7a0114fe7ebL },
-      { 0xcd987618cbbc9b70L,0x4f06fd5a604ca5e1L,0x90af14ca6dbde133L,
-        0x1afe4322948a3264L } },
-    /* 30 << 196 */
-    { { 0xa70d2ca6c44b2c6cL,0xab7267990ef87dfeL,0x310f64dc2e696377L,
-        0x49b42e684c8126a0L },
-      { 0x0ea444c3cea0b176L,0x53a8ddf7cb269182L,0xf3e674ebbbba9dcbL,
-        0x0d2878a8d8669d33L } },
-    /* 31 << 196 */
-    { { 0x04b935d5d019b6a3L,0xbb5cf88e406f1e46L,0xa1912d165b57c111L,
-        0x9803fc2119ebfd78L },
-      { 0x4f231c9ec07764a9L,0xd93286eeb75bd055L,0x83a9457d8ee6c9deL,
-        0x046959156087ec90L } },
-    /* 32 << 196 */
-    { { 0x14c6dd8a58d6cd46L,0x9cb633b58e6634d2L,0xc1305047f81bc328L,
-        0x12ede0e226a177e5L },
-      { 0x332cca62065a6f4fL,0xc3a47ecd67be487bL,0x741eb1870f47ed1cL,
-        0x99e66e58e7598b14L } },
-    /* 33 << 196 */
-    { { 0x6f0544ca63d0ff12L,0xe5efc784b610a05fL,0xf72917b17cad7b47L,
-        0x3ff6ea20f2cac0c0L },
-      { 0xcc23791bf21db8b7L,0x7dac70b1d7d93565L,0x682cda1d694bdaadL,
-        0xeb88bb8c1023516dL } },
-    /* 34 << 196 */
-    { { 0xc4c634b4dfdbeb1bL,0x22f5ca72b4ee4deaL,0x1045a368e6524821L,
-        0xed9e8a3f052b18b2L },
-      { 0x9b7f2cb1b961f49aL,0x7fee2ec17b009670L,0x350d875422507a6dL,
-        0x561bd7114db55f1dL } },
-    /* 35 << 196 */
-    { { 0x4c189ccc320bbcafL,0x568434cfdf1de48cL,0x6af1b00e0fa8f128L,
-        0xf0ba9d028907583cL },
-      { 0x735a400432ff9f60L,0x3dd8e4b6c25dcf33L,0xf2230f1642c74cefL,
-        0xd8117623013fa8adL } },
-    /* 36 << 196 */
-    { { 0x36822876f51fe76eL,0x8a6811cc11d62589L,0xc3fc7e6546225718L,
-        0xb7df2c9fc82fdbcdL },
-      { 0x3b1d4e52dd7b205bL,0xb695947847a2e414L,0x05e4d793efa91148L,
-        0xb47ed446fd2e9675L } },
-    /* 37 << 196 */
-    { { 0x1a7098b904c9d9bfL,0x661e28811b793048L,0xb1a16966b01ee461L,
-        0xbc5213082954746fL },
-      { 0xc909a0fc2477de50L,0xd80bb41c7dbd51efL,0xa85be7ec53294905L,
-        0x6d465b1883958f97L } },
-    /* 38 << 196 */
-    { { 0x16f6f330fb6840fdL,0xfaaeb2143401e6c8L,0xaf83d30fccb5b4f8L,
-        0x22885739266dec4bL },
-      { 0x51b4367c7bc467dfL,0x926562e3d842d27aL,0xdfcb66140fea14a6L,
-        0xeb394daef2734cd9L } },
-    /* 39 << 196 */
-    { { 0x3eeae5d211c0be98L,0xb1e6ed11814e8165L,0x191086bce52bce1cL,
-        0x14b74cc6a75a04daL },
-      { 0x63cf11868c060985L,0x071047de2dbd7f7cL,0x4e433b8bce0942caL,
-        0xecbac447d8fec61dL } },
-    /* 40 << 196 */
-    { { 0x8f0ed0e2ebf3232fL,0xfff80f9ec52a2eddL,0xad9ab43375b55fdbL,
-        0x73ca7820e42e0c11L },
-      { 0x6dace0a0e6251b46L,0x89bc6b5c4c0d932dL,0x3438cd77095da19aL,
-        0x2f24a9398d48bdfbL } },
-    /* 41 << 196 */
-    { { 0x99b47e46766561b7L,0x736600e60ed0322aL,0x06a47cb1638e1865L,
-        0x927c1c2dcb136000L },
-      { 0x295423370cc5df69L,0x99b37c0209d649a9L,0xc5f0043c6aefdb27L,
-        0x6cdd99871be95c27L } },
-    /* 42 << 196 */
-    { { 0x69850931390420d2L,0x299c40ac0983efa4L,0x3a05e778af39aeadL,
-        0x8427440843a45193L },
-      { 0x6bcd0fb991a711a0L,0x461592c89f52ab17L,0xb49302b4da3c6ed6L,
-        0xc51fddc7330d7067L } },
-    /* 43 << 196 */
-    { { 0x94babeb6da50d531L,0x521b840da6a7b9daL,0x5305151e404bdc89L,
-        0x1bcde201d0d07449L },
-      { 0xf427a78b3b76a59aL,0xf84841ce07791a1bL,0xebd314bebf91ed1cL,
-        0x8e61d34cbf172943L } },
-    /* 44 << 196 */
-    { { 0x1d5dc4515541b892L,0xb186ee41fc9d9e54L,0x9d9f345ed5bf610dL,
-        0x3e7ba65df6acca9fL },
-      { 0x9dda787aa8369486L,0x09f9dab78eb5ba53L,0x5afb2033d6481bc3L,
-        0x76f4ce30afa62104L } },
-    /* 45 << 196 */
-    { { 0xa8fa00cff4f066b5L,0x89ab5143461dafc2L,0x44339ed7a3389998L,
-        0x2ff862f1bc214903L },
-      { 0x2c88f985b05556e3L,0xcd96058e3467081eL,0x7d6a4176edc637eaL,
-        0xe1743d0936a5acdcL } },
-    /* 46 << 196 */
-    { { 0x66fd72e27eb37726L,0xf7fa264e1481a037L,0x9fbd3bde45f4aa79L,
-        0xed1e0147767c3e22L },
-      { 0x7621f97982e7abe2L,0x19eedc7245f633f8L,0xe69b155e6137bf3aL,
-        0xa0ad13ce414ee94eL } },
-    /* 47 << 196 */
-    { { 0x93e3d5241c0e651aL,0xab1a6e2a02ce227eL,0xe7af17974ab27ecaL,
-        0x245446debd444f39L },
-      { 0x59e22a2156c07613L,0x43deafcef4275498L,0x10834ccb67fd0946L,
-        0xa75841e547406edfL } },
-    /* 48 << 196 */
-    { { 0xebd6a6777b0ac93dL,0xa6e37b0d78f5e0d7L,0x2516c09676f5492bL,
-        0x1e4bf8889ac05f3aL },
-      { 0xcdb42ce04df0ba2bL,0x935d5cfd5062341bL,0x8a30333382acac20L,
-        0x429438c45198b00eL } },
-    /* 49 << 196 */
-    { { 0x1d083bc9049d33faL,0x58b82dda946f67ffL,0xac3e2db867a1d6a3L,
-        0x62e6bead1798aac8L },
-      { 0xfc85980fde46c58cL,0xa7f6937969c8d7beL,0x23557927837b35ecL,
-        0x06a933d8e0790c0cL } },
-    /* 50 << 196 */
-    { { 0x827c0e9b077ff55dL,0x53977798bb26e680L,0x595308741d9cb54fL,
-        0xcca3f4494aac53efL },
-      { 0x11dc5c87a07eda0fL,0xc138bccffd6400c8L,0x549680d313e5da72L,
-        0xc93eed824540617eL } },
-    /* 51 << 196 */
-    { { 0xfd3db1574d0b75c0L,0x9716eb426386075bL,0x0639605c817b2c16L,
-        0x09915109f1e4f201L },
-      { 0x35c9a9285cca6c3bL,0xb25f7d1a3505c900L,0xeb9f7d20630480c4L,
-        0xc3c7b8c62a1a501cL } },
-    /* 52 << 196 */
-    { { 0x3f99183c5a1f8e24L,0xfdb118fa9dd255f0L,0xb9b18b90c27f62a6L,
-        0xe8f732f7396ec191L },
-      { 0x524a2d910be786abL,0x5d32adef0ac5a0f5L,0x9b53d4d69725f694L,
-        0x032a76c60510ba89L } },
-    /* 53 << 196 */
-    { { 0x840391a3ebeb1544L,0x44b7b88c3ed73ac3L,0xd24bae7a256cb8b3L,
-        0x7ceb151ae394cb12L },
-      { 0xbd6b66d05bc1e6a8L,0xec70cecb090f07bfL,0x270644ed7d937589L,
-        0xee9e1a3d5f1dccfeL } },
-    /* 54 << 196 */
-    { { 0xb0d40a84745b98d2L,0xda429a212556ed40L,0xf676eced85148cb9L,
-        0x5a22d40cded18936L },
-      { 0x3bc4b9e570e8a4ceL,0xbfd1445b9eae0379L,0xf23f2c0c1a0bd47eL,
-        0xa9c0bb31e1845531L } },
-    /* 55 << 196 */
-    { { 0x9ddc4d600a4c3f6bL,0xbdfaad792c15ef44L,0xce55a2367f484accL,
-        0x08653ca7055b1f15L },
-      { 0x2efa8724538873a3L,0x09299e5dace1c7e7L,0x07afab66ade332baL,
-        0x9be1fdf692dd71b7L } },
-    /* 56 << 196 */
-    { { 0xa49b5d595758b11cL,0x0b852893c8654f40L,0xb63ef6f452379447L,
-        0xd4957d29105e690cL },
-      { 0x7d484363646559b0L,0xf4a8273c49788a8eL,0xee406cb834ce54a9L,
-        0x1e1c260ff86fda9bL } },
-    /* 57 << 196 */
-    { { 0xe150e228cf6a4a81L,0x1fa3b6a31b488772L,0x1e6ff110c5a9c15bL,
-        0xc6133b918ad6aa47L },
-      { 0x8ac5d55c9dffa978L,0xba1d1c1d5f3965f2L,0xf969f4e07732b52fL,
-        0xfceecdb5a5172a07L } },
-    /* 58 << 196 */
-    { { 0xb0120a5f10f2b8f5L,0xc83a6cdf5c4c2f63L,0x4d47a491f8f9c213L,
-        0xd9e1cce5d3f1bbd5L },
-      { 0x0d91bc7caba7e372L,0xfcdc74c8dfd1a2dbL,0x05efa800374618e5L,
-        0x1121696915a7925eL } },
-    /* 59 << 196 */
-    { { 0xd4c89823f6021c5dL,0x880d5e84eff14423L,0x6523bc5a6dcd1396L,
-        0xd1acfdfc113c978bL },
-      { 0xb0c164e8bbb66840L,0xf7f4301e72b58459L,0xc29ad4a6a638e8ecL,
-        0xf5ab896146b78699L } },
-    /* 60 << 196 */
-    { { 0x9dbd79740e954750L,0x0121de8864f9d2c6L,0x2e597b42d985232eL,
-        0x55b6c3c553451777L },
-      { 0xbb53e547519cb9fbL,0xf134019f8428600dL,0x5a473176e081791aL,
-        0x2f3e226335fb0c08L } },
-    /* 61 << 196 */
-    { { 0xb28c301773d273b0L,0xccd210767721ef9aL,0x054cc292b650dc39L,
-        0x662246de6188045eL },
-      { 0x904b52fa6b83c0d1L,0xa72df26797e9cd46L,0x886b43cd899725e4L,
-        0x2b651688d849ff22L } },
-    /* 62 << 196 */
-    { { 0x60479b7902f34533L,0x5e354c140c77c148L,0xb4bb7581a8537c78L,
-        0x188043d7efe1495fL },
-      { 0x9ba12f428c1d5026L,0x2e0c8a2693d4aaabL,0xbdba7b8baa57c450L,
-        0x140c9ad69bbdafefL } },
-    /* 63 << 196 */
-    { { 0x2067aa4225ac0f18L,0xf7b1295b04d1fbf3L,0x14829111a4b04824L,
-        0x2ce3f19233bd5e91L },
-      { 0x9c7a1d558f2e1b72L,0xfe932286302aa243L,0x497ca7b4d4be9554L,
-        0xb8e821b8e0547a6eL } },
-    /* 64 << 196 */
-    { { 0xfb2838be67e573e0L,0x05891db94084c44bL,0x9131137396c1c2c5L,
-        0x6aebfa3fd958444bL },
-      { 0xac9cdce9e56e55c1L,0x7148ced32caa46d0L,0x2e10c7efb61fe8ebL,
-        0x9fd835daff97cf4dL } },
-    /* 0 << 203 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 203 */
-    { { 0xa36da109081e9387L,0xfb9780d78c935828L,0xd5940332e540b015L,
-        0xc9d7b51be0f466faL },
-      { 0xfaadcd41d6d9f671L,0xba6c1e28b1a2ac17L,0x066a7833ed201e5fL,
-        0x19d99719f90f462bL } },
-    /* 2 << 203 */
-    { { 0xf431f462060b5f61L,0xa56f46b47bd057c2L,0x348dca6c47e1bf65L,
-        0x9a38783e41bcf1ffL },
-      { 0x7a5d33a9da710718L,0x5a7799872e0aeaf6L,0xca87314d2d29d187L,
-        0xfa0edc3ec687d733L } },
-    /* 3 << 203 */
-    { { 0x9df336216a31e09bL,0xde89e44dc1350e35L,0x292148714ca0cf52L,
-        0xdf3796720b88a538L },
-      { 0xc92a510a2591d61bL,0x79aa87d7585b447bL,0xf67db604e5287f77L,
-        0x1697c8bf5efe7a80L } },
-    /* 4 << 203 */
-    { { 0x1c894849cb198ac7L,0xa884a93d0f264665L,0x2da964ef9b200678L,
-        0x3c351b87009834e6L },
-      { 0xafb2ef9fe2c4b44bL,0x580f6c473326790cL,0xb84805210b02264aL,
-        0x8ba6f9e242a194e2L } },
-    /* 5 << 203 */
-    { { 0xfc87975f8fb54738L,0x3516078827c3ead3L,0x834116d2b74a085aL,
-        0x53c99a73a62fe996L },
-      { 0x87585be05b81c51bL,0x925bafa8be0852b7L,0x76a4fafda84d19a7L,
-        0x39a45982585206d4L } },
-    /* 6 << 203 */
-    { { 0x499b6ab65eb03c0eL,0xf19b795472bc3fdeL,0xa86b5b9c6e3a80d2L,
-        0xe43775086d42819fL },
-      { 0xc1663650bb3ee8a3L,0x75eb14fcb132075fL,0xa8ccc9067ad834f6L,
-        0xea6a2474e6e92ffdL } },
-    /* 7 << 203 */
-    { { 0x9d72fd950f8d6758L,0xcb84e101408c07ddL,0xb9114bfda5e23221L,
-        0x358b5fe2e94e742cL },
-      { 0x1c0577ec95f40e75L,0xf01554513d73f3d6L,0x9d55cd67bd1b9b66L,
-        0x63e86e78af8d63c7L } },
-    /* 8 << 203 */
-    { { 0x39d934abd3c095f1L,0x04b261bee4b76d71L,0x1d2e6970e73e6984L,
-        0x879fb23b5e5fcb11L },
-      { 0x11506c72dfd75490L,0x3a97d08561bcf1c1L,0x43201d82bf5e7007L,
-        0x7f0ac52f798232a7L } },
-    /* 9 << 203 */
-    { { 0x2715cbc46eb564d4L,0x8d6c752c9e570e29L,0xf80247c89ef5fd5dL,
-        0xc3c66b46d53eb514L },
-      { 0x9666b4010f87de56L,0xce62c06fc6c603b5L,0xae7b4c607e4fc942L,
-        0x38ac0b77663a9c19L } },
-    /* 10 << 203 */
-    { { 0xcb4d20ee4b049136L,0x8b63bf12356a4613L,0x1221aef670e08128L,
-        0xe62d8c514acb6b16L },
-      { 0x71f64a67379e7896L,0xb25237a2cafd7fa5L,0xf077bd983841ba6aL,
-        0xc4ac02443cd16e7eL } },
-    /* 11 << 203 */
-    { { 0x548ba86921fea4caL,0xd36d0817f3dfdac1L,0x09d8d71ff4685fafL,
-        0x8eff66bec52c459aL },
-      { 0x182faee70b57235eL,0xee3c39b10106712bL,0x5107331fc0fcdcb0L,
-        0x669fb9dca51054baL } },
-    /* 12 << 203 */
-    { { 0xb25101fb319d7682L,0xb02931290a982feeL,0x51c1c9b90261b344L,
-        0x0e008c5bbfd371faL },
-      { 0xd866dd1c0278ca33L,0x666f76a6e5aa53b1L,0xe5cfb7796013a2cfL,
-        0x1d3a1aada3521836L } },
-    /* 13 << 203 */
-    { { 0xcedd253173faa485L,0xc8ee6c4fc0a76878L,0xddbccfc92a11667dL,
-        0x1a418ea91c2f695aL },
-      { 0xdb11bd9251f73971L,0x3e4b3c82da2ed89fL,0x9a44f3f4e73e0319L,
-        0xd1e3de0f303431afL } },
-    /* 14 << 203 */
-    { { 0x3c5604ff50f75f9cL,0x1d8eddf37e752b22L,0x0ef074dd3c9a1118L,
-        0xd0ffc172ccb86d7bL },
-      { 0xabd1ece3037d90f2L,0xe3f307d66055856cL,0x422f93287e4c6dafL,
-        0x902aac66334879a0L } },
-    /* 15 << 203 */
-    { { 0xb6a1e7bf94cdfadeL,0x6c97e1ed7fc6d634L,0x662ad24da2fb63f8L,
-        0xf81be1b9a5928405L },
-      { 0x86d765e4d14b4206L,0xbecc2e0e8fa0db65L,0xa28838e0b17fc76cL,
-        0xe49a602ae37cf24eL } },
-    /* 16 << 203 */
-    { { 0x76b4131a567193ecL,0xaf3c305ae5f6e70bL,0x9587bd39031eebddL,
-        0x5709def871bbe831L },
-      { 0x570599830eb2b669L,0x4d80ce1b875b7029L,0x838a7da80364ac16L,
-        0x2f431d23be1c83abL } },
-    /* 17 << 203 */
-    { { 0xe56812a6f9294dd3L,0xb448d01f9b4b0d77L,0xf3ae606104e8305cL,
-        0x2bead64594d8c63eL },
-      { 0x0a85434d84fd8b07L,0x537b983ff7a9dee5L,0xedcc5f18ef55bd85L,
-        0x2041af6221c6cf8bL } },
-    /* 18 << 203 */
-    { { 0x8e52874cb940c71eL,0x211935a9db5f4b3aL,0x94350492301b1dc3L,
-        0x33d2646d29958620L },
-      { 0x16b0d64bef911404L,0x9d1f25ea9a3c5ef4L,0x20f200eb4a352c78L,
-        0x43929f2c4bd0b428L } },
-    /* 19 << 203 */
-    { { 0xa5656667c7196e29L,0x7992c2f09391be48L,0xaaa97cbd9ee0cd6eL,
-        0x51b0310c3dc8c9bfL },
-      { 0x237f8acfdd9f22cbL,0xbb1d81a1b585d584L,0x8d5d85f58c416388L,
-        0x0d6e5a5a42fe474fL } },
-    /* 20 << 203 */
-    { { 0xe781276638235d4eL,0x1c62bd67496e3298L,0x8378660c3f175bc8L,
-        0x4d04e18917afdd4dL },
-      { 0x32a8160185a8068cL,0xdb58e4e192b29a85L,0xe8a65b86c70d8a3bL,
-        0x5f0e6f4e98a0403bL } },
-    /* 21 << 203 */
-    { { 0x0812968469ed2370L,0x34dc30bd0871ee26L,0x3a5ce9487c9c5b05L,
-        0x7d487b8043a90c87L },
-      { 0x4089ba37dd0e7179L,0x45f80191b4041811L,0x1c3e105898747ba5L,
-        0x98c4e13a6e1ae592L } },
-    /* 22 << 203 */
-    { { 0xd44636e6e82c9f9eL,0x711db87cc33a1043L,0x6f431263aa8aec05L,
-        0x43ff120d2744a4aaL },
-      { 0xd3bd892fae77779bL,0xf0fe0cc98cdc9f82L,0xca5f7fe6f1c5b1bcL,
-        0xcc63a68244929a72L } },
-    /* 23 << 203 */
-    { { 0xc7eaba0c09dbe19aL,0x2f3585ad6b5c73c2L,0x8ab8924b0ae50c30L,
-        0x17fcd27a638b30baL },
-      { 0xaf414d3410b3d5a5L,0x09c107d22a9accf1L,0x15dac49f946a6242L,
-        0xaec3df2ad707d642L } },
-    /* 24 << 203 */
-    { { 0x2c2492b73f894ae0L,0xf59df3e5b75f18ceL,0x7cb740d28f53cad0L,
-        0x3eb585fbc4f01294L },
-      { 0x17da0c8632c7f717L,0xeb8c795baf943f4cL,0x4ee23fb5f67c51d2L,
-        0xef18757568889949L } },
-    /* 25 << 203 */
-    { { 0xa6b4bdb20389168bL,0xc4ecd258ea577d03L,0x3a63782b55743082L,
-        0x6f678f4cc72f08cdL },
-      { 0x553511cf65e58dd8L,0xd53b4e3ed402c0cdL,0x37de3e29a037c14cL,
-        0x86b6c516c05712aaL } },
-    /* 26 << 203 */
-    { { 0x2834da3eb38dff6fL,0xbe012c52ea636be8L,0x292d238c61dd37f8L,
-        0x0e54523f8f8142dbL },
-      { 0xe31eb436036a05d8L,0x83e3cdff1e93c0ffL,0x3fd2fe0f50821ddfL,
-        0xc8e19b0dff9eb33bL } },
-    /* 27 << 203 */
-    { { 0xc8cc943fb569a5feL,0xad0090d4d4342d75L,0x82090b4bcaeca000L,
-        0xca39687f1bd410ebL },
-      { 0xe7bb0df765959d77L,0x39d782189c964999L,0xd87f62e8b2415451L,
-        0xe5efb774bed76108L } },
-    /* 28 << 203 */
-    { { 0x3ea011a4e822f0d0L,0xbc647ad15a8704f8L,0xbb315b3550c6820fL,
-        0x863dec3db7e76becL },
-      { 0x01ff5d3af017bfc7L,0x20054439976b8229L,0x067fca370bbd0d3bL,
-        0xf63dde647f5e3d0fL } },
-    /* 29 << 203 */
-    { { 0x22dbefb32a4c94e9L,0xafbff0fe96f8278aL,0x80aea0b13503793dL,
-        0xb22380295f06cd29L },
-      { 0x65703e578ec3fecaL,0x06c38314393e7053L,0xa0b751eb7c6734c4L,
-        0xd2e8a435c59f0f1eL } },
-    /* 30 << 203 */
-    { { 0x147d90525e9ca895L,0x2f4dd31e972072dfL,0xa16fda8ee6c6755cL,
-        0xc66826ffcf196558L },
-      { 0x1f1a76a30cf43895L,0xa9d604e083c3097bL,0xe190830966390e0eL,
-        0xa50bf753b3c85effL } },
-    /* 31 << 203 */
-    { { 0x0696bddef6a70251L,0x548b801b3c6ab16aL,0x37fcf704a4d08762L,
-        0x090b3defdff76c4eL },
-      { 0x87e8cb8969cb9158L,0x44a90744995ece43L,0xf85395f40ad9fbf5L,
-        0x49b0f6c54fb0c82dL } },
-    /* 32 << 203 */
-    { { 0x75d9bc15adf7cccfL,0x81a3e5d6dfa1e1b0L,0x8c39e444249bc17eL,
-        0xf37dccb28ea7fd43L },
-      { 0xda654873907fba12L,0x35daa6da4a372904L,0x0564cfc66283a6c5L,
-        0xd09fa4f64a9395bfL } },
-    /* 33 << 203 */
-    { { 0x688e9ec9aeb19a36L,0xd913f1cec7bfbfb4L,0x797b9a3c61c2faa6L,
-        0x2f979bec6a0a9c12L },
-      { 0xb5969d0f359679ecL,0xebcf523d079b0460L,0xfd6b000810fab870L,
-        0x3f2edcda9373a39cL } },
-    /* 34 << 203 */
-    { { 0x0d64f9a76f568431L,0xf848c27c02f8898cL,0xf418ade1260b5bd5L,
-        0xc1f3e3236973dee8L },
-      { 0x46e9319c26c185ddL,0x6d85b7d8546f0ac4L,0x427965f2247f9d57L,
-        0xb519b636b0035f48L } },
-    /* 35 << 203 */
-    { { 0x6b6163a9ab87d59cL,0xff9f58c339caaa11L,0x4ac39cde3177387bL,
-        0x5f6557c2873e77f9L },
-      { 0x6750400636a83041L,0x9b1c96ca75ef196cL,0xf34283deb08c7940L,
-        0x7ea096441128c316L } },
-    /* 36 << 203 */
-    { { 0xb510b3b56aa39dffL,0x59b43da29f8e4d8cL,0xa8ce31fd9e4c4b9fL,
-        0x0e20be26c1303c01L },
-      { 0x18187182e8ee47c9L,0xd9687cdb7db98101L,0x7a520e4da1e14ff6L,
-        0x429808ba8836d572L } },
-    /* 37 << 203 */
-    { { 0xa37ca60d4944b663L,0xf901f7a9a3f91ae5L,0xe4e3e76e9e36e3b1L,
-        0x9aa219cf29d93250L },
-      { 0x347fe275056a2512L,0xa4d643d9de65d95cL,0x9669d396699fc3edL,
-        0xb598dee2cf8c6bbeL } },
-    /* 38 << 203 */
-    { { 0x682ac1e5dda9e5c6L,0x4e0d3c72caa9fc95L,0x17faaade772bea44L,
-        0x5ef8428cab0009c8L },
-      { 0xcc4ce47a460ff016L,0xda6d12bf725281cbL,0x44c678480223aad2L,
-        0x6e342afa36256e28L } },
-    /* 39 << 203 */
-    { { 0x1400bb0b93a37c04L,0x62b1bc9bdd10bd96L,0x7251adeb0dac46b7L,
-        0x7d33b92e7be4ef51L },
-      { 0x28b2a94be61fa29aL,0x4b2be13f06422233L,0x36d6d062330d8d37L,
-        0x5ef80e1eb28ca005L } },
-    /* 40 << 203 */
-    { { 0x174d46996d16768eL,0x9fc4ff6a628bf217L,0x77705a94154e490dL,
-        0x9d96dd288d2d997aL },
-      { 0x77e2d9d8ce5d72c4L,0x9d06c5a4c11c714fL,0x02aa513679e4a03eL,
-        0x1386b3c2030ff28bL } },
-    /* 41 << 203 */
-    { { 0xfe82e8a6fb283f61L,0x7df203e5f3abc3fbL,0xeec7c3513a4d3622L,
-        0xf7d17dbfdf762761L },
-      { 0xc3956e44522055f0L,0xde3012db8fa748dbL,0xca9fcb63bf1dcc14L,
-        0xa56d9dcfbe4e2f3aL } },
-    /* 42 << 203 */
-    { { 0xb86186b68bcec9c2L,0x7cf24df9680b9f06L,0xc46b45eac0d29281L,
-        0xfff42bc507b10e12L },
-      { 0x12263c404d289427L,0x3d5f1899b4848ec4L,0x11f97010d040800cL,
-        0xb4c5f529300feb20L } },
-    /* 43 << 203 */
-    { { 0xcc543f8fde94fdcbL,0xe96af739c7c2f05eL,0xaa5e0036882692e1L,
-        0x09c75b68950d4ae9L },
-      { 0x62f63df2b5932a7aL,0x2658252ede0979adL,0x2a19343fb5e69631L,
-        0x718c7501525b666bL } },
-    /* 44 << 203 */
-    { { 0x26a42d69ea40dc3aL,0xdc84ad22aecc018fL,0x25c36c7b3270f04aL,
-        0x46ba6d4750fa72edL },
-      { 0x6c37d1c593e58a8eL,0xa2394731120c088cL,0xc3be4263cb6e86daL,
-        0x2c417d367126d038L } },
-    /* 45 << 203 */
-    { { 0x5b70f9c58b6f8efaL,0x671a2faa37718536L,0xd3ced3c6b539c92bL,
-        0xe56f1bd9a31203c2L },
-      { 0x8b096ec49ff3c8ebL,0x2deae43243491ceaL,0x2465c6eb17943794L,
-        0x5d267e6620586843L } },
-    /* 46 << 203 */
-    { { 0x9d3d116db07159d0L,0xae07a67fc1896210L,0x8fc84d87bb961579L,
-        0x30009e491c1f8dd6L },
-      { 0x8a8caf22e3132819L,0xcffa197cf23ab4ffL,0x58103a44205dd687L,
-        0x57b796c30ded67a2L } },
-    /* 47 << 203 */
-    { { 0x0b9c3a6ca1779ad7L,0xa33cfe2e357c09c5L,0x2ea293153db4a57eL,
-        0x919596958ebeb52eL },
-      { 0x118db9a6e546c879L,0x8e996df46295c8d6L,0xdd99048455ec806bL,
-        0x24f291ca165c1035L } },
-    /* 48 << 203 */
-    { { 0xcca523bb440e2229L,0x324673a273ef4d04L,0xaf3adf343e11ec39L,
-        0x6136d7f1dc5968d3L },
-      { 0x7a7b2899b053a927L,0x3eaa2661ae067ecdL,0x8549b9c802779cd9L,
-        0x061d7940c53385eaL } },
-    /* 49 << 203 */
-    { { 0x3e0ba883f06d18bdL,0x4ba6de53b2700843L,0xb966b668591a9e4dL,
-        0x93f675677f4fa0edL },
-      { 0x5a02711b4347237bL,0xbc041e2fe794608eL,0x55af10f570f73d8cL,
-        0xd2d4d4f7bb7564f7L } },
-    /* 50 << 203 */
-    { { 0xd7d27a89b3e93ce7L,0xf7b5a8755d3a2c1bL,0xb29e68a0255b218aL,
-        0xb533837e8af76754L },
-      { 0xd1b05a73579fab2eL,0xb41055a1ecd74385L,0xb2369274445e9115L,
-        0x2972a7c4f520274eL } },
-    /* 51 << 203 */
-    { { 0x6c08334ef678e68aL,0x4e4160f099b057edL,0x3cfe11b852ccb69aL,
-        0x2fd1823a21c8f772L },
-      { 0xdf7f072f3298f055L,0x8c0566f9fec74a6eL,0xe549e0195bb4d041L,
-        0x7c3930ba9208d850L } },
-    /* 52 << 203 */
-    { { 0xe07141fcaaa2902bL,0x539ad799e4f69ad3L,0xa6453f94813f9ffdL,
-        0xc58d3c48375bc2f7L },
-      { 0xb3326fad5dc64e96L,0x3aafcaa9b240e354L,0x1d1b0903aca1e7a9L,
-        0x4ceb97671211b8a0L } },
-    /* 53 << 203 */
-    { { 0xeca83e49e32a858eL,0x4c32892eae907badL,0xd5b42ab62eb9b494L,
-        0x7fde3ee21eabae1bL },
-      { 0x13b5ab09caf54957L,0xbfb028bee5f5d5d5L,0x928a06502003e2c0L,
-        0x90793aac67476843L } },
-    /* 54 << 203 */
-    { { 0x5e942e79c81710a0L,0x557e4a3627ccadd4L,0x72a2bc564bcf6d0cL,
-        0x09ee5f4326d7b80cL },
-      { 0x6b70dbe9d4292f19L,0x56f74c2663f16b18L,0xc23db0f735fbb42aL,
-        0xb606bdf66ae10040L } },
-    /* 55 << 203 */
-    { { 0x1eb15d4d044573acL,0x7dc3cf86556b0ba4L,0x97af9a33c60df6f7L,
-        0x0b1ef85ca716ce8cL },
-      { 0x2922f884c96958beL,0x7c32fa9435690963L,0x2d7f667ceaa00061L,
-        0xeaaf7c173547365cL } },
-    /* 56 << 203 */
-    { { 0x1eb4de4687032d58L,0xc54f3d835e2c79e0L,0x07818df45d04ef23L,
-        0x55faa9c8673d41b4L },
-      { 0xced64f6f89b95355L,0x4860d2eab7415c84L,0x5fdb9bd2050ebad3L,
-        0xdb53e0cc6685a5bfL } },
-    /* 57 << 203 */
-    { { 0xb830c0319feb6593L,0xdd87f3106accff17L,0x2303ebab9f555c10L,
-        0x94603695287e7065L },
-      { 0xf88311c32e83358cL,0x508dd9b4eefb0178L,0x7ca237062dba8652L,
-        0x62aac5a30047abe5L } },
-    /* 58 << 203 */
-    { { 0x9a61d2a08b1ea7b3L,0xd495ab63ae8b1485L,0x38740f8487052f99L,
-        0x178ebe5bb2974eeaL },
-      { 0x030bbcca5b36d17fL,0xb5e4cce3aaf86eeaL,0xb51a022068f8e9e0L,
-        0xa434879609eb3e75L } },
-    /* 59 << 203 */
-    { { 0xbe592309eef1a752L,0x5d7162d76f2aa1edL,0xaebfb5ed0f007dd2L,
-        0x255e14b2c89edd22L },
-      { 0xba85e0720303b697L,0xc5d17e25f05720ffL,0x02b58d6e5128ebb6L,
-        0x2c80242dd754e113L } },
-    /* 60 << 203 */
-    { { 0x919fca5fabfae1caL,0x937afaac1a21459bL,0x9e0ca91c1f66a4d2L,
-        0x194cc7f323ec1331L },
-      { 0xad25143a8aa11690L,0xbe40ad8d09b59e08L,0x37d60d9be750860aL,
-        0x6c53b008c6bf434cL } },
-    /* 61 << 203 */
-    { { 0xb572415d1356eb80L,0xb8bf9da39578ded8L,0x22658e365e8fb38bL,
-        0x9b70ce225af8cb22L },
-      { 0x7c00018a829a8180L,0x84329f93b81ed295L,0x7c343ea25f3cea83L,
-        0x38f8655f67586536L } },
-    /* 62 << 203 */
-    { { 0xa661a0d01d3ec517L,0x98744652512321aeL,0x084ca591eca92598L,
-        0xa9bb9dc91dcb3febL },
-      { 0x14c5435578b4c240L,0x5ed62a3b610cafdcL,0x07512f371b38846bL,
-        0x571bb70ab0e38161L } },
-    /* 63 << 203 */
-    { { 0xb556b95b2da705d2L,0x3ef8ada6b1a08f98L,0x85302ca7ddecfbe5L,
-        0x0e530573943105cdL },
-      { 0x60554d5521a9255dL,0x63a32fa1f2f3802aL,0x35c8c5b0cd477875L,
-        0x97f458ea6ad42da1L } },
-    /* 64 << 203 */
-    { { 0x832d7080eb6b242dL,0xd30bd0233b71e246L,0x7027991bbe31139dL,
-        0x68797e91462e4e53L },
-      { 0x423fe20a6b4e185aL,0x82f2c67e42d9b707L,0x25c817684cf7811bL,
-        0xbd53005e045bb95dL } },
-    /* 0 << 210 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 210 */
-    { { 0xe5f649be9d8e68fdL,0xdb0f05331b044320L,0xf6fde9b3e0c33398L,
-        0x92f4209b66c8cfaeL },
-      { 0xe9d1afcc1a739d4bL,0x09aea75fa28ab8deL,0x14375fb5eac6f1d0L,
-        0x6420b560708f7aa5L } },
-    /* 2 << 210 */
-    { { 0x9eae499c6254dc41L,0x7e2939247a837e7eL,0x74aec08c090524a7L,
-        0xf82b92198d6f55f2L },
-      { 0x493c962e1402cec5L,0x9f17ca17fa2f30e7L,0xbcd783e8e9b879cbL,
-        0xea3d8c145a6f145fL } },
-    /* 3 << 210 */
-    { { 0xdede15e75e0dee6eL,0x74f24872dc628aa2L,0xd3e9c4fe7861bb93L,
-        0x56d4822a6187b2e0L },
-      { 0xb66417cfc59826f9L,0xca2609692408169eL,0xedf69d06c79ef885L,
-        0x00031f8adc7d138fL } },
-    /* 4 << 210 */
-    { { 0x103c46e60ebcf726L,0x4482b8316231470eL,0x6f6dfaca487c2109L,
-        0x2e0ace9762e666efL },
-      { 0x3246a9d31f8d1f42L,0x1b1e83f1574944d2L,0x13dfa63aa57f334bL,
-        0x0cf8daed9f025d81L } },
-    /* 5 << 210 */
-    { { 0x30d78ea800ee11c1L,0xeb053cd4b5e3dd75L,0x9b65b13ed58c43c5L,
-        0xc3ad49bdbd151663L },
-      { 0x99fd8e41b6427990L,0x12cf15bd707eae1eL,0x29ad4f1b1aabb71eL,
-        0x5143e74d07545d0eL } },
-    /* 6 << 210 */
-    { { 0x30266336c88bdee1L,0x25f293065876767cL,0x9c078571c6731996L,
-        0xc88690b2ed552951L },
-      { 0x274f2c2d852705b4L,0xb0bf8d444e09552dL,0x7628beeb986575d1L,
-        0x407be2387f864651L } },
-    /* 7 << 210 */
-    { { 0x0e5e3049a639fc6bL,0xe75c35d986003625L,0x0cf35bd85dcc1646L,
-        0x8bcaced26c26273aL },
-      { 0xe22ecf1db5536742L,0x013dd8971a9e068bL,0x17f411cb8a7909c5L,
-        0x5757ac98861dd506L } },
-    /* 8 << 210 */
-    { { 0x85de1f0d1e935abbL,0xdefd10b4154de37aL,0xb8d9e392369cebb5L,
-        0x54d5ef9b761324beL },
-      { 0x4d6341ba74f17e26L,0xc0a0e3c878c1dde4L,0xa6d7758187d918fdL,
-        0x6687601502ca3a13L } },
-    /* 9 << 210 */
-    { { 0xc7313e9cf36658f0L,0xc433ef1c71f8057eL,0x853262461b6a835aL,
-        0xc8f053987c86394cL },
-      { 0xff398cdfe983c4a1L,0xbf5e816203b7b931L,0x93193c46b7b9045bL,
-        0x1e4ebf5da4a6e46bL } },
-    /* 10 << 210 */
-    { { 0xf9942a6043a24fe7L,0x29c1191effb3492bL,0x9f662449902fde05L,
-        0xc792a7ac6713c32dL },
-      { 0x2fd88ad8b737982cL,0x7e3a0319a21e60e3L,0x09b0de447383591aL,
-        0x6df141ee8310a456L } },
-    /* 11 << 210 */
-    { { 0xaec1a039e6d6f471L,0x14b2ba0f1198d12eL,0xebc1a1603aeee5acL,
-        0x401f4836e0b964ceL },
-      { 0x2ee437964fd03f66L,0x3fdb4e49dd8f3f12L,0x6ef267f629380f18L,
-        0x3e8e96708da64d16L } },
-    /* 12 << 210 */
-    { { 0xbc19180c207674f1L,0x112e09a733ae8fdbL,0x996675546aaeb71eL,
-        0x79432af1e101b1c7L },
-      { 0xd5eb558fde2ddec6L,0x81392d1f5357753fL,0xa7a76b973ae1158aL,
-        0x416fbbff4a899991L } },
-    /* 13 << 210 */
-    { { 0x9e65fdfd0d4a9dcfL,0x7bc29e48944ddf12L,0xbc1a92d93c856866L,
-        0x273c69056e98dfe2L },
-      { 0x69fce418cdfaa6b8L,0x606bd8235061c69fL,0x42d495a06af75e27L,
-        0x8ed3d5056d873a1fL } },
-    /* 14 << 210 */
-    { { 0xaf5528416ab25b6aL,0xc6c0ffc72b1a4523L,0xab18827b21c99e03L,
-        0x060e86489034691bL },
-      { 0x5207f90f93c7f398L,0x9f4a96cb82f8d10bL,0xdd71cd793ad0f9e3L,
-        0x84f435d2fc3a54f5L } },
-    /* 15 << 210 */
-    { { 0x4b03c55b8e33787fL,0xef42f975a6384673L,0xff7304f75051b9f0L,
-        0x18aca1dc741c87c2L },
-      { 0x56f120a72d4bfe80L,0xfd823b3d053e732cL,0x11bccfe47537ca16L,
-        0xdf6c9c741b5a996bL } },
-    /* 16 << 210 */
-    { { 0xee7332c7904fc3faL,0x14a23f45c7e3636aL,0xc38659c3f091d9aaL,
-        0x4a995e5db12d8540L },
-      { 0x20a53becf3a5598aL,0x56534b17b1eaa995L,0x9ed3dca4bf04e03cL,
-        0x716c563ad8d56268L } },
-    /* 17 << 210 */
-    { { 0x27ba77a41d6178e7L,0xe4c80c4068a1ff8eL,0x750110990a13f63dL,
-        0x7bf33521a61d46f3L },
-      { 0x0aff218e10b365bbL,0x810218040fd7ea75L,0x05a3fd8aa4b3a925L,
-        0xb829e75f9b3db4e6L } },
-    /* 18 << 210 */
-    { { 0x6bdc75a54d53e5fbL,0x04a5dc02d52717e3L,0x86af502fe9a42ec2L,
-        0x8867e8fb2630e382L },
-      { 0xbf845c6ebec9889bL,0x54f491f2cb47c98dL,0xa3091fba790c2a12L,
-        0xd7f6fd78c20f708bL } },
-    /* 19 << 210 */
-    { { 0xa569ac30acde5e17L,0xd0f996d06852b4d7L,0xe51d4bb54609ae54L,
-        0x3fa37d170daed061L },
-      { 0x62a8868434b8fb41L,0x99a2acbd9efb64f1L,0xb75c1a5e6448e1f2L,
-        0xfa99951a42b5a069L } },
-    /* 20 << 210 */
-    { { 0x6d956e892f3b26e7L,0xf4709860da875247L,0x3ad151792482dda3L,
-        0xd64110e3017d82f0L },
-      { 0x14928d2cfad414e4L,0x2b155f582ed02b24L,0x481a141bcb821bf1L,
-        0x12e3c7704f81f5daL } },
-    /* 21 << 210 */
-    { { 0xe49c5de59fff8381L,0x110532325bbec894L,0xa0d051cc454d88c4L,
-        0x4f6db89c1f8e531bL },
-      { 0x34fe3fd6ca563a44L,0x7f5c221558da8ab9L,0x8445016d9474f0a1L,
-        0x17d34d61cb7d8a0aL } },
-    /* 22 << 210 */
-    { { 0x8e9d39101c474019L,0xcaff2629d52ceefbL,0xf9cf3e32c1622c2bL,
-        0xd4b95e3ce9071a05L },
-      { 0xfbbca61f1594438cL,0x1eb6e6a604aadedfL,0x853027f468e14940L,
-        0x221d322adfabda9cL } },
-    /* 23 << 210 */
-    { { 0xed8ea9f6b7cb179aL,0xdc7b764db7934dccL,0xfcb139405e09180dL,
-        0x6629a6bfb47dc2ddL },
-      { 0xbfc55e4e9f5a915eL,0xb1db9d376204441eL,0xf82d68cf930c5f53L,
-        0x17d3a142cbb605b1L } },
-    /* 24 << 210 */
-    { { 0xdd5944ea308780f2L,0xdc8de7613845f5e4L,0x6beaba7d7624d7a3L,
-        0x1e709afd304df11eL },
-      { 0x9536437602170456L,0xbf204b3ac8f94b64L,0x4e53af7c5680ca68L,
-        0x0526074ae0c67574L } },
-    /* 25 << 210 */
-    { { 0x95d8cef8ecd92af6L,0xe6b9fa7a6cd1745aL,0x3d546d3da325c3e4L,
-        0x1f57691d9ae93aaeL },
-      { 0xe891f3fe9d2e1a33L,0xd430093fac063d35L,0xeda59b125513a327L,
-        0xdc2134f35536f18fL } },
-    /* 26 << 210 */
-    { { 0xaa51fe2c5c210286L,0x3f68aaee1cab658cL,0x5a23a00bf9357292L,
-        0x9a626f397efdabedL },
-      { 0xfe2b3bf3199d78e3L,0xb7a2af7771bbc345L,0x3d19827a1e59802cL,
-        0x823bbc15b487a51cL } },
-    /* 27 << 210 */
-    { { 0x856139f299d0a422L,0x9ac3df65f456c6fbL,0xaddf65c6701f8bd6L,
-        0x149f321e3758df87L },
-      { 0xb1ecf714721b7ebaL,0xe17df09831a3312aL,0xdb2fd6ecd5c4d581L,
-        0xfd02996f8fcea1b3L } },
-    /* 28 << 210 */
-    { { 0xe29fa63e7882f14fL,0xc9f6dc3507c6cadcL,0x46f22d6fb882bed0L,
-        0x1a45755bd118e52cL },
-      { 0x9f2c7c277c4608cfL,0x7ccbdf32568012c2L,0xfcb0aedd61729b0eL,
-        0x7ca2ca9ef7d75dbfL } },
-    /* 29 << 210 */
-    { { 0xf58fecb16f640f62L,0xe274b92b39f51946L,0x7f4dfc046288af44L,
-        0x0a91f32aeac329e5L },
-      { 0x43ad274bd6aaba31L,0x719a16400f6884f9L,0x685d29f6daf91e20L,
-        0x5ec1cc3327e49d52L } },
-    /* 30 << 210 */
-    { { 0x38f4de963b54a059L,0x0e0015e5efbcfdb3L,0x177d23d94dbb8da6L,
-        0x98724aa297a617adL },
-      { 0x30f0885bfdb6558eL,0xf9f7a28ac7899a96L,0xd2ae8ac8872dc112L,
-        0xfa0642ca73c3c459L } },
-    /* 31 << 210 */
-    { { 0x15296981e7dfc8d6L,0x67cd44501fb5b94aL,0x0ec71cf10eddfd37L,
-        0xc7e5eeb39a8eddc7L },
-      { 0x02ac8e3d81d95028L,0x0088f17270b0e35dL,0xec041fabe1881fe3L,
-        0x62cf71b8d99e7faaL } },
-    /* 32 << 210 */
-    { { 0x5043dea7e0f222c2L,0x309d42ac72e65142L,0x94fe9ddd9216cd30L,
-        0xd6539c7d0f87feecL },
-      { 0x03c5a57c432ac7d7L,0x72692cf0327fda10L,0xec28c85f280698deL,
-        0x2331fb467ec283b1L } },
-    /* 33 << 210 */
-    { { 0xd34bfa322867e633L,0x78709a820a9cc815L,0xb7fe6964875e2fa5L,
-        0x25cc064f9e98bfb5L },
-      { 0x9eb0151c493a65c5L,0x5fb5d94153182464L,0x69e6f130f04618e2L,
-        0xa8ecec22f89c8ab6L } },
-    /* 34 << 210 */
-    { { 0xcd6ac88bb96209bdL,0x65fa8cdbb3e1c9e0L,0xa47d22f54a8d8eacL,
-        0x83895cdf8d33f963L },
-      { 0xa8adca59b56cd3d1L,0x10c8350bdaf38232L,0x2b161fb3a5080a9fL,
-        0xbe7f5c643af65b3aL } },
-    /* 35 << 210 */
-    { { 0x2c75403997403a11L,0x94626cf7121b96afL,0x431de7c46a983ec2L,
-        0x3780dd3a52cc3df7L },
-      { 0xe28a0e462baf8e3bL,0xabe68aad51d299aeL,0x603eb8f9647a2408L,
-        0x14c61ed65c750981L } },
-    /* 36 << 210 */
-    { { 0x88b34414c53352e7L,0x5a34889c1337d46eL,0x612c1560f95f2bc8L,
-        0x8a3f8441d4807a3aL },
-      { 0x680d9e975224da68L,0x60cd6e88c3eb00e9L,0x3875a98e9a6bc375L,
-        0xdc80f9244fd554c2L } },
-    /* 37 << 210 */
-    { { 0x6c4b34156ac77407L,0xa1e5ea8f25420681L,0x541bfa144607a458L,
-        0x5dbc7e7a96d7fbf9L },
-      { 0x646a851b31590a47L,0x039e85ba15ee6df8L,0xd19fa231d7b43fc0L,
-        0x84bc8be8299a0e04L } },
-    /* 38 << 210 */
-    { { 0x2b9d2936f20df03aL,0x240543828608d472L,0x76b6ba049149202aL,
-        0xb21c38313670e7b7L },
-      { 0xddd93059d6fdee10L,0x9da47ad378488e71L,0x99cc1dfda0fcfb25L,
-        0x42abde1064696954L } },
-    /* 39 << 210 */
-    { { 0x14cc15fc17eab9feL,0xd6e863e4d3e70972L,0x29a7765c6432112cL,
-        0x886600015b0774d8L },
-      { 0x3729175a2c088eaeL,0x13afbcae8230b8d4L,0x44768151915f4379L,
-        0xf086431ad8d22812L } },
-    /* 40 << 210 */
-    { { 0x37461955c298b974L,0x905fb5f0f8711e04L,0x787abf3afe969d18L,
-        0x392167c26f6a494eL },
-      { 0xfc7a0d2d28c511daL,0xf127c7dcb66a262dL,0xf9c4bb95fd63fdf0L,
-        0x900165893913ef46L } },
-    /* 41 << 210 */
-    { { 0x74d2a73c11aa600dL,0x2f5379bd9fb5ab52L,0xe49e53a47fb70068L,
-        0x68dd39e5404aa9a7L },
-      { 0xb9b0cf572ecaa9c3L,0xba0e103be824826bL,0x60c2198b4631a3c4L,
-        0xc5ff84abfa8966a2L } },
-    /* 42 << 210 */
-    { { 0x2d6ebe22ac95aff8L,0x1c9bb6dbb5a46d09L,0x419062da53ee4f8dL,
-        0x7b9042d0bb97efefL },
-      { 0x0f87f080830cf6bdL,0x4861d19a6ec8a6c6L,0xd3a0daa1202f01aaL,
-        0xb0111674f25afbd5L } },
-    /* 43 << 210 */
-    { { 0x6d00d6cf1afb20d9L,0x1369500040671bc5L,0x913ab0dc2485ea9bL,
-        0x1f2bed069eef61acL },
-      { 0x850c82176d799e20L,0x93415f373271c2deL,0x5afb06e96c4f5910L,
-        0x688a52dfc4e9e421L } },
-    /* 44 << 210 */
-    { { 0x30495ba3e2a9a6dbL,0x4601303d58f9268bL,0xbe3b0dad7eb0f04fL,
-        0x4ea472504456936dL },
-      { 0x8caf8798d33fd3e7L,0x1ccd8a89eb433708L,0x9effe3e887fd50adL,
-        0xbe240a566b29c4dfL } },
-    /* 45 << 210 */
-    { { 0xec4ffd98ca0e7ebdL,0xf586783ae748616eL,0xa5b00d8fc77baa99L,
-        0x0acada29b4f34c9cL },
-      { 0x36dad67d0fe723acL,0x1d8e53a539c36c1eL,0xe4dd342d1f4bea41L,
-        0x64fd5e35ebc9e4e0L } },
-    /* 46 << 210 */
-    { { 0x96f01f9057908805L,0xb5b9ea3d5ed480ddL,0x366c5dc23efd2dd0L,
-        0xed2fe3056e9dfa27L },
-      { 0x4575e8926e9197e2L,0x11719c09ab502a5dL,0x264c7bece81f213fL,
-        0x741b924155f5c457L } },
-    /* 47 << 210 */
-    { { 0x78ac7b6849a5f4f4L,0xf91d70a29fc45b7dL,0x39b05544b0f5f355L,
-        0x11f06bceeef930d9L },
-      { 0xdb84d25d038d05e1L,0x04838ee5bacc1d51L,0x9da3ce869e8ee00bL,
-        0xc3412057c36eda1fL } },
-    /* 48 << 210 */
-    { { 0xae80b91364d9c2f4L,0x7468bac3a010a8ffL,0xdfd2003737359d41L,
-        0x1a0f5ab815efeaccL },
-      { 0x7c25ad2f659d0ce0L,0x4011bcbb6785cff1L,0x128b99127e2192c7L,
-        0xa549d8e113ccb0e8L } },
-    /* 49 << 210 */
-    { { 0x805588d8c85438b1L,0x5680332dbc25cb27L,0xdcd1bc961a4bfdf4L,
-        0x779ff428706f6566L },
-      { 0x8bbee998f059987aL,0xf6ce8cf2cc686de7L,0xf8ad3c4a953cfdb2L,
-        0xd1d426d92205da36L } },
-    /* 50 << 210 */
-    { { 0xb3c0f13fc781a241L,0x3e89360ed75362a8L,0xccd05863c8a91184L,
-        0x9bd0c9b7efa8a7f4L },
-      { 0x97ee4d538a912a4bL,0xde5e15f8bcf518fdL,0x6a055bf8c467e1e0L,
-        0x10be4b4b1587e256L } },
-    /* 51 << 210 */
-    { { 0xd90c14f2668621c9L,0xd5518f51ab9c92c1L,0x8e6a0100d6d47b3cL,
-        0xcbe980dd66716175L },
-      { 0x500d3f10ddd83683L,0x3b6cb35d99cac73cL,0x53730c8b6083d550L,
-        0xcf159767df0a1987L } },
-    /* 52 << 210 */
-    { { 0x84bfcf5343ad73b3L,0x1b528c204f035a94L,0x4294edf733eeac69L,
-        0xb6283e83817f3240L },
-      { 0xc3fdc9590a5f25b1L,0xefaf8aa55844ee22L,0xde269ba5dbdde4deL,
-        0xe3347160c56133bfL } },
-    /* 53 << 210 */
-    { { 0xc11842198d9ea9f8L,0x090de5dbf3fc1ab5L,0x404c37b10bf22cdaL,
-        0x7de20ec8f5618894L },
-      { 0x754c588eecdaecabL,0x6ca4b0ed88342743L,0x76f08bddf4a938ecL,
-        0xd182de8991493ccbL } },
-    /* 54 << 210 */
-    { { 0xd652c53ec8a4186aL,0xb3e878db946d8e33L,0x088453c05f37663cL,
-        0x5cd9daaab407748bL },
-      { 0xa1f5197f586d5e72L,0x47500be8c443ca59L,0x78ef35b2e2652424L,
-        0x09c5d26f6dd7767dL } },
-    /* 55 << 210 */
-    { { 0x7175a79aa74d3f7bL,0x0428fd8dcf5ea459L,0x511cb97ca5d1746dL,
-        0x36363939e71d1278L },
-      { 0xcf2df95510350bf4L,0xb381743960aae782L,0xa748c0e43e688809L,
-        0x98021fbfd7a5a006L } },
-    /* 56 << 210 */
-    { { 0x9076a70c0e367a98L,0xbea1bc150f62b7c2L,0x2645a68c30fe0343L,
-        0xacaffa78699dc14fL },
-      { 0xf4469964457bf9c4L,0x0db6407b0d2ead83L,0x68d56cadb2c6f3ebL,
-        0x3b512e73f376356cL } },
-    /* 57 << 210 */
-    { { 0xe43b0e1ffce10408L,0x89ddc0035a5e257dL,0xb0ae0d120362e5b3L,
-        0x07f983c7b0519161L },
-      { 0xc2e94d155d5231e7L,0xcff22aed0b4f9513L,0xb02588dd6ad0b0b5L,
-        0xb967d1ac11d0dcd5L } },
-    /* 58 << 210 */
-    { { 0x8dac6bc6cf777b6cL,0x0062bdbd4c6d1959L,0x53da71b50ef5cc85L,
-        0x07012c7d4006f14fL },
-      { 0x4617f962ac47800dL,0x53365f2bc102ed75L,0xb422efcb4ab8c9d3L,
-        0x195cb26b34af31c9L } },
-    /* 59 << 210 */
-    { { 0x3a926e2905f2c4ceL,0xbd2bdecb9856966cL,0x5d16ab3a85527015L,
-        0x9f81609e4486c231L },
-      { 0xd8b96b2cda350002L,0xbd054690fa1b7d36L,0xdc90ebf5e71d79bcL,
-        0xf241b6f908964e4eL } },
-    /* 60 << 210 */
-    { { 0x7c8386432fe3cd4cL,0xe0f33acbb4bc633cL,0xb4a9ecec3d139f1fL,
-        0x05ce69cddc4a1f49L },
-      { 0xa19d1b16f5f98aafL,0x45bb71d66f23e0efL,0x33789fcd46cdfdd3L,
-        0x9b8e2978cee040caL } },
-    /* 61 << 210 */
-    { { 0x9c69b246ae0a6828L,0xba533d247078d5aaL,0x7a2e42c07bb4fbdbL,
-        0xcfb4879a7035385cL },
-      { 0x8c3dd30b3281705bL,0x7e361c6c404fe081L,0x7b21649c3f604edfL,
-        0x5dbf6a3fe52ffe47L } },
-    /* 62 << 210 */
-    { { 0xc41b7c234b54d9bfL,0x1374e6813511c3d9L,0x1863bf16c1b2b758L,
-        0x90e785071e9e6a96L },
-      { 0xab4bf98d5d86f174L,0xd74e0bd385e96fe4L,0x8afde39fcac5d344L,
-        0x90946dbcbd91b847L } },
-    /* 63 << 210 */
-    { { 0xf5b42358fe1a838cL,0x05aae6c5620ac9d8L,0x8e193bd8a1ce5a0bL,
-        0x8f7105714dabfd72L },
-      { 0x8d8fdd48182caaacL,0x8c4aeefa040745cfL,0x73c6c30af3b93e6dL,
-        0x991241f316f42011L } },
-    /* 64 << 210 */
-    { { 0xa0158eeae457a477L,0xd19857dbee6ddc05L,0xb326522418c41671L,
-        0x3ffdfc7e3c2c0d58L },
-      { 0x3a3a525426ee7cdaL,0x341b0869df02c3a8L,0xa023bf42723bbfc8L,
-        0x3d15002a14452691L } },
-    /* 0 << 217 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 217 */
-    { { 0x5ef7324c85edfa30L,0x2597655487d4f3daL,0x352f5bc0dcb50c86L,
-        0x8f6927b04832a96cL },
-      { 0xd08ee1ba55f2f94cL,0x6a996f99344b45faL,0xe133cb8da8aa455dL,
-        0x5d0721ec758dc1f7L } },
-    /* 2 << 217 */
-    { { 0x6ba7a92079e5fb67L,0xe1331feb70aa725eL,0x5080ccf57df5d837L,
-        0xe4cae01d7ff72e21L },
-      { 0xd9243ee60412a77dL,0x06ff7cacdf449025L,0xbe75f7cd23ef5a31L,
-        0xbc9578220ddef7a8L } },
-    /* 3 << 217 */
-    { { 0x8cf7230cb0ce1c55L,0x5b534d050bbfb607L,0xee1ef1130e16363bL,
-        0x27e0aa7ab4999e82L },
-      { 0xce1dac2d79362c41L,0x67920c9091bb6cb0L,0x1e648d632223df24L,
-        0x0f7d9eefe32e8f28L } },
-    /* 4 << 217 */
-    { { 0x6943f39afa833834L,0x22951722a6328562L,0x81d63dd54170fc10L,
-        0x9f5fa58faecc2e6dL },
-      { 0xb66c8725e77d9a3bL,0x11235cea6384ebe0L,0x06a8c1185845e24aL,
-        0x0137b286ebd093b1L } },
-    /* 5 << 217 */
-    { { 0xc589e1ce44ace150L,0xe0f8d3d94381e97cL,0x59e99b1162c5a4b8L,
-        0x90d262f7fd0ec9f9L },
-      { 0xfbc854c9283e13c9L,0x2d04fde7aedc7085L,0x057d776547dcbecbL,
-        0x8dbdf5919a76fa5fL } },
-    /* 6 << 217 */
-    { { 0xd01506950de1e578L,0x2e1463e7e9f72bc6L,0xffa684411b39eca5L,
-        0x673c85307c037f2fL },
-      { 0xd0d6a600747f91daL,0xb08d43e1c9cb78e9L,0x0fc0c64427b5cef5L,
-        0x5c1d160aa60a2fd6L } },
-    /* 7 << 217 */
-    { { 0xf98cae5328c8e13bL,0x375f10c4b2eddcd1L,0xd4eb8b7f5cce06adL,
-        0xb4669f4580a2e1efL },
-      { 0xd593f9d05bbd8699L,0x5528a4c9e7976d13L,0x3923e0951c7e28d3L,
-        0xb92937903f6bb577L } },
-    /* 8 << 217 */
-    { { 0xdb567d6ac42bd6d2L,0x6df86468bb1f96aeL,0x0efe5b1a4843b28eL,
-        0x961bbb056379b240L },
-      { 0xb6caf5f070a6a26bL,0x70686c0d328e6e39L,0x80da06cf895fc8d3L,
-        0x804d8810b363fdc9L } },
-    /* 9 << 217 */
-    { { 0xbe22877b207f1670L,0x9b0dd1884e615291L,0x625ae8dc97a3c2bfL,
-        0x08584ef7439b86e8L },
-      { 0xde7190a5dcd898ffL,0x26286c402058ee3dL,0x3db0b2175f87b1c1L,
-        0xcc334771102a6db5L } },
-    /* 10 << 217 */
-    { { 0xd99de9542f770fb1L,0x97c1c6204cd7535eL,0xd3b6c4483f09cefcL,
-        0xd725af155a63b4f8L },
-      { 0x0c95d24fc01e20ecL,0xdfd374949ae7121fL,0x7d6ddb72ec77b7ecL,
-        0xfe079d3b0353a4aeL } },
-    /* 11 << 217 */
-    { { 0x3066e70a2e6ac8d2L,0x9c6b5a43106e5c05L,0x52d3c6f5ede59b8cL,
-        0x30d6a5c3fccec9aeL },
-      { 0xedec7c224fc0a9efL,0x190ff08395c16cedL,0xbe12ec8f94de0fdeL,
-        0x0d131ab8852d3433L } },
-    /* 12 << 217 */
-    { { 0x42ace07e85701291L,0x94793ed9194061a8L,0x30e83ed6d7f4a485L,
-        0x9eec7269f9eeff4dL },
-      { 0x90acba590c9d8005L,0x5feca4581e79b9d1L,0x8fbe54271d506a1eL,
-        0xa32b2c8e2439cfa7L } },
-    /* 13 << 217 */
-    { { 0x1671c17373dd0b4eL,0x37a2821444a054c6L,0x81760a1b4e8b53f1L,
-        0xa6c04224f9f93b9eL },
-      { 0x18784b34cf671e3cL,0x81bbecd2cda9b994L,0x38831979b2ab3848L,
-        0xef54feb7f2e03c2dL } },
-    /* 14 << 217 */
-    { { 0xcf197ca7fb8088faL,0x014272474ddc96c5L,0xa2d2550a30777176L,
-        0x534698984d0cf71dL },
-      { 0x6ce937b83a2aaac6L,0xe9f91dc35af38d9bL,0x2598ad83c8bf2899L,
-        0x8e706ac9b5536c16L } },
-    /* 15 << 217 */
-    { { 0x40dc7495f688dc98L,0x26490cd7124c4afcL,0xe651ec841f18775cL,
-        0x393ea6c3b4fdaf4aL },
-      { 0x1e1f33437f338e0dL,0x39fb832b6053e7b5L,0x46e702da619e14d5L,
-        0x859cacd1cdeef6e0L } },
-    /* 16 << 217 */
-    { { 0x63b99ce74462007dL,0xb8ab48a54cb5f5b7L,0x9ec673d2f55edde7L,
-        0xd1567f748cfaefdaL },
-      { 0x46381b6b0887bcecL,0x694497cee178f3c2L,0x5e6525e31e6266cbL,
-        0x5931de26697d6413L } },
-    /* 17 << 217 */
-    { { 0x87f8df7c0e58d493L,0xb1ae5ed058b73f12L,0xc368f784dea0c34dL,
-        0x9bd0a120859a91a0L },
-      { 0xb00d88b7cc863c68L,0x3a1cc11e3d1f4d65L,0xea38e0e70aa85593L,
-        0x37f13e987dc4aee8L } },
-    /* 18 << 217 */
-    { { 0x10d38667bc947badL,0x738e07ce2a36ee2eL,0xc93470cdc577fcacL,
-        0xdee1b6162782470dL },
-      { 0x36a25e672e793d12L,0xd6aa6caee0f186daL,0x474d0fd980e07af7L,
-        0xf7cdc47dba8a5cd4L } },
-    /* 19 << 217 */
-    { { 0x28af6d9dab15247fL,0x7c789c10493a537fL,0x7ac9b11023a334e7L,
-        0x0236ac0912c9c277L },
-      { 0xa7e5bd251d7a5144L,0x098b9c2af13ec4ecL,0x3639dacad3f0abcaL,
-        0x642da81aa23960f9L } },
-    /* 20 << 217 */
-    { { 0x7d2e5c054f7269b1L,0xfcf30777e287c385L,0x10edc84ff2a46f21L,
-        0x354417574f43fa36L },
-      { 0xf1327899fd703431L,0xa438d7a616dd587aL,0x65c34c57e9c8352dL,
-        0xa728edab5cc5a24eL } },
-    /* 21 << 217 */
-    { { 0xaed78abc42531689L,0x0a51a0e8010963efL,0x5776fa0ad717d9b3L,
-        0xf356c2397dd3428bL },
-      { 0x29903fff8d3a3dacL,0x409597fa3d94491fL,0x4cd7a5ffbf4a56a4L,
-        0xe50964748adab462L } },
-    /* 22 << 217 */
-    { { 0xa97b51265c3427b0L,0x6401405cd282c9bdL,0x3629f8d7222c5c45L,
-        0xb1c02c16e8d50aedL },
-      { 0xbea2ed75d9635bc9L,0x226790c76e24552fL,0x3c33f2a365f1d066L,
-        0x2a43463e6dfccc2eL } },
-    /* 23 << 217 */
-    { { 0x8cc3453adb483761L,0xe7cc608565d5672bL,0x277ed6cbde3efc87L,
-        0x19f2f36869234eafL },
-      { 0x9aaf43175c0b800bL,0x1f1e7c898b6da6e2L,0x6cfb4715b94ec75eL,
-        0xd590dd5f453118c2L } },
-    /* 24 << 217 */
-    { { 0x14e49da11f17a34cL,0x5420ab39235a1456L,0xb76372412f50363bL,
-        0x7b15d623c3fabb6eL },
-      { 0xa0ef40b1e274e49cL,0x5cf5074496b1860aL,0xd6583fbf66afe5a4L,
-        0x44240510f47e3e9aL } },
-    /* 25 << 217 */
-    { { 0x9925434311b2d595L,0xf1367499eec8df57L,0x3cb12c613e73dd05L,
-        0xd248c0337dac102aL },
-      { 0xcf154f13a77739f5L,0xbf4288cb23d2af42L,0xaa64c9b632e4a1cfL,
-        0xee8c07a8c8a208f3L } },
-    /* 26 << 217 */
-    { { 0xe10d49996fe8393fL,0x0f809a3fe91f3a32L,0x61096d1c802f63c8L,
-        0x289e146257750d3dL },
-      { 0xed06167e9889feeaL,0xd5c9c0e2e0993909L,0x46fca0d856508ac6L,
-        0x918260474f1b8e83L } },
-    /* 27 << 217 */
-    { { 0x4f2c877a9a4a2751L,0x71bd0072cae6feadL,0x38df8dcc06aa1941L,
-        0x5a074b4c63beeaa8L },
-      { 0xd6d65934c1cec8edL,0xa6ecb49eaabc03bdL,0xaade91c2de8a8415L,
-        0xcfb0efdf691136e0L } },
-    /* 28 << 217 */
-    { { 0x11af45ee23ab3495L,0xa132df880b77463dL,0x8923c15c815d06f4L,
-        0xc3ceb3f50d61a436L },
-      { 0xaf52291de88fb1daL,0xea0579741da12179L,0xb0d7218cd2fef720L,
-        0x6c0899c98e1d8845L } },
-    /* 29 << 217 */
-    { { 0x98157504752ddad7L,0xd60bd74fa1a68a97L,0x7047a3a9f658fb99L,
-        0x1f5d86d65f8511e4L },
-      { 0xb8a4bc424b5a6d88L,0x69eb2c331abefa7dL,0x95bf39e813c9c510L,
-        0xf571960ad48aab43L } },
-    /* 30 << 217 */
-    { { 0x7e8cfbcf704e23c6L,0xc71b7d2228aaa65bL,0xa041b2bd245e3c83L,
-        0x69b98834d21854ffL },
-      { 0x89d227a3963bfeecL,0x99947aaade7da7cbL,0x1d9ee9dbee68a9b1L,
-        0x0a08f003698ec368L } },
-    /* 31 << 217 */
-    { { 0xe9ea409478ef2487L,0xc8d2d41502cfec26L,0xc52f9a6eb7dcf328L,
-        0x0ed489e385b6a937L },
-      { 0x9b94986bbef3366eL,0x0de59c70edddddb8L,0xffdb748ceadddbe2L,
-        0x9b9784bb8266ea40L } },
-    /* 32 << 217 */
-    { { 0x142b55021a93507aL,0xb4cd11878d3c06cfL,0xdf70e76a91ec3f40L,
-        0x484e81ad4e7553c2L },
-      { 0x830f87b5272e9d6eL,0xea1c93e5c6ff514aL,0x67cc2adcc4192a8eL,
-        0xc77e27e242f4535aL } },
-    /* 33 << 217 */
-    { { 0x9cdbab36d2b713c5L,0x86274ea0cf7b0cd3L,0x784680f309af826bL,
-        0xbfcc837a0c72dea3L },
-      { 0xa8bdfe9dd6529b73L,0x708aa22863a88002L,0x6c7a9a54c91d45b9L,
-        0xdf1a38bbfd004f56L } },
-    /* 34 << 217 */
-    { { 0x2e8c9a26b8bad853L,0x2d52cea33723eae7L,0x054d6d8156ca2830L,
-        0xa3317d149a8dc411L },
-      { 0xa08662fefd4ddedaL,0xed2a153ab55d792bL,0x7035c16abfc6e944L,
-        0xb6bc583400171cf3L } },
-    /* 35 << 217 */
-    { { 0xe27152b383d102b6L,0xfe695a470646b848L,0xa5bb09d8916e6d37L,
-        0xb4269d640d17015eL },
-      { 0x8d8156a10a1d2285L,0xfeef6c5146d26d72L,0x9dac57c84c5434a7L,
-        0x0282e5be59d39e31L } },
-    /* 36 << 217 */
-    { { 0xedfff181721c486dL,0x301baf10bc58824eL,0x8136a6aa00570031L,
-        0x55aaf78c1cddde68L },
-      { 0x2682937159c63952L,0x3a3bd2748bc25bafL,0xecdf8657b7e52dc3L,
-        0x2dd8c087fd78e6c8L } },
-    /* 37 << 217 */
-    { { 0x20553274f5531461L,0x8b4a12815d95499bL,0xe2c8763a1a80f9d2L,
-        0xd1dbe32b4ddec758L },
-      { 0xaf12210d30c34169L,0xba74a95378baa533L,0x3d133c6ea438f254L,
-        0xa431531a201bef5bL } },
-    /* 38 << 217 */
-    { { 0x15295e22f669d7ecL,0xca374f64357fb515L,0x8a8406ffeaa3fdb3L,
-        0x106ae448df3f2da8L },
-      { 0x8f9b0a9033c8e9a1L,0x234645e271ad5885L,0x3d0832241c0aed14L,
-        0xf10a7d3e7a942d46L } },
-    /* 39 << 217 */
-    { { 0x7c11deee40d5c9beL,0xb2bae7ffba84ed98L,0x93e97139aad58dddL,
-        0x3d8727963f6d1fa3L },
-      { 0x483aca818569ff13L,0x8b89a5fb9a600f72L,0x4cbc27c3c06f2b86L,
-        0x2213071363ad9c0bL } },
-    /* 40 << 217 */
-    { { 0xb5358b1e48ac2840L,0x18311294ecba9477L,0xda58f990a6946b43L,
-        0x3098baf99ab41819L },
-      { 0x66c4c1584198da52L,0xab4fc17c146bfd1bL,0x2f0a4c3cbf36a908L,
-        0x2ae9e34b58cf7838L } },
-    /* 41 << 217 */
-    { { 0xf411529e3fa11b1fL,0x21e43677974af2b4L,0x7c20958ec230793bL,
-        0x710ea88516e840f3L },
-      { 0xfc0b21fcc5dc67cfL,0x08d5164788405718L,0xd955c21fcfe49eb7L,
-        0x9722a5d556dd4a1fL } },
-    /* 42 << 217 */
-    { { 0xc9ef50e2c861baa5L,0xc0c21a5d9505ac3eL,0xaf6b9a338b7c063fL,
-        0xc63703392f4779c1L },
-      { 0x22df99c7638167c3L,0xfe6ffe76795db30cL,0x2b822d33a4854989L,
-        0xfef031dd30563aa5L } },
-    /* 43 << 217 */
-    { { 0x16b09f82d57c667fL,0xc70312cecc0b76f1L,0xbf04a9e6c9118aecL,
-        0x82fcb4193409d133L },
-      { 0x1a8ab385ab45d44dL,0xfba07222617b83a3L,0xb05f50dd58e81b52L,
-        0x1d8db55321ce5affL } },
-    /* 44 << 217 */
-    { { 0x3097b8d4e344a873L,0x7d8d116dfe36d53eL,0x6db22f587875e750L,
-        0x2dc5e37343e144eaL },
-      { 0xc05f32e6e799eb95L,0xe9e5f4df6899e6ecL,0xbdc3bd681fab23d5L,
-        0xb72b8ab773af60e6L } },
-    /* 45 << 217 */
-    { { 0x8db27ae02cecc84aL,0x600016d87bdb871cL,0x42a44b13d7c46f58L,
-        0xb8919727c3a77d39L },
-      { 0xcfc6bbbddafd6088L,0x1a7401466bd20d39L,0x8c747abd98c41072L,
-        0x4c91e765bdf68ea1L } },
-    /* 46 << 217 */
-    { { 0x7c95e5ca08819a78L,0xcf48b729c9587921L,0x091c7c5fdebbcc7dL,
-        0x6f287404f0e05149L },
-      { 0xf83b5ac226cd44ecL,0x88ae32a6cfea250eL,0x6ac5047a1d06ebc5L,
-        0xc7e550b4d434f781L } },
-    /* 47 << 217 */
-    { { 0x61ab1cf25c727bd2L,0x2e4badb11cf915b0L,0x1b4dadecf69d3920L,
-        0xe61b1ca6f14c1dfeL },
-      { 0x90b479ccbd6bd51fL,0x8024e4018045ec30L,0xcab29ca325ef0e62L,
-        0x4f2e941649e4ebc0L } },
-    /* 48 << 217 */
-    { { 0x45eb40ec0ccced58L,0x25cd4b9c0da44f98L,0x43e06458871812c6L,
-        0x99f80d5516cef651L },
-      { 0x571340c9ce6dc153L,0x138d5117d8665521L,0xacdb45bc4e07014dL,
-        0x2f34bb3884b60b91L } },
-    /* 49 << 217 */
-    { { 0xf44a4fd22ae8921eL,0xb039288e892ba1e2L,0x9da50174b1c180b2L,
-        0x6b70ab661693dc87L },
-      { 0x7e9babc9e7057481L,0x4581ddef9c80dc41L,0x0c890da951294682L,
-        0x0b5629d33f4736e5L } },
-    /* 50 << 217 */
-    { { 0x2340c79eb06f5b41L,0xa42e84ce4e243469L,0xf9a20135045a71a9L,
-        0xefbfb415d27b6fb6L },
-      { 0x25ebea239d33cd6fL,0x9caedb88aa6c0af8L,0x53dc7e9ad9ce6f96L,
-        0x3897f9fd51e0b15aL } },
-    /* 51 << 217 */
-    { { 0xf51cb1f88e5d788eL,0x1aec7ba8e1d490eeL,0x265991e0cc58cb3cL,
-        0x9f306e8c9fc3ad31L },
-      { 0x5fed006e5040a0acL,0xca9d5043fb476f2eL,0xa19c06e8beea7a23L,
-        0xd28658010edabb63L } },
-    /* 52 << 217 */
-    { { 0xdb92293f6967469aL,0x2894d8398d8a8ed8L,0x87c9e406bbc77122L,
-        0x8671c6f12ea3a26aL },
-      { 0xe42df8d6d7de9853L,0x2e3ce346b1f2bcc7L,0xda601dfc899d50cfL,
-        0xbfc913defb1b598fL } },
-    /* 53 << 217 */
-    { { 0x81c4909fe61f7908L,0x192e304f9bbc7b29L,0xc3ed8738c104b338L,
-        0xedbe9e47783f5d61L },
-      { 0x0c06e9be2db30660L,0xda3e613fc0eb7d8eL,0xd8fa3e97322e096eL,
-        0xfebd91e8d336e247L } },
-    /* 54 << 217 */
-    { { 0x8f13ccc4df655a49L,0xa9e00dfc5eb20210L,0x84631d0fc656b6eaL,
-        0x93a058cdd8c0d947L },
-      { 0x6846904a67bd3448L,0x4a3d4e1af394fd5cL,0xc102c1a5db225f52L,
-        0xe3455bbafc4f5e9aL } },
-    /* 55 << 217 */
-    { { 0x6b36985b4b9ad1ceL,0xa98185365bb7f793L,0x6c25e1d048b1a416L,
-        0x1381dd533c81bee7L },
-      { 0xd2a30d617a4a7620L,0xc841292639b8944cL,0x3c1c6fbe7a97c33aL,
-        0x941e541d938664e7L } },
-    /* 56 << 217 */
-    { { 0x417499e84a34f239L,0x15fdb83cb90402d5L,0xb75f46bf433aa832L,
-        0xb61e15af63215db1L },
-      { 0xaabe59d4a127f89aL,0x5d541e0c07e816daL,0xaaba0659a618b692L,
-        0x5532773317266026L } },
-    /* 57 << 217 */
-    { { 0xaf53a0fc95f57552L,0x329476506cacb0c9L,0x253ff58dc821be01L,
-        0xb0309531a06f1146L },
-      { 0x59bbbdf505c2e54dL,0x158f27ad26e8dd22L,0xcc5b7ffb397e1e53L,
-        0xae03f65b7fc1e50dL } },
-    /* 58 << 217 */
-    { { 0xa9784ebd9c95f0f9L,0x5ed9deb224640771L,0x31244af7035561c4L,
-        0x87332f3a7ee857deL },
-      { 0x09e16e9e2b9e0d88L,0x52d910f456a06049L,0x507ed477a9592f48L,
-        0x85cb917b2365d678L } },
-    /* 59 << 217 */
-    { { 0xf8511c934c8998d1L,0x2186a3f1730ea58fL,0x50189626b2029db0L,
-        0x9137a6d902ceb75aL },
-      { 0x2fe17f37748bc82cL,0x87c2e93180469f8cL,0x850f71cdbf891aa2L,
-        0x0ca1b89b75ec3d8dL } },
-    /* 60 << 217 */
-    { { 0x516c43aa5e1cd3cdL,0x893978089a887c28L,0x0059c699ddea1f9fL,
-        0x7737d6fa8e6868f7L },
-      { 0x6d93746a60f1524bL,0x36985e55ba052aa7L,0x41b1d322ed923ea5L,
-        0x3429759f25852a11L } },
-    /* 61 << 217 */
-    { { 0xbeca6ec3092e9f41L,0x3a238c6662256bbdL,0xd82958ea70ad487dL,
-        0x4ac8aaf965610d93L },
-      { 0x3fa101b15e4ccab0L,0x9bf430f29de14bfbL,0xa10f5cc66531899dL,
-        0x590005fbea8ce17dL } },
-    /* 62 << 217 */
-    { { 0xc437912f24544cb6L,0x9987b71ad79ac2e3L,0x13e3d9ddc058a212L,
-        0x00075aacd2de9606L },
-      { 0x80ab508b6cac8369L,0x87842be7f54f6c89L,0xa7ad663d6bc532a4L,
-        0x67813de778a91bc8L } },
-    /* 63 << 217 */
-    { { 0x5dcb61cec3427239L,0x5f3c7cf0c56934d9L,0xc079e0fbe3191591L,
-        0xe40896bdb01aada7L },
-      { 0x8d4667910492d25fL,0x8aeb30c9e7408276L,0xe94374959287aaccL,
-        0x23d4708d79fe03d4L } },
-    /* 64 << 217 */
-    { { 0x8cda9cf2d0c05199L,0x502fbc22fae78454L,0xc0bda9dff572a182L,
-        0x5f9b71b86158b372L },
-      { 0xe0f33a592b82dd07L,0x763027359523032eL,0x7fe1a721c4505a32L,
-        0x7b6e3e82f796409fL } },
-    /* 0 << 224 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 224 */
-    { { 0xe3417bc035d0b34aL,0x440b386b8327c0a7L,0x8fb7262dac0362d1L,
-        0x2c41114ce0cdf943L },
-      { 0x2ba5cef1ad95a0b1L,0xc09b37a867d54362L,0x26d6cdd201e486c9L,
-        0x20477abf42ff9297L } },
-    /* 2 << 224 */
-    { { 0xa004dcb3292a9287L,0xddc15cf677b092c7L,0x083a8464806c0605L,
-        0x4a68df703db997b0L },
-      { 0x9c134e4505bf7dd0L,0xa4e63d398ccf7f8cL,0xa6e6517f41b5f8afL,
-        0xaa8b9342ad7bc1ccL } },
-    /* 3 << 224 */
-    { { 0x126f35b51e706ad9L,0xb99cebb4c3a9ebdfL,0xa75389afbf608d90L,
-        0x76113c4fc6c89858L },
-      { 0x80de8eb097e2b5aaL,0x7e1022cc63b91304L,0x3bdab6056ccc066cL,
-        0x33cbb144b2edf900L } },
-    /* 4 << 224 */
-    { { 0xc41764717af715d2L,0xe2f7f594d0134a96L,0x2c1873efa41ec956L,
-        0xe4e7b4f677821304L },
-      { 0xe5c8ff9788d5374aL,0x2b915e6380823d5bL,0xea6bc755b2ee8fe2L,
-        0x6657624ce7112651L } },
-    /* 5 << 224 */
-    { { 0x157af101dace5acaL,0xc4fdbcf211a6a267L,0xdaddf340c49c8609L,
-        0x97e49f52e9604a65L },
-      { 0x9be8e790937e2ad5L,0x846e2508326e17f1L,0x3f38007a0bbbc0dcL,
-        0xcf03603fb11e16d6L } },
-    /* 6 << 224 */
-    { { 0xd6f800e07442f1d5L,0x475607d166e0e3abL,0x82807f16b7c64047L,
-        0x8858e1e3a749883dL },
-      { 0x5859120b8231ee10L,0x1b80e7eb638a1eceL,0xcb72525ac6aa73a4L,
-        0xa7cdea3d844423acL } },
-    /* 7 << 224 */
-    { { 0x5ed0c007f8ae7c38L,0x6db07a5c3d740192L,0xbe5e9c2a5fe36db3L,
-        0xd5b9d57a76e95046L },
-      { 0x54ac32e78eba20f2L,0xef11ca8f71b9a352L,0x305e373eff98a658L,
-        0xffe5a100823eb667L } },
-    /* 8 << 224 */
-    { { 0x57477b11e51732d2L,0xdfd6eb282538fc0eL,0x5c43b0cc3b39eec5L,
-        0x6af12778cb36cc57L },
-      { 0x70b0852d06c425aeL,0x6df92f8c5c221b9bL,0x6c8d4f9ece826d9cL,
-        0xf59aba7bb49359c3L } },
-    /* 9 << 224 */
-    { { 0x5c8ed8d5da64309dL,0x61a6de5691b30704L,0xd6b52f6a2f9b5808L,
-        0x0eee419498c958a7L },
-      { 0xcddd9aab771e4caaL,0x83965dfd78bc21beL,0x02affce3b3b504f5L,
-        0x30847a21561c8291L } },
-    /* 10 << 224 */
-    { { 0xd2eb2cf152bfda05L,0xe0e4c4e96197b98cL,0x1d35076cf8a1726fL,
-        0x6c06085b2db11e3dL },
-      { 0x15c0c4d74463ba14L,0x9d292f830030238cL,0x1311ee8b3727536dL,
-        0xfeea86efbeaedc1eL } },
-    /* 11 << 224 */
-    { { 0xb9d18cd366131e2eL,0xf31d974f80fe2682L,0xb6e49e0fe4160289L,
-        0x7c48ec0b08e92799L },
-      { 0x818111d8d1989aa7L,0xb34fa0aaebf926f9L,0xdb5fe2f5a245474aL,
-        0xf80a6ebb3c7ca756L } },
-    /* 12 << 224 */
-    { { 0xa7f96054afa05dd8L,0x26dfcf21fcaf119eL,0xe20ef2e30564bb59L,
-        0xef4dca5061cb02b8L },
-      { 0xcda7838a65d30672L,0x8b08d534fd657e86L,0x4c5b439546d595c8L,
-        0x39b58725425cb836L } },
-    /* 13 << 224 */
-    { { 0x8ea610593de9abe3L,0x404348819cdc03beL,0x9b261245cfedce8cL,
-        0x78c318b4cf5234a1L },
-      { 0x510bcf16fde24c99L,0x2a77cb75a2c2ff5dL,0x9c895c2b27960fb4L,
-        0xd30ce975b0eda42bL } },
-    /* 14 << 224 */
-    { { 0xfda853931a62cc26L,0x23c69b9650c0e052L,0xa227df15bfc633f3L,
-        0x2ac788481bae7d48L },
-      { 0x487878f9187d073dL,0x6c2be919967f807dL,0x765861d8336e6d8fL,
-        0x88b8974cce528a43L } },
-    /* 15 << 224 */
-    { { 0x09521177ff57d051L,0x2ff38037fb6a1961L,0xfc0aba74a3d76ad4L,
-        0x7c76480325a7ec17L },
-      { 0x7532d75f48879bc8L,0xea7eacc058ce6bc1L,0xc82176b48e896c16L,
-        0x9a30e0b22c750fedL } },
-    /* 16 << 224 */
-    { { 0xc37e2c2e421d3aa4L,0xf926407ce84fa840L,0x18abc03d1454e41cL,
-        0x26605ecd3f7af644L },
-      { 0x242341a6d6a5eabfL,0x1edb84f4216b668eL,0xd836edb804010102L,
-        0x5b337ce7945e1d8cL } },
-    /* 17 << 224 */
-    { { 0xd2075c77c055dc14L,0x2a0ffa2581d89cdfL,0x8ce815ea6ffdcbafL,
-        0xa3428878fb648867L },
-      { 0x277699cf884655fbL,0xfa5b5bd6364d3e41L,0x01f680c6441e1cb7L,
-        0x3fd61e66b70a7d67L } },
-    /* 18 << 224 */
-    { { 0x666ba2dccc78cf66L,0xb30181746fdbff77L,0x8d4dd0db168d4668L,
-        0x259455d01dab3a2aL },
-      { 0xf58564c5cde3acecL,0x7714192513adb276L,0x527d725d8a303f65L,
-        0x55deb6c9e6f38f7bL } },
-    /* 19 << 224 */
-    { { 0xfd5bb657b1fa70fbL,0xfa07f50fd8073a00L,0xf72e3aa7bca02500L,
-        0xf68f895d9975740dL },
-      { 0x301120605cae2a6aL,0x01bd721802874842L,0x3d4238917ce47bd3L,
-        0xa66663c1789544f6L } },
-    /* 20 << 224 */
-    { { 0x864d05d73272d838L,0xe22924f9fa6295c5L,0x8189593f6c2fda32L,
-        0x330d7189b184b544L },
-      { 0x79efa62cbde1f714L,0x35771c94e5cb1a63L,0x2f4826b8641c8332L,
-        0x00a894fbc8cee854L } },
-    /* 21 << 224 */
-    { { 0xb4b9a39b36194d40L,0xe857a7c577612601L,0xf4209dd24ecf2f58L,
-        0x82b9e66d5a033487L },
-      { 0xc1e36934e4e8b9ddL,0xd2372c9da42377d7L,0x51dc94c70e3ae43bL,
-        0x4c57761e04474f6fL } },
-    /* 22 << 224 */
-    { { 0xdcdacd0a1058a318L,0x369cf3f578053a9aL,0xc6c3de5031c68de2L,
-        0x4653a5763c4b6d9fL },
-      { 0x1688dd5aaa4e5c97L,0x5be80aa1b7ab3c74L,0x70cefe7cbc65c283L,
-        0x57f95f1306867091L } },
-    /* 23 << 224 */
-    { { 0xa39114e24415503bL,0xc08ff7c64cbb17e9L,0x1eff674dd7dec966L,
-        0x6d4690af53376f63L },
-      { 0xff6fe32eea74237bL,0xc436d17ecd57508eL,0x15aa28e1edcc40feL,
-        0x0d769c04581bbb44L } },
-    /* 24 << 224 */
-    { { 0xc240b6de34eaacdaL,0xd9e116e82ba0f1deL,0xcbe45ec779438e55L,
-        0x91787c9d96f752d7L },
-      { 0x897f532bf129ac2fL,0xd307b7c85a36e22cL,0x91940675749fb8f3L,
-        0xd14f95d0157fdb28L } },
-    /* 25 << 224 */
-    { { 0xfe51d0296ae55043L,0x8931e98f44a87de1L,0xe57f1cc609e4fee2L,
-        0x0d063b674e072d92L },
-      { 0x70a998b9ed0e4316L,0xe74a736b306aca46L,0xecf0fbf24fda97c7L,
-        0xa40f65cb3e178d93L } },
-    /* 26 << 224 */
-    { { 0x1625360416df4285L,0xb0c9babbd0c56ae2L,0x73032b19cfc5cfc3L,
-        0xe497e5c309752056L },
-      { 0x12096bb4164bda96L,0x1ee42419a0b74da1L,0x8fc36243403826baL,
-        0x0c8f0069dc09e660L } },
-    /* 27 << 224 */
-    { { 0x8667e981c27253c9L,0x05a6aefb92b36a45L,0xa62c4b369cb7bb46L,
-        0x8394f37511f7027bL },
-      { 0x747bc79c5f109d0fL,0xcad88a765b8cc60aL,0x80c5a66b58f09e68L,
-        0xe753d451f6127eacL } },
-    /* 28 << 224 */
-    { { 0xc44b74a15b0ec6f5L,0x47989fe45289b2b8L,0x745f848458d6fc73L,
-        0xec362a6ff61c70abL },
-      { 0x070c98a7b3a8ad41L,0x73a20fc07b63db51L,0xed2c2173f44c35f4L,
-        0x8a56149d9acc9dcaL } },
-    /* 29 << 224 */
-    { { 0x98f178819ac6e0f4L,0x360fdeafa413b5edL,0x0625b8f4a300b0fdL,
-        0xf1f4d76a5b3222d3L },
-      { 0x9d6f5109587f76b8L,0x8b4ee08d2317fdb5L,0x88089bb78c68b095L,
-        0x95570e9a5808d9b9L } },
-    /* 30 << 224 */
-    { { 0xa395c36f35d33ae7L,0x200ea12350bb5a94L,0x20c789bd0bafe84bL,
-        0x243ef52d0919276aL },
-      { 0x3934c577e23ae233L,0xb93807afa460d1ecL,0xb72a53b1f8fa76a4L,
-        0xd8914cb0c3ca4491L } },
-    /* 31 << 224 */
-    { { 0x2e1284943fb42622L,0x3b2700ac500907d5L,0xf370fb091a95ec63L,
-        0xf8f30be231b6dfbdL },
-      { 0xf2b2f8d269e55f15L,0x1fead851cc1323e9L,0xfa366010d9e5eef6L,
-        0x64d487b0e316107eL } },
-    /* 32 << 224 */
-    { { 0x4c076b86d23ddc82L,0x03fd344c7e0143f0L,0xa95362ff317af2c5L,
-        0x0add3db7e18b7a4fL },
-      { 0x9c673e3f8260e01bL,0xfbeb49e554a1cc91L,0x91351bf292f2e433L,
-        0xc755e7ec851141ebL } },
-    /* 33 << 224 */
-    { { 0xc9a9513929607745L,0x0ca07420a26f2b28L,0xcb2790e74bc6f9ddL,
-        0x345bbb58adcaffc0L },
-      { 0xc65ea38cbe0f27a2L,0x67c24d7c641fcb56L,0x2c25f0a7a9e2c757L,
-        0x93f5cdb016f16c49L } },
-    /* 34 << 224 */
-    { { 0x2ca5a9d7c5ee30a1L,0xd1593635b909b729L,0x804ce9f3dadeff48L,
-        0xec464751b07c30c3L },
-      { 0x89d65ff39e49af6aL,0xf2d6238a6f3d01bcL,0x1095561e0bced843L,
-        0x51789e12c8a13fd8L } },
-    /* 35 << 224 */
-    { { 0xd633f929763231dfL,0x46df9f7de7cbddefL,0x01c889c0cb265da8L,
-        0xfce1ad10af4336d2L },
-      { 0x8d110df6fc6a0a7eL,0xdd431b986da425dcL,0xcdc4aeab1834aabeL,
-        0x84deb1248439b7fcL } },
-    /* 36 << 224 */
-    { { 0x8796f1693c2a5998L,0x9b9247b47947190dL,0x55b9d9a511597014L,
-        0x7e9dd70d7b1566eeL },
-      { 0x94ad78f7cbcd5e64L,0x0359ac179bd4c032L,0x3b11baaf7cc222aeL,
-        0xa6a6e284ba78e812L } },
-    /* 37 << 224 */
-    { { 0x8392053f24cea1a0L,0xc97bce4a33621491L,0x7eb1db3435399ee9L,
-        0x473f78efece81ad1L },
-      { 0x41d72fe0f63d3d0dL,0xe620b880afab62fcL,0x92096bc993158383L,
-        0x41a213578f896f6cL } },
-    /* 38 << 224 */
-    { { 0x1b5ee2fac7dcfcabL,0x650acfde9546e007L,0xc081b749b1b02e07L,
-        0xda9e41a0f9eca03dL },
-      { 0x013ba727175a54abL,0xca0cd190ea5d8d10L,0x85ea52c095fd96a9L,
-        0x2c591b9fbc5c3940L } },
-    /* 39 << 224 */
-    { { 0x6fb4d4e42bad4d5fL,0xfa4c3590fef0059bL,0x6a10218af5122294L,
-        0x9a78a81aa85751d1L },
-      { 0x04f20579a98e84e7L,0xfe1242c04997e5b5L,0xe77a273bca21e1e4L,
-        0xfcc8b1ef9411939dL } },
-    /* 40 << 224 */
-    { { 0xe20ea30292d0487aL,0x1442dbec294b91feL,0x1f7a4afebb6b0e8fL,
-        0x1700ef746889c318L },
-      { 0xf5bbffc370f1fc62L,0x3b31d4b669c79ccaL,0xe8bc2aaba7f6340dL,
-        0xb0b08ab4a725e10aL } },
-    /* 41 << 224 */
-    { { 0x44f05701ae340050L,0xba4b30161cf0c569L,0x5aa29f83fbe19a51L,
-        0x1b9ed428b71d752eL },
-      { 0x1666e54eeb4819f5L,0x616cdfed9e18b75bL,0x112ed5be3ee27b0bL,
-        0xfbf2831944c7de4dL } },
-    /* 42 << 224 */
-    { { 0xd685ec85e0e60d84L,0x68037e301db7ee78L,0x5b65bdcd003c4d6eL,
-        0x33e7363a93e29a6aL },
-      { 0x995b3a6108d0756cL,0xd727f85c2faf134bL,0xfac6edf71d337823L,
-        0x99b9aa500439b8b4L } },
-    /* 43 << 224 */
-    { { 0x722eb104e2b4e075L,0x49987295437c4926L,0xb1e4c0e446a9b82dL,
-        0xd0cb319757a006f5L },
-      { 0xf3de0f7dd7808c56L,0xb5c54d8f51f89772L,0x500a114aadbd31aaL,
-        0x9afaaaa6295f6cabL } },
-    /* 44 << 224 */
-    { { 0x94705e2104cf667aL,0xfc2a811b9d3935d7L,0x560b02806d09267cL,
-        0xf19ed119f780e53bL },
-      { 0xf0227c09067b6269L,0x967b85335caef599L,0x155b924368efeebcL,
-        0xcd6d34f5c497bae6L } },
-    /* 45 << 224 */
-    { { 0x1dd8d5d36cceb370L,0x2aeac579a78d7bf9L,0x5d65017d70b67a62L,
-        0x70c8e44f17c53f67L },
-      { 0xd1fc095086a34d09L,0xe0fca256e7134907L,0xe24fa29c80fdd315L,
-        0x2c4acd03d87499adL } },
-    /* 46 << 224 */
-    { { 0xbaaf75173b5a9ba6L,0xb9cbe1f612e51a51L,0xd88edae35e154897L,
-        0xe4309c3c77b66ca0L },
-      { 0xf5555805f67f3746L,0x85fc37baa36401ffL,0xdf86e2cad9499a53L,
-        0x6270b2a3ecbc955bL } },
-    /* 47 << 224 */
-    { { 0xafae64f5974ad33bL,0x04d85977fe7b2df1L,0x2a3db3ff4ab03f73L,
-        0x0b87878a8702740aL },
-      { 0x6d263f015a061732L,0xc25430cea32a1901L,0xf7ebab3ddb155018L,
-        0x3a86f69363a9b78eL } },
-    /* 48 << 224 */
-    { { 0x349ae368da9f3804L,0x470f07fea164349cL,0xd52f4cc98562baa5L,
-        0xc74a9e862b290df3L },
-      { 0xd3a1aa3543471a24L,0x239446beb8194511L,0xbec2dd0081dcd44dL,
-        0xca3d7f0fc42ac82dL } },
-    /* 49 << 224 */
-    { { 0x1f3db085fdaf4520L,0xbb6d3e804549daf2L,0xf5969d8a19ad5c42L,
-        0x7052b13ddbfd1511L },
-      { 0x11890d1b682b9060L,0xa71d3883ac34452cL,0xa438055b783805b4L,
-        0x432412774725b23eL } },
-    /* 50 << 224 */
-    { { 0xf20cf96e4901bbedL,0x6419c710f432a2bbL,0x57a0fbb9dfa9cd7dL,
-        0x589111e400daa249L },
-      { 0x19809a337b60554eL,0xea5f8887ede283a4L,0x2d713802503bfd35L,
-        0x151bb0af585d2a53L } },
-    /* 51 << 224 */
-    { { 0x40b08f7443b30ca8L,0xe10b5bbad9934583L,0xe8a546d6b51110adL,
-        0x1dd50e6628e0b6c5L },
-      { 0x292e9d54cff2b821L,0x3882555d47281760L,0x134838f83724d6e3L,
-        0xf2c679e022ddcda1L } },
-    /* 52 << 224 */
-    { { 0x40ee88156d2a5768L,0x7f227bd21c1e7e2dL,0x487ba134d04ff443L,
-        0x76e2ff3dc614e54bL },
-      { 0x36b88d6fa3177ec7L,0xbf731d512328fff5L,0x758caea249ba158eL,
-        0x5ab8ff4c02938188L } },
-    /* 53 << 224 */
-    { { 0x33e1605635edc56dL,0x5a69d3497e940d79L,0x6c4fd00103866dcbL,
-        0x20a38f574893cdefL },
-      { 0xfbf3e790fac3a15bL,0x6ed7ea2e7a4f8e6bL,0xa663eb4fbc3aca86L,
-        0x22061ea5080d53f7L } },
-    /* 54 << 224 */
-    { { 0x2480dfe6f546783fL,0xd38bc6da5a0a641eL,0xfb093cd12ede8965L,
-        0x89654db4acb455cfL },
-      { 0x413cbf9a26e1adeeL,0x291f3764373294d4L,0x00797257648083feL,
-        0x25f504d3208cc341L } },
-    /* 55 << 224 */
-    { { 0x635a8e5ec3a0ee43L,0x70aaebca679898ffL,0x9ee9f5475dc63d56L,
-        0xce987966ffb34d00L },
-      { 0xf9f86b195e26310aL,0x9e435484382a8ca8L,0x253bcb81c2352fe4L,
-        0xa4eac8b04474b571L } },
-    /* 56 << 224 */
-    { { 0xc1b97512c1ad8cf8L,0x193b4e9e99e0b697L,0x939d271601e85df0L,
-        0x4fb265b3cd44eafdL },
-      { 0x321e7dcde51e1ae2L,0x8e3a8ca6e3d8b096L,0x8de46cb052604998L,
-        0x91099ad839072aa7L } },
-    /* 57 << 224 */
-    { { 0x2617f91c93aa96b8L,0x0fc8716b7fca2e13L,0xa7106f5e95328723L,
-        0xd1c9c40b262e6522L },
-      { 0xb9bafe8642b7c094L,0x1873439d1543c021L,0xe1baa5de5cbefd5dL,
-        0xa363fc5e521e8affL } },
-    /* 58 << 224 */
-    { { 0xefe6320df862eaacL,0x14419c6322c647dcL,0x0e06707c4e46d428L,
-        0xcb6c834f4a178f8fL },
-      { 0x0f993a45d30f917cL,0xd4c4b0499879afeeL,0xb6142a1e70500063L,
-        0x7c9b41c3a5d9d605L } },
-    /* 59 << 224 */
-    { { 0xbc00fc2f2f8ba2c7L,0x0966eb2f7c67aa28L,0x13f7b5165a786972L,
-        0x3bfb75578a2fbba0L },
-      { 0x131c4f235a2b9620L,0xbff3ed276faf46beL,0x9b4473d17e172323L,
-        0x421e8878339f6246L } },
-    /* 60 << 224 */
-    { { 0x0fa8587a25a41632L,0xc0814124a35b6c93L,0x2b18a9f559ebb8dbL,
-        0x264e335776edb29cL },
-      { 0xaf245ccdc87c51e2L,0x16b3015b501e6214L,0xbb31c5600a3882ceL,
-        0x6961bb94fec11e04L } },
-    /* 61 << 224 */
-    { { 0x3b825b8deff7a3a0L,0xbec33738b1df7326L,0x68ad747c99604a1fL,
-        0xd154c9349a3bd499L },
-      { 0xac33506f1cc7a906L,0x73bb53926c560e8fL,0x6428fcbe263e3944L,
-        0xc11828d51c387434L } },
-    /* 62 << 224 */
-    { { 0x3cd04be13e4b12ffL,0xc3aad9f92d88667cL,0xc52ddcf8248120cfL,
-        0x985a892e2a389532L },
-      { 0xfbb4b21b3bb85fa0L,0xf95375e08dfc6269L,0xfb4fb06c7ee2aceaL,
-        0x6785426e309c4d1fL } },
-    /* 63 << 224 */
-    { { 0x659b17c8d8ceb147L,0x9b649eeeb70a5554L,0x6b7fa0b5ac6bc634L,
-        0xd99fe2c71d6e732fL },
-      { 0x30e6e7628d3abba2L,0x18fee6e7a797b799L,0x5c9d360dc696464dL,
-        0xe3baeb4827bfde12L } },
-    /* 64 << 224 */
-    { { 0x2bf5db47f23206d5L,0x2f6d34201d260152L,0x17b876533f8ff89aL,
-        0x5157c30c378fa458L },
-      { 0x7517c5c52d4fb936L,0xef22f7ace6518cdcL,0xdeb483e6bf847a64L,
-        0xf508455892e0fa89L } },
-    /* 0 << 231 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 231 */
-    { { 0xab9659d8df7304d4L,0xb71bcf1bff210e8eL,0xa9a2438bd73fbd60L,
-        0x4595cd1f5d11b4deL },
-      { 0x9c0d329a4835859dL,0x4a0f0d2d7dbb6e56L,0xc6038e5edf928a4eL,
-        0xc94296218f5ad154L } },
-    /* 2 << 231 */
-    { { 0x91213462f23f2d92L,0x6cab71bd60b94078L,0x6bdd0a63176cde20L,
-        0x54c9b20cee4d54bcL },
-      { 0x3cd2d8aa9f2ac02fL,0x03f8e617206eedb0L,0xc7f68e1693086434L,
-        0x831469c592dd3db9L } },
-    /* 3 << 231 */
-    { { 0x8521df248f981354L,0x587e23ec3588a259L,0xcbedf281d7a0992cL,
-        0x06930a5538961407L },
-      { 0x09320debbe5bbe21L,0xa7ffa5b52491817fL,0xe6c8b4d909065160L,
-        0xac4f3992fff6d2a9L } },
-    /* 4 << 231 */
-    { { 0x7aa7a1583ae9c1bdL,0xe0af6d98e37ce240L,0xe54342d928ab38b4L,
-        0xe8b750070a1c98caL },
-      { 0xefce86afe02358f2L,0x31b8b856ea921228L,0x052a19120a1c67fcL,
-        0xb4069ea4e3aead59L } },
-    /* 5 << 231 */
-    { { 0x3232d6e27fa03cb3L,0xdb938e5b0fdd7d88L,0x04c1d2cd2ccbfc5dL,
-        0xd2f45c12af3a580fL },
-      { 0x592620b57883e614L,0x5fd27e68be7c5f26L,0x139e45a91567e1e3L,
-        0x2cc71d2d44d8aaafL } },
-    /* 6 << 231 */
-    { { 0x4a9090cde36d0757L,0xf722d7b1d9a29382L,0xfb7fb04c04b48ddfL,
-        0x628ad2a7ebe16f43L },
-      { 0xcd3fbfb520226040L,0x6c34ecb15104b6c4L,0x30c0754ec903c188L,
-        0xec336b082d23cab0L } },
-    /* 7 << 231 */
-    { { 0x473d62a21e206ee5L,0xf1e274808c49a633L,0x87ab956ce9f6b2c3L,
-        0x61830b4862b606eaL },
-      { 0x67cd6846e78e815fL,0xfe40139f4c02082aL,0x52bbbfcb952ec365L,
-        0x74c116426b9836abL } },
-    /* 8 << 231 */
-    { { 0x9f51439e558df019L,0x230da4baac712b27L,0x518919e355185a24L,
-        0x4dcefcdd84b78f50L },
-      { 0xa7d90fb2a47d4c5aL,0x55ac9abfb30e009eL,0xfd2fc35974eed273L,
-        0xb72d824cdbea8fafL } },
-    /* 9 << 231 */
-    { { 0xce721a744513e2caL,0x0b41861238240b2cL,0x05199968d5baa450L,
-        0xeb1757ed2b0e8c25L },
-      { 0x6ebc3e283dfac6d5L,0xb2431e2e48a237f5L,0x2acb5e2352f61499L,
-        0x5558a2a7e06c936bL } },
-    /* 10 << 231 */
-    { { 0xd213f923cbb13d1bL,0x98799f425bfb9bfeL,0x1ae8ddc9701144a9L,
-        0x0b8b3bb64c5595eeL },
-      { 0x0ea9ef2e3ecebb21L,0x17cb6c4b3671f9a7L,0x47ef464f726f1d1fL,
-        0x171b94846943a276L } },
-    /* 11 << 231 */
-    { { 0x51a4ae2d7ef0329cL,0x0850922291c4402aL,0x64a61d35afd45bbcL,
-        0x38f096fe3035a851L },
-      { 0xc7468b74a1dec027L,0xe8cf10e74fc7dcbaL,0xea35ff40f4a06353L,
-        0x0b4c0dfa8b77dd66L } },
-    /* 12 << 231 */
-    { { 0x779b8552de7e5c19L,0xfab28609c1c0256cL,0x64f58eeeabd4743dL,
-        0x4e8ef8387b6cc93bL },
-      { 0xee650d264cb1bf3dL,0x4c1f9d0973dedf61L,0xaef7c9d7bfb70cedL,
-        0x1ec0507e1641de1eL } },
-    /* 13 << 231 */
-    { { 0xcd7e5cc7cde45079L,0xde173c9a516ac9e4L,0x517a8494c170315cL,
-        0x438fd90591d8e8fbL },
-      { 0x5145c506c7d9630bL,0x6457a87bf47d4d75L,0xd31646bf0d9a80e8L,
-        0x453add2bcef3aabeL } },
-    /* 14 << 231 */
-    { { 0xc9941109a607419dL,0xfaa71e62bb6bca80L,0x34158c1307c431f3L,
-        0x594abebc992bc47aL },
-      { 0x6dfea691eb78399fL,0x48aafb353f42cba4L,0xedcd65af077c04f0L,
-        0x1a29a366e884491aL } },
-    /* 15 << 231 */
-    { { 0x023a40e51c21f2bfL,0xf99a513ca5057aeeL,0xa3fe7e25bcab072eL,
-        0x8568d2e140e32bcfL },
-      { 0x904594ebd3f69d9fL,0x181a973307affab1L,0xe4d68d76b6e330f4L,
-        0x87a6dafbc75a7fc1L } },
-    /* 16 << 231 */
-    { { 0x549db2b5ef7d9289L,0x2480d4a8197f015aL,0x61d5590bc40493b6L,
-        0x3a55b52e6f780331L },
-      { 0x40eb8115309eadb0L,0xdea7de5a92e5c625L,0x64d631f0cc6a3d5aL,
-        0x9d5e9d7c93e8dd61L } },
-    /* 17 << 231 */
-    { { 0xf297bef5206d3ffcL,0x23d5e0337d808bd4L,0x4a4f6912d24cf5baL,
-        0xe4d8163b09cdaa8aL },
-      { 0x0e0de9efd3082e8eL,0x4fe1246c0192f360L,0x1f9001504b8eee0aL,
-        0x5219da81f1da391bL } },
-    /* 18 << 231 */
-    { { 0x7bf6a5c1f7ea25aaL,0xd165e6bffbb07d5fL,0xe353936189e78671L,
-        0xa3fcac892bac4219L },
-      { 0xdfab6fd4f0baa8abL,0x5a4adac1e2c1c2e5L,0x6cd75e3140d85849L,
-        0xce263fea19b39181L } },
-    /* 19 << 231 */
-    { { 0xcb6803d307032c72L,0x7f40d5ce790968c8L,0xa6de86bddce978f0L,
-        0x25547c4f368f751cL },
-      { 0xb1e685fd65fb2a9eL,0xce69336f1eb9179cL,0xb15d1c2712504442L,
-        0xb7df465cb911a06bL } },
-    /* 20 << 231 */
-    { { 0xb8d804a3315980cdL,0x693bc492fa3bebf7L,0x3578aeee2253c504L,
-        0x158de498cd2474a2L },
-      { 0x1331f5c7cfda8368L,0xd2d7bbb378d7177eL,0xdf61133af3c1e46eL,
-        0x5836ce7dd30e7be8L } },
-    /* 21 << 231 */
-    { { 0x83084f1994f834cbL,0xd35653d4429ed782L,0xa542f16f59e58243L,
-        0xc2b52f650470a22dL },
-      { 0xe3b6221b18f23d96L,0xcb05abac3f5252b4L,0xca00938b87d61402L,
-        0x2f186cdd411933e4L } },
-    /* 22 << 231 */
-    { { 0xe042ece59a29a5c5L,0xb19b3c073b6c8402L,0xc97667c719d92684L,
-        0xb5624622ebc66372L },
-      { 0x0cb96e653c04fa02L,0x83a7176c8eaa39aaL,0x2033561deaa1633fL,
-        0x45a9d0864533df73L } },
-    /* 23 << 231 */
-    { { 0xe0542c1d3dc090bcL,0x82c996efaa59c167L,0xe3f735e80ee7fc4dL,
-        0x7b1793937c35db79L },
-      { 0xb6419e25f8c5dbfdL,0x4d9d7a1e1f327b04L,0x979f6f9b298dfca8L,
-        0xc7c5dff18de9366aL } },
-    /* 24 << 231 */
-    { { 0x1b7a588d04c82bddL,0x68005534f8319dfdL,0xde8a55b5d8eb9580L,
-        0x5ea886da8d5bca81L },
-      { 0xe8530a01252a0b4dL,0x1bffb4fe35eaa0a1L,0x2ad828b1d8e99563L,
-        0x7de96ef595f9cd87L } },
-    /* 25 << 231 */
-    { { 0x4abb2d0cd77d970cL,0x03cfb933d33ef9cbL,0xb0547c018b211fe9L,
-        0x2fe64809a56ed1c6L },
-      { 0xcb7d5624c2ac98ccL,0x2a1372c01a393e33L,0xc8d1ec1c29660521L,
-        0xf3d31b04b37ac3e9L } },
-    /* 26 << 231 */
-    { { 0xa29ae9df5ece6e7cL,0x0603ac8f0facfb55L,0xcfe85b7adda233a5L,
-        0xe618919fbd75f0b8L },
-      { 0xf555a3d299bf1603L,0x1f43afc9f184255aL,0xdcdaf341319a3e02L,
-        0xd3b117ef03903a39L } },
-    /* 27 << 231 */
-    { { 0xe095da1365d1d131L,0x86f16367c37ad03eL,0x5f37389e462cd8ddL,
-        0xc103fa04d67a60e6L },
-      { 0x57c34344f4b478f0L,0xce91edd8e117c98dL,0x001777b0231fc12eL,
-        0x11ae47f2b207bccbL } },
-    /* 28 << 231 */
-    { { 0xd983cf8d20f8a242L,0x7aff5b1df22e1ad8L,0x68fd11d07fc4feb3L,
-        0x5d53ae90b0f1c3e1L },
-      { 0x50fb7905ec041803L,0x85e3c97714404888L,0x0e67faedac628d8fL,
-        0x2e8651506668532cL } },
-    /* 29 << 231 */
-    { { 0x15acaaa46a67a6b0L,0xf4cdee25b25cec41L,0x49ee565ae4c6701eL,
-        0x2a04ca66fc7d63d8L },
-      { 0xeb105018ef0543fbL,0xf709a4f5d1b0d81dL,0x5b906ee62915d333L,
-        0xf4a8741296f1f0abL } },
-    /* 30 << 231 */
-    { { 0xb6b82fa74d82f4c2L,0x90725a606804efb3L,0xbc82ec46adc3425eL,
-        0xb7b805812787843eL },
-      { 0xdf46d91cdd1fc74cL,0xdc1c62cbe783a6c4L,0x59d1b9f31a04cbbaL,
-        0xd87f6f7295e40764L } },
-    /* 31 << 231 */
-    { { 0x02b4cfc1317f4a76L,0x8d2703eb91036bceL,0x98206cc6a5e72a56L,
-        0x57be9ed1cf53fb0fL },
-      { 0x09374571ef0b17acL,0x74b2655ed9181b38L,0xc8f80ea889935d0eL,
-        0xc0d9e94291529936L } },
-    /* 32 << 231 */
-    { { 0x196860411e84e0e5L,0xa5db84d3aea34c93L,0xf9d5bb197073a732L,
-        0xb8d2fe566bcfd7c0L },
-      { 0x45775f36f3eb82faL,0x8cb20cccfdff8b58L,0x1659b65f8374c110L,
-        0xb8b4a422330c789aL } },
-    /* 33 << 231 */
-    { { 0x75e3c3ea6fe8208bL,0xbd74b9e4286e78feL,0x0be2e81bd7d93a1aL,
-        0x7ed06e27dd0a5aaeL },
-      { 0x721f5a586be8b800L,0x428299d1d846db28L,0x95cb8e6b5be88ed3L,
-        0xc3186b231c034e11L } },
-    /* 34 << 231 */
-    { { 0xa6312c9e8977d99bL,0xbe94433183f531e7L,0x8232c0c218d3b1d4L,
-        0x617aae8be1247b73L },
-      { 0x40153fc4282aec3bL,0xc6063d2ff7b8f823L,0x68f10e583304f94cL,
-        0x31efae74ee676346L } },
-    /* 35 << 231 */
-    { { 0xbadb6c6d40a9b97cL,0x14702c634f666256L,0xdeb954f15184b2e3L,
-        0x5184a52694b6ca40L },
-      { 0xfff05337003c32eaL,0x5aa374dd205974c7L,0x9a7638544b0dd71aL,
-        0x459cd27fdeb947ecL } },
-    /* 36 << 231 */
-    { { 0xa6e28161459c2b92L,0x2f020fa875ee8ef5L,0xb132ec2d30b06310L,
-        0xc3e15899bc6a4530L },
-      { 0xdc5f53feaa3f451aL,0x3a3c7f23c2d9acacL,0x2ec2f8926b27e58bL,
-        0x68466ee7d742799fL } },
-    /* 37 << 231 */
-    { { 0x98324dd41fa26613L,0xa2dc6dabbdc29d63L,0xf9675faad712d657L,
-        0x813994be21fd8d15L },
-      { 0x5ccbb722fd4f7553L,0x5135ff8bf3a36b20L,0x44be28af69559df5L,
-        0x40b65bed9d41bf30L } },
-    /* 38 << 231 */
-    { { 0xd98bf2a43734e520L,0x5e3abbe3209bdcbaL,0x77c76553bc945b35L,
-        0x5331c093c6ef14aaL },
-      { 0x518ffe2976b60c80L,0x2285593b7ace16f8L,0xab1f64ccbe2b9784L,
-        0xe8f2c0d9ab2421b6L } },
-    /* 39 << 231 */
-    { { 0x617d7174c1df065cL,0xafeeb5ab5f6578faL,0x16ff1329263b54a8L,
-        0x45c55808c990dce3L },
-      { 0x42eab6c0ecc8c177L,0x799ea9b55982ecaaL,0xf65da244b607ef8eL,
-        0x8ab226ce32a3fc2cL } },
-    /* 40 << 231 */
-    { { 0x745741e57ea973dcL,0x5c00ca7020888f2eL,0x7cdce3cf45fd9cf1L,
-        0x8a741ef15507f872L },
-      { 0x47c51c2f196b4cecL,0x70d08e43c97ea618L,0x930da15c15b18a2bL,
-        0x33b6c6782f610514L } },
-    /* 41 << 231 */
-    { { 0xc662e4f807ac9794L,0x1eccf050ba06cb79L,0x1ff08623e7d954e5L,
-        0x6ef2c5fb24cf71c3L },
-      { 0xb2c063d267978453L,0xa0cf37961d654af8L,0x7cb242ea7ebdaa37L,
-        0x206e0b10b86747e0L } },
-    /* 42 << 231 */
-    { { 0x481dae5fd5ecfefcL,0x07084fd8c2bff8fcL,0x8040a01aea324596L,
-        0x4c646980d4de4036L },
-      { 0x9eb8ab4ed65abfc3L,0xe01cb91f13541ec7L,0x8f029adbfd695012L,
-        0x9ae284833c7569ecL } },
-    /* 43 << 231 */
-    { { 0xa5614c9ea66d80a1L,0x680a3e4475f5f911L,0x0c07b14dceba4fc1L,
-        0x891c285ba13071c1L },
-      { 0xcac67ceb799ece3cL,0x29b910a941e07e27L,0x66bdb409f2e43123L,
-        0x06f8b1377ac9ecbeL } },
-    /* 44 << 231 */
-    { { 0x5981fafd38547090L,0x19ab8b9f85e3415dL,0xfc28c194c7e31b27L,
-        0x843be0aa6fbcbb42L },
-      { 0xf3b1ed43a6db836cL,0x2a1330e401a45c05L,0x4f19f3c595c1a377L,
-        0xa85f39d044b5ee33L } },
-    /* 45 << 231 */
-    { { 0x3da18e6d4ae52834L,0x5a403b397423dcb0L,0xbb555e0af2374aefL,
-        0x2ad599c41e8ca111L },
-      { 0x1b3a2fb9014b3bf8L,0x73092684f66d5007L,0x079f1426c4340102L,
-        0x1827cf818fddf4deL } },
-    /* 46 << 231 */
-    { { 0xc83605f6f10ff927L,0xd387145123739fc6L,0x6d163450cac1c2ccL,
-        0x6b521296a2ec1ac5L },
-      { 0x0606c4f96e3cb4a5L,0xe47d3f41778abff7L,0x425a8d5ebe8e3a45L,
-        0x53ea9e97a6102160L } },
-    /* 47 << 231 */
-    { { 0x477a106e39cbb688L,0x532401d2f3386d32L,0x8e564f64b1b9b421L,
-        0xca9b838881dad33fL },
-      { 0xb1422b4e2093913eL,0x533d2f9269bc8112L,0x3fa017beebe7b2c7L,
-        0xb2767c4acaf197c6L } },
-    /* 48 << 231 */
-    { { 0xc925ff87aedbae9fL,0x7daf0eb936880a54L,0x9284ddf59c4d0e71L,
-        0x1581cf93316f8cf5L },
-      { 0x3eeca8873ac1f452L,0xb417fce9fb6aeffeL,0xa5918046eefb8dc3L,
-        0x73d318ac02209400L } },
-    /* 49 << 231 */
-    { { 0xe800400f728693e5L,0xe87d814b339927edL,0x93e94d3b57ea9910L,
-        0xff8a35b62245fb69L },
-      { 0x043853d77f200d34L,0x470f1e680f653ce1L,0x81ac05bd59a06379L,
-        0xa14052c203930c29L } },
-    /* 50 << 231 */
-    { { 0x6b72fab526bc2797L,0x13670d1699f16771L,0x001700521e3e48d1L,
-        0x978fe401b7adf678L },
-      { 0x55ecfb92d41c5dd4L,0x5ff8e247c7b27da5L,0xe7518272013fb606L,
-        0x5768d7e52f547a3cL } },
-    /* 51 << 231 */
-    { { 0xbb24eaa360017a5fL,0x6b18e6e49c64ce9bL,0xc225c655103dde07L,
-        0xfc3672ae7592f7eaL },
-      { 0x9606ad77d06283a1L,0x542fc650e4d59d99L,0xabb57c492a40e7c2L,
-        0xac948f13a8db9f55L } },
-    /* 52 << 231 */
-    { { 0x6d4c9682b04465c3L,0xe3d062fa6468bd15L,0xa51729ac5f318d7eL,
-        0x1fc87df69eb6fc95L },
-      { 0x63d146a80591f652L,0xa861b8f7589621aaL,0x59f5f15ace31348cL,
-        0x8f663391440da6daL } },
-    /* 53 << 231 */
-    { { 0xcfa778acb591ffa3L,0x027ca9c54cdfebceL,0xbe8e05a5444ea6b3L,
-        0x8aab4e69a78d8254L },
-      { 0x2437f04fb474d6b8L,0x6597ffd4045b3855L,0xbb0aea4eca47ecaaL,
-        0x568aae8385c7ebfcL } },
-    /* 54 << 231 */
-    { { 0x0e966e64c73b2383L,0x49eb3447d17d8762L,0xde1078218da05dabL,
-        0x443d8baa016b7236L },
-      { 0x163b63a5ea7610d6L,0xe47e4185ce1ca979L,0xae648b6580baa132L,
-        0xebf53de20e0d5b64L } },
-    /* 55 << 231 */
-    { { 0x8d3bfcb4d3c8c1caL,0x0d914ef35d04b309L,0x55ef64153de7d395L,
-        0xbde1666f26b850e8L },
-      { 0xdbe1ca6ed449ab19L,0x8902b322e89a2672L,0xb1674b7edacb7a53L,
-        0x8e9faf6ef52523ffL } },
-    /* 56 << 231 */
-    { { 0x6ba535da9a85788bL,0xd21f03aebd0626d4L,0x099f8c47e873dc64L,
-        0xcda8564d018ec97eL },
-      { 0x3e8d7a5cde92c68cL,0x78e035a173323cc4L,0x3ef26275f880ff7cL,
-        0xa4ee3dff273eedaaL } },
-    /* 57 << 231 */
-    { { 0x58823507af4e18f8L,0x967ec9b50672f328L,0x9ded19d9559d3186L,
-        0x5e2ab3de6cdce39cL },
-      { 0xabad6e4d11c226dfL,0xf9783f4387723014L,0x9a49a0cf1a885719L,
-        0xfc0c1a5a90da9dbfL } },
-    /* 58 << 231 */
-    { { 0x8bbaec49571d92acL,0x569e85fe4692517fL,0x8333b014a14ea4afL,
-        0x32f2a62f12e5c5adL },
-      { 0x98c2ce3a06d89b85L,0xb90741aa2ff77a08L,0x2530defc01f795a2L,
-        0xd6e5ba0b84b3c199L } },
-    /* 59 << 231 */
-    { { 0x7d8e845112e4c936L,0xae419f7dbd0be17bL,0xa583fc8c22262bc9L,
-        0x6b842ac791bfe2bdL },
-      { 0x33cef4e9440d6827L,0x5f69f4deef81fb14L,0xf16cf6f6234fbb92L,
-        0x76ae3fc3d9e7e158L } },
-    /* 60 << 231 */
-    { { 0x4e89f6c2e9740b33L,0x677bc85d4962d6a1L,0x6c6d8a7f68d10d15L,
-        0x5f9a72240257b1cdL },
-      { 0x7096b9164ad85961L,0x5f8c47f7e657ab4aL,0xde57d7d0f7461d7eL,
-        0x7eb6094d80ce5ee2L } },
-    /* 61 << 231 */
-    { { 0x0b1e1dfd34190547L,0x8a394f43f05dd150L,0x0a9eb24d97df44e6L,
-        0x78ca06bf87675719L },
-      { 0x6f0b34626ffeec22L,0x9d91bcea36cdd8fbL,0xac83363ca105be47L,
-        0x81ba76c1069710e3L } },
-    /* 62 << 231 */
-    { { 0x3d1b24cb28c682c6L,0x27f252288612575bL,0xb587c779e8e66e98L,
-        0x7b0c03e9405eb1feL },
-      { 0xfdf0d03015b548e7L,0xa8be76e038b36af7L,0x4cdab04a4f310c40L,
-        0x6287223ef47ecaecL } },
-    /* 63 << 231 */
-    { { 0x678e60558b399320L,0x61fe3fa6c01e4646L,0xc482866b03261a5eL,
-        0xdfcf45b85c2f244aL },
-      { 0x8fab9a512f684b43L,0xf796c654c7220a66L,0x1d90707ef5afa58fL,
-        0x2c421d974fdbe0deL } },
-    /* 64 << 231 */
-    { { 0xc4f4cda3af2ebc2fL,0xa0af843dcb4efe24L,0x53b857c19ccd10b1L,
-        0xddc9d1eb914d3e04L },
-      { 0x7bdec8bb62771debL,0x829277aa91c5aa81L,0x7af18dd6832391aeL,
-        0x1740f316c71a84caL } },
-    /* 0 << 238 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 238 */
-    { { 0x8928e99aeeaf8c49L,0xee7aa73d6e24d728L,0x4c5007c2e72b156cL,
-        0x5fcf57c5ed408a1dL },
-      { 0x9f719e39b6057604L,0x7d343c01c2868bbfL,0x2cca254b7e103e2dL,
-        0xe6eb38a9f131bea2L } },
-    /* 2 << 238 */
-    { { 0xb33e624f8be762b4L,0x2a9ee4d1058e3413L,0x968e636967d805faL,
-        0x9848949b7db8bfd7L },
-      { 0x5308d7e5d23a8417L,0x892f3b1df3e29da5L,0xc95c139e3dee471fL,
-        0x8631594dd757e089L } },
-    /* 3 << 238 */
-    { { 0xe0c82a3cde918dccL,0x2e7b599426fdcf4bL,0x82c5024932cb1b2dL,
-        0xea613a9d7657ae07L },
-      { 0xc2eb5f6cf1fdc9f7L,0xb6eae8b8879fe682L,0x253dfee0591cbc7fL,
-        0x000da7133e1290e6L } },
-    /* 4 << 238 */
-    { { 0x1083e2ea1f095615L,0x0a28ad7714e68c33L,0x6bfc02523d8818beL,
-        0xb585113af35850cdL },
-      { 0x7d935f0b30df8aa1L,0xaddda07c4ab7e3acL,0x92c34299552f00cbL,
-        0xc33ed1de2909df6cL } },
-    /* 5 << 238 */
-    { { 0x22c2195d80e87766L,0x9e99e6d89ddf4ac0L,0x09642e4e65e74934L,
-        0x2610ffa2ff1ff241L },
-      { 0x4d1d47d4751c8159L,0x697b4985af3a9363L,0x0318ca4687477c33L,
-        0xa90cb5659441eff3L } },
-    /* 6 << 238 */
-    { { 0x58bb384836f024cbL,0x85be1f7736016168L,0x6c59587cdc7e07f1L,
-        0x191be071af1d8f02L },
-      { 0xbf169fa5cca5e55cL,0x3864ba3cf7d04eacL,0x915e367f8d7d05dbL,
-        0xb48a876da6549e5dL } },
-    /* 7 << 238 */
-    { { 0xef89c656580e40a2L,0xf194ed8c728068bcL,0x74528045a47990c9L,
-        0xf53fc7d75e1a4649L },
-      { 0xbec5ae9b78593e7dL,0x2cac4ee341db65d7L,0xa8c1eb2404a3d39bL,
-        0x53b7d63403f8f3efL } },
-    /* 8 << 238 */
-    { { 0x2dc40d483e07113cL,0x6e4a5d397d8b63aeL,0x5582a94b79684c2bL,
-        0x932b33d4622da26cL },
-      { 0xf534f6510dbbf08dL,0x211d07c964c23a52L,0x0eeece0fee5bdc9bL,
-        0xdf178168f7015558L } },
-    /* 9 << 238 */
-    { { 0xd42946350a712229L,0x93cbe44809273f8cL,0x00b095ef8f13bc83L,
-        0xbb7419728798978cL },
-      { 0x9d7309a256dbe6e7L,0xe578ec565a5d39ecL,0x3961151b851f9a31L,
-        0x2da7715de5709eb4L } },
-    /* 10 << 238 */
-    { { 0x867f301753dfabf0L,0x728d2078b8e39259L,0x5c75a0cd815d9958L,
-        0xf84867a616603be1L },
-      { 0xc865b13d70e35b1cL,0x0241446819b03e2cL,0xe46041daac1f3121L,
-        0x7c9017ad6f028a7cL } },
-    /* 11 << 238 */
-    { { 0xabc96de90a482873L,0x4265d6b1b77e54d4L,0x68c38e79a57d88e7L,
-        0xd461d7669ce82de3L },
-      { 0x817a9ec564a7e489L,0xcc5675cda0def5f2L,0x9a00e785985d494eL,
-        0xc626833f1b03514aL } },
-    /* 12 << 238 */
-    { { 0xabe7905a83cdd60eL,0x50602fb5a1170184L,0x689886cdb023642aL,
-        0xd568d090a6e1fb00L },
-      { 0x5b1922c70259217fL,0x93831cd9c43141e4L,0xdfca35870c95f86eL,
-        0xdec2057a568ae828L } },
-    /* 13 << 238 */
-    { { 0xc44ea599f98a759aL,0x55a0a7a2f7c23c1dL,0xd5ffb6e694c4f687L,
-        0x3563cce212848478L },
-      { 0x812b3517e7b1fbe1L,0x8a7dc9794f7338e0L,0x211ecee952d048dbL,
-        0x2eea4056c86ea3b8L } },
-    /* 14 << 238 */
-    { { 0xd8cb68a7ba772b34L,0xe16ed3415f4e2541L,0x9b32f6a60fec14dbL,
-        0xeee376f7391698beL },
-      { 0xe9a7aa1783674c02L,0x65832f975843022aL,0x29f3a8da5ba4990fL,
-        0x79a59c3afb8e3216L } },
-    /* 15 << 238 */
-    { { 0x9cdc4d2ebd19bb16L,0xc6c7cfd0b3262d86L,0xd4ce14d0969c0b47L,
-        0x1fa352b713e56128L },
-      { 0x383d55b8973db6d3L,0x71836850e8e5b7bfL,0xc7714596e6bb571fL,
-        0x259df31f2d5b2dd2L } },
-    /* 16 << 238 */
-    { { 0x568f8925913cc16dL,0x18bc5b6de1a26f5aL,0xdfa413bef5f499aeL,
-        0xf8835decc3f0ae84L },
-      { 0xb6e60bd865a40ab0L,0x65596439194b377eL,0xbcd8562592084a69L,
-        0x5ce433b94f23ede0L } },
-    /* 17 << 238 */
-    { { 0xe8e8f04f6ad65143L,0x11511827d6e14af6L,0x3d390a108295c0c7L,
-        0x71e29ee4621eba16L },
-      { 0xa588fc0963717b46L,0x02be02fee06ad4a2L,0x931558c604c22b22L,
-        0xbb4d4bd612f3c849L } },
-    /* 18 << 238 */
-    { { 0x54a4f49620efd662L,0x92ba6d20c5952d14L,0x2db8ea1ecc9784c2L,
-        0x81cc10ca4b353644L },
-      { 0x40b570ad4b4d7f6cL,0x5c9f1d9684a1dcd2L,0x01379f813147e797L,
-        0xe5c6097b2bd499f5L } },
-    /* 19 << 238 */
-    { { 0x40dcafa6328e5e20L,0xf7b5244a54815550L,0xb9a4f11847bfc978L,
-        0x0ea0e79fd25825b1L },
-      { 0xa50f96eb646c7ecfL,0xeb811493446dea9dL,0x2af04677dfabcf69L,
-        0xbe3a068fc713f6e8L } },
-    /* 20 << 238 */
-    { { 0x860d523d42e06189L,0xbf0779414e3aff13L,0x0b616dcac1b20650L,
-        0xe66dd6d12131300dL },
-      { 0xd4a0fd67ff99abdeL,0xc9903550c7aac50dL,0x022ecf8b7c46b2d7L,
-        0x3333b1e83abf92afL } },
-    /* 21 << 238 */
-    { { 0x11cc113c6c491c14L,0x0597668880dd3f88L,0xf5b4d9e729d932edL,
-        0xe982aad8a2c38b6dL },
-      { 0x6f9253478be0dcf0L,0x700080ae65ca53f2L,0xd8131156443ca77fL,
-        0xe92d6942ec51f984L } },
-    /* 22 << 238 */
-    { { 0xd2a08af885dfe9aeL,0xd825d9a54d2a86caL,0x2c53988d39dff020L,
-        0xf38b135a430cdc40L },
-      { 0x0c918ae062a7150bL,0xf31fd8de0c340e9bL,0xafa0e7ae4dbbf02eL,
-        0x5847fb2a5eba6239L } },
-    /* 23 << 238 */
-    { { 0x6b1647dcdccbac8bL,0xb642aa7806f485c8L,0x873f37657038ecdfL,
-        0x2ce5e865fa49d3feL },
-      { 0xea223788c98c4400L,0x8104a8cdf1fa5279L,0xbcf7cc7a06becfd7L,
-        0x49424316c8f974aeL } },
-    /* 24 << 238 */
-    { { 0xc0da65e784d6365dL,0xbcb7443f8f759fb8L,0x35c712b17ae81930L,
-        0x80428dff4c6e08abL },
-      { 0xf19dafefa4faf843L,0xced8538dffa9855fL,0x20ac409cbe3ac7ceL,
-        0x358c1fb6882da71eL } },
-    /* 25 << 238 */
-    { { 0xafa9c0e5fd349961L,0x2b2cfa518421c2fcL,0x2a80db17f3a28d38L,
-        0xa8aba5395d138e7eL },
-      { 0x52012d1d6e96eb8dL,0x65d8dea0cbaf9622L,0x57735447b264f56cL,
-        0xbeebef3f1b6c8da2L } },
-    /* 26 << 238 */
-    { { 0xfc346d98ce785254L,0xd50e8d72bb64a161L,0xc03567c749794addL,
-        0x15a76065752c7ef6L },
-      { 0x59f3a222961f23d6L,0x378e443873ecc0b0L,0xc74be4345a82fde4L,
-        0xae509af2d8b9cf34L } },
-    /* 27 << 238 */
-    { { 0x4a61ee46577f44a1L,0xe09b748cb611deebL,0xc0481b2cf5f7b884L,
-        0x3562667861acfa6bL },
-      { 0x37f4c518bf8d21e6L,0x22d96531b205a76dL,0x37fb85e1954073c0L,
-        0xbceafe4f65b3a567L } },
-    /* 28 << 238 */
-    { { 0xefecdef7be42a582L,0xd3fc608065046be6L,0xc9af13c809e8dba9L,
-        0x1e6c9847641491ffL },
-      { 0x3b574925d30c31f7L,0xb7eb72baac2a2122L,0x776a0dacef0859e7L,
-        0x06fec31421900942L } },
-    /* 29 << 238 */
-    { { 0x2464bc10f8c22049L,0x9bfbcce7875ebf69L,0xd7a88e2a4336326bL,
-        0xda05261c5bc2acfaL },
-      { 0xc29f5bdceba7efc8L,0x471237ca25dbbf2eL,0xa72773f22975f127L,
-        0xdc744e8e04d0b326L } },
-    /* 30 << 238 */
-    { { 0x38a7ed16a56edb73L,0x64357e372c007e70L,0xa167d15b5080b400L,
-        0x07b4116423de4be1L },
-      { 0xb2d91e3274c89883L,0x3c1628212882e7edL,0xad6b36ba7503e482L,
-        0x48434e8e0ea34331L } },
-    /* 31 << 238 */
-    { { 0x79f4f24f2c7ae0b9L,0xc46fbf811939b44aL,0x76fefae856595eb1L,
-        0x417b66abcd5f29c7L },
-      { 0x5f2332b2c5ceec20L,0xd69661ffe1a1cae2L,0x5ede7e529b0286e6L,
-        0x9d062529e276b993L } },
-    /* 32 << 238 */
-    { { 0x324794b07e50122bL,0xdd744f8b4af07ca5L,0x30a12f08d63fc97bL,
-        0x39650f1a76626d9dL },
-      { 0x101b47f71fa38477L,0x3d815f19d4dc124fL,0x1569ae95b26eb58aL,
-        0xc3cde18895fb1887L } },
-    /* 33 << 238 */
-    { { 0x54e9f37bf9539a48L,0xb0100e067408c1a5L,0x821d9811ea580cbbL,
-        0x8af52d3586e50c56L },
-      { 0xdfbd9d47dbbf698bL,0x2961a1ea03dc1c73L,0x203d38f8e76a5df8L,
-        0x08a53a686def707aL } },
-    /* 34 << 238 */
-    { { 0x26eefb481bee45d4L,0xb3cee3463c688036L,0x463c5315c42f2469L,
-        0x19d84d2e81378162L },
-      { 0x22d7c3c51c4d349fL,0x65965844163d59c5L,0xcf198c56b8abceaeL,
-        0x6fb1fb1b628559d5L } },
-    /* 35 << 238 */
-    { { 0x8bbffd0607bf8fe3L,0x46259c583467734bL,0xd8953cea35f7f0d3L,
-        0x1f0bece2d65b0ff1L },
-      { 0xf7d5b4b3f3c72914L,0x29e8ea953cb53389L,0x4a365626836b6d46L,
-        0xe849f910ea174fdeL } },
-    /* 36 << 238 */
-    { { 0x7ec62fbbf4737f21L,0xd8dba5ab6209f5acL,0x24b5d7a9a5f9adbeL,
-        0x707d28f7a61dc768L },
-      { 0x7711460bcaa999eaL,0xba7b174d1c92e4ccL,0x3c4bab6618d4bf2dL,
-        0xb8f0c980eb8bd279L } },
-    /* 37 << 238 */
-    { { 0x024bea9a324b4737L,0xfba9e42332a83bcaL,0x6e635643a232dcedL,
-        0x996193672571c8baL },
-      { 0xe8c9f35754b7032bL,0xf936b3ba2442d54aL,0x2263f0f08290c65aL,
-        0x48989780ee2c7fdbL } },
-    /* 38 << 238 */
-    { { 0xadc5d55a13d4f95eL,0x737cff85ad9b8500L,0x271c557b8a73f43dL,
-        0xbed617a4e18bc476L },
-      { 0x662454017dfd8ab2L,0xae7b89ae3a2870aaL,0x1b555f5323a7e545L,
-        0x6791e247be057e4cL } },
-    /* 39 << 238 */
-    { { 0x860136ad324fa34dL,0xea1114474cbeae28L,0x023a4270bedd3299L,
-        0x3d5c3a7fc1c35c34L },
-      { 0xb0f6db678d0412d2L,0xd92625e2fcdc6b9aL,0x92ae5ccc4e28a982L,
-        0xea251c3647a3ce7eL } },
-    /* 40 << 238 */
-    { { 0x9d658932790691bfL,0xed61058906b736aeL,0x712c2f04c0d63b6eL,
-        0x5cf06fd5c63d488fL },
-      { 0x97363facd9588e41L,0x1f9bf7622b93257eL,0xa9d1ffc4667acaceL,
-        0x1cf4a1aa0a061ecfL } },
-    /* 41 << 238 */
-    { { 0x40e48a49dc1818d0L,0x0643ff39a3621ab0L,0x5768640ce39ef639L,
-        0x1fc099ea04d86854L },
-      { 0x9130b9c3eccd28fdL,0xd743cbd27eec54abL,0x052b146fe5b475b6L,
-        0x058d9a82900a7d1fL } },
-    /* 42 << 238 */
-    { { 0x65e0229291262b72L,0x96f924f9bb0edf03L,0x5cfa59c8fe206842L,
-        0xf60370045eafa720L },
-      { 0x5f30699e18d7dd96L,0x381e8782cbab2495L,0x91669b46dd8be949L,
-        0xb40606f526aae8efL } },
-    /* 43 << 238 */
-    { { 0x2812b839fc6751a4L,0x16196214fba800efL,0x4398d5ca4c1a2875L,
-        0x720c00ee653d8349L },
-      { 0xc2699eb0d820007cL,0x880ee660a39b5825L,0x70694694471f6984L,
-        0xf7d16ea8e3dda99aL } },
-    /* 44 << 238 */
-    { { 0x28d675b2c0519a23L,0x9ebf94fe4f6952e3L,0xf28bb767a2294a8aL,
-        0x85512b4dfe0af3f5L },
-      { 0x18958ba899b16a0dL,0x95c2430cba7548a7L,0xb30d1b10a16be615L,
-        0xe3ebbb9785bfb74cL } },
-    /* 45 << 238 */
-    { { 0xa3273cfe18549fdbL,0xf6e200bf4fcdb792L,0x54a76e1883aba56cL,
-        0x73ec66f689ef6aa2L },
-      { 0x8d17add7d1b9a305L,0xa959c5b9b7ae1b9dL,0x886435226bcc094aL,
-        0xcc5616c4d7d429b9L } },
-    /* 46 << 238 */
-    { { 0xa6dada01e6a33f7cL,0xc6217a079d4e70adL,0xd619a81809c15b7cL,
-        0xea06b3290e80c854L },
-      { 0x174811cea5f5e7b9L,0x66dfc310787c65f4L,0x4ea7bd693316ab54L,
-        0xc12c4acb1dcc0f70L } },
-    /* 47 << 238 */
-    { { 0xe4308d1a1e407dd9L,0xe8a3587c91afa997L,0xea296c12ab77b7a5L,
-        0xb5ad49e4673c0d52L },
-      { 0x40f9b2b27006085aL,0xa88ff34087bf6ec2L,0x978603b14e3066a6L,
-        0xb3f99fc2b5e486e2L } },
-    /* 48 << 238 */
-    { { 0x07b53f5eb2e63645L,0xbe57e54784c84232L,0xd779c2167214d5cfL,
-        0x617969cd029a3acaL },
-      { 0xd17668cd8a7017a0L,0x77b4d19abe9b7ee8L,0x58fd0e939c161776L,
-        0xa8c4f4efd5968a72L } },
-    /* 49 << 238 */
-    { { 0x296071cc67b3de77L,0xae3c0b8e634f7905L,0x67e440c28a7100c9L,
-        0xbb8c3c1beb4b9b42L },
-      { 0x6d71e8eac51b3583L,0x7591f5af9525e642L,0xf73a2f7b13f509f3L,
-        0x618487aa5619ac9bL } },
-    /* 50 << 238 */
-    { { 0x3a72e5f79d61718aL,0x00413bcc7592d28cL,0x7d9b11d3963c35cfL,
-        0x77623bcfb90a46edL },
-      { 0xdeef273bdcdd2a50L,0x4a741f9b0601846eL,0x33b89e510ec6e929L,
-        0xcb02319f8b7f22cdL } },
-    /* 51 << 238 */
-    { { 0xbbe1500d084bae24L,0x2f0ae8d7343d2693L,0xacffb5f27cdef811L,
-        0xaa0c030a263fb94fL },
-      { 0x6eef0d61a0f442deL,0xf92e181727b139d3L,0x1ae6deb70ad8bc28L,
-        0xa89e38dcc0514130L } },
-    /* 52 << 238 */
-    { { 0x81eeb865d2fdca23L,0x5a15ee08cc8ef895L,0x768fa10a01905614L,
-        0xeff5b8ef880ee19bL },
-      { 0xf0c0cabbcb1c8a0eL,0x2e1ee9cdb8c838f9L,0x0587d8b88a4a14c0L,
-        0xf6f278962ff698e5L } },
-    /* 53 << 238 */
-    { { 0xed38ef1c89ee6256L,0xf44ee1fe6b353b45L,0x9115c0c770e903b3L,
-        0xc78ec0a1818f31dfL },
-      { 0x6c003324b7dccbc6L,0xd96dd1f3163bbc25L,0x33aa82dd5cedd805L,
-        0x123aae4f7f7eb2f1L } },
-    /* 54 << 238 */
-    { { 0x1723fcf5a26262cdL,0x1f7f4d5d0060ebd5L,0xf19c5c01b2eaa3afL,
-        0x2ccb9b149790accfL },
-      { 0x1f9c1cad52324aa6L,0x632005267247df54L,0x5732fe42bac96f82L,
-        0x52fe771f01a1c384L } },
-    /* 55 << 238 */
-    { { 0x546ca13db1001684L,0xb56b4eeea1709f75L,0x266545a9d5db8672L,
-        0xed971c901e8f3cfbL },
-      { 0x4e7d8691e3a07b29L,0x7570d9ece4b696b9L,0xdc5fa0677bc7e9aeL,
-        0x68b44cafc82c4844L } },
-    /* 56 << 238 */
-    { { 0x519d34b3bf44da80L,0x283834f95ab32e66L,0x6e6087976278a000L,
-        0x1e62960e627312f6L },
-      { 0x9b87b27be6901c55L,0x80e7853824fdbc1fL,0xbbbc09512facc27dL,
-        0x06394239ac143b5aL } },
-    /* 57 << 238 */
-    { { 0x35bb4a40376c1944L,0x7cb6269463da1511L,0xafd29161b7148a3bL,
-        0xa6f9d9ed4e2ea2eeL },
-      { 0x15dc2ca2880dd212L,0x903c3813a61139a9L,0x2aa7b46d6c0f8785L,
-        0x36ce2871901c60ffL } },
-    /* 58 << 238 */
-    { { 0xc683b028e10d9c12L,0x7573baa2032f33d3L,0x87a9b1f667a31b58L,
-        0xfd3ed11af4ffae12L },
-      { 0x83dcaa9a0cb2748eL,0x8239f0185d6fdf16L,0xba67b49c72753941L,
-        0x2beec455c321cb36L } },
-    /* 59 << 238 */
-    { { 0x880156063f8b84ceL,0x764170838d38c86fL,0x054f1ca7598953ddL,
-        0xc939e1104e8e7429L },
-      { 0x9b1ac2b35a914f2fL,0x39e35ed3e74b8f9cL,0xd0debdb2781b2fb0L,
-        0x1585638f2d997ba2L } },
-    /* 60 << 238 */
-    { { 0x9c4b646e9e2fce99L,0x68a210811e80857fL,0x06d54e443643b52aL,
-        0xde8d6d630d8eb843L },
-      { 0x7032156342146a0aL,0x8ba826f25eaa3622L,0x227a58bd86138787L,
-        0x43b6c03c10281d37L } },
-    /* 61 << 238 */
-    { { 0x6326afbbb54dde39L,0x744e5e8adb6f2d5fL,0x48b2a99acff158e1L,
-        0xa93c8fa0ef87918fL },
-      { 0x2182f956de058c5cL,0x216235d2936f9e7aL,0xace0c0dbd2e31e67L,
-        0xc96449bff23ac3e7L } },
-    /* 62 << 238 */
-    { { 0x7e9a2874170693bdL,0xa28e14fda45e6335L,0x5757f6b356427344L,
-        0x822e4556acf8edf9L },
-      { 0x2b7a6ee2e6a285cdL,0x5866f211a9df3af0L,0x40dde2ddf845b844L,
-        0x986c3726110e5e49L } },
-    /* 63 << 238 */
-    { { 0x73680c2af7172277L,0x57b94f0f0cccb244L,0xbdff72672d438ca7L,
-        0xbad1ce11cf4663fdL },
-      { 0x9813ed9dd8f71caeL,0xf43272a6961fdaa6L,0xbeff0119bd6d1637L,
-        0xfebc4f9130361978L } },
-    /* 64 << 238 */
-    { { 0x02b37a952f41deffL,0x0e44a59ae63b89b7L,0x673257dc143ff951L,
-        0x19c02205d752baf4L },
-      { 0x46c23069c4b7d692L,0x2e6392c3fd1502acL,0x6057b1a21b220846L,
-        0xe51ff9460c1b5b63L } },
-    /* 0 << 245 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 245 */
-    { { 0x6e85cb51566c5c43L,0xcff9c9193597f046L,0x9354e90c4994d94aL,
-        0xe0a393322147927dL },
-      { 0x8427fac10dc1eb2bL,0x88cfd8c22ff319faL,0xe2d4e68401965274L,
-        0xfa2e067d67aaa746L } },
-    /* 2 << 245 */
-    { { 0xb6d92a7f3e5f9f11L,0x9afe153ad6cb3b8eL,0x4d1a6dd7ddf800bdL,
-        0xf6c13cc0caf17e19L },
-      { 0x15f6c58e325fc3eeL,0x71095400a31dc3b2L,0x168e7c07afa3d3e7L,
-        0x3f8417a194c7ae2dL } },
-    /* 3 << 245 */
-    { { 0xec234772813b230dL,0x634d0f5f17344427L,0x11548ab1d77fc56aL,
-        0x7fab1750ce06af77L },
-      { 0xb62c10a74f7c4f83L,0xa7d2edc4220a67d9L,0x1c404170921209a0L,
-        0x0b9815a0face59f0L } },
-    /* 4 << 245 */
-    { { 0x2842589b319540c3L,0x18490f59a283d6f8L,0xa2731f84daae9fcbL,
-        0x3db6d960c3683ba0L },
-      { 0xc85c63bb14611069L,0xb19436af0788bf05L,0x905459df347460d2L,
-        0x73f6e094e11a7db1L } },
-    /* 5 << 245 */
-    { { 0xdc7f938eb6357f37L,0xc5d00f792bd8aa62L,0xc878dcb92ca979fcL,
-        0x37e83ed9eb023a99L },
-      { 0x6b23e2731560bf3dL,0x1086e4591d0fae61L,0x782483169a9414bdL,
-        0x1b956bc0f0ea9ea1L } },
-    /* 6 << 245 */
-    { { 0x7b85bb91c31b9c38L,0x0c5aa90b48ef57b5L,0xdedeb169af3bab6fL,
-        0xe610ad732d373685L },
-      { 0xf13870df02ba8e15L,0x0337edb68ca7f771L,0xe4acf747b62c036cL,
-        0xd921d576b6b94e81L } },
-    /* 7 << 245 */
-    { { 0xdbc864392c422f7aL,0xfb635362ed348898L,0x83084668c45bfcd1L,
-        0xc357c9e32b315e11L },
-      { 0xb173b5405b2e5b8cL,0x7e946931e102b9a4L,0x17c890eb7b0fb199L,
-        0xec225a83d61b662bL } },
-    /* 8 << 245 */
-    { { 0xf306a3c8ee3c76cbL,0x3cf11623d32a1f6eL,0xe6d5ab646863e956L,
-        0x3b8a4cbe5c005c26L },
-      { 0xdcd529a59ce6bb27L,0xc4afaa5204d4b16fL,0xb0624a267923798dL,
-        0x85e56df66b307fabL } },
-    /* 9 << 245 */
-    { { 0x0281893c2bf29698L,0x91fc19a4d7ce7603L,0x75a5dca3ad9a558fL,
-        0x40ceb3fa4d50bf77L },
-      { 0x1baf6060bc9ba369L,0x927e1037597888c2L,0xd936bf1986a34c07L,
-        0xd4cf10c1c34ae980L } },
-    /* 10 << 245 */
-    { { 0x3a3e5334859dd614L,0x9c475b5b18d0c8eeL,0x63080d1f07cd51d5L,
-        0xc9c0d0a6b88b4326L },
-      { 0x1ac98691c234296fL,0x2a0a83a494887fb6L,0x565114270cea9cf2L,
-        0x5230a6e8a24802f5L } },
-    /* 11 << 245 */
-    { { 0xf7a2bf0f72e3d5c1L,0x377174464f21439eL,0xfedcbf259ce30334L,
-        0xe0030a787ce202f9L },
-      { 0x6f2d9ebf1202e9caL,0xe79dde6c75e6e591L,0xf52072aff1dac4f8L,
-        0x6c8d087ebb9b404dL } },
-    /* 12 << 245 */
-    { { 0xad0fc73dbce913afL,0x909e587b458a07cbL,0x1300da84d4f00c8aL,
-        0x425cd048b54466acL },
-      { 0xb59cb9be90e9d8bfL,0x991616db3e431b0eL,0xd3aa117a531aecffL,
-        0x91af92d359f4dc3bL } },
-    /* 13 << 245 */
-    { { 0x9b1ec292e93fda29L,0x76bb6c17e97d91bcL,0x7509d95faface1e6L,
-        0x3653fe47be855ae3L },
-      { 0x73180b280f680e75L,0x75eefd1beeb6c26cL,0xa4cdf29fb66d4236L,
-        0x2d70a9976b5821d8L } },
-    /* 14 << 245 */
-    { { 0x7a3ee20720445c36L,0x71d1ac8259877174L,0x0fc539f7949f73e9L,
-        0xd05cf3d7982e3081L },
-      { 0x8758e20b7b1c7129L,0xffadcc20569e61f2L,0xb05d3a2f59544c2dL,
-        0xbe16f5c19fff5e53L } },
-    /* 15 << 245 */
-    { { 0x73cf65b8aad58135L,0x622c2119037aa5beL,0x79373b3f646fd6a0L,
-        0x0e029db50d3978cfL },
-      { 0x8bdfc43794fba037L,0xaefbd687620797a6L,0x3fa5382bbd30d38eL,
-        0x7627cfbf585d7464L } },
-    /* 16 << 245 */
-    { { 0xb2330fef4e4ca463L,0xbcef72873566cc63L,0xd161d2cacf780900L,
-        0x135dc5395b54827dL },
-      { 0x638f052e27bf1bc6L,0x10a224f007dfa06cL,0xe973586d6d3321daL,
-        0x8b0c573826152c8fL } },
-    /* 17 << 245 */
-    { { 0x07ef4f2a34606074L,0x80fe7fe8a0f7047aL,0x3d1a8152e1a0e306L,
-        0x32cf43d888da5222L },
-      { 0xbf89a95f5f02ffe6L,0x3d9eb9a4806ad3eaL,0x012c17bb79c8e55eL,
-        0xfdcd1a7499c81dacL } },
-    /* 18 << 245 */
-    { { 0x7043178bb9556098L,0x4090a1df801c3886L,0x759800ff9b67b912L,
-        0x3e5c0304232620c8L },
-      { 0x4b9d3c4b70dceecaL,0xbb2d3c15181f648eL,0xf981d8376e33345cL,
-        0xb626289b0cf2297aL } },
-    /* 19 << 245 */
-    { { 0x766ac6598baebdcfL,0x1a28ae0975df01e5L,0xb71283da375876d8L,
-        0x4865a96d607b9800L },
-      { 0x25dd1bcd237936b2L,0x332f4f4b60417494L,0xd0923d68370a2147L,
-        0x497f5dfbdc842203L } },
-    /* 20 << 245 */
-    { { 0x9dc74cbd32be5e0fL,0x7475bcb717a01375L,0x438477c950d872b1L,
-        0xcec67879ffe1d63dL },
-      { 0x9b006014d8578c70L,0xc9ad99a878bb6b8bL,0x6799008e11fb3806L,
-        0xcfe81435cd44cab3L } },
-    /* 21 << 245 */
-    { { 0xa2ee15822f4fb344L,0xb8823450483fa6ebL,0x622d323d652c7749L,
-        0xd8474a98beb0a15bL },
-      { 0xe43c154d5d1c00d0L,0x7fd581d90e3e7aacL,0x2b44c6192525ddf8L,
-        0x67a033ebb8ae9739L } },
-    /* 22 << 245 */
-    { { 0x113ffec19ef2d2e4L,0x1bf6767ed5a0ea7fL,0x57fff75e03714c0aL,
-        0xa23c422e0a23e9eeL },
-      { 0xdd5f6b2d540f83afL,0xc2c2c27e55ea46a7L,0xeb6b4246672a1208L,
-        0xd13599f7ae634f7aL } },
-    /* 23 << 245 */
-    { { 0xcf914b5cd7b32c6eL,0x61a5a640eaf61814L,0x8dc3df8b208a1bbbL,
-        0xef627fd6b6d79aa5L },
-      { 0x44232ffcc4c86bc8L,0xe6f9231b061539feL,0x1d04f25a958b9533L,
-        0x180cf93449e8c885L } },
-    /* 24 << 245 */
-    { { 0x896895959884aaf7L,0xb1959be307b348a6L,0x96250e573c147c87L,
-        0xae0efb3add0c61f8L },
-      { 0xed00745eca8c325eL,0x3c911696ecff3f70L,0x73acbc65319ad41dL,
-        0x7b01a020f0b1c7efL } },
-    /* 25 << 245 */
-    { { 0xea32b29363a1483fL,0x89eabe717a248f96L,0x9c6231d3343157e5L,
-        0x93a375e5df3c546dL },
-      { 0xe76e93436a2afe69L,0xc4f89100e166c88eL,0x248efd0d4f872093L,
-        0xae0eb3ea8fe0ea61L } },
-    /* 26 << 245 */
-    { { 0xaf89790d9d79046eL,0x4d650f2d6cee0976L,0xa3935d9a43071ecaL,
-        0x66fcd2c9283b0bfeL },
-      { 0x0e665eb5696605f1L,0xe77e5d07a54cd38dL,0x90ee050a43d950cfL,
-        0x86ddebdad32e69b5L } },
-    /* 27 << 245 */
-    { { 0x6ad94a3dfddf7415L,0xf7fa13093f6e8d5aL,0xc4831d1de9957f75L,
-        0x7de28501d5817447L },
-      { 0x6f1d70789e2aeb6bL,0xba2b9ff4f67a53c2L,0x36963767df9defc3L,
-        0x479deed30d38022cL } },
-    /* 28 << 245 */
-    { { 0xd2edb89b3a8631e8L,0x8de855de7a213746L,0xb2056cb7b00c5f11L,
-        0xdeaefbd02c9b85e4L },
-      { 0x03f39a8dd150892dL,0x37b84686218b7985L,0x36296dd8b7375f1aL,
-        0x472cd4b1b78e898eL } },
-    /* 29 << 245 */
-    { { 0x15dff651e9f05de9L,0xd40450692ce98ba9L,0x8466a7ae9b38024cL,
-        0xb910e700e5a6b5efL },
-      { 0xae1c56eab3aa8f0dL,0xbab2a5077eee74a6L,0x0dca11e24b4c4620L,
-        0xfd896e2e4c47d1f4L } },
-    /* 30 << 245 */
-    { { 0xeb45ae53308fbd93L,0x46cd5a2e02c36fdaL,0x6a3d4e90baa48385L,
-        0xdd55e62e9dbe9960L },
-      { 0xa1406aa02a81ede7L,0x6860dd14f9274ea7L,0xcfdcb0c280414f86L,
-        0xff410b1022f94327L } },
-    /* 31 << 245 */
-    { { 0x5a33cc3849ad467bL,0xefb48b6c0a7335f1L,0x14fb54a4b153a360L,
-        0x604aa9d2b52469ccL },
-      { 0x5e9dc486754e48e9L,0x693cb45537471e8eL,0xfb2fd7cd8d3b37b6L,
-        0x63345e16cf09ff07L } },
-    /* 32 << 245 */
-    { { 0x9910ba6b23a5d896L,0x1fe19e357fe4364eL,0x6e1da8c39a33c677L,
-        0x15b4488b29fd9fd0L },
-      { 0x1f4392541a1f22bfL,0x920a8a70ab8163e8L,0x3fd1b24907e5658eL,
-        0xf2c4f79cb6ec839bL } },
-    /* 33 << 245 */
-    { { 0x1abbc3d04aa38d1bL,0x3b0db35cb5d9510eL,0x1754ac783e60dec0L,
-        0x53272fd7ea099b33L },
-      { 0x5fb0494f07a8e107L,0x4a89e1376a8191faL,0xa113b7f63c4ad544L,
-        0x88a2e9096cb9897bL } },
-    /* 34 << 245 */
-    { { 0x17d55de3b44a3f84L,0xacb2f34417c6c690L,0x3208816810232390L,
-        0xf2e8a61f6c733bf7L },
-      { 0xa774aab69c2d7652L,0xfb5307e3ed95c5bcL,0xa05c73c24981f110L,
-        0x1baae31ca39458c9L } },
-    /* 35 << 245 */
-    { { 0x1def185bcbea62e7L,0xe8ac9eaeeaf63059L,0x098a8cfd9921851cL,
-        0xd959c3f13abe2f5bL },
-      { 0xa4f1952520e40ae5L,0x320789e307a24aa1L,0x259e69277392b2bcL,
-        0x58f6c6671918668bL } },
-    /* 36 << 245 */
-    { { 0xce1db2bbc55d2d8bL,0x41d58bb7f4f6ca56L,0x7650b6808f877614L,
-        0x905e16baf4c349edL },
-      { 0xed415140f661acacL,0x3b8784f0cb2270afL,0x3bc280ac8a402cbaL,
-        0xd53f71460937921aL } },
-    /* 37 << 245 */
-    { { 0xc03c8ee5e5681e83L,0x62126105f6ac9e4aL,0x9503a53f936b1a38L,
-        0x3d45e2d4782fecbdL },
-      { 0x69a5c43976e8ae98L,0xb53b2eebbfb4b00eL,0xf167471272386c89L,
-        0x30ca34a24268bce4L } },
-    /* 38 << 245 */
-    { { 0x7f1ed86c78341730L,0x8ef5beb8b525e248L,0xbbc489fdb74fbf38L,
-        0x38a92a0e91a0b382L },
-      { 0x7a77ba3f22433ccfL,0xde8362d6a29f05a9L,0x7f6a30ea61189afcL,
-        0x693b550559ef114fL } },
-    /* 39 << 245 */
-    { { 0x50266bc0cd1797a1L,0xea17b47ef4b7af2dL,0xd6c4025c3df9483eL,
-        0x8cbb9d9fa37b18c9L },
-      { 0x91cbfd9c4d8424cfL,0xdb7048f1ab1c3506L,0x9eaf641f028206a3L,
-        0xf986f3f925bdf6ceL } },
-    /* 40 << 245 */
-    { { 0x262143b5224c08dcL,0x2bbb09b481b50c91L,0xc16ed709aca8c84fL,
-        0xa6210d9db2850ca8L },
-      { 0x6d8df67a09cb54d6L,0x91eef6e0500919a4L,0x90f613810f132857L,
-        0x9acede47f8d5028bL } },
-    /* 41 << 245 */
-    { { 0x844d1b7190b771c3L,0x563b71e4ba6426beL,0x2efa2e83bdb802ffL,
-        0x3410cbabab5b4a41L },
-      { 0x555b2d2630da84ddL,0xd0711ae9ee1cc29aL,0xcf3e8c602f547792L,
-        0x03d7d5dedc678b35L } },
-    /* 42 << 245 */
-    { { 0x071a2fa8ced806b8L,0x222e6134697f1478L,0xdc16fd5dabfcdbbfL,
-        0x44912ebf121b53b8L },
-      { 0xac9436742496c27cL,0x8ea3176c1ffc26b0L,0xb6e224ac13debf2cL,
-        0x524cc235f372a832L } },
-    /* 43 << 245 */
-    { { 0xd706e1d89f6f1b18L,0x2552f00544cce35bL,0x8c8326c2a88e31fcL,
-        0xb5468b2cf9552047L },
-      { 0xce683e883ff90f2bL,0x77947bdf2f0a5423L,0xd0a1b28bed56e328L,
-        0xaee35253c20134acL } },
-    /* 44 << 245 */
-    { { 0x7e98367d3567962fL,0x379ed61f8188bffbL,0x73bba348faf130a1L,
-        0x6c1f75e1904ed734L },
-      { 0x189566423b4a79fcL,0xf20bc83d54ef4493L,0x836d425d9111eca1L,
-        0xe5b5c318009a8dcfL } },
-    /* 45 << 245 */
-    { { 0x3360b25d13221bc5L,0x707baad26b3eeaf7L,0xd7279ed8743a95a1L,
-        0x7450a875969e809fL },
-      { 0x32b6bd53e5d0338fL,0x1e77f7af2b883bbcL,0x90da12cc1063ecd0L,
-        0xe2697b58c315be47L } },
-    /* 46 << 245 */
-    { { 0x2771a5bdda85d534L,0x53e78c1fff980eeaL,0xadf1cf84900385e7L,
-        0x7d3b14f6c9387b62L },
-      { 0x170e74b0cb8f2bd2L,0x2d50b486827fa993L,0xcdbe8c9af6f32babL,
-        0x55e906b0c3b93ab8L } },
-    /* 47 << 245 */
-    { { 0x747f22fc8fe280d1L,0xcd8e0de5b2e114abL,0x5ab7dbebe10b68b0L,
-        0x9dc63a9ca480d4b2L },
-      { 0x78d4bc3b4be1495fL,0x25eb3db89359122dL,0x3f8ac05b0809cbdcL,
-        0xbf4187bbd37c702fL } },
-    /* 48 << 245 */
-    { { 0x84cea0691416a6a5L,0x8f860c7943ef881cL,0x41311f8a38038a5dL,
-        0xe78c2ec0fc612067L },
-      { 0x494d2e815ad73581L,0xb4cc9e0059604097L,0xff558aecf3612cbaL,
-        0x35beef7a9e36c39eL } },
-    /* 49 << 245 */
-    { { 0x1845c7cfdbcf41b9L,0x5703662aaea997c0L,0x8b925afee402f6d8L,
-        0xd0a1b1ae4dd72162L },
-      { 0x9f47b37503c41c4bL,0xa023829b0391d042L,0x5f5045c3503b8b0aL,
-        0x123c268898c010e5L } },
-    /* 50 << 245 */
-    { { 0x324ec0cc36ba06eeL,0xface31153dd2cc0cL,0xb364f3bef333e91fL,
-        0xef8aff7328e832b0L },
-      { 0x1e9bad042d05841bL,0x42f0e3df356a21e2L,0xa3270bcb4add627eL,
-        0xb09a8158d322e711L } },
-    /* 51 << 245 */
-    { { 0x86e326a10fee104aL,0xad7788f83703f65dL,0x7e76543047bc4833L,
-        0x6cee582b2b9b893aL },
-      { 0x9cd2a167e8f55a7bL,0xefbee3c6d9e4190dL,0x33ee7185d40c2e9dL,
-        0x844cc9c5a380b548L } },
-    /* 52 << 245 */
-    { { 0x323f8ecd66926e04L,0x0001e38f8110c1baL,0x8dbcac12fc6a7f07L,
-        0xd65e1d580cec0827L },
-      { 0xd2cd4141be76ca2dL,0x7895cf5ce892f33aL,0x956d230d367139d2L,
-        0xa91abd3ed012c4c1L } },
-    /* 53 << 245 */
-    { { 0x34fa488387eb36bfL,0xc5f07102914b8fb4L,0x90f0e579adb9c95fL,
-        0xfe6ea8cb28888195L },
-      { 0x7b9b5065edfa9284L,0x6c510bd22b8c8d65L,0xd7b8ebefcbe8aafdL,
-        0xedb3af9896b1da07L } },
-    /* 54 << 245 */
-    { { 0x28ff779d6295d426L,0x0c4f6ac73fa3ad7bL,0xec44d0548b8e2604L,
-        0x9b32a66d8b0050e1L },
-      { 0x1f943366f0476ce2L,0x7554d953a602c7b4L,0xbe35aca6524f2809L,
-        0xb6881229fd4edbeaL } },
-    /* 55 << 245 */
-    { { 0xe8cd0c8f508efb63L,0x9eb5b5c86abcefc7L,0xf5621f5fb441ab4fL,
-        0x79e6c046b76a2b22L },
-      { 0x74a4792ce37a1f69L,0xcbd252cb03542b60L,0x785f65d5b3c20bd3L,
-        0x8dea61434fabc60cL } },
-    /* 56 << 245 */
-    { { 0x45e21446de673629L,0x57f7aa1e703c2d21L,0xa0e99b7f98c868c7L,
-        0x4e42f66d8b641676L },
-      { 0x602884dc91077896L,0xa0d690cfc2c9885bL,0xfeb4da333b9a5187L,
-        0x5f789598153c87eeL } },
-    /* 57 << 245 */
-    { { 0x2192dd4752b16dbaL,0xdeefc0e63524c1b1L,0x465ea76ee4383693L,
-        0x79401711361b8d98L },
-      { 0xa5f9ace9f21a15cbL,0x73d26163efee9aebL,0xcca844b3e677016cL,
-        0x6c122b0757eaee06L } },
-    /* 58 << 245 */
-    { { 0xb782dce715f09690L,0x508b9b122dfc0fc9L,0x9015ab4b65d89fc6L,
-        0x5e79dab7d6d5bb0fL },
-      { 0x64f021f06c775aa2L,0xdf09d8cc37c7eca1L,0x9a761367ef2fa506L,
-        0xed4ca4765b81eec6L } },
-    /* 59 << 245 */
-    { { 0x262ede3610bbb8b5L,0x0737ce830641ada3L,0x4c94288ae9831cccL,
-        0x487fc1ce8065e635L },
-      { 0xb13d7ab3b8bb3659L,0xdea5df3e855e4120L,0xb9a1857385eb0244L,
-        0x1a1b8ea3a7cfe0a3L } },
-    /* 60 << 245 */
-    { { 0x3b83711967b0867cL,0x8d5e0d089d364520L,0x52dccc1ed930f0e3L,
-        0xefbbcec7bf20bbafL },
-      { 0x99cffcab0263ad10L,0xd8199e6dfcd18f8aL,0x64e2773fe9f10617L,
-        0x0079e8e108704848L } },
-    /* 61 << 245 */
-    { { 0x1169989f8a342283L,0x8097799ca83012e6L,0xece966cb8a6a9001L,
-        0x93b3afef072ac7fcL },
-      { 0xe6893a2a2db3d5baL,0x263dc46289bf4fdcL,0x8852dfc9e0396673L,
-        0x7ac708953af362b6L } },
-    /* 62 << 245 */
-    { { 0xbb9cce4d5c2f342bL,0xbf80907ab52d7aaeL,0x97f3d3cd2161bcd0L,
-        0xb25b08340962744dL },
-      { 0xc5b18ea56c3a1ddaL,0xfe4ec7eb06c92317L,0xb787b890ad1c4afeL,
-        0xdccd9a920ede801aL } },
-    /* 63 << 245 */
-    { { 0x9ac6dddadb58da1fL,0x22bbc12fb8cae6eeL,0xc6f8bced815c4a43L,
-        0x8105a92cf96480c7L },
-      { 0x0dc3dbf37a859d51L,0xe3ec7ce63041196bL,0xd9f64b250d1067c9L,
-        0xf23213213d1f8dd8L } },
-    /* 64 << 245 */
-    { { 0x8b5c619c76497ee8L,0x5d2b0ac6c717370eL,0x98204cb64fcf68e1L,
-        0x0bdec21162bc6792L },
-      { 0x6973ccefa63b1011L,0xf9e3fa97e0de1ac5L,0x5efb693e3d0e0c8bL,
-        0x037248e9d2d4fcb4L } },
-    /* 0 << 252 */
-    { { 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 252 */
-    { { 0x80802dc91ec34f9eL,0xd8772d3533810603L,0x3f06d66c530cb4f3L,
-        0x7be5ed0dc475c129L },
-      { 0xcb9e3c1931e82b10L,0xc63d2857c9ff6b4cL,0xb92118c692a1b45eL,
-        0x0aec44147285bbcaL } },
-    /* 2 << 252 */
-    { { 0xfc189ae71e29a3efL,0xcbe906f04c93302eL,0xd0107914ceaae10eL,
-        0xb7a23f34b68e19f8L },
-      { 0xe9d875c2efd2119dL,0x03198c6efcadc9c8L,0x65591bf64da17113L,
-        0x3cf0bbf83d443038L } },
-    /* 3 << 252 */
-    { { 0xae485bb72b724759L,0x945353e1b2d4c63aL,0x82159d07de7d6f2cL,
-        0x389caef34ec5b109L },
-      { 0x4a8ebb53db65ef14L,0x2dc2cb7edd99de43L,0x816fa3ed83f2405fL,
-        0x73429bb9c14208a3L } },
-    /* 4 << 252 */
-    { { 0xb618d590b01e6e27L,0x047e2ccde180b2dcL,0xd1b299b504aea4a9L,
-        0x412c9e1e9fa403a4L },
-      { 0x88d28a3679407552L,0x49c50136f332b8e3L,0x3a1b6fcce668de19L,
-        0x178851bc75122b97L } },
-    /* 5 << 252 */
-    { { 0xb1e13752fb85fa4cL,0xd61257ce383c8ce9L,0xd43da670d2f74daeL,
-        0xa35aa23fbf846bbbL },
-      { 0x5e74235d4421fc83L,0xf6df8ee0c363473bL,0x34d7f52a3c4aa158L,
-        0x50d05aab9bc6d22eL } },
-    /* 6 << 252 */
-    { { 0x8c56e735a64785f4L,0xbc56637b5f29cd07L,0x53b2bb803ee35067L,
-        0x50235a0fdc919270L },
-      { 0x191ab6d8f2c4aa65L,0xc34758318396023bL,0x80400ba5f0f805baL,
-        0x8881065b5ec0f80fL } },
-    /* 7 << 252 */
-    { { 0xc370e522cc1b5e83L,0xde2d4ad1860b8bfbL,0xad364df067b256dfL,
-        0x8f12502ee0138997L },
-      { 0x503fa0dc7783920aL,0xe80014adc0bc866aL,0x3f89b744d3064ba6L,
-        0x03511dcdcba5dba5L } },
-    /* 8 << 252 */
-    { { 0x197dd46d95a7b1a2L,0x9c4e7ad63c6341fbL,0x426eca29484c2eceL,
-        0x9211e489de7f4f8aL },
-      { 0x14997f6ec78ef1f4L,0x2b2c091006574586L,0x17286a6e1c3eede8L,
-        0x25f92e470f60e018L } },
-    /* 9 << 252 */
-    { { 0x805c564631890a36L,0x703ef60057feea5bL,0x389f747caf3c3030L,
-        0xe0e5daeb54dd3739L },
-      { 0xfe24a4c3c9c9f155L,0x7e4bf176b5393962L,0x37183de2af20bf29L,
-        0x4a1bd7b5f95a8c3bL } },
-    /* 10 << 252 */
-    { { 0xa83b969946191d3dL,0x281fc8dd7b87f257L,0xb18e2c1354107588L,
-        0x6372def79b2bafe8L },
-      { 0xdaf4bb480d8972caL,0x3f2dd4b756167a3fL,0x1eace32d84310cf4L,
-        0xe3bcefafe42700aaL } },
-    /* 11 << 252 */
-    { { 0x5fe5691ed785e73dL,0xa5db5ab62ea60467L,0x02e23d41dfc6514aL,
-        0x35e8048ee03c3665L },
-      { 0x3f8b118f1adaa0f8L,0x28ec3b4584ce1a5aL,0xe8cacc6e2c6646b8L,
-        0x1343d185dbd0e40fL } },
-    /* 12 << 252 */
-    { { 0xe5d7f844caaa358cL,0x1a1db7e49924182aL,0xd64cd42d9c875d9aL,
-        0xb37b515f042eeec8L },
-      { 0x4d4dd4097b165fbeL,0xfc322ed9e206eff3L,0x7dee410259b7e17eL,
-        0x55a481c08236ca00L } },
-    /* 13 << 252 */
-    { { 0x8c885312c23fc975L,0x1571580605d6297bL,0xa078868ef78edd39L,
-        0x956b31e003c45e52L },
-      { 0x470275d5ff7b33a6L,0xc8d5dc3a0c7e673fL,0x419227b47e2f2598L,
-        0x8b37b6344c14a975L } },
-    /* 14 << 252 */
-    { { 0xd0667ed68b11888cL,0x5e0e8c3e803e25dcL,0x34e5d0dcb987a24aL,
-        0x9f40ac3bae920323L },
-      { 0x5463de9534e0f63aL,0xa128bf926b6328f9L,0x491ccd7cda64f1b7L,
-        0x7ef1ec27c47bde35L } },
-    /* 15 << 252 */
-    { { 0xa857240fa36a2737L,0x35dc136663621bc1L,0x7a3a6453d4fb6897L,
-        0x80f1a439c929319dL },
-      { 0xfc18274bf8cb0ba0L,0xb0b537668078c5ebL,0xfb0d49241e01d0efL,
-        0x50d7c67d372ab09cL } },
-    /* 16 << 252 */
-    { { 0xb4e370af3aeac968L,0xe4f7fee9c4b63266L,0xb4acd4c2e3ac5664L,
-        0xf8910bd2ceb38cbfL },
-      { 0x1c3ae50cc9c0726eL,0x15309569d97b40bfL,0x70884b7ffd5a5a1bL,
-        0x3890896aef8314cdL } },
-    /* 17 << 252 */
-    { { 0x58e1515ca5618c93L,0xe665432b77d942d1L,0xb32181bfb6f767a8L,
-        0x753794e83a604110L },
-      { 0x09afeb7ce8c0dbccL,0x31e02613598673a3L,0x5d98e5577d46db00L,
-        0xfc21fb8c9d985b28L } },
-    /* 18 << 252 */
-    { { 0xc9040116b0843e0bL,0x53b1b3a869b04531L,0xdd1649f085d7d830L,
-        0xbb3bcc87cb7427e8L },
-      { 0x77261100c93dce83L,0x7e79da61a1922a2aL,0x587a2b02f3149ce8L,
-        0x147e1384de92ec83L } },
-    /* 19 << 252 */
-    { { 0x484c83d3af077f30L,0xea78f8440658b53aL,0x912076c2027aec53L,
-        0xf34714e393c8177dL },
-      { 0x37ef5d15c2376c84L,0x8315b6593d1aa783L,0x3a75c484ef852a90L,
-        0x0ba0c58a16086bd4L } },
-    /* 20 << 252 */
-    { { 0x29688d7a529a6d48L,0x9c7f250dc2f19203L,0x123042fb682e2df9L,
-        0x2b7587e7ad8121bcL },
-      { 0x30fc0233e0182a65L,0xb82ecf87e3e1128aL,0x7168286193fb098fL,
-        0x043e21ae85e9e6a7L } },
-    /* 21 << 252 */
-    { { 0xab5b49d666c834eaL,0x3be43e1847414287L,0xf40fb859219a2a47L,
-        0x0e6559e9cc58df3cL },
-      { 0xfe1dfe8e0c6615b4L,0x14abc8fd56459d70L,0x7be0fa8e05de0386L,
-        0x8e63ef68e9035c7cL } },
-    /* 22 << 252 */
-    { { 0x116401b453b31e91L,0x0cba7ad44436b4d8L,0x9151f9a0107afd66L,
-        0xafaca8d01f0ee4c4L },
-      { 0x75fe5c1d9ee9761cL,0x3497a16bf0c0588fL,0x3ee2bebd0304804cL,
-        0xa8fb9a60c2c990b9L } },
-    /* 23 << 252 */
-    { { 0xd14d32fe39251114L,0x36bf25bccac73366L,0xc9562c66dba7495cL,
-        0x324d301b46ad348bL },
-      { 0x9f46620cd670407eL,0x0ea8d4f1e3733a01L,0xd396d532b0c324e0L,
-        0x5b211a0e03c317cdL } },
-    /* 24 << 252 */
-    { { 0x090d7d205ffe7b37L,0x3b7f3efb1747d2daL,0xa2cb525fb54fc519L,
-        0x6e220932f66a971eL },
-      { 0xddc160dfb486d440L,0x7fcfec463fe13465L,0x83da7e4e76e4c151L,
-        0xd6fa48a1d8d302b5L } },
-    /* 25 << 252 */
-    { { 0xc6304f265872cd88L,0x806c1d3c278b90a1L,0x3553e725caf0bc1cL,
-        0xff59e603bb9d8d5cL },
-      { 0xa4550f327a0b85ddL,0xdec5720a93ecc217L,0x0b88b74169d62213L,
-        0x7212f2455b365955L } },
-    /* 26 << 252 */
-    { { 0x20764111b5cae787L,0x13cb7f581dfd3124L,0x2dca77da1175aefbL,
-        0xeb75466bffaae775L },
-      { 0x74d76f3bdb6cff32L,0x7440f37a61fcda9aL,0x1bb3ac92b525028bL,
-        0x20fbf8f7a1975f29L } },
-    /* 27 << 252 */
-    { { 0x982692e1df83097fL,0x28738f6c554b0800L,0xdc703717a2ce2f2fL,
-        0x7913b93c40814194L },
-      { 0x049245931fe89636L,0x7b98443ff78834a6L,0x11c6ab015114a5a1L,
-        0x60deb383ffba5f4cL } },
-    /* 28 << 252 */
-    { { 0x4caa54c601a982e6L,0x1dd35e113491cd26L,0x973c315f7cbd6b05L,
-        0xcab0077552494724L },
-      { 0x04659b1f6565e15aL,0xbf30f5298c8fb026L,0xfc21641ba8a0de37L,
-        0xe9c7a366fa5e5114L } },
-    /* 29 << 252 */
-    { { 0xdb849ca552f03ad8L,0xc7e8dbe9024e35c0L,0xa1a2bbaccfc3c789L,
-        0xbf733e7d9c26f262L },
-      { 0x882ffbf5b8444823L,0xb7224e886bf8483bL,0x53023b8b65bef640L,
-        0xaabfec91d4d5f8cdL } },
-    /* 30 << 252 */
-    { { 0xa40e1510079ea1bdL,0x1ad9addcd05d5d26L,0xdb3f2eab13e68d4fL,
-        0x1cff1ae2640f803fL },
-      { 0xe0e7b749d4cee117L,0x8e9f275b4036d909L,0xce34e31d8f4d4c38L,
-        0x22b37f69d75130fcL } },
-    /* 31 << 252 */
-    { { 0x83e0f1fdb4014604L,0xa8ce991989415078L,0x82375b7541792efeL,
-        0x4f59bf5c97d4515bL },
-      { 0xac4f324f923a277dL,0xd9bc9b7d650f3406L,0xc6fa87d18a39bc51L,
-        0x825885305ccc108fL } },
-    /* 32 << 252 */
-    { { 0x5ced3c9f82e4c634L,0x8efb83143a4464f8L,0xe706381b7a1dca25L,
-        0x6cd15a3c5a2a412bL },
-      { 0x9347a8fdbfcd8fb5L,0x31db2eef6e54cd22L,0xc4aeb11ef8d8932fL,
-        0x11e7c1ed344411afL } },
-    /* 33 << 252 */
-    { { 0x2653050cdc9a151eL,0x9edbfc083bb0a859L,0x926c81c7fd5691e7L,
-        0x9c1b23426f39019aL },
-      { 0x64a81c8b7f8474b9L,0x90657c0701761819L,0x390b333155e0375aL,
-        0xc676c626b6ebc47dL } },
-    /* 34 << 252 */
-    { { 0x51623247b7d6dee8L,0x0948d92779659313L,0x99700161e9ab35edL,
-        0x06cc32b48ddde408L },
-      { 0x6f2fd664061ef338L,0x1606fa02c202e9edL,0x55388bc1929ba99bL,
-        0xc4428c5e1e81df69L } },
-    /* 35 << 252 */
-    { { 0xce2028aef91b0b2aL,0xce870a23f03dfd3fL,0x66ec2c870affe8edL,
-        0xb205fb46284d0c00L },
-      { 0xbf5dffe744cefa48L,0xb6fc37a8a19876d7L,0xbecfa84c08b72863L,
-        0xd7205ff52576374fL } },
-    /* 36 << 252 */
-    { { 0x80330d328887de41L,0x5de0df0c869ea534L,0x13f427533c56ea17L,
-        0xeb1f6069452b1a78L },
-      { 0x50474396e30ea15cL,0x575816a1c1494125L,0xbe1ce55bfe6bb38fL,
-        0xb901a94896ae30f7L } },
-    /* 37 << 252 */
-    { { 0xe5af0f08d8fc3548L,0x5010b5d0d73bfd08L,0x993d288053fe655aL,
-        0x99f2630b1c1309fdL },
-      { 0xd8677bafb4e3b76fL,0x14e51ddcb840784bL,0x326c750cbf0092ceL,
-        0xc83d306bf528320fL } },
-    /* 38 << 252 */
-    { { 0xc445671577d4715cL,0xd30019f96b703235L,0x207ccb2ed669e986L,
-        0x57c824aff6dbfc28L },
-      { 0xf0eb532fd8f92a23L,0x4a557fd49bb98fd2L,0xa57acea7c1e6199aL,
-        0x0c6638208b94b1edL } },
-    /* 39 << 252 */
-    { { 0x9b42be8ff83a9266L,0xc7741c970101bd45L,0x95770c1107bd9cebL,
-        0x1f50250a8b2e0744L },
-      { 0xf762eec81477b654L,0xc65b900e15efe59aL,0x88c961489546a897L,
-        0x7e8025b3c30b4d7cL } },
-    /* 40 << 252 */
-    { { 0xae4065ef12045cf9L,0x6fcb2caf9ccce8bdL,0x1fa0ba4ef2cf6525L,
-        0xf683125dcb72c312L },
-      { 0xa01da4eae312410eL,0x67e286776cd8e830L,0xabd9575298fb3f07L,
-        0x05f11e11eef649a5L } },
-    /* 41 << 252 */
-    { { 0xba47faef9d3472c2L,0x3adff697c77d1345L,0x4761fa04dd15afeeL,
-        0x64f1f61ab9e69462L },
-      { 0xfa691fab9bfb9093L,0x3df8ae8fa1133dfeL,0xcd5f896758cc710dL,
-        0xfbb88d5016c7fe79L } },
-    /* 42 << 252 */
-    { { 0x8e011b4ce88c50d1L,0x7532e807a8771c4fL,0x64c78a48e2278ee4L,
-        0x0b283e833845072aL },
-      { 0x98a6f29149e69274L,0xb96e96681868b21cL,0x38f0adc2b1a8908eL,
-        0x90afcff71feb829dL } },
-    /* 43 << 252 */
-    { { 0x9915a383210b0856L,0xa5a80602def04889L,0x800e9af97c64d509L,
-        0x81382d0bb8996f6fL },
-      { 0x490eba5381927e27L,0x46c63b324af50182L,0x784c5fd9d3ad62ceL,
-        0xe4fa1870f8ae8736L } },
-    /* 44 << 252 */
-    { { 0x4ec9d0bcd7466b25L,0x84ddbe1adb235c65L,0x5e2645ee163c1688L,
-        0x570bd00e00eba747L },
-      { 0xfa51b629128bfa0fL,0x92fce1bd6c1d3b68L,0x3e7361dcb66778b1L,
-        0x9c7d249d5561d2bbL } },
-    /* 45 << 252 */
-    { { 0xa40b28bf0bbc6229L,0x1c83c05edfd91497L,0x5f9f5154f083df05L,
-        0xbac38b3ceee66c9dL },
-      { 0xf71db7e3ec0dfcfdL,0xf2ecda8e8b0a8416L,0x52fddd867812aa66L,
-        0x2896ef104e6f4272L } },
-    /* 46 << 252 */
-    { { 0xff27186a0fe9a745L,0x08249fcd49ca70dbL,0x7425a2e6441cac49L,
-        0xf4a0885aece5ff57L },
-      { 0x6e2cb7317d7ead58L,0xf96cf7d61898d104L,0xafe67c9d4f2c9a89L,
-        0x89895a501c7bf5bcL } },
-    /* 47 << 252 */
-    { { 0xdc7cb8e5573cecfaL,0x66497eaed15f03e6L,0x6bc0de693f084420L,
-        0x323b9b36acd532b0L },
-      { 0xcfed390a0115a3c1L,0x9414c40b2d65ca0eL,0x641406bd2f530c78L,
-        0x29369a44833438f2L } },
-    /* 48 << 252 */
-    { { 0x996884f5903fa271L,0xe6da0fd2b9da921eL,0xa6f2f2695db01e54L,
-        0x1ee3e9bd6876214eL },
-      { 0xa26e181ce27a9497L,0x36d254e48e215e04L,0x42f32a6c252cabcaL,
-        0x9948148780b57614L } },
-    /* 49 << 252 */
-    { { 0x4c4dfe6940d9cae1L,0x0586958011a10f09L,0xca287b573491b64bL,
-        0x77862d5d3fd4a53bL },
-      { 0xbf94856e50349126L,0x2be30bd171c5268fL,0x10393f19cbb650a6L,
-        0x639531fe778cf9fdL } },
-    /* 50 << 252 */
-    { { 0x02556a11b2935359L,0xda38aa96af8c126eL,0x47dbe6c20960167fL,
-        0x37bbabb6501901cdL },
-      { 0xb6e979e02c947778L,0xd69a51757a1a1dc6L,0xc3ed50959d9faf0cL,
-        0x4dd9c0961d5fa5f0L } },
-    /* 51 << 252 */
-    { { 0xa0c4304d64f16ea8L,0x8b1cac167e718623L,0x0b5765467c67f03eL,
-        0x559cf5adcbd88c01L },
-      { 0x074877bb0e2af19aL,0x1f717ec1a1228c92L,0x70bcb800326e8920L,
-        0xec6e2c5c4f312804L } },
-    /* 52 << 252 */
-    { { 0x426aea7d3fca4752L,0xf12c09492211f62aL,0x24beecd87be7b6b5L,
-        0xb77eaf4c36d7a27dL },
-      { 0x154c2781fda78fd3L,0x848a83b0264eeabeL,0x81287ef04ffe2bc4L,
-        0x7b6d88c6b6b6fc2aL } },
-    /* 53 << 252 */
-    { { 0x805fb947ce417d99L,0x4b93dcc38b916cc4L,0x72e65bb321273323L,
-        0xbcc1badd6ea9886eL },
-      { 0x0e2230114bc5ee85L,0xa561be74c18ee1e4L,0x762fd2d4a6bcf1f1L,
-        0x50e6a5a495231489L } },
-    /* 54 << 252 */
-    { { 0xca96001fa00b500bL,0x5c098cfc5d7dcdf5L,0xa64e2d2e8c446a85L,
-        0xbae9bcf1971f3c62L },
-      { 0x4ec226838435a2c5L,0x8ceaed6c4bad4643L,0xe9f8fb47ccccf4e3L,
-        0xbd4f3fa41ce3b21eL } },
-    /* 55 << 252 */
-    { { 0xd79fb110a3db3292L,0xe28a37dab536c66aL,0x279ce87b8e49e6a9L,
-        0x70ccfe8dfdcec8e3L },
-      { 0x2193e4e03ba464b2L,0x0f39d60eaca9a398L,0x7d7932aff82c12abL,
-        0xd8ff50ed91e7e0f7L } },
-    /* 56 << 252 */
-    { { 0xea961058fa28a7e0L,0xc726cf250bf5ec74L,0xe74d55c8db229666L,
-        0x0bd9abbfa57f5799L },
-      { 0x7479ef074dfc47b3L,0xd9c65fc30c52f91dL,0x8e0283fe36a8bde2L,
-        0xa32a8b5e7d4b7280L } },
-    /* 57 << 252 */
-    { { 0x6a677c6112e83233L,0x0fbb3512dcc9bf28L,0x562e8ea50d780f61L,
-        0x0db8b22b1dc4e89cL },
-      { 0x0a6fd1fb89be0144L,0x8c77d246ca57113bL,0x4639075dff09c91cL,
-        0x5b47b17f5060824cL } },
-    /* 58 << 252 */
-    { { 0x58aea2b016287b52L,0xa1343520d0cd8eb0L,0x6148b4d0c5d58573L,
-        0xdd2b6170291c68aeL },
-      { 0xa61b39291da3b3b7L,0x5f946d7908c4ac10L,0x4105d4a57217d583L,
-        0x5061da3d25e6de5eL } },
-    /* 59 << 252 */
-    { { 0x3113940dec1b4991L,0xf12195e136f485aeL,0xa7507fb2731a2ee0L,
-        0x95057a8e6e9e196eL },
-      { 0xa3c2c9112e130136L,0x97dfbb3633c60d15L,0xcaf3c581b300ee2bL,
-        0x77f25d90f4bac8b8L } },
-    /* 60 << 252 */
-    { { 0xdb1c4f986d840cd6L,0x471d62c0e634288cL,0x8ec2f85ecec8a161L,
-        0x41f37cbcfa6f4ae2L },
-      { 0x6793a20f4b709985L,0x7a7bd33befa8985bL,0x2c6a3fbd938e6446L,
-        0x190426192a8d47c1L } },
-    /* 61 << 252 */
-    { { 0x16848667cc36975fL,0x02acf1689d5f1dfbL,0x62d41ad4613baa94L,
-        0xb56fbb929f684670L },
-      { 0xce610d0de9e40569L,0x7b99c65f35489fefL,0x0c88ad1b3df18b97L,
-        0x81b7d9be5d0e9edbL } },
-    /* 62 << 252 */
-    { { 0xd85218c0c716cc0aL,0xf4b5ff9085691c49L,0xa4fd666bce356ac6L,
-        0x17c728954b327a7aL },
-      { 0xf93d5085da6be7deL,0xff71530e3301d34eL,0x4cd96442d8f448e8L,
-        0x9283d3312ed18ffaL } },
-    /* 63 << 252 */
-    { { 0x4d33dd992a849870L,0xa716964b41576335L,0xff5e3a9b179be0e5L,
-        0x5b9d6b1b83b13632L },
-      { 0x3b8bd7d4a52f313bL,0xc9dd95a0637a4660L,0x300359620b3e218fL,
-        0xce1481a3c7b28a3cL } },
-    /* 64 << 252 */
-    { { 0xab41b43a43228d83L,0x24ae1c304ad63f99L,0x8e525f1a46a51229L,
-        0x14af860fcd26d2b4L },
-      { 0xd6baef613f714aa1L,0xf51865adeb78795eL,0xd3e21fcee6a9d694L,
-        0x82ceb1dd8a37b527L } },
-};
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_256 v[37];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_ecc_recode_7_4(k, v);
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        i = 36;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_65_4(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_65_4(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_256_sub_4(negy, p256_mod, p->y);
-            sp_256_norm_4(negy);
-            sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_256_proj_point_add_qz1_4(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_256_map_4(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_add_only_4(r, NULL, p256_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256* g,
-        const sp_table_entry_256* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 5);
-    sp_point_256* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_256 v[37];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_256, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_ecc_recode_7_4(k, v);
-
-        XMEMCPY(p->z, p256_norm_mod, sizeof(p256_norm_mod));
-        XMEMCPY(rt->z, p256_norm_mod, sizeof(p256_norm_mod));
-
-        i = 36;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_256_get_entry_65_avx2_4(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_256_get_entry_65_avx2_4(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_256_sub_4(negy, p256_mod, p->y);
-            sp_256_norm_4(negy);
-            sp_256_cond_copy_4(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_256_proj_point_add_qz1_avx2_4(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_256_map_avx2_4(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_256));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_ecc_mulmod_base_avx2_4(sp_point_256* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_256_ecc_mulmod_add_only_avx2_4(r, NULL, p256_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the base point of P256 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 4);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 4, km);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_base_avx2_4(point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_base_4(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P256 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 2);
-    SP_DECL_VAR(sp_digit, k, 4 + 4 * 2 * 6);
-    sp_point_256* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_256, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4 + 4 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 4;
-
-        sp_256_from_mp(k, 4, km);
-        sp_256_point_from_ecc_point_4(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->x, addP->x, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->y, addP->y, p256_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_256_mod_mul_norm_4(addP->z, addP->z, p256_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_base_avx2_4(point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_base_4(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_proj_point_add_avx2_4(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_256_proj_point_add_4(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_256_map_avx2_4(point, point, tmp);
-            }
-            else
-#endif
-                sp_256_map_4(point, point, tmp);
-        }
-
-        err = sp_256_point_to_ecc_point_4(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_add_one_4(sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_256_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_256_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_256_ecc_gen_k_4(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[32];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_256_from_bin(k, 4, buf, (int)sizeof(buf));
-            if (sp_256_cmp_4(k, p256_order2) <= 0) {
-                sp_256_add_one_4(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_256, point, 2);
-#else
-    SP_DECL_VAR(sp_point_256, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 4);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_256, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_256_ecc_gen_k_4(rng, k);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_base_avx2_4(point, k, 1, 1, NULL);
-       }
-        else
-#endif
-            err = sp_256_ecc_mulmod_base_4(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_avx2_4(infinity, point, p256_order, 1, 1,
-                                                                          NULL);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_4(infinity, point, p256_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_256_iszero_4(point->x) || sp_256_iszero_4(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_point_to_ecc_point_4(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_256_ctx {
-    int state;
-    sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-    sp_digit k[4];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256  point[2];
-#else
-    sp_point_256 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_256_ctx;
-
-int sp_ecc_make_key_256_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_256_ctx* ctx = (sp_ecc_key_gen_256_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_256* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_256_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_256_ecc_gen_k_4(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_base_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p256_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_256_iszero_4(ctx->point->x) ||
-                    sp_256_iszero_4(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_256_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_256_point_to_ecc_point_4(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_to_bin_bswap_4(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_to_bin_movbe_4(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 32
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_256_to_bin_4(sp_digit* r, byte* a)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_256_to_bin_movbe_4(r, a);
-    }
-    else
-#endif
-    {
-        sp_256_to_bin_bswap_4(r, a);
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_256(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_256, point, 1);
-    SP_DECL_VAR(sp_digit, k, 4);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(k, 4, priv);
-        sp_256_point_from_ecc_point_4(point, pub);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_avx2_4(point, point, k, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_4(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_256_to_bin_4(point->x, out);
-        *outLen = 32;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-    };
-    sp_digit k[4];
-    sp_point_256 point;
-} sp_ecc_sec_gen_256_ctx;
-
-int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_256_ctx* ctx = (sp_ecc_sec_gen_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_256_from_mp(ctx->k, 4, priv);
-            sp_256_point_from_ecc_point_4(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_256_to_bin_4(ctx->point.x, out);
-                *outLen = 32;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_256_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_256_sub_in_place_4(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mul_d_4(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mul_d_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_256_word_asm_4(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_256_word_4(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_256_word_asm_4(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_256_word_4(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<4; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[8];
-    sp_digit t2[5];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[3];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 4);
-    r1 = sp_256_cmp_4(&t1[4], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_256_cond_sub_avx2_4(&t1[4], &t1[4], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_256_cond_sub_4(&t1[4], &t1[4], d, (sp_digit)0 - r1);
-    for (i = 3; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[4 + i] == div);
-        sp_digit hi = t1[4 + i] + mask;
-        r1 = div_256_word_4(hi, t1[4 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_256_mul_d_avx2_4(t2, d, r1);
-        else
-#endif
-            sp_256_mul_d_4(t2, d, r1);
-        t1[4 + i] += sp_256_sub_in_place_4(&t1[i], t2);
-        t1[4 + i] -= t2[4];
-        sp_256_mask_4(t2, d, t1[4 + i]);
-        t1[4 + i] += sp_256_add_4(&t1[i], &t1[i], t2);
-        sp_256_mask_4(t2, d, t1[4 + i]);
-        t1[4 + i] += sp_256_add_4(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_256_cmp_4(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_256_cond_sub_avx2_4(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_256_cond_sub_4(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_256_div_4(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P256 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    sp_256_mul_4(r, a, b);
-    sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P256 curve. */
-static const word64 p256_order_minus_2[4] = {
-    0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU,
-    0xffffffff00000000U
-};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const word64 p256_order_low[2] = {
-    0xf3b9cac2fc63254fU,0xbce6faada7179e84U
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P256 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    sp_256_sqr_4(r, a);
-    sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_4(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    sp_256_mont_sqr_order_4(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_4(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-/* Context of non-blocking moduluar inversion with Montgomery form number. */
-typedef struct sp_256_mont_inv_order_4_ctx {
-    int state;    /* State of next operation. */
-    int i;        /* Index of bit in order. */
-} sp_256_mont_inv_order_4_ctx;
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static int sp_256_mont_inv_order_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    sp_256_mont_inv_order_4_ctx* ctx = (sp_256_mont_inv_order_4_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 4);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_4(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 4U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 4);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_4(t, t);
-        if ((p256_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 4U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 4;
-    sp_digit* t3 = td + 4 * 4;
-    sp_digit* t4 = td + 6 * 4;
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_4(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_4(t, t, a);
-    /* t4= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_4(t4, t, 2);
-    /* t3= a^f = t4 * t */
-    sp_256_mont_mul_order_4(t3, t4, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_4(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_4(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_4(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_4(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_4(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_4(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_4(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_4(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_4(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_4(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffb */
-    for (i=127; i>=124; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbc */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t4);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=119; i>=112; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9 */
-    for (i=59; i>=48; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9c */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t4);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9ca */
-    for (i=43; i>=40; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t4);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=35; i>=32; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    sp_256_mont_mul_order_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_4(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_mul_order_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_sqr_order_avx2_4(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P256 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_256_mont_sqr_n_order_avx2_4(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    sp_256_mont_sqr_order_avx2_4(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_avx2_4(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-/* Context of non-blocking moduluar inversion with Montgomery form number. */
-typedef struct sp_256_mont_inv_order_avx2_4_ctx {
-    int state;    /* State of next operation. */
-    int i;        /* Index of bit in order. */
-} sp_256_mont_inv_order_avx2_4_ctx;
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static int sp_256_mont_inv_order_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    sp_256_mont_inv_order_avx2_4_ctx* ctx = (sp_256_mont_inv_order_avx2_4_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_256_mont_inv_order_avx2_4_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 4);
-        ctx->i = 254;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_256_mont_sqr_order_avx2_4(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p256_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 4U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Invert the number, in Montgomery form, modulo the order of the P256 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_256_mont_inv_order_avx2_4(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 4);
-    for (i=254; i>=0; i--) {
-        sp_256_mont_sqr_order_avx2_4(t, t);
-        if ((p256_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 4U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 4;
-    sp_digit* t3 = td + 4 * 4;
-    sp_digit* t4 = td + 6 * 4;
-    int i;
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_avx2_4(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_avx2_4(t, t, a);
-    /* t4= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_avx2_4(t4, t, 2);
-    /* t3= a^f = t4 * t */
-    sp_256_mont_mul_order_avx2_4(t3, t4, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_avx2_4(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t, 8);
-    /* t = a^ffff = t2 * t */
-    sp_256_mont_mul_order_avx2_4(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_256_mont_mul_order_avx2_4(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
-    sp_256_mont_mul_order_avx2_4(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
-    sp_256_mont_mul_order_avx2_4(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffb */
-    for (i=127; i>=124; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbc */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    sp_256_mont_mul_order_avx2_4(t2, t2, t4);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=119; i>=112; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    sp_256_mont_mul_order_avx2_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    sp_256_mont_mul_order_avx2_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9 */
-    for (i=59; i>=48; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9c */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    sp_256_mont_mul_order_avx2_4(t2, t2, t4);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9ca */
-    for (i=43; i>=40; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    sp_256_mont_mul_order_avx2_4(t2, t2, t4);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=35; i>=32; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    sp_256_mont_mul_order_avx2_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_avx2_4(t2, t2);
-        if (((sp_digit)p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_avx2_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
-    sp_256_mont_sqr_n_order_avx2_4(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_avx2_4(r, t2, t3);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_s_4(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    /* Conv k to Montgomery form (mod order) */
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_256_mul_avx2_4(k, k, p256_norm_order);
-    }
-    else
-#endif
-        sp_256_mul_4(k, k, p256_norm_order);
-    err = sp_256_mod_4(k, k, p256_order);
-    if (err == MP_OKAY) {
-        sp_256_norm_4(k);
-
-        /* kInv = 1/k mod order */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_inv_order_avx2_4(kInv, k, tmp);
-        }
-        else
-#endif
-            sp_256_mont_inv_order_4(kInv, k, tmp);
-        sp_256_norm_4(kInv);
-
-        /* s = r * x + e */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mul_avx2_4(x, x, r);
-        }
-        else
-#endif
-            sp_256_mul_4(x, x, r);
-        err = sp_256_mod_4(x, x, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_4(x);
-        carry = sp_256_add_4(s, e, x);
-        sp_256_cond_sub_4(s, s, p256_order, 0 - carry);
-        sp_256_norm_4(s);
-        c = sp_256_cmp_4(s, p256_order);
-        sp_256_cond_sub_4(s, s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_4(s);
-
-        /* s = s * k^-1 mod order */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_mul_order_avx2_4(s, s, kInv);
-        }
-        else
-#endif
-            sp_256_mont_mul_order_4(s, s, kInv);
-        sp_256_norm_4(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 256 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 8 * 2 * 4);
-    SP_DECL_VAR(sp_point_256, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 8 * 2 * 4, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 4;
-        k = e + 4 * 4;
-        r = e + 6 * 4;
-        tmp = e + 8 * 4;
-        s = e;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_4(rng, k);
-        }
-        else {
-            sp_256_from_mp(k, 4, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_256_ecc_mulmod_base_avx2_4(point, k, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_256_ecc_mulmod_base_4(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 4U);
-            sp_256_norm_4(r);
-            c = sp_256_cmp_4(r, p256_order);
-            sp_256_cond_sub_4(r, r, p256_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_256_norm_4(r);
-
-            if (!sp_256_iszero_4(r)) {
-                /* x is modified in calculation of s. */
-                sp_256_from_mp(x, 4, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_256_from_bin(e, 4, hash, (int)hashLen);
-
-                err = sp_256_calc_s_4(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_256_iszero_4(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_256, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 8 * 2 * 4, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-        sp_256_mont_inv_order_4_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*4];
-    sp_digit x[2*4];
-    sp_digit k[2*4];
-    sp_digit r[2*4];
-    sp_digit tmp[4 * 2*4];
-    sp_point_256 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_256_ctx;
-
-int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_256_ctx* ctx = (sp_ecc_sign_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_256_ecc_gen_k_4(rng, ctx->k);
-        }
-        else {
-            sp_256_from_mp(ctx->k, 4, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p256_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 4U);
-        sp_256_norm_4(ctx->r);
-        c = sp_256_cmp_4(ctx->r, p256_order);
-        sp_256_cond_sub_4(ctx->r, ctx->r, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_4(ctx->r);
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-        sp_256_from_mp(ctx->x, 4, priv);
-        sp_256_from_bin(ctx->e, 4, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_256_mul_4(ctx->k, ctx->k, p256_norm_order);
-        err = sp_256_mod_4(ctx->k, ctx->k, p256_order);
-        if (err == MP_OKAY) {
-            sp_256_norm_4(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_256_mont_inv_order_4_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_256_norm_4(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_256_mul_4(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_256_mod_4(ctx->x, ctx->x, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_256_norm_4(ctx->x);
-        carry = sp_256_add_4(ctx->s, ctx->e, ctx->x);
-        sp_256_cond_sub_4(ctx->s, ctx->s,
-            p256_order, 0 - carry);
-        sp_256_norm_4(ctx->s);
-        c = sp_256_cmp_4(ctx->s, p256_order);
-        sp_256_cond_sub_4(ctx->s, ctx->s, p256_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_256_norm_4(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_256_mont_mul_order_4(ctx->s, ctx->s, ctx->kInv);
-        sp_256_norm_4(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_256_iszero_4(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_256_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_256_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 4U * 2U * 4U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mod_inv_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mod_inv_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2,
-    sp_digit* tmp)
-{
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_256_proj_point_add_avx2_4(p1, p1, p2, tmp);
-    }
-    else
-#endif
-        sp_256_proj_point_add_4(p1, p1, p2, tmp);
-    if (sp_256_iszero_4(p1->z)) {
-        if (sp_256_iszero_4(p1->x) && sp_256_iszero_4(p1->y)) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_256_proj_point_dbl_avx2_4(p1, p2, tmp);
-            }
-            else
-#endif
-                sp_256_proj_point_dbl_4(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            XMEMCPY(p1->z, p256_norm_mod, sizeof(p256_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_256_calc_vfy_point_4(sp_point_256* p1, sp_point_256* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_256_mod_inv_avx2_4(s, s, p256_order);
-    }
-    else
-#endif
-    {
-        sp_256_mod_inv_4(s, s, p256_order);
-    }
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mul_avx2_4(s, s, p256_norm_order);
-        }
-        else
-#endif
-        {
-            sp_256_mul_4(s, s, p256_norm_order);
-        }
-        err = sp_256_mod_4(s, s, p256_order);
-    }
-    if (err == MP_OKAY) {
-        sp_256_norm_4(s);
-#ifdef WOLFSSL_SP_SMALL
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_inv_order_avx2_4(s, s, tmp);
-            sp_256_mont_mul_order_avx2_4(u1, u1, s);
-            sp_256_mont_mul_order_avx2_4(u2, u2, s);
-        }
-        else
-#endif
-        {
-            sp_256_mont_inv_order_4(s, s, tmp);
-            sp_256_mont_mul_order_4(u1, u1, s);
-            sp_256_mont_mul_order_4(u2, u2, s);
-        }
-#else
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_mul_order_avx2_4(u1, u1, s);
-            sp_256_mont_mul_order_avx2_4(u2, u2, s);
-        }
-        else
-#endif
-        {
-            sp_256_mont_mul_order_4(u1, u1, s);
-            sp_256_mont_mul_order_4(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_base_avx2_4(p1, u1, 0, 0, heap);
-        }
-        else
-#endif
-        {
-            err = sp_256_ecc_mulmod_base_4(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_4(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_avx2_4(p2, p2, u2, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_4(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_256_iszero_4(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_256_add_points_4(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_256(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 4);
-    SP_DECL_VAR(sp_point_256, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_256* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 4, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 4;
-        s   = u1 + 4 * 4;
-        tmp = u1 + 6 * 4;
-        p2 = p1 + 1;
-
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(u1, 4, hash, (int)hashLen);
-        sp_256_from_mp(u2, 4, rm);
-        sp_256_from_mp(s, 4, sm);
-        sp_256_from_mp(p2->x, 4, pX);
-        sp_256_from_mp(p2->y, 4, pY);
-        sp_256_from_mp(p2->z, 4, pZ);
-
-        err = sp_256_calc_vfy_point_4(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(u2, 4, rm);
-        err = sp_256_mod_mul_norm_4(u2, u2, p256_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_sqr_avx2_4(p1->z, p1->z, p256_mod, p256_mp_mod);
-        }
-        else
-#endif
-            sp_256_mont_sqr_4(p1->z, p1->z, p256_mod, p256_mp_mod);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_mul_avx2_4(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        }
-        else
-#endif
-            sp_256_mont_mul_4(u1, u2, p1->z, p256_mod, p256_mp_mod);
-        *res = (int)(sp_256_cmp_4(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_256_from_mp(u2, 4, rm);
-            carry = sp_256_add_4(u2, u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_4(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_4(u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_4(u2, u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    sp_256_mont_mul_avx2_4(u1, u2, p1->z, p256_mod,
-                        p256_mp_mod);
-                }
-                else
-#endif
-                {
-                    sp_256_mont_mul_4(u1, u2, p1->z, p256_mod, p256_mp_mod);
-                }
-                *res = (sp_256_cmp_4(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_256_ctx {
-    int state;
-    union {
-        sp_256_ecc_mulmod_4_ctx mulmod_ctx;
-        sp_256_mont_inv_order_4_ctx mont_inv_order_ctx;
-        sp_256_proj_point_dbl_4_ctx dbl_ctx;
-        sp_256_proj_point_add_4_ctx add_ctx;
-    };
-    sp_digit u1[2*4];
-    sp_digit u2[2*4];
-    sp_digit s[2*4];
-    sp_digit tmp[2*4 * 6];
-    sp_point_256 p1;
-    sp_point_256 p2;
-} sp_ecc_verify_256_ctx;
-
-int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_256_ctx* ctx = (sp_ecc_verify_256_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_256_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 32U) {
-            hashLen = 32U;
-        }
-
-        sp_256_from_bin(ctx->u1, 4, hash, (int)hashLen);
-        sp_256_from_mp(ctx->u2, 4, rm);
-        sp_256_from_mp(ctx->s, 4, sm);
-        sp_256_from_mp(ctx->p2.x, 4, pX);
-        sp_256_from_mp(ctx->p2.y, 4, pY);
-        sp_256_from_mp(ctx->p2.z, 4, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_256_mul_4(ctx->s, ctx->s, p256_norm_order);
-        err = sp_256_mod_4(ctx->s, ctx->s, p256_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_256_norm_4(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_256_mont_inv_order_4_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_256_mont_mul_order_4(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_256_mont_mul_order_4(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p256_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_4(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_256_ecc_mulmod_4_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_256_iszero_4(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_256_proj_point_add_4_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_256_from_mp(ctx->u2, 4, rm);
-        err = sp_256_mod_mul_norm_4(ctx->u2, ctx->u2, p256_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_256_mont_sqr_4(ctx->p1.z, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_256_mont_mul_4(ctx->u1, ctx->u2, ctx->p1.z, p256_mod, p256_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_256_cmp_4(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_256_from_mp(ctx->u2, 4, rm);
-            carry = sp_256_add_4(ctx->u2, ctx->u2, p256_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_256_norm_4(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_256_cmp_4(ctx->u2, p256_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_256_mod_mul_norm_4(ctx->u2, ctx->u2, p256_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_256_mont_mul_4(ctx->u1, ctx->u2, ctx->p1.z, p256_mod,
-                                                            p256_mp_mod);
-                *res = (int)(sp_256_cmp_4(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_256_ecc_is_point_4(const sp_point_256* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 4;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_256_sqr_4(t1, point->y);
-        (void)sp_256_mod_4(t1, t1, p256_mod);
-        sp_256_sqr_4(t2, point->x);
-        (void)sp_256_mod_4(t2, t2, p256_mod);
-        sp_256_mul_4(t2, t2, point->x);
-        (void)sp_256_mod_4(t2, t2, p256_mod);
-        sp_256_mont_sub_4(t1, t1, t2, p256_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_256_mont_add_4(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_4(t1, t1, point->x, p256_mod);
-        sp_256_mont_add_4(t1, t1, point->x, p256_mod);
-
-
-        if (sp_256_cmp_4(t1, p256_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_256, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_256, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(pub->x, 4, pX);
-        sp_256_from_mp(pub->y, 4, pY);
-        sp_256_from_bin(pub->z, 4, one, (int)sizeof(one));
-
-        err = sp_256_ecc_is_point_4(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_256(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 4);
-    SP_DECL_VAR(sp_point_256, pub, 2);
-    sp_point_256* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 256) ||
-        (mp_count_bits(pY) > 256) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 256)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 4, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_256_from_mp(pub->x, 4, pX);
-        sp_256_from_mp(pub->y, 4, pY);
-        sp_256_from_bin(pub->z, 4, one, (int)sizeof(one));
-        if (privm)
-            sp_256_from_mp(priv, 4, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_256_iszero_4(pub->x) != 0) &&
-            (sp_256_iszero_4(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_256_cmp_4(pub->x, p256_mod) >= 0) ||
-             (sp_256_cmp_4(pub->y, p256_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_256_ecc_is_point_4(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_256_ecc_mulmod_avx2_4(p, pub, p256_order, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_256_ecc_mulmod_4(p, pub, p256_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_256_iszero_4(p->x) == 0) ||
-                             (sp_256_iszero_4(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_256_ecc_mulmod_base_avx2_4(p, priv, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_256_ecc_mulmod_base_4(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_256_cmp_4(p->x, pub->x) != 0) ||
-                 (sp_256_cmp_4(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 6);
-    SP_DECL_VAR(sp_point_256, p, 2);
-    sp_point_256* q = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_256_from_mp(p->x, 4, pX);
-        sp_256_from_mp(p->y, 4, pY);
-        sp_256_from_mp(p->z, 4, pZ);
-        sp_256_from_mp(q->x, 4, qX);
-        sp_256_from_mp(q->y, 4, qY);
-        sp_256_from_mp(q->z, 4, qZ);
-        p->infinity = sp_256_iszero_4(p->x) &
-                      sp_256_iszero_4(p->y);
-        q->infinity = sp_256_iszero_4(q->x) &
-                      sp_256_iszero_4(q->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_proj_point_add_avx2_4(p, p, q, tmp);
-        }
-        else
-#endif
-            sp_256_proj_point_add_4(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_256(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 2);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 4, pX);
-        sp_256_from_mp(p->y, 4, pY);
-        sp_256_from_mp(p->z, 4, pZ);
-        p->infinity = sp_256_iszero_4(p->x) &
-                      sp_256_iszero_4(p->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_proj_point_dbl_avx2_4(p, p, tmp);
-        }
-        else
-#endif
-            sp_256_proj_point_dbl_4(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_256(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 4 * 4);
-    SP_DECL_VAR(sp_point_256, p, 1);
-    int err = MP_OKAY;
-
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 4 * 4, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_256, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_256_from_mp(p->x, 4, pX);
-        sp_256_from_mp(p->y, 4, pY);
-        sp_256_from_mp(p->z, 4, pZ);
-        p->infinity = sp_256_iszero_4(p->x) &
-                      sp_256_iszero_4(p->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_map_avx2_4(p, p, tmp);
-        }
-        else
-#endif
-            sp_256_map_4(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_256_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_256_mont_sqrt_4(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 4 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, t1, 4 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 4;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_avx2_4(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_avx2_4(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_avx2_4(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_avx2_4(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_avx2_4(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_avx2_4(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_avx2_4(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_avx2_4(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_avx2_4(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_avx2_4(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_avx2_4(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-        else
-#endif
-        {
-            /* t2 = y ^ 0x2 */
-            sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_256_mont_mul_4(t1, t2, y, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xc */
-            sp_256_mont_sqr_n_4(t2, t1, 2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xf0 */
-            sp_256_mont_sqr_n_4(t2, t1, 4, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xff */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xff00 */
-            sp_256_mont_sqr_n_4(t2, t1, 8, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffff */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t2 = y ^ 0xffff0000 */
-            sp_256_mont_sqr_n_4(t2, t1, 16, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff */
-            sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000000 */
-            sp_256_mont_sqr_n_4(t1, t1, 32, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001 */
-            sp_256_mont_mul_4(t1, t1, y, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000000 */
-            sp_256_mont_sqr_n_4(t1, t1, 96, p256_mod, p256_mp_mod);
-            /* t1 = y ^ 0xffffffff00000001000000000000000000000001 */
-            sp_256_mont_mul_4(t1, t1, y, p256_mod, p256_mp_mod);
-            sp_256_mont_sqr_n_4(y, t1, 94, p256_mod, p256_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_256(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 4);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 4, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 4;
-
-        sp_256_from_mp(x, 4, xm);
-        err = sp_256_mod_mul_norm_4(x, x, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_256_mont_sqr_avx2_4(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_avx2_4(y, y, x, p256_mod, p256_mp_mod);
-        }
-        else
-#endif
-        {
-            sp_256_mont_sqr_4(y, x, p256_mod, p256_mp_mod);
-            sp_256_mont_mul_4(y, y, x, p256_mod, p256_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_256_mont_sub_4(y, y, x, p256_mod);
-        sp_256_mont_sub_4(y, y, x, p256_mod);
-        sp_256_mont_sub_4(y, y, x, p256_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_256_mod_mul_norm_4(x, p256_b, p256_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_256_mont_add_4(y, y, x, p256_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_256_mont_sqrt_4(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 4, 0, 4U * sizeof(sp_digit));
-        sp_256_mont_reduce_4(y, p256_mod, p256_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_256_mont_sub_4(y, p256_mod, y, p256_mod);
-        }
-
-        err = sp_256_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* !WOLFSSL_SP_NO_256 */
-#ifdef WOLFSSL_SP_384
-
-/* Point structure to use. */
-typedef struct sp_point_384 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 6];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 6];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 6];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_384;
-
-/* The modulus (prime) of the curve P384. */
-static const sp_digit p384_mod[6] = {
-    0x00000000ffffffffL,0xffffffff00000000L,0xfffffffffffffffeL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL
-};
-/* The Montgomery normalizer for modulus of the curve P384. */
-static const sp_digit p384_norm_mod[6] = {
-    0xffffffff00000001L,0x00000000ffffffffL,0x0000000000000001L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-/* The Montgomery multiplier for modulus of the curve P384. */
-static const sp_digit p384_mp_mod = 0x0000000100000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P384. */
-static const sp_digit p384_order[6] = {
-    0xecec196accc52973L,0x581a0db248b0a77aL,0xc7634d81f4372ddfL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P384 minus 2. */
-static const sp_digit p384_order2[6] = {
-    0xecec196accc52971L,0x581a0db248b0a77aL,0xc7634d81f4372ddfL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P384. */
-static const sp_digit p384_norm_order[6] = {
-    0x1313e695333ad68dL,0xa7e5f24db74f5885L,0x389cb27e0bc8d220L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P384. */
-static const sp_digit p384_mp_order = 0x6ed46089e88fdc45L;
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* The base point of curve P384. */
-static const sp_point_384 p384_base = {
-    /* X ordinate */
-    {
-        0x3a545e3872760ab7L,0x5502f25dbf55296cL,0x59f741e082542a38L,
-        0x6e1d3b628ba79b98L,0x8eb1c71ef320ad74L,0xaa87ca22be8b0537L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x7a431d7c90ea0e5fL,0x0a60b1ce1d7e819dL,0xe9da3113b5f0b8c0L,
-        0xf8f41dbd289a147cL,0x5d9e98bf9292dc29L,0x3617de4a96262c6fL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p384_b[6] = {
-    0x2a85c8edd3ec2aefL,0xc656398d8a2ed19dL,0x0314088f5013875aL,
-    0x181d9c6efe814112L,0x988e056be3f82d19L,0xb3312fa7e23ee7e4L
-};
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mul_6(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mul_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_sqr_6(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_sqr_avx2_6(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_384_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_384_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mod_mul_norm_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    SP_DECL_VAR(int64_t, t, 2 * 12);
-    int64_t* a32 = NULL;
-    int64_t o;
-    int err = MP_OKAY;
-
-    (void)m;
-
-    SP_ALLOC_VAR(int64_t, t, 2 * 12, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        a32 = t + 12;
-
-        a32[0] = (int64_t)(a[0] & 0xffffffff);
-        a32[1] = (int64_t)(a[0] >> 32);
-        a32[2] = (int64_t)(a[1] & 0xffffffff);
-        a32[3] = (int64_t)(a[1] >> 32);
-        a32[4] = (int64_t)(a[2] & 0xffffffff);
-        a32[5] = (int64_t)(a[2] >> 32);
-        a32[6] = (int64_t)(a[3] & 0xffffffff);
-        a32[7] = (int64_t)(a[3] >> 32);
-        a32[8] = (int64_t)(a[4] & 0xffffffff);
-        a32[9] = (int64_t)(a[4] >> 32);
-        a32[10] = (int64_t)(a[5] & 0xffffffff);
-        a32[11] = (int64_t)(a[5] >> 32);
-
-        /*  1  0  0  0  0  0  0  0  1  1  0 -1 */
-        t[0] = 0 + a32[0] + a32[8] + a32[9] - a32[11];
-        /* -1  1  0  0  0  0  0  0 -1  0  1  1 */
-        t[1] = 0 - a32[0] + a32[1] - a32[8] + a32[10] + a32[11];
-        /*  0 -1  1  0  0  0  0  0  0 -1  0  1 */
-        t[2] = 0 - a32[1] + a32[2] - a32[9] + a32[11];
-        /*  1  0 -1  1  0  0  0  0  1  1 -1 -1 */
-        t[3] = 0 + a32[0] - a32[2] + a32[3] + a32[8] + a32[9] - a32[10] - a32[11];
-        /*  1  1  0 -1  1  0  0  0  1  2  1 -2 */
-        t[4] = 0 + a32[0] + a32[1] - a32[3] + a32[4] + a32[8] + 2 * a32[9] + a32[10] -  2 * a32[11];
-        /*  0  1  1  0 -1  1  0  0  0  1  2  1 */
-        t[5] = 0 + a32[1] + a32[2] - a32[4] + a32[5] + a32[9] + 2 * a32[10] + a32[11];
-        /*  0  0  1  1  0 -1  1  0  0  0  1  2 */
-        t[6] = 0 + a32[2] + a32[3] - a32[5] + a32[6] + a32[10] + 2 * a32[11];
-        /*  0  0  0  1  1  0 -1  1  0  0  0  1 */
-        t[7] = 0 + a32[3] + a32[4] - a32[6] + a32[7] + a32[11];
-        /*  0  0  0  0  1  1  0 -1  1  0  0  0 */
-        t[8] = 0 + a32[4] + a32[5] - a32[7] + a32[8];
-        /*  0  0  0  0  0  1  1  0 -1  1  0  0 */
-        t[9] = 0 + a32[5] + a32[6] - a32[8] + a32[9];
-        /*  0  0  0  0  0  0  1  1  0 -1  1  0 */
-        t[10] = 0 + a32[6] + a32[7] - a32[9] + a32[10];
-        /*  0  0  0  0  0  0  0  1  1  0 -1  1 */
-        t[11] = 0 + a32[7] + a32[8] - a32[10] + a32[11];
-
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-        o     = t[11] >> 32; t[11] &= 0xffffffff;
-        t[0] += o;
-        t[1] -= o;
-        t[3] += o;
-        t[4] += o;
-        t[1] += t[0] >> 32; t[0] &= 0xffffffff;
-        t[2] += t[1] >> 32; t[1] &= 0xffffffff;
-        t[3] += t[2] >> 32; t[2] &= 0xffffffff;
-        t[4] += t[3] >> 32; t[3] &= 0xffffffff;
-        t[5] += t[4] >> 32; t[4] &= 0xffffffff;
-        t[6] += t[5] >> 32; t[5] &= 0xffffffff;
-        t[7] += t[6] >> 32; t[6] &= 0xffffffff;
-        t[8] += t[7] >> 32; t[7] &= 0xffffffff;
-        t[9] += t[8] >> 32; t[8] &= 0xffffffff;
-        t[10] += t[9] >> 32; t[9] &= 0xffffffff;
-        t[11] += t[10] >> 32; t[10] &= 0xffffffff;
-
-        r[0] = (sp_digit)((t[1] << 32) | t[0]);
-        r[1] = (sp_digit)((t[3] << 32) | t[2]);
-        r[2] = (sp_digit)((t[5] << 32) | t[4]);
-        r[3] = (sp_digit)((t[7] << 32) | t[6]);
-        r[4] = (sp_digit)((t[9] << 32) | t[8]);
-        r[5] = (sp_digit)((t[11] << 32) | t[10]);
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_384.
- *
- * p   Point of type sp_point_384 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_384_point_from_ecc_point_6(sp_point_384* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_384_from_mp(p->x, 6, pm->x);
-    sp_384_from_mp(p->y, 6, pm->y);
-    sp_384_from_mp(p->z, 6, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_384_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (384 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 6);
-        r->used = 6;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 6; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 6; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (384 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_384 to type ecc_point.
- *
- * p   Point of type sp_point_384.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_384_point_to_ecc_point_6(const sp_point_384* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_384_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_cond_copy_6(sp_digit* r, const sp_digit* a, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_384_cond_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_reduce_6(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_6(r, a, b);
-    sp_384_mont_reduce_6(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_6(r, a);
-    sp_384_mont_reduce_6(r, m, mp);
-}
-
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_6(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_6(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P384 curve. */
-static const word64 p384_mod_minus_2[6] = {
-    0x00000000fffffffdU,0xffffffff00000000U,0xfffffffffffffffeU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_6(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 6);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_6(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_384_mont_mul_6(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 6);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 6;
-    sp_digit* t3 = td + 4 * 6;
-    sp_digit* t4 = td + 6 * 6;
-    sp_digit* t5 = td + 8 * 6;
-
-    /* 0x2 */
-    sp_384_mont_sqr_6(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_6(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_6(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_6(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_6(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_6(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_6(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_6(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_6(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_6(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_6(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_6(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_6(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_6(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_6(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_6(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_384_cmp_6(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_384_norm_6(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_6(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_int64 n;
-
-    sp_384_mont_inv_6(t1, p->z, t + 2*6);
-
-    sp_384_mont_sqr_6(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_6(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 6, 0, sizeof(sp_digit) * 6U);
-    sp_384_mont_reduce_6(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_6(r->x, p384_mod);
-    sp_384_cond_sub_6(r->x, r->x, p384_mod, (sp_digit)~(n >> 63));
-    sp_384_norm_6(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_6(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 6, 0, sizeof(sp_digit) * 6U);
-    sp_384_mont_reduce_6(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_6(r->y, p384_mod);
-    sp_384_cond_sub_6(r->y, r->y, p384_mod, (sp_digit)~(n >> 63));
-    sp_384_norm_6(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_6(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_6(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_6(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_6(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_6(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_6(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_6(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_6(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_6(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_6(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_6(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_6(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_6(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_6(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_6(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_6(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_6(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_6_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_6_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_6_ctx* ctx = (sp_384_proj_point_dbl_6_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*6;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_6(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_6(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_6(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_6(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_6(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_6(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_6(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_6(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_6(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_6(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_6(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_6(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_6(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_6(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*6;
-    sp_digit* b = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t2 = t + 8*6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_6(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_6(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_6(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_6(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_6(t2, b, p384_mod);
-        sp_384_mont_sub_6(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_6(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_6(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_6(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_6(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_6(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_6(t2, b, p384_mod);
-    sp_384_mont_sub_6(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_6(t2, b, x, p384_mod);
-    sp_384_mont_dbl_6(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_6(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_6(y, y, p384_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_384_cmp_equal_6(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_384_iszero_6(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_6(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*6;
-    sp_digit* t2 = t + 4*6;
-    sp_digit* t3 = t + 6*6;
-    sp_digit* t4 = t + 8*6;
-    sp_digit* t5 = t + 10*6;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_6(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_6(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_6(t2, t1) &
-            sp_384_cmp_equal_6(t4, t3)) {
-        sp_384_proj_point_dbl_6(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_6(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_6(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_6(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(x, x, t5, p384_mod);
-        sp_384_mont_mul_6(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_6(t3, y, p384_mod);
-        sp_384_mont_sub_6(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        sp_384_mont_mul_6(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_6_ctx {
-    int state;
-    sp_384_proj_point_dbl_6_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_6_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_6_ctx* ctx = (sp_384_proj_point_add_6_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*6;
-        ctx->t2 = t + 4*6;
-        ctx->t3 = t + 6*6;
-        ctx->t4 = t + 8*6;
-        ctx->t5 = t + 10*6;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_6(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_6(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_6(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_6(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_6(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_6(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_6(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_6(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_6(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_6(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_6(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_6(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_6(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_6(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_6(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_6(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_6(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_6(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_6(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_6(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_6(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_6(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_6(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
-        const sp_point_384* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*6;
-    sp_digit* b = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t2 = t + 8*6;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<6; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<6; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<6; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_6(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_6(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(w, w, p384_mod, p384_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_6(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_6(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_6(t2, b, p384_mod);
-        sp_384_mont_sub_6(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_6(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_6(r[j].z, z, y, p384_mod, p384_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_6(t1, t1, p384_mod, p384_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_6(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, y, t1, p384_mod);
-        /* Y = Y/2 */
-        sp_384_mont_div2_6(r[j].y, y, p384_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_384_proj_point_add_sub_6(sp_point_384* ra,
-        sp_point_384* rs, const sp_point_384* p, const sp_point_384* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t1, xa, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_6(t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t4, t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_6(t3, t3, ya, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-    /* H = U2 - U1 */
-    sp_384_mont_sub_6(t2, t2, t1, p384_mod);
-    /* RS = S2 + S1 */
-    sp_384_mont_add_6(t6, t4, t3, p384_mod);
-    /* R = S2 - S1 */
-    sp_384_mont_sub_6(t4, t4, t3, p384_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_384_mont_mul_6(za, za, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(za, za, t2, p384_mod, p384_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_384_mont_sqr_6(xa, t4, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(xs, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(ya, t1, t5, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(xa, xa, t5, p384_mod);
-    sp_384_mont_sub_6(xs, xs, t5, p384_mod);
-    sp_384_mont_dbl_6(t1, ya, p384_mod);
-    sp_384_mont_sub_6(xa, xa, t1, p384_mod);
-    sp_384_mont_sub_6(xs, xs, t1, p384_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_6(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_6(ya, ya, xa, p384_mod);
-    sp_384_mont_mul_6(ya, ya, t4, p384_mod, p384_mp_mod);
-    sp_384_sub_6(t6, p384_mod, t6);
-    sp_384_mont_mul_6(ys, ys, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t5, t5, t3, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_6(ya, ya, t5, p384_mod);
-    sp_384_mont_sub_6(ys, ys, t5, p384_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_384 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_384;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_6_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_6_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<65; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 64) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 64) {
-            n >>= 6;
-            if (++j < 6)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 6) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x3f);
-            o -= 58;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_6_6[y];
-        v[i].neg = recode_neg_6_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_get_point_33_6(sp_point_384* r, const sp_point_384* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_get_point_33_avx2_6(sp_point_384* r, const sp_point_384* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    sp_point_384* rt = NULL;
-    sp_point_384* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_384 v[65];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_6(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t[1].y, g->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t[1].z, g->z, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_384_proj_point_dbl_n_store_6(t, &t[ 1], 5, 1, tmp);
-        sp_384_proj_point_add_6(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[ 6], &t[ 3], tmp);
-        sp_384_proj_point_add_sub_6(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[10], &t[ 5], tmp);
-        sp_384_proj_point_add_sub_6(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[12], &t[ 6], tmp);
-        sp_384_proj_point_dbl_6(&t[14], &t[ 7], tmp);
-        sp_384_proj_point_add_sub_6(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[18], &t[ 9], tmp);
-        sp_384_proj_point_add_sub_6(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[20], &t[10], tmp);
-        sp_384_proj_point_dbl_6(&t[22], &t[11], tmp);
-        sp_384_proj_point_add_sub_6(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[24], &t[12], tmp);
-        sp_384_proj_point_dbl_6(&t[26], &t[13], tmp);
-        sp_384_proj_point_add_sub_6(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_384_proj_point_dbl_6(&t[28], &t[14], tmp);
-        sp_384_proj_point_dbl_6(&t[30], &t[15], tmp);
-        sp_384_proj_point_add_sub_6(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_384_ecc_recode_6_6(k, v);
-
-        i = 64;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_33_6(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_384));
-        }
-        for (--i; i>=0; i--) {
-            sp_384_proj_point_dbl_n_6(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_33_6(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_384));
-            }
-            sp_384_sub_6(negy, p384_mod, p->y);
-            sp_384_norm_6(negy);
-            sp_384_cond_copy_6(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_384_proj_point_add_6(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_384_map_6(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef HAVE_INTEL_AVX2
-#define sp_384_mod_mul_norm_avx2_6 sp_384_mod_mul_norm_6
-#ifdef HAVE_INTEL_AVX2
-#define sp_384_mont_reduce_avx2_6         sp_384_mont_reduce_6
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_reduce_order_avx2_6(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mul_avx2_6(r, a, b);
-    sp_384_mont_reduce_avx2_6(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_384_sqr_avx2_6(r, a);
-    sp_384_mont_reduce_avx2_6(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_384_mont_sqr_n_avx2_6(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_384_mont_sqr_avx2_6(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_384_mont_sqr_avx2_6(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL || HAVE_COMP_KEY */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P384 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_384_mont_inv_avx2_6(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 6);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_avx2_6(t, t, p384_mod, p384_mp_mod);
-        if (p384_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_384_mont_mul_avx2_6(t, t, a, p384_mod, p384_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 6);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 6;
-    sp_digit* t3 = td + 4 * 6;
-    sp_digit* t4 = td + 6 * 6;
-    sp_digit* t5 = td + 8 * 6;
-
-    /* 0x2 */
-    sp_384_mont_sqr_avx2_6(t1, a, p384_mod, p384_mp_mod);
-    /* 0x3 */
-    sp_384_mont_mul_avx2_6(t5, t1, a, p384_mod, p384_mp_mod);
-    /* 0xc */
-    sp_384_mont_sqr_n_avx2_6(t1, t5, 2, p384_mod, p384_mp_mod);
-    /* 0xf */
-    sp_384_mont_mul_avx2_6(t2, t5, t1, p384_mod, p384_mp_mod);
-    /* 0x1e */
-    sp_384_mont_sqr_avx2_6(t1, t2, p384_mod, p384_mp_mod);
-    /* 0x1f */
-    sp_384_mont_mul_avx2_6(t4, t1, a, p384_mod, p384_mp_mod);
-    /* 0x3e0 */
-    sp_384_mont_sqr_n_avx2_6(t1, t4, 5, p384_mod, p384_mp_mod);
-    /* 0x3ff */
-    sp_384_mont_mul_avx2_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x7fe0 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 5, p384_mod, p384_mp_mod);
-    /* 0x7fff */
-    sp_384_mont_mul_avx2_6(t4, t4, t1, p384_mod, p384_mp_mod);
-    /* 0x3fff8000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t4, 15, p384_mod, p384_mp_mod);
-    /* 0x3fffffff */
-    sp_384_mont_mul_avx2_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffc */
-    sp_384_mont_sqr_n_avx2_6(t3, t2, 2, p384_mod, p384_mp_mod);
-    /* 0xfffffffd */
-    sp_384_mont_mul_avx2_6(r, t3, a, p384_mod, p384_mp_mod);
-    /* 0xffffffff */
-    sp_384_mont_mul_avx2_6(t3, t5, t3, p384_mod, p384_mp_mod);
-    /* 0xfffffffc0000000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 30, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff */
-    sp_384_mont_mul_avx2_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffff000000000000000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 60, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_avx2_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 120, p384_mod, p384_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_avx2_6(t2, t2, t1, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 15, p384_mod, p384_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_384_mont_mul_avx2_6(t2, t4, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe00000000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 33, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff */
-    sp_384_mont_mul_avx2_6(t2, t3, t1, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_avx2_6(t1, t2, 96, p384_mod, p384_mp_mod);
-    /* 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffd */
-    sp_384_mont_mul_avx2_6(r, r, t1, p384_mod, p384_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_384_cond_sub_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_384_map_avx2_6(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_int64 n;
-
-    sp_384_mont_inv_avx2_6(t1, p->z, t + 2*6);
-
-    sp_384_mont_sqr_avx2_6(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    /* x /= z^2 */
-    sp_384_mont_mul_avx2_6(r->x, p->x, t2, p384_mod, p384_mp_mod);
-    XMEMSET(r->x + 6, 0, sizeof(sp_digit) * 6U);
-    sp_384_mont_reduce_avx2_6(r->x, p384_mod, p384_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_384_cmp_6(r->x, p384_mod);
-    sp_384_cond_sub_6(r->x, r->x, p384_mod, (sp_digit)~(n >> 63));
-    sp_384_norm_6(r->x);
-
-    /* y /= z^3 */
-    sp_384_mont_mul_avx2_6(r->y, p->y, t1, p384_mod, p384_mp_mod);
-    XMEMSET(r->y + 6, 0, sizeof(sp_digit) * 6U);
-    sp_384_mont_reduce_avx2_6(r->y, p384_mod, p384_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_384_cmp_6(r->y, p384_mod);
-    sp_384_cond_sub_6(r->y, r->y, p384_mod, (sp_digit)~(n >> 63));
-    sp_384_norm_6(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#define sp_384_mont_add_avx2_6 sp_384_mont_add_6
-#define sp_384_mont_dbl_avx2_6 sp_384_mont_dbl_6
-#define sp_384_mont_tpl_avx2_6 sp_384_mont_tpl_6
-#define sp_384_mont_sub_avx2_6 sp_384_mont_sub_6
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_div2_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_avx2_6(sp_point_384* r, const sp_point_384* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_384_mont_sqr_avx2_6(t1, p->z, p384_mod, p384_mp_mod);
-    /* Z = Y * Z */
-    sp_384_mont_mul_avx2_6(z, p->y, p->z, p384_mod, p384_mp_mod);
-    /* Z = 2Z */
-    sp_384_mont_dbl_avx2_6(z, z, p384_mod);
-    /* T2 = X - T1 */
-    sp_384_mont_sub_avx2_6(t2, p->x, t1, p384_mod);
-    /* T1 = X + T1 */
-    sp_384_mont_add_avx2_6(t1, p->x, t1, p384_mod);
-    /* T2 = T1 * T2 */
-    sp_384_mont_mul_avx2_6(t2, t1, t2, p384_mod, p384_mp_mod);
-    /* T1 = 3T2 */
-    sp_384_mont_tpl_avx2_6(t1, t2, p384_mod);
-    /* Y = 2Y */
-    sp_384_mont_dbl_avx2_6(y, p->y, p384_mod);
-    /* Y = Y * Y */
-    sp_384_mont_sqr_avx2_6(y, y, p384_mod, p384_mp_mod);
-    /* T2 = Y * Y */
-    sp_384_mont_sqr_avx2_6(t2, y, p384_mod, p384_mp_mod);
-    /* T2 = T2/2 */
-    sp_384_mont_div2_avx2_6(t2, t2, p384_mod);
-    /* Y = Y * X */
-    sp_384_mont_mul_avx2_6(y, y, p->x, p384_mod, p384_mp_mod);
-    /* X = T1 * T1 */
-    sp_384_mont_sqr_avx2_6(x, t1, p384_mod, p384_mp_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_avx2_6(x, x, y, p384_mod);
-    /* X = X - Y */
-    sp_384_mont_sub_avx2_6(x, x, y, p384_mod);
-    /* Y = Y - X */
-    sp_384_mont_sub_avx2_6(y, y, x, p384_mod);
-    /* Y = Y * T1 */
-    sp_384_mont_mul_avx2_6(y, y, t1, p384_mod, p384_mp_mod);
-    /* Y = Y - T2 */
-    sp_384_mont_sub_avx2_6(y, y, t2, p384_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_dbl_avx2_6_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_dbl_avx2_6_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-        const sp_point_384* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_dbl_avx2_6_ctx* ctx = (sp_384_proj_point_dbl_avx2_6_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_dbl_avx2_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*6;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_384_mont_sqr_avx2_6(ctx->t1, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_384_mont_mul_avx2_6(ctx->z, p->y, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_384_mont_dbl_avx2_6(ctx->z, ctx->z, p384_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_384_mont_sub_avx2_6(ctx->t2, p->x, ctx->t1, p384_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_384_mont_add_avx2_6(ctx->t1, p->x, ctx->t1, p384_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_384_mont_mul_avx2_6(ctx->t2, ctx->t1, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_384_mont_tpl_avx2_6(ctx->t1, ctx->t2, p384_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_384_mont_dbl_avx2_6(ctx->y, p->y, p384_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_384_mont_sqr_avx2_6(ctx->y, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_384_mont_sqr_avx2_6(ctx->t2, ctx->y, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_384_mont_div2_avx2_6(ctx->t2, ctx->t2, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_384_mont_mul_avx2_6(ctx->y, ctx->y, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_384_mont_sqr_avx2_6(ctx->x, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_384_mont_sub_avx2_6(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_384_mont_sub_avx2_6(ctx->x, ctx->x, ctx->y, p384_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_384_mont_mul_avx2_6(ctx->y, ctx->y, ctx->t1, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->t2, p384_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*6;
-    sp_digit* b = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t2 = t + 8*6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_avx2_6(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_avx2_6(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_avx2_6(w, w, p384_mod, p384_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_avx2_6(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
-        sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_avx2_6(z, z, y, p384_mod, p384_mp_mod);
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_avx2_6(t1, t1, p384_mod, p384_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_avx2_6(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_avx2_6(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
-    /* B = X*Y^2 */
-    sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
-    /* X = A^2 - 2B */
-    sp_384_mont_sqr_avx2_6(x, a, p384_mod, p384_mp_mod);
-    sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
-    sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
-    /* B = 2.(B - X) */
-    sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
-    sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
-    /* Z = Z*Y */
-    sp_384_mont_mul_avx2_6(z, z, y, p384_mod, p384_mp_mod);
-    /* t1 = Y^4 */
-    sp_384_mont_sqr_avx2_6(t1, t1, p384_mod, p384_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_384_mont_mul_avx2_6(y, b, a, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_384_mont_div2_avx2_6(y, y, p384_mod);
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
-        const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*6;
-    sp_digit* t2 = t + 4*6;
-    sp_digit* t3 = t + 6*6;
-    sp_digit* t4 = t + 8*6;
-    sp_digit* t5 = t + 10*6;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_avx2_6(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t1, t1, p->x, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_avx2_6(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_avx2_6(t3, t3, p->y, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_avx2_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_6(t2, t1) &
-            sp_384_cmp_equal_6(t4, t3)) {
-        sp_384_proj_point_dbl_avx2_6(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
-        /* R = S2 - S1 */
-        sp_384_mont_sub_avx2_6(t4, t4, t3, p384_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_avx2_6(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(y, t1, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t5, t5, t2, p384_mod, p384_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_avx2_6(z, p->z, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(z, z, q->z, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_avx2_6(x, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(x, x, t5, p384_mod);
-        sp_384_mont_mul_avx2_6(t5, t5, t3, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_avx2_6(t3, y, p384_mod);
-        sp_384_mont_sub_avx2_6(x, x, t3, p384_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_avx2_6(y, y, x, p384_mod);
-        sp_384_mont_mul_avx2_6(y, y, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(y, y, t5, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_proj_point_add_avx2_6_ctx {
-    int state;
-    sp_384_proj_point_dbl_avx2_6_ctx dbl_ctx;
-    const sp_point_384* ap[2];
-    sp_point_384* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_384_proj_point_add_avx2_6_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_proj_point_add_avx2_6_ctx* ctx = (sp_384_proj_point_add_avx2_6_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_384* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_384_proj_point_add_avx2_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*6;
-        ctx->t2 = t + 4*6;
-        ctx->t3 = t + 6*6;
-        ctx->t4 = t + 8*6;
-        ctx->t5 = t + 10*6;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_384_mont_sqr_avx2_6(ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_384_mont_mul_avx2_6(ctx->t3, ctx->t1, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_384_mont_mul_avx2_6(ctx->t1, ctx->t1, p->x, p384_mod, p384_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_384_mont_sqr_avx2_6(ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_384_mont_mul_avx2_6(ctx->t4, ctx->t2, p->z, p384_mod, p384_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_384_mont_mul_avx2_6(ctx->t2, ctx->t2, q->x, p384_mod, p384_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_384_mont_mul_avx2_6(ctx->t3, ctx->t3, p->y, p384_mod, p384_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_384_mont_mul_avx2_6(ctx->t4, ctx->t4, q->y, p384_mod, p384_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_384_cmp_equal_6(ctx->t2, ctx->t1) &
-                sp_384_cmp_equal_6(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_384_proj_point_dbl_avx2_6(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_384_mont_sub_avx2_6(ctx->t2, ctx->t2, ctx->t1, p384_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_384_mont_sub_avx2_6(ctx->t4, ctx->t4, ctx->t3, p384_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_384_mont_sqr_avx2_6(ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_384_mont_mul_avx2_6(ctx->y, ctx->t1, ctx->t5, p384_mod, p384_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_384_mont_mul_avx2_6(ctx->t5, ctx->t5, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_384_mont_mul_avx2_6(ctx->z, p->z, ctx->t2, p384_mod, p384_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_384_mont_mul_avx2_6(ctx->z, ctx->z, q->z, p384_mod, p384_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_384_mont_sqr_avx2_6(ctx->x, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_384_mont_sub_avx2_6(ctx->x, ctx->x, ctx->t5, p384_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_384_mont_mul_avx2_6(ctx->t5, ctx->t5, ctx->t3, p384_mod, p384_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_384_mont_dbl_avx2_6(ctx->t3, ctx->y, p384_mod);
-        sp_384_mont_sub_avx2_6(ctx->x, ctx->x, ctx->t3, p384_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_384_mont_mul_avx2_6(ctx->y, ctx->y, ctx->t4, p384_mod, p384_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->t5, p384_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
-        const sp_point_384* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*6;
-    sp_digit* b = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t2 = t + 8*6;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<6; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<6; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<6; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_384_mont_dbl_avx2_6(y, y, p384_mod);
-    /* W = Z^4 */
-    sp_384_mont_sqr_avx2_6(w, z, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_avx2_6(w, w, p384_mod, p384_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
-        /* B = X*Y^2 */
-        sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_384_mont_sqr_avx2_6(x, a, p384_mod, p384_mp_mod);
-        sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
-        sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
-        /* B = 2.(B - X) */
-        sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
-        /* Z = Z*Y */
-        sp_384_mont_mul_avx2_6(r[j].z, z, y, p384_mod, p384_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_384_mont_sqr_avx2_6(t1, t1, p384_mod, p384_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_384_mont_mul_avx2_6(w, w, t1, p384_mod, p384_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_384_mont_mul_avx2_6(y, b, a, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
-        /* Y = Y/2 */
-        sp_384_mont_div2_avx2_6(r[j].y, y, p384_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_384_proj_point_add_sub_avx2_6(sp_point_384* ra,
-        sp_point_384* rs, const sp_point_384* p, const sp_point_384* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_384_mont_sqr_avx2_6(t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t3, t1, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t1, t1, xa, p384_mod, p384_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_avx2_6(t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t4, t2, za, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_384_mont_mul_avx2_6(t3, t3, ya, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_avx2_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-    /* H = U2 - U1 */
-    sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
-    /* RS = S2 + S1 */
-    sp_384_mont_add_avx2_6(t6, t4, t3, p384_mod);
-    /* R = S2 - S1 */
-    sp_384_mont_sub_avx2_6(t4, t4, t3, p384_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_384_mont_mul_avx2_6(za, za, q->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(za, za, t2, p384_mod, p384_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_384_mont_sqr_avx2_6(xa, t4, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_avx2_6(xs, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_sqr_avx2_6(t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(ya, t1, t5, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t5, t5, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_avx2_6(xa, xa, t5, p384_mod);
-    sp_384_mont_sub_avx2_6(xs, xs, t5, p384_mod);
-    sp_384_mont_dbl_avx2_6(t1, ya, p384_mod);
-    sp_384_mont_sub_avx2_6(xa, xa, t1, p384_mod);
-    sp_384_mont_sub_avx2_6(xs, xs, t1, p384_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_avx2_6(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_avx2_6(ya, ya, xa, p384_mod);
-    sp_384_mont_mul_avx2_6(ya, ya, t4, p384_mod, p384_mp_mod);
-    sp_384_sub_6(t6, p384_mod, t6);
-    sp_384_mont_mul_avx2_6(ys, ys, t6, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t5, t5, t3, p384_mod, p384_mp_mod);
-    sp_384_mont_sub_avx2_6(ya, ya, t5, p384_mod);
-    sp_384_mont_sub_avx2_6(ys, ys, t5, p384_mod);
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_win_add_sub_avx2_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    sp_point_384* rt = NULL;
-    sp_point_384* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_384 v[65];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_384_mod_mul_norm_avx2_6(t[1].x, g->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_avx2_6(t[1].y, g->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_avx2_6(t[1].z, g->z, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_384_proj_point_dbl_n_store_avx2_6(t, &t[ 1], 5, 1, tmp);
-        sp_384_proj_point_add_avx2_6(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[ 6], &t[ 3], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[10], &t[ 5], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[12], &t[ 6], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[14], &t[ 7], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[18], &t[ 9], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[20], &t[10], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[22], &t[11], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[24], &t[12], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[26], &t[13], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[28], &t[14], tmp);
-        sp_384_proj_point_dbl_avx2_6(&t[30], &t[15], tmp);
-        sp_384_proj_point_add_sub_avx2_6(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_384_ecc_recode_6_6(k, v);
-
-        i = 64;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_point_33_avx2_6(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_384));
-        }
-        for (--i; i>=0; i--) {
-            sp_384_proj_point_dbl_n_avx2_6(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_point_33_avx2_6(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_384));
-            }
-            sp_384_sub_6(negy, p384_mod, p->y);
-            sp_384_norm_6(negy);
-            sp_384_cond_copy_6(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_384_proj_point_add_avx2_6(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_384_map_avx2_6(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_384 {
-    sp_digit x[6];
-    sp_digit y[6];
-} sp_table_entry_384;
-
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*6;
-    sp_digit* t6 = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t4 = t + 8*6;
-    sp_digit* t5 = t + 10*6;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_6(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_6(p->x, t2) &
-            sp_384_cmp_equal_6(p->y, t4)) {
-        sp_384_proj_point_dbl_6(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_6(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_6(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_6(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_6(t5, t3, p384_mod);
-        sp_384_mont_sub_6(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_6(t3, t3, x, p384_mod);
-        sp_384_mont_mul_6(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_6(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 6;
-    sp_digit* tmp = t + 4 * 6;
-
-    sp_384_mont_inv_6(t1, a->z, tmp);
-
-    sp_384_mont_sqr_6(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_6(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_6(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 64 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_6(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_6(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_6(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_6(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_384_proj_point_dbl_n_6(t, 64, tmp);
-            sp_384_proj_to_affine_6(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_6(t, s1, s2, tmp);
-                sp_384_proj_to_affine_6(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_get_entry_64_6(sp_point_384* r, const sp_table_entry_384* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_get_entry_64_avx2_6(sp_point_384* r, const sp_table_entry_384* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 63;
-        for (j=0; j<6; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 64;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_64_6(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=62; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 64;
-            }
-
-            sp_384_proj_point_dbl_6(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_64_6(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_6(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_6(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_384_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[6];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[6];
-    /* Precomputation table for point. */
-    sp_table_entry_384 table[64];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_384_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_384_t sp_cache_384[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_384_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_384_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_384 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_384_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_384_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_384_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_384[i].set = 0;
-        }
-        sp_cache_384_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_384[i].set)
-            continue;
-
-        if (sp_384_cmp_equal_6(g->x, sp_cache_384[i].x) &
-                           sp_384_cmp_equal_6(g->y, sp_cache_384[i].y)) {
-            sp_cache_384[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_384_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_384_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_384[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_384_last) {
-            least = sp_cache_384[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_384[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_384[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_384[i].x, g->x, sizeof(sp_cache_384[i].x));
-        XMEMCPY(sp_cache_384[i].y, g->y, sizeof(sp_cache_384[i].y));
-        sp_cache_384[i].set = 1;
-        sp_cache_384[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_384[i];
-    sp_cache_384_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_6(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_6(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#ifdef HAVE_INTEL_AVX2
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
-    const sp_point_384* p, const sp_point_384* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*6;
-    sp_digit* t6 = t + 4*6;
-    sp_digit* t1 = t + 6*6;
-    sp_digit* t4 = t + 8*6;
-    sp_digit* t5 = t + 10*6;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_384_mont_sqr_avx2_6(t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t4, t2, p->z, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t2, t2, q->x, p384_mod, p384_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_384_mont_mul_avx2_6(t4, t4, q->y, p384_mod, p384_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_384_cmp_equal_6(p->x, t2) &
-            sp_384_cmp_equal_6(p->y, t4)) {
-        sp_384_proj_point_dbl_avx2_6(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_384_mont_sub_avx2_6(t2, t2, p->x, p384_mod);
-        /* R = S2 - Y1 */
-        sp_384_mont_sub_avx2_6(t4, t4, p->y, p384_mod);
-        /* Z3 = H*Z1 */
-        sp_384_mont_mul_avx2_6(z, p->z, t2, p384_mod, p384_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_avx2_6(t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t3, p->x, t1, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t1, t1, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_avx2_6(t2, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
-        sp_384_mont_dbl_avx2_6(t5, t3, p384_mod);
-        sp_384_mont_sub_avx2_6(x, t2, t5, p384_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_avx2_6(t3, t3, x, p384_mod);
-        sp_384_mont_mul_avx2_6(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t1, t1, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(y, t3, t1, p384_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 6; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 6; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_384_proj_to_affine_avx2_6(sp_point_384* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 6;
-    sp_digit* tmp = t + 4 * 6;
-
-    sp_384_mont_inv_avx2_6(t1, a->z, tmp);
-
-    sp_384_mont_sqr_avx2_6(t2, t1, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(t1, t2, t1, p384_mod, p384_mp_mod);
-
-    sp_384_mont_mul_avx2_6(a->x, a->x, t2, p384_mod, p384_mp_mod);
-    sp_384_mont_mul_avx2_6(a->y, a->y, t1, p384_mod, p384_mp_mod);
-    XMEMCPY(a->z, p384_norm_mod, sizeof(p384_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 64 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_384_gen_stripe_table_avx2_6(const sp_point_384* a,
-        sp_table_entry_384* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, t, 3);
-    sp_point_384* s1 = NULL;
-    sp_point_384* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_384, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_384_mod_mul_norm_avx2_6(t->x, a->x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_avx2_6(t->y, a->y, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_mod_mul_norm_avx2_6(t->z, a->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_384_proj_to_affine_avx2_6(t, tmp);
-
-        XMEMCPY(s1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p384_norm_mod, sizeof(p384_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_384));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_384_proj_point_dbl_n_avx2_6(t, 64, tmp);
-            sp_384_proj_to_affine_avx2_6(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_384_proj_point_add_qz1_avx2_6(t, s1, s2, tmp);
-                sp_384_proj_to_affine_avx2_6(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_stripe_avx2_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        y = 0;
-        x = 63;
-        for (j=0; j<6; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 64;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_64_avx2_6(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=62; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 64;
-            }
-
-            sp_384_proj_point_dbl_avx2_6(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_64_avx2_6(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_384_proj_point_add_qz1_avx2_6(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_384_map_avx2_6(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_384_ecc_mulmod_win_add_sub_avx2_6(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 7);
-    sp_cache_384_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 7, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_384 == 0) {
-            wc_InitMutex(&sp_cache_384_lock);
-            initCacheMutex_384 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_384_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_384(g, &cache);
-        if (cache->cnt == 2)
-            sp_384_gen_stripe_table_avx2_6(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_384_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_384_ecc_mulmod_win_add_sub_avx2_6(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_384_ecc_mulmod_stripe_avx2_6(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 6);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 6, km);
-        sp_384_point_from_ecc_point_6(point, gm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_avx2_6(point, point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_6(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 6 + 6 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6 + 6 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 6;
-
-        sp_384_from_mp(k, 6, km);
-        sp_384_point_from_ecc_point_6(point, gm);
-        sp_384_point_from_ecc_point_6(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_avx2_6(point, point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_6(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_proj_point_add_avx2_6(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_384_proj_point_add_6(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_384_map_avx2_6(point, point, tmp);
-            }
-            else
-#endif
-                sp_384_map_6(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 6 points combined into a table of 64 points.
- * Distance of 64 between points.
- */
-static const sp_table_entry_384 p384_table[64] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0x3dd0756649c0b528L,0x20e378e2a0d6ce38L,0x879c3afc541b4d6eL,
-        0x6454868459a30effL,0x812ff723614ede2bL,0x4d3aadc2299e1513L },
-      { 0x23043dad4b03a4feL,0xa1bfa8bf7bb4a9acL,0x8bade7562e83b050L,
-        0xc6c3521968f4ffd9L,0xdd8002263969a840L,0x2b78abc25a15c5e9L } },
-    /* 2 */
-    { { 0xa54768dab1b43eefL,0x13e41f47e14fda22L,0x774df203faef6863L,
-        0xf795a034bd7471b3L,0xf0958718b47de2e9L,0xc92f7888e1160cffL },
-      { 0x86ded97b0146c790L,0x015918f5480a4b7bL,0x05588920424e8459L,
-        0x37455914eecf8b2bL,0xe7d3df1fb968a6faL,0x07a0ffd6bad0719fL } },
-    /* 3 */
-    { { 0xda37cd535c54db6fL,0x0e37890a91f06c5cL,0x1730ef7be7ae7db5L,
-        0x2b3dcd51ff045f54L,0xf5db3c3c72cc8451L,0x3165d6efcf0c185cL },
-      { 0x177c4f6bf5958d78L,0xcb29d22f8d676a9fL,0x3bcf0068792ac96dL,
-        0x60d1c6b719df5641L,0x426e412a68a099f8L,0xf9ca0c5c9f74d52bL } },
-    /* 4 */
-    { { 0xf186d6bcc88d568aL,0x872bc4c7528535ddL,0xc9e7432edfe64dc3L,
-        0xd9fc4832d795ea57L,0xf4ffdb81c845af2bL,0x66d7e7882b670517L },
-      { 0xa7c1be04d7b7a1c6L,0xbed88479d5b2a249L,0x62ff8aba03f2ef6dL,
-        0x60ecaac420dc701dL,0x9f4b559f4ff10119L,0x0582c9313cd54fd0L } },
-    /* 5 */
-    { { 0x394fb84de86e3f64L,0xfe4a36e7ff13314eL,0xa1e44b14dc261ec2L,
-        0x3924e50a7420408fL,0x637e330242ed7626L,0xeb657b10fd711ba4L },
-      { 0xc16d01c5340949bbL,0x30e043267f1f42c7L,0xe7465819b056d872L,
-        0x3386f1c6886fb3dbL,0x5be463a5be56f774L,0xa96fd3b74694e15aL } },
-    /* 6 */
-    { { 0x95dd5ee5a98b4254L,0xea328205aa845e67L,0x98640fb5a1e36348L,
-        0xd1bc5c251add5ee7L,0xc3158a423d11b799L,0x5feb68ed47c83d54L },
-      { 0x7c5a1204963a207bL,0x2f2b2c7eee4671f8L,0xb63d291cd42867a6L,
-        0x0b073620139530f4L,0xbe149492abb05b99L,0x21417da455accd2aL } },
-    /* 7 */
-    { { 0x9408555e9e5eba15L,0x416250137b7572c5L,0xfa53ee50bfff6ea7L,
-        0x3d682de1e7b178c3L,0xb3e8769dec329f53L,0x1ab8c82e9eb524f4L },
-      { 0x5bbd538dde2f1eb9L,0x1d1b0bea2b19c51eL,0xf785f9b98cb06eeeL,
-        0x5cff29c6f58f21d5L,0x44aaa52245cbaef3L,0xd60c19427de40246L } },
-    /* 8 */
-    { { 0x378205de2f9fbe67L,0xc4afcb837f728e44L,0xdbcec06c682e00f1L,
-        0xf2a145c3114d5423L,0xa01d98747a52463eL,0xfc0935b17d717b0aL },
-      { 0x9653bc4fd4d01f95L,0x9aa83ea89560ad34L,0xf77943dcaf8e3f3fL,
-        0x70774a10e86fe16eL,0x6b62e6f1bf9ffdcfL,0x8a72f39e588745c9L } },
-    /* 9 */
-    { { 0x73ade4da2341c342L,0xdd326e54ea704422L,0x336c7d983741cef3L,
-        0x1eafa00d59e61549L,0xcd3ed892bd9a3efdL,0x03faf26cc5c6c7e4L },
-      { 0x087e2fcf3045f8acL,0x14a65532174f1e73L,0x2cf84f28fe0af9a7L,
-        0xddfd7a842cdc935bL,0x4c0f117b6929c895L,0x356572d64c8bcfccL } },
-    /* 10 */
-    { { 0x984a6aed6420bc66L,0x6d90e0e0896a24a6L,0xe0adb93a18713003L,
-        0xf00d424c1a8369fcL,0x636ebf14712ae802L,0xee39ff8ebe9d739aL },
-      { 0xb330dd3e94f6d1dcL,0x6ba6780eb7731cf8L,0x4e569408198be5a2L,
-        0x6639523b0193a22cL,0x6978cc9d91aa1455L,0x62062d8f329f9763L } },
-    /* 11 */
-    { { 0x7159107d80efff78L,0xf8ed5f8e8e4c39d5L,0x64a2265cc15e679cL,
-        0xfc514e17a6d96c81L,0x59c86545f093e0a8L,0x804b0a588b5a336aL },
-      { 0x94c32118cb9dcbcaL,0x2deb0e385d45251dL,0xd1092b0986869572L,
-        0x073bf838fb2e9f97L,0x76b6d7d6de700fcbL,0xd2a6d110f2ddce5fL } },
-    /* 12 */
-    { { 0x6da7ccd0229de19eL,0x5050d45df0aa039dL,0xf9f01d68d9e7a861L,
-        0x6d8b9f2000aa05f2L,0xae3d9698742cd4d9L,0x43e477abd560c394L },
-      { 0x73d594991cb6dd81L,0x689162b2fac3f62eL,0xd6187ca864d1d0d5L,
-        0xe8421a0d2f067457L,0x9b266acbea7c3a8dL,0x707e0e6e44df5cb3L } },
-    /* 13 */
-    { { 0x604b2a1a026511a0L,0xd4f6cf16256f4076L,0x7d823347b315a642L,
-        0x8f805833786aa438L,0x9883df85f04bb4b3L,0x02bc10305bba6d84L },
-      { 0xfe39a024a72c03acL,0xa980db635f2dbfd0L,0xcd53149f4f259ec6L,
-        0xe969079b43f53f97L,0xd3849fdb42f9f27cL,0xd2cfd3f842653dc9L } },
-    /* 14 */
-    { { 0xbf69fe6a6abe7d80L,0x4932288192bb50e2L,0xc9e2f7fb61e8b18dL,
-        0x24c74788f6c82421L,0xe79e5e3011c0b244L,0xd6612c70e0484571L },
-      { 0x7863ff927ef82d17L,0x692790feb0a1b01cL,0xa2d6ffb5afe51546L,
-        0xacdb43f26cf550c6L,0x3b3243dfaecfaf8fL,0x9557335ac233bcd9L } },
-    /* 15 */
-    { { 0x25e08c8faff5b387L,0x112c11e2d06208ceL,0x61031c1765234214L,
-        0xba06f5550514764dL,0xfaacf6f39bd197d0L,0xe4b032321464a57fL },
-      { 0x00c19adfe35dcd69L,0x81b75730a1c2646cL,0x47baa4fee0c50e32L,
-        0xe9297832bcaddb3bL,0x1768d2f9d712c6cfL,0xfcef29fdb82e9eeaL } },
-    /* 16 */
-    { { 0xdbe04c3044ce3ad8L,0x995fbb1b4ce8aad5L,0xdbf8b54670911457L,
-        0x9e683b5b3f7a1757L,0x7b89a08a9c7bd62cL,0x448865a40b3fc97eL },
-      { 0x0ac9abfc3bb01e94L,0xa07760421e756124L,0x0aa6c335d9deed97L,
-        0xe270580f72603e08L,0x70857a946c783bb2L,0xa0047774caa929aeL } },
-    /* 17 */
-    { { 0x56211190a353e889L,0x052917c3190eb198L,0xadfd85b03eee3d12L,
-        0xde1d761779fd9c91L,0x05be51b7bf500159L,0x271f07178fcb87f1L },
-      { 0x02673e273a75ac71L,0xb1b7246eda12da8dL,0xb25647928f5fb8c0L,
-        0x0a22cbe1063b1d7fL,0xb0d7a7365649976eL,0x8f8e6e289e96b15dL } },
-    /* 18 */
-    { { 0x8fc113f98312351cL,0xe837b9e0c5eff002L,0x7cb9ef074dad72fcL,
-        0x18a8d43eb5eb7ee3L,0x2cf3ae844925efdbL,0x376e9e857756ec6aL },
-      { 0xf77a79c8a3e3705fL,0x2d590b7d6c5fbab3L,0xa59713e27a4766c3L,
-        0xb5da6a6861544174L,0xadb04a8adab1fe76L,0x03b6138d375143b4L } },
-    /* 19 */
-    { { 0x20d88a80c1bfa043L,0x88806999672583ceL,0x195a89eaaea9b605L,
-        0x0b9b4e8532bac07bL,0x8279965683868df6L,0x83c58afab52711a9L },
-      { 0xb895c13d1c869283L,0x00f98d046206dde6L,0x76caaa22884bf311L,
-        0x22b2137f995b29a5L,0x7f645809b098b07bL,0xa540c8a6050e2552L } },
-    /* 20 */
-    { { 0x47980509e562d904L,0xe736f89d031e112cL,0xbc6bfb0765d8ae25L,
-        0xe9ed4cc4ca459646L,0xf540e90e2fff67ffL,0x836280eb1a314e11L },
-      { 0xa710b25041610627L,0xefc22b1573a9f9a2L,0x60f20789456498c0L,
-        0x417920438052f4e7L,0x5c850903d5c0e80dL,0x52df5275bf1d8815L } },
-    /* 21 */
-    { { 0x25539de98ece218dL,0xb36574a8dca420baL,0x9d1812680e0d07feL,
-        0xea79a5f5ad3ed34fL,0x8b739ad57c9277cfL,0xd88659886ee9a930L },
-      { 0xaf07bfb621591a3eL,0xe0138c6508f3524fL,0xd3128f1297ee315eL,
-        0x67f8641e21045f63L,0x3e1a96b140c73a2dL,0x8976b70305f51122L } },
-    /* 22 */
-    { { 0xdeaf635731960db4L,0x680b054e5948d7f7L,0x0841e40fd272bb5cL,
-        0x94d37db26e36117dL,0xaf2d001547f63ec8L,0x82665cdc47493309L },
-      { 0xfe90e844abbe3851L,0x8357709afb79bc0cL,0x811a64d2b6bcc044L,
-        0x1937c988882b3415L,0xe8b28724e267b271L,0x84d1eed0af89ed33L } },
-    /* 23 */
-    { { 0x52b8234f54c894a7L,0xfe54146fa2d11b70L,0x6412b5eb0aab6097L,
-        0xa62499906a13a9daL,0xd2b1eb50adc448caL,0xe7ab51f9b115ab92L },
-      { 0x4638ee62e76551d8L,0x74c3c1e1afe9c98dL,0x59000ad060d77322L,
-        0x0a4b105ba06adc9aL,0xcdaeb4a496a6f616L,0x8c79c4a1864b49dcL } },
-    /* 24 */
-    { { 0xc09c32d1c0b1bf15L,0x005d510f88d74e44L,0x031f9a9afc2c089eL,
-        0x08aac7294ba183f0L,0xf227a7ceaf2245ebL,0xb4ec33cbb3a864ffL },
-      { 0xdb76decd570a24f3L,0xea59387a12283a9eL,0x81b7c569341ef9a4L,
-        0xad7c98bd8d77833aL,0x2182133b49ca80ffL,0x1de1d456085802b7L } },
-    /* 25 */
-    { { 0xeead25b2e1c02860L,0xb2ae43694ff42d2eL,0x4b39a2ddfd61c1b0L,
-        0x29c826ea968718a5L,0x877fdf15d9751a0aL,0x00b321dfb54affdfL },
-      { 0x3c7c0778d4d5dbf7L,0x858a0fdccfc47423L,0xbd8e6544185b3063L,
-        0xa22c3ef62da46a04L,0x5c2d84016a6c0ce1L,0x260246eddd6329aeL } },
-    /* 26 */
-    { { 0x71753fc00c6463f6L,0x7ec14c015c6c9e33L,0x28b9ab9441ce6153L,
-        0x3a1ac251a6702c8dL,0x2b124bc49ed6cb1fL,0x7a11c4be4fc7383fL },
-      { 0x1414913509fac991L,0xf7c188d3cb1ee336L,0x754bc47391c3f406L,
-        0x71d34587cad39500L,0x213dd1a7dd0399a1L,0x8457a8f671d05899L } },
-    /* 27 */
-    { { 0xa921ca662e9c06d3L,0x1d8974e89ba6521fL,0xbb465c775f79f791L,
-        0x8f983f083a3954c8L,0x8492f8398b3935dcL,0x2b87d9c290c04426L },
-      { 0xcec76ea403e60a28L,0x648e9830aa631308L,0x7b542f791eb86b73L,
-        0xfc8cc9a3150d854dL,0x2be86940bfcc83feL,0x2e58a13ac88c7585L } },
-    /* 28 */
-    { { 0x19249a8fd1bc237fL,0xdec1c6a563505555L,0xc8256977bad2a93bL,
-        0x78533659fc598170L,0x888a6578ee7e53cbL,0x28783b0e33766db3L },
-      { 0xcf791e56e42c28f2L,0xfbf8dde8f9c37f4cL,0xf0ffaf1712c05395L,
-        0xd27d21e9daf2f012L,0xf90432da9a7be009L,0xa459c036a8012f28L } },
-    /* 29 */
-    { { 0x4d99a7cac8b1c6d4L,0x8088818825c899c0L,0xbd27e9be2ebdeb3dL,
-        0x73c3e0aa054e77c1L,0x180c848498534ce5L,0x750d52f754ffa9cdL },
-      { 0x5f26eeb16f702f4cL,0x427fc6e4cc76d8f4L,0x93126b8d026b631dL,
-        0x5356b93917e145a7L,0xc79ca872c0be7c84L,0x3fca7cad4b615fb7L } },
-    /* 30 */
-    { { 0xed48fe78d0241021L,0x252b14a0142f7f8eL,0x19ab85c6db573a09L,
-        0x546c3960f3df906fL,0xc688f4b22c810ea8L,0xbccf0cca5ff9e108L },
-      { 0x34f4609e3f2cc69bL,0xf3b1efe414afe4f4L,0x5d809cef37a8ef74L,
-        0xa8d1978a176ba328L,0x75dde11fdf59ecb9L,0x34eeeaffa9916ee2L } },
-    /* 31 */
-    { { 0xe7f603f248e83c85L,0xa94a539cfa581815L,0x5a61a596dba360b7L,
-        0x6cc51dd16a77ef79L,0x4ff36ae0fdbceb9dL,0xfcff65323e8a9c07L },
-      { 0x0ba0ce5436d4d0b8L,0x98087a452464efc2L,0xd456843bcc1a2ba7L,
-        0x677384a53853e04cL,0x625d32d56c7971deL,0x86882509f724b331L } },
-    /* 32 */
-    { { 0xc20fb9111a42e5e7L,0x075a678b81d12863L,0x12bcbc6a5cc0aa89L,
-        0x5279c6ab4fb9f01eL,0xbc8e178911ae1b89L,0xae74a706c290003cL },
-      { 0x9949d6ec79df3f45L,0xba18e26296c8d37fL,0x68de6ee2dd2275bfL,
-        0xa9e4fff8c419f1d5L,0xbc759ca4a52b5a40L,0xff18cbd863b0996dL } },
-    /* 33 */
-    { { 0x684a681892a5eeeaL,0x1f5b193242a09264L,0x30bd8695d98a2f34L,
-        0x6e775e019a8601fcL,0x8126bdc24ca956f8L,0x149e73d9e5595daaL },
-      { 0x876428401f851e83L,0x4b8863dbd3a7c4a0L,0xe1e43b3d8c95d7d9L,
-        0x7f1e307ea60fd528L,0xbf2fa5d134341610L,0x11ad4a8181c502d3L } },
-    /* 34 */
-    { { 0xc7df022e782dd401L,0xd15aa9a9a7bcc543L,0x6aa42774b94df1d0L,
-        0xab2660c30592a13eL,0xaf4e40809ffc40c7L,0x01152c8d9cd52b10L },
-      { 0x649de1d99034a33aL,0x2b9d0ef0d758abfcL,0xdddd0bc2d458adddL,
-        0xe5366ac9c09837f8L,0xa003abbb7b1ae35fL,0x880062887ab1fddeL } },
-    /* 35 */
-    { { 0x6b6c8f055288f1b4L,0xba05407c033738b4L,0x26cac3a941a955e3L,
-        0x28f1692f8e0e0601L,0x2032cb36842c4887L,0x6adeba457d76b20fL },
-      { 0xd282c2ce654c6f5cL,0x30584ca5be9ba4f1L,0x45d766a01b2c528bL,
-        0xe918bad7c0c6f8ccL,0x1e050b2a0560f070L,0x4fc95de12d6dd010L } },
-    /* 36 */
-    { { 0x2bb26072150191d5L,0xea2617618108dcf6L,0x4dfa1303e6083c63L,
-        0xfa4e0709e2876fb8L,0xf901fed0b1668763L,0xf01c53aeb82c967aL },
-      { 0xb43e59d39ed827e8L,0xb58e157e57774eefL,0x57ee54e31b83dceeL,
-        0x3d896f32613aa922L,0x69d40667b5c7bfc5L,0xd402b5cb77a2c0d8L } },
-    /* 37 */
-    { { 0xabeb70127d3c9923L,0x412ada8dd7ecb93aL,0xeb64dc910b71ae2fL,
-        0x52ef537aa9ab061aL,0x0863970fc1b55faeL,0xfaff5fb9b1182dbdL },
-      { 0x5551d6fed0abaa17L,0x7bb3e02072d641f6L,0x939d7793aa9d288cL,
-        0x1450f8bf9078e2c2L,0x24ccd102a086b6aeL,0x57d1796f6a3f8a5fL } },
-    /* 38 */
-    { { 0x1023120683ce1f76L,0xd16d4b9f03ee406fL,0x9d39c39883caa4b7L,
-        0x875732f5ce299b93L,0x1e6a425d2f121f4aL,0x4b1f1d835d8c3279L },
-      { 0xe655f58856dd6a6cL,0x23f106475843fd34L,0x932b7d942bad6ce2L,
-        0x70a0580e6772a52eL,0x3240118ac88537afL,0x9ccb2ca9d2407224L } },
-    /* 39 */
-    { { 0xa6a40db8710f2324L,0xb3567518c2a8a09aL,0x8816442841b5650aL,
-        0x2a352ed27570ba50L,0x23ee46b94c85d77eL,0x643aceffd858a8c3L },
-      { 0xe067908de3f02e82L,0x8d5869f2ffb8cf81L,0x4713f0820bc8ad7eL,
-        0xe1ee44c780057c40L,0xb34395087d2cf34eL,0x4307b0e10336a207L } },
-    /* 40 */
-    { { 0xe9c1e45746e4d003L,0xa23978c394332057L,0x0e2f300829575db6L,
-        0x50a51ff490441e9eL,0x38ce3ed0508d4a07L,0x6a997411cfd7224eL },
-      { 0x4d147c31da6b1e1dL,0xedf604b2da8a3547L,0x7a1b8cf0d5e9ceedL,
-        0xd74e501213544e6aL,0xcc49f8da4ad968f9L,0xfb87e604cc69ada9L } },
-    /* 41 */
-    { { 0xde79409bdf166882L,0xd645b836d46cc527L,0xda4a02f3b6c3eb28L,
-        0x845e3c5900e7cf86L,0x733bdc9b604c6d80L,0xe3a1244b847acd97L },
-      { 0x421312d6d128842cL,0x81f71feaa1c598efL,0xc619465545eaf796L,
-        0x1ffb85121f338b6cL,0xe7aed7106632f064L,0xf8d1ffb7f5b6e510L } },
-    /* 42 */
-    { { 0x7d3f031f3eace851L,0xef43ab7025923624L,0xbae811881af6cdecL,
-        0xb7e93b49ea862112L,0xe35a4fc6af23aba2L,0xc52e1fc0aecc593eL },
-      { 0xbffa292428148b99L,0xd08040fc89e3d795L,0x7da320032db47b3aL,
-        0xe78b44e5a0eb7aa3L,0xd1648ec8f0ec090bL,0x4048dba7740fe871L } },
-    /* 43 */
-    { { 0x6fddb89fa00a14acL,0x844f991508aa06e7L,0x6d5ac4a9f76aca7dL,
-        0xfba1ba85e9fa4d51L,0x159633bbb2ea0fc7L,0xa2eb0e4b76ba2854L },
-      { 0x8a858155c11f5398L,0x30a96e535e8ea044L,0x696210c197e05a47L,
-        0x86e55f9415036f4bL,0x0c93ea9c6a96d9d7L,0xb7ba506179eba3daL } },
-    /* 44 */
-    { { 0xd305c733cd94d7b2L,0x9ea33e363e7955b2L,0x78a98855bc73812fL,
-        0xfb1b791d48a3a9a0L,0x6e5107ee04014aafL,0x0412b2c00ea07de0L },
-      { 0xdd3a2408ddcaca68L,0x5d18e69ae3344f29L,0x3ce65481f9017408L,
-        0x50abb4568cbd64fbL,0x442fa5098916a9ebL,0x16b3ddc7c538c410L } },
-    /* 45 */
-    { { 0x6757dbfd25e331abL,0x0efde50ba3eaafbcL,0x1cd46222d531d29cL,
-        0x1b713ca93561cb2bL,0x7d07334bfb5bc99dL,0x95dba43e885a417dL },
-      { 0x1c9c3f3f77823a59L,0x43533ba83220cb7fL,0x1b918bc182e3e401L,
-        0x66a039aacd3fec87L,0x1d39dbb02dad36d5L,0x554025959dc04be4L } },
-    /* 46 */
-    { { 0xdf39920847744933L,0x4264f7ea82524dd6L,0xdb57ec08e5182c6dL,
-        0x2d6778e705c5e7bfL,0x3f37793f96f53ea2L,0x6472cbae05c47e48L },
-      { 0x9e6dd60fbf78067cL,0xa2817ec2cef34088L,0xde4715b8168edde9L,
-        0x6c57105146bf31e1L,0x98113fbbc4272bc0L,0x03bb7922cc3b90c3L } },
-    /* 47 */
-    { { 0xe0f23be157d88fefL,0x4125c55b0ca27a01L,0xeadf527e14a71262L,
-        0x1f2e803ccc4e9a04L,0x32e07b47d68c4fcfL,0x1577fab79db5070bL },
-      { 0xd786d6e57831990aL,0xf64ff4b154fbde40L,0x4bac5b034f9450aeL,
-        0x06ae25e055116af9L,0x33d84ea2d7b4fcfcL,0x44a92e73569c3b9eL } },
-    /* 48 */
-    { { 0xf5bdccbabad0cb7fL,0x370f43ca958edd05L,0x3dd8232b04904a26L,
-        0x3f8106682f4458e8L,0xdfcb67b99b3ace7eL,0x54e42f2d3e1241fcL },
-      { 0xe30f3fb0db889300L,0x4ca0184b483e51fcL,0x5a32d097a638dac6L,
-        0x567a2b5ec62a1db0L,0x2a756ba3c446456cL,0x6919026dd9f8d5c0L } },
-    /* 49 */
-    { { 0x7f6493fc4fec874aL,0x8bb8a674d47a0770L,0x90bad2a652bd4f0cL,
-        0x16badbe2f5733b07L,0x93be07cf93a1f802L,0x1e37a01541c395f7L },
-      { 0xfe2c0fd6216582b3L,0xdcd98bc81627180dL,0x41e037268e8c9f1eL,
-        0x93dbc22cfe8f45afL,0x5728c8a6ff45e059L,0x4f2f15cfca4a98cdL } },
-    /* 50 */
-    { { 0xdbe2ec5d656e7d76L,0x84ad1b4bae2757bbL,0xc9297e7a0d4fec75L,
-        0xfcc673eecad3ba87L,0xb0f77621dfd1671aL,0x5c386e449704a8c7L },
-      { 0xce78f03f3e29256dL,0x0b185938c3a6ed2fL,0x7b1e2fae7824819bL,
-        0x5a85d7f1f2d9313cL,0x238bd27973595b0fL,0x5fbf6b675c1cd2dcL } },
-    /* 51 */
-    { { 0x84d1ffb88a3e2412L,0xf01605926515f2feL,0x0e26ea9889905340L,
-        0xbfd7a1b7203bd3d4L,0x5301273a88ea0bdaL,0x2f424475b28dd43eL },
-      { 0x31014a2b33c28afaL,0xffbdea0c01e220eaL,0x681c64e8460b81d5L,
-        0xdbe6f7286a91e1d5L,0x068bf36332619ad5L,0x4946291f27976c74L } },
-    /* 52 */
-    { { 0xa081a9462068e4b0L,0x1a8f5df609bfdad0L,0x5fbba5bcef28dd35L,
-        0xa3e60d4f031ff71eL,0x2d47689b702ca18eL,0xd283f247c9b8e66bL },
-      { 0x63e65dd7859ea140L,0x123da61f42aacdc3L,0xa8a9e893336f680cL,
-        0x1cc4e12ac23d43acL,0x421e80d586a1fff8L,0x833d60d543deecc9L } },
-    /* 53 */
-    { { 0x3c25b57c29014f8fL,0xa19fcb1e35d8e122L,0x916c0e3ceda32ac8L,
-        0x9a23d289f36b6096L,0x5099038439a39871L,0xdc5b77b661c64196L },
-      { 0x5a7d9917942bf2b6L,0xd21853934f41cf6dL,0x90ff1016fcc45c2fL,
-        0x9891093deb8938aaL,0xe3c49b1baac4e6e9L,0x0f21a1d1d7a8e91eL } },
-    /* 54 */
-    { { 0x3a808e336f364b7eL,0x6a96d1b8bfa17359L,0x3387ec8552b36545L,
-        0x2fde350af712180cL,0x9219d6f4703a2183L,0x8ba27e0086457946L },
-      { 0x7446bca0ed80a9afL,0xbaf78b6f7203637aL,0x0304129d497c9d0fL,
-        0x6df1e0356a883b68L,0x93ea2bb5e8018c47L,0xc86fd77cdb46443cL } },
-    /* 55 */
-    { { 0x8de865d255dc2427L,0x74f7f83d6f72d126L,0xee1111786c7e665aL,
-        0x272a8b3dddf44f12L,0xad3546449164eb4fL,0x2ffbdb586859d68fL },
-      { 0xbefd36c509701865L,0x63c256162c983d01L,0x15a7ba0b2eb68703L,
-        0x3318a82b5bb0fafcL,0x8e930fa9a0804f38L,0xb7459eb6be60ed1dL } },
-    /* 56 */
-    { { 0xace01c514260b948L,0x04a6080f49210f78L,0x0d1eef6b2241b00dL,
-        0x85a25069ef63912aL,0xcc96c4ec13dd8bc2L,0x90f14d1140d7e234L },
-      { 0xae33f18ca69c8dc3L,0x76921f2a9adfa431L,0x18158ccf048c9f49L,
-        0x90bcf7fbfb8fb345L,0x0d50b4dc38b3ff5dL,0x3914ea0b59ef84a8L } },
-    /* 57 */
-    { { 0x4929d3f9d4e37cf3L,0x622183d1b24c24c0L,0x65cec0675f904d34L,
-        0x65f9931a8a6f76faL,0xeed975b0e73282f2L,0xa045552a5e1625fdL },
-      { 0xfd6b3e02f8fe8e42L,0x5f9f40256203907cL,0x8307eedb42b2c264L,
-        0x2fb3ee719f757e92L,0x4502f2ecdc157ea8L,0xd976e7755d1cc0d5L } },
-    /* 58 */
-    { { 0xe46fb9a28fe1946eL,0xe91df3ed63bdde6eL,0x2e995306e9c28432L,
-        0x7b3a6fe10988235bL,0xc55199f077f92a71L,0x47dd034853cb7950L },
-      { 0xead52de2b727a6d1L,0xb87c9f75eea9c8daL,0xf3e2f3280d944f21L,
-        0xce82734edd751eddL,0xfb83225ce616cedcL,0x15850e4b4a31eb49L } },
-    /* 59 */
-    { { 0x92c4b6d50196ad3aL,0x0205ea484e1205e4L,0x8e08a97c0afc5affL,
-        0xda8687c6727827ebL,0x2eace83106e398aaL,0x3a086c0f6d69e4e8L },
-      { 0x5ff9b7aaf286e62aL,0xc428503962aae55eL,0x4ebd4258d9530a3fL,
-        0x57ea313a8afc7fcbL,0x6d30a67522c18879L,0xd3c00cc994afb659L } },
-    /* 60 */
-    { { 0x53ee47c5dee0d48bL,0xbd9e84ad9dfa2397L,0x2d581e12f81ba5e2L,
-        0x26269f4f132cd325L,0x9e6224df58860a5fL,0x9306c607ff55522aL },
-      { 0xb48af6d4146950e5L,0x09920ed00436805eL,0x3a1bc276cdce7eaeL,
-        0x55ba728ac39a425eL,0x6a04d4e6d961d03eL,0x13891c66736e684aL } },
-    /* 61 */
-    { { 0x7c75175a04cd04d6L,0xb76f9bd909c27a17L,0xa0cff6d408e5fe36L,
-        0xc9097695dcd5ef90L,0x26bea24585e28054L,0x658e03c61580f068L },
-      { 0x0da9f75e811eed27L,0x086e5e04aca0d2eeL,0xd4c157faa53a6787L,
-        0x2e9266d2b40a595cL,0x8f1cb52698fa0820L,0x32a74240a1aef514L } },
-    /* 62 */
-    { { 0xeb42e3d91ae86e7cL,0xd6956c8ce04a5026L,0x4c0b8b980f4302ebL,
-        0xde43c938b37211fdL,0x9fa6a158e7090f80L,0x5f3c9afc73c47fb6L },
-      { 0x2dc4f109f850a4d0L,0x56e63a4b6fd49d6aL,0x8e80a0694cbff048L,
-        0x18d8b8cf2284afb0L,0x61dd086dc89363a1L,0x034c2202c37342a4L } },
-    /* 63 */
-    { { 0x1ae0c4e11c718580L,0x303f48a6bf99a0bfL,0xa5551e4491ae219fL,
-        0xdc41d9bd55a05287L,0xd5aa73e36872b123L,0x6fd94b0ce6395bf6L },
-      { 0xbb95fdbac00afbc1L,0x9cd96208497cac10L,0x8adbd8c1ca51afeaL,
-        0x94fedafbf3bc5f5fL,0x29c0217bdf9f5371L,0x5c13eb4bd9024634L } },
-};
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_6(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^64, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_avx2_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_stripe_avx2_6(r, &p384_base, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#else /* WOLFSSL_SP_SMALL */
-/* The index into pre-computation table to use. */
-static const word8 recode_index_6_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_6_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<55; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 6)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 6) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_6_7[y];
-        v[i].neg = recode_neg_6_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_get_entry_65_6(sp_point_384* r, const sp_table_entry_384* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_get_entry_65_avx2_6(sp_point_384* r, const sp_table_entry_384* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-static const sp_table_entry_384 p384_table[3575] = {
-    /* 0 << 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 0 */
-    { { 0x3dd0756649c0b528L,0x20e378e2a0d6ce38L,0x879c3afc541b4d6eL,
-        0x6454868459a30effL,0x812ff723614ede2bL,0x4d3aadc2299e1513L },
-      { 0x23043dad4b03a4feL,0xa1bfa8bf7bb4a9acL,0x8bade7562e83b050L,
-        0xc6c3521968f4ffd9L,0xdd8002263969a840L,0x2b78abc25a15c5e9L } },
-    /* 2 << 0 */
-    { { 0xc8229e55783dde91L,0x8e6c8f2e022b53f0L,0x3504e6f0ff9d48a1L,
-        0xda821495f0687f50L,0x9c90a4fd2de4b506L,0xdb93b776427460c3L },
-      { 0x42ea84633140bfdaL,0xe8e8e4a8c2aaccd8L,0x15e4f18bdc588258L,
-        0x09f1fe415172bad9L,0x070d430900b0e684L,0xe34947f7123df0c2L } },
-    /* 3 << 0 */
-    { { 0x05e4dbe6c1dc4073L,0xc54ea9fff04f779cL,0x6b2034e9a170ccf0L,
-        0x3a48d732d51c6c3eL,0xe36f7e2d263aa470L,0xd283fe68e7c1c3acL },
-      { 0x7e284821c04ee157L,0x92d789a77ae0e36dL,0x132663c04ef67446L,
-        0x68012d5ad2e1d0b4L,0xf6db68b15102b339L,0x465465fc983292afL } },
-    /* 4 << 0 */
-    { { 0x0aae8477ebb68f2cL,0x30594ccbee0421e3L,0x2e4f153b0aecac46L,
-        0x078358d4736400adL,0xfb40f647d685d979L,0xcfeee6dd34179228L },
-      { 0x54f3e8e79b3a03b2L,0xe74bb7f17bfec97eL,0x8e3e61a34c542ad1L,
-        0x147162d30418c693L,0xe607b9e33820017dL,0x50946875303df319L } },
-    /* 5 << 0 */
-    { { 0xbb595eba68f1f0dfL,0xc185c0cbcc873466L,0x7f1eb1b5293c703bL,
-        0x60db2cf5aacc05e6L,0xc676b987e2e8e4c6L,0xe1bb26b11d178ffbL },
-      { 0x2b694ba07073fa21L,0x22c16e2e72f34566L,0x80b61b3101c35b99L,
-        0x4b237faf982c0411L,0xe6c5944024de236dL,0x4db1c9d6e209e4a3L } },
-    /* 6 << 0 */
-    { { 0x7eb5c9317d56dad8L,0xcb2454b339d3413aL,0xec52930f580d57f2L,
-        0x2a33f6661bdf6015L,0x4f0f6a962b02d33bL,0xc482e189f0430c40L },
-      { 0x3f62b16ea7b08203L,0x739ac69d5b3d4dceL,0x8bd4bffcb79e33b0L,
-        0x93c9e5f61b546f05L,0x586d8ededf21559aL,0xc9962152af2a9ebaL } },
-    /* 7 << 0 */
-    { { 0xdf13b9d17d69222bL,0x4ce6415f874774b1L,0x731edcf8211faa95L,
-        0x5f4215d1659753edL,0xf893db589db2df55L,0x932c9f811c89025bL },
-      { 0x0996b2207706a61eL,0x135349d5a8641c79L,0x65aad76f50130844L,
-        0x0ff37c0401fff780L,0xf57f238e693b0706L,0xd90a16b6af6c9b3eL } },
-    /* 8 << 0 */
-    { { 0x23f60a05dd9bcbbaL,0x9e336de5ae9b587aL,0x1c5c2e7193d7e30fL,
-        0x1d9aebd64f3ddb37L,0x1c7b5fe116b66423L,0x5db4f184349cd9b1L },
-      { 0x0d2cfe83e6655a44L,0x836dbb36b7e55e87L,0x701754bf7d8686e4L,
-        0xe9923263a42dbba2L,0x7008d943c48ecf0eL,0x3c0c6dd70d27ef61L } },
-    /* 9 << 0 */
-    { { 0x2f5d200e2353b92fL,0xe35d87293fd7e4f9L,0x26094833a96d745dL,
-        0xdc351dc13cbfff3fL,0x26d464c6dad54d6aL,0x5cab1d1d53636c6aL },
-      { 0xf2813072b18ec0b0L,0x3777e270d742aa2fL,0x27f061c7033ca7c2L,
-        0xa6ecaccc68ead0d8L,0x7d9429f4ee69a754L,0xe770633431e8f5c6L } },
-    /* 10 << 0 */
-    { { 0x845539d3c8d99c02L,0x2a15a9a6e58d6787L,0xe9f6368eab225fa3L,
-        0x54a612d7eb32cabeL,0xc2f646025c4845ecL,0xa91a5280db1c212eL },
-      { 0xbb971f78e67b5fceL,0x03a530eb13b9e85cL,0x592ac0ba794eabfdL,
-        0x81961b8ccfd7fd1dL,0x3e03370a47a9b8aaL,0x6eb995bec80174e8L } },
-    /* 11 << 0 */
-    { { 0xc7708b19b68b8c7dL,0x4532077c44377abaL,0x0dcc67706cdad64fL,
-        0x01b8bf56147b6602L,0xf8d89885f0561d79L,0x9c19e9fc7ba9c437L },
-      { 0x764eb146bdc4ba25L,0x604fe46bac144b83L,0x3ce813298a77e780L,
-        0x2e070f36fe9e682eL,0x41821d0c3a53287aL,0x9aa62f9f3533f918L } },
-    /* 12 << 0 */
-    { { 0x3db8477270313de0L,0xd4258cc55d970420L,0x03aced26c8edfee1L,
-        0xf67eb42235d77d83L,0x523c40dbcf9ab45cL,0x627b415f9c35b26dL },
-      { 0xfacc45e48be55ed8L,0x80d60af627aa651aL,0x8c79848fd0e102acL,
-        0x40c64a4e66bed5afL,0x0329eab1f7942f0eL,0x0c6e430ef9c4af3dL } },
-    /* 13 << 0 */
-    { { 0x9b7aeb7e75ccbdfbL,0xb25e28c5f6749a95L,0x8a7a8e4633b7d4aeL,
-        0xdb5203a8d9c1bd56L,0xd2657265ed22df97L,0xb51c56e18cf23c94L },
-      { 0xf4d394596c3d812dL,0xd8e88f1a87cae0c2L,0x789a2a48cf4d0fe3L,
-        0xb7feac2dfec38d60L,0x81fdbd1c3b490ec3L,0x4617adb7cc6979e1L } },
-    /* 14 << 0 */
-    { { 0x5865e5018f75244cL,0xd02225fb01ec909fL,0xca6b1af8b1f85c2aL,
-        0x44ce05ff88957166L,0x8058994c5710c0c9L,0x46d227c432f6b1baL },
-      { 0xbe4b4a9003cb68e5L,0x540b8b82730a99d1L,0x1ecc8585e11dbbbfL,
-        0x72445345d9c3b691L,0x647d24db13690a74L,0x4429839ddefbadf5L } },
-    /* 15 << 0 */
-    { { 0x446ad8884709f4a9L,0x2b7210e2ec3dabd8L,0x83ccf19550e07b34L,
-        0x59500917789b3075L,0x0fc01fd4eb085993L,0xfb62d26f4903026bL },
-      { 0x2309cc9d6fe989bbL,0x61609cbd144bd586L,0x4b23d3a0de06610cL,
-        0xdddc2866d898f470L,0x8733fc41400c5797L,0x5a68c6fed0bc2716L } },
-    /* 16 << 0 */
-    { { 0xda6e8a7f7c33ed91L,0x992afb5b0ecdd2d8L,0x37cf65517917652aL,
-        0x317b63ea2887d5ffL,0x37065f5313bdc3faL,0xa10896aa435abaa1L },
-      { 0x9b21615fefabca26L,0xeb07ddea230cf00dL,0x914871dc154d410fL,
-        0xb333bdfbc88ee148L,0x51c305c6a72d1967L,0x659db48181ef2513L } },
-    /* 17 << 0 */
-    { { 0x8903e1304b4a3cd0L,0x3ea4ea4c8ff1f43eL,0xe6fc3f2af655a10dL,
-        0x7be3737d524ffefcL,0x9f6928555330455eL,0x524f166ee475ce70L },
-      { 0x3fcc69cd6c12f055L,0x4e23b6ffd5b9c0daL,0x49ce6993336bf183L,
-        0xf87d6d854a54504aL,0x25eb5df1b3c2677aL,0xac37986f55b164c9L } },
-    /* 18 << 0 */
-    { { 0x5dfee73ce5b82700L,0x198fd3f0f38f6662L,0x3bd1c8f62edb0dbdL,
-        0x55a96a6879909f08L,0x68a2324355671693L,0x57505d8d67497030L },
-      { 0x8a60717f75c64513L,0x54b867b7f78aa7deL,0xc266eb8441129858L,
-        0x6ffcfc7ca4cfd9bbL,0x9bdd6a092945a757L,0x91700b247eb1be63L } },
-    /* 19 << 0 */
-    { { 0x82a2ed4abaa84c08L,0x22c4cc5f41a8c912L,0xca109c3b154aad5eL,
-        0x23891298fc38538eL,0xb3b6639c539802aeL,0xfa0f1f450390d706L },
-      { 0x46b78e5db0dc21d0L,0xa8c72d3cc3da2eacL,0x9170b3786ff2f643L,
-        0x3f5a799bb67f30c3L,0x15d1dc778264b672L,0xa1d47b23e9577764L } },
-    /* 20 << 0 */
-    { { 0xad610a2d94a70ec1L,0xcd96f20591e71d16L,0x713466708cbaffc7L,
-        0xf78cff0cd467f03aL,0x98ca8dd42d96c936L,0x1d1cdf7b5f223465L },
-      { 0xe27a189460d4db60L,0x25f546ab321828ffL,0x9933fb25dccd4df3L,
-        0x422da643ffe6132bL,0x5e01b72b4718bbc7L,0xab9dd81052ebfb01L } },
-    /* 21 << 0 */
-    { { 0x08265e510422ce2fL,0x88e0d496dd2f9e21L,0x30128aa06177f75dL,
-        0x2e59ab62bd9ebe69L,0x1b1a0f6c5df0e537L,0xab16c626dac012b5L },
-      { 0x8014214b008c5de7L,0xaa740a9e38f17beaL,0x262ebb498a149098L,
-        0xb454111e8527cd59L,0x266ad15aacea5817L,0x21824f411353ccbaL } },
-    /* 22 << 0 */
-    { { 0x4f595351262bb775L,0x981b788d16f325b8L,0xccd57831927ed783L,
-        0xc382472ebe0e1fdbL,0xfd7a8b13f0681fcaL,0xe082882d69059095L },
-      { 0x4d1c3049faa71fdcL,0xf9d62fd9c9576c69L,0x7b1ab489cbf837b7L,
-        0xc764edf840d0fcf7L,0x50fc847215809cddL,0x671d69c98fcd8418L } },
-    /* 23 << 0 */
-    { { 0xd1b4e74d12e3683bL,0x990ed20b569b8ef6L,0xb9d3dd25429c0a18L,
-        0x1c75b8ab2a351783L,0x61e4ca2b905432f0L,0x80826a69eea8f224L },
-      { 0x7fc33a6bec52abadL,0x0bcca3f0a65e4813L,0x7ad8a132a527cebeL,
-        0xf0138950eaf22c7eL,0x282d2437566718c1L,0x9dfccb0de2212559L } },
-    /* 24 << 0 */
-    { { 0x259f272cfab816a7L,0x20c1b8e0d809afcdL,0x540c045a409c930bL,
-        0x563361909bd5c2f7L,0x38076e8fca77d74fL,0x4f13f901fc55723fL },
-      { 0x890932d7bd3d10c3L,0x98d82ad1da247ec8L,0xdf5579fa4bea82ddL,
-        0xe8277439a0f9ad3aL,0x1395a87966a4e904L,0x150808e625a302c9L } },
-    /* 25 << 0 */
-    { { 0x1e93722758ce3b83L,0xbb280dfa3cb3fb36L,0x57d0f3d2e2be174aL,
-        0x9bd51b99208abe1eL,0x3809ab50de248024L,0xc29c6e2ca5bb7331L },
-      { 0x9944fd2e61124f05L,0x83ccbc4e9009e391L,0x01628f059424a3ccL,
-        0xd6a2f51dea8e4344L,0xda3e1a3d4cebc96eL,0x1fe6fb42e97809dcL } },
-    /* 26 << 0 */
-    { { 0x6423197d2afd473dL,0xb0391b37897b93f5L,0x6efedb8023bf0b90L,
-        0x808497b7b0bba4a7L,0xf14b309f03fa90f2L,0x37a45bdb091cbb80L },
-      { 0xedda4ae48a8f5dcbL,0xdb3f422d95e16d6eL,0x25c7b9146f5f24c7L,
-        0x5d512df99d42a727L,0xbf2c0862697c08fdL,0x47d98a9df092241cL } },
-    /* 27 << 0 */
-    { { 0xa04482d2467d66e4L,0xcf1912934d78291dL,0x8e0d4168482396f9L,
-        0x7228e2d5d18f14d0L,0x2f7e8d509c6a58feL,0xe8ca780e373e5aecL },
-      { 0x42aad1d61b68e9f8L,0x58a6d7f569e2f8f4L,0xd779adfe31da1beaL,
-        0x7d26540638c85a85L,0x67e67195d44d3cdfL,0x17820a0bc5134ed7L } },
-    /* 28 << 0 */
-    { { 0xc76afaa373b64643L,0x4169b4117b3c1220L,0x550e0bee8ff22c6fL,
-        0x8fb0c597a4da3e15L,0xd8232f8b4e492aa8L,0x55be5764d37da1a2L },
-      { 0xf1bc89b628e77f9eL,0x9ff769c4875fee0fL,0x184bd4733ad6983aL,
-        0xc48ee6f3b033c112L,0x792377fbf8eb8319L,0x05cdca3fe7988176L } },
-    /* 29 << 0 */
-    { { 0x019d6ac5d3021470L,0x25846b66780443d6L,0xce3c15ed55c97647L,
-        0x3dc22d490e3feb0fL,0x2065b7cba7df26e4L,0xc8b00ae8187cea1fL },
-      { 0x1a5284a0865dded3L,0x293c164920c83de2L,0xab178d26cce851b3L,
-        0x8e6db10b404505fbL,0xf6f57e7190c82033L,0x1d2a1c015977f16cL } },
-    /* 30 << 0 */
-    { { 0x6a7a3464d0cbcea0L,0x76aad8b813126388L,0x519b9fd50a183232L,
-        0x15f9abe1feb6b100L,0x7002990485ba4143L,0x92cea8f4c4360dd8L },
-      { 0xdc6c5d1dc12748a1L,0x1846eefcdd3eb156L,0x3117dd04d47a41dcL,
-        0x96c21b29f6a167f2L,0xf569446a27555692L,0x941292e500f88cb2L } },
-    /* 31 << 0 */
-    { { 0xa39c89317c8906a4L,0xb6e7ecdd9e821ee6L,0x2ecf8340f0df4fe6L,
-        0xd42f7dc953c14965L,0x1afb51a3e3ba8285L,0x6c07c4040a3305d1L },
-      { 0xdab83288127fc1daL,0xbc0a699b374c4b08L,0x402a9bab42eb20ddL,
-        0xd7dd464f045a7a1cL,0x5b3d0d6d36beecc4L,0x475a3e756398a19dL } },
-    /* 32 << 0 */
-    { { 0xad852b878c0a64a4L,0x0d784cf208f779d5L,0x1896b9fcc651b1ddL,
-        0xba8953d612e8dc87L,0x3a9865baa631cfb0L,0x5dd2a4a0626b3d79L },
-      { 0x1148bc72687c20bbL,0xa372dfc2f2a52bfdL,0x77315f9e9448fd08L,
-        0x4bcb06f00a2377b6L,0x73b42725b35b4ff0L,0xc510ad93aabca99fL } },
-    /* 33 << 0 */
-    { { 0x61333a382fb3ba63L,0xdf330d9d5b943c86L,0xbbc7c7ee955ef3afL,
-        0xda631fc160f09efbL,0x68af622641d5c400L,0xcc9e97a46c833e9dL },
-      { 0x7fd73e8e3a625e76L,0x13bf6124c209e55eL,0x08467cea48b90b91L,
-        0x8a416eb9bb6f0abaL,0x6fcc93a1b8c31072L,0xa7fd2b619057dad7L } },
-    /* 34 << 0 */
-    { { 0x80b309dd2ada5bf4L,0x0648c2cd2d668c41L,0x45700722abb9102fL,
-        0x9d6ac102b4e25201L,0x7ec2bc1cd50b3e6dL,0xcdb55e6ba07b7caeL },
-      { 0xebcbda0786da3943L,0x470ddc68f8a57f48L,0x9e1418a4554557c3L,
-        0x02d00cfb8a76b2d6L,0x03c050a061520726L,0xa964eefbfdadd24eL } },
-    /* 35 << 0 */
-    { { 0x58a5b5433720ec9bL,0xbb3800d52d7c2fb4L,0x4a508620dde6bd0aL,
-        0x65f16273a02583fdL,0x832bd8e34fc78523L,0xd6149f75e9417bc6L },
-      { 0xfeb026e93deeb52aL,0x0ce18088a55e0956L,0x50018998988092a2L,
-        0x22f19fab28f35eeeL,0xac8a877f52ccd35cL,0xb13a8ad830e23f26L } },
-    /* 36 << 0 */
-    { { 0xf216aa2531238ed0L,0x4a13260770b1b757L,0xa39180d45c2c7ce1L,
-        0x9f82b7fbab52606cL,0x6f01faee26946e78L,0x1608643883061d37L },
-      { 0x597edf370fb077bcL,0x1d11bc5ed6e28138L,0x10209418c167fd20L,
-        0x6a3258ec33f55675L,0xdf33eed7b73401b1L,0xf699887b806085b7L } },
-    /* 37 << 0 */
-    { { 0x0202d57de44f61a3L,0x4027704bb5630ef2L,0xa129e2dff5b54a5dL,
-        0xacb60a7597482b86L,0x9261ede87ef27114L,0x1eba28f3defc58b5L },
-      { 0x6c91c0c98be5589eL,0x2f1643d514594beeL,0x2ea912435d2ca034L,
-        0xb50649a894047d1fL,0x284fcbb5638ca337L,0xfa0e07b7fe85bf85L } },
-    /* 38 << 0 */
-    { { 0x4703cd85891f8ffeL,0x018843c01c0d7702L,0xf3d752f5ad6cbeacL,
-        0x479ecf018173fb32L,0x6b464412bc9a48c7L,0x47ba96091da7b147L },
-      { 0x91af26eaabc13488L,0x87c183c3e1a0e06cL,0xdae2479844956b93L,
-        0xf300e1c648347f9aL,0x129be314974320a4L,0x1f466694520618f2L } },
-    /* 39 << 0 */
-    { { 0x7d894f80506e0e42L,0xd984244a8e3d2c46L,0x6d7edf642b7f006fL,
-        0x36a1cd6dde9b6230L,0xc9985040b76c0665L,0x587df4d6b89b1fc2L },
-      { 0x4c0638476a71ae7aL,0x7b2b0ab3e8294747L,0x345c553ab53153b8L,
-        0xb646e453436d9fe2L,0x1a95355f1cd60340L,0x2d7bc128074968fbL } },
-    /* 40 << 0 */
-    { { 0x6048c6949399c38aL,0x43a53ff21beb359eL,0x86fcfe4760be3ebcL,
-        0xae78bc3a3134216cL,0x3b021cf316d7a9adL,0x51c4b1b36a4d6e81L },
-      { 0x54b9cd8db593d816L,0x1df8cc84a69ea3a3L,0x98ff87f7370eb744L,
-        0x63a00a0a60e0aa2aL,0xdbb22c9ddeb46e6cL,0xdfd92b6da914bb01L } },
-    /* 41 << 0 */
-    { { 0xad148e87bca6d14cL,0x41dfd24d456a201eL,0x73a82933a80d68f3L,
-        0x89746c8d852ca035L,0xe3bc778895fd71aeL,0x8764cd2cda92245dL },
-      { 0xa2fe2c4782eb23e2L,0x5ac762e00f3c9d6eL,0x57860ce121646f31L,
-        0xbdc9d6c34f9f589aL,0x679952c7d193272eL,0x82ea702eeb18f1c5L } },
-    /* 42 << 0 */
-    { { 0x18ef56cd5d76b881L,0x31b22efc5df46c66L,0x4b21c4f3eb6c7e62L,
-        0x3fd72a308f234c86L,0xe983e169ffff96c7L,0x7438b4933c1e593cL },
-      { 0x863a23a3a553e8e3L,0x0d959ba9796d9129L,0x25d0caaeda1eadf4L,
-        0xe739fb61eaa67763L,0x50029568472a7175L,0xdb6829c2f002bb6eL } },
-    /* 43 << 0 */
-    { { 0x37fa935500846d44L,0x09112fc50578bc8cL,0xdad9f5b239c4943dL,
-        0x7314f5f0416dbd86L,0x5cf095a901fefb56L,0x35178bad22dab393L },
-      { 0xcf79fc1b36baf1a7L,0x1b7ee42d749e5498L,0xbce78aa9ede314bbL,
-        0xaaf8e0f6bd0628dfL,0xa974b09415cbf948L,0x8f3f1f63c9632b78L } },
-    /* 44 << 0 */
-    { { 0x1c5f0e5b36a400d3L,0xae97af8bf240b30aL,0x767b4ad7f8f99b51L,
-        0xd50a288981ea36c2L,0x04ce2a21986c5ce6L,0x9c7e7754a320d352L },
-      { 0xc3336331bbad8346L,0x7cc82a4df1698fb2L,0xc680176505c7ad6cL,
-        0x47678afb27dda8e5L,0xade6096d02e543aeL,0x5fb28e322a1dd73bL } },
-    /* 45 << 0 */
-    { { 0xd4c411564fddda5bL,0xd4af65c673ad9112L,0xffe8e0bb39eb8f59L,
-        0xb0040c0e8d6fcf13L,0x99e1c0c61f2bb599L,0x9c94c858b2ac3405L },
-      { 0x8f8878d76eeed85dL,0x62b2f54351fcca3fL,0xeb3b44a9e5b56918L,
-        0x16f96676b7234e93L,0x17477722bd2af19eL,0x42eb2979db83a485L } },
-    /* 46 << 0 */
-    { { 0xa618d7479fc4f435L,0x9f24fba649ddd10eL,0x60976b01b472d789L,
-        0x9266634957719f54L,0xd9c79db800541257L,0x374aa9069481ed0dL },
-      { 0x60efb1147fdc2d7aL,0xa1590c30ecf58643L,0xd7a198a4185a849cL,
-        0x19ab802314eb4ab9L,0xc82d5998ec090d06L,0xfc539eb3e259c7dbL } },
-    /* 47 << 0 */
-    { { 0x6f888f7df0c668caL,0x65c788785f0dc66cL,0xbfb185125f5b07a0L,
-        0x780abff7d878acd0L,0x504f21b1570cf950L,0xea5b37c5da233371L },
-      { 0x487ae8bd22437ed1L,0x9c701758249cf9b7L,0xf86562a898fb34ffL,
-        0xdfeea1a265e0fc91L,0xeef006912e20fc23L,0xac9dfec7dfa72a8bL } },
-    /* 48 << 0 */
-    { { 0x3ccf806ab35bf6cfL,0x2d368d48e7f30c2bL,0x4f504e06ea52bef9L,
-        0x40d01ff53a7d2f3cL,0x62e5c5d3e73a1bc9L,0x66e4794bae7d7400L },
-      { 0x3d30625e5ffef312L,0x4580609da766ddf1L,0x5c3ca10d04bab985L,
-        0x2605ca009da2a2caL,0x48eab00eb5c9462cL,0x271e42a12624a583L } },
-    /* 49 << 0 */
-    { { 0xfa5c3aef697136c6L,0x8ea5af63a5ea6fb8L,0xa669156542e365a4L,
-        0x47c56c115b6e3386L,0x1197832bcea03f56L,0x0b470bb250e4ea9eL },
-      { 0x3113c74313b25712L,0x8d6c174ed2497d48L,0xfc4486ee49c9ebe8L,
-        0x2487edd57f82bdd3L,0x771e64415b57be2fL,0x2d1cc518e28b2bdbL } },
-    /* 50 << 0 */
-    { { 0xa96763d2fba32d1fL,0x172cfe4ecb5af900L,0x510bd675cb2ec3f1L,
-        0xbeabb91ac3c90051L,0x9cbf755b46f97ac7L,0xa820e8303a5d50d1L },
-      { 0x83a9f17e308c4545L,0xdf7dc7053048461aL,0x6124642f0f32b151L,
-        0xc1b444139333e405L,0x6f7bfa7e13a4f7d6L,0x6f58fa8b7181c2a1L } },
-    /* 51 << 0 */
-    { { 0x2c4ccac72070ac8dL,0x1947c0caec4a22b8L,0xa5e0fb598c5a78d9L,
-        0x464ae8d241a84de7L,0x3dba16e9daaabc27L,0x16634a504f35cb3cL },
-      { 0xadc18bf9b16ec84fL,0x324d067e7359dd35L,0xdaeac0c3570543f0L,
-        0x0b2240003c887d36L,0xc69489e2373f1a0dL,0x518b047dcbaa0d97L } },
-    /* 52 << 0 */
-    { { 0x8f6468656f9201b9L,0x8a944b316b326232L,0x5687d1dca6ccfd35L,
-        0x0bedaa85e5377c00L,0x252b48f5cd8d7d77L,0x4b820d9b31d83660L },
-      { 0xa9e5af3ccae07f15L,0x0a8930fc1208b9faL,0x6d0a166ced3c3b7aL,
-        0x90e2aead7f78aaf8L,0x222465866e5ede76L,0xc5cc339dcba1fd4bL } },
-    /* 53 << 0 */
-    { { 0x3b1bddc6fbde49efL,0xdaed7c268a0915ccL,0x0b0110610f0422a2L,
-        0xcf485c74a7c54b16L,0x642ec4e615c3aae2L,0xa8ba8f10e0f383eaL },
-      { 0x2a2054b495618501L,0xebec6442089efa8bL,0x5786a19a4e2fa83eL,
-        0xd2c71ad139069963L,0xadc93d9a481765e2L,0xedf2e3eb7ecc9485L } },
-    /* 54 << 0 */
-    { { 0x11853add834e6c54L,0xab2f15202175fbf4L,0xcff00bd23c9b5a41L,
-        0x075134ebabd64a6aL,0x48c075daaadd6150L,0x4576a6497cb89442L },
-      { 0x340a767034adeda3L,0x8dbb571c77fcd1f4L,0x0bf879d693b44ea6L,
-        0x1ae1dd97d13444bbL,0x6e9e86bb7b1eb77aL,0x420eb673906a2949L } },
-    /* 55 << 0 */
-    { { 0xbcab5f60069f3367L,0xfd6622bc1718ec3cL,0xa4fb7867e3a142d6L,
-        0x6078d8bf085faeb3L,0xfa5cbfda60f4554fL,0xb3fcd5d1690cd408L },
-      { 0x4ebdee7d281f7884L,0x82af23aa180a63a7L,0x8de3107c3d079f61L,
-        0x17c6b5cbbe2334f8L,0x6a91e73997d0fa06L,0x7460257314ceeed4L } },
-    /* 56 << 0 */
-    { { 0x483350a5ebb8cdadL,0xd4215b4fc7a8baa1L,0x8b6fc785e692fdd2L,
-        0x2629ba4fd1deca25L,0xe9981ea6820da79fL,0x7772a913e6436cc1L },
-      { 0xd141235c553fb41dL,0x28179e6cc852f64bL,0xb623a1aeeb8cc21cL,
-        0x05826192490bb572L,0x56fefff326f349ceL,0x31ff648e0f88b82dL } },
-    /* 57 << 0 */
-    { { 0xb14ba61cf97f865cL,0x73bae4c1694b8b0dL,0xa14967dfac4bbf62L,
-        0x1e9dd1509bf446e0L,0xc052f3eb1c99ceefL,0x814d7fa07a78c189L },
-      { 0xa101a483ab74b05dL,0x7788c258a1737b65L,0x0d60bab7e809a13cL,
-        0x8f427bc473c81d5bL,0xd2e130552952c1fcL,0x0a823b9a4b26df63L } },
-    /* 58 << 0 */
-    { { 0x941c5c257d0be180L,0x341cf9d9c46785afL,0xdab9dc0015b0fa13L,
-        0xa58db4ea4f96af4fL,0x9e9520bf57acc87aL,0x104cec0666ac72e0L },
-      { 0x9f3f7baa1929e675L,0xb8b4ac9ffa80380aL,0xb5f157aa569b57d8L,
-        0xe11699e909fa58a1L,0xc08595e35548fbeaL,0x2b51995f794da901L } },
-    /* 59 << 0 */
-    { { 0xaf467ce227bf64c9L,0xdfca6897f929974cL,0x64473b595c322738L,
-        0x96a917cf1ed0e315L,0x3703435b0de64db9L,0x9ba039679267b646L },
-      { 0xdf0c2aae3a522fbeL,0x41bdb741b335eff0L,0xaccf2edd7b059703L,
-        0x6fb34b3028463cceL,0x96d9ba0bd9e3ca19L,0xff336f12504655c1L } },
-    /* 60 << 0 */
-    { { 0xc711d5d1c425543eL,0xa61fada6fb4f60e8L,0x0402d5c4eb809f85L,
-        0x84b7c2fed74cccd4L,0x61bba736a55b5277L,0x95bb80cece47968cL },
-      { 0x09f92adc16eb7b95L,0xf0e0f4f7e682aa29L,0xacd70b86ad2a20fcL,
-        0xbb45a51f948a8375L,0x29fc3b284892e676L,0x8dd21bf0b4ea4f51L } },
-    /* 61 << 0 */
-    { { 0x48da1fd3fc60a6e0L,0x54fb5a34222241e8L,0x6035e34f772ae080L,
-        0x5ff77ff2332982d0L,0x2366467300fe51fdL,0xc93ea049ef6ba006L },
-      { 0x6640f1177d381266L,0x394d32cd6ae9f4acL,0xe6a7885370d303ebL,
-        0x0dda19ffe5275767L,0xb0a6c77201466d23L,0xc4cc11451fc69829L } },
-    /* 62 << 0 */
-    { { 0x49a04dc0f5acf772L,0x1e659730c1fb476eL,0x0c7d749907dbb9afL,
-        0x03b9f1cebfec21daL,0xd194b7054b14d117L,0xcb4c0a54561fedf2L },
-      { 0xaf623d3f21da4d42L,0x5f5e9b1fd630c145L,0x65609e59d9ff0abaL,
-        0x3d2508922ba9239bL,0xcac324ec82c4faa7L,0x0902cc23149446b8L } },
-    /* 63 << 0 */
-    { { 0xc5c0e6d7aaed89c0L,0x6ce8ead6149a1896L,0x7a50f7458c949f8fL,
-        0xcd7e35f76e2b71aaL,0xf6159e519a049f7aL,0x1c9bf0b0f1e52d1eL },
-      { 0x3bb6c1f518202c80L,0x8d3a5f621ecd7b1aL,0x3bb034e888d17f19L,
-        0xdc89bd4997d4048dL,0xf5af7b8e3735df22L,0x52bb3712a0a689e8L } },
-    /* 64 << 0 */
-    { { 0xed4de4f88e89b258L,0x957c980f297a9a37L,0xe04b3d30f8a0580dL,
-        0xa309199dca57b7bdL,0xfc8e87cf3be44d56L,0x4f5d5ab6d1b30e5cL },
-      { 0xb213c6a030a9325bL,0x0fd1c52df091bc01L,0xfe51bbbf1090fedeL,
-        0x6d97cabc301fe259L,0x3ee127895ecd3fe8L,0x888b708b9404ca51L } },
-    /* 0 << 7 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 7 */
-    { { 0xe484fd9f8258030fL,0x0f4fa5eff21af80aL,0xc0dd449e7c1c3984L,
-        0xf313389118eb5195L,0x0336aab8777a16d2L,0xa6661cc4c241720aL },
-      { 0x678db970a7efacd0L,0x228968656461e382L,0x5d85a0e4a022c7a4L,
-        0xb01f1e0434a02a6bL,0x2657eedda5791ce3L,0x239dcab2a277ac5bL } },
-    /* 2 << 7 */
-    { { 0x9a7a5b426ae54da1L,0xcfcadaab7040b022L,0x7539438e3d9f0e61L,
-        0x013c6719e328c2e2L,0x7f4a706ccccbf891L,0xa335ab82735a2d28L },
-      { 0x46694ef03d984124L,0x0e0bdfabc166b337L,0x9d54ed8b423d47e4L,
-        0x8075a8cbf44c9180L,0xd4f5b184abe9b384L,0x424dd00b41abdc75L } },
-    /* 3 << 7 */
-    { { 0x99a710b1400f1d87L,0xec3ca386ee47be8bL,0x3a00dcad37168feeL,
-        0x1a69d6741765a0dfL,0x85233afe917c4909L,0xa3aa97a4e9bd6210L },
-      { 0x01010526310885f3L,0x21c5de3fb5007b08L,0x5df0c6efee8ddabdL,
-        0x5d17d45a0f6dfdefL,0xb73d831a251c9f79L,0x397779e6cb1df19dL } },
-    /* 4 << 7 */
-    { { 0x5e2cb07fd7801edfL,0xf9fa2c0b3adc065aL,0xa296c53fd4de1f25L,
-        0xd408060c838f7169L,0x68e19d7b2e8a6ce7L,0x2cc6e06c94b58671L },
-      { 0x93d02a07c1cb6151L,0xa10fb4cf35003126L,0x6aa069f51aa3bc4eL,
-        0x0e44fbf0dd09b142L,0xe264f343832e5945L,0x5dca2adc1fc166acL } },
-    /* 5 << 7 */
-    { { 0x5f63e391d7afb4c6L,0x85208bcd2bcb4a76L,0x10022d53c3da8fd7L,
-        0x607538c007e50047L,0xdbdb0e7212793242L,0x8e6b9f6135eb668fL },
-      { 0xbe5632887e1da455L,0x5e73e1a06e544e82L,0x0c28a5d29a2da4deL,
-        0x62b30a8822326300L,0x470764f16013086eL,0xcbe2c34cd3ef5fbbL } },
-    /* 6 << 7 */
-    { { 0x9ee4f522b0f6c604L,0x5b8a689d52736e58L,0x0d5f396db7edb07cL,
-        0x09b3457c2e829063L,0xf1d28188f83495daL,0xba2511e6cce559b8L },
-      { 0x17cbaf57d8f90669L,0x3ba19a1c514eacf0L,0x298208995145b8fdL,
-        0x92cb5da81a33b1a7L,0xca49fe334c5149e9L,0x5c499b661772b4c0L } },
-    /* 7 << 7 */
-    { { 0xb98266b132508180L,0xf5008b926719d49dL,0x50c513f98069ffe6L,
-        0x99ceb828a7c6f38eL,0x375b8a8225e2a436L,0xb8197f6c416c073dL },
-      { 0x01663a25eadf09ddL,0xfa2ca1571d7ff230L,0xf3b65b2545284aa4L,
-        0x144dbefe648bd565L,0x6095ed8ab4c24e35L,0xe1f1fa3696ff2020L } },
-    /* 8 << 7 */
-    { { 0x56ad7582a0eb176aL,0x085b5a366e19aa00L,0x85f2c6ffe2c8b036L,
-        0x55c6d357fcd7336bL,0xb1ecc56d22a46acdL,0x8e0f976736277ac7L },
-      { 0xa4ed11e901878921L,0xd38355667f4fb650L,0x5fdaba45266158aaL,
-        0x6f0b27fd89e0dff0L,0x32ef7ae2eb6b02d0L,0x2f145871cc1b46e1L } },
-    /* 9 << 7 */
-    { { 0xc7698dfd4b449cfeL,0x78aacb7bd1517720L,0xaf0f6ef574cd5f32L,
-        0x026f1826f17954e3L,0x33ef67ab2453185bL,0x82f0fcc90a420c0fL },
-      { 0x5b444b3645f154b1L,0xb27c4ece70d17f90L,0x6417e0d039282194L,
-        0xebfb5fa001aa4f4fL,0x9cc5d0b573932754L,0xe8b56699704ffd85L } },
-    /* 10 << 7 */
-    { { 0xc112733b9d4075dcL,0x349281c187737549L,0xbb7d8e0181009785L,
-        0x7640a3e2bfe16c4fL,0x4e34813ec1d9f810L,0x61985fbc8d2605d7L },
-      { 0x2a544cd8e3f66442L,0x48879af56a7c9e94L,0x9e6157bacec18a7eL,
-        0xa555fc9511b882d6L,0x4305a4dd04f86563L,0xc58ed7631d0fd96eL } },
-    /* 11 << 7 */
-    { { 0xaaeec0f9b726e2edL,0x243ba6614493d146L,0xd799c3408980a9fbL,
-        0x886e4f44ed060f57L,0x52126b82c1f83f6eL,0x8b4978441df301ceL },
-      { 0xeb2a98abcdc4e434L,0x87dec119474e2c77L,0xcbbc613092eb1528L,
-        0xb0b0bcf7c454f37eL,0x404d97a7e1a919d3L,0x26d1baa825e62c30L } },
-    /* 12 << 7 */
-    { { 0xf04145e82d2696b3L,0xaffb66acf4fb2928L,0x9ffcba4e12aa299fL,
-        0xcc5ec24991b3b517L,0x9edcd4616f81c747L,0x0a96090a77a883ebL },
-      { 0x9b0bab58a2aa4badL,0x76359a5e8f9b84e7L,0xfe8cd81e438a9d43L,
-        0xf40e2b5e25ca8b3cL,0x4254030067bc720cL,0x883002a46b2446a3L } },
-    /* 13 << 7 */
-    { { 0x4b43bd3206c3aa7bL,0x83ca2db60a470b08L,0x07c1036c06f22f37L,
-        0x312e04d7bbb46ed2L,0x6a1d70a40193e5f6L,0xc69720e8ba8a3f38L },
-      { 0x2c003429468a04b1L,0x885c43bfbc83fe25L,0x65a65259393e00e8L,
-        0x7154c7ac2af17741L,0x682224d331dda744L,0x6183dd8bc80b57f5L } },
-    /* 14 << 7 */
-    { { 0x80e1cd16c496089aL,0x7a59f4c06ec2000fL,0x67a019d509ddce06L,
-        0x52573e3e70c4b032L,0x16d253e14d3ba57eL,0xa43c6d42162504f7L },
-      { 0xa237bbf952ff95e4L,0x81187e659acb7273L,0x4b13531a1f384daeL,
-        0x39067f3398125165L,0xe98fb141672dccc1L,0x594baca0a75e27b5L } },
-    /* 15 << 7 */
-    { { 0x85e12293c205465bL,0x57bbcfb1b71cbe44L,0x201ed45c1bc85881L,
-        0xccbc39d5ccbe7dacL,0xc509b77f9277f310L,0x171b603aca1b70efL },
-      { 0x9b99605504d2dbbeL,0x986d6323451c918dL,0x75ad922f63c6fb03L,
-        0x69e2cca49630182fL,0x1389a2b7f7b34d1fL,0xa66a80323d4f7c7fL } },
-    /* 16 << 7 */
-    { { 0xe65245cef6e9f82cL,0x9e234dfff6da7b5aL,0x5677c121bad2c806L,
-        0xc52dec32060fcf24L,0x78d070675d78cccaL,0x630002ea1bc8b6fbL },
-      { 0xc5cb86beeb2e99aeL,0xf13981e78551d16fL,0xfbb7cdf2c92a70d7L,
-        0x5a9ff1f1f53cd2a1L,0xfdbe6b7a984f1139L,0x4403d046a470a9f1L } },
-    /* 17 << 7 */
-    { { 0xdf8c9325efcc63faL,0xe0d35cd966563147L,0x140b9a8bc144d7b9L,
-        0x492bfbd70c17c75fL,0x3cbc2b644c5c4d8bL,0xfecfaf47ff8a3328L },
-      { 0xaf341aa179b8c3d5L,0x5e72713ff04f29e6L,0x652219fb9f5b6fb6L,
-        0x9deeba3f0764460fL,0xb8c2bfa5fa069d0fL,0x5d3e6fefe57be3e2L } },
-    /* 18 << 7 */
-    { { 0x52c9b94decd84cacL,0x34c2d0ad446dc59bL,0x5563701d951878ceL,
-        0x92e2fc1c843c9b1cL,0x2309a5f13dfc7a98L,0xdaf117dc0c57a156L },
-      { 0x5739190d359fb843L,0xd433e9bb4b88e3a8L,0x4d6bb0e2c47a1f45L,
-        0x511eaa33d7b59627L,0x42ef82c5e389e532L,0x641a0bdcd75f4c08L } },
-    /* 19 << 7 */
-    { { 0x3ae32dbdc7e30cc3L,0x0c970135af5d0ea3L,0x8fc38e50bd9a0528L,
-        0xdb0506791bfa634aL,0xf3514fbd245cb0dcL,0x3a3c8c6982319ddeL },
-      { 0x92136baf6426632fL,0xabc3e24aabdd5641L,0x8ccae1429cc004baL,
-        0x6c9834d8b3ee0d66L,0xa807ab63e1f7e8d7L,0xb4598e2a220aea7cL } },
-    /* 20 << 7 */
-    { { 0x19821469d678d1a3L,0xf9fa42e60df2f58dL,0x1177daf49f284ba0L,
-        0x6dd2ad3d2a201dafL,0x667b0e383d427075L,0x39b76d1d4212b65aL },
-      { 0xc6720ae0bf3612fcL,0x72559d98775f8137L,0x466e8e4476c48a09L,
-        0xa05f8eb07fb5428aL,0x7fa1fbce5e36b7d3L,0x13bab84f8d1fdcd1L } },
-    /* 21 << 7 */
-    { { 0xf1876140ed6f3524L,0x47171ee5cb94b2adL,0x56d836abcb8de844L,
-        0x346e80890d3b4271L,0x0110df1fdabf6a02L,0x6850fba1f571cb92L },
-      { 0x490cd9af6209f064L,0x41f32d5f1cf5636cL,0x558bb7ddc328f9dcL,
-        0x44abd0b9d32e3e4dL,0x2c42a5607fc2ff0eL,0x8b1dc5e12c9931f5L } },
-    /* 22 << 7 */
-    { { 0x6a35f6efdca1ce69L,0x04216d3184de3658L,0x3c3010df732f31b1L,
-        0xe4421a872c1444b8L,0x17c987a3c59c1ccbL,0xd67159dba297df1bL },
-      { 0xd13aa7a0bc96041dL,0x686d7b77f44c3d8fL,0x6c2e505f09b2b933L,
-        0x8c04eb8256161b34L,0x61785cb4b344bec6L,0x60b4d06cbf8b0b45L } },
-    /* 23 << 7 */
-    { { 0xe5b055481883c1bcL,0xd5bc37684597b8afL,0xa71ae49adb2fae11L,
-        0xc1ac1b3e050327f0L,0xd990b2a668f3cb1aL,0x566e5175b74a3228L },
-      { 0x348d382957909fe3L,0xe849dd8dd03c2374L,0x4f31a278150fb5b4L,
-        0xbfe265cf168c0798L,0x2737c156ce6a34beL,0x4478d6ae4aa6b73fL } },
-    /* 24 << 7 */
-    { { 0xb5b16cd48d040c69L,0xfdaba315f95a2dc4L,0xc9fef34961ce4704L,
-        0x5fe87a0ddbb53ed6L,0x3f0ccc7973d70f93L,0x4601d1bc46724a1aL },
-      { 0x5c4a15ae24f08565L,0x5eda1e8aaa577320L,0xe31ebb35bb32d307L,
-        0xcdc6f13bdc770a0eL,0xbe3ae514c434c2f8L,0x57c7fdf63a0ef0d1L } },
-    /* 25 << 7 */
-    { { 0x85165ea2d71c01a5L,0x3935171c99a29e59L,0x2aa1b5837d326190L,
-        0xb1d702f8e79f3959L,0x94100c65c6ddffd0L,0xd1d56d626a9c54c6L },
-      { 0x5c93b4cf7ce12b66L,0xfc28574bb32a90caL,0xcd654a96e755969cL,
-        0xa06f436cd1bec664L,0x9b27c110ffb6f3e6L,0x529b77d317b476c4L } },
-    /* 26 << 7 */
-    { { 0x04c3d9e162ccecd4L,0x6050bc1221cb59a1L,0xb33847543cbb7e07L,
-        0xef2201ac4cf1be50L,0x99c3dda42d2ac886L,0xad19cb0ab776eff3L },
-      { 0xd326dd7f5a3d9036L,0x9fe56af2e5b27667L,0x3d849fc072cea4d1L,
-        0x262a0cbcd6aa9e3cL,0x8286211885401b09L,0x8ec71d4b98fe8047L } },
-    /* 27 << 7 */
-    { { 0x9b769cc43c6b2de7L,0x433d4c26acb13b6dL,0x52878f517530ef4fL,
-        0xd0e7ce94b0c5354aL,0x5b094d461d92dbc1L,0x75f681449e4ffb31L },
-      { 0xb9b9e97351b9d1e1L,0xc147ba4698661569L,0x2a06f4cb7a239309L,
-        0xd5cb5ad420928958L,0xbde0283bd5bdf5c6L,0xb91664a082e43c18L } },
-    /* 28 << 7 */
-    { { 0x8fc0cfa6e51d078aL,0x431d9dd5744ca779L,0x37a4f3120e96e887L,
-        0x9c3624fa03ea5144L,0x47d5ecda0b1127f4L,0x018ad424807cf96dL },
-      { 0x58ba530f586b16b9L,0xec7271ed72f47883L,0x8d2918da0281ac88L,
-        0x6d0f14ef002330c9L,0x1a90a01591dc35caL,0xeb8e71e9c81607dcL } },
-    /* 29 << 7 */
-    { { 0x2eab9c5ee6d01fd3L,0xe030e6d23fa77f57L,0xff41311877edc0e9L,
-        0x7817766bb47ca351L,0x70c987e36cb15abaL,0xc3c867ace19c5aa4L },
-      { 0xc24ec23ea05c3810L,0x3965a165c4f0f350L,0x52af99cf7c0d8e5bL,
-        0x2d95d23c106e0b12L,0x27507b297f6d44d3L,0x33da846858b191f9L } },
-    /* 30 << 7 */
-    { { 0x8e5785629aa664e0L,0xf3a1cfc329a97c9bL,0x91ce3b404037bd09L,
-        0x34c447b07f9f2482L,0xebe360164010c2a6L,0x7b8b9b3afdc0a861L },
-      { 0x0e60c49199c4ff9fL,0xf1cf53b1053e703bL,0xabeae550dd974a16L,
-        0x28ac5a34994ea50eL,0x9384617d27329793L,0xd04db83ddad0aec7L } },
-    /* 31 << 7 */
-    { { 0xcb0ec2bd4b1537bcL,0xd0de683cbac6569bL,0x0688dbee5c96afb7L,
-        0x7c7d192f3324ab6fL,0x1455b1e6165fe655L,0x32d135a1ccfe9e1cL },
-      { 0x05a80a2af9e1a86fL,0xdc946c70479c71f1L,0xf8b9ad985aaa0ff3L,
-        0x78cf198ef195bbceL,0xadbc082dfcee6b59L,0xe6e1fa844cd19e25L } },
-    /* 32 << 7 */
-    { { 0xeb06571c0f547ebaL,0xf292c38d6246c0dcL,0xa185966726eed224L,
-        0x8d9e56e46100e387L,0x470506b9dc6298d1L,0xb19e084cf3350ad0L },
-      { 0x83eb62a812abd898L,0x70f152cc2222342cL,0xb089e880e1bd4a82L,
-        0xd4d1e70fcaf3b3fcL,0xd0b1ec6395ffd65cL,0x79f27f3a9b184ebbL } },
-    /* 33 << 7 */
-    { { 0xb4a7435231a3e816L,0xba8a0af2fd4ada3aL,0x1622289dd8fed2e4L,
-        0xb71e579e31d3745cL,0xb090650704a50576L,0xc98b5f20123f900fL },
-      { 0x3799ee82d3587b21L,0xafdd6dc79d9abe55L,0x4053ee2aba64b9d7L,
-        0xa816246657b3f258L,0xd9b5c4c4690b1169L,0x32c1d3afd091d158L } },
-    /* 34 << 7 */
-    { { 0xff5a9c58de97d0d7L,0xec086138feede4acL,0x55b14035ebf47cecL,
-        0xc0b3e061c619fe18L,0x5644c092ead4ebe9L,0xa1a4f7a41e5e0a61L },
-      { 0x8698da06d179219cL,0x86f560bc3f88f732L,0x6ad10b3f1e34a23dL,
-        0xd4326bb71307ede6L,0xc93cd2a19b3045adL,0x5a0b733dd8a5160aL } },
-    /* 35 << 7 */
-    { { 0x68ef87cdeaedf10dL,0x5ce97a07bed10cb6L,0x9b8dbd896ed762c1L,
-        0x1a72b05333c1dcd8L,0x6718eff90f97cfa6L,0x02f886e57dda698bL },
-      { 0x9db378a8c724f4c7L,0x5b55b8383fa6548aL,0x9935a70ecb24bdf9L,
-        0xf5da6936e9de8ae0L,0x3b3a10a79b0c4bcfL,0xe4e6a6e86361c492L } },
-    /* 36 << 7 */
-    { { 0xb37fc581c634a8f8L,0x06f06c93de1d01acL,0x0f2dac8452fed4ccL,
-        0x1673c81bda53f81fL,0x963e500e61e11c94L,0xe86ff87e2144d55fL },
-      { 0x343ddf389bbaec76L,0x16a13527806df1edL,0x1361b5ac0a9edd65L,
-        0xf20507fe33c0124fL,0xdf64ec1e4e8e0d18L,0x3f6a42e27860a8f2L } },
-    /* 37 << 7 */
-    { { 0xe6db1c43d38266a7L,0x55bee1a3adec0d4dL,0xe41c403ed56d2f9dL,
-        0x5fb703f24d3cd93cL,0x4d7ae8c53d2a7ccaL,0x65c8ac50ffa5fff2L },
-      { 0x128814ec264dfa80L,0x08d1372ea642513fL,0xfc5ea1615343a57bL,
-        0xc70a6f2f9a2f3f3cL,0xfe61c499df4963f1L,0x2b711eee5cea1508L } },
-    /* 38 << 7 */
-    { { 0xfc3e9fb252f9a4f3L,0x8bbeeff32180cd36L,0x274312dbd6438c99L,
-        0xbd30984a55612a57L,0x344006d609381db3L,0xd9b696f62bcac509L },
-      { 0x481e4ea3bef646d0L,0x213033d430561b68L,0xf46bf9a05453f623L,
-        0x2af3c4a46d848d97L,0xc35e55a543efa02eL,0x8da254342462874dL } },
-    /* 39 << 7 */
-    { { 0x1f7fda656a12b927L,0xf628cfac876b9303L,0x1904a0b5d0d0d0b2L,
-        0x46d486f6f2894b1dL,0xd35cb5610d243bfeL,0xe759579b851a568eL },
-      { 0xb99572e2c1aeda5cL,0x872e16fb1c54cd1eL,0xf5ec9e42a60fdc40L,
-        0x59b03a6201a4b019L,0x9c5e7f87e272e064L,0x6240282f24c918a2L } },
-    /* 40 << 7 */
-    { { 0xc2467f9ab92a9a13L,0x0c3ee8eb6add349aL,0x59250eda45e99644L,
-        0x22ce0635c8a2df27L,0xec7b643e312e8698L,0x334ccf2eaebd1587L },
-      { 0x0c1c68736bca2900L,0x00beb4c209826cb1L,0x12dbb586cde6b725L,
-        0x8d7cee6c66dfed41L,0xc38deba2014de4c8L,0xa3ba6ec76248442dL } },
-    /* 41 << 7 */
-    { { 0x870be3ebef38abf3L,0x6e0cf541f74dc605L,0x499976bcda4bc168L,
-        0x5513c6122548b3b8L,0x5b9a054c3f647360L,0xa47f9f8bde929154L },
-      { 0xa2ae9ccbb8ec35b4L,0x934c5c0a4d9857e3L,0xc9dd66cc4b4f01ffL,
-        0x42a1afa2e5b5e147L,0xc284e464f3d9b380L,0x67845404e21bbe63L } },
-    /* 42 << 7 */
-    { { 0x9ec1ed3342ec772dL,0xa77e1ecf5501609bL,0xb059e214a02906f8L,
-        0x35b2ebceb28e4d14L,0xb8453ec22cf036eaL,0xe621234b2518fe75L },
-      { 0x079d7d11f03cd158L,0x357492f91b2f011aL,0x3c2186da0661992aL,
-        0x7adc1c0fe5df978aL,0x88d329db5300cdccL,0xd915c2444c0d644dL } },
-    /* 43 << 7 */
-    { { 0x1b9797a8f0ff03f6L,0x00dafe43f41c9284L,0x1e565c33f2bdc817L,
-        0x63b77ad9784b1a5dL,0x3304540e74aa6079L,0x630524f3d7181d2bL },
-      { 0xb4fe5fcca2804658L,0x1e48e50b9e393a6eL,0xb5bccd49397a94a5L,
-        0x95394743eef17accL,0x4d67ba5226dd1687L,0x80965c3432349d9fL } },
-    /* 44 << 7 */
-    { { 0x1d70669e49f1216eL,0x8645472fa5fca474L,0x9242e8ddfc400357L,
-        0xe7ac31548623996fL,0x37b9e68ce61aecb5L,0x7d2e10fdb997e4c9L },
-      { 0xc0cb59a6c2086dc9L,0xb38e2032d7952172L,0x78eaecf6eebac939L,
-        0xece490b42f5dbaaeL,0xdb17501dcdc32565L,0x59bd392ab133bf99L } },
-    /* 45 << 7 */
-    { { 0x71554fae07de21a7L,0x3dd66b8bcc42db25L,0x9da85c0f0636e9a4L,
-        0x61fef273904930d8L,0xcc8f527b73369e81L,0x4207dfab7caeacd8L },
-      { 0x99e5d1404fc763d7L,0x5cc6a3739f4e8947L,0x9ef14ec1cde33eaeL,
-        0x25eb3aa8095872d2L,0x0db8268d7d9e6dd9L,0x38846510c2ccfe92L } },
-    /* 46 << 7 */
-    { { 0xce6197e822d0a502L,0x69df7f8e09d45970L,0x0274f48b7eb4718dL,
-        0x47461334a8c22b75L,0x89cebf17bf25b9abL,0x57c042f6fdfea412L },
-      { 0xb19c338644346b96L,0xdba17de06ba014c4L,0x6697687a5f844d69L,
-        0xf16dee4c1a66c6faL,0x7f916e47fdafd0d7L,0x1c3842d2340f158cL } },
-    /* 47 << 7 */
-    { { 0x417c9ab760efab2aL,0x1745d5c2f0065f75L,0x1a7d86f2ed71b350L,
-        0x6d4d504feee5c850L,0x4ae7ee0da657b859L,0x1f72ded53c302a3fL },
-      { 0x08779fdae7b22e51L,0xb04c1c0446d90bfdL,0x4dc97219712f96d0L,
-        0xb15e8c0041a6be82L,0x384a02cca3804090L,0xcea45861babd1ee5L } },
-    /* 48 << 7 */
-    { { 0x3c686079d42aeb95L,0xc162e5e985e3ea0fL,0x34cf58611bbb2455L,
-        0x7650de1d8773b064L,0x3b7562c6d2bab35dL,0x83191b4433d0741bL },
-      { 0x4b604db03a6bd9cfL,0x87cd84db074aed21L,0x02a042d2d4f91f9cL,
-        0x5a5d52e5e42c2a67L,0x31291acd1d5f216aL,0x9c3971bccd6203c8L } },
-    /* 49 << 7 */
-    { { 0xec931d6599e9ec3fL,0xe9d780c64bd554d9L,0xa580534502eca45cL,
-        0x84701f1ac1276ca3L,0xcb7ba786d5f9438bL,0xf3a27508c85f663aL },
-      { 0x044df512118c9421L,0x1109fd431039871bL,0x7865443de2378386L,
-        0x7a5e2d49e70297abL,0x112763ca6824d2b3L,0x8a05f2c90e84bba5L } },
-    /* 50 << 7 */
-    { { 0xde3bfdebff044924L,0xd7f2a5181a0458f9L,0xc03df0c00139d557L,
-        0x7a958c60cd3ad0d4L,0xec9f2f9759a43584L,0x5e0fbba950d8b4b6L },
-      { 0x5fbc5e3888245837L,0x17235805a267a54aL,0xdc24a508db55d65bL,
-        0x431e4d5623c704d1L,0xb1f85b2277585f9cL,0xb288f25ed0b1c374L } },
-    /* 51 << 7 */
-    { { 0xd8fd5b405a37c029L,0x5c9d827fe4d37effL,0xe024d7952e046275L,
-        0x0661277f913c55c6L,0x21ee10eb904b3679L,0x32c582e066778adfL },
-      { 0xc353ab1fba8d17daL,0x1d4ab06b5658ea17L,0xb908cb88a2d70bb4L,
-        0xfc215909a98daaebL,0x7aea6c8777000e24L,0x19e0acbe38446e20L } },
-    /* 52 << 7 */
-    { { 0x1bc3803e2f98532bL,0x39d0c3258754d142L,0xa7b035c5d739eaefL,
-        0xd36ddeb8fbfdea2dL,0x7df72a94bdf64f2aL,0xab4ad6b880bc3c47L },
-      { 0xdf386df3877fa482L,0x4b94260470519bc3L,0xa3399d91d20e1e04L,
-        0x7f5208b797cf58ccL,0x528f6a2814424c00L,0x83d74730bd900d10L } },
-    /* 53 << 7 */
-    { { 0x501c657f34ded7f1L,0x9071027e12fa53bbL,0x395e16aedff079ccL,
-        0xea95dc84770ac4b2L,0x4d2aa60a41355974L,0xe04effa507f12473L },
-      { 0x38ca98385cd1c738L,0x3c067a0b683c0dbaL,0x55ad2dec67589842L,
-        0xe51550f7dfdae3c8L,0x21a56717214d51aeL,0x75b6a4a012a0fdcdL } },
-    /* 54 << 7 */
-    { { 0xd63605266a4ea95bL,0x180f72d403e67090L,0x7faf4529751c8c9fL,
-        0x1ab7b50d00e4252aL,0xc0e69adf34811274L,0x5c4c83495e99c6ccL },
-      { 0xcc9467f29a9e02a9L,0x5402c2da5c4fc719L,0x1dff8c5d3f6d5bddL,
-        0x88a7d27a2c653c3cL,0x067f31183a050dc7L,0xca0f7dafc4f0236eL } },
-    /* 55 << 7 */
-    { { 0xa09306e9ca177c3bL,0xea84f03ed0552a4dL,0x7ae9024f3c00d359L,
-        0xe189ebc33aa619faL,0x4adeefac8354579bL,0x90168ef9699db1ebL },
-      { 0x75319141ad87490aL,0x7b48fe7629c1bf84L,0x00ae82c7a2235f2aL,
-        0x6292c9cf68562b59L,0x0b6500943935ca20L,0x39f22cb027f33addL } },
-    /* 56 << 7 */
-    { { 0x92e4c851aa1ef488L,0x4f91fc22846528a9L,0xaa2f5d2d5dc13a84L,
-        0xba06aa68f1072d4dL,0xf4f3b17c5e3a2ba9L,0xff36a5355e4dde77L },
-      { 0xe8ef143aae17dddcL,0xcc82631ba1fcd4ecL,0x97db807ec7d3963bL,
-        0xe4aff04521d85ce2L,0x2d6480e674667392L,0xc8ce97f3a55d0b3fL } },
-    /* 57 << 7 */
-    { { 0x1a32b8457962a675L,0xd78efd71723d217dL,0x9b03d6573b41a2c5L,
-        0x1116f33589a380b1L,0x2c0359af931ee15bL,0x8a53744f239ba4c4L },
-      { 0x4801397dc78cdc83L,0xc43b9f0434ae4453L,0x9cc8f6cec356a35bL,
-        0xd5a74c2a648b39e6L,0xa54d668c0d5e78fbL,0x36257047cfcb8f6aL } },
-    /* 58 << 7 */
-    { { 0xabeef3461549c215L,0xfec59db2ce4aee45L,0xa1743a0f5305df83L,
-        0x9d598abdf211bacfL,0xd14609dd52a513fdL,0xd3dc446be00d4ad0L },
-      { 0xbd8883e9b272211aL,0xe991e57757879fd6L,0x5a093d372b732171L,
-        0xdd901071f55f18dbL,0x87f04c0034fecfd1L,0x2c07df27c94f6a5bL } },
-    /* 59 << 7 */
-    { { 0x518e3ced1c17df0cL,0xf8971149ff5dbc4eL,0x5fec8bfe0ac9d27cL,
-        0x41d68852489eed7dL,0xf48ef4bf3c3c4725L,0x3b8d9eee7681eceaL },
-      { 0x7743ededdaae4bdcL,0xb9665ef5d1bcf697L,0x9d77f535471bb958L,
-        0xb5db5b96d752b2ddL,0x2cd3c919c368982dL,0xf8297660e9cff6d7L } },
-    /* 60 << 7 */
-    { { 0x39e7da1028946a2eL,0x4e628a96c3a76f7cL,0x43b8b808e9f6000aL,
-        0x86cbd25ca48bbb79L,0x5ce825e273092951L,0x43a6031df0cbee32L },
-      { 0x6d685a594923485dL,0x8d4483ed81a17f47L,0xf61d329bbc379719L,
-        0x9deef7d0f6596ee8L,0x0314a572541b1222L,0xe2b34d387ea7d376L } },
-    /* 61 << 7 */
-    { { 0x05ff6faa31f43d37L,0xfb83f23211b801f6L,0x238792d519b223a4L,
-        0x28edadcce004f601L,0xf77747b3bdeb7597L,0x2178dbe21e6575d4L },
-      { 0xd48ec49842870ba2L,0x7733661d15dca6dfL,0x08212e2f83393416L,
-        0xffa1bfe2614c545cL,0xfaf4ab8494254145L,0xd8f9eb48000d250cL } },
-    /* 62 << 7 */
-    { { 0x9ff4f289a66132a2L,0xc54fb8001e098994L,0x09d3cd6624cc2471L,
-        0x6d0f74167838e14bL,0x7438cd2dc540cbdaL,0x193b16817d6fa8b4L },
-      { 0x487a7dedab33c6f3L,0x625eb8cf02f5aa09L,0xd8039682501323bdL,
-        0x9de122e38e216951L,0x40a8fbde0711c51aL,0xf192b5c283a474c3L } },
-    /* 63 << 7 */
-    { { 0x3782cbda57e04e9cL,0xec639886e41b30dfL,0x4cd14afd12d2f686L,
-        0x0aa093ee8b768113L,0x6cfc12cdad598f9dL,0xe4a62f1194bcce0fL },
-      { 0xd5035fab150ad4f2L,0xb3cd4871ae2e8da4L,0x49c9e78271ad9c3dL,
-        0xdcafeb34825690cdL,0xc05fb7a38c246f85L,0xefe16be3a82cc013L } },
-    /* 64 << 7 */
-    { { 0xd42777314c14ee0eL,0xda8146d15e881c3fL,0x6b0746b099f1867cL,
-        0x1ec73d72602dd4ccL,0x27fae51538081120L,0x6a677bdc2f8b2f2dL },
-      { 0xb924af64d60544e9L,0x1439e183dcfc6b16L,0x4e88e9ae068565acL,
-        0x8a3dbd25a9a4f146L,0xdb4a3e483f93f734L,0xb1971c058f1d33bcL } },
-    /* 0 << 14 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 14 */
-    { { 0x721bb8363a7f43c3L,0xab5b3108c12dca0fL,0x9cc9a78934853870L,
-        0x78b604a7af598c4fL,0xd370375e476f27c8L,0x9f0415b80b15cba5L },
-      { 0x2bcfd9a4d400dc1fL,0x2a6fe03b4bc62dddL,0xb05a6464a211b19fL,
-        0xce059d419990b504L,0x011c5f87d94951d3L,0x13cec08900d9c7b0L } },
-    /* 2 << 14 */
-    { { 0xf365419f9b280fd9L,0x13e3b12746365672L,0x8a91c165c41880aaL,
-        0x3eb27a97f9712fbdL,0xa6587aec76c55678L,0x7c3a04b702cd79cfL },
-      { 0xfc878f9cda712eb8L,0x076e61170fca3e02L,0x09a184d8caf6df5eL,
-        0xd32bf232aabcde75L,0xf601d0de03de597aL,0x85d2b5fcc5da2858L } },
-    /* 3 << 14 */
-    { { 0x3075a7636c888df8L,0x6305c20472e21527L,0x6b1d683e8798aad9L,
-        0x0d09624680706369L,0x91db5e7f7b854739L,0x0e63cc6e02d72332L },
-      { 0xe929e3ea1f7ff6ccL,0xd53a18a145595925L,0x867916cb93af8be1L,
-        0x757e9f56c5c305eeL,0x3f9071c75c83063cL,0xccc0f92d7f6d5bb7L } },
-    /* 4 << 14 */
-    { { 0xb6029961ae899afaL,0x8eedd66e681b6e1bL,0x82db693b4df3e5b1L,
-        0xb5131488a0c3e357L,0xbfb01ff3ccb2f577L,0x28ea947027a72cc3L },
-      { 0x26170928e39e325eL,0x42d4876b84f80188L,0x0bec6a634c872d76L,
-        0xa0a7cc90b14d9c9fL,0x8a32d2c44f6c7778L,0xe7cd346e3b889a4cL } },
-    /* 5 << 14 */
-    { { 0xab35a14f5a4a3753L,0x1d0d5a142bbbd563L,0x54cfffc5998d4514L,
-        0x1c02f381a77ed59bL,0xe4a7a6ab21c9c190L,0x50059df54a9adb60L },
-      { 0x2d0383ba34bd7008L,0x894889bedf1a4f41L,0xe541c62612ac407dL,
-        0xcc0e417964c3b62bL,0xdb8ca1f33a0978b2L,0x4ef45a2d287e8c6cL } },
-    /* 6 << 14 */
-    { { 0xea95b5c9437f2efbL,0x67d3e9b58e52ce8eL,0xfb33102488ff5455L,
-        0x883ec9fcc3101dedL,0x056218e20ca5f1f9L,0x4c9b2483bccc65d8L },
-      { 0x13199b26123db2ecL,0xbc1d82479aff90dbL,0xc4a9311d367516f6L,
-        0x3b40c867cb6e90d6L,0xff674ff84034415cL,0x2787db45a1821e7eL } },
-    /* 7 << 14 */
-    { { 0xacc263fcadeb8508L,0xb52ebcd719854c90L,0x3d54e7805f2ce0aaL,
-        0x2fc056a97e02e760L,0x47e7173e32da5f93L,0x1d468de3fa893134L },
-      { 0x9adc877dd73396b5L,0x430826afeeb00c82L,0xfde2c3da96a673caL,
-        0x467575ad33e43f9cL,0xc3b2c3a1ec1df2f0L,0xf0348e6f2252a8a6L } },
-    /* 8 << 14 */
-    { { 0x860ef794609683acL,0xf0631ad39af1c522L,0x322c83662ee7f522L,
-        0x58ccd95f54122af0L,0x7454880c2bbb2d80L,0xea173d8286d8d577L },
-      { 0xd5a3057cea1cc801L,0xfd08d482bbb2a189L,0x26aac99ec3c512f8L,
-        0xc3eac036556d891eL,0x866c3aa7bf9f6112L,0x7c4c8fb9c144f7e9L } },
-    /* 9 << 14 */
-    { { 0x989eef73a9109d83L,0xbe43bd378edd17dfL,0x14a63abd1b17029bL,
-        0xfd14ae365ff76860L,0x689dd0a6b8730632L,0x01eb37f147342f9aL },
-      { 0x619bab45e6c446a3L,0x93d26fc97abddba4L,0xda6c120486ffa4cdL,
-        0xc608937548758279L,0xaf074ea3034a7230L,0xf220244b82ce176dL } },
-    /* 10 << 14 */
-    { { 0xc0c1eb0f8343f5ddL,0xa205e66a0126fa2dL,0x37530a3244fd8be4L,
-        0x3c7af6f696ab64cfL,0x1f04305076657202L,0x2c59d31c828f3fb1L },
-      { 0xa61cba51e7f5926eL,0xb2de427391ebeb81L,0x976f2c34bb855476L,
-        0x0c6c02c3269e4f86L,0xc69bed8fe2e01fffL,0x19aa421c480bf7b4L } },
-    /* 11 << 14 */
-    { { 0xb32e8e229affa929L,0x69ebb533bb7db327L,0x10ac3360a8a8d088L,
-        0x066cffa7c485517fL,0x2393e74c12b8eebaL,0xb3a8825a596c8412L },
-      { 0xe2b99fc3bc8b6b92L,0xd7716da085ca802dL,0x92f6693f4de5101fL,
-        0xe8b0442304be34eaL,0x05b44ef648324966L,0xa89d9499413df57fL } },
-    /* 12 << 14 */
-    { { 0xad0d24c7b617206bL,0xb8be483f9dd13f59L,0xa55134ff7655aa29L,
-        0xa3d103857a5e217eL,0xfbb9eeb53a21b295L,0x1de71555c84a136dL },
-      { 0x7579398e0b7487b3L,0xc6ca9575a14dce87L,0x99b32e1e46452257L,
-        0x99d54955479d8f2cL,0xc2a8a6a1930b80efL,0x58d9db81656c850bL } },
-    /* 13 << 14 */
-    { { 0x0c8fe2e04d89b43aL,0xe4d923e77a04e492L,0x49ecb701617df01cL,
-        0x6d80f249bff9a819L,0xf01e604acb7f86c1L,0xd6d3a6664b7f1455L },
-      { 0x657801c19188fb17L,0x339d79450dc92875L,0xca798cf57ec0b757L,
-        0xc0808852a62301c2L,0x2dda13558266c908L,0x22bcde8f5e55da21L } },
-    /* 14 << 14 */
-    { { 0x6c85a0eda682508cL,0x8350b515edcce6c8L,0xa84a67656f95898dL,
-        0x55b0ae971e419847L,0x11115c6edd6a885dL,0x6f0beaf64fb174a4L },
-      { 0xaaae44b2815af3afL,0xcf0697b9927a2c1cL,0x37639d62d7d645eeL,
-        0x157b7eda2effec37L,0xb55e50759b9c66e6L,0x33a66a1f85f597ecL } },
-    /* 15 << 14 */
-    { { 0x8260c5339b49bb46L,0x3f3df9d6437cac27L,0xd0723229d972d2a8L,
-        0xe544a216d0dd92abL,0xeea4a0f5a03588f6L,0x54006166b218dec0L },
-      { 0x0fae2be85778113bL,0xbb9618d68d570227L,0x3ba87360297a47aaL,
-        0x9483a8399a76dd6eL,0xa803edaf6eb061b7L,0x6790050cf8067cf4L } },
-    /* 16 << 14 */
-    { { 0x171898aa8f7782b6L,0x8b7a706b499b3a81L,0xbc0e835ffdb2c1baL,
-        0x4ee30281591f5aafL,0xfd71de3bcc272c6aL,0x532800c46e93f68aL },
-      { 0x35ee08048365c576L,0x6c2bcc94cd4c0221L,0x49f37ff5957b2ff6L,
-        0x315d8e7e5ec029c0L,0x33230602ef324c12L,0xf5847f9b966b2578L } },
-    /* 17 << 14 */
-    { { 0xed88aa550bf098d0L,0xbc9888fd75f90180L,0x9040919207713428L,
-        0x38922bbc1a1f71ddL,0xa430fb65bfbf0f55L,0xa258b9ba867c1998L },
-      { 0xa7f69b03b7294c58L,0x2ec0c5de84dbc1e5L,0x41c9e5207dba8d62L,
-        0x545573f1795d8285L,0x1c24a375d3075041L,0x687e1cc8fb6b88dcL } },
-    /* 18 << 14 */
-    { { 0xc29b123e1453b1e1L,0xefb0778820059b44L,0x15554ade9291671eL,
-        0xeb5a1980429dea37L,0xf96dacbb6c4b867dL,0x4f5563d6abab4d68L },
-      { 0xb5b0ecffcbe76297L,0x5a22996a51d6bd43L,0x0088ec95b7e5cfc6L,
-        0x4863a5a1fe373e05L,0x42b7925bc244d93dL,0x85bad13540117113L } },
-    /* 19 << 14 */
-    { { 0x01725fbe8201fae2L,0xee4d7d382dc34bbbL,0xaddf878afd7c35bdL,
-        0x56522d5865536719L,0x595c3dd8f772d4cfL,0xd87c5b6045af30b9L },
-      { 0x9cc20b9de7992d5dL,0xdfd53d58d56f1964L,0xaf2947bdc7d42a68L,
-        0x9322b73dd19e8ad3L,0xa73a9e843243a6d7L,0x9c7dc57992c203d3L } },
-    /* 20 << 14 */
-    { { 0x86283e21f9daa551L,0x47fd23f81f696f1bL,0x7d029b1bb9784a9aL,
-        0x7c7798bea0c0acb5L,0x41241c716d7c682bL,0x11c6c1131d33c2b0L },
-      { 0x5d469ca23565cf32L,0xa949f022bad4bdbfL,0x3d054cc2a13cf4cdL,
-        0x13bd21669e3ce279L,0x01bc70e68a4beafcL,0xb39e351d8aba087eL } },
-    /* 21 << 14 */
-    { { 0x92efa2ebfa6cb068L,0x934209b29235050bL,0xc446ee28d5000c05L,
-        0xd4e51912862fb7ecL,0xa53940f111193db0L,0x5f2ef2aa82a7fc57L },
-      { 0x1a6b30ecb0210f49L,0x4ab1dac73899548aL,0xb116cc3186737a03L,
-        0x56cb33809ebfa5b6L,0x8ac3b61fdfd918b2L,0x65867e3ca102e1feL } },
-    /* 22 << 14 */
-    { { 0x26072a5d82357232L,0x3762764e9f0fd2f1L,0x9c5813f60c16733eL,
-        0xea2e0e03718951d4L,0xae195bd469e63818L,0x241a4afcfa2f9a6eL },
-      { 0x0e97519f9165d59aL,0x416bd37358e5af1bL,0xc4e811288197b7ecL,
-        0x4145be2c9c6ba0d0L,0xc82cb2a17d40b98aL,0xc3c28487bccfa8b8L } },
-    /* 23 << 14 */
-    { { 0x920949a810476d2fL,0x5b387bbe2502c026L,0xd1d61a9acd7f026bL,
-        0x81003d7ceea9a3f8L,0x6191c15fba5b78aaL,0xacbed41e30ad7befL },
-      { 0x1427f1fd6740f72cL,0xb4b5e7c93c475735L,0x6a374d1773029d5dL,
-        0xc1e4bfdacd622400L,0x670b9e36c2686dccL,0x1bb236e08dd4085dL } },
-    /* 24 << 14 */
-    { { 0x84aa863ea4ee10a1L,0x24d805a687919ccdL,0x553f3206b5c399b2L,
-        0x775b92173cc109bdL,0x25c01263fe384088L,0xa3c4418bd5f743cfL },
-      { 0x3d69705ddf91f1f0L,0x547d46269ebddad1L,0x0198ab1a2626cebdL,
-        0xaf8320f285b1afe8L,0xb9c0968ce17e6efdL,0xfedc75c290215bb6L } },
-    /* 25 << 14 */
-    { { 0x1d375f7dcee34c76L,0x2295f8dbaa486096L,0xd18577928285cb84L,
-        0x53fe6bd5e8c46c3bL,0x6f6cb6c068ba071dL,0x654ab4e8964e0f1bL },
-      { 0xc70857a9edf6aa40L,0xc313c7852fd26360L,0xd705a86a995998d9L,
-        0x413d35efd6989c8dL,0xddc0b2070df131bbL,0x21f64be59c7d70f8L } },
-    /* 26 << 14 */
-    { { 0x8061d340143ff74dL,0x59e94fc6a23aa7b3L,0xf7c79a0b914c3b81L,
-        0x5a836211702c6ae7L,0x2570d63c718123c3L,0x7e86d11ec9f5ce3cL },
-      { 0x80f03f9717bcce3bL,0x073975b1465a7446L,0x29f66de7cb357aceL,
-        0xe87bd12c04894fb0L,0xfc501a2651a0b5aeL,0x20a3170c02207a3bL } },
-    /* 27 << 14 */
-    { { 0xaab1f0fa2785a18eL,0xa50192fdb37c657aL,0xe7073b27f0c8a908L,
-        0xf3e0451b2c82fce1L,0x8237e128c290240fL,0xc1c631621bbf66cdL },
-      { 0x9bbcc2afb6639b7cL,0x07643d299bf0e0c6L,0xf7f070c7671c5be5L,
-        0xb09a423a9870ac6aL,0x324503506656cda2L,0x4f404be80584abc2L } },
-    /* 28 << 14 */
-    { { 0x3ee52d8f5fe63bd4L,0x09f8405c7a7da77cL,0x35ce95c61881a757L,
-        0x0a8cf9d9c13e3707L,0xe71258d548d2d3f6L,0xcf4fd6910bbe7c0dL },
-      { 0xbd6496e1fb9479f1L,0x711c669aab8cb3a2L,0xcbe8501358cfdfb4L,
-        0x655c902b59275b4aL,0x7e0ff05b20f722baL,0xcb00031d42b17aadL } },
-    /* 29 << 14 */
-    { { 0xc568cee0cef0ae1dL,0x1b3422ca7a55aae0L,0x8dcce5058bb536b8L,
-        0x12df74bee92759c9L,0x029abaf02ef962c4L,0x5d30b4359bb1240fL },
-      { 0xc62fe8e7d03a850eL,0x67da35b5b08dcab6L,0x6f4d4e75e8ca1131L,
-        0x53d6fbf81bd5bf97L,0x596d850ceaa0b2c6L,0x32e918240e8d39b5L } },
-    /* 30 << 14 */
-    { { 0x3360ff11d54bf1a4L,0xbab994cb5c79494bL,0x953ad553757d7771L,
-        0xf17f14f068b58ed5L,0x223615317523c422L,0xf0f05f965ebf0d49L },
-      { 0x3386676549182267L,0xf87eccc1ad71c3ebL,0xd7708e18913d8dcaL,
-        0x27fe27e1b193eef9L,0x33376365cc45e65dL,0x599b4778d700ac20L } },
-    /* 31 << 14 */
-    { { 0xb118f73509ebb3c5L,0x7299c7844d0d36efL,0x409ef9cde10b249fL,
-        0x040f91d0156401b9L,0x6b9fa5b107467a49L,0x2ede334334415300L },
-      { 0x0b3abc9c0edc8055L,0x58f850958ca04aa2L,0xeb0d3202e568b6a6L,
-        0x5e57bb1a159dce4cL,0x8d3780e03b68641eL,0x78eb21a0d9f50517L } },
-    /* 32 << 14 */
-    { { 0xda643272ed068028L,0x86b52135a91fb87fL,0x23865a7c35b43943L,
-        0x6ac015884606bbf2L,0x9660ab721559fb9aL,0x1fcb09e73ce2f1a5L },
-      { 0x62af29ab793d2f0cL,0xad5aaef53aee7efcL,0xee9f29b744c11037L,
-        0xb2a19cf1d36c2571L,0xb87d88e265b552b7L,0xd8b4f172beb253d4L } },
-    /* 33 << 14 */
-    { { 0x6776241470c50124L,0x157c591f57d0eb9bL,0x99e1e2d769b4bcc2L,
-        0x81c2b923a9d94ed3L,0xbdd9294fecbf3becL,0x3825c29a4c4fb135L },
-      { 0x431d9f26e915cc2eL,0xc4fb48afec1a4835L,0x97f426c09ada831dL,
-        0x0be0cf81d5c48eddL,0x166ee4243d02771fL,0x810bb518b09de508L } },
-    /* 34 << 14 */
-    { { 0x9f4dd8185038ba67L,0x5ff1572801111ed1L,0x900d44f163de4d57L,
-        0xa36c1a67d5db5e67L,0x2f01142e2bf5cea7L,0x1519ae1f59aefbf4L },
-      { 0x7b963d1f6d989fcaL,0xa5bb3cb85fce44e1L,0x61087c9672fd3285L,
-        0xfb2fc6c1c597ef26L,0x5548e25c81e70a6aL,0xa6c53d67a229d7bbL } },
-    /* 35 << 14 */
-    { { 0x9d11a26ab9678e36L,0x8142106fbe07b082L,0x3c31548b322fda75L,
-        0xa87215ceb7299565L,0xb5229b119ea80113L,0x7221a40f43ae700eL },
-      { 0x1ad48de8cc00aef7L,0xc4573660d266daa8L,0x1cb020a65761657bL,
-        0x9e799be24588c895L,0x3d209df968561484L,0xa0fb323295fec6d8L } },
-    /* 36 << 14 */
-    { { 0x9292138a3acde05fL,0x7b23f51a50f9e7f0L,0x6ad891a1af59b585L,
-        0xbd394db79654da39L,0xcb8c47315f7c6edbL,0x367bbb5d6d2d6e5aL },
-      { 0x8df2c759f51dd55eL,0xce0924d8e6c3517dL,0x49c46188097a8072L,
-        0x47169f40980170a7L,0x56198937b96df7ebL,0x09572534531fb3b6L } },
-    /* 37 << 14 */
-    { { 0x04c18873d2eef240L,0x5752cce75106879cL,0x4b7fbe6bd9736e37L,
-        0x7c7f1de4c85990afL,0x0cda6f07a2324ca7L,0x0894eafa4d80c28eL },
-      { 0x24bd95890ae7e6d9L,0x050d526aaba494a3L,0x4b05455ee583fb5dL,
-        0x3b5fb27c6049bb23L,0xc7c9da6ecb5b411eL,0xc1f2528ebc38336dL } },
-    /* 38 << 14 */
-    { { 0x8b177119d62ff4b1L,0xb0c02e2783150269L,0xdbeee1f8428f9e51L,
-        0x2a55661225ff00dbL,0xb4ebcf98cd0d526aL,0xc69f721fc0efa6abL },
-      { 0x0ceeceb516e29d31L,0x0bf4510127d1c530L,0xad942f1f42a7383dL,
-        0x2cf389eb03b8fa98L,0x1aa647651ec6acf0L,0xf7ac647c202433b9L } },
-    /* 39 << 14 */
-    { { 0x880bfb2caa7fcbf4L,0x18c2b739731cd693L,0xd093ada3ae39b46eL,
-        0xd48a288796c6fb7cL,0xed7c405daf96bbfcL,0x6b63b9ee256335e4L },
-      { 0xfd4795ec7ee8e89cL,0x4f3fa1ccb07320d6L,0xe16c594206b0078dL,
-        0xb8c95b563a0b2914L,0x2b5b5ab42b337970L,0xcf612b4cb9f75ea9L } },
-    /* 40 << 14 */
-    { { 0xbfe63081596eecd6L,0x20eb6fb0a3a194fbL,0x4497ec2b8751a73eL,
-        0xf90e9e4cf88ba0e5L,0xd5a9c5d55974eca2L,0x9fc120ade4f3e171L },
-      { 0x9ae058a633330640L,0xbda3227855bc8aaaL,0x7851cdbc1c9688a9L,
-        0xf68d7d9e1d950edfL,0xc89c645074e06425L,0x62406f3b6116d386L } },
-    /* 41 << 14 */
-    { { 0x1094390070e509fdL,0x0a8e3db09af61ad1L,0xa487a61538d7aa57L,
-        0xa9d56bc5ed020b3bL,0x7ed2294f638b35f8L,0x53d6870dc95fb42eL },
-      { 0x85e828494c2207d7L,0xf88831baf0556be9L,0x64a547979fe416c3L,
-        0xd61b652e779bebaeL,0xd3f43e2f2c0ccce6L,0xd5119f341f680ab7L } },
-    /* 42 << 14 */
-    { { 0x466f42a1191938bdL,0x95ec31c036f1dae5L,0xa7f350d2feaa8b55L,
-        0x66434577555c505cL,0x0c668e73f55d1ca4L,0xd6af5ba4a7bd7449L },
-      { 0x581e14ac1a79d8c9L,0x9761d9763054e915L,0x928e7415d69220a6L,
-        0xc5bf4bb405bc4a22L,0xad033b7c45d52313L,0x4e67962c75d66dc7L } },
-    /* 43 << 14 */
-    { { 0xc60e17b2e2300049L,0x731c2fa54107f308L,0x848f6db7cc2982b3L,
-        0xf251c21085275d38L,0xf5cac5b2128c8a96L,0x3c012933405b27f0L },
-      { 0x9b0a61520b8b15b7L,0xb1c32dc691fa4548L,0xbe7b7654f366d677L,
-        0x7e1f33277147a660L,0x11e31a0eeae310bcL,0x3edef63c1b86b525L } },
-    /* 44 << 14 */
-    { { 0x6f7e7259c6334c8cL,0xe34cba49b4f2333bL,0x157bf099211d08c5L,
-        0x9e39c5442988a4daL,0x796ed9f17a998311L,0x3f4da896d8d349e6L },
-      { 0x8ab75656fab28acaL,0x3e215d5342d14b21L,0x50008fd7bec23301L,
-        0xd6ee4853446e2c56L,0x203ff1c880da14bcL,0x27a4bfbbc333ba74L } },
-    /* 45 << 14 */
-    { { 0x745e69dfb3d54e52L,0x1ab2a03e7c405cbfL,0xda71141e0bc431b5L,
-        0xb3a47e71aafa7c19L,0x5329594fa88a4905L,0x489b5928973aba07L },
-      { 0xbe31a4d37350ad6dL,0x177e5285478a42a4L,0x45a101bf848eba6aL,
-        0x4287dfd949936d31L,0xbc4c491dc82823c9L,0x87c816aaeb8b8055L } },
-    /* 46 << 14 */
-    { { 0x66f5337cf309ced6L,0x897cbcb9eb5ed3cbL,0xeffb601762c35fd5L,
-        0xb4b702f081fd31f3L,0xd5203833f66f6120L,0x1d2d5ef318a84d91L },
-      { 0x22f9fae70edb3857L,0x034197b3cef00765L,0x16d8c6b493643908L,
-        0x90ac59e16c51708bL,0xbed18da32edffd9dL,0xc90ac893e750df1eL } },
-    /* 47 << 14 */
-    { { 0x4a0af827bdb07e48L,0x5588631e131f46ebL,0xda550ce1e503169dL,
-        0x0e16b540f2cf2f14L,0xea19a70dc79930abL,0x5654aa5fa8925651L },
-      { 0x2f1a14906104f9c7L,0x98420d6c654cf319L,0xf967467f3ca96df3L,
-        0x6abe4e32dee1fc07L,0x913bdf2bbd07d17cL,0xf96f70eda8ef9068L } },
-    /* 48 << 14 */
-    { { 0xa0096d10b7f8286aL,0x493e88563015be8dL,0xa221d57c17f70125L,
-        0x4f932f4fe425eb77L,0xf0fa00df78ddfe95L,0x68165f257866f01fL },
-      { 0x01345af4b1693425L,0x3fc8d3a6bad5603fL,0x4269006f0bf46cf5L,
-        0x96e3b6b77e340ce9L,0x2a4bda69df7c68b7L,0x9649d8b91b6574c2L } },
-    /* 49 << 14 */
-    { { 0x98f55e59112ef290L,0xa5516c3568909cdaL,0x40407393235165f1L,
-        0x6eeeae510991970cL,0xae79ce1faaa6d26fL,0x8bc719b441d43f67L },
-      { 0x4a7af92a39cc89a3L,0xf6d14f9a85c8ab12L,0xb9bfca97eb8d4851L,
-        0x926b8155cd52b2f3L,0xdd17dbd48fa94f9fL,0xaf68726447cac5cbL } },
-    /* 50 << 14 */
-    { { 0x39d7c1729517c2c0L,0x6f795181166e2f50L,0x9f6ecb5dc0ad8b54L,
-        0xb480afac8e75ce4bL,0xf51569203dd5ad07L,0x87c855e73799b80dL },
-      { 0xea8c34d9538ebc9eL,0x67bebb6a957b303aL,0xc6511b7b4dfc6d7bL,
-        0x9a40cf5885b02ee1L,0xf4fffbbdecc59a6fL,0xe85a7c115cebfbcaL } },
-    /* 51 << 14 */
-    { { 0xffa0118c4a33265cL,0x4c4051d583e0bb83L,0xcde22f8d7007d078L,
-        0xae9ebbc2932cba29L,0x297c2252f7a82223L,0x662814f41a09fbdaL },
-      { 0x3bfd965640be805aL,0xe49901e592acce09L,0x4e201930bbb6bb43L,
-        0xfe94eb4dcc018aa2L,0x454d8c611dcf97a5L,0x11d8e3a230f1011dL } },
-    /* 52 << 14 */
-    { { 0xe745ee2c36cc8b1bL,0xb40c94e6e328c813L,0x4144aecd8bd107b9L,
-        0xc35567890ea88fd2L,0x017460e30492a810L,0x0c63cd4410b8bea1L },
-      { 0x9123e9a3c890f74cL,0x940fe6590cea499cL,0xbe306232c82e1bdeL,
-        0x40544f6bc041d7ecL,0x46de1f3b477a7dafL,0x336551f6951f1295L } },
-    /* 53 << 14 */
-    { { 0x2a61217a09b3b9a1L,0x0736704635b71125L,0xfddbf1933df24d57L,
-        0x33ddabcb4592d748L,0x2fa9ff8a25309e3aL,0xdca2dd2892a0e76aL },
-      { 0x706350255dfbd02cL,0xe01c2553b6306b8dL,0xb14132905e91ddecL,
-        0xf45221866f6de6fbL,0x2d48d001b440319aL,0x926e9b64fe67f843L } },
-    /* 54 << 14 */
-    { { 0x5580401264e2c160L,0xe154925a9a6c256bL,0xce2df32922260b79L,
-        0x74824410c546d756L,0x2a1d0a5f79887083L,0xa2c040c5da3f7d48L },
-      { 0x74058ecbc14f96b8L,0xe69c09d73415e476L,0xe5a93bb47a443fc0L,
-        0xe1bb24800c31d7b0L,0x4701d669f4ab0610L,0x0ad815841eeb23e9L } },
-    /* 55 << 14 */
-    { { 0x823cd737d72b5925L,0xee09efb9fa38cb06L,0x6828dced4a21e81eL,
-        0xab67b37bf365e481L,0x3995edd2b5a7c630L,0x4c24ac8806930b7cL },
-      { 0xfd7264d36dedce0eL,0xdcab1e333e76fe1aL,0x6b40889a89a94f97L,
-        0x7a1fd432b2a3b0e3L,0x121efaea3ffe933eL,0xa81f6c6f843c3553L } },
-    /* 56 << 14 */
-    { { 0x26301455e5488aceL,0xdf39099881a20dc7L,0xac7d6049ee06c7f3L,
-        0x547e8df33f248fe7L,0x5fc4b74213743dceL,0xa97721bc4c398630L },
-      { 0x6b7877cc258aea47L,0x1cedce562d5c28d6L,0x7e930e419428d66eL,
-        0x42c80757b97faf54L,0x091fe5ab3812e632L,0x2c29fd42e2e359bbL } },
-    /* 57 << 14 */
-    { { 0x2d9e65a61d7b990aL,0x8a9ab4bee2a8a6a9L,0x8658c36985e3eea6L,
-        0xf352787df0de0b23L,0x872db1de1161aa92L,0xf2648c972190acbfL },
-      { 0x9a34f1d09de72e41L,0x13860f846c086516L,0x2e9211b824127c21L,
-        0x4e1623bba3697c37L,0x41d71f1df579c733L,0x33f0ebf7ca9f68aeL } },
-    /* 58 << 14 */
-    { { 0x9b51f4ca9f5a40c2L,0x38b59573682e2132L,0x5765e89dc556998cL,
-        0x102fe894698a4a8cL,0x0bbcae977c6964d6L,0x8548f2c6dd7bb12cL },
-      { 0x32c11ed9e49848d9L,0x1ee1b525135aefc2L,0xade5d14e812a5e4bL,
-        0x0e122e7e15bb167bL,0x321594d4ec5c3594L,0xbcea8723a7c02afeL } },
-    /* 59 << 14 */
-    { { 0xdbf91edcaf87c75aL,0x9710003266582706L,0xb10cb32b1133a7b3L,
-        0x70f5d71767e068daL,0x8d937e56b8e0c9a2L,0xd8a2652ee2a9afd7L },
-      { 0x94d6cae9cc90c6ccL,0x3512f3abe94f68ffL,0x931ea6f09331ad40L,
-        0x71621013daa3d4f1L,0x591c40bfb668a992L,0x5494cc174c6868e5L } },
-    /* 60 << 14 */
-    { { 0x7981826070ececc7L,0x8cc0b6e071cfc0e1L,0x998df6590276a6bcL,
-        0xffb5bec11a43be05L,0xb93b1543f2beb640L,0x337703d456f3719bL },
-      { 0xce74c17cd40a7375L,0x6aef79cab1aece94L,0xc5bdfb388876d218L,
-        0xf71ce9cccea91445L,0x471cdbd1ed6e5f5dL,0xe0cc79cf10e56c08L } },
-    /* 61 << 14 */
-    { { 0x2b17e181794ebe48L,0x6111c897f28cdd32L,0x4d59199062dfeee5L,
-        0x7b9d070241b14904L,0xa1ad534d5fea4804L,0xc08915d953b16c22L },
-      { 0xa57c883e8ac9ddedL,0x589474dcda1d1bf0L,0x31cbf32ce9aa8e7dL,
-        0x2abe9b60f0930d84L,0x604731b0cbdd031aL,0xbc35b1e4e9e1b3c1L } },
-    /* 62 << 14 */
-    { { 0x39300d55efeff954L,0xa9cf57f34fe9cffdL,0xe3315321b15aebbdL,
-        0x26354c57b840b080L,0x2c690488476abf35L,0xa7303fe6d480cf33L },
-      { 0xa50865295706c3b1L,0x4c26034eed0b2342L,0xf08d67be9ae9c452L,
-        0xd4dbb9f5046c7d0dL,0x4435f1a3f9e5393bL,0xf47aae68cd4d5de8L } },
-    /* 63 << 14 */
-    { { 0xce9e5ddc06d5f48bL,0x22c1cd3e0ef642baL,0x2ad48eb9e9b8a960L,
-        0x330074883ce26679L,0x495e62428d2de642L,0xcba5bf37e03b1a77L },
-      { 0x9382c92de716624dL,0x410d212350a33e4fL,0xe55ee116e953e7edL,
-        0x27e9a0584b840616L,0x560a5e4939473bd8L,0xbc1e795b382f3a95L } },
-    /* 64 << 14 */
-    { { 0x31bdb48372876ae8L,0xe3325d98961ed1bfL,0x18c042469b6fc64dL,
-        0x0dcc15fa15786b8cL,0x81acdb068e63da4aL,0xd3a4b643dada70fbL },
-      { 0x46361afedea424ebL,0xdc2d2cae89b92970L,0xf389b61b615694e6L,
-        0x7036def1872951d2L,0x40fd3bdad93badc7L,0x45ab6321380a68d3L } },
-    /* 0 << 21 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 21 */
-    { { 0xc5cf8997ce0b5b72L,0x350adde19d7154baL,0x8139681e307b254aL,
-        0xcc87fb5775cd94d7L,0x90e7027478684954L,0xc4fdf4c095ceb991L },
-      { 0x91bbc0ab8762c84cL,0x5e09e226ce09e8adL,0x1cb83d704b93d45fL,
-        0xe2299024f541da1fL,0x3eef7ce14b7ffd10L,0x53ee63bbb3fc1b9aL } },
-    /* 2 << 21 */
-    { { 0xe5004e8003682f59L,0xccdb9cb7f642ac0fL,0x405f50d1bd869f77L,
-        0xecffa54de7ebea2cL,0x3354dc22d87620baL,0x01bb2988b1c01ff4L },
-      { 0xd9370076e16477fdL,0x45303d2a2e71ba4bL,0xc0de76273291e5c5L,
-        0x5cfebd87f0a7ca55L,0xde1162809e592a30L,0xdd26e577a78ebce4L } },
-    /* 3 << 21 */
-    { { 0x1e9b23b9ff1735a8L,0xc3bf3d5b2b0e4b7bL,0xd4cc00fe59b7721cL,
-        0xd5c36f9c9e2f4cebL,0xdeca06bac90af70eL,0x42676f12416ee799L },
-      { 0x0d7afe1b6f748c6fL,0x0b7a6de539c39d55L,0x11e43d6ee6eaed18L,
-        0x5baf8602496087e0L,0xf833634fb1a3a66eL,0x25098c8a79398677L } },
-    /* 4 << 21 */
-    { { 0xe141e763d4720770L,0xb9739e70ddb3b450L,0x46e6cde496131446L,
-        0x0458a5d5cb6c2ef7L,0xb7747634532f9fd8L,0xf62d372116544457L },
-      { 0xbfacb4ded3100854L,0x70788a31b39d3f62L,0x9b543220f22d92e4L,
-        0xaa4590f655723258L,0xc7b6730e01ddb8bcL,0xae252cf869e1e7bdL } },
-    /* 5 << 21 */
-    { { 0xc618cf0ddd4b8d8dL,0x471cda8640dcfbfbL,0xba0dd7ac08882ce6L,
-        0x58e5d2f56cd336e7L,0xcdda8301af096540L,0xf6d268463cf31600L },
-      { 0x6150cd982197efd5L,0x4440fbfa55fb0877L,0xca31871c90757f1dL,
-        0xc4a1faacbdd756c8L,0xc9d4ac1bcbb8421eL,0x3c0c2914b17c43beL } },
-    /* 6 << 21 */
-    { { 0x46fdb65caa6fe9eaL,0xe0d48e5e05494cd9L,0x5adef5704afbf837L,
-        0xc96ba4b91c9e2cadL,0x1e8158f7054a158cL,0x47be73209e38b88dL },
-      { 0x9b99971e6d2993ecL,0xac9b0bfadf980eccL,0x9da09642d96ca391L,
-        0xd67105369bf4305cL,0x40cc1adfa0dfafaeL,0xe27e32f8a209699bL } },
-    /* 7 << 21 */
-    { { 0xeaaddeb836e87d82L,0xc12587a71ffd7210L,0xf93d2f5c731f6838L,
-        0xb96594e8f7097a65L,0x08d6717ab016e8d3L,0x9c378de81984d825L },
-      { 0x627d41e7cb2a0c26L,0x1f447501c697ceb1L,0x8dc40831c760550bL,
-        0x70ad48707fac97b0L,0x5ac7f22e7021c170L,0xa6f730e4929d5931L } },
-    /* 8 << 21 */
-    { { 0x7d27d71fd186cb09L,0x67cb7f4e3bc213c7L,0x418cafeb6075b2cfL,
-        0xc0d691e6d93a06f7L,0xc16a95259dd001b9L,0xa0583230026f17b9L },
-      { 0x4c1041b07845900bL,0x2874079147a22aaeL,0x8d08efd62c1758e9L,
-        0x9cc6f207e6c3229aL,0xec69e902082d8924L,0x9cfa1deaf331dfe7L } },
-    /* 9 << 21 */
-    { { 0x7b5ab2afbce81cd9L,0xd25fa34b12028b49L,0xf9d65e6b63a659beL,
-        0x6f88f1ddfffb943cL,0x38eb0d02b871cd5fL,0x732afedc558ad949L },
-      { 0x4093ab05367d424eL,0xf73b23ad29de1be7L,0xce1c0093e7a50181L,
-        0x6d05cbbe1e412cb9L,0xd3c1148b773a394cL,0xe04b5fdd38e50316L } },
-    /* 10 << 21 */
-    { { 0x1793535b8d0ce0f4L,0xe9b054b1ab73f7daL,0xd82a3ac1ee7bc6e2L,
-        0xb28ad846b847f39eL,0x40975fa2fc10c012L,0x8de998619aafe68eL },
-      { 0xa73f442584878534L,0xbe3118cb7a36a0d7L,0x3763a49e8fa37fc9L,
-        0xf3f8ef82361f32b9L,0xea66f9978c1aebc4L,0x88600d648d9d024cL } },
-    /* 11 << 21 */
-    { { 0x11f842ca150a3325L,0xbae115c3185a385fL,0xddf9643637561bb0L,
-        0xecea0cd9a4115fe4L,0x297720665893a694L,0x837e6880df408cfbL },
-      { 0xfeb8f511e0a7fb68L,0xd21869dfa062b60fL,0xe2b60f46ca6a5e72L,
-        0x64bbec184931d188L,0xfb09c90fe3ef3378L,0x67cbeffacd767337L } },
-    /* 12 << 21 */
-    { { 0xd35832381b289f6eL,0x10dac54a0aeb3bcaL,0x4df1c08d6692339aL,
-        0x2968edec20054647L,0x34072618d74235a4L,0x00b4a7ae71d6064aL },
-      { 0x23a8900e25c23f8fL,0xda0cb7fad7d0f1b5L,0x266211c56c8ecdbbL,
-        0x0a4351b97bc27e4dL,0x98d54c97fc234258L,0x5ba534071e1a4dfaL } },
-    /* 13 << 21 */
-    { { 0xf07cfcdd77f083bdL,0x89bcae29d46712c6L,0x2089c3ab0f09bb8bL,
-        0x3ede5a2a6b9a4028L,0x27ee18fe013066deL,0xc2bebbb416fcdda3L },
-      { 0x6b3926af3a87cd68L,0xf52f0ef9f9a7b831L,0x4a39660a1ffc01b2L,
-        0xe98f718d91aa6719L,0x8b0626f111d48e8dL,0x4a6a2e5b2bd93db3L } },
-    /* 14 << 21 */
-    { { 0xc3ddb6123ef24470L,0x98b66569bb3f99edL,0xccc537153a97a015L,
-        0x0d9a6b4d04937b8cL,0x854d081ad9a575f7L,0x347bf0c0127fbd90L },
-      { 0x6baa47a5c30987f1L,0x164b390dbfd0b503L,0x6672d1afe6a1f565L,
-        0x9a50ee5828d5bb14L,0x2e23ab480d0226fcL,0x33eb052365cdbdbaL } },
-    /* 15 << 21 */
-    { { 0xa32d1a27d904eb73L,0x6fcad8d0c43c978dL,0x8cf1e7a19c0842f5L,
-        0x2a6fa6d800328ae2L,0xa5905f67a1e3b06dL,0x458c8badaa8df96aL },
-      { 0xee5b20c0b0d4b89bL,0x352ae0c4815c1af8L,0x546a7d7e6dd73b70L,
-        0xa99882225f753229L,0xa38eb5d7efde47e2L,0x8290aaed92635ab1L } },
-    /* 16 << 21 */
-    { { 0x8ec4335fabe7c60eL,0x01f198c10a6a9fb5L,0x3ff96de001141ab6L,
-        0xb21acc2c2eca98a1L,0x6154849010fdf648L,0x2c01a99cd1403e8bL },
-      { 0xf1a35f306fa509d7L,0xf7715fe3e3f08e9fL,0x89c26c077fc9a752L,
-        0x8d2535fe420d48a0L,0x80ec5ddd52fe2e73L,0x041b8df071704f39L } },
-    /* 17 << 21 */
-    { { 0x96882074659a0a12L,0xdb0d63032a6bb752L,0x2a1fb2d740c2194dL,
-        0xeb6b45ba2c184444L,0x10ee44368c179d33L,0x906d0e509391917fL },
-      { 0x11bead88ca3bcba2L,0x25914dae4253fb99L,0x0445b31013c25404L,
-        0x2a2eac6d515f53baL,0xa746a1d662bf0a11L,0xc7576a4c6573c4f1L } },
-    /* 18 << 21 */
-    { { 0xec159ed060c5bee9L,0x80282ff007746414L,0x8d53f05f40a97a54L,
-        0xc92d8789f5d4eedeL,0x1edd798132344c09L,0x3bb9a444a92c7b36L },
-      { 0xbf130f5cdd6c8903L,0xd270e7cf676fcab9L,0xac49744bdc5ae6f9L,
-        0xbd0ccfcb40e39281L,0x222efa16a981b3f7L,0x92bcd2d700aeeadfL } },
-    /* 19 << 21 */
-    { { 0xecfdb91489c73e10L,0x83a5168becffe79cL,0x6a0d57c123e97ffbL,
-        0x774121ca4b130cc3L,0x8556fdc5486967a6L,0x1249448d5fe4a7f5L },
-      { 0x8c2c14440e93c114L,0xcde258573bc68985L,0x697ba7b0952758a2L,
-        0x0d962b377aee19e3L,0xdb31fe8582c4c640L,0x6ecfaf36c89b4b85L } },
-    /* 20 << 21 */
-    { { 0xf1e8c5a0e06b40eeL,0xa55909fe59836af3L,0x77a13be8a3a4ed95L,
-        0x47408650bbbcde0aL,0x95b455c2b4fba7b7L,0x4983f5ca4321117aL },
-      { 0x37bab5d1e18d304fL,0x0edf3733f1d29206L,0xe23e4db4dab91670L,
-        0x602a5265923ab7c4L,0x53ee98c6eb920a03L,0x1b592b626f25489cL } },
-    /* 21 << 21 */
-    { { 0x66c981d9d3543689L,0x20500cd7bb8f53bdL,0x807d43605179af77L,
-        0x7280a7b27c286404L,0x75a74e630976a65fL,0x2ba9ad9df11c3bdfL },
-      { 0x23f38f950ec6c760L,0xcad599102b858cc1L,0x4d9adb7efec23c19L,
-        0xbabb6e45095e85c5L,0xfab66a97e5dac2e4L,0xcde4b15a08baf1f4L } },
-    /* 22 << 21 */
-    { { 0x148aad3207089d6aL,0x3ab5b0790303c267L,0x7d13995bc3153026L,
-        0xeba27c192287f305L,0x5faa453367ae45bdL,0xbbb561db2f4e9488L },
-      { 0x254d8977c8493163L,0x60d468fc5c544164L,0x0b6309a3a2758037L,
-        0x8480e16b1f9add24L,0xf1d99fd2902ec661L,0xd32df254cb6dd6f4L } },
-    /* 23 << 21 */
-    { { 0x9a17f5c3610178b9L,0x75dded80bada5aadL,0x158249c23dbeb289L,
-        0x1d0671cac300cf49L,0xa1649bd0886902f2L,0x79b0d6ed7d13be62L },
-      { 0x78253e7549e2327aL,0x5629cc509af110ecL,0x4373a20059f8765cL,
-        0x739f33289d9c5f3aL,0x3c7d5cfe9a5f997eL,0xf044d90d0559357eL } },
-    /* 24 << 21 */
-    { { 0x20aa15d97ab838e6L,0x6cefdd5a0c827ed1L,0xe2f205caef579e8fL,
-        0xad27e38b325981bfL,0x087b8284c3438be8L,0x2095dfcf422360d9L },
-      { 0x87cdf5ad76d096bfL,0xf1b97ce1e022adc3L,0xa71240c189104665L,
-        0xeb5a175c9c1578e8L,0xbd66910ad150ffa2L,0xac277af811459a28L } },
-    /* 25 << 21 */
-    { { 0x7db4df62417fb54dL,0xf6c1e7f04dfb7c05L,0xfdcbd3777aa8ceb5L,
-        0x0364b3bd89c24333L,0x8a721718fdd3dcafL,0x9a6015dcec2848f1L },
-      { 0xd6571930d35ad1a9L,0x154a929199369196L,0xf3be7e228e514732L,
-        0xfa3eef28b7fd3aacL,0x0bc3b2a69f60d298L,0xf6327920febfca58L } },
-    /* 26 << 21 */
-    { { 0x3b9de1baf8dc6030L,0xacc4224a2107fd1eL,0xa7d32fe86dcef0d2L,
-        0x353d5e88dd83fb28L,0xd552c3ce50bfb0b2L,0x69bc0e686cc8ee7dL },
-      { 0x965c0ca21d9c74d9L,0x5cd163a406ac3ecdL,0x57910a828e98b581L,
-        0x1d0fa7523d992afbL,0x862d3184e7d12701L,0xab6a288c6c7d161aL } },
-    /* 27 << 21 */
-    { { 0x04caa9caf4f2b3e9L,0xcdb896141af43dd4L,0xb09444fd4e74ee8bL,
-        0x9428849fec05d35cL,0xe29bb0e94765c0e5L,0x138c45f176d25d2eL },
-      { 0xbf041131a0184d83L,0xaf321573991ddc4cL,0x058760a8ef31df7dL,
-        0xe0b94b57f80dcf5fL,0x75572221850a4a6eL,0xc735580c104a4a1fL } },
-    /* 28 << 21 */
-    { { 0x9ba102f1a6b735daL,0xe073232edfbe7d06L,0xa8ac24ba57266a16L,
-        0x07458ea42d5c4bb0L,0xfbdd0f0574868e1bL,0x73fa612a3921fe7aL },
-      { 0x26f6714b0b32d8e2L,0x7a3cb2b48bceb95eL,0x756a68c6290f204aL,
-        0x148fbb787fdf2b7eL,0x639ece6c57fe0da0L,0x315aee1e9a92b7e7L } },
-    /* 29 << 21 */
-    { { 0x22dc170769d10661L,0x8d89cd1c71fd40f7L,0xa22f11bfa2545040L,
-        0x1247d019d44c2446L,0x8d17daaba08235c7L,0x7e6863b9fae7874dL },
-      { 0x6d57431c0490d338L,0xc1459e61809d1f9aL,0x4eb14dce95b64852L,
-        0x8d3a04e6a7b5a861L,0xfed631ee7bfa24a7L,0xf8f86f27af11723bL } },
-    /* 30 << 21 */
-    { { 0xb43b14146e63c833L,0x497a5f98c1ec160aL,0x112223de83eb3709L,
-        0x293964a88d100b9bL,0x6db1d1931e3b2db3L,0x264bc83d71eced39L },
-      { 0x8418eb43aa89c967L,0x51d41bff76f8620aL,0xa4017ee5cc416467L,
-        0x1cc527231e216e36L,0x76ba536ce8069a6fL,0xa239b54acb77b981L } },
-    /* 31 << 21 */
-    { { 0xa05f2dbc37544476L,0xf18dbcd71b797f65L,0xc78131376d50cd5eL,
-        0x2b509a4d6dee11daL,0xfc0f0584beba1b6aL,0x3282624a9d53bd6bL },
-      { 0xa0944e5c16b7187bL,0x468a79b8aa2f99e9L,0x32e4644b38bc4ed9L,
-        0x5bc375d7e7cf71feL,0xe18e3c0956617861L,0xbce9ccbce69255bfL } },
-    /* 32 << 21 */
-    { { 0x498808edc65fafceL,0x3676a7cc4e806bc3L,0x796e25f176c6b964L,
-        0x1aced64bac474261L,0xa62470fc29a460c1L,0x77501dce5e751e48L },
-      { 0xcc00053b6d9e3641L,0x2b5bc4ae9a3f5a0bL,0xddaccc2e3f9ca178L,
-        0xad33f34a0b80d1b0L,0x6a76df9364642225L,0xc145f36f778e761bL } },
-    /* 33 << 21 */
-    { { 0x377fc5ac575e74f6L,0xfefeb2327736739fL,0x62ba076a9fc2d5c5L,
-        0x6f3c6084baf0269aL,0xce2917688fa7c145L,0xa60bb8905b3f2333L },
-      { 0xa811055dd900095aL,0x92d95e7b385bd4f2L,0xba54f444d33c2a43L,
-        0xc1b131327d12754fL,0xdcdb54821556f5e3L,0x55377fc539ca4b94L } },
-    /* 34 << 21 */
-    { { 0x455f65d1a0cbee78L,0x554eccb566225edbL,0x306400b47a4e014fL,
-        0xef3e02eb7b67025aL,0x7d4efbaa997a633aL,0xd43c6eb8672c90b2L },
-      { 0x0ed2d88d7519da07L,0x864377854b9d51e8L,0xd5900a2e2e3ab57cL,
-        0xc02f046b69bb0a39L,0x06d825a6bff12faaL,0xa12e5b0d5d3ac267L } },
-    /* 35 << 21 */
-    { { 0x1716be5ba10508b4L,0x8706acbe7e37fbebL,0x3881f54e44e3d127L,
-        0x54e20622a864d77dL,0x26a194616b83325eL,0x0d57be814c15a8f4L },
-      { 0xb10c0cd07b53b476L,0x3d016ea097d39c64L,0x4d7df7c15315bdadL,
-        0x6fe5a1acf060cf4dL,0xd5e3d05396846b79L,0xebc878f79e3c8028L } },
-    /* 36 << 21 */
-    { { 0x5b849ed8d0d193acL,0xe983abf773950501L,0x5ca162770854a569L,
-        0xb0b284d26904bdceL,0x9c769d269d4fadecL,0x98e5e9b912677284L },
-      { 0xd9246836b557f2cfL,0xbd47433069d46374L,0xbce8b27b9b063a22L,
-        0x08da2eca37c5ba26L,0x9e742de8d4b26479L,0x643b752c102aa36cL } },
-    /* 37 << 21 */
-    { { 0xb72fae566fad22d5L,0x1e921426cf2fd62bL,0x9f31293d4c225102L,
-        0x78d43a621975afbbL,0xce2787303cfee30eL,0xb88590d77a82613eL },
-      { 0x42f86567560b932aL,0xc2d98915a7c9ed68L,0xe70e41fb349a9750L,
-        0x7e7fdd2c79f9582bL,0xf3d6ab07da737c0bL,0xba247c0b9f3cf823L } },
-    /* 38 << 21 */
-    { { 0x4bebaf153dffdbd3L,0xc37d4a04fcc967a6L,0xeabab9aca0435a65L,
-        0xf23d1d58f9ae9c52L,0xce229a798cc8f7b6L,0x4a61e6ebf5e11e61L },
-      { 0x770e1dc6b20f2d8bL,0x199d20e8cfb9e820L,0x9fd709c4c381a22bL,
-        0x6f53a358b1d52a98L,0x4b1a018c66f511faL,0xc7d2d49375d3a666L } },
-    /* 39 << 21 */
-    { { 0x3b2db5e5550791d3L,0x034ed5665bbb686eL,0xf019f161e033e3eeL,
-        0x33198653acd2f0b5L,0x368d89e41ee8273cL,0xa7ac3b507f26daffL },
-      { 0x73d8d7df006c0037L,0x98b5937de73cf271L,0xc3bc340be917247dL,
-        0x799ea890e45f37afL,0x27be0f5a25e8dd2fL,0xd70ec41c3bb16923L } },
-    /* 40 << 21 */
-    { { 0xd30302352679072fL,0x73dfdc0f95dad4c8L,0x53649b575c4630f1L,
-        0x60197fc08d098d74L,0x9c295d54647f5cbcL,0xfa5f1bc6c0813efcL },
-      { 0xf6e08007d2e49417L,0x4f7d4b3dab579569L,0x7af3e08e11d9b388L,
-        0x073ec38a5db61c65L,0x9b480cb89db4dc4dL,0x9be2ce7e372fa82aL } },
-    /* 41 << 21 */
-    { { 0xd87c0b55ed1b6d83L,0x3b47443adfae29cdL,0x16c5b0e52147bfdeL,
-        0x98812fd0663cbdbcL,0xe3cea04955ffe911L,0xfc1e9d9cc5df31caL },
-      { 0x7ffa90f9902c4ab1L,0x2cf973c3669a857fL,0x89243cfc94b109adL,
-        0x222d6fdb536ee544L,0xa48b1b15fd488c22L,0x7120e3f0f318ba27L } },
-    /* 42 << 21 */
-    { { 0xfbb8a3cd47813054L,0xa2d7255d462ac3f3L,0x341bc10babdfa7adL,
-        0x01efa884ceb9ea50L,0x30fa0f903f5bd09cL,0x8aa309453abd108aL },
-      { 0x0ab7fe23f9ecab6fL,0x0585f72a5ec032bcL,0x686a7d71cf9f4fcdL,
-        0x096bbf04f769be8dL,0xa309931250b64584L,0x67be53402e216060L } },
-    /* 43 << 21 */
-    { { 0x4e14fa6eef252e90L,0x2ca968579b7db6f2L,0xf80772e3653f1662L,
-        0x4f89e666cd28bb05L,0x7fa800cc77eef62eL,0xa3f6ef5963b2f3e2L },
-      { 0x438d564bc81e600aL,0x8978912de14c1434L,0x33732892ea695891L,
-        0xaf6aef0b1dc8caceL,0xcbf9580b7c509cb1L,0x2db9fbc11ed6fbdfL } },
-    /* 44 << 21 */
-    { { 0x408805a1fa7052bdL,0xe4eb27f75f825c13L,0x0a0cc8fa37ee34a7L,
-        0x737b99a40c59156fL,0x78c2a5d8e1b55c30L,0x89d70b62bcbb2196L },
-      { 0x07ad36911e862a0fL,0xaa1c9118c41cc693L,0x7e6f544c4e1f7359L,
-        0xa5f4f5891bf9474fL,0xa711efd9ef56df82L,0x0428edb7e3de91fcL } },
-    /* 45 << 21 */
-    { { 0x67f403610905be0fL,0xffe68b80c12178bcL,0x41bef79ec6a673aeL,
-        0x347e8ba81bc77376L,0xd49956d60e589da2L,0xadd54508fed84dabL },
-      { 0x18868a4a462749f4L,0x2048cd88ed323e71L,0x7b27932aa28d1f02L,
-        0x3cf6107412e4ddccL,0x0f6198631360ecc5L,0x40e5e08b1330d33bL } },
-    /* 46 << 21 */
-    { { 0x79b68071e3ad573bL,0xcb070412723966f5L,0xf4610fd1964b453fL,
-        0xfdc9dbbc8bcee838L,0x3e191f3bb5ca4f20L,0x90d85084c02e0af0L },
-      { 0x4e3f57a70ee64025L,0x63f339acdea07a5cL,0xf255b5045eb4081aL,
-        0xe42bd241b4cbb0bbL,0xafa58985ff68c5c3L,0xd36cf7175b55e6e5L } },
-    /* 47 << 21 */
-    { { 0xf2b06f4b95d37e50L,0x7da1d2af3747c79eL,0x18a37dad6ad0092cL,
-        0x9f4a6f081a8f207bL,0xeb1fd3f2cf0fed15L,0xfb9911e4384eb46bL },
-      { 0x5f07c680b87cb035L,0xc49935d189e1531aL,0x718f6bd09ea02056L,
-        0xadafb67b18a4ca31L,0x26cb0f368477f396L,0xec7775df62ec2172L } },
-    /* 48 << 21 */
-    { { 0xdffb03aec10b43aeL,0x39b1266e9433a54bL,0x4c262521b19fe0dbL,
-        0x0ec1e54f3d5c7feeL,0x2856510b05e68e1eL,0x49382c1edc80b8a6L },
-      { 0x80a509312471bdd5L,0xe8cde18581974aa9L,0xca6112ee28235c52L,
-        0xd28a0eb8301f9653L,0x22b11e26e11fcdf8L,0x97e6fc5de4d735f3L } },
-    /* 49 << 21 */
-    { { 0x7fc264d35b253506L,0x1a11dd9cdfe2be8fL,0x2cbcf79c711185a3L,
-        0x2208200a46806ddcL,0xf2764b6524e75d8aL,0x71a71bcdfcb43c25L },
-      { 0xddd0cd3586a895caL,0x5ec28b469e2caf5dL,0xeb749df9f6614957L,
-        0xdae1dd77eddd371fL,0x7ce493b556dde554L,0xc1627c06d6e5653cL } },
-    /* 50 << 21 */
-    { { 0x7926553cdea7472aL,0xe1e9480d3ba7f351L,0x242a641b1b6a2fe5L,
-        0xf4af10091f790122L,0x5a2e2f95967810a0L,0xf1eaec6e2ed57598L },
-      { 0x34a32da96b9f2421L,0xdc32daa8dd820372L,0x8b2539fc37a067ecL,
-        0x2a495112820969ffL,0xea7c1829a699c283L,0xb4a1083dc2c58cbbL } },
-    /* 51 << 21 */
-    { { 0x1bcc30812e59d7a4L,0x557be0b2fac34690L,0x5b2868db673254faL,
-        0x62e150a49e1302c3L,0xe29e9b445772138eL,0xc76bf4fd7ccb31daL },
-      { 0x8d687bbb34c905c9L,0xf4f207030786eeb2L,0xe56a494c38deb469L,
-        0x759e75e2cc6bbfa8L,0xb11903aaa59eb766L,0x3f6928c5c68b3bf8L } },
-    /* 52 << 21 */
-    { { 0x27fa09ebcdded185L,0x763b655c36d090e3L,0xbc586674dd864c93L,
-        0xa1f84ff34c7074b8L,0xdf5261d17cf08435L,0xc57860f6fbdaff3fL },
-      { 0xfa49af22252d7f08L,0x2367bf8c8db5f89fL,0xad6443ce6dade92dL,
-        0xdc5265138d1af3f1L,0x62a282ecc720ce46L,0x1769b74c9808b416L } },
-    /* 53 << 21 */
-    { { 0x4ee11333ec598f02L,0x4613ba038c7eaad5L,0x48e0bfe61b1ccd1dL,
-        0x6e115b6b507b705aL,0xc4d38e4992874d89L,0x30460a066dc59fc4L },
-      { 0x75de8dcba0f7ea87L,0xba96718125101367L,0x9d7b03314a742660L,
-        0xb4ca381d8c304133L,0xb87b896d65846055L,0x8dd96f0513d381dfL } },
-    /* 54 << 21 */
-    { { 0x43716f0c3e25b7b3L,0x00caad210aeb5d75L,0xbfee232559a6cb66L,
-        0x06c1d812ad059aaaL,0x42d0af57c8bcc046L,0x37968ef70e409a85L },
-      { 0xc5c3812ee3be328eL,0xaaa74bf166547ad7L,0xb292af92a15a0db1L,
-        0xc0645385e5d5cdbcL,0x2dcf4ca937ec2c28L,0x3f75d089f0cb1694L } },
-    /* 55 << 21 */
-    { { 0x7e71fba26c0204d3L,0x6191ad249a40b4aeL,0xe2c7ab6bdda24cecL,
-        0x5a8fc77e95b26a2dL,0xa6d8b2e43f1c7e44L,0x42d485e4e0a0e08bL },
-      { 0x8697386ed7e3b896L,0x5b960d76ee7e58caL,0xda950e9a3fce610cL,
-        0xb85c7842803c67dbL,0xed8a53535e62ff2aL,0xfe6b0e2c4d674e7fL } },
-    /* 56 << 21 */
-    { { 0x46a2a08be26d822eL,0x63537bc689d6d6deL,0x28c556a2b3df9fbcL,
-        0x81d3161eb121d512L,0x4e27ce0b123bc86cL,0x1ebadb85bfb240d1L },
-      { 0x86edb71a1156314dL,0xf8ac56fd113961bdL,0x2f6bc6d8067f586fL,
-        0xf558b8833fe8e532L,0xe9433e2321a7997fL,0xb86f039c87e53b9bL } },
-    /* 57 << 21 */
-    { { 0xc022a16d78329681L,0xc3da7bf76b1226d5L,0x47ef18daa85c69e3L,
-        0x4614f0ee45cecdbaL,0x9126fc2640f19d1eL,0xcdecb2693f5ca09aL },
-      { 0xb62a831257a020e3L,0x5f9a8ddc8330d472L,0x37e58ab3eb208a24L,
-        0xe64ed285ee4b8687L,0x752fa22a74a82625L,0xa67e24609b25fbafL } },
-    /* 58 << 21 */
-    { { 0x89e3d770e6b94044L,0x50f50d1675a1a8c9L,0xe73c51d95344c139L,
-        0x97a8dd8411723e9bL,0xba0663c57de5dcf2L,0xf26eee6c3a6b588fL },
-      { 0x6275b2a9211b989eL,0x32ab4b311608f16eL,0x9e47b2943fdde5b5L,
-        0x63c50a50614bae9eL,0xffe4ef05e31c05e7L,0x2fea9142b7db4ba7L } },
-    /* 59 << 21 */
-    { { 0x27f286db0874c6f6L,0x26de6376e6ec0054L,0x56458a082ca84fc7L,
-        0x07bcd4011fccf1b2L,0xb8548e74bae6f486L,0x0ea5857a0de2964fL },
-      { 0x8e8df866e50fd2a4L,0x3b07d1a8710fc74aL,0x3e4cc4f5a1fe92b9L,
-        0x7380d0836e52d244L,0x4d75e1c12796278bL,0x9eb279258d33f4d5L } },
-    /* 60 << 21 */
-    { { 0xce7abd1ba225f084L,0x696e1eaff803ee75L,0x66f2789989415775L,
-        0x14df21a29eb4991eL,0x012a6413fe2a0769L,0x022cf1c8626f421cL },
-      { 0xd4644d0460ab4299L,0xa43cc1732a8d453fL,0x7c4ab8c20ed14031L,
-        0xd5854b98e14605f7L,0xd9a98c51fa7ff2cdL,0x7dbe8cbc46baf2c0L } },
-    /* 61 << 21 */
-    { { 0xf26574593c42ae9eL,0x7c3e5c13bbc289fcL,0xb815fe3fe096e7bfL,
-        0x3eb67095da54264eL,0xbf5ca7c4ff3f8128L,0x8fc4a3f865db4dd4L },
-      { 0x3af47b17ee382cfdL,0x8854132fd95520f4L,0x3387b11d33c5588eL,
-        0x5d7eb66c0c662f93L,0xcad581933b18885eL,0x8d1c069a6f23c209L } },
-    /* 62 << 21 */
-    { { 0xa9498fb5212ee678L,0xa8824b696ade4a39L,0x422c074e0a406cc2L,
-        0x7d38de650a2beef0L,0x482d16f81eed5bbfL,0x1c882006f18380a1L },
-      { 0xf90f6c2bb98445e2L,0x36aa980b2c738d70L,0x4caff65b6785ad58L,
-        0x1c282becf95863f8L,0x59ad267c5350b79fL,0x53ea042721cedec9L } },
-    /* 63 << 21 */
-    { { 0x5cc362909fa3481cL,0x1321acdd7292ac86L,0xcc30550378f4d6abL,
-        0xf7917237e7d9154eL,0x591e5ba81fb39377L,0x0a387e4f7c541c76L },
-      { 0x99685212a38570cfL,0x5cce35c8624cd61bL,0x375c68133aed79d0L,
-        0xf72d4b068197e487L,0xcd672f7d129775c5L,0x944ef37f1cd768f6L } },
-    /* 64 << 21 */
-    { { 0x9c66a32becc5f6daL,0xe4ff40431719ba2cL,0x8c6cfab721e716efL,
-        0x32c8fccb96ed74e6L,0x475890dd0b110c83L,0xdfada95f5cb4eefeL },
-      { 0x9d7b89a693240fe1L,0x6afdb2d0210b776fL,0xc3f0b55bca7a7d52L,
-        0xa6e56a0655d04585L,0x818e221c4257acc5L,0x05207b63fcb8d39eL } },
-    /* 0 << 28 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 28 */
-    { { 0x0a74da82d8ada6ccL,0xc6b98a3cbea55457L,0x896c26bb57c2f5acL,
-        0x981e2f72845d45e4L,0xca152b877e9a7d36L,0x49666d457b582e8fL },
-      { 0xea3b9bda49fc20b9L,0x5bcbc84a7c71f153L,0xd346fc5d5748a654L,
-        0x7ac2f217622665eeL,0xbb5efe7fb6f16e27L,0xb1810a70644c9dc8L } },
-    /* 2 << 28 */
-    { { 0x98d089819bc5917bL,0x9f90885d187fac5dL,0x651b18287cfc13dbL,
-        0x2d606e4c8655a658L,0xba64d3c563c91b71L,0x36c7d7d8b82a5090L },
-      { 0x2d1dff02cab1d598L,0xa95788d7be78f90dL,0x1ac2ee6b0ea1fe01L,
-        0xc100b60cd5c1273cL,0x4496084ceae603e7L,0x7fcaaf5f77c2fdfbL } },
-    /* 3 << 28 */
-    { { 0xa93fec0861b06e05L,0x0bebc26b7dfe6802L,0xc00b45a5cce5662fL,
-        0x2e8a0a7f83a9a4a9L,0x6e0cdebbc0bbeb63L,0xc56a20fe63ccd80fL },
-      { 0xfc10fa08b51f1f89L,0x4848392020ad9243L,0xfda69cc66bf53af8L,
-        0x474b7440f10bb6c9L,0xcda9db3b1e7625e1L,0xe2f62c1e1dc7f3cbL } },
-    /* 4 << 28 */
-    { { 0xe8e3225a6abdd842L,0x8c85f18f3b367b02L,0xf147a4219f42edb9L,
-        0x6d4bc00d0d411d4dL,0xa1a13a2770014bb4L,0xb896d97bfa10166fL },
-      { 0xb2a1dfa70c302c6dL,0x0a24bd5d808a63a4L,0x8409a3a2f88c7359L,
-        0x071f3838347726a0L,0xd18a551c27507bb9L,0xe0c4cc34b359b167L } },
-    /* 5 << 28 */
-    { { 0xeaaaf4602a44610fL,0x94d330b10392ac47L,0x989b9b673fe123f1L,
-        0xe2ca56ddd8fd0129L,0x77d6d0cd624982a4L,0x55d4b2c371e1fec7L },
-      { 0x3e9a04a0360e013cL,0x1d227ea9c9cde585L,0xac2b08e24fed8f86L,
-        0xa1d1357ce199e8dbL,0x7cf06ec8e99cc964L,0xd9bc3a7fd85ec63bL } },
-    /* 6 << 28 */
-    { { 0x7d111c67017c633cL,0xadd9e9bd7d128a9cL,0x4cd8730c6db857e9L,
-        0x3c9c03e9f4b46d12L,0xd42f0242a78472dcL,0x3fc0bcb2260841bbL },
-      { 0x6332b11a8783f828L,0x65229d2af7be37ddL,0x402f28eee7e8944aL,
-        0x3d1bab505ab28372L,0x6944e82cad5e1ff3L,0x65a94c0de8c75729L } },
-    /* 7 << 28 */
-    { { 0xa151dcbc2f7f3633L,0x4305312a98969226L,0x947afc00604d46e1L,
-        0xc3c9d57572f3e28cL,0xce4c1cbd14b1cd1dL,0x8fe9a81df80dea45L },
-      { 0x50920f3a9685f603L,0x51d380f00b80d89eL,0x19978ba13f798e32L,
-        0x1294aaa6c5edde47L,0x280002c2be714a1eL,0xd998669ef212603cL } },
-    /* 8 << 28 */
-    { { 0xa44f6ef880e9d9f3L,0xaa7621e91d14d618L,0xcb0e4ed80eaf6671L,
-        0x2bf485f8181514a2L,0x74670e180a2927eaL,0xe1b5461612c14645L },
-      { 0x4068c0742a67ed61L,0xd10c7a57739063caL,0x391b651d698b2816L,
-        0xf310d1696da14fa8L,0xa089be6bd8a578b1L,0xa314b3a844389ad7L } },
-    /* 9 << 28 */
-    { { 0x688ce85068fd73ecL,0x2cfb41040db1f500L,0x5d943b8d5b9bbc41L,
-        0x861867f5403f3973L,0xc331110a2c766363L,0xb28a6bc153aaceeeL },
-      { 0x2ab6e7aaadbee7a4L,0x316ca45c2f2b9569L,0xcac646e561d2428aL,
-        0x6fd28dadc7cb6291L,0x2e28f68741e20ff4L,0x8cfe90eebd189d34L } },
-    /* 10 << 28 */
-    { { 0x09b8ed53339da6adL,0xe40727af26f54b8eL,0xc4a105979990fdb2L,
-        0xb808656b5108236aL,0xb4411363aa4bd584L,0x19e90149288a0328L },
-      { 0x5795d8a8fb0592f8L,0x313c68833213c929L,0x62eecb5b48f79d47L,
-        0x3afcfdbab29ca224L,0x0072847d40075b08L,0x078eef3dd1fe0c8fL } },
-    /* 11 << 28 */
-    { { 0x719b51f20ca20aaeL,0x01ad630824b47b92L,0xd32460c2d3c807deL,
-        0x8497786b0a1785f5L,0x8bd521355d714ee5L,0xc267724ed00f741eL },
-      { 0xe5578dca9c266820L,0x97ff60085b62d484L,0x84c70e92e3bd1869L,
-        0x412759e34dfa679fL,0x6bccc33fce497e18L,0xfb92405669056198L } },
-    /* 12 << 28 */
-    { { 0x664ff05368ed0760L,0xc3cdc99138fae9feL,0x3fe057aaf1f30a86L,
-        0xbae990222d08c72aL,0x4f5faf3f6f09e13fL,0x44461a4413d26b29L },
-      { 0xc2504c1bf95418edL,0x12766ea7db3ff26cL,0x2f956e9507a22399L,
-        0x2716e70f5a00cdd3L,0x80c020140e9fba99L,0xbe587ac30519875dL } },
-    /* 13 << 28 */
-    { { 0x5e4bb6b83b23d2a1L,0x819a7c7705c9888cL,0x59e4c48ad0fec7f7L,
-        0x4b212b21d6bb71abL,0x370cb90bcbf213f2L,0xf1ea07e0817549b0L },
-      { 0x20e3115351a37b92L,0x30f9e70158d444c0L,0x7ac3a37b0b791ab7L,
-        0xe456fd475265e4cfL,0x3e3f27ca29580ae8L,0x5d68a40daa2a1654L } },
-    /* 14 << 28 */
-    { { 0x14203d8720cbb917L,0x284e0c9db2a7424eL,0x99eb2911cefe7139L,
-        0xa709c50f42925411L,0xa5a7543e5c79a13aL,0xe262025c6f45f023L },
-      { 0x3966fd18828b9f40L,0xc660846913693115L,0xd7dfbcf644373027L,
-        0x8e73fe6bbade7645L,0x88267c7b1de0dbd8L,0x1231ac99ce4e8c9eL } },
-    /* 15 << 28 */
-    { { 0xfd928bd90ba99806L,0x799ac97d1a864172L,0x5436a8cd129682b9L,
-        0x4bcacda54e96fecbL,0x453af995c5db1451L,0x8fd382e07073b98fL },
-      { 0x17165b8a644a7bbdL,0xd17d2d80b6118620L,0x2a4bf1b2c8cd1bcfL,
-        0xdc7aad959ccc119aL,0x6d34084c3bcdbeadL,0xcbc5c5557e0663c8L } },
-    /* 16 << 28 */
-    { { 0xba86aec170128295L,0x83a09b65c12f35ceL,0x8978ff0789df2f80L,
-        0x85750cfd97a773d5L,0x806bb730fc3f35f6L,0x04503422fed868c9L },
-      { 0xdc0fcde086ffdbaeL,0x8f4297e11860f43bL,0xfefb7d028d3ad6cdL,
-        0x5c652b5997293550L,0x32e12942ed5cfbbaL,0x06192aaf98800d22L } },
-    /* 17 << 28 */
-    { { 0x9bb8cf660002f389L,0x217219af51505913L,0xfea1388999ef8797L,
-        0xad1b2383235597c4L,0x85ffabb70a3e3536L,0xd8235d9da00c725aL },
-      { 0xfa9b0f4ba704dac0L,0x99d76ddc2f57fb9aL,0x5ed3683b18428507L,
-        0x9e42bc54435307f2L,0x3167de67b4f36896L,0x8a0f99a0d539d713L } },
-    /* 18 << 28 */
-    { { 0xf0b92b8a4642d9b2L,0xce97828a3f50c883L,0xa33d62936f0b1194L,
-        0x23417e0f3692f5b5L,0xc79b9491fb0b95bdL,0x5410e8c95e836b2aL },
-      { 0x2b84078d29798fc7L,0xa8732e78d6628695L,0x39da93f898c766aaL,
-        0x0797832d305e464bL,0x246069ab163f9f4bL,0xb867dcef53fb6170L } },
-    /* 19 << 28 */
-    { { 0x949c63730ced5c37L,0x6f8cd6e4fdb6464eL,0xbea902ae2e056dd4L,
-        0x43871371fa0d560cL,0x162128e9e9ec2208L,0x84deda5c25060c6aL },
-      { 0xa8a8a27c14160ed1L,0xf24bf3dda33b53cdL,0xd12038a976a6d272L,
-        0xe64d6384ee8f2b15L,0xc404d580d3e91d69L,0x62cdb886a4888d17L } },
-    /* 20 << 28 */
-    { { 0xccf0fb423c9eb0caL,0x8703c6694aa03b40L,0x44c735a74001af07L,
-        0x9616dd932e874ed1L,0x5c2e8520474ba621L,0xddf13cd3fa93d8b4L },
-      { 0xd68c9b4575df1b67L,0x4cd242288f80d389L,0x0f1a16bcc09f47fcL,
-        0xc414dc6a9cd4842aL,0xbb0fa94f1f353c6dL,0x405124551950d073L } },
-    /* 21 << 28 */
-    { { 0xbfe176f2dfb520a6L,0xf51917bced96d0abL,0x8131985078b11135L,
-        0x6397f1288f006a55L,0x9877f30e576b5132L,0xe0cd103bec781571L },
-      { 0xb4bf74e5bcfd5046L,0x04333aa4be9cc561L,0xc6dd1dbc1e066ca1L,
-        0x03c926e1d3718e62L,0x13bf83d404309072L,0x79649ba0ba28ac51L } },
-    /* 22 << 28 */
-    { { 0xcb1a73c55abfe8a1L,0xe9e2e220deae1d92L,0x2d953d00514befaeL,
-        0x74024df9b7940bcaL,0x9a2cad0cd13f4a3aL,0x8790b699360795fcL },
-      { 0x63957f3b5e9982eaL,0x491bf3155b7d256eL,0x5708bd4dd23324e7L,
-        0x9f11ddd397c4c8c2L,0x1823762f5b7f5162L,0xc45a3976cbfc9dd2L } },
-    /* 23 << 28 */
-    { { 0x806134cd30731f5cL,0x04522c23487c778cL,0x99b6e6a1651640a5L,
-        0xe2d20ed87e9898d1L,0xcad25762069e56d9L,0xd4184f6e29ddfc7bL },
-      { 0x1017badcc1aeaa34L,0x7d3700e7f3c62e08L,0x203dcf8d5e42399bL,
-        0x05986c66b72795c7L,0x0b56ad9cc0925f02L,0x1f0e895bfe0e3bd3L } },
-    /* 24 << 28 */
-    { { 0x935b9e244d2edd5fL,0xfeb46fb5efb287b8L,0xa51700a3f5018b92L,
-        0xc328beba23864e2aL,0x113b5c9a995f70c1L,0xc0b11c22da1b5d51L },
-      { 0x9b99b907f4a360cbL,0xf4ee9995adf0b094L,0xf67c7cf2f94b3f0eL,
-        0x664a51a1dcaf10ccL,0xa3709ccce937a669L,0xea97bace4862f098L } },
-    /* 25 << 28 */
-    { { 0x62c7dd9ed537ed6bL,0x8a82ae7ccc168feeL,0x96fcf8d19d00a4a9L,
-        0xfeef6ec205096874L,0xc828c68969f4485fL,0xdc4903a6322563f0L },
-      { 0x5339cad7d3280a32L,0x42ae434909ff15cfL,0x94cdb7790bbb6af4L,
-        0x480f8a5515721529L,0xc2f9c4dc0ff28eb2L,0x9d2a405e1ff6e3d5L } },
-    /* 26 << 28 */
-    { { 0xfeebe7d29309e729L,0xd322c38aa30a4eb9L,0x18cb0ce12f4f5c8eL,
-        0x08a073a04262105eL,0x6ca92585933f888aL,0xf4a080c903ca1489L },
-      { 0x5e678c7949c8daf0L,0xcd6ef6ba5abfcf82L,0x61faba612a4fc564L,
-        0x7cacb3dcee0b306eL,0x9fcfafadb5aae2a9L,0x193e841c4b8fb04bL } },
-    /* 27 << 28 */
-    { { 0x4db6f5f07ed99ce4L,0x1257bd9c2456059bL,0x546c764b43d3590eL,
-        0x6d5062adebba72d6L,0x6858f04e2e8d99fcL,0x46554047b4eeee5fL },
-      { 0xff433f63535f2da3L,0xd76777542b76d2e8L,0xeb6be9c88e838a3fL,
-        0xb7a2d2c1145f8bf4L,0xf3ba128703bb278aL,0xd88cd51530c4a1a4L } },
-    /* 28 << 28 */
-    { { 0x51758334c942a3f5L,0x7cc01e8832182ba6L,0x772af25774de4fe6L,
-        0xb1b3c448e9667bf8L,0x71cb27388079caf6L,0x48890c641d823a40L },
-      { 0x47a5887b0e9edbdaL,0x916dfb0cbe089e5aL,0x3185090e1eb42ddfL,
-        0x3c7eaa13b7f3af26L,0x940ed8c79e9963b2L,0xd85e77db3426ac10L } },
-    /* 29 << 28 */
-    { { 0xf21b47bfd7bbbfa1L,0xf757cb309ea0ea77L,0x6df7f53783b2a6dbL,
-        0xb0808cf99eb8ed81L,0xc526bb6b64edb3b6L,0x24f1612068f72d82L },
-      { 0x3e2e6af8f01cee94L,0xd2e01f947847ca60L,0x079dac3539e68ac2L,
-        0xc30720b270cedeaaL,0x2f97f968fa6bf057L,0x2dba403babf6a743L } },
-    /* 30 << 28 */
-    { { 0xed99932452c802f1L,0x99f6864c5cb78b2eL,0x8f8a0a709b9c3693L,
-        0x0b931016e2f598bbL,0x7edbb1b3a614fc15L,0xa0321b50e79f74c2L },
-      { 0x834f3ee994bfa457L,0x5ffa9613006907b4L,0xa37e9b83d779b46cL,
-        0x7a21743cf33b791eL,0x6646b89dcc28a011L,0x9b975ef8e2ba76f8L } },
-    /* 31 << 28 */
-    { { 0x166c7151ec72cbfcL,0x3d1f2450c9e519ceL,0xfdcc648e7efc0fa1L,
-        0x3f5f90cf6db6d516L,0x8a5dd3df145830f8L,0x4d9938da4e5858e6L },
-      { 0xe598f9d4dede1584L,0x2de5a26cf5c8f4e4L,0x495b750f364e20f6L,
-        0x29291c445b718188L,0xe560d9ee3733ce27L,0x99b9d27d5b9d206cL } },
-    /* 32 << 28 */
-    { { 0x162cdf342efffd95L,0x92111fdad59086e8L,0x4478d114454eb977L,
-        0x8ce403d8dea38a67L,0xd459633b7435728aL,0x3a7be4e3a63b0504L },
-      { 0x0c74066b335dba3eL,0x4e8fb1d7c6ea6ee5L,0x3398b588a99690edL,
-        0x4949517c3ad77562L,0xf9824f09cbbb60eeL,0x9fdcafdf85660becL } },
-    /* 33 << 28 */
-    { { 0x368bea127aa62889L,0x6096730506e1046fL,0xe69be05e564f219cL,
-        0x064b9d7c01eab75cL,0xf16ccc9e0152981dL,0x708827acb178a3deL },
-      { 0x320f6a8a93248b89L,0x532acc568084908eL,0xe494cd1f6ab586d3L,
-        0x59c74cacabbdcde3L,0x3ccf84a62259abeeL,0x6657d1fad96bd141L } },
-    /* 34 << 28 */
-    { { 0x5d3a8252aa0a9dcdL,0x540e037af97fe26aL,0x4cbb768ca3f68f56L,
-        0xf9608732652d7058L,0x5fae0f9f72cea8b9L,0x1a7edfd97d980da5L },
-      { 0x9f00ee611791c34dL,0x6c95404c2bc25810L,0xabb1089e043a9faeL,
-        0xe36fe9e1a7881ae0L,0xf163dc460fc04e9dL,0xb6955f2f129c7940L } },
-    /* 35 << 28 */
-    { { 0xa22ebfc7c23bcd94L,0xa653b119684fe9f2L,0xe469e28646b59d70L,
-        0x0720daf3dad96b47L,0x5066df7871288c07L,0x7648d7d82905b5a2L },
-      { 0xc6ab9c5c0a30a65aL,0xa00539f34930712aL,0x6a64738c7e894bdeL,
-        0xd7f3a7459e8eafdfL,0x652a58ff8ce9f7b2L,0x7c9d02e4cb3782bdL } },
-    /* 36 << 28 */
-    { { 0xf26bd8618875d9e8L,0x22e2380dbea9c273L,0x5f15183791995508L,
-        0xb97f40a6648aa1c6L,0x7478f5f83977d848L,0x21e876ae35b57de6L },
-      { 0xf620b180a93fc7f6L,0xf49bd07e1b148996L,0xfb0857261c4f60e1L,
-        0x6a6653af7ad6b84dL,0x913a2d022e05b686L,0x94746629407dda9aL } },
-    /* 37 << 28 */
-    { { 0xc662b0f68a97c714L,0x69fbf7d1b8fbbb02L,0xf3bb5a9c5cdff85dL,
-        0xfade6eb036ee44f3L,0x6eb4b8266d0905c8L,0x6ab3e4a4391a34d6L },
-      { 0xf490046478e7bdb1L,0x8bcd4bf23272c400L,0xdf9a81b78d2c9573L,
-        0xb9a0ea166af43695L,0x3298a5d071fe768aL,0x53eeeb4333e87bd2L } },
-    /* 38 << 28 */
-    { { 0x87cdbfe6bb531d08L,0x384bcd0357957992L,0xc654e2c942008cffL,
-        0xd12b50285002e06aL,0x41a34286a67db410L,0x31a109d99d6b2c01L },
-      { 0x14d642da2ed35f38L,0xa06a846048ffd04fL,0x8291190cbdbeef68L,
-        0xc8106239e43bb0c9L,0x4d7aa992c4bea448L,0x107b86efba3dd9b5L } },
-    /* 39 << 28 */
-    { { 0x3d870c3144fc1cd3L,0x34409eec0085e7b3L,0x67d5c1340d0395e6L,
-        0x9c30dedae3f36689L,0x988ac951d268cc91L,0xdb05825bd2c9dfdfL },
-      { 0x30ccc3b75d349fd5L,0x63383c0f60c3a79bL,0x4f45c81732c71964L,
-        0x456679642fef028cL,0x82454c12cf4053f0L,0x7c1310fbed8077f0L } },
-    /* 40 << 28 */
-    { { 0xb8465d16da684157L,0xdadde1abb238faaeL,0xe2cd45e7c6b9bea8L,
-        0x7251d4a15cf413d5L,0x615cea8baae1765bL,0x75aa831813f36885L },
-      { 0x7d5b0bf7b8767cc1L,0xec38a8ff8022968cL,0x034805b62a07faebL,
-        0x916f9eb033b7321eL,0x34963633c0c577ceL,0x8ee07efdabb8d3ceL } },
-    /* 41 << 28 */
-    { { 0x498606fc2d15a409L,0x2398e109d5fdcb60L,0x8ed8fcbc36540c3cL,
-        0x94404e2bc1db3193L,0xe62b808b28db1c38L,0x545b60871ad1d686L },
-      { 0xe8bf6489740f4264L,0x7ee76fe71809505cL,0xaa95b8c86f45a011L,
-        0x9bd6111b55c715c3L,0xc5c736bc33165913L,0xf1e8cdf282f6c7a9L } },
-    /* 42 << 28 */
-    { { 0xeb09e7fa949d05b5L,0x49394c1b8d014014L,0x644874d73eb7abd7L,
-        0x89c666e5679d2a01L,0x6ea98cbbd315bc8eL,0xd919142a37fa5a26L },
-      { 0x042fbac56d0239b6L,0xbff2b086837c510fL,0x21e4d279d9883ed7L,
-        0x6416e0239713c2b2L,0x3742c6d14ea05144L,0xff591d8fd5b00fb2L } },
-    /* 43 << 28 */
-    { { 0x0ae21b83c138ed42L,0xf1b0895a2ff30df8L,0x4d5d634d9559c6e1L,
-        0xfd02f3a3098e5c4aL,0x7bc6b63152bb211dL,0x498a68fffb69f0ecL },
-      { 0xd6fd5f443e69b479L,0x5ea1877d8c740d2eL,0xfaaff5f0ca605f02L,
-        0xb3022f9839a03f5bL,0x3feb7c13aa253725L,0x119097a89dc33a73L } },
-    /* 44 << 28 */
-    { { 0xa0bd6c0da8a29345L,0xc676b6c55d7f5ef9L,0x303b6d7c20ad7259L,
-        0x06542a19d8fe09a7L,0x5a06653ca959014aL,0xf45fd79a5bcfe0cbL },
-      { 0x29058d984e583468L,0xf1bd25e60cd7afc0L,0x2a88246ef7dbe54cL,
-        0x680eaff835e0ef3dL,0x5942c97f726e59b9L,0x43e971398d5c0825L } },
-    /* 45 << 28 */
-    { { 0x6656b318f7378bf8L,0xf9a838df182f1a29L,0x0d62dc5ede475756L,
-        0x97564544585bcab5L,0x3e99f44c857a13cfL,0x8c3a0a940cbdde00L },
-      { 0xa7be375833dd2d24L,0x629040f1bbb1c7eeL,0x0bb2ced27f0eab7aL,
-        0xb86f1e1e9f474277L,0x60539a544a14ac4eL,0x9860f986aa90977fL } },
-    /* 46 << 28 */
-    { { 0x143fdef1fe944aacL,0xfd6700fdd24f606cL,0x5dad2e41737404a9L,
-        0xb16c5d42953abdccL,0x132b5cd995be01c9L,0x2bf605d86fd01c6bL },
-      { 0xed62526c8803881dL,0x3429579201788c26L,0x553f8e0f8d62ab25L,
-        0x3b2df9cf9850ff9bL,0xb320ec40acb513b3L,0x86d61c988875dfe7L } },
-    /* 47 << 28 */
-    { { 0xe5fbda4daab3cc32L,0x556fcd2535d469a0L,0x414673d91c02fb7bL,
-        0xc14ee9fd8bfe6a4cL,0x8ba0959d1133d9f3L,0x086a7c94e94338ddL },
-      { 0x92c2f484cdd5a1b9L,0x97bb21f6ea0e0f9eL,0x99756b285411da59L,
-        0x4b79c4663be739b3L,0x73502d3e706078fdL,0x6bb794100da7aea4L } },
-    /* 48 << 28 */
-    { { 0x2daddb11a406d4d7L,0xb02b5da5a2a33d81L,0xb73ce82721a6aa89L,
-        0x10919587467506deL,0x0927724c428d8daaL,0x0ede991f7c17adfdL },
-      { 0x8518dab1bf7ddb3dL,0x04b091c42a54e1b8L,0x5943c37f89e7a398L,
-        0x8e63f5e8e273f6f3L,0xc6d0352b83143d22L,0x30e43182ebd1628eL } },
-    /* 49 << 28 */
-    { { 0x9bc5af5aedf58e50L,0x31a3beeeb0d51722L,0x5789fcf98cd467aaL,
-        0x85d974897793faafL,0xcf09224ecc18f367L,0x4f293783ec7957b4L },
-      { 0xb044c854c0be350cL,0x027caaf72a63996cL,0x5341b3f3cb85de2fL,
-        0x0d261d80b106359aL,0xf63bfe7a8456af12L,0xa954c4400174c82cL } },
-    /* 50 << 28 */
-    { { 0xaf752854b02aceb3L,0x000c5c4222c194b3L,0x7e953b78ebd2e61aL,
-        0x44dd61b4b9d68960L,0x282ef4216d454ed1L,0xffed862aa402ca61L },
-      { 0x5fffddeed3e189e2L,0xf36379990daffe3dL,0x1b09a625857a8a00L,
-        0x3e64ff63c1ced62aL,0x9acc484d10b63647L,0x5a470aef3afc8675L } },
-    /* 51 << 28 */
-    { { 0xe21acfec09ebdbaeL,0x512c66a729b064faL,0x15c08e1191835db7L,
-        0x78fff5d665203a4aL,0x99259d961c73615cL,0x85b444b9f36024bbL },
-      { 0x4909772df16932deL,0xcc4a526899a3863bL,0xe54557bd2ebff8faL,
-        0x1a9b05b709bee4c1L,0x0d2ce396bdb2b785L,0xbd15bcec8ce7ef40L } },
-    /* 52 << 28 */
-    { { 0x606658a99991167eL,0xb8773e1572c4b43dL,0x6cb364cde025abceL,
-        0xafa58e9b0c5a653eL,0xa7e35a54134a68bfL,0xcb831d42ba4d9db6L },
-      { 0xae37348ede83ef97L,0x4ac64a6a62ddd553L,0x5feb5e0d715bb6b4L,
-        0xf876efae043424b2L,0x7b56a291ad91a9efL,0x817c7053356f3adeL } },
-    /* 53 << 28 */
-    { { 0x0dbd99249e88115fL,0xecb57472bc568c61L,0xfa4f4a47c1058746L,
-        0xb19006014d92c079L,0xe693577091026a8cL,0xebde8e65eefe8740L },
-      { 0xe8bc6b3480a93b35L,0xc1c8fc0635518beeL,0xf7f4b448a47cdd36L,
-        0xe4d040e0db4f3e42L,0x025fbdfb88345042L,0xfe6cc10f3fbe045dL } },
-    /* 54 << 28 */
-    { { 0x63ba344a1c20cb4fL,0x55f11c207e8cccf6L,0xe66e1641b5b1046cL,
-        0x51cf6dbe758a460bL,0xe786a81e91bb5101L,0x6f4a976209cd4365L },
-      { 0xe88b4d03fc565022L,0x46006d0ebfdf8ec6L,0x10a3e85781f4e635L,
-        0x28ea91360a4a2e82L,0xf890ea9e757b38dcL,0x89c6789261312e2aL } },
-    /* 55 << 28 */
-    { { 0x8ce54e2a65d9fc54L,0x4776c1f13bfc0c09L,0x5d15fced99476b22L,
-        0x2c5399bc1142dc7bL,0x6faef9d96c6ad87bL,0x4f238e48ca5126cbL },
-      { 0xbc7136d607849dc2L,0xc840ccb1e30377a8L,0x30e0f0373a371bafL,
-        0x5b8eef9bdfce4735L,0x1662184e514bb217L,0x010ebb8579e0918dL } },
-    /* 56 << 28 */
-    { { 0x3d6e8d6d8dff7dffL,0x6b6c194ad5be4ad1L,0x57b93f2db6fcd08bL,
-        0x99f09948f3761f23L,0x4062f3d6ac8b018fL,0x4b58ac05a27af72cL },
-      { 0x4abcc81504d0cdfdL,0xa50043e0bda4b02fL,0xe11297e527a9c083L,
-        0x2b2d8d529779c5b3L,0x3de3d330dfdecfedL,0xfe2487caae7fc522L } },
-    /* 57 << 28 */
-    { { 0xc510bb0b7e7a66ceL,0x54a3e0111332f2c3L,0x6331badedc885f5cL,
-        0x1a73c8aedc47d8b2L,0xc657edbb95d4e933L,0x30994aa335dc3ccdL },
-      { 0x832d586fafe5be42L,0x3392b07ad44de522L,0x1bcea9a62982450cL,
-        0x8237bf2b3709f75bL,0xfa4f2501ea9d03f0L,0xcf492df7bdacd276L } },
-    /* 58 << 28 */
-    { { 0x2d0f7f28af4ecf83L,0xc2863ae4d48229efL,0xc989ff3d7001268dL,
-        0x7f07adb6ba225adeL,0x1564c1db450a15ddL,0x3bfea98c6524d417L },
-      { 0xee3cd3ef2cc20833L,0x055c569dba767b1aL,0xef2eaf51351b1279L,
-        0x4e02b1d163b809d2L,0xf0e943d00a14c115L,0x2bb3bc3f32f55210L } },
-    /* 59 << 28 */
-    { { 0x8f577dd79ed385ffL,0xdbcf0548a1fdcac6L,0x38555497c2352ff2L,
-        0x33e2ed85eb9edab2L,0xbe4bd6db9e649ecbL,0xea3668f72c6e7488L },
-      { 0x841627b8f4b91b7bL,0x2d61a0f7d487c7a7L,0x1932b198142d1dc2L,
-        0x06dbb39a1a792783L,0x5be16e570bede1faL,0x4d3b197bdffceb55L } },
-    /* 60 << 28 */
-    { { 0x1c2fc5088f7a83e5L,0xa7c56233b9970c92L,0x949c71738bafa66fL,
-        0x1e299b2d5bbb0490L,0xb9a79e7c18fcb9e8L,0xe6372ce69cb5cc50L },
-      { 0x114fc628f465c6aaL,0xc55395208cb797f6L,0x7df94ed7a73ad211L,
-        0x41eb8e1f8e0cd008L,0xb028725a004cbb0dL,0x1340186d372c1656L } },
-    /* 61 << 28 */
-    { { 0x5162886c203a829aL,0x60dbd8d464416392L,0x60589a51b5a10685L,
-        0xa79ca259113476a8L,0xbf4f71100d7b37dcL,0x1a1b3fdf78bbb029L },
-      { 0x2954d3454799a0bdL,0x7459eac788c256efL,0x61ac72653800707cL,
-        0xd861f7764cc84f7dL,0x29f4e5bf84faae3aL,0x7975c9555aa1236cL } },
-    /* 62 << 28 */
-    { { 0x65f28419238c3c84L,0xf07d83ed90f1ecd1L,0x10307e1bf6567704L,
-        0xa94dddb389d17845L,0xaa56f72788f39175L,0x01cf57e2a7aa55f7L },
-      { 0x98f4340e77f21e8cL,0x8cd3e0a2adb036c0L,0x5c49ebf4af6b46ddL,
-        0x312a2c32455f6897L,0x52fb4f488b517f06L,0xb0f373d442beff4bL } },
-    /* 63 << 28 */
-    { { 0xd9694bd9af44f9ceL,0xaf2cfbbc1ee29f43L,0xaf352b1c880f80ddL,
-        0x3fdabd2142297787L,0xf5a2acc21c7916b3L,0x6154b3f2cc0d85f0L },
-      { 0xb9ff2bea0bc58e86L,0x359eb0750561c3d1L,0xbb5a318fb93be593L,
-        0x34af9320bff0b3b3L,0x3cbe89341d967c37L,0xd08e5f46a8e9a750L } },
-    /* 64 << 28 */
-    { { 0x4074ee27978029bbL,0xa9394bdabae0d0c0L,0xaa01d53972cecb4bL,
-        0x4b0cf1279a7dd9c4L,0x3e3e3f165bc787cfL,0xdf48f7e1942de53fL },
-      { 0x0cc69719567b9d0eL,0x631e33158d0d2750L,0x9fedc1e292314a09L,
-        0x7547d22614a1adcbL,0x405561a48662b86aL,0x149fa2b1f5480b7dL } },
-    /* 0 << 35 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 35 */
-    { { 0x923d0b44bda4aaa7L,0xced14ce4fee29f7bL,0x1656be009cf5b87dL,
-        0x13a37d0d1d61103dL,0x1d705880fb652393L,0x870a31bbed712ed8L },
-      { 0x15ad02e6ad7c21e3L,0xf004e447c36c2831L,0x56aa376cba2b3ffdL,
-        0xc3be2b2f9745443cL,0x47c8a870eb903660L,0x976c303e6c6c192dL } },
-    /* 2 << 35 */
-    { { 0x148bd39cf4fb80d4L,0x469b208cfff04e65L,0xf397fbe2ce548415L,
-        0x441e5c2c87fdde9fL,0x6366b49ffee9c179L,0x38d02bd32938dc71L },
-      { 0x26d450fac49c5444L,0x4569f95d2b23d3d7L,0x5f68bf4d298fd876L,
-        0xe86df047544768b6L,0x40b69a32f8491267L,0xcbf3adf9f917c71aL } },
-    /* 3 << 35 */
-    { { 0x32498d4d8125489cL,0x965e8d07a5a46ae0L,0x6cea5e47e96a7e29L,
-        0xf78293a4668039ffL,0x62548a96f63edd32L,0xe8e6af95a83e8256L },
-      { 0x76e60c3b0db6263bL,0xa1ee4b0621b3d668L,0xa17dbf8b9e49b0b5L,
-        0x4b29ba127eb366fdL,0x5e0ed781d29b565fL,0x8cb50d53199b36f9L } },
-    /* 4 << 35 */
-    { { 0xa66c703529aa3150L,0xd038a5ab479e61fcL,0xdee33e96b5ab5410L,
-        0xd068929c7c57d123L,0x0839a208f1d6ad37L,0x8f523dab123f8178L },
-      { 0xb3e5e524a67d3840L,0x88bda75e52eb59dfL,0x513a0ab7389f2dd3L,
-        0x3197a145890bba6fL,0x61add75b6f66bf09L,0x5c9dfc154eef1722L } },
-    /* 5 << 35 */
-    { { 0x66dc285007769b1bL,0xe07fb7414d71fac4L,0x5ae688a6c2abbe60L,
-        0x08ae92fadcbfd296L,0xbc291256b43044d1L,0x0e1d71ed9fcdf213L },
-      { 0xf0c5b28102485685L,0x5d3f9302e3f68f42L,0xbbbfac50ffe4f036L,
-        0xb5b5f26174fdba44L,0x4ebe1d070d746760L,0xbb0f7812c37f04b7L } },
-    /* 6 << 35 */
-    { { 0x810b6ab36df1199dL,0xc229308bb4f293b7L,0x3cf838dd89897750L,
-        0x3e391e4e7a336c9aL,0x70148337176f89c0L,0x54b15bacbc4f1e22L },
-      { 0x32b104f92c0f2885L,0x2c39cefa67034f2aL,0xb8310437bf178ac1L,
-        0x722299f5c99370d5L,0x0a493cf0332b93a8L,0x00e0ab41a420f719L } },
-    /* 7 << 35 */
-    { { 0xf25925434cab24daL,0x52be9bbce7c3b9c5L,0xaab7a8b64660d1a0L,
-        0x09738b819a9600f4L,0x58f0c86637de9e3cL,0x0aea5cc15db31f4fL },
-      { 0xe480406f499868beL,0x0d8fc7f0f6913a44L,0x7282364435f2e14eL,
-        0xb147b31045e37a93L,0xb1e7aa5bf15c1af7L,0xa8685068b03e7713L } },
-    /* 8 << 35 */
-    { { 0x21feb7fc21c34c2bL,0xab6a553addb0140eL,0x03a6557624b04e6fL,
-        0x2531f186342cb0adL,0x088c4d54a24f6426L,0x9a0ee15c06a873eaL },
-      { 0xdbe0253fd33bc748L,0xdad3339f5db8ac9eL,0xeaaf368173e65901L,
-        0x71f1fab2ccbfa504L,0xb7b845224b0e163eL,0xe0fca8373c779f3bL } },
-    /* 9 << 35 */
-    { { 0x710988eb46baf373L,0x8cceb935b57d5018L,0x1864603fa45fdf17L,
-        0x3dcaae73ef48e6d0L,0xadd9420b590322c5L,0x947783e39b135f67L },
-      { 0xfde763688bf5049fL,0xf00e4c182caa4023L,0x4d3b0f23d355b3d6L,
-        0x181fabcc20d5799dL,0x29499b40ab2ad0afL,0xf6e66328f9a938aaL } },
-    /* 10 << 35 */
-    { { 0xcd7b3c42bcbe922dL,0x2fe02b3b95dd1a5cL,0xeb66bcbd24ef5c38L,
-        0x7edcc21ce579c309L,0x7b19d49116f6c900L,0x36019ecdb6317c2cL },
-      { 0x554ba55391d9001cL,0xa5e30b9814f31e44L,0x3d1fe33bffda4032L,
-        0x5dfec4782306675cL,0xbe59305e000c91e7L,0x3c4e52a325a6b879L } },
-    /* 11 << 35 */
-    { { 0x02fcc14ec5ea88acL,0xca29bb6d56d093b6L,0x876aeda90e6fe94dL,
-        0xfa11a142d7225a9dL,0xfea3ca053d03fed8L,0x435854c6c54d5962L },
-      { 0xd770737454a6dfd5L,0xb8960017a3e55d02L,0xd4015a0c04d65c3eL,
-        0x397f93d1e98a1204L,0xb0efa2e55f3ed850L,0x18f244698a3ec67bL } },
-    /* 12 << 35 */
-    { { 0xa35802f5d62cd9f9L,0x0ca9c15d4148436eL,0x261a991d472b9d21L,
-        0xd81a1ed6a2f8e875L,0x942f213a699b6d63L,0x041a12fc0ae57758L },
-      { 0x61191c82bd70aabbL,0x3776eb8bee4c23b3L,0xabe23e8652511222L,
-        0x66dd967d30dabb91L,0x77650c597ed27424L,0x08ea2ebdab25a050L } },
-    /* 13 << 35 */
-    { { 0xa410ba3ab6cb5a02L,0x6eb40d15d07c5c6bL,0x0de81e9107dcc811L,
-        0x996f46eb2631b7afL,0x5a350ba75b7a22f3L,0xf42b24e7634159afL },
-      { 0x07bae0abc30952fdL,0x3488cda2d644e0b0L,0x23ae40d0e2111e12L,
-        0x650af54ec80cdb56L,0x0f33a30b7d4aa2a8L,0x4e8d3e98442a00e8L } },
-    /* 14 << 35 */
-    { { 0xa624ab3759a8bc95L,0x4b7e3fa61c971228L,0xe8229c4273aa694bL,
-        0x0cc31029779288abL,0xf8eff30f57575e0eL,0xee5e01947d52803eL },
-      { 0x32d87e558a78f632L,0x48a06031e454904eL,0xaa2cb8dd16c6e626L,
-        0xadd098ac2c140452L,0xd25f285d2d3031b1L,0xfb5fbbe175b59543L } },
-    /* 15 << 35 */
-    { { 0x2297041fd7a21503L,0xfe7738c2657f03f0L,0x994a8deb168fa34aL,
-        0x0c772e02a53c4fdbL,0x67f835d150124cd3L,0x0e0d26356993cbbeL },
-      { 0x9857ed845257f11dL,0xdc23a728ac556942L,0xf0e1bb29deb32a7fL,
-        0xb8c3c43fee0d70f4L,0xc294b0efc60ad214L,0xa4d438dc679067caL } },
-    /* 16 << 35 */
-    { { 0x520b0bb905c755e4L,0xa2c2c59bf89f0048L,0x85c1c73a73c23975L,
-        0x6e4dec49783aabbaL,0x69f0c69bb0463155L,0x61a42b949c97b17bL },
-      { 0x55af24a945d331a3L,0x4b0e63f8f5fe81fdL,0x4034283d708671c4L,
-        0x200ddab35fd9001aL,0xe45f28e4342eaf3bL,0x3e8375b41ba936c4L } },
-    /* 17 << 35 */
-    { { 0xcde014bbc613b1faL,0x5ad97babcdf992c2L,0x9fe05b9fea13e2d8L,
-        0x93b553e290c4031fL,0xd62bc0818c727bebL,0x284fb61f888306caL },
-      { 0xa63f8dcd1101abd6L,0xfe02dc120e962b27L,0xab169958115301e7L,
-        0x8822f954462209baL,0xb3ba3e721198428aL,0x9a73ed38d74c88f8L } },
-    /* 18 << 35 */
-    { { 0x7db497e17da2f887L,0x0995648b683f3507L,0x50e3ff74f5935bd2L,
-        0xdec083e2708c88dcL,0xbcc3bc3125129bccL,0x7a3fd7a80a407b41L },
-      { 0x46ab826c25e0ab93L,0x28e891ec54944cfcL,0x637be168f55c6cbfL,
-        0xfa34e9942a65216eL,0xd23e99afe3a43c84L,0x6d09d189e6fd958bL } },
-    /* 19 << 35 */
-    { { 0x8aa6ca1381bbd283L,0x3a0633f4ee167a15L,0x7f297c8b9e3b18e6L,
-        0xbead8a50c71fea64L,0xa11b2fdd457aebbfL,0xd7fc286f85bc7bd2L },
-      { 0x2922ae5bad1c9d9dL,0xa07741c2ef9ac174L,0x24dab2d457fa8f9fL,
-        0xd7078d946116a870L,0x4b45107834117a37L,0x19a4dd21c73c857dL } },
-    /* 20 << 35 */
-    { { 0xa2f9b4e4bac5d14bL,0x9f904a3eb8699164L,0x63585978fec79b4fL,
-        0xbcc9b60ebff45cd8L,0x2e515592a5d63de5L,0xc47a048c3bcc637aL },
-      { 0x0523810643aba777L,0xf6818e4c77e67aacL,0x9d5827d238f962b3L,
-        0x28a904c6a003988dL,0xc06bc833551f4575L,0x61f6bcc2221cffefL } },
-    /* 21 << 35 */
-    { { 0xf7cfbbe5055a5623L,0x1f8af775e66d2a5bL,0x0cac440268831d8cL,
-        0xd25185890d0e6f2fL,0xf17838a3182f90f1L,0xefdf6f20737f163dL },
-      { 0xc3198af0542242e9L,0xf77c3d28209efb0bL,0x1df6d0da8de7be08L,
-        0x22ef7367901a6590L,0xfa9b4af44b776d27L,0xdc49102c88ace4f6L } },
-    /* 22 << 35 */
-    { { 0x60c7d148bafa9cc9L,0x0afc5fe2516b87fbL,0x02e20acff795ff60L,
-        0xd1ba069151f32975L,0x8547e7f757be2399L,0x4bdf6abfa0d1b33eL },
-      { 0xc793832fa06077f9L,0xad55cccb2d874993L,0x5e217b27314387d8L,
-        0x744d7b06e7f2ec4cL,0x761aa86d24fa58b1L,0x41400d9657dd313dL } },
-    /* 23 << 35 */
-    { { 0xd17f68da759d20f0L,0xc141ca6827b7eaa7L,0x3796db8bdaff5c66L,
-        0x067119dca1e5220bL,0x174f11777158ddbbL,0xa80365d8cf8bf75eL },
-      { 0x0a79f74933567f05L,0x8c2826123c99bb4fL,0xe448c2bdcd6ae726L,
-        0x1ae05aac2ad4b0e0L,0xf90dddcb16442420L,0x37465a1ea75c28e3L } },
-    /* 24 << 35 */
-    { { 0xf58e05c53178468fL,0xa17c8b868328a2efL,0x1bb22cb44ce0c2f8L,
-        0x1ab807b51aab9089L,0x2aafa8c91e76fafdL,0x58cdf95fb4801546L },
-      { 0x2c1e4ef8d5d699f1L,0x1583a2aa4cd433bdL,0x571dcaec7f4f9b10L,
-        0xf62b696b27156c5eL,0x77d2443448820bb9L,0x94e4cfcc11dd3e55L } },
-    /* 25 << 35 */
-    { { 0xc3fd1feac00e6c7fL,0xf4e42ddabd322507L,0x1ce3e0da023469ebL,
-        0xf81769d2d788b1c2L,0x505cec4c62353342L,0xd4049907ba759922L },
-      { 0x9ff98f06618ee939L,0xfa63b3606bd55f31L,0x3fcce488cc4d2515L,
-        0xeb6e92e91d629e19L,0xcae4190bff892af7L,0x3e7b780dca80cb44L } },
-    /* 26 << 35 */
-    { { 0xbc923fdfaf54b58bL,0x2aef31d88767acdeL,0xfbebb8f07f28a3d4L,
-        0xce5feafe694fe977L,0x606afb0ac9da1ee5L,0x559866a0b74f7c42L },
-      { 0xd935191fdc85f22cL,0x5c3002d7c8ce3240L,0xecd278c198452214L,
-        0x665b3176821a3606L,0xce05a914baf26fb7L,0xa178860b60e4e8b8L } },
-    /* 27 << 35 */
-    { { 0x135c82b55000cc19L,0x34537edf8b2c55b4L,0xfcb6aac2b37acc8cL,
-        0xa882e25e8ce8d7f5L,0x531756e98c7ff1eeL,0xdcdaced9ad6312b0L },
-      { 0x309a469b7f3aef9dL,0xf306e32588d8772fL,0xe7e6f3abd4dc0d90L,
-        0x816b01ae49878940L,0x1cb084e84ba5e2c8L,0x395af25b005d08b3L } },
-    /* 28 << 35 */
-    { { 0x3832cfd59093efcaL,0x3fda8380ed8b34d7L,0x874ec122e2bd4004L,
-        0x3761e9c44270b9ccL,0x6eb2fb1166e640d5L,0x2a45ad23e6dfd0fdL },
-      { 0xdcb3272bf8dd082cL,0x7d84341f17486485L,0x0f46b1fda4ca2644L,
-        0x81a1ab1e82baf37dL,0xbb1d72713b322f65L,0x1571e326f4038252L } },
-    /* 29 << 35 */
-    { { 0x4e00aa41d9acdec7L,0xb2b701bf9f80dff4L,0xc366ce97d5e71e0eL,
-        0x28c2b4e9ed09255bL,0xef54a1a535086ba6L,0xee2e43f2a1c8b39eL },
-      { 0x346f22f5d9143a78L,0x71fc5c06f1053377L,0x1789f7644737b5bfL,
-        0xc9f83ee8b0df2648L,0xf91a29e9073ee793L,0x18eb801e3ab450a1L } },
-    /* 30 << 35 */
-    { { 0x1c3df0914085f0b6L,0xc60c47f5cede211bL,0x7bdead8650b6e857L,
-        0xc68645be2cf9aad6L,0x8d970a94d01540f6L,0x9346f253782ec6a1L },
-      { 0x3da31263c1b23981L,0x53076158dbabfb68L,0x22947b9f743dfba4L,
-        0x872e60061c56f47aL,0xe973d81c2b3b8417L,0xb98216184b1fed56L } },
-    /* 31 << 35 */
-    { { 0x29fa699b8873de48L,0x64f9e1124932447fL,0x4fb0e009e4c20d43L,
-        0x748a0cdf78016262L,0x4891badb7bd23ea8L,0xf1300a437f56368cL },
-      { 0x178efa9de8f1f8bbL,0xc31cdb4098a31dd6L,0xc2d5bfbad2c43f9cL,
-        0xf377e2cc8678d990L,0xd42d274808d19833L,0x2d72fd4de5ad5e63L } },
-    /* 32 << 35 */
-    { { 0xb083ba6aec074aeaL,0x46fac5ef7f0b505bL,0x95367a21fc82dc03L,
-        0x227be26a9d3679d8L,0xc70f6d6c7e9724c0L,0xcd68c757f9ebec0fL },
-      { 0x29dde03e8ff321b2L,0xf84ad7bb031939dcL,0xdaf590c90f602f4bL,
-        0x17c5288849722bc4L,0xa8df99f0089b22b6L,0xc21bc5d4e59b9b90L } },
-    /* 33 << 35 */
-    { { 0x44e6089f006e422dL,0xb4a99bc45b029c6eL,0xd14bd00e6f289edcL,
-        0x8ebbedfa25c50773L,0x5bdad80851d3ade5L,0xe4e70c3094727960L },
-      { 0x29b759e863ab2622L,0xe20ad36b134d5982L,0x27c8387f4070e06eL,
-        0x9fae222556593896L,0x299a0f0c3b199172L,0x476fe70977a39ca4L } },
-    /* 34 << 35 */
-    { { 0xc91a3d2ef4d0d8a4L,0x450193a819e05a78L,0x0e59e0b89eec69eeL,
-        0x2ba20f00138fbf46L,0x5c9fea780e8ae694L,0x62c81c8cc6b73372L },
-      { 0x2a1df446ff0997a2L,0x929364ab692bb930L,0x4c4a956436cb618cL,
-        0xc55020a0526be5dbL,0x151f18a02c64c026L,0x2ec5becd61724143L } },
-    /* 35 << 35 */
-    { { 0x139c7d788713439bL,0x46f7bd4b1e19b1caL,0x74259a28b47977d7L,
-        0x89a912cb8ab1817aL,0x4428e45f06419142L,0x11b9c4836b34a2d5L },
-      { 0xb613563a29487118L,0x81f4502ab6249a60L,0xe28685843d4ddecfL,
-        0x138c97297bd250dfL,0x733f2201aaac4593L,0xee6b85ad5d061887L } },
-    /* 36 << 35 */
-    { { 0xbff288ed74006fd8L,0x388c5a34ded657eeL,0x47d400a2d61a2995L,
-        0x54c684af1eba1f65L,0xd1ba6975b1b4452bL,0xb23dda26f2f8283aL },
-      { 0x6bff7acf86803147L,0x839571e5e8ea5923L,0xc89e1048dbc4ccc5L,
-        0x1fa0221120102232L,0xbf7b8f902d4e4406L,0x14c5de43576aba0eL } },
-    /* 37 << 35 */
-    { { 0x6c55807bfd2f9b11L,0xb01d9f7239e338efL,0x94f6531135628879L,
-        0xae51cf0b0ec6f5b4L,0x387223cfd36b9719L,0xeeb02cc6f2fb192cL },
-      { 0x867611ec43c9e89cL,0x5b15785f97930887L,0xb792b88b57ab078bL,
-        0x0c54de110bdc03cdL,0x5785811a30d0eee3L,0xb73bb98436b88b00L } },
-    /* 38 << 35 */
-    { { 0x0d0ba3c06fba6f94L,0x7f7e0f5cf29713c2L,0xa8cce53ba6b94d6cL,
-        0xbea99382df40fd27L,0xb3ff1c56bcd4f8b2L,0x19124644418f108fL },
-      { 0x6fc5260727c26f18L,0xbc5e23d682c7c8f9L,0x12aa5e8e099b8cb3L,
-        0x9d94d88614c579f9L,0x5c629d7a47395f32L,0x9cd280633efbbea0L } },
-    /* 39 << 35 */
-    { { 0xf0bbf8e88edb7b56L,0x9a76ad71adeb43ccL,0xd99a92528643e982L,
-        0x6468ff05cf17f5b5L,0xe6589476d56b985eL,0xdca4273cbe446b3dL },
-      { 0xd430e3a47b9dbac1L,0xe075c00f4cfe735dL,0x3ba43fef12395845L,
-        0x6895f0c3dcb49ce9L,0xd868006aa92843dbL,0x968a8ceec0d5bc9eL } },
-    /* 40 << 35 */
-    { { 0xc0387b57f440fe92L,0xce8bad38e291c443L,0x022052e5f9e88be0L,
-        0x6f949fe261615c9cL,0xf4874e2d84725fc1L,0x06fb244b73a394ebL },
-      { 0xb70553c678208bd8L,0xab1829c028704d28L,0x1453ee1a807b160bL,
-        0xa1da80c34649d33aL,0x072e02e056c32ee1L,0x79baa98f3f590646L } },
-    /* 41 << 35 */
-    { { 0x1613a710b0fef3f2L,0x9ae438012edeec54L,0x07824d08579c3130L,
-        0xc2beaf806ba2b1fbL,0x7df3c459fc9e85e5L,0x8debf613dbd63acbL },
-      { 0x2774ab78f04f3526L,0x36e7ff55a5285219L,0xf2adccaf4ab04c77L,
-        0x14add3d8aa43fbfeL,0x387e4965e3026ac4L,0x154801a1c77391ddL } },
-    /* 42 << 35 */
-    { { 0x28687291933bc404L,0x6a13b0cc9ba35fa8L,0xd3d1746931c5d126L,
-        0x1c81ce5df9727cfbL,0x14f66be860b464eaL,0x0bbdefb8c10ea9f6L },
-      { 0x5679a0e5e8d06c95L,0x380161d83dbfd6e3L,0x6cdd31f20523e6d1L,
-        0x2ff419e0c4b4c439L,0xc7439153e217782cL,0xb1b74383f6dc5d95L } },
-    /* 43 << 35 */
-    { { 0xcf0d1d2d03746e38L,0x8476c982916e077eL,0x93de41516dfdc6d3L,
-        0x15010d26b78cf13fL,0xbab5a5de97cb08c0L,0x37f0673014a31939L },
-      { 0x777c709f6819b0f4L,0xe3c2d2f7114a32e7L,0xf0227e19ec047092L,
-        0xe1416f34b817e1e1L,0x4d7db41419c6c3f6L,0xf12a13a9d01aecb1L } },
-    /* 44 << 35 */
-    { { 0xa09e68e61f023abeL,0xbc432449aae2d6c8L,0x61e22f727cb683dfL,
-        0x0b5bbc0fd81a0e89L,0x18ea4e774581f128L,0x28df9961cd70a12aL },
-      { 0xb0d3b19f8b8bc10bL,0x0805d1439844e7f8L,0xe3ed3d40675ab6a9L,
-        0x026d1200f75e2859L,0x1802457b8bb10969L,0xf94c62b3eadab8caL } },
-    /* 45 << 35 */
-    { { 0x518e9c4220d03ce7L,0x6c44676187811010L,0x07ff38f99d9be611L,
-        0x5c2bac105cf0cfd2L,0x4e5cc677d5881c2dL,0x02dc395f08e39281L },
-      { 0xc3ef99142044f4e9L,0x0203508c20c8c831L,0xd1276c030e0524c9L,
-        0x5525c0af5402f999L,0x5c9a43aa49c2371bL,0x6d7b6700d28cbb59L } },
-    /* 46 << 35 */
-    { { 0xdec3ab0f7bae55e1L,0x6bae4baf56152625L,0x1d597c0c839b5d6aL,
-        0x243692a966b3b169L,0x37f2ca8eb01c6d34L,0x5baa355aae5c05baL },
-      { 0xe0b84c28af384b13L,0x6a2c9386667cd513L,0xc361a75d78319608L,
-        0x0c317ac596ca528dL,0xe243aa8672f0a5e0L,0xedcf9f5fa1d1677eL } },
-    /* 47 << 35 */
-    { { 0x88e5cf3f74a0a7d2L,0xa25a3883cac23d4fL,0x7be2fc2ba6eb3d72L,
-        0x188be28d391326cdL,0xeca6aa726f3db24fL,0x237cd6f70b9a11a1L },
-      { 0xafeca5436fecffeaL,0xa32291510e6d18f3L,0x46699e2500dd8b76L,
-        0x5edb4b1a331eaa12L,0xecf6d8a472ce0658L,0xd91af8da6b80e9e2L } },
-    /* 48 << 35 */
-    { { 0x7af5da7b63ec62d4L,0x74dc387261dbdee2L,0x7d08dbd360b519a4L,
-        0x4e785f79459ef257L,0xe3e7d5a485fa9e7fL,0xea60c815e9b5665fL },
-      { 0x2e570d18c209caf9L,0x7bae108371818d1eL,0x5db42a0a398d749aL,
-        0x149740ff4f555604L,0x72e4f06bbcee0abdL,0x0ecc0cb581ad0830L } },
-    /* 49 << 35 */
-    { { 0x43550eea0a34451dL,0x8b0b97e9c3aa33e3L,0xdd974528da22dbdeL,
-        0x0337c64dabff3ed2L,0xb50da9e9230cc211L,0x931f891c004d17d0L },
-      { 0x8b7f9ccbff366019L,0x5483938033d76a4bL,0x52fceec1950ef740L,
-        0x5b19b50cd18125d1L,0xbbb661f55b9011c7L,0xfbf0ec747beda7fdL } },
-    /* 50 << 35 */
-    { { 0xebca6bbec047276bL,0xcda078e05c3018c5L,0x4620dedda223af10L,
-        0x962f389ad02fd60cL,0x901fab93baab3894L,0x5ecbbd7506eab11eL },
-      { 0x865dc95e62203b9cL,0x04a599844acf85edL,0x877e94647607236eL,
-        0x09592a5684609563L,0x6535176ace76d699L,0x44f2d997ce8812e9L } },
-    /* 51 << 35 */
-    { { 0xa09c9ab62285b330L,0x6058d94a9b145627L,0x7b4b4141da3c3571L,
-        0xc9347a16033b665cL,0x95e9b4f01a33d052L,0x35520f3cd46c67b1L },
-      { 0x24938cb136042a9aL,0x5eeaec9de73b7354L,0xed47914931f08616L,
-        0xb0187b2b713a2114L,0x03c49947e3b76d73L,0x79b5778a2e94fc7eL } },
-    /* 52 << 35 */
-    { { 0x6bb19d2162de1ccfL,0x3810bdb3339162c2L,0xeb56c72b6aa09df6L,
-        0xac66c58d1d415050L,0x922cd7e74ad9cc85L,0x09e3585f91168090L },
-      { 0xffc9a98d31b918a6L,0xc273e186c73c7513L,0xd506753f12a77342L,
-        0xe288a471e5edd613L,0x0f358d310cacf05eL,0xfbadfa2d9a63fcfcL } },
-    /* 53 << 35 */
-    { { 0x020e282989cf155bL,0xa1fa6eaac7f481edL,0xba422e09c5c89724L,
-        0x43da4df7cad8186eL,0x1bea459cba3ca738L,0xe9f0afdd0c64bc9bL },
-      { 0x4c3b3b8e3592686eL,0x7e6938a7b43ea3f7L,0x8e01a54e7ba7dad8L,
-        0x33ecd36ea9c68839L,0x1abd6e125e7e993bL,0x29947e126531feb6L } },
-    /* 54 << 35 */
-    { { 0xb0fe9b7912a193a0L,0xfa19ad4be4bbd264L,0xd5bf0e5409918851L,
-        0xd07d8e5729cf45b0L,0x228e67cc7744259dL,0x786ea24843ed0fc4L },
-      { 0x7f700231873cd08dL,0x394db4a70ef49109L,0x699047c06a8197f7L,
-        0xf5b168443021ff8fL,0x4c8bb55026621cabL,0x6f28b013065208f1L } },
-    /* 55 << 35 */
-    { { 0x2fb3a7601f809545L,0x8006902ae93849c6L,0x37cc848c9bd9e1bcL,
-        0xf4cd31559d0f6340L,0x357772ac4baef442L,0x0f46d0f77d533f1bL },
-      { 0x4121411fd9c12bd0L,0x304083dedb70e364L,0xff6b7a1ccecbeb3dL,
-        0xb444b5972aadc899L,0x29ec79bfdb8b3731L,0x864d8d917fbd8982L } },
-    /* 56 << 35 */
-    { { 0xa79feacac241c5bfL,0xc86df4c017861e6dL,0xaecd1722a699282eL,
-        0xcce5e345a0464190L,0x0a79c23deca4f6d4L,0x64603ff16a6e7967L },
-      { 0x02e24234aa7312c2L,0xa9e1fc7791a1b587L,0x1daef29f94526a4bL,
-        0xa7db710a62ead861L,0xb387fec78869446bL,0xee2171015db19f08L } },
-    /* 57 << 35 */
-    { { 0x79a0feabe64fb245L,0x5799eea096a4e94cL,0x2592e7a333b063a6L,
-        0x2cac3c2ef1063574L,0xb9cea04a7f4755d4L,0xb8e40abaa0bf858dL },
-      { 0xe1723d963ffa32a3L,0x6547b4402701eb1eL,0x16ec552a4da9b337L,
-        0x75f7f4a8fe0555eeL,0xf97e465014f1c2b2L,0x5495fce3d9ccf8a2L } },
-    /* 58 << 35 */
-    { { 0xffd160fb62c1b457L,0x62efe01fc4d91f7fL,0xc54f75b5208dd413L,
-        0x089514d3e78124d0L,0x752a9ae8c2945054L,0x466636fbdbffa78bL },
-      { 0x32936281a265949eL,0xd657c0f084b4d11fL,0x199d8641af455a47L,
-        0x1eb24cc7dbd9852aL,0xd2ce80f856bfbbafL,0x1b31b23ceb862890L } },
-    /* 59 << 35 */
-    { { 0xc866d2a5fcd5aaf4L,0x4ac2b7f57e21250eL,0xa78cd3cbc50b4a92L,
-        0x2485c3435a5c541bL,0x555db4dc7ef371eeL,0xcd9d6d9c1304f782L },
-      { 0xae86a22974b4d57aL,0x68c93bc8dd4cdd8fL,0x7b95411098b9fd49L,
-        0x0dd480b9399d8d4bL,0x0e27be29f2665c52L,0xce8a1ef9d920a5c8L } },
-    /* 60 << 35 */
-    { { 0x10a6bd0cfc0395b9L,0xe30bf6d06a5e8107L,0xc8aa2483167930d4L,
-        0xee75885006e7e1c2L,0x4ee64cfcedcb7788L,0x9498e9bbf2f1d7ecL },
-      { 0x084d2350ae0fcdb4L,0x4398ee677f4d25ccL,0xc1ddca395db85bfaL,
-        0xefd4819747961197L,0xbd16037f2265195cL,0x1c61a6fc56daae6dL } },
-    /* 61 << 35 */
-    { { 0x640cf6b17f7c8c50L,0xdffddf2209d44051L,0x837275314e3c038eL,
-        0x3164d1875aa8d8a1L,0xb37590bcfceb1066L,0x5e4fab4200d489f6L },
-      { 0xc1e5dca3f8105ea2L,0xfdd1b0751c7f8679L,0x571d7dd14f14ac54L,
-        0x84cc453155cfb741L,0x49d0b1be48823448L,0x8365f1f3f798b5d9L } },
-    /* 62 << 35 */
-    { { 0x9f2409cb6a564a3cL,0x9266799ae5134e54L,0x39aa3697fac47921L,
-        0xdf3db1f32c0b4dbdL,0xfa37a085f096ec03L,0xb99cfe05afaa0f3fL },
-      { 0xc9e00e43df458860L,0xbeb7e60ace2bb0b0L,0xdfe2be57cac8d7e0L,
-        0x6ec03d799162b2ffL,0xdfe3a6225d1122dcL,0x9f04dcc8b6014310L } },
-    /* 63 << 35 */
-    { { 0x30471bf9b42ba5c0L,0x19073fd0c9d26763L,0x92817e8059c1017cL,
-        0x29248f743da195b3L,0x029d7e7be928767bL,0xf1a3a08a049a0080L },
-      { 0x8ec4f3e6e20c1d68L,0xae815a11f3ad30feL,0xdd0a6083f76f43afL,
-        0x197d29fe49465bebL,0xf1a40ae996316f4bL,0xec47d65e59bafbc0L } },
-    /* 64 << 35 */
-    { { 0x6f57752951c2bb65L,0x4a0c1c284b874bdbL,0x19a1842778b96c6dL,
-        0xa674f9922f593505L,0x5abeeec46b7209d6L,0x42d15d0147cf5fffL },
-      { 0xe24509b7b49e3b4eL,0x81be939c639ee6e8L,0x7f7daf595761e8e3L,
-        0xed5cfcb8d420a288L,0x365b29eb7a0ff696L,0x7d14680599a1ac8fL } },
-    /* 0 << 42 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 42 */
-    { { 0x9ee1ec3aadcdaa68L,0xd98c498fdcbb6548L,0x32b9737588102ac0L,
-        0xdd296cf9c08527f4L,0xb74f8145fae3dfbeL,0x84131eb96cd7cc4fL },
-      { 0xa0f2fe7a927ff15bL,0x6b0ade4deee1a4b4L,0x6e7df2d40eeb90a7L,
-        0xe2f46e20be4de684L,0xcd28feba3fdd06bcL,0x8e4205aee6d6d9f6L } },
-    /* 2 << 42 */
-    { { 0x35d47426f78d33efL,0x4af25db28440c42cL,0xbd6a15e22e91bf5eL,
-        0xe366a84cc08b6b1aL,0x759c122f55b97de8L,0xecec558f08a03f29L },
-      { 0xdcc9fca2ea9d2060L,0xb3e49b8e9f361fe1L,0xdeae39029b59cd04L,
-        0xf532ede06f5e5bd4L,0x84fbeeb936099f4dL,0x73576b1f088d2052L } },
-    /* 3 << 42 */
-    { { 0xee43828c6b512bc6L,0xf73dc9f550b91e60L,0x68f23f30f5dbde6bL,
-        0xaf2fe9e3ddd15e00L,0xfbf34dae86578d49L,0x689796556c130010L },
-      { 0x137a5fc309942897L,0xff1f0bfe9959f06dL,0x2dd0a04abd7ee14bL,
-        0x59c46072e54e2161L,0xf470bdaeea7518adL,0xce556e4340c471cdL } },
-    /* 4 << 42 */
-    { { 0x2ba8c79022b25f2eL,0xf4670a511af0f4a8L,0x6842f36a2fc2451eL,
-        0xfc5c9558bb91e1e3L,0x035d1dfcc3ead762L,0x3d0721cb031e5556L },
-      { 0x3af0cc813af18a2eL,0x7888cee2bd11a363L,0x80c3de0a6ade1d12L,
-        0xe8c3a5bd93b2dcb5L,0xe3adbd7c90a2214dL,0xfe8646d51192948dL } },
-    /* 5 << 42 */
-    { { 0x9214cd4bf1c7ed94L,0x4887c7c63738f386L,0xa72ba72bf623e542L,
-        0x3c52a464f67d6004L,0xcdb6171d09b9a4ffL,0xe5eb77d160aba627L },
-      { 0x7aa9836f39d6afdcL,0xa3fa3a520e0a1e18L,0xe90bd925dee3a4c4L,
-        0x47e8eeafd9a94dcfL,0x34302a4921e16feaL,0xe32a62eb8ae23949L } },
-    /* 6 << 42 */
-    { { 0xd1d70db31df1d1f2L,0x22ebc9bd9fec1f42L,0xde5ac585d11d3205L,
-        0x0e4584ab282d4d6eL,0xc87607928f78b85bL,0x48a85682af1fbb6dL },
-      { 0x64d012ceae0947bfL,0xab792bbf25e22366L,0x250d40d4a3a030deL,
-        0xe9b49f0877e26b9cL,0xe7d30c828c0f2249L,0x2b77b40b97c676a2L } },
-    /* 7 << 42 */
-    { { 0xa89144b89efc8fe2L,0x23625c36e13b79c9L,0x4fdea1d3a047ad35L,
-        0xd0b0ee0d4ae78e01L,0xc224b3f3eac4e606L,0x4360e8acfa41bd81L },
-      { 0xb2c69238062437e7L,0x86ce8de0decd1245L,0x2ce4be3dfa9d07bdL,
-        0xfd09aa853d268d06L,0x4cd874264a162aafL,0x1b28f72e9d45e849L } },
-    /* 8 << 42 */
-    { { 0x65026297ba958101L,0xbeb4adf98eef151dL,0x623763a460c8bbf7L,
-        0xfa8f5ad78b2a7120L,0xfd744bdf085497e7L,0xf9b6f97e2ba35618L },
-      { 0x0cebfe9df8a15e86L,0x47a6d01329576088L,0x655817a3fcf19627L,
-        0x30ab44f7c2f11261L,0xbb001c9dddf2c850L,0xb45c7eff073260c3L } },
-    /* 9 << 42 */
-    { { 0x609a02d031716f88L,0xdff6246c45421ce4L,0x544f3162142838d9L,
-        0x8842dcbe36b57d38L,0x2818919c57f561e2L,0x87f5acca318373aeL },
-      { 0x42773fb72edf1501L,0xff92c38648e9d8a3L,0x21a81668ccd5a860L,
-        0xbac5cf837328cee1L,0x7441f749ddc53a05L,0x987d3a1cb5abe243L } },
-    /* 10 << 42 */
-    { { 0x3b7c44f8fb90e50fL,0xeafeda047cc384fbL,0x9a33e377de65e34eL,
-        0x303f568095094a58L,0x4c0f2e932292809cL,0x920c9c12160b30f2L },
-      { 0x31d14e1414b268d4L,0x9964173f1eadb1dcL,0x8e22b362eccb0f39L,
-        0x81dccdf83bf9ece1L,0x8e2fda43a40503b1L,0xdb647ac13e112199L } },
-    /* 11 << 42 */
-    { { 0x9c23216f096c21adL,0xae259a6d41fa37f2L,0xefe0a8c9efe96f6aL,
-        0x5631701dd6a27744L,0xed8d0219b3017563L,0xbe2723bca0867a0cL },
-      { 0xe02bcb56687b62cfL,0xf26c0f77b96f66a9L,0x43e46251fd16fa3bL,
-        0x206a180a44033302L,0xcfa96b556121888eL,0x50567a7789dabe7fL } },
-    /* 12 << 42 */
-    { { 0xb08fb1175cf3e702L,0x7379b1978023df0aL,0x73aefc7b6f954966L,
-        0xc0fb886f76bd243cL,0x871eacc5ce09d5a8L,0x9f55b0a4e773f049L },
-      { 0x92945c84415d725dL,0xcd57391f0112ad84L,0x4762bc1d0509d73fL,
-        0x15cf97f10f1af175L,0x1f855695328c160fL,0x32cb87263b439f0cL } },
-    /* 13 << 42 */
-    { { 0xb27e344ae6361abdL,0xa53690eb474027a8L,0x500db02d683a8ef4L,
-        0x547ecd17819df66cL,0xc35cd4cc91360e21L,0x6ea003a16026dfedL },
-      { 0x45e77cda22395207L,0x1e8e103f91264683L,0x130f2d2b3bd6328eL,
-        0x6ae25c819af8973dL,0x6b0f90a0d32d7134L,0x0280a95755c62195L } },
-    /* 14 << 42 */
-    { { 0x23781958cd8bb5aeL,0xe3d30c5417dd827aL,0xf974e0076bedf762L,
-        0xd8154b6273264accL,0xf10fd9bb167b9396L,0x967c5acbe9652a0cL },
-      { 0x46775025a28fa76cL,0x17ac7cb32ece9d3cL,0x5fd8968ce04a833eL,
-        0x96ed5b49fcd20a43L,0x1d209e85289f9c68L,0x4d7473518ce51950L } },
-    /* 15 << 42 */
-    { { 0x6f5c8f3475214c1eL,0x3d5560bae192d11eL,0xd8a63ff0d7af2e6fL,
-        0x5fb858be9069fe09L,0x83956dcd8cc663f9L,0x52d30c3b838bce30L },
-      { 0xf354f6d75569122aL,0xfcef54d1fa68f566L,0xc75b01e79020dfe9L,
-        0xaac66895774b952bL,0xb2a58a299468cebeL,0xa994a3b487c81a42L } },
-    /* 16 << 42 */
-    { { 0xfa7d1236e2319f38L,0x9ba1a1c0a551d3feL,0x9ea27288beb1282bL,
-        0x1c069efa07fee8a9L,0x5749c7b55870fee9L,0xbedca76fafcec6faL },
-      { 0xa3f8f1b14c63c5e2L,0xaa1bb15694758ac3L,0x753329a9b59dc06eL,
-        0xfa8e5f5b98a92c38L,0x6b6f46fd3c2b4662L,0x716f41a1ec04c6c6L } },
-    /* 17 << 42 */
-    { { 0xa882aa6389201dffL,0x3441fde55bfcde3fL,0x220cca60cb543f54L,
-        0x2af1cb29d764d74bL,0x47ae56d0517617c6L,0x05b98dee0342bf55L },
-      { 0x214f4b11b4e28cfaL,0xa6ebcdf5093691ffL,0xe49ca185f61d29acL,
-        0xd304ac40fd8c9018L,0x196161a0f889b7c7L,0x3b704d52dcfc6c91L } },
-    /* 18 << 42 */
-    { { 0xb405aff88886500aL,0xd88008bebeeabe24L,0x9457cdf30bc931b2L,
-        0x8e5fd378f4c5aac1L,0xdec408107bc2bb98L,0xf86424c598b16f6eL },
-      { 0xb6af27b634df75d8L,0x1bd3082125943a31L,0x51176cfcec993c24L,
-        0xcfc1433accbd192dL,0x324a5e1e2993be83L,0x34169fc1d06215adL } },
-    /* 19 << 42 */
-    { { 0x41aa181ad260133aL,0x627dbe0346e236d2L,0x717fba9cfb8cc72bL,
-        0x6e21d03d69bbc9e7L,0xd903e845241abdecL,0xd17879fa3c20cb6eL },
-      { 0xe6141bd463a360b8L,0xa784a651e86cdcb9L,0x80fe8dd11f9147fdL,
-        0x641241c6de155420L,0x1caef32ba71f3546L,0x28c3a51a79fdf82aL } },
-    /* 20 << 42 */
-    { { 0xaa16c27a84a3d033L,0xc207a4990c11c9caL,0x7ae2d193aae87c9cL,
-        0x125ab459916d634eL,0x02ded714cfa65b4bL,0x6efe84944e212e22L },
-      { 0x97c48a1888766168L,0x663ccc9dd9c85b9aL,0x6fe8b77b2652f501L,
-        0x1daa602d078efd38L,0x35885364dbcb8299L,0x25bd1826b8240626L } },
-    /* 21 << 42 */
-    { { 0x6621d504af748cb6L,0x3940e5e08dacbf89L,0x9fdd8eeaf546daffL,
-        0x18fc70d4b42f9507L,0x09bc4af9a3fcc42cL,0x9199b08f4165304cL },
-      { 0x039d45bed3d0e9eaL,0x0963ede2a6464c2bL,0x77f47a62b5215830L,
-        0x3a0ce54c3e540cdeL,0x34cf6031b2be8f77L,0xeb143e60201083efL } },
-    /* 22 << 42 */
-    { { 0x21404da5442467a1L,0xe73047597f7023e0L,0x836439a8213ff492L,
-        0x105fe0e37ca0fc37L,0x73835ac85b303c34L,0xe29d830e0057ac8cL },
-      { 0x457d083e3b5f41bdL,0x228b26c357341890L,0x8e8f194c4109bf9dL,
-        0xd032cf2b6e4a39e3L,0x012e9515d88f9292L,0xd1a4cd32e957e163L } },
-    /* 23 << 42 */
-    { { 0xec56b72f4ab23680L,0x7cb58e727f22217eL,0x6e98647bd045d18dL,
-        0x2b7c9caa9a73b956L,0xc414eabef120122aL,0x45d9036bb6e1b134L },
-      { 0xe963c88388abd93fL,0x257f3b619180cb9aL,0x915fee5cb6ca7abdL,
-        0x2166402cdb7b1bb1L,0x636f85f6541614e4L,0x81f91a1849d9e527L } },
-    /* 24 << 42 */
-    { { 0x0430af7759b11c7aL,0xf71cc5b1d4f47acaL,0xe1a7905f12e9190fL,
-        0x1c689b7012db9e14L,0x6bdd3dc90abaeeacL,0x97f1c244504f0319L },
-      { 0x874afd61a7a54b51L,0xd4604ecbe3d979b8L,0x0d33eee1ebf4aab1L,
-        0xa3631cac1aa49fe6L,0x0d8340fbf2217cfdL,0xf6373284423b7e77L } },
-    /* 25 << 42 */
-    { { 0xc6cdb5ba6f7972d7L,0x7ac7d438907d281eL,0x9160a8f5c01044ddL,
-        0x3d74d7eac19ba8f9L,0xf7c7f93f112433e5L,0x2ab355a2012236d3L },
-      { 0x1168ce913009447eL,0xbefde8dba26e3458L,0x6f9837db49ec8169L,
-        0xb4d1e35c86782931L,0x41440a76d711e5f4L,0x8fc7a5aeacb5cd89L } },
-    /* 26 << 42 */
-    { { 0x73719fe8286e8aa5L,0xff8663419982a4a4L,0x684511702fb2db95L,
-        0x4f1c0eab01d80ea1L,0x2bc50da5530af14eL,0x00d1d5b506071a95L },
-      { 0xdb618990a6b374b1L,0x06ad90084e79ebe5L,0x281d01a424a63b70L,
-        0x87dbd6d5348625fbL,0xdc90f0bef576b1a9L,0x1a9ef270987747a3L } },
-    /* 27 << 42 */
-    { { 0x135e416ed651b9b0L,0xe55f7f104a5e7979L,0xe55df2550f0729d2L,
-        0x666f2744e33ada22L,0x4968bb982cbcb4a8L,0x7ad4e7811028dd81L },
-      { 0x0e59f0dcd7ca8b60L,0xd71628cdd2a600b2L,0x7eaf6d308b0af99cL,
-        0x6224b6452900105cL,0xe0513f4388650f12L,0x2a63822a6f6c5234L } },
-    /* 28 << 42 */
-    { { 0xf8c07373078a045eL,0x998b2d52a81724d2L,0x2b97faf1a6305a28L,
-        0x5bc61f67f3e0f93dL,0x7238583cd7aeb8c1L,0x851ecc4b39f5f24bL },
-      { 0x1cc8b4689992c20cL,0x73168a863c8553dbL,0x1b9a5f95ba2641adL,
-        0x87a0c362ce9d565bL,0x07fb51b2e1eedc62L,0xdb300ac6a973903dL } },
-    /* 29 << 42 */
-    { { 0x789ca390f33e8516L,0x6a7f594cdee7f1caL,0xb4b6b9ca988005a6L,
-        0x14f7b4806cad024bL,0x682a86285a576b68L,0xf188c74e40e1984dL },
-      { 0x3584b5e6bf6f19c6L,0xa350b1d2b7467bf3L,0x3b3bb966aa3d1266L,
-        0xebbd2c782804d8a3L,0x91a272d36a9caf4eL,0x553ada4158fa7041L } },
-    /* 30 << 42 */
-    { { 0xb564a0d9807e30a8L,0xaba07b1534a637ccL,0x010e76c5840d8e37L,
-        0xb6dcb9ac95f6765eL,0x2f5f8fe103b3ec08L,0x10c5a24fb48363efL },
-      { 0x5ddacb2709c4dc1eL,0x8e2884b1e03bafc5L,0x84d56df3cfc2d599L,
-        0xc8e2da84ab78ec0dL,0xace4663f900084c6L,0x98d9a1df5d49f42eL } },
-    /* 31 << 42 */
-    { { 0xb10ca6eea690d9c8L,0x0b8b39efd5e0d490L,0x2685d320e63807d4L,
-        0xca40d0ee83116ce2L,0xe1e1434fca51b48dL,0x178a91afeddde4a9L },
-      { 0x64f59e3fd0dace59L,0x57b33c26278b1820L,0x2ca13b041550875aL,
-        0xb21f675a4e0db4aaL,0x2bbb3edb0216d3c8L,0x7f39955b96ec8017L } },
-    /* 32 << 42 */
-    { { 0x78a53b5a9563e3bbL,0x19c75eb286af355cL,0x3520f427019a6f8eL,
-        0xde6fcad6dc3ad0baL,0xfec96e4f79745b7cL,0x5e566bbdb133f2dcL },
-      { 0x50088a2b26561be7L,0x16275b4cc5fddfc7L,0xf21332ff23ae4b9dL,
-        0x8cbc659e85246712L,0x27fa9c8df50b515eL,0x25ecf745494ac8b7L } },
-    /* 33 << 42 */
-    { { 0x7cb130e0837ab43fL,0x8a1f00127b9f6c17L,0xbf827f6d17fa5e12L,
-        0xc181b1264914a231L,0x8ce70fb6986288a8L,0x9832863fcd1c276eL },
-      { 0x738e99819622ecd1L,0xdfc1b43cb73807abL,0x7254b4cf1b673290L,
-        0x2d689f38fb20f902L,0x86460de83c34960eL,0x8453896aed8f62e0L } },
-    /* 34 << 42 */
-    { { 0x9f74efc606f4904cL,0xa280e4c26d3bc556L,0x974f9bdb75975ee2L,
-        0x1bc0e7fb6dacde9fL,0x2a110d4c49649375L,0x045432c09090d834L },
-      { 0x84295a20195083cbL,0x92ea17cac7dcf71bL,0x3acced0be70be8c7L,
-        0x3703dfc007e28816L,0x37fbf2d1e869fb8eL,0x8c6b0bbef9c35ff8L } },
-    /* 35 << 42 */
-    { { 0x04a991812f1d2778L,0x0d78573685b91ae0L,0x8c32d6046a5252a0L,
-        0x12b043131a0df85eL,0x40c4db631ee669b6L,0x0f499408f18f5f9cL },
-      { 0x0dcdefabbfe9a187L,0xbd371c45ca650d7dL,0x33819eb00a36748bL,
-        0x82d1af1f29034844L,0x301f906d96257b2fL,0x862728ea9395c666L } },
-    /* 36 << 42 */
-    { { 0x33a2194f40175152L,0x0f7ddc1dbb13f08bL,0x7c08860850b54274L,
-        0x7ebb2c11e41f0795L,0xf915683fbe20d37fL,0xcbcc14889daacec5L },
-      { 0xfb02c20fea459050L,0xe964d76ad5815aa3L,0x0e009be9496bbf2dL,
-        0x8233690eb42d0f7fL,0x98ee83d49168eb0eL,0x34c3b6f3621fa292L } },
-    /* 37 << 42 */
-    { { 0x29555d79b0221994L,0x1dd689dd4c9e8f29L,0xcb83ed2c853f5261L,
-        0x04b1475e0d9b0670L,0xa28b15e7df2ec34eL,0x094409b5e60a168eL },
-      { 0xe4b9fd0e16ed42fdL,0x02f97e84a138f2f6L,0x91dc216ce13520dfL,
-        0x59564eda7a245e5dL,0x825278be8478befaL,0x69daadd20328c4d1L } },
-    /* 38 << 42 */
-    { { 0x6ffade389995db43L,0x88974055790f4b92L,0x082e5add525d19e1L,
-        0x002c414897bd9931L,0x3f093b3b5461cff7L,0xafc95b0042b8d3f2L },
-      { 0x0a8f7687a993155dL,0x1edfdf616c2bb58aL,0xb5be2d4fc44049e4L,
-        0x6fd505bb8dfdf4e7L,0x5386f02a41af5871L,0x8178817569121027L } },
-    /* 39 << 42 */
-    { { 0x1deada722706171eL,0x1baf4c9aee773c6cL,0x458efac06977d673L,
-        0x1f2c2f38646e29b5L,0x36ece91a53323300L,0xab51a49bc4d598e8L },
-      { 0x7802760ed8e41d8aL,0x2996f790587425a5L,0x227165b73ca21bedL,
-        0x0d9e5c5283536ec3L,0x6232f2e089701806L,0xc55e80a2894e2577L } },
-    /* 40 << 42 */
-    { { 0x437b7224641e3bd1L,0x84e39f7980a58460L,0x68e5292709759523L,
-        0x0176a3ace77f5904L,0xde92fb15e151e242L,0x79965c9aeb1438d4L },
-      { 0x318a810a596700b9L,0xa8a6ec57c2198cbeL,0xd7709aaabf030fd2L,
-        0xb432023472f5d326L,0xc9945214b03bce50L,0x0bc06d9bd4ecba09L } },
-    /* 41 << 42 */
-    { { 0x30630eefaadf21b4L,0x94896f68042fb57aL,0xe678fc3eb312e7daL,
-        0x325cd2bc5c94c991L,0xd4eece20bea4e518L,0x9d9d65e925eab2abL },
-      { 0x5439c348676454e8L,0x9eb68953be1e48ccL,0xbeea9da27b625a31L,
-        0xbd82c6ee48cc200eL,0xba9fc94444b9dc77L,0xb31bdebe1eb9283aL } },
-    /* 42 << 42 */
-    { { 0x1ac1a09d07abf58bL,0x7372e532b5770f9dL,0xe1716687c12fe180L,
-        0xd91f4d36c715009eL,0x5d8885cfd6fe1cd3L,0xc0ab5a13aea65e52L },
-      { 0xa5fe05a0838e5e05L,0x590cc325971fb33fL,0x3bd8234a4653bf57L,
-        0xb83300373708c1aaL,0x27453d3b0e84e8fdL,0x9dd3f05399cf918fL } },
-    /* 43 << 42 */
-    { { 0xaf6f26c3a36468a3L,0xcab875f28d9fc8deL,0x0209b1ad52f4479dL,
-        0xc9941cb5459542cdL,0x91603260a0212b68L,0x98018317345673edL },
-      { 0x2b02a35ef98b810fL,0x15953f78b714fb32L,0xf9f9c61eb71a4b4aL,
-        0x959b1473a8505b7aL,0x331d32cb4c6ec97cL,0xb1d2dd44e49f189aL } },
-    /* 44 << 42 */
-    { { 0xdfb0508345c0a2acL,0xd13790035eacfb2fL,0xe9872d766a2e126cL,
-        0xd2a89cbd39a02d27L,0xf45baf72d754b7c2L,0x37985ef8c6c61bafL },
-      { 0xbbcd3ef2da1c46b1L,0x5af5dda43a355d83L,0x9f7ce4281d67a984L,
-        0xf19526926fa33654L,0x2abccb55567b3b71L,0x1b3704f3300cf29fL } },
-    /* 45 << 42 */
-    { { 0x9dcfaf21712af69cL,0x26de8fb05291cd70L,0xc778294742072171L,
-        0x889b9fbc8c617e24L,0x5971e60cc2926862L,0xdd8e70bddc022533L },
-      { 0xc783e1e30a369db0L,0x37f562ab07b2bb92L,0x5043f3d40c060f44L,
-        0xa9650f47a3e17ac4L,0x3b8cd7ad18010ceaL,0xeed5de39969849e7L } },
-    /* 46 << 42 */
-    { { 0xf93c3ccb6044ade6L,0xd14a13f8fd376746L,0x1fc20e6fd718a98eL,
-        0x9f63c6673e31573eL,0xe99b7693a8e0c66cL,0xdad4615c1e5b5f5dL },
-      { 0xcbdb7200ac98f5a3L,0x31414469668ab045L,0x82e92df9bacf0ac7L,
-        0xa61f4e8371bfdf94L,0xce8cb699d1bc5deeL,0x42da8ac72f2f837cL } },
-    /* 47 << 42 */
-    { { 0x0b6252fc32a4e8a0L,0xac1e457dd7170402L,0x76faaffeb121e40fL,
-        0xd2dc3cb84ddebd9aL,0x303e47cf362348a1L,0xe37e824a829d9806L },
-      { 0x419cc2cc7c2ec135L,0x3eab37024cecfdceL,0xf0c9f19088403d18L,
-        0x73c8984daf61b6a3L,0xa2d44d9e00c232a1L,0x61fdf4883cf1cecdL } },
-    /* 48 << 42 */
-    { { 0xa1972c2196fffb94L,0xbe04093099d7633bL,0xb116ff407e23d66eL,
-        0xcb12b2bb949a19f1L,0x75df10ee79e49e91L,0xa3bf90764890bcf4L },
-      { 0xcbaa76a609a30252L,0x17c224a90ee5728eL,0xcbc56e5cf4f3f4cbL,
-        0x8a07110f4fe868a5L,0x23289f2125e110a2L,0x0289c12bd7693c45L } },
-    /* 49 << 42 */
-    { { 0x4a9c6f8bea96a0f4L,0x78262a3499e3aaa3L,0x513a8e2028b2634bL,
-        0x5ba40287d85d74b0L,0x5702d11d440fcbbfL,0x1933c88a0df91fbdL },
-      { 0x642247909a0aff2aL,0x85dc2ca13734398cL,0x1009884fd7aa787aL,
-        0xc666a62a0e73f4f5L,0x491bb941cce66210L,0xda8e896bcd173443L } },
-    /* 50 << 42 */
-    { { 0xdc9b37a7c6e32022L,0x158cd4bb342a148aL,0xd62d371cf06287a0L,
-        0xba027eb6e9fe0a01L,0x8e7c6f5372017d09L,0x13c5d6ce9381d9c7L },
-      { 0xbd0bc2d46e32f045L,0x52cf0f2554ab7f2aL,0x2e674e50085643f2L,
-        0x77bc15aef1662819L,0x57f9e3c4f2ebe66eL,0x839aaebadd284956L } },
-    /* 51 << 42 */
-    { { 0x752bc171ed9d735cL,0x76d96d3419ad5c26L,0x9549ad3e25c1d83aL,
-        0x8f6fed53cd460d20L,0x04504f7c7b619b69L,0x68265559c566f393L },
-      { 0x5e39e108804598edL,0xace859b01f4538edL,0x4b8503070c85e5daL,
-        0x9f087821abcd4ecaL,0x126d3850c8d0def4L,0x66971fe5263457b2L } },
-    /* 52 << 42 */
-    { { 0xa82ac9983a4bc15bL,0x28697435c930e4f1L,0x191ebdb6b0c9cef3L,
-        0xff05f8e875748872L,0x5b86940237343b20L,0xa7bce94beedfe44fL },
-      { 0xfc271e2778f4e1fdL,0x652c5a187734db66L,0x108f61c87efc9a9cL,
-        0x01db328970ed1dc1L,0x2bc509afd249f61cL,0x0d2e6b4cfeed393dL } },
-    /* 53 << 42 */
-    { { 0x691199d77a477295L,0x1f0679a661746b75L,0xf3a51493c9f936d7L,
-        0x1fcb336a445af5f6L,0x9880cdebb94ce08fL,0x784fa04a22a6b57aL },
-      { 0xc85fe18caa97c3bbL,0x27294a3baabe9b50L,0x9418a5b7b673c915L,
-        0x686cd97a15dceed5L,0x6d1c9dc70f22ae6aL,0xed88e02dc02212d3L } },
-    /* 54 << 42 */
-    { { 0xa62c358dcf616234L,0x85402ffad40aae7cL,0x315ce9f151a7614aL,
-        0x6f7e796f5d0c7d7dL,0x73bf57faf3444d22L,0xb5e71e7a224b77c0L },
-      { 0x94c40681541ee741L,0x40c97253d6837e1bL,0x1058fe7bb1f1c742L,
-        0x3206256f9b24d65cL,0x0abb12a78169ba8dL,0x01fcdb7beae85db9L } },
-    /* 55 << 42 */
-    { { 0x868f294309fdbd8aL,0xd9c11e7ebdd6c274L,0x3be4d8e7fdcb4fb7L,
-        0xcd8c40ad17305d10L,0xf12c97642abde5eaL,0xc9e16d8256776e80L },
-      { 0x279c0248df05235cL,0x4bdd8b136d8e4b89L,0xab8bbe8d7c47d2c5L,
-        0x12ba8b9e255c665cL,0xd585ce64d140a518L,0x55947e69eb4d353dL } },
-    /* 56 << 42 */
-    { { 0x06ba6db1f184c91fL,0x3c0a348a45fd0382L,0x0d535b6e4434b527L,
-        0x7bbfa2c8692bae0bL,0x5c59a08ebe7fe51cL,0xbaa7d2be36e80cb8L },
-      { 0x8a42d8d1bed3cae8L,0xd9e0bc0d15ff4962L,0xe51fce93644c75ffL,
-        0x40222561b9392d63L,0x8ab1d286023b4787L,0xfa85c220a1b3190dL } },
-    /* 57 << 42 */
-    { { 0x294845c28ed1d81eL,0xc0402af2dbe7fdbaL,0xbb56d86d67abe6a1L,
-        0x2e61f65b2ed330e4L,0x2893eaebffdf0fd1L,0x06cff97a75fb77dcL },
-      { 0x2911ebac1c90fe64L,0xd9c40d77e5ee3458L,0xf5b8b1d4b355f191L,
-        0x5be71a4ef365bc6bL,0xe2db432f5277b244L,0x3272a28327235b87L } },
-    /* 58 << 42 */
-    { { 0xe5105755e6b16cbfL,0xba9fb47b536a49f0L,0x03ac0c10c75ad751L,
-        0x9090bc328a2d65a0L,0xcecc7202852b3d23L,0xd214f70128f67958L },
-      { 0x379899b1f3695cabL,0x8f3d02e9bd3342c2L,0x9870a7f9e24e7bc1L,
-        0x7277e115f723893eL,0x6932ceef0f6f1936L,0xd0bf06dde171306dL } },
-    /* 59 << 42 */
-    { { 0x815cabeb17832ce7L,0x65afc856a2a4864cL,0x9fe4ae1aa4939a4dL,
-        0x7005cbd90729a3c0L,0x887f0cca791e8ad6L,0x55cad97a85aca45aL },
-      { 0x3e89d294493c7dcfL,0xf4ae5277ae8ed154L,0x507a3fd0a08fbcdbL,
-        0x4df3c552f86677fdL,0x6529f9ace3a82131L,0x09efe1fba53a7c67L } },
-    /* 60 << 42 */
-    { { 0xbbcfa42d21fe8f67L,0x82983012de2be980L,0x88bb9704aa8e17a0L,
-        0x100ad5e784772203L,0x2867168965479d29L,0x0334f9c5c2d9d5d3L },
-      { 0x49032c1a83a6cf83L,0xc257b0901dad479aL,0xf64177dea7e3636cL,
-        0xb2b5747874a315abL,0x210b11cda170ccbcL,0x80509b7480d80177L } },
-    /* 61 << 42 */
-    { { 0xe98ad30696993a74L,0xa7dc8330f0484940L,0xc30319fdd61b83d0L,
-        0x76e2755809873771L,0x33f4f43ecaedda98L,0x68d5ffe3639c8d3eL },
-      { 0xe3cf3b850059b2d9L,0x7f3ecb2f6a3d057eL,0xb569c24b9b8b7466L,
-        0xeed92f2ac38ccd58L,0xc16a4e8ce765a2f7L,0xa3a7b6552de9cb38L } },
-    /* 62 << 42 */
-    { { 0x496de6fa0640df83L,0xa4e500a36c77c97dL,0x45609036947aed3cL,
-        0x0edb9422423fc5d8L,0xd0c01b2e68f70746L,0xae44ae0e6d77f3a3L },
-      { 0x7cc7e90635adba9cL,0x107a3b46a8413303L,0x9e3eeab98916817eL,
-        0x1a99dab86fb74601L,0xb4e8466c1064b039L,0x249149146fcbadeeL } },
-    /* 63 << 42 */
-    { { 0x89643fa624798452L,0x179b3bd76ee52833L,0x343096e54430c6b3L,
-        0x589dba3323461536L,0x59073225c3433575L,0x540f9ce317d80d42L },
-      { 0xcd04b14d3aea6c82L,0x9be179b0efc9f455L,0x0ad6fb0791e57cbaL,
-        0x33894fa262706b10L,0x2cbc270886bf6926L,0x2cf067e64ea48c6bL } },
-    /* 64 << 42 */
-    { { 0x298647532b0c535bL,0x90dd695370506296L,0x038cd6b4216ab9acL,
-        0x3df9b7b7be12d76aL,0x13f4d9785f347bdbL,0x222c5c9c13e94489L },
-      { 0x5f8e796f2680dc64L,0x120e7cb758352417L,0x254b5d8ad10740b8L,
-        0xc38b8efb5337dee6L,0xf688c2e194f02247L,0x7b5c75f36c25bc4cL } },
-    /* 0 << 49 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 49 */
-    { { 0x36c9dbbefda8520eL,0x573507ce6ae3ea98L,0x1ab38db696a8f9f1L,
-        0xe031d2356b01e6bcL,0x10466ae68afc4adaL,0x3b35df41ed9c44e4L },
-      { 0x61272c12c7bd99e8L,0x6a4ae7b4805afd79L,0xf4c47a910ecc49ebL,
-        0xeb95dfeccbe84d5cL,0x43f3b71c8ee497d7L,0x2547af524c6fece4L } },
-    /* 2 << 49 */
-    { { 0xe323ed0cced45039L,0x04ce0b67a90aa713L,0x9c092f06e8d68e4eL,
-        0xd8f5555ad0742e5dL,0xe2d175bf00d3df92L,0x8ca55f154f71aeabL },
-      { 0xd1762d72642d391dL,0x0dfdd3c2aec466bdL,0x2caacb4c6281f2a7L,
-        0x635ba4703603e53aL,0x94a9811d49fecf29L,0x3a42cf09466bf361L } },
-    /* 3 << 49 */
-    { { 0xe63fbb10b5356889L,0x5995a0a92e73aba2L,0x5cea30677afd4bf7L,
-        0x4494e39dfd37120dL,0x8c572c7249d718a7L,0xfe159c275fa305fbL },
-      { 0x751c217fc276c40fL,0x44d0643c45e40857L,0x9a996e6efe7a6486L,
-        0x1a4f6d10f53b0e47L,0x651390ecd15fd593L,0xe0c1181d739ee9eeL } },
-    /* 4 << 49 */
-    { { 0x0f05710b11bccf2fL,0x7113085a7aec1bc6L,0x137da67a46b8d0e2L,
-        0x454b89fc698b78ccL,0xf2a6e1de258a9393L,0x5f1804e716488e69L },
-      { 0x7c6c550215b3bf35L,0x3b0e09a5b05c2ec1L,0x4b9de30e92f15247L,
-        0x09d4ca9327e70a0aL,0x9c8b16340d149363L,0x54a8287cce642137L } },
-    /* 5 << 49 */
-    { { 0x3a05e7d5ca2af43fL,0x068953f975009801L,0xd6c8a76c06740141L,
-        0x7e1df1038a831fa9L,0xfe06e2bae39046f3L,0xda5264a0e1807c29L },
-      { 0x1be4ffedff5d4808L,0x299d6537c52be83cL,0x1b38adba11834a9cL,
-        0x6074a60b1248fd42L,0xd9a0bd2e041b5430L,0xf222ba84a7b76b03L } },
-    /* 6 << 49 */
-    { { 0x49ecd6f3346a764eL,0xe46847f14105e657L,0xce9cb2b57550f608L,
-        0x45f1a1f7f4cf062eL,0xcdb19a112c27d38aL,0x36d375b284e50b19L },
-      { 0xf43691540dba6405L,0x4c9dc863040354dcL,0x7229e70ea24d09cfL,
-        0xe72aa86c7cf6831bL,0x487fb68425392838L,0xe88bed04430b9b47L } },
-    /* 7 << 49 */
-    { { 0x9f77b8c5d1164788L,0x45bcd4c1d7b5c5dcL,0xed22ecf3d88c2357L,
-        0x330272ad07de1cf8L,0xd9749f7f4ca13a48L,0x4964ce5d1383ce08L },
-      { 0xc033d516b0d0dbb3L,0x056ae73bf51943c3L,0x495cf7e057105e88L,
-        0x08ced52e56462560L,0xe9578aa713ca1a7dL,0xe9b045c5a9717f7eL } },
-    /* 8 << 49 */
-    { { 0xf8a8499b666fa8a8L,0xd0f9401571bba84aL,0xb85e1b1d515e1328L,
-        0x88a2636ba941e788L,0xa045241d2b5dd8d8L,0x161be476332f0350L },
-      { 0x96c4b205a18fac6bL,0x5cbe8d5e73fc5337L,0x6fc33fc6d00b6029L,
-        0x07a914ee89aa3b79L,0x35353eb7a4d4dd00L,0xc026bdc0673e8956L } },
-    /* 9 << 49 */
-    { { 0x1e551f9bce0b6f8cL,0x1fe7ea4618495e1dL,0x3f6f28742dc0e878L,
-        0xb778c12844c43f20L,0xbddc28eb8a250230L,0xd8571a4aac6c3d17L },
-      { 0xb9dcaec9730c8a1eL,0x512cee9993fbcf87L,0x0df3a1379bafe001L,
-        0x8530e501e2a2b9bbL,0x6d38ba8995ebf91fL,0x704b81a7792cef7aL } },
-    /* 10 << 49 */
-    { { 0xccda372167103852L,0xf78d22470c54de53L,0xebd16036afa44aa5L,
-        0x7b88024864a24ab9L,0x86b38e961c2bc78eL,0xd0aa0d058d63b295L },
-      { 0x24912955c62fcbf1L,0x77a68156b9ac435cL,0x432401c71b360b26L,
-        0x091f19f34c58ef8cL,0x3a4a61f483d46c9dL,0xad0e5c72e8d616cdL } },
-    /* 11 << 49 */
-    { { 0x668d598ad1666826L,0x6ffed334fba0ba63L,0xe71e3359d7cddc30L,
-        0xa9c15c2d9fb9998eL,0x6966d350612230b9L,0xbca3ed23ae4fe0edL },
-      { 0x537cac1b3caa3edfL,0x4f4a737ef33c180cL,0xf8d8f796f8807a7bL,
-        0x5c7cf072d1aab3e2L,0x7f0ccb9dfff736e4L,0x71bf0732ef11266aL } },
-    /* 12 << 49 */
-    { { 0x33b029bccdaa6831L,0x2548552d4c1f9cedL,0x35f1a002dece1c8cL,
-        0xc6b87fd7acc23aa5L,0x0b8bb275bab029a4L,0xf07bc06730bfb42dL },
-      { 0x1688ff5d1f69ce9dL,0xeedb7b5edb10585eL,0xb7a88cf0d432c197L,
-        0x20731bdd015a350aL,0x5fa1835463223f5cL,0xe392e1318024693fL } },
-    /* 13 << 49 */
-    { { 0x61ada737c3449cb3L,0x071062504ca876ffL,0xcd98a39001d1403eL,
-        0x197c845096ded881L,0xd060160568cacebbL,0x7e1b37d1dc3ddff4L },
-      { 0xfdc1bcb5d1725e92L,0x11cbe941bf0856d2L,0x63fd35d050199657L,
-        0x208a1047b9790d10L,0x52790ce61af4301dL,0x75e6d83beff28b69L } },
-    /* 14 << 49 */
-    { { 0xdfaeea0a0154731eL,0x9e53419de15a0388L,0x2ad6a83c25a992c8L,
-        0xa2ba020fe125501aL,0x894ebaf8d4dd04dcL,0xd48cb95850765559L },
-      { 0xf9b58d0980dec92bL,0x2a0e11659da299d7L,0x3c081853efe9cb11L,
-        0xb9f3b702a511c5e0L,0xa8f7a25f70486180L,0xc0358b25591b3e2fL } },
-    /* 15 << 49 */
-    { { 0x00333fa6fa806947L,0x7e4dcfb3504b3e19L,0x8326b0acad4a5dfdL,
-        0x9ffc65eac7b12e49L,0xed3b7c0258d16eeeL,0x79fccfb434a4222eL },
-      { 0x4a8070a0e556357fL,0x554fe2c9ec97769eL,0xcc405a57da691714L,
-        0x12927897856f590eL,0xd4805b93ba198dcbL,0x2649be2e4b18444bL } },
-    /* 16 << 49 */
-    { { 0xf36e8398eaddf274L,0xe41553a16a5e4ddbL,0x36ab07464efc5b0cL,
-        0xb211e59ad316c434L,0x2515ec9f16ccf839L,0x6ecb746503dc6a07L },
-      { 0x842b7275c65c1b07L,0xf7ceeec535750ab6L,0x967d711ccef5255dL,
-        0xcd3bfb075108cb92L,0xe50c0d8aec1b9740L,0x9e8d56611a9e6308L } },
-    /* 17 << 49 */
-    { { 0xfcb12ba3aae18c46L,0xb55e959c6e21d463L,0xf720d19f4a4f6f21L,
-        0x1c2ff60ed4320c5fL,0x4ce5e1ac1a1b40b8L,0xfdebfb81ff6fb9a0L },
-      { 0xd6c37d8a9c67c07eL,0x55167952012fc09fL,0x5dc722b52c306c4dL,
-        0x1efad8d2bc1f65e1L,0xa1478f3da52556ecL,0x54cbfb884a795dd5L } },
-    /* 18 << 49 */
-    { { 0x84f8ea13ccb8a36aL,0x5f7aeeffa05709a2L,0x4942d04e60574f37L,
-        0x855b13e9e048b400L,0x747e4067a6b59c09L,0xc349fb05074d3990L },
-      { 0x398e6afaec2c7e03L,0xce361865ec2d5a4cL,0xfc04bf8eb6f57d22L,
-        0xf0e0b84c759ce6c6L,0xb65141235ee7e528L,0x8ca144bdf5c0f9b9L } },
-    /* 19 << 49 */
-    { { 0x5868449bc6e0124eL,0xdd65ffc1e68ad5eaL,0xe126665f4f577466L,
-        0x8ade5cee2defe8deL,0x7c1cf7f07beddf87L,0x0e0e066a362c5956L },
-      { 0xac2aff4e15563b47L,0xa28ab875620d1299L,0x91f67b3fd8caa497L,
-        0x91bef53394fc08a3L,0x0fa27d9cd99918f5L,0x205b6c1f60b67bd9L } },
-    /* 20 << 49 */
-    { { 0xc1370daef6a58536L,0x6f2e5b37c56b0ae9L,0x5511d68292f6b6a3L,
-        0x2e9e5034ae575249L,0x3e5a32f81d14bed7L,0xa346a86f75efd17aL },
-      { 0x4f2510a60309fd7aL,0x689ecd74d0b1425eL,0x9e9bebe19f771e24L,
-        0x20188045adc5b48cL,0xe49811b6b845230bL,0x420855ec5a8687f8L } },
-    /* 21 << 49 */
-    { { 0x705a9ab30aa1a423L,0xcb01466fb49830c4L,0x1db1768581a75897L,
-        0xcaacb855e341f157L,0x9b13cd497a0d3c38L,0x119b4d47e177fcb3L },
-      { 0x0d8f7c2639788712L,0xbda0f3180642bd4aL,0xdd4bd88bd4616239L,
-        0x9a3ecf978df1b895L,0xd0d54caf4a6dc07fL,0xa7ed6bfb31810203L } },
-    /* 22 << 49 */
-    { { 0xe650e49abae1b94dL,0xb6b162e6e3199794L,0xdc706859b4ec0480L,
-        0x28b618c24b1a06caL,0x0929a001403acdc2L,0x796dfd972da3aefdL },
-      { 0x16389072ef4c1673L,0x600d8bd7fc94a4f5L,0xf003214de5f386a9L,
-        0xa7af0499e62cbb48L,0x750a3b00de82bad5L,0x6c615b838e7dc8eeL } },
-    /* 23 << 49 */
-    { { 0xe1916cb4eae432e5L,0x81f3e48acc193889L,0x54d58685ba922a4fL,
-        0xeffcc528bf11b76bL,0x2f70d38f8171c971L,0x547ce8ccb3a5669aL },
-      { 0x3acd91b878e6d0beL,0x372dbf2c689c2913L,0x9fceb5bbd0aae543L,
-        0xc601f9622830a977L,0xd55e74509f874dffL,0x77ff8ab4822878caL } },
-    /* 24 << 49 */
-    { { 0x283eec26d71543a6L,0x98fa08bea7627841L,0x269a83b827ad302dL,
-        0x225f2f12bde3fdd0L,0x046fcf380130b3a6L,0xea733c1ac3ed9043L },
-      { 0xf870f14d70aa08d1L,0x643d18b834391e0bL,0xf3e1d5f4847be772L,
-        0xa9498223d0ed73a0L,0x6933ccf014b3babbL,0xc2439ae437f08f70L } },
-    /* 25 << 49 */
-    { { 0x503414d0f2cb5475L,0x51b9497cb24cbf9eL,0x57359dee2f4c7746L,
-        0xee7125c3f3118a94L,0x2f0db706e4ea33d6L,0x885e8c3eddff7f63L },
-      { 0x752f594b628432f0L,0xcfadea7779852e2bL,0x4f733b8ba2ba4b7fL,
-        0x163c8c2e530f763eL,0xf95a7b57ff05a7e9L,0xd4768d242d7be01fL } },
-    /* 26 << 49 */
-    { { 0xb643f4e0f88d049bL,0x5e0ac1fb12682fcfL,0xeaf7874d9f981c8fL,
-        0x9c2adfd2b1af779dL,0x9a7abeaddaa8c275L,0x09ad552124cacec4L },
-      { 0x069cd5c40ead1646L,0x5186bf190a6157d1L,0xcc222a9396503506L,
-        0xfeaa7bdebd29686eL,0xb0d65b0da7257c8dL,0xc31c0a8898aa227fL } },
-    /* 27 << 49 */
-    { { 0x5495f21c9fe88a48L,0x01f580ac590c1966L,0x1ad433ba39810166L,
-        0xecbc67003a5187f6L,0x38d36c3bd4216887L,0x49653585e27b615cL },
-      { 0x2a70a1d9e773db7eL,0xe36d967a63c1c048L,0x51cba60d26d15862L,
-        0xb633839fd5a6b746L,0xa6a756a2ec1fc364L,0x37fef8d24cfccb6fL } },
-    /* 28 << 49 */
-    { { 0xb4b7651f5be1d45bL,0x0425200a7f0cf680L,0x200d12b48960be95L,
-        0x02fdd1a14945b193L,0xedd70e3e27d046d8L,0xc1cc086a83f14e12L },
-      { 0x1580e72b2629396eL,0xc87439dbf9ed73c1L,0x5debdf30a90c5128L,
-        0x0b6c020e9fbe14efL,0x168da56a0149a0b0L,0xc66a4dbd79c58ac6L } },
-    /* 29 << 49 */
-    { { 0x6ecd9c41596b8890L,0xd25172fe210d9613L,0x1ce8abf872b97aa5L,
-        0x355899d610faa675L,0x003b69adf4ddf011L,0x6736cd40ec2d1af9L },
-      { 0x8069a0ad4f85ac72L,0x5c31d68b5836cfd3L,0x8e9486eaa5ec1473L,
-        0x8e175c4a1468cebdL,0x58b3d2b1ffaf2f77L,0x4fd21681a17a3e00L } },
-    /* 30 << 49 */
-    { { 0x800aec84330b8e2eL,0x1a2c033e335837bfL,0xf1a91551fe6f6dd9L,
-        0x326c42b21de7360aL,0x300e740b7b66f9d5L,0x53bcc70068ce95d4L },
-      { 0xc9e225ac3d80f228L,0x64b2ad4e6977dfdbL,0xac863b0801f23221L,
-        0x0517a648df11e5f7L,0xbf7aedcb68d11050L,0x2607e33777b3029cL } },
-    /* 31 << 49 */
-    { { 0xcb1955e44f4706b2L,0x0821d4663acaed1fL,0xbe822db07f8b43deL,
-        0x3d11573f9b1c83a1L,0x6c052118201eab83L,0x294c5060dfe340d7L },
-      { 0x994a4bde0644005bL,0xf1519f3258fa0552L,0x9077bf5bd4d0d39bL,
-        0xebde1ff0e6204ea0L,0x58a68e09829130a7L,0xda64eb8596961bb6L } },
-    /* 32 << 49 */
-    { { 0x1afa6aa6206add5dL,0x66cfbbae150ea4c9L,0x07fb920b5d36da4fL,
-        0x144d51f9291e774fL,0x26c2c134f40d87a8L,0xc8cf3524a932f1a0L },
-      { 0x35bb2a425aeb0bdeL,0x5cfcc1dac4be960aL,0x5c40cabfaa1838edL,
-        0xea0c05ffe2855f1fL,0x931ebb02fd525934L,0x31a7b78f16246fd4L } },
-    /* 33 << 49 */
-    { { 0xbe055fead42b36aeL,0x733a05ed819ddf8eL,0xa00fa0a15c9a6102L,
-        0x0ed363273c0af634L,0x5b5a62b4d5970a32L,0x9d7557dfca954cd8L },
-      { 0x30314f0c6daf871bL,0xaa7c42a96267b2abL,0xc5d1f0d6132bc62dL,
-        0x77ac94df7ed26084L,0x0d256fdada34e1f6L,0xf0259d1caa4b4dd6L } },
-    /* 34 << 49 */
-    { { 0xf576c69e86ccb00bL,0xc870c07f5781803eL,0x91d4c0c6b1869e56L,
-        0x9c2729397d940416L,0xdad33f73c4d0269bL,0xe2baf5b8838c9198L },
-      { 0xd8bb9613218414e4L,0x5e9f7b67c980ca07L,0x1e2d4e63165079fbL,
-        0x6ae5b17f983b3fadL,0x1e66b8380c24e22dL,0x80cdaec2136e0be8L } },
-    /* 35 << 49 */
-    { { 0x98cb12d93fc277f4L,0x81def3ee160b8743L,0xa1f07ebb11711fb6L,
-        0xba17dd15a95b3ba0L,0xb25f1c78bc158f33L,0x1bb83cf27841e8bcL },
-      { 0x57ad928abf49233cL,0xc94fd746bdad3f2aL,0xf7c716ae4a4c6600L,
-        0xdd0e3117060a78b4L,0x85e8851a860764b0L,0x3342d974bce0d787L } },
-    /* 36 << 49 */
-    { { 0x2bc4e37a719793feL,0x1543af2aa68ceea3L,0xc99cb391aabdea45L,
-        0xc890e546f0b8eea7L,0x8b75b91feb4173d7L,0x9d52d04bef46f637L },
-      { 0x0929f25d878ff734L,0x7377235fb6c43342L,0x657835cf6eca900cL,
-        0x7b752665098bb5e2L,0x320d09b6b8a61442L,0xec4f8182cf5b8023L } },
-    /* 37 << 49 */
-    { { 0xfc5f8feffc788160L,0x7d552625f73f48a3L,0x4eea435145c02498L,
-        0xb5f5de5bf8f8af26L,0x78f1c499067b1610L,0x6e0d1b14eac18a29L },
-      { 0xf8be2f6c052af916L,0xd8cee5668876af81L,0x99a27ec31577bd90L,
-        0x3ac529d242919f4fL,0x1215428c7fc05dd4L,0x99ef01e450f67e87L } },
-    /* 38 << 49 */
-    { { 0x145902629d671094L,0x7fef49c166ce858bL,0x2a7ea540c2f21eadL,
-        0x1226b04fc1d5a636L,0x4fb54e4e535efb9bL,0x6c51cdb91d72bed3L },
-      { 0x94162e44938efaf6L,0x166013cfaf6f5697L,0xfa9495bddf95f9c6L,
-        0xc05441cb0d7f8406L,0x7e5c89763a233ca6L,0xbc75dc6493fe8e42L } },
-    /* 39 << 49 */
-    { { 0xe1885cf128ed669eL,0x6e9f40dfb428b3cdL,0x412388a61626f8d0L,
-        0xb8201f047cbcd192L,0x642ecfad70ba644bL,0xd43be1cb43c76bb7L },
-      { 0xafafffc388f4bd51L,0x8c40e2787052eea6L,0xc1a84e866a4c8776L,
-        0xf0201f292fe7075dL,0x132f80e4576af421L,0xe0831b7f4731dddbL } },
-    /* 40 << 49 */
-    { { 0xecfabd2742dbb68aL,0xad43a2c43eb546d1L,0xcf4e64ccfe2691c9L,
-        0xe3889e258347566aL,0x48da354885b8c733L,0xcb7fe0679d9c9f57L },
-      { 0x8c26a8d668223280L,0xc1e8ff623065705aL,0x181ca70a3f8db9f8L,
-        0x25aa6450e758213eL,0xa4898f9169b2653eL,0x5e5c9fb4ccd8303aL } },
-    /* 41 << 49 */
-    { { 0x640b6946b03aa213L,0x6b99e84d00c068f7L,0xed4f1d2d99c5c461L,
-        0xcec88724b20eaffaL,0xdf2b79a95dbbc32cL,0x2f7397054f3a1c5bL },
-      { 0x1594a54946eb52edL,0x55f11aad39c4c43eL,0x0fcdb331f46500f2L,
-        0x0d66be885ceb8dbfL,0x4d977349886dbbf1L,0x238f4617797d1b41L } },
-    /* 42 << 49 */
-    { { 0xfc8c7320721034d4L,0x48b389db60264280L,0xac246988649cbd88L,
-        0xb7f52891a50bb658L,0xc0a812e50a7f279dL,0x6593175967fb2cffL },
-      { 0xd31a77c6661ab439L,0xabadcea00ceb4aceL,0x201d98f6a3702dddL,
-        0xcec1e83e7c9463aeL,0xc64e44fbc55e6856L,0x421f3e3148aa0d81L } },
-    /* 43 << 49 */
-    { { 0x4f0b251871a07c6dL,0xbfe652edaf3a2fbdL,0x5f68dc667bc2053fL,
-        0x445df84f6040a7cdL,0xbdda2132180dc0a9L,0xd8627401d6c7a92fL },
-      { 0xba350cb190cd2c73L,0xaf4c1e5929886ab4L,0xee8fdff2d677399cL,
-        0x3ce35c6edaecf83fL,0x44df0a300f114062L,0x1b633b4647f29868L } },
-    /* 44 << 49 */
-    { { 0x48483f6af58ae2c1L,0x70ba34635e1cce49L,0x5f7a1c6d33907532L,
-        0xa0fab701875a5f3fL,0xf2e8b0ff85d387e1L,0x0076aa68ff349689L },
-      { 0x6e392b02747e2fffL,0x5e1ea320e788d577L,0xba705bd7713a0b03L,
-        0x04ef192f2dc2cbc5L,0xa5a14eed38aef8a2L,0xf9682bbe30a268faL } },
-    /* 45 << 49 */
-    { { 0xc04f2cf540244a00L,0x00c90c3bb8dc0ad2L,0xac5b1060601d76f6L,
-        0xad97c5c1a7ff84ecL,0x7919a06dd2328101L,0x62d5b7a4ca8a69c5L },
-      { 0x75607148de5a2cc9L,0x1afff7f79a75fd24L,0xe62efc8083a22367L,
-        0xad08258a10e05e36L,0x22666e06c0e4b549L,0x15f62c613f4c48c2L } },
-    /* 46 << 49 */
-    { { 0x751affadc7b8da09L,0xc052109dbd8e45d5L,0x7d11aaad87c14560L,
-        0xa0410b2a6b690121L,0xcabad9853e10a103L,0x4d19bd3e785f1bfeL },
-      { 0x8f32c6b84b6167a4L,0xb21d4ec297b4f546L,0x2e26df99c008f7c7L,
-        0x63825597eb347720L,0x6a05b375afe39fc8L,0x19790b92131201a3L } },
-    /* 47 << 49 */
-    { { 0x149347ff7780729eL,0x076b4edc62e2dd48L,0xbf0de9d7cdcec866L,
-        0x9d75deab8fa1e18cL,0x10931716eecb1f4fL,0xa8765dd3a385eb7fL },
-      { 0xfd26f39c4d70651cL,0xc501caf48834c723L,0x1d263a83a65e5093L,
-        0x57ee2fb96f709deaL,0xdae3dcc645091321L,0xba0665a906a60a48L } },
-    /* 48 << 49 */
-    { { 0x517d13b1784d0621L,0x2db4ef27d77b84beL,0x6e2e26866d752aaaL,
-        0x95da9fa1cab02667L,0xbe8d91ad423163c3L,0x8f3d59dba69953c9L },
-      { 0xf728b1d2d6e635aeL,0x5c4c177deeea663eL,0x97a900a82e75d9c2L,
-        0x136c6b1e3ad09defL,0x4bab14a6dd8a2be8L,0xa4ee903025cf1447L } },
-    /* 49 << 49 */
-    { { 0x05f93697a5235c12L,0x434f91026943a0d0L,0x92696b701a4d3169L,
-        0x0a9da44b8c3b1ee5L,0x327f9f79d295521bL,0xf605cb83afd8aa40L },
-      { 0xe3bd4ab5d365fb37L,0x6c6a470ce984ea2dL,0x7ad01e6b392af60dL,
-        0xbef2dffd5ff8ee6bL,0x4e56deb722efc2ebL,0x1b90570ae14ff270L } },
-    /* 50 << 49 */
-    { { 0x70718d8e333cd9e2L,0x858c880c6b03a371L,0x5b7f69a5926a3dd4L,
-        0xedbed135572f420fL,0x740a21e6332aaa09L,0x665aff63fecf1e3dL },
-      { 0xd884a3c1214490e9L,0xed70c29a63cdab1fL,0xc92dfa58786e274bL,
-        0xa5395591d7fd529dL,0xacdf81ac3b95b61fL,0x07f801df40cb45a0L } },
-    /* 51 << 49 */
-    { { 0x4f863ad59230d44fL,0xd176d2764a099825L,0x4a6868745a43a7d8L,
-        0xbcab3548fff3e8dfL,0x15028cfccab2c7e6L,0xad077a8874a91fb2L },
-      { 0x015700d39eee3e32L,0x524ef9c7386e489aL,0x3be1771b60285f8bL,
-        0xe4a5353cf9c33beeL,0x0aa0f2ab244ad683L,0x04e846f98a4c0ed6L } },
-    /* 52 << 49 */
-    { { 0x326a204790f55f13L,0x194d24db53017b29L,0xa26db785cd4368c3L,
-        0xd58943e8238d7518L,0x8e06f8cc3527387eL,0xebc6dc9e071846d4L },
-      { 0xbfc08dccc541e098L,0x3dcf0713e4fbc9a4L,0x44e9ba7869fedb43L,
-        0xd867cf784fa012a0L,0xc618b2b88733ddf2L,0x4149fd48a737fd5cL } },
-    /* 53 << 49 */
-    { { 0x5c4c2183179b1928L,0xc54d315d0439876cL,0x07d22792f7495bceL,
-        0xd378185e3bc32c4aL,0x8539aab65b31c5c9L,0xc72b1ac640dffb35L },
-      { 0x46bb918a2e8d6ae2L,0x102c49f9e8a1d7a1L,0x7c622793cd2764d3L,
-        0x5bbc6f023c7aafcaL,0xa41f383bcff71b4dL,0xc8a0e1a9aa99bf83L } },
-    /* 54 << 49 */
-    { { 0x323aad4991d6b8f3L,0x91b678c0f3d9154eL,0xc141e2424ce74f67L,
-        0xb7c38aef65659ca0L,0x5b5f89b174a937e1L,0x739fad71abc55012L },
-      { 0x315ed44ccee5f4fbL,0xb0731455360a61eaL,0x39235ff0ee93ce5aL,
-        0x6352556fd203baf9L,0x3c22dc6a0ea06b93L,0x195638cb591bbfa0L } },
-    /* 55 << 49 */
-    { { 0x8bd5a15359ad0688L,0x827e82d8a7323070L,0x9ea55b3af70686e5L,
-        0x511c8c3f34c2d054L,0x9364d28aa14a3c61L,0xc4dff9c461374139L },
-      { 0x947c3ec9a39c01c0L,0xead11d42108440bbL,0xcc6d893569677f79L,
-        0xb1d632710b9b4823L,0x2cec325e63b154e0L,0x45e97c3814a85b9cL } },
-    /* 56 << 49 */
-    { { 0x11b59f3e92acd14cL,0x188c1bb1d7aea098L,0x5cadf0a19365958fL,
-        0x8fef04fcca0b1b0eL,0xbcb4d9fb0c274a5eL,0xe97eb41cba78427eL },
-      { 0xc49f0bc55cf06378L,0x2681f12a281b669dL,0x200e9e583f796b81L,
-        0x5bbea92b17964262L,0x86b3c15756db0039L,0xe4477c5eead482baL } },
-    /* 57 << 49 */
-    { { 0x1340e22c050fc1faL,0xd5cc5445bd062615L,0x03ad31601f494b03L,
-        0x612919142af1b95eL,0xdb31a06d53705ac5L,0xf590433ad07ae464L },
-      { 0xed52363421bbbd72L,0x1f032ad2f1cc7842L,0x212b1d5536a7164aL,
-        0xc2cedab7dd973183L,0x29aeeee05e74ada3L,0x579984d8bb666836L } },
-    /* 58 << 49 */
-    { { 0xbbe5db83e13d34d3L,0xbae5ae959a8a3344L,0x55d2f0ac797d6e35L,
-        0x75e78c017cd0abb0L,0xb757f72cbad96294L,0xe52493895d556f25L },
-      { 0xc02293538e7675dbL,0xc363c5255c8beec5L,0x7ac23c0b7c87ee00L,
-        0x9c5f22b4a7de93f8L,0xc6f0ea64d9644b5fL,0x3fa718d4d161f87eL } },
-    /* 59 << 49 */
-    { { 0xe8496c463f356cf8L,0x25b5b8742da1b81cL,0xa35ec06330efa9c9L,
-        0x7497d85ffdaeb348L,0x312ad677e83f49d7L,0xcb5c346cfe8aece3L },
-      { 0x19d7332d61cd4ebcL,0xb03dece0d0967141L,0x47dcb81af5455addL,
-        0xbef0e70389ca68d4L,0xf7abbeb9c987400fL,0xbda81c65a1521da1L } },
-    /* 60 << 49 */
-    { { 0x535f3e4b86882341L,0x5af1c6322e22600fL,0x0403b6e0584a13abL,
-        0xa64de86661f59ce9L,0xd22106f738501b92L,0x2932f808ab6ffd04L },
-      { 0x8da4cc6e232967f2L,0x4b8fdd9ef3644670L,0xe8cb6ef31e0c51bcL,
-        0x20b7b734230c6897L,0x5009176453d9339aL,0x5f5c8c67ca637277L } },
-    /* 61 << 49 */
-    { { 0x23e333d467232358L,0x3c2807bdea037380L,0x9439cc4626f1dc2fL,
-        0x8c87dde53ac29173L,0x601b7245766897a1L,0x9e0b1a4559350e3cL },
-      { 0x0818b6cb301db407L,0xbdc4584676b6fbf3L,0xeeca553431bdd954L,
-        0x1dfabc033f9be3bfL,0xdf0415dc68851bd8L,0x33be32a67aa9dfa8L } },
-    /* 62 << 49 */
-    { { 0x8c9017dd4b4e4b5eL,0x02f435dd7b892b2eL,0xe9af9efd292e0f2dL,
-        0xa32124c75c4d315dL,0x5c6fde76b31a390dL,0xf1fdcefaa6e46d3eL },
-      { 0x5f39dbfe9e9e84b6L,0x574d647d19aab6b7L,0xd5a234cdad1a2987L,
-        0xeab841c7dab59c81L,0x5155898db3137b90L,0xc52e9ddd06db2fd0L } },
-    /* 63 << 49 */
-    { { 0x8617f0d490660ff7L,0x00d73d108b35743eL,0x433e42d68a6ca67eL,
-        0x575ecb9beab5cff6L,0x4c64bcddf258960aL,0xb8ffb7f32c23405dL },
-      { 0xa98c06691261b0c7L,0xf2701f4a6b9bf7c6L,0x3abe44c41c68efc3L,
-        0xdb5ac9cbf12c7a25L,0xf5b4616651120981L,0xf8058f7074d518f3L } },
-    /* 64 << 49 */
-    { { 0xcd92906c6d6ae962L,0x628356159807d881L,0x0d6929781fdc1915L,
-        0x45d01a8c269d611eL,0xe7bd1e709665b00aL,0x086385349bcaa388L },
-      { 0x8f189e882dd24299L,0x5f643392b82fb270L,0xca65bf16c633b111L,
-        0xc6adc9c9d6f1dac8L,0x0df2c293a3c3381dL,0xdd6ae97d8388cd12L } },
-    /* 0 << 56 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 56 */
-    { { 0xffdbd0eb3863db02L,0x8b8256832f57e10fL,0xc11acead35e7a3a2L,
-        0x4998cf8c67833028L,0x8f3a346b844c7976L,0x0a9d872cdb9b1a1cL },
-      { 0x8735dabcb98d445dL,0x93790d80305fa0a9L,0x7c0add49d267a01aL,
-        0x2b46c913ffa20d11L,0xf2acef26d8ab2d4aL,0x71b701b93d926080L } },
-    /* 2 << 56 */
-    { { 0xe9d2a98a5133de8eL,0x37083b60b81b8b00L,0xf399325dceaf86aeL,
-        0x03b17c888f161525L,0xd8ac35c984211b9dL,0x220837849050ca48L },
-      { 0xa818c44bc9fab832L,0x8882bccee5aea7daL,0x633aaf35f8715b04L,
-        0x5463e1b99d8829a9L,0xb18df52d84a820f1L,0x9d5ef891d096675dL } },
-    /* 3 << 56 */
-    { { 0xd54e2c7cac60496dL,0xc06d5e5d04cd50a4L,0xcb4105e8e60f7f59L,
-        0x705db308427483adL,0xf73ba98bf2bff383L,0xa945611a0220e6e9L },
-      { 0xc01c46b8d957e12bL,0x458897b7acb1f371L,0xf738dc0bfa3403e6L,
-        0x098bc687d2202896L,0xec0c217a5f882e5eL,0x8f25af77a1f4eb13L } },
-    /* 4 << 56 */
-    { { 0x2615c78259ee4124L,0x4dc2824c76532b4bL,0x9c3b1d771c84a04bL,
-        0xb6fc203fcb9f9e34L,0xbed65464c64f7846L,0x04f520a2eb004248L },
-      { 0x5c0177274a58fd22L,0x25958482c10d9472L,0xb78c6666aceb0e3aL,
-        0x18d3c188fc046f0aL,0x7f3e2f301baa9595L,0xa574f8cd8a2844e8L } },
-    /* 5 << 56 */
-    { { 0xc899eba381c2d81fL,0xb27267d6f3f0a431L,0x607c8629da55568eL,
-        0x6b5472282b1dc1d9L,0x23232311c9c001ffL,0x207a2eb2488f8b85L },
-      { 0x3867ac9adac37a28L,0xa36d14d32584a5f0L,0x7398c647a74488ffL,
-        0xf6ed920fbe087640L,0x72beddc76319a571L,0x55c2cd826a244aebL } },
-    /* 6 << 56 */
-    { { 0xb7da79c625f8a53bL,0x6b950bdfd331ad8eL,0x3481b7b54aa36d18L,
-        0x6efeaf88ed0e3091L,0xeb017bddc993074cL,0x8431a6d6529dd654L },
-      { 0xf5177231bd069585L,0x6d753b103ce85096L,0x194d82d34ca26741L,
-        0xeaeffe15adcd1650L,0x4dcec3d9af7758b7L,0xf5fdf6664cc2c819L } },
-    /* 7 << 56 */
-    { { 0x94bdc7f4a9810744L,0x464195daf045d859L,0x27e2dab0d654cb57L,
-        0x1d4e1e537a491956L,0xa1ef570c31d5d099L,0x01cd21ee295f3de7L },
-      { 0x8681b00db8249038L,0x17c31bce93781b71L,0x4324e90c6a1b5748L,
-        0x44f9324c1222e554L,0xe30ba10fffd53dd0L,0x2e5817a8b48eeef0L } },
-    /* 8 << 56 */
-    { { 0xa349bb66c8fccaa9L,0x7888755f31a53ee7L,0xa6e1d891c18d3750L,
-        0x9985aa4dae8d2bfbL,0x8baec9ae31b33078L,0xee68295a98750e94L },
-      { 0x0d834bf8d6ddf305L,0xab33dff39762126cL,0x0c22faaa0c51d098L,
-        0x32404042b887a10fL,0x31f6a614248bed32L,0x311f86301ce0d662L } },
-    /* 9 << 56 */
-    { { 0x5c95cf080d844b0dL,0xe09a8352c98650c9L,0xc1b106c5d089058eL,
-        0x2b3cf101eb0c6107L,0x1993fdba3ce6ee18L,0x7234eb6425fc4d24L },
-      { 0x8345acfe05f46dfeL,0x07fccf68a2d87d38L,0x14494cea85da7852L,
-        0x8737500acecdd9f1L,0x72b1490ca39068ffL,0xce28271acfa4469aL } },
-    /* 10 << 56 */
-    { { 0xc872326f55c6c00aL,0x6a5f0fa3f912decaL,0xf4ef0ca5a7d1bdb1L,
-        0x1dee685b37dc6bebL,0xdad4cf52f1b09b88L,0xc7199f0277f1db84L },
-      { 0x7099ef00a3f00491L,0xd8fbbbfa6d8804e3L,0x2a00b8e50ae1e360L,
-        0x8a8c9d03fe9be5dfL,0x06e0585b8b1faf6fL,0x19542ee7ae29c502L } },
-    /* 11 << 56 */
-    { { 0x36cad867e2aa1c5eL,0x7ef21e51317f9078L,0x68efbb84c82e925fL,
-        0x973b36769fe751e0L,0x09c4e0c1177d36a7L,0x9c0b7e048a753c5eL },
-      { 0x8414cdab15ccad5cL,0xeea2134ed50c1678L,0xd9c1dae8f6585d5fL,
-        0x82fd04ab4e5c3d96L,0x868cddf7da3812d3L,0x32a65aeafda07e68L } },
-    /* 12 << 56 */
-    { { 0x73292e6a60720858L,0xe046a79953160855L,0xf74d56c9ed3b94c1L,
-        0x0e371167c67863e1L,0x19b3a9f43f6636cfL,0xe624798d898a25b0L },
-      { 0x2ed1fc4dfde2cd6eL,0xd9a7ab519fd15ee5L,0xb6b8d551c487b1cdL,
-        0x9fec705ae8936c54L,0x4b779dde1a50e094L,0xfb5100c2c3a4ef5bL } },
-    /* 13 << 56 */
-    { { 0xb35a7b102704c525L,0x8a77fa5b44276cbcL,0xb4a9cd235ff1a12cL,
-        0xc74a017c88a37997L,0x84e26eea9af37476L,0x8a6b8c0e7bbf737bL },
-      { 0x90ab7c948f05bd3eL,0x31749075464f3a2cL,0x32f7873c1dcfbd25L,
-        0xc0af73d343bc2054L,0x556c4798171d825eL,0x2c84b5b6081542f8L } },
-    /* 14 << 56 */
-    { { 0xa5907e5c59ab2507L,0x12b86e04cf7df60eL,0x0a14bed18af4bc50L,
-        0x462863b20c11bac5L,0x98dde284126958dcL,0x8877e7695625eb29L },
-      { 0x869f7214f4fe19e5L,0x29867e51ec0f8c1aL,0xbf498bc078b85f03L,
-        0x9dda400e8973a94eL,0x8d8b998ae6e51b1aL,0xedb0957c557ac00eL } },
-    /* 15 << 56 */
-    { { 0x84b6d5143b7d43f2L,0xcb84c823afb7a2b9L,0x892e8c4c56d2b161L,
-        0x52ea7426214fdc0aL,0x07f3d57679763557L,0x9f95fd585a828bb3L },
-      { 0x2c7f03d550e14019L,0xab723de7d7eae7b3L,0x4c08189317f4ea6eL,
-        0x64cc5bc0ec367246L,0x73077b5ddf11c3b7L,0xfa34b540e08eb4bbL } },
-    /* 16 << 56 */
-    { { 0xac6dbdf6edc9ce62L,0xa58f5b440f9c006eL,0x16694de3dc28e1b0L,
-        0x2d039cf2a6647711L,0xa13bbe6fc5b08b4bL,0xe44da93010ebd8ceL },
-      { 0xcd47208719649a16L,0xe18f4e44683e5df1L,0xb3f66303929bfa28L,
-        0x7c378e43818249bfL,0x76068c80847f7cd9L,0xee3db6d1987eba16L } },
-    /* 17 << 56 */
-    { { 0x254ed267050f46f1L,0x36786ff864daa83cL,0xb4a89efc802a3ae6L,
-        0xe0027b3486b77d59L,0xb7147905f48d0de6L,0x00733ca710cf7c60L },
-      { 0x87efbe387b3ab776L,0x3db10898de9730f4L,0x61f21e1386b7a40dL,
-        0x5541873648455b6aL,0x0de378f9a88587deL,0x42dead7a766d18f1L } },
-    /* 18 << 56 */
-    { { 0x42b8ef51e15ad876L,0x498886e5082e110aL,0x3144e8c964edbd73L,
-        0x4b08cf86f79e6724L,0x42d06d53ddfdb6a5L,0x4c9dce336d8b1f33L },
-      { 0xbb8913ae4be29e97L,0xe944c922166fdcc4L,0x83913b963c494e9bL,
-        0x529d57ac633a0018L,0x632a7cfd242e7d9cL,0xf0e2434dd9b51d08L } },
-    /* 19 << 56 */
-    { { 0x74768ab044ff52cdL,0xa590ac7eead09902L,0xdc408c53f52c0f5fL,
-        0x614a22d6f853efbfL,0x61f391c425126427L,0xb61adcfcbf462fbbL },
-      { 0x7b753aaaaffdbe78L,0xce12b2247bea939dL,0xca21f73e95baf09bL,
-        0x2a82915e43ca9ebeL,0x67ba04f57936a38cL,0x1c1964f1616b0b87L } },
-    /* 20 << 56 */
-    { { 0x4dc628c67cb2ec48L,0xc896f99c0cb1e9d2L,0x399ac2e85cc6134bL,
-        0x5ac36de184ba73d0L,0x66a334a3e1803832L,0x394af7ea59b770c1L },
-      { 0x3df19e55b46f793eL,0x97aaec84bf770a95L,0xf52068b8f8c54408L,
-        0xb6f7649f49e05f0fL,0x54d8db0583360826L,0x24748fdf71af722fL } },
-    /* 21 << 56 */
-    { { 0x68f4dd4956c29111L,0x391ac9910dac9352L,0xb0a8a54206dc9d58L,
-        0xb5058ed8fbe70330L,0x8b5e9d4076b593bfL,0x769fb99cd7f2b261L },
-      { 0xcdcbb60ec67cce8aL,0xe01a5d5d75da36dfL,0x7e831d0ef7c6e5cbL,
-        0x0f6bf54bccdeef00L,0xed49ad3998ba4d8dL,0x8d512c83614d70c2L } },
-    /* 22 << 56 */
-    { { 0xc1910b2545b4f6e5L,0x54c6ee8489fb712dL,0x80b6fd47f5747ba2L,
-        0x3d81e7efd6d4f856L,0x8b9e87418031f1bdL,0xc591d451f2327316L },
-      { 0x4830d9971e0f1c1fL,0xeabe29bd86e92024L,0x2f2053a1b8c68d7eL,
-        0xff4eb9e879d00ad6L,0xa0c93249f4b4cd89L,0xe127d9d3cb9e0761L } },
-    /* 23 << 56 */
-    { { 0xeb947df3492d73ebL,0x5474817b0d32c2ddL,0xeb01bef7a9440e93L,
-        0xf604581d8085d1f8L,0xf69daa189f69ec8aL,0xc79ac48e71748716L },
-      { 0x5141c75ad4beef28L,0xf7dfaf89901c44a6L,0x7bcbe4812e81ed85L,
-        0x57ed0e6f0c5a4423L,0x7cf189651cec85a5L,0x8ddfe8a5beef12b0L } },
-    /* 24 << 56 */
-    { { 0x60ee08b46bc0b979L,0xa31cfd961aba7f4eL,0x66c05a6358bedf51L,
-        0x2ae6ec3854df9266L,0xe7dbda332771b08aL,0x44455d312a09fb28L },
-      { 0xaaba39171cec98a5L,0x9b2b12258cb543d0L,0xf47a9cd16af6495aL,
-        0xe207f3aac6cd8a16L,0xf98952878ae828b6L,0x37e2475725844053L } },
-    /* 25 << 56 */
-    { { 0x7c8137d8f93723a2L,0x78fa2e03cf552846L,0x3becd2627d11977eL,
-        0xdbc8e9b34e9a700eL,0xb2c7798d20decdccL,0xecae57179523bb6dL },
-      { 0xc0fec0677fa2f633L,0xe270b10702aab6a8L,0xda280b374dcc797bL,
-        0x50a163b86c42945dL,0x4a3fd6bd363e44ceL,0x0aa7e33d38bca4e6L } },
-    /* 26 << 56 */
-    { { 0x19c7f098a693d0aaL,0xb79d84244bd22a29L,0x19d91d12a9b3c2ebL,
-        0x2ae96bfdde735665L,0x2f9c9a773d8a85bcL,0xa74bdd46cbab80f5L },
-      { 0x25a2486cdd9f70f0L,0xada155c9754513d5L,0x8aecd7db4c3e9494L,
-        0x9c3951ad2cf6665eL,0xd35780d44a9ec29eL,0x064983964cfd7821L } },
-    /* 27 << 56 */
-    { { 0x23407aac0834f890L,0xad7b7b5599bb065fL,0x3254aa7e4ba2b4ccL,
-        0x37f37fd1663f9213L,0x0c72c3111c5a51d4L,0x6e6df84b9989820bL },
-      { 0x576a320e1ae2f321L,0xa5fc617c3c62888eL,0xc4f1be4df6c40362L,
-        0x01b21892dbfaa5b3L,0x6fc0442390b9a5e3L,0x22a70c8791495c30L } },
-    /* 28 << 56 */
-    { { 0x365e1382183aee81L,0xe9f2245275d289c8L,0x543cb5c7b70962e2L,
-        0x853971711cea2e37L,0x8b31cf530adfc82cL,0xf9a458bf3b67c705L },
-      { 0x13b1cb3334a9b3a8L,0xa4325b403732f6b5L,0x39e997ba04e9df8eL,
-        0x24c0d6ebf1d542f8L,0x9cb3f1abd82901bbL,0xbbaef37a4cb34763L } },
-    /* 29 << 56 */
-    { { 0xc4881080b08dd648L,0x21869be8f1fe4e15L,0x63e158b112501ea3L,
-        0x48a909ce32408693L,0x77fd2cf062b24495L,0xf7d1e134db9322a5L },
-      { 0x4c02c8bcbdb19eedL,0xe03cd00e8a20b335L,0xe04271c530632562L,
-        0x549e5dba603e1681L,0xf01b38f95503b61fL,0x244c81920b3fb785L } },
-    /* 30 << 56 */
-    { { 0xb423030c4b0c7247L,0x242d409f149f8cbcL,0x6094885e9c1f518eL,
-        0x6d299dffe04d97ebL,0x152d05bb09903069L,0xf5656895fe235dddL },
-      { 0x801e7f736b22ac0eL,0x73aa6df46ba6dc97L,0xba498bc0d66e5d8cL,
-        0x8054e17d36b8c78eL,0x241bd2e21137fdf1L,0x8e79a943b97dec15L } },
-    /* 31 << 56 */
-    { { 0x94e617abeb64269eL,0x39aef936b410ae02L,0xdbb744c325fcc976L,
-        0x5072bfab38a5b366L,0x3998aefea3f5d715L,0x0bdbf555a74e281dL },
-      { 0x50d2feece24dd239L,0x835925ef46324c5cL,0x53c4eece7a4dad08L,
-        0x340fef207c358d83L,0x9e2189da30f04396L,0x2bc748d727e322cfL } },
-    /* 32 << 56 */
-    { { 0x1238e097ae658422L,0xb4631ddb568df55fL,0x451254e7f74c5c50L,
-        0x238b16d28805813bL,0x23987b28925e7a6eL,0x93b72e2d2a1a10bcL },
-      { 0x944c784d05e44b7fL,0x7d70fd098c8e3120L,0x6bf1ab2aead45716L,
-        0xd5f8f0e631c04205L,0xac062526a10b8881L,0xa1a83cf0fe5505a8L } },
-    /* 33 << 56 */
-    { { 0xe1e05ff89ea47326L,0x88219a1ffbfc7f61L,0x9cbd0b387dcd3008L,
-        0x751d03847671a68eL,0xd73ed70d28e0387fL,0xf66f9cfea9485256L },
-      { 0xac68aae1ae153e0cL,0x92eb6542e81b1282L,0x9617d45464541adfL,
-        0x81b4d94a9d489e95L,0xafd5cd4620f31ba0L,0x35700392e5a38941L } },
-    /* 34 << 56 */
-    { { 0x52296be3b71ea9c4L,0x82b05a43424cadf9L,0xb6d329e8842699e3L,
-        0x9dfb91bf9370f2c1L,0x0188b738994ecc71L,0xa9a7b03b5ce8b100L },
-      { 0x99198b2a25c33035L,0x772795a7e21895d5L,0x37dafa4c42173e01L,
-        0xd37f03933ab27d91L,0xf3500a7d2afad1f3L,0xa433b5fd87eac06eL } },
-    /* 35 << 56 */
-    { { 0xdc193cb5243a97bfL,0xe367f27ff5715184L,0xc4bb95c6fd9120c6L,
-        0xd2bd176bbc5f7ba2L,0xf2c0f86de966c1deL,0xc69ab26e811e70cfL },
-      { 0x95756460e87c55f0L,0x6b62ab136a59c832L,0x6e971c6c128448a0L,
-        0xca72482e91ea44a3L,0x2602d4795dca0f8bL,0x8dadd3e25519433bL } },
-    /* 36 << 56 */
-    { { 0xfe0553be23246f68L,0xccc1d774d8ad4128L,0xbec668d8cc155edaL,
-        0x7a80e9b44231506cL,0x579cb5f42aa1740aL,0x3a61b84fd8b35a2bL },
-      { 0x0478c05ba3b519f8L,0xf518ac09acfe39aeL,0xabc15e9076c956e6L,
-        0xff35db67dd55d268L,0xbe066679bdbba89fL,0xf7385df12062b845L } },
-    /* 37 << 56 */
-    { { 0x279d7ffdfc12078dL,0xeb14155eb8f302e9L,0x5f1b11e165b3c14dL,
-        0x08510b461bd36b3fL,0xa7f5b2ffc9d73b4fL,0xe5e831557aa09e40L },
-      { 0xbed67135cc3d88d8L,0x7b2775f7017a43d2L,0x9ce22ff24c58cb64L,
-        0xab88d04849ede1eeL,0xcac13762da63daa8L,0x70662331b1dbfc4eL } },
-    /* 38 << 56 */
-    { { 0xe4f7022200a8a9adL,0x8d1bbab7d42fffcbL,0xe024970e368ad5edL,
-        0x231ef631b4c0c9f8L,0xb47ca0386760b411L,0xe1f297ff179e6d44L },
-      { 0x2e5ec77d3e071736L,0x90e20be915b29c93L,0x33961b6dbb7e7237L,
-        0xa854df5b42176851L,0x67d223e4a8f4bac8L,0x5464a46f0dee39fcL } },
-    /* 39 << 56 */
-    { { 0x525a553b32230b65L,0x7bbde6b816bb6a4eL,0x2f5bc6d229f12292L,
-        0x5d86858045fbcff9L,0x6ce4fb249f932964L,0xd7cd175098e05ef6L },
-      { 0x794b0248e1366d8eL,0xa37afa66332098a0L,0x2dcc1888d9aac70cL,
-        0xa01ba83ec15b9fb8L,0xd34ddf851df4b59cL,0x92289e954f829510L } },
-    /* 40 << 56 */
-    { { 0xdec879d51c9d09f1L,0xdfa9e7d61b371576L,0x8c705c7937fb3410L,
-        0xd770153e1f2a02bfL,0x208fc8f18043ba69L,0x58aebe6e25aa3453L },
-      { 0x191b69e512941f03L,0x27dbb050d7966e0eL,0xa5196bb7d16bc20bL,
-        0x5b6bae47f22b30b2L,0xbddcabda8ce7b419L,0x6e3cfd373b9f5a39L } },
-    /* 41 << 56 */
-    { { 0x605d4b83330c07f8L,0x4dbe47646a0ed45fL,0x1e715823d7e4163dL,
-        0xe337a67dcea3306dL,0x55abf0684f18a604L,0xaaf69d5ea9f57370L },
-      { 0xddd09e8129784840L,0x17fd42b9a4fff5e9L,0xe99859e55acee616L,
-        0x41d691203b927ed5L,0x35cc99675168f505L,0xfc311c24431d7d60L } },
-    /* 42 << 56 */
-    { { 0x415f7f0da581c54dL,0x67c678244509f31fL,0x36fb92eb988f449dL,
-        0x22d41b1a94181fe4L,0xacc68410df896026L,0x4a10e46f9ccc4df6L },
-      { 0xf805a1191969cf2dL,0x7230a26b32ad355cL,0x9d200562e9abd845L,
-        0x2db90c3b5cb55349L,0x80b59daa29bcc42cL,0x81272ebc53d32149L } },
-    /* 43 << 56 */
-    { { 0x6aaf15f27756bcffL,0x5391bc009b645589L,0x46cc4480a6fc61a0L,
-        0x6fde9d53293d676dL,0xd6c35628d7618399L,0xdda13a0853daac23L },
-      { 0xb6e6c20c0fe7995dL,0x32eb3468d8d41d55L,0x8927d508c19c5995L,
-        0x3907eeed3c229e66L,0x509af79f27972057L,0x8a7f44f750e2f170L } },
-    /* 44 << 56 */
-    { { 0xb91ffd21c87b3fe1L,0x0fe8389b34fe2825L,0xe22d45d74bf4c8cdL,
-        0xb575ae4cd6d8308aL,0xa7fa552e82994ba8L,0xfb67a86fecb08870L },
-      { 0xc3bebdf8e6dabcb1L,0xef18b357b5bcf114L,0xed518499a4b8eca5L,
-        0x0fec83c5df16ed99L,0x5d353a5856b5649eL,0xc858c1d1cec900e0L } },
-    /* 45 << 56 */
-    { { 0x7a65d2660d85e627L,0x96170bb90bc010a3L,0xaa6e0055da030ad9L,
-        0xa75ab280ff4e4a8fL,0xec14e68c0be864a3L,0x05424b9cc17723b6L },
-      { 0x9ed54bb218ca85d6L,0x035edc14b78b34bbL,0xc116914929617416L,
-        0x0a00e0086cb0d801L,0xba40f1207d4a638fL,0x54b1e8cc9d8bd0e9L } },
-    /* 46 << 56 */
-    { { 0xbbab4ab54c88db57L,0x68dbee6f9ee9558aL,0x31b988e140da802fL,
-        0x9d117c37e90b2221L,0x443ae099025b66c7L,0x8568bd6f2538a654L },
-      { 0xf806d8636720df01L,0xe390adf2b649ad8fL,0x7851f8e039d1c315L,
-        0x8185ae1a5e650f1bL,0x3dccfc4c9b562532L,0xae99ae835f427c40L } },
-    /* 47 << 56 */
-    { { 0x99542ca7564c7ad5L,0x682eace49a96f25dL,0x2d01b2488d933a6cL,
-        0xf96916ddb8604277L,0xad3259d12e4d7419L,0x9085251fc26981e5L },
-      { 0x848219363d2ec970L,0x723ea6a5392351c7L,0x3fae69a55e5448c8L,
-        0xf6eee650dfb03d49L,0xe2e1df1ef8c58715L,0xc603b61f1a369206L } },
-    /* 48 << 56 */
-    { { 0xcbbd8576c42a2f52L,0x9acc6f709d2b06bbL,0xe5cb56202e6b72a4L,
-        0x5738ea0e7c024443L,0x8ed06170b55368f3L,0xe54c99bb1aeed44fL },
-      { 0x3d90a6b2e2e0d8b2L,0x21718977cf7b2856L,0x089093dcc5612aecL,
-        0xc272ef6f99c1baccL,0x47db3b43dc43eaadL,0x730f30e40832d891L } },
-    /* 49 << 56 */
-    { { 0x7f3a3e5f4447ed08L,0xa6302f7bf94d49d0L,0x94fd2ad33b2abc46L,
-        0x98ffc01fe4249c1dL,0x6f3a53bf8db4549fL,0xfbae12df25566cceL },
-      { 0x63fc92d3c2e84d15L,0xc355b46c4f5abdebL,0xb50b43a05678d0cfL,
-        0xf4d4b0b15681d628L,0xc9f11d63fb3bac7dL,0x444b748cda461eb1L } },
-    /* 50 << 56 */
-    { { 0xafe9adafc9845a07L,0x484a9eb9df6a1305L,0xec32f0bdb0f111dbL,
-        0x742b41cddc7b100cL,0x5a7ea89d23c5f849L,0x1ea8801fa298aa82L },
-      { 0x183e1750cb001f26L,0x66ec5daa49da5bbbL,0x8071ff322d05ab57L,
-        0xaea9e694e1944e0eL,0xc993754437b85438L,0x2c2467b4faaf4f22L } },
-    /* 51 << 56 */
-    { { 0x38f87acce602c278L,0x72c79590515854dfL,0x9d466a765e7e2f6dL,
-        0xe5f6704772081935L,0xb4b56288ad958812L,0x7f4d9e1395b08242L },
-      { 0xb38d0ddb962f0f6bL,0x969d4327e5f76463L,0xf7c7c799f6ac01f8L,
-        0x494066673e6ff230L,0xa81fa10dc7e9c1b6L,0x2fcf26bf8093c2d3L } },
-    /* 52 << 56 */
-    { { 0xcca6e9cfa754256bL,0xfdd79280347723f7L,0x8179d6f52d69c6bdL,
-        0x156a53fa94cc8567L,0xb819d70324655f28L,0xf86872e2ebfb198bL },
-      { 0xb158e73939ccd668L,0x655db8248de67826L,0x54399a79c621cf3aL,
-        0xc55900d498a09c9dL,0x5423edbf20278b3aL,0x06a625b280ba89cbL } },
-    /* 53 << 56 */
-    { { 0x0f152d69869c4f68L,0x0ed4205a9f0068fcL,0xda68af4f25d4490eL,
-        0x715fcc60745c00afL,0x70ab559aad63dff1L,0x7d0a7b6a9b8a37ebL },
-      { 0x82ab7a068bca8498L,0x4f012fb4297d954aL,0x8b139e6ed5f6a4b7L,
-        0x597316e4b856ac26L,0xeb64b5894387367aL,0xcc92eeabbacb7e74L } },
-    /* 54 << 56 */
-    { { 0xb53560e968fdcf87L,0x4ed638bd3cbd0887L,0x57f3f38f6080d1cdL,
-        0x50370e0c1e4e3ae8L,0x14c87fad184a1ecfL,0x3d06f78d0af7b2ceL },
-      { 0xd9370e24fd595621L,0x1e462483c9fbb559L,0x1ee5d81ca0aa5c0aL,
-        0xdb2524557419564dL,0x782ba91b57585be7L,0xb2d14bcc5c431c72L } },
-    /* 55 << 56 */
-    { { 0x9cb9de6fd62ebed6L,0xb7f23b1916c6d571L,0x69b4a8dfa8b307b5L,
-        0x78a7f74e19dc7e39L,0x423405152f47c94bL,0xf1c2a5bc31ff2d82L },
-      { 0x98c1c3f7b145387eL,0xdd9d24d885e635ccL,0xeaaececa07397bc4L,
-        0x6bf6a8469b0cd4c6L,0x68052950680dbd05L,0x81a071b60ce07df9L } },
-    /* 56 << 56 */
-    { { 0xf3fa8bec0c61d5a5L,0x98f772fc0dedaa77L,0x45a382161146d42bL,
-        0xebef5d4a58821ebdL,0x21498af30c1f0e6aL,0x3d8699144758014aL },
-      { 0x6f2276ecb625c7e0L,0x68d6a144fb55d708L,0x0bc836e0ad56b494L,
-        0x72b6d8850f58ef70L,0x0e0be2887bd7c1d1L,0x70549a879c277d39L } },
-    /* 57 << 56 */
-    { { 0x39a445d2dbb2bb75L,0xda2a211b1ac42cd1L,0x934bee9a8e4cf8f9L,
-        0x5d0dde6a24801bc1L,0xb2d4261d23da4ea7L,0x5fa9059a7187cde8L },
-      { 0x49298bb651f05f9aL,0xff0c4a0422a7bee4L,0xf466232da6a29be3L,
-        0xff2e157a995c1904L,0x3a4ee4537b31bdffL,0xb4a736d7e41f6eeaL } },
-    /* 58 << 56 */
-    { { 0xaed55c123fa96c0eL,0x8f90803f6e08adf2L,0x349e5807015b7cb4L,
-        0xdb3f05e314656b3cL,0x9289bbecde8b2d9aL,0x3cad12e0c7f28356L },
-      { 0x7a68fa54959fe89aL,0x2e7135d0a77f956fL,0xa0285cbabbe35884L,
-        0xc547ffe7131ab269L,0x82a902bebe33b425L,0x5a793a790c71b02aL } },
-    /* 59 << 56 */
-    { { 0x2bb2a929c645c6eeL,0xfc6cbd471e651728L,0x4ec3f630c07af98fL,
-        0x118231588e4a8ad5L,0x99a2b5de1303f68aL,0xcc280b182ec9b8f7L },
-      { 0x3d7b406ad7298d55L,0x63941bceb9f83957L,0xfeeb132c463a64c6L,
-        0x243a2e2bf76a6c8bL,0xae72bf2fdad18d64L,0x774423431987a4caL } },
-    /* 60 << 56 */
-    { { 0x06de549d78dc1526L,0xa27fc0c1f52c5766L,0xee5ff3d8e9485b1eL,
-        0x7af2fbc64bc530dbL,0xa266d6c810f9dc58L,0x866abeed8bfa4d74L },
-      { 0x50356d7fcb7c7018L,0x4ae502e07c962af2L,0xb98b449cf011990cL,
-        0xfcc8446b59e8535fL,0x25964ab0088776ebL,0x3848aba2ab6cfe8eL } },
-    /* 61 << 56 */
-    { { 0x9f2c62cbe14a2c5dL,0xcd182e386b113f03L,0x2275ad4f525a15aaL,
-        0xd5b7d1d9eb373133L,0xd3c47b9b07929822L,0x60b043cd8fa8e8e0L },
-      { 0x603a3403d3958f57L,0xefa36ad67b79c263L,0xfe33dd9f3742ac39L,
-        0x30f40b3bb249f9bbL,0x9d2902d20a3b2e7fL,0x173f7d1a899684f0L } },
-    /* 62 << 56 */
-    { { 0xdcbeff5bf33bdff0L,0x963ae65ee9684a3bL,0xe03586882bcd272bL,
-        0x756695068942f107L,0x14319d19262e422fL,0x5c0ef45a2265b294L },
-      { 0xeb897bd8a9f64203L,0xa3b259d742b1640bL,0xdc34ee2dce66355cL,
-        0x2fab125eb4e13438L,0x1b93a820443420b7L,0x79c46f97b4ba8382L } },
-    /* 63 << 56 */
-    { { 0xafd8cb2006e55b9cL,0xc88f38ea2530a11aL,0x628d10bfe4efe221L,
-        0x00df0da42a8d983fL,0xed45860508a2fce0L,0xcd7882b86a01efecL },
-      { 0x93ebd86c7efcbf7bL,0x578f9fe7e3db504aL,0x3c584008aa5e83e8L,
-        0x5bf38b4ca8368754L,0xcb4a9cf905c05ca7L,0xf77ab684c634f28fL } },
-    /* 64 << 56 */
-    { { 0xac92ee1537d83369L,0xc968c187fecec65cL,0x29a7ca876e7a3265L,
-        0x0f2b7e7a8456c9afL,0x7471824e9754326fL,0x498687bf364d2ec8L },
-      { 0x86d8aacd3c6ee351L,0x01ee6823f6f41e85L,0x9805fc881d79f7ebL,
-        0x377ac3a40040547dL,0xd39215d461b4e90bL,0x2547416e4c5fd81bL } },
-    /* 0 << 63 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 63 */
-    { { 0xa10292b907a6fbf8L,0x292c1a203fa6235bL,0x7a36f18f73ad7a1fL,
-        0x8b2c7b0c5897b11fL,0xf7b9a272cb664c61L,0xb6d366af8f81e22cL },
-      { 0x3b99b2118e342bbaL,0x03ce158bb06ced2bL,0x3af1175d001db74bL,
-        0x526f08467159cb8aL,0x6a3c6e1febde4601L,0xfad5963b8c232eacL } },
-    /* 2 << 63 */
-    { { 0xa54768dab1b43eefL,0x13e41f47e14fda22L,0x774df203faef6863L,
-        0xf795a034bd7471b3L,0xf0958718b47de2e9L,0xc92f7888e1160cffL },
-      { 0x86ded97b0146c790L,0x015918f5480a4b7bL,0x05588920424e8459L,
-        0x37455914eecf8b2bL,0xe7d3df1fb968a6faL,0x07a0ffd6bad0719fL } },
-    /* 3 << 63 */
-    { { 0xf13f55e619f6ebccL,0x63720df2a266b368L,0xdbcc937f3bf1a890L,
-        0xd3faff625f326fa4L,0x8b33bae9019730d0L,0x7879782af9961795L },
-      { 0xec7e75bc93735e44L,0xfbbf6d225d5702d0L,0x26b6e1d53bc2ddc5L,
-        0x00345bf714941d10L,0xdd719676a745c77cL,0x2869b11881c523dbL } },
-    /* 4 << 63 */
-    { { 0x2566021f98d23f6fL,0xfb883e1234ca97caL,0x34e047a5d9f51b69L,
-        0x0b50d91df8efa646L,0xc2bbcbb2971f584fL,0x4136f0e40907c91cL },
-      { 0xa7ebeb0de735cc48L,0xa7d1bedce113c8faL,0xc04d9a073f5c962aL,
-        0x95c155e53ff74a2fL,0x923c65a53df0749dL,0x10d5f81227ae35d0L } },
-    /* 5 << 63 */
-    { { 0xc08cf7a1a128747dL,0xeb34a1c02eca6776L,0xff6e7cdfb596491aL,
-        0x17024305eddd8bbcL,0xab92b54cf3c46414L,0x2a995b7759134eb8L },
-      { 0x97525904e48cb259L,0xeac065ed1e1da01aL,0x16cab74a14c5bf38L,
-        0xcd3e2516c14eda8fL,0x3ff38094a8de7a9eL,0xb7340214359d653eL } },
-    /* 6 << 63 */
-    { { 0x4d37c2663e7a369aL,0x092dc32c3ae62c55L,0x566da2e928ca9d67L,
-        0xa9771c1a79beb236L,0xaf6b97a976f801e7L,0x3afd62e771259358L },
-      { 0xc23a5e32cd541e77L,0xae4c90a301660ff9L,0x3f3a233b1911ccf2L,
-        0x93e4664cfa3b3aceL,0x4bdc14832d4c5f5cL,0xfe03d3c36abf13c0L } },
-    /* 7 << 63 */
-    { { 0x9649468631b26990L,0x55222e9fe3fd62f4L,0xc8eaba742ee74b8eL,
-        0xfa43617834d198efL,0x475b688e892748f5L,0xc6eb426541b9822dL },
-      { 0x535695bebdae951fL,0x45e69033e909cce4L,0x40354e72b1829154L,
-        0x1005ee6d5c56c3cfL,0x61b36a754a3fec51L,0xae644f3872f2f56eL } },
-    /* 8 << 63 */
-    { { 0xd5469c7becee6e87L,0x056180bc33a4c917L,0xf881ca21a16caa7aL,
-        0x221de182e6cc7f39L,0x10d61ab531378723L,0xfb763bd9520c9660L },
-      { 0x145214cd0d6b1541L,0xd9f7ff2dd70223e7L,0x9fce59e30cb1fe69L,
-        0x2e6e77fa3e299fe7L,0x3a0cf652d5af78cfL,0x50cc42c53e852159L } },
-    /* 9 << 63 */
-    { { 0xd2536452b8da85a2L,0x5c15dabe331197daL,0xf5a89366aecccec9L,
-        0x8f998baf2d8352fdL,0xb10e6c80f56159d2L,0xf61ceff379eb9affL },
-      { 0x05bcb93d1c4283a2L,0x4e1abc521d8cd941L,0x898c9a49b46b343dL,
-        0xcf352f3c6e423ae6L,0xb1db207f6fd42c89L,0x08f36a1edab295b4L } },
-    /* 10 << 63 */
-    { { 0xebbe18b7ed31fabaL,0x046e248dd74971d3L,0x3ddf5a2a0b24f97bL,
-        0xf9a400c262fc6124L,0x9ad9b0bc6b03b73aL,0x9fa97c56153c8fdeL },
-      { 0x1b6477da00b73ea7L,0xec59f64a21b2f3f3L,0x4428712895306955L,
-        0x4b5db01db9e77579L,0x237edf0bde05e0d1L,0xac904b01855332f5L } },
-    /* 11 << 63 */
-    { { 0x6a37fc505cf708c5L,0x8de4dd7c30497ceaL,0x6978648161b8bf39L,
-        0x3cb303375d7362eeL,0x0e24d09237ed25e6L,0xd474f3dc2f69ce20L },
-      { 0xe15d98a0edb40541L,0x5e4a87c91466f464L,0xc3cefc9eb68923cbL,
-        0x66f10920f22c9de2L,0x3c18f9ea9a51b3f2L,0x706237bef40e6204L } },
-    /* 12 << 63 */
-    { { 0x0791dfa1df764716L,0x31bf68768c66da07L,0x49f25b77ccedf4f3L,
-        0x05170ccd5d965c05L,0x37d9521bd49e6727L,0x1548251286a00176L },
-      { 0xdab444936c00eb48L,0x102c6b95e00c5c5dL,0x43660c3e4c2506baL,
-        0xb2fb26165ec6f132L,0xccc4221a99ac7691L,0x05b29758a576deb5L } },
-    /* 13 << 63 */
-    { { 0xee84fe05a5731e27L,0x3251ded005713149L,0xbfeeaf3c7c5e7260L,
-        0x3db0b6b2f048907aL,0x38728debb4a6b923L,0x853997d9d1142e10L },
-      { 0xc636e3874b641cd1L,0x69b10f43c629f4f7L,0x6f10a95c7deddd0fL,
-        0x85b5a7a317f56374L,0x28cd59435c329333L,0xb37621f7d1e476a1L } },
-    /* 14 << 63 */
-    { { 0x3a17f86d48341ba2L,0x558ef6e8ba6375bcL,0xa86ea3f0927935e2L,
-        0x2f43742ac04d4fb0L,0x32a30bce38769421L,0x5a6d6a62d8d3912fL },
-      { 0x34154b19c20e3fd9L,0xe95d3843fc85f907L,0x26cfbe0f9f7a13c0L,
-        0x50d50b3a531736e5L,0x81849773b2cfa2c2L,0xc81523e63ba8ae5fL } },
-    /* 15 << 63 */
-    { { 0xac9b0573c2f899caL,0xd9c4fc1ff747ef78L,0xbc205571c7714e62L,
-        0x726bbf311919f8c8L,0xfff68adaaedc0450L,0x9f4bc0b9f4001089L },
-      { 0x5d10a660fc5dcfeeL,0x1ea644fbaa9f25adL,0x4f5cf102e5a144d4L,
-        0x4275b6021521f249L,0x9c62750522d8bcdeL,0x3ebbfc5bb7df57afL } },
-    /* 16 << 63 */
-    { { 0x4a873076ad8c49b7L,0x891598ce7146575fL,0xc1d3042f427ea198L,
-        0xdc592111ed259219L,0x0abdbd16234850caL,0x26b9412643b6fe8dL },
-      { 0xd3c79d1736a1cfe9L,0x576386219a2b3bafL,0xa736535d5a98bf65L,
-        0xacb3b7ddab2cdb2bL,0x37d3743adaaf89eeL,0xf19d9aba0b348532L } },
-    /* 17 << 63 */
-    { { 0x013b49753e09dc4bL,0xe548f7bc2d034deaL,0x65ffcd710b861c72L,
-        0x80f4d7a2e07dac01L,0xd1889dcf56c1a8b1L,0x14ad62d4789b133bL },
-      { 0x082e3c082e80532bL,0x0562a7d80b9d17e2L,0x4f8613095d57e2a7L,
-        0x79f21d7255f93514L,0x22c4f68c595c0f33L,0x91d9bd5ba22c0c33L } },
-    /* 18 << 63 */
-    { { 0x30539655b29eff74L,0x7ba206ebe723167cL,0xe20c3ce488110a02L,
-        0x52b406b97c124481L,0x050111c68c74a728L,0x3d594a6bc57cd9feL },
-      { 0xd4b2a271e5f952d9L,0x7e52d63b080da0c9L,0xa6463d65f53a6cffL,
-        0x9ebcffcfcc678e26L,0xa657f27b2f2b9424L,0x850bd2b871da5c9aL } },
-    /* 19 << 63 */
-    { { 0x9f3c395b7d4e1a14L,0x2f99aa23bd7301efL,0x50eee34e3017f166L,
-        0x88c951ff4c9cbb4dL,0x90c0422ad8dda2f4L,0xe8361775d49cae19L },
-      { 0x654db0d250da6138L,0xe4ada30ee03c34a3L,0xde0d3787832ccf4bL,
-        0xd1bf435641b94c86L,0x347531c37db87eb5L,0x6942e7e30fb51863L } },
-    /* 20 << 63 */
-    { { 0xafad01a0d93c54b2L,0x659bff9695536c49L,0x7b91aac2b9734c15L,
-        0x55c7f08224e02f59L,0xebcb71e73a26e551L,0x5b7225f76c6343ebL },
-      { 0x021c48fb17d5e775L,0x57536a42bd859c87L,0x24852cc0ae2b63e9L,
-        0x21515020c0ce0ef1L,0x2ac7336c8fed825eL,0x4bc87feea0152819L } },
-    /* 21 << 63 */
-    { { 0x7f9813e94b82bbd5L,0xc01f14624e697d08L,0xf02d9eb293de010eL,
-        0x290c503c50db5ea8L,0x339341f033edb639L,0x962abf5f7cd7f6c1L },
-      { 0xbb1041ae95fb9e8cL,0xb8c9f9d6dbd8525fL,0x8658a54f0f5244b2L,
-        0xe9326e455b84eea8L,0x9ebdfe4f54f11de8L,0x3c90b0cedc740440L } },
-    /* 22 << 63 */
-    { { 0xde6973e22683ad60L,0x35fe4650eebceb58L,0xbcdbbabf7c719a33L,
-        0x8bce8111c076ca95L,0x8f7176deeb6bd711L,0xd04e9769d240a56fL },
-      { 0xdef7d8fac8e218daL,0x04cff5976df28152L,0x2a1af6e24bd1cca2L,
-        0x9397014edcb911e2L,0xa251339038677b96L,0x0dc48a8fb61b462dL } },
-    /* 23 << 63 */
-    { { 0x42eab6610197a8d2L,0xdc4a557ade082468L,0x4cf68d6090495f66L,
-        0x6dba8de79032929eL,0x304b38cc827b5d7bL,0x8e57275cf32f5063L },
-      { 0x4b555a0337280c95L,0x49c1e532ef8ddd18L,0xa2d8eed45459adc1L,
-        0x2b353217bba3cf41L,0x11f3c90cefe8f005L,0xb3367fa0d55916c4L } },
-    /* 24 << 63 */
-    { { 0xe7c396d64654712cL,0x1fa5ea507a26e994L,0xaa98768709012b83L,
-        0xf1ef9792e9b17e98L,0x2c22bcb06dc2db10L,0xae42ddf6ed4be80eL },
-      { 0x672080f62e743405L,0xa15a7f975b7821d1L,0x0cd912f247adbf07L,
-        0x6919c0dcb6c4ae8fL,0x62b13edd14c6253cL,0x66f35919f8032287L } },
-    /* 25 << 63 */
-    { { 0xc992f6fe05f3b31fL,0xcdcf59b56a3d4522L,0x69901b3815df24b8L,
-        0x4b9874029f6153b3L,0xeb09cbc1bca86176L,0xbe78cd7d446289c4L },
-      { 0xd4aced42b933fd58L,0xe0dc6f306a326de3L,0x4bef32960542a5f8L,
-        0x3eb8d14106f537c3L,0xbb45a994b6f0d0a9L,0x340c025d3f4a01b8L } },
-    /* 26 << 63 */
-    { { 0xdfcb3255fa371ffbL,0x3fb4a22c92bb6b01L,0xd96efc1605396353L,
-        0x2ce2228ce5d2bc25L,0x59483843212c7eecL,0xdca7173882996047L },
-      { 0x44dad56d8de87b1dL,0x622f88910b6222d5L,0x1abbc501d5d3a9ccL,
-        0xdbed73a5ebe52e80L,0xa7f785b1c98c56efL,0xa32471d3d343aeacL } },
-    /* 27 << 63 */
-    { { 0x65d39f8ae510cee9L,0xcc60cd118dc5e825L,0x3b6ac6627ed7198aL,
-        0x5d7fc001f33edc87L,0x0218ffc453e978eaL,0xecb762e57bdfcf16L },
-      { 0x8e7122047966b202L,0x1c502404e6b99602L,0x0acb73f1131cc36dL,
-        0x81d1132ed4369a1eL,0xbca89fe8377271a4L,0x1353a883262a2e18L } },
-    /* 28 << 63 */
-    { { 0x2713b58c9d628e1dL,0x3729960afaa8ba1eL,0xc3438130ab53bc93L,
-        0xcef9eda5e9c165e7L,0x9bacd1c3fd02650bL,0xbb300334540ece72L },
-      { 0x21f5a5d3d9c4f0edL,0x1ba32e4ff7c19269L,0x8f073beb2cf320fbL,
-        0xb49766c45599646fL,0x68180d6649e4f200L,0x8203d8aeeaeddb36L } },
-    /* 29 << 63 */
-    { { 0x7b19780fdbbbf57eL,0xc094d6d9c2207635L,0x241898ac6bb652d6L,
-        0xb61b25724923ce29L,0x26ecd97508000048L,0xd08c54e5f5f96b8fL },
-      { 0x19019968c1604cc5L,0xa9940e9edc3f31b9L,0xbad2d245c3614a9aL,
-        0x7d3cdb2d411e63b3L,0x88d842c3223638ffL,0xbc5427d0cfba2b48L } },
-    /* 30 << 63 */
-    { { 0xe6d78b7f60085b20L,0x0aa1d62bf318d226L,0xaaa4391df6461e64L,
-        0xb15ee4a7213c949bL,0x183f043be4bd3dbbL,0xa1a87996ca49f456L },
-      { 0x6030ed2ef6ed22bbL,0xa2002784fab7f7a2L,0xfc40914dd850cdbaL,
-        0xe63edc4c7df80ba3L,0x8fa35ab57b27ddfbL,0x3bdaec795096ea04L } },
-    /* 31 << 63 */
-    { { 0xf33cc5ee452881ddL,0x89c144a38966d47fL,0xbfa8395149156a93L,
-        0x0069bff358707b05L,0x2caf814cca12a0b5L,0x1ea71ce71794450aL },
-      { 0x08fd2b1c63d22a26L,0xdb08594eb3876737L,0xf459049a57b3669bL,
-        0xf64ecaeefee0d4ccL,0x9da2177c63f233a4L,0x042fcca84e54f053L } },
-    /* 32 << 63 */
-    { { 0xa68295da2caf088bL,0x23d6439a5c8709feL,0x8deba0cffe0c3df0L,
-        0x5b4d037b3cd00a1aL,0xe9edc429aa0f9088L,0x6f5827e35847def7L },
-      { 0x9739d03d306ad966L,0x7c6b18afaed51d04L,0xdc3d34ff1759060aL,
-        0x029e9aa9a7e94dbbL,0x2a3cdfa0f7e8b7f3L,0x42f87bf0bbd8f6f4L } },
-    /* 33 << 63 */
-    { { 0xe36941004ef8cf5dL,0xcb4dbddf4d8bb768L,0x0610858e828c717eL,
-        0xb4cf22cb2bf53239L,0x938e49f16a3e7a71L,0x1dbbb837e73c7a10L },
-      { 0x26ea3108db1b58d0L,0x1ca340abad2929faL,0x1d4601938ecb1f6aL,
-        0x060543510424fd93L,0xdbfc403f0303dc50L,0x142ad48dfc0f4007L } },
-    /* 34 << 63 */
-    { { 0x8a8258eee6a52970L,0xf2d13a33a3882954L,0xd312768c38d48e32L,
-        0x78a70e03e9369eb8L,0x02ba8d2b69228d48L,0x7f957a33b3bfeb28L },
-      { 0xafb22cd20ab2d0bfL,0x335304ccf8cd44d9L,0x0587a6f256009a3dL,
-        0xc0bc7278023b2530L,0xe85f2ec5f37c6727L,0x045f156003f5a081L } },
-    /* 35 << 63 */
-    { { 0x6d71a45274ec55c2L,0x0d064bdfed33da75L,0x1aa4d77ab503afc6L,
-        0xec08340c5cb136e7L,0xf096fed6ed11d9faL,0xf232d1b82f81e148L },
-      { 0x71cc9b78ae9b3374L,0xd80ce28668bcc1baL,0xe8f4bd170274926cL,
-        0xa7ac120f100da329L,0x9f071c6352a482f2L,0x76d85a8e842d6ef1L } },
-    /* 36 << 63 */
-    { { 0x516f138bed210253L,0x5ec2fa324433461aL,0x0dbe2c66cdaf1280L,
-        0x086b91e59fbf3318L,0xfb0223ee399a1ca6L,0xd6f86d9b0db5b20fL },
-      { 0xec02bca25752d618L,0x952fafcaaf69f3f1L,0xf304cb7533c4d294L,
-        0x78085727dac65608L,0x22f302ef840a4466L,0x33fb889dc371c31fL } },
-    /* 37 << 63 */
-    { { 0x4aa2f1c36abdcdf4L,0x80963f8251da8d8cL,0x5647a356ac008cf0L,
-        0x40a78c45fc10452fL,0x2a3b9da1ca2d6a31L,0xa4d177760f0db94fL },
-      { 0xcfd600d9939941acL,0x256e44c142c3fd25L,0x85bccd42ab3f9d41L,
-        0x83e93e44d018298cL,0x569f54d474a5fb37L,0xad2c613af2ffcf8dL } },
-    /* 38 << 63 */
-    { { 0xc63e6f7c22d515abL,0x3fabfef42ad30174L,0xf13a0126b1c65411L,
-        0xe269e956dce87183L,0x44136834a83e0249L,0x554e731831958850L },
-      { 0xd287755696569aeeL,0x5af275e9274bf4dfL,0x7056f958197dbfdfL,
-        0x699f5a672169811cL,0xd9a857d92c1c7c3aL,0x62cf7431843bdac1L } },
-    /* 39 << 63 */
-    { { 0x974fcf5529d0c948L,0x104d7df0693c5379L,0x4f851c397dadfb28L,
-        0xcd5bc87c233c02c8L,0xf7fa16e82c8c1c04L,0xed42de484dc18a19L },
-      { 0x213db3a5b4366736L,0xf6eb5c9517da3d1dL,0x4d04ef1213b304ecL,
-        0xba7bd9afaf74e164L,0x956a5f7bab319f50L,0xe733891ce2a4932dL } },
-    /* 40 << 63 */
-    { { 0xaa4711f54f890542L,0x862421d9eba822c4L,0x2f667179848280fcL,
-        0x4de16d87c201ed75L,0xd20e1399c5e61b5dL,0x3f7114b49ed67ec7L },
-      { 0x561fd4979b5a88f9L,0xb202eb86d84db2c1L,0x67d8fb90c8637d3dL,
-        0x3d1d78a1032b1853L,0xe07bf775ef1af9acL,0x691e1deea57d6adaL } },
-    /* 41 << 63 */
-    { { 0xe236e42b2a6045fcL,0x4a6b7be7613f1c5eL,0x14136ccbf57b1aefL,
-        0xc3a8a6b9c7b34813L,0x63b0998c5f5cee69L,0x311bfe2c3481a229L },
-      { 0x4dd2325ff0aba408L,0x1b8a3f739a2fdff6L,0x4845cde0dbafe0d2L,
-        0xd092bb22cd37b02dL,0x35436f9d600fe0efL,0x63c580cb065f379eL } },
-    /* 42 << 63 */
-    { { 0x38f98360f48948b5L,0x1a1d67a97ae3ad67L,0x79966318ab91b44aL,
-        0xb69a75b8dfea0b1eL,0xbb18e5fa05d4d71dL,0x80a14dfe03b1280aL },
-      { 0xe549c8f14c17cf7fL,0x91da31098969b5c4L,0x1e3e8f08ccfc1732L,
-        0xf1cfb3ad0c85444eL,0x6854b52a628bebbeL,0x8a5e2d85075f04d3L } },
-    /* 43 << 63 */
-    { { 0xd428f75c5aaa1da4L,0xf192162dd224691bL,0xc30f5ccfd3a50718L,
-        0x82e2b585e9e0f738L,0xc7fb4dc15cf3fd23L,0x8a52eb37e4e2b37dL },
-      { 0xd5bb892bf1702cd4L,0x64b8ccd056b92a51L,0x98ab053f8988e2e6L,
-        0xd56b34022f104643L,0xf09017be073886d7L,0x0283e9eebf6eaea0L } },
-    /* 44 << 63 */
-    { { 0x834701da3801c65dL,0x5bb35c48955aa27dL,0x0ef0f375db7ad387L,
-        0xd25e337f06cd1d53L,0x757a1f9d90cd91deL,0x1604f153d61bbd60L },
-      { 0x6a01e8cf8bb95dc4L,0x34b7be6275bbdb13L,0x0a96b3a121e9b029L,
-        0x25615c3b2946df44L,0x5eda7d1919d04842L,0x08317975fba84668L } },
-    /* 45 << 63 */
-    { { 0x4a4dd7bf2bb5fba0L,0x0ebc07f3c84c2304L,0x054f2e448daa5099L,
-        0xbf8949da3ec362f1L,0x2e4a677c1d7d73f5L,0x405e3ad24dc70fbeL },
-      { 0x2958e956c7e46fb3L,0x34e0d7f1b2522e5dL,0xc44b95e25e371e3dL,
-        0x62e348a4d91baea4L,0x8d9e89e24c09e110L,0x8cb886f6b1c1e356L } },
-    /* 46 << 63 */
-    { { 0x66b16f6033e8683dL,0x3435ab2560b41c5eL,0xd5b89f51d452e049L,
-        0x4b5253a73aac0092L,0x01cae436f9d2e2c2L,0x789de14637e8ce97L },
-      { 0x8f50541701a1c2e8L,0x8c77dbdd798a8404L,0x5a264906b6e91e68L,
-        0x36761ccc3c6aafe2L,0x5809baa37e50f9e7L,0x0b50904e28fac969L } },
-    /* 47 << 63 */
-    { { 0xb6360372308785eeL,0x0c9913a68cf10e55L,0xe82b0f470e67c99aL,
-        0x0bf2d24825399082L,0x7aa3edfca86fe16eL,0xf534ec4e731a4956L },
-      { 0xb71d5d4eff26e993L,0x320eb7ac7bd58ef3L,0xe5e4c5f30cafd658L,
-        0xeb6b8e0a21a06cedL,0x037d0faf6f76acb1L,0x39c76a6ed6f13f81L } },
-    /* 48 << 63 */
-    { { 0x12474bd8a55a3a4dL,0xe326aaf19e471af4L,0xf201a9308caadaa6L,
-        0x546821f835304341L,0x7fe452c3088353e1L,0x8f1ff628fc82566aL },
-      { 0x49526f46d99f8967L,0xb19c80c0a4009690L,0xeccf97591cbc0716L,
-        0x2e13ae2caf4cbc8bL,0x12b0df13f32e29adL,0xa2005d6e0b1565f0L } },
-    /* 49 << 63 */
-    { { 0x9260321bde788968L,0x4aaf1752886ccc74L,0xf94ae636c06b1d9bL,
-        0xf0c858854954ae43L,0xaaa735866c42a104L,0xcab59d914e782db7L },
-      { 0xfd12f9ee01ff3a1fL,0x35eb6104b546d3c5L,0x97d839e075ca1425L,
-        0xa77712f452428003L,0xf5dda4e8bd9f30e2L,0x0c3ab97091d6f540L } },
-    /* 50 << 63 */
-    { { 0x58734b3ca68716ccL,0xacdcfdd2acfb5719L,0x97074bac7084cf23L,
-        0xf8d4f285d0c81b66L,0x5ea926e2ef541e44L,0x65a8e25da2c04e0fL },
-      { 0x67e2380f06258485L,0xdc00f2ed9691a57dL,0xd37b23fd6b80274eL,
-        0x57f1604f2fe10aecL,0xcc21a4aeffb33ceaL,0xf33a344bf75eaa02L } },
-    /* 51 << 63 */
-    { { 0x24ca6fc56969f55cL,0x6fe18be29a7a9753L,0x5e9a7ed36af8da90L,
-        0xf6c261b7ed493388L,0xbe9ac24beef2b77fL,0x0357ab559f244e49L },
-      { 0x5f7953375f1b5b9bL,0x27dfdecaa9bc503dL,0x0b2091b55c0e3ee9L,
-        0x1f4f7866d68cb87fL,0x336c2c127a442a9cL,0x88267fd1d3f2ab78L } },
-    /* 52 << 63 */
-    { { 0xdb891eedd06014e0L,0x69685d6103e9970aL,0x3a612db402838113L,
-        0xc1cd7b3adcdef0b0L,0x612b299da41d6c1eL,0x982161ed0ed386a0L },
-      { 0xb36bbe2f3ea1bf1eL,0x0d8c3752ceb2a5ecL,0xc02cd7f6ec03bdddL,
-        0xa87977c152631d9eL,0x7b546cc37e398d7eL,0x5b1218a804845671L } },
-    /* 53 << 63 */
-    { { 0x52cd86c68a62f0a0L,0xc437c2af4d29c896L,0x722a337a45aebfe3L,
-        0x03b13844d8a9de8bL,0x41a005bb8510aae9L,0xf42399ffc63af92cL },
-      { 0x004d29cfcd93390eL,0x472de98741dcfa34L,0x2c71ae744e7cdcc4L,
-        0x11a5c2f8409816ccL,0x320ca246a96cef60L,0x72de4287f3d57621L } },
-    /* 54 << 63 */
-    { { 0xe3e7a3eb3771a0aeL,0x781156e9b6dd5304L,0xbaee3a8323e31e6aL,
-        0x66d1569a08985bf0L,0x56161e202d75cba3L,0xf9c23c102a944de4L },
-      { 0x27ac8f454e129ea5L,0x8b991ba788050aaaL,0x600c96ffa5d052f6L,
-        0x0fbe944df244984bL,0x3801026fa204c36aL,0xc4bfa1994d55a584L } },
-    /* 55 << 63 */
-    { { 0x11b200c6a32f5c81L,0xc4ab4cf43eabe341L,0xa21468f06f339f5aL,
-        0xf20c2c5a729438aeL,0x3e68031e3a067c3dL,0x3962a92f062c8371L },
-      { 0x389b22835b000f3dL,0x98f3b679250b8666L,0xe283c2b4eea91464L,
-        0xd35b14de1e1f4c08L,0x9ae72567d79d8683L,0x2c37b162a3b2a840L } },
-    /* 56 << 63 */
-    { { 0xfa3e43e56cb173d1L,0x2502258d4591b5a5L,0xae8c4b558ca9682aL,
-        0x8cb1ffb4ec81a288L,0xd11ae888bfc84fd1L,0xa3b083a0d774577cL },
-      { 0x119b41c11da9afc5L,0x44bc77622934e22bL,0xa04694f37c639d6cL,
-        0xd5e1ce5732c5b8eaL,0xd507c39b9749e8b6L,0x16cc0b5755255b63L } },
-    /* 57 << 63 */
-    { { 0x66fe7a39c4955e7aL,0x25b0b3e5bb11a1baL,0xb82c2cdefc573bf3L,
-        0xed33c0e8281a3927L,0xd068c8901ad799d4L,0x052801ec9cbc73edL },
-      { 0x614e4aba0faf5c5dL,0x50d7b0a89f66d391L,0x7bdfbf5fc18e88a8L,
-        0x1fc93e1f4380d2a2L,0x8241dd5f27d952d0L,0x44944d9c3a3f79d5L } },
-    /* 58 << 63 */
-    { { 0x808e2693c0edcf36L,0x4725b5aa87c254c0L,0xd1e464644d317973L,
-        0x3e59efc2393049d2L,0xa4c9f340d3e0d17dL,0x69b40727abdf3022L },
-      { 0xa1d85395317058c8L,0x2cec2a040cfa7c13L,0xe3c16f7634236cd1L,
-        0x566b403a3e52fe3eL,0xfd6065bdd6923cb6L,0xe769a89a5019f94eL } },
-    /* 59 << 63 */
-    { { 0x9b1f6e9042a1cce9L,0xc6c870270511f865L,0xc924caa72a3c29f6L,
-        0xcb674fb068e604f8L,0xe997b0b8330c2dedL,0xf5b315a04ddab219L },
-      { 0x6fa1dde6575d3ac3L,0x32ad27f735e65e56L,0xfe723ec2e81b1ce4L,
-        0x149983f8985d7286L,0xa1d350a0492ecc9aL,0x12a51f8c36a0707aL } },
-    /* 60 << 63 */
-    { { 0x71e5df78614f6f37L,0x5cf0e08da0b80beeL,0x1f8dae171e32051fL,
-        0x54ae365d83bc233bL,0x97ea005b1b84aaa6L,0xf4766d9264c75139L },
-      { 0x9b93bbf241215701L,0xb18f042d8cf8a865L,0x5dfb96dd0867556fL,
-        0xe9fafbb8597fd6a1L,0x729b2f50fe48bbc6L,0x2cf85f6b7f37ff9bL } },
-    /* 61 << 63 */
-    { { 0x3e7c871024d197f2L,0xb635595bafe9c29cL,0x302f4fff194e084cL,
-        0xd497ce7c18edf332L,0x4081c7aa062672a4L,0xe886a5b28afa97daL },
-      { 0xa7e922b5786e1bfeL,0xabd9a18bbd7ffb7aL,0x1f4f5b9356341b58L,
-        0x1726484344969ab1L,0xc4a0b557e668a479L,0x5ad1c062bf4f3343L } },
-    /* 62 << 63 */
-    { { 0x4ff86eb693d2b958L,0x4513fe1b784f628bL,0x45f4712573b5bb80L,
-        0x25aa3d36c987bb15L,0x12b1e65bb48163f0L,0x9d0cb4aa9801592bL },
-      { 0x02c0c2aa3718bc98L,0x79b03df99c306353L,0x097d8d8daee5144cL,
-        0xebed60774621d7abL,0xa8edf06e4b52e72cL,0x40c86f181dbca7d2L } },
-    /* 63 << 63 */
-    { { 0x65c7144a5e84482aL,0xba6f92644d4f7553L,0xf4dfe807d9c2524eL,
-        0x1333dd7c054403b1L,0x44557e880156451fL,0x5dbda4d80824c813L },
-      { 0x59e204959857fec6L,0x42f4068f1b1eeb99L,0x067c3aa21d59bde9L,
-        0xa9c4c3eeef27419aL,0x99fc994b2ec87652L,0x4f1607581578a996L } },
-    /* 64 << 63 */
-    { { 0xcd8c2ec9378ef62bL,0x7f4a3c5491a7c4b9L,0xe12386d4db83e1abL,
-        0x9a792032bb549bb5L,0xaf81cba62807c0f1L,0xd4ad7d87abf2008eL },
-      { 0x9d7a72307e9ad6cdL,0xb30636b08b517b2aL,0x47c324daec900516L,
-        0x408cd0d37193eb30L,0x8f0bcce2d315c655L,0x540ad4e0869d6c22L } },
-    /* 0 << 70 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 70 */
-    { { 0x4b5e753ddae0ff8bL,0xe55c83e4da3d97b5L,0x4034d75f42fa905bL,
-        0x89b85edac33e462bL,0x31f413c3058de3bbL,0x66c01c806ba75391L },
-      { 0x3f500202373e28deL,0x5090b33b4b9be739L,0x7297aa10efa2adddL,
-        0x3e8ccdbe1a6566aaL,0x4dfda07fd7b4f214L,0xa659bd1e7cb1cae7L } },
-    /* 2 << 70 */
-    { { 0x31796c2387d11691L,0x02991ea2a9de506cL,0x4ff0cb716cb0c301L,
-        0xdd0cdbd7d1702ca9L,0x470a26c8e1a02a90L,0xb705b7bad7054625L },
-      { 0xfadc2e86d4a1a268L,0x0fd9764668e9f923L,0x042b5ebb2951a8feL,
-        0xe4af9d0364197a76L,0xdd2c6bb3249c1b5dL,0x60af89bdf01932b1L } },
-    /* 3 << 70 */
-    { { 0x4374145d41afcd64L,0x98b72d6049d21198L,0xc0ff394bdfde8a41L,
-        0xed1112e5ee1ff7a5L,0x87a920e8cb5036fcL,0x437123f62deb225eL },
-      { 0x37e527afb9ad8c58L,0x3e3c9998abfaef38L,0xb656bcc550b2b4e2L,
-        0xfacc8a193bf5699dL,0x98cec74fe616307aL,0x34af333dd3ef8babL } },
-    /* 4 << 70 */
-    { { 0x9ded9b0d744ec273L,0x5bdfe5472e79e4d5L,0x94f3aaf539393728L,
-        0x22136862a438413eL,0x449286da373c7de3L,0xa709d85d29aa1540L },
-      { 0x1bd13e410284a4f6L,0x37b54d69f0799c8bL,0xd43b558f6bcd0cb2L,
-        0xf5757c0e9e610369L,0x15c80b23c16e0651L,0xacb2cf64001820aaL } },
-    /* 5 << 70 */
-    { { 0x0629e4ddeec37f48L,0x3f7556a2da7de716L,0xcacd8f27661662bcL,
-        0x65d8bc2ceaf01690L,0x83ac66477c39c893L,0x353f60dbf59440e1L },
-      { 0x2597b0d6852c575aL,0x410885f73a40c2b3L,0x953ab3472fcc2488L,
-        0x9f753e5eef4cc6d8L,0xfc32bb4d97f69e63L,0x461c1b0c87e8c264L } },
-    /* 6 << 70 */
-    { { 0x2bea7e75ac4b62f5L,0xcf255dcdc6297871L,0xdd88db8781b25c72L,
-        0x77ad90b3b617dc04L,0x65ee13820ed4a7d6L,0x4c08df9cd9644c8fL },
-      { 0x072d3784525a023fL,0x1aef69cefce399fbL,0xb07fd78ed7f29044L,
-        0xa3754e1443043fa7L,0x97bdae92ff9fe4d9L,0xad63ba6a700fe6b8L } },
-    /* 7 << 70 */
-    { { 0xa571929ba1ca17dbL,0xce7a12f545e146b8L,0x39df1446d9eb426dL,
-        0x1e48b3f8dc27f268L,0xa2d7dfa1ff548455L,0x750068b86ef1cc82L },
-      { 0x4d699306667fce62L,0x98540b9d131c5412L,0xf8a62cd347c580b0L,
-        0x2b55460f73795005L,0x3206c0257b8db337L,0x2280934bd0dda5a2L } },
-    /* 8 << 70 */
-    { { 0x10a8aabd2352478cL,0x599d9dfa1364c40fL,0xa009df1a076945a2L,
-        0xf869152c03861f02L,0xc405226e9f866a3cL,0x93bd737d8b41ecbbL },
-      { 0xb5c9ed1033901eedL,0x90e4ce8f99312b80L,0x1a9ef22e57589279L,
-        0x83ef607d7fe2d6aaL,0xf2da84543473dbfaL,0x14f36d3a57879066L } },
-    /* 9 << 70 */
-    { { 0x2c780f220ea3ce34L,0x240a211e4b8aac72L,0x7a266e5dc2625a99L,
-        0x1cb15d3e3b30c878L,0x8cd8ccab0e1b21d3L,0x53c64279adc1a6b3L },
-      { 0xe60d15b960bf708dL,0x6e431c1b0cb5ad4bL,0xec874c3e82033111L,
-        0x88054a1d9141eae5L,0x98438a5addf53a28L,0x168f0b0ffa12c657L } },
-    /* 10 << 70 */
-    { { 0xd621ce26629d7a57L,0xbf571de7cc1f8af1L,0x2c5cfaf9304adaa3L,
-        0x950addbd3f283b49L,0x622dc27cee6d1cd1L,0x26d920041f0863fbL },
-      { 0xe243b2a2a41ec585L,0x0dbd9adf2bea6235L,0xcb083c4d6f0820f5L,
-        0x809ecbafd5493931L,0x9647067414b7ffa8L,0x2cdfe22e53fc2224L } },
-    /* 11 << 70 */
-    { { 0xc8b1333c7cd74a06L,0x7d5ac4dc271006bfL,0xe9377d9fc14e0e56L,
-        0xaa8651db7a92ab1fL,0x77cee8145fc11fb5L,0x1e7c5ca027870b14L },
-      { 0xdeef4b3f6f959698L,0x7c59f26e5daa9bdaL,0x4d0d5aecfd312368L,
-        0x5247a6f3b738de68L,0x1c4e8ba990c04807L,0x0554b41bcce126caL } },
-    /* 12 << 70 */
-    { { 0x3df98ea9a81cc26aL,0x982ed56883b2c6f3L,0xc9cbd1b5ea6d6976L,
-        0x3f9f23197e25ffbcL,0xbca8e0567da6280eL,0x7abd316635cda713L },
-      { 0x46ef321d740ae011L,0xb17f6c75db214a33L,0x37b73b4b51de4044L,
-        0x5bccf3ccccd9ba8dL,0xa2ca080dd0f7045bL,0x79caf90668cf4dccL } },
-    /* 13 << 70 */
-    { { 0xcc3605a9a7b07d22L,0x4370eb18b4ebe4e7L,0xbe393039248867c1L,
-        0xc8e4851ecb1a75ffL,0x215f3fbe39cb6da4L,0x6f2102eee41f9a34L },
-      { 0x61d484abdfae7c27L,0xf5143bd26f1260fcL,0xa70b6c067514bcccL,
-        0xe71ca833d23506f5L,0xe2f50ba8eae03a8eL,0x2ac3b50883c33359L } },
-    /* 14 << 70 */
-    { { 0xe94b930f3655cabdL,0x6ef6aac4a342443cL,0x2feb8005bae255daL,
-        0x4625a15cac6e2095L,0x75c6311d0ec76c1eL,0x896a07409b81c6f2L },
-      { 0xbad3e2f9073378bbL,0x2984a10629266ec0L,0xa68a5351a788010aL,
-        0x321aa113017cd052L,0xecfb61752f34db5cL,0xfe080cedca2b51dfL } },
-    /* 15 << 70 */
-    { { 0xba29690803360c88L,0x3fb087c036311812L,0xec5fb10ad9ff6a48L,
-        0x52f7077f207dd8e1L,0x8e65cfb844c02fbcL,0x4f4fcde2fbf4bfd5L },
-      { 0xd1ff54156cc74320L,0xf989d544f68b036aL,0xafedc2db973bd9beL,
-        0x7bdc35694785e26aL,0x0df36796751ae9baL,0xfebde691ccdabd95L } },
-    /* 16 << 70 */
-    { { 0x3499b44bc77488ccL,0xde000e01aa8f3c10L,0x30140406c1f517d7L,
-        0xd4b3c8eb82a174e8L,0xc8835b13af2c9b3aL,0x2cd7626e443716f4L },
-      { 0x336c4f4b9c22de71L,0x9dd2b277f2529f60L,0x6ffba2dc828c34d3L,
-        0x257a345c34d0d1f7L,0xbc1eff056ca4fbceL,0x05b335620768349fL } },
-    /* 17 << 70 */
-    { { 0xb142febb692e076aL,0x10cfaa6b9a654721L,0x5b7ba30c8d4917c1L,
-        0x44be3089dfe4056bL,0xb7530ae6ae6307f4L,0x47c519c45b5f381fL },
-      { 0xa80648d8c3078009L,0xfde72e30dcb021b4L,0x8a89a51bdc2659e8L,
-        0xb9e0efa6306adefcL,0xc671c060c754a7bfL,0x703c698e18f14248L } },
-    /* 18 << 70 */
-    { { 0x25c86ad43c47783aL,0xb1f94a9650f85a4dL,0xb9472e3ac023a02fL,
-        0x91033d1b26f0fcdfL,0x95d775c1ab7b4ee3L,0xbe17daffdf3a5cb7L },
-      { 0xaeaecd2ce78395f6L,0x0e3abb0953b5da8cL,0x5f729f858ee774afL,
-        0x1acccfb3aeca7a6eL,0xd066fccb37e4af11L,0x24c832ab84fc3259L } },
-    /* 19 << 70 */
-    { { 0xca547b680ca4864eL,0xea40fe17c7d49f27L,0xb5e68bab87227475L,
-        0x6ba2bfaf8ce485f7L,0x4d2747acb72684f4L,0x5fabffc670aa6087L },
-      { 0x2d4ded5679c67c9dL,0xaf3b4eedc8a4f22fL,0xbef6128ebfa6ca86L,
-        0x7ce412bbd4381632L,0x518e6ecfe670d99fL,0xaba6518dfa5f426bL } },
-    /* 20 << 70 */
-    { { 0x5ebdc79cd41b2401L,0xf0cd8598c498e0f1L,0x93f6efe79c8b7f7dL,
-        0xb2f1e40ac469aa57L,0x882f0e943433c455L,0x0add72adaea0712aL },
-      { 0xb13578c399af96d0L,0x43c28dc621177663L,0x83aca2d854e09133L,
-        0xae03943cc6ad8532L,0xce0a61917104f75cL,0x7dec8786f9838c37L } },
-    /* 21 << 70 */
-    { { 0xb0b41b8ec5abaef9L,0x43f59aee8ff5d1f2L,0xe58f78c9234d3d34L,
-        0x0e1948d029a7f49eL,0x722f8e54c6cd8941L,0x75a4ebcfbaf24424L },
-      { 0xec8954982d7dc6d9L,0x8df2feee5261e4e2L,0xdf2820b825dfb96eL,
-        0x4b89c4dcff651949L,0x27c871a527bacbe1L,0xfdc70cf7329a52bcL } },
-    /* 22 << 70 */
-    { { 0x37d58766fdb3f3fbL,0x49d9a762ad64fa66L,0xf80423918cfdbbc2L,
-        0x22e60ca36400f7eeL,0xfab8ea7568210629L,0x91267753963e5b6fL },
-      { 0x5988d7f56b8e7ec9L,0xe43e762a5899e718L,0x842dbdcc40ae8b99L,
-        0xa7ced3f19869739fL,0x1ccc1e8a6d54b9f5L,0xaa3a91adbd32e710L } },
-    /* 23 << 70 */
-    { { 0x306d662c6d4c255fL,0xf32aa48101fa367cL,0x29a71e02f16b3197L,
-        0x653f7d88513a6079L,0xde93d6e74541b4adL,0x4d284acd8c54d3b1L },
-      { 0xfc9d462be106ed07L,0x6e3818d07e355468L,0x2ad523859400c515L,
-        0x287af41d5ecd3b52L,0x1162162351e1fb02L,0xd696d01f17bd4584L } },
-    /* 24 << 70 */
-    { { 0x9db114e3715aa8daL,0x596c2dc25c2fee22L,0x04df016bd2f3080eL,
-        0x0cb3f7cfb9b72037L,0xadb877c7814fe2abL,0xb2d5ec5c37761ec1L },
-      { 0xb5d6068e55d45831L,0x5fab1dffb7c52c04L,0x39b4aa5457d36d41L,
-        0xec1de467423cc8cbL,0x280e02dafda6566dL,0xc70c3c383ca55f55L } },
-    /* 25 << 70 */
-    { { 0x27a866e7c6b03391L,0x980b0a42bfa32fc0L,0xd27856910c105df7L,
-        0xf3def8c77103a2b3L,0x6c4ff04bdffea913L,0x57b1003e121140ddL },
-      { 0xf47bb2826d0e3170L,0xa44d6ab1e6abdfedL,0x67114b8a2a4b69d1L,
-        0x7605714d52d7c65cL,0x3734795ef60b81deL,0x277f9816ebf91959L } },
-    /* 26 << 70 */
-    { { 0xe57c2ed902b3b70bL,0xcec67da99dbc076aL,0xcaf66725b0644881L,
-        0xdea4f6608a3a3f96L,0x5215f097609df5ceL,0x6d828267010193e3L },
-      { 0x5971ff31a156565bL,0x44f7e4037b64e465L,0x2145ea9ab5486d75L,
-        0x47b04066758e7ec5L,0xc181833a9c93cbe9L,0xcac07a9fe8443292L } },
-    /* 27 << 70 */
-    { { 0xead7cd3d041326e8L,0x721785f26092e605L,0x760864024ba91a6fL,
-        0xb7b9b9fa335e8522L,0x6ba9c85387bb3ea9L,0x9c9f1f6f89b2ae0fL },
-      { 0x952bb995aae2014dL,0xf8e74d80c538cfa1L,0xb21ca840b55b7e72L,
-        0x22565ec4ad982191L,0xf9547aa1f569c537L,0x8d3cb14648596bcaL } },
-    /* 28 << 70 */
-    { { 0x340d77c2f3b6cbc6L,0xe09ae22c80f4f690L,0x3e915b028b74d32cL,
-        0xae7101ca3cc1117eL,0x3c36152b526c5939L,0xdad8aedbd3ec0caaL },
-      { 0x34de058e351bde13L,0x2fa75fd4582726d1L,0x27c030efc214ac0eL,
-        0x2a216d1cc7100acbL,0x3b730043309097b7L,0x162ada747afd8aafL } },
-    /* 29 << 70 */
-    { { 0x43893d328c216eacL,0x475a3466349d7334L,0xf9f259866114fbc4L,
-        0x96a22d2f0410b54eL,0xc60b69a53f3d951aL,0x152416e7fb400ddeL },
-      { 0x3904dd2e8f682dbfL,0x5459272368383eeaL,0x0092554ee8c998faL,
-        0xc80f28512c602ce9L,0xab2f8533b197386fL,0x8c302dbc91094b32L } },
-    /* 30 << 70 */
-    { { 0x853d994eea2026d9L,0x18734b04a1b927d7L,0xd4815747ce88d009L,
-        0x0265742f01b856bfL,0x05fd8b1e205d4e15L,0x0f4c8be0f1da4808L },
-      { 0x2652b76c456d62abL,0x0d3d1a29cbb8d818L,0xf350487453048509L,
-        0xe393ef54e89ae4a5L,0x19ed8f0cc4b1306cL,0xfd72388da1aabd6dL } },
-    /* 31 << 70 */
-    { { 0x8a7e1494289e6aa7L,0xc69223e65c955385L,0x2bcbad5c087b8c7aL,
-        0xc08008a531fed020L,0x9d38f5b2dc117c3bL,0xd84158bee4ad6b36L },
-      { 0x2c2583eb92fe5b21L,0xebc847bf557ce949L,0x4c1b54ff4fc0fd57L,
-        0xe437eba325ff2f8cL,0x79a4c3cb383caa3dL,0x38a34856e08356edL } },
-    /* 32 << 70 */
-    { { 0x5d7afe9a10fa53ceL,0xe2415b501ff49021L,0xe39a067dc6523492L,
-        0x3458527527557f5dL,0x756b8d86930e9f9dL,0x88df6219040d52d8L },
-      { 0x606eb60b5362b045L,0xd179818c9e383cbeL,0xa6215748e068d293L,
-        0x73fbdca22fce158dL,0x9cfee07dcb183c8fL,0xc0bf2beba5e03c98L } },
-    /* 33 << 70 */
-    { { 0x36702d091bf9acc2L,0x1efceaebc9c9dddfL,0x31f9f5599b9afc1aL,
-        0x359d4ff33e61a0e4L,0x33b3a707f3772327L,0xd990af318ac1c7ceL },
-      { 0x5ee060b7e736ad45L,0x83dbe8b2f653ac2aL,0x30a1e38b407f054bL,
-        0x0ec6c70bd9326ac9L,0xeb37ad09d7358ab4L,0xaf36143030551ef3L } },
-    /* 34 << 70 */
-    { { 0x7b05d8e56edd5c74L,0x268edfac5443acbdL,0x73e0d693ce1ee52cL,
-        0x67c67914120a1270L,0x54a897cb6f1c5007L,0xe817914a8d540dbaL },
-      { 0x85c1fa1958fc091bL,0x4f4989f4cf2698feL,0xbb2d5091168c08b4L,
-        0xa6143388768cdd46L,0x69ec7a265e62ddc5L,0xc08749ae2654f4b2L } },
-    /* 35 << 70 */
-    { { 0x0a9882b37409bdbeL,0xfad3899cf8b6543eL,0x01c183f9f7e9893fL,
-        0xe6438cf708ac9a25L,0xec22dc81aa0f2794L,0x3b641c02aa277a09L },
-      { 0x686b1fbd0975c891L,0x4f7e1b680070ce2bL,0xdc343dd7487e3f1dL,
-        0x8825d9c230f35abaL,0xda5a77a413b91384L,0xf09d958459e405faL } },
-    /* 36 << 70 */
-    { { 0x76b242b31cf2ab8eL,0xceb190e697edb12bL,0xd39b41b7089fc439L,
-        0x6ee54e750892be51L,0x128fbcfcde414849L,0x4462539007fce5faL },
-      { 0x9d12e04513709b9bL,0xc2c49737d95b22a3L,0x0bcd670be4b34d6cL,
-        0x78d7b8cd768d7c8aL,0x7cf9382e16a0f402L,0x9b84311d17238fa2L } },
-    /* 37 << 70 */
-    { { 0x6b7faaf8c19b849bL,0x24aa5d54a5bec317L,0x991aeb14e7c06172L,
-        0x52dc7da883e65aebL,0xda8998497696dd56L,0x3844a54e94cea131L },
-      { 0xc9fb72ac55f69169L,0xe2f7bfc821893ab6L,0x44220c2edc4057f9L,
-        0x9f4f0c3812d5fedeL,0x5725b2b05c913be6L,0xfa08c56c02d8668fL } },
-    /* 38 << 70 */
-    { { 0x9aff9f0c009b3e1dL,0xed7936d97a3c8c8fL,0x0bc8e46fdefbd340L,
-        0x7b508ef231540ba4L,0x9bcd9108005388f2L,0xa25cfa07c089f35dL },
-      { 0x9ec7cf81733bccfcL,0xf8a1993a249006d6L,0x1e68981a96d81923L,
-        0x27b6199adce834d6L,0x2ddccfcfacffb035L,0xf62d7a534fe0126cL } },
-    /* 39 << 70 */
-    { { 0xc800c1d5af76895bL,0xc86db45c43f2a94eL,0xf77322fbdbb144cbL,
-        0xb2607dc8f7da8df6L,0xaf666055b6cc1047L,0xf1db6416375619d4L },
-      { 0xf6103c8c4b0fbd9eL,0xea8e979fb4f5b85aL,0xb0307d41fd16f61eL,
-        0x26bf96c58cadf61eL,0xb56c53a3bd348a61L,0xd1a5aa4f8a01388dL } },
-    /* 40 << 70 */
-    { { 0xa29d231edda802baL,0xde8d0d510ec3c1e2L,0x0ee56eae117033bdL,
-        0x4dc9491998bf860cL,0xa08919cd775cd56fL,0x609a30dc1332bfc2L },
-      { 0x2c337f181a41db0dL,0x27fb0072c974824bL,0x34292c1bfaf28976L,
-        0x242fcd73ef8c4fccL,0x553723b27473c603L,0xb2191ee9a06a0bc1L } },
-    /* 41 << 70 */
-    { { 0xd10b7b7c10bf3427L,0x16f9ebc505321572L,0x057692f6db5fde44L,
-        0xf45d4d268f047704L,0xe3f8784e25584db0L,0x753764cb9f548980L },
-      { 0x4239bd4858f5360dL,0x9dc993da98296063L,0x0fbb0c419ffd05b9L,
-        0xa6a87d50610c3493L,0x99f5669df10f18abL,0x5a03f02ba4224a18L } },
-    /* 42 << 70 */
-    { { 0x3c6839e5bf733207L,0xc2f380899c6d106bL,0x43155630e39a7559L,
-        0x28d6cb546f2b8d34L,0x19738cdf09183c75L,0xa71ec595dcee5a08L },
-      { 0x8e9c1cc3c70db659L,0x1333d7b38beff6a6L,0xb263d91e036a5aa8L,
-        0x72728714ee4f858bL,0xd65fcffbb885ceecL,0x08193f585aaaac96L } },
-    /* 43 << 70 */
-    { { 0x264006e1b53b4c8dL,0xd3748c0bdea2f9ceL,0x019408d34e580011L,
-        0x381bcc70b1342807L,0xb904a17191eb1a0aL,0x13ddf3af6151a1cdL },
-      { 0x13827129bc228909L,0x3378b4834cdbebd9L,0x25806f7ed56635c1L,
-        0xd1a3fb1c54327e55L,0xb2b8895c69d94817L,0x0779752d7150c16cL } },
-    /* 44 << 70 */
-    { { 0x228437506ce71a1fL,0x39c6fd9abf0956a5L,0xd34a4be8c8d29ce5L,
-        0x41dc15356fbf8fb0L,0xdce277034c950de0L,0x1ad7192f90c75c28L },
-      { 0x5b3df71e27766767L,0xba85ec629ca80b5fL,0xfadae6e5095938d8L,
-        0x5ce3ffc24d286159L,0x60f771fdc7b977e5L,0x7a764991b38c0c70L } },
-    /* 45 << 70 */
-    { { 0x3e4440b7469f6406L,0xdba02dea247657bcL,0xa551a570a46227e5L,
-        0x278bd5a06e58b15cL,0xbbc5f8edc53eb694L,0x50e6bf5b855a2c7cL },
-      { 0xa80af271d231f3b9L,0x6c22008bc139b010L,0x04e9a337ba1e27e1L,
-        0xcfb75909677a28ccL,0x95c59b55f967af35L,0x70d24fe88d3c6ddbL } },
-    /* 46 << 70 */
-    { { 0x0117cabbaedcb5a3L,0xb70a95d52e7bc67aL,0xdc2e07d1ad7e7cffL,
-        0xf507941825b9a6b4L,0xf953a962bc8b2f61L,0x390a630d181fda94L },
-      { 0xc833598d1fbdd233L,0x0213e633ac4763dfL,0xe822febbcabd2713L,
-        0x522864e71d2a409eL,0x49d778a81f904f3aL,0x0dd980e15912be0aL } },
-    /* 47 << 70 */
-    { { 0x97f993f46621ff1cL,0x3bdcc1ea7d30ef87L,0x931c624585386384L,
-        0xd17a7b6a8cb593e3L,0x1b25176da0912f55L,0x323cf7ac2faa4d72L },
-      { 0xababa6c58683a7f8L,0xa99ebbda4a71606cL,0xb5375f6b0cd8fd0cL,
-        0xce43e2e08ae372b7L,0x957af3cb9e69c105L,0x167c4fca772d0c74L } },
-    /* 48 << 70 */
-    { { 0x0934812574503f05L,0xcd6a64b217bf8ab4L,0x791e72fa1fd4057dL,
-        0x033abed8f0697964L,0x1085ac930d58690cL,0x8acd49d69c8874cfL },
-      { 0x929e4c39ff1a5286L,0x9704e80ff28395abL,0xfa69fce54c3d9f8dL,
-        0xdeb56555fc83a6c4L,0xd375fa037dc04c5eL,0xab2f12f156a58cdcL } },
-    /* 49 << 70 */
-    { { 0x381d144f8119fa7dL,0xda3aa4a73c6cf64eL,0x3db4cf0a74cc1520L,
-        0xe8148941c1cf3514L,0xbc6c7398a22977daL,0x75e26d4982bbdc63L },
-      { 0x17a626a4c9594c3cL,0x766fc21a60d71273L,0x547331241c7653a3L,
-        0xdbe3a9f1502617a8L,0xe41acd19a33d622dL,0x4d24cbd5e15d69d6L } },
-    /* 50 << 70 */
-    { { 0xdde0a062dbbb9d08L,0xb5676d14153211e7L,0x747247f6f97b1468L,
-        0x93a6de79b2ada501L,0xf9d4e652518ce913L,0xefb0de76702b82fcL },
-      { 0x2c54ffd9d68961fbL,0xa6a2d1a384f04f81L,0x88167488d74b91adL,
-        0xf20bba56a7d73a78L,0x9af1df5ae1afc672L,0xd79ded4543c26afeL } },
-    /* 51 << 70 */
-    { { 0x24011535a223c19bL,0x38b55f0a19c719f3L,0x369f86b4d343ce98L,
-        0x6516fca318288db7L,0xad32d4699e4aa0a4L,0xb6c80dd50480429cL },
-      { 0x890d73f3b659b787L,0x2d1f888be15362aeL,0xd26a84bf7a9d8c3bL,
-        0xd79b764460bc6435L,0xecd0272f07b0abadL,0x3ab2390382d7c63cL } },
-    /* 52 << 70 */
-    { { 0x3ec1874496d87afbL,0xb02425b5aeea74b1L,0x47cfacea954bb89eL,
-        0xd8d6ff40cd26918aL,0xf2dbcbb19fd4dea6L,0xc481a4fe370fea30L },
-      { 0x60df9f99a334a5a1L,0xeacebd61e6fbc823L,0x21932e6ba0140a5cL,
-        0x6504deb051206cceL,0xaa4b43a350560eecL,0xaf965e7b6535123bL } },
-    /* 53 << 70 */
-    { { 0x25ce17e7be01690fL,0x82bd07fc216f7549L,0x26f98cddac6e021cL,
-        0x815367ff3403972eL,0x01b1cf87cd89d71dL,0xe777db14ae24f544L },
-      { 0x8081a692f628a076L,0x663adf4498b98423L,0x4a31e0bfbfb25b73L,
-        0x5b42f193427be5b2L,0x24b1369118ae7408L,0xf13654a6e9998e84L } },
-    /* 54 << 70 */
-    { { 0xf8ec0a9e1b64a70aL,0xa1042bbb45fc54dcL,0x3ac4a936b7cbec0bL,
-        0x0c2db54708eb7d93L,0x3f16e7c961ae36d2L,0xde25381b4611083aL },
-      { 0xc1680ae3cf5edeb7L,0x7c86d74ce2b3398eL,0xa3ec4cde9945710dL,
-        0x303d28ce864e3b4fL,0xd5b9730012956ac7L,0x9ad973be3c0763b2L } },
-    /* 55 << 70 */
-    { { 0x526c03ba1979515aL,0xe6492299cde06e58L,0x2215e3fb93ec91d0L,
-        0xa086161bf783b7caL,0x89e39ff44ef0015eL,0x42c6ccc595e90587L },
-      { 0x7577d689a81ec775L,0x272e4578daf4d896L,0x6d43c717cf01d7aaL,
-        0x583814cffd5253d6L,0xee692f0666f7a3b9L,0x54048fe4e99bc633L } },
-    /* 56 << 70 */
-    { { 0x2afba531c0b9171aL,0x687dbe4cf2d75c55L,0x7c1c73f7fa17ba3dL,
-        0x7886dd45063787eaL,0x14f59a18abd0a109L,0x1819df3c873bb66cL },
-      { 0x76c969dfe01183f5L,0x486a120b1a78b6bcL,0xdfd702fac5686aa4L,
-        0x2f74157bf3457569L,0x66c8c73e01964800L,0x0a2f6114def25ca0L } },
-    /* 57 << 70 */
-    { { 0x841838a8227220dfL,0x39eb77e2cd45ff3bL,0x7140aa47f5a060cdL,
-        0x9fae5937b55bc3a6L,0x243390ea09b711c4L,0x69db2ace867a3eedL },
-      { 0x14ee853a152860b0L,0xe3389c4edae0dae9L,0x4fa55ed1248a496aL,
-        0xda6803e00ef304bbL,0xd19f48bcd04c2823L,0xe76b8d82a61773d1L } },
-    /* 58 << 70 */
-    { { 0x2e3a6332f7ae9a8aL,0x89f1576f78a12a00L,0x9597b2b245ab254dL,
-        0x2017d6306309a625L,0x0385c02719adbe9fL,0x26c84f2014606336L },
-      { 0x3808a31a3584dd47L,0x0fd2bd1b4e1da791L,0x70c2827fb894be27L,
-        0xac97e84547d1faecL,0xa63c56fe9b01c835L,0x19c3b18067ca7507L } },
-    /* 59 << 70 */
-    { { 0x975dbe423a07930bL,0xf03fc9da8f7975f3L,0x94209a2522662e65L,
-        0xf5b20e6b9619dcdbL,0xa95e2188ed5ee020L,0x2301e35abe7fb828L },
-      { 0x4216b05b9caa0bceL,0x0534eef625cdec7bL,0x81f5c5f8613aa24bL,
-        0x8705662951451a5fL,0xffafb623df15645dL,0xe19276fe79c497c5L } },
-    /* 60 << 70 */
-    { { 0x461bb6e1d118ef5cL,0x277e378d1f4bf653L,0x3b4138849ccaab1cL,
-        0xa5979a3ecea9c61fL,0xdc2a23c09dbfe67dL,0x5f7e32f5335cb2d7L },
-      { 0xeefe71a87accbd69L,0x65d961341df58e12L,0x17bafa56538145d8L,
-        0x2a723472695df807L,0x132b5320394ec082L,0x96219e617d0ed426L } },
-    /* 61 << 70 */
-    { { 0xf08ee7071ec12e08L,0xb9a51fc40c4917aaL,0x1aa9b778aa085b77L,
-        0x3b3e40d72e62193aL,0x3700217fdc211bb4L,0xed03eaf4fbea2fdcL },
-      { 0x82e00364c55111e0L,0x3be15019e3cbc07cL,0xf142d230055b597bL,
-        0xf68837b1a063deb9L,0xf1368df622e72e40L,0xfc712c67ab522f37L } },
-    /* 62 << 70 */
-    { { 0x02ca4c0dc3c8ee2fL,0x1962366a0d75f552L,0x6354ab90a43c43e7L,
-        0x9f46429f7668d14eL,0x70ffaa6d0ca59472L,0x231fdb485a95ad7eL },
-      { 0x82ae5f0acb2ebd5dL,0x2dc8417ce51b1d3bL,0x5052133a2fb456dfL,
-        0xad3b4cf2bad61a16L,0x59f283a48d76344dL,0x5f15465772b18fdcL } },
-    /* 63 << 70 */
-    { { 0xe0ef0c3cc73a7131L,0x8a4e0cdd43ea81fdL,0xceb5fcb8d6d6ce6eL,
-        0x941179893535781dL,0x20f5e952b37d4531L,0x5e77f33364c25699L },
-      { 0xb6645e8fa6d3ff57L,0x6dac30cb5b9bfdc0L,0xb29648e73ebb655aL,
-        0xe1bf3f4005ebc1d1L,0x1b12288514025fdcL,0xe15fab026c5adaabL } },
-    /* 64 << 70 */
-    { { 0x86230934f14a99d9L,0x1cf9c66e97c1c092L,0x01e186ba6f595ed3L,
-        0xd3291c3de2284a58L,0x03dee2311b9e5e25L,0xf2e9b4ad15cc9f53L },
-      { 0x4fba15679770c29dL,0xbf7d673650c4ae2fL,0x86901eb92532d015L,
-        0x4396fd784e7455deL,0x2fbcea8fbcf811c9L,0x3981ad15ae952b37L } },
-    /* 0 << 77 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 77 */
-    { { 0x6bd2c54d4cb89afaL,0xe78c8bfa36527751L,0x27f52654e3eee747L,
-        0x56f205839598d907L,0x5f91c2d027cb3712L,0xc501819fa3e33c5bL },
-      { 0x248490aa4eded738L,0xde7ac94427789065L,0x20138b3d74f7d38bL,
-        0xae791f602fb60214L,0x6b4fb300bd033d4eL,0xc69c25d9bdfd1f17L } },
-    /* 2 << 77 */
-    { { 0x0c3d2056be21a890L,0x1c1ffbfb8fcfba99L,0x1b68a98b1fbf56caL,
-        0x56fd85ff396e31cdL,0xd2ca58444382c03bL,0xc442030a7d3ef917L },
-      { 0x4129a731426afafaL,0xacff17ff5eaae9c6L,0x9e854180653f3b23L,
-        0xe65a1a149ee066bdL,0x3420084e362ea5feL,0x6fe58801c7911e2eL } },
-    /* 3 << 77 */
-    { { 0x43f0ae676c4be6a0L,0xabc6a17a504bffebL,0xd5be6c25dbb4492eL,
-        0x7efc9ee884bff97fL,0x54fbd9d7062da2e2L,0x1befeb61c6d2ac32L },
-      { 0x14cf6dc0cbafef5bL,0x8e640e4771d12192L,0xd0566543d9a16800L,
-        0x9cc2ade9beb1e28dL,0xcbfeb45038e65833L,0x3852eaacd0f5acb2L } },
-    /* 4 << 77 */
-    { { 0x5e930d65c4650b85L,0xbe96b2ae6350da54L,0xcfac4f7efa08bd49L,
-        0x277e8456a6e10f64L,0x41be3067407ac162L,0xcfd1d03252a9b68bL },
-      { 0x8d8d216a9c337e0bL,0xace044dc4e1b9cf5L,0xad9a4102c60d54c3L,
-        0xb09420f028815187L,0x881179c60b3b8e59L,0x872685ed5b09aba1L } },
-    /* 5 << 77 */
-    { { 0x26d43085ee64924eL,0x5eb54d1c4bd6a77fL,0x69a69ccfd1ca022fL,
-        0xaad92723a3342720L,0x51e27b54421d836cL,0x15e83917fc72a1adL },
-      { 0x183e75d14ddea73eL,0x73fe3b9fbafcecfeL,0x0197e0925daefd64L,
-        0x2fa89f60f85b8249L,0x95411aafd23cd465L,0xb7dbe7485d9a459eL } },
-    /* 6 << 77 */
-    { { 0xab146c207dfc66eeL,0xa7250dcebb6869efL,0xaeba44439d7ad5f8L,
-        0x919f877ec48059f0L,0x780ecd232c6b5c11L,0x586daa8e38625f8dL },
-      { 0x46a46c789911c031L,0xf56f74fc65303d34L,0x825bb06d4f384eabL,
-        0xd147719ad6aa2bc2L,0x745fd7460750e1acL,0x2ef411494b3ec757L } },
-    /* 7 << 77 */
-    { { 0xdb24cd1af10ea702L,0xf393de57461f8ebdL,0xf56f414e5cfaefecL,
-        0x758c8d854690230cL,0x6740c974433d2594L,0x69d92a620aa6bb20L },
-      { 0x17be342e9b0bb191L,0xc1cd309fdbf5c97bL,0x089134df8998140aL,
-        0x33809a7e82afcb85L,0x409d2a481db47b21L,0x1d54e86ccdb1bccfL } },
-    /* 8 << 77 */
-    { { 0x22313dee5852b59bL,0x6f56c8e8b6a0b37fL,0x43d6eeaea76ec380L,
-        0xa16551360275ad36L,0xe5c1b65adf095bdaL,0xbd1ffa8d367c44b0L },
-      { 0xe2b419c26b48af2bL,0x57bbbd973da194c8L,0xb5fbe51fa2baff05L,
-        0xa0594d706269b5d0L,0x0b07b70523e8d667L,0xae1976b563e016e7L } },
-    /* 9 << 77 */
-    { { 0x47de66da62a200a6L,0x67b0ce0d65186fb7L,0x8e8f0248238d23a2L,
-        0x5a44a886c1114a6eL,0x36383e5be8ec166bL,0xd36077d8ca7d2e43L },
-      { 0x332f98267c45e8c6L,0xcec2ba1355d968faL,0xdca664a84a56f7abL,
-        0x954652467b03621aL,0x471f66259b6e55d4L,0x401a6a5efb0714e4L } },
-    /* 10 << 77 */
-    { { 0x2fee0c6d6046896eL,0xde64c4e0466a90efL,0xb0c9755a55395f3aL,
-        0xdfe2dfd6ae3879d6L,0x979853c2d656c53dL,0x58bb6121757f381fL },
-      { 0xdfae5707980db8b8L,0x6d4c7cd7d7752f7fL,0xdfb77382c5dacfccL,
-        0xd0fca93104177fbbL,0x9ef6d3e4b67891ffL,0xb599dfcb26024609L } },
-    /* 11 << 77 */
-    { { 0x79bf86761cc06935L,0x6bbc2d3fd44fe6bdL,0x092678c486f9f728L,
-        0x05631aaf54c3fe18L,0x217adbbe95eec92fL,0xdcdbfdfb955bcba3L },
-      { 0xf938779c01bafb04L,0x67f599e73ab755e0L,0x793b591fb00c1315L,
-        0x7ea2dbae3f2d0909L,0x05436dce46614955L,0x02b988888060d145L } },
-    /* 12 << 77 */
-    { { 0x795df21ba1ebf7c0L,0xa98f2466681b5da4L,0xea18a2ab413b507dL,
-        0x9243326688324aa8L,0x2b91dcc2f74d83edL,0x95054b471f411a13L },
-      { 0x50869778e3c621f2L,0xb950f3a9427faf54L,0x8949bf7dae29f080L,
-        0x7c16cd020ef3a3c8L,0x7883c719b122cd0aL,0xa2cad71fc03bd749L } },
-    /* 13 << 77 */
-    { { 0x60c794125b3ad53bL,0x91c62ac783981a98L,0xa6f30f473dcd7196L,
-        0x55417e7598b4c589L,0x2ce067cb345b89bbL,0x4787f0db71936e38L },
-      { 0x208cb360331d7de3L,0x4b0347aa15022254L,0xc66e58865e8af235L,
-        0xdefed4c591a68080L,0x0b8dbd336eeb47a1L,0xb6d44d36f732c8d2L } },
-    /* 14 << 77 */
-    { { 0xce0b1700d3aa7741L,0x13cc58a90df0cefcL,0xa96149c7da3a1816L,
-        0xd387d361561277fbL,0x2294f77cf2c363c6L,0xc8d19d51355a8a93L },
-      { 0x926dd80092affccbL,0x70c59253686afd1eL,0xe4826f2370c4d8b5L,
-        0x948d43dba2226c34L,0x6ffed99e2a097aaeL,0x80e7a99a2ce18037L } },
-    /* 15 << 77 */
-    { { 0x070c3f39b7f01551L,0x21b249434512844eL,0x46e33e16e2e2a68cL,
-        0xd79daf0ca549dcb0L,0x634fa53966a7b9bfL,0xe856d0a8702990f4L },
-      { 0x246e5858e466abdbL,0x3f3ad441edfc851eL,0x9ab3db2c2e397554L,
-        0x6c5b1a39b5cabd32L,0x695649b2427c5cefL,0x6179fa0f82ab4f68L } },
-    /* 16 << 77 */
-    { { 0x022aa09d236b71dcL,0xb1ce6a0ea65a7640L,0x317344c5b38b417aL,
-        0x29a74cdb436451ecL,0xd898eb6ca8b1c876L,0xf0134f99b74eeffdL },
-      { 0x0d9eab64225d71f7L,0x9679b453ceb3cc2dL,0x37c894ce14dbff2fL,
-        0x3704d34927065280L,0x9ee435d8ba29a0cdL,0x675bea1409c11c4fL } },
-    /* 17 << 77 */
-    { { 0xa8454e2b63263ee1L,0xf4c8a384cc42ffc3L,0xb260754916bf086cL,
-        0x610d299cfa46a481L,0x21777897ce41a4d1L,0xdfc04bb321573cdeL },
-      { 0xac7d9433ced06177L,0xfdce0356a281b9ceL,0x22abd67970d48fc7L,
-        0x1e4ebf7750514178L,0x7f0869ef21a255c8L,0x80ae565c29bf477cL } },
-    /* 18 << 77 */
-    { { 0x607cfaa1a38a18a2L,0xb29ae9c760bd3f91L,0x4991432d76a4c22dL,
-        0x4fe8dcd380e75452L,0x7aeea8150925ed79L,0xa0cc6823b7abca08L },
-      { 0x647b164fb0a555dbL,0x60545cd3d6076f3bL,0x7e801133807a2045L,
-        0x74b2200743ac7e22L,0xdfb58fd1716d3e5dL,0x369ad09947772c45L } },
-    /* 19 << 77 */
-    { { 0xb6c5dc0635ba2007L,0x6543c6307921115fL,0xa7e5a662eb6c493cL,
-        0x728159f54a0b8d6dL,0x8cb07ef1b943fa72L,0x4a2c5cc923c46a98L },
-      { 0xea078b478c26221eL,0x68ef5015ce2be601L,0x3048b5de5239f8d2L,
-        0x00a98cd419bbe0e5L,0x0a34161caa94a375L,0x879a9a7aac8a411aL } },
-    /* 20 << 77 */
-    { { 0x2d968968e3f6217fL,0x60b781ad1fb91fc9L,0x44ce23514a84e6ecL,
-        0xe8f5627d00a3d089L,0x45211a094a980480L,0x11029b7263274860L },
-      { 0x44601cfcae0477aaL,0xa05a67df269ca043L,0x9dc3938fb758fbd0L,
-        0x43d5d89abaa35f8cL,0xa38dfa1f2ab3436aL,0xa29653bc529b7061L } },
-    /* 21 << 77 */
-    { { 0x6ab2e32b982cd162L,0xdd690ed7794d6da0L,0x8fee0b461862f33eL,
-        0xbf9aeee210d244fdL,0xe485aac27dbb57d7L,0x7f7ee4bc0ff23849L },
-      { 0xfb3c6255171ba49eL,0x089b9986133e45deL,0xb6c033106d04b924L,
-        0x216af9223ea88efcL,0xe646a49b5fd52347L,0xbb495d2ee404b86bL } },
-    /* 22 << 77 */
-    { { 0xe24934ba07fd5fcfL,0x4840e1a6a1027598L,0x4c2294d245eead89L,
-        0x7717bb604fda652dL,0xe809c21878370655L,0x417853499151e578L },
-      { 0x8bfe121cede554c7L,0x96037a33952c153cL,0x80458ed86a5b30f0L,
-        0xba331cf9ca28472aL,0x31b5f463e6c177aaL,0x68c5dc9183ec14fcL } },
-    /* 23 << 77 */
-    { { 0x8b78d2bff13dc6a5L,0xacd7e0902285c2a2L,0x6aa7866cb47e9427L,
-        0x7c2483474d9fa3f2L,0x2e668396f0661aafL,0xf491cd6d08cacae4L },
-      { 0x772a131158f9a617L,0xf372dcd6b2011823L,0x790a5ae54e6bd2a9L,
-        0x035ff238fee0c8c9L,0xcbbe828cb0b8c53dL,0x9edba1a40af83ca1L } },
-    /* 24 << 77 */
-    { { 0x2fde4893fbecaaaeL,0x444346de30332229L,0x157b8a5b09456ed5L,
-        0x73606a7925797c6cL,0xa9d0f47c33c14c06L,0x7bc8962cfaf971caL },
-      { 0x6e763c5165909dfdL,0x1bbbe41b14a9bf42L,0xd95b7ecbc49e9efcL,
-        0x0c317927b38f2b59L,0x97912b53b3c397dbL,0xcb3879aa45c7abc7L } },
-    /* 25 << 77 */
-    { { 0x62ecc0cc429bdc1fL,0x6a8000add447c01bL,0xc2dd42354f23e5d2L,
-        0xe6c1790a01b4a0dcL,0x2497e53c24393079L,0x0a113afeb2a00faaL },
-      { 0x96c1bd5011151480L,0xded805425aad86dbL,0x639f24cb76720e92L,
-        0xf17703b7d825eb92L,0x10f8924e82d2657eL,0x6edc843c627c5236L } },
-    /* 26 << 77 */
-    { { 0x472226adf80911c2L,0xfb50c3a5e087a3d8L,0xb194551441848a6fL,
-        0x61f4fbba9f17504bL,0x8c59b2c48e33924bL,0xa7641127ac7a8608L },
-      { 0x79feb7fc164a2330L,0x9e0fd67253a44e7aL,0x9c5c973081953c30L,
-        0x25d6932c3f6342f8L,0x29e8b7664b574a69L,0x02f90a46a5de3639L } },
-    /* 27 << 77 */
-    { { 0xe2d1e2a3465ab77bL,0x2ca0f6a3cf45823cL,0xa1b12306dbdce9d8L,
-        0x820470e7b4b39ca0L,0xe48956c76e847681L,0xc8ed8fc8fbf6970dL },
-      { 0x52cb109419ba40aaL,0x08136d091efbaaa2L,0x99dd1ad27d71e1c4L,
-        0x10001f97a3a59a3bL,0x79d229e460e4cad9L,0x6d443d8756732312L } },
-    /* 28 << 77 */
-    { { 0x8d6b28b4d7cfe9f0L,0x6ee5407a4dce4904L,0x7acee5e7ba0b67f6L,
-        0xd4cf6bd2abf447aeL,0xc085e8e2e7330268L,0x23edbd5a145689d8L },
-      { 0xd2ae9bd21d7b0e7bL,0x3196410ec4fe6ecbL,0x964bef26ec2cd59dL,
-        0x09c6d07dd5e0bf03L,0x379f131ea65b646bL,0x0439c37964849830L } },
-    /* 29 << 77 */
-    { { 0x8afc9a5eae562537L,0xde81bbaab2d4172aL,0xa272c6d53db07247L,
-        0x08b903ffd86ec6f8L,0x3373041f835aa84aL,0x02e8ecfdc8f18f48L },
-      { 0xed6b2784ccc11e64L,0x03e45e15842a8292L,0xfcfcc54b653b86efL,
-        0x9678fe7ed9ea2f91L,0xee5bf4584efceafdL,0x188e49d59fcc4be9L } },
-    /* 30 << 77 */
-    { { 0xeb0098cf67a224f8L,0x14e486c90991108dL,0x0dad68314b397687L,
-        0xf2a4f6cb9d089000L,0x3fcc8803509f7376L,0xdbdf06dddb5d6f8fL },
-      { 0x2cbf342806ef3e46L,0x4a4bd5eee432ca41L,0xdcb8bdb70e2d391dL,
-        0x941b9a4ec1710ac3L,0x25cea4333d62c34aL,0x9136e5cd881a70b7L } },
-    /* 31 << 77 */
-    { { 0x9bfdb9b310c3ed1eL,0xc9a225ec0cd146c3L,0x1fec4316573c4414L,
-        0xe11a408f2fa8323cL,0x198c760ac3e988bcL,0x3f8a5a1caf0fda3cL },
-      { 0x91e89f11f6e78264L,0x3cee0165264eebfdL,0xf9412b049898eaa0L,
-        0x3c67991a382e46e3L,0x8d833d7a80acd219L,0x746a696c9d233f20L } },
-    /* 32 << 77 */
-    { { 0x8b3269a2714a10e8L,0x64cef040a4a2727eL,0xbc5ac714e428865cL,
-        0x531dd17ffdaba094L,0x86d2405718d657f2L,0xe807b0d92f99dbbfL },
-      { 0xc428a80f6848ef88L,0xb3ef0709d0b73ce5L,0xa752691922a5d255L,
-        0xbfe6392318a18586L,0x28a0c772fcf633b3L,0xad22b4ec3f3c5298L } },
-    /* 33 << 77 */
-    { { 0x8b6a2f1ae6c40f85L,0xf0f44c54f44cf3f0L,0xda635b687b25d4b6L,
-        0xee59c00f8cdc9d5dL,0x36509f58cc4876afL,0xe37564484e2c550cL },
-      { 0x20f965b565974809L,0x26481694e3fe3a63L,0x6778b20becd272eeL,
-        0x9b6bbf39c9072853L,0x4f61f192b0436bdeL,0x98bf7dafd0221263L } },
-    /* 34 << 77 */
-    { { 0xa06a4b56e0442513L,0x6537e117dd513547L,0x89e38ccd2a654224L,
-        0x2fe734bd005ee292L,0x54d6933498cfece0L,0x85de5c9d85a79bf2L },
-      { 0x21e072bdcd3da6a9L,0x7a5d707b8c16b8a1L,0x43654d0142d04cd4L,
-        0x07d589b94a88c151L,0x5bfe9ea2df726b52L,0x877c46ffcf728e4eL } },
-    /* 35 << 77 */
-    { { 0xe338f606fa009c33L,0xce596aafa351fe32L,0x8ae0e06123968387L,
-        0xcdaaaa9465c98e2dL,0xec6b8a818acb9355L,0xc2c67e7facbee162L },
-      { 0x7068df85517df4beL,0xc34a6ecb7c5c076aL,0xf4193aab6250f0baL,
-        0xe0cd2f3fa6c9ea47L,0x23a57ccc6488135aL,0x044d73e6c12b842eL } },
-    /* 36 << 77 */
-    { { 0x9d8a78808078c8bdL,0x6ea07982076d44f1L,0xc58fc94eeb3bfda0L,
-        0x0b9e72200dd11b13L,0x8bd58e3aa74a005dL,0x7a30aeda115b7d33L },
-      { 0xeb0037e6ef2491ffL,0x0fa2d1a7fb39ecbcL,0xb75aac645ac598f7L,
-        0x2c3c103341f61b42L,0x5a330bf01f7eb885L,0x1c96124d33d5e27bL } },
-    /* 37 << 77 */
-    { { 0x3f157ea1b28d1640L,0xa41c98f2c96806ecL,0xef261c3bb099566bL,
-        0x11d88be30aa23f1eL,0x9a721a2c47ed1540L,0x214cb5b0e4431563L },
-      { 0x36a95c20250f6b19L,0x6b44f01d30eb0249L,0x141777dc5c67e2beL,
-        0x6926b32ebbe7bb63L,0xb72fd3bf756cbae7L,0x226661a279dfb835L } },
-    /* 38 << 77 */
-    { { 0xc25a44e3300b8f91L,0x08aa9d5691ad1a78L,0x130c561ffdd2a064L,
-        0x36f0b4608c05f94eL,0x748166e158a351b3L,0xe408976147d40ed6L },
-      { 0xa0ba5e5d1b2e3400L,0x94aea3b6687f6492L,0xf4975167ea262235L,
-        0x8014e81143e800d6L,0x635a3c516e5df6dcL,0x71207caf2eb20366L } },
-    /* 39 << 77 */
-    { { 0xc00364013638e940L,0x24baf83bbb70e3cfL,0xc08a99b865dca079L,
-        0xc070152e0d40622bL,0x44880b191697468aL,0xcf95519bfebc1644L },
-      { 0x7bdc41d7911a74efL,0xb88180314ad83219L,0x53c523185ad49f95L,
-        0x4e59a29f6d112b66L,0xb2707b9c7515de9eL,0x8322492c150c9bdbL } },
-    /* 40 << 77 */
-    { { 0xcd81bdcf24359b81L,0x6fd326e2db4c321cL,0x4cb0228bf8ebe39cL,
-        0x496a9dceb2cdd852L,0x0f115a1ad0e9b3afL,0xaa08bf36d8eeef8aL },
-      { 0x5232a51506e5e739L,0x21fae9d58407a551L,0x289d18b08994b4e8L,
-        0xb4e346a809097a52L,0xc641510f324621d0L,0xc567fd4a95a41ab8L } },
-    /* 41 << 77 */
-    { { 0x966f961d46ff607bL,0x7e52ad9bb29278c3L,0x5b9b84b9bc6835b8L,
-        0x00e4a35ad834701fL,0x53aa139866b8f484L,0xc397f087de063112L },
-      { 0xb811a9a24e81b980L,0x8d9c38ef8d680c4eL,0x0a7e66ef1c8db33aL,
-        0x1c7e636bf4e17483L,0x25c0a690ae9acf11L,0x5b0a435985966d63L } },
-    /* 42 << 77 */
-    { { 0x3d4a4ee0a3bb186fL,0x84de7765082c283bL,0x499bf10a8fc8baddL,
-        0x85191faa2db59e7bL,0xc5964c20ccc587a2L,0xfa59313b9cf52cfeL },
-      { 0xe614ce878da8cf4eL,0x7d8aa381d60e91b6L,0x054dfc4a0d5c0a8dL,
-        0xbcd89aef28a15c79L,0x2af1121efecbc916L,0x6aa49bcb44f30755L } },
-    /* 43 << 77 */
-    { { 0x7953c7ec7b7dc4cdL,0xb709542edbdd99baL,0x7a2afc3eb30b5c70L,
-        0x7669020fcd0cc804L,0xb57c1d949fade8f7L,0x5ae7d78cb2eef81bL },
-      { 0xdd5457edca354c1bL,0xa531d85c8f5ac058L,0x5fdca829009e0aabL,
-        0x8df732f6f2bced0fL,0x3ee658627faf57d5L,0xf7a265735c2f3bc2L } },
-    /* 44 << 77 */
-    { { 0xe1ce7f3725a64849L,0x760847744da790f0L,0x4638f287cf5f319fL,
-        0xe36f3c5308c3786fL,0x07042ce1985513cbL,0xfb955cbf73d9cf3aL },
-      { 0x3e68a2cacde0774bL,0x321f49b76dc2c816L,0x9bfed81fd76c4d3bL,
-        0x985b34fefd49fa62L,0x2a3de945ebb8fa9fL,0xcaa616f0405da5afL } },
-    /* 45 << 77 */
-    { { 0xf3fa1924bc6d86f1L,0xbcf9d3cbb41dde67L,0xf96431168057ef19L,
-        0x09315fc52177ef64L,0x1ae99958fcf594a7L,0x7c4baeefaa4dd788L },
-      { 0xff1ed168a2bb1bf3L,0x9c697d19b4a651c5L,0x5fe29bcc0df8c999L,
-        0x16446aa446c45428L,0x3a51398061700e83L,0xf34133593f034bc9L } },
-    /* 46 << 77 */
-    { { 0x9cc126b8cbf28cbfL,0xf3f8aa7c1e6d63ffL,0x533e48d2b7f80225L,
-        0x8fea0d204749d781L,0xd8ea614b326f8185L,0x9cf3e07753c541abL },
-      { 0x09040b60d95c9367L,0xc1b19940f5eabd9dL,0x80b0793cd8f8bd1eL,
-        0x95fafd6fadff120cL,0x071b1841ce155f8bL,0xa85dfc8cd29d9d9aL } },
-    /* 47 << 77 */
-    { { 0xf38e0fdea761048aL,0xd9d5a22c88a93773L,0xbd58470841a99bddL,
-        0xa31ef1edebb412e0L,0xd5c4fd5a0274ea16L,0xaaf215f380c1f0f8L },
-      { 0xe842a4537d3dfd08L,0xb5c877ae5a904548L,0x3dadd2eb9c6ddbebL,
-        0x7f97c541e84e54d9L,0x6183b6ce1b8d8829L,0x2a20c212f50534a5L } },
-    /* 48 << 77 */
-    { { 0xc8c9b0ae7176dd90L,0xa95604542917d487L,0xb03b7946e62c508eL,
-        0x60425926e9fe2321L,0x73b10bba80c1d136L,0xc30a847d9d218c9cL },
-      { 0x6ed0c8ef2073859fL,0xa176eabf432dd97fL,0x3078096ab9e96167L,
-        0xb28f0e6cc473e377L,0xb44e4995683a3bc8L,0x483512eed3523796L } },
-    /* 49 << 77 */
-    { { 0x7ff5827f22adab31L,0xa7e859ad43ee005aL,0xfc2387f402c9629eL,
-        0x6f39e84add12b107L,0xd1378037c097d3daL,0xc677b554d70d107fL },
-      { 0xec15469fe4943084L,0x1f0b13b19d412b76L,0x3b3b49b48a265a31L,
-        0x45f28cc7dbe97ff2L,0x33f0e31f4efa0f0aL,0x6b22b99e37a5591bL } },
-    /* 50 << 77 */
-    { { 0x0a751d3eae0538e1L,0xd51b039af14135e9L,0x92eae0f6e8bdf562L,
-        0xf253bd5c66557b17L,0xc1ff9054ef26b81bL,0x9d586d39eafd711eL },
-      { 0xd2b05d3d4f431502L,0x847d727f5823cfe5L,0x2c4e236a8e99840dL,
-        0xa407e2d87c5981c6L,0x989dd28c69ca34b5L,0x2e8ec6b09fe586e7L } },
-    /* 51 << 77 */
-    { { 0x43161b5c40bda312L,0x8fd476b8a10fbb2fL,0x84cbf7579e5d9a4bL,
-        0x19bb5926a9a31956L,0x66ed993aea9db48aL,0xd7897780ffb0361eL },
-      { 0xb031e035adfa3661L,0x1be83caf2296b4d8L,0x8802c98b0024cc48L,
-        0x73adb0c0bac1aa5eL,0x17df92e1bef75b41L,0xd753e99903d800bbL } },
-    /* 52 << 77 */
-    { { 0x24940b868733c1c1L,0xf5dd77ce2ac072e1L,0xc248ad6bf7bdb8d2L,
-        0x423e0cc9d9a8b926L,0x4318d600e6da05dcL,0x3e557e08ca27dfc9L },
-      { 0x8dc551cdc5dc822bL,0x160da94cbc8fb392L,0x4ffebd2aa6d4d363L,
-        0x8190c17db1ce15a6L,0x1abcd1361e9dc500L,0xae3a477c9ee52a47L } },
-    /* 53 << 77 */
-    { { 0x67ab01575ed80bdfL,0xc77067b69aeb4a86L,0xe6e26abdf7880a93L,
-        0x782248db1e43049cL,0xa902c41016d78616L,0xc6fa899fbf309f15L },
-      { 0x81e1532d672d951bL,0x84280ba386556a0dL,0x83190bfb55199078L,
-        0xbc11e8c25a1c4691L,0x8ac60c7f21152509L,0x4211923ec775dcd0L } },
-    /* 54 << 77 */
-    { { 0xa63b33f6746418acL,0x62085e0eb7359443L,0x3b43ea7b5fb598dbL,
-        0xf4a0f4442b365528L,0x7f4d2ff3eb55a5ddL,0x012cd591f189eadeL },
-      { 0x3fbdad99f58c8f84L,0x71dc1b0093bf34dfL,0xfb63f09ce062a588L,
-        0xd5f0f0ad6f24b66fL,0x940e23c91813cd9dL,0xeff8580b55f241dcL } },
-    /* 55 << 77 */
-    { { 0xb30719d8b7fb5f3aL,0x8f74305b43275030L,0x2fdb613bf23628bbL,
-        0x75d9868ad945ccdcL,0xbfae46f4f0b73348L,0x48ad8bafe26679b3L },
-      { 0x3aeb4743d0b389bdL,0xd2463ca37916297eL,0x3a6f37c820f52fd1L,
-        0x7bfade4495ffa348L,0x1e3f6282a25cb79cL,0xac3320d5229bd2a3L } },
-    /* 56 << 77 */
-    { { 0x261578c7d57c8de9L,0xb9bc491f3836c5c8L,0x993266b414c8038fL,
-        0xbacad755faa7cc39L,0x418c4defd69b7e27L,0x53fdc5cdae751533L },
-      { 0x6f3bd329c3eea63aL,0xa7a22091e53dd29eL,0xb7164f73dc4c54ecL,
-        0xca66290d44d3d74eL,0xf77c62424c9ea511L,0x34337f551f714c49L } },
-    /* 57 << 77 */
-    { { 0xd1f879197700d61cL,0x21728fe49a89dc22L,0xdd3a475be6d93642L,
-        0x3f8554d6e095363fL,0x4b8b712463e1bb11L,0x75db57e6c6da541dL },
-      { 0xfdeb9e46ac8342fdL,0x8ab4875114905993L,0x48150a06b2efd023L,
-        0x9f5f513df415bff5L,0x39b1234eee9d7915L,0x735570a7dda66da5L } },
-    /* 58 << 77 */
-    { { 0x3a79a1756e3d4ec1L,0xde0ee6c79936b689L,0x37a7d9ec7fb84ee0L,
-        0xe82810d38fe1f44fL,0xbe433c7253049e9eL,0xe72ef4f5fb49e274L },
-      { 0x525b72094b4ad28dL,0x37bfb857164f5f0cL,0x60327e31ac68d566L,
-        0xdb027619bb71f137L,0x8abc8026abb6e829L,0x99702ff15e838117L } },
-    /* 59 << 77 */
-    { { 0x974be1d30696f1a5L,0xf884616dd3832430L,0x6997c37ce9dce1acL,
-        0xf4bad00e2e5cfbc4L,0x7727adf8e327a9a4L,0x15315bf16aeeb305L },
-      { 0xe697c0af09fbffceL,0xe4291f7589f86a5fL,0x765f1904487b12f9L,
-        0x752c58a5b7f8ca88L,0x9f9563d473716bf7L,0x48803cdbfd032783L } },
-    /* 60 << 77 */
-    { { 0xa0d935ce9050c5cdL,0xc1e062d03e9b902aL,0x212d0e5dc3054c00L,
-        0xdc9c3f2de70ad96bL,0xa2182ffbc2742144L,0x4680d472a716993fL },
-      { 0x9852bb00677f3756L,0x2bb3d78435e6213fL,0xadfdbfe07377fdc7L,
-        0x41db795d708afddfL,0x6848cef57727ed86L,0xb24e416aa6c1dd1aL } },
-    /* 61 << 77 */
-    { { 0x36d76f2f2edc95c2L,0xbdf2a67810b0670fL,0x49fc8c43b63877a1L,
-        0x23182ed3a87c8615L,0x94c21da96c011a44L,0x3bc0b86860d3c162L },
-      { 0xca6a158244815192L,0x4bd1ce04fd97b78bL,0x1d0074cddc750023L,
-        0x40cf8233cdfb0c7cL,0xe4e28aa8bbbfbf3dL,0x72656155b6eec7d2L } },
-    /* 62 << 77 */
-    { { 0x5b1be65b912b364dL,0xe6369ca1e0335426L,0x249740d58420e7daL,
-        0xff13a26f1ac1acf4L,0x0ecee744b9634fb2L,0xbaa77d57d664ceb1L },
-      { 0xadfa7625914f3f7eL,0x17c75e99bbcffe16L,0xcf557911d64aedb0L,
-        0x8a4b7b49c3644ba0L,0x115240401eb7bb97L,0xb823c21a70fc7b5eL } },
-    /* 63 << 77 */
-    { { 0x45db2c038727c0fcL,0xf5aeeb7bbae2c896L,0xfad1cc32eed15b82L,
-        0x65d4440a8609b00eL,0x35698d956b4dbd25L,0x861615bd0f6cda68L },
-      { 0x578efdaa8aec1e99L,0x87ddae76fcf67480L,0x5ff5a1304669ccb0L,
-        0x5fd2f31a0b98ee60L,0xccad491a3cc4c003L,0x6dcf25bbccbc46e0L } },
-    /* 64 << 77 */
-    { { 0x93a62e7cfa43699cL,0xdad738901bc422d9L,0x265e3cbb10cc9544L,
-        0x28cceb062f37154cL,0x6b79b0713bf2e08bL,0x88e025df3ab39091L },
-      { 0x50a8d04d126522bdL,0xeabbc1b7b779bacfL,0x3db4336ac21cc62eL,
-        0x4747f0a36fc00450L,0x067cbf1c544b2d95L,0x2480b7d8fd2be7a7L } },
-    /* 0 << 84 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 84 */
-    { { 0x0233e423d52eb122L,0xc28483521154b0c9L,0x2ca09cef6349e35bL,
-        0x3b70afc3ded2ec54L,0xc813474d52dded3dL,0x2d3f21bf12f00ee0L },
-      { 0xa0908f7692f215c6L,0xb97d60e94e9c0440L,0x84ad10c134b6a8e0L,
-        0x6f37fd956e7c163eL,0x7caae8c8d057e0c3L,0x534f52c2553721a2L } },
-    /* 2 << 84 */
-    { { 0xa354c1de72a041b2L,0xe83df25929d1330aL,0x676610999d532bbdL,
-        0xb7c2f4cf52011751L,0x6945d34ff659e35eL,0x6217d20ba1303b7bL },
-      { 0xa200ddba25751badL,0xa74a729001d3566dL,0x3018445faa82b46fL,
-        0xc3e6a3acfccedc1bL,0xe86ae8703353e29fL,0x1c8085bbfd7e8547L } },
-    /* 3 << 84 */
-    { { 0x728c8e145d1a678fL,0xf944da572ac89a2dL,0x3016c2da4796df72L,
-        0xf6d79e4e00a55efcL,0x4fced269526b1cb8L,0x4a93e47791f165a9L },
-      { 0x528b8572f84f90d3L,0x3b30376e5e725561L,0x4f903520e07bb990L,
-        0x07ddb97f4ea8ae6bL,0x29c01e70b3b735bbL,0x825c7f6e5000dd4aL } },
-    /* 4 << 84 */
-    { { 0x306b63e3b4dcea78L,0x4b10209213636935L,0x36bb68898bdeddeaL,
-        0x9331655d67a329acL,0x14c7fe26ba92ccceL,0x4e7d6929be0519b4L },
-      { 0x0dc39dbd164d50e2L,0xd4c430a0b1679cc5L,0xc7f78818fa8682baL,
-        0x43396eadb60aad97L,0x751784d7ff2c64ccL,0xd37928be866af43eL } },
-    /* 5 << 84 */
-    { { 0x3742b61e0475f547L,0x48b2a2c2477722acL,0xf52c6787abce3401L,
-        0x4749711ea4cb41b4L,0x7ce0dfb03fca817eL,0x1c1e3bf996e85048L },
-      { 0xcd65250e40faa8e9L,0xa8edce7017d9b93aL,0x73523cb2b4dd5619L,
-        0x15ba773abb5379f5L,0xcc5e62d6c0a847baL,0x7efe5c7c04d852deL } },
-    /* 6 << 84 */
-    { { 0xf0a69e685a91c9aaL,0x0304d20105c13197L,0x773a3ab7cd14af1dL,
-        0xc0b88edd558d555dL,0xeb12d197d2e63dd6L,0x4a8e849fbcd9cdb3L },
-      { 0x06432985965eaa14L,0x453d93861a5a6f43L,0xbd28f6164171b9bcL,
-        0x37781639bbfcf90aL,0x1f93898f3a36084dL,0x1fefd8b7dd00ca75L } },
-    /* 7 << 84 */
-    { { 0x3b8d8e495e456124L,0x967ed511967c17b7L,0x1d72430c2aad8c67L,
-        0xe8c5d506b82c1673L,0x989978868a0fb41dL,0xa9d478f70f81234fL },
-      { 0xa0c941cf44cc0614L,0xc033c99024ad30f5L,0xaa7de296101f89aeL,
-        0x4cadd8e3ca6a3227L,0x3b4db51f2764ec0cL,0xcbfe70fc09256db4L } },
-    /* 8 << 84 */
-    { { 0xb9207dbc2b2f1bccL,0x6afd6871a3e83ef7L,0x49924e5534ba150bL,
-        0x2935ebf1dfec9972L,0x34bf5e94b76f870dL,0x22d0f32b4c20385cL },
-      { 0xc78ac1728ccc8e72L,0x7b45b8220ccecb0aL,0x76c67ee4cfb4b8baL,
-        0xecfaefb2cd8724b6L,0xe9bc3d67340bc1efL,0xed40b2b9ca5541b5L } },
-    /* 9 << 84 */
-    { { 0x5d1bd16518f8e17dL,0x754986b7405f822bL,0x420b1b24d8753fafL,
-        0xab038e0608ff680cL,0x33621a0fa3649f49L,0xe24b84db78918eb6L },
-      { 0x0e669672c8bf4168L,0xcb7fab33171eab20L,0xa097d2cc4808be42L,
-        0x4f4e395f5842b80bL,0xddcb1e51a579145cL,0xa635d0cdf330ae0cL } },
-    /* 10 << 84 */
-    { { 0x9b8a3eb3069e6432L,0x43aaa7fc721397f7L,0x46e23c6ca7e83a71L,
-        0x71b261d593fa3c25L,0x4a47a1050f523a72L,0x31919e898dcad752L },
-      { 0x4c8b06e70c5dd2adL,0x677ec5f38bdc55e7L,0x4372d55dcb1b5828L,
-        0x7bf054c1f04dd321L,0x4e8c1a992e44584eL,0x6807803751d35d78L } },
-    /* 11 << 84 */
-    { { 0xa6d78a3d754377feL,0xcc17c26ac72ae5e6L,0x2f0ab93b1c05fc24L,
-        0x1645c369d64c9d40L,0x7c37b12c563e7e9bL,0xb70d292d58b477cbL },
-      { 0xc283aca993a2d5a6L,0x759e9118354c183fL,0x8a031f6fdd8f4125L,
-        0xfa8b17ad56edbe3aL,0x6e0f96eb63c651ffL,0x40361942b5085541L } },
-    /* 12 << 84 */
-    { { 0x25ae349981d311b3L,0x8640f52a3b16037bL,0xac0839941d947065L,
-        0x3723c75ee2e693d2L,0x65040a51b66f429eL,0x7f582b0b035a3a53L },
-      { 0x20eca9e10a166da6L,0x45b37e202c4cc565L,0xeab882957a8a96e3L,
-        0x99e771dab60a1a1bL,0x2cdd778c23b03965L,0x8d4d7a7291052478L } },
-    /* 13 << 84 */
-    { { 0xb57b345e4ff33506L,0xc1a3092a31d23fc3L,0xc16b501e905e1f58L,
-        0xa36a3b1f29067b85L,0x7cfabd23c214dd5aL,0xbd5f7ab726ad949eL },
-      { 0x8f64595987363816L,0x49c1a3e679d12d59L,0xcc8f3e2c32d771abL,
-        0x008d900e6bde16d1L,0x60428a0f60165966L,0xd4f8d9eda7383ab9L } },
-    /* 14 << 84 */
-    { { 0xa52d3c2d7e8f73b5L,0x86d8063351842657L,0x58f01253b3949ebaL,
-        0x97689f15e79367d0L,0x918bf9a30d820328L,0x2d4bc99441c959dfL },
-      { 0x37392f6e8c16ee54L,0x9f726d58e6f0849bL,0x497de1e4b8208f08L,
-        0x60c51233d51a29b3L,0x0f61fb03c9e1d465L,0x09494bd0fbe2613cL } },
-    /* 15 << 84 */
-    { { 0x100ef5d0a2bd7bd4L,0x89efecf5f45e2a66L,0x63bc210b653786bbL,
-        0xc7748dba0a0e47c4L,0xaf8122ae110d1ba0L,0x6695bfbf797c78bfL },
-      { 0x9b0e6fb1d7dbff69L,0x106799703f53040eL,0x22d9ed52fcaf4ed1L,
-        0x1e27bafdcc1b2d4cL,0x839f9c019f1c88e6L,0x1112fe541321ad66L } },
-    /* 16 << 84 */
-    { { 0x4f293478154d0f99L,0x1b82320dd07a24b3L,0x1bf7c94f64d55f6fL,
-        0x4489b57d725c5125L,0x3aa4d43ab1b6a091L,0x054842bdcf7a60faL },
-      { 0xaa918a4d2aeb4cb6L,0xcbdaff99ac7d317bL,0xed0e00a16812a03cL,
-        0xb09acf270b0a1e4bL,0xc73a41f7ac28386bL,0x43134dbdf4cd1321L } },
-    /* 17 << 84 */
-    { { 0xe5f746af6e001a20L,0xdc975b02d6a9925fL,0x6d13e266e57f9100L,
-        0xe013661396a9c4c9L,0xb483162850a66d45L,0xe3b0f96d4ee8439aL },
-      { 0xf2a2c08d3e074501L,0x987b2b6b2be498e4L,0x605aad24a15b815aL,
-        0x5bf2186f8529ad68L,0x1413b3d7885ad25dL,0x3de23959807efaabL } },
-    /* 18 << 84 */
-    { { 0x08336ffed8c33924L,0x15b56cbf5140b253L,0x38dcd310306caedbL,
-        0x04ecd49647944afdL,0x1280d23f68a48f95L,0xf414220434363c6eL },
-      { 0xd0a397eacaa8717fL,0xb51a1669c3994b80L,0xa02eed916c56808bL,
-        0xc3ab55c583545c3cL,0x8b835820fd26114aL,0xe0cfa4a6ffff324cL } },
-    /* 19 << 84 */
-    { { 0x4db4bfb788b45f19L,0x130252bbe0d5fd16L,0xe44c97b22808bff6L,
-        0x885e4555b03405caL,0x3b7ce036be9af81eL,0xebe17cf58c552276L },
-      { 0x6eb946c977f4158fL,0x36c23a9c74a5e642L,0x466ff55f2e70a453L,
-        0x327fd5fd28ea7af7L,0xc96bfbec6e658256L,0xaf194fe8c0a3b932L } },
-    /* 20 << 84 */
-    { { 0xcf63d27951c0d95eL,0x3b170a0bac86a014L,0xc21eaaa9881095e1L,
-        0xed2fda116069a3ebL,0x536264b9bd2f1c5aL,0x819e1cffde312c2cL },
-      { 0x6c30f983dfd6ce38L,0x2f32cc4c980b439eL,0x9fab10b63b9c03b2L,
-        0xdfebe34e011ab74aL,0x587360e3b80963f6L,0x3db1f6108692e352L } },
-    /* 21 << 84 */
-    { { 0xf262f2379765908aL,0x76f8d0017d03cdcbL,0xdbcadfb22f35de21L,
-        0x88d5bf592a73815aL,0xc4f4e3b02b1bab82L,0xf5cce885b9635dcbL },
-      { 0x110a785875a416dbL,0xfe7e6c360adb01feL,0xa02642c01374d779L,
-        0x9010758753bb5898L,0x0c764ed2a363fcf2L,0x24a2a5541700e551L } },
-    /* 22 << 84 */
-    { { 0x63a094c5fe3d070bL,0xf769b91988515eb1L,0xafe86e1450d1131dL,
-        0x6bf277886774d3d4L,0x7231d699ffd805d0L,0x05132e5b6304116eL },
-      { 0x3d5e255be34ce5bcL,0xfd9c3bd0c95e3089L,0x22a24023b83cbac9L,
-        0xfb6d2b6fb0b3b98aL,0x74af1115f7e36fcdL,0xcfe15eaff9da3bf0L } },
-    /* 23 << 84 */
-    { { 0xb242ffd61da39f60L,0xd0ed946320cac1b3L,0x9ebd5e46e25f809fL,
-        0xc7df7e5a07f5aa4eL,0x5eea38d791a5f85dL,0x6240f01d6080442fL },
-      { 0x72ec0a5e251d866fL,0xd3e4acbebf2c0037L,0x0d4f47c90fd962d7L,
-        0xece7c047b8de2dfbL,0x841050b96df17f0fL,0x567c3df7e933a4d5L } },
-    /* 24 << 84 */
-    { { 0x266d2c1cbb2fcdaeL,0xb538d4a252be93f2L,0x774c88ba73bd0094L,
-        0x65283a9b81a7e042L,0xe1438bbfd0381625L,0x450e1f644d0db206L },
-      { 0xb38ae9ef4e60fc4aL,0x14ce87e112719817L,0x831d41ec570303f0L,
-        0x7172917028850444L,0x2077ea32ccd609f5L,0x091d1166cd273fdcL } },
-    /* 25 << 84 */
-    { { 0xaf5916f49412edcbL,0x9ccc0dc08f01b2d9L,0xbed1fdd42dd737c8L,
-        0x29d26cab95a21501L,0xff38bf18c70f1364L,0x0bdb055876879b06L },
-      { 0x706031e2a14164d8L,0xe229fce1fc39648bL,0x5ebc640878e97c8bL,
-        0x26039bda822de18fL,0xab992da4b9f090d7L,0xf409432d53eb438eL } },
-    /* 26 << 84 */
-    { { 0xdf216dd84b2ca517L,0xb3eec4b9c6b74c4dL,0xf564e6c81c14e77bL,
-        0xcde25f1c2c2c9395L,0x7e31f7a5049fcc83L,0x6913707b9284c753L },
-      { 0xb92a6f2458e6eb5fL,0x85b0cab595148292L,0xeaad036d7449be92L,
-        0x2f6a2888eb94a702L,0xd7d8773d47d59fb0L,0x612d257303c0bf25L } },
-    /* 27 << 84 */
-    { { 0x805ece910ea742f6L,0x54486a6ffb5dba94L,0xaceb0eebbae52f76L,
-        0x2200fd85e98794f0L,0x44bd993ef305af19L,0x28f256738eb8baceL },
-      { 0x5d3fabbadc5f9c18L,0x4338f79c1b003ed1L,0xaf4b0566bc20c65aL,
-        0xded9407c3045d1bbL,0xe8713d7506391eb2L,0x557d62c971307365L } },
-    /* 28 << 84 */
-    { { 0xb872a10584d2c3bbL,0x44bca57139196026L,0x857327d84e352e5dL,
-        0xa6c6004ad925f99fL,0x48aaf266bab79eadL,0x213ad923adab2a3fL },
-      { 0x3be29b6df371cc48L,0xe732b9062385c9f4L,0x562e0be123f0a84eL,
-        0xbb6b017228c4b0dbL,0x71a93ae5f4c6d8beL,0x76b8bb16551f1fe9L } },
-    /* 29 << 84 */
-    { { 0xd028d9b5242002c2L,0xea105054823783caL,0x01cf8a491d45c34fL,
-        0x1035835e42457869L,0x0a95049661cc1e05L,0x9dce5bd3b439afc2L },
-      { 0x8552f02003b18e4fL,0x4973e3bde6144805L,0x29fb98d8d8514c4eL,
-        0x0ce0e8d83ca27b39L,0x7aaf3f5284bbc6caL,0x0572bf40d78c7c5bL } },
-    /* 30 << 84 */
-    { { 0xbbfaaa94c39926a8L,0xb9a59fdb60a138aaL,0x217a1aa2947e30e9L,
-        0xcac988c9c52c9fffL,0x5676473a3bae3c39L,0x7d84b353857f04c9L },
-      { 0xdeded30cdd324e24L,0xf07c678a9c242899L,0x956d05538cb64f3bL,
-        0x9d34e2f5502cb2b0L,0x99e1054a51dd03b3L,0x86b8bfa54d60a593L } },
-    /* 31 << 84 */
-    { { 0x3dcd2df9c8870c4eL,0x7cfdd05f1699cd0fL,0x19e9ccf027e79e0fL,
-        0x56e997027b85d75eL,0x407b5b74ccadcf9cL,0xc961a336297dda7aL },
-      { 0x350c34d56d12d17bL,0xe37de9a93bc6afe9L,0xd2c7339e0d641d3fL,
-        0x2700f39cf7dfa063L,0x2916f9ad8ddef077L,0xffec6230547cdbebL } },
-    /* 32 << 84 */
-    { { 0x10a53b90754d15e9L,0x6cde9a0c5f4c7218L,0x740d513fabef2b96L,
-        0xff6cc47cd3f802fdL,0x1be6825beb0627afL,0xdb21ede55886c2dcL },
-      { 0xb6cfb2c6f5daaed7L,0x68b61aa8fae29a9cL,0x7a1e16f53a5a485bL,
-        0x16b60b92e7b2223eL,0x332f33d836a13a9bL,0x4567c313876cd1a2L } },
-    /* 33 << 84 */
-    { { 0x7663402de62014a2L,0xbffe1e7fc4efd224L,0x2080eb02c38f766dL,
-        0x6c95529ba9641db9L,0x24dc13a5c68de8e5L,0xca219b3fbbc3016bL },
-      { 0xb83450e310b634e0L,0x8cd26d775b097a34L,0xb912c34564c9884fL,
-        0x3d1f28be5bd75f1eL,0xdcba2b479466ea59L,0x4077e017ca9948e3L } },
-    /* 34 << 84 */
-    { { 0xb4b2c65df91c7972L,0xabe915496b689013L,0x4eb7afa8d506333bL,
-        0xc2f2ac1d648e7c0aL,0xc6bc96b1213cc243L,0x0b827c2189e44025L },
-      { 0x2e866601cadee87dL,0x8ee85356b4719ce3L,0xefda7427b4fc0081L,
-        0x0d5c33c4c802c92dL,0x4c8635ab58515f01L,0x9d7ed87edd0ab04fL } },
-    /* 35 << 84 */
-    { { 0x9a660794cda4cadfL,0x70784fff2484a3b3L,0x8ed664ad2de7de13L,
-        0xbaff5937030d906eL,0x884407034ab43a4fL,0x86dfdd53ee09795bL },
-      { 0xcffa6852fb0e889cL,0xd94373e1e8c9fb95L,0xecc0ea249b0e3ac1L,
-        0xe88eda6eaa89e492L,0xbb049803da19207cL,0xfbb0c3874bbb5be6L } },
-    /* 36 << 84 */
-    { { 0x3e2bdd9b5a5f6b4dL,0x30cf4762ab005a55L,0x8736f5188bacd78cL,
-        0x8a5a647b09dc21fdL,0xfba40c38ca06c1fcL,0x63d53fb64a4e1524L },
-      { 0xe77d07a19a2bd706L,0x54144ea7bbe30e86L,0x8eb606220bd955a4L,
-        0xf689cc80b3c26cafL,0xc70fe95c9fefcbbfL,0x67f9e8e2495b5bdeL } },
-    /* 37 << 84 */
-    { { 0x04361e6b2e4d2cf9L,0xdbd3cc13ade11ba7L,0x93dc1d1df47d8ae0L,
-        0x7d46bba6fbb2d65dL,0x797ea0df92e97abdL,0x09eb3975a712e8cdL },
-      { 0x9ab3a54e0380cf8fL,0xcd1a9574c96710b1L,0x6abcd1a1dc13dbfaL,
-        0x1be0db71c2ee67f9L,0xee8ec8d0c2ac89a5L,0xbc363f407da201f5L } },
-    /* 38 << 84 */
-    { { 0xc86c049bbbef377cL,0x43df6f3703de56a7L,0x01eced2b558e516fL,
-        0x18fca0bdb43c1cc0L,0xd8c6f7ff62121c68L,0xb2f1f1ac36f90713L },
-      { 0x5f876328ea1bbd95L,0x9f22dd535ac4ce8cL,0x7e052acc7df88002L,
-        0xedf21fb7068d46a4L,0x349130a21d7d0220L,0xcccc79beaaa68eebL } },
-    /* 39 << 84 */
-    { { 0x9c955b5eb4100632L,0x8d6dd2d3ccd99a0eL,0x700f827c265dd397L,
-        0x5540bc0cfc85a2c1L,0x6d4b8e7adfb81661L,0xfbfe1ebe1d5c1485L },
-      { 0x322c2883c9dc1b6cL,0xc7c897cdfd7e0f34L,0xe70b0586030e41aeL,
-        0x4263e06e26a728b7L,0x0ee2b93392387542L,0xae708ccaf6220511L } },
-    /* 40 << 84 */
-    { { 0x05ff8b9cbc15ae37L,0x94dc2e85d06d62edL,0xea1d1c8b4b02607dL,
-        0x1fc202a224da757cL,0xbd5180bb35440e69L,0x0263dd51698ee7a5L },
-      { 0xbe93f27654013d74L,0xa7c041c464e81695L,0xbb170ac13ba5336fL,
-        0x1aadf302af84dfa1L,0xeda58747c960788fL,0xb456070e5eefc35eL } },
-    /* 41 << 84 */
-    { { 0xa905d421800ed69aL,0xdb8a643813622898L,0xd003affbdaab0769L,
-        0x467bc051f0aed9d3L,0xed1e6951b11085d3L,0x7a1d1152d3f54fc5L },
-      { 0x8cb243b6dc8dd008L,0xf9c690d1f409210dL,0x9a3195399461aee0L,
-        0xf580724dbc2e4de0L,0x52f648e4e759556fL,0x235a79f2697885d6L } },
-    /* 42 << 84 */
-    { { 0xb293d3fe8220ceb2L,0xace20e7e049a33a9L,0xa584ad52af4198d6L,
-        0x49c5cde64aa0a5c6L,0xc4f7877ecee2e664L,0xe1557968bb98ed87L },
-      { 0x69b0cd713066000dL,0x1af188cbc7399f29L,0x5b88b85c306188a3L,
-        0xcffa28eb4097182dL,0xdb01149ec80d0aa9L,0x9f8e6d59402bc397L } },
-    /* 43 << 84 */
-    { { 0xa646077bd5b97d37L,0x618df84461cfbd95L,0x3a9fe2f447c62894L,
-        0x7f2760eb4e0f1612L,0x50c08fdb36e5acf1L,0xac799584675d2aabL },
-      { 0x3eba6f54917dd606L,0xf585fa5075119ed9L,0xb047abfca32016bcL,
-        0x61c03e51aca118f0L,0xef9fcc526dc13766L,0xd849eca5e8a3fb72L } },
-    /* 44 << 84 */
-    { { 0x11ac1ff4147faf46L,0x5dd8913882b818f4L,0xe439f66fb15fe5a2L,
-        0xadf913a5fe8fb45aL,0x3dc708404a6bbdb0L,0xe8e1204da4af4ac5L },
-      { 0x4be549318ba70502L,0x945d9a765883b39bL,0x99cb1c721a76198bL,
-        0x96fbed479a7949e2L,0x30ee96ebf0299bc4L,0xb7dc5e76d3dd160cL } },
-    /* 45 << 84 */
-    { { 0x85eca39b0c88d5feL,0x96000863af9e0158L,0xbb13f99c4509590eL,
-        0x50033c18034e2499L,0x1e9346f87b86cb33L,0x917d88b4aca548e0L },
-      { 0x0c422c2e9e2a7e15L,0x6751c95c5e37fb06L,0x631361b8c40d21b7L,
-        0xe231858ec9958deeL,0xae86abc54d9936e3L,0x60c78d1137bf9213L } },
-    /* 46 << 84 */
-    { { 0xa0bcb7c6283190a9L,0x36c884ffc53fe76eL,0x071d4acab23f0865L,
-        0xd44e3c20e14a82f5L,0x704dadd8968d28bbL,0xb40d2b948e88ad61L },
-      { 0x4a29142ff3de62f8L,0xdd071910bd7292a8L,0x5b12c32d5b3571c9L,
-        0xe9886262943c6aecL,0xc49b7506cb1e0a33L,0x87f6c2d3de95886cL } },
-    /* 47 << 84 */
-    { { 0x44ba232e010f465cL,0xb82486c69ac91d38L,0xcd1a6bf75de743f5L,
-        0xe050232838acbc4bL,0x8de9c29631fb87b5L,0x9c8029250450c4efL },
-      { 0x19ee1607635e64a6L,0xeff5478c69ed7f8eL,0x311201a027001c21L,
-        0xfc0382a78beb55ecL,0x494b623ce9dea7f8L,0x926a3f756767f769L } },
-    /* 48 << 84 */
-    { { 0x802f495cee46f99bL,0x0f3ad0ee43b91cbbL,0xeaf3b294e9b3f0f6L,
-        0x82cc760033cbdcd1L,0x1a5642278e83fce5L,0xcf1b2edaffa0e4ccL },
-      { 0x7d93e9769b1f5706L,0xe4eb843cf873d68eL,0xcb53dd79eafe5f35L,
-        0xcbbed8f0fcaafabbL,0x570472705f053efeL,0x2c71a95f1ebfeb7aL } },
-    /* 49 << 84 */
-    { { 0x02d4717ddd7a5499L,0x3bc8bdcb9966236bL,0x13f08015fd27be15L,
-        0xe05236f6baaff392L,0xf73bab3f7b4cc522L,0x8ad26d4552ccc027L },
-      { 0x79f8e79e9e9ccd7fL,0x8011b92aab2f22d9L,0x6aef576e729662e5L,
-        0x7d5194d05e568f55L,0x2947d63a1a40860bL,0xe9890f1440305b54L } },
-    /* 50 << 84 */
-    { { 0x8085614c0fa9602eL,0x9ee1b9b26651c4ffL,0x65dd9c94ec048f1bL,
-        0x10b4a62f6d6c0fd7L,0x61469fb7d391dcd2L,0xdf751399edc3d431L },
-      { 0xe3901315c913acbbL,0x31581d7a90976644L,0xf20809634aee5cecL,
-        0xaa716eafe5408c5dL,0x9e356989b9a60ad7L,0x2d6e7733a6a3c977L } },
-    /* 51 << 84 */
-    { { 0xd6d99f54f19b8464L,0x3322a0b8a0be5c3bL,0x6cff730557e98725L,
-        0x786709c7953a357dL,0x3864d278a1013652L,0xf7471f111738f6e6L },
-      { 0x0377a923984c465aL,0x4a24b9e14ba970e2L,0xe53dd9f21c01d248L,
-        0xf422b754fbffc0d5L,0xae25dc0ec6a956b0L,0x3c3fef96ce806445L } },
-    /* 52 << 84 */
-    { { 0x6a69d207b5906d71L,0xf3c757ed8964e1b1L,0xdae255af5f98821fL,
-        0x6c801ed4db1af96aL,0xd12430343d109b86L,0x4b2aa65fa091f98dL },
-      { 0xd9bb4c2132dcb5f9L,0xe5a5979bf190a1e0L,0x0861e5de40117a91L,
-        0x8753c9adc39120e4L,0xfdcb09f4aeb4a18fL,0xdbda38746bd1fd08L } },
-    /* 53 << 84 */
-    { { 0x1bd8e8c0304f7045L,0x8ffcf24eedbd2dd0L,0x13c9441de6ae4dadL,
-        0x5efb70aab418c02dL,0x9d0fede1b8cf6949L,0x613545cf41f5aec0L },
-      { 0x4e3342244b98bddeL,0x7d0c11110fd8aaf9L,0x30c2bedcdfb8643cL,
-        0x875d386aa83e493fL,0x85b32632d6cd0825L,0x9f1ef3a01445507dL } },
-    /* 54 << 84 */
-    { { 0x2b70440e54f6b8d9L,0x355e692430eddda5L,0x354e7cfbc9199910L,
-        0x7e8933bfdc7de946L,0xc5692fa981b9eaabL,0x2eb58fff98cf5f21L },
-      { 0xd0d8f9bb96b19d59L,0x779aad414d1a6285L,0x0cee1a9b5eb87c49L,
-        0x676e36ff786c4c81L,0x6618c8f112d34964L,0x2061186dd03e9562L } },
-    /* 55 << 84 */
-    { { 0xa5ae40977da39b54L,0x98e4d1d9f1d40635L,0x40d97af126154fc6L,
-        0xf18041d4e9ae28c3L,0xdca9487555978c61L,0x4aaddec43638b9b6L },
-      { 0x1e615a2eab925f91L,0x5cfbbe9ded8a50faL,0x0f26d3ffb2034aa1L,
-        0xb2f9cee2c4813646L,0x2195af47957b6709L,0xa55dac537e7fc45fL } },
-    /* 56 << 84 */
-    { { 0xe44a8ed7630816b2L,0x5fb9b643cca34310L,0x07826148a3b5d2e2L,
-        0x0f890db16e65c2efL,0xe9feebe288283844L,0x8e56c6760368a9f4L },
-      { 0x8f0cc9c93e4ce874L,0x646ede9b09f1beffL,0xe92d6bda014e3d19L,
-        0x27e620c5520c921fL,0xfd9b2ae1eed78555L,0x68684615816a603eL } },
-    /* 57 << 84 */
-    { { 0xcf54e9e89ded00c7L,0x8dff0130abbf7765L,0xf12773fb10c5f8d0L,
-        0x7435ac767382e4eaL,0x93092b16f61d443fL,0xc1554fa846eb45cdL },
-      { 0x0896852c30957ca5L,0xc0d91e3effe60944L,0xce8aee57a1b7c75eL,
-        0x4d24f07007cd1a9eL,0x3d8e381094456b11L,0xed6fba6b9dbc9d0dL } },
-    /* 58 << 84 */
-    { { 0x1b1de3ed8b5b8f82L,0xf542399d64252363L,0x23f34cccd206f26fL,
-        0x54c48d9fbd941d6fL,0x3859eb56202e757bL,0xedcb4729ae0eaf7aL },
-      { 0xf08753c512360fceL,0xf37ece765f697cd4L,0x073cae01c98a7c8bL,
-        0x6e298559df664bdaL,0xe8cefd27194b103cL,0x56301e2a811f6a71L } },
-    /* 59 << 84 */
-    { { 0x8103c6053d3fe586L,0x472885b3999bb4caL,0x3759d2d492a2834aL,
-        0xaa4eb3acd46cca1bL,0xcb99aaba633e579dL,0xf9369b033d6dc569L },
-      { 0x55fdb1fe8398c067L,0xd7aab8b47e6826ceL,0x7f5497bd8b525561L,
-        0x2e0e1e9c2cd0e3beL,0x3142a6e2c47caf5aL,0xe78cb1840f4b802fL } },
-    /* 60 << 84 */
-    { { 0x0a1577baf455f6bcL,0xaeeea79094df32b3L,0x1af3ba0f6bbb15ceL,
-        0xaab92a74e8522659L,0x84087a8f7efa0a4fL,0x83c6991b84596065L },
-      { 0x11f7829d29fbb626L,0x32b04b2f86031974L,0xf3a5b8722c1291deL,
-        0x2ffcc97e8bd2be43L,0x575400d10a206f7cL,0xbb4583de0befbce6L } },
-    /* 61 << 84 */
-    { { 0xd448eafaab983fd7L,0x2622336c7a18a7e0L,0x36632e221c274b3cL,
-        0xe64e8f89bf086fcfL,0x1dced08fef72ebd9L,0x61249c25ea295d31L },
-      { 0x7433743d3755632aL,0x9d766243ff32ed08L,0xc36e816a977b1d9aL,
-        0x1069fc0820ccec81L,0xbd4af7bef65a0cd8L,0xd04127fc92e31836L } },
-    /* 62 << 84 */
-    { { 0x39560937ea57ca46L,0xe1f2b7198229d346L,0x462b28d4dd02dcbfL,
-        0x510fce98a333d609L,0x795fbd38fefa05beL,0xd6e34c231bcb029dL },
-      { 0xf33291fc838f7ec3L,0x2a01a1f5f16e7247L,0xf9737722c0bcb3cdL,
-        0xc53ef57ecc8a6c77L,0x219372afc750f1a7L,0x3e6a97c3d14e60bcL } },
-    /* 63 << 84 */
-    { { 0x87278f062db3d752L,0x64c65f5cd106b7a8L,0x04ccc14d41ee7aebL,
-        0x72d1189e71952b60L,0x2e88f851080e9ea8L,0x625a6d32913e8df4L },
-      { 0xd943de73900ee95dL,0x6c12b3b3ecb8b3a0L,0x6209daf2c9b141e8L,
-        0x81c02f71412da959L,0x222d17b747278f65L,0xaa338805789138e1L } },
-    /* 64 << 84 */
-    { { 0xa896d28e4aea3fa2L,0xc6137a456db06ee9L,0x1bbafe8c06fb15ccL,
-        0x2daab2961cdffdadL,0x984defc8e1119b3aL,0x9cd44c3cde2a25a3L },
-      { 0xa7f54ece54ed6d73L,0xd283017f50907054L,0x69130efc6a3b9442L,
-        0x5d17f1276785163bL,0xc019911b172b1d0aL,0xa19c745f7e3e093cL } },
-    /* 0 << 91 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 91 */
-    { { 0xe185bdc2ab83d932L,0x0a75845dd7c4e754L,0x1f6f3397c3fe5695L,
-        0x6c9f3a5f61f6a04fL,0x3c0f9d4bb390a92bL,0x9e3336b74793b454L },
-      { 0x91ad0c341472f06bL,0x4110047a892cbdd7L,0xfa24d90565d53c83L,
-        0xd63e58334176007dL,0x741089fd2cd1623cL,0x6b3d92022685d345L } },
-    /* 2 << 91 */
-    { { 0x1d510157c9cb7f6dL,0x532a077346ab7372L,0x2ea07e2fc6dde9e2L,
-        0xceed9ad937d5bb1fL,0x3121994b98cc6e28L,0x67d2fbb567ad8fc4L },
-      { 0x34707fb3dc9f195dL,0x6a601f481fd5a013L,0xfe939b8d81ef6cb5L,
-        0x5c51e8ab1223a9a1L,0x8f6d7993db74cf37L,0x0b81c5b7972808e1L } },
-    /* 3 << 91 */
-    { { 0xcb4e85123bf921afL,0x28fc6332532e81d3L,0x682d8637f69f907dL,
-        0xbd9fa8f45f759a16L,0x091ea9fa51f03716L,0xd685a14132c630e9L },
-      { 0x7600c9ac3d249cf4L,0x687e2022002cd2b5L,0x7ec205ab55334058L,
-        0x9d0d86b13ecf1368L,0xb3fc17a7fc7baf6dL,0x57939961361c91cdL } },
-    /* 4 << 91 */
-    { { 0x0db33228010c0754L,0x10635ffa8eca7c59L,0x6efd85380e8a38faL,
-        0xc1812ea5769360d8L,0x505723dc76f27ef5L,0xd0358e02f35af2e8L },
-      { 0x9f7bb7fed99419eeL,0x87c66e83430a0e2dL,0x01187549773eaf7fL,
-        0x05bbbba489d51bdaL,0x52cabb06640ccde6L,0x0d5cb557e7ff387dL } },
-    /* 5 << 91 */
-    { { 0x709d61ca10e06f1aL,0xaa1e9fc578eba75cL,0xf85d062f914b2cfcL,
-        0xe73b3baf9089d85cL,0x4ac05feac4a284b9L,0x92c78a433acb7268L },
-      { 0x7b5586f8ee45bb4dL,0xc39a0d0e6ac0a9e7L,0xe4bbe3d54d6f9ab8L,
-        0x1489463f1fd46a08L,0x3ba3182529dba364L,0x94f000d68138511bL } },
-    /* 6 << 91 */
-    { { 0x70187dfbc39c1cefL,0xa785216e0c50c71eL,0x30188b816a6c0d60L,
-        0xeaeda67d6a27e97bL,0x4a5192826ba389aaL,0xb96c7c7ea2bf1273L },
-      { 0x8ff10657267fe714L,0xdff4a271996d91b7L,0xe34ba3e11dc7aed4L,
-        0xc457048b38853d61L,0xe89825db1ccbf658L,0x68c7b4556b255eddL } },
-    /* 7 << 91 */
-    { { 0xdc14cb2a74871e18L,0x017b1340fcb8974aL,0xea5cb0546e93c20fL,
-        0xa7c078ada9e2ad1fL,0xa37207d4beb26838L,0xcd8b3b25de7ee8eeL },
-      { 0xdca6606a2801a7ffL,0xad2fedcf0f8af3faL,0xf27d30b49b530c05L,
-        0x071fc1c36b2a4613L,0x363aaa99b72cea9fL,0x7a33ed8f3d350374L } },
-    /* 8 << 91 */
-    { { 0xc377b373bb20fabfL,0x68d3aa52f986b847L,0xd9c2f2adf39b6894L,
-        0x1bbff106bd6da22eL,0x3f7e5b8e7e09678eL,0xad6a87897ed3ee78L },
-      { 0x689e6b31af9807b9L,0xeca87778bd1f6ef2L,0x17d3277edda78c54L,
-        0xe686caccefb65cb7L,0x758aa1ab19a30f0cL,0xb40df97fb11f071eL } },
-    /* 9 << 91 */
-    { { 0x43b379f71a54cd32L,0xd61fe6c948817fa8L,0x6d7b0acc49ab7a6cL,
-        0xee23b4a0eb6bb45fL,0x340da1f1a2bda931L,0xfdff68411750ea8dL },
-      { 0x890346b8a96c7df8L,0x551993aed4fafc31L,0x2830b98890de711fL,
-        0x4d23863cfb5b5286L,0x327161a0d636d67cL,0xf99dded9733e1725L } },
-    /* 10 << 91 */
-    { { 0x0bef2d2517da64c9L,0xb94dfc85470bbc15L,0x2c2417cedd4af7aeL,
-        0x52b5b3bbc8e88ca4L,0xc00328c44f20d154L,0x024290f730af5d4bL },
-      { 0xe8bacbebeefc7350L,0x89eed6ebb72abd15L,0xb67d1da61d9e7030L,
-        0x2ddefcbc0e70a331L,0x7d09bc6d61e32577L,0xc2073cc95b52e979L } },
-    /* 11 << 91 */
-    { { 0x585939298b806bfaL,0x608ddfbfbce6a08aL,0x674545a08eb27b54L,
-        0x4b57a947c8fba762L,0xcf960113cbd8c683L,0x7b5a479a4fef1937L },
-      { 0xe26eb960450e97f1L,0xf04b36b9d8605a37L,0xb208c832ee5af2b3L,
-        0x3578d3a71fa337e3L,0x22547fca93509939L,0xd93dcb50e848508aL } },
-    /* 12 << 91 */
-    { { 0xd40f36e6276f2576L,0xd37455c46405cfe4L,0xe34094d7cc51dbaeL,
-        0x20f93f0f0edf8bf9L,0x534b75aa23b5e165L,0x438e4dd1dc1b73a8L },
-      { 0x9dd48c413bddb435L,0xc49867a0996b4932L,0x4212f8a2a9ffa0daL,
-        0x8d5236c4d94ed9bdL,0x81bec489f169cb19L,0x71cc1d7e6104edfcL } },
-    /* 13 << 91 */
-    { { 0x31a94a7f22771941L,0xa277284b39867dc3L,0xc66bd88b1a52f0f1L,
-        0xd2e2707b1aa21ee8L,0x78e4f280248d61e2L,0x33df48c7596a31f9L },
-      { 0xb9bf2baab1bb1e89L,0xe1bbcdb4038f10e2L,0x81f674a877b89305L,
-        0x8b2ec6ee16f08a86L,0xa07239c29db97ceaL,0x9f4ae6647ef8ecbcL } },
-    /* 14 << 91 */
-    { { 0x9cb21b57012eaba3L,0xcfce54821347a83aL,0xe3f3a67100d7b34bL,
-        0xd4bcb3d1a6c1b0c3L,0x6ebd26fb9f3c3e31L,0xd01746532dc79be8L },
-      { 0xe7cf9a0ad4156cfdL,0x2757cb0416face21L,0x8b0e320e69e1f08bL,
-        0x2a8caf9b946f83d7L,0x6daff0ba98a399adL,0xb4dfea0938ed6086L } },
-    /* 15 << 91 */
-    { { 0x90ed8b41e2bcf8ceL,0xa464972be8dcc1a6L,0x5a3d0b80ba496081L,
-        0xb636435569f85ac8L,0x0a2765b1a25bdd8aL,0x87a6c18f0d1516bcL },
-      { 0x9344081ae3b01522L,0xcef8e12e608f0145L,0x6f3566a52155e7deL,
-        0xcfc1be9c4d033a3eL,0xfc836eeaab97bf98L,0xbdf53718ba7dd059L } },
-    /* 16 << 91 */
-    { { 0x16f3708b953b9223L,0x0d3780f8770e7cf3L,0x97a615b227bb71a8L,
-        0xa8b9a864162f8b55L,0x80ee8362d91e3fb9L,0xb2009a09f83a4ff6L },
-      { 0x07a7873ac1696281L,0x17ff00c223095ddcL,0x427f683d860d60baL,
-        0xea9959271f87d32aL,0xb2ac69faa050319dL,0x30c362b9d2d0b9ceL } },
-    /* 17 << 91 */
-    { { 0xe05c6a88783508b6L,0xa5569c8ee1779a78L,0xa1e0ca30cc1e84ceL,
-        0x12ecb540337cca76L,0xafb5e2fb344d729fL,0x558db4e132c8f80bL },
-      { 0x5aa3c39523128383L,0x9f04757cee1ee2fbL,0x41132bd215356deaL,
-        0x4e9af313ae07ca78L,0xdfc14c0100c6b589L,0x54fdb4f3dc16a1f1L } },
-    /* 18 << 91 */
-    { { 0x71e663c234938279L,0x9a8f5ccdb05630f4L,0xd91ead12aad70096L,
-        0x2b19b27e9e46cf72L,0x93348c7038e3932dL,0xeab6c03a5c7617b4L },
-      { 0x57c13a97538eab27L,0x2624d17b2f5872f7L,0x77b63d9104b00f8eL,
-        0x2e0582473c89db0fL,0x5d367277937d0d8aL,0x28c19068df60c252L } },
-    /* 19 << 91 */
-    { { 0x9867bc3d38cd6020L,0x5f341d8c5986f76cL,0x108a3c0d0dab2e32L,
-        0xd127a7f989ab3654L,0x9d5018f468505cecL,0x51204da0a8fc94a4L },
-      { 0x1751f30cf6da9840L,0xafe6a8d955ed1f74L,0x270a5d1180165ac5L,
-        0x739f63e05de1e17bL,0xaa95f30735d2b566L,0xf20dd093650236a9L } },
-    /* 20 << 91 */
-    { { 0xd648dd79ee45d4b1L,0x0ceeaa64c2bc2f0aL,0x695f3a3f491a2862L,
-        0x4c07e2e0ce497e3dL,0x5c53879969c766c2L,0x3f856a2e4c4a7c14L },
-      { 0xbf8a6d81038032a9L,0xbeaadd7f45b7c960L,0x78b22e85d50b9d26L,
-        0xac1c56fa7eaefe26L,0x21fbce54fc69f13dL,0x37be1b47512a3708L } },
-    /* 21 << 91 */
-    { { 0x12845d55689429afL,0x7e20f0f9082c8ac8L,0xe1615340249773b6L,
-        0xf66c39638d0f35afL,0x4a20ce6d67d27093L,0x1d462f08e55802caL },
-      { 0x66f209849ff4dd67L,0x6b86f8d8271c57b3L,0x8701a5cde766b85bL,
-        0x50737ac2eea5fbfaL,0xb46ebb42a702f3d6L,0xf853091d999258bcL } },
-    /* 22 << 91 */
-    { { 0x0ce992198c9e7869L,0x653006be525c4adaL,0x783620e4330c402dL,
-        0x185a6ac833b728b5L,0xa297c4a99d390886L,0x547d1db5db4b8123L },
-      { 0xccf12f071acdb039L,0xe89c5866078ddc28L,0x3460cbb1e52c383fL,
-        0x7a4d1beaad25b82cL,0x21e243fdb429be1bL,0x5aa85c25bdc0d798L } },
-    /* 23 << 91 */
-    { { 0x76cf73b9c0db9d16L,0x45e57cdc1970ace6L,0x3c6f5314c54a109aL,
-        0xe32306f7da47cbfbL,0xb3787bdf93e76516L,0x68aa80084c6d4e22L },
-      { 0xd9246ddcb3d37be7L,0x6de2bb4d7000f1abL,0xda02568b67e4751dL,
-        0x3ed7a5615c7f88f4L,0x5f05c828ca5116caL,0x139cc5772a2ebb9aL } },
-    /* 24 << 91 */
-    { { 0xc983afb64cb8d897L,0x7f05e954b14cc152L,0x587fe71e0f4d02f5L,
-        0xaaa43167531b0cd8L,0xf69452727a26def9L,0x7ecf1e563bab50e2L },
-      { 0x04b6f5c94c6f20abL,0xbc6cec2b893b497bL,0x79e89567c9dc548aL,
-        0xa39a0a567a40b749L,0xf1531e2644bd4efaL,0x14cdd759057c7c70L } },
-    /* 25 << 91 */
-    { { 0x30c49847d6d51bbbL,0x70b744feecdc6aeaL,0x38cdf36fe8671744L,
-        0x5834286b8cf6461fL,0xf3414f7b2c09d632L,0x58425e4d5debb923L },
-      { 0x8bd79117a6b96c6bL,0xecf9802680f56fa8L,0x5ae917d7e6dcbbf8L,
-        0xf2d80fb169240a4bL,0x005ac47596e3aa3aL,0xe5196a3463536aa9L } },
-    /* 26 << 91 */
-    { { 0x5fb02929811d42bdL,0xd7d1b956289929b4L,0xfd3546947e531627L,
-        0xa37c9b1e58c2b2e2L,0xf30ed0f902bf499bL,0x3fe80d240eb6df36L },
-      { 0xf96270e57b148672L,0x47362483647f48d8L,0xc279ece6c29bc59cL,
-        0xc05c1d9ffdd7e628L,0xef8fc92e17568a7eL,0xd65fe5a9ec0e7f00L } },
-    /* 27 << 91 */
-    { { 0x0ad31de68c93f010L,0x151b1405945ec54cL,0x325d132c3db6997cL,
-        0xbed9cb3a335531e7L,0xa83932c34a578610L,0xd905abbf6f721147L },
-      { 0x6dd45af086d1d919L,0x2b2ee3090195e91bL,0x3dc30d5edb70d257L,
-        0xfb04b014481bde1aL,0xc2ac3ec82de2debeL,0xc9f161e090db691eL } },
-    /* 28 << 91 */
-    { { 0x8041f112afefdee1L,0x8cab3c86b891f668L,0x1f18774e2b61e754L,
-        0xf0d81b2459df567cL,0x2cc25da41c95e1ecL,0x315b1b1ac735d39eL },
-      { 0xd0a9b9fb010734cfL,0xeefc0398c79386daL,0x49ce859b11fb1917L,
-        0x3d66fd6baf167239L,0x2522b0ef1fea6175L,0x1a27657d3ec4a52dL } },
-    /* 29 << 91 */
-    { { 0x89ec003abb2ca05dL,0x2290b5f403195ec6L,0x9989bd925f6b95b5L,
-        0x1d6e6b2fad409cd9L,0x41f9b9ce3bfe7364L,0xb240f89570ec096cL },
-      { 0xf8725a58b8d5a5d6L,0x3bfec6f1c581930dL,0xc93e290356235c98L,
-        0x82af4269c7cdcb5cL,0xeb13fa40eea6fe91L,0x9247050097c80acdL } },
-    /* 30 << 91 */
-    { { 0x48dc23534ded5b58L,0x1b69590756e707caL,0xbbcb73927ec7794fL,
-        0x3714dfa6e50dbcc8L,0x4f8083c8f27ec5d7L,0x6358d2273bc8c3e4L },
-      { 0xe0c2a0e7656cf184L,0x3996e0a24244d801L,0xa46767b54e543c01L,
-        0xbf55776d965f1e2fL,0xeb66845e6bc872eeL,0x6a73fef1b441895cL } },
-    /* 31 << 91 */
-    { { 0x21602e432b26bbf2L,0x6092d570d1bfd7e2L,0x2b48d74a30b38d1fL,
-        0x4aab113c67c53791L,0xa6acbd3df57be611L,0x53b6509ebd3aae7eL },
-      { 0x047e5ab4d8751f49L,0x978ed11b0cf25652L,0x763553d2153619c7L,
-        0xc7e85e93d824d943L,0xb82cc9781048a7ebL,0x7beb9166e39cc777L } },
-    /* 32 << 91 */
-    { { 0x24480c57f26feef9L,0xc31a26943a0e1240L,0x735002c3273e2bc7L,
-        0x8c42e9c53ef1ed4cL,0x028babf67f4948e8L,0x6a502f438a978632L },
-      { 0xf5f13a46b74536feL,0x1d218babd8a9f0ebL,0x30f36bcc37232768L,
-        0xc5317b31576e8c18L,0xef1d57a69bbcb766L,0x917c4930b3e3d4dcL } },
-    /* 33 << 91 */
-    { { 0xf6625ac0b9a038e8L,0x954056eb2a921e56L,0x7135295aeac07bc6L,
-        0xedde9c39f1ba0ea8L,0x628324026b592655L,0x4603177aefb8aa66L },
-      { 0x63e5ea16406a6c28L,0x5897fdee1c758382L,0x515e49fd415533c9L,
-        0x0a0dd627d6701b21L,0xd7c06db1c93a312eL,0x4fe95e3da33d8df7L } },
-    /* 34 << 91 */
-    { { 0xf113d92c3336edc5L,0x0a201f3e8ce47278L,0x57492feb5c52562fL,
-        0x18b73800f29da837L,0x2262089f649a1ee8L,0x076b07657c99bf48L },
-      { 0xa95050bc09bfad20L,0x5aeaa9088c7e713cL,0x264283ed3cda06ccL,
-        0x5d574b116079b43dL,0x0071495cced10a84L,0x97441fb0570d3063L } },
-    /* 35 << 91 */
-    { { 0x340831072b228335L,0x84ea0aba50fbd43dL,0xafde6098b3ec91e4L,
-        0x4fd293ca1091ad93L,0xee085e23552a785bL,0x437d799ed7057200L },
-      { 0x41f735628a611ff4L,0x707a7cb5d2ef6254L,0xa9a8f00092a30686L,
-        0x901cc8e60cea8d1dL,0x1fbc9ca6d6da2ddcL,0x61bcee2176489604L } },
-    /* 36 << 91 */
-    { { 0x5f6ef134781a7f53L,0xbac4cf47b10a9d16L,0x48148ba110e69f4eL,
-        0x40594360a9c615f0L,0x3141817ddfb3fc58L,0xb9579a9263c38d83L },
-      { 0x0544b1bb6373b9aeL,0x718a5fb7007c8185L,0x48d4a4f77cfa392aL,
-        0x9c16cb825d44ba38L,0xc83d2df42a8fa83fL,0x835aacccc08fef0cL } },
-    /* 37 << 91 */
-    { { 0x09ce1818af09fefdL,0xd1d2f95f5dd9d687L,0x94ed08b5495c4eaaL,
-        0xd1afff464a0b95d2L,0xd51ba2b455347a75L,0x413126295e3866edL },
-      { 0xeef2d7e3cdd37660L,0x50e6fbdfec2fe50dL,0x9d071e18a664e2eeL,
-        0xe70e1d9ed6a8f467L,0x576d0cc4e13afc19L,0x67ced86da0efc220L } },
-    /* 38 << 91 */
-    { { 0xa26968cb26a963daL,0x461d1ab5cecbd96bL,0x8eaa1834b3e38516L,
-        0x1e92730f05d2cd2bL,0x91112026b07cbf92L,0x26eb815062374314L },
-      { 0xa904f1d08ab1b9d1L,0x52006594692b1905L,0xc9cc90ca6ba4717dL,
-        0x4bd7300aaad1c74fL,0x67ba07a4c21c5832L,0xdebfd810fa56a1a8L } },
-    /* 39 << 91 */
-    { { 0x3bc5aaf484539b6bL,0x6ca9ac0c0d1249aeL,0xb59da22db4ee30c8L,
-        0x6e62553e57149c9cL,0x46db0089786333cdL,0xe1e2ae523e4c12ceL },
-      { 0xf828d2b537b3fd82L,0x31844a9d03af654cL,0x85dd8daaea5a4677L,
-        0x0db99b8f3432e82fL,0x99383b874866e1b6L,0x52310054e325b0c2L } },
-    /* 40 << 91 */
-    { { 0x737cd387044854f9L,0x488b2fd667eb29c2L,0xe71d9bb7258c5a80L,
-        0x21afb486ac71048eL,0x0252b540d4d39296L,0xe3e52cb87839d8fdL },
-      { 0x5cb1100667ea0afbL,0x207637d1de82b12bL,0x77920933e93bcfcdL,
-        0x65197f5df32f636dL,0x82179527b6c41411L,0x7696a479f410c989L } },
-    /* 41 << 91 */
-    { { 0x78307cd80e8d576cL,0x10d3b950fd9d6044L,0x2c2f9e2bf4b20445L,
-        0x961343c72c5c7ea7L,0x931c52a0af640e61L,0x45557391470d420bL },
-      { 0x4096a997317f4d26L,0x15210801cceb9be5L,0x228102195ff0759dL,
-        0xc388a2d21d265932L,0xceb79d01e86dd99bL,0x23e8fc7b3311dcb3L } },
-    /* 42 << 91 */
-    { { 0x1a7d0e091d7743eeL,0x18720797d53e4a8dL,0x78465f1ea04dbaa1L,
-        0xd4f064da9ce65723L,0xc0e7c035b496e8d4L,0x25657d2e6bb2f9ebL },
-      { 0x45576ab49f4b6cb5L,0x83983c70ba33d6dfL,0xf699e84d1eca62a4L,
-        0x35528636a13f5c31L,0x6a1b56b01f6b1739L,0x7906eccc6ea87942L } },
-    /* 43 << 91 */
-    { { 0x4e584a4fec1204a5L,0xd96b00e845a5b311L,0xea11fb03030badccL,
-        0x9b2141b2a825a89aL,0x18bbc30bf8b2450dL,0x87bd93916513b2cdL },
-      { 0xb3dbde552f0b304dL,0x762f3dd7c3c4817bL,0xe51e1733edd3fdd8L,
-        0xddad4c515d8219a2L,0xf5a8c0b8796b6877L,0x34563a8989bf65c8L } },
-    /* 44 << 91 */
-    { { 0x93e2e3a2881c106eL,0xa227cc49fe82afd8L,0x6fee74a4748e81f3L,
-        0xb212e8eaa5dd966cL,0x68d270efdc7d8883L,0xef2f3966fe757e9eL },
-      { 0x0340098b7466881eL,0x7ab98a0575884bbfL,0x24783467a472f62fL,
-        0xc73cb49f988637d9L,0x2b5e9d27dfb710c9L,0x503f9a2f788fcb18L } },
-    /* 45 << 91 */
-    { { 0xcba6f4631a52b729L,0x8874582cc8be34cfL,0x98a08e246a9a1eaaL,
-        0x77094319d5693f71L,0x575a0938a8504e5cL,0x3f59910c226f888eL },
-      { 0x5c3587990aeeb1f1L,0x7c32821d3613bbc5L,0x66f288e7cc17db95L,
-        0x6f3221998724ac94L,0x4e3fa38981db3751L,0xa6e798c8420403baL } },
-    /* 46 << 91 */
-    { { 0x56672f2e2cbea2e8L,0xd1a02df9128bd636L,0xff6a3bc6d47a0025L,
-        0x24124f30d38d0b42L,0x89ac3b8dda63df29L,0xf26d72994d0b6458L },
-      { 0xfff0445f7d6880bcL,0xface90f52be76351L,0xbf10c6b8ebffb74fL,
-        0x0e53c533a1fba003L,0x037baf09112f4980L,0xb8ae6312be960954L } },
-    /* 47 << 91 */
-    { { 0x8397b60917270d4aL,0xb4d0c38700e4caeaL,0x69c52bb3f4c58f86L,
-        0x06e0e01157b1fd41L,0xc5dc2f25627873a2L,0x9af848ca0ae53974L },
-      { 0xb5c957c06ad18335L,0x93b564154ef09e7bL,0xb5ba282450e2c5ccL,
-        0x63f003a567d7b68bL,0x0bcb0dc820bcbca3L,0x8803b1ffe3d4296aL } },
-    /* 48 << 91 */
-    { { 0xff41d51faae4bfd4L,0xcf50b14117c44facL,0x078b808e657a1ea4L,
-        0xc5aac1a893c00c55L,0xcb99cfd0cc4d1c0fL,0x1d1048933fa123a6L },
-      { 0x49646059023ca92fL,0x5833e326f3982134L,0x2e0d4bc9c5781cddL,
-        0x5f7f84ed8d5e75f5L,0xb6655f1fe1e8a383L,0xcc18514c296e4943L } },
-    /* 49 << 91 */
-    { { 0x5d3e5f8d8a407ff0L,0x9c713c8c7b42b11cL,0x7433a9921e387806L,
-        0x5272b92a98cb43acL,0x6261dfc1b1018149L,0x229d2ba5d3b4adf4L },
-      { 0x1f52e72989f0905fL,0x965e062925d4c79cL,0x42edaeeb33e6c016L,
-        0x5ec492e8af1709adL,0xaad39616c5763619L,0x85a659098c666860L } },
-    /* 50 << 91 */
-    { { 0xec8fe7dc86009df6L,0x42dd3c37871b20a6L,0xe4388c920db643e4L,
-        0xcc5dfdd481e06dbdL,0x3f1a3c6458ca7500L,0x987d7caa22c04e9dL },
-      { 0xd0c91072bc5717e2L,0x3f605fd2e77e5509L,0xa1cc1404c0c3e95eL,
-        0x4afaa9fdc6d0edd0L,0x2f3aba4e0d7d882dL,0x3f1f0349796c5ac0L } },
-    /* 51 << 91 */
-    { { 0x5dac93982eeb82e8L,0x2fe5ffb57536ce1eL,0x2bb120ac6926cfceL,
-        0xe54ff20f2236dbf0L,0xaaf0d31edf8c5a87L,0x5262fb9fc8f5df7aL },
-      { 0x0f833760467092bcL,0x50fa223d0a8dc0afL,0xd6a4847d35406966L,
-        0xd17d6ce003b7f56bL,0x8067d8e2ee2d64bdL,0xe33e51bb9fa4fe9bL } },
-    /* 52 << 91 */
-    { { 0x52aa210770248e4eL,0x30cf7e773b6bf709L,0x36961c7b788e1836L,
-        0xbe49de5f7595af2bL,0x86b49b619cbcba78L,0x1947db3790cf1117L },
-      { 0x7d3f599de14b4287L,0x14546993f0ca62ebL,0x0f6c8872d0abde7aL,
-        0x1531ceeaafe2260fL,0x36449624ae5ecf96L,0x6cfa12a5840bdc19L } },
-    /* 53 << 91 */
-    { { 0xb092ad68c1d612b5L,0x9f6052507af5c37dL,0xf48aa7c6c702b673L,
-        0x380144215cd29c3bL,0x7b09e407121867ecL,0xf71443d391e59047L },
-      { 0xea51e1a6b6d16a51L,0x041fa7650f33e2ccL,0x3a6d50c73750dce3L,
-        0xeebf5c2e97cb7a7dL,0x2530de228f39e771L,0x9af217c18f37f863L } },
-    /* 54 << 91 */
-    { { 0x38793fd0c683085cL,0x49cc5934dc436d16L,0x94c708e4175e770eL,
-        0x41bfb65d059c2682L,0xf6b83eb75f004ddeL,0xe1881929f6864410L },
-      { 0xfaa77fe0b438f937L,0x97a856069997e90dL,0x78366a9108de889aL,
-        0x6c28ef64553229cdL,0xfce82c2fe9381854L,0xae98117146f70bb1L } },
-    /* 55 << 91 */
-    { { 0x3f77410e9aacedd8L,0x0e34bd7d453813e4L,0xc5818436825d6b0dL,
-        0x0e30f037b4d0ac73L,0x70f6bc9b69b559c5L,0x68d3d71eaed15484L },
-      { 0xd0254e5414fbae1eL,0x6ddaad42ae0d3df6L,0xefb91a545a6e98d0L,
-        0xde3fcefc854ee5fdL,0xb2f0f3a1dfa2a8a0L,0xb656f97ad00ded3aL } },
-    /* 56 << 91 */
-    { { 0x01acfa7e0a90e37fL,0xf47e5946366d0ba0L,0x8e37db7b54c11845L,
-        0x5742d8bd50a62064L,0x27dc9a33ed6d096cL,0x2246d73016deb724L },
-      { 0x203c08da2c8f1a85L,0x210cda3a56fea379L,0xea6b1bbf2bf9ed67L,
-        0xe5a1e5552395cc4bL,0x458a7e19de2d6b2fL,0xa7199a86734942a3L } },
-    /* 57 << 91 */
-    { { 0x53684c23d44cad85L,0xd23613f8940779a5L,0xf485c7a3940bd34cL,
-        0x64c66a1f3f673b5eL,0xec29c76f1d6dd63cL,0xe10f56272f191435L },
-      { 0xc054f9a7325d5759L,0xe6740d3f974edaf5L,0x2723ac6103f3b640L,
-        0x0a2315a4576e0bbeL,0xf8156e1e4a3ec903L,0xa307bc249bbc8c52L } },
-    /* 58 << 91 */
-    { { 0x78579ca212a1687aL,0x208b7494268a02a2L,0x61708a002c1c5243L,
-        0xca366915a760461eL,0x0e9038fe3ca1e167L,0x2cfd6fe3a58e2c57L },
-      { 0x97c16e34fe79a49cL,0x1575244ef08e4037L,0xc1407fa08e2283edL,
-        0x38ae77621b057919L,0xcec574a5e68a366dL,0xafdfdce03eff00d4L } },
-    /* 59 << 91 */
-    { { 0xdad0dca9162d80c6L,0x554141f8b888ea0fL,0x1e471b24d4036218L,
-        0xafca22cfb36102d0L,0x437c51bff280dfa8L,0xc2c8bc8b50c9c30cL },
-      { 0xe7bacc372a9fdf6dL,0xd01dc65cf0472f2dL,0xaca59cf983d7be3eL,
-        0xf7c935425d9ec484L,0xc22046c6015a08a1L,0xa71b3c64cecdf816L } },
-    /* 60 << 91 */
-    { { 0x4b7d0b277abe7856L,0xe566f4567acdb39cL,0x70c6cdf20047ae7dL,
-        0xd27f831233ed0392L,0x498f0ad0358a429dL,0xed97c4668e6ee95dL },
-      { 0x3d11cd69f3018515L,0xedd460344c1b367bL,0xd75660e3b3ac8ec6L,
-        0xc80dfc0fa541e6e1L,0x80026f005c091a6eL,0x62b86784c426f2bbL } },
-    /* 61 << 91 */
-    { { 0x417408e529ee8eb4L,0xe92f18c2917f9951L,0x1f471f0eb38b6210L,
-        0x53cb14264df240f3L,0xeaf7fc0067c29b25L,0xbbf46fd3d99cb613L },
-      { 0x05cd552eb465b50dL,0x136b8e675e136733L,0xd7d50f61ccf61776L,
-        0x90187ec5a32b01f4L,0x21548ec523ba232aL,0x6c8266c0748e558aL } },
-    /* 62 << 91 */
-    { { 0x762f413d7650470dL,0x9b4af5d018c9ad5dL,0x85fe90460ea625a0L,
-        0x4af4511b2200cadbL,0x4c16980defec2921L,0x42ae5d5d60dbe1a0L },
-      { 0x0785260bbb2ceb1bL,0xd181ea3242f1fb7bL,0xc34f02b13a47672bL,
-        0xb0bc79f770e58634L,0x6e7967098a8509aaL,0x05870e6f3c3e6d44L } },
-    /* 63 << 91 */
-    { { 0x46d4fef752f7c595L,0x5f35083a8a07819cL,0xbba477ca591233ddL,
-        0x4e66309358e307deL,0x65c3e2b9ef827537L,0xcf7b7adb09ee9adaL },
-      { 0x00a82d4b5f5e1434L,0xd6aecb8032e50afcL,0xffdce7ce6b034271L,
-        0xa95d96ae036d5058L,0x61582ae24cb7d60bL,0x6a10577474139c1bL } },
-    /* 64 << 91 */
-    { { 0x53ebbaaeb475d8f3L,0x3d6ea31cff76bedaL,0x3c15f25d340986b4L,
-        0xc5925d2e3365312aL,0xc35d3ee251641f96L,0x11eb2f75984128e4L },
-      { 0xb41a21a83d04bc99L,0xf2d286006436c3d0L,0x4ffcf4c0faf5663cL,
-        0x889d285a0a62c9dcL,0x0908665acb2d60c5L,0xe2f19c590a131be5L } },
-    /* 0 << 98 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 98 */
-    { { 0xc0de60f5091354ffL,0xd7cc38bba1bd1975L,0xf4122aa8e734e2dfL,
-        0x08f40f63ef773db6L,0x0a7e9484ce2d71c5L,0xcc79173378a3f825L },
-      { 0x0cac7a5bb47beec9L,0x1cbea0e4a3f7b5b6L,0xecf19a90d3e18145L,
-        0x0d1b062a0aadf689L,0x42299f1ff3f0acf7L,0x63a645395ac252b9L } },
-    /* 2 << 98 */
-    { { 0x44bfd1665c1d4586L,0x46434e198d1d86d6L,0xe50fcf81c3936683L,
-        0xc9b4eb068b08680fL,0xf90882c52832aab0L,0x42823cefecbf5ddaL },
-      { 0xfd4d51c744ae08f0L,0xb54a08f1bbd21c1cL,0xb72953dbfb187c34L,
-        0x166f7f26f8ed037fL,0xd2b1077a097bad45L,0x47794cdc790dd808L } },
-    /* 3 << 98 */
-    { { 0xfadb2ac4bac8b691L,0xf0c5a0361579c4d1L,0xa192474f79019224L,
-        0x8c7a64574117a323L,0xe58122dd84d970a9L,0xc475893c0bf77208L },
-      { 0x9518412f1bd45c95L,0x75bd0a72283f7a3bL,0xa9e871605fb7e6f1L,
-        0x14d3c944df67acedL,0xbceea947d0348c22L,0x5331c192d021aba4L } },
-    /* 4 << 98 */
-    { { 0xa05c751cd1d1b007L,0x016c213b0213e478L,0x9c56e26cf4c98feeL,
-        0x6084f8b9e7b3a7c7L,0xa0b042f6decc1646L,0x4a6f3c1afbf3a0bcL },
-      { 0x94524c2c51c9f909L,0xf3b3ad403a6d3748L,0x18792d6e7ce1f9f5L,
-        0x8ebc2fd7fc0c34faL,0x032a9f41780a1693L,0x34f9801e56a60019L } },
-    /* 5 << 98 */
-    { { 0x35df68ae1a504405L,0xe41d69508fc755b9L,0x420dc1cda6297243L,
-        0x3011646b913fb68fL,0xc4b630465e141a27L,0x943b3b3bbd91fe5fL },
-      { 0x3ca17d6b50c31708L,0xce88b5e74ffa8c71L,0x8b60038f4dacd2bcL,
-        0xdf654d723c13cf9bL,0xb5353e281d871b40L,0xc2d27919226663d3L } },
-    /* 6 << 98 */
-    { { 0xa028d2fa9b87715fL,0x7cdd9b4a453625bdL,0xc8afb1890be3dacfL,
-        0x40289a3a274c4e2eL,0x7f5f9f7677c6bbadL,0x577c0935bdfeaccaL },
-      { 0x5f838f0404281989L,0x8650a974ebfa410dL,0x414fab6dcd56dea6L,
-        0x6995cae292eed440L,0x3b474d27ab146e15L,0xe24262b2e9938f84L } },
-    /* 7 << 98 */
-    { { 0x649e18fba34fb18bL,0xa4883af898cc69d3L,0xff46285f3fd56e37L,
-        0x2e28ccc4557c0c04L,0x8388dee821a9b46bL,0x0fd4fb807ba3a6deL },
-      { 0x1d8e9da7c62bb315L,0xfa7bd70d06e44230L,0x2840122063320438L,
-        0xeefabd47d06c0654L,0xf4387b08d4c8c10fL,0x8f2694624ff2142cL } },
-    /* 8 << 98 */
-    { { 0xa4b957d262c36887L,0xaf15a485fc24cff8L,0x11575e80a271d9e0L,
-        0x0fff68d44b9367e5L,0xf55ba6732279779fL,0x9d72cca6d4d68f68L },
-      { 0x01474ab1590ffe4cL,0xd20f44e1074d634bL,0x63903a8336111d25L,
-        0x37342a5fab531cefL,0xd3c93fe7702ed867L,0x05d143696279f7e1L } },
-    /* 9 << 98 */
-    { { 0xcddf64873e942b27L,0x9e29835a2bc21472L,0x924c2bfb2d2195e3L,
-        0xdf4a3cd38eca6d9bL,0x7fe6acd1c5be60c3L,0xa3abee9cfc38025fL },
-      { 0x014f0d992f449934L,0x8d72657a78860127L,0x92514cb948d84cfcL,
-        0x8bd4ac503aadd70cL,0x3c96ee00136620d7L,0xa0caeeb54efc5e57L } },
-    /* 10 << 98 */
-    { { 0x7a65cdf5bd200ed6L,0x72dc1b5f0e4b1c68L,0x9c09576a6ddf540bL,
-        0x358dcd122b169da2L,0x6466f0e81639b734L,0xa1429a6ef14c6eb6L },
-      { 0x4b3d781943221168L,0xfe3d2fdaf3b74fceL,0xb22bcec2ae26014bL,
-        0xa8900e7ace7e789cL,0x9db9af67220bce88L,0x1f86d2e4fb8ee34dL } },
-    /* 11 << 98 */
-    { { 0x6f8e1c0bf8c65293L,0x66f44ea04d7a5dfbL,0x2c3cacac741fdc1fL,
-        0x72e58aae239f5f16L,0x50dbaf192f72d8c8L,0x24ee526628c97b95L },
-      { 0xdb5f7827ab3ecb17L,0x2c567337669b05c5L,0x78c97eb8ff76ccdcL,
-        0x1de1b4a3f8d2c990L,0x5b183974e6138df5L,0x61b74177aa1a1019L } },
-    /* 12 << 98 */
-    { { 0xb398290cf0db3751L,0x01170580ba42c976L,0x3e71aa2956560b89L,
-        0x80817aac50e6647bL,0x35c833ada0be42daL,0xfa3c6148f1baba4eL },
-      { 0xc57be645cd8f6253L,0x77cee46bc657ad0dL,0x830077310defd908L,
-        0x92fe9bce899cba56L,0x48450ec4bceffb5aL,0xe615148df2f5f4bfL } },
-    /* 13 << 98 */
-    { { 0xcc14267f6be1860dL,0x3de7f48b4ffedea1L,0x8252694e5b776b87L,
-        0x478c877890dd427fL,0x913e19a675a21357L,0x882f2d5ac078bd79L },
-      { 0xf442752184c565dcL,0xd772147e3ac3ed26L,0xf21abc752fa216b6L,
-        0xab1804ad305ff0dfL,0x10d89a07920c977bL,0x0a2240dc4fda6075L } },
-    /* 14 << 98 */
-    { { 0x7068e6b98653bfadL,0x16b0da9b8f4397e8L,0x77b953b4946bb9c6L,
-        0x08366ad749b036f5L,0xd219117b26a3913dL,0xbe3607949a5460d2L },
-      { 0x1a4acf6dfadd462eL,0x1f7de879c32f3550L,0x11117132669c9b2eL,
-        0x1deea7d1c87ca216L,0xa88c90c748a058d2L,0x0d8e6afff403ef36L } },
-    /* 15 << 98 */
-    { { 0x21f6c96c1ad77f33L,0xb5da9d34992e7807L,0x17fc994ba7192adfL,
-        0x59f204fcbcc3f8b2L,0x3f4a970f10bd22f5L,0x42936bfcbaa1188dL },
-      { 0x6239fea5eb985837L,0x5fde15e0b33d1158L,0xe0bbe9b800cf90b2L,
-        0xf2c6d8b16b2b68a8L,0x58c331cd0f3a2341L,0xe951c48910dab1a4L } },
-    /* 16 << 98 */
-    { { 0xdccf68bccbaf4685L,0xb333e464270a2bccL,0xe43ae199254dd3e3L,
-        0xe8526e26ddce5c84L,0x52bad815ea0b4258L,0x67c12c1b094574c4L },
-      { 0xa5362fcb861545b7L,0x3e904c35c2b2eb62L,0x0f9312b5eeffc2cdL,
-        0x5475657b14de4e5bL,0x746e67d4f0233fa5L,0xb5157d7f35471ec2L } },
-    /* 17 << 98 */
-    { { 0xcbaf92265315e83aL,0xcc6e9a972f15ff37L,0xcac446dde8c87fb1L,
-        0x5fa37a5c672d7f92L,0xe66efc07b1380425L,0x2d8ed2e32c8e59ebL },
-      { 0x8e3ab80461743725L,0xe59a87f825493349L,0xf6995fe16062fe7eL,
-        0x5d7f8a646e8de27cL,0x4a5ecbbbebe084f2L,0x99fc5ea93f863156L } },
-    /* 18 << 98 */
-    { { 0x1ddede1b495fdc2eL,0x3dfcf56b039d6339L,0x54c423806a56c492L,
-        0xe6bfd184def6446fL,0xfaa2fa123ac841beL,0x503e319a4f9330a4L },
-      { 0xd9305d4654ad427eL,0x68d23497d95dfcc8L,0x2d935aad1e9602f5L,
-        0xd7e74bf2e33174a9L,0xc8e4a0b17225e2b5L,0x5db7187cbcda5221L } },
-    /* 19 << 98 */
-    { { 0x9a0e0908b0ec0b27L,0x28894b2edd759131L,0x0107bb592b9d6f02L,
-        0x318921deeea022f7L,0xa1a00f5882c73390L,0x877833129551b381L },
-      { 0xff866039a3a9dd22L,0xa59235ffdf0fc09eL,0x530c2fe61ca647f4L,
-        0x77b1ea2860f9428bL,0xeef2a9e6bba4bbabL,0xdbdbe037204f5ea3L } },
-    /* 20 << 98 */
-    { { 0xf55edabb90b86166L,0x27f7d784075430a2L,0xf53e822b9bf17161L,
-        0x4a5b3b93afe808dcL,0x590bbbded7272f55L,0x233d63faeaea79a1L },
-      { 0xd7042beafe1eba07L,0xd2b9aea010750d7eL,0xd8d1e69031078aa5L,
-        0x9e837f187e37bc8bL,0x9558ff4f85008975L,0x93edb837421fe867L } },
-    /* 21 << 98 */
-    { { 0xf87a92375b2e5fa6L,0x88571e4452a3a605L,0xf85e9a330c8f5f55L,
-        0xf99886c599dc2c97L,0x5866329d065261daL,0x9011f13912dd434cL },
-      { 0x0cc67d535284c555L,0xf8f715274a4032caL,0x4b002683a9524bcaL,
-        0x3c3c12910f63a7baL,0xd19e173e9124eb8cL,0x3431c51c54b7d85aL } },
-    /* 22 << 98 */
-    { { 0x7103ab4ae11cc85bL,0x2064ca41789cf87eL,0x592850ead5f13a08L,
-        0x56b9ff066212e096L,0xa106455d6efa7445L,0x3e62aac92343c5efL },
-      { 0x7edbf70dcb8ddf7dL,0x27f00a4a5f2687e4L,0x7d4ce32e44a08d11L,
-        0xe97f0910890a57f1L,0x792597fb912cb027L,0x1fa7a1d2ad3492dfL } },
-    /* 23 << 98 */
-    { { 0xbf4e161c3cfad317L,0xda4e6bffa1998bc8L,0x6534ef622e890b99L,
-        0xd10a3b24d272cc42L,0x3f81b0e5f1194dabL,0x8919caefec549c5cL },
-      { 0x847ef47f68f5633dL,0x01cd59975468f4afL,0xc38bce29b6727408L,
-        0x56a1cd1ea4c84268L,0x31a493f406b81088L,0x4461ce8531b37e73L } },
-    /* 24 << 98 */
-    { { 0x3503d9371f23a0d8L,0x64c598a8c321dde0L,0x67f101ef5b52e0f0L,
-        0xb6b5b4c2f955b5faL,0xb5f03d53880e0569L,0x121c3ac1c99393efL },
-      { 0x90755bd657330666L,0x70ae5793d4d71d3dL,0x326ffd519e9ce792L,
-        0x1b772d7396ccfa14L,0x652710f4874a22deL,0x72768469db210342L } },
-    /* 25 << 98 */
-    { { 0xb2d85722b3413d7fL,0x4e41362092e55ea5L,0xad1a20c7ff7b3409L,
-        0x743b31c0c6f98cbeL,0x1b5b0b5adab3810aL,0x628d9b212cea0428L },
-      { 0xa3e24294b0335ba0L,0xa9c0e139487530a7L,0x54199640072e70eeL,
-        0x0977586e64c0d563L,0x393878451c5cce35L,0x57acd85631ce1eeeL } },
-    /* 26 << 98 */
-    { { 0x63081bcf9b8d9f3aL,0xb09fe52b6f94e3e9L,0xc232e5d1e39c092bL,
-        0xd61ddcccf5f072e4L,0xcdb3b4189a26a93cL,0x0c010c048de6f5c9L },
-      { 0xad2473a5d238e823L,0x4120ab3632029ca0L,0xd6632edb639bb8ddL,
-        0x3383f077a8b32fe4L,0x8afcbce5eacfbe80L,0xe28236212d2fff74L } },
-    /* 27 << 98 */
-    { { 0xccf2a24a0eb3829bL,0xdd8fe4421eae0751L,0xb685b073c9598d91L,
-        0x025214ce8b308785L,0x11c3fb11d6433acdL,0xe40cf39c81794024L },
-      { 0xa167651b1c0b1f54L,0x350cf3eb0bbde983L,0x69c93dd0b2a88c48L,
-        0xf13afc37bee80b26L,0x0be7d05d776345e2L,0x1ccbc8ba7645b02bL } },
-    /* 28 << 98 */
-    { { 0xaa6489df83d55b5aL,0xea092e4986bf27f7L,0x4d8943a95fa2efecL,
-        0xc9baae53720e1a8cL,0xc055444b95a4f8a3L,0x93bd01e8a7c1206bL },
-      { 0xd97765b6714a27dfL,0xd622d954193f1b16L,0x115cc35af1503b15L,
-        0x1dd5359fa9fa21f8L,0x197c32996dfed1f1L,0xdee8b7c9f77f2679L } },
-    /* 29 << 98 */
-    { { 0x2aa349975442c668L,0x4c5137130cd74444L,0x4f87be0f449300ecL,
-        0x13e07b552bae04fdL,0x6aa575d11f75acf6L,0x4502e9e9852848a9L },
-      { 0x3c246d38889666fcL,0xb6c0292b7c100867L,0x618f234aa2a280e0L,
-        0xf983c834669afe62L,0xc51a15105d900a1fL,0x7d7ce31bc952f419L } },
-    /* 30 << 98 */
-    { { 0xe3dbb7483c3388dfL,0xc26a7d042c32f139L,0xc1b48180ed938dcdL,
-        0x785b964d42e4c01cL,0x507cd16aa1f75e28L,0xfaabff8d1f323caaL },
-      { 0xc6bc47ceadd5b649L,0x997dc0ee3c0aed28L,0xcef0c89bf3666cfeL,
-        0xd8d7dfb426482ea7L,0x5f00e432d2348484L,0x09549b5a1dc66aa6L } },
-    /* 31 << 98 */
-    { { 0x702e450ef8464b1eL,0x52d20765a061c4c6L,0xe1c930b26519bfc6L,
-        0xa9c0c8c6d17ea02dL,0x52bfc60ddac62461L,0xc325568f7c5f9a55L },
-      { 0xe7413df9eb44b9d7L,0x461682265837e0d1L,0xfcb9628c15aa0c89L,
-        0x83d6d0eebb57c6a3L,0x17bb82a56829c9fbL,0x342fe91c496861e0L } },
-    /* 32 << 98 */
-    { { 0x58d6998e171c1439L,0xfd4a98f401feedecL,0x420b2a0165739fceL,
-        0x5c5db30822f7a073L,0x016c547805042f00L,0x5fc73ce2a12413d9L },
-      { 0x8ceb2d70e932aa17L,0xb4d66b670537afafL,0x2638d012339c146bL,
-        0x02fbb7b628ac0555L,0x7fcb0c8162d46e63L,0xeaa9ff4f066d088eL } },
-    /* 33 << 98 */
-    { { 0x45f53090b8b22c29L,0x155b8f8111e70d5aL,0x5ec118b25d3a7d83L,
-        0xfe4c7eb39c4ddd1aL,0x8cdfb753f226d869L,0x20bb870779fc646bL },
-      { 0x3c8c1d7a25d1308cL,0x5a976ae47116f347L,0x6af949a60faf9690L,
-        0x7e6718fc07f3472fL,0x16ec7b45267b17cbL,0x80744641cebe1bd7L } },
-    /* 34 << 98 */
-    { { 0x45eded7ab2a5c8e3L,0x4308485969a0681bL,0x89b7510d90910e8bL,
-        0x1c622d04d2066d92L,0xdc3b434bcd2f0d7cL,0x98bcb83b476ea5a3L },
-      { 0x9195431d3dbf2be5L,0xfec7efd969275ac5L,0x6a4364f556a7da4dL,
-        0xaf701bc579c177ccL,0xb77ef33e9ffc2a47L,0x2bc59331cc23c4e4L } },
-    /* 35 << 98 */
-    { { 0xedf4a85b9d43c51fL,0xc0afbcb6b59a7244L,0x3ede2f25626e0ca8L,
-        0x45836582270f674dL,0x83c47048bf06d267L,0xbb1e994f3c68314eL },
-      { 0x50d79cb4f2fe6c8fL,0x1a1d8aecdf7600f5L,0x216f5d2bef4e4857L,
-        0x41361a90bdffb9e9L,0x8040f5c173d2f9caL,0xe6665f0dd1e9be4dL } },
-    /* 36 << 98 */
-    { { 0x5405179f394fd855L,0xc9d6e24449fdfb33L,0x70ebcab4bd903393L,
-        0x0d3a3899a2c56780L,0x012c7256683d1a0aL,0xc688fc8880a48f3bL },
-      { 0x180957546f7df527L,0x9e339b4b71315d16L,0x90560c28a956bb12L,
-        0x2becea60d42eee8dL,0x82aeb9a750632653L,0xed34353edfa5cd6aL } },
-    /* 37 << 98 */
-    { { 0xb112fd7b36386e2dL,0x358e974a6a634bd7L,0x509814737faf640aL,
-        0x1036bdacef39b3aeL,0x410c6448db5aceb0L,0x914671305bbebe92L },
-      { 0x83fabd54e9e009e4L,0xb2da8eea9994d16cL,0x9d73da6356997acdL,
-        0xea9158b97ec1b844L,0x8e6a6e3129714795L,0x23e98f57131243f9L } },
-    /* 38 << 98 */
-    { { 0x7105f727552664dcL,0x97cbfb6c5c589c8cL,0x1a7b110a70fc59b3L,
-        0x46c39f2cc754c69dL,0xcda0e2c067b1f17cL,0x35fe45fab7ede210L },
-      { 0x6b3ecb7d82e78b40L,0xa90eed4fdbc07241L,0xa73797895aacd533L,
-        0x28120ba5f4fa89a2L,0x9c1fc09ee3055006L,0x71e665efc51653a4L } },
-    /* 39 << 98 */
-    { { 0xcf782247d28b5059L,0x15bef4cb1b89eb06L,0xbc182ed6bcb4afeaL,
-        0xcf5b6dfde0e32b77L,0xeb61aff9d9446052L,0x5846f171c4bfc0abL },
-      { 0x61d5ae1c6fc68422L,0xa282c56846e870afL,0xdb4859d16bca8fbdL,
-        0xd4cd416e97caf135L,0x11217fa9c3debd59L,0x27702da6370758ddL } },
-    /* 40 << 98 */
-    { { 0x8273db992d189057L,0x4d1b05fce1b5f8ccL,0x5fec7c830a7c32d1L,
-        0x28ddaf28ea9b4d45L,0xb6bb62aca2fc58beL,0xfc65b7aa4a41852dL },
-      { 0x6e7651941c9e6045L,0x3acabf28fc116257L,0xc9d5e8054b5a4ba8L,
-        0x9a072259cbdcf1ebL,0xc67cf643439fc8fcL,0x917ef6f8b4333aa8L } },
-    /* 41 << 98 */
-    { { 0xee6123cca6411227L,0x91372d080ee882bcL,0x2c30a840a638a4faL,
-        0x1867421321e83d4fL,0xc6afa4cfc3fb9925L,0x19aec276e4fdc73fL },
-      { 0x1ffec4510cf4e610L,0xac57292ede22d429L,0x62844d78e6cacbc1L,
-        0x0eafcc554d2e497cL,0x39f1acc8e780f600L,0xfcf8d914fcff8c6aL } },
-    /* 42 << 98 */
-    { { 0x0734ab43ff2152d0L,0xe52c5dee930fea54L,0x9cac7efe940bddbfL,
-        0x30d2610ddbd43391L,0x4beeb865921c124dL,0xa19fe6a4fca219fcL },
-      { 0x588395628755cc47L,0xa7f301241324f2d1L,0x4fe38ee3b1ec5aacL,
-        0x3583542eb16413ceL,0xfa92e2191733b7eeL,0xc0f30ba32b2001a4L } },
-    /* 43 << 98 */
-    { { 0x706b02c3febc7968L,0x6e45dc90c96a6b64L,0x34e5f890f95aa4c7L,
-        0x8ae64d487683b855L,0x0fbb9c4a62e03ebaL,0xb32a965ce2cab115L },
-      { 0x4a7084a8b33102b4L,0xe7fd9db3ebd1bd6aL,0x2fcb233cc7f32b61L,
-        0x365896d5f2549734L,0xa3f18bfd25c7a1c4L,0x382950ef212b8daeL } },
-    /* 44 << 98 */
-    { { 0x82154d2c91aecce4L,0x312c60705041887fL,0xecf589f3fb9fbd71L,
-        0x67660a7db524bde4L,0xe99b029d724acf23L,0xdf06e4af6d1cd891L },
-      { 0x07806cb580ee304dL,0x0c70bb9f7443a8f8L,0x01ec341408b0830aL,
-        0xfd7b63c35a81510bL,0xe90a0a39453b5f93L,0xab700f8f9bc71725L } },
-    /* 45 << 98 */
-    { { 0xee2b773e4ed17990L,0x499e83623faab7feL,0xa3925e2f71abb9efL,
-        0xfee50406ce3b4a69L,0x71a15070bc10f803L,0x5b01e4a2c7bab10aL },
-      { 0x806c590d99e51e36L,0x34adbaf6a7f88d5aL,0xd4a93ce9f6b30ac3L,
-        0x39d2cf40dc33fdfbL,0x13e676f1d5e4e7ddL,0xbaa72ab9199690fbL } },
-    /* 46 << 98 */
-    { { 0x85017690e51b47daL,0x25919b58a2b476ceL,0x6f692de103ec5d55L,
-        0xd6cf8ee5d022dcebL,0xaf3225238ba7076eL,0x917b373728c902d5L },
-      { 0xac75fddc3fdf8590L,0xe83d9bbb64fc304cL,0x13550de2971f659aL,
-        0x70bee07ee12b7bebL,0x9989d2fa0a855646L,0x8b6043aca576b3a1L } },
-    /* 47 << 98 */
-    { { 0x1bfd4f92fadf9017L,0x1e4509aa737bc67cL,0x88278c3699af1ffaL,
-        0xbc47536f4678e22bL,0x69914cdb1b07c823L,0x56fc28ab97277358L },
-      { 0x092d28efe752d2f7L,0x6a8286a691da62c5L,0x86b702778033c632L,
-        0x57ef284e7672f41fL,0x9101ed302e54007bL,0x53e94cfed25d8d19L } },
-    /* 48 << 98 */
-    { { 0x311ebba2fc37efedL,0x8a6a42d660cfd6bcL,0xb4051b3af2a4871eL,
-        0x66ce77b8c2f0ebf0L,0x84abc9480ad28477L,0xc82e5c6263d9d11aL },
-      { 0x99ffc70c007dcf93L,0x5e974edfd964c822L,0x0fee3572513085e3L,
-        0xbe67a88046ce8444L,0x136ceeb806d17129L,0x0da512ae662d86fdL } },
-    /* 49 << 98 */
-    { { 0xeae827d989e687ddL,0xb025f0723bdbdd9dL,0xfbddcecec3a575aaL,
-        0x3fab33c1f80d12cbL,0xd0232142b32f0381L,0xf00e74bd3b6c3132L },
-      { 0xb7c1311e0e44deffL,0xf3d790ae29b04d6bL,0x3d3744b846f72957L,
-        0xc0890fb6ab2f13e6L,0xa669a34324461f0cL,0x35c9677ddd72fcb7L } },
-    /* 50 << 98 */
-    { { 0xc257ed518060a28fL,0x3a9d7e1cc72fafebL,0xa304a5e8332f435aL,
-        0x96969bc234ccf343L,0x2aae4d8e7702ba84L,0x37f15631f203a7eaL },
-      { 0xc0000f24c9666405L,0xa98eb834a537fb89L,0x8c0564cf7e36dd1aL,
-        0xb5ca507b4e89615cL,0x9bfa209a9d80ef92L,0xe2ec1879a83f02e8L } },
-    /* 51 << 98 */
-    { { 0x73b4573c11dfdea9L,0xe5f208ee5c8cc81fL,0x5c240d3c769adf12L,
-        0xbd3f8f33550c53acL,0x98171d16bb4f43acL,0xaf19d5fe84db9e13L },
-      { 0xc589be0d2e53345eL,0x3184b540f114f6f3L,0xa35ed77e4946090fL,
-        0x427b860afd3108fcL,0x7d0848c3867df76bL,0x353539e2a32ec485L } },
-    /* 52 << 98 */
-    { { 0x9401aec2b9f00793L,0x064ec4f4b997f0bfL,0xdc0cc1fd849240c8L,
-        0x39a75f37b6e92d72L,0xaa43ca5d0224a4abL,0x9c4d632554614c47L },
-      { 0x1767366fc6709da3L,0xa6b482d123479232L,0x54dc6ddc84d63e85L,
-        0x0accb5adc99d3b9eL,0x211716bbe8aa3abfL,0xd0fe25ad69ec6406L } },
-    /* 53 << 98 */
-    { { 0xee174af2df740edcL,0x1bd8382c09233f0aL,0x34a7450e7d343006L,
-        0x92259ddd3d463e61L,0xcd0bfe6fedbc3af2L,0x39627c4cfc8770f4L },
-      { 0x7b7c688ddbabdf2bL,0xf459f0e64bef3558L,0xfa0e87becc88f7c8L,
-        0x67beabac5fcc80feL,0xbdae52bfadeba16fL,0x4751724c5af5c9bbL } },
-    /* 54 << 98 */
-    { { 0x5627e0d016332364L,0x33839376fc57f01bL,0xe7fc2c489528e434L,
-        0xa0ee39acb52b3757L,0xe49e383ee42e4832L,0xabfefdbb31359afbL },
-      { 0x5dedb6f3b99ee196L,0x38abe58bc16aac17L,0xa300a1333ec06a07L,
-        0x00e68eadc90d4659L,0x60412e8a8000a773L,0x6099b6a6a5830c94L } },
-    /* 55 << 98 */
-    { { 0x85364bd10d340c80L,0x14b89462be64bc9fL,0x16429134b542faa0L,
-        0x0d4cf3ce73683e2bL,0xf9a3e443cb73ab7bL,0xa4c2d0afbb156b0dL },
-      { 0x826123921bc77675L,0xaf2aad4a5f26c238L,0x6f6f5d9aef4656bdL,
-        0x0e20425f90901f3eL,0x0e30bfef9943a673L,0x6cefc62847415a28L } },
-    /* 56 << 98 */
-    { { 0xe7acaa8457e0105dL,0x3c06d3bd3851fd57L,0x23cf3c612a9c631bL,
-        0x13888aaa33863bf8L,0xf2396355717783eeL,0xf21e1a4836b300e1L },
-      { 0xa734cb3b9d27b4cbL,0x0a7effed796e34b6L,0xfc5864773615cc7aL,
-        0x1f98ed7788844a21L,0xd6e289407ad4c7bdL,0xa00d64ebe9331c7eL } },
-    /* 57 << 98 */
-    { { 0xcc6ce7dee1c1e159L,0x77982e4f03df6b56L,0xbd8307d1b82b5ebfL,
-        0x43e25358ed881b82L,0xddba4f418e0eb034L,0xbe326c36f919800cL },
-      { 0x97d03da7af52dfaeL,0x153bb17af4bf81c5L,0x29bbb9bed7ff322cL,
-        0x7a7bd8c7232cca47L,0x7474c199c2830f03L,0x9f464a06f0065fc4L } },
-    /* 58 << 98 */
-    { { 0xca505cb553b876bfL,0x6fc27f553662cb5fL,0x891cbef432cb1636L,
-        0x339743f16e27e2d9L,0xde76538f21dc4837L,0x9cea05020efe241cL },
-      { 0x97b8deb65888d9acL,0x4d3c28cba4b6cc56L,0x88ca828f840910b3L,
-        0x2e5727cfbfde6793L,0x05a4138302bbae6cL,0x2e72fd653fa8e23bL } },
-    /* 59 << 98 */
-    { { 0x5b88c5ae6d17fe02L,0xc9b14810d6dbe104L,0x170b8659873be863L,
-        0xdc5946a6ae9111b4L,0x4cfa5f022819a4cdL,0x7653d06ae213bb7dL },
-      { 0x324c41baabd7ee74L,0x4219968cdd1608f1L,0xa5e104704adc1561L,
-        0x964a53ea5e16d818L,0x00ebd1d4980f4bd2L,0x23cbb80d3518144dL } },
-    /* 60 << 98 */
-    { { 0x0d5c1769df85c705L,0x7086c93da409dcd1L,0x9710839d0e8d75d8L,
-        0x17b7db75ebdd4177L,0xaf69eb58f649a809L,0x6ef19ea28a84e220L },
-      { 0x36eb5c6665c278b2L,0xd2a1512881ea9d65L,0x4fcba840769300adL,
-        0xc2052ccdc8e536e5L,0x9caee014ac263b8fL,0x56f7ed7af9239663L } },
-    /* 61 << 98 */
-    { { 0xe6ece4b5dae76820L,0xd428354e95feec03L,0x43517722f8871f7bL,
-        0x313fde11e84d0b7cL,0x7f02824b1cae0a45L,0xf9f560c1d6646bc4L },
-      { 0x124d88bc903a0608L,0x950e8320370c7ff2L,0x29e6da714090a72dL,
-        0xbc5a108c54547d89L,0x809330cd3e484deaL,0x1b04a8088bb00f0cL } },
-    /* 62 << 98 */
-    { { 0x2425c59c03e0a528L,0x49de96f425c2be3aL,0x30b52686fff4b610L,
-        0x2ce573b0f2e5f7b1L,0x4ec05f07b606f0e6L,0xf2040886366ecbf4L },
-      { 0xc7fd993460d404d3L,0x8a064992fc12227dL,0x9c6d64ec215492b1L,
-        0x2793bd0903463ec1L,0x49523ebab7376e80L,0xb138dfbd35b14fd6L } },
-    /* 63 << 98 */
-    { { 0x5ed097b0df7363adL,0x21319edba5696d91L,0x17c46519c5d5313dL,
-        0x341d46576c6cccedL,0x60d80713692bc704L,0x9477b6e907fb8e13L },
-      { 0x2965720b532e0c6dL,0x2767b4ee87831d79L,0x3e2e67abd4b5ef14L,
-        0x45ee89b5d2598521L,0xfc8f1e3ee6441648L,0x75c4db57567ed090L } },
-    /* 64 << 98 */
-    { { 0x17e3d0b8713b8541L,0xf372b048c6b5e839L,0xf8ef0261d0bb1848L,
-        0x9b804ceec71a3bbeL,0x00b7d171542a88aeL,0xf2b8ed10e9097b9eL },
-      { 0xdbad9f122c0a009aL,0x245fc1e9205fb1bfL,0xa8a4834fb83debf5L,
-        0xc3ee226d637e449bL,0xe3070d93cab82664L,0x24b8094db37320e8L } },
-    /* 0 << 105 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 105 */
-    { { 0xb506b7b925059699L,0x349fd83f01ab02e5L,0x64b729ad3789281eL,
-        0x69ae8f81f9af4561L,0x007befe156f91860L,0xb578c566edc250fbL },
-      { 0x1c16d75a67ae4801L,0x04c35a7ea1d3f592L,0x5dc97da936881f89L,
-        0xaddb603103a5b1eaL,0x7eb515b13e153a0fL,0xdc3a92192b4a1ee2L } },
-    /* 2 << 105 */
-    { { 0xe7365f9e512cc92aL,0x9efdcf8b5172a654L,0xbfb389ac8e611fc3L,
-        0xce778fd5699c227dL,0xdc1f47b63ff2ef17L,0x2ae0f68302672ed4L },
-      { 0x51c63806a8e879cbL,0xd3dfecf03909f526L,0x375b3d13e00e12a2L,
-        0x91f9f750bf8df325L,0xf1ea0e421df5f21aL,0xaed73e7f32c60584L } },
-    /* 3 << 105 */
-    { { 0x03b07fb5e0728e6dL,0x9e0469201012234eL,0x272e644935637644L,
-        0x2b6ad1c2a55bcadfL,0x86c527765c71c6afL,0xa25bd60bc1678806L },
-      { 0x0cae829476bb32f8L,0x389ce4e633e03cb2L,0x504df8337513dfb6L,
-        0x4260ee8e1b351ddaL,0xa473c5d9dbaf7cd0L,0x22cb7cb471e390fdL } },
-    /* 4 << 105 */
-    { { 0x1d9aa9fa26caebd8L,0x6b64686926b7a673L,0x7ebed6a17f167b47L,
-        0x324c13f85bd9153dL,0xe9ea5b734c682ba6L,0x2961da7d7e3ff6e2L },
-      { 0x1ed2b05001a83dadL,0xb232951dc4a2f60aL,0xafcea5d3d68b8ec6L,
-        0x21dc058d1c6ce0d2L,0x0043de75e719410cL,0x4edd792ce15cf534L } },
-    /* 5 << 105 */
-    { { 0x0f45245f3babe09eL,0x0959326fa9f2fac5L,0x7629e7fb5cc136e5L,
-        0x208bd5a6e48b7eb0L,0x637891d6b75a85cbL,0xf0ad9d8d9f27b57eL },
-      { 0x437b6944e0454b05L,0x022c51d702ed3592L,0x0f79e2bd0dc0a769L,
-        0x54ace1fdd9b81f9bL,0x38611d66f95ea8dcL,0x52443ca8f0e6147bL } },
-    /* 6 << 105 */
-    { { 0x857d68558bc272d0L,0x4583eeeeb5be2485L,0xb83586dafe0152ecL,
-        0x8b0eb223e830294aL,0x757582b6a5b0e880L,0x5140c0169cca7fffL },
-      { 0x07a00782e9228f12L,0xb96e2b5dd4973080L,0x3cceb9a6e88efbe6L,
-        0x9955b63073fcdd25L,0x04f26ab02805d470L,0x90b38299424da086L } },
-    /* 7 << 105 */
-    { { 0x73f1ae48f4f6c5b4L,0xee5af13d4a477f01L,0x274614a2ddb93d52L,
-        0x90b0c563c320aaf5L,0xee2303c8ef990b0bL,0x00d028e73061f140L },
-      { 0xff705011cb3d8eafL,0xae1d990862594f4cL,0x22a27cecdafea438L,
-        0xa78e12d5c5962ea9L,0x5bbe9d878e65f9cfL,0xa222580cf47cefa6L } },
-    /* 8 << 105 */
-    { { 0xf7aaa732959abb9eL,0x1222ad0a2ebf80b9L,0xa1a417372e0c286eL,
-        0x3b6685025da3472dL,0xbc0d116b7576f2a2L,0xfdbcad95a36a27d4L },
-      { 0xcdb3f4749d54f7eeL,0xe2e0f5f98a5643a3L,0xc70d11b969d4f171L,
-        0xdf96d1366cca4ef7L,0x570693db2fc6afdfL,0x5059e67b567504daL } },
-    /* 9 << 105 */
-    { { 0x2c8107d47fe632a2L,0xfc46c745ede7bff8L,0x2d3b12864650025bL,
-        0x815ef3cbe74cd65fL,0x5431b01ba256f01cL,0xe832ff1139915cfaL },
-      { 0x2c106de607d7af84L,0x67303b786d4753e7L,0x5f886ffa6d75c8deL,
-        0x932a6c20967131cfL,0x5bc94a9170aebbb0L,0xa85b3044fd56e06dL } },
-    /* 10 << 105 */
-    { { 0xc904558ae7eba799L,0x46b6031bb2fa7331L,0x6620e2b50653675cL,
-        0xd1373a357d2218f7L,0x0f4b3ca3af55a5e7L,0x50774160714e70c2L },
-      { 0xacc63d1469188455L,0x89a795fe043b8b30L,0xac2fd66ce1e4b9cfL,
-        0xac7927021bf67f26L,0xb9513f0d1143d437L,0x02198050811f2931L } },
-    /* 11 << 105 */
-    { { 0x6d4acdba7b480776L,0x8b518cd466dffeb5L,0x8826c99451918859L,
-        0xd2b6a7a038fad835L,0xd315417a6929a870L,0x05d85252c5a769e1L },
-      { 0x2fa06335ec0d091eL,0xb0cc337287768c88L,0xacbda5ba58a2eb9dL,
-        0x2a404fc976b7b057L,0x073abb71838c6135L,0xbdf89b135cfc4f3cL } },
-    /* 12 << 105 */
-    { { 0xd00eb9c53508675fL,0x92ec76a4a117dc95L,0xf58d6f85334ca15cL,
-        0xeeb522169cee0544L,0x3eb9847ff21457c2L,0x547908bc5524c60dL },
-      { 0xb5b49d225198709bL,0x718abce6324abc67L,0xdab8ff2f4abd54baL,
-        0x98be59e67184d444L,0x45b74b54babeb4b0L,0xd8d8bb30ff71a5acL } },
-    /* 13 << 105 */
-    { { 0x8aedf7e28ec13e6fL,0x8b952620d950792dL,0x36e9dac204918f59L,
-        0x5e49a5a2d3dd47edL,0xb17455bee863c2bdL,0x8caac6a9326a0d66L },
-      { 0xb6c3f5e427bb72e1L,0x17566c9dee5fe09bL,0xfd6bbcc25e3db64dL,
-        0xd437d07a3189319cL,0xad00dfc4cd3166a5L,0xab75927b0bd63003L } },
-    /* 14 << 105 */
-    { { 0xa7672a39afc43be8L,0xefc49015c72f97aaL,0x81c63c050e48f2edL,
-        0x62f39f32833a22ccL,0xf7a3480172c0c0c4L,0x4711cd41a4158538L },
-      { 0xa3c99a4d1d15f2f3L,0x4b82c1c17bee1b47L,0xc7d60b489d199f10L,
-        0xd1d1f03d5f16fa95L,0x96c780c932fbeaf2L,0x0662e250376ff106L } },
-    /* 15 << 105 */
-    { { 0x728e334678571c8fL,0xd0a886b56cb339d3L,0xf4ea33380a5671baL,
-        0x43823401a64850a4L,0xa7729cd533117b9dL,0x4dd457602b78cffbL },
-      { 0xbe0571115a67d812L,0x7ec6cf925105a3fcL,0x5dbcb4bc0ccafeecL,
-        0xa7587f15803092f8L,0x67ee61d5a884efadL,0xd4ced554ca47d9caL } },
-    /* 16 << 105 */
-    { { 0x02c6b6083b03dcbcL,0x2b20149e3b9d868aL,0xaf5ab01d4f57eb0cL,
-        0x59935b94d750e515L,0x32721b408f89ad68L,0x673bd755a7e3ceffL },
-      { 0xbd462fd8ef3b3393L,0x991422640e59a120L,0x4162da619263fa61L,
-        0x2ed1f2deb6488eb3L,0xb0bd37a8725680c4L,0x17218bf029ec27b0L } },
-    /* 17 << 105 */
-    { { 0x444071ff84ff1ebcL,0x4b4171e87f789cbdL,0x4a832cca2db4e8daL,
-        0xe229ffb6dc209c05L,0x9efbfd7eb5f0b3f4L,0x65e07fe774fbbe6bL },
-      { 0x2892c8ac627b9d41L,0x01a20eb94297e7a9L,0x2f54e88646f29860L,
-        0xc425accc188798ecL,0x6137251c85c80580L,0x6cc0f9c4f386581eL } },
-    /* 18 << 105 */
-    { { 0xf677bdd11cb61a7bL,0xfca1faf8932d6113L,0x1d5bbf97a531bbe2L,
-        0x3d5e4860c849fc47L,0x388943cd95fe4da2L,0xffb7d5e073add43fL },
-      { 0xc3166ae828fcc058L,0x89dc7faae0d6f6e4L,0xe6daf1a6f527ca01L,
-        0x500a703a56ef1d8dL,0x3573d0a3fc914df4L,0xd780e745ef8dc2a4L } },
-    /* 19 << 105 */
-    { { 0x90a8f3380500afbcL,0x8c303270838ccf6fL,0x82cbdc98458254c6L,
-        0xc2f24d03b367ddbcL,0x5d3daa0d6c882354L,0x824d313d376599d0L },
-      { 0x6e5075df7b9dd1b6L,0x6871a3d4d69c9828L,0x8b3762f59cffa148L,
-        0xf2184f67eef8c656L,0x437630c296a1537eL,0x92a0667c4cbf8249L } },
-    /* 20 << 105 */
-    { { 0x6e929912ef619478L,0xe7ddaf255ffc5939L,0xb71133cf96dbbca5L,
-        0xee8bd53f17da5104L,0x7601ce6adc49be68L,0xa1ca3b3cc63f2a87L },
-      { 0xebf388c2a0de1668L,0xa0f6c38dd0ec6bd7L,0xc8e0875ddac451ddL,
-        0x179fbbe5a5afce85L,0x0727095673bfb06bL,0x992afcd047622925L } },
-    /* 21 << 105 */
-    { { 0xe3b0122624f262c3L,0xaa7a0925dae30b22L,0x36104c95a96a18f9L,
-        0xdc6090f5539b6740L,0xd70270ba11040a88L,0x53997b57ea3342feL },
-      { 0xaaf1d47d63393e4fL,0x9db8aa3fe8a99625L,0xed571a32c3926e1cL,
-        0xd6e898526e565346L,0xb3984bbd873b2589L,0xaeb7bf3f3f5f68e1L } },
-    /* 22 << 105 */
-    { { 0x75a4a19a79ded4a8L,0x1368e269f688177dL,0xa24d67118581e23aL,
-        0xae63d5a6746b3830L,0x0c68d3e314017304L,0x521a5e7de4d45dc9L },
-      { 0x69d9adfaf77ca616L,0x1f8d37f4bfda67f3L,0xa2833ba1027e771dL,
-        0xae49b00367141a63L,0x04e6f282ed6f1968L,0x65d7d88f060f9157L } },
-    /* 23 << 105 */
-    { { 0x5dc3137b512e4026L,0x43e189595d6ac980L,0xdb7dfef39eac06a4L,
-        0xa8f3e2aea09b0650L,0x80a8594c575e047aL,0x9eba41bcf0c58bf3L },
-      { 0xdc04cc7679812341L,0x716050eaeed1be66L,0xe559782099b77be8L,
-        0xe543aef055183ad5L,0xbbddfb814c08a959L,0x6e54d86eb5368e8bL } },
-    /* 24 << 105 */
-    { { 0x170f8a74e7aba263L,0x6b4e1d7b986b151aL,0x5f65bd224b08921aL,
-        0x1017ae3de6caca3aL,0x613f36b626cb9d5bL,0x8a1e2f2ded19d99bL },
-      { 0x52c915a5c3c519c2L,0x3c9a33305902fa08L,0x2cd7f7c206a51a12L,
-        0xfed60db66e0197ceL,0x4e5b2bb7d971b04cL,0xebebeebf2f45ab13L } },
-    /* 25 << 105 */
-    { { 0x43b10a0673220e06L,0xdf93af67777cf022L,0x830195efbeea9ed4L,
-        0x0a36b71812353c9bL,0x520e2e8d1ec8c488L,0xdc985ffaadac5e16L },
-      { 0x0ebac566f3f58ed7L,0xc7747562a2cd13a2L,0x6a5b4cbce3901864L,
-        0x66634acaa374b634L,0x45e000877f4680dcL,0xb783d01f9fdbe92aL } },
-    /* 26 << 105 */
-    { { 0xcf6d51be36e1c05bL,0xf59b6665e1da0ad8L,0xaa8bfb9d727a701bL,
-        0xb1680942e26e268bL,0x09d41407e518661bL,0x8b0dfbfb3757a993L },
-      { 0x34ecb09f6cb33380L,0xfcd77efede342bf6L,0x9f8fa6c6e476c5eaL,
-        0xde30410fb6257416L,0x416ea101bbd47b91L,0x86ebd19e4aeede80L } },
-    /* 27 << 105 */
-    { { 0xfe7562e00818226bL,0x922d8fe662b46275L,0x6216698b491adc2eL,
-        0x5bdf7a59f6a38f2eL,0xc0640bf937710dfcL,0x06ad30a9df687f48L },
-      { 0xc561dc7d3eb66e6dL,0x7444ac83d08616c3L,0xebfcccee84984618L,
-        0x35a03bafbb15eb51L,0x7c907f9fc17a5de2L,0x2e48ddb5814634dfL } },
-    /* 28 << 105 */
-    { { 0xe466d7a7ea51a37aL,0x5203e990cdf97186L,0xf700953096c84ba0L,
-        0x4e32fbe65f89d1adL,0xe530349aa9be221eL,0x0f7f9c2e50b31508L },
-      { 0xa6796f5c3af5a574L,0xe220f6daa2a2df89L,0x99ec4811d8b65510L,
-        0x4dfdac69ed373b27L,0x663f46b1bb55114cL,0x44236350d167e032L } },
-    /* 29 << 105 */
-    { { 0x1382e90ba65f6a57L,0x3557ab88e5c903e1L,0xcc0cc77f032067beL,
-        0xdd8da09f67797328L,0xeb2979d45114c09bL,0xaaca95bcc4eb598eL },
-      { 0x651a7ce5a2b776fbL,0xc20fe9315312ffc1L,0x842957357dcf479fL,
-        0x022ba6e2ee5cc0a7L,0x6d27e37185b0ba5cL,0xe6f212bdbcd5f2c1L } },
-    /* 30 << 105 */
-    { { 0xb0c2ce87a9088f95L,0x47ec07e0acb11d2fL,0xfe84fba0d30ad231L,
-        0xaa98e35f18a08eb1L,0x36adc3f2f6a27510L,0x622d202751fac4fcL },
-      { 0x4be765cabb9b6ffcL,0x934193571cbfcbeaL,0x83542d9cbef14402L,
-        0xf27504954612b4b4L,0x91aff597bb988ba6L,0x229031e51d61f6f9L } },
-    /* 31 << 105 */
-    { { 0x6b04a446ea29e65cL,0x9b6247a696c48a99L,0x95aa162f60c83930L,
-        0xe387f544e30821eaL,0xbe1cdab306c51b7eL,0x40175d151fc7b8f8L },
-      { 0x89df5ff36384d331L,0x02eb9aa4fe1aaf5eL,0xf24155f789675704L,
-        0xbd2e8cdd87f72f4cL,0x2856b3c46de30f01L,0x2356f0a3ecf8af25L } },
-    /* 32 << 105 */
-    { { 0xfb09e7564bd044efL,0xdbc9fcdfbb964fb3L,0x451c5b01cdb1f4f5L,
-        0xb02f9068f1dd1cf0L,0xd4765e7c0c687e41L,0x89b64981d1967bd3L },
-      { 0x06a0e4ecf0439d65L,0x564c387da5abbcecL,0xc1e9d01ac651d806L,
-        0x5e6ebd830618a96cL,0x9ce1aacec54ad8ceL,0xe5248a089953f90fL } },
-    /* 33 << 105 */
-    { { 0xd65f3b909b6ab239L,0xbc259a6d9ea8bf80L,0xc10d5c235944f964L,
-        0xbd6b3f6f61eeac6fL,0xc4ef2d8383e92858L,0xb80d5ab0a3736bfeL },
-      { 0x27bebd1176695c40L,0x4de92348ea4f5720L,0xd70d93e6070b892aL,
-        0xfce03d0be626d5abL,0x2525e8ea81014bedL,0x6fa3df16a70e2799L } },
-    /* 34 << 105 */
-    { { 0x42b8350a7bbc41caL,0xd7861ad49af59bc9L,0x2453d07c5644d328L,
-        0x2b92643ad7c8ec43L,0x7c14d3c7cd5f1fd2L,0xcee050463d373c7fL },
-      { 0x17ff60bd0ab2b35bL,0x473925e0dbb7f655L,0xdbaa015aff3ee023L,
-        0xbc1ff6d6087ecfbfL,0xc44e1c8c5fc66ca2L,0xc60a193850d6b257L } },
-    /* 35 << 105 */
-    { { 0x5ff44f3ed8f0983cL,0x9de50da0bb82cc15L,0x504f82ec94757c44L,
-        0x72a4fc9dc8a07028L,0xd4d6e4cec3d5e64cL,0xc6148fe780008568L },
-      { 0x71ba3fc525ef66d6L,0x969cc8694f6589f6L,0x5016c8c2d934ab25L,
-        0xa78382f6959e8881L,0x28bcb8bea20eee18L,0x055ba80b37edd7c8L } },
-    /* 36 << 105 */
-    { { 0xbe389fef9c98ca3cL,0xdc3ab23b910370e5L,0x866cb37d5e8eb20dL,
-        0x2f951ca9c1e32fc8L,0x54ef6ab15fe24e6cL,0x6038b5efcfcb8cfbL },
-      { 0x362e076b6eec196dL,0x47bb3aefd398b505L,0x9f3128eb343711ccL,
-        0x8dda2fa8d28e3269L,0x908c52c7eda48846L,0x65fb3a05d53b0917L } },
-    /* 37 << 105 */
-    { { 0xeae35c02ed711239L,0x16ab943fa97db2d7L,0x9770bb578f3b0599L,
-        0xa88ffb95956d04f3L,0x3b937af5f4dcf6ffL,0x311ef2cc0bc41f56L },
-      { 0x00e9214a2860ea2aL,0x2a64b18a7bd12d8fL,0x20a5b9da6a2b9dbcL,
-        0x5c16a412fe1b8edaL,0x6fc306af7b9db98bL,0x964c35de25dc9363L } },
-    /* 38 << 105 */
-    { { 0x81f4739e6df16589L,0x2ea2fff11f8b8ac4L,0x3baff03d33e02c36L,
-        0x7f07526874d77660L,0xa442d7fa758eed7dL,0x584cbe9866625864L },
-      { 0xeed35d579d167ff6L,0x56627c2e3c7bf84fL,0x908df5aedd011153L,
-        0x2694e54d242fc055L,0x25beed9a2f2d60c3L,0x29d3f22fe2ee5293L } },
-    /* 39 << 105 */
-    { { 0x14940dbc178f9859L,0x6e6e35b7329ec4a2L,0xd1f198096707db4aL,
-        0x6eb310b79fe4233aL,0x8f92556eb41e1d8cL,0x2ab28e231d7ce522L },
-      { 0xc5d0f5dfdd5c4d68L,0x3f5146d825101083L,0x3a04aa53de9ee4cfL,
-        0xcf36f1e3d9357f64L,0x05a1896444889f68L,0x1096c87aa96a4137L } },
-    /* 40 << 105 */
-    { { 0xfa4b6697a8352657L,0xf5696452cad6ec30L,0x10aaba60986c84ffL,
-        0x49bdfff4dae014e1L,0xe2a810bd0abc0e46L,0x1dc5b81462d1dd5fL },
-      { 0x15d2f2c723bb4561L,0x5ac7b6421818e30cL,0x40c6b6f94c545f5bL,
-        0x5875b6b2f99241e8L,0xfa3e88a9d6708293L,0x1c936920ad6d9344L } },
-    /* 41 << 105 */
-    { { 0x6516f6210e18ec42L,0xb967eb43df8c26bdL,0x624ee27e69addc2aL,
-        0x34019d6339063252L,0xb317fdd3dcd99d7aL,0xc3d566825d314caaL },
-      { 0x04992df3367506b8L,0x13e4ab2e547262b7L,0x35f130352e287d3eL,
-        0x92e0a276211304d9L,0x94e7129417133d22L,0xb35302275fd71a28L } },
-    /* 42 << 105 */
-    { { 0xe1d9273c9ae60111L,0xe86aeac3d01243ecL,0xc7257b27fa5989f5L,
-        0x57737dc89807d3ccL,0xe1ef78526937551aL,0x74ab9edb15dd2d58L },
-      { 0xbc47b23cc59962fbL,0x376ff30fd3bba76dL,0xaf0035872788ab98L,
-        0x1e475c68619b472cL,0xd79984c89c6a9835L,0x5ceafba510219a94L } },
-    /* 43 << 105 */
-    { { 0xc25ae81155d238d9L,0xf2a21fce4ba4456fL,0x4ebe44d0bd1a440cL,
-        0xe821687f83d958beL,0xb4ce63423ba09f9dL,0xf271435d139048bcL },
-      { 0x2a3db37c99c6412eL,0x50cba09ccb36dbd0L,0x9e5231aef6e65cf8L,
-        0x48e9105d90118a6bL,0x2d58d372368144cbL,0x48702d59928575baL } },
-    /* 44 << 105 */
-    { { 0xc71ce040d1c9204cL,0x8ad09d7373f7686eL,0xbcc6d88dc6fcf31dL,
-        0x22a0b71aaf428ad3L,0x7767944847721255L,0x2b720c7e316b808fL },
-      { 0x3128a7cc5ed45b8bL,0x9744c6c0f79fa1c7L,0x738e94efd22728d7L,
-        0x8a652496fff8f874L,0x0e4a5ade566c9751L,0xfcde62db64e3199bL } },
-    /* 45 << 105 */
-    { { 0xb068ec91aa63f5fcL,0x547e7e471a29ddfbL,0xe3e5de42b17b8e5dL,
-        0xb5c84f27264d1361L,0xa68d10a426432715L,0x4f31e81c23e48e1dL },
-      { 0xe32bea6116dbe185L,0xfaeab7256d1d34feL,0x0ee437cef3a8ca7bL,
-        0x2b8657a2f458446bL,0x8779a3d4c52e3dcaL,0x243d7d0e71654165L } },
-    /* 46 << 105 */
-    { { 0xc4a346b2de23afe2L,0xf8e00f790fac7ba4L,0x22393604ab76b7d8L,
-        0x109233d7a06efba8L,0x5bf89334c7bf56a4L,0x27ed4a28135d4cabL },
-      { 0x07851ad2e32ca02fL,0x41b7ffa630c97f29L,0x383b3716e4457ccdL,
-        0x6ce8645b0b43a50fL,0x73c82018fc5b907bL,0x79a1467381bbcf0dL } },
-    /* 47 << 105 */
-    { { 0xcf5331d35e092e41L,0x7e0b9fdeb43e3c15L,0x842a971182841f82L,
-        0x2d837c810cb9d1ecL,0x6aff6d6873095ddeL,0x2a7f6f40c9478ef3L },
-      { 0xb6e8ac80a9976e39L,0x3853fa5474e40024L,0x664b159a6d87c1d9L,
-        0xaaedf4b4b20b5d11L,0x8a1ac277c5819de1L,0xf10276dc6450b97eL } },
-    /* 48 << 105 */
-    { { 0xa8d7901c7c16c09bL,0x628ff3be42e1948bL,0xb905d7c504e4bce1L,
-        0xdfbf9c4e5ab0696fL,0x0f4e6e2ab6db9cd5L,0x4857e570482e40feL },
-      { 0x5ccd9b421c3beed4L,0x171b085fae51a947L,0xcebe0dbe59065754L,
-        0x4d052d3a461c1620L,0x396bac422fe541a7L,0x8e714cdb70bf32d8L } },
-    /* 49 << 105 */
-    { { 0xed82f15e6ca1cdcbL,0xc5ae5cde51b9a9cbL,0x3b2f78cec70c475eL,
-        0x0f22d10b4243c675L,0x1db96885facac4c6L,0x2fb7884817df2f2cL },
-      { 0x25fb9f4e990f3104L,0x1416733ecefa14f7L,0x3a33828384a5dc24L,
-        0x6d75d3d02564288cL,0xf7bea8b69b93e62aL,0xa5ea8695349f1740L } },
-    /* 50 << 105 */
-    { { 0x38feea7115e711b8L,0x129aea564accd3eaL,0xc53e54c412b23539L,
-        0xb15bf11a2b280c59L,0x5ea76f5782d44df5L,0xea79f833d4ac1af8L },
-      { 0xe547deba08330c6dL,0xbaa89422663ef402L,0x17263762d215a5f5L,
-        0xb9509a19c02b5f9eL,0x9bb99fcb025caaccL,0x43f4494b25f24089L } },
-    /* 51 << 105 */
-    { { 0xe55e592c98563c70L,0x4e62ace5d013c82aL,0xb6025ac16fcf7380L,
-        0xac4a8157cfdff8b9L,0x1fa181344497acf6L,0xdcdf05c0ef09d3e9L },
-      { 0x7a65490d83d8e716L,0x2aee0b35e98c46feL,0xe62381dc7d6d4035L,
-        0xc7162b78203975c0L,0x1079d8b6aad2c021L,0xe3e1cb4370c98838L } },
-    /* 52 << 105 */
-    { { 0x3ca01799f04dd97aL,0xd6d1d41d3f9e03f3L,0xac2713eda55fa375L,
-        0x2bd440556a89a5e5L,0x8582d98458f5c269L,0x7f9b3527fb31fc27L },
-      { 0x23f91951d810580dL,0x99303919360a3debL,0xfaf10326b5e1eea8L,
-        0xf96feb4838ba5ac8L,0x1508b1002a639622L,0x0766a1019dc93c78L } },
-    /* 53 << 105 */
-    { { 0x0c79d40679a0290cL,0xc09bca0c57eb7a00L,0xf7274ffc163c1dcdL,
-        0xd64ec461bb2c83c4L,0xff3b83efe9ee350bL,0xa490157d01882c72L },
-      { 0x626e1f3d3312310bL,0xd2097e03cdd5d62cL,0x705c3fcadbf659c5L,
-        0x2dc1d7cc810fa413L,0x6313192ad67d58a8L,0x6e1e5bc3597f63a6L } },
-    /* 54 << 105 */
-    { { 0x6100535ea0d42639L,0xb126e939d921369dL,0x2d4c826e4999e42cL,
-        0x159063c6f62f77e7L,0x063c42914e632555L,0x8d3ee387b35d8220L },
-      { 0xbd951cff9b2bac3eL,0xd9b943f1bc248755L,0xeee7017ad3a6074cL,
-        0xbcb9e0e6b0872a21L,0x26d80e0949dff656L,0x2ad7d4e335fbf620L } },
-    /* 55 << 105 */
-    { { 0x6ce5840df7f9503fL,0xb96f82996abf4f6bL,0xf71f33853ab55fcdL,
-        0xe347e891e83a8109L,0x12c5dcdeeb48f0faL,0xb0f02553cd7183a9L },
-      { 0xa7d74862c414f01fL,0xbea40c5cae369360L,0xbe9785e5022d5192L,
-        0x1a3224a50d318251L,0x4d7200093fcbceebL,0x1fd71167c2976f6dL } },
-    /* 56 << 105 */
-    { { 0x03c88a8566d2ee47L,0xee8e5c34455ee428L,0xd90a3d393870d90eL,
-        0x2fd78d14f2fdb976L,0x9472a6066a312a30L,0xea68e2283484af2fL },
-      { 0x7cf25951ac9e5cf2L,0x024f07ee37a28e95L,0x5d479379e563a2bdL,
-        0xe87b50a4b46e93d8L,0x9128fc11f137285cL,0xe46efdf77c67d7e6L } },
-    /* 57 << 105 */
-    { { 0x4050036c7cb0b9a1L,0x8560750c1161d7fdL,0x4d293a521b247ba9L,
-        0x4b25e54c8f1b9d31L,0x91c89139c5baa0aaL,0xa2f75f9f2202b7e2L },
-      { 0x6c0915dd4d2d1388L,0x575d90f703717fd7L,0xd90c059b03e0626dL,
-        0x7004305ba4239e8cL,0x39fb4e2e989775e6L,0x20c31fc8d8a239c6L } },
-    /* 58 << 105 */
-    { { 0x4de318054ab51b84L,0x4a68443c6aa00707L,0x2c3637f05b317f3bL,
-        0xb8ea6f87c0fc14a7L,0xcd0cb4fca2cc6af8L,0x6b5fc899317083fbL },
-      { 0x1b8f160956e6dfa1L,0x698299ed92b77d20L,0xdb84ab7f14fc3fc1L,
-        0x944666a35d5fe625L,0xe9a3448d7e064ab0L,0x53f62fa01abe1440L } },
-    /* 59 << 105 */
-    { { 0x04bc8a2bc8c676b8L,0x502a73144a577562L,0x494d01f11ff01f9dL,
-        0xfe648df164d98f70L,0x80bed0d849719dd3L,0xb77a8f09c231e190L },
-      { 0xc8aa8daecc011818L,0xf313be4f5918814eL,0xf28fcb74488b5bfeL,
-        0x71e23b19b3345c98L,0x1cfb7c0596eba9beL,0xa88e73b941c61971L } },
-    /* 60 << 105 */
-    { { 0xdc7050459cfd4295L,0x1cc9648eedeea59eL,0x88f4af1c0e9ca92dL,
-        0x45d0b53f69689317L,0xa122a6dd41c04186L,0x9df54c3a277fba1aL },
-      { 0x1efc55a5017eb9ccL,0xb253f7b661d1ecd4L,0xd03f8ec6acfb7854L,
-        0xf641e5f49f338dbaL,0x6b6a680a3a3addbcL,0xe80babb5b5cd058eL } },
-    /* 61 << 105 */
-    { { 0xb48da67307873319L,0x53309cdf3bf5db9bL,0x1bc510e64ee9dd11L,
-        0xbb8e529a7388950aL,0xc9c0ce3c7f6e6175L,0xd75753f88a290784L },
-      { 0xfebdd94ba80acc08L,0x942cdfebdc846b30L,0xbb64799f6ca7099fL,
-        0x40f03362d1326fa8L,0x95b2d9db97b62e9eL,0x5ad9ce165301d9aaL } },
-    /* 62 << 105 */
-    { { 0xaa5fead9dfc59ef1L,0xc1348e98b2cc1e9aL,0x83dd617e77bda968L,
-        0x0fdcc0837c8997dfL,0x9206ae234cc62b01L,0x88aec92f417678dfL },
-      { 0x9d399af791fb8920L,0x399eebd13e8a22a0L,0x32f3bba735bebdf3L,
-        0x354c1c5004c2f32aL,0xc2d6b5514052c926L,0x16a1f71f656a7eebL } },
-    /* 63 << 105 */
-    { { 0xd7a755bc14a8c57bL,0xa97b901341ebec55L,0x88b88459143a1a9bL,
-        0x7aa178cc7e19e3e0L,0xb8359634635dfb65L,0x63fd26c7c169e28aL },
-      { 0x89d9090d953272f5L,0x63e571196383845aL,0x0e26c0cf886a1f1fL,
-        0xda56332db7057a29L,0x6b5d303f7a459c6fL,0x3c351b771bb704c3L } },
-    /* 64 << 105 */
-    { { 0xda2b0725bb296c27L,0x1f22ffa4d341171bL,0xc721e35a5b132756L,
-        0xe5695e84fadb6907L,0xbc5a3bf4c283f546L,0x9182cb3edde128aeL },
-      { 0x179c7fa66592e05eL,0x1e604790f38e8586L,0xaf7e83bea16bad55L,
-        0x6f41231e9137ecd8L,0xac87543d8f30d1abL,0x630a9d87b1ee0ee8L } },
-    /* 0 << 112 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 112 */
-    { { 0x359cbfa05e4f1914L,0x6992cd48d922176aL,0x2fd5e90f630cbcb5L,
-        0x2b0f61306ddbf238L,0x5070970a3af753e6L,0x433d009441727016L },
-      { 0x2eb15b3b9dca97e2L,0x3a7379cd00d96875L,0x0d4374aee930a75cL,
-        0x3cd36046849e7727L,0x9ac3117e336a19ffL,0x2d1373c9433ddc04L } },
-    /* 2 << 112 */
-    { { 0x985dcb43e4362d67L,0xecb860c2a939bea4L,0x40597f3055fbf1d5L,
-        0xb6d166bf43fcd98aL,0x5932570915ec99caL,0xe05ae3b9c5bdd370L },
-      { 0xc18f78270c7b943bL,0x84bde9c64dd572ccL,0x5d50a89df478e56bL,
-        0x242c2f4864d29053L,0xcda12c6161cf7e0eL,0xf8b6890eac8d1d40L } },
-    /* 3 << 112 */
-    { { 0x7a9a9dd7b6b11af8L,0xac4c50dd16a42f8fL,0x1550267b6726c324L,
-        0x12cfb2fd7f841afbL,0xa41b19052f046430L,0x8f5f5373b7d786cbL },
-      { 0x7b61b39c729e09fbL,0x07a5415f2626da4cL,0x65d6efb84a348905L,
-        0xf377862cf2e864b9L,0x3c94000dab96cdb2L,0x2176321a8efef0f6L } },
-    /* 4 << 112 */
-    { { 0x8c558000c1c1bc68L,0x9e48a67a83fd6ca6L,0xacf0d75ceb7a35cbL,
-        0x0fbdce4cf0a93110L,0x82b2d13a9cc50c85L,0x696fd259cef70d6fL },
-      { 0x1cc9be2e457b88c2L,0x0d58b34b1f04c0bcL,0x52bd479f195a532bL,
-        0x769fe6ca1ab3605cL,0xba6a63e48a24c1e0L,0x86dea46299da5d7aL } },
-    /* 5 << 112 */
-    { { 0xdf2a6cecd24790f3L,0x37bfbba7b87ca06dL,0x7c8a7e4c0de8a6aaL,
-        0x5c806b94be7b8f5dL,0xccca1c714fda3e7eL,0x3c1cbaf9cff788e5L },
-      { 0x17a081a9565d0464L,0xc4eb995713ed1b82L,0x0d7c90549e4cfac7L,
-        0x6fb74c629d53a200L,0x65b9ed6d5f977a8bL,0xe2279cec0ba2e7c4L } },
-    /* 6 << 112 */
-    { { 0x8435e2962d4412dcL,0xa36cbfef972350d8L,0xe2fe6e6fece5cb15L,
-        0x6f249b095336f7ffL,0x5801feb9908ee267L,0x7649a837fc8f217bL },
-      { 0xfc1adc3ea0ebc808L,0x1ef06bec94f08075L,0x4afb5404cc1d9b72L,
-        0x75cabd61a1f2c5a4L,0x2bd797e1cd08f195L,0x4f1b5cdecbea0f49L } },
-    /* 7 << 112 */
-    { { 0xe9759aa9e7aa87e2L,0x2d54a5fbe5909f55L,0xe49a59aa2c80bb61L,
-        0xdb89e21230c9b328L,0xf42b9adb004ebffcL,0x4471b983479678e4L },
-      { 0x0dde5b0e97709e2dL,0x2f35c653a12bdb85L,0x9f8d7a5cd8c8285cL,
-        0xd7cde5971d156206L,0xdbe765d7a8e126bcL,0x2e645b6de3f4e60bL } },
-    /* 8 << 112 */
-    { { 0x509abccb65682820L,0xfbfa1d094ff86137L,0x1ae371bd640bc2f6L,
-        0xa155c2978f546c68L,0x8858cadcc08b8cbfL,0xafac5b0a1d96948bL },
-      { 0x919cb22682e25016L,0xd147df4ab064ffc3L,0x25dd0f1ab4abe560L,
-        0xc6bbe6369cb75bd1L,0xbb367cf947a778e4L,0x5714aa4dbde524b3L } },
-    /* 9 << 112 */
-    { { 0xce3c8218e61b1439L,0x8be5a9cb67f79d28L,0xb1bd1386d5164b35L,
-        0x0bc24d96b9adbac7L,0xbcee4f0ec7482414L,0xac15b5b66ca5d49dL },
-      { 0x79caa999f20f9a50L,0x89bfd652a911308cL,0x972fe26d15245a7dL,
-        0xd44d0f6e1d0d2939L,0x6749beaedd439057L,0x02627a6ad4b6f416L } },
-    /* 10 << 112 */
-    { { 0x7e882e8cb437b791L,0x9afde25afbe334cfL,0x60184381da52f9fbL,
-        0x935d33a1001df73cL,0x38f303df080682e5L,0xd9cf2c1f4e9a29b2L },
-      { 0x889d265e00d9208eL,0xfc1cc2221fd8e817L,0xdd14f1a2ec71428aL,
-        0xe81cc4f9d9e973aaL,0x26a154963696468cL,0x0620fe6409d546acL } },
-    /* 11 << 112 */
-    { { 0x06ed3e64166be92fL,0xe1da6e27c51ea53eL,0x784f2514acb2b245L,
-        0xc544e50f8e24077fL,0xad449938c5c01787L,0x5d9ef8d527d41dd7L },
-      { 0x37114064e15d4a96L,0x7f0c92aa1dd45321L,0xc1f11d56b9c72ee5L,
-        0x91f3b3f7a78e6d3aL,0x0cf440b0c9488cf7L,0x14d3defd93df403aL } },
-    /* 12 << 112 */
-    { { 0x3fa4ea0225aa1d44L,0x22c68e17f74a6a3aL,0x351bcb80f489e72dL,
-        0xdabdf118be0268edL,0xa3bf9e1984d2cd16L,0x318506a2d67393a4L },
-      { 0xb0c6b2d8615ed517L,0x42ac507c3dcba0f9L,0x60570dfb51235e30L,
-        0xc677628dedb033e4L,0x0290c22766e61f76L,0x1d8450d09888943fL } },
-    /* 13 << 112 */
-    { { 0x1b8f5ed7155a3daeL,0xc9d2433aa46ed72bL,0xe99c7fe38ca361fbL,
-        0x606b08c19626fe7bL,0xe6447257c0ea792aL,0x5839e2c62e1156f3L },
-      { 0xb73135dd5eab6d41L,0x200f2e488ef63584L,0x4c73885ddda1c49eL,
-        0x8d606a75b5428ee9L,0x2a73cc7aa62699dcL,0x484a58941c6c8de5L } },
-    /* 14 << 112 */
-    { { 0x2365b4150decae0cL,0x9c8567ece8583741L,0x35d6cfae6d8842a7L,
-        0x4e6c98e6dd0db8e4L,0x584524e767b34d02L,0x786ea52f554c6117L },
-      { 0x8952ce169320725fL,0x8eb7f91854c4c8f2L,0xdd34f77afc799251L,
-        0x76b8c3173e05d37fL,0x664cbddcebb4d365L,0x31ba98b90dfa1a98L } },
-    /* 15 << 112 */
-    { { 0xf113a7bd651c186fL,0x417bd7373737a50aL,0xddb40d201b858249L,
-        0x62a60745345f5b45L,0xf0a03f5c2d4e221eL,0xcafde67cc64621a2L },
-      { 0xbbbfaebcbc3c06c3L,0xadaf9a16b8383dc0L,0xcd21aa308f343ea2L,
-        0x64cefec0d890128dL,0x2ed9b8f763b44054L,0xc0a49e2917c0ffcfL } },
-    /* 16 << 112 */
-    { { 0xc6307399166915dfL,0xb35545bc5da8a26eL,0x8e0126aae3a99321L,
-        0x0fbfdf76da9308d1L,0x2163ed6b6168e505L,0x71f3d0087500d8bdL },
-      { 0xf57159605ac13f65L,0xc1cd9a6755172d5bL,0x6b225f7e53d84c65L,
-        0x9c031269025029daL,0x54c1edfa17d89aedL,0x5b0238786b435150L } },
-    /* 17 << 112 */
-    { { 0x96d69db1146abf28L,0xc924454924d221dbL,0x7881951c137bdfe1L,
-        0xde2d490dda51f789L,0x6033c2c34b0a1e0aL,0xbe214d8c08dac13eL },
-      { 0x3d5abfa9a5a1d055L,0x3433060f6fe02a62L,0x88608c7ba37f2833L,
-        0xfd2da6f0e74dd6c1L,0x27c22c17fe000000L,0x04a1f15bcfbde005L } },
-    /* 18 << 112 */
-    { { 0x01204485f340b522L,0x588a9e1c9367a099L,0xb3d1a4b466005913L,
-        0x522ac504d55cc36fL,0xa6c80e511b72eabaL,0x15025a7acaaa89b5L },
-      { 0xc9166912bec1a986L,0xe78e9642f19044cfL,0x230d51ab4756908aL,
-        0x6795942aac04cb90L,0xcd2cc9eca2a92818L,0xfccead967cf52961L } },
-    /* 19 << 112 */
-    { { 0x32fa291d52ccf481L,0xbb137ef901ac0eafL,0x13ce2183011746abL,
-        0x7e64248677bfea0aL,0x67cbba0e5e7e5032L,0xc900998a1f2b69fbL },
-      { 0x62ddd91aab3256afL,0x1f0f216911d7996fL,0xab2f2d540e4dd4feL,
-        0x05b577a92ec64ec3L,0x8071e88708ef233aL,0x9be1f8d60e649a5cL } },
-    /* 20 << 112 */
-    { { 0x5f78334137732664L,0x625b85dc840b6f8eL,0x7dcb3d256cdf0959L,
-        0x87a5ae19d4ce1845L,0x43bf0721b0dc016aL,0x6569ad52f6a5f6f3L },
-      { 0xa2697f15560ab87aL,0x4c6fd1a0060dcd57L,0x652a7732c3167f56L,
-        0xe355fef05294a5e0L,0xf7b3177dcc59c562L,0x511c96dddccf4b1fL } },
-    /* 21 << 112 */
-    { { 0xec768f587622c0b9L,0x7c9eb5490416afe7L,0x3c3d87f55795433eL,
-        0x74eff3cba4611446L,0xb2c79249dc7037d3L,0x70062ebd8bb1fc42L },
-      { 0xbd0d3532a4ad91c8L,0x42411c139f5ee0c3L,0x11c4ee91132470cbL,
-        0x496438979fb2a135L,0x4c1df7e0ce2ec891L,0x689cda57e16f7413L } },
-    /* 22 << 112 */
-    { { 0x3b42838a2a0030a1L,0x3f37587ae05ba56eL,0x6382a86f44c16650L,
-        0x6c1bc67da6f9f136L,0x7d152d907ada0f41L,0x9115319d5c40c0f5L },
-      { 0x1143028632f58e3aL,0x5dcf7ec7eda5c5a2L,0xf04404a9f334a0b2L,
-        0x75e0b4a84ec2cbd5L,0x86e89728d079dbf0L,0x796700799a99c605L } },
-    /* 23 << 112 */
-    { { 0x98456a79b1d2a3fdL,0x4e8ba91e6dd789e9L,0x8e0bfa33a435226eL,
-        0x42bea2f48cfea5ccL,0x5ca5fb0321b14602L,0x73faac5826877b13L },
-      { 0x0ddb6ea203905ebbL,0x67bc35f1698cd7abL,0x24da47d85d9af735L,
-        0x1a2a7c1dd786000eL,0xb35fb29e23ccaceaL,0x1c063466bf1f51a7L } },
-    /* 24 << 112 */
-    { { 0x1e7ae1601e94d949L,0x177dc53ee78e6221L,0x8af29d8f7aeb9882L,
-        0x2d9a60fd9e3f3906L,0x6979fcd6df962156L,0xdd2fe5887e1e54b8L },
-      { 0x9cccf31076643453L,0x94ece1a84e0643d0L,0x745449cbc111d8cfL,
-        0x872afa4ae6cfbd97L,0x5c27b7ca10dfb34eL,0x505e62bc533480feL } },
-    /* 25 << 112 */
-    { { 0x6dd2007363141676L,0xdb099810c5c4c657L,0x2bbbcbaf8c369f32L,
-        0x339e3ded08794178L,0xcc362a32315c4cd7L,0x5d288ff37dbce794L },
-      { 0xafd05d104d0cb6c6L,0x3a6dcee9d386c7dfL,0xa207dc17e311ee74L,
-        0xc5794286abdc751cL,0xf45136e5d889b985L,0xb25e84638d8f32a3L } },
-    /* 26 << 112 */
-    { { 0x8711ebfd1dc32f77L,0xfc0e851f3933d758L,0x90b679fd64a859f3L,
-        0x0914a975ef37a81eL,0xcef80495d675c502L,0x862d3b65be18c403L },
-      { 0x0d53f957305b4aa2L,0xe404f2570e5bcb47L,0x833a8644854b6b63L,
-        0x5709f53b99f8d3d9L,0xc400dc1f13893effL,0x75ca01714c65086eL } },
-    /* 27 << 112 */
-    { { 0xdaaf8e76eeceb904L,0xbce9ca54b9e31f92L,0x4442d0c88d06a58fL,
-        0x5966e1e5eda0ee34L,0x043125f058edc555L,0x44d0311749cf0931L },
-      { 0x292aea12a99ae5c2L,0x1e9be1702a2bade4L,0x003ec2826b21b444L,
-        0xc158f3cffc41d601L,0x25a839f4c4b3f4c7L,0x4a36bec399e64264L } },
-    /* 28 << 112 */
-    { { 0x829bbe7e04e6bda7L,0xc52b64ded3e667dbL,0x98aa40ecaa2fc128L,
-        0x2c6997d011fbef94L,0x70ca76aa97c8167eL,0x558f8ce7b1083886L },
-      { 0x5c621e35d250f064L,0x757710f8f535b2c7L,0x5d118d8faa69ee95L,
-        0x02ffe667b27cd9deL,0x65711ac7d13e51fcL,0xdbbf16278cb1a1c7L } },
-    /* 29 << 112 */
-    { { 0x3c2fcbceeab0bb77L,0x569d6c7e4e1b17adL,0x22e06899b0518730L,
-        0xf8466d9d19f809e9L,0x372e254288359d10L,0x8074483532d5bb82L },
-      { 0xc88727d566060945L,0x08e9246572a0d38fL,0x84ca145c9f84a861L,
-        0x8363463c1c004212L,0x9debab72bd3ad87eL,0xce68c150a988e65dL } },
-    /* 30 << 112 */
-    { { 0x1c172e5ea71dbae0L,0xf7794eb19b80bf40L,0x3007c5705d7d2829L,
-        0xa8d44d6fcc97cf00L,0x093a9784f6abea6bL,0x2ac4a67564cca46fL },
-      { 0x14fcc56350d8fc8bL,0x53133983a11ccd07L,0x7cf09bf68e6b8f26L,
-        0x49f864d57b06e3adL,0xd526a765c373fc6dL,0x7af297c6151305d5L } },
-    /* 31 << 112 */
-    { { 0x18f941bfcf7c1eb5L,0xda10720a130163b7L,0x3c4894f46bd9bb34L,
-        0x7575087bc8ca64f1L,0x68c424852c8f3798L,0x986214eecf0e5839L },
-      { 0x3723b713df2b0b90L,0xd81560d5d229bf8aL,0x0204ae5ff993078eL,
-        0x55206d9186a14833L,0x8c7d09181557fc96L,0xe2cd5dcdddba9705L } },
-    /* 32 << 112 */
-    { { 0x009ef80aae238fa1L,0xb41d9b24486af6b5L,0xab4455ed685add95L,
-        0x18f323f672c7dac8L,0xe7009790e372f168L,0x4d5bcba6067bea99L },
-      { 0xf15bdbcc51a2a9a9L,0xde7e4f742fac9169L,0x2fd62c304bdbec36L,
-        0x8b3ea93d1b3ac6c7L,0xce1c8e5c9c293889L,0x19664dda11564f8bL } },
-    /* 33 << 112 */
-    { { 0x207a738245406afaL,0x7c1c398d1675bc91L,0x2ae99d8ba1bb7a43L,
-        0x63f134e8c5e176e5L,0x4a624a1c48364268L,0x471974f1de65c5deL },
-      { 0x44932063ea90b0cfL,0x13ba5019d8fd7e30L,0x6281f71348510422L,
-        0xdaba3f14bc1a523aL,0x333e5eff924cc5cdL,0x861ab150e9113d1dL } },
-    /* 34 << 112 */
-    { { 0x332d308dd9b9461cL,0x3e9b4a95b7014261L,0xc557f608c2beeb5cL,
-        0x9ee927187c8531d6L,0x55ff3dfcc0002ff0L,0xed96119eccd9b325L },
-      { 0xd779ba03fb92416bL,0x63b75d351416be79L,0x793cb1fbfc9ad27fL,
-        0xcc762a5b87f1bc59L,0x6e7a23389bbb07d8L,0x99b6e278aa7bfa44L } },
-    /* 35 << 112 */
-    { { 0xeb142de02bcce03eL,0xcac04711577565e2L,0xa949c7350ab07328L,
-        0x8f15874cd7d347ebL,0xade8c67a696dc9f3L,0x039e6b7c66a7bcadL },
-      { 0x1260bd4acb8cb9d2L,0xdbf05496d4801bcfL,0x6b37a4d30ffb845eL,
-        0xc3968fe150b50889L,0x261e82f4525c6a7dL,0x539f634912aad50bL } },
-    /* 36 << 112 */
-    { { 0xcb1a9d2ceae4d774L,0xfdec2ca998a0775cL,0xa538acbd0eab9e25L,
-        0x6901ebfd04dd34b0L,0x998ab679ed4c6409L,0x69b1d7ee0235b865L },
-      { 0x4f2e6e5723ac3be6L,0x2b2072aed4a00479L,0x5c12fcdc2ce2f059L,
-        0xfc688c45ac329db8L,0x16d377a51f539427L,0xebe4e2cfa08ed9aeL } },
-    /* 37 << 112 */
-    { { 0xb394214715d60238L,0x60d8909bbe9d4febL,0x013827b78654e16cL,
-        0x465b3078824fc55aL,0x361e6523e3fcd6c0L,0x2ef44d80ef88b307L },
-      { 0xdca7809fbeb2db77L,0xe649d591da97468aL,0xad6079b77c28ff0aL,
-        0x6a21ce1ac4897775L,0xde876f7b5a592fd5L,0xced421a585a1dd36L } },
-    /* 38 << 112 */
-    { { 0x9793bdf6a045a442L,0xdb3c60472713ed37L,0x9929d32261344a0bL,
-        0xfb48c2dc831af45cL,0x730226df53a8a077L,0x3a5baf8a18876559L },
-      { 0x99736e7d8e11f9edL,0x3e7663dd0c09dddfL,0x368a29ed89b8a23dL,
-        0x5443d7f5d3a68663L,0x0b84b464c6302455L,0x235c6eb5cf088847L } },
-    /* 39 << 112 */
-    { { 0x13307013b8de0a3aL,0xfb10e919f592fd9eL,0xd09e5b2571401ec7L,
-        0x6e8091c11d94cf0aL,0xb7d79fc74193b129L,0xb842a3695f2c05e5L },
-      { 0xcf6fc6cbccdc7614L,0x77d6408180102a3aL,0xde4b9304f30c3488L,
-        0x4fd9f8d89bd08e48L,0x58ac01245963b063L,0x1f11335c747fac66L } },
-    /* 40 << 112 */
-    { { 0x5f266f13175418b2L,0x6bd7a86903a626f9L,0xc7b532304a6f11caL,
-        0xa216b056bfc8ccedL,0xa274d5d8b288cb7cL,0x6fc4a35d924897adL },
-      { 0x1ea532eb81fc6940L,0x2fcd817e2acbbc45L,0x45eee93f67814fa3L,
-        0x3b3da48c1229e035L,0xd049a976efd8e3d7L,0x8087dff7bf81f314L } },
-    /* 41 << 112 */
-    { { 0x9ccd802fbddea807L,0x08a64e86d93b97f6L,0x422c0f5602f04e3cL,
-        0x25aecab133900990L,0xcdb2c5c15d4b4d2fL,0x849a6b1f5f43e42eL },
-      { 0x4689b815446e7361L,0x49abaf6ca681fba0L,0x304d84b18289a564L,
-        0xa6529d430b779df3L,0xca926da67b51b195L,0x3640dde5c829ae84L } },
-    /* 42 << 112 */
-    { { 0x747235495424e1d0L,0x3861ae65c85af64fL,0xc56ff12baab902c2L,
-        0x9aeb9e154fbf264eL,0x14e3c13942ca40d2L,0x6c26da41c1ba0250L },
-      { 0x97a6031df51a0967L,0x88fea7710e623393L,0xcafae4c778574eefL,
-        0x2c4c281198119f28L,0xd190fc749276d971L,0x843f4baf9273f01cL } },
-    /* 43 << 112 */
-    { { 0x1b2d643de50ad79dL,0x1ceaee7ed3075486L,0x13a003f3ec287aabL,
-        0x09a4a825e8c7aeddL,0x93babe5ad1d4c05cL,0x8115bfec95ab084cL },
-      { 0x629e8e0a289ebb8aL,0x923167a9bd992f77L,0x440edf75ae16ce72L,
-        0xa67dd37b0a0019d4L,0x174b341978b0df8dL,0x010746a5ad6e4c60L } },
-    /* 44 << 112 */
-    { { 0xed05e4bf8342da4aL,0x36d881f3b565f0f2L,0x3fbd04e1411e627fL,
-        0x40ac13cb0411889aL,0x9f6006cab5b25fd6L,0x0e79d377e31404ccL },
-      { 0x9fd6474a5af3ea01L,0x89d7ddcb2a27d905L,0x2c1beebada12e71dL,
-        0x3ecb11e1833eb7deL,0xa348b2f6600eb1faL,0xc227192183f2657fL } },
-    /* 45 << 112 */
-    { { 0x2cfaf519e32ba792L,0xa99113d7f929b512L,0xd347f7d18f554e19L,
-        0x18f0374f098a2ad8L,0x073855acc174e0b9L,0xf155c6c009324c23L },
-      { 0x3388c39605d1e427L,0x144356a9d39221d1L,0xe3d4ffed492a84adL,
-        0x519c65e6d1e53c29L,0x334f470a2813c717L,0x69aa0a1de0a400e7L } },
-    /* 46 << 112 */
-    { { 0xd8689c9c39e70b62L,0x2b87157e6cd86fe6L,0x53d55de887c0f35dL,
-        0xb2d7141de09aa44bL,0x3499553084fe7c21L,0x4550096c16b19be0L },
-      { 0xb0a8ce05b856dac0L,0x570223450e211887L,0x8d4a7431aca17401L,
-        0x96bf439857400a0eL,0x1e849d365ffd5f34L,0x7e70f6253a6d23acL } },
-    /* 47 << 112 */
-    { { 0x511ad0024b4ecd64L,0xd2287a28f37bf796L,0x801d2c2dcbc1f22dL,
-        0xf0d3a6944df568c8L,0xa7fec550af6836b0L,0xa27dd6e887a426c7L },
-      { 0x2f730e5b59c6b695L,0x9df438ee93ee2b36L,0xc4def9eaf2cfc4c6L,
-        0x82ddcca0a209814bL,0xb2e1de4f6dc916d3L,0xc6798e7453f81a55L } },
-    /* 48 << 112 */
-    { { 0x77faac22bd366155L,0x13cc4038282f11b5L,0x31ad1dd45fbd35abL,
-        0x7e0de9da45d6d40eL,0xa16c5f1939749ef6L,0x761cd6cf85691cf2L },
-      { 0x156536ad4d59b802L,0xee98dc4187c4b11dL,0x165a1eacd35088fcL,
-        0xce8a733538fb995cL,0x34d0d3313293b3a5L,0xfcf548ca8b570e79L } },
-    /* 49 << 112 */
-    { { 0x4c4bddca99e8cb05L,0x2b900ed017c5be91L,0x0ba0201b40adbfc1L,
-        0xb5098cf8534595ecL,0x356e23ff80f56f69L,0x8b3fa12e748555a0L },
-      { 0x9063437677b8ebdbL,0xe3eb33fdf040b6a8L,0xcc5b699539b611ceL,
-        0x20171523c693be7eL,0x5c4364d760849cf0L,0x30f3376372c4d303L } },
-    /* 50 << 112 */
-    { { 0x0757295022a8c8e0L,0x6e05715866ca81ecL,0x7e8e36890f804bc9L,
-        0xcba813a191b99207L,0x3f11f7abe50ab65fL,0xaefe5479b6d05954L },
-      { 0x48dd59a1eff5cf18L,0xa623b738bda11ecdL,0x586e755818870f08L,
-        0xb2c471a50e38ba1aL,0x5b21c42c69ce8032L,0xaf040e6c7943d78eL } },
-    /* 51 << 112 */
-    { { 0x6364714c4852f979L,0x7ed7aa310700cd35L,0x9021e46d9376733cL,
-        0xf2b65ed3b6de8d03L,0x0e3d00c16652346cL,0x6630fcb75d27e2d0L },
-      { 0x69cc20ded79a1c20L,0xa6d77163be3745e6L,0xab36946379aacf14L,
-        0x8bdffbf1b935a1daL,0xda8eb343b63096f6L,0xf61988f13c966345L } },
-    /* 52 << 112 */
-    { { 0x06f684ffd31f390eL,0xa1467be560ec98a8L,0x7cbdd03eaa80fddeL,
-        0x0ae4d114e204ded1L,0xb8ebeb29a004c3e2L,0xd93cd70726009581L },
-      { 0x3ff2ee49f1b9d3ccL,0x0e69e5ac753526ccL,0x8cb2243e8b13f47bL,
-        0xe2c5ae8d7fbfc5aeL,0x8e9af723394a45d8L,0x0b1114dbd92ab8d0L } },
-    /* 53 << 112 */
-    { { 0x937d9d2a73f9ff5bL,0x07c8c147de0fd740L,0x3880ead73639b680L,
-        0x879d6f836558cc89L,0xf32e14b975bc8c84L,0x278ea5e4bcf6f8cdL },
-      { 0xd9f25ea94baca6cbL,0x676e4bdd44d0ceb2L,0x98042ac190868974L,
-        0xdf227f370711b658L,0xcd6d29b46ef0e4f8L,0xd04f5bf88f817e92L } },
-    /* 54 << 112 */
-    { { 0xc7d62be78354f4ffL,0xd6fd9d590ac4d9b6L,0x13fbed772b50ab82L,
-        0xc4c5be374362b766L,0x5d67bfdd6c59d059L,0x10c93cceac02f34cL },
-      { 0x3bec1f3b72e35ca4L,0xb1cfade159f4820bL,0x679edbcf80fae051L,
-        0x6762f5ba6671737cL,0x28b425db3fe77970L,0x4bd6d2ebe778aaaeL } },
-    /* 55 << 112 */
-    { { 0xdcbe0018aecd5ae8L,0x7f178b7aedb2a7b0L,0xedb5c805b427179cL,
-        0x25fb6a084ba080fbL,0xeb6365165f1b263dL,0x814c520092acb04aL },
-      { 0x936f97a988d94b88L,0x6d54f1768b45e4b7L,0x6321e3bdb0cc515cL,
-        0x9118d0318eb5be13L,0x5be9188a8c574e96L,0xcdad43f3f281f19dL } },
-    /* 56 << 112 */
-    { { 0x7be5946ea85af34aL,0x420593c9da6fb0e0L,0x40b83c00987f9246L,
-        0xac35f4e9a15d192bL,0x1979bd33776a678cL,0x0a7d973e8f6068d3L },
-      { 0x71d322e87e6298feL,0xbb23a29936af9b65L,0x14e2b9706644c50cL,
-        0x5f7f207373570bd3L,0x40215c569055538bL,0x91372e64365500c9L } },
-    /* 57 << 112 */
-    { { 0x2763961a303ef488L,0xc357c32fbf865ec3L,0x32ca1a943663e409L,
-        0x9d9040217de506a9L,0x1f56e144249028bcL,0xd76402e61c5c7cecL },
-      { 0x98dcac65b0dd9d4fL,0x887f6e97532facf6L,0xc0d5d2a123c2cfbeL,
-        0x0566bd59d18d8b1aL,0x67404eb1297a071eL,0x10f24d9b26529285L } },
-    /* 58 << 112 */
-    { { 0x34808f5ca479ef4eL,0x60effdea9ff10abfL,0x471a077cdae34e0eL,
-        0xf34df9562f9d1408L,0x4f8bbffbe46961b7L,0x6a80b0276336a6f4L },
-      { 0x28e57309ca92e5dbL,0x27fbb139ce31cb10L,0xcea87ae28d24334bL,
-        0x3781f438de6db765L,0x3328fc09edaf054bL,0xa8acdbcfa94396f8L } },
-    /* 59 << 112 */
-    { { 0xa05b72aa83a79820L,0x3210863ccdeeaedcL,0x192d5fdcb76fdabbL,
-        0x25ec4568f10c17a7L,0xbd51e31fca556920L,0x8ab534f26a7e40f7L },
-      { 0x2ecb28c041145d5bL,0x4e95843df9038557L,0x65605d17d783699cL,
-        0xf728cb1178bddf7aL,0x2d823ae8bee2a60cL,0x02030edb8eb48325L } },
-    /* 60 << 112 */
-    { { 0xfe517758aa04facfL,0xa5216df44c421615L,0x4d87767d4f133b52L,
-        0xdae81b7699757264L,0x53c1a0e3e3ad4323L,0x2c565bbd53b401bcL },
-      { 0x94d2354fcd54a0e1L,0xf43d0f053f1a02a7L,0x52e7ee4af660b949L,
-        0x563ec009bc208df4L,0x58c0b975bf21c4b1L,0x29a8e5adeb029e52L } },
-    /* 61 << 112 */
-    { { 0x4c07b3e4283bdd75L,0xcd94d2a385dd6177L,0xc1ab8a5cab097530L,
-        0x90301468a5fd9ff7L,0x2a3e5b4064d0932dL,0x77e3b67e435e1c0fL },
-      { 0x3b5d261c14f7bb4dL,0x1d67a760bab7bfc9L,0x507aad46d799621bL,
-        0xf44567b5f4f3c3b9L,0xfaa97a3eae2bb6b2L,0x7d373b163594e2c9L } },
-    /* 62 << 112 */
-    { { 0x29ef2da9a15e6ea0L,0xf411e20dcd168689L,0x34944975049a4b24L,
-        0x0effc2dfe035cd24L,0x5d77178b0a954cf7L,0x3504bc357ab2d8c0L },
-      { 0xc3405000ec32219cL,0x00442630421a5a3cL,0x0548505c7f49819aL,
-        0x6bdb281fc805d0e8L,0x03cb57ac97484e09L,0xcf0926da58a14cc1L } },
-    /* 63 << 112 */
-    { { 0x0715055cc85610a7L,0xd2642935fa6ca505L,0x87ef95128c361749L,
-        0x89cd669a8c8156d2L,0x5cdcd266ed60d7ceL,0x99ccc96df59fb53fL },
-      { 0x82400f4655df7f73L,0x2b6aa1d9af34f742L,0xa6cbca79c398aa8eL,
-        0x7697bdea02b7325eL,0x1cb036b94fde4a79L,0xfe11ff96307fb964L } },
-    /* 64 << 112 */
-    { { 0x6a3a23279af0a75cL,0xf832a8159f1f250dL,0x17030c3322a82d3fL,
-        0x24bf18ea14cbc835L,0x319dc4cab2da2727L,0x481df3606d020d4aL },
-      { 0xaeebdd8a7fc22ba5L,0xbd0515c6a91e28abL,0xfc8a2978595f361dL,
-        0xe60dd96c1ae8fa3cL,0x19c2109aa5341575L,0xfd6e92bb06a0ee48L } },
-    /* 0 << 119 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 119 */
-    { { 0x2e32f896cde5e785L,0xcd55ae7ab9db8f31L,0x278db1ad8f832885L,
-        0x271d9078adcbd933L,0x2208fae34a64f863L,0x974046e039c89365L },
-      { 0xcb46f272b3cd0cd3L,0x31f34e1a74e59edcL,0x3421d316edd50418L,
-        0xb1d8a064cabe36edL,0xdb13e560362efcdaL,0x567c2b6cc71eb3eeL } },
-    /* 2 << 119 */
-    { { 0x2af8ed8170d4d7bcL,0xabc3e15fb632435cL,0x4c0e726f78219356L,
-        0x8c1962a1b87254c4L,0x30796a71c9e7691aL,0xd453ef19a75a12eeL },
-      { 0x535f42c213ae4964L,0x86831c3c0da9586aL,0xb7f1ef35e39a7a58L,
-        0xa2789ae2d459b91aL,0xeadbca7f02fd429dL,0x94f215d465290f57L } },
-    /* 3 << 119 */
-    { { 0x94c3938b4c9324feL,0x0dea07003fe78a0eL,0x57ab9daa019e7dc6L,
-        0xb0d7b14a9925b79fL,0x3c9a638b937a5daaL,0x3b14fd0de62943adL },
-      { 0xbaafb635ed3ae4b5L,0x3060a090b2bcfaa2L,0x389d9e7f7aa8f217L,
-        0xd7f987c6e9310a65L,0xec0927f993b69c0aL,0x9335e9102381a247L } },
-    /* 4 << 119 */
-    { { 0xc08550024b950889L,0xee99dbfe8ce24da0L,0xdda71d964318e860L,
-        0x01d3d39604fe9b85L,0xda4bc065e25e7e20L,0xd3a50b87e076c81cL },
-      { 0x5b9f821931e5f494L,0x6a140527a6a1b821L,0xf52683e4d8dd159bL,
-        0xca9c888720b18043L,0x73c040fa08a0d8f5L,0x92e482e8179525c4L } },
-    /* 5 << 119 */
-    { { 0x8b9f650f3e776590L,0x41ba807f47703a5dL,0x8cc1a550fe907078L,
-        0xd70cb76c8f00b84bL,0xcaee21566f3e6780L,0xfd6a51f595c2d03eL },
-      { 0x2c897c5556ffa08fL,0x08589a6563d13d54L,0x6a1eed4287bbacf7L,
-        0x66aed4f5ee709d78L,0x67c925bf1178ecabL,0x6870f4c8a29cf747L } },
-    /* 6 << 119 */
-    { { 0x37ed2be51cfb79acL,0x801946f3e7af84c3L,0xb061ad8ae77c2f00L,
-        0xe87e1a9a44de16a8L,0xdf4f57c87ee490ffL,0x4e793b49005993edL },
-      { 0xe1036387bccb593fL,0xf174941195e09b80L,0x59cb20d15ab42f91L,
-        0xa738a18dac0ff033L,0xda501a2e2ac1e7f4L,0x1b67eda084d8a6e0L } },
-    /* 7 << 119 */
-    { { 0xe3a67b2d5e12e708L,0x3a4772e2ce48f234L,0x78f9dbc334794271L,
-        0x9880053a3e6a61e7L,0x031c30b87c0f6e59L,0x8113df6cf7b972f8L },
-      { 0x3625bdce18ee148cL,0x72c2b8efdb885158L,0x4c73c80c9a7f0df3L,
-        0xbc2dd8a507b92470L,0x5a33e4dfdb005677L,0xc699cf5ea5ca9dd3L } },
-    /* 8 << 119 */
-    { { 0x3a828904a4d2313eL,0xbf4946b192e66888L,0xc574898ae5fa19d2L,
-        0x0b13dbb65e1c5fa4L,0xf11343ba7c390fc2L,0x35b1418fd7d32187L },
-      { 0xc92cb1bb83e7fe7bL,0x0b969455d78365c4L,0xda69dfe5672f2af7L,
-        0x9c62d7b430932441L,0x165672ad94af02d6L,0xd2cc734dcde81c22L } },
-    /* 9 << 119 */
-    { { 0x6353420218d07dd6L,0xc7c0c8f128a3cb4eL,0xa41d4c55d7929131L,
-        0xf1aaab3445d21f63L,0xd69a59545ec3e9feL,0x209732c1b8ddea2fL },
-      { 0x368b9c59e1936916L,0xb011c662ab1f8585L,0xcce30a25474e57b4L,
-        0xb79c76df7049c61dL,0x984739950ccf165bL,0x7c6f4ab40ce897baL } },
-    /* 10 << 119 */
-    { { 0x1d27efce1080e90bL,0xa28152463fd01dc6L,0x99a3fb83caa26d18L,
-        0xd27e6133b82babbeL,0x61030dfdd783dd60L,0x295a291373c78cb8L },
-      { 0x8707a2cf68be6a92L,0xc9c2fb98eeb3474aL,0x7c3fd412a2b176b8L,
-        0xd5b52e2fc7202101L,0x24a63030f0a6d536L,0x05842de304648ec0L } },
-    /* 11 << 119 */
-    { { 0x907d88035a8432bdL,0x89232a5a2638fe30L,0xa120eecbe2089014L,
-        0x3a5208cb5a2c9e97L,0xe163d29a3449eb4eL,0x3df984530eaba88fL },
-      { 0x55d3b9afa1547443L,0x316aae18f2a60ceeL,0x64d0fd30d6e11a5aL,
-        0x65de345808ef6002L,0xcede56fab4a3d1deL,0xa5bfa8d9a4bc1588L } },
-    /* 12 << 119 */
-    { { 0xd45e350133f4d416L,0xbb40233a4bf9131eL,0x1532a088e302483aL,
-        0x3475e8b82c2485c0L,0x08f9ea56969cdbe6L,0x31928645253cd738L },
-      { 0x1cf323a4ac9836beL,0xdf647ccf02b6e4deL,0x9a31e84fc06f3d09L,
-        0xd326b86e39efe6d9L,0x77e3e1df14ac4decL,0xf2d5917af3e0c582L } },
-    /* 13 << 119 */
-    { { 0xf88238f1376216b2L,0x8c7522db7d15f653L,0x50aa7a74a21f74d8L,
-        0xf7a964c8bc9e1a0cL,0x33ea64251387ca6bL,0xda84fe74e7be16a6L },
-      { 0xdf0462d727867aaaL,0xeb7f0ab8ae6be1b3L,0x21abe5a5d9bdec8bL,
-        0xdbb99199ac4bed1bL,0xf65c19d935d13c0dL,0xf966e22e4df74056L } },
-    /* 14 << 119 */
-    { { 0x67477cdc30577ac9L,0x51dd9775244f92a8L,0x31fd60b9917eec66L,
-        0xacd95bd4d66c5c1dL,0x2e0551f3bf9508baL,0x121168e1688cb243L },
-      { 0x8c0397404540d230L,0xc4ed3cf6009ecdf9L,0x191825e144db62afL,
-        0x3ee8acabc4a030daL,0x8ab154a894081504L,0x1fe09e4b486c9cd0L } },
-    /* 15 << 119 */
-    { { 0x7b4e65ebae4219adL,0x2e424c441184a0d3L,0x10eeb898d32e179bL,
-        0xadf05e2d8afa9a6dL,0xecd6c18bbeccd5f1L,0xe592115c39ac53e8L },
-      { 0x9ccf231ac8c7b9b6L,0x1848b4fe678774bcL,0x2050856386782b91L,
-        0xb7caf7cc74dc6018L,0xe80805485cf9273aL,0x9609897b246b4851L } },
-    /* 16 << 119 */
-    { { 0xe92b56c002cf37fdL,0xa75bbcb0f71b34deL,0x7754d0ef50f5c482L,
-        0x850a9ef611fa89feL,0x97d74b1bba4ea7d8L,0xfc757c25aab7ba2eL },
-      { 0x06f30ab0f2a67fddL,0xb10aba1412e72af8L,0x47580bca7a2e053dL,
-        0x85795598dcf0e14cL,0xc3596781d6f55310L,0x8ab251b74c9b7e18L } },
-    /* 17 << 119 */
-    { { 0xdc56cff85279e5cfL,0xa33a6765fdbdf1adL,0xc122c0eee5077a4bL,
-        0x44c3b190a98ab643L,0x334a6868b991d197L,0x598bbf185d6a0488L },
-      { 0xd028bfdc5a0e6f96L,0xfd1a37f5e11c57b6L,0xe1240a3003f82183L,
-        0x6afae98c390d8536L,0x554a42dcc244b181L,0xa3d422d75f4cb4b6L } },
-    /* 18 << 119 */
-    { { 0x512f82f9d113450bL,0x5878c9012dbc9197L,0xdb87412be13f355bL,
-        0x0a0a4a9b935b8a5eL,0x818587bdf25a5351L,0xe807931031e3d9c7L },
-      { 0x8b1d47c7611bc1b1L,0x51722b5872a823f2L,0x6f97ee8a53b36b3eL,
-        0x6e085aac946dd453L,0x2ec5057de65e6533L,0xf82d9d714bb18801L } },
-    /* 19 << 119 */
-    { { 0xf113abe17d48bfe7L,0x51d77fa5213facecL,0x27bb373f21269089L,
-        0x31e9850e7b188989L,0xd20a15f41d50a1c6L,0xb4887ed9d9746367L },
-      { 0x8920a7e2325f19c5L,0x691352358ad74492L,0x713d1471d19a76a2L,
-        0x952cb9e5873ab310L,0x5b359d1ffa8eb8cfL,0x55aab5ad8b9c9e7cL } },
-    /* 20 << 119 */
-    { { 0x4ab138504dbb8798L,0x0e7980d772d04cd2L,0x1755c5660b3271c6L,
-        0x8414efb09d9d1468L,0x61a586301795ce66L,0xb6a8b393232924a1L },
-      { 0xa992f0ceae031bd6L,0x6747fb5f2915acc1L,0x03daa26693e9c0d2L,
-        0xc18fa3645400d554L,0xaf04ff8d9497e895L,0x86c3cfc250b6b339L } },
-    /* 21 << 119 */
-    { { 0xdf26f6605b26122cL,0xeb6c188c4d6b80ccL,0xae2efe59ccec172bL,
-        0x5cdcd958f3f7d693L,0xa2ac2594c5f993f0L,0xb96ad8cf3f7cb591L },
-      { 0x7e2f88f8446abbabL,0x3d1a5eb6f6051f2bL,0x7d882e82ad6f49daL,
-        0xe32918e3c4e7bbffL,0x442a32789be81150L,0xa1d34da1bd14557eL } },
-    /* 22 << 119 */
-    { { 0xad81fa938ba5aa8eL,0x723e628e8f7aa69eL,0x0ba7c2deef35937cL,
-        0x83a43ec56decfb40L,0xf520f849e60c4f2dL,0x8260e8ae457e3b5eL },
-      { 0x7ce874f0bf1d9ed7L,0x5fde35537f1a5466L,0x5a63777c0c162dbbL,
-        0x0fd04f8cdad87289L,0xca2d9e0e640761d5L,0x4615cff838501adbL } },
-    /* 23 << 119 */
-    { { 0x60c7e16cdf66a95cL,0x25b1078d5d0bd644L,0x77f8d872bd933e31L,
-        0x5c4c382de2e1536cL,0x5b3b37c09295ee0dL,0xf94698d4ecce42b6L },
-      { 0x947ef80c4db8f2c7L,0x34661f7dc70dd82fL,0x17b288a7f2311006L,
-        0x1f1171a66815e1caL,0x0f71f66ce80d6235L,0x858c665a87fa5a59L } },
-    /* 24 << 119 */
-    { { 0x376b2a7f04e1e6e3L,0xea0dcb70a31774b4L,0xfc7fe4cc5cbdec2eL,
-        0x8568499df03f459eL,0xe9fd8fb28b78900eL,0xd33c6e30e431bf97L },
-      { 0xd904b8f5c896e766L,0xa8f577cf82748cefL,0x93dd921b87e044b3L,
-        0x23d79837f76eebe9L,0x5e0a7493e569feebL,0xd0797549414dddb6L } },
-    /* 25 << 119 */
-    { { 0x9bf04f567781556aL,0x30be1e8953ebf7c6L,0x6f4899cf713fe432L,
-        0x4f641fb7c9ef741fL,0x03560819002cc010L,0xfa51f8f7b4bbd339L },
-      { 0xe09c5ef77f1dea5cL,0x39cb20d97255fec5L,0x407746862ea38859L,
-        0x68ca598ecd7a29f3L,0xb8025dd67a9db4d9L,0x4feaeeaed9dfe491L } },
-    /* 26 << 119 */
-    { { 0x9422789b110b4a25L,0x5c26779f70ad8cc1L,0x4ee6a748ec4f1e14L,
-        0xfb584a0d5c7ab5e0L,0xed1dcb0bfb21ee66L,0xdbed1f0011c6863cL },
-      { 0xd2969269b1b1d187L,0xf7d0c3f2afe964e6L,0xe05ee93f12bb865eL,
-        0x1afb7beeed79118eL,0x220af1380f0fe453L,0x1463aa1a52782ab9L } },
-    /* 27 << 119 */
-    { { 0x8cf42aa26b99ca6aL,0x696850242f091dbaL,0x9d887e6ad7d3270aL,
-        0x627754fd5c9b735eL,0x3b8735a811d95df6L,0x74debd8b52443251L },
-      { 0x1f8dd5b66181583eL,0xbd0ca92c8b570a9cL,0xc373a61a71ae3274L,
-        0xf4b2c88d1c4c16cdL,0xd3e6ec3baf33efabL,0x8c54d2721bf6f0d0L } },
-    /* 28 << 119 */
-    { { 0xfd9e3542bfe5b1a7L,0xb42d2a4175938ceaL,0x74688a153befb760L,
-        0x8daeeaa22e33dbe7L,0xc9c1ea083e677801L,0x68ecf4e434effe1eL },
-      { 0x927700ccd294c321L,0x9e2e723de940afc5L,0xbcfac07a7cf6cd43L,
-        0xa009ef94d1006bc3L,0xa02016b0373d13e3L,0x4e097adbabae5822L } },
-    /* 29 << 119 */
-    { { 0x7535175d48752720L,0xf51086ee850bdf07L,0xce322c33cb4c3f4dL,
-        0xd863f7edb28965fbL,0xfe46a4e9885e4afaL,0x58b5c871136d7ddaL },
-      { 0x126eddaf6ed07824L,0x084ce962844fcbb8L,0x9ac0787157dfb4c5L,
-        0x97451fcc4d6b5910L,0x9f14b1ce0843c9c6L,0xf737f6c0a0e18596L } },
-    /* 30 << 119 */
-    { { 0x7c139d56d7dbe5f9L,0xfc16e6110b83685bL,0xfa723c029018463cL,
-        0xc472458c840bf5d7L,0x4d8093590af07591L,0x418d88303308dfd9L },
-      { 0x9b381e040c365ae3L,0x3780bf33f8190fd1L,0x45397418dd03e854L,
-        0xa95d030f4e51e491L,0x87c8c686e3286ceaL,0x01c773bf900b5f83L } },
-    /* 31 << 119 */
-    { { 0x0028dcae855a0b90L,0x74c1e36026f0d718L,0x34f80e3ca059f144L,
-        0x85b5d8e3f2bfe1b4L,0xe124601f453de099L,0x8b164ad6221b3efdL },
-      { 0x636f45ebbe004ab0L,0xa23093e99f231a8aL,0x48e05e8e2287b992L,
-        0xefec5e5b4477cb8bL,0x45a65afa8ba0231bL,0x92d38bd88b1af6baL } },
-    /* 32 << 119 */
-    { { 0x8db8b78cc898b8bcL,0x686896da502940cdL,0x67e50f022dde2e3cL,
-        0x2e2461f38cbf406cL,0x32182781e1f7ff60L,0x26934b05e30e2688L },
-      { 0x95adc204fc4494f6L,0x4c7f30c5161b7499L,0xd5caf060b7341737L,
-        0xed93187fd128d46cL,0x3f2819cb20fc1e04L,0x48c4086f2b7f70a1L } },
-    /* 33 << 119 */
-    { { 0x45693c00a92ca9faL,0x046b218d63bd525dL,0x40f1d6cc6b1d6a68L,
-        0xfc5807c5c54dc1f0L,0x2875d4d98b5690f6L,0x7a753543d0f72a83L },
-      { 0x01f2c35ae28b5309L,0x38fb5f121bcef323L,0xd6ea6896256a9bffL,
-        0x4380fb2c44d65badL,0xb587d641c3556fb6L,0x74c5ec1905167f32L } },
-    /* 34 << 119 */
-    { { 0xdabe347578673b02L,0x4f0f25cef6e7395eL,0x3117abb9d181ad45L,
-        0x4b559f88aa13de0bL,0xfd8efe78ea7c9745L,0x080600475dd21682L },
-      { 0xc0f5de4bd4c86ffcL,0x4bb14b1ef21ab6a2L,0xacb53a6cf50c1d12L,
-        0x46aac4505cc9162eL,0x049c51e02de240b6L,0xbb2dc016e383c3b0L } },
-    /* 35 << 119 */
-    { { 0xa1e3cb2255b7f121L,0xc9183b13dd01db7dL,0xfe26aa801469dae6L,
-        0x7318df7fd9ecfe2bL,0xade0a24d56dd4acfL,0x6e521c2222d1ba14L },
-      { 0xa039800a40afa1deL,0x9c7da49d5c6af72aL,0xf7ae921cd3fcc7c6L,
-        0x76af2407dcab63e2L,0xdc1618dbb6dd49ceL,0xebc65c4d362cc88bL } },
-    /* 36 << 119 */
-    { { 0xd847939132202bd3L,0x1dacde87d6631ac1L,0x99d2e71f905a94f4L,
-        0xd3c21f5a7e67dd7fL,0x3605c28e3c43cf23L,0xb6cd5ac74d3b3070L },
-      { 0x8bf748ba246298d7L,0x9e939fbd0f053664L,0x3bb3e7b8cc303783L,
-        0x359bd3e56189c417L,0x299d0ce1f609ae34L,0xd7221cc7b9ca801dL } },
-    /* 37 << 119 */
-    { { 0xb7c823506b73c5a6L,0x7fea0d95fefee640L,0x6d5dd775f68b6be6L,
-        0x4a5576147cbfa333L,0x6cad79c2fcd9b17dL,0x49aec3d405c4dd35L },
-      { 0x3b1f3754c3792470L,0x351ef2ccbe00cffcL,0x44a248916a71f45eL,
-        0x1e7a6013b8640d08L,0xf0f476154efcd556L,0xc82171444fe15dd3L } },
-    /* 38 << 119 */
-    { { 0xa3c56ad28e438c92L,0x7c43f98fb2ceaf1aL,0x397c44f7e2150778L,
-        0x48d17ab771a24131L,0xcc5138631e2acda9L,0x2c76a55ef0c9bac9L },
-      { 0x4d74cdce7ea4bb7bL,0x834bd5bfb1b3c2baL,0x46e2911eccc310a4L,
-        0xd3de84aa0fc1bf13L,0x27f2892f80a03ad3L,0x85b476203bd2f08bL } },
-    /* 39 << 119 */
-    { { 0x85f9b301218642acL,0xb3f3b36f8728ef66L,0x4a833bea2ebb8181L,
-        0x7d3bca9d8541a662L,0xd3be6d0ac5a0ecffL,0xaf52a2a9528da950L },
-      { 0x4b431910131f72caL,0xe2708d36933d5550L,0x195340a469abf146L,
-        0x84ca66e4e4e2e131L,0xd9402ca7e16c39bfL,0x5beedce343ca6041L } },
-    /* 40 << 119 */
-    { { 0x87c5915395523a22L,0x56686f525ac5146eL,0x9ec69ec718ccf766L,
-        0x13f36d4ff6e21a4aL,0xa0841e94098691f4L,0xbd9d52d2bd91dd2eL },
-      { 0xa8765981b3fa43eaL,0xb0cd17cd600b9761L,0x02dd9d71b5abe842L,
-        0x63df33a63689a53bL,0xab4b85bb9d9baad7L,0xce2d31c1eb74e549L } },
-    /* 41 << 119 */
-    { { 0x8d69a654f2472426L,0x91a4b6a3ff7aeff0L,0x51dd8e76fdcc7cb4L,
-        0x5f7d42a273731cd7L,0xc127401aa99c9d9aL,0x8ede9330c92561d7L },
-      { 0x86057a56784c3cf2L,0x8afcf32cb5a7755eL,0xa0a5b561c71cd3d9L,
-        0x0a5d805e36d3f5a4L,0x25a39acd7432a384L,0xd574a6b7b226e9ecL } },
-    /* 42 << 119 */
-    { { 0xab1cb818567af533L,0x273b4537bac2705aL,0x133066c422c84ab6L,
-        0xc3590de64830bfc1L,0xea2978695e4742d0L,0xf6d8c6944f3164c0L },
-      { 0x09e85f3dc1249588L,0x6c2bb05d4ec64df7L,0xd267115e8b78000fL,
-        0x07c5d7aec7e4a316L,0xcb1187ba4619e5bdL,0x57b1d4efa43f7eeeL } },
-    /* 43 << 119 */
-    { { 0x886e3f30b29f5916L,0xa419d2c6625f29a0L,0xb4f89fc49bf07dc4L,
-        0x86c137a1a165ed88L,0x6fa241a9e5d6280dL,0x08be9b0cd11576f2L },
-      { 0x5735aeb7e376b03dL,0xf4639e6d182ce9b9L,0xb6948499cc688f57L,
-        0xfde146636552009eL,0x3eeeae350a2e8553L,0x50447f1b659dfe2eL } },
-    /* 44 << 119 */
-    { { 0xefccd67ed15c33c0L,0x33393846146d5e96L,0x015e97da9ca7354eL,
-        0x729b69bac143e795L,0xd4440ecfd4c5d0e2L,0x78c042bb697a80e7L },
-      { 0x9361ad1d08602f75L,0xaa354166af489794L,0xe60e5a274966d3cdL,
-        0x8346995e2394f9f3L,0x2de33256590f6a15L,0xb14427bb43298ac1L } },
-    /* 45 << 119 */
-    { { 0x38fee83a74680d2cL,0xd8019e5c0e700c8dL,0xcfaf5614475da1b8L,
-        0x11893fc58f0159e3L,0x4c101127553813c2L,0xd273055208f82a6aL },
-      { 0x8728834c74a3ce9aL,0x66b939a891906488L,0x42ac7c07b88d36bcL,
-        0x663d7411d989bb72L,0x650e5d6eb284c066L,0x052b7f6710d8f124L } },
-    /* 46 << 119 */
-    { { 0x3618891fc8176a96L,0x62c4b084e5808b97L,0xde5585464dd95d6eL,
-        0x27a8133e730b2ea4L,0xe07ceec36af318a0L,0x0acc1286ce24fd2cL },
-      { 0x8a48fe4add4d307cL,0x71a9ba9c18cde0daL,0x655e2b66d5d79747L,
-        0x409fe856a79aedc7L,0xc5a9f244d287e5cfL,0xcce103844e82ec39L } },
-    /* 47 << 119 */
-    { { 0x2a8cb0a56ad833c5L,0xe8fab8b844962dd6L,0x31166fd63ee1dfefL,
-        0x3aba85a1e1230449L,0xf9f8da66bd1f502eL,0xe4a72d82e3c17ccaL },
-      { 0xfa3d661d6070d587L,0x51d10b73c33ed08aL,0x3b0f515cb29f2d0bL,
-        0xd82a11d7e1986e91L,0xcf24f81a2201f05bL,0xa94ec1e0d25f8417L } },
-    /* 48 << 119 */
-    { { 0xc7807daa081ed51dL,0xb7dfabf0e5d2d963L,0x3f78ae2e80d386d0L,
-        0xd66275254bbfd04bL,0x238c8eb76d074f92L,0xfe51ec8a5bc5f9b5L },
-      { 0x6ba47430cc03177bL,0xe72efda6400b29e0L,0xb905701becbffe88L,
-        0x5c61bdb47cf89933L,0xf1eb3084c914aa6aL,0xa3ead71e8245998bL } },
-    /* 49 << 119 */
-    { { 0xc58ee3013c7eb5a9L,0x02c177220a1172baL,0x8620118394c7c5b3L,
-        0x66292bc4e1668debL,0xf51b48f4caf39937L,0x9cca60f43eaea578L },
-      { 0xf8e8004a5c2adccaL,0xce7ceeb1ebf49ac7L,0x36346357371d1c54L,
-        0x8799e408d99ff07dL,0x3226181d8c3b2cbfL,0x3b4ff42ba437c2c6L } },
-    /* 50 << 119 */
-    { { 0x00675ba7f25d364cL,0x7a7f162968d36bdfL,0x35ec468aa9e23f29L,
-        0xf797ac502d926e6cL,0x639ba4534b4f4376L,0xd71b430f51ff9519L },
-      { 0xb8c439ec2cf5635cL,0x0ce4c8d181980393L,0x4c5362a964123b15L,
-        0x6e0421e0ffdcf096L,0x624a855f10d1f914L,0x7d8f3ab7614dcd29L } },
-    /* 51 << 119 */
-    { { 0x235ba8b565868390L,0x853c9346ea936e81L,0x967ff132700bb25aL,
-        0xb26d9778561a136cL,0x8b775c4fe3f7e41dL,0xae8f6b2ebd390b2cL },
-      { 0x80959adc4fc7224dL,0xd9c913c12eaccf8cL,0xa9a278c79e96f769L,
-        0xbc6be3038f26856dL,0xb039caf295d04cdeL,0x42ba0510a91bf5dcL } },
-    /* 52 << 119 */
-    { { 0x77870665cfbe0653L,0xab84c4b3523d814dL,0x72839d8897cd2bc0L,
-        0xb966e521d25b1476L,0x4255d18451fd86a0L,0xadaf9b76dd54be7aL },
-      { 0xada6ff627f285e0bL,0xb76e26f46d42400bL,0x1d9fe676958bee25L,
-        0xfcd7be9edb59965cL,0x897a90834bcf6e75L,0x64b26f02aabd21e8L } },
-    /* 53 << 119 */
-    { { 0xee46626beb1a8ce6L,0x2de20371b672fc49L,0xa0fb11b8bd2d9256L,
-        0x5b49f70ac2a8dcd4L,0x98935fc9e5dc0ee3L,0xaddbae423bc00993L },
-      { 0xbd0bd9e19207f0e9L,0xe86c5365b393bcdcL,0x32184c832d0a9282L,
-        0x8fe996d1df34532eL,0x3b33f151c6f45172L,0xd9def9a7b84545e4L } },
-    /* 54 << 119 */
-    { { 0xd9219adab3493ce0L,0x971b243a52f09ae5L,0xc16c9bf8e24e3674L,
-        0x026d408dce68c7cdL,0xf9b33dd9358209e3L,0x02d0595df3b2a206L },
-      { 0xbf99427160d15640L,0x6da7a04e15b5466aL,0x03aa4ed81cadb50dL,
-        0x1548f029129a4253L,0x41741f7eb842865aL,0x859fe0a4a3f88c98L } },
-    /* 55 << 119 */
-    { { 0x66bb66f5f56b17ccL,0xdce0bf2cba8958f8L,0xd814318f9ff85781L,
-        0x41dce823edd1ad96L,0x71bb754bb59c6580L,0x9c5efb70de594c3bL },
-      { 0xf7b4ce5eb0053788L,0x9c26b0342770b6deL,0xe6967b1c8d131e8fL,
-        0xfda0efdccf21bf28L,0x2366d47e09cbeeacL,0x62e9ee556629680eL } },
-    /* 56 << 119 */
-    { { 0xdaff980ff8e06359L,0xb4e0c9e2ead8a883L,0xe3e262023da6e94fL,
-        0x37410ed03303c9d6L,0xc044d77b91fb5d82L,0x3559d9ac9ea34d26L },
-      { 0xf51a120be21beda5L,0xdd2eef8a3f7befa4L,0x46a26ccd8c79fca1L,
-        0x3fb21a682a046572L,0x3624a47adad7c7c9L,0xb9b77ffd4b4174f5L } },
-    /* 57 << 119 */
-    { { 0xae19a097c9f8c462L,0x477be49917a9d8a9L,0x4a0c41c9d2154c45L,
-        0x39313aba1b0d985bL,0x3a70f65cc051b643L,0x0725dabf2d0be160L },
-      { 0x29eefc94a69867d4L,0x6acc4cd49d02bce2L,0x0606ab725d4dca50L,
-        0xcce81133bfecdcbaL,0x604df3def23b2239L,0xa644b430d20a7529L } },
-    /* 58 << 119 */
-    { { 0x80de085a05fd7553L,0x4a4ab91eb897566bL,0x33bcd4752f1c173fL,
-        0x4e238896c100c013L,0x1c88500dd614b34bL,0x0401c5f6c3ba9e23L },
-      { 0x8e8003c4d0af0de5L,0x19b1dfb59d0dcbb9L,0x4a3640a9ebef7ab6L,
-        0xedafd65b959b15f6L,0x8092ef7f7fb95821L,0xab8dd52ece2e45d1L } },
-    /* 59 << 119 */
-    { { 0x43f9a415259ac609L,0xcd6c7aaa0ff5722cL,0xb4689e75b29973caL,
-        0x78a43571b690c0acL,0x90dc4ac0a6d3ba1fL,0x38af00a2b773932aL },
-      { 0xc13aebdda5e2c9edL,0xfab3a128cf3fed2dL,0xb3b7d29d32eb8ccfL,
-        0x9ae1430b6986db5cL,0x35d18edf5365c21eL,0x88f8356e038471ccL } },
-    /* 60 << 119 */
-    { { 0x45587a7c0794dad2L,0x660833899e9c1cdcL,0x60e7ae4ad242a6b9L,
-        0xb5f96b521009df3cL,0xc2d405092e30445aL,0xfa53ba4ec250a29eL },
-      { 0xf6a247855d98c6ceL,0xf873653c207dd110L,0x2aebc3c6c634cbd0L,
-        0x84b8016ce5cdbafeL,0xbda81fcace00b206L,0x837dc69484b55f2cL } },
-    /* 61 << 119 */
-    { { 0x61bdc5cab308f1f0L,0x7763c97d8898d3c2L,0xc02324e60434de23L,
-        0x7f5c565e4ba696e9L,0x06f27a3e66914b66L,0x64a975ee05052cf5L },
-      { 0x98b2f703bb38b14eL,0xbacbd113371e495cL,0xe54451acdd14cc9dL,
-        0x8575cfdf87d141b3L,0xbd183a03d0996091L,0x947555579360264cL } },
-    /* 62 << 119 */
-    { { 0xd1f2d6b8b9cfe6bfL,0x6358810b00073f6fL,0x5fce5993d712106eL,
-        0x5ee6b2711c024c91L,0xd0248ff5453db663L,0xd6d81cb2adb835e8L },
-      { 0x8696cfecfdfcb4c7L,0x696b7fcb53bc9045L,0xab4d3807dda56981L,
-        0x2f9980521e4b943bL,0x8aa76adb166b7f18L,0x6393430152a2d7edL } },
-    /* 63 << 119 */
-    { { 0xc89db4eb4595ca55L,0x48921c735f1a73a2L,0xfc513c904afe7cbaL,
-        0x6d3f988bff8322eeL,0x17d0d4f0e59b7cdcL,0x292f4757f4bb5588L },
-      { 0x3037e11151c14623L,0x3e113343dce98277L,0x0be229341e20dc8fL,
-        0x0ebd1fbfcd6ff82aL,0x304bd69ed01fa90fL,0x402a457577f1862fL } },
-    /* 64 << 119 */
-    { { 0xd74d09c10ece13aeL,0x5e59d9e057a6bd95L,0xdb1ccfdce132b940L,
-        0xa0e5309c843d3c66L,0x1fbd03a5f9cb3ef4L,0xcdc9ef0a00ea5177L },
-      { 0x1ebf5a15cb784a6bL,0xa67382af8a0d109aL,0x3256c37aa0d34d15L,
-        0xee40efa50fca43afL,0xc299bbd4b9841bdeL,0x6df68f603bef4a0bL } },
-    /* 0 << 126 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 126 */
-    { { 0xe01295fdd9d7c50aL,0xaf31b4ea67f8ef0dL,0x2ec9689f9eaf8eb7L,
-        0x327b96c5c622acc5L,0xae918f81b2757f2aL,0x74927d684fd6606eL },
-      { 0x09bb7fce18574215L,0xfea383bce8e68b72L,0xdf2a6f125fb47511L,
-        0xbe88faa18e399520L,0x0166d57e3fb1c3a2L,0x5907ef2fe525f81fL } },
-    /* 2 << 126 */
-    { { 0xdefe3a7b8a37f660L,0x7898db8c858f5765L,0x7366c26a73d1f9b4L,
-        0x35d5d718237ae8b7L,0x3efb20feb4478259L,0xccd0fed7aa545ee3L },
-      { 0x750edd05ed22d152L,0x4f8020f9ee20d4c6L,0x16e60f370a9e29dcL,
-        0x9cf0a136bfbec7f6L,0xb430a34b2e47e143L,0x2e2560bbc6cdd1a9L } },
-    /* 3 << 126 */
-    { { 0x799352dae4161a65L,0xe5cf7ad856253ce6L,0xf606bf796de32775L,
-        0xddc0f3a357fce8dbL,0x1075fc2316cf4a47L,0x078f0e04b27c5ad8L },
-      { 0x9fc477953f7100aaL,0x3ac489254673ffa2L,0xb8263f42f9cd8348L,
-        0x5bdfde3068cc92d5L,0x2250927b1ac37f9cL,0x26ec8328b33da359L } },
-    /* 4 << 126 */
-    { { 0xf186d6bcc88d568aL,0x872bc4c7528535ddL,0xc9e7432edfe64dc3L,
-        0xd9fc4832d795ea57L,0xf4ffdb81c845af2bL,0x66d7e7882b670517L },
-      { 0xa7c1be04d7b7a1c6L,0xbed88479d5b2a249L,0x62ff8aba03f2ef6dL,
-        0x60ecaac420dc701dL,0x9f4b559f4ff10119L,0x0582c9313cd54fd0L } },
-    /* 5 << 126 */
-    { { 0xea9da8f012bbaeb6L,0x3fba06b18c9f8360L,0xc11bd7abb28c0ac3L,
-        0x1e05af2faa8a01bdL,0xae1e99c5f000b1c3L,0x93ee806453d79930L },
-      { 0x5728089e4c4f5513L,0x755351f3b1f70b76L,0x187ac651675f77efL,
-        0x5cf7bfb553067d84L,0x629290838174b5c0L,0x720e20798d5be74dL } },
-    /* 6 << 126 */
-    { { 0xab8cc09ff5eb9ad1L,0x97a4de76132edbfeL,0xa2e11c548baf6347L,
-        0xcee54229683cfcf6L,0xe1e993b8dcfc6555L,0x333bf16abe9df066L },
-      { 0x5207e093060d62dfL,0xfa32324d69b0f5faL,0xef16fbcfd3243d2dL,
-        0x540a2e59f04f8e45L,0xb5e70f9c48317bbaL,0x00dbe9b25b35baa1L } },
-    /* 7 << 126 */
-    { { 0x0eaed675ebb512eeL,0x347e0756058efbd5L,0xadf792ca296d3d47L,
-        0x57f00c0a4654d012L,0xa1e08a04bccc5803L,0x610677f05b2f11d1L },
-      { 0x0d9393d7b81acfd2L,0xb258e1570587c219L,0x372a1857b4ceba47L,
-        0xe1ce8bb53ecc1c5dL,0x7efdf301922cecd0L,0xcab8cb170d8aa653L } },
-    /* 8 << 126 */
-    { { 0x31954a5679d05497L,0xc12520b6fe76d4d8L,0x8c433ec5e37ef1d2L,
-        0xcd0f203575bc3b66L,0x3723f145249cd98bL,0x1356e0d2ea3b42a3L },
-      { 0xf607fee0f174c7b5L,0x318afc5e0127be39L,0xd47b5d74cea5417fL,
-        0x6891940a10fca22bL,0x5cea41332b635e8bL,0x93db2ed6b5934fefL } },
-    /* 9 << 126 */
-    { { 0xf87cfaaac8972b7dL,0x2b8f9874e090800fL,0xdb88cd4f52efde36L,
-        0x7b977f6e80776de8L,0xd047fc8ffb4b19c4L,0x33f3e43578b8135fL },
-      { 0xb4cdb352da33eff8L,0x217f9e2deb89d325L,0x1bb5a004c99feec5L,
-        0x98ce5a7fdb45c845L,0x458904681d87e964L,0xb9253873d151ad80L } },
-    /* 10 << 126 */
-    { { 0x5d7c767de39edca9L,0xe4a700e7a7f8de0cL,0x5816e1f93c9eec33L,
-        0xa975c933d32fe465L,0x979beff968466a5eL,0xe308c135cc067721L },
-      { 0xe0e733b41839b88dL,0xda3e3e6c298dc2ebL,0x414c3f0e8fb70e3eL,
-        0x5ebaefa7ed7ca91cL,0x5c283310ae3b0f3eL,0x20353d5df3b1d44eL } },
-    /* 11 << 126 */
-    { { 0xd50767a9790325feL,0xe2ceddb9358c50eeL,0x60be64bdbbf03ae5L,
-        0xe70c7e90f053328fL,0x6ba6af9e51543f0aL,0x470941f3b413e069L },
-      { 0x0b569fd4ddf63d13L,0xf94b22634a2125d6L,0xaa45ab62a5c1acedL,
-        0x2b797175defa5a30L,0x3eb30067ead1d440L,0xcadb54e90b691af2L } },
-    /* 12 << 126 */
-    { { 0x365a4a431630b133L,0x9ecef631068d7863L,0xa330c8b4b7205a6fL,
-        0x4858eab357df815cL,0x6e522afaf1a92674L,0xa7cff3d9f41365d7L },
-      { 0x00dd34615a0e4626L,0xa695feff48f9d094L,0xf427103f7c082301L,
-        0x14a2a1876b092b71L,0x210f632130037a33L,0x21cca09639340e14L } },
-    /* 13 << 126 */
-    { { 0x58355ba0f60ad6c1L,0xc63fbcff56022afaL,0xa6a770d54e7ef19fL,
-        0xf42b2024a09e9378L,0x153aa3200330f774L,0x268aaee55dc02c97L },
-      { 0xa7e13b42828f7ab7L,0xc0ccce09c303bfcaL,0x23169daae3ccb6ddL,
-        0xf7f763fd786774e9L,0xb15a5ef150021488L,0x52f408fd5f3ea885L } },
-    /* 14 << 126 */
-    { { 0x53e84021177346c2L,0x4ee451dde20af475L,0xd7642453c14f393eL,
-        0x7eaa215331662516L,0x1217a1b4c1d486c9L,0x7d32427569860f20L },
-      { 0x3813c95f14c2837eL,0xb8f0713d4e0c056aL,0x398c218cf6dec37bL,
-        0x5bfa2eefa4ad1eedL,0x53cb0fd29f97a05dL,0x59fa132f6a9f492bL } },
-    /* 15 << 126 */
-    { { 0x6d5dff381fc2c16aL,0x5dec7ae2b1fe149eL,0xa9eed62c85088ceaL,
-        0x5878fdf7996174baL,0x2cf65bb935517a73L,0x80844bcacff96d13L },
-      { 0x0f55c8bfed53f49dL,0x35815fb0fbd8cec6L,0x23e7d5c53b6fa7d9L,
-        0x3ee04c0146ce1733L,0x180e25553f5c4a27L,0x61263ea7280e6363L } },
-    /* 16 << 126 */
-    { { 0xb1f4fead41b959b5L,0x6edb53a9e71890c0L,0x48b47efe2e28aa2aL,
-        0x70dad2e9b3151d67L,0x87a8178b436a3460L,0x0f86f9f5801f7af7L },
-      { 0xfab462e3a982fc14L,0xe29126bacb03e978L,0xb4696b3fe6681282L,
-        0x3bd9910a6a3fdc1dL,0x4409128449e37dacL,0x3b4bfabccf605fb3L } },
-    /* 17 << 126 */
-    { { 0x605fae7ece9d1372L,0xb2623a79f9b7e06eL,0xfab9b2742d37357eL,
-        0xffdf9246461417f3L,0xc04b15d7bdd0e922L,0x767bcee54b2dbc0eL },
-      { 0x74c4ea4ed45efc88L,0x32d3d85491a534a8L,0x88967078554b2691L,
-        0xe8256015e336a410L,0x166469624b9f978bL,0xb433f06ca104f01fL } },
-    /* 18 << 126 */
-    { { 0x8906d815457e1e82L,0x96abb1aa4c8a2c68L,0x2e63f37927ab2fb1L,
-        0xe092e15f5446dfaaL,0xa3a3f0926615c65cL,0x8b31116747c3f259L },
-      { 0xfe2038782e5c658cL,0x38903cf526215773L,0x0039fca7237f1bd4L,
-        0x75dbcc016058ff17L,0x67ee6226a65aeb9eL,0x96999fa75cedcba5L } },
-    /* 19 << 126 */
-    { { 0x04c6fd475ac4d191L,0x0067e474c825a897L,0x4a37c931404810c5L,
-        0x072d30e5c4a56380L,0xbaf3428dc897ba23L,0x9899935b53724382L },
-      { 0xda5cc13ff4d41a62L,0x063047a0c6271baaL,0x49790bdc5cf48302L,
-        0xd8c34e5384c5a9abL,0x6cf28e83db5bc36aL,0x430dbb1497da9d42L } },
-    /* 20 << 126 */
-    { { 0x59470e49c37acc2eL,0xc9e0f73611b85596L,0x47613c1e0fb30eccL,
-        0x1fbeffa3b62892f1L,0xddfeef49f8eefa16L,0x6f82acd9daeff719L },
-      { 0xff1872cdacb41007L,0x06fe556c82d64c6dL,0x52a63a387695218aL,
-        0xa0d413a720802b88L,0x233f1f3118f4a473L,0x22ef7d6fc9d7da4aL } },
-    /* 21 << 126 */
-    { { 0xeba1db6910dad9abL,0xddb62dacde3a5a42L,0x209c472cfdf5ad86L,
-        0x14a7ee4b37214540L,0xcaf70ce08339c9dfL,0xa95744554eb9189bL },
-      { 0x90d7f241e9b39189L,0xf5edfd09af7f3eddL,0xc9a3444deb7ed52aL,
-        0x30d9e2f80085d9d1L,0xeb412daa4dc24fefL,0x55c0000b27786649L } },
-    /* 22 << 126 */
-    { { 0xa9f34fa9518118e5L,0x430db0a51a22e790L,0x64b443a5d5a16ca1L,
-        0xaa3b64f4d8adbe45L,0xb49435fae0f0873aL,0xb8d67ce4a635d1e3L },
-      { 0xad843f8a8a612b29L,0xa416ec7fd84a210aL,0x8b4dc6930984b23fL,
-        0x29a1b71b24640dcfL,0x8f2d7507911892adL,0x0ce384105bd4d518L } },
-    /* 23 << 126 */
-    { { 0x1e1bef926c42e1bcL,0x91259dd60e04d449L,0xc029961e8875d346L,
-        0xfde51012a9e38f43L,0xdeaa1dc18892643aL,0x67e3b913217e08d8L },
-      { 0x889a28c269b92b7eL,0x004c0f87b7446c21L,0xea812f67a2f98e77L,
-        0x42fc7bbe22c40b8cL,0x5e7f5f5a8722e381L,0xf8f209d932099e41L } },
-    /* 24 << 126 */
-    { { 0x867379134a2965f5L,0x34724dcde67b3546L,0x2efe185ee92c712dL,
-        0x8b908f86c201e327L,0x3ab5528894f6b078L,0xb9b2b784ce0a5bf3L },
-      { 0x5eab37ac879f6a41L,0x74271f672f2360f3L,0xf3a3edff304f1cf9L,
-        0x8992ecd8f6fd3e90L,0xff24d7c69f16e5edL,0x0844ab25def9a5c4L } },
-    /* 25 << 126 */
-    { { 0x35cbf2191e14f235L,0x9ef33f3c4cdc1b46L,0xfd5cedd0299f7f13L,
-        0xf57b9bbf99379e17L,0xae25d3e3cd3d59a8L,0x72f9fc84f58cb31eL },
-      { 0x87950fd84c94b63bL,0x15b52b4f7a4560a8L,0x382d36ec943e44baL,
-        0x567ce2e9337b0f11L,0x8136e9ce2fa44901L,0x7e43a7289b15eeaeL } },
-    /* 26 << 126 */
-    { { 0xd1c8ed8814fb95f4L,0xc302e0aa29602659L,0x67abcce005cd67baL,
-        0x7a234cc022f8ae25L,0x7074face39f44e4fL,0x84a08afc7a9d3fb2L },
-      { 0xfd149c88f56c1f32L,0x5b12cc15219e494aL,0x242fc50c9ea3c0e3L,
-        0x196cdba555b23034L,0xfd8cfa5e87b75206L,0x915e706488d55f47L } },
-    /* 27 << 126 */
-    { { 0xb59480ba876145beL,0xd8f8fbbe8e1075ddL,0x0ba10292b5d9baf0L,
-        0x3a4b7f65e39a8754L,0x1b3a044c0f3c6520L,0x6b8b3397b1dff4f8L },
-      { 0x40cef2285c182eb3L,0xbef82aec1b1cb92fL,0x5c4d2bfc2a97c5dfL,
-        0x41d2a046536ad077L,0x94ef34a8c497505dL,0x14e9aef48e0b35ffL } },
-    /* 28 << 126 */
-    { { 0x2edaaaaaacaf1f3fL,0x9e3af72c80ebcc10L,0x3542fc42bcb1618fL,
-        0x6c04ec246709d851L,0x5fe9768ea9af4ce0L,0xe739d50eeb6ebe2eL },
-      { 0x7b7da4ac876586e0L,0xb0869f1d64f5f956L,0x7f691c51fd563c80L,
-        0xea990d6926c775e1L,0x2cd96f1321b58889L,0xbc8074720f1aac2cL } },
-    /* 29 << 126 */
-    { { 0x8e1fa5f8eb3283cdL,0x0107a3ba20e69342L,0xf99a511cb045b8dfL,
-        0x172d0c8933b51876L,0xb11efc2b9636d0f9L,0x16b2197c41570483L },
-      { 0x49df27edacfdfd1aL,0xd9d2cedc366b9b28L,0x0289a75cab028c0fL,
-        0x522f567a4879464fL,0x3313728225f64030L,0xfa28cb1558d6753fL } },
-    /* 30 << 126 */
-    { { 0xe5252210c6cd33f0L,0x6ba7f51f3f085202L,0xd2a87fb38f52e312L,
-        0xa5e082cff25f35efL,0x786a93c2b9df2f20L,0x68c7e1299a19bf27L },
-      { 0x13a971ab8d710915L,0x3ca4f8c6939443c6L,0x8554699c70522446L,
-        0xdf42b7768e14e6bcL,0xc7969fa5f7f3dadeL,0x135b6b77350ded88L } },
-    /* 31 << 126 */
-    { { 0x39e54aa472546076L,0xc0003f7f13e312beL,0x71106a4ffea91274L,
-        0x3868f957819851cfL,0x713b96e75c85bbc6L,0xfda8c2df610403a8L },
-      { 0x0ea806c3a008cf78L,0x0ef9708353c0d1bdL,0x536950211e592838L,
-        0xea3773d5e9023982L,0x6eee3c0d4195754cL,0x95df7b568c4bead3L } },
-    /* 32 << 126 */
-    { { 0x57edf71edf9a9f18L,0xbf834240627a0b79L,0xb37aba1aa6934160L,
-        0xd45b3d2c5e639a54L,0x62c6b9ad70bce957L,0x16bc35a75d7e87f3L },
-      { 0xb021698266b4a982L,0xb56050dd0e51c9bcL,0x15aa692b478e4b91L,
-        0xdd67cf29be3fe25aL,0xf1ef75b006bdd4a8L,0xf71a285b41df627aL } },
-    /* 33 << 126 */
-    { { 0xba6be58993032120L,0xea6dd691db99740eL,0xad8679463154648dL,
-        0xd1a36f4c28c0668cL,0x09a28c234dd76e88L,0x93fef0c7dc665bb7L },
-      { 0xa78dfeb4860a0016L,0x06d2f868e21a9e02L,0x333a25a38486ade7L,
-        0x12aa13130e398a80L,0x04a44a5848d5b3e3L,0xe59293d47a7ec12eL } },
-    /* 34 << 126 */
-    { { 0x6cdfb5faea2c1632L,0x6799cfcd7865f931L,0x4e1e5d25bf420a7cL,
-        0x7d4597db05d22ddaL,0x7548db12fceda1e1L,0xb4523ccdcb473578L },
-      { 0x3d8dbad0ff889f03L,0xc591bb1118a9a222L,0xfac2b914a2cfcc57L,
-        0xbb67601abec9d9bfL,0x18dff42ceb55218dL,0xb36ef9ba7d2b6320L } },
-    /* 35 << 126 */
-    { { 0x5b007ad1f3edf67dL,0xfaee9cada25fcfafL,0x18fc784a4d62e5c2L,
-        0x98deda878acb5f8eL,0xe9cfd10a6f888d8fL,0xbb0d729b053db2efL },
-      { 0x7b09fa4f2aecece4L,0x3f72187cd4c44cc3L,0xf646aba05b8175a5L,
-        0xf213caeba5686ca7L,0xf5ce777badc5d40dL,0x15ff85d660eb9357L } },
-    /* 36 << 126 */
-    { { 0xcdd18aee24e6df19L,0xa08ab968bbb3303eL,0xd5eb039cbab4f1a3L,
-        0x040d03a8fa7a48d1L,0x767c0ed23d66628bL,0x0c6bd388b1a6809aL },
-      { 0x793aff3f029eeb91L,0x6db32d13bca798a8L,0x6aef5c1cc3816cf7L,
-        0xcfb25ea45fd2cd2aL,0x0715a7899f8e3312L,0x4a9ad4782a6b1a6bL } },
-    /* 37 << 126 */
-    { { 0xa9f360a5d134c919L,0x10dba223dcfd0715L,0x7444b191dc9b4394L,
-        0x9a16a971e2f288e0L,0x0d05c511f6a49999L,0xca34eae26b65e956L },
-      { 0x692febc418a83b76L,0xf3468c7b0b5f3511L,0xd8d3ce48b8e1ed80L,
-        0xbe8c5c302a6de231L,0x9c0468b74e680d8bL,0x773ebb63f57b88d3L } },
-    /* 38 << 126 */
-    { { 0x9c2c33a5b726729dL,0xa86ab4ea5db2af56L,0xe987c5e3b0a36ffeL,
-        0xa6dba84da5fe8bdaL,0xe1fefa4b8ff617a5L,0x561cdb88a91ad714L },
-      { 0xeb58f7fce145ddc0L,0x7b0e560a29c5ad50L,0xf8d6626593da0e76L,
-        0x7769b479db39fb92L,0x9149f1e3a3c49033L,0xb706057f3ac49c35L } },
-    /* 39 << 126 */
-    { { 0xa678ba3fa527d157L,0x922aab268856a8b2L,0x936d3e85690b4771L,
-        0xed78dccee114e472L,0x9694ccb1d315fbc1L,0x8b1cf4482822d968L },
-      { 0x336e670c4aca5441L,0xece24fb58f0e2824L,0x28d1578d05b758adL,
-        0x0a1be96a40c3f019L,0xed1586e30b659cd6L,0xdef180009f860dd6L } },
-    /* 40 << 126 */
-    { { 0xc2885af90fe0f372L,0x2c756bef5fa6b808L,0x52b7f7b6068926bfL,
-        0xc9399c1ddb143b68L,0x0e77c689e4c61211L,0x7d01e37f15ad7fa0L },
-      { 0x712fc61f188b2a01L,0x103685ec55a4100eL,0x721f9c02e5fdce96L,
-        0x61c8a0c5e784397bL,0x34d478351c686ed2L,0xc697c89cd155bbe9L } },
-    /* 41 << 126 */
-    { { 0xc26dbc34f06a2cffL,0x4f10297631a80712L,0x758e33eda7c54effL,
-        0x44b5e4ff3682d103L,0xef05034722a05e6cL,0x9170365c48ff372fL },
-      { 0xee49b61d66a15a71L,0xb5fd487995c2045dL,0x5940487160ad67caL,
-        0xdcd2d5f586388c40L,0x0b41a8e54cbd1f71L,0x8152c17040236ae0L } },
-    /* 42 << 126 */
-    { { 0xf05b99d0995e9809L,0x036248a70295fceaL,0x7b70cf8f558e6ec4L,
-        0xe882639c7c48ce34L,0x4cc86feaf4f47d38L,0x976799cf6d81aef1L },
-      { 0xdb202bfe8043cb43L,0x4c761cc5cef4f017L,0xe124bbc161f0c89eL,
-        0x77d1cbf55b5a3d20L,0x26e549fcff346940L,0xc6040a4c2325466bL } },
-    /* 43 << 126 */
-    { { 0x1ed4d238e940e32aL,0x29d99c20139efcd6L,0x4cb7ef50c172b412L,
-        0x8a9c438931957225L,0x5d8872af60be4612L,0x7bffbb1be7e79e0eL },
-      { 0x75bd89c1fc7d4e66L,0x723f9ae86bcc0379L,0x88f673b599c1b827L,
-        0x8d45d139ecf5148fL,0xf12e605ff97ad1e0L,0x567dec052f09c370L } },
-    /* 44 << 126 */
-    { { 0xfb33b987b0be5055L,0x9864f903bcce94dbL,0x99b8da36aea9d09bL,
-        0x19e326113b622d3dL,0x6abde501dc38f903L,0xb1fe3f1867cb2161L },
-      { 0xb053ec831e08cd7cL,0xba503b563298d32fL,0x220e98c8c2a79e86L,
-        0x66ac99511e1cba68L,0xf9520e1e644ab527L,0x3f222b9b4eb8abf3L } },
-    /* 45 << 126 */
-    { { 0xae0cf2ff705cfc45L,0xf9d5dfb65a0449b1L,0xd0300b2cd4697fe0L,
-        0x4ac80d7e4dc665b0L,0x84fbd38d72c1677cL,0xea8306f08e683a0cL },
-      { 0xe2381e65a469e337L,0x36b565d0b3ec173fL,0xc67689c700f3007aL,
-        0x9f0108992abcc81fL,0x867a5f8dbb9bf584L,0xef789cdd5a436b38L } },
-    /* 46 << 126 */
-    { { 0xf8cdc9ecee11fa1bL,0xa78c73ed4c90edb9L,0xf6703453bbbddb82L,
-        0xd268b4e23020e294L,0x214cdd54958eb8cdL,0x2acbd31d4d7214e5L },
-      { 0xf7c60c89cc733351L,0xb8c5cc642fa201fdL,0xaae1ca7f4c2acb10L,
-        0xf7e33be56d7f598fL,0x982c012fd920c3c8L,0xaa98a69b86751ef1L } },
-    /* 47 << 126 */
-    { { 0xf5f548eb915ed5cdL,0x657ca09ce30f448bL,0x8750c4a44a30850dL,
-        0x1b329c4108edb075L,0x8c261df8ccbcdaeeL,0xa81720bbedd44638L },
-      { 0x602fc21f0b91ee05L,0x6241265db7e8bc28L,0x1daefe5b106ac444L,
-        0x93fe5bd42c9deae2L,0xedc229e17f1ba35cL,0xd99244977e0da1f9L } },
-    /* 48 << 126 */
-    { { 0x3176a43ab7a3ce87L,0x9fa09e975f130e73L,0x971cc37b9368e156L,
-        0x2cabf535b8981792L,0xaec2862e4d0f0bc0L,0xa1a48c183ce8c100L },
-      { 0x288f4e694af2eae9L,0x778845f21f9339bdL,0x1ef5fdfd17dfaa6aL,
-        0xc784117e3483a6fcL,0xe8c82f05f3c5c19eL,0xf39b3c1d1da87ab6L } },
-    /* 49 << 126 */
-    { { 0xa2539d4cc4ac73e9L,0x0308f91891488ba1L,0xa3e72f4459fae934L,
-        0xb6bbcc37f8c9c402L,0x345a2debc6edee3eL,0x0352f023b0df87b5L },
-      { 0x67c9e7b8818c4f8dL,0x3a8714cc70f44977L,0x37b96e1295066bfaL,
-        0x617d9737c95d7f70L,0x60bb06ef759a360aL,0x97689b3f34f59fe1L } },
-    /* 50 << 126 */
-    { { 0x17d0667fb2dd1febL,0xbfb92fe48862b2ccL,0xcfa0c8e9d5438a69L,
-        0x7bdbd4b1d9cf9ef5L,0x7616acddf373c87eL,0x0603d2b0cf8fd5b6L },
-      { 0x6a80f25d46e31aacL,0xea8c0ad0fd424755L,0x9e2e5a5b3ffd5a2fL,
-        0x8882d271f3b143caL,0xe6fc9ad7904e1740L,0x98d1620af428ad20L } },
-    /* 51 << 126 */
-    { { 0xc8c991a63292054aL,0xc90b11618ce93455L,0xdfa32238e200d1c6L,
-        0xa9c578d5303004b3L,0x9dd2c3881609e5f8L,0x068ec35d24b69108L },
-      { 0x47e8183b2d1a3b7fL,0x6200d70efe3db580L,0x76012f3fafc089b0L,
-        0xba06dbf4bddea8a2L,0xd83b4af5da01a49bL,0xa3d4334ce16e87e6L } },
-    /* 52 << 126 */
-    { { 0xb2fff4035b43e58fL,0xe80bd5740727be41L,0x048a59cbf9b52541L,
-        0xb79084e7f38d0b47L,0x763b0c95938935d7L,0x7cfc6180336b8735L },
-      { 0x118d2a6f929b0200L,0x7e5789775a31948cL,0x9085999326009509L,
-        0x330533a33ad633c6L,0x28bdb910733f4c3eL,0x82c88f148fdca27cL } },
-    /* 53 << 126 */
-    { { 0x1c346bb04ef444e7L,0x40a50060e6c22e57L,0x5eb02aa6c7a773b4L,
-        0xd748a0a0d23b190eL,0xb6ff7f02cfedb7dfL,0x3f8fb35b30f8bb4aL },
-      { 0x245b1c232dc31174L,0xa1e156579af25f59L,0x1ad1a2315e2393daL,
-        0x9430ed2dfd7c7073L,0xc4161d4f580fbc0fL,0xa2bebd3fa0f1dadcL } },
-    /* 54 << 126 */
-    { { 0xace743b6baff35ebL,0x84ac3ce8ac6f38f8L,0x81d41297106b44f5L,
-        0x33f6bbbbaed20aa3L,0xae4dd66ceb420ee5L,0x87553aac994f0777L },
-      { 0x26275ebff1e3647dL,0x3b574c4fd9eeb474L,0x58fe2a16929721c5L,
-        0x748480df932030d0L,0x3a30032641bb5f68L,0x0797fad92c06d1adL } },
-    /* 55 << 126 */
-    { { 0x65356242c7caa811L,0x780fe23f4506bbd7L,0xa741a51042407c02L,
-        0xb8ccd27f5ef9eac3L,0x137f4a573ecf5766L,0xd495be0d15936fdbL },
-      { 0x5a419656109c93f3L,0xd2f7b65dcb12affdL,0x2305a070ff830421L,
-        0x6d00f1e9684d5a6fL,0x3de9d1de91aa391fL,0x0b5148c10acb6de9L } },
-    /* 56 << 126 */
-    { { 0x209fa6e68ca7ec95L,0x17808b0c107a1047L,0x99bbeb5edfd270cbL,
-        0xe3d57c1dc25e2d6eL,0xb90b0c107ba1237aL,0xa7e1b8dc4a0d6856L },
-      { 0x97d5b46136a9a07eL,0x931251e9125ea29cL,0x4177fd10fc8868a8L,
-        0x1d3538b7b7cdcdf4L,0x889008c8ed3ff9dfL,0x30573ad2229b9413L } },
-    /* 57 << 126 */
-    { { 0x11596662924d413fL,0xe797d0a70e5d7bf1L,0xaa05dcd28452ee62L,
-        0x6e10e77f5d5ddf1cL,0x46b72cda5fbd184aL,0x3adc1edb5b25c0c6L },
-      { 0x640de5b05c732e3aL,0xa7d4f0f5c6739747L,0xbc11978d1426527cL,
-        0x979276eccbee0053L,0xc44347a7304e8811L,0x016c01e11f5ececdL } },
-    /* 58 << 126 */
-    { { 0x78b2f1a15ee57666L,0x28060d1576a2c09eL,0xaf0cb38df632a5deL,
-        0x93ce93eea284cd43L,0xe3670d0af35dc1f5L,0x3b8deea527971072L },
-      { 0x3b88b1158eea4303L,0x43ff3b22aabde038L,0x8d69e180c813d623L,
-        0x218f5b853aa7a08eL,0x6ee1544adf74f239L,0x0d7abf20fb8772f7L } },
-    /* 59 << 126 */
-    { { 0x1d881d4eb7716840L,0xdf83a03b86bdef07L,0xd534c4e4dc7ee69bL,
-        0x1169f1cc6e264c79L,0x85c812d1b7690d17L,0xcc3164adec5f2ed1L },
-      { 0xb91a14180674e87eL,0x5dfaa279969188fbL,0x434acad5e242b969L,
-        0xa51b5c63751c4e51L,0xaa9089b7874f9aa2L,0x8758f9e51b8397e5L } },
-    /* 60 << 126 */
-    { { 0x422ad88e57fd35feL,0xd4564b96b99a11cbL,0x78939992238baebbL,
-        0xe66ddcaf4b30a709L,0x00873d5f7812ea50L,0x7317f9dc6784aabcL },
-      { 0xf94afbdbe0608ba4L,0xfff893618896d745L,0xa3348af5cad62808L,
-        0x13ed4507f349f51bL,0xa73d4bec1186324eL,0xf0b48189a20022d2L } },
-    /* 61 << 126 */
-    { { 0x87d117858b8efa4cL,0x724439d6e9c2ee6aL,0x33ab2a03606fa0c8L,
-        0x6ede5b55f9779d87L,0x858b7dd0759445cdL,0x33683c817a5ef23aL },
-      { 0x0f093175221c3443L,0xedcf2aaf889195a5L,0x9f189ebc814abec7L,
-        0x6a64999c40235b9eL,0xf98dc212984438ebL,0x97e2d102ba86e7caL } },
-    /* 62 << 126 */
-    { { 0x337b9cbce3db0718L,0x1f2f55833d1796feL,0xa522b76f68c2a69dL,
-        0x4c1da7cf5375cb22L,0x690a2e7f50bb0d7fL,0xa734d4756689b6eaL },
-      { 0x918592d5867ca0a3L,0x64d1c147c4d15e28L,0x4d8c3e22656f8219L,
-        0x5e028bb2170f59c3L,0x41e8b84449875858L,0x1d928cc90c599178L } },
-    /* 63 << 126 */
-    { { 0x736dee2cf44db09cL,0xfb5035c07257b4e5L,0x3e3a7bf6bf0b702aL,
-        0x4910a0165f257c0fL,0xd80b891d98437b4eL,0xf9e55d55076d8587L },
-      { 0x4e4ed7a79b4fcf4cL,0xaaf417f5581acfe3L,0xb1ae2a7ca3b3f920L,
-        0xa666bb6263ee4781L,0x2fba297e63684f04L,0xd6e662658d83bd6bL } },
-    /* 64 << 126 */
-    { { 0xa58a27c58a541be6L,0xaf66949954fd7683L,0x2431826600079a25L,
-        0x113f6fcf2606caf5L,0xf6ff2be316cb28c8L,0x8f7fc60e3c17caa6L },
-      { 0x8ea577e07d35e26cL,0xc3e744c0f0628903L,0x4b28eff4592a57eeL,
-        0x76e1f87c5e3f67b2L,0x40d7a676fb008902L,0x68a9dc764b6e6b7eL } },
-    /* 0 << 133 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 133 */
-    { { 0x76e2751a12575913L,0x2c6059914a5f8c4aL,0x58322dfb71fba662L,
-        0x228aec085e0886afL,0x8d83b6276aee544cL,0x338f5fb6e29f9639L },
-      { 0x1ba4cfe0bf5e19faL,0x2eea84c5b9e4f8f6L,0x7e0eed58cee95d92L,
-        0x2d29282abe535540L,0x866638b607a9a1f4L,0x915999776ab8dc82L } },
-    /* 2 << 133 */
-    { { 0xa16c79cfaf4d260bL,0xfe853f6cfab3c3c8L,0xb8bd6aa0c2f47e68L,
-        0x277d590f2c9b4914L,0xb6d1c810097242a8L,0xcf2f3d8e45f75512L },
-      { 0x2176162b74a20c3bL,0xeee8bcb82b2bcddaL,0xfcf8c0d1a503aee7L,
-        0x5d1f94a57af4dd78L,0x8f0bc1a62ab43be4L,0xd22dbf16ba9e071bL } },
-    /* 3 << 133 */
-    { { 0xbf87f30e3790b47cL,0xd3d3f1e25ab52ae8L,0xd5fd32bd50ec0ba3L,
-        0x7de8fe0ae60d1e72L,0x52d77fe0e14ff2d3L,0x9b6937db55ca47e4L },
-      { 0x39e3d19f53e94fa3L,0x8d962a4fbd7827e4L,0x3bd70c7afe92c6cfL,
-        0xa3fbc06869a82904L,0xe263f00ed96d1d9eL,0xe6c9781f75c0c24bL } },
-    /* 4 << 133 */
-    { { 0x705bfe37b4e814b3L,0x22f0de61702013c6L,0x811e77a9bc456797L,
-        0x4f52c4e617081a2fL,0x87405d819fe1640eL,0x53fa82b7707711d7L },
-      { 0xdc6fff830ee4aea6L,0x8413e22ffd60373dL,0x0ecb66bea9cf3eadL,
-        0x7418372e87139b8bL,0x6aaccf295e42b4d7L,0xb6dc592531fc932eL } },
-    /* 5 << 133 */
-    { { 0xf1c8d00de460fe00L,0x5692bfee528da7c6L,0x9e4dd700ac8620dfL,
-        0xcc43e73d9d6fe740L,0xc94060d3e76dcba2L,0xfcdf8ba6d398914fL },
-      { 0x540942e7502f8587L,0x5def85040de058fbL,0x63e0c7855292b0c8L,
-        0xe90405282e558983L,0xe25727a16baf4a31L,0xb9bf28f0acf64d7cL } },
-    /* 6 << 133 */
-    { { 0xc7c8364f09d26382L,0xe16988737bf32d9fL,0x97bac2feb726391cL,
-        0x521426364a7c0b57L,0xe3e596482cdec222L,0x4ee7238cf44e0a98L },
-      { 0xa6d05a21f61cfea8L,0xa1059fb7efe6a26fL,0x482a65b342416fa4L,
-        0xdc5727e1c71e7a94L,0xe6b0fb6ec4767f1eL,0x3d0d626d6510599eL } },
-    /* 7 << 133 */
-    { { 0x59f5df1b2a8f9f78L,0x6bb161d992257e60L,0x2cf060beb7b2eb14L,
-        0x98e72799aec169b0L,0xdde683927045fdb9L,0xee5e0aaf461b27e8L },
-      { 0x80250c744c0ee047L,0xdd3881f597f0677bL,0x0ea56921a4459b6cL,
-        0xf7793cee26df8d7dL,0x33bfa09be42d1913L,0x9f0636f74ccf5139L } },
-    /* 8 << 133 */
-    { { 0xfa3b4c8eb88ee8f9L,0x1f288e60b521ab57L,0x06aa39562e8c4d8cL,
-        0x4981c3e5cf89935bL,0xbdbd0c4745fa071eL,0xa78f831c496073beL },
-      { 0x09a72986a4e5c001L,0xac527731709cb728L,0x9a64b5b3988f2781L,
-        0x6ac9440d73b1719dL,0x58ad54c7e3d2e807L,0x1c1574488f06742bL } },
-    /* 9 << 133 */
-    { { 0x3220a099a5e437e6L,0x11a1b1734dc5bdaeL,0x1ad9e736b64c9b8bL,
-        0x82b6a3d4ce40acadL,0x54e1eef8915aaa8aL,0xff19be481f3a1f54L },
-      { 0xadc4c5250b64a2b6L,0x6637bc8e12caf63dL,0x970d08b01206a661L,
-        0x97c9b9bde57cf6c2L,0x228ee4712b89b7b7L,0xfeed19ca837cb79fL } },
-    /* 10 << 133 */
-    { { 0xcd36c981a816f4d4L,0xc99316c27712a72bL,0xd32cb20339e671aeL,
-        0x79ff1889f67f6215L,0xf9fe7448cd08e91eL,0xdc9b277776f3e605L },
-      { 0x8af30c2e7c1609a6L,0xed3224a3e54cdd0bL,0xe73f56ded1dea6acL,
-        0xb836eb783e37a390L,0x9f0dcdb2c78a0510L,0xc37e67a39e6109f0L } },
-    /* 11 << 133 */
-    { { 0xab419eb852e0d552L,0x86c76ef8ae3d06ebL,0x219662b4f7c6342fL,
-        0x2820299e548f6717L,0xc4d0d47a8a2aeebaL,0x4c98069895536593L },
-      { 0x3644e55ff42cd505L,0xe109b64ae47e0b0bL,0x91f520a6c89788aeL,
-        0x35f6dc577699087aL,0x3484f5b6b77deb8dL,0xc22a63a47f3c09e6L } },
-    /* 12 << 133 */
-    { { 0x6b5b7b2a75c953b2L,0x927ed77ca7f1cd5bL,0x2e8c53994cba0e5eL,
-        0x03aeb14a3f4a941bL,0xedbad9a0a1385c8aL,0x925a49c167fd2258L },
-      { 0xe7e368ee3365ffedL,0xcc4aad2dd106eb87L,0x4ce908daa980b53bL,
-        0xd3f4954016929ac8L,0x613c804dd5c05c32L,0xa42290ccd7973344L } },
-    /* 13 << 133 */
-    { { 0xe7437974c464c24fL,0x70c04156d36bdfecL,0xd94c80fcb2d5d96fL,
-        0x4a1fcf19d2cfea9cL,0x443478592f6df796L,0x0c908d0159743bd2L },
-      { 0x78949087d165a62bL,0x6c3f9021632f4e1cL,0x3917b925a94bb004L,
-        0xe153ef092b3f87e3L,0x6aee1027ea706338L,0x953ab2959733bd02L } },
-    /* 14 << 133 */
-    { { 0xad49cad49855d008L,0x23442cf94b273d85L,0x3a3c8752e3dd8f65L,
-        0x0ca5d24bedf84ed0L,0x3d0580938b4f8f96L,0x1cea59acf9b9ae03L },
-      { 0xf17cbbe23a06567eL,0x49cf5294f090338fL,0xcf8cbe0da93562c1L,
-        0x66683f21b986b71cL,0x3c96750cc87c9e10L,0x38e62db63dcf2f32L } },
-    /* 15 << 133 */
-    { { 0x807a519047f99946L,0x49e03dcf01615a37L,0xe813287c99590bf6L,
-        0xc9caf30ddb62835cL,0x0733c49d4df78781L,0x4fde30fd4815d3adL },
-      { 0x2809b853f9a2610dL,0xf2b139b9dc050142L,0x52a40a413c23a4edL,
-        0x9333086b0a104df2L,0x04a90c11e2a65950L,0x4c6a15c4dc24341aL } },
-    /* 16 << 133 */
-    { { 0x33952177a98cf218L,0x841d9e1f579ee53aL,0x1084d61e0a285bd5L,
-        0x3935a84e71171b1cL,0x8ac2433cf29b29f9L,0x5dd868b56dd1e9bdL },
-      { 0x88da04788d102390L,0x1140735a657400d1L,0xa792a25f9d5b19e1L,
-        0x9ee015cb6a27fa79L,0xea3bf8b57ba16a8eL,0xc5f0cc26c15fde67L } },
-    /* 17 << 133 */
-    { { 0x033708d2e02e9feaL,0x2b588d1e222f437dL,0x998442d6c6b47013L,
-        0x4033d62fb8ac1fc6L,0x9b8fd348877c726cL,0x1a2125fa5bea5a49L },
-      { 0x04a2c1d680b8afd9L,0x3d52c9d2a40195c1L,0x56b204e6655c0b30L,
-        0x55ee14ef520b3464L,0x23fc52e6b5bdd96bL,0x445cfd7a56f4b269L } },
-    /* 18 << 133 */
-    { { 0xc8985c2c5fee6426L,0x8be749496bb7bb8dL,0x12967576659363b4L,
-        0xd1b6ded9b969b221L,0x586f28929819fc04L,0xec6b03e5addd6307L },
-      { 0x3f0e96cad4da6627L,0xc866c95c14860d00L,0xb038867c9725f9a8L,
-        0x60cd3afa1caf2547L,0x6f2cc04411dddfafL,0x49551f249d0af0faL } },
-    /* 19 << 133 */
-    { { 0x04a68337177e2e7cL,0xe20b21c0adb79464L,0x9b30d3437e42ae4dL,
-        0xac7a01d7f86c5767L,0x3ea34e385381db5cL,0x3005a0c39235f5bcL },
-      { 0x853eb43167b4a5c5L,0x92f26a35584e4b8aL,0xa3d25e5879bb470fL,
-        0x7963d90a5eacbb13L,0x08ca7969212e3aefL,0xb5ec6582df92bfffL } },
-    /* 20 << 133 */
-    { { 0x2e152d95ee2c3290L,0x8437df2e4a9ceda4L,0x4151754e3c7ebfd1L,
-        0x556c59a888f80aeaL,0x8d099c5d8de44dbcL,0x9ecce7fc77abeeccL },
-      { 0x5e0a0f383aa311cfL,0x99ff1eecb8f2bff5L,0x5ae0b483b5dcf488L,
-        0x11212c4591483a02L,0x99fe0738312134a1L,0x3b855db0a72745efL } },
-    /* 21 << 133 */
-    { { 0xb70bf73230261470L,0x8c9b7c4bc74a180fL,0x4c648aef88a9d9acL,
-        0x3d9f7540a10f98bfL,0x8ec2a3a3120d55f5L,0x1707c1b0baa5a600L },
-      { 0xacba8da9103f2f0bL,0x96926dc0c7194236L,0x00358df7584499dcL,
-        0x74c27d0e538c0a15L,0xc675d079de960a77L,0x575b042e89f41f6bL } },
-    /* 22 << 133 */
-    { { 0xd17d99529703d919L,0xb25ecc411477faebL,0xa5c66a58a9aea2fcL,
-        0x83754d683accb00cL,0x6a9ae76a25901044L,0xe437981b2565e035L },
-      { 0x441ec0d96f45fa01L,0x35e40d126a697636L,0xba2fbab59bb3c2fcL,
-        0xc038be03e94b245fL,0x366b4bcc0c1672eeL,0xa14a2c10f1ce6d55L } },
-    /* 23 << 133 */
-    { { 0xef32d94febe1dfe2L,0xdbf53d4271494ea6L,0x72dc5fad24cf0c2dL,
-        0xa9247adc66dbc21bL,0xe31ff66ab130da59L,0x8cb97c09e86ab63aL },
-      { 0x204020e2f59ebb80L,0x56f6d8b7cfd0f965L,0x7522a692b1518dadL,
-        0x8e7c999f5f231e2eL,0x2eff5904b4406177L,0x8440cee87bfe2363L } },
-    /* 24 << 133 */
-    { { 0x37f50e43892c8eecL,0xf06a2f047d85a7e2L,0x3916af85e1d11150L,
-        0xf56e852f6785ae1cL,0xbf8c72adae6ada8cL,0x1fcd53e3e13285b2L },
-      { 0x5327920cbd56d348L,0x82a394fb445658a8L,0xa71328573caf3792L,
-        0xb15ab34b550ffe1cL,0x818980666a5d4e4fL,0x0bda153b2f854f9dL } },
-    /* 25 << 133 */
-    { { 0xf664f44407aa3d00L,0xcf8901664704e2d6L,0x1802f662f8c2fc8dL,
-        0xd52496b8a47f0da6L,0x37f71d8c75001c8eL,0x7ad8e8c29cad3ba7L },
-      { 0x666afc25825515f7L,0x3a871c76a729e498L,0x5dc21f1108479e3eL,
-        0x78ff145966c4331eL,0x8d01e2352dd3deb2L,0xc68445e9dbc91fc3L } },
-    /* 26 << 133 */
-    { { 0x8f2d9aae98ea13f6L,0x3e75ba40ab97bfb0L,0x14dd24e635e1fe35L,
-        0x14abb0735f88d9b9L,0x74b2c6a801d4fcd6L,0x4905dfe7744a09bbL },
-      { 0x349348c077cd538aL,0xdec247f5f7b6d035L,0x737e248dc455d417L,
-        0x608a5529b6fe5d92L,0xce0ba0bccd7dca64L,0x022bcb18c21175c6L } },
-    /* 27 << 133 */
-    { { 0x79fe5372881b120aL,0x4878428aae98aeeaL,0x5c6a7f7d09511acbL,
-        0xb7be08de3b046481L,0xfb91990b8b35f13bL,0xab734f604ebdd374L },
-      { 0x3d4955f1197690e1L,0xfc82767c7b376dc4L,0x7cf3db85b8c659c7L,
-        0x4cfb6f4b03202723L,0x8b79311746141d27L,0x94c6ee67867292c4L } },
-    /* 28 << 133 */
-    { { 0x77a31009722730feL,0x93707ac4d5cdd297L,0xa290be39d3811e8cL,
-        0x831a9b9592a5cdb7L,0xc74cda84e7342270L,0x964661903f48affcL },
-      { 0xb0496cca5520b0f0L,0xc8742cd9bae930ffL,0x3a30737aeaea703aL,
-        0x0a8e6fb7fb758854L,0x9ab9523e6796f4d1L,0x36e6c05dfdf7140fL } },
-    /* 29 << 133 */
-    { { 0x4c8ec1a3ccedff1fL,0x8fc58987ca74bd5fL,0x70a6b71cf768abcdL,
-        0xb9971cf5ed60a02dL,0xbb2aedc8af2f9a41L,0x4ebf90c76032c98aL },
-      { 0x8e69b4c4d3752262L,0x350f201474ba8e8aL,0x7a164f6724d0052dL,
-        0x5aeb80db61d7eee0L,0x626a6c9da63583bdL,0x6246637fc3f2196dL } },
-    /* 30 << 133 */
-    { { 0x2077dfa1817d444bL,0xdda9c7fcdf855b15L,0x577603be04b31d38L,
-        0xc6beacae7a140cabL,0x8cd9dc019ecbed91L,0x6ea8591295ae114eL },
-      { 0x6fb29a33fd47f1b5L,0x6203bca6223cb96aL,0x2459d85a7c1a3580L,
-        0xbab5922d6410a3c0L,0x543be274cc7750f8L,0x1a653e1c42baea3aL } },
-    /* 31 << 133 */
-    { { 0x616abd271dbeeea7L,0x0684c14fe2189d8aL,0x0d2bf3687354d862L,
-        0x8b0cfc06a8bdcb0bL,0x187147b49661e548L,0x07509bc358edde6dL },
-      { 0x7b2a33bca78c2782L,0x5f41b8379ec5fa24L,0xa6df5de574539201L,
-        0x3510f650093f8f7eL,0xe4d1c06ed14aaa71L,0x4d1b1ca2b0470581L } },
-    /* 32 << 133 */
-    { { 0x3b62315064ef6a95L,0x97645381aaa5b792L,0x4bc2c31c56471100L,
-        0x4a0e73bb1bae8d2aL,0xbfc0770a8df1f76aL,0x5089916fa7bb16caL },
-      { 0x2afe5b1cf31fe82eL,0x0b06831df0119977L,0x97caa333a1af2a82L,
-        0x93cb92c5dafed6cdL,0x09553e7e92c3b2e3L,0x3d9c4b7d61af2956L } },
-    /* 33 << 133 */
-    { { 0xe56c89b06910185fL,0x1cd06d19ac47667cL,0xb35e6ae5fe41a4ffL,
-        0xdc2fbaf959e8be08L,0xa9e6df08f8cec40bL,0xcab91f8ffe63ad2cL },
-      { 0x1e3bd193ca2cc678L,0xe1830cae06bb40f2L,0x3b8b33d6d69985abL,
-        0xb6b7e8433895d8a8L,0xec3882909fbf6b31L,0x012bec2ac37d64cfL } },
-    /* 34 << 133 */
-    { { 0xff2e88fd33941b4bL,0xa2d9730a8d85cccaL,0xa23f8cfa16f7d7a1L,
-        0x82013193d39a250eL,0x3b119882ca0fd8a8L,0xcff642ac1a438706L },
-      { 0xe4a3a95f65e5688cL,0xb2a6c836c31243d2L,0x1b7ec5d2194d1f42L,
-        0x51ab34f814e4f7a2L,0xa3e3f135d3583ca0L,0xbca6ecbade9b91f2L } },
-    /* 35 << 133 */
-    { { 0xc85820c3002f07caL,0x090365320e00dca7L,0x0f3b3166f4e4d8c2L,
-        0xe694eb4479460f00L,0x50d0ed14c15e04ecL,0x8c9998abcc86e3bcL },
-      { 0xb82581624aefa561L,0x6351aca610050c0eL,0x4e60399acc8d2342L,
-        0x96da3af7f633dc88L,0x1af763ec09202348L,0x76b0e49d3f0d5f76L } },
-    /* 36 << 133 */
-    { { 0xd83f574a08f84746L,0x48fc9715ca07f5f8L,0xb3d5d0d2dcc51638L,
-        0xc2a5e3356153bdcdL,0x8242cd9a8aa4ef74L,0xe71ba25b0bdaa0d0L },
-      { 0x4342d4bba4ff172dL,0x81db10dffc1341a2L,0xdd93dd877dacb140L,
-        0x6f8a4e81d12d347fL,0x0d4e7e461bc369beL,0x3ce10a771fafd0c5L } },
-    /* 37 << 133 */
-    { { 0x2fdaa3bb8cb896a3L,0x2fb82dfd913bb303L,0x5d814a50ba9ca09aL,
-        0xc3de6aa426112215L,0xd0d5c98b25a0c9fdL,0x54004b3e0eaae4a8L },
-      { 0x410e2cc209358663L,0xf7e3d08a501c4ef5L,0x3d86434dd334aa19L,
-        0xf70ea577772fc0cdL,0xa0eded5aa607c4f2L,0xba0bf1bc36222b2dL } },
-    /* 38 << 133 */
-    { { 0x8d901e759632c4d6L,0x0ed9a7ebbbd94698L,0xfd2169dbbf7bcbc1L,
-        0x2b4d168d5b302c66L,0xd42f9dd73e65f24dL,0x73e0c22c0eed0022L },
-      { 0xf9091588f5d2dcfbL,0x81c7c01eb8715b78L,0x2be06165dde6a9d6L,
-        0x64b5902dcacd6ca2L,0xdcd510d70159d3bcL,0x5b71995b42b5e30aL } },
-    /* 39 << 133 */
-    { { 0xa9c474eae7a211edL,0xc7bcdd20d8170f76L,0xd9aa8d9734a15487L,
-        0x26235292933c16b6L,0x289d47d5d8238fc0L,0x39f10fb3ae27ca16L },
-      { 0x822e187f1c016ae1L,0x8e93b15f2be46859L,0xe2ba61a60b0a055bL,
-        0xd8f33ddecb8de893L,0x016652d6379657efL,0xf4eb08f9e7d9eab8L } },
-    /* 40 << 133 */
-    { { 0x5559dd31e67145b6L,0xf2d905b45b2427e7L,0x0d840fabcaf57d0cL,
-        0x9625866578742ab6L,0xc85482ad409c1c8eL,0xdca2a058adaa6167L },
-      { 0xec26ad9a0c8885fdL,0x1b93b8a22a600cb2L,0x340aa7fc2539986bL,
-        0xd7674876a23dee41L,0xa948a9292e1a9837L,0x9ae67d2a71438da9L } },
-    /* 41 << 133 */
-    { { 0xe753114a8d6a98f5L,0xb2d7d1e1f6ad93e4L,0xfbcfe0cf1935714dL,
-        0x9dc2d293e859e729L,0x674c170889a703f2L,0x87744b0252063099L },
-      { 0xa1721de04b25966bL,0x059292573a285fcaL,0x5b02ca39e8ce75e0L,
-        0xbfdf0fb939e57da4L,0x554378cd6388a964L,0xc53fc5c8f853d7faL } },
-    /* 42 << 133 */
-    { { 0xcd3b60e352f51554L,0x6292fafab44ad7eeL,0x670561c79513741fL,
-        0x95defdf3b9ba16a7L,0x6c0beac1adae36cdL,0xef05c24a3e8aabd6L },
-      { 0x74208a02b23efc25L,0x71930e02c22172d1L,0xbdb1f1c6f5ccbffbL,
-        0x358b483c504d9cb3L,0x48b5887a9a48a4baL,0x289256b4e48f09e7L } },
-    /* 43 << 133 */
-    { { 0x671bf1eebc2f256aL,0x530faa653984ca7eL,0x0a6d18955c05da6eL,
-        0x219de918118fe96cL,0x289b9645bb7eded4L,0xe905c4729588f006L },
-      { 0x56d0cd9ac9d61133L,0x8879550079a4f743L,0xd05e910199c2aff3L,
-        0x7e91f7c985e52c8bL,0x7fd02f83b5c5d473L,0x4b43b6453c59330aL } },
-    /* 44 << 133 */
-    { { 0xeac6f447d56bdf1fL,0xb22e8425c2b502ffL,0xe1cc9d3dfca5a501L,
-        0x8192bc29b64baf39L,0xeb2c901a52ce849eL,0x7f5f38b11dd506f1L },
-      { 0xfb3684b10f0a1d68L,0x16c4aacde9240ff8L,0xffa682435a4d8995L,
-        0x27264ab554e4c95dL,0x9aa40cdc4f34ffaaL,0xcb8a30a35fd818eeL } },
-    /* 45 << 133 */
-    { { 0x912f0a7dfa88792fL,0x2ad9249f5090716eL,0x4b828a6fb96e6e31L,
-        0xe805f0588d7f2095L,0x72e95cb956e00978L,0xc95354667651815fL },
-      { 0xc877181a08df5b53L,0xae055dd8779c3302L,0x3f9e6dd90b4e68d2L,
-        0xdeb15f1308fbb2f8L,0x5f129c1cc5802a96L,0x7482e4af3cc51022L } },
-    /* 46 << 133 */
-    { { 0x98904777ab695f56L,0x6dc472c18989e518L,0x6749d25c82031d40L,
-        0x5c465922c36202f1L,0xb3b5b9aff31fe542L,0x855263bdf98bc09dL },
-      { 0x40ee01747eb4789fL,0xd64ae0d4de4e92bcL,0xbaea76a38995e69fL,
-        0x3f22b2e3d972751eL,0x5a197daa2461f1b4L,0xbd15682a5097b93eL } },
-    /* 47 << 133 */
-    { { 0x7f251143534f8547L,0x213baf14222a161aL,0xae993737ad1e6005L,
-        0xdc70867ff8b1cc7eL,0x41e880f3bb22e11bL,0xe36f54cbd2d6bc45L },
-      { 0xa42e819d4d65ae97L,0xdc57be4de8592604L,0x8a89777fabe73b50L,
-        0x435fedec72e26f5bL,0xe8d3cd8251ec79f0L,0x9574d6ea67f407b0L } },
-    /* 48 << 133 */
-    { { 0x39038863f7f35053L,0x421a17f3328787d2L,0x38aa682ef3d8310fL,
-        0xb52d41e8f4123153L,0x4fbef3dd7026310bL,0x0c6bd7adf6ff5692L },
-      { 0x3831c6b2a9be5d0cL,0xb5c9ae85e8d328b8L,0x76d26abc6516bba4L,
-        0xc237f9a5446d35a8L,0xb2b16c0ff012a8d0L,0xddf2b7fe0ee0315bL } },
-    /* 49 << 133 */
-    { { 0xf401366a7dd4243fL,0x7db92881f434ba76L,0x5b5bacd737ffc502L,
-        0xa53fe0e802cb994eL,0xf6db539ffb00cb96L,0x0bb288b379878966L },
-      { 0x275c108c0c3d4b7fL,0xe57222d267236ba2L,0xc754d31890683aa1L,
-        0x883a41ef2345460fL,0x8e6b7ce8b572fd14L,0x7649c29237d21925L } },
-    /* 50 << 133 */
-    { { 0x46302515c4af281fL,0xe2a9633c3513ea87L,0x1175276fb3e96864L,
-        0xda377e32f4ed1228L,0xacf223a1fa6be904L,0xf442c41abc01057bL },
-      { 0x83d766c38a69db33L,0x933dd0974cef397cL,0x094b21b575fe43cdL,
-        0xf16ee57ab3141dd5L,0x4a8d0d6cb981d196L,0x6bd246c3730075deL } },
-    /* 51 << 133 */
-    { { 0xd9ae9faa91eab3f7L,0x8520bebba2bcdfc1L,0xc681d5a0ee94353aL,
-        0x980871dd316ee7acL,0x7d70b82bcb401c4eL,0x150706c1bc6885efL },
-      { 0x11709bbed3d8663aL,0xad69df943ace1806L,0xf889daef1a36f12cL,
-        0x6ba376b2560bb749L,0x5342cd7a0d95f8b9L,0x5d14201273b4554aL } },
-    /* 52 << 133 */
-    { { 0xbb85b640056ad6c2L,0x7c51ef96ac074372L,0x1c7ce31cf10b43fcL,
-        0x08e4101b26f4d3a4L,0xd18511c43968459fL,0x00e20c3fd6d07839L },
-      { 0xd5bcd598e4fcdc11L,0x99e9a4d0c877f6a2L,0x9c5dd9d0bd491646L,
-        0x83918f609bfd7a1aL,0x4bc130cd7e2b95a3L,0x668825fbfbc31c83L } },
-    /* 53 << 133 */
-    { { 0x7e8947bd5568b75cL,0x43419ecbdab8f822L,0xeb52a83a7b8fa996L,
-        0xbc674ff32d1a32c6L,0xdc086f84ce405eeaL,0xebe3e087f8918ddfL },
-      { 0x476099ecdb152bc4L,0x0cb491c52d3718c3L,0xa7c49cd69da8517fL,
-        0xc736fcf51ab8fbadL,0xa00b403ba24fe115L,0x01f6e5bfd976f549L } },
-    /* 54 << 133 */
-    { { 0xef8e12edf15ad86eL,0x216be9828c20441dL,0x10ccd4f85c45e821L,
-        0x8a12f6037c9745e9L,0x56212b09da6f1b2fL,0x5a81d69338115f05L },
-      { 0x5aead3330a4405a8L,0x7024a76c03221eddL,0x9c101d0250e6a610L,
-        0x6bcb22ffc1b6d54aL,0xf96cef62cf787e89L,0x9c9bde7b79341d83L } },
-    /* 55 << 133 */
-    { { 0xe9c61fa744058dc9L,0x59efcc8f1581d690L,0x1ea73467513aba4bL,
-        0xf0fda8a69d03d72aL,0xcc1f3f22c6f30a01L,0xb632daa3ddf8dea8L },
-      { 0x58563188fe8e2f89L,0xf053b9f67b45cf5eL,0x1ab51b07f9bda4b1L,
-        0x37850e9789dc0050L,0x1bf5e41e8f6a1daaL,0x4abb4f82d94c0fd8L } },
-    /* 56 << 133 */
-    { { 0x817d77b106a9ad54L,0x3a999d7d89a25ecaL,0xd3ac4107da68b768L,
-        0x6904bcddbebc4c4dL,0xb0d2103ca53d39e9L,0xdba86bd230a5e950L },
-      { 0xb09256804f52208eL,0x37c3156a28495b2cL,0x2389ab34c15855aeL,
-        0xc14dfd963017194fL,0x420e07191146b838L,0x1a9f909b8fb4b6fcL } },
-    /* 57 << 133 */
-    { { 0x73af3d1fa24985f4L,0x4fa27db444a1f9a8L,0x6deb02455cfbfa45L,
-        0x4803e0342813c996L,0x24715fe80e4116ddL,0xa2e8258d38d8e902L },
-      { 0x3321e112dd7d8ebfL,0xab8d5b2b272ee6a4L,0x2994fac34eb10fd9L,
-        0xe007d0a4a9c611ccL,0x29db5aa974d194e3L,0x9e76e3ddcf7409b9L } },
-    /* 58 << 133 */
-    { { 0xf12a3eeab577f6b9L,0xe666e002b6db2206L,0x95aa0d03375229b4L,
-        0xebd05140ef0772beL,0x9d5b5e9e48580b17L,0x960906b3a77ceceeL },
-      { 0xca869663e50422f8L,0x150e844199d481b2L,0xadd97d7c3418b00dL,
-        0x9908a23e68244f02L,0x5357ea61d3eac131L,0x0af5423d9778902dL } },
-    /* 59 << 133 */
-    { { 0x11aa3582d8e62251L,0x108ec170aa1560a5L,0x8423663e2b5b6ea9L,
-        0x3f4ad292d8718329L,0xf8e3e7bd04f8daadL,0xed310c3a11b81211L },
-      { 0x718db302edac9282L,0x7866f1c1e434544bL,0x1052133c568b195aL,
-        0x8ca61965c0e37cbbL,0xdd28fbd32cfac1c2L,0xf4062b33dce29660L } },
-    /* 60 << 133 */
-    { { 0x2926ef17dd63404dL,0x0e89c4d41399cc68L,0x6507fedef7ec20b8L,
-        0x1ac084ff88c751d6L,0x31bc08bedefe29e6L,0xd42199714f0692c5L },
-      { 0x4d6ee74236069bc0L,0x3868ef6aff80f3d7L,0x6df02d7c5a9c6f4bL,
-        0x2c3096bb101abf69L,0x0c2b01ec8eaacaebL,0x65914c20eb2e687aL } },
-    /* 61 << 133 */
-    { { 0x78d5ab7b34a8173eL,0xa34b72ac9230c3b2L,0x379453e13538b39dL,
-        0x1764c4420f3789b0L,0x5b4bbe77a3f2ba4eL,0x3bd35b796f86338dL },
-      { 0xf2fcdf04f02fa7e3L,0x6b4522f420d23feaL,0x966fb8fa01be16a5L,
-        0xf2a56e96e0d705feL,0x494aa4553872e429L,0x68432d9181921587L } },
-    /* 62 << 133 */
-    { { 0x0ae47d1e3dba277aL,0x54607ac99832d90cL,0xd4cec32eecbcdeacL,
-        0xe54b3033b9ccdfa9L,0x5b3a8a56fb920449L,0x831ec8f955eefd3aL },
-      { 0x59ba32a3a02dca96L,0xb421e4b01decf837L,0x52e70a88a88636d2L,
-        0x3b75ed073086667eL,0x7a4a46b3b877cd6bL,0x3825c80b59c99207L } },
-    /* 63 << 133 */
-    { { 0x3bc3f0e069bdc53fL,0x7e0bd730d9d7def4L,0x71a577e6844ede6bL,
-        0x06d47f4981705712L,0x83bdb1a6ef108ea6L,0x853a3ce0c8a8ff41L },
-      { 0xa6f114b8f408ec44L,0xe0ce4267e2d72d33L,0x405f6ddda2a0b613L,
-        0x22ce3daa8d253ad3L,0x2fd738094aa1de25L,0x28a2001b27363597L } },
-    /* 64 << 133 */
-    { { 0x13722ab079ed523aL,0x33b29bec249d5624L,0xd3d0f467f76fdaf7L,
-        0x7ce072f912ddfd9aL,0xce918a5747bdefd3L,0x14d38ab4750e5315L },
-      { 0x08bbb20e3346f647L,0x428b917f05b26894L,0xc8fb5c21ca865ba6L,
-        0xee6e41e02e6e8e6fL,0xd00ae6214c608b60L,0x659756396ff685cdL } },
-    /* 0 << 140 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 140 */
-    { { 0xbbccce39a368eff6L,0xd8caabdf8ceb5c43L,0x9eae35a5d2252fdaL,
-        0xa8f4f20954e7dd49L,0xa56d72a6295100fdL,0x20fc1fe856767727L },
-      { 0xbf60b2480bbaa5abL,0xa4f3ce5a313911f2L,0xc2a67ad4b93dab9cL,
-        0x18cd0ed022d71f39L,0x04380c425f304db2L,0x26420cbb6729c821L } },
-    /* 2 << 140 */
-    { { 0xca07923c0eb008c8L,0xab79402d9985912eL,0x41e379e83cb02510L,
-        0xfabac005beb383efL,0x24d12d9a1076dd0dL,0x95afd46fb208f127L },
-      { 0x9cc38a60b1031e46L,0x93e21e977009f6bcL,0x6f6360d98ac219efL,
-        0x1edaab3faf284c80L,0x9c3b5281019e366aL,0x6475c579bc9e9726L } },
-    /* 3 << 140 */
-    { { 0x26bd07d6bdfbcae8L,0x10b5173fdf01a80aL,0xd831c5466798b96cL,
-        0x1d6b41081d3f3859L,0x501d38ec991b9ec7L,0x26319283d78431a9L },
-      { 0x8b85baf7118b343cL,0x4696cddd58def7d0L,0xefc7c1107acdcf58L,
-        0xd9af415c848d5842L,0x6b5a06bc0ac7fdacL,0x7d623e0da344319bL } },
-    /* 4 << 140 */
-    { { 0x8410d8298d85a25aL,0x48ee01354af81a14L,0xae460d0d18c25348L,
-        0x5d0279a07eb035a3L,0x87e7c1289a114414L,0x17c08a8ec0744f79L },
-      { 0xb7b2b4f1025cdbe3L,0x9a74f15d82d1af60L,0x124a7395b51ee685L,
-        0xf2937c4bf6122422L,0xb4ec133207f1a7ffL,0xad801112f886032eL } },
-    /* 5 << 140 */
-    { { 0x4c0d78060c9d3547L,0x993f048dcf2aed47L,0x5217c453e4b57e22L,
-        0xb4669e35f4172b28L,0x509a3cd049f999f8L,0xd19f863287c69d41L },
-      { 0xe14d01e84c8fded0L,0x342880fdeafd9e1cL,0x0e17bff270dc2bf0L,
-        0x46560b7bc0186400L,0xe28c7b9c49a4dd34L,0x182119160f325d06L } },
-    /* 6 << 140 */
-    { { 0xdd4eb3d07bb5346eL,0x9a46ad01382e7db7L,0x1200285ddc1973c7L,
-        0xfd342beaa0046b98L,0xd19173491219a7fcL,0x5383d319b7caffe5L },
-      { 0xea5a0c4e2e0fa118L,0x1cc2de3ca5457b28L,0x5b2a16dc6046eeeaL,
-        0x1755e1fecc8e64b1L,0x51e4946e9e7faddaL,0xf805422ffcbf4ec2L } },
-    /* 7 << 140 */
-    { { 0x46d70888d7e02e18L,0x7c806954d9f11fd9L,0xe4948fca4fbea271L,
-        0x7d6c7765bd80a9dfL,0x1b470ea6f3871c71L,0xd62de2448330a570L },
-      { 0xdaecddc1c659c3a7L,0x8621e513077f7afcL,0x56c7cd84caeeef13L,
-        0xc60c910fc685a356L,0xe68bc5c59dd93ddcL,0xd904e89ffeb64895L } },
-    /* 8 << 140 */
-    { { 0xf877e8c6bd08ffafL,0x24718fefaf23012fL,0x19ff269f2b004cfeL,
-        0x8adc5d7795450f8bL,0x688ce8bce2a7d458L,0x74d7445b97bd7fdcL },
-      { 0x1b9f4ad641e6abadL,0x6652ed05f00e4bf5L,0xabee1f7e71d83d86L,
-        0xe693c76d25ffc219L,0x1c9a84afc873f553L,0x84d2718766d77a55L } },
-    /* 9 << 140 */
-    { { 0x75d874fb8ba7917aL,0x18fa7f53fd043bd4L,0x212a0ad71fc3979eL,
-        0x5703a7d95d6eac0eL,0x222f7188017dead5L,0x1ec687b70f6c1817L },
-      { 0x23412fc3238bacb6L,0xb85d70e954ced154L,0xd4e06722bda674d0L,
-        0x3ea5f17836f5a0c2L,0x7e7d79cff5c6d2caL,0x1fff94643dbb3c73L } },
-    /* 10 << 140 */
-    { { 0xe566dc057e5f7121L,0xccac74e22ed07bc3L,0xaabfdfcdc70401b4L,
-        0xac9fc4496254e0dbL,0x358d885f11c7de05L,0xb8e6a4a9d60772b4L },
-      { 0x884272a5cfe917ceL,0xdfbe98689a3d347aL,0x06b90848c9d1baccL,
-        0xc4ccedb6db8c6288L,0x892878b979e5683eL,0x1b521829243273e3L } },
-    /* 11 << 140 */
-    { { 0x916e19d0f163e4a8L,0x1e6740e71489df17L,0x1eaf9723339f3a47L,
-        0x22f0ed1a124b8dadL,0x39c9166c49c3dd04L,0x628e7fd4ce1e9accL },
-      { 0x124ddf2740031676L,0x002569391eddb9beL,0xd39e25e7d360b0daL,
-        0x6e3015a84aa6c4c9L,0xc6a2f643623eda09L,0xbeff2d1250aa99fbL } },
-    /* 12 << 140 */
-    { { 0x099369c4bf0c6fbeL,0x976f78b2fe7d5727L,0x32feb503d18267a9L,
-        0x162c41501a7dd0feL,0x3141e37726b8e969L,0x50497a643b53a94aL },
-      { 0x96159f41607b4cfcL,0x1999b7042f111babL,0x3254987c760f2eaeL,
-        0x5308075b841014faL,0xc634127e4e7adad8L,0x32a70a6059ffbfe6L } },
-    /* 13 << 140 */
-    { { 0x1feef7ce93ee8089L,0xc6b180bc252dd7bdL,0xa16fb20b1788f051L,
-        0xd86fd392e046ed39L,0xda0a36119378ce1dL,0x121ef3e7a5f7a61dL },
-      { 0x94d2206192d13caeL,0x5076046a77c72e08L,0xf18bc2337d2308b9L,
-        0x004db3c517f977b1L,0xd05ae3990471c11dL,0x86a2a55785cd1726L } },
-    /* 14 << 140 */
-    { { 0x7279c369a1f857e6L,0x029d30ef27fb373aL,0xe82cbc806827358bL,
-        0x2bfe09aaa18f57abL,0x63bf3145e5503492L,0x7ea15beafb28ee43L },
-      { 0x8e6d428f5eec91b8L,0x215e03e9611b1799L,0xb995737161d476deL,
-        0x2320c764e76726a5L,0xc5de88178e5e26f5L,0x24aae0699161e0b7L } },
-    /* 15 << 140 */
-    { { 0xb8d9b28672107804L,0xb5a7c4133303b79bL,0x927eef785fa37dedL,
-        0xa1c5cf1ead67dabaL,0xaa5e3fb27360e7c7L,0x8354e61a0a0c0993L },
-      { 0x2ec73af97f5458ccL,0xde4cb48848474325L,0x2dd134c77209bc69L,
-        0xb70c5567451a2abeL,0x2cd1b2008e293018L,0x15f8da7ad33c0d72L } },
-    /* 16 << 140 */
-    { { 0x5584cbb3893b9a2dL,0x820c660b00850c5dL,0x4126d8267df2d43dL,
-        0xdd5bbbf00109e801L,0x85b92ee338172f1cL,0x609d4f93f31430d9L },
-      { 0x1e059a07eadaf9d6L,0x70e6536c0f125fb0L,0xd6220751560f20e7L,
-        0xa59489ae7aaf3a9aL,0x7b70e2f664bae14eL,0x0dd0370176d08249L } },
-    /* 17 << 140 */
-    { { 0x5dc386d0a8790657L,0xa4fdf676bc4d88bbL,0x1b21f38f48bc6c49L,
-        0xcdcc7faa543a7003L,0xea97e7aa8c9cf72cL,0xa6b883f450d938a8L },
-      { 0x51936f3aa3a10f27L,0x0170785fdecc76bfL,0x7539ece1908c578aL,
-        0x5d9c8a8e0f3e8c25L,0x8681b43b9e4717a7L,0x94f42507a9d83e39L } },
-    /* 18 << 140 */
-    { { 0xaeac64c96f089b59L,0xecfdc92b65f9d762L,0xddde5024f750daffL,
-        0x82c01c1c0f707e73L,0xc70aa9d4ee20adb5L,0x27f6799dbeb0e60fL },
-      { 0x918ad262520aa514L,0x2bb1362f8d13eae0L,0x21b60b46a9d1d43bL,
-        0xf449e2d4767ab86eL,0xf42b09948a5a496eL,0x3b26006b853f2a3bL } },
-    /* 19 << 140 */
-    { { 0xbbe11ca8a55adde7L,0x39e6f5cf3bc0896bL,0x1447314e1d2d8d94L,
-        0x45b481255b012f8aL,0x41ad23fa08ad5283L,0x837243e241d13774L },
-      { 0x1fc0bd9dbadcaa46L,0x8df164ed26e84caeL,0x8ff70ec041017176L,
-        0x23ad4bce5c848ba7L,0x89246fde97a19cbbL,0xa5ef987b78397991L } },
-    /* 20 << 140 */
-    { { 0x364d5dfda6140b89L,0x30e4a48efdc9105dL,0x13f6276018a47151L,
-        0x18ad84cfa17a2853L,0x5f315c93988cb37bL,0x90f9cb701af64ce3L },
-      { 0x020c67db029b6ffdL,0x8989ccc62ce3528dL,0x9bb4f9844d00ee63L,
-        0x0b052413a70b4ca9L,0x7dee36dcc96b4a07L,0x226db70ea7888508L } },
-    /* 21 << 140 */
-    { { 0x111af1b74757964dL,0x1d25d351ddbbf258L,0x4161e7767d2b06d6L,
-        0x6efd26911cac0c5bL,0x633b95db211bfaebL,0x9bedfa5ae2bdf701L },
-      { 0xadac2b0b73e099c8L,0x436f0023bfb16bffL,0xb91b100230f55854L,
-        0xaf6a2097f4c6c8b7L,0x3ff65ced3ad7b3d9L,0x6fa2626f330e56dfL } },
-    /* 22 << 140 */
-    { { 0xcd9b76b6a92f4e61L,0xa464f5225a00d902L,0xb64774e68a583f92L,
-        0xc7dc2030bee842a8L,0x594743ea5d2f27ddL,0x4c0ed28ef3c54609L },
-      { 0xd763346d4b1dfb93L,0x8ea291dde1bed2eeL,0xf26d4adbd6d34ae1L,
-        0x74b8d24e54ea3529L,0xe20490e150062077L,0xf67b7a9092d6c19cL } },
-    /* 23 << 140 */
-    { { 0x3d28bf2dffccfd07L,0x0514f6ffd989603bL,0xb95196295514787aL,
-        0xa1848121c3db4e9cL,0x47fe2e392a3d4595L,0x506f5d8211b73ed4L },
-      { 0xa2257ae7a600d8bbL,0xd659dbd10f9f122cL,0xdb0fdc6764df160fL,
-        0xff3793397cb19690L,0xdf4366b898e72ec1L,0x97e72becdf437eb8L } },
-    /* 24 << 140 */
-    { { 0x67bf4c98e11df408L,0x8e105c66d299b156L,0xfde3922e901b63c7L,
-        0x7fd57218c184ac91L,0x6dd2ea5cebcdc105L,0x1c4956c0aef7653fL },
-      { 0xd6fac6429c1c11a1L,0xeda44f663d230d5dL,0xecca2241e6902ccbL,
-        0x85962a1f2700870fL,0xc5ca32c97864a291L,0xe55e974af6c8d3d9L } },
-    /* 25 << 140 */
-    { { 0x81dcea271c81e5d9L,0x7e1b6cda6717fc49L,0xaa36b3b511eae80dL,
-        0x1306687c3cd7cbb3L,0xed670235c4e89064L,0x9d3b000958a94760L },
-      { 0x5a64e158e6a6333cL,0x1a8b4a3649453203L,0xf1cad7241f77cc21L,
-        0x693ebb4b70518ef7L,0xfb47bd810f39c91aL,0xcfe63da2fa4bc64bL } },
-    /* 26 << 140 */
-    { { 0x0af51a2025f7b355L,0x35fc45d58d8081bfL,0x0cf3036d0ab30d16L,
-        0x2bd47f919109cf76L,0x8be09360ec7f12beL,0x99fc291be8dcdca9L },
-      { 0x385b89868135b12fL,0x272ac288f4ec52dcL,0xe7ca370cce09b043L,
-        0x94655816251f4c4eL,0x5c1dea972d40a755L,0xe8977234a4b10406L } },
-    /* 27 << 140 */
-    { { 0x82c1c684eaa66108L,0xe32262184cfe79fcL,0x3f28b72b849c720eL,
-        0x137fb3558fee1ca8L,0x4d18a9cde4f90c4eL,0xc0344227cc3e46faL },
-      { 0x4fd5c08e79cda392L,0x65db20db8adc87b5L,0x86f95d5b916c1b84L,
-        0x7eda387117bb2b7cL,0x18ccf7e7669a533bL,0x5e92421cecad0e06L } },
-    /* 28 << 140 */
-    { { 0x240fde37b21b2632L,0x6b878ae68ca0f16fL,0x072d9ded0bc32ebeL,
-        0x8c2552bc29840743L,0xb58327b003b34f8aL,0xa51598ea71dabbfdL },
-      { 0x337361f7d4f461c6L,0xae88972dda1de4b2L,0x9ec86d7ade7e8c2eL,
-        0x607de383f23f19e0L,0x0cb144c27d234103L,0x00878a228f0c3411L } },
-    /* 29 << 140 */
-    { { 0x26063e124174b08bL,0xe621d9be70de8e4dL,0xaea0fd0f5ecdf350L,
-        0x0d9f69e49c20e5c9L,0xd3dadeb90bbe2918L,0xd7b9b5db58aa2f71L },
-      { 0x7a971dd73364caf8L,0x702616a3c25d4be4L,0xa30f0fa1a9e30071L,
-        0x98ab24385573bc69L,0xcbc63cdf6fec2e22L,0x965f90edcc901b9bL } },
-    /* 30 << 140 */
-    { { 0x265f7236e22b29caL,0xe36c3c3daa62691aL,0x73410e6ed2e1bad1L,
-        0xa182a579a5743cecL,0x2ca67274c22b0453L,0xc698fe35546e52e6L },
-      { 0x60b3a519890e9155L,0x24312c3c2b91dbc3L,0xa6d45050282911d9L,
-        0x3781933efd249e1eL,0x2e0cbb93e26d023aL,0xfb479267bf27687aL } },
-    /* 31 << 140 */
-    { { 0xd53b592d71e15bb3L,0x1f03c0e98820e0d0L,0xce93947d3cccb726L,
-        0x2790fee01d547590L,0x4401d847c59cdd7aL,0x72d69120a926dd9dL },
-      { 0x38b8f21d4229f289L,0x9f412e407fe978afL,0xae07901bcdb59af1L,
-        0x1e6be5ebd1d4715eL,0x3715bd8b18c96befL,0x4b71f6e6e11b3798L } },
-    /* 32 << 140 */
-    { { 0xaff4782231cb94c9L,0xf1b5a0b7803c1af4L,0xbeb85f8d2ef696a9L,
-        0x8ce5baab4fa94fcaL,0x0a32f96200d41a43L,0x0f69ad5774f6e772L },
-      { 0xbe0221af6ccb5157L,0xcb83969a2a4f91ffL,0x78ff85d6a7e49f39L,
-        0x63006589cb5d3c63L,0xe8e4383596eb65f5L,0x79f59da9ff8adbdfL } },
-    /* 33 << 140 */
-    { { 0x3cc0df125df9b6ecL,0x3c18f44e286d6ef1L,0x55a3939e517d0f7dL,
-        0x42626a32607e97bbL,0x6168e7b2e26ad78aL,0xdcf8e74b9145583aL },
-      { 0xa7c541a52db84a71L,0x680532c7119210a6L,0x3252035d0a3315e5L,
-        0x06dc2d5befe7c8b6L,0x940175894e720570L,0xb16e635f2f6a3ec6L } },
-    /* 34 << 140 */
-    { { 0x0bd0ed3803e13ce1L,0x44a148bb5868069cL,0x2a79ab57aa5095e6L,
-        0x943416faffffcf22L,0x98434e8756a1365cL,0x2493315d196dc354L },
-      { 0x1f89d911b79a3a1eL,0x937140a841dfdd23L,0x05ad36e43b220b8bL,
-        0xff5e810333594e3aL,0x3119775f893edb80L,0x1fad811627eee584L } },
-    /* 35 << 140 */
-    { { 0x55c4377e204f30b9L,0x63550549a1ebd2bdL,0xdd86ee0c5e44f5f1L,
-        0x8b9d1d9b5d84d999L,0x9ea95a58dda7a075L,0xa465b4a50977e81fL },
-      { 0xcb491e5558421fadL,0x4617f31c280709d6L,0x5e2751c382e0195dL,
-        0x698155856f8eefd1L,0x6702166cd16dc160L,0xfc14545c84c85b2fL } },
-    /* 36 << 140 */
-    { { 0x27c961f6e8fc35abL,0x1e0c26923a596fe7L,0xc75c7cb804351be8L,
-        0xfb92bfeb1c425d80L,0xb01d1c909f0bde61L,0x273d1f0c512f7817L },
-      { 0x4375000df0d71796L,0xc1655874cf53d529L,0xe157b358abddc21cL,
-        0xb0f91e3e40cedc30L,0x48e26c7272260452L,0x9794a6bf0713f667L } },
-    /* 37 << 140 */
-    { { 0x78befaede72c6f0dL,0xc80584210bb2a3ceL,0xcee67a5d52748e21L,
-        0x08d4a9e8de8ed124L,0xc0393271b5fb9514L,0x39b1df6b20942000L },
-      { 0x831fd8cfc3d961afL,0x1bb097e3e752daceL,0x279b3924cf2c8143L,
-        0xa9f8a939b8f5cad9L,0x2b566813bfb8009cL,0xab37ee1df58f0927L } },
-    /* 38 << 140 */
-    { { 0xc17f21f5134d8bd8L,0xc75fc638a90a9a1aL,0x032a6f382a22527bL,
-        0x3c77a72bd20fefb2L,0x559d8a52196e2921L,0x760a3a2c9afcb6caL },
-      { 0xa3bf5802f162d871L,0xb6b367a5c594d2adL,0x4d440c523daa48dbL,
-        0xb2a8acafd5b2c18aL,0x50d85d6adc349ddaL,0x3c2e67718a707475L } },
-    /* 39 << 140 */
-    { { 0x8254a39d5e1656cdL,0xff457dcaa595e153L,0xf0ddc1936bf62398L,
-        0x45e1f91a558f9337L,0x8a424d9d91480b33L,0x019f0a412bf61189L },
-      { 0x66badaa6d49e7b98L,0xb0674512dad636faL,0xc767eceff4c49695L,
-        0xbe16e6b5ddc80ea0L,0x2bd0bb87febd1ba6L,0x69c9f485fe60eb32L } },
-    /* 40 << 140 */
-    { { 0x08cf7d82bff4b684L,0x6abbf429ac4a9329L,0x2454c15ab0c8e0ffL,
-        0x4782035a70bdb03dL,0x89ff6a41448199cdL,0x07969c9ffd0bf1e5L },
-      { 0x19d1cc6a83406dc9L,0x4054cab9b4980267L,0xf0f5594e1887d258L,
-        0x039249e4e09dd987L,0x2b0cd4f9857ddb1eL,0x54ceb29fd8418075L } },
-    /* 41 << 140 */
-    { { 0x562693d30843729fL,0xd703202122648488L,0xd7c40e82ec6d0799L,
-        0x8eacb2496eb6fb6bL,0xddf7074885a5ec47L,0xd70524bf891d5de5L },
-      { 0x4d17c237c4d01055L,0x4793c6e4b4203cc0L,0xf247d0df1d1bf37aL,
-        0x406994fa93b007feL,0x4062c29902940092L,0xedc0d949f558c1e8L } },
-    /* 42 << 140 */
-    { { 0x9fb3630606ab1fc5L,0x2726c1acc0de4e26L,0x8b2fb5130ec7b070L,
-        0xf3581a6907bacd4aL,0x97db622c164bf5a5L,0x8103517962327e3eL },
-      { 0xad3637b0b1d635c2L,0xb894adf949832ec3L,0x0ab5381725685b12L,
-        0x73ceb46069720ce8L,0xdbd1b68ef5e445dfL,0x57659059c8961eb8L } },
-    /* 43 << 140 */
-    { { 0xbd1272a5f73a7cfcL,0x30d3c078de0828e1L,0x5dc0244e1a8f36a1L,
-        0x87c80cdf585ec2acL,0x46c88d277944584cL,0x588d14d8b2dbe1a9L },
-      { 0xb42327a7afe7d55aL,0x58add8f98775409eL,0xa45db2fd10590c68L,
-        0xb98e10bca972b84dL,0xbf5c0ee0a737aeb6L,0x26424f3def199fa1L } },
-    /* 44 << 140 */
-    { { 0xb7bb774603c4cd27L,0x5bfe638ad9723678L,0x47d8b4c24a04d064L,
-        0xdba309383faa45d7L,0xb0fb4308b39dd043L,0x5eeaa33f23ebfa1dL },
-      { 0xaa5a0ce0ba100837L,0xae025cf6d7667d17L,0x610baf5df480cf99L,
-        0x8ba0039ead025771L,0x0ff4f75174785f24L,0x910736ef8b7c30b7L } },
-    /* 45 << 140 */
-    { { 0x0496b77ac04b7e7fL,0x6f7ea5bbdf8163a1L,0x87a8e8f18f415876L,
-        0x6e5b6f2e3ee22085L,0x5ae860ca6f529471L,0xc54c8667eb624447L },
-      { 0xdd06be3de1c7766aL,0x8a8e48ecd2189d23L,0xa4076d3564245444L,
-        0xc4973a5deb651a4bL,0x3b3e2fd52c4f2747L,0xe9a16a24abde2ecbL } },
-    /* 46 << 140 */
-    { { 0xb7f146b890973714L,0x2277873f288ed67fL,0xe6da9d9ee5182317L,
-        0xa446f9d3562475b3L,0xc5291f9756755d91L,0xe762c5f3c104c2b6L },
-      { 0x542f90b3dde83d53L,0x758aaddddace5f42L,0x1c8b9775e673f002L,
-        0x8899c11f74ec42bdL,0xfd9e300a2dbc0dedL,0x6de1c8e4d281f6adL } },
-    /* 47 << 140 */
-    { { 0x5ddafb1b2a2f98cbL,0x8dc2bdc429ec504fL,0x27c51b3cc9f43826L,
-        0xcfd609fccacf5becL,0x642ff85c30dd9f71L,0xcab498e5b6b00ffdL },
-      { 0x9c7ef286652ca743L,0xda291ae0ab95d7aeL,0xe6f4d2badfbff466L,
-        0x34afffef9835d482L,0x41a2cfc050db295cL,0x51a08859e6ee400eL } },
-    /* 48 << 140 */
-    { { 0xf6fd26cc487925bdL,0xd9b751eef5ef44e9L,0x694a788be372817eL,
-        0x85f3dc1ae8c90c31L,0x8c90c6bf15aa0ce5L,0xb52a5d83f01bb223L },
-      { 0xbdae01dddf9c3315L,0x941fa6b663ddfc56L,0x50ddff4ec2548f24L,
-        0x54a49868d12802a7L,0xcd922fb6404d9240L,0x88d7f41f957f6d1aL } },
-    /* 49 << 140 */
-    { { 0xbfd0a17e4c4c87cdL,0xc6c76ebb10b614bfL,0x721d8b4fd1c594a9L,
-        0x1ff70b2daff65d09L,0x2698f57ce50ad026L,0xf4ac3f5627a92e38L },
-      { 0x1114d3392c143ba0L,0x7fafa6b97f8e9b0bL,0x506f11edd82a2500L,
-        0x4df1087fe0ad9ca2L,0x85509ad9fdfecaa2L,0x733c4f8293bd022dL } },
-    /* 50 << 140 */
-    { { 0x3b9de3494233d6cdL,0x9a360917a8f55d63L,0xbe79cdfd90662136L,
-        0xbb3d8fd7cbf3f02aL,0x5d0d4eb81d61e485L,0x85b485215484cd65L },
-      { 0x77580c810fc5cbb1L,0x4b36441bd8e70ff2L,0x50ccdec1b2107a8bL,
-        0x6b7f97c945a45893L,0xb818859b9572a173L,0x864dc632d94bd9beL } },
-    /* 51 << 140 */
-    { { 0x13bb6b113fee0074L,0x4c02520ed1059617L,0x5beb793ccf71f07aL,
-        0x15a8d28d46d4c54bL,0x9889a8948b89fab6L,0xd00fdcb492623b75L },
-      { 0x1c7963572939a84cL,0x4b85d94d6221a244L,0xcc66b5bad1fd506dL,
-        0x866271042a06ca91L,0x4295fc6a49bb18c1L,0x05a81eea341d93e4L } },
-    /* 52 << 140 */
-    { { 0x895dbf20df8111ccL,0xec8297be2906fb2aL,0x4ddd6f22b94c3f53L,
-        0xec55cc738ecbd552L,0x549d3145ef343a0bL,0x9b19220c3b4858d8L },
-      { 0xd5bbf954bd0c2f11L,0x9cacae0cce8c221fL,0x87e6cbc1f6a3dbc5L,
-        0x7ce5c9b6e37ebcb2L,0x654339ef50eb3c8fL,0xeac7f343f3674f55L } },
-    /* 53 << 140 */
-    { { 0x723969a3dd8d5580L,0x4f6dd5c4a30edd79L,0x5b29f3f5a4d7ed53L,
-        0xe17a12bd11869af9L,0x63d01e02dc4c4c1cL,0xb43b904466a691e9L },
-      { 0xab58d45ad1bbbcbeL,0x1e9b166322e8a57bL,0x88b6d3bb6684cdd9L,
-        0xb944dee1ddaf3976L,0x70a4a121c347c41fL,0x7e93fa26fd1c217fL } },
-    /* 54 << 140 */
-    { { 0x5df68a1b584da350L,0xf378c367d72cd093L,0x5908ac0033dc31a6L,
-        0x89bb976b7ca65b9cL,0xefdadfe237dcf670L,0xce22b5ba0011f3e7L },
-      { 0x94d2c115b7d27bc7L,0x2e6763498761afbfL,0x3c0477829eb8185fL,
-        0x634c8c5531f7635fL,0xf8fb5494d4d0fc53L,0x5a905615530ee2c3L } },
-    /* 55 << 140 */
-    { { 0xd28e59a0940c9809L,0xc208ae4f01b9f39fL,0xae1cb420b3630002L,
-        0x739950501289d72bL,0xec24392805fcbd8eL,0x5b592df51f843891L },
-      { 0x0d7602303f59f374L,0x32b6e643cae9f3ecL,0x94a25696e3dcc436L,
-        0x657ae6aa8a059dadL,0x0df91017edd1505eL,0xfb1ae06f7b518d81L } },
-    /* 56 << 140 */
-    { { 0xf5bd119ad84c8a53L,0x36c5410f26928a6dL,0xf340f2bc0eb42b83L,
-        0x8d93a66cffeffe84L,0xff59141d64310b9eL,0x2d509d7aaf69e00fL },
-      { 0xf0f034ae1390628dL,0xf9089c720c38b563L,0x7462988e4e8df0daL,
-        0xe6041dcaa7985905L,0x86295326d3b7274cL,0x5c8bf249075aa31aL } },
-    /* 57 << 140 */
-    { { 0xb08d098b9e423b93L,0x8ae94622029d192bL,0x05335f68fd67f1c4L,
-        0xf3cb831f6e8c1e57L,0xf84a7a54a50a776bL,0x99930a48dc49c28bL },
-      { 0xdac2ef8f1b833418L,0x87a4ca7829fda2f2L,0xf47f23079c0e9e7bL,
-        0xebc1c2de46aeb3c7L,0x544f76836408bfc4L,0xa01b094b86c6cd44L } },
-    /* 58 << 140 */
-    { { 0x8e81bd1c06841f10L,0x3fc24a346c045063L,0xbb2be2dc85bc7ebfL,
-        0x32523efbc341fe12L,0x1ac9f6b116508a41L,0xb6b7fa1df6ac4426L },
-      { 0x2614c995fb685157L,0xe452b94dace46bbcL,0xccda1adabc453b4aL,
-        0x32d32574fb4fac48L,0x7e43920c9d7d90fdL,0x9d6e959417a08456L } },
-    /* 59 << 140 */
-    { { 0x2c90f95bdb1f005dL,0x801089a2e16444a3L,0x2f2944ed7a724ad8L,
-        0x0dfdd065de135e95L,0x510ab3eaafed3817L,0xdba075380855fbb5L },
-      { 0x905f78bda10dde49L,0x63786348956a4057L,0x3d420ff0441530aeL,
-        0x7a9968bfd1488ff0L,0x97479bfbca4dce2eL,0xf371985356f76255L } },
-    /* 60 << 140 */
-    { { 0x8102fa85bbda55a7L,0x6cbafe0de96c5eb3L,0x517720eb26aa52c7L,
-        0x0ee110a98c030e47L,0x5a058569d4afe2c1L,0x29965b44262bbc0dL },
-      { 0xda017ec04996daf5L,0x1781e7b84dfb810cL,0xdbe148350c8a5cf6L,
-        0xd151055dd92ff62eL,0x5e4f48ba2932a708L,0x77e163d95f28bb43L } },
-    /* 61 << 140 */
-    { { 0xf6c5998c48bc9bc9L,0xb25ae99e2db132d7L,0x17f29131fb934e7dL,
-        0x31b96a79d7fb5430L,0x3fad00391971cabaL,0x7f809e56cf3d5e33L },
-      { 0x1a4f705a9ede6055L,0x3cab6c6149c2d054L,0xb616adc47945b589L,
-        0x842b8652f342ee03L,0xa22fc6a67bc36a4eL,0xffdfee262c89a4fbL } },
-    /* 62 << 140 */
-    { { 0xac6b2727dab13b10L,0x8b4fa7807351ac35L,0x48243c245692808aL,
-        0x724897f01fbc5d24L,0xb635fe5e2c69bd93L,0xab26453338d5d5b2L },
-      { 0x368b2c07bc578c97L,0x94e02c9226fecf25L,0x768de4d41f473908L,
-        0x58feaadee445d405L,0x1f1380d6e42a2218L,0x2904b4542154dd5eL } },
-    /* 63 << 140 */
-    { { 0x4e28b938ca2ec0f3L,0xd4af48d795b1c113L,0x33ffb9c222f2275aL,
-        0x2a734af97b57b2e0L,0x1555ba38d08a45d3L,0xd0cae6c57a05837cL },
-      { 0xed04c869c4e78884L,0xa7ba74726f3d56d3L,0xdb7b831ef6d68485L,
-        0x225798677e7d0a4dL,0xd2d702a94c3eef8cL,0xdaba503869a83e29L } },
-    /* 64 << 140 */
-    { { 0x082ea61d10eeed24L,0x7c9d5ade143fd59dL,0x7d33df962e54f5cfL,
-        0x340b0d36e39dc6abL,0xd97a8b848d179b13L,0x88184bb0288d388cL },
-      { 0x2237e507e116ae6dL,0x3e97b063211b2cf0L,0x645f8bcb42be7459L,
-        0xce2b0f54de2176b6L,0xaf570a09d1e2f09cL,0x110adf5657fdc001L } },
-    /* 0 << 147 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 147 */
-    { { 0x158bfe27bcb6db29L,0x967212410054d963L,0xf07b153b8e71aca1L,
-        0x5e67698171b11643L,0x77b7dd7dd04e2f90L,0x07814aa6f0dcf109L },
-      { 0xd3bab2a4fe1d0b1eL,0x50abba31be69e691L,0x54fe99afc6f53cd9L,
-        0x071f2a4f628039e4L,0xf1f44181b183aa16L,0xdf0138e05010f6f9L } },
-    /* 2 << 147 */
-    { { 0xb1e365019c77ca60L,0xfe084a2301018e14L,0xbf451d2ca4bfdcecL,
-        0xd210892fb29cdcfeL,0x5b12bcd894514871L,0xd03ca18c1809b1e3L },
-      { 0x09b243115858e4eaL,0x37b30d50e57524b4L,0xcef0a16b5de334b5L,
-        0xfe0bd1e20b116076L,0x54e4b48289ae2bf4L,0xfbcc5e1a68c8a937L } },
-    /* 3 << 147 */
-    { { 0xa5023e1364be0f56L,0x6a7310e00046f45cL,0xe0af09aeec8700d3L,
-        0xdea5fb7ceb2d38f0L,0xc038eae6859852e6L,0xd515fb4c8c34f04cL },
-      { 0x546b778e1488c207L,0x8cf4f1146258d8baL,0x474e60d85182c96cL,
-        0xcd0387303dbde757L,0x387232f876ab01ffL,0x277614f628231392L } },
-    /* 4 << 147 */
-    { { 0x309b1eb33ef5a413L,0xa7607981a81f43fbL,0x87c2b81ebf8a894cL,
-        0x27a40bce0d293293L,0x7f4c315be4bf3714L,0x03fdc14e01236895L },
-      { 0x319c88f8dff053feL,0x146bb448ea3fa121L,0xfcc2a05df0dd1380L,
-        0xc8d55b024acba9faL,0x871358de5927313eL,0xfd1d81d317ce294aL } },
-    /* 5 << 147 */
-    { { 0xa135970c7361138aL,0xd67eddb5b7d50260L,0x313c6e9bc4d5311bL,
-        0x4f503bf28423e5b4L,0x17dc4b6f44f3fe83L,0x15b7bdb9ccf1bbcdL },
-      { 0x0ce4d64ea11b9896L,0x050b0edebbb6b0eaL,0x85531293bf5db990L,
-        0x9db3b964520d095eL,0xb45ec235bd2d4e88L,0xf88a9e6215ee5ba1L } },
-    /* 6 << 147 */
-    { { 0x10777189c1a21254L,0x7d8d3966ca593a6cL,0x261ab515120380e6L,
-        0x453c858fe13577d1L,0xb1f6bb58f3862db1L,0xf8ff48b8b9529e1cL },
-      { 0x03f63a417b60b400L,0xdc248d96bba66b3bL,0x8423048b756e5af2L,
-        0x4d978ed31c984befL,0xa06242995ba00f3eL,0x0bed7b454f4d19e7L } },
-    /* 7 << 147 */
-    { { 0x9ef52e3d6524f389L,0xc5b157c5f6ac19eeL,0xdca7a72ab5d42f7aL,
-        0x2d2e8d72fa0051dbL,0x3a6ff9243f4a4f60L,0x0ae997af340e7977L },
-      { 0x33dd395e269db4e9L,0xf95c3683616b9dc3L,0xb86a066122d516a7L,
-        0xd50c582cad913df8L,0xac8b8efef550afbfL,0xf34fcab01d88728cL } },
-    /* 8 << 147 */
-    { { 0xd3797831ff63ae69L,0xa753de02ce4c7eafL,0x2ff7a6a611a4e339L,
-        0x904f86f05328043aL,0xe29d31c012e9f7ddL,0x8825a639c0a51904L },
-      { 0x070c2696ebfc2cc7L,0xc03ce643c5f7a943L,0x5b970d0c12c8a1f5L,
-        0x572aaaa1ab352a83L,0x63df45a90c5eb0c7L,0x95c951e1d4977599L } },
-    /* 9 << 147 */
-    { { 0xf5aefd5572ba3741L,0x7ab81965f5fe816dL,0x597d15d546752cefL,
-        0xaa79a0822a3c142bL,0x038ddfdd3af5dfe9L,0x9f4dc166755c9e07L },
-      { 0xf34224dfb9165297L,0x96e7ff6e4e3fd907L,0x5d7f3c821727beb6L,
-        0x7098493dd6af73ceL,0x6b9358fbe00dfa4dL,0xefb2634a96e74870L } },
-    /* 10 << 147 */
-    { { 0xe35daffe2e4c6299L,0x1f9e33935915cd16L,0x93f05a40f009a48aL,
-        0xa4a801fd308a81c6L,0x75e5dc467e885426L,0xf0bc7d5d4629ff05L },
-      { 0x356b879bdbd812c2L,0xdb5eb60001629849L,0x11c9856eec2dd55aL,
-        0x20f0443880f0c804L,0xc0b5e3e21801b217L,0x7ceba67d6ea097b8L } },
-    /* 11 << 147 */
-    { { 0x7a1bc5d85d08d3f0L,0x9ecce2a8385ef3a8L,0xae93d42b3c1b2927L,
-        0x81a3a60719ce9447L,0x8d6b2d3d0eda597cL,0x5baabad60eea6dc5L },
-      { 0x2cb372642741608aL,0x3b1148d6f0202a01L,0x6e85272f52931f5dL,
-        0x49bf47596a2e601aL,0x5ec0418443279ddcL,0x7d052cac6ec080ddL } },
-    /* 12 << 147 */
-    { { 0x01c2df8d3bb02d0eL,0x874e43afe26f388dL,0xe198341c8360fa6aL,
-        0xe67f8092c52bb2d6L,0xf944dc63a02efba5L,0x9a9c02d92c12332aL },
-      { 0x39684f6ca8cb6bd5L,0xbcc1828e26bc9535L,0xb7fb8eb646594725L,
-        0xbb4f5f05793c32ddL,0x3ef3c33845f94b55L,0x228e0e7d09eac277L } },
-    /* 13 << 147 */
-    { { 0x80d9bd388aeae732L,0x2be676dccbeb6443L,0xef4d056bded9ad31L,
-        0xc4fea44f349e5d0eL,0xb66c35d28d95db86L,0x210c3d4aae9f5d3aL },
-      { 0x5c0c5b9c1582982bL,0x50a529be93aed9a4L,0x88f769a384c77818L,
-        0xc0970b4269776a3eL,0xbf3e5ee022a1cad4L,0x705c0b29b80187eeL } },
-    /* 14 << 147 */
-    { { 0xefd26dca727cacdeL,0x6290fedb5fcdb147L,0x9f108a89e1830a96L,
-        0x7e8e36813e039a02L,0x1747b3e9256fbb3bL,0x5aa0ebffabb3b2f1L },
-      { 0xcac5818c9fbb9b49L,0x037d66114a94b74eL,0x4081fd4d7a548536L,
-        0xfe2d8e79aa364507L,0xe86ce00ea81a5f81L,0x77b95e9477a9bdb4L } },
-    /* 15 << 147 */
-    { { 0x3eadfde5bf06a49eL,0xca88828b33787c62L,0xde6f765022070f63L,
-        0xcb4e54dc438f649aL,0x24957c77169727d0L,0xa2e7781cdd2a92a3L },
-      { 0x17a1d7ddc38885f4L,0xb75716717605c408L,0xfdbbcffc8a2323f5L,
-        0x11666bd2c955456cL,0xf8b94fa2517f27f5L,0xe101927fee002499L } },
-    /* 16 << 147 */
-    { { 0x2c5b0e42bca07a42L,0xbe57f3597a0dffa1L,0xace485959aa90727L,
-        0x32be886af658699bL,0xce75d6c6da3b18e6L,0x9d563e4f69caf667L },
-      { 0xc17c66cf065eb772L,0xfbe123814df9f6efL,0xceb80041623db4efL,
-        0xe75615b2c74762e1L,0xade8a5438671c52fL,0xb713c401cacaf2ecL } },
-    /* 17 << 147 */
-    { { 0xc740669ab01b20dcL,0xd873f3f1abecc3f3L,0x0d8290402db73d1cL,
-        0x147aaafb99198d33L,0xca66e755d4e7d7e4L,0x8747298cb2cb752bL },
-      { 0xd9d58d29c43762aaL,0xa3801a4a15e45d57L,0xa747fa3f454eaf2aL,
-        0x26c79cdd0c067c77L,0xf15404cea24fe6b4L,0xe2add5ec77fec1c9L } },
-    /* 18 << 147 */
-    { { 0xc45064dbd71a7744L,0x1900bb8f04a6f3cbL,0xd592585a76c2dd6cL,
-        0xabbbd6d862b95d26L,0xb0db482b1d2e180aL,0xf459430184c9dea5L },
-      { 0xd30b162a6e5ec460L,0x90838e57e4b35476L,0xab4b7c80f9356687L,
-        0x72c2c009719f347aL,0xd5d01fcf920d187dL,0x47426f1e0afe06abL } },
-    /* 19 << 147 */
-    { { 0xe6473aeaafb2f584L,0xd5395475c44ab7a2L,0xcba2c240bc27e864L,
-        0x201735cc742c1c9bL,0x8cb4886951263febL,0xb52706ba4fd2cd5bL },
-      { 0x028445755a2dec94L,0x978e79d6a4be7b6dL,0x5a68d8103c4742f8L,
-        0x9c917f48b301ad64L,0xa6a7d5bd684a6ea6L,0x251d61327c978749L } },
-    /* 20 << 147 */
-    { { 0xdc7e39ee0ae2a7caL,0xcdd3c235e6b7dee9L,0xf9624c299368c8a3L,
-        0x2086bc904b21951fL,0xf7990a1f57e0e6a3L,0xf170dd75e686da8cL },
-      { 0x4a82719a06da9714L,0x3a78e35e24274685L,0x1c3965e1c67712f8L,
-        0xc6c26eb62f164e3aL,0x1129a467381fb91fL,0x896022108443ffddL } },
-    /* 21 << 147 */
-    { { 0x25e561bd808c4ff9L,0x08c9f2758c0cf1c7L,0x9af6165b59599115L,
-        0x59f06a4bb4b415f7L,0x3a9d8ca5236e2650L,0xc8fa3bc61b48ebdfL },
-      { 0x5e1896193404846eL,0x6d1d803b378a5a46L,0x672fe2bab812d5dfL,
-        0x3ec27a7f04c6ddc1L,0x9c5ff08c0cee3357L,0x9f465babae8d37d3L } },
-    /* 22 << 147 */
-    { { 0x0057f60756a0b6bbL,0x46a6e9949c1e24daL,0x1c283f859baaf618L,
-        0xd75e731be878a354L,0xf9db13388bf2ca71L,0x0f14adeea9022f59L },
-      { 0x309f04aa6c14666fL,0xe6cec2aa552d2da7L,0x9f27eaba218d8659L,
-        0x9b3165d3c268561eL,0xc7e3afcb90ae19efL,0xb840170bcb329e68L } },
-    /* 23 << 147 */
-    { { 0xf6b9a32fab95aa95L,0x1a1e06c387e1c3c5L,0xcfb7ecc5317f1c2bL,
-        0x12953ce7999d2bcdL,0xcaf5f0229e3c5a01L,0x0c9db571305ac94cL },
-      { 0xa423d26cafbc860aL,0x82fbbd3dfe98409dL,0x455aa9926652ac17L,
-        0x6916e7d6f9428029L,0xdcfbd65099822714L,0x5de152a13f3c72d2L } },
-    /* 24 << 147 */
-    { { 0xe6d039ef467eb167L,0xa7e0959d74696cf9L,0xf3a19b9d7078d8a0L,
-        0x5d4ec99c07cdc6f6L,0x4842d0f98386eed8L,0x48f5ab80545fc0d5L },
-      { 0x8906fc626d39c2f7L,0x1c050d691bf5366aL,0xac506c579f54d0d6L,
-        0x9a356a6ef9e4b94cL,0x62632c5108a75e61L,0xfc1b9fa5c6951dc2L } },
-    /* 25 << 147 */
-    { { 0x84ba4069d034ec62L,0xd55b42f6f169349eL,0x78dce88d17de2b22L,
-        0xdadae679204ec730L,0xfad5ec6b5357f5e5L,0x330bba18ccc0d0afL },
-      { 0x8419755c4a566c71L,0x29c56c5fbfe57083L,0xe42a7c52598cad77L,
-        0x9d81623f5fcf1dc0L,0x978eb12864615869L,0xc837262a9c2a6f35L } },
-    /* 26 << 147 */
-    { { 0x917747f99ee0628bL,0x5d711303566cf048L,0x206d53f15b77f58dL,
-        0xe104bc12667a86ddL,0x158f8d253505380fL,0xf5b32ad4616e821eL },
-      { 0xdb67191a3cdfe797L,0x61b58589147e1756L,0xb7927e12625d0efcL,
-        0x48d999d008bca937L,0x335c6f5b7b02689bL,0x4f0994a9d8149b7eL } },
-    /* 27 << 147 */
-    { { 0xe7ba0870df6ae3beL,0x661373f0166cd7d9L,0x369d361d8627f3fcL,
-        0xca06d544cf6ceb36L,0xc819e0ea34b5d425L,0x80c1ab716ffd2827L },
-      { 0x3fb8c0b520b4161cL,0x3647e67b3734b87eL,0x9c3a14b203e6c9cbL,
-        0x320ed1c1c3620486L,0x6d77d46b5286a22fL,0xbd6036c1bc74a266L } },
-    /* 28 << 147 */
-    { { 0x125951a52e6d5433L,0x7d672aee6a6013d4L,0x6ed23f2560831997L,
-        0xb0e219ae438c75c3L,0x6851dd4bace91d00L,0x84704f7d30f19991L },
-      { 0xd744cb32d0107170L,0x15f51a63b0cb6796L,0xe14712cf5a5807d8L,
-        0xff89f0c5dbfd612cL,0x0c314718bd021483L,0xf9ccd3b11b4b76d5L } },
-    /* 29 << 147 */
-    { { 0x36121d0909b6398fL,0xd9ad591369069016L,0xd3a08c8469cdcfebL,
-        0xd92ae9b2b03e1e4cL,0x1620c549e9b6284bL,0x5860431227ab9432L },
-      { 0x4e1d3134aa314da8L,0x89207aad70910cbcL,0xacee236badff9190L,
-        0xe6390f7cf6eb6df2L,0x0dfc5a5cffa91d75L,0x3474104aa0e7f48dL } },
-    /* 30 << 147 */
-    { { 0x00b75b851871749cL,0x063b748ea00faa20L,0xa516e09f90257503L,
-        0x9ffc43981c800098L,0x49f011f871b00fa1L,0x6fc80517443268bfL },
-      { 0x2802e2bf24a24acaL,0x96fdc71edde88ab9L,0xe3eff1f997e661a4L,
-        0xae5c34e13cb321f8L,0xf863263e301c8ba0L,0x3c3eeb7b093e186cL } },
-    /* 31 << 147 */
-    { { 0xc0f51229e7aa3325L,0x3abde561fa93ec80L,0xd7e5317f4e6df2b2L,
-        0x4eefcc76bc832652L,0x9dce52905d054a1dL,0xee2939da2a6f52e2L },
-      { 0x8faa1d3e092b5422L,0x77f55f7f9ca6338cL,0x6dadad8f6546d37aL,
-        0x0ef4922ef3bf7cb1L,0xfcf41c23200ccc57L,0x591e208362aa0372L } },
-    /* 32 << 147 */
-    { { 0xa933aaf7a4886619L,0x9ec1915f4af13c7fL,0x25a9dff8854de496L,
-        0xa8b31d9b247bec15L,0x468a25c84661e58dL,0x8989c046786a0707L },
-      { 0x282db8cabb66922eL,0x73bf240d45ca29ffL,0xa2c40faaeaeda06eL,
-        0x69632929add94b47L,0xc72354f6b0069076L,0x8d197fbf7878e92cL } },
-    /* 33 << 147 */
-    { { 0x7bd8195662267b63L,0x9352be73894a4ed8L,0x62568211d0bfdfdbL,
-        0x7974999285698b05L,0x897ccd584412ea21L,0xe4cc4ddcb2f25225L },
-      { 0x808539bdb4a1d924L,0x619fee34bdebf750L,0x47ed5b3473aea42aL,
-        0x91e07a9b94ba376aL,0x218f6885edb27e08L,0x4feb09e6c4214344L } },
-    /* 34 << 147 */
-    { { 0x24bf9fbbf3e4bc93L,0x8973b72471151bfcL,0x8e33b753a85eb707L,
-        0x13eba76e50adc461L,0xe445e8e144dd9d2fL,0x8729ec22b1592a0fL },
-      { 0x9a13bf315ec24808L,0xe6ae840c2e95cabbL,0x634f3416e28cdf4aL,
-        0x34d3349b9278cd7bL,0xd74990c542b912b5L,0xaf94b104b2430c71L } },
-    /* 35 << 147 */
-    { { 0x6d26cd01580b15a5L,0x5af25c06dcd849aaL,0x05b00800ffef39f8L,
-        0x8cc59e06f9e0208bL,0x920f69540bc19bf9L,0xc06c4df97faa5ddeL },
-      { 0x9a26a3f4770351d4L,0xda015bd3443f40d9L,0x1afd829c740f1942L,
-        0xb108a8a6566e6158L,0x118e50a9a35e5d37L,0x94cac90eab72a3b3L } },
-    /* 36 << 147 */
-    { { 0x01f7968e60cb465cL,0x4efeffb796e0af3aL,0x6f9016e7066ad6aaL,
-        0xa8ae30e88743aa97L,0x7b77d3e0b7d55766L,0xe1773661c6b3fadeL },
-      { 0xa52fa7bc88f5270bL,0x4de08cb39f7f811cL,0x6021536f9bc34254L,
-        0x47bd18cf4068e3d2L,0xc91bc312ce16889dL,0x468659ea929b71f5L } },
-    /* 37 << 147 */
-    { { 0xa5a2a3b3225b532aL,0x5ed77864167f7874L,0x2b5d475037ae42d7L,
-        0x9bd62f14433b243fL,0xe8dca1b2eea90992L,0x1ce44e53ef5e0624L },
-      { 0xd92c7bf61d3d7173L,0x83c1e65424c19a94L,0x59dce036eafe8941L,
-        0x23478c50d81014b0L,0xb89214bbe65a18e9L,0xf9fd325ea05d9fb6L } },
-    /* 38 << 147 */
-    { { 0x2c4bbee73965ed81L,0x58b6a8766c1a47beL,0x7c8d94f71a67dfabL,
-        0x865c9e42ac6ae9e4L,0xa63a0e42a3114c18L,0x7432c6c92bcf8169L },
-      { 0x1927723c7532bd7aL,0x20b75c7201e5781eL,0x1963e16919d57f9cL,
-        0x05427a3cb10e3798L,0x31bbc661cebc82a9L,0xdd88383ac3862997L } },
-    /* 39 << 147 */
-    { { 0xa0ef513d4adce457L,0x942aea7df9f906d8L,0xe52a2bb5fe22c5a3L,
-        0xfd9fff1f8dec9ca1L,0x19b0e7a27913f99aL,0x58c45dd205660e97L },
-      { 0x6722c47ff06d3c2dL,0xe4927a002a4d127fL,0xdc647c1ef40f46a1L,
-        0x538c8cda7ab7a21bL,0x90227d6cc8015ae8L,0xe62f52dc2d4ec8a5L } },
-    /* 40 << 147 */
-    { { 0x69a9ebd8a83bbb88L,0xcbab0b5a29f98875L,0x325e487e4e7611f0L,
-        0x90aa24b1d955cc3bL,0x840e70a13c264d53L,0x15bcf88bad7f4f81L },
-      { 0xe47552cc2cf0df0aL,0xcb99973379205ea9L,0x25dc58bd10d5ca45L,
-        0x0947d7151228b978L,0x9a0204da4f2c7c4aL,0x4377ea4a4690052cL } },
-    /* 41 << 147 */
-    { { 0x35da16d16bc7d7afL,0x098c4b0271de4ac2L,0xdaa2407c3655dd94L,
-        0x5136884c90380d70L,0x3f47052e762f61abL,0xf715107a8dcd6ddfL },
-      { 0x862a4a6e5d76615aL,0x2b546e1b2128a6f9L,0x5297a3cf40490672L,
-        0xef2cbdf1b9c765a6L,0x52e71cb4426562baL,0x34d0e3237a84f9b1L } },
-    /* 42 << 147 */
-    { { 0x6cd4098d74e7c67bL,0x3bf4193123d2b418L,0x598710ad682135ccL,
-        0x26ccbfe0172d648cL,0x0c4918c5d84dc9afL,0x346e8b6385065417L },
-      { 0xcbc7f2efd353219fL,0x93637eea3c4e4863L,0xb18fc69c2dbbd39bL,
-        0x20614dd45a4b5b0cL,0xcdac0383547adce3L,0xedcdd64842ac8be3L } },
-    /* 43 << 147 */
-    { { 0x76ac6c94b4559439L,0x09090af620319667L,0xef433d73a742e3beL,
-        0xb7ec99eb7cbd7090L,0xcde2579dcb782be1L,0x2a2fb807e75552fcL },
-      { 0x083f9e982f1eee15L,0xe20f65c167779c98L,0x73c044ff5f23e998L,
-        0x5fce594269488208L,0x3e4ca86ccace7ba3L,0x5e3f43b8f32c1acaL } },
-    /* 44 << 147 */
-    { { 0x3ab171a237b42b60L,0x6501afcc4f20e50dL,0x4f9e22413e3a4298L,
-        0x3c5834d9be3b3d3cL,0x9607b8cb9be25af0L,0xcc5f6b6f81c723a5L },
-      { 0x11b9b5d199227bacL,0x2bc5dd9f322cc499L,0x0c3884a0cdbc3a55L,
-        0x018a8ebefd4f004aL,0xa858ee7ce08741d9L,0xb5bbfa2b5d69b3ffL } },
-    /* 45 << 147 */
-    { { 0x57069b4a1b0611b3L,0x24b5421c89da55d7L,0x6433c29dcf9b2fb2L,
-        0xda9382c67869a1cdL,0x67fbb7a343514903L,0xb3429e35e8b224f8L },
-      { 0x4058ef1e7ac51191L,0x56283b0cfd4e6114L,0x4eff0caca16fadd1L,
-        0xe6088db7b6ee634eL,0x94e68bd0ca7bd1b7L,0x0e98796b965ff86eL } },
-    /* 46 << 147 */
-    { { 0xf3176014bbd74a95L,0x5dfe36b51bc6c763L,0x4c463aa27d3d0366L,
-        0xcbd7106cff3b113bL,0x2d660f5a0b6edee3L,0x92d79c864db04c30L },
-      { 0xfd1067cfd2236e55L,0x1ae21f2d90925a83L,0x8419072ca952c451L,
-        0x2f268b473d946980L,0x04831991b709ab5aL,0x0d622a70bf72efd6L } },
-    /* 47 << 147 */
-    { { 0xec468aecf0440b85L,0xaae6041369cea78eL,0x5a88145d12a30f40L,
-        0x438c6e3f37a52bfcL,0x41bf603894749b6eL,0x3d38b86267edc2d1L },
-      { 0xe379125a020a32abL,0x68a6b13a198c3944L,0xed1fb3258be252d2L,
-        0x76dc8df6e15c37cfL,0x5a6592cb6453b542L,0x372b1998b3347c65L } },
-    /* 48 << 147 */
-    { { 0x015c325eb8e79179L,0xf4fc61335b57dce6L,0x27a51e5d78d6858fL,
-        0x13babcab4dd5f180L,0xfaa19cb1847e499eL,0xe2688ae608aaea61L },
-      { 0xe20d7edce86100d5L,0xa9b0d46bed2fedacL,0x5e99cc0c1d357dedL,
-        0x4c1263ab723cac89L,0xad5f3e6ff15e22f4L,0xf25f3950d77dae65L } },
-    /* 49 << 147 */
-    { { 0xf3814fdba1c6fb06L,0xbfde395d8d71559aL,0x6e4b2b1c07e00f72L,
-        0xac0d1aef1e12b111L,0xa4041ea0387dc52cL,0x8004ef4893c80d7dL },
-      { 0xb311b5c29a770d6eL,0xd4a340bbaf41a540L,0xe96d1dbd9a5391ccL,
-        0xcd4b19fb45ebf6ffL,0x142556a5dcb6dbe8L,0xf68968ff092f898aL } },
-    /* 50 << 147 */
-    { { 0x540a2e35c854356eL,0x6d0eab45f5002153L,0xb8f542bd9a6c488cL,
-        0xd572d282c6201f12L,0x260bc62781a3eedaL,0x508621af06eaa5beL },
-      { 0x754eeb205eadc8d5L,0xfe33248f42d4b0dbL,0xf44a1c7ac5529222L,
-        0x9079ccb574396eeeL,0x6c4bc87db9cbdc41L,0x1ee8982431ee3f18L } },
-    /* 51 << 147 */
-    { { 0xb64fc90ed811f25aL,0x310214a2c82c8f68L,0xee559209b5052420L,
-        0x6055c5b45c1bf95eL,0x414f7c8dedce3bc7L,0xd3438b8a66d3cfb4L },
-      { 0x687b9f70d3935eeeL,0x553b15ddd3e179f1L,0xccc9961e21ff232bL,
-        0x3729ac207d322041L,0xf1537630094907c9L,0x3e87f4f903153dccL } },
-    /* 52 << 147 */
-    { { 0x2c21e48c7dae4b17L,0xe842930a07ca1575L,0x3a3d6d361cc47ab4L,
-        0x749dba405fcd07bcL,0x55a538a6f306a498L,0xe85c60be633d42bcL },
-      { 0x777595f2dafa94a7L,0x1c690529a0400ef6L,0x41485f886bfa23bbL,
-        0xdead14a1256d9204L,0x74f1a820bbda2f9fL,0xc86554f65fe54284L } },
-    /* 53 << 147 */
-    { { 0x03ee764b978ad2dbL,0xec253b0f01c9282dL,0x028e7873fb26c425L,
-        0x3e1da0436504ba10L,0x68369881531961f1L,0x0365ea56ee435146L },
-      { 0xf5505ae80c00a6b4L,0xc1ac097403f34fe3L,0x7327b391b5922f68L,
-        0xe561cedd1845ef9bL,0xaa82258c6a44b29dL,0x23e39cedc4d56159L } },
-    /* 54 << 147 */
-    { { 0xf5a07dedd14a3ce3L,0xeda454ec9c47615fL,0x01d6b1562775730fL,
-        0x3ec02f95fe4d93f4L,0x335806e4dcbd0ceaL,0x3f498d1b51a19d96L },
-      { 0x9949c853374b7210L,0xb255d34b25980320L,0x3b681db4307b513eL,
-        0x4137053add10a78aL,0xd9c0f2728dcaae0cL,0xcbeb6b7216031955L } },
-    /* 55 << 147 */
-    { { 0xd1b13e72c709af4cL,0xb4b99796c12f27fcL,0x9e56569a05e2c06eL,
-        0xd8c880631212ba12L,0x8da1a6704e7f8fe4L,0x3bbb314f875bb39eL },
-      { 0xc56ef7088fbc8a3fL,0x39b3cef2300d21bbL,0x5e755398458e347eL,
-        0x9f7b84b16c1b2162L,0x278ffd26b08d0c52L,0x7c8a442a9ec7febfL } },
-    /* 56 << 147 */
-    { { 0x3c0e2b9737e8e6b2L,0xa2037913575da8b7L,0xeedf0a75b925cbb2L,
-        0x4f28ec1bc561b405L,0x368fb2742901931cL,0x52b54eee2f26221fL },
-      { 0x381845b6247812a9L,0xf9bcc9619115a0dfL,0xef127dfecb84d25bL,
-        0x4256afe5fa10e0a7L,0x0c08a532353a15ebL,0xbbd15b176a91e61eL } },
-    /* 57 << 147 */
-    { { 0x3c573b2655574ae4L,0xd3f12e8f2c0be823L,0x5954b69fde9ce60eL,
-        0xc433991bcedfd1eaL,0x35696716718e950bL,0xce4318664e9cc107L },
-      { 0xee16b6347359991cL,0x8f05851b1818a113L,0x257a228c3b494b59L,
-        0x4239f98e156f91f6L,0x2382157c72efdcc4L,0xc82b652cff7b7ac1L } },
-    /* 58 << 147 */
-    { { 0x072eee036b7a9a38L,0x42a680cbaef9b327L,0x67311eb8b56fb35eL,
-        0xf320acf3c7de3776L,0x09c89cc3ed15e895L,0x368501713232345cL },
-      { 0x5a5fe1104822f90eL,0x64f7ef18c6077b89L,0xbbc5748c8bdfb971L,
-        0xdf5488334b6209deL,0x02268bf676e7f595L,0x1c7971b447779e75L } },
-    /* 59 << 147 */
-    { { 0x90d308b495c9497fL,0x277535b782c903f6L,0x443cd37fc5d7b4c3L,
-        0x48ebf0acfcaff8a7L,0x8ee8c79e579f25f6L,0xb825ccd8360ffd90L },
-      { 0x6327be1599fe4be2L,0xc94c68cf59ec2909L,0x0dbf8d4456660ce7L,
-        0xbb31989b5d510edaL,0x43c8c365c4a2e601L,0x100de78314dcf793L } },
-    /* 60 << 147 */
-    { { 0x635ee0f3d33ac52aL,0x609c328dd1970e1aL,0xf28ddf0a09426902L,
-        0x2a94d4decbbcbbe8L,0x15890cf4ab7ecf5cL,0xb14a405df2dd4135L },
-      { 0x64659a4fa6d01554L,0x1d1b2c43cc966f9bL,0xb02ee871df0e48b3L,
-        0x0bd13e47f4dc3ebaL,0xb4763547bb4fc529L,0x868650044068ab72L } },
-    /* 61 << 147 */
-    { { 0xe3d60dfac22bda56L,0x021411ba6be2f502L,0xc1dd4d55b35e750fL,
-        0x708b62cd4d5e1648L,0x234a80c6347b8b8dL,0x53b6fa80f3ba912dL },
-      { 0x4041b8007b92c92bL,0x636c12524b6dbceaL,0x4ea250d08a1aa141L,
-        0x9ffa7e35a2ae7be0L,0x765c809cd2844e61L,0x5bcabd922d56de12L } },
-    /* 62 << 147 */
-    { { 0x48d594e522205fbdL,0x79c78f1c0862eb11L,0x02a3becdf7798099L,
-        0xbfe574a8b1ef2ae5L,0x1bfb7779c4781f34L,0x7211dfcf044da23cL },
-      { 0xe4c3fd7dc3686ef9L,0x14c6e5b5e74210f7L,0xc40a0a0275ab746fL,
-        0xd2033594621f6369L,0x6bdbbe3d66241d44L,0x014b089ee47f00e9L } },
-    /* 63 << 147 */
-    { { 0x93e3a89108e65849L,0xf90a376ba1a712fcL,0x6555d6dff1a48fcdL,
-        0x984ec5c86a763e90L,0x7a7fe565e55d6b14L,0x12550fe809b2e8b7L },
-      { 0x21736c048e41210eL,0x72ae44d448ce08f6L,0x02755a2871fecc50L,
-        0x379da24beb485ee5L,0x394cb7ba66d7b659L,0x49fc9d60ab638c33L } },
-    /* 64 << 147 */
-    { { 0x854b05846150771aL,0x35fdd9b4d9ca9868L,0xec8293894c32fc71L,
-        0x882fad4c9ec8f90dL,0x2d39990dc6c7b9c0L,0x7fbc201bd71a25e5L },
-      { 0x6b852e655166da7dL,0xc6bde23a3d8c6e36L,0x370011545857f048L,
-        0x746621fc1ccb9bc8L,0x97e44e63612bb853L,0xabc3b450758da4edL } },
-    /* 0 << 154 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 154 */
-    { { 0xd25f650804926a41L,0x7236b475514045daL,0x0b36031108b9b08bL,
-        0x16477aff3fe92e91L,0x6e5f6cb103189ddcL,0x81ff008ec698a38fL },
-      { 0x02a09218c93adb23L,0x71fcecd3445d8faeL,0x55a15eac8fd6b76cL,
-        0x1e37ec3611ef96b4L,0xd1b3b3fc30e433b5L,0x4951873351d174c3L } },
-    /* 2 << 154 */
-    { { 0x7914213db8c9f82eL,0x7a3e4e38fc038e90L,0x6edae5a126a34238L,
-        0xe566bf50701ce8c7L,0x3562e87555656e02L,0x48325ebfb4e8efbfL },
-      { 0x5f10a50466505ec3L,0xd8b9834b8da78aecL,0x49d1fc25cc2f2e40L,
-        0xe973bb1caf5718c1L,0x9b8825dad2d6b890L,0x7de7885ee2f00f12L } },
-    /* 3 << 154 */
-    { { 0xfb0fa0e6494fe64fL,0x4ea468b59a907f37L,0x9bb6d672cbabb7ccL,
-        0x523c7c6ea5be2b38L,0x4065adbb361c2e41L,0xffa1299925c13172L },
-      { 0x0eb29793f80d5e2dL,0x862fe1ae8e4efeffL,0xd485483e948895c4L,
-        0x513977300d80d5bfL,0xb4731ffc348782f2L,0x42543c76e1a7f6aaL } },
-    /* 4 << 154 */
-    { { 0xe37211be7ef79898L,0xa810387721344d16L,0xfdcd7e26a1b9f8b4L,
-        0x5641e45d7d7f72d5L,0x5377c1bec449c920L,0xd3edcb0cefc7b2a1L },
-      { 0xc657a9ffe14b42fcL,0xc8f858c800831b07L,0x6bfcd1bcd020eaa8L,
-        0x17534b0a3f6860c7L,0x8ce5722284c7c806L,0xa1d40eaf2bd7456bL } },
-    /* 5 << 154 */
-    { { 0x28b88cbb1a7093caL,0x09275152080a85ebL,0x0bee7d979c1dcc32L,
-        0x43698f5f5ed033a5L,0x4f142867b0f0acc1L,0x6e6202ecf62960deL },
-      { 0xe95a607ff005b671L,0xfeee8ea060cae478L,0x456bb6e90e8ec6e5L,
-        0xc1c0319a9d088a59L,0x29c6898bbe3d2379L,0xd7049b2af8a8628fL } },
-    /* 6 << 154 */
-    { { 0xe0c93007c9aa57eeL,0xebb2d47b8895a604L,0xb8aebc49c4fd6ffeL,
-        0x2c06e1e573f300b6L,0xa019070d81628b8bL,0x2db1690bbaf8c1eaL },
-      { 0xb3fce6c8cc94ccd2L,0xf301463885bcdf4fL,0xb1e62616e2f82c32L,
-        0x85581e2468295a54L,0x0f2e2ff5bf51f8faL,0x940716f1155c1f6fL } },
-    /* 7 << 154 */
-    { { 0x15b2dd270c6bd5f1L,0x07b5bd91eb086d0eL,0xe701742e97c5f5caL,
-        0x3ce5f3f6eea06ea6L,0x51a81a6aa9cee784L,0x2bd404c1c7182fa7L },
-      { 0x27deca74d5b8bde4L,0x2c1931c595385e4aL,0x04fcb34e3a79d65fL,
-        0xdf3357edad1babceL,0x8bc628ffa31af476L,0x42ce1d91e5cc9e78L } },
-    /* 8 << 154 */
-    { { 0xaed02b6b4e623856L,0x7a6d2bef3e1d74cbL,0x82226ec4654e7c30L,
-        0x008ac003e7034bfdL,0xe343c5407fd6b555L,0xca1b29071b429d44L },
-      { 0xe0702a339c3ceea2L,0x48079aa9732694c3L,0x7e6d72f6d4652401L,
-        0xd92655ed35f60043L,0xa0dbaac6273e8cc4L,0x0bb8f0f93c3ffb40L } },
-    /* 9 << 154 */
-    { { 0xc3134781a91940b2L,0x37579fc9e9b90620L,0xa506227a08acd6f1L,
-        0x603ecce0270da73cL,0x8a53b67d7fdd70cfL,0xe29b7df299640bd6L },
-      { 0x7bb4fa877569105dL,0x6ee80ae8567bb5e9L,0xf394bd02baccabefL,
-        0xe854b3a6309c944fL,0x1271a131f06246e9L,0xbc1c205531580147L } },
-    /* 10 << 154 */
-    { { 0xb41b87b6c95cd23bL,0xb99714ba55e371a4L,0xb138ee8f6f571cebL,
-        0x09c42be480146ec7L,0x275ee21eee9aa125L,0x0cef4d6f3a878b59L },
-      { 0xd436eb1ca801068dL,0xe2c5448c762b8a80L,0x243beee1f3640ecaL,
-        0xf979458b32bbba7aL,0x6bc26cfea63407d3L,0xd3b6e132392dd1d3L } },
-    /* 11 << 154 */
-    { { 0x123ae65005d0072fL,0x9f101624f0656bbeL,0x762bd4f4344e283fL,
-        0xd1f70d5161b6863bL,0xcd99382592ef9a38L,0x53aaa0c3ac2bf9bbL },
-      { 0x13904fb521ef9a43L,0x0470a8ba2beb8f44L,0xf3733943fcfe9ecdL,
-        0x10b8881a79d776dcL,0x89b94c67b82b7139L,0x7af5147aeb962922L } },
-    /* 12 << 154 */
-    { { 0xbc06ecab3de4ba2eL,0xf51ca0639e491bcdL,0xa6fc6fa0453c94beL,
-        0x5460f943ed1a6731L,0xeb11656a4ec3f1fbL,0x2fcb2cabff1e7d4eL },
-      { 0x595264678fea2286L,0x838117a34e0bee38L,0x7bdf588824fd2ce5L,
-        0x13df0c839f2c2925L,0x1bf621e6dee97f30L,0xb43b2558ebea6641L } },
-    /* 13 << 154 */
-    { { 0xf49a97d80a33b97cL,0x4e68d71512ab9bcaL,0xc0d361c04bdb65a3L,
-        0x5fba9fb86cfb0cafL,0x222e12ca2a716589L,0xaea01502731f5099L },
-      { 0xf322ddf7e97b37f1L,0x050e82a5e55c844dL,0x01ef972ba11d664bL,
-        0xab30502882c737b6L,0x43aa811185e39769L,0x766a9350937c1456L } },
-    /* 14 << 154 */
-    { { 0x246c86608e729329L,0x39fcc41dd693dac8L,0x48a65b54c062a6c0L,
-        0x368a57706a5a3101L,0xd143600f47ed1988L,0x48466d92a764ce3dL },
-      { 0xb05006135a22cb6bL,0xf1d77247edea070cL,0xb1ddd151617f2464L,
-        0x7905069828b83fd9L,0x021abb26d70bf93eL,0x590b3c42ab5a5e1eL } },
-    /* 15 << 154 */
-    { { 0xe86c737b728b8438L,0x21f45a22acf1dd66L,0x6f29f2d7abd4de3cL,
-        0xa223154576d4435eL,0xad902927f5fcafadL,0x272cceeb04f30557L },
-      { 0xc2e4e0017ebbb2d6L,0x73954580bb873ec3L,0xadf5ec7ac7fa9088L,
-        0xc036da0464006dd7L,0x9c3545b5e8274f69L,0x6e153c2552325f50L } },
-    /* 16 << 154 */
-    { { 0x5906a35c1cfb991fL,0xb62a4f80740a7744L,0x65c8ac9136f84763L,
-        0xf73b3debbe0f1dd3L,0x40358868a2d26c21L,0xd907e90a76792ae7L },
-      { 0x3ecea167668c3d5fL,0x731068f26754b49cL,0x6db891090e006243L,
-        0xd29106e6dd94681bL,0xb40b8694a85a3de2L,0xc80c7bf1936b86ccL } },
-    /* 17 << 154 */
-    { { 0xd735de6b91f7c76aL,0xd89aa1d4b054837aL,0x47c1a397271e94c4L,
-        0x8d91f3f9dcb7c071L,0x4cf9be2db4cc209dL,0x4fb6842ec08190d4L },
-      { 0x926423a1d7b2aaedL,0x5bbfc08957a1cb44L,0x44438c56021defb3L,
-        0x8b9a2b1ba09863cfL,0xc9d5c170e37e339fL,0xa8994d5dabb18c7aL } },
-    /* 18 << 154 */
-    { { 0x003d45d011913575L,0x866cb2dd87e1186bL,0x692f630146b69a22L,
-        0xd296a55c8174c1d1L,0x77ef6fbe9f17af00L,0x6b588be93aa922e1L },
-      { 0x99ecb44f033e6dd7L,0x32edea2c1d22b7cdL,0x3122b027ba7006f3L,
-        0x8950054bbb6ebc5cL,0x4f6d606182dab805L,0xc12055181bae5f1bL } },
-    /* 19 << 154 */
-    { { 0xeca71515ad7edd2dL,0x3f9c330e9bf56567L,0xd0b62d6749104bb1L,
-        0xde92596410cc8d89L,0xc7a083f4287fc898L,0x8ba176e712d15d2bL },
-      { 0x2cee62f7b4c8c4c1L,0xc15966c2ef79aeb2L,0x9b449522427c11a6L,
-        0xcc850028eb49b2fcL,0x0966a06d3a22720dL,0xfd511944a1e78c8dL } },
-    /* 20 << 154 */
-    { { 0x28d33e79e08c180fL,0x768c7794f6aec9ceL,0x5a749f3bce683c5bL,
-        0x717629d98371fe75L,0x5e828fc057712c1dL,0xb46c6ed17e4c61aaL },
-      { 0x5d927bad5bccf95cL,0x55d6fc80d72f68ecL,0x560a99a398591dc2L,
-        0xc885fe8a4836664cL,0xd18acd4226d79298L,0x05e4cd17185df1d7L } },
-    /* 21 << 154 */
-    { { 0x9c1e5db3ab34fbbeL,0x0d4b1e742f7eaa94L,0x106b0b5c86de1289L,
-        0xd2c6c1aab691a830L,0x2e55cff9b9717593L,0x4522b37d075e5e95L },
-      { 0xc6ee67ea3abfeb96L,0x35844bbd890b04eaL,0x0246545a55d6f65bL,
-        0xc66bad2b13594e25L,0xaff4c6b35d6aa7d1L,0xebb7d2b5a3f42a84L } },
-    /* 22 << 154 */
-    { { 0xebc60e21fcc83355L,0xc94dbc02d9119b77L,0xceb05a312f18ae9aL,
-        0xa8462962b8f69016L,0x58dde5a48f67b5f4L,0xb8bdf9c9af3c234dL },
-      { 0xe95c069f80e85df8L,0x9d525e1bab3aa0e5L,0x73c8a92f76276d8bL,
-        0x7feb4abd163530efL,0x8ca949b35ef5ad73L,0xe129431e2e3d057bL } },
-    /* 23 << 154 */
-    { { 0xa263d726c129d188L,0x89da948e9d526adbL,0xc7319a5a6b8a9149L,
-        0xd85d382d8816f421L,0xfad69eb1844032eaL,0xf668901a4233122fL },
-      { 0x246cc0de210ddea0L,0x26d8ccb70bc07dbaL,0xfc1b558470e6708cL,
-        0x853802b775fa0b44L,0x215ccb88bb75a5b2L,0xff50f0cf24e60054L } },
-    /* 24 << 154 */
-    { { 0x9d8a925b60dec308L,0xb72e3efa6b3ea363L,0x4f53ca6ddfb534b8L,
-        0x4e64874c6dd78a32L,0x336e5b46c2a146d5L,0x07c76d6398395201L },
-      { 0xa4c095228fe3e815L,0x887e659d3221cc26L,0x0ff92f64c36286ecL,
-        0x57b1b903c3ebb08cL,0xc6bdc9b665f00c30L,0x826242269a46d36eL } },
-    /* 25 << 154 */
-    { { 0xe054597768bbf4f6L,0x17bb77edb6e2cc19L,0x0cc551d89ae950f7L,
-        0x3490778d761763a4L,0x1c36044a32647ceeL,0xa6e083223f9d2938L },
-      { 0xea392a153a656a51L,0x4d51161ba083cb54L,0x15c01e792c690757L,
-        0xc7bf5d7c5cc62636L,0x1b00cddab2ccd76aL,0x68f49fa995313f8cL } },
-    /* 26 << 154 */
-    { { 0xc782c16c1a0b619aL,0x8643d42bbe316086L,0x49d2966bc0daa421L,
-        0x080b1cafb7b487e0L,0x1d33bb53144de273L,0x8bafce2d6faf7ed9L },
-      { 0xdafbe3cf408d4636L,0xf10527df7ee8835bL,0xe1123f3ee2e75522L,
-        0xb388c64bebe27d60L,0x2cb38dc1e3f1f55eL,0x57ff8e43e34524d8L } },
-    /* 27 << 154 */
-    { { 0x557dc1cbea28398bL,0x34d5709a208996b9L,0x94470993e97a3306L,
-        0x0343320772b117f3L,0x66c4e442f056525fL,0x27753c526d11dd35L },
-      { 0xf0aa7658b26a70d7L,0x95608b19543cd7ebL,0x618b2e17bac19156L,
-        0xe7e42948cae64ba1L,0x2016a9d59657ec93L,0xa38f67e03d7ea46cL } },
-    /* 28 << 154 */
-    { { 0xd67dc92b85653dc8L,0x8e0970af0bc93ab9L,0xb6f09baa8b87c0afL,
-        0x5a8a903052760ef4L,0x2e2ae7561047bf85L,0xd049078f85bd4e74L },
-      { 0xced11ff83729f708L,0xdd21cbebd91068a6L,0x83d488ff24b3e911L,
-        0x6e166fda1afd2196L,0x66a912114f0d2128L,0xd11078ed05c9f39cL } },
-    /* 29 << 154 */
-    { { 0x69aef6f919c64bddL,0xe7d4f909598ab592L,0x48952e280e55124fL,
-        0x637693f6290b558bL,0x3afb2e7b421e60e9L,0x00d1dbac79aac8a9L },
-      { 0x45156c5cc08563d5L,0x8cc201be4519c881L,0x2e36c0d7bd616581L,
-        0x595fe0164ee16dffL,0xeebec40ae4889c65L,0x23b6dfd7d35b94e7L } },
-    /* 30 << 154 */
-    { { 0xd87003d3bdbdf0cfL,0xe9750b5b56c298f1L,0xc256c3a2b73ad05dL,
-        0xe0779a192ee94279L,0x31d8b3c6279626a3L,0x469056bb90163bc8L },
-      { 0xe6aeabc623755853L,0x9fffdfe2896a6f4cL,0x15c1ce78a36cf41bL,
-        0xd4c8c025eee41941L,0xf7a917ee7653be9dL,0xfa3cba9659d52222L } },
-    /* 31 << 154 */
-    { { 0xa02f08586d8c610fL,0x9819c563ad4af3cfL,0x085d4439b95d17eaL,
-        0x9df256ea616f532aL,0x5e9c5419cebd249cL,0xdd5ffbf451062a22L },
-      { 0xb8910ea5c8b33577L,0x5e8b7ff7ff8e63d7L,0x5e4f3926b24e230dL,
-        0x163eb51eacd851d7L,0x9bda95f2ea2aef8eL,0x3d6887755aefa290L } },
-    /* 32 << 154 */
-    { { 0x913f92075f8ab132L,0xd5b6792c5c14080fL,0xefab4e2c787c3594L,
-        0xa55d465fe7b7b7ddL,0x921aaad834e28e6aL,0xc4f3a35e12d6a7bcL },
-      { 0x109803c46115a5aeL,0xc023098ce709f9a1L,0x1a8c8bdb99c5bb66L,
-        0x1cd1c2b6bc7c2da7L,0x50189c975f927eefL,0x493823d1229f9410L } },
-    /* 33 << 154 */
-    { { 0x34ec4dc840dedfb0L,0x1109ddb93aa89063L,0x93d9db278c218bb9L,
-        0x07131b6e0b6007ddL,0xf90570ddcc4690f0L,0xa6a9a634afa26a59L },
-      { 0xbd0c25194292e2b7L,0x92b99706a6d44b7eL,0x89481adf4942c03bL,
-        0xff5e56b98a0c30d5L,0xdfd8939591c80fafL,0xed9d140840663594L } },
-    /* 34 << 154 */
-    { { 0xcc22db55c41e42fcL,0xc90ec77e4c9f2411L,0x419b9f46e4c02557L,
-        0x156ed30ccee45c60L,0xf2c1340a72e4a938L,0x4a9cda8a204775a8L },
-      { 0x900fd58713952b75L,0xa82ec2b812461145L,0x9f1875d41db68028L,
-        0xaaa6af31308475acL,0xa11f379442d4b884L,0x1f1fcbe3d087882aL } },
-    /* 35 << 154 */
-    { { 0xa32d5a80a292fbecL,0xe0b10099d7091eabL,0xcb99bf7b4bfe6956L,
-        0xfd806d4c61955461L,0x7124b1bf931066fdL,0x29fad019649ccbf7L },
-      { 0xd1fe7911049609e7L,0xb568e167592f93c1L,0xabe7d10398ba066cL,
-        0x0cd22c9668d7ac2cL,0x0ccd0c21427522d3L,0x97ba199ba503b4a4L } },
-    /* 36 << 154 */
-    { { 0xa0f2da0c78a2cbf7L,0xd1611acbd163d80dL,0x1af6ee1bf2cd3795L,
-        0xc4993e08307d6105L,0x84c3b8f8560b5f12L,0x4f52c56347869733L },
-      { 0x8fd9e3f728d28bc6L,0xdbf34576e5d44bd9L,0xf7e3a6da10d14cb5L,
-        0xb93870990fe051ffL,0xf6363a48f15d43d5L,0x4bc358fcf434d1acL } },
-    /* 37 << 154 */
-    { { 0x35bac9471eae6dacL,0x4244697e39d6fe97L,0x16ec7f64fe017230L,
-        0x393856d10493823cL,0x0782fbb55b7cbbfeL,0x4c399e3f5820f9f9L },
-      { 0x86311cd9c08fe816L,0x057d4cbbc3ac958bL,0x63f09d484bdb0531L,
-        0xab0b582b0b89ea02L,0x19c52243beb30331L,0xafa64f25ca87ff6dL } },
-    /* 38 << 154 */
-    { { 0x0d28a67859b1f4aaL,0x79b04589c52d40f4L,0x443b7fa5219303d9L,
-        0x5be78d9663972eceL,0x0ccb969e7d984869L,0x7d8738077f81916fL },
-      { 0x3502b3e426d9f292L,0xda1de7a82c90b612L,0x5605f5dc434f27c0L,
-        0xa50d3328df89c616L,0x5a80cf84e7082731L,0x2c89e4b6f7ce953aL } },
-    /* 39 << 154 */
-    { { 0x7a46cd0d01fdf1e6L,0x86868e74e8690fbeL,0xf038771d8a8fc3b2L,
-        0x30135b3084303d90L,0xa7ecb9ded562d20bL,0x7a6d1f37884cd233L },
-      { 0xa30ca0bb07dfad3bL,0x1690d6018e09fa7fL,0xe582449f6c744551L,
-        0x0b0030a21b935d17L,0x6b46681272bdb78cL,0xe40d4e5f56d4f328L } },
-    /* 40 << 154 */
-    { { 0xa29978fc62a8b8b4L,0x4cc216310fa130a9L,0xe4b51c6bf15e04c8L,
-        0x453cf4d23f815420L,0x1257c751c6282b9dL,0xcd15b03c8af1af36L },
-      { 0xe3596240514ef6e8L,0x72a6691708ab83d9L,0xca0a62d710e44b2dL,
-        0xcde068128a9b8a8dL,0xd492b261ba470875L,0x5c7ea67cc6d7aeb8L } },
-    /* 41 << 154 */
-    { { 0x6acd945fc0995487L,0x06d5b2e47abac4fbL,0x42cddd75aaf3d12bL,
-        0xca7d2363de1b9632L,0xbb1a1990dfbbb30fL,0xb0beb43139fd7bd4L },
-      { 0x9ceb36884fa796e7L,0xb4d2bc4ba3266ab8L,0x79bda9d6e02df012L,
-        0x414636bbf6faf7c4L,0x0a6603b9d1ab23f9L,0x2bc60c848db14f7bL } },
-    /* 42 << 154 */
-    { { 0x1b36ef27007ff90fL,0x394fe8095111399dL,0xaf4f246cb758e748L,
-        0x794e4b151a7139a2L,0x40869a49eb527db3L,0xf2e15106f46d1b34L },
-      { 0x46619f0352ac96e6L,0x40f556de49caf0c4L,0xa36b11d693072befL,
-        0x871919b4ab2dad50L,0xf44b8084792dcefdL,0xe051823dbc31b021L } },
-    /* 43 << 154 */
-    { { 0x56293d8dcfd7432bL,0xdedf8dfd1d5f72c4L,0x743f4a71ae604fb4L,
-        0xfb35ab43730caf7fL,0xcaacce6b20fc2167L,0x21ec3a0daa8ac71aL },
-      { 0x4fdf5890c21ac9baL,0xbdc41ecfd6149328L,0xb1ac4d519b381c55L,
-        0xc4cc08fd63f10a98L,0x2b9f0d3a4913a671L,0x9ce9949cbc36a952L } },
-    /* 44 << 154 */
-    { { 0x5049a7d3f758b1b2L,0x60beb74f14ab97b8L,0xdfc47828a9ff8ad3L,
-        0x303a0cde8bb99766L,0x53f4b45a43b9a7a6L,0xe467aec8ca6e8c43L },
-      { 0xb8e7db7b3f573855L,0x5fee5a5481e760f1L,0xe928b23385b0fed4L,
-        0x72f02728ebae0b7cL,0xe32abf70bb5897d3L,0x103e8b859c572995L } },
-    /* 45 << 154 */
-    { { 0xf321278c2dc1a02cL,0x06ca03865dd09f91L,0x3c28640b7bac9e7aL,
-        0xe3a7f9b527b1a011L,0x9137ad0407ccedd3L,0x3a2976a8cb6b447aL },
-      { 0xab1c39248225c1ecL,0x30703f108f9022a8L,0x212f0f1bb0b2a64bL,
-        0x76ad924b3e73862fL,0x47253a5c84842ac8L,0x33a03a17755af95eL } },
-    /* 46 << 154 */
-    { { 0x97c371fc5a274b61L,0xc7362cdbb14c680bL,0xa8cdd929efbd49afL,
-        0xdfb2d5f075325f06L,0xf62d10e2b905531bL,0xbdfbfd8462ed0c3aL },
-      { 0x252061599d07d2daL,0x1376775152491224L,0x165637057413313cL,
-        0x642a7911a2b88eb1L,0x42d9dc6806ffe363L,0xe81d3403017bcc9fL } },
-    /* 47 << 154 */
-    { { 0xa68ce9db93d57f06L,0x4d1fa86a31dba07dL,0xf11603178c4822abL,
-        0xc2243680633c26f5L,0x6b4e91cd10f1da80L,0x4358155734827d78L },
-      { 0xbf54e87400c19817L,0xf52b94c4f2bad957L,0xcc85de8144e71756L,
-        0x4f7d8ca365b7a8c2L,0xff76efa579d7c36eL,0x50a444025952932aL } },
-    /* 48 << 154 */
-    { { 0x87c0ef84172784bdL,0x023128267a5f2d07L,0xeae5c0cec9901fa3L,
-        0x6ea74133a11144e5L,0x740c3d2ed8e89beeL,0x88e06131f9bb1801L },
-      { 0x47f253754356fd51L,0x8e2ca6ce38e45ea1L,0xf0afe990c2ef8066L,
-        0x91b7263d8ea03d0fL,0x37b01664880ca591L,0x61306f09790c8ed7L } },
-    /* 49 << 154 */
-    { { 0x084c4f92b24a5736L,0xf3d01da90a3c3859L,0xd37c47ed7468b812L,
-        0xeb539a939567c798L,0xd852f502acfdc072L,0xd8e5454996245975L },
-      { 0x42ec3948db5e323dL,0xdbebd1c7002d3fadL,0x9cc5db55d7c62d0aL,
-        0x22af02388afa4c07L,0xbdcb68fc6979eb74L,0x33763dd544dc11baL } },
-    /* 50 << 154 */
-    { { 0x4734465f87c2e496L,0xbafe4fb4eb7d82c4L,0x940b168521837f17L,
-        0x790d7041345a66c3L,0xe9973cfd65ea596cL,0x45fc95df058b3350L },
-      { 0xc63bf91405d08638L,0x36e6af6476465a92L,0x7fe09193f1eb3701L,
-        0x364f64f06468e2aaL,0x83108431f7129cc9L,0x3ac117205606bf94L } },
-    /* 51 << 154 */
-    { { 0xe6a85c7d34dcecd9L,0xc14437fe338cdc1aL,0xa5eeb471b3a9233eL,
-        0xf230947c71349a62L,0xe704a95686308ebbL,0x0ef4d4da4a362a8dL },
-      { 0xae9be4394b634c67L,0xf736c07c569f0039L,0x7356f3010f5f07d9L,
-        0xc86c4000823c9cecL,0xc43b3489951ab5faL,0xa7a3b3a6b46bb659L } },
-    /* 52 << 154 */
-    { { 0xb1d6cb737337af87L,0x09a59a6908638c3cL,0x4ecc3fd25d94c727L,
-        0xa7b57269e274ba87L,0x909cd824a61a0590L,0xcbe63cfe3c11751dL },
-      { 0x9574de8347c46efaL,0xee334cda539b7e03L,0x245bc6a2e3ef3599L,
-        0x13a570fee88d0da7L,0x88ede26d90ef4a21L,0xa0c5953b01fccebcL } },
-    /* 53 << 154 */
-    { { 0x855ff0f7657121c2L,0x18754814f94c7402L,0x720f1e3c32ce8340L,
-        0x7ecd080ee8e49d3dL,0x2838e642f0bee412L,0x69cad618209f8e60L },
-      { 0x5730f2dba983a4cbL,0x74957697f43896a1L,0x68de04373dc55d4aL,
-        0xa2fbb915628698bbL,0xc8279c975cace19dL,0x7df557465fd52bc0L } },
-    /* 54 << 154 */
-    { { 0x1cb1c2f378c3f521L,0xa425f99b63116c7dL,0xc86b48c36f7c0e71L,
-        0x9e92e82dc76a73ddL,0x8c0414657e7d6df8L,0x99e7884d38c02d8eL },
-      { 0x6c53c0cfb78a7e50L,0xcbcb5114481d60ebL,0x1eed68ed035b4441L,
-        0xdc95269f755f18efL,0x3ad7f32a3fe51f12L,0x981782d017296245L } },
-    /* 55 << 154 */
-    { { 0x7743ef2655fcd15eL,0xa73944a4d07f3cc0L,0x3161d6a32438cf14L,
-        0xad193a9b14e8938aL,0xe1de190e872dac01L,0xb165da2fc4795b10L },
-      { 0x1eb89d519e155bfeL,0xc8b97d94c9c552d5L,0xea7d3edb108c4c82L,
-        0xafb60b29c10acbb5L,0x331b316b82c7b642L,0xa53c4b3d719fa342L } },
-    /* 56 << 154 */
-    { { 0xc8dc34f36b3bcbdfL,0x952d337b24d72806L,0x28b8ec817e56e8c8L,
-        0x98e78abdbe861aebL,0x521773ddcf3bd040L,0x582ffcb2b7ca45d2L },
-      { 0x70962c0a04202ac8L,0x31b6ac909f29381fL,0x3b4cd403355715a7L,
-        0xffbbd1a7399a071cL,0xac669b08e50f02d7L,0x0f568c89b2cf0565L } },
-    /* 57 << 154 */
-    { { 0x2d2afc2daae7e637L,0x840e47c782a818efL,0xfe26a67c879f2451L,
-        0xd41d289810f54247L,0x36040f4877119f14L,0x741859a983f240ccL },
-      { 0x15f9607a8fa720c8L,0x8eb70f6df7b8e32dL,0x755394229b98d670L,
-        0x80a4a127750c4e62L,0xbe88d03195ca3a50L,0xfadeb53dc6411eb6L } },
-    /* 58 << 154 */
-    { { 0x19f29da06b824028L,0xa5cfd12b7bd354a7L,0x1cb5d74caeb59b3aL,
-        0xec9a8ccc47211999L,0xd7f2a1c17852f167L,0x134629209a1859cdL },
-      { 0xdd65f7ac9e3a339fL,0xccaa968075437831L,0x25772f9b7f502bb0L,
-        0xa64cd12f6fa0aa66L,0xd2f46ac62af2c3d4L,0x58433d963f262a2fL } },
-    /* 59 << 154 */
-    { { 0x747757c6715ba7e6L,0xc01b73c1f9cbefd2L,0xf1d96de501bbc017L,
-        0xad554e91a1087f55L,0xd9b74be65a6cc716L,0xad2f2c0320317019L },
-      { 0x42ef19c207893532L,0x7f3624c40858fdc1L,0xc104bde7078936c6L,
-        0x99af706682b5f95eL,0xa40e02625a13a9a0L,0x6c0251c40a318574L } },
-    /* 60 << 154 */
-    { { 0xedb3abb1fe36eed2L,0xbb2cc1e6a038298aL,0xfa0ac06fe5adc3beL,
-        0x7cbcef3eae73ebe1L,0x41596590cd676b87L,0x6cc8c0ae214391d7L },
-      { 0x826e2e16fcb3f244L,0x1ed7837e1be22058L,0x83052d0d1a9912b3L,
-        0xa2cb410c8ac3dbf5L,0x279d555a7faa6bc7L,0x870e7132f52b439cL } },
-    /* 61 << 154 */
-    { { 0x5957428e385308d3L,0x49ba20b3bfdae187L,0x4e1281c3adb44defL,
-        0xebe93dc4e75c6cf9L,0x81d1d1cff675fc6eL,0xbe01bcecfe0e371cL },
-      { 0x713f294d336bc7caL,0x1beb1508e26a1903L,0xbb5feab4b6819961L,
-        0x28bede2741bfc7efL,0xb0a5108bb3365719L,0x81a8c9255ccd21a3L } },
-    /* 62 << 154 */
-    { { 0x4f3d90af2bea6870L,0xfebb0de2ca26ca46L,0x109d96e5d58bd9d2L,
-        0x4b42928cd9882c8aL,0x5238cb7a8c73adcaL,0x9d79d72a4adfc913L },
-      { 0xba58929d1f0bf201L,0x0b7790a505f52baeL,0x361949aae45fda0bL,
-        0x21b2d006af3f732cL,0x1ed05dc33aa84bf8L,0x2322b7f72405980cL } },
-    /* 63 << 154 */
-    { { 0x4a38b5b2c7151e42L,0x1d5dd94894550168L,0xf2adeb5b7b3d1d93L,
-        0xe15c42fa36661a89L,0x7d55a3f27a3aee90L,0xbe1b5c39d9d350a4L },
-      { 0x9c4d6fa2610f16b8L,0x7b96051da60fb18eL,0x539762fa496c018bL,
-        0x048ffa39168a8f22L,0x33486ccada1c0a58L,0xe216d6be9fd687a1L } },
-    /* 64 << 154 */
-    { { 0x11a8fde5f0ce2df4L,0xbc70ca3efa8d26dfL,0x6818c275c74dfe82L,
-        0x2b0294ac38373a50L,0x584c4061e8e5f88fL,0x1c05c1ca7342383aL },
-      { 0x263895b3911430ecL,0xef9b0032a5171453L,0x144359da84da7f0cL,
-        0x76e3095a924a09f2L,0x612986e3d69ad835L,0x70e03ada392122afL } },
-    /* 0 << 161 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 161 */
-    { { 0x3ee0a31c6754f492L,0x02636c6b96769ff5L,0x90a64f4ff0fbfa96L,
-        0x513f054efafea65aL,0x796ba7479cf4b9f9L,0x3198c068932a9590L },
-      { 0x93af8a65549ee095L,0xb8b6f72ca212760fL,0x23bc71e9c1a46c8fL,
-        0x000643af4c9bca72L,0xb6d967c7848cea30L,0xe06b6b4e73312ec2L } },
-    /* 2 << 161 */
-    { { 0x52ec99561d85a725L,0x0f9be000f3208012L,0xe881337c6dcc7816L,
-        0xe4e7b6d9791f7cf1L,0xfaa717aa59885a42L,0xb1bbb5c7f9c01e41L },
-      { 0xcf208d58a0361880L,0x24426e4020afa350L,0x7261871b264ce04aL,
-        0x66be4a86cd42026aL,0xc5397b77829f99feL,0xffe4a6bc24578e2bL } },
-    /* 3 << 161 */
-    { { 0x0733667af822d5f9L,0xd7f81b9e18339700L,0x7ca29b27a7bc265fL,
-        0x9fefa698eb4f0c7aL,0x7b6f351301f27630L,0x72f0f152fcfb1133L },
-      { 0x9928d9d05c81eb14L,0xa16ac36bed8ff6cbL,0x7fbd1acbe041bef3L,
-        0x7d25159af8d99854L,0x2ec3a7d8db5a0dc5L,0xd86fc4cc87e3e933L } },
-    /* 4 << 161 */
-    { { 0xba8418f34c20e15fL,0x7eed2494fb54404eL,0x4e6438d7bce1e82dL,
-        0x9e489b3eb397915bL,0xa9baea9ffb4cf659L,0x8bc5b2ba42ef4affL },
-      { 0xae3fb5337e62a188L,0xcd648493496e8e35L,0x89728e28defe047bL,
-        0x63a8c679d24e60feL,0xadacbf92470f710cL,0xd470aeb95e198d3cL } },
-    /* 5 << 161 */
-    { { 0x8e3807dd7a3e874aL,0xc4edb45b89ac3a99L,0x9ba9cdaf4bfd77d2L,
-        0x31d33f59b540fffcL,0x404c87790c60028bL,0x7f89da7189688c81L },
-      { 0xdd3390e5504b862bL,0xdf1e721be937efe3L,0x5833d0df63e6036fL,
-        0x7712527a385fbab4L,0x6347236bd210c0d4L,0x12d7733c8d238e2dL } },
-    /* 6 << 161 */
-    { { 0x0ecb0723302e943fL,0xd180ca1e4a443e78L,0x39e7891123dd2c9eL,
-        0xfa2a440401fe50bbL,0x4678e7ed154d39d1L,0x64ddaee1af513e01L },
-      { 0x6d4c615a634904daL,0x937c6326ba5c900cL,0x70658f5feb6c8582L,
-        0x2a04fd51f3d65166L,0xcefe7472b676eb47L,0xd3565a71f597d887L } },
-    /* 7 << 161 */
-    { { 0x299520f4e5dcba80L,0x522ad4b52b758045L,0x54eabe27193b36d4L,
-        0xda4d3bff45e9e442L,0x44cb9252637311f3L,0x4cd620a971338ebfL },
-      { 0xec908157cc9524fbL,0x2731a11ba8c955d7L,0x72a5e0545cb94009L,
-        0x7eee8f3b9126cfe8L,0xc71e29203dd5d5ceL,0xe886f91a22069494L } },
-    /* 8 << 161 */
-    { { 0x294d29550db962c0L,0xd6994ef46d523ab0L,0xfa1a7f9158f95037L,
-        0xb137981164420c94L,0x2b686e1e093caea8L,0xdef10944f9e1c340L },
-      { 0xcd1beecf611d9bf5L,0x34696c50a1b5267bL,0xcecbc7192dfc2b16L,
-        0x2cdb955dcee7e854L,0x9fefc321f2635cc8L,0x276d2e4f2936f7d3L } },
-    /* 9 << 161 */
-    { { 0xa9de8b87d38e86b2L,0xe0c2f232780d2fb9L,0x742d7fe9449e78b1L,
-        0xc6946b7ef29efe3bL,0xbd59bcf985de7456L,0xb070ebfadb492e64L },
-      { 0x5cda7ac8a0ff7c15L,0x6e0c0062c4f435c9L,0x4d8e5395974d4be8L,
-        0xa0a0c5984e6d1681L,0x5debadbea14cbda0L,0xe176a772ae30b167L } },
-    /* 10 << 161 */
-    { { 0x25df81bce7b19019L,0x3058081aa6f45519L,0xccafbccabb3de1d7L,
-        0x2b794710c515b1b0L,0x74b81bf87168d9ddL,0x92d5e462ec00571eL },
-      { 0x865e29efdc670943L,0x2350537c7f6299c0L,0x9fdf787ea947c6f8L,
-        0x9601cb21cabe0f8bL,0x2899d5f49313b000L,0x4873bc9f66a9e8e2L } },
-    /* 11 << 161 */
-    { { 0x2829add72f163a26L,0xf96dd91156909488L,0xc16d185f769ccb59L,
-        0x13c4b566e9c6da4fL,0xfd68110bc423ac34L,0x64911819cfaa9fb6L },
-      { 0xad7c7d2b12dd07e5L,0xbf7eea90abc19a50L,0x1db70ed108d6c57aL,
-        0x01da2b41446deeabL,0x163a5a5fa4f6a367L,0xca9f4bcca10c8a53L } },
-    /* 12 << 161 */
-    { { 0x2132c32e68206a00L,0x20bc1bb483bab6d9L,0x99fa3be2bc4ef156L,
-        0xe515cd05ebbd6c33L,0x9c06d7670d2c8ebcL,0x2fa7f3b68a79c884L },
-      { 0xa4dad16a9137df25L,0xc4da20f833598c21L,0x32f5d9e3867cb117L,
-        0x8f00fb54da7cf533L,0x428cf9e3870ef3b4L,0xa8b6c754521b8428L } },
-    /* 13 << 161 */
-    { { 0xe9b297be7be5e610L,0xd09f63c304b49303L,0x9110a9b381ebb814L,
-        0xc32af8986bf19586L,0x5c4939571da2280fL,0x89e85cb41becc5f5L },
-      { 0x1068cb528f1a396eL,0x49dde483440a6144L,0x51280400b5d6aaf0L,
-        0x0e8ac4a53e8ea21aL,0x32f4a91d92582420L,0x5eb09649bc35e408L } },
-    /* 14 << 161 */
-    { { 0xea3a2f0c32f235f8L,0x8281bfe5bf4a8256L,0xf44e1319577b9e1fL,
-        0x31732d1bab2d9ac7L,0x6e7682eff375c5cdL,0x7069fbaf0913ed09L },
-      { 0x693257dcf690cb94L,0x576a85b2dfa6e07bL,0x72e00515447fe4e4L,
-        0x00af617509a2cd8bL,0x05a61365902ae75fL,0x8310b16db5ecb690L } },
-    /* 15 << 161 */
-    { { 0x4d22c79cb00fd8f5L,0x432b09844c9ed8b2L,0x43da93b2a85b3f0aL,
-        0x0522df2ac4163655L,0x2ea7210b77214019L,0x8280099b7051a9a3L },
-      { 0xcd0a829bb11b9e80L,0x9bda76c7246ee656L,0x1ece801bad70a0faL,
-        0x4f8162f096721d79L,0x341faae58e7c3b0aL,0x6914420b12e57cf4L } },
-    /* 16 << 161 */
-    { { 0x4962c02167141724L,0x5f81eabeabe7762fL,0x78549a79dd189c3fL,
-        0x47675cdd6ce517a7L,0x5102294e32d6bb97L,0xb19500c66ed1a029L },
-      { 0x3efb54e8b16a206cL,0x7dbdcc250dc135b8L,0x955bc2948967fb04L,
-        0x373615c9be04e909L,0xf1fcf820111efad6L,0x8530f97d6fd2e97aL } },
-    /* 17 << 161 */
-    { { 0xdfff3aceb3b513d3L,0x569f9d42fdaed4c5L,0x8615a9cf71cdec34L,
-        0x2e700c34ceeedc56L,0x9047d770a48d0682L,0x3fc845780ee5893fL },
-      { 0xaaaf3d90ab5b432bL,0xc846365184cb412cL,0xd215030d928ec9bdL,
-        0x237a710045b97accL,0x0f533045ff791353L,0x093a0d21a1899bf6L } },
-    /* 18 << 161 */
-    { { 0x5da20568b4bcee44L,0x878025840f5bd27dL,0xc76b965c1c06dbccL,
-        0x89ea2cceb1492616L,0xaefc8746b460c4bdL,0x679e6edb994d1756L },
-      { 0x4ff93a4a271f3218L,0xae496faf3b970a74L,0x062df3a7ba6c44f2L,
-        0x1ede93021990ede1L,0xa797899af9a1e2adL,0x9b1bcf6d82599120L } },
-    /* 19 << 161 */
-    { { 0x63a38a51bd04f6ffL,0x2ddc958bffafb91aL,0x198895cdb19b2b08L,
-        0x1bb494246f65b797L,0xf75df140f157b79eL,0xa188dc873d599990L },
-      { 0x8b926eecaeac83c2L,0x55fe56f03b82900fL,0x10eb6dd33b11d061L,
-        0x8b44c14c3aec5877L,0x294b83e8b486e651L,0x469e552f79524b3fL } },
-    /* 20 << 161 */
-    { { 0x69386f451a746ed1L,0x4319649bcc14bac3L,0x006292b3b647cefcL,
-        0xc771b7cda20e2a37L,0x838714d2396bf329L,0xf263e66759c0823dL },
-      { 0x7ee258f0725e3ecbL,0x37638f9934218254L,0x4d57db246fc6d0f6L,
-        0x8c85ad7322c2dd47L,0x2300a9129c59cf13L,0x63971b0bee08c1bcL } },
-    /* 21 << 161 */
-    { { 0x180032d98c2e7698L,0x07d4d364a851f2faL,0x0070bbdeb50b5986L,
-        0xba05ee28274eee7dL,0x28843675b0f482e5L,0xdcc9c09ff82b2229L },
-      { 0xae0273e7f061df73L,0xa3856b6644e3a740L,0x4b13b141527b80ceL,
-        0xfd83b7f0e1b7dabdL,0xa3b5a2f1536c04c3L,0xfd09c77bb29e2bf3L } },
-    /* 22 << 161 */
-    { { 0x05fe64c5436e7c2dL,0x5b9f0b83ebb1ee26L,0x13dcbfed2977d6f5L,
-        0xbd16c6b7db552375L,0xaaeacc2342da342dL,0xe427d2ee0cfec89dL },
-      { 0x3097ac7b038b280cL,0xa2b79d623aab3c43L,0x9771fff4a40f585aL,
-        0xf50974e0b15aa16cL,0x114e51137a847284L,0x574ba8efb4fbe083L } },
-    /* 23 << 161 */
-    { { 0x3c8dfa3b05e37e4aL,0xeaf691b47408352aL,0x2e1ce9863c9a8610L,
-        0x8d024a814acfb35fL,0x3766aa2184ba6baaL,0xc336f82eb91f5a27L },
-      { 0xe2d46985412ab7b4L,0x397f0411ded6de53L,0x067241c3544768fdL,
-        0x9206d3839b71e023L,0x8571fe1e3f51c3c9L,0x0abdb52e3ba345abL } },
-    /* 24 << 161 */
-    { { 0x85e1e4abd5281f9bL,0xc7e517ddc653b0c8L,0xc0b84da1a717e034L,
-        0xf1a63b280f1bf3dfL,0x47b74201aba6fd41L,0x9cf3da633518fcabL },
-      { 0xe12511fb23bb6e77L,0x13b2cb4438679d79L,0x20e0fb10db5665c0L,
-        0xb5448a33b99f4d5aL,0xcb1847ad46b7dbceL,0x41f156b8fdcadb87L } },
-    /* 25 << 161 */
-    { { 0xd09b746793c8b2a8L,0x36c760204357f251L,0xa965d1771ac04cf1L,
-        0xca49d59427740f18L,0xbba973ed76c53b33L,0x7f8c2d264c17d867L },
-      { 0x389afbbb00966b80L,0x92f2097a55988387L,0x316a85393a47c746L,
-        0x259ae094ac3a3a30L,0x337f1d3f0d61ee3cL,0x02d5a60ca9d928ebL } },
-    /* 26 << 161 */
-    { { 0xd9f370e42af77d78L,0xf9cb8d588bfa692fL,0xdc8a4c24fc9203d5L,
-        0x499b6fda3b8138f4L,0x051a61f19118d3b8L,0x89207fa2cb251fb6L },
-      { 0x32247676bbb0e12dL,0xaa1c59822900bce2L,0xe7beff9c7df4f6c1L,
-        0x595fd551757c1449L,0x2fe91299650e8961L,0x2db30033f480bf30L } },
-    /* 27 << 161 */
-    { { 0xe796c05d110c4d7fL,0x12f87395d4af6817L,0x849cd9e6b5512cb8L,
-        0x23b8d0a4adb71290L,0x28cc808bee64339fL,0x3072d46fcc27fd1cL },
-      { 0x8d9183af47f675d2L,0x9959aa9102c84561L,0xdff7591708216e03L,
-        0x868c237abd01b2f0L,0x4c00c229a53e639fL,0x2c0667fb07d69862L } },
-    /* 28 << 161 */
-    { { 0xb4d2324f9470e571L,0x3af515979ca353e5L,0x479a3a796ae5778bL,
-        0x387958a7fb1d9c91L,0x4e606558cf91edc6L,0x428384ca495a3b00L },
-      { 0xa49f67da10f7146fL,0xbda553e08e25f80fL,0x21b034c4cb919bc6L,
-        0x1fb454bfa7930462L,0x1fb2ac9b255d7fd8L,0x491cceff8b197e6aL } },
-    /* 29 << 161 */
-    { { 0x0a0e0cd91f5a179fL,0x699d872713841e78L,0xfa93f774fc47f9cfL,
-        0x8fd0019c02933131L,0x128efed95aa46834L,0xe20226fdf080cb8dL },
-      { 0xf7b05fc3000445dcL,0xcc818da1f52f5ddbL,0x0fa803d07299267aL,
-        0x99cf0ab4f9f172a0L,0xb5dd3c36b08d03a3L,0xfafa550ea1c2f73dL } },
-    /* 30 << 161 */
-    { { 0xdda52c89d2da4e36L,0x0348948d5c333386L,0xe3a5be8b37917590L,
-        0x42488ae238e4aaacL,0xa6ecb5be7a44eb6aL,0x3bfd640ea9b27b56L },
-      { 0x23b8d107bd05946aL,0x01018c45bb8034bdL,0x1ffc958cd2e058fbL,
-        0xeadc93953fd43516L,0x0659b83ea0491dbcL,0xc36115008cdee521L } },
-    /* 31 << 161 */
-    { { 0xc0f3761c034b0a6eL,0x2c4ce5481fb66b85L,0x7a5d3143410698abL,
-        0x4bc07a795d59e8c5L,0x176a10eb4d19ba85L,0xa8a68c5526dae045L },
-      { 0x7eed57fb21625985L,0x33ef04ae16c62e63L,0x78d0acd4562454bcL,
-        0x5878d7f2a44a1608L,0xa51a423a0cf11971L,0x1934e3f2f21fd6ecL } },
-    /* 32 << 161 */
-    { { 0x3f2b5bd4b4805410L,0x201ca7a9f96c5ee7L,0x532ef2db94256fe1L,
-        0xacbfc459318ddb03L,0x2375f9fd5f24c8e1L,0xd27c479b370783dbL },
-      { 0x1bd461e856541ae6L,0x78f054a77f7ea49aL,0xc9f8777d8845f315L,
-        0x81aed29697fc92c7L,0x9f2f8d7949929540L,0x7531e78bff5ebfe0L } },
-    /* 33 << 161 */
-    { { 0xd4710d5a16ba6a11L,0xb172d8a0e056d27aL,0x01879d2b8301e5c0L,
-        0x100c3e706f6a3396L,0x4a33d4a4e4e1cab1L,0x48016f0f08017d74L },
-      { 0xbde9e0f18cec4fb8L,0xd8604899eb15c26dL,0x17ac5d884a21f615L,
-        0xb8f1e7060cb0cddfL,0x0ead85644a0d51c2L,0x7bff69bdfd6bafa5L } },
-    /* 34 << 161 */
-    { { 0x028acd1cb6b73820L,0xc931f4bc815047a8L,0x22c6159f1ede2c60L,
-        0x571dd40c99a4820fL,0xbaf08be0b450f472L,0x6475536aeb5bb639L },
-      { 0x033568e4d984d0c7L,0x2ab7dd4885e910d4L,0xb0d76698d0c632ebL,
-        0x954d00f3e3c34a46L,0x53e8772de651bc5eL,0x4910b07b6e3564f6L } },
-    /* 35 << 161 */
-    { { 0xe1550b37e758fcf6L,0xfea2446f763120abL,0x5db50b38124f80e6L,
-        0x5cc28a7830c3301aL,0xa935846fd950d5b9L,0xae3e87f2ce43ebe3L },
-      { 0xf033b25b7d0776a5L,0x941d186e882c5916L,0x0430c4503d6d4f7dL,
-        0x4e0641c0726f30ccL,0xdfcdbd1626c66c27L,0x43c4590ceb00e495L } },
-    /* 36 << 161 */
-    { { 0xd8cbdd8b70435ca2L,0xede7fb3675af3a63L,0x6c1fa971090b36bcL,
-        0xdd2292eb85455ed2L,0xf9c3889c7fbe5041L,0x2ec87c15506d605fL },
-      { 0x2691b0a28b099c25L,0x27961c8b89944e21L,0x8e9e18a5147f5304L,
-        0x6a82e35baf7dce25L,0x6745339c32a4bbc4L,0xe0bf0e0ee026676aL } },
-    /* 37 << 161 */
-    { { 0x3c6fd1ab352a43fbL,0xe57e7f8cbd68dbffL,0xa4a5b74e9ea30f41L,
-        0xacea695d2d5a3a34L,0x183be19adc8fe4d3L,0x22fce6281b9f9d1cL },
-      { 0x8b1ae75da5d35bc9L,0x213face52c673f82L,0xa879851d6568d549L,
-        0x327c59937f8d8112L,0x56b982e2a7869b71L,0xc77afa6110bb8086L } },
-    /* 38 << 161 */
-    { { 0x1dcd57541ccadbe8L,0xd2d8c36512b37773L,0xc1a7a5b7d50e8680L,
-        0xab1a00b3e19d155eL,0x58f4bcce7a9776b8L,0x1c02df3320d9d7aaL },
-      { 0x24f00d31db8cea6fL,0x2680b029d4aa0785L,0xf3db2889c48587f5L,
-        0x1811dd2521a7fabaL,0x5836964bbf820746L,0x3b118bab97aca83eL } },
-    /* 39 << 161 */
-    { { 0x14babe6321d76845L,0xf7b4c662c60f5934L,0xbf212c4434de5b23L,
-        0x57c478a35bdf0a35L,0xddecc21535dc8714L,0x1609b7401571e91aL },
-      { 0x41998697ba45b40aL,0x6ef382d468cf383aL,0x77a24c1488c0ec9cL,
-        0x0a5e245297b377a4L,0x2b9d72bf18f9804bL,0xa4c21326f51ddaacL } },
-    /* 40 << 161 */
-    { { 0x397049f4c785c7baL,0xa87db27da1decf9dL,0xce6d5ec1e7862c0cL,
-        0x17a98db834350bf1L,0x6ceccd8030ec8d74L,0x4790cc07bcab4aa8L },
-      { 0x4378b1feb4f771a8L,0x3c54588b404dfcbbL,0xbddf0faa8d60f86dL,
-        0x987583da3573271aL,0xb0afe4ec4b8f8032L,0xb5c44605b69d03f6L } },
-    /* 41 << 161 */
-    { { 0x7f69e8bfed7d4230L,0xfe54dca7d8ee8cbeL,0x6ec2b75f71b72d99L,
-        0x97e2b30f8dd8338fL,0x9916dcdbbc75bf05L,0x22f4291aad5c114cL },
-      { 0xb6af2e86f9ba5c98L,0xdd7d738dfd6fc5d8L,0xce7af7d544649034L,
-        0x2979be5cd163b098L,0x5acd51858db8d84cL,0x82b0e4a5ca64d1c0L } },
-    /* 42 << 161 */
-    { { 0xf27f5f4f480ef46dL,0x2f49f44fcba811f7L,0xef40508d43961b6cL,
-        0x0f6778e8df9fb37fL,0x97aff7e8446864b5L,0x29aeb86d4d264e1eL },
-      { 0x48baa1984901daacL,0x91ade9db02b483cdL,0x00952a61cdb6abc4L,
-        0xa1a51250de7f22c9L,0xe6adfaacc19ec8d5L,0xa7d2f066fc39838dL } },
-    /* 43 << 161 */
-    { { 0xfbe20a8e270bcf2fL,0x9882e7a0c35c60f9L,0x74d8e63f560e716aL,
-        0xdc689649bae281e2L,0xd454571036d9b680L,0x0a0f1c681740ca0bL },
-      { 0x228dd692dadf3782L,0x6ab0bede632d6e56L,0xae2f5535e1b7add3L,
-        0x2ce1c6fece308fa6L,0x7a11b255db881355L,0x903007107bee5bb7L } },
-    /* 44 << 161 */
-    { { 0xdd55c21a9f1a57d6L,0xc9e1dcf9f6043ee3L,0x0385e3f36747e2baL,
-        0x6511555a932e55b5L,0x7f4053b3700e73f6L,0x23adf65d992916a2L },
-      { 0x4664bf231bfc40a3L,0x8400e8f27974d63fL,0xb70f104dcff08198L,
-        0x4c44382f4d1710afL,0x5593a751374ec807L,0x6af17e84462c6112L } },
-    /* 45 << 161 */
-    { { 0xc1ad3eb7b8f1f38dL,0x74bb37c88d462e67L,0xd127b6e6246b0388L,
-        0x3054aaf0824defffL,0x4e981d2e487809aeL,0xba76b7b805ead528L },
-      { 0x0a167834a7a32c6dL,0x3451ee930268c370L,0xab4da0971b625d09L,
-        0xdb94f9aa304e60b4L,0xf3bea685ab50c663L,0x8d929a0142d4c11eL } },
-    /* 46 << 161 */
-    { { 0xfce03e6eaa911497L,0x32cba5cf546ab5ecL,0x631123d0b1a71e10L,
-        0x49f3a80906bcdeafL,0x783373bcfc538ca5L,0x3590890ee4b47edaL },
-      { 0xb5c84fff39ab2df0L,0xf681be9ac737b24fL,0xf37bbc68b2b0052cL,
-        0xd9f03cf6fde04d93L,0x23171bc2e43803e3L,0xeda51460040de801L } },
-    /* 47 << 161 */
-    { { 0x0e09a74d0bccf0d7L,0xfb429a675b58037aL,0x1f2660d2200b89ccL,
-        0x489b332e04efc617L,0xb53d4f65f38ceeb4L,0xeaaf759546c4aa4aL },
-      { 0xc6cff1fa714b9f97L,0x6a647072ec0dd5b7L,0xcbf59eb1637384bcL,
-        0x043003cd2240993cL,0x134cab640497f9afL,0xcdb44a4ca9fcc655L } },
-    /* 48 << 161 */
-    { { 0xbd9a66d6543b3e41L,0x2948c0a62ae73774L,0xa75151dfef38e9b3L,
-        0xa3348ae5754fb3fbL,0x1218fa8f13069b72L,0x532bb0510835dfafL },
-      { 0x2121a98edf2be3c6L,0x85980de69e5199bcL,0x1b23a4be1a1eb6eeL,
-        0xb5c48b92adeb3ae5L,0xeebd305dedea2b45L,0x20543f04c37198eaL } },
-    /* 49 << 161 */
-    { { 0x9eb2d599fa727a5dL,0x27cce415105643ccL,0x2face9e8c06035deL,
-        0x967f70e4c5d916cfL,0x477224ece7cdc451L,0x70a3de4ea9a34198L },
-      { 0x84ebd23a62628f21L,0x517cbb6097f55e75L,0xa4dc8d8ccbfaa795L,
-        0x821d53c1a9c17b12L,0x04e94aea5124d5a4L,0xc72432c083efbc58L } },
-    /* 50 << 161 */
-    { { 0xb7a2090999f73a42L,0x019bf3a630db0901L,0xcf0c2a7281cfde4fL,
-        0xf656a2117b0b04f8L,0x88cedc1896043e90L,0x4482c3786ae4c551L },
-      { 0x169f25d3dc70c774L,0x0f8cc86cb552fbe4L,0x17d0556b88d2f3eeL,
-        0xf5af9d6ff864ba64L,0xcd509d82f93dbf7fL,0xf00c76f51b98df35L } },
-    /* 51 << 161 */
-    { { 0x19fbeb37856e35a3L,0x1788055c88f36390L,0x9da657f165361c9fL,
-        0xc9f327b7e35a36b1L,0xdc388bcb04b9174fL,0xa79bf7d3349a87c8L },
-      { 0x865958b202289b24L,0x4096845ecebc4686L,0x1127085b42ce096dL,
-        0x56f31d12735241bfL,0xe2239ab543b89a15L,0x477cc5b3a6a1f0f2L } },
-    /* 52 << 161 */
-    { { 0xc44c81525d54607fL,0xe742a6f35c9ab491L,0x50df96d9be8c2ed5L,
-        0x3aa8c9b4e7f5cc4fL,0x577d534c3f12e8b5L,0x03f9573da33a57b1L },
-      { 0x9172e1aec5c0c895L,0x64fa9822a2e19442L,0x17db2388178a10d5L,
-        0xe75a6bdc2755ed55L,0x6a6d9dc3f9188333L,0xdd93a3b83eda0c41L } },
-    /* 53 << 161 */
-    { { 0x353d1f4bad0d960fL,0x6fbf4355846e07dcL,0x2156ae3c3a1bb429L,
-        0xfa95a260442e6e21L,0x659a856ac2b31d7dL,0x9b56cd6563ecb2d0L },
-      { 0xac9ec96823a787b7L,0x4102d82e320742deL,0x470ee0ea50a422a2L,
-        0xd3ca8414af386491L,0x28d8994b1a0d8192L,0xe601e4e2b3f117dfL } },
-    /* 54 << 161 */
-    { { 0x906c071c4e9ab844L,0xeb1a5806f085a058L,0x2f14c3ac176e2f59L,
-        0xfc1a3020bd19f909L,0x5e67d789ac060e45L,0x75dd23a7b707084eL },
-      { 0xb9dec51a07e89974L,0x50c9cd0b38f97f3dL,0x368b0f53e14cd6fcL,
-        0xea4c7f8b81ab93b2L,0x774ca31d1b7aeb66L,0x94c14607288f51a9L } },
-    /* 55 << 161 */
-    { { 0x18c41b62fe32b90aL,0x2e11c7e6be96e1aaL,0x72832e8c428b9d81L,
-        0x93f63cc0058ca451L,0x603f18af7cc827f1L,0x31c8b8fee038eb26L },
-      { 0x21158b24411cb335L,0x48dbbed70d9e953dL,0x445e244e4d62615cL,
-        0x2f5309ac28ef4922L,0x12ee44c60d4dc305L,0x7dc0363f56f7677aL } },
-    /* 56 << 161 */
-    { { 0xf73471b5ef349ec5L,0x014dae75565aa6c7L,0x57cb497dae082cefL,
-        0xdfcbf2b5c3e563bcL,0x22149c0fd1125f95L,0x529f419b425bc019L },
-      { 0x049476deaee2094cL,0x3490c0490cbbb583L,0x56c5c62d1256424fL,
-        0x0a118ee541bc66faL,0x0d8e9ff8296ada14L,0x34356e8b0134f8c5L } },
-    /* 57 << 161 */
-    { { 0x5e41ebd6eb28f97cL,0xe054a055d6a393f8L,0xc0a19e38db6555e3L,
-        0x1b40c80fbabf4f9bL,0xfca17ae2780d5107L,0x89ae096f379701feL },
-      { 0xd79be295b53ebb0cL,0x3112d3a5942b2247L,0x6c1f44d30de10f30L,
-        0x2a17fffb0041f800L,0x13082de044552d55L,0x319aa9c0cd11c85aL } },
-    /* 58 << 161 */
-    { { 0x63ea1a6ae760373bL,0x00f2addd11742d8cL,0x46b17c9cafdd38eaL,
-        0xf4121c5a4c7e78d7L,0xbeb70ef90048e4f0L,0x0b60c2b6bf7f7348L },
-      { 0x4bbadf7632969689L,0xcb6a8a20e12708e4L,0xc43ad55b5638eb7aL,
-        0x4a72b02b3d27bf7aL,0xecc95d92e5a54c30L,0xae52514bacc45d53L } },
-    /* 59 << 161 */
-    { { 0xbf5a2b5132d1f651L,0x6a2a74116e438838L,0xfa6353dd6c067d61L,
-        0xf6918622b96ba12fL,0xf0fa254d45f595f3L,0xa0f0cb4b92f680a0L },
-      { 0xf13ba734463e3f27L,0x7e3d4eb1a32d7f9aL,0x348baaf26f6502dfL,
-        0x8021a9977b830e5eL,0x503f38ca55caf601L,0x27dde9e8f4bb74b6L } },
-    /* 60 << 161 */
-    { { 0xfd5a49310eb63b3cL,0xdb9f1a1510175713L,0x044d42c23e11c321L,
-        0x5561f2e9b7961e8fL,0x70b3f7557ec7c597L,0x5dd9671235aed561L },
-      { 0xc6cdc78ee1bcc2b1L,0xebcf6f87f1117aa5L,0xef470e0ae3669f78L,
-        0x87b13e0fd38e0fe8L,0x01bff01439c755c7L,0xa66f2521c37529f8L } },
-    /* 61 << 161 */
-    { { 0xac56a8b223f78e49L,0x908c4be58708f0b5L,0xa63aa4191536f6b0L,
-        0x8c08578fe5a95771L,0x5d2d1d6b9c2ae8daL,0xf3e4ef12f1527cc4L },
-      { 0x46c1ac13920a90bcL,0xc0bc661d28ba758fL,0x9114e016585ef450L,
-        0x8ab6a1f6e899a032L,0x57d4089606b658baL,0x2ef87621eb83235fL } },
-    /* 62 << 161 */
-    { { 0x033a4d4c4ebdc925L,0xff239a3efe1b346cL,0xd7ab2fb388d03949L,
-        0x56ce2e41bd6e8e4dL,0x3826aff0e55da68dL,0xc9c7ba7451267f98L },
-      { 0x5264a48ae6710c7cL,0x3635f1d4e7605975L,0x53a1849a94be903cL,
-        0xe4fc3617128d5859L,0x7686804d7e4dd785L,0x6f04942d2dbcfe4fL } },
-    /* 63 << 161 */
-    { { 0xe80b7f5562927d6eL,0x92b98c350c0cc89fL,0x9522896d15117facL,
-        0x7a224db5fdd3ffcdL,0x9502ecd8fbfc8908L,0x4e1dc71ac593105eL },
-      { 0x052aade62f0536dfL,0x0c7cc371f324268aL,0xe7c62f2ccd843bb4L,
-        0x77d48fa36df2c231L,0xb2c29803cb8f68c4L,0xad7ccf519bb9fddeL } },
-    /* 64 << 161 */
-    { { 0xd0960bd80fab968cL,0x6899e4faae028db0L,0x975ccc77a9850916L,
-        0xb41bd531e5f81554L,0xbdf8ab57c8cff2c8L,0xea306a01f5822be3L },
-      { 0x1f0ac0e7befbdbbeL,0x72f4b0e960519f87L,0x22bd8b82e3cc86abL,
-        0xc43bde8d2b2beaeeL,0x8168781e412617ffL,0xc5610627b7ee7096L } },
-    /* 0 << 168 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 168 */
-    { { 0x0869457a01a8eb44L,0x522239857a7bedd7L,0x2c04b0c600057505L,
-        0x468be6e80b09adebL,0x2f3bf32b6f81474fL,0xf54f949da712ccceL },
-      { 0x292cee424cdd8f2aL,0x3d9fdf6b9c221be1L,0xe54da66156f47b2aL,
-        0x2ca76835840b5d1bL,0xb52adb6a8a6e8cf6L,0x8b416a6bdade153eL } },
-    /* 2 << 168 */
-    { { 0x65f7d2c18565afc9L,0x764c897170fa7b82L,0xe268634c986436f2L,
-        0x6334d8d133356165L,0xf17164269ec7957dL,0xae834331b8093983L },
-      { 0xedb1fe5cd2dfcce7L,0x6195b86368463e5cL,0x746e5f4da691b665L,
-        0x61171291e1e2727eL,0xbb4aa8f16f27b029L,0x1037657d7f42c197L } },
-    /* 3 << 168 */
-    { { 0x2af8bdfa970f96adL,0x19d09a6dd0c86e6dL,0xd57fd5ced7046d2eL,
-        0x5ea025f7d545fd33L,0xe2ccb6f43161ffd7L,0x3ca5286209406242L },
-      { 0xf3536d60b5c90905L,0xd086e3b9d5b290f6L,0xfd15b06a5cc55444L,
-        0x61b0febf9a9e2a66L,0xdc3c0576653dfd02L,0x357774230a8ab51fL } },
-    /* 4 << 168 */
-    { { 0xfe19901b0d5b855aL,0x5facb9552f745022L,0x92fd012556c4ce5cL,
-        0x23172d65938c89abL,0xa71f8a33aaa587b1L,0x511a3745b55c9c50L },
-      { 0xec005f6a7185086eL,0x6dfc2761f894c6abL,0x98a4d67f9e26361fL,
-        0x7f0a2b2321389c25L,0xd158820795ffbceeL,0x4d6b29ab9f36a888L } },
-    /* 5 << 168 */
-    { { 0x5ffec1d78c04bc6eL,0x35f052d16ca0dde2L,0xfbe3844c649c850bL,
-        0x450263e610fa337dL,0x44f7c8f40280773dL,0x27de5d3ce896966cL },
-      { 0x2587f47598d0378dL,0xbd49c97f4e4f6e49L,0x9e902f667071543aL,
-        0x03398aae06577b74L,0x030926d6910bee13L,0x5576575bffa92cecL } },
-    /* 6 << 168 */
-    { { 0xe4ee33460562cd7eL,0xd1d385a3f01ba45eL,0xd817ca667ce11848L,
-        0xda222cddcb69c7eaL,0x74ac74709d680afeL,0x3770357cd9596ca8L },
-      { 0xdff57da7f7759bd6L,0x090426be20d5c726L,0x71c0ba28b7fbc1b0L,
-        0x60faab1c13d4ed0fL,0x6fbe3567ea3a2ef2L,0x0dd3835c4e577dffL } },
-    /* 7 << 168 */
-    { { 0x9b758b512ce27e38L,0xe4148475a39855e3L,0x4669b3c39ee88a77L,
-        0x3f36a671105e1ec0L,0xd0f30e5d9e88ea13L,0x6346df15baecbaadL },
-      { 0xec65be65cf4c6510L,0x843efca194e1989fL,0xf7195d29942ce52bL,
-        0x12201877d3ce28d4L,0x9c962aa1a97fc904L,0xc4fedb3465c5a55eL } },
-    /* 8 << 168 */
-    { { 0xeccb421ed0a701a5L,0xad4cb9a5b60cd286L,0xd344da9e05a53972L,
-        0x3a8035e07bc99feaL,0xe0214485c0f77bf5L,0x50ada30ee54df78aL },
-      { 0xdef45af64ec2d576L,0xa05d61845f9a8678L,0xa9b17db1c337e017L,
-        0x026a4f66b84671d5L,0x606142343b7d696dL,0x71ed9aaf81cfd22aL } },
-    /* 9 << 168 */
-    { { 0x62805305695a3f30L,0x6ce27626e28e8fe0L,0x507386af6a54f410L,
-        0xf8c5f738cd5c7effL,0x3ab2db9e347e85d7L,0xf5b635b0b2161b68L },
-      { 0x99009791be2e80caL,0x6dff3030c13910ddL,0x2beeca057ee8700aL,
-        0x12616fb11ac7e09dL,0x38c9ef9f9037c2e4L,0x39181fbf9c140344L } },
-    /* 10 << 168 */
-    { { 0xcdd6aee47aa54433L,0xf5ecb432b80336f5L,0x690bb949a1380829L,
-        0x219d659ca9c9d720L,0x74abf2dd7e5a3260L,0x405ee136025c55d1L },
-      { 0xc5c592cb1cc878a8L,0x119a38be88b31ecfL,0x4fb00f82e94e39e7L,
-        0x66bf72e59412c068L,0x9337c8f30821142aL,0x477216340c24ab67L } },
-    /* 11 << 168 */
-    { { 0xa6c7953457fe953eL,0xd70d3d2f3c76ae58L,0xe1e047b52c531c84L,
-        0xc71f3a9973735602L,0xd70bdb0f7ba0628eL,0x280fdd4e0e3e3c0cL },
-      { 0xb5a3f5823e414e26L,0x55b2eda8f44dee7eL,0x8e1d024b2f5dd828L,
-        0x21f054eb3b1bfdf9L,0x3d3ae74cc554e1cfL,0xa0a5863ffc42ec16L } },
-    /* 12 << 168 */
-    { { 0x1b76a3c5439ada39L,0x818829cf89236ae5L,0x2277cb7a750f8129L,
-        0x44aa462a4d46502bL,0x7a12e1e164f06dc8L,0xb9a3300dba5630cfL },
-      { 0xd2cc8d9c55b05f4bL,0x6d0b0b88a700be7aL,0xa7be99699617500cL,
-        0x2b5b8deac03f8a50L,0x712f703e785b3dfdL,0x96a5a60accf93950L } },
-    /* 13 << 168 */
-    { { 0x9838155fbf9f72c6L,0x3ab3cb602c10e57dL,0x7ac228ef14bcd75eL,
-        0x2c167e15027923fcL,0x678869d1267471c7L,0xeba35e857ec3582cL },
-      { 0x22d290a9a3478eb3L,0x542092ca1309aa14L,0x8bb5c69be2e5d3acL,
-        0xf83c5a0a81652736L,0x9cc576227280cd6dL,0x6653436f3b0f49a1L } },
-    /* 14 << 168 */
-    { { 0x7ad1f1bab497d900L,0x9d0512236c9dd5d7L,0x0ed27e5bffed3df8L,
-        0x659028a775d2fa72L,0x69bd68154581f377L,0x142c2088e2faf671L },
-      { 0xf9c1b8a499b000ffL,0xf31d01b18f408d3aL,0xa7aa142f42b9d35bL,
-        0xeb8aa74ba0495da2L,0x824cc32a59a1da45L,0x3f1fbe0ff5173374L } },
-    /* 15 << 168 */
-    { { 0xec9071a634238c30L,0x6dd6c38b88a0f423L,0x3adace72992e7977L,
-        0xc90b941b1ae5166eL,0x052aa3e9e3e43a68L,0xe9b1976da733a950L },
-      { 0x0e1ca28e5ff6c9dbL,0xd1bd4350387409a2L,0x5943cc7089155117L,
-        0x8e85794f5feae20cL,0x0d118fd669768ccbL,0xc647179d53120895L } },
-    /* 16 << 168 */
-    { { 0xfeb984b3ee828fbaL,0x8273f830e2bd188cL,0x177ef97e3ca0a99fL,
-        0x76d4796dacc000acL,0xbad0fa6eb140f51aL,0xb275656706ebc810L },
-      { 0xf89eb78fa18cb32fL,0xcfc37eaea65285b0L,0xe2b29cfbb25e9d1bL,
-        0x9388ea8fb4e7aef3L,0xee606c12e267e845L,0x6b103c549f5806d7L } },
-    /* 17 << 168 */
-    { { 0xb9a40e78e31fd643L,0x648cc34a97950a34L,0x85c5ca405900be55L,
-        0x2e519cf12abb843bL,0x6f9d0a7f27436edcL,0x2f569c9d6694f363L },
-      { 0xf6d1b325f6f1bd24L,0x01103c0d4044b353L,0x2d3ce56f3138b549L,
-        0x5379bcf71c28bc5bL,0x6768220d08ac00d1L,0x973f92ff0152746cL } },
-    /* 18 << 168 */
-    { { 0x5e992944b37b0486L,0x0a334b92001fa124L,0x6653cded9c9ab466L,
-        0xd512612fabac4da9L,0x636bf431c502b860L,0xfca1c0c2c3d20db2L },
-      { 0x7073f293f85c40c3L,0xfaabc77acfba9eddL,0x58842eb97f9b570dL,
-        0xe8cd4f53702aec24L,0x8975f4e6e08113a1L,0xcc0d7f17767bedd6L } },
-    /* 19 << 168 */
-    { { 0x5163bb51ae315a65L,0xf82ec4cdbe405348L,0xffd381a46b1801a4L,
-        0x33f9b8ad2f6ba570L,0xd88c58a58ecc0000L,0xc0b9a639cfdad25eL },
-      { 0xc78cb70fe3bd808aL,0xf54b86e573ce5eadL,0x111208ed5610a761L,
-        0xba3579b0e3c8e27aL,0xbadd918c63b85bb7L,0x9e10da0b71bcd972L } },
-    /* 20 << 168 */
-    { { 0xf418e3f63766f2aeL,0x4a3ad3c8053ef1c1L,0xd01e5b5b560db262L,
-        0xa583edc7c02bf4c3L,0x7c9f706052f318d3L,0x0852556f1f5e1ffeL },
-      { 0xe1c70aa7feb0e63cL,0x59f0a3f989a8c058L,0x4aa4cf021ffc0adeL,
-        0xbb880e4138a78632L,0x35b0f7596f28f096L,0xf9c4fe17d5757d7dL } },
-    /* 21 << 168 */
-    { { 0x160303ded896adf7L,0x19a46b6c6beb8930L,0x33dfd962f010f74bL,
-        0x03b699cc00e5610fL,0x17487b7595078dfeL,0x63bc614253f3479cL },
-      { 0x43f3d994858d5b8bL,0x383349349483c0ffL,0x47c917a67977142bL,
-        0xdc50fb80df7eead4L,0x4e3a1d3fb5b82be1L,0x091af8796d7317b7L } },
-    /* 22 << 168 */
-    { { 0x783e5066af151a9aL,0xec0a9c175466df17L,0xdecd12310174b0adL,
-        0x654af66a3b2aaa45L,0x849d64e5b1fcdd11L,0x7e8e2ae6d05af56cL },
-      { 0x12e887b7318a6184L,0x42d1445554ed59d8L,0x2eafeb48ee54ddc5L,
-        0xd1f9e6b980c94a8eL,0x5ea691e3263696c0L,0x7f42f3796e03eed3L } },
-    /* 23 << 168 */
-    { { 0xeeb8accfd69b82b9L,0xb4c4988ae0b61d73L,0xb78becf19df9b59eL,
-        0x13274f6236440c93L,0x33d287f5697d5a77L,0x391fe6129af4053eL },
-      { 0x986c42b21c16e858L,0x23f5d1dffe04125aL,0x2f57ccb3af9541ffL,
-        0xe5b4eec70f1a8bafL,0xaad23ce7646c1b6fL,0x69495ee5a6ff96abL } },
-    /* 24 << 168 */
-    { { 0x78b8879cfd6376ebL,0x22a76461c01e1edbL,0x6a44be39369cf0c4L,
-        0x6653670d5ae54539L,0x257bd7516fb43ad0L,0xb3ac371512baffddL },
-      { 0x48659d617548eabbL,0xd8f931f80cd468cbL,0x98f0241549e3b531L,
-        0x90b0d71670df011fL,0x26d73c54ab98f066L,0x06591ec988475d5eL } },
-    /* 25 << 168 */
-    { { 0x6fa72e3518f18e71L,0x6c04fe2d8123ff14L,0xc48cb53a197481a9L,
-        0xf059db349860e48cL,0x35e8341ace46ca7dL,0x880f4ea4b0400f7dL },
-      { 0xb4c5ea9acc9cc40aL,0x6522c768e2555fa3L,0x95207f39ea2c32e6L,
-        0x7b6fc09fa8be60e1L,0x772b829f29902652L,0xb7936b90af6a48dcL } },
-    /* 26 << 168 */
-    { { 0x409e3b1109758457L,0x59dd0a8c1dea73d9L,0x528906a58fb18a01L,
-        0x6fa55967a17ffb33L,0x9523cc3d50edbcb2L,0x35600b3e44d43541L },
-      { 0xc3a7d22c8f87dbc0L,0x5514c967c1b225abL,0x78e5701988304a74L,
-        0xe9b417ba35f3b54dL,0xb72a243c48eea230L,0x4e173eaf291ee52dL } },
-    /* 27 << 168 */
-    { { 0x79b854ca2127c795L,0xd9457d8f86657844L,0xf8c9e6ef186668e8L,
-        0x84c8855df913c2f6L,0xf207d36ad641cc12L,0x7be9b5736105ce0aL },
-      { 0xe72cce1974ec078dL,0xc4f47413d09950c3L,0x640bf6eb3974554eL,
-        0xf880dcfb844497baL,0x3744626999bbcfacL,0xcf1712f4316f4d64L } },
-    /* 28 << 168 */
-    { { 0x627f6328412b84c3L,0xd427e977a04545d2L,0x5b0145bc104f25c2L,
-        0xa6931c4f2ac7ad62L,0x407611431f8d42f5L,0xfda5a76be7f8a0b3L },
-      { 0x4f1ca5cffe0946b9L,0x6def7b9fbeb2d427L,0x984bd4bbc9a0d136L,
-        0xb9a778235b3af1c1L,0x04ee66ae38ac2087L,0x63374ed926d9dbb9L } },
-    /* 29 << 168 */
-    { { 0x68088e9c3983deb9L,0x2c95ecaa2ed99988L,0x371af002917f200dL,
-        0xff33aa5dbb4ff0dcL,0x1dd5fcf2e47bbd6eL,0x1624b973e75f73ecL },
-      { 0xf6ce0e9db9722af3L,0x8bde5b8818226fcbL,0x243753fc5b5da478L,
-        0x3b53e0e3bdf88daeL,0x59f8c86f325cedb2L,0xabd4076d70fb9681L } },
-    /* 30 << 168 */
-    { { 0x1996761db8759af1L,0xfb85cdd8e4a705f5L,0x2ea7aa0b35111725L,
-        0x23245d4157a17f4bL,0xcbdb650e0d00eb9dL,0xb40823d9e23a4a3cL },
-      { 0x041bfb67229163f8L,0x020ad3c16d47b83dL,0x3bc8975d344c8ebfL,
-        0x287efd06d91ff408L,0x1ca5d75a2059106bL,0x4ff27af3b90c5d66L } },
-    /* 31 << 168 */
-    { { 0x416b7c61ded914e8L,0x1aeee7d007ad4237L,0x59d5852476c2b7a4L,
-        0x427a102c98665f29L,0x8504aa8d2a1aefe4L,0xef2dbeadc183a736L },
-      { 0x5cb5f222f533358cL,0xf2ebb47d36b0d678L,0x1de4a0e7f2c2cf99L,
-        0x62613994ea95a161L,0x68a86f4012d66ed4L,0xeb12fe75b2af52f3L } },
-    /* 32 << 168 */
-    { { 0xcf947c0644ba39e6L,0xf5d5216cedfe78d7L,0xd00115c05f1835c9L,
-        0xdf084152d8c79d90L,0xc0c3a6846db5f791L,0x40514451749b18cdL },
-      { 0xd314b7d5734df3f1L,0xbccdd3f07f541415L,0x97ed5af06855a942L,
-        0xea84ae9ee9d02ab9L,0xb87e90343238a5d0L,0xd12d25c3650a0eabL } },
-    /* 33 << 168 */
-    { { 0xc3747c584f9d2c34L,0x493a0adc95429c92L,0xf9b5916238a679ebL,
-        0x04d500a16bac07f7L,0x8938f4f96a809676L,0x44ecbbf0c5b25a4dL },
-      { 0x3b68705504768400L,0x6a432e14b4db3907L,0xff82fb56ad375d2bL,
-        0x87f59f97944210c2L,0x2b680b2051445242L,0x1e0986466cd75962L } },
-    /* 34 << 168 */
-    { { 0xdd2eea82672e5a4cL,0xb05ef9ebccc68d94L,0x626ce368a3fa4215L,
-        0x6e376f67fe46bd46L,0xaed7a0bc33c4f169L,0x4a92c6093af5c4fdL },
-      { 0x6615245fa690fb49L,0x571d2d870d64f04dL,0x6a45df34641ce79bL,
-        0x045ddbd02655d316L,0x2b6c574db4fbc42aL,0x41545fbc5b2dbbb8L } },
-    /* 35 << 168 */
-    { { 0x484996b97d8f1eb7L,0xf72f3a8110bd1585L,0x418e00e7b67eb27fL,
-        0x354e56c97877c18fL,0x7f11f5040a8b37f9L,0x66591146ff58764dL },
-      { 0x816ac849ed0bfc38L,0x85eaa6350a50a99eL,0x7fa62d9c5bf4995aL,
-        0x77840d5003413385L,0xe4f023bde83f9fa1L,0x2c5f8e1d9cfa7578L } },
-    /* 36 << 168 */
-    { { 0x1473b55b86a515a9L,0xa9e3230a3b337c64L,0x7e8bf9049db668f1L,
-        0x1db2c25ef27f9fc9L,0x0c1086072d9e467eL,0x4505579aa3f00d52L },
-      { 0xe2ad661b240400a7L,0x8022294c11af4874L,0x29e9037078bba8e8L,
-        0xbf0fbf08f6baca04L,0x2e46d2b74101fab0L,0x66065490c61089e6L } },
-    /* 37 << 168 */
-    { { 0x18b01aa935dde51dL,0xa7496997a7d044b8L,0xcd9c467f44c23d2dL,
-        0x96211b86659e4a5bL,0xa2a9000f3e17b717L,0x7af9c312dd90459aL },
-      { 0xf0d6c24394547203L,0xa76a23dbd77cc691L,0xe1b7fce10ef364deL,
-        0xe08c1d0bb689c810L,0xb75bfacb0a43ca02L,0x1b7afea5408ac99aL } },
-    /* 38 << 168 */
-    { { 0x3b1abdb85a4a8a23L,0x8f52060c4d68bcf2L,0x7408306a00ab3146L,
-        0x652ae3064b86b775L,0x276a14a0b0695b00L,0xcf8af11f1b771254L },
-      { 0x3fafcc63b91118b3L,0x6c49000a73bacebcL,0x53852d084e3f3d6eL,
-        0x78977e91fdfccca1L,0xe843cbca6ae9ea5eL,0xa99831896bb8271bL } },
-    /* 39 << 168 */
-    { { 0xf77b0a7387534a6cL,0xfff419f2f5b0c6dfL,0xde3c3b33357205eeL,
-        0x867eb3a23c8ec9d6L,0xd28bed3263a99b18L,0xf5fc17e4c1573146L },
-      { 0x30cf41e5821641feL,0x84b1970e225ab57fL,0x6bf707325a1e8ba0L,
-        0x7bfb3bbce3cf38d6L,0x9f362787a661e876L,0x6d9137c86c0a16fdL } },
-    /* 40 << 168 */
-    { { 0x2131ce5b09f8a1cbL,0x7b373ed28ab129e2L,0x463cc8d677c1292aL,
-        0xa9b7cf6594ffe9c5L,0x129125ceb99bfc4fL,0x819b42849820d323L },
-      { 0x3f70976376541a41L,0xfd679ae5e32c7a7bL,0xc39a208df65b6b3cL,
-        0x1c22ebc050002745L,0x268f19dde2bcd202L,0xfeac809c9c3d4266L } },
-    /* 41 << 168 */
-    { { 0xc5ad8903af14f8a1L,0xdfcd207c3993c99cL,0xf65f8260c7c1fd57L,
-        0xa1573b3d41be66fdL,0xeeeb9ea476690f79L,0x6a6338437129849dL },
-      { 0x22eeb38623a7bfcfL,0x258fc0743393e894L,0x008efb477ce9602aL,
-        0x4bf127b699c7b279L,0x150da482fa1bfd7fL,0x7b84744d293754dbL } },
-    /* 42 << 168 */
-    { { 0x3af9919db2183277L,0x7f5990fb4f6182ccL,0x17603db034f716d2L,
-        0x6b79f6538f135ad5L,0xad9189e68092d128L,0xa5f3ab8efc6628c1L },
-      { 0xa36b978e84b6d30fL,0xf2a7e1c64c001f26L,0x2acbdfd676e79beeL,
-        0x71b5faec86f6d6c6L,0x23d9b7c849b0e5d7L,0x36ea518212fd4cccL } },
-    /* 43 << 168 */
-    { { 0x14a4af0f59df1cf9L,0x37f8641dfd7cd2b4L,0xfb6aa5d0244434b2L,
-        0xb85f8c8b5d5bbd63L,0x833e76baedb92f97L,0xbcd9d7b50d7a2dc2L },
-      { 0xb233f07ff0e0f06cL,0x453f10c4fcc06efcL,0xa4e8f306128a167dL,
-        0xbd6df4690d0c09cbL,0x2b5db66b7168ecc6L,0x7ec02c77f29bcecfL } },
-    /* 44 << 168 */
-    { { 0x0746783787dcdbdbL,0x4cce33be320493d8L,0x9ab08cbe713c7746L,
-        0xd6f0c1de9c6dc5cbL,0x194005382ac03761L,0x3fc11f38d0547be5L },
-      { 0x66b378ce819fe3fdL,0x6a590acc3700fe7eL,0x4c976a728924b396L,
-        0xa5006d8d70b9b250L,0x2fdce1b212b85f9cL,0x5858f7ce495f8f1cL } },
-    /* 45 << 168 */
-    { { 0x3f2b5e295de2948eL,0x84554eaae1a4a962L,0xb4e55f1293db9addL,
-        0x9260e3eb61b22484L,0x22a898997b1a6d10L,0x571bcd3af58d1ce3L },
-      { 0xd62db0edecc88a76L,0x88352f634af2cf53L,0x8d279316b61c73adL,
-        0x7f898e09ec74d6abL,0x39b2b0c05412a81bL,0x623a5ea30644b6a4L } },
-    /* 46 << 168 */
-    { { 0xe876b53bdb0f6565L,0xd0dc323c4650204bL,0x0e4af31b0201643fL,
-        0x486173207e8a0e6cL,0xe09183d457643a1cL,0x3c55bcb5ae8359b1L },
-      { 0xa06078cb7b467835L,0x4d3a35d901b6bb3cL,0xd4f1d8233963fd31L,
-        0x9c1b06093d4cce05L,0x55e368d5da550340L,0x50c3feee12c4b7b3L } },
-    /* 47 << 168 */
-    { { 0x6de0fcdaf0f97e84L,0x1f225d818dfbc0ebL,0xe27a42efcd2c51d9L,
-        0xeff56879c0cb033cL,0xe700cb87c82e38d4L,0xc89a02d589d244caL },
-      { 0x0b464846ad9c718bL,0xf8d5ee1f8de96d61L,0x2cc33c3dfbfd0960L,
-        0x3ef549f0e199b6fbL,0x29f83f686c1597b3L,0x54ca37a3731712ffL } },
-    /* 48 << 168 */
-    { { 0x357540ab903ff177L,0x225280b8276af514L,0x33d273ac14d7fed3L,
-        0xfef6b9ffd186ee3dL,0xa94c207101a7b1d9L,0x4ea3627450bc8bc2L },
-      { 0xc68959c9fa98a918L,0x8f5ecceec7bdc262L,0x7a73a4fce6861310L,
-        0x19bcac90c828330fL,0x73e3b66f7ef74fdbL,0x60f7698352d8f2f4L } },
-    /* 49 << 168 */
-    { { 0xda57f1a65645cb9bL,0x3d5d3190f0840240L,0x6a0c6ab101bce275L,
-        0x38993676ad23128aL,0x54f7b5d7ea0da248L,0xfee930b38b04ccb8L },
-      { 0xadb9034e2cf3bf1aL,0x0488b71ae9b608daL,0xa3e51e303bd1172cL,
-        0x56dffa5844993c1bL,0x6b3211fa4cdcaf10L,0x223b2a43834d4e17L } },
-    /* 50 << 168 */
-    { { 0xb31f934134e43ed1L,0x895c99973c6b7f58L,0x360021084c465126L,
-        0x7eb0bf6b095df89fL,0xde3b2fa3ac534af6L,0xd9dd9f55c22477caL },
-      { 0xf52cfffc2092e355L,0x4ba071ac8d8bffc6L,0xafb61137abefe750L,
-        0x2887d0e4cb62210bL,0x0eb2be515f4fc157L,0x8c993039438fa2f7L } },
-    /* 51 << 168 */
-    { { 0xfd2a61093efae008L,0x60fa269552f57cafL,0x3591e64f481c36c1L,
-        0xdc2b9993c908a87aL,0x76bd4dea5bffb50dL,0x913a0458f70fb0f5L },
-      { 0x45ea6c4c097bbfc3L,0x3ebe29d3fa9e90c1L,0xc69532426479c087L,
-        0xdd1d24509abc7a4eL,0xa497b072d0fc7791L,0x477d71f9388ab90cL } },
-    /* 52 << 168 */
-    { { 0xab3578047e03a14eL,0x0f4f28688caf673fL,0x919e661e66530425L,
-        0x28da445c91ba47c5L,0xd6d0537566c394feL,0xfe1864a302e8ae91L },
-      { 0xd34baca2a753aec4L,0x43b7ffe7a2c8d292L,0x496659eb04efb8f1L,
-        0x310ec2a9e0252dfdL,0x98173d2f9168a80eL,0xa3e018d631497255L } },
-    /* 53 << 168 */
-    { { 0x39ee6439ddfa0ffcL,0xaea6f882c1d1d54dL,0x688feff654a65059L,
-        0x17ee5aaa37f25ebaL,0x6c9b4f2932b345f2L,0xb883c0c75b4d62ebL },
-      { 0xaf33e4ae3135aa7eL,0x28a7572c924146a2L,0x67dc5dd37e77ae8bL,
-        0xe11cd9c5ff39b601L,0xa86f090b5e6f364aL,0x76f7517500b84247L } },
-    /* 54 << 168 */
-    { { 0x26d3a3e3fbae20ddL,0x5e9b73cee1dd2b25L,0x7008aefb0235d5b0L,
-        0xa92af4ed2aaf208dL,0xab786c9bb1132040L,0x43250e6c9a91269dL },
-      { 0x00a15294c9be00ceL,0x2d5782df1698dd42L,0x3f980bbe76e3d6e3L,
-        0x5b602647496650fbL,0x461edc3271aca61bL,0x2516ab6c9805a01bL } },
-    /* 55 << 168 */
-    { { 0xb468fcf2967e2216L,0x97b840679ae47d05L,0xfcafaebc5cc15209L,
-        0xaf7f6c8ccc83c3d4L,0xa74d4cd5cfa47e0fL,0xd8a51615474cb8b1L },
-      { 0x4815ef52591462a6L,0x9c5b2cf74deb41ddL,0x39cb450b7e99d620L,
-        0xfe8cacbaa7772019L,0x98b98210577dc69dL,0x5e02b90072423a96L } },
-    /* 56 << 168 */
-    { { 0x3266c887d9d9284aL,0x690f818b73646ab7L,0x67315ec6af7fc33bL,
-        0x181e61abc30b1ccbL,0x1b81e6cd105a9e1cL,0x62a15daf5078b9bbL },
-      { 0x74f9840f6fa8cc65L,0x356b777443388573L,0xba0f7d0506b3fd46L,
-        0xb0ac864c92b4fdadL,0xcdeac253ef192cdeL,0x0c24810bc313b4a7L } },
-    /* 57 << 168 */
-    { { 0xfbcd4f77e748de9bL,0xb7d28cdfc25dcc94L,0x32f937a92e033c43L,
-        0xb6289636d9da1f7aL,0xd774e97dd287865fL,0x8d013739e6243bf8L },
-      { 0xee7ec1f856b9601dL,0x429017666afc90caL,0xc42d960ad2bef9afL,
-        0x654ece7f5b430bf6L,0x02878c7f221440f4L,0xe575aa6474a4e1a5L } },
-    /* 58 << 168 */
-    { { 0xc96e763e71a449f9L,0xdeda66311a349fb0L,0x6f896aef3c4e8f44L,
-        0x71ffe2d2e9eb36a3L,0xcbee21ab8f908a29L,0xaeb695f85be98708L },
-      { 0xb6023803de61e1a9L,0x59f1ec96065ecca3L,0x2a1229f3637d0741L,
-        0x5a9bca2c69441afeL,0xfc6daedbbbeaeed6L,0x950034954e2e31e0L } },
-    /* 59 << 168 */
-    { { 0xe59a827339859da4L,0x8720429fa7431a84L,0xfcab26e17ee3457cL,
-        0xc13c1125da3b7833L,0x0bb1043fbc0b0da1L,0xdc2726ea84b526e8L },
-      { 0x34049278a213a188L,0x400bb4a00a1a2553L,0x00e3eb25c92df398L,
-        0xc0b7113f9c36a6ddL,0x719d185001e274bdL,0x86f08f2dcde338aaL } },
-    /* 60 << 168 */
-    { { 0xef8c40bf1adb09b7L,0x2efeb49c0b74992aL,0x3f0f8a412b79957fL,
-        0x08927bfe87a06873L,0x1f63a4109288cb9aL,0x8c66fb70df2b373aL },
-      { 0x98da4712980facaeL,0x15ce5b17d819d026L,0x097571a5749a671aL,
-        0x85a40804894dd269L,0x3e89c13c34cb6797L,0x2d19d5e4d07119a4L } },
-    /* 61 << 168 */
-    { { 0x903eee85d90da9a7L,0x67723582de5ddbf9L,0xacf6898ad394eeeeL,
-        0xa700fb8fabdb94f3L,0x1bcc4f947ac5624fL,0xee5cccff7e3b8ec5L },
-      { 0x87d64d4d98e5a1baL,0x78727fc1ad9c4409L,0x55b4159b82310db7L,
-        0xaff4eecea58d10efL,0x6d2ec94c11c958afL,0xf129bd1043db33faL } },
-    /* 62 << 168 */
-    { { 0xe1f6d71ed42eebf8L,0x46f825b9541ac0b2L,0xb01031b693ae2ab1L,
-        0xfa4e1c357c589556L,0x65fb2504d273d1bbL,0x589d735447642bddL },
-      { 0x7a5776adcf5e2d53L,0xab5c3544e5feda7eL,0x48e8442d32dea96cL,
-        0x5f3e9c9e64d293daL,0x3f2df6a16b972a00L,0xfba58f5fa273832fL } },
-    /* 63 << 168 */
-    { { 0x5c9fe89240e9ce34L,0xfd9fb296633495d7L,0x0ae3c18a8c76cd7aL,
-        0xb5ede1e3a6b77012L,0x5ac7a9d5a285822dL,0xe41de7da71ffe07bL },
-      { 0x585f7e101b1bb4c5L,0x482794be74153077L,0x66f1c9d5a3e2a34bL,
-        0x491d48f7c749830fL,0x3c0f3bcd5416d2bdL,0xaa3baada90b04986L } },
-    /* 64 << 168 */
-    { { 0x58225208ecbafb80L,0x4f212035aa73d6deL,0x1224e45562fe86dbL,
-        0xa8c8a4782dc5b2f1L,0x8a957b8dc3096555L,0x6a3248b0b1591452L },
-      { 0x1e563c58cb604c18L,0x32808cb59bf1045eL,0xf8f62de99462e7a2L,
-        0x6b3dfe91c2489214L,0x6c1d8fc42174639cL,0xdfca11b8ef88d4b5L } },
-    /* 0 << 175 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 175 */
-    { { 0x5a4a5ce418690ad0L,0xd0f788e0fe27f51aL,0xd459388e4efe9a30L,
-        0x3a45c11aef9d074bL,0xf68ab50b93ab9cb0L,0x62fbc397ecd9a566L },
-      { 0xbfb79b7fcc587a7eL,0xfcf4d66f92870baeL,0x4f31aa21877390f0L,
-        0x2de0c645e314cfb5L,0x56d904f6238eab12L,0x4d104a42ccb4d4f6L } },
-    /* 2 << 175 */
-    { { 0x3eb83a8729358cd3L,0xad741295b9c6d430L,0x57b8c77a53abe4e9L,
-        0x0a14673ebb9feb82L,0xc0a6cbf7f26f922eL,0x213de299a32e526cL },
-      { 0xca417e677b6ca858L,0x8d6ae0f7fc2e0900L,0x2bae0e7a62e135ddL,
-        0x962bdcaea7ee82c7L,0x573d7f6ae5776c74L,0x9c4de6496ffbefebL } },
-    /* 3 << 175 */
-    { { 0x8c962fc809335d38L,0x26d1bc81eb38d176L,0xe1aeb295c47711edL,
-        0x0812b9926cbe3e4eL,0xeecacaf90ab9805dL,0x82fefbaa3521a0adL },
-      { 0x3a6948c0e2c31b9dL,0xb7d3905be82daf2bL,0xbd3ac90e25a34c37L,
-        0x55afd99b61453063L,0x56d87cd190b99303L,0xc9bf82dd97ddb0a3L } },
-    /* 4 << 175 */
-    { { 0xcbc0bb1968916917L,0x0bbb9f921094bf88L,0xf62cb350d3806442L,
-        0xe4d2f1cc397a7602L,0xa54bd48e43987d82L,0x77b6f8314f0a19faL },
-      { 0xfa0c9a456e766443L,0x995ae0fff51ba70bL,0x8e242c5b9cbd8d33L,
-        0x1671eb0813d97956L,0xccae388f40da55faL,0x97cc48faf376dce5L } },
-    /* 5 << 175 */
-    { { 0x1c2919bbe8c91718L,0x9dbb727a5097bde3L,0x23f87ae7f8ea2fb2L,
-        0xe1bfffdcba310121L,0x5938c50c75329669L,0x716c63e00549855cL },
-      { 0xe091b0c9654814f0L,0xa20535d10e43daeeL,0x16ce68b2593ddd04L,
-        0x7813a49af59900bdL,0xef0d3eecd3e5d232L,0xe7d12cc40ee3fd4dL } },
-    /* 6 << 175 */
-    { { 0xe54d92cdef01fc5fL,0xc46c2ab8dda2e25aL,0x7c907fd2849f6142L,
-        0xbb11dd2dacd0202dL,0xa4913a701d92d19aL,0xe9a26ae0cf610677L },
-      { 0xfff1e1d5538943c5L,0x5943dcc4a47b2204L,0xcafcf33a92cabf71L,
-        0xd571e13ce329d1adL,0x7626ad237a9a0e4cL,0xf0aa0d9f130d7f86L } },
-    /* 7 << 175 */
-    { { 0x09df3a4419e6aa7eL,0xe27ad0475841b1cdL,0x02d2a69fbde75934L,
-        0xb0e05e53fd9ba435L,0x4732d88ae008c16eL,0xdebc4777ea72110dL },
-      { 0xccb7d9932e3143adL,0x674f3753ea8cd06aL,0x56012a7a051562cfL,
-        0x961df68425f74cd6L,0x26630e71214d8a95L,0x584e8d6365d92f84L } },
-    /* 8 << 175 */
-    { { 0x8a89daefebc5557cL,0x7ca71403275e1649L,0x48d923775b80bb4aL,
-        0x0a587c52a45b3626L,0xdaff503cc75bfe91L,0xd845d3e6116d07d7L },
-      { 0x6b5a4715a51eeca2L,0x34ac02bd74481991L,0x8f076cfc595abf8dL,
-        0xc9de4ce9ed0391ceL,0xaaaad03ae1fcabd3L,0x8d48ec0087b199edL } },
-    /* 9 << 175 */
-    { { 0xbd0f2653ae5dd482L,0x59f968dd060032dcL,0x6bea33e067283310L,
-        0xccce88cc012aa50cL,0xbb6d7f2f66838f46L,0xb764c95f05ec9bcbL },
-      { 0xd097b60451477ccaL,0xc2fbda7b82b20a85L,0x75fe07a424e9ca8dL,
-        0xfc4fa8240cc40d01L,0x0b17d5f90c0e95f7L,0x285e6e8a6e1e46dcL } },
-    /* 10 << 175 */
-    { { 0xb0641d09bc9b2654L,0xf9fcc2e68aa8fa35L,0xd12a5b4b00d5ec6eL,
-        0x9be1a1115569d89aL,0x9c0566deffac7208L,0x7a9fd4ff7034edf1L },
-      { 0x636aeb6b9571c375L,0x60d05aec55cdf187L,0xf4e2f898734e9d2fL,
-        0xdaf742195ccdc6bcL,0x9d39249f608a4f28L,0xb5f1bb5e8820e2c3L } },
-    /* 11 << 175 */
-    { { 0xd02e9936d9589548L,0x8f1bf5755341402fL,0x1535a443057300aaL,
-        0x3062478e65d29324L,0x4203351fc656a3f3L,0xbeb21b516569c4ffL },
-      { 0x8113ce70e1f0f263L,0x59d1293903f9320cL,0x95061255d08f8936L,
-        0x8be3c0f997d4b705L,0x0259742e827837c2L,0xf55ea28d95c65cdaL } },
-    /* 12 << 175 */
-    { { 0x62024812603dc3dcL,0x25dc5337efd67b57L,0x86b3eb38d7f033fdL,
-        0xee3226b232646d6fL,0x8c4825f6f1dae596L,0xd2303055a5bcb8e5L },
-      { 0x904a53493c0baa76L,0xe60f6125e08646a7L,0xaf6a329f21d45f89L,
-        0xf20ad88a06605546L,0xcf7a0e9619a93d14L,0xf1eabcc891c97174L } },
-    /* 13 << 175 */
-    { { 0x72b76e9e8f02af51L,0xac94cbf1d580f95aL,0x2e9cd74801d854a4L,
-        0x4ed4e9061f08a1bcL,0x0a2b28419d2bd936L,0xbf86350051c89ddaL },
-      { 0x9407b0e7e3f00bf5L,0x6b1f71ff28b57ac1L,0xc1dfe03fcd28801fL,
-        0xf3d83d64afa55309L,0x47aafba28af8f76fL,0x54eed45f6604b2e9L } },
-    /* 14 << 175 */
-    { { 0x59edd2640f3e541fL,0x318674b582b76ba8L,0xbf4a0d304e7f0716L,
-        0x36fc0e4119b88200L,0x91db560240da801eL,0x638371ad2c72c2c7L },
-      { 0xfe960c25d5822da7L,0x7a7571d14a7415e1L,0x5a6480febccc1576L,
-        0x72f4e5e5c3c88f47L,0x224e7e749a7bd8ecL,0x3ebbf52c7631455eL } },
-    /* 15 << 175 */
-    { { 0xae3c2bc08608ab37L,0x35e3da8c39f336b6L,0x7413664281f44511L,
-        0x21ce7c511d8506e7L,0x9b6718b3846165f1L,0x9e455007f5cabf6aL },
-      { 0xec582a0e02611073L,0x269aa18d83bf042eL,0x7c54fb7c86306757L,
-        0x453336021b948fafL,0xd3a5c508b7025d73L,0xcd6e555b428471e4L } },
-    /* 16 << 175 */
-    { { 0x42c9fad511a224e6L,0x6b6aeb8b69b2ac26L,0x0cf4c7fdb149854bL,
-        0x4a7d90002fc359ebL,0x9ff0c3ea29ec8603L,0x157ae7859b24ee14L },
-      { 0x638c809a8979e9bbL,0x347dfb2e7869d8c5L,0x2fb1e0f8a07ea547L,
-        0x1e580d32aecdec3fL,0xbbf895730f74025bL,0xeb94d71bdd529164L } },
-    /* 17 << 175 */
-    { { 0x8670812a35d03250L,0x2f68343f1984cd59L,0x5fe890caf1ff97ecL,
-        0xd47fff536f764b2aL,0x70fa44a4f8f7077bL,0x7b287efcb2c7fe02L },
-      { 0x0718e70806dedcdeL,0x37193c827172c0f6L,0x47ad55f67b7f28a5L,
-        0xaf83c4fe9c71a96fL,0x2d6075587c490626L,0xe647de1b933e9033L } },
-    /* 18 << 175 */
-    { { 0xdc5909e3f1687d4cL,0x4fe3be46d431c5a7L,0x28c41a035f9807beL,
-        0x2c4203fd12f1f8daL,0x13f12da450a19620L,0xc32f881eae2e9835L },
-      { 0x56328ef7622587d0L,0xcf785f038f209f66L,0xb562ea70a2697748L,
-        0xa762289055598769L,0x9842bfa8fbf41fd3L,0x304c3057fa401ba0L } },
-    /* 19 << 175 */
-    { { 0xb8d685d1c56bc716L,0x1eceb18f1fccc358L,0xf94bedc82034cabdL,
-        0xa9acaf11ad003472L,0x6fea0a55ad0786c6L,0x60f7f9a9581f6f52L },
-      { 0xc4736494400bcca5L,0x221d8f8a3606b047L,0x533756fb6339c7fdL,
-        0x1e068e987510c1a4L,0x9bf9abb6ededfa09L,0x96895ce548d54775L } },
-    /* 20 << 175 */
-    { { 0xc995b0171552c477L,0x6f92a95252351781L,0xa9d4bb6c4da25dafL,
-        0x2b02828e3cf6aab7L,0x5f4febed11fa4d0bL,0x42f0e61ea12d9d37L },
-      { 0x1ceef875d24610d0L,0xa7c85c485d4eeceeL,0x33fcfa3b79340a49L,
-        0x3671e563b00b3491L,0x871f74e493eade0fL,0x1ed095182c546f3eL } },
-    /* 21 << 175 */
-    { { 0xc003b709a9a5c68eL,0x9441e7b26c84310aL,0x7ec3b652dd90f7c5L,
-        0x17e601685b526324L,0xc5f77fee479573aeL,0xe89beed18453fe7eL },
-      { 0x259a2b0364540cadL,0x8c2f13322b9a8053L,0x1db53ab7304940edL,
-        0xcf780c5d1612763dL,0x2edd7285e19b62f9L,0x20ddc9874abdd7a5L } },
-    /* 22 << 175 */
-    { { 0xa70aa6781250954bL,0xe4a2f7cf2930f3edL,0x3e3dd26666fd719aL,
-        0x500166cf792ff463L,0xeccd32cd75cf00a6L,0xb65f46a5c4526e56L },
-      { 0xfc3a99c360aa8cd7L,0xe04a18b31290b20fL,0x957139a218cb9326L,
-        0xf6b352ce11fc04a5L,0x9314b80778534e64L,0xd4a265c52d8f5015L } },
-    /* 23 << 175 */
-    { { 0x7078b4820dca1fd5L,0xec3192daeed504baL,0x144183332d06a63eL,
-        0xaff9f7bd69c01ac1L,0xc5fb50475b74308fL,0x37846eeaa67e7ef4L },
-      { 0x0fcea663976b931bL,0xd3407d42bb345b71L,0x925afc36a2deb11bL,
-        0x12c271092207db49L,0x237500002e1c8fbeL,0x41427e0763f771cfL } },
-    /* 24 << 175 */
-    { { 0x9dafbe96491ddae9L,0x92c60b897741da5fL,0x1185b001b866ab14L,
-        0x7a43b9cfca7f2f81L,0xaaeb5efc6ee8fdfcL,0x1f7cc70022beba9dL },
-      { 0xa212724722e3e7cfL,0xb98dde1e9e723477L,0x87832183ac89706bL,
-        0xdfb92ac1ff72f1d5L,0x5877fe6daade3804L,0x7ddde4a79170b9acL } },
-    /* 25 << 175 */
-    { { 0xdb147da0b7df600fL,0xbef5374660a8b100L,0xb4c7e404a1330d14L,
-        0x152c6ae754f96693L,0x08884fecb25fd94dL,0x8ec186048ba59001L },
-      { 0xdc245c0c9f8e77fcL,0x2be5aaebc0f0a83dL,0xd15bdecd1fd13525L,
-        0x46b603f0821c9224L,0x6b335a7daf6dc128L,0x4cead4f94dc6b5bbL } },
-    /* 26 << 175 */
-    { { 0x239cccd8179fac91L,0xffa076063829d42eL,0x75b8589cbd42a0ecL,
-        0x012f5e80d7f2292cL,0xdcee7efd99c14665L,0x4925256d23650737L },
-      { 0x847c86ecf3cc64afL,0xdd34a75feabc04fcL,0xc2f73b3ac6a1f710L,
-        0xe16e317565cbf6fcL,0x9cccffee351461d9L,0xe3d635543b4fe4b9L } },
-    /* 27 << 175 */
-    { { 0x6e27de1176ece8f1L,0x3ca873a79d5a3cb7L,0x7d65cdff7e424482L,
-        0x023e5bcf69372216L,0xae601c2f2ffeb5a6L,0x8c8888cbde130b33L },
-      { 0xcb8309485700ecc4L,0x5a1902ef9dfe1891L,0xe01f5fc558198380L,
-        0x9d5d1c476c59f973L,0xacc64c98e34cc41fL,0x057d81f03065d870L } },
-    /* 28 << 175 */
-    { { 0xf3a1a9797aeefd73L,0x3fb166a09537abf7L,0x39e8c469d4c37607L,
-        0x3efc85650e3f034eL,0xc955c2dff9c25655L,0xd6ce96ec260fa449L },
-      { 0x5383a8b831d8e6d4L,0x3aed2e761a3595dbL,0xbd269c39e22a0f45L,
-        0x4c82238694a7a83cL,0x362f08055731bd0cL,0x7dc1e7ee0527be95L } },
-    /* 29 << 175 */
-    { { 0x606ffedfd41ce228L,0xb87608d0ceb21740L,0x6fa23c0794a4354aL,
-        0x587a7c54d5061d84L,0x75678bdb16b823ccL,0x2d2163c94ec818afL },
-      { 0xa80b1e4e22c6fcaeL,0xc07cebee4d2a4b65L,0x64f303c7a895e2c9L,
-        0x750079f5a768a2e6L,0x0665502c2d423133L,0xaf33176715135cdcL } },
-    /* 30 << 175 */
-    { { 0xda8f7878c715abf4L,0xc62292a5a5830c4dL,0xfcd30f7e4b46acb9L,
-        0xb931f1ee39a73db2L,0xf838a5c84ee1afb0L,0x15609b57c202a921L },
-      { 0x2e21871620bbba58L,0xe1d2fa14ae2615cdL,0x0a4dcf3543946185L,
-        0x2e80d804730d2490L,0x5e43dc17794246b6L,0x7b3588c8dcb3be9bL } },
-    /* 31 << 175 */
-    { { 0x3e74f09c1bb8e6e2L,0xac587847584dba0dL,0x926415593f843324L,
-        0x0033257729f3ed18L,0x4b7164e5d0089537L,0xc50542793e54c9a0L },
-      { 0xbae7ff9808e58162L,0xc0707d03c1aa2fd9L,0x43524f717714dca8L,
-        0xa202a0707255b169L,0x0a7867ab4249b2e0L,0x03f748656d6ec5e9L } },
-    /* 32 << 175 */
-    { { 0xfa2db51a8d688e31L,0x225b696ca09c88d4L,0x9f88af1d6059171fL,
-        0x1c5fea5e782a0993L,0xe0fb15884ec710d3L,0xfaf372e5d32ce365L },
-      { 0xd9f896ab26506f45L,0x8d3503388373c724L,0x1b76992dca6e7342L,
-        0x76338fca6fd0c08bL,0xc3ea4c65a00f5c23L,0xdfab29b3b316b35bL } },
-    /* 33 << 175 */
-    { { 0xd2437a52eddd4b72L,0xe2cec2abf051b831L,0x845af98e482a4ea4L,
-        0x75758ccfa43cae82L,0xa76733429260ea35L,0x77845b02b1dd602aL },
-      { 0xb78bc4c047d5c450L,0xcb1f444550ad371bL,0x6bc01293d71cc417L,
-        0x8538f638c1fcb367L,0x5d01d35919b313f3L,0xcd6b55bfcf67f6acL } },
-    /* 34 << 175 */
-    { { 0xc28000d6e3b03290L,0x4dd5064a5f2ddbcdL,0x4916f830338a1414L,
-        0x3ffb8381aca74c22L,0xec073ee8e680f548L,0xa34e0693a0430cc3L },
-      { 0xc6baf20dca03e6e7L,0x2a30df6e835fb88dL,0xbf3c9e9cc2092d6bL,
-        0x391cb25c17bc2433L,0x9b7de7126c205c0aL,0xf25e1494cd2a5e62L } },
-    /* 35 << 175 */
-    { { 0x05ae44e9d21fdc9aL,0xc520657fce40ebbaL,0x6b8e25431270cb59L,
-        0x24e6f9bff7f096d0L,0xc6ded76a3ed81f52L,0x729d05e75f7df798L },
-      { 0x99e2636fe5468eb1L,0x6f3abd4c00419facL,0xfc61117a9cc41e09L,
-        0xb16f106baa399a51L,0x05603bc845e52713L,0x612658aca5c36107L } },
-    /* 36 << 175 */
-    { { 0x107573b96defe8f4L,0x9a9edf0570545313L,0x5df43df0e54e8272L,
-        0xac91bae8eeb4ae90L,0x241d54bd26006ab1L,0x0ba118a6c031de7dL },
-      { 0x376214671f500d4fL,0xbbd6b318bc3596e4L,0x4b5532c85992277aL,
-        0xb15165da16a4728bL,0xbd7986d45140abdfL,0xf4fe16df7386f38aL } },
-    /* 37 << 175 */
-    { { 0x8c5d305696aeee65L,0xe52e500ea79991dcL,0x3af4a3ef343fdde9L,
-        0xc6d0389b248ad10cL,0xc3dbdb3f5014de53L,0x606b1352310a0cd8L },
-      { 0x65af3f8479bde08fL,0xa6c7d968d82ab682L,0x7262c07d202a6508L,
-        0xd0231bb64cd75fe0L,0x58a34ca5dcb1f7fbL,0xcc8b21b21b8cf7a1L } },
-    /* 38 << 175 */
-    { { 0x4cd6e61be824653dL,0xfa02c0c9f253dd65L,0xab198e41b1e84cedL,
-        0x89ce6aff1928be7cL,0xf2a83f4895afb956L,0x5b5f195ddc73f3a5L },
-      { 0x44220ff79328317bL,0x03d62cb7f5239616L,0x0e908d34b5d49415L,
-        0x050b7651c1f7e665L,0x3610167089e1a98bL,0x564abb3418eb7644L } },
-    /* 39 << 175 */
-    { { 0x400b363b2eecacf6L,0xe2ae5bee1ed9fb9aL,0x23374b11831e99c6L,
-        0x0a8382d82cb9de95L,0xf95b8e052dc02291L,0x63b05a0d2f752257L },
-      { 0x9ec16f84b60d9df4L,0x6ed683ac3bda5171L,0x7206450813acca39L,
-        0x6024af3cf8871ba1L,0xbf88040e2f9a4d56L,0x001054149fb100e5L } },
-    /* 40 << 175 */
-    { { 0xd52c606375ccd2e3L,0x4fa8e4df56ce654aL,0xcd905c9bce581d23L,
-        0x51ce0eab24ff75eaL,0x1c1c0831432c6e5fL,0xb83307aec02f0e86L },
-      { 0x0b7a0274fe2ee821L,0xae7dd7729c3d69faL,0x54745da5931ed75fL,
-        0xc276d96f18caba13L,0x142571dd26dd9792L,0xc522dac16c0e3167L } },
-    /* 41 << 175 */
-    { { 0xa86fa630197b5b97L,0x749ea479fa21c176L,0x520c0e4871ce7101L,
-        0x5c53d9ebe30a0b0aL,0xdc71b629ceb570feL,0xa30fc3d11fa3699eL },
-      { 0x741321b579cbbfa4L,0x205ea0aae8d18119L,0x94556e92fc62e0eeL,
-        0x5ba78d4e042b9c3cL,0x14de84103fa24a56L,0x6e57a9fbd6557bceL } },
-    /* 42 << 175 */
-    { { 0x2a5e716ff103d9c9L,0xda2f7e5cb9cd27ecL,0x317f74b8e047e5cbL,
-        0xf1f496d33a4413feL,0x1a480a9cb8cc9fdeL,0x502b52d7575208d4L },
-      { 0xf14fe00cd19c49a3L,0xf5c2367b269be5a9L,0x966a524f12d42690L,
-        0x2786ff714dd03b95L,0x6fa1f891d69bf68dL,0x0f3d77579f67b3bfL } },
-    /* 43 << 175 */
-    { { 0x230c8d00c966c638L,0xde5c9e8e54673305L,0x618b0dd561bc99faL,
-        0x669618048f3cb5c0L,0x7c653ca507141ba5L,0x454d54ff32ba155aL },
-      { 0x82665a307df3e39fL,0x15eb1a65ca19cbb7L,0x4e7632a617330ab3L,
-        0xc69235295a3221b4L,0xe23ee9382eb58e9dL,0xb320aa8e23bcf88cL } },
-    /* 44 << 175 */
-    { { 0x6ba15fe607a7ecf8L,0x93127926f831cc91L,0xfde2dbf41ff6264fL,
-        0xdf7f22018413fdb2L,0xdd81d11487f66260L,0x87907f0e4a87133dL },
-      { 0xeac1032cb1d47e23L,0xe2603119125a0918L,0xba680392f2259208L,
-        0xb7c7f8ebf9bf06b7L,0x875a380fa56ba57cL,0x05a88a97460c939cL } },
-    /* 45 << 175 */
-    { { 0xfb2871b7d0dc771eL,0xd12b21fcbaf358c9L,0x30dbd412df616c16L,
-        0x291bd90f9345e16bL,0x92f7534b8ee6bb6dL,0x7ebc5b0eb1c901a0L },
-      { 0xc9e9c76151e1881aL,0x5ca52152756bfecbL,0xb0a9f5cb6affd506L,
-        0x4c12f965669feb3eL,0x01d84b9ea6f1c529L,0x3870fa27e8433c92L } },
-    /* 46 << 175 */
-    { { 0xe4e9e72495bb5db0L,0x86babe3ffd616958L,0xc1520c280f93c1cbL,
-        0xe393ded539cab777L,0x031a2af3e86a6ca3L,0xb26a19101e8466eeL },
-      { 0xb16b746dbb64fd81L,0x4e96f0b65a97d50eL,0x7a12a611a793fac2L,
-        0x8d729847db6482aeL,0xdd050ce812e72ce5L,0x915041366c54299aL } },
-    /* 47 << 175 */
-    { { 0x9e8018c06b63c4beL,0x49dde0c8fce47904L,0x1668de9c9bae36cdL,
-        0x8dfb0d5f80ed18aeL,0xfd6739a791e1949dL,0x80353c9f8053d7d6L },
-      { 0xa611699bdea54710L,0x5eacf16e6c6c1f5bL,0x5212fbd3c920323eL,
-        0xaf75db75848d085fL,0xb58564b1babb45b8L,0xefa1958938bc491dL } },
-    /* 48 << 175 */
-    { { 0x0a43a76c2f95a081L,0x27eaf2bc38b1c395L,0x6ba3222c63da1d80L,
-        0xd95ae17e6a78ce09L,0xa72d9812508f03b3L,0x9f36d02efa8ed359L },
-      { 0x1716d1dcd5118f96L,0xd116339f489bbc53L,0x272153ef6f7e1d3dL,
-        0xcb4a9e739e308d22L,0xcfa9d88b615a3646L,0x8b69bd6cde454569L } },
-    /* 49 << 175 */
-    { { 0x33ae0fec2b8f41feL,0xc45aac500762c46bL,0xa03bc6ddf228ec44L,
-        0x82cb78cfea3d48c2L,0xbe7a02ed27126795L,0x1a44d1f830b3e3ddL },
-      { 0xb414edc73be7b58cL,0xb3e6c7ce331bcbc9L,0x9f6fd0f2903b3508L,
-        0x260c8b5736cc2930L,0x8581a05d0d59278dL,0xfac1817b189b3005L } },
-    /* 50 << 175 */
-    { { 0xbf4d4640cc9a69c3L,0x07b39b5d67d262dfL,0xcd4a6a4579526d6cL,
-        0x4a04c430538143caL,0x6c3341b86639e3b0L,0xd490cab5ab7216d4L },
-      { 0xedda2b64a2a93161L,0x04e309de644a06f3L,0x7cad728a8c4495fbL,
-        0xe1744f3871dd61f4L,0x39cbd782e3201618L,0xbd66e1850ca18ab4L } },
-    /* 51 << 175 */
-    { { 0x69d8237f87dcb8beL,0x3f9a485b090e0237L,0x535371e1f117a1c5L,
-        0x0d5ef52675430c29L,0xcb9c150898fdd18dL,0xc7c1a7b4108d9383L },
-      { 0x6ba9fb4d98064eedL,0x07d205a9a3df31c8L,0x7a0be62e9be5da37L,
-        0x03b21b1255a9e2c2L,0x3f4792263de80449L,0xb0160ee1ae3bf31cL } },
-    /* 52 << 175 */
-    { { 0xa22c084a7a3f8c5eL,0xeb7fe23f3ef30511L,0x161ca862819fa38aL,
-        0xe5f014156d45762aL,0x37da6bb95718b789L,0xfcb682bbd837f453L },
-      { 0xc49c7397275e5974L,0xbe908df5a1ed0925L,0x3dcd694615a13ea0L,
-        0xdbe652e32596fa76L,0x6a3bcc93c55d376cL,0xa2f7611933a0f02bL } },
-    /* 53 << 175 */
-    { { 0xdfff9b9c6ed061ffL,0xa36aef2dec32b16cL,0x9f3b7ab6da61572dL,
-        0x96e72a027ac2dac9L,0xb0e36e023aaf4fcdL,0x5f32a620503004cfL },
-      { 0x6c91dacbadcd649aL,0xb25deea21ac02a32L,0x211a421ffb914c2cL,
-        0x1ddbd60e149fde1dL,0x91c4cc0d7ce86ad3L,0x8be6f031b9ed909cL } },
-    /* 54 << 175 */
-    { { 0x62e773c4a0cb50ffL,0xe54fdbdd2e903681L,0xed2bce9e21c12ca9L,
-        0x13aa4748c072bae6L,0xb290c0ad475f290eL,0xcbbc3f9b56698a85L },
-      { 0xfb37611b1b7fff76L,0xe62a842260bc2e36L,0xb6a36c783bb20fd4L,
-        0xdec045418dd69509L,0x67648b7798a1ad2aL,0x4fa2005d078fdea3L } },
-    /* 55 << 175 */
-    { { 0x757f249416307553L,0x865af9d0de6bcb49L,0x3943031a07b0104cL,
-        0xe5fdb46168da2d33L,0x4937d614b5432b48L,0xb3fbbf2c0a29a5e5L },
-      { 0xe7d3b12b8de89887L,0xc1a43c24e41258c3L,0x91ac7eabf7d9efe4L,
-        0xfd90de0088385cb3L,0xead102e37674c39fL,0x7b9a2cc4fff118c5L } },
-    /* 56 << 175 */
-    { { 0x11f92678a1e598f5L,0xde8052491fbb882aL,0x3730b3261154d0aaL,
-        0x0e279827da521670L,0xa03c8c702336f8c0L,0xae50e64ff0bd66d6L },
-      { 0xfbfd665f7af4f681L,0x237a4f4e5c8d5680L,0x6527611ba409064fL,
-        0x1f4eff6a99db9a94L,0x4a55d96ae53ba177L,0xd9dec234f002368aL } },
-    /* 57 << 175 */
-    { { 0xbb837d0ad193ebc0L,0xab1e3eccd09b24caL,0x229f36d81d848777L,
-        0xee895edf0ab68c98L,0x67fc65f4dce31b92L,0x777ebe585db96c26L },
-      { 0xca0893ae6047d0d6L,0x71a2ca0b550d6905L,0x35426866eac4c2e3L,
-        0xb4d7e78e0c1b8eb0L,0x03cb0a9a84b384e4L,0xd8a99a5c7f7115b6L } },
-    /* 58 << 175 */
-    { { 0x07db8bfa5f25a74eL,0x97dd568a3dd8e706L,0xcf4c02a32fb59efaL,
-        0xe2ae502616b291e4L,0x5499f3b20f9c10cfL,0x59abdcf5a7297ec7L },
-      { 0xcec282671f4a3646L,0xc10ae0971e065cb1L,0x172f886319dbbaebL,
-        0xb0c27f7d73dd068aL,0x764d185495086ceaL,0xb89923c732de9a97L } },
-    /* 59 << 175 */
-    { { 0xacd499ca093345e2L,0xfbdb3895f3c23800L,0x2584f8ca02f0fadbL,
-        0x9f5dc96ec2f35eddL,0x4dd102ca1ba0266dL,0x13ee9c8aa9f26fabL },
-      { 0x9e7467fa2a1e61daL,0x999764b6850191c5L,0xd053a575b70dd8dcL,
-        0x697b856fd7065eb7L,0x9d5bb6aa695b4914L,0xc5cdd170e65001f1L } },
-    /* 60 << 175 */
-    { { 0xe87cf622e93495f0L,0x347b09c6bb43a802L,0x2a38f3b7a4e3ac34L,
-        0x13353b959751c1c4L,0x753ec3ecb3947985L,0x3bf856dc12d3fa90L },
-      { 0xbf4f6fa5ec35dbe0L,0xd099a15bf3b4fcf2L,0xb348462fbfe7245bL,
-        0x508324b352a2d4f4L,0xec4bae05feee1315L,0x468fa9e404496618L } },
-    /* 61 << 175 */
-    { { 0xc57673257d5e7a94L,0x40c05da604cefc01L,0xba1fd6c6b921c681L,
-        0x0d3e09f9c104cedfL,0x4b7cd83cc6586416L,0xb747d7f9adfa7bfaL },
-      { 0x833f8e24a42be782L,0xd5f0421d06b2471fL,0xac87b17c22e4b84eL,
-        0x85af6b063a10c7bbL,0x4e557cbf66e88e2aL,0xaff21b66d3751e40L } },
-    /* 62 << 175 */
-    { { 0xdbab25f4c4464538L,0x3c36560ba93d7f74L,0x8b9b15d39f86f410L,
-        0x1237e35b0a1db237L,0xc9dad97994f49677L,0x390a3d8f15dff99eL },
-      { 0x0a74dfaef82c19edL,0x3f8e958589c2dc55L,0x763448ce94a8e729L,
-        0xc6349398625f0517L,0x1ca5f9e7523dd700L,0x45aa25317fe638dbL } },
-    /* 63 << 175 */
-    { { 0xe91af601aad04ed7L,0x6f86f323e897df2eL,0xf8c259564c7a0ab8L,
-        0x6e793f3633845d15L,0x08937ef5e583d043L,0x92dafa5824d1fd96L },
-      { 0x6458ae2a86c9aedbL,0x271823a026a4252fL,0xb119fe4c5a57ef16L,
-        0xf41e13943a507289L,0x0cbf1da6bd1aa499L,0xa177ac9dc2465a51L } },
-    /* 64 << 175 */
-    { { 0x14f962e404a8313dL,0xc6e3e7c45f1f5a26L,0x2c0e11c079e777beL,
-        0xa1705efb4657c31bL,0x02688fd23c494de3L,0x75664a84412a8718L },
-      { 0x878fc7ad7a422f8aL,0xe5d581df7419bd0aL,0x7c813c4c704b70c0L,
-        0x98553da87323c008L,0x4f63cec663089f1aL,0x9626d6fa9655d291L } },
-    /* 0 << 182 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 182 */
-    { { 0x10586ea7507f8b27L,0x1510deb9a261f7d7L,0xa42fc4d7dfbfa352L,
-        0xbf38c3821e1c2291L,0x46e40ef60e11760aL,0xc24f6061dcb974d7L },
-      { 0x755b105ba7619027L,0x8004bf09b8ffa759L,0xa630d0b00945db60L,
-        0xa160ac9cf2809e1cL,0x38fc1113dc6c95c5L,0x01f540985d52574fL } },
-    /* 2 << 182 */
-    { { 0xcda68a7e698ee21cL,0xc7414d196a5e725eL,0x483be2dadce20b91L,
-        0x7de1601cfc69dca6L,0x4bec17aaac4f9891L,0xe8741dd18d479a56L },
-      { 0xc623cb8dac23a286L,0xe20a96b5166133f0L,0xda9bb7c030dcde61L,
-        0xf84ea3273a1733fdL,0xd7afb6c3e82fac31L,0x37ea7d35d3897449L } },
-    /* 3 << 182 */
-    { { 0x120649b20370327bL,0x0e76555acd48cdc6L,0x4ed54decca01db03L,
-        0x7be21319ac601d22L,0xf711661901b6576eL,0x7839fa064e73537fL },
-      { 0x169d43ace46e860aL,0xde6d658c3078eed9L,0x8df731395032142bL,
-        0x6be199b09b3c76c7L,0xc2f385f6f8bbffe5L,0x848df7f3d5ffd28cL } },
-    /* 4 << 182 */
-    { { 0xa189f30fc6a6d6d1L,0xdd674d3669665ab8L,0x307c9ec37d8da76dL,
-        0xb3e1d006c1ea7c10L,0xc15e20b3b88c62d4L,0xb0000ec50bff3b3aL },
-      { 0x9e330eb19ff9aa5cL,0x8663f9fddf578877L,0x157d3cb002e1eb2aL,
-        0x638f297bf525e4d4L,0xa20f833234a3dff1L,0x748ea86b45a9c051L } },
-    /* 5 << 182 */
-    { { 0x978ed3abe664c066L,0x3f4a8e0d668361eaL,0x0ba610c753a25231L,
-        0xa8b5b864189143c6L,0x0d7ccefca2841fc2L,0xa80dd8f3f8fea1e1L },
-      { 0x2c24af232e19028cL,0x0e332b77919decaeL,0x44eae977f6089c76L,
-        0x25e04dae53722e9aL,0xdd6f8b1f71ac4db0L,0x7c5b6ffd075e7bc4L } },
-    /* 6 << 182 */
-    { { 0x4c6299a7a1de1cc7L,0x362d293c02d9445bL,0x08f24df0399a9494L,
-        0x33307792e37a1851L,0x1cc5e448760f680dL,0x70a6a8164a2efbefL },
-      { 0xee939681246fc671L,0xfa7a26d1f70a9c14L,0xfae5ca89b826aab5L,
-        0x6b8932c7e48176f9L,0x379f89bd9841c8e1L,0x46141d2fdb674190L } },
-    /* 7 << 182 */
-    { { 0xf4408485b4619d3aL,0x34b4f18160b4f44eL,0x369edc1b3532caf0L,
-        0x2d0471ec6771abc2L,0xca4129311013266dL,0x02e636af617e2024L },
-      { 0x1f93d60d3c69696cL,0x6aba7f2a1b99a172L,0x896873e1bf435ce6L,
-        0x9649f08215b71e40L,0x730bedcfa02b024fL,0xb17e9cbd8df60bfbL } },
-    /* 8 << 182 */
-    { { 0xfe9fdde8bc266ee3L,0x91668688ba18e6c7L,0xa65349acddde6f6eL,
-        0xc53c29c97e54356cL,0xee15ad945709f73cL,0x033b3940e5429277L },
-      { 0xf52035cdd0c3475aL,0x9c5bef4d93f1f1f0L,0x26e0b0ceca319bd4L,
-        0x4e7eb67b6951fd8dL,0xac3a6f4395c34d6fL,0x1f2769e600f60b59L } },
-    /* 9 << 182 */
-    { { 0x95188c136c4d0bedL,0x377a04901b5271e7L,0x60db30226a540165L,
-        0x4be61fda3310c5b9L,0xbbb4fbe93f8bbf16L,0x5232fb46ac12f77fL },
-      { 0x8d6f75ab255b569cL,0x09cc854d3bd39650L,0xec17a6e74b557c3eL,
-        0xd6949f9d5c3d149fL,0x9a17a440494b18b2L,0xc10cb9d5d4a024acL } },
-    /* 10 << 182 */
-    { { 0x4520be6b8eddc97bL,0xeb8f2c317391f948L,0x18fcbbd772369418L,
-        0xb8950ee217246882L,0x6b1e4b7a382e82c2L,0x9e2bb1eb7ea4c447L },
-      { 0x5202d913c3c5bc54L,0x53ea78cd21352716L,0x7bd53ffb36e6b4ecL,
-        0x8325bdf817387196L,0x33b2cd8af94d6a73L,0x206bdec5e13db4bcL } },
-    /* 11 << 182 */
-    { { 0x6e27ce2609c98c86L,0x8f87ec4c958002c2L,0x00b6897064ab26edL,
-        0xd2b4037282e5e129L,0xbeae654c78c48327L,0xc0632b4341a54107L },
-      { 0x7b1fc7f001562313L,0x01cd1b5c1fd6a56cL,0xa199a69835e71626L,
-        0xb02b2692635fbcffL,0x1c0c4200a0632386L,0x637164f8d6c670e7L } },
-    /* 12 << 182 */
-    { { 0x2c47010d18e30ee3L,0xb7d4b1dbfdd5f040L,0x5c8abe509d930f6dL,
-        0x6bcf875d5f56cf04L,0x1f6456c0062f1fc1L,0xc79597805304d710L },
-      { 0xd76452e4db85dcecL,0xd531f73fa0cbf90cL,0xb5ae9fc89021bde6L,
-        0x505c6b9f4babfae0L,0x99d943c17ea61fd6L,0x6ef4766159bf125aL } },
-    /* 13 << 182 */
-    { { 0x3a48020daa0b0a5dL,0x4a32d4d658bad0dfL,0xe013dbde2e4340ecL,
-        0x99efac69a5fc51f3L,0x26acf7a669ee64c6L,0x36672d6566fdc9f2L },
-      { 0x77426caedcb879feL,0x0166194676e3be96L,0xb6fe4709b2dac331L,
-        0x1f3d8a63678ff3ebL,0x711c0ea447bd5865L,0x5fbe38e87c080adeL } },
-    /* 14 << 182 */
-    { { 0xd0891b2df4e61379L,0xea2c7ceb9941c391L,0x1441a2d099677e8aL,
-        0xc29d88c8abcb3669L,0xecb1a21a06ce9bd9L,0x0663fa7cf5b11fc6L },
-      { 0x440a5a1c0c44c2c8L,0x08d71bc39fdded3cL,0x62b53ca512d33d2eL,
-        0x3fb8640e005e8adfL,0x2a9acaefaa2673a5L,0x356ae6f6695f8448L } },
-    /* 15 << 182 */
-    { { 0xcf3c9b318496d935L,0x7e849aff8ceefc78L,0xfc06a46e7a5d692dL,
-        0x87248699e89463afL,0x4dc55e5e8e17af3cL,0x3378832fe41ec54cL },
-      { 0x7578d6192816f87dL,0x505845612806d3cdL,0x7354f1022754c3d7L,
-        0x61ca6cac08d64863L,0xecde4969eb9954ecL,0xe0c211b4a1a5dae0L } },
-    /* 16 << 182 */
-    { { 0xbd10b8bffb787270L,0x4f0b1566e43aaab6L,0x9a18be5ec0c90781L,
-        0x3677f4c71ad167ceL,0xccb254e2a68c1c56L,0x392493e6e2c4d275L },
-      { 0x44958cb1d5b63617L,0x178f141a4caa4e7cL,0x7445a767a2ffdbd5L,
-        0x0e789c99b0b6c22dL,0x3ff8b6565dc92b2eL,0x1623e5c3eca98782L } },
-    /* 17 << 182 */
-    { { 0xcb013ff62c5c50daL,0x5e5550b70b256dd6L,0x38249ee1bfd47036L,
-        0x984daee275379fbfL,0xfb35304588c6bc7fL,0x32379c955f9683aeL },
-      { 0xbcb4ac531b5a8626L,0x1057d2a3bbaa0deaL,0x114ef8a7ffa8efb7L,
-        0x553a34566da90cbaL,0xa2ced0b21a365fe6L,0xcec4d64bb1ccdb57L } },
-    /* 18 << 182 */
-    { { 0xe0312b66b81fe0eeL,0x11e0493b892c7b21L,0xb6a1d76e624ce73bL,
-        0x38768ec0cd75cb6aL,0x425b091f2032c271L,0xa88d39f55b5d8338L },
-      { 0x1496b9ed1916be43L,0x14468e3054549f3cL,0xd429c2c47248e206L,
-        0x21a1c212fc9e892aL,0x0feb5822640c984dL,0x0cabfb472b7c0c66L } },
-    /* 19 << 182 */
-    { { 0xcda1c4cd1cc5a20fL,0x33d66a893f67814bL,0xbba50d5360ce82edL,
-        0x9d34dc4d70553a53L,0xc926f498a8a1442fL,0x9dfe3cbccbb43feaL },
-      { 0xd25887434fd3e4efL,0x7443a9a9a371d894L,0xb53e6afaa22bb4f9L,
-        0xcef3fa347dfc9da4L,0xd079ded047403836L,0xc6c97c36d39aa93bL } },
-    /* 20 << 182 */
-    { { 0x6618fcae534f6370L,0x1635580da1a864a2L,0x90ad39947d7ce552L,
-        0xbf8c45895257f24bL,0x5a9499202098768cL,0xec1eb621bb6d8830L },
-      { 0xfae8f161f1f9ac16L,0xfc9184ca35704c99L,0xa72b1ea9139ea04fL,
-        0x82229a912e39e1d8L,0x4153bf3e479c7bc2L,0x83325be4c5541825L } },
-    /* 21 << 182 */
-    { { 0x358a91badbea81d1L,0x4d1947d7c669c7a9L,0x4ca6d8f18eedbfcaL,
-        0xf9eda237069b3b93L,0x9e1217e5a35ea963L,0xb7e16f08ab960c77L },
-      { 0xf440d825fb313db7L,0x804c5262101c5424L,0xd236a0edab3c4f7aL,
-        0xf8bdb2b1c2682459L,0xfaa7aacaf46c4d70L,0xcf6ce4adae83dd7cL } },
-    /* 22 << 182 */
-    { { 0x2c7756bcbd452842L,0x2c47593cd1783fd8L,0xa4f41583a7527697L,
-        0x2fddafbbd1049934L,0xc087f3db6c71063fL,0x8f5a85c4c9b3ef6cL },
-      { 0xbe178bc966a975d0L,0x2e2d825b94066514L,0x061dd919e0d42ba4L,
-        0x964fdcfb227ca011L,0xcb915b2973d7ba7aL,0xaa7f2fa72af8338aL } },
-    /* 23 << 182 */
-    { { 0xbdbb3440734e8984L,0x8b9b7acb3d6f547aL,0xfc4f48ea0e76a07cL,
-        0x49758a9f97da0c23L,0x13f4254a26958261L,0xdf1fdca2adb3ef57L },
-      { 0xfafba40d699460e6L,0x71b2de39cd5c94c4L,0x52d76b76c21cdf0eL,
-        0xbe75960760f3dfa3L,0x519d4fcb7078f5e0L,0x4bd8ca7f5191e1b3L } },
-    /* 24 << 182 */
-    { { 0xfadf9be978207cefL,0x97d5ba569cb5718eL,0xcbad24ec2f995393L,
-        0x6236a26861203303L,0xe4bafc336589a4beL,0x6cba77185e23fa82L },
-      { 0x8ccbc5774583e65aL,0xe5d88bca4bc2f415L,0xe6bc2d5841df8dd1L,
-        0xec24e1d914d31fcdL,0xacaaf13efc26010bL,0x7e1da447e01b92f3L } },
-    /* 25 << 182 */
-    { { 0x2b3477ec1a29de39L,0x30a5c2190a8720eaL,0xf593ec729775bad0L,
-        0xaaf607792af7dbbeL,0xaace90d4c7cc7b59L,0x6eadf21d40509cf4L },
-      { 0xb9a5f138096d00fcL,0x3896d42625b206a0L,0x0f28f0f09dcaa5dcL,
-        0x2ef6f9f9a8186106L,0xd212710fe25b4d04L,0x0cc6d2878b9847b2L } },
-    /* 26 << 182 */
-    { { 0xe7407327cdfb2baeL,0x06745198510c3039L,0x8a913ba74da758e9L,
-        0xc882e7bb1a4797abL,0x0f0d8eb5dd7b375dL,0x90ac5223dcff3f3fL },
-      { 0x8443b7cabbe341a3L,0xa7cba7f22f173bbcL,0x04669ff830e5c327L,
-        0x0edd0eac09b777fcL,0x2a70898bd71e0cb2L,0x881c48929bd983bfL } },
-    /* 27 << 182 */
-    { { 0xe4847c654e7603f4L,0x826cd33c0bbea366L,0x95727caf2c4ced28L,
-        0x580313dedb8ac1e8L,0x6745673701363cb0L,0x540c35ec0ff13cc9L },
-      { 0x878c86fe3c4fc263L,0x4d81f8aed14e7c78L,0x6f7cf97e8355ef22L,
-        0xa2aadbc848a0aef8L,0xe0200ecf4fc3c61bL,0x7e58e6e0c8094ab1L } },
-    /* 28 << 182 */
-    { { 0xc52789bbf2d3bdc6L,0xd38673fc3b23d7a0L,0x8b6df95aacafbbfaL,
-        0x37afdcbdc7f6eb6dL,0x57775bdd6cb4c9d7L,0xc34e5a2711007453L },
-      { 0x903e5ba1b5faf98eL,0x811e142a9d4a8a45L,0x046d18932d7ac9e4L,
-        0xe2fe9d1543ce66a8L,0x44b5beb4d4956410L,0x7c5f1b9ebb147f72L } },
-    /* 29 << 182 */
-    { { 0xd51033f48312b074L,0xc98fe29456f898d7L,0xa8d6433be8eeebbaL,
-        0x50bf170976fdbb84L,0xdd95f89d43c14baeL,0x13f9c7366307bca5L },
-      { 0x3cd12e2855e7bc8fL,0xe2d7482c3a52581cL,0x12a2c6c7b59eeb8cL,
-        0xf98f79124ae87ffcL,0x41eb808e80d7bf65L,0x589970f2015e20adL } },
-    /* 30 << 182 */
-    { { 0x200a764a6333b070L,0xa0acd8ecdf0d20d7L,0xbc1c589953269941L,
-        0xed7c9192b439eca8L,0x057c50eeb789f0cdL,0x31dc2d36a9c794a3L },
-      { 0xe3f2d38dd58ef984L,0xdb250da69235b084L,0xc2ff1b49da05b500L,
-        0xf2ea6cc50387c539L,0x8250353a3d1004cfL,0x69103201aed0bf97L } },
-    /* 31 << 182 */
-    { { 0x495cd7fc878e97f8L,0x6397fa8b61120b1dL,0x20b9afddc8708907L,
-        0x84f55bb97be2ee80L,0x996fcb9d8d075b5dL,0x2e94d95ead858627L },
-      { 0xf786143e77113ebaL,0x6fec684f7b3fdb28L,0x4be44fb211d10d07L,
-        0x4b3478e2372f16b6L,0xec8d61614697ca58L,0x097d241c3a45f335L } },
-    /* 32 << 182 */
-    { { 0x6f6a6104899ef333L,0x95496f6d39067165L,0x42fd9a6ab51989e5L,
-        0x1b60ce0f68f5b168L,0x97324d8756f7fe67L,0x443812f7676815a8L },
-      { 0x265ee994685a7260L,0x342c7b2f6c6515f0L,0xe909232334b4adb0L,
-        0xddcd233e1e5a8d18L,0x3dc5b27c5f4f6456L,0x9664533a7f421d9bL } },
-    /* 33 << 182 */
-    { { 0xa55e8ab09a35f4aeL,0xf908fb35ebbadf5dL,0xf885d61b35fee31aL,
-        0xb8047f4f82728fdbL,0xa6fe454d33c5bc34L,0xdc5266332ef52e54L },
-      { 0xb2f524a931581251L,0xb9eeec91aba760f4L,0xa95d396624a9b423L,
-        0xfd52f4d29d3d75acL,0x82719e78834d4c33L,0xeeca71fb3840ca62L } },
-    /* 34 << 182 */
-    { { 0x984658940f4c60e0L,0x3929d4c645ce7c0cL,0x7846d6c19c4f9b89L,
-        0x2c38a9b20fbc695bL,0xeeb4799ad73d4bb2L,0x7c16e5ba4e3b5520L },
-      { 0x11ce92e51cf310d2L,0x0910dcc91e037725L,0x159fcef85fc5af9fL,
-        0x4944f8ee1dcb3ca5L,0xf5d9f8c0b9a4516fL,0x452f0fa2f1cfa6e0L } },
-    /* 35 << 182 */
-    { { 0x59b15b61c634aab2L,0xcca0742a620df0b6L,0x791d95720d345276L,
-        0xb775b790cd3854baL,0x944e591a256c26fbL,0xc5fda2d0b8fe17d9L },
-      { 0x7dba5830c0aff69dL,0x46f7164b0f7c6d60L,0xd767cd58549eeb83L,
-        0x4498b4f51ff2da7cL,0xeef2caf8fc594b0eL,0x88dc39ec5f0a95b1L } },
-    /* 36 << 182 */
-    { { 0x1a57d3e1b3fe597eL,0x1a3ad06d18d1b6f0L,0xf70f27b32e4a4617L,
-        0x55e8a0479a75b4adL,0x0b24d5beede15d86L,0x2b3c41d0fb2f56b5L },
-      { 0xf6cf36aab1d36456L,0x418a72fe1d8ff434L,0x64149a0d156746bbL,
-        0xae65897c4e3a26d6L,0xb75e87d21e68eefdL,0x5b81e0b01cb27c91L } },
-    /* 37 << 182 */
-    { { 0x2c3fa19b34b90671L,0x369c9e9aa7c9aae3L,0xd89dc03f3d236ad0L,
-        0x280c47b9588ace95L,0x0ad071be57f25a96L,0x36ce641d8296279cL },
-      { 0x321778128595511dL,0x51878842b52cb227L,0x720df7ab4156b413L,
-        0xccc71e10fed25819L,0xc878554e3fde679bL,0x9c50ecbe3b565d48L } },
-    /* 38 << 182 */
-    { { 0xb2d66f1ffe23ba35L,0x82339e2914b273a4L,0x454a5f0b58c2be97L,
-        0x0ebadaa68488ac1fL,0x3c635442517e9af1L,0xa87044c3a5b9fe2bL },
-      { 0xb8214dbdb505ae0bL,0x05a9bfad60bf4393L,0xb7b64b42428a49ceL,
-        0xcad71866bd2283f1L,0x5bcfe7fce33a3a22L,0x018a2121fd6c73c3L } },
-    /* 39 << 182 */
-    { { 0xc4471fb02510a1c7L,0x542e73bd2c1c35c1L,0x0bc8bcc4f028a46aL,
-        0xdf87cd2bb5610f25L,0x0845e4d1df42b41fL,0xc0523e3593aba84dL },
-      { 0xc9161e8ed14887b0L,0xa96f9b3aa68c235dL,0xba1427a46f94d5b5L,
-        0x6a5fdbbc858e00f3L,0x8170bad6abfaf661L,0xb4b9dc0ec9f4abedL } },
-    /* 40 << 182 */
-    { { 0xc48bc829ff7543c0L,0xc0bda14c4d72bfaaL,0x2f470ec703be0af1L,
-        0xc70f1e8e92d37eb4L,0x08abdd98418f410fL,0xe38c74ab35386176L },
-      { 0x9c07cfdd8c00426cL,0xba74c310a998f1adL,0x76b45140b7d2dda8L,
-        0xa52b5e584948330eL,0x9b7332348d8efb26L,0x5d1763735d19a312L } },
-    /* 41 << 182 */
-    { { 0x46950a441d38ade1L,0x377fdf593058c7a2L,0x5e2fa1681aa129f6L,
-        0x2eae63dbc5fe1745L,0x9616fee275545475L,0x4073a79c8627b2cbL },
-      { 0xf1ec69ea9a5198e4L,0xe9a906aebd2821d5L,0x193a9387bc22625bL,
-        0xca468d717b6c67ccL,0xb4d11cb360f17a73L,0xcd801a0e3df1cabbL } },
-    /* 42 << 182 */
-    { { 0x1b80b9c386cf5a12L,0xa5bcd3a016349cfdL,0xcee36e8f00d1edb5L,
-        0x9566e10a5b7bf29bL,0xd0db98cfd4ff0a0cL,0xb516605e7fe427d0L },
-      { 0x099066c18e614e25L,0x63537fbbabe78647L,0x5601a8b420117e1aL,
-        0xfd125e2f06df05acL,0xa7fcbd420948daeaL,0x55ad4ee28ff03220L } },
-    /* 43 << 182 */
-    { { 0x18d71671da2c6332L,0xb38bf94f98ee4e23L,0x9b90bf72ecc579e8L,
-        0x5af93aab1bf6b8c5L,0xdad6e7909342613eL,0x5a1d49dc710ad0ccL },
-      { 0x2013ed8801468036L,0xb8bd31cf2f0f6f9fL,0xf025eb2aaac961a6L,
-        0x1e201f659e1adb43L,0x2755f3aeac7e5132L,0x72d8e1d0f5205d31L } },
-    /* 44 << 182 */
-    { { 0x80bba9170319fec4L,0x4ba44600aaef6debL,0x83285b613594f325L,
-        0x8879183753b5765aL,0x651b4c6adaf1b02dL,0xccc17578825f609aL },
-      { 0x0b4076b39fddc6ffL,0x286e2daddf2fa874L,0x46c45233c413b648L,
-        0x4fa46969b7cfe0abL,0x835786f3e04f5e5bL,0x526292a90ce3f707L } },
-    /* 45 << 182 */
-    { { 0x9928e9eb83f17723L,0xc38d5de26c2306aaL,0x3dd3f371558b3989L,
-        0xfa4b194877154d39L,0x89f437e4b89f5448L,0xd5531444a6437c9bL },
-      { 0x65a6874092537cd4L,0x5f6d72281246fb09L,0x0db0b3be58539e37L,
-        0x1f0dd43df50f4143L,0x1aa12daec215aab3L,0xf82820fb7fe7b225L } },
-    /* 46 << 182 */
-    { { 0x32c6bf5e56cb520dL,0x74dc46c41569fa1aL,0xcbee46391ba52541L,
-        0x5e2f511a50ec4575L,0x90165e35032b6f53L,0x2b8f1f8a5544c780L },
-      { 0x95baef65c6b50147L,0x4e9db41946b7fde6L,0xe2463226f7afa6feL,
-        0x4d70932235409eb4L,0x8faad8937c20aa0aL,0xc8c95a85abc1ab65L } },
-    /* 47 << 182 */
-    { { 0xd5f54ce676d1f996L,0x55957500e595a0eaL,0x9b62e1fd92c72af4L,
-        0xb4803bc3069bf052L,0xb7cdf59c686ebd16L,0x2d1fa780655ac6d2L },
-      { 0x6c306d3edca404f5L,0x24e9d7a9a7b5fa9aL,0xe4c080ddc533c701L,
-        0x71d16b63425e29e3L,0x81c00db32d993e49L,0xb59f87f577902ecaL } },
-    /* 48 << 182 */
-    { { 0x43b58def987cf64aL,0xc95b16c63d4bcd4eL,0x5d1b1373bcd9b923L,
-        0xaf560542522e052bL,0xc2ff8f7583800352L,0x11723aa17fe2a4eaL },
-      { 0x28de7668e94bd9bdL,0x0ce80e0f874018a5L,0x0fe3755d8d43e726L,
-        0xa78296acf9b075c5L,0x76d58d9882207423L,0x5c5bc6971db99205L } },
-    /* 49 << 182 */
-    { { 0x9cbecc969e2aea70L,0x1a3fd38d7e4f2a84L,0xdc35e3c84b95e560L,
-        0xd5e912a5aa21d2e2L,0x037866628d8cd601L,0x4b726855f2bb35e6L },
-      { 0xa45a827a0d763ea2L,0x17d6e5ea057bceecL,0xdab2381d09a2a2a0L,
-        0xf1880617e9aa76dbL,0xb86444dbb184c5ecL,0x23a0e4b767da7c23L } },
-    /* 50 << 182 */
-    { { 0x2d94a6f030df736bL,0xd1ce20050b3be2bdL,0x201352b55e288cc1L,
-        0xdbd3dc57779644a7L,0x9f258b16d191db2bL,0xd83c827fd1c123efL },
-      { 0x74c5126e17f04f0aL,0x06008f14966e620fL,0xa4406ba80aaa9e37L,
-        0x27323f797faf87eeL,0x43380a672b1206a1L,0xab1ed1cfaf15ebedL } },
-    /* 51 << 182 */
-    { { 0xa3d2bad9bb22cc74L,0xfe6591a80e2b9221L,0x8c94c974d3cb4eefL,
-        0x772694266beb6451L,0x2942737a010986e4L,0x920c9dda59c1ace3L },
-      { 0xd31af336da61e1d3L,0x973997a118021018L,0x50a6c8425710575dL,
-        0xd61d47c9ade9d8a0L,0x90abe8f8a85f458fL,0x23cc28a3ac4d474bL } },
-    /* 52 << 182 */
-    { { 0x283d5bb63e052e69L,0x149ac3d01bd300e4L,0xb4c7b96ce0582ccaL,
-        0x66102883428cb7d7L,0xd3eea16b500958dfL,0xe1b6a74f74674893L },
-      { 0xe3b284be3fb0522bL,0x74b0fe2dea983a60L,0xd4328e5c81e465d8L,
-        0xecb534c7403173b3L,0x1721e22774144d34L,0xb7273c6aa88a5141L } },
-    /* 53 << 182 */
-    { { 0x0ea24ac64018877dL,0x265cbfe42acf249aL,0x811c17e61837d63aL,
-        0xff453f5d6b3adf1aL,0x7add0621a3031529L,0x62105dc838af1d27L },
-      { 0x2cd31a899b56ec62L,0x5f524be5ede7bbceL,0xc485b2ff66a044f5L,
-        0xae28f5dc87a7b274L,0xd41989a93415b6c5L,0x3051ca44c9c43ad1L } },
-    /* 54 << 182 */
-    { { 0xc22046bcfb50bf2eL,0xee22fb7b78f7c548L,0x5c41c6bc2b5b4563L,
-        0x56da674a8bf9259cL,0x3732f77433d8d4c7L,0xa90bf0472741046aL },
-      { 0x5ee7f4396288c2e0L,0xa7a1fec99ae621c6L,0x523c0569b76e955cL,
-        0xda0c2b378d1e8601L,0x9010bc349559b56dL,0x8d2fab0917b8d9b8L } },
-    /* 55 << 182 */
-    { { 0xb2caf938281b021cL,0xc61f3abf1404b0abL,0x24203e1cea26d902L,
-        0xc84f07e10d34906fL,0x8ba3d589f0cf7520L,0x86b54f6d9a2a90caL },
-      { 0x9f87234f3d77a667L,0x328941966e3fa8d0L,0x0921b4a6e994d49aL,
-        0xe77e9f8b8b3495cbL,0x9e5b74798da1fe56L,0xcbc09ce7b070591eL } },
-    /* 56 << 182 */
-    { { 0x583ee7dfe3b7e746L,0x0b6659e4a4fab3a8L,0x34ee02751946db5dL,
-        0x5ae3c0ba1a12eecaL,0x36756ed44ccb83e7L,0x973b0861a80eaf3aL },
-      { 0x969e38f46982ca90L,0x9a9bcd10018d01fcL,0xb540e9533272476aL,
-        0xcf91dd0a75ab7002L,0x2c7d363f39ceb983L,0x4369c221974747c7L } },
-    /* 57 << 182 */
-    { { 0x32c5b289642be172L,0xe5cc452e697e6a30L,0x344935e10aa6841fL,
-        0x9eb2dc4faad907a7L,0xaf77d029e121d0c0L,0x2bcddeb08bb073b8L },
-      { 0x3584dee5e40653fdL,0xe853b6337605f214L,0x4723f0add4bab900L,
-        0x16dddd27fbf91322L,0x1f96d7e610c525b2L,0xdfba535200c998abL } },
-    /* 58 << 182 */
-    { { 0x701e8ab819df9ed7L,0x1a6d74c13e2159d1L,0xe82127e0fc61a470L,
-        0xaa2e5f33dd15316fL,0x92b6ea927c42c081L,0xfd470a298522aef4L },
-      { 0x0c54a067e5ccf152L,0x60c113eda1a079b5L,0xdd501a8389d6e6b9L,
-        0x3dbf20d219792456L,0x633cd2b710bf70edL,0xace5327a0aa8e5e8L } },
-    /* 59 << 182 */
-    { { 0xed79a2de3b2a8a4aL,0x02851125cbf095c4L,0x6817ecd1880fd3bbL,
-        0x72acb6ff066adfe0L,0x04fd696d66ce8257L,0xb644f098dc81958fL },
-      { 0xcab55d1525218005L,0x1184b0a64de70465L,0x6248e1157aa96b53L,
-        0xe30958630516ac32L,0x19f80cc0d07084ceL,0xfdf7ca2efde86c28L } },
-    /* 60 << 182 */
-    { { 0x9a8857568bc1783eL,0xb373e5a0a7cf2ee3L,0xdeb162fde46cc503L,
-        0xd5d334601074ef35L,0x0030f98eea159a90L,0xc5ffbdde64e50d98L },
-      { 0x85a6486a48195b26L,0xdbf56597b1b9f2d6L,0x5df2352ab8613aebL,
-        0xc425807ebd0189a9L,0xcf5a34d4fa1f4f7bL,0x233e26c7628fd2ceL } },
-    /* 61 << 182 */
-    { { 0x6c4dd28313a1e482L,0x24bfc23bf803f1ceL,0xb8e795b2f426832fL,
-        0x636d2d63b13fcb5fL,0x2dbca0b214a508ecL,0x1948c957c1ff2b70L },
-      { 0xc9d7cd4ae3135c7aL,0x1bf41de75d7cfe18L,0xfff9428f2f6cd5fbL,
-        0xa25d3e8294d640edL,0xecdea1583e4fec66L,0xff3b2b1555530798L } },
-    /* 62 << 182 */
-    { { 0x483565313178cbc6L,0x085a31143f3a1ff0L,0xee2a58b11dc7054eL,
-        0xa9ce7c113287d5e6L,0xd283d22c8fa263a1L,0x9160bb8be77ff147L },
-      { 0x21dabddf918caf34L,0x6921e987ad1a9f13L,0x47e45c7d3ba0ad41L,
-        0xeaac63192bd18585L,0xb88881060818034aL,0x2d8e9c1b60be0a45L } },
-    /* 63 << 182 */
-    { { 0xad3e46af32f4625aL,0x5c2f95dd88371d5fL,0xfc7a9adef2415ac6L,
-        0x77a23c424ad85440L,0xce7c63712f4dd730L,0xd65bdc45a5c9f380L },
-      { 0x763d3990cf11ee6eL,0x7b2a927a9ffc522aL,0x65ccf351deead5c5L,
-        0xef1fa99cce4d076bL,0xdb6f5cca6708ba8fL,0x361525a0f3bac7ffL } },
-    /* 64 << 182 */
-    { { 0xbfc40c30f893a2caL,0xdf96980e0623bad1L,0x4fd7b54dc027511cL,
-        0xf4799284cf3484ceL,0x655ab811069beea5L,0x52588bc87392e280L },
-      { 0x522e7b404f0c17cbL,0xc0d88acac705e9b2L,0x9cf1b95877f3913fL,
-        0x3e06b9267dd52514L,0x992e920e2908cbcaL,0x13baced26d6ed529L } },
-    /* 0 << 189 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 189 */
-    { { 0x8a46c911bfc6c637L,0x8dc3d699e4fa4fe6L,0xd4ba64f15cf8e4c9L,
-        0x01b3908a01cb3488L,0x69b1fa5d38bd7dedL,0x92ad483818b2eae1L },
-      { 0x619324beb33955b6L,0xc7f373355c8a6df7L,0xa397f42e925b3f69L,
-        0x32169a495f7e4d11L,0xc0fa9a548d0d9f01L,0xf52a1f2289d8f2e5L } },
-    /* 2 << 189 */
-    { { 0x9c0d5231ba8e0a52L,0x94d0509e93e465d7L,0x67df90dd98515454L,
-        0x223e8b9c8dbfb46aL,0xf39529a36d757ce3L,0xffec9175b4648296L },
-      { 0x330749e8f78aae7bL,0x19e5549645f93cc3L,0x8c320b3494083aa8L,
-        0x1161f5a321e321c6L,0x0980deedde3e7892L,0x605aa9196ad76cccL } },
-    /* 3 << 189 */
-    { { 0x71191262062312e3L,0x84c82a94691f46faL,0xad4b344bdda57f44L,
-        0x674b758ac4f0cfd2L,0x3bc058a077543efdL,0x3d7c765756618d06L },
-      { 0x95107c744dba9e44L,0xe59c3180cfdf1923L,0x5dbeaf35e3f1d63cL,
-        0x012029c643ab8726L,0x4f588a4ea256c6fdL,0x14a01b7a3e5d2e30L } },
-    /* 4 << 189 */
-    { { 0x73fa3508180660f7L,0x4cae013e2d24936fL,0xf64a549f58493d98L,
-        0xd9ceae0adc79f602L,0x6569e37bd1512b84L,0x11e4c022151c9151L },
-      { 0x075678c2b55c5813L,0xb26cdb5809d3cb16L,0x6334dca3a57fb969L,
-        0x0ed90820223dc3ceL,0x74f9c3aebd11e277L,0xaeefed3679c0b8e2L } },
-    /* 5 << 189 */
-    { { 0x22195e48e57ac6a0L,0xba77c58214bd1913L,0x265f96b4323349b5L,
-        0xc183196ea124d497L,0x99f1f78d2466d82eL,0x185a18bfc6263afcL },
-      { 0x29a3d5b686cf8908L,0x81f3bc00f680511dL,0x5f6ffc81661d015aL,
-        0x31c2ff64cd5eb082L,0xc3c37ad672776042L,0x49438769d9c6ac75L } },
-    /* 6 << 189 */
-    { { 0x0e2fc74c2a24c385L,0x836a474034679278L,0x25518f16817e2c41L,
-        0x8b573a8eb4b7d3c1L,0x012797f94ab56adfL,0x9e0e56d0fa2ab690L },
-      { 0x009ba1ee1c9f6f08L,0x8ebf4aac2f412e9eL,0xb143122a1cfb4e02L,
-        0x988cf0eccbf2b783L,0x44a7ed9657f5be97L,0xbdcad87251804147L } },
-    /* 7 << 189 */
-    { { 0x969fcd982f60d1a0L,0xf0f4c9b2ef06b3ebL,0x8c6438cb49ec8f92L,
-        0x746107773f1653daL,0xf7cbc899b574576aL,0x758de9008494795cL },
-      { 0x73045065ab22cf9fL,0x9893653c9ff13e98L,0x6e8860264a58d64dL,
-        0x387d6cc34e3bf554L,0x82a49da4a42b0008L,0xb28bd9b71b0b1c47L } },
-    /* 8 << 189 */
-    { { 0x378205de2f9fbe67L,0xc4afcb837f728e44L,0xdbcec06c682e00f1L,
-        0xf2a145c3114d5423L,0xa01d98747a52463eL,0xfc0935b17d717b0aL },
-      { 0x9653bc4fd4d01f95L,0x9aa83ea89560ad34L,0xf77943dcaf8e3f3fL,
-        0x70774a10e86fe16eL,0x6b62e6f1bf9ffdcfL,0x8a72f39e588745c9L } },
-    /* 9 << 189 */
-    { { 0x97e6400574103b65L,0xdad518d6db50ac66L,0xaf96065961077d1bL,
-        0x1335de0a5baab1f5L,0xd404db749e444a1cL,0xd3124c5027d5fe2fL },
-      { 0x1f20c68a0bd49e9dL,0x44405e6aad6a1654L,0x287d565193c362a9L,
-        0x301ec6a2e76661bfL,0x4900f9b54c6f9927L,0xca3dbc3464bf3909L } },
-    /* 10 << 189 */
-    { { 0xa96955b9b1bafbc4L,0x8dcb55a7646ece39L,0x2b62784feb00e541L,
-        0x462f9d7d2693249bL,0x8b264697794c189dL,0xded6ff5563354e69L },
-      { 0x7c8ea441eed1089fL,0xe355f75c1462f461L,0x87b691f61210fd5bL,
-        0x7291bffb6983cb27L,0x9ed83afc92800095L,0x307a3dc81f24d923L } },
-    /* 11 << 189 */
-    { { 0x9f79814a45faaa0cL,0xc64a7ac93bb1b07eL,0xaad6ff897f2ad506L,
-        0x43da948300b83699L,0x6a702b8d6617956dL,0xfcb1035a7981052bL },
-      { 0x094acd48cb230926L,0x3c3249d05da96800L,0x934088079d7208c8L,
-        0xe4f04014d738a48dL,0x49bc5f0bf18b06c2L,0xf854285f596b9befL } },
-    /* 12 << 189 */
-    { { 0x7cec60ead7804b2fL,0x0064464345c11441L,0x3c6de88b769cd685L,
-        0x34709186c7f01232L,0xd9eef41eedd2bd0dL,0x3bafcccde427faa9L },
-      { 0x33e5350ec07e701aL,0x9cb2eb47a87c1fd1L,0x9fa9a7790d5f5b28L,
-        0xa2e7076b07ea2e53L,0x72f4da325c169cf4L,0xb7f192947e751588L } },
-    /* 13 << 189 */
-    { { 0x1a3b217d2f6d700dL,0xcbbe9349ed335d55L,0x428adbfb53ff169aL,
-        0xbd74385214793b47L,0x2224e2569d9460a2L,0x8408600809982ac0L },
-      { 0xae6c6f9934447242L,0x63c78b2b9b51fb67L,0x381c948a389593d4L,
-        0xf4cdd09f6e79ee72L,0xc658428ba185a0b6L,0xcd7562a786fe4c6fL } },
-    /* 14 << 189 */
-    { { 0x47eb133532dd7a30L,0x9d058169a9db654dL,0x375c59df6e7a2b1aL,
-        0x55d37c677a35f29fL,0xc78a3678493c4cdeL,0xe5f0e2d68d83e31bL },
-      { 0xf7927002e9777bf9L,0xdd559324a5afdfc7L,0x077c6c48b81c08ccL,
-        0xba1c98ccaa2ef694L,0x06c6c9544c02dd46L,0x211e50f37dd3145eL } },
-    /* 15 << 189 */
-    { { 0x7f985fa8a96aea53L,0x811f94dc480b38d4L,0x91fdd510f3d40c68L,
-        0xc156312ccd763693L,0x24b544c3640057dbL,0xd7d5d4f5ad3b5a1bL },
-      { 0x5e235a1e26cda8a4L,0x0cf7b7cd1d2c6f17L,0x17b1ccf0908d3107L,
-        0xf32f2a06f555eb5cL,0x274f7c2cb3c278c6L,0xcf1eaf296af1b44dL } },
-    /* 16 << 189 */
-    { { 0x2a5f8ecf06616d0dL,0xca9b1cb8c7deb373L,0x9de31cedc59c4301L,
-        0x1e0f40b10111d998L,0xd29d229f960d5b95L,0x10563249d1dabab8L },
-      { 0x7b225cc9a05ecac9L,0xb02e689678f3b8a0L,0x009b52a1f5fb06b2L,
-        0x8a575d3f842b9081L,0xfddb48afe9272512L,0xd39b8f1d0b452cb7L } },
-    /* 17 << 189 */
-    { { 0xb6efc7e167ba9cd3L,0x5a642c288e4f62a6L,0x214a63da364378edL,
-        0x582c59944121c53cL,0x840277facc9a728fL,0xc6db3529f8f72d39L },
-      { 0x9c5cc2760aca9955L,0x8558a58db8b6dcd6L,0x709226acf0701f24L,
-        0x6ce95b21ed248b40L,0x32ea565b5487934aL,0xa75a688496f9ddd1L } },
-    /* 18 << 189 */
-    { { 0x0d6b9c7c67e09987L,0x261a564d0761ad52L,0xec4621749f60925bL,
-        0x83ee0c1218529b03L,0x72972467fbcfff74L,0x37fc074c6abc4bfbL },
-      { 0x8b6015bd54e65e89L,0xde8583eb991583cbL,0x379548e1b4d2c62aL,
-        0x88024a9a9b24a5e5L,0x633aa869fc03abfcL,0xa27657b98fa35283L } },
-    /* 19 << 189 */
-    { { 0xb340993c5727e344L,0x2379f51d4f3295d5L,0xa5de3efce2929734L,
-        0x7d2e2c82d8717e3eL,0x8f24abb67180db1fL,0xa5060d648a4ed876L },
-      { 0x8d39e3a2761110d6L,0x38d30c93a3bb5b66L,0x07774ac3c12fb741L,
-        0x7d4ae5a55f4425beL,0xb9848a2afa704922L,0xed9ab68c4cd00812L } },
-    /* 20 << 189 */
-    { { 0xde9703b461d9e770L,0x02d4091def4653efL,0xefd229aa576eb5e1L,
-        0xc0b0b243f77eb987L,0xb11309b2eefe8f71L,0xfeeacf2f68478044L },
-      { 0x8dfd8e8643ac3dd7L,0xc0a24181b07f95c3L,0x551ca09624be161cL,
-        0x6cb2c1d4b098cdc3L,0xbfc74e9be74f84f8L,0xe58e14d9067e3388L } },
-    /* 21 << 189 */
-    { { 0xda121aae0ef98506L,0x435f28c6328e636eL,0x64b2170a720d40a3L,
-        0x3ddb0e61cd24a844L,0x111442478797c7adL,0x624e7f73d589dd37L },
-      { 0x3e7e0ed0a8efdd25L,0x8de031f116509a5aL,0x1330cff5873488c2L,
-        0xa80c60b3342ecf75L,0x9d3742c8e62550ceL,0x8ec9b229e46475f9L } },
-    /* 22 << 189 */
-    { { 0x9eca6f94f025baa6L,0xb2db0741bcf9c741L,0xf8e2aab590bb8f56L,
-        0x4772903208762829L,0x067a0c5ae2a266c8L,0x22b104c771b7d7d0L },
-      { 0x4a48cd6953e406dbL,0xb85e44d524f0070bL,0x6168262fe10133ffL,
-        0xdfc02315e4874e8fL,0x20dba2d7ca317e3bL,0x441c56d2e1d2c0c3L } },
-    /* 23 << 189 */
-    { { 0x9ebd10d6c444a2fcL,0xda7683e3f18ac11aL,0xdd42ed990fe8e59fL,
-        0x9c867debee068909L,0x32df043fccc77aa3L,0x377423ce4aaa45acL },
-      { 0x960940524a90c535L,0x48bfe83347d1799cL,0xe8cd1a55ccabd174L,
-        0x2ee0a276682145c3L,0x4249297e8d606c00L,0x22021ce2fd7af6d3L } },
-    /* 24 << 189 */
-    { { 0xae10069e808dc4b1L,0x64df30e18fb3ba73L,0xbbe4caf27ebaad0bL,
-        0x5907bf373dd6119cL,0x0a723dff9dfceefeL,0x59bff4ddf7cffc7eL },
-      { 0x7bc95fa26a6f43c2L,0x9001d1d53ca0e2b3L,0x316a7ecd27b3335bL,
-        0xbf08e6727b8d7d49L,0x4b209f93c619058fL,0x4c0ca01e59d8f9eaL } },
-    /* 25 << 189 */
-    { { 0x3c1e7f45bad772b1L,0x20f6f1732544af67L,0x14f491f9a7d6544dL,
-        0x1451cc8e6acea162L,0x20c8ffa5d234ab89L,0x4b59bce1f5cd1002L },
-      { 0x99da4c0ee63027acL,0x6290cb963fc1f75eL,0x3a51774524c4d85cL,
-        0x3bf9929c1fd144e7L,0x9bcb97467068294bL,0xcb0b3e5d2e61a022L } },
-    /* 26 << 189 */
-    { { 0x18c452c4cae69c3bL,0xf45690acef0f00faL,0x3b363aa04f66a5ccL,
-        0x9dd41c0a47718c52L,0xfa219d7e7e5cd370L,0x5d384db7b2196dfbL },
-      { 0x5e14749b90b4d46bL,0x55796656d9db9481L,0x3bf13d0ac8cf353eL,
-        0xb89a28a6a95c485aL,0x568fa3d05da29783L,0x4aa008eed182b1a4L } },
-    /* 27 << 189 */
-    { { 0x4f38667a179639e1L,0xca492d50ba7c7a16L,0x191e4a3478fe9dcdL,
-        0xa3cddb2f03fc70b8L,0x57d90a90a751ec9fL,0xcf88357457a50cd6L },
-      { 0x69abd86d7cc58687L,0xc73a00408466bc6cL,0xfbb99c755c495208L,
-        0xdd5f1ab9c13347b8L,0x9ae6fb92060b93efL,0xd6bb56a3588e5369L } },
-    /* 28 << 189 */
-    { { 0xf7e1ed3bb09fa8f3L,0xbb4fe6f71da5be9eL,0xcbab0e01f4d1ba21L,
-        0xb732741076a5f326L,0xd94d2349206092afL,0x739f3cd0728e0e4dL },
-      { 0x568644aaf81fd823L,0x510cff6b6110e2f6L,0xef4cf1ac566c3598L,
-        0x2c26f17162aae69bL,0x1e4360468964a2a5L,0x83c0bbf63e472c50L } },
-    /* 29 << 189 */
-    { { 0xc198c07064b2955aL,0xc32d41e1d8d43284L,0xfb6f0e2c9f4fc13eL,
-        0xf4d5b60b41c61889L,0x5c79f500beb36946L,0x328b22408ca4beabL },
-      { 0x64058e916697617eL,0x6bdf7409f43f7390L,0xf2afd208f5bd8512L,
-        0xc0000aa0bd1ad6d6L,0x38b8e03bd9f6c1c2L,0x0a34680d665a2d06L } },
-    /* 30 << 189 */
-    { { 0x79c04804aabd965aL,0x9581aab443d0b660L,0x59bff0035ba71d23L,
-        0x212ecd58b6a0cd80L,0x29bdcd33bf1ea5d6L,0x59fd2ff477a002e1L },
-      { 0x3c9d21308d9cd247L,0x790e9dbcb1786da3L,0x967ee5e714464d04L,
-        0xd6f7ebbd2b5373afL,0x1c0b22d539768d40L,0xdfb54983913f6cc3L } },
-    /* 31 << 189 */
-    { { 0x5c9808b78a42e002L,0x5cdb2b070f732854L,0xdc92b1676d6d4579L,
-        0x789dbb8ebcc22c54L,0xd76b2d40716eb28fL,0x5cbaadea004affd8L },
-      { 0x5d4d84dd08fcfe12L,0xd0f1d7ee20d4b893L,0xc98d77dfbbb90db6L,
-        0xbce9a5a2b1e29a22L,0x71a6835d0b54e100L,0x0199594a55b1ac68L } },
-    /* 32 << 189 */
-    { { 0x167ec88a51b3f1ceL,0x19756ee0420024c8L,0x10f2e2443877e634L,
-        0x6321bf2603462cb3L,0x1dbd10ee9d3afceeL,0x0726f5f22ca17dcdL },
-      { 0x094652660bacf018L,0xc92a9f2de1feb969L,0x0043b0f95e1c5912L,
-        0xa09b94d1757d3a63L,0x533956529fdef1e0L,0x9826886cd4fedd41L } },
-    /* 33 << 189 */
-    { { 0xd22bcbee51964ceeL,0x3ed80af3b0eea46eL,0x263cfa026b854aafL,
-        0xfa4ad481b9ca3b51L,0xf8c569a0b4451297L,0xeafb78f8f48059a3L },
-      { 0x86a9e3c037093acbL,0xcfb3bb63275ef52eL,0xc4672d3c7c924f03L,
-        0xa87350871691be3bL,0xf124f3a52be289b7L,0xf45052dc6b80b6c1L } },
-    /* 34 << 189 */
-    { { 0x79c99f99a010db6dL,0xe83088a74ee93fc2L,0x76e8376d836b1a7dL,
-        0x8cab091c4e24e127L,0x5c98a00f7283cd21L,0x1beaf4a084997647L },
-      { 0x2cfb55b8d934088dL,0xca24052cee724d5fL,0x5d6e9db5bba84289L,
-        0x133414b26fb26d72L,0x3e844eb9cb12a503L,0x5eac12dab53d6496L } },
-    /* 35 << 189 */
-    { { 0x79a098812cc6698bL,0x6d44e7577f383e02L,0x1969f93785b5f732L,
-        0x3061f62792acecccL,0xa9428d60cc2a4752L,0x69a472af2cf58626L },
-      { 0x63fde53cabd347d7L,0x138b5b6a1aed4fd3L,0xd93fce1f2bd48519L,
-        0x957fe302e49cc436L,0x9b51657a2e21ad5fL,0x3b5c4cb6acbd3af6L } },
-    /* 36 << 189 */
-    { { 0xdcfa78b096dda000L,0x5b60dfe5be2303bdL,0x7a6bbd34c7c6ad6fL,
-        0xd45c9cb57012b97dL,0x9a049e36812e1662L,0x723bc0b66a5483aeL },
-      { 0x7fc03b6ad1c82e81L,0x02ddd6d2b23f6818L,0xe8914b2d30dae39aL,
-        0xf4f0ae392f692056L,0x198a31bd45f1390eL,0x917ce4f4f542565eL } },
-    /* 37 << 189 */
-    { { 0xde39a4e6ca447864L,0x95a028f9f0b131ccL,0xba77ac314a39c4f7L,
-        0x0c24d09614857939L,0xdeea56edfbfaa0fbL,0x79aa342f4c920bf1L },
-      { 0x50228f48c7e9dc62L,0x0fd9d1dee0f0fba3L,0x3fc03993cd703f6bL,
-        0x229a3bf4c5ff39fcL,0xa7456aa484f9cb20L,0xb01bb5a7d12fd7d9L } },
-    /* 38 << 189 */
-    { { 0xfb390be4539519d7L,0xbaa98a2a6ad44d22L,0xafd19a75ef89de1fL,
-        0x1afaef2971e27781L,0x18b297d79887739fL,0x8fcff6048e6da42eL },
-      { 0x17bfc1717e861a36L,0x1467800537a8843bL,0x2bc47afdeb16065dL,
-        0xcc038e2fbab7b4fdL,0x9d8fc42a3eb9be7cL,0xfc2f0b295928da63L } },
-    /* 39 << 189 */
-    { { 0xa4e33ca261c14fbdL,0xebafe73fc0a87f99L,0x22fdf1d1f5abf7f4L,
-        0xfc1da26549a6b956L,0xfd8c48e5be25dd72L,0x9fd6520ad31a25aaL },
-      { 0xe0167d4ffd14dbbaL,0x8838d2ba7370153cL,0xe5f7d69b133fdda1L,
-        0x31acbf8de1749b60L,0xc14ec9e2107558dbL,0xb06d0252b99553acL } },
-    /* 40 << 189 */
-    { { 0x34590975ed424438L,0x7c03ce744d11a200L,0xcc939a286ec406eeL,
-        0x8d214276fee5454dL,0x66a0e1a56b257f70L,0x93761a8a006fb85eL },
-      { 0xc44f9df2aa70b65aL,0x1dac524f91d9e2e8L,0x5894a8224fca1a81L,
-        0x8586e418f3ed85bfL,0xd494dfb202899b5bL,0x7ea9f222ecb8e371L } },
-    /* 41 << 189 */
-    { { 0xd93ee716b0958516L,0xa91f39db3eb86888L,0xb472c1e2ac92105eL,
-        0x4d88a307429ca094L,0xd3fd88027a8e87e1L,0x40c4cd50126a2cf2L },
-      { 0x046ce3bf11cf2046L,0x412678ee05691999L,0xea0c78168d3a2921L,
-        0xd24ae89924f3c66eL,0x2c4457f00bd144e9L,0x82005b4fd7a52270L } },
-    /* 42 << 189 */
-    { { 0xf1b3ec32924340e0L,0xe5430ea3b33a05abL,0xbf43b031807629b7L,
-        0x53c9407d57014039L,0x6e67b52f2f195ce2L,0xc8cc645f1e48d8c1L },
-      { 0xf2234275c08f2122L,0x9cfe3c74c2f233e0L,0x235e6b349c4e0af9L,
-        0xb4e8ef5770de39d8L,0xba573a727f73d0a9L,0xe12c506a18587ed2L } },
-    /* 43 << 189 */
-    { { 0x6b9669c59cf3e4f6L,0xa472d5dbff677559L,0xde845b0c877e5590L,
-        0x9f7ef5802d0e2350L,0x87ea99d4e78c1096L,0x213243e9abb68028L },
-      { 0x0172c81595e71abaL,0xc2592a762ca34c65L,0x50749aee9dc286dcL,
-        0xe37d10884055de3eL,0x3e5a93bb90d652baL,0x0cbb7a08c32aa3e6L } },
-    /* 44 << 189 */
-    { { 0xe0bf3d8a026c43cfL,0x091956cfeb702508L,0xfcd486c9a6b3203aL,
-        0x94a6d52f365460ceL,0xefeb5400563bec77L,0xbe6baa9619b2659cL },
-      { 0x116f71c34bf21a00L,0x83d1c99a86d21871L,0xff1ba96aca0bd547L,
-        0x5eb0acf741b94afbL,0x1be5d66fb1aaad14L,0xb8ececc5e6cd6d4fL } },
-    /* 45 << 189 */
-    { { 0x65f6e29dec7d4de8L,0x082fa0560e938c79L,0x4cda3fc925a02f04L,
-        0x77dbcf0d3bac5cadL,0x625f9bd859145bdbL,0x98b7fd64553a11f3L },
-      { 0x621bfbe387dd8a45L,0x6519421d1c35176bL,0x89eabac6d5ead4c7L,
-        0x45c68bfe54acfbd5L,0x87cd244a84f30b68L,0x83b5f6b27b39275cL } },
-    /* 46 << 189 */
-    { { 0xd43b1d3c0ed0ade8L,0xd60b1ae7640e7d37L,0x965489e6f88e06e5L,
-        0x35398ac89653417dL,0xed1e89ac02cfcfc5L,0xd127f68dbb6f2bfeL },
-      { 0xa569c59fe22bb079L,0x7933f14e4ca8e9deL,0x68b4964a30033c3eL,
-        0xab438cf88f069045L,0xa64f3a1516163059L,0xf40499c14576fe42L } },
-    /* 47 << 189 */
-    { { 0x361c28da052567f7L,0x8a2c6aafe0db84b6L,0xa79eb10cabbc87d3L,
-        0xeaf7bfff4141b3acL,0x90bba4a953aacaf8L,0xda577661c35f9564L },
-      { 0xb2550d0dd4487a5fL,0x69d43c5199638269L,0x6d16973f7a1f8ac6L,
-        0x3dfb2253c71e4a4aL,0xafd836aefa36168cL,0xba72fd1faae6dacdL } },
-    /* 48 << 189 */
-    { { 0x690c0cfeb449d1e2L,0x4a5e150b1b8e1577L,0x22508042204d98a6L,
-        0xc87a97f5bad2eb08L,0xd307c59ed25823eeL,0x6ed083580df8b3f6L },
-      { 0x280ae344314e7016L,0x6a55be876ef4e889L,0xea930e5a24d04e38L,
-        0x0269d9a7309830fcL,0x41dc8f0ae4afeebcL,0xfd1bc660f14ee02dL } },
-    /* 49 << 189 */
-    { { 0xf81cc943631da366L,0x2e821eb85ab1a2caL,0x339e9e4765433883L,
-        0x3dc14370e1f60c71L,0xbd6c79bebc25b506L,0x2bd3ad51a8a639f0L },
-      { 0x7c168f13c700a293L,0x64fef4fc28b4ce88L,0x3ccdc3080c329c6aL,
-        0xbfd78932b76a9452L,0xf0c123fbc684f4b5L,0x8bfad06432305ed6L } },
-    /* 50 << 189 */
-    { { 0x208a668feea1a9ddL,0x8af75caeab903f09L,0x356208b449265292L,
-        0x57b24ebe53faced4L,0x9c8aaa7303694920L,0x1c06ef5ad2f90179L },
-      { 0x794ead99df92de87L,0xad900c4e7a73fe9aL,0xdb66b9ae715d9f66L,
-        0xd19dc46db1bc2950L,0xb0a5af5c24c82c0aL,0x7d83f950371d0ec7L } },
-    /* 51 << 189 */
-    { { 0x716071e3abd37656L,0xaa22858be6cab564L,0x6793a66f5aec00ccL,
-        0xe2ea5401e025da6dL,0x3998ea5d2eb0059cL,0x4ff6f442e39abb77L },
-      { 0x703eabdabdb6e0f9L,0xa33e6deb38522433L,0xe23c13f6ca83c2acL,
-        0xcfb8e57c0cac836fL,0xd0f84bde7692714cL,0xb4fc3b01f3f41d29L } },
-    /* 52 << 189 */
-    { { 0x67842ab4d8f358a5L,0x70cab57540e2fb69L,0xdebc3046e5c458e4L,
-        0xc3574cf47eb004d5L,0xbac261a1c86f20f9L,0xc1bcb661deccf7fcL },
-      { 0x5b3b96dec5574e9dL,0x07b878b3e151fb0fL,0x2f2d126cd38bd5f2L,
-        0x06c951e8319597c9L,0x5529be4424ed0027L,0x82dcacc2ba8d7acbL } },
-    /* 53 << 189 */
-    { { 0xc37eef0149311e82L,0x3d07aaad401d010cL,0x934e039e53417831L,
-        0x70775653da895ec3L,0x206b80af625cbe49L,0x9e2a4ee1e53ccb36L },
-      { 0xebeace45c8ca6ff7L,0xadb19bd9925302deL,0x951bfcc497dee154L,
-        0xd09882da79b60e1fL,0xb1e9cf0cda5f2516L,0xc2b697295e4def97L } },
-    /* 54 << 189 */
-    { { 0x74ce542d04f860e6L,0xdc8adf8fa3c48075L,0xe19852232063f76fL,
-        0xf651c9fd5cd9ff61L,0xd4cbea69bab39ea0L,0xb6d4749b28fe3443L },
-      { 0xaa7747ec65e960ebL,0x1a1b7b65e132a213L,0xfa52901f402a50d4L,
-        0x3e4d2da68d43700fL,0xbfc7322937d45181L,0x68a812f9008bb845L } },
-    /* 55 << 189 */
-    { { 0x226d4d233e4cbf5dL,0x36359f52576243e8L,0x032af38a39a1999eL,
-        0x9b59120a687eb228L,0x85c56b78e68e1498L,0xa7a14bd4849d03d1L },
-      { 0x9e7177b345c4c3f1L,0xad7e4975183bd846L,0x42418d9a42f69dc2L,
-        0x218e8f8e4f52cac6L,0xafafa7649f1f3214L,0x32f6f72b747f7592L } },
-    /* 56 << 189 */
-    { { 0xefca7f7ba6c53c1bL,0xcb4bb33c524457a0L,0xc9eab87fe57d08dfL,
-        0x48c01c2a7d9a1967L,0x11c97ed97dc27492L,0xd8c644861cf1f639L },
-      { 0x541f8c0d8156576cL,0xdf5c8dff2384e299L,0x9806935ba6be190dL,
-        0xec6c5de764494b4eL,0xf04e2d4cb83c00b6L,0x379af438c0b84f15L } },
-    /* 57 << 189 */
-    { { 0x64e6289d92bbc1f8L,0xe88b78c5a0620121L,0xd01bac79a0fbc373L,
-        0xa2e7986af098f07cL,0xfcac4dbcc5911218L,0x2e2bf56db337ed26L },
-      { 0x878d9819e89a73c6L,0xa7df4f5768df46d2L,0x74bf7e2f4b3c9568L,
-        0x2f2b187aebcce535L,0x544f18139a4c2be3L,0x3a5fe300a5938f0eL } },
-    /* 58 << 189 */
-    { { 0x901a14cd70aa91aaL,0xf0b6e1ec7f0b0a70L,0x6fd1ee0156a8bf9cL,
-        0xe7e53c6693fbdadbL,0x18ebae68e17de706L,0xf4107457ebecf636L },
-      { 0x77a85ea4a9f6c696L,0x3ea193e17dd9e3adL,0x9497e0a9f151c8abL,
-        0xcc9237497a1dbf14L,0x2e36740e8f9be59fL,0x1b1c7d7c4a249e51L } },
-    /* 59 << 189 */
-    { { 0x7a45af2242cdcc53L,0x3061d91b8682832dL,0x85e080f6c375030fL,
-        0x3ea6dcd1418440c7L,0xe0559870d14b6537L,0x36619215d178b45eL },
-      { 0x48a4b452dcb85a34L,0x79cf4529bd5504bdL,0x506215e9e9c34c8eL,
-        0x961f74b6dbd00e2fL,0x473d1397cbc84ddbL,0x6c64f870a8d67cb5L } },
-    /* 60 << 189 */
-    { { 0x519a6edb91a9b99eL,0xc0ea29e0f19221eeL,0xde83e0f77dc193b2L,
-        0xa7b33b6044be16f6L,0x7edcb49406c8e8d7L,0x9f9dbb86392c0ef6L },
-      { 0x09aefe035726bd5eL,0x782d8350c4e80b7cL,0x14e41a49186b80e9L,
-        0x9af13703499ef97fL,0x5752877f2cbcc336L,0xdd0f8583d2df624dL } },
-    /* 61 << 189 */
-    { { 0x1cd2be3f32f6b0a4L,0xfd5da4a90114bca5L,0xc322a6a198a39a66L,
-        0xca411eeb10d64384L,0x7c5d3ed0c72d8b6eL,0xf20c76697481309fL },
-      { 0xaa4e45dca155872dL,0x66e41d54b87c1e51L,0xbe2fe5e6a6bfe6b6L,
-        0xf60ca33a08a4d3e7L,0x45c1ec8c7211b48cL,0xdf44d3b573b78f7bL } },
-    /* 62 << 189 */
-    { { 0x21eda67429a1e6acL,0x33118990422ce5aaL,0x236aa9ec27326810L,
-        0xc42dff9e3be7b318L,0xbe4601281690755fL,0xa395509d8c1c60c6L },
-      { 0xa36de79d05b991d2L,0x55f516a3632882d4L,0x4c8c5a4296d1d493L,
-        0x56199648533cda6dL,0xf9c6897a603bbfeeL,0xae835160f9857cc4L } },
-    /* 63 << 189 */
-    { { 0x700bad58d6aa9618L,0x2ad7069c05d54c73L,0x7f3ff5992f6a8495L,
-        0x39de751ee26e6720L,0x39126d97d4cecf54L,0x353e00e21523aca4L },
-      { 0xee905af017a33178L,0xa30173d31daf2642L,0x24cbbcc728f9169dL,
-        0x4e65bb13a7039e69L,0x004a11859121e44eL,0xd4efa5b91c1e60beL } },
-    /* 64 << 189 */
-    { { 0x2e75a26eec65b53eL,0xfeb630b270552fb3L,0x53dfd057ee7d8e4aL,
-        0xb959110d8994f449L,0xb4a16596bb538367L,0xa70917bdef82f29cL },
-      { 0x5a76430043bba6aeL,0xee207476cfbc194aL,0xc7eab23803a4184bL,
-        0x60c67ef20f7fcd62L,0x41e05799dfa8a0c6L,0x5d7d05e604d352b0L } },
-    /* 0 << 196 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 196 */
-    { { 0xc97c01eb436b59f5L,0x1d15aca7ef1848abL,0xdba1ce807fa7d3c2L,
-        0x69e6f96e81060874L,0x6e3e0df74d7eeeadL,0x8a3b5e85b0c87f3dL },
-      { 0xc55ae3dbc8a23914L,0x5cdc2a92bf6d27d9L,0xa6008c591de7860aL,
-        0x8202f8b66e546731L,0x652f2d07aa1e45d4L,0x146f214f6df5415aL } },
-    /* 2 << 196 */
-    { { 0x041c706cce5fb4d9L,0xddc78cb3b22a79a7L,0x7dc4cd27839e9d5aL,
-        0xdfc9db83bf3c4c06L,0x85b8094138b7bd22L,0x1007dea2d0f4c2daL },
-      { 0xd7b34006c633fba0L,0xa8880acf4476e55fL,0xa340b2c275236685L,
-        0x5ddd05510113a85fL,0x7dfc7ab29cb32704L,0x9a334a33dabf22ffL } },
-    /* 3 << 196 */
-    { { 0x2fbce9bed7d1146bL,0xcec9e5d8b3980bd2L,0x48ea45939f4cbaf0L,
-        0x56c540092574a3bdL,0x84a39630e792c39aL,0xe5c690f8eef81343L },
-      { 0xf996760f17655bc9L,0x6009c2156c0c191cL,0xa0ca12e6966d7027L,
-        0x92a6d5d52e6f7c63L,0x46809d269bd13eadL,0x3c11fa7967aac681L } },
-    /* 4 << 196 */
-    { { 0x3fc9b3cfabe2cc87L,0xfd8d64e3514e77feL,0x2003a58afe1ad535L,
-        0xcec4be38cb39149fL,0x4d578c99bdedf470L,0xcd35d7a33a356519L },
-      { 0x7a762f278b078d6bL,0x3b6891ed31ae2701L,0xdc0e817f270c508eL,
-        0x5a7be2049fdb29c8L,0xfa1a0be3cb2711d3L,0x5865f55f3786a0c2L } },
-    /* 5 << 196 */
-    { { 0x1d0af6b52f641cffL,0xa932adeb3648c4a0L,0x67641951b1ea8fc4L,
-        0xc0b90064b1fae482L,0x7012642f6623477bL,0x1cddc0245bf019ceL },
-      { 0xca1f4675c2c32737L,0x11525a5e97d6b18cL,0x9c034ef2d3868de9L,
-        0x0533d921044e0c18L,0xba6cf14ecb5e38c3L,0x438309f3509d7053L } },
-    /* 6 << 196 */
-    { { 0xe164268ec4ff9f0bL,0x6c8e9349e6c36e63L,0x734f979478ab17f3L,
-        0x46d468de0179ed0eL,0x7e68f006dfa26867L,0xe4d4a85de3d0485dL },
-      { 0x0913a1d7f84c0f8fL,0x4095c8c025a9c9cdL,0xeeb1a79e49eadd08L,
-        0x433f5e417dd8f954L,0x70a6281430bb26d0L,0xad94d8f6ff5e8e29L } },
-    /* 7 << 196 */
-    { { 0x6a352b579e32c0a4L,0x5274a08277ec7a40L,0xee1f7c7a240e6dc5L,
-        0x85d5be62d313b4a9L,0x1522c5d25c01a405L,0xcfa08aab960afd5aL },
-      { 0xa3cb77f38e8a93dcL,0xaacb16766d1c98c7L,0x84090c7d3b93fa9dL,
-        0xc77f1ee13c0383adL,0x461c93b776f7a220L,0x66d63a1d04ac0bfcL } },
-    /* 8 << 196 */
-    { { 0x3c7d6b644751207fL,0x65e1f96ae440c1a2L,0x8ed15d20aa0eaa1eL,
-        0xe944ad2fc0eab490L,0x71525aa1f6d9f260L,0x5cd14c8816146ba3L },
-      { 0xf940190814a41275L,0x3bb7ea742288618dL,0x6a4e1c37cab1060aL,
-        0x357fe4d0c8cac96fL,0x97a8b8ab6a2466ecL,0xb6e83fdb9c01be70L } },
-    /* 9 << 196 */
-    { { 0xa55a7142cb09a69cL,0x0a39fa12896a9c24L,0xa7131a001f6c9c82L,
-        0xdacbfae97509c912L,0x3793d4ef4232eb57L,0xb63d9fc0da02ac15L },
-      { 0xf1ce48a09ab37492L,0xa388dbb5cf9ddedbL,0x7224ef47fd7b2aa4L,
-        0xdfe18be82fd35ae0L,0x2286ae7b90a2e98dL,0xd06cfd71e0d3c2daL } },
-    /* 10 << 196 */
-    { { 0x7825df5c948663a4L,0xc8c093adeb4ec9ddL,0x677c51ebc1505989L,
-        0x8c28421524041f43L,0x0f63f15ac9ef610bL,0xcb98841d257678c5L },
-      { 0xc0560066c52c64acL,0xaf7417db954180e4L,0x935c08876fe1f0e7L,
-        0x8fe556ba46d03a88L,0xec44271484a0c4a7L,0x431f8e8395be9544L } },
-    /* 11 << 196 */
-    { { 0xc1fc18cb3101ce6cL,0xff753902048e52fcL,0x768299554e58e21eL,
-        0xac990acc32856d44L,0xaac4d5dc9f8a9da8L,0xca1740fdd4be9e8aL },
-      { 0x59250846892d8bdaL,0x45f45cad19c97c71L,0xf29e2724e6ba5c87L,
-        0xe441134473f6a778L,0x9f4f9027a0f278faL,0x11bb7ce02bdcef71L } },
-    /* 12 << 196 */
-    { { 0x0cc553bb9b3fd7ceL,0x2e0ff43ce103b562L,0x96c01f0328222a3fL,
-        0x7dcc5593c10171c0L,0xc677366a4b3e5858L,0x872d4396bde4eebdL },
-      { 0x5d0c5f3a7f83c0b6L,0xbf4274dcf7ba33d9L,0x1df6e4811a635f83L,
-        0x24e2e8347d807292L,0x792203a8eee1e676L,0x20475f907ef4e8a4L } },
-    /* 13 << 196 */
-    { { 0x1b4db0579e37cd0dL,0x61b95bc9ebccdf79L,0x7d98d8537a57d7adL,
-        0x58a3d639709b0194L,0x45fbd4417ce5bc31L,0x7684b71b5b3c856aL },
-      { 0xb311f8f85bb6bd1aL,0xaeb8e44711eda59bL,0x1ad5b35fbf269cffL,
-        0xc69651b4a0e2a640L,0x3713803bd83ad8b2L,0x613ca3af0e4b353cL } },
-    /* 14 << 196 */
-    { { 0x3ac59b1fff8cf495L,0x3f3726866b04c4dcL,0x2cdddf90da325f0cL,
-        0x3ae79666444cabe5L,0x8222f6d6c7484b1fL,0x61fb08929ae328b9L },
-      { 0x279aae392c575c0eL,0xac694019948508bfL,0x4931cc55b84056f1L,
-        0x75927a688b50ad1dL,0x47ba72e945584371L,0xbea7e62ea79fe5e5L } },
-    /* 15 << 196 */
-    { { 0x990a6767faddc25dL,0xcd7650eb114eaf17L,0xf9d1d6409a44cda3L,
-        0x70996b6871fb091aL,0x630ae9754ff80816L,0x59a9dc2f987b20e7L },
-      { 0x9a39588ef65fbbc7L,0x71f4c8e598e7c78cL,0xad2f5a0138cd40acL,
-        0x3c68fe575a837332L,0x7af44087155e6b4aL,0xd66f4cf8e99e31f2L } },
-    /* 16 << 196 */
-    { { 0x5b0b5d692a7aecedL,0x4c03450c01dc545fL,0x72ad0a4a404a3458L,
-        0x1de8e2559f467b60L,0xa4b3570590634809L,0x76f30205706f0178L },
-      { 0x588d21ab4454f0e5L,0xd22df54964134928L,0xf4e7e73d241bcd90L,
-        0xb8d8a1d22facc7ccL,0x483c35a71d25d2a0L,0x7f8d25451ef9f608L } },
-    /* 17 << 196 */
-    { { 0x81e304c903b37e31L,0x21781e57925a6491L,0x4ecbad144b9250d9L,
-        0xb395914345cae8feL,0xb894a39dbf775d4fL,0x8a2c1090d307e272L },
-      { 0x49dfcee9408bf3cdL,0x08f0f33195b573dfL,0x23eb8a0b214bcd3bL,
-        0x425e1cde7ccc4d82L,0x53f64095ac113d2bL,0x377a6cb3d88e0761L } },
-    /* 18 << 196 */
-    { { 0x9cd08431d360ae16L,0xbf5a73d211281e82L,0xfe25aadfcc34ff33L,
-        0x8874984b84e3af16L,0x8dd38b596a65a2a7L,0x6c91112c68a26926L },
-      { 0xb765168637554f46L,0x79558f04c78bf29bL,0x8bb14b1f03012b9dL,
-        0xed7d03f9a0886ba3L,0x9a436ec3c2a93baaL,0x601babb740db0c78L } },
-    /* 19 << 196 */
-    { { 0xa7395eef391821d0L,0xb299378fc8b7b1e2L,0x53a37e3b7f3a58d4L,
-        0x7d06fa4e3188c5adL,0xe65a94c063dd7462L,0x4daf74f39cfde2b0L },
-      { 0x98f986b4fbe7198dL,0x8e96b1ee88176bffL,0x5f309f64eb91641eL,
-        0x46bfe3352ffdca19L,0x1ea1bbe7ac8fbc08L,0xde8ca618b00f88eeL } },
-    /* 20 << 196 */
-    { { 0x0757ee852005631fL,0x60f484ea9d70cc3bL,0xaf131d246b011041L,
-        0xe40711a1062e2e17L,0x05ccf1b94c27e2c2L,0x29e9910e43d43758L },
-      { 0x54daa550ed000e45L,0xf00a312295d3674cL,0xdb006fe743ec424eL,
-        0xbddf5473536162d2L,0x7b8a24b579d433bdL,0x3127a46f282297d3L } },
-    /* 21 << 196 */
-    { { 0xcd964573cd0585a7L,0x9c2fd35605b684aeL,0x7f600f4de4a47ec5L,
-        0xcb4bcdf085fdd4feL,0x5b292292b4dcf5d1L,0x923c4331df33a2b8L },
-      { 0x0fe13edfd6c1e73aL,0x0b35adc6c370821bL,0xa70061b08d405282L,
-        0x98efb3fc6457af81L,0x8806ee7136e1041dL,0x8b56657faaaf0731L } },
-    /* 22 << 196 */
-    { { 0xe68b669189cb38d1L,0x250f59233456ed5dL,0x8928f1fe16188290L,
-        0x8b24b1f734a837d4L,0x268c8c57d945d0b1L,0xa4190ceae002b3abL },
-      { 0x4596e76e56dd74b1L,0x647c17871c307789L,0x0b945c7243b13a6cL,
-        0x4904669552a58ee2L,0x7547a6b46e25b7e4L,0x8bc26f49e2b1b140L } },
-    /* 23 << 196 */
-    { { 0x95b3f4e75196d614L,0xc075bcfd5ea18aadL,0x15dc9dd41ae71f42L,
-        0x75a769f289543f86L,0x06032d9ec392b4c4L,0xd6cc5c717d4df83bL },
-      { 0x111fc63427ad6680L,0x770dfe7f781bda48L,0xabacb082fc0afb5cL,
-        0xe3a463e771dca197L,0x390f21a89635b275L,0x3d3474b24ae094a6L } },
-    /* 24 << 196 */
-    { { 0x48f5588853666241L,0xb9fee3d39e6a068dL,0x8c50e3af0275e82dL,
-        0xd490cf2dcab34005L,0x20b11f86bf0584c8L,0xd49714c18179e559L },
-      { 0x89647b178ded6686L,0x6c4bac8cf16c93d4L,0x5401e4f8076ff71bL,
-        0x577e73acb1ef9b0cL,0xa1b87e0ea46e7880L,0xab8d8bbb54fd28a7L } },
-    /* 25 << 196 */
-    { { 0x220161f0741396fcL,0xae14ce5817da16ecL,0x766e415bb828b19aL,
-        0x1b3b239e610c7aabL,0xf1c7df4992d53419L,0x57e4cee59442c6cbL },
-      { 0x546f73b5f85d33d3L,0x195116c74e041703L,0x5a71a96a5d668df5L,
-        0x0adb7b16fe56c658L,0xf6be923deb563532L,0xa65ed113f2d45f4dL } },
-    /* 26 << 196 */
-    { { 0x8c6742e5bccd3be6L,0x5f0f7fdd378de702L,0x41236fec334aabb8L,
-        0x4b15815b7e9d8aa9L,0xbb816e46e1c235bbL,0x8591cc45176c2fe0L },
-      { 0xef00e3981d7104b1L,0x761d2c244012398bL,0xe4984f4ae81af247L,
-        0xf923bb80c144dc64L,0xd51f27dd83988de3L,0x0ad5438d995dbbddL } },
-    /* 27 << 196 */
-    { { 0x0532790bd148314dL,0xb4862d9d5b6b4ad1L,0xab65bfc45beb3ac6L,
-        0x72eac92d99331822L,0x2e09a69a6127632cL,0xaa1eaf0791ef9141L },
-      { 0x79b923fe754ff12aL,0x19395a97f9a467ffL,0x7dcc91d49ef5cc4eL,
-        0xb9019ff198a84090L,0x62616ed6d5bfd083L,0x95cbf9442b328615L } },
-    /* 28 << 196 */
-    { { 0x22ef6f606374afbeL,0x70e19fad26348f5cL,0x8bcd51a845f98ac6L,
-        0xeeef7f7026b7ba04L,0x33aa0644544edcb9L,0x22d89a1244974c71L },
-      { 0xecd08f5d0f8d90a5L,0x495a0403cf03513bL,0xe924feea27953ba9L,
-        0xdfbe1f93eb5e7975L,0xd3c105a1285865dfL,0x87b8b6360886fc87L } },
-    /* 29 << 196 */
-    { { 0xc2da6d7a219d44f8L,0xe66364c555a9d970L,0xfb0936258611738aL,
-        0x916fbfa844f7f35dL,0x7a4e0451774b1e2bL,0x7adaab9e80375e65L },
-      { 0x2272b95c8ffdfda9L,0x41644b619ad42b25L,0x157026817f0c98fdL,
-        0x25d4a00fffba1d85L,0x52e684c6c6c5545aL,0xba85bf2adabb7df5L } },
-    /* 30 << 196 */
-    { { 0x89a5b69dd282b12fL,0x63864e7ba7d28277L,0x36ac74d08c21f920L,
-        0x7cfd291713a2f8d3L,0x50b63122c2ef5022L,0x23d454328ed33339L },
-      { 0xf8696b2dc4880048L,0xb9605bd5792dcb6cL,0x4cdb5fc26fdeeb9bL,
-        0x58ee2837f1a7f35eL,0x8956359ae2985ccfL,0x0cc6c4ab2c94cb32L } },
-    /* 31 << 196 */
-    { { 0x2fcac7d161a8254aL,0xc396583a05389aceL,0xc6f069cc3872ee52L,
-        0x76f0e5b407180f5fL,0xc8b23b7a2dee0d6fL,0xc77b242613bf8fb2L },
-      { 0xa8c625e66d5ae411L,0xc0c40a75b0723adfL,0xdee0ba8f380d9c67L,
-        0x38b86a3b19920f24L,0xff2191b7d910e9cdL,0x8d01786734181894L } },
-    /* 32 << 196 */
-    { { 0xa704016022ec7eddL,0x19124972cc9c8ee8L,0x697f301f2ccb9417L,
-        0x3ee877646f00d8aaL,0x2b5afaf88138a017L,0xf152b14c832d7543L },
-      { 0x27c27ce2383052f9L,0x4746c5b5e1dae11bL,0x92dc5ac75b752008L,
-        0xcf382e01e84fe5f1L,0x90e034197d5929ceL,0xafee3abb15ca3ffaL } },
-    /* 33 << 196 */
-    { { 0x299e0c5507f0e3a7L,0x75dac5c46cdebb44L,0x340b5479183c7e42L,
-        0xfb1b03dd702672d4L,0x68f7222ec07cf89dL,0x67a471e422e7a8a4L },
-      { 0x79dd4627b9ada93aL,0x774c53771c8ecca5L,0x95191e1a59db2e65L,
-        0x3f6947f270abeeceL,0xb4934fe0885e4e00L,0xd082e49901728c2aL } },
-    /* 34 << 196 */
-    { { 0x86cd8083aaa82329L,0x74f0c5786e579dfcL,0xc2b68c4e3b436545L,
-        0x8e66c648469d4a81L,0x4c5b05c5bef62bb0L,0xe558ff020bb6f865L },
-      { 0x9f8ccb16f356a124L,0x1bb28d7c1279f8f4L,0x9b885f0ca8fc4e08L,
-        0x2ec4cf69859d90eeL,0x9bef3c4d86d3b9d1L,0x5a98ce73eaad8d53L } },
-    /* 35 << 196 */
-    { { 0x6c716b179711b5d2L,0x396a4a4cb386c1d0L,0x5845f6861c157c12L,
-        0xdcad516262c15d4eL,0xb6e0a6a02dadb218L,0xe4f6d5e5a342e785L },
-      { 0x1eeea548c78980e9L,0x363c31be00a32adaL,0x01481fb7e660b445L,
-        0xcbb61552999c1f5cL,0x20a73942f361d12aL,0x67fb89a11b8b4b3eL } },
-    /* 36 << 196 */
-    { { 0x1d57d639eb00e26fL,0xbeb198906985c10bL,0x38cd95a337b9b76aL,
-        0x3b1d12e30304c87dL,0xdf42dc6f4734e191L,0x1ed1d9e397841989L },
-      { 0xfb60e333859b577bL,0xfb026d16ed3db987L,0xa216b0e46f7855c8L,
-        0x9501bae3539ebdf6L,0xd95a4a32dc8a1f6fL,0x76cb0b6b45307deaL } },
-    /* 37 << 196 */
-    { { 0x5607ab62a844b579L,0x8d3ed3db94f67d9fL,0x95390de8a9929b04L,
-        0x4a6f6f7cc85397f3L,0xec5b73eff26eab04L,0x2543190b045699f9L },
-      { 0x9a4896138cdbb723L,0x0e081e5b7a1c638bL,0x20f292c6596a7b1dL,
-        0xa14d849794477dd3L,0xeeeca98064b0de1dL,0x75fdbae92c5135dcL } },
-    /* 38 << 196 */
-    { { 0x1202b5752b076f5bL,0x5ca1247edbd6c420L,0xb45ff9bfd8ccc5c6L,
-        0x680fcfb28e061baaL,0x5a6e6342122a4212L,0x0ad12abc312fea8aL },
-      { 0xd1dd8ae5665dc7b1L,0x30494dfdd9a22454L,0xc8aa9bc9da55ed09L,
-        0x6ec643031b74b119L,0xf54574716b604639L,0xe2a214e59f8d83ceL } },
-    /* 39 << 196 */
-    { { 0xca698de5f5c96e8aL,0x352c89a3fd941919L,0x0e3de0a909812f23L,
-        0xa74ba91667702fefL,0x6acfaa5a3863d479L,0x28d8932bb6bb15cbL },
-      { 0xc62155704ba9718dL,0xc67a3eafa1edd692L,0xc86eeedaab31aa74L,
-        0x2064ea632deb79c3L,0x813b84f51ff01adbL,0x994b9437458a1835L } },
-    /* 40 << 196 */
-    { { 0x1013c4f4fde3f7ccL,0xbad5415a838699b6L,0x2a8b4eac64cacc78L,
-        0x3d10f949bf75d233L,0x5a9f7782fc84e55eL,0x209a18345ea7b274L },
-      { 0xa66cb6d4f9e8d374L,0xf898d9479a20080eL,0xe7e4b91b1272df4cL,
-        0x5b8507cc5dd136bbL,0xbe4b5262372a8e05L,0xa0cb170c2aa4a47bL } },
-    /* 41 << 196 */
-    { { 0x469180a38378217fL,0xd960bdde85ef6d61L,0xcc4e737d6654aa84L,
-        0x28d440016ae51d69L,0xf13a0d9ac6187196L,0xe60851b392160f65L },
-      { 0x41d98cf61cac48d1L,0xf37f003d1b57f2cbL,0x4829c60bce272603L,
-        0x45991d4adcbdddc1L,0x17e591fe74601bf3L,0xf8a36b4fb3fe856cL } },
-    /* 42 << 196 */
-    { { 0x4410b773fe480323L,0x42ae32e3ea2f8b57L,0x6578a64b2886b9d9L,
-        0xafcfa5fe4241ec91L,0xa7fa5afc16b4ef24L,0x4a6594bbbc16b610L },
-      { 0xcb5845515e264fb6L,0x4b89955e2b9c3c70L,0x530426be21e11c1eL,
-        0xb707abe9c9dab34dL,0xb5aab0bf5931cd78L,0xab6a2585f0ccfcdaL } },
-    /* 43 << 196 */
-    { { 0xe75761f716afd216L,0x8ff1cea3b8a4f008L,0x04b8b65e69889d77L,
-        0x679bf7a586ad9fb5L,0xbe49be0b4c22b86bL,0xcc8905a16c026c1dL },
-      { 0x17464e7e59ec1983L,0x50cb62832a03afe0L,0x8dadaf456ce4df91L,
-        0x26cf59d1e0df6fddL,0x6ecc66119adaec45L,0x1be42e744ef67dacL } },
-    /* 44 << 196 */
-    { { 0xa01cb3bacb1957b9L,0x053693ccf50694c9L,0xf8a887ad527f3aedL,
-        0x2f1a80ece9bf06f0L,0x74baeaa57d0eec9fL,0xce8e8b9ab0641cabL },
-      { 0x91d1e84d128a1804L,0xbdcfcaec2d5fa43cL,0xfc5cff124106fa6dL,
-        0x2ae3ffab01588ac1L,0xe9dcc9b44c067052L,0xd8e3d74bafa7d4c3L } },
-    /* 45 << 196 */
-    { { 0x64a134296d7b277bL,0x487080d8e9a50637L,0x02e5fe901c6c061bL,
-        0x8fdaafc8ecabeb11L,0xb1e3960110720b13L,0xe7304bf77081f41eL },
-      { 0x78a10af8c26f5cf8L,0xf52cbc155c032c15L,0x95a3c4558c0c2091L,
-        0x1797b407abba6f79L,0x87c0cd05a96a3062L,0xdf75e2805f04a7e2L } },
-    /* 46 << 196 */
-    { { 0x47161e1f82779cd6L,0xa95afa08c8158458L,0x2cbefdbc40a80742L,
-        0xd86e0bfaca420c9fL,0x08f5f8c29c79427eL,0xe8f88361da4d0d9eL },
-      { 0x2195174d3eb78d14L,0x889b32c9ed6caecfL,0x1e679749c3c83ed3L,
-        0xc27a8c84eddf8a29L,0x4a21af3af8e09f40L,0xf4b9797f1eb3b9b3L } },
-    /* 47 << 196 */
-    { { 0x58c2405baa44f11dL,0x86ffaa37ac0f7257L,0x373623cc4070f6e3L,
-        0x142e62f9a36c73b3L,0x43bab2dd36a143fbL,0x4fbeb0b7aa50375cL },
-      { 0xf9cc2e7b1f862294L,0x95a9be3c0abdcaa8L,0x70f050225cda074eL,
-        0x152659db43e6bc89L,0x1790148727c6e01aL,0x544069354e083c21L } },
-    /* 48 << 196 */
-    { { 0xcb51f03954ebc926L,0xe235d356b8d4a7bbL,0x93c8fafab41fe1a6L,
-        0x6297701da719f254L,0x6e9165bc644f5cdeL,0x6506329d0c11c542L },
-      { 0xa2564809a92b4250L,0x0e9ac173889c2e3eL,0x286a592622b1d1beL,
-        0x86a3d7526ecdd041L,0x4b867e0a649f9524L,0x1fe7d95a0629cb0fL } },
-    /* 49 << 196 */
-    { { 0x028bc25096c54946L,0xace5e7ad0f5fb7eeL,0xc820d7513350ab02L,
-        0x4ae1f6d99c8d7635L,0x03d1f83a98e1ed80L,0xf014d45d5ad14550L },
-      { 0xeb8f2c328cd6d0b6L,0x090a8f71770f586fL,0x1a8219f93eb7d3b7L,
-        0x0d610d9febfc26dcL,0xfdb49980aa330297L,0x6396f218d81b3fbbL } },
-    /* 50 << 196 */
-    { { 0xb4ea3102eacb7b9bL,0x4aefb43d72af1d6eL,0x9a1a912d249a51d6L,
-        0xddd0a5744d5e3a1fL,0xe252114708aa1f69L,0x4b235efe9de89d5dL },
-      { 0x6fae47420d7f1aa7L,0x0434ae2ff200e13aL,0x75143dc192508b57L,
-        0xc441a768055e177aL,0x84cd7adf2f142b2dL,0x56484f4161d9ad5aL } },
-    /* 51 << 196 */
-    { { 0xe3e9d0881beecd14L,0x4bd12b179093ab18L,0xa6908ddbc925d5dbL,
-        0xfdc5f740832d1474L,0x1a35623696f831afL,0x0e39086808cde8c9L },
-      { 0xab1c7cbda2206b32L,0x84d299c8b93ccf1fL,0x380fa432dabb6542L,
-        0x59f01b5177c2cb3dL,0x9785c47b6e56c4bbL,0x047acc813a3f2b1aL } },
-    /* 52 << 196 */
-    { { 0x724210e61e42b4a7L,0xa8d536afe2dd968cL,0xc69936e683582c60L,
-        0xd031f1abdd5d7f68L,0x7d31dcae8c4180d4L,0x117985f622bca188L },
-      { 0x3b0a982537e38dc2L,0x1663fdc5896fe4b4L,0x55d18cc7fd707372L,
-        0xfac2d7a40d2d8470L,0x994763391b04b1f6L,0x87cfbb5ee0bd72e4L } },
-    /* 53 << 196 */
-    { { 0xeac6a72ad5dd2841L,0xf1aa32524277e152L,0xe6c44e9b6ef7e947L,
-        0xd03309fc54095378L,0x6fc5fb9ccdd06947L,0x10ed0e76d1e9a968L },
-      { 0x42d5ab02dfb77b17L,0x4c54c381a53de8ccL,0x5fb4c256f2b1b5d8L,
-        0x17d5ab28e12ed054L,0xd7c96ce1139da42aL,0xb32f63859919f459L } },
-    /* 54 << 196 */
-    { { 0x4bf5788312f4b0b3L,0xcd69d82ef46735faL,0xc397c8f9a1baa0efL,
-        0xfce184c0fd1be398L,0x15021775fa54580eL,0x10bc85468f54397cL },
-      { 0x6009a691eaa9d711L,0xc9c6a42fb7846417L,0xe9c305685627817dL,
-        0xa1be66ff92abd5daL,0x9317838fcdea11c0L,0xace94ddcc85e7aa5L } },
-    /* 55 << 196 */
-    { { 0x3ef37821d4079bf4L,0xff78abebfcbdc3d0L,0x117414bc4733ea34L,
-        0x7f181a3b9f50d0feL,0x9ea5f94eda897ea7L,0x01a996ceee8314ceL },
-      { 0x0cac3c8b420e988dL,0x7ad66ac4bed3294aL,0x6bbf6dd800b62445L,
-        0x590a57017a2fb4fdL,0xbf3b4e529ac11d81L,0x1bd453020d60c710L } },
-    /* 56 << 196 */
-    { { 0x8a43bba0902c32d8L,0xd8c69b74a3955e42L,0x413bf25d79c64afbL,
-        0x3c39837584ac94cdL,0xfbfa9c53a08ccf5aL,0x9d8ac945e9d791d4L },
-      { 0xfb9bb89e5e7a2553L,0x1442612bb039dd24L,0x8250ffe0a2e2344aL,
-        0x5eae8b396426b985L,0xa1657768484741deL,0x05e52d4ac73cdf8cL } },
-    /* 57 << 196 */
-    { { 0x61c2417995c5e767L,0x7456380c3bdfef62L,0x62763f43d206cbb1L,
-        0x1996e2c657871e44L,0xd0dbd290f220c06dL,0x6778e1e5d87743eaL },
-      { 0x40e54caf16b8f046L,0xe834a1cb6bed77daL,0x7240befa3e9457c4L,
-        0xd1b638dbac96cedcL,0xd1d7e814c9c0cd8cL,0xc73beaf14d38258eL } },
-    /* 58 << 196 */
-    { { 0xf1a6d776c05f40feL,0xb98c19b1c21ce471L,0x700b0bab7f9689eaL,
-        0x861513a56f1d2e6eL,0xb7558b2292fe4456L,0x2d8f860704c66a25L },
-      { 0x10ba7d6a7998347dL,0x72bf56093983b98dL,0x8d873c4f89238292L,
-        0x5db0dca9a5e3c944L,0xf81fe37e0925aef0L,0xed6a13a4e4daae25L } },
-    /* 59 << 196 */
-    { { 0x49e2372711c3a930L,0xbf2ede34f5293b8eL,0x0abeeb3ca8e1cc9aL,
-        0xb1db299440205cbcL,0x3252d29e52fb01d4L,0xa0b080c57dc91095L },
-      { 0xb56fdae622a9ceb9L,0x6c3c3463b31f6f27L,0xcb510ec2ae3bd22aL,
-        0x1efcd77b0b3db475L,0x1094bcc5ca766f9cL,0x688e940dfea48297L } },
-    /* 60 << 196 */
-    { { 0x3d95d26a99cde27aL,0xed608a89b99344f4L,0x7a70a8f09c0ab25cL,
-        0x7740953c496552d8L,0x4da4ca0f4a366adcL,0xbf475c1b33274d4fL },
-      { 0x5ac1d8288811b869L,0xed62e7b4d23446d4L,0x67d78571a0eab287L,
-        0xa74ae3e98b0acc4dL,0xa63f91d64077c236L,0xe2c3f82a818a6889L } },
-    /* 61 << 196 */
-    { { 0x2bde7037b1d5fbeeL,0x477a4b51a80b92f2L,0x195ae0e06606b504L,
-        0x7aaf3de57497785aL,0xb5581ee9290c5ef9L,0xcb303c30360c8ec2L },
-      { 0xfb056f901b1fb602L,0xa38bc9f59931b7ceL,0xb0b74aeab2f453a8L,
-        0x9a0e2ebf668cd68aL,0x8b7e0d73d7db7842L,0x21f29b74d1fa5433L } },
-    /* 62 << 196 */
-    { { 0x38321d7c4e11f824L,0x04dcd3a3e4a816e9L,0x382968ed07e09612L,
-        0x6f7b2dbfa370e1d1L,0x5a8472348675d730L,0x88d974b0e59e984fL },
-      { 0x89f7e2bce3f9e429L,0xd478eacfe3aebac2L,0x8df9f281ebef3488L,
-        0xcbcb9fbeab5543b3L,0x2c8d19b0203f59e2L,0xbb98e4495287b0fcL } },
-    /* 63 << 196 */
-    { { 0x16c45f709aab81d7L,0x0f1310851795a4b7L,0x3c63d43af0ecd732L,
-        0x22e2d1988628b683L,0x7d7482bab641d6d4L,0x6baef4a2ab69891aL },
-      { 0x10989097e63c00d2L,0xbfd42ab0d93794ccL,0x9a1935f3e4165a41L,
-        0x359701b35b600ca7L,0xbe7d69f983d1b54bL,0x99b0f35e3729bd4aL } },
-    /* 64 << 196 */
-    { { 0x11dd860e1c6d03b0L,0x30c1700809eec660L,0xd4f8aff635c0192fL,
-        0x96a727b1e3a4a900L,0x1426daffde78c8baL,0xfacaa9bd8d1527c4L },
-      { 0x0c0d5234cd072989L,0x1936c20d918550b5L,0x4828bee43d914fb3L,
-        0x8324ea38f3ba26a6L,0x027590f3a94eb26fL,0xfd354295acd957bfL } },
-    /* 0 << 203 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 203 */
-    { { 0x3ede2484da756624L,0xb22da2ab73b13062L,0x56069e93962a667bL,
-        0xc931266b130f2ceaL,0x4bd6a6fca7366a66L,0x23f30563aa5ac3b1L },
-      { 0xa025d0efd7c2b26fL,0x597ce7d862129bc7L,0x4809927f2b3057f2L,
-        0xb001c10a1499f884L,0x309d141c30b9a653L,0xadddce7dbf659d05L } },
-    /* 2 << 203 */
-    { { 0xa6c32900af2825c1L,0xb37c46c1d223a04eL,0x691e7d39063de7eaL,
-        0x998df4e710daf9bdL,0xc7085b9e718b5d7aL,0xd41abcc816b3d4b8L },
-      { 0x4dfce693f9bc4041L,0x383677ed659ec7a8L,0x2c1904bf4491fb34L,
-        0x7c1bf1114552451cL,0x6562cc2c3c5e5e40L,0x1ecaa2a1fe0e4372L } },
-    /* 3 << 203 */
-    { { 0x9657d08ca9cb9ecbL,0xf69662363b75be69L,0x396a9344a31c2b8cL,
-        0x1c50b1269767bc1fL,0x597223d0d1417e03L,0xe165ed5a12137153L },
-      { 0x8bce29f926a24098L,0xc428a1fbe99e7bf8L,0x6fd4c906eea7f1d9L,
-        0x94275713fceb2e05L,0x3555448b741dbd94L,0xc50e85459faffd4dL } },
-    /* 4 << 203 */
-    { { 0x84c3630bf3087bc8L,0x152691e674be6e26L,0x5abd125ff61af001L,
-        0x69bca56fbfea3525L,0x384af19900e0cb6eL,0xb0b13cfed00475a6L },
-      { 0xedafde495e394049L,0xd988b558daf2add6L,0xf14cf97a6c8ffcc9L,
-        0x4d6cec23e5a9cc5cL,0xb0d678f88a104e05L,0x80a7fcba9fb527c1L } },
-    /* 5 << 203 */
-    { { 0x9ae12b902af1ffceL,0x082f30b95a30521dL,0x974099bdc304014bL,
-        0xab1e27e444ccb6e5L,0x72db8f42290387a1L,0x3d1a461040f3ce18L },
-      { 0xe939a3f2634ba10fL,0xe70a9cf517254c56L,0xd0f8692fa08ec3c5L,
-        0x77edefcc7a7cbdf8L,0x04c4b18ebdf90f0bL,0xa890436a8aa36a59L } },
-    /* 6 << 203 */
-    { { 0x8618ffa79e30f8a0L,0x9961390cd12699bbL,0x5b1b0d744f61edfeL,
-        0x33df67d9eb7a476fL,0x7f1a767ea92ee99bL,0xfab400e32223a2ccL },
-      { 0x16f376f2f534dc3dL,0x6f36eaefcec17905L,0x8dc1516ca58765deL,
-        0x893408262260ed6bL,0x060eb0afcf4b29baL,0x9cd0a9f11d252bbaL } },
-    /* 7 << 203 */
-    { { 0xd3c2a6a8ca413693L,0xcc56a8e932d5714cL,0xc72b73683c0da165L,
-        0x5d236660db44e616L,0xa83b2ecce5c73667L,0x9d292f298aea900cL },
-      { 0x67121215aaa2a7eaL,0x57dae96abf889191L,0x63bf7a81d296ae68L,
-        0x9bf518758fd496c4L,0x5b4382fbc2f7308cL,0xf1215dfc9632aad7L } },
-    /* 8 << 203 */
-    { { 0x0d6cadbfc22137d2L,0xb5db59d3628a3298L,0x3b433c734ab19507L,
-        0x4fc53405660086b3L,0x770ae903a1eb0f43L,0x31b5857ef6b5b58dL },
-      { 0xe206e141d392868eL,0x8be6956f4b31de04L,0xcfbfca2f47449e07L,
-        0xebaef25639fef8e1L,0x959e37b8c16fc80cL,0x8bb4bdd2e911d61bL } },
-    /* 9 << 203 */
-    { { 0xecfb851380fc41f3L,0xb0dc8823931843c4L,0x59decd6c1b93df03L,
-        0x954103b72511e252L,0xe372f86a0f759de1L,0x04f5afd38f6f9ef3L },
-      { 0xbd8e60affcba2e7cL,0x9b1cb1ed092315b0L,0x5f9e20a03fd05e36L,
-        0xfcdcc44ded95f25eL,0x6baf401b6ac79cb5L,0xfe1a5a856894f651L } },
-    /* 10 << 203 */
-    { { 0x014a0907e51c6673L,0x28118ccd3e6e6a91L,0xdbbb7c4dc999acc0L,
-        0x01b771075e7ab1e3L,0xa33fefbfcd8fb11eL,0x1df5b61fc0b8a5c2L },
-      { 0x774dc2674478c5c6L,0xbfe1add422fb91a1L,0x5ac4dc694d9c8461L,
-        0xbf6e002a1e772c5fL,0x4922120e0b83fe91L,0xa7747f4b3efbadceL } },
-    /* 11 << 203 */
-    { { 0x4b955beaddaf2e82L,0x3775ecde90fdc68aL,0x579c34f91713e763L,
-        0x6c27f504fa509d74L,0xef6df04a3f8dbf4bL,0xc39f2e28b3ad7104L },
-      { 0xe54042b3a5973cffL,0x4e594427f111f3d9L,0x53c7a2ba155fce57L,
-        0x7b3c1c60e6e1d21fL,0x5e12db8d308ddf4dL,0x2c3c5e77a00e8976L } },
-    /* 12 << 203 */
-    { { 0xc483d4b24343bbf8L,0x42aca2e18a0fc95eL,0x5165df6fcbab1fb0L,
-        0xeb284370f6cdfc0cL,0xab565c00994320fcL,0xc0d157fd62133e80L },
-      { 0x7850cda55b69644aL,0xe37ae76a806ec8b8L,0xd14b805cc2c82eddL,
-        0xcb5468b6cf244539L,0x97d43ee825dbe92dL,0x1442243689fb8f1eL } },
-    /* 13 << 203 */
-    { { 0xcfc8a945f361dc08L,0x383a5336491dc3abL,0x77580587c35cd376L,
-        0x6604248ae2426904L,0x47c56025ffeb9d26L,0xc301edd8bae5d983L },
-      { 0x7c6511a9e2e5cf33L,0xdc52c1dd221d41acL,0xdbdc8acada47503bL,
-        0x01b406864bcedbbaL,0xca9cb9fd2d5496d5L,0x5768e0edb17e8400L } },
-    /* 14 << 203 */
-    { { 0x421afbe0431cb760L,0x9ae9ff985203e69bL,0x56cacf4db1a2705aL,
-        0x6a3a4136d128bcd5L,0x2411c4b866191ad8L,0x39f26e1a15b45d24L },
-      { 0x4cc82459c64ed153L,0x5c7a0dd58195b452L,0x9c88bb1c69f6298dL,
-        0xfe567b031933fdb5L,0x8a6aea71881308c3L,0xc1268b55a2f0adfaL } },
-    /* 15 << 203 */
-    { { 0x312b777c1231c557L,0x3984f71be9971115L,0x0266b58294cc2d4bL,
-        0xc3058419cdf5e5c1L,0xab3a1ae477bbf0d8L,0x7c2173a6d21603daL },
-      { 0x61cca8cc747b092bL,0x70f77a53e376506aL,0x742c20692f1ccc85L,
-        0xb1f2ceca2dc8844bL,0x5a73cff83a096c10L,0x28acb67d5c19cd11L } },
-    /* 16 << 203 */
-    { { 0xd7bf2ac6a0a85236L,0x2921b55c7194c46dL,0x162fabaa9afa9762L,
-        0x7b7f1664b62b36abL,0x77b9f797296a84e9L,0xfcc1ad657dbd843dL },
-      { 0xc6e9c1e1cd77b7f6L,0x9cf0e272917067c9L,0xfa7fa93d3bfa90bfL,
-        0x55846fe9d050e46aL,0x473b9a0d35c56256L,0xadd29e332b656a65L } },
-    /* 17 << 203 */
-    { { 0x4698137f46fb8ae3L,0xb11a595f7b1c062dL,0x4a043b99ff023ef7L,
-        0x2836d64d8ef0fa4dL,0x4067dbee8ea44a98L,0x9d1739c9f00ff4e1L },
-      { 0xcbcf12fe133d2703L,0xd2923424016037cfL,0xda7543d68be5f666L,
-        0x587d1920ac5e1847L,0x14662476f79e3462L,0x0120a1d8c810a1f3L } },
-    /* 18 << 203 */
-    { { 0xa4fc828ab18f9bb1L,0x06de4c9da27a787aL,0xfbb7c7d7b1b3a12bL,
-        0xa7052b94b8583128L,0x173ec2d2e7b02fd8L,0x4b724682c776c664L },
-      { 0x46ed9be5673183e5L,0x312191e83bd17c60L,0xe3ed6326efd56a9eL,
-        0xb3ebc44c943a2278L,0x7ef62ba9ec9cf589L,0x754be6d389832cd7L } },
-    /* 19 << 203 */
-    { { 0xccb4b369dc992b32L,0x0ef84cc0922cee22L,0xda0058f1fc56e9e1L,
-        0x208c57943f23632bL,0x3589a7338f77a82bL,0xee6cfa2c76ee99bdL },
-      { 0x88cffafc418f7993L,0x0dde3f05f4be56d6L,0x5d088382a0472bf5L,
-        0x872ca5aabd58d05dL,0x9c467c62e8f91f17L,0x38ab1b348c6b91ffL } },
-    /* 20 << 203 */
-    { { 0x926c2552ebc69b0bL,0x953a850fd4c7432eL,0x0ee85e14b9359035L,
-        0x8b10b01abde090a5L,0xb2878dcaec423943L,0x2571a178f70bde20L },
-      { 0x24ed159af5ebeee5L,0x60c202af043f6539L,0xdaaa76f4c8d4ffc3L,
-        0x2fc1f1ba06eda10fL,0xddf159ee88ded556L,0xcfa71782e67b1ec4L } },
-    /* 21 << 203 */
-    { { 0x2596ee7409d3ed60L,0xd42551f474a46e37L,0x2e46a92e21061c90L,
-        0x236299fa73ad22eaL,0xacdccd5214393ac2L,0x9a572130b56b4d5bL },
-      { 0xddfc31781835e70bL,0x5dac0671d542048dL,0x2b0768d7a6dce17cL,
-        0x6d447d4206c55342L,0x6b55b21525548478L,0x24e6483518d5310dL } },
-    /* 22 << 203 */
-    { { 0x3c58c5ea9b037c66L,0x08d0648e0d5c6ec5L,0x1bf90c53a4fa3f5aL,
-        0x660cf61740381205L,0x63fd03081d44af3fL,0xe22b9c1a77175de7L },
-      { 0x0b6044fc3556fc9dL,0xaefb6804fb55318eL,0x77045bce5c46e1ebL,
-        0x29c4a3bc76e8f93aL,0xdf8aec699d697f5dL,0x5bd9552845a89080L } },
-    /* 23 << 203 */
-    { { 0x1bd61fbdc5756910L,0xcfcc6d5adeaca40dL,0x292867885dd80ac1L,
-        0x7effe328d621c0a6L,0xc64ebb91ab22a2b5L,0x8954ab330c44a456L },
-      { 0x7552a0b460e26218L,0x2e81d3a94136adbaL,0x96dc2451610d665eL,
-        0x30859c62ab04e03fL,0xdb3726fd4c31fa3fL,0xbf4954d1d962a7c4L } },
-    /* 24 << 203 */
-    { { 0x31521f66d5d826b0L,0x0a63695240787844L,0xc0a3bd059c8f934eL,
-        0x12c57dd42f0ce835L,0x847f6a9967064213L,0x1c9e1a7aa88bd71aL },
-      { 0xc4060eb2171e8407L,0xdf78d8dfed106780L,0xa3d28ceb0d704729L,
-        0x4f8e523246ca3912L,0x09e9f852017791f4L,0x594006631e6ea97dL } },
-    /* 25 << 203 */
-    { { 0xdd26fb79444827feL,0xbf78e076d3f5fa6bL,0x46d486e81a5475b5L,
-        0x43e325a5faabc3f8L,0x1fef6b6ba6795d0cL,0x40e040666644d631L },
-      { 0x16207bb9676c3322L,0x677c1c235811706bL,0xb686252e994e2a95L,
-        0xa359e2a51b6f6a3eL,0x6d8f06cfb124f019L,0x3bcf778246266c42L } },
-    /* 26 << 203 */
-    { { 0xeaa3426b8eb929aaL,0x090924f2327bb35dL,0x4d23ba1276da394fL,
-        0x05d98e56adecd43fL,0x83c7169f6b4af795L,0xc22560a7c8f26ae8L },
-      { 0xb43aecc2d01ab5d8L,0xe7bcdc1f7257d7d1L,0x6f32d77650de3318L,
-        0x6d736b279bf02c0aL,0x9534fa5865319235L,0x5a6a38493cfbeb3cL } },
-    /* 27 << 203 */
-    { { 0x3ddcb65828c50956L,0xb335f336bf1bdb4cL,0x7c18d2d0ac3b6194L,
-        0x8748654bca324d11L,0x7c9c58dac2e85f94L,0xf1930a56d4f4f957L },
-      { 0x9cacbdbbe410fee8L,0x0e292c2178e1312aL,0x6845b293906a6270L,
-        0x842ded0f00c5401eL,0x747cd08f35e3ff9bL,0x8405540af48227feL } },
-    /* 28 << 203 */
-    { { 0x547b0d9583939224L,0x3a0823ff1e026769L,0x6016671525bd43acL,
-        0xb6cf475e18ba5f64L,0xa22f9c92c8b6d09dL,0x730553683ccf50abL },
-      { 0xa6de248eee6deefeL,0x32aaf8b2acc3ca20L,0x0e254c5bad44e674L,
-        0x8aa73e6535f95f98L,0xe622600160a2dc1eL,0xdf9482109109020aL } },
-    /* 29 << 203 */
-    { { 0x7b24d7b056190aafL,0x0115cbdd0563b377L,0x5688526ca7ba4975L,
-        0xd2971e28aee3100dL,0x57a6ff8a6fa24f61L,0x9cb571c4d8603be7L },
-      { 0x09c01564a2cce6d5L,0x14f0902b89884939L,0xd71a5ff8a072ffecL,
-        0xee7848b8fefeab69L,0x7b52a9577e40895aL,0xd1576be7e8c61be2L } },
-    /* 30 << 203 */
-    { { 0x4c4d454849d77b8eL,0x431f942f6a4c982dL,0xc8633d051cb39ce8L,
-        0x23421f8caf516f9bL,0xc9db25d2aac876fbL,0x9f2669c5d882760eL },
-      { 0x59dc4bf4c47d4bfaL,0x99ed0024c475f93cL,0x269d1ca4ebe07d37L,
-        0x49ce3bdbbf88b1faL,0x515044053361e4ccL,0x207f0048735b3c96L } },
-    /* 31 << 203 */
-    { { 0x835fe90b5a516e82L,0x26f1f2a7abfcb383L,0x3dae65a8609c4ac0L,
-        0x70b01d6e91f4054eL,0x22da015b581e3159L,0x2ad34f99329d1ebfL },
-      { 0x7385aad60d09b845L,0x4cbafb0b0adf42f7L,0xd8727d26c02398cdL,
-        0x58c261f590549db5L,0xd49b12e48ea70310L,0xb31eea047ef89773L } },
-    /* 32 << 203 */
-    { { 0x372798f02893f2f7L,0x4f62bfac9e5030caL,0x5e64f9a98a1e2567L,
-        0x5870254ce70391c8L,0x2def81a341f02458L,0x25d4e4dc1d087bedL },
-      { 0x3557d07d4fe24a13L,0x6da49186dc3112bcL,0x08c8c5675f73ba50L,
-        0x5309050b9c7c6706L,0x2ab67da3bd985072L,0x9bafa8b1e5df4e96L } },
-    /* 33 << 203 */
-    { { 0x5acdcd216f77738eL,0x340710746cb67a3eL,0xd68c55cf4bf76bf7L,
-        0x64c159200b4deda8L,0x1021d38ae242b1e0L,0x615f1f033bd3d95bL },
-      { 0x2ae0245cc300c9c5L,0x3549605ba88d63e2L,0xfe0dd65ad5038849L,
-        0xe67abfec63c6e4aeL,0xccd08ba528153bdfL,0x9be9f5bced4d76bbL } },
-    /* 34 << 203 */
-    { { 0x30fe00bb6e8423deL,0xe16ce94784e4d005L,0xaf0f8c283fed764cL,
-        0x05ef9bf67d92b1efL,0xbf6570d4eb481da7L,0x39349e30468494ebL },
-      { 0xe32b99a63fb36907L,0xd92386da2d35e71bL,0x74af8b79166a973dL,
-        0xa0a177f94f72de6bL,0xfff3e19d5dd6c660L,0x15310d4d4b0d54f0L } },
-    /* 35 << 203 */
-    { { 0x692a561f15c15a11L,0x25abe85f26ca3ddbL,0x50fef4444caffa5fL,
-        0x58472cfbed3f4aadL,0x7e9178f0092d2b83L,0x3afd364ff8dfaaa7L },
-      { 0x4686ee5cbbf813a8L,0x6a62687d937cbae4L,0x56f22558a9b7b6c9L,
-        0x9af1beae9c189e25L,0xfac4ad9f4d41f79eL,0xdecb57431f9c7a40L } },
-    /* 36 << 203 */
-    { { 0x3ac662895c02f173L,0x6a110e3876d566e5L,0xd9cc14e2b9577e26L,
-        0x6f3d5df9fdfe617eL,0x8fac740f352bb2caL,0x50bc8a0cc28e6310L },
-      { 0x6e572fc477ac93f7L,0x56277377605bb8e9L,0xad6d0637402b8c55L,
-        0xdab377914509eda7L,0xae770abc0854e91bL,0x523bd278742b3de8L } },
-    /* 37 << 203 */
-    { { 0x8ede0eea2aa0da2eL,0x7015ee6e90cfeb90L,0xef33f3efd6b3227aL,
-        0x6e332f1712ef9f4bL,0xcaa089898e7f9fe9L,0x001482ef8fa71529L },
-      { 0x2522637907a5019aL,0x807faf01bed40fc9L,0x426002ab56710e12L,
-        0xcdfffbc18d3949e6L,0xcc03f27861284379L,0xcd7dc2026d5edc82L } },
-    /* 38 << 203 */
-    { { 0x94f84d57cff31148L,0x9c567c7f6bf2a313L,0xc82e62353149ad8fL,
-        0x81f69703c2a5d513L,0xb54e6fc756eea9acL,0x6799c7957c3aae62L },
-      { 0x78e89c1edb280515L,0x3c5693066ac42925L,0xd984c86dab063cc4L,
-        0x61754b5151d44ae3L,0x23af8ec0cebeef0fL,0xff67170bc618fe8aL } },
-    /* 39 << 203 */
-    { { 0x123b567195b58447L,0x7397316ad43aabd2L,0xcb65d69d9ddc7979L,
-        0xf98be7bd91150e08L,0xa5388c79fc0ae5c7L,0xb115690215ed9074L },
-      { 0xc2d01b9227e9afdeL,0x80d705ec2095a6ebL,0xbea901c7fab23079L,
-        0xced8b2772346d712L,0xad5c45a92542a0ffL,0x87b2e4ac0455e90fL } },
-    /* 40 << 203 */
-    { { 0xc2cbd64417fecb90L,0x61616eb3b32dffdbL,0xdc4485a29f5d2095L,
-        0xf78911246553371bL,0x4f06ba18bf9b20afL,0x136d4f291a2c4df1L },
-      { 0xc04aca34fb8b685fL,0xeec83c20f2b657bbL,0x4da5d70a5925a36aL,
-        0x8060874172ff2965L,0x2e0dd9ff9f352620L,0x5f0afa6746d1a7a8L } },
-    /* 41 << 203 */
-    { { 0xb76c722762c1e582L,0xbce1eb164ffefd05L,0xa574a9fe169e53fbL,
-        0x77bf92b0c001628eL,0xd998172c04d60440L,0x62f35199ceae6bf7L },
-      { 0xd81a563e93f1ff84L,0x5a7a0b4211598ad0L,0x884f2ca5ff11f3f8L,
-        0x99f5aac2f3ac66cbL,0x58497c01f489c5afL,0x11277bc39566521cL } },
-    /* 42 << 203 */
-    { { 0xfb9670c26a770385L,0x5da887e1e9682174L,0x31fa9d6bedf922f3L,
-        0x8de8814cf7a98d1eL,0x3935b9b27a019f08L,0x1f59d6f3ea6173caL },
-      { 0x8732f39d5c638a66L,0x981a1b7a3d48d3e5L,0xea451b381ee0ab37L,
-        0x31a8e9abf2708356L,0xa491944ee86cbfc1L,0xd747a885a97ddfcaL } },
-    /* 43 << 203 */
-    { { 0xa3460236aefd304aL,0xaac80f43c58719a0L,0x7d635c17d3ca5b1aL,
-        0x986ac0a62119976aL,0x0d8a6e39f2538d36L,0x6a02af2f31849d5dL },
-      { 0xecb6ef8f6719d4deL,0x6dd71ab674ff8880L,0x0d40ec0e9d225d93L,
-        0x304cd88adf381d24L,0x2d6787380c5571fbL,0x03c23f547c03af94L } },
-    /* 44 << 203 */
-    { { 0xa995a95bf46aace5L,0x44ede5379eaa630aL,0x421f3b3500336e3bL,
-        0xbf897478cf47c9edL,0xf360ae32259e0827L,0x04e0e3e82e6a9f6bL },
-      { 0xb26eae5fa9136702L,0xd6cb15a1853674b4L,0xf81276e2748bcbc9L,
-        0x7fc02e220a4ca1d7L,0xf650f48ecd82f330L,0xf4ea7c1dabaa8859L } },
-    /* 45 << 203 */
-    { { 0xe9f090b935caae35L,0xe04dff188dcf1e6bL,0x81b7de5eb8032e04L,
-        0xba0d0b4e4b1e8070L,0xaa82dc8ad1a2aeb3L,0x5855ed1ded26f229L },
-      { 0x8bce967ed1955233L,0xe6ed07f356ac7532L,0x4227c7fdbf0eff2dL,
-        0xb1f4785fa5e213e4L,0xeedad0733ac30f4bL,0x503619889cf1e686L } },
-    /* 46 << 203 */
-    { { 0xeb252116ba5da79eL,0x51cc937edb691345L,0x1d5fec14077458c1L,
-        0xaa304f7ba0808e6fL,0x4bed89f5abec4c09L,0xc67293cbd1a3b798L },
-      { 0x0905f7d342122672L,0x83675b2da0d3a277L,0x7f422b7024bf5bcaL,
-        0xe2144c6910495acfL,0xdac1c357a6a6ab5eL,0xd1a3b951c8b1d472L } },
-    /* 47 << 203 */
-    { { 0x0821017d60c0c248L,0xa17ce97a8540bdc8L,0xe0576ea986e6f45eL,
-        0x1453268bf152c6eeL,0x1ea1937138edbed5L,0x970ad9c002343c23L },
-      { 0x3a08a859af8a97afL,0x20caf7cab570d738L,0x6d82d863e2a89455L,
-        0x30eb8d0724c76844L,0xb31d58c8d32b79f1L,0xe5df7cb9fe63e93cL } },
-    /* 48 << 203 */
-    { { 0x1ccd44ff95c746ecL,0xe18914b510405763L,0x50ed644321a3a927L,
-        0x4f96a1b143ef8e8fL,0x7f5645e577952bf8L,0x4bc5c7ab66dbdf15L },
-      { 0xacc1612623930a08L,0xbf5ed482504cf9b6L,0xdeb7a798d71ecbd7L,
-        0xf62e63b14a4dd859L,0x668809a7daf714d9L,0xdd836382f3a4329eL } },
-    /* 49 << 203 */
-    { { 0xac0ef2cf383e038bL,0x848e3c1f91135098L,0x19e5a3ee3f15b241L,
-        0x2d01f1a2dbea2ad2L,0x44ec32a799cb0bdfL,0x3e66fed4eab4d856L },
-      { 0x3162a75af45c8656L,0x53ab74245a37ca4fL,0x1b81f1dc360bb395L,
-        0xa7eb222e2b8a5267L,0x163bb0c804b0bcaaL,0x1cac5bc0ef5c417dL } },
-    /* 50 << 203 */
-    { { 0xb95e2d85e81d9e43L,0x8a92acdd1418f6d8L,0x5429140110ee43d7L,
-        0x32a2933c625838dfL,0x801d57dd3d485868L,0x33bba67258af765dL },
-      { 0x545fe2583f520eecL,0x900ed51a32d71974L,0xf21fefe6df3ed77cL,
-        0x2f0df28c9deb2d81L,0x90898dd780856fb7L,0xeba82159bbba4771L } },
-    /* 51 << 203 */
-    { { 0x83ecc8f374df3780L,0x432e9807d3a89728L,0x3461c5297b5cb6e0L,
-        0xee307c19030c25cbL,0xd72b60c7391ee616L,0x0c07bf462e9b4384L },
-      { 0x9d791b0bd44acd49L,0xf3b3411c9f3b33caL,0x1bf55cb97f9b455fL,
-        0x77e01607600f0a91L,0xdab95bf26bb7e977L,0x30d0f591fe4633e5L } },
-    /* 52 << 203 */
-    { { 0x894bdbd9c48f3ad5L,0x687ff8de09e167f6L,0xf06104a930371c43L,
-        0x82fd34b7ce84dd10L,0xae122deb66ce5abdL,0x31f041d2fc4a90b2L },
-      { 0x2589535c9a01c607L,0x231bcc85695bd7abL,0xc67c306262e3a31dL,
-        0x31be44757af3e186L,0x1a2077a388efa7f1L,0xffe53e22815fad1aL } },
-    /* 53 << 203 */
-    { { 0x4ce41f69a3ee310bL,0x38fb07d09bf311ddL,0x5fd284d660985bd4L,
-        0x2fe99a19e04d3dffL,0x21a352520b3ad853L,0xb0808a89012aa69cL },
-      { 0x98219cf718c7c301L,0x429e08fc91254db8L,0xface2e53c41d54d0L,
-        0x180651242decb2d7L,0xa9f65e3f26a9191cL,0x1dadd3deed42831cL } },
-    /* 54 << 203 */
-    { { 0x81ce91dd6327460aL,0x4cc880a0e2f22af0L,0x81aa9bb46a6d36f3L,
-        0x8ad516741dd10657L,0x212267854253b30aL,0x530d1f6a8f161dd6L },
-      { 0xe7eeb4c7e9ab63aeL,0x84f225bfb72d250eL,0xc81cb984458a8dc7L,
-        0x39fbbe3bda68c1afL,0x8c6c99b3083cafd9L,0x4700ba37eb07d40bL } },
-    /* 55 << 203 */
-    { { 0x8980dd7cd8dcc7b4L,0x0179e9bc7ad18f8dL,0xa9e4fa6a08c60f0aL,
-        0x4f0d76fa3cc7dd36L,0x53339e4c51a0e67eL,0x1acdaf24cebd80cbL },
-      { 0x5aaebffcb5264b96L,0x3ebebb22858df87aL,0xb2f4c1cb092a95a1L,
-        0x34932d51841b1a63L,0xe0631aab49074a2fL,0x71525c4fe3b7fd61L } },
-    /* 56 << 203 */
-    { { 0xdd15591366229776L,0x84093730f7882064L,0x6dddcb14e50ee337L,
-        0xa8e6ec597a1f7e81L,0x8467f998f3738a6aL,0x70fcc6bcad3f1840L },
-      { 0xf82eb4be723b3f4bL,0xf0f3935406beec1bL,0x1b181ea37ddcb539L,
-        0x9c82c4faad6a81b9L,0xcc5ea5435c612c2bL,0x63ce7571bb258d6fL } },
-    /* 57 << 203 */
-    { { 0xc6c110ecd3b9416aL,0x254403ea024f63e5L,0x92d2965b68aa4a66L,
-        0xa08bfaafbaed92aaL,0xe2194cd701ad3eb4L,0x7ba66e1da7552847L },
-      { 0xf68c90ee44eb9bbbL,0xabe38c5c5f6438daL,0xe16d4aa68c38a6a1L,
-        0xc2f8691bf6294db4L,0x9248492fba64da6fL,0x850c6a6865a3d6b7L } },
-    /* 58 << 203 */
-    { { 0xa794308d2599a1f7L,0x06bbefce3e72b328L,0x24f2c6f5420f6ae1L,
-        0xedf67defaae894c0L,0xf66396eb2e8e9821L,0x21fbf5f7a701c8ceL },
-      { 0x7fbb192401732f26L,0x3d0063a944f57696L,0xd6bcb1c3513dd8f7L,
-        0x1fbb11b2c9f8c033L,0x122f94b17b57b3eaL,0x08edce19d24626c0L } },
-    /* 59 << 203 */
-    { { 0x06aa75398c3a1e9cL,0x3512ec3c1a08c7caL,0xfad0dddac5a92e6aL,
-        0xa98059ee3b9022fdL,0xd67b6723103fbda5L,0xc1df32904762c170L },
-      { 0xfd99ee58c734f81dL,0xa8de2a4b478b8a4fL,0x9e3ed58fb4b557c6L,
-        0x14d353c571abd10cL,0x10ea798fe3fd4475L,0x157e16f97627f4d5L } },
-    /* 60 << 203 */
-    { { 0x1b5888550b96547fL,0x4539c9c065d1a59dL,0xd6c95fea26e15084L,
-        0xf84ad9e286b96242L,0x92f57d6d451a5486L,0x0215cfcb06a9e87eL },
-      { 0xe05b10eaf66e46f3L,0xe7b0e72f655a0642L,0x035032677b117f43L,
-        0xf5b78105779ea4a1L,0x28ee00faa4adac77L,0x1ea67d716a93a2b1L } },
-    /* 61 << 203 */
-    { { 0x4b68a01cd6b3387eL,0xc79582a9e7c4c99aL,0xa4ad6429029fc3bcL,
-        0xf260ad946b83c7adL,0x81360618b09c3b8eL,0xf66e00ccc661ba2bL },
-      { 0xd064537de29a69e7L,0xe2764d389bb4095bL,0xa3f57eb0f2efdea7L,
-        0x72c214f27ed3ac00L,0xf8cfa59de392e32bL,0xa5d995124ad99928L } },
-    /* 62 << 203 */
-    { { 0xd069a9971dec038dL,0x64401a3fd0b59bf0L,0x33eff74ce7ec5e85L,
-        0xfef5a1c50d35b207L,0x731cfc17e766bc43L,0xf994c0d01328b6cbL },
-      { 0x4f2a5eaa2d3cc024L,0x7f83c57036a6fa14L,0x915a126d65f71dbdL,
-        0x588fdd68acfb54ebL,0x7de9d37b7f57b2afL,0xca52d27170e071ebL } },
-    /* 63 << 203 */
-    { { 0x9b9211ada283322cL,0x30c6fa27b7124c9fL,0xda8f88a7474cbf5fL,
-        0xc2414ee338203749L,0xe5c65cc26b767731L,0x8bdb52952753781cL },
-      { 0xc8fe770be051cd30L,0x6370ecc4f046aa97L,0x03c83c1cfa287e66L,
-        0x935bd2052bccef4dL,0x87b2a49646012036L,0xbce6a91de3e6d6aeL } },
-    /* 64 << 203 */
-    { { 0x7be81fb126882c6cL,0xe2d5a251ecd25498L,0xbb3d40e27a8d1678L,
-        0x1806c67ad520811eL,0xadd4bb6686f65d23L,0x3a62b1b3e20e23d7L },
-      { 0x208b47006548b3ebL,0x0497f09ab7ec2809L,0xbd3964f8121c37e2L,
-        0xd35ef301a598efbbL,0xbd76a276c5eef966L,0x64700a7f0af64e46L } },
-    /* 0 << 210 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 210 */
-    { { 0x169474a2d3812087L,0x9de300da6698ca7aL,0x8589de922ede425bL,
-        0x50e03fea6df8a890L,0x0d8a5c1c4ba8b8e3L,0xf273aa673fffb91aL },
-      { 0x21cf054475fc8236L,0x6ceafacf9799c242L,0xc3237eaed0962c81L,
-        0x43d6ac34213f6004L,0x45e619b2d4148b6bL,0xfafa18b5ea5fb80aL } },
-    /* 2 << 210 */
-    { { 0x9a8580aa2f063b51L,0xa83c8ff71c216613L,0xb4da0970be07f781L,
-        0x0ac2a260712f7b7cL,0xc9b8ee84436a7b97L,0xd758c20d11fb2f62L },
-      { 0x5daabed9f170b799L,0x018d2fddc46bc387L,0x82d6b5b7d96cfb8eL,
-        0x4d7d0d9344d9e843L,0xfa2a9ea991e7da3cL,0x8230c1a3d531b253L } },
-    /* 3 << 210 */
-    { { 0x82412f525ec31754L,0x42f462c89d32e890L,0x1e7b58cece897ff2L,
-        0xcfef785241164628L,0x34ee0422d8bb22efL,0x6e0d44ac7d32f01bL },
-      { 0x968251655a3cc196L,0xa26724dc99eb23d3L,0xdb575fafa75f7252L,
-        0x778e333062a3e5b1L,0x8689884e84cccc80L,0x9883cd19b645502dL } },
-    /* 4 << 210 */
-    { { 0x4cc41f2834220e26L,0xb5937c6da49749c4L,0x705366640fa1ca24L,
-        0xeeb40f3b91e5edafL,0xcdf98235f1d3de14L,0xa65e5b7eff018c43L },
-      { 0xaa3228e7acee3a6eL,0xb63a6289e08f4ff1L,0x90e90425650b2daaL,
-        0xe4a8cad26d875f17L,0xc212029c9ce8a46eL,0xce0512835ed7cfb5L } },
-    /* 5 << 210 */
-    { { 0xb0df226159b79436L,0x82bd0dafa195be26L,0xbc99a94b3398c317L,
-        0xbeb44c903c96ee31L,0x3c39ad81664d2e46L,0x081787520a3e0585L },
-      { 0x9a054b6b413e269aL,0xbe58891d98c3b62eL,0xe7fa4c4de5734974L,
-        0x8ac535f4d0a846a8L,0xea0f95f1a651339cL,0xa255274fd96aa239L } },
-    /* 6 << 210 */
-    { { 0xe23b7b229534047eL,0xbd70aea83a3bd625L,0xf44b05fe238db60bL,
-        0x9c46fb140293abcfL,0x12cab5d3bfd8875bL,0x1f38d4aa12dd0c65L },
-      { 0x4bed41572adf9805L,0x3f87da928a56609dL,0x10b93363da02c903L,
-        0x7ecc726621ce4786L,0x8ae366851e3da5bfL,0x196040ffd3edee12L } },
-    /* 7 << 210 */
-    { { 0x4805841fe81508e8L,0xe2a578d3a4808642L,0x6bbf10accd0b2555L,
-        0xc5071effaf5cde28L,0x665e75439a7124a9L,0x157c11edc1437981L },
-      { 0x2019367d7aeddd8bL,0x74a1e104386e3b8aL,0xe72d429bfbe09a42L,
-        0xaca96fd9061b862eL,0xbb2d2bc8122595f8L,0xc90c6503c509d644L } },
-    /* 8 << 210 */
-    { { 0xadb5966fcff05adaL,0x8ed26c025c57284eL,0xa76e73e244693a95L,
-        0x14da74355982bbd3L,0x46e982cd5d2ca132L,0x8f39074024938e76L },
-      { 0x749206b30a89b09aL,0x429653c793b4a1e5L,0xbee3d1567025bb7cL,
-        0xe23f0e1e19555c9eL,0x0dec3837751639baL,0xb36cb84405d43bd0L } },
-    /* 9 << 210 */
-    { { 0xae76a96e74f90b6eL,0x5fa8e94824c6789cL,0x2b3584bb03abbb81L,
-        0xe19ce47c5c451f72L,0x35792fbad619ac7aL,0xfa0282a250059bf4L },
-      { 0x562bfd14dabe692fL,0x1aaf542c47eeb6c2L,0x392d5bba045d0360L,
-        0x4e7bb31bd80fe998L,0x08f62ef31111e14dL,0x4de917b04e9ee1b8L } },
-    /* 10 << 210 */
-    { { 0x8b9d2d5867166271L,0x658db4ea142bab7cL,0xdf84932fa4ad2849L,
-        0x04b113355f6f86a7L,0x2de6b29c50cfcea7L,0x46d8f68a9be6a3a3L },
-      { 0xfb88cda7af0204afL,0x3ece449126029d72L,0x69fef1e23f946dfdL,
-        0x708532fb01ef7bb5L,0x78d5053deb3795a2L,0x819a63206b36d57bL } },
-    /* 11 << 210 */
-    { { 0xca07e0c1e509d19eL,0x6c7e42c39f6281b1L,0x0e2ff43977b66728L,
-        0x1d740e7880e76251L,0x6bfae4c631a0eb23L,0xd78ca917aa9b0b3bL },
-      { 0xe140c662991e1781L,0x6e396b5f0dd3cfeeL,0xf0a1d1976ce7f6c7L,
-        0xbe10f8efd5b01564L,0x865cbd54101a5194L,0xf665885266861dedL } },
-    /* 12 << 210 */
-    { { 0xe4e52e865b28f7daL,0xeb43a6809a58683fL,0x73b951bfb49f2b38L,
-        0x7b6cb7db3f8097cfL,0x9dfb8d0b328fbf05L,0x491635a5ebce6211L },
-      { 0xa31a152390fdd577L,0x334120df1cd2f39cL,0x1d22834e6b563876L,
-        0xfd91b30d10ee5a28L,0x3d7a282d59aee4eaL,0x36814c6b73300a76L } },
-    /* 13 << 210 */
-    { { 0x7b584add6621c251L,0x98da669d4233aba3L,0x4d652b7933aa2065L,
-        0x901bcfb8df7b4ed4L,0xb2ce587948012f81L,0xc18e2cd63cb71b88L },
-      { 0xadb0f2bdff86279dL,0x46d9e5d65bd15866L,0x11b1fb3ec635a4c0L,
-        0x8bcd0ad201b1006aL,0x0f6f7502cbab210bL,0xd6cc3e560d6b3995L } },
-    /* 14 << 210 */
-    { { 0xa54a6420137264c5L,0xa6ef0e78f9c2e45eL,0xba8b5a73d58d850cL,
-        0xc0209ed86ef6fc3eL,0xe39dd0f391f7518aL,0x74697b8942b3eda6L },
-      { 0x2dccac36abfc9150L,0x80e4fba298b2f5a5L,0xe0e56fd2771018d5L,
-        0xa31fd1684c22bb94L,0x8b0998f71a66ef21L,0xed483e55b5a53ddbL } },
-    /* 15 << 210 */
-    { { 0x95db1c0ef23978ebL,0x80ad1612f04011f4L,0xe76bd1824d7ae83dL,
-        0x841d6e668fc3bd60L,0xb68e80796875e2d0L,0xe3965efcd5d9dee7L },
-      { 0xc488bb7e58930931L,0x52f4de19a907aa24L,0x39aebbdd321cc197L,
-        0xd2f5b1f967de5c66L,0x60f1a8c28efe3e76L,0xf40604a0af988831L } },
-    /* 16 << 210 */
-    { { 0x78b5c14c0acb5935L,0xd9ec715c4311d3beL,0xffa22ab209e1759eL,
-        0x5a86263db4b2f68cL,0x71e77c516b5be7f4L,0xfb5bea3a19844f6dL },
-      { 0x2519d0060890ffabL,0x426a03f0f0329ef0L,0x2c6d74a685b3c2a9L,
-        0x9306f68fc294f449L,0x552e77c22c69fb46L,0x7c7337ad10bb9886L } },
-    /* 17 << 210 */
-    { { 0x61f8a505d2b9f25bL,0x1d33aafe4c8645ffL,0x26f3fab7bcd333e5L,
-        0x8ff4fc51be95e40fL,0x11cd52c6b55bdd5aL,0xf2b4782a22d43de8L },
-      { 0xfe66e399a4c0e1c4L,0x26c6d7fc17954032L,0x44c700f97f20d2caL,
-        0xdf67c3927187cdc7L,0xe11a98f9da36414cL,0x0bc5763a04052276L } },
-    /* 18 << 210 */
-    { { 0xe75b564bcf95451bL,0xd5ed760cc01aac32L,0xccf14dc5980d2c06L,
-        0x235b5034ce2a5c0cL,0x64dc86aa05fa6780L,0x1d2ea4877385590dL },
-      { 0xb18696f636c3174eL,0xf530487b608215b4L,0xa073d0750a123172L,
-        0x8ca24b5afde8666aL,0xd6dd589a9b716dc1L,0xcab7ea504a721d4aL } },
-    /* 19 << 210 */
-    { { 0x34dee42c1592ebceL,0x5b0eba2e417636d3L,0xba178703a97d7356L,
-        0x16f6119f4123e8cfL,0xd2906a53ef179fa6L,0xac5530606b7ed572L },
-      { 0x82a25857b600f5c8L,0xb1dc1309973d516aL,0x6d53a967245c6e34L,
-        0x7ce90bf4f670b879L,0x727ad4129732b6ebL,0xf00fb0054411dfd5L } },
-    /* 20 << 210 */
-    { { 0xeba7daad2b14da6fL,0x8274d1a8cee90515L,0x985c18f885bdbc82L,
-        0x86555ff094d43909L,0xb0b1b2b6539e108bL,0xa4f32c66c0bf1313L },
-      { 0xbd4777c162080e0bL,0x73039da8dadfb23dL,0x85bc57374a27f1ddL,
-        0x9a8ae24eeaaa58abL,0x161cb2f5e876fac2L,0x54d457e46636e377L } },
-    /* 21 << 210 */
-    { { 0x409b17487bece8c3L,0xee36a1d3b49f5c90L,0x8ed9eb2a619ecefcL,
-        0xc50a917798ab7bb1L,0x1eb247cceee2ccffL,0x07a9566f084a0f69L },
-      { 0x59bda805a7cbee61L,0xf588124ca4e7ecd7L,0x0f7d8c3dde5eed54L,
-        0xd98894ddefcb791fL,0x2fd80439ab309d7dL,0x0c8bf15d3e6cf756L } },
-    /* 22 << 210 */
-    { { 0x076a19c70e68a69dL,0x4d01c94b24b3854fL,0x9f38c5eeea8a85b8L,
-        0xea80422d9a56f9c3L,0x10d9ceec9ad36735L,0x42194df742261173L },
-      { 0xc7332e70c285d22dL,0xf3a3d4be592ff9b0L,0x2fe712f7f59846abL,
-        0xd6de5201e4362677L,0x16ce8f1d4f30006bL,0x1f3c324d11dba5edL } },
-    /* 23 << 210 */
-    { { 0xa5af9e1c0cb4335cL,0x00a46bc0f3d0dbe5L,0x852a18c99d734817L,
-        0xc12d54a9986c0102L,0x184b407063ffe60dL,0xe05182437d99d723L },
-      { 0x8d3886cb20ef7647L,0x7e9c618017b1ce8fL,0x194baf260f176141L,
-        0x978015d3b4694945L,0x2603be2f1c135e8eL,0xbc0f5e72ba074e0aL } },
-    /* 24 << 210 */
-    { { 0x1674b959cfe7bcebL,0x62e1279fe7b66a28L,0x3962a32dc67c3648L,
-        0x4949617368d720a6L,0x4e81df85a957a5b2L,0x28b5c45753123c0fL },
-      { 0x5091dd347e239c67L,0x10b9c3f6160ef925L,0x5e7720f52c119dbeL,
-        0xd584ae76c94d609aL,0x476c63ba86dccd1fL,0x70103a1a32508c6eL } },
-    /* 25 << 210 */
-    { { 0x64f4f4ee90a17a16L,0x31165bee7cb22fb7L,0x31da800b924825b0L,
-        0xc2c169db0551e47cL,0xf9ca5e0e0d583789L,0x5e4fbdb53cd42f2cL },
-      { 0x6ade1fce1d81000bL,0xa105df391d6603e5L,0xd659094da3139f95L,
-        0x363a882851d01444L,0x13cd7cbb2dece086L,0xaeea2aa96ab9020aL } },
-    /* 26 << 210 */
-    { { 0xdcb31a931081405fL,0x200090dcf1326ecbL,0x773fe49cde99f0ddL,
-        0xf6a7cb67fac2c511L,0x95c93429b40b014dL,0x967708d4198dd723L },
-      { 0x74591cc184b90062L,0x2539ef20691d2550L,0x7d7290765a5d86c7L,
-        0xa81f085475c6fdacL,0x103186d1c0f0d5cfL,0x5ae582e07eb3b8d9L } },
-    /* 27 << 210 */
-    { { 0x7df39eb2f9f3456cL,0x1e7ad4587be12020L,0xaee54df11fedfb79L,
-        0x98f3a0879bf1dfe6L,0xdf958d371d13fb71L,0xa745249717dc809dL },
-      { 0x9f2ec9dd02d4eb90L,0x9db5686e48b0c7a0L,0x7d064cbf72532eb0L,
-        0xe204d56593a71a9cL,0x0c912346f1aecdecL,0x894224a3d25d243dL } },
-    /* 28 << 210 */
-    { { 0x6bbf77cb5a508291L,0x2af81442d35db82cL,0x357feb1a2b9febf8L,
-        0x74240a81a25330ceL,0x7a9ab575b4917998L,0xa60288d5eda3ef5cL },
-      { 0x360410d30aea9569L,0xef66acb5b9bf8c16L,0x7baeb466cc381b57L,
-        0x024a98b8247a4904L,0x6e70b4c3e3c58130L,0x276e2420ae8a56d2L } },
-    /* 29 << 210 */
-    { { 0x3b4a25222c57f1f3L,0xf43d352ba8d1f53bL,0x169fb3cce198b03cL,
-        0x92172ca923235a6eL,0x90b5953683f996e5L,0x32b1a34cb5ab11a0L },
-      { 0xb944e4b7b9001351L,0x1084de3d28ab5cb2L,0x60f1dc93c70ec63dL,
-        0x790e1d496cfa10f9L,0x79bcc2277c3cd865L,0x95007ac24fd31fd0L } },
-    /* 30 << 210 */
-    { { 0x6b5d8db5f75e17b5L,0xc5ab42961b45a230L,0x586f097b7486832aL,
-        0x1ec456c14f289757L,0xd11773bb57b04a20L,0xc84dfacd0821d3dfL },
-      { 0x580da8cd586e399cL,0x58c1355ae3bbec57L,0x0a476934d594a2e5L,
-        0x0490ffd537e99427L,0xd41348386a4d8c4eL,0xd62cccb3c83d6e28L } },
-    /* 31 << 210 */
-    { { 0xe6071a3d57c9e219L,0x88728c47a93f38dbL,0x0426848b50eb1a01L,
-        0x9df36972cada9a09L,0xf2ad4a2d4f494ec4L,0xae26577de1f34993L },
-      { 0x72ec08cde3618d7aL,0xd1fb89013ea90c46L,0x915936173b94f996L,
-        0x8703357705387745L,0xf1961ff818fd5199L,0x7f0b58d34c2aeed1L } },
-    /* 32 << 210 */
-    { { 0x3313a9d544b133d9L,0xdb85c25d2da910ddL,0xc0fdef915e4dd5cdL,
-        0x902a2a93c565dd67L,0xd8eba4dc7fed05acL,0xd453995ce157dae9L },
-      { 0xd655d0b3f250cb55L,0x4194a09e86119222L,0x5b7e525a0652872bL,
-        0xaf7968efe68c0ddbL,0x2ec02930f51cb31cL,0x237f3ae4f2be071eL } },
-    /* 33 << 210 */
-    { { 0x696d84910dc943a1L,0x1f24fd7d9fe1d7d5L,0xea38c9e349413ad7L,
-        0xe223996607c1cecaL,0x62094496ea7bd8dcL,0x9aba5bc7236dd525L },
-      { 0xa138ed5851631b6fL,0xed724f20902f109aL,0x3ab594cccb28f1e8L,
-        0x3424213b5916dae7L,0x07e5a6df18479651L,0x4c51f2e1c5b48e29L } },
-    /* 34 << 210 */
-    { { 0x6306564b6591a811L,0x734b2619fd463a13L,0xa795d0569d8019d8L,
-        0x103d85004ffe5858L,0xe1962c31adab8484L,0x326b3351b2015dccL },
-      { 0x2ad52b852ff36c73L,0x5874652308682fcaL,0xf544e162ea37824eL,
-        0xd4a6b45ec208ce7cL,0x52d09045d2559ef2L,0xde1dfbbe57ebca65L } },
-    /* 35 << 210 */
-    { { 0x3a94aec3bb793f9aL,0xd0af44d4b5352511L,0x1d3f1c130b8930cdL,
-        0x016cab225a729e0cL,0x092a7c11e31b549aL,0x80c462ed90ebfea4L },
-      { 0x3dcb9606e5e4ae09L,0xad150903ab59a450L,0x1b58210c6c944727L,
-        0x26599f6024572a80L,0xfce0ad40c0445075L,0xedca1ada54c4037dL } },
-    /* 36 << 210 */
-    { { 0x794593303801b021L,0xb19bb405c9a4cde4L,0xe20091667f9cdee9L,
-        0x762c684f7636d30eL,0xbf2b29f20c215831L,0x4c0d1b651853fe90L },
-      { 0x196ccb3157defc94L,0x9f3d66b7f6b9cc44L,0xb2328a0eea439deeL,
-        0x82b3808d7b140e5bL,0x986210dd88e4a35cL,0x9b171fc838a2b7a7L } },
-    /* 37 << 210 */
-    { { 0xdc80e3ae91517233L,0xa219f65dc6f20d29L,0xd348a3d8be093f56L,
-        0x63c233774d33113bL,0x587fd56257f2ce9bL,0x82cf3e3a4e9061c0L },
-      { 0x0e41f59bee8dd928L,0x7a5641be8aaef52dL,0xa852a171984ff476L,
-        0x3c37fd1c047457b6L,0x7f00d665972d4793L,0x29dab0fd97b27966L } },
-    /* 38 << 210 */
-    { { 0xb1d119c91e9d07c0L,0x2f973a09432c86afL,0x3505b6f05ded5546L,
-        0x21814b958687f973L,0xc104d7fad3794ae9L,0x81614d707ea91311L },
-      { 0xb7f3e6b600677961L,0x53fceb8bc0e6a90dL,0xa3a7485699ed4fb6L,
-        0x07ad488421d4807bL,0x527b1ae6004e0c03L,0x437f306215146393L } },
-    /* 39 << 210 */
-    { { 0x917b4cf463e12603L,0x79e0b7363f838ecdL,0x57de4b3328b4f37eL,
-        0x3085e4887f58fcfaL,0xb9301c4e958a3bc6L,0xef8d10578b044eddL },
-      { 0x2123d284d6391459L,0xdfcc2be5e196d765L,0xb58216268184b993L,
-        0x13e21d03937c6048L,0x39eb3d38460d11fdL,0xf8ef123e5bb23c30L } },
-    /* 40 << 210 */
-    { { 0xa6f8b354666eb2f0L,0x7fbf6d91f9c7b16eL,0x9b360814161b5e0bL,
-        0x13726fbd921511a4L,0x37aa1b8013833a11L,0x53f01183407b9889L },
-      { 0x8a83ea3fd147da9fL,0x25279241db0ad0b1L,0x78353bccd1a8d9aeL,
-        0x1e33c10e271f7f0eL,0x136d9e7e9e67adc5L,0x11dcef95cc56ff8dL } },
-    /* 41 << 210 */
-    { { 0xae530580d84ba919L,0xac2e43ceb6d3ecd5L,0xf97b1afda4bc6a2dL,
-        0x180d66d5bdfa96a0L,0x935b8a7d1ca12bf5L,0x1d4409a79e678225L },
-      { 0xdd85bf4b19a2163cL,0xe34197bcddeeb22bL,0x1e33fc3e1210cde9L,
-        0xc96212a98b9b5d0aL,0xa3ae81f303e4a12bL,0x531a7148ea262807L } },
-    /* 42 << 210 */
-    { { 0xf11ac5fd4ace8006L,0x898a388133c499a5L,0xcf27ab9f1d3368ffL,
-        0xfb6019606cbd6e54L,0x5373c2a901fb58b6L,0x1489f5037cd1b888L },
-      { 0xb3f0e0b85a238131L,0xd0e11e6e670858bdL,0x897f1584b65768f8L,
-        0x9252aa72013b1f2dL,0x185842af0a1a5f8bL,0x49a978373d681a70L } },
-    /* 43 << 210 */
-    { { 0x8b65c6d23396eaf3L,0x2191764e50b9392fL,0x7a2363b72dcf6d0aL,
-        0xa6a52402f0591553L,0xfaba81cd5ff7a071L,0xd6be926ae43e37aeL },
-      { 0x7b34c578ccaacef2L,0x2bc5d248d5eec9b1L,0x9447aab3014c0048L,
-        0x767309a3c02d54d0L,0x408c6eee1f92297dL,0xf7ad95f40072a2d4L } },
-    /* 44 << 210 */
-    { { 0xd0051ab940ee5098L,0x4861b2461d8311deL,0x6b7796e0f31e860fL,
-        0xde8b243acfd543e3L,0xef9d0957a0161843L,0x70fd43ecefefcbaeL },
-      { 0xd47392541931a5a6L,0x42e253300342623aL,0x90b33edd52ffbf5fL,
-        0x0affda4ca015a550L,0x8716376b77e59672L,0x39d84b33fc0e9448L } },
-    /* 45 << 210 */
-    { { 0x71b55e7ea0415173L,0x5d0b5e01b10f3cd5L,0x0c35a1b63e3f9d84L,
-        0x3c68cb5db794ba37L,0xa73356f0dfd6c999L,0xc59ed0650e5e221aL },
-      { 0xc59443a90cd7d577L,0xa354296e283015a8L,0x202aee3ba7477107L,
-        0x59f361392ee80330L,0xc52bdfaae875a886L,0x8ca39d9d07637e97L } },
-    /* 46 << 210 */
-    { { 0x95be10b8f3a1611dL,0x6db370f0d1f992c1L,0xb964029de8124b40L,
-        0x618b26aadfc90473L,0xac65c9916f6d5553L,0x10d5b0f0a0a6fde8L },
-      { 0x4bff23122d164911L,0x876db39d1f7293b1L,0xa2d3cd549de47789L,
-        0xd8ca4f6eabc9a28eL,0x0bb3145fca7b5467L,0x4dce66338b37bf62L } },
-    /* 47 << 210 */
-    { { 0xcdd8ec4dec1b8d36L,0xf76258d888003e0cL,0x35a114e7262723f9L,
-        0x12933142abb34bcaL,0xf55b84514c188a3bL,0xa0cfdb2c0ada78b6L },
-      { 0xaf0b62f6ed36781cL,0x0c619486ea7e1ca1L,0x11fae38689162fc3L,
-        0xe9bd7ae694828e92L,0x081c3acda84cedb9L,0xb34ceca8787a67e0L } },
-    /* 48 << 210 */
-    { { 0xd1b2af2f2bca651bL,0x2211e4f97404bc78L,0x787b1cc8fc5068f2L,
-        0x73d6da299fcbb3f5L,0x6867fb7707d2142fL,0x36f277ae116ad6bdL },
-      { 0x81c86073a7534943L,0x67188488c4033c7aL,0x13a8415ccc568123L,
-        0xbc01db07f3f475deL,0x90b8af2e3aaeee1aL,0x320c4880175fa55bL } },
-    /* 49 << 210 */
-    { { 0x263afd7d2fcafc9aL,0x9b0c30ebcc9405d6L,0x713fdd27d6720896L,
-        0xb07f8ec5f7df4a02L,0x05d62e5147ddd4e1L,0x6278227b8ae3b80aL },
-      { 0x2ef5c81b0d4ab658L,0xe6ad5925016a434bL,0x6c0e30a2b85d8037L,
-        0x254830037a9cd869L,0x78da543b2cc48c8aL,0x3a65b54e3edca4dbL } },
-    /* 50 << 210 */
-    { { 0xaf2a06c3d54b0072L,0x81621ebfaf0310c5L,0x6bd1fe41a8a7a9ecL,
-        0x942cf6ba03e74289L,0x2a25f0f59f9822e8L,0x16654b13062edd3eL },
-      { 0x2345a0b19de373cdL,0x425a59f80c0744acL,0xc6738fe96f0d620aL,
-        0xaa479ef8ed67c1a9L,0x52540af87765b194L,0x17a3bd3bf2b96455L } },
-    /* 51 << 210 */
-    { { 0x5b1a1f075f01e608L,0x3c696f4e87b821c5L,0x4358a5243129700fL,
-        0xfc9816a14be9d001L,0x905de48166744b96L,0x2ca5f8d8eeda3945L },
-      { 0xb30eeb1aad207f4eL,0xbd113b2dbc66e6f7L,0x1b6c5c6cebaef81dL,
-        0x6b3863998bfaf32bL,0x5f9f2a2432a83dffL,0xe8cc190e26ea39d1L } },
-    /* 52 << 210 */
-    { { 0x51e05f7d450535fbL,0xa5f5181effbe389fL,0xdf178fffaa2d5514L,
-        0x89358810e51da035L,0x206e324f664d399cL,0xc148ae74c4477d4eL },
-      { 0xe0c8d4377d6f38d5L,0x327aad6d8c8133e9L,0xa685a889d21cac4dL,
-        0x1217c68d0ceb5770L,0xa4a09612d21f1d50L,0xab64b4dd889676afL } },
-    /* 53 << 210 */
-    { { 0xf263062aee202007L,0x95e90bbda2359019L,0x57740eb39f34e691L,
-        0xa5f4fd0f355bef37L,0x484b97fb439f091dL,0x642776fe53ac871dL },
-      { 0x5c8f9b1e494e0eddL,0xbc62c971ae25a6d7L,0x01981994a7d90290L,
-        0x3cec43524602cdc1L,0x4bd29f5a14403ae2L,0xafaef08b921328d2L } },
-    /* 54 << 210 */
-    { { 0xd33e754a53ef149dL,0x82243def548034e6L,0x99c29a9b23ea2dcfL,
-        0x724e4b5d214848afL,0xe43d4438dcf85b9aL,0xaf7241ea9d7b20dfL },
-      { 0x60a10c30069edb1bL,0x1aaddd5e9874f484L,0xfc784ac073085538L,
-        0xc998afe54d69703aL,0xb71f6fd7bf52139fL,0x28f994c46a45b089L } },
-    /* 55 << 210 */
-    { { 0x85084ec2eebd9e0bL,0x73e489c6cb9f1929L,0x91e47fd7ebe10e55L,
-        0xeed6a3a1486a2704L,0xf63deae7e124d6e2L,0xca958204b48b3834L },
-      { 0xe69cb5bb13185b44L,0x56be0e05868d97d0L,0xc48cb1e50181e64dL,
-        0xfaa012ddfc7827cdL,0xf535b1c83488352fL,0xd1cce04e9fbf42d4L } },
-    /* 56 << 210 */
-    { { 0xa54436b6ba3403ffL,0x1fe4b1ecdcbc4822L,0xb3b351004c6846e2L,
-        0x360278048d1cac7cL,0x9eff87327e86d5d1L,0x7f435326ba21993aL },
-      { 0xb51a9da5adc24224L,0x111c19fcc8c14a71L,0x05aa2c86ab77e011L,
-        0x81edc338ce72744dL,0x20fa8f528d882bc3L,0xc61c3e639d1696f3L } },
-    /* 57 << 210 */
-    { { 0xa66674ca0f41637cL,0xa01d08ac418487daL,0x2ce4258b6b593194L,
-        0xd755220645024db4L,0xffb3366f626732ceL,0x802878f370ba2f1aL },
-      { 0x80a3f41659b77372L,0xfbb411631a04b19cL,0x7d575112a346d265L,
-        0x6c30421ffff87d4fL,0x1b62b93fdcb05f02L,0x98ba4397b72649e3L } },
-    /* 58 << 210 */
-    { { 0xcca45c1d135a7eb5L,0x2623e629b048126bL,0xada7326e926980f0L,
-        0x64f334c276bf796eL,0xf0751596b4a562a8L,0x0baa14486f9d0079L },
-      { 0x6c394aa32205ea70L,0x635b9d2d556172e9L,0xf418fe0cfd37b53bL,
-        0xcf5fe2ac56b9791cL,0x9d855e67911c68ddL,0x9e40f75f734b57d8L } },
-    /* 59 << 210 */
-    { { 0x32c42482b5b8f846L,0xdefec599b61cc3cfL,0x4c3460996506a9b5L,
-        0x0d9475a0263a6142L,0x1753cd92c80a6713L,0xc015412f420cf67eL },
-      { 0x1c33f01b6a88d12bL,0xa49f038ef522f7d0L,0x232343decd25f260L,
-        0x479bc742d6a833c3L,0x2f2ab294cee07b83L,0x02e69a143dec38b3L } },
-    /* 60 << 210 */
-    { { 0xbf7fea3aee1fee16L,0x31fb342ce0cde85bL,0x9a232ea51575924bL,
-        0xc3132e6cbcc4cf26L,0xbc5b7a7102499a58L,0x3064a3b904d99836L },
-      { 0x6f17475ff8b3bad1L,0xaeeb90c429271790L,0x7f442a13f8eca53dL,
-        0x6d641eea08882274L,0x8dff43bf88ffaebaL,0xaa92827f5840b198L } },
-    /* 61 << 210 */
-    { { 0xf5ce3fca26d803acL,0x6927ddd9d4e1b6b5L,0xb509b5c609f48bc0L,
-        0x2bc5d1749e35975aL,0xfba3024af570c98bL,0xeba15980aa27d6b0L },
-      { 0x95abc07290abd2daL,0xd0e30e99232035cfL,0x3dc4e1bcd3f0ecb1L,
-        0xa5a8c6e556de9d17L,0x878c7403ab73bd18L,0x5cce39260c474b0aL } },
-    /* 62 << 210 */
-    { { 0x86a3f001e93b6ee6L,0xa28984474fb3203aL,0xbca0d71e9b3550adL,
-        0xc225759d0396d796L,0x208b9a02cbd949d8L,0x15b21ec9a550d2ddL },
-      { 0x64aaed6a2a7dcffaL,0xb8cc7575ed5b6b47L,0x2b4a3aff022dbce3L,
-        0xe85d690b86f51861L,0xe26a6c3d578f4d5fL,0x706d770a70e7ae76L } },
-    /* 63 << 210 */
-    { { 0x822467eb579c91a6L,0xe98a471531599272L,0x7baf0e9f1078d497L,
-        0xd13f270e25fe439cL,0xae9d58adc0d95395L,0xc3beb60827693037L },
-      { 0x4d9c4cf397f797e5L,0x4e26167db26d2e9dL,0x06092d5e86a167efL,
-        0x9827a21128dceb29L,0x30423344552a55ccL,0xae07b37f3fa437afL } },
-    /* 64 << 210 */
-    { { 0x9b23ab4e94d0864fL,0x46356266009c9fc1L,0xdbe99e51e798edf9L,
-        0x38547449307675c7L,0x23ffaf55628c0fb6L,0x56ccd2a31698c372L },
-      { 0x39f45a578347ce95L,0xe0aaec744f2c6118L,0x2a89079e4af138fcL,
-        0xb86371ea2ee4ecc0L,0x076d256a06bbf92fL,0x9073adb8ae3c4c51L } },
-    /* 0 << 217 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 217 */
-    { { 0xba2e9543743c15d9L,0x7d5812db1c99c984L,0xf94db95145bdc19eL,
-        0x951d00ae382e77bdL,0x9940a5fbb220b29aL,0x6908d50e58fc91f1L },
-      { 0x682e42eadd0940feL,0x2124e23aa1d32009L,0xbe15810016294d05L,
-        0xaea13fe32e326d68L,0xc0dfe1ef15e64fceL,0x32dbc0b5b8237a8aL } },
-    /* 2 << 217 */
-    { { 0x6ee65a08c36d3f25L,0x7b6c811fe393e4d4L,0xc4a2cc382876e523L,
-        0xab7aba26d3bf53aaL,0x5bf00871db7f290cL,0x3cb1cd131ee6d5bdL },
-      { 0x4cafb218de998adaL,0xa1ecf36af6319101L,0xa1fe785520b281ccL,
-        0xe457198e64d9c65eL,0xa3d1a6d0c5a0e67bL,0x69ddbc3290cc468aL } },
-    /* 3 << 217 */
-    { { 0xd4ee3f7f6dadc46fL,0xa1f3dc925d7febd6L,0x4c0bee1363ebab5bL,
-        0x70e32d77005ec237L,0x302fc73dc52fb006L,0x1af84c0a8f159899L },
-      { 0x42a5478f0686232aL,0xb4fc56348a308687L,0x042c4970c8378f0dL,
-        0x70c195758e2c86c5L,0x61a95e6884c7c767L,0xd96a8216d6fb43a8L } },
-    /* 4 << 217 */
-    { { 0x0c62fd2d543c1255L,0x71ea9c6fef361a27L,0x76b0933dcef3f9e3L,
-        0x51b1ec2d9889ffa2L,0x9e84b2ba9a3c88d2L,0xc8996b961913e52fL },
-      { 0xbafc5e94cee43e36L,0xd9898d2470c658b7L,0x4e9bcc41bed17108L,
-        0x0db5b7336c7a41c8L,0xd4be07a7795369cdL,0xb899f92f7bd3a934L } },
-    /* 5 << 217 */
-    { { 0x1fffcbc010e15fafL,0x8447bdb8910245acL,0x857d521e86476901L,
-        0xcd1d5f87369ccfe9L,0x560b3277b3f1dbf1L,0x4ac02a1a47ea4266L },
-      { 0x29ac98b6a8a929eeL,0x020ec6db5e5e70c0L,0xb0be38ba21291be6L,
-        0xcbe9d362bdba40deL,0xc585450571535a89L,0xc21839de3d7a3235L } },
-    /* 6 << 217 */
-    { { 0x831541b39805497aL,0x2ceb5ac879c414cbL,0x86601fa616d2eb82L,
-        0x373d19079338ce8eL,0x98151a90c1f5c87aL,0x966ebde6048a538cL },
-      { 0x5c4a8c5ae180ff7cL,0x6d9065dff996d994L,0x4e0dd86e2460ab91L,
-        0xfbe8b3ff309a8f5eL,0x33d7cb35856f7218L,0x62b2200a1ac59f2aL } },
-    /* 7 << 217 */
-    { { 0xb36ad750a460e53fL,0x727006d60df0f7b0L,0x6ca3ac348ee96a11L,
-        0xb04f6ae930e75d1bL,0x9957738a3a24e9eeL,0xc0117a7d16521e18L },
-      { 0x79fcea8872ad7e27L,0xcbe2c2d37281e3b5L,0x31915f1cc391fc60L,
-        0x1c1c0082a13a92e1L,0x362663cc7ddca7acL,0x8021aad689689d35L } },
-    /* 8 << 217 */
-    { { 0x3f2eff53de1e4e55L,0x6b749943e4d3ecc4L,0xaf10b18a0dde190dL,
-        0xf491b98da26b0409L,0x66080782a2b1d944L,0x59277dc697e8c541L },
-      { 0xfdbfc5f6006f18aaL,0x435d165bfadd8be1L,0x8e5d263857645ef4L,
-        0x31bcfda6a0258363L,0xf5330ab8d35d2503L,0xb71369f0c7cab285L } },
-    /* 9 << 217 */
-    { { 0xc19db6f05890e1cbL,0xc21587edfcac8d05L,0xa9e88798d86730edL,
-        0xee3e6ee2c27441cfL,0xadb2c63ea23af57fL,0xb524b7da29ff5977L },
-      { 0xab1ed847d3e4739dL,0x6592a0131cbfb581L,0x1f519c6ea1798195L,
-        0xfe837a814c324a4dL,0x74fec4a85c813abcL,0x7b3b5351dce539b0L } },
-    /* 10 << 217 */
-    { { 0xb886a0c50c99e321L,0x4063d19576e924e9L,0xc03cca041a659dcbL,
-        0x1e01abbc1bd3dab0L,0x9d7cf04fe9141cd8L,0x5f87dfa73ef58d85L },
-      { 0xa579e76388d764b8L,0x381dec6a74b9e5b3L,0x354221f99a4c9a67L,
-        0x8c2556d33f529346L,0xced3642bb4349eb7L,0x1527cec7fef5c92cL } },
-    /* 11 << 217 */
-    { { 0xf2e42ef7785ecd51L,0xca3438cf33d9c0d2L,0xeef9ec08c1c097f3L,
-        0x9e438fa746682aa7L,0x53d0144531a7eefbL,0x04431241e6998a0bL },
-      { 0x2c1bb2bd55bc7febL,0xed99e7afb44d4943L,0x7f37bc4a3c77d21eL,
-        0x866c0978398e3997L,0xed7462305bde12b8L,0x24796f7c7194fd1fL } },
-    /* 12 << 217 */
-    { { 0x7e4450cd5e83d570L,0x0113cab242b394e7L,0xdf4062a08ee24413L,
-        0xf8a0fd4931227510L,0x06b798f4b80f0d23L,0x33f17673b72bffa8L },
-      { 0x4638602b5de9f490L,0xbe3a65834d905654L,0x446e0afaf406772cL,
-        0xef68dfd7b4ec908aL,0xa6be004966ab5ebfL,0x56049360ff376531L } },
-    /* 13 << 217 */
-    { { 0xb47202b760b6ce82L,0x8129c1befe05e9faL,0xcb70cbdde861de07L,
-        0xcf35fbc5af16b6d9L,0x60071beec9916116L,0x3aaa496ed057e63cL },
-      { 0x1cb0bb12c356f065L,0x12dccccef4de0d26L,0xe3f59cf67ccc0d48L,
-        0xd66f10b3d9569e26L,0x95f4d7e79d1853ccL,0x10313dfdbf651d5aL } },
-    /* 14 << 217 */
-    { { 0x779b55062a3d9774L,0x3785db08e0554291L,0x9b3a4eb8546c69dcL,
-        0xfe36824dd22d8fc8L,0x037d9ac9471132a1L,0xc895e332a01e1c28L },
-      { 0xe535ede71b5e2845L,0xdc90cd7c568743deL,0x3292b40b4691d367L,
-        0x911fad21b4f16a4bL,0xb3c5f0eb455d018dL,0x2eb2def669033748L } },
-    /* 15 << 217 */
-    { { 0xfd1297a4307aa8fbL,0x021f242177952146L,0x17cc2d6f0ba72feeL,
-        0xa265095d01a3a733L,0x2e12c2e7a07d5f8bL,0x27bb60341202224cL },
-      { 0xb58b3fab8185dc12L,0x83467b977700f166L,0x98242e227ff9e1ccL,
-        0x96b2a4d9f4b28f1dL,0x64113c3865ed82eaL,0x7dc9ab732ee160e8L } },
-    /* 16 << 217 */
-    { { 0xf16938f514c5969bL,0xde2e3cf0944b2271L,0x2d5095530b6490d6L,
-        0x8432fef1a28a296aL,0x6f254dd08d26415cL,0x3780eeadd50c2865L },
-      { 0x4f5bc455665b8794L,0xef31fb9e56cb7018L,0xbab8dd6e65e59340L,
-        0x676baca2a56dc2eaL,0x38eea06beaa90e05L,0x26e64224174bada0L } },
-    /* 17 << 217 */
-    { { 0x309e9fbe109cdb79L,0xc2ed3566977d0e4eL,0x2891f30be6b944aeL,
-        0x514bd4cf5022e070L,0xae9a22a98726a661L,0x1114a0c8c1916b06L },
-      { 0xe1b4f8339795adecL,0xcc0f3824ed4dbf8cL,0x432c93c878096a66L,
-        0xb9450e9da7d2ad83L,0x294b0c192c1e35ebL,0x791427038be5a953L } },
-    /* 18 << 217 */
-    { { 0x4d215132881faf35L,0x52171a5ceec736a8L,0x4788813e1ba561d5L,
-        0x9ca022a7d35e399cL,0xbfcaab926c4b8d7eL,0xde62b2c007c7ec40L },
-      { 0x7b46c2d96bb54e10L,0x2ce02e5a7d31e85aL,0xb757b699cd776c12L,
-        0x08f122552c81b71bL,0xaca91e058aa6b02aL,0x35cf7bd37209279dL } },
-    /* 19 << 217 */
-    { { 0x24b5bc7086a04b9aL,0xd4d4c640612e0fbcL,0xb19ea7fcf732589aL,
-        0xa18b6f4081fc63cbL,0xddd7211d84d88fe2L,0x7e8db6f72963130cL },
-      { 0x8772908c500c491fL,0xa3bf747783fd8a41L,0xca54d0d34e3e9fe9L,
-        0x9969471866b030d5L,0xc2f5fb98b1fd6736L,0x58d5a851d103fa45L } },
-    /* 20 << 217 */
-    { { 0xe4c16fcda97a5decL,0xcc4333092f1dd4b8L,0x8cac9da985d334dcL,
-        0xb4deff204cda5a0cL,0x59eea4c9be70b1b9L,0x161e73a2ec5b7b58L },
-      { 0x584c5e098b7fb4a6L,0x697fb795a3f7dd08L,0xc9e15f754bd4ba2cL,
-        0x66d04f47c83df783L,0x0c03c2452efedf63L,0xa76a08c94a87dbb4L } },
-    /* 21 << 217 */
-    { { 0xde4e18c2da669a50L,0x0629350a480fb520L,0x84b3e68b7cac0748L,
-        0xab718a12da3e1e9eL,0x3f5c5489cc26aed3L,0x81c6b6d42a57ab3bL },
-      { 0xc4ded8ce15d23825L,0x2d753e6a20c6eb43L,0xbaa120ec555f3a83L,
-        0xc72f9d3877e93abaL,0x4ce297d0373317cfL,0xf42b3e954845bc1fL } },
-    /* 22 << 217 */
-    { { 0xbf162c19d7480e46L,0xa7f45ea76403bf0fL,0x250e936c6c51cef8L,
-        0x97ba086f1cd24b64L,0x271a22364cfb2889L,0x2685c98804dc4b48L },
-      { 0x843bb75ac877f6a1L,0xe10cd5c799d5c7bcL,0xbe65eea1db60606aL,
-        0x9019a9a7a10d0d74L,0x5614c0b987c62e5eL,0xaab2308d38240d05L } },
-    /* 23 << 217 */
-    { { 0xc908c6929a772e03L,0x73441df703928ce9L,0x36141b5bcf111c12L,
-        0xf6b9e2f16c7c3e5dL,0x1f245a77722c5b57L,0x07e3f364635f65e0L },
-      { 0x1aab7abf272597d8L,0x03954428d4fe8e71L,0x7dd58036ecae1b5cL,
-        0x9b97c2f28c85b0f0L,0x68ed3dc6ace011e9L,0x8e4ab5ca1744a774L } },
-    /* 24 << 217 */
-    { { 0xe6a19dcc40acc5a8L,0x1c3a1ff1dbc6dbf8L,0xb4d89b9fc6455613L,
-        0x6cb0fe44a7390d0eL,0xade197a459ea135aL,0xda6aa86520680982L },
-      { 0x03db9be95a442c1bL,0x221a2d732bfb93f2L,0x44dee8d4753c196cL,
-        0x59adcc700b7c6ff5L,0xc6260ec24ca1b142L,0x4c3cb5c646cbd4f2L } },
-    /* 25 << 217 */
-    { { 0x37daf7fd5a96d915L,0x1bba82e6d16a1332L,0x7558b642ce1135d0L,
-        0xc9fcd6ce3abc5915L,0xc3762a20b93ad4d3L,0xef0cdb45e4e74f82L },
-      { 0x809b91dcd26fbab6L,0x1264f72ea9b53697L,0x264699ffd7c827f1L,
-        0x16d4f094d8c4976fL,0x244c90cd997df2caL,0x58eb3b1c76f77b3cL } },
-    /* 26 << 217 */
-    { { 0xb99e2dde1ed04268L,0x94247d202497b83fL,0x0c6c21d1fb833507L,
-        0xa01e682fafab9c39L,0x4938108f4d84c3d5L,0x70b68c75347652d1L },
-      { 0x458e814740e17747L,0xca752a14c3f8bb03L,0xaa537b4d8598d044L,
-        0xeec3febb7ff102e0L,0x10ef3cad247fe4baL,0xe4de5b1b5673ac39L } },
-    /* 27 << 217 */
-    { { 0xbca2931378d0bb1aL,0xfcc237068e5c3fe4L,0x0f9d6b11dd0d67a3L,
-        0x9aec22faae14bbd8L,0x75f8d86e5bda7184L,0x6bcad95759aeb4c1L },
-      { 0xbb1224a5990a9309L,0x00edc04ef7193f45L,0x870c1647c17cbff7L,
-        0x9855513c65031caeL,0xe5a2e2ded852b607L,0x540a4141e5671e25L } },
-    /* 28 << 217 */
-    { { 0xfb0e2f2e4d5efff4L,0xbf3b96e73a143fd6L,0xa18a037f18579946L,
-        0xae02fd4ce48c8a51L,0x1cb139288745c177L,0x4991594a28c47832L },
-      { 0xdce3b1d2fd51c1a2L,0x4e707213314cb09dL,0x5312de95ee323449L,
-        0x4925c4e789389866L,0x2438fd9e28ca17acL,0x58fd2aad872dc0acL } },
-    /* 29 << 217 */
-    { { 0x75bcf0ef54ddedaeL,0x3cc75fc6f9077493L,0xc91b78df60f6b874L,
-        0x7687a1d0622634c1L,0x57fdef4f82cabf32L,0x544819218e2671e5L },
-      { 0x526cbb27a3c37afbL,0xe0db88340d1aec76L,0xa034badb73cdef1cL,
-        0x165cdfad6281f26bL,0x5c90d4d1ce24a71aL,0xc404af1125f297a7L } },
-    /* 30 << 217 */
-    { { 0x6b21a0ea2fd5df44L,0x2da8dc6cb36e5b1dL,0xa683e08ac3688655L,
-        0xfc5fbad3454bf878L,0x9d2fb9f12f73b749L,0x4612cf42f920b37dL },
-      { 0x23da6b697035794dL,0x2763828adff7c198L,0xd320660522dd7eedL,
-        0x6829994cd1316e68L,0xd732bc8f62831ed9L,0x69c6972c9303d789L } },
-    /* 31 << 217 */
-    { { 0xf5901854b0dcc28aL,0x81c92c1fcd18e579L,0x91a412ebc4b8e1cdL,
-        0x35f00725891d6ab8L,0x10d6bad8ad7aa63dL,0x8cda809d09df2b47L },
-      { 0xe856cfbfa489c233L,0x7ea921addf1ecf5aL,0x884cc717fd724c37L,
-        0xe278f2457377136bL,0x240b142d9f3dc9ecL,0x80a384961139a645L } },
-    /* 32 << 217 */
-    { { 0xa35e411c2cb40964L,0xdd7d4f4cc331a3d6L,0x7c7c859e89a66f2bL,
-        0x9908c37e0def8ecdL,0x8274124e344947b7L,0x0d279f7b568b0ce8L },
-      { 0xe5291961866091ecL,0xb056e3bf3a08acc7L,0x60fb39e156bd3a7dL,
-        0xe56a34d6268f8562L,0xb3a1fe1613fd8293L,0x6a41e1a967537fcbL } },
-    /* 33 << 217 */
-    { { 0x95c2bbfe021fc932L,0xc7e3399db2af7e0cL,0x1224bf06122670f7L,
-        0xc9e4513ffcc1fe85L,0x8c82371ddb50fa7eL,0x017c5498bb76e4b5L },
-      { 0x5467926c7fa89f61L,0xa4a65606f3a1204cL,0x22133acfa64b2e59L,
-        0xab7896bce1247662L,0x75d35fb661780c9eL,0x99199644a91b33faL } },
-    /* 34 << 217 */
-    { { 0xf799c4638471104eL,0x43c122dd8b91c351L,0x9db6498616dc06f7L,
-        0xf7e534410ebcf250L,0xa702c0f18373f9bbL,0x6ed8d39a1024e14eL },
-      { 0x92913e436cabd9c4L,0xba906ef40dde6283L,0x06835e914a3972d8L,
-        0xfbba3c7dfd99c4feL,0xf843e6f1b950909aL,0x7ec9866df5160b4eL } },
-    /* 35 << 217 */
-    { { 0x68f75bab06722bd4L,0xdeca718813066eeeL,0x4d658fa11152b8c6L,
-        0xfae01e657257c9e2L,0x999445f923e4189cL,0x2cbe272cef6f0b1aL },
-      { 0x5f60d9d735fff303L,0x4ca7a54696235360L,0xf506201598758f1fL,
-        0xba81e7ad1dbaecbfL,0xd326e063c687425dL,0x8c46fa4b193484c5L } },
-    /* 36 << 217 */
-    { { 0xa97149cf3c1f5f12L,0x17b04a3d143d72b6L,0x174195ff17449a22L,
-        0x851803960b136adfL,0x8d87d21f9a7adb22L,0xf9c9fc85a8f46d49L },
-      { 0x7839f453a7ed1b7dL,0xe19d80ace9067ba5L,0xc387a6a0e41b8d6eL,
-        0xd11611e1241d287aL,0x2561ed02636240beL,0x3bd8c57df0fba033L } },
-    /* 37 << 217 */
-    { { 0x7b5caacd3ea8ec1cL,0x221770e944624802L,0xafb1a4df5a32468aL,
-        0xdec20eb62e295525L,0xe1cd4fb9e309c92dL,0x0331b9c0e7256005L },
-      { 0x987d4c55246f2fddL,0xa392d27367f70f8fL,0xccba11994e214e5fL,
-        0x789f0e4c9943562cL,0xf502ec237235c86bL,0x67403523987746d6L } },
-    /* 38 << 217 */
-    { { 0xdd02ced216c97e7cL,0x578d6912dc3347baL,0x760260da2134e993L,
-        0xf96643dff34fb26aL,0xec214b767ea3285dL,0x19b135d4117733d1L },
-      { 0x29a0e0636b037168L,0xb5df2bb95d1285eaL,0x5a2d3297796f0cc4L,
-        0xfcee639f2090e0b9L,0xba11e8a4d93c091dL,0x5b6fc501492250e5L } },
-    /* 39 << 217 */
-    { { 0x6019d207263929d8L,0x9821d6e81f164aa2L,0x8f1b33f8d4924236L,
-        0x389e482fb72de1b1L,0x398785a862554c10L,0xed31cf8408469265L },
-      { 0xf9b99e158a09f334L,0x9ddfd4eba83df391L,0x28a5cdf4caa4f7d5L,
-        0x32b9e3c68f68fd49L,0xbce64b93b6f52209L,0x72649c6fea7c4bdfL } },
-    /* 40 << 217 */
-    { { 0x8a15d6fea417111fL,0xfe4a16bd71d93fccL,0x7a7ee38c55bbe732L,
-        0xeff146a51ff94a9dL,0xe572d13edd585ab5L,0xd879790e06491a5dL },
-      { 0x9c84e1c52a58cb2eL,0xd79d13746c938630L,0xdb12cd9b385f06c7L,
-        0x0c93eb977a7759c3L,0xf1f5b0fe683bd706L,0x541e4f7285ec3d50L } },
-    /* 41 << 217 */
-    { { 0x73bc200cfdd5504eL,0x73322fbf3825b0c3L,0xbf8bf1edd35c24d2L,
-        0x54eba9f52e2bc29eL,0x80ffb5fff3aa841bL,0xbc676f62cc188be9L },
-      { 0x2e2f79290383f0dcL,0x886c647e0d42059bL,0x673f0ea113eb7019L,
-        0x630da63f3f9cd771L,0x2597592b3a0a42b2L,0xfd21fb21b83b8673L } },
-    /* 42 << 217 */
-    { { 0xd39ebb9fd2b34df5L,0x622bd0c3db873666L,0x546cc7f77b52738fL,
-        0x0323cdd1c156c52eL,0x78b00818b5950f19L,0x8065a86a562bec17L },
-      { 0x0b42eb1427ca5a49L,0x1791eaf1a457ac04L,0x3a2c93a6b2631402L,
-        0x28b9cd6fcacec5dcL,0x6a0a8826d4535a3dL,0xeb08a884a83fcdcbL } },
-    /* 43 << 217 */
-    { { 0x16bae8925a940b6dL,0xfec394c1789562f0L,0x54349605ea412ea1L,
-        0xccd57783cd18e2cbL,0x394bea1a1c813e61L,0xf11c566ff249dd67L },
-      { 0x2cd679c112207f37L,0x7780918e83d16012L,0xe8bdbef4646c9987L,
-        0x6e1882e5082dbbffL,0x811dd74777abe4acL,0x5bbbb740668380adL } },
-    /* 44 << 217 */
-    { { 0x0969263a7321c39dL,0xbd13b28bab7aefcaL,0x10e431f205377165L,
-        0xbbb2a7d009442c57L,0xf935bc2d9cd156b7L,0x66c3d55e42406686L },
-      { 0x4c529b76d20bdc50L,0x112e0f004d1c9f24L,0x414f1c65ed38dbc3L,
-        0x63ade49c4eea65caL,0xbefd8af5fab697e8L,0x727bd3b45cc3b209L } },
-    /* 45 << 217 */
-    { { 0xb89d450a957925f4L,0xcb39b69c6e1e60f3L,0x55396e61ae3fffa3L,
-        0xe89d97962986fdceL,0x5521d6b787fcd037L,0x6c20b2b0ec718024L },
-      { 0xb1e0964bad6529c9L,0xe1bdaba3bc38493bL,0x6a9cf9d6f19b4690L,
-        0xa2d035f7054466dcL,0x37df7fc07fa65c9fL,0x045b0b36106ef822L } },
-    /* 46 << 217 */
-    { { 0xe4fc833eda5c9577L,0x22afb5addfbbca7cL,0x215de02eb902e8d9L,
-        0x215e4c900f1a6cb5L,0xf6d7e4a9d59e146cL,0xcd0c6c6e4912eb8cL },
-      { 0xe0616976eae22897L,0xe2279d9f5d809d19L,0x2da1b7b3e282b2e5L,
-        0x19327068ebf058b7L,0x9b23df0f5934492eL,0xabeb464fb1752d68L } },
-    /* 47 << 217 */
-    { { 0x6e754efc00d03f9bL,0x64aed0bd38b94393L,0x9d084ba16df2f6dfL,
-        0xfe383a56c6abe8f3L,0xd23c6ca2bc7bac13L,0xde8ef161e326b691L },
-      { 0xbb4e853342f96925L,0x1391974f6601dc73L,0x3a545ffb700480cdL,
-        0x4d379c538884e214L,0x0fe40f66f713e900L,0xc7f202cbfff783ffL } },
-    /* 48 << 217 */
-    { { 0x89e48d8bc6bb5e5fL,0x0880ede01ea95a10L,0x60f033d7302c0daaL,
-        0x15e4578a048eefe3L,0xfd6dec89b0a72244L,0x1f7cd75e309489cdL },
-      { 0x7cdcc2a0e9aba7fdL,0xd18dc5c7f28ba00fL,0xa6300a455812b55fL,
-        0x8fa5c4152ca31d8cL,0x36aa3c234f3a5b5aL,0xd128739ec86cf4e0L } },
-    /* 49 << 217 */
-    { { 0x7ac4712f660598aaL,0xe3f00c28aaba6261L,0xb71ac42e1a9b639bL,
-        0x19674c28f69958d0L,0x3983abfec4e5c60fL,0x67f4583a5de58f9fL },
-      { 0x83e0bbbaf7278c06L,0xd1883aaa19c5f96bL,0x8ec0f2848b3128afL,
-        0xc88e07f49166e04cL,0xa515a9e44e3995c9L,0x0680a306b757ec2bL } },
-    /* 50 << 217 */
-    { { 0x5673b61e6d6f3aedL,0xcd1275e29524fd2dL,0xa8844f08cde12134L,
-        0xeca3eb27b8366e0cL,0x5ce49d498bbe04b4L,0x0b7ab7a02882b056L },
-      { 0x12fddcb840fee142L,0x99b7920b2895df5fL,0x35dd8d5a5829bb19L,
-        0x271c6a4c46ee8dfbL,0xae09ba7536b594e4L,0x45502d0e1ae12c22L } },
-    /* 51 << 217 */
-    { { 0xa9e1b19ad95e0110L,0x6a419f8b2383280dL,0x6c35e8e16eb602a6L,
-        0x966e0f44d71beeeeL,0xfc5cbdc0c8915585L,0xdce1c36583133b89L },
-      { 0x3fbdd24289e6a35cL,0x8cd24d1760ff9dc3L,0xb9708c2729dd493fL,
-        0xabbf39803cf807caL,0x62689ffe5410c80aL,0xf133928be8b31d13L } },
-    /* 52 << 217 */
-    { { 0x3645a1910d4bfc83L,0xa564ac85f2114b63L,0xf0647034cc6d9314L,
-        0xb58e96d331d80285L,0x8b8222d9e269c964L,0xdee12adcd204b214L },
-      { 0x82d2bfbae1d0a6e6L,0x4fd69d2e9da964eaL,0x1605d9e3200b3ac0L,
-        0x5ab2886266d133eeL,0x938411c9f72f5353L,0x9fcdcb3a7d40dee7L } },
-    /* 53 << 217 */
-    { { 0xd65c1d6c501eb835L,0x37374dd14a0e5861L,0xa13f1070505f1fdeL,
-        0xedd76943d1351805L,0x0f9501953673091dL,0x0dec24e308aa62f2L },
-      { 0xec4962e7f50efefeL,0x0acccbdc9d227293L,0xc6c95d29d84fd828L,
-        0xa4b214c540578ca4L,0x06963d3ba4d41991L,0xeb8c14c2fde0034cL } },
-    /* 54 << 217 */
-    { { 0x3d46a2317460e00fL,0xedce1c7dacce513cL,0x3d7b6f388cfdce74L,
-        0x870082baacfa61deL,0xa86efef862ff847dL,0xc146218368c11d11L },
-      { 0xb296eede9d21be2aL,0x9dc54e9e761451cfL,0xed1bb1fd53107f7bL,
-        0x41f9efdb676bfbe4L,0xcdf43b904feb9a1eL,0xe81fcb6409d98782L } },
-    /* 55 << 217 */
-    { { 0x00639fa8642789c3L,0xf8e893a03c101e43L,0xc55439302730e33bL,
-        0xe2967d30460970e2L,0xb33f1976ceacc128L,0x9bb0f896235e8c4cL },
-      { 0x523f7bbb2fbbbc97L,0x127728a5dab215c1L,0x95dd23ca7ed6ab74L,
-        0x69f1219feacf4ba8L,0x5ed12355e875dd6fL,0x7aa732dc95565bdeL } },
-    /* 56 << 217 */
-    { { 0x9a0e153581833608L,0x5cce871e6e2833acL,0xc17059eafb29777cL,
-        0x7e40e5fae354cafdL,0x9cf594054d07c371L,0x64ce36b2a71c3945L },
-      { 0x69309e9656caf487L,0x3d719e9f1ae3454bL,0xf2164070e25823b6L,
-        0xead851bd0bc27359L,0x3d21bfe8b0925094L,0xa783b1e934a97f4eL } },
-    /* 57 << 217 */
-    { { 0x0a700190a5e41f7bL,0x2173e68dae9045b6L,0x28e9ac53f1669974L,
-        0xcb00ff99d4b9fd98L,0x09c7b907ebe90d1bL,0xbf401f20385744c1L },
-      { 0x0bb7ea7ae1292c18L,0x82aa43120b58f171L,0x5aa97bb2e3102d77L,
-        0x1a71e7c570178b35L,0x9bbb9ade6ab76f59L,0x32da60c9dea7bcacL } },
-    /* 58 << 217 */
-    { { 0x3c3f113ab3726680L,0x27be1c406f5b5ab2L,0x5f51f684f6864a39L,
-        0xfaf84229a60c4f39L,0xa788612d01df18c9L,0x65c9fd14951d5ea3L },
-      { 0x4b2153cdaeeaf44fL,0x6b9e977ba567781fL,0x4dbca3609dbf3e39L,
-        0x1ad43ad4fc65d7ddL,0x70a7a5e13d8dcf0cL,0xc11b1f4688b91e4dL } },
-    /* 59 << 217 */
-    { { 0x1ef5695b0868ad28L,0x09c9c06c2e3a9176L,0x2f2c19672c358e86L,
-        0x4ff1af54da22d7e7L,0x5ea6716840fa2270L,0xd164b6874d31a3e9L },
-      { 0xec036bb4345103d9L,0x6c6a130f26e17156L,0x2c491063d872b0d6L,
-        0xa66be18c4123d04cL,0x8593de34a33fa919L,0x620d2970f025b880L } },
-    /* 60 << 217 */
-    { { 0xc194cc1664baf040L,0x8038f31fcc01f35cL,0xfcc82fa0ed2079c7L,
-        0x1eb7571190d39b9cL,0xf1a89043c108e069L,0x10633334c020880fL },
-      { 0x492a494086e262f8L,0xaa0208173383f1a7L,0xfbb4e5ba6d99cc07L,
-        0xd6ccdc5cbde40478L,0x9e0b9d5867ee92c7L,0x5204bab7653eb14bL } },
-    /* 61 << 217 */
-    { { 0x721f44f0ef90c9bcL,0x6ebbecd8d55e653bL,0x9af325df6ccc5d5dL,
-        0x265f0f6d827bd1aaL,0xb82453213487ea4bL,0x1642be42af6ba8d0L },
-      { 0xb8c4168d4140e5f8L,0xdf5e32c13545d107L,0xf1301b9c2db68318L,
-        0xb22e20472bf3c067L,0xf40af49ee56ba514L,0xf4090e795575f363L } },
-    /* 62 << 217 */
-    { { 0x980de58b1746f6bdL,0xa9e1f0089eb9511cL,0x8f53c6fd1bbdba34L,
-        0xe6a867a6a1a41706L,0xd4cc48a5d2e48256L,0xd580559e05cb19d6L },
-      { 0xc8983311e6466ae0L,0xeab62080174df01dL,0x710ebd184a0441d1L,
-        0x0af69d9a9f653d0eL,0xef3a2510d789c932L,0xb5959cb992fbd39aL } },
-    /* 63 << 217 */
-    { { 0xdbbdd5fdccb1cc9bL,0x660110b98a26d874L,0xfa80d8b60fb9ff2cL,
-        0xfeb5cd6b95040da7L,0xb526ae0c7366cf25L,0xf49d85fce3566146L },
-      { 0x3b4107e699f505e5L,0x3c2d618f4302bbaeL,0xdaa09d150b199866L,
-        0x3b65cb88c395abf5L,0xd2af1dedbd5ac4eaL,0x0586f5a5276533d1L } },
-    /* 64 << 217 */
-    { { 0xd927283013575004L,0x01a330d620b2275eL,0x58b9207f450db713L,
-        0xae95338423e16d95L,0x4f10c6d4e60e349cL,0x541d03ecfeb122bcL },
-      { 0x22548cd22c648211L,0x5c2dc84cd01354f5L,0xa1c6f912b6167b3cL,
-        0x6967bab27902d2baL,0xebbe0b0836de34baL,0x6985b33a4b79625eL } },
-    /* 0 << 224 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 224 */
-    { { 0x9e857f33771560abL,0x4ae1ba22250f109dL,0xf8538d68ff4f6566L,
-        0x35380f15ac339148L,0xfef0bfdd5ddfc12fL,0xf706c6bf1387d93eL },
-      { 0x618ce77d5357e131L,0xf0921744236478c4L,0x24eaf06e00dc0da5L,
-        0x049113be07603cc7L,0x5cf489088f6963c7L,0xbe5eb9e6ede4a300L } },
-    /* 2 << 224 */
-    { { 0x77e486f85d066c15L,0x0c05b6c24ed5307dL,0x322b28ab7df36628L,
-        0x2d14d1316704dcd6L,0xd359977af29a3567L,0xc29bb132ec96d3b6L },
-      { 0xfd6e400ae6bfa701L,0x03db99244c7e5101L,0x62d81c7d9b8533afL,
-        0xefa638c28de66eb8L,0x7405a9d7e86784eeL,0xafaa74efa6c22223L } },
-    /* 3 << 224 */
-    { { 0x6909994f0572e536L,0x9d22f9157fed8954L,0x1505ca05884aaca9L,
-        0xe4b6530996995a98L,0x30e00a5ed02c000eL,0xb9032350236e7b09L },
-      { 0xe696f09e14f6c7bfL,0x2126b6277dc18d06L,0xa9ada7b401e1e2a4L,
-        0x9630acb69d2d025aL,0x9fab2c6ed84ffeb1L,0xc1d0db26ab7584f6L } },
-    /* 4 << 224 */
-    { { 0xf9b2dba4b9d36e91L,0x5fb4f6cefda9b2c4L,0x7692a4f33b8104eeL,
-        0x5da885b0e4e1896eL,0xc2a30fec73d2aa36L,0x7d06e6af86f60bcaL },
-      { 0xbc8bf16d87287887L,0x6c3dd86a3d701becL,0x8e79e2f37e35610aL,
-        0x981139f482f9d71cL,0xf8997ec424e62733L,0x330d989aa3518061L } },
-    /* 5 << 224 */
-    { { 0x6cf0e6ef9b7e3cc9L,0xb465be6b0320acbdL,0x02777783856111dcL,
-        0x3a1d36f0c0e9f2b0L,0xfcf4f6365e7fe507L,0x36bf41827fa7c8f1L },
-      { 0x09a02de8b0f4ce56L,0xa0bbf65ca9cdb353L,0x7211a9654b7f4e35L,
-        0xa6b2ba79805b58bdL,0x418302c20957860cL,0x3c17ec02f99f9d58L } },
-    /* 6 << 224 */
-    { { 0x4e6ef410ca89fbadL,0xe0fc53ba53933b78L,0xa4f03403fd41d143L,
-        0x3a507177e0774c37L,0x078e8c568ec7484aL,0xfb73c6b6fbb3f66bL },
-      { 0x169c94753bfbdff6L,0x44d286060a232243L,0x3e8e968508303114L,
-        0x7a9797b8fad0def2L,0x0ad14404efc1c8daL,0x6daae4e921ced721L } },
-    /* 7 << 224 */
-    { { 0xfde0d1b4cbfd18abL,0xa3c9917595850f83L,0x16d3ad79c9eb9de3L,
-        0x2707ec8b0ffbcdacL,0xd7e6750fa220287cL,0xe51baf059c2e155aL },
-      { 0x3018c309871e10faL,0x074f08e3f23221c2L,0x1aa323aecf15a4afL,
-        0xf085d69cc1b8cca0L,0x47a3eaccb143a969L,0x56a04522f3a98430L } },
-    /* 8 << 224 */
-    { { 0xc7e9ddef88dd2dc2L,0x2c21a99819a0c0b5L,0x6bc0746db239bb82L,
-        0xc811a8eb28ea1341L,0x5f714ca71d1309b0L,0x79eabd20d4eb9b34L },
-      { 0xe0e5afdcdf0fb30fL,0x1b01a16d8c0814c6L,0x670e1e7b84334366L,
-        0xc8c38f9a0eed1116L,0xf914fae2619bbd50L,0x1ed062cb51c1995aL } },
-    /* 9 << 224 */
-    { { 0xce64d065b711b4e9L,0x32760c2eefc4d25eL,0x9e5916caa6292c7bL,
-        0xa90d40bff2a47deeL,0x90dc6681604933d2L,0x707270c60115cf42L },
-      { 0x55b601ff6fe583abL,0xdd2fe842a039dafeL,0x602d8de34c2d3357L,
-        0x7cc979bca7ab9014L,0x4b8dcf7e60118797L,0x7f1f2a04cbfaad32L } },
-    /* 10 << 224 */
-    { { 0xd4e60e15cb583422L,0xc6b1ef90320f296fL,0x0714bad0d9bfc834L,
-        0x5ee2ca8c9050e2c2L,0x074a8ca824f7cf1dL,0xb975024910df8516L },
-      { 0xecee8ab7c2636d2cL,0x308e5af13b4b7bbdL,0xfed4f27eee2ae021L,
-        0x7cd4bb192065253bL,0x6b21a3f84de525b4L,0x0f10e7bdac27fddbL } },
-    /* 11 << 224 */
-    { { 0xb4f02d9dbb3bf37aL,0x69590395978aacc1L,0xdf99b1309c3def3fL,
-        0x5c66391e12be0bceL,0x30ab382cb5eaf100L,0x9b84b2b4e0352249L },
-      { 0x0c22e4e1af14e85aL,0xc29d3c592286ea0cL,0x6c7f8b6a40758aebL,
-        0x7a91adccde68fd0bL,0x4d8554fec8e8fd4aL,0x9fa863d5bb5621e5L } },
-    /* 12 << 224 */
-    { { 0xd5068487870e29cbL,0xf9420b85fc52d5cbL,0x50c3265a496d000dL,
-        0xe605414a166bd6b4L,0x4de8d724c62b2a6cL,0x16af06f2a1a11048L },
-      { 0x5406bde945f43c4cL,0x5e15bf6c751ad18eL,0xa846e665b6a59587L,
-        0xcdb28a7d1816ac55L,0x899b3551819b73f8L,0x2d46297bbc848d08L } },
-    /* 13 << 224 */
-    { { 0x76f5aedd44af60a1L,0xf7bd3b4651d1efd8L,0xdfbf3c6439a9721eL,
-        0xf927fbf0ee9d2ab3L,0x628e9258c7e0779dL,0x062cb2fe4cf1dccfL },
-      { 0xb2ff57dde2278f00L,0x3f0e140a2d199ca3L,0xe7161304342c0a9cL,
-        0xe7ca734f0bdbe131L,0x7d070270870057d8L,0xf6f1a65daaa55860L } },
-    /* 14 << 224 */
-    { { 0xdc4cc720299127beL,0x5b34e762faab8165L,0x2289b2f7b39c120dL,
-        0x687a78d06e52b913L,0xd2a091dd2a3ea6a5L,0xc61eced638eab329L },
-      { 0x652231ea7887ff2bL,0x77a568750479db4eL,0x1ef471c8d43c5722L,
-        0xf82bf436f3764c34L,0x962af4050445cafeL,0xed8b227f5ff47259L } },
-    /* 15 << 224 */
-    { { 0x30e045f4a73c3da0L,0x13d2527df36c6346L,0x3dffe56d3836fb9bL,
-        0x9518276617c5d2bfL,0xa0ef38724dd0b240L,0xb45e19ebc39c675aL },
-      { 0x65202bc603e95445L,0x41e2f0d19a2ec9dcL,0x51c719cf2a0d762bL,
-        0x3bfb9729ecc6b9f8L,0xda8271705a261640L,0x65c2bbbcaeee5f3fL } },
-    /* 16 << 224 */
-    { { 0xde849cd1d89594abL,0x00e2d2b10ec4fb3aL,0x3fbd9e3dabe92fbaL,
-        0x785414d43324900aL,0xdaead1abde20904eL,0xb493e121aa5f1ba8L },
-      { 0xd60a4f2d6eaea0dcL,0x394746b56fca8596L,0x163dc78934efa243L,
-        0x3067dccf216a8d8cL,0x116b6534a901617bL,0x8c4bd099bbabe51eL } },
-    /* 17 << 224 */
-    { { 0xbb9eb22a97ebad53L,0x791d4f90666f1428L,0xa3a896e06c5d5569L,
-        0x322d566fdefbc26cL,0xaa581a083c039c26L,0x82d899be62790f0bL },
-      { 0xeff4bb9a43a0c2f7L,0x60515c10a01df2c4L,0xdd1455a849312160L,
-        0xc8a15052c4292265L,0xdb2970f97f68d081L,0x29c825b892594c4dL } },
-    /* 18 << 224 */
-    { { 0xc8c2df45ac3a082cL,0xc353d074c8d4c40eL,0xb214f9c05a3c2de7L,
-        0x504bc42cf86b0214L,0xc82df5cbd1922a58L,0x40887948a5bc3267L },
-      { 0x04bcd21788ba8bb2L,0xe21b3e7f046fd401L,0x8419c338616af5cfL,
-        0x7f24760baedfce9dL,0xded8035bddbd519aL,0x1f1fb0d71693faabL } },
-    /* 19 << 224 */
-    { { 0x7a88376766117f71L,0x8d4e37815d261599L,0xc900e6dff770b193L,
-        0xb7d1c06b12e9dda7L,0xa86d173a717cb0faL,0xa138b7ba51dfbeacL },
-      { 0xe84468c57360a27cL,0x4acf8b412e9b82a2L,0x85fa386cb121d6faL,
-        0xc794d9f283e6169cL,0x7b4cd3fc8c9293acL,0x3096ad868d082719L } },
-    /* 20 << 224 */
-    { { 0xbb067b49d02ffcf6L,0x7cedf8f93e657299L,0xc3829961406bbfe3L,
-        0xefe4b5aa37c12472L,0x7dc01cf9fec7dee8L,0x70a9db2389472f50L },
-      { 0x29c269f8b31bf737L,0xa26deac3ae3fa7dbL,0x0046e91233caca41L,
-        0x3bf4bc8ab6e78b55L,0xca83bc6cd9eb5ef1L,0x73f25c62c0c5deffL } },
-    /* 21 << 224 */
-    { { 0x117bb83d3ff7d803L,0xe91098c539c56c0aL,0x7bf72fe91e347fa0L,
-        0xa66201a31e174941L,0x1d069d4d6846a06bL,0x721cdbbdcda59bcfL },
-      { 0x17d6683a17652893L,0xee1b28f505be2530L,0x2e70558697a69062L,
-        0xd4b5798682b56c36L,0x1ccc5be09082e781L,0x42e0e429d6b05e30L } },
-    /* 22 << 224 */
-    { { 0x697dc47d44b4aae8L,0xb3525cc0782c331cL,0xff71cca40bd7c78cL,
-        0x5f3d776610c0ab69L,0xbdc10267e2ba07e3L,0xc656f75ce6373f6eL },
-      { 0x9e2938b4b5607b62L,0xa65017d410b0a0f7L,0x8dad31195cc6ac25L,
-        0x00f8f2d18ba5d1e6L,0x608137bc43305aefL,0xddad34bbdcb81cb1L } },
-    /* 23 << 224 */
-    { { 0x9e46b17c20c78a64L,0x28db365d5c48e678L,0xbe4c3b8eac6ba470L,
-        0xee737236b6617b28L,0x81c5b94a4f3422bcL,0x4d44c33076faa922L },
-      { 0xd7a09a719be38835L,0x99d024e1410b382dL,0x103b67c36b15012eL,
-        0x02b6e094d9808da4L,0x4f5d938a0a7f2fcdL,0xa43058b7e4c5073bL } },
-    /* 24 << 224 */
-    { { 0xe133d941b1f82ca5L,0x2af8b98bfdf115bfL,0xdc6179c857aaa6f3L,
-        0xabaa83e9130ade06L,0x7836b6fb0e8bffd1L,0xc479751ffa103703L },
-      { 0x0ff3c1299c89963bL,0xe64072560b84c24fL,0xa92a4ea2f34f6bc9L,
-        0xba45b3053197989bL,0xd12b5a0199243aabL,0x3015772c442af625L } },
-    /* 25 << 224 */
-    { { 0x5362ac737e0a5c36L,0xc731132a8c4fbc07L,0x0ef7468d7ca0d4d0L,
-        0xc43afef835d25de0L,0x096bde6a3fa1209bL,0x21f57eb566846236L },
-      { 0x878b585cf04d23d7L,0x737f7e527315ed56L,0xb716462c811afdd1L,
-        0x4d223734a571a3cbL,0x56460e2fa7db2c60L,0x0684d72c61f97485L } },
-    /* 26 << 224 */
-    { { 0xd95fca81e6f065c5L,0x45e886d5fc8655deL,0x3580957727cff79eL,
-        0x92a39a34625877d9L,0xdda02684dfee17eeL,0x6354f871986f635bL },
-      { 0xb3a6e9edd409c182L,0xf0b1c8d9c4fbbb3aL,0x28721c019b77adedL,
-        0x3c356df1bf94f028L,0xff221bd229a81f1aL,0x20edf2e856b20b0dL } },
-    /* 27 << 224 */
-    { { 0xb8c636db31ac60c2L,0xf3830e72bd987402L,0xfe63957c30e6b969L,
-        0x3508e67989eb2bc4L,0xc0837f8c9a987e3bL,0xd1d0ce7b3f9b2ef4L },
-      { 0x08d8f99441fe62baL,0xe73f79d7e17669d4L,0x8801fabaee6d68feL,
-        0x4ef814891a508a88L,0xcc851bb71fbc4512L,0x69f728704680b88aL } },
-    /* 28 << 224 */
-    { { 0x97fff124835fda9eL,0xa79ceb2f0bc68512L,0x70ba93d1a2fc3995L,
-        0x62bd28ab9e51c5eeL,0xb95fa624d5bbbaa9L,0x0654dc458c1f571eL },
-      { 0xb9a4edc665a45ed6L,0xbf5ed1bc21ad0612L,0x74adc1a1b1a3551bL,
-        0x3dfa3dc8dbbd6cefL,0xce5dd40b2fa3afd2L,0x14894e0f30a746caL } },
-    /* 29 << 224 */
-    { { 0xe4544006ada9bf7dL,0x9e123b709b75770dL,0x903628d557cea95aL,
-        0x6429e00c9e8cef6bL,0xafa2cce77b1adaa2L,0xf2f5771e15e488daL },
-      { 0xda44962269820874L,0x5b20ef1b6e0fef81L,0x3150a8699507b4faL,
-        0x901897add191de20L,0xf459da31c41dbb2dL,0xc2516dd077146754L } },
-    /* 30 << 224 */
-    { { 0x7e729c58b8ca2a2cL,0x0f32ea1ecaac04afL,0x47267f13bdd549e3L,
-        0x35b9440690be3b50L,0xad0f2bb14b27f670L,0xd7e5874e92341803L },
-      { 0x7dc841cf1f9ec462L,0xebeff994512b2a42L,0x22998a7f320dc858L,
-        0xf08eb5c719946f59L,0x228c8dcda68ea75eL,0x40dc6dc37b20dee5L } },
-    /* 31 << 224 */
-    { { 0x23f40e331dd722adL,0x0a441bf4c54fc48fL,0xed6c026548b75f84L,
-        0xc2d3972f3e0fff2bL,0x889b44c4db09b7d9L,0xeb6ccc6541a6a562L },
-      { 0x5ef1162e8f04e03aL,0x25e2ea895d8102c5L,0x37b71631154644d5L,
-        0xa9a1a8320446b1bbL,0xe3f58daefb342b20L,0xc6d19decb6d292c3L } },
-    /* 32 << 224 */
-    { { 0x929454f6b3952db4L,0x412142ec4d3f69f5L,0xf5b0a7c5ee25c0b0L,
-        0x7d3372ff2e752295L,0xd6dadc7d6eacac68L,0x5f0076cca96a8e3cL },
-      { 0xea831db671725b3aL,0x4a286c89c29ab454L,0x5ff817e572e3c00cL,
-        0xb022e25d2a5fb6baL,0xb611c5bcbb392476L,0x062c14dc190485a0L } },
-    /* 33 << 224 */
-    { { 0x44730047ffdc9a7eL,0x44949bdcf078d5bbL,0x8c1a3e4bc486e2b1L,
-        0x53088ba20801402cL,0x6e20a7cfeac83daeL,0x4407ea8436ec5443L },
-      { 0x564fb733853f79d8L,0x59ea819afe809670L,0x1ac62174f1ec7e91L,
-        0x0d7e065566a0b8c9L,0x0c4d072482958221L,0x80db0297a60f984eL } },
-    /* 34 << 224 */
-    { { 0x380823e7f3359d47L,0x8a60fb05f5efd39cL,0x78a940669425487dL,
-        0x1da6abc3f199c67cL,0x7df00b2165f0a6b1L,0xdc0dea58017b1231L },
-      { 0x9c529db079f4f22fL,0xc7043be3e5dd92b5L,0x10153ffb43661331L,
-        0x51c459bf6ff02e8fL,0x451483bfa43aa005L,0x3313f903199cd1baL } },
-    /* 35 << 224 */
-    { { 0x2f66587e62e1ef1bL,0x942d4c739e3ae33fL,0x4a27ead5c0ab9c1eL,
-        0x368d8dd89ca91b06L,0xb3f0cf92c4b6ed34L,0x28cc332673e62557L },
-      { 0x2649e5527910986bL,0x635dcf9cdda049abL,0xbbde12f625d3f201L,
-        0x5200c3d0a9384443L,0xd996573d51eb3c10L,0xb093c1792b8cd7e5L } },
-    /* 36 << 224 */
-    { { 0x15cd1d1cc3fe6fa4L,0xf260a739e2c3c686L,0xf7c2270eb08c65dbL,
-        0x9ada2cb6ff69d971L,0x65fbbcac212bff0cL,0x40157d075646a735L },
-      { 0x101d2b7d55de9e45L,0x0db580e83118b763L,0x3203baca8322a9cdL,
-        0x2a3137ef22cac14dL,0xcc9092e291a14128L,0xbb269f6d98cc368fL } },
-    /* 37 << 224 */
-    { { 0x7c8946002ad7f66fL,0x6a8328bb99b438a7L,0x86d06fbbdb440d86L,
-        0xb74ffe2d20ac5a42L,0xc3a6f01d91b1c82bL,0x606f8ce71d5efbddL },
-      { 0x8c49c43a6338c99fL,0x50657f7216da7cb7L,0x7f204c8b84f22d9bL,
-        0xa2612d80ca76978dL,0x80080d868a3e8e96L,0xd8841a1ac0bff9afL } },
-    /* 38 << 224 */
-    { { 0xc2a734cb962fa060L,0x2baa26c580a17874L,0xe27b21110b44efe6L,
-        0xdc1244e531d2154cL,0xfcd86d4116c7742bL,0xf45230df32503138L },
-      { 0x94a790f4812cf0afL,0x0ab2df23da3f24d7L,0x0c764df181571d54L,
-        0x989ff71c68d68f74L,0x9896fe62cda535b3L,0xfe0502e05f4fa41bL } },
-    /* 39 << 224 */
-    { { 0xf1ffe852c2f58cf6L,0x2ec46d2546d64576L,0x95bfec93d602c51aL,
-        0x349c58bf3907b766L,0x59cb12bb9b94bdfbL,0xfa95da9515dfcd87L },
-      { 0x731a8535e1543bfbL,0x14844aeeca14187cL,0x0d73e58aba1f4928L,
-        0xbb71009fc6bb67f2L,0x5e7c0e988b4142b9L,0x4866b5095f08f58bL } },
-    /* 40 << 224 */
-    { { 0xc8295c2fa234de87L,0x1cd7f3fd878e77dbL,0x309c1fefa2155b6cL,
-        0x2a9bcfd9484afddeL,0x87ef7a56cc999775L,0x34336cb1970aa188L },
-      { 0xd45eb83cc3e16ba1L,0xf9d72c72b9c1695bL,0xff117458cb980742L,
-        0x438a7fcb67af836aL,0x5ffad086eb9a6c40L,0xdbd3e518513922a3L } },
-    /* 41 << 224 */
-    { { 0xde241983e42021b7L,0xaa70e834542873c1L,0x99c9d35f9daf2b99L,
-        0x0bf712d549b40780L,0x202d9969d9ab6e97L,0x7f3382dac4932106L },
-      { 0x1eb5f5d40849e319L,0xc1bdd1179f659546L,0x628ddd3d2329f977L,
-        0x5944611d363ee601L,0x7b7a631463d5bd4dL,0xaf6c51a5631d21ecL } },
-    /* 42 << 224 */
-    { { 0x2d8f9e1db4100182L,0xa08ae2fe4f3d2c03L,0x7548c430589e99f8L,
-        0x0f5ccee2aede8af9L,0xa21ace3343b34b25L,0xb120c569dee102e6L },
-      { 0x1cb103ed36f13699L,0xf71ff0dfc91e8cb4L,0x88f141079b22460dL,
-        0x050af75af509366aL,0xeec8a310fb179bc6L,0x069e7331c26efef6L } },
-    /* 43 << 224 */
-    { { 0x3e2a9c713be9cdabL,0x8f235d6f73ac08e6L,0x3de28a6b28832dabL,
-        0x7d08b9f31ee82d6dL,0x67c3b88f915ddda9L,0xba8f18cc0f7c81a3L },
-      { 0x38cebc31ca3c0936L,0x745f71aa7816a6e3L,0x00cb85a91a95fcd3L,
-        0xb92742c6577dc22cL,0x1afdaab592029cbeL,0x0bb43c91278d3f7cL } },
-    /* 44 << 224 */
-    { { 0x3d77059d3ba02d27L,0x58e28671440b2d3dL,0xe2d4235726636fbcL,
-        0xcc448a52c54605d5L,0x73c2902efc0269a6L,0x28a15ed57ea8c26bL },
-      { 0xf666587a0cfc1a34L,0x8374f2cc1ae0377cL,0x5dca6ae828417437L,
-        0x15a6d54c94bc87ffL,0x5bf187bbb344796cL,0xc629c14889574b2dL } },
-    /* 45 << 224 */
-    { { 0x06d43c6d87748b63L,0x2489a957a7f232edL,0x7aa9174afa407c3fL,
-        0x8c8b8fd933a762e0L,0xe2e8f1e7adbe94a3L,0xd1e0c8c2bb723045L },
-      { 0xcafd8f483df092d8L,0xbc89caebb174025cL,0x97595c5649f20c98L,
-        0x6e520a968a77acefL,0xc3dbd3107a52a4e6L,0xf51db5a91284ff27L } },
-    /* 46 << 224 */
-    { { 0x406465742c74cb2cL,0x44eeb9e546c33df0L,0xd2a9f16ecb4c50b2L,
-        0x68f912a01906a6ccL,0x2b81296d95211e94L,0xddb2988ec8575839L },
-      { 0xb74d990d33b180c0L,0x290185567d319c48L,0xd3d2e40dac8de56fL,
-        0x9ad42a60461f30e6L,0x265e4715292a0faaL,0x56c2626c8ac3b2a5L } },
-    /* 47 << 224 */
-    { { 0xb7580f2fd468adb8L,0x8e1fbf0388a6a587L,0x1b8c40ed8f4f6cddL,
-        0x337414f56817b2b1L,0xd877ebafb744d563L,0x59eed3c6df5e18b2L },
-      { 0x365e148dd33afa01L,0x82e70adc665702cdL,0xccd77955a5e390ebL,
-        0xd86c343accc90cb2L,0x23bd948d6cd8a33bL,0xb1fc140cdc43a8cbL } },
-    /* 48 << 224 */
-    { { 0xefda99d9ce11b02eL,0x9017bd4a3f820083L,0x8b9e6cd1ad14ac6fL,
-        0x1239ee331f413880L,0xd98e93d993dd7fb9L,0xc280d252894fcb12L },
-      { 0x33a9201a5230b5eeL,0xc6aeee256e41de26L,0x845051280d0a320aL,
-        0xc20551db4b607b53L,0x6e63c766ea228c2eL,0x883321aeac48f25cL } },
-    /* 49 << 224 */
-    { { 0xa5173910e15a530aL,0xaa2c88b83ac38ab2L,0xcbfbd31ec6a6ba9eL,
-        0x0fa126cb49ed182dL,0xd6b38897cfc53c85L,0x98d5f6bacb9c2f41L },
-      { 0x6694e8e5cbd150e9L,0xd470ef226a1fc551L,0x57a63765d5ea1c0aL,
-        0x95f5eb4318078139L,0xbeaba00585d3e0dbL,0x6bbf010fd314dec7L } },
-    /* 50 << 224 */
-    { { 0x5941229729ee46d3L,0x39e5aaa0e66bdfabL,0x9ff1575001c815e1L,
-        0x709706211f2de195L,0xaac904a968aa571aL,0x9cbefacd8f7625f9L },
-      { 0xadfd215dfce3a501L,0xc04d09ddf20651b4L,0x688c1421d17b25f2L,
-        0x3efde5d40073247cL,0x999b7f3a7432c699L,0x33c76487703fea50L } },
-    /* 51 << 224 */
-    { { 0xc720aeb10af6e1faL,0x1564b8d8e8771dc6L,0x5983eb44673d8ef2L,
-        0x5dabb2070679ac65L,0x51a854cdbcdb681eL,0xe2b186a9364a3cb1L },
-      { 0xfa189eff7222208bL,0xf7161d86477666f9L,0x0ffcc3e6192d1df5L,
-        0x1523508e39cf5a4cL,0xf5e98687c43ecce8L,0xbf17b63261450309L } },
-    /* 52 << 224 */
-    { { 0x63293cb8adfbde28L,0x5df78fb3c6b18ec4L,0xad10da4ffd27e50dL,
-        0x60202b357ade5c9aL,0x67b9d253c6c8c8b5L,0xdbacffefbc2b30bdL },
-      { 0x508ff8a67494b1edL,0x87ef48be3769728fL,0x74d4f180ef98d036L,
-        0xc5d9ef531799e8a9L,0x726d22206e850162L,0xd86d3414239f6b38L } },
-    /* 53 << 224 */
-    { { 0xfdde327b3e1f1b96L,0xb6272e94bb58615dL,0x2881350cfc2d8a47L,
-        0xfcbe87031142ab9bL,0xaa5fccd0f48c7f97L,0x606be6ed29a74ba0L },
-      { 0x545409ba3afc598bL,0x4779f54aa7d23f5dL,0x2811c0829d68e38eL,
-        0x5b4646bd3f9c5842L,0xbcd3aa492586219aL,0x7345799313642e3fL } },
-    /* 54 << 224 */
-    { { 0x9a61f240ab638788L,0x519742162b0a8449L,0x9a5ec31d43b2abfbL,
-        0x6f3075740563c9c9L,0xe465f7793ffa198fL,0x8876c5772957418eL },
-      { 0x10e3d09c976e5875L,0xd66d334e592c2409L,0x3f0d5727b39b7897L,
-        0x17ca7ad1e37fd300L,0x221d8436da530871L,0x4df38e4179d6b350L } },
-    /* 55 << 224 */
-    { { 0xe805096338b7a2cdL,0x9874cc734b8f05cdL,0xfc0821791b74a790L,
-        0xe18a92f3293049a6L,0xabd525694dfdc13aL,0xb928cc300d843466L },
-      { 0x12750aec348dc7c0L,0x3c8e205d87f12dbcL,0xa2c71091e0bdbd81L,
-        0x895b56a0c1c1871cL,0x68dd7414b4c850f9L,0x45a948ecbe806596L } },
-    /* 56 << 224 */
-    { { 0xa88dbfe0f4fe35f4L,0x32de3a1c84283011L,0x8a3777bc39caea33L,
-        0x673630dee4d49959L,0xf3ef842c59070317L,0x33e4bb031fab88a9L },
-      { 0x88e4538e98ce8bc2L,0x870c2eb81a235c6bL,0x71f62c5640df0e92L,
-        0xdb43b853f9627486L,0xfde9fcaa95cc473bL,0xe4c5b4bb4b677b11L } },
-    /* 57 << 224 */
-    { { 0xa6ebd946dd4091f8L,0xf0e11886dcf0741bL,0xd6267674d9533601L,
-        0x571926506f74e49cL,0x18269c2f891d6717L,0x350a7869b45ddb53L },
-      { 0x79ea6a4ac8f62777L,0xbad33c4cae7edec9L,0x14bed149ad7e5578L,
-        0xb2f4190ba91af4fcL,0xbbd6f68be71dfd3bL,0x23fd3dc8f2fb7a21L } },
-    /* 58 << 224 */
-    { { 0x5e0f89e598fd044dL,0xb77180d97cc30e97L,0x64fbfb747f82a12dL,
-        0xbeebb9ca77629636L,0xe164549feba83845L,0xe65a964a7079519dL },
-      { 0x8b1bcc08ca88157cL,0x466399c3f7483338L,0x6e2726414b9efdc6L,
-        0xff8c7027be922e96L,0x9baebf7d48374f59L,0x2a84a23ac18ee18bL } },
-    /* 59 << 224 */
-    { { 0x337484e0dca4b3b3L,0x82137cb9f5b27d3fL,0x12ae1d11bbf4c806L,
-        0xa1e2873f2880c078L,0x9e6bd909058b9a0fL,0xacc5656d2dba5fb9L },
-      { 0x7fe5467853fd2ce3L,0x2aa4af35452439efL,0x329989a5904ffc67L,
-        0x007ea4c8520fd31bL,0x58988e2551816b44L,0x644f2469d8f186eaL } },
-    /* 60 << 224 */
-    { { 0xcd4d1a9e8890722fL,0xfa0b826b74142916L,0xa494dfa817ba8041L,
-        0x3fb73e736de2b6c2L,0x156a6cf4344b57a7L,0xb197c8621e205448L },
-      { 0xf453e348c214acf7L,0x665d7083e9061a73L,0x5ed59ec5ce9868a3L,
-        0x9bab305f6ad777faL,0x752c490b35315de8L,0xabcfa35b5d5aaf26L } },
-    /* 61 << 224 */
-    { { 0x4059fc2f914d618dL,0x88e55ce6108380fdL,0x0c22b21bee61a4c1L,
-        0x435ecbdb04788627L,0x3f8a5ec7a9f72788L,0xa31eff8a732d5d97L },
-      { 0x119b6bf9d48d0af9L,0xde6d1de5af70a043L,0xac075ffd3368db4aL,
-        0x23a33ec94a58603dL,0xd43ad120fe181a89L,0x386b90ed42f0b006L } },
-    /* 62 << 224 */
-    { { 0x8096824bf9bf1a24L,0xcdf69abc8260ebd7L,0xaf93b34de9ab190bL,
-        0x676351ff841cbba0L,0x3db704d3eb6d6c60L,0x3b1b893fc09aebfdL },
-      { 0xc06b9bfdbfc69f15L,0x28b1ffb8e9c688c6L,0x1607bc68d3c16455L,
-        0x07d56bcc6d16d937L,0xac28e69f318afd9aL,0x7f4afeb7e77263b6L } },
-    /* 63 << 224 */
-    { { 0x796a530ab935875aL,0xd6700ec89dd1e51cL,0xc30301df4d9320e4L,
-        0xe23090f357157f87L,0xdd3f68a74029113eL,0x566afc6de2709936L },
-      { 0x830f952edbff8926L,0xe207eae5c7a39d27L,0x9210b3dfd9494592L,
-        0x3be25582d8460831L,0xec2496575d58edd9L,0xebe8426fefd24738L } },
-    /* 64 << 224 */
-    { { 0x0372678dc419b0aaL,0xf95031d8c13fdf17L,0xebaebca4b79594c3L,
-        0xe587850baf3b75cfL,0x534183ac2c1e09c6L,0x3f5b0bfdc08204cdL },
-      { 0xdac2cf06e297cc77L,0x5e47d9c6d0487084L,0xf6f509f490b0f6c2L,
-        0x3ffc3cd6c2c62207L,0xbb21eb1132ff1887L,0x2116a023e62ccc6fL } },
-    /* 0 << 231 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 231 */
-    { { 0x406a7e2116960728L,0xd03923f85597d8c4L,0xd4402eff020748eeL,
-        0x7827442af39b58dbL,0x77e3f2768d8cfb04L,0xf6eb49c8e45a978fL },
-      { 0x9db0829949247f6aL,0xce71a74706669fe5L,0xe434ce47b82775f5L,
-        0xe84995ef63910016L,0xa35e8b971e47792fL,0xc779cb3d7c6aaeb9L } },
-    /* 2 << 231 */
-    { { 0x1fa064cfaf31ea1dL,0x2a9547a848e8d974L,0xda8102a1fa9d9453L,
-        0x786aecabdc6bd7eaL,0xcaf91e3bca2f6044L,0x67d86ea78573f208L },
-      { 0xd309fce9c505ae24L,0x67ddc5b17f86eb8eL,0x57791ae0f3d53056L,
-        0x26b053f00d1fd61eL,0x91c962c0045ebfa6L,0xe95246de076ed979L } },
-    /* 3 << 231 */
-    { { 0x156eaf570746d174L,0xa2d4a83dcda35250L,0x60a9f48c0290fa02L,
-        0x9855d26d5c33b4acL,0x06e379c697eb1c30L,0x4f2e2dbe6e219664L },
-      { 0x6b7448f829006065L,0x237a1f31115062a9L,0x5c635a90ad92cb24L,
-        0x2e857f8c2eed977eL,0x3d512df7856dc88aL,0xbde85263e597a27bL } },
-    /* 4 << 231 */
-    { { 0x49f24994e7c03ce4L,0x274a8c132aed9ba3L,0x897b9103d5e91bc0L,
-        0x63db1efbcb404f68L,0x70efd9d842f7fc02L,0xd6e02921c6a230afL },
-      { 0x8d5b199f11ae0a56L,0xc98287dece33da6aL,0xde583d34504dd889L,
-        0x03756001f823686fL,0xf19ab86f95fc73dcL,0x300406c693f12f42L } },
-    /* 5 << 231 */
-    { { 0x2f73595f7759701cL,0x8dc2069a6fe0e0d9L,0xb7de7114c286a65dL,
-        0xfecc429e84c0e487L,0x51061a2c14344c07L,0x4d70972596869e37L },
-      { 0x8b02781f2be9403bL,0x6cb6aa02de3ab5d9L,0xb013508eff6bdc9aL,
-        0x568d2e84e5438c58L,0x7b35a979e4206c3bL,0x0bb793c0b17a8bc7L } },
-    /* 6 << 231 */
-    { { 0x3f896ca9fa4dd561L,0x4b9a98abd2de2ecbL,0xd0741632600e4e2aL,
-        0x87c7db5f69e702d5L,0x1f5a3b8053e0df2bL,0xe1e24b49f443dfbaL },
-      { 0xeb90e2305eef3a1dL,0x8f3fc8a6d38f73fcL,0xfb1e8299a5aa335aL,
-        0xd78504cd4197b32aL,0x0e7a79cc6755918eL,0xc7c98ae2883b1c72L } },
-    /* 7 << 231 */
-    { { 0x1a12727c03d2beccL,0x810a37dfc6741372L,0x44ac483fb7049f39L,
-        0xab73e5e7a36fc614L,0x298d453feeff8aebL,0x2127dd167e1b586bL },
-      { 0xeadc5c54e07bd60cL,0x67cdae00f5e2d2e2L,0x03fe0446c9d2f10aL,
-        0x0784098795e38ed2L,0x5d348a7ce1a6306eL,0x4903f1b6562f5463L } },
-    /* 8 << 231 */
-    { { 0xbf66baa5b44b1d0cL,0xbbed18eda44f8edaL,0x80bc32abeaaa466cL,
-        0x605b7897e5f2733bL,0xe9e7e3a1a2531afaL,0x25d66db33deb8369L },
-      { 0x36212ea3b2f25d10L,0x52d6b3f4a08d303eL,0xefa54b31444e9e9fL,
-        0x9c2229a169530c1bL,0x68feb9854b79bdd1L,0xd570e84f8b984cc3L } },
-    /* 9 << 231 */
-    { { 0xe141b86bde0560a3L,0x858bf4cdb2264bd1L,0x526fb104fabe5359L,
-        0x95f9c43f185b8a70L,0xf8e3a3eb2d1f75e9L,0x71826067d93bc6b9L },
-      { 0xf360e01799692f49L,0x00f4fd16c2dc3dd5L,0xeb7f40498b9454d3L,
-        0x5cb0f3c426c3b393L,0xe8ab4e4357bdc4d7L,0x9abe36b00c123d67L } },
-    /* 10 << 231 */
-    { { 0x1df8d98c57b168fdL,0x042fd731b45da94eL,0xa54d64f91703e143L,
-        0xa12198be9de0ab4cL,0x160e06241ddc4e0fL,0x15cae64a6695891fL },
-      { 0x808565e70c2b2081L,0x6de4a393cc65040cL,0x6682cd934bac1768L,
-        0x62e7ac2ca5be965fL,0xd33f6f8ad7a38e90L,0x9cafc4635b8b516eL } },
-    /* 11 << 231 */
-    { { 0x0541a391b685c547L,0xe86d35e091765999L,0x65aa03c51db4a2ecL,
-        0xba53470e6b1c4784L,0x4f848cc8cceca1faL,0x89d0db0b8b18e350L },
-      { 0xd03e452a7840d734L,0x6cebfa790ca24215L,0x288b4569e8f1d9e8L,
-        0x18e405af8927ce0cL,0x5aad57e51abfb4c8L,0xbbd99091a197ed1eL } },
-    /* 12 << 231 */
-    { { 0xf041e421aa44f3e2L,0x47ed9e8eae6fd2b7L,0x4fea93751128ed62L,
-        0x041a1c1acec6eae6L,0x1f32359415a65daeL,0x741fea0a0154e8e8L },
-      { 0x309e9f289c32e224L,0x457d4ffa902ce57bL,0x7bb54dd5692420c2L,
-        0x193a41aec4fa1a6aL,0x35f5f3b43d779e77L,0x31e84371046ebb8cL } },
-    /* 13 << 231 */
-    { { 0xe75a7c1d9d7e5551L,0xb73c987611635e3bL,0x3b07a071e09d29b3L,
-        0x0a3cc0acc623023cL,0x15ec4a7a1e2ceb33L,0x09a01968c70eb27fL },
-      { 0x2e5bb53c369d145aL,0x4c93330d9b7fb506L,0xbb10a2f358013308L,
-        0x3d9da0c4e0b85fd4L,0x8b39c992ce0dc79bL,0x7e6d18b0bec905faL } },
-    /* 14 << 231 */
-    { { 0x3a5a366ea1554376L,0x0e1687c052a6ed9dL,0x3e16e4aafe5355beL,
-        0x6d8bac03ced67666L,0x403eb33ed9344003L,0xd7b9ec0d333ab20cL },
-      { 0x9fce1986d64c272cL,0x9d52d64bb1e23843L,0x8e689611921a58e5L,
-        0x8f5f115620d5c61aL,0xb17f612fadc81b4eL,0x36e2db30e562f779L } },
-    /* 15 << 231 */
-    { { 0x98d0bcead01f8634L,0x6e9ba675bc5f825eL,0xfac2d3aa05e938c1L,
-        0x434b712fb9c66adfL,0x81c29163a9a61d36L,0x80eade933be8eea9L },
-      { 0x10fc6d75c04c45a8L,0xa2c9aa58fb9e8702L,0x9142afaeb200428bL,
-        0x4fa28c8520eccf38L,0x3b5f63308209b3e7L,0xf74206ca8cd74accL } },
-    /* 16 << 231 */
-    { { 0xd6a4d25c845f26e4L,0x71e554ce1b039dffL,0x942059731cdedfc0L,
-        0x0c4e385603d6502fL,0x981a4fc5e15ce8c8L,0x85d1b0f17aca30b7L },
-      { 0xf2037ef777bb9e43L,0xc52804f4e87ae187L,0x9c98a23c71f3e4e3L,
-        0xa73c8b89f47b504bL,0xb9e33f54023233aaL,0xf2bcfc17f92c9f68L } },
-    /* 17 << 231 */
-    { { 0xb3c1bc26707fc6ebL,0x0bb585b75ef6dac6L,0x70af297f5f707063L,
-        0x3d86a8fa967a0ad8L,0x510dae4d4f956cc6L,0x1dbcb2e883c01ad0L },
-      { 0x0e480cd28bfbb5edL,0x76498f813025fca2L,0xc015064ec5446cadL,
-        0x4ddfe2af3616f51aL,0x76b0d690e6750b31L,0xc4502c050073f263L } },
-    /* 18 << 231 */
-    { { 0x9120912bb3081e59L,0x6c73c4a2f908b364L,0x408af8c94de763d6L,
-        0x3d9e83084000add2L,0x65d197fddcb5a5a2L,0xbfd29f0b2bd82bb0L },
-      { 0xa1243e63bdfe09e7L,0x91d90b54d556188cL,0x977dd4a18bc872fcL,
-        0xa8e6e7bef4ea7805L,0x12c53bd80a467365L,0x9d7abca493b7f0a4L } },
-    /* 19 << 231 */
-    { { 0x5faf453a40eeb93eL,0x6801e0d1f1fe9307L,0xe92505d39ea9b800L,
-        0x7e911f8108eb58c8L,0x5da7ffcc098143eeL,0xe023262056876057L },
-      { 0x5354045bbfa99a91L,0xee660bbebb346841L,0x1dbf5c7cecb3099fL,
-        0xe79c78d6a125d753L,0x2a356f10706fc013L,0xe50c50b725f88ebdL } },
-    /* 20 << 231 */
-    { { 0x663ca92723ca903aL,0x8a64a4dec7681937L,0xe3ec0966a2baa42fL,
-        0x688328d7a2906226L,0xc2821e9c94790fd8L,0x7a295b62157501cdL },
-      { 0x032cd57d3675c2f3L,0x91d66a57f42e6f95L,0xd75056961e97dcd0L,
-        0x7e8ba3ed7d8b6f52L,0x8ddb72c420b0dccaL,0xe09e53bb6aea2d55L } },
-    /* 21 << 231 */
-    { { 0x3815b1028a009f19L,0x4f76d609f5418c34L,0x7a35cb332a9eabd9L,
-        0x018d6c54ce89e886L,0xe00b99e859c9fab6L,0x4f10a0d9aaf6e7b8L },
-      { 0xee51f8f0e722fce1L,0x03e8b63179bccac0L,0x66e540c26f327d2fL,
-        0x31df4a35d22377e4L,0xba5b0029d5c71cedL,0x6a3e20553ed6aeeaL } },
-    /* 22 << 231 */
-    { { 0xe932d1aaaffc47ebL,0x75c9d4d8513f85a3L,0x50886fcdf9419cb0L,
-        0x756a7d7d49081e9eL,0xe45fff1fe14aff77L,0x022b4ac339846230L },
-      { 0xefc3e8dbe89adc78L,0x921bb1538c09ccecL,0xe4dc6aa17826d461L,
-        0xa53aa6cefac8f0f4L,0x5d4e4d53954192c5L,0xda721828c722780fL } },
-    /* 23 << 231 */
-    { { 0x978609c67e4933daL,0x49fd5c5d2539c807L,0x072a911c6330373fL,
-        0x40cfa61838177579L,0xf9a7aa4c81c51596L,0x7ba8e7a5b346724dL },
-      { 0x79298c06d26ee66dL,0x243323702a9c2792L,0x585e8b9eb6aab53eL,
-        0xa39596c6e14bee4eL,0x89b2758828a76dbfL,0x889fba0aa00dc1adL } },
-    /* 24 << 231 */
-    { { 0xd55a3eaf0a9a8ba4L,0x13b1406b2a8cd215L,0xcb44589a93943e1aL,
-        0x91b5e3493a671a47L,0x488654f8efbe0256L,0x448bee4b392ba5e8L },
-      { 0x228f478137e762caL,0xe21a2ca7e71b6c47L,0x0e809fe94900fcefL,
-        0xb05e1db2815f6c76L,0x8cdf28815fa6fa0cL,0x2ed55c1c586fec8fL } },
-    /* 25 << 231 */
-    { { 0x7c3842eba210d4d9L,0xd656154e5f69a69bL,0x9e11c6db1f3a0483L,
-        0xb0314a5e5a217444L,0xe17a274e34f4e54fL,0x6e41c20a9f79d6abL },
-      { 0xd010d789dffef6dfL,0x704937f17e8915f0L,0x5072bf063d3460fbL,
-        0xa30814ed5f08429dL,0xe5faf476207d2708L,0x46e56e14af448339L } },
-    /* 26 << 231 */
-    { { 0x5a049c8f94af3a35L,0x9ae89160d8b75bbcL,0x8b026d867ff40c5eL,
-        0x90e54aa4fbddfd06L,0xc85349e7ee418640L,0xbf71e454beb7801bL },
-      { 0x63f5e068ad912e83L,0x6252a4a4ada5341bL,0x25114b87b44529abL,
-        0x9b80bea9eadb4f13L,0x7f071c0cfe050052L,0x4c9cd33418612061L } },
-    /* 27 << 231 */
-    { { 0xc6f50ed03c768ff6L,0x5b994b58b6de126aL,0x807ad19e2a1ac05aL,
-        0x012fcb9ddfc66ad7L,0xf8706d5fefeb7d07L,0x132aa6697bfc5337L },
-      { 0x56bd874310e28d18L,0x33bc53d96e9f8e26L,0x5885b63b152758edL,
-        0xb8b1bd5e757e1471L,0xdbc689458c0d406cL,0xa664de3bfc605a11L } },
-    /* 28 << 231 */
-    { { 0x04df415ea6d4b6c2L,0xb8e33e71d254d2d4L,0x179df4f48b84c588L,
-        0x8a2a0683d435793aL,0x6147a5a911eecec0L,0x0b8389793a0196ccL },
-      { 0x855059ce81805693L,0x37babf9f3b27872fL,0xa2ac78b1769be5c3L,
-        0x16260f0c0a8d267bL,0x31f48c42388266c1L,0x58fee495ead1f238L } },
-    /* 29 << 231 */
-    { { 0x5753ee0fc048300dL,0x307dfd57e048abc4L,0xc18bdfeca3ba6c56L,
-        0xfb2d8daf10495489L,0xd93aebd4e0fd2d13L,0x4736efaf0518a5faL },
-      { 0xa8ee4995eaa9fc77L,0x2620f08e008adc03L,0xf03981839f06991aL,
-        0xd47b1eabe25a4f4cL,0x669cf09c79f95484L,0xf30191584a0f8b96L } },
-    /* 30 << 231 */
-    { { 0x047b0f0124b240a1L,0x959915dd46cecf58L,0xedf2e74b72980ca1L,
-        0x6b7b7b4ef2cad32aL,0xf9f01c9d0b9ded1cL,0x009d3a5825e77e0aL },
-      { 0x62314ab411a39c1cL,0xb3b0c5b2ad557b74L,0x6dbb75dd961619fcL,
-        0xb8f2d198c934e1e0L,0x4401507542eb7fd5L,0x3a8552efea1be435L } },
-    /* 31 << 231 */
-    { { 0x08e3f0e2217de9abL,0x6bdec27bb6b4f789L,0x5b160334685af8e0L,
-        0x31e651cc61738f6fL,0x37224bc4631989c0L,0x2dc8006ad39f9c4dL },
-      { 0x2a5d585056c3d84eL,0xb2ef06cc5cc79193L,0x246d92869eaa50e7L,
-        0x8cacbf7cea6a7cadL,0x109bddc629465ce6L,0xad2f492fb5744947L } },
-    /* 32 << 231 */
-    { { 0xba03ba3b7b3b336dL,0xe57ce50928c9c55dL,0xf96b8cfe4f0f60b2L,
-        0xb908d77e6fcccd96L,0x7208ef7de79dd17aL,0x739095333ec3d048L },
-      { 0x9c5ad2da1163fe78L,0x4e2a8685cd4a15c2L,0xac999449470eb938L,
-        0xfaaf27fbee7d772fL,0xfbe402abd0b7ad09L,0x704d4f0e57db00a9L } },
-    /* 33 << 231 */
-    { { 0x8f2f736c6330607fL,0xaf4acf66c975432bL,0x838fd8cabd1dec99L,
-        0x347088aa7c3d0499L,0x28008757e835ea86L,0x43e2fb30c03e1aa1L },
-      { 0x06c66dabf0d10da1L,0x25d7aa1867321158L,0x215e483811dc063fL,
-        0xd52dee1e288362f2L,0x790989a1fe300a0aL,0xe0452fa5f163e1ccL } },
-    /* 34 << 231 */
-    { { 0xd3eab3ae25e7c044L,0xa3712d11b6d22325L,0x5e3835999e8237ddL,
-        0x2549047c9dc93a5fL,0x24b07617b546a113L,0xa50359ed2e7b82fdL },
-      { 0xbbc3eb5889964effL,0x93d490b60d7ae172L,0x68cd6b3f774ac0e6L,
-        0xf98f1df035e02fc6L,0xfd2625c560857c16L,0xd68f25e845dd06f6L } },
-    /* 35 << 231 */
-    { { 0x40dcb41018c1b3d8L,0x8af9a0bf954cc170L,0x9c40a17d5af27d6dL,
-        0x6b20fa7d7137d35aL,0x7c46f6aaf07f5adfL,0x7caa6e3cafc2f780L },
-      { 0xef03332694dfb637L,0xd8f330b38d0ac73cL,0xacbf571255d40a9fL,
-        0x1b4ffafa3f4fde0eL,0xa17488e09fe6b04fL,0xd27808a103957cfcL } },
-    /* 36 << 231 */
-    { { 0x85e1de1e96569e6dL,0xc9545920d7ae52f9L,0x04ebc797bcd62008L,
-        0xe142d0bc04a24db0L,0x5ed44b0d40e9fa80L,0x39fd679a48ddaba3L },
-      { 0x91aba967ce7ee095L,0x76de8d3a0e97d0f4L,0x92e7a107a221785fL,
-        0xb028f67e734283ffL,0x987f644168af2f42L,0x0ad882369d7f7102L } },
-    /* 37 << 231 */
-    { { 0xc5289301642f7d3cL,0x53ea584de508c45aL,0x86eb66e949337336L,
-        0xa56d59d668fbc13aL,0x44c464ffe9e51562L,0xe5280ecd8200a27fL },
-      { 0x92e2a9334cc73f23L,0xf59780325e7b858cL,0x399bd41e90d4b2efL,
-        0x4faecb8bd0ead86aL,0x6ead9c530ce48b14L,0x941b4807ef74700cL } },
-    /* 38 << 231 */
-    { { 0xea281be94d522b69L,0xb6855d45694a08bcL,0x7c47ddc7aa7f4d28L,
-        0x2028e22b6c36bba5L,0x206b63430c2dee0aL,0xfeb0b3dae68fdcd8L },
-      { 0x6dda02a44603db5cL,0xa705d0defd786a39L,0xd356f6a426aadd38L,
-        0xd34acb7d95ef6a00L,0x073ea16e14846402L,0x2cf7a82ab2df8bc5L } },
-    /* 39 << 231 */
-    { { 0x8fdcd309bffd7240L,0x6843dd76386e459bL,0x222fa67c0dee5740L,
-        0xa3801343620d7d83L,0x96dfdbffe21b4af3L,0x017bd3d3dadd04beL },
-      { 0x1b6adba2bca18337L,0x191b86f1300ed35aL,0x103a380cd73bbadaL,
-        0xc2f3172f36f95dacL,0xa01a10e220767bf4L,0xda882ca6989ad766L } },
-    /* 40 << 231 */
-    { { 0x5bbc748b9cc47708L,0x16d796054026c772L,0xefc3ce3ea053df6bL,
-        0x30ea7eab0713752fL,0x15b491b9dfd524b7L,0xa751d82010bcd34cL },
-      { 0xf30c708abbd5da72L,0xf0c55aa86d16bd51L,0x1754060ba6215d84L,
-        0x3a48d2cbb863542bL,0x992e8340261d8c45L,0x4096f65be8fd2113L } },
-    /* 41 << 231 */
-    { { 0x5532411e1045d8cfL,0x2d2f8d6b52bea60fL,0xa850b61825c556c2L,
-        0x6547892fe8965d13L,0xa7bd4527184d0cffL,0x0e7f7daec25ba558L },
-      { 0xfcfaf7b234343889L,0x9d6a23aeb82ba1d7L,0x2859023b60514faeL,
-        0x4d51aeddc82da6b7L,0x6a060dc38273cd00L,0xf2f8923d78478c29L } },
-    /* 42 << 231 */
-    { { 0x0baa35154f08b278L,0x26baf331e57297c8L,0x3fef65cc04e27c13L,
-        0x0f910ee0ca8430b6L,0xa27c5f5c2c445251L,0xc780142dccf3c637L },
-      { 0x47dc4192e0f3fbbbL,0xf4d12bd6f2a91a33L,0xc1eb18b206352685L,
-        0x111cc07f5b3db096L,0xbce0cddbcb95c815L,0x6b0bae7e14d28563L } },
-    /* 43 << 231 */
-    { { 0x40d16b7705897177L,0x4772a643953915adL,0xc6cfc1d23cabc7a9L,
-        0x0641e96df80536c3L,0x6c297cd6be4c5454L,0x509a837c9c00216aL },
-      { 0x17455153c01ce9a5L,0xee76da8a40b825e8L,0x1757a59cd23a37acL,
-        0x5adcfbd10958248aL,0x043314525d01549bL,0x831f725ab0c42176L } },
-    /* 44 << 231 */
-    { { 0x28704bdcdf7d537bL,0xbcae2c15fa88f42cL,0xab32eecd3866ac4fL,
-        0x446754a2128c4a7fL,0xc69309c1739ef781L,0x216e9f43bd160d81L },
-      { 0xe0efa3ec6fefc0aeL,0xd179225086a604f5L,0xe43e13e260418c0fL,
-        0x6f605146f100b9b7L,0x6c39828a6e994093L,0x99558f4706c019e9L } },
-    /* 45 << 231 */
-    { { 0xf541b3cd28df49eeL,0x0be75ef5cec2660fL,0xe73d18bb620c81f1L,
-        0x42e81fef3c775c53L,0xd0a9dcdcbc012ed7L,0x570f5a1b8f292a58L },
-      { 0x51f302e74c030819L,0x42e1903f50bb8a5bL,0x6d8105a98536e7d0L,
-        0x66e2fdf1c1ca766dL,0xecaf4a316c5927fdL,0x347803cf96a14565L } },
-    /* 46 << 231 */
-    { { 0x794d90ab425d3a7fL,0xcae9008d93ecbe48L,0x211e38c3bd5f11b3L,
-        0x6020ed2a6db1c1d7L,0xaa5695064437f020L,0xb2b93424235f4d6fL },
-      { 0xa84a3c1d66ab2a3eL,0x171f9325712a14e0L,0x4a43cd6744d958d0L,
-        0x53bea85ee95dc3cbL,0x1fba008769f2009dL,0xf0fbc48f31c13eb4L } },
-    /* 47 << 231 */
-    { { 0xefa3dea85fb2227aL,0x0160b031e098a97bL,0x92a554e3553377b1L,
-        0x7b58c26258ccaac8L,0x666400171c3e0a47L,0x40e45f90ae2d7d8aL },
-      { 0x660df3441ee18103L,0x5515cd66e9b64e55L,0xede93c59de059b3aL,
-        0x874a0c90ca0e7acaL,0x840188abc8b1daa0L,0x9d49a02601e148a7L } },
-    /* 48 << 231 */
-    { { 0xe93ee31ae12b4e64L,0x2ab8e378662d17f4L,0x2544bd9969516582L,
-        0x7bf80e4b2e1e5485L,0xf30f0b14729d9361L,0xb3ffb5d18268d40fL },
-      { 0x34605055ac193a63L,0x9e5ca9a9f8e04d69L,0xcbbeebc1085ecbb2L,
-        0xda03b75bf340eac4L,0x3bf9468a84436462L,0xdfa8b4c80f26f20cL } },
-    /* 49 << 231 */
-    { { 0x2e6520714aa497e2L,0x2b9358fd7ecd223cL,0x96efcbdc4f828e86L,
-        0xa0f76679d2f096c9L,0x3887bef70690b78aL,0x2e7d9cae1a01b10dL },
-      { 0x8b0cdf0e5656e5d0L,0x0a6ca92d48d3ec2cL,0xdcacbdd3b49e2ab8L,
-        0x4d087ee0d7485e87L,0x4987078292cc57a7L,0xa1776bd47bb38b8aL } },
-    /* 50 << 231 */
-    { { 0x60c113bdb711e087L,0x28694ff4e257e115L,0xf81d5e054c18d716L,
-        0xd1c04b67eb0af843L,0x16e6e46e40d8907dL,0xb73c3de91dd34d22L },
-      { 0x9d7f282519825f92L,0xdf5d33edba486ce6L,0x288fafac21c223d3L,
-        0x21c4df016d05007fL,0xccd9626b197c5badL,0x3a91743902c91b36L } },
-    /* 51 << 231 */
-    { { 0x6f950922340ebed2L,0x9e796894beddf06bL,0x5a8ea337cd9d7a07L,
-        0x1c5dee115bd182ddL,0xba87dd1ae0c79b9dL,0xb16169f3b9002931L },
-      { 0x68098da138c62518L,0xea7bf413417fdc6fL,0xa500a320b6fdf768L,
-        0x7870c71c4550c202L,0x0874fd9f6121afb2L,0x49f0fd0cab7d0b6fL } },
-    /* 52 << 231 */
-    { { 0x7af3de47f6b7fedaL,0x19b8a51ba30b2296L,0x16886446150a0af8L,
-        0xdada5aeeb2a4ecbbL,0x77105de8e8de3888L,0xc54d352c7d763f77L },
-      { 0x754984ae72ff499aL,0x3de4b2785a5a25f4L,0x5df75ece818512a4L,
-        0xd4fc8093ca7ccf3dL,0xff9bdf544a49f4fdL,0x45d23e77de0a5840L } },
-    /* 53 << 231 */
-    { { 0x8ef88682ca85a586L,0x12038785bff64885L,0x99670d8ac98cf695L,
-        0xf7dc3dca6c3d5832L,0x1e836a59fd3e64d1L,0x8dbb13addd426c1aL },
-      { 0x21867f0690f59314L,0x7adb6f707da5ce5dL,0x662422ae0da28987L,
-        0x75a1486466766a41L,0x2d42bede6c8937b6L,0x559e168dff0c474cL } },
-    /* 54 << 231 */
-    { { 0xa07fdaa25af635feL,0x01d67fb36a0c8fd9L,0xa226f8dac9eb8d8aL,
-        0x0795c27ce7fcfd0dL,0x84556c0553578294L,0x92b30a84b3e57574L },
-      { 0xc8eb6ac0ca5dc890L,0x061a0a195c8b7d8aL,0x60f3351923177c06L,
-        0x780755917d01bf6cL,0x63ec8a4421f48422L,0xddfcb2c0d804c7b0L } },
-    /* 55 << 231 */
-    { { 0xb186daffdb2e385aL,0x7589c9cd43aac848L,0x9b474a411fb053d7L,
-        0x2f79556be1ada6c8L,0x694badc54d7d9ce8L,0x31ac06a84921f546L },
-      { 0xacaf91c165666233L,0x6ea97c8ee45b62b3L,0x9c8f3fa66f0096c6L,
-        0x2db7da39ac68f8baL,0x0ad2da0f19a3d1b2L,0x08c96b0ff80d426eL } },
-    /* 56 << 231 */
-    { { 0x07d63f07257d20b5L,0x25475a304e8c62caL,0x2469d661789ac15cL,
-        0xd0d2ba1b3aae86a4L,0xc716202a4458dab6L,0xa011ca5ec4d5f90cL },
-      { 0x53ce0273ca2430c9L,0x61040ecf96da6946L,0x6847dd034247c99cL,
-        0x0c500b4519defda5L,0x263316db365796d4L,0xff9b99e7b982d89cL } },
-    /* 57 << 231 */
-    { { 0x725fc8f911591738L,0xe6c16db3f4030f65L,0x66c7622d441b6b17L,
-        0xad8e4b9c69d93786L,0x732d597473093a4dL,0xa2136d85228f103bL },
-      { 0x84f1d9397bcf76e0L,0x971a4c55e2531411L,0x9816371d15920fa7L,
-        0x5515cbc594bbc17cL,0x8b8c76e859d52722L,0x3bfe618e9a240652L } },
-    /* 58 << 231 */
-    { { 0x18981da25cd1f7c3L,0x198a91bb09b22c3eL,0x48d11aafb23d71ebL,
-        0xddaa6e071d31782aL,0xca7b812a39125babL,0xd89dcd825d963539L },
-      { 0xc7012ed9e5a89eafL,0xbcf0d4c4af0ce61fL,0x6f65a246e6a9f404L,
-        0xae6a489d51c1302bL,0xab43a2bcfc5ea651L,0xfdb73470293b1e58L } },
-    /* 59 << 231 */
-    { { 0x8e860629f5c9d835L,0xf91a0b5d04efe37dL,0xaa2acb55b1956d3dL,
-        0xe295b30fb5bb48ddL,0xdfad64a7e8275e6fL,0x1e203bb7d41beeaaL },
-      { 0x4aa2fd5836e64f60L,0xfb0b92a706e01818L,0x68e386d60d29ff89L,
-        0x617981bc1802840aL,0x6d68ccf7ceb124f5L,0x19193c483b120ddaL } },
-    /* 60 << 231 */
-    { { 0x4d02098b8b5d9d67L,0xecb580503148dc75L,0x561545107d898600L,
-        0x0213ef782d8be728L,0x4123671b1f11d90bL,0x8b9ff1b654c291beL },
-      { 0x139ba95e52db185bL,0x83be41d0997b3eb4L,0x4a950c9a41e2e288L,
-        0xdca0290c48916145L,0xf1eb9327cd073e77L,0x384ec5ddbd4f4ccbL } },
-    /* 61 << 231 */
-    { { 0x7e538f9036f4b7b0L,0xeb54e9e4ca25008eL,0x0054a07bf8af6eb2L,
-        0xd96b712f5e3f61e9L,0xf01da03e29aa496dL,0xedbbc2d7d00faf95L },
-      { 0x178c5bbd104f4dd3L,0x5cbd4783aa11b0d0L,0x4433fe6156eecea2L,
-        0xdcc01bdcada7991aL,0x89ca41ba1addfa5bL,0xad64ee097a65ee64L } },
-    /* 62 << 231 */
-    { { 0x05a8a58d7e276915L,0xee28f77bf1582bf6L,0x6f308349285bd210L,
-        0xb8b8ec47ab877186L,0x0436930e0ddb857fL,0x20a9973e5346b800L },
-      { 0x756ab9b5848dd5b9L,0x33a220cfa12370ebL,0xdbd87c391f3d0386L,
-        0x90c6879075429844L,0x5cc1a9736193f021L,0xf0b80f6543d46e24L } },
-    /* 63 << 231 */
-    { { 0x45e5f57bf79f5116L,0x14f02b229bcd30ecL,0xd989ee5426a39a1dL,
-        0x497ad3c3d5854b85L,0xb61c15e50154364fL,0x5979941f502107d5L },
-      { 0x0b99f087195934f6L,0x1f852baa605fbf71L,0x68ec80e47206f65bL,
-        0x0392af1cea5bc3c0L,0xcebe56f81cb1d6bdL,0xdc6279d90f80b6b9L } },
-    /* 64 << 231 */
-    { { 0x10c082a63fc14a85L,0x59389ebc1c0b14c4L,0x785d935b4cb291a7L,
-        0xfc2ae15313e9ce08L,0x3146fabf4df6f1c4L,0xa2a4a457c87dd24cL },
-      { 0x85fdd8771deb49bbL,0x2b7843709b055934L,0xc81d05013e7e0297L,
-        0xb56ddd1fb92df904L,0x4612df9f295ddccbL,0xc24bd4cf0e27cf1dL } },
-    /* 0 << 238 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 238 */
-    { { 0x7830460fd1944d1bL,0xc56f08e784350af2L,0x73bee2aa307d9c78L,
-        0x1b02af1b5aad8b6cL,0x5e31882703848db5L,0x4785958bf230f476L },
-      { 0x4ea6535d4f80e25dL,0x9958c9c7d23c7f72L,0x4c197b332fd33cabL,
-        0x24c7b0b1c566914fL,0x956ce3c371952d3bL,0x8735694bfabae5f2L } },
-    /* 2 << 238 */
-    { { 0xca9872e1597bd10eL,0x6725cc9a4aed951fL,0x96b17cb84e05b280L,
-        0x97987146fa234d45L,0xba78949ebb35a7d8L,0xb82e9b9f6fc59384L },
-      { 0xa303e54a70f165c7L,0xfd6bb0dcb9c2cad9L,0xe57e2de8ee722045L,
-        0xa05c106563e27035L,0xaa38e86602d2fe6fL,0x78e02fa8ee2f6aadL } },
-    /* 3 << 238 */
-    { { 0xd6256e7c62c627c2L,0x5571edfc3cbb10dfL,0xfedec45771cca8f4L,
-        0x2e26ac5f8483eed6L,0x8e8c0671173508c2L,0xfd9f25d50f39bf76L },
-      { 0x1cb080c3094cc1b1L,0xd367ca8c113e6552L,0x4ae2ca36bedb511cL,
-        0x0de0c3e34707eeb6L,0x204cc610239d3097L,0xb235dbf0adb00383L } },
-    /* 4 << 238 */
-    { { 0xc0426b775e3c647bL,0xbfcbd9398cf05348L,0x31d312e3172c0d3dL,
-        0x5f49fde6ee754737L,0x895530f06da7ee61L,0xcf281b0ae8b3a5fbL },
-      { 0xfd14973541b8a543L,0x41a625a73080dd30L,0xe2baae07653908cfL,
-        0xc3d01436ba02a278L,0xa0d0222e7b21b8f8L,0xfdc270e9d7ec1297L } },
-    /* 5 << 238 */
-    { { 0x9704cdc6a9c26f4fL,0x96808107908a6756L,0x73be47d40f1def2bL,
-        0xd32c11d619215394L,0x1a59b9541842c2f2L,0xd64a70bb52c94807L },
-      { 0x32b08c3e9dd262b3L,0x54d2cdc4440315a0L,0x671b3139425ace14L,
-        0xd418542f2c7518e4L,0xce5e1712cc1bbdaaL,0xb3268403131f98adL } },
-    /* 6 << 238 */
-    { { 0xce4b39874e39e87dL,0x8e60a901966f4603L,0x1b95e4fd73c4a679L,
-        0xae87f845b004310eL,0xcd50aedf815684c5L,0xa56805d343c77e38L },
-      { 0x9a429abcf0588403L,0x77dd1a02009e699dL,0x27ad38fb52a417d6L,
-        0x62591579fd8f6d00L,0xccb12126ea58f822L,0x3a009e76760a3ccfL } },
-    /* 7 << 238 */
-    { { 0x17688d3410023b42L,0x9bc8bd6f7cfadb6eL,0xe4cdf89f460aa255L,
-        0xf709740a99eb21f8L,0x1ea8115cbd460bacL,0xbf7bafe8ac7e6629L },
-      { 0xf8dc02bb096de741L,0x982f7becd2f6a583L,0xd971589a0f92bfeaL,
-        0x662793afc02acbaaL,0x1b0f7d5eb771574eL,0xd9f71c4c66985cdaL } },
-    /* 8 << 238 */
-    { { 0x4f120aa7e2a07891L,0x9158bab3a25d3225L,0xc96bac5ecfe5f7a8L,
-        0xd4e73d59bbf3cec6L,0xed8d233560361cd5L,0x9b1a252c562f444cL },
-      { 0xbd37d3cfc70f23c2L,0xf13b3b6ea52ea19eL,0x7e35535a3d2f41edL,
-        0x0353b52ee8b1743eL,0x31d89dfd7b5a2765L,0x2b7ac6848d9ea8b8L } },
-    /* 9 << 238 */
-    { { 0x3613afb361bd36b3L,0x85171aef3e0339eaL,0xdaf0c280c833abe6L,
-        0xde566372e4500f09L,0x487dbef84a5bda73L,0x5cc00564e6e3f324L },
-      { 0xbdf148cfb96abd01L,0xf8dbeda5ba9306ffL,0x05774d1a5ac0b828L,
-        0x73ddc3248cf4a56dL,0xabc5af5232dc6125L,0x15ad6d2573294d7bL } },
-    /* 10 << 238 */
-    { { 0x7b5bbe51bd6086deL,0x7fbc95303816cee6L,0x60ac14fab3354bf6L,
-        0x2b2abe43c9a6e793L,0x6ffae7342e19664bL,0x1d0e38b90064bd95L },
-      { 0xc1303ba3fa9f23beL,0x6d5f4ea5d8f0a46cL,0xf8f472517a270649L,
-        0x126c13ae723a5a0dL,0xe4d0a19e5e21273eL,0x18076170e83abb8cL } },
-    /* 11 << 238 */
-    { { 0xc21dc6946b771809L,0x2501f25600f85b8aL,0xb3a21dc347382df8L,
-        0x25ede3c239dee18dL,0x39709b9db29b770cL,0x6eb314d510fa9c5aL },
-      { 0x79140b1f508f5e59L,0xcce9f7cedeff2816L,0xa153c050400bc8a1L,
-        0x052e03c4ff2c127fL,0xf8ffff1f841a03adL,0xc0c2626345896fb5L } },
-    /* 12 << 238 */
-    { { 0x06a67bd29f101e64L,0xcb6e0ac7e1733a4aL,0xee0b5d5197bc62d2L,
-        0x52b1703924c51874L,0xfed1f42382a1a0d5L,0x55d90569db6270acL },
-      { 0x36be4a9c5d73d533L,0xbe9266d6976ed4d5L,0xc17436d3b8f8074bL,
-        0x3bb4d399718545c6L,0x8e1ea3555c757d21L,0xf7edbc978c474366L } },
-    /* 13 << 238 */
-    { { 0x905ad4bf3023ec1eL,0x8cc101ca16081c1eL,0xe0d47ec79cb74127L,
-        0x1be5f86725da2dd4L,0xcba2ee4507ebac2eL,0xcee26667e22d87d1L },
-      { 0xfc339af1c7c409ecL,0x112af9b47b7ef32fL,0xcc3e07898b821999L,
-        0x4234433c222b3478L,0x55bcc87ddbce50c0L,0xcb6141cd7816f642L } },
-    /* 14 << 238 */
-    { { 0x8ae24e6b67f38eecL,0x61adae20ea14bc0dL,0x32737584c480c3fcL,
-        0x44f61b79812ee744L,0xc8f607d5fe06d5d2L,0xfeaeb2bcea45267eL },
-      { 0xe004522bb92c909eL,0x5171fe360ab3e854L,0x659936fe63ebc481L,
-        0xdde6dbbff76649d4L,0xb38c160fe2295d0eL,0xba608b7e1e8f5c1bL } },
-    /* 15 << 238 */
-    { { 0x55616c4c86c2cb9cL,0xcfa8b484173526faL,0x096a09d90039a4c9L,
-        0x6ccb4964f300a73bL,0x42dd78ac66819855L,0xa7c532c10941599cL },
-      { 0xd15905f0b630220bL,0x9f4893ca5637e103L,0x768c09bf8a2115abL,
-        0x5091f4399c52755bL,0x4ad1c0f6d38e7c50L,0xf6e6b2d054eb4439L } },
-    /* 16 << 238 */
-    { { 0x73457010c46db855L,0xccb68c43dd579fb8L,0x705b0e8c9c25fe5bL,
-        0x40f36ea182dd0485L,0x3d55bc8527ac2805L,0x15177c6fad921b92L },
-      { 0x51586cd55ab18cabL,0xf51b5296cbb4488cL,0xbb4e605e84f0abcaL,
-        0x354ef8e3772dd0daL,0x7f1a8f795e4e1d41L,0x93461f09de5d8491L } },
-    /* 17 << 238 */
-    { { 0xe186b0b09cd7d54aL,0x0451cb0dd4303760L,0x90a8b0f84b38f082L,
-        0x2357f03700b04fffL,0x8a4669f86d81dbd3L,0x2a5cb6f6bd94842aL },
-      { 0xa13d19c4c498a572L,0xb7b8fe10cd937a76L,0xf8df355ed9842244L,
-        0x64fc9d62b077c8feL,0xd4b2c3cce9dd337eL,0x7c63799ad3784edaL } },
-    /* 18 << 238 */
-    { { 0x39fe6673a780fd38L,0x8bc8d026a4b4cfa8L,0xcc339850801c44bcL,
-        0xb5d80c4bc2dca07dL,0x745ffb5d91f1408bL,0xb55588f89017d1e7L },
-      { 0xafef3cf1c3d76a1eL,0xe3a6e8058e1367ebL,0xd09ea1e2a642d2bbL,
-        0xf303c613216e63e5L,0xe699e51cc98908e6L,0x835d4cefafeac3c2L } },
-    /* 19 << 238 */
-    { { 0xd1cbe55ee5000eceL,0xc1a074b01ff0f474L,0xc6681f48d7ffb89bL,
-        0x7c68011d48d0bb4dL,0xf305627bdcef5e07L,0x0f0e0c36323ee3fbL },
-      { 0xc5c6b61355f5f185L,0x6e4de5af52d6cc84L,0xa64ea548889fe8bfL,
-        0xc4c5e4104d28350eL,0xef944a8f7dd3072dL,0x7ed579fa13356185L } },
-    /* 20 << 238 */
-    { { 0xec72c6506ea83242L,0xf7de7be51b2d237fL,0x3c5e22001819efb0L,
-        0xdf5ab6d68cdde870L,0x75a44e9d92a87aeeL,0xbddc46f4bcf77f19L },
-      { 0x8191efbd669b674dL,0x52884df9ed71768fL,0xe62be58265cf242cL,
-        0xae99a3b180b1d17bL,0x48cbb44692de59a9L,0xd3c226cf2dcb3ce2L } },
-    /* 21 << 238 */
-    { { 0xe646281876ba99afL,0x1d53bd27818b5992L,0xc55e135d67e1d81bL,
-        0x32b9e37023e211feL,0x91ea63dc130b1176L,0xd7e1cc51a34fbb3cL },
-      { 0x5363fd962fee934dL,0xd19c50ba0b8fd289L,0x21257825a11c27b6L,
-        0x19159a966792c1ccL,0x0ccc3cac39a08fbaL,0x841cb58a45512d8eL } },
-    /* 22 << 238 */
-    { { 0xae8532c3224ab492L,0x8bc92c85f6acd0ddL,0xc071ba92b796d21dL,
-        0x1290162943797a3bL,0x8f4c5fb5ec950329L,0xfab6f950cf0578e3L },
-      { 0xb7b8d211bb6aa75cL,0xb06279dc3d1147f9L,0x060db1a7591820cdL,
-        0x0e691a412830f356L,0xac00664224b8bc33L,0x579f9c052f17441eL } },
-    /* 23 << 238 */
-    { { 0xd8b9dcd50c4cb7edL,0x2f59d64c7619cdf4L,0x7e83d18e284bc6f9L,
-        0x49af25123e415166L,0x90388976ccd64d11L,0x4708fffdfe2580b6L },
-      { 0x7a8d25ff17dd4d8bL,0xba7785fefd71355bL,0x7cceb111b9789cc6L,
-        0xa8fd782ee98d6b78L,0x8d1b7fb66135d4a2L,0x78c2267d35e382beL } },
-    /* 24 << 238 */
-    { { 0xf38995589311182cL,0x1bee4c4bb657a7b7L,0x0b1c4fd32df8d1a7L,
-        0xf16bcc2376d3fbbfL,0xd5888916f4fd52bcL,0x3de6cfb4d5cde1f0L },
-      { 0x764ffffdd4a07dfdL,0x5e674426e2642182L,0x34f64762ccd57b85L,
-        0x2233a4c329351062L,0xdf076095d9c642f3L,0xac917a2c59f0df34L } },
-    /* 25 << 238 */
-    { { 0xe588d5a8cf2f7d4dL,0xb45923ee86798c14L,0xffefd323f0623572L,
-        0x24dd7019005f605aL,0xb9e833053a6edaecL,0x039ed04949923a44L },
-      { 0x0f83a74360789fd2L,0xb4f91a8e9b001515L,0x37b856664261ad9eL,
-        0xc291caa68b92b7afL,0xfa0f8a5e67ba28e0L,0x362a6808c5eefb98L } },
-    /* 26 << 238 */
-    { { 0x8aee939cc64e4ab3L,0x3baac0a844621bb2L,0x9094a09629da9bc3L,
-        0xa92dc70806d2314fL,0x45c1cd0e34235918L,0x51aeb007c34021a4L },
-      { 0x58267735a3492237L,0xe8d494bd375eb21bL,0x664dacf5a395bf8bL,
-        0x2ef1feb612cec40eL,0x90c5f43fa7141e5bL,0x93e80dd03855169fL } },
-    /* 27 << 238 */
-    { { 0x2e550006211b2fb3L,0x8c82e59d6cab73baL,0x011bb2fb2bd326b9L,
-        0xfbd519ff1e0efd69L,0x0fb2f266320cec7fL,0x879e28c03518fac3L },
-      { 0xd0887775e01294eaL,0xf6e60efd1df5bb0aL,0xb2a5d3a404d04a96L,
-        0x915eaa29a4f3500fL,0xcb6c03f70db6bde4L,0xfee081a405f30cc1L } },
-    /* 28 << 238 */
-    { { 0x9580cdfb9fd94ec4L,0xed273a6c28631ad9L,0x5d3d5f77c327f3e7L,
-        0x05d5339c35353c5fL,0xc56fb5fe5c258eb1L,0xeff8425eedce1f79L },
-      { 0xab7aa141cf83cf9cL,0xbd2a690a207d6d4fL,0xe1241491458d9e52L,
-        0xdd2448ccaa7f0f31L,0xec58d3c7f0fda7abL,0x7b6e122dc91bba4dL } },
-    /* 29 << 238 */
-    { { 0x24e2801364ca563dL,0x6f06fde270f8f91eL,0x9abcca1bd2a65c0fL,
-        0xc5728ffca5aa1e40L,0x654f0f56eb9d3e45L,0xe04ada2394161a0cL },
-      { 0x001b25626ddbc960L,0x253b447aef93504dL,0x895ce21e2d6dc894L,
-        0xefb987381c1b63deL,0x6adb6eecde8b806aL,0x9ea3884e0240e7bfL } },
-    /* 30 << 238 */
-    { { 0xe8387f68411ad563L,0x98a962eacc5f157bL,0x8093a8d296090321L,
-        0x240a73083790052dL,0x6cb4a7382e7dcedfL,0xda65bf8481a60e8cL },
-      { 0x420ce478c66c70aaL,0x0e7959ec42da3021L,0x44bc9d3c7e35aa20L,
-        0x36e49d764e9df39bL,0x7281073a9b286287L,0xd9a068422524b62dL } },
-    /* 31 << 238 */
-    { { 0x00d6e0312546247eL,0xcc2851020fdaebdaL,0xb8a453f15601006fL,
-        0x0afaa3f138be7068L,0xc87acb442c6cd9f1L,0x10dd5d031ffd5fbcL },
-      { 0xbae0b62fddacbbd0L,0x1daadc18446bf2e2L,0xaeaf15317ef0facdL,
-        0xe7b92b76c941808fL,0xda59af2ae6d0dffeL,0x1c09b783e612b888L } },
-    /* 32 << 238 */
-    { { 0x3bd258d8775f516fL,0x4bedebd5c715927fL,0x5b432512e3f966a0L,
-        0x338bfca7709d0c2dL,0xd142cc1049658259L,0xfabc6138636b8023L },
-      { 0xa9ef94014d4ef14dL,0xd5917ac1c54c570cL,0xfd2f63c55cb64487L,
-        0xbae949b11cea475bL,0xa45446031e67a25fL,0xa547abc1dc6a7a6aL } },
-    /* 33 << 238 */
-    { { 0x6c7b4cf344b880b0L,0x29da87760a388eaeL,0xf434d173fe9617c9L,
-        0xaf67cc2ea47abf28L,0xe211ad37249d0eb4L,0x88d156e538bce76fL },
-      { 0x60320c6dd58fa585L,0x7b352c39ebf09a7bL,0x9305dae8a31ce734L,
-        0x70c35be89361cc3bL,0x6b8b71f8bcd14255L,0xd1b7963572a457a7L } },
-    /* 34 << 238 */
-    { { 0xd8d04787ef8849e1L,0x58adf044148375e5L,0x5b613ac476623232L,
-        0xbd274d2f95d7e359L,0xd97acbd271576bb6L,0xd20bb2c34c7fc4b7L },
-      { 0xe15465315f837664L,0xddac59b5fb4ce79aL,0x33fef5214fb36e08L,
-        0x0467811045108b22L,0x0de6c7766dbe57bfL,0x456d765a25fea77bL } },
-    /* 35 << 238 */
-    { { 0x4d9838a32922b715L,0x3cd9fc0a6a7bb3a7L,0xb1bf28fc2247e916L,
-        0x92dd22006f206a16L,0x8ea87d67b51256caL,0x2c535730b5a4bf17L },
-      { 0x34da42505f584954L,0x72326fb8fefca748L,0x40fd9d09da2844a2L,
-        0xaadaf71c412da037L,0xa62329a9aa6f884aL,0x1b6165e6726a8f8cL } },
-    /* 36 << 238 */
-    { { 0x2a2dedafb1b48156L,0xa0a2c63abb93db87L,0xc655907808acd99eL,
-        0x03ea42affe4ac331L,0x43d2c14aeb180ed6L,0xc2f293ddb1156a1aL },
-      { 0x1fafabf5a9d81249L,0x39addead9a8eee87L,0x21e206f2119e2e92L,
-        0xbc5dcc2ed74dceb6L,0x86647fa30a73a358L,0xead8bea42f53f642L } },
-    /* 37 << 238 */
-    { { 0x39de72e225e62213L,0xd885c406a03a58adL,0xa63964b527e76458L,
-        0x93f83239637c0becL,0x8c9e29b4ba556e65L,0x7d746448a6183182L },
-      { 0x6dee01aa09a8eb37L,0x97289f2e757ffa96L,0x367ec50fb4785102L,
-        0x200f77cdb3d07cd8L,0xadc7c000a581946eL,0xa2dba5e52c0b32aeL } },
-    /* 38 << 238 */
-    { { 0x95a5a7f0b203f75fL,0x9b574cfcb5df11f0L,0xbf5fe3f2dba4b4e6L,
-        0x347a7bd7d0987125L,0x858dea6b09377a2aL,0x87cb1e66eea85d5fL },
-      { 0xe7619b666146a0c6L,0x0012585a8a0bc101L,0x738e6589ea0ce92aL,
-        0xf23547979a39b3f0L,0x666f3f5d6dc81167L,0xe569cc82fb06b0b3L } },
-    /* 39 << 238 */
-    { { 0xef0e64399c7677d5L,0x052bf027efc398c2L,0xa5d253cc515e4198L,
-        0x7b915f07a71ce047L,0x56880ea2e177dbf6L,0x735dc74f0b5741d9L },
-      { 0xa108632f0161a0acL,0x0c68765705e7e09eL,0x694e651e211709e0L,
-        0x334e15e51d879a41L,0x6191d34260c2a603L,0x3a8ce0e6224234d7L } },
-    /* 40 << 238 */
-    { { 0x158d814db12c4bb1L,0xe52f75d22f0cf4faL,0xf106023e6141b59cL,
-        0x5eb8b8ebbeb9d941L,0x1dd3972990cf579cL,0xb273252e69ee6efaL },
-      { 0xe43a3c593e9947a0L,0xd605124f6c19dd01L,0x8090fdbd05c578b0L,
-        0x8e6c535a622ff18cL,0x3600b0c257d12071L,0x6d026e5c78d001d7L } },
-    /* 41 << 238 */
-    { { 0x6e515f3608e33ad5L,0x3e320c5283512d9bL,0x171ab26a5ca1c452L,
-        0xfb3061e874c97139L,0x7944644c9cacf3aaL,0xedc724f03687cfceL },
-      { 0x7252d7590db9b5beL,0x625f17ed0eeaf1d4L,0x6b0b4e5e82e3c58bL,
-        0xf03d7bcef0f2ecc3L,0x4cbaa878139a7580L,0x982e471672203e07L } },
-    /* 42 << 238 */
-    { { 0xa533f574e335d60dL,0x102b66fb2aa6855fL,0x7a57420c49946287L,
-        0xe3bb702286f393c2L,0x1892642d04a41c49L,0x2c47ba38d44969feL },
-      { 0x9068650444388ef1L,0xd94f6f131eaf6b54L,0xf81d8782f0b872e8L,
-        0x7ced5924d013f6eaL,0x76ef63d307cd721cL,0x888646b36cba783fL } },
-    /* 43 << 238 */
-    { { 0xd2c858157ec1660cL,0x6c8988a3ee73763cL,0xd6cc562d5e80aaeaL,
-        0x48f399d975768c58L,0x3189bf68af50c1c3L,0xa3f8d2df27dc372fL },
-      { 0x99d6b416b8c7c529L,0x531707944406b1e6L,0xafb57933e3ac044fL,
-        0x530ad3bab2548505L,0x791a290a977590caL,0xb0d07228646fd1fbL } },
-    /* 44 << 238 */
-    { { 0x636225f591c09091L,0xccf5070a71bdcfdfL,0x0ef8d625b9668ee2L,
-        0x57bdf6cdb5e04e4fL,0xfc6ab0a67c75ea43L,0xeb6b8afbf7fd6ef3L },
-      { 0x5b2aeef02a3df404L,0x31fd3b48b9823197L,0x56226db683a7eb23L,
-        0x3772c21e5bb1ed2fL,0x3e833624cd1aba6aL,0xbae58ffaac672dadL } },
-    /* 45 << 238 */
-    { { 0x86d2f71530cf85afL,0x8e1b053cf7e634e0L,0xe79592f43a4e466dL,
-        0x26752e8506985331L,0xfd098e83dff73363L,0xaa158e2c505ffbc0L },
-      { 0xe45fa1cba0fe759cL,0x6e2f5989bc0d1491L,0x4a804eacae7210a9L,
-        0x0e252f758a63f67bL,0x0d7600cf362a7df7L,0x795069bf6d5b2b18L } },
-    /* 46 << 238 */
-    { { 0x25f9f0fc0649613bL,0x109521f05d3005d9L,0xcce1c5b41feba4c2L,
-        0x6a27cfafacda6021L,0x37ff83303ab6382eL,0x53c7ccb715ca79f3L },
-      { 0xdffa6c9633611dd4L,0x7555cfd4352d3916L,0x2354bec62cbd44f7L,
-        0xaf0044c54b0b500cL,0xe4835df7ce9aade1L,0x14e57f6bcb218644L } },
-    /* 47 << 238 */
-    { { 0xb5e26899b1c22bd8L,0xde12b0b51aaf3460L,0xc269595c31ee049fL,
-        0x8c7513c88a73ed74L,0x8273018450cd009eL,0xb2cd2dec4d130b5fL },
-      { 0x1a9015521971a189L,0x6ce23544c6f39bc3L,0xd76133aa9467badeL,
-        0xf91173cc071ee7a4L,0xe54d8f44b8267c73L,0x5725e0676dc9aee6L } },
-    /* 48 << 238 */
-    { { 0x00e0a003daff1807L,0xcb9d155992c94fd0L,0x3c2b5c3dcebbf905L,
-        0x9c799ec7d338afa9L,0x60b9908c4e2cfcccL,0x4bfe1a57ae3c6f92L },
-      { 0x480d310efb116150L,0xa1ed6c31e3e7888eL,0x841a11d9720b5196L,
-        0xcc337d178adff37dL,0x08c668265faa86c5L,0x945c90d49dfcc7adL } },
-    /* 49 << 238 */
-    { { 0x0fcc0854f2b3622fL,0x3a9e218ab6833f04L,0x209125d4ee8fc062L,
-        0x98b2c628a3c3bf2eL,0x7e051fda83ca6a6eL,0x81afd3933d87981cL },
-      { 0x8f3beaff4baf556eL,0x0f1b27fdcc7e66c7L,0xbf0b08f59f4a4461L,
-        0x8eb739fa141985e5L,0xdb5b46112da43947L,0x63bf81cbe5cabfddL } },
-    /* 50 << 238 */
-    { { 0x355e40d398ff85afL,0x19f2f3c2b08f836bL,0x0a62d254737cb5f7L,
-        0x5d0ef7d9f8c50d82L,0x773a399ebbd70eb7L,0xac357974a70bea8bL },
-      { 0x1de5a45cb3b5d794L,0x67c58b52a48b55b7L,0x724f56f4b02ebc8bL,
-        0x03dc71e3154ad508L,0x9bcd3939cc84428aL,0x7fdba978158c4a0eL } },
-    /* 51 << 238 */
-    { { 0xac08e06e65b93d44L,0x2397625a5358c691L,0xfbc9285a8516e31aL,
-        0x38ce0d3544ffe25eL,0x13381dd16414072bL,0xf782fddc170ecb4eL },
-      { 0x78c71a716f815259L,0xb725870573659a85L,0xd37678008712d968L,
-        0x153d8aee3eda5006L,0xda4fd94818f1439eL,0x6384135352dbfdf8L } },
-    /* 52 << 238 */
-    { { 0xce92224d31ba1705L,0x022c6ed2f0197f63L,0x21f18d99a4dc1113L,
-        0x5cd04de803616bf1L,0x6f9006799ff12e08L,0xf59a331548e61ddfL },
-      { 0x9474d42cb51bd024L,0x11a0a4139051e49dL,0x79c92705dce70edbL,
-        0x113ce27834198426L,0x8978396fea8616d2L,0x9a2a14d0ea894c36L } },
-    /* 53 << 238 */
-    { { 0x06d57f2920514206L,0x61394b863a2cc1ebL,0x0ffdf49a86c7b2c1L,
-        0x65334e9349f58f13L,0x180b10b8c08dfb05L,0xec352adef6c95b7aL },
-      { 0xf9801dc0c4bde0faL,0x428c77f0dabf0c66L,0x2a7d1bb0c2eb80d4L,
-        0x81774172fdb56fabL,0x7507481f1d965515L,0xee0693bb8ebfadebL } },
-    /* 54 << 238 */
-    { { 0xf4589418ac56a031L,0x21f3dec6f2718a10L,0x0ed08d9690f28b6fL,
-        0x2624bd7a35c3a6a3L,0x1b3f02e8bba795f2L,0xe629b5aa3977fd17L },
-      { 0x66c8cd7691e8df1aL,0xf36c4e2c1b2b5542L,0x7f6b742f7dff66a7L,
-        0x00bc68b8242e0fc2L,0xdff5c73360119d9bL,0xe726260fb5c4dddfL } },
-    /* 55 << 238 */
-    { { 0x0242fa358eeaa549L,0x2d081bcf8abc93c6L,0xaa31813c55551d40L,
-        0x1cf21c1271db3aecL,0x5a6dede7203880d9L,0x389c63cabe4aaa9aL },
-      { 0xff4db7d4bf28086fL,0xd89c039b33146844L,0xc2b32bf06df6f790L,
-        0x7f4e836b9f22fecaL,0x3f64d0fa0af51572L,0x681a1f5bc67aa565L } },
-    /* 56 << 238 */
-    { { 0x9f9ac9608e2941a6L,0x43e7ff902fc4fe1eL,0x5ec413596033e041L,
-        0x5ce791c46f6ff0f3L,0x8d134b899d907343L,0x7bd15c7786304df2L },
-      { 0x2cd2ebc777c4a913L,0xcd86a39d45f07153L,0xe7e12d2e88bc423bL,
-        0x478e814b0b3163f4L,0x78bd9c8abe8ec766L,0x6a5763e87709ce48L } },
-    /* 57 << 238 */
-    { { 0xb503ac624329d7f4L,0x3a900374488e3ce4L,0x8a11addab0d8dc97L,
-        0xbea3ea2c0873bdf8L,0x0f57130115bc7adeL,0xbc98d2070b2b69a0L },
-      { 0xaefc4047639d182dL,0x0e6db26feb3c44eeL,0xaf0f8b392a68a48dL,
-        0xde65a6b36bf1e593L,0xe48f8fc989dbd38aL,0xad18a43bd8d285b3L } },
-    /* 58 << 238 */
-    { { 0x249d86007e9d48c8L,0xec6109ba109a54bbL,0x64f688af5ac65ad4L,
-        0xb12c85b4be1796baL,0xcc258d31c9940da0L,0x59590853ff2f151bL },
-      { 0x9e9edc4d401c5d1dL,0xdd9ad117f230b458L,0xc2c752ac962334b6L,
-        0x3fab66ce27327e6cL,0xa363d3643816a47eL,0xa6fc57bec180bbdeL } },
-    /* 59 << 238 */
-    { { 0xd72dd5893ff345d5L,0xf87c17ae41e1d287L,0xadadbf525964d55fL,
-        0xecc7f27af8b07db1L,0xa2dacfce6f2aa320L,0xc7936da72aa3f228L },
-      { 0x2e9e6058fa504b87L,0xf2df43279d0f0634L,0x90d5ee22a4b768c5L,
-        0x1ea9bf0b5b46ea84L,0x792370f45cc41770L,0xfd17823176c1a3f5L } },
-    /* 60 << 238 */
-    { { 0x4f1e1254604f6e4aL,0x4513b0880187d585L,0x9022f25719e0f482L,
-        0x51fb2a80e2239dbfL,0x49940d9e998ed9d5L,0x0583d2416c932c5dL },
-      { 0x1188cec8f25b73f7L,0xa28788cb3b3d06cdL,0xdea194eca083db5aL,
-        0xd93a4f7e22df4272L,0x8d84e4bf6a009c49L,0x893d8dd93e3e4a9eL } },
-    /* 61 << 238 */
-    { { 0x4c124a904190257aL,0x09002f52347e517bL,0x2e9b69a1e5760993L,
-        0xbaa49e53e26672bcL,0x9468fc3bf7820190L,0x637bccfe1f955328L },
-      { 0x16fd33f26e0aa088L,0x9391550757b2b2adL,0x85e98842e9a0ace2L,
-        0x8e2bd52b4fa787afL,0x8a86bd85644aeeacL,0x63490956c2814734L } },
-    /* 62 << 238 */
-    { { 0x5e902fb3063b3517L,0x0cd006cae5a65212L,0x597bd7804591c4bcL,
-        0xd853d81be17c1d3dL,0xbc4bf68156e5d24fL,0xbc801615d26b5ce5L },
-      { 0x1ffa5cd5caeecbe7L,0x16ec32a4b0203156L,0xaaad43269a857672L,
-        0x0606ebf9189c6f6dL,0xb90730bd57e476f2L,0xed8d82b1d492fb05L } },
-    /* 63 << 238 */
-    { { 0x69a2a9b6ff824814L,0xe7b716e7c35c5da3L,0xb6781a5e9a5fde1aL,
-        0x08bf695dc072e1b5L,0xaadf71462590a817L,0x490297f9c755c83aL },
-      { 0xbd9fad6191c29990L,0x87b3abc226b6cb9dL,0x6975d59865fd0b64L,
-        0x0fdc5267f4257158L,0x9f3e10585877bbdeL,0xb7f4cfb04297a2d1L } },
-    /* 64 << 238 */
-    { { 0xd699ea2d8d095606L,0x3cd080c51e0ddd3aL,0x46604bad66a8b35bL,
-        0x0c779b624233fccbL,0x578458acbfd3cf0cL,0x6820f66596bf57afL },
-      { 0xa9724245bf1f302cL,0xbbde24da277a6c3eL,0x0980a5b8c6be8c14L,
-        0x6230e3ec774d62c4L,0xda1467d84fbde24bL,0xd9d68d07cc862204L } },
-    /* 0 << 245 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 245 */
-    { { 0x67c516347378f90dL,0xbc201a7966647082L,0x77fcc8dc9ee450cfL,
-        0x8dd2b318b41a3e2fL,0xdf6a935e93bf0689L,0x75edabf3a92e5464L },
-      { 0x49afcd9f604d208aL,0x372f0ea7d465ca48L,0xcdbd8ad2c7ea7810L,
-        0xfe61571e550822b2L,0x744a4f9386606adcL,0x6beb3c9cd9d4e110L } },
-    /* 2 << 245 */
-    { { 0x1fef389ce700b9f2L,0x63029466425bc8abL,0xbd770a1437f04a33L,
-        0xc7438e29d0169369L,0x6b265742e2377cc3L,0xdf24bf96c369fa4fL },
-      { 0xdfdbcf470ad94e08L,0xd101b8617f75a7dcL,0x5574a0b82a9c483cL,
-        0x0563fe942de43228L,0x58ca0e8aead1fabeL,0xdc3d9a8466023966L } },
-    /* 3 << 245 */
-    { { 0x383bda07c3fd20e5L,0x9619b1df5c29449bL,0x6f3c717d369f39bfL,
-        0x1bb593d11a5a3900L,0xd0f07ecc2aec6c2bL,0x9d72eb2a4240b202L },
-      { 0x35342f6cc50e4a0cL,0x701b46626b93bf61L,0xfcd6eb09ccb6a888L,
-        0xabb7a6f785aa42c5L,0x952f8824aa4e5895L,0x49860db85c406582L } },
-    /* 4 << 245 */
-    { { 0x3667a7203955812bL,0x0d73483b284d1dacL,0xe084535efc62f791L,
-        0x5bc1652b389faf7fL,0x40cf51683a71b7f6L,0x8a4b19fad4f39703L },
-      { 0x823e754a2a8eff13L,0xf01b2021bffa5afcL,0x5639ee027225b319L,
-        0x7533bc86fc282f16L,0x710009d2c69f61aeL,0xe30c499dbf65e803L } },
-    /* 5 << 245 */
-    { { 0x0da7ac1b734b4ec3L,0xf47fc1d012a2afbeL,0xbbbc99be87dce4a2L,
-        0xf7264b4edd5c6378L,0xe9409305f618ffdcL,0xafadda9bd1846ac1L },
-      { 0xe734f9d0a21850d4L,0x199cb44f8722a316L,0xcfe8704b38cae89fL,
-        0x2db1e56b6b151b57L,0x116ca5cf69ce7b2cL,0xe9b8625f57de97c8L } },
-    /* 6 << 245 */
-    { { 0x18811bd5af247c49L,0xbc180793e124dbdaL,0xed978d3a21234fc4L,
-        0x516dd9a70616ae15L,0x8f80677774e430b8L,0x9094256906e8fc49L },
-      { 0x4ca03fb5a4e61235L,0xb91de709b617f361L,0x0898d82d0ed08bc3L,
-        0x2bd712368cb08146L,0x45b92d45e213176dL,0x05894791f2bf5b9cL } },
-    /* 7 << 245 */
-    { { 0x0d79cb892695ea2bL,0x2cb0f8dfc88e538aL,0xc1b8dc3da80f36feL,
-        0xd756fa6684f00cc2L,0xa6f1cdec9cb9efb2L,0x5c3f15a8a6a21818L },
-      { 0x9a7ee3516995d09fL,0x88885463d70434bfL,0x18cecc6d4f7d5d33L,
-        0x3f0138866b353bd1L,0x53bf798b0d9ad368L,0xeffd465a28dbc3eeL } },
-    /* 8 << 245 */
-    { { 0xeb29e44cb5d98ac1L,0xe47e57f80e227a4fL,0xd09c04943d2bf688L,
-        0x3ab7799a47428dd2L,0xdc558d6be9aafac8L,0xc042c4cd87f9f6e0L },
-      { 0x93842bcd89fb4693L,0x62dbc82f7068fbf7L,0x164552687e6d47b5L,
-        0xab304b7a4c37eeeeL,0xdbb3d4e13fc412ceL,0x4f65dad0a726a2c8L } },
-    /* 9 << 245 */
-    { { 0xb25e01b2605cdaeeL,0x74abec55bc57969dL,0x9c57bfabcdd9d41aL,
-        0xa3330e3f4a9e32a3L,0x5929a0d8e5792fd8L,0x830b4ea271ea2cdeL },
-      { 0x80065ac1fd06d246L,0xa2b416e632e64a25L,0x3950bde7c0c927a9L,
-        0x9951f3bd679d9b8cL,0xc235a274651b6855L,0xbfe5e08e5ad97bc1L } },
-    /* 10 << 245 */
-    { { 0x4409a5b6744ae145L,0x5e83fa0b7f620908L,0xfc489bec2e140aa0L,
-        0x5805a462e3cae337L,0xe56e9ff7c2211c21L,0xb722f2b40c955362L },
-      { 0xb098a32f41371f33L,0xe6cceceabb4923d6L,0x1cfbe2b3d82a311cL,
-        0xcf9428936b98f917L,0xd60dc62492ef848cL,0x34af446e5adb5228L } },
-    /* 11 << 245 */
-    { { 0x0eb7e743796ce1caL,0x138653e5d851377cL,0x69c7c86f2b11c8e0L,
-        0x878ec1decdf2b205L,0x03e6688aae0e8562L,0x20810666935a36a8L },
-      { 0xc8ab7c7f26635c50L,0xe75cdb06744a21dbL,0x4e26f32fd720e198L,
-        0xa1c6395ad8cded81L,0xb75dc6ea6ce4fc04L,0x71750b33004623b5L } },
-    /* 12 << 245 */
-    { { 0xbdef84077e60c447L,0x88570f712a65accaL,0xef3d4a400bb6aa79L,
-        0x5c9d189060212976L,0x80179ea21d96c43cL,0x3f002e6d53d2948eL },
-      { 0x14b2cc9149d78183L,0x7a549c71b496c279L,0xf4beac3f44995f6dL,
-        0x5a34239800bc78feL,0xa874dc1b60e42da0L,0x3a984010cf5824d5L } },
-    /* 13 << 245 */
-    { { 0xe514ee06dfb9760cL,0xb8862d7577b8951fL,0x0144676ef8ee1141L,
-        0x49561a3002eb3e82L,0xb3541c154ff9f897L,0x1670edf0a7a99791L },
-      { 0xd41d603564aea7f9L,0xf66ffd092b3463b4L,0x0784e015c3b26fb6L,
-        0x88edce33ec46f8c8L,0x1b1e25a3b6381011L,0xbfaadc03ff95ab97L } },
-    /* 14 << 245 */
-    { { 0x727a59fe0c7be4e1L,0x75a7d5e3f58ced15L,0x146fc0d990f569e7L,
-        0x94dbccd2b7f1dc54L,0x0df1ef90b75bf232L,0x2943a082a2568190L },
-      { 0x75f2f80d67837b06L,0x07e3506f24b44b6eL,0x7c30829ad0d2231bL,
-        0x9ce577ca93277abfL,0xa19d1868b17549ecL,0x0ad6ff5525e8c4d7L } },
-    /* 15 << 245 */
-    { { 0x16b38dfe1c24d075L,0x3acd4c36992959f6L,0xdaf2fe88ac2da7abL,
-        0x76e8ff0e89644935L,0xb8547c26e85f7076L,0x9f149faa1cdea7ceL },
-      { 0x181a60729e125d84L,0xc4aef9fa18751ce6L,0x451c84660e00f00aL,
-        0x662b3e7ac4e3e6b8L,0x57b7114ec6b64507L,0x07aeb1980b37fb70L } },
-    /* 16 << 245 */
-    { { 0x79d88e004516234aL,0x98dd3cb931f9cedaL,0xb528000fce7d606eL,
-        0xc773557e2fa27fd3L,0x55b53dd3e19436afL,0x675084b3e10b64c7L },
-      { 0xe583266556d56374L,0xf8f7fd2a307e2e60L,0x7b93bf537af3e3dcL,
-        0x94fafa2cf47d298cL,0x94c2ff9a21121369L,0xa41de95f33468ff6L } },
-    /* 17 << 245 */
-    { { 0xebbafd4720f25aa7L,0xe2becad71ac444bfL,0x323356a092a944b8L,
-        0x32feccc0c9a3cec9L,0x15ec3aaf5f9e96c1L,0x852142b5c12c8e62L },
-      { 0x098ffcbf2b6865f1L,0xcca470e8733d7741L,0x0f8c0f5271945bf5L,
-        0xfb654f6a08068827L,0x3a9e7d742a0e2829L,0xb90742b04b687763L } },
-    /* 18 << 245 */
-    { { 0x145afb651fdb2a7bL,0x93315b684eff5eadL,0x0cad1d20e40ca999L,
-        0xda9b517a379a8173L,0xacb665780ca018cdL,0x1e9d919f481969b4L },
-      { 0x5c9a058d68130364L,0x872e26620a62ce5dL,0xca598848acaabe54L,
-        0xdabfcee18aa048a0L,0x16198d034ac52a57L,0x72eb5ec632b6d102L } },
-    /* 19 << 245 */
-    { { 0x13f2e1726a0c96e0L,0x55aed9e02d6b6f05L,0x3c919ba3bdce76c0L,
-        0x647a525ffdda39aaL,0x5c0dbecc01a9011fL,0xa537ba8d9fd9dcefL },
-      { 0x8472e375cff62467L,0x57672311ed5adf05L,0xd1e178dc6a423de3L,
-        0x3ebcfe18d3ad3ca4L,0xb8f341d7ae802c11L,0x3f14c424ecdfdb7bL } },
-    /* 20 << 245 */
-    { { 0x381e0a136e4d2e42L,0x2f2a4ee183c0d752L,0x50d4647fc8e6532eL,
-        0x7e210aeeb4e7495dL,0xfd147710bcd142a6L,0xddddb07b06429213L },
-      { 0x63e06fc64548a6b8L,0x05d9b825904f92a6L,0x4b63fdbf9988ee79L,
-        0x6cfa412f9b3366bdL,0x0dd5fe3dc8c61f51L,0x3ec77027be8e047eL } },
-    /* 21 << 245 */
-    { { 0xea7d01cfc7d81791L,0xfa6c0fe6e2264afdL,0x53c7eea363651291L,
-        0xe58f8411f2d90f92L,0x4919b4c61faf0e14L,0x0c7dcd07148e98a0L },
-      { 0xf9ef44cebc8bd43dL,0x3acfb6686f83cfb4L,0x34130e18f883693cL,
-        0xda9ed2ae2d236c3eL,0xf54da64cc75cabdfL,0x1c3df906cc01722bL } },
-    /* 22 << 245 */
-    { { 0x686796c68d8f2286L,0xe0efaf9334d7cd1aL,0x84f9237c93b23708L,
-        0xcb50cc8ee47f5161L,0x498b81e71f597821L,0x3c3f33e1a491079fL },
-      { 0xee300c6dc69d1bc8L,0x279760e734778389L,0xe00ac0eb2bb8ed78L,
-        0x9bf9a10e765c8b5dL,0xc7e95c0cf8c1e909L,0x3721300ae6e63ea5L } },
-    /* 23 << 245 */
-    { { 0xc03ad784d8dfd7aaL,0x671384a64b065a2eL,0x9b21e9e7bed74e87L,
-        0x153b606cf889f75bL,0x7345c62a2aab6562L,0x270e4f445960cb4cL },
-      { 0x515909fb885f0f88L,0xe43ee4f7067a7928L,0x5f906fc8fc182e56L,
-        0x297ad5770641d0d1L,0xdcc45aa1d1b188b4L,0x8c817fb2ef062a39L } },
-    /* 24 << 245 */
-    { { 0x91e8c992044637f0L,0x01f7838827ee8e8fL,0x7c5e3f6dd095f5b9L,
-        0xed7522fcddf3cad2L,0x80bb87056c57aacfL,0x495480b00cc5ff51L },
-      { 0x964def7f04da2565L,0x8b0d0fe3afa72140L,0xcc75192584de66a1L,
-        0x9acaf7fe075f07c5L,0x6505c2f81eeade93L,0xa2f35aa00e3cf58fL } },
-    /* 25 << 245 */
-    { { 0x1ad38a2d80548b22L,0x4d6120df47a37b3aL,0x6d64ef8c23e33cb7L,
-        0xa1b5f51723c14ca6L,0xd2cdd425039a8e83L,0xa0a359ae229dd2dbL },
-      { 0xde0788166c2779afL,0xd960453362d2abc2L,0xc5c48b20707c0e4dL,
-        0xe452debd691c5407L,0x35c37ca882b0a299L,0x5b263014da3cde7bL } },
-    /* 26 << 245 */
-    { { 0xde34fa4586330487L,0x8391248153f61e6bL,0xd3f8fe742d04958dL,
-        0xdade250f6df77d09L,0x3a3a16175649d9ebL,0xf9b77847a23abc74L },
-      { 0x31d45db63b2e2c8aL,0x311ecc24f61a7bf4L,0x206029f9c56eab17L,
-        0xb9d9ff35878c672eL,0x0d268c160fbf2d91L,0x2474b527a45f58d0L } },
-    /* 27 << 245 */
-    { { 0xad8e84be8436beaaL,0x8f07eee4209eb5d3L,0x47cba1d83ee61bddL,
-        0xa081f21f72018544L,0x5dffddf493d88d16L,0x539a79efcac3952aL },
-      { 0x990af57791bc452eL,0xb139d7d5012f5c6aL,0xf818c9f3fb180417L,
-        0xeeb2d08475566152L,0x287571253f5d4ec9L,0x5a26505daa959798L } },
-    /* 28 << 245 */
-    { { 0x6536834e11b0f7b6L,0xcaa5271aad46c10cL,0xb5b6ead1fab43763L,
-        0x25bf402ff7f7d8fdL,0xf33fb223e19374b4L,0x183ae9b75f348172L },
-      { 0x1783c235078862a0L,0x9981a6c33cd368fcL,0xf58d2274fd627f9fL,
-        0x37ac9c265c5e71cfL,0x167c8d047b0f157eL,0x24f522f8eefc7d85L } },
-    /* 29 << 245 */
-    { { 0xd25aeab3926cc973L,0xb3e2cffbdfc2cfbeL,0xdd259ed1de742b6cL,
-        0x9d77c94e7b98bf81L,0x90f9067cb0ead3d1L,0x148f2a192a93fec1L },
-      { 0xbae3c543c2850153L,0x0d330d758910422eL,0x06f80a9efa670474L,
-        0xac6cee9f038431a3L,0x4900d17f5c22ee99L,0x62de04aa275a9774L } },
-    /* 30 << 245 */
-    { { 0xb6eefcc55f87fb35L,0x9766873b4371415aL,0x308337bd16b058bbL,
-        0x6d5b1ddae1ac3884L,0x9307aa0835c4630aL,0x22cfcc0c23e91988L },
-      { 0xbeb3814c37db0207L,0x19ab212fc4bbaf5bL,0x0801a1cf21abf22dL,
-        0x9e6862cb3bd07332L,0xaa12ba0e4319929aL,0x0da45831f540f97dL } },
-    /* 31 << 245 */
-    { { 0x67d8ac9484bbf927L,0x7dd04e4e4ea01d33L,0x24ea6386f13def66L,
-        0xa8a1acbe28f7f5f0L,0x5f578ffecc84c93bL,0xda8fe295f4ad116aL },
-      { 0x4b610ae48483347dL,0xcac5c5596255f9e4L,0x19a0e043abcfe47bL,
-        0xcd0cc9493966784eL,0xcc59a36743279291L,0xaa504087802961b6L } },
-    /* 32 << 245 */
-    { { 0xbe45d81a1b270599L,0x50696e7d97d6c603L,0x63c5a516b078ea89L,
-        0x9f3efe41b4464764L,0x84580e24101e5232L,0x00850a1ac8ae8220L },
-      { 0xbff4077ded55c404L,0xd74de734f2e7bf50L,0x4df4eef207e1c03dL,
-        0x4ab3d0396e654d58L,0xb20056cd086f1596L,0xe4d08a278acd7cd5L } },
-    /* 33 << 245 */
-    { { 0x5510cebfe354510aL,0x48925b9349998c9bL,0xa05fc961e6d707a0L,
-        0x85bf38f866ebc93bL,0xea637045254e615dL,0xae25e2e740d8459aL },
-      { 0xa98583176efafd1dL,0x863931fd5a51c4b6L,0x3810d732d4221708L,
-        0x959a2f70762a30f3L,0x7bdbaff9420ad3acL,0xba41b20bebdfe90eL } },
-    /* 34 << 245 */
-    { { 0x5e4d3280d3171eb9L,0x3fb715851bc65c5bL,0x6558962a901a899cL,
-        0x78b7cd3e7851462bL,0x21228419ca8f6495L,0xfd8d8f9b2d8be765L },
-      { 0xe5e90b92bc562144L,0x4f1f7ca1ae3243edL,0xd20178cd0985f4e4L,
-        0xe5be263304253cbdL,0x1e34141c0d348fadL,0x0073fa0dad0eef45L } },
-    /* 35 << 245 */
-    { { 0x922ddb84d403f20fL,0xf7bccbb54681def7L,0x81a1200f6b580442L,
-        0x64901025dc2f9884L,0x3746675aabe78edaL,0x3e750369aa6f005aL },
-      { 0x140477ceeb00658fL,0xc76a320ccf89be62L,0x00761f21658c127fL,
-        0x669186dfb8b6b03cL,0xbcdf1c36dcb26a2aL,0x94a7aba5da876a56L } },
-    /* 36 << 245 */
-    { { 0x1872f65c26163265L,0x9fbaf44fda52ad9cL,0xbec7addeeda47d38L,
-        0x6a04dc3078094f9cL,0x2c73b8f15f4498e1L,0x504909efd4fcfcb4L },
-      { 0x747efbc6b6b3a63bL,0x856e276de0dadd96L,0xa22459aaae3be3a4L,
-        0x9ef59e732294a854L,0x0717d4e5d0e36205L,0x5a6afa3eb734cdf4L } },
-    /* 37 << 245 */
-    { { 0x6bd8fd330e938950L,0x8b26d7fa0f20c4f3L,0xd29a1121e0604d4eL,
-        0x23d1cae60711c191L,0x460af39d51914cb2L,0x9cd04208547463c1L },
-      { 0xeb80d70e493b7a0bL,0x182568869171652bL,0x9f3007ad76ca8b21L,
-        0xf9bdeb4664ac10c4L,0xdaddd584284ae80cL,0x5c7ea28a0022abfbL } },
-    /* 38 << 245 */
-    { { 0xaef75aa7dc3c897eL,0x98bab5852e6432a8L,0x522b383d83fb0ee5L,
-        0xe0d8620f056a8589L,0xd63525dd39352633L,0x74362bbfaeb985dbL },
-      { 0x11419f4e8c0f17feL,0x3ca918b0494ba972L,0x39f2bc3c6e074e25L,
-        0x3bb66618fbbf0d60L,0xee60c8f88579fecbL,0x916f3fe92a9b905fL } },
-    /* 39 << 245 */
-    { { 0x14ed31b6482b668dL,0x8e3e10db5b65978bL,0x72ff92eee8011bafL,
-        0x5183d0bde1143531L,0xdb628188f9c740d1L,0xd23cb9c57570e3d2L },
-      { 0x9e893cacd2745832L,0x49762940ef4a2b31L,0x02f6f892324361bfL,
-        0x332e089dd7a881bfL,0xe9303153f788f52dL,0xcd6d15564e7f1bd7L } },
-    /* 40 << 245 */
-    { { 0x8caa623d408b62b7L,0xa58aa0b0c0272b41L,0x089af856ee285bfdL,
-        0x77b461f6d0674ecdL,0xbaa9d9b38d6f6612L,0xa8f26e12590669f8L },
-      { 0xb164340c5ebb5e28L,0xfdc11f7401ea89a8L,0x73c03b9176e4346eL,
-        0x6a678eb17caad5fcL,0x103ff0790a87803dL,0x25d6fd2af7430a94L } },
-    /* 41 << 245 */
-    { { 0x72cc0aba66116d84L,0x642c88681039c0fcL,0xaeded9e6d96a7423L,
-        0x4ff4163ccc5fea03L,0x180e4d3616483ec5L,0xefde910a7f6332c1L },
-      { 0x8042696283367060L,0x4edce3e8c28af356L,0x2452e4de965139daL,
-        0x15129fd9547477a1L,0x7f628b5ed80998cdL,0x7c56d44541054b54L } },
-    /* 42 << 245 */
-    { { 0x4c3f81184d3d9da9L,0x332072f9e1e71487L,0x8cbf7284759ef371L,
-        0x3d13d85cb98ce007L,0x507b467f980f4fd5L,0x9853b98bc74fdfdaL },
-      { 0x94b81534993f5e19L,0x316b761beeca71adL,0x09820a2331c04080L,
-        0xc71a9bd4420e3114L,0x569f813822ea67ddL,0xe3ec5d2b3a41b079L } },
-    /* 43 << 245 */
-    { { 0x6085b24a19bb6f27L,0xc2f18e8f64dcb82dL,0x8ff89ed91fd3888dL,
-        0x9fbe31db0e525a5bL,0xd52dfb5df0527573L,0x90288a3f703193c3L },
-      { 0x87bb5d30bb1ce380L,0xb6c9a4c9f0dcf59aL,0xcbc52966aeb86e7aL,
-        0xd151178a9a1636eeL,0x48342994e4b48c74L,0xe5bced925af80bc2L } },
-    /* 44 << 245 */
-    { { 0x106882534918179cL,0xdeb69dde08143b36L,0xfb3c527b992363faL,
-        0x11d05e93e9393832L,0xe3249558383a0f59L,0x2d0f3e11c234ab5dL },
-      { 0xd50a30d95c599ae7L,0x6d7abc6ce9f98316L,0x3d190629060ab6ddL,
-        0xfd58473c81d69afcL,0x841193d24b782d62L,0x4f72696da771226bL } },
-    /* 45 << 245 */
-    { { 0x288895d056e467a5L,0x78166a95e025a5b3L,0x89df640e895835dfL,
-        0xdc2b61f483dcbc50L,0xbeaa7363110dd6a0L,0x2346a2a5e7fdbe3fL },
-      { 0x379ae5fb6947a9c4L,0x9dcf01956370a372L,0x34c3c6c3d70d9a24L,
-        0x98ee14b7fe6a3d0aL,0xdd37708bba8ce5baL,0x785adb86a15c3672L } },
-    /* 46 << 245 */
-    { { 0x4c93de89c5ff194aL,0x56aef366fdc94109L,0xc8cb2a0c5b0b23d4L,
-        0xd73f1cef587ada16L,0x7138315a364b1463L,0x43940ef59f6bd411L },
-      { 0xad068e490f4a533fL,0xe8a772a33c7dac91L,0x74b815fc107998b8L,
-        0x4b8fa9db92699ee7L,0xfb2de4bf4cbb023dL,0xe5833a390f67c29cL } },
-    /* 47 << 245 */
-    { { 0xe985acae7fc4fa91L,0x7730e38ec66c4282L,0x4b971449f4bda67dL,
-        0x55261be02b001f47L,0xccde0c7126d0d8e6L,0xa7ac56fd701f6febL },
-      { 0x2488b28552642a53L,0xeada397c58fcfabbL,0xa3fc0452b679b0e3L,
-        0xd0ef09ffec2e921aL,0x9fcfd991575fb70aL,0xf4adcbbb366cb10dL } },
-    /* 48 << 245 */
-    { { 0x517075af5faa0cb7L,0x400a22c1efaf68f4L,0x320ce9493b86f639L,
-        0x511565717f296bf4L,0x0919607a96108276L,0x4fcc39a02f035900L },
-      { 0x5d13de7cefb73f3fL,0x19d725c5081c38e3L,0xf1b28089c0f58697L,
-        0x2adcd1a30ca7ca20L,0x96c07f42c21e1be5L,0x94d28cacbaa0aba0L } },
-    /* 49 << 245 */
-    { { 0x0ff4983fd64cfa4bL,0x2c49c4918c55942cL,0x6093eb7f98eb20baL,
-        0x1b33296a060497baL,0x32776a53c92d7b47L,0xf367e6b25241de3dL },
-      { 0x711119813b65228eL,0x2e5dc541e1394451L,0x940a4a0f98ef33e5L,
-        0x1a395be32cd4315dL,0x4d49469f3c2e20e1L,0x5384f4b95c314f95L } },
-    /* 50 << 245 */
-    { { 0xdda2f3a0a256813fL,0x4363d190ee6cbae0L,0x61f4d607930d0094L,
-        0x6767ff4817021739L,0x8450091bd2c5fadbL,0x144d02fe870710a8L },
-      { 0x73f45d9035524b7bL,0xccc7856b04615373L,0x0eb5cd436f081dfcL,
-        0x9c433cbfe3a70d59L,0x9ee70f509818349aL,0x16de27347241c634L } },
-    /* 51 << 245 */
-    { { 0x02a24c5cc47f7db6L,0x519242cd33d60e1cL,0x543f39cf7244a636L,
-        0x4ae15d698deb181eL,0xbaec81ef44261806L,0xe5cb18bb5fbf13abL },
-      { 0x7534787a032158e7L,0x770e1e34da0d9a6aL,0x251bfa7158f9baccL,
-        0x12663214c8d39905L,0xb7bfa81b39c3d64aL,0xd6d439ffe3ee296cL } },
-    /* 52 << 245 */
-    { { 0x192ecf72d0aa048fL,0x23af774063e40c0fL,0xe4d98e41d804d367L,
-        0xd868cc885405bfc3L,0x96909a5b6f6ece88L,0x16b05ad2bae60dabL },
-      { 0x7382a1dbde621949L,0x569bb6c9c47cf6dcL,0x892da43e1f2d098bL,
-        0x6bd959b9bfa25649L,0x90617c419cb48f9eL,0x36059b73f110b22dL } },
-    /* 53 << 245 */
-    { { 0x1817b140791af82aL,0xf4a44cde042870c5L,0x60b8414ab5c0405aL,
-        0x3b00f5ddf4dc4a9cL,0xa61aa0cfea81dd5bL,0xd43c37422554907dL },
-      { 0x3fa264a620569ecdL,0x2cc69c2ba5a46190L,0xecd4f6d3dddd072eL,
-        0x41083b72dda8de01L,0x4bc047f110d6f156L,0x7164b432cac3203aL } },
-    /* 54 << 245 */
-    { { 0x7e7e08f401d45bfeL,0x04f9c9ed0e2d17e2L,0x3213556fa55bc148L,
-        0xc58983c734449f0eL,0x463217afaf2bb219L,0xe08a51a2f8fba72dL },
-      { 0x2f44991e974d51f0L,0x15f2171f3f12af56L,0xbcc919de24cf01f3L,
-        0x9ea371f269399bd0L,0xae8a8eca3ccf4574L,0xf0535b83ae499429L } },
-    /* 55 << 245 */
-    { { 0xe9ad8928f72305e3L,0x4144b6b9fce1295cL,0x672732a0c3487eb9L,
-        0xf19d09a6147f70b8L,0xf45f6a11362a7684L,0x84ce4f25adfbbdadL },
-      { 0x31e4bb0ac3403b48L,0xefc861b9b478ab38L,0x3323df44a8320c49L,
-        0xa2838aa1ed4f14abL,0xc80e30cc63bf7df7L,0xdd2d5ef9f15ec5ffL } },
-    /* 56 << 245 */
-    { { 0x3027c1698d6f8572L,0x89326850111e64d7L,0xe6eb6cd31b8b0179L,
-        0x0d2d27ea6dd5a4a7L,0x41682c0007c82f11L,0x5a01c54c81075022L },
-      { 0xf3903f51fe7220d0L,0x75daeaba1f8e66b2L,0x1b625eed470bd3b2L,
-        0xa46398a7e85a6293L,0x8ff6ef8c805ad640L,0xb3430f6795bfa3a5L } },
-    /* 57 << 245 */
-    { { 0x55d31765bc9341b7L,0x6530526ba312d125L,0x57ad29c02e9eb238L,
-        0x31658a8282292155L,0x4d3417b169301639L,0xb38d6199e48c3d1bL },
-      { 0x4399d5ddcc5202eeL,0x4b1c293a5076cc08L,0xa46e87f5824171b0L,
-        0x16f75919e4cb40e9L,0xd086562dac35d85bL,0xc2b41ad532713f5dL } },
-    /* 58 << 245 */
-    { { 0x2da6d2ca3248f02aL,0xae49d2fc675de73dL,0x4abb1a65cfbfee63L,
-        0xc6cea22cf1246350L,0xdd510cf82d3faec5L,0x8b7d1b0865e7460bL },
-      { 0xc5b39c802737b182L,0xeee61e0d8963c709L,0x9cf9da61793e7179L,
-        0x630637e52a295ba6L,0x18b85c9fa3881ba2L,0xca091a9464a94fe2L } },
-    /* 59 << 245 */
-    { { 0xcb68739f0bdec121L,0xf4907b3cd3811dabL,0xcf1b079b8c5d7707L,
-        0x9ef9002d2fc6a56bL,0xc4c9d069809e8b64L,0xaf86a3db90d0eef4L },
-      { 0x30a52f994b24a04aL,0x03bcd7a958574ed0L,0x330ce8a1a5b52b8bL,
-        0x632b3c2d5e6a8ed9L,0x7b080a2c18369382L,0x12173e5f65187ce1L } },
-    /* 60 << 245 */
-    { { 0x027f654feabe8ef1L,0xd9d327e481a51834L,0x9215df61980faa43L,
-        0x76b4f8003ba045c1L,0x8f3ce587f400732cL,0x0abe1f34f133a3caL },
-      { 0x2ec690526de4f504L,0xa297cee4cb7ff026L,0xa31a76e3cadaefe1L,
-        0xb701391e1173a958L,0x0a4279b08c8768f1L,0xd58927c12f8ede03L } },
-    /* 61 << 245 */
-    { { 0x71ea38454e630b0aL,0x4f696b59119263abL,0x9e7cb293f9cbab69L,
-        0xa448d591c60ea8d2L,0x5021d4ef7d89eb52L,0x1a1ea5e3787663b1L },
-      { 0xa95af4eb05bedc8eL,0xfe72effcc2fba411L,0xa88b79bb19a2c6bdL,
-        0xbed948fac84c78eeL,0x022dcf3d5ee7455eL,0x0c39c3689f56accbL } },
-    /* 62 << 245 */
-    { { 0xe0e818a8b77c9de2L,0x0dbaea885e07f77fL,0x6ece83b97b1f96f0L,
-        0x3c02e59631733a5dL,0x44bcdfcdd14828ffL,0x2791ca54b66f6107L },
-      { 0x1a051c5a6198f24dL,0x9cd5f09a17627301L,0x64323392004a0cb1L,
-        0x75d6819b3cc13e05L,0xf5cab2874a58768cL,0xbe090e83e3ca9332L } },
-    /* 63 << 245 */
-    { { 0xd639e0f3ab9b278dL,0x57f3f8cafa2407b4L,0x6720549f6c11f6abL,
-        0x6ad1c608e784308bL,0x62c31e4a196babbbL,0x764b4deed1d36447L },
-      { 0xf44efcefaf4407bcL,0x7c1f45dbb3ca82a3L,0xf43e4a8773b952b3L,
-        0x145cd2d6ff478bbeL,0x11ef2df450c8e708L,0xa2af06f044491734L } },
-    /* 64 << 245 */
-    { { 0x8cd6c9f7c90b13f5L,0xec0c187d52a9d469L,0x9c0db0f589b8ad2bL,
-        0x692a8db70d9c999dL,0xa407fd03c9f84ab4L,0xa5742fd1cc9a906cL },
-      { 0x4813a765c8e72867L,0x9c65943de2e9a10fL,0xca6bf2934fa0a23eL,
-        0x1dfa3af7cb1f8d7aL,0x28036f5498d10c53L,0x7bfbcaf20e012c13L } },
-    /* 0 << 252 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 252 */
-    { { 0xa53f1a104ec177f6L,0x4a2ef9aa3faa5ca8L,0x30efed8532976d13L,
-        0xcf5ada165ee692d1L,0x3ceda69d259e7cc1L,0x2aae29e99baab472L },
-      { 0x7ee5baef737cc8bcL,0x1717af747fe68dedL,0x9e5c8ddacfdaff63L,
-        0x575c8db9cec07693L,0x9afc8ae0fdfb509dL,0x27836d3685651697L } },
-    /* 2 << 252 */
-    { { 0xa7342f9517eb9264L,0x9264a6a00a8a6eefL,0x50e48bf07471c384L,
-        0x729e5ab130827f34L,0x17199191ea779c23L,0xd13ab8539fa9fd58L },
-      { 0x7d5799373b1d773eL,0x65f8e7c6d196c3dfL,0x253f7d51e8541725L,
-        0x107a793dec720355L,0x1c14d0566aa16268L,0x9dc5fca38bbb231bL } },
-    /* 3 << 252 */
-    { { 0xf5689c5e12b09f53L,0xc1da32e19e87ff7dL,0x1af879d012eaa533L,
-        0xdba775e6d9271e94L,0x60f8507310e63c34L,0x445f3e21a686a24bL },
-      { 0xed5ca8fa15bc277eL,0x9839198a364ab7abL,0xe2ee39426d90a7d4L,
-        0xe5b3e4cbccd37e76L,0x9013bd08f1412e0fL,0x82f5c532ce999048L } },
-    /* 4 << 252 */
-    { { 0x61d0e01bf3fe3441L,0x674e52332af47609L,0xd4a4e224b362902dL,
-        0x45923c129e0a5d16L,0x4fc2bdd495e580e9L,0x6d1d974ca8c3d954L },
-      { 0xaeff1135d0bbeaaaL,0x013ab5b31baafc9eL,0x80907d3eab8f9f31L,
-        0xaf2c12166d566c15L,0x0082daba952e6fa7L,0xa46710032df9e03aL } },
-    /* 5 << 252 */
-    { { 0x91b379c63223d561L,0x8cb7b8cce203417cL,0xd0f44208176b3b81L,
-        0xd18c2118aaba5cd3L,0x4aed5c9770794f9fL,0xfc540dc4f4c33894L },
-      { 0xb8e6798a0153a8a8L,0x6537dcdf43c4b0c0L,0x1b7eef39ab557397L,
-        0x175e3934b7103105L,0x943abf4a82ac89e4L,0xeb1a61f957ffcdb8L } },
-    /* 6 << 252 */
-    { { 0x99c2b4cd66476227L,0x576a4b0662850cd3L,0x067bb66b5a352b7aL,
-        0x3c7d6fc43ec757edL,0x2f69291cb9d36adcL,0xc7c0f3257c9143a4L },
-      { 0x768c3c400627fee2L,0xc214d81da8fde577L,0xd86e4b025299ea1aL,
-        0xbe46b7e91a2d4005L,0xaf865a169317fa60L,0xfbc3268fcdce2fbeL } },
-    /* 7 << 252 */
-    { { 0x66fcba52d8fbe900L,0x9f16434c861b3e33L,0xa371b97241b4305fL,
-        0xb2d858ce25b6af89L,0xbab07d53275f9e8cL,0x3b5951f8d525bef8L },
-      { 0xebf79e3ca1755b0aL,0x4e6256e7b467b1c2L,0x7dbd8b66cba1a659L,
-        0x88ea40138b1eb8b6L,0x210ac1b38fa6436aL,0xe93e22c23df40e33L } },
-    /* 8 << 252 */
-    { { 0x5f79f0df1fd64063L,0xd2d39dd381e118ecL,0xd631a68e11571c5bL,
-        0x6d072b4e2474faf7L,0x5e043a6d862a924aL,0xcae58bd8b0fc8d7aL },
-      { 0xf54bb7f3b1351f28L,0x4588b6280413275eL,0x81459f4c5909ec04L,
-        0xd28cda25abd16460L,0xbb676d018db1c69eL,0xc0056e2dac5036f4L } },
-    /* 9 << 252 */
-    { { 0x1ce187bf323169baL,0x1dfaef8661ab5073L,0x1893dc7b2ae468b5L,
-        0x0748ec86123848d4L,0x0d2877b46a96eb12L,0xb6063e75e9322495L },
-      { 0x1cb17189d7d1828fL,0xde41f11944d1b318L,0x7ce0f87610f0b74dL,
-        0x2c7c91ee7a98f86bL,0xb641418e750f3ea1L,0xae2cd2e280094054L } },
-    /* 10 << 252 */
-    { { 0x9f6c6ed598d8e086L,0xa9ad63ca2d3fad85L,0x055b8323fe016926L,
-        0x039fbe287b3a8d68L,0x544a8bf5fb6b315aL,0x04b122fb647fed85L },
-      { 0x1e9807fa98085b1aL,0xb78a36a771c12696L,0x4ccc1a2cdc22f95bL,
-        0x6ff4997d54d1e818L,0xecb5bdc2f08c22dcL,0x6e07e2c146a27762L } },
-    /* 11 << 252 */
-    { { 0x602077aceaaec565L,0x9dacf68224568aeeL,0xa490fc1e9cfcce26L,
-        0xb2ac94b3303218baL,0xc0208604ab33f9aeL,0x801663b6e39a6668L },
-      { 0x1defbb42961b0927L,0x688b445e83e318b3L,0x34fe2830c11648e8L,
-        0xed56e99360066dfaL,0xa5f30f9a07671eccL,0x02c40260a3222e8dL } },
-    /* 12 << 252 */
-    { { 0xfb2a11b4ea347db9L,0x2360667e03350681L,0x1aa6e720a02a1261L,
-        0xac2bd2eba110bb21L,0x8ab2f9063c9b4568L,0x5f46263d5ace1f17L },
-      { 0x97067801eae704c8L,0x35d2637ea715d313L,0x24cdc3d0c77573daL,
-        0x6f97cd07e2562b2aL,0x27bcd62d5afb29e4L,0xc38ac1c55d29f5d3L } },
-    /* 13 << 252 */
-    { { 0xd9c38ba47c88f46aL,0xdd07c4d79946ebe4L,0x908731dcce0e5417L,
-        0x43088d11e145839bL,0x9d37419d07b61543L,0x440cdbcd2c3c7c4cL },
-      { 0xa6a6fed673216db4L,0x15ce171a198cd32bL,0x198c256974e6a085L,
-        0x5fec853f3dc2a714L,0x329250bdd5923068L,0x1d82373c9f6195caL } },
-    /* 14 << 252 */
-    { { 0xa8e17be53777b2aeL,0x534e3a3bcc284224L,0x7f34ce458192cfa1L,
-        0x0009a72966d0e03aL,0xc42053ba524ce1fcL,0x834e98fe6d092e58L },
-      { 0x400c65a1c8b0f751L,0x268bfe6f107965ebL,0x0f141c0332e0bc69L,
-        0x33bc6e64597a2264L,0x039a4ae9454a0d6bL,0x2cb0bf550b07ddaaL } },
-    /* 15 << 252 */
-    { { 0x69056cbe63769bb3L,0x710a67d385044d35L,0x971ccbdeea855332L,
-        0xd655163a0fd0d210L,0x619c3f9adbb8a8b9L,0xd156f73d49a014e2L },
-      { 0xd04ea0a5a129a598L,0xc9c04da6fa2f12eaL,0xc0ed654ae98b3187L,
-        0xa254eef6a82f9ec4L,0xe537695fa386a72fL,0x170f1ed4a74eb453L } },
-    /* 16 << 252 */
-    { { 0xdbe04c3044ce3ad8L,0x995fbb1b4ce8aad5L,0xdbf8b54670911457L,
-        0x9e683b5b3f7a1757L,0x7b89a08a9c7bd62cL,0x448865a40b3fc97eL },
-      { 0x0ac9abfc3bb01e94L,0xa07760421e756124L,0x0aa6c335d9deed97L,
-        0xe270580f72603e08L,0x70857a946c783bb2L,0xa0047774caa929aeL } },
-    /* 17 << 252 */
-    { { 0xf99a63c5e8c4a440L,0xc7fd1d1419d65168L,0xfb6c21d696d5e80bL,
-        0xa4a7304944b833beL,0x093728d5127b1599L,0x9046cbe2c89e7195L },
-      { 0x21e2863c146a80d3L,0xb1ac7e1bdd559c13L,0xbe5ba65c72c39063L,
-        0x7da5feb87722cbc7L,0x122615d0f17c02c5L,0xd44f477179e5fcb6L } },
-    /* 18 << 252 */
-    { { 0x0d913830e2d28da9L,0x0465920a8a164385L,0x79959ce1b0ad65d5L,
-        0x6c94690759a966d6L,0x4ccb0e5e832c24feL,0xa8c5bee5d6af2a10L },
-      { 0x264dcc118c5791fdL,0x719f23ac5b58ce85L,0xfbff8a2f8e54b029L,
-        0x0c9240be864e959cL,0x8f7c21733c37c665L,0xfda848d9f164d354L } },
-    /* 19 << 252 */
-    { { 0x203ea731f35d11f6L,0x90610383f9f9001bL,0xb9d3c302ed97e6f2L,
-        0x4c529736c9a67e6cL,0x2e440b1781f6597dL,0xcc798f5616aabf20L },
-      { 0x490f50642832ffc5L,0x585e462a7a19b125L,0x99d73e391b06d98bL,
-        0xb817e97aab696d7bL,0x9df2f65ac28dffeaL,0xa48dad47045fddd7L } },
-    /* 20 << 252 */
-    { { 0x2878c20d62e5fc09L,0x419ed2ece7f012abL,0x3bbc853fbaa21e7eL,
-        0x412bc3c54844c009L,0xc4b150508b012199L,0x9d160f4c310d5fbfL },
-      { 0xcb61b69214f60becL,0x436348c064092943L,0xce8c136e3185cde0L,
-        0x97b034f68be5dd85L,0x7697adf92701631aL,0x2ddd86361fa6e8a0L } },
-    /* 21 << 252 */
-    { { 0xde8c2c963e9ff7faL,0xfdf1e25d8b75bbeaL,0x28ba3be59c146264L,
-        0xfc1df52e81fcb0c9L,0xf9341c43af3ba66aL,0xe81c22470d72188eL },
-      { 0x2ff00f1069c62b9dL,0x1077962e71498d24L,0xdf35b17ecc34ece7L,
-        0x3516c33687eab2daL,0xe71cf7ddc72b7911L,0x6c9233d92c286c56L } },
-    /* 22 << 252 */
-    { { 0x7ce6389d162754d7L,0x8f03eff514e0d8e5L,0x9fd2c896ef402e31L,
-        0x4a4bf70a2195b0e6L,0xe6043a383c8d82dcL,0xd86b647e8bed7c65L },
-      { 0x21bc56f4a4c87660L,0x8c99d6270c05564cL,0xd6b82e9014050ee2L,
-        0x09bf6a3eb6b11f0bL,0x9704b36731dcd6b1L,0x871c85c85e3d44caL } },
-    /* 23 << 252 */
-    { { 0x93024430e5236badL,0x4c5872728b883d1aL,0xc265b94bba68d3bbL,
-        0x7d8fc82a648d9b7eL,0x57086e6e75ac264cL,0x4b8a157102fc9ec8L },
-      { 0x83ae238e86849a9bL,0x2eaad9b8a69acccfL,0x2d82c029d44eaa39L,
-        0x8f5b9ed833d7a556L,0x05c83328eea8b609L,0x537069efc3c96005L } },
-    /* 24 << 252 */
-    { { 0x292f8874b25c4d4aL,0x54961fd87e79f526L,0x949a1fae008c6ec9L,
-        0x6ae82f0d525524fdL,0xd1f6f4ef2edbcb1aL,0x41617a6d977ddffbL },
-      { 0x6ae38fb71baf0668L,0xa79ea228d538ab3cL,0x70babb05fc44e273L,
-        0x247384fbbca85910L,0xdc0e069b6a564959L,0x37a9c5521a7438adL } },
-    /* 25 << 252 */
-    { { 0xaf2c87828a4b7251L,0xcb5ebfd3c1bc7f72L,0x160b77e560579615L,
-        0x297412e3c10f067cL,0x5ad0681ef7df86c8L,0x2e8c63529b3e3afbL },
-      { 0x32372cc74cfd3266L,0xb7abc8baa820f8b5L,0x857d545519f34baeL,
-        0x5c055ce920ed65beL,0x1d8a59ca537ad6b7L,0x1135adcf7ad88633L } },
-    /* 26 << 252 */
-    { { 0x47e6ed9530034df1L,0x1839f488321bed8dL,0xb6b67d452ac8a9f9L,
-        0x2fe1efc6182e4a63L,0x2da34bde0c1185c7L,0x6e5d1621edfdf9aeL },
-      { 0x3bae9db77120804cL,0xf094b0676d986ef3L,0x029c9246853e24ceL,
-        0x3abacb1b25a82463L,0x58777e1389c5616aL,0xaedd003b5aeed714L } },
-    /* 27 << 252 */
-    { { 0x7494e4319da5fb0dL,0xc684d74bee3fd6f3L,0x12fc899403a87d91L,
-        0xc4c55e692d6e3931L,0x63e1255896336788L,0x36c297a5f78371fdL },
-      { 0x4cd3f9c4a63b313eL,0xd2825e17c543e507L,0xd37e36d06a4e64d0L,
-        0xab9559ec11872774L,0xaf168b34880a5d00L,0xb0c916a10c0c3f42L } },
-    /* 28 << 252 */
-    { { 0xd389397c834eaa9fL,0x2271ea0d2a5532aeL,0x5e59a23ae1f92e9eL,
-        0x9f179b8c1f7b91f5L,0x2a1c10028de2dc8bL,0x6ac83e58787a276dL },
-      { 0x0facd4756d9d1571L,0xcceaae5e4bf118e2L,0x4e8008b7620fbecbL,
-        0xff633fef7a1474cbL,0xfbefea80ce377357L,0xebb9a9460feb7724L } },
-    /* 29 << 252 */
-    { { 0x0bab441ae9803b71L,0x309ef14684e2e21eL,0x17ccd5b6851b6519L,
-        0x8b5e7e300126f470L,0x0560cb9d847eca03L,0xc45850bf11ade256L },
-      { 0x08603f5c3c33dbbdL,0x21887bc9708ae545L,0x3bd25ad480014ffcL,
-        0x5eb0f89fd3a64409L,0xbca2726b4c3dd83dL,0x611afd2fe4259797L } },
-    /* 30 << 252 */
-    { { 0xd9cb4233c4f4e0e5L,0xcfc0576818e49029L,0x8e9c8360526f05a1L,
-        0x8e83037aa56d6c3dL,0x33507065c47e6742L,0x5ca2c8d8788b5da3L },
-      { 0xf355cee9cfb0b6feL,0x0e86fd73973ddafdL,0x27fc6c56d44fd889L,
-        0xc9ab416ff7d93f3cL,0x778c3f160d063d62L,0x175e5d920b5085ddL } },
-    /* 31 << 252 */
-    { { 0xd62406873be63d8cL,0xe8c93b93b80059a6L,0x33bba7dfe065854fL,
-        0xcb26543f36b34e45L,0xc17ee58dd2d0c3d5L,0x69752f49bae1bcadL },
-      { 0x87e31b429b20106aL,0xc520424b06734eb5L,0x993240afa896d17eL,
-        0x5238851bc2762a62L,0xce399f9d506d7dbfL,0xa4822d23040cc7d4L } },
-    /* 32 << 252 */
-    { { 0xf071c9878fa06859L,0x0083e5311a52390bL,0x845eb12a61483bc2L,
-        0x17471d801caf6dd6L,0x7b603616ddc21b92L,0xd38fe0f6b992536dL },
-      { 0x433f0652297c25a4L,0x03d4d8fcb1c4bf41L,0xdf617386a9adf49bL,
-        0x4bfeb3992cb2944fL,0xbf288427b3d9c076L,0x17818c3e965b4576L } },
-    /* 33 << 252 */
-    { { 0xfbcff79f6df360c9L,0x342f9ded2bd94c22L,0x2dc5f999283f2300L,
-        0xbea18d9893cc3330L,0xc197176269a7da4eL,0x72de17ee93ce69a3L },
-      { 0x6c354a6184170a91L,0x031ce0debe47ef92L,0xbf256fd418658739L,
-        0x0395088a0d037d9aL,0x61179c42c5a05970L,0x0d5a9f7db8b6ab64L } },
-    /* 34 << 252 */
-    { { 0x18be1d605a44a8dcL,0xb512d945f1d18ee0L,0xd2e1f6623af39ec0L,
-        0x440469136c223676L,0xe7a860836a60a4d8L,0xaefcfc2dc7e09d3bL },
-      { 0x175817fad685c9b7L,0xe20b6c9e4b9d0557L,0x9212e7bb51fe560dL,
-        0x748aafb7608b53c4L,0x86186d4fd9b06850L,0x4cc6041376512c08L } },
-    /* 35 << 252 */
-    { { 0x2d5be3b00c127e46L,0x8c6f38fad9b04e47L,0x49c444098736f31bL,
-        0x5469ae47f53aa908L,0xd84856f3492fd120L,0xd04b1fa20725e199L },
-      { 0x50c2e80a8e7056f2L,0x415db04c9ba2e259L,0x8e4c56ae2eb201e0L,
-        0x449e4d9e5082ce94L,0xb5ff077a7345459dL,0x96d10f1e07330e72L } },
-    /* 36 << 252 */
-    { { 0xac77126e3b3094b7L,0x7c1e7673bdcb616fL,0x90491f8176993114L,
-        0xf17c08a8cc8da63bL,0x972a3bffaa050364L,0xdef45b7f65a9cd57L },
-      { 0x105ec5ba2b9b889eL,0x7066821150f7a61eL,0x11daa9dbb1d63a40L,
-        0x6065451007790568L,0xfaa219cebc2b6d2aL,0xb1b8ace93e5163dcL } },
-    /* 37 << 252 */
-    { { 0xf8042ae2859b0f22L,0xd8a5d3a200d8bb8cL,0xe85c596189faae14L,
-        0xb7d636f906611c0aL,0x35b68bbdd2bc8957L,0xc86f5be5b7cf558cL },
-      { 0xb602a00369c17e74L,0xc39479cfd8a1fc01L,0x6dca5c81f733237eL,
-        0x9c8cefd41b2e2cccL,0x2e32a323caacb4b8L,0xf7406874ad639090L } },
-    /* 38 << 252 */
-    { { 0xea3a358e24c1bbfdL,0xfd32af33571400aaL,0x2ec3d44da413949aL,
-        0xa0d8594a7bd121f8L,0xb32997a1d6b6153fL,0xa0f48d98b9469c6eL },
-      { 0x236b7a18fba15481L,0x49dee3bd98ff970fL,0xbc27ac7a7ee97875L,
-        0xd1acf2be28ac6279L,0x92e7ef02514c8328L,0xb2d7a8304f48b497L } },
-    /* 39 << 252 */
-    { { 0xcaad0554d95946a9L,0x992268c973ed1281L,0x6c0b1edf7b1b25e1L,
-        0x4de2d9f81d6e73dbL,0xe12a4f1c5a2950a9L,0xe0cdf7af36ac18fdL },
-      { 0x16e7332d1abcc9f5L,0x4dccc1505bac1c75L,0x1b48bbc141f8c231L,
-        0x3702cc2693692a4aL,0x9e9e53dd311c5dabL,0x27bc006cfe5d9fd3L } },
-    /* 40 << 252 */
-    { { 0x2bb798ff689f43efL,0x5813e4415f26ec54L,0x51f64c495005c929L,
-        0x60e213a54b42e417L,0xc152844262cc3734L,0x6ecd6c3b09d994e1L },
-      { 0xa6e72f7183dd047fL,0x3836f663b0019803L,0xbcf1265b257493cbL,
-        0x59b15ff09e62d78bL,0xaac5ed5b6cb92ecfL,0x37e6ad7d9662651cL } },
-    /* 41 << 252 */
-    { { 0x04743bf8b224f6c9L,0xec04b641ae33b1caL,0x6301f51623a76fccL,
-        0xf1aa954675e15fe9L,0x878c64ecd95c1972L,0x033df5ee3ba7578aL },
-      { 0xe5e9ff7c47f4721fL,0x9b3d93fa03eef7e9L,0xcd0be6ad573deaa6L,
-        0xf377570f3bbc8a16L,0xffdc04c161c37393L,0xd9eee46dd26d659dL } },
-    /* 42 << 252 */
-    { { 0x33f933604d4b7317L,0xee44b3e02fe482ebL,0x5a96870480f1fde5L,
-        0xdfd6293b5510952fL,0x2abdc1989cc0af6aL,0xe608e2769ff45aedL },
-      { 0xf408670e3247e796L,0x3144153535fe07c4L,0xa941f96e2870053dL,
-        0xbe908795ef6383adL,0x82b620a63560fdf0L,0x2c1cc1ae135de5c8L } },
-    /* 43 << 252 */
-    { { 0xa829397c727e5988L,0x305659bac6239b1bL,0x9b13701200392cb0L,
-        0x4eb1ddf376091862L,0x68b64b19202bdd8aL,0x56c427c5228071e4L },
-      { 0x354b1beac3375accL,0x94a45b4e54e1194bL,0xf528df0178095edbL,
-        0x6fb0867146fb9ec8L,0x977efc84c555bd48L,0x8230d6f7c268a20dL } },
-    /* 44 << 252 */
-    { { 0x003d4004b8d81c0bL,0xd3d5048f4168a407L,0x7748ecacc6675bd9L,
-        0x9dba4539e2612cf4L,0xa5ebbccfd8770b8fL,0x206b4a9aadd90558L },
-      { 0xe446ed9c81b5c103L,0xcd2434184d2199dcL,0x0840f6eacb0d70d5L,
-        0x6fbbf1b43107367bL,0xde9444f7d29335c8L,0x33ef004c66252eb6L } },
-    /* 45 << 252 */
-    { { 0x10eac97aa5a6546aL,0x6129392fe231f95cL,0xfd41bda100e2aae3L,
-        0x5b1f93299d8c6288L,0xf1d2fc9246b7df40L,0xbc6fbacfc5df62bbL },
-      { 0x64885d924b5af011L,0xe4f3ade883461896L,0x644ce7a7a4a62e43L,
-        0x74c9d145337b2730L,0x69d714840f83222aL,0xbfbc594ec27c0fdbL } },
-    /* 46 << 252 */
-    { { 0x3263c0517ed92916L,0xc039b94884e3f519L,0x54aa433ede89de6dL,
-        0x92f76292c0971a03L,0x8457b2312550a2e8L,0x46ab1f0f11cfcd9aL },
-      { 0xd97b95c1c6d53077L,0xe8db11d159550599L,0x2092c81385ea4b32L,
-        0x149b6b2cb7ced408L,0x2ada6fa482b9b22fL,0x53a5576a25877963L } },
-    /* 47 << 252 */
-    { { 0xa1e2c2a8195ad455L,0x65e90a3de7f61038L,0xb01eaa52ec623680L,
-        0xfad0f9f110302efaL,0x9e544b5449274409L,0xfc9037de8c3a0925L },
-      { 0xbcf196fcfd139cdaL,0x0a1f747c4f6a2cdcL,0x580a9abab879fe3eL,
-        0x08a20f1c5ee74778L,0x7c9be7de464c5271L,0xa4a1972918e85a09L } },
-    /* 48 << 252 */
-    { { 0xce23a19aa17e560cL,0x6491b95f62550e2bL,0xc72000121d15a005L,
-        0x15fde735f4355a1fL,0x3849761f607f7807L,0xcbe322d018204691L },
-      { 0x75756e4ea95e8e91L,0x365959fe817a9b8eL,0x631232763d4ce3dcL,
-        0xa769d2fef1d66e00L,0x8624ddbac28829e6L,0x03274297d2df06efL } },
-    /* 49 << 252 */
-    { { 0x2ad21bdadf3b1368L,0xf4f9d5270b3001abL,0x10182c5557ecb528L,
-        0xe00db71565372a5bL,0x2018e0ed74f2bd83L,0xa11b47066175efb4L },
-      { 0x3172264722d565cfL,0xb20c27ab2f0faac9L,0x4ca2982a6260f995L,
-        0x3850ef89b7085c6fL,0x5b4a6e235f0d45a3L,0xde562df9b7523682L } },
-    /* 50 << 252 */
-    { { 0xb34ecab233bb63f6L,0xe6cd56a202944c4cL,0x2690cc39489a8d88L,
-        0xcdfe368a4fe612dbL,0x23069ca5e9e9f7adL,0x7b87105cc07d742bL },
-      { 0x5114645a8b58ea8eL,0xd31fb4821829e8aeL,0x5e235d95c4b28520L,
-        0x2a1cda885c2292d2L,0x95d77447ee925b6aL,0xeec419a3df18845dL } },
-    /* 51 << 252 */
-    { { 0xb8903f10be9ffa75L,0x8bf7fc786432dcc3L,0xcf3f7cf15d028549L,
-        0x7684baf29846f2d9L,0x4c580edbe9e063deL,0x0ac5c3edf2d70321L },
-      { 0xb9ba10e184c5d96dL,0xbb854b39d7aaabafL,0xe29d66964793c87aL,
-        0x7b0fe1d448285ae5L,0xa143454df0121733L,0xa286eb043aa5ddc8L } },
-    /* 52 << 252 */
-    { { 0x8e4dcfc88c93bc5fL,0x9f96d60a1b233295L,0xae5262e91d447dcbL,
-        0xafe58396541d46c4L,0x3e733c2636ff8f80L,0xcb36a37748b81037L },
-      { 0x9bcbfa9fc406ef17L,0x57a6e28006fb128aL,0xd86b44db9a771eb1L,
-        0xc7ce106e62545a4dL,0xec6818a6b254c908L,0x4b8d3fc550feb342L } },
-    /* 53 << 252 */
-    { { 0x8faa39c8b609ef4cL,0x0209b3a7d8225cceL,0x11254c211feffc0fL,
-        0x64930dcdc1e42ad3L,0xf5b058eb1cbb39fcL,0x2f870e3341cb5065L },
-      { 0x61b3611cf7663f95L,0x981890b637941996L,0x00c42b0908dd6854L,
-        0xac42af5de17da075L,0xaf3a394c282b8d53L,0xb53b3b245d8bab96L } },
-    /* 54 << 252 */
-    { { 0xe17c9d98d90f0c83L,0xdd4aa8ac6d984408L,0x94b6fc50f71aef46L,
-        0x2e6b5d24f0a2009eL,0xcb9d9cd17d8d75e4L,0x5e732a5b962a1708L },
-      { 0x9d774f1c7fd01089L,0x56bc35aded95094bL,0x6844220bb9c797d4L,
-        0x40021d8e90ace48fL,0xddc769c5701baad0L,0xe23e8f9e333ac2deL } },
-    /* 55 << 252 */
-    { { 0x6cf6faf6e92e42bdL,0x759dc78b0d1e6a0eL,0x18fd55ff11532759L,
-        0x04a306d7e9af0c07L,0xd7febf615ef7f82eL,0xaa04f1dca65cae01L },
-      { 0xb084407c16442bc2L,0x17ab4f74f874f10aL,0x236368d40fb6cea7L,
-        0x451ea8206f66813dL,0x4a61097b1760e6ecL,0xa8655cfba01bdd2aL } },
-    /* 56 << 252 */
-    { { 0x52fced3116f01d7bL,0x88c6b172daf046aaL,0x1a189403fe7a338eL,
-        0x39741ecd61798b1eL,0x6a47b0712934b879L,0x3b1a5dd1828d1e9dL },
-      { 0xd4bd48487f35a7efL,0x71774b5bc1eebaf8L,0xa86471e5d55344baL,
-        0xfbf145f17b8a483aL,0x70f9b214aa53802cL,0x995af93010b066e1L } },
-    /* 57 << 252 */
-    { { 0xd2714b97aadf25ceL,0xb95c54162a7643f1L,0xae7dc619ba2f1939L,
-        0x30e5d013b0db537eL,0xfcd1a456753f0813L,0x19f7117cef62925cL },
-      { 0x40a22e35423d3c56L,0xb0271e9926a5534dL,0xc19f703cc76c9a1eL,
-        0x9b8fe585560bee08L,0x48c7797d3cc772aeL,0xabd2148e10bd6393L } },
-    /* 58 << 252 */
-    { { 0x046fb36cc34a7ba2L,0xd42e56d42a61a8a6L,0x16b8fd2d3d4b1184L,
-        0x6f9e85a26da29888L,0x1ff7324bdd683c49L,0xdb3746db27bb8e2aL },
-      { 0xa7e586e684be7f99L,0xfbd0c0ee61740d6bL,0xb80509bab2071320L,
-        0xb5bf09fea3f03641L,0xe872cd854971e39fL,0x9bed91c0ce2b2db2L } },
-    /* 59 << 252 */
-    { { 0x85177e7ca6bad7b2L,0xd5b1f0901425b611L,0x6b5f16223c4bfa24L,
-        0xde34a692def66d8aL,0x96c0663ee8a1b7a0L,0x43eb91ed459c8bbbL },
-      { 0x6cc7e78b7d3d8b92L,0x3c9da7efe0338ba8L,0x18d7ab00e21360b4L,
-        0x0785ca897f9df01aL,0x5bcfb8302220f1efL,0x8c61a3bfa52bbf42L } },
-    /* 60 << 252 */
-    { { 0x4dcc3b82196c21d2L,0xef0e0e1e61071fd8L,0xa2a28c3b35a013f7L,
-        0x7550d3d7f6b58f80L,0x0f1fc9d58101742bL,0x027874f055982d5dL },
-      { 0x5a10b98c629bc409L,0xa28a1b2baf494679L,0x84afdbe1b96578d8L,
-        0x201a8062d427238bL,0xe321ee2d89fffdb0L,0x0b304de4fb89f171L } },
-    /* 61 << 252 */
-    { { 0x5d8e16c0d7700dfdL,0x336e30fa24260211L,0x7ba72067ad557ce2L,
-        0xcb388c3169621e0dL,0xcf6b7d813dbf7ba3L,0x7bfe43a91cbd216aL },
-      { 0x6c40516adcffe0b5L,0xe77507f083b7ea33L,0x5b5cda074ba1fc8eL,
-        0x46860dd296c6d2c6L,0x4716114f0eb5013cL,0x05bd136898c3642cL } },
-    /* 62 << 252 */
-    { { 0x7fac263852ca5d3bL,0x35e5d8d0f5a2a596L,0x4c7129210011a394L,
-        0x400168f7a9c417e0L,0x220994b447b77b44L,0x01a7580af548c0adL },
-      { 0x59870c2afe292ad7L,0xdda35a1a2abf8e7cL,0xa3082dc4f16d0c7cL,
-        0xd4dcd5f38557c9e8L,0x38d45cc6ba7f0f99L,0xdefc0b1da7c18157L } },
-    /* 63 << 252 */
-    { { 0x5db2ed891c43e426L,0xeed247709adf4a50L,0x0b5e19765c8b90e1L,
-        0xe9db695ffa18542dL,0xc16d3bfb8d043dc5L,0x5c5feb44f11d3430L },
-      { 0xd44e3d57365593c0L,0x1338f26c8796edb5L,0x789b325e051ca644L,
-        0xaa93b75d1579c2bbL,0xa39a8ec57842c0b2L,0x84225134550ddf11L } },
-    /* 64 << 252 */
-    { { 0x9ec1159727a28f9dL,0x96f2c44bb847cd83L,0xacf794e131fca111L,
-        0x438b917896076f45L,0xad71035b51732588L,0x2db32f32a5d910daL },
-      { 0xefaad0e8fe1cc184L,0x6f0360b52e00bbedL,0x99402426474ce326L,
-        0xd53b687a2aa270daL,0x96c8bb78d78fa6ebL,0xd07f3bba6e699411L } },
-    /* 0 << 259 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 259 */
-    { { 0xfe1f11ad389283baL,0xc87e20b60cd91b22L,0x99d0015a3c5babf8L,
-        0x7e795b4d5929ea0aL,0xc9cf68331dfb7b7eL,0xc1c07346a64992e8L },
-      { 0x0b7e0dd89889746dL,0xa89d7b461c43ea4aL,0x64023cf034f02b96L,
-        0xf7dd410a5662f0c8L,0xa3bb6088a1058ccaL,0xedb25dc34e7801edL } },
-    /* 2 << 259 */
-    { { 0x140a0f9fdd93d50aL,0x4799ffde83b7abacL,0x78ff7c2304a1f742L,
-        0xc0568f51195ba34eL,0xe97183603b7f78b4L,0x9cfd1ff1f9efaa53L },
-      { 0xe924d2c5bb06022eL,0x9987fa86faa2af6dL,0x4b12e73f6ee37e0fL,
-        0x1836fdfa5e5a1ddeL,0x7f1b92259dcd6416L,0xcb2c1b4d677544d8L } },
-    /* 3 << 259 */
-    { { 0xb6f8d615a033cccdL,0x6aabb87cad75e31fL,0x30a03029a4646d1bL,
-        0xfad497e6e6547805L,0x4b9d45c3ba291f12L,0x0f74909bca059918L },
-      { 0xdece1fb0b5a181b7L,0x973f74413be1f21bL,0xcc919af36b06839aL,
-        0x14427886ad57101fL,0xc63a79882bbc8022L,0x04cf807426742ccaL } },
-    /* 4 << 259 */
-    { { 0x279fd119da1c29abL,0xbd0688022b30d40cL,0xd8f57da4da44105dL,
-        0xb1814b7a28223fe1L,0xcf2fd241e06f2d2eL,0x99003a0201dfde06L },
-      { 0x876a31affded7e4bL,0x1efaf8272f725094L,0x5117d608493a6a0aL,
-        0xdcec8088a88c03e7L,0xeae1d352ea916897L,0x8cdc28106e8b2c57L } },
-    /* 5 << 259 */
-    { { 0x52fb8e6f7041b903L,0xd7fc4b5b2ad368a3L,0xf16c61d2f890136fL,
-        0xeee859dfbb52a90bL,0x1651b16b3f8396cdL,0xfbced93eb6462918L },
-      { 0x1cb3126c4b6bfaa0L,0x65dfc76cc7c8fd16L,0x225b9c21bb46a3c9L,
-        0x6c3457577f64f9ffL,0x6f65fadd57c297ecL,0x72a630eae5c5bbbdL } },
-    /* 6 << 259 */
-    { { 0x0254486d9c213d95L,0x68a9db56cb2f6e94L,0xfb5858ba000f5491L,
-        0x1315bdd934009fb6L,0xb18a8e0ac42bde30L,0xfdcf93d1f1070358L },
-      { 0xbeb1db753022937eL,0x9b9eca7acac20db4L,0x152214d4e4122b20L,
-        0xd3e673f2aabccc7bL,0x94c50f64aed07571L,0xd767059ae66b4f17L } },
-    /* 7 << 259 */
-    { { 0x25cb1f44f4fefeeeL,0xe1a6b6c8bce660c7L,0xd25459a00d2118e4L,
-        0x716532dafedf8f98L,0xaeff37d492cfb480L,0x45919f7da1453c41L },
-      { 0x5100afe08d8836a6L,0x2ec20fd7b35d4fe0L,0xce8eefd1c00b7d66L,
-        0x922d535d6b82c7ccL,0x5eb38f3fddd8d80aL,0x7eae5305213ae465L } },
-    /* 8 << 259 */
-    { { 0x09f8bb0654e93c1eL,0xb0045884ad81e27cL,0x26ebc7b6076e13ebL,
-        0xbda0b5535d5ac07fL,0xbcb8132248ab69e6L,0xd3847d2e1c0f21faL },
-      { 0x7a466528c834d740L,0x6c67a79ae0823ff2L,0x85dd11864c1d7cb8L,
-        0x096f849f2d081301L,0xb4f503dd8a5ea0f0L,0x71ee0889d1bf69b2L } },
-    /* 9 << 259 */
-    { { 0xd7a5f9feaa074b9eL,0xbeda44032fd2468bL,0xca3956309c35ffcaL,
-        0xb02a1f592de68348L,0x946b0250903b35c7L,0xe9984f24634e9c91L },
-      { 0x4f70d22fe7303041L,0xf8a05d7fb68b0051L,0x0ce7af4fab5006afL,
-        0x1011d1644a6bb502L,0xdf959199da4ad1a6L,0xc468cddf1e146f24L } },
-    /* 10 << 259 */
-    { { 0x40336b12dcd6d14bL,0xf6bcff5de3b4919cL,0xc337048d9c841f0cL,
-        0x4ce6d0251d617f50L,0x00fef2198117d379L,0x18b7c4e9f95be243L },
-      { 0x98de119e38df08ffL,0xdfd803bd8d772d20L,0x94125b720f9678bdL,
-        0xfc5b57cd334ace30L,0x09486527b7e86e04L,0xfe9f8bcc6e552039L } },
-    /* 11 << 259 */
-    { { 0xffd4fd775b5c7501L,0xc43e409ee0600e93L,0xd2a18cba7d522993L,
-        0xbc2e14dc17c84d1cL,0xe84deb43c1eee29dL,0xe65326f08d691cbfL },
-      { 0x89760cdd77b726afL,0xb91c302a577b30acL,0xc6a742906e145891L,
-        0x95bf3e913be85cc7L,0x2ec0285b9815e0edL,0x5b4be6da8aa3ec95L } },
-    /* 12 << 259 */
-    { { 0x4ab7a22c02a2d1e6L,0x967e19a31371d5a4L,0x20f59f95078de336L,
-        0xfd28fa36f7869245L,0x1de42581cbf1d96fL,0x2e0127d7366e1f0fL },
-      { 0xbc65fa9d2258c741L,0x1f2f3356dd6d65f8L,0x06384f3a4a0822a9L,
-        0x1c81332bfd05a0aaL,0xbfb12361d95ee3ceL,0x180aaf0642016d00L } },
-    /* 13 << 259 */
-    { { 0x329ff57bf08c171eL,0x6cd8122a543af2a9L,0x5209a3d65b2f8d96L,
-        0x0285b128ba90c881L,0xeb5971ef61b43c8fL,0xf1ec473ccfd759b8L },
-      { 0xd2a79fb712d58e1eL,0x695f4877fdb6497bL,0x8bf5a4251f1a0f24L,
-        0x3e79a0dea5c8a189L,0x9c8ada35908b7ae3L,0xd8b8622c5000f772L } },
-    /* 14 << 259 */
-    { { 0x3b75c45bd6f5a10eL,0xfd4680f4c1c35f38L,0x5450227df8e0a113L,
-        0x5e69f1ae73ddba24L,0x2007b80e57f24645L,0xc63695dc3d159741L },
-      { 0xcbe54d294530f623L,0x986ad5732869586bL,0xe19f70594cc39f73L,
-        0x80f00ab32b1b8da9L,0xb765aaf973f68d26L,0xbc79a394e993f829L } },
-    /* 15 << 259 */
-    { { 0xdd01a72b6024f09fL,0x192c8254378d12e1L,0x03ec536bf5d8b8d0L,
-        0xb0c4c01873806514L,0x7d3c5f5614d202b6L,0x7c2a7c5c6febb3e2L },
-      { 0xf2fa07d4f9f2b562L,0x6f717b003ba2a4faL,0x1ff95d598f452226L,
-        0xe4b3f6ba867c1cf1L,0x907a648a5d0944ecL,0x1ed480007f64f9b9L } },
-    /* 16 << 259 */
-    { { 0x0a159f6295b3287dL,0xb18f875948cecad0L,0x6d1ab8ee1661a23fL,
-        0xcae7f40ec95c41b3L,0xbc3d20407c51eb56L,0xa7527283e8754250L },
-      { 0x815610561f9e668aL,0xb8aa7296900f5912L,0xabdbc1bf6af2a00cL,
-        0xe9a942542d0a56c0L,0x4774a7b77bc8959eL,0x0a837ff019cef2f3L } },
-    /* 17 << 259 */
-    { { 0xd9c3f4ea3c696c76L,0x3aff88caea5878bbL,0x2b01171b09dda122L,
-        0xa61d5ca0f599cad4L,0xba0c19bef49772c7L,0x8ee9acc25001f977L },
-      { 0x15fd3a172549a25aL,0x8f1a25d82263bc97L,0x372b88434db4af00L,
-        0xa613b31f4f912925L,0x7d83041a0b64efd9L,0x897c521ca7d5f6a8L } },
-    /* 18 << 259 */
-    { { 0x9c441043f310d2a0L,0x2865ee58dc5eb106L,0x71a959229cb8065cL,
-        0x8eb3a733a052af0fL,0x56009f42b09d716eL,0xa7f923c5abcbe6adL },
-      { 0x263b7669fa375c01L,0x641c47e521ef27a2L,0xa89b474eb08ffd25L,
-        0x5be8ec3ff0a239f3L,0x0e79957a242a6c5aL,0x1dfb26d00c6c75f5L } },
-    /* 19 << 259 */
-    { { 0x04c6a90ae75c82afL,0xe9183100f2488abdL,0xef4b378b111a46baL,
-        0x77ad9ef502eaa62eL,0x61229a6205e81570L,0x06e26a2db474c367L },
-      { 0x0bb2ea7e7113f2d4L,0x8ddc6f887f101386L,0x93fe2d7ef4de63abL,
-        0xc3d038278f44e271L,0xe9f9f48ea94e641aL,0xb84b817b4962467dL } },
-    /* 20 << 259 */
-    { { 0x36f3a3d8a084fae6L,0x759835899a9b0d95L,0x70722186cc80fcb6L,
-        0xf28ed0c796d84c04L,0x95a32263ffb63f90L,0xdd7d60a098766034L },
-      { 0xe193a31f1d5c387cL,0x6c5eca7eb8310f8bL,0xfe61d523c083ff47L,
-        0x90c832dbcb2944e9L,0xa9f3f293593334b7L,0xe6cde2e12d7d1c33L } },
-    /* 21 << 259 */
-    { { 0x5637d16b065096b9L,0xee3a2ad04770d39eL,0xae605cb56aa94587L,
-        0xc2d71dae9b600c6eL,0x672ef30d76a87e0aL,0x74d5bebe567e0817L },
-      { 0x38f591310eb8ca48L,0x92b74866031e099fL,0x654858ca785f77eeL,
-        0x264b6b7b830be443L,0xb167203d57103903L,0xa73d5d545ce2b21aL } },
-    /* 22 << 259 */
-    { { 0x2fd97b9b9dfbf22aL,0xdec16cc85643532dL,0xdf0e6e3960fee7c3L,
-        0xd09ad7b6545860c8L,0xcc16e98473fc3b7cL,0x6ce734c10d4e1555L },
-      { 0xc6efe68b4b5f6032L,0x3a64f34c14f54073L,0x25da689cac44dc95L,
-        0x990c477e5358ad8aL,0x00e958a5f36da7deL,0x902b7360c9b6f161L } },
-    /* 23 << 259 */
-    { { 0x5e8eb8f0636a77efL,0xe14290f8970c3a7fL,0xfe6f6acdfa1784c0L,
-        0x98671d33de6a46b3L,0xe7fd88722ae5a76eL,0xed971ecbae4f7d60L },
-      { 0x1d90dbd88461b895L,0x3f979ab4bfaaac13L,0xe06ccba1dbd3379aL,
-        0xb53b04ba108c4487L,0xe42609dd38d2730dL,0x0638fe82e81c4594L } },
-    /* 24 << 259 */
-    { { 0xbd079cf1f144b6ccL,0x7f86e29bb4f4a764L,0x5b08b290f21f9cbfL,
-        0xada0c85b75e3aeb9L,0xd0789f8b6666c2dfL,0xcf5d8a8cd71ec2ecL },
-      { 0x6f7780c3e7e4364bL,0xdd9a652985d2eb75L,0x8222f66bd952a38eL,
-        0x9dd5f7eb27260a29L,0xce49b34457947178L,0xaa215f82cdda7e39L } },
-    /* 25 << 259 */
-    { { 0xcb91619d1419a50fL,0x44a22eac65dc4c84L,0xc199f93701a92405L,
-        0x3749a33198045324L,0xf1676e8abc57764dL,0x922f9460a00c33eeL },
-      { 0xfde98e63d3766db4L,0xae08a82efd5ffb6aL,0x6a9834537c0c6ae7L,
-        0x0e9a919a54f34cdbL,0xf37a95e8fd88d765L,0x927427d4228a1affL } },
-    /* 26 << 259 */
-    { { 0x454ab42c9347b90aL,0xcaebe64aa698b02bL,0x119cdc69fb86fa40L,
-        0x2e5cb7adc3109281L,0x67bb1ec5cd0c3d00L,0x5d430bc783f25bbfL },
-      { 0x69fd84a85cde0abbL,0x69da263e9816b688L,0xe52d93df0e53cbb8L,
-        0x42cf6f25add2d5a7L,0x227ba59dc87ca88fL,0x7a1ca876da738554L } },
-    /* 27 << 259 */
-    { { 0x277c833f57c7bf99L,0xbbb84d1d0b301f02L,0x11435cb20713a92bL,
-        0x8ae509702d02862bL,0x4edc66bdaa7b0660L,0x5bc0d893d6382c91L },
-      { 0x7992c5d3b94a6343L,0x1cfee04147b19345L,0x57963034964ed646L,
-        0xd7af0cac3de7b0e9L,0x5123dd8d481b940aL,0xe1d23ad8ad7d3567L } },
-    /* 28 << 259 */
-    { { 0xaa44b2863004db31L,0x86f43d7ad43e4430L,0xdc4874cdb0b0240dL,
-        0x79986a23adc45a06L,0xbb275b443cee4631L,0x21daee8a63a217aaL },
-      { 0x1e7c5397d7b25c02L,0xe677d3cbc5e668faL,0xc7c84e28ed51b4bfL,
-        0x7ca19e99923e5408L,0xc6f8a595c3f832e7L,0x2d0a789c5fb049a3L } },
-    /* 29 << 259 */
-    { { 0x49702e622b82b466L,0x365d4f6afb8fe508L,0x2f5234e044884733L,
-        0xcd527f345dd0a3d5L,0x371b02544bf4033eL,0x7d84ad677e3212e0L },
-      { 0xaf48fd79e69d6b81L,0xd126f83a7a44bfc6L,0xbb8d2b57b2cc4e93L,
-        0x5f62a3d5eb60ec5fL,0x7b37da33aa76c824L,0x7593d06b89a682dbL } },
-    /* 30 << 259 */
-    { { 0x3fa5c1051cac82c4L,0x23c760878a78c9beL,0xe98cdad61c5cfa42L,
-        0x09c302520a6c0421L,0x149bac7c42fc61b9L,0x3a1c22ac3004a3e2L },
-      { 0xde6b0d6e202c7fedL,0xb2457377e7e63052L,0x31725fd43706b3efL,
-        0xe16a347d2b1afdbfL,0xbe4850c48c29cf66L,0x8f51cc4d2939f23cL } },
-    /* 31 << 259 */
-    { { 0xc342ed50dd305573L,0xe3055013de86c6c8L,0x0ae84d9776deedc4L,
-        0xe8e70cbfd1274b52L,0x4bb51dce32e87f7fL,0x32de3672f3748177L },
-      { 0x528af91681722d55L,0x459af071a5f2ce91L,0xf6883bbdc685a670L,
-        0x398657f9eeb836b8L,0xa08a793eb9278bd7L,0xe786426bcc09e408L } },
-    /* 32 << 259 */
-    { { 0x114a25c844922386L,0xdd084d446d4e8b57L,0xc49b68411e7bd7deL,
-        0x5b0359fad6da54dbL,0xa6e6e5f93f0da321L,0xb65ec55cd640a87eL },
-      { 0xc1a4f6ceae64020eL,0x91e29cd2088e1337L,0xf44ceb8e3c0a631cL,
-        0x0205b11db756445fL,0x04844e845bc8880eL,0xb630ddc0b85e00d3L } },
-    /* 33 << 259 */
-    { { 0xac512659c6ee46b6L,0x0c92e402ca82b384L,0x81d79049194fba3aL,
-        0x9b68376c36b42b32L,0x6dc1c80cf6b410b0L,0x509fbe9196b2b328L },
-      { 0x988fedd6fdc783b1L,0x9f34cd87436ed055L,0x29f243648bb8809fL,
-        0x6962ca24b8dc8b68L,0x076cb7b931963ff9L,0xb609ad792b915093L } },
-    /* 34 << 259 */
-    { { 0x169e025b219ae6c1L,0x55ff526f116e1ca1L,0x01b810a3b191f55dL,
-        0x2d98127229588a69L,0x53c9377048b92199L,0x8c7dd84e8a85236fL },
-      { 0x293d48b6caacf958L,0x1f084acb43572b30L,0x628bfa2dfad91f28L,
-        0x8d627b11829386afL,0x3ec1dd00d44a77beL,0x8d3b0d08649ac7f0L } },
-    /* 35 << 259 */
-    { { 0x4aeb3f870af947c6L,0x9ac9ff2791d090c1L,0xeaaa7e0fcf698277L,
-        0x737ccc2ff09d6155L,0xd5d4bde86753cc31L,0x3b9063477146d4a3L },
-      { 0x75106d8959e32369L,0x7a8ee281645999b3L,0x9184fb5cfc3f675aL,
-        0xaeebd0423ad4e239L,0xcff8f73e12f449d1L,0x2771bec17339eb4bL } },
-    /* 36 << 259 */
-    { { 0xf783db44e6674091L,0x57d0eed31e12a3b7L,0x62d2762af3474f91L,
-        0x3d122edf0562af71L,0xaf78dbf77f4bbcbbL,0x8fbbbd97e55f0654L },
-      { 0x77e117b004bac36eL,0xbbf6bd463ec582aeL,0x553acd10017eb463L,
-        0xfc521187fdfd820bL,0x73211103089b6829L,0x9d3fe7ad7e01e5c0L } },
-    /* 37 << 259 */
-    { { 0x12a8b7ac04c6babfL,0x7b23210557d2cf63L,0xe03831868f21ad0dL,
-        0xd14c2b95acdc2184L,0xe7bd19fcadc9bae1L,0xe2dbabf2edea5c71L },
-      { 0x009a3ab78f3f4266L,0x159691e17f8ff74fL,0x5ae666aa22f40f41L,
-        0x72fcdc88512387bbL,0xa74e8fb841516c92L,0xd9cee7833b15bf07L } },
-    /* 38 << 259 */
-    { { 0x00a93daa177513bfL,0x2ef0b96f42ad79e1L,0x81f5aaf1a07129d9L,
-        0xfc04b7ef923f2449L,0x855da79560cdb1b7L,0xb1eb5dabad5d61d4L },
-      { 0xd2cef1ae353fd028L,0xc21d54399ee94847L,0x9ed552bb0380c1a8L,
-        0xb156fe7a2bac328fL,0xbb7e01967213c6a4L,0x36002a331701ed5bL } },
-    /* 39 << 259 */
-    { { 0xd76b43661c8bd222L,0x041c2b87b97e5b19L,0x7b80f8d7b47c4282L,
-        0xfec3d476d0dbc7d3L,0x84aa69712753a830L,0xe5f336079ec85e26L },
-      { 0xa425d60cfe2374b3L,0xf88b90f14d953af2L,0x80370e7857ca6c43L,
-        0xe07d07176f4d6d7eL,0xe60639401e61ab85L,0x171a2bf632a4c829L } },
-    /* 40 << 259 */
-    { { 0x38e4168d4f8b5073L,0xf1ddc53fc521849cL,0xd2bf515bab917df1L,
-        0xab76b71a697d45c1L,0x20fdc6c7cb566a9dL,0x3843bf838a031cf4L },
-      { 0x9a2d89a58a028b04L,0x52f3cb1922a908cdL,0xb5df9c2b7b8723baL,
-        0x5142f51060374a3dL,0x949b719800bd9f30L,0x4b7cda16c9b86959L } },
-    /* 41 << 259 */
-    { { 0x22a32c50d154fc49L,0xe12242de66357eb7L,0x67571eb89f19ef9fL,
-        0x2ed01f28b92b20e1L,0xd4fd6efb6cd439c0L,0xc4036cfc03b057fbL },
-      { 0x605fab271cc48da5L,0x3cbd7a071416a3e7L,0x9cfe7161714bf173L,
-        0xbd03d786a77eb0f8L,0x1423516678b8f5ccL,0xecc56e02f0523f3fL } },
-    /* 42 << 259 */
-    { { 0x20b1632addc9ef4dL,0x2a35ff4c272d082bL,0x30d39923f6cc9bd3L,
-        0x6d879bc2e65c9d08L,0xce8274e16fa9983cL,0x652371e80eb7424fL },
-      { 0x32b77503c5c35282L,0xd7306333c885a931L,0x8a16d71972955aa8L,
-        0x5548f1637d51f882L,0xb311dc66baba59efL,0x773d54480db8f627L } },
-    /* 43 << 259 */
-    { { 0x2be2f1d67d64ddbbL,0x3afc2fad6edd7e04L,0x9a57c16d9e797442L,
-        0x1efecfde9c16769bL,0x86523c3571b2940aL,0x1a9b30035825d17cL },
-      { 0xa25e99beeefc4d7cL,0x8521b49fb50df9eaL,0x10bd2309bd8f3b06L,
-        0x1f892e95ea82e80cL,0xf741621c93585741L,0x95687594f5e5087aL } },
-    /* 44 << 259 */
-    { { 0xbcdd3a3146f684c5L,0xbc8be436f700b0cdL,0x33005e370de75b7dL,
-        0x527a8a2c3bd820caL,0x5e44854446997e4cL,0x40921fd93c3dafb0L },
-      { 0xf3873a8ab7390d9bL,0x30999855495ba2fbL,0x005164f0813c8c76L,
-        0x05bb04d7fe8da60cL,0xee7c38d503224ad1L,0x172018d615785ce5L } },
-    /* 45 << 259 */
-    { { 0xaaf786c0f6442534L,0x3f1344c1e56b44a5L,0x31199702ed073a36L,
-        0x1f8ba0ec3df17e33L,0xf3e7b63493ceee0aL,0x568bdf39490fc4beL },
-      { 0x364bdd11b1e1c439L,0xa1aa317ae5a63c82L,0xb12697034c02ee46L,
-        0x0bc6d92e7eb64374L,0x87538fe740ed83f1L,0x862450abda74892aL } },
-    /* 46 << 259 */
-    { { 0x59b1b1347a62eb3bL,0x0f8ce157cceefb34L,0x3fe842a8a798cb2bL,
-        0xd01bc6260bf4161dL,0x55ef6e554d016fdbL,0xcb561503b242b201L },
-      { 0x076ebc73af4199c1L,0x39dedcbb697244f7L,0x9d184733040162bcL,
-        0x902992c17f6b5fa6L,0xad1de754bb4952b5L,0x7acf1b93a121f6c8L } },
-    /* 47 << 259 */
-    { { 0x293ff71acc51318fL,0x69437a2e614149cfL,0xb12ea4613b48b348L,
-        0x2f58020321f6cf90L,0x2e865f77178b53fbL,0xf4774d29231909a8L },
-      { 0x0433e66bc4d8b703L,0x4fb6256b907097cfL,0x44a2a7fe004470f7L,
-        0x7d3ebbb46dc5f10aL,0xe9b3af288f5526b4L,0x4bc0d9db1107bd75L } },
-    /* 48 << 259 */
-    { { 0x4865c0ffc0391d0bL,0x70d31470176740ffL,0xf44ca9a1ed506d00L,
-        0xfaac86f6c981153aL,0x713ddaf4e3f86940L,0x64ec27093fc39de9L },
-      { 0x04d413acac9a26b5L,0xde2052eebb21664bL,0xa6e04de8957b4f20L,
-        0xd185b640d5487618L,0x1668b6a46fed1707L,0xeed37894c435ac3dL } },
-    /* 49 << 259 */
-    { { 0x1fa08a16f69cdfbbL,0xabba54dd0bf735a1L,0x37848c6a68a5cc20L,
-        0x08e23c52a969298bL,0x48240306f965bddeL,0x48492deaf90bcff5L },
-      { 0x416b9005bd994e22L,0xa6ce214ce6429f16L,0x5aaeec21f43f86d4L,
-        0x202db9b7a0b1979fL,0xb2d97b4fdd7ae6d5L,0x4fedb6b9e12f04a1L } },
-    /* 50 << 259 */
-    { { 0x7a56867c325c9b9aL,0x1a143999f3dc3d6aL,0xce10959003f5bcb8L,
-        0x034e9035d6eee5b7L,0x2afa81c8495df1bcL,0x5eab52dc08924d02L },
-      { 0xee6aa014aa181904L,0xe62def09310ad621L,0x6c9792fcc7538a03L,
-        0xa89d3e883e41d789L,0xd60fa11c9f94ae83L,0x5e16a8c2e0d6234aL } },
-    /* 51 << 259 */
-    { { 0x9c8e64869c85df60L,0xa84692a681e26100L,0x0350e1209c739462L,
-        0xb6da4ebf99fa1f63L,0x857b534055e2bcd4L,0x7f4001dbdb209cf7L },
-      { 0xbfa320378757800cL,0x2d56821fa6a562b5L,0xe56d810b6c3e775cL,
-        0xeba244a6ba757f86L,0xb7ca8dbf80a17cb3L,0x8cbff4a22b7db57cL } },
-    /* 52 << 259 */
-    { { 0x650c31da9dff967dL,0xecd1e0f77ed949dbL,0xa7ff9becb20196fdL,
-        0x5085c68d1e6259aaL,0x5759a166871a71e9L,0xba15e24c2b4d3bd2L },
-      { 0x22c4f75912c51998L,0x6038fb0a7c8a9400L,0x64827d9c09625dacL,
-        0xd8ce10c96ec4fb64L,0xe417ac30095686ccL,0x1e624aa88c723f44L } },
-    /* 53 << 259 */
-    { { 0x872d3dc953387fbaL,0xaaa0e1b4317ec17bL,0xa12b45519efb728cL,
-        0x0b43907d45a3491eL,0xb7fa83befa4a239dL,0xbecdae00b59a4f3cL },
-      { 0xe4e4c7c393407d23L,0x8278f336cf1d3cd8L,0x73dc9356610570a3L,
-        0x5579653d688d933fL,0x208b96be5881d760L,0x4752a645d12f57bbL } },
-    /* 54 << 259 */
-    { { 0x87ec053da9242f3bL,0x99544637f0e03545L,0xea0633ff6b7019e9L,
-        0x8cb8ae0768dddb5bL,0x892e7c841a811ac7L,0xc7ef19eb73664249L },
-      { 0xd1b5819acd1489e3L,0xf9c80fb0de45d24aL,0x045c21a683bb7491L,
-        0xa65325be73f7a47dL,0x08d09f0e9c394f0cL,0xe7fb21c6268d4f08L } },
-    /* 55 << 259 */
-    { { 0xe02aca87d4bba3cbL,0xd40ac486652fb181L,0xa1dcfe7ffaa3f999L,
-        0x116323e0e9eded09L,0xaa3a0f0f07629d4fL,0x9f8e49f5e0dc53adL },
-      { 0xbae96096742af22bL,0x6d7e24dd518862dbL,0x5c91ba30bb333cd7L,
-        0xda8df051e65319b0L,0x2b9305ce9b3e43dbL,0xbf1d0e98fe783571L } },
-    /* 56 << 259 */
-    { { 0xf629fb233809aa31L,0xb3b66d77650bd2b8L,0xcb643126bd325d57L,
-        0x29f46272ed41fa03L,0x374e734f406ef56cL,0xbb9ecd36da7428eeL },
-      { 0x069694a61c06325aL,0x852b2912e40b9e8cL,0x6504bc90cc3d9695L,
-        0xf1af43587e38707aL,0x552127dc239a0781L,0x0d1b3a6e8fe76173L } },
-    /* 57 << 259 */
-    { { 0x207e41f31d681018L,0x8883a6e417a7d540L,0xffc48332bc983c31L,
-        0x729c4110c6b3de67L,0x5ef4680ad69a2499L,0x4544b58fe7afb2e7L },
-      { 0xf5a2fb13480e063dL,0x8797357382054197L,0x5dd38cf7131d2df7L,
-        0x635e91b8a9366742L,0xbd87a407e0d703c5L,0x6cc37be247251f16L } },
-    /* 58 << 259 */
-    { { 0xc4ccab956ca95c18L,0x563ffd56bc42e040L,0xfa3c64d8e701c604L,
-        0xc88d4426b0abafeeL,0x1a353e5e8542e4c3L,0x9a2d8b7ced726186L },
-      { 0xd61ce19042d097faL,0x6a63e280799a748bL,0x0f48d0633225486bL,
-        0x848f8fe142a3c443L,0x2ccde2508493cef4L,0x5450a50845e77e7cL } },
-    /* 59 << 259 */
-    { { 0xaa129c0ddc428c57L,0xfe619b75aea19047L,0xd6287ecf12ea77aeL,
-        0x4e6d070fdf7ce104L,0xd0df6788f097c79cL,0xd1c1f8a6ad8b1d07L },
-      { 0x53eceba296519e66L,0x71670de3d6274109L,0xd2f21ea03f7a82b8L,
-        0x41efbe939c8e45a5L,0xb5b153436ada3edfL,0x32ba22aca90038f8L } },
-    /* 60 << 259 */
-    { { 0xe1d195fad0cbe947L,0xd1fe0c4ef2ef1b72L,0x1451a0b206003fffL,
-        0xda653fa08239341cL,0x5f834372f2508d75L,0xaeb245f507faeac3L },
-      { 0x3eb3285b65fdf4ddL,0xfb335c0e84085970L,0x600ad6cae5efc0deL,
-        0xc9c9f8910cf83e82L,0xf880ff84ad8cc14cL,0x54816725a016aae6L } },
-    /* 61 << 259 */
-    { { 0x22ce565ce1124375L,0x30ff1dc5edd968c9L,0x62d74c54e9148534L,
-        0xf003f0d35de42774L,0xaf9448e6e57f8842L,0x55d5c9a3c5ff761bL },
-      { 0x7da9398cc4c5edd8L,0x9643424e4ea0e099L,0x497eed480634fcb4L,
-        0x09ffe2d07dea57cfL,0x30673ba73530a094L,0xfdbf8f24a251cff3L } },
-    /* 62 << 259 */
-    { { 0xd0f4e24803112816L,0xfcad9ddbccbe9e16L,0x177999bf5ae01ea0L,
-        0xd20c78b9ce832dceL,0x3cc694fb50c8c646L,0x24d75968c93d4887L },
-      { 0x9f06366a87bc08afL,0x59fab50e7fd0df2aL,0x5ffcc7f76c4cc234L,
-        0x87198dd765f52d86L,0x5b9c94b0a855df04L,0xd8ba6c738a067ad7L } },
-    /* 63 << 259 */
-    { { 0xf9ae5fcedb877020L,0xd84ad42f703e5d09L,0xa6a5cc1fbfaed17eL,
-        0x2099409829362fe9L,0x9f863bb0dd299c2dL,0x82bd3f61fa632197L },
-      { 0xd3b14097ebe7ff51L,0x7c9e6ec4c719a6bcL,0xd3b46f3d70a51db6L,
-        0xc8fa2f0692eb8243L,0x68e1f56e02155139L,0x0c35d135fd3b893dL } },
-    /* 64 << 259 */
-    { { 0xe76894c3ae7ce296L,0x87737ee2a6cafc34L,0x566dfcfbe55cd1e6L,
-        0x5421a9f23a7ad5b9L,0xa005838a4687a4efL,0x3837219a23a2c423L },
-      { 0x4b7800128a82cd1bL,0x401c07bec728b588L,0x2b5f69e937ced8f3L,
-        0x306b621d8c1e1eaaL,0x8acbbe71d389cc4dL,0x922fa665f4ab7774L } },
-    /* 0 << 266 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 266 */
-    { { 0x2df6f242d35c2d80L,0xf65a99a93493ce97L,0x9e80232b372bcc87L,
-        0x26ba13b86e428cc5L,0x2526ef1f13a1b763L,0xcef3edcddc97c5f3L },
-      { 0x4954867fbde16b73L,0x9817813d368ff6cbL,0x7e39fa69be143027L,
-        0x12329463cf54f28bL,0xcf0991dc7597c2daL,0x0cda396952e07099L } },
-    /* 2 << 266 */
-    { { 0x412f64a3f303955dL,0xe92bdca9bd692593L,0xfbe6cdc2c2e964e0L,
-        0xe9a3b1fd0011cb01L,0x6c30762dcf228f23L,0x1270b84abe9199a1L },
-      { 0x732711dfe3c9cbb1L,0xa3aabe37d91d9513L,0x8ee08ba0c6eceba7L,
-        0xb1711531f3c3d31dL,0x65060b633c716948L,0x046b4ea12ff2caddL } },
-    /* 3 << 266 */
-    { { 0x25d1124fbab220c6L,0xcd1423c861524e3eL,0x75e4f45f0434fb51L,
-        0xb5180a8f5180ab2bL,0x144e214e5b22e388L,0x6b16dad192263054L },
-      { 0x3ea7590740863566L,0x372d5abddada3b46L,0xb3ff5a3a893d210fL,
-        0x39f8d1ce5e29f3dcL,0x559186ce68200e82L,0xf48764541202cb66L } },
-    /* 4 << 266 */
-    { { 0x6f178dbf8b540904L,0x0264bccd8720472aL,0xa6e8b4b459b46611L,
-        0xafce8267c72b4a58L,0x21142175a45985adL,0xd23401dfe649d733L },
-      { 0x6bf42fe085dc7720L,0xc5c8ab9440e3f2f5L,0xb0c8a58acd029197L,
-        0xa73ff329215492e1L,0x895c545eb1b5a5f0L,0x6dbc24456fcaf49bL } },
-    /* 5 << 266 */
-    { { 0x25ef32d60f2d76a3L,0x540650b9af4a7d46L,0x8979a4b8d991d7f4L,
-        0xdaa706c299202400L,0x8a729680f19d281dL,0xde25bdc44ec44de2L },
-      { 0x0fc50832c2054496L,0xfee72fb60aaf2941L,0xc8263e64b82ed4f0L,
-        0x91a8cb736f49055cL,0xb7585458f2bb515cL,0x03d2b23ab855e6c6L } },
-    /* 6 << 266 */
-    { { 0x09ec1e3dcfd3f182L,0x1f1c30b5adae7af9L,0xf3a33f7c6b454164L,
-        0x0318926f94647c4fL,0x8e37bdd787db14ecL,0x811cbd342ab364d3L },
-      { 0x1dd1e5077c2b369dL,0x7a57bc46a28056bdL,0xfca5be4b089efe44L,
-        0xb3bd84d76dc1290eL,0x40d7af098793e6aeL,0x4e08e11fa3723942L } },
-    /* 7 << 266 */
-    { { 0xca3709ad899ffebbL,0x1a87377877c00602L,0x5ff40c2aa99b4af0L,
-        0x680464e5a80e870cL,0xd2f7f04494e10b1dL,0xee9b206c4e9aa1a7L },
-      { 0xb536d67596cbe950L,0x841856899e8305f3L,0xae1b669c369fa255L,
-        0x62e260267233e1eaL,0xac05c5136aa60c24L,0xdfc6814fd2691677L } },
-    /* 8 << 266 */
-    { { 0x8baef5df0a02b0fbL,0x58a2b06bc2b92b02L,0x268558d754c8267aL,
-        0xf924f795ccf70393L,0xe3763f30f68ee021L,0xc1e856f05c01ba4bL },
-      { 0xcc01a3e9722b6bffL,0xd2be4623ed5b3b02L,0x1ab3512e6c45e33fL,
-        0xa978fe484ef433f6L,0x23e2ea018e21f5afL,0x49647d8811524a40L } },
-    /* 9 << 266 */
-    { { 0xd50abc94f5d3f437L,0xbf2ffcc546b7b738L,0x0bf53571f80edda5L,
-        0x167908d4ab90ba5fL,0xad445b102303cf00L,0x9b537d4fb9e59406L },
-      { 0xfac5e27cf43049a8L,0x05ccb32ebf9db100L,0xe662eeac4d1b535fL,
-        0xbf21d6d78d27ca90L,0xb960bf652a684981L,0xe16bdaee49236475L } },
-    /* 10 << 266 */
-    { { 0x47a5958f92ad4720L,0x12c33193da3bf809L,0xf16493147da6d32cL,
-        0x42eb4e687102deebL,0x0f8c4ce283088c86L,0xedf91c3bd693c9a2L },
-      { 0x8a18a4761e8c310cL,0x5e8757c5dc3db0e8L,0xc48b820ef76a0affL,
-        0x690d788d5c71e596L,0x2b0a00857cfe770dL,0x440ba06bd46505f0L } },
-    /* 11 << 266 */
-    { { 0x503f77906087d4d0L,0xc7243aeda1ebfb04L,0x203f0563ad8f14bdL,
-        0xc20013b7cad73fcaL,0xbace8b323741a708L,0x0b376ff731bdeb56L },
-      { 0x820b7f1282c22e57L,0x0c08133117830562L,0x306d178a8d0d30c2L,
-        0x36a6efd1467a1510L,0x558fea1af55b7b97L,0x1e9152b784e546eeL } },
-    /* 12 << 266 */
-    { { 0x92a7fbcdac3ce531L,0xeb85f7f059498d99L,0x8e45db2d02a8feb5L,
-        0x176c0cb2728cecbeL,0x33fcfbb0d1837662L,0x426e192dd6f2882cL },
-      { 0x75a0f3450a2c9899L,0xd815dc6066148f9dL,0xf4ea90cefa0453afL,
-        0x5108858ff54c96fbL,0x86b46b5731f77afcL,0x59df021f6bf7e2fcL } },
-    /* 13 << 266 */
-    { { 0x48d67f73dab6c0f4L,0x70cfc26cf0d49ef3L,0x25c95a68a65cce7bL,
-        0x29a05632cf6ad228L,0xbcc2fb5a1a8128f5L,0x360d82a48c9defe0L },
-      { 0x1c5c5d628d1531d8L,0x58fc4b9a149f6b4cL,0x8097cf56a3b625adL,
-        0x8821ead7fd8e0e35L,0xb96c2b880d9e1df0L,0xfbf55ba72a243accL } },
-    /* 14 << 266 */
-    { { 0xef32e94d70e0d8fcL,0x33ec93dc6d63e65fL,0x134532fb1dc7156fL,
-        0x98fb5b0c0e8d85b4L,0x05c28df9b64f7861L,0xa7e73afa4160e1a2L },
-      { 0xbfe60a9b785f6e4bL,0xfcf998f12fec9ec5L,0xf673b8d15c12a44aL,
-        0x85df3bc736d189a5L,0x4480a189dd83f6e0L,0x3216317ef3d3ab44L } },
-    /* 15 << 266 */
-    { { 0x221c1b7ffd3d7532L,0x40939c318bb4e719L,0x75182ce602f8f74eL,
-        0xf508d6415395f9d8L,0x88fc89ea1fc81977L,0x861d8d0bcc8dc7d3L },
-      { 0xd76e4f0cec07b0e2L,0xb0a4e2aa5819b99bL,0xa67bed0366a9c935L,
-        0xce7c8241d2781f91L,0xe7c5c22512af0abdL,0xd1067dbcfde7de16L } },
-    /* 16 << 266 */
-    { { 0xe1d42d94d087b788L,0xfbfb221aba0e176aL,0x5f6698e783686966L,
-        0xbb5e159474a30dbfL,0xef86bb5bcfd20230L,0xf055a1c5403b8f8bL },
-      { 0xf249aac8d9d85ea7L,0x7318f7bc3d200198L,0x3b80960cefca9a90L,
-        0xf28e33888f449c4bL,0x0cdfc61bf0cfe09eL,0x3b169c638b22cd26L } },
-    /* 17 << 266 */
-    { { 0xf4f13a49b81b45b0L,0xb77a67be3003fe1bL,0x70e648a318d52c97L,
-        0x701ba8a1ee17ce93L,0x58a0ce0cf672226aL,0x2fcad147cebc3294L },
-      { 0xf5cd118a104e8f68L,0x0015bc0bd15358e6L,0x75f0d28f1c662df4L,
-        0xcd54f443a3e038f4L,0xa83507610804c717L,0x5fce0ce3f03bad08L } },
-    /* 18 << 266 */
-    { { 0x4c2e2bffa180a71cL,0x067f3e3baff551b9L,0x007610f1afa43e12L,
-        0xe8a9ae79ef7b9a1cL,0xa558ef6cf9d3b397L,0x8d5229884f172f34L },
-      { 0xafa906332d425e05L,0xc62c3914207b0bd8L,0xc84d197c059f7d66L,
-        0x6cc1d8ce421a9172L,0x1d44a46929a7ebe3L,0x96ca4d0171c3c8b1L } },
-    /* 19 << 266 */
-    { { 0x31302e094d369fd6L,0x62fe210cf1b62d27L,0x496ac173bb37578cL,
-        0xb4d3d065aa0907e0L,0x02317db27c822875L,0x60a01580f241ebc7L },
-      { 0x81a5d5244e4f37d0L,0x5286f7289c3f2555L,0x14c8c7549a73ff08L,
-        0xd8236689ff478877L,0xf62d426b08e09f00L,0x2ba1833c67a96517L } },
-    /* 20 << 266 */
-    { { 0x7013d596831f464aL,0xe57185fdd3cf6ca2L,0xbba7898e35915f51L,
-        0x9fbe5f139fd967d4L,0x0aba8344d173558fL,0x4c0dd30dffeb6beaL },
-      { 0x928f68cc5110e40fL,0x1589a327a58b6d60L,0x09b5c4e06abb0ac9L,
-        0x01ef3f8a68957627L,0x55dbe9f79f4045a4L,0x91976aeeef178ac3L } },
-    /* 21 << 266 */
-    { { 0xd9c20a69b85e46d9L,0x1bda1163cdbda686L,0x5c0717f6c02427a9L,
-        0x2a976c104d2a48afL,0xea276b15921a02e5L,0xf055b980ddb6315cL },
-      { 0x0ab85663825f00efL,0x95377fd42053a392L,0xc51c245e23f463e8L,
-        0xe1ae1e5da24c981fL,0xd6a0b44d9f5cfdbaL,0x1205754023c16002L } },
-    /* 22 << 266 */
-    { { 0xfe464ce116ac9150L,0xfd629551173ee9e8L,0xd0623ab1781696cfL,
-        0x7a07cedd58529fa9L,0x831b4a9d449c33a0L,0xb7b7b72417b171a8L },
-      { 0x0e1ff931f5a9aa41L,0xd43f33dfe356ba47L,0xd2abfc77f003b5d2L,
-        0xc2909150882c0313L,0x83823f6c7ee111a6L,0x9d7a2d82f59cb72dL } },
-    /* 23 << 266 */
-    { { 0x52e712549b33f6fdL,0xd4d9b73f5c414babL,0x9834943177e93a9bL,
-        0x848b53c99f283fc9L,0x86e48b6234c787efL,0x8b498e1cb3166045L },
-      { 0xb2259559e5e456ddL,0x0316069fa2c2ca8cL,0x9a70e29ef6524ecfL,
-        0x2477ffc9bfff600dL,0x80a9a5e081869e1cL,0x84f887e70a78f6a0L } },
-    /* 24 << 266 */
-    { { 0x7f89c2c40c9f23eaL,0x8fb025d4d6ec2b2aL,0xbe70e48b12d9f811L,
-        0x703ac1bdc7a43dd0L,0xa4309a2c2118ca3aL,0x5a95d7b301943012L },
-      { 0xd9597d87811f6c73L,0xf82e801596079992L,0xfcf8760df1561aa9L,
-        0xe1e0306e2d91ee39L,0x99979031e0bbcb6dL,0x49259e54cfcc8746L } },
-    /* 25 << 266 */
-    { { 0x0de49373a38fb6dbL,0xda9e9036d6bf0a7dL,0xc99fe05fcba221c4L,
-        0x45b51edd4cb730f8L,0x312670a3b064e142L,0x60dd1edecddb9ddeL },
-      { 0x94be613b9291d75dL,0xbc49861ca00b9831L,0xccec7a08230320bdL,
-        0xd1de7bd80ff967b1L,0x5a1164f105fda7e3L,0x864cfc4ce3004538L } },
-    /* 26 << 266 */
-    { { 0x06f76165385095a7L,0x3c73ac918514b2e0L,0x8ac1120a04b2dac0L,
-        0xed6a74174382d5b3L,0x852a5a7864a32d50L,0x7ef5b84bbdc721acL },
-      { 0x73dd18980480d271L,0x755b23e04ab0b11dL,0x2e78238982391e5aL,
-        0x4957b5c948923446L,0x4ab9318f6921c1fdL,0x8e455abd3e46607bL } },
-    /* 27 << 266 */
-    { { 0x5c41aafbaf25d6b6L,0xe351f1df916b63f6L,0xe28e9ba98a6efd65L,
-        0xcbca736356afe7b0L,0xa77d6077f7384e6aL,0xcc9ad74a738a90abL },
-      { 0xe1071caa2333dc2cL,0x4415691000dfc2cbL,0x0ce43c16afd89eefL,
-        0x0cfbb8767b812045L,0xe6da40fa6d916fc7L,0xe404b3436302af21L } },
-    /* 28 << 266 */
-    { { 0x4073f246d9915433L,0xc0149d5672e06203L,0x0abb06c18fcec6a1L,
-        0x3a7d1295d75a73f1L,0x65fd8700f18c9488L,0xc3cc0b27732f7741L },
-      { 0xd15d8c8025a261caL,0x518233510dc1fee5L,0x981607c7120e1266L,
-        0x0e486b11f42cc9fdL,0xe606c16c01a888cfL,0x079dd0b31ea23249L } },
-    /* 29 << 266 */
-    { { 0x19c62d3c58624305L,0x44974c41b73eae15L,0x2df48b6dd023231aL,
-        0x6a82c197c6fad2d0L,0x55758764c623fdceL,0x29f533fbadcebd90L },
-      { 0xcfbe4155cfff7336L,0xb18415c7bfb609fcL,0xc23395ad8d411a6cL,
-        0x25aebbcf0c92de60L,0xf4d3b1ebc5ccf268L,0x9646b4a79ac85de3L } },
-    /* 30 << 266 */
-    { { 0x0f423f3013d6cb61L,0x239b2baa66674aceL,0xa6f2ba39eda69340L,
-        0xdbbd20eb43e6918cL,0xe6ce84a3e5e7248cL,0xd9184bb5e04c580cL },
-      { 0xe4b76d96a0738aedL,0x98662b6090d480a8L,0xfb14bec72610b6c5L,
-        0xdfcb01f6bb65837cL,0xd7f0b6ad4a97fb21L,0xe6d84f4bad59b2ceL } },
-    /* 31 << 266 */
-    { { 0xa79085eb1f7e921aL,0xe2737a08d0aeb41fL,0xa96d7e8169ead959L,
-        0xbed1731b733b7c6aL,0x7768e32df508a48aL,0x6f73a08651ccc97aL },
-      { 0xb7f94a4b9122db73L,0x1cd17ca257ec947eL,0x7c83fe278f8445f1L,
-        0x661f5d82b520fe34L,0x495354942233d364L,0x0bf7abe663925ca2L } },
-    /* 32 << 266 */
-    { { 0x923e948c203bb368L,0x58e37a2b231a80e0L,0x345a011a6df27debL,
-        0xba6784c1d57f4ca2L,0xf01b3703114196e9L,0x981a63eb1aab426dL },
-      { 0x2ffdc97851770c1cL,0xddd19da6efa722fcL,0x5ca1c01216f09c1eL,
-        0x612021de5b9cc0b6L,0x910e10e95e150569L,0xacace9dce2ab93eaL } },
-    /* 33 << 266 */
-    { { 0xf66601a7aae13423L,0x940bcd2882cf3308L,0x55de590974f632bdL,
-        0xf677d9d4f183faeaL,0x54026b2828ab364cL,0x2a5353dc743469edL },
-      { 0x15f02aadd46871d5L,0x4b3ec89b5a2100d1L,0xca85c3681eb9c381L,
-        0x145cc7fd50e78466L,0x75fdac98c4b4cdf3L,0xb7cb9170796136f4L } },
-    /* 34 << 266 */
-    { { 0x6e89c0df54827957L,0xafb26b6d05805250L,0x0c0dc4ea37343465L,
-        0x2d3c8b873daca876L,0x733b23d9554a2cd8L,0xd4f2936a6a04d38dL },
-      { 0x0937611686f90d9aL,0xcd854d3211425591L,0xbaf9d4cab55b4bf3L,
-        0x47259b95144676c2L,0x765cc4b55d7d2835L,0x36e47a8882b2cbafL } },
-    /* 35 << 266 */
-    { { 0x2070db373af8c96dL,0x4c2db2623b70e976L,0x7ed4d1e9c01f404aL,
-        0x04a52764b39d2e07L,0x06e4a7984ebe3ac3L,0x35c9c1f68d7645a7L },
-      { 0x2e0b48c75e9c295dL,0x5d44fafaf78e0717L,0x2fc27eba04213067L,
-        0x9f3fb2ff2ab0f0e6L,0x374b32fd0c730af6L,0x06ec846129583945L } },
-    /* 36 << 266 */
-    { { 0x583a3272230be37eL,0x4d3298951c55f593L,0x3b3a2d8a350f0334L,
-        0xec830170b25498abL,0xd65847d9b3a01571L,0x4605e739663f86fcL },
-      { 0x971b8e115c4bf502L,0x651d179571a892b0L,0x57930832d2d1a4f9L,
-        0xf97010745b09a4c4L,0x76b023e55ec2d1a6L,0x8648b8bcf49e1329L } },
-    /* 37 << 266 */
-    { { 0xc5a8884d6d5c7411L,0xad32aa97d098e2f2L,0xf99569e945d8ad00L,
-        0x35801c1c0a232776L,0xe426fd65fb1a2cb2L,0x874b559ecb26ae10L },
-      { 0xfa67c2ddf44461b8L,0xc58f8d229418e17cL,0x5998197169908eddL,
-        0x8a4a14b8a1f78300L,0x4814c36e61f7fbc5L,0x0389dcc716a1c7adL } },
-    /* 38 << 266 */
-    { { 0x777e308fc072cf71L,0x4a2d66928c807ed5L,0xa4fe074124842689L,
-        0xa3c2a867151ed7b1L,0x52ef24f24d22ee35L,0xe684ac76499053ddL },
-      { 0x0b7c223b0582cb86L,0xa6c18539bb81f713L,0xb472da7f66d2aab9L,
-        0x3592ab7b7916d4e5L,0xed651a05770c49a1L,0x7b879da1c0256420L } },
-    /* 39 << 266 */
-    { { 0x82eeaa1496f83e29L,0x586f3e8de5cae8eaL,0xb671eddbb298eb5aL,
-        0x41efea86dd0da080L,0xfe9af019564a382eL,0xb2f370463027693bL },
-      { 0x65466e5018789c0fL,0x5b0870ac2ebfe89eL,0x9093f416a59f3a53L,
-        0xab0cd17251864c77L,0x8e3aa9864481457bL,0x46cfd207896346a5L } },
-    /* 40 << 266 */
-    { { 0x473bdac887cb6ae0L,0xbd3001b3f155c32bL,0x109643c20026e8a5L,
-        0xc4f5f6cc188a568eL,0x630aecf64d2758e0L,0x4549949955b91872L },
-      { 0xb10f19d4b6a09df6L,0xc537a4bb37f26d01L,0xd29f505c4d19a293L,
-        0xf388a5d2cbb09b17L,0x462efffc6811a49bL,0x8a1cbc40b2f3aef2L } },
-    /* 41 << 266 */
-    { { 0xf7d94342b7b42998L,0xcdfd6e43629089abL,0x622e8d3cf7932661L,
-        0x4818adca0b14b257L,0xcc1dcd1ccdb486bbL,0x58b6cb7ecce8b358L },
-      { 0xca36c0b4e640cebeL,0xcc5598942d25f742L,0xdf4f2a9ed754d3eaL,
-        0x072eb5e5f44a8604L,0xfa7b1a03cd5ca1c5L,0x6b6b4967d4779eceL } },
-    /* 42 << 266 */
-    { { 0x0f0233df8665f6f2L,0x8cd887463bd40f39L,0x23a41596eedf8d3aL,
-        0x3f50e3f0b5ef5455L,0x935b24e0a50cd358L,0xfdd0e940d362a9a7L },
-      { 0x6b00a6d154371aabL,0x2e707c4e1204bcf8L,0xb4d2d2dc30233f88L,
-        0x470c3201783e58efL,0xf53987865ac21a16L,0x278487d626c3513eL } },
-    /* 43 << 266 */
-    { { 0xab5ac4df7d40427aL,0x0c4fb23b66ebdcedL,0xb02f8632b87df612L,
-        0xebbd2e7f1801700cL,0xdd11de725b675e5bL,0x2adfb20662d7210fL },
-      { 0xe3ba7c0e28667b70L,0x3e190a438fe31c22L,0x57908f2bc3390733L,
-        0xe9e8714ccb6fefbbL,0xabba506dfd51c513L,0xd50f979f6b798860L } },
-    /* 44 << 266 */
-    { { 0xdf224cea1eed2b0bL,0x10205f438814572bL,0x8b99d85c02eb9b6cL,
-        0x7a8a3d146c63a672L,0xc8822c6c96f45695L,0x0530f619c7f532f5L },
-      { 0xb981e182310f8355L,0x49318290f201444cL,0xeaa4c406f9b76d19L,
-        0x960fa2c7534a91c1L,0xf98966d1522b7d9dL,0x66912542c757dbd6L } },
-    /* 45 << 266 */
-    { { 0xe265972e1fe73a1aL,0x77e234c2987a1a34L,0x1814bdfe8c5789c0L,
-        0x908f55c7df2ca0d7L,0xec207eb2a6a50ceeL,0x63cfeaffee916760L },
-      { 0x808a758bf466a1b8L,0x2a48112d8383b0afL,0x5238922ef1a4ca6aL,
-        0x5c422786778de666L,0xf5a8c6b5d2f549ecL,0xcac5d0c5242bbc9bL } },
-    /* 46 << 266 */
-    { { 0x33e0e005b34dbf06L,0x7bbdbe1e1fb341dbL,0x443fde882bab5425L,
-        0x9db5bf1a86b57cdfL,0x72c535c309a93848L,0xf7aa9432b5f216ceL },
-      { 0xc17dc7ae0242308dL,0xf1cb5dc5db0e4c0cL,0xb9d16d58a2b7112eL,
-        0x486cda07ee4494b5L,0xeb46ab545d431adbL,0x3261dc5181ab565aL } },
-    /* 47 << 266 */
-    { { 0x476a4bfaa2a8a081L,0x43c5f841394f851bL,0x659baa591f5b22ddL,
-        0x49a786aa65f680efL,0x091bd21608fcb9d8L,0x13f6953d984fe1f1L },
-      { 0x7b5d9f4b6d6d40a3L,0x2f135dcf0d458d54L,0x2da18c3d3a71204aL,
-        0x3d93edb97a3486d6L,0x026fec7261846af9L,0xa62197bcd5200dcdL } },
-    /* 48 << 266 */
-    { { 0x0cdd83725070e0a9L,0x7c5ad562ec550783L,0x9652b8474f3b8d2bL,
-        0xfdd60d93e6e98d73L,0xd51cae2ca3479d0bL,0x11b93b6dee05c006L },
-      { 0x9d72b82d8a3b40d5L,0xc6e996fea7d24855L,0x420672f7398603deL,
-        0xd551b34a9a1af2ceL,0xdeb8c1d913bdce0cL,0x56ca926debbeba7aL } },
-    /* 49 << 266 */
-    { { 0xf63ec096bb85ca8aL,0xc149664173bc52f2L,0xba792560c02fc808L,
-        0x9a6043e3533c6523L,0xa9d78f0aa8564390L,0x7fef67e494614bc7L },
-      { 0xb4091b8fd389234dL,0x5913368e82db1d08L,0x178f7df0981cc6caL,
-        0x19b1f2be725ec048L,0x852aad85012f9c44L,0xb07cac0dc894e777L } },
-    /* 50 << 266 */
-    { { 0x1c1709d02c7e0767L,0xec1013234d70b117L,0x95c57e678beb8e05L,
-        0xdbf29e2e1133fa4aL,0x917f4a6c5139e020L,0xcf0be5098399735dL },
-      { 0x83014c169c878b4aL,0xe0c14d2cf789b84fL,0x222aba39165a4aafL,
-        0xe135f2b384441391L,0xb6f1cf7e19c3ee07L,0x2f918da9f810499eL } },
-    /* 51 << 266 */
-    { { 0x026ee35816bb2bddL,0x8c8953f8566d8470L,0xf0cd746d0fc63932L,
-        0xddf3e54f060a07a3L,0x8da877a643b4e92dL,0x7ffd839dfdc9e34aL },
-      { 0x5c3527445df04d9aL,0x3c5eb576b69f84e0L,0xf73cae300848d993L,
-        0x3438f2bea0fe7fdbL,0xd4e7511f0eaf0168L,0xa7ffd167c768386aL } },
-    /* 52 << 266 */
-    { { 0xbb91877acfc74bb0L,0xbe742182a060a71eL,0x116e5a626ed7786cL,
-        0x0a496b1bea669e56L,0x3a012174b8f02e6eL,0x6add760c106174f4L },
-      { 0xaf2606e05e0292cbL,0x7800a495c7b7bad0L,0xca02c9320a1c5954L,
-        0x904f23c6b245ad57L,0x28d6cc2172934de5L,0xbb7ed903283752cdL } },
-    /* 53 << 266 */
-    { { 0xc80288125e58122dL,0x7a5c65f1c4b089caL,0x4ddfd3663b980faaL,
-        0xe8129f7f96a909a0L,0xc177aa042221ffacL,0xaf444ef78ff46e81L },
-      { 0xa627f3d76b154996L,0x0f06fa7b115e2a5dL,0x2532b85d43fdb775L,
-        0xb6d96b32eaacfb58L,0x898766304f834382L,0xfd2ffde9d5636b92L } },
-    /* 54 << 266 */
-    { { 0x318cf974973757d0L,0x12882d0a94ac73a2L,0x1fb74a53bc250843L,
-        0xc612569eccd8d47dL,0x74cff8789d5f7c8cL,0x54e0e475375a7366L },
-      { 0xe8322d23d0f57cd4L,0xb6ec5666d95a6e0fL,0xc8374b254a4bd084L,
-        0x9459181b349d93ebL,0x7011f0a61368b9a8L,0xed57a19137eb2833L } },
-    /* 55 << 266 */
-    { { 0xd245d180fa5f79acL,0x44c331f35b41fcb3L,0x13188b6e27ee6c0eL,
-        0x54ce984b23fdc742L,0x66d4e1303c81c213L,0x432174030ecb6fd8L },
-      { 0xbbeb09fe111ae08bL,0xb22ca6b42e2df05cL,0x0e9d01dd0fec9be9L,
-        0x9ac4523dfd2fc4abL,0x3d9e98c8fdc059f5L,0xd52e6dfb2d2cbde7L } },
-    /* 56 << 266 */
-    { { 0x80d7ef8598100f17L,0xb9795c7112db3f3aL,0x44473659296a7c44L,
-        0xa46810f21e5bf539L,0x5621241814ee1e3bL,0xea8284e209931822L },
-      { 0x424c613e42ac1e42L,0xe84a80afbccf9466L,0x21a8cdcc45132204L,
-        0x9505a4148d58da62L,0x773e09837b3f47aaL,0x0ad0cc91e109bc6dL } },
-    /* 57 << 266 */
-    { { 0x98e2509bb527b250L,0x2dd30c824a9c762bL,0x54025da4cb2a00a2L,
-        0x88ed00ff04d8e0e9L,0x5699890219ab1fadL,0x92fffc41697b0226L },
-      { 0xb481d1ee7d08a39bL,0xea773f7f82be0803L,0x967e848a6de8ec6dL,
-        0x6ea1e46380293472L,0x941cded72e988de3L,0x85f96b23399da6b5L } },
-    /* 58 << 266 */
-    { { 0xabd86572f1a62473L,0x9ec25d0bec274738L,0xd27d1a8c2052d4ccL,
-        0x1f2a2a9ba95de3f0L,0xe3b8652ea2c91bcaL,0x1a4f6900822175deL },
-      { 0xd9405d4662475a44L,0x4ecbe06cfe55c587L,0x30f8d199a4ac2f35L,
-        0x2a5defd8d3c12844L,0x6d0fd9d673fe9b7eL,0xb0ae1019adf1a196L } },
-    /* 59 << 266 */
-    { { 0x6c9a378c30734f5eL,0xdf04359f6aaf7b42L,0x244422fc16f87409L,
-        0x81dfb15b08bcd67cL,0x24b7d083a5e4a8e0L,0x557183410431786fL },
-      { 0xc8feeb8c33f3ec2eL,0x360098cb2be371a0L,0xf4f3d992bdb874ceL,
-        0x47b432ed87af8471L,0x5c4b1dbdf87535deL,0x6bb6d6dd8301f660L } },
-    /* 60 << 266 */
-    { { 0xafa9338759769f77L,0xe6c710cb49e502b3L,0xe6fd7b8d1514da98L,
-        0xb5924c63aedf93caL,0x4cc36795c112b37bL,0x0ee30ce3231def42L },
-      { 0xe1f436e7daf8a37eL,0xed54b7f56efa184aL,0x09ad65752c0dfe63L,
-        0x5ed9da43ca530b38L,0xea2fa192ae156274L,0xbf096c54a4429edaL } },
-    /* 61 << 266 */
-    { { 0x41401b98f54490cfL,0x361a24a143b21183L,0xf0176431b6570f0cL,
-        0x851bfe9d05c8bd3aL,0xe44f4ba74611e1b9L,0x587677dc28bf2c27L },
-      { 0x3e3b67886d85341fL,0xad65a69468aa381bL,0xd269dc711aecf19bL,
-        0xb94b64a2d98e6a2cL,0x6004b569a94661a0L,0x81713a8e689181d5L } },
-    /* 62 << 266 */
-    { { 0x55b1901d3649638eL,0x2e9929c416abaf64L,0x2d2b160ee9cd0090L,
-        0xb5ef6525f55f13ccL,0x447aacbe11c3e8a5L,0x2c54e602630cf4c4L },
-      { 0x3f6d99fc641d8eb3L,0x35386c1384877912L,0x7195db8973f31b6fL,
-        0x63297cb2d3a22085L,0xa627593833fe97cbL,0x2f9a6f0da1eaef0aL } },
-    /* 63 << 266 */
-    { { 0xb70d7683c63d6dd3L,0x60ea781084acedf1L,0x7646260c40d62cd0L,
-        0x687000b456142a6aL,0xce3c4728ccb9177bL,0x45377d059928c509L },
-      { 0x75cc40bb1a78af0dL,0x43a1661cc69e59fdL,0xf9bbcbf8044a943cL,
-        0x934fd40d7c372080L,0xb6edae96cb2eb940L,0xa02bb5fd6e063cc9L } },
-    /* 64 << 266 */
-    { { 0xac58c9e09db9ca19L,0xd308ea5d390054d0L,0x32ef4afc2cc42529L,
-        0x08bd48b397c2bdf9L,0xac8a7803a849e19aL,0xcd51c0da75c31496L },
-      { 0x733dc7def0e2d49fL,0x7c9caad1b44b8cc5L,0x6d9c5b0847be21a8L,
-        0xfab0fdc55ebf426fL,0xd60748caf94e9e5bL,0x3072e59269366089L } },
-    /* 0 << 273 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 273 */
-    { { 0xb06c17a3f0ef77c5L,0xc144e7846df6bf59L,0x2440ae990038aeb2L,
-        0x83bf711b58b402caL,0xb8763e00b577732aL,0x509e91eff651a932L },
-      { 0xbe02ab9d00ac109eL,0xfbcb426c8dfd78f1L,0x7ed272f64283f80fL,
-        0x098cf0572365da5eL,0xd90e6f1805dc6bebL,0x09ef177fcf7b9d72L } },
-    /* 2 << 273 */
-    { { 0x6f101762eeb791c4L,0x0d942184df261effL,0x2c58e2aaac1dc827L,
-        0x51410e89f835a1b6L,0x981333a7629915a4L,0x371891b60c14148dL },
-      { 0x4d20b3d3c0904446L,0xdda7ecc8949776d8L,0xa664b68c2a2645f7L,
-        0x7a6bc857add082eaL,0xe7467dc63e5ff206L,0x40a6c34004e2dfccL } },
-    /* 3 << 273 */
-    { { 0x3d0efae3106ba1a1L,0x9c717ca192d7be5aL,0xa5cb5a253f00eeeeL,
-        0xc2f9258cd86161ceL,0xd2b0865f5c4a389aL,0x8c06d7689b1f2159L },
-      { 0x5a758a612753107fL,0x5ab6449d0a539c19L,0x88655a4949d301c8L,
-        0x129647e61c4bb89bL,0x06f0665ec360259cL,0xcdba2f0b066197d1L } },
-    /* 4 << 273 */
-    { { 0xa235456903744726L,0xd2169e6dd8d275acL,0xab0c247b132c5689L,
-        0x129a5c9dcc4760bbL,0x03eba46726ae821bL,0x67a33fda3df1cf83L },
-      { 0x010813cfb8421b7aL,0x7b0f507098cd6d76L,0x907320b31fe4b600L,
-        0xda3bfeb398dd3239L,0x23f1ed1641abb34cL,0x01b30f29946f85f1L } },
-    /* 5 << 273 */
-    { { 0x97c5f1c7d3970d9fL,0xd051c518ac8e6227L,0x3f67b3958e87edacL,
-        0x3a5cbd287b9e4c17L,0x58c009e65671841dL,0x7bc5bddb518b3b39L },
-      { 0xe7a8a6335e74a614L,0xf92e4c226ed89a92L,0xd0d6e80a118e663dL,
-        0x33dba4f9dcbb4aecL,0x1d4cb3141f917417L,0xd8b17bfa3b0c5859L } },
-    /* 6 << 273 */
-    { { 0xc0fa0d21a093c3e0L,0xad34c41439e902a2L,0x81c8cd7599bc928bL,
-        0xf7f8be14cdbbe4d8L,0xe46268b5c2339529L,0xcdc54e348283ba7dL },
-      { 0x4c5cf62778904fe1L,0x056678c11b45e4d2L,0xb555ad6ad265abc2L,
-        0xb8f8ca3f830306efL,0x48c8764681c20e1dL,0x5bb0a529737a7944L } },
-    /* 7 << 273 */
-    { { 0xbd4c2bfc9cf6fc5fL,0x888885140577af66L,0xb5aa2f05f9e3f7c5L,
-        0xbd477bae64de6007L,0x1da5dcc9747e1224L,0xc2293d1732a15f5dL },
-      { 0x4dd9daed029d6cbaL,0xf51362d62cf299c7L,0xe1a4b5c4279cd1e1L,
-        0x4b129a5ea89acfffL,0x8292228ece1c8744L,0x5a440fa04fd12c86L } },
-    /* 8 << 273 */
-    { { 0x285248309666f8eaL,0xd579b3dfeff6502bL,0x3a66fa9900e4f78aL,
-        0xfd8a65bb54a3f7a3L,0x505d3f631965a79aL,0x9524972c1891469aL },
-      { 0x78367cbc3354da3aL,0xbfe1fe3de4941c6eL,0xe41bb3f6f5af173eL,
-        0x57cb03ca5ca36597L,0x27f86cb87b99f795L,0x5cae6514ad4dcef1L } },
-    /* 9 << 273 */
-    { { 0x4b43f0aef1743346L,0x1700581944324c46L,0x86c77197e3603fcaL,
-        0x230d516f4a6858aaL,0xee965b4ee7c56f7fL,0x4f4ed301dcefb75aL },
-      { 0x610b138c4a740b23L,0xda3996a83ffc3599L,0x930698fcb2d1c304L,
-        0xd55bdcd3702bf80dL,0xdf767c419e334726L,0x975352a9d0e819b6L } },
-    /* 10 << 273 */
-    { { 0xc117353b5e816653L,0x0c87bebe820641d5L,0xee588c6d9ecd29a1L,
-        0xacdfe622c70edf9bL,0xe8b8024cebae414bL,0xd0c426dc9bd7ceccL },
-      { 0x715cbc2efe735ce7L,0x8376edebc5e7017aL,0xe9b37efc07990dd5L,
-        0xc89e384ed8d75238L,0xbc594d218438ffb3L,0xbe77e4d4d3628473L } },
-    /* 11 << 273 */
-    { { 0xc53720cdd1b4f3baL,0xb8ac3b4fadf2a330L,0xcef037f5fe179e70L,
-        0x2743b382589d9147L,0x77a094d624423d58L,0x9e34c2e62a23d372L },
-      { 0x641ea760983a5893L,0x2211e6a49a81548eL,0x56578a1a48735310L,
-        0xedb91e03a57faa83L,0x4e14d5649b133629L,0x341f3ef957e82ff7L } },
-    /* 12 << 273 */
-    { { 0x4952a350d87a86c9L,0x08ed7da7034f45f9L,0x1e9ff8272bd716d0L,
-        0x2471fd15f1d9331fL,0x0c708362d7370b75L,0xaddedde6fc1a1051L },
-      { 0xf4475288db27b186L,0x5be4d46b3760bc11L,0xe44435d906d47ee1L,
-        0x865cf7c8d0b7c8a2L,0xdb412be08d31a252L,0x4b90a9322f24d71cL } },
-    /* 13 << 273 */
-    { { 0x71b84eed8f7a3ab9L,0xf41d7edb2dc18004L,0xe408156dcc4a02cfL,
-        0x0be155a25cd906caL,0xbf4b0f6991516399L,0x2ea85d434a7ff94dL },
-      { 0xf199b31da26e9974L,0xc584df250b805ae3L,0xd4e7e8597a3634daL,
-        0xf553f07770db4be9L,0x1cb1056fbf0dafa3L,0x235281b2a817d6edL } },
-    /* 14 << 273 */
-    { { 0xc3304e9260d2b80bL,0xab24dac9a38753bdL,0x40373d04cc1ebbf8L,
-        0xa5a162d3437e68d2L,0xc8018b1257e8db12L,0x0c99c6de9bb52643L },
-      { 0xafef0ff6ee24e63bL,0x329c46264bea9a14L,0x1b17d2e6effae4f9L,
-        0xd25b93aaee300afdL,0xe83bfdcba0d62da4L,0x5e919538fd787740L } },
-    /* 15 << 273 */
-    { { 0xf5bbb4fe196c38e7L,0xe0011deca5c75baaL,0x2e29fe59b835aa49L,
-        0xee22e2864230f17fL,0x8774214ff94c1060L,0x35bcca38e6d4c126L },
-      { 0x18d984dbb7c9d255L,0xb1d5515c9b63dc4fL,0x425360f12a0cb854L,
-        0x038c7f2317a1e286L,0x5e6b12ce951f18b2L,0xabfbde5ea65b1de3L } },
-    /* 16 << 273 */
-    { { 0x38a49bf555f0ad9fL,0x1a84c6b8f3618639L,0x5f709eca01b2f7c2L,
-        0xc479a6505be8359fL,0x6b6a22bfd6646b3fL,0xcce78878cc5b711bL },
-      { 0x8e7dbc63b446cc63L,0x231bd027218f800fL,0x2d3a7e04030271ebL,
-        0xb08b5978e22fb3c7L,0x860d62789be0d46cL,0x253a31c21d49a915L } },
-    /* 17 << 273 */
-    { { 0xab4dbdf36ebc28e5L,0x56d5fec527be58b5L,0x6e9375d3cf3fd509L,
-        0xfffea897ca4ddf48L,0x0a9542ae6a3757c5L,0xb9069a2e7d93911dL },
-      { 0x3e74ac5f3dc967b8L,0x99c38796ea8f5a21L,0x27797b97a6ddea53L,
-        0x9501e1c561dfcc1bL,0x568d3abe448e95c5L,0x021f8f4c0e7c186bL } },
-    /* 18 << 273 */
-    { { 0x98aa1f7a6e44f63dL,0x6451b170cb597ec9L,0xc0f6ee8721e13b78L,
-        0x36c3b9c751cfd003L,0xc31718ed2f610040L,0xdddabc6688c48009L },
-      { 0x5626f090a8369e4fL,0x0eccb1c06004a968L,0x2f0448035da2f1a4L,
-        0x5390b6dd3846a726L,0x5c4caffea24f3083L,0x3c9baac8c4842995L } },
-    /* 19 << 273 */
-    { { 0x58c5fd1205c7a75dL,0xa98007fd10866935L,0x91369e874acd567eL,
-        0xb7e05dc322c6145aL,0x24c949b4d949d8b2L,0xc5c574a590a6a437L },
-      { 0x4306f0334798d1d5L,0x82af09f4520e01b3L,0x53fab41b81247f00L,
-        0x3096ccf44ea93cbfL,0x9665e039f13ff09eL,0xb623f8b158e036d9L } },
-    /* 20 << 273 */
-    { { 0xbad6b669376bdc3fL,0xc4a8e7bc23a9ff38L,0x3f54d8c4555fb0a3L,
-        0xfb3d5e1d2b23db1bL,0x6379f78af0d7eba9L,0x36004febfa0beffaL },
-      { 0xdf0a373c334ff01aL,0x10314749dff12a1cL,0x1d52ddc7f184c1b3L,
-        0x79431663ab02d404L,0x1a6488c17f4d3795L,0x3363660f7cca9102L } },
-    /* 21 << 273 */
-    { { 0x1e4595c6db3e57d9L,0x49e3d3d9bfb94ec5L,0x4c720de1a4f12881L,
-        0x91a08340b06c64e6L,0x8e5c72f0ef0857deL,0x2c9b4cbc09bb76fcL },
-      { 0xd4262fe4b0bba8bfL,0x64c5fa1439fcd07bL,0x518da4de62904ceeL,
-        0x626182ebae4c9717L,0x900fe9f806351622L,0xf74aaa2241f9e4d7L } },
-    /* 22 << 273 */
-    { { 0x9d2c02839fabb29bL,0xb27ac46e172348cfL,0xddc6fb63de1f64b2L,
-        0x532dc953bb097c87L,0xc7f5180cdaa34e27L,0xf96e4ad755438893L },
-      { 0xc0b2eba324f54a0bL,0xeba396ce5b50d12eL,0x80b3a7f699772783L,
-        0xe2fa82ff3ff7df4aL,0x55375369a2359baaL,0xa28388ed856c05bbL } },
-    /* 23 << 273 */
-    { { 0x4432fe8495a2d064L,0x4c6380747fec6057L,0xc33705bb33cfb533L,
-        0x5e7fb7c976991cfeL,0x73d249bdb3ac1b6eL,0x963964c896aeddccL },
-      { 0x8c1abe0e56b71636L,0x6ebb841f38693cd1L,0x00ef6a7b60e7cf67L,
-        0x29ecded2c258bcb9L,0xb2d566a5e40fd26aL,0xa2910f4ed512abffL } },
-    /* 24 << 273 */
-    { { 0x56d6515604dc109cL,0xcd740cc809c1d307L,0xef9e049f10dfaeadL,
-        0x19750b3ae30b70b8L,0x11ed860015c6a562L,0x53bdf97e12097026L },
-      { 0x79559d056c0d908fL,0x8f1d75bab506d527L,0xd6fd7323ae8fb3c4L,
-        0x834639c9a4111f88L,0xfc69a029a310a683L,0xa4467bbb255f2e9aL } },
-    /* 25 << 273 */
-    { { 0xa809a063e9e3953fL,0x09242dc960dc53fdL,0xa48f52d00080c436L,
-        0x762a585dad2eb70dL,0xc6d52f047a3c6aa2L,0x1b6979dcbe60899cL },
-      { 0x7a07af246d760794L,0xa5b1f912ef5c1118L,0x36367e4375bb329eL,
-        0x594f349029e6bddbL,0x13cdc4aaa4a4f1edL,0xa7c3ff97b687a69dL } },
-    /* 26 << 273 */
-    { { 0x1e79881146f7c4c0L,0x25730855946abf8eL,0x1741fdeeaac2031eL,
-        0xef34715b72ea60b6L,0x378eb680350ddcfbL,0xe72ac880ec237141L },
-      { 0xb173251fff125bf8L,0x37ffb0cf4999b6daL,0x9eeb91a8817779f6L,
-        0xa9edff0ae93ed1f3L,0x31f2ca241d7772d6L,0xd25c3f3b97f67b92L } },
-    /* 27 << 273 */
-    { { 0xb6c4144381478e46L,0x7b53d46350cf8795L,0xe96e7cb9ca5bf2d2L,
-        0xc8fa39c695ac9ba6L,0x8ab037d12efc83d1L,0x0ccacbcc94bc2536L },
-      { 0x45e7c7c774038e13L,0x47d5b7292f5e344eL,0x2e0ffb2cb1eed282L,
-        0xfe88d3a88d5d0b37L,0x804b612e2487d971L,0x6f316d66c95d08faL } },
-    /* 28 << 273 */
-    { { 0x5f0a58a8a3526fecL,0x849c171b02f028c1L,0x34d77ce856a5d3b5L,
-        0x9701621754d5a92bL,0x0cce35c12cc5b70bL,0xd9d5a00ae83f1f4aL },
-      { 0x064223f826a0368bL,0x328a9f6940e16452L,0x3a6ac093d305ad2cL,
-        0x759d9a16beba7c44L,0x86021de7637ce7c8L,0x276bed61cc80c1ccL } },
-    /* 29 << 273 */
-    { { 0x5d4a529ef9822e60L,0xc6f2702006edd801L,0xb2511d84efa3d8d6L,
-        0x38cfba656a4c6598L,0x31a5779765c067a9L,0xcee558f387d2ca0aL },
-      { 0xf22345cff844260aL,0x29b6352a63d2ae75L,0x59dad0ab6cc9f2bdL,
-        0x615ad3599ae1bcb3L,0x3a29a237f692f42bL,0x543771c40f26163aL } },
-    /* 30 << 273 */
-    { { 0x427437e7d722576cL,0xc9d7ac7abb548ef5L,0x72f00f28c331a9e0L,
-        0x5d9327b564949b48L,0xea75f3b54e2bb808L,0x28acdea068678f8bL },
-      { 0xe9e787b20878223fL,0x213f47ff7e7b0a11L,0x5e967d39f277a3f7L,
-        0xe6651015d2006de4L,0x49b87e4bc44eb1e0L,0xf461bb76222cd3a2L } },
-    /* 31 << 273 */
-    { { 0xd6b9341fde60d963L,0xb1a8dd0d5319a930L,0xc4f18dc0aa6b20b5L,
-        0x787de2e7f23f4401L,0xc15b38eb28047029L,0x0bffc0b55c99d51aL },
-      { 0xf0310f39740b5798L,0xf69ea1064ed8d3bfL,0x545a54d79f6722aaL,
-        0xe5a9dee3af4017c2L,0x45efa2ec4a659592L,0xc5d64bedbed4e245L } },
-    /* 32 << 273 */
-    { { 0x66797f56bbe4bddaL,0xb92a369eda51b1a2L,0x18eef4a531adb034L,
-        0xcf1cb5ee5d185cfcL,0xf596a59bbd53c27bL,0x1e1dd6f569002569L },
-      { 0xd9433e797687e48aL,0x7d8d24c20cbcb9ceL,0x233cd7ed65d68ecdL,
-        0x201bbe09fb2aded8L,0x987f4975ac9b750eL,0x949da385337f7f25L } },
-    /* 33 << 273 */
-    { { 0x31439e35b95fd11dL,0xf97e8fa4b691fb77L,0xcfdc02956d4ac378L,
-        0xd31bc3b0d1a617c8L,0xd857098204bd015bL,0x30cca6efd6198f0dL },
-      { 0x6a52650a805964edL,0xb656d7abd060eeb3L,0x5267f37ed38a9218L,
-        0x5f28a2ecd3d6a193L,0xb7dc6e916d0d9c9eL,0xa7f84e4b219d45c6L } },
-    /* 34 << 273 */
-    { { 0x550ef2713398c3dfL,0xfe184954307631a8L,0x02cef50606e5cde4L,
-        0x9687a39c10f11703L,0x02c35937acb10b97L,0x835b00fd13e3d219L },
-      { 0x5828678b584d1abaL,0xbe55fb9cc9b40568L,0xe5a4a90e8fe19e84L,
-        0x91e24c9248989b77L,0x094f9e7ae3d5f4fcL,0xfe9bdfb9759029b5L } },
-    /* 35 << 273 */
-    { { 0x43b1f8b9c1de72e9L,0xcbc8e0d4a3bdb164L,0x5c45d3dfbcc2e5bdL,
-        0xb5137b69247bef53L,0x6d889f5673794e3cL,0x43e2fc9b1e2dfdc1L },
-      { 0xda15dc5da995d3adL,0xa0db9f5ec43d86e0L,0xc42a144bcaac3bbfL,
-        0x3c855fb174c43eddL,0x0731f33152688272L,0xc1f23e5643d7762aL } },
-    /* 36 << 273 */
-    { { 0x00c2ee1c9c7de99fL,0x28a7461d15e50391L,0x1bdc0e32a1c77952L,
-        0xe98242c4d53d640dL,0x1a4724d2cf153c7dL,0x194e5dccba477d46L },
-      { 0x871c8cfe3a0d4ccdL,0x62010af09af451fbL,0x9b354f9e6ddec75cL,
-        0xe5db0a5d680e3511L,0x183d1270d247745bL,0x9910867aeecf52dcL } },
-    /* 37 << 273 */
-    { { 0xa970903e8bc2003aL,0x0f8bcfa4a3cf29bcL,0x7054f69e683a7ddaL,
-        0x53928bf1ece30167L,0x2588bdf1ffffea87L,0x01683b5ed7172ad4L },
-      { 0xa0ac85379de7e713L,0x217bcdfe9b0442bcL,0xba46b8f64d4adb3eL,
-        0x320580990a9f8ecdL,0x0173b7bea504bdc5L,0x15321aeb82b1606fL } },
-    /* 38 << 273 */
-    { { 0x4f349e5f6e39d625L,0x37cbd935b80760d6L,0xb8657ee14b1e84c2L,
-        0x502954064cb84bdeL,0x66d678cce8d23ef5L,0xcba173713ec3b79cL },
-      { 0xed7ab3e526e3cee5L,0x34c68c516c44ef0cL,0xd704e724f8fdd226L,
-        0x2fa0d2dd3a9b40a7L,0x373c5c70a23be590L,0x0beb611bda9f7f7dL } },
-    /* 39 << 273 */
-    { { 0xef506531913bc31bL,0x31210c5f8c320074L,0xb42faf19b861acc1L,
-        0x26f09b89e041e774L,0x23fec89822f84c93L,0x9f8b9d708ec590bfL },
-      { 0x604d7d2952644790L,0xb77e3136a2339c53L,0x17f1d7a920f2fc09L,
-        0x8c6435d9e6bb96eaL,0x5cafeb5f3711b8a7L,0x1ec6c4edfa23ca24L } },
-    /* 40 << 273 */
-    { { 0x6fb6b7bc0410ca0bL,0x0e16eed2b3c13935L,0x98ad89d8316ff531L,
-        0x4800ee179894d65fL,0x034ea3c448280170L,0x8126d12dc30be537L },
-      { 0x43c2d27e5120e525L,0x96a5d498ee65df90L,0x654540105eaef29aL,
-        0x1d8f07a17b678fc7L,0x54bc6f737b301270L,0xe58a8102e9473365L } },
-    /* 41 << 273 */
-    { { 0x1fa3a458aaaf79f6L,0x1d14ff613a1b7c64L,0x32c7da68f22ddb3cL,
-        0x7b2345ac58cff63fL,0x214e6d9dce3c3af9L,0x36fba0b78b6691deL },
-      { 0x69fd813cee1a30abL,0x50daffe91adf6215L,0x55b34de692871a84L,
-        0x437f1b4b7ff3ea1aL,0xc3258ca580ff1c23L,0xdc220ffbc6d0b822L } },
-    /* 42 << 273 */
-    { { 0x93e56b47ad910b37L,0x8cbce4815d20d236L,0x25b50cac5872d763L,
-        0xb50aa752d8505696L,0x02075e6d6f42b533L,0xf0b34a178f8d8352L },
-      { 0x59f2feda5234531bL,0xb23e1da1751127c8L,0xe1f65e08b6759ccdL,
-        0x47d8631c352e9500L,0xab10d299c13feb16L,0xf9e916a3e5c6a220L } },
-    /* 43 << 273 */
-    { { 0x55899ffdc06f1b65L,0x4f9ec6e011899630L,0x0df97edc50a29319L,
-        0x5c4a10ea5e66f0adL,0xea7b4497aa3d14e9L,0x484d8f64d22cc470L },
-      { 0xd7fd252240a61a0bL,0xebd9f49d42d04a79L,0xf18ba2ec312ddb99L,
-        0x687273ec2dce1351L,0x68d8b052d0220e57L,0x2c0ecd6b05a7e3dcL } },
-    /* 44 << 273 */
-    { { 0x460c29904ac6cf02L,0x01482cfa420a35b7L,0xf793933a34680972L,
-        0x2cd1f50017e2367bL,0x2411c3523944f060L,0x3d58b97411c06b05L },
-      { 0x4552e369cddebb3bL,0xe1c38aec009aeab9L,0x9d34737c353b6e4fL,
-        0xf2c99e2cb16d7b0cL,0x57029fa47bbba6a2L,0x0565d1bcd13ef64dL } },
-    /* 45 << 273 */
-    { { 0x93a50cc7eb0112a9L,0xa0d4419984a59bdbL,0x04b9538c82d01160L,
-        0xdb1d33e163a8d5a3L,0xa710beff08d3effeL,0xc2f37326f9bf02f4L },
-      { 0x606b6b5555d26856L,0xf528d22a427fe3d7L,0x31b20fac84fb5086L,
-        0x27129aa592f7e7bcL,0xd88f0d4f44171b33L,0x9b045c897915ede1L } },
-    /* 46 << 273 */
-    { { 0x0b15ebebcbe014d6L,0xa4f1504e68d24086L,0xbcf475c979d7c8b6L,
-        0xd61b92a8d00a6890L,0x78e096742ee24533L,0x6fe9fe6099656101L },
-      { 0xc9542f53e5e63e28L,0x59ec39e12edf3a80L,0x8fe57ffe24ad9280L,
-        0xbae0671bf4b9b024L,0x76e36c14d5816ae9L,0xe53256d4805f8688L } },
-    /* 47 << 273 */
-    { { 0x006956bfcf9e545bL,0x7829ed13e8fa2ee4L,0x1b108d77d4dd6f85L,
-        0xf51217bb17045f1aL,0x48c4802986141bd6L,0x8d59b995f8820213L },
-      { 0x8439949ffc298a9eL,0x967fdcb278188d77L,0x5bbdfd296f35c711L,
-        0x25b37e5df8e62607L,0x18f5c4251795cccaL,0x260f075af0e35ff5L } },
-    /* 48 << 273 */
-    { { 0x3561b3fea329deb1L,0xfdca0e34f1c3c3e4L,0x4374831347fb79d6L,
-        0xa7f497e1c48002edL,0x86221cce2c44dcb0L,0x65e3f04643785e06L },
-      { 0x9ee9061fdf4cf461L,0xc7479e8cf022d27aL,0x1d8de85b76f7f52bL,
-        0x39a713c90fd6c65fL,0xf74ca067711f8a39L,0xad1119ad8ebc640aL } },
-    /* 49 << 273 */
-    { { 0x43d9bcba57ec124eL,0xbce6aed98cc29801L,0x1dbb88c72632e757L,
-        0xe88f49e891f550e5L,0x056f67da7b6e1b05L,0xa503271082a027bbL },
-      { 0x8471fa55c91844a9L,0x882f25b628479daaL,0x96f606dfa9c23504L,
-        0x6a42d307fb7fa83dL,0x531c8a5cea310e34L,0x7e2d20565b2e42f0L } },
-    /* 50 << 273 */
-    { { 0x547047862e8c467eL,0x26f5efc690e52377L,0x762d8f767f6e71afL,
-        0x5fc1bd13917ff587L,0x487f6c63fb696a60L,0x889a1dcc3afd2aebL },
-      { 0x7407d0a0adcf4b35L,0x8f6c9aef91024ecfL,0x3384f1c03e5d9da0L,
-        0xf87acb00b846d122L,0x6d86aebddceb383aL,0x6a5a90cda8f2d076L } },
-    /* 51 << 273 */
-    { { 0xddff7aa3feb71de1L,0x431e106be44644a9L,0xafe96f8ed5190b4bL,
-        0x31a4dfe40ab42a27L,0x0e2d0cc435762eccL,0x7c928cd91fefb256L },
-      { 0x5f33c775daeb94f9L,0xa7a91f8894c239b7L,0x6bf418fb4deda3c9L,
-        0x91ad6e99eefd4f99L,0x7aae05559c25448fL,0xfb7ed9df487b4deaL } },
-    /* 52 << 273 */
-    { { 0x59753bf68ba85dffL,0xec8b82efd1c89bceL,0xd7f1a651b8b6a683L,
-        0x9c329bf36f84416dL,0xaecbf4b9e68db225L,0x94ec3b0f5a614d23L },
-      { 0xbcb6672593a9543dL,0x90c46c46f19132edL,0x4767c73c950b080fL,
-        0x0b9b143e971fd9e5L,0xbce6886f8ec8c68dL,0x167b0f8ad47f512eL } },
-    /* 53 << 273 */
-    { { 0x51517f9481819dd9L,0x2c2640a0fdd7cef9L,0x59283faabf98b8ffL,
-        0x39713768a46ad877L,0x13d9c0e6834dcf0cL,0x38c85473cc7acaddL },
-      { 0x7b58c7666971a512L,0xbe46a58c2a38e57eL,0x3d26d0a06972e213L,
-        0x2341769b63cd0aabL,0x4a293dd0e86307eeL,0x8d1e338d264c81a1L } },
-    /* 54 << 273 */
-    { { 0x66eb8beab2d5b430L,0x50b4af4382136220L,0x6644e673e79d0b5bL,
-        0xe64cdf10f9fa7610L,0xf1dea591132ff33dL,0x07791ab6b926c725L },
-      { 0x6c41b4f383f60e02L,0x54bc9049977519c3L,0x618a6f3c2aef73a4L,
-        0x42cfc9d26fa4ca2bL,0x2784db71a39a215dL,0x378071655cc85253L } },
-    /* 55 << 273 */
-    { { 0x9cc3ada3554a7f23L,0xa822f9f21c3d0003L,0xb1654da7303123f7L,
-        0xbe33e388f0d8c4a1L,0xd8919c79be4366e8L,0x5a41c92cfe292117L },
-      { 0xc4b02d0678c325c2L,0x89eaf4356d511c4aL,0x726fb6d65fda70a0L,
-        0xaf7949a0183abdf1L,0x3410915d26f8f929L,0x36b3aeb281f0f83dL } },
-    /* 56 << 273 */
-    { { 0x1942c2ffcd74009dL,0x71c4d5f5e9c286a4L,0xf3c152b5771a5972L,
-        0x4cfb1e74363c2048L,0xcd2ce8249ddb8da2L,0x5d97c8e0a5ee443dL },
-      { 0x6fa84b3d68d7b3d5L,0x97eaa76d9ce14ec3L,0x2e4571368e13869dL,
-        0x39ac6a0c96f0f8a1L,0xe24458ac42d93dc0L,0x7eb3689d5f60bec9L } },
-    /* 57 << 273 */
-    { { 0x75592736bce6ebe3L,0x84001a886777bd90L,0xe82739774a31ca6bL,
-        0x6906baf0a8e0dd38L,0x92af56d0848d0c92L,0x7ae700c6501326d0L },
-      { 0xce418817470339a9L,0x4354d7928e448dfeL,0xc8f593afa48e3148L,
-        0xdd5fee34db1a96b2L,0x5974e81e357960c2L,0x7326bf016306fdabL } },
-    /* 58 << 273 */
-    { { 0x74183618de017cd9L,0x939c7975dcfe6dbfL,0xcad9f8a108ec41e5L,
-        0xd9edb91d391afcddL,0xadf1f18c7c4a3f03L,0x0566d3e8ab477304L },
-      { 0x32ae20464c19c62cL,0xfa15fdcb252c8c4eL,0x2ed4767e91de2794L,
-        0x622e4f38507f8067L,0xd647242bc68ac330L,0x0650e0a9fc1ccf29L } },
-    /* 59 << 273 */
-    { { 0x6ecd68a086085cc3L,0xb463f4c165c0cc54L,0x3182cc5c480bc57dL,
-        0x8f16f2038e6d9267L,0x8c92e446df0d0ee9L,0x7da6001ba4d09789L },
-      { 0x596390ff976ee9d0L,0x12b8f9dee4c0fd5fL,0xad08673f297b10f2L,
-        0xc8e9097c7b524a51L,0xd494f0d3009cf47cL,0xf535c07abcdd1b68L } },
-    /* 60 << 273 */
-    { { 0x29544fe8588360ecL,0xa1aa9b9fffb550eaL,0xe1f6cf994af4d28dL,
-        0x723d48b00c6fd477L,0xf51f1b2f5c81b252L,0x88ec11c04f5a33eeL },
-      { 0x7747f0432cd72de4L,0xcca69b0ad71c92c1L,0x9455d86e4e8cc763L,
-        0xc9e0aa1bc08444e0L,0x93803b68e8fffa63L,0xc296af292d781b7dL } },
-    /* 61 << 273 */
-    { { 0xb1891a2b17329e31L,0x87c2a49056e36717L,0x8c2a50fafd26d8b3L,
-        0x017e4e417e3c5a5fL,0xbeb4fad0506c382eL,0x5d3e8b16fc281ec9L },
-      { 0x407f7598890e57a0L,0xda855e8b340cd6d6L,0xb9393129ff388d54L,
-        0x41113ffdcf355d9eL,0x31d3bb09b357c28dL,0x975bdf00fd39e481L } },
-    /* 62 << 273 */
-    { { 0xbfb0c87e10a1b4f2L,0xfaf51153dc2fcc04L,0xd2588e39d6b98d81L,
-        0x5de5b0eb4953133dL,0x6b65d8135b959ed6L,0x864511dc02eb45bdL },
-      { 0xb1dcb4d3d7ce20bdL,0x917bcd0987587230L,0x0935790f83a79453L,
-        0xdc65862e54b35d76L,0x4cd2332ba6d1eeeaL,0x0706fcd030d315b5L } },
-    /* 63 << 273 */
-    { { 0x7c91adb3adf2d8d1L,0xfe1549c24a212fd3L,0x8a7cc285c33213b3L,
-        0x26643cfd3e56d17bL,0xcc007c15684c872fL,0x485643e009e554f3L },
-      { 0x7f5e9a6ec6569206L,0x252b5393c2f596d6L,0xf7eef1dbbf9cdea5L,
-        0x611ee7334dffab46L,0x8d93802a805e976cL,0xd07c0ac6f85c939cL } },
-    /* 64 << 273 */
-    { { 0x514cc1dcb08d2d0eL,0x4e6b379e30e93536L,0xf0e422ac2fc9230fL,
-        0xaa50a1ad92e23e21L,0x70ac46d8676d1ac0L,0x698b9991f9f54493L },
-      { 0x59a6b86a8649519fL,0xc1f11ad6e3511da4L,0xd3d9cff13192968cL,
-        0x13e700b40b342dd8L,0xfd5dc7bb3b1da441L,0x02426e7c2c883760L } },
-    /* 0 << 280 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 280 */
-    { { 0x9e9af3151c4c9d90L,0x8665c5a9d12e0a89L,0x204abd9258286493L,
-        0x79959889b2e09205L,0x0c727a3dfe56b101L,0xf366244c8b657f26L },
-      { 0xde35d954cca65be2L,0x52ee1230b0fd41ceL,0xfa03261f36019feeL,
-        0xafda42d966511d8fL,0xf63211dd821148b9L,0x7b56af7e6f13a3e1L } },
-    /* 2 << 280 */
-    { { 0x3997900ecc8998d6L,0x8fa564b7baa60da1L,0x71bf5b0a661f3c57L,
-        0x44b13388aab1292bL,0xcbe80cb9d4d993f2L,0x0b19b4c92203f966L },
-      { 0xbc82a6520080f259L,0x870ebc08ad96dea3L,0xa388c7e7502f0003L,
-        0x9c704ef056a38f73L,0x93cde8a73487d9b0L,0x5e9148b0ec11a1f3L } },
-    /* 3 << 280 */
-    { { 0x47fe47995913e184L,0x5bbe584c82145900L,0xb76cfa8b9a867173L,
-        0x9bc87bf0514bf471L,0x37392dce71dcf1fcL,0xec3efae03ad1efa8L },
-      { 0xbbea5a3414876451L,0x96e5f5436217090fL,0x5b3d4ecd9b1665a9L,
-        0xe7b0df26e329df22L,0x18fb438e0baa808dL,0x90757ebfdd516fafL } },
-    /* 4 << 280 */
-    { { 0x63f27a25a748b8f5L,0x68c8f3ec2cd246c4L,0x5d317cd965f9ce38L,
-        0x162c92e0635ba300L,0x5259f64ffe343662L,0x4a6b2b668e614ac8L },
-      { 0x97fb55bb01177c3bL,0xfb586c21a705cb01L,0xa57e732578061824L,
-        0x892f6b386c1e6306L,0xf12e4c072367b14cL,0x580d5fe2c83a48c5L } },
-    /* 5 << 280 */
-    { { 0x1e6f9a95d5a98d68L,0x759ea7df849da828L,0x365d56256e8b4198L,
-        0xe1b9c53b7a4a53f9L,0x55dc1d50e32b9b16L,0xa4657ebbbb6d5701L },
-      { 0x4c270249eacc76e2L,0xbe49ec75162b1cc7L,0x19a95b610689902bL,
-        0xdd5706bfa4cfc5a8L,0xd33bdb7314e5b424L,0x21311bd1e69eba87L } },
-    /* 6 << 280 */
-    { { 0x6897401cea2bafb3L,0x7b96ecc215c56fe4L,0xe511b32939e2b43bL,
-        0x39522861bf809331L,0x815f6c1dc958f8f4L,0x2abbdf6bc213e727L },
-      { 0xeb09ae59c39bc01fL,0xffe3b831676b56a5L,0x8f4815a2a20f86c6L,
-        0x748a17669aa30807L,0xf1f46a211b758878L,0xbd421fe76f6fc3d7L } },
-    /* 7 << 280 */
-    { { 0x75ba2f9b72a21accL,0x356688d4a28edb4cL,0x3c339e0b610d080fL,
-        0x614ac29333a99c2fL,0xa5e23af2aa580affL,0xa6bcb860e1fdba3aL },
-      { 0xaa603365b43f9425L,0xae8d7126f7ee4635L,0xa2b2524456330a32L,
-        0xc396b5bb9e025aa3L,0xabbf77faf8a0d5cfL,0xb322ee30ea31c83bL } },
-    /* 8 << 280 */
-    { { 0x300b04840d6ded89L,0x0b1092cbc3ab55edL,0x17d9c5420cc10a74L,
-        0x7f637e84eff9d010L,0xd732aa1e27aa1285L,0xedb97340e2a77114L },
-      { 0x62acf1585ef4dfb0L,0x1e94fc6eba1d7b81L,0x88bec5d22e6eb2dbL,
-        0xaec272028d18263dL,0x4b687353e4bbd6acL,0x031be3510ff7e4c0L } },
-    /* 9 << 280 */
-    { { 0x048813847890e234L,0x387f1159672e70c6L,0x1468a6147b307f75L,
-        0x56335b52ed85ec96L,0xda1bb60fd45bcae9L,0x4d94f3f0f9faeaddL },
-      { 0x6c6a7183fc78d86bL,0xa425b5c73018dec6L,0xb1549c332d877399L,
-        0x6c41c50c92b2bc37L,0x3a9f380c83ee0ddbL,0xded5feb6c4599e73L } },
-    /* 10 << 280 */
-    { { 0x6c00f388f086d06cL,0x17ee45035add0cf4L,0xf96984c707caf89cL,
-        0x9d49d667648ed5e9L,0x3ef95015a0164881L,0x39e28e447d9c651fL },
-      { 0xb13ad24059f37780L,0x08cee349b9522225L,0x9245ee6f2ba1b214L,
-        0x12bedaa9a886d8d2L,0xe139ae08fcb8186fL,0x99203fb6fc2ef864L } },
-    /* 11 << 280 */
-    { { 0x14d34c210b7f8354L,0x1475a1cd9177ce45L,0x9f5f764a9b926e4bL,
-        0x77260d1e05dd21feL,0x3c882480c4b937f7L,0xc92dcd39722372f2L },
-      { 0xf636a1beec6f657eL,0xb0e6c3121d30dd35L,0xfe4b0528e4654efeL,
-        0x1c4a682021d230d2L,0x615d2e4898fa45abL,0x1f35d6d801fdbabfL } },
-    /* 12 << 280 */
-    { { 0x3c29284764c9323dL,0x40115a890491f77dL,0xec141ade2d7a05f5L,
-        0x0c35e4d9222a5f9fL,0x5ea51791442a3e9bL,0x17e68ecee51b841eL },
-      { 0x415c0f6cd6ae9174L,0xe6df85f89ffd7595L,0x65fc694f8dedf59cL,
-        0xc609503efee92718L,0x57d2592e97d565aeL,0xb761bf157e20862bL } },
-    /* 13 << 280 */
-    { { 0xa636eeb83a7b10d1L,0x4e1ae352f4a29e73L,0x01704f5fe6bb1ec7L,
-        0x75c04f720ef020aeL,0x448d8cee5a31e6a6L,0xe40a9c29208f994bL },
-      { 0x69e09a30fd8f9d5dL,0xe6a5f7eb449bab7eL,0xf25bc18a2aa1768bL,
-        0x9449e4043c841234L,0x7a3bf43e016a7befL,0xf25803e82a150b60L } },
-    /* 14 << 280 */
-    { { 0xd443b26582376117L,0xb91087c11a1beb0dL,0x3fe62a6545cc5951L,
-        0x49c754bce6e472d5L,0x7e60bb8177c424ebL,0xbcd4088e830cbb97L },
-      { 0x3da5c94eba26df7bL,0x508b4f55f72b4338L,0x409c5c7469ad7784L,
-        0x82e5f1b0fdf44d6aL,0x10654a1ceed2766fL,0xef1e65faa6e83f4aL } },
-    /* 15 << 280 */
-    { { 0xe44a2a57b215f9e0L,0x38b34dce19066f0aL,0x8bb91dad40bb1bfbL,
-        0x64c9f775e67735fcL,0xde14241788d613cdL,0xc5014ff51901d88dL },
-      { 0xa250341df38116b0L,0xf96b9dd49d6cbcb2L,0x15ec6c7276b3fac2L,
-        0x88f1952f8124c1e9L,0x6b72f8ea975be4f5L,0x23d288ff061f7530L } },
-    /* 16 << 280 */
-    { { 0xa6e19d0a5f56dc3cL,0xe387e2690b88326aL,0xef7380950ee527a4L,
-        0x78b7174b7c4278a6L,0xc133d867e70798ffL,0x9d0fef759e9230caL },
-      { 0x7431eef01a955ab9L,0x3772e7038868d922L,0xf7a4306a8d6af3f7L,
-        0x633bb5a0bbec076aL,0x6d07623e7a257ca3L,0xffb5e16521c00663L } },
-    /* 17 << 280 */
-    { { 0xebfe3e5fafb96ce3L,0x2275edfbb1979537L,0xc37ab9e8c97ba741L,
-        0x446e4b1063d7c626L,0xb73e2dced025eb02L,0x1f952b517669eea7L },
-      { 0xabdd00f66069a424L,0x1c0f9d9bdc298bfbL,0x831b1fd3eb757b33L,
-        0xd7dbe18359d60b32L,0x663d1f369ef094b3L,0x1bd5732e67f7f11aL } },
-    /* 18 << 280 */
-    { { 0xfab0ce2bee1ae33dL,0x7bf9f90b4c5692e3L,0x131a4374d776d6caL,
-        0x6ba40908a2b135afL,0x5c4ab997e1334bf8L,0x9eb442d07af584e9L },
-      { 0xd764c506786391c1L,0x07f24c6bbcf6ab3aL,0xf73c7924fad8e1bbL,
-        0x79f624acb7583623L,0x2b032021b44c14d3L,0x7cc0ae8dbf58ff99L } },
-    /* 19 << 280 */
-    { { 0x3c7fb3f5c75d8892L,0x2cff9a0cba68da69L,0x76455e8b60ec740bL,
-        0x4b8d67ff167b88f0L,0xedec0c025a4186b1L,0x127c462dbebf35abL },
-      { 0x9159c67e049430fcL,0x86b21dd2e7747320L,0x0e0e01520cf27b89L,
-        0x705f28f5cd1316b6L,0x76751691beaea8a8L,0x4c73e282360c5b69L } },
-    /* 20 << 280 */
-    { { 0xe4d7c8b88929c133L,0xe5f96bef92a813c7L,0xdb8ab0af71c18e09L,
-        0x0db6ff287dae63b4L,0x54d1fac49a1eaa73L,0xadbcfdf59180c980L },
-      { 0xd3220f300b584314L,0xa24e4d1cca3697c7L,0x4ade8c7fa44f8067L,
-        0xbd8bc81aca21ac17L,0x303a2f9fc1d361cfL,0x55648b65c71cf031L } },
-    /* 21 << 280 */
-    { { 0x46bcc0d5fd7b3d74L,0x6f13c20e0dc4f410L,0x98a1af7d72f11cdfL,
-        0x6099fd837928881cL,0x66976356371bb94bL,0x673fba7219b945abL },
-      { 0xe4d8fa6eaed00700L,0xea2313ec5c71a9f7L,0xf9ed8268f99d4aeaL,
-        0xadd8916442ab59c7L,0xb37eb26f3f3a2d45L,0x0b39bd7aa924841eL } },
-    /* 22 << 280 */
-    { { 0x6f8135c7ce89e8daL,0x21ac20d9d6b5948eL,0x1dc4d48b31cefd7eL,
-        0x3d34bc2a4a347926L,0xadcd11be8f614fd6L,0x77148b08a8ea116aL },
-      { 0x7afc75fcfce1d3f5L,0xa9e0557d7d9a8ea3L,0x640cb5850cc864ecL,
-        0x5811ba842eb332c7L,0xb6c10b6efdb668c4L,0x24d8b10f99f5f6c7L } },
-    /* 23 << 280 */
-    { { 0xd811eb32e03cdbbbL,0x12055f1d7cc3610eL,0x6b23a1a0a9046e3fL,
-        0x4d7121229dd4a749L,0xb0c2aca1b1bf0ac3L,0x71eff575c1b0432fL },
-      { 0x6cd814922b44e285L,0x3088bd9cd87e8d20L,0xace218e5f567e8faL,
-        0xb3fa0424cf90cbbbL,0xadbda751770734d3L,0xbcd78bad5ad6569aL } },
-    /* 24 << 280 */
-    { { 0x391fa3cd8d075ec5L,0x54d45020c84c81e5L,0xdead561a79fad87cL,
-        0x0ab3c8544e7ffc48L,0x5967f8ebff02706cL,0x8860de795d31ec98L },
-      { 0x7476459c6c8a1c25L,0x8d9c484082f16117L,0x5c1b13b33b413429L,
-        0x1962a435601b5906L,0x78b9d382e006929dL,0x1924e979e5897b16L } },
-    /* 25 << 280 */
-    { { 0xcadb31fa7f39641fL,0x3ef3e295825e5562L,0x4893c633f4094c64L,
-        0x52f685f18addf432L,0x9fd887ab7fdc9373L,0x47a9ada0e8680e8bL },
-      { 0x579313b7f0cd44f6L,0xac4b8668e188ae2eL,0x648f43698fb145bdL,
-        0xe0460ab374629e31L,0xc25f28758ff2b05fL,0x4720c2b62d31eaeaL } },
-    /* 26 << 280 */
-    { { 0xef1001dfbdb22e61L,0x1626bd9af384bbf5L,0x33f42d385fe8ae07L,
-        0x59646c42b7218d21L,0x5e27210e6a016f5dL,0x3e9ecf07094481c3L },
-      { 0xf91609c1f50cc2dcL,0x8bf8c05ad0d43633L,0x9d508972e74ab746L,
-        0xb625887a33f628b7L,0x557bd493e733952fL,0xd35f450b8981dcfbL } },
-    /* 27 << 280 */
-    { { 0x4603cdf413d48f80L,0x9adb50e2a49725daL,0x8cd3305065df63f0L,
-        0x58d8b3bbcd643003L,0x170a4f4ab739826bL,0x857772b51ead0e17L },
-      { 0x01b78152e65320f1L,0xa6b4d845b7503fc0L,0x0f5089b93dd50798L,
-        0x488f200f5690b6beL,0x220b4adf9e096f36L,0x474d7c9f8ce5bc7cL } },
-    /* 28 << 280 */
-    { { 0x531c43cdb63f3d28L,0x01289772429708dfL,0xb0ee772ccdb60078L,
-        0x4131f5cd5f1a6e72L,0xd9d0f8c6a0da0112L,0x58efddd204e957b1L },
-      { 0x18857c0c32840c31L,0x00825340c4068b2cL,0x0a9217a771ff8800L,
-        0x69b19e6415530b80L,0xa28e274ee125e3f2L,0xb471a91bc9bfc846L } },
-    /* 29 << 280 */
-    { { 0xfed8c058c745f8c9L,0xb683179e291262d1L,0x26abd367d15ee88cL,
-        0x29e8eed3f60a6249L,0xed6008bb1e02d6e1L,0xd82ecf4ca6b12b8dL },
-      { 0x9929d021aae4fa22L,0xbe4def14336a1ab3L,0x529b7e098c80a312L,
-        0xb059188dee0eb0ceL,0x1e42979a16deab7fL,0x2411034984ee9477L } },
-    /* 30 << 280 */
-    { { 0x01d04fe04ce2d199L,0xf434bcfd0517c7ebL,0x82f3aca4a7659a94L,
-        0xf436a7781ff015c9L,0xf5143391d6223e5cL,0xba66c6a2ecb5c340L },
-      { 0x080f158a4b23a041L,0xb401094cb699acafL,0x1c57626c677491dbL,
-        0xfb39e317d42d86dbL,0x19e2ca804f6b3354L,0xe919c4c3c1d41ef3L } },
-    /* 31 << 280 */
-    { { 0xd65246852be579ccL,0x849316f1c456fdedL,0xc51b7da42d1b67daL,
-        0xc25b539e41bc6d6aL,0xe3b7cca3a9bf8bedL,0x813ef18c045c15e4L },
-      { 0x5f3789a1697982c4L,0x4c1253698c435566L,0x00a7ae6edc0a92c6L,
-        0x1abc929b2f64a053L,0xf4925c4c38666b44L,0xa81044b00f3de7f6L } },
-    /* 32 << 280 */
-    { { 0x35ae891bbb71e9b0L,0x1f6ce6ca522b77f0L,0xc2dab3cae63745c4L,
-        0x55b8c185f218d139L,0x6ab039c889f3b0e2L,0xd9e25bfdc644c3faL },
-      { 0xc8496f203e2ed47bL,0xc395ec028d67e17cL,0x5c67839292114918L,
-        0xe962e52fef73f345L,0x3818baf354fcfb22L,0x4d75d65d9d4bc911L } },
-    /* 33 << 280 */
-    { { 0x10078824eb7ff5fdL,0x50c65328735ef75fL,0xdfc04d53ec980ba2L,
-        0x4bfb260f2d519cf5L,0x1f03dff15c854667L,0xd1ad2231badb625cL },
-      { 0x986064d0be9f7f03L,0xe5ff93e5c13f7d0dL,0x02682a1896e26a17L,
-        0xc421567c817ec3cdL,0xb740652352615c25L,0x6800a8335d135eebL } },
-    /* 34 << 280 */
-    { { 0xde57575b17d8ec5cL,0x72e2257578aeb9bbL,0xce73fa7731605c27L,
-        0x2f286b79ae77436cL,0x5e78fbb77f4e6997L,0xb03c888e474f23a7L },
-      { 0x4bb302a3e38927ceL,0x39c6de5f6e1514ceL,0x9daa0ad349b2ddbdL,
-        0x98fd2377d683dffdL,0xbefa4ae5933476edL,0x4ad53d01173f49edL } },
-    /* 35 << 280 */
-    { { 0xdfafc70e44b89837L,0xe0104b9c4935fa88L,0x7625d9d92fd702e2L,
-        0x27461e6549af2219L,0x4a279383ad3f36edL,0xd87e246b9204e857L },
-      { 0x8d832190ab1727d9L,0x59205cd82182e291L,0xb96a1d15a6513613L,
-        0x1c7de3cc49cc8ddcL,0x637ea26af17ab785L,0xc098bb7a09a3ba58L } },
-    /* 36 << 280 */
-    { { 0xfb5383cc31bd4f68L,0x6fd5aee3d96a1899L,0x4e39d6eb01d5430eL,
-        0x12679565ca5a2848L,0xa399e83f062b44fbL,0x3ee2432f3c166682L },
-      { 0x57229c841de47708L,0x40a5d0cbba528a61L,0x4bae36be8239e7baL,
-        0xddac65a2f8087427L,0xfd516d1a3cc61266L,0xc89542b5bcef98b1L } },
-    /* 37 << 280 */
-    { { 0x3fc8d1b2d49cc0eaL,0xfc591f7f7bca4d23L,0x5f48e27c41fefdf3L,
-        0x5ca1d08a1039419dL,0xd450c1bddc8042ceL,0x6760e23fb436fc4bL },
-      { 0xc5642797c06bb34bL,0xb787cd53fde06d4dL,0x2926360ccbf144b0L,
-        0xb63756f4dce32421L,0x0878deab774abc4aL,0x2d97c7919a4e142aL } },
-    /* 38 << 280 */
-    { { 0xf58389ff105c818eL,0xfa29f1eb585fa7f0L,0xb6da09b5917e8924L,
-        0x1375c3047e7a3f49L,0x9b4792b289cfa1c0L,0x92094a8535571cc7L },
-      { 0xf986ccf6051e5e50L,0x55ea34d601df6babL,0xe65989eed1363333L,
-        0xd94bbd918c84e20aL,0x9a4f71dc49e39b8aL,0x6d9fe495927d633eL } },
-    /* 39 << 280 */
-    { { 0x30b295f01fdc29e2L,0x71415daae2c2fab4L,0x205e957683c312beL,
-        0x893c69fefab48afcL,0x8108f3f994ca2fdbL,0x37c860c314f99296L },
-      { 0x1009a6d2e990ed34L,0xd5350c36ac26b611L,0xd03161102ce23d91L,
-        0x82bb476e62189343L,0xe255965160ef0cbdL,0x6bab3f53cf5d2311L } },
-    /* 40 << 280 */
-    { { 0xcaa3b7a592fa460fL,0x92bb46b804dff174L,0xcd6949b3cf926a1fL,
-        0x01f95e5559d1bb18L,0x21f90c08d4518f3cL,0x325dbfe920ee8bf5L },
-      { 0xd0136f3feafb919eL,0x941190cc8e0ebcabL,0x599e91a287b557aaL,
-        0x7fac4887dcbde1c7L,0x1dad481905a07040L,0x640493978b03d593L } },
-    /* 41 << 280 */
-    { { 0x65521bb85ebd3685L,0x16c68e79665d1619L,0xd6ab56bbc52b14c8L,
-        0x312f1fb4c6d3067dL,0x5afef4f3d50587c0L,0xa3e79e94ace6e2feL },
-      { 0x52c7fa0825f12a1eL,0x9c1c1ea20dec9f3dL,0xc418d4232e87a036L,
-        0xa0a19fbb0283752fL,0x52e0a8830b804506L,0xc67fc71b3f7de2a1L } },
-    /* 42 << 280 */
-    { { 0x4d062d3d7dad8ca9L,0xb78c81581cf59756L,0xaccb38f8c6b5d9fcL,
-        0x83436d3f7ddc66eaL,0x37115b6033adcb87L,0x49b74bd45a8b09abL },
-      { 0x7b8bdb81675ae43bL,0x5284f5b3f0476428L,0x8f1521e7db38b0c7L,
-        0x792ef9dea0c4b2f6L,0xa15880a162159fc6L,0x70b999e372b09b63L } },
-    /* 43 << 280 */
-    { { 0x6f47787d4e8ffde7L,0x19e9434574495a10L,0x8da6d55784f5be33L,
-        0x110844811884e325L,0x621734c5a9f030baL,0x25cd0544d0e63f63L },
-      { 0xea6729687e936833L,0x08297af784a34442L,0xb77dc3a342f9ed3eL,
-        0x9f8908c8258e8d4fL,0xb8281bfc3299ba4bL,0x1f6412920a09849cL } },
-    /* 44 << 280 */
-    { { 0xd5d51e60ee9a7708L,0x2e8ab3effd2cfe78L,0x0af5c3bac8e71273L,
-        0xbfd1b94091041652L,0x4c7c86ab52ce4582L,0x3ab72feff1d9bc29L },
-      { 0xae89c3d51e1974b3L,0xd859c7ef70433caeL,0x762064c77edd1398L,
-        0xc0b6a6b6072064a4L,0x3ba43b059bb1b3d0L,0x20f9aa85e47d79bbL } },
-    /* 45 << 280 */
-    { { 0xd1a45415c2d001cfL,0x40f3f05d848a480fL,0x03708da0ce554d5bL,
-        0xd7090557c80f4254L,0x7e57d29907743393L,0x7db8a5e10f2f5903L },
-      { 0xd0466a0b14e8ff8bL,0xa3c38f49e0cf88b0L,0xde47262e329f71adL,
-        0x56b2a7935da6d0a1L,0x22e1f9b880ef44b0L,0xb9b96c617b2b6d4bL } },
-    /* 46 << 280 */
-    { { 0x3235bc494c500ee1L,0xce0f0b54da4a4f35L,0x628cb91c337ac7b7L,
-        0xd8a6d4cd88a26e9dL,0xdcf40cba96e44349L,0x073a0f75b54e3fa9L },
-      { 0xc9b95d29ca44e6e8L,0x42ad9afa2315f4beL,0xdf13a5ddf78617c7L,
-        0x40aeb346d196504bL,0x9317d6f33d1fef90L,0xf94d308fe1708a79L } },
-    /* 47 << 280 */
-    { { 0x45bc768608835815L,0x700d93bc5798c507L,0xae3415b85362a822L,
-        0xdbce01b33883d21dL,0xb9df7efbe56fb2aeL,0x5ed57d9427d341c0L },
-      { 0xdc26916e7ee4dfa0L,0xcdb06a17147c075fL,0x0198b6a7fa9e7a63L,
-        0xc9876c786355b62bL,0x9f4b8f12f565279dL,0xa03aeb619cb6ddb6L } },
-    /* 48 << 280 */
-    { { 0x3a35938779493f3dL,0x128301a91f06a9c0L,0xfcce0f82899d204cL,
-        0x4ca41589158780b5L,0xc28f1bb73c4edd4fL,0xe08e48a87a6aec34L },
-      { 0x6d4783dfd447c55eL,0xe7c2ecc857803027L,0xb7b8c2bcdf6d7f91L,
-        0xf0a8d4700f356ca3L,0x229894bfdeb8e964L,0x555c9d40d3aa70e1L } },
-    /* 49 << 280 */
-    { { 0xa899a252e0ace851L,0x74b716c9bb9d8476L,0x2ba0bb00571bb175L,
-        0xee01a9bf7ac2b619L,0x74f0b6d3502ee575L,0x7fdd7856cc45f810L },
-      { 0x68c0beb1c0ae384dL,0x21955de8fe63d58fL,0x1b98e3951c08bbd2L,
-        0x5ddaf7e9638701b3L,0xefc264f1b1242d62L,0xa9b8de5c81292443L } },
-    /* 50 << 280 */
-    { { 0xf0d713b7131a3bf1L,0x690ae8c147e9f09fL,0x1dc92a5f8cd8bf1eL,
-        0xdf98927ad61f5445L,0x729b5469ae795eabL,0x939b391c5265675aL },
-      { 0x5d916c6c7bd7e97aL,0x7c2a3de5d514e72bL,0x0660758379e9915fL,
-        0x0554d5e543a4d2c7L,0x37eb7f82ca5bca41L,0x90e41b71b640109dL } },
-    /* 51 << 280 */
-    { { 0xfdd403b0e6f769aeL,0xa67f97f6906a7981L,0xc86c49be6aa83c6dL,
-        0x6177820677ab6d8fL,0x60f77c49916933b2L,0xfa33c528fcb3fe39L },
-      { 0x102ffca0783cb589L,0x6a37a394a96ce10eL,0xd17bf1f89eb4695fL,
-        0x2a7623af2a53116eL,0x10601afe83af2e60L,0xceebada2582a1704L } },
-    /* 52 << 280 */
-    { { 0xcbfb50fa57004c05L,0x0d545f0ea7bea436L,0xb7e30eb77071e269L,
-        0x435b3df73b845896L,0x48ba27f0b246365eL,0x9fbe883341344f12L },
-      { 0xb763df280a87ef33L,0x4f9339d70b5288beL,0xc02770d6e722e3beL,
-        0x6c69bfd918e32f03L,0x20c5c05e74c2845cL,0x09fa0928d6f9279dL } },
-    /* 53 << 280 */
-    { { 0x82f43866962fccc1L,0x92bc5f82278c9762L,0xc979a68b39a39a08L,
-        0xfcae204b97c5a298L,0x78f55c7908676082L,0x210e036447c7b09dL },
-      { 0x24512cef47d87769L,0xb4b0fdd7e4b53f4fL,0xc2a263fff6818efdL,
-        0xfa160dc1985bc93fL,0x7b7f82961bf44affL,0xd6c75fb2a6407cdfL } },
-    /* 54 << 280 */
-    { { 0xea0b6ec35741c57bL,0x9b148c2668ba5fd0L,0x6206025166461969L,
-        0x0726919f8cfc618eL,0xf66ac684c1954bcbL,0x160ad0260273adb4L },
-      { 0x0ec10cffe6f6aac3L,0x232fc7adb4f64d98L,0x0707cb6e73564063L,
-        0x76daa2c5487a29acL,0xe4ffd6e335768176L,0x4ab87262464d126eL } },
-    /* 55 << 280 */
-    { { 0xdbc1d21c553f05efL,0x16e950d0dc115e4cL,0xa727059a354480a5L,
-        0x32df221efd6711f1L,0x06f9bc2e5c8aa9fcL,0x9f2449a67b15522cL },
-      { 0xac14774bf498ee00L,0x02b5979f3ec7e0a2L,0xdce96e06e1e00abdL,
-        0xd7a1bf5a1e00e8a9L,0x19b30fd3a8f42042L,0x29b08eb7e7c507ebL } },
-    /* 56 << 280 */
-    { { 0xe91477d3a66b2f3aL,0xf50d3bdfc4deb7f5L,0x19bf2857a1e45e44L,
-        0x1c104e3270a2126aL,0x4636b4894357b9f5L,0xf65e5aa0962d684aL },
-      { 0xfcc83a5fb7b52893L,0x8451d02b08adbd4dL,0xf0fb410c19f7a896L,
-        0x6b90b0faff36caeeL,0x111710d0f5af8966L,0x00a4cfafbd2b8c59L } },
-    /* 57 << 280 */
-    { { 0xad9f11cb817bd227L,0xe4733a1465d27b5fL,0xeda46e8dbcf76526L,
-        0x8db309ecad57a5a9L,0x4a863ec07f1487a8L,0xb0453ed210f1c4c1L },
-      { 0x9b4df78af2dbfd76L,0x62af38b21525e18cL,0xe6bd0b0ade2c7f65L,
-        0xad62bfb70b27fad4L,0xd21fd4346d6a8a5fL,0x07b606703e401a5eL } },
-    /* 58 << 280 */
-    { { 0xdd14c891e34b192cL,0x6ddfcc793aed3e36L,0xc89c3e6dc49a92e2L,
-        0xa61954fd6fcf1ce9L,0x420c39a9bd297157L,0x57c20a8a406d3f2fL },
-      { 0x7ccda02263faf545L,0xb01814a96cca4388L,0x88baf1dce5fb1fd0L,
-        0x9e1183cfa0bae755L,0x3fe540badbc243c2L,0xe50d52305aeb26a3L } },
-    /* 59 << 280 */
-    { { 0x10145b3d52726a98L,0x7236036869e333fcL,0xce9a409323a6f608L,
-        0x61c121dcddd11095L,0x3349b30a0d39f1daL,0xd07df9d4e3485e93L },
-      { 0xb4c500a561159e84L,0xbc74918100561c03L,0x8f27e9f3904ad807L,
-        0x7272786a0108ed01L,0xcf36a5d9c9365dd8L,0xe052fc9d7f859d87L } },
-    /* 60 << 280 */
-    { { 0x0e6cd863da97e11eL,0x5b058c6852a818a1L,0x7768c5e73de760b3L,
-        0x898b7f608dfb4142L,0xd48130977efec180L,0xd7196cd758279538L },
-      { 0x67c451fb816858a1L,0xbf0e88912ac699b2L,0x21fa74effcb126a5L,
-        0x1f9dc10123b8df5aL,0x38aefff921136ffcL,0x3408874c47cb395aL } },
-    /* 61 << 280 */
-    { { 0xded9035213054567L,0xc61d0628c58c633dL,0x73ff2589f31143c3L,
-        0xc43594ff0871b05cL,0xcf662dd64db0edf2L,0x6bac019d8d1f33b0L },
-      { 0xcaa37cd8bb379461L,0x9b077a6934fc0269L,0x421e716788ecedf2L,
-        0x2d422f95073284cdL,0x9a353114bbb2409cL,0x99e8c7a0dcbb79e7L } },
-    /* 62 << 280 */
-    { { 0xfca254cba21c40f0L,0x4945c838e0f4a032L,0x99318ff3fd6cb7fdL,
-        0xc631e0644a85e726L,0x2e3ca11d9359e8cfL,0x433a0e5c06acf935L },
-      { 0x665c54c996b37ea9L,0xe78865c4c2d52b81L,0x68596f6ffb27850aL,
-        0x7e7272221277995eL,0x602b0f5c197344c2L,0x81ff2ad620a9ec11L } },
-    /* 63 << 280 */
-    { { 0xb2ce6cbe7c4c464fL,0xd7c11ef5741a4b1fL,0xf3f987f621a7eb17L,
-        0x6b2812ef79f4e274L,0x3a0117ae38a7d5ddL,0x5d8c75a9cfab6bb5L },
-      { 0x3827c04052394166L,0x897eb181e00e621dL,0x6693817f8aa19361L,
-        0x67cac329959d81a8L,0x21e7133869a7ca51L,0xa02fd11269a46a87L } },
-    /* 64 << 280 */
-    { { 0x7f1f985c022ea83aL,0x90a22662a7584e7fL,0xb40a930a5188fcf6L,
-        0x3fad79aba3a82904L,0x7bee8d22f3151027L,0x79a1a838c2c3e17bL },
-      { 0x1fbe06e933cc3509L,0x629c56aa9abd5ccaL,0xfff290ec2d9cf7a5L,
-        0x5d0dedaa9bd062c5L,0x080344abd7d35381L,0x0848373af5cf9edaL } },
-    /* 0 << 287 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 287 */
-    { { 0x31d31f7a7a0c0bc0L,0x7a37a84ab251d2bfL,0x1793362e52f04d67L,
-        0x5808e70921c7b651L,0x33fe9123ed6f47f6L,0xdeb1dde958f71405L },
-      { 0x821d3045ae56b472L,0x9f61f761e02043adL,0x932ddb145b2048a9L,
-        0x17d989fed7811330L,0x032ae4cb128fd85fL,0x8f1956b47d1ef434L } },
-    /* 2 << 287 */
-    { { 0x070d34e116973cf4L,0x20aee08b7e4f34f7L,0x269af9b95eb8ad29L,
-        0xdde0a036a6a45ddaL,0xa18b528e63df41e0L,0x03cc71b2a260df2aL },
-      { 0x24a6770aa06b1dd7L,0x5bfa9c119d2675d3L,0x73c1e2a196844432L,
-        0x3660558d131a6cf0L,0xb0289c832ee79454L,0xa6aefb01c6d8ddcdL } },
-    /* 3 << 287 */
-    { { 0xe5d473dc7521f457L,0xe9ef09bda00be577L,0xf6d0965fb6eaa640L,
-        0xeb49486875726560L,0x452116d528817302L,0xf0424fdbfbde3597L },
-      { 0xd6096da3bb454915L,0xde48280841422141L,0x7a1351972d19fac0L,
-        0xdc9a5ec421393f6fL,0xcabcc1e3eb2c8adaL,0xd436643142d8c4f2L } },
-    /* 4 << 287 */
-    { { 0x0ed1082f89e4e449L,0xdb1fb471833f2378L,0xa35fef0eece77352L,
-        0x76adaa464bf0c426L,0xfbab929aa011b2fbL,0x6f475d5b9d8cc4d3L },
-      { 0xbe6d7f2174351480L,0x2d1362d193e4a7aeL,0xc7e2cba5106ceaabL,
-        0xfe94528a45258697L,0x7109b17d075945b0L,0xfd395b2ccae17f7aL } },
-    /* 5 << 287 */
-    { { 0xdf534b80dece6d4dL,0xcfaa60a28737af46L,0x7d76a921b9ba3d56L,
-        0x61490bd199338721L,0xc514e950ed25cfbdL,0x5041fbb2dc09b8b1L },
-      { 0x2410310d46fbcbf0L,0x2c46bcd14f7e8aa4L,0x08ce31f5d0d5fe1dL,
-        0xb11efdbebeac3c97L,0x406e1d05b01633e9L,0xde48cdba766391adL } },
-    /* 6 << 287 */
-    { { 0x68550299845e12c9L,0x979b5406361d027fL,0xf601d2b4a8e92e70L,
-        0xfd02799f0cc9fca9L,0x89f99ca013bc2e96L,0x22a12c0bff9db9b8L },
-      { 0x6ae7084a32efcea8L,0x5ddd3ee9a24b9376L,0x394d92a4e0945e8fL,
-        0xddab6752ecea36f6L,0x650b74d60d18a069L,0x37f91cebad650860L } },
-    /* 7 << 287 */
-    { { 0xe3e559bd9d839b3aL,0x50e8d4e9719de3c7L,0xf7bb377cea70b986L,
-        0x63753cace1b2707dL,0xeb239a870e585c4aL,0xec40a379b0e32380L },
-      { 0x836ebcefc86d6685L,0x703c296a70d18b76L,0x47e2c004b94aa268L,
-        0x33ef7d0cbaf14d61L,0x74aa00fcd315c72cL,0xf23c789eccf5d75aL } },
-    /* 8 << 287 */
-    { { 0xfc1faedc310404a8L,0xea339148d3bcb128L,0xf00485456416defdL,
-        0x75de7770c58653e7L,0xdd2dcbebe2f6f99eL,0xa4380ef4d159ac07L },
-      { 0x45dd713ce4173608L,0x44919b61446a6789L,0x3f73756b6b962b38L,
-        0x3cb9f53bbffd3f0cL,0xd723c40b7f08ebaeL,0x998a9b170c3cddbaL } },
-    /* 9 << 287 */
-    { { 0x261c9fe6f21ae889L,0xa589147edf3cb243L,0xd09452f71976deecL,
-        0xf80ee8bf2497f6b2L,0x0b5f1b19eee697d4L,0xce9b6b680de48ab7L },
-      { 0x3ad3bbc4bbf29546L,0x544406a697f51becL,0x51d44dfac2e2e75cL,
-        0xcfc8625d3da3f634L,0x0845ace6a1f5995dL,0x11850d8bf3b65c55L } },
-    /* 10 << 287 */
-    { { 0xa804b2f089ef2489L,0x06a2a805fb22f7d6L,0x31baf4fd353970beL,
-        0x3481c8b712854a91L,0xb0424eecf3971398L,0x748ef3820f4ed94aL },
-      { 0x92b74ad026722164L,0x23f71d5831b1302fL,0x6741b28070a5f0c9L,
-        0x46c12cfb9f5101caL,0xe7014d7901d0f81eL,0x129bd87ad758c288L } },
-    /* 11 << 287 */
-    { { 0x6c43d8307b00cd09L,0xb794cb012141eb00L,0x95fe13a75cf23ec5L,
-        0x3de5ad7b8f2c799eL,0xa378434a025de83bL,0x07f681bba3a14a3cL },
-      { 0x8fa0b5d2983ba419L,0xe477bf361781bf08L,0x5b8162845e8ce6bdL,
-        0xb36a78ee199ec8eeL,0x444fc01a6062d5d1L,0xc026ab4586ee9ac2L } },
-    /* 12 << 287 */
-    { { 0x6a565269a3e0c5b3L,0xaab7ec7104c6ae54L,0x0bda11a7d8c6ddb8L,
-        0xb7ebfafb2332347bL,0xcf791881e99dff48L,0x81600214dc357c83L },
-      { 0x2a264f8931d7495bL,0x8ca430004ec885a7L,0x6d478260bb47d417L,
-        0x544de4ec3d817032L,0xac7150a9dc05f901L,0xffef225775c0963cL } },
-    /* 13 << 287 */
-    { { 0xacb83aadb65296f8L,0x04c96c3e18151422L,0x8913311e7a9f126aL,
-        0x3baeaf8010b74e8aL,0x253c9dcbb7410105L,0x30a13e42da2d5437L },
-      { 0xde31fd5533a2065eL,0xde2caf1ffe099595L,0x54c762fe795076b5L,
-        0x8beb51fe635ed402L,0x369603c1e5c3d2a6L,0xc5083f0700a472b5L } },
-    /* 14 << 287 */
-    { { 0x58805ca8d2eaf294L,0x910d085ed7d5abb8L,0xf9cbc9a1349cfecfL,
-        0x67bc7b417800a980L,0xe7e6dbc0f6847e9dL,0x7a0f22c4af379c48L },
-      { 0x80b6fc04b1d2822fL,0xa1cae656d8517a70L,0xd2d11ed14e9dc24bL,
-        0x48d74f173fab87e6L,0x1feca5af50c630aeL,0x263e04cc62d0620aL } },
-    /* 15 << 287 */
-    { { 0x7dd330ca16b2a52aL,0x25133c614157ae5bL,0xe6ee0e4edd606b2fL,
-        0x700840423f2b59a7L,0x58d27587d03f54eaL,0x62ebc668d34605e9L },
-      { 0xa764392ab3155e07L,0xf0810f3e3c6ae6c8L,0x1b32e5ae94614cd4L,
-        0x45b49262b9cbf481L,0x0034db795b3d1184L,0x463237825b1b9ab9L } },
-    /* 16 << 287 */
-    { { 0xf6377e3bf6ba1469L,0xc334fb6c09c832d3L,0x7f85ac42c21c0cf1L,
-        0x7a3e31c9857d8edbL,0x2eb1076327b77ed6L,0x2bfbbdbc38dae10bL },
-      { 0xed7c6fb17bae3b4fL,0xc5911d9f36d04e6fL,0x4dc435504569e72fL,
-        0xaa82fb97bedae3abL,0x06d37bef4f27e463L,0xd0dbce6df0c35a11L } },
-    /* 17 << 287 */
-    { { 0x4482c7b704414726L,0x72c9cb5b26d23eabL,0x3747b8cefd5cb171L,
-        0xe4ecabc300312ffaL,0x5909f29b9cf10a38L,0x209bc3f4b8d0e5acL },
-      { 0xd34c84db60fac147L,0xd64dea89f8938c89L,0xb18285f8b815267cL,
-        0x719a7e355a2437d1L,0x45f8d9dab769c5a2L,0x2d0e4281a412cfccL } },
-    /* 18 << 287 */
-    { { 0x23c14c43d8f6e236L,0xb14be0d28ee39386L,0xd3c55814262dd390L,
-        0xa1b40401e1f23d0bL,0x1377b07c61534375L,0xfe4e3eb116f6d95eL },
-      { 0x17b1af0040b4386cL,0x2dc657a837ca3851L,0x6862ca92ef976731L,
-        0x9f0c380ba4118d3bL,0x23bf793977c1aa94L,0xaadee0612bc27d4bL } },
-    /* 19 << 287 */
-    { { 0xfa5e4cb6f1847a9aL,0x0e13a60cba6f07f1L,0x68d9db450ac86498L,
-        0x44b02de3920ff013L,0x43724c2d84b46078L,0xb3686ee81f951b93L },
-      { 0x019b3e77d712fe85L,0x313e7b7497dfb295L,0x7d883ed826d50e37L,
-        0x64815565d32562ddL,0x2f9e48bed7b3e2f2L,0xc97cf156dcb93450L } },
-    /* 20 << 287 */
-    { { 0x0573d9963ab4c707L,0xee5d87691420fdf1L,0x41873aa55e2b9c12L,
-        0xe09290456810bf08L,0x4ff4143fccbe4bbfL,0xd0e5a74969328301L },
-      { 0xab5912621c4b73beL,0x550ea0633f3edf99L,0x8a77633734c93db1L,
-        0x5c51d3f832b21521L,0xcee9f604713feea0L,0x0d6f8a5a7bf4268eL } },
-    /* 21 << 287 */
-    { { 0xc415d467009a0cffL,0x32dd46ef55960242L,0x4ccc6f676d6a81b0L,
-        0xa860bcb6b2571d81L,0x7e74150991f9b6c9L,0x9a96b2f9d3a0592aL },
-      { 0xcc3d821071248929L,0x586062daf1cb0f52L,0x18d993483d48b6c1L,
-        0x667f17949f4e612aL,0xf1d7a77ffb3a12e9L,0xf7586397f5753220L } },
-    /* 22 << 287 */
-    { { 0xb87d5ce2722f405fL,0x24d1f993d7c6a322L,0x09d837291e0d8113L,
-        0x70b5cdbf89a6cbc3L,0xdfb3ee16fb2c9607L,0xf0acc1163465c7c6L },
-      { 0x10cef4b707e6659bL,0xc280c4331fde9940L,0xc8b5e9819a2d3f25L,
-        0xc36faa763f7f68c1L,0x17878bfa8d54e281L,0x8fda8b359c42c5a2L } },
-    /* 23 << 287 */
-    { { 0x2aa1366305d22d7dL,0xee77da6eb0c62a12L,0xff8f99c5bacad876L,
-        0xcbe33479f8a0f0baL,0x4c69bd7f4a232c8aL,0x760ce3fd485d3f48L },
-      { 0x0b286a59268d7411L,0x2dd746b6589819b9L,0xe017a53060ce76f2L,
-        0xe4407828d642a7f0L,0x12761e51b6badaecL,0x4f4f286b78d07257L } },
-    /* 24 << 287 */
-    { { 0x43c78835661019ecL,0x68e916b124e66d29L,0x02c0f3a224094671L,
-        0xab6f1c05d0f17d86L,0x6d3bac72a22d4264L,0xd7b8f152f6e5fafeL },
-      { 0x95627c6339447eb3L,0xfd15901879e1ff93L,0x39277c835ad80806L,
-        0x758aafc90d7c7b74L,0x605ad8ca4cb8bec9L,0x6a90085c5741828aL } },
-    /* 25 << 287 */
-    { { 0xbc11d3d559cdebfeL,0x75c31b4531b2796eL,0x8d11e18a07b1055eL,
-        0xcf522c1fb2d2986dL,0xc994c377eafcbec6L,0x840d27ebc0c0e2f0L },
-      { 0xd4124d17859550d3L,0xeea6047aba21b2b6L,0xbd2a036e335a2854L,
-        0xd8703d6b207ac2e5L,0x09d2244a94a34bbbL,0xd6b9481417ec6f44L } },
-    /* 26 << 287 */
-    { { 0x7d8ddca252aa7ff2L,0x0985e47d6953b9a2L,0xed328993dfff63ccL,
-        0xbfeca5327cfa6ee5L,0x7535a871b1e6a010L,0xb0052764303c2ec5L },
-      { 0xd39c72102fedb0daL,0x7ee2b384e1001505L,0xb638a1b1c82a7e1cL,
-        0x1b94a47b4573fd7dL,0xef2bca7792cb2b88L,0x49ad6e97a75b21efL } },
-    /* 27 << 287 */
-    { { 0x591bdd0d8f4093abL,0xa2c63f1ba1322343L,0x5e548f71b32a4331L,
-        0x9930891c5e7f3c14L,0xb2b2406e54c27043L,0x7ffe3e5ef1281af8L },
-      { 0xc31ba363900742d1L,0xf24c8ae1e61ee209L,0x687c56b7beed46f4L,
-        0x0b63e47895682562L,0x9117cf4c0c8a45a8L,0x0744a86824c20748L } },
-    /* 28 << 287 */
-    { { 0x9ac777993acb39ddL,0xd1d3ecddbb7c6a8aL,0xa5271c9e7a75159cL,
-        0xa6ffb41f2c276e4dL,0xc526556e0bb9a955L,0xa32e1352233b7774L },
-      { 0x103f124bc2cf09aaL,0x1816d1eff10bae5aL,0xc5f9197ee8837629L,
-        0x064d5dcb13b1b76bL,0x109c70748d0fe0b1L,0xbb4e9743fce5f6e1L } },
-    /* 29 << 287 */
-    { { 0x4636f36d3ef05af6L,0x3695267b3e498920L,0xd59830285d773fc8L,
-        0x939591245d3cc515L,0xc3f52a9569134370L,0xc9d0db7af8848992L },
-      { 0xcd1be9bf15906eeeL,0xa95d25fb916d576fL,0x08de893be152fb62L,
-        0x65d743658ab1e35cL,0xd6d97057fef14ac1L,0x67ad47b9574508c7L } },
-    /* 30 << 287 */
-    { { 0x1b403c4f1470433eL,0x6f8cb19257e53eecL,0x87b5b93df0cce4f5L,
-        0xfefaa5008c566f77L,0xf6aa8066db71517bL,0x9f01b036d67f5952L },
-      { 0x9524306faaeb40dfL,0x5cb2e8e1421350a6L,0xa57d05ea3d69040cL,
-        0xd0ff12a1b9bbdcd8L,0xed64d3259e3e19bbL,0x29509c0fed0a490dL } },
-    /* 31 << 287 */
-    { { 0xc94191e7a607c050L,0xb918a096b98d3d4eL,0x97413dbce3f253f3L,
-        0x8476c03cdc6d8418L,0x50247d1d2402202dL,0x077476225f8097c5L },
-      { 0x1457ab609b71c6d6L,0x9ff312c447cf0c94L,0x954dce23ee79d2bcL,
-        0x3ba2b1a4a0da6e48L,0x363df36f532be9f6L,0x816642ddc742c7d4L } },
-    /* 32 << 287 */
-    { { 0x6edf5561ff8b1fbeL,0x614b788ef6eac0c0L,0x7699ae56d8d66d29L,
-        0x5f81602ae9d58eb2L,0xd0c04874faf9176dL,0x4b3a0046523153b1L },
-      { 0x9690930ff6315883L,0xa81c0b44a60ca92dL,0x2d0e725873bcba90L,
-        0x57efe72de902e329L,0x3fcd598676bc27b9L,0x492adf0393940c09L } },
-    /* 33 << 287 */
-    { { 0xf2ab8e22973a4b6bL,0x6a96f2ef6ad73ce7L,0xad5e22547235e929L,
-        0xfab3e4a9bc6c3b76L,0xf69fb2062dc950d0L,0xd863ca9049478ff2L },
-      { 0xec669f122749fabbL,0xe1d28bdc71a6d279L,0x766ee6458372942dL,
-        0xd118b90480ade5ccL,0xedcfb0a72293740bL,0xa3ee3a67f16b29cbL } },
-    /* 34 << 287 */
-    { { 0xc29fb53e118a0c7dL,0xea7a1017193b834cL,0x678072a2cec93ecbL,
-        0x9054d6b72475dedfL,0x4a7d477342ee616cL,0x05cec7f8680f8a43L },
-      { 0x39c491d496915870L,0xe07a2b1d8746edeeL,0x1d8ed3c83566e7fcL,
-        0xc7d744e5e002298bL,0x8a0acec99c0e6388L,0xb2daac39ebf48fe3L } },
-    /* 35 << 287 */
-    { { 0x773ad1cb8e133d97L,0x1e29f5a2872523d3L,0xa2a742293a09c1ffL,
-        0x809e6d284369ca06L,0xf22e521a7fe148caL,0xbaaf90c383ef9578L },
-      { 0x65aa9b54d633b2d5L,0xe55f2ce29a2994a8L,0x8a0af446e67e0b85L,
-        0xb9714de9c1f062c8L,0x1f4047dd2a3aa1d7L,0x39658ea965179222L } },
-    /* 36 << 287 */
-    { { 0x0322b29a57fbc5cfL,0xf55af7863078be9cL,0xd4b186e6ecb59f79L,
-        0x50f5fe746d950733L,0xaf8a1898a9f90d02L,0x483801a742d6d9bfL },
-      { 0xf0a0af145ec09c0eL,0x85af0e6188383360L,0x404b295e42592235L,
-        0xb3199d63c596493cL,0x7aadacdb194abb80L,0xac84563ec1c845c6L } },
-    /* 37 << 287 */
-    { { 0xd78d1dae5336e58dL,0xa3f36e0bc5ff354fL,0x8421f95e5d1ed78cL,
-        0xff4c16019f360c43L,0xd5efa09f8bb582a1L,0x0ece005aefb39652L },
-      { 0xce8bb58036c2c940L,0x11f8f74bcd1ae8ccL,0x923c350b57a2f2b3L,
-        0x2438e3213c86faacL,0xe76129503e230776L,0x35c73d415e6158e2L } },
-    /* 38 << 287 */
-    { { 0x8ffda4643672507aL,0x76301be7dd91327aL,0x42720bb0958860bfL,
-        0xedc0b8945ad4f455L,0x2fb553201bfbeb4dL,0x22a425bda1c6494dL },
-      { 0xfb927a85de0e7f52L,0xb84a82cf49a4b6a1L,0x8afd0546b640fe0fL,
-        0x23b78fbed2fc15cbL,0xeab469c26742a49fL,0x308e453fe277c7cdL } },
-    /* 39 << 287 */
-    { { 0x60ce0f55af7b14aaL,0xf2577fbe5cf5a2caL,0x7bb9521fabf3bb41L,
-        0x68b6409def00287aL,0x700bf423bfaf9391L,0x98e6c3017d637300L },
-      { 0x342ed4870ce28aeeL,0xad8b8dc383b059dbL,0x1b8a892b85d0a485L,
-        0x553c4fad6b7a7d3aL,0xf5692acc198d0379L,0x6004ebb3ce932f00L } },
-    /* 40 << 287 */
-    { { 0x6895dbe2f820c195L,0x3787a5003f6c7b40L,0xdc718243ac1e90f3L,
-        0x352f8c91ba5d0870L,0xf3d1c53eec0112b5L,0x08a0782f6b84f64aL },
-      { 0xd659e6358eedd5d4L,0xfc30df6c29537276L,0xbfb09978a1755ce0L,
-        0x227f7b12aa2b4187L,0x828730b9226539d2L,0x9051a37cb2472c95L } },
-    /* 41 << 287 */
-    { { 0x430c2a45d0a0ddabL,0x916aa68926a6291fL,0x9db5510268dff24fL,
-        0xa22121c1850a7aabL,0xd43416194e2d9670L,0x7ef2cb9415cf7636L },
-      { 0x2cd6ddf6bf97b27dL,0xac5676b625aba9c0L,0x3ca96f7ec4ee110fL,
-        0xc6900abd08e7ebb4L,0xcd3942fbdcb91135L,0x62d6b6f6a8ad56e2L } },
-    /* 42 << 287 */
-    { { 0x1ec7f2410828d35fL,0xd94c2a926ccae554L,0xdf4227273c36ecedL,
-        0x2facd6d89fa6582bL,0xed43247ed349d3beL,0x1d59d55d1db6fcc6L },
-      { 0x2b5074b1ee1bea38L,0x025496aac9c21a8fL,0x57dd7fa1d1d817edL,
-        0x57b5572aead03124L,0xdc024be87314616dL,0x5bb5b23c10f6e38eL } },
-    /* 43 << 287 */
-    { { 0x643cb9cd53812134L,0x016a11e8092ff9b5L,0x227f3dfbfcde37bfL,
-        0x01b9bcebe8a8fc6dL,0x7009ae45e1da0dd6L,0x193b6f519e2908f3L },
-      { 0x28656302230db5feL,0xb0a730c41aaeee73L,0x028320ab387addc8L,
-        0x92165d909a92488cL,0xb0b2f8f09066c95cL,0x0fa55db564007634L } },
-    /* 44 << 287 */
-    { { 0xbff4fe0844284b10L,0xc7e3f8da19c2f775L,0xdcd97e54a45ab746L,
-        0xf53158a9540ee8a5L,0xfd19068728c4aa74L,0xa3447e30648fa2e1L },
-      { 0xa6794670c374cedcL,0x605629c258204248L,0x1b86f8e6f7d8db3dL,
-        0x1e8ffe8bff0f38c9L,0xe4a556b8e274c82bL,0xb31406c94c0076d6L } },
-    /* 45 << 287 */
-    { { 0x198999821e555a0cL,0x831e923fbc196442L,0x8b294623f682e135L,
-        0x79ba90c01743c6e1L,0x74f8dbafeff5ed22L,0xe4c3257d5c010835L },
-      { 0x9cf94a208f9ec66bL,0x9fe9da3ddc303c43L,0xa53870be0cb716daL,
-        0xc322ffaa2aef881dL,0xb9ff76ff0fcd5580L,0xdcc125d49ebb1d7dL } },
-    /* 46 << 287 */
-    { { 0x747b6b6ddecaf88eL,0x1a32f8ba368cc7caL,0x52a3a00f60d84fd7L,
-        0x60052af507adacf7L,0x8b7bf25650b8de16L,0xb8b2acf8194926baL },
-      { 0x4bda72c81d1ef524L,0xe350f73288993f96L,0x63fee4e2e08c5d39L,
-        0x1f2cd9cd5db46904L,0xbf11ac311668d3bcL,0x8eaa064371d721aeL } },
-    /* 47 << 287 */
-    { { 0x33cfdcb3e14210feL,0x4abad5ec4946aa01L,0x14b42417a8cb53b3L,
-        0xeebb0d70238d4edfL,0x8c9d87fdb5bdb30bL,0x3cc680f17c928b33L },
-      { 0x4b2b2358757c2607L,0x51a70a33c1c8dedfL,0x62a26d776b22d113L,
-        0x2f4acd62ef3b4f5eL,0x403e91bf6ed00636L,0x219ba3577bf74d3cL } },
-    /* 48 << 287 */
-    { { 0x7de743e2b39317b8L,0x9205d4472d372acfL,0x8226fc303eeb0012L,
-        0xab2a3e052af74be6L,0xbe4767804af91ac0L,0x98497c710ca36bf4L },
-      { 0x74fdf7cd8d6dedb4L,0xb50778eea0fc5919L,0x5d5ec33f2fcd7c63L,
-        0x667b81937f33cde0L,0xce48ae4b38364d44L,0xb8578963223ed67eL } },
-    /* 49 << 287 */
-    { { 0x3e5688e46bfd7adeL,0xb3f1eb051b80bd4bL,0x8626c4cafe3de456L,
-        0x8846bc714b7e5444L,0xa54c7cff689e8a67L,0x8c3ea61f43eadcf6L },
-      { 0x924f17d6fde15178L,0x45319eb705c08d2dL,0x6d55775d9f85dcbcL,
-        0x2aaf9f7405278280L,0x574a13e77b617153L,0xe7fa921ae8b15bebL } },
-    /* 50 << 287 */
-    { { 0x9dd54056514e343aL,0x8d9116dff12aa25fL,0x5322ec38e3397844L,
-        0xe1843921571036a1L,0x2cde0a48650beb19L,0x41ad4a7e4f259728L },
-      { 0xf314fceeee6448b2L,0x80006b2aff0e81f5L,0xb5ee5524d51d229aL,
-        0xeba6d733128e900bL,0x79278cb8030f391aL,0xb24bcd63a9a5f9fbL } },
-    /* 51 << 287 */
-    { { 0xed867a7b37d10743L,0xd57d2d8df510023eL,0x4d500e4c737e0a50L,
-        0xcfa119900ecbf795L,0x3ac126b89373bdaaL,0xb06324fb735449a1L },
-      { 0xfe321df5cd79de70L,0x52d625dbfd07c6d4L,0x88ff505a3d628e51L,
-        0x120350fab044d725L,0xf718b20ad02f9515L,0x766698630bbea1b2L } },
-    /* 52 << 287 */
-    { { 0x6293e0ff50d9bda1L,0xe7259ada433b4dd3L,0x39aee63e821cee67L,
-        0x4d707c7144b10739L,0x42b9e0f69bd6efc3L,0x7d71edcc0717a61dL },
-      { 0xe7df9e56d1e5a5bcL,0x7895b638ddde509bL,0x6fc597b3d2a6a822L,
-        0x022da65d96d2a8abL,0x95541ce7cff45c72L,0xa5bb7799e649800fL } },
-    /* 53 << 287 */
-    { { 0x7472e4c963676cd5L,0x2836b1d52687f376L,0x1460b664f732a51aL,
-        0x7c4541f22a214ae1L,0x743a524d107d6622L,0x9c64e3ff082fc015L },
-      { 0x9341f3fc8e0d13bdL,0x9946043e529554edL,0x6fbbbcda5798d6ccL,
-        0x3bfad5fb242115c5L,0x1f46bd1945ab793cL,0xd9383bcf3b42f81aL } },
-    /* 54 << 287 */
-    { { 0xe4ff888f820a13b5L,0x7cd18b3eaf1bfbbbL,0x3fb7f681bd4e4dd5L,
-        0xaba364c287d46c40L,0x44e209ab659b3498L,0x5e071a272dde85c1L },
-      { 0x8a029b1fb969c790L,0x51bab9f0c6fd1c22L,0x9ee9b047b83eb0c1L,
-        0xda0b39439e5b2c35L,0x0cb30625f20ca425L,0x8e4dbd013d25c2c9L } },
-    /* 55 << 287 */
-    { { 0xe7aa41a96b8f7599L,0xe97ff24a3f556ad5L,0x10e07713dd6a9329L,
-        0xaf464b18c4d06a93L,0x9b8e5145a1ccc85fL,0xa256680bd0487ca6L },
-      { 0x420b60bf815652f1L,0xeaf09eff5bb45b6fL,0xa31e875f8845a557L,
-        0xb035ee09eebe0911L,0x1402d1d86531c356L,0x24aeeaf0b630f75aL } },
-    /* 56 << 287 */
-    { { 0x4b20d1829567f5f4L,0xde7e814918f02b34L,0xc9a4be7becff9dd7L,
-        0xe2f70bbe9812fd3fL,0x471bf90c9c889263L,0xb60d01b53e61f5bfL },
-      { 0x258c7f89d22d855bL,0x35ef5c15b75a7d4fL,0x26d8e1dab247f27dL,
-        0xcf1361998d0f7757L,0x312447803f8e894dL,0x8d2a20bae1a3d47dL } },
-    /* 57 << 287 */
-    { { 0x6447cc97f08a0417L,0xd98ea6837afee809L,0x81426d20bf7990aaL,
-        0x848bd6223526ad26L,0xb6cdc5b4fe1f3381L,0xe7e10bc7a26189ecL },
-      { 0x25a9f7cf57464e6bL,0xf90c1aa12c86ddf0L,0x2126ed530124705fL,
-        0xf384e7e5b58e6341L,0xb2dfeb0a12207e57L,0x72875c55e0e23287L } },
-    /* 58 << 287 */
-    { { 0x37579c3eb954b7a4L,0xf0291f8f3f2ea608L,0xde68104f90a85ed2L,
-        0x6a35fea9e1088788L,0xe8d5517470d15d00L,0x0bc72de552467f90L },
-      { 0x2ded3293297be2b8L,0x76c53e5761ddc65bL,0xae4b2b5015562d6aL,
-        0xfe7cdd329e0aeb79L,0x98ef4c518dd474ecL,0xfca56ffb0076b23aL } },
-    /* 59 << 287 */
-    { { 0x120adcba6f60309aL,0x41e46edeca8ab2c7L,0xd68aa4c529b79ce0L,
-        0x21a21f8d7a3b11fdL,0xea68dc4739d0809fL,0xd4faa71a27973044L },
-      { 0x65b42172810be134L,0xb2dafa6c793aee92L,0x951e9f6f1f78f7dcL,
-        0x2affc70a17fdba97L,0x4f0f4c51dcaa2789L,0xfde1951c9e703980L } },
-    /* 60 << 287 */
-    { { 0x80826a196488d9d8L,0xfa452795f3ad867aL,0xdd9bf8f5bd4e6674L,
-        0x324386227e8e3ee5L,0x7af4c605dff05c96L,0x79efb6f9541cbbd2L },
-      { 0xeb5ff62675e78961L,0x5318c4c30be43d7aL,0x02df456daa4a0562L,
-        0x4d6002d88a916a81L,0xf0dbc349f68eced2L,0xfd75d4d5ec8c3fddL } },
-    /* 61 << 287 */
-    { { 0x6c15d903544378f3L,0x0a9bc9d735ea3c77L,0x9d9066408caa4acbL,
-        0x9ba27502402be833L,0x1ed4123f8773fd7bL,0x236364ba190eac92L },
-      { 0xd6287f17f8383ee1L,0x75b7b0b5d9739582L,0xeb6cd50d0292806eL,
-        0x216f36dc43448409L,0xec136f8cb6c4958aL,0xfa805ab49ef7810eL } },
-    /* 62 << 287 */
-    { { 0x5c6448f70d00b29aL,0xaa134b87124cd55dL,0xc2c6b269d94b72d9L,
-        0x0f0dd472412f76d8L,0xb4cf3c1873f6571aL,0x6aed00218b9218ffL },
-      { 0xa55b74eaa0c9dde9L,0x59b952125b4c8fccL,0xbc9873ea4ddc367bL,
-        0x26b369ba0fd30421L,0x71763a45e446f4fcL,0x67e800edaff54707L } },
-    /* 63 << 287 */
-    { { 0x4de97de1126b4919L,0xd631d908883ea109L,0x37c77d729f6ec50cL,
-        0x910932e6df718c7dL,0xa798406855028d0fL,0x21b09540a6119a26L },
-      { 0xb837cceced4b4962L,0x3c83f4bdba66002aL,0xa067aa3d2ac41124L,
-        0xa64bff30d08dc360L,0xa22778a5c108d3abL,0x7f732064aac4dee4L } },
-    /* 64 << 287 */
-    { { 0xc68b641ec795a2c7L,0x4fe559b15a4d6647L,0xeda98cbad89ce668L,
-        0x15f84dc06c269d8eL,0xf0eb685ecbf34023L,0x3668c530c032634aL },
-      { 0x2e3d7fffe4531f59L,0xe627030685494d06L,0xf02cabcfa3e050dfL,
-        0xccd2da67c001dcd9L,0x50aa3723066d2d52L,0xdb0756507224a41fL } },
-    /* 0 << 294 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 294 */
-    { { 0x04418b5965b55050L,0xa8a797c3d324aa67L,0x5f87e22c7c65a6d9L,
-        0xaac710651dbeffe4L,0xff619d64bd3cc05cL,0x9a29c966e65c92c4L },
-      { 0x23af2b21dad7fcbdL,0x4950a767153b817fL,0xc34a7efac6478c55L,
-        0x57cde95af6cd140eL,0x64b74575f5a0db2eL,0xd4b5ea5275d7fb76L } },
-    /* 2 << 294 */
-    { { 0x284050628e72aafbL,0x655bf3538ea8bf00L,0x789d944405547f7bL,
-        0x7fa445ed3441e472L,0xfeb198254a44ce87L,0xccb5f12c129aed14L },
-      { 0x22b05de3af94fb34L,0x7422a040d3f03199L,0xfba252caa83f7f08L,
-        0x0f6ad6e6cefaa757L,0xe1ad18716517d806L,0xd16dc8ed8e9d97adL } },
-    /* 3 << 294 */
-    { { 0x0208092a0e3dca68L,0x9a49bdccd1a09971L,0xe5194181aefab9c1L,
-        0xc1c9690a0076f47cL,0xd7499e95b486c2fbL,0x83a69e43d4b72e00L },
-      { 0x75f2838a2d1a6c2bL,0x57a24c69751f6366L,0xd956ee08626cc684L,
-        0x434cadd7e6ce3249L,0x3d4eaececfe289bfL,0xbbd53b961b8aafddL } },
-    /* 4 << 294 */
-    { { 0xcbb99194a3736eb6L,0xdd5161cd36dcf470L,0xd50b24aab6ab6c03L,
-        0x419d2810bc41f4b7L,0xe2e88d7a295496cfL,0x350713f2f2457ac0L },
-      { 0x838e4a360427e2aeL,0x7631472a4d974e5aL,0x9fa3ab1c7a5c5fdcL,
-        0x324798cdde34cb8dL,0xbfa5a9d0889105feL,0xd05dad34fd0df249L } },
-    /* 5 << 294 */
-    { { 0xb47c1d47d6a3a1baL,0x99bb7e6572f65bd5L,0xf251794578abfda2L,
-        0x827f2aba3e3e3420L,0x436ee73250e2de70L,0x5c9ac6dc10eca926L },
-      { 0x2ec67465181f5e18L,0x1e8f32fcc6c83d02L,0x9dd3aeaf3953bd81L,
-        0xca955f4b07086daaL,0x7b4b6f3fd14eaa88L,0x562e75f1148d826fL } },
-    /* 6 << 294 */
-    { { 0x536e5657cb419fc3L,0xe8c208bc1d271dd1L,0x6a3713bd22d2b9adL,
-        0xa4c761a7471d808dL,0xd93aafb67e6dca35L,0xc46c0ae38f55ca32L },
-      { 0x55dc0de7a78bfca0L,0xe9cfb3013407d0caL,0x777e2a60b3256c14L,
-        0x32b2238c6d8fee02L,0xe8b3539646e43ee8L,0x310bc1ba247985ddL } },
-    /* 7 << 294 */
-    { { 0xbb9bce6810168f49L,0x32edc368717445e3L,0xb0b5a04426aa3ff2L,
-        0xc671f1fcd166542bL,0x3142864df61d2523L,0x11b2dfc7b0c67410L },
-      { 0x2e031a05c99690a5L,0x4782fb749fb7bae8L,0xeac2cd506b7175acL,
-        0x2e116782bef2313aL,0x67992027241c4d2dL,0xf8aa0e09a6952d9fL } },
-    /* 8 << 294 */
-    { { 0x9974759c581f9d3cL,0x9e76a970e5cb1973L,0x8afec58ec64941caL,
-        0x2d7c57fa01d05575L,0xc07c74cc5c448db5L,0xa52474ce01bb1440L },
-      { 0x93162d9700115bbbL,0x483b6147fd7480f9L,0x4f28c57e6af18dedL,
-        0x36faed8f174a3089L,0x702dbd64a3dd6265L,0x86a9c43f6adc0d7bL } },
-    /* 9 << 294 */
-    { { 0x9d4d4b3c795eb646L,0x727e2aa17485839cL,0xb50018a5aa9250baL,
-        0x5a15808d1ba716adL,0xb1748d580ff91cebL,0x0131bcff76144b6dL },
-      { 0x23fea4a58dcccffaL,0xe8eddb5ceb64caaeL,0x011a65971c3c5e66L,
-        0x7723dfba377a8f6cL,0x00167c71dee2f651L,0x3e89ddf5ee0e4325L } },
-    /* 10 << 294 */
-    { { 0xa3510710b9de7b63L,0x9f364ad14019c9dfL,0x5b66a5d79b5bdce3L,
-        0x2b2f695178b1b385L,0x3e4783d33cfa9f99L,0x1af517506bd6bcf4L },
-      { 0xf9c0686a81d8d7efL,0xdc0f22ec37c068d3L,0xe1b8665393545fafL,
-        0x37ca8501a8a52881L,0x07ac5c8a5603e359L,0x98fb2bab542cc937L } },
-    /* 11 << 294 */
-    { { 0x96326ec323da6b81L,0xdb48a5e1f90a6f83L,0xbb141660f640a0fdL,
-        0xb51609375b92f5c2L,0xaaabd54c997244e4L,0xbeb8ab2f859bb92cL },
-      { 0xcac7c5dda4be476bL,0x7093faea7f58c1b2L,0x3167a2c45c6ad412L,
-        0xabd86bc9544fb9a7L,0x571296a72448c363L,0x4da64cd9c6cd4621L } },
-    /* 12 << 294 */
-    { { 0x4981be690c5bbd3eL,0xb047df0a185fdb55L,0x3168e05074cff00cL,
-        0x111150a1b52c7f9cL,0x0db2ed84a51c7986L,0x7d991630e61272adL },
-      { 0x7443d93628de14ddL,0xfdf31f41a5daed5fL,0x71e0ef4e866b5e40L,
-        0x05c57a45b965a670L,0x85bdb58c70e1aa77L,0xe4d1fe2a9df3ce32L } },
-    /* 13 << 294 */
-    { { 0x6ff2b1a1772c3796L,0x9b88c1178e186fe8L,0x342ba11f4312af31L,
-        0x9a93a4d1a86ae2b6L,0x496d5f219d59e3feL,0xce519a7d6924acdcL },
-      { 0x6fdef82327c46e44L,0xab5504c34d31c9bdL,0x6fa52bca71693677L,
-        0x31221119033c80f7L,0xdb2cb49dc0a22f91L,0x4962d58f9b4aeb5eL } },
-    /* 14 << 294 */
-    { { 0x5d4618982f722563L,0x11d22b39567db14cL,0x9a8f004e6779cd40L,
-        0x0812ae3d5473ecd5L,0x4ed828624e6c296aL,0x2d9ce40c064ee61fL },
-      { 0x4856d586d8a9eb1eL,0x2ddd6b125d1b5e3aL,0x0ab5eec0382fba3cL,
-        0x302018dffcf4a9c8L,0x7b4e6fd2ab3cdedbL,0x266c246a8f64cb1dL } },
-    /* 15 << 294 */
-    { { 0x55bad54bd6dc35e8L,0xa43d72ff38642612L,0xe39a191609bc85ddL,
-        0xc9d4bc9b0f85d3baL,0x84cd12b61367a70cL,0xf4ebc0e04937bb2dL },
-      { 0xd083145949dc027bL,0x110751601cf29970L,0xa443a29c0b76b4c0L,
-        0xee5b8d0ca0de3249L,0x368aa3259002e7d6L,0xeb48afdc6182e2e4L } },
-    /* 16 << 294 */
-    { { 0xc41e4aedf5c3af59L,0xa0284ad06de9a78aL,0xf5eaab7b8ed812d2L,
-        0x7801fbb81afb58b8L,0xbe5cdba671efcc3aL,0xe31a0e3ccd10cb91L },
-      { 0x882e821e85dc0bc6L,0xd3ad070fbb32e506L,0x3afede2bd8a0f038L,
-        0xe20a117c857fd3a0L,0xebaa2aa43060f767L,0x6524aa0d2b9d1da1L } },
-    /* 17 << 294 */
-    { { 0x86aeca0ffd81174dL,0x19bc6ee60c6eefc8L,0xc85f7f2ea91f0e19L,
-        0x09b9276ad2354dc8L,0xb62adee0542a669aL,0x8354ad1a88097445L },
-      { 0xe67d2834df9984a1L,0x2330c8cfa64b2864L,0x309dcdeb39e7b54aL,
-        0xbbba4737a18cf5eaL,0x47511b1d92861a8eL,0x99d4bd673286d404L } },
-    /* 18 << 294 */
-    { { 0x9cc5847c88cffe33L,0xff726b0f6e8eb6c1L,0x9bb2ca161bc45d8eL,
-        0xe7903009a6d8a5a6L,0x4f089cc047db2201L,0x4135884de6b5928aL },
-      { 0xb1a86a0ae5c017cfL,0xb1d9bf6db0a393dfL,0x33d9c1c628bb3277L,
-        0xcb05b67b45b582ceL,0xa72585fcf33792c5L,0x78b7c5e8a7d1ed84L } },
-    /* 19 << 294 */
-    { { 0xbb83b446b1b4a091L,0x66440b3d9603d875L,0xd1931f33c2b45d1aL,
-        0xb8b67f20098d4cccL,0xa3583818790f208aL,0xe01194bec4a3e88fL },
-      { 0x29301bb192e8b150L,0x1795cabe9448ee60L,0x377d8f9752500c48L,
-        0x474e73d65a457e79L,0xce0a50ef30159027L,0xfe69abaafbb2c214L } },
-    /* 20 << 294 */
-    { { 0x70e478fb9346df25L,0x01dc0c2eb4a4ada5L,0xaec82b005be36ea7L,
-        0x82618b8f6717e06aL,0x2db1f6d4008f1977L,0x4e493f3b16b390d1L },
-      { 0xfe86fd4d990a75ebL,0xa1cf7f99783f6076L,0x6cbb23e70c049158L,
-        0xd05be7e5ed456235L,0x601374069bd836efL,0x94ec964432e5f604L } },
-    /* 21 << 294 */
-    { { 0xd96e4d920fc48c7bL,0xa2e29660f66e491cL,0xb92d850601146906L,
-        0xa43f4803afe346d6L,0x27885d98700b6bccL,0x90662e9f595d8de2L },
-      { 0xefa7f261f70d1007L,0xfe8a8be3fc72531aL,0x3b3f7541f1aa8d93L,
-        0xb31bea258215966bL,0x15faa4acf35d2be8L,0x0a5f95e786c9a45fL } },
-    /* 22 << 294 */
-    { { 0x3361e1ce3d87bfa8L,0x92f235e78dcca4f0L,0xc8084cb4be323fd1L,
-        0x3fd481a5c24c6d16L,0x9b1bd9402cea81baL,0xf50911910c5aa59fL },
-      { 0x4cd8c9eff81d5e2aL,0x5ad000131550bff4L,0x29d47b9f8cc32e55L,
-        0x66e3e6f111694eceL,0xd5edf7017950dd7eL,0x9ccb10960f6350c6L } },
-    /* 23 << 294 */
-    { { 0xc31e47ff95e784e4L,0x7ad0dfd63fa14241L,0xc91482092dab896eL,
-        0xe9a114cccb9bb463L,0xedce9e6f16cb16afL,0x0ee2ce0607508893L },
-      { 0x1aedb80ce31c0f54L,0x235d4591512658ccL,0x9029fad2a38583f1L,
-        0x95b1e1ddebef898eL,0xeb2f21809efabef3L,0x458c4338b10e9cbbL } },
-    /* 24 << 294 */
-    { { 0x09db138d18f2470cL,0x63bd2290f613658fL,0x0bb647794feebab9L,
-        0xfce4aee17fdb1e71L,0x7d5c0c61a7f1f65dL,0x46405b618d02d6cdL },
-      { 0x7cac04856fdcb0d0L,0x85224c4b2f8ec5afL,0xb5879a59db0aa864L,
-        0x75f391b8ff94f8b5L,0xa6c994ae49c97f8eL,0x4d968fadd690b232L } },
-    /* 25 << 294 */
-    { { 0x1e436df6e11a616aL,0x9eb49c76bdb932a8L,0x207d2fe90e6591aeL,
-        0x6e05acc8233ac034L,0x464dd321f3d04d32L,0xd4ba4889af43c171L },
-      { 0x0808e5207120fab9L,0xb9e4726c3fbac672L,0x5dd1c13b9d7d883bL,
-        0x1c091808771f1edbL,0x76988d1c75eac1a5L,0xb0fcd3a893a67be8L } },
-    /* 26 << 294 */
-    { { 0xf5cd290a67e0b4e7L,0xaa6fa6807c1594b6L,0xebedfbd7b63270beL,
-        0x574b410ba369bfeeL,0x431cba5a020ea888L,0xd3a3102f56c71d47L },
-      { 0x4894bfe0a90a853aL,0xd78bd98b5f9c4b6bL,0x9b1324f6d900c5c1L,
-        0xc65c944d718c2147L,0xf661de6ba987f634L,0x0315e69f172628d8L } },
-    /* 27 << 294 */
-    { { 0xb12e0ab8aac7ab64L,0x8ce877abb06cf9cfL,0x39b694b40bb11fb4L,
-        0x0c2428369b0d8850L,0x6bc9a033ccd50c6eL,0xaa2e77739a1e8fb3L },
-      { 0xa7d8be09608e2e9cL,0xeb4cef0542b9f458L,0xa7268c9b985f66fdL,
-        0xd60eeab27acf4968L,0x02eb2db3b6e5621eL,0x82fb4abfad8236c4L } },
-    /* 28 << 294 */
-    { { 0x07c60c7522ea5f1cL,0x35beae34a36bee4fL,0xa8b00a09dcba8997L,
-        0xa77f1f3a802ce50cL,0x6c4050df2a2144b0L,0xf79bfa96ab1b10dbL },
-      { 0x9025d470433a9b1cL,0xaf3e391790d9eec8L,0xbcad2d629ae2d535L,
-        0x7a152829eff0f6a9L,0xe87345cd925fa5a0L,0x6ce007200e84039cL } },
-    /* 29 << 294 */
-    { { 0xc65acf36c3d095d2L,0x9192c5fe72427e6cL,0xcb84c43c3fa8b90dL,
-        0x2f458fe965e15b23L,0xd8bf193731469f11L,0x1ccd8bb93638cc3eL },
-      { 0xa067022f78e35577L,0x382e6af730ee676dL,0xf197adc2f6d135bfL,
-        0x06360834c9a1cf58L,0x413813f7930371beL,0xf7461d04f5dcaccaL } },
-    /* 30 << 294 */
-    { { 0xdae449c007f6a05aL,0xbc1b84f55bf26c9eL,0xe3b3f9edb1c13820L,
-        0x5442ad5b4090598bL,0x794ef65613749e4dL,0xde809180948b71c5L },
-      { 0x4c72dc7de203c5b5L,0x8902b0971b349fc4L,0xa899bedb225a1569L,
-        0xeb7da73de6ff3f53L,0x6ee8e1607c0be37bL,0x9ee667d2a31bf943L } },
-    /* 31 << 294 */
-    { { 0xbc91031108b6fb2bL,0xa5e0ab3e25e06a55L,0x16ff0705360f1698L,
-        0x71c0aa7487e72a67L,0xa1f1497b355c75e8L,0x179b67bffa6bbcd7L },
-      { 0xc9db6590b6738583L,0xf77660c4d87e72bdL,0x0ee2e7b3f13abc2dL,
-        0x0cdf5a37a4d922b6L,0xaa8af2d596c853a4L,0xdc452af4e0092356L } },
-    /* 32 << 294 */
-    { { 0x5017e145db81146dL,0xc7d2086d45c54db8L,0x2541059dfa98234aL,
-        0x4bf344d99985af98L,0x39737ed67b5b7b1cL,0x8e24691987c411adL },
-      { 0x2fad8cedb877a75fL,0xe42352df17e60ee2L,0x1a53d856404043f7L,
-        0x6c1f07a5863927a1L,0x38d3a4f4b6892121L,0xf4c1092001976c8fL } },
-    /* 33 << 294 */
-    { { 0x541732a70224214aL,0x61617b515cb2d019L,0xc560c24bcb4fc6b2L,
-        0xd0ad737943670d99L,0x08cdd32eb83112a8L,0xbe57493d7e29810fL },
-      { 0x7834124899d4523fL,0xae1a5857cc8e5fb7L,0xf8b62a59b8454efaL,
-        0x7c63c900ab0f4729L,0xeef9243d72dd0f5fL,0x6b865dfbad766386L } },
-    /* 34 << 294 */
-    { { 0xd11536eefee626b8L,0x1d2471dd8077b5d4L,0x7db062debdb9a4dbL,
-        0xfcc62c0ab9f808ebL,0x619b54c6ef392bc7L,0x81e146fc51b9f5c9L },
-      { 0x0343807c7bbd52b3L,0xe024a9f1572125c5L,0xf8b886d86c57cb31L,
-        0xcb92aa7d5398a318L,0x4ce0870d2410ef34L,0x1a40c103f8366683L } },
-    /* 35 << 294 */
-    { { 0x46485baa7bb78552L,0xc0f685f23e6a3f0fL,0xd24970b5fb3cc0ecL,
-        0x0d1f380e7bf91feeL,0xf0f7fcafe7624351L,0x27cb99bc697a8055L },
-      { 0x55be14685cdc7560L,0xf006927927ba7f93L,0xb0c25c759fdd0e70L,
-        0xda82e73785818253L,0x7d40d86946304c51L,0xe06ea6fdcc18ba58L } },
-    /* 36 << 294 */
-    { { 0x99d37ade6b65e17aL,0x61ca538e38ce217cL,0xd3ea83f68ebb89edL,
-        0xce6611eb4b02964eL,0x0ec7cc2f5c0a8e44L,0xa985b0c2974240a4L },
-      { 0x7a3abb6c42ee5b0fL,0x55f049a0cb2eddadL,0x69348b027c44a60cL,
-        0xcabc65191974a8c7L,0xd9def4bc07b91a35L,0x684a2d71b93b34c3L } },
-    /* 37 << 294 */
-    { { 0x21c37d21f48f274cL,0x2de96b4da082a098L,0x82520e0ca606b6a6L,
-        0xf76c9ec6e1050b81L,0x248c5efbd1ce149dL,0x5a36ae1e9a909790L },
-      { 0x8790b09bec8b43afL,0xd592dce560ff709cL,0x726d699724cc8e21L,
-        0x61e37bef5e2cb745L,0xd55a68c26eff3ba0L,0xd47f02659ad265c0L } },
-    /* 38 << 294 */
-    { { 0x3e6351ef3932ef94L,0x65625878db5d64e6L,0x118a688e091ec7b7L,
-        0x2a95072abdf60b88L,0x5200703540dc0afeL,0x59c3d90b6fc1cbffL },
-      { 0x5622b1b21dfb1a7fL,0xdcb0344834d92243L,0x18fccfa86d7d36c4L,
-        0x5d43a14181341761L,0xef375542eaaee79dL,0x4e4667216999d399L } },
-    /* 39 << 294 */
-    { { 0x1bca97aa9d3c6b9eL,0xb4bb4f95095cb250L,0x4f2c216a996fb52aL,
-        0xc4d01916f379790cL,0x510882a4359df53dL,0x6457d76a671d6a8fL },
-      { 0x0ded2623061f7d64L,0x3cb4f38f1ce7dcf2L,0x0d86313a224ffa88L,
-        0xba8a15012b99aeb3L,0x2fb92183d69f72b5L,0xd3b9d6daf1fdb8f0L } },
-    /* 40 << 294 */
-    { { 0x5d573a3a0b6320aaL,0xf9ac8ccf289b6700L,0x8bad05cd8f28dd72L,
-        0xe2eabd446b62c306L,0x60f70353906ef302L,0x147cdd0c367a768eL },
-      { 0xea9d871635a9e846L,0xdd71e80aa8684430L,0xa56a5ccd530768a8L,
-        0x59d241270a3e42f6L,0x707cbaf0faa367d1L,0x5419b14f52a0cbd0L } },
-    /* 41 << 294 */
-    { { 0x625bf4e6d991d842L,0x56b95a56a81daaaeL,0x2101137c9911bdadL,
-        0x1141b0a1bbded1c2L,0x85deb889d1df8d43L,0x51e3e17edac3e376L },
-      { 0x5d31639381fb19f8L,0xd1cb634b92eed2c4L,0x72a6ed7b943746dfL,
-        0xd55f55fb22b85e00L,0x255b025804193aabL,0xd0b94c5d86a78c96L } },
-    /* 42 << 294 */
-    { { 0x121c15d859c3556aL,0xabe25c21864380dfL,0x2de101832627f78cL,
-        0x19988e4b4bcf4a0cL,0x4ed3aad8a2f9cb52L,0x50f8cef5b2b257e1L },
-      { 0xab0b000c49f7f596L,0x6cb997471fb9c471L,0x331974b95fefb8f4L,
-        0x57cf97578e2e0e5cL,0xa82a8d06174a626cL,0x40ef371b03e80567L } },
-    /* 43 << 294 */
-    { { 0xfea713e1324cbab8L,0x738885e61897e7baL,0x8234ed08126aaa13L,
-        0x4f66467661ed1548L,0x61fdc2aa172c432bL,0x78eade7c9ebf0a29L },
-      { 0xd50ae7156aa104a9L,0x977d7a605536df98L,0x024014bdc9eb983cL,
-        0x75d53c0585e21649L,0xc181d67098404cffL,0xe00f5f5dfdb3f05aL } },
-    /* 44 << 294 */
-    { { 0x3cfe2987d10542b1L,0x5935e0dc29f5b006L,0xce5932d6d83344f2L,
-        0x67aab7ad9800a6d5L,0x3ef2b0e765073619L,0xc381a99454aa9ccaL },
-      { 0xbf069577d4011571L,0x33b70c5d4d1ce997L,0x801ba41c758c9b1bL,
-        0x6c2dd5ec36968958L,0x31820ca087921665L,0x0b7f0d337ca55668L } },
-    /* 45 << 294 */
-    { { 0x0b099a5afce6c55fL,0x91d1caca408dd628L,0x42a5181165449db1L,
-        0x540935b040715d49L,0x8feabc5433b00823L,0x7107c06240c2485fL },
-      { 0x13f307ac4fea64e4L,0xae4ec4a713a04327L,0x8297be380eff71f5L,
-        0x3434286f1ecd0b2eL,0x4d7a5456a3e9d625L,0x657f950b6a0d04e2L } },
-    /* 46 << 294 */
-    { { 0x2237f78ecebadb15L,0xa1184339da01f9e2L,0x542c3354ef37abd1L,
-        0xbec90883de982d70L,0xbacdbb9c457d3024L,0xf1d167c19840ea52L },
-      { 0x9ed827d8433bd3cdL,0xf4e5b4231102fdf3L,0x2038c92fb63d6056L,
-        0x490cb0188eb9ae35L,0x776331b87c75ffc8L,0xafbe7c6a3fe2e400L } },
-    /* 47 << 294 */
-    { { 0xf668460c9176a02dL,0xa843a70011d322a2L,0x6424f0e8a8c5d1c8L,
-        0x0b45a1ab1bc440e5L,0x3b740cb11c3e391cL,0x5aaa89c4d5850e1bL },
-      { 0x77739ee6d632c592L,0x171fd350fffe373cL,0x6a648fcdbd7e83beL,
-        0xd98650c6b619f4d5L,0xa4e4ae5438dea07cL,0x10001f5afe0bf5c1L } },
-    /* 48 << 294 */
-    { { 0x31cb896b57dfc732L,0xc6b74a1edc323e91L,0xd24a41d0f11b04f6L,
-        0xb609a26dab8f7159L,0x96d84b372adbec34L,0x154f5307d24ae7f6L },
-      { 0x36dd3243e10eb34cL,0x055d3b714f6dbbd3L,0x30b1efde36d0c561L,
-        0x3846925ce9bffd15L,0xaf401286aa99ba07L,0x3a191267fd48b839L } },
-    /* 49 << 294 */
-    { { 0x67145f18e42a26cfL,0x580857fa491122d7L,0xa4e2db8dd03b5071L,
-        0x47a39a0d3e379882L,0xb6bfe4b35970766dL,0xe40f4daea8bce767L },
-      { 0x38f199a7e812a217L,0x1407f98d97eec7caL,0x25d6f750236a41a0L,
-        0x644327340e811ee6L,0x84d5d9c9dddd6e5cL,0xc1b6ef13c44cae4eL } },
-    /* 50 << 294 */
-    { { 0x79879d4f6714e8daL,0xce409617a17abd07L,0x6f2b14d008a6e685L,
-        0x817d467409b5e150L,0xa1181873eb51b966L,0x573ba855da6b9544L },
-      { 0x836ec3e5c4a37013L,0xb8da1bbe93fded69L,0xdb5bb6f16edff4c1L,
-        0xff30b837f1657d36L,0xa20cf000223270b9L,0x29d60562d44a57cfL } },
-    /* 51 << 294 */
-    { { 0x0d6f36b9b98b029dL,0xc4cd72d07a371233L,0x23bd419e4f95cd4cL,
-        0x2c95b0a2b80d1e13L,0x0f76e62f7edfbef1L,0xd077194dd303a470L },
-      { 0xd6e20e7cd1b50934L,0xf4201fca2dfeb806L,0xa57dc150bced28faL,
-        0xa84d621be3172301L,0x119768fe9aa14d6dL,0x34f1ae864b363253L } },
-    /* 52 << 294 */
-    { { 0x2fc83aa3afabd13dL,0x521b745f53c45a27L,0xc6f345a660c18225L,
-        0x9609076eb5faa47aL,0x8bdd97fd535388fbL,0x8f5f3bd6e7fd7e87L },
-      { 0x6de4454c1c8e1d5aL,0x8d61ca3b2b35e823L,0x93b66fce4672d30eL,
-        0xcb9d601721d09ec5L,0xef98137fb1de06eaL,0x45e212758b051877L } },
-    /* 53 << 294 */
-    { { 0x117b89e9ee6e35f7L,0x2ad205aadd203ed9L,0x3f6c950c0689bd4dL,
-        0xaba1e4b342f20742L,0x67464b793e22f0d1L,0x74436dfdbe0ad6c1L },
-      { 0xc4a6e964c1470ac7L,0x853ad39b361da35bL,0x261c6fd6a187a6abL,
-        0x08d7e89d59fb860eL,0x158e2697e8f88299L,0xf3f1f6f34b04a8ecL } },
-    /* 54 << 294 */
-    { { 0xbdfb8d006b562705L,0x76dbc217ed9f2aaeL,0x62f713778cfd02ddL,
-        0xa05eed177a5d27e1L,0x60082379a006983aL,0x312af914bf7c2c05L },
-      { 0x7d163fe76c8500fdL,0x722a35299d4d0dbcL,0x9b4c5c3539f93a78L,
-        0xb193734c34c7ec06L,0x457db178cda87a84L,0x088dae087f816e0cL } },
-    /* 55 << 294 */
-    { { 0x746e73055896ac5dL,0x1d8326c21a7b69f1L,0x695197743132a40dL,
-        0x3899f8a03f58720fL,0x2c3070a5df0b7fb2L,0x49bc59f2acb839e3L },
-      { 0xf7d5d3f66b8f5a9aL,0x704ed893a4c3b570L,0xbafde26cab591c03L,
-        0xc447dac83388a62bL,0xda80991d4416acfeL,0x1625c9151e729d69L } },
-    /* 56 << 294 */
-    { { 0x3104e59e6b843647L,0x4eccb42720bad138L,0xa575b8e150efd6a9L,
-        0x68a6b7055a6e4729L,0x670306798f5b2a22L,0xb2cfcf81df9253bfL },
-      { 0x9c3eeb19b8f81c39L,0x082ca86c986b4dfeL,0x1f64eca250250d8eL,
-        0xbf26bcfb67f0c713L,0xbc5d0e2a49b609cdL,0x175acb34e6aa3c76L } },
-    /* 57 << 294 */
-    { { 0x5237d7368c53aae2L,0x2a88098bbdbc0b10L,0x18f1af11cec6db6bL,
-        0x12c23392c4e08b3bL,0x23b652bf3eab43f3L,0xb79feb949f3dca0dL },
-      { 0xb71e311d2b24e0d9L,0x85e48aede37a0f90L,0x93e8a0e753200b6dL,
-        0x5d44b87226bf3a30L,0x466c31d1d0496b98L,0xabec12f7dd39874fL } },
-    /* 58 << 294 */
-    { { 0x58bc23928ca41326L,0x0744ba8524aa5067L,0x900e7e9baaf80bb2L,
-        0x510bd122aff38fe1L,0xf90dd6a1002b277bL,0x829379dc81bf7df2L },
-      { 0x5443b8736372d502L,0x124c2abab5b6f9a2L,0x88b237a4d6020c14L,
-        0x3542215108f7a498L,0x39e84240e6234eb1L,0x43d721dfcc5827eaL } },
-    /* 59 << 294 */
-    { { 0x43e7597234658dcbL,0xed936b96bdf3a7caL,0x74acb7f60f1923abL,
-        0x6a52b28cc007995bL,0x5abf2909a560fbf4L,0x79d571dd256bf1a8L },
-      { 0xa8d51082e4c3281dL,0xc0d6f8aa0b9fdd38L,0xd589f2c57ac30640L,
-        0x6abb8faf07635c58L,0x2af1b083d7520b0dL,0x18b9f6c893b951fdL } },
-    /* 60 << 294 */
-    { { 0x32e678b4c1ba956bL,0x9e8b137248f32982L,0x9b380a118a8f262aL,
-        0x5c2d6ce0807f6d1aL,0xe99c2e909f1b3fa2L,0x6a0c9e4a7c4bb836L },
-      { 0x30d80329ee8dac83L,0xabcf7b76b60bd5fbL,0xc589a0c8c14d56d4L,
-        0x9e40af665de24d43L,0x932f4070230f8331L,0x96bba1c19b87948dL } },
-    /* 61 << 294 */
-    { { 0x8b83af0c4efaae9aL,0x25e55686770c85cdL,0x0beda54fede0c999L,
-        0x6c5749398d249a2eL,0x520ac2ba2f476146L,0x162e482de95b05acL },
-      { 0x2d3d19b6c73a32daL,0x945e5e3c33fd2c48L,0x361d9770a36b4ee8L,
-        0x8aed760d014cacb3L,0xae66e5de5ae302c7L,0xb5fd5959b5d4d6a4L } },
-    /* 62 << 294 */
-    { { 0x25df58ff147da470L,0x1b3941ec3f4e3e98L,0x7543b1227aee3587L,
-        0xb7bc2b31b4a28218L,0x8628b5400bb3224fL,0xe3e7644d373222e6L },
-      { 0xb4e3269299244dc9L,0xe72c679d49781bcdL,0x894d9eb0bb6f0700L,
-        0x4a08cdbc443c3639L,0x52c4d04e5baeb02cL,0x53f550ffb5f93552L } },
-    /* 63 << 294 */
-    { { 0x2b908f693c1f524fL,0x59fd6ae7090970ceL,0x595e15721eb9ec29L,
-        0xa55adbd6fbc4f04cL,0x575a2344bcc38bf8L,0x89397944f2b659b7L },
-      { 0xc77532a18c87fe8bL,0xa5a75677de4c9eefL,0x2e3d873a0e4a1704L,
-        0xe18ff4fcc4d02aa1L,0xd842074275573a79L,0x0fcb532115296dcbL } },
-    /* 64 << 294 */
-    { { 0xbcc88422c2ec3731L,0x78a3e4d410dc4ec2L,0x745da1ef2571d6b1L,
-        0xf01c2921739a956eL,0xeffd8065e4bffc16L,0x6efe62a1f36fe72cL },
-      { 0xf49e90d20f4629a4L,0xadd1dcc78ce646f4L,0xcb78b583b7240d91L,
-        0x2e1a7c3c03f8387fL,0x16566c223200f2d9L,0x2361b14baaf80a84L } },
-    /* 0 << 301 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 301 */
-    { { 0x7a1a522b246dc690L,0xb563cbe14b61ab70L,0x41bb4abe3d4ac4abL,
-        0xc52950b337f996e8L,0x01d991e679727761L,0x35de93bd978fd7d2L },
-      { 0x86bad5e65706d336L,0x10844155e7f26c20L,0x58ffeb7705757453L,
-        0xbb1861293939df77L,0xbfdd394a6a78ea0fL,0x907ff0546e33e1d3L } },
-    /* 2 << 301 */
-    { { 0xa7f295320df93b34L,0x855934f25c14df30L,0xd2f54ce9efae348cL,
-        0x5acb931cac52758dL,0x287b3e18d22961a4L,0x42a5516d748f8fe1L },
-      { 0x1b62b341877224caL,0xaff58db3d30a4aa7L,0xbad78dadbe8da847L,
-        0x85fa710954f18276L,0xe2cc9d287c4bfdadL,0xbb131f762c75f237L } },
-    /* 3 << 301 */
-    { { 0xcdcdd7d703844670L,0x79ec59afb4a23f91L,0x5923c569c00ce5c3L,
-        0x099c17ffc589d0c7L,0x0335eeea89fa6fe6L,0x916bcacaa4e868c4L },
-      { 0xb7037325fb687bd5L,0x57d6bca79853b564L,0xdf3132efd5e26d28L,
-        0x7ed994b8de919cbeL,0x12df67cd6fbbb18dL,0x516e07c06baff508L } },
-    /* 4 << 301 */
-    { { 0xf2ec9ef597e833e4L,0x97bdef9734ec7e41L,0x90e2b2387d2ac6e3L,
-        0xcf682b120318a3b7L,0x7fe76089ea84a7a0L,0x85c489f916546d05L },
-      { 0xf987118f6abdda05L,0x675cf998aa4b95fcL,0x544c7774888a7e8cL,
-        0xbd2647ba63ec5831L,0xb479cea3fd2fe985L,0xa042134528d163e8L } },
-    /* 5 << 301 */
-    { { 0xd93506a4e5947c6fL,0x4340d76a39b81d08L,0x741aee5917930d30L,
-        0xfea3d99a18fdb81cL,0x1088ff6b289bcb07L,0xc6b45602b7c082c6L },
-      { 0x50e2baab453d8d69L,0xda9bf561e893e183L,0x0af25f86b29a284dL,
-        0x0e92e67473e01380L,0xe173a0e32be00e59L,0x402d2f3dada8954aL } },
-    /* 6 << 301 */
-    { { 0xca9cb3890399721dL,0x03ad9f4aa3291479L,0xd85b5df56dee003dL,
-        0xe1fa7b0264a4f83aL,0x01c4cbfdb73f7324L,0x707010d45cf2ddf4L },
-      { 0x3c6df430b12e02f8L,0x921a290185531489L,0x302fc77c91d1022cL,
-        0xc3733ec0342d8f3fL,0xb83bc75f6195a665L,0x4a14b9e7a79f8027L } },
-    /* 7 << 301 */
-    { { 0x9f0e5428e2a57359L,0xc690a3c714998c16L,0xd73c3ca2de37e07eL,
-        0x2ddf91b8dba0bc0dL,0x69d834b27570ae71L,0x2ac8bed4735195a6L },
-      { 0xcd8c51ff3b1fcc5cL,0x7aa8cf4e1ba6863fL,0xebb69e72ae70f428L,
-        0xa29409dfaa9e936dL,0x43f6ee805a332b9bL,0x0de49efac2eab0a9L } },
-    /* 8 << 301 */
-    { { 0x04baa1762310333eL,0xdc75e35f7b9bad46L,0xc4a6031dc6cd6108L,
-        0xba2534d030bf87a5L,0x7ebc6e2131e497ccL,0x8a2a82b4851fd665L },
-      { 0x9ecae0116d5faf40L,0xfa3a6d7f96956ecbL,0x39e8a9c22fa52782L,
-        0x74c93801236d442eL,0x8b21ba23b1c289ceL,0x7f3e221b25c769cfL } },
-    /* 9 << 301 */
-    { { 0xed800e4d08aa4dfdL,0xf524b107d8105bc7L,0x8c4addc9ab07fc03L,
-        0x2b0f038d26a71b4cL,0x5055c471a83d19a7L,0xc6c5ecba27e20a5bL },
-      { 0xdbad26b7aaeaa017L,0x4e3abc20d2493554L,0x626310143a0c15bfL,
-        0xbafcc06798cec55cL,0x9204e17ce6f87607L,0x8f1c10eed9302c05L } },
-    /* 10 << 301 */
-    { { 0x53680ce08afe59b9L,0x36a3cec75665022dL,0xb3a5091654490b50L,
-        0x803d383f0838f0aeL,0x65531a008005ba2eL,0xb7fa6b4a1241a17dL },
-      { 0x9aaec449b17e07bcL,0x19b7d9113d190dd0L,0x79da42457fa5e7feL,
-        0x725bd045598ad850L,0x49f96cc45f94ee82L,0x114bbcbf03850eefL } },
-    /* 11 << 301 */
-    { { 0xf566a287d43a6db8L,0xffb8944b2aeb120cL,0x3e7099427e294c1aL,
-        0xce122b126c31214eL,0xe59b280c2a21282dL,0x03916e2ba01a4fc6L },
-      { 0x56e65da29f5e409cL,0x374d3dfe7f5c3e11L,0x150684fc13967e2cL,
-        0xfbed4f5bdf4bc38eL,0x5973c67182e54b82L,0xcd36c873363f307bL } },
-    /* 12 << 301 */
-    { { 0xcb42c5617c3805d4L,0x0e74e75c3b43a8b3L,0xfd58f864369f579dL,
-        0xf471aa774a3dfe97L,0x2e0dbb51ab37bd2fL,0xc4704487729c887bL },
-      { 0xcb7958a9cff32948L,0x3e36de368505e71fL,0x2232fd2dd38ccfbfL,
-        0x6f3c502042005175L,0xd1280a3e306fb63bL,0xef7abd792e368ee9L } },
-    /* 13 << 301 */
-    { { 0x29c5712d56ffcac3L,0x20307670e1a8e0eeL,0x676a23c26356aea0L,
-        0xb9c17e3f432f15d5L,0x0008512e287c5705L,0x6ae2704bc5f7ccfeL },
-      { 0x6a200db709a13b60L,0x24fb1e9241043271L,0x2e455e9741b766a2L,
-        0xa11ff26fbe056684L,0x3cfb8a64ad9178ceL,0x5786978d5d675b79L } },
-    /* 14 << 301 */
-    { { 0xf4cf2c8e6070a72cL,0x0bd73aecabc3251cL,0x1af44eff17539f67L,
-        0xec3ee99e44e8d8f7L,0xba698f6a279afdf7L,0xe871accfb771d4a1L },
-      { 0xbf92963d8bb0f264L,0x817b1fcfb10716bdL,0xf57580786b23076dL,
-        0x994ff3c535a994cdL,0x05d984e82604847eL,0xd728e292fc9f2e43L } },
-    /* 15 << 301 */
-    { { 0xa44bf023b900b696L,0x1f82fe54037bb770L,0xa6d12f820717e747L,
-        0xf154ac51e3b83029L,0xfbd343128cf3984dL,0x7f734beaa76c72c2L },
-      { 0x05c5b443114548b9L,0x4ce414f396af4132L,0x1474c0b79d080a7aL,
-        0x865827c6497366a3L,0x34760c457816a0a8L,0x6da2474c15d2a176L } },
-    /* 16 << 301 */
-    { { 0x761e10e2ca114c4aL,0xe39d121d894301b3L,0xa0870ff43dbc6fcaL,
-        0x97651286cbe0ba8aL,0x47d46075c0f1ff6aL,0x18669c843abeb5b6L },
-      { 0x1234c80ead8d9309L,0x1ccbe4d51f6f97ffL,0x399a2d41d82ab780L,
-        0x8a03afafde426e50L,0xa2bcb109ca6dde77L,0x840e13b00618f5ecL } },
-    /* 17 << 301 */
-    { { 0x9552a8184929f7eaL,0x514e9ce9acc61766L,0x03159a525a219015L,
-        0x5efeebfa14eace54L,0xe8a3736f853da94dL,0x3a0f334ff45e8a32L },
-      { 0x71ebab39c9dc65c9L,0x6ef37f49d7c24f39L,0xde3d45f8b24a9383L,
-        0x7193bbb80c218869L,0xa1bdfd30c0f7b6beL,0x82b2c4c5c1d9206aL } },
-    /* 18 << 301 */
-    { { 0xf9d9b678b197099fL,0xfa8548c4c15b2bbeL,0xa36f17fbdd2817beL,
-        0xb35597021732d1edL,0xba145100744f3955L,0x7c274633344b43a3L },
-      { 0x9b0ee7c8686b65a5L,0x438eaf4823f0e973L,0x79a658a7288c5019L,
-        0xf6d938c546d04413L,0xe39bf9a6a6cb9853L,0x880d5b83801b70ddL } },
-    /* 19 << 301 */
-    { { 0x8f23f00303825482L,0xc4a9f214a6b35023L,0xf0905573794e7de0L,
-        0x7ff790144dd68979L,0x8d9c14942959beffL,0xdb34474f82282e48L },
-      { 0x423bdfa281fde794L,0xfc31e3e792a8810bL,0x19d316ba8bae4eceL,
-        0xddcf30b7159c1386L,0x997968a38e7d69dfL,0xcf67ae9aa6b21be0L } },
-    /* 20 << 301 */
-    { { 0x877866a3697b4dd0L,0x32a872f4e76481aeL,0x300387bad609cc04L,
-        0xc761ae79d74566d4L,0x9fd3e5bff22e2d24L,0x363ef5bf1c46bc0dL },
-      { 0x121b25bce299a690L,0x7932471dc2d32b7eL,0x7f89692e94bb4272L,
-        0xaf9cc4111a3ce076L,0xaf02ea22ea02e452L,0x43154e581d19dc60L } },
-    /* 21 << 301 */
-    { { 0xd9389e05e25dbe97L,0x3a8689b162b3afe3L,0x4d5556467014953bL,
-        0xd6894c42af5ba9bcL,0x4b233690b3bacaa6L,0x0fc8ad07fc191181L },
-      { 0xcd3a1e4df0764f39L,0x18a47233d79567f1L,0xf0f9eb765f921f79L,
-        0x7f3d814d19d12a7fL,0x5e48cc36ff33a995L,0x9589679b8960331eL } },
-    /* 22 << 301 */
-    { { 0xa2ff78bb477d7226L,0x3216fcc085e04a8bL,0x7c594f81e4c3c24aL,
-        0x075eefaa029d6ef6L,0x5ae51000493ab006L,0xcdfcc6939ab165efL },
-      { 0x50b7eee276073bfaL,0xee52d55b3b60cdb4L,0xc7f7b3af45027275L,
-        0x01d5444ac15b2ecbL,0xdf56f8c12a61d1e1L,0xcf032e7e4992e1bcL } },
-    /* 23 << 301 */
-    { { 0xc8a4dfbf15b6d8d5L,0xcb34e0e4e87ff88dL,0x6dc95befa6ebbff6L,
-        0x2a55ca1372ff2cc0L,0x3c4c0f3c6a62588fL,0xa8de444ece156917L },
-      { 0xced7c4523e55eba1L,0xa109b7949f05820eL,0xa021717e0e6c318dL,
-        0xa0156b8d0b308f5bL,0x3c65ab9daa6634baL,0x1666e650e2839e0eL } },
-    /* 24 << 301 */
-    { { 0x0d27500f9ebe3c40L,0xeb9ac1022b700fcfL,0xee7578f8610763e3L,
-        0x6e56078f47ef08feL,0xa8d03a7f047d04c0L,0x2143606f27cc8aa3L },
-      { 0x6b08eb383b004721L,0x1f505c0dc4e36bb6L,0x6f9b869ae3f10ba9L,
-        0x3bfb9833e500e846L,0x6d975557b9171b1aL,0x7af9cf4f18fa0045L } },
-    /* 25 << 301 */
-    { { 0x35bfb51b3b35836dL,0xc834e59003b0fba6L,0xbe6e17d378937ce0L,
-        0x2f796f7c4daa9aa8L,0xd7896a0ad310eba9L,0xda258ab05ea4056aL },
-      { 0x2d872d2170626628L,0xc9b26d7c2ee433f0L,0xb176220ee72f7491L,
-        0x4869adcd895e9b52L,0xd37540e4d3a6d786L,0x024aff303a86b44bL } },
-    /* 26 << 301 */
-    { { 0x5e78606bd8424b90L,0xc83a5af9ebc9c9fdL,0x8d5b63740b65ada7L,
-        0x4d01d6a221fca70fL,0x8ed7787ba1838061L,0x29901318f4a1716eL },
-      { 0xc4d260527f25fd2dL,0xa66dc0a98b5147e0L,0x4355e26c269d726fL,
-        0x1284fecce3a27644L,0xc9aa6cf7f98e1d0aL,0xa25ac1be3ff560c9L } },
-    /* 27 << 301 */
-    { { 0x5bbb87ded64d103eL,0xcb53a2f24d20fb37L,0xf8a9c2993a46b892L,
-        0xb552910ca793aa9dL,0xd09e5bea51ef0806L,0xb57a0568e0c3817fL },
-      { 0x9ca67c5f4e85598fL,0x04f6361fb0336008L,0xf028231b580afa5aL,
-        0x8d938c0ef2bba03cL,0xa5984c1f894f37d3L,0x62ead7f4af695ac5L } },
-    /* 28 << 301 */
-    { { 0xf897de9213a48775L,0x505e21681b0041bbL,0x9f5533aad598ebb7L,
-        0xd552ae1e1e87b2fbL,0xbb35a6319b736f5aL,0x391ce7dcc3a4c54aL },
-      { 0x4c677d87f90124d6L,0x2ceebe51a9292210L,0x8882ae3133c63951L,
-        0x8222c6482d44c9d0L,0xb97511420d607658L,0x3a999028b85f5997L } },
-    /* 29 << 301 */
-    { { 0x7b23f424eabb3f68L,0xa622a3ba4294750eL,0xb382b118e535b446L,
-        0x7dbab9ee5fab292cL,0xcfabbfb037fe2f8eL,0x2283d7606670925bL },
-      { 0xd18e90715be9d07fL,0xe191daa7d257745dL,0x86d59808df915e35L,
-        0x87f68d5987370b6bL,0x76b9d255f945ac1eL,0xdcf9e8f2dc94ddbdL } },
-    /* 30 << 301 */
-    { { 0x004f1db65b986506L,0x5da683c32b0d22acL,0xf2afd1d85ee0c71aL,
-        0x3b99a78a8f2ad25bL,0x8145d2ffd1c0cb69L,0x4511dc4e4009a536L },
-      { 0x5539e8b8a5cb0c13L,0x4f8fd0186aae4603L,0x15dde4476d2365f3L,
-        0x7cb887f7380df270L,0x815343a6a741b88aL,0x81a085e4bf99e7e1L } },
-    /* 31 << 301 */
-    { { 0x37d0460fd647fbd6L,0x2ccc7b01b9541f89L,0xec0e8826877a1b2fL,
-        0x54d9e611cd462979L,0x016e8458453dcce6L,0x99b5dbed20ea6a24L },
-      { 0x64072ec778550386L,0x279fbd9959d02307L,0x7f2ca27e9183bfebL,
-        0xa191d6e8bb5132f5L,0x2b9f6163ba49ee68L,0x5a58a11fa3ee1672L } },
-    /* 32 << 301 */
-    { { 0x15d47e52ec645a62L,0xabe0ddb38d6d4423L,0x51226a3070cddb11L,
-        0x63a253d32b5a8db7L,0xe8be4d1fbef37d65L,0x41e625d9c0920b91L },
-      { 0x08b713a8d9d040ecL,0x467fb08dc450cdbaL,0xa8975877917ee393L,
-        0x294792e91528cd12L,0x4512dc8c37daf6aaL,0xa83becc9197a99b9L } },
-    /* 33 << 301 */
-    { { 0x1b7bfdb118815b20L,0x1aa602e8629b81b9L,0x11e6df9d199aa5abL,
-        0x1a521728bef9296aL,0xeba3e03b89e127e7L,0x6e69893553dffcf2L },
-      { 0x24355785101615e1L,0x126b4c5282e42593L,0xe344ddd85c23144bL,
-        0xc73a49b3746c0ca2L,0x1ec2432be6f63f9bL,0x6080ba870243120bL } },
-    /* 34 << 301 */
-    { { 0x6ab2936a4c3e946aL,0x8de2e0ae3ab052f0L,0xcaf8c35eea109739L,
-        0x21d69383032418c8L,0xefab535ae7ee60faL,0x1a3a1be794b44fabL },
-      { 0x0842aaa5eb911cbbL,0x789c2b7e0286862dL,0x8bff708715c0b148L,
-        0x71100d79d8d7faf7L,0x47caa89a6dfa0c8fL,0x82385cf44b546332L } },
-    /* 35 << 301 */
-    { { 0x4f5d8c35e4b814fbL,0xe534b7be6a427f92L,0x468fb2819ca1d37aL,
-        0x8c1c86347949961cL,0xf9d00305db0f7f19L,0x77534b3a976f7102L },
-      { 0x94ecb7933f530710L,0x072f6fc7a916827aL,0x9247acdecc926f8eL,
-        0x0d4a8997281d0a50L,0x659712669f353507L,0xd4730a15fde80a6bL } },
-    /* 36 << 301 */
-    { { 0xde68ca25bd37b630L,0xcfa9d32ca899d623L,0xaaeab905937c9ba8L,
-        0xcb261334348ed39dL,0x8d12531fc77e1512L,0xfb7934b6213b63d1L },
-      { 0xc6a6fb0096a13f19L,0xe940f3aac8f88d6aL,0x014c7f95c3d2829dL,
-        0xc33d87e9fff01f41L,0xbf9c3c23c5cdcb4bL,0x8b8c0afe5d5be5c1L } },
-    /* 37 << 301 */
-    { { 0xe4f84bf12aac2c23L,0x5bde1744f823f90fL,0x65ffefbc02d5bbe2L,
-        0x385aff9332a3b756L,0x3813f2b362abfdacL,0xbbb444cb0a144325L },
-      { 0x0cf9d137ec625be1L,0x86b8fcd4c143816bL,0x03f7a9d060ac32d8L,
-        0x0428daf9366165b6L,0x6ef94260d2a806d0L,0x94a100a598134bb5L } },
-    /* 38 << 301 */
-    { { 0x4b68325ca4a34cb5L,0x74f41f7639fada89L,0x34bf397236e593e7L,
-        0x0cc75d461c6179c4L,0xe62d5ba577d711e5L,0x7bec1be7876964c7L },
-      { 0x768f35d13809fc73L,0xfe55a9a57dcf1703L,0x86405336e69d3390L,
-        0x68f5ea2d00bfc544L,0xd4cf822b4834b2d8L,0x77dc1ac22b0d3ad6L } },
-    /* 39 << 301 */
-    { { 0x45603dfa0337f57aL,0x50623184344b6968L,0x3fb9957ef160d9aaL,
-        0x40eef1697c8db44fL,0xa8f394e98bf71121L,0xa55ecf3b86a920f5L },
-      { 0x1f3c1f22bb0822e6L,0xb3c2f21357747a3eL,0xfbdb4465bef56f08L,
-        0xa9844890a46ac73fL,0x3fd564a5bde3652aL,0x008cc1a97c653c82L } },
-    /* 40 << 301 */
-    { { 0xcfebe027ca0a98d5L,0x946b0d9aa8914697L,0x00f89d16725ebd08L,
-        0x94c6f2b07a584e8dL,0x095ac9cc911cab58L,0xfc9c3b499c4073c8L },
-      { 0x265919b0c7233aa8L,0xe6c0c7f474be5217L,0x6db597f1815a70a9L,
-        0xdd9e4a101c5fd35aL,0x38b8e35112d52a8bL,0x5d0ed83f2ef20fabL } },
-    /* 41 << 301 */
-    { { 0x4f47e10a6c96b43eL,0xe406ab39f3d744deL,0x1caf45d83c893b01L,
-        0x4f089452a7582ea6L,0xc02f58cd62b5a868L,0xf6532017c2a9aa7bL },
-      { 0xf0d8bf6f32b01bf2L,0xfeec5f68a97246f3L,0xb2ead70a1aa7c238L,
-        0x1a1d6f77ad83e05aL,0x4b7110533dca7e9aL,0x44a89fb85f96e5adL } },
-    /* 42 << 301 */
-    { { 0x86a7ebe0f02461f3L,0x6a7a9cc6862282c9L,0x7f8857944a97e48bL,
-        0x191244cd20662db2L,0x8d85175183489311L,0xfbcb17b0f934c1fdL },
-      { 0x33b4d86e032a7bb3L,0xa99864cb573f5c28L,0x49fe8e799c4f12cbL,
-        0xe34c32e32c8bb49cL,0x5888421e962d6d9bL,0xa317c2d1bf1be44dL } },
-    /* 43 << 301 */
-    { { 0x3454c424cc1dcbbfL,0x67e61434aac98717L,0xfecd8125cc2d3044L,
-        0x2032be70df7f8891L,0x04c5a0c81028059cL,0x6563dc8c76ade6b7L },
-      { 0x9ff3815192f460aeL,0x8c2c3c632d54785dL,0x1fa99d8e43eabf60L,
-        0xd75d9559383be317L,0xc9ef068e3dfc908eL,0x2217c8c1959d3e6cL } },
-    /* 44 << 301 */
-    { { 0x5828d71bf2e5f345L,0x8b756075929fe375L,0xca625ec12c43a6d1L,
-        0x08cd01f53b31e127L,0x56c622619cfc1be2L,0x093ea207b3a6caeaL },
-      { 0xdf53b20970b42dc9L,0x2d2dfdf2235f4aa0L,0xcaac3b3598786c94L,
-        0x1ce1f893b4998150L,0x40341c41526a98bdL,0xef39e97eedce5288L } },
-    /* 45 << 301 */
-    { { 0x08cd60d461ea4256L,0x8031748b9461f861L,0x9c96e1f9019c7908L,
-        0x7e6e08f4e46bcf7dL,0x8e8408f123ffa986L,0x0bee857ed467288bL },
-      { 0x702fa8536e36fcceL,0x3bb25fa905a89edeL,0x642105f4e96866ceL,
-        0x6a5207cc16e37536L,0xcb6a96d1372a3e06L,0xb1c7c85a1da6bc6dL } },
-    /* 46 << 301 */
-    { { 0x0bb97497a97a3316L,0x9416659ce402a800L,0x79656970503a2314L,
-        0x0070a7eef8007c50L,0x8093cd4372624892L,0x4c0ee444f9b96830L },
-      { 0xc7c10b9fe300c49bL,0x97f5f90a5f7baf99L,0xf04a5a7cfaa064deL,
-        0xd5b01fa6b0c111fcL,0x4d12d6fb65d8a2b7L,0x807a381c27770e2fL } },
-    /* 47 << 301 */
-    { { 0xcd1aeeb43b6a9c22L,0x7fbdc6c19d71dcd0L,0x9bb43b6e6221669eL,
-        0x1b76f2bf526f8a00L,0xaeba54302efdf661L,0xe1f623e745537bbdL },
-      { 0x340966ae067c5f4aL,0xe2cdb27e4799b2aeL,0x9aeec5989b8458e0L,
-        0x1d0588487655b632L,0xa5ffe5897abd70b1L,0x84db43db6721054eL } },
-    /* 48 << 301 */
-    { { 0x3b21dc1f538d92d8L,0xc80b22b3c005aa86L,0xf536e5d30da87d65L,
-        0x4ce10edf0cd999a0L,0x8949181450e08f5dL,0x77fd8f2e526647e6L },
-      { 0xcb207ee9250099fdL,0x03c7d1abfd6aa078L,0x7d4940d225e0cf15L,
-        0xb688b311067fa052L,0x89308326a98b2e21L,0x3ee4cc2b72311eabL } },
-    /* 49 << 301 */
-    { { 0xec49fc4e06d255b2L,0xabd0c002fb309d28L,0x97490ff08c601c3cL,
-        0xe17102fd58042cd6L,0x861411f11416ebc3L,0xfb31ce455c6c630cL },
-      { 0x0a24d561c6cc5e9bL,0x80bec25c9a7c1524L,0x8003494fbe53e50dL,
-        0xe89b75e28633c559L,0xafb1f6d6763b3360L,0x0e7e58c52bf70cd3L } },
-    /* 50 << 301 */
-    { { 0x72322d26aab6c9b5L,0x953e43d0070d7d08L,0xe2dd5444954645c3L,
-        0xc5de051cb276ca86L,0x195d454439158c74L,0x26e2cf9fb90a8f97L },
-      { 0x774baec15b217a76L,0xdba4bc63f94172baL,0x96ddaa4022e20037L,
-        0xfe1ce4aac111af69L,0x6f6d3c428ad6dacaL,0xe59257d8376cdefeL } },
-    /* 51 << 301 */
-    { { 0xf2cabe73184d44ecL,0x4bf744d60bb08687L,0x10cb9e9209865d58L,
-        0x3a63fe414ea221e0L,0x8f595e5892961becL,0x1b8ad036855d186cL },
-      { 0x75dd5f70086542abL,0x8b357e087bddbb6bL,0x22de89f06e829a06L,
-        0x44ca8b64ecc6cc26L,0xd02fa871a5ddebb6L,0x6adf1d0c6a60a0e3L } },
-    /* 52 << 301 */
-    { { 0x0102775982e4f5c3L,0xac8eac172c014fc4L,0xa0cd26e85bd843eaL,
-        0x9b0431ec056d4b1fL,0x89df7db58eb9c55bL,0xf17f917298fc9b9eL },
-      { 0x2cf1e4a78e6b770fL,0x0d6ef9e2b842fe52L,0x40b4ddb76c578172L,
-        0x6630657627533b9eL,0xf8d8661eb50ce390L,0x6ceba0aa16577df7L } },
-    /* 53 << 301 */
-    { { 0x6dff66c19ec8ac93L,0x6261295bfdf6fe7dL,0x9ad1536fcf9fbbb2L,
-        0x5cfa30a92a6d6d31L,0xb3bcf1b0296224dcL,0x42e4b410608371daL },
-      { 0xd6bad6dac32945fdL,0x0fab7d1dc0c031a1L,0x054df9599b192d32L,
-        0x29830094ea78052fL,0x8d73ffce03f2ce45L,0xc14c7012f9d840ebL } },
-    /* 54 << 301 */
-    { { 0xdf74522e74ce5c21L,0xf864cbac930c4b92L,0xfe0d2358eb0fbe9cL,
-        0x10b31736a5cf765aL,0x185bbbe96a9c95c6L,0xcb14d694e5362993L },
-      { 0x3f5c921da5332e61L,0x0820b32bd244cc98L,0xdaf09f24d7c32062L,
-        0xb2241c9ad5959a1cL,0x16bb89a3226127ddL,0x0b46e3f03723d04dL } },
-    /* 55 << 301 */
-    { { 0xa38b1a796975230aL,0x25c6db8c3991b5ceL,0x0d89c3fe9c1bf52aL,
-        0xe186e293cd8f9f8cL,0x777bb327e6ec37afL,0xa974132a0ae31c7eL },
-      { 0xfb9918305c50f089L,0x4a653d6999497954L,0x5055c690774e8a26L,
-        0xf94ffbae3815d67aL,0x99d74f5e74ea4481L,0x3b352a327d477151L } },
-    /* 56 << 301 */
-    { { 0x2a62804172fb61e9L,0xa9bfa73ab13d053fL,0x4a2cdaa3c647fcb9L,
-        0xe1a9e91f4952d3a4L,0xbc1b3d8011e2e2c3L,0xe58ef59c18e4340eL },
-      { 0xeb8696ff1cf859b8L,0x5b0f5cc4ee918cf4L,0xa471d6ce6c1e905cL,
-        0x4e13d6091ed2e8cbL,0x52951509c77c8c91L,0x0926dad8e234884eL } },
-    /* 57 << 301 */
-    { { 0xb168a6c36e3aa3d7L,0xbd0086ea5ad9142fL,0xbc4da0293c24fe23L,
-        0x7ed3b34808b90de6L,0x7a7a2259e33b0df9L,0x483b389c9c3a173dL },
-      { 0x02080c626334a061L,0x61944965b020cfbeL,0xece528e9ede88ecfL,
-        0xcdf3e2fc99389758L,0xb21470cb7a3fb92fL,0x717cfbe083937e21L } },
-    /* 58 << 301 */
-    { { 0xfac97f2910e3e93fL,0x1505c7d2f1101b88L,0x7cea978823bc0d11L,
-        0x27ead95d45045667L,0x711bc4dcd17ea199L,0xe3f93fb522f3142dL },
-      { 0x31b05e6ad7233d64L,0xac28e6c154e7c9d5L,0x892b6366716d273cL,
-        0x1622230470da8a48L,0xc85bbe6070d560b3L,0x555e6de987fd38a0L } },
-    /* 59 << 301 */
-    { { 0xac593f746ed50680L,0x89bdeabbcb01cfd3L,0xfa43158ead35524dL,
-        0xb2393726e8d66ca0L,0x248c67c2c36bb495L,0x27d4b0b85c933625L },
-      { 0xdbb1364a78c8bb4bL,0xdcf4b1e13486ef0eL,0x554f95cec498b2c9L,
-        0x2b76da29811a2329L,0x750c10271a10d941L,0x07045eae375b01b6L } },
-    /* 60 << 301 */
-    { { 0xd3fb9bef82621500L,0x09b18748f0f647a6L,0x186bed054c357e73L,
-        0xd58281f0a85f3174L,0xdcf2e0bb91ded0e9L,0xe77faad126894faaL },
-      { 0x6843c160bc3a3c4bL,0x7f8058944c76592dL,0xc53be0883ec05e95L,
-        0x318d8ce7cce0c822L,0x6d615f1b4c761dbaL,0x0115824c46ff47e0L } },
-    /* 61 << 301 */
-    { { 0x1815391cf8d0b74bL,0x903ad8fd797625dfL,0xad1ca24d3983100eL,
-        0x0883fd415572ff15L,0x0e9e572cadeb4e56L,0x800bad6f7d0e25c4L },
-      { 0x52a394b44c7e2f03L,0x5150c01398f2c416L,0xf4ab35c68ce503c4L,
-        0xa0ad209a41b4beeeL,0x050c52c80189706fL,0x86780a924049e913L } },
-    /* 62 << 301 */
-    { { 0xa398529c74ded2a1L,0x5e7248f52d7ea6e5L,0xbeb250bc28c2225aL,
-        0xf7068fc0b40f4843L,0x62098aed839b7290L,0x947087e293ddfec4L },
-      { 0x81ba8c8824d71004L,0xa877f443bf4813c2L,0x3cf5f473ca4751bcL,
-        0x2533890e633cc635L,0xb358f7781e6d9465L,0x50693deaa7801dc7L } },
-    /* 63 << 301 */
-    { { 0xaf306f56cbebedf6L,0xdd733be7837acb84L,0xc767237afcff0b9bL,
-        0xdf948f12e555bee9L,0x86b85657826dc76dL,0xa4bac032e702b1c0L },
-      { 0xdf3544bba81bb117L,0x69c20dff34f4f0aaL,0x846b78577050d98dL,
-        0xde0ef0403c70120cL,0x4483872c12c3bd64L,0x870b758550acebacL } },
-    /* 64 << 301 */
-    { { 0x37be5d3f68d7dfcfL,0x97bdbd49b945e6f2L,0x165a24b59d1569e7L,
-        0x254aaf59b4e293abL,0x3c751fbd6fb7c0a4L,0x14eda4ba5018cb18L },
-      { 0xacb3b8971b5f6aedL,0x6d10be441e4b6b78L,0x245d7258621df6d7L,
-        0x2af0e283185f0e2aL,0x1e7edc818fddbd81L,0xbd1e6c72c538d02aL } },
-    /* 0 << 308 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 308 */
-    { { 0x6858b674844626a2L,0x610cd40f0cbba6a6L,0x324e674e29d9194dL,
-        0x2dc6fdf6dcb30a51L,0x3f3ecb77528aa549L,0x0721f8f923ffaa92L },
-      { 0xd8efcbd627a77538L,0xf4e642bfd6162c9cL,0x04f2b0b74cf4a16fL,
-        0xbc0bb49fbbf335fdL,0xc6b6e5bd5a928c36L,0x981b01f4d893dd45L } },
-    /* 2 << 308 */
-    { { 0xfb083c2af810465bL,0xb66a8de902ce0deeL,0x6e4130e747a81b95L,
-        0xcd704dc658a98737L,0x842ae329592829c9L,0x99bedc34be20dd63L },
-      { 0xabee8e55d53b2df4L,0x6ce657586010b37cL,0x781f39b2467112b9L,
-        0x6f06058fbe341038L,0x5effdca512a2f8beL,0xaa9bdad7af34466eL } },
-    /* 3 << 308 */
-    { { 0x3933b4c1575782aaL,0x610d3ba25c66e501L,0x52fd3c0f0b7e019dL,
-        0x7f8e5ddfa48715d6L,0x0879c5defa39be53L,0xe32c886c56f01cdcL },
-      { 0x71b2dcbb1726779cL,0x6caaff052c6aa84cL,0x6af94846640b2d74L,
-        0x78a10710049a2cbeL,0x41a1ce67ac2ab0f1L,0xd160b7faa76d8438L } },
-    /* 4 << 308 */
-    { { 0xab86639e9c216137L,0x45a12fb882b18d64L,0xb5734418d763f0bbL,
-        0xd2cc332211a9802cL,0xe41d7db881269b8aL,0x91072fc12ecfa355L },
-      { 0x59d6912504ce306fL,0x916d9d4da131b86dL,0x84478b6b8a739738L,
-        0xe86ad7d91cc83ae3L,0xbc9b2084797ccd97L,0xc1e94af4694944c6L } },
-    /* 5 << 308 */
-    { { 0xbbb6725b5c82c857L,0x72c66c3f140b561eL,0xab65dd0664bcb2d5L,
-        0x755e848a780d5c1bL,0x84e6f686a3a61e6eL,0xd84bf486bd100b4bL },
-      { 0xb34fdf846354e899L,0xcbc312da55ec5654L,0x3c2cc881f9a125f0L,
-        0xb1fcce564aeadf8eL,0xbdfc54c0c46bf0c2L,0x11d7ea4f09d281beL } },
-    /* 6 << 308 */
-    { { 0xe1aa844b1601940eL,0xd22221821797e84fL,0x3025aba65ddcb5d1L,
-        0xac8cdaba38009c6aL,0xb9ee07b46e261ee5L,0x84069bc106ab8430L },
-      { 0x7a36b46278b9b112L,0x2d91ed2c08e77879L,0xae4ef469341275a1L,
-        0xf7cb393f1c7cf858L,0x83c00eafd192af3dL,0xa81697a7a1e15176L } },
-    /* 7 << 308 */
-    { { 0x687d0980f9bfd795L,0x9a7539377ad882bcL,0x641407fabbcde5b3L,
-        0x12ec9d216ed103a5L,0xf858c7851fa6ee22L,0x329b61bc818f2c11L },
-      { 0x4720d42ad9d48b30L,0x3f61c66082a66766L,0x99aff25533723e4eL,
-        0xd6c67ce3d3260b62L,0x63a6fc9d86391c33L,0xc002433a31de2381L } },
-    /* 8 << 308 */
-    { { 0x585edee3895c0318L,0x775e142f45e8205bL,0x3bd7924fd85ad31fL,
-        0x2e7d8f919124bffaL,0x885397c044c62868L,0xc0c2dff47fda9f5dL },
-      { 0xd302582ec14e693dL,0x53d6e33a6cec31baL,0xb0216b5b63653c06L,
-        0x8f08a1ad9c70dad4L,0xccf014aaffbba93dL,0x900b0d2ca33f12b7L } },
-    /* 9 << 308 */
-    { { 0x4960ccb6e9824c45L,0x3c5a9b74c7e4cd06L,0x1e78cdfe37cfec62L,
-        0x8cd49ca80da56a05L,0x5ba51217dca05707L,0x0d1f6e459d66c960L },
-      { 0x7178089467f9c82bL,0x342e4a5b18974c55L,0x16263f18f9b32fdaL,
-        0x844b5a02935b3636L,0x9c5abd51c139ea58L,0xf54c69428beef953L } },
-    /* 10 << 308 */
-    { { 0xbe51552d6d2dedd1L,0x6bc86dc1cd997093L,0xc9b600c4418f03b8L,
-        0x4ea4e857e7a9208aL,0x7aac3d96883b639bL,0x4127ed0735d2f4bfL },
-      { 0xf5f6310d76bd792aL,0x3da9b6a5fa223d0cL,0xd75f88075a041b79L,
-        0xf3261457e4dd58f6L,0x4f0f5b18b0d9a51bL,0xf5aeedc1b8c84f9fL } },
-    /* 11 << 308 */
-    { { 0x1e08d6a81375620eL,0xed9a4fbae1f62c24L,0x0d3bb90381ab5de2L,
-        0x885781f0df1b6a13L,0xc3fb9f97e1c7de7eL,0xf12e4bcf9372b033L },
-      { 0x9bc3cf4dd5868448L,0x89465649552016adL,0xeea40cf92a8b2c23L,
-        0x57d720ee3af98886L,0x97b14c0b72db853dL,0x65d10f42f23504deL } },
-    /* 12 << 308 */
-    { { 0x0dd2395e9b8cfa41L,0x50e203abd4f92a44L,0x7280aff16630023bL,
-        0xfcce59dc07de820eL,0xa686be05bc8189adL,0xac4b59bfaac70b7eL },
-      { 0xd2c0070e7a3c71acL,0x1d550add35ac1c47L,0xd42b6389fb881c1bL,
-        0x57ca3fccd0dafd42L,0x909e8284be26ccc9L,0x1abe7595a002235cL } },
-    /* 13 << 308 */
-    { { 0x02562f1c6b1878daL,0x52a2cd069fce0ee6L,0xf25b35bdeb16199aL,
-        0x0320c326a75fb01eL,0x2006d7587de2d46aL,0x6f9d0e256842b459L },
-      { 0x70a89562a68b5482L,0x9653726e1ab35865L,0xbda3cebbd8f849adL,
-        0xe2f8d9e60b6fc51dL,0x9c3fd51246104400L,0xbbd260c9bab5d34eL } },
-    /* 14 << 308 */
-    { { 0x1f5094703cbc1df1L,0x9f752a663f962634L,0x98089d2ca2435048L,
-        0x05256acb0e755318L,0x91a21f707f3845f4L,0x473ac1e0d68c8fcfL },
-      { 0x57ee51417f2ff0c9L,0x959a84f32013c48bL,0xe701f13c4c111ee5L,
-        0x70219eee86db5763L,0x385f890cdb0782e5L,0x81fb64b2fea04d2eL } },
-    /* 15 << 308 */
-    { { 0x61b4bf7eeaa07bd9L,0x49832879afe544c0L,0xf788e97f54eb4d80L,
-        0x78351b41338af327L,0x3a631bba77cb8057L,0xeb9a6f23f218e4ceL },
-      { 0xbd4a0dcf025b6453L,0x2aad6a467b876222L,0xaee94361215c42cfL,
-        0xf8d1fd5de496cddeL,0x3c3af08022d0fe06L,0xb3d5dde0d09cc3f7L } },
-    /* 16 << 308 */
-    { { 0x1e34781aa6a1913dL,0x9a8f32287d0adc38L,0xfc185ccc28af85baL,
-        0xc923d78b3ae9ba11L,0x7d494d7ea7bdb313L,0xf774dfa5af8f8b87L },
-      { 0xc178ccc116e863b8L,0x2d472f2aa8899691L,0x608747cc80a50372L,
-        0x8147aa90e6f90197L,0x4683d4c978c2f216L,0x8323652c552f3b51L } },
-    /* 17 << 308 */
-    { { 0x7d6bff984dc9149fL,0x79879e1f499b443dL,0xf4ec65232aff2a1dL,
-        0x6cf3c97f27253aa1L,0x95b9471eefe6f72cL,0x3959bd816c8457daL },
-      { 0xe2870635cf112073L,0x84e44933ec12174fL,0x67a592deedf434edL,
-        0x0c93cdae2897d0e0L,0xe344ecf463c89730L,0x28098b7567a1133fL } },
-    /* 18 << 308 */
-    { { 0x62e96dc7a12a0cd8L,0x09d7c6f0f02a3d87L,0x9d9fd51233f8929dL,
-        0x1231952dab376555L,0x6ef6823c8e3d2d63L,0x7ad2e5405a01c12fL },
-      { 0xd1bfaec479af6fc8L,0x4555fedfdad97daeL,0x0e6d3f0155750bdeL,
-        0xd37ed9f0056f6128L,0xf1fdf91c65fe6ff7L,0x3ece19ae92d05e43L } },
-    /* 19 << 308 */
-    { { 0x07d2075e750fc5d0L,0xdc2b03f6a07ca45cL,0x0248d87552efef7fL,
-        0x2dfdaf3f744e727eL,0xbef861b8d9b2bcacL,0x5e6363f0baf394c7L },
-      { 0xe8f23bbec973934cL,0xb43d619a50ea324dL,0x2bd5e0075842d6cfL,
-        0x5c5af62217646e90L,0x5d95d8fd222ec05eL,0xc9adabb45bd67c31L } },
-    /* 20 << 308 */
-    { { 0xa5c08e8bcc2c9a2aL,0x70e1b4058baaf0fcL,0xf29e1e5c9e36e50cL,
-        0xa3d9080080f258c5L,0xc9ceac25ecad4498L,0xcb73130fca32f3feL },
-      { 0x2dbe620c48b3863dL,0x8c52727f14ff53bfL,0xb60b22a86b45e9b8L,
-        0x81e05bc0f6483c5dL,0x217caa6bcd542972L,0xffab716afa780778L } },
-    /* 21 << 308 */
-    { { 0xaef1278b0ba5a344L,0x253be7ad2d0c3947L,0xce58bf0fe5408f09L,
-        0x867b0d6fe21228f4L,0x815abb5dca61e691L,0x0da28f58f3e94434L },
-      { 0x5b0fd178ca4cee2bL,0x8989604240b13224L,0x8e2fe19616c251a7L,
-        0x7b3381cb11b17162L,0xc73d96a427ef2c0dL,0x76b7fcf36899c135L } },
-    /* 22 << 308 */
-    { { 0xcaee3387cad8b585L,0x58446c1ad59d8777L,0xb8755fa540888d8cL,
-        0x7868510654428813L,0x7bd21629136e2b59L,0x249903a6998254a3L },
-      { 0x2cc73a751f8fd813L,0x4b1a64576d4f3a70L,0xea2aa620b2e7a0fbL,
-        0x77c8cb98202f6ddcL,0x68ba9d261e3851cfL,0x936fe8cbfe02e6efL } },
-    /* 23 << 308 */
-    { { 0x8b84121bda75aba3L,0x4440272d74602c33L,0xb8110b2a1e8a8ab0L,
-        0x4de462e9391cf47dL,0x9173d756519b9ab4L,0x3df52d13ba8d5dc7L },
-      { 0xd7a822eaa418b01fL,0x58be2b076585f7d8L,0xaa814fde00fb449fL,
-        0x6b8260fc7da43c5dL,0xaecbfb442351ba9cL,0x9cbe3d199f8db60aL } },
-    /* 24 << 308 */
-    { { 0xe5d3e0d80d7410d6L,0xcfa9ed742be432c9L,0x60044434a85a0686L,
-        0x93b357166ad6918aL,0x1a3c3e6d051762beL,0x80813589b0ab32d6L },
-      { 0x64214b92aad403fdL,0x684befc14d3fb746L,0xaca5a51479515046L,
-        0xacdba03472e84485L,0x61aa2834287d9e97L,0x07a515a5cad222e7L } },
-    /* 25 << 308 */
-    { { 0x8f631b17bc04e9c5L,0x017527212c515161L,0x4358d8e9ee7769a5L,
-        0x18f0aed0b59dba1bL,0x035c6bb644973218L,0xa49a4cbcfb3897e6L },
-      { 0xd2a0b7505841ab18L,0x8fe952dca6d2d43dL,0x2d30add69a71d0ecL,
-        0x0cb84c402c5d440aL,0x33f3cf7c7c47846bL,0x88703c65bc8e8b3dL } },
-    /* 26 << 308 */
-    { { 0x3c3db9419474059cL,0xcfbf13ad72820ae8L,0x3f84300c51c37d62L,
-        0x0f78adc45529d333L,0xa19be46482e34cfcL,0x9ed07ee011c98376L },
-      { 0x5113e660b5b6f6beL,0x56f2d2b37a5bc818L,0xd99290c61c2c822cL,
-        0x39c026b8b27aafceL,0x8692150b12ef7c76L,0xa55426d1c6de9e16L } },
-    /* 27 << 308 */
-    { { 0x889aa8ee3465358fL,0x5885ee29afbefa70L,0x05f9dbd290b6ff58L,
-        0xc74be0d09b5e02afL,0x4b7da27ea6b29d44L,0x2ad60aefcf68eeddL },
-      { 0x2ba942b3388c81c5L,0xda8badcc368e2e62L,0x33e95ac87a9e8511L,
-        0x37453bbae72008b3L,0x3e1f181195eceea0L,0x719f550c7b19a417L } },
-    /* 28 << 308 */
-    { { 0xb03093068af19670L,0xd784125a34c6bf0fL,0x0b425ee0255a8396L,
-        0x91076433fb541162L,0xc4d8188586f47a0eL,0x3b767d54fd7bc7c1L },
-      { 0x98b405d3bee196e9L,0x4ef9c511edaccf4aL,0x5a6deb6503f4f1a6L,
-        0x4a22ca641b4c5104L,0x2cce36679145ce41L,0xd05187523206810dL } },
-    /* 29 << 308 */
-    { { 0xa5746e07f7e11342L,0xb50e390f2e2ddca0L,0x3847749bcb288bc2L,
-        0x6ff43ec646ee679bL,0x343b3fe2c5257b02L,0xc0f57f509b823eb7L },
-      { 0x5ce3d2c8aff42c7dL,0x984c9b99c3c76f3fL,0xc8559f58b8823b92L,
-        0x883ac8064ce4338cL,0xecf8aac3389d8ebbL,0x9edaec10b40bfb16L } },
-    /* 30 << 308 */
-    { { 0x0ed8a07cafb04e5eL,0x7e95ed898f6bc911L,0x6a4ed37113dcc222L,
-        0x9aa3a43296f07c7dL,0xe819a80b9b338e4dL,0x65fc2778278f53b5L },
-      { 0x788408e9024163b3L,0x159de8bb7de54f06L,0xc953e21281239dccL,
-        0xacb5ea2c6dd62ce9L,0xf56ac93b753f4ab3L,0x2a1a09b5eacc39a6L } },
-    /* 31 << 308 */
-    { { 0x89dcbf021c5f4cb9L,0xc0fbe7ce210f98ffL,0x3dc3c743b897cdf2L,
-        0x931f9dbb5d02c43fL,0x0ea9f164f74db981L,0x504938874af9f53aL },
-      { 0x86bd3ed62531b8aaL,0xcc1fb6dddcfca2a3L,0x24b0cbf2b97abaa9L,
-        0xd81ad35c9073f19eL,0x4dde5dc05db7fd5cL,0xce410880e3ac9b63L } },
-    /* 32 << 308 */
-    { { 0x29d81538037bebadL,0x76e52c73d9e0b78cL,0xaa4ace6e8783d1fdL,
-        0x9c14ebddf0e3c126L,0x0eb1c08d6eca4b71L,0xd10c6b961c91df35L },
-      { 0xdb8119bbe81bb84aL,0xf784d3c117e3ceefL,0x053c916835436f81L,
-        0xeb41ccbb9b18d212L,0x93b3fb43b1bc3497L,0xd85a7c758c1ced81L } },
-    /* 33 << 308 */
-    { { 0x90b606b2fc9958e6L,0xd39965b6f94234b9L,0xf4a86f1676f4dd03L,
-        0xd6a7ba54470f0f7aL,0xa1b85c0ca86fce7fL,0x2b50f14e574c4cfdL },
-      { 0x4aff867d80e783bcL,0x031092eb61f78fc4L,0x8ad0d7486fe0af1fL,
-        0xb56b1a1a0cdfa574L,0x586c916a56466e12L,0x427e5946d09a9d1bL } },
-    /* 34 << 308 */
-    { { 0xdd0e3ca276d1b2e5L,0x07dea7e48b4cb3a6L,0x62a63cc7fc4a0f0aL,
-        0x048478ef5ea2eccfL,0xa77eae472e34c1a9L,0x7a2120751bfa5dc6L },
-      { 0x0c1fbbecabc233ffL,0x6255fd91dee18d7fL,0xd6da39aec38462ebL,
-        0xd86bc3194be435f9L,0x23567d64291c606fL,0x6b85038af67051adL } },
-    /* 35 << 308 */
-    { { 0xbe79e1b1eef4ae7cL,0xa45668dc42fb7357L,0xcdb3b3ee2d497a36L,
-        0x6ef724e6c5f8d861L,0x7e8834523802a324L,0x641b3a81aba90442L },
-      { 0x13bec555ae4c2544L,0x340d34f927d172ceL,0xfcfd933bd92f558cL,
-        0x57d8e300d5a669bdL,0x9f745ce71883049bL,0x19690a31e261f9ceL } },
-    /* 36 << 308 */
-    { { 0x004105c3811af84aL,0x01307934a7934a0fL,0x179fd49b9b3226a1L,
-        0x195d9e5cde6834b4L,0xfbb79dc00e6051bdL,0x354273ed367f4487L },
-      { 0x4afa9d4574fb892dL,0x03ae905ea1b7f3bbL,0xea32cd5d592f6122L,
-        0xa758eed2f1103301L,0x9dde4238c59d1cc8L,0xe2760bcc51022a42L } },
-    /* 37 << 308 */
-    { { 0xfed7077b7a7134a8L,0xe65b4eaefe0cf05aL,0x130de76be626841bL,
-        0x499934ca300117fcL,0xce74885d4e186b5cL,0xd352d0d2029bee7bL },
-      { 0xd86c448c857a38ecL,0x8139eb50a956da9eL,0xa036de4a93ce7131L,
-        0x3f9eba375041c9d4L,0x8c24408e548f74fbL,0xa74053fde942bf8fL } },
-    /* 38 << 308 */
-    { { 0x64cb00f586ff10acL,0xd1eebc4c9cbba8d8L,0x427fad8af3157125L,
-        0x9f8eb84cf7523b0bL,0xbdd082bf2e6dc29cL,0xfe40623823d3c315L },
-      { 0xad5df7fb546d9dd4L,0x83cadc4b8e42f3c7L,0x7c90502c36876485L,
-        0x4f33eccda35bb6d2L,0xdf7571383a79b9baL,0xd250b7d2e6ddafaaL } },
-    /* 39 << 308 */
-    { { 0xa52a7595504417a1L,0x540f70b014683af9L,0x5f0d1560f27a9620L,
-        0xccad06444b2147c9L,0x92223275e52c8eccL,0x30d6b52b7cfedb7bL },
-      { 0x2161f8bb9bb5b844L,0x075b9db87033586cL,0x5748d512c8c5189aL,
-        0x95d76a950f0aab91L,0x91f85aaed0ce9c56L,0xeab8cd9b8434e695L } },
-    /* 40 << 308 */
-    { { 0x54f84d70d377d7b0L,0xb745d1903344bc4eL,0x1c693ed08f33aa53L,
-        0x990ed45f8bfbee7fL,0xad620c9fe9b258fbL,0x465ccb101a54bf46L },
-      { 0x5330a0d3ebc40951L,0x34423e8ca405da61L,0xeef1ce78b83043b6L,
-        0x99678f22ac06d182L,0x9213f57d1802f14cL,0xf8549616adf11fdaL } },
-    /* 41 << 308 */
-    { { 0xc6ca95476c66fa6eL,0xcae41345bdd5b16dL,0xd72a41a4ef022783L,
-        0x810f4615b2d5154aL,0xfddc469e6d333af9L,0x3154ccbb02d2bf38L },
-      { 0xb33d5c59fc1a0bdfL,0xd8c3f8743c971fb3L,0x5e47ec01114e68b2L,
-        0xa440a83fe9baa164L,0x353d01c397c26b35L,0xfaabf5dff03b7672L } },
-    /* 42 << 308 */
-    { { 0xdc2a97651e22de2eL,0x91eef436b6cd3b6dL,0xff099200f99ac721L,
-        0x20faacfed4f89e8aL,0x91bb24373fcfe45cL,0xb7a152897b6d3ff6L },
-      { 0xfee966c0ef94332aL,0x944728473c81b942L,0x831d36dfab1a553fL,
-        0x244bc8393023cca1L,0x3f4a49d57e7be940L,0x4159aa9d7b71c0e0L } },
-    /* 43 << 308 */
-    { { 0xfc25fcab5b16ee64L,0x44f807e06841acd2L,0x5f43cfedf59c3f06L,
-        0x9279c8110c5b59a7L,0x825df117194b80beL,0xe2c18880d27d6fa7L },
-      { 0xc9aab2e66a333721L,0x1665b6f55b034c1cL,0xf28fffd13df9796cL,
-        0x23caca87bbefb8a2L,0xfc556d575f7510f0L,0x41990ce8552dafd0L } },
-    /* 44 << 308 */
-    { { 0xf31796d2b6e392e1L,0x199d624893b3395eL,0xef14c7c212f9b763L,
-        0x721ebf2143edb7a5L,0xa40b88945e96f3baL,0x8770608c4cff8394L },
-      { 0x990c99ae8d0def0eL,0x292b26dfa15a5649L,0xa98fda2c91ca89d7L,
-        0x916cb1b4973e5f5fL,0xa2823f13a72de0bbL,0x415f7bd28cd3219dL } },
-    /* 45 << 308 */
-    { { 0x5cfde16a9fc0e90fL,0x61bda4caac6c15d3L,0x5935e48e2a79d928L,
-        0x31213c7c82f986eaL,0x170dc539bcc4c0dfL,0x2e0d29406f11823cL },
-      { 0xd2dbecac80fe659eL,0x98b7f46b8399d8b8L,0x259f975abb204589L,
-        0x65f3073cd5c52a46L,0x0f4c007805dc7fc4L,0x16c49d403031a8ffL } },
-    /* 46 << 308 */
-    { { 0x95705b15359816d5L,0xce0c4379d0641ed7L,0xb3f0d8321e8a448eL,
-        0x8bea060873e2d711L,0x5a85fb2f6a040c03L,0x7c19a2185bcebd4aL },
-      { 0x2b10a87aa31cffddL,0x4fc728fa9a5814a2L,0xedabb0dc63bdd2ceL,
-        0xdb90173f96bdaa40L,0x543c4f01527ff659L,0x5dbff7ad0a33b251L } },
-    /* 47 << 308 */
-    { { 0xeef30ea55e636f5dL,0x8df2d4040bccc4ddL,0x8b0d6f35ef1afe9fL,
-        0xbd288e6ef8f86f6aL,0xbc68817ebda45411L,0x8a6f50070faf9e7bL },
-      { 0x6158c57a53d4050cL,0x6d5a3af165b2252cL,0x10f62839f450886aL,
-        0x8b9ac19b1df85080L,0xc160c1567553ed58L,0x2195ab29cb449cd9L } },
-    /* 48 << 308 */
-    { { 0x521f4af73ed03d5fL,0xe3461f66eaf9064cL,0xad099ab7ae03777fL,
-        0x541cadcdb65f73ffL,0x53430463a86059b9L,0x8ff88fe5043e9f82L },
-      { 0xd515f4c7e42cde45L,0xf7f3dec3f41c3269L,0x7bed53567ef1b8ffL,
-        0x8782b45f1295b5feL,0xab54ebaa03917627L,0x8516beb28787ed9fL } },
-    /* 49 << 308 */
-    { { 0x24b2b95b113940daL,0x8c24d8d3f9c6e6d1L,0x7c584170eddaaf29L,
-        0x249267171efd01aeL,0x692cf8f40cd0f2d5L,0x0bf82e142f960244L },
-      { 0x6dbcb6162dabe927L,0x76d826d20aa1eed3L,0xe4492fb3be98af99L,
-        0xd4f27cbea50dd711L,0xb7796efe2d8085daL,0xf2d42519ec4e8ec2L } },
-    /* 50 << 308 */
-    { { 0x3fbaf46dccc3c261L,0x773c240c1b646e80L,0x151a711f363b6a5bL,
-        0x3c8680b1c53b5b59L,0x8ee6795f9fb234b6L,0xab7840aa2f673211L },
-      { 0x0a1a0ff3224a8184L,0xcab87319c71bb575L,0x7a9e9daa8125668fL,
-        0xdc607b016c4cff5bL,0xa54cb4c792e5c760L,0x977e4c93d99e4655L } },
-    /* 51 << 308 */
-    { { 0x87d4ff71ebe95680L,0xa2093915e5adaac7L,0xd5bbbdade32f5d9aL,
-        0x5d61056cf328a4e1L,0x61fcdb0f353f565bL,0xb7b8ba004efab5caL },
-      { 0xb5bbcfa410f05eabL,0x483ae9221f09a105L,0x17d94ca44bbf4753L,
-        0xf734a8cdbbdc9a94L,0xc7f01a4244e81e2dL,0x60c3e777b3ba8033L } },
-    /* 52 << 308 */
-    { { 0xba7df5a965b68624L,0x30b4d6ed6e7d58bbL,0x67e52341dbb81762L,
-        0xd697ab1b0deeac1dL,0x01d15e8e5577ea92L,0xbb12d72498fb38daL },
-      { 0x302faa6d4e04908dL,0x66cf6cb909b90a9cL,0xcd665dbd98d96736L,
-        0xf7d3c528b86f3af4L,0x4844c7541d8b07f4L,0x2a77d7b91eaf7dc0L } },
-    /* 53 << 308 */
-    { { 0x8a36c9b57fceaa87L,0x5110912b553c7ad3L,0x4aa51166d5eca67cL,
-        0x05740dcf07a5eb58L,0xeaafb3e3396857a4L,0x1ae9571bba8d62d9L },
-      { 0x2736975500272434L,0x2c74325c59872fbbL,0xd1d8291709dda11aL,
-        0x2a5334eb4683e8a1L,0x22cdd088e3481df0L,0xab1c5f5b4fddc546L } },
-    /* 54 << 308 */
-    { { 0x1966aa0515f46174L,0x495901bd2a074050L,0xda5b0cdebba902baL,
-        0xc47c518a684325bfL,0xa5df133ec4d9d6d9L,0x3771f465fbf7d31aL },
-      { 0x0a73718c02b05d1aL,0x1107cd45534237a2L,0x582cfd2980f5d897L,
-        0xf51a0a88dab0269eL,0xfdea51cfea1a22faL,0x3c9a0d247a13a324L } },
-    /* 55 << 308 */
-    { { 0xcc330f58c42f1ce6L,0x8e1fb7df534efc38L,0x2a37208f5fa5a01fL,
-        0xc06d8447369bdbb6L,0x0b1ea5161a3e36e7L,0xfb4a48366ff9abbeL },
-      { 0x5989c2d524419909L,0xdeaa6136f1d5b1caL,0xac6003b04ba760f1L,
-        0x3a6d5422059081beL,0x96c7fa9df797e22dL,0x67c2f77fa9f3addcL } },
-    /* 56 << 308 */
-    { { 0x53e59f251d70eb73L,0x8aed17afe69d0525L,0x26ddc17864413768L,
-        0xa7c8d40f5e48c349L,0x29ad92d187ff01fbL,0x8f4e1b3b965b2de1L },
-      { 0xb83cfadf1446eca2L,0x7432bda4e609d416L,0xcf97e8a3f1c7de69L,
-        0x45899bd832f55f07L,0x41a6811751175738L,0x89eeb115b8efff21L } },
-    /* 57 << 308 */
-    { { 0x9dcda4f3723fc25eL,0x710de79fb5d954deL,0x095ffbf1f0b7d129L,
-        0x419a2a5e32651179L,0x7b249135827d4268L,0x9dccc98d909fbfb4L },
-      { 0xcb4b0cb016554ab5L,0xb2fc635f6d84b255L,0xa7f8f3f553512b87L,
-        0xc72633f300ec778bL,0x4e07d91a4f1841a9L,0x2a1adbbdcb4f478cL } },
-    /* 58 << 308 */
-    { { 0xe31333093bb794fdL,0x34c68bac33b3be44L,0x953fa2c412172b7aL,
-        0xa9afc12d4fdde6ffL,0x30b5302ae9c7804cL,0x4a1746c702119e68L },
-      { 0xc4d0c7d323e2ec51L,0xbc821f217143d613L,0x8f41251a673e203dL,
-        0xfa32c06aac2ca4c3L,0xf4343f2799a7c431L,0x8f7d489e6b96d959L } },
-    /* 59 << 308 */
-    { { 0x183311763f6278f9L,0x4fcc5b653593cdd5L,0xb09b5880e643f83dL,
-        0x0f130a3d2c78466eL,0x926d7c3d2b1c1ebcL,0x7217f875662ed4ecL },
-      { 0x2d3be028d81cdad3L,0xb2a04e3507a38019L,0x8da8cddfc9a3097eL,
-        0xbaa67f60ddb20228L,0x698fc1c407f04de8L,0x6f0e1d6d7e86db6dL } },
-    /* 60 << 308 */
-    { { 0x54a01e60936c3ebaL,0xf326fe96ec01b12cL,0xcdfaf00366e4de2eL,
-        0xc53dba07392fd0a8L,0x00d9b80f6ec46004L,0x84d59be83ba63f8dL },
-      { 0xbac4ea439dea6062L,0xb4b4845badd568caL,0xa6ca3d34d225e2d0L,
-        0xce72955db50070a2L,0x56e5c91321c78b68L,0x888eb198999488a3L } },
-    /* 61 << 308 */
-    { { 0x65bead3c1c2de335L,0x0ecdc057b18a6778L,0x821b836983e57ea8L,
-        0x84c80b574a5c11dcL,0x0b6432822ac9ad27L,0x8e09a7f344fe943fL },
-      { 0xe510f47daa92dc94L,0x8bb0b5cc6a1666a3L,0x55315bcc24645380L,
-        0xe3acbed113dcf7a1L,0xff99c90e3c9a1610L,0xfbe9aa1bc326e1f5L } },
-    /* 62 << 308 */
-    { { 0x5040bea56827b6e3L,0x1049e004d935eb24L,0xa15f9a07ba9bde68L,
-        0xda430c55e6087e70L,0x30ed69af8e84b7c8L,0x8498514eac9d6a72L },
-      { 0x69c783d64cb27e79L,0xe55d31a09647a572L,0x0479e8b2fbfb82e8L,
-        0x3e845922b52f08c0L,0x252f755f0dbca622L,0x6219778389ddfee8L } },
-    /* 63 << 308 */
-    { { 0x175264893ca1461fL,0x54c432f92b6476bfL,0x0e0be36a530795f9L,
-        0xb9896dacca583429L,0xe4af98239d4e6085L,0xa38b7c4b4a7422ddL },
-      { 0x74643ef47163e421L,0x74c28314895ee61aL,0x637c79c20d62b657L,
-        0xb232ec619bf2b3afL,0x27bdbfb4b2d5992eL,0xcc6e424c49afb181L } },
-    /* 64 << 308 */
-    { { 0x5255508c11c92f34L,0x9a346cf3a294d382L,0xd9765eea3095205bL,
-        0xfea2ed702c470ef7L,0xf5e8a0fc9c40bf0aL,0xb572390ee4137a16L },
-      { 0xb91753712bf2f545L,0x2c2d0f4c58cd9cc7L,0xbea6bce902385486L,
-        0x46208408a8bc3a94L,0x64a87a2a3ac45044L,0xe40da33c7df70151L } },
-    /* 0 << 315 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 315 */
-    { { 0xee9e25d939161b8aL,0x8763f2a2e2eead91L,0xd2fc1157d2d91300L,
-        0xe7597e2fffcbe50fL,0x4be3814fe11d376eL,0x1eab3d7edbf14562L },
-      { 0x38a107c0c0ad183aL,0x829766267c753bbfL,0x18014e09caebd481L,
-        0xb28c331bf9ace60dL,0xe8fba04f211cb8e7L,0x41c4b797e42dc65eL } },
-    /* 2 << 315 */
-    { { 0x009dc2f4c3e88580L,0x4a405be899db1fb5L,0xc89bfaa2ec5d91feL,
-        0x461be9a0f160afcbL,0xfdd084bb7d7566b5L,0x795275e8e48099a2L },
-      { 0x1b461fc9fe9815dbL,0x576214cd73627bbcL,0x3246332d9f09a206L,
-        0xbde4c0c36941d6efL,0x44ef03fdf387f5f6L,0x99c8ac0157b63400L } },
-    /* 3 << 315 */
-    { { 0xaa512f202f6e4301L,0xef668a5fbf94a1ccL,0x08713c3015861b88L,
-        0x49d47551c99bb2b6L,0x6db5f812e2f0258eL,0x70c9b299998d7435L },
-      { 0x46168e1c5d176ae0L,0xec3306e4f730ec30L,0x49439df3ab69c15dL,
-        0x1040408bea0143e4L,0xb48ab8eabc549b0aL,0x4aa38bbf10f89223L } },
-    /* 4 << 315 */
-    { { 0x7e4851599598f49aL,0xbdac3d5e9629305bL,0x20de0dafa6fbabfbL,
-        0x04f015838f09fff7L,0x5a0562976a06994fL,0xf51dac8f6e3ccd33L },
-      { 0xc087ef9c3af507b8L,0x525ab76e6a5c6663L,0x4fc04814d916ee93L,
-        0x3369c978d23d140bL,0xb0fcd70f1662028fL,0x2ca77de2e1e28adbL } },
-    /* 5 << 315 */
-    { { 0x838acd1bc512bc71L,0xac06d6bddc18afd0L,0xc991c1e39ec45f4bL,
-        0x667c5e89cc27c68eL,0x0e059b04ed07f829L,0xceccf1d4cec4b3a7L },
-      { 0x3d9c2dc9b953f9a1L,0x4be2f7e72d599b16L,0x1a2054b197256c26L,
-        0xcf66fa478b4fdfebL,0x896cc1b38134d7efL,0xa17264cad41dadbcL } },
-    /* 6 << 315 */
-    { { 0xe3ccfe8e37627e56L,0x00733a867b6b21a6L,0x3f13e2cbb605c427L,
-        0x5ee12395b0d80992L,0x4dcaea94b9991381L,0x4cfed7ee8c4c4b6eL },
-      { 0xd7aad54b7f7f45dfL,0x2229407fb3809bf8L,0x6eb31eee68048fd9L,
-        0x693842dfd57225fcL,0x3e62cd85a88dfd3fL,0xc6307d53d5462cf1L } },
-    /* 7 << 315 */
-    { { 0x2d15615ef344f5fdL,0xe0ba6a8aa7f23989L,0xbbfc58041c84e3f2L,
-        0x22ffeaae6f4ba826L,0x1e9bf27494292682L,0xc768f89146c02af9L },
-      { 0x894127d6177cdafaL,0x8d0523da2acdc791L,0x71ada9aedc78c3c4L,
-        0xf21dbbb92c532a01L,0x0c797d5eacb20fdaL,0x1ff99d7616cf57b0L } },
-    /* 8 << 315 */
-    { { 0x99b5f150493c1d64L,0x3422b656fb74075eL,0xe7493900ff19bf24L,
-        0xc82e5b80260925edL,0x3398d340c0ea1eafL,0xe7de2ba11287121eL },
-      { 0xea6dfb0b87847031L,0x73bed0a1566af2f2L,0xe26678bf12012999L,
-        0xb5369e4d32e5cebcL,0x2304eac86d181e32L,0xafdbd9543d364addL } },
-    /* 9 << 315 */
-    { { 0x5b1a53ca75da4189L,0xa90485802eb4862bL,0x319424092783ad6aL,
-        0x15a4c5e11a9e025eL,0x841bc53313837199L,0x6e9d3e14e642954aL },
-      { 0xf4a02bbdd436ec5cL,0x62fe177bc6d6ad53L,0xedbf1e4eac86425aL,
-        0xff9359c8d9f752f5L,0x79c685d92d7ad656L,0x8d82c0c4fdde9052L } },
-    /* 10 << 315 */
-    { { 0xf55f868e702f640dL,0xe459aa9b1dedda11L,0xbec0ff9bbb5ba193L,
-        0xf7325c4957724703L,0x5ab8f06323e0e4fbL,0xfbf02e91ecb0fd7cL },
-      { 0xcc72e8daa2e5fa31L,0x47de252832cb53cfL,0xbfa646e64252763cL,
-        0x7a769efeb8d81de3L,0xf5ec70031e772f00L,0x049bea9a2729aa5eL } },
-    /* 11 << 315 */
-    { { 0xe987ba54759090d6L,0x904d6901619ef08bL,0x9e16d1382024a6fcL,
-        0xb6f0459ba9f3b7e4L,0x1f2a530817ee069aL,0x99403b2e2be31049L },
-      { 0xba1663c6bfb2f288L,0xf829195cc7a92b41L,0x89b915ee8ae621b1L,
-        0x3fbbb1e150f8ea92L,0xb1fe7f978c901ddcL,0x16d1f62cbbc69ca4L } },
-    /* 12 << 315 */
-    { { 0x51f19bb3fda072dbL,0xa815459fe3f7e0a2L,0x5f7cde2f987112caL,
-        0xdc51d948759de2cbL,0x9d05c410ed49bd98L,0xf063ab99364341fdL },
-      { 0xd7869d68d1aa0a11L,0xc20291065d862d01L,0x7f258180c2591073L,
-        0x7b90fc7a6ebc4ebcL,0x5565390f3dda1d68L,0xae77fca8a44e4493L } },
-    /* 13 << 315 */
-    { { 0x97564e4847c49ee8L,0xc56bb5a9ab4ebef5L,0x80d969417b4f86bcL,
-        0xa594b4e541026cf0L,0xd56c89965a89ece9L,0xbcf609316a0f922bL },
-      { 0x702596161103475cL,0xb1224fb58a2a2abbL,0x0a437a03715cd61bL,
-        0xcbe2d2b2739921edL,0xf3b1b5e9385541c4L,0x5d0984f4ae010520L } },
-    /* 14 << 315 */
-    { { 0xb4a2742dcfd9295eL,0x9cd36774ae929cd0L,0xb15fadccdd7fcf4fL,
-        0x0b1fa2b337d4fcc6L,0x242c7b26f01c7ab7L,0x2be8131b50574cc9L },
-      { 0x6ee50f42bd89a03cL,0xc7f6ff8f005e7765L,0x04d13af18420501bL,
-        0xc22e092b1b6e7d2aL,0xa393be7ee9516f80L,0xa2593652b80bb5b5L } },
-    /* 15 << 315 */
-    { { 0x5caa5da68b23bebbL,0xa1ad33e81fdbbdf4L,0x18dc93cf4e5c1de0L,
-        0xc3e6addb5bd9e178L,0xf30d517e7cb8cd03L,0xbb84ce54f1abc417L },
-      { 0x0774b64c67699659L,0x228005b9b7d4a401L,0xd8c2ec5b80b2d3d2L,
-        0x419c4cd93450ba7fL,0x520ae681789286a6L,0x24b67ea9aa8bcfbbL } },
-    /* 16 << 315 */
-    { { 0x9e41b9b70f74808fL,0x2d835dae0c061bdbL,0x67e50c8cf272346cL,
-        0xc98a5ef5def57493L,0xc2dea8afa02676fcL,0x59508de26ace4659L },
-      { 0xc2b707aada6cd733L,0x6c1f226a4be7bfb9L,0x5b580fa2a778c20bL,
-        0x272c3a1d57af166bL,0xe47a64a9ca78ce62L,0xd12db7d771d35087L } },
-    /* 17 << 315 */
-    { { 0x6a37ac5a2ada7e64L,0x664594de04e35dbdL,0x3a82f748ffdbf300L,
-        0x4525ddf155975f5dL,0xcfe5a76bbdf2035fL,0x1693a99f0fcbda84L },
-      { 0x5bdb76856a297cdeL,0xdb9ad0cef1d1009aL,0x9e9dae1caf902a00L,
-        0x7e36f79f271a0a50L,0x688a0f41a2a2f652L,0x33d2178613722e40L } },
-    /* 18 << 315 */
-    { { 0x2f4abaff356f4ca1L,0xa2e419422d13be2bL,0x58d72e2f3d7db731L,
-        0xafc2f505cd455649L,0x8a0794cd1583705cL,0x4a43066288ffe8e7L },
-      { 0x2c0c031d135c8e7cL,0x8ecd9ed76b371b41L,0x17cc1ad9563843eaL,
-        0x9603987cfc6b810fL,0x6e291ed7f0d9498dL,0x8c69ae62e1a4058dL } },
-    /* 19 << 315 */
-    { { 0x934666dd40680b5aL,0x37a9c6ac91e762f6L,0xa0a10533e4d26e7eL,
-        0xd811d558ade18237L,0x6e2918ed411b121fL,0xbd9352b93c24a52eL },
-      { 0xe31569ccb811ec4fL,0x3b5b977553f7d097L,0xa0d9ebfd7198e959L,
-        0x63e10ab13f0a942cL,0x65b8b87f8ea55897L,0x935ea3c129aa0212L } },
-    /* 20 << 315 */
-    { { 0xe14dd3708ba8a3dfL,0x49c1fc3750a645b6L,0x3f0db6a32252ff87L,
-        0xea2ac3c4a34ad040L,0x97a37936decf9f0fL,0x810f02326f7f92ffL },
-      { 0xd96c2641184e9c88L,0x08c4cd333d5ab12eL,0xa938d8c3eda80fdfL,
-        0xf2dded68bfccc054L,0x4b3da61ede36ac9cL,0x2c266df8347ef904L } },
-    /* 21 << 315 */
-    { { 0x4653cbfbe3443739L,0x53ea14dd8dd85382L,0x2f6d0513f26ba2fbL,
-        0x374d9bee51269be1L,0xf976cdb243f1f612L,0x68b47bf7b5f171b8L },
-      { 0x726e93dc7095f377L,0xe6f18c57b59fcfb8L,0xffb56a4023d9eb60L,
-        0x678c9508447caf79L,0x4cec83e459740ce0L,0x820ab7eff4d7d58cL } },
-    /* 22 << 315 */
-    { { 0x88eac51c8e376fe4L,0x096e70c49ef465b6L,0xb35265852004969eL,
-        0xbd581669d29cc63dL,0x88094298745b6919L,0x317e386c12e7d67fL },
-      { 0x33848bb2e3d6f4daL,0xbace887f2a0ca785L,0x83b32feb197e67a7L,
-        0x2b58535ade9c851bL,0x3e428b19c38beaa9L,0x784aa3d174f26de1L } },
-    /* 23 << 315 */
-    { { 0x10c5f1e5b292efd6L,0x47d92b88ddc96103L,0xc8743717e5e802e0L,
-        0x47781ba8008dbb2dL,0x7abcd3acf02360fdL,0x673e2b05e9142308L },
-      { 0x501db7c76db93818L,0x285ced71f33dbda3L,0x30aa5fb5cdba4b44L,
-        0x93d536c2df0445b0L,0x28a77bfa10196091L,0x26b9f668e38c4c7fL } },
-    /* 24 << 315 */
-    { { 0x98c3a697c0909659L,0x35c3b0f297d847aeL,0x67d9f71273a7a5a8L,
-        0x28e83651b47bed08L,0xfca9e849567b3410L,0x5fa9a6ded291fe1fL },
-      { 0xd79682421976a995L,0xcff5bb36a0261383L,0x34166ef962e9922bL,
-        0xd816b0342d433139L,0x3b62d3589c4b99c3L,0x8521f917104f7cc4L } },
-    /* 25 << 315 */
-    { { 0xc35a5c7874e09962L,0x1c340269e1690418L,0x2ed61ab4dca0de49L,
-        0x2570d29ede2534ffL,0x9077691bc5143c88L,0xaa249a4a346f3ec1L },
-      { 0x57e4f1e104de76b3L,0x206859c3f415b99dL,0xdac6f415f9a15eb1L,
-        0x2bf456d00a9501bcL,0x1ceb7dc41ef91323L,0x19c1fa8c3cb8afb0L } },
-    /* 26 << 315 */
-    { { 0x7761d8fc6f7b6eafL,0xdc439bfdcc0575e5L,0x33853d91f1ff4383L,
-        0x6da20e4b75dc1254L,0x25a53b581969a1d3L,0xb40df56723311968L },
-      { 0xac150a297dd6aaebL,0xfe6865ce2a3ba337L,0xea05d97cf71013feL,
-        0x0ab3cf008053c65aL,0x7cd38b647bab4869L,0x788cb867204cc6a5L } },
-    /* 27 << 315 */
-    { { 0x253a041e36e88e48L,0x1610f836b86297fdL,0x379d3da109334bb9L,
-        0x62de4308777fa7a9L,0x604a46bd6dfefd1dL,0x9e4740ae314eed76L },
-      { 0x40ec32e12efde5ccL,0xa5b841bdd92c1faeL,0x01852e23dec68e16L,
-        0xc76173b88b55b2c2L,0x4609f350377d5e77L,0xe9c4167ffd67c6b2L } },
-    /* 28 << 315 */
-    { { 0x52732a0a4b0fc112L,0xe654744e9d125dddL,0x9f76cf7e269beee7L,
-        0x2fb8bf32ff80a2f0L,0x1bcef16262b7153bL,0xdedc255a43a4201eL },
-      { 0xb1b30b91acbd8a37L,0x147fae6f240adc8fL,0x5558702cb39bf39bL,
-        0x171e58803e1eb997L,0x095bf301ed7c79b4L,0x29f1dbffeef752f4L } },
-    /* 29 << 315 */
-    { { 0xcbb2506e7535c370L,0x40ee37ec7ab20106L,0x74f502d4caca3675L,
-        0x167e778db57c0364L,0x7726715b13fa3dccL,0x76097791f42e0c3aL },
-      { 0xe1d990c3379dd41aL,0x432454d785c8f5e2L,0x1f90c59562ac45e4L,
-        0x63e156998ffe0c09L,0xc3bb8c29d42bf0a6L,0x027d5a86ecca4cfcL } },
-    /* 30 << 315 */
-    { { 0xaf8ca08b20492da0L,0x37b1fa1547508667L,0xc9fc925b96077958L,
-        0xb78c83c19ecac8b4L,0xd9d953a17c05a67fL,0x970ee229b9ebcaaaL },
-      { 0x689cad7f55dc989eL,0xf02f05bc66c941fcL,0x8d00516281e23d8bL,
-        0xfe603ffc8caebcc3L,0x592860bff303153bL,0x9ec1d5ab3344e524L } },
-    /* 31 << 315 */
-    { { 0x7e374b7b0f922941L,0x44b3f00174466c92L,0xcb3eb28c3c2fe678L,
-        0x91079467bb9bf05bL,0x0d268749de2dcbe3L,0xb6383ba4c5204680L },
-      { 0xd50269f4951d3c71L,0x9209a2d53ffbf2e0L,0x2f6496258110f811L,
-        0x08fc9fbb0b31e275L,0x697960ea1faec287L,0xae95e4a8c5420ad4L } },
-    /* 32 << 315 */
-    { { 0xc20fb9111a42e5e7L,0x075a678b81d12863L,0x12bcbc6a5cc0aa89L,
-        0x5279c6ab4fb9f01eL,0xbc8e178911ae1b89L,0xae74a706c290003cL },
-      { 0x9949d6ec79df3f45L,0xba18e26296c8d37fL,0x68de6ee2dd2275bfL,
-        0xa9e4fff8c419f1d5L,0xbc759ca4a52b5a40L,0xff18cbd863b0996dL } },
-    /* 33 << 315 */
-    { { 0x1304bd65ff0e8fbfL,0xa249adb53343deecL,0x20635fa9826e1293L,
-        0x6283f098b7bddaadL,0x0d0a7820bc96fed6L,0xcd7605d47de0b9bdL },
-      { 0x4f0a9751586f9eb6L,0x2f6dde5556b2521bL,0xb7efccbd76264c6fL,
-        0x7df9cd35b2613621L,0xc334c8f924a2ff4fL,0x914f472a0b13b604L } },
-    /* 34 << 315 */
-    { { 0x89092cbc5f6bb241L,0x8b4dadacca123b83L,0x9ba420eecd2dbaa2L,
-        0xf269d1982dd6ef2fL,0x29f68d03809b338dL,0x18cf8675958ae927L },
-      { 0xc179d4b2bffac33aL,0x5356ffc1522695e1L,0x453474986d039c90L,
-        0xcba0e0fc5a675530L,0xf369b7ab98a0c70cL,0x51f82173d508c254L } },
-    /* 35 << 315 */
-    { { 0x5f98e5aae8490374L,0xdd84a7506ca52a68L,0xb6904ff8a9244f56L,
-        0x4c908c0362a5502fL,0x70ff1e01a8df73b3L,0x573a37f20df382caL },
-      { 0x5df73cf8c7dd1209L,0x965ad402abfbcd79L,0x61a633a59e67af24L,
-        0x0953c83cc64203f7L,0xe14f58f9a1fd8dcdL,0xb5ea722887a5fadeL } },
-    /* 36 << 315 */
-    { { 0x55466aa1d896c2f9L,0xd03ade059831fb31L,0xc46711547d968dfbL,
-        0x8ade0c97bce2fdb9L,0xb408c7457f6d843eL,0xb1bbe028a709cf63L },
-      { 0x1dbd25383ba4fe36L,0x1438d322dc1f2720L,0x1c3c46b9c37694deL,
-        0xe57133dc3997e650L,0x754c171e422b95bcL,0x29c47f0da209c7bbL } },
-    /* 37 << 315 */
-    { { 0xe520480823822d0dL,0x745fe7aae3eab177L,0x6f0f4a7e808500edL,
-        0x9383c632200c2bf0L,0x6f3130d7be22d432L,0xed7713d465511061L },
-      { 0xff84bc04049067acL,0x33c2be61d56210e1L,0x57d63f885ac04f01L,
-        0xc2fbb773284fb49dL,0x46422426e1f349adL,0x3cb627c465863455L } },
-    /* 38 << 315 */
-    { { 0xea06cbe9a1edcfccL,0xb0438e198aff46ecL,0xa93fb88ba450240dL,
-        0xfc4a370021b6b45dL,0x2503aa5d82a21241L,0x7533f1d7f540d3b7L },
-      { 0xd7a58a679277538aL,0x466d981a539c347dL,0x46f1682bf26488c2L,
-        0xee2b4976318282e4L,0x8fe5e5b85a94409dL,0x40ca43a7b1a4fc28L } },
-    /* 39 << 315 */
-    { { 0x0ed4414c901e48d7L,0xdcabb46418340890L,0xd50bf12f20998781L,
-        0x498a90232a596ffdL,0xcc877212b43f456cL,0x98d9d531f796c4fcL },
-      { 0x061e3b31977c11b9L,0xe56bc6f00a00c822L,0x756e62c96887ea43L,
-        0x29129d53859ec944L,0x42342589146c1fbeL,0x2f2cd4bdd1884196L } },
-    /* 40 << 315 */
-    { { 0x3d3815d645d94a24L,0x4cd9fe1139f3e6e2L,0x8c7b8dae8e7eb572L,
-        0x7e69faf40f7deecdL,0x0e54b3c0387e97ddL,0xd12e473175a1b6b1L },
-      { 0xb7163632c664f92aL,0x86ab4ea88d94e55bL,0x37212aef1133dcbdL,
-        0x0c6c7fc6dfc0d47aL,0xacbcb077aa9e1ccaL,0x43cf50a726ef7fb6L } },
-    /* 41 << 315 */
-    { { 0xc0eb003c54d7bac5L,0x89780aea2b770baeL,0x13a194e8076bb29cL,
-        0xb863585046f8aa90L,0x79ebc6066df515f0L,0x25ea422dd1ead000L },
-      { 0x16b03b8106c89b71L,0xa964da878ad9fff7L,0x2c96dc6b2e7b9072L,
-        0xf71788978c93f6bfL,0x4c7ecef912688648L,0xed7b4a577c663be0L } },
-    /* 42 << 315 */
-    { { 0x5b7cdd0ad74a20d2L,0x273184f48bcdd2f5L,0x4d8d3b4ce3ac03f7L,
-        0x0e2ff518a02cc60cL,0x9c006ad8b6fa606fL,0x401606caccf627a0L },
-      { 0xe7429a6f7b967844L,0xe4e5d1c1bc8ac8beL,0xc050f89ff4f46638L,
-        0xd23a3eb452f918c9L,0x4528e4e202944b49L,0xeb345a689268719dL } },
-    /* 43 << 315 */
-    { { 0xf4fbd190ccec4c27L,0x7e042c8722674e8fL,0xbc79835ae8b33439L,
-        0xc7923b8fad2124d1L,0x0ece42272c72542aL,0x02d638e2b9264875L },
-      { 0xbdf9fba1904e7683L,0xcbbc0e0aac934377L,0xea154d99459ec213L,
-        0x87db3f66c3023e2eL,0x7f9262d518de83a8L,0x432fef4f3524400aL } },
-    /* 44 << 315 */
-    { { 0x3b5566d7938a395bL,0x920dc1111f256c82L,0xcee7f231a059c8f8L,
-        0xdc3da434d48b3179L,0xb1e819e913f78de6L,0x94a21bb01f9819deL },
-      { 0x8ef14a96f302a94dL,0x9f897e1a079fff9eL,0xff9a4e0e54122af0L,
-        0xac6a6cbef0b7f1c7L,0xfd15d9756401df3dL,0x500531a323a0b7b6L } },
-    /* 45 << 315 */
-    { { 0x12e22a012da0c724L,0xa0a837f3b80cba90L,0x89df9a3e2a9b5434L,
-        0xf3299f64925840acL,0x0cc78a3a125b3dc1L,0xa4ea6203c723d647L },
-      { 0x5cee8068d369522cL,0x3e479803432d5e87L,0x86e809363ad8126bL,
-        0x93e871c9cf89d85dL,0x892e4710286c9010L,0xa075a6d3ec3a1792L } },
-    /* 46 << 315 */
-    { { 0x095768bc7dfddf6eL,0xc4e331b4e63c4e60L,0x1179808104f28a2aL,
-        0x415e33e1bee48983L,0x7fe8050144af7eb7L,0xdf6c423b2f28fbfdL },
-      { 0xd10886db007a2b56L,0xea578b286613f26dL,0xd18a9d1c2b90a815L,
-        0xd4c6e8b2675c2c8dL,0xff973df5788bf2d6L,0x4fbeb6210d7e611bL } },
-    /* 47 << 315 */
-    { { 0xcfab317671674fa8L,0x78038a1afef7089eL,0x3109736aa27b5b55L,
-        0x1b31325fc0193518L,0x3afd21a8be19b5f0L,0x548196a2d8028eabL },
-      { 0x15b0d6d2a94e6be0L,0x1552ffb67afd5dd6L,0x49b1150d89bed9eeL,
-        0x2c59b0bfb0d1444cL,0xab265d7eb695a900L,0xa24d0788a1dd1ef4L } },
-    /* 48 << 315 */
-    { { 0x4e913e1131e325ccL,0xe92f7c8f2a65fe01L,0x8e61a80d5857aae9L,
-        0x2c36923d53104397L,0x5b0911d6b36d5379L,0x76eb9b56b1207ae0L },
-      { 0xb5cd11646723c4aaL,0xa6bec13b98891a11L,0x09af8be29d806056L,
-        0x7da8d29ecc1fc0e6L,0x231cc00e2aa8791dL,0x2ded362c042171c2L } },
-    /* 49 << 315 */
-    { { 0x26eb2ac96afa51d2L,0x83485eff13c04ce8L,0xdedb48718072d8dcL,
-        0x4da1771d8ac3d411L,0x2d8f99ef849c6c0bL,0xea65f6bc2b5882e4L },
-      { 0x60a90f58fd671216L,0xb9f3e2058af33bedL,0x29c41ec92bf02916L,
-        0xcdf15b1de5ddeae8L,0x67f9ad163109e99dL,0xb9b5585f517d25e1L } },
-    /* 50 << 315 */
-    { { 0xae016b4811b3e20bL,0x5ccf3cf1e5164179L,0x1281ff8efe9fd47cL,
-        0xb85438038e61bdf2L,0x694e42feba5856a0L,0x53f7e09759b32aa1L },
-      { 0x5b9848e9c341a531L,0x9a5fb85025952b73L,0x9d5fe0dea6f82c5eL,
-        0x9216a8ca44090933L,0x3e986d4bc3272875L,0xc20534f8f3512e42L } },
-    /* 51 << 315 */
-    { { 0x718124a1033495a6L,0xc4f28a746834851fL,0x91186d80e1baaa77L,
-        0xca4e13222a761e95L,0x7b6b8322582ddee2L,0x75d396c6c3c70c6bL },
-      { 0x075dcd6b54c75102L,0x3669b97c0b92622cL,0x621154e6f0cd45adL,
-        0x7ff0029ff381a6d3L,0x3d37e750a726f84bL,0xc4f79202874de604L } },
-    /* 52 << 315 */
-    { { 0x215018fdec26297dL,0xaa06fd0bbf35d225L,0xe5fb438cab40bc17L,
-        0x6a0ab335acb7f4c5L,0xbe1f4de4187a8e6cL,0x651deba961f7e842L },
-      { 0x2b30b0046f629aedL,0x63bdbf8e2218f107L,0x21a21aa5f9ca8bbdL,
-        0xa88cd9138304f7e1L,0x23594fc6c5e6f9d4L,0x4d4db41a6682fc06L } },
-    /* 53 << 315 */
-    { { 0xca2317b0428dcb40L,0x9a7bd387288b5eeeL,0xd62da6d0a060584bL,
-        0x601a3d6ce8f10251L,0x65718f0584885319L,0x5a87b1c2a1bc252dL },
-      { 0x27ae8015a37b05d5L,0xa624af9c98394605L,0x988220050ba4565dL,
-        0xb93395c9da2613deL,0xcef9a880edcaa74eL,0x7b2ef0fe0976687eL } },
-    /* 54 << 315 */
-    { { 0x094f20588e5c6b80L,0x6e5a5f52846eabebL,0x9eaef2d7370a9345L,
-        0x12d6f20687c19719L,0x0d2494ab9c44076cL,0x15ccc737de9309a6L },
-      { 0x8eeb8faf94ca6587L,0x7dc9a4fe3fe363f5L,0xf02f6e03b3b08270L,
-        0x31adbe77daf15507L,0xc0fb2814343bb4efL,0x724007519bdc1d91L } },
-    /* 55 << 315 */
-    { { 0xd301525c1677fcb7L,0x11b7141bfb6b0dc1L,0x01f4950eb2163b70L,
-        0x34c758c6ed3c0025L,0xd1b1c7573a5196cbL,0x7926f0a42fa19c66L },
-      { 0x107e5d32b1c47233L,0x0fe50b00cacbdaa0L,0xf45dd7e8e213397aL,
-        0xca6b2de9eaa1db7dL,0xbf234b55dd09c2eeL,0x10db87d1a1db37f3L } },
-    /* 56 << 315 */
-    { { 0xaff57c87de0572ecL,0xc0745250826246c4L,0x523910fc700ef250L,
-        0x8c23aa5793faa067L,0x87f7c7198e7dcf75L,0x45ef4adb46695227L },
-      { 0x0ffe09d196ceb1e0L,0xfb72a05790f3383aL,0x62d26e5e07c220d9L,
-        0x03e19605766b1e64L,0xa774669458c17fb7L,0x9a851d828e7acfa9L } },
-    /* 57 << 315 */
-    { { 0x150e936f4baea8efL,0xeb5328d68239dfe4L,0xe064fd95b5f987adL,
-        0x13d3803d52e7313dL,0x0e9738f5b215317dL,0xb6dd60a7974be106L },
-      { 0x00fa92bd6bac81d0L,0xdee050f9e7cb2338L,0xd7943d4f9075745eL,
-        0x07cc4170819cfd9aL,0x21b7e0b04aef1468L,0xd7520b77aef07b1dL } },
-    /* 58 << 315 */
-    { { 0x126c012681097c49L,0x95339f9475c02669L,0xec3fc15b100115ecL,
-        0xea5c8e9c49fb787eL,0x63168108bd3fbc19L,0xdbf2430541573590L },
-      { 0xcaa3a69686dbc847L,0x2c464fcb70d76739L,0xdd9e0bcd69e2fd74L,
-        0x4ae92cc01652728dL,0xafe3e24812b060cdL,0xf3776c6ff951a38dL } },
-    /* 59 << 315 */
-    { { 0xe4ab1c417af22e76L,0x35a8addf038840dbL,0x95ba3e3dafd0d7b2L,
-        0x2a7bf827f84417a3L,0x0bc177c729bf5a83L,0x29ef7f8bd09905a3L },
-      { 0x1df34fb1385e6c69L,0x079bc0fcf99e0d19L,0xcd2dbbc4f30eb5c7L,
-        0x2d364701afa7447bL,0x3c7bfa087a791ef9L,0xe21508c8e71166d0L } },
-    /* 60 << 315 */
-    { { 0x0b204c9ac746ec60L,0xdd5efe2718b93b24L,0x484474e0ce15332eL,
-        0x690be23d05a308b7L,0xeea3abfcb0f7081aL,0xaff69f36cd8e8720L },
-      { 0x5dadd080d951329cL,0x060c379c8cae67c2L,0x8e284705b20851baL,
-        0xacc8d8a0e5df0e85L,0x8c024e789463544dL,0x15a9a3f08003076cL } },
-    /* 61 << 315 */
-    { { 0x095e284899e0ecb5L,0x61e9d5893415c1bfL,0xb1207d3017f5c585L,
-        0x75f73f1d04e97243L,0x868551aa77bd50d8L,0xd530e0cc197f7d84L },
-      { 0xdd6ab731ea9fb71bL,0x26e5b52e2cf9510cL,0x4fba03ff11a88911L,
-        0x6608b634e921e323L,0x4baf22f836d46a1fL,0xb8bced501bc7ace0L } },
-    /* 62 << 315 */
-    { { 0xaee397fa327d9bbaL,0x9a45e7a2d832e3dbL,0xccb43a730582ae33L,
-        0x457b3271d4093b12L,0x409caea6370bd663L,0xa5019f25657f693aL },
-      { 0x5851c78a16478fe7L,0x5e09ace7ddf17dd5L,0x89ca68da0763656cL,
-        0xb92d3321e2bad2d0L,0xdd5642098422f6bcL,0x4a6ea69946c04923L } },
-    /* 63 << 315 */
-    { { 0x7ba1f48579120405L,0x6c136597898be69cL,0x1e75e1586dcacc38L,
-        0x3d3cb58b65ee4cbeL,0xbccee7a308db0caeL,0xee8bff34e77edfb7L },
-      { 0x123bc3f036f60cf7L,0x3b1dc9e779bb4c78L,0x036a8049fe5f0d85L,
-        0xc4de23d318f66f39L,0x593cf51e3c436c16L,0xd4d40e906769584eL } },
-    /* 64 << 315 */
-    { { 0xf6827150844eefc5L,0x002e82c44515ef68L,0xa46c8f55c51916c4L,
-        0x98c3524b61ee081fL,0x5ab7f2c2ad64872aL,0x0b503ff07e555faaL },
-      { 0x802e0d23b4c58d29L,0x122890402fd917feL,0xb56d19087af20d26L,
-        0x8d619e216be50784L,0x10fdbb721372b851L,0xf2c1673e4935576eL } },
-    /* 0 << 322 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 322 */
-    { { 0xd97a9b1451a135f6L,0x6d16aaf597b4df14L,0xc57160c254818818L,
-        0x4dbdeab61d59be44L,0xb93a9dad81f2b247L,0xe2868cf5ecbcab33L },
-      { 0x5e1ce82883a86711L,0x29a9ca2f29c55428L,0xe716273a2d82b0dfL,
-        0xb017f5f6ac8ff52fL,0x7563e79970ea7ccdL,0x5fedf0a63f0e674bL } },
-    /* 2 << 322 */
-    { { 0xa7f8501488d7b3fbL,0x3b5ec513ec78386eL,0xc6586b8a2ad5053dL,
-        0x88c09a43fbcebe43L,0xde7f2a4a20054f16L,0x63daba80bbbb147fL },
-      { 0x087e48f37d352b55L,0x997e32a08317ab79L,0x8ae802ff7f27cac7L,
-        0xb01a131c37b1f6e1L,0x3f0d4c2e9a6d1deaL,0xe06114fce7ceef80L } },
-    /* 3 << 322 */
-    { { 0x311df84c359590bfL,0xf907d69ddf6ca4b4L,0x876fd36782f22c64L,
-        0x64c4d14d9713e68cL,0xd431858d6b07f539L,0x39dfea3384990283L },
-      { 0x6afb8cf080cf6498L,0x327056bcde060e9eL,0x5103ce4a49a71086L,
-        0xfc94be75cdf853abL,0x2bfb105f8ca579cdL,0x02d19c3a50454b41L } },
-    /* 4 << 322 */
-    { { 0xaa03b474cde121c7L,0x74a648cb55e52c76L,0xb286ef86f37b57bcL,
-        0x95b797eb2a6371d2L,0xa489ef894077ccbdL,0xf46ade048e99ca6dL },
-      { 0x5cf9e23723242d03L,0x33c7d32acb708390L,0x329523b6ba7ba477L,
-        0xd406ab8757de30bfL,0xaa10e4a21536ca01L,0xdcec94f4dfa7aac5L } },
-    /* 5 << 322 */
-    { { 0xb5839fa424700097L,0x82fe2251759eb8beL,0xec5f34bd5f104a39L,
-        0x7f3da509ed1cf49eL,0x62fe425244621c76L,0x2118b68dc7bba926L },
-      { 0xb0ac18009ea4b7e7L,0x33b21ca1fcc83f56L,0x1856161208458096L,
-        0xba0e6aa95650f3feL,0x918d427231006f05L,0x955f3951b1066473L } },
-    /* 6 << 322 */
-    { { 0x0cb41ada3c59ee1fL,0x38b2465861d1633dL,0xde863b47d03e9452L,
-        0x2bfab5b41548d45bL,0x580af6272ccb7528L,0x6744c7cb13c04327L },
-      { 0x5eca3ab339cc5075L,0x51dbfc7b6d243f62L,0xd64d84b7981ee3ceL,
-        0xf639a03db4f2bc63L,0x8a411c36a317a1b6L,0x51edc4c0ed34eb3aL } },
-    /* 7 << 322 */
-    { { 0x01511b8a9d6fce5eL,0xb5c7b33f89a2875cL,0xa88e720e2fd79b67L,
-        0x5337034404229e94L,0x40bb7e7ec94af25cL,0xc11501b99183a7b3L },
-      { 0x29a4d81fcec3cc7bL,0x143976fdd75b8febL,0xac8dad2cfa261ad0L,
-        0xb14793006a2db8a8L,0xd4981293929c4a12L,0x5703506fb6eef856L } },
-    /* 8 << 322 */
-    { { 0x762a5eec1f5a9609L,0xfe4f5f6a765b337fL,0x0fd534aeaa4f964aL,
-        0xcf46648ed6526f01L,0xbc62a54a18d71d72L,0x48d94f2a4f8488eaL },
-      { 0x62c40de7a0c72a86L,0xd73ac51a725dd2efL,0x3a51d7466ab19096L,
-        0xf07bea4b2dd1ad3dL,0x2a0ec4672ef88078L,0x92598cb3664e435dL } },
-    /* 9 << 322 */
-    { { 0xd49f753012fbc44aL,0x769a4fc941c51d91L,0xeb1ed485981fd6a9L,
-        0x90a4b3cad7daf430L,0x4bbffd5c75d07405L,0xd998a096da671888L },
-      { 0x0514ad4b6e10976cL,0x5d40328aab11d9ecL,0x86de976bfa180702L,
-        0x259ca429f6f8a4b7L,0xe08970f05772eb4fL,0xca428fa1b5feb7a7L } },
-    /* 10 << 322 */
-    { { 0x9f3d76ae35af4a88L,0x0b92f48a242af3e6L,0xd4f8a37b7165d261L,
-        0x30e1fa8b2b917832L,0xd26f821f8fdfc06aL,0x75359bcf3669d1a2L },
-      { 0x0ba3bcebb638331aL,0x8d02c0996c73b62bL,0x2a8c078d8c4f63a5L,
-        0x55458ccaa312c282L,0x901ea0ea5eaaad9dL,0x03665da20e39eba1L } },
-    /* 11 << 322 */
-    { { 0x79a30b82da9affceL,0xafb188567204a29dL,0x2e64e6105a8ed24aL,
-        0x6bf3695a9e44aa24L,0xc22320690c77fa6cL,0x20b3c69531524429L },
-      { 0x91e60caad6e0f847L,0xf0fa30c4542d6b57L,0x56a3a66bff98ceffL,
-        0xec44f0b72c9507a2L,0x4ef13008c37e17e4L,0xc819ae81cda21355L } },
-    /* 12 << 322 */
-    { { 0x17c563be1cac0b58L,0x889cfcecb8491347L,0x591d49ac4cd1bfc0L,
-        0xd4465510d4e53d3bL,0xca95ccf6ad079a6eL,0xce391389b5ea6eb4L },
-      { 0x600ccc9ca48b6447L,0x20d0c7dbc20d56a8L,0x5f27edc569c6c6e7L,
-        0xb3fc0f4a586abcdcL,0xdbfdf3f985dbc5b6L,0xfba1cf254ea80fe0L } },
-    /* 13 << 322 */
-    { { 0x38d6267e427a9075L,0xd1df12006d63ea4cL,0x9887a99881407b57L,
-        0x41accae4688e9f0eL,0x33c63c9e10886dc3L,0xf8332ac57574a033L },
-      { 0x7d77d41f4c636d00L,0xf6f4ca28add70d4bL,0xbe496330c0ee111dL,
-        0xa4de7670b74bc69dL,0x683a93d369e5eabdL,0x4c5461c710963bd5L } },
-    /* 14 << 322 */
-    { { 0x9bbc99b59310424cL,0x6f4bce534568e290L,0x21373f5bc1572fd6L,
-        0xe5ecd5b6a28b4394L,0xd56968f646ef7bacL,0xcbce8614726cc043L },
-      { 0xb2fa6101d0a49bd8L,0x65eaa7725a7b41c3L,0x10d7515296e5ae18L,
-        0xec8f4639af389838L,0xac660d81bccaff25L,0x3c546ba931734025L } },
-    /* 15 << 322 */
-    { { 0x81b13d3ee098c584L,0xf8eb4e41fa3460caL,0x1bb889d1f0b905e3L,
-        0xd158ebe939a3faafL,0x7ad0f829cf09735eL,0xc89611963aa8b3beL },
-      { 0x522327781be516cbL,0x9118d851ee88d911L,0x35ad130f0bf2a62cL,
-        0xf35bcf1b39c05087L,0x73b992c3bce42949L,0x93ce50b95b42744dL } },
-    /* 16 << 322 */
-    { { 0xee6e7006b515fff5L,0xaedf6e3913258ed5L,0x373adf7dfc45111bL,
-        0x0c7535b1875c23c8L,0x2a7e04f897039d49L,0xd76787ae9afd1a06L },
-      { 0x049dd38591b6dc89L,0x8f0c8ad0932dab78L,0xdce057b9925498c2L,
-        0x7b9c9bd2da25daa3L,0x6d0b70a3d4decb7dL,0x099a218303df76efL } },
-    /* 17 << 322 */
-    { { 0xbfaf4b848c5520a2L,0x36fa343fc6741e50L,0xadcc36dcbd5211c4L,
-        0x2cae5a8514bf0578L,0x8fee4d403fe4171eL,0x2acd2756624d0daeL },
-      { 0xaf99a323623aa9cbL,0x120cd2038c8191e2L,0x2073e8884068d993L,
-        0x144851ac579bbf88L,0x54d458a4ee29fa34L,0xb7704255e5e5d676L } },
-    /* 18 << 322 */
-    { { 0x02f6e396617dc4bdL,0xbc48c42961497feeL,0xb27487fe0b4d22d7L,
-        0x33d6b1161d0b0aabL,0x5e21cebad31278e5L,0xf7119a50dacd8f27L },
-      { 0xe47eff2cc8ab54acL,0x7c7ccd3bbbe16c9cL,0xc056d817c584bafcL,
-        0x868ead2b97790d9cL,0x8fea6eea1a58126aL,0x67d323640fab2640L } },
-    /* 19 << 322 */
-    { { 0xee1a958ffa14b58eL,0x900644f9760b54e3L,0x97fa6fa451579d09L,
-        0xa7351c3b26e7f95aL,0xc3546595aadfd139L,0x07b7ef48f14f1e6dL },
-      { 0xc8d100ec4d139608L,0xf98609b2d8741228L,0xf0890d9d33030d3eL,
-        0x893b874fe28ed106L,0x5439b7aff7bb558aL,0xe68a3adba71a2261L } },
-    /* 20 << 322 */
-    { { 0xff54e8bc8acd597bL,0xdae781e94682b8c6L,0xb2265bc4ed1fae2dL,
-        0xa5e23c29ea983db1L,0x4af5f55909851454L,0xffe9538836eb4506L },
-      { 0x4c72b2d1c2247b8fL,0xb179573331a67505L,0xb1aa8ad4e19c9c25L,
-        0xb9cfea953e8b8004L,0x07782d788ac747fdL,0xe23e547fce9d9e41L } },
-    /* 21 << 322 */
-    { { 0xbc6b0088fd9e8e72L,0x7e51aa5dc6453462L,0xe8615fb9c8b1725bL,
-        0x031f0d2a5a371c9bL,0xb9db0a647441d8aeL,0x0dd0446e9d5783c5L },
-      { 0xb3b7be2381720779L,0x49a8ecbb6cc5a610L,0x165c626152cd016cL,
-        0x5fcd657da3f6ae6aL,0x30497fbc9f6988dbL,0xd734927936a73fe7L } },
-    /* 22 << 322 */
-    { { 0xb30ddd0e388562b4L,0xc485506b1f61067fL,0xf0da517684947c84L,
-        0x04830cedeb067f33L,0x05084c8262404b76L,0xe7e7efad7996707cL },
-      { 0xc2a6a57fc78b9a7eL,0x4e55fd8c7bfbf308L,0x204e7c44d1386117L,
-        0x979ecd5a4e56595eL,0x3bfc790853707b85L,0x2c3a41c59fcc5b7aL } },
-    /* 23 << 322 */
-    { { 0xcdbfd951ed6e2671L,0xb72c42ee135f6b96L,0x38c8d1ca40bbb789L,
-        0xf6fa984cda03f270L,0x76dc5a19ed88deb9L,0xa8c88f2a9985bcd7L },
-      { 0x2b0d3b66c6628a44L,0xdf679b6a2b311954L,0x30a363c25f851b07L,
-        0x78a5d242aecdb9cdL,0x42d7ca82a968b4e6L,0xb188e99af2efb94fL } },
-    /* 24 << 322 */
-    { { 0x779905b6d8948f95L,0x3c7085b591cd0206L,0xce9af0aa679096dbL,
-        0xfdf04f10f558913cL,0x05300cb06f24a2e2L,0xf9d9a2f25d581b35L },
-      { 0x855c8de96a713751L,0xc9ac24bc0e0c0dfbL,0x67612a4197740d65L,
-        0x7588a52744c9360dL,0x928ac910325cc880L,0xa74abdafacdd3188L } },
-    /* 25 << 322 */
-    { { 0x98d80359e7c5fbc7L,0x6abc82b7047c61d5L,0x8d8f5fbd58f2fd49L,
-        0x321f2426ccb0a4dfL,0x379f10e2e96cac24L,0x34c0444130666763L },
-      { 0x8dd3972043632c61L,0xb2bbe2eec19f98eeL,0x00d5a467c464dfa3L,
-        0xa44ceb19a85b6fecL,0x88bf80ddc9b1fa77L,0x7e5123c8e6dda98fL } },
-    /* 26 << 322 */
-    { { 0xf73ad540b75a6b88L,0x57bcf1cc08487cc1L,0x00358de735cd0c27L,
-        0x86d469a2573df808L,0x4884cd5684716abfL,0x0157687fa7da61d7L },
-      { 0x8efd8acda732c2cfL,0xb6c9bf7198677236L,0x3d1f01826d46c473L,
-        0xafa65fd82f497476L,0x535ee757e54f17daL,0x432b5878fe7aaef6L } },
-    /* 27 << 322 */
-    { { 0xf091c4ff3370e118L,0xabf011ee118d4b8eL,0xb489c4b7a13c7279L,
-        0xc2dd44e93bfb19feL,0x10b68e92c5d859dcL,0x57935fc39249205eL },
-      { 0xb97e63b06c929bf4L,0x98cb08a739a25097L,0xb13f17c15eeedf15L,
-        0x1e27a85c240884feL,0xda1515ad9b601298L,0xe01251fd4ce36c3eL } },
-    /* 28 << 322 */
-    { { 0x3774af36ba6aca8aL,0x562fcfb1340e6a03L,0xde45205ec1187539L,
-        0xf3b114418799c22eL,0xfd53f681e8b0842eL,0x45a0039066d36d64L },
-      { 0xa2c3391d353eb1e7L,0xf9d9fcc55840eddaL,0x4df1fa4a6ab8ab4aL,
-        0x2b0cd34bd841a623L,0x52441d79b10b189aL,0xfd86d3c2fa025da7L } },
-    /* 29 << 322 */
-    { { 0xe28f3bab5872204bL,0x6f87cbaf0ba35c66L,0x783e85c03d877c60L,
-        0x376e5e2df132df52L,0x213d53a9bc2cd6faL,0x2e2a573008a13174L },
-      { 0xc0988fa9ba15290fL,0x51d81b9485456f81L,0xfe371f32a0ef5b80L,
-        0x9aca060ff129171bL,0x0b02b39e0e402e65L,0x8e6bce1eae9c209cL } },
-    /* 30 << 322 */
-    { { 0xb0cb0f0c532f78c8L,0x83113e752d133635L,0x3f64aad5123dc64bL,
-        0x4d3201c85aee8c59L,0x265905dbe75e8642L,0x9d1d277805f9a759L },
-      { 0x84778aead9e2a07eL,0xc747cc3a9c0aed31L,0x10d1b4e87af2dc61L,
-        0xf58a6bd8af0bf23cL,0x83836c2352e1ee75L,0x88c4d1c6d899062dL } },
-    /* 31 << 322 */
-    { { 0x27eb26a3f3842d98L,0x90f712b69da68159L,0xd11177052676f05bL,
-        0xdf603446073bf994L,0x28ad2b498bfcbb7cL,0x6916c6e2e5e1266cL },
-      { 0x37d516996e98d62bL,0x155d8ef749634968L,0x0676ea286a1b2222L,
-        0x1dc3f8d71566cb3bL,0x95fb3f177dc6aecbL,0x092f4c8120807b13L } },
-    /* 32 << 322 */
-    { { 0x3c6c5618b9d926c2L,0x7e14c3ae4a9099f9L,0xb3259c90ae2fb830L,
-        0xf7cc6e43ec31a504L,0x83bb13c6126230bdL,0x5a1f4313ff1dae3aL },
-      { 0x0cc6c1a549b0b65bL,0x67fa836a274a84c2L,0xd454c75fe604a58dL,
-        0xceadfd912491f872L,0x6c5575da9ce116a5L,0xfaa4903fb24a4481L } },
-    /* 33 << 322 */
-    { { 0xc9ade1497c4579f8L,0xdad7eff3be316db0L,0x4ff3abc613fce23dL,
-        0x09103a75da708e56L,0x4cf139fa8ab52827L,0x0f82219b8f251a68L },
-      { 0xd19719c7dea33388L,0xa482548423085413L,0xbb63cb43f8eb4b18L,
-        0xeec33735f3b88079L,0xee79d331de3ddb97L,0x56fc93090e5acf8aL } },
-    /* 34 << 322 */
-    { { 0x951a780bcef9c5bbL,0xc37d442ddb35bf11L,0x8e2a0e7d64a776b0L,
-        0xbf461becc652cf34L,0x3970eb603194f918L,0x2768daedb3bda869L },
-      { 0x8e81257557b24bf2L,0xae05e2db38dd69cbL,0x0adab288cee2f522L,
-        0xc7a0e1f148234f13L,0x285f6ee36728c9e9L,0xb9ae7b9fc4541e19L } },
-    /* 35 << 322 */
-    { { 0xfd90c5c1f6422b56L,0xd9fc8cce4dfdb947L,0xf3566dc4d088588eL,
-        0x25dd9e27f22682e6L,0xb077392119b0a532L,0x54da228c0d05a9f9L },
-      { 0x0f7fda40986f60d4L,0xb6dafff6c9b112feL,0x7eb99e1a4abfdfcaL,
-        0xed499eb9389611caL,0xf230d6d6f251477bL,0xc09d328c227ecc92L } },
-    /* 36 << 322 */
-    { { 0x9b21ef6c16cdcfeaL,0x233be0c3694edecfL,0x110243df7c49c931L,
-        0x03a59a2ea3113ed1L,0x6470f721023c9a77L,0x7d1640c88e9ff099L },
-      { 0xc21488316f2c7b37L,0x9e1c9e1dac6eebc7L,0x6af65a671109ca9cL,
-        0x8379fdd9cc6f80d9L,0x33f74ade7e666a4fL,0x07ac728b7be081a5L } },
-    /* 37 << 322 */
-    { { 0xa3df31a312354705L,0xffc8fdfc1aec1bd7L,0xd9dd39c112cc342cL,
-        0x8077a57e37bf43fcL,0x0f037ce49cb8751eL,0x5740f6b5b805b530L },
-      { 0xd26422704e2b5b93L,0x114bb1f02dc158efL,0x71881767a9bec3d1L,
-        0x1174386d266d95cfL,0xa373d7ea7cdd4461L,0xaf4f7b40d814a33eL } },
-    /* 38 << 322 */
-    { { 0x0db94a18f79761beL,0x263e2acb5717b98cL,0x78c28d8182567b0eL,
-        0xce1b366b893c35b4L,0x1e20b1bc0d6907a7L,0xd6f123474b973588L },
-      { 0xfb945471f717e91bL,0xef85653cb027bd4dL,0x048e9e1df07dc0e1L,
-        0xc494aa9cc163b83dL,0xfaec72d3021b4fa5L,0x5c63c30fc9869fe6L } },
-    /* 39 << 322 */
-    { { 0x2dfa058d510d8d86L,0x772fad416a89aa0cL,0xdf55d15cd586f23dL,
-        0x7d96b7a989b604f6L,0x352fe049a38d821bL,0xfc56b8df4fbb5795L },
-      { 0x264122b4b3d5dd0bL,0x89317f4a980177d9L,0xc060ab4a13e2aeecL,
-        0xc2676725e2cafc87L,0x78863cf45eb1df3cL,0x2e1572dc0ab1a715L } },
-    /* 40 << 322 */
-    { { 0x7a8a898d5a4703aaL,0xc59933ea1cd6f9d6L,0x703265f5d28124cdL,
-        0xe1c1bee10178d1feL,0x9ff31cd4241262e9L,0x9174a939a3c9f80fL },
-      { 0x0f7a3d2dbc2a62eeL,0x0454051c62f1b3acL,0x83502c9ea2421254L,
-        0xb4fa51fcb684199bL,0x257e9e2bc5e36a44L,0x14efeed597d8647fL } },
-    /* 41 << 322 */
-    { { 0x09bddbc28f2b12baL,0x8af83a779b7f1c14L,0x88f9b4d3bcc934bbL,
-        0x8d8312df8d072340L,0x2ee105bc615989dcL,0x6044fa00de3bab08L },
-      { 0x98c499d603cc86ffL,0xf0b48aa7c5068033L,0xdaa536d2c96606d8L,
-        0xef905aa2bc6a843eL,0xb6f108ee8ac620ecL,0x0dec7dfbb6dd66f9L } },
-    /* 42 << 322 */
-    { { 0xb9157d4ab0fe18a8L,0x139bbcbc68cc7a70L,0xd546a06d7dea2914L,
-        0x8db142d4a01cc59aL,0x127ce2d9aa09fcdfL,0x3950a5a63bfef8deL },
-      { 0xf41ef6d42527522aL,0x4b4e6f107e6fb19cL,0x2a2735d1345788c5L,
-        0x87963e1ee72a7ae3L,0xb58d8934fc443360L,0x93552692b16b6f2eL } },
-    /* 43 << 322 */
-    { { 0x70591a849518f0c7L,0x5c282b6fc67c438fL,0xdbf61b6b100facc1L,
-        0x3c5d969f2bf2a5beL,0xe1a0c6cbab980c70L,0x70f4981c680619fdL },
-      { 0xc6905d7cc65be256L,0xde3340fbb5c27acdL,0x17be9d182c1b3fbcL,
-        0xd584e4f96fb00b1dL,0xac5dc14eb819646fL,0xf5c3279a3242935bL } },
-    /* 44 << 322 */
-    { { 0xfdb13b31be970ebaL,0x119b1c08b0bfadc2L,0xed62f35e21875542L,
-        0x73c8f9b0349a6d12L,0x8c35d8f8bd1622c0L,0x501b9d288b6521a0L },
-      { 0x377f8fa1c918b2d5L,0xe2a9580cd0239ef9L,0xee24f4f0371d7bebL,
-        0x4cc697a669231b47L,0xa55193c8dc4c5a07L,0xd4e51e1db0ab8507L } },
-    /* 45 << 322 */
-    { { 0xcb811c27265f267fL,0xb85593aa9e2688f4L,0x57a1969dd76bf364L,
-        0xc29946c9014483a2L,0x5bdd72490915bddeL,0xba6d13ff22746ae4L },
-      { 0x524121e0d25f6b7bL,0x9011309e0d68a3f9L,0xf25e89ccdb91c66cL,
-        0xae79cad781df593aL,0xef8c6bec4f103231L,0x832659c3e038f02eL } },
-    /* 46 << 322 */
-    { { 0xd58eeece37761959L,0xba6d8ab5b328f084L,0x3911e6ae324a6706L,
-        0x299921c8ad139296L,0xb81a3fe4f6b8d9e1L,0x2680c46f5ef06a6cL },
-      { 0xab9cdf368611d63cL,0x6c9fa5b3cc0a5da8L,0x712356a3da4d4412L,
-        0xc1707a10cd3f550dL,0x5c25b2f3ce468303L,0xe4be20bffa546b6aL } },
-    /* 47 << 322 */
-    { { 0x797a2919515ee1dfL,0x65dd5991119dc9d3L,0x82e8201b41e4c5ffL,
-        0xd27b35130d3dd45aL,0x9ba590c5b13b2dd7L,0x0f15b35282992935L },
-      { 0xef39971e227e4e46L,0xb74c524b2786fd6dL,0xe09c28ec71b1579eL,
-        0x0d1418e285f6a935L,0x173265448719fbe7L,0xfe3b1d831200b35dL } },
-    /* 48 << 322 */
-    { { 0x6e96a8195cecb21fL,0x3a58d8b2d8beecaeL,0x93c3cbb0c0c715a8L,
-        0xfb06f977541759b7L,0xf25ba095771c3d2cL,0x7560446ea3bfd322L },
-      { 0x7cd99f35a015cb4fL,0xa0e541960786f235L,0x0f868f768b8e291aL,
-        0xc8260b0b2f95050bL,0xaf38376ef4c0a462L,0x2b3c0f3b98a3395dL } },
-    /* 49 << 322 */
-    { { 0x99d4529efed6a724L,0xc6f1b084071d8d31L,0x6c48062ba097da1fL,
-        0x1dd10493301c1d74L,0x5288f194f554cbccL,0x77b1b81f39dd42c7L },
-      { 0xeb1f2d53a007a6d8L,0x43bed54e05648d75L,0x1a85326f29801a1eL,
-        0xcb9a91a4f564d78aL,0x4f38fc7893f071deL,0x920117d8aeeeb5adL } },
-    /* 50 << 322 */
-    { { 0x709b5904b35cba78L,0xef0c321021b11d3dL,0x38f07eec46844b18L,
-        0x2e79f99934870a55L,0x9e9df80400d7b924L,0x857a95625cafba4bL },
-      { 0xef8ab68f4adfea6fL,0x4a83bfc16ea764e1L,0x21f4c75475e8d874L,
-        0xa3597f526ecdf5d1L,0x9d3a4766eff2e1e6L,0x9872db39e5e6ae81L } },
-    /* 51 << 322 */
-    { { 0x42d9f39e99bb9a10L,0xe617263ce35e4852L,0xb3f8ace1a06b71d0L,
-        0x861520de6419d9d1L,0xc2c521cf37b1fe38L,0xd537001b9edf9936L },
-      { 0x92614b9f39af94e7L,0xd2003f2e25286664L,0x249d04aeb836d4b1L,
-        0x3c6c192ab26df88cL,0x6e0b25442c72ec0eL,0x69d7f6d7497f03dcL } },
-    /* 52 << 322 */
-    { { 0xbb5a95f6293cc00fL,0xb202a82a65fb729eL,0x819c26aa12e35774L,
-        0x70cd5237c2b3f0b2L,0xa752224a89b2c5ccL,0x71c09cbd0ec89df5L },
-      { 0xb849e352bab45d24L,0x290f0307d313f461L,0xf083031cee885e9dL,
-        0xdf42a973a60bf2faL,0xe39f2118d4842999L,0x8b54cf1d0508febeL } },
-    /* 53 << 322 */
-    { { 0x8942b4df0d846a3cL,0x18db708662b6605cL,0x6549e019fafa6508L,
-        0x85d97fce43ef9443L,0xe9f13da373485de4L,0x5743297bb0f46e8dL },
-      { 0xc52781bb70908255L,0xcd88a48a6bc6e666L,0xf857caa5eb4f54d1L,
-        0x32dc925320974dfaL,0x6dc79fad965146e6L,0x24e3a8d2edc1f747L } },
-    /* 54 << 322 */
-    { { 0x1993fa650e81671fL,0xc6acd9f3dd1a1e4fL,0x227edd1a7bf36f1cL,
-        0x4ad2478370867ca3L,0xed0254f758b9a7c2L,0x63fe279a7013a5a4L },
-      { 0xa65787ee232e6a88L,0x5faceda487161d5cL,0x36e351b603d64c37L,
-        0xaa265f1de9e30871L,0xbf3432f521e6f66bL,0x69d68c068621289dL } },
-    /* 55 << 322 */
-    { { 0xd2bd143ea0807eeaL,0x474ad99582568efeL,0x0fcd6bba7d482c5fL,
-        0xf83e6f15e2628f4eL,0x314508252210e41cL,0x8f0a9402f47de776L },
-      { 0x7f20bc562ee4d1e0L,0xed4157de791aa7a7L,0xbe443399be2dee9aL,
-        0xb461643371625f13L,0x1be21ba8771f55c6L,0x04b3035a300fc187L } },
-    /* 56 << 322 */
-    { { 0x0952b888b9d0bdf0L,0x3973763c8ce32fb7L,0x221f0ba56dd860c7L,
-        0xbb7a27feb16ac501L,0xf113b194bc8fe58fL,0x18f3297a65839ffbL },
-      { 0xa2d4eb7c8dc30003L,0x3fb4b4878e334479L,0xa4f32c651a8310e3L,
-        0x944cd644f78f46acL,0x14e40c4af96fb91fL,0xc31402bd4ddf6e72L } },
-    /* 57 << 322 */
-    { { 0x9eb2c9e51ff0ab88L,0x0a29fc0695cc3436L,0x3f4b4ebdbd298127L,
-        0xeb8ad8b52ef56848L,0x6159700f5b211ff6L,0x8fb98f2fc3a67bc0L },
-      { 0x5c5998ffbd195b66L,0xea99d6767e44a64bL,0x314316e4bafd1471L,
-        0xb5f48757cc8c0e77L,0x922a91d15b259ac8L,0x2458279cf9fc4e4eL } },
-    /* 58 << 322 */
-    { { 0x945c5a3c6aac3e97L,0x5cbdfad9a266ad50L,0xa3e38114fe59f5ceL,
-        0x1ca1cfdace3ae206L,0xbe1f15e12a84cfdcL,0x682514726a12ec3fL },
-      { 0x48409f871f57341aL,0x632c369e8461bf7fL,0x1c96fc87d8865ed4L,
-        0x1727934ae1ffc51aL,0xa60f0ebb6d71f51dL,0xb6c354052e411888L } },
-    /* 59 << 322 */
-    { { 0xc7b3d3bb72a77726L,0x04b9bdfbbdb03d78L,0xdbdbaa7e2fe88db4L,
-        0xc5848e58564710b6L,0x7bbd84863ec55713L,0x1b5aea5670183191L },
-      { 0x95d91bb25340d9b7L,0x9a1462e4187a3252L,0x5cee9b8cec352fedL,
-        0x7db8350137049284L,0xa1d2822cd3b714f3L,0xe4cf6d53c2e51da6L } },
-    /* 60 << 322 */
-    { { 0xdb2a2ac9a63f6f62L,0x4c0d2da695f20639L,0xa485a6adb475e177L,
-        0xf6dad8b5aa93055fL,0xafcc1e954974bc52L,0x6686940224fcf32fL },
-      { 0x10c138bfc103b013L,0xe74ea82bc6faba1bL,0xddb399c581824de5L,
-        0xae797b70cdaad079L,0xc648e7ad6ea955e2L,0xd07c5c919be79db6L } },
-    /* 61 << 322 */
-    { { 0xf4b7a33b39d93befL,0x4be176f9659da9f0L,0xbf57d975f36642cdL,
-        0xe10b452d16d5528cL,0x7c062421a6bdd74bL,0xc093e346e7aa1d9eL },
-      { 0xb7cc38cc2f5c19ddL,0x9fc7f69b230c8790L,0x9b667acd5e3c5282L,
-        0x1cade31144cd22ebL,0x53a0d702bb43a1e4L,0xb25868777906519eL } },
-    /* 62 << 322 */
-    { { 0x46e2415deb5003acL,0x05aee8855e8a6a0aL,0xbda9f162bbaf343dL,
-        0x658b350b21853341L,0xaf6b4948ced47246L,0x1d454740723cd3bfL },
-      { 0xc4b7ce3fe1aaef54L,0x619420daa35c9e24L,0x65d455b14eb7a52cL,
-        0x2f9b700a4c961515L,0xa5b7b962d3aed448L,0x4e32a6d937851d3fL } },
-    /* 63 << 322 */
-    { { 0x2c4c1b2ed00f8cb9L,0xbf83ba500fd305aeL,0xb75bcf9f801a8e64L,
-        0xd8ab465ccba76b29L,0xf5a2bcd74ea718f4L,0x81501d563b592ae0L },
-      { 0x9734e4e26ae6bac5L,0xc4860b0eee304e5eL,0x8bd59b7b1d59f1acL,
-        0x7c9497e8e799594dL,0x4bc6634c08292918L,0xc45583aa92619229L } },
-    /* 64 << 322 */
-    { { 0xc5ad791eb45a8002L,0x4a23fd68ba2d7a40L,0x673b9e4998544bc4L,
-        0x934d8f55d273c360L,0x7fb48d0768a75a8cL,0x2e6201055e0fac97L },
-      { 0xbe01655ff10ed580L,0xd21d52ae9e96731fL,0x74f830de53325138L,
-        0xa7240331de9f3fc5L,0x96b25206a7e01fa5L,0x3fcfedee07eda4b4L } },
-    /* 0 << 329 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 329 */
-    { { 0x3e6e93818d5c039fL,0x809494228a8d2cc9L,0xf2d7c8b4b843ec06L,
-        0x0055d882af8a23f1L,0xe848010ed3792335L,0x9b41a55f55e08e74L },
-      { 0x956ea8e95de83059L,0xf159a9973263678eL,0x5f7b9271cca1b548L,
-        0xd41d2281f1d0b7f1L,0xb187047b5c9963fbL,0x213ff6af02536cd8L } },
-    /* 2 << 329 */
-    { { 0xe51a95700d0fa76cL,0x67c7890e4d2e9c8eL,0xc6160fa2f974d2cbL,
-        0xe00474f74c6a78deL,0xee916e510ac89d11L,0x1adad97af826f133L },
-      { 0x3fc65d3f8d2d77f3L,0xda9420750ba6c300L,0x5237a82e0b9196b1L,
-        0x4975e680a572b6f5L,0x41ea8b92b9bed2bcL,0xbe0ad7109826825eL } },
-    /* 3 << 329 */
-    { { 0x06f721d30a9ec81fL,0xf0359222034f3e78L,0xc5ca6b7a5a44ffd9L,
-        0xc53e328915764390L,0x7f16917459747d7dL,0xc3a9981461f79122L },
-      { 0x099f4e3a97aa46f7L,0xcb0570c9d70458a6L,0x270a43576b72f327L,
-        0x9d6bb26cc33695bdL,0x60f9202126224902L,0x8eb0e108e1b0a51fL } },
-    /* 4 << 329 */
-    { { 0x8a390dca9fcaba39L,0x3879f0b4278d22b3L,0x77bbea69bc5e82f1L,
-        0x71f02e2d4628d6f1L,0x6260790cf968e240L,0x1c7f3df5665270eeL },
-      { 0x336395451a87b1c8L,0x2011fd214ffd9fb8L,0x69060f867807ed55L,
-        0x1b0ac0119dfa452cL,0xbbdb25fe06d27c0dL,0x5c25d23aa60ef90cL } },
-    /* 5 << 329 */
-    { { 0xc08dc153d9f75d6bL,0x5c1f07e7a0330237L,0xb3e6fb677d67a5c9L,
-        0xca949ed098f9faddL,0x48b16b2dd7720835L,0xfdb1b735fee4d341L },
-      { 0x1a6b37b1debf3207L,0x5b3eeb1e3218c63aL,0xc19b57b504c23b30L,
-        0x178bd3bb40669e2dL,0x74e57b26fb6b162cL,0xc3626931a0932b58L } },
-    /* 6 << 329 */
-    { { 0xd3eb69e4734b2e9cL,0x1c2754e2c35ff1b3L,0xa26681e69f3e8c51L,
-        0x7892ad11a2cae737L,0x88b1da43cbd8bda6L,0x8a576942419d21c4L },
-      { 0x7c124343c90f4545L,0xa5a8d93b26453baeL,0x9a4c08fd76ae72e8L,
-        0xa08b82d97b064e94L,0x4f803ba083725330L,0x33672455865235f3L } },
-    /* 7 << 329 */
-    { { 0xf7a5e2f0a51e695fL,0x3099bf9484adf10bL,0xb2a03c0f22a3ff04L,
-        0x30303a910acec674L,0xaccb2f3ca59522f8L,0x00ff4d88f273ba94L },
-      { 0xf0056b4210e735ebL,0x3337279a7786e93bL,0xfecc77c44bb3c31dL,
-        0x3385bf5be0e26a05L,0xa9454ab85f45fcbfL,0x41a4158346edb553L } },
-    /* 8 << 329 */
-    { { 0x1877dfd0c8110f1fL,0xea88f59d18db27c2L,0x9d089536c78e295eL,
-        0xcbb5d55374a04cc5L,0xe3666006827f75edL,0x8557b81a61e7378cL },
-      { 0x74170170ed223f48L,0x84197a6ed86ee829L,0xd75a30f8ac1c4a0fL,
-        0xd7e7be0d3cd92824L,0x5ea0abdb1b5e86d4L,0x41146ae1b3b615efL } },
-    /* 9 << 329 */
-    { { 0x6d340fd3fabd376bL,0xb5066b1ccc169cb3L,0xa4148142d20ef8f1L,
-        0x0c5d66fb461544d0L,0x84c7a232d67043d2L,0x4c0e77867e609af4L },
-      { 0xb1e83f1af4619e4eL,0x40fca1a0b225d174L,0x39bb3a882e42fa4dL,
-        0x04dfe833d2682205L,0x49016d9d685296f8L,0x2da587198b735155L } },
-    /* 10 << 329 */
-    { { 0x570deceb1ae5e9daL,0x5c079c70b73ead01L,0x522a30a6d2ce6639L,
-        0x71dc5c3ff4056ac9L,0xd93c7a2dbaac149fL,0x5c3298b8f1844cebL },
-      { 0x282adf408c23c0dcL,0xbe4981899b646f86L,0xe77c1950628da9e5L,
-        0x38cc27baa1fd5a18L,0xb5579728aacdca52L,0x8d34fdb4c8e1ecbdL } },
-    /* 11 << 329 */
-    { { 0x563e0b8a7a7fa597L,0x6697c375bb7dd079L,0x95758ff6c6233951L,
-        0xca07993fa2059c40L,0xc3065507ce2aaefcL,0x9faed33c6ea927d5L },
-      { 0x0f8b48241207247eL,0x0044f6115eb2263aL,0xd7c9ce7c851596fcL,
-        0x54729d523c69d424L,0x42cbdcca45876770L,0xc1e0e6ceeff2adcbL } },
-    /* 12 << 329 */
-    { { 0x323f2102adea7d6aL,0x035b354eb694b253L,0x66dc4e4a5b8a36c2L,
-        0xb609222471795ca4L,0xd8c6d7eed300d80fL,0xf31f258db3b94954L },
-      { 0x0f2eb679277ced5bL,0x0b16efa3eba40e3fL,0x400035070dca4f36L,
-        0xd34c91cb59a9a3a1L,0x5e8fea3286da6408L,0xf237959f03f31728L } },
-    /* 13 << 329 */
-    { { 0x1d3173653412e8d3L,0x1d14cd1b09695abbL,0x9044adf2a2cda00cL,
-        0x60a6ccd60b7ba011L,0x614b100417284b46L,0xfb3d84b9cf840203L },
-      { 0xd65b3566532b068dL,0xc8c03996c2465150L,0xc9035c2df71c35f4L,
-        0x350231a752222e21L,0x59440020451935b1L,0xd723a55cccfdd206L } },
-    /* 14 << 329 */
-    { { 0x1b5bc630bbaaedc6L,0xe7d25088b49cbb3bL,0x5622cbf70deb8cf0L,
-        0x3b20803cd309c3baL,0x64c2e7deff45e2fcL,0xfa730ffb9aab84a5L },
-      { 0xba83cc514edfb52eL,0xe05c0140748bbd69L,0x27bbb5f52254ec43L,
-        0xca740989324c8c40L,0xa21488b1d26491b4L,0xe2753a1f69d8626bL } },
-    /* 15 << 329 */
-    { { 0xea04908f64dab001L,0x8ea1f127b4debb2eL,0x87adb69534f155a0L,
-        0x41595cfcca8afe0bL,0xffef042f8763ba08L,0xb7b4865decd3e667L },
-      { 0x2c46c97070c4c8a3L,0x1ab18c080403d206L,0x08b2d3c94b3df379L,
-        0xc6a4c268a87a7166L,0x449bc61f5323b1f0L,0x8d4b7ced489ada74L } },
-    /* 16 << 329 */
-    { { 0x618ca06b8956146cL,0xd51f1e6f552cdecfL,0x981372cca3b6ce7dL,
-        0xb44a68ee5f14bb57L,0xfc1167e96373abbbL,0x3d621f8b767d4c0aL },
-      { 0xc6dcdfebf6ecc778L,0xddda926282d1fbddL,0x477501aabfcbf2f7L,
-        0x0be7228a67aa8277L,0x5de7b8331daab9cdL,0xb88a4f9a262feb4aL } },
-    /* 17 << 329 */
-    { { 0x203a666c608fea53L,0xbf71f8fde8979c08L,0x3bd58feba22a3d2cL,
-        0x596bfcf521f178a1L,0x6f207d89f84beffcL,0x8a7c6dbb18097607L },
-      { 0x208f5e64a1c5c927L,0xd7d0e33478dc83c3L,0x5e9397261d4e30f5L,
-        0xf3877242fa09a36cL,0x68e4338ae6a7b0feL,0xcf8cd131ac47b369L } },
-    /* 18 << 329 */
-    { { 0x28f18586936fb33fL,0x9809b2ab381bf7bbL,0xf6e16931eac3c252L,
-        0x366d18335e151187L,0xe5b4c2357a3b6460L,0x693a9fa50a68bc91L },
-      { 0xa35f104a6a7f8b6eL,0x3e5d6981688676c4L,0xc0c081b10651a609L,
-        0x6df5da2dd77057c9L,0x8bb271bbc4602847L,0x322547b3c4bd07d8L } },
-    /* 19 << 329 */
-    { { 0x9b56b9444deb8158L,0x5f4b15a6da5eb70fL,0x120afa9514cb0126L,
-        0x01f6d00d6bdd0d78L,0x73dd7c5c463b1ce6L,0xc770cf35df00a133L },
-      { 0xb5db93a1247ff879L,0x1c12f3f0c70ecea1L,0x10168c4e5b59cc9cL,
-        0x1e9e0f8a0e19efe5L,0x43987dc1cfd44b62L,0xb1d265c204814e2dL } },
-    /* 20 << 329 */
-    { { 0x8c283529233d39e4L,0x96300796c6092096L,0x2c549de55dde766cL,
-        0x27e0b444b4151002L,0x802e5fc3f2f88f1bL,0x2af579c28ba1956dL },
-      { 0x52edd04ed68196c7L,0x2e22e71474a202b0L,0x338948248bf66459L,
-        0x8f0d8c259e39df55L,0xee4f109e6c5276d9L,0xc0c893f0c5dc0bf0L } },
-    /* 21 << 329 */
-    { { 0xa3081bc75b3f17e5L,0x299e7a0222e46b9dL,0x36184c98a9afa278L,
-        0xee2043319095a8a1L,0xf5e54622cd5ac080L,0x08d649013fa844a4L },
-      { 0xb20ddfc6d7fbb42bL,0x15130bdbd868a81eL,0x25e5fd2f32ff1a03L,
-        0x907e3c01ca5288d3L,0x2f2f7496a1f6f96cL,0x831feefd38ab83d9L } },
-    /* 22 << 329 */
-    { { 0x06054c76f8482849L,0xc24b4a6a5fcca65dL,0x71c27e01a17ebda3L,
-        0x1ffce0281be9dfb8L,0x3784c950ebc43854L,0xcf0ecc2dd5086510L },
-      { 0x86d0fc3cbe24d8ebL,0x5bad01911f21788eL,0xe2c3bcb9c49b3a12L,
-        0x66f82433f7d5992dL,0xf7cc5eb913969246L,0xe52defd48660a6daL } },
-    /* 23 << 329 */
-    { { 0xd6d6a42b102490deL,0x9e6532acf40d27d7L,0xcd1591cdf2a08bbeL,
-        0x973e09f234eb47ccL,0xb3a5915add4fa316L,0xb36ca6ceac38218dL },
-      { 0x73d370b3e58a0cafL,0xbc8fd39f07766be2L,0x3d5d9ef7c2ea7997L,
-        0x22877500bbfcc1a7L,0xc54d0c6406e0547aL,0xf7bc1d2d564e9ef1L } },
-    /* 24 << 329 */
-    { { 0x7a9623b653fd1a04L,0x13bd35bf3a3b8500L,0xf8a5dec9e0f8e530L,
-        0x88bcbe291d65dcd4L,0x09fe38036739541cL,0xebd04b7fe716a97aL },
-      { 0xbd8e34df1e5ef7cbL,0xddfc4243d7c4fd6cL,0x0183d9053519411fL,
-        0x63450996f7a3c483L,0x18283cea01355739L,0x8c1d72cf9aaa72f7L } },
-    /* 25 << 329 */
-    { { 0xffcd4b6f9be9ff57L,0x0bff01bb939327efL,0xde596626b5ed90e3L,
-        0xc07464ff4379e17cL,0xefd3e2c470d31340L,0x78b2192f4e7df61bL },
-      { 0x7cfe28def3faf2fcL,0xd2d1a994dd642f87L,0xa5d4fb1410b3377eL,
-        0x2cb4978ead6fa00aL,0x5b6fe7a765fb3688L,0xc26c1b3336d5acdeL } },
-    /* 26 << 329 */
-    { { 0x551e1b4e8dc72468L,0x8a926cb2a7b2f1acL,0xb873e83b0fd12fadL,
-        0xb6cde14fa4e7fb13L,0x81ae41415befc256L,0xffb0c636b4c7631cL },
-      { 0x80f1408f8a2478feL,0xde6d051d44fa7605L,0x5a15b1f84d44a1e4L,
-        0x1a0031c5a0daafe3L,0x304338dd597652a7L,0x6830dcc7f257f17aL } },
-    /* 27 << 329 */
-    { { 0x62fae4072fdc8ea4L,0xff77522fcbe76ee3L,0x5fa03a454fd2bae6L,
-        0x774c635e8dc90431L,0x718081b62ddc4376L,0xf4901a2c03e7aec7L },
-      { 0x5339a3109eb023d7L,0x15dd4f96366e35f7L,0x1f802d4a0e2d2e95L,
-        0x8e5e9cb2fe1b1226L,0x175806f623a0de5cL,0x115a97db068c7bbdL } },
-    /* 28 << 329 */
-    { { 0x4a67ec76193aabbcL,0x3da6dec6d74761f9L,0x751720c90b35bb70L,
-        0xe5e049058d9e0f8bL,0x3cd37c840858f29cL,0x7ff1abfbb881733eL },
-      { 0xa0c2698b0c4f7694L,0xc736419296b95e4eL,0xcfa55c5537ece651L,
-        0xa2bbd6ae7cb1e9e1L,0xcd2292b9a0eb0e8aL,0x8aba99e18d5030d0L } },
-    /* 29 << 329 */
-    { { 0xa3f508a498fa3d8cL,0x4d894cbf45bcff40L,0xbcdac17d0c095cc4L,
-        0x397caa6f407c2ed8L,0x2195056b5f97b4a9L,0x41eb6e0e97434508L },
-      { 0xbb5e4e4a73f211f8L,0x5e8e638f720a451cL,0x8470bc9e4974252dL,
-        0xc487aae29f6a9a96L,0xaa66417101165deaL,0xc8af7172b603771bL } },
-    /* 30 << 329 */
-    { { 0xb7c74c58dc4a1d3eL,0xe3ec30160331ea39L,0x83afb271023c8712L,
-        0xc2670d56c9c82680L,0xd426f350feca1061L,0xe8aee692ba6edc01L },
-      { 0xc916fbe546e801d9L,0xcb001c377097286eL,0xfcf79d2678ee1328L,
-        0xb05b0634b6a4afb3L,0x2ab327bb306da14fL,0xc11a0294ba5ff534L } },
-    /* 31 << 329 */
-    { { 0xcaa287c30f00dfcaL,0x9ca672930601cc7eL,0x435e883fb105d00fL,
-        0xf9cddbf91238536aL,0xda604ccb45f558c3L,0x7e51d9d182f48366L },
-      { 0xc1e8d50d7e8396c3L,0x58638b85edbb75e3L,0xe926aabe9b088d2eL,
-        0x8103a34a428c41e3L,0x03e5e35d089deeedL,0x64969c6d93bb0b99L } },
-    /* 32 << 329 */
-    { { 0x7b7da028e19763ddL,0x662f54df8b98ff78L,0xc056d83c51f3dbd9L,
-        0xe2f4d46fa91d085aL,0x31759c9ceb35262dL,0x624d0cf20c9dd29eL },
-      { 0x108cf9bb1624b02dL,0xa241444e345531d6L,0xf69816b273d372b2L,
-        0x126575a7d5415e53L,0x546bb4c1306b8b0eL,0x82bb0c124d54ea5eL } },
-    /* 33 << 329 */
-    { { 0x85b355304c397362L,0x218a3b0eeda72e19L,0xd8eae54461729c56L,
-        0x3d9b4a62735b571dL,0x12f3ee775629e437L,0xa72f9809095e5378L },
-      { 0x5420a641bbe6dd1eL,0x8121eb3d02f41fe9L,0x5698eaf945e7acbaL,
-        0x8a5e1a89469c2f12L,0x801740e25b434e0fL,0xa4dbe1cc670f58bcL } },
-    /* 34 << 329 */
-    { { 0x2f1919df5819e9f2L,0x156489e7a62287a9L,0xed038deb20a0c2caL,
-        0xf63ac2d5c5ab4fdcL,0xca2b648ce391ec06L,0x8258e3f45b047d2eL },
-      { 0xb7dcff56fd17b40aL,0xa8ace11f4bed747eL,0x542d70d175018429L,
-        0x6c568967951bb2e2L,0xce420f73bb0e089cL,0xdae9623ed13f8eb5L } },
-    /* 35 << 329 */
-    { { 0x2d561034009a41d3L,0xf078204f5734d3a1L,0x2b8973ff7408e71fL,
-        0x07cb9f95aab9c533L,0x376c1f59d0b35fffL,0x4a756c7fe851b313L },
-      { 0xdc690e9874dedeaaL,0x625b082f70cf3f5cL,0x44839b5803dfc301L,
-        0x5835a6c3c520f618L,0x695425e3afdb68d5L,0xc04ce4c62db97ee7L } },
-    /* 36 << 329 */
-    { { 0xc1d9b27ecb5833e7L,0x9911909567a8a669L,0x9317f8c30ab9ee27L,
-        0xfad65eb9f34551e6L,0x7725ec2e016504f6L,0xca492cb47ebbdfc1L },
-      { 0x6d2a3c962706aa66L,0x53e6d650836d8ee2L,0x109496434bc84bf3L,
-        0x8442ee826df7c0f1L,0x7ab2eb9918fe80c5L,0x6a8579b35cd2ea35L } },
-    /* 37 << 329 */
-    { { 0x96adba7706e80e68L,0xa8839d6a0fe580e1L,0x755227e337a31a9bL,
-        0x40b5fc70e27ec051L,0xb900a11b29af222aL,0x8fea2e509dd84811L },
-      { 0x4f844c8861b59ab3L,0x26739874560c0948L,0xb39f85ba0cc08828L,
-        0xcdce2fca829082edL,0xbd17998eb4555dceL,0x827eae97a3608a9fL } },
-    /* 38 << 329 */
-    { { 0xa77087f4c98e17c4L,0x9fa12dadbe2985a5L,0xa68cabc94bdce4e2L,
-        0x222a6fb6d3500913L,0x15e28fd5a9c0904eL,0xed31c63f7a91f825L },
-      { 0x9cd9f3e56f2f35b0L,0xa2b14261923cab8dL,0x71a780516d8ccbeaL,
-        0xf1fe532bdfa937b4L,0x6e3d7252539d0a74L,0x27ef2720814cd797L } },
-    /* 39 << 329 */
-    { { 0x8bd8341e6899b9bfL,0xc2ea111680865aedL,0x0cabb5cf13fed0e6L,
-        0xa11e82c1e4ce70c0L,0xefe3d4eb99aba16aL,0xd774db4dd8df10c3L },
-      { 0x72ee5c98bae14dbaL,0x9161d0b179b86e02L,0x1ba8b84585e5ba90L,
-        0x3830148f17228bdfL,0x222499e2ba89b2a5L,0x5d50922cccd4f87eL } },
-    /* 40 << 329 */
-    { { 0x81dd074e4398751eL,0x87b11b480a3f3ebcL,0xb5afe1f0352b58f5L,
-        0x6d2d94829c390eefL,0xd073f9a0f36a8d23L,0xa7c5abec466ebbe5L },
-      { 0x968c04a60539f145L,0x52a3ad0c93f4d3d3L,0x98e196bb15c0970bL,
-        0x2af28ea370ab8ddaL,0xb912fbda7a039fa9L,0x3dd8d87acbd02ff6L } },
-    /* 41 << 329 */
-    { { 0x849b2f0b4ee5ebb7L,0xfd1b015158bea2f9L,0x260a6b5bfbc530f9L,
-        0x2b6c198d06776366L,0x6540793f8074c6d2L,0x1c722c259871be11L },
-      { 0x8ce5241ce0560ce9L,0x3574db548096df0cL,0x1d9dd078b0fb8c98L,
-        0x6049c7f25625a023L,0xd2c0853cb18d0dd0L,0x5e57bd71cd645f78L } },
-    /* 42 << 329 */
-    { { 0x8da9b831361ce377L,0x6496515b7dc06076L,0x870e7df3b8cba83eL,
-        0x315ac0049f8f495bL,0x1a09dee576fe0978L,0xae7af621c18059a2L },
-      { 0x2bc9dea404fac2afL,0xc630bd5021b90a79L,0xbded6b8628c0f9a1L,
-        0x709d72c7be4fe93cL,0x3d1e2eed74b22303L,0xcdaf6b1d0e81dfcaL } },
-    /* 43 << 329 */
-    { { 0x42d004f3be8ec138L,0x5379a3063d617cfeL,0xcbbd274ec1a87d06L,
-        0xb9967c5284c9df0dL,0x0238d715c421e288L,0x787ee6abd239639fL },
-      { 0x746e4071adace009L,0x2e2545db61377666L,0x47cc241cf07deb1fL,
-        0x0a0742f1847dee19L,0x50175dd06e59b0acL,0x95ce3065d2333a87L } },
-    /* 44 << 329 */
-    { { 0x65c33cf4ca5eba6eL,0xbc48b22e12c2f19aL,0x6c5bbde461fbdcb0L,
-        0xe086202bbc503a00L,0xa9483799deecbb11L,0x9b2c0216279aff50L },
-      { 0xc10fce1069f99456L,0x2b0051d5b7820d55L,0xd2de9cc32129b5a4L,
-        0x711166d9e4f565d6L,0x7a8c3dfb88075f30L,0x6914edda224ac45fL } },
-    /* 45 << 329 */
-    { { 0xca481b6e4e1e3cabL,0xf390ed5f7e12d8b5L,0xcda82616dcd06247L,
-        0xf7d791422cec8917L,0x0c2ea9fe2364e5deL,0x471b71ed21f98e3fL },
-      { 0xbebd6a753b9aae94L,0xf9914c0b45f5d5a5L,0x07c823ca4b3dd18fL,
-        0x0b8c09ab74ad2bafL,0x21048cf7c7376302L,0x080e4a00efb16ac2L } },
-    /* 46 << 329 */
-    { { 0x1699d711379e6c77L,0x9126d88c7427418eL,0xbb05797d825210acL,
-        0xc0b611df315cb277L,0x90f82a9d61f69206L,0x39a79014f517228fL },
-      { 0xd9f2def450e8a693L,0x88c1104381e9d71aL,0x28e20b56451f8a9dL,
-        0xeaa794763e101231L,0x3f1ba0c56423e8c3L,0x2fe7ce4e3c6c558dL } },
-    /* 47 << 329 */
-    { { 0xd706ab9cc55b1a3cL,0x99c453663aa386f6L,0x348c8f743617676aL,
-        0x5f3c49092b9ef7bcL,0x26969963ff5d4864L,0x1f952e03f5b490ffL },
-      { 0x4007914e30cd5518L,0x3b38fd1e0b0e6513L,0xb25e0a81decbba43L,
-        0xb7e77345a7d78431L,0xbb7bc23062467d4aL,0x616c1724598ad852L } },
-    /* 48 << 329 */
-    { { 0x5bcf287864e60ac2L,0xf70e78a455d53345L,0x88685de6707a7138L,
-        0xa77646dcfb2041a4L,0x8608695289db3060L,0x08b7c4d8e27a1690L },
-      { 0x4148d9373ca7fd81L,0x58c7440bff7698a8L,0x9d722d4db0391d14L,
-        0x5683112462b0373fL,0x87b0363be9a9992cL,0x51870cd18853db84L } },
-    /* 49 << 329 */
-    { { 0x775086f481eb73b1L,0xddf02d0e4db4d236L,0xab3d637445b09e54L,
-        0xb7ef92657e883a2eL,0x20e6ae8f7f42b4b3L,0x26a14629bc49d85cL },
-      { 0xf0ee4e5ca4ed9ba3L,0x288c5b0793b0b721L,0x9c767a59e9917114L,
-        0x3dde322015085ec5L,0x3176507f7ece24dbL,0x71e1995686cc47fcL } },
-    /* 50 << 329 */
-    { { 0x86dedf2e9b1ab85eL,0xf3330387c2d0593eL,0xf5e6143997e907a5L,
-        0x1992569d8cd66e4aL,0x836b215e0869329eL,0x8b5c4891153ff215L },
-      { 0xf6c52f1b609dcc15L,0xa3a5258c085722c3L,0x0a4e81501c378dfcL,
-        0xa8997ddc739040aeL,0xb1c4417a7180a073L,0x618009bff1dbab34L } },
-    /* 51 << 329 */
-    { { 0xc276e23733ec753fL,0x196a1ccee112da60L,0xcc049e2b953211efL,
-        0xa60e1aa711dcc43cL,0x091ceb49cdfed2ddL,0x8fe1c52e72c69037L },
-      { 0xf66eac87a986ba11L,0x4917f822b273d90dL,0xf7ef04cc957befacL,
-        0xf8a7ac1320b8aeebL,0x71f0db3dbe6af428L,0xcb0bf8ba566429c8L } },
-    /* 52 << 329 */
-    { { 0xf617674d2cbb40a8L,0x446ad46b4d11399aL,0x4d4246943076b6b3L,
-        0x1b9e7d881c33ea9eL,0x8e1aa6716954589cL,0xf1099b26e221722cL },
-      { 0xb18904f94917576eL,0x0512b21bb549058bL,0x12c89a64a209ad3cL,
-        0x421f5e575557cc67L,0xb42e17371b5a17edL,0x427c6a621ff3230cL } },
-    /* 53 << 329 */
-    { { 0x74e75db02bfb49e4L,0x7685588d58cf18dfL,0xfbfe8f56398e27a9L,
-        0xd2711ec365666b9fL,0x1df7714d2c59b787L,0x0f2c4b4c486f8fc0L },
-      { 0x098ed315f847b688L,0x60c367e332a20ae2L,0x58f48cd6bba6dd13L,
-        0xc41e31960616128aL,0x7f90dd69a3205005L,0x8e6ce9d23581c177L } },
-    /* 54 << 329 */
-    { { 0xcf2da6044a3b3618L,0xcfd27cc6b83f1814L,0x8cb45c0a6b9369a6L,
-        0x1f11501633976ef1L,0x2654a1574afc708cL,0xb47f423860970498L },
-      { 0x548be9389fd8536bL,0x454fde1673ff1ecfL,0x44657efae96be82dL,
-        0xc8e7e96b555df813L,0x2a0b3f4a4fccb822L,0x2e0f36b114b6dfdaL } },
-    /* 55 << 329 */
-    { { 0x227ba88551cefcb8L,0x81e8f52e00071a19L,0x4afd5a5d170fee3eL,
-        0xc8864e274e17ff05L,0x1d8c2083710ffa4dL,0x22529baa9839c46fL },
-      { 0xad771341825a0a87L,0x34a3049edad7c56cL,0xf1f14e1712f3625fL,
-        0x6103d1fabcd36dfbL,0x9f5ce7a949a7cf78L,0xa5a4e38a333cf634L } },
-    /* 56 << 329 */
-    { { 0x6c8e5a261d99492cL,0x6e5bab8e77f916a3L,0x9b014aad50ad6f39L,
-        0x2a3933c51f107e26L,0x4b04395cc951bf73L,0xf8f683b4b0ef56dfL },
-      { 0x28c9fcdd1905c84fL,0xb03604f14141feacL,0xb546f58e53ace23dL,
-        0xee5fec4efe688f02L,0xd8b43f6d2e91406dL,0x75e44b21261764d9L } },
-    /* 57 << 329 */
-    { { 0x56905026e84e6549L,0x1dc1958c5b84b0b7L,0xcb477afba55d3c52L,
-        0x6c67cf7bc1434094L,0x739da94d2ecb03edL,0x8c45e5ee778ca2fdL },
-      { 0x66084f9712e2fe43L,0xee6a89e66c3289d1L,0x623b73abc5d1a215L,
-        0xb0edfa31cbf45830L,0x8024dffbd7de3b1fL,0x2ddf805a27f25caaL } },
-    /* 58 << 329 */
-    { { 0xb4e5a5d5605d7341L,0xe7a7a4069a1d3465L,0x234783d66c60b1b0L,
-        0xdd7ee2fb3b480129L,0xfd183240dbb7032fL,0xba2a97accaedc8c1L },
-      { 0x1a1824d3b0185c9bL,0xddc0f82cd36edae3L,0xaf7bbcc03116b17dL,
-        0xefc9095985f6e8e4L,0xc6bde428acb9c328L,0x69d80732cbf991a7L } },
-    /* 59 << 329 */
-    { { 0x455a23a465ecec1dL,0xcf0b2a221d9e9887L,0x0b43131e3fbb1cc9L,
-        0xd4ece789bdad49b9L,0x370c2f9aedfa4d17L,0x7f6855be15163f17L },
-      { 0x868a16f3735ecbd1L,0xd84527db08897c01L,0xcdbf5b18f2df294aL,
-        0x8c500b1f12b99a2fL,0x929c58df2591e3b9L,0x314cb13714eae6cbL } },
-    /* 60 << 329 */
-    { { 0xd014cc6deda2479bL,0xd2586003f1a85fb5L,0xceb0611153cd207cL,
-        0xe8c9fbfa647b3c16L,0x1f53e8e6ab7d6738L,0x06dcceabb060b5f3L },
-      { 0x80e023b2ab770ccbL,0x83ca0a5f4cda70d2L,0x19f7f5dfea1caa2cL,
-        0x769041414ffe884eL,0xfa4d93a3fca3c05bL,0xd381f527e88e1169L } },
-    /* 61 << 329 */
-    { { 0xa4553b3534914b85L,0x03968ddddc176f80L,0x095fb9531f258fa3L,
-        0xda9d2df7a554bb6dL,0x012a30ed84926864L,0x3fea37b12aa219d2L },
-      { 0x730d2c6d81cc6036L,0x96ea83c9ddd81991L,0xfab080dcef1678dfL,
-        0x16e25c6bfb2fe230L,0xf083a2b298ef2fb5L,0x0c0d0767581feac0L } },
-    /* 62 << 329 */
-    { { 0xd464a6525bc81cc8L,0x513353adebfa99d0L,0xd1aa97c0be51245bL,
-        0x0d37e590e4d20201L,0x7afc95cbb45c5c19L,0xdbd640cfb6a4ea8cL },
-      { 0xffcc3ff2be9c5b78L,0x61cb76ac1b2865d1L,0xb145bb0011352d21L,
-        0x69568e5ce550ac6dL,0x454a33043bf7ee0bL,0xa2fcf9b45dad3642L } },
-    /* 63 << 329 */
-    { { 0x2e2c8fb3f33eaca6L,0xae1c78b265f75366L,0xbdc601092280d2b4L,
-        0xed8409b7b6f472f0L,0x69eafa4f439e09afL,0x3b9ca2ecaa2b1531L },
-      { 0x59b2e8eb336e484bL,0x93ec3ecac5f0481aL,0xb01e690ad575157bL,
-        0x811aebc262e9d767L,0x1b26c0e49a9065eaL,0x5712d2c969a18827L } },
-    /* 64 << 329 */
-    { { 0xdaa7fcc9f9474bb7L,0x3c82e74bafa5db2aL,0xfbf918c59894edceL,
-        0x470c45eda9ac29a7L,0xdfd44f6fbc372f2cL,0x73a4790aa1e38d3fL },
-      { 0x23d2400ba9674837L,0x3dad71bc136a92daL,0xc76a488148baa4abL,
-        0x73227e4ebc26e6b0L,0xe732edcfe8ef5662L,0xfe96aa5f0c5662bbL } },
-    /* 0 << 336 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 336 */
-    { { 0x87c7dd7d139b3239L,0x8b57824e4d833baeL,0xbcbc48789fff0015L,
-        0x8ffcef8b909eaf1aL,0x9905f4eef1443a78L,0x020dd4a2e15cbfedL },
-      { 0xca2969eca306d695L,0xdf940cadb93caf60L,0x67f7fab787ea6e39L,
-        0x0d0ee10ff98c4fe5L,0xc646879ac19cb91eL,0x4b4ea50c7d1d7ab4L } },
-    /* 2 << 336 */
-    { { 0xcfbcbc4a7db62b5aL,0x2919bf514ab45ddeL,0x735de05622322f91L,
-        0xd2590bda7662ae23L,0x63d468fed82be7a6L,0xc84d0435695ea172L },
-      { 0xc50f494120a6fccdL,0x2d613990620f44f1L,0x680ccd041fd25778L,
-        0x25ddac444a3d0808L,0x41d8b738c4684cbaL,0x2611645f53963888L } },
-    /* 3 << 336 */
-    { { 0xb05cb834b0279be5L,0x2de7d0ebf08c5f93L,0xf023b5aaefa9e4f0L,
-        0xb8061e5d9bd075ecL,0x7d2ba50f1aa41bfbL,0x8963f3e390865d96L },
-      { 0x7f221a794713ec7aL,0xc83bc5178500b4c3L,0x085feb6af6ab1540L,
-        0xfd141024dc87cd93L,0x3e196fdb3239dbf6L,0xb7cf3e16dbcd5364L } },
-    /* 4 << 336 */
-    { { 0x1466c9f5e03a2fb4L,0xb866c006862a58a2L,0x291e8c75b5865550L,
-        0x1ddb7154e65862ccL,0x285153bc2b997167L,0xe2fce0e7954b6c19L },
-      { 0x985d450616dc2937L,0xf7f14216ee41d9c3L,0x39e098dafa5fe5e5L,
-        0x3fc26046f90f231dL,0xde5d5ced32afd0b5L,0xad688b1d60c09c18L } },
-    /* 5 << 336 */
-    { { 0x3720b1720f806b59L,0x1f696d47f224597bL,0x03c46e315b54eefcL,
-        0x387e466472b0edaaL,0xfc59b03dee77476eL,0x86854e54607a7259L },
-      { 0x1478bcee3e9320dcL,0x4aa825a88c9d87e4L,0x71272f72cf272ee0L,
-        0x19e3a4a38bd885cdL,0x9af6415b376ba31cL,0x6394b5a7807b2b36L } },
-    /* 6 << 336 */
-    { { 0xdbfcfa75e572e06dL,0xafa019d08b7d5653L,0xcc6c851d67a19b60L,
-        0xace88bf431ae1a67L,0x74554a6193d1e135L,0x51ba2cdd4211890aL },
-      { 0x7cb326899e8d1f02L,0x29a6b8258b66ab99L,0x0a672c21766e72f3L,
-        0x24bb718a880642e3L,0x425dc41d184d2b36L,0x96a1468e891024abL } },
-    /* 7 << 336 */
-    { { 0x3180789c26df7050L,0xe375a43e96cdfd31L,0x7951b895e99e922dL,
-        0x987ea2503d0bbe80L,0x6d2f49f0e2fe79c0L,0xc9c2c636c2b18d2aL },
-      { 0x707798f3d8c8620cL,0xc2d603dad5c6a0eeL,0x46cf1e32bc447940L,
-        0x4dfc145938a845f3L,0x210083fe455e5d92L,0x6be989eaa1fedc3fL } },
-    /* 8 << 336 */
-    { { 0x72fc8198dacc038cL,0x5fdae1d9f1077bbdL,0x369198bbd99e3036L,
-        0x6b68390a0efddfcaL,0x8c35f3e4f0914741L,0xd2bc54ecca7d7807L },
-      { 0x564d991e3a8695d1L,0x5e1e14c81b0d937dL,0x51f30dab5d635893L,
-        0x0427e346f944e49aL,0x1e0bf1b56a233bc0L,0x75b0ee6c617bf93eL } },
-    /* 9 << 336 */
-    { { 0xcd2db6797b1bbd75L,0x1ce5acecaac388b1L,0x715ab9f634c1fa9cL,
-        0xa531e1b8e0815643L,0xa64511c692de769bL,0x8425126b785b8bc0L },
-      { 0xc8d9320de72e155bL,0x9cf36dcd5600a04bL,0xbea8b0f4c6e1f7fdL,
-        0x6f9af6349767d85bL,0xc3ea9fa4c403ecb8L,0x0af7be1ed60a0e70L } },
-    /* 10 << 336 */
-    { { 0x180afdcc20928729L,0xec2e90f436bce72bL,0xa8a8c54d8f48e48cL,
-        0x9d0c6a355248109bL,0x8bdd819baa6c3ae3L,0x95e221a6dc0bebc1L },
-      { 0x83e568eceb113737L,0xaa6d29c8a1a3a0a8L,0x0ebd5015c54fbda4L,
-        0x692a84832a5c8b17L,0xa08e384b51836490L,0xf1904bfc37ded786L } },
-    /* 11 << 336 */
-    { { 0x2093335463919940L,0x34e4f27397ea3359L,0xbe64c5584d4156a5L,
-        0x368a6c980497cf92L,0x59931a502288b8cfL,0x67d70ff8c36cf906L },
-      { 0x4175562a8886126fL,0x46ecdd1d55114ffeL,0xd12876f94efde702L,
-        0xb0c9333fc046d908L,0x8358b04a2cd6c180L,0xcbaf4612336d3c84L } },
-    /* 12 << 336 */
-    { { 0xd77d9cd4fe8dee55L,0x7a0f60c12e43fc84L,0xecc5cd746d5da126L,
-        0xb5ac6fee2382a984L,0xd9db83e26ccd0feeL,0xaa4dbcba350717d4L },
-      { 0xb3c0562c812ead77L,0xf7a995eea96cdd07L,0xd5419bf1ffeb4e67L,
-        0xba0aa22e1226df29L,0xb8d0d7f4c1e333d1L,0x86fecca60a27388cL } },
-    /* 13 << 336 */
-    { { 0x9ea1d715dc579084L,0xc1e715dd0b1cf2a4L,0x624fa6e4926bf7d5L,
-        0x5034c9d34f7b4e51L,0xc1b0ed7aba3a42a6L,0xd1847c28b73cdb77L },
-      { 0xa4794bc36ae49ff0L,0x50b2d908b9144fa5L,0xad112c778f073479L,
-        0x040499dd4b98f590L,0xd415d273152b5e30L,0xd3f4ff3f39054cabL } },
-    /* 14 << 336 */
-    { { 0x1e0318d5fff93451L,0x40b91fa9283e197eL,0xdebc5a28089ac579L,
-        0xcf25f527e9d98537L,0x73f7818d4ae08f51L,0x397f2cb6a956c875L },
-      { 0xb7d74ac57515436dL,0xc29a2ffd830664abL,0x02e273563cabe01bL,
-        0x418417c103c78924L,0xd12994116535005eL,0x53fc391258f66295L } },
-    /* 15 << 336 */
-    { { 0x6b1fceac4d87dff4L,0xd31aef70f262f722L,0x894361782612da01L,
-        0x1d3bdfa9963bc230L,0x9a46505ba7afa565L,0x662c2fc7a31db4ffL },
-      { 0x33983a9ae5ef30c0L,0xb8c874ee723f085aL,0xfb5fbc860f279c05L,
-        0xcd9cc376ad0a380cL,0xcb19d881fdfad736L,0x1c3d9734585167ddL } },
-    /* 16 << 336 */
-    { { 0xd23658c8d2e15a8cL,0x23f93df716ba28caL,0x6dab10ec082210f1L,
-        0xfb1add91bfc36490L,0xeda8b02f9a4f2d14L,0x9060318c56560443L },
-      { 0x6c01479e64711ab2L,0x41446fc7e337eb85L,0x4dcf3c1d71888397L,
-        0x87a9c04e13c34fd2L,0xfe0e08ec510c15acL,0xfc0d0413c0f495d2L } },
-    /* 17 << 336 */
-    { { 0xf791c8196726ae9cL,0xc95c53f13cee0ca7L,0x816b37ae601b0802L,
-        0xcf28a2371b854925L,0xdc4f6bc111d5d9f2L,0x222d6102df6862aaL },
-      { 0x93d3fcc5c0053ee2L,0x1d30937fdf873eb7L,0x925a2c2527d098b9L,
-        0x8564c199001cf28aL,0x87cb85ed748b8479L,0xd12d6b2b184c1020L } },
-    /* 18 << 336 */
-    { { 0xeaf36b865bddb3c8L,0xa4bab6e0099f18ecL,0xe22839208addee4cL,
-        0x485307e053bb454eL,0xf981c80d362db12aL,0x012190355cb4b460L },
-      { 0x62824680c78bd110L,0xf3e0b963d87df5f5L,0xd96de5e2758da525L,
-        0xc6a810faa60956abL,0x913d5a7b8e3eb6dbL,0x27c581fbbc9e8c3cL } },
-    /* 19 << 336 */
-    { { 0x5edcd7dcb0c55d75L,0xaeb0b5c727838c23L,0x13d65db758c3fea0L,
-        0xe821d853b36f1f15L,0x3435a4bc365e7703L,0xb890e52f3a04d292L },
-      { 0x6a96ae92e7a823f3L,0x3960ecb0ca611036L,0x81638aff210cb460L,
-        0x5f95793ce6b983d1L,0x0d5029ffa3ae1a8dL,0x54f749b492ca1229L } },
-    /* 20 << 336 */
-    { { 0xefe0a702537c4a5fL,0x322ff89c151d0e69L,0xcee88b48491b757cL,
-        0x8e92cc15b5da77c0L,0x3138b90bf6af039dL,0xeb73edd2f3748d35L },
-      { 0xf29f06435b8bb06cL,0x91ea9643560e4966L,0x013c274875acbcc8L,
-        0xdb2d1d9703f1d40dL,0xed7aeef1fcac606eL,0x91395dcabff4b849L } },
-    /* 21 << 336 */
-    { { 0x952e4e21c8967f37L,0xdc9f71994bf85ec3L,0x6b01f3d00c141bd4L,
-        0xc6601dec06c9ba55L,0x7d884fc0c4a5945eL,0xcab1de947e19d3baL },
-      { 0x9ca6aff02e3c9c5eL,0x01e828a1445e4a8bL,0xf97165ae80d065c1L,
-        0xe2195895881978a2L,0x4834501fc6b77acbL,0xbcf7545445d99f5fL } },
-    /* 22 << 336 */
-    { { 0xbfc9c5071e434ba6L,0x30768f646f2634adL,0xee3a7cec1caf9c0bL,
-        0x27c4fd0bc232910fL,0x5c5813ee24ff4510L,0xe5e731af901f2ce6L },
-      { 0x440ca2cf68f9aef3L,0x54ff9e837fa17587L,0x4d792db7982acc0bL,
-        0x73c3863834846c98L,0x76cff95f8d6243d9L,0x5fa573399d015583L } },
-    /* 23 << 336 */
-    { { 0xe0419a6fb007e4cdL,0xc44ac4961f613529L,0x3408e15af18f82eaL,
-        0x66bebd87d92d3b39L,0x1c563ee4f85d0c1eL,0xb31a8c891f7eb37dL },
-      { 0x65c7bf8c458a056dL,0x9d2ba592f25b6f73L,0x1ac4f0bc94eeb39dL,
-        0xa008b562d9a9ac29L,0xe7de714589d1c354L,0x420f5cf04c2e45d2L } },
-    /* 24 << 336 */
-    { { 0xe11cc2e117cc0d20L,0x9b4cc698d406fabfL,0x6f6e9b0cb8567c18L,
-        0xa0dcda9c61b22b83L,0x4c8683fa79ee53abL,0x7d46b3f82f11f0c4L },
-      { 0x91e74e482740aed8L,0x75afb62a056466e3L,0xc60bb430e8d0c16fL,
-        0x36cf252522b4aae9L,0x3713f254aceb6dd2L,0xc2906379eb8c6fd9L } },
-    /* 25 << 336 */
-    { { 0x440da0369eb8b2deL,0x6c4d1a38462fbb19L,0xfd86930fb050f995L,
-        0x2e5f1a8c954823a0L,0xe9122aefcb9f8e9aL,0xc9e923f2794be14eL },
-      { 0xdaa5663dbf740c2aL,0xf3a7ecd6df75c915L,0xa047a07efa80015aL,
-        0x846b4d27ea4a720bL,0x2389717e295845f4L,0xf56f77f6cbf2eabaL } },
-    /* 26 << 336 */
-    { { 0xaac4f6a7e67b6dcbL,0x59ccb836d51c5183L,0x78d19f452b7ccb20L,
-        0xb32d4ffd5a619a1dL,0x86b11dbe5c4bd17eL,0xd983e839a9b52073L },
-      { 0xfe9c0b92993455c1L,0x3a156676ea36006eL,0x578217fea907ca7aL,
-        0xaa3c5489440a251fL,0x6760a166d7fdf3fbL,0x4a2fc54b4415c6fbL } },
-    /* 27 << 336 */
-    { { 0xaedf171dbe18bc16L,0x00febab2b2d026ffL,0x82b6d8890cdcca4aL,
-        0x1b1e4c53445bc877L,0xc2174e10ed74285eL,0xced66cc02b243f6bL },
-      { 0x73e9ff69c7b9a66eL,0xc4fe5caad5e4d121L,0xaef80d67402c5d1fL,
-        0xd3b95a0f2f3dcaf9L,0x00cb6e798ceeea00L,0x1ee2ca8c436f35e1L } },
-    /* 28 << 336 */
-    { { 0x0b21c764a6db111fL,0x7c36dfde24c5721eL,0x53a0b6db66e2d428L,
-        0x6f37bf728169d776L,0x9baf6385a68511c8L,0xeaef9c919b218151L },
-      { 0x712cdd5bdd58d201L,0x50bcd0988d3f78c3L,0xfb6427b571fcb05eL,
-        0x6245fe7cc4675aebL,0xb5b75b50fb767bdaL,0xc1d8b76ddd7a18fdL } },
-    /* 29 << 336 */
-    { { 0x6392686cbb52f636L,0xf10df7c41c46a5c1L,0xab7f88acc504a122L,
-        0x2a179193fdb6a9d5L,0x2a7c7e4e2901f29cL,0x3ab41b80a2cc726eL },
-      { 0x8f577fc31fb5e412L,0x65cba0aeff7c47faL,0xa79191697f45c04dL,
-        0x2712fcaeb29a4c06L,0xf2a879e4099f76e3L,0xd333fabd98a22a04L } },
-    /* 30 << 336 */
-    { { 0x87a905e056ddf14cL,0xd36289cb95a1c633L,0x2fb251aa57f8f0f2L,
-        0xbf9c72a9fb7907a4L,0xb4f9b6f3f771333dL,0x7b5ed437469ea10bL },
-      { 0xe8cfa847fa5a8f93L,0x456395c945a4c9a9L,0xe20ffc39f7fac5a6L,
-        0x8b07c9ff287a3c78L,0x117f306f67e66d0eL,0x97c8a6388b331e09L } },
-    /* 31 << 336 */
-    { { 0x1b3e04c26a98318fL,0x04d5ed5dd5a63b2bL,0x4098d09f3cebabecL,
-        0x226bb70565a14306L,0x5bdce76fd962a94fL,0x47a66e96c40dedbcL },
-      { 0xd514ae5bbedcfbb0L,0xa8c0fe40892f07e7L,0xcf78e224c9186f1cL,
-        0x2499f68fe94329e0L,0x3ea3fae5ebbe3d2fL,0x681fca8bbc631de3L } },
-    /* 32 << 336 */
-    { { 0xb097b2c5c4e81268L,0x7ef175521d50ca8cL,0x638266e942099644L,
-        0x43d059deff729073L,0xeebb5fe1148c3940L,0xb82e73d1daa8e925L },
-      { 0xf43c78d8254380fdL,0x2beabc58fce37fa0L,0xcdd5a7d66b636357L,
-        0x8b70a2ebe096a954L,0x011d5419d0afa2fcL,0x3e49eb6704fb095aL } },
-    /* 33 << 336 */
-    { { 0x5c73f69fb99abd8eL,0x0a7c36aacc1ed636L,0x9d2fe67e7f69a6cdL,
-        0x04d015fd48c34b1fL,0xc50f88c17f84915fL,0xeee3e105a706fb24L },
-      { 0xbd42861c734d0513L,0x544b6ef495408b60L,0x4526e680d40179beL,
-        0x9f984c4140ab740bL,0xbed7baee67a02ab3L,0x09e3446862a9fb2eL } },
-    /* 34 << 336 */
-    { { 0xdf64ebcf28eedf59L,0x435531be73b5d9f4L,0x1990df01cf35d981L,
-        0xa34d4fa9a2cc41b0L,0x9f643bd6b5a10b37L,0x90cae11158a6cd14L },
-      { 0x2b0490701943d2f3L,0x2c9f8af4eda3fc20L,0x48c245c5f96e72f3L,
-        0xb4505a3a861355deL,0x4dfab1b9be032112L,0x69c1a9195942de24L } },
-    /* 35 << 336 */
-    { { 0x761c2c356efcc891L,0xd06710d1fa376241L,0xc83a491c8a78b0fcL,
-        0x0c0ee8d8af75b3eaL,0xe6d9d92e4532b587L,0xcb3b652d64eba138L },
-      { 0x1cc504ca34ff5d2aL,0x207e7443d0eae0baL,0x94ad1676428382b1L,
-        0xfcb5909992ec17c5L,0x7f99e1b5ce3b2e48L,0xa8c38c0fac9bc921L } },
-    /* 36 << 336 */
-    { { 0x5763ff1af4ba4711L,0x6aac1315bfaae662L,0x51b9c30ede4b5505L,
-        0x50e63d1891b25d3eL,0x41938349e65ea695L,0x11260360f514dd15L },
-      { 0x231f7f574a086eecL,0xa2c3237f55bd9ee1L,0x8afafa043e0705bbL,
-        0x44607900e9fc754fL,0x7250929678519ce3L,0xe751c3a74d17708eL } },
-    /* 37 << 336 */
-    { { 0x0098a3254611d3dbL,0xbee52036dde82f67L,0xec432a62cdd50282L,
-        0xae8a144e52f994f2L,0x027e9e60aa5c03fdL,0x1a49ce47821f55f7L },
-      { 0x46fbbd6c4d10c0ffL,0xe14c82ff8c461df3L,0x95570f44aef902b8L,
-        0xacaa04ec0eb7eb26L,0x3c8c86a8e738570fL,0xb87d47ccb77cc59cL } },
-    /* 38 << 336 */
-    { { 0x2f4f68377bbf7168L,0xd5b67947f03f7145L,0x2c6ca74d4cecfe22L,
-        0x0e559b9f0a7d6fadL,0xdbcd039ff6b37f98L,0xaaf1f6edfa7a3877L },
-      { 0x97b779f0f607316fL,0xe2185ccc72b99fd4L,0xd3f696bf2bdfe399L,
-        0x20d9baf15e6c403cL,0xe5bbc1cb4c4f1216L,0xd1c0761a428838fcL } },
-    /* 39 << 336 */
-    { { 0x4f433b8abd08dd65L,0x27849a72773bd3c0L,0x62351b911854502eL,
-        0x836580ffca24ce7dL,0xa5c224a39355258aL,0x8d33fb43e65db7f0L },
-      { 0xe44d391edf49a825L,0xc28e0d9bd2f5d4bbL,0xf7208342efb61ae9L,
-        0x43686b414dbce055L,0x7f7562d01800c062L,0x5031bd7c8b8ace99L } },
-    /* 40 << 336 */
-    { { 0xc183199375476a4fL,0xa6383a0055fc4367L,0x23a72dea98bf90c4L,
-        0x67ee6f451045a947L,0x4e6518836920d0a2L,0x49132c9ac8042a04L },
-      { 0xe249e46d5dfa9fc8L,0x6ff9eba1c60d1a11L,0xa4d9362d43490335L,
-        0xe8fad79ade504480L,0x519e8d1bac43c951L,0x7e688047952d6f54L } },
-    /* 41 << 336 */
-    { { 0x135d677342e27f9eL,0xd58b98fb8fcc77e0L,0xf3bb847d7f64928bL,
-        0x15ec841663176905L,0x83e75b6a0f755173L,0x4c3eff5c7a24de69L },
-      { 0x289e9a45313bf61eL,0x01b15aadeafa2733L,0xae7fafe1d2cf501dL,
-        0xd6fba525d5ac0b3eL,0x4bf48be0689bb20aL,0xa591843255bf610eL } },
-    /* 42 << 336 */
-    { { 0x0f019b64c5f8df0bL,0x112f06a979307310L,0x91dc57276d16102eL,
-        0x34070a5be2651248L,0x0b9f35dbd3423044L,0xf29bb4a072b10ed1L },
-      { 0x87071a9a07fb6388L,0x4246d532b7dbdb1eL,0x87db3d2285a039c9L,
-        0x76620a5d42b030cdL,0xc798e3816a42d8ebL,0xdd97441ac441ef9bL } },
-    /* 43 << 336 */
-    { { 0xa9b004a0f08592c3L,0x984d17e5d069c54dL,0xc96f2132ccb87e81L,
-        0x67fd082f3b1f9eccL,0xcdd0827ac4ff9feeL,0x9d1025070e04b7a6L },
-      { 0x4ff3424177c67935L,0x4f2246f58efea5b9L,0x128085b12fbf7615L,
-        0x9f111f65174b0575L,0x0b27d8e2f455cba5L,0xda20626b536054eaL } },
-    /* 44 << 336 */
-    { { 0x4a3df6de3761fa82L,0xb839d6babc56eb6cL,0xe41afc5e13977a26L,
-        0x64022937fc0686d5L,0xa5d6dc19e2d681a2L,0x81afab3128f411b0L },
-      { 0xc089aff74321a117L,0x32b0ae2657d18f89L,0x650aacd5f66aacd0L,
-        0x7b317bf6b8d3f677L,0x2cd5789777ea82dfL,0x935be0f3c74e7509L } },
-    /* 45 << 336 */
-    { { 0x4387f8f602de9e59L,0x529c06f337589811L,0x6dbaab60bc9f06b4L,
-        0x0063bc3db5f181faL,0x7bcb289969b906b3L,0xdca70d1331d1ea3eL },
-      { 0xca65e546ee373e94L,0x13cd365c779f415fL,0x4183460e9d71cb08L,
-        0x60f312726e35eaf7L,0x3d0c265f14bc5e0eL,0xe7a1b9af39ce618bL } },
-    /* 46 << 336 */
-    { { 0xc234c892f46aac36L,0x213076ada55983a9L,0x81f96142dcf335a1L,
-        0xf21ceb724b22e311L,0xa12d6333dc053e1dL,0xe7808925a930732bL },
-      { 0xb5a9eb81b1f1075aL,0xd13739c0f0a3e623L,0xbcd842e9ff2f24d5L,
-        0x200cda381b16ff0fL,0x0a85ea521d6a6c54L,0xe1c0dc8756785463L } },
-    /* 47 << 336 */
-    { { 0x3287c8d39100f769L,0xb349ce8c052e8bcfL,0x5fdb952dd0d3e44bL,
-        0x68715110d0639cc4L,0xc9a5fbaac8efc67eL,0x14ebb97da009aec5L },
-      { 0xf0684e1ca1423e1eL,0xb282f2f56357fa17L,0xc2e79d3c5af78041L,
-        0xe0ca9f4bd7d2ba8bL,0x20629f1e04dd84bfL,0x274ebccc3ee73228L } },
-    /* 48 << 336 */
-    { { 0xeb05c516156636c2L,0x2f613aba090e93fcL,0xcfd573cd489576f5L,
-        0xe6535380535a8d57L,0x13947314671436c4L,0x1172fb0c5f0a122dL },
-      { 0xaecc7ec1c12f58f6L,0xfe42f9578e41afd2L,0xdf96f6523d4221aaL,
-        0xfef5649f2851996bL,0x46fb9f26d5cfb67eL,0xb047bfc7ef5c4052L } },
-    /* 49 << 336 */
-    { { 0xeadd123d385f2b36L,0xe3b14829ddf58569L,0xa4fdf0ec47c7e485L,
-        0x93c0d8380623ea5fL,0xeb9c0a2c9e2661deL,0x8046fc69e72e0ca6L },
-      { 0x6f439e5c7be1c918L,0xcd8fd2f92a9ffcdcL,0x7f134747420e939cL,
-        0x8e880ef05ae283f9L,0x502c5c99f780a249L,0x68a529ab94bf9d68L } },
-    /* 50 << 336 */
-    { { 0x3cf994ed88c9d290L,0x9209f5610bb34d46L,0x8170b567b2bfa21eL,
-        0xae87b6f7c62f86d4L,0xac6fc431d71bccebL,0x5f3a62ba83cf2970L },
-      { 0x390262d1d943b10aL,0x8fc9a27f28aec573L,0xe59beb203e3069f9L,
-        0xf3e7bd365e0812a7L,0xc29c8a433aceffa4L,0x015feecb41c25e2dL } },
-    /* 51 << 336 */
-    { { 0x5b6a4d6ca8e61f40L,0x35825d762f9a6e70L,0xd48f6d8d346a8b94L,
-        0x12bea60889801a40L,0x5182192ad57115f6L,0xb5a8dc6b954c1b47L },
-      { 0x084a5c71793b427eL,0xeb66d699f8de2a03L,0x9835b2fb8eb6d905L,
-        0xb4229923c79dfe40L,0xa7c8aedddee34c0aL,0x12a00675337b0658L } },
-    /* 52 << 336 */
-    { { 0x38ca9f61d44aee32L,0xb2cd0f505484905aL,0x23ecb3a4d812e727L,
-        0x9be645b874a3ac5dL,0xaa4a1d114bfa93b9L,0x5be5277d147072caL },
-      { 0x623a4bd9ba0a6d93L,0x03419661dcf3d9b1L,0x9bffbe8231de1cf4L,
-        0xbadfa2ab56a6af06L,0x9103f7256746f09cL,0x0cd5e956344a2688L } },
-    /* 53 << 336 */
-    { { 0x50a18ab1f40b0edeL,0xf963b76736e01032L,0xba2029b4d4f9a6deL,
-        0x8baec9b85a8446b9L,0x7a4107e766fa8a92L,0x06e78bf99f6543d9L },
-      { 0xdaa894b3a5043e86L,0x172858a8f4e6fe37L,0xff0265cc0844608dL,
-        0x5db1a8f1d5def174L,0xdf9f8a698874fbedL,0xdd2292a977a274d6L } },
-    /* 54 << 336 */
-    { { 0x46f522196ad8d03dL,0xb63e0eaadaf8b0d3L,0xd667f0a66e29df38L,
-        0x6e77432f96ef3b57L,0x78fe0872139ca180L,0x300a0c78d1e4af21L },
-      { 0x650f32462148816aL,0x31ef1e883b4301a2L,0xa2222b25f18442fdL,
-        0xb26b63066884291fL,0x977b6f7d713d88daL,0x3e8173248cd5f7f7L } },
-    /* 55 << 336 */
-    { { 0xd5687c9a9684771aL,0x797808e396cf65d4L,0x793d4eb6ea9ee562L,
-        0x2359b991fd94defcL,0x4e75cdf03a8959adL,0x7a08566900ce7815L },
-      { 0x5c61df5da699fc46L,0x02b62d4868da56d5L,0x8a6972d1eaea27d5L,
-        0x727582b3c8e5d04fL,0x0ab2e6c2de87c408L,0xaa9a62e47b9ed157L } },
-    /* 56 << 336 */
-    { { 0x9c6247d631af03e4L,0xe5a59ad075f9ee90L,0x1da1d64f6ac4b5a6L,
-        0xd2fbd169c521ec7dL,0x6d168015dfaa39f7L,0xe9bcf5b59c69d9d7L },
-      { 0x3d1d3e6693ae2925L,0xcda60beae4bc73a3L,0xb2456adc954e2f3bL,
-        0x5d312fdc02a8fe08L,0x7b37c00e0e497a0cL,0xbd1f3aafc2f8b148L } },
-    /* 57 << 336 */
-    { { 0x60f3bb27bc00d150L,0x159c5af42448affbL,0x4492b6bd2cfa563dL,
-        0x7e58219683c833b8L,0x9f9ebdb20edfafa2L,0x93a7048f31a39a8aL },
-      { 0x4172f74d50149d01L,0xff38fceec58b7588L,0x2e71ba9099f25353L,
-        0xdf50fb440604e555L,0x7effa7ca8f3b5969L,0x3bbe8d49b836b8bfL } },
-    /* 58 << 336 */
-    { { 0xc18c375c29d08d49L,0xb04c0c29c1a681bbL,0x0c4acce9e74dd458L,
-        0x1d6da95c85c920a1L,0xc67280d285387462L,0xeba99725e7e804adL },
-      { 0x08f80e5a8811a138L,0x26f442138f2136e3L,0xf67f157c2d028cc9L,
-        0xb436356d14cd7cbaL,0x1c9c610290281895L,0xf67f16ea48598bdbL } },
-    /* 59 << 336 */
-    { { 0xbf926a077a326266L,0x4045c18bef43cfc6L,0x6fad4cf56ce45553L,
-        0x613ad2dc45a9abc8L,0x7b086ace8836eed8L,0x855857c213ad51d7L },
-      { 0xa3b19c2d167664adL,0x422c548abbd2c452L,0x8cd3681f85928ef0L,
-        0xe969e45c3ed435ecL,0xf76f2cce746c9aacL,0x514df58d1dd90e35L } },
-    /* 60 << 336 */
-    { { 0x9b66219c4d09cd36L,0x6c6fa570b54f0853L,0x95c268bcf29a8fffL,
-        0xc8cf84bf5420c324L,0x5bfc975ebb61617aL,0x935cfe24e78f1bbaL },
-      { 0xa6e2afe919d71ea1L,0x8a321e568c9b950eL,0x42dd9e28ec097826L,
-        0xf06e600ef391633aL,0x94e5512b46acbe2eL,0xb0bca2cc61cc7a08L } },
-    /* 61 << 336 */
-    { { 0xcd361103e8b2d41dL,0x2d0d982cab0b5f13L,0x8158129618d55aecL,
-        0xf1c28a71579caa03L,0x5ddedfd7e50b83faL,0x932d2c03222105d0L },
-      { 0x48fd0ead75ada3f4L,0x29209d988c533a40L,0xc2acc587f2acf0c8L,
-        0x05a8703ef689912fL,0x8f28953b9182995aL,0x1cbba2f20fb3eeeaL } },
-    /* 62 << 336 */
-    { { 0xa1472574180e5eb2L,0xde27569b93fc7b21L,0x3bb956816b9af8aeL,
-        0x8a25fc0ee155f89bL,0x8aff018d825126b2L,0x6eda2f31906f0bdcL },
-      { 0x19cbbecc4e8fbe4eL,0x04e0a4a40568d248L,0x6de2c002ff07b863L,
-        0x6d388447e8d1595dL,0x6a193b70c2cfd10fL,0x00bd826ee6f6bf96L } },
-    /* 63 << 336 */
-    { { 0x2a0165a40a5b4d1dL,0x49c85ee904f12309L,0xc2d221031ded788dL,
-        0x510ccbb3735bd89fL,0x92d2eaebd8eb0e1dL,0x6bda8e346e428c11L },
-      { 0x44c01a1d361f7495L,0xddda8e97cc7a95bdL,0x95cbae30524a53baL,
-        0x266d7192dacad45bL,0x8a42793f22fa4b99L,0xbb393cb5ed204904L } },
-    /* 64 << 336 */
-    { { 0x88e7ac8e168d5e60L,0x53abd5696188a98fL,0x3b96d52918be419aL,
-        0x7e75e354c057621cL,0xcb1b709f5ce57e59L,0xe78befa2844f2463L },
-      { 0x536081993276d4a0L,0x92636ade157f2024L,0x6dd0d348e0411414L,
-        0x5b28e9504d73eeaeL,0x08439232690ed85eL,0xdde1a3496da14b58L } },
-    /* 0 << 343 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 343 */
-    { { 0x6cbd275739ed9ec9L,0x5db68a68fe5d4aa8L,0x177eaa0be4c58c7bL,
-        0x603551ef0e488784L,0xc8eba131df916b0fL,0xd0dbceda159732e2L },
-      { 0x55acca84b0834afaL,0xdbe98440b59ffbf5L,0x162a2c703bd3b202L,
-        0x4c5e5d256ddd8ebaL,0x66e7844a77b1d93dL,0x1292bc0e110b9dcfL } },
-    /* 2 << 343 */
-    { { 0x1b66faabf9e89beaL,0xc81c5ddc3a441284L,0x1a82f3a0a675f7c8L,
-        0x82884a2f30313a71L,0x7ac5d7b058aea9e6L,0x1954f075cd5ff05dL },
-      { 0x7c29638d6178d270L,0x6af7f8ba19381929L,0xe85e3c47a17ae3a7L,
-        0x91b107c77009e38aL,0xf3b777d8f1f9c52eL,0x5b7b74ff11b688a0L } },
-    /* 3 << 343 */
-    { { 0xe1e5b76914b87b2aL,0xee187f5d143a4ae1L,0xa9a38728908cb988L,
-        0x2027b2ed4443d8daL,0x1c6b4813c0c98675L,0x509ea7d1323bd978L },
-      { 0x43b16a587f4dc19eL,0x385f8be812940ae9L,0xa4ed64e57d59acadL,
-        0x47e7abed51ca7f14L,0xead594b82bcce6b8L,0xa2bff60cfc03cf06L } },
-    /* 4 << 343 */
-    { { 0x4ae3d232c0385874L,0x83bda9e6cbf96d2aL,0xba73c769ec62fd6aL,
-        0xd586ba7f62a4720cL,0x6497cd140cc1f491L,0x8b012b707b2ac571L },
-      { 0xa65eabb6268fd705L,0x8caf100a1431873dL,0x25b31b84231457d7L,
-        0xcab62f75901645c5L,0x2377d74db2f7b656L,0x4008277c2d33c95cL } },
-    /* 5 << 343 */
-    { { 0xa7be70c04bfeb784L,0x4633ddadc222ab44L,0x00e397d30f5924bdL,
-        0x5446db3ae25b7b9eL,0x433ea2c4fa1dd048L,0xbb9ae36a1421321aL },
-      { 0xf879069dc59fe8f6L,0xe0f2b8b4820bfee2L,0xcc6cf7c49cf239e4L,
-        0x0e3545c207dc3122L,0x23b0f48b1d2c737bL,0x1c6b6d9cfc1137d4L } },
-    /* 6 << 343 */
-    { { 0x10105dfd101d2433L,0x64e009b58ab6d664L,0x122e68324e80fc07L,
-        0x3b26e76287dc7da6L,0x7bc183de6d4728cfL,0xebfecf4f8bcdc129L },
-      { 0x8b995cec265c66f5L,0x080572d7c4b0e942L,0x612e9e6b4da5b77dL,
-        0x8ec048a96caf9161L,0xe3628ee2c7f45eb6L,0x0190b71bd85650e9L } },
-    /* 7 << 343 */
-    { { 0xccf79a81017fbd3fL,0xa852ca29c875bc66L,0xbb4cd90c0592f8e2L,
-        0x2ee786f455b05c79L,0xe1a2b6baf382e6e7L,0xf2d6cf6e6d2e952eL },
-      { 0x2f0b534abc9304fcL,0x1d63fd80795629a3L,0x42e70cd9322d8e03L,
-        0x8a282cdfb057e36cL,0xd18a0c313ceb177bL,0x270e31569c58b890L } },
-    /* 8 << 343 */
-    { { 0xaae2f448ed001c43L,0x08ad1d9bcf4be493L,0x3262b2f482c1f372L,
-        0x5521febd351a5f7fL,0xf8ec9190916c75a8L,0xf3c258c72728dfb8L },
-      { 0x5dd4ff4f8af19574L,0xefddf5795d076b1cL,0x318b5b98ba8b777aL,
-        0xd971d426fb7f8409L,0xed1465e8b0fd31dbL,0x80d24d4300f66347L } },
-    /* 9 << 343 */
-    { { 0xe8263e8012eb6baaL,0xc452c7581dde8c37L,0x5112af2840baa45dL,
-        0x949b8a740793703aL,0x8ba78382e60e007eL,0x38cd110412823c99L },
-      { 0xdeb0d555f86cf04bL,0xb2f20bfdfd9f6320L,0xff1d399d17c39502L,
-        0x1340aedd1bdf0760L,0x36b2b43c88cc0c09L,0x5f3dba7e9ce285edL } },
-    /* 10 << 343 */
-    { { 0xcea0374a69ca5051L,0x19e060ad5294ae7aL,0xf6ce02361bb01f47L,
-        0x2a5b28ba8c328b8bL,0x6991b1d8b253d630L,0x360afd40859455d8L },
-      { 0xf5c6e1427c1f5946L,0x1eab83084cc8c391L,0x4eb4032f67e76ecdL,
-        0x5bf14aa233898059L,0x0804a7c00e001b76L,0xe3866a93734cd134L } },
-    /* 11 << 343 */
-    { { 0xbe85177db72e5eadL,0x47c15fad59fd2463L,0x2cf5f07f4bd51f8eL,
-        0x82f48288c2898713L,0xdb08aab4c8f753e8L,0x18a1f5c510f58eddL },
-      { 0xaeb7bde366d0b94cL,0x04539620079fb6dfL,0x64d1aff2ebe8c4b9L,
-        0x08d9ef431a10a101L,0xe326c7ec6c602789L,0xd8b1b3e7f6efc3d1L } },
-    /* 12 << 343 */
-    { { 0x5ba5288c1ae586a2L,0x044f1fc61b715821L,0xc1a9a997602f3c65L,
-        0xc5c7512fe08c0223L,0x48a19c3c367e6f1dL,0xa9f2195dfb241597L },
-      { 0x9f674a5fb5ba32a6L,0x275a060f0a312742L,0x5aeb8c4303d6f13eL,
-        0x0fed575d917433fbL,0xe4a5ef9a59f53490L,0xa9f86145f315e616L } },
-    /* 13 << 343 */
-    { { 0x770d01ab2c1deef8L,0xca72f761f61b2a4eL,0xff686a4ceff9ee49L,
-        0xd6b338d30d07000aL,0x885b4e8ce1050b10L,0xd6326179b2364b01L },
-      { 0xceb2bafc672b298aL,0x7df8941aba628946L,0x9c94004ebc56b115L,
-        0xde09cc2d7b12cdd2L,0x9c2dda163833ce43L,0x88da691a6265b59eL } },
-    /* 14 << 343 */
-    { { 0x7059c58669a03980L,0x91f2dfe4e88e1287L,0x96dcd9318d9633ccL,
-        0xb2abc44f37bda148L,0xe31adb3feb8964dcL,0x7b07e015e316876cL },
-      { 0x31732880ababd240L,0x5c37a667e95854a1L,0xb5b334c91d6f69adL,
-        0xe613e5622c34e118L,0x8bbdbf5c5f5984edL,0x82ecfd95cf4f63a1L } },
-    /* 15 << 343 */
-    { { 0x813caa72ade4e3bfL,0x29055be8600c93c4L,0xcb346967e6e4ec1bL,
-        0x39c1152d50ce992fL,0x4682c20e5ce62852L,0x04e9dcb7f4e45ed4L },
-      { 0xda75355d7c0fa5bdL,0xe80f29b078949d91L,0x6214610130fb9e33L,
-        0xe70cda8f325eececL,0x49217f74efca3e14L,0xd3c890b36bd7246aL } },
-    /* 16 << 343 */
-    { { 0x315ad7a47e5a59f4L,0x1c615bfc543c8b00L,0xe12f97a8baa56473L,
-        0xf263db4446edcfcbL,0x47cf91d53c1a968eL,0x1a1165b4c15db875L },
-      { 0x5d35e53a3479616aL,0x649f87b45c59958fL,0x5d3d11ea246da3d3L,
-        0xc1ddfcc653f06820L,0x8169d7116610c00fL,0x15f16ba54bddc8c7L } },
-    /* 17 << 343 */
-    { { 0x307b040d9977713eL,0xc03f7787dee9e016L,0x761a5d03e12c354fL,
-        0x8fa1a4141cc88904L,0x2e079008b7675e71L,0x649c789591d68d60L },
-      { 0x63467e93c98f1c9eL,0x81931ac7fcc52703L,0x2060c89538e59af3L,
-        0x8c12e002a87024c4L,0xfc881e69b3b8496aL,0x2b4e482e1e827081L } },
-    /* 18 << 343 */
-    { { 0xf80ed61a30fa7e86L,0xf2e5f324a15ec5d9L,0x139ca085ecba2d64L,
-        0xd164ee5ff3f5cfd1L,0x758c0008e5cc3cc5L,0xd180c463ce8fa1f9L },
-      { 0xe5dd27054adc6e61L,0x061e0c3c592c39e5L,0xec5a8d4a4e437781L,
-        0x9e4c6f461e6d4540L,0x33ab232e2526e6eeL,0x3c551685ea282d9cL } },
-    /* 19 << 343 */
-    { { 0x59507a2162ce1459L,0x88b465d1c6a2cb30L,0xa5ef8b2b5c8ef7d4L,
-        0x73145f4c4dc9a457L,0xabad3390d19186f2L,0x7036b424f9b78a7aL },
-      { 0xf76f51bb16e04046L,0xecd1ece92b2b71efL,0xda8d82011900f2b9L,
-        0xc2d3291b268d1bfbL,0xa6c1c79a2d176459L,0xb27e5d5885ee1b7bL } },
-    /* 20 << 343 */
-    { { 0xcf19fb2a1e548ef0L,0x8bb6dfa0cc694171L,0xeb1668ca5c5e390fL,
-        0xf5a3485be1975263L,0x4edfc596442cc850L,0x9901f447f9627d74L },
-      { 0x3a6b85c984d0413aL,0x1466366167de639cL,0x9fc9fdcf11705bbbL,
-        0x6d066e2bbff2cf80L,0x38dedc2fdc3026fdL,0xad533a981b828538L } },
-    /* 21 << 343 */
-    { { 0xa7d51d862222dcb3L,0x52e2531cd1a6c525L,0x742b1234532126d8L,
-        0x226043f24e9e77acL,0x02f270afb3a75b2bL,0x7ede5714d4a8dc0aL },
-      { 0x24699e16b34fd97dL,0x4e5d785e8d417ad1L,0x273f5dd1ec307ecdL,
-        0x742373863186955aL,0xf46805fde6afd38dL,0xae100ba424562906L } },
-    /* 22 << 343 */
-    { { 0xed9f434e5216636cL,0x242bd09bc5c1668fL,0x8bb747bd804f3d6eL,
-        0xd66d8753c7c83dd2L,0xa71016c2584540b8L,0xd8b16210fdd41a90L },
-      { 0x5eb5947e1b65be60L,0x1bf995e7616dbdc2L,0x71b7099abb7dbdd8L,
-        0x53650d29079eec24L,0x6bdd1b0e8ebd86c8L,0x0a9658ed9a31624aL } },
-    /* 23 << 343 */
-    { { 0x3be2ce89b8cf4d55L,0xf9b3c501822cdcd9L,0x0cc8423010e12f3aL,
-        0xee09031a3c580ec7L,0xf4c256a812f4b48bL,0x71a8323104018d0cL },
-      { 0x69ad6d7babfcf13fL,0xfa79b457af658743L,0x249f32816001af58L,
-        0x158430fcea127a64L,0x25a3e4549a9be713L,0x68ba3f0fcc6b5bb5L } },
-    /* 24 << 343 */
-    { { 0x6c75bc93b7bfa29eL,0xf86f22b218ef6d69L,0x90ce6a1536dcadf2L,
-        0xf11f711c7ce50921L,0x0739ceda38a479e3L,0x840b825e6ec3dbc6L },
-      { 0x7c36c0a59fa23481L,0xceb61fd170cb186dL,0xac6f7d3c26e4754dL,
-        0x4076d3b5f317b385L,0x52f1bd723fd9e9c7L,0x6649d8b6bf316043L } },
-    /* 25 << 343 */
-    { { 0x5f03dcdcceb1e25cL,0xafff6561d50ff864L,0x17208b6f3a6bb787L,
-        0x61d96c978e15abf2L,0xb1beb427991107b1L,0x436328475008aa3fL },
-      { 0x8a326eeb3595febdL,0xa8e5a037ec60dc0dL,0x762ebd2a3159f062L,
-        0x8ea005adbd1b0bd5L,0xd4d863cf696d4121L,0x2a07a637eacc9b9eL } },
-    /* 26 << 343 */
-    { { 0xf352e28b54a8ffaaL,0xa8317f089ce68b6eL,0x7deb148770cad820L,
-        0x2411b382b2c3579dL,0x20b21ed214d36e66L,0xe7331bec353b9ff5L },
-      { 0x5692636840dff0b3L,0x13356f7b646eff07L,0x1e6e6e4508c64091L,
-        0x913b83f2ea0b920eL,0xb69e5f839f713aa1L,0x8e59d3794632a60dL } },
-    /* 27 << 343 */
-    { { 0x3594c0d3cdefc3dfL,0x9d850e2fd21cf9e7L,0x245322944e38263bL,
-        0x597964610e43acb7L,0x13fad563bca9408aL,0xe52983dba985390cL },
-      { 0x9c5e71e08c000a9dL,0xde6b0b2f800949e2L,0xc58032d131d94108L,
-        0x36cd4099b31811e6L,0xa8d9bdeb3981d619L,0x06f644e03d4760c2L } },
-    /* 28 << 343 */
-    { { 0xdc2870f8243cfbd5L,0x000b71b31ab496f3L,0x53511a3f708f4507L,
-        0xbd7bd0381949d835L,0x723a007d938f4db6L,0x5bc8679e2d04e9fdL },
-      { 0x51ca5fd176ec7fc4L,0x86c4205c988f354eL,0x9042e76b2a0a4a90L,
-        0x368f52a84ad44d2dL,0xddc2cab8912edfb7L,0xde74ccf5cde80199L } },
-    /* 29 << 343 */
-    { { 0x91b31fcbcaa3f1d2L,0xb8a29af1bcc99f53L,0xc5842b2695662f80L,
-        0x13954262a4b4b396L,0xc1fac956a6acfdffL,0xbe37fa4dcf60b88bL },
-      { 0xc7715493dffff3deL,0x06dfaceda1274350L,0x9dfcaffd7460fa94L,
-        0x5f1d3a351e9c317dL,0x2fbf393d377b84ceL,0xb4d9bc8404b83635L } },
-    /* 30 << 343 */
-    { { 0x29871ce22855a74eL,0x5418f0dc98696474L,0xd8bc07d6b90d0498L,
-        0x391012a79fdc0ea2L,0x271396949b09f60aL,0xa0a43dbf3371f0d7L },
-      { 0xab5849422af8d992L,0x64cbd121409eb3faL,0xd36faf01766864fcL,
-        0x69189faea2a83417L,0x3c24d85e3733b772L,0x125a915d2ee497adL } },
-    /* 31 << 343 */
-    { { 0xa8f9eb2abab3fa8cL,0x484584f654ab1e16L,0xee74e5aab21b34edL,
-        0x3ce626ff4eb689f0L,0xd757f22b0006e5bcL,0x611505d024a25e65L },
-      { 0x212df14c46382659L,0xd17898d78c73da0aL,0x5604a93e51421c2cL,
-        0x76147f7603a580a1L,0x325b5c8ae5c34d09L,0x6ff28848db857152L } },
-    /* 32 << 343 */
-    { { 0x8002f4583e455a61L,0xafbafd375bea205aL,0xa8ced112fb93f735L,
-        0x27cb6292196e3084L,0x72395bdd77e8c744L,0x02e018d8ee71f5ffL },
-      { 0x7cfc14d9c1337a1dL,0x94e14c0ad7b4d86eL,0x66e50129d213738eL,
-        0x7a905d91bc0b5ea3L,0x92cb630afca06700L,0x65e06d5cbf3a0821L } },
-    /* 33 << 343 */
-    { { 0x769ff9191e1cde66L,0x6ef257d1944a8786L,0x881437da4f75233eL,
-        0x15266f3768665eafL,0x21fcccafc1777505L,0xe9513e1ab7fea0ddL },
-      { 0x67806e9c53c8a735L,0x24be9a769b11ae2eL,0x928c1455045d2065L,
-        0xea0395b53557f62eL,0x910d7cb4c7d3a450L,0xe849c853c634443dL } },
-    /* 34 << 343 */
-    { { 0x76c6e48d3b476f69L,0x28195cdffe694ee4L,0xa3a9a99e2d3aacc9L,
-        0x0f68fe36b7f320d8L,0xca84a6c9889ce762L,0xc1eafac94901907dL },
-      { 0xa28b9916208c9770L,0x6846e639f8403e57L,0x12fdf9fa1d179e3eL,
-        0xb81e47c843d046dbL,0x700ad19468c14491L,0x136395cebbac51d7L } },
-    /* 35 << 343 */
-    { { 0x7452dfd4f775003bL,0xb38a2031f1a4765dL,0xef36c513a2888c68L,
-        0x2039b168a2339fd3L,0xf74c24be2cc498e9L,0xbeeaca157b622e31L },
-      { 0xda72e5a005f2fb8fL,0xab4a98f0568d5811L,0x231aa495fcb15e1eL,
-        0xf981bd7f537023f1L,0x29d6eb2db367e5fbL,0x15247194b8cd452dL } },
-    /* 36 << 343 */
-    { { 0xa81e4a4e55c2369dL,0x394de01b60a0f544L,0x22acfd07a8906e17L,
-        0xf59b37a6cc9bc4d0L,0xdd16a22c7ffec12fL,0x07decc2ad5976455L },
-      { 0xc5019463abe1d122L,0x2bf0ac0ce318c92cL,0xfa50280ab2bfc47bL,
-        0x53354fc5c7cf8bffL,0xaea1d293e20ca341L,0xec25ecda8b626244L } },
-    /* 37 << 343 */
-    { { 0x05c6f1c99a2f572bL,0xf13f8c7747987918L,0xccb406d74101fdffL,
-        0x93cea27bee1abcf4L,0x32703ada8f5adca8L,0xceaecb5f76313a1eL },
-      { 0xf1c558980b9620cfL,0x942c28b51046c388L,0xbed4e9dc5a07cf8cL,
-        0x423b695a6c734b85L,0x1ce0a2392ac87737L,0x40f126ac4d1cc7d8L } },
-    /* 38 << 343 */
-    { { 0x63e3bb09ad9e132dL,0xaa2880c5c9e84778L,0x23de89ea06049834L,
-        0x442d1df3554e23bbL,0x87214f9f08c5f124L,0x305d967a6beb4996L },
-      { 0x01676f804409f827L,0x16992f73a50147f9L,0x77ee56796081b38aL,
-        0x8c75d293290afd9bL,0xf9578bca813f0aceL,0x395212dd0e786ed6L } },
-    /* 39 << 343 */
-    { { 0x63475e65c21b0f48L,0x114f9af5326c2c63L,0xa897bc01310f768aL,
-        0xcaf47a8fc1bf3f5aL,0xc023bb3718cb887aL,0x3572f633685652a2L },
-      { 0x2dc4ea0d7523287cL,0xafd60b92a121a141L,0xb6b4bf6e085ca490L,
-        0xf599f8f2e5351ecbL,0xe38c8eacddba3d60L,0x2540585f5be9e748L } },
-    /* 40 << 343 */
-    { { 0x313b66cafd8ba33eL,0x10bdb130fabe27ddL,0x1181334c125e2b8cL,
-        0x0f4f198fdb6f94baL,0xf7000076ac3f5de9L,0x1a78813d9d6402aeL },
-      { 0x3427f75dc8a9e758L,0xcdac8b34b01f791fL,0x922c36d12a9ebaf5L,
-        0x195ea05fb0487cc4L,0xe33de901a808baecL,0x15e1d5ac57291d89L } },
-    /* 41 << 343 */
-    { { 0xfe52cd9cfdc7e2deL,0x3947e578da6dccf1L,0x0548d4b5738751e7L,
-        0xc73fc23f4b52a5ffL,0xf38eb8ff1b066accL,0xe9a40d37a27b40f5L },
-      { 0x723b0752a264ad77L,0xe5d0c4efdea83bf8L,0xf7301e3fafad27a0L,
-        0x336b0d86298d09b3L,0x462766bdb2ef2fb7L,0xa5311241141a7607L } },
-    /* 42 << 343 */
-    { { 0x10adb987ee1f44a1L,0xd6ebd1c3e51c0152L,0x0cf1303f4dd3b9eaL,
-        0xd06351b837a33a3aL,0xb5ce1d941cff1f0fL,0x326b3e055476e2bcL },
-      { 0x90f76b5d3426b8ddL,0x77497380648042f1L,0x48684604f9f83902L,
-        0x00275191180f197aL,0x36fd84ecde7ce932L,0x52b428e65391a268L } },
-    /* 43 << 343 */
-    { { 0xd2c1ccb0695c2851L,0xd722b84ff1c78f17L,0xaaa53d26fe52f2a4L,
-        0x3057f4ed24742143L,0x951332a4a2aea258L,0xe5e4db6091096878L },
-      { 0x71db9e48f0b9ef38L,0x7e4b25c1ac542c26L,0xb7250394dd021df5L,
-        0xcdcc6118ee48e711L,0xbc324af1fcdd5db9L,0x71a664ef3e6de57fL } },
-    /* 44 << 343 */
-    { { 0x4e2a05c1c21cdd1fL,0x8a232097dd46e76aL,0x8b55313cd871b1d6L,
-        0x976ce5f6af396bc4L,0xeb91527dafd381b1L,0x6cfd449014455ee2L },
-      { 0x8723be9e1f274d1eL,0x1c63fd011999fa9fL,0x5f1726258049b6f8L,
-        0xe18a3ecd99a51b4dL,0x329fc2c1b13d4e65L,0x94da252b0f18f300L } },
-    /* 45 << 343 */
-    { { 0x583adeb8b893316aL,0x69dce1efee5122deL,0xc5cacdf319b77627L,
-        0x061fedee5e8aedd8L,0xd53fce220257dce1L,0x0e4124bdc781e069L },
-      { 0xf097c697d44ed517L,0x7704e33e9a4e9019L,0xac245dc23e0088dfL,
-        0x70e1176bb76102a3L,0x55261ab235e4dcaeL,0xc2ba59230ede3501L } },
-    /* 46 << 343 */
-    { { 0x6edf35f3af073b6dL,0x7ab4118107376eb0L,0x4ef3e65be7ff1c9aL,
-        0x654ea359d2ac6d70L,0x2b41a7f67ffcd91fL,0xe5da0511e0a60e8cL },
-      { 0x97fefd9756701b93L,0x7a4a827dd34afe15L,0x8bd6c2299090536cL,
-        0x110156f217e510a0L,0xce62a26ec801ca6aL,0xa786e9b05522b64aL } },
-    /* 47 << 343 */
-    { { 0x3c73c2868f02f70bL,0x744a580d0eeca325L,0x58b7ca1733534669L,
-        0xd7d17d77800b0270L,0x864e3509538b116aL,0xc7eda5dce4797818L },
-      { 0xd6c00fbaf741f023L,0x718ed11131d022bcL,0x4586baf2f2ce39efL,
-        0x1095729dcd9a09f8L,0xf5ff3f2d7652f5ddL,0x29d95a09dbb72722L } },
-    /* 48 << 343 */
-    { { 0x7b151b98e28fd10dL,0x8fc01ce81dd884cfL,0x1f0ffb5098d56c2cL,
-        0xf9df1fa2b084606dL,0xf86232bfdc7d2008L,0xeae5cb8fd8751699L },
-      { 0x70f0229883ed54fdL,0xb575283a86087697L,0xad2191350302e2c3L,
-        0x1c09a0d6c4b57e01L,0x0f65e1e1c541b9fbL,0x85493d9bf4fe76c0L } },
-    /* 49 << 343 */
-    { { 0xecf595d6bc19db89L,0x32cdf31bd607e09bL,0xfaf93c636217e9faL,
-        0xa9a1619884d37c72L,0xa2688a33bd929e8eL,0x2ce3442e2842b31bL },
-      { 0x906ac09ab37184daL,0x93a1a54492587ea0L,0x1acfab1ec5b4ce7eL,
-        0xd4788cac7131e80bL,0xb463d67bc8cf0e18L,0xa754ffb81f24067fL } },
-    /* 50 << 343 */
-    { { 0x634f8d6db04ea518L,0xe8c424b4c60108a7L,0x3553b6d11ef6f4bdL,
-        0x1fe850dfbc0a8e1cL,0xa077055473a66e4aL,0x5417bd50da985b55L },
-      { 0x3f99edcaed53259aL,0xd243f2d1b3d5ae6cL,0x70f404b8cb49e74eL,
-        0xf6893edc51fec8f0L,0x3f3ac23871521335L,0x127c055436e39048L } },
-    /* 51 << 343 */
-    { { 0x459a96595ab6a5b5L,0x14ec172bb5ac2238L,0xe556f7061642ba57L,
-        0xe18d92d2da35bad6L,0xe64f9bcdd5805c1fL,0xabb4e0243b297094L },
-      { 0x95429e14b8b876f3L,0x27961a7d9c04bad0L,0x81c74cf57fa32b6aL,
-        0xb035259ebb0f1f24L,0x828c42da2e773f8bL,0x06c996366ea73c24L } },
-    /* 52 << 343 */
-    { { 0x353718ce191c21ccL,0x08e6edf64ad6bd18L,0xc2bb0d6e4dc5b572L,
-        0x328e19df88193daaL,0xccc9f6ab7211c958L,0x377d99ef58aae5c5L },
-      { 0x40e2ecc91c823442L,0x036d6d528b0d36abL,0x2fe0cd7eda4d0ad3L,
-        0xb8fc3c7ffc8af791L,0xdb7e44a42b201b20L,0xa5176004ebcf527dL } },
-    /* 53 << 343 */
-    { { 0x24d19ca6fed20bb6L,0x0c02db9841d634aeL,0xfb55998930310b8fL,
-        0xf9d0818506c00c8bL,0x2b9983fb4742362cL,0x16ae9bfbdce1b6f3L },
-      { 0x679057e6a161a419L,0xe1e80fe04db28bbaL,0x2ca0c869f06c9a98L,
-        0x7b80c43bc448ffa4L,0x100f205cb7ef73f7L,0x29565a93a938bea7L } },
-    /* 54 << 343 */
-    { { 0x4d00c613e1e7a831L,0xc90021dc56d9ddf2L,0xbb80b8385286ccccL,
-        0x156b05b771f5f09dL,0x120f47f47bc921f7L,0x6ea1715f8a65c50aL },
-      { 0xa070c9f695aa8348L,0x96120fe273171f56L,0x10c7d592ebc69e4eL,
-        0x73f6ba27c1c7ef52L,0x10f5b9cef8bb536dL,0x8bc82b225ce0220eL } },
-    /* 55 << 343 */
-    { { 0xac25749af4f3fa3bL,0x2376bcd76f50e4a0L,0x9c68fd1028b2332dL,
-        0x130ed4d12130b66bL,0x91842d58038dfc9fL,0x4111e4cbc401a53dL },
-      { 0x85532deafb5d9b16L,0x0c5657503025e3b1L,0x1340aa49b6cc0c31L,
-        0x1cfdd7d68b7f71a0L,0xee911d7e8b6e548fL,0xcddf07f021456ebdL } },
-    /* 56 << 343 */
-    { { 0xe19b7576fa5256d2L,0x418d5425db3f8bfdL,0x00424869951a1719L,
-        0x2383c7a8533b69b0L,0x166a38e2e67a86fdL,0xa6baa01c5876c435L },
-      { 0x574ddc4584a208f5L,0x8cee30b826b18dbbL,0xeced99c1e9f6b30dL,
-        0xb638d88da7d34beaL,0xa4836806069adedfL,0x62beb7ee7a07c593L } },
-    /* 57 << 343 */
-    { { 0xffc89d6de16d63b2L,0x4da3b04f5df40d2fL,0x3437da2ab48706d8L,
-        0xc35290a1d677df03L,0xe54fc6567c5b6c8aL,0x84f052ff2c77314eL },
-      { 0x59c33a99d968b4eeL,0x2424c5d0facce444L,0x022d7bfbf505307dL,
-        0x5372518d00c142ffL,0xcc82d21aeefa787aL,0x3517f3c0473ef630L } },
-    /* 58 << 343 */
-    { { 0xaf576c307a8a437cL,0x15852131de3f2cc9L,0x96bbff4371759da5L,
-        0x106934ec66f5257dL,0x712e7d0ba9cedae6L,0x5b0b876ddabf131bL },
-      { 0x1605f3a8b741f94fL,0xe5d961c109305b04L,0x3fb97996346266c6L,
-        0xaf4eafc0b3ec7458L,0x0aefa01abcd90b0cL,0x2b7723e3505ea305L } },
-    /* 59 << 343 */
-    { { 0xe5c6f37b43d12de3L,0xdc34fdad642baf26L,0x89d716d647268e1bL,
-        0x50047b391df8d657L,0x40da6352c64470a7L,0x406e3bc97879824eL },
-      { 0x9677b4c38b9ecc36L,0xc82bf16fd246788cL,0xbc9fa99cef5dda3dL,
-        0x3050febf0e7b676aL,0xfbb1301a53e448afL,0x3239f20267c84d67L } },
-    /* 60 << 343 */
-    { { 0x5093950b724fb94dL,0x107822718117ff50L,0xdc9e34b59f5961d7L,
-        0xfaa2fc012351a33eL,0xb9e0f1d9d5fc462eL,0x276a5b3bdd9c6914L },
-      { 0xe6136d1775365ca5L,0x228b77e2a91eed68L,0x5cd6a269411e4770L,
-        0xd8857b0e17590390L,0xe7094f3aa0d45fafL,0xe52d11dcf40693e4L } },
-    /* 61 << 343 */
-    { { 0xc873fdf565a0d2bbL,0x848244dbaa42c6cbL,0xa5d2d766ac50ba78L,
-        0xc650cf4343f38ad7L,0x901cf122ea895d06L,0x3ec1b583cbf46321L },
-      { 0x863dce6193c3db94L,0x902459202445bb4fL,0xae716052673385dbL,
-        0x9266b0bfff830253L,0xd201095844375610L,0x9e008b9712cf8d71L } },
-    /* 62 << 343 */
-    { { 0x2b1b2a551448e73bL,0xa8486146b5f97da2L,0xcf24d8636c848202L,
-        0xa3d6431c5e483407L,0x47a33db852edb78bL,0xb09256a37dad3826L },
-      { 0x740222a74dfa2b26L,0x23f43bec2a8ebe04L,0x4081e512a8072f18L,
-        0xe53f0d05751ad7e8L,0x100d0a17332361ecL,0x8a2122e9e0c3a152L } },
-    /* 63 << 343 */
-    { { 0x28be8affe7e6417aL,0x4e18b452d6a30763L,0x73ae410310d0d5f2L,
-        0x5151fe80003625caL,0x45ebb636ba7a91ccL,0x50f4b49d994e7e31L },
-      { 0x02eaeaa93ebac455L,0x7632c7dac830fb1cL,0x06fe1dde3bb0d765L,
-        0x0d2f7623a6789d20L,0xabba46de01a43e9dL,0x2e822e08f27917f9L } },
-    /* 64 << 343 */
-    { { 0xe96c4aebe5f5b545L,0x10a85a002d4c43b0L,0xf86ad2f632f9151dL,
-        0x05daf874302b99e2L,0x4299dbfa14fd3171L,0x27cbedd6812cfc62L },
-      { 0x42e61536b8772164L,0x52eecef76a5423efL,0xc34c6c70548fffa3L,
-        0x1fbed7777b6db825L,0x850bded44ef2989eL,0x3b8a542c815463eeL } },
-    /* 0 << 350 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 350 */
-    { { 0x9decf2173079fe2fL,0xc32ec5707c817f6dL,0xd5649ce8aeb36b92L,
-        0xab9f77d158fb4dc8L,0x66b11fb6b52d60cfL,0xe217941deaaa4619L },
-      { 0xf3522a9a1607c412L,0xea2eba4fc2a3d8c9L,0x267997c625e38722L,
-        0xed5047b72d4595eeL,0xaaa41e5f55e5456cL,0x891e3d1278cfc6feL } },
-    /* 2 << 350 */
-    { { 0xa438634ed7357a51L,0x918f14cd18c04d59L,0x2ab4dedfac40dd56L,
-        0x758e95ee4956a5deL,0xfc11e3945113f84dL,0x6d71b6736059f16cL },
-      { 0xfd8e2236fb357c3fL,0xd7c8681232dca873L,0x02aeb1538ea13b44L,
-        0xde1275d3013d3827L,0x470a7b7e659ca201L,0x862c83c55c77b351L } },
-    /* 3 << 350 */
-    { { 0xfc9b800f05084cfbL,0x1c4d4510496f23fcL,0xfea0003cc1d08465L,
-        0xf0281da09af48a41L,0xa5c0d97144d32eedL,0x2613b73e023a2e31L },
-      { 0x455013c87dc8ac1aL,0x581b13195958b3daL,0xd293f2f22290aaeaL,
-        0xa068256496f6223bL,0x38fd18fa69410ef6L,0x74eaf35f2b2cf629L } },
-    /* 4 << 350 */
-    { { 0x281f6e58c7ff5b50L,0xbc67791ecf9cd114L,0xe29fa41afd89abd8L,
-        0xfcb0b0b07984feefL,0x0b0928a6d9d20a64L,0x2fd385c46979ccd5L },
-      { 0xce9c34c81fbe72e4L,0x69364344aad0135fL,0xd464635250946a5bL,
-        0xb09a97c6f39f53b9L,0x1d47bc20dcbc8b64L,0xcda5c7bdd458b0d6L } },
-    /* 5 << 350 */
-    { { 0xad5b8c2887eff3b3L,0xa8a3917d9937833aL,0xbafdc493200c3b49L,
-        0x9e27aac5972c6fbfL,0xfd292bb20518c97dL,0xa62126db33515a63L },
-      { 0x9892a8bb1bcfc875L,0x93b066b7e0b674d1L,0xcde9b0087fd3d080L,
-        0x1e285a8859401ae8L,0x4679e32982cfea96L,0x52406ea023e615d3L } },
-    /* 6 << 350 */
-    { { 0x27de61138b6e9462L,0xb8ade1dc473464bfL,0x911ad49394dacc08L,
-        0xd036f28e44252cb1L,0x3865abf6d13dc20dL,0xcea487cdd528f0baL },
-      { 0x14d77eaf4fc290feL,0x5106533bc5084101L,0x11001dc7cda9eccdL,
-        0xb79ad4bc49fc4a78L,0x4f6369f54567f8a9L,0x64050aa2df7ab817L } },
-    /* 7 << 350 */
-    { { 0xffe057aade07f615L,0xf3f91b55342700bdL,0x294761e127a839f9L,
-        0x6411a2b480eafe1cL,0x4900eb120737b80aL,0xa1134d10bb73264cL },
-      { 0x0ebfad730ddbf7f1L,0x57bbe692cd1f73ecL,0x675931fca20f8944L,
-        0x1950eefffad2ad19L,0x60d304029cdf88a0L,0x121af89e33fd2c6eL } },
-    /* 8 << 350 */
-    { { 0x763e3664295c4db2L,0x632fd676dbbaa92dL,0x62ab11a8c66b40e9L,
-        0x06244698f384b708L,0xe7cdf3bd69197876L,0x9cc79c48064f8837L },
-      { 0x95900a229486589eL,0x7953f6e72ff01639L,0x3f65fbbddd3e6e46L,
-        0x84f52e06baa2e2a0L,0x1dc462a8e3852824L,0x9be69c3f7e4c032cL } },
-    /* 9 << 350 */
-    { { 0xa40afc3670977e01L,0x965f110da6c3b289L,0xc4952f87805a8491L,
-        0xb36804b80b65e2d3L,0xd3f6f5ace8cf2b2bL,0x0f37a79da4b71938L },
-      { 0xb2f810d9489ef671L,0x1feae0262df23cd8L,0x7412eee321a14e4fL,
-        0x1458b8ad179d51faL,0x2156a90ee201509cL,0x39f29fca72605867L } },
-    /* 10 << 350 */
-    { { 0x231f70adb2e066e3L,0xf09db880bb477a19L,0xdfa0e503907e5c63L,
-        0x12fe09f4f97022adL,0xdbf06f3620bce7ddL,0x0140e197f1371cbaL },
-      { 0x917b6da464b0b4b0L,0x9a6f4d9b20fe3320L,0x0981d60ed66bdf87L,
-        0xb430e4e062d3487cL,0xc3440fb934dc4a94L,0xe7972dda09a5e3c9L } },
-    /* 11 << 350 */
-    { { 0x29d6394093f47052L,0xadf04e70847e5937L,0xa0ef4fee731bab6fL,
-        0x21de31956ee7d7bdL,0x99af4a8dbd716777L,0x9e15c983df4c569eL },
-      { 0x2ec7bc0ce94401eaL,0xda1835ad85727722L,0x2b5862ce5dad81daL,
-        0xb2be508188dddc2eL,0xa02482101414286bL,0xc52c436d8ea33f3fL } },
-    /* 12 << 350 */
-    { { 0xcc580ea73b24e776L,0x0f3a8b189d721d6eL,0x8665604fb23480cfL,
-        0x95787cba34414689L,0x425d7c6f4d10a945L,0xb5ec2626b2f1cc78L },
-      { 0x55da88858658de6bL,0xb50919d1e9aba03eL,0xc64881d7d99e417eL,
-        0x1eeba5aabf28fba2L,0x20feb7b3504eff80L,0x9f5f9db650debfb7L } },
-    /* 13 << 350 */
-    { { 0x4eb94584230923dbL,0xba8611287b3a6929L,0x5aa7faa3ab1d6b31L,
-        0x95c1e23916ae0966L,0x98674fd3a2fe2297L,0xa8da0ee53c42d488L },
-      { 0x103cabace0740db0L,0xf0b860d45bf16882L,0x03cb0cdc289e48ceL,
-        0x3c15d3759e52c7d5L,0x524f731998103ca2L,0x828ed65cc609ffebL } },
-    /* 14 << 350 */
-    { { 0x518f231b83dfb993L,0x4b0987db37c0826cL,0x0c34961cd5177eadL,
-        0x9d882d3e452c92daL,0xbfeaf5588765bcedL,0x83957b62b9962295L },
-      { 0x2d1d01757bb084cfL,0x04c4cfcde8cffcfcL,0x2f35e33d8d4536c1L,
-        0xbebb31cbd83124cfL,0xe342bed2abb29019L,0x2af0fcde2692a0d3L } },
-    /* 15 << 350 */
-    { { 0xece5d865c7e3b29fL,0xe58106a4622839ddL,0xf5272d43f2969d76L,
-        0x90c72c1b2a1a240fL,0x1e2aa0acaf15e14fL,0xfa2f1c7bf1b6b5a0L },
-      { 0xfb5d343d880224a5L,0x47b88a84f91881c5L,0x140f5ee9dd142fe7L,
-        0x4e76982e24b37c44L,0x6aaf61e9578b482bL,0x01950e22765bc4e2L } },
-    /* 16 << 350 */
-    { { 0x20ebf79ce8a2e8f0L,0xec040d0daca418a2L,0x016c07e78d630d2aL,
-        0x20021d57fa605dcbL,0x6190f3e942d04705L,0x4e000df58974b7e6L },
-      { 0x6710da6c5abcedacL,0xf31aa4965f95d37cL,0x192c4b8ba5830899L,
-        0x171ab8c4ea7dbcddL,0x715f60818cdf1097L,0x0e0135bf205d10edL } },
-    /* 17 << 350 */
-    { { 0x070fbbe1687645c4L,0x4dd859c8c7e0261eL,0x749fa1e9fad54b60L,
-        0xb35942f483cdc91fL,0xcef26d0018eeb83cL,0x4dddd5787462064fL },
-      { 0x0420ed6e703e8740L,0x9087d805c180c7d3L,0x93807412828424f2L,
-        0x8bcea69a6dcae236L,0x22aed9a2d1973c78L,0xe3d0f6f83328d690L } },
-    /* 18 << 350 */
-    { { 0x5ce5bc6da85a13acL,0x868f385c7f1dd71bL,0x15aa63a420c376c6L,
-        0x7802fc9e749127dcL,0xfad59f8e67a98935L,0x6bc97b1d60c0fdf3L },
-      { 0xd24caa7ebce87ee6L,0x8aa08bc27ba511f8L,0xe5ba94f47ba61c1cL,
-        0x9fe9c343364d2d75L,0x8ee0468161273932L,0xab2f0dbe5e8c4861L } },
-    /* 19 << 350 */
-    { { 0x13239c0a8254ded6L,0x594182e61762f9cdL,0x6326369d480efa21L,
-        0x7fee5afd33101382L,0x9e1ea59c4688bc0bL,0x7a3b1b8eae19c17aL },
-      { 0xa8f8f8e5777aedf3L,0xe2d018bfc6bbdeacL,0x3625b03b54328db4L,
-        0xda7540c8711ab8caL,0x7faa19fc46930a99L,0x61a5d1845b59a973L } },
-    /* 20 << 350 */
-    { { 0x4a6226f9f7092423L,0xfe6b7a6dec945231L,0xb44e2e60a1193cabL,
-        0x2ce6393543dda270L,0x1a9e8a2138d64738L,0x863d151a9d843675L },
-      { 0x98a1222ee2b14443L,0xbf8b32712826846fL,0x80475be555508801L,
-        0xc39ccd917b38f064L,0xea31304de8e249f5L,0xa3b6891b4d42db74L } },
-    /* 21 << 350 */
-    { { 0xc0f1627a147e0f32L,0x59fb7f2f5e8822d8L,0x21d8be6371097441L,
-        0xa6169f1b855543f5L,0x188c420645102ae3L,0x4c20a136131b674fL },
-      { 0x05487c4d15999699L,0x8a82a130e6ba5542L,0x93a2119519ec0de9L,
-        0x634d644cc8d0538aL,0xa90c5eeb3b6bbd60L,0xd59105125e4db926L } },
-    /* 22 << 350 */
-    { { 0x5140a7172119e821L,0xe5a2ca8cbc370a14L,0x0c17ad48a6db3398L,
-        0xd7094545ed6fc82aL,0xcf32984dedb976d1L,0xcf04ac16cdf83a9bL },
-      { 0x9bbea16b49775502L,0xb4855286452a6f35L,0x45cbc3b7a86f445dL,
-        0x5972ec64763f5990L,0x14d0b9c0b780b2f0L,0xb120273456e707feL } },
-    /* 23 << 350 */
-    { { 0xbf6b76e1e41c43c6L,0x64ea1824db033acdL,0x7fc0399987c9406cL,
-        0x9427585a51b371d3L,0x464f3559c9705e0aL,0x6639797ac8cb6ff6L },
-      { 0x5104a72e842fbf01L,0x7cabb009fea7af74L,0xe42aa69b19a1db1cL,
-        0xca9599a3a6a7ab69L,0xf31e4aaa1a70d770L,0x0fcc7f1b8a5ef098L } },
-    /* 24 << 350 */
-    { { 0x39a689bc281548baL,0x11aacfca138eabbeL,0xcf33108a8d29457bL,
-        0x312612e014ed4b4dL,0xcbb21f345115625fL,0x4e7217de303a363bL },
-      { 0xaeb0c8c0d137f67bL,0x4ff84a937bf78dfeL,0x7a022604683b37dcL,
-        0xfa4ced77862b0847L,0x5a49bdc136d69390L,0x6d9dff06c0215314L } },
-    /* 25 << 350 */
-    { { 0xcb116e787b1320bbL,0x6310206258ed15fcL,0x1a7891a082c13108L,
-        0x203d73d939eb4c93L,0x0485b8493c78c65aL,0x663897e93c935525L },
-      { 0x9b79708088b41afbL,0xbd34d5134f2b649dL,0x0b4c156f62f6b652L,
-        0x24125d1d6863dca7L,0x726a8bb2edb6638bL,0x2ec5deaf82aea7a2L } },
-    /* 26 << 350 */
-    { { 0x9fb22ca52a3706f1L,0x5a265b5279f5203eL,0xc8844f096fcbd426L,
-        0x52a165f0ed8a3267L,0xff0b3a00dfdfcac5L,0x80167cf52de9e1c6L },
-      { 0x9e9c4391b0b969c7L,0x279440c41e0dabf6L,0xaa535b8f85133e39L,
-        0xef61e22234660228L,0x8ea81a41c386528bL,0xd0bb1f6e71a8c66aL } },
-    /* 27 << 350 */
-    { { 0x75a689bfa67ab0ecL,0x53eaad3e54843363L,0xdb71f81619a3ba98L,
-        0x817257fdc244f33dL,0x8181c028c0fb3720L,0xc813c4651cb7bb39L },
-      { 0xbc44c1e71b189585L,0xaedef8701eea3a29L,0xcdd828d7ccb5dc90L,
-        0xd224f1774fd2e0f1L,0x2a4723b0e78883e6L,0x33bb05473128e260L } },
-    /* 28 << 350 */
-    { { 0x544874b71477473cL,0x253a455a3907385fL,0xb303afd631411ba1L,
-        0x30047aa0466d6415L,0x3a1b676594d4c2deL,0xc265f1912860c7b1L },
-      { 0xfe140a73688e7975L,0xf08a652bf37ce7deL,0x6c9f6df9f46f144eL,
-        0xf7e7b95bc0defbc4L,0xfbc9a9697824c075L,0x9745d768d7773c39L } },
-    /* 29 << 350 */
-    { { 0x7170ab4699873dabL,0x765eb89b8952bc0fL,0xbe3fe2c4f78fd020L,
-        0xde51f8579f194b70L,0xa625839e7cc68fbbL,0x50e59b49f7105097L },
-      { 0x625294f3b82e287dL,0x98daa85288ca9d10L,0xfa0eb790b499d9bfL,
-        0xe280de610382dba8L,0x3fd350e0e76a7d70L,0x1e5c2bebece5ba7aL } },
-    /* 30 << 350 */
-    { { 0x73e187e000ce469bL,0x21dc6268dbd717ceL,0xe9d63224ee564ef2L,
-        0xa7553c854c4c444bL,0xdd409398f6a9b713L,0x902c9cff72f94d6fL },
-      { 0x944edb33f50a36eaL,0xa48a5ae4cfb65a8aL,0xcb9a83b9ed82fddfL,
-        0x9476090c209aa829L,0x66cd0cb1c7e2347bL,0x0f1fe07c86fa005bL } },
-    /* 31 << 350 */
-    { { 0x7c17a2e0c65e52b9L,0xa987f030615b8325L,0xa39b78aaa3d4dba8L,
-        0x738ce26396e96e82L,0x313f7bb7f08f99cdL,0x29571b3cd1a1b7c1L },
-      { 0x00c0e66c89ead6e5L,0x231de4ff19b9874dL,0xc9445296a4137755L,
-        0x7b95f3ea336ea724L,0x7c0a222c49bfe5a0L,0xa265c41d782f8d4fL } },
-    /* 32 << 350 */
-    { { 0xd2db4d35c8d2bf7bL,0x52105d0981571d06L,0x447565cc723a57bfL,
-        0xd98c3597d8ded62cL,0x0aeac6d9de2f1a9eL,0xd363b0b70a98d3b2L },
-      { 0xd9708f0702ad9933L,0x9334677564f5809dL,0x499332cf49cda010L,
-        0x546df74a858467e2L,0x8b84a55093748e8eL,0x9e88ef9706f09073L } },
-    /* 33 << 350 */
-    { { 0x1cdc6b4f673d9c55L,0x4300148a0c11743eL,0x2f924ce4c38b8c99L,
-        0x5300ecc925f32459L,0xb9cd815004473c2cL,0xffee15498eebdcabL },
-      { 0x42c292d54c537dbcL,0x32f6d8a293a133d0L,0x4da3a50c35dc41a6L,
-        0xc16dee6a102f9ea4L,0x69a017a1f00d0bd6L,0x6a95ee1527acbc5eL } },
-    /* 34 << 350 */
-    { { 0x6c02c17adcb73b47L,0x10073a3454b70b07L,0x417ca218a7fe7a73L,
-        0x6f81a38e4ab64b0aL,0x4e25301f8fa7fc44L,0x180f3e1b27d41e1eL },
-      { 0x88925649ce1cfbf5L,0xae279fff2eedaeb9L,0xeac9b033eed426cfL,
-        0xa8488f8aa1740d49L,0x6f748bc3711b5da7L,0xbb1c46fd23bbe135L } },
-    /* 35 << 350 */
-    { { 0x6b2f317b9da70c21L,0xebddc2b5c99dc82dL,0xf4a85d4c5c807d1eL,
-        0x47a79b298a15ad6eL,0x02afb05befbda553L,0x34f3998e6941a669L },
-      { 0xa4a413fb72deac14L,0x2bd9306c1941b899L,0xae023fa5788c1db8L,
-        0x38cd6c42e1012bb6L,0x77ae298c13bd860bL,0x6312af9d63bb40cbL } },
-    /* 36 << 350 */
-    { { 0xbb7742f370fcad48L,0x6dcce7ff57d444acL,0xfc338485b6abc122L,
-        0x03c1118caaf9060bL,0x095dc123cb997905L,0x2dfe24453dd9bee4L },
-      { 0x9bffbbf9d45cdcdfL,0xc5b50babb4b26fe5L,0xe985754e87d31873L,
-        0xb5b007f5a503d2e0L,0xe25c4eb620bb8357L,0xb6f00e50803fa8ddL } },
-    /* 37 << 350 */
-    { { 0x21cab682b8035f01L,0xec82f6ae301c96c1L,0xf25d6a0c1539a503L,
-        0x94180ece1e35b449L,0x13fbc96f1ede3c57L,0xe4a63eac01d8e678L },
-      { 0x3d1a745c068c6886L,0x0659d6ff233be378L,0x493d7a6f3244a214L,
-        0xfa852b1b772bd953L,0xbf05cc0ce87db547L,0x28f497ccb30aacf9L } },
-    /* 38 << 350 */
-    { { 0xa92f28b88ea312ecL,0x9c702e953a3b5f1eL,0xf0a2f787583053edL,
-        0xf99506f29cb41eceL,0x4c3b00b5c2b5c214L,0x59bb943717b8d5caL },
-      { 0x9ccc7869af5e6b94L,0x6eb795a7f340d02cL,0x7fc613c80a09eca5L,
-        0xdac14e61d155f16eL,0xda25c7fcccadb39eL,0x160fda8c9c7fe2b3L } },
-    /* 39 << 350 */
-    { { 0x8aa83310312ee9dcL,0x702ad7bc2af291bfL,0x3940f883ec915c5dL,
-        0xdfb7e44f6fe07c64L,0xa7af875c72d09357L,0xb5df04f4f70b766fL },
-      { 0x738af1bb96f8b10bL,0xab27b86735563f8eL,0x18fccbec2ebaf570L,
-        0x94e9066dc1d7d59dL,0xa1e3518dc63373e4L,0x0722fd0f22d8306fL } },
-    /* 40 << 350 */
-    { { 0xcd42d2391be93e28L,0x93c11fcae2ea0d1cL,0x8acd0b17345984efL,
-        0x3e3feaf350905d0dL,0x4124e89a6f35b49cL,0xafdd8d27a2bae979L },
-      { 0xce1e814015ad5661L,0xb0f9296dde281bc6L,0x11e93935c31ea529L,
-        0x1c4c3bd7ebb898ffL,0x7cb73fc76ccc32c2L,0x69e5307da3ac9b8bL } },
-    /* 41 << 350 */
-    { { 0x37bec50c8e5a9a8fL,0x7f0daba5055a1aa3L,0xa56bc577a1c00a74L,
-        0x0656b6aeab88258eL,0x2959237fb88f0f0fL,0xffff63bb9ef15ca9L },
-      { 0xd9a2909eb94ae6c0L,0x2506a1779b304c76L,0x5658fed3abdf17c8L,
-        0x9c95765e0f90cc53L,0x80ffd7b38e74dc97L,0x97e032e6b8c73479L } },
-    /* 42 << 350 */
-    { { 0x7073ada11780b0c7L,0x6d4ce321f35f07d8L,0x27b26ee589f35e5fL,
-        0x5af10ecd324349d4L,0xf9a0a9071b9bd956L,0x5dde968571350ba0L },
-      { 0x678158f5b6400a5eL,0x93764a022842e0deL,0x71a17724057c9ff8L,
-        0x04c4313c72f58c63L,0x07fdf15cc4e81260L,0xd6c25e82a509f1acL } },
-    /* 43 << 350 */
-    { { 0x4f8a719ae3cf3138L,0x7aac7f0d9b1a2e30L,0x3fe8dcb88c0c76d0L,
-        0x34afed4ade0b5be0L,0x824e043cfdf7c28eL,0x5b700afce708e71bL },
-      { 0x6c7fa728eeffc50dL,0x2488eee97ca62450L,0x25490cb59d969f4eL,
-        0x8bbbac3d8bd629aeL,0x7e5213b56e75e171L,0x1385bff25324b23bL } },
-    /* 44 << 350 */
-    { { 0x364e7371c7d996d5L,0x053390bf8cc483aaL,0x69c23cf281e948d1L,
-        0x65e45d618e822ec6L,0x9240ee412ed94568L,0xe0f33912510a84cbL },
-      { 0xad42eb0f6ecabdadL,0xb35afdb4bc7e39f6L,0x4ee63cb10cb50316L,
-        0x7ccfa14a2a27dc3fL,0x584328f0b4141347L,0x361b2614a23cd89fL } },
-    /* 45 << 350 */
-    { { 0xe70edc42ee93ec36L,0xec773e52bccc99efL,0x9b0367a0ce0816e2L,
-        0x43baad458c6757e4L,0x5d25fa821fb7b01aL,0x65913e86bb6bc3fbL },
-      { 0xb1f1fcab67fafef2L,0xe5ffd89c9e9261cbL,0x86f7b89ff29bb205L,
-        0xa76ed6722db408b5L,0xd6f1ce5cf83f53a5L,0x9cb5cd26c2882d51L } },
-    /* 46 << 350 */
-    { { 0x03f6ca364b2582d0L,0x70345ae80f8116e4L,0xc2612cbfc562aba3L,
-        0x9cdd127789898142L,0xea7f202c02d762ccL,0xa00c15da33662a74L },
-      { 0xcb5cc621aa430b63L,0x6dd1482fb1550d67L,0xb27e7df46216f063L,
-        0xfffe57408f49403aL,0x9403206cfc2bc9f9L,0x132504014593a578L } },
-    /* 47 << 350 */
-    { { 0x6b9c67e6076b2d5bL,0x54509f61883d31d1L,0x25905831fe051be5L,
-        0xe6633c1be93608f5L,0x284afa7697480e6aL,0xb124e6063a06cc65L },
-      { 0xcbcb2c2e2c608edaL,0x07a39d8f813795a2L,0xf27742a8bd108bbeL,
-        0x7425519005b4e5b6L,0xa27620b2b0145a3bL,0x6e3d1210c0f42782L } },
-    /* 48 << 350 */
-    { { 0x0eeb9dc702ed3c24L,0xe7cb624dfb39fc44L,0xded105f581d4cceeL,
-        0xaa675d0c46465cc3L,0x313f4fc99af0a81bL,0xd129819f227e6a72L },
-      { 0xaa6b690340b16103L,0x3dba75b2fb4c2fdfL,0xc9feeea1e7c79c2aL,
-        0x14f503104e024e75L,0x3704aaa8b5729449L,0x39ac6b0c24b86accL } },
-    /* 49 << 350 */
-    { { 0x7e25860735214575L,0x3baa75cb068c68c2L,0x93b6a33f10be8d33L,
-        0xa88f3cc11ba06b10L,0xe70e7ec2a4f8fe72L,0x32fed39fd4835710L },
-      { 0x16137edf3e6059b5L,0x57b1bb9fbb064775L,0x68d3f26dac98cfccL,
-        0x89339bce7f9fd53fL,0x15b32212825e946fL,0x55b0a89bf92a0ef1L } },
-    /* 50 << 350 */
-    { { 0xf419d9becd3eed01L,0x851b31659851492fL,0xa9ac81a9c9b0a402L,
-        0xf67bdf20122c09acL,0x9b26b131f442a030L,0xf7a548f517e72d1bL },
-      { 0x9e0dbf852a7f505eL,0xaa8e7348c7e93ff2L,0x4efa7877134d8017L,
-        0x48f476fc13e5fb0eL,0x552d0447154f4040L,0x8d5b166569b18f6aL } },
-    /* 51 << 350 */
-    { { 0x65ef443e63c90cfcL,0x3a0dfb8194ed3ad4L,0x75570ba710b5547dL,
-        0x5e161fa498e84064L,0xf55dc5003c576f89L,0xe46bd28c7f530eabL },
-      { 0x367607400109f9c1L,0xde7a997bb15e9598L,0x25386f307593c3d7L,
-        0x680e3639def120b7L,0x43fab687aa6e213eL,0xce48861daa99cf3bL } },
-    /* 52 << 350 */
-    { { 0x93c2cf3e53ead820L,0xfca3b3564f4444e1L,0xeb6d82bfaac7a37dL,
-        0x9c0915d4cf49947cL,0x771f9f7cc7edadaaL,0x51418e487b2df679L },
-      { 0xad1b249173f28cf8L,0x8fe4fb7baecacd2aL,0x539764bdb20d0b77L,
-        0xb0073685a6a4f808L,0x4c6f5602cf909196L,0x1ae89342d45e9e7dL } },
-    /* 53 << 350 */
-    { { 0xcf8aa4e5f007985eL,0x833ea882c325d2dfL,0xc1cbaaf5f9f326e8L,
-        0xe779a4a9bf906c20L,0x29f475bbc923cf15L,0x6598d52a54055b74L },
-      { 0x1001a5f1e4fbd4f9L,0xb4933d56cc74cc71L,0x45c04a50fed802baL,
-        0xda140558052bd04cL,0x71c127d63dfbd563L,0xef2b85ba42ebaafcL } },
-    /* 54 << 350 */
-    { { 0x76569e44bc325891L,0x8f8a1487fa2604afL,0x07a8bacdbc90be04L,
-        0xeb53b1087b2c9bb7L,0xcfdc78aaad3c7943L,0xd74807da3bfcd779L },
-      { 0x642552417189257eL,0x28138e8d23cb9584L,0x0ce0b331476b888dL,
-        0x6d9ceaa0f2a9bbe5L,0xb4f1185653b872efL,0xfa9e6fb222d06df6L } },
-    /* 55 << 350 */
-    { { 0x0d45565ce6eabd52L,0xaca75463f41a4559L,0xc3e4064a846eb291L,
-        0x22ac04bc8613d2f2L,0x74cf6fac2364ce2cL,0x61bbaca8be4fce3cL },
-      { 0x302e8117b24dc7b4L,0xa72ae24dd89a053fL,0x75b2023967de96e1L,
-        0xbe51cfd2a9e6d1bdL,0x807a8e3d07c9259dL,0xcf3cd92e43cf6384L } },
-    /* 56 << 350 */
-    { { 0xc040412c754b8669L,0xbda7e0cde2c1d3b4L,0x2ac3b3d5ba29b9beL,
-        0x98a415e3f63bf3abL,0x25aee93ed1776a16L,0x46db7347ec3bc968L },
-      { 0x8e44180a02612d2bL,0x4e3dc4e82db990ffL,0x2050f58f5f7705dfL,
-        0x7b41f5892672d845L,0xeb301603c96e4fecL,0x66ecd24e6cb16a6eL } },
-    /* 57 << 350 */
-    { { 0xd428e7e3d01edc1fL,0xef608062873fadf8L,0x05e7c80d5606965eL,
-        0xb818d0c6a979f826L,0xe9b4c5c7c4793537L,0x7ef637225e83bb66L },
-      { 0x825d89499fbb3a85L,0x557abf0396e34cabL,0xfc3db05b8040ad0cL,
-        0xbdc8e907e305204eL,0xdfc1628d1c1637e1L,0x10841d2a947a78deL } },
-    /* 58 << 350 */
-    { { 0x99432df309c7b138L,0x288eef14593b1fc1L,0xf47f9fb21b55f0b4L,
-        0x5cc20dd46788b9a5L,0x2e87fb4605e43a77L,0x08cf86be849c700aL },
-      { 0x467ec61374680ce7L,0x44e5c8d45884aff8L,0x549f2ea86b33a1a9L,
-        0x2ebf696a8b4a815dL,0xc1705b152a74323aL,0x930a9fde69745934L } },
-    /* 59 << 350 */
-    { { 0xbb11fe102d168ee9L,0xba4aea667f39e124L,0x139364b6fca2841fL,
-        0x6feef5b13d359df1L,0x4fe89fe19787be92L,0xd4cea92e0f6b6aa9L },
-      { 0x794006c0039bd8f5L,0xdce0eb5b0be647abL,0xf4a97f7d4e40c1d3L,
-        0x78d19059d5f7254eL,0x464ddc1d0df22d8bL,0x990b0a39e0fc7628L } },
-    /* 60 << 350 */
-    { { 0x72f5a0f70ad3bb67L,0xabb15e3dce6396d8L,0x2ae94788463efba7L,
-        0xe77b53b41fd4c512L,0x09921a1ca88606cdL,0x1b86b75608e980eaL },
-      { 0x2def667af3d22731L,0xadebd3a39641b175L,0xc0f35509045da920L,
-        0x8fbf85e4952b7ca9L,0x4ee7565023517a65L,0xd31eeea30e75a4a4L } },
-    /* 61 << 350 */
-    { { 0x6d9a5d3cc4508650L,0xe71fcf32d1a2ac1bL,0x784b9148d62ec2dbL,
-        0x9a3d5d572088946aL,0xc488178757848c00L,0x2f50a62e0875c1e9L },
-      { 0xbd23d4aedec0f2dfL,0xc9c28dd5188dad0eL,0xf87ef6460977ba29L,
-        0x89ce8330ab03e4d7L,0x7dbec90dbcf1a5a9L,0x3ddc39c1f6c2a4d4L } },
-    /* 62 << 350 */
-    { { 0x8c0518c7618b787eL,0x6f226212b95734feL,0x3e6cab90c66e138bL,
-        0x6e56d68037a7c0b8L,0x67a3c7df16f6acbbL,0x43df95107921bb92L },
-      { 0x967846f6a0887d25L,0xf717017766908fcbL,0x1a8ec350267430d8L,
-        0xebb46f1a25855c90L,0x73eb78cb396c1714L,0xf766957cdc081e43L } },
-    /* 63 << 350 */
-    { { 0x0700da846de27e73L,0xfac9dcfd78c35563L,0x01af330ccd073b09L,
-        0x0bf5c3b1bb784ceeL,0xd3d9a9ff5d465498L,0x4836b065bde8bafbL },
-      { 0xf5bf3316329b4cf5L,0x387388fc54a5275fL,0x73e880d8254af26eL,
-        0x07ebcddc8d05311dL,0xe8b9965a4f46cec2L,0x4f07a4fa01b06069L } },
-    /* 64 << 350 */
-    { { 0xc0a40cac52133095L,0xfe1b22fd93c162bbL,0x8625898c34018741L,
-        0x69c9f3f636d9e57aL,0x69d9d7f3378aa211L,0x6b03f897e7dca168L },
-      { 0x24d49aebf997a48fL,0x1d984c67c149ac40L,0x667c1d01576f533fL,
-        0x372eee199ef82eceL,0x577723c0c207c14dL,0x4225907a0eed37f6L } },
-    /* 0 << 357 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 357 */
-    { { 0xc61db977bc0e0903L,0xbaf6e4da645c32fbL,0xce89b8ca060b1adbL,
-        0x41db448188e2c178L,0xba6339f3923bdd3cL,0xff25b818d29db42cL },
-      { 0x3521116ee6d6b35dL,0x4e1bd283b22f16acL,0x9357c984bd79fe5dL,
-        0x2eda73be9d45eee4L,0x1a50c59f6288e01fL,0x37baf64975018873L } },
-    /* 2 << 357 */
-    { { 0xc552c6c6097f322fL,0xdf59a3028bc06287L,0xc9ed375c19610b0cL,
-        0xf0e7b4ebb051dad5L,0x7267a304c6556643L,0x0044f6d8c96dc1d8L },
-      { 0xf0ed5f9af4fc3725L,0xbbaf9f2c9de8e1ffL,0xef5d66f4af5a4b4bL,
-        0x0b5bed3d20644cf2L,0xf7e4543a75ae23c0L,0x696f60dc41325b66L } },
-    /* 3 << 357 */
-    { { 0x9949b33d2c20f868L,0xdb3aa790b5706250L,0x88ce71e788e17f2bL,
-        0xd851baf2da9c0881L,0xe869c5ba86d8c9e9L,0x1af68d65a01425b6L },
-      { 0xeae8b1c69bbd3963L,0xf34900b1ec087425L,0x14942910c374bb96L,
-        0x3e13c45705487483L,0xe0e6fad435bc6ee1L,0xc7c38dc7b54d247bL } },
-    /* 4 << 357 */
-    { { 0x6d34bdf6ab463fa6L,0x7bb127b60093b9cbL,0x61d051135a3bfdd0L,
-        0x4abab575f1296bddL,0x72da68494d2e9a7cL,0x90267bca8d11f03dL },
-      { 0x478111223e9b310bL,0x8ffe91d31b1920cdL,0xec293ec67521898eL,
-        0xf0cf026996c1da75L,0xb0dbd4c380f2c7b3L,0xe528175534e4baf8L } },
-    /* 5 << 357 */
-    { { 0x7ce1ce36189e2f1bL,0x36ca8fe3fa84ca41L,0x54cc2c13a6a568e4L,
-        0x1967d9ed25a6d223L,0xf8d20c88537252afL,0x5a58936cac3d697cL },
-      { 0xa2659671b0084ffeL,0x08a9e041ec25bb0eL,0x6bd405ed4074ccedL,
-        0xaeebb470dacb5503L,0x6f18e32bd5448d3eL,0x0412973ba94cd45dL } },
-    /* 6 << 357 */
-    { { 0xd72fcc3742fb1cd7L,0xadfb8967c49c359dL,0x6dc988a55935bb0dL,
-        0x3fb10981e3080802L,0x12c4494f3be161ceL,0x5a0e22d44b649dd0L },
-      { 0x5c57cbfd62a85259L,0x7ad55b3c0e5ab7a2L,0xcd53564928de30e7L,
-        0xce35e6e76867e6a7L,0x626810562f6716fbL,0xd8b4ff26a88d3bf8L } },
-    /* 7 << 357 */
-    { { 0x5949ddfa53abe7a9L,0x944a2ae0716f63a6L,0x90961922675d1f43L,
-        0x36c41c12f5b55722L,0x85b8250f7782775eL,0x89a3a733748663beL },
-      { 0xd4358450475d2d88L,0x4183f45e1beef8adL,0xee3bfe8b06ec8d58L,
-        0x2e462b1609cc4d82L,0xf9cc307ec6148e1dL,0x70d3b2f77b1281a3L } },
-    /* 8 << 357 */
-    { { 0xc32730e8dd14d47eL,0xcdc1fd42c0f01e0fL,0x2bacfdbf3f5cd846L,
-        0x45f364167272d4ddL,0xdd813a795eb75776L,0xb57885e450997be2L },
-      { 0xda054e2bdb8c9829L,0x4161d820aab5a594L,0x4c428f31026116a3L,
-        0x372af9a0dcd85e91L,0xfda6e903673adc2dL,0x4526b8aca8db59e6L } },
-    /* 9 << 357 */
-    { { 0xf0467111e854f886L,0xe228021d8dc6117fL,0x07ff954cac432e28L,
-        0x373be2ef31d9b69bL,0xaa214d016fd61f0aL,0x27bb7932f950b029L },
-      { 0x1caa914f967c97f0L,0xfb133ec0d548897dL,0x598514173cfad251L,
-        0xd41d1da432d14208L,0x446c79f2cee424ceL,0x8b5272a175e839a5L } },
-    /* 10 << 357 */
-    { { 0x26b5e85d62f50c12L,0x8418cecf5ff562d5L,0x0d35b4d459be698eL,
-        0xd79ca9ee93730d2eL,0x2414d99325627fe5L,0xe31dc5293fc64803L },
-      { 0x5c9100d60d027a12L,0x9004ee36f2208db5L,0xe734b13b135d02bdL,
-        0xf905c01a7bc09b60L,0x4eb51557b21b68fdL,0xe6e98bea8c583359L } },
-    /* 11 << 357 */
-    { { 0x14dbcf1a61dae7e6L,0x559a7b52ea0da075L,0x7391545d439d10d6L,
-        0x187e00e675e617abL,0x453b546b5142355dL,0x9bdbddbc84bca97aL },
-      { 0x742a699591e5035dL,0xcf86d3e1831209ddL,0x6fb66757f5f2a999L,
-        0x2e360aeff0e71f2dL,0x6c6f71f2dc97114aL,0xef686b8b17c3a3dcL } },
-    /* 12 << 357 */
-    { { 0x7d07a61d13b5ea74L,0x7f4b7157c8afecd9L,0xefce9c89820b0298L,
-        0xe85c4510e3888d59L,0x9cd3352001234b9cL,0xba2692c0fef767e8L },
-      { 0xd2bea3d45b3ca353L,0x9ad478e5b51a704aL,0x1fc9bd0d9426f25bL,
-        0x52f930bf864a1ba4L,0x559f36353765ff27L,0x548c7f0dae28479fL } },
-    /* 13 << 357 */
-    { { 0x6296d54f68b0df62L,0xace420ee9e6afdd4L,0xa20a510dfcd1812fL,
-        0x488f113a8cd04a29L,0x1bee07640765cb70L,0x50bb5c446d0f44e5L },
-      { 0x5ea842cb7e320ebfL,0xa6e0c1e6e795a7fbL,0x89cd1f765e7e79c9L,
-        0x7436ec1e87ce6c5dL,0x1376222de28309f9L,0x9ed7d6fb7f01548aL } },
-    /* 14 << 357 */
-    { { 0x32e9740ae2fb0467L,0x3a7a32b3ec039d67L,0x630d8d346a425a7cL,
-        0xc9af74ae418a7dd0L,0xc903576daf502870L,0x7e02b3b7e98cce5dL },
-      { 0x0bfdee7a158f005bL,0x88eff4a363b91d59L,0xf23079728bfe3ed3L,
-        0xc75536bce6b1fb4cL,0xf61a82e1a04d46fbL,0x771a8fedfddd52a5L } },
-    /* 15 << 357 */
-    { { 0xf5efc82065af5b94L,0xd618a9e8ce5535a2L,0x70cfb112cda6249cL,
-        0x6986f00f9f217280L,0x41e46ce605faa951L,0x2abb39f3a3ad613cL },
-      { 0x3e04b28b07671c94L,0x61d323ac53cdaf80L,0x2389875cbb9580f8L,
-        0x64800835febb0b34L,0xdaebba99d0d21027L,0x0f1cebfc23288a7fL } },
-    /* 16 << 357 */
-    { { 0x51a033a5cecb916fL,0x2ac62f638d7de61cL,0x92eece49a42a266eL,
-        0x87e037db82c4d11eL,0x875be1416fbae08aL,0xf348fe26c539478cL },
-      { 0x51f8b907ff94c01eL,0xc46cc0e019695a9dL,0x2c74bd666c51b9c2L,
-        0x635d3d24ee565de8L,0x6bd656638982c8c3L,0x5c345b79daf6a93cL } },
-    /* 17 << 357 */
-    { { 0xee7265ee93f081dcL,0xe8f90a6be03493f4L,0x4e8d10275328b0b8L,
-        0x13bb82bb96fa0930L,0x764c2915d1f7d5a7L,0x1896c78f73476481L },
-      { 0xe9a34ff267873b76L,0x8a9a719cfa0afda4L,0xce93d4cc9ccb715aL,
-        0x9ba00f011495d1ffL,0x3131e6666df0e119L,0xe68e1815c902ac6bL } },
-    /* 18 << 357 */
-    { { 0x0ce4ae1044f4a2dbL,0xa8645e2310bcc5c6L,0x6d9728b5e489762fL,
-        0xd365c12a9d46ad88L,0xedf484fee1a527aeL,0xfdf5c519e5be2bb1L },
-      { 0x4706cc2870a3d4e3L,0x07c60129065f1506L,0x42e2e16478298553L,
-        0xa56a2bd5bae646dbL,0x893bf45c61437e62L,0x97dbf9266c525900L } },
-    /* 19 << 357 */
-    { { 0x65c56764b52213c3L,0xa171ba9d97aefe9aL,0x5904e8c934336916L,
-        0x727209b6ff187f05L,0xaf4e50525cb68a5bL,0xb46a6abadc4319feL },
-      { 0xfd48d0d57890cd90L,0x5b0b68c7252942daL,0xc41023352b01887bL,
-        0x582251eb5ad09a7dL,0xbd79b557e1312726L,0x9f5ee3788057db5cL } },
-    /* 20 << 357 */
-    { { 0xa30486a6666fdcc5L,0x5cb7f7ce84056f89L,0x0f8a6b96505636a5L,
-        0xfeafdf97c6624ce2L,0x9dade91c55b8a7d6L,0x3d009219ca2b459fL },
-      { 0x483549845a969337L,0x37d57cbd323c09adL,0x32a91e91e74b9e74L,
-        0xdb4f18ff1c317c24L,0xf9f0daf342418667L,0x735a1eb946946667L } },
-    /* 21 << 357 */
-    { { 0xb395bfd1c8eaa54bL,0x8181d6262ee25219L,0xf4bf437b38d912f1L,
-        0xf9f1161228a8b32eL,0xe359adacc2be5c61L,0x71557ea2971b60c9L },
-      { 0xf071404b1b00cf1eL,0xb163c3608da3141fL,0xd9dedc07a8d51d98L,
-        0x29e89ac5ac827b74L,0xc38cef633ef35dfbL,0x9abd281097d477f1L } },
-    /* 22 << 357 */
-    { { 0xb34e560f0e6d9646L,0x4fc05a0dc0ba033fL,0xc9f5e040ddc1bcc8L,
-        0xf723b78ab92068cbL,0xd558f5912b5c7030L,0xb16bdec774ed778bL },
-      { 0xc12aacc3b32980e0L,0x856e90411daaa32cL,0x34f7a28596429db4L,
-        0xcc2c61ea415dcd04L,0xa0e192cb46b7d996L,0x5b7c845d55d87ce9L } },
-    /* 23 << 357 */
-    { { 0x9ba0a26fc0ee684eL,0x1b871ac353573254L,0x76a094bc5783e706L,
-        0xe78bea66dcc01e8fL,0x7e20c5aedfb74e56L,0xbdc5314a8710f0e6L },
-      { 0x2bcc7a0085f2233aL,0xc58dd45b8aba1575L,0xdd1c6b78e411b6d8L,
-        0xbb8d19529d23d2eaL,0x5293f3cc0066c9cbL,0xb7d0d7b0249c6d93L } },
-    /* 24 << 357 */
-    { { 0x68fe359de23a8472L,0x43eb12bd4ce3c101L,0x0ec652c3fc704935L,
-        0x1eeff1f952e4e22dL,0xba6777cb083e3adaL,0xab52d7dc8befc871L },
-      { 0x4ede689f497cbd59L,0xc8ae42b927577dd9L,0xe0f080517ab83c27L,
-        0x1f3d5f252c8c1f48L,0x57991607af241aacL,0xc4458b0ab8a337e0L } },
-    /* 25 << 357 */
-    { { 0x614c4bc273041ddfL,0x4fef1cf6364135aaL,0x2c9ac204ecf0e610L,
-        0x75a302a991a6dce1L,0xa5899c96651ec9f9L,0x6c5384f64bcad1a6L },
-      { 0xa41012e560f705ebL,0xfcf6512235e85d67L,0x2fdcfc235ced3638L,
-        0xf834fac02deac34aL,0xf5a64ec510a8ad80L,0x843855e1a412c4feL } },
-    /* 26 << 357 */
-    { { 0x440dfebd76ca517aL,0x79924057c577eb59L,0xf1aea290d038a921L,
-        0x77afb37fb0c95974L,0x48a5b9a715763d44L,0x713de85155c8683eL },
-      { 0x250e8f8239d7e1deL,0xc5f1f61c8a2c846bL,0xf26ea6f9faafd017L,
-        0x8ad26055f9d7cd35L,0xc980ba773b2df598L,0xe23b7eabd5e299a3L } },
-    /* 27 << 357 */
-    { { 0x5d37811464744605L,0xfab096990278c1f0L,0xc4d32b208448c344L,
-        0x767a24d2d7d1df17L,0x842de148773ea0fdL,0x73d7dfbdff6e40b4L },
-      { 0x3d61439283576d1cL,0x4820c435ec865519L,0xf99e84dd6bfa5e48L,
-        0xeb18687a9d0d2adcL,0xc3b7369da7fd75d2L,0x7e332b5739f5f093L } },
-    /* 28 << 357 */
-    { { 0x0796a8b6ec13d2acL,0x19036c255677347dL,0x2f0d36eef527c827L,
-        0x7c8a3d17ca61ed60L,0x3920bc68748cf7c2L,0x61835bdf9018b300L },
-      { 0x9cf595c1689d5826L,0xdc547999fb51aea5L,0x11bb04120fc297c6L,
-        0x88770df2b2f9fe0eL,0x99e031f5f6856a85L,0xbb59e8c7afe29c50L } },
-    /* 29 << 357 */
-    { { 0x714e784820dfc5f8L,0x35cde8ae2a2265bcL,0xf6b29ce4bfc32fecL,
-        0xbd5e91f1918043a5L,0xd3766f8b60f8c218L,0x273c41935298904cL },
-      { 0x0a76492d5d441fb5L,0x99cb3b1d164d9275L,0xb2be87c80ac7935eL,
-        0xbd1a1b3f0962981bL,0x8a0c207b96d0df2dL,0x1bb1e505929752d9L } },
-    /* 30 << 357 */
-    { { 0xa574de94621b2705L,0x0d0ca1b73e3f2227L,0xbdc9ddf2e49bc2d8L,
-        0xfbc7254309d314f0L,0xf5900cbb827e0b1dL,0x3994eadd8a7e8164L },
-      { 0x2e7949793046f170L,0xde21ddc3c6883cc6L,0x9ea19d34bcd40da7L,
-        0xb4334df8f01a9ae5L,0x801496ebce8c53c7L,0xc2a5e8527a4b0601L } },
-    /* 31 << 357 */
-    { { 0x435a6c512ecf62d2L,0x757cd8f6559a6a0cL,0x47833f815e4c0d40L,
-        0x2d0b48047d960c6aL,0xf5474833473d5eb3L,0x70264154bf756b52L },
-      { 0xcc46e58d940bfb7cL,0x2e0dd3a69c89d48aL,0x483f3ee19387df66L,
-        0xb3097da4585d3600L,0x82d64b4d76411ef9L,0x0df7d95719682e87L } },
-    /* 32 << 357 */
-    { { 0x179c59cf210c3144L,0xfb613c5733eebbc4L,0xdda75cfdba0cf384L,
-        0x94081a5b3a8fbafaL,0xb91de90a33384e0bL,0x7d1f8f4027aa2a45L },
-      { 0x0747bcc162031148L,0xd2db8e39f324160bL,0x9c1ce3e9722484f0L,
-        0x13a7ee5da62d1ddaL,0x77fd79343a963bceL,0xcd3d871783d2f21bL } },
-    /* 33 << 357 */
-    { { 0xc7c8eedc93a27196L,0x0832b0dfa8abe585L,0x31fe11e8d8adfb86L,
-        0x1091601e9d50e4c7L,0x7931a284ac3d2ca4L,0x0f1464b6f3fc6641L },
-      { 0x2ead94f3260f29a7L,0x914b8396d88a7696L,0x950be4bbe73d807dL,
-        0x26d0115e5b3ad83dL,0x3de8a73146c22525L,0xe50825dac5fffff1L } },
-    /* 34 << 357 */
-    { { 0x716378cae4b98aa8L,0xacf8d67b59b746a9L,0x78f0b5eca65ce8ebL,
-        0xe5997983523cfa35L,0x85bf5badbeba89e3L,0xc8052bbfcfd73b41L },
-      { 0x0b3d77139fb311a3L,0x821a20e2d96f696fL,0x0f087e5744657c9aL,
-        0x72031f281ecfea36L,0xd0765f333f32b010L,0x0412c69929c48643L } },
-    /* 35 << 357 */
-    { { 0x53d361b89f501481L,0x8970937717153c6fL,0xb52280b916bb8d8cL,
-        0x5985cdc0b33dabd6L,0x35ba0cd9dca8ae72L,0xf55c6e7301bc4efdL },
-      { 0x2106ed2f269577c4L,0x4cc34291bfe765b4L,0x9f4168ea812eb958L,
-        0x02869228999ba5cdL,0xff91540d3ab27498L,0x9020e6e158e55a79L } },
-    /* 36 << 357 */
-    { { 0x1a5b15377f1c7cbdL,0x5b31930b7cc17c56L,0x5b91e1a492cc8cf5L,
-        0x970e43deeca08bdeL,0x36424bfe0e2e963bL,0x2e49534968b1a489L },
-      { 0xe350ca52d8e85a9aL,0x3cb9f599ae2cdd7cL,0x0ff35a0aa83215ecL,
-        0x64cf57b81973a966L,0x128be6cd36b26702L,0x8067afbd5f65f7bdL } },
-    /* 37 << 357 */
-    { { 0x23d1f49215876c71L,0xafb21c1d41e7495bL,0xdb3ab62c2705885dL,
-        0x20ff803f7ba216cdL,0x26cb190699c9ee55L,0x8280dc9c0fb05389L },
-      { 0xadf55171df1020dfL,0xc044e9bcbd011b5cL,0xe21aaa60cbed2430L,
-        0x5939fe583336df4dL,0xfa306816ff78c665L,0xba92ca8243eb18f2L } },
-    /* 38 << 357 */
-    { { 0x6f05e6241b7edb64L,0xc280105b6681f48fL,0xd1b94413f993dc9eL,
-        0x84f24c01e46de412L,0x092017d54abbf7dbL,0xb73193a56f7b1b08L },
-      { 0x22a7c5765195ae46L,0x81dd6b12610c28efL,0x61959874ad7bfcc1L,
-        0x3ade0a77d15f8cf9L,0x124cef4d954db624L,0x0733bd7a5c247650L } },
-    /* 39 << 357 */
-    { { 0x52d7f9ddf1cee098L,0x538b7fa17a6a2ad1L,0x5f2294312911e75aL,
-        0x71c337b7e6ef0271L,0x5e278a1267ee72d1L,0x7b348c756f33fea9L },
-      { 0x7bb59f1a694bb928L,0x5783e43f292b258aL,0xe3b53ca77181f1d2L,
-        0x028ba90e051c7d2eL,0x4bb06f9364789d76L,0xcf97fc4da228a7a7L } },
-    /* 40 << 357 */
-    { { 0x3dbb3fa651dd1ba9L,0xe53c1c4d545e960bL,0x35ac6574793ce803L,
-        0xb2697dc783dbce4fL,0xe35c5bf2e13cf6b0L,0x35034280b0c4a164L },
-      { 0xaa490908d9c0d3c1L,0x2cce614dcb4d2e90L,0xf646e96c54d504e4L,
-        0xd74e7541b73310a3L,0xead7159618bde5daL,0x96e7f4a8aa09aef7L } },
-    /* 41 << 357 */
-    { { 0xdf5c2fa79111caacL,0x493ada25b04d2b3aL,0x5c4850bfa39a7872L,
-        0xbeae16c067e07e93L,0x63bd7d390178358dL,0x7a7e56a1cfe0bcd0L },
-      { 0x9ba7a4500816b666L,0xea6c70c8dae070dfL,0x84013756832c2b35L,
-        0xa28e5dd08d3e9fc3L,0xd67665aac653c08fL,0xee54d7b6aa6bdff8L } },
-    /* 42 << 357 */
-    { { 0x99b870afadbd24baL,0xb34fa9083bee289fL,0x4a20f29bae836fa4L,
-        0x4188ed5024b464c3L,0xfb93f48fc6c00297L,0x334b8689736186ecL },
-      { 0xbf7f1c424e1016f1L,0xf95e6e59413ca088L,0x5878156c288912d8L,
-        0x9e99199704c7ce69L,0x0f0c185d5d6520d1L,0x1ed2ece33fe6f498L } },
-    /* 43 << 357 */
-    { { 0x319fb249607cfd40L,0x5920056f62b40e28L,0x9ab4528058631ab5L,
-        0xb527738f413452d2L,0xb2885e46b296e602L,0xb1dcf41a74824807L },
-      { 0xca9d2b06b2ad2fc6L,0x500c5f11ad05eeceL,0xca94160f21f3db6aL,
-        0x693adf4e262470d6L,0x1f4c62c5480b0cffL,0xb3ebf11f54c748e4L } },
-    /* 44 << 357 */
-    { { 0xc8ae4d2bb4ef93b3L,0x4967da7b99758d99L,0xd1483a1fe04db9baL,
-        0xf5e657df3033474dL,0xdd9371c89db4b96fL,0xb5f288956044b259L },
-      { 0xe8987a43b2ec27bdL,0xaabb1ae68fce67bcL,0x4518fa3eb2b97680L,
-        0xa0142a13748591e1L,0xf9148ab96c2db557L,0x65592253e0e4f9e7L } },
-    /* 45 << 357 */
-    { { 0x21163809bccf41d8L,0x0eafed515b3f09d1L,0x3b5360d9d84b27f6L,
-        0xee752fd04411d37aL,0x1cea3b5c6a3f5027L,0xb206e74d9454d9f6L },
-      { 0x710715dab52af43dL,0x8175ca136e6c6463L,0xbdb123d39689144dL,
-        0x569e6edd4d9c459fL,0x070f09a4f02e5b25L,0x691c23ef3d79a7b9L } },
-    /* 46 << 357 */
-    { { 0xc0c94165781356cbL,0xcb9fb705876a839bL,0xfe23f07e89db25feL,
-        0x710f0fa3a52cec3bL,0xb0ab363073e0f037L,0x3b79a8167c9aa037L },
-      { 0xdbc7f83ca1f13fe1L,0x8bd910c63d653a81L,0x2e54ad408c78d003L,
-        0x0de02157a3e9ccf0L,0xe9081e8bf7670dfbL,0x6a2ad476c8647bc8L } },
-    /* 47 << 357 */
-    { { 0xaf58106ebf047836L,0xadc3245e195e5675L,0x75612e175290e051L,
-        0x27b81bd869d46bb9L,0x9d4dad5b5417b5faL,0x19850d70fd024259L },
-      { 0x987daa604b0a86b5L,0x5d5a5f9c0358a944L,0x9008682f48d2ff67L,
-        0xc9db4d4b89e81cf9L,0x133516bc850eaae4L,0x0b5bfdc81da8bd19L } },
-    /* 48 << 357 */
-    { { 0x609deb162d8bcd6eL,0xe42f23a92591750dL,0x4a9f3132b378305cL,
-        0xf101799869275f5eL,0x14be746761b089b5L,0x05f620d20c81b0c5L },
-      { 0xca90a9c06cb8412eL,0xfe0f6a8915b1b0d5L,0x1b25ac9620c71988L,
-        0xb971b61a390aedd0L,0x995214d779d8cd39L,0xd7fa135b65c6e11aL } },
-    /* 49 << 357 */
-    { { 0x5aaa98f875330325L,0xc900a7781f3541a6L,0x69bcf864174a3200L,
-        0x3abc5ef71c46b3e2L,0xa53c9e4e47851b97L,0xc166a4e22acdc42eL },
-      { 0x49e4e6fdb19b4678L,0x4fe02cb162b7da19L,0x575c61a6633153feL,
-        0x49578b28a4f83b70L,0xc6840d063737532cL,0x93047d40480f55b9L } },
-    /* 50 << 357 */
-    { { 0x835be7417d930332L,0xa4d001bb2cd86fc4L,0xef141e30a6e3a24dL,
-        0x4047620adc328d2eL,0x5c80a3bc9a5f1f12L,0x6cde5e4ca19b423cL },
-      { 0xcdd5d7773ba0fa5cL,0xb96dbe62ea85c28eL,0x963c02245c804896L,
-        0xb2a581abe5dd6b98L,0x28a908a2abc8dac4L,0x5834b212985fd18fL } },
-    /* 51 << 357 */
-    { { 0x02757b1f0fbe0c5dL,0x2d0d05a854ef99e2L,0x2bda526d0377ffa0L,
-        0x58ca8b08925985afL,0x1fb7dbe727b69722L,0x322d7db5f1c57fe5L },
-      { 0x4049c8bcfdf111f3L,0x0b4712974148b027L,0x34fcb1e58782dab0L,
-        0x697dc9431665557cL,0x3ae30e2844659ba2L,0x479dbc2f118e7417L } },
-    /* 52 << 357 */
-    { { 0x10b10d86227e8607L,0xe83536281d1be36aL,0xe34068f9d952b0e9L,
-        0x148eeb38fdb6ea99L,0x82657d605547e7ebL,0x9c35dc82a86155eeL },
-      { 0x408f79262060a81aL,0xf2a79205a6282e8aL,0x10dbb58526e70e7cL,
-        0xd636f8225df85d6cL,0x03202c027682b922L,0x31323940baf18500L } },
-    /* 53 << 357 */
-    { { 0x5882374401879796L,0x068943ccd1249281L,0x20dec1c12e1d6effL,
-        0x5f4c2c070bdddecdL,0xc56d52b37ee724c3L,0x93bc2c7a559e25ddL },
-      { 0x0c95d2e5f98a9940L,0xc570e96ada60a809L,0x94c4a964076233eeL,
-        0x843c99627dbbc526L,0xe4075129d4cdc652L,0x0afff70561cb2698L } },
-    /* 54 << 357 */
-    { { 0x3ec1e3a5f607f893L,0xd476dd24054aaa8cL,0x2cb92280a93488abL,
-        0xc8d1207710d1dc68L,0x564839b9bfb494e6L,0x7a13930ceabdfe56L },
-      { 0x52f72a9724f9b183L,0x30ae4bc87e9c6fc3L,0x3d7d2765f35b8e6cL,
-        0x701f3d89a665ba55L,0x98f2fe85c466111bL,0x338073600c1c0dadL } },
-    /* 55 << 357 */
-    { { 0x7dd106bab3a48d42L,0x7eac4690ebfc75aeL,0xdbf3547e68ef4ea3L,
-        0x3629c438a1a5faa2L,0xac2aa55e653bfd97L,0xae5cc39752c3b8f9L },
-      { 0x117380552853b626L,0xd5a955f224a0dfe2L,0xc4356ca25940233eL,
-        0x73f7eda97994aedfL,0x2bfa76c693b185d9L,0x091cef91a0327108L } },
-    /* 56 << 357 */
-    { { 0xa8393a245d6e5f48L,0x2c8d7ea2f9175ce8L,0xd8824e0255a20268L,
-        0x9dd9a272a446bcc6L,0xc929cded5351499bL,0xea5ad9eccfe76535L },
-      { 0x26f3d7d9dc32d001L,0x51c3be8343eb9689L,0x91fdcc06759e6ddbL,
-        0xac2e1904e302b891L,0xad25c645c207e1f7L,0x28a70f0dab3deb4aL } },
-    /* 57 << 357 */
-    { { 0xf5dafec85f102704L,0x2f3b6b6929f5b946L,0x84472c029d4c9979L,
-        0xed49f3e6341f0150L,0x3ee3432eb3bb085fL,0x84c553183cbac42eL },
-      { 0xbb358bd9dc4c7ffaL,0x0713917d2db356ccL,0xc73e9fd0670c7139L,
-        0x87600c4c3581108eL,0x2ae731d7586af51dL,0x30630ad6614c126eL } },
-    /* 58 << 357 */
-    { { 0x15f8fba7712c0edfL,0x4a1f93baa2c363ceL,0xfabca37e8f2948a4L,
-        0x652922e4dd765560L,0x2da78559220cb98bL,0xb797746a54b940c4L },
-      { 0x8535fcfc591bb7faL,0x58857815c25376e3L,0xcd8db789da627557L,
-        0x718072ca318512b7L,0x92266469813efd94L,0x3217649aafa85382L } },
-    /* 59 << 357 */
-    { { 0xd517b39e51c4bf28L,0x6614c16261f583a3L,0x79c72f414739ea59L,
-        0x597e1c2ff76e80f8L,0x3a72b05e7b846f3aL,0x1849e5126c0a45a2L },
-      { 0x79a6ea5b9d506d83L,0xc48e570219b7f46eL,0xc89c5047c524bb48L,
-        0xafc1fdd99cb88cfdL,0xb07eaaa0b82056e6L,0x60f6544f05885df8L } },
-    /* 60 << 357 */
-    { { 0x9894ef75f39e2738L,0xac585d07b40db6ecL,0x07d9e938c4cfdb92L,
-        0xda174933737f1a7fL,0xa4f1fb65484031a6L,0xa96d9f612c21b546L },
-      { 0xaf981519d24ccee0L,0x238de6de9d53b571L,0x09afc481fd78c3ffL,
-        0x4351715d9ea7f6fbL,0x91a02325b14a7320L,0xcd8958d8bbb6346aL } },
-    /* 61 << 357 */
-    { { 0x22ef4217452ae6a0L,0x3192309d9ced837aL,0x773585ed2ba43ee9L,
-        0xa9b29d94f3379e81L,0x43838b3aa6835e44L,0x1afe27ab0c7b2336L },
-      { 0xca1dc61683ecd230L,0xc9e8b95e6d235df5L,0x9667829b2af11adeL,
-        0x27254b0fbe532148L,0xb50bc3c86d233f14L,0x30e0e450bb35d985L } },
-    /* 62 << 357 */
-    { { 0x8b3f79087b95cf32L,0x67c654b06272c619L,0x61160a9d22c0f46eL,
-        0x1cce95721d2e36ccL,0x62bd951d3990db3cL,0xcf0005c8d9700d14L },
-      { 0x304aff9c70116120L,0x1c919dd2b08d57ceL,0x841b058ec0c0c0b0L,
-        0x7cfd4deb7af05aa2L,0x4fbd13c57b11ce5bL,0x03e07dc9f8259bebL } },
-    /* 63 << 357 */
-    { { 0xe9b37f569d0703e0L,0x7b5e0df5f83c215bL,0x7fbb40f0d3c21efcL,
-        0x87a2ff119fb33620L,0x208b062bd1176635L,0x806bc549950d30efL },
-      { 0x862de3a4ae2bf355L,0x917b06bacf9ef6e8L,0x55f1ec4cadacc178L,
-        0xbcd679fc81d752fbL,0x9404d6ce65a00270L,0x25ce99e6000c6e1fL } },
-    /* 64 << 357 */
-    { { 0xa13f19b40f3ff12dL,0x57ee08b1019564aaL,0x00ec0c997044a6f4L,
-        0xaf5665f8dca1075cL,0xded5ca3f0620ab0cL,0x9b2cb8c7a896deffL },
-      { 0x032ab2b307df2345L,0x964d109ef1da3f88L,0x2286b6f725133304L,
-        0x0d16d531977a4567L,0x00a66036f1abae4fL,0x5debab1d95f0103bL } },
-    /* 0 << 364 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 364 */
-    { { 0xf2cdae3196230a58L,0x47cf36b4f304e1eaL,0x9d14f25ad750b29bL,
-        0x931b9c65dba15f3eL,0x34db169ebf9fe2ddL,0x8a89e47c52663433L },
-      { 0x8859a4f8026ec31fL,0xeeb703eaa913ceeaL,0x74638d6a67ac4db7L,
-        0x5c8ea7b2be25d755L,0x8a0f0a8738db10eeL,0x96a26bace890bcd3L } },
-    /* 2 << 364 */
-    { { 0x883533af64a5e869L,0xaaa778c26973ec23L,0x8f0b5fb546d0fcf3L,
-        0x7e6b0a0a4ab05da7L,0xcd91a869c67b6614L,0x7de9f2ff6c6f7cf2L },
-      { 0xc072a106d1ec14c3L,0x3f4b960642a128eeL,0x7378192c8f0ce946L,
-        0xdf2e7b9fd1149441L,0x4fa17cb614ccf45aL,0x575680e945f03568L } },
-    /* 3 << 364 */
-    { { 0x0f4ca7803374f910L,0x5948ae98fedc5b5bL,0x4873625b4ef805afL,
-        0xbddba22fc015c586L,0x7091b50aa41a8c93L,0x721dd3384c005f42L },
-      { 0xf43d37462065f41dL,0xd16bae3e172512b3L,0x3efca10c8277068fL,
-        0xd0c25d7b77513f00L,0xc0015cc12dc3af9bL,0xdf11a4ec94c6cadaL } },
-    /* 4 << 364 */
-    { { 0x8b70e94f8f458c68L,0x292726544160ecc7L,0xe22219ba4d3ef22fL,
-        0x7f8a712a1999f948L,0x25575e96abfe7302L,0x21c6ffc6564a1af0L },
-      { 0x045e9c667e8500daL,0xef7c3cf704ef8ea6L,0xdd23b825c3db161aL,
-        0x05fb173aba33a906L,0x9a8b5ecb870e41f2L,0xf3d9db0bccc30d1dL } },
-    /* 5 << 364 */
-    { { 0xbed7d94ca1bf2c8cL,0xbb7f437cb8b719ddL,0x65416af6106834bfL,
-        0xdade8a144c4f7448L,0x62227a1d881dfc06L,0x37bc7de58dc2b7bcL },
-      { 0x4f11541712ce030bL,0x72439d8ac2a9e0d6L,0x98cc53aba0f1b961L,
-        0x2f68011d48b0ec8eL,0x4bbc34679c72d034L,0x0320c1469c576e38L } },
-    /* 6 << 364 */
-    { { 0xd9243926e873ff0fL,0x2e2a5ab6f20b0e49L,0xa1bcfeee0e35f201L,
-        0xd25be5f3196f23f3L,0x298c67f2ffc1d068L,0x77dae55c0c3d950bL },
-      { 0x5e15ab998822c996L,0x52de2e6d83f60a98L,0xa9f82ec947a7e269L,
-        0xf02af9a22ac22e49L,0xdfb3103fa706f090L,0x125599623cf8dcb0L } },
-    /* 7 << 364 */
-    { { 0x9f5f44fa666e278fL,0x53c88803f5582c78L,0xd7e8f258f9627f9cL,
-        0x22499dc938fd51bdL,0xa9d7497c846a4a79L,0x791b8ead026ae250L },
-      { 0x84d47d19db15ff63L,0xb58a82c0267b44b5L,0x9b2f138806a52e30L,
-        0x3fc8da027f08953fL,0x22d074d292fcac08L,0xb9c7c3db701d73fcL } },
-    /* 8 << 364 */
-    { { 0xb7b8562588ad12b2L,0x81f5958b1e44b254L,0xb4ebddd5c91b8ffdL,
-        0xef815ae155d38511L,0x98587d551b0da525L,0x1d41817734a9ebbdL },
-      { 0x844811fb1e6057d7L,0x0c16977176e5976dL,0x4b268bb4f623789bL,
-        0xb26ae5be40498058L,0xb47a5ded3c2b435aL,0xe15a684b8fceceb3L } },
-    /* 9 << 364 */
-    { { 0xd55407583353db48L,0x0e334ccac0c0b5e9L,0x679a935f270c48d3L,
-        0x170693e436ef0e90L,0xc72fb12f9de59023L,0xaae13a0e9371697cL },
-      { 0xe98ed704d8d56e4dL,0xc6de5384eb71f091L,0xba63adccc6d905a8L,
-        0xc84e614d66e40dd4L,0x15dcf1a3fa0f55e3L,0x4e26ee3af157c7a1L } },
-    /* 10 << 364 */
-    { { 0x122a3eedd09dc3c8L,0x6a19907faefe0819L,0x057aafa1da325339L,
-        0x138033bdd42a5345L,0x8ac206af1a065ebeL,0x0a46f5ae25c31ed6L },
-      { 0x7fc577a9d7e379dbL,0xc6df694369dcee54L,0x4c167ba2a8336bc1L,
-        0x0fbd9708f3a1339cL,0xc6b8c01f226f612fL,0x5d4ed789d51332e1L } },
-    /* 11 << 364 */
-    { { 0x67ead4e0f6a40814L,0x42fe051ca2ec9ae1L,0xc09f84395eba62cdL,
-        0x7bb5ba0c9d8e7305L,0x85962d0db46f81abL,0xc7183752628b18ebL },
-      { 0x7a1f023edf58ec0cL,0xf21bfdbaab6535dfL,0x12add590801d2481L,
-        0x1fccd1e37a11520aL,0xf83caddd6fa8f8e2L,0x99e7256c24e58433L } },
-    /* 12 << 364 */
-    { { 0x26aa2c2e5a1abcd8L,0x2b16a12e9609d9d8L,0xe485a551a2bee00cL,
-        0xfa28c30bf4f2292eL,0x99abef78b7358f1bL,0xda6b3cdf10a276a1L },
-      { 0xbd3858b747c03f71L,0x4f0bf5f0b22d05d1L,0x2d80f5d28250f760L,
-        0x060f9b278cd9666cL,0x6a6c40b0b1b014a9L,0x44537af38c440a9eL } },
-    /* 13 << 364 */
-    { { 0xce1c070a2275263dL,0x2723b3d149cea971L,0xedca02f5817001b6L,
-        0x5c160e9349c946e4L,0x273b4952458a5265L,0xc7bcd7c610385173L },
-      { 0x22cddfd17fb08b14L,0x959d5dfe10f73d01L,0x900f5f348e387351L,
-        0x6d7381dfdadb8695L,0x8dff2b193aeafba6L,0xe4a8d6bd8adadc36L } },
-    /* 14 << 364 */
-    { { 0xb564cfd676faaca5L,0x8a6e3925920dd223L,0xee59a140a590a383L,
-        0x9e29b552a1922ad9L,0x604367de60a0da63L,0xc498aca592c35fd0L },
-      { 0x74135082250ed8a0L,0x5d109d1a6c7c3e77L,0xf9e2d84dc63dff94L,
-        0xca50f5e4f7aa2b0eL,0x7cba9e87d543d389L,0xaf5fbbefd8fd1292L } },
-    /* 15 << 364 */
-    { { 0x3163e2e895bcc345L,0x4ceaaf2d80d9a931L,0x4d2dc44b2f621612L,
-        0x2a5f60b86cc8ffd0L,0xf49038cf7e8c9434L,0xb580b8c508015b8fL },
-      { 0x4283ec01d52af80bL,0xac9dc35f99076245L,0x38785f7bd64c3dd8L,
-        0xca19c17623bf8915L,0xd778291370478260L,0xc1e48e6816e34149L } },
-    /* 16 << 364 */
-    { { 0x707656834fc11c3aL,0x53a9403166aac4d1L,0x2a935ef0a6db6169L,
-        0x002927612032d599L,0xb5babb2d3a6f1316L,0x601a7dfadb26af51L },
-      { 0x00c340131322d983L,0x45b062ec2bb507c5L,0xa1bbe2ed0f9b3656L,
-        0xe17a5d4934031d18L,0xe3661047f8fe1224L,0x0e4f3b3d623c6cf5L } },
-    /* 17 << 364 */
-    { { 0xb335d83c7c3b8c3cL,0x01eb94f059359a67L,0x3a8359a6aef3ffa0L,
-        0xb0270076ecd2d862L,0xc946b1610377e30eL,0x9a5506c282bd6ae1L },
-      { 0x737bdad0218512dbL,0x449238633487fb13L,0x36026dd12a8e7907L,
-        0xb67bdc80784811eeL,0x9f92cc2405c90646L,0x02c551554c370746L } },
-    /* 18 << 364 */
-    { { 0xffaac084ca45cccfL,0xaea5cc3d061ffe3cL,0x7c5d7c60b355f387L,
-        0x4bbb2a0c99cba92dL,0x6b4ba3ef2f7768d6L,0xc7484ed2cc5f9c40L },
-      { 0x5d4e92fc52b57a7eL,0xba9f16c4ca2c200bL,0xebe02a8a3797ccbaL,
-        0xb6b3f42138c4133aL,0xad5d85b68153d033L,0x782d6ee85714f269L } },
-    /* 19 << 364 */
-    { { 0x4654991087f226ccL,0x97894d5fc7bfffcbL,0x94f67786b3cabb83L,
-        0xa6abaa960d788dc4L,0x08ae72d61723738dL,0x5003f41d86704dfeL },
-      { 0x67687c3d40fb0a3cL,0x6fdc98c9b43320aeL,0x0f22572fdeb08964L,
-        0x05bb02a4c8002624L,0x4c5adb7f987c2991L,0x3f1c6dddef4e60cdL } },
-    /* 20 << 364 */
-    { { 0x7845b6969c0cf752L,0xb82d052b5a732acfL,0x7760564c1262877bL,
-        0x29b3c57a8ecc7aa5L,0xb58eccb0df1ebbedL,0x86fc15443c3a3303L },
-      { 0x44761ddf13060f0eL,0x5a3dacfd7371a5a8L,0x846f6faaf7cbc2bcL,
-        0xf5e098b0368caabfL,0xe23ea10710c08769L,0xbc5df1db1563fcdaL } },
-    /* 21 << 364 */
-    { { 0x75647f6476638edbL,0xb76ceb04aad6e25bL,0x33c73367d9393a41L,
-        0x8396726dc55f0feeL,0xe1cbd48e751b3d43L,0xb779c5bdf47141a3L },
-      { 0x122b85434eab6097L,0xeabacf45e08c6fa4L,0xdb32eab7769f49cfL,
-        0xf956976a04ac2cb4L,0xf55c6fcb5ea8e71aL,0xd72940dfbad47ea9L } },
-    /* 22 << 364 */
-    { { 0x65c3a54e142d8955L,0x5c6583cce7814f25L,0xbd5a07d8d924dc7dL,
-        0x9f717bd9c28f6e8eL,0xa0c4ec4e3b6540a7L,0x3153bb2b142b3283L },
-      { 0x53bf403c9b296946L,0x659a828ab1cdb6d2L,0xe9517d811369af19L,
-        0xd8c7a0998990e7a0L,0xbaa9f59de535cd04L,0xbb0cc68e0f269551L } },
-    /* 23 << 364 */
-    { { 0x2b4a0e69d0cd5fc2L,0xeb8dd25981167a94L,0x356198ae61b73503L,
-        0xb159ca12e5289d45L,0x99d71c97991765b5L,0xce3a3b6c198e10b0L },
-      { 0xcf6ee0bcafbb512eL,0x4aadd1381e19b49aL,0xcf6a9cf3b4806f0aL,
-        0x6aff0386ad688bb4L,0xea487c6e4f2e5065L,0xec200f4b56573b51L } },
-    /* 24 << 364 */
-    { { 0x3c00ac526a78c6e5L,0x9c61aca6defaa52cL,0x0034128939794a09L,
-        0xe08910d141cd7c0aL,0xa58ffbb6a732e3bcL,0x87bf51ab91fe8fd8L },
-      { 0xc4f4f2674a59e2beL,0xdeb512c7438071c8L,0xddf82842e9cd290bL,
-        0x3e17311d6ae85fe0L,0x6e9236a9b41be881L,0xbb9ddf9853555ebfL } },
-    /* 25 << 364 */
-    { { 0x07d2df1162bb0e3aL,0xe74ce211ce469affL,0x9629d7d4756b5a83L,
-        0x61d2a633aefd449eL,0xd39a6afe491e503bL,0x0f1568d14d2b2ed7L },
-      { 0x8216304cd19611bbL,0x6df99bbeb27388daL,0x2b0f60c0b7a3b4beL,
-        0xcff84c1c7dadf840L,0x470201e28a9f8a49L,0xcda3693c21afc717L } },
-    /* 26 << 364 */
-    { { 0xccc163ea09f3f0beL,0x9932b56f6a5b0a63L,0xf89fae919c69668eL,
-        0x555f98215ce13021L,0x4b02693f37037aa9L,0xc4afee79bde50f35L },
-      { 0x4b0919c202aa6c7aL,0x3166de2a991e15e9L,0x284baa3e7077fb38L,
-        0xbb7a6416a116ddecL,0xe8c89547b7636772L,0xff9403620ef92c54L } },
-    /* 27 << 364 */
-    { { 0xcd183e8bd3ea4c3cL,0xc8ce2f2154b7ac32L,0x75387e04be960826L,
-        0xaf878400f2e39f5dL,0x7fcefcd94fa628f7L,0x76eb621c34582cbbL },
-      { 0x44e1f848f29d2496L,0x42aa36174ab4eb21L,0x43cead840c08b50aL,
-        0xfa4ecf60dd44f7c2L,0x5ac9ffd59f817546L,0xec11567eabcc594dL } },
-    /* 28 << 364 */
-    { { 0xd5d81275e2ce6008L,0xc45bdf250b3b9d10L,0x15ab5da36cbc83e2L,
-        0x85a18cf8c52a66cbL,0x77e202b8b042c047L,0xc4dc3de2e7e7997eL },
-      { 0xfe9335b1995fa67aL,0x809e161d75b96a00L,0xfb03c2a5a0c3baeaL,
-        0x5c7e0523888c2f77L,0xa8fda1c887ad10e2L,0x90484f78858a3577L } },
-    /* 29 << 364 */
-    { { 0xefc5aa2681bf26c9L,0xdbe91f606bf105bcL,0x0d70c4d4369dd3aaL,
-        0x2b357b847af9bf66L,0x4293e9a01f27f163L,0xc846f67cb3eaeddeL },
-      { 0x4556bb787da305dfL,0x4ecebf83a5a26bf9L,0x8e05af924c1bc430L,
-        0x4f3bdaba70f80402L,0xccaccfd3cf204577L,0x8fdee135a0c42d1aL } },
-    /* 30 << 364 */
-    { { 0x49e41f0af9fde126L,0xec9600443613d3c2L,0x2c62a49d10421d3bL,
-        0xe24024648131a0d8L,0x8a7ce188bdf794fcL,0x704dea7d4665b1b6L },
-      { 0xbdb9c18e4d57c6baL,0x5288a053f669b3c0L,0xbf7d01b878a5e252L,
-        0xb26cccf926b9cb7dL,0x14191a3284326c47L,0x460ff74791f8425bL } },
-    /* 31 << 364 */
-    { { 0xb9958c5397698b9bL,0xe1f74292c27f96ffL,0x172b0d50806da6bfL,
-        0xaf3d889ddd38b97eL,0xe7a75ea409c688daL,0x1f0951b85c631b2aL },
-      { 0xdad8b2adda1c111eL,0xbacb9cc832813338L,0x30b8336b10582abaL,
-        0x0ff3d7549494e71cL,0x8d99be5cd663ed6dL,0x8eb412cf7073a941L } },
-    /* 32 << 364 */
-    { { 0x59367582bd27be7bL,0x92bf5bbc1ab2c596L,0x5d96351af6a27741L,
-        0xeab94db87f929e0dL,0x865ba011043f1afbL,0x43acea125fb631ddL },
-      { 0x192e0652b2fd1436L,0x44f22ff17b38d121L,0x7bcc228db7cae5f6L,
-        0x02eaeccd6a828b03L,0x7c48a2ea91f301aaL,0x1e090717f5eb1a07L } },
-    /* 33 << 364 */
-    { { 0x4c7f41b4609c6818L,0x978c2a561c82b3c4L,0x68404f1d7f6ba836L,
-        0x91e056d0c863aa7cL,0x0b24599ba2261804L,0x16e9060dcdd7596fL },
-      { 0x42aa49434eff004eL,0xb99408690438f1e4L,0x28299e8581775712L,
-        0x498998eb83be6877L,0x84273d9e91328a67L,0xb7e9076e9a87bc8cL } },
-    /* 34 << 364 */
-    { { 0xe8d204865e5aea08L,0xaa946076addc7ba0L,0xc0153a9bb6a5cabdL,
-        0x622271bd4fbe43e0L,0x44de159cbd62e5cfL,0xefca41112b9b63f8L },
-      { 0x30774d3cf5269928L,0x4fbb7ff84ac0c8b6L,0xe0611f1f8839106aL,
-        0x5d4121204ffa4a64L,0x9552c123e86251c0L,0x57d029680efbdb14L } },
-    /* 35 << 364 */
-    { { 0xdf3f8e06d7aeacd2L,0x725b25fe4d0e7af3L,0x1794f0da5c17392dL,
-        0xabc807dac977ff46L,0xd90e6c8f0d5ca66fL,0xaf8eb526c2d26d49L },
-      { 0x4661962e8a8efa37L,0x2a2cbeade87ad53aL,0xa57d34b1ce3ff40fL,
-        0x1190437dc6aa3067L,0x92c31e779db66b47L,0x86a8ee0f8e8a70d4L } },
-    /* 36 << 364 */
-    { { 0x7b65bb14de97229eL,0xad6e3fee4c6d35b8L,0xfcbbf6afbee3f5d8L,
-        0xb51549ca4a438fe3L,0xe66e615d437d531dL,0x9ee793eabf168624L },
-      { 0x796789b0f8878a84L,0x3d38950dd32ec2ecL,0x74c37196a638d45bL,
-        0x35d318327aeedaf0L,0x082c44f046a001e5L,0x93fae5cf89886220L } },
-    /* 37 << 364 */
-    { { 0x8e585fea499b635cL,0x60afcb3566781e83L,0x06594d9267482257L,
-        0xb9f6101128773448L,0xba9ef7102817fd2aL,0x494e05b2aad046c8L },
-      { 0x65d804fc1614e265L,0x1b0884c6d97fe002L,0xd7d34f60875bcc2dL,
-        0xf34725444b440852L,0x49386bfb95591325L,0xe3966f4ccf68a142L } },
-    /* 38 << 364 */
-    { { 0xa5f3bc6cea06320dL,0x1bf855c637ad6e7eL,0xce7ff06ec58befadL,
-        0xcf0d22cf1c2c0478L,0xf53e473e75616621L,0x00539f8700829986L },
-      { 0x45398355844866d3L,0xbade46a2d710bc63L,0x6b3da567d4e2641fL,
-        0xff70185978fd963cL,0x2eefaabaa5bc18a6L,0x61eeca92eb64cd49L } },
-    /* 39 << 364 */
-    { { 0xdf7c7c0b4cd4c82fL,0x67a26a97188ab9dcL,0x58c5bd74dd189cebL,
-        0x3e1e93a9bb6409f2L,0x0d18a8bca6bb744bL,0xad3eafb45328dcf0L },
-      { 0xacd15db5e311dfe8L,0x13a1c10ac1e849bdL,0xfaaa7227e1e73aa5L,
-        0xa4cd2400e33d4665L,0xb9be68d9d6d527b4L,0xfe282bc05efbfc40L } },
-    /* 40 << 364 */
-    { { 0x159b38e17f8fd522L,0xf3ea27b5755e2bd8L,0xfaa52efebf11ac90L,
-        0xc2014b892cb9f6dfL,0xa711c179d8baa5d6L,0x5474c1ceb22c2f27L },
-      { 0x3cbc74cb031d05d9L,0xddd97ca6c44e469aL,0x21b386a647db83e5L,
-        0xd1431c7b7abc0595L,0xbc05d009a416a325L,0x1c29eb709da53e92L } },
-    /* 41 << 364 */
-    { { 0x7f1aaf98181ce8a0L,0xa890cd3b6caa5b6cL,0x5d78dfaa5fbeac66L,
-        0x36c63cef3d3d4594L,0x6f89ac3ec36d117aL,0xce9095640fc90e27L },
-      { 0xaa356b1ac127aa76L,0xfa42cc119d181455L,0xbe4622fcd27f5ab7L,
-        0x58d924542c3d54f7L,0x78a84f6b07e93c24L,0x5bf7cd278bce9a46L } },
-    /* 42 << 364 */
-    { { 0x4bde9ce5f810db3bL,0xec4a74b7281552edL,0xf5b4fa5fee085bb0L,
-        0xb07a62936192c8b2L,0x163ff0d1fb18d219L,0x8d4b5e1d8e0ce753L },
-      { 0xbfa6211baebcbf50L,0x1ed6d4b4fecc19eeL,0xbf6d514b82393e94L,
-        0x90b356c1711e7d6fL,0x87b28dc2f975139bL,0xc41900648d8bebe9L } },
-    /* 43 << 364 */
-    { { 0x3468af53e8d49368L,0xa0a07369ff825262L,0xfad134fd662958f7L,
-        0x5be79c00ce900822L,0x4909a56c44bde5abL,0xc2e8c4df4862e335L },
-      { 0xd5e9b9386e7e41f5L,0xd3828d424fe474afL,0x058b2723cef44adaL,
-        0xc74ac74617eebe66L,0xc3e6e014bca4416cL,0x2e30bc88167c2e86L } },
-    /* 44 << 364 */
-    { { 0x68211ba4969c2c58L,0x7a34733977f218e4L,0x0237eb3696ea1d64L,
-        0xdc97f94b7416f3caL,0x63aa82e476bf9e52L,0x4b88a32d388465baL },
-      { 0x7322d9f44adc7579L,0x70c01c7fb24d28f6L,0xdf7f4213c7517ecaL,
-        0x42c027f0a8db6d56L,0x2708360eb6c2f8baL,0xf20690d1c2dde09eL } },
-    /* 45 << 364 */
-    { { 0xf139c3e3bc6158ceL,0x19207b6a4c86b780L,0x55af3eb977c036b1L,
-        0xd192686abd563ebdL,0x8bd0afb05550266dL,0xaaa7376d83bf81bfL },
-      { 0x26aa74ae4a114541L,0xd92549dfbb6745ecL,0x6ad6a14ec6bbfbd0L,
-        0x63fee75b411771f3L,0x111ae3101938e8b5L,0xce3e5e346c363756L } },
-    /* 46 << 364 */
-    { { 0x2a53c88ae0a45b56L,0x26367466da72228fL,0xdd65516edfdbb135L,
-        0x5fe254e82d7e37bfL,0xc0f5cbe433ef39e3L,0x249b7e3ece85effeL },
-      { 0x85951a5391ffba8aL,0x41117672c8dd5ec6L,0x7a74538d9dbb0761L,
-        0x0b35fba0cfb06ddcL,0x8c36be4d1a0aca2aL,0xbf884a8e45848e1dL } },
-    /* 47 << 364 */
-    { { 0x191eef31788596c8L,0xa7413be65a2d0ef8L,0x30894fcc5c3c09e1L,
-        0x6b0e429b2f72a333L,0xceea52a1e70470e2L,0xfc638b316b682db2L },
-      { 0x31af73cd615f7f21L,0xb31663760094996eL,0x7ec37e33dfff756dL,
-        0x38c50101d9b63a4cL,0xa517c6df192f18e4L,0xd674c53a841fb337L } },
-    /* 48 << 364 */
-    { { 0x4dd3bd842446fc6aL,0x4654b82ef25ab510L,0x1ad46998ba066896L,
-        0xb7c679acad713bbdL,0xef9389aff7ca4fa5L,0x1b864105d68b6a1cL },
-      { 0x3acfff604b6f5ea4L,0x81ef58f7b9e5a475L,0x5e2f6441c66ad734L,
-        0x49f144c42fd3eb16L,0xbd7f22082e4e2117L,0x30865994417911a3L } },
-    /* 49 << 364 */
-    { { 0xc2f25d9e80d2adb5L,0xa0e77dc5242430feL,0x7f30e54b4f504e97L,
-        0xdc114db4680ca2cbL,0xf76fae57adec4d89L,0x06f892eff313535fL },
-      { 0x50af729a9a266407L,0xb0cbc4f0764dffd1L,0x153ff8f8d20c2e19L,
-        0x27fa845a7388d22fL,0x26e08ef5d784e057L,0xccbe49ee53b5dfc0L } },
-    /* 50 << 364 */
-    { { 0x6fa8e5ff3082ceb5L,0x81f4dd02ef4850ccL,0x626b324456483f9aL,
-        0xc0acbd8782e65652L,0xf9bef3117e23f93eL,0xc2474777c2310f6fL },
-      { 0x6b4617704379fd64L,0x2f8fc599f18c3b14L,0x2287f1d0bd076aedL,
-        0x9f8eac0fef366016L,0x517cd2e371fd845dL,0x0fc2f219a30c371dL } },
-    /* 51 << 364 */
-    { { 0xfea0464721c56ce8L,0x4f7b055b6a32a26bL,0xf8c8d93e487ed396L,
-        0xe620b440855f4df9L,0xa3f6f21dea870c14L,0x0518225207dad127L },
-      { 0xbdfb7b12c68ab5f6L,0x5f58bdd7fc68f296L,0x2df9cfc505e4fdc2L,
-        0xed12a102379c282cL,0xd388362654d8de77L,0xaefb0f7fb01065afL } },
-    /* 52 << 364 */
-    { { 0xdc64f8d23d80d738L,0x7ae74ab1d95a1c6dL,0x4dba93a8dd46de0dL,
-        0x271aeb870fddbd1dL,0x1bab6546e9e7ed31L,0xe6445d22efec8f37L },
-      { 0xd927df1797a718a7L,0x738c2450351b1ceaL,0x3809e595d51a7422L,
-        0x4f8d5ea58969456cL,0x74d9168421c9ad95L,0x59a69f8f4f796a11L } },
-    /* 53 << 364 */
-    { { 0x2542fcf1f07717aaL,0x032abb3f405a7717L,0xc757e6e294cade8cL,
-        0xad4776adf2e84dd1L,0xb7e277243d5e397bL,0x173894a605f8921cL },
-      { 0x0e3a78531f6afc3fL,0xf33732b8ad62482fL,0xa6b4e0f03e4cb6e9L,
-        0x51ba565eda02264aL,0xd0afaa4600f3f376L,0xf5506a1e35252e93L } },
-    /* 54 << 364 */
-    { { 0x3574783b5ea1c662L,0x675894e514fadc8dL,0x64dd63935ac6ea7fL,
-        0xa76c00dc77f16c96L,0xf73ef2c62eb9574cL,0xdd39a89a2e408008L },
-      { 0xbef8c8c72bafa10bL,0xa31f030a074733f8L,0x5620dda5445b4b6dL,
-        0x4e08fb0173040ab8L,0x0a279f38598ad48aL,0x03e8b55e2d40d775L } },
-    /* 55 << 364 */
-    { { 0xf49d4d54c20c8610L,0x1b1d70bbc0d62b65L,0x524d3a0c16285ce2L,
-        0x0be553b08a0785b4L,0x9b93e5093c84975aL,0xbeac761160769465L },
-      { 0xffaaffcb3331dd0aL,0xad0f01542d70fcf1L,0x65aaabab66fe24bcL,
-        0x283edb562cab253eL,0x1659deca80383c87L,0x06de45fd83fc6d7cL } },
-    /* 56 << 364 */
-    { { 0x7bcb055d5f76c311L,0xdb2d05878e293aaaL,0xb15036e7207360b4L,
-        0xbc38cc9f163f0ae4L,0x5a942f85a44d0a0eL,0xee8633a23f553a88L },
-      { 0xf66b65c5c9bd4ee7L,0x7a4ca96a80b8ceefL,0x7b71cc55f6f08036L,
-        0xc0408b198c41be7cL,0x885fd72f80860d93L,0x338a567be7f68b7bL } },
-    /* 57 << 364 */
-    { { 0xcba302e939d99b60L,0x2557b3d903b8faa0L,0x2a99cd6e9efc4461L,
-        0x03ce3e08268f14a3L,0x59226a83b1c68a01L,0x81a18c69fe379976L },
-      { 0xfdfc9f148af62557L,0x0cdf327140b2d4ebL,0xf99ff3ded26c6085L,
-        0x2c138ffdf9b0273cL,0x393d6de6888dfbd3L,0x75903c68e5cc102bL } },
-    /* 58 << 364 */
-    { { 0x0c56d477b78a7b91L,0xbedff933c7c3ecf4L,0xe02da64223ead65aL,
-        0xf7e7cc19a8162300L,0x3719fb8f2f3dbd03L,0x4f150cb8cff88c59L },
-      { 0xa564c5eda7fcb233L,0x9b042870b6a41ca7L,0xf253b65ac1615f1aL,
-        0x9ccb49a7b8aaff46L,0x38bbc5f7af0086fdL,0x688f7c2054a6d8a9L } },
-    /* 59 << 364 */
-    { { 0x3702c5e5d22a0892L,0xf17510a28d510809L,0x5c36dc68bfdab4e7L,
-        0xf72c9357623a98e4L,0xc660fc5146624a0cL,0xf0b4983d3e64dd4cL },
-      { 0x5cb98cc9a5ecf45eL,0x79759acdf5082a78L,0xfd0daf366e7321dfL,
-        0xf61c54f7f1ebcacaL,0x782e5e74b8f665c4L,0xb1d54c2145d78c08L } },
-    /* 60 << 364 */
-    { { 0xb64f3b9bef1af123L,0xc86dc5ffe1b75401L,0xc3a76d81d928e989L,
-        0x075005abff8ca002L,0xca6226325c3cd8b1L,0x017a97b2bd8f772aL },
-      { 0x187eb635039c4757L,0x9eb7a9d1e905c6e5L,0xdacb98bfbc251cceL,
-        0xe357c60e8704c639L,0x50563b8558fd987aL,0xb2f89c864cea5d4bL } },
-    /* 61 << 364 */
-    { { 0x3d13c0bfd32233faL,0x997c424145aceb7cL,0x77ff5a75ed2e9df0L,
-        0xc4279aa23c91d085L,0x5a11a276ca0392c7L,0x928e06032daae653L },
-      { 0x21fe225fc4046f85L,0x591fa82f512dbfb4L,0xb5b01a3f51aa53feL,
-        0x900012ef7133befbL,0x24609da17130c15dL,0x3c4a09b33d2549faL } },
-    /* 62 << 364 */
-    { { 0xcdd3073d3ceabe32L,0x56e155bc5a848977L,0x07f4c7c6da48eef6L,
-        0x00a2f9f79e021b38L,0xeb683e17ffc4bd6bL,0xa7d6b87592b7e240L },
-      { 0x651d21de7e48836eL,0xf9c9ede775de3c75L,0x72cea748d90f2634L,
-        0x29d8022283fc524aL,0x1e412b510dd044faL,0x1b9b332a76a04fdfL } },
-    /* 63 << 364 */
-    { { 0x4dc8421f06f49d8cL,0x6a3fd9a83f979e4cL,0x50b0e3760b51bd69L,
-        0xec22f486a592313eL,0x5e4663ff8e8904d4L,0xde7b9e23f3362548L },
-      { 0xa1ad270d1ab757abL,0xb91fd935a3089f6aL,0x1d6b1524a635f996L,
-        0x8673f8e29c718c6dL,0x0e04360725932b9fL,0xb5d0447222ac239fL } },
-    /* 64 << 364 */
-    { { 0xdf0ae8df941948e3L,0x123fee901d010bcdL,0xde3717ca1dd28691L,
-        0x0c1db879709b678eL,0x0288959a400acdc6L,0x66c691815ca2d03aL },
-      { 0xe52534b3dbbb75deL,0xe914938c3de927cfL,0x1a9a34f873eece30L,
-        0x0fb0c7bd642a6799L,0x375cc0cfeaa7e8a8L,0x75fb9eb5d00ec238L } },
-    /* 0 << 371 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 371 */
-    { { 0x9ca8cc9db72958ebL,0x3c8cd0db1014f562L,0x72115d53059b2bbaL,
-        0x8fe7ac30730e5dc3L,0x4e67ef69841d8998L,0xfb6439ffc8ed37a5L },
-      { 0x48164b3e26df84c4L,0x37d492ad365bc99eL,0xb7fd4643beed38ceL,
-        0x993cfa9fa3e30b3dL,0xdcc5e7af01ddd484L,0x5edf3ac06840175dL } },
-    /* 2 << 371 */
-    { { 0x79768e9f51d33c11L,0xeec34505a4b24889L,0xc194821bbe0c67d7L,
-        0x537a6a4a6909fdfcL,0xae6d705195ccdda7L,0xed4b722292b3926cL },
-      { 0x2c5dd6af6b24a3d4L,0x9282ec39e4386095L,0xdd3c7388397a3bd3L,
-        0x9d176c6a8baf59c2L,0xd5c6219e380ec958L,0x194fc11654e8e315L } },
-    /* 3 << 371 */
-    { { 0x0b7576f901ec1432L,0x84b30eecabc5f603L,0xdaaf7ba9f4a84b7aL,
-        0x9e3a5daa3bb37a99L,0x56bd964880378cffL,0x2fdeeeb78e6ed856L },
-      { 0x079014a73c81ac34L,0xf8de4004b4211c27L,0x0cee3df97fe4391eL,
-        0x441aa7fb2fd2fc38L,0xeba7be864d1b575aL,0xca2fb5b7231c2d01L } },
-    /* 4 << 371 */
-    { { 0x0683349e463a8251L,0x97dc4f475103e72cL,0x47c7181050663b9eL,
-        0xf327d1499733dac6L,0x03f55e4a292137c5L,0xccc6232ada59e1c7L },
-      { 0xbaa8b4ddadc59cb8L,0x45370d35fe7486e4L,0x99a88c1db0322df9L,
-        0x394440a7fd69954fL,0x9060473da5a29889L,0xc8ca43e32f04864aL } },
-    /* 5 << 371 */
-    { { 0xd5c7241add8b9644L,0x45a5f2d1993116d2L,0xbacacd4a823048dfL,
-        0xa278fa042568547aL,0x3a4f2482bff72820L,0x1305d1a713e4314aL },
-      { 0x9d84c33334ba28e3L,0x9995b5bb6a32fb41L,0xb0f75f3c520946d8L,
-        0xd7c4b8b7de98aa63L,0xee5efcf3ba856b6bL,0x36af33683324ed66L } },
-    /* 6 << 371 */
-    { { 0x90762c1f5827fe2cL,0x20160f7aeaffda88L,0x7420849f5c47c645L,
-        0xb08231956d72e748L,0xaeac683b8ee11773L,0x8c2a0a79fb5c550eL },
-      { 0x6d986d696c07cc1eL,0x57269140ba8398b9L,0xd13e136fd94d5223L,
-        0x1aa75419ed5b01c6L,0x7c2014b1408fcdccL,0x0680a985cffde5eeL } },
-    /* 7 << 371 */
-    { { 0x92fc9a3342c5a7eeL,0x8768614af9f0ed71L,0x1ea5f7ed87ebfb66L,
-        0x296852ded361069cL,0x1cec6f1a0192498eL,0xbfd4858fa9cca3aaL },
-      { 0xfba98c242ef240e8L,0xc8b500e4ab635d9fL,0x9f49c572913a3eddL,
-        0xe6181f93d42b2d4dL,0xf96b5db26aa77fa3L,0xdfb2241fe43558d8L } },
-    /* 8 << 371 */
-    { { 0xc7d0abb2edee15a5L,0x72dc0105228cc4a1L,0xeb67defca80767deL,
-        0x6fa174d871820908L,0x3215df485674d19aL,0xf944531a960a081aL },
-      { 0x93ed7180ef2cce62L,0xb318edbfc8bcfc0dL,0x0909d56efe787e58L,
-        0x5ae74fc98fe8b96fL,0x8fc342c435ab6811L,0x6fc6cc5c0b991e0cL } },
-    /* 9 << 371 */
-    { { 0xa8eaba6e291f689dL,0xfbfa9a2cdea0cba9L,0x5b1b4a21727bfa11L,
-        0x3b69505fac59c8c4L,0xb06290c89368ddb2L,0x4181abc294bcc14aL },
-      { 0xa19f65813e29d997L,0xab1ae8408864aac2L,0xb04a24300fcc9ae8L,
-        0x3ca2428e1059e4dbL,0xe288731117e1e01dL,0x1f5d4164be56238fL } },
-    /* 10 << 371 */
-    { { 0xc600dd57354416d9L,0x6f5840991f829d6bL,0x2d7b0a27de43c1d6L,
-        0x21bf3a9e616bdb16L,0x33ce767c96297953L,0x99bf97b69e4398b2L },
-      { 0x4069cced8d441287L,0x52e0edd6bf01017dL,0x9981bf89c5394236L,
-        0x07d9c079acb24e38L,0xd2e5e904a2da4735L,0x4c3c12162f1b6cd9L } },
-    /* 11 << 371 */
-    { { 0x1f28bd0de6f1c85cL,0x4a49d0864e6f3db6L,0xc9a8e70c4ef7d981L,
-        0xde8abcf2682bc68eL,0xd0ef89a4a66cbee3L,0xfa03108432df7f0fL },
-      { 0xe361e0f803594856L,0x1f423bafc985c77fL,0x50397b67010ee4acL,
-        0x502f4a20c0a48e96L,0x260bed875435539eL,0xdae03cefa0391250L } },
-    /* 12 << 371 */
-    { { 0xfeecc6e83be5ba68L,0x3293dbda40445158L,0x48454e20e81879caL,
-        0xd0ea9cb89c4a2712L,0xba8b6f33540749c3L,0x95e6d6e3e971df93L },
-      { 0x4c2a1b13478a2eb5L,0x8b5f9af330b92170L,0xe6c60b5343573986L,
-        0xb9f56a6a57040c00L,0x6de6489f6291a7b4L,0xa9a7784653bc3246L } },
-    /* 13 << 371 */
-    { { 0x0dd4172f9025411fL,0x978e952ac6129de8L,0x9afa974bc7ab7609L,
-        0x7bd29a644e42f223L,0xc0232f5f3deb639bL,0xacce69d05f39a264L },
-      { 0xdaee07cb3070b24cL,0xe3adc8556b532246L,0xae5935ce1e6ee4f6L,
-        0xba9c4329ea018a45L,0xa1a4002e6b97ee9dL,0x98390aab8a9460cbL } },
-    /* 14 << 371 */
-    { { 0x828a9dbe67154a02L,0x57a3af981866aadfL,0x1558428089faa581L,
-        0x2da092202dba2a1dL,0xa225f631df197ae6L,0x0abff5cf8f4ebabbL },
-      { 0xbbadc9b3b98e5e4eL,0x7c7cc36e4509f98fL,0x072a6cc2759413f6L,
-        0x7b39ea4121dd1222L,0xd6baf9e196ac2c73L,0xee38818c75d46296L } },
-    /* 15 << 371 */
-    { { 0x19befeacfa37c53fL,0x32c29b361f95c29aL,0x1d282db40d5aeafdL,
-        0x8812b6c8f102a97eL,0x1cd4a23c8402f481L,0xbfdf7b6b8eddec81L },
-      { 0xc8039ae0616b2654L,0xdc6f38acabd23a57L,0x2431c763f147dd44L,
-        0x7c45ed50d795bc37L,0xdbc30ab9842022aeL,0x568f7d4ba1f05a43L } },
-    /* 16 << 371 */
-    { { 0x55671129542f4e90L,0x43bedccf0623d4cdL,0x7e21207ce99ca16bL,
-        0x785fa1057c7a26b9L,0x33c28658c2c3ab00L,0xcce42a48d79cd59fL },
-      { 0x9a674db4b8c3bc75L,0xea701d156904e3feL,0x990e722166bf2c6cL,
-        0xba29affabd4c3791L,0xd98510cf20696ee1L,0x722ed471f93d26a5L } },
-    /* 17 << 371 */
-    { { 0x74e6c2624ba40f04L,0xf7ad1f159a63b3c2L,0xa89e8490ef75d482L,
-        0xaf8e79b83bb5f5c4L,0xb094f8660c624d8aL,0xb571ce6613c69a60L },
-      { 0xcbf9722d53787457L,0x97e24cf5c15d097fL,0xdba98bede99e034bL,
-        0x8b6c171a57773590L,0x5d2b441cfe822efbL,0xb8c6dc57fc74ef1aL } },
-    /* 18 << 371 */
-    { { 0x37c70bdf7db1c03fL,0xd9368612964632abL,0xcf6368d742530338L,
-        0xe56beecbb1d9522eL,0xb1caaf16bb6fba3aL,0xb7bd485ac8384d26L },
-      { 0x4ba13818528d4372L,0x95c469bab9c5e8f6L,0x4e5cef0c4a370695L,
-        0xb87c97ca663f9b07L,0xa9e1b388e5f3b79aL,0xc0416bb84c845a1bL } },
-    /* 19 << 371 */
-    { { 0x4483db00e4634d8dL,0x4d8d623d0a268bd8L,0x296f179c64e6d10aL,
-        0x048f3a1cb6c7ff95L,0x60f8ad62c60c76d1L,0xa0a497610d028845L },
-      { 0x10128387aea1b714L,0x81e5c75ca18bd98cL,0xac30d7361dac4200L,
-        0xb83c1c12821380f1L,0xc8ca7c6afaaeb726L,0x13fb870dfead4cfbL } },
-    /* 20 << 371 */
-    { { 0x3921332a6b393648L,0x49ec6df649584f38L,0xa0fc013dce243a6cL,
-        0xde5b16b5f8da8a00L,0xabcd0c0471ab1c9aL,0xff6594bc78b83305L },
-      { 0x3546004b76c1900bL,0x87428fa236fb3186L,0xd2e464ce59cdeb49L,
-        0x1260bd28faf6ec08L,0x1ada2f08d0c9d098L,0xe0b66299dea06396L } },
-    /* 21 << 371 */
-    { { 0x603d58167c1212e8L,0x95bb823fa4590144L,0xf239058a4bc3ba48L,
-        0x21f2aa610db724b3L,0x29c706e8cd6792a2L,0xb143a84a634f01e6L },
-      { 0x68f37382626ee80eL,0x56daa0e51fcd8c4aL,0xe01b52b39e5299a5L,
-        0x2224513c3accdac7L,0xbb21c7d74acd435fL,0x039bc010bbcb948aL } },
-    /* 22 << 371 */
-    { { 0x5006c3a00848d6b7L,0x726b8648b28285aeL,0x7162e3c0277c5a87L,
-        0x567f7ab02019c20aL,0x490c858fa551d5efL,0x0029a108d134a2bbL },
-      { 0xa9e19284ef0aca3cL,0xbc399dc16e414f83L,0x5bdf85f86efa5a8eL,
-        0x5291e1a674fe7c5fL,0x249ddf2acd7091dfL,0x71d4cb4c2e29fcf6L } },
-    /* 23 << 371 */
-    { { 0xc374acf4c1ded13cL,0x300d96132b69132cL,0x909ce34b055622d2L,
-        0x26f033f6bad97809L,0x30987ebed1f7a220L,0x23147226db775b8cL },
-      { 0x8d45c2c28d05ecfdL,0xeee0c679f0c1b419L,0x9f7df70d8c380da2L,
-        0x4d49f3d130212a25L,0xa9602e8c64491ff3L,0x5ab91d223a254c49L } },
-    /* 24 << 371 */
-    { { 0xedd3291c9dac47a9L,0x02d64634fb5d396dL,0x2ce21bf163264c51L,
-        0x0fdcc68e092c4724L,0x653acb286e3e4c2fL,0x2f9c77f12f1fa1edL },
-      { 0xd91d4c3aa58afea2L,0x5a91b2ba7b0d8092L,0xd47e0f61f10a15fdL,
-        0x01652d86f9c86edeL,0x1cc1b668d6006daeL,0x2763e36d24af68beL } },
-    /* 25 << 371 */
-    { { 0xaa5f387c2314a1adL,0xb8c00105e2647c74L,0x1f950dd8d6719178L,
-        0xb7dae31de79881efL,0xf2d49aa2e45a615eL,0xb22dc098f17352afL },
-      { 0xa4c438728ac23ba4L,0xedd6e4092c55e588L,0x1956b199022f5632L,
-        0x18adcaa58c11bc50L,0xa0c11f6458b1cbf5L,0xd1204377f961ce1fL } },
-    /* 26 << 371 */
-    { { 0x35a2685bbb77f5dcL,0x1b5b79bbc08efa67L,0x4ebec6e6ea5f411eL,
-        0x1800a21988c57793L,0x8d7397f2cbb13c96L,0xbc13ac35dc0327f4L },
-      { 0x53ac05a6fd94b150L,0xd898fa600423e787L,0x802aad2c2a66b97fL,
-        0xb604ac0692c62b03L,0x9f395d3a45911e7dL,0x5d38164128ae56b6L } },
-    /* 27 << 371 */
-    { { 0xa7d5a3afa5fb0decL,0x0d11c0cd5b27e02dL,0x8d854b53366c6cc9L,
-        0x87ef4c140ad9a5f5L,0xaf7c2e6b0c5f8acfL,0x81fc22b69f010f1aL },
-      { 0xe49e0c7e4e25ddb3L,0xd30bc860ef233d23L,0x0b63afb89fa41205L,
-        0xd14b326c702fea93L,0x10ab93662c2a5fc8L,0xab35bab356cfff28L } },
-    /* 28 << 371 */
-    { { 0xdf0f79524130138bL,0x117e4628934c58afL,0x227be6867b6a4087L,
-        0xe73fb2f3b8d298a3L,0xe32e89fda9bacb9dL,0xdd3be6130e9ea7e3L },
-      { 0xd3d655ead4da2d1eL,0x153cce647833bb3dL,0x4a32a9f0b36da20cL,
-        0x025768e5a69c4b27L,0xb0b5da379cf1fcecL,0xd0ecaba23aa3b99eL } },
-    /* 29 << 371 */
-    { { 0x9ab6dae0aaf6b398L,0x2d50f46b4f8e270cL,0x46c1e676fd7b7005L,
-        0x4b8b203e32cf8be9L,0x0253ec899451bca9L,0xc3a7eab7f512b7a5L },
-      { 0xf3bed3fdc5bd61a6L,0x5c0eb52f0a37ef8aL,0xb61aee11140894dfL,
-        0x690607f9bec928f6L,0xba2b1db65148b45cL,0xbd309bf56619b652L } },
-    /* 30 << 371 */
-    { { 0x79d624c7a7b92932L,0xcd086bd7cc75e7a8L,0x3cddc1bbb48eab26L,
-        0x10282df1f6791cfdL,0xffedb4fb1048f114L,0x937ed0e7c092d899L },
-      { 0x045e4f60b84b6d20L,0xdd67bd36877ed915L,0x9bf8fede97617aa9L,
-        0xa7ff9b0789cb8e1aL,0xc49e310e74f4e7d6L,0x12dde0fb3f62eafeL } },
-    /* 31 << 371 */
-    { { 0xe2e3dc4d50ba6e73L,0x31c19ebce6114f87L,0x8df0ffb01ffa99b5L,
-        0x305142f1bfcf7fbdL,0x39931954ab88b782L,0x1952bbab43de3650L },
-      { 0xb32ed678aa09e528L,0xa5150011acee68ffL,0x0307716a97b98b23L,
-        0xb60c3edd4fc8d2b7L,0x91c81725b2b2f887L,0xf1dfc70ab9fb0288L } },
-    /* 32 << 371 */
-    { { 0xe7cf5bacbc579793L,0x11db7ddfd73f881cL,0x9c1a531d04fa8473L,
-        0x399e84845780efdaL,0x6e9c12be4f62cb5aL,0xf21bdc4994a5df3bL },
-      { 0x3c15fe1211da2a4fL,0xdea123bb23e631d1L,0x3ef76da4be294c90L,
-        0x5cf21d5aa99b8398L,0x50679cf8751b9f6aL,0x4b3f3b9c54d0b7bfL } },
-    /* 33 << 371 */
-    { { 0x442dc0fd27174604L,0x5aa056efebc95895L,0xbb8cf9b54c96a2dfL,
-        0xf43342d440f8618bL,0x58b0d00a8f89a8bcL,0x74d32dbc81f69f20L },
-      { 0x5caf0910ab22a49eL,0xa0e9a677ff372f3cL,0xec90b5aef5c05066L,
-        0xe2d98821b663f0e1L,0x388804bf50c7abc2L,0x2fbab16e97ba64d3L } },
-    /* 34 << 371 */
-    { { 0x09138c6071ed8d4eL,0x994d0fa991ef82b1L,0xe6089dbb931f3193L,
-        0xb3b229d0aac23611L,0x52cf03fdacb8affeL,0xf64f9872bd99d6e2L },
-      { 0x52ebb8b40186279dL,0x36a2349fb09efd7aL,0xa85b5d802225772aL,
-        0xd2dc3c1547522562L,0x659297a666471319L,0x65913b608c8e7b68L } },
-    /* 35 << 371 */
-    { { 0xd54591f9a713f82eL,0x0ecfcffc6fae64b7L,0x7df9d7ea7287e218L,
-        0x8b260162abe71460L,0xf75097efb12d48beL,0x82d5902482581904L },
-      { 0xc5c0b5dc400d4288L,0xf6493c78190f768cL,0x1844b5f895bc9fccL,
-        0x24afb04ba615bff9L,0x6c9638ee8bf51197L,0x38bce012b9ab9fcaL } },
-    /* 36 << 371 */
-    { { 0x087a2790494efdc0L,0x0b5f23c9e1645cb8L,0xa6e1d1e8193a99baL,
-        0x0d324e67c0e0c026L,0xa86d993820d608b5L,0x48ddfbfd8d6944dfL },
-      { 0x6aa07f90d371864eL,0x5cf727eef2060df5L,0x7694e02c9a7cf2d0L,
-        0xe091982f6260f63cL,0xd2d481a72cae5da6L,0x045e3685ebcb4172L } },
-    /* 37 << 371 */
-    { { 0x1765632323c82633L,0x5de90578d590cdd3L,0x5cc5e7b9525caf0aL,
-        0xdd9be80dd53e825aL,0x9ed28b29949073f3L,0xd15024156a6ce0bcL },
-      { 0xbc34beeabf355f49L,0x73724878d2b210ccL,0xe47b7af911e8122dL,
-        0x381a4cccdf53a9eaL,0xaa22c9b229e8a466L,0x7a05e2081a4fa093L } },
-    /* 38 << 371 */
-    { { 0x3dfb53521830d848L,0xea183d5cd2820590L,0xc83a65bcabbeb376L,
-        0x5d9ca4d189bb9ac9L,0xb32217be137c900aL,0xcc40daebb0827afdL },
-      { 0xc76130060c58b0afL,0x39f4ed8adf32389dL,0x04a586e2bc1fe9f6L,
-        0xcf018c2abb50450eL,0x5072b8f016d55d0dL,0xc3c72e90d59e1dbdL } },
-    /* 39 << 371 */
-    { { 0xb3291b4e50b4e9f4L,0x79a2e8121b7b9e08L,0x81855db1ddd5f0adL,
-        0x91fa12fc884392e5L,0x6373de02291c5694L,0x15c77432a7171428L },
-      { 0x6016a06c1132df9eL,0xa4286939a0c21c8fL,0x70c5ebe26dca3f37L,
-        0xc5278c510f115497L,0x8f5b07a35ce1953cL,0x4d75c1dc41f6ac0dL } },
-    /* 40 << 371 */
-    { { 0xfeac8e8ac24002e7L,0xa43892076643fa6aL,0x06e7ed63daa68b52L,
-        0x8580bbd5d8c7b952L,0xb17ce22410c8fe9dL,0x40266bd379b88ceaL },
-      { 0x32afc840dd63ffa5L,0xb4a3eb27a2280b83L,0x90528bf685897e28L,
-        0xe4612391d231f941L,0xa7b3a2ccacb5c909L,0x2606844e5558d57aL } },
-    /* 41 << 371 */
-    { { 0x49ad52380519dd66L,0xe1b0b03b3c1470f4L,0x15e42792cd3a4852L,
-        0x91c954b7388ba040L,0xe9fd8c7f857711f1L,0x8552d3d44b63a36dL },
-      { 0xbf867fde230ffab0L,0x362a32a0793f885dL,0x687802cba11e0225L,
-        0xd95b073b308c1972L,0x13b104aa6b3e5120L,0x60bef12333673f57L } },
-    /* 42 << 371 */
-    { { 0x4c4cc5561c8a5d9fL,0x5c6e1fd52b8a42c9L,0x73fd66c44ccfa024L,
-        0x73c777563c50d038L,0x26964a68a5076758L,0xb14cdbfa7484d080L },
-      { 0x24c499cf3f4b92ccL,0x40c8c0d84682daa1L,0xaa156edf785561beL,
-        0x36718fb6de75af0aL,0x4d391cee03f5b180L,0xcf28d08a3100efc8L } },
-    /* 43 << 371 */
-    { { 0xbf1fc9fdd113a97bL,0x19cee87f5ff5ff3cL,0xfc140acf8f8213a3L,
-        0xe70d50d546127d5cL,0x78cd24032faa7ac9L,0x409675f1c1808096L },
-      { 0xaa7b6cd91765da93L,0xc0755b924f508d86L,0x09b8fb7640169a6eL,
-        0x9ca977e52e7da664L,0xee1aab6c9a9616daL,0x54d740391ca0f4fdL } },
-    /* 44 << 371 */
-    { { 0xfe011830c37c7fc5L,0x0b2b965b2ee958c7L,0x99fd253588a43cf6L,
-        0x6a73d62dbf8dc33aL,0xd53c0241a99247deL,0xb8186dccb4127f94L },
-      { 0x86c4c274964cc3d3L,0x2f3f2742cbfa9429L,0x5b4bd23c5391abd3L,
-        0x030b211bc5838fe2L,0xd2263dc4ae2e36fbL,0x45583a3ca0bf7280L } },
-    /* 45 << 371 */
-    { { 0x9ce7f43f1ed3f49aL,0xd8094c4afcdce20cL,0xd8b423d12b37b162L,
-        0x332ce47c53d90a7dL,0xc686fc0c94a38ff2L,0xb44938d6c33d842eL },
-      { 0x5ed14772cd9b0002L,0xffa5d063e800c655L,0x4511ec79ffcb6120L,
-        0xb8c9de3f9da8e70dL,0x4d0759ca952b0ef7L,0x685f7005dfd88f4cL } },
-    /* 46 << 371 */
-    { { 0xcbdb755f1dbdc85dL,0x63d0d7047961be6aL,0xf65af35d8220a1b3L,
-        0x8dcea7df77db51b3L,0x8cb2c5d14bfe8fbeL,0x740579bdee2f03e0L },
-      { 0xa7eeea4ed3f0181fL,0xedbdfaa3c12ef399L,0xee3cc40f1c332118L,
-        0xdae0995e731ef93fL,0x05165c6c0f24d954L,0xcbcc014219fca63aL } },
-    /* 47 << 371 */
-    { { 0xff24bcd842c7c110L,0xa5ddfffc56dc10c6L,0xb9937fcdaa1a09c5L,
-        0x8e18ed5b852dd22fL,0xf24e43c7826fb5a7L,0x13989a43415c2c63L },
-      { 0x71ad7c21d36ffe0bL,0x68b77701129df418L,0x1c5324cd9a8d424aL,
-        0x2e2a2b1ba9bf46abL,0x7d0c04d19cd0ea12L,0x8b4186bf2f9869e8L } },
-    /* 48 << 371 */
-    { { 0x6c8d97e075a46271L,0x0fa0c4cd9dbed39fL,0xfb6da5e2de74ac6cL,
-        0x041ce886c17c1ec5L,0xb42941a8d7419105L,0x79768eee002fdfd5L },
-      { 0x64849afd88c8111fL,0xf425fe14814192d6L,0xe916e8640448fd7eL,
-        0x31e224ad72ed351fL,0x73e6e6ac7c0183c1L,0x375657c621bf7cebL } },
-    /* 49 << 371 */
-    { { 0x093d8039114fd7b9L,0xb6bed3eb45c5e1c7L,0xb73ab7fe50fdbf14L,
-        0x68d95e57af0cd23dL,0x5c260eacc7b750fbL,0x79bb142bb5358c26L },
-      { 0x5aa9845158ace251L,0x04b2388637dbfef5L,0x1051172dc0532263L,
-        0x686ee9e6294890d9L,0x092617b3bffd1609L,0xb4a50e50ea3836a4L } },
-    /* 50 << 371 */
-    { { 0x8bdb3886cdf950abL,0xe2bdc8d3d595dbd5L,0xd28211254ecc49f1L,
-        0x946566081d3c2f24L,0x8124ad390c87df6dL,0x6020c322d16272baL },
-      { 0x2150f7e694af134bL,0x38512401a1a14e33L,0x39a54386b1ff7304L,
-        0xfaf1ffea078d8f0fL,0x7739ea99dea995bfL,0x3252e815c020816eL } },
-    /* 51 << 371 */
-    { { 0x1609832322f1bd8dL,0x6b02533cd4df163fL,0x25108619a8296363L,
-        0x373bf9988f8c755cL,0xebfbc5b23b32542dL,0x7ada597688b9d360L },
-      { 0x3914406ebd605f01L,0xe245ba48cb3a40b2L,0x11a1dc4ed3171f32L,
-        0x4a10d5d26ffb5915L,0x9326b23e997460b6L,0x53ddfee92aa0c77cL } },
-    /* 52 << 371 */
-    { { 0x44f51dd51104ed7fL,0xfca4773e270f6135L,0xe36c8b266bc757f4L,
-        0x2cf0515d6941c7a0L,0xdeab655d5fb16e2aL,0x75c28116cff7be07L },
-      { 0xb24ca428abbbca02L,0x6aaeca9b1e7f8116L,0x4252f4c3510f0c81L,
-        0x01462d856f3ff7fcL,0x4df702879d1c25e3L,0xddd47a1dbebd1559L } },
-    /* 53 << 371 */
-    { { 0xdffaef2c6f2e2611L,0xc2c2e6a41f29efa2L,0xa29bc3b75ebb40c9L,
-        0x8473594bac31a2c4L,0x100d7d6a8604447aL,0x80318670794bbab9L },
-      { 0x78979f72054dfc75L,0x94b4c17e55232511L,0xac44836b78b883c3L,
-        0xc1f7e98168422328L,0x34fcdee68266747cL,0x18533b3f0475c011L } },
-    /* 54 << 371 */
-    { { 0xede6728e3bab17f0L,0xfcd9c96879b94302L,0x6410ae37544a677bL,
-        0xeacbf6de1dcd0fdeL,0xdae70841e2f3ac0fL,0xeea2a9b6e41ba13bL },
-      { 0x1b06aeae9349cdf0L,0x28571e3d33c0ea87L,0xceaf9dd46043e874L,
-        0x32cbcc69fa6fea15L,0x7db75664e135aa11L,0x588d4458f816929aL } },
-    /* 55 << 371 */
-    { { 0xf70797d02b014160L,0x1ddf312d8d7c3263L,0x3bdd58f3c78beacbL,
-        0x8bccd90101c71f77L,0x3c637f58166c1486L,0xb62c0aa45fd1a307L },
-      { 0xa68db7b05f2544d4L,0xb9727946f860585aL,0x91565060a068412eL,
-        0x1283d6d1ab536c42L,0x86c2a11c79caa387L,0x2687309b62bd7797L } },
-    /* 56 << 371 */
-    { { 0x525cd8849b711a38L,0xd413d82b8c95bf61L,0x19ecc14a36b82970L,
-        0x65190ee6e3416342L,0xde9834c93066fcf7L,0x3b87b15e8302cd85L },
-      { 0xec6f67a785268eb2L,0x5ab08b5af95aef07L,0xb5257f70adda86a5L,
-        0x53e95ec4b934400aL,0x9611a632c33b870bL,0xd27929522723a3d5L } },
-    /* 57 << 371 */
-    { { 0xcd203b542c95b469L,0x89b140e768713ca6L,0x451646a165701050L,
-        0xb97a582575e54715L,0x070fabaa93bb6a91L,0xe517e07a196421b3L },
-      { 0xc8d741235f46e495L,0x920ee94fdf60eb8dL,0x885b86dd19564c3eL,
-        0x6c9e973231670005L,0xb52eed1fe4893763L,0xa8f9fbd759157417L } },
-    /* 58 << 371 */
-    { { 0x0c41f2eb56517cafL,0x47778a92798cf8b0L,0x4232ab390dc60cecL,
-        0x5de0b7e39e3eb6f1L,0xa2569d8571562511L,0x37b3c62a1ce1cec9L },
-      { 0x312caccd8b3391aeL,0x6b22c9447dcbe533L,0xc890d22f4fefd4edL,
-        0xd1504f7df007a64eL,0x117e4e595845d5bcL,0x999386c7723584e1L } },
-    /* 59 << 371 */
-    { { 0x02c396533bdadbd5L,0xc07325fda1fe704aL,0xf78d7e23350aa0c4L,
-        0x9f09cf22ce50784cL,0xcdea9a6a1a6e8abcL,0x245fba06ee5a5e06L },
-      { 0xf1fd3b9b4a3d0d7cL,0x24c65a131a4952c4L,0x40ea3ef37236b6f4L,
-        0x60aa573d8f7addcfL,0xdd5ec47b0305577dL,0xd92dc5035deacea5L } },
-    /* 60 << 371 */
-    { { 0xc666f8f3fac2de80L,0xabb2b8aba8fa36a6L,0x1bd0ec8f12202b09L,
-        0x88b184be6d17a3c5L,0x00d501fc670a77c1L,0xe1f94f1db3de1c7eL },
-      { 0x953179cd2d6de8caL,0xa8873a5bb9263791L,0xd76433098d7ac5d1L,
-        0x3d751cab4d2f8224L,0x7417b8262e5458eaL,0xf4eb3c669e454a8cL } },
-    /* 61 << 371 */
-    { { 0x65b0d7e9ae3284a2L,0x3d4770bb1e3cbb18L,0x217a0cdb808ea164L,
-        0x9ed6d0f689810270L,0x62d9cc95f14139e1L,0x4d39eeef6a2c82a0L },
-      { 0xecf319f40dcf14afL,0x62c95df6ab0fd145L,0xfe85014d22db0105L,
-        0xc37756e6a652168cL,0x6ba9f6b370a67e9dL,0xe453fd0af18d8058L } },
-    /* 62 << 371 */
-    { { 0x265798acfe3bf4f8L,0xc1603abdc1183f63L,0x14e3952f1063e086L,
-        0xdcb106d2910f0a78L,0x27c2aee2f454f625L,0xf16d83e60f463fe9L },
-      { 0xaa5547207f5ae172L,0x42ea8fea9a2133eaL,0x9f3b33f6e9253e7eL,
-        0x6224ef75d67af0afL,0x06f0ddfbb92d6cc9L,0x12e66e32656e9e9aL } },
-    /* 63 << 371 */
-    { { 0x1a93be3424ace7f0L,0xb993bcb9a56be2eaL,0x3b054afac33608d7L,
-        0x36e782c3aea3d7e9L,0x54f1dda950e9b3adL,0x04dd021f55f51bb4L },
-      { 0x9c76f7c0347bb352L,0x3d9a04ee2f1dc5fbL,0xea5e582ae80e06f0L,
-        0xe523aab927e1e818L,0xe2f1960252d4904cL,0x1bfa8b03adecc51fL } },
-    /* 64 << 371 */
-    { { 0xc84f917203bdf6d6L,0xcfc4718769f60e03L,0xcdc4753ba05068eaL,
-        0xa177ad14077777efL,0x0b7f54eb7e4cf44aL,0x4ee443f91860144eL },
-      { 0x1279ed4d42bb6a93L,0x511137d7436c1b54L,0xebc958fab8cdb6ceL,
-        0xbc4f93f4a0c7614aL,0xc5bd6cde7b2c6d8eL,0xecff7dd78d65f38aL } },
-    /* 0 << 378 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 378 */
-    { { 0xffec6674f65de0f5L,0x4043079cd23ad193L,0x31811365ee61bc95L,
-        0x358bbd6e8948b6e2L,0x1cd9c342e31644beL,0xbab3aa8c60a8a7a7L },
-      { 0xe065519fa375beb6L,0xf7d0b0414439990cL,0x8957c03b8517ae8aL,
-        0xc96a040173750d6eL,0x4eb2e364b2aee6d7L,0x813054feed099114L } },
-    /* 2 << 378 */
-    { { 0xbb39a17a7c34f095L,0x7be330a822fbbe61L,0x6be6abe3b91f1482L,
-        0xf972804fbd39a2bcL,0x06737e54f91d813eL,0xbd6066681a87cd4aL },
-      { 0xbf88b2e5f538d56eL,0xb8206a8134afd68fL,0x7a93aedfa58af042L,
-        0x8853cdf6ac0511b0L,0x9d7f416d067e2c19L,0x5d0bc923f9671d8aL } },
-    /* 3 << 378 */
-    { { 0xf3b6fd79dd3532a7L,0xf60262b5dbbb9e4cL,0xbf75bb57da4d6ac4L,
-        0xf016adf1c094b38cL,0x9114cdd012def474L,0xdc74d638c785f143L },
-      { 0xdea060d6a8d90bbbL,0x1f141878cbcd0d4cL,0x552685b79ddee1f5L,
-        0x381dfc0c636ea6b6L,0x8c601615cb08f34fL,0x5b843830271041eeL } },
-    /* 4 << 378 */
-    { { 0x2e7d0a16204be028L,0x4f1d082ed0e41851L,0x15f1ddc63eb317f9L,
-        0xf02750715adf71d7L,0x2ce33c2eee858bc3L,0xa24c76d1da73b71aL },
-      { 0x9ef6a70a6c70c483L,0xefcf170505cf9612L,0x9f5bf5a67502de64L,
-        0xd11122a1a4701973L,0x82cfaac2a2ea7b24L,0x6cad67cc0a4582e1L } },
-    /* 5 << 378 */
-    { { 0x139d9fef6bfc08e4L,0x4399615939ffcb3bL,0xaa299008a84ace07L,
-        0xfce43e873cbb2b3fL,0x07b3e8b9191a320eL,0x3ec851d706c4d485L },
-      { 0x03d8a672a4bb8477L,0xb6a5dcb213c31d5cL,0x58b79d01c439ab23L,
-        0xdd6f8b5134f66137L,0xccb178a0b29be48cL,0x4c71b7aa4df8a1b2L } },
-    /* 6 << 378 */
-    { { 0x92bf8c4508359896L,0x77253434ae2c30f2L,0xf05086ec827e6cf8L,
-        0x46d4729f1771c5d3L,0x92587306f37f0bedL,0xb82c99d2e7c30180L },
-      { 0xee0141dcb1684841L,0x7fa984be994ddaf5L,0x5c583347165c238cL,
-        0x1a1ad3eea5d78204L,0xcfed795f2736bce6L,0xa7a413318961204eL } },
-    /* 7 << 378 */
-    { { 0x87451ca71400851dL,0x3aace28e3573ecf6L,0x3a5902cee85717c5L,
-        0xe4b51dd0c9f57944L,0x33cf684789a9d8aeL,0x2f6fb08031e6e769L },
-      { 0x4bf3da323b78dad1L,0x2d73fef4e7809638L,0x84d76151965109abL,
-        0xa2c932c9a2098f46L,0xb8c457c3bc17d1fcL,0x5ef2562d0c8012a4L } },
-    /* 8 << 378 */
-    { { 0x96a1e74f51e4de5eL,0x72913696e37f5006L,0x12449c4fbe35109cL,
-        0x1fad8b304521d7e6L,0xc85eb23d57d00293L,0x4ebd334b35f68229L },
-      { 0x7c5b86682df5acf1L,0xc2b4da6e5463de2eL,0x067b0456757cd570L,
-        0xeaab81be3a1c866bL,0x72a6af75bbba88c0L,0xaed4dbde0ef567dcL } },
-    /* 9 << 378 */
-    { { 0x085e33cd9273818aL,0x8fb9294a8cf4e306L,0xaed46bbc35052bd1L,
-        0x031febb3374661eaL,0x9386a35d4868dbb2L,0x381e5b521d3f2dddL },
-      { 0xa938a3a5179617edL,0xb0fc99f49dc95af1L,0xf446dfa92b9dacbcL,
-        0xbae262ae490c1969L,0x042707ffa7443354L,0x8dc0511f267d5c14L } },
-    /* 10 << 378 */
-    { { 0x8f0e1908fac2674dL,0xd86e85a483e43c26L,0x1f719f7036fb5a4eL,
-        0x7ad61b8ca57dbcbcL,0xcf6ba7db0f63dc79L,0xb4315ab11afe8540L },
-      { 0x0448e852425c4df3L,0xf51969ef8838a51dL,0xce98589b9eab87deL,
-        0x55867b5645149689L,0x9b70bc8c60d2a624L,0xc158a2710b6dbd45L } },
-    /* 11 << 378 */
-    { { 0x0b262f808f1915f2L,0x64ba3bc73d501e01L,0x8ce2db1f4645152cL,
-        0xf4a4f3afab047cdbL,0x1a7c4af600d31e7fL,0x0005bca678d1c0ecL },
-      { 0xf5ed135f6fe5ebb0L,0xa299b1002ea9abdfL,0x4fa387e5fccb58f5L,
-        0x105b9dd2fc657b72L,0x1494c6050dc3c22cL,0xf7468e8a92d281c7L } },
-    /* 12 << 378 */
-    { { 0x597a26ffb4dc8600L,0x264a09f3f9288555L,0x0b06aff65c27f5f6L,
-        0xce5ab665d8d544e6L,0x92f031be99275c32L,0xaf51c5bbf42e0e7cL },
-      { 0x5bb28b061e37b36dL,0x583fba6a8473543aL,0xe73fd299f93fb7dcL,
-        0xfcd999a86e2ccad9L,0xb8c8a6df334d4f57L,0x5adb28dd9a2acc9bL } },
-    /* 13 << 378 */
-    { { 0xc760823646dd14f3L,0xc6d97d37e7a97f33L,0x05037f26de2f444aL,
-        0x5267ded09aa9a5c0L,0xd1ef46340be2d841L,0x308b37a8d48b9574L },
-      { 0x102f7878487bad5bL,0x1d5169d938b7c1efL,0x2d8adde62c39c75aL,
-        0x71bfb8bc0b80f3bbL,0x126505999bff252fL,0xf99e952f24f8bd3bL } },
-    /* 14 << 378 */
-    { { 0x24496a8b7a8a6d47L,0x9fc75c0aec6afe43L,0x4200e00670744f15L,
-        0xe2f87d5e2973be1dL,0x0f6c5993c82e2013L,0xe9ecf6ce198c99f0L },
-      { 0xcbdf72058b37d828L,0xbef4b8c8325d1d93L,0x8e962ffbd0fbb134L,
-        0xe4273a124bcffc61L,0x4f24ba23f3d93d73L,0x8f02df83bcfcb930L } },
-    /* 15 << 378 */
-    { { 0x985c8f4b0614348aL,0xca4ca7cd5a03c014L,0x5bdd4382a7b62effL,
-        0x623d44b9e4a0bb42L,0x1f28862ef23931d5L,0x30568303868326beL },
-      { 0x850d2a0d82e76f04L,0xf4dc02330ac4a153L,0x62b74879b1e70a9aL,
-        0x7b32249baf3f0dbbL,0x2f50395d155eae92L,0x6d990c16f6f5c9a4L } },
-    /* 16 << 378 */
-    { { 0x3afdee277d221ab6L,0xecf10abc47bb619eL,0x340c8ee3ba4a3301L,
-        0x1a6ea51a2a883b7fL,0x64f27976d5d7412bL,0x7fcf0ecc91251b6eL },
-      { 0x5f3f8f41365b18b7L,0x38e48b96e2e13e58L,0xde3b73d6ad61b2cbL,
-        0xf08398d5d542676dL,0xd373931e8e7d712bL,0x89325d7a7f96e023L } },
-    /* 17 << 378 */
-    { { 0xeb2e48c10bf4e94dL,0x00614bf206b7e166L,0x536c999ce295c451L,
-        0x951f92186359cf06L,0xe2a938890afc827fL,0x63102e93ff029787L },
-      { 0xab297c7d2ac89645L,0x7354df74928742bfL,0xc0934ca6c8604304L,
-        0x36b7e9711cc2f3b4L,0x487ce890e10ee837L,0xe6aa9eabae2ae9e3L } },
-    /* 18 << 378 */
-    { { 0x6e7a578340517347L,0x7db868f3a950dfa2L,0x7fd7fd8eb3c2eff7L,
-        0xae7b59c5fbe10a47L,0x5239b5c4109797d6L,0x3838356a53264b8aL },
-      { 0x8df8454c320a8c5aL,0x67c86ef46958fa2cL,0xfe1aad846241a50aL,
-        0x3df64ef5a06f3cf3L,0xde6af0ff83282fbdL,0x25ca45046cdbe5feL } },
-    /* 19 << 378 */
-    { { 0xa319340d6e6c0debL,0x101f055acb1b1cd5L,0x4bea31ad623e7e55L,
-        0xc0c88af6aec23cd2L,0xca98c4364aaf2f73L,0x1969eca437dd1341L },
-      { 0x6b03989f97866dc3L,0xafdc99532eaf5b08L,0x199ec0e93d6ea9c4L,
-        0xc3d1069474f262e9L,0xa7e5670079911cf9L,0xc0213ec56844da05L } },
-    /* 20 << 378 */
-    { { 0x5adf3d9a111792b9L,0x1c77a3054f1e0d09L,0xf9fbce33a82d3736L,
-        0xf307823e718c8aa3L,0x860578cf416ccf69L,0xb942add81ef8465bL },
-      { 0x9ee0cf97cd9472e1L,0xe6792eefb01528a8L,0xf99b9a8dc09da90bL,
-        0x1f521c2dcbf3ccb8L,0x6bf6694891a62632L,0xcc7a9ceb854fe9daL } },
-    /* 21 << 378 */
-    { { 0xfc9660a3c8808373L,0x84c5d6a71a50c560L,0x13fe0588ba057fe2L,
-        0x29b0341dafb73ad1L,0x37b11137f15f0cd2L,0x84422ba89c2d7eb0L },
-      { 0x0b595ac52554ef7fL,0xd7a8303f08b37a84L,0x908895a9e02d77fcL,
-        0x70cdeb0c9f242a42L,0x535e8540116e2db8L,0xc88f0cf685c54d31L } },
-    /* 22 << 378 */
-    { { 0xf534f145e2290ebaL,0x3d081c0d7f15c9e3L,0x716574c5e9ae3da0L,
-        0xbe6bd7b92c078aa8L,0xab8802bab8da8e68L,0x0c5be4a1ab204fb0L },
-      { 0xad25c5ee0d3f12b3L,0x3929d0d78fc9b7a5L,0x9c6e2ce0bb5cd2fdL,
-        0x855367c4924ec2d2L,0x6b532891e6550d3cL,0xab2bc89575ba5c99L } },
-    /* 23 << 378 */
-    { { 0xb56b035e2a0349adL,0xcfa41da6f89ce836L,0x9d86bcac8b5c43fcL,
-        0xc77375da47644b07L,0x9e9c222607f4b670L,0x71d663c80482a61bL },
-      { 0xb423e739ef237431L,0xf1cedf7e48832b5bL,0x09e0cb2a7ca7548bL,
-        0x9b463559631b9850L,0x8a2bd7fed4dd03deL,0x46115292ae0c97d3L } },
-    /* 24 << 378 */
-    { { 0xe44e3f864b3759cfL,0x90cab0eb9d74e3f6L,0x1004254501c4e171L,
-        0xc12df68cce52defbL,0xb1fae2fbf363100aL,0x5016c8533573235fL },
-      { 0x8d4deb661d922e9bL,0x8a20d42317f84ef2L,0x324985835a4e118eL,
-        0x5abfa961308772e9L,0x41c7611ff54e4876L,0xc1da40d31f5867b2L } },
-    /* 25 << 378 */
-    { { 0x4df02a7d3088aebcL,0x7dea27ea12487485L,0x2a773270df98069eL,
-        0xea435fa0e9ceaf44L,0x08e952e365e5ebabL,0x972877d5c3511480L },
-      { 0xef5685f859a04cd0L,0xe50abe68b8c7c796L,0xbbb792e2c3225f20L,
-        0x7d9878e811c89153L,0x4b72a1e619354751L,0x7d5f05a3faa1be22L } },
-    /* 26 << 378 */
-    { { 0x61dd7692f27eed54L,0x8540213ea7a3f2f7L,0xe659cbd6ace07e13L,
-        0x3a998cdcc8995cacL,0x0accb4a7922d3b25L,0x762b3406c6577d81L },
-      { 0xa09db4f57e043740L,0x7f78e02d8cc9bc5fL,0x080a522673b98cd3L,
-        0xb6d72f7ce6490808L,0x36815de2c724284aL,0xc27d13df98b867b5L } },
-    /* 27 << 378 */
-    { { 0xbfeffd5356adb6e4L,0xb5e8876c499a1455L,0x4771281390833f18L,
-        0x5f49ef880115b9a5L,0xb041ec67cf575de5L,0x490753350b7e4afcL },
-      { 0xad4dc4a15f0b9f24L,0x9dbb181edafad9a5L,0xa84431a6e6ed5198L,
-        0x33ee16e27993eed6L,0xfdf76899c1e4f8b4L,0x868d06baff60e943L } },
-    /* 28 << 378 */
-    { { 0x46303171491ccb92L,0xa80a8c0d2771235bL,0xd8e497fff172c7cfL,
-        0x7f7009d735b193cfL,0x6b9fd3f7f19df4bcL,0xada548c3b46f1e37L },
-      { 0x87c6eaa9c7a20270L,0xef2245d6ae78ef99L,0x2a121042539eab95L,
-        0x29a6d5d779b8f5ccL,0x33803a10b77840dcL,0xfedd3a7011a6a30fL } },
-    /* 29 << 378 */
-    { { 0x5d782a0778664144L,0xc1413da46682c779L,0x937a15f52a67b12bL,
-        0x8ec00d9fc04d8cd5L,0x3f16d1ed3b5fe8d6L,0x24ad6b0ca28c8067L },
-      { 0xdd1eecc532732b19L,0x62c4c2beab2fa785L,0x7d863f5b2ac0c238L,
-        0xd686eb7239384e15L,0x3770e54d16bd75b2L,0xdcd9e4e8120b3881L } },
-    /* 30 << 378 */
-    { { 0xe3052838df5147e1L,0x87bc4d75b1baaa7cL,0x49b13eb95acc5572L,
-        0x919081881990c13cL,0x5d43a4a6191cc808L,0x20b358444182aa55L },
-      { 0x70d49a4a670b1fd1L,0xc6e6e061722e91e7L,0x8d130b3900c5ae9eL,
-        0x5db7d06920f68ec5L,0x85b6c505470fbe13L,0x14101ec7326c4d38L } },
-    /* 31 << 378 */
-    { { 0xeef03450e10e8018L,0x75921e487576c3ddL,0x6c8e22676e97f5afL,
-        0xd7323e01a856ae6bL,0x43a195425fed884fL,0x010865380377ba8fL },
-      { 0x7cdbd06ac82a8f67L,0xc6fce58bf0fd4281L,0xae098b7f9e67bed0L,
-        0x0c8d328bdd918524L,0xddf723ec0a11fb83L,0x210d6016e25a2073L } },
-    /* 32 << 378 */
-    { { 0x3c90a59f85adde98L,0x35414174e5269140L,0x9aca885c1a0d58e2L,
-        0x77b9b6dd6816b009L,0x8e5c12139ee4718fL,0x60ad991e4e4eac45L },
-      { 0xc00c35694d71f624L,0xacbf4eb25bc5fd2aL,0xcba1ffc75eaf3eaaL,
-        0x5f99092d42a87e32L,0x2e7b49c76f7a882fL,0x5e9bfc5c29040512L } },
-    /* 33 << 378 */
-    { { 0xa31d3524b295958dL,0x9713a5e04894f486L,0xe8804ab3329a0b9aL,
-        0xd4447c1b20eefa54L,0xf5b944c9040b7ad4L,0x9db0ee0b907f2cfdL },
-      { 0x0b1a1f3a5384a999L,0x3137241ea8351764L,0xe0663b5ab29c3cffL,
-        0x2b47ca0622d4deefL,0x4f952109f1172bcdL,0x1e7a7fca9b447bd4L } },
-    /* 34 << 378 */
-    { { 0xc9898355ecf2a473L,0x20d0c4740dcd66f6L,0x6459720f8eeefff5L,
-        0xd9b625dcf9ce0cdeL,0xed3a6508ea56be90L,0x6847c20de211c90eL },
-      { 0x36d86bed71a73ceeL,0x9222eab23023d16eL,0x3155874750209b4dL,
-        0xcac8f277d145b831L,0x49cedc634470e754L,0x6c7c065add370f77L } },
-    /* 35 << 378 */
-    { { 0x46a95735f8171804L,0x1ff2549ec4c93476L,0xfb8a08285bb5202dL,
-        0xaff5505f1070737aL,0x162aaad842f412c5L,0x02a37213fac8a477L },
-      { 0x05ff9238932f08e2L,0x9be6a0b29fc66787L,0x373a9039db1e5a40L,
-        0xe657e8c782d04913L,0xa2006f207e6ee867L,0xd7aa1d2378d82f9aL } },
-    /* 36 << 378 */
-    { { 0xfa070e22142403d1L,0x68ff316015c6f7f5L,0xe09f04e6223a0ce8L,
-        0x22bbd01853e14183L,0x35d9fafccf45b75bL,0x3a34819d7eceec88L },
-      { 0xd9cf7568d33262d2L,0x431036d5841d1505L,0x0c8005659eb2a79aL,
-        0x8e77d9f05f7edc6aL,0x19e12d0565e800aaL,0x335c8d36b7784e7cL } },
-    /* 37 << 378 */
-    { { 0xdcac39d87c1d9f4dL,0x88322d8bc225ce6eL,0x5c240cefa3ef5202L,
-        0xf60ce5d991f1d487L,0x8e857069e462cfa8L,0xa6e5585e996d2033L },
-      { 0x709675a556281e6aL,0xcd90c140f907ebf0L,0x5343a0a2a3231eecL,
-        0x74b1443214892291L,0xf8cb9c26a5325b8cL,0x1bb28be140089be5L } },
-    /* 38 << 378 */
-    { { 0x2bb6e7ec3092d0b2L,0xc7c9e5f1d27d1f31L,0xbac785aeac0939e3L,
-        0x186d3d934f810d8fL,0xda296dacfe7d778fL,0x6189f5e41a991ea2L },
-      { 0x098f794e9634363eL,0x04aaf59a88a4dccaL,0x09d718487196dfa8L,
-        0xa447a31ed83044a6L,0x720cd3908d1363fdL,0x6f670479e22efa03L } },
-    /* 39 << 378 */
-    { { 0xaa452e81cdf60f9aL,0xf3dc472a8e2c58e9L,0x16ddefa50589fd01L,
-        0xd56ec8f223a1656eL,0xcccb784f77921ca4L,0x9bace7adf8a7c0baL },
-      { 0xc94ef3ef51f052e2L,0xa70c0579c34e7cb5L,0x3599817883ce8674L,
-        0x033647c392a20951L,0xc828fcc77a21add6L,0x5a446de871ba27a5L } },
-    /* 40 << 378 */
-    { { 0x75cba9d530a3ada1L,0xb69e308bf8ae9565L,0x990e3425ca7b8369L,
-        0x9f67567fe0a7ad0bL,0x76ed6fe718bd01b7L,0x282358aa2ff95cfeL },
-      { 0x28d2ea41410f8841L,0x89d1533fccd67c81L,0x969bb272b6a7b8f9L,
-        0x54f8664c26330782L,0xb89f3ae81dcd9164L,0x54d845b93d962c14L } },
-    /* 41 << 378 */
-    { { 0x08ba5b61fde4ca03L,0x39b1a9c697b17ee6L,0x885253779336b2b9L,
-        0xe964dc9c9aabc3fcL,0x6aed101a5295e728L,0x30369ea0ee12356aL },
-      { 0xe081e022c8e80e5eL,0x3a769ef0df9f47c0L,0x3b2f7aab5590750cL,
-        0xd16c7a85a1a5e504L,0x9e528623e854d7cfL,0xaca079354468e419L } },
-    /* 42 << 378 */
-    { { 0xee521c0af93098bfL,0xf517c925b79aa0ebL,0x17779f5e7bbc58feL,
-        0x093c3dc2769de891L,0xafbf32372a69ad0dL,0x33a95de702001e8cL },
-      { 0x3b30afc73410a2b0L,0xb379a3f425bc7d9aL,0xf1c069251604a646L,
-        0x04f0bb334fca052fL,0xe5cd9c39cab33871L,0xf259795816fa1b16L } },
-    /* 43 << 378 */
-    { { 0x291d65c801189d9aL,0xb16ca18bd8e94e49L,0x55f7680599440d4bL,
-        0x55d40c1b2eb7f0fdL,0x752d98f6018d7c64L,0xa1cae78c7b491c4dL },
-      { 0x898fc8c78f66b8d3L,0xbb48956a3ceecd27L,0xb8f9498dfaa9451fL,
-        0x583b336aa5683ef8L,0x0deaa373e92656f4L,0x7f87b4412a9a0272L } },
-    /* 44 << 378 */
-    { { 0x8b2fc4e96484fd40L,0xee702764a35d24eaL,0x15b28ac7b871c3f3L,
-        0x805b4048e097047fL,0xd6f1b8df647cad2fL,0xf1d5b458dc7dd67fL },
-      { 0x324c529c25148803L,0xf6185ebe21274fafL,0xaf14751e95148b55L,
-        0x283ed89d28f284f4L,0x93ad20e74cbebf1aL,0x5f6ec65d882935e1L } },
-    /* 45 << 378 */
-    { { 0x4b0c7d0c69c284cbL,0x907e4f38199c5176L,0x4ebfbda7cf3dab12L,
-        0x675f12cca4fa74a9L,0x86628102bdf579e6L,0xf08cbfe771c4d061L },
-      { 0x9dde390e03bc1cb9L,0xb6d0d48b4c727915L,0x7cad28c370c0b7bfL,
-        0x8d978a8110d1e881L,0x1c071597924baeb1L,0x83c09192eb103fe0L } },
-    /* 46 << 378 */
-    { { 0x494dbd2665925506L,0xe239b1d404b6fc45L,0x38a1ec5ce16b874dL,
-        0x1588c4712a3f012dL,0x5bd45adcdc6938b9L,0xe4c35c2244ab2fccL },
-      { 0x87cbd9ff887108a2L,0x92a9c3b2144fd3eeL,0x3a0e55c7982a4928L,
-        0xcaf679765bb0fddfL,0x04616318263ea256L,0x56eb022838caa901L } },
-    /* 47 << 378 */
-    { { 0x2f7de141a48da000L,0x323bd638835a4edfL,0xd2d9da967e155bd5L,
-        0x717c302a766b69daL,0x5927968beb0f6ca5L,0xfd96bd168940c766L },
-      { 0xf89f7539a334fd71L,0x4ba9cd8bd870954fL,0x7e639523a3d57aa8L,
-        0x88f31e162314c0ceL,0xa836a6ad53b7e6e9L,0xd35a825190e43169L } },
-    /* 48 << 378 */
-    { { 0xb3984b176c0f3509L,0xf9fa4483d8b4d6bcL,0xf4ac2b677dec20d2L,
-        0x67ef024eb3dbe034L,0x2dcc51180f94f4d7L,0x024cdcfd74a51393L },
-      { 0xf1c0fead20e7abcbL,0xffc18f81d3a7414fL,0xb00ce5567062cb0bL,
-        0xeccb0521817bc8d1L,0xa0c0fe6040411c15L,0x053113221defbe00L } },
-    /* 49 << 378 */
-    { { 0x74faca8a6af7e742L,0x6f206002d878a97aL,0xd69b7c83177305ffL,
-        0x605e7a32d2e2bcf1L,0x65bd03584590bf03L,0xab3ae700d1a378c5L },
-      { 0x037e79028a929b0dL,0x83625ae0a7c451c6L,0x82a18f03492b01d4L,
-        0x12c6d168e67756b1L,0x1e704c3bd7924df1L,0x7708617f1989244eL } },
-    /* 50 << 378 */
-    { { 0x4c98c61d097bde48L,0x6a55edf1c354f433L,0x1ceee947c3f39212L,
-        0x162cf27f36ba3cebL,0xd9f3982e3ec5f7ffL,0xd363e435d58d42d2L },
-      { 0x2ee90d7bad36681dL,0xd916df56ebfbf51cL,0x61d94ed8d7c27fe7L,
-        0x5010582e923c1acdL,0x89d23e8b6de52994L,0x0a4f9c10525dbccfL } },
-    /* 51 << 378 */
-    { { 0x7778fad7e65573e2L,0xa4af7a2d74986210L,0xd78ecebfec57d967L,
-        0x9be8a33f67d61b2eL,0x6888444f98a9add7L,0x218e7fb1b71a25a4L },
-      { 0xf75a6b795f46323bL,0x2f8610ad11a52cd9L,0x23692f85fc6837caL,
-        0x3a37965f71fe847bL,0x29c25cc3fe3bdeeeL,0x68fefc83f624665aL } },
-    /* 52 << 378 */
-    { { 0xe222eba4a4dcefe9L,0x63ad235fec1ceb74L,0x2e0bf749e05b18e7L,
-        0x547bd050b48bdd87L,0x0490c970f5aa2fc4L,0xced5e4cf2b431390L },
-      { 0x07d8270451d2898eL,0x44b72442083b57d4L,0xa4ada2305037fce8L,
-        0x55f7905e50510da6L,0xd8ee724f8d890a98L,0x925a8e7c11b85640L } },
-    /* 53 << 378 */
-    { { 0x8357d8bb460e77b2L,0xc749a6a77709a52bL,0x94035a1f0c82ab81L,
-        0x15245ac616c11ef4L,0xbf3cd96c034d021bL,0xf79e2d39b2e8fac1L },
-      { 0x387015194b6cf1bdL,0x341f9b53b3143bf7L,0xb2584aabdda9acf2L,
-        0x16f34bdd553a8e68L,0x89d0c4c5da7830b3L,0x6cfe44c63f488c2eL } },
-    /* 54 << 378 */
-    { { 0xee536a26d4bcaa59L,0x5ea6a57c699397bfL,0xb28f476b59a7eb99L,
-        0xa901f2551406ec90L,0x7b6e3e4d1f54ef38L,0x058ff1904c89c9a8L },
-      { 0x5690fa10fca546ccL,0xfe98793145e14268L,0x6181fa1675362f5dL,
-        0x3ebe84466964b9aeL,0x3e1957812ce0f969L,0xb33ea619b0195852L } },
-    /* 55 << 378 */
-    { { 0xeef402410ec537acL,0x1f72c1f8911316f6L,0xab4bb08268cc6678L,
-        0x031fc087255e8c5eL,0x99c2ff0b948ac53bL,0x13db3201919c1870L },
-      { 0xdec81fd312057a3cL,0xbdffa226ff7a44cbL,0x748d2e93d97167e2L,
-        0x33a9fe40bd21effeL,0xe08e4213817ea560L,0x2221798b9f4337d5L } },
-    /* 56 << 378 */
-    { { 0xda828fe556467257L,0x5e9abf67d640c2a1L,0x0eed233cc25c696aL,
-        0x72483dc5b3e1d84fL,0x30bf1ee34f114abcL,0xf58b321ed1f9bce8L },
-      { 0xcb26564c97524f33L,0xdc2f105e1e453229L,0x9da43ceb72a982ddL,
-        0xecf5649dfeef8862L,0xd8afda341fa2f06dL,0xf0d0ced355035432L } },
-    /* 57 << 378 */
-    { { 0xec22bb32205a5301L,0xe4d168e75b0b727bL,0x91217a6be34fe2e0L,
-        0x03c6831675f0f139L,0xb21e275d8b991b29L,0x7f517c9c01f3f401L },
-      { 0xbbe95d19e55e49faL,0xc5470808504514b1L,0xb88be15c7cc1367dL,
-        0x242cb06bbfd24bacL,0x08647a158d2ab0baL,0x8f1fd1bd5716ed9bL } },
-    /* 58 << 378 */
-    { { 0xe787054518ba5236L,0x243622f9e8a47507L,0xe7d94f4697b97d7cL,
-        0xb120589021649255L,0x8b5101310dd4e1d4L,0x1690687e164c44baL },
-      { 0x65bb4d8cf100fef5L,0xfffffee70a684c3dL,0x2aa11707c463a975L,
-        0xccaddeaf391ad03dL,0x4d2cda1c81cca7deL,0x9d3eaa58c5b0f8e7L } },
-    /* 59 << 378 */
-    { { 0x3d92ecc18f8802dfL,0x3024ce311a719461L,0x6bdf53fc46c1f31bL,
-        0x4f4576a12c9c7744L,0xe1ee7508c3ff7356L,0xd4b25ed3883ebf03L },
-      { 0x1dc46052420c3ac9L,0x376ebbfa11ecefa9L,0x36e175265e9693f5L,
-        0xeb82b33740ed3143L,0x6960312ff19fa66aL,0xc7edb5db6c742e1bL } },
-    /* 60 << 378 */
-    { { 0x5bfa10cd1ca459edL,0x593f085a6dcf56bfL,0xe6f0ad9bc0579c3eL,
-        0xc11c95a22527c1adL,0x7cfa71e1cf1cb8b3L,0xedcff8331d6dc79dL },
-      { 0x581c4bbe432521c9L,0xbf620096144e11a0L,0x54c38b71be3a107bL,
-        0xed555e37e2606ec0L,0x3fb148b8d721d034L,0x79d53dad0091bc90L } },
-    /* 61 << 378 */
-    { { 0x4b98cb69c5c8a182L,0x887071bbcac96dabL,0x03d42e96afc190c3L,
-        0xbc2c3b8d7a813820L,0x1ee7797f6590d0ecL,0x4a95f7f3ad4777a4L },
-      { 0x7a36de4e2a8d2736L,0x7f8c6751ad78dab6L,0xf9874bf6974c0a8eL,
-        0x759fee1c8b53025aL,0x1b00fb28a2171c8bL,0xdf206f19be8f2e7eL } },
-    /* 62 << 378 */
-    { { 0xe6bbcf0bf8ed6302L,0x7734dc91f8fe7a42L,0x840210ee61ff9d1eL,
-        0xbbf2d5477007f2e9L,0x0f17d421a6542ac0L,0x0b2d3d2ee01df4e9L },
-      { 0x520e4fbb84f3703fL,0x8362f7b1431106b7L,0xdcfc96ae6e50d836L,
-        0x2dfa176cc44153bbL,0xeef1c6710b09ffe2L,0x633a2ac888531d81L } },
-    /* 63 << 378 */
-    { { 0x29262b6d7636a78dL,0xdc504f01d3ce2967L,0xa441e5035bcf0e19L,
-        0x8025224f7ad39d9aL,0x780ec65de871b792L,0x977b4bce597694b4L },
-      { 0xe05eaeb87fe3ef11L,0x1cff87ac9748b10eL,0xb669c1d60c34153aL,
-        0xf5da63e0f8f90368L,0x6f7f2fc47d31bf61L,0x37e9158235c16a0fL } },
-    /* 64 << 378 */
-    { { 0xcf17f9dc08d1be5dL,0xb55de4c8afdfeb23L,0xa69454ffe437b29cL,
-        0x6628d789e27ee9e2L,0x56e3b975ee3af03bL,0x0083fe9c2f532d62L },
-      { 0xcae15213e63e7511L,0xdb5384f386ed849cL,0x902ba959fa4d825fL,
-        0xbad700d55ae17566L,0x16b2c5dc14c82eb4L,0xa4b057a736708ea7L } },
-};
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_add_only_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_384 v[55];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_ecc_recode_7_6(k, v);
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        i = 54;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_65_6(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_65_6(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_384_sub_6(negy, p384_mod, p->y);
-            sp_384_norm_6(negy);
-            sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_384_proj_point_add_qz1_6(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_384_map_6(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_add_only_6(r, NULL, p384_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_add_only_avx2_6(sp_point_384* r, const sp_point_384* g,
-        const sp_table_entry_384* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    sp_point_384* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_384 v[55];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_384, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_ecc_recode_7_6(k, v);
-
-        XMEMCPY(p->z, p384_norm_mod, sizeof(p384_norm_mod));
-        XMEMCPY(rt->z, p384_norm_mod, sizeof(p384_norm_mod));
-
-        i = 54;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_384_get_entry_65_avx2_6(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_384_get_entry_65_avx2_6(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_384_sub_6(negy, p384_mod, p->y);
-            sp_384_norm_6(negy);
-            sp_384_cond_copy_6(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_384_proj_point_add_qz1_avx2_6(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_384_map_avx2_6(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_384));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 6 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_ecc_mulmod_base_avx2_6(sp_point_384* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_384_ecc_mulmod_add_only_avx2_6(r, NULL, p384_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the base point of P384 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 6);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 6, km);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_base_avx2_6(point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_base_6(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P384 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 2);
-    SP_DECL_VAR(sp_digit, k, 6 + 6 * 2 * 6);
-    sp_point_384* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_384, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6 + 6 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 6;
-
-        sp_384_from_mp(k, 6, km);
-        sp_384_point_from_ecc_point_6(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->x, addP->x, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->y, addP->y, p384_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_384_mod_mul_norm_6(addP->z, addP->z, p384_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_base_avx2_6(point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_base_6(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_proj_point_add_avx2_6(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_384_proj_point_add_6(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_384_map_avx2_6(point, point, tmp);
-            }
-            else
-#endif
-                sp_384_map_6(point, point, tmp);
-        }
-
-        err = sp_384_point_to_ecc_point_6(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_add_one_6(sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_384_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_384_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_384_ecc_gen_k_6(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[48];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            sp_384_from_bin(k, 6, buf, (int)sizeof(buf));
-            if (sp_384_cmp_6(k, p384_order2) <= 0) {
-                sp_384_add_one_6(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_384, point, 2);
-#else
-    SP_DECL_VAR(sp_point_384, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 6);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_384, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_384_ecc_gen_k_6(rng, k);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_base_avx2_6(point, k, 1, 1, NULL);
-       }
-        else
-#endif
-            err = sp_384_ecc_mulmod_base_6(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_avx2_6(infinity, point, p384_order, 1, 1,
-                                                                          NULL);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_6(infinity, point, p384_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_384_iszero_6(point->x) || sp_384_iszero_6(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_point_to_ecc_point_6(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_384_ctx {
-    int state;
-    sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-    sp_digit k[6];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384  point[2];
-#else
-    sp_point_384 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_384_ctx;
-
-int sp_ecc_make_key_384_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_384_ctx* ctx = (sp_ecc_key_gen_384_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_384* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_384_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_384_ecc_gen_k_6(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_base_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p384_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_384_iszero_6(ctx->point->x) ||
-                    sp_384_iszero_6(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_384_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_384_point_to_ecc_point_6(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_to_bin_bswap_6(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_to_bin_movbe_6(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 48
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_384_to_bin_6(sp_digit* r, byte* a)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_384_to_bin_movbe_6(r, a);
-    }
-    else
-#endif
-    {
-        sp_384_to_bin_bswap_6(r, a);
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_384(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_384, point, 1);
-    SP_DECL_VAR(sp_digit, k, 6);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    if (*outLen < 48U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(k, 6, priv);
-        sp_384_point_from_ecc_point_6(point, pub);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_avx2_6(point, point, k, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_6(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_384_to_bin_6(point->x, out);
-        *outLen = 48;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-    };
-    sp_digit k[6];
-    sp_point_384 point;
-} sp_ecc_sec_gen_384_ctx;
-
-int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_384_ctx* ctx = (sp_ecc_sec_gen_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_384_from_mp(ctx->k, 6, priv);
-            sp_384_point_from_ecc_point_6(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_384_to_bin_6(ctx->point.x, out);
-                *outLen = 48;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_384_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_384_sub_in_place_6(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mul_d_6(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mul_d_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_384_word_asm_6(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_384_word_6(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_384_word_asm_6(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_384_word_6(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<6; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[12];
-    sp_digit t2[7];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[5];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 6);
-    r1 = sp_384_cmp_6(&t1[6], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_384_cond_sub_avx2_6(&t1[6], &t1[6], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_384_cond_sub_6(&t1[6], &t1[6], d, (sp_digit)0 - r1);
-    for (i = 5; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[6 + i] == div);
-        sp_digit hi = t1[6 + i] + mask;
-        r1 = div_384_word_6(hi, t1[6 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_384_mul_d_avx2_6(t2, d, r1);
-        else
-#endif
-            sp_384_mul_d_6(t2, d, r1);
-        t1[6 + i] += sp_384_sub_in_place_6(&t1[i], t2);
-        t1[6 + i] -= t2[6];
-        sp_384_mask_6(t2, d, t1[6 + i]);
-        t1[6 + i] += sp_384_add_6(&t1[i], &t1[i], t2);
-        sp_384_mask_6(t2, d, t1[6 + i]);
-        t1[6 + i] += sp_384_add_6(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_384_cmp_6(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_384_cond_sub_avx2_6(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_384_cond_sub_6(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_384_mod_6(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_384_div_6(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_6(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_6(r, a, b);
-    sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P384 curve. */
-static const word64 p384_order_minus_2[6] = {
-    0xecec196accc52971U,0x581a0db248b0a77aU,0xc7634d81f4372ddfU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU
-};
-#else
-/* The low half of the order-2 of the P384 curve. */
-static const word64 p384_order_low[3] = {
-    0xecec196accc52971U,0x581a0db248b0a77aU,0xc7634d81f4372ddfU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_6(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_6(r, a);
-    sp_384_mont_reduce_order_6(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_6(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_6(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_6(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_6_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_6_ctx;
-static int sp_384_mont_inv_order_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_6_ctx* ctx = (sp_384_mont_inv_order_6_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 6);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_6(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_384_mont_mul_order_6(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 6U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_6(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 6);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_6(t, t);
-        if ((p384_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_6(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 6U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 6;
-    sp_digit* t3 = td + 4 * 6;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_6(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_6(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_6(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_6(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_6(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_6(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_6(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_6(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_6(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_6(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_6(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_6(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_6(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_6(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_6(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_6(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_6(t2, t2);
-        if ((p384_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_6(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_6(t2, t2);
-    sp_384_mont_mul_order_6(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two number mod the order of P384 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_384_mont_mul_order_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_384_mul_avx2_6(r, a, b);
-    sp_384_mont_reduce_order_avx2_6(r, p384_order, p384_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-/* Square number mod the order of P384 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_order_avx2_6(sp_digit* r, const sp_digit* a)
-{
-    sp_384_sqr_avx2_6(r, a);
-    sp_384_mont_reduce_order_avx2_6(r, p384_order, p384_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P384 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_384_mont_sqr_n_order_avx2_6(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_384_mont_sqr_order_avx2_6(r, a);
-    for (i=1; i<n; i++) {
-        sp_384_mont_sqr_order_avx2_6(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P384 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_384_mont_inv_order_avx2_6_ctx {
-    int state;
-    int i;
-} sp_384_mont_inv_order_avx2_6_ctx;
-static int sp_384_mont_inv_order_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_384_mont_inv_order_avx2_6_ctx* ctx = (sp_384_mont_inv_order_avx2_6_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_384_mont_inv_order_avx2_6_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 6);
-        ctx->i = 382;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_384_mont_sqr_order_avx2_6(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p384_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_384_mont_mul_order_avx2_6(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 6U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_384_mont_inv_order_avx2_6(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 6);
-    for (i=382; i>=0; i--) {
-        sp_384_mont_sqr_order_avx2_6(t, t);
-        if ((p384_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_avx2_6(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 6U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 6;
-    sp_digit* t3 = td + 4 * 6;
-    int i;
-
-    /* t = a^2 */
-    sp_384_mont_sqr_order_avx2_6(t, a);
-    /* t = a^3 = t * a */
-    sp_384_mont_mul_order_avx2_6(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_384_mont_mul_order_avx2_6(t, t2, t);
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_384_mont_mul_order_avx2_6(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_384_mont_mul_order_avx2_6(t3, t2, t);
-    /* t2= a^ffff0000 = t3 ^ 2 ^ 16 */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t3, 16);
-    /* t = a^ffffffff = t2 * t3 */
-    sp_384_mont_mul_order_avx2_6(t, t2, t3);
-    /* t2= a^ffffffff0000 = t ^ 2 ^ 16  */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t, 16);
-    /* t = a^ffffffffffff = t2 * t3 */
-    sp_384_mont_mul_order_avx2_6(t, t2, t3);
-    /* t2= a^ffffffffffff000000000000 = t ^ 2 ^ 48  */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t, 48);
-    /* t= a^fffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_avx2_6(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffff000000000000000000000000 */
-    sp_384_mont_sqr_n_order_avx2_6(t2, t, 96);
-    /* t2= a^ffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_384_mont_mul_order_avx2_6(t2, t2, t);
-    for (i=191; i>=1; i--) {
-        sp_384_mont_sqr_order_avx2_6(t2, t2);
-        if ((p384_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_384_mont_mul_order_avx2_6(t2, t2, a);
-        }
-    }
-    sp_384_mont_sqr_order_avx2_6(t2, t2);
-    sp_384_mont_mul_order_avx2_6(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_s_6(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    /* Conv k to Montgomery form (mod order) */
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_384_mul_avx2_6(k, k, p384_norm_order);
-    }
-    else
-#endif
-        sp_384_mul_6(k, k, p384_norm_order);
-    err = sp_384_mod_6(k, k, p384_order);
-    if (err == MP_OKAY) {
-        sp_384_norm_6(k);
-
-        /* kInv = 1/k mod order */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_inv_order_avx2_6(kInv, k, tmp);
-        }
-        else
-#endif
-            sp_384_mont_inv_order_6(kInv, k, tmp);
-        sp_384_norm_6(kInv);
-
-        /* s = r * x + e */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mul_avx2_6(x, x, r);
-        }
-        else
-#endif
-            sp_384_mul_6(x, x, r);
-        err = sp_384_mod_6(x, x, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_6(x);
-        carry = sp_384_add_6(s, e, x);
-        sp_384_cond_sub_6(s, s, p384_order, 0 - carry);
-        sp_384_norm_6(s);
-        c = sp_384_cmp_6(s, p384_order);
-        sp_384_cond_sub_6(s, s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_6(s);
-
-        /* s = s * k^-1 mod order */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_mul_order_avx2_6(s, s, kInv);
-        }
-        else
-#endif
-            sp_384_mont_mul_order_6(s, s, kInv);
-        sp_384_norm_6(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 384 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_384(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 6);
-    SP_DECL_VAR(sp_point_384, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 6;
-        k = e + 4 * 6;
-        r = e + 6 * 6;
-        tmp = e + 8 * 6;
-        s = e;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_6(rng, k);
-        }
-        else {
-            sp_384_from_mp(k, 6, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_384_ecc_mulmod_base_avx2_6(point, k, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_384_ecc_mulmod_base_6(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 6U);
-            sp_384_norm_6(r);
-            c = sp_384_cmp_6(r, p384_order);
-            sp_384_cond_sub_6(r, r, p384_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_384_norm_6(r);
-
-            if (!sp_384_iszero_6(r)) {
-                /* x is modified in calculation of s. */
-                sp_384_from_mp(x, 6, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_384_from_bin(e, 6, hash, (int)hashLen);
-
-                err = sp_384_calc_s_6(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_384_iszero_6(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_384, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-        sp_384_mont_inv_order_6_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*6];
-    sp_digit x[2*6];
-    sp_digit k[2*6];
-    sp_digit r[2*6];
-    sp_digit tmp[3 * 2*6];
-    sp_point_384 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_384_ctx;
-
-int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_384_ctx* ctx = (sp_ecc_sign_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_384_ecc_gen_k_6(rng, ctx->k);
-        }
-        else {
-            sp_384_from_mp(ctx->k, 6, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p384_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 6U);
-        sp_384_norm_6(ctx->r);
-        c = sp_384_cmp_6(ctx->r, p384_order);
-        sp_384_cond_sub_6(ctx->r, ctx->r, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_6(ctx->r);
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-        sp_384_from_mp(ctx->x, 6, priv);
-        sp_384_from_bin(ctx->e, 6, hash, (int)hashLen);
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_384_mul_6(ctx->k, ctx->k, p384_norm_order);
-        err = sp_384_mod_6(ctx->k, ctx->k, p384_order);
-        if (err == MP_OKAY) {
-            sp_384_norm_6(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_384_mont_inv_order_6_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_384_norm_6(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_384_mul_6(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_384_mod_6(ctx->x, ctx->x, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_384_norm_6(ctx->x);
-        carry = sp_384_add_6(ctx->s, ctx->e, ctx->x);
-        sp_384_cond_sub_6(ctx->s, ctx->s,
-            p384_order, 0 - carry);
-        sp_384_norm_6(ctx->s);
-        c = sp_384_cmp_6(ctx->s, p384_order);
-        sp_384_cond_sub_6(ctx->s, ctx->s, p384_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_384_norm_6(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_384_mont_mul_order_6(ctx->s, ctx->s, ctx->kInv);
-        sp_384_norm_6(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_384_iszero_6(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_384_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_384_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 6U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 6U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_rshift1_6(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_div2_mod_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern int sp_384_num_bits_6(const sp_digit * a);
-#ifdef __cplusplus
-}
-#endif
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[6];
-    sp_digit v[6];
-    sp_digit b[6];
-    sp_digit d[6];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_384_num_bits_6(u);
-    vt = sp_384_num_bits_6(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_384_rshift1_6(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_384_rshift1_6(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_384_rshift1_6(v, v);
-            sp_384_div2_mod_6(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_6(u, v) >= 0))) {
-            sp_384_sub_6(u, u, v);
-            o = sp_384_sub_6(b, b, d);
-            if (o != 0)
-                sp_384_add_6(b, b, m);
-            ut = sp_384_num_bits_6(u);
-
-            do {
-                sp_384_rshift1_6(u, u);
-                sp_384_div2_mod_6(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_384_sub_6(v, v, u);
-            o = sp_384_sub_6(d, d, b);
-            if (o != 0)
-                sp_384_add_6(d, d, m);
-            vt = sp_384_num_bits_6(v);
-
-            do {
-                sp_384_rshift1_6(v, v);
-                sp_384_div2_mod_6(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2,
-    sp_digit* tmp)
-{
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_384_proj_point_add_avx2_6(p1, p1, p2, tmp);
-    }
-    else
-#endif
-        sp_384_proj_point_add_6(p1, p1, p2, tmp);
-    if (sp_384_iszero_6(p1->z)) {
-        if (sp_384_iszero_6(p1->x) && sp_384_iszero_6(p1->y)) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_384_proj_point_dbl_avx2_6(p1, p2, tmp);
-            }
-            else
-#endif
-                sp_384_proj_point_dbl_6(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            XMEMCPY(p1->z, p384_norm_mod, sizeof(p384_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_384_calc_vfy_point_6(sp_point_384* p1, sp_point_384* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_384_mod_inv_6(s, s, p384_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mul_avx2_6(s, s, p384_norm_order);
-        }
-        else
-#endif
-        {
-            sp_384_mul_6(s, s, p384_norm_order);
-        }
-        err = sp_384_mod_6(s, s, p384_order);
-    }
-    if (err == MP_OKAY) {
-        sp_384_norm_6(s);
-#ifdef WOLFSSL_SP_SMALL
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_inv_order_avx2_6(s, s, tmp);
-            sp_384_mont_mul_order_avx2_6(u1, u1, s);
-            sp_384_mont_mul_order_avx2_6(u2, u2, s);
-        }
-        else
-#endif
-        {
-            sp_384_mont_inv_order_6(s, s, tmp);
-            sp_384_mont_mul_order_6(u1, u1, s);
-            sp_384_mont_mul_order_6(u2, u2, s);
-        }
-#else
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_mul_order_avx2_6(u1, u1, s);
-            sp_384_mont_mul_order_avx2_6(u2, u2, s);
-        }
-        else
-#endif
-        {
-            sp_384_mont_mul_order_6(u1, u1, s);
-            sp_384_mont_mul_order_6(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_base_avx2_6(p1, u1, 0, 0, heap);
-        }
-        else
-#endif
-        {
-            err = sp_384_ecc_mulmod_base_6(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_6(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_avx2_6(p2, p2, u2, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_6(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_384_iszero_6(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_384_add_points_6(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 384)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 384 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_384(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 6);
-    SP_DECL_VAR(sp_point_384, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_384* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 6;
-        s   = u1 + 4 * 6;
-        tmp = u1 + 6 * 6;
-        p2 = p1 + 1;
-
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(u1, 6, hash, (int)hashLen);
-        sp_384_from_mp(u2, 6, rm);
-        sp_384_from_mp(s, 6, sm);
-        sp_384_from_mp(p2->x, 6, pX);
-        sp_384_from_mp(p2->y, 6, pY);
-        sp_384_from_mp(p2->z, 6, pZ);
-
-        err = sp_384_calc_vfy_point_6(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(u2, 6, rm);
-        err = sp_384_mod_mul_norm_6(u2, u2, p384_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_sqr_avx2_6(p1->z, p1->z, p384_mod, p384_mp_mod);
-        }
-        else
-#endif
-            sp_384_mont_sqr_6(p1->z, p1->z, p384_mod, p384_mp_mod);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_mul_avx2_6(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        }
-        else
-#endif
-            sp_384_mont_mul_6(u1, u2, p1->z, p384_mod, p384_mp_mod);
-        *res = (int)(sp_384_cmp_6(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_384_from_mp(u2, 6, rm);
-            carry = sp_384_add_6(u2, u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_6(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_6(u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_6(u2, u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    sp_384_mont_mul_avx2_6(u1, u2, p1->z, p384_mod,
-                        p384_mp_mod);
-                }
-                else
-#endif
-                {
-                    sp_384_mont_mul_6(u1, u2, p1->z, p384_mod, p384_mp_mod);
-                }
-                *res = (sp_384_cmp_6(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_384_ctx {
-    int state;
-    union {
-        sp_384_ecc_mulmod_6_ctx mulmod_ctx;
-        sp_384_mont_inv_order_6_ctx mont_inv_order_ctx;
-        sp_384_proj_point_dbl_6_ctx dbl_ctx;
-        sp_384_proj_point_add_6_ctx add_ctx;
-    };
-    sp_digit u1[2*6];
-    sp_digit u2[2*6];
-    sp_digit s[2*6];
-    sp_digit tmp[2*6 * 6];
-    sp_point_384 p1;
-    sp_point_384 p2;
-} sp_ecc_verify_384_ctx;
-
-int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_384_ctx* ctx = (sp_ecc_verify_384_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_384_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 48U) {
-            hashLen = 48U;
-        }
-
-        sp_384_from_bin(ctx->u1, 6, hash, (int)hashLen);
-        sp_384_from_mp(ctx->u2, 6, rm);
-        sp_384_from_mp(ctx->s, 6, sm);
-        sp_384_from_mp(ctx->p2.x, 6, pX);
-        sp_384_from_mp(ctx->p2.y, 6, pY);
-        sp_384_from_mp(ctx->p2.z, 6, pZ);
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_384_mul_6(ctx->s, ctx->s, p384_norm_order);
-        err = sp_384_mod_6(ctx->s, ctx->s, p384_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_384_norm_6(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_384_mont_inv_order_6_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_384_mont_mul_order_6(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_384_mont_mul_order_6(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p384_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_6(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_384_ecc_mulmod_6_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_384_iszero_6(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_384_proj_point_add_6_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_384_from_mp(ctx->u2, 6, rm);
-        err = sp_384_mod_mul_norm_6(ctx->u2, ctx->u2, p384_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_384_mont_sqr_6(ctx->p1.z, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_384_mont_mul_6(ctx->u1, ctx->u2, ctx->p1.z, p384_mod, p384_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_384_cmp_6(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_384_from_mp(ctx->u2, 6, rm);
-            carry = sp_384_add_6(ctx->u2, ctx->u2, p384_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_384_norm_6(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_384_cmp_6(ctx->u2, p384_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_384_mod_mul_norm_6(ctx->u2, ctx->u2, p384_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_384_mont_mul_6(ctx->u1, ctx->u2, ctx->p1.z, p384_mod,
-                                                            p384_mp_mod);
-                *res = (int)(sp_384_cmp_6(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_384_ecc_is_point_6(const sp_point_384* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 6 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 6 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 6;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_384_sqr_6(t1, point->y);
-        (void)sp_384_mod_6(t1, t1, p384_mod);
-        sp_384_sqr_6(t2, point->x);
-        (void)sp_384_mod_6(t2, t2, p384_mod);
-        sp_384_mul_6(t2, t2, point->x);
-        (void)sp_384_mod_6(t2, t2, p384_mod);
-        sp_384_mont_sub_6(t1, t1, t2, p384_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_384_mont_add_6(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_6(t1, t1, point->x, p384_mod);
-        sp_384_mont_add_6(t1, t1, point->x, p384_mod);
-
-
-        if (sp_384_cmp_6(t1, p384_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_384, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_384, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(pub->x, 6, pX);
-        sp_384_from_mp(pub->y, 6, pY);
-        sp_384_from_bin(pub->z, 6, one, (int)sizeof(one));
-
-        err = sp_384_ecc_is_point_6(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_384(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 6);
-    SP_DECL_VAR(sp_point_384, pub, 2);
-    sp_point_384* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 384) ||
-        (mp_count_bits(pY) > 384) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 384)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 6, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_384_from_mp(pub->x, 6, pX);
-        sp_384_from_mp(pub->y, 6, pY);
-        sp_384_from_bin(pub->z, 6, one, (int)sizeof(one));
-        if (privm)
-            sp_384_from_mp(priv, 6, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_384_iszero_6(pub->x) != 0) &&
-            (sp_384_iszero_6(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_384_cmp_6(pub->x, p384_mod) >= 0) ||
-             (sp_384_cmp_6(pub->y, p384_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_384_ecc_is_point_6(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_384_ecc_mulmod_avx2_6(p, pub, p384_order, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_384_ecc_mulmod_6(p, pub, p384_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_384_iszero_6(p->x) == 0) ||
-                             (sp_384_iszero_6(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_384_ecc_mulmod_base_avx2_6(p, priv, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_384_ecc_mulmod_base_6(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_384_cmp_6(p->x, pub->x) != 0) ||
-                 (sp_384_cmp_6(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    SP_DECL_VAR(sp_point_384, p, 2);
-    sp_point_384* q = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_384_from_mp(p->x, 6, pX);
-        sp_384_from_mp(p->y, 6, pY);
-        sp_384_from_mp(p->z, 6, pZ);
-        sp_384_from_mp(q->x, 6, qX);
-        sp_384_from_mp(q->y, 6, qY);
-        sp_384_from_mp(q->z, 6, qZ);
-        p->infinity = sp_384_iszero_6(p->x) &
-                      sp_384_iszero_6(p->y);
-        q->infinity = sp_384_iszero_6(q->x) &
-                      sp_384_iszero_6(q->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_proj_point_add_avx2_6(p, p, q, tmp);
-        }
-        else
-#endif
-            sp_384_proj_point_add_6(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_384(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 2);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 6, pX);
-        sp_384_from_mp(p->y, 6, pY);
-        sp_384_from_mp(p->z, 6, pZ);
-        p->infinity = sp_384_iszero_6(p->x) &
-                      sp_384_iszero_6(p->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_proj_point_dbl_avx2_6(p, p, tmp);
-        }
-        else
-#endif
-            sp_384_proj_point_dbl_6(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_384(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 6 * 6);
-    SP_DECL_VAR(sp_point_384, p, 1);
-    int err = MP_OKAY;
-
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 6 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_384, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_384_from_mp(p->x, 6, pX);
-        sp_384_from_mp(p->y, 6, pY);
-        sp_384_from_mp(p->z, 6, pZ);
-        p->infinity = sp_384_iszero_6(p->x) &
-                      sp_384_iszero_6(p->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_map_avx2_6(p, p, tmp);
-        }
-        else
-#endif
-            sp_384_map_6(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_384_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_384_mont_sqrt_6(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t1, 5 * 2 * 6);
-    sp_digit* t2 = NULL;
-    sp_digit* t3 = NULL;
-    sp_digit* t4 = NULL;
-    sp_digit* t5 = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, t1, 5 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 6;
-        t3 = t1 + 4 * 6;
-        t4 = t1 + 6 * 6;
-        t5 = t1 + 8 * 6;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_avx2_6(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_avx2_6(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_avx2_6(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_avx2_6(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_avx2_6(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_avx2_6(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_avx2_6(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_avx2_6(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_avx2_6(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_avx2_6(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_avx2_6(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_avx2_6(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_avx2_6(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_avx2_6(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_avx2_6(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_avx2_6(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_avx2_6(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_avx2_6(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_avx2_6(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_avx2_6(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_avx2_6(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-        else
-#endif
-        {
-            /* t2 = y ^ 0x2 */
-            sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3 */
-            sp_384_mont_mul_6(t1, t2, y, p384_mod, p384_mp_mod);
-            /* t5 = y ^ 0xc */
-            sp_384_mont_sqr_n_6(t5, t1, 2, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xf */
-            sp_384_mont_mul_6(t1, t1, t5, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x1e */
-            sp_384_mont_sqr_6(t2, t1, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x1f */
-            sp_384_mont_mul_6(t3, t2, y, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3e0 */
-            sp_384_mont_sqr_n_6(t2, t3, 5, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3ff */
-            sp_384_mont_mul_6(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fe0 */
-            sp_384_mont_sqr_n_6(t2, t1, 5, p384_mod, p384_mp_mod);
-            /* t3 = y ^ 0x7fff */
-            sp_384_mont_mul_6(t3, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fff800 */
-            sp_384_mont_sqr_n_6(t2, t3, 15, p384_mod, p384_mp_mod);
-            /* t4 = y ^ 0x3ffffff */
-            sp_384_mont_mul_6(t4, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffc000000 */
-            sp_384_mont_sqr_n_6(t2, t4, 30, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffff */
-            sp_384_mont_mul_6(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffff000000000000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 60, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xffffffffffffffffffffffffffffff000000000000000000000000000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 120, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffff8000 */
-            sp_384_mont_sqr_n_6(t2, t1, 15, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-            sp_384_mont_mul_6(t1, t3, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 31, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff */
-            sp_384_mont_mul_6(t1, t4, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffff0 */
-            sp_384_mont_sqr_n_6(t2, t1, 4, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc */
-            sp_384_mont_mul_6(t1, t5, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000 */
-            sp_384_mont_sqr_n_6(t2, t1, 62, p384_mod, p384_mp_mod);
-            /* t1 = y ^ 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000001 */
-            sp_384_mont_mul_6(t1, y, t2, p384_mod, p384_mp_mod);
-            /* t2 = y ^ 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffbfffffffc00000000000000040000000 */
-            sp_384_mont_sqr_n_6(y, t1, 30, p384_mod, p384_mp_mod);
-        }
-    }
-
-    SP_FREE_VAR(t1, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_384(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 6);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 6;
-
-        sp_384_from_mp(x, 6, xm);
-        err = sp_384_mod_mul_norm_6(x, x, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_384_mont_sqr_avx2_6(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_avx2_6(y, y, x, p384_mod, p384_mp_mod);
-        }
-        else
-#endif
-        {
-            sp_384_mont_sqr_6(y, x, p384_mod, p384_mp_mod);
-            sp_384_mont_mul_6(y, y, x, p384_mod, p384_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        sp_384_mont_sub_6(y, y, x, p384_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_384_mod_mul_norm_6(x, p384_b, p384_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_384_mont_add_6(y, y, x, p384_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_384_mont_sqrt_6(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 6, 0, 6U * sizeof(sp_digit));
-        sp_384_mont_reduce_6(y, p384_mod, p384_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_384_mont_sub_6(y, p384_mod, y, p384_mod);
-        }
-
-        err = sp_384_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_384 */
-#ifdef WOLFSSL_SP_521
-
-/* Point structure to use. */
-typedef struct sp_point_521 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 9];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 9];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 9];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_521;
-
-/* The modulus (prime) of the curve P521. */
-static const sp_digit p521_mod[9] = {
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0x00000000000001ffL
-};
-/* The Montgomery normalizer for modulus of the curve P521. */
-static const sp_digit p521_norm_mod[9] = {
-    0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-/* The Montgomery multiplier for modulus of the curve P521. */
-static const sp_digit p521_mp_mod = 0x0000000000000001;
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                            defined(HAVE_ECC_VERIFY)
-/* The order of the curve P521. */
-static const sp_digit p521_order[9] = {
-    0xbb6fb71e91386409L,0x3bb5c9b8899c47aeL,0x7fcc0148f709a5d0L,
-    0x51868783bf2f966bL,0xfffffffffffffffaL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0x00000000000001ffL
-};
-#endif
-#ifndef WC_NO_RNG
-/* The order of the curve P521 minus 2. */
-static const sp_digit p521_order2[9] = {
-    0xbb6fb71e91386407L,0x3bb5c9b8899c47aeL,0x7fcc0148f709a5d0L,
-    0x51868783bf2f966bL,0xfffffffffffffffaL,0xffffffffffffffffL,
-    0xffffffffffffffffL,0xffffffffffffffffL,0x00000000000001ffL
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery normalizer for order of the curve P521. */
-static const sp_digit p521_norm_order[9] = {
-    0x449048e16ec79bf7L,0xc44a36477663b851L,0x8033feb708f65a2fL,
-    0xae79787c40d06994L,0x0000000000000005L,0x0000000000000000L,
-    0x0000000000000000L,0x0000000000000000L,0x0000000000000000L
-};
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* The Montgomery multiplier for order of the curve P521. */
-static const sp_digit p521_mp_order = 0x1d2f5ccd79a995c7L;
-#endif
-#ifdef WOLFSSL_SP_SMALL
-/* The base point of curve P521. */
-static const sp_point_521 p521_base = {
-    /* X ordinate */
-    {
-        0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-#endif /* WOLFSSL_SP_SMALL */
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
-     defined(HAVE_COMP_KEY)
-static const sp_digit p521_b[9] = {
-    0xef451fd46b503f00L,0x3573df883d2c34f1L,0x1652c0bd3bb1bf07L,
-    0x56193951ec7e937bL,0xb8b489918ef109e1L,0xa2da725b99b315f3L,
-    0x929a21a0b68540eeL,0x953eb9618e1c9a1fL,0x0000000000000051L
-};
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mul_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_sqr_9(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_sqr_avx2_9(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_521_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mod_mul_norm_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    (void)m;
-
-    if (r != a) {
-        XMEMCPY(r, a, 9 * sizeof(sp_digit));
-    }
-
-    return MP_OKAY;
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_521.
- *
- * p   Point of type sp_point_521 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_521_point_from_ecc_point_9(sp_point_521* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_521_from_mp(p->x, 9, pm->x);
-    sp_521_from_mp(p->y, 9, pm->y);
-    sp_521_from_mp(p->z, 9, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_521_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (521 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 9);
-        r->used = 9;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 9; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (521 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_521 to type ecc_point.
- *
- * p   Point of type sp_point_521.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_521_point_to_ecc_point_9(const sp_point_521* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_521_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_9(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_9(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Mod-2 for the P521 curve. */
-static const word64 p521_mod_minus_2[9] = {
-    0xfffffffffffffffdU,0xffffffffffffffffU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0x00000000000001ffU
-};
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_9(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_521_mont_mul_9(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-
-    /* 0x2 */
-    sp_521_mont_sqr_9(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_9(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_9(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_9(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_9(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_9(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_9(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_9(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_9(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_9(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_9(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_9(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_521_norm_9(a)
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_521_cond_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_int64 n;
-
-    sp_521_mont_inv_9(t1, p->z, t + 2*9);
-
-    sp_521_mont_sqr_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_9(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_9(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_9(r->x, p521_mod);
-    sp_521_cond_sub_9(r->x, r->x, p521_mod, (sp_digit)~(n >> 63));
-    sp_521_norm_9(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_9(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_9(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_9(r->y, p521_mod);
-    sp_521_cond_sub_9(r->y, r->y, p521_mod, (sp_digit)~(n >> 63));
-    sp_521_norm_9(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_9(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_9(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_9(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_9(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_9(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_9(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_9(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_9(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_9(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_9(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_9(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_9(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_9(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_9(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_9(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_9_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_9_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_9(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_9(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_9(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_9(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_9(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_9(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_9(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_9(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_9(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_9(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_9(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_9(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_9(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t2, b, p521_mod);
-        sp_521_mont_sub_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_9(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_9(t2, b, p521_mod);
-    sp_521_mont_sub_9(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_9(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_9(y, y, p521_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_521_cmp_equal_9(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_521_iszero_9(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_9(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*9;
-    sp_digit* t2 = t + 4*9;
-    sp_digit* t3 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_9(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(t2, t1) &
-            sp_521_cmp_equal_9(t4, t3)) {
-        sp_521_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_9(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(x, x, t5, p521_mod);
-        sp_521_mont_mul_9(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t3, y, p521_mod);
-        sp_521_mont_sub_9(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_9_ctx {
-    int state;
-    sp_521_proj_point_dbl_9_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_9_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_9_ctx* ctx = (sp_521_proj_point_add_9_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*9;
-        ctx->t2 = t + 4*9;
-        ctx->t3 = t + 6*9;
-        ctx->t4 = t + 8*9;
-        ctx->t5 = t + 10*9;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_9(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_9(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_9(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_9(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_9(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_9(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_9(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_9(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_9(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_9(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_9(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_9(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_9(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_9(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_9(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_9(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_9(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_9(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_9(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_9(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_9(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_9(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_9(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
-        const sp_point_521* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<9; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<9; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<9; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(w, w, p521_mod, p521_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_9(t2, b, p521_mod);
-        sp_521_mont_sub_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_9(t1, t1, p521_mod, p521_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, y, t1, p521_mod);
-        /* Y = Y/2 */
-        sp_521_mont_div2_9(r[j].y, y, p521_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
-        sp_point_521* rs, const sp_point_521* p, const sp_point_521* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t1, xa, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_9(t3, t3, ya, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-    /* H = U2 - U1 */
-    sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-    /* RS = S2 + S1 */
-    sp_521_mont_add_9(t6, t4, t3, p521_mod);
-    /* R = S2 - S1 */
-    sp_521_mont_sub_9(t4, t4, t3, p521_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_521_mont_mul_9(za, za, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(za, za, t2, p521_mod, p521_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_521_mont_sqr_9(xa, t4, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(xs, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(ya, t1, t5, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(xa, xa, t5, p521_mod);
-    sp_521_mont_sub_9(xs, xs, t5, p521_mod);
-    sp_521_mont_dbl_9(t1, ya, p521_mod);
-    sp_521_mont_sub_9(xa, xa, t1, p521_mod);
-    sp_521_mont_sub_9(xs, xs, t1, p521_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_9(ya, ya, xa, p521_mod);
-    sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
-    sp_521_sub_9(t6, p521_mod, t6);
-    sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t5, t5, t3, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_9(ya, ya, t5, p521_mod);
-    sp_521_mont_sub_9(ys, ys, t5, p521_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_521 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_521;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_9_6[66] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_9_6[66] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<87; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 6 < 64) {
-            y &= 0x3f;
-            n >>= 6;
-            o += 6;
-        }
-        else if (o + 6 == 64) {
-            n >>= 6;
-            if (++j < 9)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 9) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x3f);
-            o -= 58;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_9_6[y];
-        v[i].neg = recode_neg_9_6[y];
-        carry = (y >> 6) + v[i].neg;
-    }
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_get_point_33_avx2_9(sp_point_521* r, const sp_point_521* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* rt = NULL;
-    sp_point_521* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_521 v[87];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_9(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t[1].y, g->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t[1].z, g->z, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_521_proj_point_dbl_n_store_9(t, &t[ 1], 5, 1, tmp);
-        sp_521_proj_point_add_9(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[ 6], &t[ 3], tmp);
-        sp_521_proj_point_add_sub_9(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[10], &t[ 5], tmp);
-        sp_521_proj_point_add_sub_9(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[12], &t[ 6], tmp);
-        sp_521_proj_point_dbl_9(&t[14], &t[ 7], tmp);
-        sp_521_proj_point_add_sub_9(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[18], &t[ 9], tmp);
-        sp_521_proj_point_add_sub_9(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[20], &t[10], tmp);
-        sp_521_proj_point_dbl_9(&t[22], &t[11], tmp);
-        sp_521_proj_point_add_sub_9(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[24], &t[12], tmp);
-        sp_521_proj_point_dbl_9(&t[26], &t[13], tmp);
-        sp_521_proj_point_add_sub_9(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_521_proj_point_dbl_9(&t[28], &t[14], tmp);
-        sp_521_proj_point_dbl_9(&t[30], &t[15], tmp);
-        sp_521_proj_point_add_sub_9(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_521_ecc_recode_6_9(k, v);
-
-        i = 86;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_33_9(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_521));
-        }
-        for (--i; i>=0; i--) {
-            sp_521_proj_point_dbl_n_9(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_33_9(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_521));
-            }
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_521_proj_point_add_9(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef HAVE_INTEL_AVX2
-#define sp_521_mod_mul_norm_avx2_9 sp_521_mod_mul_norm_9
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_mul_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_sqr_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-#ifndef WOLFSSL_SP_SMALL
-/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * n   Number of times to square.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_521_mont_sqr_n_avx2_9(sp_digit* r,
-    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
-{
-    sp_521_mont_sqr_avx2_9(r, a, m, mp);
-    for (; n > 1; n--) {
-        sp_521_mont_sqr_avx2_9(r, r, m, mp);
-    }
-}
-
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P521 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_521_mont_inv_avx2_9(sp_digit* r, const sp_digit* a, sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_avx2_9(t, t, p521_mod, p521_mp_mod);
-        if (p521_mod_minus_2[i / 64] & ((sp_digit)1 << (i % 64)))
-            sp_521_mont_mul_avx2_9(t, t, a, p521_mod, p521_mp_mod);
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9);
-#else
-    sp_digit* t1 = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-
-    /* 0x2 */
-    sp_521_mont_sqr_avx2_9(t1, a, p521_mod, p521_mp_mod);
-    /* 0x3 */
-    sp_521_mont_mul_avx2_9(t2, t1, a, p521_mod, p521_mp_mod);
-    /* 0x6 */
-    sp_521_mont_sqr_avx2_9(t1, t2, p521_mod, p521_mp_mod);
-    /* 0x7 */
-    sp_521_mont_mul_avx2_9(t3, t1, a, p521_mod, p521_mp_mod);
-    /* 0xc */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0xf */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x78 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 3, p521_mod, p521_mp_mod);
-    /* 0x7f */
-    sp_521_mont_mul_avx2_9(t3, t3, t1, p521_mod, p521_mp_mod);
-    /* 0xf0 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 4, p521_mod, p521_mp_mod);
-    /* 0xff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xff00 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 8, p521_mod, p521_mp_mod);
-    /* 0xffff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffff0000 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 16, p521_mod, p521_mp_mod);
-    /* 0xffffffff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffff00000000 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 32, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffff0000000000000000 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 64, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffff00000000000000000000000000000000 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 128, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 256, p521_mod, p521_mp_mod);
-    /* 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_avx2_9(t2, t2, t1, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80 */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 7, p521_mod, p521_mp_mod);
-    /* 0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff */
-    sp_521_mont_mul_avx2_9(t2, t3, t1, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc */
-    sp_521_mont_sqr_n_avx2_9(t1, t2, 2, p521_mod, p521_mp_mod);
-    /* 0x1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd */
-    sp_521_mont_mul_avx2_9(r, t1, a, p521_mod, p521_mp_mod);
-
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_521_cond_sub_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#define sp_521_mont_reduce_avx2_9    sp_521_mont_reduce_9
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_reduce_order_avx2_9(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_521_map_avx2_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_int64 n;
-
-    sp_521_mont_inv_avx2_9(t1, p->z, t + 2*9);
-
-    sp_521_mont_sqr_avx2_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    /* x /= z^2 */
-    sp_521_mont_mul_avx2_9(r->x, p->x, t2, p521_mod, p521_mp_mod);
-    XMEMSET(r->x + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_avx2_9(r->x, p521_mod, p521_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_521_cmp_9(r->x, p521_mod);
-    sp_521_cond_sub_9(r->x, r->x, p521_mod, (sp_digit)~(n >> 63));
-    sp_521_norm_9(r->x);
-
-    /* y /= z^3 */
-    sp_521_mont_mul_avx2_9(r->y, p->y, t1, p521_mod, p521_mp_mod);
-    XMEMSET(r->y + 9, 0, sizeof(sp_digit) * 9U);
-    sp_521_mont_reduce_avx2_9(r->y, p521_mod, p521_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_521_cmp_9(r->y, p521_mod);
-    sp_521_cond_sub_9(r->y, r->y, p521_mod, (sp_digit)~(n >> 63));
-    sp_521_norm_9(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#define sp_521_mont_add_avx2_9 sp_521_mont_add_9
-#define sp_521_mont_dbl_avx2_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_avx2_9 sp_521_mont_tpl_9
-#define sp_521_mont_sub_avx2_9 sp_521_mont_sub_9
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mont_div2_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_avx2_9(sp_point_521* r, const sp_point_521* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_521_mont_sqr_avx2_9(t1, p->z, p521_mod, p521_mp_mod);
-    /* Z = Y * Z */
-    sp_521_mont_mul_avx2_9(z, p->y, p->z, p521_mod, p521_mp_mod);
-    /* Z = 2Z */
-    sp_521_mont_dbl_avx2_9(z, z, p521_mod);
-    /* T2 = X - T1 */
-    sp_521_mont_sub_avx2_9(t2, p->x, t1, p521_mod);
-    /* T1 = X + T1 */
-    sp_521_mont_add_avx2_9(t1, p->x, t1, p521_mod);
-    /* T2 = T1 * T2 */
-    sp_521_mont_mul_avx2_9(t2, t1, t2, p521_mod, p521_mp_mod);
-    /* T1 = 3T2 */
-    sp_521_mont_tpl_avx2_9(t1, t2, p521_mod);
-    /* Y = 2Y */
-    sp_521_mont_dbl_avx2_9(y, p->y, p521_mod);
-    /* Y = Y * Y */
-    sp_521_mont_sqr_avx2_9(y, y, p521_mod, p521_mp_mod);
-    /* T2 = Y * Y */
-    sp_521_mont_sqr_avx2_9(t2, y, p521_mod, p521_mp_mod);
-    /* T2 = T2/2 */
-    sp_521_mont_div2_avx2_9(t2, t2, p521_mod);
-    /* Y = Y * X */
-    sp_521_mont_mul_avx2_9(y, y, p->x, p521_mod, p521_mp_mod);
-    /* X = T1 * T1 */
-    sp_521_mont_sqr_avx2_9(x, t1, p521_mod, p521_mp_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_avx2_9(x, x, y, p521_mod);
-    /* X = X - Y */
-    sp_521_mont_sub_avx2_9(x, x, y, p521_mod);
-    /* Y = Y - X */
-    sp_521_mont_sub_avx2_9(y, y, x, p521_mod);
-    /* Y = Y * T1 */
-    sp_521_mont_mul_avx2_9(y, y, t1, p521_mod, p521_mp_mod);
-    /* Y = Y - T2 */
-    sp_521_mont_sub_avx2_9(y, y, t2, p521_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_dbl_avx2_9_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_dbl_avx2_9_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-        const sp_point_521* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_dbl_avx2_9_ctx* ctx = (sp_521_proj_point_dbl_avx2_9_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_dbl_avx2_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_521_mont_sqr_avx2_9(ctx->t1, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_521_mont_mul_avx2_9(ctx->z, p->y, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_521_mont_dbl_avx2_9(ctx->z, ctx->z, p521_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_521_mont_sub_avx2_9(ctx->t2, p->x, ctx->t1, p521_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_521_mont_add_avx2_9(ctx->t1, p->x, ctx->t1, p521_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_521_mont_mul_avx2_9(ctx->t2, ctx->t1, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_521_mont_tpl_avx2_9(ctx->t1, ctx->t2, p521_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_521_mont_dbl_avx2_9(ctx->y, p->y, p521_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_521_mont_sqr_avx2_9(ctx->y, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_521_mont_sqr_avx2_9(ctx->t2, ctx->y, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_521_mont_div2_avx2_9(ctx->t2, ctx->t2, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_521_mont_mul_avx2_9(ctx->y, ctx->y, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_521_mont_sqr_avx2_9(ctx->x, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_521_mont_sub_avx2_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_521_mont_sub_avx2_9(ctx->x, ctx->x, ctx->y, p521_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_521_mont_mul_avx2_9(ctx->y, ctx->y, ctx->t1, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->t2, p521_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_avx2_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_avx2_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_avx2_9(w, w, p521_mod, p521_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_avx2_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
-        sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_avx2_9(z, z, y, p521_mod, p521_mp_mod);
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_avx2_9(t1, t1, p521_mod, p521_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_avx2_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_avx2_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
-    /* B = X*Y^2 */
-    sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
-    /* X = A^2 - 2B */
-    sp_521_mont_sqr_avx2_9(x, a, p521_mod, p521_mp_mod);
-    sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
-    sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
-    /* B = 2.(B - X) */
-    sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
-    /* Z = Z*Y */
-    sp_521_mont_mul_avx2_9(z, z, y, p521_mod, p521_mp_mod);
-    /* t1 = Y^4 */
-    sp_521_mont_sqr_avx2_9(t1, t1, p521_mod, p521_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_521_mont_mul_avx2_9(y, b, a, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_521_mont_div2_avx2_9(y, y, p521_mod);
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
-        const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*9;
-    sp_digit* t2 = t + 4*9;
-    sp_digit* t3 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_avx2_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t1, t1, p->x, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_avx2_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_avx2_9(t3, t3, p->y, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_avx2_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(t2, t1) &
-            sp_521_cmp_equal_9(t4, t3)) {
-        sp_521_proj_point_dbl_avx2_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
-        /* R = S2 - S1 */
-        sp_521_mont_sub_avx2_9(t4, t4, t3, p521_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_avx2_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(y, t1, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_avx2_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(z, z, q->z, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_avx2_9(x, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(x, x, t5, p521_mod);
-        sp_521_mont_mul_avx2_9(t5, t5, t3, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_avx2_9(t3, y, p521_mod);
-        sp_521_mont_sub_avx2_9(x, x, t3, p521_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_avx2_9(y, y, x, p521_mod);
-        sp_521_mont_mul_avx2_9(y, y, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(y, y, t5, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_proj_point_add_avx2_9_ctx {
-    int state;
-    sp_521_proj_point_dbl_avx2_9_ctx dbl_ctx;
-    const sp_point_521* ap[2];
-    sp_point_521* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_521_proj_point_add_avx2_9_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_proj_point_add_avx2_9_ctx* ctx = (sp_521_proj_point_add_avx2_9_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_521* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_521_proj_point_add_avx2_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*9;
-        ctx->t2 = t + 4*9;
-        ctx->t3 = t + 6*9;
-        ctx->t4 = t + 8*9;
-        ctx->t5 = t + 10*9;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_521_mont_sqr_avx2_9(ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_521_mont_mul_avx2_9(ctx->t3, ctx->t1, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_521_mont_mul_avx2_9(ctx->t1, ctx->t1, p->x, p521_mod, p521_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_521_mont_sqr_avx2_9(ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_521_mont_mul_avx2_9(ctx->t4, ctx->t2, p->z, p521_mod, p521_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_521_mont_mul_avx2_9(ctx->t2, ctx->t2, q->x, p521_mod, p521_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_521_mont_mul_avx2_9(ctx->t3, ctx->t3, p->y, p521_mod, p521_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_521_mont_mul_avx2_9(ctx->t4, ctx->t4, q->y, p521_mod, p521_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_521_cmp_equal_9(ctx->t2, ctx->t1) &
-                sp_521_cmp_equal_9(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_521_proj_point_dbl_avx2_9(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_521_mont_sub_avx2_9(ctx->t2, ctx->t2, ctx->t1, p521_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_521_mont_sub_avx2_9(ctx->t4, ctx->t4, ctx->t3, p521_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_521_mont_sqr_avx2_9(ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_521_mont_mul_avx2_9(ctx->y, ctx->t1, ctx->t5, p521_mod, p521_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_521_mont_mul_avx2_9(ctx->t5, ctx->t5, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_521_mont_mul_avx2_9(ctx->z, p->z, ctx->t2, p521_mod, p521_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_521_mont_mul_avx2_9(ctx->z, ctx->z, q->z, p521_mod, p521_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_521_mont_sqr_avx2_9(ctx->x, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_521_mont_sub_avx2_9(ctx->x, ctx->x, ctx->t5, p521_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_521_mont_mul_avx2_9(ctx->t5, ctx->t5, ctx->t3, p521_mod, p521_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_521_mont_dbl_avx2_9(ctx->t3, ctx->y, p521_mod);
-        sp_521_mont_sub_avx2_9(ctx->x, ctx->x, ctx->t3, p521_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_521_mont_mul_avx2_9(ctx->y, ctx->y, ctx->t4, p521_mod, p521_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->t5, p521_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
-        const sp_point_521* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*9;
-    sp_digit* b = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t2 = t + 8*9;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<9; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<9; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<9; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_521_mont_dbl_avx2_9(y, y, p521_mod);
-    /* W = Z^4 */
-    sp_521_mont_sqr_avx2_9(w, z, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_avx2_9(w, w, p521_mod, p521_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
-        /* B = X*Y^2 */
-        sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_521_mont_sqr_avx2_9(x, a, p521_mod, p521_mp_mod);
-        sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
-        sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
-        /* B = 2.(B - X) */
-        sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
-        /* Z = Z*Y */
-        sp_521_mont_mul_avx2_9(r[j].z, z, y, p521_mod, p521_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_521_mont_sqr_avx2_9(t1, t1, p521_mod, p521_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_521_mont_mul_avx2_9(w, w, t1, p521_mod, p521_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_521_mont_mul_avx2_9(y, b, a, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
-        /* Y = Y/2 */
-        sp_521_mont_div2_avx2_9(r[j].y, y, p521_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_521_proj_point_add_sub_avx2_9(sp_point_521* ra,
-        sp_point_521* rs, const sp_point_521* p, const sp_point_521* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_521_mont_sqr_avx2_9(t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t3, t1, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t1, t1, xa, p521_mod, p521_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_avx2_9(t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t4, t2, za, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_521_mont_mul_avx2_9(t3, t3, ya, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_avx2_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-    /* H = U2 - U1 */
-    sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
-    /* RS = S2 + S1 */
-    sp_521_mont_add_avx2_9(t6, t4, t3, p521_mod);
-    /* R = S2 - S1 */
-    sp_521_mont_sub_avx2_9(t4, t4, t3, p521_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_521_mont_mul_avx2_9(za, za, q->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(za, za, t2, p521_mod, p521_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_521_mont_sqr_avx2_9(xa, t4, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_avx2_9(xs, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_sqr_avx2_9(t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(ya, t1, t5, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t5, t5, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_avx2_9(xa, xa, t5, p521_mod);
-    sp_521_mont_sub_avx2_9(xs, xs, t5, p521_mod);
-    sp_521_mont_dbl_avx2_9(t1, ya, p521_mod);
-    sp_521_mont_sub_avx2_9(xa, xa, t1, p521_mod);
-    sp_521_mont_sub_avx2_9(xs, xs, t1, p521_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_avx2_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_avx2_9(ya, ya, xa, p521_mod);
-    sp_521_mont_mul_avx2_9(ya, ya, t4, p521_mod, p521_mp_mod);
-    sp_521_sub_9(t6, p521_mod, t6);
-    sp_521_mont_mul_avx2_9(ys, ys, t6, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t5, t5, t3, p521_mod, p521_mp_mod);
-    sp_521_mont_sub_avx2_9(ya, ya, t5, p521_mod);
-    sp_521_mont_sub_avx2_9(ys, ys, t5, p521_mod);
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 6 bits. (Add-Sub variation.)
- * Calculate 0..32 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_win_add_sub_avx2_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 33+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* rt = NULL;
-    sp_point_521* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_521 v[87];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 33+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 33;
-        p  = t + 33+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_521_mod_mul_norm_avx2_9(t[1].x, g->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_avx2_9(t[1].y, g->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_avx2_9(t[1].z, g->z, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[32]  */
-        sp_521_proj_point_dbl_n_store_avx2_9(t, &t[ 1], 5, 1, tmp);
-        sp_521_proj_point_add_avx2_9(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[ 6], &t[ 3], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[10], &t[ 5], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[12], &t[ 6], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[14], &t[ 7], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[18], &t[ 9], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[20], &t[10], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[22], &t[11], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[24], &t[12], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[26], &t[13], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[28], &t[14], tmp);
-        sp_521_proj_point_dbl_avx2_9(&t[30], &t[15], tmp);
-        sp_521_proj_point_add_sub_avx2_9(&t[31], &t[29], &t[30], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_521_ecc_recode_6_9(k, v);
-
-        i = 86;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_point_33_avx2_9(rt, t, v[i].i);
-            rt->infinity = !v[i].i;
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_521));
-        }
-        for (--i; i>=0; i--) {
-            sp_521_proj_point_dbl_n_avx2_9(rt, 6, tmp);
-
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_point_33_avx2_9(p, t, v[i].i);
-                p->infinity = !v[i].i;
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p, &t[v[i].i], sizeof(sp_point_521));
-            }
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_521_proj_point_add_avx2_9(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_521_map_avx2_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_521 {
-    sp_digit x[9];
-    sp_digit y[9];
-} sp_table_entry_521;
-
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*9;
-    sp_digit* t6 = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(p->x, t2) &
-            sp_521_cmp_equal_9(p->y, t4)) {
-        sp_521_proj_point_dbl_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_9(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_9(t5, t3, p521_mod);
-        sp_521_mont_sub_9(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_9(t3, t3, x, p521_mod);
-        sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_9(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 9;
-    sp_digit* tmp = t + 4 * 9;
-
-    sp_521_mont_inv_9(t1, a->z, tmp);
-
-    sp_521_mont_sqr_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_9(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_9(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 86 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_9(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_9(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_9(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_9(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_521_proj_point_dbl_n_9(t, 87, tmp);
-            sp_521_proj_to_affine_9(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_9(t, s1, s2, tmp);
-                sp_521_proj_to_affine_9(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_get_entry_64_9(sp_point_521* r, const sp_table_entry_521* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_get_entry_64_avx2_9(sp_point_521* r, const sp_table_entry_521* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^86, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 86;
-        for (j=0; j<6 && x<521; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 87;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_64_9(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=85; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6 && x<521; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 87;
-            }
-
-            sp_521_proj_point_dbl_9(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_64_9(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_9(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_9(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_521_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[9];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[9];
-    /* Precomputation table for point. */
-    sp_table_entry_521 table[64];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_521_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_521_t sp_cache_521[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_521_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_521_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_521 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_521_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_521_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_521_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_521[i].set = 0;
-        }
-        sp_cache_521_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_521[i].set)
-            continue;
-
-        if (sp_521_cmp_equal_9(g->x, sp_cache_521[i].x) &
-                           sp_521_cmp_equal_9(g->y, sp_cache_521[i].y)) {
-            sp_cache_521[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_521_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_521_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_521[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_521_last) {
-            least = sp_cache_521[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_521[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_521[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_521[i].x, g->x, sizeof(sp_cache_521[i].x));
-        XMEMCPY(sp_cache_521[i].y, g->y, sizeof(sp_cache_521[i].y));
-        sp_cache_521[i].set = 1;
-        sp_cache_521[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_521[i];
-    sp_cache_521_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_9(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_9(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#ifdef HAVE_INTEL_AVX2
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
-    const sp_point_521* p, const sp_point_521* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*9;
-    sp_digit* t6 = t + 4*9;
-    sp_digit* t1 = t + 6*9;
-    sp_digit* t4 = t + 8*9;
-    sp_digit* t5 = t + 10*9;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_521_mont_sqr_avx2_9(t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t4, t2, p->z, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t2, t2, q->x, p521_mod, p521_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_521_mont_mul_avx2_9(t4, t4, q->y, p521_mod, p521_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_521_cmp_equal_9(p->x, t2) &
-            sp_521_cmp_equal_9(p->y, t4)) {
-        sp_521_proj_point_dbl_avx2_9(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_521_mont_sub_avx2_9(t2, t2, p->x, p521_mod);
-        /* R = S2 - Y1 */
-        sp_521_mont_sub_avx2_9(t4, t4, p->y, p521_mod);
-        /* Z3 = H*Z1 */
-        sp_521_mont_mul_avx2_9(z, p->z, t2, p521_mod, p521_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_avx2_9(t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t3, p->x, t1, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t1, t1, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_avx2_9(t2, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
-        sp_521_mont_dbl_avx2_9(t5, t3, p521_mod);
-        sp_521_mont_sub_avx2_9(x, t2, t5, p521_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_avx2_9(t3, t3, x, p521_mod);
-        sp_521_mont_mul_avx2_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t1, t1, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(y, t3, t1, p521_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 9; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 9; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef FP_ECC
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_521_proj_to_affine_avx2_9(sp_point_521* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 9;
-    sp_digit* tmp = t + 4 * 9;
-
-    sp_521_mont_inv_avx2_9(t1, a->z, tmp);
-
-    sp_521_mont_sqr_avx2_9(t2, t1, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(t1, t2, t1, p521_mod, p521_mp_mod);
-
-    sp_521_mont_mul_avx2_9(a->x, a->x, t2, p521_mod, p521_mp_mod);
-    sp_521_mont_mul_avx2_9(a->y, a->y, t1, p521_mod, p521_mp_mod);
-    XMEMCPY(a->z, p521_norm_mod, sizeof(p521_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 6
- * 64 entries
- * 86 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_521_gen_stripe_table_avx2_9(const sp_point_521* a,
-        sp_table_entry_521* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, t, 3);
-    sp_point_521* s1 = NULL;
-    sp_point_521* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_521, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_521_mod_mul_norm_avx2_9(t->x, a->x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_avx2_9(t->y, a->y, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_mod_mul_norm_avx2_9(t->z, a->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_521_proj_to_affine_avx2_9(t, tmp);
-
-        XMEMCPY(s1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p521_norm_mod, sizeof(p521_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_521));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<6; i++) {
-            sp_521_proj_point_dbl_n_avx2_9(t, 87, tmp);
-            sp_521_proj_to_affine_avx2_9(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<6; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_521_proj_point_add_qz1_avx2_9(t, s1, s2, tmp);
-                sp_521_proj_to_affine_avx2_9(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC */
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^86, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_stripe_avx2_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        y = 0;
-        x = 86;
-        for (j=0; j<6 && x<521; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 87;
-        }
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_64_avx2_9(rt, table, y);
-        } else
-    #endif
-        {
-            XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        }
-        rt->infinity = !y;
-        for (i=85; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<6 && x<521; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 87;
-            }
-
-            sp_521_proj_point_dbl_avx2_9(rt, rt, t);
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_64_avx2_9(p, table, y);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-                XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            }
-            p->infinity = !y;
-            sp_521_proj_point_add_qz1_avx2_9(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_521_map_avx2_9(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_521_ecc_mulmod_win_add_sub_avx2_9(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_cache_521_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_521 == 0) {
-            wc_InitMutex(&sp_cache_521_lock);
-            initCacheMutex_521 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_521_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_521(g, &cache);
-        if (cache->cnt == 2)
-            sp_521_gen_stripe_table_avx2_9(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_521_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_521_ecc_mulmod_win_add_sub_avx2_9(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_521_ecc_mulmod_stripe_avx2_9(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(point, gm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_avx2_9(point, point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_9(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the point by the scalar, add point a and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * p       Point to multiply.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
-    const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(point, gm);
-        sp_521_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_avx2_9(point, point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_9(point, point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_proj_point_add_avx2_9(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_521_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_521_map_avx2_9(point, point, tmp);
-            }
-            else
-#endif
-                sp_521_map_9(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Striping precomputation table.
- * 6 points combined into a table of 64 points.
- * Distance of 87 between points.
- */
-static const sp_table_entry_521 p521_table[64] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L },
-      { 0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L } },
-    /* 2 */
-    { { 0xb4c52f11f3d7286aL,0xec47cb5cbbf67a41L,0x89d3382eaafb10a4L,
-        0x4afd876806222b90L,0xfa16b295feb5416dL,0x0946f9d45d095b7cL,
-        0x18526b28ff975e3dL,0x259cec2fb2f1c609L,0x0000000000000104L },
-      { 0x545642a062e36127L,0xc3e4c6f71c38e6f5L,0x1d0e02c41bf9d6c4L,
-        0x8a7a6fb6483ba43dL,0x7104aee9cf390b9cL,0x4acdccdf2578e2fbL,
-        0xc17af6df73b3feb4L,0x2fb789d77977fa95L,0x00000000000001d6L } },
-    /* 3 */
-    { { 0xdae82f27eb2db12fL,0x675f5cdb25444b98L,0x3234752e78288513L,
-        0x53e37a78730f5769L,0xabad04dadcecd88dL,0x29d87958f3098a34L,
-        0x00567f1a50cb0363L,0x400b67853878a6f6L,0x0000000000000183L },
-      { 0xba3b00c422d2d58aL,0x06c351857b0e93d5L,0x78810249545fa63dL,
-        0x1d72e7923a6be922L,0xe38827919e285f6fL,0x3212ca84b33128efL,
-        0x41640a1022acf93dL,0xbf1819691f33c6e9L,0x00000000000001beL } },
-    /* 4 */
-    { { 0x0cfa67a640b0a066L,0xe97c179e8057a710L,0xb69d285227cce600L,
-        0xf7dde8c5419687d1L,0xdbcb15185d5b039eL,0x3e47772fd99abbe0L,
-        0x71c9c23ab2a9c6a0L,0x5af10b9b94496951L,0x0000000000000152L },
-      { 0x0f96137f2c91f83aL,0x1f743fa449f15b33L,0xd43b3ec0ccb4c1b1L,
-        0x895a3be3cfeea9b0L,0x27c3b4959eefee4dL,0xf1b4212712e344eeL,
-        0x023afa76ff929c1eL,0x3078097686d07325L,0x0000000000000166L } },
-    /* 5 */
-    { { 0x36005a37c7b848a0L,0xbac203eee032cc07L,0x8d20246ee4c229c4L,
-        0x13b8b0f97b7f6b06L,0x0223a119e13c7b1dL,0xa91307c053c2e32aL,
-        0xce595e9f3536fe07L,0xc2a2efbc8489551dL,0x0000000000000019L },
-      { 0xed22e7b467081afdL,0xda1c5f3c81df2676L,0x48f406480ad04de0L,
-        0x8d7720d1f7391873L,0x111178cb13448f78L,0x39087943ea49e233L,
-        0x692f712c73d8d101L,0xca20ab46f4e7e521L,0x000000000000005aL } },
-    /* 6 */
-    { { 0xfd0c67177af706c0L,0xc500416552ebdf4aL,0x332675708ff0bf03L,
-        0x3f282dddd2cdcf58L,0x93b60398bf766c2fL,0x124f1fd970748a8cL,
-        0x05422ecb20ef5badL,0x9fef00a63eafb2dcL,0x00000000000001d8L },
-      { 0xcd2d1f04e4d1ae24L,0x099afd68e44bae9aL,0x669b9ba3a4880b2aL,
-        0x5608536cab513fcbL,0xfd7de6a330d8ace2L,0xebc44b8deb95e59eL,
-        0x2302405e64969883L,0xbea96ff09b276f35L,0x00000000000001b6L } },
-    /* 7 */
-    { { 0xa7b7271a71b90b8cL,0xbdc1bcdad12ca22aL,0x52a5f2901f10a310L,
-        0xf5c070c0f420fb28L,0xdd09d3a5f099a78fL,0xaf60cbbe3914e826L,
-        0xeac320c9a914d69fL,0x78bc962dfd5ba85dL,0x00000000000001c0L },
-      { 0xf69575cebe45049dL,0x418d09354958daccL,0x142da6f236c0f076L,
-        0x51d23cfba83dfce7L,0x2df0421809714d01L,0x1260496a9ecec18dL,
-        0xb4317aa1f700b1adL,0x86174a20cd86c341L,0x000000000000016cL } },
-    /* 8 */
-    { { 0xc2453d609102b570L,0x70840e5c142c3e23L,0x7294b1f1c30037d9L,
-        0xa2500f121dbf5ab6L,0x03eceb67c9c8ee6eL,0xa19c319330820abbL,
-        0x7aad59e87da6b820L,0xe97823f8c38d842fL,0x000000000000006dL },
-      { 0xce5bb75ea7b6bb9eL,0x9090358d569c9eddL,0xa8b5ec369cd0c065L,
-        0xb2b5ac1cf81c82b8L,0x8feb364c3ffceb86L,0x355ed9ecdf4f9f7eL,
-        0x6f2efe425ce12ff4L,0xb23168780155070dL,0x0000000000000035L } },
-    /* 9 */
-    { { 0x5ba6aa8d478bab98L,0x849ddc2dbcf097c4L,0x67f6f4b274b08601L,
-        0xb15c438fe3acbdacL,0x0bcd49256ee2c337L,0xd15facb9b3085e64L,
-        0xc8e919dcf4d1b708L,0x6eed3e36e1fae449L,0x000000000000000aL },
-      { 0x5103486e84926700L,0x1c6b82b28fef959eL,0xb309fe2355b9fa8dL,
-        0xdb35d40e4b8579efL,0xad5288e08145279aL,0x92b15dbc4ba26317L,
-        0xda42d33ed9838c28L,0xd13ae9ba313a0399L,0x0000000000000047L } },
-    /* 10 */
-    { { 0xe2fa0b39d0851f6aL,0x2f7f00e5263539c6L,0x46a066b81f107130L,
-        0xe7cc14f87dbe9579L,0x61f1e5c2d0607b55L,0x539a9c4d07a4c0b8L,
-        0x9b6893829fdc8d6fL,0x684725a9847245fcL,0x0000000000000020L },
-      { 0x98dd1588d9de1e07L,0xbe9ed1154f6dc491L,0xd4605724f2b85d2bL,
-        0xf94da3ba93aa2d3fL,0x81229b618d489608L,0xb7e6a31ed9eaf52cL,
-        0x787d526dab03e098L,0xc16ee426e5b06c1bL,0x0000000000000171L } },
-    /* 11 */
-    { { 0xa732fe002dcd1035L,0x034d6ff8da1f6ee4L,0x2103d3e5097d7909L,
-        0xcc496507dfbec358L,0x27044faeef335708L,0xf685e6bffe9be99aL,
-        0x57b8c6c406aababdL,0xb8e751f6a901830cL,0x000000000000011bL },
-      { 0x87101fab8e15a6b9L,0xf5ad21a11a270874L,0x5d9a90506e900902L,
-        0x15a2f5a1d7fe9a86L,0x7ba4fb21dce37de8L,0x7751df45ff07bfb9L,
-        0x12089b6202345c0bL,0x46f675ec6a9ace86L,0x000000000000006dL } },
-    /* 12 */
-    { { 0x689a234ba08e3299L,0x941f6f05c4cf87aaL,0x3a98121b9ffdcb65L,
-        0x3252b8481623b72cL,0x65f531b5c6bae311L,0x4c5005a1c383df2cL,
-        0x13c011795826c457L,0x90ea82a2ee3b03deL,0x00000000000001d3L },
-      { 0x582b79258c0a1261L,0x859c8a11788ba98eL,0x693c1e149a3ad4f7L,
-        0xd3f4b8032d62063cL,0x6affccfa0ddc5607L,0x63a3cd821eb6c797L,
-        0xa94ce4ae6fb0c290L,0xce9479c1612cf5d1L,0x0000000000000190L } },
-    /* 13 */
-    { { 0x4ab1603c78f459e6L,0x7d9af2dc6a84373eL,0x2d2be036159a9a40L,
-        0x82371e3d509c38ecL,0x82188bf292f079b7L,0xd74b82801e82e017L,
-        0x4041778a6b59bbfaL,0x40cf824ab8d4f9a7L,0x000000000000005dL },
-      { 0xf9f79e729bc88c1eL,0x8459190a77e9ceb8L,0xdcb44b726a41a19dL,
-        0xe30dbe8ce243350bL,0xa168a6a9f3adebc1L,0x421fdb0c48e22f81L,
-        0x3cc1d22a9b601ed1L,0x226ef6f6d2b564c0L,0x0000000000000170L } },
-    /* 14 */
-    { { 0x0eedf7150a80f0b9L,0x7f78ee5beb322905L,0x15d5375783498544L,
-        0xff081204b66d249aL,0xb95434862bd0d1fcL,0x6404f1321899b952L,
-        0x1de3aa0ccdd8789cL,0x8b6f01381a7153a4L,0x00000000000001beL },
-      { 0x12d645e1fe536313L,0x14f4969e373af74bL,0xa56f032a30d498ccL,
-        0xf30e4fe50a666b8cL,0xfb42284e3fb31a5eL,0x065215a7efba6b77L,
-        0x217ca76c6fa31b46L,0x13a6f6f91fc38bfdL,0x0000000000000007L } },
-    /* 15 */
-    { { 0x5141181078303dc6L,0x93d1836de01c1d96L,0x98046c2ff50b037bL,
-        0xeb3a5b31fcd53e6cL,0x3976f8fefb2f8250L,0xd193f5369cda2685L,
-        0xc609817dd26ee74cL,0xeea2244858f903d3L,0x00000000000000e9L },
-      { 0xc4f3956b8e0c791bL,0x68cf3903875c10f4L,0x3ff4a407c1f7f0adL,
-        0x3672c4658902e832L,0xdf5d0b6796ea88b4L,0x68df74bda86075a8L,
-        0xe6d2d0675071e56eL,0x8c7fb077c7e5fcd5L,0x00000000000001f1L } },
-    /* 16 */
-    { { 0x1e2df23635210df1L,0x387b5c569aace566L,0xdd8152c9ee401323L,
-        0x56fe9ec99cac0076L,0x88ed7fc1e1a9f782L,0x6551487d681f0428L,
-        0xeaacc10197689006L,0x626bcad13b7e7fe6L,0x000000000000015eL },
-      { 0xe1b3574a7acb23caL,0xadda7c9e3636a1c2L,0xfc998cf89f3d947cL,
-        0x38ee4df41ba0511bL,0x1f40cc1403e4694bL,0xccecf4e0800fb6d9L,
-        0x021f708ae1665d06L,0x2bcd7975c492d329L,0x0000000000000063L } },
-    /* 17 */
-    { { 0x66bd9a0dcd698697L,0x0e7d8559bbbc1758L,0xe072a980ac76a88dL,
-        0x3cf9af4de2c17874L,0x85b24bc4748e97adL,0xe5522faff3f6d8eaL,
-        0x60ed43eecef45795L,0x1859fd20de38467dL,0x00000000000001d7L },
-      { 0xe62c76b958e8181cL,0x3731bcc7fee454edL,0x2cb0b570ee89f8f5L,
-        0x0a38b9539a262283L,0x46887e748c19a774L,0x1dbea5dae80adab4L,
-        0x09fb720cb1f75c90L,0x91e0b746e723e278L,0x00000000000001c5L } },
-    /* 18 */
-    { { 0x6fa722771bac59f3L,0x72358865520791adL,0x8da1c8c4e32463d8L,
-        0xe0e75863d41001a5L,0xcea164f748e602dbL,0x93cb5f21cc294cfeL,
-        0x28a3168a941cbefaL,0x018fff3bab807177L,0x00000000000001e0L },
-      { 0x3da709346a145377L,0x1fb17f7fd16e2b7cL,0xef6432fcc0469077L,
-        0x62a59a97d6660f5eL,0x8ddc75505e2a0275L,0x2e65b1f75b88dce7L,
-        0x0f4283da066f2c44L,0x561b9e15ce4b84a2L,0x00000000000000ceL } },
-    /* 19 */
-    { { 0x728e1148bdbc363aL,0xdfbf9e0bf7a1bbabL,0xd6fcfc8fa2e12868L,
-        0x3969e7e50a19fe81L,0xf104d3bef512cd5eL,0x9879c459810da8f5L,
-        0xad31c365924bf3a3L,0xb2e2d4914d4fb575L,0x0000000000000151L },
-      { 0x330d4d1d79410972L,0x7e6ef2a0ba1831bbL,0xa18cc9af4f4d5b93L,
-        0x29d8de68069c9948L,0xb8bc009db5e104a0L,0x4237d3728d929561L,
-        0xa126a4e8a2274babL,0x85ba9fcba99c454fL,0x00000000000000cbL } },
-    /* 20 */
-    { { 0x954376cee18bd1d3L,0x350613fc9c8e4d95L,0xa60d595673323968L,
-        0x4f6ac836a044cdbcL,0xf38d747b881b8e40L,0x79f7faf00426afe2L,
-        0xf6e7403d2ae12787L,0x721445a6726ae667L,0x0000000000000141L },
-      { 0x9e0d2f66306787cbL,0xe2e3c834fce146f5L,0x4b62143f2fdbe2b4L,
-        0x19dab7745acb5238L,0xee46bfcd7e138359L,0x29dbfa6675966b0fL,
-        0xcde19c032d601936L,0xf7daf7b4f2aa4f6fL,0x000000000000019cL } },
-    /* 21 */
-    { { 0x55a5e8f4641b7e08L,0xe1e589f3caa920f7L,0x07b90ad9abfced83L,
-        0x05ff78cd7c466f08L,0x2020ab945a71ab69L,0xd3ad1f5787ee2ec2L,
-        0x078ba17efb3d4c91L,0xcf3753ba8607cf69L,0x0000000000000138L },
-      { 0xb5e391e2b9b22600L,0xd20b3d088454c979L,0x4c9945642f77a85dL,
-        0x972896db1f169687L,0xd3554fa2ff8d2b83L,0x57123d99bd48e671L,
-        0x1266b6b9da59843fL,0x633ff4df9241786dL,0x000000000000011fL } },
-    /* 22 */
-    { { 0x071492bba1e06f89L,0x6f3f72de734cc62aL,0xb50a11309d477637L,
-        0x5f6b0546a5ce54f0L,0xc1cde769698626edL,0xe43af79564ade3d0L,
-        0x3067161797a20d2bL,0xdf5821678c48495bL,0x0000000000000129L },
-      { 0x544a65284790d91fL,0xf71c90983f2924bdL,0xd5adb1d63e5c39e1L,
-        0xeba20528d8cacd81L,0xac72518ac728e735L,0x789a0bdf565cc9a0L,
-        0x4b320c80c922bce2L,0x99b26c84e458f8adL,0x0000000000000138L } },
-    /* 23 */
-    { { 0x2fdf67bf4f6f867eL,0x56f6ea005f1e2bf2L,0xa7d7c0d8896ab990L,
-        0x589102a023329acbL,0xbb8b6a64156a7f42L,0xfbb556a95882578aL,
-        0xa82481cc609250ddL,0x573e51d9daad3d36L,0x000000000000005dL },
-      { 0x7e2ede0bb08ffeecL,0xa37176acefbed279L,0x5acafeac0b72e855L,
-        0x4c7c3ce3fcc75badL,0x2fc0939bb9a704a1L,0x6bf0c5328e4b4841L,
-        0x5b72f1f2c10742b0L,0xaa62d2889c54371eL,0x00000000000001c1L } },
-    /* 24 */
-    { { 0xd3a8c547c7d40b83L,0xd9fd110285002a83L,0x4bd9516c97f61840L,
-        0x8c628537448c4851L,0x5cae5aa1c90925adL,0x356195c572319740L,
-        0x8cb6e19ba2b5be38L,0x68626a4b6d9c8c33L,0x00000000000001c5L },
-      { 0xa0c846a9ed58b48cL,0xebe6013ae2590d05L,0x60c5d677da2fc481L,
-        0xb6a0897b9252e895L,0xb84595be218bf72dL,0xf1c527960dd1b9b1L,
-        0x3f1583a86d38442aL,0xcda593dec4de5fdfL,0x000000000000010aL } },
-    /* 25 */
-    { { 0xdb0fa258898a19c2L,0x26346630974ccc01L,0x135ec9db1f1e6a83L,
-        0x9bac9c9bff494d1bL,0x78d21ad4f24be4d7L,0x3249c89f61e8dacdL,
-        0x528df6852df2cb51L,0x4f0ec6792ccdc5b7L,0x00000000000001dbL },
-      { 0x789f22f80f551d73L,0x42ec3257e7ba5676L,0x3f52c4094cc69a65L,
-        0xafdd277df46f1eb6L,0xaead8379ec161194L,0xdc657d191f924e46L,
-        0xe43263451578ff09L,0x4750da5878d091bfL,0x0000000000000173L } },
-    /* 26 */
-    { { 0xdf886f2283fe19b9L,0x740586885dba4f8eL,0x3c04af37a13f8dc7L,
-        0x21771e2b3b99dcbcL,0x1e77950d55c5b6a7L,0x20a6975b1b1338e1L,
-        0x4956e06bd276d114L,0x56686808b0d3b14cL,0x000000000000016cL },
-      { 0x08f3f2a25182063fL,0xdea422b775992149L,0x845260b0d5cd158cL,
-        0x6e0768e07c353c5aL,0x5718a1c23afa81caL,0x522f094d3ca2a17cL,
-        0x96a361f77d93ebfdL,0x75c32db595c76942L,0x0000000000000095L } },
-    /* 27 */
-    { { 0x953bb441f640de23L,0x5d35f0a9e1e08dc6L,0x323a1bcc7bbad4e6L,
-        0x4dc31447742e5ad0L,0xca0e8e15068bf07dL,0xfc317d5097ebd2b5L,
-        0xf5447997db4c9342L,0xf98a3ac80ba0a29cL,0x0000000000000061L },
-      { 0x4ccb1f249e925079L,0x97af5a3dc5c916d3L,0x7ef650a8e497e318L,
-        0x0d49927842975745L,0xcf328ffb2462eba5L,0x8ee8e88f6e360cf3L,
-        0xe15c3f8dc77cd3c2L,0x5ab87910736a646aL,0x00000000000001cbL } },
-    /* 28 */
-    { { 0xa2d5fdb981e3d610L,0x0127b05c456ddf1cL,0x29e247d9bd5bd8a4L,
-        0x5758d126f5959d68L,0x9b0fb7fb2b28eb19L,0x1d8aa23a1d312140L,
-        0xf8b9e467281b4d2cL,0xea57464cda959b8fL,0x0000000000000028L },
-      { 0x8e118540a87d4633L,0x3af88a0815200b8cL,0xca1806b488f790e1L,
-        0x605032a919cd9554L,0xf671627867d0cefdL,0xb58e8671d1676085L,
-        0x51098dc308decf4cL,0x5a6cb932a50e312dL,0x00000000000001fbL } },
-    /* 29 */
-    { { 0xa15c4a20a5eff951L,0x1baa735b49f4f32fL,0xab53ad000feaf2c6L,
-        0x354c2bc4ed66b803L,0x587fd2379ac12f3aL,0x3837c9643881a729L,
-        0x1d8bd95b9f6c3bbeL,0x237ed2d808d914b6L,0x000000000000001cL },
-      { 0xcde7b0d13de67115L,0xe645422dec23815bL,0x286703896b445b51L,
-        0x11be335a80ae2784L,0x9185d3df1a64b6e3L,0xa0ccbdd0ba228c67L,
-        0x6bc79dff3a013cf7L,0x229f4e59b464c70cL,0x0000000000000185L } },
-    /* 30 */
-    { { 0x3f621de51cf1a11fL,0x18b004fd0658152dL,0x1bc8a9455df479b5L,
-        0x901719473da586acL,0x06fe325baa2f052fL,0x4a2fc982b6323a69L,
-        0xa975e8bcd4f0b34cL,0xfe3f271914ed1d56L,0x000000000000001fL },
-      { 0xeb6045d192f826d9L,0xbd7c962e5facf02fL,0x87a5cfbd35fa1278L,
-        0xfd1ff1cbdeda7159L,0x1b0f6638a1287202L,0x861e7cbae1fcd5deL,
-        0x33709b6bb9822a98L,0x171b15ba8b2ae55dL,0x0000000000000130L } },
-    /* 31 */
-    { { 0xb7f2a894410a34a1L,0xca6d4597f0e4d4f6L,0x84c4a0fe6d4d1f8fL,
-        0x42d465bb405c281dL,0x44893a203587a898L,0xc0d0d12dab4ffdd6L,
-        0xd5f85269fc00e886L,0xd93f9cdce1999ae1L,0x0000000000000199L },
-      { 0xa9d573cad9980812L,0x87d7913ea7e02cb9L,0xb772f40954b00468L,
-        0x207850e8cc28eec8L,0x772468db7603910dL,0xb5d3125db256e07aL,
-        0xbeb567df8b59420dL,0xb3467a5331e5ccd1L,0x00000000000001daL } },
-    /* 32 */
-    { { 0x3a44dde085f45eddL,0xc543bb6498309156L,0x82d1ce827597d0d0L,
-        0xb2dc0f228106ca3eL,0x66f394472c3a313aL,0xd8f6fcdaa6cf2e03L,
-        0xed6e0e279e6bf40bL,0x7dcd3a305b9a41afL,0x0000000000000095L },
-      { 0x0a870cec12be5b78L,0x912c21c51406e140L,0x977417fdd5e13ca1L,
-        0x9edbae8ab9e21e28L,0x9fce45ea13b2f069L,0x25bd760b84f3cbf2L,
-        0x29e0c3ce2489fd01L,0xe16d31c1ec62a766L,0x0000000000000061L } },
-    /* 33 */
-    { { 0xaff40f1bb5598dccL,0xef04d8e02cd12fd9L,0xc97ea3b0bad7f4acL,
-        0x336776a6565108cdL,0x71d9d056fe63178cL,0x31a7c54714c3f6aaL,
-        0x5da757a2f6804c72L,0x7b3ee12ff87bb311L,0x00000000000001faL },
-      { 0x30df907b6bf9f426L,0xca534ca162ef821fL,0x540f8dba017699e6L,
-        0x7cddfe567358f4afL,0x5bc334a1e8f9cef6L,0x427fd83d6adc5f09L,
-        0x2fd7c1b8b851f4c2L,0x234d1bd4d1587daeL,0x00000000000000d3L } },
-    /* 34 */
-    { { 0xffef7d4f0399f8ccL,0x1e2708d99da4c3faL,0x5792ebd0a9474303L,
-        0x21aa73f56812a436L,0xf61f60fbc052973dL,0x7061be89fc874833L,
-        0xe65c7ebe2638329dL,0xe728d78b032852d9L,0x00000000000001e5L },
-      { 0xb633df4e27c9f6a6L,0xdea08843cc406457L,0x75f688183cb011bcL,
-        0x234d1b4ad5603044L,0x2a156ae5b6a4d089L,0x9021af3b95e9f0f1L,
-        0x90e987df968be7d3L,0x0821a4d3781ef8abL,0x0000000000000027L } },
-    /* 35 */
-    { { 0x94de21d800df95b9L,0x5d5301b2c33c47f7L,0xf271cabd2343171eL,
-        0xbe5441dc4f0fba70L,0x11183253702639d6L,0x01e0573a97074632L,
-        0x268025dfce4f92d6L,0x47d14b05039a6f5bL,0x000000000000015dL },
-      { 0x2051179030720125L,0xee2db45c6541fb74L,0x07bbcc41aacdcd66L,
-        0xffa2e9630a08ced4L,0x819b5b7a7f21a83dL,0x5f857f0a44896b10L,
-        0x6126655c197cde7dL,0x81d0f14a2962acd7L,0x0000000000000138L } },
-    /* 36 */
-    { { 0x0b7a0b9ebb82fc5dL,0x7f2e7af14ff667a2L,0x5cc3df3907a17aecL,
-        0x91465af2398fb92aL,0x785b749098cf002eL,0xfe22218f7380cfb0L,
-        0x32bd17997f4f03a8L,0x1c78bd791209f39aL,0x00000000000000e4L },
-      { 0x90389734e8b69225L,0x26dc02b5fc69c2f9L,0x37eeea93ff349339L,
-        0x642556bfc05ec9e4L,0xaa5744b64bd93ef1L,0xc29f3c91bfe9d602L,
-        0x399cbf01aea4f871L,0xc02b2b1cf485b047L,0x00000000000000beL } },
-    /* 37 */
-    { { 0x5658a9eb87400032L,0xb3513556ff0b51afL,0x99ecda719408ac7bL,
-        0x5e8d8b317bc54d5fL,0x8f178f9e3ef10515L,0xfc49ad94624b9cf0L,
-        0x344433fd8fc6c90fL,0x0df7be427f17965fL,0x00000000000000d4L },
-      { 0x47918d08133929fbL,0xd6cf0aa92ff979f6L,0xad55ab19a37a87abL,
-        0x9e9d1956c5010be8L,0x8c0bd3ea3b82de19L,0x6c87820ff3c76b65L,
-        0x70499d39f2232ed8L,0x70dab0ee7aafde31L,0x0000000000000163L } },
-    /* 38 */
-    { { 0x5ba4b10081d6751dL,0xeb0319dcb96a5495L,0x56407c25654729d3L,
-        0x3de520199330d3fcL,0xb3f8a00e28998bc4L,0xeeea220977ddd518L,
-        0xc1429a49cb758f5eL,0xa86982a271834361L,0x0000000000000040L },
-      { 0x7472fd7ac36a0150L,0xfb61ab940138d406L,0x0cef5dd5b30829f5L,
-        0xa8ea3257aef599f4L,0x593011df7fa063bcL,0xea4c19ced774cb2cL,
-        0xad0eeee6b85e8883L,0xb5ef126b2aba018bL,0x000000000000014dL } },
-    /* 39 */
-    { { 0xebc08efd502a4e76L,0x4589d863767c0f52L,0xcf85eef44eb92decL,
-        0x0b59aa5d965c95c1L,0x60945a8e68d2dbcaL,0xc94cb99f77bf02d9L,
-        0x6cc41e81cfc0dc2dL,0x7264e2dc8637cc2bL,0x00000000000000d5L },
-      { 0x28989d2059b1302cL,0xba90dc20f89d0c77L,0xa29e9c3ee7f4a0b1L,
-        0x332ecd54b0a225b5L,0x38a3b080b042d9eaL,0x6d27ff408d9dfe9fL,
-        0x146f8b3a88a69d3aL,0x634fb13f1fee39b6L,0x0000000000000031L } },
-    /* 40 */
-    { { 0x2cd49af1f76d4173L,0x269b00cea89acef1L,0xb60e2977a015990bL,
-        0xbe86499685f72cefL,0x4e23b9db4d5b0156L,0xfa92c71c6bb926baL,
-        0xf4a8ff2fe2f815b2L,0x543eee4aa5cd2e72L,0x000000000000003aL },
-      { 0x9cf75fb5ecb67b4bL,0x0132019091a51dbcL,0x0557fcd377225c2bL,
-        0xe2e69807eec94860L,0x58ccae9fe6c35624L,0xeca667a6e8c2ff7cL,
-        0xf6939f23a37b64a3L,0x2eaabbb70d225b40L,0x00000000000001e7L } },
-    /* 41 */
-    { { 0x036735d2ff9ed76dL,0x8653e8e35d154fcaL,0x6811cba29824f792L,
-        0x96a3c594e1252e06L,0xb02543e7ba6e82e0L,0x5435187349b46518L,
-        0xb7c14c8662bc5b59L,0x6535a2bba295f29bL,0x00000000000000bfL },
-      { 0xd8b41e4bb0625972L,0x1063ba69b0ce550dL,0x64687d34db86696eL,
-        0xba2b364455ca06daL,0xa4699ecd3dc4d46cL,0x9f40e631bfe4443fL,
-        0x0e97fbe375fa4f7eL,0xd026b0481cbdc008L,0x00000000000001d2L } },
-    /* 42 */
-    { { 0x042191fad75cf083L,0xaffc08409bd72c49L,0x8f5b9e3f67faf055L,
-        0xa99fa2dfc9794f77L,0x1ccbe885a9ef6764L,0x5fd1e3d66880eb3cL,
-        0xbef622be06fd7bfaL,0x80d418fe9b10c7f8L,0x00000000000001a9L },
-      { 0x6637732018148fceL,0x9655f8b345c2a46fL,0xdc2952408caf763dL,
-        0x4313d4b72816a721L,0x6ff4aa0a50da95edL,0x66cbcad2d4f9e551L,
-        0x0ff11d35e6993438L,0x93dab445b9a4f5f1L,0x00000000000000b4L } },
-    /* 43 */
-    { { 0x8e846df2fa327b1cL,0x6755220d1d0321a0L,0xbacbc29c0342f918L,
-        0xbe6f119dd996a1f8L,0x11c02d40eb5740ffL,0x28a8232f4fbb962fL,
-        0x066250a52185293aL,0xf9220c87cf927dc9L,0x00000000000001c9L },
-      { 0xd59cdf5b32a50e5aL,0xa13035882c379627L,0x0894c6ebff69b440L,
-        0x881458aaad6055c9L,0x27d9a7d5b2f2ff3cL,0x15f33160d254ae2dL,
-        0x6e8342f1e38392bbL,0x7d7f4576b7c8d249L,0x0000000000000104L } },
-    /* 44 */
-    { { 0xd63c86d1774512bfL,0x1524c2d8624719e4L,0x2f7568d486d00e48L,
-        0x02140d74cb9cf033L,0x3fff92dd0cae0cceL,0x7ec6068613941889L,
-        0x791633ac5b8bf2b0L,0x43c98854ca54ea3dL,0x0000000000000027L },
-      { 0x15a79b14e40eb5e3L,0xccbbb5c75eeb2285L,0xc67c8dff5686232dL,
-        0x8b45a2c1a83196efL,0xa274bf939b2acfb3L,0x35c2b5486e56b741L,
-        0xc93963b24c1f5672L,0xbe9d6f8edf0e741bL,0x00000000000001caL } },
-    /* 45 */
-    { { 0xc8bc017afba4114aL,0x8e2791028d7327cdL,0xb95bfa6bddf662a4L,
-        0xd828f02c44a2caefL,0xc6504c42a27af13cL,0x67f79cab503e832dL,
-        0x42da6976cb78ed1dL,0xda6e4727431e01dbL,0x0000000000000094L },
-      { 0x44d5bd3eb9544fd3L,0x329d747f694035c9L,0x104d2b68676f065aL,
-        0xc8e81e7cfc4165c6L,0x4cdad2fdaf3779f2L,0xa3e4a4625669a833L,
-        0xa281178a21737142L,0x86f7afb87b8f5514L,0x00000000000001aaL } },
-    /* 46 */
-    { { 0x407a70134deacc7cL,0xa2540e3c94faf272L,0x4246beb934b43fa8L,
-        0x157b03f43ba9f184L,0xf7898d60b939ba99L,0x0f7e245e3a5f62b4L,
-        0x2db5a341eaf7a575L,0xd3adea091278c0f7L,0x00000000000000d2L },
-      { 0x2cba440ada687094L,0x3b478947767e75d2L,0x07c7de48078f23a0L,
-        0xca6d86d8d7252108L,0x5fd954fc6a7fbe1aL,0x4d552bbec9a2a901L,
-        0x71ab270159e75804L,0x294298fa5413091cL,0x0000000000000149L } },
-    /* 47 */
-    { { 0x6e60bc8cbebdd14bL,0xfe195cae8c57a662L,0x41e77bd8d9e4437aL,
-        0x20fc2e7c85e4b9edL,0x97be566d2a012e02L,0x433786ae9b250c6aL,
-        0x9eb76699cbb3224aL,0xf727091bf090f756L,0x00000000000000c8L },
-      { 0x31496439ef08161cL,0x265407a997e3a008L,0x2088210700e2ffcdL,
-        0x27426c055359fd16L,0x03e836825c39f78fL,0x380743a8e2a8832eL,
-        0x8739d8ed792bafe6L,0x6cef07c47a912015L,0x0000000000000128L } },
-    /* 48 */
-    { { 0xf29780090fd83accL,0x247593df630645dbL,0x171e6b9f9e2db252L,
-        0x3a6342a3c30aec58L,0x23524040fdd7151cL,0x2589b6988b15fee7L,
-        0xca588f0a17dca917L,0xb2cf2fe7677cad49L,0x00000000000001dcL },
-      { 0x14332d38c8573626L,0xd4fe66fd4adedd4dL,0xc5d8f397bb83b706L,
-        0x00aacee43aa8a4c9L,0xe90383ff107c81a9L,0x6cf1fb2f18abdf47L,
-        0x9bf5444df17c55baL,0x8251ec253659322aL,0x00000000000001deL } },
-    /* 49 */
-    { { 0x5a0e940caa2f106aL,0x7c55eb23418781b7L,0xcc6cebb679cc53b8L,
-        0x7f6f64fc9d7377f4L,0x1571161c6de3403cL,0xd7a52f1cff1bf45aL,
-        0xaf938df4110b0e06L,0x9bf219246f64c558L,0x000000000000001cL },
-      { 0xe15e4f0ea5afb352L,0x9ff6c56df2ca770fL,0xe0e86c68338e1890L,
-        0x96907f1990808bfcL,0xd0d47de2686b805bL,0x2fbfcb72b367c12aL,
-        0x800a58141dd3d54fL,0x2f4b07b398657a79L,0x00000000000001f3L } },
-    /* 50 */
-    { { 0x3340fb54f31cb1daL,0xc1e88317e1752360L,0x183ae7f8121667b1L,
-        0x1f271fa2bfd7bae9L,0xb31175b92b745d3dL,0x22250cc540b13e3eL,
-        0x63aabbb70d01026fL,0xab63c0f1b428cd91L,0x0000000000000018L },
-      { 0x7435eaf9988d425aL,0xf9f323c7fcc441f4L,0x8de16b8c3e4de08eL,
-        0x2e603853e495b0f0L,0x204602204b3f0024L,0x8aff3f40b43cdb09L,
-        0x409df7af4d00e185L,0xc681d091f1637f16L,0x000000000000019fL } },
-    /* 51 */
-    { { 0x0801a2cf5f0f872aL,0x67a587356ec8c90cL,0xf21e24aba0913e94L,
-        0x985fc1703502bcb9L,0x8552800450a05926L,0x65918c8f426e56f8L,
-        0x382414dea5cba2acL,0xc3e7a7e62874cb00L,0x000000000000005fL },
-      { 0x96630e9e8fa87335L,0xdcf938c1c7771bc8L,0xc4f3d77aa8cf3cd8L,
-        0x931ae9adc99a5fddL,0xa89581d55e2bcffcL,0xd0c7c71f29758819L,
-        0x4ef995634d5aa9d8L,0xc6de91cd8f04cdebL,0x0000000000000171L } },
-    /* 52 */
-    { { 0x24b42a1c35c6448eL,0x129a536e1f4e7b86L,0x7ca12db87e48d8f6L,
-        0xa827acf3587d6577L,0xfc62bf4bb1cce77eL,0x702ee5800f45a823L,
-        0xb4989843cc7a73a3L,0x3d49a2326c0afb5bL,0x00000000000000a6L },
-      { 0x7055c61255086dc5L,0x0622af5a3cf49868L,0x113dc4cbe695b064L,
-        0x65b33365479ff727L,0x156ab542336bc622L,0xf5a2ef703014770dL,
-        0x486f74556ded88eeL,0xbb4619488c8a7452L,0x000000000000005aL } },
-    /* 53 */
-    { { 0xea6e991125fdd488L,0x4ea556fb3d0183b0L,0xe8cfd7c274dc3ac2L,
-        0xe20307a3ddf1bd8fL,0xfc6684582ee9be7bL,0x64a60b7937782071L,
-        0x612fc9c865acf2e3L,0xcbb8c60c0de59326L,0x000000000000009cL },
-      { 0x250e6112195cad69L,0x81cd7e491f0b4f39L,0x9b6808db61302e46L,
-        0xe569c108b3af7841L,0x34d86f57c15d5fc4L,0xb3e586fdf76ad338L,
-        0x6de8477b70bd63a8L,0xa52b119d7ec86218L,0x00000000000000b6L } },
-    /* 54 */
-    { { 0xe51f8aca27806255L,0xcb4da51a101b2dbcL,0x27b8a0dfe08b3553L,
-        0x6e2a0d066ad56ac8L,0xa751cbedec44486dL,0xf574538ec5b2ae67L,
-        0x64e1e3c3827536e2L,0x652fa060707a8b39L,0x0000000000000170L },
-      { 0xe17a85d7684c6e53L,0xc957477272d0d747L,0xf892866558d12edbL,
-        0x7fb212c8c815db67L,0x44b676eff3e66186L,0x15b57bb3998ef4d3L,
-        0xb71f3b8e815c5036L,0x3fe9796573bcb190L,0x0000000000000162L } },
-    /* 55 */
-    { { 0x5c7f569ad5fd84e2L,0xf84d6e126fa4bb7cL,0x7b74629c82a1081dL,
-        0x7935151d0522589eL,0x94fb78055ccf889aL,0xec677309792f6bacL,
-        0x42fbece8d880a0d8L,0xd97b4881b70be7f5L,0x00000000000000e3L },
-      { 0x85d79261eda953e8L,0x35894e9b5dd94926L,0x95c1cbc99aeb12b8L,
-        0x017029fe1695dc35L,0x36e2b978d6b13364L,0xb86b7afdc388ce34L,
-        0x2d25b1af1e501e40L,0xf9127abdd5d7e7c1L,0x0000000000000031L } },
-    /* 56 */
-    { { 0xa18a458f1bb9a390L,0x916fc4b62062e5d6L,0x7040176be16db823L,
-        0x25de966301177efeL,0x2b679ddeb778335cL,0x6ecf1689862622ebL,
-        0xa191ffb5cb8a74ebL,0x4cc26680019ff743L,0x0000000000000047L },
-      { 0xfa5b847e047d9854L,0x6151153b6527d4d7L,0xf72721185bdda4c9L,
-        0xdde383c5f17c7e63L,0xc44040392a82edb4L,0xd1355d9781853b97L,
-        0xcb503386b211c3b0L,0x0f9dbd602c17c154L,0x0000000000000107L } },
-    /* 57 */
-    { { 0xc8cd8f5d80a2aa22L,0xb73c67a164793948L,0x55abac7fff49c73dL,
-        0xb5bc3df0833e5481L,0xf6ab8a42384a9287L,0xbea5929eee4f0be7L,
-        0x2e6bf0f29619ddbaL,0x224ce58ab2ddfcbeL,0x00000000000001d4L },
-      { 0x12f87e99ac4906b7L,0xe752f6ea5101c876L,0xa32a9b1f2b668943L,
-        0x9e6e6c2b07950fdfL,0x72a31f91bbb4c324L,0x2e799c7b28546e5fL,
-        0x7183a2daa6ff4503L,0xe2cb8237178fdeebL,0x0000000000000030L } },
-    /* 58 */
-    { { 0x140767d0bcd89552L,0x31548634f10fdf7fL,0x2c4cdccc210355fcL,
-        0x4929888955704a76L,0x7102e8820f1d3e5eL,0x4afc588292691f55L,
-        0x4cff09ede9e34260L,0x49d3a32932cd76ccL,0x0000000000000063L },
-      { 0x6adbd32efbdc0c1eL,0xe3fe998b0ebefe86L,0x78099d79bc2a7085L,
-        0x333c30095adeab44L,0x45e4d96f07ae4b5fL,0x4bd1f0d29de88636L,
-        0x8c7e69d7bf2020a9L,0x126a5886c3c5a340L,0x0000000000000000L } },
-    /* 59 */
-    { { 0xaed91dc9263f94d8L,0x40f3c1cd20289709L,0x74dc1e9b60b5c995L,
-        0xf08cb2a07d5bb95bL,0xbb6d3339e642d133L,0x3c3e5d14d2fcc05dL,
-        0xcf159316403e4a78L,0xd84be52727c124faL,0x00000000000000d4L },
-      { 0xbb2246c1bcd8501dL,0x86d450b3a1600eadL,0x6f5a476db626b180L,
-        0x01f4b93e3511ac45L,0xd813396bbbfa9758L,0xc69b8e7512347b15L,
-        0x108defb629cd9e2cL,0x4778bb2725e9ac47L,0x000000000000012fL } },
-    /* 60 */
-    { { 0x140ce283ea9f1213L,0x2326ce38af8d7bc8L,0x90d21012914ac8b5L,
-        0x0b07cea5e255c0e1L,0x93cc5e972dcccb43L,0xb89b14f2ee9885efL,
-        0xa35afc40dc56967cL,0x8125d749ee2e3671L,0x0000000000000101L },
-      { 0x1855e97a55902052L,0x8a572e69e6f0db6cL,0xb1bb6014fcfa3f3cL,
-        0xe77eb435f5b2440bL,0x9045dd302df3f74aL,0x7853068b590ee6e0L,
-        0x5714e1f03b9ddec5L,0x9810d77586086f6bL,0x0000000000000008L } },
-    /* 61 */
-    { { 0x66e566e3d3a87a30L,0x325081762cc44c2fL,0xdcaf7c52b80871eeL,
-        0xdad02ffbdd245945L,0xb9e691ace956cdb7L,0xdfefe49fc62064e5L,
-        0xc322f6978c8f2c6dL,0x68a5d7a8aa88f4acL,0x00000000000000deL },
-      { 0xee5555b183ae6c21L,0x895c837c478467b0L,0xe6b06030dd4d105bL,
-        0x9d9f32247636a759L,0x68132ea4fb8142ddL,0x6109a099ff919487L,
-        0x775c37af76a1835dL,0x4279a9c48604a81eL,0x0000000000000093L } },
-    /* 62 */
-    { { 0xb72859988df31c84L,0x0489bf6fcf37c1c3L,0x4ccd18d9e4c102d7L,
-        0x8b1d6c45ac3e23c9L,0x7b7d259a5744d781L,0xa0033649b4778129L,
-        0x5c7414d99fbf3e2cL,0xfa78a7fe20774c25L,0x0000000000000043L },
-      { 0x9b46685f8e69fd50L,0x2632cf3c3e47d4deL,0x44fd8f9f0238fed0L,
-        0x2fbc3f42e03f169dL,0x0c9df28eb7dcd132L,0x5deae7cc3d18592aL,
-        0x3034fb93406adf0bL,0xbf5a3a75ae059280L,0x000000000000010aL } },
-    /* 63 */
-    { { 0x272883fb34c28cb6L,0x22b00e9e5e7d03a4L,0x23bbacb97f4602a2L,
-        0x27564d96c248ed06L,0x9b7e1ce6d1c5b544L,0xb3d77b2d71182e92L,
-        0xb18e78aade9d46abL,0xde48d9e12e69d74dL,0x00000000000001fbL },
-      { 0x8de62222099effafL,0x2212621b1328146cL,0x05f3c0b003677fccL,
-        0xf43e4825fb0fc3c0L,0x94d3b33698536e0bL,0x22c1cca4225481ebL,
-        0x2b8668dfa9fcbaf5L,0x51e858f2c30e9271L,0x00000000000001e9L } },
-};
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^86, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_9(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^86, ...
- * Pre-generated: products of all combinations of above.
- * 6 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_avx2_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_stripe_avx2_9(r, &p521_base, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#else /* WOLFSSL_SP_SMALL */
-/* The index into pre-computation table to use. */
-static const word8 recode_index_9_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_9_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<75; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 9)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 9) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_9_7[y];
-        v[i].neg = recode_neg_9_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_get_entry_65_9(sp_point_521* r, const sp_table_entry_521* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_get_entry_65_avx2_9(sp_point_521* r, const sp_table_entry_521* table, int idx);
-#ifdef __cplusplus
-}
-#endif
-static const sp_table_entry_521 p521_table[4875] = {
-    /* 0 << 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 0 */
-    { { 0xf97e7e31c2e5bd66L,0x3348b3c1856a429bL,0xfe1dc127a2ffa8deL,
-        0xa14b5e77efe75928L,0xf828af606b4d3dbaL,0x9c648139053fb521L,
-        0x9e3ecb662395b442L,0x858e06b70404e9cdL,0x00000000000000c6L },
-      { 0x88be94769fd16650L,0x353c7086a272c240L,0xc550b9013fad0761L,
-        0x97ee72995ef42640L,0x17afbd17273e662cL,0x98f54449579b4468L,
-        0x5c8a5fb42c7d1bd9L,0x39296a789a3bc004L,0x0000000000000118L } },
-    /* 2 << 0 */
-    { { 0xf43e3933ba6d783dL,0xcf2fa364d60fd967L,0xaa104a3a35c5af41L,
-        0xb3b204da6ef55507L,0x2c6e5505d769be97L,0x7403279b1ccc0635L,
-        0x2fcb288148c28274L,0x3c219024277e7e68L,0x0000000000000043L },
-      { 0x1be356d661f41b02L,0xeafcbe95edc0f4f7L,0x93937fa99a3248f4L,
-        0xb3e377de9f251f6bL,0xab21a29906c42dbbL,0xc6b5107c4da97740L,
-        0xa7f3eceeeed3f0b5L,0xbb8cc7f86db26700L,0x00000000000000f4L } },
-    /* 3 << 0 */
-    { { 0xa5919d2ede37ad7dL,0xaeb490862c32ea05L,0x1da6bd16b59fe21bL,
-        0xad3f164a3a483205L,0xe5ad7a112d7a8dd1L,0xb52a6e5b123d9ab9L,
-        0xd91d6a64b5959479L,0x3d352443de29195dL,0x00000000000001a7L },
-      { 0x5f588ca1ee86c0e5L,0xf105c9bc93a59042L,0x2d5aced1dec3c70cL,
-        0x2e2dd4cf8dc575b0L,0xd2f8ab1fa355ceecL,0xf1557fa82a9d0317L,
-        0x979f86c6cab814f2L,0x9b03b97dfa62ddd9L,0x000000000000013eL } },
-    /* 4 << 0 */
-    { { 0xfbc87412871902f3L,0xa1d5025b08e5a5e2L,0xe8b88e9f078af066L,
-        0x8659e24afe3d0750L,0x06c5d55541d3ceacL,0xc61c891c5ff39afcL,
-        0x54b483487c9070cdL,0xb5df64ae2ac204c3L,0x0000000000000035L },
-      { 0xe21f47fc346e4d0dL,0xbb7faef04699d1d9L,0x5224f750a95b85eeL,
-        0x79f283e54ba38540L,0x5ae63fe2f19907f2L,0x5521aef6e6e32e1bL,
-        0x73e0178eb0b4abb6L,0x096f84261279d2b6L,0x0000000000000082L } },
-    /* 5 << 0 */
-    { { 0xd5ab5096ec8f3078L,0x29d7e1e6d8931738L,0x7112feaf137e79a3L,
-        0x383c0c6d5e301423L,0xcf03dab8f177ace4L,0x7a596efdb53f0d24L,
-        0x3dbc3391c04eb0bfL,0x2bf3c52927a432c7L,0x0000000000000065L },
-      { 0x173cc3e8deb090cbL,0xd1f007257354f7f8L,0x311540211cf5ff79L,
-        0xbb6897c9072cf374L,0xedd817c9a0347087L,0x1cd8fe8e872e0051L,
-        0x8a2b73114a811291L,0xe6ef1bdd6601d6ecL,0x000000000000015bL } },
-    /* 6 << 0 */
-    { { 0x23731bedf79206b9L,0x2f66e95657f380aeL,0xe0727a239531be8cL,
-        0x5fbcca16153f7394L,0x981506ade4ab0152L,0x623d30977fd71cf3L,
-        0x2eff34f94480d195L,0x4569d6cdb5921953L,0x00000000000001eeL },
-      { 0x1eaccd7858d44f17L,0x3dc7b8b55ca0dadeL,0xf96c984de274f220L,
-        0xcab72d0e56648c9dL,0x7240a926201a8a96L,0x2aabbb73da5a808eL,
-        0xe2dd270546e3b111L,0x0255ad0cc64f586aL,0x00000000000001deL } },
-    /* 7 << 0 */
-    { { 0x01cead882816ecd4L,0x6f953f50fdc2619aL,0xc9a6df30dce3bbc4L,
-        0x8c308d0abfc698d8L,0xf018d2c2f7114c5dL,0x5f22e0e8f5483228L,
-        0xeeb65fda0b073a0cL,0xd5d1d99d5b7f6346L,0x0000000000000056L },
-      { 0x5c6b8bc90525251bL,0x9e76712a5ddefc7bL,0x9523a34591ce1a5fL,
-        0x6bd0f293cdec9e2bL,0x71dbd98a26cbde55L,0xb5c582d02824f0ddL,
-        0xd1d8317a39d68478L,0x2d1b7d9baaa2a110L,0x000000000000003dL } },
-    /* 8 << 0 */
-    { { 0x86f9ea54aa78ce68L,0xb56289b5a6f40405L,0x8b598c1bc8d79e1aL,
-        0x5bfea5b8579f49f0L,0x8b8a3b05f826298fL,0xd4e29d8a9b003e0aL,
-        0xa8348396b010e25bL,0x22c40fb6301f7262L,0x0000000000000008L },
-      { 0x8ad642f11f17801cL,0x9f3ba94009471353L,0xf0ba0df065c57869L,
-        0x89e9c0aa5911b4bfL,0x5083de610677a8f1L,0x44f8ede9e2c0715bL,
-        0x48fdab6e78853b9aL,0x31911d5542fc4820L,0x0000000000000163L } },
-    /* 9 << 0 */
-    { { 0x1f45627967cbe207L,0x4f50babd85cd2866L,0xf3c556df725a318fL,
-        0x7429e1396134da35L,0x2c4ab145b8c6b665L,0xed34541b98874699L,
-        0xa2f5bf157156d488L,0x5389e359e1e21826L,0x0000000000000158L },
-      { 0x3aa0ea86b9ad2a4eL,0x736c2ae928880f34L,0x0ff56ecf4abfd87dL,
-        0x0d69e5756057ac84L,0xc825ba263ddb446eL,0x3088a654ee1cebb6L,
-        0x0b55557a27ae938eL,0x2e618c9a8aedf39fL,0x000000000000002aL } },
-    /* 10 << 0 */
-    { { 0x87ff09a04f2f3320L,0x7c2e411f1a8e819aL,0x9daa4da9842093f3L,
-        0xa2c7c178fcc26329L,0x4a9246b11ada8910L,0x901d879ac09ac7c3L,
-        0xfcfe7bb6721ec4cdL,0xeb8f22bda61f281dL,0x0000000000000190L },
-      { 0x2954bc98135ec759L,0xf3689639739faa17L,0x536f6163dc57ebefL,
-        0xbf5349d44d9864bbL,0xa97fd78a62ef62d2L,0xc2eeb2144251b20bL,
-        0xbaeab3b0ca2ba760L,0x5d96b8491614ba9dL,0x00000000000001ebL } },
-    /* 11 << 0 */
-    { { 0xecc0e02dda0cdb9aL,0x015c024fa4c9a902L,0xd19b1aebe3191085L,
-        0xf3dbc5332663da1bL,0x43ef2c54f2991652L,0xed5dc7ed7c178495L,
-        0x6f1a39573b4315cfL,0x75841259fdedff54L,0x000000000000008aL },
-      { 0x58874f92ce48c808L,0xdcac80e3f4819b5dL,0x3892331914a95336L,
-        0x1bc8a90e8b42a4abL,0xed2e95d4e0b9b82bL,0x3add566210bd0493L,
-        0x9d0ca877054fb229L,0xfb303fcbba212984L,0x0000000000000096L } },
-    /* 12 << 0 */
-    { { 0x7be69571bf842d8cL,0x3774c75c530928b1L,0x477fee9a60e93801L,
-        0x44e90b7c3fb81b31L,0x107cf7a5967713a6L,0x81874157958457b6L,
-        0xe4fae9749c7fde1eL,0xd9dcec93f8221c5dL,0x00000000000001c0L },
-      { 0x79e7b1a3281b17f0L,0x884ba72224f5ae6cL,0xcc10a6f951b9b630L,
-        0xd6d18843d86fcdb6L,0x5e404abf6a17c097L,0x63fe65ab71494da4L,
-        0x3ce1d103a682ca47L,0x48b5946a4927c0feL,0x0000000000000140L } },
-    /* 13 << 0 */
-    { { 0x1887848d32fbcda7L,0x4bec3b00ab38eff8L,0x3550a5e79ab88ee9L,
-        0x32c45908e03c996aL,0x4eedd2beaf5b8661L,0x93f736cde1b4c238L,
-        0xd7865d2b4924861aL,0x3e98f984c396ad9cL,0x000000000000007eL },
-      { 0x291a01fb022a71c9L,0x6199eaaf9117e9f7L,0x26dfdd351cbfbbc3L,
-        0xc1bd5d5838bc763fL,0x9c7a67ae5c1e212aL,0xced50a386d5421c6L,
-        0x1a1926daa3ed5a08L,0xee58eb6d781feda9L,0x0000000000000108L } },
-    /* 14 << 0 */
-    { { 0x2c9e682dd3432d74L,0x6767f6b812efbf5dL,0x79df3e4b7bc744aaL,
-        0x74fc06c8b897222dL,0xd4fb0babe0b31999L,0x958b401494116a2fL,
-        0xe1b8ccfaaf84ded1L,0x5bc7dc551b1b65a9L,0x0000000000000187L },
-      { 0x41669f852700d54aL,0x5b690f53a87c84beL,0x11e89bf1d133dc0dL,
-        0xd07781b1b4f3584cL,0x0847ce9b86d7ed62L,0x8470122b8e51826aL,
-        0xd66290bbabb4bdfbL,0xa4923575dacb5bd2L,0x000000000000005cL } },
-    /* 15 << 0 */
-    { { 0xe9afe337bcb8db55L,0x9b8d96981e3f92bdL,0x7875bd1c8fc0331dL,
-        0xb91cce27dbd00ffeL,0xd697b532df128e11L,0xb8fbcc30b40a0852L,
-        0x41558fc546d4300fL,0x6ad89abcb92465f0L,0x000000000000006bL },
-      { 0x56343480a1475465L,0x46fd90cc446abdd9L,0x2148e2232c96c992L,
-        0x7e9062c899470a80L,0x4b62106997485ed5L,0xdf0496a9bad20cbaL,
-        0x7ce64d2333edbf63L,0x68da271571391d6aL,0x00000000000001b4L } },
-    /* 16 << 0 */
-    { { 0x3a6c508f81a8402fL,0x0dbf5c8007dcdc53L,0xe5965da7985630dfL,
-        0x943ff18861ca00a0L,0xd632f8d20b188a52L,0x2a87f66192fd3f3dL,
-        0xda97da26ac743b0bL,0x7d10d8a89c8ad05dL,0x00000000000001d1L },
-      { 0x52e272f89bc73abeL,0x9e3004d28d186333L,0x0b3075ac9d998852L,
-        0xc182e1398db547aaL,0xc7ca30c94b6b82c1L,0x1335e4c3b800d50eL,
-        0xc714b18d3d3e6972L,0x37343c582d77001fL,0x000000000000007aL } },
-    /* 17 << 0 */
-    { { 0x76f817a853110ae0L,0xf8c3042af0d1a410L,0xdf4e799b5681380fL,
-        0x760a69e674fe0287L,0xd66524f269250858L,0x99ee9e269fa2b3b4L,
-        0xa0b874645923906aL,0x0ddb707f130eda13L,0x00000000000001b0L },
-      { 0x35b9cb7c70e64647L,0xe6905594c2b755f5L,0xd2f6757f16adf420L,
-        0xf9da564ef6dd0bf0L,0x8d68ac2b22a1323dL,0xb799534cf69910a9L,
-        0xc111d4e4aeddd106L,0x683f1d7db16576dbL,0x0000000000000085L } },
-    /* 18 << 0 */
-    { { 0xfdf44d01dd99c61dL,0x84ce572f5a15c423L,0x2f0702c3096dec08L,
-        0x6edbb8525bffe522L,0xbd0cfe367de4666dL,0xf7e86dbc7bf99a7aL,
-        0xcb2edcc5b63d1281L,0x33425e72a12779eaL,0x00000000000001bcL },
-      { 0x35d841e2d8f9a86aL,0xa79fe15b19f84fd1L,0x915d1b4b45209b9dL,
-        0x234aeb201f7a9133L,0x2c8e4a00ac84c044L,0x4fb07ce0d196f255L,
-        0xe3e74d33d9e63d02L,0x06e999885b63535dL,0x000000000000010dL } },
-    /* 19 << 0 */
-    { { 0x78ff0b2418d6a19bL,0xfecf431e725bbde4L,0x9232557d7a45970dL,
-        0xfa3b309636266967L,0xfff0acdb3790e7f1L,0x45b77e0755df547eL,
-        0xc0f948c2d5a1a072L,0x8dcce486419c3487L,0x0000000000000099L },
-      { 0xa9091a695bfd0575L,0xf5a4d89ea9fbfe44L,0xb0ec39991631c377L,
-        0x73ad963ff2eb8cf9L,0xcc50eee365457727L,0x67d28aee2b7bcf4aL,
-        0xc3942497535b245dL,0xd5da0626a021ed5cL,0x0000000000000137L } },
-    /* 20 << 0 */
-    { { 0xe2603bfb11b0344fL,0xad792e43b74e16d8L,0x11dd48b9bdb3cd5cL,
-        0x09506339cb1049cbL,0x2e968fbed342b517L,0xbd767c2ab0d93fb1L,
-        0x3deeae39cc6f8cc2L,0xdd7f1b889598a465L,0x000000000000018bL },
-      { 0xdd3287fed0990f94L,0x37ccb22eee9cfc94L,0xedfaec1030da8ef8L,
-        0x4da3bdddc6d4eae7L,0x546c550952d31120L,0x9ee7f52b410b9444L,
-        0x6908296959bf0af8L,0xaadbe63f68ca5b6bL,0x00000000000000c5L } },
-    /* 21 << 0 */
-    { { 0x42ef399693c8c9edL,0x37ac920393a46d2dL,0xd9497eaed827d75bL,
-        0x46257eae4d62a309L,0x19523e759c467fa9L,0x268bb98c2ed15e98L,
-        0x3cc8550859ed3b10L,0xcbb2c11a742bd2fbL,0x00000000000001a1L },
-      { 0xe60bc43c9cba4df5L,0x7c9b0f17649ccb61L,0xbeb43a372c63eec5L,
-        0xdf741a53da483295L,0x180a296f6bafa7f7L,0xe83c0059c5193e6cL,
-        0x2c12da7c5e40ce62L,0x209d7d4f8eeb3d48L,0x000000000000011aL } },
-    /* 22 << 0 */
-    { { 0x4e38650bb6f5a561L,0x904b3a12cae0af93L,0xadfffcca8b28ca1fL,
-        0x74cbfe1018ffcd40L,0xbde3122096c4089fL,0xa7facca319d4b7aaL,
-        0xf1f6e66dc1eae621L,0x00ce6190c6d36ca5L,0x0000000000000097L },
-      { 0x64319ad5a535acadL,0x5c43427efea6210dL,0x2f22ec132ed14e5cL,
-        0xf40ac9cdadfe028aL,0x95e0fd06c5b46824L,0xbe4a8d24e415f9c1L,
-        0x61c78fad62100104L,0x78827e13569356b0L,0x00000000000001fbL } },
-    /* 23 << 0 */
-    { { 0xa1c6a5ece2af535cL,0x07e1f1ac26ae5806L,0xe9e3f8e9a5ec53e2L,
-        0x1f6f83fc9af5b0afL,0x490d234d0cdd4510L,0xee7a39ba785fb282L,
-        0xdb1cacec5f547b8eL,0x0b275d7290159376L,0x00000000000001aeL },
-      { 0xd815c3536fa0d000L,0x213b4450a8d23856L,0x3c27b27bb07dd0c2L,
-        0x10843361ee97fcf4L,0xb431647844c2dc0eL,0x7d759ff890d05832L,
-        0x68a2858fc068471cL,0xc97a825e53853806L,0x00000000000000f2L } },
-    /* 24 << 0 */
-    { { 0x44a18c28b69bcef2L,0xc710838fa0a4198fL,0x6fdefaa4a86f6559L,
-        0x93ad7a9b2d0e4f66L,0x91391a8862c2cd7fL,0x0e49a0e6ec407366L,
-        0xb447ce5d4930becfL,0x8e98d1008e9d525dL,0x0000000000000096L },
-      { 0x8a0b537a0b446729L,0x0575ce65dd7dd9fdL,0x8385e09fa134f793L,
-        0xa48f492cf3d07536L,0xb4cd2b81880aa962L,0xa555cd2f64a2b032L,
-        0xe44476658a352aa7L,0xa7e96f293f75117cL,0x00000000000001e1L } },
-    /* 25 << 0 */
-    { { 0x3f8c2460bf70ace0L,0xe41e0eb1c25d3fb1L,0x56e87e2aa648ff27L,
-        0xa91856917c36ee4dL,0x1c772c8c5499994aL,0x0073102651b107b1L,
-        0xa35874a6f5dff9d2L,0xe84c6d5c5a9a1834L,0x0000000000000154L },
-      { 0x4325bce404c78230L,0xeede2a54672e6b6dL,0xd1e2370a6a5972f5L,
-        0xdee3543572fbc1a0L,0xf66c2888151666a6L,0x15a923eb0022a0c7L,
-        0xe22a28f80bb60d3fL,0x0fdce9171910473aL,0x00000000000000cdL } },
-    /* 26 << 0 */
-    { { 0x60d9e9a7e8c685c6L,0x68dd29c10c73e410L,0x007102d5dd038ed7L,
-        0xf686bfc27593b717L,0x09bc2cbefa11d6aeL,0x31a02407e9a85766L,
-        0xd9857bb0c04dcd13L,0x61bd55cc8b533222L,0x000000000000017bL },
-      { 0xe74aacc5b9b4844bL,0x5b8bff6c058ff572L,0xd74b5b2ac347d133L,
-        0xb4ddb8a4191a4648L,0xcbdc724709e1f426L,0xc8b4ac79f5a29ba2L,
-        0xa0196c0682be4633L,0x4da05ea4b9de3bbeL,0x00000000000001c3L } },
-    /* 27 << 0 */
-    { { 0x357643017002d68bL,0xb215604492ec4568L,0x51353aeda0d3163cL,
-        0x80b2123da719d483L,0x33f35187e135854dL,0x8739535d0e4f862cL,
-        0x62a4d4eb889e646fL,0x373edf8218f9b6a7L,0x0000000000000160L },
-      { 0xf3e6aeca5d90b740L,0x463ffe709d45acb3L,0x13b874f4a8bb572eL,
-        0x1efa491ed92ebc54L,0x4a56f78e1a1b2201L,0x9fd193c5cf52c3bbL,
-        0xe5828401ac06a3faL,0x597050014dcfe1c5L,0x00000000000000f1L } },
-    /* 28 << 0 */
-    { { 0xe160709ed9985b0cL,0x291adc92433ee2deL,0xb93220fe2ad07f0bL,
-        0x949da6c395738534L,0x116d7f87032133e2L,0x988bb828d895ed5dL,
-        0xec5c29642dd68d1aL,0x95646effed8e5f6fL,0x0000000000000191L },
-      { 0xc31c832ba74eed38L,0x886f4ded1741425aL,0x2e495cf2adcdd6b5L,
-        0xb345b828c8b09a2bL,0x5443c5d9216ae388L,0x606d3f34656a52efL,
-        0xce28b4724f834f49L,0xacd53b00c9f29f3eL,0x0000000000000177L } },
-    /* 29 << 0 */
-    { { 0x2c3927618eda25dcL,0xf33d8595d51f6d96L,0x4003ab8e847ffb9eL,
-        0x5ca9bc06876d7291L,0x28bef38f7664a130L,0xf9f45131e86265ecL,
-        0xb3c1fbfcb65a085fL,0xc644d6c94b68287dL,0x0000000000000174L },
-      { 0x187bbbc4821a0c30L,0x0679927c26ebbfbdL,0x50c2732d706d303fL,
-        0xbe0e21952ce0d90bL,0xb5cf5eb795ad34b7L,0x0233ef8fcb6441fcL,
-        0x05acc95b41b7b782L,0xf3a7c2f87f419e68L,0x000000000000011aL } },
-    /* 30 << 0 */
-    { { 0x6117fab72ec4b081L,0xf7d9b10f1b0af595L,0x352756cc169eac6bL,
-        0x35573f35d14754c6L,0xea52dbcbae2a3e44L,0x3cf015e1f913a610L,
-        0x0b6913261570a6b3L,0x87d70d11074b36bbL,0x00000000000000d0L },
-      { 0xb64d6af6579dbed3L,0x069edd46ff01cfc7L,0xf279efee5d860be9L,
-        0x54d5b99d1d7d4adaL,0xe47015660d29f153L,0xbcde1cd94afbdbd3L,
-        0x811d7b95a6ac2dceL,0xd07f8c3cafdc1636L,0x00000000000000c4L } },
-    /* 31 << 0 */
-    { { 0x2257d0e0c16a8803L,0x0dcfb5e488e24812L,0xfc14c1ac09cd6b22L,
-        0xd65543a904c9d429L,0x7260a83ca5e7726cL,0xb574589657c2a661L,
-        0x006a58cdb7307b7dL,0xe9920cf30f0c6615L,0x00000000000000d8L },
-      { 0xca4677c739792d19L,0xaa1bd97c7b54318aL,0x139a868cae4cc263L,
-        0xf76b8c3244d14790L,0x0aefb72cbed1aa30L,0x8b5406328f10c806L,
-        0xdf09c13a214a30ecL,0xb023b5454a663987L,0x0000000000000127L } },
-    /* 32 << 0 */
-    { { 0x47915ab876e56a9eL,0x9cf7475cd6c5c782L,0x67d69bd6ba5d1f94L,
-        0xea04a35dc73596ecL,0xdba7ecefb9e5ebd6L,0x3e3e16654e068038L,
-        0x43707af94ba15b34L,0xba3596d20a3a4694L,0x0000000000000166L },
-      { 0x95ca9a9914a156aaL,0xcd98c965ab961636L,0xb74de1c7ea0f36dfL,
-        0xe204cdb818cdd6b9L,0xc1df01c65c2dd77dL,0xff7bd8bf5ff01967L,
-        0x1635e75ff3e08268L,0x7b0ff4d1940ab811L,0x0000000000000047L } },
-    /* 33 << 0 */
-    { { 0x5ea2e1fc649f308dL,0xa5ec59186b2ed12dL,0xe9a519a57aa53ac2L,
-        0xabdbea7e2b77ef1aL,0xf381421a74236df0L,0x52086d482be92613L,
-        0x8c76eb4e3c76f58eL,0x4195f0978fb969e6L,0x0000000000000028L },
-      { 0x6be95a3dd3e11c4dL,0x88effd5c228b58f3L,0x00bd7216c16deb3aL,
-        0xe7656ecbf3d138bfL,0x9e016769614ac5f2L,0x24d513abe063c663L,
-        0x7b7a3bc869056d3aL,0x43eb08c656dc636bL,0x000000000000007eL } },
-    /* 34 << 0 */
-    { { 0xdfeab253d54e4d87L,0x55ac0435b8317a8dL,0xc1f1f8993db2173bL,
-        0xa866a98b697d432cL,0x0e7d84e588581cdeL,0xeb8db26b14dbf8bfL,
-        0x48c58962f5b7c130L,0xf66451d0843fb594L,0x0000000000000122L },
-      { 0xda9dba82fd9a06dcL,0x6baa5223db7571bcL,0x13184d9be8ea9140L,
-        0x5097293e4f87a6a4L,0xd357d7c04965b051L,0xa373f5aee0a89a48L,
-        0xc1f12141aee1538aL,0xd137b942249932f3L,0x00000000000001beL } },
-    /* 35 << 0 */
-    { { 0xdc1039c9ccd7d718L,0xa92ff614b5dcc8d8L,0xee4a618608f6b2ceL,
-        0xb4806c84fda74023L,0xc4a780b56f97392bL,0xa267a642b593e0bfL,
-        0x398b62069e0ba392L,0xc300757549630a78L,0x00000000000000ddL },
-      { 0x3eb1d3ef241e07f4L,0xdeba4db422640a4dL,0x5c212522ee69e797L,
-        0x9ab1178bd2c70142L,0x462796591a31db50L,0xa510936cb5d85bcfL,
-        0x1b83431f0c30dbbfL,0xbd2d07f6ac7fc5ccL,0x00000000000000c1L } },
-    /* 36 << 0 */
-    { { 0xae56cbf798bd6ef0L,0x5323bdc821e585edL,0xe724672821b585e0L,
-        0xf385da9cc679bb96L,0xe81a91dac8198aa9L,0x2a25afe471eb8ad9L,
-        0x514d5e71894c417bL,0x81c98659bd21e082L,0x00000000000001adL },
-      { 0xac7712f8455c99efL,0xd2c4ba1759a98b43L,0x75db963d8698121dL,
-        0x1af50b0bb140013aL,0x61285bc6dc8f01afL,0xca7f475441227b97L,
-        0x61aeda5705b3c0f8L,0x7026e6cf8e6fc4e7L,0x0000000000000121L } },
-    /* 37 << 0 */
-    { { 0xf1ac4d59b557a36fL,0x8c64e76ae4780273L,0x0e58e26ee0980df2L,
-        0xbd445763a2885604L,0x29ed0ae6af9d5749L,0xc35c5d56c1d59e42L,
-        0x39e798352ded5867L,0x4f64a6c21832b671L,0x0000000000000094L },
-      { 0x312bf98394fb2a03L,0x31a4be4056988296L,0xb85c564995a057c3L,
-        0xdcbdbc2471c83f81L,0x26317da6b7991305L,0xfe4e6ff21865f859L,
-        0x0c4b9624f26cb192L,0xb7ee1b02028ab741L,0x0000000000000150L } },
-    /* 38 << 0 */
-    { { 0x853028d72a5f4a8bL,0x46f120cb19ae965dL,0x12ac2ecc9d4e6883L,
-        0x18413823ed8d4ba1L,0x690815bcef8f3127L,0x9078207b610c2c77L,
-        0x922563d71ef6e744L,0xaeb1530c7d932a18L,0x0000000000000195L },
-      { 0xc87e1acd797bd130L,0xa29e51d193b701e0L,0xe3e3c9a002b7985bL,
-        0x51f9ba596291ef1eL,0x06c5bdf7d0e15448L,0x8611d8bd49b6090aL,
-        0xc0ec0975884bb030L,0xc42d3cc093242000L,0x00000000000000e0L } },
-    /* 39 << 0 */
-    { { 0x0b704119ee33b77cL,0x5b4fa1d48083af67L,0xac0bf434e5fa3179L,
-        0x256b0cc58626a1e2L,0x38d9fd62359c6ea7L,0x9e9661a49b5b9072L,
-        0x5264126356a49902L,0xa0b8f411fbad6075L,0x0000000000000124L },
-      { 0xd8dcdc61228b61a6L,0xf212e74b698e40abL,0xa3caf2415944e762L,
-        0x18dc59feb96825aaL,0xdc0b1240c690db48L,0x68937baa8796154cL,
-        0x602a9a406bbd399cL,0x29616edc7335dce3L,0x0000000000000010L } },
-    /* 40 << 0 */
-    { { 0xaf456a57824c9d93L,0x067fffb5ac53dbcfL,0xb513eb4d0d01e18fL,
-        0xf85d832dc9767b2bL,0xc4ad6090a169b596L,0x9f67883679409022L,
-        0x3a0c67f41886ad96L,0xfdef97e46cd54455L,0x000000000000002eL },
-      { 0xb591f36738ae8e5cL,0x2c101fec75d81e09L,0x4f4ef79e44aa97b2L,
-        0x46a5357b21dc2240L,0x5bb3141d0df516feL,0x23ffc6106dff96f7L,
-        0xc4c2a4687e65a6a8L,0x8e2e3fdd283592d6L,0x00000000000000d8L } },
-    /* 41 << 0 */
-    { { 0x8e00ce952624381eL,0xddfda1a522cc2af6L,0x4c08c3ddc8297bfaL,
-        0x16b931eaf495ccceL,0x85b85f23864a60c8L,0x52a523e4b28998a6L,
-        0x63ebfd9d28830825L,0xa140ed79e85e24a7L,0x0000000000000175L },
-      { 0xebeb760ec1028ecfL,0xf75dd758e7f3a3ecL,0x052a6e551fa28ebdL,
-        0xb39e0e11ecf327daL,0x23de821b22c82111L,0xab59e580e9ee5632L,
-        0x36f21343ca399be7L,0x9696d71855e2d4edL,0x00000000000001b0L } },
-    /* 42 << 0 */
-    { { 0xb7902612a9491855L,0x420bebfa3767dcd4L,0xea20d4e83c72305eL,
-        0x2868fa8595d78243L,0xf5633364979e0bdaL,0x874f472a2a5de6f2L,
-        0x7a0a1c0aa146f918L,0x960dcd7bd7263ed3L,0x0000000000000161L },
-      { 0x38a50e352ad521efL,0x414fdd6ad7d07223L,0x324cba6a2c4cce08L,
-        0xf728d67c4e39de86L,0x2da602f01cc43b7eL,0xa00e6a6b58d1eec4L,
-        0x5c6ae0d1031bc121L,0xc1cfdd433815668aL,0x000000000000016aL } },
-    /* 43 << 0 */
-    { { 0x713e3083224f497eL,0x51f0b62fdee07d20L,0xa3a74e7a9b3d85caL,
-        0xfc66ad7aed7d37ddL,0x8ef0f94438fea396L,0x70678aa2ec1419afL,
-        0xd55022d90544d8a0L,0x0148a165ec58e4feL,0x000000000000018cL },
-      { 0x895829067683adbfL,0x94edb92f76b688d2L,0x932d602b547ce17aL,
-        0x67fd6098879b1cf1L,0x7a3037819f1a0becL,0x2677e91db1d144cdL,
-        0xebf7a83c7aa3bf24L,0xbbaa1f099e78869aL,0x000000000000010aL } },
-    /* 44 << 0 */
-    { { 0x78f253cdcde738d2L,0xb25aa02cb1d33a53L,0xe77fffe912d2b367L,
-        0x761e3e73e6509ec7L,0x7c3cfcbef88c88cfL,0xe1cecbe9fd57f650L,
-        0x5f0c48a04cca16cfL,0xdb51df11f0b29b48L,0x000000000000013fL },
-      { 0x42343b5cbafa661aL,0xa123424f99a20b52L,0x57733ea23d7284a8L,
-        0xa4460186aa2271d3L,0x9ebedc0452b7c2f2L,0x7aac908b39acf39cL,
-        0x4e4f65b3d0338f66L,0x4c8c184a7228a703L,0x00000000000001d1L } },
-    /* 45 << 0 */
-    { { 0xa32dec600fc95c1aL,0xc2954607b66b70c4L,0xdc8ea1ace5703f0fL,
-        0x79189b7df8a1f2d9L,0x7b2df5e3f1972867L,0x7a58f7f28c147cc0L,
-        0x79596b8fff2bc020L,0x69d186aca09e53b8L,0x0000000000000049L },
-      { 0x9498a7cd000903a9L,0x3463f5d90b37564fL,0xe6ed9e879be328e1L,
-        0xb8d5b2802eadae85L,0x35584a1bbcdb40a9L,0x15862a4232708841L,
-        0x4d6ac21f3149fc7bL,0x1ec9b50cd8d3847dL,0x00000000000001e8L } },
-    /* 46 << 0 */
-    { { 0x64f2ae8093e738a5L,0xf672b6d2bd57d22fL,0x07c09231d2ec1549L,
-        0xa6ddb5626540f81dL,0x09f753aaf1c4d248L,0x1a9cfb9a69a8fc57L,
-        0x1998e2d14f33a8c5L,0xdb162d8284a91002L,0x00000000000000bbL },
-      { 0x42c142895961259aL,0xb7ec80b09fa59f0eL,0x7d3af42dc8cd7e17L,
-        0x2a1831112f54132dL,0x2ece424b786f6c37L,0xb81c9fbd9674149dL,
-        0x1fe9c7cabc10b00aL,0x86f0d5921216efe0L,0x000000000000013bL } },
-    /* 47 << 0 */
-    { { 0x2fda63c9abd59d11L,0x0a56a130d1ecbb67L,0x9cee75a3a9c4dd66L,
-        0x381864a0b9e922acL,0x97233106c71dd0b2L,0xe4e4fe2714033ff8L,
-        0x9cf5083ecc35882cL,0xe31f8907048afd5fL,0x00000000000000afL },
-      { 0xd3065d2f1d90e1d6L,0x11ca41599f10673bL,0xebb760f478d825e7L,
-        0x9276080b904982a6L,0xecea7f3276f06497L,0x605f079349209f88L,
-        0xb4290cbbb54ff69aL,0xf95dc8657275fe9dL,0x0000000000000012L } },
-    /* 48 << 0 */
-    { { 0x87027d612ad879adL,0x641752bd214aea2cL,0xdedc21b10ff08ee6L,
-        0x2da0980f3f6fbfacL,0x4b3cc8a5803e72f4L,0xae7d6d6672102c33L,
-        0x8158e5caec62c8ccL,0x35de3b21557462acL,0x00000000000001fbL },
-      { 0xb1958193d256d46bL,0x596f24804841cae7L,0xb7c142e0fb0e3c28L,
-        0xe6214d64a1d97e37L,0x871294f66cc2e1baL,0x76f27fc94d09e2ccL,
-        0xa855b9ec4bb3f5c1L,0x34a5ac1587992dedL,0x000000000000018dL } },
-    /* 49 << 0 */
-    { { 0x0c8cb45049efc0adL,0x7258dab1ac4c04caL,0x91d8c84e2e345fa8L,
-        0x6bc2a2df52f62842L,0xf581b8b111dea9ebL,0x9d45c347ae499839L,
-        0xcba40a63bbaba0d3L,0xcb98fa3c0b8c1d57L,0x00000000000000a5L },
-      { 0x0b9bf46a2c8884b4L,0x4b963fbfb0b88b1dL,0x0c10f2ceebb72bb4L,
-        0x5dd9775543d575c2L,0xb072c39d9da8bf83L,0x749ee467877e5b7eL,
-        0x1409b01bf72e151bL,0xdc95654090d77b97L,0x0000000000000015L } },
-    /* 50 << 0 */
-    { { 0x5386773de84d4766L,0x56b6ddab593aebf3L,0x250a859beaced3f3L,
-        0x84804ab26d84fe02L,0xd8384cf1be365bc6L,0x5312b292e34a0cfbL,
-        0x0baf0dbb1aa3f9caL,0x76204957627b7a12L,0x0000000000000171L },
-      { 0x3f16ac6addc84f8fL,0x36298e21939f704fL,0xad93d2e5b9d0e753L,
-        0xaf8c1321bb6c8d5fL,0x5def1db4859b504cL,0xd3032d3a9450b50cL,
-        0x83e07ea5f688b03dL,0x713d5c2ffb0e1119L,0x00000000000001acL } },
-    /* 51 << 0 */
-    { { 0xa8d916fffbcc9504L,0xfba689ef1d7be2ddL,0x1321ae1b1054cbc0L,
-        0xc2edfe6af07390dfL,0x3ba316cbf9beea26L,0xfdf9f5bde34fe9baL,
-        0x025d93b68145f3ccL,0x395ba51e278415a2L,0x0000000000000168L },
-      { 0x8eb9c45edd5c087bL,0x0600aabed3a89e18L,0x849c36096e3aeba5L,
-        0x97bc2b68badb600cL,0x24e5b174adeb9b3cL,0x52dd878f21c480ceL,
-        0x39d9531942d3f579L,0xcc10f3ca041a2456L,0x0000000000000071L } },
-    /* 52 << 0 */
-    { { 0x86177e368b29f6f3L,0x955114f2afcab7a1L,0xf00784311b6e5993L,
-        0xb9259354dcee33a4L,0x58aef6be769f0693L,0xa4dae03e0c1b4b4aL,
-        0xc39a55b518749158L,0x32e875ce65d1e6d4L,0x000000000000001fL },
-      { 0x9301992d481b07f8L,0xbd6b45f989f292daL,0x112577769cd77ef2L,
-        0x1e73a061b8098a91L,0xa0c126d318c39791L,0x2cbf93bbae0f4ad4L,
-        0x895ea8b22ee1a6fcL,0x3c8e76fb7849180bL,0x000000000000005aL } },
-    /* 53 << 0 */
-    { { 0x6285684cccb69906L,0x08153da9c9880816L,0xd3af581fba4fe12bL,
-        0x4e210e637209a78eL,0x27e82f6f948100c4L,0xf8688be916895fb7L,
-        0x7b3d0ffd310306dfL,0xf6e249195ee693f7L,0x0000000000000143L },
-      { 0xfd6ddaddd40c7861L,0x040a3dfbc4abee6aL,0x0f6a7a9de3b4cf8cL,
-        0x4fdf64f503cf3bb3L,0x35437e8053d10cb1L,0x7dc73fdde42c2169L,
-        0xc5611a0257510987L,0x3e8fcc9618eb2a74L,0x0000000000000105L } },
-    /* 54 << 0 */
-    { { 0xf5ae2048a0ce100cL,0xf707cab63228fdfcL,0xdac4214e4dbf052bL,
-        0x393cf55982451c97L,0xc6d866fdc6c98505L,0xcb09728861ea138fL,
-        0x414997e998e0e3e1L,0x8e65f2a40e6899c6L,0x0000000000000193L },
-      { 0xfa47b98bb8d1b411L,0x0f607d677492659bL,0xc972b99ee0d7fcbcL,
-        0xc6069fa8017db8beL,0x222e0ed99fea4bd0L,0x943485186e2074e8L,
-        0x9c2868a692e89dbfL,0xd556dd0941ce794eL,0x0000000000000163L } },
-    /* 55 << 0 */
-    { { 0x84ad7ccebd470f5eL,0x7fe9ab4bda96ac4eL,0xbe17486b1e0b549aL,
-        0x8cca93917cad27e6L,0x6472d4028e8da1a1L,0x7cb03e9fd9d0a79dL,
-        0xb551e4155c6daca9L,0x52fc4b6d310ce7c4L,0x000000000000004bL },
-      { 0x7a196cd230a36ef2L,0xfa03a23006a096eaL,0xd69609e345b53586L,
-        0x10aa85895c5a084cL,0x00fb114a7dbae155L,0x619f44311a16a0b6L,
-        0x385ea7907a1a7b2eL,0x85e54fe81461ae21L,0x0000000000000035L } },
-    /* 56 << 0 */
-    { { 0xb3f739d5ae2df998L,0x1df04ea2e96c1840L,0x5730e56267acca24L,
-        0x01378e253fef51d2L,0x9cc29b3435be97f6L,0x638c12398e4b8b01L,
-        0x7e9056e95b0cbef7L,0xd775038527f32bafL,0x000000000000003cL },
-      { 0xc10d9706f4083cbaL,0xeba60fb5d8b4723dL,0xc431863c1a8cbf15L,
-        0xb52a737cbaa0ffa2L,0x7c1e5b54987f4a28L,0x2b0430e114f67a39L,
-        0x70e1a3561fc3e123L,0x9bf7cf42095c5b17L,0x0000000000000078L } },
-    /* 57 << 0 */
-    { { 0x3475330a4e9a13e2L,0x8372c8fff95c8450L,0xf66fd5bc64b8a520L,
-        0x4af300bbde9118b2L,0xef3c6d77a521b9f8L,0x5a8defe72e6dbf85L,
-        0x4463da75efb25ffaL,0x53c3e7fcf3c902e0L,0x00000000000000dcL },
-      { 0x33ad7f7fd9c4248fL,0xa9493190c62a5532L,0x4a3f82056a929f73L,
-        0x3482530d0d3bd86aL,0xb62e7eb390dff3eaL,0xb13d0dd2caf9d989L,
-        0x68073ee6c4d4f8f7L,0xe88fccd4fdbd992bL,0x0000000000000074L } },
-    /* 58 << 0 */
-    { { 0x0f583210d81ab70dL,0x5479d3ccb04647adL,0x342a03e174a3106aL,
-        0xb96a728ad56c650dL,0x9871b54c6764d3fdL,0xe61385c801f5277cL,
-        0xd53b6ad821b5026bL,0xc46df1c09851ab92L,0x000000000000008bL },
-      { 0xfa08b29292c1205fL,0xcdec69190bf94d71L,0x3b8ac3a45ca1b766L,
-        0xee784bec8fca81a7L,0x52b53e4fe686134fL,0x765073f1f9a731aaL,
-        0x7a4c58d40bfb0e0bL,0x48ff92784e9946a2L,0x00000000000001d9L } },
-    /* 59 << 0 */
-    { { 0x63be8a26eb16686bL,0xcba8524ec3472088L,0x1a90342d64373a8aL,
-        0x055693c9b1344c69L,0xaae5c2934c222920L,0xc7223c5d98901999L,
-        0x063c60342df29eadL,0xaeb454ad31876773L,0x0000000000000035L },
-      { 0xcf4aa03c5381fa2eL,0xfd82c38cfaffe51aL,0xc9fd5fddd64ffec3L,
-        0xb8cf8c44bc83d0b8L,0xe22f2ef3cb6efd45L,0x15a48db3660903f4L,
-        0xdb0b0ca0aff1ba7fL,0x7ecbec147e7e43b4L,0x0000000000000018L } },
-    /* 60 << 0 */
-    { { 0x9fd17ffbfca45bdcL,0x051c3f6061c25274L,0x7fb6bf92d04b42fcL,
-        0x92681661adc786c5L,0xf79836e37bbe1183L,0x36f33caef52de9fdL,
-        0xccb82b562ed32ff2L,0x8a508e954435eff6L,0x0000000000000003L },
-      { 0xf8464ad3910e9522L,0xd748f73799f3e5d4L,0x4b1ccdfa683285b4L,
-        0x5edb1e7a605abfd0L,0x997df1a529560a5aL,0x9b0ecf8e37baa0e9L,
-        0xdb7a7399b931e716L,0xbd87d8b1e7bd4d2aL,0x000000000000008dL } },
-    /* 61 << 0 */
-    { { 0xcb53d8cfcfc376a1L,0x952bad1671543c41L,0xa5e7fce59a7b32d7L,
-        0x7193c11a77dc0b39L,0x4cd724b1be8b1717L,0x8b6cd17d5b660d1aL,
-        0x92ca7c732a1c7d8fL,0x544c4a011407425cL,0x0000000000000115L },
-      { 0xb8eff8cd4a17604bL,0x56f22ee9c3fe5e24L,0xa834ff603afa032bL,
-        0x03f78d54b7f553a8L,0xec097a3aed58c6a0L,0x79af485fef422cbfL,
-        0x07996d2a399c872cL,0x3df9c6c0ac6485b3L,0x0000000000000115L } },
-    /* 62 << 0 */
-    { { 0x9627fe31114dc85eL,0xf0a8c971ef2a1696L,0x213f3fe32bfd4e19L,
-        0xa38bf246fec516fdL,0x943ae59581dd5885L,0x378b0b7bc177aeafL,
-        0x20f6ed49f27734e2L,0x05dada534c5c8ae0L,0x00000000000001f6L },
-      { 0x19f1002224aa57b5L,0xdda2d7e072a578a3L,0xcb156b6e7671eb7aL,
-        0x6284a831f6b296eaL,0x50e685ccd164a220L,0xf2b0afd6935f4aaaL,
-        0xa2252c7a4be38a37L,0xf96d82698b78d305L,0x000000000000014fL } },
-    /* 63 << 0 */
-    { { 0x0f5beb6fce8888e5L,0x75af7d025770ac8dL,0xc63996847586265eL,
-        0x3ae99661308e125eL,0xe7f54fe4d51b0845L,0x1ca21b5affa0ddc1L,
-        0xe82f799acb0a6e8eL,0x32753b64640c457fL,0x00000000000001c1L },
-      { 0xe9d15ad2a03dba15L,0xaf657b5bf664a2acL,0x13f78f82f0071283L,
-        0x05d3dbdcec1896bcL,0x595e8c353aa22380L,0x1a9e093286414006L,
-        0x6d81ac89b205d796L,0x47e184197a053817L,0x0000000000000153L } },
-    /* 64 << 0 */
-    { { 0xb53dc38ce320f742L,0xf5aab8029a04fd41L,0xa7c02c1603e7001dL,
-        0x1bebd3c5efda3773L,0xb614b9ccf8872d27L,0x7ebdbba81860bbacL,
-        0x4f3d7c0392fec2a6L,0x9aa17dce1112ecd1L,0x00000000000001abL },
-      { 0x5af17058a5f8df5bL,0xc1c1a5dba0653dd4L,0xf4a7b9e3af958043L,
-        0xac165ba1508d4b10L,0x0c63ba369e87ab8bL,0x9bb1cc8b2fb1dc1dL,
-        0xaa10217c57b9586dL,0x8d70eb848e920573L,0x0000000000000074L } },
-    /* 0 << 7 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 7 */
-    { { 0x76b026e5736fa9e0L,0x2e27e720e23413b5L,0x51df70816a5f814fL,
-        0x4e49496876271d7dL,0xd3124af75ce07d97L,0x3c9698bbc2d6dd2cL,
-        0x631c070153023fa8L,0xd41259f27e381f83L,0x000000000000017cL },
-      { 0xbc309412c9dfb131L,0x0e3434093472a8e4L,0x4e69c32464ace613L,
-        0xa49ff4b0dc99ac8cL,0x1b4fabc3b1af9ca9L,0xdce01ed3e7df7966L,
-        0x5330ffdefbc7a682L,0x6e5df506a8283dceL,0x000000000000006fL } },
-    /* 2 << 7 */
-    { { 0xb38e8b9069be00acL,0xe46b33cb95e50b81L,0x9c9152c41f5d4723L,
-        0x7b8f4f6e8c2a465aL,0xb85fa9e8f269cb33L,0x03c7389ecb5b47a9L,
-        0x458afc780f312e99L,0xf40a0f02b5ac20c9L,0x00000000000001d5L },
-      { 0x8fac1245486bde7fL,0x1430cd504d4a7784L,0x58d2b99dbd29a67bL,
-        0x965cf65738e3bcebL,0x062dc3aa57354f17L,0x40ed2a81e5b45635L,
-        0x981bba93103b69c5L,0x3503aa73413c42fcL,0x000000000000008eL } },
-    /* 3 << 7 */
-    { { 0x56870723706a1717L,0xdee44d64cbecf7ecL,0x2120fc43ae06d588L,
-        0x78086900695451dfL,0x596711a00b6e13b5L,0xb8e2b20d76c11762L,
-        0xc1f30fd6f71431ccL,0xc8cfecf557133623L,0x00000000000001fdL },
-      { 0xb73cd41565e5811aL,0x688b3301550441c7L,0x9cb5a657d50fd76fL,
-        0x724f5ed8b588f34aL,0x48eeb907f67f5927L,0xf71b353897aa02c5L,
-        0x0239e51026db84caL,0x61ab0a5710fce663L,0x000000000000014dL } },
-    /* 4 << 7 */
-    { { 0xa48e3c3a9bd47f93L,0x4e1485e3636c0850L,0xd8264f7ff0ea4f3cL,
-        0x0b9047fc044463c8L,0xb03311c98360fdf8L,0x007c068dd0db7f48L,
-        0x5e82c7e7d429af87L,0x5a81286a6d64d318L,0x000000000000000eL },
-      { 0xe1d75c7eef97408eL,0x7c54b93f58a5e905L,0x0d8eee9a08c607d5L,
-        0x2aeac3b0e2dec0b5L,0x96db5ced9fc99e2cL,0x27764de20a51c0acL,
-        0x7999170f1b15ad22L,0xdcfc7192ced85f26L,0x0000000000000137L } },
-    /* 5 << 7 */
-    { { 0x136100c21f0ab49bL,0xf2763c0d8fd640c8L,0x32576a60a10ab0fbL,
-        0x45efed229b4b2fc8L,0xd50aafff5ed021c9L,0xb8246dec184ac0c1L,
-        0xe2519fc446002b5cL,0x440b77c67d492f06L,0x00000000000000a7L },
-      { 0x24fdbf51777310deL,0x1b57c3c267a603d1L,0x4daef7f2d4f9e51fL,
-        0x2326062ffc847f9dL,0xbf6644f62f1175f9L,0x170083e32d9bbb9dL,
-        0x7f64b63896089981L,0xb949d76a9accba57L,0x0000000000000165L } },
-    /* 6 << 7 */
-    { { 0x49eb72c3f62a4087L,0xec8734325b00b2bfL,0xbb040159643c12a4L,
-        0x2ef972f4eac95679L,0xc7e358bd2bbea697L,0x924a6105db23f1b4L,
-        0xd587c6bebdd61fe2L,0xf348d2f7aafc22ceL,0x0000000000000058L },
-      { 0x7bf1deec930f49aaL,0xfd3224c43cec939aL,0xac7eced36d94e0bfL,
-        0x5ef5a81cb2c7b10fL,0xa6e9c773f85c84d4L,0xe139b7ab2f547b59L,
-        0x436bffd61fd522dbL,0x32ee281e0b189b69L,0x0000000000000073L } },
-    /* 7 << 7 */
-    { { 0xb97c4ac3ef64ffeeL,0xfafc66c9e0513ff3L,0xcb15b02551d57f8bL,
-        0x5a94fca3a0f73040L,0x1df583781ecdef64L,0xdc88683a2e876043L,
-        0x897308dfa547bc00L,0xf9d9cd0346cddd21L,0x00000000000001c8L },
-      { 0xa05d56b56854aee5L,0x948513d41337a153L,0x96806e7b1461e392L,
-        0x74d411bcd4f89728L,0xe39ed8aa54173ab8L,0x82acdb9ae17fabd4L,
-        0xb0b61eeaa5fd0c85L,0x4ab388ee0a933577L,0x00000000000000fcL } },
-    /* 8 << 7 */
-    { { 0x8a4d6b672986daf8L,0xff67c35d3f0247b1L,0x3e45f2e50f48c2d6L,
-        0xba941fa43663525bL,0xfe5a47af97fbdb12L,0x617a16b820ae9103L,
-        0xfd6eee9fc57a09d0L,0x4bfffdbead5fad3bL,0x000000000000018cL },
-      { 0x7c2cd6fce8839b07L,0xee10cab923601344L,0xceed18245f0b8f0bL,
-        0x6ea30adb68064245L,0x66306dadbf29705fL,0x4f9d0131be7db901L,
-        0x1d972c0a531d35ddL,0x0ff3da3c08edcc09L,0x00000000000000c9L } },
-    /* 9 << 7 */
-    { { 0x69344fe39d6186adL,0xe85c33e690fc2732L,0xde9bf41a7d60ee51L,
-        0x9d90a9105a70cda6L,0xff3b1a64879cdbf2L,0xcd89aba7dd686017L,
-        0x9a891f87db1f6b9cL,0x6fa1abfc9b556eb2L,0x00000000000001f4L },
-      { 0x9aeb96367a4d8d49L,0x7f968cba1b2933faL,0x0e04c95323abd39dL,
-        0x4a4b0b0549509543L,0x95fb7e645e7d71ecL,0x9568b11718f7086eL,
-        0xeb8a07ef0390b0c3L,0x7b8624d13cccb970L,0x000000000000014cL } },
-    /* 10 << 7 */
-    { { 0xb491062b1c6cac89L,0xf20c58359adecc2eL,0x488d7b916f1d7401L,
-        0xff98b90e94761e60L,0xe63993ca857557a9L,0xc4ff9951acdeadfcL,
-        0xed5a53c7fd8dccadL,0x42e02c14f101c24aL,0x000000000000012bL },
-      { 0xbb9fe6f6bd3fe0efL,0x72f26ffcc1393d0bL,0x2e831b196c25ed19L,
-        0xdb50a0d7ebcc6b99L,0x202ac3c8245c479cL,0x97b284d7436117a0L,
-        0x13bd5e82fd694e11L,0x452b5a94022193a6L,0x00000000000001c8L } },
-    /* 11 << 7 */
-    { { 0x3d8c19764ac0927eL,0xcbc9ba6613389954L,0x727a3bb8defdd149L,
-        0x4b2d64d24a3e6bb4L,0x4f5d185658ac36e0L,0x6d5e79b9f5acaac1L,
-        0x426e868b4b602032L,0x1efd37220c41942eL,0x000000000000004dL },
-      { 0xdb8ef6c4ebb168f0L,0x0b4d7fd2de0e0478L,0x9c77f534097fdb12L,
-        0xadaaa54bde3ea9bdL,0x3bdbe93f45f9f191L,0x45cf748118bd8d2eL,
-        0x422ed3d85e63012bL,0xd8c1b94ed20c2076L,0x00000000000000cbL } },
-    /* 12 << 7 */
-    { { 0x65c7757b84367fecL,0x7ff69a4b6aa22fb7L,0x197f4c3659b0a103L,
-        0x897241b712350397L,0xefb60dd033bf2644L,0x3ed30a65944af798L,
-        0xd67a5cbd5bd2d770L,0xe9d97ea6f3caa508L,0x000000000000006eL },
-      { 0x94633f8662fc83a9L,0x6d68a34729a5137eL,0x88f2b4777bf9924dL,
-        0x7bd70fcc00b533fbL,0x4dd3b695b7b8167fL,0x85dfca1cd0162981L,
-        0x2f96a81f43e5022cL,0x2596b2ef14872ddfL,0x0000000000000131L } },
-    /* 13 << 7 */
-    { { 0xf21f278ab1cca421L,0x69452c4fc9c944e1L,0xab6f0267b5e1995bL,
-        0x6871f6bf8e371695L,0xa175e5747c561f3eL,0xa0a9a596fc97048eL,
-        0xdeb9a72472d14a89L,0x6068a848beb4e020L,0x00000000000001acL },
-      { 0xd187185e41589675L,0x9ab0c85fe7f8b9ceL,0xd866c2c25a6ef98bL,
-        0x4fe3a42c88dd5569L,0x28e16344591c5ce6L,0x2ab62c9dac764ab7L,
-        0x924cfb8417e00b2aL,0xb039e64f1804d328L,0x0000000000000039L } },
-    /* 14 << 7 */
-    { { 0xd59595d1d131f694L,0xce8a83752a7fdc21L,0x9e62e8b175869627L,
-        0x336d78456e01b014L,0xb53acb366ea5a8edL,0x4451f2e57dd8ac89L,
-        0x4c8cf19c2bc29533L,0xfbc29ef47c10e63fL,0x000000000000017cL },
-      { 0x9bc2ec347a9357faL,0xde489a133b8a04afL,0xb3521cda230520b7L,
-        0xd7699690af6deb0dL,0xace1af3a14655a0fL,0xf628697fcd89b94bL,
-        0x40a71ea33c079ab6L,0xe7b89297fd251809L,0x00000000000001dbL } },
-    /* 15 << 7 */
-    { { 0x49041d4784ed9ff2L,0x199606dfb57c5ed5L,0x3b8805182e409600L,
-        0x854b5c40f0548f8aL,0xc64b1a67810d2870L,0x7232957f7095700eL,
-        0x84f1a370b4758cf0L,0x5c267b9e70f58198L,0x0000000000000132L },
-      { 0x0339062438472718L,0x07734d06b8b84729L,0x1b78f06c26126b2bL,
-        0xd92e040a77c87891L,0x2c4ba3849588cf7cL,0x09b19b0e230e1a23L,
-        0x634174526980a2b2L,0xd34ae179bbe3f6e1L,0x0000000000000023L } },
-    /* 16 << 7 */
-    { { 0xd00804524043c91dL,0xe3362d2a01d9a152L,0x3d143282404673daL,
-        0x1d1c9b70a881d770L,0x4254627ed4a785a8L,0xf801104f2d8b8d09L,
-        0x306f6f22c6ceca92L,0xf0529d16130418eaL,0x000000000000011bL },
-      { 0xfa1e73fd6d8f9fa8L,0xb402cacceaa0860bL,0xcb08d922ae11ae49L,
-        0x79908f8f76387f9bL,0x126b0ebab8b14819L,0x156a5ea63bb333a0L,
-        0x0ba63111fe7f302fL,0x225ee26a4cd4f889L,0x00000000000001d0L } },
-    /* 17 << 7 */
-    { { 0xfcc2afcec54b8cc3L,0x2c4032b2bc4ec6f5L,0x9e6c26d66c62aaf9L,
-        0x7b93cc5ae1eb8fc8L,0xce80f55d20a95dbdL,0x841e250cb822f54bL,
-        0x9b84e5a91965018dL,0x36e53589b969312cL,0x0000000000000002L },
-      { 0x3c511a989eaeb028L,0x2efdcdb20cd5d5c6L,0x3226c4a858b01f2eL,
-        0xdc5dfb8949ca64c9L,0x9afbb61ab0678018L,0x4114e7856d147d7eL,
-        0xef683c889ff02c8dL,0xe143f8689b0655ecL,0x00000000000001aeL } },
-    /* 18 << 7 */
-    { { 0x4300169a60b57216L,0x0143c544441bc961L,0xa682548d7fef586cL,
-        0xf064f99ee993fe8dL,0x169a43dbdeba875bL,0x935ce8bf6d3cd064L,
-        0xe986a7cb7c9700ddL,0x1447fbea51c0f10fL,0x0000000000000117L },
-      { 0xf10cf577e3adf2d8L,0xfd750660bf433d46L,0x4944b8842395ce48L,
-        0x63c24a4dc1725875L,0xb12376d0f3392f50L,0x9fb12a1a97588187L,
-        0x3c03cc124bb92450L,0x26f27fe0b4e9c733L,0x00000000000000c8L } },
-    /* 19 << 7 */
-    { { 0x67ab4438cc4b3b6cL,0x9d47969be199d9c5L,0x95211e215e288cf6L,
-        0xec223f59eb99a911L,0xd4408dad7fbc455bL,0xcf5037c6e8bd254dL,
-        0x8d0f9f2ca920b371L,0xafbc9c94f0d5952dL,0x0000000000000100L },
-      { 0xdd090be1bbfd4541L,0x91fb0b2960a60ef2L,0xa631624d7477e013L,
-        0x121ab825fa1b4a90L,0x13446ddf0a2bfab6L,0xdf92e361a05dfd80L,
-        0x5a41609e15079b20L,0x815020c4d656089fL,0x000000000000016aL } },
-    /* 20 << 7 */
-    { { 0xdcf42b383b9e35b6L,0x5b92cc18d2a99f54L,0x55d1c68c30e7c057L,
-        0x3a66cba43a7bd12bL,0xbd21276482b879e6L,0xd0154d7d0bca108eL,
-        0x1e0c926fb273e3a1L,0xf063b1fd5e005f6eL,0x0000000000000169L },
-      { 0x7eea86aa702dd8e1L,0x4ed21f67fb054211L,0xfc634d80c3b592f6L,
-        0x36066f725afadb07L,0x11244608875383f9L,0x57a100127c01dd73L,
-        0xfa53012f4eea7d92L,0x32fc27c706e46a11L,0x0000000000000151L } },
-    /* 21 << 7 */
-    { { 0x0560b7a81cdbe62bL,0x48216ec02b69b169L,0x8473c01ca53cedc8L,
-        0x4b28a72f421b41f1L,0xca176bcdb2a9e3a2L,0xa53467c885e7ef54L,
-        0x5acde94e6e7b42b1L,0xca852c3fe58d357dL,0x0000000000000184L },
-      { 0x361ac3bf65696a12L,0xa17302498773f839L,0xb67cda7b8af8aa33L,
-        0x495fa40ff68d9e49L,0x1db30912ed1f64d0L,0xd69756d5040cd7f7L,
-        0xf00a572051714973L,0xb1431d1bbd1c1d1fL,0x00000000000000e3L } },
-    /* 22 << 7 */
-    { { 0xfe87dde0d9e02e98L,0x416547e5c932a7d3L,0xbac5a7827d904335L,
-        0x7077ab520fa3993dL,0xbe4eacb39ea4d3e5L,0xcddb4006f56df114L,
-        0x0c4fcca5a34c7b12L,0xa1450a3a05dc8144L,0x0000000000000178L },
-      { 0xb5d6b79945594505L,0xc1e8f726dd0ac080L,0x6269b2a1e2d97d82L,
-        0xe9c9e6e320004746L,0xab497cfaa7f067f5L,0x55fdf3a16dfbd572L,
-        0xfb825d8470231374L,0xbe464555e606857aL,0x00000000000000daL } },
-    /* 23 << 7 */
-    { { 0x4aa75dbf3fe45c64L,0x984319bfac44599fL,0x6a9f5fe68d365824L,
-        0xb188e2357af31facL,0x238f73c3d9a23fafL,0x55ae76a5b2011c25L,
-        0x3fc45a1279e98b35L,0x4cebe6d6b9178aacL,0x0000000000000002L },
-      { 0x2ad7f331d91ba2ffL,0x337d19a14528123fL,0x6966284d9172998eL,
-        0x3dbe46a5a78104faL,0xd64c5cc3126b5bc5L,0x7c3b65aa76f1dc3bL,
-        0x51807e032b762128L,0x5a96328ec6a60ccbL,0x00000000000001e0L } },
-    /* 24 << 7 */
-    { { 0xa0242d2359b58cfeL,0xdd86e8cadf33a5caL,0xf5108bc2b08cbf3aL,
-        0x4eb5d82bda1733ecL,0x01eb740244dfac1dL,0x66f1ca152a30cd80L,
-        0xde973c30bfd63e5dL,0xeda12faf640918e8L,0x0000000000000148L },
-      { 0x250a8d93bd70515dL,0xb2d0389b15f9705bL,0x4845788f4ee84ceeL,
-        0x88926b3283f6fe3eL,0xd487de769e834d93L,0x3e4a88e11b7dfaa1L,
-        0x10b6759de684beb9L,0xefc2282ffc887b1aL,0x0000000000000021L } },
-    /* 25 << 7 */
-    { { 0x5abbd8f370fe7fa0L,0x3f9bb48bf231ffd3L,0x935b99d8645a2ba8L,
-        0x6516eb26a79dc498L,0xb3f04c2b9205d3a1L,0x947f338edbe99243L,
-        0x7fb24af62be752afL,0xfe1b2b011053a4b9L,0x00000000000000d6L },
-      { 0x3bdc2af92a4ff7ccL,0x17cf61867902709aL,0x37394caeb4a54187L,
-        0xdd2fa8aaa97f6c1aL,0x61478eb937775709L,0x9191485999524713L,
-        0xa52dace45c79ed9fL,0xcf33ce2c602de95aL,0x00000000000001a4L } },
-    /* 26 << 7 */
-    { { 0x34cdf57179fba304L,0x2da4c0b855cba8eaL,0xfa08edb0e3ab7e7cL,
-        0x89bb570a1176d554L,0x13f14aecf620989dL,0x070496cf73ab04d1L,
-        0x0fd6e1e4e776b1a0L,0x6be78274e938cbf6L,0x00000000000000d9L },
-      { 0x8c93bc922cea82b4L,0x841a245a8f61cc83L,0xf6d7371707b43460L,
-        0x17789f54496e9107L,0xd79a87dabf60ab90L,0xccb42770f04f3232L,
-        0xda9dc1deaaeb6908L,0x0389467e83b7bd43L,0x0000000000000081L } },
-    /* 27 << 7 */
-    { { 0x8a119d3b89293e7fL,0x8829872e7fd1cb46L,0x511969b796e8a867L,
-        0x2ae47fde2fdcd328L,0x657ba478462c5116L,0xed1e2c23686b8ab1L,
-        0x9e111f8d653b32c7L,0x507b05a0cf55d5efL,0x000000000000005eL },
-      { 0xe452817b4beeff01L,0x20683c1527b777f6L,0xe075294f9877e28dL,
-        0x56526da46e018831L,0xc0f16bef1997f554L,0x167a23dd2b350ba2L,
-        0xb656c0d37a19f7c2L,0x0f9c5b5b5adc0909L,0x0000000000000110L } },
-    /* 28 << 7 */
-    { { 0x536183888cc1b1d8L,0xc4caa4f436009a81L,0xbe295ba7db665aa6L,
-        0x4ca4e46fbc0a3df2L,0xfa5d29b60beea0f1L,0xeb13931e86c30cbbL,
-        0xc3fbe7b253ec9ee4L,0x95a931572b98e62dL,0x0000000000000003L },
-      { 0xf8ef16326477ddd7L,0x87ad8c3b79fe61f1L,0x5d00661fb635ececL,
-        0x181527820f321c67L,0x4819373f635bba1eL,0xde36d5089a09eb68L,
-        0x48d4a31bb4c9aa92L,0x28c3f527bb549db3L,0x0000000000000182L } },
-    /* 29 << 7 */
-    { { 0x38c9f940c68fad90L,0x77d0f2254b76e5d4L,0x7df41a86096626aaL,
-        0x377aea6d8c22d84eL,0x8228cfbb882544a5L,0x89f9f9b3b1669379L,
-        0x7a0ef6c3e8ac7a4eL,0xccef3bafc96ea0a2L,0x0000000000000172L },
-      { 0x70f4de9feb10583fL,0x76f7b047c27ee4adL,0x544bdfb63fcb3ebcL,
-        0x632d453921a2c4e7L,0x4f70b8c6ab207ae0L,0x2daa1737ce209d65L,
-        0x9f094efb4921286aL,0x725653ef5465a990L,0x00000000000000a3L } },
-    /* 30 << 7 */
-    { { 0x16a72eb79e6dbb64L,0x0e4a2f79ddd1a126L,0xa231a534482b6a66L,
-        0xd1506e255f4424b5L,0x72869485b848cbb7L,0x8110e25977260252L,
-        0x4f3776fa6132f329L,0x71ce95f6f911712cL,0x00000000000000c9L },
-      { 0x85e3de361c4417d8L,0x26e85989703b3b41L,0xcb1f8ab41d0da946L,
-        0xe042ea5196c2e272L,0xe2255e1f662c470cL,0xa1bd3d5672c1f8b9L,
-        0x38698fd77fd14593L,0x4b9eda73f820ee6dL,0x00000000000000edL } },
-    /* 31 << 7 */
-    { { 0x6bdf5a24c96f6fd8L,0xde9420b80ec69af9L,0xef89755b25a46a01L,
-        0xf7447d81e8871eb1L,0x1477c32e4ed21e9dL,0xdf036e42996bd5b5L,
-        0x78099d1b9918c856L,0xfd2e3b70f8dfe807L,0x000000000000011eL },
-      { 0x19437721fb1df8efL,0xdae12e1cfdd0d41dL,0x3fdde152bbb0b79fL,
-        0x8f8c75324bd97ea2L,0xcdbac848d872e34fL,0x2b507f37168ac6d3L,
-        0x3128cebe46a04043L,0xb4196978f5a821c8L,0x0000000000000092L } },
-    /* 32 << 7 */
-    { { 0xe070a145e4ffac9bL,0xf8295455aa280fffL,0xa2d6cf897010805fL,
-        0x04e130893220ff7cL,0x5935e6e2ad11681eL,0xd91efb7bb9cef2bcL,
-        0x3c260b9914bb8c4dL,0x24bf88d53a265599L,0x00000000000000f0L },
-      { 0x1ff2439ccc9c279aL,0xdfcd0b6e90bab4cfL,0xfa08a7bac3acbfdaL,
-        0xc91b8f40cdb22a56L,0x9624ac18672be103L,0x1e59bac0a7cb0f83L,
-        0xae0aa78eed5f94c6L,0x9655b8c3b43029e1L,0x0000000000000052L } },
-    /* 33 << 7 */
-    { { 0xf0abb749e0b45567L,0x35a3562be1b25216L,0xda2ba89fbebb512cL,
-        0x4f4fc05d4d9c9ed4L,0xf4f488b08789462aL,0xc1b1ed9676223e7bL,
-        0xf4702d30ca356c71L,0xf25425fa6075b8afL,0x00000000000001a4L },
-      { 0x48f573eca93e0794L,0x336e5577b317dac3L,0x66be7dbc49940907L,
-        0xa2da2289fe310627L,0x4d39847d129aaefdL,0xfc33556aa71e2383L,
-        0x3f36017c8c962e42L,0x4a29a03939ef2110L,0x00000000000000e8L } },
-    /* 34 << 7 */
-    { { 0xdec3cf59ea27c05aL,0xa7f67083b52e2b6eL,0x38ce7a200474b960L,
-        0xdd1975e729def768L,0xb114af497c50fb3cL,0x11ba4d4fb0b25935L,
-        0x5b8088f0f6882daeL,0xdacff26b9f98d4a8L,0x00000000000001c2L },
-      { 0x14dac24531675d19L,0xb28812683ad6531cL,0x335b8fbc4fcee598L,
-        0x03d355986a6218a9L,0xf949f8bc00de3490L,0x5f3ac4d1197b4f84L,
-        0x5d0134a9bf92f51dL,0x34d805dbf42b3ec5L,0x0000000000000106L } },
-    /* 35 << 7 */
-    { { 0xacde8c05303edc58L,0xe7448e83f30b2de0L,0xd01600b5f56693dbL,
-        0x11dddd528d1de024L,0x504351d8ae9a52a3L,0x9575e24ebb9ae192L,
-        0xa063f065f2894ae3L,0x3217c3923c876549L,0x0000000000000083L },
-      { 0x212aa9d5e6932da1L,0xf7acd1f004c91e15L,0xb961a8a429495668L,
-        0x943925040ea593f7L,0x834bfa64200847b6L,0x033b1ec77dd4647fL,
-        0x4541a2f2334e806eL,0x90ec0295dc2bc63fL,0x0000000000000126L } },
-    /* 36 << 7 */
-    { { 0x35da5eaa514aa1a0L,0xcdd35c375b9bed0eL,0x91f1d3dc0834c326L,
-        0xe529992bef9c0f44L,0x04570f257660418dL,0xbbfdcd21f2e7a423L,
-        0x2b52019a1b481b2aL,0xf06a0cbd956bf66eL,0x0000000000000133L },
-      { 0xf47b962bb2bf730cL,0x22ad11370b787697L,0xc2c14c015f9afe14L,
-        0x8bd0f5f23b4dbb1fL,0x2787d1b7137d3f32L,0x0e60261f91a6f97aL,
-        0x761bfe8ae5b0f47fL,0x9e0f42185e729f2fL,0x000000000000005eL } },
-    /* 37 << 7 */
-    { { 0x3c0cdc877d8589ffL,0x6b599da101ab0129L,0xed6ae833cb178542L,
-        0xc4206185c7014257L,0xfdee5dc18ed75972L,0x30422a42c46afcb6L,
-        0xc990c82f85ac77a7L,0xc73e857d3a775c10L,0x0000000000000180L },
-      { 0x2dd3442b8642a173L,0x89d3b9151d213119L,0x19f6ce0fbd1f66b3L,
-        0x1cb3fe0ba7811243L,0xc8383bb3c3786820L,0x8b5dc0c1b06a0e53L,
-        0x575971ed870c6488L,0x5c1eab4ff71666b8L,0x00000000000000daL } },
-    /* 38 << 7 */
-    { { 0xa112afd237c6742bL,0xf85c7e5425ef3985L,0x4e623a062fde58cbL,
-        0x4831bb2c1b18660eL,0x070a617b8cc9ce53L,0x3b59092b1d9b9cddL,
-        0x4ff5178379d76cd8L,0xc59e27c72cd5db8aL,0x000000000000018cL },
-      { 0x18adadff364202e7L,0x7394b31421136377L,0x27ee75271da7b19aL,
-        0xca9f1342464f6acfL,0x1f1d417206c24afcL,0x9b2124214cee62e0L,
-        0xb63db356d4324e57L,0xc446ad3f5e72cf84L,0x000000000000013eL } },
-    /* 39 << 7 */
-    { { 0xb4dab7c1dd5c0101L,0xa2df684b3940fff8L,0xb22f144657aeb440L,
-        0x20bafed817987125L,0x5d3a5c17f81f2ea1L,0x8542239d74810449L,
-        0xeb05aff9d7f767b9L,0xe88b3034fd75c524L,0x0000000000000041L },
-      { 0x1dc76528d9c83428L,0xd317a4a7299a05ffL,0x2868cf78d8e73503L,
-        0x4d9140a24d6ccb4aL,0xe0b0f24894eb64c8L,0x4b38e9477c5e853bL,
-        0x920c1373dfb43575L,0x069956acc7f6e5c1L,0x000000000000001eL } },
-    /* 40 << 7 */
-    { { 0x2120f7a02565cae3L,0x8b7701807772e523L,0x83d1d71da1a4e556L,
-        0xac9de3546893b076L,0xfc06849cd643a9a5L,0x66cc453d6e46c73eL,
-        0x295b72d3e6b4cb6cL,0x27d7ea49f8d2fd22L,0x00000000000000b0L },
-      { 0x0a0022913905ce31L,0x58fa6abc37b6e43aL,0x639d7074f0bed901L,
-        0x751cca9a0b2b80d7L,0x498f8be5356bb88fL,0xa1e192ed084fa7f7L,
-        0x72123071fdabffe4L,0x375dd6cab6d31ec0L,0x00000000000000e2L } },
-    /* 41 << 7 */
-    { { 0xb986a1033fa0a922L,0xd8af1426471aa7a6L,0x142757f75da16f1dL,
-        0xaa5aa2e5112ab9daL,0x2528729d7a36d194L,0x66f8e9d2a5931641L,
-        0x647ff5ed954111d4L,0x91353bb782096582L,0x00000000000001f3L },
-      { 0xd5e1357471f27d0aL,0x8a17cfc4bef718caL,0x045d82b76c25b86eL,
-        0xc190470da060638cL,0xfe1ccd344fe469efL,0x7216f6a2b6e4a4e6L,
-        0xe878f0013d4ecd71L,0xd9e6bef5c06db8e1L,0x000000000000000bL } },
-    /* 42 << 7 */
-    { { 0xa2ac1ae9ac8574c2L,0xa94d700bd8e57fc9L,0xe553a50483768f7cL,
-        0xf7ee17786a4b96ceL,0x9cd65ec7435476b3L,0xec29f389227fc1c3L,
-        0x04d7c2cb02ab76ceL,0x955fc98eabeea649L,0x000000000000003bL },
-      { 0x2caa7206a4347b25L,0x8f9c3dfc888d9c02L,0xd13abad5c7637e02L,
-        0xdd4f2d9889bff5e0L,0x6639923e91237db0L,0xfceb7bec76b38fc5L,
-        0x6f51b35946622c86L,0xcb45000bbc3b052aL,0x0000000000000096L } },
-    /* 43 << 7 */
-    { { 0x7bdd3a436fe42b7bL,0xd751294a80a13668L,0x0c360e45a02c31b6L,
-        0xcadb32ec364ab022L,0x714b47b52915fc64L,0x12894036314a27daL,
-        0x93988364131a29c9L,0x8345fcb41c11e126L,0x0000000000000020L },
-      { 0x7379fc37adf71005L,0x763700973e92607fL,0x7ef1e34ade1aecfaL,
-        0x3e9dccbc364796b5L,0xc2a20940b9b3b46eL,0x209ff5a7b71eead0L,
-        0x8fc5eddf3e6a184bL,0xcaf50b8310b1d636L,0x0000000000000004L } },
-    /* 44 << 7 */
-    { { 0x24ac95c1b023a7a7L,0x900f86d152a600b3L,0xee5907d16cb1e79cL,
-        0xac05c5459e15310bL,0x379b5f665baf1a18L,0xb936c3748ebdeb65L,
-        0x2da06f140b4bb218L,0x3cce7e77a902a571L,0x0000000000000105L },
-      { 0x6e88f5350d47761eL,0xcdbe953128102f67L,0x5fbc898b5d8a732bL,
-        0x4e2b80b20674c9ceL,0xbb1b8ff3b9ca6e9cL,0xacfb7ce058cf73eaL,
-        0x3e38eb1e246664f7L,0x23e34b6712c6e67bL,0x00000000000000b0L } },
-    /* 45 << 7 */
-    { { 0x788cfa862ce9987fL,0xcf87d7181f3a827fL,0xeda41d438963ebe8L,
-        0xc0fc14f2352ede26L,0x1c887d1f9aab3086L,0x4b2ee360e7afe709L,
-        0xb32dcc7781abfa6eL,0x93acc0e721e565c6L,0x00000000000001acL },
-      { 0xda186d0d64798caeL,0x0e1245903faa2a4aL,0xdf259b1e17f2b48eL,
-        0x08d00309e1738aa7L,0x55fad154488c2c04L,0xa49a1f6c8d1cb326L,
-        0xc17528412a587b54L,0x1ae3846021b28da0L,0x0000000000000125L } },
-    /* 46 << 7 */
-    { { 0xc60450ffcfe88e41L,0x90e4a31ce80ee199L,0x129c8141054f77f9L,
-        0x3d87883643d18e19L,0x7d538b08d0aa43a2L,0xaec78cbafedc871cL,
-        0xc2512a4b22c45176L,0xe0fa4fd7adc1c057L,0x0000000000000054L },
-      { 0x6977ed3cb3d0e464L,0x20392cf15876e2f1L,0x4ccc33533e070075L,
-        0xb7aeeef1cf3dc364L,0xed66fe98757b2e2fL,0x5aaa91f114988622L,
-        0xe8f06691772fe270L,0x593bcbdce68972e1L,0x00000000000000abL } },
-    /* 47 << 7 */
-    { { 0x79f3c8d48b4979c1L,0x9f314f3ab34227caL,0x53f70c238542df00L,
-        0x735c9c1f5d2925f4L,0xbc85ead47a520674L,0x03ed628cbaac2b52L,
-        0x920fcf7c3b63752cL,0x82b2bbcc4ddbca03L,0x0000000000000025L },
-      { 0xb3e15c93eee68bacL,0xcaeaf1cab4c6d5dbL,0x87135e437d63080dL,
-        0x7aedd26eece9d3d5L,0xc2cf0281703d669aL,0x669e59b813ab55c5L,
-        0x3682cc5bdc1f5faeL,0x27631c8b969d7e7aL,0x00000000000001faL } },
-    /* 48 << 7 */
-    { { 0xd8af5067441231b0L,0x060a5889b44f70adL,0xc8b668b8d34dc5fcL,
-        0xefd712c3c0913970L,0xb399e81b39dca3dbL,0x78fe34977b823568L,
-        0xe9898e44b2345a5cL,0x71d1075305abf156L,0x000000000000004aL },
-      { 0xb207612eabd2dbffL,0xda4acee7f8666c01L,0xb5385d489eb81547L,
-        0x54aef0260b0b50f1L,0x753b6de9117bb8baL,0x770ce21ac85f7040L,
-        0x2c84b50d55ba9a93L,0x3d6e5e41ed6d5184L,0x0000000000000172L } },
-    /* 49 << 7 */
-    { { 0xbc90b46a54ddbec7L,0xd41023cc9f994187L,0xacd294e2e2bc97ffL,
-        0xab4a43a925eb30dcL,0x73a2f91e7d271790L,0xfdddfdbd90babdcfL,
-        0x075d1009786d202cL,0xe27659f112af11b5L,0x0000000000000132L },
-      { 0x82bb740b5015e833L,0x1b146b579756a549L,0x0676b19bbdbbc646L,
-        0xd905bde08b917c5dL,0xd612630a385d16b8L,0xa990c8d30750f8afL,
-        0x9b692f8b964eca68L,0x0cb1417c6cbf6aa8L,0x00000000000001ddL } },
-    /* 50 << 7 */
-    { { 0x633c95cacfeb6e6dL,0xf310f055d3a913f8L,0x82b3c285962f7c53L,
-        0x93cea71d41ab7d17L,0x3e1938c7c2663a84L,0x03e5c149da567012L,
-        0xbef4569ed1fddee1L,0xec2c08d2c0a14e36L,0x00000000000000a8L },
-      { 0x9f1984ea8c66bb0dL,0x33ec54fa24a7ab3cL,0x82363d70bc7cd59dL,
-        0xcdc086c9dd7205b5L,0x81cefb78bd3f9b62L,0x2f7d9848d0c20358L,
-        0x7d19925e827ab25fL,0x27432ca7bdc46e8dL,0x0000000000000103L } },
-    /* 51 << 7 */
-    { { 0xe5fb482725ea9627L,0xd1b15417eb4a6824L,0xec66b336f640dc0eL,
-        0x58b67fde1f768b93L,0xdb052d30c38e94beL,0xb8f9bf0026c71d3aL,
-        0x524029e3967c2608L,0x2cc1604c3e96c14bL,0x0000000000000018L },
-      { 0x1e00bf024096151fL,0x4682903a3280e791L,0xd10747413f59b08eL,
-        0xf805afcf57dc3da5L,0x69231f31c41ed588L,0x8d88792c3a6f17f2L,
-        0x8c7ed0f3e5562da1L,0x56210b8fcdd3b578L,0x00000000000001c9L } },
-    /* 52 << 7 */
-    { { 0x9560994f8b256515L,0xe6a1c4bfee0c60f3L,0x90616d735c40e06aL,
-        0x96b06d488938c896L,0x3e91746cf7a0d6a3L,0x64101f1f323bb0dfL,
-        0xb9063a273c5f05d8L,0x9a3278f8707f1505L,0x000000000000016aL },
-      { 0x99599034cd47eb2dL,0x2445f57192baec6aL,0x3d775c01f4785d10L,
-        0x5b52741ba39f1742L,0xc3b9b777ae6b587cL,0xf843aed8a8f986d5L,
-        0xac95d65bc8e3e8a2L,0x5ae638e982675b40L,0x00000000000000e1L } },
-    /* 53 << 7 */
-    { { 0x02e5f7474e915b10L,0xfe984f976f9492f8L,0x9539886769709243L,
-        0xf4525d86df138cd6L,0x0c4e8a47f691a83fL,0x7ad0d619cd6eb376L,
-        0xc5185be22dc115d3L,0x0f31c58e3c0cb3c6L,0x0000000000000117L },
-      { 0xf32d5bc157532f62L,0xb11abd34088396f3L,0x41bca25c0b5c4572L,
-        0x85c1d94afd7dee4cL,0xa3bb272129b04077L,0x4ca6c9d0b087910dL,
-        0xef465fede2824a30L,0x3bbcca9059bb45e4L,0x00000000000000c2L } },
-    /* 54 << 7 */
-    { { 0x5620edeac1805532L,0xb0d80cc507b46a79L,0x147fd42b4ad3c20dL,
-        0xc5a3cfad1efb9437L,0xa8c731ffafcc3dd3L,0x3ba852716b815aeaL,
-        0xae961cead66d3336L,0x3f046de2c4a83a83L,0x00000000000001d0L },
-      { 0x87ee923ff0ea8ff8L,0xd0fa8affd0f83feeL,0x5164155928b3f47aL,
-        0xfe93907dbda41a94L,0x8da252c4dadabbc1L,0x02c5a8792d3e40c8L,
-        0x1ed3ebe41b678f29L,0xcc33244ff9b63773L,0x000000000000007fL } },
-    /* 55 << 7 */
-    { { 0x347a11bc92d26303L,0x59820ecf9064fc95L,0x32c8ea2bb66853a3L,
-        0x3dd1cb41b71920c8L,0xdddf7e6914bbf36bL,0xb0f71e18c4d27229L,
-        0x35218d027c56d60eL,0x0e1f568591c81b81L,0x0000000000000049L },
-      { 0x94649487c1a83b3cL,0x79505e0ac2894f9aL,0x12548fe7f64af5a4L,
-        0x0ee8e52a838817e3L,0x625ae0a8faeb95f3L,0x6e82be89f6fd174bL,
-        0x16cb1065c3c4ee67L,0x43c8d753e4cf40ebL,0x00000000000000d2L } },
-    /* 56 << 7 */
-    { { 0x7dc3f4d8b36d4820L,0xc1367c104f2582efL,0x0d65009c600cea72L,
-        0x663152830418692bL,0x973e1aad1b497fe9L,0xa89362316a9c3aa0L,
-        0xa884d7d4c778e6f9L,0x241c3d34142bae6bL,0x00000000000001acL },
-      { 0x09636cb73ff4bc16L,0x7f924363dc70dd8bL,0x44ab005c916de001L,
-        0x5995d92173cf5f83L,0xbc1528c1ae70dc46L,0x94335a4f065bfd79L,
-        0xc50d05469b5a3a41L,0xfeaa8d5a6c039454L,0x00000000000001bfL } },
-    /* 57 << 7 */
-    { { 0x47a78493446416e9L,0xa88b09e0e09e1613L,0x8ffe68539241f3eaL,
-        0xbf5369920fdd9ac4L,0xd619356d487d6560L,0x66a29c0b3a326f9aL,
-        0xa4562dcb975f8c4dL,0xa9b11a8f6827192cL,0x0000000000000034L },
-      { 0xa18d94c3beabe49eL,0x4c95b3d210247731L,0x7e4aaa62800c61ccL,
-        0x192be7ad93aafef3L,0xacdb0684548c37edL,0x906c5dca6b217274L,
-        0xe82905411aa5e87bL,0x99499377af948d0eL,0x00000000000001a4L } },
-    /* 58 << 7 */
-    { { 0x3ccbfc85947098a6L,0x51a647133cedcde0L,0xab36cd65840db808L,
-        0x27f54065e1e6da2eL,0xacb7bc24c4dfb935L,0x0539fb6b85811a51L,
-        0x9a834c153458dbedL,0xf200b042d91c1ffbL,0x0000000000000129L },
-      { 0x64408f3e63cef0a1L,0x9248b34a1e8f0362L,0x666f2a1ef133487cL,
-        0x47574c1e074d37b5L,0x747eddc62bfb71a2L,0x126ccc0ee2f3a687L,
-        0xfe46cb0a74df9695L,0x76c6f165390f4609L,0x0000000000000166L } },
-    /* 59 << 7 */
-    { { 0xcdaa7ab5f50dae67L,0xaa79f66748a0f682L,0xb8527b90a5eece8cL,
-        0x52140489e971d0cfL,0x46592debe5dcb864L,0x93b033d749d3a03cL,
-        0x2ae696de6111a307L,0x92d90b30ac5a9212L,0x000000000000012fL },
-      { 0x1237c3437c548a9eL,0x0a6a33f85ca220dcL,0x89efc633944f854aL,
-        0x1720353b68491e43L,0x50c189b0beb38a01L,0x84cf858336ee395cL,
-        0xd644ee4d644a684cL,0xc496e4eacb2536c3L,0x0000000000000039L } },
-    /* 60 << 7 */
-    { { 0xa12ab81202bf43adL,0xec13c1d85b4fa76cL,0xdc2693f35ef4cae8L,
-        0xe77c16cfd10b16c2L,0xf0885709af73ee84L,0xa0178986db518b00L,
-        0x5b09e2e2435f7a09L,0xb043059120378b2aL,0x00000000000001baL },
-      { 0xe4f25ecfc35a9aefL,0x183d67e6923c79b8L,0xc1ef889887e007cfL,
-        0x243bc11fdc0f34bcL,0x93f6d3cab5219ef8L,0xce0f0c34e7f8f11cL,
-        0x2980543534f5dd6fL,0x425109831808c4ddL,0x00000000000000aeL } },
-    /* 61 << 7 */
-    { { 0x4a1c78eb6d3ef9b9L,0x8e378182ea5b2c00L,0xcc80009a7f17bc57L,
-        0x4ac0725c3aa76f52L,0x67074a8316090e69L,0x247a99f906040d66L,
-        0xffc91223c202669dL,0x36cc81087cf6079aL,0x00000000000000ecL },
-      { 0x0f4c307f9a9b6f1bL,0x784340bca4206c20L,0xb97598c2e2d0b207L,
-        0xc7505ffe1ddcc638L,0xe9d636eee73109c9L,0xd85e9e014b69754bL,
-        0x2a9802d5445c653eL,0x56e8b9e89805df1cL,0x0000000000000183L } },
-    /* 62 << 7 */
-    { { 0x50749bac0480a6eeL,0xd198789139ea640eL,0x13ac416185393676L,
-        0xe28d116425c2eec7L,0xe636a59655b9f322L,0x4ba90f173a8ba194L,
-        0xbca2eb38d49ed797L,0x9dc621d4f4e753b3L,0x0000000000000036L },
-      { 0xe1f60197f0f3bf12L,0x9137f979e7460711L,0x65cf559e696dd5d0L,
-        0xbcc8bc9be80803f3L,0xab56300de8693f04L,0x03ece5d00979cf03L,
-        0x907f30ef073bc6e5L,0x3a7773c1344d837eL,0x000000000000007aL } },
-    /* 63 << 7 */
-    { { 0xe25c24651f92f8b4L,0x3c12a2ad947b1043L,0x159bbc425aea4035L,
-        0xe2519611012a7a12L,0xd237c4afeec2c287L,0x070eb6c60bb8f6d1L,
-        0xabc1864e29a8a0f1L,0xc6d6f9dc9a1ef77aL,0x0000000000000179L },
-      { 0xca4e4bdfe6f42115L,0x86dc6504954f8811L,0x501d86c5c35fe50cL,
-        0xf381c7b059fd3d0aL,0x2f3d1282a5a428a8L,0x152986e24130b67cL,
-        0x2b3719068151bc5fL,0xdf41c90aa163dc68L,0x0000000000000063L } },
-    /* 64 << 7 */
-    { { 0x2172a8aa81a7b4c3L,0x97ca8dfdabf93bbdL,0x2525d8caf37d1211L,
-        0x16442a63917e5726L,0xc67b9ec8e12467bcL,0x53240d523c5227e1L,
-        0x6f6049267101b132L,0x70da1ac7de1a0f56L,0x0000000000000086L },
-      { 0x8d0c56be53e7dcddL,0xca55c626eabc48deL,0xd4cbc52a585ca3c4L,
-        0xa36f240277288d74L,0x42922ebcf7ff687fL,0x482022cd5efbb12dL,
-        0xe539f2aa7a1abed1L,0x561c207037c7469fL,0x00000000000000c7L } },
-    /* 0 << 14 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 14 */
-    { { 0x6db672c63a46caefL,0x999560bf8bd02589L,0x53e343871d900fa3L,
-        0x33c80c2c53d2590eL,0x3b11ead69801a393L,0xc6701879591e52f0L,
-        0xc1c1982d60428399L,0x77d747971932418fL,0x0000000000000177L },
-      { 0xa4f615a05b4fa0ecL,0xb5afe599059eb5c5L,0x1260ba581142b875L,
-        0x3cc654abf4f69ae0L,0x0422ac16ab6d27bdL,0x119f316acae65c55L,
-        0x3ec0a913e15b6c6fL,0x1603620e0ae71c5aL,0x000000000000008dL } },
-    /* 2 << 14 */
-    { { 0x7d5f8e474538e761L,0x37c788724c878738L,0xe69f4711816427f0L,
-        0x4da6f4677315c7d8L,0xf4665c460e84d136L,0x6b6c9c506a9d82d0L,
-        0xab5d9fec1a96fcd2L,0x9ed96c86f7974f3aL,0x000000000000011aL },
-      { 0xbecff7179a66d7acL,0x67d08b6d8f4f08b6L,0x0f7ce5bec02e60acL,
-        0xcae69a50294aed52L,0xb1e2278e10970dfcL,0x618459af75b3e40eL,
-        0xe395787ded5e54a0L,0xcd8a442be862c8ffL,0x000000000000001cL } },
-    /* 3 << 14 */
-    { { 0x501c5422910040b2L,0x3d8fadef6fd18a7dL,0x1ca9754cc159f2e8L,
-        0x3e337074f3570cc6L,0x8d2e0b274f64c1b0L,0xb458964157d8e707L,
-        0xdb9c20ff3b377e8cL,0xe202cb7e3c7a95bbL,0x000000000000014cL },
-      { 0x443b521528898156L,0xc803d7d24d94ae93L,0x768497c3aa70513bL,
-        0x48e7031adb916475L,0x7668dee27654c9a3L,0x9d9403b272eb0122L,
-        0x28eaefd23999b060L,0x663b8a7974c55442L,0x000000000000017bL } },
-    /* 4 << 14 */
-    { { 0xa3480d58caa4bec3L,0x389489935989e4a0L,0x3f4d7b6c6f7ba4caL,
-        0xe2913a55d39cb2aeL,0x615043ead7be6499L,0x9d4c41cbf504fec3L,
-        0x4f93da968d44893bL,0x33a7acdc9a7928e0L,0x0000000000000013L },
-      { 0xc865844f48219a09L,0xa6d0b17937426bdcL,0x7386a0a6284ae0e6L,
-        0xddd6cba0c2dc16fcL,0x77d2934d2940d262L,0x3af6ed35741b88abL,
-        0x96f43a65a6dae43fL,0xc71435351414083bL,0x0000000000000057L } },
-    /* 5 << 14 */
-    { { 0x7790d2eebb886b9cL,0x80caee478c4013c7L,0x2d7d404ec987fefdL,
-        0x31a416b818d7d489L,0x00f6c0f7206e539eL,0x725d958fe52b602aL,
-        0x5729d79e5c4f58e3L,0x2e03f6286906e10dL,0x00000000000001b7L },
-      { 0x2e85fdc682793d69L,0x90676d2f89340b5fL,0x21b84c0e32410378L,
-        0x0a3f3ec8596bac35L,0x986e33fa25754c0dL,0x9d278b18aa967da9L,
-        0x60e45c3719545be5L,0x7c67878814875f0bL,0x00000000000001b2L } },
-    /* 6 << 14 */
-    { { 0x5f3b4a9387f6aa1fL,0xc2b1fe751d34fc74L,0xc437a7aee34cfc89L,
-        0xed72014c30161cfbL,0xfe567e693f395ab9L,0xa1639cf06f0de2a7L,
-        0xd21f55d847970dc6L,0xb5e535794207deb0L,0x0000000000000139L },
-      { 0x594d169afd419bd1L,0xb52e9e26c90e05bfL,0x44d444b7a62de4b2L,
-        0xdd2f17762364737eL,0xc0f6a25563c867d5L,0xf2b52b0e19341f8eL,
-        0xaf95afc014538a86L,0x9a4427ad1dd0c0a7L,0x0000000000000040L } },
-    /* 7 << 14 */
-    { { 0x11f2c66709bb5ac2L,0x09e0c0068b1bc2b4L,0xb8b059d595edf7cbL,
-        0xe84466599cc3b6f1L,0xff0bb4d21a19ff38L,0x4b28f740daa847abL,
-        0x4dc18b713f2ba13fL,0x82797e6a24f93563L,0x0000000000000066L },
-      { 0x24647b9ce0b37526L,0x151f8e85a66e7426L,0xfbc49bd366cbd549L,
-        0x35236b47f1bf9e2dL,0x22d57f5652ce20f5L,0x348388680fb86429L,
-        0x4fd6f7c92729eb8cL,0x47760b45003362a5L,0x0000000000000104L } },
-    /* 8 << 14 */
-    { { 0x394d510624891f36L,0xb4265c4f825fa293L,0x65a54b87f6ecbd5eL,
-        0x6a2f900f2a351a03L,0xfb26d52f8d1dad9cL,0xbd651f19ba2c39ccL,
-        0x2d5894f2bb30ed5aL,0x4cc3f05794732ec9L,0x00000000000000c3L },
-      { 0x8c03ccdc9bfec4ffL,0x4ce76352d52329c8L,0x0a92cdf03995d109L,
-        0x44d28a5d7518ba0cL,0xbd74ecefce16a6a6L,0xcab52531123cb82fL,
-        0x72065b99f34e1c5fL,0x4949379f03a9a916L,0x0000000000000164L } },
-    /* 9 << 14 */
-    { { 0x8ee1c74910ad8ac4L,0x110157d24a29d219L,0xf118918bb59bf09eL,
-        0xfbba7a0ed6b61104L,0x63da0b9a32b9e1deL,0x3fb49a8689f92a39L,
-        0xd229edda291d7f6aL,0xc1e45caaf69a443cL,0x0000000000000044L },
-      { 0x08deb935b6066acdL,0xdd28bcb7b88f3d6aL,0x2e6be43d91b9a3ccL,
-        0xb2480a1a17c1ed87L,0x6bde69bbb5b2b5bbL,0x97dc1fe8cc8f7010L,
-        0x7e2807e7fdb1b32fL,0xe7b130d5f70fd8a0L,0x0000000000000043L } },
-    /* 10 << 14 */
-    { { 0xc3b8439c8b56ac59L,0x59cf8542da6f121bL,0x025a79c1032590e5L,
-        0x3f98129081a8cbceL,0x757cdfa5b3cf905bL,0xea0bba9b91354970L,
-        0x59482cb1dedf20afL,0x67d12c761e59c982L,0x000000000000001fL },
-      { 0x639ba69e08e7113dL,0xa47020a6d9a39024L,0x9fef97a3cb50be8aL,
-        0x5a7a5e7f9d733c97L,0xf2794e015c28cf0dL,0xc1dbb356cae9bfbbL,
-        0x77793cc224716c82L,0x5ccc298d50e5d617L,0x0000000000000037L } },
-    /* 11 << 14 */
-    { { 0x9812a6d442817149L,0xb73e1c2efd845130L,0x842633677ea37239L,
-        0x3074c70bd66a5ae2L,0x15461fbba435a562L,0xe1457c9dcfd53243L,
-        0xcb95324a4b559ae6L,0xd21b06be80fee082L,0x000000000000005bL },
-      { 0xb2a047a250bd939bL,0x50f8174e9ab3c538L,0x7566dd4371fbec0cL,
-        0xd8e989b442a8285eL,0x40b5fb08c129ba84L,0xd3febcf542eb6910L,
-        0x85627da7e425b9cfL,0xb5baf38fc4232846L,0x0000000000000071L } },
-    /* 12 << 14 */
-    { { 0xd49bea9d0d67ee97L,0x3b54996ff8ce59aaL,0x609f5808f5862792L,
-        0x8fff6ee3bf16a7b1L,0x2d515a919ef889a0L,0x9fdad17ecc6a85c3L,
-        0xa93c168b54d161d4L,0x269cbd3fd42907b7L,0x0000000000000077L },
-      { 0xefbdc466cc9bc5aeL,0x562163329f2d0abdL,0x567a46bc78b7f191L,
-        0xfe6f5ffe55cb85ebL,0xb6a1bd3a1fa1e9b7L,0x92a1f94db23aa4a1L,
-        0x8706df4e85b417c5L,0x80f8e27972c38e1dL,0x00000000000001f5L } },
-    /* 13 << 14 */
-    { { 0xdac5bbdfc3346801L,0x108dec419bcb0f02L,0x5fe3f06d48153635L,
-        0x5ce5a8679d23b153L,0xe5dc5b536531411eL,0xae4960cfe36feb3eL,
-        0xd2e67e4524c4fa67L,0xf00a144f30702333L,0x0000000000000182L },
-      { 0x746a744e9428502bL,0xe12542d5e48622c9L,0xd694eee1a88fe253L,
-        0x971c241e1cd5c3a5L,0x7de4e880e0e6cad2L,0x76187547c4ea49e2L,
-        0x0bd43790d02af40fL,0xe7cbcdee5dccd37aL,0x00000000000000edL } },
-    /* 14 << 14 */
-    { { 0x7c22cc01f186fbd4L,0x658ab99c126df416L,0xe558e64094889f6aL,
-        0xa2bb3d4d6138f3ddL,0x0b566d593c7c1262L,0x3d6e21d39de86bbaL,
-        0xf58a8bf45b3fa663L,0x5fcb32d5e5a9783aL,0x00000000000000deL },
-      { 0xe003185eed8094b2L,0x8c44e4e9cb093e1eL,0x9b22bf6557b21153L,
-        0x4e77fcbff755775dL,0x60aa9c223918bf3fL,0x02efccef93854e6bL,
-        0x8d5c09d076894b99L,0x000562319adbd877L,0x000000000000016dL } },
-    /* 15 << 14 */
-    { { 0x63d27e60b67b7904L,0x440e4862517bd828L,0xc6f01d917b4009d7L,
-        0x111a41ce5fd8c6d0L,0x711dda3365429b9eL,0x2cd2af55551c4ccaL,
-        0x5fb416e681cbda87L,0xa20d3108da546986L,0x000000000000004aL },
-      { 0x0554dea9f7d2d8e0L,0x8b6bfcf7eb41abb9L,0x40ee181804e3c7c0L,
-        0x530c3e7220c85212L,0x235f022bc9a2fca7L,0x95fab2db0300639fL,
-        0x48426194585506f5L,0x61a8465852018681L,0x000000000000014dL } },
-    /* 16 << 14 */
-    { { 0xb3ee676376229445L,0xf39bdb10fed827feL,0xbbd917775abbf64cL,
-        0x260ee1d529a83fa6L,0xa0fb51a9e14c0321L,0xe285da4285203855L,
-        0x5c8ab2d255550c91L,0x88a94f055e3e844aL,0x000000000000006cL },
-      { 0xe2c20af1885e1b36L,0x93632bfb5132eb84L,0x8ec0a26aeec26e58L,
-        0xa189aa9bc1a0b075L,0x3786be8fff4a93f9L,0xaf4ace63e4302fc2L,
-        0xc19ae28d5856207eL,0xcd791d4e5425099bL,0x000000000000013cL } },
-    /* 17 << 14 */
-    { { 0xc2e311642e400acbL,0xb36b8691858c3d81L,0xa51d8133cc1c343cL,
-        0xb58a9c83c55818e2L,0x8ccec493946b84c6L,0x5665d20eb30779ccL,
-        0x2edf3534a8d10a72L,0x865f8ffe3962aabcL,0x00000000000001a3L },
-      { 0xd992bb1c76d1bd21L,0x1b61530c574f2eebL,0xc5cea02a6431db08L,
-        0x5abac615b6643c40L,0x839a739d9f0146c4L,0x0a6bd0d2d7b1dc8fL,
-        0x225d01259f6f6dcbL,0x413d64406b6c5498L,0x0000000000000047L } },
-    /* 18 << 14 */
-    { { 0x72eff79a8d1df15dL,0x71e97979714870c1L,0xe66f939f9eb85672L,
-        0x88eea0f77089e658L,0x4d2e37bd4bc49047L,0x3acc988fdd1bd5e2L,
-        0xf4436daa725264deL,0xd294eb310c6f167dL,0x000000000000012bL },
-      { 0x37dcec51defe6cb2L,0x0eb39b1e82ae447dL,0x0e67d023461c386cL,
-        0x67298ef032d4e679L,0x70c9d3e74c18fd88L,0x322b18eedc3a0158L,
-        0xe643985c8d036e18L,0xafecf85494a080a2L,0x0000000000000102L } },
-    /* 19 << 14 */
-    { { 0xbea1d3999258e609L,0xade5b232992aab46L,0xa937d66aabb0b737L,
-        0x75919dc971c1be45L,0x11f1edf6dcb6b3e1L,0x62be1beef84fc1e9L,
-        0x5a7e2788d3a531f7L,0x5cc174fcb1eb09f9L,0x00000000000000d5L },
-      { 0xec6dc93ff199ad60L,0x7966f0725067e8eaL,0x5db6fb626cfa4a74L,
-        0x9b7792ea5a8e325eL,0xd0165798a79ed9e2L,0x618db06c17fea9f4L,
-        0xd4f26caecd5efe3bL,0x8848d8a2b1147f97L,0x00000000000001d7L } },
-    /* 20 << 14 */
-    { { 0x782a46b3a45742d3L,0x7fb395dc9ae4f831L,0xaa0a249906715575L,
-        0x336dd153987995c6L,0x5678c82a70d00fcbL,0xdc87a87233b45f8bL,
-        0xd5b269003498dfa5L,0xa8ef2e81410f7c71L,0x00000000000000ecL },
-      { 0x00e42ef069a89d17L,0xdfd638d21de60ee9L,0x5e3e68a98e2a3b24L,
-        0x19d1cc8ad7a07f7cL,0xd84e18094d2c9b89L,0x7674bfd1fd778f5fL,
-        0x962735a61e2b3490L,0x9ad592a5f535952dL,0x0000000000000031L } },
-    /* 21 << 14 */
-    { { 0xc8f1c0548a0c0bccL,0xa30f26a5b54457fdL,0x6fc1b24c95252d41L,
-        0x7c17f5b425f17d79L,0xaa30b0d126e54e69L,0xc7319dab8072a467L,
-        0x1b3b1209f653c077L,0x95dd97a541b0d682L,0x00000000000000b4L },
-      { 0x48e4678c3f3185d7L,0x1558aab9c5f4f58cL,0x8ded1080b9177b55L,
-        0xb0f7ed32d457739cL,0xfd11aae5a6f09d9fL,0xd8c1338874a99d1bL,
-        0xe68c2f61727f9c0cL,0xbe311c7779ee6a1eL,0x0000000000000165L } },
-    /* 22 << 14 */
-    { { 0xf5eaf9f335acce1dL,0x0b96a6023b9738ebL,0xad95bc9e3eeb44d8L,
-        0x0eec1a5bd535a06aL,0x772a256b21ef687fL,0xb4d097892f4e9fceL,
-        0x5f51391a31e0fab4L,0xe19ddf7c24d4a11cL,0x000000000000001fL },
-      { 0xe78b3824810e0d87L,0xb9a45999c38b789aL,0xef8856703d63565bL,
-        0xc5c41e8704fbb216L,0xfdad741d95b5b15dL,0xf47540283617de9aL,
-        0x270e0d35c4ebd6d3L,0x38c2d45b3166287aL,0x00000000000000b7L } },
-    /* 23 << 14 */
-    { { 0x87dd73b253e3448fL,0x60a7de8cc6d5fcc9L,0x0f0e775e7d9f372aL,
-        0x7d3d0454356ca0ecL,0x67ef63091202240bL,0xe19efd47f65d2cbfL,
-        0xd3407ca767184ce4L,0x6e17fc95a294bbdaL,0x000000000000011aL },
-      { 0x4e28296f4ece1453L,0x1c7af2e5626ebbdeL,0x9701e52b02e2a703L,
-        0x17ae7fa8ab279190L,0x8db8f694dcaf71a6L,0x1ab5594633e49a0cL,
-        0x38b2529c4c4de6d7L,0x16f59109d0e0b997L,0x00000000000001e5L } },
-    /* 24 << 14 */
-    { { 0x80d754cbaf63a6ffL,0xa4f718c114970f91L,0x33767545b184b25cL,
-        0xcb615b6126115598L,0xddc1e848b0ec3a99L,0x238885ae7a9ee0f4L,
-        0x4f434c1a70cff1afL,0xa5d8f62804f92877L,0x0000000000000103L },
-      { 0x889a468cf5e7b21cL,0x42c6b1284f73f4c1L,0xc825355fea99c1c9L,
-        0xdfabd44eb8502cabL,0x2c19c4f8078ff997L,0x766be192f948436eL,
-        0xc086ddd4d3dcdf09L,0xf28f946c1d8fd86bL,0x00000000000001ffL } },
-    /* 25 << 14 */
-    { { 0xba6292380ed67da3L,0xf098937a18b18a45L,0xf40e4ff532aa3697L,
-        0x65f0f6d484f25d73L,0x0447d49a2409ee55L,0xd8f3f95ebe06fc9aL,
-        0x6720b40c38a09cf5L,0x498d11f28fdced99L,0x00000000000000fdL },
-      { 0x30ba67a673dfbf54L,0xe1f24bf629950888L,0x0cb868f331bfd446L,
-        0xc17fd67b7f9e5043L,0xa7da16fa4623e449L,0x3702bc7d2f358149L,
-        0xc350a191ea209cedL,0xe0d4d94b80089030L,0x00000000000000a6L } },
-    /* 26 << 14 */
-    { { 0x4a2e8b7588b8ffebL,0xac8299ad552743eeL,0xcc88211f46a49114L,
-        0xeb39502e41625dedL,0x55322cd961f01503L,0x5dfc1640b9fcc446L,
-        0xa4dcb9b9752c2d0eL,0xbc5ff858b4084347L,0x0000000000000016L },
-      { 0x842af48f1d8ace0dL,0x0c7fed42216d4efaL,0x2f280f63cee88219L,
-        0x15a76cf8278f154dL,0xc1dba01188ffa0d4L,0xe18e7b9a5dab9669L,
-        0x1072ce8351c3451bL,0x81466b0bc0625ce7L,0x000000000000008dL } },
-    /* 27 << 14 */
-    { { 0xc6532dd495f1a993L,0xed2d9c8e994550dfL,0xcd980625dc3206d1L,
-        0x44920d5d8a99860fL,0x179a1fbfe95e6ac0L,0x21586f6e642b18a0L,
-        0x382e467bb9bc16e8L,0x1bdc2a08eb4a3081L,0x00000000000001bfL },
-      { 0x2dcdd601a46e68e0L,0xd015240b93b19720L,0x77749858ce57fd5bL,
-        0xb3cdcd8216d48d32L,0x65ad981f28365bd7L,0x392c56e9dca4a70cL,
-        0x76767327573481d2L,0x5827f187873f6cf3L,0x000000000000005bL } },
-    /* 28 << 14 */
-    { { 0x9ddc754cae4622faL,0xac04c42905c5947fL,0x0b53d6db2dbfb6a4L,
-        0x1fb16f7b883c6d42L,0xe38b1745e5dbab18L,0xa320f80a0087b164L,
-        0x4a5c274f32cd4694L,0xe32650c10855dc1fL,0x00000000000000ceL },
-      { 0xf1c1a8c55997c5b5L,0x3a20ff072e051a16L,0xbaaccce236a4bc59L,
-        0x72ae4a192c407bfdL,0x0ada1e57c128c710L,0xf4ce04dbb2d91ff3L,
-        0x8616da8731fd0538L,0x5c19b57f245b59f8L,0x000000000000010bL } },
-    /* 29 << 14 */
-    { { 0x31597b8c0a73b81fL,0xcd52d82105ab588aL,0x4baf4239e28ced35L,
-        0xc53a092e39673af6L,0x9e64a4d0f36bf7f2L,0xac2e493576c02cdfL,
-        0x4ee3570ad7fd8566L,0x3a35bcc242fcfa04L,0x0000000000000178L },
-      { 0x556867075b8e9c9dL,0xba2645ac9c6ad053L,0xb43529a90a748b98L,
-        0x2f9af439901cf7c1L,0xd7996db75282357bL,0x11015af01ce89b7fL,
-        0x67b216b74963a6caL,0x8a8db55b74ad3678L,0x0000000000000054L } },
-    /* 30 << 14 */
-    { { 0xb2d55efa0c44bf54L,0x8f646047b5668a6cL,0x5e399e3f28000a00L,
-        0x50551969f61e1838L,0xc32196b12613df05L,0x3e838233f7a1478cL,
-        0x392a6c1fc508d707L,0xd93d05d6311b3998L,0x0000000000000009L },
-      { 0x6b31024ef05a16e5L,0x5a914eedc202d6aaL,0x2ecfe24db04a8795L,
-        0x596a539e3e88e191L,0xebfa53cb697fdba9L,0xa69b735d1dc0d0f6L,
-        0xa6a8ce767ff79787L,0x071e45f09aefaf38L,0x000000000000007eL } },
-    /* 31 << 14 */
-    { { 0xf27472c1ae93f8c0L,0xf04c6ea4a8e48c7bL,0x31d58b6422cad4c6L,
-        0xc7ff26cd06556907L,0x44e71c873b03e6f6L,0x01eb2ef5eea10ed3L,
-        0x61bc27e81b7996e9L,0xd0ab98cdb523dd48L,0x00000000000001ebL },
-      { 0xfe27e8cd3a19cd0fL,0x5ccf20a0d70e567bL,0xf2e641e142c65e55L,
-        0xba46dfaf1ed8e850L,0x1af42222e5ed2072L,0x691811faab988c72L,
-        0x94e7f4fa93d8842eL,0x6442a9c5a1152efaL,0x0000000000000186L } },
-    /* 32 << 14 */
-    { { 0x44edf8be84357b3fL,0xe5df9129588059d0L,0x83e65cfaab7d5b23L,
-        0x79c2e1982121a504L,0xe6a19633eb3be7d1L,0xd9f8869586b85bc4L,
-        0x78508fa279f2187cL,0xa2eb8fc012254f09L,0x00000000000000aeL },
-      { 0xb1a6704e2797d3faL,0x95b4c2682c78669fL,0x5294a8e42997c68dL,
-        0x7246b0614085bad5L,0x7ca017c24159e5efL,0xb8fe1a6187d1a013L,
-        0xdba0dcde44bc4ea3L,0x1fdd53c6a8ce296fL,0x00000000000000feL } },
-    /* 33 << 14 */
-    { { 0x8476dad138c75952L,0x256608000e53b9c0L,0x6f5f6ffc5002a11bL,
-        0x025ccfea8d537febL,0x1d09d62b2eb845d9L,0x5d4596b2e1a65903L,
-        0x49528722d492b0f8L,0x444b3def4cf2b0fdL,0x000000000000008cL },
-      { 0x25c1941661967bd6L,0xff50303688985e0dL,0xd180daccc95cd952L,
-        0xea18affd18456eeeL,0x6ccf36af65317267L,0x8fb2380251dc5738L,
-        0xaf16178d33439112L,0xb342543e0b99b0cbL,0x000000000000006eL } },
-    /* 34 << 14 */
-    { { 0x53277acc3ccbc40bL,0x218e751f6d939a22L,0xb3e92769c121b67fL,
-        0xdbf0fdc0522b77a4L,0xbed0af74fafbf581L,0x8a9c509e162b2417L,
-        0x1ee6bd74f86831a5L,0x14cbe9f436df364bL,0x0000000000000100L },
-      { 0x013a60b8164ffbdaL,0xfc05d43a28203c5bL,0x112489209bc7a027L,
-        0x2ffa9cf550713fb1L,0x9c1d0bd5b07e598fL,0x207fcec72df3eb6eL,
-        0x632ef362e16f2bc5L,0x20bb3d440a840efcL,0x000000000000013dL } },
-    /* 35 << 14 */
-    { { 0x9a5c53712dbf76edL,0xf5cc66adfa183c55L,0x84ce4c1f1c020230L,
-        0x4c2d3b4490f2990cL,0x9150627f643357baL,0xb7cfd07f31fe37c2L,
-        0x1e5a915b888b5198L,0x5ac98b6e98bbacf8L,0x0000000000000185L },
-      { 0xc79d020aeb775585L,0x5974d3de45a3257fL,0x72b152daa6a4749bL,
-        0xf3603d175ad334feL,0xe3d82b9532e115dcL,0x15a6b62edf4f90d7L,
-        0xda84eab108fdd614L,0xd893690b706bc3c1L,0x0000000000000199L } },
-    /* 36 << 14 */
-    { { 0x7dbc777cc8eda3e4L,0xf93443a53d138b69L,0xf88673fabe32f323L,
-        0xc53f686eaf91501eL,0x2c583a94a9e8df0fL,0xdbb476a579a360bfL,
-        0xd6d61debed573377L,0x8bf9489dd85e7ce8L,0x0000000000000186L },
-      { 0x4ea12cf58c06659eL,0x3a5df265fbc275d3L,0x434f440ba5ea596bL,
-        0xa386793e82ec727bL,0x4f4d4575b4af3144L,0x465aae52b64cd799L,
-        0x4c7c443401dd7df8L,0xc7d3008e40ec3273L,0x00000000000001e3L } },
-    /* 37 << 14 */
-    { { 0x296d12f19fb85a94L,0xf9e671e189de482eL,0x596ff3b73de0eed9L,
-        0xd4bdb6b976feff0bL,0x8ac1d1fe0133e043L,0xf3a91297c19b02d1L,
-        0x247fdc3217bba0e5L,0xadb9cc46caed480bL,0x00000000000001cdL },
-      { 0x71f9bb404eb96e74L,0x786704f425cbd4f9L,0x35c01daf4127f783L,
-        0x53bcd595ca68c06aL,0xf7a45e8f548751daL,0x8c0b80dbc36658b5L,
-        0x0eccb01f3182ead1L,0x7b4da8ae3dd4577bL,0x0000000000000111L } },
-    /* 38 << 14 */
-    { { 0x0f80cc7b2aa68d6cL,0x2aeea46ba5b1edefL,0xc1a582e38e4246c2L,
-        0x4890117c468c83c0L,0xb203066fc0f4c50cL,0xc3d86d97753bd8c0L,
-        0x7c7796b45821c82dL,0xeab746ef789602bdL,0x000000000000008bL },
-      { 0xfec63dc6d79ff090L,0x3f34e577fcc4f8c9L,0x755ddf0eeb73c7c6L,
-        0xcb6ee6d1c400c474L,0x070ef40f27a0f15cL,0x3e30e74ac75fb5ebL,
-        0x203e4d10f0681326L,0x1933a5161906e321L,0x000000000000015eL } },
-    /* 39 << 14 */
-    { { 0xf40dcbdd97c06856L,0x5093f148ba7c198fL,0x9b63c31888a4e5e1L,
-        0xfbe0d089980bc362L,0x0d1d1889d1a2f1deL,0x56df5ede9fb22fc5L,
-        0xcb790b388b0d329dL,0x68de9e9507e0dd4aL,0x00000000000000ddL },
-      { 0x870b198434557937L,0xbc4de915cb8041c0L,0xfb1e1e3b25df82a6L,
-        0xffd486000bb66bbdL,0x408f76d32485fda7L,0x5eb686cd56698db2L,
-        0x9b466dc1a16d4f85L,0x50657a6ce17cd57eL,0x0000000000000085L } },
-    /* 40 << 14 */
-    { { 0xd06fcbb8cbdd8953L,0x5a7495784a83da15L,0x9a509298fbdbf149L,
-        0xe87856427b745cc2L,0xf473e129b6b6ea45L,0x325e846f5982df34L,
-        0x2761bcbf39c922dbL,0xd598487a4c8a1843L,0x0000000000000141L },
-      { 0x4d4ce00e255dbee0L,0xb990df3e75a0e0faL,0x947755b894297a3bL,
-        0x4797193fbf7a683bL,0xe3be49554c1f5e73L,0x0ebabf7ce3832a6eL,
-        0x55aa92bb16574df2L,0xd05f35e66ace50f8L,0x0000000000000032L } },
-    /* 41 << 14 */
-    { { 0x0fe114732d5dd3eeL,0x387d15619e3b9f56L,0x6e68c4c4a2b445d9L,
-        0xea666a0682103ef1L,0x5d1c563756e00144L,0x6167168a056a94dcL,
-        0x75af25224dd46bbbL,0x9d5ac0de25f2477fL,0x00000000000000d6L },
-      { 0xb2c55ad2ad8ada45L,0x5e2a1d14c04094efL,0x2c7f76f93c359f4dL,
-        0xfec96532462b8fb3L,0xc5ddd1a99a542665L,0xe0ff14b28d3fb2adL,
-        0x802a81d51b16e7c2L,0x02eda0edd5bd8418L,0x00000000000001b9L } },
-    /* 42 << 14 */
-    { { 0x19d40ead8c3208a2L,0x921a28ae4b57239bL,0xd9c1cdf87c048e0dL,
-        0xc0896b487c1924adL,0x6f8e11b70015cb8fL,0x93fbe340e490613bL,
-        0x34f8734f8758f850L,0xaa9acf4f5cf61cbfL,0x000000000000014cL },
-      { 0xc3636b8815758f79L,0x7c1d4f0928dc60c1L,0x48cb27e6b77f1edbL,
-        0x5d5a94b007580b50L,0xb6934e25a129e7bbL,0x6f00412da44d9a6eL,
-        0xe6e347f209f16d89L,0xa60de5594470a50aL,0x0000000000000086L } },
-    /* 43 << 14 */
-    { { 0xd94e16dd0f5545c0L,0x99311bd1655e0f8cL,0xbd28f252b6084433L,
-        0x5dfc8beacb8a0b6aL,0xca27033f7e2964c9L,0x4e1d96942b5eacc2L,
-        0xca11c059f2eab44eL,0xb9a4ae9feb61f161L,0x00000000000000deL },
-      { 0x6840e5d242e77d55L,0x58235511a7df2d6cL,0xb00763753af2b1f8L,
-        0x7ac404ff9f430068L,0xf5b2bc675e6129d2L,0x3d474d6c30d6fbbaL,
-        0xa0c66d83afc5cd14L,0xa93c5ccf84651070L,0x000000000000019eL } },
-    /* 44 << 14 */
-    { { 0x28e8d7cdab4f88e3L,0x898baec98ec7fd82L,0x13328d8ec459c3fbL,
-        0xa635e9b13b0493efL,0x039493381ddff9b3L,0x93f2886cff82a4fdL,
-        0x9cb165730c609c2cL,0xab282b67ae8e6e06L,0x000000000000018dL },
-      { 0xc16fbd160792dcfbL,0xc42bbe74adf64db7L,0xc85534c4315f21d9L,
-        0x66cd4cd3747b8361L,0xcd26cbe3f33752b1L,0x185add8554d2bfa6L,
-        0xac366f9f3364f9b0L,0xdb6b5e544188b82eL,0x00000000000000f0L } },
-    /* 45 << 14 */
-    { { 0x40394dc28eb60051L,0xe85d4323b94b7c23L,0x35ece007398df4b0L,
-        0x4048e7668f3837c7L,0xd2968bf381699670L,0x341d0b90ef321d08L,
-        0x9fb3d866adb69687L,0xf649f7a01e95fbc8L,0x0000000000000040L },
-      { 0x637c2c6a230521a6L,0x538783613fbf1391L,0x624386a14812d57dL,
-        0xeac925d71c92e4b1L,0x886160dadd9f8fb7L,0xafade790ad700edaL,
-        0x4795d6eac4a75e99L,0x30a507699c844dbeL,0x00000000000000a4L } },
-    /* 46 << 14 */
-    { { 0x7749f0fd407325c4L,0x82a14463fa3e21b6L,0x456f01251367a25fL,
-        0x7fb481cd59345788L,0x18b408080fbab520L,0x44f57759821b00b4L,
-        0x2260d7a7e88bb2c7L,0x3b6a935d609f7ea5L,0x000000000000004dL },
-      { 0xa078b27909d38bfbL,0xa5a0db3da266eacdL,0x5b022ed5eb2a2fafL,
-        0x6596a4aea49586caL,0x401a450d6f1bd9bcL,0x2a272cd4fe972a51L,
-        0x1af0c66897c701beL,0x74c04b6721402335L,0x000000000000012aL } },
-    /* 47 << 14 */
-    { { 0xa046a8084e621a9eL,0xb61cdc55514a1be3L,0x45b894ae05e335b8L,
-        0x2a7afd2f3f2cbd40L,0x9febc8b21d4cdc78L,0x8022fb1d990da9acL,
-        0x2a544f9786ea08feL,0xc8f50cd46af5d246L,0x00000000000000faL },
-      { 0x8325acc8dbea7bddL,0x86ec5d580a254408L,0x0328bd2f6b93bde0L,
-        0xc4a75a47256ef2b3L,0x61b14aee0d43792cL,0x660894bc15f60963L,
-        0xf06c411a9e2ec909L,0xc7bb2f80846c3b1fL,0x000000000000017fL } },
-    /* 48 << 14 */
-    { { 0x5e597d089b0a6b1cL,0x3ed100fab66ad53dL,0x9852718497c12a70L,
-        0x295556e631779d59L,0x9733135a0d5a0720L,0x4cf945e66f937863L,
-        0x8289d86b87679e05L,0x1979cf02f3b45d70L,0x00000000000001b1L },
-      { 0xeca4684be1874574L,0x4cde87b963ec3ebbL,0x74486ff281b929caL,
-        0xcf9c54dd5113e211L,0x95bbc0e1b8237581L,0xa92320f70fe355e7L,
-        0x945a1a0345b9dbd3L,0xebbc1d0d4c99791aL,0x0000000000000143L } },
-    /* 49 << 14 */
-    { { 0xffd45977b2f6d655L,0x2a2895ec5dca5a02L,0x4b12c0cb0f0229d7L,
-        0xbc5066638eb2d617L,0x7859a404b4414ebeL,0x25a4ed7bd0414b93L,
-        0x967f9aa382670c9eL,0x1ad77f6fc430405bL,0x00000000000001ebL },
-      { 0xf88be831313b212fL,0xe2e6cab7348e2d56L,0x357676d439019ec4L,
-        0xff936f3869846bd4L,0x6345ca8d66ce27ceL,0x82836c0ec72384c9L,
-        0x5ebe05967beacdfcL,0xfc1d54f4150fd26fL,0x00000000000001abL } },
-    /* 50 << 14 */
-    { { 0x6649d0ddd7587da5L,0xa9f6c67abc3b988fL,0x7ff9da31921c0c68L,
-        0x47453a7901728d6aL,0xf29a285af14e4958L,0x559fef9ecb3695aaL,
-        0xf00d26d90d698abdL,0x9f2a87adf0e12bf3L,0x00000000000001e9L },
-      { 0x1cdd21ff7823d0cfL,0x7817d994456ba521L,0x11a2d178e6b7b13bL,
-        0x272ed174315c7508L,0xee909a0bdf995ad9L,0xe9432355b9194220L,
-        0xfe5bd9b1b2458aabL,0xea8e397b7dcd8a61L,0x00000000000001adL } },
-    /* 51 << 14 */
-    { { 0x3dbd43387b55498bL,0x6e596b6bc82e0ebdL,0x382ef7e250a694bcL,
-        0x3c840753865dac40L,0x37b13cd0267c7b8aL,0xa4767ad5cdd6b7e6L,
-        0xf700ba8d60af4929L,0x3fdbfdfd4c96867aL,0x000000000000019dL },
-      { 0x4f711cb378e1611fL,0xeaf744da23723236L,0xc3f6bda778ebdacdL,
-        0x9aeef0e09e0053b5L,0xbdb6d71a90b16d38L,0x3765112f3dacd8caL,
-        0xf6d3a468704cac3cL,0xe6f258412646b586L,0x00000000000001e0L } },
-    /* 52 << 14 */
-    { { 0x74ff5c5188e250d1L,0x46e6a1dedc911cecL,0xc28ba25b48c5291aL,
-        0x0f571b2aa9fde68cL,0x1c7d3fe989952038L,0x40b66dab6a4850f9L,
-        0xf2a3db3956af4d75L,0x9861204f03123ba0L,0x000000000000016eL },
-      { 0x1ecdbbd45ac22cd7L,0xe7349a910000be6fL,0xff94c6a2327586b9L,
-        0xe78c257f7e123652L,0x18e795c5aaebcaf2L,0x7dffc5b363c70794L,
-        0x6c3b3d2067e76a08L,0x820b7e33afba9f7eL,0x00000000000001cfL } },
-    /* 53 << 14 */
-    { { 0x28046bad1bed718bL,0x89dd1a2a107fad6bL,0x72d4a58ce5be292fL,
-        0x44c2bfb40b8f0633L,0x175b44b9acf0bc64L,0xe77b0389e2a0082bL,
-        0xba56099662ce72f4L,0x88d47c05977a1195L,0x000000000000001bL },
-      { 0xe08df997f1937128L,0x7be24d4e6d7b6de6L,0x2c1da8cc2895c158L,
-        0x867b4dbde6095143L,0x2f9fd14167dda364L,0x746c8bb98f5dd0a7L,
-        0xec978e1931fe3f41L,0x3c2b278da2b6be6eL,0x00000000000000abL } },
-    /* 54 << 14 */
-    { { 0x53305692201e8211L,0x453de0b663165a91L,0xb5787597bc0e4356L,
-        0x49d7a66f6036286aL,0x4f3ec2a9545399b0L,0x87b0f978e70c2bdcL,
-        0xc41adf47db793dc5L,0x6394b7ef20acc60eL,0x00000000000001f1L },
-      { 0x8f24f67bcb1ba826L,0xfde4bb5c9e783ae8L,0x4ab170a0b072e2f2L,
-        0x01968ba82be627d9L,0xe8c1a0115710c838L,0x9aa5552eff2c4c0aL,
-        0xebf694e1aadea875L,0xcd34f51184feeee3L,0x0000000000000101L } },
-    /* 55 << 14 */
-    { { 0xc1e4d3db1ef1e686L,0xb8a1403857560e2aL,0xbb3d623b47538074L,
-        0x18921f9026b5e77dL,0xbb7096d508be51c1L,0x1118eb73c714f7a6L,
-        0x0dfe997369e0fc89L,0xc28cba21f8a93363L,0x000000000000018bL },
-      { 0x66c5603da2f03e1dL,0x4f17de957d775555L,0x26e00c87c2bb36bdL,
-        0xf5a4806a3288e106L,0xf934a912a9a42ed3L,0xe374aa3df76e08e9L,
-        0x3bb52d94983fa9ffL,0x74b832e55d421496L,0x00000000000000c4L } },
-    /* 56 << 14 */
-    { { 0x932645e87ada2a97L,0x21c7eba2e8300b13L,0x948ee3bec714208aL,
-        0x7d4c3d65d66c4b41L,0x8373248e8530bdeaL,0xb053676048b836e1L,
-        0x9db23d3975656dcaL,0x37da5fa90e294ebdL,0x00000000000001fcL },
-      { 0x8715df66bb355ca4L,0x9f0eb8f4ca81ae22L,0x477877be167325c2L,
-        0xde6d697564174912L,0xfd9770aebb0b5cd2L,0xd83513421999f713L,
-        0x14fbdc847fecf8ecL,0x1700b51341521ea8L,0x000000000000006bL } },
-    /* 57 << 14 */
-    { { 0x1fb72fa4e1a987e1L,0x2ec447d4b3a419e1L,0xf414904f0af68019L,
-        0xbd78ef312a752878L,0x84280607c9d3f03dL,0xd234588a676d8a40L,
-        0xfd83257c8405dfdbL,0x9e40b20e5b0e8942L,0x00000000000001aaL },
-      { 0xad94e86e8e352cd5L,0x28598b94e481b980L,0x6bf8a3fa3441e4f1L,
-        0xcf0e604288c65230L,0x9e3cb7518097669eL,0x205666a00e1cc1eeL,
-        0x0c18df29b2f5cc87L,0x418ba30d6986decbL,0x00000000000000b3L } },
-    /* 58 << 14 */
-    { { 0x440f76b5efc7c941L,0x2655270e0f135411L,0xf29c7ba6095b4edaL,
-        0x7ec4aadc12c0b3b9L,0x162b1a6e2637926dL,0x25e1e9634eef2802L,
-        0xd413ab20e56edc9cL,0x0d6ab23eca7901c4L,0x0000000000000019L },
-      { 0xf1d31cac5c98bcd9L,0x939dbd4ebdcfca60L,0x0492c4cae0be4dfcL,
-        0x68e939f3422574f3L,0x80996ded137cc107L,0xc714e969aff399fcL,
-        0xe772477000fc77ccL,0xd980f985472af5ebL,0x000000000000014eL } },
-    /* 59 << 14 */
-    { { 0x5a28ef5122dc1e97L,0x9da0854654fcd9c8L,0xc6b613d635ad72b3L,
-        0x413cb175fcfc0f36L,0xe16aa604bdfa0b08L,0x3e1bbeaf35235a92L,
-        0xbcc910ff3b7d1193L,0x4f6b1df31c21441eL,0x0000000000000087L },
-      { 0xa940ba897d940cdbL,0x93708a405b4b3a34L,0x67579e47cc7f3b19L,
-        0x16260fc86b5c6b95L,0x0bac93e0a1c9c2e9L,0x5dd70dbe2d9c44edL,
-        0x01ed179d47ff1001L,0xd7e891ea2eb5f1fcL,0x000000000000006eL } },
-    /* 60 << 14 */
-    { { 0x330f31b6c916e988L,0x601fca7fa6e737c0L,0x99e063dcdf9c7b04L,
-        0x49e97a9627cd93b0L,0x576fe3429a7c06deL,0xa6d8c4796eac19aeL,
-        0x4c5cc139fc72dc81L,0xf34b69073533fe76L,0x00000000000000f0L },
-      { 0x8d444d34983c41e6L,0x650af8bbe2e49bd6L,0x1794d4c0c1bcb88aL,
-        0x798cb3d8b2fe435aL,0x8544a707e7433605L,0x82dfc6359fd393e0L,
-        0x572bd64292981c51L,0xb451731fe001273dL,0x000000000000010cL } },
-    /* 61 << 14 */
-    { { 0xfd6a06190f7d5e62L,0x363d0d2820d126daL,0x56b94c82ec82e67dL,
-        0xdc493f04d5e8870aL,0x936ac4b4c9cd9fc3L,0xfb6d59b2ad27c8daL,
-        0xc94e470edf8f5ef6L,0x9e47d7f32e818bf9L,0x00000000000001a3L },
-      { 0x384d552bcefa9b33L,0x02d8353268aade38L,0x61b0f08d8208634fL,
-        0xbf13ac956235c74cL,0xa44deea4a108f58eL,0x485fa5c8a991ab4eL,
-        0xd53cb2c59682a856L,0xa590f750072f2accL,0x00000000000001bdL } },
-    /* 62 << 14 */
-    { { 0x5dc324b538f9f14fL,0x0e1b29ca25417001L,0x244cc7596932af3dL,
-        0x19787a6c2765e15cL,0x7144d48fb7fbbde0L,0xe898a059012c68f9L,
-        0xc66ebe6d9d907dafL,0x02aa0fd3e114e429L,0x0000000000000101L },
-      { 0x138b94bb6551e782L,0x326631f7bb5ff6d2L,0x21c17feac81f02a6L,
-        0x72f829c4a1d73b84L,0x941c0390bd578fceL,0xd2c600c409bbf7a1L,
-        0xb849f9bdd3438945L,0xc09307c24d330616L,0x0000000000000170L } },
-    /* 63 << 14 */
-    { { 0x6c553f60c70835a7L,0xdb249d1d454158b1L,0x34eea92e29f411e6L,
-        0xd75f12f67037c4c4L,0xfc5cafae3a77bd41L,0xa7309f006680eae8L,
-        0xa04eb002404a6360L,0x359a53cfc069275dL,0x0000000000000147L },
-      { 0x2bb3ac825af98268L,0x1f3fdf5f50056aa2L,0xd82b90bbcc7a2c08L,
-        0x5c7b793a7c4dbbeaL,0x7bdbb47f568ef299L,0x3b7716307b4f839dL,
-        0x2fa53e49d475515dL,0xa0ef2b77608ea974L,0x0000000000000101L } },
-    /* 64 << 14 */
-    { { 0x4f0e025fa2302041L,0x4d50d98948d262b5L,0x01720a0ad622c7d4L,
-        0xe3b5a94158d1c97cL,0xfbc5b18338aed2a5L,0x27f02177823b5d8dL,
-        0xadf74074775f38c5L,0x95bf91f44f1a6ea0L,0x0000000000000104L },
-      { 0xf9cd82998e2d6ab2L,0xa75b296b6c27631dL,0x077000491e00bac9L,
-        0xdc99e546ebd66975L,0x44fa528275e54993L,0x25fbca4bd50e44d1L,
-        0x4663139381057b1aL,0xc22eff26bdcdf45aL,0x00000000000001cfL } },
-    /* 0 << 21 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 21 */
-    { { 0x3519394e7f6b9b0bL,0x76e8c23501aed422L,0xcb70fe5c64bf111aL,
-        0xc6c025915b3c7eeeL,0xb53b8858f9ed8925L,0x51503afabb66cd7eL,
-        0xa2479b22a6b3f2c4L,0xfbcb06c48eeee4e4L,0x00000000000001c6L },
-      { 0x29f2ff47198bb516L,0x1895fb6877671ddcL,0x10a1e7541e2b80eeL,
-        0xb19efc72a7732627L,0x88f9176e1e0ef24cL,0x22ef41af1fa7183aL,
-        0x994ea31c47d7c8d0L,0xe838b3f2e9793ae0L,0x00000000000001b1L } },
-    /* 2 << 21 */
-    { { 0x39f73a5667d26eacL,0xe15b72b9938fa0e2L,0x16e09f8b554f85dbL,
-        0x0e6d1cee02a16cc2L,0xcd989df35e548e22L,0x9ba195fc3cacda0dL,
-        0xcfecc6f94ce28d02L,0x8b8f51e0c91fa6d8L,0x000000000000019fL },
-      { 0x79f455b2c1a33bd9L,0x76514d33fe83b781L,0x3f5ec772f2ef9526L,
-        0x2d1e47946ea54f2aL,0x472fb203c1e2d62aL,0x6e94a20beabf2c9dL,
-        0x11da7502781a8076L,0x12ccf29a91ba87c8L,0x00000000000000ddL } },
-    /* 3 << 21 */
-    { { 0xc9518f3fb711958eL,0x74d3a13f0bc5dfb8L,0x7da464ac62025afeL,
-        0xbfb139fa9a3e2fa5L,0xb30511cc9a8d7c09L,0x4d3a313f17e41faaL,
-        0x7c53ff823a10c83eL,0x2e85a451abf3f866L,0x00000000000000d5L },
-      { 0xe2844777df1d2939L,0xc3a4ccfe21fdaeb8L,0x47b7e6138c8f6176L,
-        0x038b43eb1b6571d0L,0x9f380474e3f47c8cL,0x623e3416b97bac68L,
-        0x625b6bf1bed4caefL,0x6ac6e0c81664fcddL,0x000000000000011fL } },
-    /* 4 << 21 */
-    { { 0xe7bbf4a8d2249935L,0xbaa56999adb64049L,0x5e0ecae945f8df55L,
-        0x20b22a2f64e2a249L,0x480102231420d76aL,0x24bd8f9ffb45acfcL,
-        0x66e9c51167673f8dL,0x719eda3c1f02406fL,0x0000000000000138L },
-      { 0x56f88274d07c2fdfL,0x2b82612a54c1db4eL,0x0d4ae93896c3b009L,
-        0xf97a730e5897ed7eL,0x3e3505c0396f9c18L,0x20d682e4daea8f31L,
-        0x05fe6ea4e85bd289L,0x6e05507b14613e5cL,0x0000000000000164L } },
-    /* 5 << 21 */
-    { { 0xf0307ea7a3abdf0fL,0x25bc4d1d49de2354L,0x2b8ebd094b8160b8L,
-        0xf437b69e3a63c866L,0x59c64b2fdf07da1aL,0x817d2723ba53a71aL,
-        0x1ec10e309715b466L,0x852eb71d4b5f821fL,0x000000000000010dL },
-      { 0x3a53ed2dab617319L,0x0279fb691e3accc8L,0xe2746511030858a1L,
-        0xd5411a7f4fd0acffL,0x8f31def309c66cf1L,0xf8b414cf85c0c9f7L,
-        0x15222a47d2565b67L,0x732e7eb6471411c7L,0x00000000000001a7L } },
-    /* 6 << 21 */
-    { { 0xbc36eed32f7bf34dL,0xfcdedaaa7cce180bL,0x3b719b5b5cb22fdcL,
-        0x6ae5bdd9e4111433L,0x865a0148381f4186L,0x170a523b9245c6f6L,
-        0xe3be816ac2b1118bL,0x30e7aa62174efd73L,0x0000000000000033L },
-      { 0x1abfe12c4ca2f7c2L,0x60485268733b1f6aL,0x82690e31a1d38bd6L,
-        0x3a55f831d862dc8fL,0xfb3e4436e03e590aL,0xf265ed1075222c2cL,
-        0x41cf2d8753b1fb51L,0x12922d525a82041bL,0x0000000000000060L } },
-    /* 7 << 21 */
-    { { 0x5b6a6ca5ef7dc356L,0xc47b9c0f55c1a178L,0x89eb8747c07b52b0L,
-        0x097775cf736ebbe8L,0xcb84611f506fbdb6L,0x2135b7da68c82d60L,
-        0x1084122dac4454a3L,0x115da2f59c93e278L,0x000000000000016eL },
-      { 0x743591776721fbbeL,0xd051798061337a71L,0x78b344de3aa24943L,
-        0xf41a1bfb0c600b70L,0x25f8d92f0af82b82L,0x1ca931aa74d2845bL,
-        0x0a49f46da9adc76eL,0x78678a328a130e6dL,0x00000000000000bdL } },
-    /* 8 << 21 */
-    { { 0xb5f5385146d39a88L,0x58a99a0f9cc76debL,0xcfdd909ef3825b82L,
-        0x8f49dbdcf4694014L,0xefd505fe9cfec7b7L,0x66a7f2a156925281L,
-        0x6f478d9b2a604fb8L,0xcbc72e9e60f7c436L,0x0000000000000021L },
-      { 0x5bf75682d9c31e98L,0x74d5cd73c8bce143L,0x778bd5f1c700e94aL,
-        0xb01480c73a66b233L,0xc667f078688df0ccL,0x780c73e416bbcf57L,
-        0xb77f5ba9485890e0L,0xd62addf5b9ddacb3L,0x000000000000017dL } },
-    /* 9 << 21 */
-    { { 0x672c965fd2ab32f9L,0xab2a374db95c87a1L,0xe4fe8139aa132e05L,
-        0xb98cbbc73f85bf7aL,0x725d68d9d7ccb3cfL,0x582b15ae213f62efL,
-        0x11c9b3fbd26e9f8aL,0xbeaca8d74076121eL,0x00000000000001f7L },
-      { 0xa1ba33fa48888485L,0x9bdae7eee5ea2744L,0x4ac9910c709eeb17L,
-        0xc40fb92fba0596edL,0x5ae8178f018b8c4eL,0x195d2620536bad49L,
-        0x6ae6807272578ac1L,0x6c759dc05272df37L,0x00000000000000b9L } },
-    /* 10 << 21 */
-    { { 0x28b82948eb24a59cL,0x0bf25c631b236d05L,0xd387a58c49bfeed9L,
-        0x2dbced2791685729L,0xa1cb27d76177f87aL,0x090e003097e13ddfL,
-        0x20eb9c50449d6867L,0x83a4a7d47cf7d05eL,0x0000000000000055L },
-      { 0x65e05f87d0f35fe0L,0x655acaba791ab720L,0x55a8ce4f5da1223cL,
-        0x995fb0091d34dd73L,0x20286c23a837ca4eL,0x9fb1050b368d1ad1L,
-        0xc5fa244d09ee2148L,0x6cfa02a5fdb0a25eL,0x00000000000001b1L } },
-    /* 11 << 21 */
-    { { 0x22421cd9ffa96a6dL,0x9d55702c11437d61L,0x7321fa9eeefe0024L,
-        0x6dcd329c64264faeL,0xc46bfa2b9df8f072L,0xae3d0b0bb712b9bbL,
-        0x58872fd2843ca51fL,0xfd7ba4be6a587093L,0x0000000000000085L },
-      { 0x6a5d962f34e5cb31L,0xbee0621565638aaeL,0x1c6f68bce79e0fa1L,
-        0x2a909815c8d586b0L,0xcd970a5f1e6c2e8bL,0x5d111730d4788cdeL,
-        0xf1e99fa3f9502cb7L,0x2820507bb7a2fea9L,0x000000000000015bL } },
-    /* 12 << 21 */
-    { { 0x2840a083925c2709L,0xbeeb776d988e40dcL,0x9d2307cb281c1df1L,
-        0x17b077868a93579dL,0xec15d5f787d44e7eL,0x78b701a8e8f57a6eL,
-        0x514706b67b1c05ecL,0x7bde81a7918bd719L,0x000000000000014cL },
-      { 0x41d47f48d22c8109L,0x48389e6b0794bcadL,0xb520a2fd65114ee0L,
-        0xad7526c779202240L,0xc25e665af69e5952L,0x180f827aab014a8dL,
-        0x7ec96758db437718L,0x16b626051ae01bf2L,0x0000000000000159L } },
-    /* 13 << 21 */
-    { { 0x338766eecc06a7bbL,0x38189d60f59f6fb9L,0xca63fefc094f4b7cL,
-        0xfadabb8f08ed44efL,0xf56c6c633c5674aaL,0x2ec1c71c3c5178f4L,
-        0x9a2f00872b225bd4L,0x7cbf794d2016171fL,0x00000000000000d0L },
-      { 0x08fc4051c49781faL,0xacefd0a45580fd95L,0x2f99b4e639b0e279L,
-        0x88bc9e961fdcb4f4L,0xf3a44b826f6877a2L,0xf16942811529b850L,
-        0xc94ab84f2fac2a36L,0xdddea7e816a99317L,0x000000000000007bL } },
-    /* 14 << 21 */
-    { { 0xb6fa89c0c3d79838L,0x05627f88d9737181L,0xd82f21517555d940L,
-        0xc6f6a5ca0013b808L,0x54dd8d247472b0c4L,0xbe50f040fb2fe264L,
-        0x43656c23cfed9e37L,0x35bd9e4cb5cb0103L,0x0000000000000150L },
-      { 0xb9da98d1c1640493L,0x6f00d8cf3420374aL,0xf9b4f2fab2892822L,
-        0xb2d967e790404bd7L,0x520b40fcf966a3e1L,0x4eb41624d081f30bL,
-        0xfdf4f5d90f5d4fefL,0x49b561471a1cf19bL,0x00000000000001a5L } },
-    /* 15 << 21 */
-    { { 0x5312245c641ed37aL,0x88c4f135b0b9a3d5L,0x30d1dde090934ee0L,
-        0x2b24f2af7109bd4bL,0x9894c85859f2fef6L,0x0c3a394918ea397aL,
-        0xb69afb5c6556487aL,0x3e722abc2b37f147L,0x0000000000000014L },
-      { 0x4f3625ece9d75120L,0xe8bc9f6e760f4777L,0x5ec9f7ad26990adbL,
-        0x12ce89f5a71fa52bL,0x162ca13a59e66240L,0x30e35e8e2c327a19L,
-        0xcc9671c352274f0bL,0x1c3179a8ad16ddeaL,0x0000000000000043L } },
-    /* 16 << 21 */
-    { { 0x173ab94cd4820fa0L,0x6ac5ae1344f0e094L,0xf67c3f7164fc4c70L,
-        0x2648a59a2ad78517L,0xa7b344939505580cL,0x8cab6b445a741d25L,
-        0xfe41bd4563355fa6L,0xd2731f41d1091a6dL,0x0000000000000096L },
-      { 0x2550a62286e4f90dL,0x65fa978b80070b03L,0xf3ac57b5e3b526a5L,
-        0x8e9207bcf84fa4bcL,0x675a8e31f88e6047L,0xf648cc7c9050ddadL,
-        0x1fd62dbcbc5b7dc3L,0xcc0960d696f0aeabL,0x00000000000001daL } },
-    /* 17 << 21 */
-    { { 0x35b9693643afc702L,0x7ab761253f64bf46L,0x74536901af94fce5L,
-        0xc398a29f000050c4L,0x253372e11f61a444L,0xbec32a601a7a968eL,
-        0x30f79ca4d32cdd9eL,0x8fc8a273d36aa188L,0x0000000000000199L },
-      { 0xc1011950aa637877L,0xcb16308c8348afadL,0xbdc517d0d75d1a04L,
-        0x2416e9476e49496cL,0x536ff3587ffa91ddL,0xebfa91de093d5f53L,
-        0x153def3fb776f2e9L,0xa316de0622aae585L,0x0000000000000077L } },
-    /* 18 << 21 */
-    { { 0x993330c9fc3f22cdL,0x79577855bd4eda29L,0xa63d19d45c666141L,
-        0x0ccb6a6a0146d928L,0xb074cc0b404bc7b7L,0x1f7a96006b8f40e2L,
-        0xbd70c74eecad6cd4L,0x822420f05348f77bL,0x0000000000000151L },
-      { 0x4a3aacda27f09596L,0xaa0514071e083dd4L,0x0424ddfeb91831f5L,
-        0x0131f82ae4d16705L,0xd233fc30983d9eb6L,0xfc5e1759f3dd3cd0L,
-        0xa114e50adc95864fL,0x5ccf299fd01ca0b8L,0x0000000000000019L } },
-    /* 19 << 21 */
-    { { 0x4addcb6e89602aeeL,0x0ba1477fe7a864c4L,0x6896c0d0f2013ee4L,
-        0xf5447fc09de2ee99L,0xf2325a0a377aab46L,0x96715e9cc03d1c27L,
-        0x3c1b0e332e7c82afL,0xb8a1bc163c32e96fL,0x0000000000000124L },
-      { 0x5285e546d427a41bL,0x1e61fb9d07e6faadL,0x6fa31b8c157445aaL,
-        0x613502752276672bL,0x53c4145cc150c553L,0xefdeade47ae2f69dL,
-        0xedfc8ce4622f4c92L,0x30cacfbd5ecf6936L,0x0000000000000156L } },
-    /* 20 << 21 */
-    { { 0x49d65486dfd05db3L,0x18ecda88925480efL,0xe5b4aff93f652a32L,
-        0x80fbd64756e37478L,0x62442ef6e9be38ecL,0x8dea0ede229ca487L,
-        0x59628d74c45becfaL,0x235003453f7398eaL,0x000000000000014aL },
-      { 0xd54645dad2ee9439L,0x35245813ba3abc64L,0xe3fc1027aa7cd95cL,
-        0xeecaee6787f95eb9L,0x9985e5e9fadb71b8L,0xfe172fffbd62ea7fL,
-        0x08830ae729eba895L,0x32f7a9479ea9c27aL,0x0000000000000167L } },
-    /* 21 << 21 */
-    { { 0x770d7b309a9f0e06L,0x205abc30d3efacefL,0x2066b6add8556b1fL,
-        0x2c8caabeea298703L,0xaf766f04735b610dL,0x7c5f3a1083028232L,
-        0x92971e06f3c16a5fL,0xc5f89af1fb4e3fb4L,0x00000000000001f1L },
-      { 0x0a43e9f2974cc63fL,0xe8c4f4a95430a8a6L,0x7ddaf6fbfcb45c3dL,
-        0x40f4d1e3666ef219L,0xe11fa195c2a08ba7L,0xe4176c0448cc0ad3L,
-        0x31da8dd0809145e8L,0x528f736389a99e31L,0x000000000000009aL } },
-    /* 22 << 21 */
-    { { 0xe30c5fbf95151b35L,0xaaffaa4c155b8c7dL,0x4033f52aae3e24abL,
-        0xefcad4675b76fa3eL,0xa0bcb1bd465985c2L,0x7640ccc01c9d6d1eL,
-        0xae11fe7dc809f0feL,0x33f7a2ae8005b8ffL,0x00000000000001c7L },
-      { 0xc69cf35dc2423d81L,0x773a30c54c072a0bL,0xefdf7d157240291cL,
-        0xdd1706dd64a77c60L,0xd313db32365ddda5L,0x3d4114c15a818bbeL,
-        0x83081bbb0394b6b9L,0xf661d4963d411defL,0x000000000000011dL } },
-    /* 23 << 21 */
-    { { 0xe5de8769bd6b5de4L,0xbcc2c3222ca8a529L,0xc18bcfbfe5d4e70dL,
-        0x9756709ea7699d37L,0x3b89a6dbe98a7c6cL,0xe184ab40dd776ae3L,
-        0xfd37deff67292edbL,0x462b1ccb170fc654L,0x00000000000001fbL },
-      { 0x3009aa92647fbcf1L,0x8785ad4545f17f6bL,0xae5f59f29bda68c3L,
-        0x77316cdb713844d1L,0xc3895dbe491a5e2aL,0x6dcdee854abfe1d4L,
-        0xfcebdedbde5388b7L,0xf805a43359094b22L,0x000000000000019cL } },
-    /* 24 << 21 */
-    { { 0xf7ba638d767335cfL,0xb6fb9463733c2346L,0xa0e475a1ed81c85fL,
-        0x5d2fc9f1cb58e955L,0x941fbdc675a1dfd5L,0x732d6cea0f14f1c2L,
-        0x4c13e55921367160L,0x5ba5a950ef0e8d39L,0x000000000000007dL },
-      { 0x355dbbb2bbeb43f6L,0x0adaf151b3505972L,0x01976a0482f0d0baL,
-        0x080824b6fd4be88bL,0x8392b272f4424f37L,0xdc69d67872f6efd8L,
-        0x0a4b8ba4a06b0ca3L,0xb731404cad3fd7c9L,0x0000000000000119L } },
-    /* 25 << 21 */
-    { { 0x8c4b893e8438ab04L,0x426e9c015b7cbc7eL,0x3a294e956f565d53L,
-        0x69f98657888e6f0cL,0x6a9486adf5b803f6L,0x687e5264ebcd577aL,
-        0x6cdc93244a205a78L,0xe10a9e9101c97e5dL,0x000000000000001bL },
-      { 0x42d58686fb52764bL,0x157871b80b39ec31L,0x75a0505c0126704dL,
-        0x96dfd8c2437c5a08L,0x5302bc74e97bb9d4L,0xcae0092ca0fbe05fL,
-        0x4fbf134085caaaa1L,0x6d4de19cce5683a5L,0x0000000000000139L } },
-    /* 26 << 21 */
-    { { 0x45d1b5e3ae0d2bd0L,0xc13cdbc8ef5c8f0bL,0x662be7feef589951L,
-        0x423d544a2ef4171dL,0xe796a4fd9bfaa54cL,0x5e9de83af9b57752L,
-        0x2042c3e8074e5cbfL,0x6c4961a3ae564697L,0x0000000000000001L },
-      { 0xe64d92cdaa69b5edL,0x7ca022404de0366cL,0x385792b3c4de9d34L,
-        0x75b4e2b8b781fad5L,0x77d2671da5772294L,0xc636df75604302d1L,
-        0x35987ba57c003a82L,0xcb61e2501756909eL,0x000000000000011aL } },
-    /* 27 << 21 */
-    { { 0x399a20701976dae9L,0xf6f2e4571b71d3a9L,0x0bfd6fc7e9b58f96L,
-        0x8164107dd991b706L,0x7fb03af7769ff866L,0x0af6920107c255c8L,
-        0xdf5033bbe1aec752L,0xedd2e23d0349d656L,0x0000000000000030L },
-      { 0x48b220ca845c71bdL,0x60aab3582feac689L,0xc6d4210a5c225cfeL,
-        0x5b76afddcd64d859L,0x006a820512c63e37L,0xfadfd8bbe741c044L,
-        0x1bee33806de9fb14L,0xc9e8b7a6ac7fb855L,0x000000000000005bL } },
-    /* 28 << 21 */
-    { { 0x03e7b349f5aa1704L,0x2b9687f12b58ae4bL,0xffcdf578bed31f46L,
-        0xa9fe8c654e9c3260L,0x6ba91059a84d3576L,0xbe8c2ce937adc2cfL,
-        0xee24bad42fb77257L,0x44fd20b693ddc7b8L,0x00000000000001e9L },
-      { 0x0712f3d6af6ae6cdL,0x514a5d50bce47d88L,0x4c6cf0d6b218f3e1L,
-        0x7d9faf6bbe3ebfe3L,0x819449e21731f3f1L,0x7f24451d0be0a5ebL,
-        0x5fd2cc6d6f0fce5eL,0xb9ad4dddfc0930cdL,0x000000000000015bL } },
-    /* 29 << 21 */
-    { { 0x89bcb72f2965c1a3L,0x78ed158faec32473L,0x267c90783c9aaa3bL,
-        0xd76fa6e14f0cd352L,0xebd853f87afb0f9bL,0x95af77ace6185ea6L,
-        0xe4203b726f3b8b65L,0x7ac011da5e19c531L,0x00000000000000d2L },
-      { 0x6a32dcf32bb4a48fL,0x175e8a50892a8375L,0xd4c5362a9b6237f1L,
-        0x82a7c950596608d4L,0xae9aded7238fb8faL,0xfbdad9713df49d9bL,
-        0x53f6cf7db8a3ecdeL,0xdf1be8c023bb25c6L,0x000000000000001dL } },
-    /* 30 << 21 */
-    { { 0xe0af085cad265654L,0x96a9b06d0e9ba333L,0x0498e6bb80075bf9L,
-        0x0774434cfcf89a88L,0x15763bab9d96f967L,0x7ad273ba38775e47L,
-        0xa68abae987147b51L,0xc5afb6878f85dc73L,0x000000000000009eL },
-      { 0x189583a3e29591afL,0x6ab0c471c24ca220L,0x76fefacd27b4fd7dL,
-        0xc550d3513e87b357L,0xae78a070f6961730L,0xc3a5de91c814eb1aL,
-        0xdcf655c51e9f0ec6L,0x1603d1090f632d7eL,0x00000000000001dfL } },
-    /* 31 << 21 */
-    { { 0x655aac17eac519cbL,0x067206c2476f0c95L,0x4ae4ba9e51b4934fL,
-        0xb1c15e7aa0cbfd9fL,0x7fed60c898298b00L,0xb3e6e1a265b6c888L,
-        0xf518f046f462720fL,0x3639f35c665b8764L,0x00000000000001c0L },
-      { 0xdb15a3075d4b45e6L,0x84723914fcfdc41dL,0xcaefb6d932ec163fL,
-        0xd1731f430c7b5872L,0x85d686fd05f934e2L,0x513e444327b0a36eL,
-        0x2d051e22c7b3369bL,0xb4398e0fd3c6239dL,0x0000000000000184L } },
-    /* 32 << 21 */
-    { { 0xddd7a0733f0741e6L,0x6d74b1e2a4689d58L,0x6f6037646798ba3cL,
-        0xdc038772b996b179L,0x6e7e797ae1668e1cL,0x551f4a8e3e285251L,
-        0x705484e5e67fd032L,0xa65fdfcdebcceea3L,0x00000000000000eaL },
-      { 0x33a1c053acfc4123L,0x25030e6abbe1fd24L,0xd9d6af7100d3d90cL,
-        0x063f818bade7d232L,0x99630ac3521ce597L,0xbb594d0eb9ea28edL,
-        0x3f61acbd3a1fb8eeL,0x7e00686f88caade2L,0x00000000000001a8L } },
-    /* 33 << 21 */
-    { { 0xbf04c2f10188a108L,0xd97a675f9bd5cac3L,0x7cf307ba3d550f85L,
-        0xd92bf5638175fa0cL,0xc0b15ced245f8262L,0x21bc381f3ac2e314L,
-        0x0546ca1b630688d0L,0x175e7dc3c4b4496bL,0x00000000000001beL },
-      { 0xbf335d90428c7969L,0x0b0387dd9505806cL,0xa6ebd4a0fef04f3fL,
-        0x019c08a6f16cd1eeL,0x159f950c8516a54dL,0x884c6b4c08e3a0ddL,
-        0xb24a63a5f481327fL,0x0f59393fc58c7694L,0x000000000000006dL } },
-    /* 34 << 21 */
-    { { 0x9e5dfe7511482722L,0xd5cab6054b5e60d9L,0x4fc124c7091e9a56L,
-        0x1bc8ffa6100bd803L,0x415d2974a1c1f05eL,0x5deb11b2328462a2L,
-        0xad47e4ee7cb76829L,0xe28e8cb0734c35faL,0x0000000000000156L },
-      { 0x01bfee8e695d79adL,0x632fa08695129a0dL,0xdf01f6b258964d2cL,
-        0xa535f7780eb0c0feL,0x437acc8b6f055b47L,0x1e090aa3051435eaL,
-        0xabb69b8a1ab3ecedL,0x1ef06b846365da48L,0x000000000000018bL } },
-    /* 35 << 21 */
-    { { 0xb6a65d464fa97150L,0xb19c96e55e1dcaa9L,0x2a6a862687e3b1c3L,
-        0xd4b9123d8d849559L,0x56b91af2419166f0L,0x84129be9531e2638L,
-        0xfb4a404a41f85918L,0xd871249af9933f3cL,0x000000000000012eL },
-      { 0xefc9fb3fc819be78L,0x3c47fb8f43aa377fL,0x431fa13f86e32edbL,
-        0xa6fca0c0f64f51c5L,0xd04a845a6d65828aL,0x2c545f532d623133L,
-        0x979e09ca20bf1330L,0x64b6bd355d28805eL,0x000000000000004fL } },
-    /* 36 << 21 */
-    { { 0x2303e5e45b1a63a6L,0xa8610396589d2437L,0x27c48ce9d7d1d687L,
-        0x5032499a49a2c92fL,0x30727e711af2969bL,0x2668c8f074c335f4L,
-        0x9d11c2808dc25fe6L,0xc1523a37506d1e4dL,0x000000000000010bL },
-      { 0x8709ecf62fa178dfL,0x0eb58c3af8acc7d4L,0xed6a352bd28b9c62L,
-        0x9b232108faaa811eL,0x0cb3f9aa038718f6L,0xd05191930f05ad17L,
-        0x67bf6bec1293e6a5L,0xa3508a7f9abd18f3L,0x00000000000000dbL } },
-    /* 37 << 21 */
-    { { 0xf1555428b42a7bd1L,0xca229f80867797e1L,0x23196735437fd7e0L,
-        0xd6fc95759fda4046L,0x8731b144c2ba4501L,0x748a43a0bda4783bL,
-        0x52878286165a1976L,0x345e999725fe070eL,0x00000000000001d8L },
-      { 0x0193b975d77d2d63L,0x9d406d507cb07465L,0x5d583f3f36396728L,
-        0x236de10de9208950L,0x5f11d5c8ad10ddd5L,0x5d6a91ce792b9f41L,
-        0xf7889239e0f9ed3eL,0xa6278c8f7ed1f09aL,0x000000000000003aL } },
-    /* 38 << 21 */
-    { { 0x4658a9436e35bfe0L,0xf279bf8ffef18cceL,0x3d61d8ba12d3e8a1L,
-        0x67988c8558473f0cL,0xecd48fb0d8032914L,0xb5c547e7a044eadbL,
-        0xf1f61987b5cf8144L,0x90c69abfbd65f4c5L,0x00000000000001d6L },
-      { 0x6dec092ab30cf08aL,0x5a64596a78a36a3eL,0x53cfc2f19e10edc3L,
-        0x82422ac095ce9b54L,0x0b10c3c0c6b2c86cL,0xc4dfc68d6242e7f4L,
-        0xcd0fc4557cc7de9fL,0xe0a9c2568e4beec1L,0x0000000000000147L } },
-    /* 39 << 21 */
-    { { 0x7dcd4b4eb68ba235L,0xcaa7d77bd7b38b21L,0xcd6cb4594112e083L,
-        0x04b016fdda7d8cafL,0x5c12612e23c89818L,0x02ba59c59b3e18caL,
-        0x834f4c029a9ffffbL,0x5da192d72e725278L,0x000000000000003bL },
-      { 0x3aede0a9980ddff6L,0xcc057c5354ec8b06L,0x7467ec0755f24b26L,
-        0xb3e3163b82166403L,0xf3b64bb023f83247L,0x92f1e85be0a32218L,
-        0x7995216504903b6eL,0x0e3d1d200ffbaf22L,0x00000000000001d6L } },
-    /* 40 << 21 */
-    { { 0x1730b2a5c9b816e5L,0xf2c2a1bb5531ee33L,0x1da21329659e0b2fL,
-        0xbec25192c88bce0cL,0xddd4b9e6ac6f52abL,0xf15bd68f9e4b9f7dL,
-        0xea9e12e67d249b4fL,0x56a65055451abab2L,0x000000000000015dL },
-      { 0xc4d7dc72c4b6910eL,0x5fd335922ddff22eL,0x43e429e2b8287af6L,
-        0x258a4647a1585685L,0x31f72f413b62ce95L,0xf63172fa57933b4fL,
-        0x54749d3a0c5cb4d8L,0x514da5d28cc931c6L,0x00000000000001deL } },
-    /* 41 << 21 */
-    { { 0x896165235e844515L,0x0445b78da349dfaaL,0x2d97809a98cd85abL,
-        0xa26356f9acd297c9L,0x23138b25dfcf5a42L,0xf5c56101752030d3L,
-        0x561b7e4288014607L,0xda38360218c12c54L,0x0000000000000052L },
-      { 0xa13a8ae1f3c90e7eL,0xdc8c1d54456ccc88L,0x88f1c0dc733a77aeL,
-        0x55e1567fceb2924fL,0x300ab8cef0291fc2L,0xe4710c77ed9f68aaL,
-        0x623ef9b378f1c0afL,0x90b6c115031e610dL,0x0000000000000055L } },
-    /* 42 << 21 */
-    { { 0xaf881c6a5ed47898L,0xd583a12d314be8cbL,0xc871d32a13385ecbL,
-        0x4a3b26ef9abb78b6L,0x10bea9273313c278L,0xc5e4fef09e2de3c5L,
-        0x899e5a357f670b65L,0x7af654120a813003L,0x000000000000000bL },
-      { 0xab30982a8e0cd895L,0x3ab1a9f32bbae855L,0x1cb2164cf9f45ea1L,
-        0xdad048026dc7de22L,0x31422acf309178deL,0x86ba73a70880dc8bL,
-        0x53255902a44f7762L,0xf8b3d2e6ac090679L,0x000000000000015fL } },
-    /* 43 << 21 */
-    { { 0xc81e8be2e96fc1efL,0xe9b8e8ecdf4a79a0L,0xcef3624371875b4bL,
-        0xb76d0eb976c9298fL,0x04a9f25a7a2f4f86L,0x5ebfbe16b98eed69L,
-        0x591258f21cb923a3L,0xd2704654ca8f4451L,0x000000000000008cL },
-      { 0xa74e395adab82d0eL,0x1838dbcba15563c4L,0xcb3ad95626785cf7L,
-        0xadb39a9392ecd059L,0xbf1440198a788f6cL,0x75a7eb68cdfe152fL,
-        0xb637e415a521d720L,0x2224b489166357b1L,0x0000000000000144L } },
-    /* 44 << 21 */
-    { { 0x7201e2d03e49e1acL,0x11258a5fa85d74edL,0x3d5f97d1aa5d5c55L,
-        0xb0353c296874d83cL,0xbb008111fe79c52fL,0x1bb9d0a52da4d5d7L,
-        0x6c0efdbd45897053L,0xc65636e774481945L,0x00000000000000c9L },
-      { 0x71b21b9b33347b52L,0x84ca3f41d1ced26cL,0x49d65cb043c68921L,
-        0x601a6edc743b9e48L,0xa97dc603e90fc101L,0xb42db9c7d4aa7153L,
-        0x4440eced6c624cd8L,0xcf52d4b8c03036a6L,0x00000000000001e2L } },
-    /* 45 << 21 */
-    { { 0xb6b5541f80eea99bL,0x5e05ba1d0d5c66e2L,0xda681cef35ca870fL,
-        0xe9ce25959f52ac0eL,0xaa144a0897103546L,0x2e8adeea8bc0324fL,
-        0xde71c23196352390L,0x5ffc158b1190a231L,0x00000000000001eaL },
-      { 0x5a6d7ebfd3c77423L,0x087f3be2aadf36cfL,0x44b7382ecac813f8L,
-        0x9a7ea85fda66aca5L,0x7e5e106813af7225L,0x40e6c5730690c976L,
-        0xe2bb8ee55cda95bcL,0x89ab8fbbc7d15d87L,0x0000000000000131L } },
-    /* 46 << 21 */
-    { { 0x2b26bc1e17ca1ea5L,0xabb1ea0d563a9b23L,0x4cc07a7612c5592cL,
-        0x752dcb1940938649L,0x8fc2268dba4358cfL,0xc345a36ba21931cdL,
-        0x89df99fef439d9cfL,0xd9befa2b4f0c2580L,0x00000000000001c4L },
-      { 0x01e1ada7484a52cdL,0x4e80d9c73ea4c56fL,0x48c0b1526b8a8abaL,
-        0x8a3649d3a4a434e3L,0x9c200c7ff18df9beL,0xe4cf8e1570e9b087L,
-        0xe5ac0206645b233fL,0x1ae5ea925372333fL,0x00000000000001fdL } },
-    /* 47 << 21 */
-    { { 0x56086f88e91f967cL,0x5b068412777b581aL,0xdc912cb06758892fL,
-        0x619754c616bcc341L,0xd9e47125e612c547L,0xc12c85685dc7a039L,
-        0x40e97019a27fd186L,0x7959dd2a02b1678cL,0x0000000000000006L },
-      { 0x586f5aa0a27d91b6L,0xc2305d49c6dda71fL,0xf2d049553d6d14cfL,
-        0x9e617cf9d31a1d03L,0xa356ea57cf1d8491L,0x65704bd38b75a624L,
-        0x5fa767156b36400aL,0x975fbf3565a5489dL,0x0000000000000180L } },
-    /* 48 << 21 */
-    { { 0x0febef06cb4a809eL,0xa8af434c261b4facL,0xe3b7185059d1e70bL,
-        0xb62f01e45d1c24f4L,0x8abe4e3db303a2ceL,0x91a5a10f36e2c2a8L,
-        0x710bd5ca7e472ba9L,0x14a31aa677a05ff7L,0x00000000000001bcL },
-      { 0xbadec183453e07baL,0x54c92ec41e3087a2L,0xb87b0b724a6e06a3L,
-        0xe26c6162b5507e77L,0xeb64a07175faedaaL,0xde1c75464988a08dL,
-        0xe99b34851ff0a98fL,0x29a660c2053f0e60L,0x000000000000013aL } },
-    /* 49 << 21 */
-    { { 0x06ed9df68c85e279L,0xde8923fb07d26dabL,0x9de21f265df321eaL,
-        0x46573469d2739ec1L,0x9bd77ab28eaffbefL,0x99493fc132417837L,
-        0xdbdb09c5fa664abaL,0xa128e72276e35b38L,0x0000000000000108L },
-      { 0x89bd3d466e299be1L,0x909cae0e56999cb7L,0xd14abf38cde8b394L,
-        0xb449bc09d7c8d422L,0x0a2f935904ef1f5dL,0x164492d22c962ea5L,
-        0xc334ff1d4322bdc8L,0x0ac21031d0e9b113L,0x00000000000000ccL } },
-    /* 50 << 21 */
-    { { 0xf0185304edc95e01L,0xc200becd9186d5d5L,0xbc9946c03722a9d4L,
-        0x73d2b80aee0c0f7bL,0x3ffac114c25f680aL,0x86a201b64940567eL,
-        0x1744de6eddd392baL,0x9a30fb2334cd027cL,0x0000000000000078L },
-      { 0xc5e2e29d26372a22L,0x82a3e1cb9ea293dcL,0xd470ef090b09afa0L,
-        0x44a6a43be89990a9L,0xffabe7ec82f9f8bfL,0x8c1227e6f274a2b8L,
-        0x73b2f7bba3b60869L,0x1b2510533ae49e15L,0x000000000000003aL } },
-    /* 51 << 21 */
-    { { 0xc6ce482996fffaafL,0xc3f952ef261e06b1L,0x0d07b3310380850fL,
-        0xa2e1b0974bb1fc31L,0xf060f318c059a3c1L,0xef8ae3b2316feff5L,
-        0xc8cf197fa5686663L,0x5f974b59e2cba233L,0x00000000000000e0L },
-      { 0xcc26bce6f24e9213L,0x5d59296170c1bfbdL,0xbb4681d331d2656eL,
-        0x4271c96450f0683fL,0x5a9976d944783a96L,0xd3ed0a6a41eea6ecL,
-        0x9f24f797beae86afL,0xf38112f792dadcecL,0x000000000000001eL } },
-    /* 52 << 21 */
-    { { 0xba2cf7c45cb6324eL,0x7bba7a0805b7da17L,0x53084c6758c59b62L,
-        0x2cd1c9a43cab8df1L,0x0cfd3c151f38d256L,0x373df9d2a34a65bcL,
-        0x88a92c31e815057fL,0x11b2a0e5b8c0cad1L,0x00000000000000c5L },
-      { 0x97f74ae939d6533fL,0xb04e5e9516c73570L,0xf7a53b4ffa446dfbL,
-        0x61dba2b24b4d094aL,0x24fcf80996f67da4L,0xea60ebf50b21ab78L,
-        0xe4d76de60bf97bb5L,0x95032a893c1883bcL,0x000000000000008dL } },
-    /* 53 << 21 */
-    { { 0x55ae0b1461612346L,0x9b0f5c01b19b690bL,0xed0a114eb5185164L,
-        0x852e56403471d444L,0x54c370df67c7af55L,0xf3573f9e9df278c9L,
-        0xf658b02c593c852fL,0x353dc49805bbf9f2L,0x00000000000000ccL },
-      { 0x3f5d30ef08d3da4bL,0x40be4093f479393fL,0x67b87661778da315L,
-        0xf50ef8637512f2ccL,0x4c8c728ab69c92c9L,0xb8a11ef63cbf14a8L,
-        0x75df83bc26cd8287L,0xa4cf8319c99c3d51L,0x0000000000000054L } },
-    /* 54 << 21 */
-    { { 0xd5b6600ff0c1462eL,0x532c6476588cdddfL,0x97737ad126ec65e9L,
-        0x88033b8f801516dfL,0xf9c06f4a55cfa617L,0x5be87436cb5d8557L,
-        0x4245d3d2f48c909fL,0xeb3b54849a6b09b1L,0x000000000000016dL },
-      { 0x377762c7c7ff074fL,0x62240f289ec0af00L,0x47dfdc3ecc3b8a22L,
-        0x70a10d983d40f5bcL,0x61657aba05e18781L,0xb7c112fa31910613L,
-        0xdc29680dfb3b31a7L,0x00aafce3d41fe224L,0x0000000000000102L } },
-    /* 55 << 21 */
-    { { 0xcb71ba5711096104L,0xb0ce7ba638a2b20aL,0x808983acaa6ba1feL,
-        0x21cab98eea2ddbe8L,0xf7e656439f7d2f9aL,0x687d4d7ac9df8af6L,
-        0x342af3932ccf2d82L,0x0352c43ac6a8fbdcL,0x0000000000000052L },
-      { 0xa968c9be5fb47434L,0x3135271d91ca8cbeL,0x7cb25ca5e3f8970fL,
-        0xc427d97cb50ea245L,0xc5144f82bfadd4b8L,0x54473d162937e958L,
-        0x9b5c789b8cb41622L,0x409ccf55ddc0786eL,0x0000000000000114L } },
-    /* 56 << 21 */
-    { { 0xd495b0ec16eba181L,0x834a505a76f4fb91L,0xd1950cf8db3b0c92L,
-        0x5108e0cdbf6bd68fL,0xd8492e459f777ac3L,0x2caa1a4e184f5a9bL,
-        0xfbb91ea5ce860f91L,0x05957c32597025f9L,0x0000000000000097L },
-      { 0x1774a862b07d29ffL,0xcb4eda89cbcc928eL,0xa19276a102ad819bL,
-        0x3d0cacf6f5af5b3eL,0x8dcec31f3bdbc653L,0xaad437092f1ade3eL,
-        0x544e97c3574e10b1L,0xd4364902c62c4debL,0x0000000000000077L } },
-    /* 57 << 21 */
-    { { 0x1c617b0ec7454b5aL,0x192f8da5688d212fL,0x8bb3ad324dffab82L,
-        0x921d0b102ac4cb94L,0x11a93e54698b156dL,0xbbffdd46ba176214L,
-        0x29fbe579b563b65bL,0xf339c5ead20f3224L,0x00000000000001fdL },
-      { 0x425dfbffb94c9ba7L,0xd5bd477b25caf944L,0x99c838ffe4b5755eL,
-        0xc25eb25038c573fdL,0xb5118d7f75ed773bL,0x44f6e5e8e6ea5b48L,
-        0x2ca7102a8a7e4c4aL,0x0124d2c29c4f4fb8L,0x00000000000000c0L } },
-    /* 58 << 21 */
-    { { 0xa364e55cbfc650f0L,0x1a2b834413857077L,0x0f38bd537e8e2025L,
-        0x61829061f7c11262L,0x7e9710e7c3c52c38L,0x9d61eb0b5437249aL,
-        0xe968f5e104c73e0dL,0xc086474678394fb5L,0x0000000000000185L },
-      { 0x08333228a65f7f47L,0xcb026a48269ef9c3L,0xdf7cf0f3902d129eL,
-        0x7fba1a847a5fd75eL,0x3f7338c577e5e332L,0x24a06483c7545ae0L,
-        0xb84bdda926f22ee7L,0xef0538ff3c3d5295L,0x00000000000000e2L } },
-    /* 59 << 21 */
-    { { 0x7cac9163c6f9388cL,0x91c49193705210dcL,0xa5c1088c1358a451L,
-        0x7b6710a56e928e99L,0x98d4263179fa67b4L,0x31932728f9f623b3L,
-        0x27ed2f252417899eL,0x6900af3df6e9651dL,0x0000000000000044L },
-      { 0x7021421eb17ee12aL,0x9dfd837bbcafe310L,0xe54f136b84cdd344L,
-        0x0943bddb5f7875fbL,0x23786b2bbd2ff324L,0x758d4cf386597884L,
-        0x8e831868849cb1f8L,0xfbb48f93c01a2e6fL,0x00000000000001b9L } },
-    /* 60 << 21 */
-    { { 0xaf3720cc32afdff7L,0xcc84e0db51d60c35L,0xedf89c0a595d2b23L,
-        0xfbb1fafb0c9c0f55L,0xe3556b3b8b9b6aeeL,0xc208eb382f5e0a50L,
-        0xa8ee4fa226e707feL,0x65ce95e5b043519eL,0x00000000000001e4L },
-      { 0x05eb17d3ca16c880L,0x617a63a31f1e4c1bL,0xb8aa601ff35ebf94L,
-        0xaf515b4fc5022f1aL,0xc98f8f0a17a2b7fcL,0xa768b9ca67e03fd5L,
-        0x67e6d9afb2e5670fL,0xf069de05d217f764L,0x00000000000000c1L } },
-    /* 61 << 21 */
-    { { 0x90211eba92f1a89dL,0x8a3418ed81b3b80aL,0x0150ed13b0ea17d5L,
-        0x5fc05e99bddb5ff9L,0x3db25dcec5bd9918L,0x50bdec38c09beb7fL,
-        0x34650128159c352dL,0xdf63ab922366df69L,0x00000000000000f1L },
-      { 0x15595a9127aaacfaL,0x4b262b893f0cad94L,0x750f5c4e8ffe4bbdL,
-        0xc7c6cbdf6617b6f5L,0xc96e50343fc54c60L,0xc0bc517912e64bc3L,
-        0x145b25c60d79b77cL,0x049ab957d4b9a2fbL,0x0000000000000044L } },
-    /* 62 << 21 */
-    { { 0x127e4b38a542a8b1L,0xdd85f0c3e2f444f6L,0x44ee07fdb6e479fcL,
-        0x59ef243a40f4a51dL,0x1e0e83ac6f8ae9ffL,0xc7de39577fae0abbL,
-        0xc911c37f62b89c14L,0x998e3826b3ff9facL,0x000000000000010cL },
-      { 0xa45e8947bb8b084eL,0x5a4ef9bf80029d67L,0xc371f57529b4c9c3L,
-        0x1b4c0fbe77732c86L,0x3bd5da09a6282a9fL,0xd668e0a2ffac1e00L,
-        0x2df2a2a08aae6398L,0xa4ab9fcd898755b4L,0x00000000000001ebL } },
-    /* 63 << 21 */
-    { { 0x1935900b9cdb1e23L,0xa2ad33fe0d798a47L,0xa53f7a0a7d291929L,
-        0x320277e12e3a69e3L,0xe5139222cfcf9a38L,0x2ff86f3bdb790cd4L,
-        0xc0bf4565f22c11d1L,0x565340d652a81f8fL,0x00000000000001a0L },
-      { 0x16ce3752e31fc3cdL,0x948e3a7d7e402490L,0x2e2c0f7e5343bb9bL,
-        0x17956f666ce73ee7L,0x93ca1925cce89b93L,0x6b3d128c41464004L,
-        0x11370aca5c4abe8cL,0x70abf93623032806L,0x0000000000000124L } },
-    /* 64 << 21 */
-    { { 0x87daa931dbbc43b6L,0x882a2421d1895005L,0x6013f2ba7aae1124L,
-        0x01d2a8f0bad34df3L,0xdb1b7f432f0b3d59L,0x59039f352a95ac2cL,
-        0x555077aaa6c0a8b9L,0x543b69a862685a03L,0x00000000000000e0L },
-      { 0xbb104059ec48d2afL,0x691c1f18930fa171L,0x8c434c7637d9fd85L,
-        0xd1e56d52068741abL,0x1117a9fc130e01ecL,0x126d517b1f510538L,
-        0x25ce40cef290a27eL,0x0d0b0d8ae90e675dL,0x0000000000000028L } },
-    /* 0 << 28 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 28 */
-    { { 0x93d61c073ca98249L,0x04c4f43d907aa44aL,0xee3d2c3151d5b1d6L,
-        0xe74d6892f859df2aL,0x16ab4838922f8fa9L,0xb0b6f7d1757b0010L,
-        0x7ca940d8a918f320L,0x45e9325b97b8c9b5L,0x00000000000001e1L },
-      { 0xdb18d7bf37316056L,0xc34532048fc0eb89L,0x3929db79060e2db1L,
-        0x2ccbf668b1e67403L,0xc7ce019a9b05f538L,0x9377f4464dca0ffeL,
-        0x42947eb68a570683L,0x6eb25e34e0a1bf92L,0x000000000000009aL } },
-    /* 2 << 28 */
-    { { 0x8b60dc2df6130e66L,0x8ed41be47b6448fbL,0x0862c67e5ea7dec5L,
-        0x97cd528272e431edL,0x944a76da0bff84c7L,0xc168a8fda2075162L,
-        0x21af8de713ad271dL,0x27ebcd24437e9e66L,0x0000000000000044L },
-      { 0x399007d74c7b3dc7L,0x5128a9febafa8850L,0xb7e7cff44db4a4b4L,
-        0x923571173410d116L,0x47320eacb450efedL,0x47ad42e6f8042421L,
-        0xe4ef55c263b6aa24L,0x7a97987c3f882833L,0x00000000000000b9L } },
-    /* 3 << 28 */
-    { { 0xc76e5f4d022667cdL,0x2c78870a3e07fb1fL,0x9e001396d1c68926L,
-        0x707a9c2eed2a502eL,0xaa9a37f8e68933fbL,0x1ae458ac4e4c8f98L,
-        0x8047ed5da71656eeL,0x06826324a9df9d4bL,0x00000000000000adL },
-      { 0x2c4cbd9319c176efL,0x8dac64428092be6eL,0x0c349ee87a074bffL,
-        0xec35b47c0129e1a0L,0x4096e01235253255L,0xb3e6e7fd06b23b09L,
-        0x8b36eac316fd165cL,0xb7d5f97294ad125cL,0x0000000000000154L } },
-    /* 4 << 28 */
-    { { 0x58241d2f43416440L,0xad00daccf36bb0ccL,0xef105aade1b517a4L,
-        0xa88fb367418524a2L,0x960efc2bd69f903fL,0x58b761e2bb316fa8L,
-        0x634a724e43593289L,0xa341dd2178b2c871L,0x0000000000000178L },
-      { 0x29de72f83261324cL,0x53767dbc0ee348c0L,0x7f5a005b2ebc04f2L,
-        0x8c6987a70f7b3b9aL,0x0f387e9d7e48f271L,0x644134585b456a10L,
-        0x015a5da5d0a2a3c5L,0xb236cc58708be977L,0x0000000000000057L } },
-    /* 5 << 28 */
-    { { 0x13c413632bb30ebfL,0x1c51e2fb84a62b56L,0x0ffaefe0883cb2caL,
-        0x23a651151997f036L,0xf030712c9c64e7e3L,0x06320295457aaf0dL,
-        0x945bd82fb2498539L,0x2995df47623a481dL,0x0000000000000161L },
-      { 0xf962f403feb7f8b3L,0x244d8a3a872dff16L,0x59fdaabc89f6ddcdL,
-        0x41661bc87db8acbfL,0x1b641d50c256c87fL,0xd7f8aadb27ccdb57L,
-        0x4daf613731f353c8L,0x33d401882a2a6f9eL,0x0000000000000125L } },
-    /* 6 << 28 */
-    { { 0xbd4062286eed0f95L,0x8693a9d97c6c1c3fL,0x0392e931c066dcc8L,
-        0x2e1eedc6cc819d2eL,0xc7a315d6069e2217L,0xa7495b1808e6f72dL,
-        0x364f38117051ff13L,0xeeeb3cc4bb59d612L,0x00000000000000acL },
-      { 0xfd9e0c1078616d6cL,0x585de5ada8d4af09L,0xd08d9021c3143504L,
-        0xb38fe6557f67ffa2L,0x5682040cd0fcb4d0L,0xd56c8348e6329179L,
-        0x76229a732621c84bL,0x0c98cb02de4cc81dL,0x000000000000000aL } },
-    /* 7 << 28 */
-    { { 0xbfb85a9ba8f70eb0L,0x9fa45d83e59b107cL,0x90207916cff39e25L,
-        0xdf20520f61816661L,0x250a81b64d88eddfL,0x3583bce4d4c88e4fL,
-        0xfcafba316121deecL,0x40e71ea745ff2c20L,0x00000000000001d6L },
-      { 0xf91f204550452ed6L,0x4c7be74a00fca85dL,0x6ac750dc0fcc66daL,
-        0x829ccef87bb3a7cdL,0xf232419e97039a3fL,0x1647039db5f00ad5L,
-        0xc72ebf12dd7f9785L,0x42bbfd03c675e619L,0x0000000000000119L } },
-    /* 8 << 28 */
-    { { 0xb2308971ed0d691fL,0x31c3c54e8cef282fL,0x5cc3d26a97a5ed69L,
-        0xb611a35d43da55beL,0x97492fe68fe11b61L,0xc10a18f0e26f0805L,
-        0xb6e0f2a2ea78e6bbL,0x2570f42e71c3f3daL,0x0000000000000043L },
-      { 0x30048b23d0630da9L,0x3756d05e0f635ba8L,0x1e6e383a8ce0e80bL,
-        0xcbe43361c723d456L,0xb1f089e45cd18501L,0x53132cf36ff2c160L,
-        0xc759b7a24a0406d9L,0x17917e066dc5143eL,0x0000000000000141L } },
-    /* 9 << 28 */
-    { { 0xf8c5b2eb11628dfcL,0xc66d10fc0a42e49bL,0x44c184b4e26fe77fL,
-        0x22ef369da4d3daf3L,0x6662870a2cbe0115L,0x80846b9736ca9e6dL,
-        0xbbafd1317ed388a8L,0x4da614274029082fL,0x000000000000011cL },
-      { 0x68db20a0c06f365dL,0x46005f812ffb8bb6L,0xa0a17ce3bec18577L,
-        0xb7627d8dc3cf8b54L,0x441830cdff30d00dL,0xa53ed5cd8f7a941dL,
-        0xfd1147c999071de9L,0x619db4eb77dd8ad3L,0x000000000000010cL } },
-    /* 10 << 28 */
-    { { 0x7fc5ba6013564f62L,0xe82397841238d231L,0x8249f141e7b6cfbcL,
-        0x37e1b845668154d8L,0xa99523bc5095c5eaL,0x1196969c76fb9d42L,
-        0x6428aa7c92185a3aL,0x428e78d88246676aL,0x0000000000000095L },
-      { 0xe44cef632b1e5685L,0xd9665e7e0d228ca1L,0x066367719dfacf7eL,
-        0x42b09d00fd5605acL,0x0b101edce65b8e60L,0xca4d0290e2210994L,
-        0x50ed6bc6cf9cc92cL,0x2ca63c9ebdebc35bL,0x00000000000001fdL } },
-    /* 11 << 28 */
-    { { 0xa32a9d65fd85284bL,0xb08333a5a4fae26cL,0x8aca0a12ef75e239L,
-        0x9035b7385a77bb33L,0x466f97979aa71a08L,0x375dd05662f91bc6L,
-        0xd93ea401f5cb1c8cL,0x7ed00ca316d691c4L,0x00000000000000d1L },
-      { 0x8ccbd8fae0a3542dL,0x948625d070b071d9L,0x8654df26586a94d4L,
-        0xd6fbfc0f80290be1L,0x2e103eaa260729e8L,0x342394e5f5f52aa6L,
-        0xfaa21f70fb684270L,0x1348fabd7c862797L,0x000000000000002eL } },
-    /* 12 << 28 */
-    { { 0xf5e5237b52fecadeL,0xe0a50e6e4db2795eL,0x7481845f2a4c1493L,
-        0xfea36aefaa8fba83L,0xe7a2e20bee8eab2aL,0x3f4ceb5766a0ad1dL,
-        0x9be294e7c15afc26L,0x7952338d711c1de5L,0x000000000000016aL },
-      { 0x8a9806bba64d25ceL,0x6e72057d8eb8e0acL,0x46eb31f2d3f7e99eL,
-        0x4a408b8d7c3f1998L,0x5df31a262f59604bL,0xd12dc298137d937aL,
-        0x60c9a1480678810fL,0x3011046b48418a2dL,0x0000000000000139L } },
-    /* 13 << 28 */
-    { { 0x317b098c5ca5f978L,0x18fd83202c21b6e9L,0xc147ab01f1193accL,
-        0x7ef3414deaff0d9fL,0xef1a3d6fe28e9173L,0x2603ccbeb25fceacL,
-        0xf825502d5affa9ffL,0x539a125e066a68e2L,0x00000000000001dbL },
-      { 0xaf4b16bfa90a3b2dL,0xe0d81048ff63d1faL,0xb203e68707286721L,
-        0xec631a327bf45b93L,0x4d38cb033b10b512L,0xe08eb57aca57f26bL,
-        0x737d9cd0d7d6ddd0L,0xb00845a86c572d39L,0x00000000000001e1L } },
-    /* 14 << 28 */
-    { { 0x6f24af3eec231c64L,0xa4edad38e7c7bee4L,0xc6ba273ed1eead3fL,
-        0xf68b581f08c4d123L,0x1db45c2364b13567L,0xcd3d42cb5772318eL,
-        0x5cd6e6cb007bf13dL,0xf02d313b071bfdc9L,0x00000000000001aeL },
-      { 0x09083eda4ed3782aL,0xbcdf9ce75b29280eL,0x014232bc63b04675L,
-        0xbd4bdaeceefec679L,0x8712c19ed47c5385L,0x4bb00b447ae76a01L,
-        0x1f847ebd2fb2cf2cL,0x9f2b12b9a7a56439L,0x0000000000000050L } },
-    /* 15 << 28 */
-    { { 0x6ee9325abf53583dL,0x3b7ef054921dd595L,0x95c35ce8c0abc07eL,
-        0x08a3a510646fe810L,0x77fe478185ec11baL,0xe382a5134e870f3eL,
-        0x4eeb7787a9f1b8bdL,0x8521f39d9d8f6459L,0x0000000000000068L },
-      { 0x10aae6d8428a37fbL,0xf0578f9fd66092f9L,0xb90f50ee1ab36081L,
-        0xbb41bcf30ae841eeL,0xf73fa600cf79eb81L,0xeb88461b991afd1bL,
-        0x1b9feff62ce5c0f2L,0x80183105cab1b304L,0x0000000000000029L } },
-    /* 16 << 28 */
-    { { 0xabf17feb008c7a44L,0xade7917a7b12def4L,0xbfba65b83786b033L,
-        0x8ef4af44f0d9f9f1L,0x8f47615cab136caeL,0xe42f100dbcbd5d3eL,
-        0x8f3dc658f05f9b27L,0xd95a6b2dd6f2dbb2L,0x000000000000008eL },
-      { 0x23bb06a546bbc412L,0x15718699d0135eb6L,0x8f1639c4b4ed9e10L,
-        0x767fee42d7f644a0L,0x668267b0fe8ec420L,0xec4f548264e90133L,
-        0x679e614e536d132bL,0x0d72fbaf174df6c5L,0x00000000000000a5L } },
-    /* 17 << 28 */
-    { { 0x0d423fc8b05c732aL,0x1a585cfb9fc565afL,0xd0f09ba8438e8e22L,
-        0x87cb63973b53004fL,0x30673a866bc86afbL,0x555ad65d7e068e3cL,
-        0x4da2eed69da1d5afL,0xe25456e54cb910dcL,0x00000000000001fbL },
-      { 0x412e1fd8c5516135L,0x5465fd3139d159b8L,0x36d437af1a1ab099L,
-        0xed474e6a03e10008L,0x4f229235c14fd291L,0x6f4a44ce3622b070L,
-        0x5221ac85c506ac3cL,0x3e9f54bc552fd421L,0x000000000000002fL } },
-    /* 18 << 28 */
-    { { 0xbe5ee60713182632L,0x4d463baf9bbc5212L,0x658fc11c5c21a796L,
-        0xb81542941474c364L,0x66b925171f6fde42L,0x85cc97916fd16ba1L,
-        0x57c38a821feefec5L,0xb5c51d319b44b1d1L,0x0000000000000145L },
-      { 0xe2da12a3c6228bbaL,0x2be11b05a8522096L,0x8b60f44c6f83d963L,
-        0xf3bac9f672782a82L,0x32bd85e32757d236L,0x901c50c6d59ffc8eL,
-        0x1075eca86ac7c1deL,0xe78c786cf1302741L,0x00000000000000c3L } },
-    /* 19 << 28 */
-    { { 0xe045587941df76d7L,0x5fed520b829a93bbL,0x8eb7752aa9c54f24L,
-        0x0d73e9371b21ee03L,0x4a09582102686b1cL,0x8f887b9944c1e014L,
-        0xc7dd142035f32864L,0x0ccee70dcd5896e3L,0x00000000000000f7L },
-      { 0x73d4e288f84e6409L,0x37444a9e84a45459L,0xac888ad1fc6bd60dL,
-        0xd0f03008ce257cdaL,0x1eba5a906f0e3546L,0x556839e8a7788e16L,
-        0x1fa94edc1624a710L,0xf1ee65bb28d9bd43L,0x00000000000001bbL } },
-    /* 20 << 28 */
-    { { 0x9685604a378806e4L,0x5c0e5a8763fdb760L,0x47b37fd23c4d46e7L,
-        0x911e9f7c46ed261aL,0xab42ac68497d6281L,0x656f59410a8e88d4L,
-        0xcfe3ffac3a296c4dL,0xad1cbe5719241e9dL,0x0000000000000070L },
-      { 0x880193368cc01741L,0x8d354ea83f0eadf5L,0xd334ed2c30cf53f4L,
-        0x4490515e7d521d3eL,0xd5d3d50f83d830dfL,0xde5fac26a718d969L,
-        0x45707e7e4e0d85a2L,0xbac03693e2568e37L,0x000000000000003eL } },
-    /* 21 << 28 */
-    { { 0x05691330a54a03daL,0xf9e12a7e52a5d05bL,0x4e0a20c105bb2074L,
-        0x27872197491f88b4L,0x9314134b0a02eb07L,0xb5840bb05633b498L,
-        0x0348bb60dac28206L,0xc7eaa69e4fa82ef0L,0x00000000000001ccL },
-      { 0xd9d4c45319e54096L,0xdd3587dceb3875e6L,0xd6fdfca14a4b4149L,
-        0x1abc691467148a91L,0x6061e274b3da5e59L,0x2f9eb868f7cea854L,
-        0x057bca4f05aa6a2eL,0x3aed5fe77cc21838L,0x000000000000000cL } },
-    /* 22 << 28 */
-    { { 0x718f892ef3348160L,0x9f4c88c8f6acbf45L,0x2f886753c5fc4654L,
-        0xb078063657a5c32dL,0x63248d855ab020c2L,0x490a231ebebbd4c5L,
-        0x6daf12ab6bf2e47dL,0x144885a078e76ccdL,0x00000000000000d2L },
-      { 0xb5c08a51682e7203L,0xd3b7632dbdc76ca6L,0x1272869f10ad6667L,
-        0xa07122fb431c8b82L,0x226ced3c14371122L,0x2f17db3f67cbe25dL,
-        0x74e6946b54858696L,0xed3a84c544ffb855L,0x0000000000000102L } },
-    /* 23 << 28 */
-    { { 0x40dee98563bc734eL,0x0ef45f6e0c38c9b4L,0x9c5858bc94b7735dL,
-        0x4368630de30fa193L,0x4b9bc14602726a71L,0x18142c21960891e8L,
-        0x08d6b5780dc0ea24L,0x055ca09abe408a2eL,0x000000000000008eL },
-      { 0xfa8cae11987c9c95L,0x9f692d092b011ce8L,0xe5f725ad8e7c6b42L,
-        0x6b54b6a3f4d13859L,0xfaa64fd0e8384d5eL,0x66a16b11682b4c97L,
-        0x04b57cd76809bc31L,0x1afaad69d3eea7e7L,0x00000000000000faL } },
-    /* 24 << 28 */
-    { { 0xf7692e60b5cdfb7bL,0x7fd887faa548923aL,0xe43623edc2d58828L,
-        0xd8047114e1e2f3d7L,0xadd5a16d7c6abbb8L,0x9fafe28a2f1133a2L,
-        0x5ecaa9bd69688723L,0x5281e4addb5c34c7L,0x0000000000000153L },
-      { 0xfc1a8cf1c42d278eL,0xb76ff008220d26e8L,0x6749770f1fb6e918L,
-        0xa7e6f520aec33172L,0x23c7456c247a2e94L,0xe4ef1adf8c38913cL,
-        0x26c0c817aa8455e9L,0x9e38ea10680454f1L,0x0000000000000155L } },
-    /* 25 << 28 */
-    { { 0xc4a03e90b431c373L,0x75a014321dd2d074L,0x9ef6f893b6235777L,
-        0x3e6557afdd83b252L,0xc30056fad6d21946L,0x49175c7ccc4e6bfdL,
-        0xb48d402316ad5f7fL,0xe1f1aa86dabf2fa4L,0x0000000000000054L },
-      { 0x7fd8a69da617a3afL,0x3a6875aeeb6b1e2bL,0x1b42637effaff5c6L,
-        0xa397fc03cb327e27L,0x251106b73e60a49aL,0xf36242809c3e2b31L,
-        0x04a1243054509c5dL,0x023238269992caa5L,0x000000000000001cL } },
-    /* 26 << 28 */
-    { { 0x1375e971b4520f2dL,0x1507d0b367025850L,0x9d9c351920db152dL,
-        0xb9f63cb55e5e5b1eL,0xe4cb0a89428af0f0L,0x9e1857404a4140ecL,
-        0xf05173ae168f1d13L,0xe6a8daa0b553bdd1L,0x00000000000000d8L },
-      { 0x5bbcc749353c767aL,0x85192aa1f811d60eL,0xfbe7b89e7cbc2769L,
-        0x752cc4426f68ea1eL,0x0e5d76f4f550fd90L,0xf2ca39620ee19f5dL,
-        0x1fb501b48398c8fcL,0xbeeab7ad6047081cL,0x00000000000001d3L } },
-    /* 27 << 28 */
-    { { 0xe4f13a4678187349L,0x1a7986452cdad07dL,0xd12edd3b435e558eL,
-        0x0a466b2500c452f3L,0xa1dbe185e3d65c74L,0xcc10132b5bd1dd39L,
-        0xbb42cff31919d652L,0x711748162c26481aL,0x00000000000000f5L },
-      { 0xeae22d3ba0f7e4f8L,0x29d360c402dd3bb2L,0x016d91b5e3b86cf6L,
-        0x888b637cdf4dfbaaL,0x72a94792ab525be8L,0x69d628cde606b3baL,
-        0x34904e50a95540daL,0x18979662c4644642L,0x00000000000001ffL } },
-    /* 28 << 28 */
-    { { 0x1f06341d13a9aa39L,0xedc0d26a7415e0c4L,0x1ba18cd0ee8fed64L,
-        0x6d8fa3e4fbfac509L,0x394bae0b08dda417L,0x44ead62fd835f0acL,
-        0x793b6a8501b1d873L,0x0956227870f859e9L,0x000000000000017fL },
-      { 0xc42d6d2dc699d304L,0x41e68ef38ef5407fL,0xbfe24ff5a825f2ceL,
-        0x36108ae9bdd3f4d2L,0x7fd3cdccbe47aabeL,0x93e1da7ca8b5af7fL,
-        0x29fa9925b0cf1bc3L,0x5c9f946832411132L,0x00000000000001eeL } },
-    /* 29 << 28 */
-    { { 0x600a0bf9d2dac618L,0x685a2a4448291771L,0x0e7bac6514e41416L,
-        0xff8f4f544c0a19a3L,0xab91c47719bf697bL,0x8874baa15a8ae505L,
-        0x4a95436eb79474baL,0x7ec81267f0b04bbfL,0x00000000000000b8L },
-      { 0x61aa15a6d7dc681dL,0xdcbce70b90573096L,0xed2174ff06e003d3L,
-        0x5118698a1f70c6b5L,0xf3f6ebce94529a6bL,0x2e3c16ba7facd875L,
-        0x56ff76fa9c233c63L,0x48d58232b25308c3L,0x0000000000000040L } },
-    /* 30 << 28 */
-    { { 0xe0fe382608b55604L,0x2c1942a38d460615L,0x9527fdfe82cecf84L,
-        0x2a193e252ceeffc0L,0xc238cb9d25d20cb2L,0x357240a611d898a2L,
-        0x94c467330a554201L,0x860fcb2f93f09e27L,0x000000000000019fL },
-      { 0xe19b84d262304b4eL,0x7d06c611375b7f95L,0x59267a24db7fa504L,
-        0x2712fa55cb322b42L,0x31e2690a2bbe4428L,0x0fd9a28a599eb8cfL,
-        0xff80495e26c5d99bL,0x6de22868dd44826cL,0x000000000000002fL } },
-    /* 31 << 28 */
-    { { 0x18e983ea9babce7fL,0xd794f3872c121aedL,0x95377a1ff9be1cb0L,
-        0xec3a779fe94176eaL,0xd1e5c67084093fafL,0xcb651415f62b3cf9L,
-        0x1b0e00bd178fec50L,0x84529ad9e1300de2L,0x0000000000000019L },
-      { 0x4cdd2ef87fd07920L,0x987b7c86fbae0a4eL,0x7fe7d1505007327eL,
-        0xdf55c0da4a8c92b3L,0xcbdaf5ad3b61e07cL,0x0a768f308803468bL,
-        0xf887801ab2ef831eL,0x5dd31ed28493948eL,0x0000000000000166L } },
-    /* 32 << 28 */
-    { { 0xd256b6072de9b28fL,0x286fc763cbefe110L,0x736ff52a138783fbL,
-        0x6f6d822b4ebcd973L,0x78c5a0b685eca174L,0xbfcc5ab679ea21b7L,
-        0x9ccb278d4937e0daL,0x9f50f4422d009304L,0x0000000000000049L },
-      { 0x566947d729f8a798L,0x9793a90581cc1ed4L,0x73da631e851115d4L,
-        0xa0b5c181fc7da6f5L,0xa70593d29f5a7634L,0xc9f71df41e6250a8L,
-        0x2dfd10897a97cd35L,0xc3cdac7ed4e0074aL,0x00000000000001fdL } },
-    /* 33 << 28 */
-    { { 0x527dff175e34cb9eL,0x1185849f852371a3L,0xb9d706ca6726ca47L,
-        0xc1dd38933d915bf0L,0x9a9f8c7c35256ac7L,0xe2c3c09136838dcaL,
-        0x05e64ff7870a320bL,0xa994d8aef3132cc9L,0x00000000000001f2L },
-      { 0x46e991b9272d18e8L,0x8a25edf2fd58a9ceL,0x3785868f285cac3eL,
-        0x5fb2e743d880fc4cL,0x3a1d2ef3b2c3e9a9L,0xfcdc85b5e00ef7a8L,
-        0xbd24e872b5b4076dL,0x668da80789caff99L,0x0000000000000017L } },
-    /* 34 << 28 */
-    { { 0x97bd38162078f256L,0x5d8f6c9b986e1064L,0x54503fe4f389bb49L,
-        0x926f338e896b4713L,0x456413e55b6b0d6aL,0x0c55b0104f321c4cL,
-        0xff7b9d8b68144d46L,0x5558ef1ff5a77121L,0x00000000000000acL },
-      { 0x1d11903a5e46b3dfL,0x5d07f4024329d68cL,0xe7fc54483d4584dfL,
-        0x85cb4edde10f716bL,0x2d8138c27ae7e0dfL,0x23fa18aa0e362800L,
-        0xd29f622742704470L,0xd019bbc004ea20cdL,0x0000000000000010L } },
-    /* 35 << 28 */
-    { { 0x77b70582bfc725dfL,0x40b2fec1c7ac2712L,0x3c12e6c61950a057L,
-        0x854deccd121c54e6L,0xe6650cb5f20f8d75L,0x68bd92942455567bL,
-        0x4d88a2b9b216af0dL,0x690d0fed06150c6bL,0x00000000000000edL },
-      { 0xd17bece2f2efbe2eL,0x231fafc9bb1f57baL,0x06f9776b85b23326L,
-        0xaec0776ef3f362f2L,0x21e0b5369e0c259eL,0x944c4d19139e4f62L,
-        0x6d3067c700a6a022L,0xf58f9dfbd6539e9fL,0x00000000000000b0L } },
-    /* 36 << 28 */
-    { { 0x61acda55111366a8L,0xdec95e38b7f07d93L,0x8222e3d6baf73ce6L,
-        0xa8d24dfa339b0560L,0x205df5b8caa53e45L,0x53ceb84c07f44c35L,
-        0xd44ff89c819e3f50L,0xab02c3c1a9d0fa4bL,0x0000000000000156L },
-      { 0xdb16ebcd79987e96L,0x986ace08fa013307L,0xb83bb30a0c1a370cL,
-        0x9d2cd27dc95cec3bL,0x4c125471240da52eL,0x8f9b0f23588d5cc2L,
-        0xb03e0c8a0e21e5c9L,0xf3a55d8b860c813cL,0x00000000000001a3L } },
-    /* 37 << 28 */
-    { { 0x90c5a583c3835851L,0x4219b5de3cb23bf5L,0x044d34effe2a24a9L,
-        0x5ae5eb83762f96deL,0x9d476c6487fa31c9L,0xbc6aba41aed7972fL,
-        0xbea75febc9ec7341L,0x8ca0dd60627f5b64L,0x00000000000000a8L },
-      { 0x1b50115ed6888e70L,0xa4545e2d794f75c3L,0x401861f9dace48fcL,
-        0x2d5a89afe11b82bfL,0xbe38f972ae3391a5L,0xcc1f6db06d026c05L,
-        0x084ca28ae7a3ef5eL,0x176e9f1fd2864659L,0x0000000000000050L } },
-    /* 38 << 28 */
-    { { 0xc2019c0271b15a05L,0xd48bbe070860ed8dL,0x2361677c20c6be37L,
-        0xa957ea9259c63464L,0x48bdee912c443f75L,0x44f7cc053758b6c0L,
-        0xf4910cca5bc5717dL,0x149c230cd5085dc3L,0x0000000000000100L },
-      { 0x6daa5d33b9ce132bL,0xccf4fbdb2fe80f7bL,0x844149b7b34a3216L,
-        0x66a4b73c9372de80L,0x54b0e50ab74feee9L,0x733214dc6d44764aL,
-        0x06e5f78a04b817acL,0x179ba42cc714eab2L,0x000000000000006fL } },
-    /* 39 << 28 */
-    { { 0x41ca17fe324ebe57L,0xe5b597fc38248859L,0x25a9281f71b1fc77L,
-        0xec8c0f355257f629L,0x9951712b32763a6bL,0xba39f3393983150fL,
-        0x59a52f445396034fL,0x1272ba122070c464L,0x0000000000000195L },
-      { 0xfd4339486ff38a26L,0x0b94645a82186928L,0x37e034cc66c1e676L,
-        0x82bb11a0826343b0L,0x90d5b4c1572a5785L,0x1cb39ed5535b33caL,
-        0xa751d3ca20e812b4L,0x99eed4a961c771afL,0x0000000000000120L } },
-    /* 40 << 28 */
-    { { 0xe819cc844c848a52L,0x97d6bb24a95d1c11L,0x68b512de29b00048L,
-        0x61bc95c028390416L,0x51f63fea5a21876bL,0x109aebd7e3075459L,
-        0x7735f70c233315b7L,0xef66a59c6e0f35a5L,0x000000000000006cL },
-      { 0xad0aafcd784af74dL,0x3c5bae42c1b0ebe0L,0xe12e2963f5a634d7L,
-        0xa0bbcbda7a495138L,0xa4c2f0c2863b8befL,0x1d13dc0a0362bfb8L,
-        0x04be3b6554a111c8L,0x9eefc66cb793f1e6L,0x0000000000000149L } },
-    /* 41 << 28 */
-    { { 0xaff95949aba4045dL,0xef288e2241d0dbc4L,0x0ab889d979410183L,
-        0xc48157059989f404L,0x2b110dc9491692caL,0x6d5786920c0aece5L,
-        0xd6afdbf4189fb2dbL,0x6188a57807a0d0aaL,0x000000000000006fL },
-      { 0x9daa0f2d3790f377L,0xad1c16553dbd8164L,0x806e1f9d98217107L,
-        0x10c67e47fc30518dL,0x80f2ab513af331c8L,0x36c8e5f435bc6788L,
-        0x698054e25e7b589fL,0xff145a30b144fd63L,0x0000000000000039L } },
-    /* 42 << 28 */
-    { { 0x77f03fcfcaebe2f1L,0xb032ab4fdb8d0df5L,0x50298bee11271b80L,
-        0x7c9b538213044e40L,0x1e63fb4cba1f0404L,0x0cc77790e5221558L,
-        0xfb667df9d87c07c1L,0xa1bd9b5d4fa5461aL,0x000000000000015dL },
-      { 0xe666b8a3f59d0fc7L,0x8cd99856f93b329fL,0xf15ac9dc87d43f51L,
-        0xd62f1d4413c7726bL,0x35987d28cf157054L,0xe7319cf68090fc08L,
-        0x4fb5e518a58e7727L,0x3d916c071005294bL,0x0000000000000096L } },
-    /* 43 << 28 */
-    { { 0x26387c347fa8da38L,0x006b5bc95663e995L,0xa81762db2fdc672fL,
-        0x5aabce64d76c766eL,0x6c65a1c46b285f33L,0xecc5dab81d758143L,
-        0xdf983510b9f496b5L,0x2cdc07a59176541cL,0x00000000000000a3L },
-      { 0x290335c934e7f5cdL,0xddb7748db9b7f197L,0x109b9ae09bc63c8dL,
-        0x29e888ac028d3fc2L,0xbf292ad344771ea8L,0xdb60dfe2168360c0L,
-        0xf3f5490d7d7a936fL,0xe387ba89057dfc8eL,0x00000000000001f0L } },
-    /* 44 << 28 */
-    { { 0x9a4b7f6493d68b0bL,0xe6e6ab700404d1feL,0x6879df3a95063fb2L,
-        0x6aaafd74fc273d08L,0x71f6336497fb7eb7L,0x4ae28c634362c275L,
-        0xf5848a9d8c1a487fL,0x67c1efe8eeda4a03L,0x000000000000005dL },
-      { 0x60e266b622da687dL,0x0a676ac5b651741eL,0xe39e0012736dd734L,
-        0x7cf92513a3880359L,0x8b6c609629913ad2L,0x2c5b829daf6a7412L,
-        0xd6fb88f34ff49696L,0x2eb1377cdb4b807cL,0x0000000000000030L } },
-    /* 45 << 28 */
-    { { 0x7a3663d88d937dadL,0x505e614c7a1002c4L,0xc785b58d85142711L,
-        0x656182e5d3ad2984L,0x8d10353e265220cbL,0x3b1be55ab5b54894L,
-        0x5cee86bd6fdc5483L,0x3405297d76c6839eL,0x0000000000000198L },
-      { 0x872c51c47e6df1d6L,0x924e0616fdbd9f55L,0x8dfc23caec4f6876L,
-        0x14989c5e42c59e5bL,0x9cb5b0b59f20ac1dL,0xb9a5c77bffb1f896L,
-        0x9eeec4ae52e7e29dL,0x6b0353efc45b8bddL,0x00000000000000bbL } },
-    /* 46 << 28 */
-    { { 0xf2d4f1c72688cd8bL,0xf192d22d5ed62791L,0x40228bada8326f24L,
-        0xad8b562974aeaf7eL,0xc7d3b568ecf92ff6L,0x23108db20fd0b496L,
-        0xafc3418f1ebda53cL,0x029bfd1a165a4ef6L,0x0000000000000160L },
-      { 0x340cb9d7c908ed51L,0xef88826762017c05L,0x1313d7669ae63181L,
-        0xa8d9c2cd6c8a1b89L,0x524cb90b35bad6c9L,0x91af48d2c6aabfdaL,
-        0x7b7487b93c3231cdL,0xf20201abf5028680L,0x00000000000000acL } },
-    /* 47 << 28 */
-    { { 0x414b33978ac56c3dL,0x721029e16bea57c1L,0x9cee0c176997d034L,
-        0x0e066baa743206c4L,0x54151f4c5f961984L,0xed5900facc869502L,
-        0x0d9da2d227e7b18eL,0xc7fa2af5e3783266L,0x00000000000000a0L },
-      { 0x6616bf15ad5ac8b4L,0x72c8d17c80102d46L,0xbc1f78c8168b5c6eL,
-        0x48018dd3c400914dL,0x20cd1be54cc9c130L,0x7fc70e61d99d9e60L,
-        0x8b14cc2a42d62a83L,0x74df1bd13070d89dL,0x0000000000000074L } },
-    /* 48 << 28 */
-    { { 0x8fd8dc497694f566L,0xb2ab052d1fa6e13cL,0x7e4a708e9aabc7cfL,
-        0x68a9c33a6b81f0f0L,0x96e4988af1f7cb07L,0xdca8d731ea264c22L,
-        0x245371e321b3372fL,0x02216476308d2300L,0x000000000000017aL },
-      { 0xebf5411633696cfdL,0xa10c5784419623a9L,0x4c6a119c38fa84d5L,
-        0x5c8eee646d4e5bafL,0x7f99d26d9b4959d5L,0x58708101174f417cL,
-        0x48cab8f38294b72eL,0x828aaa19d9710f9bL,0x0000000000000192L } },
-    /* 49 << 28 */
-    { { 0x8a45f3c1f711e80fL,0x9f5a1b9df5d9caccL,0xbc1fc975a7625035L,
-        0x80b67120b5f7fc73L,0x9bc987572eafb656L,0xf20515ca406e0a1dL,
-        0x83305c67b23372c6L,0x40f4c0ce9ecd6e90L,0x00000000000001c9L },
-      { 0xb3598c05be9425d9L,0x255dd9d8a49eb383L,0xd4ec4a2f04a8bd10L,
-        0x5c0d36abd5c340f9L,0x0d568642795637acL,0x728aa0f2e00d6487L,
-        0xf8f49bec3e20b8a8L,0x65d71712de23750eL,0x00000000000001fdL } },
-    /* 50 << 28 */
-    { { 0x73e49f63e25b0952L,0xb877a9e56030d626L,0x3ce843972e0cf3a4L,
-        0x3d1a2de214820b67L,0x528fcf23c2261e9aL,0x8a9318e1c47264bfL,
-        0x87331e933d4a4fe5L,0xc5f4d3321ad39c92L,0x00000000000000e1L },
-      { 0x3c22a52df23bdfd4L,0x78a4fe92df000b45L,0x359fa4c23eef9355L,
-        0xebd16e3f4c272143L,0x661c7c241736536cL,0x72a7416408be5d5dL,
-        0x417ef58e88a433ebL,0x79f30b9d3a0aa85cL,0x00000000000000d0L } },
-    /* 51 << 28 */
-    { { 0x968f8fd66f2f9e3cL,0x0dbd79fc8adb4e50L,0xf78190a5bc410644L,
-        0x0167515013eafb09L,0xaf9a05602b728353L,0xed98a1b3fb685f2bL,
-        0xe07d0806e04f3502L,0x6607fe2785954a39L,0x000000000000007cL },
-      { 0x7169286c817b5efdL,0x8cc453557b7f8a16L,0x0c3339433f68a9c3L,
-        0xf6f5c92ef13d3edcL,0x1e09ef6cd115e7cdL,0xad3b1ba9f6271d3fL,
-        0x4cc6ee4fc6be55c7L,0x32cd2db2e20d8022L,0x0000000000000151L } },
-    /* 52 << 28 */
-    { { 0xa2b57e47ee31f1eeL,0x35ea17041c5d6c0eL,0x5e23fbd525856990L,
-        0xb560d2e20908d00dL,0x5c0804d5b516dceaL,0xb84fd1cf6a938abeL,
-        0xc1f15c276ad24548L,0x42850a0f4de8022eL,0x00000000000000b8L },
-      { 0xcf3f0f8c86fac159L,0x1e9b9f2741cd1461L,0xc470786c27f36196L,
-        0x8eb042646ab8c405L,0x237fb49506bbbc7dL,0x40c30b4714750e91L,
-        0x9db7193bc17373a0L,0x597f1ea9b153e953L,0x00000000000000c2L } },
-    /* 53 << 28 */
-    { { 0x4fdf2cebc8434a58L,0xe2d310b11587a33eL,0x7870a0118476a5e1L,
-        0x23a5c69ca4d72f4dL,0xc77d905fce3550bcL,0xd61a54a01c717549L,
-        0xd97c3c91864059b2L,0xe1f1c2f0d6636fa3L,0x0000000000000036L },
-      { 0x312ce02a59481b67L,0x361cf25529cb2c16L,0xa6cb28f9c8ad1e71L,
-        0x82729b40b59d68f7L,0xf6d4ac7bb8b4e098L,0xb4993a2c711612b7L,
-        0xac9ba748b7a1e41aL,0x5418d9a322a5eb87L,0x0000000000000005L } },
-    /* 54 << 28 */
-    { { 0xd89fc40850c82edcL,0xa41578bad7465868L,0x6fd92f67c937ccbcL,
-        0x7564cfdc2467d5adL,0x32ba16a72b4babafL,0xf6ff32a4cfe6d562L,
-        0x2797b1689ef2ceb3L,0xb7a640f2f578b176L,0x000000000000008bL },
-      { 0x4f319670b8ca6146L,0x972e72a0742476efL,0x7bfd9206f2f25ce2L,
-        0xc68027e007eae81cL,0x2eeb468847fc7d16L,0xaa08354f502dda1cL,
-        0xe3137c68ceb141ddL,0xe5e27505d1f6ba8eL,0x00000000000000f9L } },
-    /* 55 << 28 */
-    { { 0x62a6970950bee1d4L,0xd1f4674013839f16L,0xab48f6f44cb023ecL,
-        0x683371fa89ac6079L,0xec8abd69ca14e962L,0x3f2a8f4619f6cf07L,
-        0xd2ceec98cde7fef2L,0x4615e03fcac0741bL,0x0000000000000196L },
-      { 0xcfe7cdc5821caba6L,0xbd82d1481006abb4L,0x5725410af4919b55L,
-        0xab26f4c1af20960eL,0x1bef3c7b9558b455L,0xa4b2fad5d098a394L,
-        0x9a656c097f01c091L,0xdc7048d7fa70a8d2L,0x00000000000001efL } },
-    /* 56 << 28 */
-    { { 0xcd4f21b88df62d16L,0xa99200834bc94f02L,0x95211c6856a37590L,
-        0xc933ae22dc0e83d6L,0x8e733582aa26236eL,0x129991995e6f68d9L,
-        0x43f6cb3853e4cbe4L,0x6d14bf9948098f89L,0x0000000000000177L },
-      { 0xa3e3899f9173bb49L,0xbf5bc771d1969f3fL,0x09207ffae5b5b91bL,
-        0x29d14eec974821e1L,0x0d3fdde868cded21L,0x4d99062ac9895973L,
-        0x836aaeee85928705L,0x9ca8345688cad913L,0x000000000000013cL } },
-    /* 57 << 28 */
-    { { 0x7b16f87dcace418eL,0xd2a74c4165a2b019L,0x95ec1e15c7d4681aL,
-        0x01c830f417e4aebdL,0x0de6f0ba401c8bc1L,0x8114c81627d5149fL,
-        0xa01d3c00882054d5L,0x2eca68b0abf0dd69L,0x0000000000000105L },
-      { 0xe2858d41a6369d0cL,0xdc444fb36d9ac709L,0x8d51a6eb2ea50b78L,
-        0xc3c1f95e17149666L,0x39e712190439bd89L,0x5f3e04cc1fa5b6d4L,
-        0x40c776d524944156L,0xf7859b8892597750L,0x00000000000001ebL } },
-    /* 58 << 28 */
-    { { 0x18a3a3122877dcf9L,0x4c57231db0789aa4L,0x1f9758d9f4e77a15L,
-        0xc5c1c2ddea02469cL,0x4f33f024035a3628L,0x33b60b241bf0ca55L,
-        0xb957e710bdd64bdbL,0x96d0abb164b24ecaL,0x0000000000000059L },
-      { 0x0b9145eaa2035647L,0x929ac0d3196cc1d2L,0x0daf403c10192c2fL,
-        0x7250de726ce0a385L,0x5027595cc2217f3eL,0x7650cda46818396bL,
-        0x7df3f9df94ef5f3fL,0xf9ce383e3e9c1a38L,0x000000000000010eL } },
-    /* 59 << 28 */
-    { { 0x80307b9548f639d7L,0x089dd1b7fada9eb1L,0xc0f43d7948380214L,
-        0x2cc2421afbf50727L,0x24111e56f3ae1323L,0x33dfbad162541943L,
-        0xfa604e1b9bf30a36L,0x3a41e9980ca23f2cL,0x0000000000000051L },
-      { 0x463d1718e369ad8bL,0x4b789649cbdad74fL,0xd921f71d3229fa15L,
-        0x179d3710aa4ffff0L,0x347a47e251e078e6L,0x79ded1a24aaa0a8dL,
-        0x93fba0dacc6d871eL,0xf4b3e8f626309221L,0x0000000000000158L } },
-    /* 60 << 28 */
-    { { 0x0220cc1183aab8fcL,0xb66eba5bd21536a0L,0x7f537a8dad7476c7L,
-        0x6250e935d154a65aL,0xe3e8bf57ecf46b3fL,0x8f3f800bb0133ba3L,
-        0x3b16a5be59bfbdb8L,0xe575b5ca3f0f52efL,0x0000000000000096L },
-      { 0x41211e957280531eL,0xc1287776078368adL,0xae87eec633a5db39L,
-        0x2d076f221846c7c5L,0xe11fe8f1bbe5f70eL,0x7cb1cf6f8bc46087L,
-        0x5c2a40382eb6325dL,0xb0aa793ef76b0b80L,0x000000000000018aL } },
-    /* 61 << 28 */
-    { { 0x2d5e2db75759d562L,0x036f50c2f0d645e9L,0x5a2f49d295e73061L,
-        0x43a6194ca19819ccL,0xac1f9da3bdf2a175L,0x5bc51f5ea6e0386bL,
-        0xd932dc0aca202aadL,0xab9d361dead9e506L,0x0000000000000179L },
-      { 0xc3fd69caa5500bccL,0x35ec63c388bc2b00L,0xaccf525c4e34d8b0L,
-        0x7689d112db03dce1L,0x6686d2b5ebcfdfc4L,0x6cea5f5186d46983L,
-        0x52e8e77117e4417fL,0x279048cbca4c2157L,0x00000000000000eaL } },
-    /* 62 << 28 */
-    { { 0x5cfa362a96323595L,0x10d1ad380b2a3e9dL,0x59baa91aad12493cL,
-        0x0f5bb9d432c9bd68L,0xac141dcc0464141cL,0xc3d395e08460a809L,
-        0x6919e44f14719d6dL,0xa66fc8237e5aa5c2L,0x00000000000000a4L },
-      { 0x7d4fe91ad7fb6604L,0xf0cdc6166125d587L,0x52bd3f11ba69e22bL,
-        0xbcb33f67f9af69bdL,0x4f3824ca3296150fL,0x2490712b2ab3bf72L,
-        0x561da32946d6d180L,0x1a7607b4bb6fe954L,0x00000000000000c7L } },
-    /* 63 << 28 */
-    { { 0x6f5340ce32ebce2aL,0xf8403e09331393daL,0x4cedd42fd5eed810L,
-        0xd697d934f24a2dedL,0x7253178f7f2eed40L,0xf637a3c22e487a59L,
-        0x3a562449230bbe9eL,0x7ee1c93313a9f00aL,0x00000000000001e0L },
-      { 0x3e9c3f430c67ff5bL,0x415d74ea77e94e6aL,0x4ce10a8fdaa7e03eL,
-        0x3a38ac77ca7e82ebL,0xb63762010391062dL,0x9e261b95276309b3L,
-        0x33787055f4fd6e43L,0x0655512a1e763082L,0x0000000000000114L } },
-    /* 64 << 28 */
-    { { 0xaed480e002f799d8L,0x021a2f24d635c04cL,0xe49a60d8004d0abdL,
-        0x58ab8fb04d8873bdL,0xf36a43c81ecd98f1L,0x555f15c4cd2f93f7L,
-        0x295d868d4eb95e03L,0x1aa8e425b50553a1L,0x00000000000001deL },
-      { 0x2efce59878fcbf33L,0xc499e9fdf4e93711L,0x0f5220ad0c6e6fadL,
-        0xed0d0a9b9fc9da8cL,0x84235958f7813802L,0xed21398e62729b3dL,
-        0xdf6c25ab3c9bb158L,0x87d306d9edd78e48L,0x0000000000000085L } },
-    /* 0 << 35 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 35 */
-    { { 0xa0bede1baa9a08abL,0xa32364531fc48289L,0x27f83d5a8c4e95c5L,
-        0xd4e05998a98b2122L,0xe4118aec7d51821bL,0x18ae6c6a883ce4e9L,
-        0x686d2a6e0d65e4afL,0xce00c72768d87702L,0x000000000000004bL },
-      { 0x8c8c0c984c0b4b11L,0x09c31a00977e63aaL,0x1999f20642100b94L,
-        0x7314df12c4f0cf33L,0x0bb59f1a5f5da290L,0xf08e85bc03d4fd95L,
-        0xcb0b361fd6fb0524L,0x9192a173f35d713fL,0x00000000000000b6L } },
-    /* 2 << 35 */
-    { { 0xd23357cbc11b2a0bL,0x70de0d3fb179a631L,0xb57a0fad122b12b6L,
-        0x3203600f78489416L,0x99fe0b86d26d2267L,0x36f3262f3b9deed0L,
-        0xb6e6116024a32dcdL,0xeabd7c06aa745047L,0x000000000000009cL },
-      { 0x3f277e18cdc4cff1L,0xcad81ada6eb7045fL,0x3f82d6dabb804212L,
-        0x7eca837503b6a618L,0xda88796995f2970dL,0x21fc350feb3a7834L,
-        0xfc332b6e55f9ac1cL,0x0d85b43418d4111aL,0x000000000000003aL } },
-    /* 3 << 35 */
-    { { 0x0a06f1def4fbe878L,0x09f64854ab82ebedL,0xce87ff16deccf5daL,
-        0x8da229260c3ee54fL,0x9daecdb54b3b01beL,0x3235049383c3f13aL,
-        0x83009a5fce924497L,0x02c32dd344f6445cL,0x0000000000000099L },
-      { 0x29fe64280889ade6L,0x53e62dea97b76d1eL,0x2bbd1dbc85849c69L,
-        0x2b35472d511dd92aL,0xce302bb9a1200de3L,0x8da55e0b188c8660L,
-        0x4beaf0cbb581d96dL,0xe8b2a18ff7b7e9a3L,0x00000000000001edL } },
-    /* 4 << 35 */
-    { { 0x9b7b7da8ccec2c14L,0x1ebd382dcf4fcf1bL,0x72a07d22f1c3f836L,
-        0xef166de452992679L,0x5add8684088555cdL,0x61fbb803c2f8fff6L,
-        0x7da8e738e52770faL,0x36a94145f9f2506dL,0x000000000000016eL },
-      { 0x50af6f099e6f7092L,0x541acac8bd540556L,0xf927547a616159c2L,
-        0x4d2a84617c7dfe4cL,0xb603c320754fdadfL,0x0ada986235c19059L,
-        0xaa95304ebe17a78aL,0x50f8baff41244129L,0x00000000000001d6L } },
-    /* 5 << 35 */
-    { { 0x260efac5aff9e319L,0x8e3650c87d4f1d91L,0xce7bee9d3b3fb7b4L,
-        0xa6d415cc99eed5f6L,0x8041fbf9974686a2L,0xcfa2aa4f379d32bfL,
-        0x920a936febfae5bdL,0xb75e33b8282e5ad1L,0x0000000000000050L },
-      { 0x979059cd6175e89dL,0xd630ac31f3da1ed4L,0x64f8fbb8d3225d27L,
-        0xf78de657c1c566deL,0x6759e1cfd17fb6a5L,0x50864db03bc3a849L,
-        0x225685c9365020c5L,0x16ef56abaae66d87L,0x000000000000013bL } },
-    /* 6 << 35 */
-    { { 0xa8187a5fc0c3e8aaL,0x89107b456dbae123L,0x023bb57a57ee86f9L,
-        0x7b574f5dd0a5e4b0L,0xf832b673e8c79ce3L,0xc10bfdf66771037aL,
-        0xf448e37efad2b5dbL,0x198293caef6701f1L,0x0000000000000070L },
-      { 0xee3e2714deb4db92L,0x5af53d653e2a9e0fL,0x8fe35f6e0fa38e48L,
-        0xe512d6895dd085e7L,0x8b6aac03ead33215L,0x44cf0c3c6dda0f8bL,
-        0x1d642848a861f599L,0xaae60d552d02dd4fL,0x00000000000001bbL } },
-    /* 7 << 35 */
-    { { 0x79710d49dbb8281eL,0x2296ca841e2a213dL,0x7f8e1a9cd847ec78L,
-        0x158f24bed7aecd74L,0x571e8ca657b870e3L,0x8748e407df98feb8L,
-        0x822192b857348ae5L,0x7eea8f745f73e93bL,0x0000000000000136L },
-      { 0xa56d856b87d43834L,0x9fe0ff564fd91500L,0xf52ef09924aebb47L,
-        0x3c311496864cba01L,0x93d2bcd8a74253feL,0xfbd223f96fbb71dbL,
-        0xa7776b83bb1badf6L,0xcbdd63a911f4e4dcL,0x00000000000001abL } },
-    /* 8 << 35 */
-    { { 0x6a7316dd5dc62efbL,0x377777eb824cf4dcL,0xe349e9457255c5a0L,
-        0x64111cb9bf497e75L,0x1d91dcc714b1eaaaL,0x87ea1779cbcf5454L,
-        0x070f848d42c890f3L,0xaaaf9a3881e4bc6fL,0x00000000000000baL },
-      { 0xfd521f1d853096ceL,0xa44cca3f3c8f7ac5L,0xd960927b3f30cfceL,
-        0x0d30feb7c5999722L,0x5b0d38e22adc3822L,0xa00f4a022aed7af7L,
-        0x1bc83e716ed4dd28L,0xba2213a238615d83L,0x00000000000001a7L } },
-    /* 9 << 35 */
-    { { 0x7df37450630874ddL,0x028f47c9e0e446b1L,0x1ca7c1c3881cd7a0L,
-        0xbef2f5ce04bd0fa2L,0x6cb6bfe1bb0716baL,0xfe1d702d263901c7L,
-        0x8537e484e098aba3L,0x9f5aa1332885a9ffL,0x0000000000000196L },
-      { 0x82ad05da072c7a4fL,0xaa09589418c27ca3L,0xc39c9cdde3b68587L,
-        0xe94da9f0e85d5f74L,0x7287ea7df479ea5cL,0x7b4a94403825c3aaL,
-        0xb8bfa948d0cc984aL,0x713f8cc029742546L,0x0000000000000073L } },
-    /* 10 << 35 */
-    { { 0x4a7912f4453a46d0L,0x1d2e76231c7cf115L,0x2208de2b8f29c610L,
-        0x809daa6181e502b5L,0xa8f149fc6bd724b5L,0x38af43fc31ce0e18L,
-        0xa2fdba97e8139cfbL,0x665271bd9eb155f9L,0x00000000000001f1L },
-      { 0x8b86fc468d28ea7aL,0x8cf2558a51d8fa58L,0x2c97c546d7ba83e6L,
-        0xde7cf223acf26595L,0x7802038e4ce7407fL,0x95574ca7ac6b1de1L,
-        0x98631057f0e9c573L,0x43fa05d155e8bd77L,0x00000000000000a1L } },
-    /* 11 << 35 */
-    { { 0x35492249be9bd7e4L,0xcafe206f52521c89L,0x47dc978d77be09a2L,
-        0xc0ea0080ebf81c97L,0xc3e10de2694d91c7L,0x9811bc56772426ecL,
-        0xd1f4fedea3e2d3faL,0x4305664eb53e0995L,0x00000000000000b6L },
-      { 0x25a3583d1be78b26L,0x8ddb19664de54cd5L,0xa766c88dde4b1b5fL,
-        0x5b23a2a7fcd74bcfL,0x1ed2d0cd3a4784f6L,0x14020b80b6c02a2aL,
-        0xec21146ed646ac46L,0x6896cbd4a392e47bL,0x000000000000000fL } },
-    /* 12 << 35 */
-    { { 0x6f3326291afb08a9L,0x9f159db2908c995cL,0xa36f91bb5e8dfd58L,
-        0xa8ee1cd8736ce4d1L,0x45832ab2cf58ae21L,0x08ee6a41316e9061L,
-        0x0e39db0b1a2ffc32L,0xea9414e1380323caL,0x0000000000000042L },
-      { 0xff010e54fc832689L,0xee1f4824c59214ecL,0x8ac0dc4a62b52f22L,
-        0xcca082d2dba63497L,0x03b4dafd826e8cd4L,0xbc3c59580f8ac57aL,
-        0xfa53329789525cb3L,0xc00ed59547ce0d1eL,0x00000000000000d3L } },
-    /* 13 << 35 */
-    { { 0x38ac2c1f27599c6fL,0xc8515670058fc921L,0xc95ee67684954ea1L,
-        0x7d87418fc0523bbdL,0xa9b8cc71138ac6b7L,0x0230bfcbd4f818f0L,
-        0x114c9539beee08eeL,0x32b57cb454435a17L,0x000000000000019fL },
-      { 0x997e7382d0b079caL,0xcd0eddd90952e376L,0x80c215bbc512362dL,
-        0x0d7da33c06ac1492L,0xb6eeaf325c2720a8L,0x90b67f842106208eL,
-        0x2e08a3ff7e0e56f9L,0x76e9b031c6afd704L,0x0000000000000120L } },
-    /* 14 << 35 */
-    { { 0x50c0ae1bbc78973aL,0xda11769b5afc5571L,0x72dca0e13989fc6eL,
-        0x270e2d671f23be5aL,0x0c9d34d48bb2aef0L,0x37f07fdb48ef02f4L,
-        0xff1c0206e0c549efL,0x9a62c16a6fd94255L,0x000000000000005cL },
-      { 0x368d1944785a3c92L,0xbab00ef3f92d17b7L,0xe8f15f69e6b2113aL,
-        0xd58342fff6b46f5cL,0xa0edf615ada12adeL,0x12d90798e7b4926bL,
-        0x284ca9e1671bba9dL,0x15def43a8ed23f9bL,0x00000000000001d2L } },
-    /* 15 << 35 */
-    { { 0x132dfd2814ffdde6L,0x9e0ba5fef2e1c419L,0xda21747db1dbfe86L,
-        0xd0fadabd78a62587L,0x50ce9d488a2d37bdL,0xb4ee4b8999d70e25L,
-        0x12ade8a38db8fbb1L,0xc03f3ecad2ef5fd5L,0x0000000000000188L },
-      { 0xfd17694aa2e6a2faL,0x1225dce9e3196a27L,0x25b09ef2a191bfcdL,
-        0xe260325f7975942aL,0x3e62541bc98342fbL,0xdc572b5772876fc5L,
-        0xadbbfef5c5ca0ccaL,0x16960b62028d57f8L,0x00000000000000d6L } },
-    /* 16 << 35 */
-    { { 0xd714194e2f415999L,0xa4b29d685128d8d9L,0xd1046cb83324ca57L,
-        0xe5e6a47504828300L,0x9c5c4f6c694c18e9L,0x84d00de8d01e5707L,
-        0x8ed94290bc2b3e66L,0xafe23a51ec6a6e31L,0x0000000000000141L },
-      { 0x2b996fae976e9c3eL,0xba0cc494be1288dfL,0xceb07fa6de8aab8eL,
-        0x7f460647985651adL,0xee200258189376f0L,0x21f13320f9a7ac9eL,
-        0x66a57bc58f3cd359L,0x7b13832775ed8259L,0x000000000000018fL } },
-    /* 17 << 35 */
-    { { 0xa54091b5fe742428L,0x9fb8d0ae9ec0b6bcL,0xcc9d3cfd658202baL,
-        0xbd1360dcdec5a1f7L,0x62b0e1a8e8f09c97L,0x66efebd288db9d06L,
-        0xe55656f90a30c3dcL,0x62ae035fed27ad52L,0x0000000000000190L },
-      { 0xdd740f0ce530b69fL,0x3d2642b8e83c5d80L,0xf42b632fcb53650bL,
-        0x94ffb5fb97b9f17fL,0x446299b5b4231998L,0x43df639e2a9a71deL,
-        0xeca5ac9a024e9ab0L,0xff1ee10a967d00dbL,0x00000000000001e1L } },
-    /* 18 << 35 */
-    { { 0x68d62207babd7e5dL,0x7618829b2368aad8L,0xd8bc9d594cb2e88bL,
-        0x8f4545f76fb516efL,0x0a5769f13078ffdcL,0xa7ddbd1aa5fbf510L,
-        0xc4c70ba312ba6fd0L,0xef602078f8e0dafcL,0x0000000000000016L },
-      { 0x6035217344f95785L,0x945017d70d3be590L,0xc12442d3ec7355cdL,
-        0x57fd71d8b71b36eeL,0x65aeb2d8ced7c563L,0xcf050f810155581fL,
-        0x6cf9c035b2f83a15L,0x302a86fc4cb4ddf5L,0x00000000000001fbL } },
-    /* 19 << 35 */
-    { { 0xd6296332f0be10e3L,0xaa891752113c0106L,0x3b36e13f465f6c3fL,
-        0x90cfbe2263274782L,0x3c2b63160c7104f7L,0xa12c5ed0f74fb1bdL,
-        0x6687e14716325f64L,0xeaf5b0a897e27f93L,0x0000000000000012L },
-      { 0x627645cc46e1d4f7L,0xfafd755a48296d3bL,0x5bb39b18554edbf9L,
-        0xe91e5bcea18115ecL,0x292b808ed880befcL,0x2a8abf44b42f1efaL,
-        0xfe48a1ec96bc93bcL,0x081792b8168933f9L,0x0000000000000077L } },
-    /* 20 << 35 */
-    { { 0x0e5eb14161f457e7L,0x92a3bacfeea01ebbL,0x564ad7678fc26d40L,
-        0x4f48057b446b177aL,0xf1255b23788fcc70L,0x1ac8aeff459f99eeL,
-        0x24731f8fc8af6c59L,0xc44122dacb32a633L,0x0000000000000114L },
-      { 0xce32416d6fad3db7L,0x59d803bd73ad309dL,0x211e641d0cc0c9aaL,
-        0xe385bce0bcc90bbcL,0xd24b7461c6690793L,0x31d7bc5e4908516dL,
-        0x268c54c4acbf7371L,0x95c7374121b9407aL,0x000000000000016bL } },
-    /* 21 << 35 */
-    { { 0x25a6ec1a4565257cL,0x56da9c6f45d4b786L,0x5200f490abb04ea5L,
-        0xf553a6bfa633d526L,0x8a563d61827dc74bL,0xd459b61db4bc0d1fL,
-        0xd0762e8ca49cce8fL,0x29c625e7ab89a9c8L,0x0000000000000091L },
-      { 0x4ce3b817f18f870aL,0x07ae3556c595c23cL,0x314772b0444d3dd1L,
-        0x7f09c046fc8efafcL,0xed25d47e330b71bcL,0x604967dfcf801ce1L,
-        0x67101fd2467cf3b9L,0x3ec2c9be15a86011L,0x000000000000005eL } },
-    /* 22 << 35 */
-    { { 0x5ee4bcbf9aa0a8c1L,0x3f701e41a37cddbfL,0x57790d50253a2decL,
-        0x594f2c7ff30ec59cL,0xd104ac878a383d81L,0x28c238510097bacbL,
-        0x961c3dc36de5b94bL,0x21b3dbc6dd673666L,0x000000000000004bL },
-      { 0x223f6e40bde60673L,0x8109ed96d88c2017L,0x3ce877773b960bf7L,
-        0x36b20625e3dfdd86L,0xc959fc6a737dc9e9L,0x9f3acc42635e8d98L,
-        0x4c171a9b4e87cf60L,0xec218d66033b148cL,0x00000000000000ecL } },
-    /* 23 << 35 */
-    { { 0x7f91a5a7bade2b11L,0xb2db06128afc083eL,0x17ac0a6acfbf6469L,
-        0xf0a36b26bbf78b3fL,0xa69725b4b4b48af4L,0xda7604dc4099e049L,
-        0xeaafe16b1c309bb4L,0xf50567b89f231c92L,0x00000000000000feL },
-      { 0x4fbc4f36d6af3953L,0x704506374fa5818dL,0x71c67575b7d018d2L,
-        0x1ed130f60d98cd48L,0xbba32ed1f5abe4f8L,0x90a0d5512ef01ac1L,
-        0x45da1ef510ba9c66L,0x28d732789d8a6865L,0x00000000000001e9L } },
-    /* 24 << 35 */
-    { { 0x4b52f6fc34afd3ffL,0x246423c4e0c6879cL,0xd21db87bae1f9e19L,
-        0xdb92edd51b56152cL,0x4a4aba09d420e95aL,0x21e9b73d912bbaafL,
-        0xc22a8b330f004632L,0xa90e4438f3b78c5aL,0x00000000000001abL },
-      { 0x7bb69d03a21ab7cdL,0xb0658b924a91742bL,0xd7386c4d4adc7123L,
-        0x981e8258ee6c6852L,0xb2ae71400efe8332L,0x5b91d439245b9f6fL,
-        0x8f2118290fda3b1fL,0x54beff28842e2ae7L,0x000000000000006fL } },
-    /* 25 << 35 */
-    { { 0xe8b3dacc713db46fL,0xcb8349a7f7365288L,0xa68504d17f939e4bL,
-        0x51411b60ddbe781aL,0xf7a8ba4b0fac5648L,0xed3a51aa99f6d936L,
-        0x4ba023ffd3588b2bL,0x16e53adf129cf4e2L,0x00000000000000c6L },
-      { 0x02ca237308fbb8e1L,0x90ae9b6d0b60e3caL,0x6776eee587d8385aL,
-        0x0d6b1b9314bc9d4aL,0xf68d1f6c8be2915fL,0xd0e01dedcaf0f0b9L,
-        0x31e1a76c60db9ce0L,0x882c3e86268d5f62L,0x00000000000001adL } },
-    /* 26 << 35 */
-    { { 0xb7715ceaf14e77a5L,0x30b15cbf85d3eae0L,0x99aada434b1d66a7L,
-        0x11e13473f303a321L,0xe075d04ca3c2fa64L,0xb02855205f4d07aaL,
-        0x3d838d13e5d0dbd5L,0xd65785326adca13dL,0x0000000000000082L },
-      { 0x3785f4d05fa73d0cL,0xfaba0633c4098f4dL,0x9d0a4e294f749d9cL,
-        0x5966c3debe4319fbL,0x97e059ae1a5367dbL,0x0333cfc26fa3debcL,
-        0x38e9675b283be3d5L,0xd800fdc824d7367aL,0x000000000000017dL } },
-    /* 27 << 35 */
-    { { 0xe425802eb9ecf83eL,0x67179c5efe330a56L,0xa25d8b602db73eacL,
-        0x6e954907ce31e6bfL,0xef2500fedf0e3b24L,0xacd2851f01fa4396L,
-        0x836d694c844ce475L,0x1a7d6c59d48a71ebL,0x00000000000000ebL },
-      { 0x25d87aac9839f111L,0x09fa18f8953ff5f0L,0x9b079ca013ca276cL,
-        0xcfa23f4558b56ba5L,0xbee77e5598b2b4caL,0xc8c1a305977b27daL,
-        0x8481c92fbcc31ad3L,0x88afda5311734146L,0x000000000000010cL } },
-    /* 28 << 35 */
-    { { 0x7532ad64b77714eaL,0xaa8b0d323e2ce07eL,0xaeaa4744b51e888cL,
-        0xfd08f7188e7b5816L,0x57016828e993b6a7L,0x69a9d410ebc5408dL,
-        0x2c0a373da91c70a1L,0x5b583311992d9800L,0x0000000000000197L },
-      { 0x93f02d300402323aL,0xeefa9c5481b765f8L,0x99557a399c28c31cL,
-        0xb410e5842d8a08a0L,0x70568fa7fe1a202aL,0x4ac9eaec07bcf04cL,
-        0xe4f69dc4367c9a04L,0xb483bddb581e3bc5L,0x0000000000000178L } },
-    /* 29 << 35 */
-    { { 0x54c022d2e7b598dfL,0x79e2cccef073700dL,0xa5336c980669c555L,
-        0x27cdeec12dc4509aL,0xcfed8ba84197e364L,0xd45ef416e15c075aL,
-        0x29454994f444e86bL,0x799e40a7cb4d8ee7L,0x0000000000000060L },
-      { 0x0000babdf8d904ecL,0x7653dc720e4e5eb3L,0x0d0087d05b6f7b42L,
-        0x38be9b10a6df9d85L,0x1240afd3b918bb23L,0x23d4f0c546176345L,
-        0x8242efed0c47ed2dL,0xd81070a93597fe3eL,0x000000000000002fL } },
-    /* 30 << 35 */
-    { { 0x1a52836470b32e66L,0x5b76dabb0e9b3086L,0x48b57c94382fa85dL,
-        0x49de76759cd9f361L,0x6c744071b5f63c2bL,0xb7067ebbe741cfa6L,
-        0xa95efc93702d19c9L,0xfd647a47cb409c01L,0x00000000000001c6L },
-      { 0x4c31f670f9f06368L,0x775b1698a075c748L,0xfb6cbb0fe7656e7dL,
-        0x69c0f805da1881a5L,0x1267496cc2fe6b31L,0x0612fb94d8926ee1L,
-        0x561807476cefc9dcL,0x5518665cf90f2aa2L,0x00000000000000e4L } },
-    /* 31 << 35 */
-    { { 0x64d0965b1258699aL,0x4318a056f7bd1b22L,0xe86e065bcbafcc09L,
-        0x7607f0446a179875L,0x368d4f652cc4b9b5L,0xae4dd2ebe34674b6L,
-        0x8ff7af5a487e0831L,0x6c65f9af48388679L,0x00000000000001f0L },
-      { 0x30078bec2c49e55bL,0x353adc525131ccecL,0x1a60d3e32e7e4f72L,
-        0xcffb559b0d8f9cf7L,0xf7ba89a6b2eb6515L,0xee0b6927ba852015L,
-        0x691a678d8a982a09L,0x70d6cf66d8d36085L,0x0000000000000178L } },
-    /* 32 << 35 */
-    { { 0x1683448de93ef527L,0x158fd9220e5b6f98L,0xcd0bcea6e23f2fa6L,
-        0x455d35de15982d3bL,0x2fc788d7bda98d71L,0x65d44c08f139b889L,
-        0x219749fd4105fd65L,0xa9ff816ae02f1fd1L,0x00000000000000f0L },
-      { 0xa2a53148e55948cdL,0x2d952f500cc0a0b5L,0x26f77e7161839836L,
-        0xa8bf589aad87bb45L,0xaf21e0fc6a9296e4L,0x917881207d394e96L,
-        0x47f3d38968622361L,0xf17141da090a8cb2L,0x00000000000001b6L } },
-    /* 33 << 35 */
-    { { 0x01279781a9d1af36L,0x135633e6209d1854L,0xca9959c34bcc2c26L,
-        0x9ea2bc68a8553b2aL,0x5f97d137804b7466L,0xa1790fc774b3739fL,
-        0xe150cdf4830b9a2eL,0x3b7a3f5850e4d1e3L,0x00000000000000bdL },
-      { 0x75a53d5299105ebeL,0x4fafc9b8bd00206aL,0x9fadf1e5d48baa99L,
-        0xcd2c901c2526d67dL,0xc2888298bf4b9ef1L,0xa185bc6b5615d788L,
-        0x66f7aae4c02b90eaL,0xb58dfd6d544bc9c7L,0x00000000000000d4L } },
-    /* 34 << 35 */
-    { { 0xbeac5a04dc3598afL,0x57afe9de8974646fL,0x729e165d14018728L,
-        0xdb5aa250c48f69fbL,0xbd3732ca6a2a9532L,0xfb8b66ed0953ae9cL,
-        0xc4b2791764a63ee2L,0xb3cee5a7b501889fL,0x00000000000001d5L },
-      { 0xf01d492bc01b6386L,0x940d92c8f50d3221L,0x5fb0717d1df2850aL,
-        0x53198fadecdc9e39L,0x3b43aaab37221dedL,0xa776ceb1fdfd723bL,
-        0x795561a2d6f780ecL,0x0ddf9112bd9c4c20L,0x00000000000001f2L } },
-    /* 35 << 35 */
-    { { 0xb2b958b192246bb4L,0x9ec1fcb042a8ec26L,0x7d035e6622501d65L,
-        0xef96b924dca60d56L,0x40aa7306904e72ecL,0x65df4ceb51cae3feL,
-        0x5588726f2e43f4adL,0x01b8b3c1ae60824eL,0x00000000000000d2L },
-      { 0x274d226496d3ef76L,0x706cf68d25663f29L,0xe211735d2bf5fb14L,
-        0x40d4f39b286e96f9L,0x2c31dc264a2cee83L,0x074f6ff7ccc7a3dbL,
-        0x049ab010073b5faeL,0xe8f39718a3d95de9L,0x00000000000000b2L } },
-    /* 36 << 35 */
-    { { 0xa58e956bdb750655L,0xfe67d0fba11d4441L,0x802a67090052ef49L,
-        0x7b37040d5393e1e1L,0xad57cd92a8bb9edbL,0xaedc34ed19bbc0edL,
-        0xb8126e59b39c8f27L,0x6a9f6ff2bda531eeL,0x00000000000000d5L },
-      { 0xc8b6e197c6cd7feeL,0xd9b0106ebfc7cd1cL,0x3c0e289b85aecd74L,
-        0xedb8f5b324b94e66L,0x3d0c40fa4ce2b7b8L,0x849aa40d48dca638L,
-        0xd6fc723dfa48d109L,0x4515db8af5dd0476L,0x0000000000000193L } },
-    /* 37 << 35 */
-    { { 0xb0683294383e3ce8L,0x844dc47e33ed51a1L,0x50c94e00d5996d55L,
-        0x267925bb3bd6b4f2L,0x604bd4192b0e3cc3L,0x52095d9846421982L,
-        0x55192496666ba499L,0x606df30c07e53b0dL,0x0000000000000092L },
-      { 0x3f2abad16f768ae8L,0xf2e7735ad41589c9L,0x61e8c3dce8516d55L,
-        0x28e7a45b76303e72L,0x2b702b792e5c0204L,0xdf2882d56c2ea1b0L,
-        0xebb4aaf6636de2e3L,0x9004996c994b5397L,0x00000000000001ffL } },
-    /* 38 << 35 */
-    { { 0xcc3ce574ac6839afL,0xd81a4213153dc2e1L,0x64829f778956f5daL,
-        0x884a66eb32d3dfacL,0x9a52938ce79ff6f0L,0x0d56f215990e8a04L,
-        0x723fbeb5a65e0186L,0xf97b1537897e6514L,0x00000000000000bcL },
-      { 0xf78198881229ee99L,0x08bf9c3750e4f43aL,0xf0b1d230513be81dL,
-        0x8d920ee5da4f7856L,0x9e796bc35527eb47L,0x55d5a35111049ee3L,
-        0xbb55397b9ccf6b0dL,0xfd8390b6d17e55b2L,0x0000000000000180L } },
-    /* 39 << 35 */
-    { { 0x8234b440d5d9e622L,0x32e428882d0e1ea8L,0xe6c81ec8c99d38ebL,
-        0x699cd82e1c6911f6L,0x6de7dd4f91d95087L,0x61e4d9397e50aea9L,
-        0xf41214b481faf2c5L,0xc1542f137ad1dfbcL,0x00000000000001caL },
-      { 0x17093e561e2098e1L,0x6971fadfde3dc089L,0xa5dd0f64be5223dfL,
-        0x8d77620a6d9a65adL,0xc3f34c417cbf0ed6L,0x7d4db21d9d25c237L,
-        0x09ca81b6e8037141L,0xc7fdf36262a876abL,0x00000000000001b9L } },
-    /* 40 << 35 */
-    { { 0xb817b9d19327a3feL,0xdf8ced7438fc86a0L,0x2f4869ed9e7c4a3bL,
-        0xc669a7c7022e4d73L,0x0712075affe0fd8eL,0xc59f461860ab5941L,
-        0x4c87781b6b168844L,0x0500f12a63e6a599L,0x0000000000000105L },
-      { 0xdf244b348e82038bL,0x78b822897d03382eL,0x8a995d805630be38L,
-        0x217987bd6eec82f1L,0x58d1319f3e083c91L,0x21230442c486ee90L,
-        0xd86f468d72c75e0cL,0x18abe0c5258783d0L,0x00000000000001f9L } },
-    /* 41 << 35 */
-    { { 0x2cd9bc83a782ee3eL,0xc6a91ca1e958c3feL,0xa54debb7cef64e5eL,
-        0x13b5af135fa73ebdL,0xbca16674c51b44e7L,0x338f4db0f95d0250L,
-        0x180e25555828c384L,0x6986868c0f86e48cL,0x0000000000000191L },
-      { 0x142eb0de6eaa2da6L,0x9637e5a057a6f82cL,0x7d8f0f3eb84c21f7L,
-        0xa3ad6bbcd40afd1bL,0x1a3cd6cdc1aee54dL,0x279abcffa6b9ea25L,
-        0xbd7ea9b9bada8b66L,0x326276b4e718fe19L,0x00000000000000f1L } },
-    /* 42 << 35 */
-    { { 0x65ac0bb815dc08a4L,0x9b10b48fc7249272L,0x2f699538403ae1cfL,
-        0xc4f720464df2cc13L,0x17bc249e14a28ca6L,0x8df067e5a41e3e9aL,
-        0xebbdab21cf185139L,0xe1eb3c38424aadb7L,0x00000000000000ecL },
-      { 0xb6e0e2277b05b001L,0xc762d6e11470a2b5L,0x6bc7a06efd43bfd1L,
-        0x5a47815c8ded3264L,0x1c717f27bd22d935L,0xe646d0b9b9dd3b0aL,
-        0x214767e6b264d058L,0x02cd9ec33f311afcL,0x0000000000000060L } },
-    /* 43 << 35 */
-    { { 0xc955625993b6ff60L,0x86bf8b7f7fca1753L,0xb14d3c3b96187d86L,
-        0xab1072c272d71a34L,0xce7cbb0d13fdfdc4L,0xae9ae97bd5bd0917L,
-        0xf3f150fb81d80e76L,0x5c972596c81ad986L,0x00000000000000b5L },
-      { 0xa46c1d9b50ed6bbdL,0x7d7a19d1be2ea4dfL,0x60b07dd08bbf9adeL,
-        0x6588d7bf1aa70d31L,0x289483929a089f74L,0xcf439ad0c4f70486L,
-        0x8753838310931614L,0xef1f89c0cfba8634L,0x00000000000001b1L } },
-    /* 44 << 35 */
-    { { 0x830e21f1e0d139ceL,0x999277dabb3c2b4dL,0x61d61a69008b64d7L,
-        0x3ea63636ecc3e4e6L,0xf278f8248d368e08L,0x5b5021ec52c1a135L,
-        0x49d77b1348ac51c4L,0x75a6dad231d8b33aL,0x0000000000000184L },
-      { 0x8979245368b03863L,0xeee0ec59459c5d13L,0x2215a723a762a714L,
-        0x3c61664047adac25L,0x3ea9bf8cf74e1d76L,0xe81f677183aef634L,
-        0xe90d300c801a214aL,0xbdacf70fbbdf6cbdL,0x00000000000000d6L } },
-    /* 45 << 35 */
-    { { 0x549ca8a62fc82ebbL,0x0966172fefb4da37L,0xbd657773f05f137eL,
-        0x9273f3b9a0a14c1eL,0xae7674bea56d37c3L,0xe796fd98e7eeb54cL,
-        0x690f7da335a31dd8L,0xa773d549f2bc1053L,0x000000000000019fL },
-      { 0xc61a2aee6e4461e5L,0xe788fcf6f11cab4eL,0x1e15e9ca7de73225L,
-        0x203c64df06c82462L,0xb6c8a5f360b7c125L,0x10a30ced94087cf9L,
-        0x244298d7aac7db9fL,0xadd593c3e38b5928L,0x00000000000001fdL } },
-    /* 46 << 35 */
-    { { 0xac92aa67efd692f8L,0x461a4f0414aa1b74L,0xf756506f6e0d1b70L,
-        0x49b9332e7202c5a0L,0xd458392bf4a3eb34L,0x70a6f237903e034dL,
-        0xf7e74bff376f0e79L,0x1bc49634e7406700L,0x000000000000003bL },
-      { 0x69e839c6aa0f8fe8L,0xa0b25fcee8e918f6L,0xf06f66d255fd9ea4L,
-        0xe54dd6f4c525cfd7L,0x0fcb1d3e1bab49adL,0xfe97828a8d6460e0L,
-        0xc8f87d5388be0227L,0x32bc6479a1578dfeL,0x000000000000010aL } },
-    /* 47 << 35 */
-    { { 0x05a8ef77b79714baL,0x221f14fe8c448461L,0x036b54d7ebb08ec8L,
-        0xb1fe5c5abc4ae646L,0x68b64241fa20e161L,0x6c4ed74f692e9ad3L,
-        0x906e788265157d53L,0x34dba9f715097f12L,0x00000000000001e4L },
-      { 0xc9480d587381885cL,0x028e2690706a98a3L,0xeeec9a743a34e3a5L,
-        0xb249016cf655d964L,0x305946104c688049L,0x9e7bcdf9637460ebL,
-        0xc1a40951e8f969beL,0x144d1507a47ffb9aL,0x00000000000000b1L } },
-    /* 48 << 35 */
-    { { 0x93f63503110a8e2cL,0x8bcb929fed94cafcL,0x44934ed35baa912cL,
-        0x4dfc0eac7920fec0L,0xf2f642bb86b99a2bL,0x0e2e59bfd0903505L,
-        0xcc44edd3ef99237aL,0x98cde5795af6f89aL,0x000000000000000fL },
-      { 0xf279af6dd1ecb2d4L,0x2c520d717a4ba4e6L,0xce33faea662b4f22L,
-        0x5d2c6df333ddbc4eL,0x5c2f283138dcc3b7L,0xbeea8bbc5e64ea59L,
-        0x434aad230772c227L,0xcd6d33c871062cecL,0x0000000000000007L } },
-    /* 49 << 35 */
-    { { 0x59bd148246810d15L,0xbc56caa70ec29531L,0x11fe2559ba32ad70L,
-        0xcdeaf7da9b04c10dL,0xa556a5eee042abdbL,0xf5bada661c47b667L,
-        0x134006e409d62e56L,0xede1067f8a871ddbL,0x00000000000001a0L },
-      { 0xe87c38b88ef287f2L,0xee72603243670334L,0xe21a09b60809c366L,
-        0xaf24199e33fbad00L,0x99a879c66232ebebL,0xfb8b08a73b1c8edfL,
-        0xe8cbbe4589ee6cf4L,0xf4ba2e5b2ecf414aL,0x00000000000000b9L } },
-    /* 50 << 35 */
-    { { 0x332d72a9ed527173L,0x4c71937716c49b89L,0x7a127d87b684d892L,
-        0xedb45e899f77ace9L,0x68ecf908296cadb1L,0x917a4d8b8ce0247fL,
-        0xc7c634e3094ff83aL,0x095bd5da5ccc4d40L,0x000000000000000eL },
-      { 0x27e9246e4f7ddfa2L,0x7ebad205fca8cbe5L,0xc99c9b0be453080fL,
-        0x1896f632232df338L,0x2e0647ce4226a666L,0xac91062c634cd754L,
-        0xf0df151c71368fc4L,0x53d1a5a831f38365L,0x0000000000000114L } },
-    /* 51 << 35 */
-    { { 0xe1e928f1f39f6d35L,0xaf73a1624b4eae8dL,0x599d1e428e29612fL,
-        0x6e7b4c2da2bd2b03L,0xcaa94b7e5ee08f6fL,0x26452280a708c9e4L,
-        0x4753c0e9eff87fb1L,0x9b9aacc612d79464L,0x00000000000001ffL },
-      { 0xece3bccc055d6691L,0x80f7b76baa64ed7dL,0x63a1053ef4adacb6L,
-        0x3f5e833d69482071L,0x8ab2d2e776d37d8dL,0x7b4984d4509e5d79L,
-        0xe5a32d95009cb254L,0x12f2ee9dde547828L,0x00000000000000ddL } },
-    /* 52 << 35 */
-    { { 0xeb1a46cb0fe7547cL,0x7ac12a6c6dc6c819L,0xaa7ee65698dfd5bbL,
-        0xb28ce5904b306758L,0x4d7945bd2c268cacL,0x10ac23b8b94ae165L,
-        0x6e1efae24834d9ffL,0xb2b5efa68220fd25L,0x000000000000001fL },
-      { 0xbff886d8844e5b7fL,0xc242fb3908602f14L,0x9f9bce94f58b4aa8L,
-        0x80e46cc5c48583ffL,0xcf29272952d4ade0L,0x38f3ac0b3f65f345L,
-        0x8ff60c1263b097e5L,0x35ecd555287b7dfdL,0x00000000000000d3L } },
-    /* 53 << 35 */
-    { { 0x278102a1a5b222e4L,0xdc5f6121b47a6032L,0x2d38216511dbcae9L,
-        0xc63c21bf42bdb2c3L,0xafb68446d7dcac98L,0xe3685e2c3cd2e244L,
-        0x414b4974731f6884L,0xd741f91c9dca2bc9L,0x00000000000001e0L },
-      { 0xd0a669e178ac8c45L,0x07fa58a7b7b43ab5L,0x5fd07638f2052d03L,
-        0x4f0e4b2faa9999feL,0xcb9ac71370fd1eaeL,0x9410da48ebee3806L,
-        0x7fcbdae832a700beL,0x488b3853abe7c10cL,0x0000000000000154L } },
-    /* 54 << 35 */
-    { { 0x8868bd8fe499eecbL,0xd00762e79257c00bL,0x4e58b972773fae1dL,
-        0x0aff71c0bac2df50L,0x3ed0b4a37887e1d6L,0x627024cc558b9dacL,
-        0x9e13a0f7c4135286L,0x4491810f6ebacef7L,0x00000000000001f9L },
-      { 0x6d08b913f5189d9fL,0x8312190a24b2fc37L,0x3c282ef702c1068fL,
-        0x40cba7b5bcc75f8aL,0xb992a9c6dd4704f4L,0x437dc8551cf0f9d2L,
-        0x7f902ae7786d0addL,0x464c08c2f6b23723L,0x0000000000000125L } },
-    /* 55 << 35 */
-    { { 0x153be35473256476L,0x632f6ad7cdbfb55dL,0xeacb063c1701fa3dL,
-        0x711992817e50dabfL,0x8e70efe0e361247cL,0xeef996913d6c2584L,
-        0x99342b365f1a7172L,0x82aa3e46a3be3898L,0x000000000000013bL },
-      { 0xb6926ffd3bcc0564L,0x80027de19f27bfb8L,0x0a6cec9deb09b4cdL,
-        0xf952ee6b237c12e6L,0x20b2d4160475ed2aL,0x533c12b6f0643f11L,
-        0x11bbdecdac6468acL,0x651e84e95b039866L,0x00000000000000c3L } },
-    /* 56 << 35 */
-    { { 0x90a60e09bd58611dL,0x19f9e897807acd15L,0xd14b65a53359e712L,
-        0x3a8cd601ba2e3c02L,0x3ebf3dc780855419L,0x0ba3dcc9993da1c9L,
-        0xd926fa9c763aea46L,0x5ee8f9003720bb78L,0x0000000000000094L },
-      { 0x9ab2f1db266ccac9L,0xc5c9efa5c6c9d71aL,0xe65768f4ba1a6c65L,
-        0x80f0f12041ee29cdL,0x8fbbe2f2a9fda865L,0x678e08db3f325a3cL,
-        0xd72a224576840159L,0x934c1904a4d8a7b7L,0x0000000000000108L } },
-    /* 57 << 35 */
-    { { 0xb8c07819e38a2661L,0xf92e9402c650e59dL,0x850a80f7d03a96cbL,
-        0xf0ea0c7a76ee02d4L,0x02d96e07379b1ef3L,0xd5859369a8a6f8e5L,
-        0xb4f7b27644e88c39L,0x8f739a71219c6d30L,0x0000000000000186L },
-      { 0xf88fbdd26ae83e11L,0x1fc231f84717aec8L,0xce4d216fe7ac9dc8L,
-        0x8c12832abc741f40L,0xa80e842a9f5a5cb4L,0xb9bc23a867283096L,
-        0xf430ff4d9f6dbbbbL,0x45c97a92f754b3cbL,0x00000000000000ecL } },
-    /* 58 << 35 */
-    { { 0x16ae9ad4b70d4afdL,0x9c91d2ff7b8ce81cL,0x3e1a68ffeaeff601L,
-        0x99980d7d3c05df00L,0x96c29797ec215736L,0x6b6bf83e0a99316dL,
-        0x8054259cf62899d4L,0x9f39008f36676143L,0x0000000000000179L },
-      { 0x2a1d68baa09fd65fL,0xb072da01ec5477d0L,0x140d29fa404cf420L,
-        0xdea8aef7aeb69f20L,0xea9606763125f663L,0xa26de345935e02bbL,
-        0x4c0152b7e9df1fe1L,0xda6d781f6b1162bbL,0x000000000000019dL } },
-    /* 59 << 35 */
-    { { 0xbb583f128d5542aaL,0x1e29f9ecad0e801eL,0x02f793efaccc9b85L,
-        0x1860130f78b3365aL,0xc802165b57c401c1L,0x6f5837856b64648eL,
-        0x78f10b17e6256a68L,0xcd0480700f5c43c2L,0x00000000000001b8L },
-      { 0x1e171d092dd5f89eL,0xc80605272a1458eeL,0x63b259191e335fe5L,
-        0xddf7e4de6c2fe24aL,0x80d9ad40e1a3ca49L,0xba447a3c45a9751bL,
-        0x79a8b213fbe20918L,0xf998902bbd826959L,0x0000000000000114L } },
-    /* 60 << 35 */
-    { { 0x4d0c9dda2123b077L,0x3719ed5f6ec3e16fL,0x76e14fb3c9becf2aL,
-        0x7dc73e7accf6aa22L,0x0a75e100ff4a5f27L,0x2989ac9a67dc8054L,
-        0xb33b298936f3d4bcL,0x0d79fbdf97f57f76L,0x00000000000001b4L },
-      { 0x375f79ecdba7f5bbL,0x74babfbe620e1045L,0xaab000d015cd82b4L,
-        0x8d9157aa4d992702L,0x6bcd5a63d172ff7fL,0x21e3f97b1b8b959cL,
-        0x441526998f55153bL,0x77e4a535e4da53acL,0x00000000000001fbL } },
-    /* 61 << 35 */
-    { { 0xc760c5eb35a8ed76L,0x8541ae9427f20985L,0x8a3d6f6810483c73L,
-        0xd591830c3769b499L,0x398ce1dcc595ef94L,0xbc869a47fb6918d3L,
-        0x9142551146b1edc9L,0xf492ed9dd2a4555dL,0x000000000000002fL },
-      { 0xd7e24885b950c177L,0xf90c3a0f3f6c9fadL,0x415add2251346351L,
-        0x756021d26e45e3f0L,0x72d65b4ecbc2463bL,0x53f3c07f1d91adb8L,
-        0xfd0b41b9a53cbedfL,0xf9a3af4ca9280662L,0x0000000000000112L } },
-    /* 62 << 35 */
-    { { 0x6a014cb6220edea6L,0x00dcaecc734585b6L,0x8d16a80d06d56992L,
-        0x3aa9c24e844d8382L,0x71822c10f37e3563L,0xca2e4d4a8db2350dL,
-        0x799322647ddafb6eL,0x8529609524430c95L,0x0000000000000125L },
-      { 0x8c63f30844734d8dL,0xf46aabb1d60d0ba7L,0xe8395fc9b18fc0c3L,
-        0x042d21115a21c6b9L,0x1b5e8a27cdcb4261L,0x50632338e3efa848L,
-        0x60640eddc6805c4cL,0x6273c772ea293267L,0x0000000000000127L } },
-    /* 63 << 35 */
-    { { 0x386e53df690f045fL,0xf7efec6f9776e13eL,0xd24ce88d1988fcf0L,
-        0x0b5d478a3fc9102dL,0xc08a3154a9efc4f5L,0x06d0820155e4fb51L,
-        0x03e1529886b656d1L,0x456f88bd833c233cL,0x000000000000013dL },
-      { 0xbba27abb7db3562aL,0x05c60b050a210d7bL,0xd46a2c3778da9e61L,
-        0x7b6c46bc07fcae8aL,0x3993caae6c9035bfL,0x48e1c8d96b90aeb9L,
-        0x01561d3435f0b54aL,0xe9cf0fd81ed47430L,0x0000000000000003L } },
-    /* 64 << 35 */
-    { { 0xa6149ac821a91383L,0xfae0515c63176a50L,0x436d0d6a696e3e7eL,
-        0x3d44ea3eb32b2e16L,0x142644cc66f3bbe0L,0x697d5cef82322b00L,
-        0x384543c64c388edbL,0x4afedcffd395d1d1L,0x000000000000002dL },
-      { 0xa7b35fac84cec5f9L,0x003daaa65d827e5cL,0xc7c5f3d3dfc8263dL,
-        0x8dca1315d98790d2L,0xb1f54568f00346beL,0x3e6f6876de680d87L,
-        0xde73e95b6af2e269L,0xa5969ec77e8fae93L,0x0000000000000185L } },
-    /* 0 << 42 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 42 */
-    { { 0x747e8dddbc0ffee5L,0xa50f058afb9178a5L,0x14f41c93b2d52777L,
-        0xf7c95492aecac13cL,0x9698bef3b7f715d3L,0xbd7fabc2f132c199L,
-        0xbec856136e9b47a4L,0x08c7486e62f85cadL,0x0000000000000036L },
-      { 0x3a44d74eb39c9ba2L,0x22b4c6aee89de157L,0xfe4985bbb93dc56eL,
-        0x85d435bfdd1201aeL,0xa01e7f53aa68d442L,0x2a4fcf509d9afcdaL,
-        0xcc4c5b5c6b95d6f4L,0x5e8afa0e8c390221L,0x00000000000001c1L } },
-    /* 2 << 42 */
-    { { 0xaa498bba799e30a1L,0x7e193db1562eede4L,0x4dc49402f4a94bc1L,
-        0xcb63d972c4d7d024L,0x98d59716f6778b61L,0xe6c0a829b40261e4L,
-        0x5f1738fb65e3b28cL,0x3c4e80d216a75ce7L,0x0000000000000035L },
-      { 0x376d19ef733ded62L,0x9400e36e0a93203dL,0x013ef7caf98ba94bL,
-        0xb7556ca035756aaaL,0xc6b8b05a2f643611L,0x23891b32438f759bL,
-        0xecc9927e27f69733L,0x2ebe0180969ae58dL,0x0000000000000069L } },
-    /* 3 << 42 */
-    { { 0x9417c585174bac49L,0xac479ed35fe90109L,0x40cb51ddc374556fL,
-        0x2767e7c46cf0ff89L,0x0df9e9546a284db1L,0xbf89af89b317ca42L,
-        0x863018a69d05c5e5L,0xb68c6f8129717e9eL,0x0000000000000151L },
-      { 0x69a97e79a12e3bd5L,0xc85780bf4a057173L,0xab4d585f2bfaaeadL,
-        0x039589dfaea4c334L,0x38823f8a9a840138L,0xe4448b345b0d8117L,
-        0x9fc3060247e9d309L,0xf9f42989a44f2124L,0x000000000000004bL } },
-    /* 4 << 42 */
-    { { 0x6f7f2fe8b6813f72L,0x95f979fe940210f0L,0x42cbd8d71a409657L,
-        0x2e2d2f08474c141bL,0x63e5eff052a6a362L,0xcd24503eb1c5a27dL,
-        0x30335d77db08b256L,0x827057cf9724bebfL,0x0000000000000003L },
-      { 0x6b372ca7dc5feef6L,0x7557c331d06696b6L,0x4b10d90b4a42090fL,
-        0x2c93e9846f10352bL,0x72ac24ff2b8ded01L,0xfa53f5dad8c833a6L,
-        0xc166ed4b7c9354caL,0x81df59a09e3b4cf5L,0x00000000000001faL } },
-    /* 5 << 42 */
-    { { 0x3d37b5c3f1e8092fL,0x52f9d7f02083e034L,0x2f7de776ee86398eL,
-        0x302298c9ac0cfc7fL,0x08b41a8f7f5bbbf5L,0x331ce968d91f52b2L,
-        0x1ec1c1dc1cb43d1cL,0x6c93d72038545bc3L,0x0000000000000121L },
-      { 0x9fbb15c9f1925474L,0x2779a1a6c6e0020dL,0x367a921594e71878L,
-        0x4a1ce464e2692460L,0xa3c5e4560c3a5aefL,0x5dc2ef3ced47ac93L,
-        0xd27ada21415bd438L,0x90ca8c3166b0f5ebL,0x000000000000007fL } },
-    /* 6 << 42 */
-    { { 0xce8865dc68f7cf0dL,0x9734bed0051db980L,0x6c1ebfc3805247b4L,
-        0xd80a3c973be516f2L,0xfdd123b9beafd70bL,0x6dec300ae3a84da4L,
-        0xe6d7e14f24178c07L,0x39810dafc4a67c89L,0x0000000000000067L },
-      { 0xfea3bf4eb47aea7eL,0x8394f3c24a4fe2ceL,0x50753f252a191024L,
-        0x39846eca1cc794e3L,0x6ce5aa37c806fa24L,0xacacd14890982be7L,
-        0xbab241b1ed46b6b3L,0x7b696b06ecc56027L,0x000000000000010dL } },
-    /* 7 << 42 */
-    { { 0xda69cd2586c38b08L,0xfca9f4e06f3fb63dL,0x80d0a99f6a96c788L,
-        0xd69615b854e77f31L,0x17eab3a318a78b2dL,0xc66044b4227cf99dL,
-        0xd2ed45988076af9dL,0x2bfd33d7c6fdca97L,0x000000000000014aL },
-      { 0xd6701f8ed292c052L,0x0b5afccd75d952dbL,0xf6cb5727fc4b2866L,
-        0x39ec93d2bb220367L,0xafb0b16b7c18bfc9L,0x198e2dfd9803aff0L,
-        0xc5ff9fc4d2b124a9L,0x7ff8ab6a82414a7eL,0x0000000000000009L } },
-    /* 8 << 42 */
-    { { 0x8ce9e114e43c6a8bL,0x4ee9f8b0804168b8L,0xf5fffd5b5fa74509L,
-        0x4589d84cdc20088eL,0x00cdb864d8cca5adL,0xfab8ee1674cb7285L,
-        0xd5e46fc6ab702098L,0xcaeb2ef79cdb1896L,0x00000000000001ecL },
-      { 0xf5886bbc26b04438L,0x61613d0ed9567198L,0x749eb5d8ca99b91eL,
-        0x5861944d53b41996L,0xdc22071c54df4765L,0x1f6288a8b8414aefL,
-        0x6b34db2f7ff1c5eaL,0x5edf2873ff5262b0L,0x000000000000002eL } },
-    /* 9 << 42 */
-    { { 0x239a57b62bd9413dL,0x341d26f30136f66dL,0x9e4222cf78b3a484L,
-        0x76a6fe313e227fb8L,0x9d724ac0af025ba5L,0xddc57fc691ab5699L,
-        0x8b768f35e278e0ceL,0x485f7b177c12687aL,0x0000000000000198L },
-      { 0x3d6e79f4688c325fL,0x45b4d50680cb1ab1L,0x92f89190ab8640eaL,
-        0xd70c0dc4e079ffe5L,0xa80c729bdd78e9ecL,0x2b7956208591ab90L,
-        0x5cd2ea6e7f90dc9bL,0x7790417ef057c6c7L,0x0000000000000024L } },
-    /* 10 << 42 */
-    { { 0x3688c2cfb08b842dL,0x46e70a8b509af85bL,0xa580b032ae4e0ff6L,
-        0xb945d72433674d0bL,0x58bfa0dbb95b1c05L,0x3e5e9d8e35ca8038L,
-        0xe0ef29bd3ad503b7L,0x9f300fc22fae5708L,0x0000000000000148L },
-      { 0x7c225981128ae9feL,0x1d205a4dd0101b45L,0x95c33725f98e3575L,
-        0xc2c9df812443a70aL,0x1be7bd1c134b6ea6L,0x70b8bd656f1a4e1fL,
-        0x7d3e41455ee45a2eL,0x27bc05477e8f38cfL,0x0000000000000117L } },
-    /* 11 << 42 */
-    { { 0xd8495a1a4ffde107L,0x82acb1112b7f0d9cL,0xaf106329c3622c88L,
-        0xe61140ff59f698b3L,0x75bd953659068866L,0x03d5841c591b7a27L,
-        0x967eb69f7bdc7639L,0x504f158a5e4ec11cL,0x0000000000000137L },
-      { 0x4b1ed56a9f2d48a4L,0x9f0ade2220312abcL,0x07898cc964b74837L,
-        0x082d0eea21d92392L,0x6c1103086781ebf3L,0xef9ecbe4e9ad8425L,
-        0xbe46c0f330b02c57L,0x2b1d60726267db5aL,0x0000000000000139L } },
-    /* 12 << 42 */
-    { { 0xcb9e50b3cc6dce31L,0x0b656fda60399388L,0xd3104fa3600d4b62L,
-        0x7cfc68acb660e0eaL,0xd8c2218add9f415fL,0xb3e0d7c626c649d9L,
-        0x37e6279f4d09f7fcL,0xe9ef720e136ad787L,0x00000000000000e3L },
-      { 0x0bada672d03870d7L,0x553ef23f815592e0L,0xc1132ad8b8dd5471L,
-        0xd8666e9fb80b521aL,0x38f49d542c62908bL,0x3095f1bec9f15b3cL,
-        0x5aa771bafe8866d7L,0x0fa253a28590b3cfL,0x0000000000000015L } },
-    /* 13 << 42 */
-    { { 0x6e37d1fe56b126a7L,0xdb1215088ecf27a8L,0x3012eca692def89aL,
-        0x03761cf976effd5cL,0x9b49af9365fe555cL,0xd4cd598969a41926L,
-        0x506c406f65022be0L,0x4b49c23050baebc6L,0x0000000000000154L },
-      { 0x6fdd3549c425eca7L,0x42690f8c7dd8dd57L,0x866a6a5097938d4fL,
-        0x6e77025f9055da56L,0x7ba19f35e0dd3935L,0x57a71e7db1e74f01L,
-        0x4a9fffaa48000494L,0x5c18a259085743ccL,0x000000000000011cL } },
-    /* 14 << 42 */
-    { { 0xd38ceb253d23e873L,0x94c2501ab6c80ee0L,0x8d03f7c2d5c233a4L,
-        0xd86ee22efb9f0759L,0x8b57c3981344aa31L,0x21f15c8d4b44d7e4L,
-        0x22cba67334bf4ed1L,0x2d459d4f587690f1L,0x0000000000000038L },
-      { 0x3b954f93b9acda8fL,0xc41e5265e7721250L,0xc76c15110881961bL,
-        0x2a0b4efd6e53d2c8L,0x350455dcec0adfc1L,0xd7ac97bd922255b8L,
-        0x39d023ee4c4c50cfL,0x1fc03d079473b093L,0x0000000000000183L } },
-    /* 15 << 42 */
-    { { 0x57c3a1e1315a5a83L,0xb75058039091dc2dL,0xb9c26bcd9d320a7bL,
-        0x13c81a8a12c8df41L,0xab970177f757a70dL,0x8f2be088a4a27340L,
-        0x01636d7437506668L,0x940d42aa8a92e58fL,0x0000000000000025L },
-      { 0x32a6a8b7201c31e5L,0xd1c8f9cb0fcf80e1L,0x7fc5fd9302fcef41L,
-        0xa09c4c02472f6386L,0x6a852fb75767dd02L,0x995703ec3d17f69bL,
-        0x10cde7934fac3a32L,0xafa0f0edf71bbd98L,0x0000000000000065L } },
-    /* 16 << 42 */
-    { { 0x49d0e9bbf1a37365L,0x650f8e4e523ffafeL,0x37b691a0517b3aacL,
-        0x73372e761824cba0L,0x0c0a1ac3063372e3L,0x2387470841aa63edL,
-        0x1d70995daf840388L,0xea733e27491b2e8dL,0x0000000000000122L },
-      { 0xeb6e7c3b573b43edL,0xa645f29308f87584L,0x19a56fe0af100aa9L,
-        0xb767ce92b1d5fdbaL,0xdbf9b1b20c349030L,0x42f0cdf3586e1ab8L,
-        0x65876bea99631140L,0xbf016fd8268af542L,0x00000000000001acL } },
-    /* 17 << 42 */
-    { { 0x746b65d463a3307eL,0xdcff899fa57f17f0L,0xd9adca93946f6eaaL,
-        0x0ebe65fc04756a3bL,0x2653a837dfb99071L,0x3a80de4c3b8ce452L,
-        0xc64562cd4fff1594L,0x02dce3ea859d741aL,0x00000000000000e9L },
-      { 0x1a949222944de68fL,0x1535fa32a48135b2L,0x2691dcbf6a03cc87L,
-        0x99ddb4450fb1f4e3L,0x621c99c2eee93dd0L,0xb9debe99ffbc6597L,
-        0x64a5568250d2fbbaL,0xdeefd277ceda3428L,0x000000000000017eL } },
-    /* 18 << 42 */
-    { { 0x379bfe948e2cc41eL,0xef843d504cbaff27L,0xa541389d608dd952L,
-        0x7b3cda475d24e091L,0xa66d480fd051a610L,0x082af70b435609c5L,
-        0x00529182762a5791L,0x6f4651518460f5f8L,0x00000000000001d3L },
-      { 0x53c20bfeab267f94L,0xb8917621293967f1L,0x176c8af2c7ca82c7L,
-        0x875c7792331a2dfaL,0x0a34cdbeaace8970L,0x2228eeade29878a0L,
-        0x64ebbedcb9e6b75eL,0xebc8fa2c87e5fbcfL,0x000000000000001fL } },
-    /* 19 << 42 */
-    { { 0x677eec9a5c8cb438L,0x898a62466444b1f1L,0xfd46a21196472331L,
-        0x7a4f96db39ad4d79L,0x24a03f04113e2f4bL,0xe39a949531a0af3eL,
-        0x7efd887bd3774f4dL,0xc58e8360638e2e62L,0x00000000000001cdL },
-      { 0x8e289acabcd909afL,0x5c99d510d5131f29L,0x5d5122b8e85edbd9L,
-        0x919b2e2d6e18283dL,0xd740dddc5070b20aL,0xea31401ae4d879e2L,
-        0x14ff112abc0c3eeeL,0x1a6ad04b61dd98e5L,0x000000000000012fL } },
-    /* 20 << 42 */
-    { { 0x3133809747525f3bL,0x49551e31c6cdf694L,0xdfbe83625b9451f1L,
-        0xfed9c23bee491931L,0x5270a02f324d645cL,0xe323781f4175d154L,
-        0x31511e52ff475990L,0x0b60cda369b0445eL,0x0000000000000082L },
-      { 0x822e418092fa5405L,0xe78f939b6b4d67b8L,0x6f09c296265e1b54L,
-        0xf6ef60ddb6baa0baL,0x1d83f2968be593baL,0x777e06327e71d499L,
-        0x5db334162e0ded5eL,0x6800dc32357e1be4L,0x0000000000000077L } },
-    /* 21 << 42 */
-    { { 0x519d71ba17d9dbd3L,0x70caf81bde95e99aL,0x067d64fb20043aefL,
-        0x533a02d15cd816c7L,0x662d9255fa0316f7L,0x7a04f551f523f7a0L,
-        0x5e00f334ee1e5d9aL,0x246b5aebe7439ed3L,0x0000000000000132L },
-      { 0xdf48079568d4c2bbL,0x945bf6c579f10fbeL,0xe817703aa572433dL,
-        0xd9c8580c61013cf1L,0x0e77739ac9d9bbe6L,0x2d2a8c7aceebe40dL,
-        0xe5561526c853e2ccL,0xa6cf89623e9b763fL,0x0000000000000147L } },
-    /* 22 << 42 */
-    { { 0x284322075173f4b6L,0x774e95f84181e605L,0x36b97d1c4247bcb6L,
-        0x46efcfce781dc2fcL,0x401d5ab2e22608d3L,0x6b854062c32b8fd1L,
-        0xb99d2e90c0486953L,0xefcb9abbaa770dd4L,0x000000000000018cL },
-      { 0x44a667184ef47c94L,0x3a5e72bf4f3e8c89L,0xff303101df7dc70dL,
-        0x4029bc66a63c3782L,0xf74a21b993c6a3feL,0xca320f1afb0d401eL,
-        0x80d8bd7447c8d5c7L,0x20da72fc97e610dcL,0x000000000000014fL } },
-    /* 23 << 42 */
-    { { 0xe29af3f05a5540f8L,0xe1ce7efc815f0154L,0xe3ff74e8e67013a7L,
-        0xc51d9c7ce89998d7L,0x93913371cde4787cL,0x72b290126ed58fccL,
-        0x61f6d6b908f0c14fL,0xe3aafef0f44b2791L,0x0000000000000119L },
-      { 0xc72229012a036f1bL,0x1ecbb2c2387c8c54L,0x6ee742220b32e10dL,
-        0x51440a0c8a95e719L,0x3d20b7fb998fcd81L,0xf52f182651a10e47L,
-        0xbac05579a9edb43cL,0x05aefa586b0f7532L,0x0000000000000143L } },
-    /* 24 << 42 */
-    { { 0x7992da26804ed5e3L,0xac4677b05fcc6497L,0xb1a09585208ebd95L,
-        0x1c0cfae7199d3419L,0x7c862f540715a11dL,0xd23e934f9cab55b0L,
-        0xfd5d250ad4310fabL,0x0976782caef426bdL,0x000000000000005eL },
-      { 0xf78b0a7a2a7d5b37L,0xf31c5594fedf69deL,0xb2b9e3f157f76616L,
-        0xe9cfa2f23040cca6L,0x8a91bf0c5a72502eL,0x71f8a5b63c810d16L,
-        0xc9701ce42a7666dcL,0x2da80d6c216a59c5L,0x00000000000001e8L } },
-    /* 25 << 42 */
-    { { 0x869a4db4310de1c9L,0x81d5423c32f9190cL,0x42e3244d1db414efL,
-        0x09c8b865ced2746fL,0xd49a9c37e3ebcd63L,0xf0120bc11b4c24b1L,
-        0xabf538a709b52979L,0xe04be5a8f0f3fce2L,0x0000000000000139L },
-      { 0x17738b903126b962L,0x723f5845c088121aL,0xe3d9c64015629c9fL,
-        0x509e97d95b8dfc68L,0x578a3869fc16c27aL,0x1bab4b8ea2a47461L,
-        0xe1443bf0c957e6f6L,0xe9cc17852bcdad9dL,0x000000000000002eL } },
-    /* 26 << 42 */
-    { { 0xa2f2f2c1f23794e6L,0x6f6281621181e396L,0x2e9bab64fced0d2eL,
-        0x631f7e60c6bd7b02L,0xf0db7f12468fbec3L,0x854afaf573c8b79eL,
-        0xf579fbedb0de4a3cL,0xee13e418678e1e08L,0x00000000000001b1L },
-      { 0x1c725f6e874ac8caL,0x85414cf3fbbfc22cL,0x5262e129ec3fb934L,
-        0x6facf53f4a0f37deL,0x6811fea52216fde7L,0xf63e665515b977caL,
-        0x63c2344877533feaL,0x2481232a38302196L,0x00000000000001c5L } },
-    /* 27 << 42 */
-    { { 0x5e06ff9c56e023ccL,0x8a89de8fdb3e3bc7L,0xa103d54745fa4924L,
-        0x788c59a2e1c033e8L,0x4f7c33e967f782afL,0x2f37668d9ba93c12L,
-        0x73d6fb8aa10f70a2L,0xdca22ebded2fd7b3L,0x00000000000001c7L },
-      { 0xf6b6e6fbe8f38522L,0xcc7d7c45a5a249aeL,0x6a5235175bb4caffL,
-        0xbe60043dbe38ee66L,0xf0dad8cd1c96b5f5L,0xb597c1546c3e4799L,
-        0x3f06c2ab2c9871edL,0x4581dffb3963ae2bL,0x000000000000013eL } },
-    /* 28 << 42 */
-    { { 0x46fbcf70aad63226L,0xc023eb8af2c43f64L,0xab1b684ca3f42111L,
-        0xc6262621d12cea22L,0xa2539d86ad523f98L,0x76b98970b45f0b6fL,
-        0xf9874df8d788809cL,0xb24620c7ab358b89L,0x00000000000000c1L },
-      { 0xdd50316f92e3b976L,0xb6a2fed9ecdf1dc5L,0x746bb5d67f40b693L,
-        0xb76ce9e40572240eL,0x5c65a823084f25baL,0x51ba6ed9b9890ec6L,
-        0x3930dea2cad192d9L,0x2c78150416dd9bfcL,0x0000000000000126L } },
-    /* 29 << 42 */
-    { { 0x3e8797c7ef8491edL,0x7842b2dd5f13493eL,0x2c99f9363afa2890L,
-        0xe3e157b785014501L,0xaea92ae17774f4f0L,0x05b7b3bc560e63daL,
-        0x3d2b8875bf8030a7L,0x21095ef3004c61e7L,0x000000000000004bL },
-      { 0x203687226361e4fdL,0xc9d8ecca7cb95f1aL,0x1063e19ed5c7cc5eL,
-        0x0bb0e71d020a9508L,0x5b895541fb092e99L,0xb1733fb8dae4a59cL,
-        0x2a3ef56b29edfb53L,0x75c1ba1c389ab3bfL,0x0000000000000090L } },
-    /* 30 << 42 */
-    { { 0x0c3e572a0fc1e4e8L,0xdbded0b529787f66L,0x103a656853b84d7fL,
-        0x939253ddc74bef10L,0xcc3f928f5bb84406L,0xbab921429ba6615cL,
-        0x41a9b386cf35dcdbL,0x750c32e133bd6fc7L,0x00000000000001cbL },
-      { 0x0fc37bf5d0b0d141L,0x213a97d1ad59d2e5L,0xcc1dd07db86e3859L,
-        0xb3b4668f4a229914L,0x258c47aac41c94f3L,0x51d26a397745d941L,
-        0xebbd50931809b9a4L,0x9a31e3caa6f1976eL,0x000000000000010eL } },
-    /* 31 << 42 */
-    { { 0x12b398e7ecb584d1L,0x71379d000fd02cf8L,0x5d69a03de25d53e5L,
-        0x724445bba9cf6c9cL,0x97942b084184b050L,0xd8e7770f8a903d8cL,
-        0x23be2cd6e285a39bL,0xd8262c7f54e43dfbL,0x00000000000000faL },
-      { 0xb1dfd3321171711cL,0x91720264c55e34d3L,0x6c2fe07176ef48eaL,
-        0x50a86d8419f04ea9L,0x21b234876ef9f5adL,0x2dd2953198ff68afL,
-        0x2ccd5b31e5be2b6cL,0xdad0c4408cb81a45L,0x0000000000000078L } },
-    /* 32 << 42 */
-    { { 0x2631b3c36ea5e7eaL,0x0576e1edc566c837L,0x1e50e071ac9c1eb8L,
-        0x5e74360ea8482d3bL,0x2e037e7718ceab4cL,0xf7d17456c8424fabL,
-        0x202efbf582fe1841L,0x410f708c8cca4c68L,0x0000000000000165L },
-      { 0x659dece0d00ea056L,0x495170f43d1301caL,0x749e3276cf2c6e53L,
-        0xc0f5d00087b6f996L,0x46b7c068dfd50725L,0x83e9d3de67ef401bL,
-        0xec1cee4e3d4ef196L,0x31583197bef2dd76L,0x0000000000000023L } },
-    /* 33 << 42 */
-    { { 0x4aaf3d3a2d846afaL,0xcf35de6580c606a7L,0x022deb760cb93fcaL,
-        0xa0e60afc96fa361cL,0xafcf7cc90b377305L,0x876c066cbc5e9abeL,
-        0x5632b4763bfd78a7L,0x1271111fa016a308L,0x000000000000007aL },
-      { 0xe762fb74fe8f5299L,0x7b179b4e4b614b25L,0x7e5de5c81f840510L,
-        0x69047ec18d783eabL,0x98b381ec3516e026L,0xe7778e602da90ec5L,
-        0xf3b4d6cf5930e668L,0xc0bc0326fa9e8051L,0x0000000000000157L } },
-    /* 34 << 42 */
-    { { 0x2618f715359a6e41L,0x9132721a8b5e4de2L,0xfbfcf4aad2b349c7L,
-        0xa4719bf086415128L,0xac080de43058d78dL,0x588b76300c29ab89L,
-        0x847249def2b1a566L,0x090c25d01545fdf3L,0x000000000000013aL },
-      { 0xdaf439760ee334d7L,0xd847290c51ce020aL,0x62246b88adafdd5dL,
-        0xc4fabcc7285636d3L,0x5f4bbd8e908964baL,0xd76d498d43ac7a30L,
-        0x5beed326f425209aL,0x7bc22416f9dc7d90L,0x00000000000001e2L } },
-    /* 35 << 42 */
-    { { 0x512fa0c9f59767e3L,0x2b8b565b236870ecL,0x646b5d0b30d8fd55L,
-        0xc0726c70bbcfff1aL,0xf09c125e16cc9832L,0xf7d5fd367c1cfc6bL,
-        0x22257c4b1e01063cL,0xdbd248561d6d9bacL,0x000000000000008cL },
-      { 0x9ed1b5e18f3af826L,0xc42dcea6f3160e2aL,0x3f3e13b1ff834019L,
-        0x39d61040dc48b3b9L,0x557fd39ac47f458eL,0x452a16ac987520beL,
-        0x2ec6d00219505190L,0x66fac607d5b3ed1aL,0x0000000000000174L } },
-    /* 36 << 42 */
-    { { 0x1eb52d8c8961c678L,0x9318b87f5188a0b6L,0x449da5f7998c4703L,
-        0x814e23ebba1284a8L,0xc4d98c41bcd03139L,0xb1fe6bef965a1803L,
-        0xa2b5b201889a0bc5L,0xbc93a3519b13ccdcL,0x0000000000000181L },
-      { 0x17c9763ff4e51116L,0x26c730852a842e35L,0xdd6481a71296397eL,
-        0xd588b1b854f7416dL,0x59f846cbc3d62325L,0x8f0d9ad920321e09L,
-        0xd9c7bb569e1699daL,0x42a8b57f15de9318L,0x00000000000000e6L } },
-    /* 37 << 42 */
-    { { 0x90c29dc2d1043639L,0xbbc7cbdcf5e17066L,0xc249c81d9a986ddfL,
-        0x081eb4d8c19cc606L,0x2e390f829fa13a21L,0xbb500f2ce369c007L,
-        0x2f716b7cb5aa598cL,0x7ac490d538645632L,0x000000000000004cL },
-      { 0x1d73543fd62a0b86L,0xed5674cc9eb85ebfL,0xcb4ba15fcbdf1a2aL,
-        0xbe0c1e77d0caff4dL,0xcc8905381e3e3f97L,0x9513a987b2624ae3L,
-        0x6a93bf660437efabL,0xc7ab75cc119e6bc7L,0x0000000000000146L } },
-    /* 38 << 42 */
-    { { 0xc2ae2ccee84ed2b5L,0xefb47683e2c4c512L,0xe86fe38992bbe0b4L,
-        0xb027a47b2d4a353eL,0x270a319fed2c3482L,0xb5470e60df72b036L,
-        0x0264dc8895967134L,0xb410a2f4bfe6af47L,0x0000000000000063L },
-      { 0x1d1024bb7ae0582cL,0x88675bcfef5e48e9L,0x0d928096f5e8824bL,
-        0xf172a15d94f0edf3L,0x1deda1cb3b823a69L,0xdc3722f122ea0b88L,
-        0xdea7f8583437020bL,0x16543f8ce317d065L,0x0000000000000187L } },
-    /* 39 << 42 */
-    { { 0x1df3bd54a11f8d7eL,0x76b9ed25db6b8ddcL,0x5bc6ebdf63a01f8dL,
-        0xf96b8f72b7f1589dL,0x94fa3a83a5476f8dL,0xcb63499a5fde5d1eL,
-        0x7f89c36d688048cfL,0x3e2f2d487a377a21L,0x0000000000000169L },
-      { 0x8537c54896c0c39bL,0xeb98619a0dbf2821L,0xa5abaf6ffc11be9fL,
-        0x88d3c0a10a5b0478L,0x4cb55dcb4c72ea75L,0x7585e394e753fdedL,
-        0x797b588de3417ae1L,0x82dea02b45a0ebddL,0x00000000000001ceL } },
-    /* 40 << 42 */
-    { { 0xb6f28395a29d2024L,0x77ac682616726da8L,0x295c447073fd20f1L,
-        0x9b2ec3f65856531fL,0xca27a7659555237aL,0xe497546f7a7bffedL,
-        0x4f51b73ba508d541L,0x6b23a204befd9c3aL,0x0000000000000039L },
-      { 0x264295052ddd93a9L,0xda92059c3ccf01dcL,0xaeca4b1d851d4cdfL,
-        0xf7fcfb537e0ca450L,0xe87d6e18cddb9a15L,0xb126c191d895153cL,
-        0xc8a744137e5a46c8L,0x36ad8a91de12f4f4L,0x000000000000018bL } },
-    /* 41 << 42 */
-    { { 0x74ef02d265e852a3L,0x324fed680f658cfaL,0xd466f103eca3fc85L,
-        0x6034b5f0a0f02951L,0x806ff94ed0dc2633L,0x70ab663177e83219L,
-        0xbda70dbc6db52c50L,0xbb7c538955b0b5a5L,0x00000000000000e1L },
-      { 0x0e0d975de1aff7efL,0x3e308234bae3e688L,0xaf6711bacf272359L,
-        0x62d70d6cffc92c50L,0xc95de419f4cf9c6dL,0xdc7dead78879f341L,
-        0x33e941e09e25e4beL,0x14dc267622519153L,0x00000000000001a4L } },
-    /* 42 << 42 */
-    { { 0xd434b84d74697824L,0x40539e16acf24795L,0xd572b3054ad638d2L,
-        0xde69e6788dd379a0L,0x675895fb4f7acb10L,0xa9e7010e28b809ffL,
-        0x0c46b090bb932c71L,0x67faa77393164c0fL,0x00000000000000faL },
-      { 0x929c93f16059ac46L,0x18d944565f740f53L,0x329b4c8fea065a97L,
-        0x84919b306f560f7dL,0x861d07d5062ec3f2L,0xb7f0c7801f09dfe4L,
-        0x7bb618819bc97c71L,0xc37b2767a48c1b40L,0x00000000000000dbL } },
-    /* 43 << 42 */
-    { { 0x3e450ce0a8d0cff3L,0x2e663e6b78ff9f55L,0x9f15134d5c0ea3b0L,
-        0xa8e53ea772ce0e5fL,0x6668ae1188e1d08aL,0x11c498e6b3e48748L,
-        0xcf8e174401b97c6aL,0xa7d61b3ffb5a55faL,0x00000000000001e8L },
-      { 0x9be324b502984ae9L,0xb2ada2ccdc986c8cL,0xb73282ff92e4acd9L,
-        0x59645b6929444216L,0xb462b0ec08094d4cL,0x3a282fab8a220754L,
-        0x01b6567e6f43ca4cL,0x3413e0b6dd2bfc33L,0x0000000000000035L } },
-    /* 44 << 42 */
-    { { 0x32c6a931b227157cL,0xd276f7d0d347b7d4L,0xda50395f0ab44f59L,
-        0x5d0c517699a52be4L,0x7b0f28e7b97054dcL,0xdae56aefd8e7b1deL,
-        0x05b0180087b4ccaeL,0x21c81809274a0ab5L,0x00000000000001edL },
-      { 0xc1c7e06b9f9761c7L,0x3bd3309fc2a78191L,0x2c239fd7702a4f90L,
-        0x5686716434a9f65dL,0xf8097255c1695583L,0x9b59c0bdf8597cf8L,
-        0xe0c0ea8558996101L,0x30afb4de2622f5edL,0x000000000000005bL } },
-    /* 45 << 42 */
-    { { 0xc37c982c301c80f7L,0xc0bc3df13218b36fL,0x6c7959568f8447a3L,
-        0xd3e11b8074d687a6L,0xba0e78bbacfeab37L,0x3160260448e100f1L,
-        0xc59f32cc2759d36eL,0x919a699fe7c183a1L,0x000000000000014aL },
-      { 0x1db45cb6b237b42aL,0x6be246b1cd20d06fL,0x71175e1852d92e5fL,
-        0x1b1a559dc6379ff3L,0xf4a86e0f067063c7L,0x4f55eca2e61fb16eL,
-        0xf4aa39140b9b68b1L,0x26746312b83d83f1L,0x00000000000000d8L } },
-    /* 46 << 42 */
-    { { 0xc3d57a8323e01244L,0x6c1765687554530fL,0x17e5b0c355b8fbe0L,
-        0xea068a1726350a44L,0xf06413c117ff3090L,0x2daf2cf8baef2995L,
-        0x499bf72a2db9ee9eL,0x1a0ef8eab6efdb69L,0x000000000000000fL },
-      { 0xe1a9efa76d4eb0a2L,0x6e8182ea78617b26L,0x9b7d9837881857d2L,
-        0xf18d42363a64071bL,0x21e43124c7df9bb5L,0x223bea1620366b6aL,
-        0xbca36c195f3b8b74L,0xf6998f39fdd2b391L,0x0000000000000036L } },
-    /* 47 << 42 */
-    { { 0xa5e08e2708c182faL,0xe7dbceb058be3eb8L,0x454381379f440918L,
-        0xfb10aa677a37d898L,0x8ca45c4a838e089dL,0xae3e13c06477efedL,
-        0xf42788377871ec9cL,0xa4efd9487c02bcddL,0x000000000000014bL },
-      { 0x8058ab501915d2b1L,0xf0e0b18507a23009L,0xf312041cb21746a5L,
-        0x19702c8127ff31ffL,0x5bfc0ffa39269d49L,0x11f8306f5b2bb7e4L,
-        0x7fffa345134e7ca7L,0xdca4d5ef3f626ad8L,0x0000000000000138L } },
-    /* 48 << 42 */
-    { { 0x882e70bcf935169aL,0xbe4f1a7e9faa4bf4L,0xc00ee4b63f49bf19L,
-        0x7108876fcf2ef2c0L,0x475d94d6ee33e82aL,0x88381a2fba2b1bafL,
-        0xd6ba047a0e1d8204L,0xf49a4704c9ad93abL,0x0000000000000112L },
-      { 0x64a6ca0222fcc815L,0x35c840ded006e9dcL,0x44777fb5d7dc2178L,
-        0x3dfbe7fd91ca3731L,0x026fff77e116256bL,0x6ffb7c2a648b3f43L,
-        0x6688f6c0470a3209L,0x632e1094a98c1c6fL,0x00000000000000e2L } },
-    /* 49 << 42 */
-    { { 0xeb117f6f5c5e8510L,0xb1cacd2d52aeb1d2L,0x62bdb4954f806911L,
-        0x230a593c916da8a5L,0x8f5cf40280caf0c9L,0x4031db58a1e8c7e9L,
-        0x34c5ef907e23e556L,0x276981361c3c4694L,0x0000000000000148L },
-      { 0x99ac9916ec9b4f91L,0x432ac8cc476a48a0L,0x25d59bd336ceb46aL,
-        0x03e24d9a547005eeL,0x01435f74efa3d224L,0xa6cf7444a4870b84L,
-        0x9725e6046f067e62L,0xba420cc6d694cb2cL,0x000000000000015dL } },
-    /* 50 << 42 */
-    { { 0xba476d873030cc65L,0x40c8a7233f53e13fL,0xf15a7ebc139ddd99L,
-        0x59473015dcdd8ea6L,0x06ad0d0e2ca9faa1L,0xf95d33cc9672c4efL,
-        0x183bc0d13b31f16aL,0xc7e7132613880e33L,0x0000000000000079L },
-      { 0xd4ca8c9030b61d4dL,0x293fb721dfe76d10L,0xcd4378cd025faf7eL,
-        0x496f67ab38987186L,0x96bbf0c70b0caad8L,0x5a441f7ae9a127fbL,
-        0x292a39d18bc38c28L,0x1fa309288bff6412L,0x0000000000000006L } },
-    /* 51 << 42 */
-    { { 0x41cf0341f2c97897L,0x07ecbc3155140e3eL,0x25dbd2d5fd0e65a5L,
-        0x89d802f8ab0e731eL,0x200aa9cfaeb60ed9L,0xf2abd47318270058L,
-        0x2290980f7222134fL,0x80dd2156d98c893aL,0x0000000000000033L },
-      { 0xe4dbee4746b5197dL,0x5d110c69d34bc910L,0x2551116c7c6d43e0L,
-        0x03391f080b0a6c40L,0xe11b366d39a3ac3bL,0xda60ccdb29749bb2L,
-        0x32d05f2bfab0625bL,0xb2a3d728348b774dL,0x0000000000000057L } },
-    /* 52 << 42 */
-    { { 0xc3120df78ea50ac8L,0x124a99bf819551e9L,0x69dd9b95eddf11e9L,
-        0xde805c83adcd1283L,0x3cb8d5f8a354632dL,0x1d9dcbaf4d718278L,
-        0xebf2d04742c9aa97L,0xaf43c4b6b9b68e10L,0x00000000000001adL },
-      { 0x21edfcb3d2451b29L,0xcc9acf06a48336f3L,0x8471e8c311e3e8b7L,
-        0x3fe0082e3e1e38e7L,0xf9e09f1df6a8aa86L,0x3b445adbe946eb4dL,
-        0x83d1b8d21579db09L,0x602db173ecaa7cd2L,0x00000000000001feL } },
-    /* 53 << 42 */
-    { { 0x7d0146ba1a83feedL,0x0be06076b6b5a896L,0xabd622a1b574173eL,
-        0x4511461a9687cf2cL,0x6a8662ecba2a9970L,0xcd138a7026840ba5L,
-        0xb4600008dbae80eaL,0x446cc5d10e75802eL,0x0000000000000077L },
-      { 0x9d3f027ffb4be66eL,0x155462bc96f39f6eL,0x573003efe04e4009L,
-        0xd4b2edd219bab2ddL,0x82a7818a37b54094L,0x2619e20c3540a3bcL,
-        0xd9815146946f623dL,0x393c8bfaa09d03ebL,0x0000000000000115L } },
-    /* 54 << 42 */
-    { { 0xa34c9ed658a89822L,0x42082c28ec5d8ce6L,0xe8d9bea36ba32197L,
-        0xad2b7b6391123266L,0xc27acd5a18a3ad12L,0xcb8ed647708ef7a5L,
-        0x0c5b0ed49fb1e72cL,0xd6580f7a5e30a10bL,0x00000000000000a1L },
-      { 0xc52666b0438e766eL,0x3526912dd840853eL,0xfe1aef567ea68037L,
-        0x0d8d383e9ccb43f9L,0x17788627acf36e20L,0xa28864ec0e1a7491L,
-        0x822d8f2efcc40c94L,0xdddffd26a2b0bf5dL,0x000000000000012bL } },
-    /* 55 << 42 */
-    { { 0x48dff182c056cfd7L,0x4520fe724282fd9aL,0xfa0e53108d3bc991L,
-        0x298fb724742f02e4L,0x403a647af5b8e1dbL,0x5bcd5a1655262f9cL,
-        0x92889ba779b16c76L,0x1e26ed2971a16b7fL,0x0000000000000109L },
-      { 0x749c137ce8e9b2c2L,0xd3b85753db690723L,0x940eb70133649fbfL,
-        0x89e374f678597b64L,0x02cb67149414281bL,0x024bb7dd9f5a5741L,
-        0xe048fe4adb3b50aeL,0xc6de99b14e7a1fffL,0x00000000000001c8L } },
-    /* 56 << 42 */
-    { { 0xb48fa75a590e92d6L,0xab1888ebeeda06b4L,0xffb140dd9e71fec0L,
-        0x8fb4c8ed2a623d2aL,0x645c4442bdd3fd9aL,0x34adb68f2de96e6bL,
-        0xbd7819ec59225d29L,0xa0a8b0c5768b22e9L,0x000000000000014eL },
-      { 0xfc0ab8407662f537L,0xf75bde0788b7fcc6L,0x6dcf7e22656a1f21L,
-        0x6c1116415318b15eL,0x731751bd77a8529eL,0x23e7c2723c846197L,
-        0xc6ab7b666ad27061L,0x7e315762aad0e5b0L,0x0000000000000163L } },
-    /* 57 << 42 */
-    { { 0x6fcfbba1bbd9d928L,0xf3fc85d8a6ad07f2L,0x4eb1ce1bd5ec3e9bL,
-        0x35a18838bba23455L,0x83f9e697aa05e005L,0x51b2c15bbbab3722L,
-        0xf2f76c2f91080b97L,0x6b4c3d7b30adc94eL,0x000000000000017fL },
-      { 0x676703ce17466400L,0xb003d1e144ab5f8fL,0x5c71817b4472d0d8L,
-        0xef5dfdab35b276e8L,0x223dce9a94c083b4L,0x8fab9633c842f4e8L,
-        0x7487d2a71b32ae51L,0xa73df4521e91b61eL,0x0000000000000149L } },
-    /* 58 << 42 */
-    { { 0xe3081ef15ee16ecdL,0x572190eaa301933dL,0x717f1fbb78b476f0L,
-        0x53f3424bbecdccd6L,0xd6e3646020c12be9L,0x1a9aba50bf672196L,
-        0xc677242c64fea24aL,0x1243d8cf3163375eL,0x00000000000001beL },
-      { 0x649ea2f620d364ecL,0xef9918f9ca1347d1L,0xa690c23690a25227L,
-        0x46de1a1ee9d7a9a7L,0x04d980378f454a29L,0xf92c691733fe5162L,
-        0xd8fca5190ab84b9eL,0x142af9fc4db77590L,0x00000000000001a0L } },
-    /* 59 << 42 */
-    { { 0x9bd789058423f66aL,0x4a1a18da7b4303c8L,0x9bc361e5f078f42dL,
-        0x6df051f9fb9c9f42L,0x25d75614bbe4b87aL,0x17afd17b86701f66L,
-        0x5d6afce29d60c6f3L,0x167f180eae9efcb6L,0x0000000000000029L },
-      { 0x74ade397a1f06cc8L,0x450132df74fbcdd8L,0x5fd754812ec58631L,
-        0x7db6f5af073ebc91L,0x29bfa114e046dfe0L,0x955659d40764e251L,
-        0xc8420c2c3dc0bd0eL,0x50e6309a6943b512L,0x00000000000000fdL } },
-    /* 60 << 42 */
-    { { 0x8b2c940f98c0aa63L,0x6b8f11b6552f4b66L,0x36d68942208bdbd8L,
-        0x1a27268d6d35a682L,0xffbabe3ce3c883c6L,0xb2f48c34c7b51fa6L,
-        0xc307666acff5f20fL,0x988421026823d193L,0x0000000000000064L },
-      { 0xa307127da730707eL,0x89c67ae8b63d595aL,0x235a76d5075c1933L,
-        0x4e1488e6c680da9cL,0xbd34618dac7d5a89L,0x22131bc390fe0290L,
-        0xb6709cefe5f6d0e4L,0x6d74a464cb81bb60L,0x00000000000000f8L } },
-    /* 61 << 42 */
-    { { 0xa91ebf5aa98f49b1L,0xe9966de520c72be4L,0x399c3525d2df5446L,
-        0x30b0a731b8d64fbdL,0x85f30a4fb17ad183L,0x4178f5643bdb7251L,
-        0x0497c93c32984a4fL,0x8a5d97eb380b5a7bL,0x00000000000000e8L },
-      { 0xf2cae7dca29fd5b5L,0x73d2fdf8ff1c8977L,0xd5fc8a2e7251ce7cL,
-        0xbf3e822b747dcc22L,0xdc9332f10b7bb04fL,0x80bd7f3cbf0baf6dL,
-        0x063050956dd4d5a3L,0x2a6fa9aa22dfb616L,0x00000000000000ecL } },
-    /* 62 << 42 */
-    { { 0xbf786c4fd9712fbdL,0xd9e5f5873f8f4ed7L,0xdce2f57471fe2a47L,
-        0xb1e0427d219a6430L,0xbff2b1baae521bdbL,0xc5166a723324479dL,
-        0xd150919d6a6c33dbL,0xaaf9eba7e5412b6dL,0x00000000000001a8L },
-      { 0xcb1c3eba6cba10baL,0xacb0b7075d5d30ffL,0x25ef098c370207e7L,
-        0x74fb4cec078d8b39L,0xe0ef8c1cdd7b66d2L,0x678bee9533e9c36eL,
-        0xdcbfd88e938220e7L,0x6c67d672b4dec38eL,0x0000000000000049L } },
-    /* 63 << 42 */
-    { { 0x40811a23bc3787fcL,0xf1e0938a0cc25bf6L,0x8ea5e4b9a83d5a2dL,
-        0xeeec61008466a4b5L,0xd1e8499efe0d444eL,0xe27ecb8978890749L,
-        0x901b2a6fa043632dL,0x424899f7baecac92L,0x00000000000001ebL },
-      { 0x1c781c1973b26d1eL,0xbccb957b8f157a3eL,0xa374f01ccf29cb56L,
-        0x3271773277420ca6L,0xd147cbaa49904865L,0xbaa719955c9dce3fL,
-        0xe8d401d705fee441L,0x47f583418a001ff8L,0x00000000000001a9L } },
-    /* 64 << 42 */
-    { { 0x62b631691c3be7efL,0xdab254bf8074207dL,0xf6f1466b235a4c77L,
-        0x66f8f60fd3b01424L,0x9da540693bae9f80L,0x1a840763500f8a6cL,
-        0x542e2dd9b25994b1L,0x996307e5183b3ceeL,0x000000000000006eL },
-      { 0x45e2ae85a4b301edL,0x0640d46de1fb6112L,0x7f102d1983fc8f4bL,
-        0x6eeece3a4f30038eL,0x74d062f5912f39c3L,0xa802a55316906c7bL,
-        0xa8d8c58fe6d6e8c1L,0x77cfd9bca57b4387L,0x00000000000001f0L } },
-    /* 0 << 49 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 49 */
-    { { 0x3b61c3204268e7acL,0xf9fef1976dd3709fL,0xabd3a2d551f7146dL,
-        0x4c03d266f40188f9L,0x56e27dfd088bae58L,0x5ba4660d03fa2b77L,
-        0x56889642a39ff216L,0xc11b9feaca849201L,0x000000000000007eL },
-      { 0x357c77971dbca40dL,0x23c449c26d3c6441L,0x6ad3b6a626ca2d6eL,
-        0x32cadcb3b2ca4aa6L,0xdddc43e5ad004aa8L,0x7994e3ab37600864L,
-        0xf09f263976e4580eL,0x6a2032a0a270cd54L,0x000000000000017aL } },
-    /* 2 << 49 */
-    { { 0x598766ce569614a3L,0xfc1534f1d485cc29L,0x1f5e87ce4f099a45L,
-        0x93e6071f387d4d84L,0xa3f72298a130f8bcL,0x51372018edd37225L,
-        0x165340e9b856f72dL,0x4d64ec749011bc47L,0x000000000000004cL },
-      { 0x975d2c0d5b62d194L,0x845d25cb1bbd10bdL,0x1326f9d742ee849aL,
-        0x61f90228a333154cL,0x4993f33d7500f71eL,0x3824dc401b6dcf4eL,
-        0x1c71e193b65b8ecaL,0xa8ddc0c7dca1396bL,0x00000000000001a3L } },
-    /* 3 << 49 */
-    { { 0x35a51eeba9c350afL,0x22821a636097710dL,0xf5a5c2c95f6ee6e1L,
-        0x8f9f201269599ba9L,0xed36867f12918ea9L,0xf1a5450d0ea832e9L,
-        0x58c5a7311e15e027L,0x5a6460d600416b3dL,0x0000000000000198L },
-      { 0xa0afb24fcf8c23f6L,0xdd6966eb2d40bca9L,0x7c8d20aabf132ab2L,
-        0xc24efb7d7d32b64dL,0x26d793380c9547f5L,0x7e7d62251fb47f5aL,
-        0xf1f5880d9a488725L,0x8ec9740d38749037L,0x0000000000000030L } },
-    /* 4 << 49 */
-    { { 0x7bad211d4ca94ce3L,0x7b7bed87d66cc144L,0x7eba714bbb5ee0ceL,
-        0xc26e3a3cf5eb8337L,0xe5c617983dfec21fL,0x9c679e26117ba62aL,
-        0x6d67db8c1b6e1641L,0x1c2e077ee31c06d5L,0x00000000000001a2L },
-      { 0xc0d71279cdc2d75cL,0x0b15b14709371b29L,0xba1f3359dc2ceb6cL,
-        0x9a701873be25dad5L,0x03c466b8c8bfe287L,0x9697f32941ec3009L,
-        0x4e21e900b4a54990L,0xee1b53c8a99d3093L,0x00000000000000d5L } },
-    /* 5 << 49 */
-    { { 0xcacf7227489ba5d2L,0x1a523c29f67d6ed6L,0xedfb4ca69923509bL,
-        0x571434694ca275c9L,0x31b2e485340e8fb1L,0x1839d1e3fa9cdb14L,
-        0x0f1f4aa874423836L,0xa1f66938027614bcL,0x000000000000012fL },
-      { 0xddd453d05635bbd0L,0xf078bbfbac909f3bL,0xdc827eb809ce7304L,
-        0xbeecd2de0f10ecffL,0xee375c35e43d5225L,0xd47f1c6dc1caf971L,
-        0x6d9b9daf56133721L,0xe2e43b93763d052bL,0x00000000000000b9L } },
-    /* 6 << 49 */
-    { { 0x9a842cd1d7d39f33L,0x45d1ad8c4bca4affL,0xe490b9caf398d092L,
-        0xdb73aab1dde5bfc4L,0x3b7984d7741c8e35L,0xf0b828d5f5819fedL,
-        0xce2fc89bfbaad5b1L,0xda615df411c9e58fL,0x000000000000015cL },
-      { 0x4b01920ad96156faL,0x221381dccedf3b14L,0x98da481c5d9b1206L,
-        0x826399dbe4e4c2f0L,0x51dc45b6d73dbbd5L,0x68f639eb3f275528L,
-        0x7093a3ab2d235520L,0x520f9416e8429996L,0x000000000000013aL } },
-    /* 7 << 49 */
-    { { 0xb3638db98048a2d6L,0x0526971177f15306L,0xa09f7697de04e4f2L,
-        0xc782f1073cfbd4a7L,0x0232781e01adb58dL,0x2caf85d422724ee7L,
-        0x952f12dda5ca3245L,0x658d58a74cc18585L,0x0000000000000191L },
-      { 0x35ad5dc0145a3b22L,0xc6acb7e2d56fc847L,0xdce25662da9b5fadL,
-        0x3c6d9c6620861f44L,0x4c3680ea5c573776L,0xf59066292ac95553L,
-        0x5e70ec1c5f814c5eL,0x3ec45db4dfcde9c1L,0x000000000000004aL } },
-    /* 8 << 49 */
-    { { 0xbb59f2675c346588L,0xac37b36876f373a1L,0x4826e015a4c6d860L,
-        0x4ef341b061bdf224L,0x70b01fb4becac30bL,0x5f518cfcf0bb0c51L,
-        0xbbec7a919d163117L,0x8a65bee8de2da58eL,0x00000000000000baL },
-      { 0x965caf8e566098b5L,0xe8ba0e81afbd8436L,0x77f4e27d7299fbc1L,
-        0xf5169f5c367e2155L,0xc88fa56101a49a6fL,0x8a6a0228557b66deL,
-        0xc867f1fa8e1bee40L,0xbf4b5f806de8fcedL,0x0000000000000042L } },
-    /* 9 << 49 */
-    { { 0xb9524e1cb1f9f441L,0x0598193ea2b3656bL,0xa4259f49f5540942L,
-        0x1cfdec1f6adefa22L,0xd923db68e30584a3L,0xa2a82559fd521cccL,
-        0x3411a7edd7abf365L,0x40a53bccd2452d25L,0x00000000000000f2L },
-      { 0x56b5c3f7d570f6f4L,0x692c9ae1fbd422beL,0x76027f68bf2bc5acL,
-        0xe51a3a373e31e89aL,0xaaf34aac1dfddf2cL,0xf45a034e9d16cfcfL,
-        0x5c8fe990ce407aa9L,0xbbe2e574acf3b5ffL,0x0000000000000149L } },
-    /* 10 << 49 */
-    { { 0xc3a9433d7169c63fL,0x3551fd4733c6d323L,0x507699e2bf2ca336L,
-        0x5f6565d46878f701L,0x006acf880d019638L,0x788dfdcf4671f89aL,
-        0x4d2c708a3224fccbL,0x7802c681810c6074L,0x0000000000000002L },
-      { 0xc5576f9ad0c38110L,0xa8c3419961cfd5a5L,0x48b1d5180a8a1b9cL,
-        0x9d1cb1dff3740051L,0xd7f5a27ca860e4a3L,0x9f149f487f8bac83L,
-        0xddf84b81ac7f5c55L,0x30e0002ad9d529a2L,0x0000000000000047L } },
-    /* 11 << 49 */
-    { { 0x9585b7bc418dfaddL,0x4c58f686b5a32cefL,0x7efb7fb586cf7c76L,
-        0x87512eb00cdda427L,0xd3b27213699021c9L,0x3a1741d24f969176L,
-        0x58bc37cb14fd5744L,0xbfe9f937752fcbd2L,0x00000000000000e4L },
-      { 0x10b3c0c658cc73abL,0xcaf09eae9f733202L,0xc729ced840fbabedL,
-        0x997df02c3ccd6909L,0x4898124828c2898bL,0x734c9f989c96b3a4L,
-        0xf025ebc3f20c8071L,0xd3a570ab384f54dcL,0x0000000000000066L } },
-    /* 12 << 49 */
-    { { 0x35e45c4b84376818L,0xead0b323c0564a2eL,0xf9e0790fb6852540L,
-        0x3336a9aa55fed5a0L,0xa1dbea8ed6d817e4L,0x66ca0e37a8cb6e98L,
-        0xfeb1493cc60383bdL,0xf910ce15208ea92aL,0x00000000000000c6L },
-      { 0x25d128bd3a6aa1eeL,0x0bcabc8337d1b4d7L,0x31cb792ba825d7afL,
-        0x288f5d5b7a6b56c0L,0x737a14be66b37a0fL,0xe9005d89b6662a43L,
-        0x446d1492f1b00aaeL,0xd0be38cc545ace31L,0x00000000000000edL } },
-    /* 13 << 49 */
-    { { 0x87493232bdf7f4e6L,0x14541c5b49d814e6L,0xbbad3425fc906a15L,
-        0x2cde8410c26b9540L,0x03d8b69a2269726cL,0x522113c8df932996L,
-        0x329dda1640f1b59fL,0x1eb39fd5a2a62e23L,0x000000000000018dL },
-      { 0x3e9e4ab1d977f9b5L,0x06b3afd518f3f70bL,0xee59a274d12f3910L,
-        0x94e07eede16dd544L,0x8adc0bdaed27abd3L,0x7e4135b59fa28de8L,
-        0x6818fb61b0186541L,0xcf0f9186cc9fae56L,0x0000000000000184L } },
-    /* 14 << 49 */
-    { { 0x8532e2b84de469aaL,0xd1324820fefd245aL,0xbf47d6669b108318L,
-        0x33c64bcbd7c86054L,0x4859cbd052374f8aL,0x8339b91418337de4L,
-        0xb95a65009523dc40L,0xe759895961b6fee1L,0x00000000000000d1L },
-      { 0xf85b9031652f4cf1L,0xa2fc5e77406dc843L,0xf12c0af404306a60L,
-        0x2ad58232e20d0293L,0x884487ac3ca21308L,0xcc3570635bd3f20bL,
-        0xd673170784ae6af6L,0xb8ba5ac32757be45L,0x0000000000000091L } },
-    /* 15 << 49 */
-    { { 0xa659f5656e835f6eL,0x7ac653f268f73febL,0x9c6e43b5e00fa5c1L,
-        0x2b9b4245746bd49fL,0x3d7a750dd88d0e3cL,0x6728829167922860L,
-        0x67eac654cd8acf74L,0x5d155498c194238aL,0x00000000000000a9L },
-      { 0x7ac1ed3044b273a5L,0x4387bf6824d195a1L,0x5491474be5f20156L,
-        0x961ee2ad04598989L,0x6ba547225e180905L,0x0119d4fa7801d12dL,
-        0xe0f12a42f7d5390fL,0xb4fc030b3479de65L,0x00000000000001b6L } },
-    /* 16 << 49 */
-    { { 0xb19a5828676a875aL,0x40729f28c83a4911L,0x511949b1c6dce05bL,
-        0x25914c8c3fcf0490L,0xc49490de0c6c2742L,0x3b21feefdf6cd770L,
-        0x012d2802dd1a82a2L,0x72f5a0b76453439dL,0x0000000000000020L },
-      { 0x3e85d07d9b58e26dL,0x56527bdd1c50af24L,0x564b56587df377d0L,
-        0xf5b0335865e97a30L,0x2b22d6e96b31bc52L,0x8ad449abcccd4bbaL,
-        0x84b8b888f7c162a2L,0x3b647f0e4d56f29bL,0x00000000000001fbL } },
-    /* 17 << 49 */
-    { { 0x538386b50142105eL,0x6a36896e5d844432L,0xa3f6bbe123903414L,
-        0x806672513da50509L,0x2989b59047596bafL,0x71137e6cddb7c04bL,
-        0x6b76f4c5aaf9107fL,0xad1575a18f0a7798L,0x0000000000000118L },
-      { 0x8015bb4110007622L,0xf09b16c927c41f67L,0xc42d63b3961b905bL,
-        0x8e8d60bf0b64722fL,0x1d44e65b31893514L,0x17aef76a971aab52L,
-        0x63b990c7275e43b0L,0xa16c2ad0eabdb348L,0x00000000000001e6L } },
-    /* 18 << 49 */
-    { { 0x07120374a0e09362L,0x693d91b9dee217daL,0x69d89c4913f0cc96L,
-        0xc39d993228c1b06fL,0xa20b517e54c7a529L,0x1076b98fce82be67L,
-        0xacbfb44d04839b7fL,0xa0e7e6cbab7a6a5eL,0x00000000000001d8L },
-      { 0x5aefed1d047ea917L,0x01ab000dbcbd7218L,0x9c9729136a369a58L,
-        0xf9b364f2995e7c83L,0x15d114f8c4e2de2eL,0x04720f6fca00e9fcL,
-        0xbf1f54934913f69aL,0x4128e1d050a572a8L,0x00000000000001ceL } },
-    /* 19 << 49 */
-    { { 0x04052b0bc21341c7L,0xaa3738e32824cd0bL,0xd61bd9fcff92879dL,
-        0x1f81dbbdef405b1fL,0x50764b05b9087702L,0x1c477a0b30be79faL,
-        0x3bcf0f99f3adedf2L,0x3270cd7bfb1671efL,0x0000000000000099L },
-      { 0x2dce98e903485ca4L,0xfd79314bc4e9dc13L,0xf64590430750dec0L,
-        0xbcc8ef428a2f200dL,0x2a48ea838bcdc7daL,0xbd19939a616d34d9L,
-        0x46c4674e673a3ce3L,0xdd5c17afe21d038cL,0x0000000000000047L } },
-    /* 20 << 49 */
-    { { 0x807392c4a8bd340bL,0xed20f6e0c0dd8190L,0x9d0f81d8fd1d379bL,
-        0x410ec93adc0a7e5cL,0x660be24545c6a3ffL,0x920e232a68bfc7cbL,
-        0x3a8e589e4992a0cbL,0xf7aaf37ed0ba8827L,0x0000000000000004L },
-      { 0xf799075916cfd13dL,0x593652e05843ca4cL,0x8520e39c721fc81bL,
-        0x01c1aeddee26ecc0L,0xed48e68e20064495L,0x2049cfb8c4b50a1dL,
-        0x8e4545d403b6baebL,0xd1b2962aa041443cL,0x00000000000001aaL } },
-    /* 21 << 49 */
-    { { 0x9442441e21dd7a46L,0x5c5c5dfe1855582fL,0x411281d4104a43f9L,
-        0x6fcbfb5d529c0255L,0x69cc3d43ef383628L,0x3e5adc17455ff08aL,
-        0xb5aabfb47a16eb28L,0x464de4ae5c39b1b0L,0x00000000000000d4L },
-      { 0xb36f33a4ee570b8bL,0x7f2f0809885f3677L,0xc110d6674adb4bc8L,
-        0x17ebc77514f16716L,0xfcb24ac6d06d0b5aL,0x2a8eb070bb467ee5L,
-        0x82498e6dff7b6a27L,0x651560a7b3be99c1L,0x0000000000000152L } },
-    /* 22 << 49 */
-    { { 0x5974d160916366acL,0x4c1117ea317518b7L,0x0d910ce0a9e0482cL,
-        0xc472a9267522314dL,0xb531e038788e3d76L,0xc33babe371936389L,
-        0x651b8b5dd7e44d40L,0xff292597d3f61049L,0x00000000000001e2L },
-      { 0xe0dab29387469e8fL,0x94f31bf9b9860039L,0x49baafd0dbea96daL,
-        0xc0dac82a69701943L,0x3975417bfbced35eL,0xd932a0c9387455bcL,
-        0xedee6eec6ae9c37eL,0x004ab4ffb7a67355L,0x0000000000000005L } },
-    /* 23 << 49 */
-    { { 0x796e9c557ca11ad2L,0x58f34f3f7d85a82aL,0x591f92c027ca6530L,
-        0xd83841d85ac34027L,0x465a3ea45f65d747L,0xde92e4766398a5caL,
-        0xcca220e5e6df968bL,0x71b01c2ad75b85fcL,0x00000000000001afL },
-      { 0xdabcb750ef8429deL,0x6ca8ddffc37a94d1L,0x20d1c1e8c06f1a6dL,
-        0x16cedc9406a7eca2L,0x2af3694ef6b38940L,0xb88e20dd41111d23L,
-        0xeaedf8e6ab3419aeL,0x233e0966baf248ccL,0x0000000000000074L } },
-    /* 24 << 49 */
-    { { 0x59fa6794628233edL,0x1c30a04a25a1287dL,0x8dd4fdcabf3fad38L,
-        0x522aad840d0b6f87L,0x12a66e90d160f8ccL,0x714213f3e673af6bL,
-        0xd5e6feebad0ab724L,0x0ddf08f16a892358L,0x000000000000001fL },
-      { 0xaa50abcec077feddL,0x36e6411ee7610feeL,0xbea885d1eb815b83L,
-        0x9710ed6d5d57a6abL,0x794e6f1b85645674L,0x7608184df124cbf1L,
-        0x356377f6cc8be47bL,0x56cbd2604b3e7161L,0x00000000000000d7L } },
-    /* 25 << 49 */
-    { { 0xf3da8295fec48fcaL,0x4aa389b04868517dL,0x1eae63410e4fb849L,
-        0x2d79adaf3e627a33L,0xeb057943c16bf394L,0xf68653de184ebe57L,
-        0xafabe009c84066f6L,0xeadf4244ef303ea2L,0x000000000000008eL },
-      { 0x9cf14a2e9d04a4cdL,0xeb45f173a1896d1aL,0x40bfdff6e61abc9aL,
-        0x7fc85552930f6a60L,0xd9ca2a4361801770L,0x545752c1d7ce2682L,
-        0x75f003dc8e904de4L,0xf7d696c1e0d28d1bL,0x0000000000000138L } },
-    /* 26 << 49 */
-    { { 0x318921d51607513cL,0x4f4691aba028aaacL,0x6b89bf2c45571403L,
-        0x6a33bd35bd50a74dL,0xa12697537320b060L,0xbdc0601f7b3d4567L,
-        0xa3a545d0adadfa59L,0x1d57a713fb791746L,0x00000000000000b7L },
-      { 0xde5af490b3ccc7d4L,0x230148e32096ef20L,0x1728c17afd7a6a82L,
-        0xfe9ae61d832185caL,0x5315c8993c95585cL,0x1c5382864602f4edL,
-        0x8e2eb045d51e72feL,0xfd69ab13b1dfc663L,0x0000000000000103L } },
-    /* 27 << 49 */
-    { { 0x907945a9e512926eL,0x0b965ac514dff417L,0x6e735674cee891d7L,
-        0x9560323e84d70b73L,0xb20c6b12b867ed3aL,0xa8c57b78f3e266acL,
-        0xaacc72a9031e4af9L,0x21a577716c8def4aL,0x0000000000000042L },
-      { 0xc3c3673e5eba099dL,0x9adb0cfb96d46b1fL,0x360e2fce94637eeaL,
-        0x96d93ecf8c797569L,0x2044f2cabf3878dfL,0xdbd03f0c8a4a46abL,
-        0x0aa2542188fd829cL,0xe10b564de070ef95L,0x0000000000000024L } },
-    /* 28 << 49 */
-    { { 0x5a14d2a9e7beab9fL,0xbb93a9d2eb30ccceL,0x033eff382f6c4435L,
-        0x241389884ca1d8d9L,0x683fded4354372d6L,0x3a5733b79f237e56L,
-        0x8cf9a5daed9be593L,0xfb98100be321dc4eL,0x0000000000000062L },
-      { 0xe3c8df880c2b9ec8L,0x1e3f4b351aab0f71L,0xea412d009efbaea8L,
-        0x89c2b8592a711842L,0xab502e2666337728L,0xf8397452aa5e9d63L,
-        0xd1426326e61ce0f3L,0x3c65ba888b2a3595L,0x00000000000001d5L } },
-    /* 29 << 49 */
-    { { 0x7c40492595f69136L,0x45e971ba99e00647L,0x8f52311b8df162f7L,
-        0x37be3333b9625948L,0xf78c980fdcd3f0dbL,0x04fd571e95450e66L,
-        0x2c8c94a45ad646dbL,0x7aaf42e5cbda65ceL,0x000000000000017cL },
-      { 0x839547cff6df4638L,0x95d2aac672edd7ceL,0xcfdfa802e0028305L,
-        0xbf7fbb9b592ed18cL,0x828e423790ce00f9L,0x83653bee85dae1c7L,
-        0x92cc5b1aa352c38aL,0x323f48337c389854L,0x00000000000001ccL } },
-    /* 30 << 49 */
-    { { 0xa8b2a97fb6cedd11L,0x97dbaff9f8032972L,0x342989110d29a5ceL,
-        0xace98046cd01a3cbL,0x2a3d2959be278299L,0x5178699b7d9f96a4L,
-        0x275e90c83aefc4d4L,0xed40ae71c9ddc6c5L,0x0000000000000018L },
-      { 0xc68d02ce0082825dL,0xeb8c04bb63e05e72L,0x734a75cc8b7a75f2L,
-        0x1c6ff3f5f996c116L,0xc23fa867564c6f4bL,0xf13cff17198d779eL,
-        0xa4f04051d621edcfL,0xd86ea3fb9bc3a2beL,0x000000000000003cL } },
-    /* 31 << 49 */
-    { { 0x8687c8d286fb5666L,0x51bda4adead592d1L,0x9a47bc7e8d9bf5adL,
-        0x0c16fc8e3f314ef5L,0xcb5262e50b653a4dL,0x4dee35618e512af9L,
-        0x41aa85f125232f51L,0xb4b485ed7af6c2e0L,0x0000000000000084L },
-      { 0xe3326af2a937424bL,0xb091d60435264ac9L,0xb7fe1c75607363fdL,
-        0x8d3fc5e05ce8b153L,0xfea7f23d9ac5e150L,0x38b3592fc8c1f2f9L,
-        0xb5346f4f01996117L,0x485d0162ede54b07L,0x00000000000000ddL } },
-    /* 32 << 49 */
-    { { 0x0b91d5244cfc2928L,0xaada5377f9855767L,0x43014e69652cad7fL,
-        0x8680000dee500ebeL,0x95eea80462086edbL,0xea6484375ce7cd0aL,
-        0xee14680d51a5bb78L,0x28363f309167ae22L,0x0000000000000047L },
-      { 0x5335dbd719692e28L,0x30c79590c6495ad7L,0xb9f87b1462c85189L,
-        0x5b87c196c5b0545cL,0xbbdfef3cbe7fb4f3L,0x2b531d69f3216d95L,
-        0xe7298f7361c8215cL,0x9652e358d96015dbL,0x000000000000011dL } },
-    /* 33 << 49 */
-    { { 0x4ecfdcbc609f01e8L,0x43cce6f602da9b00L,0xb5ccb510cb875b01L,
-        0x38ef08459d14985dL,0x5dc8f4f88e28ff2dL,0x2123c91386de81d1L,
-        0x80691159098d59d5L,0x44715192dbc14f82L,0x0000000000000171L },
-      { 0xc7d2bc1e420737d6L,0x04d07a8634926b1fL,0x4a558a526719bbdcL,
-        0xad7181739558b878L,0x0d2e6fca5af3a191L,0x6c49dd8fa73f113aL,
-        0xf57eefe8b3f72cf4L,0x39b23c1b37c5645aL,0x0000000000000093L } },
-    /* 34 << 49 */
-    { { 0x1a21f7609e382dbfL,0xbe278ead5c4326a2L,0x72f12ef962016fedL,
-        0x21bf913c8afa14a5L,0xb7c4145a9f9b8899L,0xc17a7b5fde4dd03dL,
-        0x14f34601ab717706L,0xe6192f11432876c5L,0x000000000000013bL },
-      { 0xa2f7972ba69fd71cL,0xf6ccdd1f9a0289f6L,0xc4634027e67f1f93L,
-        0xc87dcef88ebcb728L,0x2053a2db4468602aL,0x6406b53cacbdae11L,
-        0xf3f29cf3ee6ee32cL,0xcb79a551a0e19432L,0x0000000000000110L } },
-    /* 35 << 49 */
-    { { 0xef5cb254481df44bL,0x3184a229b38cbae8L,0xc1b8f38dd3bfe1cbL,
-        0xd054eb6b1523138bL,0x9635da2935029a99L,0xed8ad119918794bfL,
-        0xb3b9ea73d86ffebcL,0x174afa73454d5e5dL,0x000000000000007dL },
-      { 0x0b7e89f996442409L,0xf308ceb46bf1c207L,0x7bf551a8d7488abbL,
-        0x06be62570d2826dfL,0x7da841c4c45d6b49L,0x90e0c656320fcdd6L,
-        0x625d0ad9c57ae245L,0x1117fa49a6216b67L,0x00000000000000eeL } },
-    /* 36 << 49 */
-    { { 0x740389608eaee36bL,0x7df35d2c162d1f6bL,0x2cebbe053186aa89L,
-        0xc17db617944dc7acL,0x1c6a5a0781e3d0d1L,0xc1e8ce8e29c741eeL,
-        0x8edd5a72fc708460L,0x337ba607bd44d4a2L,0x0000000000000143L },
-      { 0xc54244b594eb3f3bL,0xf6303630ea66f38aL,0x72aff79bc6149c29L,
-        0xecb88c9faa4b1c13L,0x648ec54762873c5dL,0xec17c8cc65222b9bL,
-        0x887c31775c4b3466L,0xcdc8fe2b7e3e7954L,0x000000000000008dL } },
-    /* 37 << 49 */
-    { { 0xcefcc053278778a6L,0x8b23916cf443f1e0L,0xb54c427ecbee97faL,
-        0x24c75ee812bc4efbL,0xb7b0cb176a167e91L,0x1b307498bacd972fL,
-        0xd744a51b519cb27aL,0xbc28421783cd2333L,0x0000000000000020L },
-      { 0x81f745e1b02be1a4L,0x9de30681c6537840L,0xc9bdcf9e9fe1b32eL,
-        0x850f2187eae10736L,0x5dc72e3f8cbe70ebL,0xff288749c832cb6eL,
-        0x648754cfbdaa6ffaL,0x24e3f97d26354f2aL,0x00000000000000c0L } },
-    /* 38 << 49 */
-    { { 0x09c04a0f926bc690L,0x43fbfa9f6286e106L,0xd1a8fb90e1c3b305L,
-        0x7b4ee666fe37cdb9L,0x404be05f9b915078L,0x5d886ece2e0fdca6L,
-        0x58cfc29cedf36049L,0xf94ec764dd30d905L,0x00000000000000ebL },
-      { 0x4ad5bb20650c67d2L,0x760e0784377c5de6L,0xa6fa0ad7a47acd80L,
-        0x91e26191802a68ceL,0x932e9b57c492de6cL,0xf51aafe3c0d70872L,
-        0x17e1ee20c0a4eb8fL,0xdadd7f5ceb04a2d8L,0x0000000000000101L } },
-    /* 39 << 49 */
-    { { 0x4b6c35299c3fb75cL,0x2020efc7e2f85697L,0xd2dfcd4892684019L,
-        0x366e38a2ec2edf42L,0x7217d73d4aec48b0L,0x098c0ae01adb4cf6L,
-        0xbbbcb22ae102cc11L,0x46785dc5b1740371L,0x000000000000004dL },
-      { 0xe2cbce804c10fb38L,0x2ae649622280d0afL,0x7e3465aca1b0c46fL,
-        0x8bfd57b6dd9e378dL,0x01f628f91dde62e5L,0xf3e4adf12526bb39L,
-        0x1734ed33ba88260dL,0xe6b9194041672e7bL,0x00000000000000d0L } },
-    /* 40 << 49 */
-    { { 0xf42c064a910fda3aL,0xfbafa50fcea6aa25L,0xafe5f5580de9bbbcL,
-        0x24e9d4ae0e89fb39L,0x5b71973925c76201L,0xa87ea5295475aeeaL,
-        0x1e5495e03c4be889L,0x7866138b995ad46fL,0x0000000000000087L },
-      { 0x5f9f803e46afb538L,0xf8c0f078ca875a75L,0x63f1050a89b71552L,
-        0x0858baab8d43bb0dL,0x8dc61935fe38cf7dL,0x50fbdae220f815eaL,
-        0x6c6a84e52e070889L,0xa524045e73fb1857L,0x000000000000001cL } },
-    /* 41 << 49 */
-    { { 0x18d8ccdae2479e67L,0x1baa53f2a74a289fL,0x6edaa01c578d7dd5L,
-        0x39deb2bf383bedf1L,0x55b2cb09c0c843bcL,0x4389566147a692a7L,
-        0x6c9ae23f7e9cda94L,0x21cc9bceba7b7179L,0x0000000000000026L },
-      { 0x19db39e25f4eedefL,0x5c22018976727eeeL,0x2bc4e7bfd2b991deL,
-        0x9c136af758617aebL,0x25f438605bacc62cL,0x8e469c5668e7b7a7L,
-        0x905da2b18fd497f0L,0x5ca49b9f114ad2ebL,0x0000000000000067L } },
-    /* 42 << 49 */
-    { { 0x1a6f8d8de1a52dc5L,0xcf96814d03a474a1L,0x89bf6b6d11521565L,
-        0xdef2de686891d9c1L,0x84acad656e7c7d4bL,0x886b8a280175a6cfL,
-        0x9ee8240c926fe7bcL,0x152a76cc39bf83daL,0x0000000000000091L },
-      { 0x85376a369b33ef6eL,0x59cfd5a4f181f89cL,0x679c3adc2593d6caL,
-        0x6ed84b8bfbae89b6L,0xee128a9017cb08eeL,0x4f29fb137726bc40L,
-        0x20ed5454dd8a2a9dL,0x4e91664a378adbadL,0x0000000000000191L } },
-    /* 43 << 49 */
-    { { 0xa5dad36b52b70595L,0xf87e799e31e1f282L,0xd2cc0cbf9e1f33e1L,
-        0x4cf0cf552d62e0a1L,0x18d2a4d5fc30b065L,0xbc92b38273812cceL,
-        0xb252123d18868d58L,0xedac40192d70d6d7L,0x00000000000000a1L },
-      { 0x06ef9212c3f4e226L,0x59efef442a3fda9bL,0x9bf2803a42146a29L,
-        0xfa8dab397c4a93deL,0xe1d34b9562d8ca13L,0x9989f1f7ef4060ceL,
-        0xa57df883280ad2ffL,0xa7672319b32b7398L,0x00000000000000d1L } },
-    /* 44 << 49 */
-    { { 0xb841b3a2716363bfL,0x1fe55966930c285eL,0xd32798db70bcc6e5L,
-        0x69e8e3f7cd08aa70L,0xc062c65836522b1dL,0x5f540d1d845d3226L,
-        0xc3fb106d65d5893cL,0xa7e29ee98ae43be8L,0x000000000000012aL },
-      { 0x10107bd45f12406eL,0x09597eeeaff644d1L,0xd6016ea4a82208eeL,
-        0x91ae818f1b864b66L,0x443f4f76f39bba56L,0xfb1e51720ed82a06L,
-        0xa79c9ef8d5b29a93L,0xcf62b0acdf4bc546L,0x0000000000000095L } },
-    /* 45 << 49 */
-    { { 0x786dddbd9a6770dbL,0xfbba1c37c9bdf259L,0xb0ee1d34c50b403cL,
-        0x1d67be441e207360L,0x186f06bc422c455bL,0x595806c00c1576b6L,
-        0xb88abc273985699cL,0x47398d6d704fbcd1L,0x00000000000001c0L },
-      { 0xdf0187cd0bc02f06L,0x98eb35357610f278L,0xa253493558e633dfL,
-        0x633c5838abe6ba6dL,0x98e6522d8345acf1L,0x403be8d023f02650L,
-        0x929e6fde26185a91L,0xe11ef0da93f223bcL,0x0000000000000106L } },
-    /* 46 << 49 */
-    { { 0x0e407af213d053ffL,0x90d5045e06f74badL,0x066fbdeab7245e4eL,
-        0xfd7b75ca58eb3154L,0x1b71f8fab1085c0cL,0x0813f46a32f91863L,
-        0xcb798c7cf9b79419L,0x89ae2cf7b03a117aL,0x000000000000009aL },
-      { 0x5c04b5fd596b9fb0L,0x39cc235d1bb7e7a6L,0xbd27de310638c16bL,
-        0xd12cf68dc62576c7L,0xdab34467be49955fL,0x6e9ff707f0e83b90L,
-        0x9be7a05a7f860800L,0xfceae2f729c5a536L,0x0000000000000076L } },
-    /* 47 << 49 */
-    { { 0x839213697b1d62c9L,0xd22e2902a95f6724L,0x29d3cff45962cbf4L,
-        0x74adaf534e973e6cL,0xad2f70c1a766f389L,0xc8eadf0ac2b8cd2dL,
-        0x8206870d8d1654d4L,0x99168a47a8feba9cL,0x000000000000002cL },
-      { 0x1b25ea9fef1068fcL,0x48d00e1e844eec1fL,0x5e405a57497cdaeaL,
-        0x9ea279918c28de85L,0x162811a8db094da1L,0x83072388e11f3bc4L,
-        0xb0b78a7ce6b0b528L,0x97576dd0cdb3fabdL,0x0000000000000046L } },
-    /* 48 << 49 */
-    { { 0x0f9052c7b597ec4bL,0xc6f41c80ad573ab6L,0x347a20e1e3a60425L,
-        0x8b466cefc852cbb5L,0xf38734d5dc78e008L,0xf347cd72d1ad9a04L,
-        0xb82d096f30eec82bL,0xe43cc8e9ca4f7ab3L,0x000000000000001bL },
-      { 0x78d630caf659615aL,0xd686695eb1617e24L,0xbe1c2194d5983cf9L,
-        0x4522d8f78329caaeL,0x672fee6b101fb01aL,0x1b1f4c0950d301abL,
-        0x7dd87dac5e431e1fL,0xbf07ee0cea0100dbL,0x0000000000000172L } },
-    /* 49 << 49 */
-    { { 0x07f921760f9f20faL,0xfc96b84ecb68b725L,0x7718b02302cccb62L,
-        0xedd4dd7985b5fbfaL,0xf6e1e454f4db3795L,0xb4888ae03a7653c6L,
-        0x8fb8fc4474baeffbL,0x063c86b72d45c22bL,0x00000000000001cfL },
-      { 0x0c41e282815b2541L,0xac43abd94c2ee392L,0xe24e214a71c286d3L,
-        0x1282830043728b88L,0x3bd6814757828877L,0xf197e9452febf81aL,
-        0x8a1c679cedbea19aL,0xe251fa945967dcd2L,0x000000000000016eL } },
-    /* 50 << 49 */
-    { { 0xe01d086a1075213eL,0x8f1b00cbea347edfL,0x8498f8c425c21dddL,
-        0x95abb4086d820738L,0x557eaed7ec5afe32L,0xe497900ca38f0434L,
-        0x0515c9bc903e17b0L,0xc02387e3dc40307aL,0x00000000000001d3L },
-      { 0x96a0bc63eaf352c3L,0x579c49029ee03dddL,0x757a34d6c98eb9dcL,
-        0xcfa9d25abd86a2baL,0xc8809301f6054b1dL,0x30b0c70afff80255L,
-        0x69f40403c5ff5831L,0x6e5fd068c60c11ffL,0x00000000000000b6L } },
-    /* 51 << 49 */
-    { { 0x5340fc5166c83cbeL,0x507640cb9f3024fbL,0xf750a8d5a1a0a1e1L,
-        0x9e7f6338adbb9bb1L,0x09a208b43976445dL,0xa6cb9df3457f574fL,
-        0x7de5c8214fbd3509L,0xde3f5ae19d50d9a1L,0x0000000000000027L },
-      { 0xc82405f8ed17132fL,0x43256e646a46977fL,0x8a353d2a994b1950L,
-        0xff3152f2ad9a40c9L,0xfc9cfa4f87e47049L,0x3ac2a3b0c168d8b0L,
-        0x80742ee9bb4d7fe6L,0x3d2ba8aa8678a9d8L,0x0000000000000046L } },
-    /* 52 << 49 */
-    { { 0xa04a119dcd2fdac3L,0x2ee2c11c9ce17d39L,0x197cfc5f32fe1c10L,
-        0x656774fe3aab0424L,0xb43b296a067463a7L,0xad338aca55d78e93L,
-        0xc74471b7b87e1358L,0x5bb5cfc201be2553L,0x0000000000000075L },
-      { 0x71ed2ff019301a86L,0x49d0b18dabb3a3f6L,0xb14c65b0aba86284L,
-        0x4a537637cb47beffL,0x340621ea976f6945L,0x66fae29b5c4ae1ecL,
-        0x8e56e0fba5e5cc76L,0xc09a72fd7cd3d0bcL,0x0000000000000035L } },
-    /* 53 << 49 */
-    { { 0x349d9c4dee613f38L,0xef68106f51fb9826L,0x92f4c8386d78ed38L,
-        0xb98420f7586485edL,0x0ec1b91d60f3f9deL,0x93d3828b84a7a66eL,
-        0xb9f3374876299a8bL,0x4961a01e9f7fcae6L,0x0000000000000106L },
-      { 0x9f606ab04ed763c5L,0x1d8f91a3e9a674f4L,0x97fc8242a521bae2L,
-        0x7008aa90dcb2af6bL,0xba359079b4110efcL,0x7e54f8c1fd447eaaL,
-        0x3aad38aaf746ed2eL,0x3eb1cecef0df9b09L,0x00000000000001d6L } },
-    /* 54 << 49 */
-    { { 0xd32d280e3ccd90f5L,0x91e87e9e7cb176bbL,0xb5a8a77f30f3973aL,
-        0x1f6389b465126792L,0xda9c26d978cd0d47L,0x5207f05eb2c99703L,
-        0xbd89f16910a3caaeL,0x79ecf9d1f547e27cL,0x000000000000005eL },
-      { 0x5a9846021ad57e4bL,0x29373c083b6dc43eL,0xadfe6bad320676e8L,
-        0xd4122508a6380857L,0xa83a74ecd1d1ad46L,0x98c04d58f1207f89L,
-        0x19948a9ec12d1d1fL,0xa3cf675347dae287L,0x00000000000001bdL } },
-    /* 55 << 49 */
-    { { 0x69a5518193a902f6L,0xdc736d4689ee0441L,0xea81c08bf0cc23a0L,
-        0x9a63c879a61c1beeL,0x9b8c27d1f2c2dedcL,0x14c7458b5f0dcf06L,
-        0xaf32ef31e8763a8aL,0x46821a538c0aa44cL,0x0000000000000108L },
-      { 0x0c7e06114965b20cL,0x69154474ce496d11L,0x964e6477e160f351L,
-        0x841083e9d6e4fb2fL,0x70640bc3c0e71fd2L,0xbed0bbf4db30ddc2L,
-        0x1b30d4d54c9e01f9L,0xc58137f9a143b3feL,0x000000000000017dL } },
-    /* 56 << 49 */
-    { { 0x32966f76bd667641L,0x7de72be5f0d579a6L,0x0a6ffafb81276712L,
-        0x0c76a2135e91a169L,0xeb960ed85f953cedL,0xaa5f7f8f0be111cdL,
-        0x2cd0b477911f59faL,0x059a70c6e5220a86L,0x00000000000000dbL },
-      { 0x16f99e8ba61c4277L,0x011745b656710251L,0x13cb7d19f1ef7ff2L,
-        0x2162edb414f0c0e0L,0xb0a459e867467a1cL,0x2cee2121248e6fc9L,
-        0x2ba236eb98142385L,0xbd7465c91e63fa6eL,0x00000000000000daL } },
-    /* 57 << 49 */
-    { { 0xed2afb1c966951c4L,0xd8fd93de5daeedf7L,0xe5fa9c4cc93d1c57L,
-        0x386b2c9bfaefcc9bL,0x4b59656fc59929c0L,0xce1d20e5eab86992L,
-        0x3c11b1a137676f63L,0x1a35c38f85420d79L,0x0000000000000171L },
-      { 0x8f88bb55620441abL,0x47af796eaf094865L,0x8888bcd9ef98fea4L,
-        0xc3f31342413e8555L,0xdfeb4b48c2b75c9dL,0xfd99c9a4a0c1d15fL,
-        0x94241431cefee2e3L,0xab9e1f0a23fd9b10L,0x0000000000000026L } },
-    /* 58 << 49 */
-    { { 0x25ccc78e776cdc28L,0x34bfe1407f0407e4L,0xfdb8fac8d9e8897dL,
-        0x49c0ddb3814ce374L,0x4c983cdc10173846L,0x9c4d4eff62108873L,
-        0x12fd9caa476f5b17L,0x8658c9a0731d2d9dL,0x0000000000000171L },
-      { 0x14b0aedbf23ff601L,0x632cfdc58f68ccdbL,0x8485d63227078299L,
-        0x1b83394f4856bb41L,0x5f905b4a04999398L,0x9645aee589030563L,
-        0x30ce56159f7c6eecL,0x53aa062997c9b6f4L,0x0000000000000182L } },
-    /* 59 << 49 */
-    { { 0xddcbdedee68e0fedL,0x99ccbf1f05063476L,0xb89a94876cb38f6eL,
-        0x3022a2323bc6e121L,0xbc4aed50fab2bc77L,0x46060acead728bfbL,
-        0x6c950f528b881519L,0x9c0edf597814d1f0L,0x0000000000000137L },
-      { 0x58b14d40d0e8fc6cL,0x5e61d01c942ae23dL,0x6bdbad564712f262L,
-        0x61fd6441155fe00bL,0x1ab1151ad617185cL,0xce8ea53c623a376fL,
-        0x5f0cac41c768b147L,0x1f5f832e22a26dbdL,0x00000000000000ceL } },
-    /* 60 << 49 */
-    { { 0xb9532a46e6ebc565L,0xde038371b7c6883fL,0xa934fd5002bbe9b7L,
-        0x4b82ec8ef3837d8bL,0xc00073fba5d11dfcL,0xae3a22c2dc5ac742L,
-        0x8adb521a73b3415aL,0xe0902743f43bd62bL,0x00000000000000dbL },
-      { 0x3cf82ff6173b48dbL,0xec4e00c39af49c1cL,0x786b4099b3a267e2L,
-        0x16e02a248820f967L,0xe0689ca4e4fc99deL,0x2a5f17575fbd3f1fL,
-        0xc0c02624ba0f38aeL,0x586ca28d58cae5dfL,0x00000000000001a5L } },
-    /* 61 << 49 */
-    { { 0x25b05b4ed1f10799L,0x76cd6f8bc800ad41L,0x13fb260460b2ab0dL,
-        0xf59f0cccd05a52c0L,0xb65218b0288de748L,0xc03f3f749f3e5ca5L,
-        0x777a1100abf69427L,0x69340a66f7b3528eL,0x00000000000000eaL },
-      { 0x1dcae8f5b7b29411L,0xa34600730dfea3c8L,0x13b469f258498ba4L,
-        0xdf838dd3bbab9202L,0x4dbec5fffe347b04L,0xb84fd1d91eac8f9bL,
-        0xe74760c46e283eb9L,0x7c24f5141a49e088L,0x000000000000008cL } },
-    /* 62 << 49 */
-    { { 0xb330cfe8ae5124acL,0x4205f06afb62311cL,0x21c0f9cbdf03f5d1L,
-        0x0f4d3d7709c90889L,0x970803101dc16211L,0xae129fff455f228eL,
-        0xb209416415043833L,0x95312756bac62236L,0x00000000000001b5L },
-      { 0x74af54c370d0fd85L,0x55862bd38d6ef975L,0x52ae68bcf7bdbbf6L,
-        0x92615cfc17424b12L,0x3711586fe21a24ccL,0xc0afbe33e3739cefL,
-        0x46f3ae0794c296afL,0xb16803df799e4152L,0x0000000000000031L } },
-    /* 63 << 49 */
-    { { 0x0e910ae76e30834dL,0xcc082cb386c72df4L,0x88a278b2b0dac2d3L,
-        0xddd107b085c2a06eL,0x7423df9623246789L,0xc10556841087702dL,
-        0x75cc98651081b21cL,0x5279c1a2e7f4c29aL,0x000000000000006aL },
-      { 0x0fcaa2f8953245b6L,0x828ab5a68cb75480L,0x06381dfffccbede4L,
-        0x0c3f8eae499f669cL,0xc6fe81f8f5dc5c99L,0xb5083730b4aae613L,
-        0x8d2038c777622821L,0x263228451f870cc7L,0x0000000000000179L } },
-    /* 64 << 49 */
-    { { 0xdeed672da38be841L,0xd62d42d762febdd5L,0x002aa47e2d4af6ffL,
-        0xdadcda955be24d99L,0x91ec05c46727939bL,0xe7535c591b7966d0L,
-        0x83d7f5f023c47893L,0x470bca4e2c4e6181L,0x000000000000010eL },
-      { 0xfe45f9698440535eL,0x240e6b2c49adab54L,0x61089282db726b76L,
-        0xcff3e30bfa643350L,0x3aafb169a7c01f88L,0x51923c30e0a5514dL,
-        0xc077936f3ccc700aL,0x23375769586f4854L,0x000000000000006eL } },
-    /* 0 << 56 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 56 */
-    { { 0x9aa53b475a714194L,0x01163dd86957d5ebL,0x5bd2c24f908f5929L,
-        0x87f519f4dbe42b0fL,0xff767379fb6b5ad4L,0x4d0f8bba9a193f28L,
-        0xf3c42bd0ee549d79L,0xbf851d3f825244faL,0x000000000000009bL },
-      { 0x825ffb609f78b57fL,0xd1913668e0f74b73L,0xf42a5b035468f89dL,
-        0xa2347499aacae46cL,0xc771e34cc85272e8L,0x295684c1d427d3a1L,
-        0xed749903433451dcL,0xb872072c0cbabbd4L,0x0000000000000049L } },
-    /* 2 << 56 */
-    { { 0xf98db50e8435735fL,0xeb51c34660bd7b77L,0x200adf1e996ef096L,
-        0xecac256b57b8d488L,0x889639b07e65ea9fL,0x4f763f7313a4a243L,
-        0x401c22a42957db01L,0x86cff8bc68eb751eL,0x00000000000001c7L },
-      { 0x1c0549ebe47805e9L,0x57716280b223b355L,0x69a29cf4db5c068bL,
-        0x63fb8a8c432af690L,0xdcbb94f97f36ebd6L,0x693983dd08609c4dL,
-        0x69875f98d458fa6eL,0x149758e81fff90b4L,0x00000000000001eeL } },
-    /* 3 << 56 */
-    { { 0x8452736310a0d011L,0x299e1cb30bbaddd0L,0xf5f3079b5294c956L,
-        0x9edd5fa24f0a3584L,0x764bb175641f1fe4L,0x0217a94a93b38db4L,
-        0x61c992b7e31e6fdbL,0xeb231629764cabecL,0x000000000000013bL },
-      { 0xbd3b12a4d2e8c15cL,0x8eef9b5d8accc1f1L,0xb931fbc752747252L,
-        0x8a7b86c7f9817befL,0xb52330ba584e1181L,0x9bc4926d25a0a0abL,
-        0x002feb9b89a625d7L,0x653946b5db41831aL,0x0000000000000061L } },
-    /* 4 << 56 */
-    { { 0xf1efe65befd91d43L,0xdd872fb0aa3323e3L,0xcb7c357901e9dd62L,
-        0x04677143cd97ebd7L,0x906eceb8806e055fL,0x334b997f2fd96082L,
-        0x41a732b0caaad051L,0xe1b97e125bc0500eL,0x000000000000008fL },
-      { 0xfc4e9baaa1bee510L,0x2b887e327d63c5f0L,0xcfb9c52eee6cad4eL,
-        0x596bb714b0b8dd96L,0x2db254c665f9a215L,0x000359bdd799749eL,
-        0xc4ecaf126d91b457L,0x8153709ebe4f02f6L,0x00000000000000c4L } },
-    /* 5 << 56 */
-    { { 0x2218489b09d9e2f2L,0x563769927f4fe3c0L,0x61e365211ed2b98eL,
-        0x166d671a178d242eL,0xb65381c97e8d39b6L,0xaefe583a82851b43L,
-        0x6caa4459a24a7af4L,0xb421380f5640d447L,0x00000000000000b5L },
-      { 0x706a413011d91549L,0x4214be92e3064f4aL,0xa7c3b7b8b7649258L,
-        0xa782e2fc71c05ddeL,0x0fa90ef683d30793L,0x1c77425b15dbd474L,
-        0x917cdb42fc0b16d8L,0x7ef5faf8c7bfa045L,0x00000000000000e9L } },
-    /* 6 << 56 */
-    { { 0x5b408946a60059ebL,0x0d707cc2a1e69f42L,0x9be262d3cddd4401L,
-        0x0c2d64bd01c14145L,0xcf8b305a27c198a5L,0xadccc32e05c03494L,
-        0x22e5f02b6c1de307L,0x2ae62bac48f43edfL,0x000000000000001cL },
-      { 0xb02341cd598a8ef6L,0x0e6041748456480aL,0x159e591932132353L,
-        0xe03d4f2c8b3a8a62L,0xd1190722f861d8f0L,0x59d3d3b6a37c89a2L,
-        0x07fb0e16a2987768L,0x5dd98e191da91a16L,0x00000000000000adL } },
-    /* 7 << 56 */
-    { { 0x09238de907ae5402L,0x14fce2b1444b8b61L,0x37ee7affbd0d2eadL,
-        0xecbc75de97804504L,0x343a5d1a3b5e5fd8L,0xbf806ee5a90dcf6bL,
-        0xd07f1054b2bf2a3dL,0x6f590326ed9fffe2L,0x00000000000001fbL },
-      { 0x9c42832de6198aabL,0x3eacd0ed475ec98dL,0x715b6aa8937ffe67L,
-        0x4b35d1e7891bffc8L,0xfad8af9cb36a8835L,0xa3a21d6f7b8f6f81L,
-        0x4faaf12e771c3b1cL,0x4e05313304fad4c8L,0x00000000000001f1L } },
-    /* 8 << 56 */
-    { { 0x7eecdfe4e541183aL,0x7b0dd2285aa8b868L,0x8d38cd0c1de22f71L,
-        0xa9ca796dbd2638c1L,0x1819373249e5ea36L,0x4fc5461729212b0fL,
-        0x4f3874d22debe3f7L,0x46499322cd4b02fbL,0x0000000000000015L },
-      { 0x7977cdaaa3bc23c0L,0x954aa6d88ba98676L,0x6b8471c793c7bf98L,
-        0xf8025a0b43c70437L,0x0aca0d09b1a8c71bL,0x9fb1d00b6fc48277L,
-        0x50bccc4ee312939bL,0x5aeaf55665e5df83L,0x00000000000001abL } },
-    /* 9 << 56 */
-    { { 0x296c4e5e4114124cL,0x8f760836d47c56bdL,0x9fda0a36f6758211L,
-        0x2bc5e75b36cd51bbL,0x32e6873f1bba9f2aL,0xed7a7c288e6c979aL,
-        0xbec902bb47cccd6cL,0xacf4c76c48dca66aL,0x0000000000000080L },
-      { 0x44a892f6355a975aL,0xbbd44a35bd1b1666L,0x6b49014ca612f865L,
-        0xcd50cbb36b81bd2eL,0xb25e204fc26beab6L,0xddcf6123f93fe188L,
-        0xa3c651667a980260L,0x87f09af9e19ae815L,0x00000000000000c5L } },
-    /* 10 << 56 */
-    { { 0x36fafde5fbbd4e98L,0xaf44b924868ff31bL,0x0281a7fa945ab6b9L,
-        0x2a4bc2c85323df28L,0x51959c042a3e0fb6L,0x6aba3103143c1a63L,
-        0x3a572db88876e600L,0x418cd1b4506efccfL,0x00000000000000b6L },
-      { 0xf121c2f9beeeb151L,0x69c65d11d76943abL,0x74063608addb71d4L,
-        0x072af1c6702d26b0L,0xe0fd470b473b6ef3L,0x765b0f46bc36697eL,
-        0xa24b34bcc6acd252L,0x0401f4521c3311e8L,0x00000000000001d2L } },
-    /* 11 << 56 */
-    { { 0x3f298d941c6a01eaL,0xb6ee6874dec1f22cL,0x189023ac496d5522L,
-        0xca543ecfc08a48c9L,0x240ca6a0a2db1ea9L,0xa591ef2e54492401L,
-        0x22027038344bcd0bL,0x34cb84596dc4ced7L,0x00000000000001dcL },
-      { 0xb5a949080414ed02L,0x8bddf24ba14739f7L,0xa788ab9679ac753bL,
-        0x754163a977fe2ff1L,0x49803f05af045bc3L,0xf482041842d13f83L,
-        0x9f86243cd7528fa3L,0x9b4c2abe08588f48L,0x0000000000000131L } },
-    /* 12 << 56 */
-    { { 0x34853c5d35da05aaL,0xedf100f6b15b5d6cL,0x1dc6e841d3da67b0L,
-        0xaa5d83f0310fd872L,0xa686fa787cfd885bL,0x297a0e48b09f9c96L,
-        0x9e899c7dfbd40e05L,0x2bfbaf44b9589b4bL,0x000000000000013dL },
-      { 0x937376913784f654L,0xaba39ee088f316f8L,0x7fc611358a3c3666L,
-        0x5a09da1f80a1fadeL,0xffd6018133651828L,0xc400cf569a7ac400L,
-        0x64fc091f665c4152L,0x8679f2d7c350f654L,0x00000000000001ecL } },
-    /* 13 << 56 */
-    { { 0x3af9dcd14473f37cL,0x7c31843080e36492L,0x5115486ac8d049ceL,
-        0x594ee800b10d6316L,0x3c9aec97f913f656L,0xc9b99ae4476865fdL,
-        0xf9a597f80fecfa86L,0x59313aafc2664276L,0x0000000000000020L },
-      { 0x431f1976e5a1239aL,0xb406a1eb58838d43L,0xc023f4698d681f4cL,
-        0x5f1dd612dcccc654L,0x9032c342434f82c6L,0x99bc4322c7965da3L,
-        0x8c2f2ce32745885eL,0x415ff1a86cf68162L,0x0000000000000009L } },
-    /* 14 << 56 */
-    { { 0xb10ff95e0e9132f1L,0xf49e33b7045c8800L,0xdf0314f4842d3bdcL,
-        0x55fb97a8f584e160L,0x0b923612e71c4d35L,0xdb8c2885ea2f1d23L,
-        0x514e37d7dff21f90L,0x0a0cbe3dfd2278ecL,0x0000000000000081L },
-      { 0x20daf0c8e84e328aL,0x9885850d6978f468L,0x8ffffeb098151489L,
-        0x5bb7fc177a0b4d73L,0xfc401e51706e036aL,0x7016943c64c94259L,
-        0xa8cdd03a570abcacL,0xb94b40df2520b74eL,0x0000000000000167L } },
-    /* 15 << 56 */
-    { { 0x41ec06596dd7d8c6L,0x8baeaeffb07d565dL,0x55f5138c26c9b544L,
-        0x975e212788825ee5L,0x90422ca7c1a092e0L,0xa03de4e8dbde0554L,
-        0xdf408882734e71a8L,0x80e01f63a10cc8e4L,0x0000000000000157L },
-      { 0x7b4e0e130a65cb93L,0x1f3e7faec1e49a1aL,0x1b12fdb3dd71b3f8L,
-        0x8d32d35f1253f42eL,0x38e09d674312f8b0L,0x9a727ebd4281b5ceL,
-        0x0002358abf211bc2L,0x46c3dba13e61916cL,0x000000000000003cL } },
-    /* 16 << 56 */
-    { { 0xbf2097b9414d9815L,0xfa0673b3cda66dfcL,0x8c775677193b17b0L,
-        0x07c8dbf6c5387e9aL,0x141de69d4c5da984L,0xf0650ac806a8b133L,
-        0xadd766eed2b258c4L,0xa6f4276396303678L,0x00000000000001daL },
-      { 0xcdbf1daa39c8824bL,0xf8f2cd8c5638cb0cL,0xd966c8e9b6d33286L,
-        0xe4b63ef8c1331e1fL,0xac72d8e3fb5f843eL,0x110d0d4a8ff6b4b6L,
-        0x0067fe1eacd5cf3bL,0x5eaae5b321c1e826L,0x0000000000000068L } },
-    /* 17 << 56 */
-    { { 0x3c2cc8401217a97cL,0xb50bb1f3c1c919f8L,0x5becdaec4470c37eL,
-        0x378cab9bceb1fbb9L,0x04563e25cc95f3f6L,0xae040e389d4a2100L,
-        0xe66969915950151bL,0xa855c542c36aef82L,0x00000000000001e5L },
-      { 0xe5c950666cd47003L,0xc602fbe4b6bae5a9L,0xacce809c76110dd2L,
-        0x757b37d9047a58c6L,0x58c9dc97ef3e68d5L,0xa2dc7d9012714826L,
-        0xad4e0ba11fbf2747L,0xe710d91de5af3928L,0x0000000000000084L } },
-    /* 18 << 56 */
-    { { 0xd79cd3bc6e819754L,0x7c18ef6a8809e3d0L,0x29468b115c990dd5L,
-        0xed6cf22a8be7c0b6L,0xb62cab9a75ff6d61L,0x035cfbcc46116fc2L,
-        0xc375d3ffcb5139a8L,0x9fab6a6207bedcb9L,0x00000000000001e9L },
-      { 0x0b07578f9d888066L,0x9438e828693b78fdL,0x046f159b622825fbL,
-        0x00125b1e0a349677L,0x408d9c746d8e1d12L,0x4e46f3fed0358225L,
-        0x63dd41bff4448e2fL,0xc87ae9f74d54acc2L,0x00000000000000a1L } },
-    /* 19 << 56 */
-    { { 0xca6d413b739aac79L,0x5ca8d0f0cf84b822L,0x6ea753d2490fbae0L,
-        0xd02d641bf68588dbL,0xdcf9aa5b12a69358L,0x3b3d2093c00dcf36L,
-        0xaef49dbc3556af94L,0xd878e02a7ad78427L,0x00000000000001a4L },
-      { 0x8f65cdc927f5b36dL,0x968c84e51ec6669aL,0x3a412c9d99424d9cL,
-        0xbdda9213690b435fL,0x00899ee877958c53L,0x64032787de5424aaL,
-        0x6d3df87b4261056aL,0x556eb68e62019e38L,0x0000000000000015L } },
-    /* 20 << 56 */
-    { { 0x797062240d893addL,0x73be154c32ee77caL,0x462c16d2021f4043L,
-        0xe593ff234c08fc6dL,0xb17e52f03b138c7bL,0xa8ab2ad5e5fbe9bfL,
-        0xcf64eafcb597ce57L,0x83743f38f970be21L,0x00000000000000fcL },
-      { 0x6013ab2614c70201L,0x0c69287d9ebefca5L,0x255e3927d7113008L,
-        0x5077b04f4d7558a5L,0x85c914fda5be2217L,0xc44bb4136d336d7bL,
-        0x84a4f0027728a6a9L,0x9c83da4f0040ca25L,0x00000000000001bbL } },
-    /* 21 << 56 */
-    { { 0x3757eb12813cd071L,0xe2c5e0702f18fb8aL,0x3dfd08305f451a83L,
-        0x91e430441b09aef4L,0x0b8493b2153d6dfbL,0xe5cb9f878aa9de2fL,
-        0x5f4136b67e86e730L,0xde3b214ff8007c7dL,0x00000000000001b1L },
-      { 0x6f3d65ebaa289400L,0x2937901f23fc2f30L,0x208a45403c97ad38L,
-        0x496fdaf41d956449L,0x68d7b49d7b70e243L,0x1fe890dbad43f7c8L,
-        0x6d5d15b6fb734683L,0xd8cace1d2636aeecL,0x000000000000007aL } },
-    /* 22 << 56 */
-    { { 0xa221c321cfb59cc5L,0x54e6a28dd152e86fL,0xbe574fad4c73e2cdL,
-        0x66a16063a28c6a34L,0x9d051f2ba6bf4e33L,0x6f6e57f0efef1f7bL,
-        0x9f8530c7266ea965L,0xde64f62ffc3c5ce8L,0x000000000000016bL },
-      { 0x101e26f9e249ae6eL,0x64b186185ccd4bd7L,0xbbe43dbfa725469eL,
-        0x2a13bcaf3c77a158L,0x3f52b1d45196b990L,0x5d3d31009643175cL,
-        0x0c45dd2949e58e34L,0x2376457f0c9272d1L,0x00000000000000e2L } },
-    /* 23 << 56 */
-    { { 0x1aa1200038b3205cL,0x76e66ea19d58cca0L,0x80c79ada0cc03958L,
-        0x81bc2b5e01351773L,0xd3728abfbb0e9fe5L,0xf5ab4fb5c491587dL,
-        0x87338eb582fd5606L,0xf6347c4826c78494L,0x000000000000001bL },
-      { 0x8a791f669efdfe9aL,0x755e8267e727d49bL,0xa3099a447992d40bL,
-        0xef46bdb01d15a101L,0x559174a23c94ac49L,0x584f8051ea2c9e4dL,
-        0xf4e16886bf84b50cL,0xff78f54b1b77ee46L,0x0000000000000074L } },
-    /* 24 << 56 */
-    { { 0x7ac3de5ca9041d75L,0xf644635482759efdL,0xab1b9f174ade5840L,
-        0xeee52981b8197804L,0x46000cbe38c3a5f5L,0x88230b1626431a41L,
-        0xe28d80f67766d1fbL,0x2e75ed96eb167421L,0x00000000000000dcL },
-      { 0xc2e83c5b0e7b8b33L,0x1066058ce284acc3L,0xaf2f0891593a5571L,
-        0xdc3b9416f48d96e4L,0xb290b6d07c9c6be2L,0x52eb2fde7c9039b2L,
-        0x3eb91e6fb68324a8L,0xb30518e936711c4dL,0x0000000000000015L } },
-    /* 25 << 56 */
-    { { 0x2d009d1f7e81379fL,0x1186c036eeb29927L,0x9c5dd22a91b3998bL,
-        0xb6592abfab377cabL,0x244093f60dcb585eL,0xa4aab53d2afe72b1L,
-        0xcb3555cdbf6a94fbL,0x4fb141b4a362f98cL,0x00000000000000f8L },
-      { 0x4a846565f7b37ee8L,0x951a4ede2449b8c8L,0xd0207baa5b7a7cadL,
-        0xf6d4d8d91d81b91bL,0x92e4989362f348efL,0x2d1344480ce09f2aL,
-        0x1d44afc329e7a94fL,0xd86cd0c3d2df7d47L,0x0000000000000005L } },
-    /* 26 << 56 */
-    { { 0xbed09ef139dafe80L,0x29280156660a6824L,0x44826c00399c500dL,
-        0x62a0b9bc916333c5L,0xf8e99a122f328b47L,0x5399ea024bc286c4L,
-        0x41c108bcc314dc67L,0x84028e33144199b5L,0x00000000000000deL },
-      { 0xdc9acfdf38f3e37fL,0xd25f15a1b6ebf57aL,0xb8cf0e9228aaf7a7L,
-        0x3e4b2657ebf0dd9cL,0x47c13b14898b9c60L,0xb86aa4de88315b53L,
-        0x3c922479502a03e7L,0x12a71062d5664fb1L,0x0000000000000002L } },
-    /* 27 << 56 */
-    { { 0x0888c3373a129502L,0x58221c2e5b441f44L,0x492f61b92730c69bL,
-        0x9ec3c2d586c89b52L,0x6c5376a2036b0dddL,0x324072e8e30189f7L,
-        0x9627871a8f6dcce8L,0x2affe689f14c2a67L,0x00000000000001efL },
-      { 0x7a6891020deb1c93L,0x4adb5b63d03180c0L,0xac46e5de2dab3606L,
-        0x2cdcc3e0f809e0c3L,0x5eac59fbb6bcf717L,0xec49aba1d98d62edL,
-        0x2c547f2b9cbb81b3L,0xfc3afcf962672e3aL,0x00000000000001a1L } },
-    /* 28 << 56 */
-    { { 0x56b5f75c7925dc46L,0xfa149311dd8ca6dcL,0xfca42ef910155bddL,
-        0x661b558ac2779509L,0x330257621f4fc11dL,0x00a4a692ba594d25L,
-        0x384f36c67892fe4eL,0x3559163a4b3bd1d1L,0x000000000000007aL },
-      { 0x6e75533a4dc7b82eL,0xef9a1ec584f65759L,0x3b6598970198445eL,
-        0xc1635aefa87878e8L,0xcded2de7b779f2fcL,0xbcce07ca79b30a66L,
-        0x784f05e143cc83b7L,0x18fb4648ebaf4810L,0x0000000000000118L } },
-    /* 29 << 56 */
-    { { 0x21cca143a0849267L,0xdb3c09476150ab19L,0x913aed807d17af24L,
-        0xb9d184be112ef198L,0x51e8658a87ad4afeL,0x3af8395f440d7c27L,
-        0xaa056c70a4538d3aL,0xd32da7d8fb38fbd0L,0x00000000000000ceL },
-      { 0xdd19261f7df2749cL,0x3d136e087f22ce77L,0x824d05c2e8e2900cL,
-        0xbb9952149c7ed67cL,0x3d3500c36d5ca1e6L,0x3c05e9faa07cb4afL,
-        0x3cdab734d4dc2a66L,0x8f0dbd5f524a3016L,0x00000000000001afL } },
-    /* 30 << 56 */
-    { { 0xde0a68bcc944ad6cL,0x5789ad9ef6a7c9ceL,0x5bd83d19ff4935c8L,
-        0xa976293acf267a19L,0x04552718f1aef41eL,0xd87c58e4cdccd277L,
-        0xd5d18bf72542f5a7L,0xb41bcf033a6a2a8eL,0x0000000000000086L },
-      { 0x21e495d3188aeb3aL,0x158ee1fff0ac6ef0L,0x18e6446f09c4dffeL,
-        0x82fc447d9c1afb5aL,0x84595eeeace56f3dL,0x94f6edfe590928aaL,
-        0x2b0c90f9b997105cL,0x71ba70da5d064ab3L,0x000000000000016dL } },
-    /* 31 << 56 */
-    { { 0x6ce8c00009abc364L,0x4ec14c04f010a407L,0x45e5c5da8c10a618L,
-        0x91bbf4e4ca43655bL,0x171e65a9b62c2cf9L,0xdb1915f3821cd7faL,
-        0x75cf2fe3e5acbc70L,0x46e005431959d2b8L,0x00000000000000ecL },
-      { 0x2a339ea5cc146e5eL,0x0d4b69e30a693102L,0x7b2707c6610642e3L,
-        0x5ed9f43767880ecfL,0xfa1b6091b769708aL,0xba717e325aa5501bL,
-        0x6833adaf1c963c7dL,0xc66016586e445c3bL,0x00000000000000f4L } },
-    /* 32 << 56 */
-    { { 0x9917e8cc2c863225L,0xe627d938dff7a5fcL,0x62017450d3c9fa85L,
-        0x30453775ce2573f1L,0xcaaa02c343e3b41cL,0xf541c0065901e5ffL,
-        0x78ec0e91e163aa77L,0x1cfd0693f446bf70L,0x000000000000009bL },
-      { 0x82aeb71678063f41L,0xc442f8a7861c6782L,0xccfbc9f3f28b51f4L,
-        0x92a5f71127335516L,0xdb6dc76e23578ef8L,0x365972b3cfc25f57L,
-        0x0dc48630afd7fcb4L,0xccd4f3de87ea6884L,0x00000000000001b4L } },
-    /* 33 << 56 */
-    { { 0x0cba78e07f180ae5L,0x651f442380de7820L,0xd2280fe6fdcee178L,
-        0x0398d592f0604b17L,0x719a56a516c5f918L,0x521773981ba15826L,
-        0x73e7c994b4cc167eL,0x46116f5351fc4cb9L,0x00000000000001a0L },
-      { 0x39eb2793fe76f997L,0xae5381c07344404aL,0xbdb170ea3a99ef88L,
-        0x4b807687b9364627L,0xda38d1e6010cb096L,0x7a26ade40e9e8c32L,
-        0xdba2bc77b15795a0L,0x4a4ef3a9e390b4ccL,0x0000000000000107L } },
-    /* 34 << 56 */
-    { { 0xb822040321dd5804L,0xc94d9465a3678e1aL,0xd4f146062c4bff3bL,
-        0xcd466a747b9ebea0L,0x2b6ea1b11a3915eeL,0xbfe9fa8d4c9d25b1L,
-        0x5acc811179c0b546L,0xc015bce832ae8d9fL,0x0000000000000199L },
-      { 0xb1b1a996c5d68750L,0x0e3f7bd1a3119441L,0xac55b06d80de3e62L,
-        0x1901ae921cb02517L,0xbb05723529251d65L,0x84ab8976f8de5e88L,
-        0x8b0306a18a2a5ceaL,0x9ff34fa9b109a4f7L,0x00000000000001c1L } },
-    /* 35 << 56 */
-    { { 0x8b2cc329e83b40b2L,0xd03981d20af83376L,0x223bb252aa06f709L,
-        0x98fdf150d0ed1e1fL,0x7197d38267248d5fL,0xc87c56c008a30dffL,
-        0xad81ab335715c061L,0xb4c884e24a323524L,0x0000000000000122L },
-      { 0x715113b529703ca5L,0xb22e290ccedaf9ddL,0x627021563b1af469L,
-        0xe0bade40092e1c63L,0x1e7acfe15a88c7d1L,0xcdc94e4fb93c02c6L,
-        0x8053412b444075f9L,0x73d22f8ea1d504feL,0x00000000000001a2L } },
-    /* 36 << 56 */
-    { { 0x36a54e320063e3a7L,0xb6ab589b2e92d11dL,0x8472d62cadfa6a1aL,
-        0x57c611004799cceaL,0x7643922d8a3d93afL,0x55c52a1e7e3deed7L,
-        0xa0399845e3d1e892L,0xe9e618c644708214L,0x0000000000000035L },
-      { 0x0f929bf6c945e0b5L,0xbf9d77efcd8bcf03L,0xdb81f7486f13964cL,
-        0xad6fc6071da1d2d6L,0x658cbe0e689fa23dL,0xaaa75375cf636410L,
-        0x5c69a9f55f5e58b8L,0x518fcdbee31fb8a4L,0x00000000000001d3L } },
-    /* 37 << 56 */
-    { { 0xe2ad01a012b9d5abL,0xa94dc3c22971085bL,0x6355e2e3013db1cbL,
-        0x91e8f97c89904bc7L,0x4f79feeb5e230144L,0xafa43327cbf85425L,
-        0xc3326b4bd442e79dL,0x696348b814e996efL,0x0000000000000040L },
-      { 0x4a58ba810613928eL,0xd30d25defaff6e4cL,0x6ad322500b0b681dL,
-        0x79e4e5c4e8c851fdL,0xc90a7058e2a3530aL,0xe2f77504052a52a5L,
-        0xe34ab1ae2475a042L,0x9cef5db6ac963f34L,0x00000000000001d1L } },
-    /* 38 << 56 */
-    { { 0x0b472c43ecfb80deL,0xb75578188d5196f0L,0x30b9f8aeed8ed1caL,
-        0xa918b126b15b2bdfL,0xe178db2f9514c041L,0xeb5a0fde8071a8e0L,
-        0x21a6b6aaa6e3fbd0L,0xcde45edad9a740a3L,0x0000000000000193L },
-      { 0x6ce6ff4ec84efc29L,0xf7196b6a7acbfc4aL,0x5738f1534c99adcbL,
-        0x0f8d6be935bb6865L,0xaed7c338f140328fL,0x3ca7470417870fb8L,
-        0x09445978820d213cL,0x35cabb29e28e0ea3L,0x00000000000000f6L } },
-    /* 39 << 56 */
-    { { 0xb78f9b1e46e1e6d1L,0x2ed415ee865fb220L,0x3360c23105fb6fb4L,
-        0xd9e41dc9b4123875L,0x850bc64de51cfcb3L,0x5a4028277fb29e1cL,
-        0xa819c1459a1fd35dL,0x8963c9145adf53f3L,0x0000000000000096L },
-      { 0x351539579dc592daL,0xced12343842c7d44L,0x45e5c8029b3ca1dfL,
-        0x93fc7aba55fca7dfL,0xcb44a2f1565bfe7dL,0xeab3c41a6a6d828eL,
-        0x832aaaf0b3280533L,0xc36ebe30002f19ecL,0x000000000000006dL } },
-    /* 40 << 56 */
-    { { 0xbfe65b92256f11aeL,0x41a8ca150644ccdbL,0xe72c186365b6247eL,
-        0xe9f2d3429527c44dL,0xf6db950dd064e99eL,0x02e75e2bfa7900bfL,
-        0x159712c560f397f2L,0x26eb5985287407e1L,0x0000000000000159L },
-      { 0x252ae5169ac237efL,0xf57b24855909b88eL,0x78c4a6859abf3888L,
-        0x0e57276f7fbe4495L,0xb9f442a4dad1dd50L,0x20323a507183d2d5L,
-        0x1e676b45da92af11L,0x175b3098b5f33ca3L,0x000000000000015cL } },
-    /* 41 << 56 */
-    { { 0x942771e527b66afcL,0x5a76b2fdd50f0efaL,0x299b8398f6f37575L,
-        0xb9e442799d7b0cb0L,0x7962c682564cf210L,0x70aea74fa2ec8efdL,
-        0x7ebb28461b348292L,0x40b56fbf19dcd6d3L,0x00000000000001d7L },
-      { 0xe4ff5d4aa08f1cb4L,0xfdce86fb3ff162ccL,0x995a1749d9c055c8L,
-        0x5be6cef5e3361d50L,0xda779c62528fda04L,0x0264ede22f552d58L,
-        0x28357e96ad3823aeL,0xc574b6220958846aL,0x00000000000001cdL } },
-    /* 42 << 56 */
-    { { 0x4d949b43a2192eb6L,0xd0de4a428ff40937L,0xe301c8c698fc090bL,
-        0x2165e3123a1432b5L,0x30a1e1eb1a548d24L,0xb66c9f969ea5f18aL,
-        0x28de679479bd7860L,0xad6af8cee995d105L,0x000000000000017eL },
-      { 0xe62d25e80f66e7fbL,0xeb2b047e88130c02L,0xe5efabe5f80b2318L,
-        0xba1f6034e02a6606L,0xe48ec52ac80eff69L,0xd8b89963cd47e665L,
-        0x2694fa9e78df8006L,0xd934e06fdc90bb92L,0x0000000000000104L } },
-    /* 43 << 56 */
-    { { 0xbdc431c9ad266526L,0xbcd5379c9e6ba1ebL,0xd8fc65f5826ce26aL,
-        0x507c025156e89a30L,0x8ec5b4caece29675L,0xdd420cc204892288L,
-        0x918fb43e1582ffe4L,0xa3d0b98215ec5417L,0x000000000000016aL },
-      { 0xdeecb7356e2a93d2L,0x9def735bd30c86b8L,0xe0df13b92ae8f100L,
-        0xd9f31ccf470824c5L,0xe80be73073dd956fL,0xe807bc69658cc359L,
-        0xb8739dedee8aacc3L,0x55c2bcac185d5debL,0x0000000000000123L } },
-    /* 44 << 56 */
-    { { 0x62044fa7be3ae5f4L,0x5d17023b9ee07956L,0xb01411700a1c53ceL,
-        0x390aa024b633da2bL,0xad7f59f5895bf18aL,0x3124a23cb468fe0cL,
-        0x92ca9da8b12aa6f9L,0x25147c19ebb5363aL,0x0000000000000022L },
-      { 0x900b43421dab5723L,0x0e396b3038ee6d5aL,0x1d3fd7ae1561252dL,
-        0xd169e474281a619eL,0xf25b8b97bef82d20L,0xa77f259526ffd23aL,
-        0xc4075d3659107aa9L,0x4989a721e23d327cL,0x0000000000000043L } },
-    /* 45 << 56 */
-    { { 0xeb1574d03f710952L,0x9657aa2874526b72L,0x7076e904776a3edcL,
-        0x83f624e2036e6cf0L,0x270d20bab0e58a2cL,0xef81f06d5199fb54L,
-        0x50f81b5e9ba0b9d1L,0x14e233d537d9444cL,0x00000000000001f7L },
-      { 0x9ff63f3750de8a6dL,0x714682f14a57ccbaL,0xb16d90f38d6253f0L,
-        0x2690aca4f1fb2279L,0x5c8e1c463fcd9343L,0x1f2f4c3f2b43dfd0L,
-        0x9deb00529b4e03c0L,0x75061f03526d24e6L,0x00000000000000bfL } },
-    /* 46 << 56 */
-    { { 0xe2ca98a649f1acc8L,0xb46de54a52116d8bL,0xc5be41266f108234L,
-        0xb5e07998003f2803L,0xe387c00379eff438L,0x4c0287daef9ad35cL,
-        0x0a8181cbd85d5441L,0x70ca63cfe9926489L,0x00000000000001e7L },
-      { 0xdc2fe75c91ae2059L,0x4e23a3c7eb458c3aL,0x02922886913edb61L,
-        0x66549c892805c886L,0x599148224b1cc49dL,0x3326135d3790bfbbL,
-        0xaa62b1535b40d61aL,0x06f704773550a984L,0x000000000000011bL } },
-    /* 47 << 56 */
-    { { 0x23c79b50ac79f04dL,0x96ace814167f28e0L,0x5644752c2d99e5a8L,
-        0x28bfad59c099f81eL,0x27250746e9970582L,0x210db573f528c364L,
-        0x5b59afc5e8f782d5L,0x402269fb05ace43fL,0x000000000000018eL },
-      { 0x1f133f478b618330L,0xb691d541312582e0L,0xf40d84c8a3f64f94L,
-        0xb2ed7ae2d60b793aL,0x0b604ad005a966ceL,0x12809a7526260877L,
-        0x1248f6b2686c8bcbL,0x4eea6c43474eb54dL,0x0000000000000045L } },
-    /* 48 << 56 */
-    { { 0xc1d7001b26e22b52L,0xb4b208962825905dL,0xa064fdcde739e7beL,
-        0x83bfa334f2d62d9aL,0xa2baf3892758b810L,0x3a88f2e4ebd64633L,
-        0xd621be3476dfd697L,0x7168c0779f4a85c3L,0x000000000000017eL },
-      { 0x5b8f06f520f8f0eaL,0x95e44505cfacfc46L,0xe20192bd787844b5L,
-        0x316468c44a04adc2L,0x30d71497d6774463L,0x7c826a925a606a2dL,
-        0x22abadf981ba512eL,0xeb15b45fce26365cL,0x0000000000000146L } },
-    /* 49 << 56 */
-    { { 0xb9887fcaf7bbbaf0L,0xf0826aeca4ce1d88L,0x4d62ea62c4f7965fL,
-        0x06f15abe449e26f1L,0xc18e11f2b31e5238L,0xf8b93bbc1af9d49aL,
-        0xcd0a8fb808d073aeL,0x4b51841540d4dd9fL,0x00000000000001e8L },
-      { 0x7374840c30998d71L,0x589382d436ccc41aL,0x9ca23a60306c2184L,
-        0x176eee48b753b87fL,0x434f008845478462L,0x3fb180f1636c669aL,
-        0x558742218a7ad6a7L,0x8abfe4a668f8bf1aL,0x000000000000015dL } },
-    /* 50 << 56 */
-    { { 0xd232ef02f6009ce1L,0x33e196f312d0c06cL,0x61b889c3d37ab4c6L,
-        0x6994c1271c3a216cL,0x50bff9f8aecf084eL,0x7d2e7c71fa0d3536L,
-        0x4d0c3a44f42e86b3L,0x42a1cf960b3e7d90L,0x00000000000001b1L },
-      { 0x6bfc53d7f9bec891L,0x0969a0d9708ecba2L,0x57d04efe31b7bc78L,
-        0x7ebd3fd128efd902L,0xa9cfa0e9fd6e7da3L,0x39fae95964c474b3L,
-        0x6549f29eb68d9f5cL,0x3c570ecc13f84c68L,0x0000000000000060L } },
-    /* 51 << 56 */
-    { { 0xbf9a21ef1634ceebL,0xb16b78a414c68429L,0x7ff643a098fb371eL,
-        0xc733a0a42e44c567L,0x24e633f2d310aee6L,0x3ce8bdb316e3c03bL,
-        0x3ed7a15b662d44e8L,0xa81ea8e22329d421L,0x000000000000000bL },
-      { 0x28405c80d6491d1dL,0x6ac0cea7e069e536L,0x6d6d4d3e7e67cf0bL,
-        0x889fe753240ea8e9L,0xcbbf7c5b0a89ac1dL,0x1dd88ea1a2477925L,
-        0xefd5f0e148e2e534L,0xaf56b1c5af3ff0e0L,0x000000000000003bL } },
-    /* 52 << 56 */
-    { { 0x02d6a09b39435d76L,0x14607c4033261f8fL,0xb7bbc6828cfa6714L,
-        0x24891fac3486f8c5L,0x940f9bea8592cea5L,0x20d420065230ad37L,
-        0x3bff94e036b6e919L,0x596fec36468065a8L,0x0000000000000163L },
-      { 0x1836fecec86ba807L,0xe1f9af2970ec6073L,0x51b5a102f4de5c91L,
-        0x0108f1ed8eed7ffdL,0x22569348f45657d1L,0x59b9601720dbe0b7L,
-        0xa90e49237730150eL,0x477531f6182fbcc7L,0x0000000000000106L } },
-    /* 53 << 56 */
-    { { 0x4e73f4eea189246bL,0xf9fecdedca87ad2dL,0x207ec7d5e2e3d505L,
-        0xf37313baff1083e2L,0x16c97e9761bd24c3L,0x89474bb93845239dL,
-        0xca1c54f442bcd760L,0x20cae9061413c906L,0x00000000000001f9L },
-      { 0xa2333077c7397651L,0x5c211fa519423669L,0x559cd47daed32353L,
-        0xadff408bedc217ebL,0x40cf1b33123dc0f4L,0x839ce0897e4a35f4L,
-        0xff76ddbefb7762b1L,0xe8e61888a4957ad5L,0x0000000000000130L } },
-    /* 54 << 56 */
-    { { 0x591de5c6362c4edeL,0x39aa3a8cf936a410L,0x471d9875f45a68eeL,
-        0xab848bf26417283dL,0x3930f64c17395a6aL,0x46c2c2ecd5c088c5L,
-        0xc82eea0217d1685dL,0xd2578ceff9e81418L,0x000000000000000eL },
-      { 0xd203425d8941c18dL,0xebbd3e9aa73385c8L,0x13b2699de2650901L,
-        0x021e79314a90be3cL,0x6af0b6e9e7819b93L,0x2eb061baaa10e875L,
-        0xdab14c0d7d693ff1L,0x23a83afc0f7ce5e2L,0x0000000000000139L } },
-    /* 55 << 56 */
-    { { 0x3415bc0daddd94aeL,0xb6da870e206a5091L,0x383aebe8951ecb36L,
-        0xe2381acfc3cc4b83L,0x2c57fcd46077da9fL,0xec27dce3cdc2bfa4L,
-        0x5fa457d7ac74831bL,0x70929b9d873146d5L,0x00000000000001f3L },
-      { 0x2898bc157ff3cfb0L,0x933c69db1b1cd249L,0x21dab0321a6a3715L,
-        0x06e0bc6b6ced718aL,0x93052d3510328c54L,0x8cc2fac1d73c7c80L,
-        0xcd2b155686936113L,0x458e24e07668b2bdL,0x0000000000000168L } },
-    /* 56 << 56 */
-    { { 0x5ac4879b41fa2753L,0x2b60d3a8345073f1L,0xe2046eb872eac59bL,
-        0xf480bccdf197df4cL,0x326cfce9578d9371L,0x15c3eff387f19540L,
-        0xf5d1f2f62d76b437L,0xaa3b9f284a2d837fL,0x000000000000004fL },
-      { 0x3bb0f06972915337L,0x3514f6f95f8295faL,0x1dcca7e3156a036bL,
-        0x68d2d0615d48ae2eL,0xb5731bd212ac786bL,0x4015ce122bd726a6L,
-        0xd3b325b52f972524L,0xad89e2c715ca38b8L,0x00000000000001dfL } },
-    /* 57 << 56 */
-    { { 0x80f3752746ba3374L,0x17c3915a76b9250cL,0xa81ef86e5641a4faL,
-        0xdb65b01ec2e3b903L,0x46b79c9acbaa007dL,0xf96657aafa03f7d5L,
-        0x39c73fbcba538237L,0xe95777559318c4a9L,0x0000000000000063L },
-      { 0x78d1e0b2fb143ab2L,0x93fa7bf4cac9457fL,0x316cc8b62c49a2ceL,
-        0x5aabc3b2f41cd892L,0xeee80db1bc9a08faL,0xfb07f5c1b59f1a2eL,
-        0x1d1ae1622a1ae2cdL,0xfb1c023c3b5e28b2L,0x00000000000001a0L } },
-    /* 58 << 56 */
-    { { 0x57e6838723bbb10bL,0xce43b3fbe2d50c09L,0xf1dfd466de95334dL,
-        0xd33833ab00568c70L,0x3b07afa03dce59d5L,0xe06155f041d46076L,
-        0x66345e81ec062903L,0x35831a3a7d9d7c58L,0x00000000000000c9L },
-      { 0xcfc25d2564cfcde7L,0xb06f5dce33ced182L,0xe4c9634dd03004a1L,
-        0xfb6ff3a0ae1218d2L,0xd789018b67a58246L,0xecb1e40866957bbcL,
-        0x905b08ad2c29f673L,0xb1a3289d3755ffdaL,0x00000000000001e7L } },
-    /* 59 << 56 */
-    { { 0xdb31fac07977f851L,0x94f0265d50bac93fL,0x112b3aa3de5cc643L,
-        0xbd801c10091773b4L,0xd39349f406356000L,0xb6d10739951a5fccL,
-        0x67c4c2a346a64c7aL,0xbbff71099b914860L,0x00000000000001c0L },
-      { 0x3bfe3e8b848ac957L,0x05211d3b5389375fL,0xeb0bc5c75c156ba0L,
-        0x08d24e2a1a7a553dL,0xfa0cc235b328cb81L,0x782a58dc91f27c34L,
-        0x149da3fa1cdf0ee6L,0xdab41dcbf1d7c685L,0x000000000000013eL } },
-    /* 60 << 56 */
-    { { 0x468816bf0e4b804cL,0xe3c85f32cf84abe3L,0xf2a460f32a6e257bL,
-        0xfd519486a6979e17L,0xbc722a3681e12915L,0x43285362e2965c8bL,
-        0xeb684e297dd12eb2L,0xcf0b3d2c51940f61L,0x00000000000000b5L },
-      { 0xa9d02d65f2905443L,0xf19253da29be718dL,0x6fbe038204a5ffafL,
-        0xd4d42b3a5466364eL,0xf2575aeb4fb8b934L,0x56a35ffa88dd5475L,
-        0x894d296f67b692e6L,0x50e6c388fb45781eL,0x000000000000018eL } },
-    /* 61 << 56 */
-    { { 0x352429236de91b7fL,0xe73222409cc8a649L,0xee8e66a463b2941eL,
-        0xc8bd62c66e2c9a28L,0x3e82ac1bc43d158cL,0x2eb41b3b9be8efd0L,
-        0x551eec869d585174L,0x258c356317ccd162L,0x00000000000001e4L },
-      { 0xe63ed8577a7d717aL,0x0f09b874c207eb1fL,0xbb94042c0ecdee46L,
-        0xd08478728f418f3dL,0x3eab958e700177deL,0xc326a47822aea03dL,
-        0x22d01a0f37ccd3d3L,0x0bbe9ef8f9dda412L,0x0000000000000140L } },
-    /* 62 << 56 */
-    { { 0x0c949e8cc853e7e9L,0x52feaad8231a9c75L,0x382cfee233fddf9dL,
-        0xc6b412401b081917L,0xbb2af113a5800aceL,0x203d3b3f62a15a88L,
-        0x174b2602c32d6121L,0x32bc39cfd9a93228L,0x00000000000001f5L },
-      { 0xf13bf17ed40e0765L,0xc54f2409c1eda9b9L,0xe824c8805d92029bL,
-        0x43d79cbb1e13c2d3L,0x4b8b896c14d20cb3L,0x3c32a0d82559daa6L,
-        0xdd2321a03cfe4976L,0x6dc9b1af4fd3ecceL,0x0000000000000024L } },
-    /* 63 << 56 */
-    { { 0x0b7ce8de2ef7874bL,0x7b4bfaa070157203L,0x4b6f5fcb1af1491eL,
-        0xc0b9acac1e572d0dL,0xe4012cfb1d5fcf38L,0x80f2e86c0a1993d1L,
-        0x4c7ae53b9d2105deL,0xabfc15200cf27789L,0x00000000000001f9L },
-      { 0xb62c40f483f73444L,0xd3306a87826409c7L,0x9f04fded3ab05940L,
-        0x3d7534fb2d9db0f9L,0xe36a557d5f5bff91L,0x3c009b9826b33300L,
-        0xfee7231232a9d384L,0x1d83185a7c1210c0L,0x00000000000000b4L } },
-    /* 64 << 56 */
-    { { 0x72f88bd2a3b42a3eL,0x7cca9272c8287e7aL,0x527c4a5caad93849L,
-        0xfb481c75da6615c2L,0x27ce59bf042b3497L,0x70b3fea29ef62e76L,
-        0x025ecfc40d097f4bL,0x5ef137da607f9d21L,0x0000000000000053L },
-      { 0x3295047616741f79L,0xeaac9e23a4e120e4L,0xe15f333776f4fe2fL,
-        0xac402f2d8028f30fL,0x87a6b88b99c4b4d3L,0xfedd124cb0866e18L,
-        0x07c5d4334aa80397L,0xafdfa6830961d56aL,0x00000000000000a6L } },
-    /* 0 << 63 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 63 */
-    { { 0x1f70b2980af43bd4L,0x9351c3c2d13901f9L,0xf702c613845ea55bL,
-        0x892be0152c193388L,0x485c40141e6adb21L,0xf394d50e9296f310L,
-        0xda5872dfb9ab0f6fL,0xa10bd887f5d389aeL,0x00000000000001c6L },
-      { 0xe268935dc8f44c3cL,0xaa7e595bfa72991bL,0x78c2a8e39bf7d8ceL,
-        0x0caadde13b655948L,0xd9444be5c080228cL,0x4990733bf651b425L,
-        0x7513085102578b0fL,0x5c375bb3c5635719L,0x00000000000000d6L } },
-    /* 2 << 63 */
-    { { 0x94a182e2689dbe3cL,0x2d8ee16602610256L,0x4d0cb259e6294291L,
-        0x244db1200a7fcf2dL,0xb50d34b08f58f3afL,0x2ad4b9ec13275075L,
-        0xa19beccfc96bfcfaL,0x1a5509da86f5baf0L,0x0000000000000185L },
-      { 0xefe1469c5ac043e6L,0xc86b77217d273130L,0x2324af0c2606809aL,
-        0x33a3324e21800fcbL,0x8a38f30fa6b0d999L,0x12db51d0d038b182L,
-        0x53ca86ccb3490ff5L,0x2ecd7ecf7a935163L,0x000000000000016fL } },
-    /* 3 << 63 */
-    { { 0xc4bc947556f30775L,0xb8bffac8a7779bc2L,0x59c0b0079550271dL,
-        0x68dc98306303b3f7L,0x4079b84d19d6cca7L,0xb3a87933f7ff41a1L,
-        0x8417384b97ab2b4dL,0x795a4fd926faec00L,0x0000000000000179L },
-      { 0xc72b8fd99ce51ceaL,0xc230b054cc876f6fL,0xfdb6c8fa23c093c2L,
-        0x6c7406112bbd837bL,0x5f6bc8c543802bffL,0x4cfcbe27f9bfb3f5L,
-        0x7ed94f5c4444552eL,0x12cd078f366d40dbL,0x0000000000000089L } },
-    /* 4 << 63 */
-    { { 0xf192b0164b374ff4L,0x3aaded48125fd529L,0x57484ac45dfa717dL,
-        0x815b6549a4b4e41eL,0xe230ea493153d4afL,0xbd883b1277769a23L,
-        0xae58965ead605e32L,0x4cc9cfcf77179455L,0x00000000000000a5L },
-      { 0x5cfe2ea43f30741fL,0x79c512a52565e3d7L,0x9a4075adaea005bdL,
-        0x6b2593277fca076dL,0x1ea80148166a3678L,0x25075d36d75fda30L,
-        0xd9f2bba9ad53e052L,0x04fc6adc182ac606L,0x0000000000000090L } },
-    /* 5 << 63 */
-    { { 0xee4779be0ebd57d7L,0x459b071978264e7fL,0xc881006f4bb02fc8L,
-        0x9379e60f2a5e085dL,0x4dbca56b92d5f103L,0xb12b712ee2f44c2dL,
-        0xb00fd84a642c9631L,0xdec635e926d7fa3dL,0x000000000000006aL },
-      { 0x6c7096bf5787204cL,0xff933f0d77eeab07L,0x98ce764279f79751L,
-        0xa30afccb5d93fe38L,0x5019a10fa1509d52L,0x6da21e0612f60c20L,
-        0x0caadc3c96ee3760L,0xc316231446e7b054L,0x0000000000000129L } },
-    /* 6 << 63 */
-    { { 0xbb3cb4daaa283027L,0xb3284a114637a686L,0x2f675f378d4d1678L,
-        0x4d2b46fe6bce4a50L,0x65e0d06d583ad60dL,0xa897d633525ea4b7L,
-        0xe2aa9fcc42bb371cL,0x8f91d296dd500e47L,0x00000000000001beL },
-      { 0xc43c6cffaf7965f1L,0x116c957ca63638dfL,0x80c1361be5a3f8a7L,
-        0xa1f87abecc9582d3L,0xd47bc0102bef1ff9L,0xdb660935f3fe712aL,
-        0x8cc56dcfcc584a15L,0x27984274a035f2efL,0x000000000000019cL } },
-    /* 7 << 63 */
-    { { 0xfee036b2d5a60b38L,0x6c09cbdd3de853d2L,0x11f2edd4d74766efL,
-        0x19ec36dabb8e5e8fL,0x3755e6f8b103f6efL,0x79a6edc7cfd76631L,
-        0x7f3d410265a8227fL,0xc02ea4d369326d57L,0x000000000000019dL },
-      { 0x8d5764e32379c4a9L,0xdee4a0f9250aef31L,0x88e469b586f0044aL,
-        0x4e83703b0ef683ecL,0xe5887ceab9688ea3L,0x6b42207428d29d78L,
-        0x3a20510f60098e8bL,0xa6d929986b4eab5cL,0x0000000000000172L } },
-    /* 8 << 63 */
-    { { 0x803986670f0ccb51L,0xb87e1d013654974aL,0x7f58cf21b2b29ed9L,
-        0x06c0e9aaa3add337L,0xf13b35d0e9d08ffbL,0xdd8bf44c96761627L,
-        0xa4a18c14758a3ef4L,0x96a576dda0043adbL,0x000000000000013eL },
-      { 0x2bde24f8632d95a3L,0x79f15ef14c524829L,0xaadd863e9bdaba19L,
-        0xdde053f4a962b707L,0xc598a2de14258d98L,0x9fa5a19d061c235cL,
-        0x0ed46510e8ffd32cL,0x2aea9dd1ef78ceacL,0x0000000000000185L } },
-    /* 9 << 63 */
-    { { 0xdefc05a810b7033aL,0x3f675458ac32078fL,0xd3ea130a9dda153bL,
-        0xda427c6edbbec7f2L,0x10c3809b269c27d6L,0x6f00e4483acf442fL,
-        0x00cd414cae989dcdL,0x33eb20b2f559398aL,0x000000000000013fL },
-      { 0xd16d5178ee191966L,0x641a327ef65d2127L,0xac8d07fac5fe58aaL,
-        0xf0bf06d10e428901L,0x65ea2147d6f1477eL,0xdf1a1634f78e78f9L,
-        0x43cec4b2889a387cL,0xb52152850e161507L,0x0000000000000163L } },
-    /* 10 << 63 */
-    { { 0x2bb9d8b5b329f7d3L,0x7e561b23569eba9bL,0x65fdae9309b7bca0L,
-        0xf4206737ef327916L,0x2963cd698f7b2113L,0x3b22a38a9cc9532fL,
-        0x455c3790b31def2fL,0x9a6cccd5931e5346L,0x00000000000000e6L },
-      { 0xe9860742981c49a8L,0xc6bbffefdac58cfbL,0xf28ca98c7dcbbfa6L,
-        0x6a53c5d43e512f79L,0x072d38f9fee0577dL,0x75fc677e0b2260d2L,
-        0xe1ce6a188e97c4b8L,0x48308dff3d3b1e4aL,0x0000000000000109L } },
-    /* 11 << 63 */
-    { { 0xbc61c248776b9816L,0x2c83f888139741f9L,0xeab3396648a694d8L,
-        0x6a7740beddf8a509L,0x3bde3e01f388b62eL,0x5c579737c76e98eaL,
-        0xafea98992f10893bL,0x1d6486dafbf3549aL,0x00000000000001b1L },
-      { 0x43087f5893143072L,0xe844a95631e5c89cL,0xed5c4e44bee070faL,
-        0x7371101a889fd481L,0x282498090f890001L,0x4c8a8d3097b45376L,
-        0x4fcaf87c54c665a0L,0x8685ba22863ed8b9L,0x000000000000019fL } },
-    /* 12 << 63 */
-    { { 0xd389b38cd19f496eL,0x9868052fdc520fb4L,0x698b397ebf6e877eL,
-        0x7896e7ac15d39a80L,0x3eecc9b5057ce533L,0x00f6cfc7001509b4L,
-        0x8c2c3d6ee01e25f6L,0xf64a3e270dd1056aL,0x00000000000000f4L },
-      { 0x192245f8ba1bde97L,0xb68aa03741e87accL,0x849cb6e449d24c74L,
-        0x93c36f752569de67L,0x93542a5630ad91a4L,0xa802f2bfcd021165L,
-        0xf3eb185fcecd5cdcL,0x42ef43d9ae520746L,0x0000000000000185L } },
-    /* 13 << 63 */
-    { { 0x78a7620a8a3944cbL,0xca1330ad3a2c833aL,0x151fe934a9fff1aaL,
-        0x03baba7dd19fba22L,0x8cd7ec0578147950L,0x8e217c558062827dL,
-        0x91e43f9a80a596cdL,0xe63325fdf60dd85bL,0x0000000000000109L },
-      { 0x3beb5eceb5446496L,0xdb683de1a5d6592bL,0x1e1c60087cfee827L,
-        0x2c4433fbaf08ef62L,0x6818f3ec36270cc2L,0x03581a8683829e2eL,
-        0x40161dd9a2a84e47L,0xfe30fa15a62fe107L,0x0000000000000013L } },
-    /* 14 << 63 */
-    { { 0xcc39400a70a75215L,0xd237b4077ebe4792L,0xb2cf5c3bd20c2507L,
-        0xe7b00e11daa4c46dL,0xa576029d38cec7a9L,0x699005e7b05e1375L,
-        0xb88d5837f1b051bcL,0x054f8abb44630f00L,0x0000000000000060L },
-      { 0xe53a8d17da2bb0c3L,0xcfdd266cae7bdb56L,0xd9551cebdb11c9b9L,
-        0x1a11ac221fc5b3d0L,0x63056e13e161a118L,0xdfd99567f76b5e73L,
-        0x7f5f7283836f2217L,0x8323f67fac0c57e8L,0x000000000000001aL } },
-    /* 15 << 63 */
-    { { 0x49581733db3272b4L,0xae447ec9076cd8bfL,0xfa292064666afbe3L,
-        0xf8194e0e317ff821L,0x87ab3e6df316b471L,0x2d909542058df8f5L,
-        0x951e4970d7fd5afbL,0x073c56e8e8f2f73eL,0x0000000000000175L },
-      { 0xcd8497e0c3995b6aL,0x76d443067eda0594L,0xc71be704d1359e77L,
-        0x3e29076941cc9d7aL,0x7762b707ad2c5ff9L,0x4208efa8d4102ac3L,
-        0xfa15b04cc6d0e969L,0x977815e5ee7e56aeL,0x00000000000000b2L } },
-    /* 16 << 63 */
-    { { 0x2838cdbfeb5a169aL,0x25c826c4e1505d76L,0x2d5b0ff8c512faf2L,
-        0xcf831e691e5cd6d6L,0x4540775caf5eda1fL,0x4f4514da5ad5605eL,
-        0x8472b1ae2f87cfdfL,0x07c8cbcc9e338ce6L,0x000000000000014dL },
-      { 0x096ab718d9243216L,0xe966635fe37cff51L,0xced8fb110586ebbcL,
-        0x3216d6af86abe6f4L,0x37392a301b77f4e2L,0xecc903afb8ef62b3L,
-        0x0453dc44fd74231eL,0x3cb3927b57895508L,0x000000000000013cL } },
-    /* 17 << 63 */
-    { { 0x6e902960eae03d4eL,0xf94cc9d57676a731L,0x0a624542451cd174L,
-        0x702f8c7ff9a07db6L,0x9c4d40d28812a01aL,0x3fdb4c44d775f115L,
-        0x3ac9ed82f31b60aeL,0x0c7df028f7bfbf86L,0x00000000000001cbL },
-      { 0xf0269e95a5da962aL,0x3cd5a3532fa54061L,0x120017f41745823bL,
-        0x8032a3c67de7a766L,0xdea8fbfb36927fd0L,0xc8a86f2deffef472L,
-        0x1931f92fe94c1b8aL,0xd2aaccbcae43c384L,0x0000000000000023L } },
-    /* 18 << 63 */
-    { { 0xa1b0bbc3e372d394L,0x4eecaeca8044f021L,0x97636d0124c350e7L,
-        0xf1f047ef209d0e2dL,0x0f922e78d12b0758L,0x8808519a01a2a08aL,
-        0x6570af356b5dcc8bL,0xee31edf8b59cee8eL,0x000000000000003eL },
-      { 0xd467ff1c9bcdfe17L,0xa6feffa02d58b7e4L,0x3b8f9b17271e5025L,
-        0xbe2d94786c151628L,0x934cf55f75fa8b04L,0xd6217d62abf8e3efL,
-        0x6f1625cc9841059aL,0x8d4b7142ed8bf5fcL,0x0000000000000148L } },
-    /* 19 << 63 */
-    { { 0x2f17878e04af92fdL,0xdf29ab114470d793L,0x62094a2a645c90daL,
-        0x386b0df0e461f0d2L,0x0ba305e3fcfc889bL,0x01b6e611b9ce50c0L,
-        0x396be840f25a09d7L,0x6bd838a8d5715b41L,0x000000000000018dL },
-      { 0x60d5c8f971c336e6L,0x7967118885352eb0L,0x58de4fd6d579c51cL,
-        0xf65c5db8b8e61555L,0x88023de715ccbec4L,0xf2334044e8662625L,
-        0x469745190bbb953eL,0xe8eeca46d6f4b217L,0x00000000000001a8L } },
-    /* 20 << 63 */
-    { { 0x6bab39543f106abaL,0x3d9c29e352dc57c5L,0xbe339e28d50ff250L,
-        0x247c8a49f08b8b6cL,0x79dd3128317bbe5eL,0x735c5b6dd533b321L,
-        0x1374c3a28fd164c9L,0xce029be81cd71fb5L,0x00000000000001e7L },
-      { 0x0657b663c6aac6a7L,0x0dfd84e22f233cfbL,0x210fbd7bb2f9d0b2L,
-        0xd7e7ca02a90dec0dL,0xc37d11213fa3b10cL,0x160276ee1aff3c3aL,
-        0xd825f5ceca6d0545L,0xe03cdac46558c1bbL,0x0000000000000124L } },
-    /* 21 << 63 */
-    { { 0xe3bdc41f8a78618fL,0xe5e00b1c2fa238c3L,0x132f66010ad92caaL,
-        0x35cdcd7606de8ddaL,0x78c2f93ab95776e5L,0x3819082008f8ed10L,
-        0xa2862e2c045f708aL,0x5bd7b941acb45943L,0x00000000000001c8L },
-      { 0x23fbe1be22514d9aL,0x7e20070b8cd4c4b4L,0xb77618475401c6d5L,
-        0xa95163e18bd87a02L,0xc87858801cce9d98L,0x814bc82ea8f70e71L,
-        0x166f6fded4ddb0eaL,0xc2e1b1800be17361L,0x00000000000001fdL } },
-    /* 22 << 63 */
-    { { 0xd238e451a7c101bfL,0x0bad1bd28a0e4552L,0x15eb91427e77916bL,
-        0x9c8ef51649ebcc4aL,0xf6425c28ca085959L,0x498ce242c87d4707L,
-        0x14b8121edfbf2093L,0x338d5aacdc3b4580L,0x00000000000000e9L },
-      { 0x886a911f6177b4ecL,0x6d305ab15a7d1548L,0x6ec3be3475e8baeaL,
-        0xcf1cb5a7891bdf87L,0x9aa5f7ec6088b030L,0xe261eedf83288f6bL,
-        0x2db08f6444678f76L,0x8d912da6c1cc7f63L,0x00000000000000e2L } },
-    /* 23 << 63 */
-    { { 0x03241429b406a7c9L,0x1b3c5b0c0308dd8eL,0x27f414dbcb00e3ffL,
-        0x8a9e850bba256af6L,0xd8f206fadb86c3b8L,0xaf051dbdec108e78L,
-        0xf8093ab3972aaeffL,0x2bc37f41ac85f743L,0x000000000000006eL },
-      { 0xf57594cbae5ca3d2L,0x0b140cbbbc1ec354L,0xcac08c4c7d8c40c9L,
-        0x0266382d8f8f46cdL,0x9a78dd2907b8649fL,0xd8fe7b2347d25b30L,
-        0x322a7bb1b13c050cL,0x7a03a032e5ce60b1L,0x0000000000000140L } },
-    /* 24 << 63 */
-    { { 0x0644bc15b320de71L,0x2ed296112aefad3fL,0x67754c4c88519d1dL,
-        0x47de1837e5f01818L,0x8ea1dd7e63033410L,0xc1abbecd8f6b2c5cL,
-        0xb06bd510c8ab4da2L,0x4e0cdecc5964e0aeL,0x0000000000000006L },
-      { 0x7c3b12481ffdb678L,0x28ff66790e9911a3L,0xaf7deb99a718a3daL,
-        0x391b96215e272577L,0x0f2789b0b4001e20L,0x60b4541686a4c603L,
-        0x0c3941313a259848L,0x3218bf48aa7e7d38L,0x0000000000000109L } },
-    /* 25 << 63 */
-    { { 0x9e4832f7116eeb08L,0x7554d6af45cb254fL,0x7098d4b3fab6ca32L,
-        0x994c923e7f403fcbL,0x265bea28516cf1e5L,0x927a73b63faae4ecL,
-        0xc69ac429986dbcd2L,0x67575e0ecdf65148L,0x000000000000009bL },
-      { 0x71fc74abaa76166eL,0xb0cf3fe0f558c185L,0x9b68f71b7630d7eaL,
-        0x78713c556bcf7e7dL,0x442d5e7f38f14777L,0x71c0d44b3002fd0fL,
-        0xe3ab882351ea27dcL,0xa89c6ef9a03d2925L,0x0000000000000080L } },
-    /* 26 << 63 */
-    { { 0xb03563923e5a6e61L,0xb5e0e27873b8d05dL,0x53f7d377b3078789L,
-        0xd56358e1c698706fL,0xa2674710505a1be5L,0xbc1559f4cb650c44L,
-        0x93361f0867d11d3eL,0xd5d124ba63826b8eL,0x00000000000000d9L },
-      { 0x943eb3571403f021L,0x80d125b3cf992a03L,0xb1365ff2d8bab8cbL,
-        0x5eb0490498a1fae7L,0x4f728e6f8004beaaL,0xa4b1dc8074121d80L,
-        0xb8b782b3c6b52616L,0x844cf275c3ab4b91L,0x00000000000001c4L } },
-    /* 27 << 63 */
-    { { 0xdb731dec2c7c6d72L,0x95be4c6d7253d7fcL,0xd983f26a3926cba7L,
-        0x256d5d8e5a99093fL,0xd645f6ec8fee2c83L,0x76df91bfb562b901L,
-        0x96cd6502753a97a8L,0xe53742c4a5a241d4L,0x0000000000000012L },
-      { 0x5e920ba21d11162fL,0x628a198b1bae3cc8L,0x571e9f2b57d92345L,
-        0x7a8271497c06194fL,0xddad8318036be033L,0xac129b561d5e7930L,
-        0x89a5024057a2e5f6L,0x92e5f7ac3a385984L,0x0000000000000041L } },
-    /* 28 << 63 */
-    { { 0x255d6d1bf8682934L,0x6167be166fbe8832L,0x3f2fb997c331343cL,
-        0x80c30a82bbc0455fL,0x6b06e6039604ee9cL,0x61433976a8a2c05dL,
-        0x9b693e3ca6c73e15L,0x5643bc3ac7b6d3ddL,0x000000000000001aL },
-      { 0xf362db1d072fc054L,0x95f7e68981452d4cL,0x14382bdc7e8044fbL,
-        0xf0ccc6594e884acdL,0x9f4598920db303d4L,0x4494e0177763f7b4L,
-        0x8d4de910b3422e42L,0x949b363a2b03d91dL,0x0000000000000174L } },
-    /* 29 << 63 */
-    { { 0xb20fa7f54065d8a4L,0xd5b8bde5f6cf1533L,0x61ca108443d18b61L,
-        0xb4601d7fd5f9671fL,0xe56d7386bb8f433dL,0x29cab0089d364d92L,
-        0x6ecb78fce1b4761eL,0x05c88ba39ae6c258L,0x00000000000000deL },
-      { 0xc84ab45ea2dcaaceL,0x3eaa1e487c3d46f9L,0xfb29bfa87eed4017L,
-        0xd630592c198259f1L,0xf88e6103edba3b02L,0x7e5463527779bed4L,
-        0x66431dc5fdd7c079L,0x9c9edb200505eab1L,0x00000000000001a4L } },
-    /* 30 << 63 */
-    { { 0xd5f2127b4413c3c8L,0x53d19d1790c5ee5bL,0xf46a12c4bd0b0607L,
-        0x23ff83b852f21415L,0x345d3cc5564a2084L,0xdd29de25b8128778L,
-        0xf22c6930511855afL,0xd4a6af3342541b83L,0x0000000000000067L },
-      { 0x3ff378abc334139fL,0x0d042fa8c59741e7L,0xcc57395df6333e80L,
-        0xd458b57146a21bf4L,0x7b5378f61b92954cL,0x0b6a333ea29d48caL,
-        0x83ebfc9324bd0efbL,0x84a30cec1062509aL,0x00000000000000a4L } },
-    /* 31 << 63 */
-    { { 0x7364675a65f8a22dL,0x29dd71039c0e9419L,0x7288a9c2677d42bfL,
-        0x1b1991ece9334a31L,0x4b82036d71ee3d46L,0x27597cb83d91b61fL,
-        0x1f4334c21acd3c55L,0xdd32214062f2ff38L,0x00000000000000c4L },
-      { 0xddf5a8caa81abb52L,0xcc1d2bd5579198bbL,0xc721ebe0c5d36fe7L,
-        0x80f82284e4f0a67bL,0xa611478e97997e42L,0x36fdad39b81d30e9L,
-        0x8abcdb957f9c8ddaL,0x81ddf6066c6cffd1L,0x00000000000000e9L } },
-    /* 32 << 63 */
-    { { 0xd8720c8ae96a67e2L,0xa646ecedd54e0f6aL,0x3936ce2dcbd31552L,
-        0x6d44c225b35268c2L,0x56dc0d086168f13dL,0x2b9bbca1fb2c207fL,
-        0xb4f0da3aa136c5a4L,0xed2cf79bf8216f89L,0x0000000000000141L },
-      { 0x1eb0707d7ec6bceaL,0x341b0f22ebe7eed0L,0x99c3c50c37333b3eL,
-        0xdcd5faebde463e09L,0xe688ed5ee481cdd0L,0x6fc12bd10fead808L,
-        0x7b8a498329746a50L,0x2be1b92f829e8d3cL,0x00000000000000a8L } },
-    /* 33 << 63 */
-    { { 0x81c98ad1581c9488L,0x3aae9ba74c2faccfL,0x4d2f796dcc390584L,
-        0xcb22c0644247e6c1L,0xed884751e19da72cL,0x4dd2400863d28313L,
-        0xad0c15efb0c8a9d6L,0xff5e4387d0d17586L,0x0000000000000023L },
-      { 0xc41ee78e2c12a59eL,0x8b5949a3ffb2cb34L,0x62a3917a30a3b1a8L,
-        0x5e9cd23e2d50ea6bL,0x226184de89a1faf0L,0x3d73604ee842ca17L,
-        0x72b01c78c7b33e65L,0x46bc0719126c1d15L,0x0000000000000163L } },
-    /* 34 << 63 */
-    { { 0x4bed8237777faa85L,0x48347d35048d0b1eL,0x7f0b38f476fcc2e5L,
-        0xef6f31029486baa3L,0xb5f8acde91d438bfL,0x41a87e12a8526166L,
-        0x8cc2ef135592881dL,0x8f99d106859fd440L,0x0000000000000045L },
-      { 0xe6eac1d316e9fab7L,0xda9bb9ddb98856beL,0xc6a6ad2170c12aaaL,
-        0x4e24a2b058c77b2fL,0x33432f40f95a8674L,0x021a71070c9020e7L,
-        0x4089166d8650289aL,0x4d1986f551969a61L,0x00000000000001a4L } },
-    /* 35 << 63 */
-    { { 0x9c21dfb230fb58e2L,0xa6f3914dbbbd435dL,0x6e602e2898109fb9L,
-        0x1b700670b44ff97dL,0x7edfa439ab01fb2fL,0x42325f8d60a9be9bL,
-        0xb5e0887a0a50918aL,0xcbcf143dab8877f4L,0x00000000000000aeL },
-      { 0x173d8cfbb2bf045aL,0xf7ed171942d73eb8L,0xca200f4ec094493cL,
-        0x9ad3c750b986ac9eL,0x11c9b6c837ae7c68L,0x315a7712db180137L,
-        0xcd8c3dbe14ef1560L,0x35a53627c9a60bfeL,0x0000000000000029L } },
-    /* 36 << 63 */
-    { { 0x8bb1ae9afa1e7335L,0x472218bcbf806e06L,0x2b9d24030e0e14d2L,
-        0xdd03847c275884bcL,0xa4ee2d9878f97e8aL,0xaf93d39acb69f1f8L,
-        0xf3e76c60b8b834bfL,0x0b4f2c0473094895L,0x0000000000000060L },
-      { 0xed08418036b33636L,0x81b18aa7f78d1671L,0xe20fd32389e80436L,
-        0xf8c9f81cf1faefd0L,0x1f7ad3e2602d9f2dL,0xcbff2ab2648cee87L,
-        0x4e7440a0f25ddd51L,0x2670e9e1dceab96dL,0x0000000000000193L } },
-    /* 37 << 63 */
-    { { 0xaa3d00eac058f210L,0x6e5ea70ba3c14757L,0x379d3b3b7e489509L,
-        0x62f62a0692767b17L,0xf1539bc721b030b4L,0x4162495067544fc9L,
-        0x4f5b019986666040L,0x1be80ab4745a7692L,0x0000000000000032L },
-      { 0x6049ad0475117623L,0xe49e9c8781efb988L,0x90dbbf72b574d1cbL,
-        0x27d065b3ece9ab4dL,0x8370a703e2632ad5L,0xf390eacbf0859cccL,
-        0x4babadd0e117d800L,0x066b62d0cc9697a5L,0x00000000000000c3L } },
-    /* 38 << 63 */
-    { { 0x63c4d634e78a2da4L,0x4b7a5da294ad0358L,0xf41e93ee9966ada7L,
-        0x12072c45fdad9880L,0x1418ca2416a9e931L,0xf74ace09b30a4eb9L,
-        0x637d765850045726L,0xf3b20a5e78ae3400L,0x0000000000000157L },
-      { 0xf15e1c7ab9e5db75L,0xbf1ff1c2bd8986eeL,0xdec28ef35b8b26b6L,
-        0x7bf708f1dc427cd4L,0xefb80977c13928a3L,0xf4975bf5e4c8c4aeL,
-        0x8feb6a29fe76a6bdL,0x695bb4dcb4eb10a8L,0x0000000000000193L } },
-    /* 39 << 63 */
-    { { 0xcde6ee654783776eL,0x47aa98dbab6a4a7dL,0x5c94835bc8032fddL,
-        0x992ff3a1c6534206L,0x98b88c5e4ff7a8c4L,0xfa011fd93428ff60L,
-        0x4788d51c15510bf4L,0xcacb9fde0719ed09L,0x00000000000001c3L },
-      { 0x7d204f6aa83da259L,0x9e4d04ff36ac5825L,0x1928285183d984faL,
-        0x29d49d8eb1488712L,0xf43e3fe22c533a1dL,0x826ce0162ddd30e1L,
-        0x2c7004d34084ac94L,0x88fe5d68d54b7430L,0x0000000000000091L } },
-    /* 40 << 63 */
-    { { 0x6e4b93549a207163L,0xe7ce12aea3fa19e2L,0x3b79d9c3731e7845L,
-        0x22d9831ccd2ede26L,0xabb6705b86ca4cc8L,0xdd0920df29ddb9f2L,
-        0x9d0f445b811862d7L,0x4166d6e7839180cbL,0x000000000000005eL },
-      { 0x182711206b4e81f1L,0x4b6b68c349837065L,0xb7377b163263682cL,
-        0x2e0fba0eb79cc7e6L,0x55d9ecf4c02e89f6L,0xe993faa0482c2446L,
-        0x9753d5e395d1ab52L,0x73fe5af5c1b06cfeL,0x0000000000000096L } },
-    /* 41 << 63 */
-    { { 0x7cb01f2827560700L,0x3116ede7f0594295L,0x11714c3a769c3488L,
-        0x31b80a2e8fbf02ceL,0x11cef04e5c6535dcL,0x64df55ff3e27c9edL,
-        0x0d63a163bc8158feL,0xf9cbf1603b63a411L,0x00000000000000abL },
-      { 0xe26c4abf3158ba4aL,0xdb117a38e132d2cdL,0x4ad696322a572d0aL,
-        0xbefddee3a8b979c3L,0xbcee468784c32c63L,0x3f861ac5f38ca9cdL,
-        0xe94a5b0f5d303be4L,0x60bf3ab155305eddL,0x0000000000000143L } },
-    /* 42 << 63 */
-    { { 0x2b73e62e977fc1ccL,0x33819c4b1eef1b48L,0x86c62fd2606d7b32L,
-        0xb1156e8b9ebbdc60L,0x066d6f66b9e5df80L,0xc91948c566b577afL,
-        0xcc7f76043ef1fbe6L,0x5c16641e68aa2e46L,0x000000000000012fL },
-      { 0x2747d4b711e75c9bL,0x6b27519fd9bd64a9L,0x1283769a2b54c57fL,
-        0x10e1164d081abde1L,0x5a1f76f9992f7ed2L,0xb6c588bf852850b2L,
-        0xddb5d11939399542L,0x6a550ca3115876ecL,0x000000000000013fL } },
-    /* 43 << 63 */
-    { { 0xa47c585a016bcc9eL,0x7e0ec9f0578e48a0L,0x708dc0a8d8c93583L,
-        0x6612567c04b5e0bcL,0x3ac1ff92dcf8bbb9L,0xf51ba067ac4f9eb8L,
-        0xdfbec7c94bcfd749L,0x44bbd8642eb5bab3L,0x00000000000000e7L },
-      { 0x25f2603535bcc21bL,0x060e8f62f03ee3e6L,0x15c57ec99e0479e7L,
-        0x976e8a5b05f84775L,0x127c6d03c8c674bbL,0xc9e9f32f933c6b5eL,
-        0xe405fea7628e2f5eL,0xd83b69a218dc1cf1L,0x0000000000000085L } },
-    /* 44 << 63 */
-    { { 0xfe64594aead54bcfL,0x698f1f89193023aaL,0xea6309e02517e1b2L,
-        0x5dba33b1015a622bL,0x95a9c92cfbf4115bL,0x30c7972981cc106eL,
-        0x05ae3f9d9e44aa71L,0xb996f804a23ddbcbL,0x0000000000000101L },
-      { 0xe3d697de475da0b6L,0xce26df727a70a313L,0x057b0e9b55989f12L,
-        0x705ef3af732a2c49L,0x55b69e808c2b9314L,0x17f9042282897d3bL,
-        0x235ae22e75a957a7L,0x77811795607c84ffL,0x0000000000000022L } },
-    /* 45 << 63 */
-    { { 0xff24c793f9b699caL,0x14b15d3217ea10a0L,0xc719f783343073bbL,
-        0x2a83d8b90e93b5d4L,0xde503f82f5353f85L,0xbac075114f18ac59L,
-        0x530d278c7f81ab98L,0x7f51762a1c619e74L,0x000000000000010eL },
-      { 0x5897a7e714360ac7L,0xd69da38de3ff95c1L,0xcf0c8334bf9736ceL,
-        0x6e465e9273bc4213L,0x950fdbd6a4e87fd3L,0x4bb07b3a47ca6e6aL,
-        0xb9eded92744a7e7bL,0xfb882d485a7514baL,0x0000000000000116L } },
-    /* 46 << 63 */
-    { { 0xc25e05c36b05e0d7L,0x5a2b025d4da08ae2L,0x71b546980cb36f9eL,
-        0x96bf67a4248d9978L,0x9a7bcaa587c7581aL,0xffaa9a7f39a6ff19L,
-        0x425c17c27471755fL,0x250359a026062f38L,0x000000000000000aL },
-      { 0xd0b2e9a20e795413L,0xbd4e31cb33853998L,0x8c4541ae95a4388fL,
-        0x8cb64c8bc50dd060L,0xe34c811101ab0da8L,0x5de5d97069305f2cL,
-        0x7a13ad595f5aba36L,0x9e2facc817de1ab9L,0x0000000000000086L } },
-    /* 47 << 63 */
-    { { 0x7cdf9204bd8cf1d7L,0xe3ad55d8bb0ef236L,0x15773c50555a9e3aL,
-        0x46af0d3003688a2bL,0x221ee5d72fc9260aL,0xd1561cf90bcc7900L,
-        0xeb1929a2fa485b0cL,0x13482477f9bbdb62L,0x00000000000001b0L },
-      { 0x9432cb5a6ca8bf58L,0xb64c60ac6c5411efL,0x52c05411eb94e57bL,
-        0x34597b1a6e3b2facL,0x7861df27595820b3L,0x4aff5520d02f000cL,
-        0xd0d78d9d0b71a270L,0x015e10d18fe933a3L,0x0000000000000125L } },
-    /* 48 << 63 */
-    { { 0x0498365338587f45L,0xdf7ff2c77c9bede4L,0xb0158c72a21d0d97L,
-        0xa774c9e3a5e5d3c9L,0xf58e7c02cb10150cL,0xb4af1ee79c24a5a9L,
-        0x02e0a1d644ab20cfL,0xf24d2c5ada1b7783L,0x0000000000000028L },
-      { 0x80bbf95278f7b5b8L,0x4c0bd396efe31505L,0xbcf19c3bec6d175dL,
-        0xa8e820cf868e9452L,0x902114319cd29126L,0x7518c2f8cfd996fbL,
-        0xf676e6cf4ebb311aL,0x6d108d7e7fac5d7aL,0x000000000000019cL } },
-    /* 49 << 63 */
-    { { 0x97aaaba1c829bb99L,0xf6860f8745bb55feL,0xf8b50fe71498e519L,
-        0xab3d16e3fe8f0221L,0xcac909cfdcdb7323L,0x685be174503ac866L,
-        0x97600f6f42b4888bL,0xe935129f3b2bde52L,0x0000000000000189L },
-      { 0xb9914e14c98a8902L,0xaf8252efd12e2742L,0xed19080a9e82bc5eL,
-        0xeb729e01b2ce8f88L,0xad7c2b07fdc2d2e7L,0x714be551434c5683L,
-        0x533f127a33d712c1L,0x5c1a7dc314b47fa3L,0x000000000000017fL } },
-    /* 50 << 63 */
-    { { 0x4291478195de7bd7L,0x19372e9158be52bdL,0x17fba77f92e5c6a7L,
-        0x6374fd9b699a1dfaL,0x22a45a6bb5c76282L,0x5c9a9a28c720a1c3L,
-        0xfb9dceee60825162L,0x69f9a5093ac4b11eL,0x00000000000001a1L },
-      { 0x934410934bd1d68dL,0x9f75dc6d6ded82e6L,0xf936823f9ad5428fL,
-        0xe87ec8b9c84feabdL,0xdac9bfc13c2f56ffL,0xa160399975f3b25eL,
-        0xfa8751ec5ca58a84L,0x1a709ac5f6e53798L,0x0000000000000165L } },
-    /* 51 << 63 */
-    { { 0xf327fa804594c279L,0xb58ea5486215b212L,0x20e5b9a833e0ce1fL,
-        0x3747da9a4a370732L,0x1634ee2e0777119eL,0x32df2dda5c08f5e7L,
-        0xa5d66cb9f811ab09L,0xdf8c1dc9ed7de036L,0x0000000000000003L },
-      { 0xc910aaf774efbe82L,0x20b0ebe46c378a20L,0x7542866526368ec5L,
-        0x85dcb02d25e2b43bL,0x14b5055e26273949L,0x07415b0245387101L,
-        0x0986b25d605380d0L,0xf0f61b04cf0def05L,0x000000000000013aL } },
-    /* 52 << 63 */
-    { { 0x8a87953f92591b59L,0x3143818d5a451f32L,0xf2e96f8b0c29d764L,
-        0xff943ed94c40a8a4L,0x82967f842535730bL,0xccf1a40336dcbf8dL,
-        0x7dc8d83c45f21a55L,0x0d1d08e3cbf08cb6L,0x0000000000000093L },
-      { 0x5eee829d0ab0a1a7L,0xafcb11e44d5694e9L,0x4d87ac664b03e1c1L,
-        0xeeeffa85094e51d0L,0x07e16ed7f957519bL,0x7a329adbbe6b8eb5L,
-        0x56f27e425f41a65fL,0x749a394ceb0c920eL,0x0000000000000113L } },
-    /* 53 << 63 */
-    { { 0xac10b05febfab632L,0xe9db26eefb615921L,0x83f9274ff7b609bfL,
-        0x208ff0fdb1c6defcL,0x25f97bd50ee1d15bL,0x0d1929a73bcd6f7aL,
-        0x13414e340bea3ce3L,0x5a1fd76dac768695L,0x00000000000000f0L },
-      { 0x52166f0da85b0ab0L,0xd7b84eb0d03e5891L,0x3d177fbb05391cf4L,
-        0xeda59b5d0eff66c3L,0x4eae434e57c15709L,0xe2e28d1394652300L,
-        0x9f6723518ddca2b7L,0x6b18b0d057928e33L,0x00000000000001d9L } },
-    /* 54 << 63 */
-    { { 0x692493e38e9e3858L,0xe3613ac3c54960efL,0x394b17dd14dee07dL,
-        0x6dc33f9010f81a66L,0x1c2b9571fe76445dL,0x64f0d6f6fb0961bbL,
-        0xfedcf72c371e04d8L,0x0877291e9cf9ca3eL,0x00000000000001a2L },
-      { 0xe33520e7f874564aL,0xa7acf4bf1026c741L,0x46569cf304030157L,
-        0x89310d88c0980781L,0x1fe5287f0acde0c6L,0x3e05a033a4696f12L,
-        0x1a5f3ea425cf5a8cL,0x4587f6f783c85990L,0x0000000000000076L } },
-    /* 55 << 63 */
-    { { 0x26047dcdebe585d9L,0x3abcde530ddc7b3aL,0x43231aa9e036918aL,
-        0xf4316041818bb25dL,0xd95a25f65eb56f8eL,0x03d1ea7b84e16f23L,
-        0x385f010d0e007937L,0x421c7ab1ce1fa2b5L,0x00000000000001bbL },
-      { 0xea42f6aa9c67ceb2L,0x2756973ae3f1940aL,0xa4fb7ed908e9b02bL,
-        0x26e6e78af5b1921fL,0xa9293c8b90f146fdL,0x39bd4ec3fa3d511fL,
-        0x6a82d362a65253d4L,0xbca05eb41e0fdc37L,0x00000000000000ddL } },
-    /* 56 << 63 */
-    { { 0x10fc7b6fd90fa53aL,0x3e6ce96795fe03c1L,0xcc2308acf9b7b89aL,
-        0x1bc9f27a33c58673L,0x1c12f0186273457cL,0x68e172f74c063ea0L,
-        0x52f75bf1d34d34deL,0x0ef03bce65f6b2caL,0x000000000000000bL },
-      { 0xd8cb54d3d705118fL,0x1e4b56503a7509c9L,0xcc35224e84c60259L,
-        0x8ed6226ce578172fL,0xe6fbb97fafa5bb2aL,0xdd461323189d5d7fL,
-        0xa4ff6f7a32109b05L,0x5896d4ed26f15e4dL,0x00000000000000f6L } },
-    /* 57 << 63 */
-    { { 0x05a13d26e82b26aaL,0x9be7e85d1f51ad4cL,0x64216a135bf8d231L,
-        0x9a52f4d338918288L,0x811795296042f73aL,0xcf4531b88fb3e209L,
-        0xa5ecc2b2b60e33c8L,0x4065785c53ac1b01L,0x0000000000000106L },
-      { 0xc19366e2098430e8L,0xd01b9140bad7cc45L,0xd9cd202403d7ed4eL,
-        0xfdc06de10880828bL,0x9dc1458082c50ff1L,0x050a0ad4dd5cb07bL,
-        0x23c2c3e802e03fb2L,0x9ef4c1720f843180L,0x00000000000001cbL } },
-    /* 58 << 63 */
-    { { 0xf269b6ea5323d6c0L,0xdf260532c643e91eL,0xc1455524c2768048L,
-        0x7b5d6da85f0207e5L,0xde9b50f074781d78L,0xd95862cbdcdf15deL,
-        0x5d8d5fabb94c1baaL,0x6892741043e83ad2L,0x00000000000001e8L },
-      { 0xf6e72c24aee1d9b7L,0x3326fcbb24b9bb0eL,0x3a749a424a7f74ddL,
-        0x5d2578773471ef0cL,0x33ecdd54c95f4cc2L,0x52eb8a04991cbb7fL,
-        0x3a73fead1aea5286L,0x6a0234c85d8e847fL,0x00000000000001a1L } },
-    /* 59 << 63 */
-    { { 0x3a9e952c73bc08afL,0x94816b86fd2ebed0L,0x308a88e4ad9f31a6L,
-        0x9a7dfdeed0600231L,0xe4f89ee9f181de44L,0x0a7df633f7c26fb9L,
-        0x2c9ae6ae5f221c7aL,0xe47f3d2872d4115fL,0x0000000000000010L },
-      { 0xbf708d7c085f506eL,0x7c4c215b9b26815bL,0x9176aca1c2ec9917L,
-        0xa6a694bbe5176a22L,0x119764672c3a75ddL,0x8c4de6dc47e0fd08L,
-        0x6111e87d0d1f734bL,0x8d1ded25dc07d865L,0x00000000000001eeL } },
-    /* 60 << 63 */
-    { { 0xfd833a94974ce9cdL,0x4ca65be246948f84L,0xb7ca6a79f17f102dL,
-        0x0c2d75789b8d7dc5L,0xa344848c42df2129L,0xbc8ee0055ec488edL,
-        0xb46597b0bc2053abL,0x5c865ead03f3e2ffL,0x000000000000012fL },
-      { 0x276249288a899a69L,0xc02d2ee568d0b403L,0xe46c1cdd828b23ceL,
-        0x8e52b84309c12d2aL,0x860ddf224f41e7ffL,0x077cf30319235b08L,
-        0x7a4db503690d79ecL,0x13f69a12e8a29f83L,0x00000000000001e5L } },
-    /* 61 << 63 */
-    { { 0xcb347d5f91d9d6feL,0xd0a524b43b9ef3c1L,0xa9e6392c547edac4L,
-        0x04d365a9b14bd9b4L,0xe5c90208db0aa5dcL,0x28ab9f56ad2db020L,
-        0xdcb2fa5be7ec65e5L,0xed81f29efb0e42b6L,0x00000000000000f9L },
-      { 0x4bc95c3197f4324bL,0x64fafe5f71476329L,0x044a41775a70b0cdL,
-        0xf2c61da17ba19d9dL,0x983216f2da3877adL,0x83298d8d4b4bd3c0L,
-        0xc7243bf461564560L,0x464b5bf41111eafbL,0x0000000000000061L } },
-    /* 62 << 63 */
-    { { 0xc34857014b40dfadL,0x6400778d0760a76bL,0x89f31e637e4a553eL,
-        0xb98eb50e3246a962L,0x956d3e4e7966732eL,0xb7fd65f4820569a6L,
-        0x35f492b77a5fd094L,0x079fd9be89a9e2d7L,0x00000000000000baL },
-      { 0x2f9bb4decf21481aL,0x7303b3e8d3a12b6cL,0x500d6509ad398eb9L,
-        0x4e8be72efe3a1a76L,0x8a82354a5745b6f2L,0xf037ebdaa20fdfe6L,
-        0xe12aac60584f6152L,0x75883d79f01f9963L,0x0000000000000178L } },
-    /* 63 << 63 */
-    { { 0x32b6b535c7c043c7L,0xe41d0e05423daf2bL,0x2cbacde8c0f421f2L,
-        0x11cd2d90fdeefc5dL,0x2fd90ed7e691e7edL,0x4bf72e93f5721f79L,
-        0x764fb068602fe745L,0x21594eaa97cd2c33L,0x000000000000014eL },
-      { 0xaeee0ca0ca8ea7a2L,0xe469cbb01485c545L,0x4c947ee0467f66fcL,
-        0x92f9f6b3606a8aa1L,0x56783791ed86541dL,0xcdb60ee64c8d8313L,
-        0x2f7fcb7560eca2e0L,0x0a847de3e7816be5L,0x00000000000001ecL } },
-    /* 64 << 63 */
-    { { 0x27b472fa3d0e9678L,0xcef22b18f18eab4aL,0xc49e75cc5fde2724L,
-        0xd9ec427a39f3c3d3L,0x240963ea07a9f9b2L,0x2b0301e0fc73761cL,
-        0xf734c2f480d8c0e3L,0xb9f52a609948da76L,0x00000000000001c9L },
-      { 0x6ef525e6fe70af9bL,0x4faf1315c936d7daL,0xfed0cb7aa1c67010L,
-        0xb1c8cdfb650fc5bdL,0x643e77418ac141ceL,0x8ecffb683144c8a8L,
-        0xf6ff17f5544deba8L,0xea30d6b2721a6d98L,0x00000000000000d0L } },
-    /* 0 << 70 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 70 */
-    { { 0x476395029a2936b0L,0x48a88079918b33d5L,0x453bc7931b067a87L,
-        0x5fe40adc63e55fb7L,0x615677f03d2b9756L,0xdc376c92833e336aL,
-        0xf7743da0b0b6c914L,0x780bc5a93effe23bL,0x0000000000000037L },
-      { 0xe9c333804a1a9456L,0xda9c55a8eb2eb173L,0x022757865ed17864L,
-        0x491f250816039d4fL,0xb1ac3d7b0ec8959aL,0x4d3855d3465a7151L,
-        0x7285c2d418e0d6b1L,0xd1a5af1833eac3e9L,0x000000000000011cL } },
-    /* 2 << 70 */
-    { { 0x80877bfe331dd8a7L,0xb708de53dd15f09dL,0x19f93da02ae5d424L,
-        0xe7e4ca9750064a50L,0x95ff7eafc76f7c7eL,0x5a6e49f06e0344d7L,
-        0x1f016633a4144a34L,0xff32c2a16fe7d882L,0x0000000000000031L },
-      { 0xc8c7b1826df27677L,0x33049c001751ad84L,0x7685641c109f091bL,
-        0x0e2bef03fde67f9fL,0xfb7ba091da20f027L,0xcd7200850d2e4994L,
-        0xf565899fbc584078L,0x465f703946520913L,0x0000000000000058L } },
-    /* 3 << 70 */
-    { { 0xb439f594f839375eL,0x273e0e12d6fabfa0L,0x4811f186986b62bdL,
-        0x3460a7df29a07e23L,0xf7fb6f4c20aed738L,0xf26b2b9c97d88113L,
-        0xa87f0ecc047ebd57L,0x0403df2b1a81558bL,0x0000000000000130L },
-      { 0xe8071597f66ce34bL,0xd14095a79440f830L,0xe7924b9994488565L,
-        0x972cc87937553260L,0xd33dd2db3c2f0eaaL,0x57e6830e9bf34ee1L,
-        0xe2f328371d13ba62L,0x4f84bcb955174ffbL,0x0000000000000010L } },
-    /* 4 << 70 */
-    { { 0x519a595a5c6f42b0L,0xe39552a9a675acb4L,0xc993a489609641a9L,
-        0x1427eb18cb9d6301L,0xeb102dd9fe02d86eL,0x86dfc2d5a4c15ddcL,
-        0x0dbfd177b76f6b2bL,0xec31ea91b285289aL,0x00000000000000e2L },
-      { 0x46ed4b2ab85445ebL,0xd272162cc8124af3L,0x1b7e446d675589f1L,
-        0x605b28069e56e455L,0x39f9b1abbd0d72efL,0x52d79f51793f00e5L,
-        0x28d3e23b7978077cL,0x9759e0e64866c9d8L,0x000000000000010cL } },
-    /* 5 << 70 */
-    { { 0x5783df4e1036ae82L,0x96d3c8e7186158a3L,0x161876e639b3df61L,
-        0xca9525e1b8b99336L,0xdcf0e3f745776a81L,0x1cbd5ebdcf6ba61bL,
-        0x895ebb5a345d74a8L,0x9861a95fa29bb4f8L,0x0000000000000106L },
-      { 0x59316637e824248aL,0x81f91fac0ec8a559L,0x48d8a50d1b2789daL,
-        0x75627156f8298d6eL,0x1c340cf13f452c6dL,0x7e99c311d0221466L,
-        0x57d7d1fef04842bbL,0xe0208d495f471f39L,0x000000000000006bL } },
-    /* 6 << 70 */
-    { { 0x04d40419725e8d7eL,0xd8a785c43faf2e8eL,0x7ed0dc16b456823bL,
-        0xab8169b6f8db939fL,0x5066e969510cd7adL,0xa9050429b3cff3f0L,
-        0xbc2fb7ff7450449bL,0xc550ea90106929f3L,0x00000000000000fbL },
-      { 0x75cfb97c77f10a30L,0xdc20c3be0987d625L,0x69e0878cb18777d1L,
-        0x2d77668ec850871aL,0xf2759bdbdcf84652L,0xf7efd592769eb8e1L,
-        0xb4dd3aea69169a30L,0x18106739653dd7ffL,0x0000000000000053L } },
-    /* 7 << 70 */
-    { { 0x6f435bba95d13790L,0xc082ddb3b8171861L,0x28f5c4cfc3b9797dL,
-        0xbd46e6f20fcbceccL,0x8a08c2a6fb265f73L,0x0c89cd1ab54ce3e8L,
-        0xb0915e664d2eecf6L,0x4d3a71276c691306L,0x0000000000000154L },
-      { 0xdcadc680181127fbL,0xd56dde12bec233c6L,0x77ec3c0ffb46e355L,
-        0xb047a6a206812dfbL,0x8fee038a509e92cbL,0x799cdc0199465b9dL,
-        0xf82664276ce79488L,0xbee7eeebd26ea0f8L,0x0000000000000128L } },
-    /* 8 << 70 */
-    { { 0xbb292bf5f98c20beL,0x3a3411a680e7f858L,0x4ee85c60884a2064L,
-        0x8bf2f700d1ffb068L,0x28a61b4ff5514a5dL,0xef4280ba021ca558L,
-        0xaa64507dbeae03e4L,0x8bf2aa0fd601d59bL,0x0000000000000123L },
-      { 0x61ca18a2ee308bf1L,0x9e9dcccd55fddd4fL,0x858dd91faa4b0103L,
-        0x21a4a04654338e37L,0x88237da980d564cfL,0xfa544159a0dc17b8L,
-        0xf6e71432e684e7c1L,0x9b2ec5cb6bcb8393L,0x00000000000001d5L } },
-    /* 9 << 70 */
-    { { 0xf8184868d78b3258L,0x294a5c8693d8db62L,0x3631dd8ae94c1e33L,
-        0x6086c859e22ade8fL,0x1333c8b0fad51601L,0x755a497081778bc4L,
-        0x9d0a7220adf97dbfL,0x9271364238802b70L,0x00000000000000daL },
-      { 0x5c8e5b906601b869L,0xde3d0dfec943c397L,0x39d9f226d18fdcc1L,
-        0x8c57ea34a90b2bf5L,0xa83a15756c4a7c25L,0x3e4fee5b3def7d92L,
-        0x5027d72ad9fe323cL,0x01ec60b853dd5f74L,0x00000000000000ceL } },
-    /* 10 << 70 */
-    { { 0x8bcb3d9d1b2bf1b6L,0x973fa9e312796b3bL,0x8c312eee0826934fL,
-        0x182e3371e7601ca6L,0x6ced3e75991abc97L,0x5b8ae056a347d5c8L,
-        0x4808debf4983ea2bL,0x0011eae167510327L,0x0000000000000156L },
-      { 0x15ce511d25441f8dL,0xf97a353ce97373ceL,0xf04be7106e289edaL,
-        0xe44c1542149c56f2L,0x0bbd7b79d31e6fa7L,0xc7461c7396def27bL,
-        0x4947e763f0b4134eL,0xb17d8168c56f702bL,0x0000000000000128L } },
-    /* 11 << 70 */
-    { { 0xebec93f04ac3f69bL,0xea341f190108e13cL,0x44c89c183b9dc7aeL,
-        0x1b643dea7d219c86L,0xa0f8211f1b24f1adL,0x362ed929b660c2e5L,
-        0xf4111c58accef904L,0x7d5ae557616b6ca3L,0x00000000000001c9L },
-      { 0x5e15f25e64078f7aL,0xd5afe9e9dd0f5ee0L,0x494ccc3c481745bdL,
-        0xab14448b8d7378d7L,0xe2d6f0d304da0eb6L,0x133ece3a8e9cff05L,
-        0x26d60edf3571e036L,0xbbd2816fb4f9a6f3L,0x0000000000000125L } },
-    /* 12 << 70 */
-    { { 0x23c4d719a31b8bb9L,0x048abcac740f7882L,0xbd895a1c5ee72269L,
-        0x95595e429077db96L,0xd01e2d4b49088381L,0x48570b7ff7e50193L,
-        0xa8830d23e6f4ed20L,0xbc8aae5b9a45ddb2L,0x00000000000000dbL },
-      { 0x527e8ff8970f294eL,0xd3f0cf5026c1d870L,0x255e637c69aefa63L,
-        0xf332ed105bf085b7L,0x6a0bbba69520d99aL,0x46f6172c3bbf6757L,
-        0x5f0b4e9f77664d47L,0x5b8c50a11e6ba9efL,0x000000000000019bL } },
-    /* 13 << 70 */
-    { { 0x9236c67ae086b576L,0xa790103d654d0bfeL,0xc8991f4701bcdc45L,
-        0x6a6f3fb3bec6da2fL,0x01249352077f3e54L,0xc242ea70f714141fL,
-        0xeb3a0089b7c19b57L,0x03647999992e47faL,0x0000000000000025L },
-      { 0x8b46fc0338224530L,0x0349584a95b7d309L,0x86dd737f92514473L,
-        0x3e5228f5a538c8c4L,0x184a5259939d9593L,0x4bb9925b0213865eL,
-        0x908c3fccb5c7937bL,0xb776024601e2984fL,0x0000000000000065L } },
-    /* 14 << 70 */
-    { { 0xfadbffb640bf4cfeL,0x6354576d468d492eL,0xa417db805eb84c73L,
-        0xc5a35afd367becdaL,0xd167b100c1d6833fL,0xf181791bc862b1ffL,
-        0xac0ff3d2016dded6L,0x29435dd2caf04f74L,0x00000000000000bdL },
-      { 0x5caa8fc6fdd66ecaL,0xcaf04d02f73457f0L,0xe4738b2cd8d60dd7L,
-        0xcfc4221aaccec9a2L,0xec1fc96e6d831b6dL,0x8661a6fedbc8cecfL,
-        0xc3fe3bbe0060ed23L,0x24c065e7ff5c70dfL,0x00000000000001a8L } },
-    /* 15 << 70 */
-    { { 0xc66433dceb676b47L,0x05c45b2d6ed68884L,0xbec6dd9cc497d94eL,
-        0x71567210fb86988bL,0x924292f876834001L,0x0d814f7c3e825949L,
-        0x3738e741cd6e5f83L,0x320f4721372ab8dfL,0x0000000000000039L },
-      { 0xbf2143f9dd94ecdbL,0x4f2a53a48df2f184L,0x5fb740b7b9c7e9efL,
-        0x96aed28a2d5b4840L,0x9a359445fd4ed339L,0xb275af3abcf23a6bL,
-        0x0449c11290242ee5L,0x06516db8a7ffada0L,0x0000000000000056L } },
-    /* 16 << 70 */
-    { { 0xee02879ba3ea1a16L,0x8e2314e439f3a110L,0x931dcab50671f5a4L,
-        0xb3010e67fe8a9df4L,0x5df54e420f52a951L,0x0b5eb472530c0c9dL,
-        0xfc19d87c18a07787L,0x60ed2c6ff0f2b9f8L,0x00000000000001b4L },
-      { 0x6bed0b7e2c3d7f45L,0xd6903d7610fd3891L,0xcb4a9876f30f92b1L,
-        0x328688dd25c03d48L,0x8f51283ccdb11750L,0x195f5a81b8d8e361L,
-        0x4cf3580afeb346d2L,0x044cfa9425c261e0L,0x00000000000001dbL } },
-    /* 17 << 70 */
-    { { 0xf125d0eb580b2aeeL,0x3878efbce322b538L,0x2faff7abfbc577d9L,
-        0x911a569672826ae1L,0x217136025b759fdaL,0x874e78b16c83f073L,
-        0x8357b9eb1ae1f09dL,0xc50cf6a266f5e089L,0x0000000000000041L },
-      { 0x7c5ba64930d641b4L,0x4e0c4810d87b5271L,0x7de6d695aa6c6d4eL,
-        0x48585b5d9e6e0dccL,0x27e52cc9733b7f52L,0x44f93094118055e6L,
-        0xc466de5e79e243a3L,0x9b120026ce5a2675L,0x00000000000000f3L } },
-    /* 18 << 70 */
-    { { 0xa379e5e5451e1063L,0x839bca6f1cfc15bbL,0x76267c6eeeb1f167L,
-        0x6bb1f5c8e8de14b2L,0x053a50d80a056b25L,0x67e18b5c6046ef57L,
-        0xc508121660b6d2acL,0x97efffed56e951e5L,0x0000000000000189L },
-      { 0x6fe2249a0a6237fdL,0x3e8fc2c9af92fe3bL,0x93406ede77987ec1L,
-        0x4a6f3ffcdd289c9aL,0xe6d23748bee59fb5L,0x1218f5958261de30L,
-        0xcc8cfa5bd3a0e00bL,0x3658c52f485e6937L,0x000000000000016bL } },
-    /* 19 << 70 */
-    { { 0x9588721c38f24c62L,0x75f78ee0b63f6799L,0x966fb95973e53b96L,
-        0x6898f5efedfa6b1aL,0x5d4be54bfd90c78bL,0x4a9c2f701c06c9a4L,
-        0x14cbd88183649de9L,0xc1f0d4edc04aa071L,0x00000000000000a7L },
-      { 0x523d47a89250cc0eL,0xf2bc8db83a37d239L,0xa41c054f9af865f7L,
-        0x86e0c8282af3b998L,0xea4726e56c6e21eeL,0x9d8a2148c0a499d4L,
-        0xe590538e9cb7dc09L,0x74c7dd3bd2d8393aL,0x000000000000005aL } },
-    /* 20 << 70 */
-    { { 0x4143662dbe2d233dL,0xdaa51ea937b9c343L,0xe4543a36e39801a0L,
-        0x8f043e35c1319e2eL,0x7a0f8df8504b47b3L,0x0c081ef2d4d60dabL,
-        0x710081a899486cd4L,0xd2e4ec67a36e4207L,0x0000000000000116L },
-      { 0x55c7a9fe07d56e26L,0xe01c071f037f6067L,0x6c4b2bad496b19baL,
-        0xe511cb4ebff6490dL,0x0e086c9385868504L,0xac978aca2db3b875L,
-        0xc24e564e28a8e768L,0xdba8099b3b1f3412L,0x00000000000000e2L } },
-    /* 21 << 70 */
-    { { 0x1e036478c5e524ddL,0x7482522f06751ae2L,0xfdd65ecb4d805e43L,
-        0xc85188213c81a2c1L,0x4351af46208510feL,0x20258b4286654055L,
-        0xce94ad2436951413L,0x51719c791fa571bfL,0x0000000000000186L },
-      { 0x4160e3cc57cb1d62L,0x54f91d695c7ca415L,0xac962802c7c230eeL,
-        0x474a74dd38772ba5L,0x07dc8e8dcbfb771eL,0x4bbf1d327faff162L,
-        0x5c6df969a5e951feL,0x8faf6e8b30aa1ccfL,0x0000000000000124L } },
-    /* 22 << 70 */
-    { { 0x2ae2176e4a7aedcfL,0x6cc99ac5db4109f8L,0xafc603ca9acd7a99L,
-        0x5709cd2e0292cec2L,0xdc3bbdc4a767e68aL,0xd1b99d15ca6414ccL,
-        0xbdfd63d8b90ce4c3L,0x5a277d71758432cdL,0x0000000000000165L },
-      { 0x57bc026809f79161L,0x8069381b75174677L,0xaee30d96471d5392L,
-        0x5b411edd0ab268faL,0x5c6780935ee8258bL,0x16dd3897aff1f327L,
-        0x6bd497a4b7be8300L,0x0ed094006a9ec135L,0x000000000000006cL } },
-    /* 23 << 70 */
-    { { 0x8935e366d379c4cfL,0x3ac951791ba6b75cL,0x0ee860648518d548L,
-        0x9ad786622b6b6891L,0x986fd8162db27dc2L,0x94cf26ad2da61998L,
-        0x97182802f34138fcL,0xe6a82f6cccc999ecL,0x0000000000000059L },
-      { 0x279ba13f96ed64d3L,0x66e45c5f8c942f2cL,0x1e723356b167bb87L,
-        0x63392b6ace4614e6L,0xb157e406828ef176L,0xfbdeff2043a70a11L,
-        0x26398beb39d70349L,0x84fc3685130bd235L,0x000000000000003fL } },
-    /* 24 << 70 */
-    { { 0x06845f761c46e0a4L,0x304f1a22bf614354L,0xf1ef1477999719c7L,
-        0x077cb0a94a2082f1L,0x88d79bc1c5ce4148L,0xc0da1dbebec656ffL,
-        0x5b78daea71ddae3aL,0x6216ba84ea9a43f2L,0x00000000000001abL },
-      { 0xdead308ebea49092L,0x857aa6bd5f4f2d7aL,0xa80d0eeedf4f49dcL,
-        0x81f3fbd4612b71f0L,0x8feb7e2e009cb72aL,0x149df0698880b33aL,
-        0x49e5030ac70e9ef9L,0x7fdf363de32d7d93L,0x000000000000018cL } },
-    /* 25 << 70 */
-    { { 0x4b7b9419cca1b866L,0x1b91f7a8ed4b0024L,0x292b214b3f190795L,
-        0x4f0f9a9468187149L,0x6af57b920991d891L,0x62be4e9781380070L,
-        0xf9631fb59570bf10L,0x85e5e54a46791c24L,0x000000000000019aL },
-      { 0x0d1b6e6f58d272bbL,0x2dd54725026260b1L,0x52925be520caa63aL,
-        0xd73b7bdf49bcdf40L,0xbf521158f9da7059L,0x2d260f094a257601L,
-        0x8711caee7733680eL,0x01fa1a04c910008fL,0x000000000000006eL } },
-    /* 26 << 70 */
-    { { 0x5fc62df164ca38aaL,0x6e65ba75928404d0L,0xfac5532c04b905ddL,
-        0xe7e788ced028cacdL,0x6f6d46a1e4ebaaadL,0x612bb1ccbaea7105L,
-        0x234e28db202ccfb7L,0x9368d2b838a2bd0aL,0x000000000000014dL },
-      { 0x8fc9d15599616067L,0x8d1b2d5f8551e5c2L,0x86bef02384a895d8L,
-        0xe771fa9da6dc3808L,0x7aaebdff2dbeb156L,0xd8179f04aa61893fL,
-        0xe3a11d5ab4df5a7eL,0x83babe1fee003cd5L,0x00000000000000b2L } },
-    /* 27 << 70 */
-    { { 0xbaa5e960356b7671L,0x69cbe8949a55c547L,0xea21f0e7d010da2eL,
-        0xa6458bae24057f33L,0x685e19ade119c12dL,0xa4a4bf1cd1323547L,
-        0x638bc3c57ea2692cL,0x1b23941f787fa55fL,0x00000000000001f4L },
-      { 0x07070fbbd655f411L,0xcdc85f1b0a078b8bL,0xcded78e989c7f01aL,
-        0x8e56f279561248b4L,0x27131c4543017398L,0xd85568439a89e7acL,
-        0x840f778f5022acd5L,0xd02560ccbad33615L,0x0000000000000132L } },
-    /* 28 << 70 */
-    { { 0xdc8418b0430aee87L,0xbd5f89c0fe56a51aL,0x10db29c4c631bea3L,
-        0xa03fbcbc0c973806L,0xace383ab0ab83b29L,0x19f1d9ba5aec5994L,
-        0xf36d16c245cb06a0L,0xa80a5ef4e427ea44L,0x0000000000000104L },
-      { 0x8c77115e67c4bd41L,0xbc0d9d752edce105L,0xb4d58d35e1a157deL,
-        0x0564c86be85ab91fL,0xd0bdf26d3cc536ffL,0x4b36e529237657ceL,
-        0xd108d7f75c27949bL,0xca0dc963ad81e019L,0x00000000000000d5L } },
-    /* 29 << 70 */
-    { { 0xdf088fed5170a20bL,0xa9a7752101752a4bL,0x7ad0d5a5d8096500L,
-        0x40031b9258232679L,0xf714c7503413e6bcL,0x9869755a1fe03713L,
-        0x6e2501ebb8c82fd3L,0xdc0984c442530088L,0x0000000000000016L },
-      { 0xbd92501c05c25c04L,0x1c5321cc9ec4c868L,0xfb1f693a4a48a478L,
-        0x86d327ca3b87d350L,0x46be9803e525bdcaL,0x1ec5bdbab274abccL,
-        0x83c080f9369d1df5L,0x4f700c9cc46b2610L,0x0000000000000149L } },
-    /* 30 << 70 */
-    { { 0x2f91efc7c0526cd7L,0x798751b06bcf03f2L,0x2e9a2b185b1d1b15L,
-        0xa5df63b07585e989L,0x0f7f20cbe088785eL,0xf7e41109c3e810eaL,
-        0x6f2e6b0196ddfd16L,0x7c815f673677adf5L,0x000000000000012cL },
-      { 0xc88f54441615746aL,0x7c59e46e6b14f304L,0xa4d9adb5c4343abcL,
-        0xba341145932fd2e2L,0xa8ead97ec577c110L,0x72c03b1efc69b4dcL,
-        0xc7cbf9dac2418ecfL,0x585777da2a60ff3bL,0x000000000000009cL } },
-    /* 31 << 70 */
-    { { 0x355b900311214b41L,0x5c4c60458255d77eL,0x653841db02befdccL,
-        0xf0dc18ec82060478L,0x041dbc6fd8b5343aL,0x2ab668cdcad75821L,
-        0xa8219ba431403e5eL,0x2187bcd7dd6f1818L,0x0000000000000057L },
-      { 0x3a187181672ef3b6L,0x32aa9ece8bbe1871L,0x42db253f9083e47dL,
-        0xaf661bbede04d778L,0xc7d30363b6e2c3a0L,0x883a3cf7c303c0daL,
-        0x2e743c812e09eda8L,0xb8a80c00d43eb9a9L,0x00000000000001d6L } },
-    /* 32 << 70 */
-    { { 0xa8aece33c6467674L,0x89ff0d8f1843299aL,0x59adbaf13ca3a78eL,
-        0x196374f4b9a4a75fL,0x789f72316ac10a73L,0x448193fe379c704eL,
-        0x65c6e5794fdf5217L,0xe6565a0b57174e77L,0x0000000000000001L },
-      { 0x509a5be95b7a3aacL,0x5ec7dfd35b281d20L,0xfd549cc3ff94ffc7L,
-        0xf29fe9740cd3bd2dL,0xd8a4f3af708e35b7L,0x45222e3bb52edcd2L,
-        0x896b102acd710014L,0x452cd4f4e63ebf74L,0x00000000000000e8L } },
-    /* 33 << 70 */
-    { { 0xe1cc6844d76a7d21L,0x98a653c0aad01f39L,0xa8e0aa6f5cc3db7eL,
-        0x53e176c8616ef3c3L,0x2fcd40c1ecb97fe7L,0x979560d1dc9765aaL,
-        0x8ceb932ec9497178L,0xfdda2a9f528d5fbfL,0x0000000000000046L },
-      { 0x5d78055191f09fb7L,0x5025b276358205e3L,0xa2ebb84ce669a482L,
-        0x0a0299fb3630ef08L,0xb1b479c07a91a3e9L,0x90ec5d7d5a165b78L,
-        0x82e7a594584a646fL,0x393648e146cf895eL,0x0000000000000126L } },
-    /* 34 << 70 */
-    { { 0x4122c7785767b754L,0xdb5083e1fffbd4d7L,0x602665453533b469L,
-        0x729a29a76027f62aL,0x9d5e8150d18a8518L,0x99983cb81c736f6dL,
-        0xeee827892fbcc4b2L,0x48c41e5e31554af0L,0x0000000000000062L },
-      { 0xed41a057380bd093L,0x90fc9595fa2649adL,0x200199ad591d2e82L,
-        0x8936742d4c2cb7bcL,0xd0a3fd6e36575e21L,0x76e227053f305fa9L,
-        0x7bdda0df7a21b3afL,0x143dbef0c67f4dcbL,0x00000000000001d1L } },
-    /* 35 << 70 */
-    { { 0xb5f11cf2ba68056bL,0x15cbc5b04de81e37L,0xd4417ca25cfd5b38L,
-        0x5bfb146339a246f9L,0xb74fd92f7cc33e94L,0x7f04e99306ac2e09L,
-        0xa79523fd32ded24cL,0x546f77e4f9bd012bL,0x0000000000000169L },
-      { 0xca1194a897bb2761L,0xeb8c23d390384797L,0xae9b4cf2ec702d04L,
-        0x7591beee789790d9L,0x40a5a1fd3a51f2ddL,0xf696422591d9c91fL,
-        0x943b41c0b539db9bL,0x4bef1a61aa810609L,0x0000000000000084L } },
-    /* 36 << 70 */
-    { { 0xb89c242a654f4e39L,0x3a242406ac7df59eL,0x351db3bf11cc09b6L,
-        0x337ce2e5b5cd27daL,0xb911a8c8941f351aL,0x1829610f4f4c663aL,
-        0x8c1e50449abd904dL,0xb2a4aecbbe384923L,0x000000000000007bL },
-      { 0x20f4b1d2485a76b0L,0x946f7c9f03d1b899L,0x7ee2ae32c4080be3L,
-        0xd8926ff9ae4c9f69L,0x29dcb8a9752ffbd4L,0xa19b5f862d627aa0L,
-        0xf21a0cf6dbad059aL,0xf209613aeaf6e53bL,0x000000000000008eL } },
-    /* 37 << 70 */
-    { { 0x77b7a695addb51a9L,0x371624600758a0dfL,0x6366fadd9b96c964L,
-        0x9620762a8a257da9L,0x4cf5a821b73d4d9dL,0x885a02e7a5a44883L,
-        0x2efaff5be9e6dabcL,0xe56434986c631f4aL,0x000000000000010eL },
-      { 0xbf8c22605af0c963L,0x38af35636c1508fbL,0x90e5c18cd3e73bcfL,
-        0x45ae790f15381143L,0x59b3919ca68915fdL,0xdeece0122f3f3dafL,
-        0xfe50ee7cdf4846ecL,0xe06d6ac82b4d8de1L,0x0000000000000042L } },
-    /* 38 << 70 */
-    { { 0x4f86e374d4ed697dL,0xfd6361cb5404674dL,0x3db2dbac05238633L,
-        0xeaf6a3abd21266d6L,0x9f326b1f6a6ac16eL,0x68602e1a98c82d68L,
-        0xf07a98f68c974427L,0xbad6f88e5e76b4d5L,0x00000000000000ceL },
-      { 0xd1694a3fa0041699L,0xac0ea49e1561ebbdL,0x9b0d19f405ab2755L,
-        0xa4f3fc8b7cc61e69L,0xbef82a8875e5fe87L,0x725fa4412cf49dacL,
-        0x2bd557393e82ee1eL,0xae5fe7a67ebae861L,0x0000000000000005L } },
-    /* 39 << 70 */
-    { { 0x9ba09dec8ca53aabL,0x77869c0e2e5633a1L,0x4461fc7c445d39e4L,
-        0xd6d9b5a15d1700e4L,0x14500eb6bbbe1927L,0xccc39a2e8b1d7227L,
-        0x24697b146d4210ebL,0x5f09bd32b1242c25L,0x0000000000000021L },
-      { 0xc8a50fa9ad88b85fL,0xf50a6eb907748b9eL,0x8135162693366f48L,
-        0x56d7aa91bdb9d82eL,0x03d6cc9b76c2a5ddL,0x6aa01804c25383cdL,
-        0x0827cdc98f69ded1L,0xfb2e0e58afb7e2acL,0x0000000000000024L } },
-    /* 40 << 70 */
-    { { 0x3c4abf3fd97e4127L,0x4d660aa326a7685cL,0xc97e6b3ef7a49e47L,
-        0x7b9d1badf34336a0L,0xf7dbf5ad2d068101L,0xb0467ec242fece7dL,
-        0x73d37b2b1e537f73L,0x057949157ad06ac5L,0x00000000000001dfL },
-      { 0xe8ecdcf643f6a0ffL,0x972197753cf6cfddL,0xc01f32aa931a36ecL,
-        0xed5da14457db8ac9L,0x94cc6cabbc5ffc23L,0xfbe877fa7d5d27b3L,
-        0xe1c5975e5e6428ebL,0xa2193c9c5a0daa17L,0x00000000000001a4L } },
-    /* 41 << 70 */
-    { { 0x011b7a689d61071eL,0xe35a59a67bc5c1bdL,0x4b057690da770dd1L,
-        0xd5a013dbbc56db57L,0xeece6246f79b0f59L,0x5518d020efdf202eL,
-        0x8df9df69a3d6bee3L,0xbda52c0199387789L,0x00000000000001e1L },
-      { 0x1c5105e0e2d9d626L,0x9f7cd19de1a5379eL,0xa53dd35bc7f9f7a7L,
-        0x18b24218ce4fa266L,0x3e96fdc091047332L,0x97b94516870935f2L,
-        0xa433f8ee4468e1c7L,0x4870ae15d77235fdL,0x0000000000000121L } },
-    /* 42 << 70 */
-    { { 0x7f759aad1e4e55d6L,0x1b6e4c24207d1d3bL,0x12b6917f6a8f4624L,
-        0x746b53df3e128c2fL,0x527ebc86d5a0eb44L,0x65d4cf7354880c3bL,
-        0xe52f9c5ebc2f92c2L,0x243b18aaa7581d5cL,0x00000000000001ceL },
-      { 0x1f18adb3d81cca4bL,0x08ef8756ddc57750L,0x38cec13ab0ed406bL,
-        0xdbece99f1f99966aL,0xf86d0ec07285ef43L,0x04a1c0d00f13fcb7L,
-        0x5a7dcc74169a4c21L,0x8224bde539fd0453L,0x0000000000000039L } },
-    /* 43 << 70 */
-    { { 0x3f137f59354edaf3L,0xcf81077943db0014L,0x11befe5055d92f75L,
-        0x03b4beb76cfede5dL,0x142107251b39d04fL,0xba238693ed8e6364L,
-        0xd3fb6113eeec60deL,0x88ce54c975c482ccL,0x000000000000000cL },
-      { 0x8b56584bc7c2449aL,0x737e2a1969e7b7c6L,0xb58a7dbac7c387c9L,
-        0x82b6e6dd3480c33bL,0x0cf346f48d2ea041L,0x37f1d4d6f60831b2L,
-        0xaf853adb2b91d254L,0x122fe99374182acdL,0x0000000000000132L } },
-    /* 44 << 70 */
-    { { 0xdb55c6c2986f7001L,0x67b6c09795cb3d1bL,0x8c985426d2166c0cL,
-        0x59026d57e1c9bf0dL,0x59a7419071c85698L,0xfd2dc29c95831354L,
-        0x78a61f5c43d60779L,0x09fbd320b2969ee8L,0x00000000000001c2L },
-      { 0xba4292559295996cL,0x76252a2b15de5fd1L,0xd2cc5546092dcfa6L,
-        0xe91692386e887ebfL,0x4f4495125fc232c0L,0xd0c857cd21b85119L,
-        0x2f36082f35fd0670L,0x1be3d45ba37cb8f5L,0x00000000000001bbL } },
-    /* 45 << 70 */
-    { { 0x25daa7796cfea33fL,0x93c7759086e6a405L,0xcc1ccf6884a1c535L,
-        0xfeeab6205ed4d313L,0x6950b0c08a15da19L,0x5b4db037675f34acL,
-        0xd84162c5a5cc3525L,0x912030b7ec7e21adL,0x0000000000000078L },
-      { 0x86c56b4f19587a4bL,0xb15a58ba8f6920d2L,0x779c28482105317dL,
-        0x5e6d47915859b5ccL,0xa7fc961e970b44dcL,0xcc0bf4dd02b1e83bL,
-        0x523624b256135690L,0x3f667b5f02443fb1L,0x00000000000001afL } },
-    /* 46 << 70 */
-    { { 0xc1d83a2638e205b2L,0xfe5221c8d7d0c2c6L,0x6bdb4ac3c1a769f6L,
-        0xe4bb2703001f5426L,0x8938ae06f0e37a2dL,0x0f684030b78134eeL,
-        0xc37b7d9287aeb54bL,0xca52792c4d47a2bdL,0x000000000000011dL },
-      { 0x6ecb81f1b4c2b8c1L,0x4b8c56014b97345cL,0xb37eac649a59f0d9L,
-        0xa66ad129a90a37c7L,0x0f2869f7c18ae478L,0xd96066b5ba43a3d7L,
-        0x0cfd6f7c091f5184L,0xf30d4f40005d8ddeL,0x000000000000016dL } },
-    /* 47 << 70 */
-    { { 0x8d6966bae1015a09L,0xdefb5a8cfc2b390eL,0x34a1b39c52254d4fL,
-        0xdb691d108958a3faL,0xe17c12d40f1291afL,0x0ea4f61874a2bd6dL,
-        0x64d7a420721c9f32L,0xc520a90d468a8bb9L,0x000000000000019cL },
-      { 0x811ff4142196746fL,0x6c84aabaec8df85dL,0xf0a1815c502c2e9aL,
-        0x2e613f1cb74e586fL,0xdfa1ddace514289dL,0x4de976896069c2c1L,
-        0x42a9730362662f01L,0x95584b0f209c9f1bL,0x0000000000000161L } },
-    /* 48 << 70 */
-    { { 0xcb0dbd8c81e4d356L,0x292afafd4e0178cdL,0x3a7d9941430adf54L,
-        0xfb7dbe480c8f7a12L,0x3191467eb36cc72eL,0x77375b0ae1c3bb00L,
-        0x4f6d8307a22d64d9L,0xdd46b8bbaf0baa09L,0x0000000000000131L },
-      { 0x07b578c9007dcc0fL,0xab944686094e6e2aL,0xc6bc5ecc762c8082L,
-        0xf113fd5e9044d50eL,0xf84f6c1a3048cdafL,0xb3d315cfaf0b90f9L,
-        0x8cc36b9430fc0e21L,0x5af00bf1a2975344L,0x000000000000013aL } },
-    /* 49 << 70 */
-    { { 0x0204a7ed30e14cfeL,0x5c1b090c936eb829L,0xe2bdd0f52ba5fc20L,
-        0x2a73a40606bd827bL,0xd292485433abbeffL,0x8878d661123777d9L,
-        0x14dfbc3db90150c1L,0xa843edd44ea45920L,0x00000000000001c5L },
-      { 0xf21e1fcc3beeb206L,0x2fa375889c6f5b91L,0x974397a83ab64565L,
-        0xfd643b96d524eaa6L,0x0c4a87767802c959L,0x66bd68b3d2e8b462L,
-        0x3b3d987b5d35d420L,0x1f4edb49c91abd9aL,0x000000000000014eL } },
-    /* 50 << 70 */
-    { { 0x3b0bd56922fa69b6L,0x6e75e34a36478f37L,0x0a1ffa483270c064L,
-        0xf278b5c8cbfa92c8L,0x03e1bfbfa2b9c974L,0x427d4a8c5815805bL,
-        0x70075d82b9a9f3c8L,0x1f9ea976a8d98663L,0x00000000000000f3L },
-      { 0x13a1debcb67afe56L,0xbc746aced4f90c05L,0x26c5d6f8a280bbb0L,
-        0xd0247b69581ca4b4L,0x37e29a53be4842a8L,0xb47c7fa39ad28343L,
-        0x2054355f055f25aeL,0x92c89f4292dd61c7L,0x00000000000001f0L } },
-    /* 51 << 70 */
-    { { 0x160e975afc9057a1L,0xdeb93807786662abL,0x9aa06f5246488ffeL,
-        0x8a968143b1e1b1c7L,0x234c6e2387bb6c38L,0xe5f30ad246087620L,
-        0x6a37229c0f760c37L,0x38bae97e1a50ae34L,0x00000000000001eeL },
-      { 0x1326f1c92b609a2aL,0x9fd27c710b12c5f1L,0xf8ab5311a97362f2L,
-        0x67b636400430e4faL,0xdeff5367d8964eb0L,0xb2cf669aa1dff262L,
-        0x48a55fe4bc0c0282L,0x8cfe7c6a6cdb5eadL,0x000000000000014cL } },
-    /* 52 << 70 */
-    { { 0x64900ab5e105ffc2L,0xb3e0a69fd00c2920L,0xfe3a57e0acdc7d5bL,
-        0x50017de528a32d2cL,0xdbe2ba7e5bd24047L,0x8f337130884e4863L,
-        0x79022d566b48a2eeL,0xac5c8a0b0c2f309aL,0x0000000000000186L },
-      { 0xaab8b2cf84bfc6c8L,0x50877d98c9fe9744L,0xde69bb18384d5471L,
-        0xe88ee61e438c52a3L,0xa76f2afccce637ebL,0x75b5620ad56fd7bbL,
-        0x56f3f8f0d04fbc41L,0x394174bf023bb654L,0x000000000000014bL } },
-    /* 53 << 70 */
-    { { 0xd023ab52c6bea32aL,0x6c51c915513932d8L,0x5aece30ad133acd1L,
-        0x6fcf4832b981cb16L,0x8b2e8cad9ec1f734L,0x8ab4c75ad10ea732L,
-        0x2a044ea51d74bf98L,0x73e479194c492848L,0x00000000000000c6L },
-      { 0xe7a5d2cd98038ea5L,0x556046e204a82c25L,0x25d91782b242bacaL,
-        0x51f3e0ee1c690836L,0xdbc96f2e730bec27L,0x70830a8102ea0f79L,
-        0xc1c16df146e8fb12L,0x2ab499df30403687L,0x000000000000018bL } },
-    /* 54 << 70 */
-    { { 0x158102961f3b5f22L,0x0488e5021393cea7L,0xaf3e259b2f7dd31eL,
-        0xc4a20bf305698181L,0x4f6f54d7c0ab5d89L,0x5057c46df04298f4L,
-        0x9e02e2ef67d898beL,0xc88dbe64a3b4ef38L,0x0000000000000124L },
-      { 0x3ab2db8ba57e0f38L,0x64b8bc290e21d3feL,0x8d667ea9125f5c6dL,
-        0xdabc90e93b7d1513L,0x4e4bad620a9eb460L,0xe51a1df4ef2b9108L,
-        0xd19961243d204330L,0x05d1c570c95c650bL,0x0000000000000143L } },
-    /* 55 << 70 */
-    { { 0x0c0baf4e9e1ac5acL,0x6560212c36c092b3L,0xfe47d88b97f69772L,
-        0x60ccdb14e9dd8621L,0xd01c9fb94799fbc2L,0xf0eed0a832103864L,
-        0x5253a877d8a18225L,0x98d6acb8b7b95f7fL,0x00000000000001e4L },
-      { 0x2648e152738b06ddL,0x906b0951d8d81a05L,0xf65a31390c1f0749L,
-        0x4c6f7f0c228e993eL,0x828fa196a36a2aabL,0xcb565b672d28a2c2L,
-        0x56253a6472e6f445L,0x64f614b086c8a38aL,0x0000000000000138L } },
-    /* 56 << 70 */
-    { { 0x3a67b300e334c8abL,0xc08d0ff9984aa5b5L,0x8d72ed49cd8e1509L,
-        0xae856df59b2a8535L,0xa34ef023c0cd980fL,0x29c83e84c243d7d2L,
-        0x8ecdc4d8411fad2aL,0x26ab853b89eddc0bL,0x00000000000001a4L },
-      { 0x3a060b7bbb5b50a7L,0x62adcbe78ddeacd4L,0x953850e464c7dc2fL,
-        0x4ec4a15c4e7bf3a3L,0x1834b3ee7d5b2569L,0x729a63cc470a84c0L,
-        0x9c80233ffa5e25d1L,0x7da5b6c70ec91aebL,0x00000000000001e8L } },
-    /* 57 << 70 */
-    { { 0x8ea14527251ffa02L,0x2bf1e67547d87a1fL,0x7b27c81091ba2e1fL,
-        0x104c606b9b71cd04L,0xbcccdb93d614f681L,0x7acc330aacd80ec7L,
-        0x6ae973894a27fd8bL,0x53827c1b27ccc900L,0x000000000000008fL },
-      { 0x4d95d08cb8be4cffL,0xe400db2af9ffa040L,0xa0141a32b1c11971L,
-        0xd126f1474397353cL,0x566cd105b5f4819bL,0x270fb6709b0536dcL,
-        0x23af7e24bab1fd28L,0x9710b8e7df1db272L,0x000000000000007cL } },
-    /* 58 << 70 */
-    { { 0x8dc226ba4ad8bba5L,0x33460d86e63da7dcL,0x77a4605dc88d1aadL,
-        0xed5b10f1ea39f371L,0xb70a14697ed77a64L,0x0e60327c61d9bd6aL,
-        0x0783398bbf619adbL,0x3ec7209535f6c121L,0x00000000000001b1L },
-      { 0x13dd11d6e87d8781L,0x0511b90514684b3eL,0x84726e9723c18f1bL,
-        0x29ac0d6d26942427L,0x7d1e62d4f6e29d25L,0x2135742a96de6bd7L,
-        0x496a330ced5c26b8L,0xc1ece08a9387f81cL,0x0000000000000060L } },
-    /* 59 << 70 */
-    { { 0xd254b41b30e4ed89L,0x78502bb1706e5eddL,0x0f80dc97668407b3L,
-        0x29261f750c1adca1L,0xc8e281d5d1026701L,0x92b4da71f0a77f80L,
-        0xbcfa39e991c34f07L,0x59668cfc83cca319L,0x0000000000000039L },
-      { 0x92ab845a79387e8dL,0x59bad0ced71a614cL,0x0388357983ae2d62L,
-        0xcda51bd9b1b30c96L,0x81794eba23f2a56fL,0xd5783d4ce9a2644cL,
-        0x8c083a7a6e365e0aL,0x6bf3855df6e86aefL,0x00000000000001eaL } },
-    /* 60 << 70 */
-    { { 0x2edc22f9503dc30cL,0x8e15166ba819de2aL,0xde92a1c90881ff55L,
-        0x5063c292425bc484L,0x7265e0a25894ffddL,0x29a93e2bd01afeacL,
-        0xb10aae1e4f850b16L,0xd136e09e5bf5f95fL,0x00000000000000f3L },
-      { 0xb339031cb292040aL,0xe3a653c6c8872fbeL,0xbba8b2a4e3b091d0L,
-        0xde53daa4755f2616L,0xcbc9a13169ff06f9L,0xd7d107b972b153a9L,
-        0xbf3d962eed2593a5L,0xf9c71c781eb4063aL,0x0000000000000119L } },
-    /* 61 << 70 */
-    { { 0x54e878315b00173fL,0x9491c63fe8310c5bL,0x224a487d193c27b7L,
-        0x37533a42f6a4c698L,0x2f6a7d23faa79af9L,0xc21f52e2a74900adL,
-        0x310382fe6980e5f8L,0x61df1496b9570f7dL,0x0000000000000086L },
-      { 0x9519fbd250fcfb88L,0xe3699589db1e40bdL,0xd08ecf3c5d58a256L,
-        0x42ca58a17f189165L,0x388309fef63d209aL,0xa9954b554f9fea80L,
-        0x0e725ff40cafcd97L,0xfda100dac558c042L,0x000000000000003aL } },
-    /* 62 << 70 */
-    { { 0xe8fe168dfd2310a4L,0xf898b948a4b90dceL,0xf56e896e16d40ff5L,
-        0xb637e62886078426L,0xf8260b3ffb6bd016L,0x8fdde3e65f7d485fL,
-        0xf26d3120f6ff0bccL,0x234769001b371153L,0x00000000000000faL },
-      { 0xc48d9d588885aa1bL,0x44b751afc5bcc29fL,0x0e786e998d1dbf86L,
-        0xe7b9a49131eb141eL,0xd729dba6c2bc12c3L,0x6feb96ced668fcd3L,
-        0xfe0d902270a496e3L,0xfbdf5ea4ef9ce528L,0x0000000000000170L } },
-    /* 63 << 70 */
-    { { 0xc62025d1d8d1bed1L,0x83a5876e694e25bbL,0xcd4bdf56f844819bL,
-        0xbf1ff474a318be3bL,0xd44a10d049d8a390L,0x01e2b1518c6e34bdL,
-        0x148d248d646df4a8L,0xc5c4aad079925c4cL,0x00000000000001ebL },
-      { 0x5a268e4ba03ccff9L,0x2d03661edb04c064L,0xdfcf0af9ac3e2387L,
-        0x90b2da8ddfc0530cL,0x9bbf27ecac30685dL,0x3c286c0f4d93abbcL,
-        0xf8cf7f6864a024fcL,0xff5929d6b416d6d9L,0x0000000000000129L } },
-    /* 64 << 70 */
-    { { 0xc6999604bdf87653L,0x5383b379b3f0b8c1L,0x98c6ac3d0bf0435cL,
-        0x2b04984e433c527bL,0x5308793c02073e7fL,0x4897091de1ef3fa7L,
-        0x4fea6f39bb6b4777L,0x5ad4c5cc472023e1L,0x00000000000000e2L },
-      { 0x0db5541ae6cd3ba8L,0x5504d5218c0bac0eL,0x32f61c5ccfac5e4cL,
-        0xb8e644b58538bd21L,0x8517c72e51fc9949L,0x8d47a70cad6f4e8dL,
-        0xb158e06317ab479eL,0x8c565f7b74f01418L,0x000000000000002fL } },
-    /* 0 << 77 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 77 */
-    { { 0x4dc47d473ad158a6L,0xaaf743f315320816L,0x4ecb999de6c5537cL,
-        0x4daf6b4ee63c7840L,0x4bf5f19b02bc574eL,0xf65d174caf39b238L,
-        0x0093f58bd91f67b5L,0x8ad3a5b346d5e8c9L,0x00000000000001c3L },
-      { 0xbb99652c22171340L,0x4da02aaa3f1193a3L,0x7a73a7371776161eL,
-        0x831def3aa5ff856bL,0x5f6a4f56da00dc5bL,0x2a23f5009ec3a028L,
-        0xce2fd53b7cb32472L,0x894514811bb02b47L,0x000000000000012dL } },
-    /* 2 << 77 */
-    { { 0xc75e1cf3dbfed7ccL,0x2af884ee092e1835L,0x1e303d715472bf17L,
-        0xb1ea537be7ad90beL,0x7fa6a69cc4d8b1cfL,0x5b5318ee1b57f5b0L,
-        0x60e617587ccbafcbL,0x5832172a9c4acec8L,0x0000000000000168L },
-      { 0x36bae29b9f2f8613L,0x9181194ad464a557L,0xf74c13fe52ff8f2cL,
-        0x88d40dff0860d712L,0x405a03bb6c86e898L,0x61f01f2fdc243178L,
-        0xea9771e091b667f3L,0x1db5cff3b26bd16bL,0x0000000000000141L } },
-    /* 3 << 77 */
-    { { 0x2366b92a98d9df56L,0xa626f80c44eface5L,0xae61b15e9040c6eaL,
-        0x1a44a0e218d1d16eL,0xc6f45f75c7cf836dL,0xe0057ed6c87c35feL,
-        0x568b05b9b88d323dL,0xfbfcae7a9a12dc71L,0x00000000000001feL },
-      { 0xec63ad133dcc4d25L,0xc75d539ba54f349aL,0xeddd4102c5ea1e5dL,
-        0x9028eb89a867f628L,0x2d3b3fd042846e4fL,0x23190ead8ed269b9L,
-        0xa55122ea67d610dbL,0x83603cdd637c60adL,0x00000000000000faL } },
-    /* 4 << 77 */
-    { { 0x73f3a17d4787129cL,0x6ca94151e8c8b154L,0xae7257f060011616L,
-        0x5d72f548d4459499L,0x11739701c3af5f62L,0xdc2f39ee9915b9b1L,
-        0x1d6448e76a3a0976L,0x1263eb6a9216a12dL,0x0000000000000001L },
-      { 0xbc6e933bd3c200a3L,0xe4ee3dd9bb9a9ff5L,0x3772c8f553b7bff8L,
-        0xbb6a11b8482ad6bcL,0x59bbe81bcf1dd575L,0x2c9ad563891128dfL,
-        0x4b190e9390470495L,0xb40f60c5d58762deL,0x00000000000001e5L } },
-    /* 5 << 77 */
-    { { 0x8c814a121edc8a1cL,0x7b6a7bf4e7395565L,0xc868143978ca6525L,
-        0x57477d25fae6014dL,0x8d407fcfb71944fdL,0x4bab62eee154d68eL,
-        0xe0db4fe2db1a8e36L,0x8b5a0a9e51e7105dL,0x00000000000001f8L },
-      { 0x3c6ba57aeb49cea8L,0xd7100fde6fa16f5cL,0xbc73dcf2580249c3L,
-        0x8fa02f243f4bc342L,0xb32061c81a285d16L,0xb348535c499f8f5eL,
-        0x95cd0cbe63dc0bc7L,0xd1a09b04920c26c1L,0x000000000000008fL } },
-    /* 6 << 77 */
-    { { 0xab913473c18c21fcL,0x9a8d50e85a3c3b57L,0xa3f98027ab4214baL,
-        0xff00eda9ed6199deL,0x7e5255d83ff38cd6L,0x200f60a17976e4e5L,
-        0x2145dc0f6604bcbcL,0x26506027e30d5f5dL,0x0000000000000075L },
-      { 0x74c1c25830bf2169L,0x0636d007d332125aL,0x5fae19411ab021b9L,
-        0xa2e53c56b7779050L,0x0f15f2a1fc02474bL,0xf32c52daa91a9c2bL,
-        0x016b2c4e09af347fL,0x3b98d8d9c8b5752dL,0x0000000000000195L } },
-    /* 7 << 77 */
-    { { 0xbfd693ce14dca7e0L,0xfca53d1fdf7201d6L,0x10ef9c293f39346cL,
-        0x2f007c8150335445L,0x1cd56f642fef4d80L,0x727adb3f179a01cbL,
-        0x043c868d1216b55bL,0x1725267a8b7e4431L,0x00000000000001ebL },
-      { 0x08f27860c03b7717L,0x46184e5ad56540e6L,0x9d4413db0cd006c8L,
-        0xec1262b6c613918dL,0x6dd0eaa7719b6e5eL,0x04a254658cea469dL,
-        0x66575d7d57fe33b5L,0xf2df873dc1eba9ccL,0x0000000000000104L } },
-    /* 8 << 77 */
-    { { 0x620aff9a81128a65L,0xa463ffe7d6a9d2c1L,0x2206277add4810efL,
-        0x413edd73dd0687caL,0xf4b12ec9249cef0aL,0x14dd6665c4b165cfL,
-        0x0cf86a23c5c070c3L,0x42354fe984755f2cL,0x0000000000000131L },
-      { 0x6f4741df2e9c881eL,0x2656911d43f26343L,0xebae8ae41c82e8e5L,
-        0xceb1ca37f3900776L,0x07f2f8fe16721332L,0x59265673aad4911bL,
-        0xe8799eabfc3bda3fL,0x55805723fd073355L,0x0000000000000088L } },
-    /* 9 << 77 */
-    { { 0xc1702e2d7ad5f4c8L,0xf923f2bc5a1339daL,0xa595a3bb549b6f65L,
-        0xc610545ee1dba535L,0x7f51f3d42ebaad6eL,0xce7f8bcc6c9cae0fL,
-        0x688732ab3d8f57f7L,0x2804a3276493278dL,0x0000000000000117L },
-      { 0xfd4db14748347a3fL,0x6fcef6816be9c766L,0xb94a0653e9cbd7c2L,
-        0x1642e8b6693b1957L,0x9d6c17e5b68dad23L,0xedc75322b0a1d8feL,
-        0x6061c9696d7dbd33L,0x898893654e198b67L,0x00000000000001e7L } },
-    /* 10 << 77 */
-    { { 0x9c3c0e612af820a9L,0xe80ec4172b23949bL,0xfd6741edf39b5cc6L,
-        0x7508d2c569195b07L,0xc5b0b05bf66670e1L,0xc3a6eff7b4fbe0faL,
-        0x6bcdfee8439d44f0L,0xae90d63b912965c5L,0x0000000000000197L },
-      { 0x7959bec9ee9e6f8eL,0x59f50c0987483ac6L,0x5deccebbacc28474L,
-        0xd832648efced11d1L,0xd59cde8c46abbea7L,0xac18a27605da98dfL,
-        0x315ebf629282c511L,0x67cf83eca91cc95fL,0x000000000000009eL } },
-    /* 11 << 77 */
-    { { 0xb25b845fc9f46a97L,0x5f2a1efdc18bd95dL,0x454be47ef18f3fc7L,
-        0x0f14f6605543dd92L,0xcce66ca31e88d28eL,0x7de0041d6ad77c03L,
-        0x0bfa9ef1875fe7a5L,0x459043152b7c660aL,0x000000000000011dL },
-      { 0x5d7c18371811451fL,0x43278c38b3d82a76L,0xc1a74c9387525910L,
-        0x6426e55e01983c0aL,0x9ef7fff22afe0faeL,0x54814953d94166c2L,
-        0x356c3af7244a9fb1L,0x5b0b753ca6be34beL,0x0000000000000063L } },
-    /* 12 << 77 */
-    { { 0xeb936532eba11d2bL,0x5a99185776dfa0d1L,0x557cb975f1dda3f2L,
-        0x31a06276bca5b098L,0x43b4ab995e00fd06L,0xdbca3db3e6b05745L,
-        0xf82d9a4dfbd3914bL,0x9df9a855d9583413L,0x00000000000000ebL },
-      { 0x0c6f9f1ac17aeac3L,0xadb82b657aa9309dL,0x5f7d18d0dad1edf8L,
-        0xda0ccd7d6f7a4113L,0x21ff3dd62e459a42L,0xef0ced7a4b586ff3L,
-        0xd3899d53cc45432cL,0x06cb34b4415e1762L,0x0000000000000095L } },
-    /* 13 << 77 */
-    { { 0xd87d4bad1db8928dL,0x6b3b3e07435b5743L,0x4d2de9b2332129d7L,
-        0x69e49dacc8cf4e98L,0xf69c8eec8eda24cfL,0x0957359a143e9d82L,
-        0xb85860d9519c4f29L,0x8280559d5dfb9972L,0x0000000000000126L },
-      { 0x3d53979179a086c0L,0xa2641be22809fd90L,0x90c6e7b0d3b9b9afL,
-        0x219465d05d6d7e22L,0x6faef26d4f1805adL,0x8ec78f8e9ea67504L,
-        0xfde34e6960c2bd44L,0xada7e8b46e85d7c5L,0x00000000000000c0L } },
-    /* 14 << 77 */
-    { { 0x09710a2cb143b2feL,0xe8a5da4966ee5443L,0xd0c100132f12b4d5L,
-        0x5e7b0e772671b1baL,0xb4dddf2e8a6348f0L,0xeacee7a2c4ecac65L,
-        0x19a1c51d04d317f5L,0xd5075202f7bfac9dL,0x000000000000014eL },
-      { 0xa82630e6c4383072L,0x739a02360f9afb1bL,0x7cd580240782c13aL,
-        0xd5dca3e5269cb563L,0x534d1d4469d39b18L,0x8a99a7eee725e8c4L,
-        0x4ae1a734e09b12d0L,0x96b8831a4511fd7dL,0x00000000000001e3L } },
-    /* 15 << 77 */
-    { { 0xd348f834f34ecfb3L,0x82423bf3a2b5a7e6L,0x11e41b02c531994cL,
-        0xc4141466202d71c6L,0x60d3db1693b2104bL,0x2b9cc9bbbf1488fcL,
-        0x820dd17464971852L,0x255efd4eb83dbadfL,0x0000000000000017L },
-      { 0xc2d71a64d751248aL,0x2088c20bbb351370L,0x5fdf0cf4c33df9a9L,
-        0x71e307bbd6796dcfL,0xecff035ef166c04cL,0x8f6ee686bd58429dL,
-        0x51a81bd8027186e0L,0x52e8524b22705c39L,0x00000000000001e6L } },
-    /* 16 << 77 */
-    { { 0x2b14935a7ce70edfL,0x1d88d30ee3c6f5a6L,0xaa6220de207e5973L,
-        0x692b3ff064b5e637L,0x04c9ddc8ff0eb748L,0x9e5ec39e44978142L,
-        0x9cc06266fa674339L,0xe0d13dcddd3e430dL,0x00000000000001edL },
-      { 0x74604722f38bd4ceL,0x473e4d3549da70f3L,0x1228875507d72efcL,
-        0xdf89a5050a7521deL,0x674176564c1a6866L,0xe2c330233f7a0eadL,
-        0x5e100468a7474dc1L,0xa47ca1a5dcc02d45L,0x000000000000001bL } },
-    /* 17 << 77 */
-    { { 0x6ec465e156e2014dL,0xe11db5d88be7c4bcL,0xe280c2ef46ee44bfL,
-        0x9650200bfc287502L,0xa623faba21131932L,0x883521a67c64c58eL,
-        0xf6cf505718803a4dL,0x3466bd19ec4cf07aL,0x00000000000000b4L },
-      { 0xb89009ef651d7f32L,0x97e0c0afa7012731L,0x5a66579cdb06f6bfL,
-        0x326054c1ae4ef154L,0x6701b07d9709ad6aL,0x754acc2876647a83L,
-        0xec5c1b4194a4d548L,0x7da690fff296788aL,0x00000000000001e7L } },
-    /* 18 << 77 */
-    { { 0x89971aabe09fd32aL,0x8863882406d544adL,0xc2ce75b757b06c62L,
-        0xcf839aebfde27541L,0x236be270534a25f6L,0x22e7c530c753df84L,
-        0x8c9277e537d2ea4eL,0x48d1f633ebc61e9cL,0x0000000000000160L },
-      { 0x89e3f1eb69876684L,0x90c977e026a0ed1bL,0x610a0a8534a0698dL,
-        0x12b6bc1933cdaf22L,0xa40068414f80ee0eL,0x91146c1f7b956979L,
-        0xcd77ddc326655fa5L,0x3f480d870f745a46L,0x0000000000000061L } },
-    /* 19 << 77 */
-    { { 0x40b96c1c3a259f14L,0xe7f40ea079e72202L,0xe8313e54d7267895L,
-        0x173ce8f7559cafffL,0x494a51b3a6c1b23fL,0xc696bcceeb58815bL,
-        0x170010c8e0dc01fdL,0x01086056d3602b64L,0x0000000000000061L },
-      { 0x410f23cc8a1148f2L,0x9c1f4ffc71449f8eL,0x1b7c1d63e39b69fbL,
-        0xb3c0a279581a2ebbL,0xf3a475ed4e37ab82L,0xbae74b39c0ce76a6L,
-        0x10059c6f67feeea6L,0xf4b5db802b5f3fc7L,0x0000000000000039L } },
-    /* 20 << 77 */
-    { { 0x899ff5b3a39492e2L,0xba2ed9c090fec192L,0x1f3f792e373ec69eL,
-        0x58892019804a999cL,0x2decbbf65680eb65L,0x4c4d1fb1f1991cdaL,
-        0x81c7cd2da9bff737L,0x641d5365db793801L,0x000000000000010bL },
-      { 0xd1a3e393e7b02799L,0xca23126f920e1690L,0x16229cabdae08e97L,
-        0xe02535dc0dc624e1L,0x7f4a6c2707229ca3L,0xd00f68a7ea546fbcL,
-        0x14c7a9060bcb65fbL,0x18a29801a778cdc2L,0x000000000000012aL } },
-    /* 21 << 77 */
-    { { 0x88ef7214a340a2bdL,0x6c21447fb3711634L,0xeda5e1cf59a1a9edL,
-        0xec843ced532a2068L,0x5d030969a721eaa9L,0xf848b622c5c12f80L,
-        0xfdbbe02eb3b5f479L,0x5a4a7e27ecfb32aeL,0x0000000000000152L },
-      { 0xa0ebecc73bd579c4L,0x947cc8931ae87971L,0x55a335a5f997b3f8L,
-        0x0fa52370c742c232L,0x04f557068fe480bdL,0xd5dfbec56e89bcf3L,
-        0x68094b4fe7e79004L,0xb930cb0577e383c9L,0x00000000000000e8L } },
-    /* 22 << 77 */
-    { { 0x404b0ca7ef717037L,0x086a03c3afacef33L,0x1a82f5347d458148L,
-        0xe4380258397e4eb4L,0x1330d8d4ca7d334dL,0x1838b028ce1374f2L,
-        0x368e12f620c20e72L,0x5a1a189b19279435L,0x00000000000000a9L },
-      { 0x938d0621ba67ae4dL,0x8edee31826d4e2cfL,0xf5476a05b5445042L,
-        0x32fd912047791f6dL,0x9b896d1d278da749L,0xf0647a5b8027024aL,
-        0x3dce74aede2c779fL,0xd238785c70d0322bL,0x00000000000000cbL } },
-    /* 23 << 77 */
-    { { 0x1389bd572c5be10bL,0xf417b76d6f40d705L,0x43eb4f0ae6bbc695L,
-        0x83ee3dbbbceede7aL,0x3b7944776a96d4ecL,0xc8718559cc6adadeL,
-        0xa5a422fe93cb083cL,0x88f55bde65b67cc0L,0x000000000000007bL },
-      { 0xa38582d46eabed01L,0x8555c12c141ce97cL,0x8af7c38b358fc420L,
-        0x40639ba9c43f8fcdL,0x187da0e6ebd2a1e3L,0xface1ad56d325bf5L,
-        0x9f44ec9fbbc2d694L,0x9029fab4d125a7f0L,0x000000000000007fL } },
-    /* 24 << 77 */
-    { { 0x79b40005d7c3e500L,0x99957461a7cbe47dL,0x1dba911d53a81eebL,
-        0x50049c2a54cac621L,0xc3052ce65c8458c0L,0xd4e4cc285cd9822eL,
-        0xa64bd2ba9c89113bL,0x616f47f324a9a360L,0x0000000000000000L },
-      { 0xb309b38536bb95e6L,0xf7808da5eeb3af75L,0xc9eb3a68ffef855aL,
-        0x0d7c5382da981f49L,0x2176630e5a29fe14L,0x7c59c56f4b6dd847L,
-        0x363fc08115c998cdL,0x28b9018e1c0e00d7L,0x000000000000009cL } },
-    /* 25 << 77 */
-    { { 0x2573417e81c83b0aL,0xdd9e807e048ebc99L,0x82a6c4a81b29f10cL,
-        0x7d10a230142588d2L,0xbfcc4299646d2ff1L,0xcf6ec008b3d474d4L,
-        0x4739d5a10fc69418L,0xc40c43ea6653b7ffL,0x000000000000010cL },
-      { 0x35cad063fec6bc85L,0xf71acf741da4918aL,0x1cab540ece2afbfaL,
-        0xda8b2b24c98eb950L,0xc727151dc45eb0daL,0xff80e6ff5e8f915aL,
-        0x61ece0f0f43fe366L,0xea66de22262859ddL,0x0000000000000128L } },
-    /* 26 << 77 */
-    { { 0x474171efa97a4763L,0xd93201a034920094L,0x6481f28d5a35265aL,
-        0xe3e4d437b7eff28fL,0xe9af6e1aae3a1e45L,0xc4aa6f1cbd9522f4L,
-        0x7c03335bbc9780cbL,0x96d41e4a321d6c2dL,0x0000000000000174L },
-      { 0x5f26167549113aa9L,0xaa8b464d7b5a62a4L,0xa5a46db0820a01c9L,
-        0xc7faa813d78edb2fL,0x930e2c550d6a1d85L,0xa9093a617de2a013L,
-        0xa127661d71d619aaL,0x54cbb5a5f1c8ce41L,0x00000000000001e9L } },
-    /* 27 << 77 */
-    { { 0xb2ba328e784b5740L,0x3aab9cb34128749eL,0x28f63dea025efe48L,
-        0x50ac057754239c62L,0xd69d52d61945325dL,0x30729b23d6e44079L,
-        0xb53986e0ba39b326L,0x00cee2b7000d74fdL,0x00000000000000b9L },
-      { 0x4c6c851b9dad4796L,0xe5e9073bbb3f588bL,0xb353a8be7a520bcdL,
-        0xf3e17105f9f53a85L,0xf1f9092b4ca27a37L,0x98d205f5591535ccL,
-        0x36d397df9b0d9312L,0x274fe8314e3ed5a2L,0x000000000000010bL } },
-    /* 28 << 77 */
-    { { 0xa5c21ee422b55a11L,0xb3d53f0aaafcfa04L,0x801275fda03eadb9L,
-        0x1d198806804399caL,0x90ebcc340a2e19b3L,0xe6e38f0aaea736abL,
-        0x708a52b84a9edc51L,0x2eb66e95fc7ffffbL,0x0000000000000178L },
-      { 0xd46591fd9e589f0fL,0x4f0d19c86d5aa7b2L,0x06709841bf48454bL,
-        0x9ebeefe12b45c9c0L,0xf0a115fc6fb45000L,0xff84e50179ebcb41L,
-        0x0ec79d93ce8d1212L,0x5566d34415ee3721L,0x00000000000000e9L } },
-    /* 29 << 77 */
-    { { 0x1ef4d33308cfb94cL,0x7441eb2b997fed75L,0xf5168da9af996143L,
-        0x81618ae829a3693fL,0x19744ee0f0b96e6bL,0xb965ef0bb2fd289eL,
-        0xe5e5dc6b0cebfaefL,0x8ff8be97049bc826L,0x000000000000010aL },
-      { 0xa8eefd0dcb1a9859L,0x51a376b22ac2b4a8L,0x21bc8fa24625bc78L,
-        0x415780cf59ca09f5L,0x91b61e743291ae38L,0x5571371deabadbc8L,
-        0x03af77636156dc1eL,0x71baf8d9a32f5f90L,0x000000000000008cL } },
-    /* 30 << 77 */
-    { { 0xb983e450215de93aL,0xf9a04f4d388b1042L,0x4a5d19b5a992494dL,
-        0x6daa0b565edd34c6L,0x47c234303575862cL,0x3088d50b4e9d944dL,
-        0x02b04a29ada9072cL,0x78027f7acb9e0062L,0x00000000000000f0L },
-      { 0xa0826f19f446b373L,0x7d93fb0f81263a01L,0xe6921097c78ea270L,
-        0xfa538ddd2aa5c2f9L,0x01c031423df7010cL,0x955fa08be237455bL,
-        0x056bc335462e5d09L,0xf4253cdec6b5db6dL,0x00000000000001f8L } },
-    /* 31 << 77 */
-    { { 0x7817f55b58d0551dL,0xb14d44372fba3e21L,0x0957c7c6213afec8L,
-        0x16af19829c3d5a98L,0xce97f84f27ee4bc9L,0x9e67f2ecbb61232eL,
-        0x21a4a6a3aacf3cfbL,0xaf2c734abe76c0daL,0x00000000000000d4L },
-      { 0x3c25948c614d7f45L,0xe38052af2070cdd5L,0xa1eee814c0addfb7L,
-        0xaddf7463aef0d0e1L,0x881ca72b6f18263dL,0x3ded9d2a4ed2eeddL,
-        0x1fc7d77bd7c0367aL,0xd72254b3b3ebfcfeL,0x0000000000000047L } },
-    /* 32 << 77 */
-    { { 0xc9d22d532c51ab39L,0x0bb42c882f02748eL,0x576c89c847e18934L,
-        0xf34cdc49b9513257L,0xaf97df129ed107a2L,0x860263daeead8f82L,
-        0x6147d39bfe11c289L,0x3b94b3ebf41158f1L,0x0000000000000113L },
-      { 0xc4c84d7cf747d887L,0x9a54f1a2f71f1726L,0xb4a79290daf5817fL,
-        0x33dd5df87893855dL,0x567a1293f6953979L,0xf0c76bb60eac5025L,
-        0x863fc87abb498d81L,0xf5d4e58ee9b3c11dL,0x000000000000016aL } },
-    /* 33 << 77 */
-    { { 0x3b17d547448dfb53L,0x7f2cb0729f642572L,0x63e29455c76a69d7L,
-        0xca61b766bd3e3646L,0x37a6dd73810708b2L,0xe1a14fd91c905068L,
-        0xd44e8f8c80ac4b2fL,0x835bf4e52af9b43eL,0x00000000000000b3L },
-      { 0x8c346f71e06e063fL,0x1a328b150b7d8d8cL,0xbaf6a09807bf6a99L,
-        0x87e133f9596da0b9L,0x0e597178cf3e907dL,0xd5f05f8ddf233a55L,
-        0x309225a26b463c36L,0x300bdf0f0584aa15L,0x0000000000000053L } },
-    /* 34 << 77 */
-    { { 0x4e7a75991895dfa6L,0x47a75f95bdba3effL,0xca07fe2d3f9a18a0L,
-        0x5980f02ac1d1c586L,0xbbb9347f47e52186L,0x64655f6ac4d3c668L,
-        0x49b744d851222ef4L,0xff1a52afbcee213eL,0x0000000000000046L },
-      { 0x07b176399164551aL,0x8670c0eb724fe5fbL,0x939b844418827401L,
-        0x0057903fe2b0b7e0L,0x3715250a6bd60303L,0xfab5172cd457ae91L,
-        0xfe0fffd5cb98bd63L,0x2442dd530529b127L,0x0000000000000045L } },
-    /* 35 << 77 */
-    { { 0x1ff6afce70614995L,0x8ec5c3c42d35576bL,0x3db78d6bf19c93b9L,
-        0xb687f566561b78bfL,0x9a0059d21b471120L,0xd2335ec12a6d841dL,
-        0x51f487eb03bae0baL,0xe0cddfe86348a091L,0x000000000000017fL },
-      { 0xe81c1483f1461684L,0x37d83bb3baeed32dL,0x5d8cbce8fa24c9aeL,
-        0x14b9a08bc19282f5L,0x0ffec978bc0d960cL,0xe3453f9dcc202f77L,
-        0xe258d82ec95021acL,0x0b7e13ad3cb3f629L,0x0000000000000166L } },
-    /* 36 << 77 */
-    { { 0xc7ac11e626f1454fL,0xc3c07fb2b35c3517L,0xb3250791aaa6cc48L,
-        0x386fdd4b80913dc3L,0x9ceadabacef02e0dL,0x8ffbd36041b82b0cL,
-        0xa419d90fe5459cf5L,0x96b655a4d2be1233L,0x00000000000000d6L },
-      { 0xfc4d23c02f0b4251L,0xde6584339c166c63L,0x5d2a686fc992b364L,
-        0xebe9eab62aec7318L,0x1f276b32205d70a4L,0xa86bf8dbe3ad7c9fL,
-        0x94a38b3aee6e87b8L,0x60dafef41af5d923L,0x0000000000000175L } },
-    /* 37 << 77 */
-    { { 0x5a3443b09f246493L,0xf304564dbcd26507L,0x0e97a06aa7092182L,
-        0xc3db692d8477c80fL,0xc5947c4347f9b7bfL,0x5b16b09bfcb8be69L,
-        0x6d68633942bfed11L,0xb2e2c5a703585ba1L,0x0000000000000102L },
-      { 0x0c92464dce2a9c87L,0xdd3ba87f5a22f114L,0xe91630bee7c79285L,
-        0xec9d61b81671061bL,0xb124aeea3135b566L,0xdb2e1760b108a419L,
-        0x8dc457368dccb7e0L,0x395f8c1269f288caL,0x00000000000000d0L } },
-    /* 38 << 77 */
-    { { 0x5b44bbb6e8d951b3L,0x3fd669c6eda76243L,0xf5060d8492a121aaL,
-        0xa3cdd2388ff0d7c2L,0x1fd8c08b68451b81L,0x0d473fa8947d2bc9L,
-        0xb84cfb1558ecd9f0L,0xc1d74eaa5861f3a8L,0x00000000000001b4L },
-      { 0x8992dcd5a7e3fd83L,0xaca06108361d9bebL,0x6e8a01451eea9b43L,
-        0x468cbdff0dec9235L,0x13f19bff1f3f0571L,0x1c521a953db7e61dL,
-        0x8315bb22648cc46eL,0x7a4b2e18e8060604L,0x0000000000000155L } },
-    /* 39 << 77 */
-    { { 0x5aeb03ff7d3ab094L,0xfda8c273a90d5cc9L,0x6883bcf2ddf59c2eL,
-        0x6496e8504dec3d19L,0x356eab571c428360L,0xf15edcc7aa376191L,
-        0x751db33905e75700L,0x90dae8887250d302L,0x000000000000000bL },
-      { 0x11679572d6180ad9L,0xfed6254809ed164eL,0x14598065c141b48bL,
-        0x1c1f0baca4575d4fL,0x207b297aa286b951L,0x971052a3ae4c9f63L,
-        0x38ca88212a097f14L,0xe505b1ec718e620fL,0x0000000000000119L } },
-    /* 40 << 77 */
-    { { 0xf02ebe9596f52213L,0x2aba2dfc62f9f1e9L,0x7bbdde57934ef9f0L,
-        0xd5c7882ea417af58L,0x55cdfe89dcdf7815L,0xf79051b18470a435L,
-        0x364da0aa7e8593e8L,0x02c3d160975a5f81L,0x0000000000000034L },
-      { 0x59493183ccd37734L,0x085a8cd2e645e991L,0x2d54d2668c4b4a86L,
-        0x96cf84cf7b4079beL,0x4abade40ba683f56L,0xfb29c00bb5457b07L,
-        0x6ed5fd3592ae7f9bL,0xb1f1a25fb5a9d039L,0x00000000000000caL } },
-    /* 41 << 77 */
-    { { 0x26cd556b3921e1a1L,0xaea7a4d9b1f5f62fL,0x8be062eb1ad9028bL,
-        0x99c738b3f3c0f0ceL,0x5db59317f043ae79L,0x30903c23fa93058cL,
-        0xe075745250dcde94L,0xb63ee08f5d35faf8L,0x0000000000000130L },
-      { 0x9dade46088d5a5a1L,0x7f687f6624dc764cL,0x224429986af08677L,
-        0xf6ffc5179857465bL,0xdd1d92cd16eeb385L,0x3b27c4363a9ab99fL,
-        0x36fc22217b450819L,0x8a2ae9917c077c4bL,0x0000000000000126L } },
-    /* 42 << 77 */
-    { { 0x6edbc169d3c026efL,0xb990e974b3656143L,0x82dce5f11052b46cL,
-        0x522b454f346588e6L,0x87be4c0a2f04bf25L,0xc013f791d83edef8L,
-        0x208f49a8736ff68cL,0x00ae3843281e5af5L,0x00000000000000b8L },
-      { 0xfb7c1540b14834ccL,0x7578c1c9036b2491L,0xb1328c4174f9c4d3L,
-        0x9158cc04bb0a5630L,0x95d413897757dcf6L,0xe6be1b4f6bdc01a7L,
-        0x92930721197a54abL,0xf8cbb795262c5de9L,0x00000000000000feL } },
-    /* 43 << 77 */
-    { { 0xd4e40c43d91f2e22L,0x760551b0ea9f06dbL,0x7271357be6424d8fL,
-        0x1c139ebfd700c632L,0x36ffaff59c1ca226L,0xcc10334cc07ea685L,
-        0x066963dbb8b2376aL,0x38066959a91e1636L,0x000000000000006fL },
-      { 0xd27f9dc0aa8a23deL,0x9143dd55b035bca1L,0xd21f7d664d70575dL,
-        0x3e86e93ad29defadL,0xff32fb430d7d088fL,0x268353357ceb5006L,
-        0x9696d3a595ff6981L,0x6e866b5b44250a28L,0x0000000000000156L } },
-    /* 44 << 77 */
-    { { 0x351a043f060f4eebL,0x15209879d5b3bb63L,0x9698170c9178b96cL,
-        0x5b90ee14085b927aL,0xc8993568b5f2f8deL,0x9b5e29d34847abb4L,
-        0x46be1cebefd9a245L,0x8b4d783fe64a4af9L,0x00000000000001ddL },
-      { 0xb7bef10844ca314eL,0x26be580eea2bd1a1L,0xf57173d964855abcL,
-        0x21d2e1ed42aea843L,0x2a75fcb632f0d49dL,0x13316023b1c84fadL,
-        0x45734d1e7a1b533dL,0xb1a134dd8eee750fL,0x0000000000000050L } },
-    /* 45 << 77 */
-    { { 0x2891a9cc118e30e2L,0xcaa1b23324d29c24L,0x299600b7614d15b0L,
-        0xd3fa214bb2b193beL,0xabd77d87402684f1L,0x8c0b18c2fdec80f4L,
-        0x977833ca8efc68d8L,0x80752a69b3a99b6dL,0x00000000000000c1L },
-      { 0xab8b54aaaa4faf4bL,0xe58674b91485e938L,0x70e4907df9448c62L,
-        0xb74aadeba5f687aaL,0x994221ada0ebfc28L,0xa2e0bbac8df568a9L,
-        0x66e22982e1f06342L,0x800f40d53e73b5bcL,0x0000000000000053L } },
-    /* 46 << 77 */
-    { { 0xad24f8630abc1fc6L,0x04be06226625e9ccL,0xa0fd69eda80ce1e7L,
-        0x3f61e48b44c92416L,0x2ff89da5ce72dfa6L,0x462258a109268f2cL,
-        0xfb125f58b4b7fd03L,0xf72a865567c58ba6L,0x00000000000000e1L },
-      { 0x4db84d835c451179L,0x88ccccc63b02f7d2L,0x03ac849dc542c185L,
-        0xc20bc4c8b38b637bL,0x8076a9b8cdc5a419L,0xc712278bb3ddab32L,
-        0x3cf2df106e8e74b9L,0x7b177eb9486b20b2L,0x0000000000000105L } },
-    /* 47 << 77 */
-    { { 0x8afcc24d382f5750L,0x3acddfde54812d70L,0x7299dc77cd9c82edL,
-        0x1642c13900c140feL,0xa778b51691c0c3c5L,0x038b15eb2502380dL,
-        0x0762404f0bd24e3aL,0xad1e2552ce726c20L,0x0000000000000196L },
-      { 0x20a92f312523da44L,0xd1023bc8c536bc84L,0xe6b5f3a86c43897aL,
-        0xadd1b4f1b3437151L,0x5687d3eb1a97933bL,0x07c6421383350406L,
-        0x56874e419e93c582L,0x6bfc781c1f59dab5L,0x00000000000001a8L } },
-    /* 48 << 77 */
-    { { 0x6503932f0c7723e0L,0xd185af25a8934788L,0x5bc1660c792232f4L,
-        0xcfb04aabc2ccd476L,0x59e84fee16844fe7L,0x736c2cd809c31ad5L,
-        0xdf44215499058585L,0xf3b79464c3f2b46eL,0x00000000000001d3L },
-      { 0x282464c7089e2e4fL,0xbe9d0bfa17d8eee1L,0x7934aed1fcf3e876L,
-        0x76465104d4e606b9L,0xf114efb4fa4412cbL,0x8f9f32d2f1fc8480L,
-        0x2879c7855c340a29L,0x3d28e8a7d570bcefL,0x0000000000000178L } },
-    /* 49 << 77 */
-    { { 0xe39823fd528505acL,0x8ebc47325c5f2cf1L,0xc44463bec2949fe8L,
-        0x85161d86cce2693eL,0x07a25ac07ee556d1L,0x4f25af1952e857cbL,
-        0x11c601ec54424593L,0x73ab0d66312c6359L,0x00000000000001b7L },
-      { 0xa5a485e638d15a2dL,0x508d127b1473315aL,0x77f80913ce227761L,
-        0xc5ab5ba6f973549cL,0x2feded3f26e06fadL,0xe3e8a9421884393cL,
-        0xd10318ee59a646a0L,0xaf1ac30d53726ff1L,0x0000000000000152L } },
-    /* 50 << 77 */
-    { { 0x100b85a9dd94b4d1L,0xd8daf57a6587d8ecL,0x9310171258ae0fcaL,
-        0x0f97b4f8f2987b29L,0x7a3e6862af6fb771L,0x3a285868b8b39256L,
-        0x00d36274ee37b5eaL,0x52b11d2e10720476L,0x000000000000012bL },
-      { 0x3fa5ea33242d8351L,0xf9d559b230f44661L,0xd2c61b6cb62b0b61L,
-        0xc316078cfe0480feL,0x0ad7a72e4db4ea51L,0x624045e0f8bdda6eL,
-        0x30f27b5ad9c158a9L,0x94b07694a3b997c1L,0x0000000000000152L } },
-    /* 51 << 77 */
-    { { 0xc2965b4b16ac65feL,0xc4b7d9409ab82e5bL,0x229ff0cff7ea0055L,
-        0x40efdc6369eaa5fdL,0x93c5764644112d4fL,0x0b25310e2715e10eL,
-        0xd6a9efe5c9974136L,0xedacc9706ee8d832L,0x0000000000000046L },
-      { 0x893377613727b7e1L,0x88c850afd078941bL,0x58756ece7b823796L,
-        0xde7bb167aafaba1cL,0xb057cc537a7fc085L,0x83b15ebba59b9fbbL,
-        0x1319c88bc112199dL,0x74f8df4e55023975L,0x00000000000000d7L } },
-    /* 52 << 77 */
-    { { 0x52c39bdd29c86c06L,0x36c4a7422e6da397L,0xb429fe2916c08eb5L,
-        0xa8cbbcaa5f62d74cL,0x49c149eb40b83aacL,0x38128a270b423a47L,
-        0x947c4abf4f3121f9L,0x0b2c865c2ae48961L,0x0000000000000096L },
-      { 0xd489f8b216565942L,0xc94dc15e2e387adaL,0x7ecdbea39ec45872L,
-        0x122026994189738aL,0x57deb4ea1268576dL,0x59dbccf1d8ef43ebL,
-        0xdc0d07a5acc68febL,0x519e8d571a01e26aL,0x00000000000001d3L } },
-    /* 53 << 77 */
-    { { 0xaf380ca366cddf42L,0xcac3e386a4625641L,0x6366ffed6a06256bL,
-        0x9803be38a63544acL,0x75a7a48c4235d59aL,0x880b86944b0fa3b7L,
-        0x105f4598e06fd240L,0x861670560370cf92L,0x00000000000001c6L },
-      { 0xded452e494949561L,0xddae0321d7dd2556L,0x9f81b561326f74c1L,
-        0x12b3e9632604eb59L,0xb7f0a72f30a9e3ffL,0xdc6d097e4df8dc6aL,
-        0x5b82f64fb2ca84c6L,0x605abf186073c250L,0x0000000000000052L } },
-    /* 54 << 77 */
-    { { 0xcf8532fb7c6c5928L,0x809b06af68ef4167L,0x1e3f716e69dca4f9L,
-        0x605a859dd655961bL,0xc5414e946c1180f7L,0x864afda1026b8a2cL,
-        0xd181e149da3fadbaL,0xe7be322d8fce2449L,0x0000000000000142L },
-      { 0xc85d4ffa5670ff12L,0xf7e91b0ec3a84a89L,0xdf19ed5befc145c4L,
-        0x206c72965a8c3c4bL,0x0b97942db93b820aL,0xb1b890b7a51b824dL,
-        0x013d153d20dce1a9L,0xefe9ded346743f8aL,0x00000000000000a5L } },
-    /* 55 << 77 */
-    { { 0x88d2dc674477ec08L,0x80ba5fac1411b3c0L,0x969b5230a98dfe57L,
-        0x752ad8d4eeaf4654L,0x6a922cc35f3d4184L,0xc523a34808e7a943L,
-        0x5f764b409cfe4145L,0x7395772bc03b9f6cL,0x000000000000012bL },
-      { 0xa990597615682164L,0xf164f513939f3d99L,0x30f6e9db7016f097L,
-        0x8890d32051fe1e18L,0x3bba183346117780L,0x70ac1f57c19f9604L,
-        0x8457dd06d81e63e5L,0x79f823471aee9177L,0x0000000000000076L } },
-    /* 56 << 77 */
-    { { 0x8acd524bd326ffb6L,0x4a1091a39e731029L,0xb056d998600d299aL,
-        0xfb695c26b78ebf7fL,0x2b83e30c73cc7f48L,0xf2364e614bcb6645L,
-        0x6a707650837638c3L,0x6d1652bf21528a26L,0x0000000000000034L },
-      { 0x353dc81f6d2b8fc3L,0xfd3003918627a2e4L,0x5f7c25651179264cL,
-        0x69856301af46d535L,0xdfcd6cbd16f35cbcL,0x5d2268fb4fe07645L,
-        0x2ca719dd29cac6aaL,0x9f8fcb728cbe9556L,0x000000000000017cL } },
-    /* 57 << 77 */
-    { { 0x4f2db278e6836ef9L,0xdc9db67431f1f845L,0x41dac672afb53ff4L,
-        0x1f39842ea4d18cb8L,0x832a0120c8d7d103L,0x5af1307130d09edaL,
-        0xba18cee34f80aef4L,0x919ff54e9b1ece22L,0x000000000000004eL },
-      { 0x9e47ee63129039d8L,0x9b52315e4fcd8e90L,0x38df4512cbd444d5L,
-        0x35db7331788cc2acL,0x50dbadc2e36c9026L,0xc6ef1044bca03510L,
-        0x79e05a990a970df8L,0xbdd712ff5af0d25aL,0x00000000000001beL } },
-    /* 58 << 77 */
-    { { 0x9aa54906870f00c8L,0xeda2769c2f3b15c0L,0xe0532ca76d46ab6fL,
-        0x9c0906af876b4061L,0x1bd77842076041c8L,0x6174e11fd89f7021L,
-        0x9d479b3b9bd405a2L,0xf4f7c9ebacfbc196L,0x0000000000000019L },
-      { 0x7913dcc655e1cddcL,0x1aed0ee4b8d46e1bL,0x15d4d50ecd4a8a46L,
-        0x19f9f35e2c6ab887L,0x1572156140028363L,0x87e4c807d98c50bfL,
-        0x3c2ea1ef5dd21087L,0x7f39af3bfc7cfde9L,0x0000000000000065L } },
-    /* 59 << 77 */
-    { { 0x0418f880e7228e86L,0x02a31e0bc2425928L,0x1ba3e262cd64b30dL,
-        0xc90cd1893cb75cfbL,0xdda6046a6b60d4abL,0x700f6be365d4ae88L,
-        0x6c19cceb2a55c16eL,0xdda5c411dc3d25b4L,0x0000000000000088L },
-      { 0xade4b36ac8dae67cL,0x406b38c3a42ae110L,0x2ba70cf3e640d5b3L,
-        0xdb2c34c2e6b4b6d8L,0x2e0c90d8bd73609eL,0x6d1be3ccade63bf4L,
-        0xda9a3d0bb0ac8323L,0xc42d60d0d2f72670L,0x0000000000000076L } },
-    /* 60 << 77 */
-    { { 0x302ccef76dec3c88L,0x04db4fd6110918afL,0x895be3981815e18fL,
-        0x87d89080690de8a8L,0x95d62d3304a44f0fL,0x206a7909fb546063L,
-        0x327de8996eea1c3fL,0x729f6291fe7aa87fL,0x00000000000001e0L },
-      { 0x0efe87e02a49d439L,0xccc22bf2fdf9dcd3L,0x22e02cc613639aaaL,
-        0x9502c35f9ad086fdL,0x7d3551898b574050L,0x1ecc10ff410cce0eL,
-        0x8f538a0a134236aaL,0x8f60cd8c27d66de9L,0x00000000000000a4L } },
-    /* 61 << 77 */
-    { { 0x55645b80c16661c6L,0x948e917c7d0ee031L,0x3eecac38b7e15502L,
-        0x0d8e9f161640fcf5L,0x43c6dc1921b94ca6L,0x6e812bbb6a097c02L,
-        0x2d3f616b6e983e37L,0x328a6ab8353feb24L,0x00000000000001b7L },
-      { 0xdeacf95c5372c6e4L,0x16bf649897e667ceL,0xc73d49047d89c4c0L,
-        0xedddbb70621449d8L,0x55eda935acd93cd5L,0xdb12b4afb06b3addL,
-        0x2c09fe7ab0dddaedL,0xb5cdc9e307cb7ab9L,0x00000000000001acL } },
-    /* 62 << 77 */
-    { { 0x63077120aefe3471L,0x6afdb40a16520c6bL,0xdefe75d8e10ffec9L,
-        0x61bb8618aba587dbL,0xe787478faa110a6aL,0x660b61e0adaeb173L,
-        0x9c2ab425be6b827eL,0x05e45ab3bd4272fcL,0x0000000000000105L },
-      { 0xfc20b8cb722ef6c6L,0xd78e5751dc4821b9L,0x6cebe18b1f7e4a73L,
-        0xd82a17b7b3b3665bL,0xda96aa6da35af6cfL,0x7b5b59476f5ff66fL,
-        0x43ad4a772606eb76L,0x358dcbd77d164e28L,0x0000000000000173L } },
-    /* 63 << 77 */
-    { { 0x980490160e955688L,0xf9f19c4243d2e2e4L,0xd2c0104dda5c9863L,
-        0x700371f62cdd8df3L,0x5d7f0fa834cf1b7bL,0xc54ce1a18d7b8a16L,
-        0xc4ba22b8ecd80872L,0x31c353dc77828799L,0x0000000000000032L },
-      { 0xffc587a418dc7eccL,0x4973b0e2389fb0feL,0x65013621b185b1d7L,
-        0xad6003d1a86d72c3L,0xe78484f1bad2e076L,0x20f1a5678d9f7dcfL,
-        0xc351ed478c3d52ceL,0xa6280661ec7a67eeL,0x0000000000000146L } },
-    /* 64 << 77 */
-    { { 0x20084293eea8d666L,0x01afa6ae12780dedL,0xdbce851a5b79d11cL,
-        0x280a43a009b895b3L,0x95c92e1a77c59c03L,0xd99606376b9ec1b8L,
-        0x08c0bb007beace14L,0xd0ba7943eb76c9beL,0x00000000000001b6L },
-      { 0xa14d2a3f15a51540L,0xfd25ffcb7211ba73L,0x020efe82cbeedfacL,
-        0xdc5b6591aa5301e5L,0x25d3413fe1708393L,0x9a3fff34b0a1e5cfL,
-        0x1892f1b7d310f9aeL,0x3ec31f629df3548dL,0x000000000000017cL } },
-    /* 0 << 84 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 84 */
-    { { 0x541bdd795338e99eL,0x2753b15c2656702dL,0x360263f1a7f6af6eL,
-        0x42c9778702adc827L,0xb4b4a66527abff88L,0x1f9dfe514a9a1ce9L,
-        0xf1fa56ac48ceb12eL,0xf0e55a366d0b967dL,0x0000000000000116L },
-      { 0x7ed35bc349642f41L,0x69c8bc4622ee3354L,0x528466231911836fL,
-        0xdb193bafbf4b87e2L,0x427ff5f44209f1e3L,0x4152fd13dae27044L,
-        0x3b73f059a1f0ae7dL,0x621ace506f1503e1L,0x0000000000000196L } },
-    /* 2 << 84 */
-    { { 0xceb3d6d8ecc914faL,0xaaddd75d326df942L,0x8475ee47391b67b2L,
-        0xad4cc87be0591e3fL,0x1aa4c9fd9129c3b2L,0x52172155525f0054L,
-        0xa32fff27aeade029L,0x550ac763217c0ea7L,0x00000000000001dfL },
-      { 0x3d4bbc04df12e80dL,0x82d0b17e8d5ad5baL,0x7b059d1e1e38ba38L,
-        0xb22b3beb0f9c9ad6L,0x75948e7725833548L,0x15e78db4b7d8216dL,
-        0x3c573681c1697cc0L,0x02dfd8b537f9ed90L,0x0000000000000172L } },
-    /* 3 << 84 */
-    { { 0x72c5cf1e83625a05L,0xb04221efd0b73c77L,0x52de6bdddcd8527bL,
-        0x73e03488d491416eL,0xcfefb1b130e7b551L,0x872c5b20813a17faL,
-        0x75f43fb9685a3923L,0xf057cae66960bcd8L,0x0000000000000119L },
-      { 0x84e8d67954becb7eL,0x47d5e5da3afdb96cL,0xf0b5d59b04476ed9L,
-        0xb2d7daee4c2984a8L,0x07fc2e0e986271e7L,0xa9895f88b3300786L,
-        0x8f8fcd5a53a88830L,0xe9446200452d1a5eL,0x0000000000000181L } },
-    /* 4 << 84 */
-    { { 0xeb05b269a9e110faL,0x3dc96e495694769fL,0x22d5dcb190129a2aL,
-        0x15b02839ddcab3beL,0x2784efed9819a2d9L,0xc19a373a83ba587aL,
-        0x0ecfe7e631ac78ebL,0x6b7d9a50b6580d76L,0x000000000000009fL },
-      { 0x20cf011e22e1f23eL,0x2bcd70c671dec689L,0xa4956ecdb968b2e9L,
-        0xee6224fd8c68507eL,0x2aeb7d0c6e7c15faL,0xf857d1a55e1c74a9L,
-        0x4f5eb8c6298d033bL,0xfcda7bdada7ef5ffL,0x00000000000000fcL } },
-    /* 5 << 84 */
-    { { 0xf21724305ce20879L,0xd48233b602995c9bL,0x5da336e0d39d6149L,
-        0xc516d0131a37df28L,0xa7098d962b3fe1c0L,0x65cee9a96a3099b8L,
-        0xd1df9d2e320323a0L,0xb1c49334cfad65d8L,0x0000000000000024L },
-      { 0x3bbc258e902dd9f8L,0x13861a7c0e9ce909L,0x0f0497f50f7c4ab6L,
-        0xef96a255ddc4a4caL,0x4655fd6414a185ddL,0xa983915491345882L,
-        0x96c039266695b74aL,0xd88db243481da372L,0x00000000000000d0L } },
-    /* 6 << 84 */
-    { { 0xabe2205b68e52960L,0x773afddfa062a50eL,0x8c58ea01f1cf4a46L,
-        0x3e88e23dc76bb8d3L,0xbb3b294bc501e0aaL,0x42cfd6220859b18fL,
-        0x8c6dc95f16286e18L,0xd4ba253e0ecf00feL,0x0000000000000071L },
-      { 0xc3970825eb3340eeL,0x4f981608b3ad699eL,0xffb5ea24c80bc4deL,
-        0xb774f894604dbb78L,0xa164c4cb1c947619L,0x92bd21e5cf2b764bL,
-        0x4b38a590ecca13ddL,0x1a47520a05cb48a4L,0x0000000000000166L } },
-    /* 7 << 84 */
-    { { 0x85e007a105e31f06L,0x8b43c7defdcaffd8L,0x53d13f277e4ab187L,
-        0xf7d22a394d4e71e1L,0xf1daecf88d0a8b1dL,0xe51e2f3a90c409cdL,
-        0xb84b6e0b46d43496L,0xb70b148ef5e87710L,0x000000000000017dL },
-      { 0xfdcd92b7e45e1097L,0x6c5fa06295da5ef1L,0xd2fa00bb7bac30eeL,
-        0xaada82e4f49d2088L,0xf8c4fc0f56827ba3L,0x04ef216b207c79acL,
-        0x3a3a685138449d34L,0xf0ad4b5191900ce7L,0x00000000000001aaL } },
-    /* 8 << 84 */
-    { { 0xb4c52f11f3d7286aL,0xec47cb5cbbf67a41L,0x89d3382eaafb10a4L,
-        0x4afd876806222b90L,0xfa16b295feb5416dL,0x0946f9d45d095b7cL,
-        0x18526b28ff975e3dL,0x259cec2fb2f1c609L,0x0000000000000104L },
-      { 0x545642a062e36127L,0xc3e4c6f71c38e6f5L,0x1d0e02c41bf9d6c4L,
-        0x8a7a6fb6483ba43dL,0x7104aee9cf390b9cL,0x4acdccdf2578e2fbL,
-        0xc17af6df73b3feb4L,0x2fb789d77977fa95L,0x00000000000001d6L } },
-    /* 9 << 84 */
-    { { 0xa14396d3e9cd61e9L,0xe5b79eec037dc92fL,0x88217b170156582fL,
-        0xedc457471f70551fL,0x60be827f32d048d9L,0x2fe4c45edb6b91b0L,
-        0x8bc71163ba4dc597L,0xe3fc3791936e1f8aL,0x000000000000002fL },
-      { 0x8dfc5ec30139f399L,0xc93f22717334f267L,0x9b8d510da10066dcL,
-        0x8a9d400ab7c157a9L,0x5e83d95d3ad20222L,0x2e244da8483db80dL,
-        0xd434f50e97e427ccL,0x0c98d8fe73195f8dL,0x0000000000000014L } },
-    /* 10 << 84 */
-    { { 0xbf53d7cafcc691daL,0x6b8fb94f57f9d8b0L,0x8124062527343963L,
-        0x98cf3891d6d682edL,0xf0ae9654119fed89L,0x61f5810a32803c8eL,
-        0xda1c6f26ce561b4aL,0xa23e3c857b478bc7L,0x0000000000000048L },
-      { 0x455e708f3530d96fL,0x38d3928e003d010bL,0x289f06c4764bfcb5L,
-        0xcccf4fd96ecaae0bL,0x76496e196b09aa3eL,0x13cdb1b5f2f24787L,
-        0x1040ea015837cafeL,0x869751f81de1b6daL,0x0000000000000027L } },
-    /* 11 << 84 */
-    { { 0x573811f6ad9570b9L,0xbaf2ec126ca614d7L,0x6f4a9a0bb735cb79L,
-        0x850e4b736f9affb6L,0xe399dfb43b760ac1L,0xa7759b8e5cee0611L,
-        0x58d84ae60722de06L,0x5ab2ed5483dbb9feL,0x0000000000000148L },
-      { 0x98c24006df14f9e9L,0xbbd0130f0ad7bd90L,0xee55b08dc3c91b77L,
-        0x16a18d954f6934d7L,0x5f191a312deed126L,0x776bcd3284897d4bL,
-        0x83b4d25b7b0cd708L,0x6e6aa60cd9f50beaL,0x0000000000000181L } },
-    /* 12 << 84 */
-    { { 0x34383bb055bef397L,0xc14c123a43be84dfL,0xa0fae432057eb68fL,
-        0x5c6c07b24903c2d8L,0x3e78de9d32bcfee6L,0x3d2d16af93bcba15L,
-        0xafb2db59c206822eL,0xbbea1116a332e64fL,0x00000000000000fdL },
-      { 0x20075ed100c6ea12L,0x2b1d0a044e4f3d33L,0xf3bf3ba82c5370c4L,
-        0xe1675545a4b86668L,0x609432c3bcc6dc6aL,0xc09a32e36777d69dL,
-        0x9248e09861f37219L,0x32650569f539662aL,0x00000000000000eeL } },
-    /* 13 << 84 */
-    { { 0xe82b6739d225d7c4L,0xc69d44ec0e8b47daL,0xd842c960d69237a8L,
-        0x6ed0097ad24a796eL,0xef96b040030e4149L,0x55c049ac212e51d1L,
-        0xcce35f170c44bb8bL,0xbfd67f2971c94884L,0x0000000000000196L },
-      { 0xf02b65df4755c1c8L,0x3330ff77a8144225L,0xb4d9365aa39fb2b9L,
-        0xd5d31cf295c66174L,0x7597fd7decc0ca46L,0xe7565e2ce11870a1L,
-        0xc709bc5da36c5100L,0x4d319121639f0a7cL,0x0000000000000144L } },
-    /* 14 << 84 */
-    { { 0xaeb813e3c79e8798L,0x01ceafba48e50c58L,0x974bdb02569d8013L,
-        0x83c90f107c7c5033L,0x2d6e1617702dce8cL,0x55eec88c3e07ead9L,
-        0x9f9bb723106b9a4dL,0xbdbe0818e2b351c3L,0x0000000000000084L },
-      { 0xaa512a7ee5058362L,0xb288f28904c001daL,0x0ceed00ca713504aL,
-        0xff656d2de24f8ee1L,0x637ae9543eb57ca5L,0x4a21412e7342f010L,
-        0x205cf0c2a9ce4de1L,0x4780b6a3d59aee6dL,0x000000000000005cL } },
-    /* 15 << 84 */
-    { { 0x83994e557fcc0c7eL,0x887856631c37f01eL,0x88a9a5679f196624L,
-        0xcd828df25b3fc857L,0x470f8623581344f9L,0x85cf12a6768e83a8L,
-        0x5d11327b9718a861L,0x9a1045d76e713452L,0x00000000000001c5L },
-      { 0xd4c452e4711f46b1L,0xdc41b91e12fd1e23L,0x845897e431aa874fL,
-        0xcf51cd7e8cd6171bL,0x1825bd254f183e74L,0x361a0e53b5da3216L,
-        0x16349308601e0405L,0xe3a40682f094f144L,0x0000000000000187L } },
-    /* 16 << 84 */
-    { { 0xf762eaf77b602085L,0x3b6e62332d470147L,0xe1028d76d3cca3e7L,
-        0xf3616dd8ccf39be7L,0xa35c4cc108e8f10cL,0xc413db107cb4b321L,
-        0xeab81774c3249f4bL,0x3e7bdea7be83bc78L,0x0000000000000134L },
-      { 0x86999f159d38d508L,0x0c9a990afb204d42L,0x27c4421dcb616f5bL,
-        0x2cb6590d46ae31ecL,0x1a33f6ab309acf22L,0x13d99e2a80320210L,
-        0xa13731b3341d1667L,0x7e0baeba4bfcc116L,0x00000000000001f0L } },
-    /* 17 << 84 */
-    { { 0x09ab412d6424425eL,0x74cc553061d3c0abL,0xa97378272d2c78c7L,
-        0xb25da089e684f1f2L,0xcc4de4d2f911ef5fL,0x35b774b0c9b239c0L,
-        0xf155c51653f100b2L,0xb58b7edbfde0c23dL,0x00000000000000c8L },
-      { 0x176534ff99e35e49L,0xfdb72d0f3f22064bL,0x96fce9811926fa09L,
-        0xcb7d400f587ef357L,0xe45d45ab0b2988b7L,0x7c8cc19e1cbac1b2L,
-        0x8e43cd5f0a3cb693L,0xb06b000d3302b5a0L,0x000000000000017bL } },
-    /* 18 << 84 */
-    { { 0x544bbffad1aca0f8L,0x27a01dc60e8e570bL,0x23f27a75fdaaba6eL,
-        0xf3a345d98626fd81L,0x439bd947a89f1553L,0xac968c8688113865L,
-        0x7aa489c6aea28591L,0x386be8175e2e0423L,0x0000000000000198L },
-      { 0x8a5f011f50c91fc9L,0x1f8371bf1c27ba7bL,0x7e54d98356505a0bL,
-        0x108343e521aa0a75L,0x291295d453e9e9f6L,0x4398536d23f6347bL,
-        0x864de21b44ba01efL,0x58d7f468737319f8L,0x000000000000012eL } },
-    /* 19 << 84 */
-    { { 0x90da648771065501L,0xcaa29c6b26a4582cL,0x9e4edc4a47ed26adL,
-        0x42003fc1576cca06L,0x9781c36fa7d795cbL,0x61aa367436397bcbL,
-        0x5a283a1bf9903003L,0x9e80ff413adf36feL,0x00000000000000c5L },
-      { 0xf5ff812916855bc1L,0x65046899a776d1b4L,0x221fd17941fdef50L,
-        0xf19ba04539dee7c5L,0xe6df5dec0fcab146L,0xcf68fd0a805416abL,
-        0x710f16e2e4dea8b1L,0x703229d7af3ae211L,0x000000000000015cL } },
-    /* 20 << 84 */
-    { { 0x8622dc3ffa286a36L,0x51b25ca952dcd8b1L,0x3dfcd6c4753d9d21L,
-        0x491384cce2aaad12L,0x016b19a77f8167ceL,0x8c03c919e7a09ab6L,
-        0xc7ded8e3e8c1f60dL,0x318a4556c45fa24dL,0x00000000000000f2L },
-      { 0x93decd4a3ff218c4L,0x84efb5a7f04927d8L,0x2f9ca93e1cdd14e0L,
-        0x77747b0197364d94L,0xf0555c73f6ad16c5L,0x7fb0cf2f141826ffL,
-        0x7c2e2ed7b21f5339L,0xabcba46bf76ea20fL,0x00000000000001b8L } },
-    /* 21 << 84 */
-    { { 0x01a139a713943e96L,0xa3a5224c0be158e2L,0x25b4c06101cb5d09L,
-        0xd4f1a98e51e99014L,0xad1aad0e8cd226c8L,0xe791062d81749b08L,
-        0x6ecee7e89a223687L,0x4f3163daa063dc05L,0x00000000000000d8L },
-      { 0x7f1940fa1f3aa8b7L,0xbedaf19c58b91285L,0x4c309e63f113920aL,
-        0xcce150924a8a95e9L,0x7e8c2c756d1f1185L,0xeb5093d138e24ee2L,
-        0xbb1a329aa0414d8cL,0x7521eff1265b457eL,0x0000000000000085L } },
-    /* 22 << 84 */
-    { { 0xdacb242420f495b0L,0xab9079b8e08cfb82L,0xdc0a584e764487f1L,
-        0x541bbdd56d17b2b2L,0x75e7c8239b665315L,0x9e5256ca8b3cf073L,
-        0x53ce698ca963c000L,0x746f0c775ca2949bL,0x0000000000000027L },
-      { 0xac741a8b7915623dL,0x64426fbc4a5edc48L,0x8a52fba3aaef5c08L,
-        0x3c353caa91018453L,0x1e2985f81a96fde5L,0x200f91cc90733d41L,
-        0xe60794477db133faL,0x274563f14eac2054L,0x0000000000000180L } },
-    /* 23 << 84 */
-    { { 0xd573dd7a12d8cd30L,0xdce706a9ec2de865L,0xc9b322f1a4ab8aabL,
-        0x0ce9268098773392L,0xa1b40d60bf5196e7L,0xc5cefc2d898f2d1eL,
-        0x4fe80b90c18c6f17L,0x87eb7298e4fe5bcdL,0x0000000000000181L },
-      { 0x1038d18b1c63bac1L,0xff56f0c8735b6d04L,0x0f9b85f87624d96bL,
-        0x8d0da28ef1d48f88L,0x3cc190897e1f8316L,0x75114fea47058d44L,
-        0x8f7130d118e224edL,0xa0f4114bbb6215f2L,0x00000000000000a2L } },
-    /* 24 << 84 */
-    { { 0x5dc39d107da4f65cL,0x0973b4af52e2bdf1L,0x2e35974b195c5d3bL,
-        0x2321d8c5de0856b3L,0x9b218d518e19f2b6L,0x414f483cb9eba23dL,
-        0x5eb4d875d87c2c14L,0x8c3693144becdcf7L,0x0000000000000180L },
-      { 0x8ce9961bd78615e3L,0xcb4dca5b7877078aL,0xa082b950067faf84L,
-        0xbe4ef854a1ea4fe8L,0x1a746d028ebd8cd5L,0xfcd8a6be58ced7feL,
-        0x5afef0183e2b39bfL,0xfd07234d1eb20debL,0x0000000000000028L } },
-    /* 25 << 84 */
-    { { 0x5f8ee39ad41d6132L,0xdc76ed945f63e2f3L,0xc24a406ab107431eL,
-        0x8b30660eca996341L,0x5673b95c20747fc9L,0xe09168a8b0bed38dL,
-        0x6120f80719a7ab41L,0xaf1f3376e6b66ed6L,0x00000000000000a2L },
-      { 0x7c535035491f6023L,0x7d70019de7f908d7L,0x92f8ca9996e33046L,
-        0x18c5df345fc7f094L,0x38c7e1eabe02b829L,0x7b6ee9b4cc301d3bL,
-        0x55f41778b14d398cL,0x52a275ff5b3f124dL,0x0000000000000081L } },
-    /* 26 << 84 */
-    { { 0x48df4f176e539400L,0x6433abfeac7ec090L,0x9c935918c9474b64L,
-        0x472fedd0406d83e6L,0x42cc03c72592c93aL,0xff2ae77db510b8b0L,
-        0x22fb8dc513ebd07aL,0x3f093c2be656d363L,0x0000000000000016L },
-      { 0xc46f526fd725a2dbL,0x95cef0f32be69c0cL,0xb941c71b329e02ecL,
-        0x37a8cf5fe0fc49bcL,0xe5d012a888a9e033L,0x0a90a0c07d701e97L,
-        0x4d8ce592bc2ddfcaL,0x4698c015e01f5349L,0x000000000000005eL } },
-    /* 27 << 84 */
-    { { 0x97ca07ca64725780L,0x901c76f4cdf4cb59L,0xba0472400a8dd50eL,
-        0x5a6ffd1da8028447L,0x438d0474cd8e128fL,0xf92f83db9e7e41c5L,
-        0x9504f799ad95ab9dL,0xb2df6f6578f9ca93L,0x000000000000004eL },
-      { 0xae2d32fcceeb8c6aL,0xd66683f2eccb6ad1L,0x2132bf4fd0b462abL,
-        0x65d7f312152b21c8L,0xc5abfb1aace7ab8bL,0x3c88dd8282ccd06fL,
-        0xd1916201e023fe4dL,0xce3e0f140f882c2bL,0x00000000000000beL } },
-    /* 28 << 84 */
-    { { 0xa1a2d265436f1191L,0xa63ecd90846e768bL,0xce361cce96880f0eL,
-        0xbb06470312cc9bb7L,0xe58b4cf9b6d5d885L,0x711f490d872f791bL,
-        0xa31d70221b61790cL,0x1c0231435e010dedL,0x000000000000016cL },
-      { 0xc4833f45b9f2ae47L,0x39556e38e6c5aad5L,0xe7889ba4714e6359L,
-        0x7d4fa851edaf5d7dL,0xa860fdb59de3fcb8L,0xc4a44f663b213dacL,
-        0x843b20da5b662002L,0x0e4569247cc1f364L,0x0000000000000194L } },
-    /* 29 << 84 */
-    { { 0xa1f3ae570844c579L,0xff79de39a6263761L,0xc2bc07f0a1ce54dfL,
-        0xf6f36b5bc7a75e1fL,0x37ed63e547649754L,0x0bbee79b9e40b603L,
-        0x3111770ad1396489L,0xa0be70b7655f8f80L,0x0000000000000118L },
-      { 0xf396b09dfffbe440L,0x5c64b53ee98d45b7L,0x42aa83ff599b7ea0L,
-        0x4130842825c6b232L,0xdf4377f764153f28L,0x7253ee06ddc00b84L,
-        0xd6e3139b30384ae9L,0x47a15b0b5bbb7451L,0x000000000000002bL } },
-    /* 30 << 84 */
-    { { 0x817f91e777960e81L,0x16ec79224e9251d1L,0x20edc99036eecb38L,
-        0xd1287d7e6d0c4b7cL,0x9a98e31842255d2aL,0xc5d8fdee1cbf6b61L,
-        0xf4aa4eed4b8c971fL,0x506ed9b587a96b0cL,0x000000000000000fL },
-      { 0xffb1cc83853daa7fL,0x650ab9962aa0d0a1L,0x1d1a02515ca4f753L,
-        0x7e3dbe541252c13bL,0x256550cdffc132b9L,0x0c01f3a681cc2164L,
-        0x174f7145eb5741f8L,0x6d134e21b5f4b761L,0x00000000000000bdL } },
-    /* 31 << 84 */
-    { { 0xb2113429b557c0e5L,0xa95168cadc18b438L,0x64839ff62228b40bL,
-        0xc0d6a854c63f11a4L,0x80502e786ee1d154L,0x872c5a6d432e45d0L,
-        0xeedcdd06c62d1651L,0x8ecee7ea2f605a64L,0x00000000000001caL },
-      { 0xa5dc211b2d708b77L,0x4e92269ac396cd5cL,0x384e400c93709f53L,
-        0x48afd1bab372eb3eL,0xc189796872262e2aL,0x0fc769ec4a02e904L,
-        0xbee107dfe82e06b6L,0x47b15a79d838f656L,0x0000000000000012L } },
-    /* 32 << 84 */
-    { { 0xb6675f53da1ef419L,0xdea5203bad0b5824L,0xf882dc2fcfff1ea2L,
-        0x8ef992e408eb5b24L,0xd80e2ecfc3d2321fL,0x4ca7becca5f96675L,
-        0xe2ce41b01e1a9196L,0x9b3d81319890d917L,0x0000000000000094L },
-      { 0x85c66efe87c9c810L,0x66fc21bdf644e538L,0x2b90cdb5e4835d87L,
-        0x9a60f2140f91258fL,0xb60eb76484bebf7eL,0xebe2c36f96b0614bL,
-        0x95acc92792a11210L,0x31101643f35ccb23L,0x0000000000000101L } },
-    /* 33 << 84 */
-    { { 0x1bb898741403ae70L,0xb71332db93c5c5adL,0x8d376cac631d9843L,
-        0x6a64f3d5a0d90788L,0x65f635c0b16fa167L,0xe8b3efe222000a88L,
-        0x4c11db4472cdd206L,0x64fd7c85794b4affL,0x00000000000001e6L },
-      { 0x360185c79563ef6eL,0xedeb5d8659aa49f9L,0x012d2b3e6927b587L,
-        0xba435a3d7c25729dL,0x222cea98cf3ce39eL,0x8fa5ad445dd816f1L,
-        0x4d2112b530d8033cL,0xb60209556011d8d8L,0x0000000000000099L } },
-    /* 34 << 84 */
-    { { 0x63f01bdaa71c3878L,0x3d4afb465cf66f74L,0xf9583ec1678f8f6eL,
-        0x9cbcdf8b63daaa0bL,0xf342f44f57521779L,0xf8840fe19fc0e1bdL,
-        0xc9eaf6ad31105808L,0x33c51a393f6d43e2L,0x00000000000001b6L },
-      { 0xab9720cfd10fa72dL,0x8df3a2db5c0d0c52L,0x99fcecd7c197aa7eL,
-        0xea53f54b37c93ddaL,0x6f185d4115d2837dL,0x19f0b7534b1e1f08L,
-        0xfe2fb6302131d7f8L,0x72d9a3561a76d7ffL,0x000000000000019bL } },
-    /* 35 << 84 */
-    { { 0x437f79d375c6b34eL,0xc0e3f217b9eb1ad2L,0xe876fb20b70a0c11L,
-        0xf769ec0a5ab5e17bL,0xb15cd92e0e3e8809L,0xa0487df77a2baf4eL,
-        0xcc0959837cf8334eL,0x1d8963d1c44ce5deL,0x00000000000000eaL },
-      { 0xea4053f0120c4d48L,0x15f63fd5cac7a63aL,0x6a390224848ad40aL,
-        0xec32269d76a755f4L,0xcda608f2eefe1c64L,0xdcb61661d558b4eaL,
-        0xf98391a0dc807487L,0xe633fa599e31b651L,0x00000000000001bdL } },
-    /* 36 << 84 */
-    { { 0xb964e249e324fb45L,0x968e1e694d8f7829L,0xe883e2ce4313e21bL,
-        0x62f2f3a5c0e654f9L,0xb2d921e6c6129771L,0xbb10882246ee4248L,
-        0x27fb3a768f8b0e62L,0x3a49d6a6d36ce785L,0x00000000000000c0L },
-      { 0xad32676fa616ee2bL,0x73b1140bc4840882L,0xf1464ae8588be8beL,
-        0x24d0cf2d0a9bb743L,0xeae9e1c230c88289L,0xd8f78a5b642331edL,
-        0xd5010f57537f40f2L,0x0a936df89609dfcfL,0x00000000000000ccL } },
-    /* 37 << 84 */
-    { { 0x97f48719ae3ce48eL,0x54690b991d17ac8bL,0x5c9c2f04b5e64622L,
-        0x9e62f3506da3c286L,0x153fcc9a51798c01L,0x9d36b1d6f1674c75L,
-        0xa7cef42f10977d7bL,0x00610128c0bbe827L,0x000000000000017eL },
-      { 0xbe9358d9aaef8892L,0x53abaf01b2af87ebL,0x2b4001b86d6cb1d6L,
-        0xa14df2ed1faf6b9bL,0xf88044d032289473L,0x83b6b3499918fd58L,
-        0x52115a9d8fb5d528L,0x9acd77c8a0bf9026L,0x0000000000000191L } },
-    /* 38 << 84 */
-    { { 0xc91a51c7040a8d8fL,0x3cc49d9661a7ef84L,0x80b29df6ee19d30eL,
-        0x5846acc4c76a6aa3L,0xf59e5c8b0f6e605aL,0x59cc663742788224L,
-        0x2573ab2034f423d5L,0x80ee46c160e18d6fL,0x000000000000017bL },
-      { 0xe7ec97098046e552L,0x492ef25050f412aaL,0xd4bcffad10a7a752L,
-        0x6508108fc376b144L,0x977ff961ba934045L,0x07d99b2e5dfcae1eL,
-        0xc4fed2e4aa955090L,0x294c7669e1d608b7L,0x0000000000000067L } },
-    /* 39 << 84 */
-    { { 0xccf1f6c5ef4f2f8bL,0xacbd47025a3525d9L,0xb3ca26135fecadcaL,
-        0x46fc46a340358ec3L,0xd3e61faeea406aaeL,0xa7abaeca6d70ad8fL,
-        0x53468d6374115258L,0xb276835206ffccd5L,0x0000000000000000L },
-      { 0xa424a15acf32d90fL,0x28766c229c8153d6L,0xbf06c575395ba3bbL,
-        0xbd027833e7a31dcdL,0x12a012a9eefa9763L,0x951bd91f08eeecf7L,
-        0x1b2a8bbf81cc733eL,0x46edd7f005bc357dL,0x0000000000000198L } },
-    /* 40 << 84 */
-    { { 0xe4e1851f8482e5f3L,0x41c94a2d3be00950L,0xbdd52c7712e434aeL,
-        0x985367cf5700e59fL,0xc9368d83bd1a3ee1L,0x7be0cf37f24fd5acL,
-        0xad4cb8dc8c53e814L,0xfa2bf5414d59b923L,0x0000000000000100L },
-      { 0x205f070765c46cf7L,0xe87fc3e236c06ff5L,0x40686149364e6680L,
-        0x3e7a4dba44aea566L,0x1a43cd99743158d2L,0x8b6d491ef63802a0L,
-        0xd4956a9d57ffabb3L,0x0416326261950885L,0x0000000000000181L } },
-    /* 41 << 84 */
-    { { 0xb1e98d6fc192467eL,0xed8333a1b0944aa3L,0x306ef165d1c49f1eL,
-        0x707bc71d81d6b7a9L,0x29be1c1371882a29L,0xcc9c8eea35825332L,
-        0xfa4ea1ed6d1089d4L,0xcef289b15f949cc6L,0x00000000000000b5L },
-      { 0xf99439420c8b490cL,0x2a4684215ca1924aL,0x5ddce0e570f4aec7L,
-        0x4b380387ab2f1d5bL,0x9da44a9eea16b553L,0x8f497cc8d5cc8e78L,
-        0xef3ebf1567627483L,0x5686bbe0bbfb1b54L,0x00000000000001b1L } },
-    /* 42 << 84 */
-    { { 0x4662d28ec7e6847fL,0xe545ac9ad8ddd128L,0x2172153149f08bf3L,
-        0x88bbc0079365959aL,0xce2248bb82dca136L,0xb666d008f10e0af2L,
-        0xd415bc8db5c51813L,0x3651b829b851a49aL,0x0000000000000011L },
-      { 0xe1ba9a43aa6302e4L,0xfb903793436b8d1eL,0xcdf4d3f7f178a0e6L,
-        0x628bbcbbdbcf158eL,0x18e2270de95d3b9bL,0xa5a9618a9f902344L,
-        0x41faa409a5c86b2bL,0x8332a0d2a1a1c2d3L,0x00000000000000c4L } },
-    /* 43 << 84 */
-    { { 0xe886e4cd45872d57L,0xee5bd4078124f950L,0x28bbc75fd3ba8e8dL,
-        0x3fe2689b2ad21b8bL,0xf73d1b63843923c9L,0xe845cc510bcd7064L,
-        0x6744555d4cf3485fL,0xd3ec166fa5a608c8L,0x0000000000000090L },
-      { 0x1b78f5d6c66341adL,0x6652224f03d0da0eL,0x85b069c5afb3147aL,
-        0x60fd70524a920fedL,0xb521aa799812ba7eL,0xada36124a15040c2L,
-        0x2c982c738205d28fL,0xd4e80bba57750491L,0x0000000000000005L } },
-    /* 44 << 84 */
-    { { 0x5010064a8e955d63L,0x11caef9eaaaa54d2L,0x3de4eae733f1f9a9L,
-        0xd559a26a9a5be2dcL,0xfa61002e0022eaadL,0x156c011675f376cbL,
-        0xa67586806f193ebaL,0xf92ce94d44b2579eL,0x0000000000000191L },
-      { 0x083cc46c2fb67bd6L,0x4f3c6ca21f06d1adL,0x0ee38f3985b65aa6L,
-        0x093adf465c42e7deL,0x31fbdf11aaeadb6dL,0x6be3fc78b115c404L,
-        0x7e385a3a7716f591L,0x18bda694c482d126L,0x00000000000000d1L } },
-    /* 45 << 84 */
-    { { 0x62bc238b9350ca2fL,0xab8c8c907ce8d14bL,0x330fffc7cb6951fdL,
-        0xadbdbdf726228babL,0x97da0a346d86e130L,0x7fec5623a25aea42L,
-        0x2922441ffd4335d9L,0xab2cd1dd1abb6d5cL,0x000000000000002aL },
-      { 0x7d759a051a8bdc24L,0xddb3079c7d82c77bL,0x3eb72f6e47e40f15L,
-        0x486385847b2f8e23L,0xe112ce8c04043e37L,0xb48be1b38da1281cL,
-        0x0e10355b67f8bfd0L,0xf2b0c5434b82b796L,0x00000000000001eeL } },
-    /* 46 << 84 */
-    { { 0xaa7425c422ecf2b5L,0xc695477f535d1924L,0x49eaebfa73688248L,
-        0x5d1daa50958195b3L,0x5e4b153e7c018a3dL,0xe42017076ee32e65L,
-        0x96e3679190564352L,0x65162c18dfee3262L,0x0000000000000123L },
-      { 0x128ef8610f1e66b1L,0x0b3b7f96243b98e6L,0x69252a134db87938L,
-        0x6523a4f880af7609L,0x2883c39d8576bfc3L,0x1dc4d969021262edL,
-        0xf1d2dc8acd5cecd3L,0xdcd1e118b56a9e1aL,0x000000000000007bL } },
-    /* 47 << 84 */
-    { { 0xe7bfb96f27c1c719L,0x1a7c15ff79d8affaL,0x5641d7e5ee475f3bL,
-        0xbd5cbcc3a00e54e0L,0x18dc810eba44c745L,0xd7a3f693c8b3b3dcL,
-        0x225735667779731dL,0x305ba162fa55fbf2L,0x0000000000000119L },
-      { 0xa47c5ff2e6ca3cbbL,0xe4d73b0fbe4bf508L,0x7afb6b99d95ffd74L,
-        0x0acb7b5955f22144L,0x162205d8205205dfL,0x8650751dcde671e0L,
-        0x34f91ffb549b2867L,0x7dd0bef98cf1252bL,0x0000000000000047L } },
-    /* 48 << 84 */
-    { { 0x8f345bc8d78fd6f6L,0x35446be7bc603416L,0x22a05fc392954e8fL,
-        0xcd51695bde517ca3L,0xd452c3c1c30b42e4L,0x71f0be42385847bbL,
-        0x3e5604dafa66294bL,0xa32470c791efa7abL,0x00000000000000f7L },
-      { 0xbe46e43f247c00dcL,0xa464ee494fa716e2L,0xf16522fa81328c41L,
-        0x495048b6187556ccL,0x71224071c1682e5fL,0x5e33dedfb9f18963L,
-        0xfce493c999a767d5L,0xc7f53c566ffa81f2L,0x00000000000000caL } },
-    /* 49 << 84 */
-    { { 0x7557d129fa582630L,0x0c29419fc3a8f93dL,0x05d98c11c43ea10cL,
-        0xa42d9960b32cd279L,0x5477eb119d8e50e3L,0xd9df006a04037414L,
-        0x1a8f5bce799cf5b7L,0xe5f831b3973a4d2dL,0x00000000000000b0L },
-      { 0xb71509b84f43baa6L,0xde79572a94216d36L,0xe4e1219ff8c907f2L,
-        0x718153f00c58e3d5L,0x375bc748b0b9c967L,0x74542658e9866665L,
-        0xbbc3f48935637c07L,0x7be87a6602bef3c3L,0x000000000000009cL } },
-    /* 50 << 84 */
-    { { 0x6f3a54f7faa6af3eL,0xb6b5c7a3b40d2a61L,0x74488f8b7e5e78e1L,
-        0x9785934f32458d93L,0x816bb076497bb349L,0x402cd0102bab1095L,
-        0x645a00a73952775dL,0x81c168da32ccaf83L,0x000000000000001cL },
-      { 0xf349c1a8e63682c1L,0x05b8208312f3fdf5L,0x4a66e016a3c212ccL,
-        0xdf57f4624c8e1a06L,0x0a58dc1f3ce46f7bL,0xc2cbccbdbcb4ff74L,
-        0x4181af1fcd9816e6L,0xa74ac7b2d9bef6cdL,0x000000000000004eL } },
-    /* 51 << 84 */
-    { { 0xf4c94110e40800bcL,0xe7fdd5f32c1adf77L,0x34cdd805433705c0L,
-        0x1e052bace29c6896L,0xac99d1e357668ffcL,0xf2493acb108fe93cL,
-        0x2525654594876b05L,0xb5bdfba4243ab702L,0x0000000000000043L },
-      { 0xca1a99e24e61dec3L,0x3156650fcadd4f7cL,0x154d58e7316df624L,
-        0x168f675ec69f07dcL,0x2b6132aff1f6e22dL,0xcf26d9cecaa1da1eL,
-        0xc90ebd6649614b29L,0x25bd2d23c33f111cL,0x0000000000000104L } },
-    /* 52 << 84 */
-    { { 0x0b53f0b81b4d52d0L,0x8c4441776ef01b39L,0x3bd2523e3ae80d38L,
-        0x9bc7180022780af4L,0x790c175dfad470e3L,0x6b0901ca7899421dL,
-        0x02f1fae7f277dd5eL,0xc3f2ff0fa752993eL,0x0000000000000053L },
-      { 0x6a5fdd41467789ecL,0x008e446af6c45a22L,0x29b94285a8a2549dL,
-        0x97b6f905b790912aL,0x813ee7d71d18e889L,0x24ef40cffb27f9c7L,
-        0x17804ebd2e5b2ee9L,0x46e274b1a23b11aaL,0x000000000000009fL } },
-    /* 53 << 84 */
-    { { 0x37405c0f2ec88247L,0x0efb4320bcd3980cL,0x6f5208443300619dL,
-        0x55ddd732bc2d59fbL,0x9492d50639fafeb5L,0x497dfa7083d6b3b2L,
-        0x256fc9c3bff9aafaL,0xf098b2e3bc00553cL,0x00000000000001a0L },
-      { 0x614f8b947c52e7e2L,0x2a37ad1ffc24205aL,0x6789e9ab7cd65901L,
-        0xfc1affa3cf4a3893L,0xe85ebf5395afb652L,0x1f125e08d894d2f9L,
-        0x84ff44210581d1a7L,0x94d9ad851141226fL,0x00000000000001daL } },
-    /* 54 << 84 */
-    { { 0x2a6c39229fd5362bL,0xe3f57b2c9603ea6bL,0x9bf96cfc06b377a1L,
-        0x78441c5bfb189eb4L,0x92b2f03859b24728L,0x36df97db7aeaa65fL,
-        0xffaf8dc7577bb75eL,0xfdf8a723f94a0cd7L,0x0000000000000054L },
-      { 0x9d98b4e63b18f662L,0x006a23929f5527a3L,0x146d79edb9fcb789L,
-        0x1c2e41541a688f00L,0x9c3ad38a03723314L,0x20db0b042792f661L,
-        0x3f8e5a9ad44e279cL,0xc1759eb7e4234ee0L,0x0000000000000146L } },
-    /* 55 << 84 */
-    { { 0xd93f2eb26a5a8f34L,0x03be88bf736696f7L,0xc567bc9fa6421a9dL,
-        0xd3de6d94de629f74L,0xc0c799756b3804e1L,0x915c3c2d9fb8218aL,
-        0x37a5348070dae219L,0x6846e38d019dc6dbL,0x00000000000000beL },
-      { 0xf7e5952acfdfaa59L,0xadd136aebd5931efL,0x7d46541132cb2671L,
-        0x185c32a081655330L,0x3c4b5ce10349dbfaL,0x1c3fed832ecb307dL,
-        0xe46449a989c05184L,0x675cf8dd123d9b59L,0x00000000000000ecL } },
-    /* 56 << 84 */
-    { { 0x1278fa814bccde89L,0x5f87ab65ca1aa6b6L,0x3224aa7276b5225dL,
-        0xf6eb6a973ea5228fL,0x54144015f78bb113L,0xa045a86710626f8cL,
-        0xe3ff56bf38d5584bL,0x74caa5e96ff5aa1fL,0x0000000000000078L },
-      { 0x8caf4a080806bd7eL,0x8362ba16c2f33680L,0xaa6661c891a5125fL,
-        0x62bc9088a5e3e1a5L,0x5290b3f327286edaL,0x4af9e00621622922L,
-        0xea41b46caf9f424cL,0xfeb0036d7f5a2f0dL,0x000000000000006fL } },
-    /* 57 << 84 */
-    { { 0xb092feff1b9c9b5aL,0x85d4a394ef27381bL,0xc9ae229257c413efL,
-        0x81ef8394c16afc72L,0xba0aabca6f16377fL,0x973f71e7685374b1L,
-        0x138a6e2ee8d2affbL,0x15c3a93400cff0aeL,0x00000000000000a1L },
-      { 0xa37a19670e094a1eL,0xc8f1b7699121d92aL,0x1556bdb35570ebaeL,
-        0x713b4c060db754c3L,0xc864a6fa87371dd4L,0x80539a886f6d0e2dL,
-        0x69cdcf5f5dce8380L,0x175bcb246ce73030L,0x00000000000001fdL } },
-    /* 58 << 84 */
-    { { 0x463bdf0350cdc663L,0x00f4f1ac34ae8e83L,0xc4553a54d0dcb3a3L,
-        0x765bdbb63611767cL,0xf523682af9a08ffeL,0xc9e2adb2d0c9ea77L,
-        0x6dc611956b5ff81bL,0x45281bf570e2e065L,0x00000000000001c6L },
-      { 0xef26494f7be2fd61L,0x06bccc4c1e97e9c4L,0xaf0deb0092a75c16L,
-        0x4e67e0eaae8a4e84L,0xbb994c6fb27331a6L,0x9d9431e64250cc74L,
-        0x1e6013cbce2fbad8L,0xfe2c5db4c8934179L,0x000000000000012aL } },
-    /* 59 << 84 */
-    { { 0xbf7ce9203eaeb879L,0xe4adb4412790ca4dL,0xaef87b4077d14c85L,
-        0x9db9212d3d01cc39L,0x5d1080dd2db945cbL,0xd85c0a46a0ec741eL,
-        0xa0db567c6f98c8ddL,0xbd5887fda6c88bffL,0x000000000000010dL },
-      { 0x3d55f50a2ce32631L,0xbe582d2664339e56L,0x4e2f8bd7ab5210f9L,
-        0xffe002bf641284e2L,0xa5b24d9844b55b21L,0x35944f8f399a9eceL,
-        0x78b96886bc8d155aL,0x6d2b068993da1b6cL,0x00000000000000b5L } },
-    /* 60 << 84 */
-    { { 0x752f2383f47d22d9L,0x4436f59ab058e8a3L,0x30d780e7be6327e8L,
-        0xf7e393b5f00c622bL,0x46d05f6528533fa6L,0x9642c8a0e01903bcL,
-        0x99f5c21312b7afdaL,0x3b740059a89e1edaL,0x000000000000009bL },
-      { 0xdf0a0c70304f33d6L,0x458c5da833038214L,0xd2045ba526c1e684L,
-        0x217fbdb9379ac190L,0xd94eb4c18e21ec0bL,0xd12612ebc3ace041L,
-        0x5e37a0e595fe0e88L,0x8c588a87aadc9beeL,0x00000000000001c8L } },
-    /* 61 << 84 */
-    { { 0xb3ad16e907cffecbL,0xe901374a7619fc54L,0x65759e1cf2eee444L,
-        0xe4070ff0f73eefeaL,0x6d124a8bfdf9f9a6L,0x9c8abaeafc9dd073L,
-        0x9b32d3d77a8681c4L,0x3f11eec648f8390bL,0x00000000000001cdL },
-      { 0xb0168093d60307c2L,0x7c6c4d9c939fd410L,0x56673b7ed7727cfeL,
-        0xa94cd30a12c5f670L,0xed7ebb3137b094e2L,0xff2c49e15fa3a378L,
-        0x484ca05395672337L,0xf003dfa5bc56bf71L,0x000000000000007bL } },
-    /* 62 << 84 */
-    { { 0x838aaa72aa1a8108L,0xcb69952741314f71L,0xb86e9b187229923eL,
-        0xe4b3edd49f464608L,0x8771316c1b071ed2L,0xb07e1b084e5a8628L,
-        0xc26653e1c612209dL,0x4b3bbf396bb8d7dfL,0x0000000000000182L },
-      { 0x893144f03ca1a824L,0x78bd4476853ad53aL,0xe55634ba95927c46L,
-        0xfff6f90115cb52a7L,0xf4277aaa05f678e5L,0x6c3177a1ec5503b2L,
-        0xa0cf20337725d926L,0x7509b601bfb02022L,0x000000000000001cL } },
-    /* 63 << 84 */
-    { { 0x3c71f272f99ccff5L,0x248c71670baa49d0L,0xcb6b725da2ef88aeL,
-        0x4a1a6badb5a5e92bL,0xd7a8a6680140c680L,0x07311eb78037e44dL,
-        0x0eabe9b35a276617L,0xa7103657db352138L,0x000000000000019cL },
-      { 0xb1c0fed884d7f562L,0x9983df5d634efe2aL,0x9ba4a7697ef18903L,
-        0xccf0889b53fb1f2eL,0x8330a65c863a63e2L,0xc9763fe49141ee1fL,
-        0xa9145ee450a81aeaL,0xe21cc944bd46f62eL,0x000000000000004aL } },
-    /* 64 << 84 */
-    { { 0xbf73b24cded2eb86L,0x102900b33ea89845L,0x1d88c5073857cdb6L,
-        0xa939a76b9be255d7L,0x28d517522ff653b3L,0x6d8170467642df2cL,
-        0x148b45e157e353b2L,0xd565f776b34f0f19L,0x00000000000001e5L },
-      { 0xca5185a2c4b5de1eL,0x527acebfeadf8e0aL,0x652b994b86479736L,
-        0xe252209ad2f97a05L,0xc9b07fc9d6960578L,0x479ba949d264f983L,
-        0xc80d32b5e8d9b938L,0x59280d580a6a7f28L,0x0000000000000177L } },
-    /* 0 << 91 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 91 */
-    { { 0x2db7055db286bac2L,0x0fce34c5fe2d537aL,0x8addcea5b95e9476L,
-        0xf1bacbd41a7c7ff2L,0x28b7f0c9203fde3aL,0xdfa6cf793e844a62L,
-        0x0107e9039627dc6cL,0x053f2778413fcc52L,0x000000000000011dL },
-      { 0xf67e718bd10f90a4L,0x7dbcf1e00bc29398L,0xfd5e65d19130e9c3L,
-        0x6149b3969c518e5bL,0xfb574bb4918e2279L,0x6c67563fc513415eL,
-        0x60b90d7aba1b801aL,0x2239b9dfaf900381L,0x00000000000000c8L } },
-    /* 2 << 91 */
-    { { 0x2d2f9e08a2abb00eL,0x4c8c679d17648c6aL,0x52e2e9bab8520197L,
-        0x7470a3cfe0898e48L,0xbfeb2a9190617e18L,0x247ea702f44de1a6L,
-        0x7baf95b27b1604fbL,0xe9e81b78020c5856L,0x0000000000000159L },
-      { 0xdeb81330da533799L,0xdc4de9f13996b5beL,0x6a8b7630d33f04b5L,
-        0xa4554acb2bccad83L,0x7974bd472a7f5d61L,0xc481a752b01696d5L,
-        0x6dfbefde8ca48da9L,0x2fda492fe7db0c27L,0x0000000000000053L } },
-    /* 3 << 91 */
-    { { 0x9ade14635a0a982bL,0xd31440afc586e5b9L,0x07bd1b34749ffc4eL,
-        0x2f9bed8ea9f71f98L,0x73de5d52add7cf9aL,0x1b55d53a31a718f9L,
-        0xf06707b8cde59432L,0x247e5a8deaf860faL,0x00000000000000d0L },
-      { 0x76dcbffdf5131ee4L,0xc17d25f7d4e3d0eeL,0x195daf924a96ace8L,
-        0x342d659305b1ca63L,0x4675cf349b40dafeL,0x1855efc293b0ec70L,
-        0x94aacae1f878f477L,0x818b2f1a524aa9d8L,0x00000000000001faL } },
-    /* 4 << 91 */
-    { { 0xa2dadbb4cd046713L,0x63eac83e81afa390L,0x0d85b1ab422bc0bfL,
-        0x9dfc0092d5895af2L,0x125b2e6c87ee0edeL,0x962988829eb070d9L,
-        0x1a1178f85b0785c6L,0x9335c96bd4486f80L,0x0000000000000029L },
-      { 0xe747e4433c5cb794L,0x50803223044fd597L,0x4bf3bcc02fc59de3L,
-        0xd9f4dc3244245ab1L,0xbedf6330d2dd61e3L,0xdf8110a904d7c5a7L,
-        0x852f2205bd400d1fL,0x4595afaf9c6e9cefL,0x0000000000000111L } },
-    /* 5 << 91 */
-    { { 0x72eb4fb66672a844L,0x2ed80354a581749cL,0x456d603fb3a028e8L,
-        0x82bb6fec3703c343L,0xec001da6c2967450L,0xe6930d3c01cb4b41L,
-        0xd3a7073dfc88dab9L,0x28564308bae83616L,0x00000000000001aeL },
-      { 0x7a6b143eef89965aL,0x3d75a3d3e25394aaL,0x7185b011164ed20eL,
-        0xf6744be64334a31dL,0x9715be2f8a86350eL,0x8d3ad1d585ff2738L,
-        0x1081a847a2b1ebffL,0x7918917b3d13f45cL,0x0000000000000030L } },
-    /* 6 << 91 */
-    { { 0x1f6fad01e435a290L,0x2233fb1ca1797bbcL,0xe5c86b07adec0e98L,
-        0xa6c3e3b32c38f3f3L,0x148c7cc4be4d76ecL,0x9a269e568f91b601L,
-        0xdd4fde651872ef0fL,0xac81696c8aa5366dL,0x0000000000000123L },
-      { 0xdd10f5bfc06df67aL,0xe02f88cfb5e3d640L,0x67533defb63366e5L,
-        0xb81b500dd4f7515aL,0x258048297ac6fdeaL,0x05e776b30c92e736L,
-        0xd366e4abfdda7ba5L,0x1c88e25338a7d99cL,0x0000000000000199L } },
-    /* 7 << 91 */
-    { { 0xa8dc56599f91d149L,0xa923bb49026dc899L,0x2690fd103064ff52L,
-        0x5633caf40d3450c7L,0x923c18b90f268931L,0x7e333305cc000404L,
-        0xe4913381c2160055L,0xc8b61c0db37bdb04L,0x00000000000001e7L },
-      { 0x8f3cfed118432691L,0xf3409d8e0bbd5e86L,0x8094f20d1f240ab6L,
-        0x8ae2ba7484473b65L,0x509f55533d950c04L,0xb377553f306e84aaL,
-        0x32863abfc776e80fL,0x7de67f5d788698b4L,0x000000000000005fL } },
-    /* 8 << 91 */
-    { { 0x9b40a31f03d3477bL,0x57e0e72e400294feL,0xe8aa7d3fe3e8af40L,
-        0x6a3d54748dd4d7c0L,0x564564fc65e1bac8L,0xf8584769108c5fa4L,
-        0xeb211eacdbbbb595L,0xe06b04dc24a6b7f6L,0x0000000000000197L },
-      { 0xc7689ffd29bfb3d1L,0x7aee57f372378c9eL,0x007255d96efe861bL,
-        0xb8d3f65f6cfbbfabL,0x44629a5fb6d3923bL,0x49e47cea97373f3dL,
-        0xccefc3e7e5d385ccL,0xcccad6e68461478dL,0x0000000000000061L } },
-    /* 9 << 91 */
-    { { 0x65e1029251b47bc2L,0x050f0ef396e11799L,0x05ca59da588c0f6dL,
-        0x3fe6edce2ff2979fL,0xf5d22ed3902d3268L,0x66f1fad3053dcf39L,
-        0xf59a2c579c249cbdL,0x376c29df17ad6077L,0x0000000000000132L },
-      { 0x023fb75627e9548cL,0xeca768ffcc4e8a89L,0x9751524855744e88L,
-        0x62133797b724a018L,0x047efbc1039f2eb8L,0x12605556a4f29411L,
-        0x25f2a0fe026f882aL,0x58e45392f069b7f0L,0x000000000000018dL } },
-    /* 10 << 91 */
-    { { 0x8980df2d3699e35fL,0x9116ddbe7fee846fL,0xe8e6e54efa3d46b8L,
-        0xb6c3996eb65bc109L,0xe549c8eaeffaee6cL,0x9553bb7b31410debL,
-        0x3900d1cca660056eL,0xea4c30ef15f7dbf7L,0x000000000000018dL },
-      { 0x0bf375e11b976fc5L,0xbfa9c68017e1cbe9L,0xd9c860a1a7478ff3L,
-        0x3412562269e4e8e5L,0x0e98341ce1ff1512L,0xd320c6fe76eb4630L,
-        0xa06cec281ea3e4a9L,0xbb00b6a08ef84307L,0x00000000000000deL } },
-    /* 11 << 91 */
-    { { 0x892e36ce5b432ad3L,0x65dcf3b180d272acL,0x4a5861edd686b1c7L,
-        0x313b59e35fca28acL,0x1db0e208a29011f3L,0x4b91de51b632d0b2L,
-        0x024ca341ce943710L,0x6427e1ac2e5db5ccL,0x00000000000000a9L },
-      { 0xd6513c981850c1f6L,0xb93d2ced05479ac3L,0xe186562779609143L,
-        0x8cfd054ed44fec67L,0xe60e2c83e580c3d8L,0x17f8ddb76f8b3a07L,
-        0xc6deddcec0273a7dL,0x8020047a079b21a6L,0x00000000000000a7L } },
-    /* 12 << 91 */
-    { { 0x475427960f5bfa4bL,0x30d431dc7949b183L,0xf8988f286f450425L,
-        0xd6f6e60dd3778a2cL,0x08719f9364d83e77L,0xc77516d1cb7840ccL,
-        0xafbcd88077b2ccb6L,0x7037603dbfacc373L,0x000000000000008eL },
-      { 0x7d1f72796e42ce5bL,0xc9c7aa48535c241fL,0x117dc1334fa7bc3eL,
-        0x85e9129b83ac9251L,0xb0237b53de78fbb3L,0xe95c6512ab35c8eeL,
-        0x8ba19c451f97669bL,0x9b9f0c8a7aab8881L,0x0000000000000127L } },
-    /* 13 << 91 */
-    { { 0x007dd941777f4caaL,0x61a0c071d02a6bbfL,0xc0651514126587eeL,
-        0xee66732f97cb295eL,0x9c72c2da783373deL,0x530a0bde961281efL,
-        0x595096121d87a2d2L,0x3c9c4775fe361e36L,0x0000000000000144L },
-      { 0x190552d422a5f596L,0xee643d7b2beba873L,0xfb0ec2637529f7c0L,
-        0x4aae3efb6677edb6L,0xeadd8fea23ac4ebeL,0xcc44798f791f6241L,
-        0x69c5d73d0d94c9e9L,0xda1bbd06d7a37d3aL,0x000000000000008eL } },
-    /* 14 << 91 */
-    { { 0xc184af99246bc98dL,0xae516351e0904d25L,0xda6cc6c8a4fa486aL,
-        0xfc9ef8fe33dd0f0aL,0x8981f399afd708fbL,0x655302032a22f104L,
-        0x5a8d2895890718a9L,0x7f48ddf88c71713aL,0x00000000000001f0L },
-      { 0x2e16fac769a4fbffL,0x1ef4ff56c3abf535L,0x8f332c083aee6084L,
-        0x312a01982b2ef3e8L,0xb53036685ba34302L,0x728716190f62a886L,
-        0x9f6ff887fcb4c8bfL,0xa86874a9c3743566L,0x0000000000000180L } },
-    /* 15 << 91 */
-    { { 0x146f727ef7c671dbL,0xab579f7e0aef41c6L,0x7e4ba80ab8fe8727L,
-        0xeab360c1711b17dbL,0xb47511fe2b3966d2L,0x62e7f396f8e65dffL,
-        0x3d7a6cc5ea306211L,0x1f4b50346432ae78L,0x000000000000002aL },
-      { 0x3aa75ca8e91c698dL,0xd1e99a5bf01868a2L,0xcc1cd1bbcb461835L,
-        0x5c3cec62d521fb7aL,0xad85cc2cefc4153dL,0x9f85fe129a592b99L,
-        0xb9e983d15f43c9f4L,0xb9597f273e56eaf6L,0x00000000000001b8L } },
-    /* 16 << 91 */
-    { { 0xc8be45a27fe18629L,0xa5c577aaaf2dd971L,0x6e3a67f061570e7bL,
-        0x2cfc162946c8f13dL,0x6a05848ca2754906L,0xfd319607d0da74f2L,
-        0x0941d89d65b65761L,0xe3d2c4005821ae08L,0x00000000000001d0L },
-      { 0x3664ae19a334b91eL,0x21285e386768d183L,0x0914545399758724L,
-        0xd3debfa9ff52fa6cL,0xa1d9cb9ad614ce9eL,0x9c371626452e7305L,
-        0xcb2d7e9229277a97L,0x13171ad82f307a9aL,0x000000000000010eL } },
-    /* 17 << 91 */
-    { { 0x2734f7ee0da19241L,0x55c59dd0eea444d4L,0x41e48f0d6be546beL,
-        0x2d64bb8923f87d2cL,0xb0e56af43a6b2d00L,0x3393eb7224e16c9eL,
-        0xf318640a2c65adb4L,0xaf23c472de501421L,0x00000000000000f3L },
-      { 0x67c51d3ea5bc2d44L,0x4d7c5ba436622944L,0xb46b82ed7d4c50ffL,
-        0xe6e6322325bd5c42L,0xd6c35c121416508cL,0x8897538f107cf747L,
-        0x3117daae4b44b6e4L,0x6f2813a36be5042cL,0x0000000000000068L } },
-    /* 18 << 91 */
-    { { 0xa810227e65dad623L,0x01fcda5624662210L,0xe8543511a9154721L,
-        0x2914e67ce47aeec9L,0x85243b1645a2aec8L,0x1055599c4db1dcccL,
-        0xd8c2e07a3d1ee37aL,0xb240748691ff64f6L,0x00000000000000e3L },
-      { 0x89d53742c47ad646L,0x887493ed21d95cc6L,0x9ec6e14c252a6effL,
-        0xdeaa3eedb7c7af4dL,0x0b5ceb7cdc2be798L,0x95f753c3e8559739L,
-        0x3ca3a7c8a188513cL,0x4f9912cfdb1ccc8cL,0x0000000000000085L } },
-    /* 19 << 91 */
-    { { 0x8d3434eb19505b84L,0x75856d66d34ed7c1L,0x2729b5cb9dbea3edL,
-        0x01f91132230db209L,0x9b6962d157a8fccaL,0x506af49aacc7b180L,
-        0x29049874256b28d1L,0xcafca60eac95cde4L,0x00000000000001f6L },
-      { 0x80e8ade36c3f0557L,0xd1f00017614e9fb2L,0xc24e87cdec075c35L,
-        0xf5c0c19b0803d1bfL,0xc8256d3c56042212L,0x77309bac1e9e447eL,
-        0x41174c583958b51fL,0xb48e28ca88a66bf7L,0x000000000000011bL } },
-    /* 20 << 91 */
-    { { 0x66b11de35097807fL,0xd97001688956c6d6L,0xb44ab980f789112eL,
-        0x8d84c890d8065a6fL,0x68bd1eb836556220L,0x2d78a2f0600ab712L,
-        0x877475e699e8428eL,0xbaf046b5bd40b22bL,0x0000000000000054L },
-      { 0x406ca5189164af2bL,0xcfdd3ad4600c8b76L,0x8b443270cb90ec32L,
-        0x9f021a66e20d198dL,0x507f551ad2177737L,0xf1edd1ff8e49231aL,
-        0x8f30cab6007eba51L,0x7b91be67d8676f16L,0x000000000000001eL } },
-    /* 21 << 91 */
-    { { 0x8135ca7369086939L,0xbf17399a0e19ce3dL,0x73f0d2c021d13a4eL,
-        0x9e4c35ad3729460fL,0x323cde3e58ba36c1L,0x4e3c7f3ec77b972aL,
-        0xffa35319fd8afb3cL,0x36171d68c30e0685L,0x00000000000000e9L },
-      { 0xea5e35682a5c8115L,0x6c46f6048b0154e2L,0x7df48b8177c0512dL,
-        0x9fde5f493a09ececL,0xb1b004dbc5c11a60L,0x0c476649dac83f4cL,
-        0x1a15eea3cbc8f2e0L,0x993e1a33ee486143L,0x00000000000000acL } },
-    /* 22 << 91 */
-    { { 0x2bfa1554b203d524L,0xc6d86d8c64dafb80L,0x26807c023ee93e42L,
-        0xa384b2f0de86dc52L,0xc5816a9f5725df01L,0x89bbaec758fbaae1L,
-        0x2f452eb60957c4acL,0x119f0291913c1a72L,0x0000000000000121L },
-      { 0xf173df1d2ef523f1L,0xf7491b475c934cd7L,0x83698ba3965c47e2L,
-        0x7c88c285287406c3L,0x241e36fff3d293e3L,0x43c728798f6a23afL,
-        0x0f6571eafb1ed946L,0x5a627fec5514fd3cL,0x00000000000000f4L } },
-    /* 23 << 91 */
-    { { 0xe8dcffc39c33a23cL,0xeec6350e83037ff6L,0xa373f6d772695216L,
-        0xe4df9cb0099d5a16L,0x0173befd9af7d58fL,0xab067d55382cc41bL,
-        0x3d34f02eb8a58041L,0xb209e9f323f980b7L,0x00000000000000fbL },
-      { 0x1980fc9941c0bd9aL,0xa60001622a593908L,0x2a1c27e0070bfb85L,
-        0xcd18df8fce5c648fL,0x288f117d5cd7f21cL,0xcfc5495f8bc00633L,
-        0x39b2c847ff32ad8fL,0xebde0138e4bf5e9aL,0x000000000000010aL } },
-    /* 24 << 91 */
-    { { 0xec04ae998e006e2dL,0x923ac4fcda7c9902L,0xe91a96c89ec9a28aL,
-        0x28004a30377c556aL,0xe82f82d4be756bbaL,0x4e9c4655155143b8L,
-        0x667c4acfadd3ed92L,0xdb590aa6c2d95a2bL,0x000000000000014cL },
-      { 0xcb7f053132237847L,0xa06ff9854e110073L,0xba69f4b935676e46L,
-        0xcadc7250f1a9b32eL,0x10cc7f2281f0bbbdL,0x5967c22300cb192aL,
-        0xc93fa9eb9b9c2e28L,0xb1d3b84416699f51L,0x00000000000000a3L } },
-    /* 25 << 91 */
-    { { 0x90d4d5b4123e7bddL,0x05b161ba1ac34bc4L,0x1298247b24947c92L,
-        0x914a1d9003dbb06cL,0x8f033b39a0a6e2f3L,0x625982a2e7492fa1L,
-        0xe46b4b027b73d40aL,0x8b9a26c0eef66bdcL,0x0000000000000008L },
-      { 0xe4754290054f7507L,0x13a6f03cb0598a51L,0xece11d437539cf78L,
-        0x3b7853f2ffc61cf0L,0xf7ffdf3512e72e37L,0x1c67b7d797dd7ff3L,
-        0xc653bc89ecdd5b21L,0xd831303a1ec35d8cL,0x00000000000000acL } },
-    /* 26 << 91 */
-    { { 0xfba33000f6b1ab74L,0xa9e1f2f50c96eebfL,0xe84f0eda5c33000fL,
-        0x33789a12153679c1L,0xda4629f589209ee2L,0xce3785b20e22fe7bL,
-        0x53183b466f0c0ec3L,0x6fe1779e5285b4bcL,0x0000000000000056L },
-      { 0x1eaf8ecca5d768d3L,0x224ee37310c1561aL,0x519298e8fc7af9f7L,
-        0xcdca25634af7c25cL,0xf4096cb4d862bfefL,0xd49b6f4ff5223cbcL,
-        0x678d2e9f1ac83c79L,0xaadf01b78f1ddc04L,0x00000000000001f6L } },
-    /* 27 << 91 */
-    { { 0x75ef961ad84fd84cL,0x0012c3ae9bfb608eL,0x5a1f3b50c70e020fL,
-        0xd81bbadba2abf2c7L,0x2869fa049c0e2b8aL,0x4ff238ccd4d55cb5L,
-        0x11663a7ff9176721L,0x60c84c2b1764febeL,0x00000000000001b2L },
-      { 0x937b3b185215da65L,0x81b22f969dc29782L,0x7c0c13b1cbb740acL,
-        0x830290ae8e2779a6L,0x27d939bfe3e00368L,0x0e2ecf5b729116afL,
-        0x69e0ac2bcdb96f4cL,0xead47fed70704210L,0x0000000000000168L } },
-    /* 28 << 91 */
-    { { 0x27690556b119ec98L,0xa07fc4e8b33cdd83L,0xdd70a4e6959d2560L,
-        0xc723b197a824df32L,0x387f408b6b104364L,0xe36f86cbda9c0a19L,
-        0xee5df4d2ef6744a9L,0x8c583a3ff56ce630L,0x000000000000000fL },
-      { 0xa32cfc657cb1662aL,0xa698c83930e77387L,0xc3eacb751453a17bL,
-        0x86e25cca10ce2530L,0xbc4ec77ed137a2d7L,0x4c6746ca235dafc3L,
-        0x8b168ec927d5122dL,0x0c75daef3d1a30faL,0x00000000000001caL } },
-    /* 29 << 91 */
-    { { 0x5cc5c9119b2cccf8L,0xc8000ca65c1cab93L,0xd80663f5fef5ea9fL,
-        0x62906368e60a72beL,0xd85016621556648eL,0xcc2b6f93bb48531eL,
-        0x21a9b53d7fbf49e6L,0xddd378ac7b9c185fL,0x00000000000001e9L },
-      { 0xcb7033f7f7fc334cL,0xde062112a5b5d78cL,0x509a02a1701bf69fL,
-        0x64339bc557e490a5L,0xd4bb88c029ce5872L,0x20944f831dd17464L,
-        0x7d5c190934197eb0L,0xbcf57d5faaad6be3L,0x00000000000000e8L } },
-    /* 30 << 91 */
-    { { 0x3bb43beb00ef2a72L,0x0ea2ee348a65bed6L,0x4a07c01a25cf2864L,
-        0x81f50428def2d374L,0xb5b902f731d5ce65L,0x740f1ce1478326b1L,
-        0xaf7a25606905c052L,0x4e6e4f6e1fc70939L,0x000000000000008bL },
-      { 0xc32ef5c1b1edaa65L,0xf0ab55ac28e6d983L,0x954900d5708aceb7L,
-        0xefd9f5c13a326bafL,0x05fd87d8be1c4709L,0xa40702b17b6cae96L,
-        0x9263a19265344d33L,0x141dbc82576f073dL,0x000000000000001bL } },
-    /* 31 << 91 */
-    { { 0xb15e9545d626ae06L,0x3a0722a1ab0b410fL,0x832cba6776772e76L,
-        0x015d5fd9bc34d2f1L,0x067102cb87c77de6L,0x0469b3fc490d84b1L,
-        0x5e2f5a08b3462225L,0x352eb90a0d1096feL,0x0000000000000113L },
-      { 0xf9ef4a525930c83aL,0x5808cd0ba38b4104L,0xdbff69203cdabd8eL,
-        0xb7881613d88a14eeL,0x79c0026b1b096991L,0x5e69a28a2c82ffa3L,
-        0x607809fee1524e82L,0xe0f5ec4acfaec5c0L,0x0000000000000187L } },
-    /* 32 << 91 */
-    { { 0x336b06222feda8acL,0x4658ae220c0b391cL,0xe12f058f1f2119d0L,
-        0xa1f96c94495525a1L,0x32efc7aecd7d9f17L,0x34e4fe2abea7a5ebL,
-        0x0efd24927135c5f5L,0xd7a04eb2b83241ffL,0x0000000000000036L },
-      { 0xf11b8e769ca40933L,0x1951cd54d06857c8L,0x0e9124f629f13914L,
-        0xe6ebbbe33d67d0cdL,0x5483a2bcbf16f9c2L,0xd4e4ea52255ea8caL,
-        0xee0db0b5734eef50L,0x54434b5116207775L,0x0000000000000017L } },
-    /* 33 << 91 */
-    { { 0x553daedb5944343fL,0x3606ec07d4d0ffc7L,0xc6524155ca243c3bL,
-        0xd58cb6991527de09L,0xeede8aac13bfd2dfL,0x21ba74aff923c663L,
-        0xc82663667eb66df9L,0x5afc421916d74e8bL,0x000000000000012fL },
-      { 0xe4988134c59c0bfcL,0x068d052cefd2d387L,0x44132ab7b193eae2L,
-        0x1debbc87bebb0f7cL,0x2e1126dfd9772c79L,0x865dc53f3bbb504cL,
-        0xe1701501b85e7361L,0xe2a6ef6ee258a516L,0x0000000000000094L } },
-    /* 34 << 91 */
-    { { 0x76fd2af6bbcf1ef0L,0x74f728d1582e6b95L,0xcb8aa6bfdda9b1feL,
-        0xb9f03364c5708bf8L,0x84ebfa3ca5d5e4d0L,0xb007dc5e583e8a91L,
-        0x746afe5e82e7bb71L,0xe320d41037085932L,0x00000000000001f0L },
-      { 0xd70e0d63282273ccL,0x5cf2e2c3305f484bL,0x04768257c5138617L,
-        0xb603b06f9f72b38aL,0xbc2f8d4d238eeca2L,0x16fd9071880b51d8L,
-        0x4c13664ff86838b2L,0x7de53d218a6ff68bL,0x00000000000000c7L } },
-    /* 35 << 91 */
-    { { 0xd9d533d44f5adf8cL,0x3734d7f8177b8731L,0xc155a11279082d46L,
-        0x9fee9bee55c670c1L,0x4792e233bb026778L,0xbc36eade50fe0facL,
-        0xff70c0e73da20a58L,0x417610c538fdb880L,0x0000000000000192L },
-      { 0x05cfaa1554127b14L,0xa92f93dee146b94aL,0x80d3ad15e5af320dL,
-        0xf6fdf30cf9b93477L,0x56e1e73f8912b2aeL,0xbcde8088a81d4249L,
-        0x8711ca7358fe2d0fL,0xc2c9cd60328932f2L,0x0000000000000124L } },
-    /* 36 << 91 */
-    { { 0x657b00c3c6659533L,0x7c4ebb89d4f40b8fL,0x240ac0f607952574L,
-        0x67788f2a2d1103acL,0x04a55a0c15dfac39L,0xe516c9830d854801L,
-        0x25949bd2eba13079L,0xa603149e1cc2ef88L,0x00000000000000e2L },
-      { 0x394021ec0c1c2efeL,0x06c411c6ad56f16fL,0xed5735a23c85892cL,
-        0x744c27e3a7749e09L,0x48ec0665ae7e3e20L,0xf9b4163bac7bd334L,
-        0xcd5581551a4bbacbL,0xd6b52b5459cdd2baL,0x0000000000000167L } },
-    /* 37 << 91 */
-    { { 0x39a2354ea18a42f9L,0xa6316bc8cc4b9ce8L,0x45cd304831be097fL,
-        0x250cf0da411e55eaL,0xaec0f4a08756aa97L,0xbbed2c68e3cd749aL,
-        0xdc1516bc6023d468L,0x2031a0cf013b7d7bL,0x0000000000000198L },
-      { 0x66bd2998907d5626L,0xf84be0f5ef405159L,0x47913cd8a13eea10L,
-        0xd98e273609412514L,0xd07e8ff1d7eeebc4L,0x2ccf81bb692ebfb6L,
-        0x98259e9beaa3282cL,0x1e73d6761979dfddL,0x00000000000001dcL } },
-    /* 38 << 91 */
-    { { 0x17915cc92fd4fbafL,0x5ccfa56f987a738cL,0x9322bbcdd4f04e2bL,
-        0xd11dc12a3d80faf3L,0x8a5b1f959751eb1bL,0xa0944deec74e364aL,
-        0x7830f950bf5583f7L,0x3ccabd2290302a78L,0x00000000000000d4L },
-      { 0x97af459227945905L,0x3e6475f8c89e8478L,0x07a75003061caa42L,
-        0xf307f63fe96c6ee8L,0x116b590fb3ac7eddL,0x8cc5129fcc572d4eL,
-        0xfbb1956538070b86L,0x142309e12214d88dL,0x0000000000000151L } },
-    /* 39 << 91 */
-    { { 0xe87d85e1849d8d67L,0x67f27415f71ba46bL,0x2a469ef7261c4c7bL,
-        0x42b25fbb196b3a59L,0x4a06c13c64ab6781L,0xb5fb64097145eb2bL,
-        0x2ef16fec84d837e2L,0x1336ee80fc35be92L,0x0000000000000126L },
-      { 0x0950419772173df1L,0x08ed9987c1ed4d44L,0x60f415854ec72dc9L,
-        0x1e96109cdebdeb7cL,0xbc5d5e01d4e266dbL,0x865f2779b97437abL,
-        0x60aec81e4603b596L,0xbdff4a3579f89a7eL,0x0000000000000133L } },
-    /* 40 << 91 */
-    { { 0xdaf096439768c17fL,0x3fea42473fefbb34L,0x6219c7a10b58d304L,
-        0xb1d22efdcc27f099L,0xc40b3e4087610d7dL,0x5130d3dd8f8e950cL,
-        0xc50fef134b6433abL,0x8694a6fbe79d8b49L,0x0000000000000034L },
-      { 0xbe5028acda708745L,0x573354a3d2e9e2b9L,0x65023a39bda28cccL,
-        0xfd3f235151c040dcL,0xe8674a7754e038e6L,0x6c2a5e75ebadf602L,
-        0x26ebf6e9a9330218L,0xe564a069001c8135L,0x0000000000000022L } },
-    /* 41 << 91 */
-    { { 0x93b89ac719647427L,0xf2e9800662f60cd8L,0xd17928788b4a860aL,
-        0xeca75f8aa6f7f822L,0x553e987fa08afc7aL,0x68c7eeb375168c32L,
-        0xe2d7c361f02866d8L,0x4cf488d01f457ef8L,0x000000000000019dL },
-      { 0xb02e2aee5dd3a10dL,0x399ac0b774d7f78fL,0xeeb5d6194dadb32aL,
-        0xe9749e2d31475847L,0x0e2894577dbb6ca6L,0xb1a8de40d01c8c73L,
-        0x111bb1a717e9a87cL,0x38016c50525524c7L,0x00000000000000d3L } },
-    /* 42 << 91 */
-    { { 0xf2f5b47cd83d5980L,0xa9d9084742d37e32L,0xe0e804bb8fe68776L,
-        0xdc4f8950138c0caaL,0x7eff3e0f5c3e9d96L,0xc0a1de28825548b0L,
-        0xcb0ce3648a12ad2dL,0x3467ec580d44b1bfL,0x00000000000001dfL },
-      { 0x80a72cd7353e4e27L,0x3d8c7245c5047f28L,0xa74798df7231688aL,
-        0x99e24af065d80630L,0x5a653dea8475aa27L,0x89d84371a44391b2L,
-        0x2eaf73f22f4f0562L,0xe1628cbcc9be07b0L,0x00000000000001b2L } },
-    /* 43 << 91 */
-    { { 0xf84751465841f56dL,0x5b972d1beaa26045L,0xc1bb3bb69326720cL,
-        0x656b3cc491990d51L,0xaa493b911aa9c0a5L,0xd12902d4f2af0e57L,
-        0x873e1f30136832d6L,0x7f93fed865bab8edL,0x0000000000000150L },
-      { 0xef43b48fff75fde4L,0xd7cad9e14e9e8062L,0x5f0fc4bb495e772aL,
-        0x685fa07c58df814fL,0x6b8d8ef7088c5dfdL,0xc2ecf7f51436df3eL,
-        0x3c2b71f5f99a9736L,0x0a2a30a45b65c55eL,0x0000000000000172L } },
-    /* 44 << 91 */
-    { { 0x1fe9426b0a6c6d9eL,0x8a955028e8e6c259L,0x6575bc53fe2d3113L,
-        0xaf4a1328b7cc80aaL,0xe3b2d1e559ce1d34L,0x555642307da20bb6L,
-        0x450e75e56f0a3e73L,0xf4462fa27ff87e37L,0x0000000000000146L },
-      { 0x0c211f3a58e16248L,0x902c342f4506b24fL,0xea4e8fd0a68aa254L,
-        0x7a8a1409258fdf8aL,0xd77bc05e1304fbd3L,0xddf4d3af3e566510L,
-        0xca6b3c5a7fb9c9ffL,0xaaf671967fac362fL,0x000000000000011cL } },
-    /* 45 << 91 */
-    { { 0x8f3d956e6b9e05ddL,0x8e7c2babc7ff7e65L,0x5a75719253ae6a00L,
-        0xc96d8b795b54b6a8L,0xed3e7f1c5b7d7d00L,0x228f166f5ceb2b6dL,
-        0xbfb91eee09dac21bL,0xa8279317dbe20b62L,0x00000000000000cfL },
-      { 0xccd5ccd6ba990e97L,0xb945ae888236c13eL,0x01c61e4b7ec5ab76L,
-        0xa390fe0b1315a1d6L,0xbb6f26932a162becL,0x782df1974811290fL,
-        0xa16250e205a4beb4L,0x8a94424936670e18L,0x000000000000010aL } },
-    /* 46 << 91 */
-    { { 0x08104eead1978abcL,0xc4aa64182869f184L,0x1d3bdf3040a17f91L,
-        0xd385a51c24b0f6d7L,0xc07b19a5e867b991L,0x91a34606528814b5L,
-        0xb4c41a54b65a49e7L,0x9babbcf59df9f529L,0x00000000000000b4L },
-      { 0x764aa96de287026dL,0x5314fa4f90cc1767L,0x8d66884a1c955f29L,
-        0x5fbfb4e9877d0860L,0xb389496c4518d3f8L,0xa40da285971965e0L,
-        0x92289bd13d3104c7L,0x5467d571480627c0L,0x0000000000000004L } },
-    /* 47 << 91 */
-    { { 0x73b067663d3889f2L,0x9cfaaec7975d71c4L,0x32dbe1cbaabb2914L,
-        0x95c1be2fe4d3f5b9L,0x9f043bb55a9d6ef0L,0xd8fd47fa2124525fL,
-        0x2ee657cb218e24aaL,0x53358623f62039d7L,0x000000000000005dL },
-      { 0x1c9f2390e488690fL,0x74350646284b571dL,0x62b8f014eecc8839L,
-        0x0d0727a2cc3602ddL,0x9a4a864741b32344L,0xc53ceac84c506cfdL,
-        0xe07215a5fbf809a8L,0x74ccdf9bf0d0c843L,0x0000000000000185L } },
-    /* 48 << 91 */
-    { { 0xffeaae90a5f79719L,0x6e6df606d3492f7dL,0x2c2bb9c576eaa27cL,
-        0x33d699cda76e4fa4L,0xfc90add1bcbefbc6L,0x2c7014b254672c91L,
-        0xea55e101b935deeaL,0x12f035bb8a9ea2a3L,0x00000000000000a5L },
-      { 0xa3e9e470a478a531L,0xd90105eb1992bfd8L,0x8c0b466dde6e1978L,
-        0xaf1b491584e1c6f7L,0xca957a0824931507L,0xc5b18ccd670262dbL,
-        0xc8b50dc0da787fb6L,0x087dea9c7d5253ebL,0x0000000000000119L } },
-    /* 49 << 91 */
-    { { 0x06a9262ad8cffaefL,0x0202733a16dcad26L,0x889461d885e4b6a7L,
-        0x8aa5ee3ebf2b5a1eL,0x209afe0dd59e8c5dL,0x6fbc3bfe9fb34eeeL,
-        0xa2cafea7854d31b7L,0x40dbcb67b34dea06L,0x00000000000001b5L },
-      { 0x38c04e9a6fa0ebefL,0x7e538c4aafa0dcadL,0x7bda0e2a29d75198L,
-        0x6af9b41944d6606eL,0x35cba42c03f90cb3L,0x7067e8fb0ac1b1afL,
-        0x97044878e1e90e22L,0x3e5ea9f8d802e89fL,0x0000000000000041L } },
-    /* 50 << 91 */
-    { { 0x510da10c610f1026L,0x3905429820278fc2L,0xec273624264701f5L,
-        0xa28eaba19f852f1dL,0x3a48f9a649452affL,0x80200f98532be9b8L,
-        0xe1fe9faf3e0fd8e1L,0x9016f5592aed9512L,0x000000000000011cL },
-      { 0x15a0b2f34d16a4deL,0xdf45147fc711f66cL,0xacec295a2e9d2971L,
-        0xa363ba454d608ea5L,0x2be77f31ef707d72L,0x71e2efaca70f5e07L,
-        0x8874489778c61141L,0x7088d771f36cb684L,0x00000000000000cfL } },
-    /* 51 << 91 */
-    { { 0xa15af0a98612eda3L,0xd20f6eee8cfdf251L,0xd13f13187edb43d9L,
-        0x12c8caefd20f1911L,0xf718e3879d2dddffL,0xe5476ac9ae1d8619L,
-        0x46996c8c6abdf7a6L,0xaf747be0d673af48L,0x00000000000001e7L },
-      { 0xbca4d3b4f681818eL,0x97d89e7e1dc67c61L,0x8fe1d23272adad93L,
-        0x0c3d0e0aab0d1120L,0x80755cb5354d0bbaL,0x8227290c29941953L,
-        0xd6b2bf435bdc8c57L,0x72b415c4cc5efbb9L,0x00000000000001adL } },
-    /* 52 << 91 */
-    { { 0x9840fefb94eceab4L,0x3f2df52cb4ab428cL,0x5d01c629dc912e83L,
-        0x69fb1a87dccd56f5L,0xae7a79433c692deaL,0x62cfa5b6348795b4L,
-        0xe0b621352bff3017L,0x1355d15a465aa055L,0x0000000000000031L },
-      { 0x715572c92f17bc87L,0x3d0761bb5408ce13L,0x32e1ebcc740d844eL,
-        0x503de141845bcbc7L,0x5f5d73affd491083L,0xe357fd9f459050caL,
-        0x1b55a4836d811ad1L,0xf503dd70e855671eL,0x0000000000000152L } },
-    /* 53 << 91 */
-    { { 0x99472f10e9570837L,0x59fdf7f0a7537eccL,0x6163b2fd4bf81966L,
-        0x9cb1ce6d58669895L,0x5f1f0238bb6928bfL,0x87b6a8471944b59dL,
-        0xa0dfa5cc4196844fL,0xd89a1cde26186526L,0x0000000000000184L },
-      { 0x0601560613c8ebd4L,0xeb16ead091204191L,0x46cbe8543c28c13cL,
-        0xd000b7abdfb0d4deL,0x1726c9a74ea29c57L,0x0f193196c781b82eL,
-        0x1387110693994983L,0xb50560b19d7bf34fL,0x0000000000000168L } },
-    /* 54 << 91 */
-    { { 0x163701bfea642575L,0x0a6a2f5d2e678618L,0xe4c9b9f5804587ebL,
-        0x6f8e5064ccc8fb0bL,0x4b69a7091c635a34L,0x5e86bae9b96732e7L,
-        0x07fa20d37c643344L,0x77f6268664b84c35L,0x00000000000001d0L },
-      { 0x06a5c9c908ae642bL,0xb472c3f14c44fcf4L,0xe52310eac2df057eL,
-        0x72597d099a3c2a5eL,0x953d96935b215b2fL,0xe9a9436c573f77fbL,
-        0xf577c9c6334b0b7eL,0x9dba2bccbce93fb3L,0x000000000000011cL } },
-    /* 55 << 91 */
-    { { 0x770c5fece69da7a9L,0x19f64e37a77befe4L,0xd3c78be1c75aa586L,
-        0x9f4fad22a4140e40L,0xdacc138f56ea04c1L,0xcf2449f983fdff97L,
-        0x7459e685c65440d0L,0x86ec5d4b46bcfca7L,0x00000000000001acL },
-      { 0x6741957f376dbad7L,0x7a7f41f3d45e0c7fL,0x1ffdb37d40041998L,
-        0x3df73b0673f33365L,0x7ef0296328023845L,0xe58c3a849cc74753L,
-        0x4d442f576df77c6fL,0xe0517e5e00f4cea8L,0x00000000000000c4L } },
-    /* 56 << 91 */
-    { { 0x46d19e84e4ffc94cL,0xb0c6a22b46ac3defL,0x78b32cb951b0c5b0L,
-        0xf3a9d47ca4d6703eL,0x564725a602e1858eL,0x962820cdda51085bL,
-        0x07079fae5d66a816L,0x2975644b7efdb35cL,0x0000000000000067L },
-      { 0x53e0fe0f027e7d4fL,0xe7919470fe2f6b5cL,0x0029df1fba6e0852L,
-        0x4a8c72c2cb9b0c0eL,0x8e94526c4398ce0cL,0xe5535ec6945ea9caL,
-        0xfed0915990686396L,0xce1523a9a17486e4L,0x0000000000000175L } },
-    /* 57 << 91 */
-    { { 0xb6a22a0200055b41L,0x1530d3c2738d7765L,0x74b844494b19e498L,
-        0x7e8080589e7bef67L,0x99f69a43bffff80bL,0xfdb0e8b1b027fd95L,
-        0xc5bc0fd033b928baL,0x6561d98bd273c3e1L,0x0000000000000124L },
-      { 0x3b992ebc4c8a05b1L,0xd151de1554ce8100L,0xbb63a62b154cbf46L,
-        0x3374fb329ce29809L,0x13994e41708b1aceL,0xb37f9846587049f3L,
-        0x6b6708e773cace40L,0x25ed315a8dfbe7acL,0x00000000000000e7L } },
-    /* 58 << 91 */
-    { { 0xc6f86aa312eaab15L,0x3f4fc2334051be9cL,0xcd591d72db49c31cL,
-        0x65ba21ffd2100c28L,0xdced627f512e30dfL,0x9c948bfd52d495f0L,
-        0x3b246e9ca178617cL,0xb7e99939f772b804L,0x0000000000000085L },
-      { 0x3ba75fc152793a53L,0xdf8f02a9c86c7a0cL,0xb7861f9ac573bac1L,
-        0x16b41667a3b76aa3L,0x069da96a345dfe76L,0x1df94b267585cb88L,
-        0x8b57ec9d4f2f7645L,0xfaa8230851320177L,0x00000000000000e0L } },
-    /* 59 << 91 */
-    { { 0xd8ac0bcf6c9950cbL,0x316eeb3196787697L,0xe1b0fb38589d27eaL,
-        0xcb9d58fbbdfd0018L,0xfd39a23040bd2016L,0x47ae06bd222818c2L,
-        0x7ca37a695d2a87c5L,0xa8a39329d2a51e11L,0x000000000000005eL },
-      { 0xf1e98f9d31797318L,0xfeb139037e1cb61dL,0x7d84a9664aca85beL,
-        0xe2dfd634b1056464L,0xf62a4661ae33a99dL,0xcc522a0cc86d2097L,
-        0x8800d70dc3d29ab3L,0xfe0e17145aa40b80L,0x00000000000000f8L } },
-    /* 60 << 91 */
-    { { 0xaf525dfffd31cac1L,0xab4dd60075e22b8aL,0xd6df54601bcfac1dL,
-        0x83d0b758ea498cf2L,0xc6c8a7db725379ffL,0x926a186bb282eee0L,
-        0xb0e0b072c1496c2aL,0x8f159a3e48668171L,0x0000000000000101L },
-      { 0x4494dfeda5edce74L,0xb5dadc35e28d5661L,0x320502550d978436L,
-        0xaa350e02ace0dc5dL,0xff8c6c8dc85e3d76L,0xadd61548038e9206L,
-        0xc5b0eeaf48b9ec2aL,0x3f1e7dc7c2645b2aL,0x0000000000000125L } },
-    /* 61 << 91 */
-    { { 0x911b6ec2d4d191d2L,0xa0be596398bbfebdL,0xcfc1858fcdb33929L,
-        0xe838e59fcaf4b07cL,0xc3cf06ff253f9c18L,0x96d4c2242cb76433L,
-        0x1bf6b527db17c2efL,0xdf9282d82792e421L,0x00000000000000b8L },
-      { 0xd9b60a5fa94190e4L,0xa82f09cdaf66cfaeL,0xb65d0c46c4e5935aL,
-        0x65c1bc0a65ce2172L,0x533f9f19629364c3L,0x522db0fc51c1cd20L,
-        0x1038f65b19332e86L,0xb64007f864003cedL,0x0000000000000094L } },
-    /* 62 << 91 */
-    { { 0xd5070a5ea979804eL,0x1fcc05daa28853d5L,0x7537020daeea2123L,
-        0x33583d857d3940eaL,0xdb4854fc6a16ee2aL,0x2fa7b6c674cb45f0L,
-        0x94b299c273a0bac3L,0xf5bfbdf0066135e0L,0x000000000000008fL },
-      { 0x7700d5f6ff090f73L,0xf186cb1328b231c6L,0xd080b318eec40e57L,
-        0x9acfb30b5e6eb82fL,0xdfa57c03550c698eL,0xe32e90ca75f80094L,
-        0xe4f0efa25d0871b3L,0x2c4e1314ff1ae785L,0x000000000000019fL } },
-    /* 63 << 91 */
-    { { 0xa1cf6e98abb1ce91L,0x94357a5ece988fa5L,0xce23c897403945dfL,
-        0x8926b4a89ae2d087L,0x39d0ec46294d25f4L,0xd571fa4d0340cfb0L,
-        0xd0389f1b25552596L,0x31c3d45476b870adL,0x00000000000000adL },
-      { 0xa4be459fc1acb2bfL,0xf98de31e4912a631L,0x5058dbc3f8e05adfL,
-        0x30b64887ecf93058L,0x6f0ccdd7a4a98333L,0x4f036282a5e29a50L,
-        0x141c5a024774ab8fL,0x5b11663b58682707L,0x00000000000000ebL } },
-    /* 64 << 91 */
-    { { 0xe67ad2a7a597628aL,0x424dfe8947deb6b6L,0x42669bdc0ecaca8eL,
-        0xae7a2f64d86f6549L,0x3858f56b652a2e24L,0x8e5611a650291825L,
-        0x21c2061120feb545L,0x4e550a9ecd63163aL,0x000000000000005fL },
-      { 0x4fabbb26b3b110bcL,0xebe74805036de290L,0xde88d2d633789748L,
-        0x56a1b7b8dbf7865dL,0x0646d53de8707cf0L,0xcfb67fae64108a0bL,
-        0x04f1401ba32160eeL,0x5998552d5f462a78L,0x0000000000000056L } },
-    /* 0 << 98 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 98 */
-    { { 0x80e86d53083e8647L,0x4c143f8de6bf14c4L,0x98965bebd250ddf8L,
-        0x66ad16a097f5f7ceL,0xf3b79e6a91ca08f9L,0xc8478bb25555ae35L,
-        0xa3b1085a3048210bL,0x400e0a3fc2e9f129L,0x00000000000001f1L },
-      { 0x73dd8aabef069132L,0x4aa4c72566348212L,0x44b84c9436f78446L,
-        0xf835da5068c9b6cbL,0x66b8e1d9a3536e11L,0x29ffbb214f4541d4L,
-        0xcdb5baffa43e5d3eL,0xca8fca6dd75f692aL,0x00000000000001d6L } },
-    /* 2 << 98 */
-    { { 0xbda14abf4d9b67c0L,0x54478dfabf9ac0b2L,0x08943aedca457b40L,
-        0xd82f3d75f18006c3L,0x434d99a148f5e818L,0x600c40e3c5422ad5L,
-        0x8a6294594361f89dL,0x25fd287b9c176983L,0x0000000000000003L },
-      { 0x5465deb69d02479bL,0x61fd5b4facf06848L,0xbda65f8547787599L,
-        0x1689cdce23280fccL,0xb2efd35d62e25557L,0x19fd60739c9f12b4L,
-        0xaf9a39433a87dae1L,0x20dd9c0ac5a84a92L,0x0000000000000101L } },
-    /* 3 << 98 */
-    { { 0xd8764ed5adab4cf4L,0x6a3f2257baf7618cL,0x6607661ba03bb43aL,
-        0x16f0ad3d41029908L,0xf8dadf979b47f97eL,0xe690674d9dd13ddaL,
-        0x8f5f3c154180317eL,0x9694476452c697a1L,0x00000000000001b8L },
-      { 0x9e9715e5f7894511L,0x43c263b702f78d2dL,0x31b78c2547ad4de4L,
-        0xe2f6454ce10ef4bbL,0xd0f816ad15787104L,0x169f4e00bc5c632cL,
-        0x99c89fa79b77e99aL,0x7c758a0eea13b439L,0x000000000000003aL } },
-    /* 4 << 98 */
-    { { 0x067f879fc7734385L,0x787c7f18b4a51794L,0xa269c44672d9af69L,
-        0xa4498e7387d71897L,0x28e3d84aa91814acL,0x8caf2f61f62fede0L,
-        0xad36da315dc202bfL,0xfed8bc0fa4689189L,0x0000000000000068L },
-      { 0x84a0854296aa1400L,0x871885f1cd72b4a4L,0x00954202e9d3027eL,
-        0x19b350695c86a302L,0xbe420b636cfc52a2L,0x8b75228287175b19L,
-        0xd1811b8c9a22611dL,0xf9c23d803e468601L,0x00000000000001d2L } },
-    /* 5 << 98 */
-    { { 0xfd9470df9bb055e9L,0x356be674b8a9cabbL,0x7ceda113f1c13a27L,
-        0x2a717f78d70ae9b1L,0x971609234ca55928L,0x7f9e4e226e14f3f2L,
-        0x5b8a03155a589e18L,0xf8c780b940b09acbL,0x000000000000008cL },
-      { 0x2fee3ccb74d98575L,0x2d33151fb892607bL,0xf0fdedda3a2a25c9L,
-        0x0c82e2d3124e2527L,0xdab009109bbb329bL,0x402e27ea52798e10L,
-        0xd0009cb2f6d91403L,0xeb90c221ea21c5d4L,0x000000000000010cL } },
-    /* 6 << 98 */
-    { { 0xbb7c3bbf98814afdL,0xfa3eb481e568d703L,0x1b8f1e0658318259L,
-        0x44c2c4a0d9df9cc1L,0x9906fec621cb9541L,0x4513855b90220398L,
-        0xba8e04c7730f3d49L,0xf6f844eec5039f3dL,0x0000000000000062L },
-      { 0xff651f70c32b230cL,0x2bf8f30c4ce8747eL,0x2748f82ddf061f06L,
-        0x9ebe9d519b73f4e2L,0x428724b7b60edd59L,0x88ddeb09c85196ecL,
-        0xe9a64c7a9ed85523L,0x2465d7a62e865fdfL,0x0000000000000099L } },
-    /* 7 << 98 */
-    { { 0xf8cb5eb1fe3b6e1dL,0x8200ee3a92dea299L,0x8cd62994aae59107L,
-        0x2953835d17e38995L,0xebc59a3c6b24fdafL,0x847a4f3c89e2b86aL,
-        0x68f32c1a505225e5L,0xd9d254f8ac4ce49cL,0x00000000000000e5L },
-      { 0x357de1596d60adcdL,0x7ec27f7d8d7d0d59L,0x43af31858acd0224L,
-        0xda2541a71f551347L,0xa13e7bac81ae12cfL,0x4952416780e2588fL,
-        0x8b716928caeb93b5L,0xe32a7fc61642f543L,0x0000000000000146L } },
-    /* 8 << 98 */
-    { { 0xc52699b9e6a0bf64L,0x3d1f9b860d0e9732L,0xa14ca004e0882130L,
-        0xa69508493d669257L,0x65c264d6d76816d4L,0x594a5d7cba522818L,
-        0x8e44a20532ad6596L,0x74445203093718efL,0x0000000000000189L },
-      { 0x63b108c628885dfcL,0x7ddd44ccc31cf288L,0x82b2cad4b5267f9aL,
-        0x5b8a5f7b449e0cc8L,0x24a85f05e8bbb4a4L,0x694cdc1ca0eb93a8L,
-        0x58943b3455741ffeL,0x381df171377ad2a2L,0x00000000000000adL } },
-    /* 9 << 98 */
-    { { 0x0801f029405ebc29L,0x416cbd9c9e0c3db2L,0xf0fcb43499f8654aL,
-        0x6ab20655c0f9668dL,0xc4c78a18877a85deL,0xdfe8ab138d16c153L,
-        0xdcd5e7c1183c66dcL,0x2f1f7dc246c3b605L,0x0000000000000173L },
-      { 0x1cf1a9f24a25993fL,0xa792f66ce5a76bd6L,0x124befa3e06def72L,
-        0x4b2b2ef9d85dc995L,0xf1b45b1645b0c395L,0x7b35ab2fcf5ffc87L,
-        0xb7b346b5d34c4e26L,0xb00503fe39b8fa4eL,0x0000000000000013L } },
-    /* 10 << 98 */
-    { { 0xb5491319e335e6c2L,0xc892ed96b5f0342cL,0xcc4a8411e412e065L,
-        0x2f8b20e3fd229e7bL,0x9ab982f9843e35f8L,0xf904caa67a728b27L,
-        0x283c27cc8360e327L,0xd3a7f980e08c96a6L,0x0000000000000049L },
-      { 0x11de6dcbf507feb0L,0x9033db6c32233dabL,0x39e46408c4586261L,
-        0x0c31a9624bae870bL,0x5f833a79cfa69865L,0xa4e9e08b019af648L,
-        0x928769ade156f8d8L,0x9ce74709c4a99988L,0x0000000000000150L } },
-    /* 11 << 98 */
-    { { 0xb53d5e9b4a51dfcaL,0x7b60443da3894de5L,0xe25e2bf7b1515643L,
-        0x3486b05885451eeeL,0x2c0827a4d806fefcL,0x6cec283cdbe198d0L,
-        0x589f669bf950d73cL,0x2988117f1a6cbf5dL,0x000000000000015eL },
-      { 0x6f8031cd9cf3edd9L,0xf0ec99d2e35d3239L,0x06284ed6d954a869L,
-        0xdb1fba06265e04bbL,0x94f3d6a2d08e378eL,0x5a060f9e778b4464L,
-        0xbd9c9b10152f5a69L,0x7045807405281905L,0x000000000000004eL } },
-    /* 12 << 98 */
-    { { 0x13996f30e402d747L,0x2524a83bebc31a51L,0xa41699b795d7ebc0L,
-        0x602112c7ad867499L,0xbf81b788d43b5a3eL,0xf3cd28581c736ceaL,
-        0x01a6df580ff424ddL,0x6e527daa95500baaL,0x0000000000000171L },
-      { 0x1d966ecbd1b77ff2L,0x2980d1c923985bd7L,0x20a275a635732ba6L,
-        0xa1b81f99430369d0L,0x6052b0183c0a4d36L,0xb4fa4d6c8a790b12L,
-        0xf4ee3079353165bcL,0x79ef46797ed670deL,0x000000000000002dL } },
-    /* 13 << 98 */
-    { { 0x7ace245a07c2e7e9L,0x64cab9a80fd5b38cL,0x6a04658d9c5cd391L,
-        0xc6e7b879e6b8f8d5L,0xbc208a42349b740dL,0x67f77d263e4deb3aL,
-        0x47b6aeca8c7f3b39L,0x74b9557530083c67L,0x00000000000000d4L },
-      { 0x780d1c78d729d124L,0xaa4b4b8bf3bd1ac3L,0xcb0e1707d5afa9bdL,
-        0x336ea478e41831fcL,0xb34289ae0e1e4c73L,0x3533cae21e38d267L,
-        0x50b48d18bd7e62d2L,0x419bc9e607476b8eL,0x0000000000000006L } },
-    /* 14 << 98 */
-    { { 0x443c1b80fa605db6L,0x57287045107c6a8cL,0xe9fd39204bfa9bb8L,
-        0xecb90ec960291f2cL,0x78b1fc15087ea126L,0x3caa818986592da6L,
-        0x3a2abd00dd8c6d5aL,0x885c9499a771ec5bL,0x00000000000000a3L },
-      { 0x15c5483b4ae49580L,0x66b59335ec88a215L,0x5486fe34207948b2L,
-        0x1a41ac9453866679L,0x9f568c63de3497c3L,0x6b2cc6b5ee1a320bL,
-        0xb2e2cc04d12d68ddL,0x3bcd8d271b2a518cL,0x00000000000000ddL } },
-    /* 15 << 98 */
-    { { 0xcc3f7489019ade2bL,0xefb874571a7402efL,0x073176ddb31586dbL,
-        0x062ea41b73784230L,0x688de8033a8fa379L,0xe281a7a7a2e28e00L,
-        0xa232a142a323d618L,0xd84cb9002792d666L,0x0000000000000143L },
-      { 0x2f1e3f96de5d6ab9L,0x9fad76a0b1a97255L,0x0db69c89649a5f4bL,
-        0x3a997973b899710fL,0x75ec0561af8157c2L,0x62753eabd270655cL,
-        0x497669a80b46d35bL,0xcffb44c44b926857L,0x0000000000000084L } },
-    /* 16 << 98 */
-    { { 0x84b4e6f6783099afL,0xa94ca2294dc772b8L,0xcb768aa65ea29d0bL,
-        0xd47361170fcb316cL,0xc411b7b79775774cL,0x410c974c96ac3f48L,
-        0x1663c40aad24a12aL,0x87f1508da2a503bdL,0x0000000000000161L },
-      { 0xecd265ced518bbbaL,0x8d77018ddcc67981L,0x1e9c19223ed1a18aL,
-        0x5484ed8427440d05L,0xd319640942d659d6L,0x82ce3a7181354397L,
-        0xd097534de7d7dd79L,0xda9d11cf084658f4L,0x000000000000006eL } },
-    /* 17 << 98 */
-    { { 0x2a6ad43f50e3eb59L,0x735dd00ebc32b62aL,0x317f6f679e89b620L,
-        0x7b9e260c36e98778L,0xdd338b8e168d53a4L,0x83c196436f9a8038L,
-        0xff1ec28cb607e41aL,0x2d7cc7618f05f0a6L,0x000000000000005dL },
-      { 0x4276274d347c52ecL,0xbaff740b14ce5d7eL,0xb47b6a4167d528d1L,
-        0xd0c678f7962850ccL,0x4891dea22b049133L,0x1786e620ada076ecL,
-        0x09451905486b08f6L,0x948834d92bbf984eL,0x00000000000000a8L } },
-    /* 18 << 98 */
-    { { 0x92cfc98dea9c994bL,0xcfc7b48217371932L,0x820a2d553180e799L,
-        0x0a164a5a5b0a82c4L,0x45ddc7fd7a87b97aL,0x582e845754b2116cL,
-        0x371ef68d8f9eb2cfL,0x127d572a03067708L,0x0000000000000069L },
-      { 0xde83da9cc02d06c8L,0xc262d58529c5e4bcL,0x32c73d8f44046239L,
-        0x2bf12411bebd50efL,0x7a2729e160af2df6L,0xaef5ebfcc859d25dL,
-        0x05efd7c034c0edc8L,0x89adc752185901c0L,0x000000000000019cL } },
-    /* 19 << 98 */
-    { { 0x485e2623be1f51beL,0x143ebff4f8173134L,0xa688b45a819e5154L,
-        0x67fe58f8eff4fa2fL,0x449394c9d4ce70a0L,0xc37b8a8d12dd3462L,
-        0x2a10cdc1217745f0L,0xd6435c4c17a00c1bL,0x000000000000015eL },
-      { 0x3222b4a2ce699e69L,0x9473d565ecbef61eL,0xa183e92e8db063eaL,
-        0x2f2df05d20ff011eL,0xd201a960916ed069L,0x6af80e44c72fff72L,
-        0x994817c219a2150aL,0x63e8bea770fd901bL,0x00000000000001b2L } },
-    /* 20 << 98 */
-    { { 0x9886a22962c16459L,0x0e0236afe5aa41c7L,0x468d4c3a61fef10eL,
-        0x8c3171ad3db4d163L,0xea4180801022bf50L,0x29c61bfddd95500dL,
-        0x79073998fc1086d4L,0x18e62735d880bed1L,0x000000000000008dL },
-      { 0x3772a3a6bab5ed67L,0x59aeaa70c4a82be5L,0xdefd15693fa10eaaL,
-        0x60cf6bbd3d7a410fL,0x9c3ce822061382edL,0x4b45af6448a0b43dL,
-        0x4c7b5a07752c5323L,0x638f2663cfd710f2L,0x00000000000000b9L } },
-    /* 21 << 98 */
-    { { 0xee1e449ab498ff47L,0xbe4cfc2e82915614L,0x45947d849510e9cdL,
-        0xd413618b021fadf7L,0x896a62bc9cdecbe1L,0xf4113eb9627f1028L,
-        0x5dd6e91605aaea6bL,0xa52dee6d9a1ac809L,0x00000000000001a4L },
-      { 0xdf07521a7863cc22L,0x5bdf617356d0ea3bL,0xec462a8693dd110eL,
-        0x4a53f3c18d68aa25L,0x45919920a7d4b28dL,0x2d2d42abfbc5e401L,
-        0x2158573907fa46d3L,0xd5715aa9b937900dL,0x000000000000017dL } },
-    /* 22 << 98 */
-    { { 0x759c736628c6b666L,0x68d5cbc1f38bb6acL,0xa6acf7fb07508ff3L,
-        0xdb68b1c90d31ee2bL,0xfc8f402a071bbf2dL,0xebed7bdc838e87a0L,
-        0x3441693f9465d8b3L,0x6732878d1dcb390fL,0x0000000000000129L },
-      { 0x358cd92b170795c5L,0xab88a0a20a185fe1L,0x9901aeb8c4cc8c02L,
-        0x4b763c08e85250e9L,0x29f2c8154625a096L,0x153b9ed3b3124358L,
-        0xb8af8770a4d48d39L,0x8e3217113164955dL,0x00000000000000a0L } },
-    /* 23 << 98 */
-    { { 0xccdfacd34cddc5baL,0xa06e3fe25047a9f8L,0x81206e0e9d8c2652L,
-        0x75167c3e88419d67L,0x3c0442de1db10edcL,0x019f18ac0d0d486aL,
-        0x56c7baeb64efbe20L,0xc7ac08b0f7c220bfL,0x0000000000000062L },
-      { 0x07ea8fcd9f040b6eL,0xf02de9fda6b37d8cL,0x93fd1121da55f26fL,
-        0xd0393a45090ff3e0L,0xf492651ae4b87e78L,0x4bc0e5b5eef1cbf2L,
-        0x6f560378d51bb3b7L,0xf471b347c5efaa96L,0x0000000000000175L } },
-    /* 24 << 98 */
-    { { 0xb6d0eeb7510be54eL,0xed352173060b7322L,0x0f581a2183364ea6L,
-        0x78ef831ef59ec71bL,0x09a472c9a055e4b0L,0x0a529bcb7d2404dcL,
-        0x45f10074b461331fL,0xf80627f369a5a576L,0x000000000000006dL },
-      { 0x12cf73e37362082aL,0x7cb89bc91d6278a0L,0x2b0c5312b9f399d8L,
-        0x4403d4fb21e7ef6cL,0x34dd11819b453f15L,0xa38c5e981ae02a19L,
-        0xa1ed1aaddce1792fL,0xab8261dba4d71c9fL,0x0000000000000036L } },
-    /* 25 << 98 */
-    { { 0xfad65c13dac2b992L,0x762f983d5304c00cL,0x4c7b49b7d2da32e3L,
-        0x4c4122a83bf0d5adL,0xe3afec2564f9af81L,0x933f38f305217cbaL,
-        0xb213496e96d7241bL,0x469b9aad37ce2c05L,0x00000000000001b7L },
-      { 0xd105c543c1166f98L,0xff7e04a6a913acbeL,0xf07ebe34252a9c03L,
-        0xcc7a8b753e7df88dL,0xf14f0a16e44bdc1fL,0x684fefd718c1bb4eL,
-        0x498ab8c0925b286aL,0x598d3f5808702939L,0x000000000000002fL } },
-    /* 26 << 98 */
-    { { 0x06c90f137ba2cdc1L,0xb427ace8f70aa58dL,0x33fed4366970546cL,
-        0xaf8ae02b0d5eafa5L,0x74b6f45d390ea792L,0x121708e487c81e88L,
-        0x323a3672d186ce90L,0x1a66c0a48b4e7832L,0x000000000000006eL },
-      { 0x331064266beef707L,0x722fb7844f59525fL,0xa73cb5be473798d4L,
-        0x2bebfc77f44d5281L,0xf397282673030f11L,0x89c0d9dad93404e2L,
-        0x4e76c1852e5aa5fcL,0xe95f8dc3275485ffL,0x00000000000000d2L } },
-    /* 27 << 98 */
-    { { 0xa925539c3ede62d0L,0x195ef41b574551f7L,0x7049c9c1f270aea1L,
-        0x746d0dbf486bb267L,0x3cfb69b104d8eafaL,0xd0a86d9e8cb4df64L,
-        0x8abf12841dbb9b19L,0xe7d381d1d3b0e425L,0x00000000000001f1L },
-      { 0xa469a46539ce8ef0L,0x63cfb5adf537b1feL,0x2f84fd9dfb96b734L,
-        0x3ddae07e2ef3ff5eL,0x8be74870350b4402L,0x0e014d43098f11eaL,
-        0x2862b3b50f0784b0L,0x097303411327f2c9L,0x0000000000000102L } },
-    /* 28 << 98 */
-    { { 0xc9eed4f2599a7682L,0xf1ade4e4a4f4f82aL,0x7479dc8b6ab6d04eL,
-        0x2da874dc271e42cfL,0xc700ca719265e2bbL,0xaf88ba91255fdcc6L,
-        0xf68c29705705e0ddL,0x6ee1135b229fdc50L,0x00000000000000fbL },
-      { 0xf4bd32a2a1a31961L,0x4e67eccfc4785c20L,0x8c0cd85d17f740e3L,
-        0xf6930e3ad8c21194L,0x2c9d9c7376b4c919L,0xd32de819e69ea290L,
-        0xc1028dd33724a066L,0xfd3f06ee7538d3adL,0x0000000000000054L } },
-    /* 29 << 98 */
-    { { 0x616e5cd45bf0af55L,0x6b79cc4dcd382cd3L,0x661574af66107910L,
-        0xf7ad62be9aea6fa1L,0x6a47e48e8c0c9cdfL,0xaf5aca071e6d464dL,
-        0xf180a69f8925c182L,0x282864092b7ca708L,0x00000000000000acL },
-      { 0xb6bdf74fa48967ecL,0x95d640c0484ff456L,0x942032b4db3ef654L,
-        0xd12caff283c4f9e7L,0x946903ca1b8fa837L,0x1cd9b1463e8e7338L,
-        0x7376fa9dd4c41057L,0x50be41a35e26c299L,0x00000000000000f3L } },
-    /* 30 << 98 */
-    { { 0x152c38fcd581471eL,0x05b8e79160b4b12aL,0x5ff32ad285168011L,
-        0x43ff030dbf64b3b6L,0xcb660ffbb119ea1dL,0x0d551ab6abe7c1cdL,
-        0x7c012e803b76feb4L,0x6cafd8b9ffd0b552L,0x000000000000005bL },
-      { 0xbc486f8d855d1dfcL,0x8a6440ef381a9c23L,0x5e97a549d9d1b832L,
-        0x351cc9264d4208d9L,0x2c905f05f72a4413L,0x0feb2643c61c13c8L,
-        0xbbebfa77d50dbd43L,0x3bacdd79c7cfee04L,0x0000000000000141L } },
-    /* 31 << 98 */
-    { { 0xa489600cd04efabbL,0xb1913b347679d8faL,0x071f212fbbe3b326L,
-        0xa78728838b2e519dL,0xde545995b4e503c1L,0x5e5c3df6f58f6c94L,
-        0x8ab21347bd887cc7L,0x894be454e5529c65L,0x00000000000001d1L },
-      { 0x5628656d77eb1957L,0xad52a8d96df565d1L,0xa83f387c8e0b8311L,
-        0xbddb40c83f3a1d96L,0x1f91eac2cc121356L,0xff612889d0bb2745L,
-        0xa15437c096e19a86L,0x6ae3410f4efa63fcL,0x000000000000005eL } },
-    /* 32 << 98 */
-    { { 0xad3570f4d827a280L,0xdb625d88b2f60f8bL,0x81bd93b7ae94d18cL,
-        0xc2fffe8af3ae3394L,0x06b0ec262e4a72b4L,0xf1285a13c7728dc7L,
-        0xd97dee85a4190a48L,0x945e4869d4b0f305L,0x0000000000000023L },
-      { 0x44587f935c577abeL,0x256b56424ddd2f17L,0x36e73dff0eab2bc4L,
-        0x6b2b5f3ace0f4471L,0xce1f2f0fa25bae4cL,0xcf10076029866124L,
-        0x0ec9b4d25ea0d400L,0x621b68580adece0cL,0x0000000000000162L } },
-    /* 33 << 98 */
-    { { 0x33e194dd9a7e3430L,0xe9d5ab561284bb95L,0x9c067ead0e58900aL,
-        0x05355bd3e1af14c3L,0x9a3892ac06815865L,0x5a8c70c331c62938L,
-        0xd8e522e3afee9136L,0x50e266510abe2cc3L,0x00000000000001f9L },
-      { 0xd8ab109d2469ed04L,0x90fc703dbdad4fa4L,0x1d0882afda97fdebL,
-        0x60f8b44acdeac89eL,0xc497d8d5af9d0bf4L,0xe30ef07a66044397L,
-        0x614c26190dbb6093L,0x8eebc530ea3adb8fL,0x00000000000000e1L } },
-    /* 34 << 98 */
-    { { 0xfc84c7d966cf468eL,0xb05444b6a6dd0c36L,0x6ceefdc9cb75ae66L,
-        0xa16407e1fcd19989L,0x0e4d008e3ea55530L,0xe2e44180a8796154L,
-        0x2c96ee812bd73378L,0x84c750f4a6a094e2L,0x0000000000000046L },
-      { 0x3ced13152f93d6caL,0xbc1e7b5cb492a410L,0x4e0238df9daeead4L,
-        0x946fe9921e47d1a3L,0x6b3827027ae7ff3fL,0x305d7c604be9a4c8L,
-        0x5b4a7ad35a3421c4L,0x97dd360169cf2602L,0x00000000000001f8L } },
-    /* 35 << 98 */
-    { { 0xc7c08962ae59aa33L,0x65e33dad2f839e55L,0x751e8014c7cf5accL,
-        0xdce80c8b384a7c9bL,0x4ed68aa2155876dfL,0x68f1fd1e6a12109fL,
-        0xe478bfc5df171beeL,0x25a6d4efa0d40af1L,0x0000000000000127L },
-      { 0x3d08cf5216e520a5L,0x0e0c219aec295ca3L,0x4a11607f58c573d4L,
-        0x2e94a059027c52aaL,0x5f86333bf001ea33L,0x1d5390fe8d19323aL,
-        0x530581f92030a6c7L,0x13436ed1984258a6L,0x00000000000001c0L } },
-    /* 36 << 98 */
-    { { 0x1ff09f33cae6514fL,0x191fe11b261fb47dL,0x97e72c53bdf0b228L,
-        0xf81cdedb8caad4a2L,0xaa5f28367542e922L,0x090df178d68e225fL,
-        0x9adfb6202c8431d8L,0xb8f9bea70f010ff8L,0x000000000000016bL },
-      { 0x78fc8973f422e828L,0x8496b0b5d149e76cL,0xb1f0911a565c8f4aL,
-        0xe580f18ca79f3220L,0x8d3b71356fe124baL,0x8911601d673928b4L,
-        0x193c9fa9e5209d66L,0x988483f1bea837ffL,0x00000000000000f3L } },
-    /* 37 << 98 */
-    { { 0x2c6f263b3fdaa30bL,0xc469da4af8289eebL,0x126c0a3e4f2905c9L,
-        0xac4d69276852183bL,0x9f76c56965b948b8L,0xdd3297e86cc30f05L,
-        0x83cca68afee0c55aL,0x7062249b13d1eb8fL,0x00000000000001ffL },
-      { 0x66cca2f1488bb713L,0xe4fe61c013ce959eL,0x10ef025c5bd7aee9L,
-        0x651aede32c4e3aa8L,0xe233186271ba632fL,0x91887184db1340c5L,
-        0x5cae47ac291e4167L,0xbd1dc2ac61e04921L,0x0000000000000062L } },
-    /* 38 << 98 */
-    { { 0x9365bd5f6e280862L,0x3eb1370af4e5f679L,0xad83574dac728e89L,
-        0x6011dce778ccbe43L,0x51010f61d20a552bL,0x614eaf6c6c29a90eL,
-        0xb1d5f33caea2fcb2L,0xa001efcb12511f6aL,0x0000000000000114L },
-      { 0x769ae8486be363efL,0xed582b28c1195a6dL,0xab11de93a3d3cde9L,
-        0x6e467f11acd39daeL,0x0439b529ba6cd7bbL,0x71019d73fc6195a0L,
-        0x9693ad57c81639e0L,0x31a722a10ed42ec9L,0x0000000000000068L } },
-    /* 39 << 98 */
-    { { 0x0c5c60509cd7678cL,0xac3eeaa649215514L,0x1d124f7ffad388f4L,
-        0x1aed3c0e6d9c49aaL,0x7cb12edb54a3c297L,0x7f1e0889f2432aefL,
-        0x62b2bae3fd1795fcL,0x48e20ba944caa18aL,0x00000000000000cdL },
-      { 0xb1a6ca263b7036a9L,0xe53c3a75af94680fL,0x878870b5352a936eL,
-        0xaf3c86ea55fc352bL,0x60a91eabd9b66071L,0xa2c246a297c722a4L,
-        0xe1f2588cdfe226b7L,0xd1671ac1fc2267c2L,0x0000000000000079L } },
-    /* 40 << 98 */
-    { { 0xf9bfe015460032b6L,0x6410756336a6c19aL,0xb0712a3510d65254L,
-        0x3c97ae7d2a9946dfL,0x28e961edbf77c7f9L,0xf937f17cbc8537a9L,
-        0xed718f65057512d9L,0x7ee133ff8bc561a9L,0x000000000000003cL },
-      { 0x675476a99e3441e0L,0xf8abe77c9eeb9df0L,0x0ce788421a10b4ccL,
-        0xa6f28b21793079e4L,0x01c63657267d9dcdL,0x2de2e74e702b40e8L,
-        0x28620c5a25617600L,0x7505685e5d4d9809L,0x000000000000008eL } },
-    /* 41 << 98 */
-    { { 0xc77c81dfb49ef4f8L,0xcc7a1f775aa25efaL,0xdc450c19b138a6f6L,
-        0x05d2d28b8a09e2e6L,0x6c631d9e49886053L,0x0fb35d84bb82d381L,
-        0xd8a0a353fa26cdc8L,0x8b49879a9a4448dbL,0x000000000000001aL },
-      { 0x6d91d316fb8aa58cL,0x933d09813affa02bL,0x6f68fd557c5a5a04L,
-        0xcad6f83f21ede5f6L,0x364829e50302650aL,0xabf09253bc326cd4L,
-        0xfc23db4b75573e98L,0xe6ccc3f67891f2f2L,0x00000000000000adL } },
-    /* 42 << 98 */
-    { { 0xeded14459eb444e9L,0xd1605d6d257afeb5L,0xd9c649f54a25d9c4L,
-        0x8f148eae369dfcd0L,0x72c632dc79197e8eL,0x55a15a077cdbf577L,
-        0xdd50e58248c28164L,0xd9e03b72971e416fL,0x00000000000000d2L },
-      { 0x63443c908a063207L,0xceb2fadf26fe1696L,0xfe06b1df27b56c4cL,
-        0x75978d3adc74026aL,0xdd313d3424c9b16eL,0xd8d800e0eacc75c4L,
-        0xdc863b4b595b73daL,0x638f474f0a6c15f6L,0x00000000000001b4L } },
-    /* 43 << 98 */
-    { { 0x4e30388a3fa31d74L,0xcedb2dfc4960cae1L,0x744a7745f4f45ce8L,
-        0xd742c0017186bc80L,0xcafad4ad164ca760L,0x396ee3d486f8d7eeL,
-        0x1084ed389b54c6bcL,0x289c4f8e0f7a5b68L,0x00000000000000b2L },
-      { 0xf6b9e59783ea21b9L,0x3135f10773dd812fL,0xe1012d9a9ee85a75L,
-        0xc9a47983ba06a432L,0xb237d66881581dfcL,0x1b0225611e35da83L,
-        0x837cc40f94261e64L,0x11f933f5fb3344f9L,0x0000000000000161L } },
-    /* 44 << 98 */
-    { { 0x5cfc2f27690b6bf1L,0xdc6e6043f33ba977L,0x39dc991e82d11ba7L,
-        0xfb80c94e2922c70dL,0x393dcc3ba5cdeaffL,0xd44d9c7ca687f07dL,
-        0xbd25ebab33bc5437L,0x9a389625d71c4392L,0x00000000000001e3L },
-      { 0x0ac41a2f228f0787L,0xabb96a60cde860b7L,0x22cd3ce604c04d14L,
-        0x157669c6f65e7b0dL,0x0ef03f6167abced9L,0x9d2cd63a814717ccL,
-        0x3991c34977387f7aL,0x3c1b38a58a80a7f4L,0x0000000000000033L } },
-    /* 45 << 98 */
-    { { 0x051a1d25a03c152fL,0xde506b47f51d02c1L,0x6a0458d855e35f7cL,
-        0x9df1cf180c96a540L,0xb658cf9b47a847bdL,0xdb2efe9ce8d42a41L,
-        0x8e2290741219314bL,0xf8fbac85a1cd9697L,0x0000000000000143L },
-      { 0xfdf09168226d0a89L,0xb58b9906a82a9965L,0x88fdad1ff0b79bc5L,
-        0x573b2da29ccc3019L,0x4c2a220d8173e9ccL,0x060bc07731f682e6L,
-        0xdf135af96e7e3dfaL,0x78c191ca507811ffL,0x000000000000004bL } },
-    /* 46 << 98 */
-    { { 0x75627d858584bbbfL,0xbe77f77ec5670f07L,0x86ed433624e2e6cfL,
-        0xe9f725fc83e2e6e6L,0x14b4015ff8a3131bL,0xb1211805c61a5f71L,
-        0x024152443d5b62ceL,0x1aa1a84fcf15a0dfL,0x0000000000000171L },
-      { 0x36f8293435d927f8L,0x22e3300715513cadL,0xc5e42e5783d8b14dL,
-        0x33e90ea35251a8c2L,0x64c1eb44d96f4b8fL,0x52f2ec240f126f58L,
-        0xef84f773b2a8cfecL,0x34949d2ed9d11c70L,0x00000000000001eeL } },
-    /* 47 << 98 */
-    { { 0x7ec007f751d62408L,0xe1669c21119dc50aL,0x8260e2ecf101ad5bL,
-        0x6a6062580c5eae7eL,0x221708bd91ce06f0L,0xdb91beab76d79e37L,
-        0xbdfb4ec33adee1b3L,0x61d216d1feb7511dL,0x000000000000005dL },
-      { 0xf77d7881483fb649L,0xf16f36a8d54d0788L,0xece1796dbda356aeL,
-        0x79f49ef894859937L,0xc4397e207982f311L,0xc98b6e076ce8f498L,
-        0x6c9e0cfeb80ac218L,0x485d36a17b24e50cL,0x000000000000017aL } },
-    /* 48 << 98 */
-    { { 0x95f7fb41da8576c3L,0x42901717d151bb68L,0x7a0277d38777c80cL,
-        0x6827807b5a429477L,0xb98e1de8941ef5ecL,0xadd50957575465fdL,
-        0xd436cda505f5b417L,0x6d30bf0bc232aaaaL,0x000000000000012dL },
-      { 0xd4b799a488873a5dL,0x2200c6d4d60dc1d3L,0xb784a12b75c91d8fL,
-        0x6c8aa91f09fed40cL,0x48db563f5720cce1L,0xbb0de5c0f50bddc1L,
-        0x4aa1fb064c4bc117L,0x905d18a31cb0da02L,0x00000000000000e6L } },
-    /* 49 << 98 */
-    { { 0x05ae51c09ef391c0L,0x6da01b3ebbec8ce9L,0x352303693ed0bf8bL,
-        0xdde6b42cbd380ef8L,0x306e895ec96ab6ceL,0xcf75a84635797d57L,
-        0xed402b30cc298916L,0x66ddc1ffcf95180aL,0x000000000000013eL },
-      { 0xc472f66dfeb4d388L,0x446f756911b1a667L,0x4ebb535be578315dL,
-        0x54f8ef708b039744L,0xf6b95976b877b79aL,0xcc4283c1f5430e02L,
-        0x393ea2f9e1778b25L,0x26d55bfec9f45a41L,0x00000000000000feL } },
-    /* 50 << 98 */
-    { { 0x5617c67b09834aaaL,0x1520f46508ecedacL,0xb331bf9d63dc2045L,
-        0x1633f5f6de5be628L,0x959dffbb65391a40L,0x53450d3241b0bbc4L,
-        0xaa6442cbba6d681bL,0x7e6d47c0f07b5808L,0x0000000000000095L },
-      { 0x78def4619649ca24L,0x970eeaad9fd68eb9L,0x2f170dfd1f670a41L,
-        0x8c28d6fdfad9c708L,0x46892517acdef254L,0x0ca7991fb22ff7abL,
-        0x42ef276428c61efaL,0x1b1b24d9879002b5L,0x00000000000000e9L } },
-    /* 51 << 98 */
-    { { 0xf6465253c4c46cabL,0xcc3593d92fc27318L,0xd17ca4d778519ac0L,
-        0xb34dfb3947d5bfbcL,0x4fe4682e89d6216dL,0xdbe11575a53af405L,
-        0xb622af037d96d9d0L,0x27441f0161f9b532L,0x00000000000001c3L },
-      { 0xef5e7b08d1742a09L,0x77b47c7bf740e0bcL,0xbbb5e859b3c2b8fbL,
-        0x676b7939cb40d08bL,0xb98d654932da9e1aL,0x42546a9dceb3d8d7L,
-        0x0f1e38ea5687f118L,0x357ea1d50f472bbaL,0x0000000000000101L } },
-    /* 52 << 98 */
-    { { 0x85a59a49b81f2d5fL,0x5ab98b4cd12cafc2L,0x7be9e55c9036f3d4L,
-        0xb6644d14ac17dda1L,0x0d6caf4ba23f330bL,0x960e78ef567899fbL,
-        0xb6ec1c3f4bedf73dL,0xbe7e5caba971c6b3L,0x00000000000001b4L },
-      { 0x20cb3a6a66a01413L,0x1fc8c49d71dd7853L,0xc6eea4c1d0f467cdL,
-        0x72adc39ac442dc91L,0x1349ac1b9fd5a2e0L,0xa58d769226814c74L,
-        0xbe23da1602685093L,0x411491b34f2278a1L,0x00000000000001c3L } },
-    /* 53 << 98 */
-    { { 0x5df613d86eeb2735L,0x9adffc0f3bab3590L,0xa9e579d5fbb0951cL,
-        0xb2f2301d93eb0acaL,0xfd90af4277018d78L,0x5fb3dfa8d26e5801L,
-        0xb5f4a0b58db45b65L,0x5152a2c96bff3350L,0x00000000000001a3L },
-      { 0x3c3d0aae3bbe30c4L,0xab6a28c32b64812cL,0x552a8e1fd45d39b8L,
-        0x00f9ad121a9ee27cL,0x0985dcca840dbe6bL,0xa511b246f8a3d008L,
-        0xbec2ee441ff2d83bL,0x53a67bbe0e46b345L,0x000000000000001fL } },
-    /* 54 << 98 */
-    { { 0x63e9d7b2f8ccf1c3L,0x158001879260eed6L,0xa687c4759a40eaa7L,
-        0xcead499e587304a0L,0x0ea47fe6fcd6e4a2L,0x1fd51b69b04a24daL,
-        0x5519ae53a83160ecL,0x4f7d9444ab88175dL,0x000000000000009dL },
-      { 0xcd73bd2d8fd64c7dL,0x8da0c21e69451d1fL,0xeb66fd3fc0f3a5ffL,
-        0xcb267f27e9499043L,0x407f43f7df79a3d9L,0x000a877adb145264L,
-        0x056c0e2af3952498L,0x6f893940b83e7528L,0x000000000000008dL } },
-    /* 55 << 98 */
-    { { 0x42495d2779a151e2L,0x040725e19e477378L,0xc4d382f1ef2c6b94L,
-        0xf34dd70c2b5bb0b4L,0x3d2740c94a5150a8L,0x53de504865e4ddbdL,
-        0xb110cd91f58703deL,0x5c3abd4e167ffc8eL,0x00000000000000adL },
-      { 0x136129e5607e01a6L,0xed84c7926c809502L,0xf9c736f8a3f3ceccL,
-        0xc43308d14cf83eeeL,0xc8ae4fca644d91efL,0x3b58a62bc25f1045L,
-        0xdddbbba6a80de8c2L,0xb2c329cf2b831b25L,0x000000000000012aL } },
-    /* 56 << 98 */
-    { { 0x414530555ab463b0L,0x545b0b693248cab2L,0x25ec52d5dd9b920fL,
-        0x73bf68542dcdb1ceL,0x8efb2a6d02bf830cL,0x794ab4165ea6b254L,
-        0xa4422d12df2a60f8L,0x78bd1b524e9d5a0aL,0x0000000000000026L },
-      { 0x3f341acbb43f9e41L,0x4a73e42a6991d638L,0x596cfd672d29b6eeL,
-        0xc9184fe2940dd578L,0x283a30954a2883edL,0x0626dd7aa58bc7ceL,
-        0xf2d6c6ef401334f3L,0x55b107493c254bafL,0x000000000000002eL } },
-    /* 57 << 98 */
-    { { 0x2d9295c1f2bf5edcL,0xf764d4c5cb524dafL,0x2ca917e19800cf00L,
-        0xda3da70db6d553ffL,0x6a14076bcce4eb3bL,0x1bcbf4e8ddd246c7L,
-        0x653ed1fcfc906223L,0xc0ffa99f49e555d1L,0x00000000000000e7L },
-      { 0x6e75a577914f520aL,0x043dd7d0d4070fe6L,0x58ddc37ff47638a3L,
-        0x2d28267b70ceddeaL,0xe1c529280b9f91ffL,0xefa6ec2805e983baL,
-        0xdd61a80670d85f35L,0x9226446bcd48aa34L,0x00000000000000d2L } },
-    /* 58 << 98 */
-    { { 0x00afd4965d8690a8L,0xf86123ff5f81af58L,0x92791fc1d2e32baaL,
-        0xfb0517927d442591L,0x05d935c115baf7c3L,0xaff80ea31ee6a681L,
-        0x4c82f39458a15599L,0x691aa0055165d86cL,0x0000000000000160L },
-      { 0x8fc906b0da216432L,0x2553176a31adbbfeL,0x0acd0c27fa180f5dL,
-        0xcc22f6a295ca0db6L,0x2aa225bbd4f8515bL,0xcad879abe8685485L,
-        0xa7889114fb4b2f2dL,0x5e2f58e958175c94L,0x00000000000001dfL } },
-    /* 59 << 98 */
-    { { 0xa3fff0780481f1e4L,0x2c928413de29a775L,0xdb08b5d3f7168a7dL,
-        0xb2f81d56633213e1L,0x9928e38b33a95654L,0x42d16f450c473c01L,
-        0x0662ab7be4c7ffdcL,0xbea6e39ef5484520L,0x00000000000000b5L },
-      { 0x34cd343237cd50f6L,0xb969f3cd85686cceL,0x10558cab3e15b35bL,
-        0x87aa8ec532f13ad4L,0x706b9ee99311191dL,0x38adfcb860ba780fL,
-        0xa1485d172515550eL,0x2de9d6fd18b92a8cL,0x0000000000000052L } },
-    /* 60 << 98 */
-    { { 0xdcdfedb147c91a15L,0x89c1654de8003763L,0xeef03c09e074525dL,
-        0x1a75460c0b7979d2L,0x58881343fed5ae1fL,0x3fcd3227ddb9340aL,
-        0x1e4db699885bf042L,0x2923f9382340afaeL,0x0000000000000067L },
-      { 0x934ef610cce2e800L,0x8db3f34bbfb68efeL,0xd78192d6c8df9008L,
-        0x94929564d3fa0c49L,0x2d0cdbabfb20d848L,0xbe73f64fcd307b38L,
-        0xbdf434f3183096a8L,0x009a7ab97bb336bfL,0x0000000000000096L } },
-    /* 61 << 98 */
-    { { 0x51482c31c0279b71L,0x5a64d764fa114064L,0x1cea19dc613f02e4L,
-        0x584b4754ad92a890L,0x41d258fefe288772L,0xa46f97e2712b9833L,
-        0x6834b1b47263bd06L,0x2377b6a5e840922fL,0x0000000000000085L },
-      { 0x785b453e05243545L,0xf7cef5b951e1376eL,0x0b4baf26bf6985d3L,
-        0x1b19968160b01ea0L,0x8c67d48322d1bd0aL,0x44534e2069d7265dL,
-        0x5c66184f4d1b7631L,0x80173aabb4f2f684L,0x0000000000000139L } },
-    /* 62 << 98 */
-    { { 0xb2f73e97c2f18c9bL,0xafb9e244bc189020L,0x7940431bb4f03f21L,
-        0xdf6d7a8da1743efeL,0x34b51488b2d1f43fL,0xa4c57f09da0bb60dL,
-        0xca8497729e7a0788L,0xabb13fae3c00114bL,0x00000000000001f3L },
-      { 0x82b4d795bc829c42L,0xf9f1dad153a68a72L,0xf4dd335759991d6fL,
-        0x1602f217fff13f30L,0x55af8ec3e9568101L,0x36f1d1f1147a832eL,
-        0x9f1dd9d2408cae6eL,0xe5d03de373b26e6dL,0x0000000000000193L } },
-    /* 63 << 98 */
-    { { 0xf3dd72a10f87eb25L,0x8ef640f8237745deL,0x49c04801fc90b8afL,
-        0x836914f5bc493335L,0x3fc6bc7c66e73cf5L,0xbec3517371e8f965L,
-        0xec11f247478c734eL,0x1806c5d2f53ad410L,0x0000000000000058L },
-      { 0x24f77c0dee27650aL,0xf19cd730e89f447aL,0x2d4d5ff8af16422aL,
-        0x4a5a3cf9b38edb7dL,0x4476596d9a775f5dL,0x2fda6cb49e5716c4L,
-        0xe4926cdd84e5e040L,0x54c354ba388b853dL,0x00000000000000e9L } },
-    /* 64 << 98 */
-    { { 0x5d3f00ecbecff63cL,0x280fc963671a2835L,0x27cf9990849ad2f5L,
-        0xa1cfa523b27c7f2dL,0x9d9a6870b8278b74L,0xd6176cdf9ee793b2L,
-        0x9a98521ab31e9501L,0x4422e43e7436e438L,0x00000000000000d9L },
-      { 0xda4f7464daa8dc76L,0xa5b83150919e1298L,0x00d3948d81c82c13L,
-        0x95def32463724cdeL,0x9b57597b7d5a1038L,0x42d9d64e57432b3aL,
-        0x9807d998936e411cL,0xe68eefacf1e57507L,0x000000000000003eL } },
-    /* 0 << 105 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 105 */
-    { { 0x45d90cf8876b33acL,0xe53e1a993ed58f0bL,0xd5d181f549d916b3L,
-        0x1b1ef0402ec09be2L,0xe5787176b2113b57L,0x11d02e708073044eL,
-        0x9d1c19e7a2ae38ddL,0x2662d4943634f6faL,0x0000000000000130L },
-      { 0x454c8a736bd6208eL,0xd2447cefae37911aL,0x56ac592e69b8c5aeL,
-        0xe7f564839b615bfcL,0xfac066e1bbe7fe62L,0xb2ac3ee1b7777b32L,
-        0x55f8653315114adaL,0x15cba83e46497cc9L,0x00000000000001efL } },
-    /* 2 << 105 */
-    { { 0xc06a64ce981fd289L,0xb8dc2603d11fcd02L,0xea27a922770d2eb2L,
-        0x83c64076da8f19edL,0x9f6d1b650ae6a311L,0x977277bf73fa8721L,
-        0x7115ef98cc0292d8L,0x93237ae7d2e0c67eL,0x0000000000000069L },
-      { 0x83481b595c151734L,0xba00bd740ac1576eL,0x48f33272f178d4f2L,
-        0xe09fde3816492d95L,0x876124dbb9dfce3fL,0x27e7b1e503fe728fL,
-        0x79347e4604f98f99L,0x63ec8c5d48dcf0eeL,0x0000000000000149L } },
-    /* 3 << 105 */
-    { { 0x82a80d88b23b9243L,0x1a102766d91555efL,0xdf3cec50f069fa76L,
-        0xf6c125294319ca89L,0x9a11b37a0330eea5L,0xa5a659a902c12564L,
-        0x3e01e4311612fa73L,0x85580747e35674b7L,0x00000000000001daL },
-      { 0xfa500e83b5a20999L,0xb539909dcc336ec6L,0x76aa969e7ae2ac1eL,
-        0x2144206ce0a9712fL,0x095fec7e3ec387d1L,0x5988797252c7840fL,
-        0xb61a7c61262f5f93L,0x75bc25e7a76b83b5L,0x000000000000016aL } },
-    /* 4 << 105 */
-    { { 0x327d64092ccbb0daL,0xc5750f6adc39da33L,0x8b9eebbf7383f8f4L,
-        0x9ebb5a8e256c4edfL,0x7513f7c0a917a2aaL,0x31eb5a3dc4824bd9L,
-        0x2d6a4cfc2ed4a7f4L,0x9ee354aae0c9c30fL,0x0000000000000179L },
-      { 0x20eb09c9cbf2d15bL,0x4574d31c2547c112L,0x76543e3dd38e79adL,
-        0x1d35b8874edc05c4L,0x3ac58dc7aea4de85L,0x9aa6fa0aaf5715e1L,
-        0x8869704eb163a66fL,0xc685ea7ad14001caL,0x0000000000000083L } },
-    /* 5 << 105 */
-    { { 0x5b6711a5052b505aL,0x3b32ee5adbb104daL,0x3a59883e14432cfaL,
-        0x57b6d6bc88b7c74aL,0x363dc2628d5582a5L,0xbe6d3bf58928103eL,
-        0xfffbeb0963b06525L,0x29acbf58fac9b5ecL,0x0000000000000002L },
-      { 0x78696df41ce15975L,0xa9732060c78337eaL,0x288fe1958aafa892L,
-        0x5de9cd9132a7be5aL,0x2f1baccdbec8ed8fL,0x88131f8db1f0d997L,
-        0x8d15c4049d123bf3L,0xf460d41630a1544aL,0x0000000000000029L } },
-    /* 6 << 105 */
-    { { 0x95524dcea3342331L,0x2ddf9b2f0e413b88L,0x342e0ce86a03fbe1L,
-        0x8e2dec3eeaa3999dL,0x3ccf191b5ca80ad0L,0xf93ebc99804b9c29L,
-        0x97d83573f2282b48L,0x51f33e7359ecb135L,0x000000000000004eL },
-      { 0x789b5cfc7d53f035L,0x5ff3ae9a209b881cL,0x09af30bd80dcd35bL,
-        0x850cd0aa799b2059L,0xb660d065e2642327L,0x9d9424520f5134b0L,
-        0x1fd8897381ab299bL,0xe126dbe9b6a2ba25L,0x000000000000013cL } },
-    /* 7 << 105 */
-    { { 0xcc6292a08a547e2dL,0x9a76a8e180565c69L,0xda4d2475fb616140L,
-        0xc9cd45238b5a04c3L,0x8313b6c0554879adL,0x9a103a9522038226L,
-        0x4e5db49dd06a57e5L,0xfc49d649d1f333efL,0x0000000000000063L },
-      { 0x529f97e82f30ea09L,0x06692dc9416e0148L,0x534c9f6ef6dcca0bL,
-        0x26f9f8409d575d04L,0x93f66c9743c153d2L,0x776b12bd9d1b22cdL,
-        0xa44528e4b4000757L,0x738ecfb9881f46c4L,0x00000000000000e8L } },
-    /* 8 << 105 */
-    { { 0xbee094232a7f01fcL,0x75176a16998af9a2L,0x13273068fbe89a7aL,
-        0x3e74aa6f13c42b6aL,0x7da022be579c61b0L,0xaa759216ff23e10aL,
-        0xcf7f7d1afd852641L,0x0e9aaf1c1090b6c7L,0x00000000000000dbL },
-      { 0x483b1f8c6d9ebcadL,0x25f3aadc987b2c42L,0x83a7bd03f70950d0L,
-        0x67aefd6a14f250eeL,0x6e90c4f990070d75L,0xb9d65432035fdd1eL,
-        0x190281bb2ab23f7eL,0x36008cb1b69015daL,0x0000000000000137L } },
-    /* 9 << 105 */
-    { { 0xca31701dc0f403e8L,0xce036ea893374a84L,0xf15352701872a713L,
-        0x346ccdb0e92111e7L,0xd0427b8ab3ed8f01L,0xa165cec95fea17ceL,
-        0xee36680a6bff1155L,0x0db2ff965a8d9ad0L,0x000000000000004bL },
-      { 0x8f2638947cf7d4fdL,0xb1a229c024f483f3L,0x141a47114139f5c5L,
-        0x4449f744e2a1f981L,0x1450ba3101c7860aL,0x5b968d93857f6d90L,
-        0x63ac13fa1646bbaaL,0xb43e9791d771bff6L,0x0000000000000110L } },
-    /* 10 << 105 */
-    { { 0x105147eaa3ef560bL,0x4a60db0bdc1823adL,0xd8e3108b48c7d8d2L,
-        0x562883f0a2aa9b3aL,0x59413cccf07a672cL,0x8d5b9b0ad952cc65L,
-        0xc63448bef4ec1122L,0x82790e4d35ea3ffcL,0x000000000000003bL },
-      { 0xb50f1a1a88531051L,0x5529d01f18f9cd8cL,0x57f285f266427c66L,
-        0xc98f9e0abe17e614L,0xa773fa6e3bd58a1cL,0x8598347086cfbc69L,
-        0x54cba22bdac04edeL,0x847b94b086e3311eL,0x000000000000015bL } },
-    /* 11 << 105 */
-    { { 0x1d61cce6ad9b2624L,0xc78885f8427ab78dL,0xd59f99b14857d152L,
-        0x3346b89ca5824a84L,0x8430b19997613060L,0xf59e15a866033997L,
-        0xbc442c8ea4ba1ed0L,0xb74f9fca46645f9cL,0x000000000000010fL },
-      { 0xe65a7edb5a48ff11L,0x145010e14866254fL,0x041641c5b4e7b068L,
-        0x54f8ae8efeb7efdaL,0x506d0109d08412eaL,0x4aed71b9d1b1a35eL,
-        0xfcdcf29c36c821e5L,0xc9b518d3da012ad9L,0x000000000000015aL } },
-    /* 12 << 105 */
-    { { 0x2dc395a5556d2be5L,0xd27a811d2fe83cf2L,0x915fbe80e070e5d3L,
-        0xc3e38ef0c80a61afL,0xc1b529f6b988671fL,0x74b7fce60412de40L,
-        0x8ff8c2c5a6ec7d2aL,0x7d3093d743346692L,0x0000000000000032L },
-      { 0x6d6fd108ef669f24L,0xdb66a863e60d43d3L,0x2cdb23a2da77cc60L,
-        0x6baec01bd73a2bbfL,0x4ad344c27d5fe4c5L,0xd6cf895c9f1df645L,
-        0x9cabb9379501481dL,0x3f57061a600abd58L,0x0000000000000042L } },
-    /* 13 << 105 */
-    { { 0x9c26b76ab37d43cfL,0x4ff11777927c55b2L,0x585193b49f3f5d94L,
-        0x3d85adc371de2d3fL,0x76d195fa70a2a2beL,0xc91acdf60f514a93L,
-        0x921b5a28d78a46abL,0xe46c201728239dc2L,0x00000000000000e4L },
-      { 0x6d7969d8d3531ba7L,0xf409eb62ecfbe5eeL,0xb31fe091d2c08a17L,
-        0x250b1f2efecaa70fL,0xfc73982e66500ad3L,0x4dac9fd1ffab2445L,
-        0x507eaccaa3931986L,0x83eb25409bbe5225L,0x0000000000000105L } },
-    /* 14 << 105 */
-    { { 0xb9e3b8bb17a515bdL,0xf8d68dd2d396d767L,0x7de89508decadc2aL,
-        0x9831907c75695a61L,0x4c5f2cc7a3b7d429L,0xcea07ffc4ee09e20L,
-        0x309f2c3fef0d7f4aL,0x3227ec7f9643a1feL,0x00000000000001dcL },
-      { 0xf8cd3e8373ee6524L,0x5570129e98f4749eL,0xc8a020dfd9f271b3L,
-        0x0ab6677db2fbafd9L,0x0a0168838b084241L,0x466644d787d85db5L,
-        0x3d631143fb15dbe1L,0x698e8237c6afa7c0L,0x00000000000000a0L } },
-    /* 15 << 105 */
-    { { 0xfb9c0840bf144a2fL,0x1fddb4d78eea78b8L,0xcd5da1617a68c123L,
-        0x57bac9f5ce110d74L,0xbc329c6f726a02baL,0xf2e4e02404b8b550L,
-        0x88018b6a9f558689L,0xd1eb211aa0192931L,0x0000000000000066L },
-      { 0x5501bc7802a25d57L,0x5eabb394b7c28b33L,0x4a322d1b7fbda862L,
-        0x67f3f67e6314f639L,0x06e2768557f63f41L,0x2d1fa432b4657646L,
-        0x0338960d3950136dL,0xaa94f24fd48716a5L,0x0000000000000188L } },
-    /* 16 << 105 */
-    { { 0x80d935b163b7a2ccL,0x3315375ed6dc2acdL,0x400bb7948b895a51L,
-        0x35962ff9b28f625aL,0xd75e5cd7ef66bec1L,0x3bea41715157464bL,
-        0xf372e7c8605c7eb3L,0x3741fbf0e3301a57L,0x00000000000000bfL },
-      { 0xa5388110d0c6184bL,0xcaf6355ef89ed74aL,0x4e170981fa93c1eaL,
-        0xea60089b0dd9b47fL,0xa27efd8b3b9cda73L,0x5852497b5ee68672L,
-        0x60f0dd9c45bac304L,0xf444a8f03048cd59L,0x00000000000000baL } },
-    /* 17 << 105 */
-    { { 0x95f255bb5c07340dL,0xf8de4c0b69160158L,0x234d0988543e6e26L,
-        0x728fe0b5fdbbdcdaL,0x28415205dc5479d1L,0x0d10dabb4737ebe0L,
-        0xe66b187c8bcd92a4L,0x7c1384f8268d40e2L,0x00000000000001b5L },
-      { 0x8f6f9b23c6f33f05L,0x84188aaa402cf04dL,0x0c34d78fd3d3cb54L,
-        0x99b6220be5a78cdbL,0xca0404e0f3f4a122L,0x3e0f1a94d9b7dbc7L,
-        0x69544dcc1e434d32L,0x3c5e1f066cf599e2L,0x00000000000001a5L } },
-    /* 18 << 105 */
-    { { 0xd5c3ba5d9b7426e2L,0xbf007ff534f50a36L,0x1f35505edd9b1ae0L,
-        0x4207411bf1170c6dL,0xa092286e1fa9f8c2L,0x8561f6d09aa935faL,
-        0x25f6a210887aa36eL,0x1326468d916cf990L,0x000000000000014aL },
-      { 0xc5b4aec75f4c5f97L,0x19078493fd51578bL,0xcce5c1b5d27f947eL,
-        0x555a000791d55544L,0x673149265ee062edL,0xc2e2b9bb30473d65L,
-        0x84a0705f0c4f654cL,0x2e7ddefcb53d901dL,0x00000000000000cbL } },
-    /* 19 << 105 */
-    { { 0xad0f207da13d6874L,0xaeef4cf48cb34cc1L,0x9d7d25e0cda81d1cL,
-        0xe8c11d3a47b69696L,0xdcacc0c193463587L,0x8da07ec922a666bfL,
-        0x586f6831dd7d59bcL,0x98e125d5a4e67363L,0x000000000000015dL },
-      { 0x0f9878144fc1e663L,0x739c449ae54e65abL,0xc2f151cddacb89f8L,
-        0x54c9468cfda8de8bL,0xfe379ed859e9db53L,0xe53c1246de0d711eL,
-        0xc72d6669b716288dL,0xd98eb6947ff434b8L,0x0000000000000197L } },
-    /* 20 << 105 */
-    { { 0xd8828453ba55c50eL,0xfba129a6011f25cfL,0x92b111d214212513L,
-        0x606c4cac10dc46bdL,0xa2bdb94ec971ab1aL,0xef64fc272ed13cfbL,
-        0x4e6abf3b6d95da9cL,0x893ad58b6db4e176L,0x0000000000000093L },
-      { 0x8aae0314242e9cd4L,0x7d6d2214e64a78e2L,0x03a80376d3b2f48aL,
-        0xdd43f77b18e8cac0L,0xf140eb83098210f5L,0x0a31f295b84aa3f7L,
-        0xdc0dce3edf6e0c08L,0x69d9d0ad1f6094c0L,0x000000000000016eL } },
-    /* 21 << 105 */
-    { { 0xed2e0249efb97167L,0xb89824df19f6e8d9L,0xe23ede3948475753L,
-        0x70604a1063c1dad0L,0x722e21c1ccd7cad5L,0x6df0e5f2a10d5e50L,
-        0x61ca16329aa48e17L,0xe65eba88f9569945L,0x0000000000000023L },
-      { 0x70f4a192cb5b92ebL,0x2b9a208a8900f126L,0x76409cc9f97972eaL,
-        0xf41dcf4ff70e601cL,0x2650a3476f181642L,0xfb733417318b0fe1L,
-        0xc6b04e56b5a047eeL,0xca664142806a09c4L,0x000000000000002cL } },
-    /* 22 << 105 */
-    { { 0x1ac10389b68f339fL,0x91b38759ed194f5eL,0x3914798fba6b7970L,
-        0xf3539fa888adc703L,0xafe49a1323a1eb1cL,0x07391e320e9a2944L,
-        0xfe950d80c196e2e6L,0x757a6aec3d5aad1eL,0x00000000000000bcL },
-      { 0x21f49f512bc1cf8cL,0xdb4a00d39672f74dL,0x1c85164cb58d71b2L,
-        0x8dec2f612cd5ed70L,0x88bf4b050eed1979L,0x33896b492dbd7dd1L,
-        0x0524e9cf77fa12f2L,0x42e60f7f839d35a8L,0x0000000000000029L } },
-    /* 23 << 105 */
-    { { 0x491564d68731bfb8L,0xe89203481128cfb4L,0x0026a96d348cd681L,
-        0x58193c9ea0af729fL,0xa3e1089947a22bb8L,0x074a8f92dcd1bfa7L,
-        0x45cbe7b054946516L,0xfea57561cd7b02f6L,0x0000000000000069L },
-      { 0xb19a61bc10b93767L,0x2866d9cd9dcdb1b4L,0x8f540d9d3b401ae1L,
-        0x196d3843ed89cc1bL,0xfaa6336ea19e3aadL,0x1132d0261b294d32L,
-        0x9aff85ed6a0b975aL,0x11e2111302584ad0L,0x000000000000003fL } },
-    /* 24 << 105 */
-    { { 0xcacf976d657d30afL,0x8d99f439e599602eL,0x89b7ba5142c60609L,
-        0xbe1fd86127695726L,0xd1fe4929cf48052eL,0x785c994775a3938aL,
-        0x89c0d82562f5496fL,0xcf585a3f24237d10L,0x00000000000000eaL },
-      { 0x3d2d602df48c877eL,0x56732dbcf094b87eL,0x5603dd5c4c825b63L,
-        0x41a7454849d45408L,0x573734f5ddfc690bL,0x5fa016412c2993aaL,
-        0x1bd91fcaaadfe3cdL,0x3cd67d47be83c452L,0x00000000000001d2L } },
-    /* 25 << 105 */
-    { { 0x1003b83b3cc92301L,0xf5e76d65f8f493d0L,0x2ce44912fd07df7aL,
-        0xb2781226fa8fc5caL,0xc1188930371bb7b0L,0xd903037daecaa2f6L,
-        0xb5a0c7b572ffff20L,0x250bc26809e28877L,0x00000000000000daL },
-      { 0x51246eff1d835cf8L,0xca86aff7e2aa17cfL,0x4a286343ed95465cL,
-        0x761b330a2e0ec7c4L,0xcec609e70e238a29L,0xaf57e17f2ded7b72L,
-        0x783fee52dd97a8e7L,0x9e70a6bac9b0e6e1L,0x0000000000000148L } },
-    /* 26 << 105 */
-    { { 0x9ba159e917acbbacL,0x21d2cd40b3b2d4f8L,0x19d30414cf0c0962L,
-        0xea38bfa1e46a922fL,0xbe6961f2463d079cL,0x811dff90c6bf5348L,
-        0xd96c494b785c3396L,0xf3ad523ddcd944e8L,0x0000000000000066L },
-      { 0x634d8e7d206d05a8L,0x15b16c22a1324639L,0x16b8add8e59be967L,
-        0xfeae166da509f7ccL,0xb9c7e3979f5a873cL,0x7bc71c573ef93a82L,
-        0x6b70e12d6115406eL,0xe22f4254de6bab3cL,0x00000000000000adL } },
-    /* 27 << 105 */
-    { { 0x7552422040c553faL,0x8b57e7c008e5d334L,0x69dc672bb0576f54L,
-        0x93f4183b389374d2L,0xb75b0d40cc422c64L,0xb44b0e56287a6c2dL,
-        0x6409c0e89c25d3baL,0x02c259d8c06b946bL,0x0000000000000089L },
-      { 0x84719a851b45cccfL,0xca07d64720613663L,0x04055dbca18c0ce1L,
-        0x2769ca934c88632aL,0xebd3eba9ae212295L,0xbbcca701d7d19150L,
-        0x7890908d5520d207L,0xbe9223c03918f231L,0x000000000000001dL } },
-    /* 28 << 105 */
-    { { 0x7681afca91957c78L,0xd0e5379bf37ff077L,0xf5d60a4494adc198L,
-        0xdf6fd776d87fe24aL,0xe361851fd13e39d8L,0x2513ccb0576ba50cL,
-        0xfa50610afb934e52L,0xbeb4cabb8dfdc65eL,0x00000000000001b5L },
-      { 0x578b16474b080c52L,0x5c27918e45a7bf77L,0x8eb701fd5007f0c5L,
-        0x98bbf9989230a8a8L,0x82cf1074790f53d9L,0xff6b6226a375084bL,
-        0x09a928db2eb7289aL,0xc28d4dacfe5e2315L,0x000000000000011aL } },
-    /* 29 << 105 */
-    { { 0x31bc319cc98a9c37L,0xa0bb2283a3984dbcL,0x3f301a6b54cd9423L,
-        0xac47b1b806b84615L,0x26450a5582d1dbffL,0x1d5657363a97de2aL,
-        0x47aed4ea512c76a2L,0x7ccd33197fd528d3L,0x0000000000000055L },
-      { 0x2164253f5696d45dL,0x5e0bf77bb4f480d6L,0x1abf68e6540a1dfdL,
-        0x17538afb9e1e823bL,0xa0f9656e310ac00aL,0xead8fe6396b4c493L,
-        0xbb21e9ed4430ccc4L,0xe750b446f8db037dL,0x000000000000014fL } },
-    /* 30 << 105 */
-    { { 0xfba9eb2d3cec0762L,0xa9fcc5c16e39d300L,0x49efec4e5d9d4024L,
-        0xf0de3c99a14df0e5L,0xf1a1eda4cd197e7cL,0x23c79138c8fa57dfL,
-        0xfa27666efaf7ab50L,0x88c563d41b17e0b9L,0x0000000000000103L },
-      { 0x354d24b33bec9b99L,0xa6f3879ea3b30a27L,0xad3cbf31c4a341d3L,
-        0xc39733b81873136bL,0xb0e58f73d36a0e8eL,0x6de55e1efb08244fL,
-        0x921fe1304a5d4a2fL,0x2ab1ca90c634beb7L,0x0000000000000176L } },
-    /* 31 << 105 */
-    { { 0x07c0f5899a41407aL,0x9c8bf2b39bbbd8e9L,0xa5b4bcf8e513a7dbL,
-        0x85e61af7f2979de9L,0xf4ccbb625ca009daL,0x41d81be066ef1639L,
-        0xc7870e2a74a14becL,0xd0817703e04c1567L,0x000000000000000fL },
-      { 0x2be84421f2970915L,0x59794c74f26c5082L,0x8883a0bbf491677cL,
-        0xcdcb38a31f01db0bL,0x7ba2101e6fba9ddfL,0x9228e0674b0b0f97L,
-        0x0000e6124d5c084cL,0xe7be273d6bd21734L,0x000000000000016cL } },
-    /* 32 << 105 */
-    { { 0xd15ea6b41f8670abL,0x1957a0f1199b1007L,0x113aff43e3efadc2L,
-        0x07c606090fdc6abfL,0x93e7ba310bb0014bL,0x0f6b7e135d34945fL,
-        0x2303a74aa9f86051L,0x6c9fc83a312cf1b2L,0x000000000000017bL },
-      { 0x5588cca5e501aaa7L,0xef0d3bc16e7ac7bfL,0xbffcd55147339a1aL,
-        0xf83b4cb8c36eaf74L,0xa4e70ee39ed93d5fL,0x0972ac415c249069L,
-        0x2e9968feca09bde3L,0x1b5b37298c5aec39L,0x00000000000000c5L } },
-    /* 33 << 105 */
-    { { 0xacc96c98b769fd56L,0x86d507327dae0910L,0xa1dd43651386165eL,
-        0x38e6d2a3f3213894L,0x890e1328f8b379aeL,0xa6200559306788d4L,
-        0xf88c4751a7def4f1L,0x6975c2db70bc1914L,0x0000000000000100L },
-      { 0xa8f2f1c9b892640cL,0x5b1ed01e21f7b44bL,0x13ff919bbacaffcbL,
-        0x76bae5427271c130L,0xf6daeb9faf5a9725L,0x9da7b38033ec07e8L,
-        0xa5cf0ef503585e6cL,0xf79529ffe6ef4b51L,0x00000000000001a1L } },
-    /* 34 << 105 */
-    { { 0x1f7b4389bdeef89eL,0x6789ffd1066ce776L,0x671ae6869d25dc8aL,
-        0x6e4eaae92a888ac7L,0x232dbd9f46a4af36L,0xbb17127ac6fea211L,
-        0xe34ac986ff807938L,0x0222d0b4132b4057L,0x00000000000001cfL },
-      { 0xf1511b8e8217c466L,0x04a4581414fdd478L,0x49147df5a79487d8L,
-        0x9bd381fa23c6e0fdL,0xd91d805a9f74cf82L,0x0ab490b37a8b86c7L,
-        0x090cf1b26d582a67L,0xc64ddf5627fa5841L,0x00000000000001c6L } },
-    /* 35 << 105 */
-    { { 0x3bdf7a2ad1814226L,0x07c5dfc8f027968dL,0x4bb29e991211439dL,
-        0xf7c1b4f71caf12c0L,0xd7b807fb79f9fde7L,0x938bf15f5fb1dd69L,
-        0x073eebfd1780e837L,0x642b138cb0faac2bL,0x0000000000000168L },
-      { 0x56b0d340082b362fL,0x0bfe8f67f85cc2dcL,0x50c288955c32b783L,
-        0x1e53f45c7b898114L,0x71b9ae7056cc9e6cL,0x56b5107c72099c86L,
-        0x63311d09311f3509L,0x78acea51d6a5f3d0L,0x000000000000005dL } },
-    /* 36 << 105 */
-    { { 0xc2089b19fcc9c03eL,0x089cb861b3c3b222L,0xc98b822e1ce7d1e5L,
-        0x3dabb2044977f564L,0x227cb87d5ea70d29L,0xdcafc8a47069304cL,
-        0x20d80ad6802b1253L,0xca26c7426b904cd6L,0x00000000000001b3L },
-      { 0xb9ce07cead8419aeL,0xa9b14ff2a9544909L,0xfd3d940bb7a73089L,
-        0x5fc97e71d3d01c28L,0x84eadd2847850cf8L,0xb54183bb27f823aaL,
-        0x557fd65129af6bf0L,0x180b581acc18b8a8L,0x00000000000001f4L } },
-    /* 37 << 105 */
-    { { 0x7a4cba6bb978f541L,0x3e6f49205343823bL,0x2bbd7ba217fbe204L,
-        0x4026c8212de816d0L,0xc3b60a1a0e9b6bf8L,0x9ed6b7df684e996dL,
-        0xf50e40abe73868b2L,0x10b2f15cc492b090L,0x00000000000000daL },
-      { 0x221216615aab5f3eL,0x8e9e9c682529ac88L,0x12a17b7723cdd031L,
-        0xef53fa6250d3b5ecL,0x2d09807c8fad5c6dL,0xc40e0cf6487138ddL,
-        0x52d5db3b323038f1L,0x1425a7359d09f1aaL,0x000000000000019eL } },
-    /* 38 << 105 */
-    { { 0x59fed1c491a11ed8L,0xfe263c0a3180d98dL,0xdcdc10e42d368fcaL,
-        0xaa2f0a1bef1e9926L,0x768984895745f2e5L,0x48830803112ada7dL,
-        0x4c63137696c9e854L,0xc0e129f08250e11dL,0x0000000000000191L },
-      { 0x457dd4a21e6bf787L,0xecd443ca026b528dL,0x4a02a60ad84d6716L,
-        0x5a2a31fee3f215d7L,0x05c6ea2ef4789397L,0x78bb4bc49df48571L,
-        0xbd322028c263a45aL,0x57bc9ae162fc82e6L,0x0000000000000131L } },
-    /* 39 << 105 */
-    { { 0xa51538ca93f73b65L,0xa209bc3c23ecb9fbL,0x5f4b4dbe6590de4cL,
-        0x410efe51eba978b2L,0x2c2cab5d0159bea6L,0x506278d2a9e69f90L,
-        0xcad07d66b89db270L,0x5b59625e22847a48L,0x00000000000000abL },
-      { 0x4c305e6bb8cea678L,0x5842bcd09909f9a3L,0x53a5a114477599b2L,
-        0xc7c5a7e8a735de6aL,0xec49f912c9df0d78L,0x794e2c2d3be4756bL,
-        0xdb7b920d68824272L,0x3c4823e0e7d2549fL,0x0000000000000156L } },
-    /* 40 << 105 */
-    { { 0x8ff38aa4093edcb7L,0xc3c6b459e8f5564fL,0x613e5157b8935ffcL,
-        0x1eba7a2ae10e448eL,0xcf8d70c9fc31845bL,0xe1e4d5bb77f5a42dL,
-        0xe61bc59edd07816dL,0xa0928cb3e85fabbeL,0x00000000000000c4L },
-      { 0x12e7717eacc0393dL,0xca036b26540be4cbL,0x4f59050e36dcf32fL,
-        0xdd2e7ff9234b425dL,0xbd17895136b8d833L,0x132d27fef989d479L,
-        0xc2049ea7ba09ef6dL,0xb526a9b5c83a3b7cL,0x0000000000000157L } },
-    /* 41 << 105 */
-    { { 0x06a4efb20228649cL,0xdffc2bcda7942aedL,0xcf2e51715b4eb8e0L,
-        0x399bb5320052238eL,0xbc53cb0c46e3f1d6L,0xa020f3e430a71ec3L,
-        0x340c96716ae10068L,0x0bcd58b7dc04715bL,0x00000000000000f7L },
-      { 0x87deb87d8f9d8244L,0xc510965fb14747edL,0x5e084f544fa3df33L,
-        0xdf3d534d10cd6916L,0x15345bf7a9379b76L,0xa6d306f97dedac05L,
-        0x18243b39dd131822L,0x12fad40f9d9eee60L,0x00000000000001d4L } },
-    /* 42 << 105 */
-    { { 0xe47e92bfdad2a018L,0x7169fc3557faecabL,0x824b95d921861e70L,
-        0x3691cc6191077fa6L,0x39b9bee4de1dab77L,0x3166f0042a4c87b1L,
-        0x6279470b574cb51fL,0x0fd510aa9eac155eL,0x0000000000000040L },
-      { 0xbe71e07d80d4bb34L,0xf09f4e405a9bdb09L,0x7045942d1a249979L,
-        0x603c2c25ed241724L,0xa6fa617216c91e0fL,0x9fa0a49fce6e8b62L,
-        0x9767b1486cd9fcd8L,0x223901649b1d52e6L,0x00000000000000c5L } },
-    /* 43 << 105 */
-    { { 0x2ef5152be65ed57bL,0x7cc90f473bb1fd66L,0x98f6873244e66f0cL,
-        0xa3447ae327bd8ce1L,0x324c3ac08f22eaccL,0x838a435f0397222dL,
-        0xc63bee579b0ecdb1L,0xd0bc1d6a9d2d789eL,0x0000000000000015L },
-      { 0x1c6f47cf4202af3aL,0xe847a6104c99a557L,0x9cd3807e4b94f1f3L,
-        0x703f916b8a2806c1L,0x8fb83be08cdede77L,0xb07b30bcc62bf497L,
-        0x90f4da36187ed83dL,0x035fd29aed3131adL,0x0000000000000157L } },
-    /* 44 << 105 */
-    { { 0xb259c83324eedf44L,0x2037b6fb73545c4dL,0xe126c4834c157523L,
-        0xf80292adb36b003fL,0x4ae3fcd9772a9a08L,0x424a61f919be1da2L,
-        0x2e2b901d8026443fL,0x879864f1dd59dc90L,0x00000000000000d9L },
-      { 0x4b838953b15eac94L,0x0c5fb88ce1a57ca6L,0x9a09e28ada88728dL,
-        0xa80a4a9b6853a1deL,0x46a596bff0e07484L,0x6511ec6e7b61760bL,
-        0xd2f6b328571859f8L,0x5e872f813cbfbf41L,0x000000000000018cL } },
-    /* 45 << 105 */
-    { { 0x3011bebc26674da8L,0x667107b215be6300L,0x0c1b7f26f8a583b2L,
-        0xa10eba84d1d1ee29L,0xd03a1e2d00f8d4c1L,0x20d5861341f576b4L,
-        0xae64da886806cd41L,0x75f1394a49176ef4L,0x000000000000012bL },
-      { 0x5e06e1f20154a8b3L,0x8c54c4c780905a09L,0xed75aad004b741beL,
-        0xc7be78f5779f5177L,0x1976c894ae9becfdL,0x20b11c80c14943e9L,
-        0x6155f1fdebe9faabL,0xbba7d4a7a2d16b16L,0x0000000000000015L } },
-    /* 46 << 105 */
-    { { 0xc96ff6be3e035793L,0x8883f0151793d415L,0xc4f3ef64d04363edL,
-        0x93a75f7f73f1283bL,0x9614a3999f7ba92cL,0x061bd7e241b95c66L,
-        0x887792ff1c2276a0L,0xa80706d28ef5b98aL,0x0000000000000063L },
-      { 0x2d7720a8b322dfefL,0x7623a0674dcabd9eL,0xc6936cd944e66fadL,
-        0x9841e95ee16d312aL,0xe3e195b9eb94fa29L,0xf3edafaa2c284fd7L,
-        0x7aeee8c08211a418L,0xebec3d3fb6305911L,0x00000000000000ffL } },
-    /* 47 << 105 */
-    { { 0xba2c92f5f2b0af81L,0x0d64e1ce1aae3f08L,0xa1f9d651cc19d12bL,
-        0xc6f6a4bb78a15858L,0x12f3f8828d55e390L,0xb2791f72dc4b6dcdL,
-        0xf51d8c9b758a15d5L,0x0f712d967cb6c682L,0x00000000000000aaL },
-      { 0x42b424f386a49713L,0x63664f53b65c98caL,0x09fa6b470cee5673L,
-        0x066107f5de3c1fedL,0x0797ca8db363b845L,0xe5df7026114d2e2dL,
-        0xf827b59cf67fd6bdL,0x657c8f1421876f0bL,0x0000000000000112L } },
-    /* 48 << 105 */
-    { { 0x68a3040e09eb3233L,0x0a44434506fa4864L,0x579edeff83af8af8L,
-        0xd619358709f49bafL,0x4597975c33f9ee19L,0x5318a888cb85cb9aL,
-        0x6366031f423ff919L,0x32fa03eef3ef6e44L,0x0000000000000072L },
-      { 0xadc2b71b8fe0bdc4L,0xa4b86022245354c6L,0xbd96981bed7a1ca8L,
-        0xaaf0bf088d27b9f8L,0xcb56e8f255ef3926L,0xee69ee6af868426eL,
-        0x04146106114f6b0cL,0x5bd940000b8d34dbL,0x0000000000000154L } },
-    /* 49 << 105 */
-    { { 0xbb9ce2cd216785d7L,0x6542eac454fec1d6L,0x26fad4f1cd6bc203L,
-        0xd35862595dbdc5edL,0x9549ea9fae3698bfL,0x8c354042fe0d57b9L,
-        0x9548e67f2676cd04L,0x059aec2b22edf4dfL,0x00000000000000cbL },
-      { 0x21fe898ad316063eL,0x78930f796d38b86bL,0x72064b45d1154023L,
-        0x3184619fc2fe7c4bL,0x9e47fa4ed2cc3286L,0x99484c69731d0886L,
-        0xa10f25480273326dL,0x84c2f78729efc551L,0x0000000000000133L } },
-    /* 50 << 105 */
-    { { 0xc677d129f82dd083L,0x8a9a603584a35d1fL,0xa0e725f2f7707c51L,
-        0x0e67f36673314f89L,0x5ae78b3962c79980L,0x57e1ea302a48db75L,
-        0x1c77997bc8cb73f3L,0x69c6ee32c1a61b9fL,0x000000000000019aL },
-      { 0x53abe39156756339L,0xeb1cdabe4edc4cd8L,0x15f70954026801e1L,
-        0x9295a5207fe8de52L,0xb6eda43869a0fb2eL,0xd9e6e518510522afL,
-        0x121fd3cf4e8e7655L,0x0b587ad6ddc0367aL,0x000000000000000cL } },
-    /* 51 << 105 */
-    { { 0x1c0ee685d50f1534L,0x9abb1c5827e3c974L,0xdc73da165ae04b81L,
-        0x0bc4a178fc2d401aL,0xd5c269e4ba33ef71L,0xf858a1fc996faa33L,
-        0x859915cd45b85f00L,0x7c507b4238b33ae3L,0x00000000000001f1L },
-      { 0xbde761b6490593a4L,0x388f79d436f6b62eL,0x6129b78b1b33fc5bL,
-        0x04a3b9f5b8eafc22L,0x4a718e577eab0b39L,0x14ea35580398ea2fL,
-        0xd737bd1bfca0213eL,0x34c27b9174332a05L,0x0000000000000185L } },
-    /* 52 << 105 */
-    { { 0x84ace35ba08df37aL,0x8f2e690a3ece9e6eL,0xe2649ed7bd6ed0cdL,
-        0xc2618e7d5b70fbb4L,0x3f072e8727f675dfL,0xfa17717f88590abbL,
-        0x6aa5119dc257a2b9L,0x016cbe362f48d5c6L,0x00000000000000ecL },
-      { 0xf7d3a01b29117b53L,0x3e544e8558d4d8f2L,0x63bf0dc8bba83f7cL,
-        0x341d35ac60f1bfacL,0x84e37ee48ea4bbc4L,0x981744d7192d6dc4L,
-        0x7b559536ca34c6e6L,0xf32ddf2b067ad38aL,0x00000000000001d6L } },
-    /* 53 << 105 */
-    { { 0xecf882c7ecfed198L,0xbe88ee265c47e839L,0x6c267c95a60cc381L,
-        0x285d1e767ffdbff6L,0xee34af6f6e349fd3L,0xa331769599f4ea4eL,
-        0x5f87359375d39105L,0x3559f31e8c9de520L,0x00000000000001fbL },
-      { 0x61d45de2d0a8892eL,0xbbe42953bd8a2c6cL,0x7792057fe3e3ec8dL,
-        0xd040df71566078d8L,0x8852496ad470a52eL,0x4b6b08597ebff173L,
-        0x1195102db36b2801L,0xeb28646305df9bc3L,0x00000000000001e5L } },
-    /* 54 << 105 */
-    { { 0x6e8ef1e946b46e28L,0x7cfd8d1f86249c66L,0xa8f6559d7a5aa3bbL,
-        0x2bee79a6f7abc1b4L,0xc8286725b48f60e7L,0x2b883127f717fbddL,
-        0x7ed12c1e2d4ef9e3L,0xfc910265e008750eL,0x0000000000000024L },
-      { 0x56569b61212f5d32L,0x97ddd0d69d4ab1c5L,0x639c33f149ee1f05L,
-        0x97d1ba29b2886916L,0xef869ff04b553ea9L,0xaf504911b88cbafeL,
-        0x524feccab9efa22fL,0xfa15902b321d6755L,0x000000000000014eL } },
-    /* 55 << 105 */
-    { { 0xdac797ffc2df83f0L,0xca75939070f59d50L,0xc53a3b9d8dae80d1L,
-        0x4ee2534321d73857L,0xd458295ea7ae4212L,0x5b29d98f30385f03L,
-        0xda3843b910deef6bL,0xd148ab67448387b3L,0x000000000000009fL },
-      { 0x68ca489bfa10caadL,0xbaf2095ba1ccac6aL,0xcf4d1eac05a5bc7eL,
-        0x67866117ff5f28e5L,0x62d6cf59182d4a00L,0x96353d36ae15e91cL,
-        0xf5b32693175f7fd0L,0xa160046d521eaa66L,0x00000000000000f4L } },
-    /* 56 << 105 */
-    { { 0xfe88213a38540b67L,0x16613cada30b9044L,0xb06dce427861d61fL,
-        0xfb5c9ffde2b9cbe1L,0xae4af79ba5ae6125L,0x56e69b5a3ff351aeL,
-        0x68de3b3f31df9832L,0x8d2c2960fa3fc1cbL,0x00000000000000ceL },
-      { 0x979c3dd49fd40f91L,0xca979b58b5640389L,0x855dd28e836ea10cL,
-        0xbf40ee0e17f1cc25L,0xe02bbb2f5fd556ccL,0x6aadb11005f32f3dL,
-        0x26bf5c119366213dL,0xc15f02c49a1ca27aL,0x00000000000001b0L } },
-    /* 57 << 105 */
-    { { 0xc2cf8600f06edb9bL,0x74745d77824ec696L,0x2a502a21bce3ad49L,
-        0x0e2fac9ccc8c2f94L,0xb6c43b6ab26006bbL,0xf76dbb35c74f3d21L,
-        0x3559f25ed6920ba5L,0x0203fe602af91aa6L,0x000000000000016eL },
-      { 0xa1ee163458415056L,0x49c48a0274df3e92L,0x8a871514959f3e11L,
-        0x2a50833460c01400L,0x06ab882ff3c1f3f9L,0x788fd2f2f3f8a3b2L,
-        0x8d9f63abe5d2052fL,0x6f9136c2baebe4e6L,0x0000000000000102L } },
-    /* 58 << 105 */
-    { { 0xad4aeaece0792955L,0xc662f8dc6c8cf64bL,0xf96c715cccf91d5eL,
-        0x798040378fbd7f45L,0xf0f3ddf401cb31dbL,0x0448603b334e8ec7L,
-        0x1c9e8c7be737fc3cL,0xa9fdbafdff78b864L,0x0000000000000112L },
-      { 0xd2c6c2de72547858L,0x82dd7a88ff8f4f45L,0x55db641e9eab2f08L,
-        0x7243199dd73bcc8eL,0x55e708b46a907e32L,0x361af050db188207L,
-        0x4e21c1e461f3c0edL,0x948142fe7cd3c766L,0x000000000000013cL } },
-    /* 59 << 105 */
-    { { 0xf937b0e53e950ff0L,0x6e24b4e5de551199L,0x9190ae60d524b733L,
-        0x23890323e070cdbfL,0x3b61f098514e259cL,0x63091050729f0e0aL,
-        0x74ce4e07d2ded515L,0xec98c9a7417d44baL,0x000000000000012fL },
-      { 0x3ada2c8f63dc0f50L,0xe80a5a8ce2593386L,0xa39d716914c9dcbbL,
-        0x084c3faf0c4fdcd8L,0x8833788bc79dcb54L,0x852a9f9b6aaccf73L,
-        0xbe2be436ab0ef855L,0x8e522348aebf47baL,0x0000000000000147L } },
-    /* 60 << 105 */
-    { { 0x413a5117a2262a1cL,0x29c97c05795db169L,0xa03d9861d7ca7976L,
-        0x8428c9aa730d1caeL,0xe2922ccf6fb7d613L,0xb8a33ca521533014L,
-        0xf8c059a418266bd3L,0xbc7db2234ebc4a35L,0x0000000000000007L },
-      { 0x6fce14a2f2d17d69L,0x91920c6844b28892L,0x9066e8d13c3cdef6L,
-        0xf90115f8d5c6e3fcL,0x39f91f2fe9ce6701L,0x5ad4bcb4a1f30378L,
-        0xc6b0e8f1aa92e892L,0xf2ab25c70c0ef133L,0x0000000000000036L } },
-    /* 61 << 105 */
-    { { 0xd256b02a6cb68a4cL,0x2b16306d2ee6b938L,0x4886fd97cad8da2cL,
-        0x9a5accad3825c96aL,0x772d7b13cfe2cae3L,0xe16361a620e8843eL,
-        0x32473b0333448c28L,0xf1a37e18be23247cL,0x0000000000000040L },
-      { 0x63ebc83fb66042daL,0x583f691176c07055L,0x4f7630ae6a3fbd5fL,
-        0xb785702efb0af367L,0xb7c837a554d558ccL,0xdbf9820a000c0c3fL,
-        0x32b10b9d6233b57aL,0xc811d02fd02a7cc8L,0x0000000000000179L } },
-    /* 62 << 105 */
-    { { 0xf67675f773b899a6L,0xae60c0d9aaf10a99L,0x1090ce72648df5b4L,
-        0xe325ffed3b186a86L,0x403f48e80c01ed9cL,0xf7453a5696c2e25cL,
-        0x5151f743bd8e41e6L,0x76cac7110aecca2bL,0x0000000000000147L },
-      { 0x5c51bf550e29a85eL,0x6c7fc654143718f3L,0x8bd8eebdb31a4a9cL,
-        0x852d2032b22e7b3eL,0xf6cd67263b6c1296L,0x8f10ff0f4ca1aa08L,
-        0x7ec8838028830ef4L,0x765904f339ee7926L,0x00000000000001c9L } },
-    /* 63 << 105 */
-    { { 0x2dde6e928637fd54L,0x0b87d325ba84f1feL,0xfc08553ab4af92e1L,
-        0x7dcf26d634d231aaL,0x94da1a1a6fab3060L,0x33fbca8958b11020L,
-        0xc68e11f0edc2b3bcL,0x21a56c3647f05ba9L,0x00000000000000deL },
-      { 0x9daf1e861bb9fa34L,0xcc4688c2d6e87d28L,0xd32c7df423e13585L,
-        0xb2b03cbacdd2746aL,0xc5c3af6b73eb2f89L,0x11fddbb38e2796fcL,
-        0x3212dc8e0fa04a64L,0xc6628b6fd92a5784L,0x00000000000001d7L } },
-    /* 64 << 105 */
-    { { 0x671757a6e2adfecbL,0x22eb6b422ba58ff0L,0x845ad5524e6e393aL,
-        0x3dc6f7cb60fb46a7L,0x9240526b0a84396fL,0x13c8f57c56152715L,
-        0xab02366c6c45e7a9L,0x6d4f07bead159399L,0x000000000000006eL },
-      { 0xf69fdd7f07f6e883L,0x946b2efb3f45aaa4L,0xc3390ff156806edaL,
-        0x22764fab21d28bc8L,0x363b41d10c20eb57L,0x7d693bb1f6e0fe71L,
-        0x5ba2e46a2816dfc1L,0x53c3d41ab0f7ee72L,0x000000000000012dL } },
-    /* 0 << 112 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 112 */
-    { { 0xc2d7eaa1c6884ce1L,0xd7b35c4f9faf6322L,0x8d1a1d85337ea884L,
-        0xbcc6a8090f946ebeL,0x45eab172754fb8d2L,0x1e0b251e91dbd926L,
-        0x4b61112afdce8503L,0x80737c4915fa4759L,0x000000000000000aL },
-      { 0x1973c88b40260e22L,0x83078cb7e48dca69L,0x4815d67fb199e3ebL,
-        0xf57bde1f7b4de5d3L,0x88a1ebb5e139dc10L,0x7c20e7c66689dd21L,
-        0x40cba34680884875L,0x5c82140239171e05L,0x0000000000000062L } },
-    /* 2 << 112 */
-    { { 0x922f12dd4e187fffL,0x5edc9b962faa9f8aL,0xb7c218f8c854c83dL,
-        0x3dfcbf3265052d62L,0xbd809261053d38c2L,0xf871b4be31d0c279L,
-        0x6db21156f30b4a34L,0xb50605148db71e6aL,0x00000000000000d9L },
-      { 0xa08ce4a86bedc91dL,0xdf89cac0a0bae827L,0xc035a514aa3f520fL,
-        0xd5e9631fda672398L,0x8a5c34867150a93dL,0xe176d6c30d1a66e5L,
-        0x1aebd73874a2379cL,0x42d11fe6279c3eb9L,0x0000000000000139L } },
-    /* 3 << 112 */
-    { { 0xf2937edecb4c6645L,0x1e8dda6d1b68f3aeL,0x25a8cbca5c45eae7L,
-        0x6f07c48eb1a328e4L,0x473a67acef4b3917L,0x5e4eeac1208c0836L,
-        0xca67351bec92f538L,0x34a8f9f8177cf537L,0x000000000000015aL },
-      { 0x7d7f6d7ab9a3216bL,0xa4ad0bab0ed36d7fL,0xd58507f3d4b646cdL,
-        0xbd275213a2950840L,0x00f031c076c25f08L,0x300e0a0c3f46258dL,
-        0x6ce16cd6a03dfbd7L,0x35e0211d40c879f4L,0x0000000000000001L } },
-    /* 4 << 112 */
-    { { 0xa033349762383e65L,0x4f94f82b681092c0L,0x583b450378a19ca7L,
-        0x81c69ed050e7ea14L,0xbde43e882042e0a5L,0x752a9d3e6a9f7938L,
-        0x865464d9af321417L,0x5bcc326fb5794804L,0x000000000000000aL },
-      { 0x7714afcab958f657L,0x3b927db46e725914L,0x9ef1925c7fd9a9d8L,
-        0xed13fdfdbe7e139eL,0x5b57aa066e80a43fL,0xc9c221be810f9412L,
-        0xe6536f3a04ec7d73L,0x77765db5db4d13e7L,0x000000000000019bL } },
-    /* 5 << 112 */
-    { { 0x21fe770f84924113L,0x2c5d06120ab300cbL,0xe1699e81ed6c7197L,
-        0xdec38f45f5948795L,0x79db54b83a48da6cL,0x95f9d633b3f3af61L,
-        0x3e4e733da772f809L,0x48dbe53a605e477fL,0x0000000000000142L },
-      { 0x5ab3454e86f2714fL,0x87d83de7939b3218L,0xb980fbc096d16ff0L,
-        0xba3cfaaddd96a283L,0xed41324416c3b69fL,0x57968830968c773eL,
-        0xf315b38ced4d4dfaL,0xa013acc5a24cfb0fL,0x00000000000000caL } },
-    /* 6 << 112 */
-    { { 0xd064803e24e3c650L,0xa90109303b9aec0eL,0x407b393219f6f56cL,
-        0x045d7e95d143be9bL,0x2933b6be47a9533bL,0x01b01ec62bc7f731L,
-        0x723abd9a043e4c5dL,0xcd8a1bfd25c4e8afL,0x0000000000000095L },
-      { 0xd719eded6d8a2f90L,0x08b7c6af8b5c2378L,0x027c6cb7c01df5dfL,
-        0x1c020ce0155cbce9L,0xc3aeed933deb94d9L,0x2cae43c7a6f7fee3L,
-        0x54637a4a7512ef37L,0x3b64366081582bd4L,0x00000000000001e8L } },
-    /* 7 << 112 */
-    { { 0xc6d7698f7e59dde8L,0xb1ab83ac08aab860L,0xe1972059c7fcac6bL,
-        0xde4446ae656119bdL,0x8dfbbedef9f8d976L,0xe3b8e6d2009be348L,
-        0xa8ead6ee974cb79fL,0x4a566503b7a415bfL,0x0000000000000002L },
-      { 0xd661701b24c0d839L,0x6a3200d111c338cbL,0x5016ba3237f3769bL,
-        0xf4396987a00f1d08L,0x16abf9062add49aeL,0x17dc53e804f3dbd4L,
-        0x9ee15f5354a44690L,0xaaa77f7ea27e4c96L,0x00000000000000bfL } },
-    /* 8 << 112 */
-    { { 0x86dd8f04def62f7aL,0x42cd01b9cc9e5065L,0xd50b855643275c45L,
-        0x404e04a59814155eL,0xf7e62f98266b665eL,0xd68e806e86eedc55L,
-        0xb23e4bf34332001bL,0xe0b405b2366d78c2L,0x0000000000000150L },
-      { 0x6e4c1160d49d6c3bL,0x10c209647ce72d17L,0x0c0ba5325475d05dL,
-        0x77d8dc831523a4f9L,0xb053a8be5693cdc6L,0x5e0897a3e947e953L,
-        0xde13f4517899d5d6L,0xbafca001ca78c763L,0x0000000000000013L } },
-    /* 9 << 112 */
-    { { 0x668d132f5602a1b0L,0xbc4a769fef7a02a1L,0xe67a3b7a4126a867L,
-        0x6bcb37d5a775d18fL,0x719b93ef11901e4bL,0x3aaa34d531f7386aL,
-        0x7f81f95156335bb0L,0x22ce53aa1d9a8fb5L,0x00000000000001bfL },
-      { 0xb901f8b5580d76d3L,0x9ae57d49a4d6e345L,0xf7af2dee4e5b689dL,
-        0x5d79160110e321e9L,0x43f66981301f6090L,0x8835a85f23c4f0ccL,
-        0xdab2de3b083b5b68L,0x7fc613f51e97c0faL,0x0000000000000051L } },
-    /* 10 << 112 */
-    { { 0x9655cac34d110319L,0xf55e56d996e35209L,0x6f375ec27c15d50eL,
-        0x2d38334326e468ffL,0x943096d75c103732L,0x4b30c0d40b0e523aL,
-        0x4169da7ced307fccL,0x5c1e47e9da5da806L,0x0000000000000158L },
-      { 0xaf9ea9b5700e6489L,0x05d34fdbb2f6bfc8L,0x3b2dc12594068bd4L,
-        0xb568253751b3f965L,0xc1a3271e109ff65aL,0x79ffae0e4b377ba6L,
-        0x5e0149cedbfb4a77L,0xdfdb05a969f94a1eL,0x0000000000000143L } },
-    /* 11 << 112 */
-    { { 0x98cffe72a8e16494L,0x990dcdef990f6ae5L,0x2ffe758f7718e6acL,
-        0x08fffe7f94b86a5aL,0x29ec8e3824f249ecL,0x1115cf1e702e2efcL,
-        0x42d3b998ac7863bcL,0x9de49c4ba8469112L,0x00000000000001b3L },
-      { 0x23c141d47f0f461aL,0xd622ebb51a75ea51L,0x671dac9b98084ef2L,
-        0x930fc09d8fbe7d8aL,0xb8ef755e8fa1e70eL,0xfe65e8a389920cf0L,
-        0xe79b849e876f0425L,0x1c6ba4df46c016e1L,0x0000000000000130L } },
-    /* 12 << 112 */
-    { { 0xe8f06c2f869db704L,0x1225fe8e1be3a442L,0xe40e87fdf139548aL,
-        0xafff68201a7dfd4dL,0x883cbb604489813bL,0x21f07a4520c07c1fL,
-        0x037847dd761bfeb8L,0x2879d201fe9d73f3L,0x0000000000000098L },
-      { 0xcc3e104798fd5063L,0x9e3888796f0c1179L,0x6f8e0ca8f2e65336L,
-        0x51d688edaf342355L,0xfef444c177e831aeL,0x34b47f9f18abf899L,
-        0x4f7c42ecf9d15d64L,0xfe977f078747ba4bL,0x00000000000000b8L } },
-    /* 13 << 112 */
-    { { 0x1d7948e7e31a2875L,0x305e549d55f21221L,0xaf6d2fc5ebbf39ffL,
-        0xeabb12c80ffed2feL,0xaf421cd07b32d227L,0xf8226502a9bec07cL,
-        0x065359ac149ef0f7L,0x9e5e784e4f1cbce5L,0x0000000000000027L },
-      { 0xe64bdf95e8995641L,0x4f00ac4c4e803ed5L,0x04ac0dec6b51176bL,
-        0x6de249642c3fe476L,0xf765f2240dfd1e8dL,0xdae016d744709cc0L,
-        0xdcaa2f3b8ee0b68cL,0xae531c980b6bdaa5L,0x0000000000000192L } },
-    /* 14 << 112 */
-    { { 0x586d8be345624df6L,0xc58ca225de489ac4L,0x2131279186184b44L,
-        0x1bacffb7566e654fL,0x795c06ee841818e5L,0xea81a1f7a64fc54eL,
-        0x4202ba3b7bed4199L,0xe8e7eeb7fe735c4aL,0x0000000000000195L },
-      { 0x3c3260519c58b094L,0xd321218c31dda195L,0x2bf7a3196e707d92L,
-        0xcde93cdbd88f1ad2L,0x80b6b9f4ceafc8a2L,0x8ddef6d7edd98905L,
-        0x999d8539ce356fbaL,0x57048edffb834c3dL,0x00000000000001d2L } },
-    /* 15 << 112 */
-    { { 0xb4c8a95f54f6c3c2L,0x75cb6585b4bb79eeL,0x42acf9813af10b62L,
-        0x390e90f9b1fbe61eL,0x8b38992a73c905dbL,0xeb8eeaa4b2772547L,
-        0x50f226739fb26d56L,0xa7fd3621bc8ff539L,0x00000000000001fdL },
-      { 0x9f5f71c047cb14e9L,0x57efde78a4eea6f5L,0xffdcce979720279aL,
-        0xf2602f0c42407354L,0xc32e952e4f8047b7L,0x6bef44fb120ea438L,
-        0x64d8e221d5ec1b83L,0xd99027b78ef102a3L,0x000000000000003bL } },
-    /* 16 << 112 */
-    { { 0x8002b6d63dca9409L,0xd31714c1163b8124L,0xca655b42720a124aL,
-        0x88388dbe9596636bL,0xa321822dc0b7dc61L,0xcdd952c85824e60fL,
-        0x79ff44366cb4916aL,0xa115847e5f88dab8L,0x0000000000000009L },
-      { 0x1eaf3d400aed0c43L,0x7a7196f7ea2a20a4L,0x4312341497781948L,
-        0x856126d0e88d93fcL,0x96dac31fd5710224L,0xc23548f5243e6395L,
-        0xf351df8b9613a79eL,0x0dae5d50626fb1fdL,0x00000000000000e2L } },
-    /* 17 << 112 */
-    { { 0x9e8c65562d81c8fdL,0x361ab7401015a8f8L,0xd8bacdbc343077c0L,
-        0x37cd82a04634dcddL,0x0977ad1e940d6c70L,0x97fe72e327c38270L,
-        0x412f62f6a07167acL,0x08deab9b451a09bfL,0x0000000000000150L },
-      { 0xdd02b8d3abb38852L,0xef1b8f1d41ed4b96L,0xbfd538b1da6597c2L,
-        0xf98a304e10475511L,0x232d62f619d54040L,0xa2b919809183ec5cL,
-        0x5ce198ce8f3f79d5L,0xa5c7192628c2e16aL,0x0000000000000028L } },
-    /* 18 << 112 */
-    { { 0x8aaeb6bb3f28f069L,0xe57bd85a41cd19f6L,0x7a7033fbcdd073b6L,
-        0x5fa5d883af974d72L,0x034fe2f8317d5354L,0x022dad78dc1c3c86L,
-        0xb115c5fcdaddc33bL,0xd20ed9cacf71be7fL,0x0000000000000076L },
-      { 0x906767d94036188eL,0x3c3cac57a74401b6L,0xb26d32b46272050aL,
-        0x01cd2c3ee4d06b8aL,0x7caabb449244b30cL,0xa4c1874d25c6219fL,
-        0x53a70b98afbb215cL,0xe357a7f7f2280543L,0x000000000000012aL } },
-    /* 19 << 112 */
-    { { 0x21419b4f117d5755L,0x6af1ac64475ac8a6L,0xc1226e159cb49eebL,
-        0xd61aa69c2d3f8486L,0xaacb9140fb60ad9dL,0xe0fb2170b59dc623L,
-        0x5aac6818eceaecdfL,0x1e88ae0f5cdaceecL,0x00000000000000fcL },
-      { 0x823f91bd24c8c72eL,0x3f419586c2b074dbL,0xec995125d3c89804L,
-        0x8c98840af3104c36L,0x90445c3bd88cb43aL,0xe9d1da4f814367c8L,
-        0xf5edf338d4636152L,0x316aba3a39ac293dL,0x00000000000000bdL } },
-    /* 20 << 112 */
-    { { 0x1ef1df604dd7f14bL,0xc190c8b79206dde0L,0x8c0095679fc144a7L,
-        0x0ca2f30a0f11e938L,0x3f06119ad15a3b46L,0xce68675d1a911f3bL,
-        0x3e234a0e7dd215dbL,0x909d38cd6028bdf1L,0x00000000000000f4L },
-      { 0x49b323bb7b25c4f0L,0xe0a212449f498976L,0x8ffcd809bf2a0459L,
-        0x1a6890a9cea1e7daL,0x6e2e2b99ab0cff78L,0x650e3170c5d1287eL,
-        0xb5248d4d8ae5d083L,0x0951c926d7596441L,0x00000000000000c0L } },
-    /* 21 << 112 */
-    { { 0x9bf0fe1536b5757bL,0xf078da917322f698L,0xed973489b52119b0L,
-        0xa22cb0b80dff82b2L,0x8f83dba01da278f7L,0x15a6cc1299da0c4fL,
-        0x2f67fdfe5e334bd0L,0x25ab5ab602e8e1cdL,0x0000000000000125L },
-      { 0x269f859aa8d8e447L,0x575d716c1b24a12eL,0x729ae77eb95f04daL,
-        0x4372f9de30e0ed29L,0x673c0bfd398cfa49L,0xbe9ff4fca3ec6966L,
-        0x5ce7e5e3d01c14e2L,0xbec8d2f406373e24L,0x0000000000000040L } },
-    /* 22 << 112 */
-    { { 0xd93727e0486bb813L,0x04283a3e1fbd99dfL,0xdc4788c99b75b637L,
-        0xe6851f5a32167da9L,0x998f7431fbc4ea2cL,0x7a9c33d1a9183057L,
-        0x6b3473245d20e7e2L,0x18a168600b90c80cL,0x00000000000001ffL },
-      { 0x38a94d64bc888e85L,0xfe7b79ac9df19c05L,0x00bbefebf654ee0bL,
-        0xebfaab4e7bfe85a7L,0x48deed60b19482e5L,0x287c06898db1c527L,
-        0x5a6b27ad4c8eb494L,0xf68182ae0d447f2fL,0x0000000000000118L } },
-    /* 23 << 112 */
-    { { 0x4b816e241c2457e4L,0xbb437cd3f149da13L,0xe0be68f94998c797L,
-        0x883b58207dbbacacL,0xe1da5fd525b58074L,0x77d77fde69592848L,
-        0xd1f2bc60c4c21c04L,0xf2bd7b785acbe370L,0x0000000000000114L },
-      { 0xbea3154637b024f6L,0x7f15fc8a9fbcaae2L,0x1b56ad116021c3bdL,
-        0x9356fdf096b118b0L,0xb7865be1daa0804fL,0x3a2ca9e99574d0d5L,
-        0xaa5adb0f5f999f14L,0xc25f9c38ebde48f6L,0x0000000000000049L } },
-    /* 24 << 112 */
-    { { 0xb4c7662650ee9086L,0x2d9cf5f46a31d89fL,0xff6bfb32dff60978L,
-        0x5176dbe145a61de7L,0xd00d55447d0750dbL,0x0d83b80c85c9b411L,
-        0x2dd6470906fb9605L,0x69b0c1333d535903L,0x00000000000001d7L },
-      { 0x94871938210a0c39L,0xf8331fb90c93f6efL,0xf7ee035f253771b7L,
-        0xbfbf3ac00f1e874bL,0x6d02567e077969c4L,0x29a752a783d55d94L,
-        0x4f69563f088bff67L,0x7b1161060b77d6f1L,0x0000000000000034L } },
-    /* 25 << 112 */
-    { { 0xba6aeb1a33687c9eL,0x7d52e286f08ec854L,0x53187e3da1008096L,
-        0x6cc41c9a2b238ff7L,0x5c95188b399bf250L,0x4864754ddbe60f4bL,
-        0xd266be6d3c9440abL,0xe59c36d4977447cdL,0x0000000000000128L },
-      { 0x7c29f965bea1476aL,0xb8fec71e7624ae90L,0xfa1cc18fde04ae65L,
-        0x00fa80b93a6b1843L,0x8ebd2e7305e7520dL,0xfc12b6a59d714810L,
-        0xa219d25f3a532a09L,0x1121083c45999cf8L,0x000000000000013cL } },
-    /* 26 << 112 */
-    { { 0x137ada30d2de83eaL,0xda2153422a878fcfL,0xa6a5cee60e171f25L,
-        0x3f69086f2dd4c3c0L,0x86088100fb43ba86L,0xef809bbfbb0ccb0cL,
-        0xd79c4869c4d677f2L,0x2b2bdbb20404add2L,0x00000000000001aaL },
-      { 0xdafc91eb22edf44fL,0x79590681f4d70677L,0xac8808fd3d9bfe05L,
-        0x2b0c8d47afdedeb8L,0xc767c9b30f819111L,0x26d2b198b54b2fdaL,
-        0x17a4d748425ecf19L,0x3d553a2e27bbc127L,0x00000000000001d7L } },
-    /* 27 << 112 */
-    { { 0xaf086404ae4f64fcL,0x24ec81035e4dac4cL,0xa4251f19f4188728L,
-        0xb90da169ecde3424L,0xee6c23889d75d76cL,0x5cf9b73e303f7e0cL,
-        0x4f0d6e9e45d8766cL,0xcbbe41aa6734beb6L,0x000000000000006cL },
-      { 0x11f1929f6460b3c6L,0xbddb7165e81dc98bL,0x0dfd5fdd725622c8L,
-        0x7c4b0cdc2c8090abL,0xf2605abf9966a482L,0x5ef91579fab0a8e3L,
-        0x334d92ff7a5431ecL,0x5440c23516dc21d9L,0x0000000000000086L } },
-    /* 28 << 112 */
-    { { 0x9fa60a6af5784616L,0x54bc84246184acc2L,0x57d5d2c41435c018L,
-        0x5f94475b333621cdL,0x5b7740d06e210ce6L,0x624d301d0dd3dbd6L,
-        0xad599276a4216433L,0x7e1140bd4b3817e0L,0x0000000000000032L },
-      { 0xadfe76b487f3e336L,0x88a9a1231a1b9b6fL,0x1bac6e4f14c14b8aL,
-        0x8a531f4dbc215bebL,0x874545261c42d401L,0xc65a168cd62ecb42L,
-        0x38188b89f24bf291L,0x94f7d5dec788c069L,0x0000000000000194L } },
-    /* 29 << 112 */
-    { { 0x7d9d6f15fd868b43L,0x3308e6e8e1332d89L,0x53a64fc25c2ea868L,
-        0x819f727861bab859L,0xcd683cc16fc55f42L,0x46ec76818e4ac49eL,
-        0x16e180e3b85ccaf8L,0xcec7676e180c0dc5L,0x00000000000000f0L },
-      { 0xcaf24b54f10d6c7dL,0x3bb37a70423e6ab5L,0xa40e49d25eb685afL,
-        0x512b2a6ca52af2beL,0x495633b5253da10eL,0xa87169e1ac1316b4L,
-        0xd9ede4ff3ea71d6aL,0xa7bde55c751fee86L,0x00000000000000c6L } },
-    /* 30 << 112 */
-    { { 0xb4dbbfc31d447fa3L,0xc0180e814e1f0ae5L,0xc4aa44e04e921352L,
-        0xed72abd5dbbbcc8dL,0xbe0924e6f0fc4050L,0xc735729a7e5a1390L,
-        0x23b83364443bdb32L,0x72df0a07ec53bdc4L,0x0000000000000048L },
-      { 0x2c24dd590a570f18L,0xe436ab7291876f65L,0x5b92bcc4ffc6ae4fL,
-        0x3d6471f3c9ebc873L,0x43efbc5d44292f69L,0xd47637134a107c1aL,
-        0xa367b573248b7c52L,0xf099ea0671daf202L,0x000000000000013cL } },
-    /* 31 << 112 */
-    { { 0xbaf9d6a6b3e1adf8L,0x20ccb29705fd0ec2L,0x3241615122d8be8eL,
-        0x8c0084416a2db0f8L,0x1ef0ebd4551dd651L,0xe6cc97edaca8e550L,
-        0x9c6f70152c1571afL,0x6ffa2b32b9c3f7d4L,0x00000000000001f9L },
-      { 0xd200e04cc91c0f39L,0x0e096f28fd99b77cL,0x9594a20807de898dL,
-        0x55a442ae69bcb511L,0xce1d9649e015f1b4L,0xdd4a639869edda8eL,
-        0x3955b85fcca25768L,0xa003c09dc949f4a7L,0x000000000000000cL } },
-    /* 32 << 112 */
-    { { 0x0fd02a81c0326cdaL,0xb52279ac0e5cf6e9L,0xd0e8f1cf682ad865L,
-        0x01eb99642e847be3L,0x30468f94689baa91L,0xa466fa2bb4584d20L,
-        0x99847f1b327c510fL,0x206bd41d26e6f2c0L,0x000000000000010bL },
-      { 0x8a04fd93ba3011f2L,0x14c757b9af6c7e86L,0x4987100779ecbe33L,
-        0xedf33e226185a74fL,0x35ad7383d4a03368L,0xeb5a269ece6efd32L,
-        0xc83c5fb3208fbf53L,0x35030bb2702bb900L,0x00000000000001deL } },
-    /* 33 << 112 */
-    { { 0x286bf9c2facb4117L,0xddbf33d2133bb3bdL,0xe0c21ce9897c4fe6L,
-        0x3f3a249c219126ebL,0xe925c2cfe9c7e211L,0x7999d7c0f418a42dL,
-        0x24d5577c585a7c91L,0x580ba3affad6e5c8L,0x000000000000005dL },
-      { 0x596e7dc97200c090L,0x8460b9a4531d17ecL,0x19f9aed95e4e1067L,
-        0x522379e68a7a6444L,0xa6618a0e7cdc51a7L,0xb285055396e7f790L,
-        0x605b7e1ff732fdd1L,0x0fe9b751fa8b87e4L,0x0000000000000028L } },
-    /* 34 << 112 */
-    { { 0x0686b81946cb78fbL,0xac50e15b367be8acL,0x6b74a620211895c8L,
-        0xc35a52e83817a3f9L,0x9d3a57cd4fc49432L,0x771878ad4df33060L,
-        0xea4ae8015c216dbcL,0xecc02683da89b496L,0x0000000000000193L },
-      { 0xea1efb5a768b6f09L,0xd97562e7e3ab79adL,0x61ad861c094a606aL,
-        0x614dfe95b42bae9dL,0x0372b7a5558bf490L,0xfec9f31dd1f2089bL,
-        0xc31fd1236d5d51d4L,0x26dec1eb0f1ef668L,0x000000000000004bL } },
-    /* 35 << 112 */
-    { { 0x26ce089dbac679acL,0xa9d9673a64c08615L,0xfe92cec3f9d9d747L,
-        0x4616a4dcad6da7b2L,0xaaddf97cb6f6b8fbL,0xa1cabda1c32a0803L,
-        0xe8591a79c55e17e5L,0x3bb889adc7dc707aL,0x0000000000000191L },
-      { 0x22158400511bd374L,0xd10d5a727f1f4d0bL,0x5b40bd90e732bf5cL,
-        0x88d82eb665a81746L,0x4f64f578fbcebfe8L,0x867c0094eee40ddcL,
-        0x6934932a6c500cc0L,0xc117a16b667da9c5L,0x00000000000000a4L } },
-    /* 36 << 112 */
-    { { 0x5c7994b4abedee4eL,0x3e77983ba4fbf6d7L,0x9d7f330f30003463L,
-        0xb2ec7f739a611df2L,0x595627f9a405b4d8L,0x187ea7ae0ea408bfL,
-        0x2b087af141b1dec4L,0xd8d66597807e4012L,0x00000000000000f6L },
-      { 0xfb1b1154ea7b83ffL,0xcb3c2b19d3b88c90L,0x8c15c0b5ff85a044L,
-        0x65154a83e62fc44dL,0x1fbf5b7f26ed762bL,0x81d36b15c7b364c0L,
-        0xdb0091f1bf2553b1L,0xb6dddcaf2845f359L,0x000000000000016cL } },
-    /* 37 << 112 */
-    { { 0xaa5114266f231058L,0xc6482f93928adf7cL,0x523a25c347a07da7L,
-        0x4ab79da70c795a5bL,0x9a5026f119711fe7L,0xcf2212a729784bc7L,
-        0xe59e7fa59822fbdeL,0x5b4e997e94e459efL,0x00000000000000d8L },
-      { 0x085b185681605f9eL,0x8e3365c4f006bca8L,0x71d7b84b54838742L,
-        0x2b18649aea5a336eL,0x3268764778f7c79bL,0x2b02db33998d6a9aL,
-        0x830a0a96ce221a5dL,0x6c02d7d754314b97L,0x000000000000007aL } },
-    /* 38 << 112 */
-    { { 0x618ac20093031925L,0x160d9b20afb97ccfL,0xbd4b01c66aed35f4L,
-        0x202c1b39edeb2215L,0xd52fb1cb468764e6L,0xd6da21af72b76e0bL,
-        0x98740e64527eb510L,0x443caf748fdbc02cL,0x00000000000001b0L },
-      { 0xd1d700ea574366bcL,0xb40254dd9b0e1210L,0x3172876c607a8809L,
-        0x624a23de5ac14d73L,0xdb1e5debed4d8a80L,0x5d717d8f2976f6e8L,
-        0xf4e1d47f42f699c6L,0x433896d520c0ece7L,0x000000000000015bL } },
-    /* 39 << 112 */
-    { { 0xc648e6401f24b1f1L,0x783449d73e5f7c72L,0xa57ac4eff3742d85L,
-        0x61ffe0c9835552b1L,0x62834ef697fdac2dL,0x02703b63f115fbd7L,
-        0x44f47a41aa559e1dL,0x1e7e37c5d15332beL,0x0000000000000134L },
-      { 0x427f35ffd9dd4be1L,0xddcf13578da4e6a6L,0xe76af9ebdda54617L,
-        0xe3e193dbf90ee15eL,0x39a4c7219604bac2L,0x14789a4ac4760af0L,
-        0xb38e14c8cebf3c19L,0x40f7c343d9f78662L,0x00000000000001dbL } },
-    /* 40 << 112 */
-    { { 0x7d46f1e8b4cf8254L,0x3c44cc7f8651132cL,0x3875ea48ee02fdc3L,
-        0xd5d464377fd9ae7cL,0x25ebde075fbebf38L,0xecdce3a5ffa2efbbL,
-        0x6d34a645aacaf39fL,0xca5b72131c664594L,0x000000000000012bL },
-      { 0xe9ad950f97a7b67dL,0x37188f256fb141fdL,0xced17e9ca1d977f0L,
-        0x8137e722c6c3dbbaL,0xc50f36d663a37fe7L,0x68e1ce2f8fea88a9L,
-        0xbee6e56df5023489L,0xeaa15a26a2efd265L,0x000000000000013aL } },
-    /* 41 << 112 */
-    { { 0x504c9c3d75e5a8b4L,0xe977ce76a03d92b7L,0xc3f27a726d9519acL,
-        0x5832b7597ec79b04L,0xb95c1a2f6e80227fL,0x0c329956fb9974faL,
-        0x3359e49ef8bfa9b0L,0x2d20a5b0e2a1b8aaL,0x0000000000000034L },
-      { 0x4fcc30afd686911eL,0x308f27ac164c63ecL,0xf28538a1ee74882cL,
-        0x1b5788b17d109e31L,0x1f74b17e6527057bL,0xa00fba0ef43780f0L,
-        0x43f846884577d23eL,0xb6a7ae44decaaa4eL,0x00000000000000eeL } },
-    /* 42 << 112 */
-    { { 0x032f87b82c06f35aL,0x64d3ff064e7bb1e5L,0x08996732093862e9L,
-        0x3170addcccf193beL,0x641c81835da05299L,0xe296c9ff4ef3361dL,
-        0x3995b3a1e8783402L,0x0800b438e47c8177L,0x000000000000012cL },
-      { 0x6dd8391f62e4d595L,0xdb4d7411ab9a174dL,0x927d7c28f1eb7186L,
-        0x26657338bd593ae9L,0x3bc2051cf5628e63L,0xa97e4b8b685408d4L,
-        0x28251aebd2f3e22eL,0x4a08d5bc83d10ac4L,0x0000000000000043L } },
-    /* 43 << 112 */
-    { { 0x2a8ce2836288507bL,0xa635d48fdd390d24L,0xeee7975ed1b87f8fL,
-        0x162563d6d731058cL,0x3d84bd12fbab97f7L,0x5c918d9c5fb43dffL,
-        0x3c4bd11bc0a07876L,0x8d4ddedeb4d4f961L,0x00000000000001faL },
-      { 0x38e6acf7ee510691L,0xa15ceec44c94614bL,0x50a5b266995668e0L,
-        0x0d4a02f08e0821feL,0xb6f05bdce7b13d84L,0x8f749724f4633064L,
-        0xe9c87eb2218611c2L,0x266a06987e558ce8L,0x0000000000000193L } },
-    /* 44 << 112 */
-    { { 0x1a590ef8fd2add3aL,0x9a67ccb86eafaac3L,0x32b6e3eaa95c46a5L,
-        0xdedf7158cc6fd626L,0xb43928588add9774L,0xea5bd604df9136c1L,
-        0x8675163af55a7019L,0xb3f4557cc3a96febL,0x0000000000000111L },
-      { 0x2835680edb0e4f25L,0xe969cf144cab4022L,0xae88c607bfa42739L,
-        0x27cb7e15c80b87daL,0x4bb26559fc7432f5L,0xd083dbeefb7371b5L,
-        0xa47fb4e384e05decL,0x2872d4720a3ab26bL,0x00000000000001c3L } },
-    /* 45 << 112 */
-    { { 0xeefa89d6ccfb12f2L,0x2096c071dafb741aL,0xd3d1918e4619fd06L,
-        0xfddcceb9da05c012L,0x3385b550dc794688L,0x038c5c77c3911912L,
-        0x770139d611721c23L,0x2266e021c30f428eL,0x0000000000000015L },
-      { 0xfa215837ef6edd0dL,0x1c26f889bb764661L,0x7b94a37bba914166L,
-        0xf571f7e9042f65bbL,0x38de83e849b57e28L,0x30b1332bdf81998cL,
-        0xc8abf5abaabd0834L,0x4a0c78cfc8381e84L,0x00000000000000afL } },
-    /* 46 << 112 */
-    { { 0x3d5a2cc2b9b6cb9dL,0x451655a6344f2f58L,0xb1b47d157fa3f835L,
-        0x968a6841f42c60d9L,0xb84b7308f8f7c5adL,0x452a354d89555eb6L,
-        0xef55dd0ffdf2cb27L,0x74eb80451f99bc70L,0x000000000000010fL },
-      { 0xee70cf6eae8f7d18L,0x0c7c6a33cc7856a6L,0xa0b262b553cc50b3L,
-        0x885cbc7856cd61c9L,0xe804e59f27357b72L,0xa25e4e2ff0de1262L,
-        0x6f15c8fbe66bc201L,0x553d0f8e2a012e0eL,0x00000000000000aaL } },
-    /* 47 << 112 */
-    { { 0x984e30a1d77350faL,0x2d8d4baba501ad13L,0xf6a76e16e10ee73aL,
-        0x512b31c76955b642L,0x25a977e01e88bd3bL,0xf5a5f60798821007L,
-        0xebb4e8ed81819b38L,0x359f9c62004e07f6L,0x00000000000000d2L },
-      { 0x1c0218a4499f21c5L,0xce12310336fc822dL,0xa9a55a60d384c462L,
-        0xf891a118812e45c9L,0xadc5eb313ecde0e1L,0x189f50c1e4e0da26L,
-        0x34b21a3323276e3cL,0x490c316c9467a0d8L,0x0000000000000192L } },
-    /* 48 << 112 */
-    { { 0xa59d74fd4ae20507L,0x46d0adbaa86a468cL,0xc004c36b0df04371L,
-        0xa0f3cad9c6138633L,0xfe2133c1eeb5863dL,0x0ef5dc4884041aa3L,
-        0xbc3f0e491707f418L,0x3677e9ebdd7cdf90L,0x0000000000000178L },
-      { 0x454656623a62115fL,0x4985e0a08192fa59L,0xabd64eec2ae07a9fL,
-        0xe0e94a6d9182d301L,0x5230272bb543c76bL,0xb7a9f6ce5b5b137bL,
-        0x45903dec3e7b2872L,0xade6111744296989L,0x000000000000001cL } },
-    /* 49 << 112 */
-    { { 0x1641b779225fe8bbL,0xb2c04a9e0995ebcaL,0x0270ad40d7b634d2L,
-        0x54301c3a0235166aL,0x17a2655a84428da6L,0xe4849f07bf319f15L,
-        0x54346197a3975f9bL,0x1400bb7353454131L,0x00000000000001adL },
-      { 0x1d8cc6c47b133fdaL,0xac430140c99c62beL,0xe438a1d959380ab9L,
-        0x984c0ed8d0ce3602L,0x56f90ee1bcab7a0bL,0x55067ca825fcdba1L,
-        0x7fde8ced07db34c1L,0x70a106fa9448fbdaL,0x0000000000000110L } },
-    /* 50 << 112 */
-    { { 0xf5c0e5baf99caf44L,0x4b0a642c89af2ab6L,0x082ea9e1c6f1f294L,
-        0xc1da27771a9eb5e8L,0xce038334379f1b75L,0x662775ce806524f1L,
-        0xd4200a961de789acL,0x94e49840f985d4c7L,0x0000000000000188L },
-      { 0x9765c5a05332e704L,0x35e54513f357c532L,0x871a4dcee65f1729L,
-        0x100d2bbf9b2d7c46L,0x58590df34c23bfcbL,0x8ffec9bf59d15a0dL,
-        0x33c0e85e6a2a3312L,0x6fb39c77d2846bcfL,0x000000000000002fL } },
-    /* 51 << 112 */
-    { { 0x2f6183097b4858b0L,0x4d4d2b80f34c0437L,0x4bef8204699cc258L,
-        0x13a4f63696736be6L,0x6ca2df088c828b7bL,0x0dbf95001564f616L,
-        0x03806a3426723221L,0xadd4715f3594f49bL,0x00000000000000feL },
-      { 0x2255c005d91a7a23L,0xd31821aabd8738f4L,0xf417c40758c41cdcL,
-        0x1bf2e581ce1b6aeeL,0x13ba4d9331a003ccL,0x02658dbdb9d35167L,
-        0xcce7251fcb565afcL,0xd17dc6a8d300b06dL,0x000000000000011aL } },
-    /* 52 << 112 */
-    { { 0x023b057fad5df81cL,0x0906bab2d1df9f2fL,0xd8d8a173709fadfbL,
-        0xa8ba2a86a6c45ef3L,0xeb1d4e331be5b53cL,0xdef9c19e56c39843L,
-        0xbd1763c0c1d3eacbL,0x0e7eca5142490ba4L,0x0000000000000088L },
-      { 0x8d446e88a5f070b8L,0xe8136967fe9e8b21L,0x0a26424b816d519bL,
-        0x0dee87a30bdd1c2bL,0x2c6c6287b75b6cf0L,0x50558e41c28a75f2L,
-        0x40727fe07d2b4ab6L,0x34832548349c668eL,0x00000000000001fbL } },
-    /* 53 << 112 */
-    { { 0x135a24aeba593c17L,0x024315aeeeadb96bL,0x549040a3872ee831L,
-        0x05781e1ca527850aL,0x97a7a4a46ff2f4fcL,0x667bef40328e2318L,
-        0x133a153c13ae6aacL,0x25e691f7dd80ce7dL,0x0000000000000041L },
-      { 0xbf2b901433cf2b24L,0x74df7e9c1ad04c41L,0x5cb289df132de33cL,
-        0xbcd1bec484f41349L,0xc0f49a0c36f55149L,0x578571e03398aefaL,
-        0x65823d11b11cd39cL,0x44f1a009ce63b025L,0x0000000000000042L } },
-    /* 54 << 112 */
-    { { 0x8a2b478e8343cec7L,0x2820d2fbda374a71L,0x9d473bb194af8efbL,
-        0xcc54c95f16b56d2dL,0xa0bf40a0430f13f0L,0x6a56a1dbecc6cb08L,
-        0x6180fbfdb7bc57d0L,0xd6b165b76bdab048L,0x0000000000000100L },
-      { 0xf5b147b7f8e4648fL,0x97d37c258437bf24L,0x9465879086556798L,
-        0xf1321e101f3fcab3L,0x37d4d1ea7351c0deL,0x59b6bf365fc92770L,
-        0xa950de8086276f0aL,0x367635f61786be75L,0x00000000000000b6L } },
-    /* 55 << 112 */
-    { { 0x31f3a5c38e113349L,0xa374734db1c20ec8L,0xa6f0e423d1eafe52L,
-        0x1f32e96c0b901678L,0x895ce01dbb18837aL,0xd91347a55d9930e0L,
-        0x7a43364e9a86a004L,0x590ec9096b157d23L,0x00000000000001cbL },
-      { 0x7e3b46799392608eL,0xe29453e8a9c8b459L,0xf460b030993c90ffL,
-        0x91ec7bbc33b15097L,0x743fbdfe1a68fecfL,0x224e914959860761L,
-        0xda87ca63eb1dabdfL,0x6f509876cf17d2b4L,0x0000000000000058L } },
-    /* 56 << 112 */
-    { { 0x951aef0c34412809L,0xb20f279499403457L,0x5a30efe2df842006L,
-        0xccd7c89150a68d91L,0xb750afe1f819f912L,0xc0017d9a4fa1c8d5L,
-        0x19a5f2cdbcde79b8L,0x7b6686e03b7f4682L,0x00000000000001a4L },
-      { 0x74060a6acdce424fL,0xd35ffef26ee7e0a4L,0x8e238effacd0a03dL,
-        0x95d28a08f5cb5bb7L,0x654858407771be75L,0x3b753ffc4873ff72L,
-        0x1bcb2bc8c60d11aaL,0x005e5c5d3dc06c4dL,0x000000000000008cL } },
-    /* 57 << 112 */
-    { { 0xcd13e3389eb436baL,0xb0ac873ea2da8315L,0x4666e06810f3dbf3L,
-        0x0e5832027644be64L,0xd682457a397db83fL,0xd55546a11b832130L,
-        0xd6dcb98d8ecffff5L,0x7e95eb40c3368e15L,0x0000000000000125L },
-      { 0x8239cf6862306bb7L,0x3ab70de64ec9caf2L,0x4387316c86af4457L,
-        0xc60d6e709327cf2fL,0x0f936e7caea1796eL,0x184ef761f8dcec2bL,
-        0x447d5a965eb06c81L,0xc969bcce3764ed27L,0x0000000000000145L } },
-    /* 58 << 112 */
-    { { 0x6a9ea90ba4680770L,0xf9e6ec6093314278L,0x69360f538727b4c9L,
-        0x5f20e2ccaf754475L,0xfe3f4c4aef4d31f2L,0xe25edaa3fd4dc244L,
-        0xb255796172dc983aL,0x7ab62907a1c19791L,0x000000000000002dL },
-      { 0x6af3e2c939a3be8dL,0x7c100f6bba83593fL,0x933408151f986d85L,
-        0x6a3e36274c8ce9beL,0x263f3820d0fe0d3fL,0x100201e1f9a54852L,
-        0x34ab0e71c2175ba5L,0x105312c8a23a1598L,0x0000000000000196L } },
-    /* 59 << 112 */
-    { { 0x1a844aabd7391a5aL,0xaaab287d8b4b3501L,0x1435f8a12bc5061fL,
-        0x4588693ec9044802L,0x9e86c1820a553513L,0x7bd0602fc8fd44d9L,
-        0x894b901621d26ce4L,0xc0f06181bf73bfb1L,0x000000000000000bL },
-      { 0xe6ec15971782220eL,0x4c2e6efc285fb2b4L,0xb688822d2edaadb2L,
-        0x129be3f8338c9913L,0x0836465246d13d20L,0xbc93fd48530f4ffbL,
-        0x8b6d9caf472dad14L,0x7a977a52a37172c2L,0x0000000000000037L } },
-    /* 60 << 112 */
-    { { 0x1b26fa58fe5246ecL,0x45b69d4ea6d48abbL,0x4bd1bf364b47c822L,
-        0xe543f2c9f015149cL,0x1f82bab432c44a8eL,0x6f27aee23824ae58L,
-        0xba8cabd695e3e7ecL,0x9bbb31bc66b8eb78L,0x00000000000001fbL },
-      { 0xc88a99b9e2708288L,0x7e228e8097db1cd7L,0x84c064e5c935e31eL,
-        0x0d69185a2f2f010dL,0xfa9c64e661a440ffL,0x9d655e24a4bf903aL,
-        0x776e8661bacc5b4eL,0x39a98e6e18231a7eL,0x00000000000000f3L } },
-    /* 61 << 112 */
-    { { 0x3d7416191aa43b05L,0xa196772534da61f6L,0xc6a9881c9fe86cb4L,
-        0x312a9d68c3b88c86L,0xbb34c3cefbce7f28L,0xab59cf050eefb825L,
-        0x174945c17c8ca5a1L,0xee1a3e9f78d5f3e7L,0x00000000000000b2L },
-      { 0x23545e86246672c5L,0xea0ffabbee486373L,0x5d0ad0371dc589cfL,
-        0x7c9e301d57718f3cL,0xc9772db800fbd5beL,0x9821a095463668b8L,
-        0xc76345bdc3c57757L,0x4bd844a73c2d1c8eL,0x0000000000000060L } },
-    /* 62 << 112 */
-    { { 0x8539e35c7e332459L,0x00fc0e9f98112339L,0x66bb5320ba989b61L,
-        0x4c6a3f25209282c3L,0x14ad058dc440c82dL,0x6d4b647649afd02cL,
-        0xe2a127a77b3f32dfL,0xf3a4d7633c921ff2L,0x0000000000000036L },
-      { 0x88de18f672d6240fL,0x980bc77f373f12c2L,0x6558ca734246eba3L,
-        0x903c033b4ec51cefL,0xd83342185dd505bbL,0x51a9e645e8bb1731L,
-        0xb32588b6e307ec2dL,0xc9a481b31c46ca72L,0x000000000000015cL } },
-    /* 63 << 112 */
-    { { 0x2b5bdf56beea4241L,0xc1e3e0225b740107L,0xfc8fbae009238bd4L,
-        0x991d834280953392L,0x3418731d37d2efb3L,0xea7940f99b0e2279L,
-        0xe45b37101a57c70bL,0x69c37528e4e38879L,0x000000000000009dL },
-      { 0x6f566050b423111aL,0x8719ea62fb467f2fL,0x805bec724b45fb47L,
-        0xfd2169aca28673f3L,0x90d8d9757d896d31L,0xf553651583762591L,
-        0xc7fc36f483122a6dL,0xc145ab75e6c19a5cL,0x00000000000000f8L } },
-    /* 64 << 112 */
-    { { 0x809dc9ec3ecc9997L,0x005bcab58cf9605cL,0xfc78790eaa1b4ed6L,
-        0x6d80a56d687f88a6L,0xb7640965ab9c0398L,0x61fbd11cfeda1c18L,
-        0xdf0fb213831177f2L,0x39e15bfe11a2d00aL,0x0000000000000049L },
-      { 0x05d1b9cec407557aL,0x0fa7f405ffe62203L,0x0267252d7efa3c26L,
-        0x445c8adda59468e2L,0x205a0236cd1dda49L,0x3a2196f39f2bcbc8L,
-        0x9c1158d8cd2760d0L,0x1ad9a2f4e806abf2L,0x0000000000000044L } },
-    /* 0 << 119 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 119 */
-    { { 0x97f22a4110c355dcL,0x550f2515bf8056baL,0x253c72a37ef07316L,
-        0x0f1f8cd585b059a3L,0x8d432e48a7e4d4a3L,0xcdf3981d7b2c78cfL,
-        0x15d98f56dfd71053L,0xc95ecb64949930d5L,0x0000000000000195L },
-      { 0xd5e23bcd4b7d613eL,0x8603f848f66ecebeL,0xe2cfaef127a24540L,
-        0xd35bba9b2e9e7eaeL,0xb7f17d307f8c1bd4L,0x901506c4e0ab51a6L,
-        0x3e0d62a390755f2bL,0x8db637dd3c553544L,0x00000000000000c1L } },
-    /* 2 << 119 */
-    { { 0x9ebd0a79e09d583bL,0x8890ceb33f312038L,0x254ff069fe1c7d97L,
-        0xcd82a50a3825dcb4L,0x065bf2f94c37cde0L,0x59b7c4e2a7b458e7L,
-        0xace6716e7d105c29L,0x84d999349f26170eL,0x0000000000000107L },
-      { 0xdca7480bfaada7a3L,0x203303d30d4fb693L,0x0ec1c4d2b9ef7822L,
-        0x2b97216d594552eaL,0xb93e533eb59c5490L,0x50d31ad60d6c3787L,
-        0x0f1014d65cb84476L,0x0523796c02b816adL,0x00000000000001faL } },
-    /* 3 << 119 */
-    { { 0xaf1e4ca2a7db5dafL,0x7cd7bc5fcf367163L,0x1bc98e50f65d85a6L,
-        0xb86fe8a7aeed093fL,0xfebaef0941e74246L,0x7c4ae3825d97753eL,
-        0x93352c2db192c8c4L,0x0edbd295f0753edfL,0x000000000000009cL },
-      { 0x12c415e884e12bc3L,0x6f90b11c8582ffc1L,0x67cb4af0d8c1070bL,
-        0x97c8ccb18a79326dL,0x69ed5c55e5125d94L,0x496103ae1b1baf56L,
-        0x32066cfdbf98cfc1L,0x77c898116d9f4999L,0x00000000000001d4L } },
-    /* 4 << 119 */
-    { { 0x186535555b9bbe35L,0xe67d27e0e3d2342cL,0x06c2f1f39775eeefL,
-        0x1d98dae9e778d2ddL,0xd04ae2693d8c8e86L,0xc49c1b77d8c7ff3cL,
-        0x33c474c9dff1687eL,0x4b0397567350001aL,0x00000000000001d5L },
-      { 0x3a01b07dfe70659cL,0xe8bb7a25ec01b5d1L,0x42f9b07d713a5bf0L,
-        0x9c1f15cf370d1490L,0xd2804385895c898bL,0x72905d530194561fL,
-        0xf467f9e0828ce8b5L,0x54d2132d53e3859fL,0x0000000000000183L } },
-    /* 5 << 119 */
-    { { 0xf143a867c3316e20L,0xf2bd4f50bc497e24L,0x2aaad2ef37ab1547L,
-        0x9ce62d3f3f7713f9L,0x3246f9c020486bf8L,0x3db017e20da96c8cL,
-        0x56b674701a782cc7L,0xc4c70e3b136bf566L,0x0000000000000058L },
-      { 0xd8c1bb99ac35dc35L,0x7487501327c7a0dfL,0x45a025f618aa1c21L,
-        0xdd7ce0f04280e892L,0x8fc15397ddb495aeL,0x51b198def1891c05L,
-        0x81cd5f32268f273eL,0xec2aa11586b31e95L,0x00000000000000fcL } },
-    /* 6 << 119 */
-    { { 0x7e4fc745603f4f62L,0x300e74342f0eb97dL,0x0e64a63411be4195L,
-        0x6c160b9d52b038e7L,0x4d130d75a62d7fb8L,0x83b6412b23b6bf71L,
-        0xe92b5b0719d0a2d2L,0xf547f666fe79aa1bL,0x00000000000001dbL },
-      { 0x609495e1a1364f6bL,0xc196a1c69de725e5L,0x24e0c338051a1989L,
-        0x5b24ecc17132b77cL,0xc38889537d5f2440L,0x847186d0ddffd474L,
-        0x0ea28f9c643c84f9L,0xac9296ca4cdfcc12L,0x0000000000000151L } },
-    /* 7 << 119 */
-    { { 0x8010e2ec682e5ed7L,0x231b6fc4ccd555e2L,0x08b20819b4cc2bb7L,
-        0xba49a7a8b38f4af8L,0x6ee2df34ff5875adL,0xe10d9cba25883081L,
-        0x7b41a2bf599dc323L,0x01679b17a6aaa35bL,0x0000000000000060L },
-      { 0x3396ca47c09ee443L,0x4eb85f5371662a3dL,0xd9dcc6710ef4b6bbL,
-        0xaead8bf43c3199edL,0xd5ee8048216c81a9L,0x5e60fffd6f00e815L,
-        0x115afc95967359a3L,0x316b88ba9c6fb569L,0x00000000000001cfL } },
-    /* 8 << 119 */
-    { { 0x62e30f146b33442dL,0xde4d2e1042123a0aL,0xa1e5e2dda59b4649L,
-        0x2b6aa7d5dfa5d292L,0x83f0033e00c25b90L,0x2e6143261d598a8fL,
-        0xa5aa5a26df8943faL,0x7459318ad4fb7104L,0x00000000000001a7L },
-      { 0x53ed625bd67084d6L,0x47a2d5950d232f5dL,0x593a7030f8863270L,
-        0x3e87b5ab993051e2L,0x02e51486ca5387c6L,0x7612f0c7a818de0fL,
-        0x32d26729b42f317fL,0x48a9b12fb9a3c2f4L,0x00000000000001ddL } },
-    /* 9 << 119 */
-    { { 0xb331e5f4f0c18c18L,0x34ebae25ed4f1f6eL,0x1d43ad4aa25f2fffL,
-        0xc75517b81c368e17L,0xeb289c54992ad974L,0x8ad87538f5e364bbL,
-        0x914d356e089ad0f3L,0x65a5ea69d54982caL,0x00000000000001c4L },
-      { 0x51212cfc269ce3e2L,0x43a6142228f9247dL,0xfaed8540c4abf936L,
-        0xeffda37241f6c6ccL,0x766e3a2bd9497366L,0xbfb0e6af67baae9eL,
-        0x4b943b2b4cf8e2eaL,0x14ff3bc90579b694L,0x00000000000001c0L } },
-    /* 10 << 119 */
-    { { 0x60b11099cc0ae72bL,0x51cf7973d3588531L,0x62aea2ee1f018f3eL,
-        0xceaec7a028e42557L,0x695f7cce52df0599L,0xf22825452a1b3f00L,
-        0x8c2df32e6394de22L,0x18ce083e2db1770fL,0x0000000000000088L },
-      { 0x7989f8bf4ba02f8fL,0x22fc813fb69bd72bL,0xf4eefa600a383c73L,
-        0xd7aa3e7e6dbf9f7dL,0x98113db2d2d50a4dL,0x47e078b14d81782dL,
-        0xef4cea6327df6aceL,0xf720012f577eefc9L,0x00000000000001c9L } },
-    /* 11 << 119 */
-    { { 0x8a7250ac0b860356L,0x68cc18db827712fdL,0xf51e42975c278210L,
-        0xd739081ce152d377L,0x3be304ef809d58a8L,0x2e2866fe1d8e32f8L,
-        0x079e155045a93bd3L,0x0b6e67a48277ca0bL,0x00000000000001d6L },
-      { 0x554f41797dac30e9L,0xd57280b1379d715aL,0xd12134dcd0185268L,
-        0x9fb040dd55b10542L,0x89f90cbe9419c076L,0x058fa0d6397cc301L,
-        0x7b1ebc8b10ab543eL,0xeeadfe47674313faL,0x00000000000000e1L } },
-    /* 12 << 119 */
-    { { 0x45ff6cffe1a83401L,0x7b9b4eed54a79e2aL,0x979b1475933bb48aL,
-        0x135e2594634d7ec6L,0xc08ba7b4d5dccbbeL,0x78fce165c3826372L,
-        0xb1f172e431102cdeL,0xb6fd8f343eba4396L,0x000000000000000bL },
-      { 0xf7d351a9b4f622a3L,0x80215fc752af1195L,0x967f5f190e0e3c73L,
-        0x4e05f75f9f80960bL,0x76c30e858eeb6e11L,0x9f270d1556a7acb6L,
-        0x9236e11764fff770L,0x80c87737e474ea10L,0x00000000000001cfL } },
-    /* 13 << 119 */
-    { { 0x991489171d928ce8L,0x727f54c83b241dc3L,0x837f9b5e5b7b0e99L,
-        0x60b9885a65c90179L,0x025c5092a0723b78L,0x6f465cadb35a299dL,
-        0xbf3e23b849ac4709L,0xd3d8a7547a8c1a2fL,0x00000000000000c0L },
-      { 0x855e31df15d9ac7dL,0x57c4d92146e48a7dL,0xed2f5b45d787acaaL,
-        0xb004403b65895d32L,0xb671cad3324326eeL,0x419aace1f7db0750L,
-        0x5079c99935051f2aL,0x4785a42e08e80cc5L,0x000000000000001bL } },
-    /* 14 << 119 */
-    { { 0xd3c4e96b03d54c5eL,0x962ef31f65450ba4L,0x4a75aeb64dd512c0L,
-        0x4c4d23aa233d2675L,0x42cfc07c0055293fL,0xbbff60c5242a0317L,
-        0x3f27d5c95c4f2c32L,0xca352c57746505b8L,0x0000000000000080L },
-      { 0x5751eeca92a1ef30L,0xb83a993e1f9eee84L,0x5eec2ed72e0ac56fL,
-        0x95ad825bcc0d1e16L,0xd3aa7ba68af2a112L,0x3035c3f8c7ef1fcaL,
-        0x5b5bf3e55216a429L,0xdf187ddd0fcb5720L,0x0000000000000025L } },
-    /* 15 << 119 */
-    { { 0x78efe954502ba658L,0x1acdb02ca79d89e5L,0x6c83c8808cccff30L,
-        0xf6b6cc94db66a880L,0x9f374ff9ce82c740L,0xf353329b9f06fbbeL,
-        0xfb73109a9e34d30bL,0x4ff19c4c2ae4fb4eL,0x00000000000000d5L },
-      { 0xf3329d5a4e4bec08L,0x14090d979e97c3adL,0xc413b1e477844381L,
-        0xa1649708be56dbe2L,0xba1a525241d4f044L,0x2c7da53909d84593L,
-        0x5c1494f9961312e6L,0xece942c3d4cd25b5L,0x00000000000000c3L } },
-    /* 16 << 119 */
-    { { 0xa549238eb310bea8L,0xb542445a99bb8ab7L,0xa930bd6a8c208b86L,
-        0x1b97c831168af442L,0x18d4fc46a291bffeL,0x1d202d44a6b461aeL,
-        0x433dd2d7c57c66fbL,0xf21b5d1d2a79f133L,0x000000000000001bL },
-      { 0x99343aa32ee37543L,0x904b8dcd7eff1bd4L,0x4e1b01fa9711ab88L,
-        0xf8111ac33af62c90L,0x59ccfea158910f9aL,0xf4d713a358e5f398L,
-        0x6cbbd15fb9c12355L,0x6181d1c0c3f59372L,0x0000000000000170L } },
-    /* 17 << 119 */
-    { { 0xfd1909b68d45b896L,0x40d662ac394c6c7cL,0xf5cea1dcf74c3e17L,
-        0x52641b5abf892800L,0xba56fa53cfae386cL,0x34d5d6e508a7d7cbL,
-        0x93a70eb6eb77e443L,0xe1f4539c3df2b1acL,0x00000000000001f7L },
-      { 0x654e70fda8174410L,0x5b339e60fbefce00L,0xcbd494e6957674d3L,
-        0x59a2fa2ba3719a56L,0x84b7ef4361be71b8L,0xd993ba7996bbd063L,
-        0x4e360f9d87a626feL,0x47fb3ca54c60de10L,0x00000000000001c1L } },
-    /* 18 << 119 */
-    { { 0x64f8ec4c94dbcef0L,0xc97a5fe1d006d598L,0x7cc416b15fee99baL,
-        0x5e76561a698113acL,0xc81c6079ffa11af2L,0xc04b5048cdaee971L,
-        0xa79ec707c46bb0b7L,0x20aedd0f45f1cfd3L,0x0000000000000189L },
-      { 0x678e01fdf1aa0926L,0xf6794950809be2ebL,0x9420aa4b9f89e63eL,
-        0x80440a43f8be307bL,0x5f745612dabbb2e6L,0xc68ea3c278a61df1L,
-        0x37c8c2f6d67e5c46L,0x32cac5262b38ed94L,0x0000000000000008L } },
-    /* 19 << 119 */
-    { { 0x8e864ff05d5cfcd6L,0x43e2041c6f9fc03cL,0x2db99b7e23583833L,
-        0x5dccb3a8339ff572L,0x06586d385e30a99aL,0x1c5dfb435976d778L,
-        0x23751881d86629e2L,0xa5d2aa9db94c022aL,0x0000000000000164L },
-      { 0xb460335a0d36e04dL,0xffae905ee8e64c22L,0xe3a3a0890ef4ac2fL,
-        0xf2395b267d86626eL,0x2601b8cb3adcc664L,0x5fbf5face8832bd5L,
-        0x6ae36465bff22aedL,0x8df993b2b0541b7dL,0x00000000000001f8L } },
-    /* 20 << 119 */
-    { { 0xc2ab59e873ada2ccL,0xbae59c15cbec8583L,0x91b446abcf3b6345L,
-        0xff7a1af20becb4e3L,0xa2ba8e42707dec53L,0x3ad25c5191ee1072L,
-        0x50624ace261414e7L,0x52c9513adfad31d0L,0x0000000000000085L },
-      { 0xe08f4efe933887cdL,0x88ef090ae39784afL,0xdf8d631e0d1e77c0L,
-        0xa5d3a5292f764f0bL,0xd782f2bf2a993c96L,0x66bd58533d305512L,
-        0xdaa06e5fcaafa3fcL,0xe5ee3ae28e21902bL,0x0000000000000189L } },
-    /* 21 << 119 */
-    { { 0x4a29ed0cfac4faffL,0x845117baae022e6bL,0xdabb52d4f8d70af3L,
-        0x24026deac5e6fbb3L,0x44b230ca918eea16L,0x0ed0c105bfaa5514L,
-        0x57c3322682aef559L,0x67bcef99cd389b75L,0x00000000000000b1L },
-      { 0x7e8088902867777eL,0x8de1b2c3af7d1830L,0x2755e5556dd95dfeL,
-        0x64641564b86f4994L,0xb629925edfc94844L,0x5297aa1c77dec939L,
-        0x1f706f40c445f067L,0x9384cd0b480c8c54L,0x00000000000000e7L } },
-    /* 22 << 119 */
-    { { 0xb191bfc95379208aL,0x2a1f2ba91ad2a396L,0x8a482274cff511f3L,
-        0x20fb75155b03819fL,0xedc652327fdde9d5L,0xa73b9708f88e8979L,
-        0xe0bfe37f5e93f0a2L,0xbe3b0ef20f1f13c2L,0x0000000000000008L },
-      { 0x52cd7f260e0288fdL,0x6dc435d7872f25e9L,0xfa45bea70164564dL,
-        0xdd4667eb9d109fcdL,0x1e23bd77b282d30cL,0xb3bb1a7478610e7cL,
-        0xf48ee3dfccedda5fL,0x2483a44a16942c44L,0x0000000000000048L } },
-    /* 23 << 119 */
-    { { 0x05a88878734d704cL,0x40c181a63077bf30L,0x8a9a744692a8af26L,
-        0xda1c1e825393db91L,0x5ed215541599d840L,0xfadc24032c645869L,
-        0xf2bf75501e1b5dd7L,0x2f512f9789250c44L,0x0000000000000003L },
-      { 0x0b1020bc1e05e15aL,0x8998b2fe07c12cd3L,0x1f9de8b8a849a0abL,
-        0xed5d9ad7b34dda41L,0x8f576dfd3941866bL,0x6b2ab23bdf701b54L,
-        0x1e8c11f936179a14L,0xb9f4893243e693ffL,0x00000000000000a4L } },
-    /* 24 << 119 */
-    { { 0xeb1706ffe55d9dc3L,0x128f942b47cf0bc8L,0x6a5d94a8cc1ceeedL,
-        0x8736f0290ca71858L,0xc100090dd1fd8b55L,0x5970b8829caa1f54L,
-        0xafe5e74c9266c865L,0xff310a7a2889325fL,0x0000000000000005L },
-      { 0x4b0a8d9bae5ed924L,0x81e086f41a8d0a30L,0x6c209d40190f4957L,
-        0xbf69cda925fd95f5L,0x5a7a31a215c6321dL,0xc4f9d4e866200541L,
-        0xa675123925161f67L,0x3134ad6fd5ff9687L,0x00000000000001e1L } },
-    /* 25 << 119 */
-    { { 0xb5f514a7e0bb67bfL,0x9e40b6e4e48a475aL,0xf889e93751dfc4c0L,
-        0xd6a56b5fa94b1777L,0xa53c024ce66b7400L,0x54aa63659c499f6eL,
-        0xa318725c40eea1d1L,0x959b22025fa02502L,0x0000000000000166L },
-      { 0xf4ac61080c71fefdL,0xc0ccefc5a79fdca9L,0x4c540ee1fc90c9f8L,
-        0xc426e0d1c1d56f4bL,0x5dc15d4c5b7bde88L,0xc5e8b846ddd7a8bfL,
-        0xd8f63c9b8700dbd8L,0x96966bee03f867b9L,0x00000000000001a3L } },
-    /* 26 << 119 */
-    { { 0x60ce32b9138490feL,0x3195cd4ad2685b04L,0x0e36b35e239110a6L,
-        0x63129c87d4740967L,0x994570fadc6d3f99L,0x8edae6940031cab0L,
-        0x504b1b8f7af36802L,0x5cfd2bdac466fec6L,0x00000000000000c8L },
-      { 0xd5dd304e703de0c0L,0xe7e0f651df8244d0L,0xc5bf943c240569ceL,
-        0xa100eda82824e162L,0xb7b7b3b63dda41f9L,0x48f90dd91e5455a9L,
-        0x8c821e2a7b1de463L,0xe653f0674ede44e9L,0x00000000000001ebL } },
-    /* 27 << 119 */
-    { { 0x459c2acbe7a0e738L,0x3e7b0714c6f21da2L,0x5475f4ffcb875deeL,
-        0xb951bacce164b589L,0x457e8912de96aba5L,0xb774ee72fe8219a9L,
-        0x8978e772f097ebadL,0x12860ee828f4d4e3L,0x0000000000000061L },
-      { 0x360293f7aaea6fdaL,0x31008270991d3924L,0xb8b3a28e0bd95d8eL,
-        0x2f38092f695f3004L,0x581cce8636edf878L,0x96dd5a9a14d73e23L,
-        0xe318676fff47dbc9L,0xb767451baba7fae8L,0x000000000000004cL } },
-    /* 28 << 119 */
-    { { 0xbc008f6f12853216L,0x4bf12ce42b48c455L,0x54ff9bd2fbafa90aL,
-        0x5fe9e7e641840f1fL,0x042dcb9c65e15455L,0xcfd8e3cb4c57c3f3L,
-        0x4c57920afcc0e297L,0xb4cdc9adedd993d0L,0x000000000000009cL },
-      { 0x6b6ee23c382e05c0L,0x17f4b2c3b8821acfL,0x48517aa5b5db9ea8L,
-        0xa86c1f52c23154e4L,0x5c13f1540f4d1d9dL,0x83e69e90e13257a3L,
-        0x4cfd01f2e6b1bd31L,0x04610d106f53c1d4L,0x00000000000000d2L } },
-    /* 29 << 119 */
-    { { 0x96f21b5c587ece4eL,0x2ec1c0d35e494d28L,0xb2f2b82c71276480L,
-        0x1556d678fc677d2cL,0xd2d1d79ca8cd767fL,0xa317f1c6a04e42aaL,
-        0xbb445d70ddedc4ffL,0xc2a0dddccfff4b00L,0x0000000000000048L },
-      { 0x743026ad46ec7a40L,0x909df3034e4b2c97L,0x1942a04f54f5aea2L,
-        0x2316f22aff478c5fL,0x1aa79b3decddd9c1L,0x2a9f761432e997bfL,
-        0x58b8aaba9b14edfdL,0xf2e3dd78e507dea0L,0x000000000000004dL } },
-    /* 30 << 119 */
-    { { 0xd498bb74e6cf516eL,0x5142e4d31d808796L,0xa5e120b141cf0189L,
-        0x50b0208b41823038L,0x290dda83eca548f7L,0x3617a82941bd5a4cL,
-        0x3ee40e94717cabccL,0x7801f6aa97f09b10L,0x0000000000000175L },
-      { 0x00bc1f19e1e5636cL,0x3ee1b2a1790abe39L,0x423dcd56b6935099L,
-        0x951fb17eb8189d05L,0x2086426183d235d9L,0x1d060a7799abd480L,
-        0x393b00f9871477e4L,0x3d751bf09a968951L,0x00000000000001e3L } },
-    /* 31 << 119 */
-    { { 0x6b238a6a447a1655L,0x87e723a1b29ad51dL,0x2e1618a3cb5d4927L,
-        0x61ce36defb5ea331L,0xe66a95a69dbf6e02L,0x7e2d71c88ff6b838L,
-        0x19ff9378b2144d22L,0x573686d3dbc2f8afL,0x00000000000000ceL },
-      { 0x027a78fb3b8116a5L,0x431129b0105e775dL,0x0b111a77a199ce40L,
-        0xe282a92c3d72ffeaL,0xe4e9e0d2f41b8ebdL,0xc6775590ed468e58L,
-        0x585f9c702df78db2L,0x6c1d2b10c6120772L,0x00000000000001bbL } },
-    /* 32 << 119 */
-    { { 0x0bc2fc66a6a08edbL,0x4f83dbe481d46942L,0xdd379bc14e44b819L,
-        0x6f409f1ab5785cc1L,0x3fac6dda40232da3L,0x83b4bfdc11b9bc84L,
-        0x4563149ac91e3874L,0x210062c6f562966fL,0x0000000000000126L },
-      { 0x6a00191e9548d9c4L,0x800f66bcd9716285L,0x3a8c05a315dd9859L,
-        0xaf6dcdf5ac571627L,0xeae07417006a2a90L,0x11b368fbfcb7c955L,
-        0x5e47618fc4abe2b7L,0x328f44c85ab9dd68L,0x000000000000015dL } },
-    /* 33 << 119 */
-    { { 0x2a1f44bf35f04663L,0x35863dbcf2cb12ccL,0x65966eb50645618dL,
-        0x121be877084d9977L,0xb293bc95a71b0855L,0x15cbf71b3e8b2bbaL,
-        0x18432ee58df913c0L,0x47fd2827e04dfad2L,0x00000000000000e0L },
-      { 0x9ff5d0451f756bc0L,0x149333a7cb99ff05L,0x514778ffc7520037L,
-        0xf9e3810a69a033b3L,0xc107c7f739edc855L,0x613b65b44f1cf022L,
-        0x8ad96f8dcc6df762L,0x5d46de0029fc7d62L,0x0000000000000000L } },
-    /* 34 << 119 */
-    { { 0x1d850ba68665bf9cL,0x0a5bfa5ecd57b87fL,0x06ecc39391eb1ac0L,
-        0xc92b6bfb47a8713aL,0x4dfcc9f1b5a6c2dbL,0xeec1b0b4361c81ceL,
-        0x44635bcce1d3f510L,0x73ed43e468bdd964L,0x000000000000009eL },
-      { 0x5ef7da45e203e241L,0x415015340b472483L,0xae2fd0edf8c38f62L,
-        0x497f78e07f8125eeL,0x3b25ec8d2f86cfe9L,0xdf5be34f63202086L,
-        0xfaac26690de5c0e6L,0x515f0bca5c14a0ecL,0x000000000000002cL } },
-    /* 35 << 119 */
-    { { 0x388204a5856f6cd7L,0x904812166cf197baL,0x464561f15fb4bf7dL,
-        0xd134b856f100c475L,0x6ff4dcded7592257L,0xd76fb6af4d3963e5L,
-        0x5158524f9e80e9eeL,0xe56520ec2e0e44c9L,0x0000000000000002L },
-      { 0x8178bb1d5481b113L,0xa4bcda1d0bcdb35dL,0xb5f582f01dfd501eL,
-        0x0a69c092b148ca76L,0x2d5d8f611ffdab41L,0x1559fa8d0416db07L,
-        0x3e0dfea55da20aaaL,0x65feeb54cdae4b30L,0x00000000000001b2L } },
-    /* 36 << 119 */
-    { { 0xb99c8cbbb9f77625L,0xbb9f09212461cc35L,0x8b93dbd9bdd1edb5L,
-        0x5a53e36e7de8aac6L,0x2aa01adc4d122c59L,0x9beb895d36e58874L,
-        0x49cebc216f3b18ebL,0xd6ceb0334676c58aL,0x0000000000000075L },
-      { 0xa914bb8e5fa2193eL,0xc4e659990f747a2cL,0xa6d517b9957743dcL,
-        0xcdd3ede4d4c39e00L,0xbcec7332aa4c0329L,0x3ab06883425fe620L,
-        0xd1cc5d15668dfa78L,0x4d96ddae52b7579aL,0x000000000000019bL } },
-    /* 37 << 119 */
-    { { 0x4be1055088151d4cL,0x9d380be1cd317b85L,0x135a9b2500b5933aL,
-        0xb2a5bbf5bebf245cL,0x18fafe7a7fd975c7L,0xd68068c9b48104efL,
-        0x1aa0df9c8079c090L,0x8efcc46fcdbc1da3L,0x00000000000001d2L },
-      { 0xf773a926f6609360L,0x43b75bbd140a56e9L,0xa4c713e6d3a0b820L,
-        0x0f821f3f5de9d334L,0x1c6c4f45b947eadcL,0xa974aad7fbb18aeaL,
-        0x414b97de33ca4d45L,0x809bfa14f7bbcc4eL,0x0000000000000076L } },
-    /* 38 << 119 */
-    { { 0xca350ea9e37b698dL,0x9eb0052ef86416b9L,0x784ed0be5ed684a6L,
-        0x2b41249bd685ba76L,0xcbb7f9bdf8885679L,0x18973477ded73fb4L,
-        0xb89489b5a787e3a6L,0x7bc63168aa40bdecL,0x0000000000000079L },
-      { 0xfec9cd3b6d62a5c6L,0x91f481cbbf766a62L,0xb55ba1f2286b4265L,
-        0xf3e28afc6b10ea1bL,0x1945a36d4e4ade55L,0x9823132fcb191569L,
-        0x0c4ce33732178d49L,0x5f0a08e255189f04L,0x00000000000000a3L } },
-    /* 39 << 119 */
-    { { 0xb7849d36fe2477a8L,0x311c25a323f26d2cL,0xd6601942c5f1b989L,
-        0xc45c73d160698449L,0x8f52a35889025c50L,0x289f61fd4503f0efL,
-        0xce5ee29ccfbdc0b5L,0x56a6fd6fd0947666L,0x00000000000001fcL },
-      { 0x53c2998e1173eb9aL,0xd7e525fbca74814cL,0xe6a9bd42e7ae0a8bL,
-        0x26587842f9aa587bL,0x464bbbf3f79d2faaL,0x89a0bd3355f3fb1aL,
-        0x8fe1ac20cbeaece8L,0x2387e29f36016942L,0x00000000000001bfL } },
-    /* 40 << 119 */
-    { { 0x6d20e58e82000ffbL,0x1ea966716e7d118eL,0xb0cb325041c88eb5L,
-        0x973b977faacd407cL,0xf20cd8f6f0ca7a17L,0x2f0ef22e9fef2038L,
-        0x23d15a01175a188cL,0xdbdddfa829188156L,0x00000000000000a3L },
-      { 0xfb1a78b3993a35e7L,0xf7badc2f131829bdL,0xf9e29ac9a58a4099L,
-        0x302502e0c7ced6a2L,0x0d09dac9f1cb6d2eL,0xb31805d7d96fafbeL,
-        0x8124802b7410b804L,0x8720b403d824baa3L,0x00000000000001ecL } },
-    /* 41 << 119 */
-    { { 0xa7290d9c48b1f38cL,0x5b8c285d132d4075L,0xb97ab2320f6612c9L,
-        0x278778d5f8cc7252L,0x1bb9cfb9f88bf532L,0xbf27cee0fe2d82b3L,
-        0x568fe3492c626677L,0xa29cfa7b663a62bdL,0x000000000000010eL },
-      { 0xd8eaa38b28160c39L,0x5aa3566b05af5ea1L,0xd5de166d4c045d02L,
-        0x3d0029b93de6e8d1L,0x6ef61a9745c158b3L,0x2a76310bfa47b87aL,
-        0x2d4cb8f174440b9fL,0x2f1d69bf22788f42L,0x0000000000000061L } },
-    /* 42 << 119 */
-    { { 0x2aa57c505668fefdL,0x1d383b64bbaeb298L,0xe4be715ad8a2f406L,
-        0xc0d9df9754005292L,0x423dc4c773eb56abL,0xa5651c8e01586953L,
-        0xa4afc432bf57c12fL,0x0fae1a0b3db56d05L,0x00000000000001d6L },
-      { 0xb6a8f2764827d50cL,0x6096d31c6921e003L,0x4100d72e88d61542L,
-        0x872c450a56e575e6L,0xf25cee3e5a82b93aL,0x797af76ca2a32ba6L,
-        0xa1e2af54ff02fe90L,0x6ba03aab44163fcaL,0x0000000000000052L } },
-    /* 43 << 119 */
-    { { 0x45e97d51cbeca15cL,0x92ecdf862b747064L,0x2dd8552961bc072aL,
-        0x1ff9552ac1c0783dL,0xe424c5fe4c9235f7L,0x702ed8f71a1bccbbL,
-        0x44ce8000061a4767L,0x09ad63882e4d5303L,0x000000000000018eL },
-      { 0x93a69860c1a12d88L,0x20fe34ce34096d41L,0x0395762d55ed8738L,
-        0xb52c3127b21aa0d2L,0xb3ee6efe8c5c0ab9L,0x7ef6aa092ab17c19L,
-        0xc7dfe85539c623b4L,0x4b4e21ec470a5812L,0x00000000000000c7L } },
-    /* 44 << 119 */
-    { { 0x41f1110cc6c5882fL,0x269cfa8003a383a6L,0x063066bc3fb339bdL,
-        0x893cda4818001024L,0xdc69f450a35accd7L,0x7bc9d8c37bfcdca8L,
-        0xb3034c8661dc6f02L,0x65e4d3ac27f28f29L,0x0000000000000026L },
-      { 0xd485c332700bcf1aL,0x97bd7f097c2ae8a6L,0xd07bbb26c2fe444bL,
-        0xc637e7632b702432L,0xb4e830218750ecc1L,0x1bd3bfac22178bdaL,
-        0x2deb354ce56f8538L,0x9ffac3411745164eL,0x00000000000001e6L } },
-    /* 45 << 119 */
-    { { 0x83369d68f61454ceL,0x3f00ac930ef465c0L,0xf372ca70c9ac3434L,
-        0x7a4df749a652a4c2L,0xb5cbf0aa6d77058aL,0x016c55b4f828b256L,
-        0x2d5b8556574471d6L,0x3802a2adf605e691L,0x00000000000001efL },
-      { 0xe250d04a621747a1L,0xe1815010f73b751dL,0x2911a81dab76c836L,
-        0x47e76c4cd4ec7b58L,0x13bcbfc531868dabL,0x71fd1826ad6217bdL,
-        0x58d008b0332e4a37L,0x6b046494cd88d120L,0x00000000000000bfL } },
-    /* 46 << 119 */
-    { { 0xb0dddff0f61ce5bfL,0x162bfccb7644e88bL,0x62f50e15ab7a4b15L,
-        0xa34c92f13b3289aaL,0xa78127d8ebab98c4L,0xe805aadc0908f884L,
-        0x237a8b9aab0ff641L,0xe0017b5f1b7ff0baL,0x00000000000001f3L },
-      { 0x871e2a2d3a0be93fL,0xab5b0dab375f5672L,0x4db1185439454995L,
-        0x5586e23420d5e373L,0x45ba928391960be2L,0xca170fa228c6ac75L,
-        0x73af1b708481edb7L,0xe7f738bd66cd194dL,0x00000000000001d0L } },
-    /* 47 << 119 */
-    { { 0x5e706dac23b4a6d5L,0x1ce385acc2e54919L,0x6aa1ae21e6a1b808L,
-        0x8b6fa602d276b630L,0xa045ee27b1666aecL,0x0d94dfa8f4de0f17L,
-        0xb8fdb55612f63f7aL,0x16083fc661173439L,0x000000000000001bL },
-      { 0x1b8ddf1802095fabL,0xf10e700fe66b44c1L,0x0b6d14a584bc01ddL,
-        0x34f7a7e595aace58L,0x068003fbb0cef64bL,0x071161805837ebefL,
-        0x09e3dbb9530aee02L,0xf16a7550c2d924daL,0x00000000000001dfL } },
-    /* 48 << 119 */
-    { { 0x7504bfd02e9b52d8L,0xc14c2e06f96980f1L,0x9f8a9d759fd5b1e3L,
-        0xf182865b45156aedL,0x50b0cc368ce9cc26L,0x795f14da99833447L,
-        0xbfb65a7c8bb4ee45L,0xf69152996ad0b825L,0x000000000000015cL },
-      { 0x7515a268f20f5a41L,0xa9f0c26ab40016f9L,0xa1e9255c68244585L,
-        0xa7f9b9b63593b04aL,0xb3b584b379b006cbL,0xf8f232002fa6001dL,
-        0xded262cf2d85354bL,0x32684f9602a212c4L,0x00000000000000ceL } },
-    /* 49 << 119 */
-    { { 0x28f6eb1f7209b0aaL,0xd3ad776d5ceeb136L,0xf5776c122c51355fL,
-        0x68ceac473c98f9caL,0xffe36607a189cdf6L,0xa6aa2cb0c41b5335L,
-        0xb6f97b13f4228d0fL,0xc08f5f9ad8499d39L,0x0000000000000170L },
-      { 0x64fb5744ba209520L,0x285a6f3a3e69bcfcL,0x94ed78757004b6d1L,
-        0x58cae99fdf95df4cL,0x33c25bed249942f1L,0x65d8b14cba4429fcL,
-        0x49855d740b951c72L,0x19c4896828bf84baL,0x000000000000017bL } },
-    /* 50 << 119 */
-    { { 0x4c9d8cacff2d8b65L,0xc45bd92d179f3040L,0xae72e5018e5cdc37L,
-        0xaa449c76f3403c8cL,0x7cc0b59ad969f8fcL,0x82d42d85953bc5f9L,
-        0x42d22f167329ed61L,0x1346f831d79da154L,0x000000000000013bL },
-      { 0x453eefc095d4c1b0L,0xf368d0a9c0151480L,0xe5e70e121c88eed0L,
-        0xd2d4e183ede8dcafL,0xb3c1aeaf2b7c0e96L,0x267cfdc3d7119ef6L,
-        0x726315544d66f240L,0x35a5053f8b3ba01bL,0x00000000000000ebL } },
-    /* 51 << 119 */
-    { { 0x18e992882d99b995L,0x91eaf7bd18da99ddL,0x6cd867b276baf30cL,
-        0x81ddb37e79f3951eL,0x1a31a11da660cd44L,0xfd1d7abdc64bb6caL,
-        0xd06da3853ad047a1L,0x0551dc5d18500d26L,0x00000000000000d4L },
-      { 0xd655dbc4a56c2d9aL,0xefd030860031587cL,0x72e9f59994e89201L,
-        0xe40fe6c62ab9e1cfL,0xe096cda83f4facbcL,0x8f1256653d8ae874L,
-        0x757c85715e1ae9d2L,0x194254584eb4b540L,0x00000000000000f7L } },
-    /* 52 << 119 */
-    { { 0x2b59d0e19914987eL,0x0dd9211ffdcd7c4eL,0x8e64f4307374cecbL,
-        0x2871801fdb74abe1L,0xec2a36fe7eccd46cL,0xa352a1fa019682e2L,
-        0x4d33e93e89fdb09dL,0x0766c47e0aa4a0efL,0x000000000000018fL },
-      { 0x0b8e93435eb6bdccL,0xcc0ff53bc54f61f0L,0x4c56f488f18e3583L,
-        0xe68caf9247091732L,0x3ae769850463bfb7L,0x5e1c264ec3731f02L,
-        0x02c43734b13b2407L,0x39c2841a6ae98aa9L,0x0000000000000053L } },
-    /* 53 << 119 */
-    { { 0x2426d599fceb982bL,0xafc5ece1fee285c2L,0x350815619b7e6025L,
-        0xc7320a8d2bf6fcb1L,0x45755ed78c9bf467L,0xbc3282102df44bf3L,
-        0xb259e7efd74d2ff6L,0x674facb030ed2509L,0x00000000000001d0L },
-      { 0x861acf33a2f0cc96L,0x62db05068367db2eL,0x639033ec2b1fb906L,
-        0x91f2cf72b5b5f399L,0x76236bf2b0eeeb34L,0xbcf075451b047c87L,
-        0x071f150ba29bc4c3L,0xef42687e05dde2d9L,0x00000000000001f5L } },
-    /* 54 << 119 */
-    { { 0x7a8eb2ab0ee6708dL,0xba7e08b7f90168e5L,0x763aac0d3f58f2dcL,
-        0xb0cdc84a7ba2a4dcL,0x02a8bd35f1e3b519L,0x5f39ac1b8e3b9f2dL,
-        0xa042d7e89d98f86aL,0x8096461ca9e64b14L,0x00000000000000afL },
-      { 0x3d09672d4e3e44e8L,0x2506dd9dda7c3de8L,0xf85d30baf4829b9eL,
-        0x082923844dfd7291L,0x915707e19e64b3dbL,0x19683c2c819a0b64L,
-        0x23cc1a36324f5d0fL,0x3d11e9fb33ce2655L,0x000000000000012eL } },
-    /* 55 << 119 */
-    { { 0xf68386fa888aa958L,0x613390b5d9d0f67aL,0xeaeacf1eed2656b5L,
-        0x74b550a872877de3L,0x57fa4d941ab845b2L,0x1225595224eb57b1L,
-        0xa4f4c0fe98a50b36L,0x52f5c07e1ae96581L,0x00000000000001f4L },
-      { 0x30898f2d1028fdddL,0xfb3f5650a0344437L,0xd5033e856a58e784L,
-        0x9e51e2e6ee46b6efL,0xd5e841f005a8c5f5L,0x15887595fa9bc00eL,
-        0x8adf4c9304c01ae9L,0x4a9cd9bb9d9db32aL,0x000000000000016bL } },
-    /* 56 << 119 */
-    { { 0xaa6cdc01e7416b5fL,0x92bfe795ec1feae2L,0xeeb400bddc173db5L,
-        0x8609dbe0bff7846dL,0xecf621229d201903L,0x4c15e42f5a3ec1d7L,
-        0xcd2b85015119af15L,0x981a0c08add9cb95L,0x000000000000004fL },
-      { 0xa6d2f3a0186db260L,0xb259fad5b0c24c87L,0xc68d1b53c7f64d0dL,
-        0x38c1c8c2543c50b7L,0xb3f7a5c61e042c56L,0x2083f846d4498e97L,
-        0x41c5fb320b7d08c5L,0xc5196c8d9c2caa96L,0x000000000000007aL } },
-    /* 57 << 119 */
-    { { 0xee862a82e2056fbaL,0x1f4e8288d286c0abL,0x55158dbfed0751cfL,
-        0x3e72a1b69c51cc83L,0x07e9544a464cbf5bL,0x06b7f08d84ca5228L,
-        0xfd4e306720cedbbaL,0x441f23d2fd663b38L,0x000000000000014bL },
-      { 0xb56e86d029cf364bL,0x2e4cbbe886ee100fL,0xa2ac7cde1af4c403L,
-        0x20b602aeead7dfd7L,0x32db7a58a912eeebL,0x7e46fc37cd65cfcaL,
-        0xa61ce9ec64e513e6L,0xc46e45ad5e355c59L,0x0000000000000082L } },
-    /* 58 << 119 */
-    { { 0xd9446d12d08d5183L,0x1930a976ff54d766L,0x4b5f889fe0f983c0L,
-        0x3f9cb2d9f4cf0b95L,0xf25e0f78a3e156f3L,0x85698419471f2ed8L,
-        0xcd2e901f340547cdL,0xb735b0afe5b67d75L,0x0000000000000090L },
-      { 0xbd5dc2a524d04605L,0x81b22ff6cdaeea52L,0x35e5177fc2dcbe54L,
-        0xa021681e5d5c2a50L,0xb6316fbb7772bd63L,0x7513efa7fac05cb2L,
-        0x2ebe68f969e4bb0eL,0x4ace321e7d9692bcL,0x00000000000000bdL } },
-    /* 59 << 119 */
-    { { 0xfd326e55d25b6175L,0xaebfd41920d968c4L,0x470743454b5e33d5L,
-        0x0c5e0f18553ad718L,0x435094bf6a41609dL,0xe4583ca75b278266L,
-        0x62009983871212d6L,0x1404bbcffc7a545fL,0x000000000000002fL },
-      { 0xe34736dd5f7295d9L,0xf5e4b0cb1eb15ba6L,0x1815b6fdfdabc947L,
-        0xbac35e1fea16f54bL,0xd9adc92196fefacdL,0x8bd671a7a338e668L,
-        0x024352aa43905638L,0x7f4f43cc43d3b2ecL,0x0000000000000084L } },
-    /* 60 << 119 */
-    { { 0x74409db3feed975fL,0xe70514b682733880L,0xfe1b718ab5a41e01L,
-        0xa2059a6544b53e78L,0x25c2079fb1fe6720L,0xea6df9fad9cd24f6L,
-        0xe5f1f5b4fca222f5L,0xe8f6dcb4dcef0479L,0x0000000000000039L },
-      { 0x2cfc5286b2a16b82L,0x25ecb74775d40713L,0x4b263a4755dda1f1L,
-        0x0676b9c117aa9c19L,0x6f2e9310476acc39L,0xb27ef44fd5c4e15bL,
-        0xb5d3e4f79d72b9d2L,0x8a3aeb37ca49521eL,0x0000000000000038L } },
-    /* 61 << 119 */
-    { { 0x1a80ebd82d914976L,0xd5d1c8cc996eff0aL,0x06ac9a8535cba3eeL,
-        0x381d54f62e809546L,0xacf4ce4c769411f3L,0xa64b28314a37638cL,
-        0x13d99aaab7cc63d7L,0x462b14c7a591857eL,0x0000000000000192L },
-      { 0xf3807c3ad22ea880L,0x76f9339636cd3b1bL,0x77d0bc89d2ab27d0L,
-        0xd7e7f64e87dcabebL,0xef3f8eaa3ec8afddL,0x698141961205cc30L,
-        0xf89c8a8ee16e9331L,0x95b0f6fd2d30c290L,0x00000000000000dbL } },
-    /* 62 << 119 */
-    { { 0x3471f7f706f7bfa9L,0x912385e739e980bbL,0x829fcd40e8774d7dL,
-        0x637e17490e295af0L,0xe2aacc7d9fab3a4eL,0x1e074bab0dc9e073L,
-        0x53fe3fd6bf348272L,0x0779d4332877f11bL,0x0000000000000076L },
-      { 0x44b3a7711763e639L,0x50a471be9d95f8b3L,0xb50122f106d99fbaL,
-        0x6fc8784613054c47L,0x33befbe2d0e71575L,0x1cac97e3789e115fL,
-        0x3f61f57e455d8c54L,0xec75111ee7dac210L,0x00000000000000c7L } },
-    /* 63 << 119 */
-    { { 0xae4363ed7c759c6eL,0xb663d67dfa6e2ba0L,0x745abea27791af0aL,
-        0x708b4c271cfea43fL,0x90ce598808d390fdL,0x3142798061acbc72L,
-        0x413c40bf20dfc34bL,0xc7577fba6be74f89L,0x0000000000000054L },
-      { 0x4f315b816225f675L,0x08b7537d99b0789eL,0x0723ee516f760ca5L,
-        0xe6fd90d08bcdfc98L,0x40eb0f9177226310L,0x6412fda8f8b2e5bcL,
-        0xf1421d2a7e40a5b9L,0x846449c3f273b934L,0x0000000000000165L } },
-    /* 64 << 119 */
-    { { 0x7ac007ad8451ad30L,0xadb09d590905b6a7L,0x96b382333ed8d9dbL,
-        0x7ba1ab90144aaaaaL,0x2d31fb344abae176L,0xc0471119d1d9cb6cL,
-        0xe56b681221c9fe02L,0xfd040d70efbd1643L,0x000000000000009eL },
-      { 0x91c517c02975af75L,0x7a77c8f2834de3adL,0x7dfd1527c6e95530L,
-        0x982a2eef0ea03560L,0xc340fe70c7e0205dL,0x302ca446735bc119L,
-        0xcc1072285c271f62L,0x9ba4e55bc486fbdaL,0x000000000000006fL } },
-    /* 0 << 126 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 126 */
-    { { 0x6a00d57da5e6776fL,0x8a138da8dbd9bd8fL,0xa059ed07d5fddaa1L,
-        0x4f6122d91a42e212L,0xe72e39c509d704dfL,0x025696a8f15340ddL,
-        0xe75fa17db760bafdL,0x1b7950b1017f537bL,0x0000000000000109L },
-      { 0x1e1af3bd3f72ec2fL,0x0b95f25a8df112a2L,0x6f3e98aec4b96ea1L,
-        0x5b890eecf3ddf2c6L,0xb4e902c3d1b40c40L,0x331cef2678e129b2L,
-        0xdf376cfca4f572deL,0x9299466aad414479L,0x0000000000000103L } },
-    /* 2 << 126 */
-    { { 0x36252c7bd5a6eac2L,0xe218a649cae5dc4cL,0x690f3b49b249829eL,
-        0x4858d6576e5a7464L,0x6e4b2ca633ae77e0L,0x28cfd8ba871586adL,
-        0xaadaabc9d63d4d38L,0x2ea000e98acdd480L,0x0000000000000043L },
-      { 0xbb0525eeaa905e22L,0xd6ad676ea045363fL,0xa0abe10eadbb3a6dL,
-        0xbf7d435a49793facL,0xd96b7452c4dd6260L,0x4e64c9930aa813f9L,
-        0xac364502001a15ecL,0xc33efef71af6493aL,0x00000000000000eeL } },
-    /* 3 << 126 */
-    { { 0x4ac52cc0248119eeL,0x69c12fe2732cf0c4L,0x4ed67c2a560e7ac4L,
-        0x82f29f7e79346ba1L,0x47607b94f488c23bL,0xb39bff863dbb4817L,
-        0x91de351665116670L,0xafd0ce8fa77373f0L,0x00000000000000d3L },
-      { 0x9d96404bc2a1911eL,0xa43a089a21382683L,0xf16276e883e13d93L,
-        0x581897d09fe988eeL,0x3ad0dd8b998d0f46L,0x078f1a9bb6143261L,
-        0x303d457410d18924L,0x0bc45e0c82a9a0a6L,0x0000000000000076L } },
-    /* 4 << 126 */
-    { { 0x9aecae2d6a3cf15fL,0xd9d0b49a9c959376L,0x4aad945457cc7e25L,
-        0x683618323876fe58L,0xccc6f2d82bd9dc24L,0x3970525c605bafbeL,
-        0xf17524eda2c5499dL,0xe30b69d5b0c7bf4fL,0x000000000000005fL },
-      { 0xa71532adb5d073b0L,0x37159fb3b4fb97b3L,0x15b655b27a1fff6dL,
-        0x55ac89ee9e08a89cL,0x13cfab6bbc027776L,0xa57a7f289dece9a9L,
-        0x65a3d815c03a1d45L,0xe5cd61ea95515dbaL,0x0000000000000100L } },
-    /* 5 << 126 */
-    { { 0xb5c48a06cfc6b235L,0xaa7c3f7009f1e479L,0xb6bb50cf899f94e4L,
-        0x3e0823b34b850b6cL,0x4777c2c2795acd34L,0xde6999f169c9c574L,
-        0x5d3e7f18cae69639L,0xa0a30c05ee76b726L,0x0000000000000095L },
-      { 0x0d1df4b3760bd806L,0xe76381175f56b063L,0x876307d8fe5fc610L,
-        0x0db04d83536a446cL,0xf020f6b4437b971cL,0xd5eae3a0ee10ad1cL,
-        0xd8041973920ed5ecL,0x42825e955216c588L,0x0000000000000147L } },
-    /* 6 << 126 */
-    { { 0xb0da1338de123c1fL,0x0e0c698e649a8652L,0x812b95f93c9b1fe1L,
-        0x15e7b770d3b3714aL,0xd75d98da400398eaL,0x86663448a6666434L,
-        0x8a820ce79a26a89aL,0xbcd785914d7f2fd1L,0x0000000000000058L },
-      { 0x470af7d334f3d449L,0xa54f2eca47a36f7fL,0x1a1afce9ab8573e2L,
-        0x180bb5940e1d26f9L,0x0adc2f21c2f87c19L,0x0292b1813d39dcddL,
-        0xd116d62af52b928aL,0x803ab7608dc43b17L,0x00000000000000f2L } },
-    /* 7 << 126 */
-    { { 0x9fabf32c1b953f8eL,0x6a1919f297c27760L,0xffc5895b235fa996L,
-        0xbc6a06c9a860faa0L,0x08a3f0b8f5cf032cL,0x1b50f6d7e54d862aL,
-        0xbef9525a2ee95ce6L,0xd29d4cbec0cf300eL,0x0000000000000078L },
-      { 0x3298f5bef6f748fbL,0xa1477e05624cb33fL,0x790a733bfba77178L,
-        0x5c71c7fb1a852470L,0x412df1e51e5e062fL,0x1deae6b98494f310L,
-        0xe28bc9e2a851449cL,0x0a8819713101ceafL,0x0000000000000076L } },
-    /* 8 << 126 */
-    { { 0x64107659d44e9b1cL,0xdfe2b3ed599694f3L,0x348b163455939fefL,
-        0xeb5fb1860b2f8b7aL,0x19d2becf5a1469b5L,0x24c67ff96bea8f5aL,
-        0x1a4037a85924fde9L,0xdd0e9acefe0231aeL,0x00000000000000f0L },
-      { 0x5b3f06a237cee8e6L,0x3ccc49c67e4a80a6L,0xe8729cc405b38a1cL,
-        0xa51323391f4373f1L,0x1dac8246b3a773f0L,0x9824b4980193d5b1L,
-        0xb63e677ac4db540aL,0x9c74537f5f10a7c1L,0x0000000000000094L } },
-    /* 9 << 126 */
-    { { 0x04c48d47fb40834aL,0x597722f2ce2a8ae7L,0x60d17d9eeae4d77dL,
-        0x621c37135b996e51L,0x57bdcd302bc1e0daL,0x8dcb34eedfdc6cc5L,
-        0x5252936144ce5a05L,0xbf52929bce1a2ef0L,0x00000000000000dbL },
-      { 0x1b8e10a725993998L,0xfb6d649983675966L,0x03318a2d858e41c6L,
-        0x6b6b365e33cd6c75L,0x3aa091143500ee2eL,0xf2ac959d6840c8b3L,
-        0xf677e86103445169L,0x2a0d3377b52f2064L,0x00000000000000ffL } },
-    /* 10 << 126 */
-    { { 0xbf7a23f2f851b8fcL,0xc1bd1b74db32c685L,0xd0ab7f93138501b8L,
-        0xe7c5770454cdc320L,0x6b64807ada0a6e60L,0x84f83a22d75c0a8bL,
-        0xa555aa9537b4524eL,0x56787a37b6459681L,0x00000000000001a2L },
-      { 0x4479f49de83cd71fL,0x4f53ebedc838cf55L,0xcba234498ff72ff6L,
-        0x203ff691435a3557L,0x51f0d2949bb325e0L,0xe3da5139806ceb26L,
-        0xcc4b204ebe6bbdd2L,0xf05ef8e12e3bef4aL,0x00000000000001ddL } },
-    /* 11 << 126 */
-    { { 0x8726192031da68e9L,0x8d660db73619c127L,0xf3d5a3e2f282597bL,
-        0x9f1535cd54448812L,0xaba3e02b18f499d5L,0x70d4159c457d8737L,
-        0x4a86b7edcd6f52acL,0xb48981d296176e37L,0x00000000000001dfL },
-      { 0xe05b90319a61218aL,0x1933ad6600381905L,0x32c647a4988b8b38L,
-        0x4dda10b72c5224bfL,0x2083d17f002c8769L,0x76184ea513c0705fL,
-        0xa4ab64210b653f0fL,0xaa24960e3a9ff008L,0x0000000000000010L } },
-    /* 12 << 126 */
-    { { 0x21cbb2c74ce9abd3L,0x7f157a4845073c39L,0xbc887f720de2380eL,
-        0x295bad1c6f96a397L,0x9bb39be48ff6daffL,0x65b52767d80498e3L,
-        0x1b07529402b936a0L,0x04c89f2fb90ec0fcL,0x00000000000000b4L },
-      { 0x47f62ce6f3bf4b3dL,0xf79921250e3e0bd4L,0xe1555bf8a14a6183L,
-        0x8169e02567f3936cL,0x62dae8ae846ce4b0L,0xcee40b04fe0b0558L,
-        0x520c3e208fe270e1L,0xa1f2420ec44de629L,0x0000000000000150L } },
-    /* 13 << 126 */
-    { { 0x87a4f58f95002c4fL,0xc0f5a15375cb2b64L,0x462b10584fa3bd39L,
-        0xa53461051d56f6ebL,0xb2b70b8860c20135L,0xdcbcdccb9df24a37L,
-        0x71d030c375cefc7bL,0x389a788c776a7674L,0x00000000000000faL },
-      { 0x26ad8f5398b8d9f1L,0x33640e375d442332L,0x4831351d6a8d3878L,
-        0x8f84df35bb4f8ecdL,0xf9ee728f0921bbf5L,0xa4768d023391c771L,
-        0x07b56316b867956aL,0x9e1ae1cb2338f7bfL,0x000000000000018aL } },
-    /* 14 << 126 */
-    { { 0x3b0ae395e4f69814L,0x5ff5c84e6a747e34L,0x35e69b0a29ef0396L,
-        0xd1b54c35835654b0L,0xe247e93979cfc63cL,0x7efb57321f7bdd7aL,
-        0x07af836785156ce9L,0x3437319c68ad0803L,0x000000000000014bL },
-      { 0x3162f3727ac81dc5L,0x9bb5caf4f08565feL,0x467224e5d19abfdbL,
-        0x92050b4fbbfb8528L,0x2a78b72b6812bf36L,0x33a409687b2efcf0L,
-        0x4ebd9e465991d0feL,0x68ffa516e8555f3cL,0x0000000000000100L } },
-    /* 15 << 126 */
-    { { 0x415876531dc87e3bL,0x40fd387a843c306eL,0x6000915d01f6cef6L,
-        0x86df2dc147a8966cL,0x63a5132075e86f42L,0x6ee59bb6b9751faaL,
-        0xbee42edc6eb0fe81L,0x7d4ceebf9df2a3daL,0x0000000000000188L },
-      { 0x59eec8519e8c84ebL,0xbe9bc225ac158f45L,0xb50d7f7ff403ec17L,
-        0xcae0e31f86689313L,0xa85359400a613f4fL,0xd2fc94710a594025L,
-        0x900273e8256edcefL,0x1b5776c2b67ee0d4L,0x00000000000000d5L } },
-    /* 16 << 126 */
-    { { 0xc773faacbc875baeL,0x5ad3cc9408dc8719L,0x23a9cf666fd3dbdeL,
-        0xf9c47b69a4c8d8feL,0xaefdcd39fc6d9e13L,0x3647f3a92ef2fff0L,
-        0x7fbf9d741f53ee3cL,0x9199963d85e5a502L,0x00000000000000efL },
-      { 0x191173743ad5b178L,0xa5892671f086fdf5L,0xa828f5beaeabb8b1L,
-        0xa9c1a33e62711d4bL,0xf8a2e9b101e1de48L,0xe5eb2de9568801daL,
-        0x3e0b7a845f2f8052L,0x074d3c36ddb76ffaL,0x0000000000000160L } },
-    /* 17 << 126 */
-    { { 0xe3bba4c44e1d104aL,0x23d230985486ea3dL,0x23f6a18676d19da0L,
-        0xc286b66dbbcda9b8L,0x9e42651ea2ccd664L,0x597a8783ea75aa04L,
-        0x688cb16b74bcab22L,0xd983661aec74a513L,0x000000000000017bL },
-      { 0x7065739f19c41974L,0xc026315ab663d886L,0x0417e4ca5bc05ce0L,
-        0x9e43b822c05ef3e7L,0xd2e8450ef16ab5d6L,0x278211c0ab315709L,
-        0x9bb0e36146c481b2L,0x222788b5f3acac77L,0x0000000000000164L } },
-    /* 18 << 126 */
-    { { 0x9a36088c8517b761L,0x1d49f690e77f2f41L,0xaef7ca451b4af218L,
-        0x9629c9c7b17e4fabL,0x052e9acce55663cbL,0xac455c5874b22e1aL,
-        0xcf000252de25ce2aL,0xddb6e6c4449e7684L,0x000000000000008eL },
-      { 0xaf28bf6377f6ffe8L,0x3b6eb30b6fd5f4b2L,0x77b4244aef362208L,
-        0x5db842e4ca41a1f6L,0xd7a8774263a815d1L,0xe9a9c316ac2312b0L,
-        0xcbd383be87fa009cL,0xbe2a91d2de5be94bL,0x0000000000000041L } },
-    /* 19 << 126 */
-    { { 0x1c18d8a676f3e8f0L,0x4521da83a2651f7bL,0xc8d2991e18f7ac31L,
-        0x96c25646c128653aL,0x852b44c9acc53a44L,0x9fad53c52030825fL,
-        0x207273a08d2d18e1L,0xd9dee4ec3094fcfaL,0x000000000000011eL },
-      { 0x3720de1cc5166970L,0xbcc50de4fe148454L,0x059615420b197ac1L,
-        0x940a3e6cabb72c37L,0x19cec56f63a3ba33L,0x94b04c0ec28fc6deL,
-        0x337e7309aade99efL,0xa9b60e49406b3fedL,0x0000000000000148L } },
-    /* 20 << 126 */
-    { { 0x3ca5ae614d0a48d1L,0x39648cec7f021444L,0x3c92b2521e90c6ddL,
-        0x776994bc94a49837L,0x53e54c207ddbf5b2L,0xfaf593c7d4576141L,
-        0x17e000c226cc7ab2L,0x9484de380bf5318aL,0x00000000000001c9L },
-      { 0x7aa1d4d397546078L,0x06b60ee9f1e5fd32L,0xce10bdf08447917dL,
-        0x40fd8d610e3de8abL,0xa3c917af34e29cc4L,0xa7bb1b542c27de76L,
-        0x6992979931e6c453L,0xc668fbe42f185b22L,0x0000000000000142L } },
-    /* 21 << 126 */
-    { { 0xe0dfb4e582a7839cL,0x724fc7b532068c9fL,0xf8510404a4a51707L,
-        0xf65fb0e634e33830L,0xa1ae29bf48e5b4d0L,0xc70a3beaa3d3410aL,
-        0x131c23e466a5d1beL,0x5eb1c285d107cd51L,0x000000000000019cL },
-      { 0x7b61971c7c414730L,0xc722293b3a7e4352L,0x0d3203c6f5ae7457L,
-        0xaa7fafaaf773fd74L,0xf88c67cc68830e7dL,0x5a71236c09730382L,
-        0xa1661f7d1701c04aL,0x4e8979467ed93ad0L,0x0000000000000099L } },
-    /* 22 << 126 */
-    { { 0x10ea083c5ec936b2L,0x6011069c58b11715L,0x3e58532003a1796fL,
-        0x538e1d0310eabb5aL,0x4b9640632ab5d141L,0x7d34fa8206aba7cbL,
-        0x81692c655f1e613cL,0x2f3ed8894411f352L,0x00000000000000a1L },
-      { 0x3cea6506f6fe4425L,0xb246f4318a8d8686L,0x69666392fdb1c07dL,
-        0xf8e2a71872b25c8eL,0xc2f6c4bc10e81a1dL,0x5c6746ed3d2788f2L,
-        0x92d9bfb31d236efdL,0xc65dc241f922e874L,0x00000000000001b3L } },
-    /* 23 << 126 */
-    { { 0xa01148ecf4a21f7eL,0xfd85ea9c5d0894d3L,0xc1349c182e3e497fL,
-        0x6ff182da3115b3ffL,0xc67455c26be8d31fL,0x559369800aa15b5aL,
-        0x35904c6ebdd17173L,0xae743b7d52b5b531L,0x00000000000000c3L },
-      { 0x4785276788ebfa67L,0x7a8daccd6235572bL,0xf8c7cfd6e9fb4fe0L,
-        0xece07c0c6f9f658aL,0x121e045b2550b943L,0xdcf493e709e11ba8L,
-        0xf120183ac50b4aa1L,0xb68ec6f24668c0f4L,0x00000000000000fcL } },
-    /* 24 << 126 */
-    { { 0x953b8ca7af0603f0L,0x4b5eced77e21e713L,0x427652e12864dca9L,
-        0x547f5fb516cbfbb1L,0x6ad85c7ef75f17f1L,0x469af7948222107eL,
-        0x20d4c8e79bef1085L,0x867d4d0b152552e6L,0x0000000000000142L },
-      { 0xbb5ffb0cf3f26574L,0x047c1bc015cd38c0L,0x76c5dbf176f8e575L,
-        0xf7eb7b0e20d33c17L,0x1e9cc21e6d879e9eL,0xeb2edc8340ca3223L,
-        0xb0aa90a8290d165fL,0x7c17d3b223c1ef71L,0x0000000000000055L } },
-    /* 25 << 126 */
-    { { 0x91d91ecf643d458cL,0x962345a55e8691a1L,0x883ac05d1af94a9dL,
-        0x747a7302f476f098L,0x44c326ffd0667890L,0x344aaeb5f76f1602L,
-        0x60e6437c716561c5L,0x412f5a0546540e4cL,0x0000000000000104L },
-      { 0xb0553215617eda16L,0x8d95ffd17e7cdce8L,0xe1162d136fa892cbL,
-        0xd69a1ce67041a11eL,0xb8559697a144ed95L,0x6ec56d46024f8ca9L,
-        0xefc9cdeb514bf316L,0x69d2c9b290a22342L,0x00000000000001abL } },
-    /* 26 << 126 */
-    { { 0xc9f4133c7443182bL,0x8a6b2562f5d6eab0L,0x8ab8fc0b96e13ea9L,
-        0x1070f3aa810771e3L,0xe8745a7c01bb3865L,0x97bf12d49586f6d4L,
-        0xa82edb725d473130L,0xa75508ecbe3c9bdbL,0x00000000000000e9L },
-      { 0xdb554bec480c4283L,0x647fca1d341e42eeL,0x7dabe114766ae5bbL,
-        0x7b5db510e7581fb7L,0x4f1647c0bb3a71a7L,0x5389934264d27664L,
-        0xebda4815606cf2edL,0x7a8fe4ecccc611a5L,0x00000000000001bdL } },
-    /* 27 << 126 */
-    { { 0x7e2894589cb55c95L,0xa834c287ecf5f9e0L,0x4a74f1cd2bc1efeeL,
-        0x6a1f60941ba0db9dL,0x3cd9e239da42e0c4L,0xeac13ef43e2dbd01L,
-        0x99353f4571c37766L,0x5c633343c0c9f425L,0x00000000000001c6L },
-      { 0xc7d01c367439c08aL,0xec5613e9d32aca4fL,0x884fb18182f492fdL,
-        0xa551f913b6c01487L,0x15b7ed76d5a46ea5L,0xe961a4ea688f0277L,
-        0xc7addc6a16149e7aL,0xb3ee69e80d41a979L,0x000000000000001fL } },
-    /* 28 << 126 */
-    { { 0x80fd3dd3c1e4a87cL,0xf2230946e63e847bL,0x9d51e3a3477178b7L,
-        0x06b089a460b2e4deL,0xf98e4cdc53ccd5f0L,0xfaba504ae9e18aecL,
-        0x22b799be34dba1caL,0x75409d50a4c9ca6eL,0x00000000000000f9L },
-      { 0xec619962617902e1L,0xed26be734c58c299L,0x083e94e46d1c30e8L,
-        0x2c8f71158be269bdL,0xf7c13ea9e0fed762L,0xb6c9bea0b517e55bL,
-        0x7d656933aeb4bec0L,0xf386fed9ca01bf37L,0x000000000000007dL } },
-    /* 29 << 126 */
-    { { 0x9263b871dc1dc230L,0x0208cb151bb6cdf9L,0xe767b789fbb07097L,
-        0x180f1502fe499e7bL,0xeb8fc35d782cd35eL,0x0e5aede16d18dc13L,
-        0x596979e9075b5f1cL,0x93548273ddab0649L,0x0000000000000108L },
-      { 0x6484acaddf9a9c9fL,0x698f20c8bfee6c7dL,0xb3f89ba614c8b2d5L,
-        0xa1b11b16c07bd4dfL,0x5a5eef740acd17d8L,0x5f2d1074f24e1b0bL,
-        0x161a5489766b5674L,0xb208a6abda3b10e2L,0x0000000000000145L } },
-    /* 30 << 126 */
-    { { 0xd57b41e5ce2874a6L,0xfbf0d623b5bd9b26L,0xab64b932fd3750a7L,
-        0x12be25d6586fba44L,0xf28a20cd1402ddf6L,0x058c0a6028b9102bL,
-        0x27678cf4d68b4aa4L,0x927445e5de23211dL,0x00000000000000f9L },
-      { 0x46a5c0939c6e96d4L,0xcda4538f010f2c55L,0x5053aef6b0b776d3L,
-        0xb0f5c0f895e614b4L,0x0d42f943f2856b07L,0xfe51414f426b1275L,
-        0x49b65061a5de95fcL,0xf4a6fb5cadbdf4beL,0x0000000000000040L } },
-    /* 31 << 126 */
-    { { 0xcbeee2169021308fL,0x2959093bd6ece14dL,0x68d757404093d151L,
-        0x77a6a05785259344L,0x63b1a5fb6d893564L,0xd7bcdd88e3e35d1eL,
-        0x76f862a445c13992L,0xe466691221730cecL,0x0000000000000056L },
-      { 0x23e1ecfbce1e1e57L,0x3dd3e08822c19c3aL,0xa7d0301032146b0bL,
-        0x35193697fe806487L,0xa9f13fa54854ad0eL,0xe4ba06e756149ff5L,
-        0xfa5cbd737e6032dbL,0x3f663df3adce1658L,0x0000000000000197L } },
-    /* 32 << 126 */
-    { { 0x1036eb9b66fd07caL,0x6ca52cc16b7fb490L,0x512e973ed3e0c270L,
-        0x889980bf73d92d11L,0x38b4cfe4a4005eeaL,0xb6f992cc8ceb4313L,
-        0xd0ac2f8d6daf7c23L,0x1ccfbf17e32a93cbL,0x00000000000000c2L },
-      { 0x7bd9d6f12f508ccaL,0xe82d7171595a72afL,0x25d0297697512873L,
-        0xefc1de8b8cf39fbcL,0x25e6b77f9a1237f4L,0x9f3b73e7d4d98b5dL,
-        0xe1fda62beccb07feL,0xdb813b03625350cfL,0x0000000000000014L } },
-    /* 33 << 126 */
-    { { 0x7907b2c97fcca66cL,0x6516825362d05422L,0x94e0752213f45a4fL,
-        0x1ac91e11c4c62129L,0xef3c27c76a4cc2acL,0x5677109687867eccL,
-        0x091994ca1289a9e2L,0xa3d70e2a75d15d56L,0x0000000000000004L },
-      { 0x5072005570aedaf7L,0xd252fab22cf95f71L,0xcb0c8766830ec191L,
-        0x3fe6bf257e18f064L,0x5c5ce223ae21206aL,0xba44c780c5b7f1b0L,
-        0x339a7894181afeebL,0x68d02a575ff231ffL,0x0000000000000134L } },
-    /* 34 << 126 */
-    { { 0xe8ab1445c5eaf5e9L,0x95d96c674d22ede6L,0x03c3ab6cb7a0fba7L,
-        0xeb3b5b6796487583L,0x171befc1c3e7d0adL,0x8b43bc1ffef58ae3L,
-        0x11800901171b454fL,0x6a42fc801f5358b5L,0x000000000000002fL },
-      { 0xbcd8373de74453acL,0xefaf2d8e8b03d1efL,0x7e17c8902b434397L,
-        0xff3a65b4b0f49b6fL,0x288d883d723ebfaaL,0xe152b3f524e32fdcL,
-        0x2f044966e2dff973L,0x16f0bf33f2c0ae62L,0x00000000000001b3L } },
-    /* 35 << 126 */
-    { { 0xdc6b5651efbc2867L,0x077952546b03925cL,0x2860cb96535d4160L,
-        0x273f6ef8fec0f37bL,0xb7b144148bb7ccdcL,0x012561602d4018d9L,
-        0x84671a39bfddf7afL,0xd52d837cbaae273dL,0x00000000000001aaL },
-      { 0x4b1d19cb649da549L,0x4c354d7d9cecc0b3L,0x64e4665700376779L,
-        0x247cc8922e59378cL,0xb4be23495c6e18b1L,0x5793c5c864dfd529L,
-        0xc486d6656c38c470L,0x0494793f93ade6aeL,0x000000000000015bL } },
-    /* 36 << 126 */
-    { { 0x2b675aad33c1333aL,0x5b635d5de3f70bc6L,0xdc1b161fcc3993dfL,
-        0x3a966f3c07e1c9cbL,0xbd684a329fcdec80L,0xd7b51c19f12c7088L,
-        0xadfdefb4f549b4dcL,0xe542877b58db90bfL,0x00000000000000c0L },
-      { 0xd7a8f7cbf2b37e98L,0x0898feacb303eaa2L,0xc40968038ab3ec65L,
-        0x178d3f6fd7d2f42fL,0xceb00cd5c31552ebL,0x85d9d2b5d878396dL,
-        0xc6b51a1f2173b3b9L,0x3de5f48ac997717fL,0x000000000000008dL } },
-    /* 37 << 126 */
-    { { 0xdce090edcd84da75L,0xb1165394678048f7L,0x58e1c4df92f6f8caL,
-        0x8347365693eda7aaL,0x88359b5039500625L,0x455fcb1a6424b594L,
-        0x11ffcbdad7a86a6bL,0xabcf989ad68b45afL,0x0000000000000121L },
-      { 0xbba5977cf6d851a8L,0xd4a4f5319a39399bL,0x933ce57bf1b1f725L,
-        0xd9e63d1970d12e1eL,0xe8a4a94f4c3e73b5L,0xb54fbc144103bbdbL,
-        0x8b96cc8c90f25055L,0xb660990e7ed06482L,0x0000000000000154L } },
-    /* 38 << 126 */
-    { { 0x89568720a7253d96L,0x1f68812e0b93c9e3L,0x14077833b832d791L,
-        0x9374abd0a1b1c6f2L,0xbc4a0f3f2945ec29L,0xcf31921a8bc301a2L,
-        0xd2aa436db992ae7aL,0x9a3d6309f1dcf7b2L,0x00000000000000b4L },
-      { 0xd6cddd57e108567dL,0x97dd4615bb904179L,0x9724b58f7f8e9eacL,
-        0x20258807decb2b7dL,0xe3ac333cdf5e10b6L,0xf0ee0a7bde6510deL,
-        0x502e4677f77ffa98L,0x05bc4724ed6c6731L,0x00000000000000a0L } },
-    /* 39 << 126 */
-    { { 0x14ea632747944f6cL,0x4b542fa18e12e641L,0x9e73d65b716c29b4L,
-        0xce4fcd50943d8274L,0xc2d8f4bcd50b1954L,0xf56c1429bcaa5d11L,
-        0x4d3009e5bbec9109L,0x74cca9dfa25b9016L,0x00000000000001eaL },
-      { 0x0d3ba441245ef27fL,0xcdfaf08b5f09ac0aL,0x20f8b98d19f3dcfeL,
-        0x0de8607dec975f66L,0x9137d362b488e1c8L,0x4bd2dd285453d7a0L,
-        0xd98457be533bf6e9L,0x492026fc9c747fd1L,0x000000000000019eL } },
-    /* 40 << 126 */
-    { { 0xfbefb8c9644f809dL,0x5013f5ad50b747faL,0xab3c8de1a054a0c4L,
-        0x687c5279c608ef1dL,0xfd4c40096bdf1f8aL,0x49caa9ab72a4a4a9L,
-        0xbbf3951812790b7cL,0xe0535999b6373459L,0x000000000000007aL },
-      { 0xa2dcab70fe2fb036L,0xc2aa9ad018b31f0aL,0xb5a76e592be108efL,
-        0x68ff6f12ba3ede8bL,0x6da7ac98e860842eL,0xdba409b2969f77f7L,
-        0x490dd67bf92b2ef0L,0xfa837cde26207a6eL,0x0000000000000143L } },
-    /* 41 << 126 */
-    { { 0x19f334f8515e0800L,0xe86806502435b94cL,0xbcb190dd8313a87dL,
-        0x834b84a8ec5a36baL,0x15203a655639ac59L,0xa8752a705230a929L,
-        0x37ae9b10e149343aL,0x3cdbed17ccf9e664L,0x00000000000001a6L },
-      { 0x7a8926e6dc707695L,0xbdc0bd41fa849e17L,0x46621657668bf25dL,
-        0xcdac0561b33a596cL,0x359a86131244fbc0L,0xb6d5d31e02b73688L,
-        0xebcef3d390394d81L,0xec76090ef03972baL,0x0000000000000140L } },
-    /* 42 << 126 */
-    { { 0x951148835e5ef22bL,0x9125af3b086c572cL,0xb24ef04ff594e704L,
-        0x414a4c09671591deL,0xc586772f55b0d554L,0x41daf9a1e3d723a3L,
-        0x7a8f5eb2def1abf4L,0x60825c418dc54c39L,0x0000000000000185L },
-      { 0x40b62591f51569e0L,0x0696b545d752fec4L,0x60b8363c88119cd2L,
-        0x234f3e85ae327b8eL,0xd31f4f0acda9ccafL,0x3d581d7377e5ebc5L,
-        0x4e9b38118e20d693L,0xc3db07bad0c29c3cL,0x00000000000001c4L } },
-    /* 43 << 126 */
-    { { 0xbe476abd5b92e5ddL,0x7338532b16d1237dL,0x022f670f6870cfdaL,
-        0xeb8dc7c79b90dabeL,0x393200eecda571a8L,0x0c6aca6791ac6936L,
-        0x14346e26488cb230L,0x273065e39536c901L,0x0000000000000030L },
-      { 0x13aa183bc593d9b8L,0x48ae6dc7343198d8L,0x7b62448571798e8dL,
-        0xea83244ea71750d3L,0xf55e8ab5f6a39a13L,0x1728d30129d92e75L,
-        0xd50d981f10614337L,0x6b0decaf77d6383fL,0x00000000000001f8L } },
-    /* 44 << 126 */
-    { { 0xea856cb6b878c367L,0xa9c546214a4fe60cL,0x1019fc69abf32138L,
-        0x6c4b6ccd06730992L,0x1a311a6d0e41375bL,0xf0248235114992a3L,
-        0xf41b1b39764b38c8L,0xce60da46dc105e9eL,0x0000000000000114L },
-      { 0x6aa1e85bb3994b60L,0x71512ea2c86972bbL,0x0741f2c4ee618490L,
-        0xca37bb0da39e9c5fL,0xde4d4610ac5d2a89L,0x4f6c0db09ab5d88cL,
-        0x81bc4e8876ac9892L,0x69c37cc885406e8bL,0x00000000000000d0L } },
-    /* 45 << 126 */
-    { { 0xdee629187f42e8afL,0x5cffbdddd3afaadeL,0x4a1b49fdcb2e4014L,
-        0x50618d1c0d3d2d10L,0x33f3664eaae624b4L,0x0cc69b93cc062199L,
-        0xb24a2b9bc82d9ff4L,0x3aa76f87ba908201L,0x00000000000001deL },
-      { 0x2be85cdcf5e32e54L,0xbf49717e92be486aL,0xc399c36657a1a1deL,
-        0x6fca0189fbd93af2L,0xae241e2234367725L,0x09d626afae886ef0L,
-        0x98529fc5b2523cdfL,0xb9cf93bb7627b317L,0x000000000000016dL } },
-    /* 46 << 126 */
-    { { 0xec182c95314f1ef3L,0x639755d63bb94f80L,0x68f1135f4226cd5eL,
-        0xea726aae144b80b7L,0xf28425f789e8c673L,0x6b1aa275b32750e6L,
-        0xad084021d82069ffL,0x8a46c57d9ec866b1L,0x000000000000001fL },
-      { 0x67b95be0941c5c8aL,0x276c490eded9fac8L,0x8420e9525734f9f6L,
-        0x02f4cdf9bda6a56aL,0x7a37266e3ae782dcL,0x3980321a3e284d56L,
-        0x36a300897c1d0382L,0xc0e8d093bc4d5b39L,0x000000000000015aL } },
-    /* 47 << 126 */
-    { { 0x067b652bab71a0a4L,0x556b7ba427ec168fL,0x5148f2daa39161e7L,
-        0x37949e842818aeaeL,0x06837989d63cdbc0L,0xecae47c32c2781d1L,
-        0x3a35acca4f826df1L,0xbe89aad66bd0dfeeL,0x0000000000000069L },
-      { 0xa31d586b613eaca4L,0x01ae304c231ef718L,0x85eddb49ac30afbeL,
-        0x535eb7b938cfa36bL,0xb71c1334f948b8d0L,0xf0bb2d35722426beL,
-        0x022926d36e23d8a6L,0x9229e9f90a053ffcL,0x000000000000014aL } },
-    /* 48 << 126 */
-    { { 0x2d8061ae51e200c8L,0x2ed4baeacba53504L,0x7a99581d1a816471L,
-        0x918011cd8e03b1bdL,0xebf02ce3403bb07bL,0xe34fa50b55b600a9L,
-        0xc9b864cdbfd6e3caL,0xd321624427effe1aL,0x00000000000001ddL },
-      { 0xcfade4e193849908L,0xc0f031bf48a0e903L,0x7d2b8b8ebce49719L,
-        0x42d55ff0b518922fL,0x1f87d2e3d6fedaacL,0xd2e6ac95fb5ffdecL,
-        0xfcf0b4b31a3a896aL,0x5a3b6cf15070e85bL,0x00000000000001d9L } },
-    /* 49 << 126 */
-    { { 0x6fec5fae1ac7901dL,0x4e7d2ad3ab3555bcL,0x6cef79e4c1f20c1eL,
-        0xad3307c2b04f2014L,0x51bf0ad4f00438c5L,0x77be5b640c555e7cL,
-        0x656812453f950e12L,0x233d773f91066329L,0x0000000000000136L },
-      { 0x1416db4b63b0a3cfL,0x0c8a94bac1652c6cL,0xc516152a81614204L,
-        0x48b25ff63cfe5f60L,0x1d525e0bfc3f6c21L,0x9e60149106bb637aL,
-        0xb042eaaac477a455L,0x538885a61fc4039bL,0x0000000000000026L } },
-    /* 50 << 126 */
-    { { 0xd8969d84fc075646L,0xfb95b2b9cf469b45L,0xd0558743461890b9L,
-        0xc4a7c4d62d5be147L,0x7bdddc2abf485a2dL,0xe51570f923629993L,
-        0xe4e0e7eca9fa2458L,0xe6106cdc8e0678aeL,0x0000000000000190L },
-      { 0x2c4c56ebce32e8eeL,0xd94ad3f5a5593d72L,0xe854d1ac0ff0a233L,
-        0xa406b8375145ee0bL,0x0e3584ca488da729L,0xb6ff4f5380b8f316L,
-        0xb363e9cc402b0513L,0xccc22a8755811946L,0x000000000000019aL } },
-    /* 51 << 126 */
-    { { 0x47d2138b3580621bL,0xbd4c9c9a1474dbb0L,0xf1481018ae0e3eb4L,
-        0x6a093b167078ee4eL,0x4224d1f910edc815L,0xbb73d935a375ffefL,
-        0x218c7befdaa15567L,0xda7f1dca1a74f587L,0x0000000000000027L },
-      { 0x811b1e8e92233eafL,0x5000dc5d3554ea4aL,0xecf34661944bd497L,
-        0x0450716d15e5b3a0L,0x95e2529d671d928fL,0xd19305ae3946dfe5L,
-        0x0f2065a76211cca3L,0x0e1476a6c806fd74L,0x0000000000000181L } },
-    /* 52 << 126 */
-    { { 0x84b08fd1b927faf4L,0x236eae2654fc3722L,0x1a7cb9bff4836cc0L,
-        0x251833480db8508dL,0x36a19e7c9d1b8764L,0x8eb89180de352f40L,
-        0xccf372836e1a3ea0L,0x3e550c0a0a72c4d4L,0x0000000000000136L },
-      { 0x8e83af37f7b2ea82L,0x03c78b22395bdbdcL,0xc229423fef042d8eL,
-        0xf9eb603d4ed515f9L,0x2f56337627176ddcL,0x8390b596112af839L,
-        0x617bed410774a6abL,0x52903a20d5f44b62L,0x0000000000000014L } },
-    /* 53 << 126 */
-    { { 0x4e4fe470af6efb14L,0x6e9bbcf0be657506L,0x68100c8e2c3159ddL,
-        0xc0b59ffa5bbdf11fL,0x08681fbde6d49ff6L,0x7169ccb7e31b4c65L,
-        0x8703c995c929042fL,0xa12f13323361e4ddL,0x0000000000000196L },
-      { 0x00ebad68a0783eadL,0x02d1925992856a97L,0xfdb7acac51bb0952L,
-        0x5d46997c526c7fadL,0x9835ebd5c7a75eb1L,0x2ac64c34c3655307L,
-        0x13101862da8f9faeL,0xb0f6ab8ed9f230d0L,0x0000000000000012L } },
-    /* 54 << 126 */
-    { { 0x6cc723d437603fc6L,0x18055821d352721aL,0x942c0d47fe656ee0L,
-        0xd20be2694b170f87L,0x02f7ba5088d08be0L,0x53e64fdf1346bef5L,
-        0x2d23c4d4ea146dcfL,0xe68a09a37987bc92L,0x00000000000001bdL },
-      { 0x7620c264359c5796L,0x5846dd812b06b415L,0xf5b1ce8c2b242c54L,
-        0x3a42814aa2888a57L,0x4b2d89cca26460b1L,0xe3423f2974533daeL,
-        0x3da2e8a63e9f0bf9L,0x53b6f11b1454ac77L,0x0000000000000021L } },
-    /* 55 << 126 */
-    { { 0x06ee24893ca6735bL,0x70fee9e83374e617L,0xe8b3fa54d4a16bedL,
-        0xf364a301f3c1e5d0L,0xf16d5ef13c3e0753L,0x248d4e50d21da609L,
-        0x242edf3ef60f6054L,0x3fdfc80c0c24e00aL,0x000000000000008bL },
-      { 0x0a18a90bc3170235L,0x5c1bf5dec086e9b1L,0xcaa2d5f62cd7657aL,
-        0x51a3c67591ee757eL,0x16c99b21a186249cL,0x2c5561941b8cadffL,
-        0x9c58712f16ef2913L,0x6ccee5a5004b31fcL,0x0000000000000078L } },
-    /* 56 << 126 */
-    { { 0xa5dba4e1352ecab9L,0x6b02e6822c778abaL,0x2540e2cbcd90027eL,
-        0xe9273e1028ef0df3L,0xf06ac93932993c75L,0xff0dd2dd17e95ccbL,
-        0x67647a2edba0d5a0L,0x88aac34883a00096L,0x000000000000017fL },
-      { 0x5b0503a0a1edd5c1L,0xa3b6b42ad77e1a61L,0xfbbc558fb0ac4790L,
-        0x6e091b612c98fea0L,0xe9dd74b179d85e44L,0x01c6eb8996cb7b14L,
-        0x3f220aba0a79bd88L,0xb30988e26365ab82L,0x000000000000002cL } },
-    /* 57 << 126 */
-    { { 0x54a308fd559f11f2L,0x31e2721b647cace7L,0xf118348be8222f9fL,
-        0x97c4a761d5c359beL,0xded55d0b43515850L,0xeaf9aac7c43c5a7dL,
-        0xdbb25a12d68e503cL,0x282258dc50e474a2L,0x00000000000000c8L },
-      { 0x7464fbebff35e9a7L,0x522a0c6c38c685f9L,0xa70a2bd404a05041L,
-        0x0637bf682fc8355dL,0x33130aa254cf363aL,0x3ad9a6df0d4657f1L,
-        0x9e49f74a60758bb0L,0x2024ecfce25eb216L,0x0000000000000085L } },
-    /* 58 << 126 */
-    { { 0x33f1a6e161e91c74L,0x4ff19110e6c0cb10L,0x5c42e957f600ab08L,
-        0xdde03dd42f9bb837L,0x3641e9391a234d0bL,0x53f8620f0b9b78b0L,
-        0x1fe0b61aa1409944L,0xe3dc9c0333cfbe8aL,0x0000000000000053L },
-      { 0xe668c6ee20c3c089L,0x427daa6df27385e3L,0xcac71fe61f72a4abL,
-        0x6e5eb2cfe1329f8eL,0xe46c870f4e37087eL,0x5831ca51ad032d30L,
-        0x5991353dee77c07dL,0x3362598e0bd85cd0L,0x0000000000000138L } },
-    /* 59 << 126 */
-    { { 0x9eb88eadeb34a93cL,0x6d29e37a4701b69dL,0x426b10f150770987L,
-        0x73548e71d1f0f072L,0x80f016da0def01d1L,0xb1ccf96a3ea4825dL,
-        0x39265cb1e0b3c83eL,0xc978e8b42b3039c2L,0x000000000000007eL },
-      { 0x730a6fbc3e04c5aaL,0x67b705f33d44b9f2L,0xefa40dc7e961f235L,
-        0x5d20afc2c64cbe5bL,0x7e3e1033b0a4ab7fL,0x26ca57a6425506cbL,
-        0x0205449170798bbfL,0x2397723fbe05c4e1L,0x0000000000000144L } },
-    /* 60 << 126 */
-    { { 0xaa272aaad19d50a1L,0x3571d10bb1d206b7L,0x13d9fd10c3b75ad4L,
-        0xd8dfb50b546daf84L,0xd2b77b3a3a1f736bL,0x33725766683f310cL,
-        0x5c27d38b9fc3b081L,0xd74611bad1642ff7L,0x0000000000000026L },
-      { 0xdb5eee71f30e1c09L,0x819fdb72ca6da656L,0x312f0d734cde6546L,
-        0xa45ffdbb7bf7c656L,0x3fe1359af71f5257L,0x6ee0ea0ac34e9a29L,
-        0x969e2682b1e77c79L,0x1e8323864a901cb8L,0x00000000000000daL } },
-    /* 61 << 126 */
-    { { 0x22ed87b1b25beddfL,0x3683f8776daac239L,0xda6806bcb77d6ed9L,
-        0x046324c87a1c73b5L,0x5302a1f0280619fdL,0xff691f965d3ab015L,
-        0xfd8e1f0576a75d3cL,0xb170a9c48883921dL,0x0000000000000199L },
-      { 0xe2e4582834cf1693L,0x4e53f2ccb6cbeb25L,0xd7c26c5a13f317d0L,
-        0x51871564f2f46ae0L,0xd17031e8abf83111L,0xe07adfc84579ad64L,
-        0xa9461bc123467da6L,0xcb2976479eccc563L,0x0000000000000035L } },
-    /* 62 << 126 */
-    { { 0xb146ed5aa9f72a7cL,0x484b8997a7f0e604L,0xeb7b7cba9531f3daL,
-        0x272a057cae6515d2L,0xb5afd269686fed9dL,0x3495b87c6d05afcbL,
-        0xd60b71ce218f80f7L,0x2d850946e0ded104L,0x0000000000000002L },
-      { 0xadb631e23692300cL,0x30aa16333329dfccL,0x8546c0fa71ffd9aaL,
-        0xc5e4b3590962f556L,0xf09a2444bd391207L,0xdbec490c71cab26bL,
-        0x4055668615b145deL,0x5f18aceeceab1ac1L,0x0000000000000170L } },
-    /* 63 << 126 */
-    { { 0x62cc9557f077d63dL,0xf30f4a8be8f5f5f9L,0xf98c9bdcde80ec73L,
-        0x167d81b80c4c8e3cL,0xbb7ff344653cd736L,0x60725f05591730e0L,
-        0xbe4ef60d1803adcfL,0x04ed04c0c5127350L,0x00000000000000f1L },
-      { 0x5d2cbf0b776f33beL,0xd1a495b3cd90ab6cL,0xd47c850fecb6e7d7L,
-        0x75dfa50f266f13f8L,0xfe272a12e317dca2L,0x14ce7728bdff1777L,
-        0x3dc3926220fba381L,0x148ac59d6c2259d0L,0x000000000000012cL } },
-    /* 64 << 126 */
-    { { 0x904f2d4bdf9314e0L,0xdaae850de7a00aacL,0x79231083582efb03L,
-        0x80f1c283ec7fe6d2L,0x2d5b3996199d74a8L,0x5f120b9b395007e7L,
-        0x30d237734773f03eL,0xf4c192733b78b686L,0x0000000000000121L },
-      { 0xf103ff6dfa8b51f0L,0xae7afb5140e2bdf0L,0x1130380e83254171L,
-        0xe83501b8cda10d95L,0x1057771e4f3a8c01L,0x8f52196aac807069L,
-        0x3609b0aaa5623821L,0x8c25790694a0a7f1L,0x00000000000001dbL } },
-    /* 0 << 133 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 133 */
-    { { 0xe2445c75cb0284f6L,0x7266ed21f0d3b65cL,0xa6f7fb639c0cd13aL,
-        0x68d77e3537fee05aL,0x1d21ea95dd708c8eL,0xc75f44e793ba8d14L,
-        0x8bb1876d90e34ca9L,0x7a3621e4b70e8cb2L,0x00000000000000b8L },
-      { 0x0fb7c958e1d0f420L,0x34b8bcf2fadb2239L,0x1800038b6a67f72cL,
-        0xa8e3236ac19f70a9L,0xa73dd94cb908c753L,0xd7569d95a6fa426fL,
-        0x5ab784f60a295ae2L,0xdc2bd296583f0f13L,0x0000000000000039L } },
-    /* 2 << 133 */
-    { { 0x4624399658603a1eL,0xf6bf54496310788dL,0x178120864c799cc9L,
-        0x20a0d4e63f9c7982L,0x13340a26930d81caL,0xb248675461520fa5L,
-        0x0e9480cce3e2cbb0L,0x11f633c1c61dd54aL,0x000000000000008eL },
-      { 0x34510e9e07ef7a73L,0x242ea6950e00a9dbL,0x1a146ea20ead5b7aL,
-        0x52c0a70bf54a3534L,0x4b85dbbeb8113e6aL,0x62df74261446fc2bL,
-        0x3a79c26ee9fe597aL,0x6327cecda7afdc59L,0x00000000000000c7L } },
-    /* 3 << 133 */
-    { { 0x8bf9e0791c403388L,0x219a3154046f9ecaL,0x3a8ee73bcec86e4aL,
-        0x0a31124e281f2e27L,0x6a6fb93716bc3255L,0x0706364a8ae63821L,
-        0xcce86c65323d4b3aL,0x0c238449fd6cfbd4L,0x0000000000000174L },
-      { 0x031202de7faa8a49L,0x97b770b2579d75fbL,0x5cf4413ea5e0d986L,
-        0xe93b56fdcc936d96L,0xe4ec80d2b1c5576aL,0xbf8972a2da093bf5L,
-        0x0c5a98bdbcbefd15L,0xa19b3e630e6f9d2eL,0x0000000000000131L } },
-    /* 4 << 133 */
-    { { 0x0f73c85a8201c48bL,0xef502f8a4c9caee3L,0x8df7699641d84048L,
-        0x93f8a34bba0f3b82L,0x0fba696cd6a81ed8L,0x0be6c83196622944L,
-        0x0de9a8f2085495f9L,0x12d843e6580b2551L,0x000000000000010eL },
-      { 0x507820fbe51de678L,0xe404cd9317831a13L,0x4818c9d1721196c2L,
-        0xefa01a64cdda697fL,0xdccd32f0bab8b58bL,0x51ac6e1fb4a19bdaL,
-        0xd402693f4e25340aL,0xd6567590afbbec44L,0x000000000000018aL } },
-    /* 5 << 133 */
-    { { 0x07cf170343ea64efL,0xd1dcaf5fe29ad51dL,0x6bc714cbfe586ba6L,
-        0x95d455c4a564449aL,0x786b09c6a3f8c7b9L,0x6b2825349a9f9acaL,
-        0xccceb672df41c312L,0x88da8f633a5f10daL,0x00000000000001c5L },
-      { 0xf41c956600a865dfL,0x8eeaa9fb92362410L,0x232c80aa699ea6c5L,
-        0x86ad242d2e4ce53aL,0xf54d983fc51e3b6bL,0x5fef2fb86e2dcdcfL,
-        0x08b9a493e3f0b5dfL,0x32594fcd676f65f9L,0x00000000000001cfL } },
-    /* 6 << 133 */
-    { { 0x79541ad2f0258929L,0xb69d65afa7ffda3cL,0x7a83f701fb3fccfeL,
-        0xb8c83005284111f3L,0x7b48d4acff594c0eL,0x4364f321b301dc8bL,
-        0xccdb0184404f2b6cL,0x52239a4b8f4e85efL,0x0000000000000144L },
-      { 0x1dd594a2f650828dL,0x98b50e840aad2d93L,0x491fb295fd90d0f7L,
-        0x511abc0b7fc0144cL,0xeb240aa88d0085cbL,0x926f083c4f4e0a76L,
-        0xf5e8865df32a6e48L,0x8fae6ec023e3413aL,0x00000000000001a5L } },
-    /* 7 << 133 */
-    { { 0xe038336eae697aa9L,0x1545b82e6b122bc8L,0x2acfc7a2465cab13L,
-        0x396d60549e0670bdL,0x7099e416d4ef9b8aL,0xa745f4a6f144b1b7L,
-        0xe859dac381092b9fL,0xf4bf2786ca8dba24L,0x000000000000016cL },
-      { 0xd43fa47a1d8e919dL,0x7848e02298994d0cL,0x88559fc88b5c1e94L,
-        0xd810594a0ee65987L,0xc6b9837b9476a135L,0x08b04d2778667d75L,
-        0x3d35806e815d0639L,0xd703da9b9cea4585L,0x00000000000000feL } },
-    /* 8 << 133 */
-    { { 0x714c9d4d6e4a010aL,0x9e8621eb98bbdd05L,0xf3f33305efc60f48L,
-        0x4e392a4c0706c352L,0x5d0f7b3a94dcfc6cL,0x28c343062434d058L,
-        0xdba377bb41885900L,0x0ed4082dad73df88L,0x000000000000012aL },
-      { 0xc0899758fcdadfebL,0x1638c31454319374L,0x1831028ec8ae469cL,
-        0x41093ffe3a0e36a7L,0x75c6667b2860701aL,0x38c843a264de0a06L,
-        0xc6e2c8a0949389d1L,0x754f22b73a1cc818L,0x00000000000001feL } },
-    /* 9 << 133 */
-    { { 0x90d5cf72e8548dffL,0x0b0082421130f27fL,0x2b742a08fd094a2dL,
-        0x8002cee1fe8642b5L,0x94ba68b089e850d4L,0x9bfe83a1084d0ab9L,
-        0x6aa91c002d2b5f7bL,0x0886530f383c1125L,0x00000000000001b0L },
-      { 0x039fd9101b334478L,0x762fdf6b772b30dbL,0xf0b07b33950b4e70L,
-        0x704eab49aab6690eL,0xfe91d13cbd747525L,0xb40f6f7ea5ab8cd3L,
-        0x9f66e805fe523b78L,0x232466335f117f27L,0x00000000000001d3L } },
-    /* 10 << 133 */
-    { { 0x3660997e1d29651bL,0x017c92f21c43ee22L,0x399bd07278817d09L,
-        0xe7886c7efcc2e4e7L,0xd86cddf76c75869dL,0xbf7491ac8d350f4dL,
-        0x794d402ad99eda1fL,0x93a31aa3ba86bb24L,0x0000000000000155L },
-      { 0x3be864461ba82751L,0x2fbb5d14599c74c0L,0xb91bfae79528f6e4L,
-        0x9718d1dc27ecc011L,0x2e6ae4695685c69dL,0x755ef4fcf2f01e8fL,
-        0xd7d5ab2292d8a1aaL,0x0b96bd64fa7d56f9L,0x00000000000001f5L } },
-    /* 11 << 133 */
-    { { 0x803708af0a32a860L,0x611b39670a9ffb60L,0x1d73591bd1c64167L,
-        0xabefe36c919b5b6dL,0xa6e40fe88e76d295L,0x59af88d392cc3d6cL,
-        0xed75288dc978e6c9L,0x1d4f6dc597c882eaL,0x00000000000000adL },
-      { 0xa71e31457368f4a8L,0xc5b4991a47a78cbcL,0x718cfc2581954234L,
-        0xd154abe8846e6039L,0xfc6cac6c2e7fa9b9L,0xf8c914314a4c53c3L,
-        0xcc073a4bfaa6ddcbL,0x3980d5f90aec7bddL,0x000000000000009eL } },
-    /* 12 << 133 */
-    { { 0x53f7cc1dcd9c3b89L,0xd01fc88e37c09eedL,0xdaad94c7fd4ba95dL,
-        0xa7bab576f6331227L,0x4919757ba6066bfeL,0xa8d525106197a2b5L,
-        0x1a7c2cdd80fe8f9dL,0x47a0587c292e069aL,0x000000000000016dL },
-      { 0x0374fc0618a5170bL,0x80e54bec68f03073L,0x8de8d710a373c6a3L,
-        0xc25d052115e254d7L,0x97fb5a235d0da356L,0xae1d930aa3099c32L,
-        0x4a362d78b750367dL,0xeaa2fd7c6c7e426dL,0x0000000000000160L } },
-    /* 13 << 133 */
-    { { 0x7d18c1c82affd347L,0xd1380fcd2983736dL,0x595f7723c63223ddL,
-        0x631cfbe5b484b6fbL,0xbd2861390a6ca8ccL,0xee72e38d4f471ca1L,
-        0x032046a1971ca142L,0x479212432a1dd8c0L,0x00000000000000c2L },
-      { 0x35e6b9e5d7ae4e8fL,0x5a00b0f90a3feca7L,0x1c342e080a0a3d2fL,
-        0x1e8879ddee0b5c36L,0xa420ee79ec8626cfL,0x79a1917573f33218L,
-        0x1258124a86bdec5cL,0x691be2ab06058dd7L,0x0000000000000042L } },
-    /* 14 << 133 */
-    { { 0xcfa90e928d85981bL,0x44fbbe308470ae90L,0xb1c923e3b4a1c507L,
-        0xb2d07ce9ff4afe17L,0x6efdd4cc1fefef7fL,0x9dc388240fc6d59eL,
-        0x90a95ff8cd639f85L,0x97907edbc6d5cc6bL,0x0000000000000012L },
-      { 0x4321d7bac15ff87aL,0x266401efa1c681ddL,0x71b9f08c84b64526L,
-        0xa59beafcfd5df281L,0x75c4a3cfbb791707L,0x48cac59c01ce567dL,
-        0x14cd0e56a00a8628L,0x2e9e9b3f0cacd47dL,0x00000000000001d7L } },
-    /* 15 << 133 */
-    { { 0x234103cfdeacba24L,0xfe7118f964b60ddaL,0xb600dd482a7d4f4bL,
-        0x60177286754ef7dcL,0x49a59cffe9ab0cb2L,0x309aeff80cbfcc2dL,
-        0x0a995830b4cb626cL,0xe5c24958357da294L,0x0000000000000108L },
-      { 0xdc25d5d416fbf2d2L,0x76f7dd357630d805L,0x0fa599f1883ffd97L,
-        0x81490dda0c07ab63L,0xb0afa4b335d3a0b3L,0x5339cd6c98872553L,
-        0x31702ec41f849f90L,0x111738088b6e6311L,0x0000000000000180L } },
-    /* 16 << 133 */
-    { { 0x58821c974a0c0913L,0xb7707006307795f2L,0x44f5f5bcea20c664L,
-        0xc23f5ac39c5ec494L,0xe83e4fc380affd1aL,0x7e92884d50102ac6L,
-        0x632405b8a3c31198L,0x1995f831453cc03fL,0x000000000000009fL },
-      { 0x8019071721e50847L,0x794b63d991f3efd5L,0xe9d69357a95c778cL,
-        0xbd298eb0d04a14c3L,0x40a105154c5cb3bcL,0x296fd944f9c2fa5cL,
-        0xfee5fe79efb9a49bL,0x12e8d7b35ba9db09L,0x00000000000001d7L } },
-    /* 17 << 133 */
-    { { 0x7978a92b15e89a09L,0xc21eaf079c8cbea8L,0x977fccc67d83c497L,
-        0x037b22f5a4996ef4L,0x79b075dfb1fa5efdL,0xff169c5d895b8646L,
-        0xb91366e1139eaab3L,0xfeac1026a55cf585L,0x00000000000001b6L },
-      { 0x0e827a8e83e55daaL,0xa7a27e77cd68ce98L,0x2cc9672e7d586572L,
-        0xd055fa46a3ff0e35L,0xafcc63023268d057L,0xccf7b4f3294e84d7L,
-        0xe972308991a61758L,0xda4feb6b72a08bbcL,0x0000000000000098L } },
-    /* 18 << 133 */
-    { { 0xa3c2e3b89a33dcbeL,0x69a1af65846e1f3fL,0x325e624b23d94d03L,
-        0xc9f9a9fe7b606aa5L,0xe660b7b341d6f8e6L,0xd9b994a8e7a4b883L,
-        0xd97bd77226a3c490L,0xed529b01110a6d8eL,0x00000000000001a4L },
-      { 0xc956d69d12852a59L,0xe0271878b91f3a5bL,0x70ca2552c30df3d2L,
-        0x1b322ad23ed9a3f0L,0x2bd7fa803ed7b14dL,0x2b0e40c9937ca92cL,
-        0xf0a680d7c88bf5f3L,0x2c1717bae18f006dL,0x00000000000000e0L } },
-    /* 19 << 133 */
-    { { 0x4f62538b805ba0bfL,0x521cb0d1ab71e577L,0xbbc91db992f0b4c1L,
-        0xd97b96acea45846aL,0xce2a73bef99195b7L,0x4808f872335360b4L,
-        0xeb784cc1e09fa8c9L,0xc9d0de8524667ffcL,0x0000000000000098L },
-      { 0x8aa32a023abb4464L,0x8539cb99aa2eeb37L,0xf97a730fe6572cb9L,
-        0x49a2ec198d17e745L,0xcbb7f722581a6561L,0x5271b9e7fd748594L,
-        0x7df05c8555efe907L,0x12b457a3648b30ffL,0x00000000000000dbL } },
-    /* 20 << 133 */
-    { { 0xc2eb058989126facL,0x796ce4619a94396fL,0x40eca49d99c7ecccL,
-        0x20ed57c7c492a4a3L,0x4089296506fa952eL,0x4690915c906f1b9fL,
-        0x099b286b548ce05eL,0x293617b76fe582a4L,0x0000000000000094L },
-      { 0xa34b04313831cd9dL,0x51eeddccb647a424L,0xcb7754a1e82a9c3dL,
-        0x59bd6cabb14c49bcL,0x8f6d2d2e8ac8f7a3L,0x5f2fbf4346ce83b7L,
-        0x93ece81c0d68eb87L,0x01271a1304d06b9dL,0x0000000000000067L } },
-    /* 21 << 133 */
-    { { 0xe26b19f2d74f6e10L,0xf3d3187d2ce14a93L,0x389726ad0da15517L,
-        0x370c53b748f5a2d4L,0x052065fa2adf6e52L,0x35193065bae051ddL,
-        0x82351b7900b33478L,0x03e7d6d80cdf4884L,0x000000000000019eL },
-      { 0x383538be2e446a7eL,0x36190c9adb8a52deL,0x51d74979946c8943L,
-        0x01bf13a579d3b4c4L,0x7f27c8610f2f49e2L,0x6ce84ff46a734dc1L,
-        0xec6f79ddbb5ff5a0L,0xdb6e4fe3a96d9a23L,0x00000000000001bcL } },
-    /* 22 << 133 */
-    { { 0xbeb1d116cfb1ec29L,0x3f1502f0c5f0152eL,0x501456fe75a4ee8aL,
-        0xde95a49a23265eafL,0x9e9e8319c0b85f89L,0x04d93a60647d2726L,
-        0x63a54a59cb65cc94L,0x56766e88f173d58aL,0x00000000000000deL },
-      { 0x9bccc01ebdb6a51cL,0x3d893bac5ac0d14dL,0x4a89af9516e16ea6L,
-        0xcd7eba6798db611fL,0x90e2d187e84acf42L,0xfdb5ecbce1053f4dL,
-        0xac124000e8c4a365L,0xf724f56ecb5910b3L,0x000000000000017bL } },
-    /* 23 << 133 */
-    { { 0x0978471e01ac4394L,0x057a926de4d2cc08L,0xece99f2f002fbdc9L,
-        0x07bb884abe832818L,0x7f396535fb1c9404L,0xfdb86a9f6ba39a7cL,
-        0xf4b372d9665c78e8L,0xc1b321e9dd520572L,0x0000000000000006L },
-      { 0x51f1b8b8841a3ed3L,0xf49b313516b4a01bL,0xe01130df5af2717fL,
-        0xb62166e4eea414c3L,0x7991e1ac050b5040L,0x8d632c2207cfddfaL,
-        0xa9033c3efa37f8b0L,0x542b8994790c1190L,0x00000000000001fbL } },
-    /* 24 << 133 */
-    { { 0x1711039279d6593dL,0x7d88866ed6d1e388L,0x27e0aa5fc9a20e92L,
-        0xc82ef455b781bc4cL,0x36888ad0a1e9a984L,0xa51d1804962eb333L,
-        0x3964bf4a6589216aL,0x88904ffa7529c9fdL,0x000000000000016bL },
-      { 0x9e0aca53e59081d4L,0x8b9066c009c4315cL,0x51d18e8b44dafb2eL,
-        0xa86cd85c3c757835L,0x7534cba2ed8b25e4L,0xe1db4aebe59c5ebbL,
-        0x77af93de72024396L,0x0779f6af77f5a9beL,0x0000000000000090L } },
-    /* 25 << 133 */
-    { { 0xfa55f353e1eee7e8L,0xe3728f0f832a86f4L,0x08ddaad44cb9e21aL,
-        0x9b49d70e9cf0f3d5L,0x8ffab00c2fd4bb7bL,0x7b24a72f1435c1efL,
-        0x390f209023687920L,0x1ae25cb77c75e684L,0x00000000000001ceL },
-      { 0x881170cb4ea45115L,0x7cb03b3b2fdcf8cfL,0x0a7628ad560c4124L,
-        0x44811560823820e9L,0x61ed767b6994e17cL,0x94da851fb95b76c6L,
-        0x78bdec4b3c1ed403L,0x463d6cc3f1d85a84L,0x00000000000001bcL } },
-    /* 26 << 133 */
-    { { 0x4b1cf5b9c8514599L,0x609b60221834d2b1L,0xbe5b9326da5dde47L,
-        0x64409ae86c87d75fL,0xa3567801e8d1e7fbL,0xa9b932338bf2915aL,
-        0x91fd8fe62941cc91L,0xed0e7455cddffdf4L,0x000000000000010dL },
-      { 0x913d2a5deef7108cL,0xaed5d7062be9d4d0L,0xfa01ca9bfa991f21L,
-        0xf3518ce8e99b856dL,0x981faad4e99672cdL,0x539dd546e7f474e0L,
-        0x9bda2db4157e9f13L,0xb8a88661ee003dc8L,0x0000000000000081L } },
-    /* 27 << 133 */
-    { { 0x8521387559df2f72L,0xb509af3789687b4aL,0x077892b261f8a34aL,
-        0x5603f3095d0fee80L,0x6d42d34edbc6cf37L,0x0cf8c9c4a3920fb1L,
-        0x655e26bfbdaf412dL,0x7272f887e2208eb2L,0x0000000000000141L },
-      { 0x62a68859878f4a5bL,0x0146336435dc49edL,0xc3a2caaec6d3081fL,
-        0xc6b69c2ce990949fL,0xbf1385e215a826edL,0x0419547fb367f8c0L,
-        0x389ab431323d3470L,0xb0453b45669f8c98L,0x0000000000000180L } },
-    /* 28 << 133 */
-    { { 0xd815b0c258bc45e5L,0x91a14033dde59521L,0x2af00d61185031ecL,
-        0xb1113f8df49ae2adL,0x623869a703db5dd0L,0xa27f52a38b084e1aL,
-        0xffae28447ec2a78fL,0x316a4a837d788dcfL,0x00000000000001edL },
-      { 0xda151fa30ae71753L,0xd2c6156661148b48L,0x5e1d6aa1ced8d6e9L,
-        0x4c784fcdacc9df51L,0xb5715fadfeb5fd68L,0xe8aa4f453c4bd41aL,
-        0xc295cf2c83a6506bL,0x6ebcfbe68959cd18L,0x00000000000000aaL } },
-    /* 29 << 133 */
-    { { 0x1e628033cbc78ba4L,0xb1b10d9e6af66a7cL,0x22732085003e1d98L,
-        0xf76bf139b4ef67c4L,0xfdc2dc37b969d917L,0x8e9b0e633e84da86L,
-        0xe1860be5f0916be7L,0x0e800a237c15f060L,0x00000000000001deL },
-      { 0x213138e0bed62300L,0x2919defb59a9fc70L,0x076e46c4a40aac25L,
-        0xba2e019231a4812eL,0x8fc6de496adfcd6aL,0x38d17f427d95423cL,
-        0x79adb39063487d5cL,0x58a207a931a424a8L,0x0000000000000025L } },
-    /* 30 << 133 */
-    { { 0x35c5164a45d58f3bL,0xe8b634c956a438f9L,0x9534282771b03d58L,
-        0xa8c2ac9f6b9023c6L,0x4d90973f13636501L,0x9d371c592eb26e43L,
-        0x24e2ea7d97f169a3L,0x6307489ee3af53edL,0x00000000000000a4L },
-      { 0xa142cc05e27954edL,0xfa9cfb5de2d9d9dcL,0x7d78edee9c8624a8L,
-        0xf0c2bd235976c173L,0x9727567c08649437L,0x516662a467e6759dL,
-        0x5bc285768c8f1790L,0xa62faec4956463faL,0x0000000000000068L } },
-    /* 31 << 133 */
-    { { 0x6a9df5fbe3f77972L,0x52703588c85f0f3fL,0x29c45e81e6d57b9dL,
-        0x3ff4393a0be4937bL,0x5c85f2ccdeb7dec9L,0xf885d42872f17b38L,
-        0xc839bd481d95a39eL,0xfd14d7c7dd7372cbL,0x000000000000010fL },
-      { 0xe9a106f0dfc4e535L,0x8d1efece352ca519L,0x4649995c18b5a799L,
-        0x17e6bc99cda75652L,0x9b7edb4dc27545bbL,0xb196ef1436d9adb6L,
-        0x2a3244496ef504feL,0x5a8e3e9fb9b92a69L,0x0000000000000095L } },
-    /* 32 << 133 */
-    { { 0x0d200089e0b8b7c6L,0xfa7c2a74e0c3a66cL,0x47465db046e3e5cfL,
-        0x2bd1dd818537bb62L,0x748d70127165a234L,0x4d3737455c718337L,
-        0x40c0f48e189ce8cdL,0xd018ce08a2f751cfL,0x000000000000014bL },
-      { 0x5513201a7ac22c09L,0xf559e050a1cd3533L,0x6e1eba1ebd4031d0L,
-        0xbfd8a1cc532b1d53L,0x3fdee4cf5a15b193L,0x226693f7789bb143L,
-        0xa0d4dc89dee75e9dL,0x438d3544f09a0c6cL,0x0000000000000189L } },
-    /* 33 << 133 */
-    { { 0xae388e5fbc7cfa67L,0x519392e5c4a83747L,0x4ccc4f517e71db2dL,
-        0xd0613eab43b51f80L,0x512eb54540a16cffL,0xfb154e87e61e6026L,
-        0x676633c8c236be41L,0xad0ef2ceda383a00L,0x000000000000010aL },
-      { 0x551ec1eb5b304592L,0xf85423b68c0864d5L,0x4e1550fb4b330062L,
-        0x09fe089b38cf2f38L,0x5b9116c2970c0163L,0x9098bb3fcdf09e59L,
-        0x7e65e01668bd9e33L,0x5c5d66f89b52bf2bL,0x000000000000000aL } },
-    /* 34 << 133 */
-    { { 0x72d78fb610dd1d61L,0x8be49d9a7bd8cd95L,0x3026eb2662e523ecL,
-        0x7bfdd7dbd55b37baL,0x7dc305b0effcc9e3L,0x00a2eb23fa3415e8L,
-        0x44ce408be37bc2bcL,0x0988ece81f78d0f0L,0x0000000000000098L },
-      { 0x0e7dd8fff0f57120L,0xb519a4f6b2d8b7daL,0xc28b9d98aaa4606eL,
-        0x63655931b7ebe8daL,0x7d5e49937aa83d31L,0x8fc247695d7113b2L,
-        0xaa723099af3672e6L,0x57a2ede46113f6bcL,0x000000000000017fL } },
-    /* 35 << 133 */
-    { { 0xbab36a6c9c8171b5L,0x2b92b467e3b4a5e7L,0x44181477ef7b6955L,
-        0x14887f78ea6af659L,0x9d6c37d31334f773L,0x46ad0d60b49909b1L,
-        0x5e6f4e00e13b1c8bL,0x1342dbff52e575dcL,0x0000000000000028L },
-      { 0x845e56bef3dd7aa6L,0x35d1cd6645b0451eL,0xef47dfa5d812844cL,
-        0x58c3217d8a377dfaL,0xf1c825800e7fcba0L,0xd8b870a470af2953L,
-        0x8b04f1bb44705ea2L,0x985e4d4d60d8733fL,0x000000000000016dL } },
-    /* 36 << 133 */
-    { { 0x6339d37cd0d9229fL,0x6005c395e584a476L,0x6d0069ae28566e91L,
-        0x429756900b0315faL,0x79dd1ffdec520a49L,0xc838751c0a8b3c1eL,
-        0x0d28edf14f3751baL,0x500d09678bbc87b4L,0x0000000000000118L },
-      { 0x7c7e207e14e4c072L,0xe63e49dfd3416c7cL,0x477aaa052eab5b31L,
-        0xb73c00ada919f8d1L,0x3f892c301613ac11L,0x04d69886a3169be8L,
-        0x8a2cf2a7f534f014L,0x3181e5a8a0b80c93L,0x000000000000005aL } },
-    /* 37 << 133 */
-    { { 0x0ab7aabfdc9ad56cL,0xd23c15c5eae45f77L,0x8890ba1666310ed7L,
-        0x78aa3af2f6769617L,0xddc04ace79481281L,0x93d7c93609693faeL,
-        0x89f579dca7f87b7bL,0x9fd68aa4c0811d4dL,0x0000000000000090L },
-      { 0x90acac1c3d570677L,0x2db8af73915160c5L,0xb68f09301a9bd834L,
-        0x92d8f38a3bc34baaL,0x6cc48f4d2c2a218eL,0x29cb31dccf297452L,
-        0xa425d2e8b3a8e929L,0x778988ad9d279aa0L,0x00000000000000f2L } },
-    /* 38 << 133 */
-    { { 0xd64682853c9f5c09L,0xe9c6093417a4877cL,0x30e2768b789a9e6bL,
-        0x92c8cc80a7f44fb3L,0x0da7ce7e21477158L,0xd6e1e02b94e9e544L,
-        0x9610eedecb4dc8d2L,0x47f8263b903a1fa3L,0x00000000000001d5L },
-      { 0xecd9b15649d6c575L,0xb862a41f882a88f1L,0x49423e64ede1dca0L,
-        0x4c5fda7de7b3c050L,0x949691d28a4614e3L,0x66bb747b0b9f0904L,
-        0xd4d91254ab12272bL,0x255b9e8717d749cfL,0x00000000000000b3L } },
-    /* 39 << 133 */
-    { { 0xa875e013bb5d1c4aL,0xa3f2502ac3e007c7L,0x6de7cc3766e12aa2L,
-        0x879a3b104a63a2bcL,0x6b31dd72854e1969L,0xd90cc9a146ea617aL,
-        0x379e82c25c4a71f7L,0x8f516047281e3dd5L,0x000000000000009bL },
-      { 0xa0fcb1903b84b7abL,0x0a52b50e0fc3d3c0L,0x32f65ccf32e1e6d1L,
-        0x0ab8ab6b013731eeL,0xea4c3be597b82568L,0xaa6c59b1f617b5d5L,
-        0x84b5dc5864f766bdL,0x1408d8b8df0ccd58L,0x000000000000009dL } },
-    /* 40 << 133 */
-    { { 0xf9573f8d640e6a08L,0xae4874b31138e3e6L,0x9de063dcda7c7652L,
-        0x3f4f25905c5e679aL,0xbf26d5286355457cL,0x071b6eb12fbdc5abL,
-        0x66f75278b8344ed2L,0xfcae83ac52898292L,0x000000000000014cL },
-      { 0x13b69d24c652cbb5L,0x072f96e6120253a9L,0xe8f88c7564985f28L,
-        0xc7eafd4f089a1e10L,0x6d4d0fbc9562b680L,0x6e4e5af7b91b73bfL,
-        0x253f58ce07278b89L,0x1df25657e8a56798L,0x00000000000001fcL } },
-    /* 41 << 133 */
-    { { 0x7366c523a6d0298eL,0xfc9896739908952fL,0x4e7b7e4b7cad6846L,
-        0x7d61390da76096ffL,0x121c9c4bbdc2d1afL,0x9b4a5607a0731325L,
-        0x037059e473265b99L,0x8674868ee48a42e1L,0x0000000000000097L },
-      { 0x78109eb260bf7a21L,0x84264885d3af48c1L,0x07659bf119b54790L,
-        0x8ea14ceb95d6aaf0L,0xcae15147cf069d4aL,0xc76144d6c7c72fb0L,
-        0x2b3a00a10d04f324L,0x2b1ccca3b23706d2L,0x00000000000001d3L } },
-    /* 42 << 133 */
-    { { 0xb2737edb4397a1d4L,0xa3cc4752adf24307L,0xe7076bb998c5ca38L,
-        0xda5f14a29cbf2670L,0xf17c4d57900f3687L,0xa5da2a2bc47f8b80L,
-        0xfe06debef4dc7298L,0xd171fac45a85e086L,0x0000000000000059L },
-      { 0xcf8e159ada084c91L,0xe537e29b9bb027abL,0xda5d260c2b9929b2L,
-        0x79587899c6d406c9L,0x4901def2b1285e88L,0x75514c448458dd8fL,
-        0x942b087b90071771L,0xb3bc605d576fe985L,0x0000000000000185L } },
-    /* 43 << 133 */
-    { { 0x20ff84d0abe1e0d1L,0x72bba8f48b5ddd1aL,0x17ea9fa311158d5aL,
-        0xdde176b4d05a1a67L,0x26a74063002ecc58L,0xf2a0564dbcefb61bL,
-        0x5846fefa3d6fdda7L,0x362dbb738d841101L,0x00000000000001daL },
-      { 0xe7957a081e70f44aL,0xa9dc89fa1e152397L,0x871ecf03a8f6bed7L,
-        0x01428e993a1d5e32L,0x6cfbafd4d04d7217L,0x31acf44166b784e1L,
-        0x68da3e28dfd839c2L,0x0eefd3f7a67bf28aL,0x000000000000005bL } },
-    /* 44 << 133 */
-    { { 0x16ce6ba9219403a6L,0x704c37ed72f83290L,0x1af9f9d700efb6b4L,
-        0x456cd8d972b63e74L,0x98256804fe6873b0L,0xcc5ec6b62243b040L,
-        0x0d6b88a1bf16f3a2L,0x19632b44d89006b4L,0x0000000000000188L },
-      { 0x8b9574fa6b48efbaL,0xaa2a766f9517e3beL,0x134f8f42c7789b73L,
-        0xde6e8af2e435cc54L,0xfdb8a89202acd7e2L,0xe7fc99b4db22b516L,
-        0xe33eb6b38a467a40L,0x7c98831102aaf81cL,0x0000000000000117L } },
-    /* 45 << 133 */
-    { { 0xc69fa235f9f382b1L,0x138dde0b97936162L,0x0193fb316ab8c45dL,
-        0x52b3734d5b963d2fL,0x68bcf54c42cb98caL,0x946127ae86c80ea7L,
-        0x2e85d3b8ea0c5814L,0x89b5ae1d0c05cfb1L,0x00000000000001efL },
-      { 0x30ec78ba83ead66eL,0x89ee8df807bc31fdL,0x3ee5b5dfe40653a5L,
-        0xbda53ce7c0d84d01L,0x8719017a332fd5e1L,0xe2c26ec1af60a467L,
-        0xfe92a92c5324fdd3L,0x4fbb7d03fc90f8e2L,0x00000000000001d3L } },
-    /* 46 << 133 */
-    { { 0x41517372268ee4c2L,0xf2ef66f1567195b7L,0xdee93cfd536b7c76L,
-        0xf4c81df537122f67L,0x8e18116fe95c1d48L,0xe55b76c713761ce1L,
-        0x067b6632af514d6eL,0xff26860207d9b612L,0x0000000000000050L },
-      { 0x153007507f8082e5L,0xba3bf499a614746aL,0x9bfb85fdc02fae9aL,
-        0x326b1d5cef48c254L,0x62d6db68098f53e9L,0xcd5a5120d68a1895L,
-        0x9cda1c53b571d2d1L,0x6745a05b13894f7bL,0x00000000000000a9L } },
-    /* 47 << 133 */
-    { { 0x395e92dd10b4a524L,0x2f607e83a39bfaf5L,0x56f5226da4ecac96L,
-        0x43a914ee1330398cL,0xb856077396dc6548L,0x7d6df876b7a3e898L,
-        0x119324ecf20fa238L,0x094f660ac05709d8L,0x000000000000009fL },
-      { 0x0adf96dc3dad163eL,0xd9a70fac8472aa53L,0x87276f1499571aeaL,
-        0xdb8f9182eae49b95L,0x0e612c83e0b31c76L,0x04a89299b29554cdL,
-        0x2cb3c97166eb58f3L,0x9b80b548127517b4L,0x000000000000002eL } },
-    /* 48 << 133 */
-    { { 0x6df6776bc353a269L,0x0d232f2ddace9809L,0x7649e04403d5d78bL,
-        0x59710087fc283d82L,0x86d65eeee2ee05abL,0x3d1fc3f227851d69L,
-        0x3b86ed771781977bL,0x4d4a61be1ac0290eL,0x0000000000000161L },
-      { 0x2deac320c5400967L,0x026949097381541bL,0xd373ba709cd429a7L,
-        0x547f0e86928b72c5L,0xb1c2f84c223ab61aL,0x06c039941115f60aL,
-        0x6e5b0cbe82136cfdL,0x08e4a467489d7de6L,0x00000000000000c6L } },
-    /* 49 << 133 */
-    { { 0x032b213a98212293L,0x2c3771f84175ba18L,0x34d7387f11656e9eL,
-        0xcf12328156425813L,0x2b4ef4b4722fee93L,0x7db8afb2799c6333L,
-        0x0ab9c8aa511cf76cL,0x14dcb970c785bcccL,0x000000000000018cL },
-      { 0xa5db10cad3cc86c6L,0x6c6a06a4abf9410aL,0x9057b0ca268823c4L,
-        0x1a3de830fa5744e8L,0x695f7952038b260aL,0xe0394707ae89d231L,
-        0x24a3e94c86b0b57aL,0x1acf30aee57206e7L,0x0000000000000161L } },
-    /* 50 << 133 */
-    { { 0x60eee52395f7e189L,0xe5499be0c5942327L,0xd385ce00d2ee8132L,
-        0x4cfdb18cfb6609d3L,0x2b4bb533b29a9768L,0x21ee5b2937a92df5L,
-        0xd24d2625d93a8b26L,0x432dc9a2102ae479L,0x00000000000000f1L },
-      { 0x9df9906be725bdbcL,0xe95ee011daabbb73L,0xe681c90af4d6dfbeL,
-        0x062b8fb003bd2ae3L,0x0e25ec30f61d8f86L,0x78c7612e5bb8dbf5L,
-        0x0c8b6a8545b562fdL,0xd972652ef4549f6fL,0x0000000000000123L } },
-    /* 51 << 133 */
-    { { 0x17b6f280f8148b30L,0x2114d1ecfc765a46L,0xc69d56bdd97da81dL,
-        0xe2ef34422e97a94aL,0x05212af05bfe5bbcL,0x98c1299f03cfe2a6L,
-        0xbeeb7efdee28e6caL,0xdeb67b9c09994359L,0x00000000000000bbL },
-      { 0xd4578886fad7480dL,0x61e757a46cb49108L,0xe2811c9d28480964L,
-        0x14ffd6bb2a68d261L,0x6afd6a0aac401fe7L,0xed21c3f69db834a7L,
-        0x877e265b2e156034L,0xfda68f45935cb0feL,0x0000000000000190L } },
-    /* 52 << 133 */
-    { { 0x0b0a8610ac5e165dL,0x21152a8c85cb157bL,0x6db9a7ce551cabe6L,
-        0x7e36ec91dfda6187L,0xf8727bdde8ff337eL,0x6009e6f01152b37cL,
-        0xffbdd5570cbded62L,0x4f1c3db00152b926L,0x000000000000002eL },
-      { 0x6b32d8b606c8a9bcL,0x734eb64a79b60428L,0xf680ec0030394592L,
-        0xff99fb910bfa6092L,0x43b696b7cbac9513L,0x3029ffe7fecf53a4L,
-        0xe36787ca6985a6f8L,0xa1c08a99132dbdbfL,0x0000000000000188L } },
-    /* 53 << 133 */
-    { { 0x81e74494c49d4659L,0x981c641e95f5147bL,0x84d1d3de4d8b3bd5L,
-        0x1aa8242301a6e411L,0xa98db43ce663d148L,0x1f4e05fed67ed0c0L,
-        0xb53dbab2662faa40L,0x8d1f14ac9c524ee4L,0x000000000000003aL },
-      { 0x0d7f01a90f85e070L,0xecc933cbe5063726L,0x683848d9dc641f20L,
-        0xd714d8d086dc3268L,0xee00e70ae4fb106bL,0x4c0af171fdd9367fL,
-        0x9085d9012d77d729L,0xa4b755e3da1b2659L,0x000000000000014cL } },
-    /* 54 << 133 */
-    { { 0xba16f14aab5c411eL,0x73bf410805bb77dcL,0x6e5e936e0cbdb790L,
-        0x095df1e82806dd17L,0x93d31cb976115ed3L,0xad42b79f4dfb1145L,
-        0x27fb4d2ee478b2adL,0xa0de22b349819e04L,0x00000000000000e1L },
-      { 0xbae8522996dab504L,0xe3f3c7d5dc069f77L,0x844307a2ed7f4f3cL,
-        0x3a8486cde2db6d25L,0xd085347ded20d8e4L,0x6af9e096f2d8d426L,
-        0xbefd13e374c38168L,0xbd6ee56577f7349cL,0x00000000000000a5L } },
-    /* 55 << 133 */
-    { { 0x4119d514d028e912L,0xbc53213293adafd7L,0x0176ca03e31467d7L,
-        0x109f2dd7dbe712aeL,0xc991ff43dc87e626L,0x986c9664bbe227c2L,
-        0x55b27b44ed625994L,0xab0d9892fab4c1dcL,0x0000000000000184L },
-      { 0x73fa82dee846b7deL,0x76b39d20978e6d94L,0xbe90c6022955b242L,
-        0x258fcc6d60653be4L,0x2884e00013a12e7aL,0x6e23077d6c5283a7L,
-        0xc52f652b50650616L,0x76c21d604a4564ffL,0x0000000000000115L } },
-    /* 56 << 133 */
-    { { 0x06fec2df700cd193L,0xf077afee002863a6L,0xb60894fd6cf0c0c2L,
-        0xc7d01cd0f8b7c551L,0x7adb74e4c33c337aL,0xb4b5767ea8867af3L,
-        0xbdb10aa62f3d57a7L,0x80d5ac5eb1ff9d7dL,0x0000000000000116L },
-      { 0x0e0df41c91867318L,0xe3cbb1ae1912bed5L,0x006dcee9c15465bdL,
-        0xf4768566352746c5L,0x567e2bcf767e554dL,0xa4eddfaccfc14923L,
-        0x5c661c2e5e096c3aL,0x5b13488d8123fb58L,0x0000000000000045L } },
-    /* 57 << 133 */
-    { { 0x7efb5d55427705e9L,0x7441763e3aefa5a4L,0xcfc1631a7dd7503eL,
-        0x1931431763a1ebd5L,0x28701646cb713fcaL,0x14e962bd8b152c31L,
-        0x257692ff76400fa4L,0x0f6600204b46efabL,0x0000000000000046L },
-      { 0x3fea71317ad6603dL,0x972475c8e4e9e4c9L,0x4bd0c751cecafbf3L,
-        0xbddcfd670c1312bfL,0x0a572cd16dcda451L,0x6c9ccfe8e4c9282fL,
-        0xad69bc9f267b4addL,0x504419d562517ae3L,0x000000000000009bL } },
-    /* 58 << 133 */
-    { { 0x874b11b11d0861d5L,0xdfb04016f49936cbL,0x2882feda5a6b94bdL,
-        0xfa80197cbaeb3a74L,0xc53a57fd3f8223adL,0xc4dff53dfc41cd27L,
-        0xff8ccf62cb813e8fL,0x243607d1e9325b2cL,0x0000000000000128L },
-      { 0xdeb8c7f10169da0dL,0x13f6f33fd5072565L,0x5a8a4c2f5128d693L,
-        0xefe2355be809d274L,0xf9fbb0786c9a8373L,0xe2b94a728f2e8165L,
-        0x0bb7b087052f5589L,0xb3a7cab974dc02e5L,0x000000000000017dL } },
-    /* 59 << 133 */
-    { { 0xbc9b22ed1648af13L,0x4cc818be46cd5d3aL,0xc5656c38380e7df9L,
-        0x7c961b149f628ec1L,0x96ddf65e6035c381L,0x9fb033981ee39576L,
-        0xf237b837459ee04cL,0xcf997019c1178539L,0x0000000000000067L },
-      { 0x35b3503f7d3970f7L,0x24df0bf854532bd5L,0x09e847bde9c532dfL,
-        0x0c5f797166449ee6L,0xfb9cf1629563558aL,0xe7e49989a521d4caL,
-        0x6a8c87b04a7e71d1L,0x0f9600f8c64c4fe0L,0x0000000000000121L } },
-    /* 60 << 133 */
-    { { 0x941f1a68f391b195L,0xf563c05b48755ceeL,0x02fa0eb4a4b11b13L,
-        0x89f09fe4110e0044L,0xda3601eccdf17866L,0xb63e2b31821c239bL,
-        0x72afb2946a4cfc70L,0x4cc16417876bb699L,0x00000000000001bbL },
-      { 0xf02270e155c4416fL,0x1a69d7a0a8fb98a1L,0x4f5219550debae64L,
-        0x0d93fc627a75e48cL,0x7555793a2e11801bL,0x6e275e97618c2327L,
-        0x57957f18f1af9ebcL,0xe16aa048085f0047L,0x00000000000001d3L } },
-    /* 61 << 133 */
-    { { 0x959cb1705b5721dfL,0xbef678407757dfadL,0x296da84fd14066b5L,
-        0xf63609e59024efb6L,0xf643a52c8efdaf37L,0xc512f72a5fdff43bL,
-        0x35dea1a55c5a2b0aL,0xbbe9f38e3bdccba5L,0x00000000000001efL },
-      { 0x585065f80662190fL,0x1b566da784cbad73L,0x20937378fd439316L,
-        0x00e8c5423908a556L,0x7f10e264f315c479L,0xdccc1dfc4840a392L,
-        0x6097b7f6a789f4f8L,0x7d593eef0fbc7e15L,0x0000000000000187L } },
-    /* 62 << 133 */
-    { { 0x9c59a11981b51f74L,0x7a7aacec4c9c20b2L,0x8ab9de7d0959f510L,
-        0x3bc2215deff0cd8cL,0xd609a192ba5ab07cL,0x2dc4323dfe7c9044L,
-        0xd20fc5a275025d5bL,0xc38808f868ad1441L,0x0000000000000054L },
-      { 0x41574f55f8f1594cL,0x0e9628dc130cb3f2L,0x30f8407c5375a79aL,
-        0x28bee5a986522cdcL,0x75a4472e6be35431L,0xcb6da55b06f2326cL,
-        0xf31d9ef60acc996cL,0x75b5edf92e86b7ecL,0x0000000000000140L } },
-    /* 63 << 133 */
-    { { 0x3e6fae603dad7855L,0x5030d3e21224bc29L,0x23be6fa4604102deL,
-        0xe2fd452d186e1249L,0x04d431a74a13d329L,0xef754a14c4ee6e42L,
-        0xd4a33388d01ee315L,0xce211eb300a21f02L,0x0000000000000120L },
-      { 0x066c034572a9514dL,0x18de295c8b1c5dd6L,0xeade73adf43fa0aeL,
-        0x5e1c485dbc9f2723L,0xc998a5fa0a88330fL,0xe42f25e4f90d631eL,
-        0xab6b3a19b31f7dc7L,0x6c02cfddca2d7e01L,0x0000000000000061L } },
-    /* 64 << 133 */
-    { { 0xae917a54a084d91aL,0x4a1095a88a3ae45fL,0xb7a358faa30ee909L,
-        0x807aca835aee3272L,0x58d144a9681d54bbL,0x36569b8d3352c5e8L,
-        0x75b7e2f1e5d9ba90L,0x348c70da08068bb3L,0x00000000000001d8L },
-      { 0xc2bca2f5309376d1L,0x87ca2cb0457d23d0L,0x7dccf53dacf94fc7L,
-        0x0646dea871e898bdL,0x8a053df3c8bd817eL,0xa9e9c6825a002253L,
-        0xb23c781375a16c9fL,0x2500d5a13f81c2beL,0x0000000000000043L } },
-    /* 0 << 140 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 140 */
-    { { 0x7facf165d19906d0L,0xd8e059afad92d455L,0x7356696f6ebec576L,
-        0x67044e551d6d311dL,0xe2bc81dc3a2e50cfL,0x860036dec00ea37fL,
-        0x71dfbe61ff32d69dL,0x298b766bf502baffL,0x000000000000019fL },
-      { 0x5e5e123901bb03f8L,0xd36c35835304ba94L,0x5025f960b49f6a95L,
-        0x72dd554f75e5b6e3L,0x85bfb398869c9d17L,0xd71cf71f9cace4a7L,
-        0x0f6fd3ad7291dd9dL,0x5da8a689d1b5758fL,0x000000000000018bL } },
-    /* 2 << 140 */
-    { { 0xabdf1b02db567888L,0xf47d5cd15a14bd4aL,0xa3483f68b56ec127L,
-        0xf09422294e65795aL,0x225b339b2de6ae78L,0xfbfe7ef011792afdL,
-        0xf27b31a04548c2a8L,0xb4821ea3dfbd3ba7L,0x0000000000000159L },
-      { 0xba06333ca1c887b9L,0xfc6eef566b243e38L,0x345900c3596ec79cL,
-        0x243b17ab43e33d8dL,0xffa7e30da9370da9L,0x3dc587a50f09347dL,
-        0x0fd1b2463343a72dL,0xe4acefb48372fcf3L,0x00000000000001d5L } },
-    /* 3 << 140 */
-    { { 0x99d91691af8c8ccdL,0x2be2648633764c92L,0xb6e681492477aa78L,
-        0x90430fc6c52d4964L,0x4ced96c54e1647a5L,0x5b52a279c1489674L,
-        0xab7f4127c26ec42bL,0xcd5528fcf1097b9bL,0x000000000000019aL },
-      { 0x7785add63a47e5c2L,0x9c82fae9635cb4acL,0xadcb0de0ced83245L,
-        0xa42230c8ccb91b16L,0x6af43e953a3e11a7L,0x36288135a3145d6bL,
-        0xb74a3e63e2ded224L,0x15df0d2948aab5a7L,0x00000000000001bcL } },
-    /* 4 << 140 */
-    { { 0x25455c2ae3e97a29L,0xd497ab4fd3028514L,0xeadb13ea914ae0c9L,
-        0xf9f6a27533e0bd85L,0x1103bd6053851649L,0x445b182dd66c948dL,
-        0xf74f853bedbecea9L,0x643db0530d27351cL,0x0000000000000082L },
-      { 0xe5ccd1170fd56cdaL,0x421562c371495df1L,0x865b3f9ab2d1a036L,
-        0xe0407f28d3e4f471L,0xa64f74fccb7e4c42L,0xe87e464d1d1e7bbeL,
-        0xcdb9e777abad4a1aL,0x6e1021d7e76deed0L,0x0000000000000161L } },
-    /* 5 << 140 */
-    { { 0x089fbb85b7f279fcL,0xb3562a0b547a1efaL,0x40a3fa3c98080868L,
-        0x90ce47dd94597f7dL,0xb3bb20850c6f4b4bL,0x8c24eda75953ab03L,
-        0xb8b110f04eee13ecL,0x3ace7b901bdb3cbfL,0x00000000000001d7L },
-      { 0x33b6b36f335c7820L,0x43efeebc6b2b5992L,0x3b56649d36ded655L,
-        0x15419020a9dd98a3L,0x08d081b563f405aeL,0x5b1f59d02c588c8aL,
-        0x745c687eff822e70L,0x7ab7b9f169ef398cL,0x000000000000017fL } },
-    /* 6 << 140 */
-    { { 0x568e60bc840e5c81L,0x12b35cd301788f64L,0x70422fa0123e9018L,
-        0x6ceabfced9cdbe2eL,0x67032a107626e2dfL,0x0888ca79d250ef1cL,
-        0xca1fa245d5ba46afL,0x590f29972f6be510L,0x00000000000001d1L },
-      { 0xbd6dd880f2a02370L,0x3ae5f4ac20d42c5eL,0xd2b300f46c08e487L,
-        0x662be2ef896bdb34L,0xe7632d9b07011f7aL,0x9481b843e7e83b8eL,
-        0xeb7e2084a30c0fb9L,0x53e59adfa71241b2L,0x00000000000000cbL } },
-    /* 7 << 140 */
-    { { 0x49d93794c2911aecL,0x586554f1a810c993L,0x867b77a3f2322411L,
-        0x6083b099c2e4cbc5L,0x0445ed8e7cbd094dL,0x417ba195e0feaa26L,
-        0x432b645fc178ed78L,0x429282dfc9948690L,0x000000000000010fL },
-      { 0x3045657baddc286fL,0x10f36372863fa4c0L,0xab804fd7dca96fe2L,
-        0x6b0a12a618c34d71L,0xbae3dc772a7c0ea4L,0x241e63a0abc48f80L,
-        0x34efeaa3ef1843f8L,0x321d171a8498816eL,0x00000000000001c1L } },
-    /* 8 << 140 */
-    { { 0x26e479f9b9b07fb9L,0xf8e49cdfc03b5adeL,0xa0d66a21d525e891L,
-        0x8a062d759a62e3d2L,0x4b025cb738704c65L,0x2b7a6b60d440836aL,
-        0x3e55fe53a3ca3ac1L,0x59577407f1031f19L,0x0000000000000128L },
-      { 0xa5bb1eb02b4edfebL,0xaee5a2174dcfd68cL,0x582146cfa19f4f45L,
-        0x4481152269f7c258L,0x72d7ce9a7f9333c2L,0xe6c88fe2b1dae530L,
-        0x1367ce5c88b50de2L,0x10367dac7150206bL,0x00000000000001a1L } },
-    /* 9 << 140 */
-    { { 0xd210619a37f4b554L,0xa2cc4be40b01fa7eL,0xbf3805805488768eL,
-        0xcb190c6f8a100ae5L,0x6f82bce1749bf03eL,0x0914bcf0c75efd73L,
-        0xbdae235886e6b29eL,0x6e286b36ec5deb30L,0x00000000000000e7L },
-      { 0xf4eb4fefff080663L,0x0702453df93ba24eL,0x1ee5c4e556edfb3cL,
-        0xdc5bef4b7afd8870L,0x74bee7cdc025f4abL,0xaf63727b5597771bL,
-        0x2a51fee0dc0cb4faL,0xd9eb893d309e2a54L,0x000000000000017aL } },
-    /* 10 << 140 */
-    { { 0x991ebfca6cd7b62bL,0xb8571f56009d1d74L,0x14d27d7c441cb94aL,
-        0x4021306519e77736L,0x9aaabb26cb20ade1L,0xa283eb52533f6f74L,
-        0x84ae1f5856dd48e0L,0x275ab1ad91f11a89L,0x0000000000000118L },
-      { 0x61f3c5b415960882L,0x036d46e444f0a7a1L,0xf6c5a1f94bb28f39L,
-        0x610f8313f1cd4bc6L,0x571ba872fcde5b45L,0x23c35a185f066ef3L,
-        0xf878375da40c5fd0L,0x9fc32ccc1158dc83L,0x0000000000000167L } },
-    /* 11 << 140 */
-    { { 0x86d444cdd1d81ec5L,0xe5f57d64c29b3744L,0xe606ada6f74f9589L,
-        0x5fa4dfad28f6b922L,0xf90993ec5b5d30e9L,0x307d234bb0541c49L,
-        0xc010a0daf75b0402L,0x2f36ec8b2d0d3135L,0x0000000000000168L },
-      { 0x1ebdfad4b51917f2L,0x7f7f6c94411faa6eL,0xaef4c9a7d74ec215L,
-        0x3f7ff15d4041ef68L,0x21d6dddc30b6b53bL,0x1ecac9bc6f918cebL,
-        0x05ce1210fcb67a22L,0x7aa44454c5c0e9e3L,0x0000000000000139L } },
-    /* 12 << 140 */
-    { { 0xac513c23102cc86bL,0x34aee96bbfd0baafL,0x47047407eaab0d63L,
-        0x3a1eff07ccd57509L,0x53f237cca81c8d03L,0x7742e3f1cc16c904L,
-        0x5325d4796e2e981dL,0xd959b9f8289e6427L,0x000000000000004cL },
-      { 0x3114735e26f5e6cdL,0xd17e0d5337c5de44L,0x5adf2f3f002a7993L,
-        0x7c1f1f6e176f2f70L,0x01d7f210003758e2L,0x8a2a198693beb852L,
-        0xbded219b40b61e5bL,0x2450d9f2a7427ce0L,0x00000000000000c4L } },
-    /* 13 << 140 */
-    { { 0xfef846878597ca44L,0xa1379684d227c76eL,0x661764327517d749L,
-        0x1420872d295d8438L,0xf296988cd91221f2L,0xb6115a026241e88eL,
-        0x589dce4ea0969d25L,0x4318724ee35919faL,0x00000000000001d7L },
-      { 0xf3ea462a41fa8073L,0x8f577c2156900887L,0xb4318c9929e43377L,
-        0x821a520ca7686967L,0xb62b1149354c5868L,0xfc76e87f6a9dfe8eL,
-        0x8aeb05c6bdc6443dL,0xabcbb41c51a3fd6aL,0x000000000000000fL } },
-    /* 14 << 140 */
-    { { 0x06bc23ab58dd91bfL,0xbfb489e37fcdce7cL,0x50a99333f0d69619L,
-        0x6f1a78a3d65751b0L,0x10ac9bf8e1dbd9d2L,0xe3d584f0133b5409L,
-        0xa52cba20db27d29bL,0xbee71f220ded25f9L,0x00000000000000beL },
-      { 0xcdbfa2cb8d49e1d6L,0xea7e04c2752b7a25L,0xc6cd12c9915cdb88L,
-        0xf5d56504b292eaddL,0x2d0ac7ff26dc8f0bL,0xc6e0722d551bf7fbL,
-        0x17f9acd4c0a3d7f5L,0x0cbdeb4f3498ee12L,0x00000000000001cfL } },
-    /* 15 << 140 */
-    { { 0x8d2b73570149c225L,0x6f048760b1294d56L,0x4feebefe53097a6eL,
-        0xdeb1abbeca846c24L,0xc920fe521ba7f7c5L,0xa851d87174295fbeL,
-        0x8a977818717e5fe3L,0x4e35d70c5320f185L,0x000000000000000fL },
-      { 0xcc43de63bfb2d00fL,0xfc526e5170414bb4L,0x45574b72696ef1cdL,
-        0xf29b91cc4f96a64cL,0x17b2e3503d419bbfL,0x13f2873916dc8aacL,
-        0x3a8afbb755b08a44L,0xf1cecdf34e23f8ddL,0x000000000000000dL } },
-    /* 16 << 140 */
-    { { 0x69cad3ccc4d6ab08L,0x3adb57773b8990b8L,0xd0cad8ce8d958801L,
-        0xcb572e666d728f9eL,0xe3d9e7c4cd5131fcL,0xafceb6b06145dc06L,
-        0x12ecd392e213043aL,0xbd5992943a64c87cL,0x000000000000000bL },
-      { 0x8623bdbbf6ea9cf1L,0x3aad9495547aa650L,0xd3d853fcbeb27159L,
-        0x3d25a64830b40833L,0x12d188e8dec51bd1L,0x836330d2b348c3faL,
-        0x9df50cfe73c2ea59L,0xb5dffb2061ded0b8L,0x000000000000018aL } },
-    /* 17 << 140 */
-    { { 0x4b138db0a2237262L,0x6dd1135e1ab9ad06L,0xc31f50c4c7cfff02L,
-        0xc89ab22d6ab45111L,0x5b8461c35a62394aL,0x0f8a58be8236491bL,
-        0x3660e9f30b0011e4L,0xc83dfd989395955cL,0x00000000000000d7L },
-      { 0x8c4f8327e2177d42L,0x893a9166a8a2cb6cL,0x27d47141b6f7405aL,
-        0x2285f6249e2be11cL,0xb55b89d717722bbfL,0xecb10b0d28d3d548L,
-        0x9682096f6c97c7cdL,0x5d84617f8588d1cbL,0x0000000000000008L } },
-    /* 18 << 140 */
-    { { 0x75cc12737f775b7aL,0x0e0a040e4f3b788eL,0x2eb00b21038bc8ccL,
-        0x750b88536ea1ad7eL,0x0d93be1bd56b81dcL,0xdd262f462a3c3eecL,
-        0x421995083289b172L,0x0fd1c19221cf4378L,0x00000000000001a8L },
-      { 0xc038f20f787c37a0L,0xd8f48746f363e515L,0x5d91de9f54a85207L,
-        0xf72c0e8f953d5932L,0x4e37af2f3f25bdebL,0x03d9084d0ee85cdeL,
-        0x64e551feda041351L,0x55fdee4e6067100cL,0x0000000000000096L } },
-    /* 19 << 140 */
-    { { 0xb4254ee4e048f571L,0x2529deff0aebb093L,0xf1f1ecbca72853eaL,
-        0xf100ab831a56b014L,0xf09cb22e9d01985fL,0x65e22e41cd855cb9L,
-        0xfc3e23afafc54970L,0x8a0f8e16847cde07L,0x0000000000000105L },
-      { 0x6c27488e9e09346bL,0x38666895d7783338L,0xd28155fd191e59acL,
-        0x5454681fe04ff0aaL,0x27bbb0f76362c683L,0x18a787f430340b44L,
-        0x22879ce10a64c12eL,0x0eeb0304b5ac5768L,0x0000000000000164L } },
-    /* 20 << 140 */
-    { { 0x1a9a04ffc48a91ccL,0xe11f57dd5723e9eeL,0xeff193d3f573d896L,
-        0x4c2ce4824e62f80eL,0x9f1e43a7010a0e78L,0xe9c1be55f4364c5eL,
-        0x548071daccd4aa64L,0x9eecd41439d22af2L,0x0000000000000064L },
-      { 0xccea349ea1aa4684L,0xd2413abfc247f97bL,0xecfa10c1aa385b03L,
-        0x9b0d25ddf77ac70dL,0xcffb885d12dfd388L,0x89e1174d6f33dceaL,
-        0x37e1423cdf3cee18L,0xe4ba71be378c8bd0L,0x0000000000000110L } },
-    /* 21 << 140 */
-    { { 0xabb17070333bc84fL,0x41090912d03c10ebL,0x8adda5ae18e32b11L,
-        0x7bbc3c10f86dc4a8L,0x9092ae12d649c287L,0xdb06dd82bc3a65cdL,
-        0x18ca4d753e07b6b8L,0xe291bdc47a9f4b35L,0x000000000000001aL },
-      { 0xcca919f56830e001L,0x748a24a9e3117f7cL,0x9ed8b483a3222af9L,
-        0x745dc8ae55996204L,0xf7c9afa042dc624aL,0x900e3f41449efd5dL,
-        0xed319f077084a837L,0x3e4911c944052eecL,0x00000000000001c2L } },
-    /* 22 << 140 */
-    { { 0x83bd9ff7daa696bfL,0x7fa14326059a611cL,0xb526f26264d7924fL,
-        0xf1ef5c6fc1cfb749L,0x6a2d7d3f6892bb09L,0x34b326a1d69bfa95L,
-        0xb702cd98f8f49ec0L,0xa32611a39b8d2fe5L,0x0000000000000028L },
-      { 0xbd0e80afc982fe86L,0x3c59319f0292e026L,0x1e77d11ec72215d4L,
-        0x39d2b2c6fa0d77edL,0x22ab784f71ca01efL,0x87ece833a7e8268dL,
-        0xb5d67f6bd1682c8aL,0xb18f577d677b9508L,0x0000000000000183L } },
-    /* 23 << 140 */
-    { { 0xa02284c4e2be6438L,0x234448f60d1b27d2L,0xdb7d087adaaed164L,
-        0xca39a1f9bb959ba3L,0xf87e2f49a4b8b5f8L,0x559e905f4d5f1b60L,
-        0x479466a072370c3bL,0x63d28e16b0bca628L,0x00000000000000c3L },
-      { 0x147e8781e8d32ad2L,0x40e530111472ade4L,0x40f05d9a97cc63c9L,
-        0x485dff28f13f5454L,0xe360a4c25824a4c6L,0xac09f1c4ebb6e58eL,
-        0xd80077bd1e778bb7L,0xb549c19d6ce4263cL,0x00000000000000dcL } },
-    /* 24 << 140 */
-    { { 0xae6b428f554b88b9L,0x26bf6b6c8313c74eL,0xae7e5874ce24b917L,
-        0x26e268738b3162c3L,0x2ba4f3edcaad88f4L,0x6e9e5051375a3f9cL,
-        0xa754cc49d70210f3L,0xff8cb757e4553c0bL,0x0000000000000119L },
-      { 0x93f6a0a4ae1c208eL,0xb56b6a4ad247d4e2L,0x4cff7d0391009637L,
-        0xc6b56f6be0efc126L,0x81f5d59c42de039cL,0xfc4c1d26f36854c2L,
-        0xa66ab1792d280f60L,0x6c5468c3eece88ceL,0x000000000000000dL } },
-    /* 25 << 140 */
-    { { 0x1df2fe5226b04f55L,0x43febfabf8717ce0L,0x6ca4a4c906a32d96L,
-        0xc625ce6c9a25aad0L,0xddcbd5755bf093c6L,0x4740594fcb1fbaf2L,
-        0xa1e50234d12cede3L,0x27b1937203f2fcf1L,0x000000000000010eL },
-      { 0x5b9999d1c137a9c5L,0x1580a031522d2decL,0x21b2cc0a35220780L,
-        0xc66015fbb9286a1aL,0x5ecd634a90d3aef9L,0xd9c91a6d88d39d33L,
-        0xbc02dc02864919a0L,0x110830f991b49396L,0x000000000000019eL } },
-    /* 26 << 140 */
-    { { 0x897d947ac5d1e1e8L,0xbfcff6ae0587d4d8L,0xb5f3ffa5279d1ebaL,
-        0xa4c3eb1cb725ec65L,0xfe037a76cdbd4600L,0x424c015216a86cd2L,
-        0x23645a597b3ea150L,0x9e913a47c9db1cddL,0x00000000000000baL },
-      { 0x714c4dcedc4fca02L,0xa1c699ea5ff04ea5L,0x6144a96f0ffeae0fL,
-        0xcd2e50d7203b8a69L,0x0012fc770d2c230aL,0xdbc4f25bfa8b6928L,
-        0xea8941ce060f3141L,0x86836d7b946f207dL,0x00000000000000d2L } },
-    /* 27 << 140 */
-    { { 0x95a4c2bcfbc9136fL,0x9ffd305bbee15a48L,0xe445467ef86e497bL,
-        0x7bbb4922bc2519c6L,0x9dda7889bc9b2de2L,0x9ec70bb743b88ea5L,
-        0x5b58943ca1bb75a8L,0x3426ff7c5c5cfe2dL,0x0000000000000042L },
-      { 0xbb152162963204a4L,0x19ab08f23ab85bdcL,0x266ab5ad034cca2fL,
-        0x7a27928d8eb8753eL,0x405302a272272090L,0xea7479374a010ee1L,
-        0xfd2764875eb40da3L,0xf8d4f8029b6cf000L,0x00000000000000c2L } },
-    /* 28 << 140 */
-    { { 0x0587d31801873864L,0x6c4940d1a8758f49L,0xd5928f463f1f13cbL,
-        0xb0917630481afcbdL,0xafbbe96c2804e91dL,0x1016565133ef9d5aL,
-        0x7284a58ea2c3796eL,0xf013d38a5ff369a3L,0x00000000000000b8L },
-      { 0xea1ad141d71ec602L,0x5faa6539449f5326L,0x30080af4455cde9aL,
-        0xc4bcfdcd6affaba7L,0x52e0ef42801f9569L,0x5abc27b2c80b0b5bL,
-        0x3c4cd4339e99ccf2L,0x63e689dd6703e3c9L,0x000000000000010eL } },
-    /* 29 << 140 */
-    { { 0x55b2acfd76824739L,0x7f2d73ede9167239L,0xd7e63103419b9e86L,
-        0x4c358f755f58d997L,0x9b8771ba635a21ffL,0x5f3394307708bd7bL,
-        0xa0de93faf730a252L,0x19524f0de8a755e8L,0x000000000000014cL },
-      { 0x426e17b7446f65a0L,0x93c214feb669d1a9L,0x93fd2087a657e7bfL,
-        0x16820da66b9354c7L,0xea8818c3c6a24661L,0x8b673d76ca97c304L,
-        0x028065fc59d65adbL,0x6e75b61ccb0656f7L,0x0000000000000098L } },
-    /* 30 << 140 */
-    { { 0x94bdabc696b632d8L,0x5685cd96c04f512bL,0x09135f1dba7c2f6aL,
-        0xdf4bccbf16711651L,0x9339f902ba842c06L,0x84649cec4ea6ade7L,
-        0xf98ce1ace76c4520L,0x25d796d082b2e5edL,0x0000000000000159L },
-      { 0x190184670ef41247L,0xa8aba9cbb06ab440L,0x6a2c8f0d424575efL,
-        0x29542661a7641251L,0x4aef28806063cd71L,0xb6521c4661007b1cL,
-        0x44b83804d1f05f1cL,0x96545d8984a8d313L,0x00000000000001c8L } },
-    /* 31 << 140 */
-    { { 0x56c2c87fcabeb4c8L,0xc0acf4c98c3e6148L,0xbe7fe6ccc20e488eL,
-        0x423761668330b587L,0x5af5ced080883de3L,0x4b6aaaf85add9229L,
-        0x7c7ad512ab13ab0dL,0x14bc975727ddc17bL,0x0000000000000036L },
-      { 0x92d037848d17337bL,0xd5d878b97bd6dba0L,0x9d229cd79e89007bL,
-        0x3c014e2492b07e2cL,0x533280fee56c30b4L,0x41fd5f6ecb3790f6L,
-        0xc5e9b610c89facbbL,0x89429ae2d48d455fL,0x00000000000000cdL } },
-    /* 32 << 140 */
-    { { 0xe843d0350c62942aL,0xeb792fc5d8920cd4L,0x3fa4154e90be6fd2L,
-        0x002631cbce2557abL,0xb37b952a226742b6L,0xa7658c0afeafdc24L,
-        0x62a7de67b5a09597L,0x25074f6a9bb3cfdeL,0x000000000000015eL },
-      { 0xe6db0f49d03cf65dL,0x1187c8b40347dff1L,0xdea411166e4ce605L,
-        0xac0ca35322313708L,0x395ddee3b6a5cadeL,0xf31abcb1c6d80c86L,
-        0x013371b1a07f0747L,0xf54231898f55b804L,0x000000000000014dL } },
-    /* 33 << 140 */
-    { { 0x31cb7a50f9a638eeL,0xb23e940381388b46L,0x1c0b9ebc7bf805a3L,
-        0xcacce3dbd40f4071L,0x8360c4c6652cc8e7L,0xeb2829c4327a1acdL,
-        0x4fca72678eedc8bbL,0x49a6630aca904d48L,0x00000000000001edL },
-      { 0xdf7aff0abe745b6fL,0x15b66c0630f736dcL,0x4efc54545d6c3ba4L,
-        0xa1becaaa4ec61d29L,0xda6f8551b17a9158L,0x889c4a939eed3eb8L,
-        0x6f5dc762cc33be94L,0xd0f2a30010588a5bL,0x0000000000000144L } },
-    /* 34 << 140 */
-    { { 0x93b6f1877e5836afL,0x0e7009435c3af4b9L,0xdb3b4d704b4f0f02L,
-        0x0c196039d71d4375L,0xede744582ed230c5L,0xd0630162add9da94L,
-        0xae533629cd2c0ec5L,0xa93a8b231108523eL,0x00000000000001b3L },
-      { 0x6891494b70a36874L,0x5c15139dd85b565bL,0xc8104f07b620217bL,
-        0xda49717001c964eaL,0xcf38a9e7631c7daaL,0x631856c19e124493L,
-        0x057b8cd2ab9d4cd3L,0xb3d089bab13791b7L,0x0000000000000013L } },
-    /* 35 << 140 */
-    { { 0x27d87b3b4032e076L,0xe37fc28f6aa218a2L,0x55a525b1ad652b86L,
-        0x82ecdf89db0e1642L,0x7951a419d974a454L,0x4367ac17f8195a7fL,
-        0xad2b7d0d86b0cad5L,0x36113772d6140139L,0x00000000000001a8L },
-      { 0x98f04f1c8ec6a745L,0x1dfaa104644bb3a5L,0xb9c03e2bd331c407L,
-        0x15188e1662af07a8L,0x0b2f2cb67f329a15L,0x0b7ca5fc0a91b5ebL,
-        0x28b5e4bb5c410c39L,0xcc64e7eb0de792b2L,0x0000000000000188L } },
-    /* 36 << 140 */
-    { { 0x5f4b9fa400a0bdb1L,0xcc2cb2b2a274ac45L,0x7c05dc7c6e646620L,
-        0xfca73a120cc2626dL,0x6bf5386457718621L,0x1843b57ae81976a7L,
-        0xc350b19bf323d6d3L,0x0c514dd5c4a360eaL,0x00000000000000c7L },
-      { 0x24ed924263c17c00L,0x4a49aa5368306bc4L,0x11b210cc1744cb19L,
-        0xa6d24a9cc7284b23L,0x7a438e436b558be0L,0x798304c7bda0ff5cL,
-        0x5c6782b6c1c19b1aL,0xab2864276f4d0e2bL,0x0000000000000106L } },
-    /* 37 << 140 */
-    { { 0xfedd7c404f2f5c7aL,0x77c579e61a9c79efL,0x88cfe011463e782eL,
-        0xd51523c57ff1d238L,0xbce03def946a4c51L,0xe56855fe4486a582L,
-        0xb52fc072d6d9ead8L,0xb406446c52fe62bcL,0x0000000000000085L },
-      { 0xa4db7d7811dd4ac5L,0xd877aae6647e8dbaL,0x2c7ace9980bc3941L,
-        0x29f8ebc99faa3242L,0x6153632a10afc24eL,0x57cbe075dc5c3cc6L,
-        0xcae0ed2e9b8a0c22L,0x029cbee5ef2c6786L,0x00000000000001e7L } },
-    /* 38 << 140 */
-    { { 0x413c7ee2987d0c74L,0x2ed4f5a085300d40L,0x158c43d7ac13c624L,
-        0xd71848db09c8b19dL,0x75505e2b0565dac7L,0x168e414a20fc368cL,
-        0xcfb4283e0ea9f88eL,0xf39543bf758fe171L,0x0000000000000164L },
-      { 0x35e54289d98d8173L,0x2ca86f6fb9518343L,0x61dcc693519ce3cfL,
-        0x91aded0d3f9e26eeL,0xbf70d414b824d11fL,0x8a2d8a7f0f4cb14dL,
-        0x735009e46c6261f9L,0x7ec2b1232471c948L,0x000000000000008dL } },
-    /* 39 << 140 */
-    { { 0x870f9cb4a32999b0L,0x74437cc97189a3daL,0x9dc9814abe7c0a6aL,
-        0x49d7ea1cd8a8b051L,0x0501d49b68b28d3fL,0xd3e65e3df496c58dL,
-        0xfcade2203b8d66a2L,0xb5a6c1c9526c8bd0L,0x00000000000000f7L },
-      { 0x91cd67b271fb5f4eL,0xa0af14d96d6e2e1cL,0x840a19d4d38b37efL,
-        0x4b66e20a93a9ea62L,0x81fb5fa30b83bf02L,0xa92fea241051e64aL,
-        0x6788483422c14f6dL,0xe10bafeeca340776L,0x00000000000000ceL } },
-    /* 40 << 140 */
-    { { 0x789f41da83a65a18L,0x5bb4894fb8a305c9L,0xa6f3bacf2f738054L,
-        0x997b0fdfdaf74eaaL,0xd5684faae810d5cdL,0xa935b391392fa19fL,
-        0x8663e1c6850b10bbL,0xc0bb73437c749d23L,0x00000000000001fbL },
-      { 0xb090011f1ae17d4fL,0x67152af36d6954d9L,0xc2e0ab2979e7822aL,
-        0x6dd7cec997784f62L,0x96c7fc2957109376L,0x2815b8113f967c39L,
-        0x22cb5983d7fabd0fL,0x583ee8355fa5a752L,0x0000000000000146L } },
-    /* 41 << 140 */
-    { { 0x8b56eb2c5019302bL,0x06e9d1aea8d84e40L,0x691e1c877df7094aL,
-        0x47b910adb1f1e654L,0x83e506b760b44fd1L,0x1918e257b9ba00c8L,
-        0x0ec4be508d41465bL,0xfd121959da18d1a6L,0x0000000000000140L },
-      { 0xa34a1e684d047374L,0x6201d460b4316331L,0x331a7882078f21dfL,
-        0xfaf64df9148c48aeL,0x2cce458d87e58591L,0xae3393755d170040L,
-        0xfd9ba9ff4a6d9a42L,0x58493d52573859d5L,0x0000000000000056L } },
-    /* 42 << 140 */
-    { { 0x6187b95820a9dac5L,0xfd9315c1a8f9e18bL,0x50e385c080fbbe78L,
-        0x42e8fa0b6d70e105L,0xcebf0b28c535e577L,0x2095d5027cb7352dL,
-        0xa6673d873972a336L,0xce13ca020126a92cL,0x00000000000000a9L },
-      { 0x6f3dff0689b255fcL,0x71a60c67df1a0a04L,0x9b04cf5301c122cbL,
-        0xc3d298b91342573fL,0x12aa6b82848b07eeL,0x8b10b9069b619109L,
-        0x56660e8ccc89c390L,0x32bd385c8f29dd7bL,0x00000000000000e7L } },
-    /* 43 << 140 */
-    { { 0x4e3876b249617dcfL,0x0eaded881393d785L,0x7c6967e570cb9ce3L,
-        0xc6873abae584ff6cL,0x6d18a71a967162b9L,0xf29d7f31a203b785L,
-        0x627ccb0851ea4b5bL,0xa4218e75ad6f8c89L,0x000000000000014bL },
-      { 0x552819fdac3f5ce4L,0x4a00293c539999a9L,0x5eb79de4c782bfc7L,
-        0x21fe279d671a30eeL,0x146b912c58c123e6L,0x74b095804c97f32bL,
-        0xf182d37ab3acbf61L,0x8c9886570d00d2b4L,0x000000000000006dL } },
-    /* 44 << 140 */
-    { { 0x57f80100fe209f1dL,0x71c60c6fd43ccebcL,0x033d3c2854e446d5L,
-        0x2003e502d3f1007bL,0xd87ffd20d79548bbL,0xefd5056f86ece398L,
-        0x80cef761e69482deL,0xf62b923038d1673eL,0x000000000000003bL },
-      { 0xfb44b80cfdb5cab4L,0x4f520a4aa1af6209L,0x0ff5bda847e5b2ffL,
-        0x85d1dc6e8b0ac82cL,0x8a19ca4f1d2eb0e8L,0x9e99fdca7c488126L,
-        0xb754370b1edfdd03L,0xfd181a02ee494576L,0x0000000000000106L } },
-    /* 45 << 140 */
-    { { 0x1d3d318ff362cd2eL,0xdd4725846711d19aL,0x56207e9ff1858a12L,
-        0x3bad522a5c10b471L,0xc925ffa871aedf63L,0xd8d53ffedae62373L,
-        0x248da617a3819bebL,0x71fe647262ae36adL,0x000000000000012bL },
-      { 0x2acc43d9375712a5L,0x8d942d284a4962e4L,0x53c296197cc6b7beL,
-        0xdec24b5919f536c1L,0x15b9e285b2e78107L,0x86d0f79383e95280L,
-        0x225219f813179418L,0xd416e229387c2867L,0x00000000000000adL } },
-    /* 46 << 140 */
-    { { 0xb58259824bea9e27L,0x9e27af0751f4fd00L,0x5cec315a1e77fff8L,
-        0xcce4be49021d7518L,0x9330fb3373d0692cL,0x1730d9e896be6a41L,
-        0x9019c06c80444818L,0x84ee038eefcdd584L,0x0000000000000041L },
-      { 0x65869ea65157da30L,0x478e70f6facf8c15L,0x5cfd22fcca9def36L,
-        0x5ed90506a3126a73L,0xca6b0ab1a1e2cd48L,0xaab6ac8215cb7122L,
-        0x8f88e213d86ddc96L,0x0412bf12c8c13f1eL,0x00000000000000b1L } },
-    /* 47 << 140 */
-    { { 0xc4a01839e6931841L,0x5953809f30be402dL,0x8b56ce11c3fa4c19L,
-        0xd2677642043a7e0fL,0xd4b9df95fe0f5cc6L,0xc6f4a5a22d6b2c98L,
-        0x49db7c27426282a3L,0x658d11be03260727L,0x00000000000001b1L },
-      { 0x9236615fda96f5f3L,0x76e3fa6f6e6ae4a5L,0x1f1d55010c7de659L,
-        0x80e17dc33f994e69L,0x74c24adc6684ff4fL,0x614652d6c4a60902L,
-        0x6ef20ec54a2e2ff7L,0x6db06cdfcfd9b199L,0x00000000000000e0L } },
-    /* 48 << 140 */
-    { { 0x6b8f830418a82ccdL,0xc3c560011b132b2cL,0xafb9250d8ded65a4L,
-        0x921b4635945b6410L,0x100306bd9f168610L,0xdae04ed366edab88L,
-        0x4edab84ed86b2664L,0xdedaa28cc815c6b2L,0x0000000000000142L },
-      { 0xdb8265f17b7161c2L,0xf022683f8f11558cL,0xb8859f1fcf5fe6efL,
-        0x7419abd8ad90be7eL,0x8289c33f24aa372cL,0x3871cb407c9d3be5L,
-        0x55402906b3034315L,0xae557332a7e70821L,0x0000000000000014L } },
-    /* 49 << 140 */
-    { { 0xd39f520b8e0f7e9eL,0x153866ff8d0fd062L,0xdb15decf87a3f88aL,
-        0x6ff41e5c72d55d0eL,0x44ba35b94ded067eL,0x46f07e1e584a3fbbL,
-        0xc2998a4a3f909c94L,0x645d2f7dc1f8d292L,0x000000000000019eL },
-      { 0x992c5807341c12c9L,0xf2d2f1e0b2c77b3fL,0x9dbc83aabc99a864L,
-        0x0687cbd145300329L,0xf8b22c0a5d7b5dfeL,0xe110d7e57cb97195L,
-        0xa680d2d96fc7e42dL,0x39f4584cae5d5039L,0x0000000000000023L } },
-    /* 50 << 140 */
-    { { 0x7836badb584fb47eL,0xec96b42dcc48845dL,0xeec01e0f435017f2L,
-        0xd7f7857766f61203L,0xe82608d41730ab48L,0x9eb3b2c3a4b35551L,
-        0xf14b296e21e399e8L,0xa07c6566f4d2e554L,0x0000000000000005L },
-      { 0xf50bd939b79d53beL,0x376e88bd324ca0b6L,0x43a24688b91f677cL,
-        0x821c11d97fc385c7L,0x0b766adbfa3459fbL,0xce0225e33c45fecdL,
-        0x508a49f7130a419fL,0xde6f53c5b9515e1fL,0x0000000000000143L } },
-    /* 51 << 140 */
-    { { 0x175cd2cec14ffcbfL,0x4b1b3cbbd269602eL,0xea11435a257cb2b8L,
-        0x172ffe4827c1f139L,0x2f4e6229bfffa4fcL,0x4be074c9c2be5e41L,
-        0xf91f21bb8f2cb3cdL,0xf116fcf14d7108b2L,0x000000000000001dL },
-      { 0xf93def59effad0fcL,0x9957c785e54de87fL,0x2b3d8e7396903c15L,
-        0xc373efb0f091ee95L,0x881699e9f4564854L,0x4a64517b7de613edL,
-        0xb260565d73c10c4eL,0xdeb813b518d4d4fcL,0x00000000000001b8L } },
-    /* 52 << 140 */
-    { { 0xd64a62e38f0599a4L,0x17c8c046e4bc61a0L,0x76b9b05d1812e087L,
-        0x253e9187c0f673d1L,0x8e02cdd01f8cde04L,0x576609d68714debbL,
-        0x61bb207657420758L,0xfeefae3a3e68bfb4L,0x0000000000000111L },
-      { 0x2ec9513515522d32L,0xe35811c580c19a4cL,0xe7dd7c057e37cb87L,
-        0xb1cf36ba16a8ca9cL,0x57163e9bb05ac678L,0x9bbe8a774ab4d064L,
-        0xadb308e09451dd9dL,0xe7b834ec17aa1d11L,0x0000000000000093L } },
-    /* 53 << 140 */
-    { { 0x847550a14f3203c9L,0x441cd9d9bd63820cL,0xf827fec2d231b04cL,
-        0x96c5e5dacae5e016L,0x06dc22775d223032L,0x87e8052724c4313dL,
-        0x15cc1b277bb78ea0L,0xd92f2574201d9edcL,0x0000000000000159L },
-      { 0x4d7082592d170a33L,0x01e2b8e72fbd98baL,0x180daba85f9e906fL,
-        0x77a1bf3a8def35bbL,0x648fbd384dd7bc01L,0x7d90c0863455a0d1L,
-        0xaa24fa724004cc29L,0xbf3868c54a5fd928L,0x000000000000008fL } },
-    /* 54 << 140 */
-    { { 0x8cbab5a70c570045L,0xa475735431d1bb51L,0x9eee4ceb444399c0L,
-        0xbb0778665a4d10a8L,0x04f4700eed6a38a6L,0x58c5c6c85bcbbc76L,
-        0xf7c0f5c3976b1c84L,0x9ac5fe72074af6b7L,0x00000000000001caL },
-      { 0x551d4acecdfff064L,0x7aaa92f1a4c00fa3L,0x1e55fe218c3f16a6L,
-        0x3de2f116f2e73439L,0x457d00585c583e87L,0xe3335a69ca962853L,
-        0xa21c0d2c118d709fL,0x4257e6a6d21e990aL,0x00000000000000cbL } },
-    /* 55 << 140 */
-    { { 0x6e6c89f5d04d03faL,0x63aaa58dce5e7290L,0xf76838bda910619eL,
-        0x80c24771bcd11f15L,0xddc294169425e02aL,0xcc486bce0263e8cfL,
-        0xad11349862db25deL,0xb4bf878a6dc9f601L,0x00000000000001fbL },
-      { 0x895ee8c70b91aeb4L,0x8e7cb7e0cf0f7609L,0xe89b60279e1427a2L,
-        0x7b9035cf7b8dd96aL,0x096b128e4535357bL,0xe333a5e139e3f807L,
-        0x4d2ce2d08819dd53L,0xafe18d5568251143L,0x00000000000001e3L } },
-    /* 56 << 140 */
-    { { 0x8d6eba17e9d0c03dL,0xdf3d3c1cc3c1f760L,0x9776992607401f2bL,
-        0xa0a5992204cb691aL,0x1fe9bb01b6ffb7a2L,0xceeee53e207c9509L,
-        0xc9224c7f82352c8eL,0xbb29f68f772d9de6L,0x00000000000001d7L },
-      { 0x3708ea24802ea716L,0x7735dcd80cb41faaL,0xb0e4dc31e2e98dedL,
-        0xfcbf0807a5776dfdL,0x30b121261602ac0eL,0xb1080dc0cb155450L,
-        0x9872c0b7686b0117L,0x53718ec24fc407d0L,0x00000000000001f2L } },
-    /* 57 << 140 */
-    { { 0xaac1bebddd3131b6L,0xb6ae2dbd355fc1a3L,0x179c6fe93e91bd61L,
-        0xdb13596c2f5fe441L,0xaefaa096a6171014L,0x6af216af84ce8690L,
-        0x90fc31872771b4c1L,0xef31625f6c17ab8eL,0x000000000000005aL },
-      { 0xd7de907dbe106f8eL,0xea860c78ef29153eL,0x19de038a9fff6a9aL,
-        0x1a4b9b0f816645f7L,0x6eac219be91f38cfL,0xec8bb484cc084436L,
-        0xf1df126ec024e970L,0x106e9d1df10a9f32L,0x00000000000001c7L } },
-    /* 58 << 140 */
-    { { 0x887f5f7dadaeff53L,0xedcbca6c786fef67L,0xd7bb8943f09a8d39L,
-        0xd479d649909702dfL,0x4ae419db67ca7124L,0x261d989c485a86afL,
-        0x98967d4a9be0ae87L,0x3f6aaf7ec22f8626L,0x00000000000001a2L },
-      { 0x84cce3aa6127b3a0L,0xd6c6f9e454bfe185L,0x7ea36b64c8207accL,
-        0x9ec42d09651c627bL,0x3b933445b30cd27eL,0x24671c86057472eeL,
-        0x59ecd8cc6eb69b43L,0x87b80a767eb210dfL,0x00000000000001b4L } },
-    /* 59 << 140 */
-    { { 0xa923220091a7620eL,0xedd722be85bc2a66L,0x3876833331e7a7fbL,
-        0xa190e74125837410L,0x0ba399038d0339aeL,0x5e5bede878292e1bL,
-        0x65c8e564fc1727e6L,0xca1a08b61c7626a6L,0x0000000000000165L },
-      { 0x465c87a5d36c351dL,0xdfbb991bdde74f25L,0x587247c439474176L,
-        0x24452876ad1dcd0eL,0x020dd2685d105c53L,0xc6578e676c09755dL,
-        0x38e992b57fd6720dL,0x722e35424d7cab65L,0x0000000000000028L } },
-    /* 60 << 140 */
-    { { 0xafc72082bce9ceeaL,0x3d6782d22e39b303L,0xcf80e0e42d0707bdL,
-        0x2ce86804499c7a85L,0x2886fd1d0078e18cL,0xb4fd3d50f4b05c32L,
-        0x0e15e71ec3872f88L,0x22a9f5d16ed84f63L,0x0000000000000021L },
-      { 0xb3373fd31a67be31L,0x2d735f4cc320c1a6L,0xbe78bf0e89cc9314L,
-        0x103c15dc9d83b96cL,0xdc4911c6e59d4b8aL,0x82035e43e77f32abL,
-        0x5b67b58fcc0fc8d0L,0x68345fd533f6fb5fL,0x00000000000000a6L } },
-    /* 61 << 140 */
-    { { 0xbf16e67a89cea871L,0xcc9468110e8a4e02L,0x0b98bedf81bd3ab2L,
-        0x3e1426e33d54ffffL,0xc1cbbd7556c0dfa1L,0x620757a15eaf6969L,
-        0xf4bcd2c407429b44L,0xfb1d11cafa1954fcL,0x0000000000000130L },
-      { 0x620e9551ec84e8c2L,0xed5fb669bd2b2df2L,0x5fb8443227f1b8eaL,
-        0xfc245aeffde8747eL,0xb5c86e67b3d63366L,0x840d13cbe6f5ace9L,
-        0x8f48e4b80d52b642L,0x47218d9612968625L,0x00000000000001baL } },
-    /* 62 << 140 */
-    { { 0x63c7f49beaf731a7L,0x8de8815f4d3db806L,0xabb9f24f05a18ce5L,
-        0x5907d287c98281baL,0x112f1c1499819cb4L,0xb6c82e83f4b873c6L,
-        0x84dc0f43369bf15fL,0x71c53d9005d32850L,0x00000000000001f1L },
-      { 0xa83cf8ee69584f8eL,0x5417454910553d5bL,0xbfb36711adafdb64L,
-        0x4d28a04142f7244cL,0x03458837900552d0L,0x712d0c1cd6f23c51L,
-        0x5f541b75b10fd53eL,0x3e1824c5f43d7b90L,0x0000000000000081L } },
-    /* 63 << 140 */
-    { { 0x83f636b0455342b5L,0x4eefc94489cd2497L,0x9cd00d6c21d70b2fL,
-        0x6ffa051f02a29335L,0x03085ff0e800ddffL,0x9de699100fcc7935L,
-        0x33e4e2a246689663L,0xaa6c25f3b467e56cL,0x00000000000000c8L },
-      { 0xb448fad49af4127fL,0x1b3603254d024fedL,0xdd1b4ec1724446eeL,
-        0xac577edb13df9d91L,0x515818244616a822L,0x289df7cda5480005L,
-        0xcd8f303c0b8040a5L,0x88e9b6fa7d0559c0L,0x000000000000012eL } },
-    /* 64 << 140 */
-    { { 0x42458cfc40817aa5L,0x96f15f13560cc12bL,0xf96ea2034400b1e3L,
-        0x266c2a626ebc6b8eL,0x98ebd5d42b374cbcL,0x15c1f4fd97f946a4L,
-        0x759238ae33a07357L,0x6de75cfe2e3338c4L,0x00000000000000acL },
-      { 0xf73dfd08a1d6bad6L,0x32228f5f72566188L,0xea587fed0497dd53L,
-        0xad4c4a562c1673c2L,0x8c8dcec4ade968ffL,0x77bf520edef7feaeL,
-        0x856bb7987e6a19cbL,0xc289274db7fb508cL,0x0000000000000050L } },
-    /* 0 << 147 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 147 */
-    { { 0x2491a894de6bafe8L,0x8aa13ac5ee9eb4c2L,0x1623b9df31b2d1feL,
-        0x1fb69ca81a5b21efL,0x722f1be3290d231cL,0x8d2a56eeb93891f0L,
-        0xb534845b48a2dc2aL,0xe4fadafc3e2a9160L,0x00000000000000caL },
-      { 0x7f9d50b8810034b4L,0xfebda319e8703f93L,0xecae100844caa3d9L,
-        0x21767275bb5e0dc6L,0x529817cdac64fb7eL,0x984cb5bd31b97b4fL,
-        0x33000d288ba3a593L,0x950b9c149003a472L,0x0000000000000039L } },
-    /* 2 << 147 */
-    { { 0x5e94c2a2a1da3c44L,0x90d950916c05a3e2L,0xb29b791e74871eb1L,
-        0xe82a41fa50c2d855L,0xd2d24df91e689f42L,0xe9e935450cf6ed2fL,
-        0x5fc9d992c6ed3e7eL,0xb4eb7df03606713dL,0x000000000000004dL },
-      { 0x248fd9d72099171aL,0x908d539e1d16d66cL,0xab47b9eb171bfd3bL,
-        0x70e5de8cecdd8e37L,0xedd44ae051eed557L,0x4983c6faad95aeb2L,
-        0xdedbfea1cdc8214fL,0xc6ae2030131549b3L,0x00000000000000c9L } },
-    /* 3 << 147 */
-    { { 0x7f642d9767b9ec83L,0x262cf832a01a1318L,0x279669d0288517c4L,
-        0x39e8ea3451456d59L,0x5a8b5b78e9cdcf0cL,0x37b6e21f183a3198L,
-        0x0cee02daf754f97bL,0xb6fc483e9c76fa86L,0x0000000000000137L },
-      { 0x783a819125386715L,0x4fa789033e397588L,0x25dc90b31825e7bbL,
-        0x648caf54125497ccL,0x14940daabd22072eL,0x0a6fb1af51e5a037L,
-        0xc637e1ef41570602L,0xb63d078dc1685b35L,0x0000000000000030L } },
-    /* 4 << 147 */
-    { { 0xff25170724db06fcL,0x4421108c849ea0b1L,0x3073c4caca8162a1L,
-        0x6d768642e42af7adL,0x031eba68a6bc7790L,0x9a8154c3d8d64e3fL,
-        0x7060550e297aafe9L,0x8681a2c6641391fbL,0x00000000000000fcL },
-      { 0xe9e76b16e0675e14L,0x3c4e3c42740f9bb7L,0xd3e75ff52869a3aeL,
-        0x99a891aba47c7580L,0x42b47bcf0b321989L,0x2d1212a00a6dd3baL,
-        0x25b1c5c8b43e9086L,0x8bc954e8e8d1a73fL,0x00000000000001acL } },
-    /* 5 << 147 */
-    { { 0xcb43d398c9b67ea0L,0xff2afbac39f12f2bL,0x516c8971a99ef099L,
-        0x283cbd94271d23e0L,0xfc2a6cb5cb3ec463L,0x2f08949e25d3036cL,
-        0x496b399a5d21c843L,0x493ab65a61dc0631L,0x00000000000000afL },
-      { 0x1f2e2d3d092d0f6cL,0x4d09ae2975901dd5L,0xb4324dff826cc023L,
-        0x98744acff8f24acdL,0xb4b90fd6c4da3267L,0x3c5a2dffa221c054L,
-        0x70c249032f1d7804L,0x3d8676a9ae973b22L,0x0000000000000080L } },
-    /* 6 << 147 */
-    { { 0x5c9da1422f134a93L,0x898c25ba65dd482aL,0xa8ce92fef6ef3e64L,
-        0xe462faec5da54ecbL,0xdff68f3fb81e3ec3L,0x5278eb6c4b8ef144L,
-        0xf98a36d50dc84f3cL,0x8edd6edba94ef000L,0x0000000000000191L },
-      { 0x738606c4ce8f5403L,0x102f1b3a1a20b349L,0xe7f1bf3328f73251L,
-        0x0136f3eb1dccbbdcL,0x5b2b77633df6d9a6L,0x02b03dc6c9ee09fbL,
-        0xff600116ea421742L,0x432728e840d3c3ebL,0x0000000000000034L } },
-    /* 7 << 147 */
-    { { 0xd97ddfa513137accL,0xb48fd161f90ae86eL,0xbe3b1135664772c7L,
-        0x36a3f3bb882ebcbbL,0xa0bd95d4c260b262L,0x15aa4d0514b47d2aL,
-        0x93607e4a08838ef1L,0xdbee0effc3e3a24aL,0x00000000000001d5L },
-      { 0x552772377ea76b01L,0xfdb2d29e02b16d83L,0x8503e9f50a9f47bfL,
-        0x6b462a78702205edL,0x996d0687e7449e0cL,0x005ffde4a89f336bL,
-        0xd784ec5fe7b964f6L,0x4360cf20c319e445L,0x0000000000000194L } },
-    /* 8 << 147 */
-    { { 0x4bc6f28624374decL,0x9ded182eddbf9446L,0xf58ddb470c3c51e1L,
-        0xa6bd194efcff08c2L,0xdc47a3a63e931aaeL,0x7f1020a8daf165e6L,
-        0xd439739f8faabc58L,0x6efc35ab5951222aL,0x0000000000000187L },
-      { 0xf15ee7129498152eL,0x9e85afc9acbf1f82L,0x7b5853ee397280baL,
-        0x0283243a6b8d13eeL,0x64abbdc796cde865L,0x0284a75f3dff94eaL,
-        0xc476e3a69c7b3d53L,0x9dafe302d1884045L,0x0000000000000133L } },
-    /* 9 << 147 */
-    { { 0x274d321fa6ea2d61L,0x189731b0d4b12aecL,0x3e3ad753923d81b9L,
-        0xe89c40b7befba1a5L,0x6fcd642a015eb22dL,0xde04f997d12be7f4L,
-        0xf2cfa38caf2ccc17L,0xc9aa307ed96b8001L,0x00000000000000a9L },
-      { 0xd390598b0b1d5123L,0xe784d0dc329e33efL,0x5b5c64a26d030653L,
-        0x3bc1c276b5a20b12L,0x2cca6aa8755810f1L,0x0c01df0aabe5186fL,
-        0xe997bd088aa9c400L,0xbb8d216198c3fb2aL,0x0000000000000117L } },
-    /* 10 << 147 */
-    { { 0x1d7b9b778d4fec63L,0x47eb33fb690c571aL,0x3d2bb2de05a01ce5L,
-        0x16cde99b78c47fffL,0x0359242c699656b3L,0xde0c7d81bdd416b9L,
-        0x60863068b6144f4eL,0xdfa66d197583c05aL,0x0000000000000142L },
-      { 0x892f8b4e8ccad1d1L,0x085cf7f6cceaac0fL,0xa07608425df33b07L,
-        0xd4737bc3a8747ec7L,0x7f8147a128f4caddL,0x49d9db4c8480de3cL,
-        0x5baa01d5872dea19L,0x2a8726b1e84044c3L,0x0000000000000126L } },
-    /* 11 << 147 */
-    { { 0x7f3138f9e293680aL,0x6dca11bbfd6a8b9bL,0x88932ac6b4b7ee2fL,
-        0x5138acdae2b95958L,0x91dc3e9a639d074fL,0xd7d4903064296944L,
-        0x818ab55f21383bd9L,0x78ae7acb1032d97fL,0x0000000000000069L },
-      { 0xb23f14d075173454L,0x51df08b37ebc4f81L,0x808454cf65aa52b9L,
-        0x782b09610e6c952bL,0x40658769b8e92c5cL,0x4fd3ace2349f1d8fL,
-        0xa9cce79ba0699cc6L,0x587f8a83e565c582L,0x0000000000000043L } },
-    /* 12 << 147 */
-    { { 0x19a54eb6407386d7L,0xdf16baf601c2186eL,0xfad573e89bd9a894L,
-        0x343bbb0bccbeac47L,0x44febe5e4f7f5443L,0x87c81269c3ad9175L,
-        0xdd79411447319eb7L,0x3302374938f26dceL,0x00000000000001ebL },
-      { 0xf94f891c1f1401dfL,0x2ae0e96a1450357fL,0x179a522785202255L,
-        0x10518e7f397d8d98L,0xfa56e665828575b0L,0x7622b705faebb982L,
-        0x63f9067ae3b3b8acL,0xb30f7bec6fdf48ddL,0x00000000000000dcL } },
-    /* 13 << 147 */
-    { { 0xa1e6af0f35b8d081L,0x46af5adba14b50ceL,0xc6cc9452288c50f4L,
-        0x1bcacbd6f8910af4L,0x9ac8ebdad83a4b2dL,0x021e43ee5514aa3dL,
-        0x4d5d0544b14bfd4aL,0x5bef6ab754bc3519L,0x00000000000001e1L },
-      { 0xd6ee66883af6fd56L,0xfc55226508bc92a7L,0xedab91fa2e7ddfb3L,
-        0xe3f1fd7731472d2fL,0x2c751ccf35ea46d0L,0x570cf16d4cdfe038L,
-        0x6ace17d6c87e7495L,0x02a9a0f3942997b0L,0x0000000000000198L } },
-    /* 14 << 147 */
-    { { 0xe5b551ea2dbff4f0L,0x438195568ed22f87L,0x1a42769cd42f4897L,
-        0xe5a6f518a1a6ee3aL,0x9b53a9e63ab29b90L,0x6189a415c2fbf1e6L,
-        0x6ee4570e2599d956L,0xebc865b6dd1f4bcbL,0x00000000000000a4L },
-      { 0x66abacd8843e4791L,0x3bb5c48e7a8cdc84L,0x3f4e2d197b5a2f8cL,
-        0xbb945d44caffda4fL,0xd09a8f34b7bfb4d5L,0x1308f3d83501d709L,
-        0x0bfb71e4352b9435L,0x92c77d2a403e594cL,0x000000000000019bL } },
-    /* 15 << 147 */
-    { { 0xcf38db175fb9017bL,0x66e774ccd1149878L,0x262164d38581662dL,
-        0x52ca418bfbc653e2L,0x9d3b9b86c74d0c1aL,0xdd58b60b41dd9fe0L,
-        0x63455b0ce55cf6f6L,0xef7fa7be5e37bd43L,0x00000000000000dcL },
-      { 0x6982c041cf5b3c78L,0xb48f8d01eb7fb22cL,0x2f88398d5c4c129eL,
-        0xfe6c03131bfa5216L,0x2c94d9d55eaa1448L,0x19b49c084fd026c8L,
-        0xf3ff621ee08f4788L,0x4b3e563397f2b547L,0x000000000000012aL } },
-    /* 16 << 147 */
-    { { 0x9e4ab8c58b327354L,0x89377c3c73f5d13aL,0x1f93cc126e55dee9L,
-        0x7b4255bce490c030L,0x5451bdf5047ea02cL,0xc01d952cb461d14eL,
-        0x172d0f20b9e21078L,0x694587a5a1295f3fL,0x000000000000002fL },
-      { 0xd54076270219fa4dL,0xbc0b846fa3bb7f30L,0x5c17104e2ba06bddL,
-        0x2490f12bdf3ce36fL,0x0fe2e1ca08468c10L,0x8126c060a9e2c73fL,
-        0x7685e59c5cce9dd7L,0x5f5f64da9e8ca8b2L,0x00000000000000bfL } },
-    /* 17 << 147 */
-    { { 0xd8f8dcb47165a15bL,0x3566655d27456d16L,0x3f8d6e4dd64d1044L,
-        0x63cc9c8d4d23368eL,0x3b81eaa384ed399aL,0x7c81ee61be377229L,
-        0xdc091f9720e863a4L,0xa2d486a7342e6ec7L,0x0000000000000194L },
-      { 0xcc7f5d9294fa2791L,0xdc18552a8cab138fL,0x0418657c2e9238c0L,
-        0x38b45acaaec9eaebL,0xbd68814fa14aa270L,0x5b521b2ae14bc29cL,
-        0x22f15327c5ecd539L,0x285ff2f2e109b02eL,0x00000000000001d1L } },
-    /* 18 << 147 */
-    { { 0x90276bd80eed122fL,0x5feb9a3a51af464fL,0x6723d65f591afda1L,
-        0x4612b5b20f6233c3L,0x8427e3b7aa39d6e6L,0xa6311da25050a2a8L,
-        0xfcf3c90a384a189dL,0x956c6fa5c0e2cb3aL,0x000000000000010aL },
-      { 0x665bf31000b63facL,0xcb8cfee137c71ea8L,0x8b3cdfeac1bc2f1aL,
-        0x712f91a9956eb88fL,0x3e7ab8c3b979486bL,0x376b1f96e540d2b4L,
-        0x01ef726f8cb06e29L,0x240b1df4cc582bd2L,0x00000000000000d2L } },
-    /* 19 << 147 */
-    { { 0x489148c9c274d307L,0xc660855334a59a0aL,0xf1b52d7feb4b8eedL,
-        0x98e050a7ffb5310fL,0x5c6c2a50069fa531L,0x390546312329789cL,
-        0xd525a9f162ad0e01L,0xfe4f68300d72772eL,0x0000000000000145L },
-      { 0x22065d2ccfec9cf1L,0x55c4e59c64422d9cL,0xf233fd545bdf4751L,
-        0xcd8536a0221ad6b3L,0x277d802686061244L,0xee697ba465e521cdL,
-        0x0efce228316d5176L,0x26bf3a5dde23683cL,0x0000000000000189L } },
-    /* 20 << 147 */
-    { { 0xd145eb32b6f1416cL,0x77bfe297670bd3e2L,0x4fe924dfce10f4d2L,
-        0x9651650629f3c127L,0xcc669c51715b9e23L,0xafa90094b60a780bL,
-        0x35114c8ae1aee1b5L,0x3f793f136599dd0aL,0x0000000000000176L },
-      { 0xf098fa02bab41133L,0xc018fb4737635fb9L,0x0be935b6eb948d5cL,
-        0x453838bc27db09c0L,0xcf717312b29a531cL,0xb001eb51446ff102L,
-        0xeb0a15c7275b0b94L,0x32e88f1499a3fa93L,0x0000000000000049L } },
-    /* 21 << 147 */
-    { { 0x8cf0c5cab2cd40e7L,0x02005c870804d05fL,0xda149871a34588ceL,
-        0x867ee45824cedfe3L,0x87be46ef27b2c1f9L,0x7774a05c22a6426bL,
-        0x37322562a785a3d7L,0x1027a76b6ecf1cdaL,0x0000000000000164L },
-      { 0xe5e8a7d6131efb98L,0x93da652a3c4c1d49L,0xe7c912d72658edacL,
-        0x8185f36a36903539L,0x37b3cf19dd6f668dL,0x70ad7a7cb48ddd81L,
-        0x8b290a4f8b04de45L,0xb7382782f7a955b9L,0x0000000000000031L } },
-    /* 22 << 147 */
-    { { 0x5add1d5f23342e9dL,0xdfc4c696230f2ddeL,0xd925c3a6049c89baL,
-        0x9e2e23d5074b981cL,0xa11db26cf8766d4eL,0xc0a69d7fc37ce4cfL,
-        0xf6de27c4b102e1d0L,0x9921ec7010409988L,0x00000000000000c1L },
-      { 0xa66b32657b6f0de2L,0x2bd9a65778871bfbL,0x29f760a353bb697dL,
-        0xbd91b082ad080bdeL,0x8644a3328e96ea2fL,0xb3e71cdb10d83cf8L,
-        0xd8611580758300c0L,0x7ebb9fd48146381dL,0x000000000000009fL } },
-    /* 23 << 147 */
-    { { 0x64b6828796343187L,0xf8f6db918829c5b9L,0x6474822e697768c7L,
-        0xd5cf4ddd770add15L,0x483b8ab4e7439172L,0x793a759d7624731aL,
-        0x9d4b4dcd439b35adL,0x46654a6afecca0f7L,0x0000000000000084L },
-      { 0x9f2b0ec49d347a03L,0xc4ea4300d7610174L,0xfe4be93c7f5b78d3L,
-        0x00984cc68d6e3886L,0x42a4f895c7e026a2L,0x258e4272d69990e8L,
-        0xe50f642e7dbd5c71L,0x6f81b7ea0d04a6c6L,0x0000000000000073L } },
-    /* 24 << 147 */
-    { { 0x8c9f5cc170b1bcceL,0xe2d68ecef726d3d6L,0x330e1c4c707f25abL,
-        0x4397647f18dfd382L,0x8f83b1ee249a6ebbL,0x7d291bb65738ebedL,
-        0x11d6af26e8db7b2dL,0x47b048ec173d8d33L,0x00000000000000e0L },
-      { 0x16819a7b1843c807L,0x9bddc58230ca2736L,0x2bccd7f2e1525168L,
-        0x0f9dcb4d5900125bL,0x90e3017bb5adef07L,0x09c2381a7bda2ffdL,
-        0xa203c883d47cc848L,0xd173669eeec3c0e4L,0x00000000000001a3L } },
-    /* 25 << 147 */
-    { { 0xb3652eaae3f65b22L,0xcaf7a68167717ba5L,0xa80950e2129aa188L,
-        0xff5be361375861bcL,0x6770cc746abb2853L,0x00252a511fd9dd49L,
-        0x9fe309b2ac485383L,0x59660b05d6c63d4cL,0x00000000000000fbL },
-      { 0x0434d8c896b55b01L,0x053204c5de25fa3cL,0x4291f70d0e8d9361L,
-        0x29a8f0a9a61ef3faL,0x0192e14431b82f8eL,0x9df111c73cfa7d38L,
-        0x344917426663b84fL,0x5da29dea9c154f7cL,0x0000000000000022L } },
-    /* 26 << 147 */
-    { { 0xf1321a601f9d09a9L,0xf4d31ea30c863f7aL,0x8a43a25aad2ce3adL,
-        0xe338837799bc8bd4L,0x062857c2a8e816fcL,0x56378ac296c41801L,
-        0xdc0f04db0e66af1dL,0x8848081a56ffcedbL,0x000000000000011aL },
-      { 0xea2a3e6060b59a1eL,0x85720082f6ffb469L,0xe10dc94cd3e820feL,
-        0xbbead00b43243370L,0x9c4f4aaf715983bcL,0xb53c487337aab294L,
-        0x527c167f49239950L,0xfc0884fe9c1d2b15L,0x00000000000000f1L } },
-    /* 27 << 147 */
-    { { 0x066eb52486148ffbL,0x05fa5ca6b12813aeL,0x3f6cf7521042cb23L,
-        0x620497148cc148c2L,0x7063a531fc06d539L,0xdd392b8c9422ec6eL,
-        0x0dabd4a1dc8c778bL,0x86485e1b9e0f9471L,0x000000000000013aL },
-      { 0x6c358e988f9b6601L,0x11820d055601185aL,0xed9ba8a45e0a28b4L,
-        0x3f28600944c12ec9L,0xa4b35a622ef871ecL,0xe8a89ea53312df04L,
-        0x22cdb00ad5975031L,0x34bb65de3d7c84eaL,0x0000000000000142L } },
-    /* 28 << 147 */
-    { { 0x247f9f991415b5a5L,0x8d40f1e22ed5e708L,0xf1133cb0efc81f52L,
-        0x278a9e9c2b0ed8b6L,0xd0e4058b608882b8L,0x0a74bb730c8107e2L,
-        0x13e8d54e5260f955L,0x7a147d79d3ab9424L,0x00000000000001c8L },
-      { 0xdc0b55a16f9ebf4aL,0xe7a018e054ae1fa0L,0x542720cc8cebfcefL,
-        0xad8fb8dd27d8ba5fL,0x6e9d00da68c5590bL,0x4f1fa055014f5fc6L,
-        0x972a148006b1efd5L,0xbe9062432116830eL,0x000000000000019cL } },
-    /* 29 << 147 */
-    { { 0xc6004c28eeec070dL,0xc744cdc1249ddbdeL,0x33a8dd7ed2fdcac0L,
-        0x1bb3b8478a15f9e3L,0xbe5270ba74951deaL,0x974cefc5c62182beL,
-        0x91a2ed05e7bb8ba2L,0x54ec25d63ec05196L,0x000000000000003fL },
-      { 0x61e73c5078cfe5f3L,0x26d3abaa9a6a4149L,0x4813ce619128d73eL,
-        0xb60761a175e2bad1L,0xa8f869cadca6d591L,0xc46ef1b082aaaf57L,
-        0xe207a47f87ca8574L,0xe156c908eb027d9bL,0x0000000000000131L } },
-    /* 30 << 147 */
-    { { 0x12a5b6b9d51ea4edL,0x6ee257dc65396af7L,0xd921c77aecfe3419L,
-        0xdb9d587e463e4d69L,0x0224cc9f03fe3388L,0x062c03973ec5049fL,
-        0x705fdb3fb1e1d2beL,0xb9c77024ecd64766L,0x0000000000000140L },
-      { 0x9591f031cc7fc0faL,0x2eb3bc1cc0b49c59L,0xbd54081797ce9a6bL,
-        0xd5285b3641b37630L,0x85137b727a1313a2L,0xce410db03bb3c320L,
-        0x2d3628d4193ace4cL,0xa39b6d8775b26d92L,0x00000000000001acL } },
-    /* 31 << 147 */
-    { { 0x0caca7f6389bff14L,0xc34226ae7bbc3a8fL,0xe99816857bf0ff44L,
-        0x259e33e7580f4f8dL,0x5e909449d4a80364L,0xf8b2da9223c3d509L,
-        0x5b3a3f4bbf30299bL,0x4da73ca88151ad0eL,0x0000000000000010L },
-      { 0x5a575220fe7e78fcL,0xef28d13b03eda908L,0xe131b1fcb0f3f2f4L,
-        0x2c8fe211d8151429L,0x1b9897d692f85e68L,0x76e34f11b6437168L,
-        0xe13b797b97e53e66L,0x0ec0b9d4463020b9L,0x0000000000000042L } },
-    /* 32 << 147 */
-    { { 0x16bc33413fdd638dL,0x8c37c58a8c518c30L,0x9dddb8ee79df75d1L,
-        0x0bc82320c91a620aL,0x6e924a6c9126a200L,0x744594a9d20c8c89L,
-        0x0e9b59ac4cc73caeL,0xce872f0a0b276b4cL,0x000000000000008bL },
-      { 0x651f74222c35933cL,0x95238355e025609eL,0xe7891b5b6c14d96eL,
-        0x89c0fa370304d219L,0xdf7da33d61b597efL,0x43df03574120905cL,
-        0xacf01355718df73dL,0x7ca32d0e631ada96L,0x00000000000000b8L } },
-    /* 33 << 147 */
-    { { 0x88809494252b6a07L,0x9afb2482a30ec634L,0xe68ffbc927436190L,
-        0x63223b43168356f3L,0xed2dddc2640ef7ffL,0x8a3d853beeb5ce07L,
-        0x6b555cec4f9347a7L,0xfbff3ff241559afcL,0x0000000000000189L },
-      { 0x60b423485261ab5aL,0x06ec126f930b3a8dL,0xb70a741a9eff20dcL,
-        0x63ef08dd43f6aeedL,0x4b7e962b391a4cbfL,0x2dea977be636890dL,
-        0xc8bcca8edf28a2beL,0x75a069a00db7e727L,0x0000000000000130L } },
-    /* 34 << 147 */
-    { { 0x64ad4b5d38c6cb20L,0x87b25a276cccb7aaL,0x882e1be1695dca6aL,
-        0xb6e216ae98e6653aL,0xab1adfbe4f2a32f6L,0xc7eb17991640b34eL,
-        0xdfb5a618e9b287dbL,0xb98377f2e1c483baL,0x000000000000017aL },
-      { 0x38c1708b0e576a20L,0xcae3cbb5666618d3L,0xe7681da6a8baaa65L,
-        0xca4a87db3661f5faL,0xad07c49713a2923eL,0xfb8e098a1612b88fL,
-        0x00648cbd0211082cL,0x77fb7ef7c08add74L,0x00000000000001c4L } },
-    /* 35 << 147 */
-    { { 0xfd7f19efcd518979L,0x3d439ca9d73c25fcL,0x0834e5770d158067L,
-        0xa52457eb7560ff4fL,0x1d72c5c540f8627fL,0x90445790aead9bacL,
-        0xa0019ef9ebd5094eL,0x0ec581eff66ceb3bL,0x00000000000001e8L },
-      { 0x52b5917cee75ca82L,0xf66fdce0bf5bea5aL,0x825c07b024f56801L,
-        0x5fd13cef8991b8a0L,0x3d1d4880e739ff2dL,0x01a6a6218d6aead6L,
-        0xb5cae8d5fec72d3aL,0x48c498cf9e68ccccL,0x000000000000011dL } },
-    /* 36 << 147 */
-    { { 0xeb7eb4e3cf7c7817L,0xc190cb66eaab7734L,0xdc8faf6a81d04f60L,
-        0xf11c8a8cf998d778L,0x4e2d4b63db67e150L,0xe5522c9556099bb9L,
-        0xcf8dcbf0aebfc2a4L,0x921787cc0c8f6ce7L,0x0000000000000075L },
-      { 0xf6e3e647e163b36fL,0x5e1a1c7428973a57L,0x08c85f9ddf4fba25L,
-        0x45137abd0f27483aL,0x993d2b71753cc2adL,0xc6b0112853fa2055L,
-        0x74e63b5088ca2fe3L,0x06aa66a1d2a13d00L,0x000000000000019bL } },
-    /* 37 << 147 */
-    { { 0x682ffa1b7ec4f64aL,0x95d2e079a15dfbe9L,0x172c693cf5184016L,
-        0x45b10e4f33eac72eL,0x57f555c9d99bc8daL,0x0ca53b2f0656b3e5L,
-        0xd5ad1f26afff9ff6L,0x54197dd60c648286L,0x000000000000016aL },
-      { 0x98c5f4989aa5dc36L,0x906d5559936cf066L,0x4daedbf578c08c11L,
-        0x60ee55a31fd25c15L,0xdd6d6c5f83d1fea5L,0x66af4443c96f658cL,
-        0xd8d4b001326b34adL,0xae9b2b71a2b138dfL,0x00000000000001dcL } },
-    /* 38 << 147 */
-    { { 0xcf5174df03cbc63dL,0x6c45aa2990858f82L,0x4feeb0e94ca9ff29L,
-        0x45c913dd476b0fb3L,0xe019eaebc60aaf76L,0xa616a69f20013ca2L,
-        0x57a9477b8c19cea4L,0xc2d0700a1cd82afeL,0x000000000000007bL },
-      { 0x1eef2b5fef402297L,0x9f9c57d25aca14a2L,0xb890e7bcd4f3bbf5L,
-        0x210714a2ce430268L,0x9088523a57390f8aL,0x165bff6f4e58247dL,
-        0x9aa04525f815b565L,0xb775a4615c6d8ac5L,0x000000000000012eL } },
-    /* 39 << 147 */
-    { { 0xa9bd87c6bd49c789L,0xa1fe2842970f53ebL,0x59160816abe18d83L,
-        0xf69f674898c30254L,0x63688c8e6543b683L,0x14d5ee6af773af1cL,
-        0x327a220e8c42efc1L,0x666a878c900c62ccL,0x00000000000000d4L },
-      { 0xd868e30687e762b1L,0x213f7b043de4e833L,0x022b5fe26c684d45L,
-        0xdfbac3e02cd286d1L,0x7d4e6a80aedb794eL,0xbc3f105e1e60b9bcL,
-        0x6dfd09ed711f8011L,0x2b4f4fe7a3a0de69L,0x00000000000001cfL } },
-    /* 40 << 147 */
-    { { 0xda90f7d5baf7c7bdL,0x1a6719969766aa85L,0x3528f03b24f802a1L,
-        0x04b09da3c7d51cceL,0x7a2fb5077b8e58c9L,0x4cd283ca46c7716cL,
-        0x3c682896f1027492L,0xe34524bd8d6b9f97L,0x0000000000000186L },
-      { 0x4696ab6ff2e6ce3eL,0xff2a7b70f6e77b14L,0x19cdf652897ff820L,
-        0x09f952c2cdf6c8f8L,0x9b3b7e14e34d3dcfL,0xecf5054ee1a3bd0cL,
-        0x19d2e4c83403783aL,0x549bfbc73a373796L,0x00000000000001a4L } },
-    /* 41 << 147 */
-    { { 0xdeaf616310141b69L,0xc41e53f255557467L,0xce2b3655c4d8b612L,
-        0x5ac8d24202f58186L,0x213affee697dcf46L,0x254e7ec39c955508L,
-        0xc43cb58c85f554a9L,0x0d58d3994500579bL,0x00000000000001efL },
-      { 0x466b1a5bf7a19f41L,0x113f74e91fe1301bL,0x18bbe771c54304acL,
-        0x8340ad81c26c2e27L,0x65367af7544448c8L,0x3021f03f017efbe2L,
-        0xbe92d7e6b090ae98L,0x1a0f53e920ecd3cfL,0x0000000000000133L } },
-    /* 42 << 147 */
-    { { 0x66dc8a9b1def0f5cL,0xf4d1c2b73e9135edL,0x317063850d8e70e0L,
-        0xdd355c7a4d254a7bL,0x6189dd55dcf70a93L,0x9d62b529b728ef6aL,
-        0xf9986ad1c74066b1L,0x9aea4f1ae540d945L,0x000000000000011eL },
-      { 0x130818dcf200a284L,0x56418ab66e71f015L,0x94b3427eab8722d7L,
-        0xc5c1c1587aac7863L,0x55fe2df518b94dc9L,0x4813e9915c782da6L,
-        0x6c50ae473eb671daL,0x8b25a79012ba0f9cL,0x000000000000004cL } },
-    /* 43 << 147 */
-    { { 0x409447460587a0e4L,0x5d458c798d9f57fcL,0x684919bcd8657675L,
-        0xcf551d43839fa071L,0x9de6fa17af775947L,0xf4bfb5506669009eL,
-        0x234870726375aeddL,0x5cb589eb1c7180e2L,0x00000000000001bbL },
-      { 0x128d24df97ad0e22L,0x160d55a40111adbcL,0x7e57af656d0f5f99L,
-        0x4d6c763f09910699L,0xfedb36a7ab9c174aL,0x35fd8a827f579c65L,
-        0xdf7e65d169af343bL,0xca6829bb448a45a4L,0x0000000000000015L } },
-    /* 44 << 147 */
-    { { 0xee98bc02f445f09eL,0x8a9361ff6b4728abL,0x8ce33c616bc007c9L,
-        0x191819be51c7e170L,0xa1c971c0a0f7eb3dL,0xc00ad1e760c9f532L,
-        0x790750ba5972bc14L,0x665d98cb776c1093L,0x000000000000014bL },
-      { 0xcf81d62fd598c5daL,0xfe84e05c7aa8be48L,0x0943e0156c7e2a3cL,
-        0x39bbb769352063aaL,0x3ec54f1b638ad619L,0xe0a92fe3e248bbc8L,
-        0xedeb7234718dc78aL,0x22840b19ce6775b8L,0x00000000000001f1L } },
-    /* 45 << 147 */
-    { { 0xb6f96a59d33ac825L,0x5b7d26dbe328d33eL,0x4b914baafb3a9c2bL,
-        0x626782a126376196L,0xc4ce8e4e9c5c39ccL,0x936c7957afc6729fL,
-        0x7d33ddb57a880449L,0xf1c162de61f21de7L,0x000000000000003fL },
-      { 0xca755d673c0abcc4L,0xee71ff879568310dL,0x57bb9cd89996bdbfL,
-        0xcda5682e63602af4L,0x45f7d757e526c8a5L,0x3f70d0a67e9730d0L,
-        0x47d5cc70584be9ddL,0x57453cca4a5091fdL,0x000000000000001dL } },
-    /* 46 << 147 */
-    { { 0x9e6e310cf74041ecL,0x00525f452f102196L,0xd509a1fafb089536L,
-        0x25eafb85b6ecab1dL,0xc3db17473e670edfL,0x73cd5b1a02a74deeL,
-        0xda5f180a708059e5L,0x4756564105f4a4a7L,0x00000000000000d9L },
-      { 0x4617c8dba2e177c2L,0x4c1cd54d48928799L,0x9db79cc174cd39f7L,
-        0x6ad011de815393e2L,0xfda0a9d375ab45d3L,0x941924fb4944f8aaL,
-        0x9e5612f2425803feL,0xb85b6231e73ad659L,0x00000000000001beL } },
-    /* 47 << 147 */
-    { { 0xf5f9fc42c0ef1a21L,0xe9f903271bb54b84L,0x194164521fd4c3d0L,
-        0x07230be791a093adL,0xc8611dc627a57239L,0xeb64b31ef0a2ed05L,
-        0xc99864d317c09562L,0x13bd93ec682aa5c6L,0x0000000000000072L },
-      { 0x22a721e66314648aL,0x04bbe0541809ed8cL,0x709a97cb3431bf60L,
-        0xd23000ca75e2ab96L,0xcf94327f7317e6e0L,0x5c07a24361efe4dbL,
-        0x1e0f88bd75585a53L,0xe9d5784e71067b16L,0x000000000000008bL } },
-    /* 48 << 147 */
-    { { 0x140d97d668d43990L,0xc2153671f05254d7L,0x15c7cb4048835a51L,
-        0xed01ae6e9b1e5c22L,0xc33296c45a63713bL,0xb44ae73171a53417L,
-        0x70b2359e4e771c6bL,0x582eacf2fe7d32b4L,0x00000000000001e3L },
-      { 0xb6a805b0b9a67492L,0x97617ae34369cc31L,0xdc08edb44d0a7af9L,
-        0x1c89e626c0c63f8eL,0x75e1f1ed615ac711L,0xe03d1b7d8e3eb258L,
-        0xcc2e06e4761fadb7L,0x2dea6e630cfc1724L,0x00000000000000d9L } },
-    /* 49 << 147 */
-    { { 0x30eeed7612619b7aL,0xd8daa1efe23568aeL,0xaf0c5d2700f7929aL,
-        0xd89f78a90dca03efL,0x8eb2878fe39fdcdfL,0x8d8e0ddda71f1a3dL,
-        0x4042473e60afe2bfL,0xe0501f41c19d3ffbL,0x00000000000001baL },
-      { 0x1693d5a1030e8b4fL,0xa0d858cf93320df4L,0x45b0c87cfcabd7c4L,
-        0xb6e171378f8fa025L,0x892617bc01ff2d11L,0x89030f422ed3a401L,
-        0xda0ddd2ac10ee939L,0x24b042d5fd5f3ed7L,0x000000000000009dL } },
-    /* 50 << 147 */
-    { { 0x28ebed439ae8948eL,0xbe7a777ec909cbadL,0x4f5b240434fdd33eL,
-        0xb0ce95a86f24e7feL,0x9549d6a80a6117aaL,0xea4f9ae39ab68d8cL,
-        0x117b35bf9258ab2fL,0x262f08aed8e0e9b7L,0x0000000000000092L },
-      { 0x808fe92c29be09dfL,0x57f69b77ea43d2c3L,0xfaf2e024f50c9e91L,
-        0x00a2dbc95fce3573L,0x72d3ae0513d465d1L,0x4fc54830ed56e68cL,
-        0x662a86491a37f74cL,0x6977a68476c58416L,0x0000000000000063L } },
-    /* 51 << 147 */
-    { { 0x56c1d2934f06b0daL,0x396c88f326ab5d67L,0xef6b98362d0ee910L,
-        0xbd5794fb82fea351L,0xb4aa0ebb8e8a0674L,0x1f99bd2c992a8e30L,
-        0x6c77c4ce13f5b05dL,0xcc2d35166d96d584L,0x00000000000000eeL },
-      { 0x29896c6aa05844fdL,0x615a57b51b2ee851L,0x0780b7ba64120a3eL,
-        0x5b4a41d756738a39L,0xc38019755ea981b3L,0x925ef03121aafd98L,
-        0x62a94e460c31922fL,0x13cf0f0c36933ad5L,0x0000000000000083L } },
-    /* 52 << 147 */
-    { { 0x301c46545f009683L,0x5dd9f7cde23f6a45L,0xe751c7d9d96753e9L,
-        0xb26fda93e50ed86dL,0xb48e4d2ea3014b3eL,0x6d82b06551d16e40L,
-        0xa8b8f4a19952b35fL,0xa3b70bff95f097b1L,0x0000000000000003L },
-      { 0x98b9e4d7ea5ce5a2L,0x86cc4bb2d9548b1cL,0xee2c3a715f65d9a9L,
-        0x22b7cc27212980abL,0x8820302cf5dfdbeaL,0x7f0290529fd77d3bL,
-        0xfaef33b3599b0e13L,0xd6b215998a929bfaL,0x00000000000001bcL } },
-    /* 53 << 147 */
-    { { 0x3822d6dde05bcff9L,0xa1df90859a966665L,0x37d8d08affd0c260L,
-        0x044eb203a393185cL,0x2bb1e2a097b4fa61L,0xd824c5f2f069339aL,
-        0xee973a505e47a499L,0x57c7cb70c7739a14L,0x00000000000001a3L },
-      { 0x50708368841c8a1bL,0x149b29f0e1c18a5bL,0x6d3057aff86259ebL,
-        0x42b1013f9c561498L,0x9c917c000a3c96c5L,0x1f64ce7260e1c1e3L,
-        0xdca64e5d0b26eacaL,0x70809a61ffe62202L,0x0000000000000060L } },
-    /* 54 << 147 */
-    { { 0xf7cb364bebc4106bL,0x322868aa1f5b16d7L,0x35d2bc278a47978eL,
-        0xdd71c1c5888a45d6L,0xbced525701370078L,0xdb80de35d2c742c3L,
-        0x9de9da88492943b8L,0x056084de6d5369b2L,0x00000000000001ceL },
-      { 0x481ba518bd731791L,0x5b7297867252de15L,0xd9e0d759af151de3L,
-        0x32df8fcf9485cf7cL,0x959a47d70da582faL,0xada095c0ae5e4106L,
-        0x1f870a322c80f5beL,0x3996f25c7b53b872L,0x00000000000000fbL } },
-    /* 55 << 147 */
-    { { 0x7b6c5a0d299215b2L,0xe63c9ea3ff30cd5cL,0xe20dcdced944d3d8L,
-        0x58fc33a5037bfe23L,0x084db73f8964c02dL,0x295cbb668036f2d5L,
-        0x5fb5b1575f11677cL,0x08c6f7868c0b8c9aL,0x000000000000005cL },
-      { 0xa71be7daf9fc7b49L,0x90b4fb112eb884afL,0x5a433d1bc20f3de7L,
-        0xa9f96c15d7ec8c53L,0x19d73a9202b16cf4L,0x6db1ec20f0c59b32L,
-        0xea08ad41e9148372L,0xa9425964a8fd959aL,0x000000000000012eL } },
-    /* 56 << 147 */
-    { { 0x327d0a715d58ae51L,0x5781201b6bbb0e9dL,0x2e738768cb5ba871L,
-        0x7a7c4287a1ce9418L,0x75e146164efab0e1L,0x14839cf658a84558L,
-        0xc9c0e010b0156aeeL,0x337859475f043330L,0x0000000000000177L },
-      { 0x9f821ccf075f05d1L,0x18ea20c4c28c986fL,0x6b3173993906dd1dL,
-        0xf8c200ac1ac84aa0L,0xb6876e9b2170699eL,0x967ebc48894c5351L,
-        0x545de7957c5503a5L,0xaa3e77f946b8d0c9L,0x0000000000000038L } },
-    /* 57 << 147 */
-    { { 0x09995831678db97cL,0x21a68fbeb3a294d1L,0xe7e00883a6e564a6L,
-        0x6c2bc4473c6351fbL,0xb26c5e696be68123L,0x5f0bec160f558615L,
-        0x7861fd1d3d4e11daL,0x401c74bb74294954L,0x00000000000001abL },
-      { 0x99ccf2f0240019eaL,0xcd7b969a7d4cd159L,0x5c8c5407f98ad9e1L,
-        0xed9f828849e17f16L,0x15e6f01c07ec8be3L,0xb9385f7f9215c605L,
-        0x9d0dcdec545b52d8L,0xcf19523c4ee0d717L,0x0000000000000081L } },
-    /* 58 << 147 */
-    { { 0x6075fa38019b76d6L,0x69026a5309c93da7L,0xd74ca37abc94b34eL,
-        0xb9326f7dfdb4db42L,0xee55a0529d571ca1L,0x28cc82349b045d9fL,
-        0xc32980ff32b90fbaL,0xae7b8a9e23bcaaa1L,0x00000000000001d9L },
-      { 0x7999b36bb1e28505L,0x3f1a81991a8b12dbL,0xfc384a1e842adb45L,
-        0x45928ce192acfae9L,0xf9c422639575c3b1L,0xa1d497c00c64efb3L,
-        0xbb171deb8f675d61L,0x1112bb0ae420e774L,0x000000000000012cL } },
-    /* 59 << 147 */
-    { { 0xd3a1a740a18e8dafL,0xc7ea1eb81f85d156L,0x9cb8aa11e8cb68e8L,
-        0x5867e62f3cd3e2e8L,0xb9a337f1d8525a5eL,0x19e80310986615bfL,
-        0x35b1126ccd2046ebL,0xe0adfd0ca338224eL,0x0000000000000114L },
-      { 0xb5041e87e0d36af3L,0xf6c1d74ac830aa98L,0xa1251bcd3d9a58b5L,
-        0x084bde5b887e46c6L,0x17c1cfdec9066fdfL,0xdbd86d9be1a07155L,
-        0x04e6b547ad8b184fL,0xe1387caf9ce95793L,0x0000000000000082L } },
-    /* 60 << 147 */
-    { { 0x4443a6c3322a7d6eL,0xbaaa07e080c34583L,0x030a347041f390bdL,
-        0x1570596ce98c416cL,0xa7ed4c7e3ed2ccdaL,0x936b5951440b9124L,
-        0x6587c9d546d24df9L,0x77ddf54c8b22db32L,0x0000000000000025L },
-      { 0x63c9e7b7a4762e43L,0x5a15b97f843b6aa6L,0x370982cb89c1481cL,
-        0x2d4bfe90bc3ce946L,0x5467f0821fa11973L,0x727ec857f1ed8d70L,
-        0x6d0ddd0bbcd130f3L,0x952129f8b6cbeddaL,0x0000000000000142L } },
-    /* 61 << 147 */
-    { { 0x8c63e55ac218c2b4L,0x93017667ca59394bL,0xc0f8e0d1602295deL,
-        0x5de02425002fb9b1L,0x493fd199e8b8fc46L,0x854e759781e1ea54L,
-        0x2f57f5a2dae7a5f5L,0x8454844cd6f46c80L,0x00000000000001b5L },
-      { 0x246d3a54b0b01c98L,0x807bf3892860d179L,0x3455551b5474e8d3L,
-        0x8e007f866fc4f8b1L,0xc409e7d377e29dbaL,0x84510eb48359b208L,
-        0xf29d0ad368d94a20L,0x7afbd7935010b843L,0x0000000000000114L } },
-    /* 62 << 147 */
-    { { 0x48b9115978951f4bL,0xaef87217265fad80L,0xb5d5547ad94d42dcL,
-        0x723c460f1a5ac9d5L,0xbced8eb304aa83bfL,0x276275ab9f569648L,
-        0xb7e2654d7db652c1L,0x16acb62bdd9088a8L,0x00000000000001d8L },
-      { 0x8318bbe3a0134fcfL,0x73dce05c07cab5f3L,0x0d3421b9ead384b5L,
-        0xeb5c77f492b4c9c7L,0x15186834e01bd002L,0x27583717e576e035L,
-        0x4d3ecbc88c8d4d43L,0xe63044592b81fde8L,0x0000000000000059L } },
-    /* 63 << 147 */
-    { { 0x7ec6163a6f63d2c3L,0xdff5558287421ff8L,0x7dd99c23b1f59a95L,
-        0x7604aeaaa41319c8L,0x81c31a0cf7b60b77L,0x80a5bea5597dc7c0L,
-        0x9abc806b7c1f1d0fL,0x60e9f42bb2c9a37fL,0x0000000000000090L },
-      { 0x3526b63f850d46b9L,0x4532e167a10fc8e7L,0x48e5c8f5a35019f0L,
-        0x7aee2a2dd22272ffL,0xa08dee5c726d0685L,0xd0058b333979987eL,
-        0xd155241263607bf5L,0x2201b75aca9a11d4L,0x000000000000018cL } },
-    /* 64 << 147 */
-    { { 0x5249e953d6ae5716L,0xbbf778ca1027f3cbL,0x0a535c1f01020499L,
-        0x80f4cf1b7b847ceaL,0x3cb8c87b66d8dbf8L,0xa8d7b35bdd3562a9L,
-        0x0305b1595ba3f0abL,0x9d5ee3ba7775dbedL,0x00000000000001b7L },
-      { 0xbe2096494e5050cdL,0x176602a16790efceL,0x6aa6ba5f0b21f5c7L,
-        0x6a1d5df0f8c4116fL,0x1a188a83746abbc3L,0x2b2d3317fd2c047eL,
-        0x18067e79b9e5d5b8L,0xed9bbbcfc4be8357L,0x000000000000018bL } },
-    /* 0 << 154 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 154 */
-    { { 0xf6a2bf97f0ab06d5L,0x9f8da4f011f2c6a5L,0x776a1eb0cb8b966eL,
-        0xe74b7349a1903dd7L,0x6978c653dae05c8fL,0x77d364c9e1f5b52fL,
-        0xf3e29bccbc7779eeL,0x4cd77a80641ba885L,0x0000000000000136L },
-      { 0xc79b648f9cb2168eL,0x1b52d0b7d06dbbe6L,0x7b7302bfa65c96d5L,
-        0x1eea500edc838093L,0x83aa1612fb69971bL,0x6398cff0528e16ffL,
-        0xa64963a56d95deebL,0x36f359053d7da7aaL,0x00000000000000a7L } },
-    /* 2 << 154 */
-    { { 0x708003f83c48adedL,0x936a8a382497ce05L,0x66f8e450afece34dL,
-        0x6cc3a161513e1c0eL,0xe2fb655e044610faL,0x8af6a3b362e764c3L,
-        0x839a61f18ca809a0L,0xd43f2d1ec330dddfL,0x000000000000007fL },
-      { 0xf4fb698b7acee1ffL,0x5d19501bcb302bf8L,0x393c9f0876ac0468L,
-        0x16f8b677fd22441cL,0x85662743c504d916L,0xdf3d33119c8cb9c8L,
-        0x1feb20ee42f9cbe5L,0xecd3eece5cad0542L,0x00000000000001ebL } },
-    /* 3 << 154 */
-    { { 0xa9c120098d6d74c4L,0x862c2e5ac0e79387L,0x30e24459ee38eff9L,
-        0xd3637e69764f4b51L,0x6440afad56e273a5L,0xc95ca130e45adb77L,
-        0x89cbd694c96ea2baL,0x9b9c1edbf2099810L,0x00000000000001d9L },
-      { 0x48770298e474a5acL,0x5612463b7b903222L,0x4d92c48f12de8a11L,
-        0x360e5c32ca366bd5L,0x8f16dd03e7e9928eL,0x41cbda9e88bf12f7L,
-        0xe7d794691af3b3edL,0x34c52e7caa4e82a8L,0x00000000000000a2L } },
-    /* 4 << 154 */
-    { { 0x8756b00a9f004528L,0x20374136e9c2b2e2L,0x9e6c6a22cca54915L,
-        0xc5dc6015f6629736L,0x5ef3efa8c4510c8bL,0x1fe7836cdcc2ce9aL,
-        0xac80124a0b55a453L,0xe430cd86dbb7a64fL,0x0000000000000104L },
-      { 0x939b5896a385741dL,0xa80c7d7e3a6c90e9L,0x8df754d6e4c02621L,
-        0xccc73ff172958d91L,0xa80cd923e911d8d9L,0xee0dca498c0171e8L,
-        0x850d8439fecadde6L,0x37550fc24f714086L,0x00000000000000c8L } },
-    /* 5 << 154 */
-    { { 0x04b6a0e91ecb5d79L,0x76dd6ff66661a50aL,0xf781aee776b0f62bL,
-        0x1c5aba38e8569d33L,0xcedc599451bab8d9L,0xb9753d145556e4f7L,
-        0xe0434b07504b2dbaL,0x20ebda14290170beL,0x000000000000005dL },
-      { 0x2c1ede1ef77da08eL,0xcf0c0f3da5a7547cL,0xfb8f6167f81eb5baL,
-        0x36854edada4a5de9L,0x006dcb13de55ea82L,0xc92040022e6d0330L,
-        0x444e1300ee733ae1L,0xc75a73608f3de483L,0x00000000000000c8L } },
-    /* 6 << 154 */
-    { { 0xe09a3cf0af969a6bL,0xb92d2f90bd6ac057L,0x1b2f0a7c84d4595eL,
-        0xc74ccfc4694eca28L,0x5f9cd8d4330323f5L,0xfcfcae74ef391ed4L,
-        0x0081ef66bba18e42L,0xc025895aa955d164L,0x0000000000000156L },
-      { 0x9ea9ae8ddcd1ce6dL,0xce0eaa5f3c6ec110L,0xf8336a3517ae8ce0L,
-        0x34205d8698f175a7L,0x42a29536af7c195fL,0x21b0cb3cf85cdbfcL,
-        0xe6da7fa8840fe9bdL,0x766646688a894e33L,0x000000000000017cL } },
-    /* 7 << 154 */
-    { { 0x9ef8a9907b69dfd8L,0x3c01c44a3ad9d90cL,0xb576538c5e18521eL,
-        0x234ca9937a342024L,0x08f6b0d84b8f02d4L,0xb2c97f96b70eb5bdL,
-        0xe8747b6f235ce355L,0x04d9f7126870110bL,0x0000000000000075L },
-      { 0x1fe78e291de0c835L,0x7069aa9eac0c1b5dL,0x5f04cb3d2b647a13L,
-        0xf3523829affc1b77L,0xebec6717bb0df520L,0x6abc248682c68f93L,
-        0x2ac72f4e21541ab0L,0x82b5d659bfc23f23L,0x00000000000000daL } },
-    /* 8 << 154 */
-    { { 0x8323b86fec088bb0L,0x18eeb2d3e169bf94L,0x9eabc22555450a6bL,
-        0xfd49e8fee35c62e5L,0x1a8255f86a5d661fL,0xb7ee978fff87b2b7L,
-        0x6d59a24739975957L,0x8a12c7f513e61ba9L,0x00000000000001dfL },
-      { 0x61a3f3a2b30ea34dL,0x21fa89924be16d8dL,0xba41fc20d8613751L,
-        0x10b11b88cce7e39dL,0x82a797d7f79ede48L,0x9559db4a5fdaa76aL,
-        0x445442ce577e7ef6L,0x358c9be06751a909L,0x000000000000001cL } },
-    /* 9 << 154 */
-    { { 0xc5febe234897adb4L,0xdd7e212192ee8af1L,0xdf70f39b6892b4c9L,
-        0xf1ea9349d4a09185L,0xd5121d35fb3ba54aL,0xe4d39b40e927a37bL,
-        0x39f03f40d3517713L,0x414e0e866f12f5e3L,0x00000000000001eaL },
-      { 0x4c24f87b627300f2L,0x8ef8b8301a0c9008L,0x959744aa7b140d22L,
-        0x7a406464bb9589caL,0xdb329b0f1bfde0ceL,0x0401dd975b24cc0eL,
-        0x8aebc77378371f29L,0x02fc0c33f1febffcL,0x0000000000000028L } },
-    /* 10 << 154 */
-    { { 0x56e2294c1317d843L,0x66a415d0f34bd426L,0xd65e0abd82328d7eL,
-        0x0026bcece495cbefL,0x45b42d450356eb16L,0x08f16cebd999f3c6L,
-        0xa841b2bee82cc5e0L,0x9273864fb4719eefL,0x000000000000005dL },
-      { 0x35ca9c719f125b1bL,0x2ae57e9490d045baL,0x2ca6a02babbd691dL,
-        0x1dfa73463e2e1507L,0xff9ff444b7fc8813L,0xc6cb3ba2fec77e7dL,
-        0x3f9d74e5b9d39df1L,0xfc653ef49be360acL,0x00000000000001baL } },
-    /* 11 << 154 */
-    { { 0x2d1043706f4b5907L,0x279eeb552a965a41L,0x06863a068bfd9926L,
-        0xb1a1567f839d5e83L,0x8f417c47d8c0490bL,0x548295eb268992d7L,
-        0xf3a1978a1ef3cdefL,0x402b4001669c3be9L,0x0000000000000097L },
-      { 0x9a9f1ab9606891d7L,0xcbe4ac71cf1bdb11L,0xbcd93ed09ca6dbb7L,
-        0xba64c0644767f5b8L,0xd64c49b1842b720dL,0x4ed8dc7f29bf4c35L,
-        0xa97b185f57bb1f04L,0xfbfd4a978e62cd56L,0x000000000000017fL } },
-    /* 12 << 154 */
-    { { 0xa22790ae7d5e235dL,0x6ec954be4a9a5780L,0x26aeeddce38ffa50L,
-        0xbeb75310eb3feee0L,0x44cbb50840a31067L,0x4a0ff701380e0baaL,
-        0xb23528c820cfe922L,0xcff1ac948fdf6c51L,0x0000000000000158L },
-      { 0x80acb80001d7f58bL,0x2181a99daf2d7b4dL,0x30ff9020146506d9L,
-        0xf091d3057967a5dcL,0xb37c10521cd6c51aL,0x401010b56b0db694L,
-        0x1b1bc5e960fc5f73L,0x8ab0cf8eab3aac42L,0x000000000000019bL } },
-    /* 13 << 154 */
-    { { 0x58703a2ad975b4b6L,0x6167e7ae4f202eabL,0x26cb064f7c8b1d44L,
-        0x1bd0c0b1552b7474L,0x1f1fa56f85b02ad6L,0x42f451f99363ab7aL,
-        0x9f9888f1b7f2df41L,0xe0982ddc935b0f16L,0x00000000000000b0L },
-      { 0x5b3133ffbbf0e24eL,0x22cadc2c623da1daL,0xc106e88a6ba85f88L,
-        0xf6e00838a71bd558L,0x6917980380b79631L,0xcc177913a4fd8cdcL,
-        0x004e0ca999889eeaL,0x530683b77ea0ea1dL,0x00000000000001fcL } },
-    /* 14 << 154 */
-    { { 0x409928e4278ffc44L,0xe39bdc274353b086L,0x1323b2d040382fefL,
-        0x69de9b7d28c99bacL,0x1c68f0e2bfc5d486L,0xfe49bce5094d3cb2L,
-        0xd37daaf81110a3c0L,0xc9938bea2f6c58b9L,0x000000000000012cL },
-      { 0x39b6da445a2f1875L,0x848c2bc18302b740L,0x10b917d8cb988452L,
-        0xac9b47fabbe451fbL,0xc1d6792eeba243b2L,0x2eab0db88610f760L,
-        0x3810ac18e475e77fL,0x1e60d81024c55728L,0x00000000000001aeL } },
-    /* 15 << 154 */
-    { { 0xff7ded2add770286L,0xd8d3c66e845a63e9L,0xf05e27d53c535b94L,
-        0x9aeb2f6723f42216L,0xc399087f1031b277L,0xa67bb1dd192acf43L,
-        0xc3957a6162fb8f4eL,0xd3ac962f8f632266L,0x000000000000006bL },
-      { 0x078cf75e873bbcb2L,0xde95d2a9aa5d4d4aL,0x94e8064d7a48befdL,
-        0x168bbfc6763f2312L,0xf48b61bc4603519fL,0x997d31e07c65d872L,
-        0xc404c7b818cffe80L,0x540b8bdd75fcbc1fL,0x00000000000001c4L } },
-    /* 16 << 154 */
-    { { 0x686698e89cafe97eL,0x3f2a465db6891510L,0xa99bcd91c9aad498L,
-        0x0c7ae217a47c770bL,0x95067a8b6a5e6f06L,0x0b55da4025a11429L,
-        0x5372b805997cabffL,0x1e8bf414963d233fL,0x000000000000002bL },
-      { 0x1343ebe6ab613409L,0x7aab5a01ac96cd26L,0x243758af112c0b65L,
-        0xd276e441b236cad6L,0x88a7d43f557111daL,0xc6dace8ba0f46068L,
-        0x866c31efcf4a5cebL,0x6dd991b89554f30cL,0x0000000000000066L } },
-    /* 17 << 154 */
-    { { 0x4d8b375c14bc49d9L,0x93b4385f18a01862L,0xc3b0ad5ee4090d89L,
-        0x2038dbc2d3248ee8L,0x84c0d4bc2c487600L,0xc5ec52743ea53b08L,
-        0x92d8a64f7d099e76L,0x26a6f8d1e6d580edL,0x00000000000000ecL },
-      { 0x105080aa3d7beff0L,0x854ce36ec85ce751L,0x94e0df2bbbe2d753L,
-        0xdd3a67f7a54ec65dL,0x21d6f4c15968bba7L,0x5951642df707706fL,
-        0xc5bd9cd33158e447L,0x566eae345c290325L,0x0000000000000042L } },
-    /* 18 << 154 */
-    { { 0x0a1212fdf6bf1120L,0x1bc14a398cc5a658L,0x351552bdc1b52efcL,
-        0x0d19749245d55560L,0x425372c97793c57fL,0xf0c48415f5838d74L,
-        0x4153e1917c64e071L,0xc43828e2373272eaL,0x00000000000001e7L },
-      { 0xba8932ba91dc2c19L,0xa5756a08a5163390L,0xf64a62cb65738648L,
-        0x66c5c1a874a8bf79L,0x355f420f98ce1d80L,0x2de834b1f30008bbL,
-        0x580f0664950681b0L,0x8630c1290033866aL,0x00000000000001deL } },
-    /* 19 << 154 */
-    { { 0xe77f6cc4e46e0754L,0x77af9150a883763fL,0xc5aad5130393ef51L,
-        0x62ccd275526f9855L,0x83df1ac8abadaba5L,0xf6caa723741443caL,
-        0xf43bbef6876c8f4bL,0x8c6e39220425ccd7L,0x00000000000001a6L },
-      { 0xc5cf64d1ac4879ccL,0x1b761a83ae4857efL,0x480792c183901056L,
-        0xef90c8b6047b0328L,0xb86c8a422c523b1cL,0x6aa932a8a31dd46eL,
-        0x64259ea3d3dea6ceL,0x092ba1c68d41d4d8L,0x00000000000000faL } },
-    /* 20 << 154 */
-    { { 0xb7c90bf85b923896L,0x42f96bafd3f08076L,0xddbd3b0b0bd90a84L,
-        0x8adbbb43e00a7e7bL,0xd3205108b2059c91L,0xccb379b76223fd65L,
-        0x2c1eb7e2a6f8571eL,0x13f3bc56d80ebb13L,0x0000000000000092L },
-      { 0x5e23bc738d30df11L,0xaab73a1f4aabdcd3L,0x4cd660823e764e18L,
-        0x942328161d0c98c4L,0xd8b64c225b5048f0L,0xaf741f8ad2a17f6fL,
-        0xc1540070cdb03f14L,0xa16e5e67a2476ee5L,0x00000000000000a7L } },
-    /* 21 << 154 */
-    { { 0x94c155b1feb3c7cfL,0x703b56a4cc26b74bL,0x7291810d1f436b9fL,
-        0xe3ef9b82d28ad0adL,0xc6941fe32504f06bL,0x370e5a2eadb26060L,
-        0x4328a40ec8e317ddL,0xc67fd42b0bfa2d08L,0x000000000000012dL },
-      { 0xb93e8547eb854e1aL,0xdadcb35a2b4d3b66L,0x1de5ea2d8ff90fd7L,
-        0xcb5d75a2d722dc7fL,0x5c4192d10e3ec171L,0x2ba11f14ce7ed871L,
-        0xc43e303f9840ca81L,0x34cd4fabb1da84e6L,0x00000000000001bdL } },
-    /* 22 << 154 */
-    { { 0x90e3c53ef55acde5L,0x910bc008184aa9b0L,0xa62f771bb71d8054L,
-        0x4f6e1a5480ff577fL,0xdaee302fe079e754L,0xeba6f1187bcd7837L,
-        0xec13761caa06a669L,0xd39dd3f3f5ea95fdL,0x00000000000001c9L },
-      { 0x049ae3a64b42938aL,0x8263e429b24a6867L,0xfb618fee9e9b8374L,
-        0x77cd9ba6a9571903L,0x6c5a592dcd0c2186L,0x7539392cf94608faL,
-        0xdb4b672140df175aL,0x7b74240b2438f55eL,0x000000000000009dL } },
-    /* 23 << 154 */
-    { { 0x7daf2c363805dd53L,0xedea2d49323f28d9L,0x6f8dce4163a8e4e3L,
-        0xe5d47bb559423e7dL,0xdd4329e18b816db6L,0xcb6f85f22cffb9a4L,
-        0x5b0ddadbae45f979L,0x6a78983747aea678L,0x0000000000000082L },
-      { 0x275090b481bcd3e9L,0xfade474e249fdc18L,0x2ab90ae1bdfb4666L,
-        0xbfa10e3514787825L,0x8e5ed81ce23c2f2bL,0xacf48e50825ca78fL,
-        0x46b832f9ef7e9e7aL,0xf3d4d7e9278268fcL,0x0000000000000162L } },
-    /* 24 << 154 */
-    { { 0xece31ecffe1d1b82L,0x368c5ac029036cfdL,0x217420afa13ff567L,
-        0x1b29e5f077776b5bL,0xdd1a5dda98f42d23L,0xba05233bb6c34257L,
-        0xaea7d3bd2d56e9b5L,0x3d5777e784e7205cL,0x00000000000001c4L },
-      { 0xf4dd56b5e7c6eb47L,0xc479b9d64a1b9d04L,0xfa1d38a48117a210L,
-        0xdc603246dfb5a934L,0x9e8156abda0675ecL,0x6937ccce0ef78eabL,
-        0x72dd487ad2e5cc67L,0xb735f780d372a668L,0x0000000000000049L } },
-    /* 25 << 154 */
-    { { 0xff5df7dd9f3f2988L,0xa20bc35e1be8119dL,0x244ccc83e9801d10L,
-        0x5ab8e9f3c620ba2eL,0x7a1cb9e05237f9aaL,0x0e50887f61d0d851L,
-        0x95f1d7727e0353c5L,0xfe7dedca9253110bL,0x00000000000001ebL },
-      { 0xa2337f586a64b9c2L,0xb9e4cb8e44e70c68L,0x0812cb6c5ecd48d8L,
-        0xd9cf0c0e6d048efdL,0x5fc207222d2d3b1dL,0x3efd117c6b03a35fL,
-        0xa42ea8a8cef040c3L,0x80c4e52b3199fa1bL,0x00000000000001c7L } },
-    /* 26 << 154 */
-    { { 0xfd5782606e9f3949L,0x94e36ca087ee9707L,0x919b401eb1a117e4L,
-        0x2418b5ce109738b5L,0x0185bb8483a54440L,0x1d22a848d6945f4eL,
-        0x17c275c3624fd9caL,0x81862ee627b15448L,0x0000000000000108L },
-      { 0x57cc2c959184dc02L,0xb31ae7d544011d47L,0xe076ac2d417b7eb1L,
-        0xa5b2ac1baa4495ebL,0x14ca78cad984cb5fL,0x59005112daa7bbc6L,
-        0xf45dc10071d06591L,0x681ef23be278b5c0L,0x00000000000001e3L } },
-    /* 27 << 154 */
-    { { 0x8f8240265a0a487dL,0xdbd1d7c23e8d3e90L,0x1a69874bd3c62608L,
-        0x435c7884c6cb4268L,0x85b31d00655218b6L,0xcacf7eb498a67fc2L,
-        0xd20215ddf7a56bd5L,0xc6950c8be60ce8e3L,0x00000000000001e7L },
-      { 0x1cba47452e984f46L,0xca242d3a2a298b6bL,0xa1d3653a98c71337L,
-        0x5bc149263ad4bafbL,0x09f200a204dfe1ddL,0x78e00b4714fa42e9L,
-        0x1f80dbadfc2c69b2L,0xfd84c0ea9cd01382L,0x0000000000000098L } },
-    /* 28 << 154 */
-    { { 0xc3b2adb729fffdeeL,0x154f4d7951fb8606L,0x56e497fe9d7f4b0cL,
-        0xe5e69faa0df7fd94L,0x1891fe5d114fa3caL,0x4162f0e9045c3286L,
-        0x98de02c4780253d6L,0x703080027947b60fL,0x000000000000019cL },
-      { 0xe77f7b12a9510bd2L,0xc663fbe72d32a857L,0x6538a301b9274d4fL,
-        0xb2c191d0bb01302dL,0x567474f26366bbf5L,0x8446925cae1e52e9L,
-        0x3ee00ea9209b55e8L,0x3d76982d2419e4bcL,0x0000000000000091L } },
-    /* 29 << 154 */
-    { { 0x6ce35fdc36bf03a9L,0x2cca3e4b19fd800dL,0x1c42c2ebeb7c3707L,
-        0x345e0391fc298d33L,0x6f552d1aefea0fd9L,0xc22eadb8e73d461fL,
-        0xe49110b96d4435f7L,0xf7a2fb8a81759c25L,0x00000000000001f6L },
-      { 0xc09df3a632d5a1d8L,0x423fb07a53b9696dL,0x9a5942112802e680L,
-        0x59e615a3e5d1b962L,0xf418291d6976a9d9L,0x93addf8326ee6369L,
-        0x376c918a7446e0d4L,0x73ff26b4530f3c52L,0x0000000000000179L } },
-    /* 30 << 154 */
-    { { 0x271550ac40465c23L,0x7a499e8dee0dd714L,0x6feba0dc2394b340L,
-        0x666de55a6e293ce6L,0x3dcefd6d17e817f4L,0x337e774f93eedd97L,
-        0xc9c103f37a86610eL,0x97ae91cfc0eb2c8bL,0x00000000000000d3L },
-      { 0xa7dfe71a65981a9aL,0x3d63534234407037L,0x05739745cfe533bcL,
-        0xf5188158a1bfb967L,0x2d76a9c44e4702c5L,0x7e11dbe04bc7cf4dL,
-        0xd6a6cac11e0faed1L,0x04ceafa1c20c5723L,0x000000000000006fL } },
-    /* 31 << 154 */
-    { { 0xad5aac564ea2ba2bL,0xad0a5b610b4933f3L,0x5aa51da928d19d01L,
-        0x15a74ffe94ed89f4L,0xd23335608a870eb2L,0xc94daf2ed5e5a24eL,
-        0xd98f616d567659edL,0x08f6a62c6c8eddd7L,0x00000000000001b1L },
-      { 0xab4fe43bf3295b7bL,0x5562384426f75385L,0xe9d70df0097f11c9L,
-        0x7cf18143e23c34a2L,0x2a7b24fa136938d0L,0x74154841e678eea9L,
-        0x0ec99b1920202480L,0x4d1aea7252e4b7d0L,0x000000000000005aL } },
-    /* 32 << 154 */
-    { { 0x08136cbf025189d4L,0xa1c389cbc1b25a05L,0xbecdade76e9ed11dL,
-        0x6557006ba7f3f38aL,0x96d6c877bc852dbdL,0x3a0afe4bc53efd4fL,
-        0xc7f58410febe4737L,0x86deba3b84e35e2fL,0x000000000000015bL },
-      { 0x96256db24dfa7da8L,0x379735573dccf202L,0x2e0b263e8fcc1274L,
-        0x14870fe89ee7b82eL,0xcb8f9ba5425ca276L,0x683c748e7d876e79L,
-        0x48e990d5de2f2cfeL,0x2ecc8f1f48547013L,0x000000000000018fL } },
-    /* 33 << 154 */
-    { { 0x5b7d4e5300df51d2L,0xd82ba908518c2d9bL,0x95121a5d8447eb0bL,
-        0xc25d07a662755277L,0x51cbe7f5c19c32ceL,0xd038800e4c726273L,
-        0x1e1b0e9125fbcfcfL,0x5cb2408eb5e8a4eeL,0x0000000000000122L },
-      { 0x940da58ede254894L,0x6fe04e02f5d5b5bbL,0xbe069bad692f537aL,
-        0x6d24c50013873687L,0xd1cd8bd1089ad9bdL,0x07929deff8eff657L,
-        0x8d4d97bab426304eL,0xefe85addf45dc5d2L,0x0000000000000014L } },
-    /* 34 << 154 */
-    { { 0xa5fc916ec715b5a2L,0x7e6dcd80c069c5c9L,0x94dc1dd10085e7b3L,
-        0x81041f123e71623cL,0x29f931fd28807fafL,0xaa5f757aaa8003e0L,
-        0x0f9865bb318fe406L,0x2f18ba42cbeb37eaL,0x00000000000001bfL },
-      { 0x8e9acc7259cb1f04L,0x3b9c7ff8d790d71aL,0x081ec7dcecbc1c2aL,
-        0x2ee6eb196e63fe41L,0x95815ea0f4ad6fa0L,0x8bd5c1ad79cf7f1dL,
-        0x3d73c9c85ae89337L,0x2eaa40409b1286a1L,0x00000000000001f3L } },
-    /* 35 << 154 */
-    { { 0xec9fa757fbefa7e8L,0xb41dfd88382bb7b7L,0xf9cd0f6314c0b89fL,
-        0x94a8c09b56c7b584L,0x251fde74a9d131acL,0xfe3e706d8a47f3e6L,
-        0xa2cc25d799bfb317L,0xb9cb1e4114c7fe92L,0x000000000000001dL },
-      { 0x9daf45e2768f397bL,0x1903422a83975ab8L,0x0e42b292a61b4715L,
-        0x947c78bb1a1323d8L,0xbe36ec019d1699c0L,0x9ac1807792e2ce89L,
-        0x8dccf873b118c12dL,0x879c7a2187638db3L,0x00000000000000bcL } },
-    /* 36 << 154 */
-    { { 0x15dba0d81dbeec0aL,0x6a1671e23145554fL,0x6f59000813588c31L,
-        0x404b6424783bb97dL,0x30502b92cc7922feL,0xa1bd25ce1517a238L,
-        0xeb81e9dd5fbc51a5L,0xea919df3bdc3b1f2L,0x000000000000009dL },
-      { 0x70802002a4aa5953L,0xb908e35d23fbdf34L,0xb47ddc1ad971a142L,
-        0xe4f88a184c6ebd7dL,0xb2f7177f3065ed39L,0xd7b8cc98162b61aaL,
-        0x8472dbd5774c6ad4L,0x8d1dfea98f87d2d0L,0x000000000000018aL } },
-    /* 37 << 154 */
-    { { 0x5caf9816316399caL,0x29ecd26efcaa7fe5L,0x07f4e09b03d18979L,
-        0x00e88b2581b43697L,0xb04d6d03bd0408bfL,0xd3e4a0d3cf0b6793L,
-        0xd98262dbce0e8490L,0x3ed76b1601bed96eL,0x000000000000015aL },
-      { 0xcbfff64a7d070eadL,0xfd8db6ed1776da0eL,0xca03a6a2b1279cecL,
-        0x16f6ec788b989efdL,0x17f581a70dabb5e0L,0x975c57adf8b5a413L,
-        0x34bd7827ed1e3568L,0x7460f3374292fb3fL,0x0000000000000193L } },
-    /* 38 << 154 */
-    { { 0x754f1e7fd6633590L,0xb281de767862f091L,0x9135b836c3494e22L,
-        0x4cb7a1bd84da9104L,0x20bf9b88ed7088a0L,0xf7e2c4378ced80b5L,
-        0xfafdaef6038f3ae6L,0xd948d168e786659fL,0x00000000000000ddL },
-      { 0xc84110b66115d5e3L,0xf7cb7190a7d744e1L,0x2542a0d478a699f4L,
-        0xf0ae20cd574dd390L,0x4ce38ec5f120b181L,0x3763208a49ac50eaL,
-        0x24a93ddd6df7ab1eL,0xd9ae90ec2e3c1f8aL,0x000000000000018fL } },
-    /* 39 << 154 */
-    { { 0xc6069b8567f9df8fL,0xf9f56d614436dfacL,0xa3926590bf7359e6L,
-        0xd22bc2568d84397aL,0xdbf0455ce61706d0L,0xd01ed734b7bd8dafL,
-        0x6dd4ffa085c07accL,0x474802574f3c459fL,0x0000000000000198L },
-      { 0x5cc9670110bf26f0L,0xe4166acc4f70a85aL,0x73219eb9cb8f0809L,
-        0xd9798096679a93cdL,0x6737a07257df9ffcL,0x1c897e3a1e65b481L,
-        0x87fb6a8b73063acbL,0x28140113b7aded18L,0x000000000000017fL } },
-    /* 40 << 154 */
-    { { 0xadcd31054115d224L,0x1fdacdebb7fed1f1L,0x878fcb459e5a2448L,
-        0xc3910eabf7e8596aL,0x5fca4f0e37f267f6L,0xd10d0aa06e9fb79fL,
-        0x589f94624b12a182L,0x2864c5acfb879db8L,0x00000000000001faL },
-      { 0x6c024c2c07e34963L,0x49581cb82de2a43dL,0x4cdcc98e29c06b7fL,
-        0x338a9c59b976f565L,0x38540bc223c8ff24L,0x53f3c9b98bc61d4aL,
-        0x3eaa8166e3913cd4L,0x4620fe57455e4018L,0x00000000000000b9L } },
-    /* 41 << 154 */
-    { { 0x3d88a754db29e8a3L,0x7bb8f52c14527b19L,0x2d3bb7d2dbd788d1L,
-        0x49dc14bd036cfe26L,0x99471968e3c4e712L,0x0ac8222f664d6f40L,
-        0xd76f5194480b3215L,0xc9359ce9711701abL,0x00000000000001e9L },
-      { 0x159c8f1b440f4fe5L,0x56a3531e0b66c225L,0x132eab73408ea71fL,
-        0x7ca9883f8ce9f301L,0xa709285bc3646318L,0x7d27e063cbe3e36dL,
-        0x751cfaef4d8cd738L,0x0efabf55a2b6ffd2L,0x000000000000013cL } },
-    /* 42 << 154 */
-    { { 0x7a9706beff928d4eL,0xbb8726a8faba89c6L,0x39fe9f9bcfa998b9L,
-        0xd62320f745c97a8dL,0x9742ef6f536968ebL,0x2cd382d2901e7715L,
-        0x1439fc59a576e87dL,0xfa71d3e06310658eL,0x00000000000000c7L },
-      { 0x9b0cf9a2d3308f7dL,0x8c7587624856e971L,0x58b4f4da34174e29L,
-        0xa8406c3fda8aadc3L,0xc13d8977c487e6bdL,0x45e5cd3baf56ece9L,
-        0x243c3a5ffe52108fL,0x52d1472fea829c13L,0x00000000000001dcL } },
-    /* 43 << 154 */
-    { { 0x8bb77dc36083c21cL,0x77acd9f15ed5b28cL,0x45d3bd9415b1ecbeL,
-        0x3801687abc78b16aL,0x65a8b24dc6a5dc14L,0x5c1f39f925ba9696L,
-        0x094d5000498bf2fdL,0x5dc5f51d8d58cbc4L,0x00000000000000a4L },
-      { 0x260fd308925ee9eeL,0x19449853450ade34L,0x8950cacc6228bb71L,
-        0x04853a651585b4e1L,0x10cca9b124de0ad4L,0xde491b7b3294f352L,
-        0x56f35ecb05bf7690L,0x1a71fd8811eab2d9L,0x0000000000000123L } },
-    /* 44 << 154 */
-    { { 0x22d05a079995b39fL,0x95d85f0e97572e8bL,0xcd0262424cb31201L,
-        0x15c10195a9661cffL,0x7366e9943d4d42b5L,0x3d89205fd08b2304L,
-        0x4f08bfe1c72f3319L,0xf2bb6fef51da0362L,0x000000000000000cL },
-      { 0x61689ed6daa8789cL,0x1342f413c80ebe32L,0x10e3c8bc6cf15c5dL,
-        0xb59a6f209e380e00L,0x6faf882b16a0a01aL,0x5b43ff2c96deb592L,
-        0x61ffa81c22cda20aL,0x825e5e4545d1497cL,0x0000000000000070L } },
-    /* 45 << 154 */
-    { { 0xf3a2aa2ef62a271dL,0x608d878cdf46740aL,0x2ebfec653fb8ed79L,
-        0x085d812e2eb1d516L,0x739c07e661ebd520L,0x085705a0bd9b19a6L,
-        0x6589012abf32e3aeL,0x87354918e8e0d4a7L,0x00000000000000f6L },
-      { 0x2ae316a69560d282L,0xff6571977fb5311aL,0x2e317d5bfd7b740eL,
-        0x392cd22956bb7d02L,0x9a84fd4ad462ed84L,0x381b59c019b2f83eL,
-        0x230a68ca47a6c3e2L,0xc9372bc4660fbed8L,0x00000000000001faL } },
-    /* 46 << 154 */
-    { { 0x610b5c299b82e4dbL,0xd237f09a0bdec03fL,0x8509f5a57eab51f4L,
-        0x418b77d8c604baebL,0x02830b0ff0b4e07fL,0x4af187f4a4d4df6fL,
-        0x00483aa9e0bb134bL,0x9b0b6e7722357f23L,0x0000000000000120L },
-      { 0xcb09d589a259bfb1L,0xa708770853774d43L,0xbab0b5d04504b5d6L,
-        0xc128fefd23ae1fc3L,0x84a99019f0cf68fbL,0x3bbf2bd5b1656aaeL,
-        0x36294624eda54a94L,0x0c6df507d4e9b03dL,0x0000000000000068L } },
-    /* 47 << 154 */
-    { { 0xb3210cb2d8b230d3L,0x1e173d0445f2b4dfL,0x777f7e921e51c3c1L,
-        0x1f09c83dca2d24a9L,0x18f6110d7b0ed41bL,0xfc47b77f1741f679L,
-        0xed0c01d530bbb573L,0x79d732666b1edf8dL,0x00000000000000ccL },
-      { 0xd80eca007d182a43L,0x8d7a50665674063cL,0x6f3a06ba012fb6faL,
-        0xe06f683a10c1f5c8L,0x305692702fb5cb0bL,0x009de930236d12d8L,
-        0x1b3bc0356438e8fbL,0xb4c91501af74c6d3L,0x000000000000003bL } },
-    /* 48 << 154 */
-    { { 0x0724e185fe85076bL,0xbda15c151e532717L,0x6005728065e7c149L,
-        0x1a0cafe8158e6817L,0xee796ad900baa1ddL,0x8ff14a074d3ca73aL,
-        0xf153c867a3604f8bL,0xe07458b5c4ca1be8L,0x00000000000001c5L },
-      { 0xb8c4f3ad8f7dc861L,0x98ff4d7f6c38d10dL,0xda77b9018c10e7a5L,
-        0x448fbc787d69625bL,0x91ff7124ed5dcb7bL,0xaf0fb28be310d65cL,
-        0xacf3cfc0c388141aL,0x2d3d003454bbb99cL,0x0000000000000097L } },
-    /* 49 << 154 */
-    { { 0x81bffa6ca966e8acL,0x048dfaa314845f1dL,0xb38f181e803a2355L,
-        0x0f854fe03a91ad7aL,0xb523f3665ce6a9d7L,0xf40cf03a828f212dL,
-        0x128550efe3b4d93eL,0x16cb5eee53d13993L,0x000000000000011eL },
-      { 0xde85cde7c9e55138L,0xedc613495183130aL,0xaa4bac70d709a5b4L,
-        0x0e69e8bd50ab30c0L,0xef2c35b69738eaddL,0x486ac544ed00f833L,
-        0xbeaf94aad4708e9cL,0x1be9775c9a0bfb65L,0x0000000000000111L } },
-    /* 50 << 154 */
-    { { 0x111041700f944affL,0xe0fb9dfafadc4f56L,0x86a7245c1411b66cL,
-        0x25afc20163eb7a89L,0x3400be4c6404ec18L,0x62d34a7e53c67d6cL,
-        0x4feaee310655849bL,0xd0343df08ad7770cL,0x000000000000000cL },
-      { 0x1a2a4a20c81c959eL,0x9386848e8c2194e7L,0xce7c378aca4024edL,
-        0xd336fb923710a3aaL,0xfea376078da68818L,0x885e98fda10bd29aL,
-        0x7fc72000f5d55becL,0x5f1d796a7f14dad7L,0x00000000000001c4L } },
-    /* 51 << 154 */
-    { { 0x808147c7c32eac97L,0xb959c61d91e84536L,0x9ce837b46b7f230bL,
-        0x62b7aebfa19a78cfL,0xfdbf0af641120b6dL,0x30b5525b18a1bdd4L,
-        0xfe54bd619fc0f391L,0x0f19f880e152702aL,0x000000000000000aL },
-      { 0xfea6fa9a19cd0ff3L,0x4f3c3272b86342a0L,0xcb3db4f982cd5ce9L,
-        0x626a3ebd70dd4903L,0x3103519773bd843fL,0xddcb8135885ec254L,
-        0x19e39cdd277200ffL,0xace2b791def0d1b4L,0x0000000000000098L } },
-    /* 52 << 154 */
-    { { 0x9429698b23371e14L,0xd9d9270c3fdb1b92L,0xa4a76289dd4ba2a1L,
-        0xd9dd43d69ad4dc60L,0xba76236063dc6801L,0x210be4e3b8a45231L,
-        0xaaa24379f764e727L,0x7b1a75a82b1fed01L,0x000000000000006dL },
-      { 0x89e40d215f621487L,0x70c38498a2f303d5L,0xa88ce1890faffebdL,
-        0x0cc0eae6735ebceeL,0x2b755a3d8518c06bL,0xf3cd31dc62f92c33L,
-        0x6f7fe733c7562c48L,0x749f7a1c83b00376L,0x00000000000001e2L } },
-    /* 53 << 154 */
-    { { 0x2f1ce070f5ce45c0L,0x15740dd943485e36L,0x2d64f265dda2a33fL,
-        0x121759ed77b450e6L,0x4948df7e9b3e74e3L,0xcbe885b4fcd25d35L,
-        0xafbf90f2e3436d1aL,0x5e26435a3deb2819L,0x000000000000016aL },
-      { 0xbcaae7b82a463668L,0x57186a775ac86d9eL,0xc0d15d503d5f4223L,
-        0x4a2f6842c4fcf264L,0x79991f8c301187fdL,0xc699b4b77352976fL,
-        0x51c47ee14838204eL,0x716e444dc03bb06cL,0x0000000000000151L } },
-    /* 54 << 154 */
-    { { 0x8d3fcb66a7684cb1L,0xa4bb8ee051970634L,0x29ea9efdb52f9d9eL,
-        0x63fef7659018974fL,0xe31f478fb752b634L,0xdcc67b7730b8f98fL,
-        0xafff9899b4b62d24L,0x7d4a60ee4efb0c00L,0x000000000000005dL },
-      { 0x17d0f2ffa2bb6822L,0x3d74b52ab3b2e1d7L,0xf7e7150d5ba4a476L,
-        0x712e26f18771c73eL,0x22f9054ff322f80dL,0x9863136b3c085bcfL,
-        0x317a39fcc7e4dc86L,0x96a83008be7f0929L,0x0000000000000092L } },
-    /* 55 << 154 */
-    { { 0xe0908d5214cb295cL,0xf74df339f363ef28L,0x56eab1abdba8fa26L,
-        0x33f43f008ecabae3L,0x5d1acbf12425e382L,0x480bf576ee67518fL,
-        0xd6644dd469d388d3L,0xb3c512501e64d1a1L,0x0000000000000069L },
-      { 0xcb3010b42e3bfab8L,0xdb788efcba2e0da3L,0x4bd5ad9cf9d0d7c4L,
-        0xd363a5471214e14eL,0x108980023a09dbd2L,0xb0745bedf03a2af2L,
-        0x5d56b6aefacfc072L,0x37ac6ad4e2873b41L,0x00000000000000b1L } },
-    /* 56 << 154 */
-    { { 0xcf04e87527a5499fL,0xea912dfb28f3fc97L,0x4a9e4e41d59efb52L,
-        0x9ccb0b83f8f373c7L,0x684d2d75ba1b61ecL,0x15449a0254d58701L,
-        0xee02c9456a4e86aeL,0x5887a0882069e1dcL,0x000000000000006aL },
-      { 0xcf7bfc8c922649ceL,0xb4fff12e522a5024L,0x262bf90df6d0066eL,
-        0x97ae80928e0b0afeL,0x7191c6fe18507cbcL,0x54e973e1b2ae3ee2L,
-        0x41b734bc7bea70ecL,0x38975ba3b3f6b89bL,0x0000000000000138L } },
-    /* 57 << 154 */
-    { { 0x0cc156bd6c72b806L,0xa9d9c17b0dd25daeL,0x3b6c0857b6738119L,
-        0xb95b735d3476c04bL,0x737d1ec2dc86969eL,0xb36e0bc8c1cb47bcL,
-        0x83f15727ea463cd7L,0xd7484fb02e58dce3L,0x0000000000000060L },
-      { 0x85416de81bc14766L,0xae6a0b47fadb3be2L,0x496b92ab303d0900L,
-        0x3fa4d158292db573L,0xf501ec245e3fb9faL,0xa317ae11bf021888L,
-        0xfef0d5ec2271c572L,0x7e69594e90d2ebafL,0x0000000000000162L } },
-    /* 58 << 154 */
-    { { 0x19f57f08b5d2523cL,0x197abf7ece1690c1L,0x9fdf174c768a6dafL,
-        0xb1a50c4b7f45acc9L,0xcac4790de77ff44cL,0xc4985159642f4c0bL,
-        0xdfc5151faf23c14cL,0x61f453cb9b5fb8d8L,0x00000000000000abL },
-      { 0x61f3c9ea1432808eL,0x4c3b91d68da6cd90L,0xa97b9dd60b47817dL,
-        0xe51ba786ae34dcaaL,0x6e1ab1b12bfe1245L,0xcf8435b9aa609192L,
-        0xdf7a582cf97cfe54L,0xf9871f1f80fca392L,0x000000000000014dL } },
-    /* 59 << 154 */
-    { { 0xbd5fce303e85ba4cL,0x12152109b1d4ff28L,0xa94551982256991dL,
-        0xe54b2276191dc793L,0x7aba8d3c1232ad0dL,0x95b7d7023e493e3fL,
-        0x90c17102574f412aL,0xab5d8dabf1245c79L,0x0000000000000119L },
-      { 0xd64211426352b215L,0xbea2f2d73ca86b5eL,0x4c3b97bbedf46484L,
-        0x1bd94ff68332db35L,0xb8729f9a7dcd9899L,0x461df4172e1c9299L,
-        0xbfbcdb18295c8819L,0x1613563c551a6832L,0x000000000000017fL } },
-    /* 60 << 154 */
-    { { 0x704d466059d5d8e0L,0xa4a222b252d7ca1eL,0xa45b5ce29c26a86eL,
-        0xc9668e73dfb9fb62L,0x13efde0ad58183ffL,0xdc752a59850dedb0L,
-        0x0314cbc5ebf8c27dL,0x279680f3d1ab5f41L,0x0000000000000118L },
-      { 0x3b8a1d583184e940L,0x8cc52f17cd1fa6c1L,0x5118b9093f701026L,
-        0xe04d31daac34a4afL,0xf3a66f73282febacL,0x05018340e8d029f8L,
-        0x1a8bd0002058c971L,0x61198c7e7e962723L,0x00000000000000d9L } },
-    /* 61 << 154 */
-    { { 0xa86cc3e807f97c2bL,0x8c9e8034112ae91dL,0x1cfc242420bcc2f3L,
-        0xbb04d40865dcf7adL,0x8b7bd0b5e4652017L,0x080b6a0df49cec36L,
-        0x94d0ab4360e82729L,0x97ec8ea8a301c00dL,0x0000000000000012L },
-      { 0x9eda2fd27ed16beeL,0xbfef5c8acc95961fL,0x877ec19bae691773L,
-        0x2aad9eff76522fecL,0x4daeb48170b656f0L,0xc4fb1cd626197e6fL,
-        0xd8bab20ec0e741b5L,0x4b5d6d8e16332fd1L,0x0000000000000044L } },
-    /* 62 << 154 */
-    { { 0x67d03c6a85f8f5b5L,0xdcb9caba90e96ceaL,0xd23feeb7f3811dc4L,
-        0x8c54b7237276f1b4L,0xd09156767d4bc3c9L,0xf48a98c87a1d17a8L,
-        0xbe959d5b76b265b7L,0x6fe4777d4abdcaa0L,0x00000000000001f5L },
-      { 0x2807c04517c8deaeL,0xd1bbf745674d701eL,0xa8e5a7bf272c6e74L,
-        0x1901e0947c7c55cdL,0x2e1316c029711934L,0x05f68290f804ee8dL,
-        0xd3a3cb0a7511e346L,0xd3a640c3c5565874L,0x000000000000000dL } },
-    /* 63 << 154 */
-    { { 0x088fccf4ea02385fL,0xdec0885d3c2e714bL,0x02d6b86fad82e553L,
-        0x8712c2bf6c241bbcL,0xf59427d81f33a407L,0x172dd5359fa5bde4L,
-        0x019b1451380694e5L,0x55b2c33bf9c76789L,0x0000000000000135L },
-      { 0xf73d19986397fbd3L,0xfb91732482721b52L,0xd42957f6aee6a644L,
-        0x9d7857f260cbb57cL,0x6dc17afa5df4783aL,0x875dc5e0e0382dd0L,
-        0x458c445b02d1298bL,0x8a1562fb5183e144L,0x00000000000000adL } },
-    /* 64 << 154 */
-    { { 0x11446efe378cab85L,0x4c3c68cfbc48bf6dL,0x5e51466164c19bafL,
-        0xc0f00735d5cbb135L,0x5d4844a7a693b1a9L,0x517a48719579fdafL,
-        0x5ead064b532c1e6eL,0x60207c2d4135ecb1L,0x0000000000000172L },
-      { 0x4b033a37843dc902L,0xb2d3664cc27a9863L,0xf4ebdc3518280e54L,
-        0xac7789a6ae02b757L,0x50084ba410dd96f8L,0xcc3459371f5f6349L,
-        0x5f65aca8fdee6f84L,0x4aac5f5902d841cfL,0x00000000000001b9L } },
-    /* 0 << 161 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 161 */
-    { { 0x7c44096f532856caL,0xf054ac944d701f46L,0x1bf992e78de81577L,
-        0x871d2df2a90a4d2eL,0x963357a5775cabe3L,0x2e92d83dbae3ac5dL,
-        0xc39e645c415be4dbL,0xbcca60e29781b22fL,0x00000000000001c9L },
-      { 0x638cf76cfc5374edL,0xffbfbc7a24278420L,0xde577d69e7668bc6L,
-        0x88444fdebab7b568L,0x4cb8237b59d220a6L,0x02186c1c25b582ebL,
-        0xe4a04cb19b639f32L,0xd12b0e644590e20dL,0x00000000000000abL } },
-    /* 2 << 161 */
-    { { 0xdd0f09b1bb55f47eL,0xfacbdef0be55c9d6L,0x8b8b1a9cbb62c5eeL,
-        0x617ff446eb8f0bbdL,0x24176f925c1efe94L,0xf27ae452962f4019L,
-        0x3b812a15220fc04dL,0xb17b1b9bcc92239dL,0x000000000000005cL },
-      { 0x9200f2e48a465257L,0xc8ca2a1cfbb69960L,0x5410ef875a8ff2aaL,
-        0x87bc97b0e11b6896L,0x1d3a496952263f49L,0x2ed88b0bcca15d27L,
-        0x90ab34c1765c9300L,0x719d9bc7d2630404L,0x0000000000000010L } },
-    /* 3 << 161 */
-    { { 0x6366cc838d9e9c1eL,0x6da8b24c7cf6ea2bL,0xcf34ac0834a0c6ddL,
-        0x957954dde3a1bea6L,0x2ea0ef68f4060336L,0xe61893a5a84fdf5dL,
-        0x03cacab47bf522c5L,0x823249dd0dbf1790L,0x0000000000000145L },
-      { 0x2ea0344dab3e90d0L,0x5c70cc712bcccc9cL,0x5eec27550063e840L,
-        0x3983cb1bbe50d3a5L,0x462b3dc27b09ff44L,0xf779391edd6b34bbL,
-        0x6c00d9b8bbf36f70L,0x9e0eb0d1f82ee371L,0x0000000000000080L } },
-    /* 4 << 161 */
-    { { 0x41b4d05bd15e752dL,0xce20b1f846e78fafL,0xb529cc0108d808b5L,
-        0xd934f10f2210cf60L,0x9f2e7e1be41eca93L,0xc09da7a94d82d15dL,
-        0x45a84216a1ed7860L,0x9f6fa43de6be684eL,0x0000000000000109L },
-      { 0x592bd464ecf53a79L,0x9dac1bb8349754edL,0x79bbe62284339a7dL,
-        0x29c3d4aaf9f4fa5aL,0x4788cda816dc4698L,0xf94ea4495c3060efL,
-        0xc5f4191dcb3c2b37L,0xeb720d23ff69861aL,0x0000000000000026L } },
-    /* 5 << 161 */
-    { { 0xd2285ad12caa3808L,0xb871463efbc2278eL,0x361fcadec889c9b8L,
-        0xf261c688541e9cc3L,0x2cdf861c7a27b983L,0xc97af02cacc87384L,
-        0x7a80f6087638d824L,0x79852d0b79663aabL,0x00000000000001e1L },
-      { 0x9a2b626f98893ca3L,0x31a7d784d1e24597L,0xd230aba2129eedbdL,
-        0x1d339471d270be5eL,0x826c3dd781950b28L,0xfa1b74c66b0b44f4L,
-        0x5d2131e993fdbbceL,0x78176ad853eabdffL,0x0000000000000002L } },
-    /* 6 << 161 */
-    { { 0x52df1de37f4c74e7L,0xa1554957c7c2a420L,0x2bb5b1a7a850b73bL,
-        0xd0b58abf05174618L,0x09c054687bb9dc77L,0x50cca4a64e6b8e44L,
-        0x53298c54a61636f7L,0xf0325227718f824cL,0x00000000000000daL },
-      { 0x10f1de0bbf549e72L,0x7153f47caccd5cd7L,0x9c171b49425abf63L,
-        0x9902c984eac3d535L,0x9853a7df0a098af6L,0x7f88102cae0627b1L,
-        0x318ec476f6bd8690L,0xaca786dae42b065eL,0x0000000000000069L } },
-    /* 7 << 161 */
-    { { 0x75eb8d356bc9662aL,0xfdd82d5f0d8bcb50L,0xd8caaf4b9d8ad82fL,
-        0xffb9e309d0642731L,0xb514ec984da42a1eL,0x9a765c8a7d4421ffL,
-        0x0ad7d2be7e9ae93dL,0xab4d7910c97fd28bL,0x0000000000000130L },
-      { 0x4f08b836fb2b614dL,0x259737dca73051d0L,0xea3c3bc8c30af31aL,
-        0x5cee4c934a11e8faL,0x4be3e8e3b1fed7ecL,0x0b313e360052c235L,
-        0xd760058f5f082363L,0xc6e58d205fcae886L,0x000000000000000dL } },
-    /* 8 << 161 */
-    { { 0x7b9409bb42df612fL,0x32f47dd21bc66a3fL,0x213f80e023f375feL,
-        0xaa71c57f06aa6c21L,0x5bf7b3a784298947L,0x001c2c965b608fa3L,
-        0x417619c6173c7f4fL,0xbcff66acd4a20677L,0x00000000000000b3L },
-      { 0x81b9b5640603bc79L,0x8f39155ef875e591L,0xf6a508fddfd32c0dL,
-        0x7eace6f96b0dac71L,0xe40163d89e4c1eb3L,0x265226c5ff10fa6dL,
-        0x1e1af5cbda76d272L,0x954bc056a10dc788L,0x000000000000012cL } },
-    /* 9 << 161 */
-    { { 0xbca524e7fadb3e3dL,0x0d2906d5783f176cL,0xd5e30887e94c1a4cL,
-        0x3f2d19b69790cfbfL,0xe0965575d49af522L,0x3830ed4d1881a1acL,
-        0x207dbc8554f43059L,0xf0f178b3973ac147L,0x000000000000003bL },
-      { 0x7f0e0020693db310L,0x4914754404980bdaL,0x2d9a8176cc4521bfL,
-        0x3893e7acc5e2d29fL,0xa99dd4d11afa9ad3L,0x8a6ce7fab2e0af41L,
-        0x868c12a1a5188ad3L,0xd1138b17b8debefeL,0x00000000000000feL } },
-    /* 10 << 161 */
-    { { 0x709016a77aa3bb92L,0xad85ec5a6310f638L,0x37806a891d746ab2L,
-        0xb878e2df80c6026bL,0x2d1bd5cb715e5095L,0xfad149bdcf029798L,
-        0x252f826209fa7a60L,0x48c7e31ca0e64ce2L,0x0000000000000124L },
-      { 0xed6295952077c9ebL,0x86ccb5d1e1191074L,0x456067b16aabffa9L,
-        0x55deb4fa5921dfc9L,0x4d9bfe498fec9c3fL,0x09a4cb5ce52a0452L,
-        0xa590232e9c48af89L,0x593663f633ac7451L,0x0000000000000032L } },
-    /* 11 << 161 */
-    { { 0xe7e659560b715201L,0xc3db8e9fdce536b3L,0x0f53382987bf4fd8L,
-        0x4630cd5699c4668aL,0x377120aca98b1b34L,0x878344bbd54a8a45L,
-        0x788fbd286c45b8aaL,0x473be93182f3fbeeL,0x0000000000000097L },
-      { 0x3fc47f9a536fee38L,0x69bea946488b377eL,0x3d75c35835c67175L,
-        0x7fd136ea89085cb2L,0xda6e1ab485bfe292L,0x703a854684848f1eL,
-        0x37f0e804ac8000daL,0x53b3ed02c83fb8feL,0x00000000000000b6L } },
-    /* 12 << 161 */
-    { { 0x76f6bd2345f1f8edL,0x01af1d612c1af63bL,0xd83a40982bd9cdc2L,
-        0x12ec79ad79d14104L,0x999b06da0b7f13d7L,0x111b8eeeecd188a9L,
-        0x920f2064138b5729L,0x290b5f2475b98e34L,0x00000000000000c0L },
-      { 0x38a91bb8b98cfd7fL,0x0cc2d4ceb574c3f7L,0x49a05d4b8ff024c4L,
-        0xff054d9491b0d00bL,0xbed247dd100eb8aaL,0xafdb1747e9a46615L,
-        0xf801a52fc03cffdcL,0x415f01eeb9d027ceL,0x00000000000001aaL } },
-    /* 13 << 161 */
-    { { 0x15b2ae5549f234c7L,0x58635013b0beac59L,0x94c23cba4739fae8L,
-        0x840ab93eacef3a53L,0x3bc47650dcccd34eL,0xaac77901e7df4d3bL,
-        0x440cfe01370e4438L,0xa53a1a7b8e5923e1L,0x0000000000000006L },
-      { 0xa8e48ebfaf875672L,0xb6d62f9f3221cb04L,0x521ca35fb9d685cfL,
-        0xba27652d100ed01aL,0x652fe08c46958398L,0x32b370924443c383L,
-        0xac43dc6de676ea7fL,0xad362a924bab6228L,0x000000000000014dL } },
-    /* 14 << 161 */
-    { { 0x018820c2d2f48f4fL,0xc0dd7d24686b3002L,0x8ff02f40a5f47131L,
-        0xb84bad1b1995b352L,0xc640b6049af32820L,0x87268cb03dd15622L,
-        0xfea64350ffd221ccL,0xc7f6e79257deea86L,0x000000000000012aL },
-      { 0x482e7151037030deL,0xf781946d9cfd8f64L,0xd4d751a1037bbb78L,
-        0x3197bde1031ed4d6L,0xd9bbfeacd6ba8cd4L,0x5688d4fdc0fbe2e3L,
-        0x76dcd7e0f260abefL,0x019122d294017174L,0x00000000000001f7L } },
-    /* 15 << 161 */
-    { { 0xf22306192420c83dL,0xcb52f3d51a6ad672L,0x6f23327787188da8L,
-        0xc9978c3e37b3ba7eL,0x043d79269986ba91L,0x71312bf8b69e4f23L,
-        0xe868d488669cebefL,0x358d1c613b9ea975L,0x0000000000000000L },
-      { 0xa1f3d9c7d2435583L,0xb30834558f46d4e8L,0xf857db3c847df616L,
-        0xc69106f36e4969efL,0xff89cb872a3e3af0L,0xa28a9399bae1ad4cL,
-        0xae59df21c67b70e7L,0x10e6c606fe60fba4L,0x000000000000003bL } },
-    /* 16 << 161 */
-    { { 0xdba8e40547f7153bL,0x73071fd967dbfebfL,0x35881eec4441a2ffL,
-        0x50623c475b31b917L,0x8f09dbf6c2bad8b3L,0xbf1f09cd90bb890dL,
-        0xab770cd77f034fdcL,0x45b959236b7d98b1L,0x0000000000000029L },
-      { 0xd2ef1e00f599c343L,0x1289bdb17024d641L,0xed8e7886f4e36687L,
-        0x4ad57b343696269cL,0x69bd1b6e70bf3629L,0x680f08622bab0453L,
-        0x1865f02a68e4b123L,0x7bc5dbf3e8d8ab75L,0x0000000000000150L } },
-    /* 17 << 161 */
-    { { 0x6726ccbc3e2aff94L,0x5484b226c90c8dccL,0x2a2bdbc53a2527a3L,
-        0x0bc5ef43d04f49d3L,0x3e245050b41ceddeL,0x89eb42f3066f3911L,
-        0xd5a654cff6abf8ccL,0x667c82e307a3812dL,0x000000000000009fL },
-      { 0x1263649921a22440L,0xe811715df9b6b318L,0x9b6531ad5cd6faceL,
-        0xcc9494fa99de1630L,0x515021752dc29591L,0x65b72bd29d42f5bcL,
-        0xeb938f6b2e72ce01L,0x9f28e413b40a61c9L,0x00000000000001bcL } },
-    /* 18 << 161 */
-    { { 0xa7b6d19ac91805e9L,0x615699eb501c2667L,0x48e2afa5a34bc77eL,
-        0x3481417aa5c5f041L,0x2919a3596c1e6286L,0x3d1dd1d074db3545L,
-        0x342a15f49e76b201L,0x82b5db095e08f638L,0x0000000000000105L },
-      { 0xbcc640c0ad8c1f5eL,0x2251bb88dd8a841dL,0x5f210ad6a5948f36L,
-        0x28d15c5f82e9e673L,0xbe1d9e7e6a1b484cL,0xd40a0934622ce1afL,
-        0x1b7d637fbcb6d740L,0xa76f02210e1a2598L,0x0000000000000174L } },
-    /* 19 << 161 */
-    { { 0xb896a3f2d350250dL,0xf294278d7ee9ea71L,0xc9c8283e6249854eL,
-        0xc21eab81bc99cd28L,0x73b8e2c38f4be65aL,0x8244fedf69c189ebL,
-        0xce75ac12d0cdf781L,0xf323ab63fe1faaacL,0x000000000000004aL },
-      { 0x8860fa20e9ce92e6L,0x83479ba5eff82f2aL,0xfe15b93eda4dba32L,
-        0x7f6c7ace601dd142L,0xec990ad49d19bd4aL,0xde2eee45c95fed76L,
-        0x88e4dcd7f5448f60L,0x8aafa008120b0d53L,0x00000000000000ebL } },
-    /* 20 << 161 */
-    { { 0x5e52e88599dd702eL,0x8788f039002b4e01L,0x1c6e3d695c4f0701L,
-        0xe5739c8b4d9f865eL,0xaa101c5cc3799864L,0xe3cf2696f3fa07fcL,
-        0x389a552716f96437L,0xbbb4d9808b801596L,0x0000000000000164L },
-      { 0xae6ea79567728022L,0xa02d2498f57436ccL,0xa7d4f844f72b5ee7L,
-        0xe1be79d19c24f898L,0xe9d02da89af2917fL,0x589677b798d5af37L,
-        0x8515a1be298ddfedL,0x85c9f54d73c666eaL,0x0000000000000099L } },
-    /* 21 << 161 */
-    { { 0x266b62cd5e9b3f3eL,0x5923ec10fcf4c770L,0xa94e579454e6c393L,
-        0x4537ad5461e76eecL,0xb0c3a5730f27b256L,0xebc9b1cc3d1829adL,
-        0x43f486fb2a535031L,0xac5e5f3d265b0bf2L,0x0000000000000034L },
-      { 0x696366449ddef973L,0xcb381b06bd3c5340L,0xa007691234214149L,
-        0x15c92a1bbe0faff1L,0x9093712f0da430c9L,0x925af269f6ce1ed0L,
-        0x25aac7039766963aL,0xf00a980f330c5e9cL,0x000000000000015fL } },
-    /* 22 << 161 */
-    { { 0x9dc85b22b1c47096L,0x122c6be77e0e8e66L,0xdec66b03648fb290L,
-        0x27f4376ec40116e7L,0x7b7bafe69dc0cc4cL,0x0cad9ff312d08efbL,
-        0x70db245bd6542645L,0xc28346160b545d05L,0x0000000000000026L },
-      { 0x298ec3d3ed63af02L,0xbba1f13c8bf8477dL,0x2830e1ecef7a945eL,
-        0x49a0e5e009c1b798L,0xe2ef4ed3728f9e0cL,0x235768bb24570e74L,
-        0x10007a9283a6aff4L,0xae2217684ff5f9d5L,0x0000000000000014L } },
-    /* 23 << 161 */
-    { { 0x78be01f01cdd5596L,0x27c282a59b4b44f6L,0x03a41b7ba989e031L,
-        0xd477af5342fc6296L,0xd24df6d41fdb1d44L,0x7458e14ae1b0d7beL,
-        0x8eefd3d58838a0f9L,0xdf17dc2d7db4b37bL,0x0000000000000113L },
-      { 0xbb8f431ca4c7855bL,0x7cc9118df5a15060L,0x61ff999b04efc1e7L,
-        0x34f30946331fc317L,0x6f24717219a61908L,0x869beba812619b2eL,
-        0x1c53bd3a4916f1ffL,0x1276f58ea988bc64L,0x0000000000000005L } },
-    /* 24 << 161 */
-    { { 0x02e206c37471a905L,0xb6ce013934d0c122L,0xcda8a158ca1ec8adL,
-        0x17ba844b6eb26374L,0xf8dca5a62ae7179cL,0xdab1da42807ae8f2L,
-        0xdcc18ac94083d6a7L,0x1464e68edf65f291L,0x0000000000000038L },
-      { 0x6599fd7bd22a48c2L,0xfd36f482477abe8aL,0x403663c930756f73L,
-        0x1b38f348805b2e09L,0x213feb71c142d148L,0x9878091a8855d42fL,
-        0x317421962821af05L,0x9023473580457e5bL,0x0000000000000053L } },
-    /* 25 << 161 */
-    { { 0x47ba1f99743fea79L,0x06acb3c3a291a643L,0xaa7348bb9f2bb6e6L,
-        0x84fdba6fbc8a12e9L,0x15b33b6b0a667c24L,0xba9f7deb101dc30eL,
-        0x459a46034c57add7L,0x5464da8fa6609167L,0x00000000000001a8L },
-      { 0x0c6a508a3784eb33L,0x4479937d0f0a90bcL,0x1a531a0d977b0dcdL,
-        0xc2b64ddae64bad13L,0xd5be67bfee7f09adL,0x22f09f2ce76c1626L,
-        0x9686e65fe16904b6L,0x36b7a900855d97f2L,0x00000000000001d5L } },
-    /* 26 << 161 */
-    { { 0xd43858c0df99624bL,0x13136325cb492988L,0x1c894e8eee9f005fL,
-        0x22ac0619eff5ed87L,0xe5541a5988b981bfL,0x5bdc0aa3fa6c6896L,
-        0xee9ae8d5d079468cL,0x62019c6ddee442fbL,0x0000000000000133L },
-      { 0x26522a74f2b6d9c7L,0xb5b484afa0d85fc4L,0x5e43e58b8ecffd0bL,
-        0xe4208afcae402e16L,0x0f40d075c422d4d8L,0x2a9bb7082750ab4eL,
-        0xede6cf4bf468eff9L,0x8513051277fae59aL,0x0000000000000198L } },
-    /* 27 << 161 */
-    { { 0xcc69a0ccd9e4f8e7L,0xc022938a9bed81f0L,0xfa5d71e306664d82L,
-        0xd5be5e220f1e2acdL,0x92c0da616ba1adf6L,0x7f4f4a83200f1487L,
-        0xf057fde0dd6b2d46L,0x04a1fea64ee5aa31L,0x00000000000000c1L },
-      { 0xc89bcd96ed79484aL,0xa5c975a6ec2453f9L,0x33215bdb09a122e1L,
-        0x354116245bf4ac00L,0x555dccea0adbf9dcL,0x305b7c95457c70b7L,
-        0x1afe30a21ef03bcdL,0x4fb417396ad91b4aL,0x00000000000000e4L } },
-    /* 28 << 161 */
-    { { 0x9b725e514dd1d21eL,0x168e6606593e95eaL,0xae7b78d6fc4197eaL,
-        0x5292f0812cd1c536L,0x7ec384125dbdb782L,0x2853f48a71352e28L,
-        0x904986af7516103eL,0x23d71c892b57f46fL,0x0000000000000091L },
-      { 0x5d4a4f006a1e8ca4L,0xbbc96d859935baceL,0x4175dcd7b578a386L,
-        0x208f65eaac20bd79L,0x2859dbdb96f5e3efL,0x59757e035c91ede6L,
-        0xcca1eb6dce0673afL,0x886baaa29a7cf180L,0x0000000000000086L } },
-    /* 29 << 161 */
-    { { 0x23206c18b63cc880L,0xae2a1109db8b7f25L,0x6779ed193b8e5e1eL,
-        0x565a9bd7cd18feadL,0x17bd2284ccf3caa7L,0x385aef038c0d52eeL,
-        0x8ae77665138d63ffL,0x718bd33248a59df4L,0x0000000000000008L },
-      { 0xf9d111dbe3242981L,0x2fa83b3d575d3c49L,0xf45ce3fda49b5fe1L,
-        0xf35d796a9d2ec2b8L,0x9b29bd6b4fff07dbL,0x7a773285d6801cbdL,
-        0x2050e529a0c11fd0L,0x049b8045486f19dfL,0x0000000000000178L } },
-    /* 30 << 161 */
-    { { 0xfd8f5732a214ffb8L,0x44b1642c528bc00cL,0xddf614c664ab949aL,
-        0xd2c8792db600c8caL,0x742d67de888308f1L,0x7c935d3ecbd60490L,
-        0x100cda325395d111L,0x1b6a6cd19a931f92L,0x0000000000000110L },
-      { 0x5d45901e48ac9d0bL,0x1b6930212ed16103L,0x938c16a2a85d4fd3L,
-        0xd42348aaa382830dL,0x1bdea8d49ba29408L,0xde5f07a05aa9b9f4L,
-        0xf2ff6e2c17118d5eL,0x7d9e7fd948437ea6L,0x000000000000001cL } },
-    /* 31 << 161 */
-    { { 0xf21bb0d569edba14L,0x5b03deeaba63fd7fL,0x6428178b6ccbda3dL,
-        0xd90721c9ae40f7cfL,0xffa95ed408c9d593L,0x233675f5916327bbL,
-        0xf63a304a3ebd7c4dL,0xfc1e62599af1bdb0L,0x000000000000019cL },
-      { 0xe10c054ef0fb085bL,0xa82deca9e42abb84L,0x9657610111a401b5L,
-        0x7a8a0895b7452de3L,0x9a132acfc3b65cceL,0x550ebc8e611b6aaaL,
-        0xc769bab2fbb950d4L,0x9b0207afb0bbfea8L,0x0000000000000139L } },
-    /* 32 << 161 */
-    { { 0x4f6ba84d09ed0733L,0xdb3908d14bf2273aL,0x33bcff3f3a074347L,
-        0xbafc83c622e849cdL,0xfb13992ceed3b0dbL,0xd24dd41d3c016bedL,
-        0x0d15167af6c72694L,0xe06346be162238b6L,0x0000000000000050L },
-      { 0x28fea53455d96852L,0x46aee84a3f0cef9eL,0xb8af77e1775a77a5L,
-        0x63e3b7fcb66f217dL,0x763ceb6796e84554L,0x39b7ec8ed79b3203L,
-        0x62e24b184f17b166L,0x873ea1aa905054dfL,0x00000000000001f4L } },
-    /* 33 << 161 */
-    { { 0xf9e957e011ecd03fL,0x36e97a5162a70172L,0xddc99f268cee4a6eL,
-        0xc9133a8bf59c132dL,0xf0360bc56ea138eaL,0xc951611bbf929662L,
-        0xd5e127b017c41f0bL,0x273a6206effc45eaL,0x0000000000000034L },
-      { 0xede37cd5600d7097L,0xeab8d796081144bfL,0x1b45983f88a59279L,
-        0x9bac431f8fd88379L,0x1261faf43b1033edL,0x72f4d092e7106cb8L,
-        0x9c77283c885fe210L,0xd61437588f312001L,0x0000000000000120L } },
-    /* 34 << 161 */
-    { { 0xe741401b3e4b27f0L,0x3cba76aa0649726dL,0x56c542047fad17c1L,
-        0xc6f0731569335954L,0xc578f101a9fcaec4L,0x5c100c039431d291L,
-        0x2bf9d339f2630180L,0xfe18d6e0fb611fd6L,0x00000000000000f4L },
-      { 0xf7c8ebd21d5a95e2L,0x50abdb6201c572d9L,0x8122c3d1cfa44f8aL,
-        0x6eb1ebb1266a9f78L,0x6fac9cc4ea52170fL,0xb27ace4dd2a508fcL,
-        0x6060020ac99e9aa1L,0xe55643997d3f48ddL,0x0000000000000190L } },
-    /* 35 << 161 */
-    { { 0xa9e4882c7ed59d91L,0x07a64a9b1fce9c0dL,0xcc45cd129065e704L,
-        0xeecf8b38f26f1dfcL,0x2f5c4945a1616c3bL,0x900b2ccf9642e488L,
-        0x5af1d7f8162fc9e2L,0x2a71595e18424eb8L,0x00000000000001fbL },
-      { 0xec338fe3dd9c2e9aL,0x65dafe42b0517883L,0x40a9bae3d93ec0b7L,
-        0x674169aaf094a74bL,0xcc4ca4f411a22a04L,0x45a2ee1e25ffd70dL,
-        0xf12af516101337a6L,0xaebc10f406fabda0L,0x0000000000000072L } },
-    /* 36 << 161 */
-    { { 0xc0bbb7f74d30e883L,0x492e66eefcb15f83L,0xf72ef2fe6f48c1f7L,
-        0xb947548d314b03feL,0xd65e9cf3c25acceeL,0xff39b4dceeb29d36L,
-        0xbec64e77c99c5afcL,0x5b8a197d3a67c06bL,0x000000000000002dL },
-      { 0xe1331e50f871d815L,0xe03985a391481e0fL,0x813f257a226cedebL,
-        0xcd331cce2a206ba1L,0xd638fdf4827d764dL,0x6a615884c63d7d4bL,
-        0xcc4d0e0d6b08663aL,0x66436385310ece41L,0x000000000000005eL } },
-    /* 37 << 161 */
-    { { 0xadd8cd73f0ecf34dL,0x43f62967ff35e2e5L,0xf5e43e254b1a345bL,
-        0x1ae3f1eec54f35a2L,0x4f1c7df9cad2bf13L,0x15d4803bde8fd01bL,
-        0x9f4042173924fc8eL,0xadab12608a67eaacL,0x0000000000000030L },
-      { 0x194e264056788778L,0x9150f420b9b52528L,0x65e6f21ef741753eL,
-        0xdec82a916b87ac55L,0x1cbe14d2287c7942L,0xd7a761913f6f27b9L,
-        0x4aab93b16fc85b18L,0x542dd2083b421209L,0x00000000000001e3L } },
-    /* 38 << 161 */
-    { { 0x2791f6cbd8c481b1L,0x5f6e979b105355abL,0x9717cbdb3c359624L,
-        0x524de35b434adfa2L,0x342553b9e4390513L,0xba52714e2c4aa1d3L,
-        0x203610b03352d5aaL,0xb0417dbfde6e9eb2L,0x0000000000000007L },
-      { 0xa7a4ab660778eeb6L,0x3e73596701347028L,0xfefbc03f86847bcaL,
-        0x6b746803cc5bdcc8L,0xec44a1ae77b147a8L,0x447f4acf99a32887L,
-        0x57fc9a18a05edd76L,0x984f16610c725648L,0x00000000000000f6L } },
-    /* 39 << 161 */
-    { { 0xd19616ae1983ebe8L,0x4503d5f2e1e673f5L,0xef3f5a36e6b42028L,
-        0x55b2352ddf585e21L,0xc96b97cb803254a0L,0xbb91658d46a8dc81L,
-        0x510b21ca6c1d02c5L,0xc01a0264618a46ccL,0x00000000000000fbL },
-      { 0x809346c47c10f0d9L,0x1f4da743e1e88f53L,0x53670064ebd2df12L,
-        0x700b420afa09e88fL,0x4a22c1529e631b7aL,0x1d4d965c170a085dL,
-        0x0d6d1a47fbbdf9b9L,0xf95f3f2816be4629L,0x000000000000001fL } },
-    /* 40 << 161 */
-    { { 0xe410d8f75fd30bbdL,0x966e71d6031cff85L,0xfe51c6c9a6f4b6a7L,
-        0x6aa83ca8d5681412L,0x28a61d2e57a5d801L,0xb699f6cb52bc0413L,
-        0x1729f8d0443bb821L,0x6e22f51204452a00L,0x0000000000000076L },
-      { 0x7b51ffac0cc2608eL,0x370f9a54495e770aL,0xe32a66e2f574b07cL,
-        0xc3ead5c57c808c30L,0xf04bdebd20d3d51aL,0x82b07f2804ffd31cL,
-        0xd2d81ae3b6df8fb3L,0x3978bb58002ea4e2L,0x00000000000001abL } },
-    /* 41 << 161 */
-    { { 0xe78315f6dfbb52a9L,0x9d3cba08427fe77aL,0xdfe7bf03a89c1b0dL,
-        0xab65916f705a6509L,0x674049815c466030L,0xe8f1d410c97d6559L,
-        0x38bdb4141cd203caL,0x3ddba428daf215d9L,0x00000000000001e1L },
-      { 0xd1174c6998d10f89L,0x049f8fdc7bf92d99L,0x5e93b8e5cb52899dL,
-        0x886da2cad057f3d5L,0x7bedd886c75e69d6L,0x48b808d7b869acb7L,
-        0x542a5fbb7168759fL,0x18d5a3b332d207f7L,0x000000000000015aL } },
-    /* 42 << 161 */
-    { { 0x7d28aec6ca1338b9L,0x60e2c0021de0a9e9L,0xec83a036473cdc40L,
-        0xa18a48427b3ca8baL,0xbb6ce1a4d57240f9L,0xd8849fb45cd926edL,
-        0x0a6bed34a99ff832L,0x4f95f32bbf65f46cL,0x000000000000016aL },
-      { 0x1b97562771d2f781L,0x75e4501fc527e102L,0x79130a459ac2b105L,
-        0x470192f34acebcf5L,0x72b54c075997b4a2L,0xed718897c8b60b66L,
-        0x4093b1f8f51bd41fL,0xb29f58d3a42de0f8L,0x00000000000000d7L } },
-    /* 43 << 161 */
-    { { 0x331982b89a4db510L,0xf3712ed38465e8c4L,0x3d34b58f16d166c5L,
-        0x4c288793731d073bL,0x70ff503acbb64d41L,0x8c1af3bc188deefbL,
-        0x5a73b272b1ec9218L,0x9ef75613bf5d7d3aL,0x00000000000001bfL },
-      { 0x539822ff861474bdL,0x180f16e73e4fbb41L,0xcd2510ea4d5b4fafL,
-        0xdcc4d89a7fd914a7L,0x2b80a838ae4c4ac9L,0x51b8089df7376ed8L,
-        0x0ab1f9608fbaa6a0L,0x6e736c68dd816684L,0x00000000000000d0L } },
-    /* 44 << 161 */
-    { { 0x5d35a91d101c28c4L,0x0f09bee540733fc9L,0x15b904b81454c498L,
-        0xca3a5474136142c5L,0x58c9b304bd03303cL,0xea4075b5a60b59dfL,
-        0xca58872e67858464L,0x788b761f48354a3bL,0x000000000000016eL },
-      { 0xd17d61f750501d32L,0x791776d613aceb1dL,0x3b0e441e42c97751L,
-        0xbc212d890edad7b1L,0xf9fe60a0ce37bf73L,0x65fcc158880d070dL,
-        0x00a84549d1d4e035L,0x01c1e68c701162b4L,0x00000000000000ceL } },
-    /* 45 << 161 */
-    { { 0xd0a8554c494fb156L,0xc71afa6a8c500c38L,0xee41b4fa39a89f0bL,
-        0xbbb592d2af6b45d9L,0xfe957349f903b987L,0x43cd6c638db1e4d9L,
-        0x8e43ec817ce3023bL,0x416c60c5329a63c2L,0x000000000000019fL },
-      { 0x2b21d1cf4d61105eL,0x251b9594b74f4dacL,0x12b8fe3c5e4d45eaL,
-        0xba2c53365fc42715L,0x223fdd1c773b2d48L,0x94f125933065fc8dL,
-        0x492cc924e2333395L,0xb3616a8475ac3c66L,0x00000000000001e3L } },
-    /* 46 << 161 */
-    { { 0x5ace22d86c5a60ffL,0xb851dfa9f4a3b8e9L,0xf69113c2fa83cda2L,
-        0x32ebf61d64cfd0f2L,0x54c22f18957e47caL,0x6bbd312371db481aL,
-        0xee07ace023f0bf72L,0xe21cc99694f56b82L,0x000000000000015bL },
-      { 0x5f550ca712edff28L,0xfe0f2ee6bdbf147cL,0x0c5ce5382fbf0a76L,
-        0x1ed469f774b92d4cL,0x9b1c90af48edafecL,0xffd719c5d02d67d9L,
-        0x1393017c26b20c72L,0x394c92a765bbfc0aL,0x00000000000000e8L } },
-    /* 47 << 161 */
-    { { 0x8e3b16ffff7e659eL,0x46277baa15e7d54bL,0xa9a805181780a668L,
-        0xa3c489288ee7de0dL,0x5a33494c6a492932L,0xf21c24fc8c77046bL,
-        0x0f03d8aefe34a7d0L,0x124f0b04cee67a16L,0x0000000000000155L },
-      { 0x5a35d64c33c9043bL,0x43c74b4c3bf7ba98L,0x799109fbd8945905L,
-        0x144fe1552c7afef7L,0x216b3cd4a58245eeL,0x59db3457dee2d7edL,
-        0xff7a2017df7c0f11L,0xc4f76ef73306c02dL,0x0000000000000056L } },
-    /* 48 << 161 */
-    { { 0x35a5767a91f7da33L,0xb73136937ba4dfedL,0x3843d6c37f7e4d30L,
-        0x6f461c6be2595a8aL,0xa34766d014105be4L,0x62d28311d7c9924eL,
-        0x7bfd28110f51f78eL,0x9cd30fb24b760751L,0x00000000000001c4L },
-      { 0x739b01bc3391726aL,0x82721aef5fde4fd5L,0xf3ec542dea71f1f2L,
-        0x520fdd3458345718L,0xef2a3d6f54bb2d09L,0xf75fc3fcfaeb5530L,
-        0x6fb68582f73076b3L,0x27d3835620e57568L,0x00000000000001beL } },
-    /* 49 << 161 */
-    { { 0x7a28d24dd585507dL,0x1e4e683466285c9dL,0xe4b682babb22705bL,
-        0x64d1ef0045ab2054L,0xb5cec856cc08627eL,0x889ad5ebb8b7e942L,
-        0x8d714cd95079afafL,0x4d8076a73e83d558L,0x0000000000000190L },
-      { 0xe9f3ad2bf576cd63L,0x59000a34b58cfc2fL,0xc264ed814685f799L,
-        0x982c7552123238a0L,0xa9ee7e5968384c7bL,0x8664439308b33f41L,
-        0x17b12f704e50471dL,0xc0d7e9bc75ebea21L,0x000000000000019bL } },
-    /* 50 << 161 */
-    { { 0x912222d815c2f2a8L,0x2de888271cd8f2a3L,0xe76034a53dd91b8dL,
-        0x845a5d5194b6f95fL,0x2eb60c5b52e29a05L,0xf0d98738ba25e6bdL,
-        0xfe6a89c8cdc0327cL,0x167c43e4c20b4ca6L,0x000000000000005bL },
-      { 0x39630959e8c54a45L,0x02c1c7fe70765ab8L,0xec3f9a8de3407090L,
-        0x9cc4b5fb695237a6L,0xd8f106ce75b984f0L,0x9cbaf61edbaba8d1L,
-        0x1d97a9051041afc9L,0xf2e9161e55b31a38L,0x00000000000000ebL } },
-    /* 51 << 161 */
-    { { 0x5a6bf7f91f8b55a8L,0xc69d8efd172ad4e2L,0x225a073ce679c187L,
-        0x715c881907c52ca1L,0xc0e7ea40ea089856L,0xd468af9b39f8886eL,
-        0x0d4ba8bc050432baL,0x19f774a064252dceL,0x0000000000000156L },
-      { 0xc799518c93721f59L,0x366c163c364ad15dL,0xba588393e560fb0dL,
-        0x016a8490de01278dL,0x2b528be2d1a40335L,0x5309de257787392fL,
-        0xeb1b66711c0958edL,0x53fc34a953ef3c21L,0x00000000000000a7L } },
-    /* 52 << 161 */
-    { { 0xb4329354b10450e0L,0x467523c0f2c7c16fL,0x8704d83d9859020eL,
-        0x04daea48e8ad89feL,0x63c0e5f15b92f0a8L,0xb46d370e1b70e374L,
-        0xdbf6127aa728e693L,0xb2121298b13a28b4L,0x00000000000001a0L },
-      { 0xd0421f84c0574c9fL,0x0cf61cd6d362b1a8L,0xd89f8484bb97b57fL,
-        0xc9bd3731b39b01f3L,0x1af2db789dc8f339L,0xe4841c8d5be1a90cL,
-        0x4fa214cce1f35bd5L,0xdf654917c1a9f844L,0x0000000000000118L } },
-    /* 53 << 161 */
-    { { 0xcc657fbdeded2e02L,0x141fc3e7caf6a533L,0x7da03a50c37499b1L,
-        0x065eb76c204614f0L,0xcc8bd1807ab23c85L,0xca7080fb5f1cec2aL,
-        0x1760042d05f0a0fcL,0xd8fe8fc96c675e0fL,0x00000000000001b4L },
-      { 0xeac258083d064fc5L,0xa906864eade9696cL,0x58fcf49e1f711665L,
-        0x1ff08bacde11a5bbL,0xa7feb828b482ca23L,0x6a0182962648ed45L,
-        0xb86ca29c5066a0a5L,0x6365a8682517aa29L,0x0000000000000077L } },
-    /* 54 << 161 */
-    { { 0x34733894f44f0ca9L,0xe4cfd1e412871471L,0x744cae9c6937e907L,
-        0x4e64dd6163227fa9L,0x47d3efa71c46edc0L,0x0872f46ecc49f614L,
-        0xef5581ef6c3aa650L,0x40cbe7deffa56263L,0x00000000000000b9L },
-      { 0xaa3435661a572651L,0x3dfd8846f16f48dfL,0x0a61cd2df660bd14L,
-        0x2aac6852b7382316L,0x237e7531a213fc6cL,0xe5fd6bd5733eb51dL,
-        0x07d667c654816bf0L,0x1ad4cb04e1079eedL,0x000000000000001eL } },
-    /* 55 << 161 */
-    { { 0x6798f4d06e56988dL,0x41378b308e88eaa0L,0x2dd138d2fd992c8bL,
-        0x5e7400ae71030b13L,0x7b00ea1f13c9ad72L,0x171f656d79101b3eL,
-        0x1614fd762b2d5ebdL,0x75c70e686e0f5bb5L,0x00000000000000cdL },
-      { 0x9d980a7936d23463L,0x834c407489e9fdb9L,0xc9b2dfe11423a5cdL,
-        0xab0462bbfec68ee5L,0xf1b299fd96ad5ee7L,0x1a1052ce79847284L,
-        0x11d08428d9a4aba9L,0x3f76770dd07f8532L,0x0000000000000058L } },
-    /* 56 << 161 */
-    { { 0xf85c1b6a18db2823L,0xda36fa1c2203eea7L,0x81f96771cdac541bL,
-        0x52e33f39605c943dL,0xadf4c06637c23121L,0xe9e5aa4b8ad2c86cL,
-        0x3d4a61630354ad23L,0x44b4d8ebae152c75L,0x00000000000000fdL },
-      { 0xd5d3d35dab2d2652L,0x55b6f8ed382b2fb7L,0x3a1eee79a7e69b83L,
-        0x98f430aab5c6da08L,0xf4af6cd956cce57bL,0xd67e787b7af2ea27L,
-        0xc276f0a7d8841e4fL,0x2e23f60fc0478c59L,0x0000000000000026L } },
-    /* 57 << 161 */
-    { { 0xf0eb4ab877863073L,0x94181818a546f8bfL,0xcd887c3ca8731841L,
-        0xe2bcafcc75595c73L,0x344aa895985d3b76L,0x1bf93659471fdde9L,
-        0x966caabac3b6a887L,0x3ef855c5d55370f8L,0x0000000000000066L },
-      { 0x19d2a2302184ccb0L,0x8fc183ee69acc9dcL,0x7a4e06407c15ff8aL,
-        0x558ad1c20c26289bL,0x6c4115510529310cL,0x280ac8190fca48a9L,
-        0x0415f9bacf58bdbfL,0xc3886683f2c0dd4aL,0x0000000000000062L } },
-    /* 58 << 161 */
-    { { 0x3e88401aeebc8d94L,0x7e5f8ec0075f3f3cL,0xc9fa5c48d3004237L,
-        0xcb17bcbb3d2f2e5eL,0xb105514bea735fa2L,0xba377336fba76370L,
-        0xf221092e050d6dc4L,0x77a261f905f5f809L,0x000000000000013cL },
-      { 0x606d9cfad207d34cL,0x596d48e3d86cebd4L,0x9446a6eea25feb06L,
-        0xf8aa591e0e3061baL,0xfafdaf2e4d4e8f87L,0xdc642f5dcde1b623L,
-        0x0780a3b18c4123c6L,0x0b0e00885b2343d8L,0x000000000000009fL } },
-    /* 59 << 161 */
-    { { 0xd6968c6456a686ebL,0x76bf6f10f6be50c1L,0xb07ea82138afb6a8L,
-        0x0fc9edaf1d7736e9L,0x20d6045f9b3e0246L,0xd17c5795991c0a45L,
-        0xd7db43f4df3ed4e4L,0xc89cf90f2ac74830L,0x00000000000001a2L },
-      { 0x30417f69b28de367L,0xcb660863643918c8L,0xbdb5eb048fb7d82fL,
-        0x401f0699f4368ab2L,0x9ef1961f15413dabL,0x30b0324f41c40991L,
-        0xc2b48a84f8668b54L,0xd93b0282b6d52027L,0x000000000000019aL } },
-    /* 60 << 161 */
-    { { 0x69660fea949317feL,0x373d869babd661a7L,0x9af9b8f1d3e12c73L,
-        0x924254a4b60c5995L,0xe35cd8673d19f242L,0x52b966e567041fb6L,
-        0xa23e82421d39defcL,0xdd92b1a8eb62a410L,0x0000000000000125L },
-      { 0x3c1d6f5250ed0bacL,0x3266bab423c65483L,0x1773d1942fa296fdL,
-        0x1716ffa0cc5c82b1L,0xed0b4af7185788b3L,0x9ad866b5990b8e96L,
-        0x3263e59f69dad8d4L,0x4fa90e3f3c4701bbL,0x0000000000000142L } },
-    /* 61 << 161 */
-    { { 0xedc26bc2b7001966L,0x07965896b8d8521dL,0x485564a35427755aL,
-        0x522dd1d1f3f96155L,0xf182a1d731bf10a8L,0x3967f375fabecb7aL,
-        0xe657de0bdcd6c80cL,0xa8db2b3a8de73efbL,0x0000000000000074L },
-      { 0x6cec45bbbb1b75a3L,0x1e28ed9134f5ef01L,0xe4a2fdbab493e0f9L,
-        0xf3b058cbc67f30f4L,0xc63ce1f97c21e9e4L,0x6df803bc9587af66L,
-        0x83b68042b2d6058dL,0xbd466da98be4c8adL,0x0000000000000050L } },
-    /* 62 << 161 */
-    { { 0x8ebd9194aecfa334L,0xf12fdf8b12498ec5L,0x10aeeea323bc15c8L,
-        0x67e32fb5746aa8f0L,0x6c2a3ce334ea8c2cL,0xed5b45bd7d1e6a40L,
-        0x4ec06953c478d94cL,0x06653d528fa54d3eL,0x0000000000000002L },
-      { 0xefe66e37c9fc19c3L,0x3df15ce78f92ef51L,0xecae3d50d107059fL,
-        0x4e588f54d6f8d314L,0x3fb75086789921daL,0xd475779892273a4eL,
-        0x18a75dfb63e04c7bL,0x90f39dd1fa412403L,0x000000000000018bL } },
-    /* 63 << 161 */
-    { { 0x618e0931d9ee46b4L,0x3c65fdc65ac70195L,0x46a7ca1f25b503a5L,
-        0x3d43ee7529d9d453L,0xeae5decfcb21a646L,0x32cdc75f95a04c13L,
-        0x7b39b1bcfc631a28L,0x903bbdaed2ab7499L,0x0000000000000085L },
-      { 0xa0cfb2a4f158b009L,0x59cf9fdda8d72e02L,0x2f83798e4e24207dL,
-        0xd8fb75cf4272d53dL,0x55e7a933a3dff9a0L,0xb72160f8815ef182L,
-        0x5a14b7e3fe0d0337L,0xad937b534b590bc2L,0x0000000000000041L } },
-    /* 64 << 161 */
-    { { 0x0db2b099cad6b074L,0x4749379c2a6efc26L,0x31862f75ab64d63cL,
-        0xa465075d1623e85bL,0x5f03bbea00e7e1b8L,0x24ef8956a2c133cfL,
-        0x6f9fbad452533ca3L,0xdfb15df3abf81b19L,0x000000000000015fL },
-      { 0x0616fd242796855aL,0x4a9a066c9cbc946eL,0xaa0fd8ee347283f1L,
-        0x63bde9adf15aa16fL,0xbdd5677a9277e9bbL,0x5ec032e2d045538cL,
-        0x5f4eba3aba8c76fcL,0xa17d2872088e500cL,0x00000000000000a6L } },
-    /* 0 << 168 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 168 */
-    { { 0xd8faa3bcd4cd8948L,0xddc437839d2888d8L,0x1e951bd5581abba5L,
-        0xa52dfab22947d11fL,0x8fbb0ed8728a40eaL,0xd4f4d06f31d769ccL,
-        0xd93b1d93fac908d2L,0x8852b438f5a3b0cdL,0x00000000000000bbL },
-      { 0x84ea0e03c8c88de9L,0x621a808863cdb21fL,0x332c292ecd6ec216L,
-        0xfd01ee09c4cd0dcaL,0x5354ec9efdfce95cL,0x05c307b2a6b8db30L,
-        0xf7b254eab44784aeL,0xd38481257e61408aL,0x0000000000000128L } },
-    /* 2 << 168 */
-    { { 0xf9b815fe2f1993f7L,0xe1f5199a3ecce0e2L,0x8898d789ab10a910L,
-        0x49863dac4e863533L,0xb5f118aa5e465bafL,0x10d031280281e10bL,
-        0xc98361355042343bL,0xc2140930bc68242dL,0x0000000000000073L },
-      { 0xf1417466e84f3896L,0xd4167f1323db4590L,0xe5347265c7699f09L,
-        0xe4458198be6204bcL,0x9375296868d8b7a8L,0x49757c532a065d8bL,
-        0xdc0856fbb6927e83L,0xb1679b0c56449cf6L,0x00000000000001b2L } },
-    /* 3 << 168 */
-    { { 0x1a80e022f6b5e497L,0x210b6f4b8d73860aL,0x16f2e7bd7b7f92c4L,
-        0xded9e969d068de98L,0x68105e12546ace60L,0x56a0c5b0efb6f66fL,
-        0xf0d5fdb985d590d0L,0xf15e274fb69d5821L,0x00000000000000bbL },
-      { 0xd8d0621dde543268L,0x9e0ab44c04b71011L,0x25c135cbdb9fe3ccL,
-        0xf0a9044b024b4ce3L,0xecfb54fa49d2589aL,0xf57495388bca2c50L,
-        0xd76bf119f8f8e5f6L,0xbd946e2c292a452eL,0x00000000000000b2L } },
-    /* 4 << 168 */
-    { { 0x1d43440f28eb6ffdL,0xa97797d41faa5c82L,0x14a960425c895eefL,
-        0xd35e5d8cd4fa3e4cL,0x9e68f293277b5084L,0xbf5b8a162bc6b1a0L,
-        0xa1d47a38cf49a617L,0x703e609e62fd2244L,0x0000000000000048L },
-      { 0x5909fbf6c6af3c4fL,0x1428b8357c1975abL,0x30f8a30810400297L,
-        0xd753559f5b5750bbL,0xbc5235ebf99fabb3L,0x588aaf0bcaa35305L,
-        0x13085abc579dc86eL,0x793f9efafea9393bL,0x000000000000000fL } },
-    /* 5 << 168 */
-    { { 0xd1e60e5f8256720cL,0x171027f57c49fa90L,0xf64e8839f6549f3cL,
-        0xffa1490469b799b0L,0xadd4e8fb34553fdcL,0x7cf91923741a95baL,
-        0xc9fa2fe993a1ba5aL,0x5d9e34020980acc1L,0x0000000000000020L },
-      { 0x2a5cb99c98d2c9ffL,0x448896bf6c3294e9L,0xf76232cb81e067a4L,
-        0xbda3583a3757184dL,0xfa41813b2e0c61aaL,0x6ba2aeb6c106499dL,
-        0x93782286a19e4b30L,0x13e2306f86e8c59aL,0x00000000000000a4L } },
-    /* 6 << 168 */
-    { { 0x6f8275e50e37edbfL,0x64ad3b76db3e6343L,0x2eef15036a5161ebL,
-        0x2c60875ecf10d729L,0xd477f32a9424ce59L,0xfbd5ab3fddd91be6L,
-        0xbe1f16dfac18456bL,0x88e755378dac1a4cL,0x00000000000000d1L },
-      { 0x4f8e076e3c10f2f8L,0x04f48ba57a6bc509L,0x8b825c99420b54d1L,
-        0x35fb71ddd7412044L,0x1d954ed2771b6d9eL,0x24ead049473e8a03L,
-        0x513ff05d28ba193aL,0x42d94d2c7a8abf0cL,0x0000000000000143L } },
-    /* 7 << 168 */
-    { { 0x5169a5ba3792d0e1L,0xa94f38ae866a52b1L,0x52123a0860f5270dL,
-        0x3753c8f7a5b51694L,0xc28f1bd14c0dc22bL,0x39279193e55184f5L,
-        0xb9fe5bda528c4498L,0x1a04e978bce7de75L,0x00000000000001c9L },
-      { 0x95b584d1ed890690L,0xd02b7fc965d82f4aL,0xa630a8dc3f0b031aL,
-        0x79759d955be69e84L,0x8cdb211f45539242L,0x523fbd101032dad8L,
-        0x40c47f4d5b003e94L,0x02de551920d6fd97L,0x0000000000000144L } },
-    /* 8 << 168 */
-    { { 0xf63486b5ce9c07a2L,0x109221f7b9b5e762L,0x0450b6c79210d1caL,
-        0x8a9b11b1cc780322L,0xf33c4701a30bfdaaL,0x1a7d75f3c33bfca1L,
-        0x4ee930e51c13af9dL,0x3ce4223bce402aa2L,0x00000000000001ecL },
-      { 0x2ffbfae311fdd6eeL,0xca5f04d003c1edebL,0xbd80684a5d3a2e52L,
-        0x98d1a18d54193ab1L,0xc549cecef366fc87L,0xb194e11aa13ead38L,
-        0x6acaf7b21882660aL,0x686c0c7bd2cad2adL,0x00000000000001ffL } },
-    /* 9 << 168 */
-    { { 0x1a90defed7b4fdedL,0x195bee8f6336c055L,0xe843d42796a94272L,
-        0x86cae8e64d7dd6e9L,0x5403b7b7119151e0L,0x3314afc85037da6bL,
-        0x6d7f8f8212ca9455L,0x3937bc09b94463aaL,0x0000000000000081L },
-      { 0x306e5a03cb8e9b37L,0x126473043c8b52f2L,0xc869679ef93cae12L,
-        0x20f33375ab4f3d13L,0x90d9c5cf0501336cL,0x35c85984849df5ecL,
-        0x42f846286244c6c3L,0x901d2a938b835c13L,0x0000000000000113L } },
-    /* 10 << 168 */
-    { { 0xb584b65394932b53L,0x68aad973af36cdd6L,0x2ac829a60bb4cadaL,
-        0x403367f33f0e5d18L,0x412b28ad7dda08e1L,0xe7841355e24b3863L,
-        0x5171c588093520b9L,0x9db8db4c5ec5762bL,0x00000000000001d1L },
-      { 0x8d3b541ec6238d25L,0x586350aec23dc89aL,0x8455da87fa4d8c25L,
-        0x7adfdca316492352L,0x8fdb5c08c81f1590L,0xd5e01e0324773e80L,
-        0x4a3b7f13dcc95928L,0xc08babf4f80b2facL,0x00000000000001e9L } },
-    /* 11 << 168 */
-    { { 0x37d8ad51452f6968L,0x9abf76030be46391L,0xc64ba0aa4f51f996L,
-        0xb71cf4b72bef5fa2L,0xdadcbf144aea3eccL,0x86619a4a5ca7abeaL,
-        0x17bbbd06af54e743L,0x70c9d3b76d5362ebL,0x0000000000000057L },
-      { 0xf2486bbdfbf53393L,0xbf16873cb87c38acL,0xca1694b587557348L,
-        0x95ad3cb860dd9d75L,0x61177e70b097e1eeL,0xb481729fc4d1faaeL,
-        0xaa07352130f14ce4L,0x8c3e81e6e534f9e6L,0x0000000000000104L } },
-    /* 12 << 168 */
-    { { 0x22d3054c1ab5373dL,0xbd4f796363adadc0L,0xfb4298ff2650904eL,
-        0x2801e275ebdbc2c0L,0x1122ea0608190926L,0x41ec28d8b2e79279L,
-        0xce049e5276667fcfL,0xc84223fa732778a4L,0x0000000000000081L },
-      { 0x56be4933666ff503L,0x0b396d37bcee9583L,0x1b469e0e153f80beL,
-        0x3d42cd0932305dbbL,0x8c0d230527134efdL,0xb90a2abb08752f5eL,
-        0xce873be8b5b796ddL,0x6a240d331b25403fL,0x00000000000001d4L } },
-    /* 13 << 168 */
-    { { 0x86aad63f60740f5cL,0x32b7cc316ee3ee57L,0x14340252a16df7d9L,
-        0xc70632bd30867552L,0xc34ab941e536c3ebL,0xb8cea58f1b8c9771L,
-        0x4f12848942876fc8L,0x2b6009fca2b9447cL,0x00000000000001edL },
-      { 0xc93452d882b5e6ebL,0x29958d78ac7dee6fL,0x22dd8fd9bf6fa7e3L,
-        0xc59c69516a75f72cL,0x1c6101e36123b596L,0xf5907c48e3f2d479L,
-        0xe5d0b6a671bd58b7L,0x840ff28c56d9185fL,0x00000000000000a7L } },
-    /* 14 << 168 */
-    { { 0xd89e1fe8330465deL,0x73a9c39780ef0efbL,0xb8200ef38ed739f2L,
-        0xe0914b2f6ec1025dL,0x7f277714866a3ec9L,0x1c9b4cd05716d865L,
-        0x176d3095167f3a3eL,0x85a16f0afcccac3cL,0x0000000000000177L },
-      { 0x767e84814f1e3019L,0x88b991b861f15fdcL,0x26cbcb752a17701dL,
-        0x79f801348eed411eL,0xdd053c40411302fdL,0x35d3c2f030858f66L,
-        0x0b53da7a9107a692L,0x9452396f37f9cacbL,0x00000000000000c3L } },
-    /* 15 << 168 */
-    { { 0x961404136bc539e8L,0xe6edfee1e4524c6bL,0x09749744d07cccf5L,
-        0x1748b47ec03bdba2L,0x2690d0192bc9c91eL,0xd3f34165bade77f3L,
-        0x1903c781805ee388L,0x56ede14320ee5637L,0x000000000000015fL },
-      { 0x4300285a7b5b9f4aL,0xdd3a022f1b6ae86eL,0xc54a8abe376288f0L,
-        0xc1d8ec4f26e3394dL,0xa3979d7b91ce3ad0L,0x0aaf9ce7d1798cc8L,
-        0xe972a6d14649a9b3L,0xb0d0e5b7f260defcL,0x000000000000002bL } },
-    /* 16 << 168 */
-    { { 0x327eec483e206f1dL,0x20bae09cfd9e0124L,0x90e15a5012fe91f1L,
-        0x0dd6de71359590d6L,0xb47ff7877346265fL,0xf68c7538d72b31fcL,
-        0x1210aa5e853e2029L,0x22955a4df09c0c81L,0x0000000000000040L },
-      { 0xe194dba07335f4a6L,0x9d6532fb4bde2f58L,0xfac563c59016930aL,
-        0x626eaeefaf9e2095L,0x7af29b71b7d9fde1L,0x809b7fe436360bbfL,
-        0x57b5e52de3cd1c8eL,0x52b9040937b01251L,0x0000000000000032L } },
-    /* 17 << 168 */
-    { { 0x2de80b5c1b9fe008L,0xd7a592bdd3848f67L,0x12505f695f8777c4L,
-        0x596956be711b00a8L,0x04ead4ce34d9bb68L,0x87d1821cd0ed1006L,
-        0x0f78cb9699acc9f9L,0xb77b5d17054b4885L,0x0000000000000081L },
-      { 0x61d1517fd4aa7593L,0xc1f884346683d4cbL,0x15409fa1c660ba6aL,
-        0x5756c0f91e5e0b78L,0xa110b7ec1649f63aL,0x5a1b015f245a2867L,
-        0x450aaadd6a15fffcL,0x2f44146d8f20e164L,0x00000000000000edL } },
-    /* 18 << 168 */
-    { { 0x34d354711d7c9b90L,0x02efc83e7cd3e5c4L,0x3bdce4d599838e28L,
-        0x903b361fc09f1f79L,0x13c9e9250540eab6L,0x69f28111375ec845L,
-        0xd35cefa96f3fb692L,0x7dd9245da6e1cd71L,0x000000000000007bL },
-      { 0xcf0e51b7d6693e85L,0x34584a15e14a978eL,0x38d36120591126beL,
-        0xf26f3d52d1a5a853L,0x904a64964e97c262L,0x7f3089ff6ac89132L,
-        0x1f8934fd38e0e5fdL,0x52e3fdf2cd20b982L,0x0000000000000134L } },
-    /* 19 << 168 */
-    { { 0x1c18f81921822327L,0x19d3895763107dafL,0xab3c2c5bbf02410bL,
-        0x056973d48084f3faL,0xf6c0f0ad9c6c0e1eL,0x5813f6354715d332L,
-        0xb1435e02d54f75b4L,0x483968e79f4ef80eL,0x0000000000000077L },
-      { 0xeb0da4e25a942323L,0x2236437f2120ac60L,0x16ee032f66313c05L,
-        0x6bff696400a38fedL,0xf5b8ee71cf6d4cd1L,0x939c85b5fdc6617dL,
-        0x1505c244a7fcfe0fL,0xa496610ab7881695L,0x00000000000001cfL } },
-    /* 20 << 168 */
-    { { 0xf915b3f2f47e55c4L,0xb163cda470610cf0L,0x822197f50a302cbbL,
-        0x8d787800ad959227L,0x10c30f94571bc9ffL,0x2a28b5ab2caa7d3cL,
-        0x35cdf34647775889L,0xc81fec4b397cc8f3L,0x00000000000001fdL },
-      { 0x83a251027f5a86a7L,0xfc270fdc49e2b112L,0x351f20f947f16503L,
-        0x4fc2abe97820ddd9L,0x68391136093b9c29L,0x0bb983f1c6d0c759L,
-        0x15a671860ea6b033L,0x56602ab7edd62f4fL,0x0000000000000125L } },
-    /* 21 << 168 */
-    { { 0x947fb594aba4398dL,0x19a131cb57bb07e8L,0x8f3be50326eac16eL,
-        0x451e83c0f2546781L,0xb4139dd4e44ca83eL,0x38a9d3905dc48a1cL,
-        0xfadb6d0641cfb776L,0x6ff29cc5eef89414L,0x0000000000000021L },
-      { 0xcbde6f766a7e915cL,0x1a7e27d2797752a6L,0xb09dd97ab6cdad5eL,
-        0xbe5d66881bbb61b1L,0xc4b76c701fa85cafL,0x88282fbd92ee96baL,
-        0x1681c7dde1b4e7a4L,0x3c57dd60ee3982f6L,0x0000000000000128L } },
-    /* 22 << 168 */
-    { { 0x54c8fc4e9f2b71f9L,0xb6c0fc49988e8120L,0xd2058da0c8927203L,
-        0x16766dd5bd3f622aL,0x7ad98310f854d625L,0x4995d6bb55c5058dL,
-        0xeecdf90c74bcfc75L,0x2d62d4faf4154102L,0x000000000000005fL },
-      { 0xbcfd7e5cc78ec9abL,0xba7846a3e9c8c551L,0x80ce88d165cbee60L,
-        0xefda52b95632fdd2L,0xfeae287b8ddbf5e4L,0x8fe72dfa152ac780L,
-        0x63f4561e614d87e5L,0x1a8d5a1e1190f43cL,0x0000000000000124L } },
-    /* 23 << 168 */
-    { { 0x14e9504a41cf60e4L,0x4d580f91ba2fc313L,0xc4d5ec9342122efaL,
-        0xa5a21ef9a3107935L,0x190ecc1c466437b7L,0x696df2275126df44L,
-        0xc9d6872cd8ae1dc6L,0x7e2fbe46f515214dL,0x0000000000000047L },
-      { 0xe226b86e0bb95f94L,0x77f82979db22d5b5L,0x059b2efca0b81578L,
-        0x8994c684251b4724L,0x248ab92581c5c432L,0xd7a601bd7218d58cL,
-        0x87e9d6e652fa557fL,0x94240f677c6717d2L,0x0000000000000172L } },
-    /* 24 << 168 */
-    { { 0x04b6642cc79728ecL,0x82006db7d4052ddeL,0xd7c03908da99c38fL,
-        0x7ba70fb9a6637549L,0x1dee482cb94a286dL,0xa628ac2a01d36d7eL,
-        0x4de12e5c003da5e7L,0x4f68a006e306d20eL,0x000000000000013cL },
-      { 0x90cb32d5635d5908L,0xa802b2585c89c608L,0xbb22484549a3be5eL,
-        0x53f1fc3655480c5dL,0xa3eb1e7b0c070e5aL,0xd0e34a5af1abbf5dL,
-        0x145ea8cb4b88db7bL,0xa9ff13bc839bead8L,0x0000000000000147L } },
-    /* 25 << 168 */
-    { { 0x30cf3767c86ddfa0L,0x6b3fd143eee9269bL,0xcebdd16d52204c51L,
-        0x274b0dc204cd14b8L,0xb6e928505a86d610L,0x6b37ae54e6800db9L,
-        0xd93efc3df84a0f79L,0x879d7dd56af06c52L,0x0000000000000101L },
-      { 0x8167dc1f83b6b8e3L,0x13e08ee718402d20L,0xf0186bf60b26ce15L,
-        0xd5aa811535c6875dL,0x0c76d0c2c5ca2103L,0x5fc8a70593646cb0L,
-        0x8afb8877a4ae3f67L,0xe2326f750e699723L,0x0000000000000143L } },
-    /* 26 << 168 */
-    { { 0xcf7d26bb15ba71a8L,0x000c8e8c0bfbfa5cL,0x718a54266f646f01L,
-        0x7c0fa210dd018dfbL,0xb64adc0f384f7dcdL,0xc0c66542477625edL,
-        0x871e593e2c75b53fL,0x96c1451fb9f00e20L,0x0000000000000060L },
-      { 0x8e0c5c99b1d5302fL,0xb2c5f34efd4421c4L,0x947c3fa92a1a9d1cL,
-        0x6721f393881b28b2L,0x1b5513edddd050a2L,0xfb2d77941408593bL,
-        0x3425f229e707ecefL,0x88c2673666df4ce3L,0x00000000000000aaL } },
-    /* 27 << 168 */
-    { { 0x5b7ecdb52c5f43eaL,0x53082afe02559d3bL,0x070e354264f68b42L,
-        0x58d6c1aa7c879d43L,0xc41be80750405684L,0x955a275cbce7908eL,
-        0xc70c146dbab9f5c9L,0xd31d7c27901ac701L,0x0000000000000010L },
-      { 0xdbc82b2bf7614365L,0x2875d55c32cd5ab5L,0xb395d08feaa9be8aL,
-        0x97838c558ce9b4d6L,0xee22d8ce4fc6794dL,0xe401877623372c0bL,
-        0x6dd2c34bfe0d49b5L,0xbcbcd109f128646fL,0x0000000000000105L } },
-    /* 28 << 168 */
-    { { 0xd0bdf16917216f79L,0x2a9d74a468bbe483L,0x6965b608e5c7b3b8L,
-        0x83e8d0b290d8ddf1L,0xb27aa05509ba77b1L,0xbf4a09be67c32e3aL,
-        0x5982ac195bf2c8eeL,0x764907324f70b752L,0x000000000000000aL },
-      { 0x1088b1f878a204d4L,0x40a0293f4d4e8a06L,0x312854a3af8d6f9fL,
-        0xb1df39186282a51eL,0x9de32af13769fc44L,0x045404379a6d0abbL,
-        0xdadc6c9d13185e57L,0x1f2b8d38e979f37bL,0x0000000000000012L } },
-    /* 29 << 168 */
-    { { 0x5f8a8c0d3ddd0191L,0x1f266a867fae699cL,0xefbd18d2bbbb048eL,
-        0x648e5f90d1ab43b6L,0xf81591adcf10f706L,0x362ddc168ed8f28fL,
-        0x2108b2c3f6b398e1L,0x1269ce097783a2c8L,0x000000000000008bL },
-      { 0xa6a691c37f465dfeL,0x8bfddfc027667ee8L,0x85db93c4e9bbb777L,
-        0x77b3e07dc3aaecb0L,0x0bba38f41d6635b2L,0xb608d7f20156a865L,
-        0x628c6f6e0f7e38f2L,0xddc70efd519f6429L,0x0000000000000069L } },
-    /* 30 << 168 */
-    { { 0x705bc9adde556ab7L,0xfd31b77a08c5f548L,0xe4d6128f47ccec97L,
-        0xda6413aba2467e6cL,0xf551c43677e4ddf1L,0xd60ca0c72bc04c9aL,
-        0x7ad228c8ff849e17L,0x59934f4e930f91a1L,0x000000000000011fL },
-      { 0xa76a8707868154b8L,0x15eca497a7dde8cfL,0xc7c5191877ab98a0L,
-        0x3ea558ae7fb66e87L,0xdd8e344c48afd9bcL,0x2f65b11c119fb92fL,
-        0x9dff92f896a00df2L,0xe2fde0a4be17daf9L,0x0000000000000057L } },
-    /* 31 << 168 */
-    { { 0x65ad3804ea9ec2a2L,0x44155525f7c6d675L,0x7c1934b57d7cdf15L,
-        0xa9ac66b468cc4856L,0x98b006b4ab305ce3L,0xc0bbc4242c87391fL,
-        0x1c8056caa6fc5d89L,0x91c2a6af74ba9ca6L,0x000000000000007dL },
-      { 0xa0b6f93e661a095dL,0x91a7b4d05deac6cdL,0x151ef226bb2331fcL,
-        0x37ebf47e93095466L,0xab8aa36598606ec4L,0x27d7aaadfc03f039L,
-        0x0c431597fdd46012L,0x0556f5285af06a03L,0x0000000000000118L } },
-    /* 32 << 168 */
-    { { 0x7eff6eb56037ff54L,0x78cfc774963e7cb1L,0x48d139d16b3956a1L,
-        0x3265461a619f159dL,0x80dcb967a3b1db5eL,0xdb164bf4f293c925L,
-        0xb0a372de83b65b62L,0xda262fd344760c21L,0x0000000000000058L },
-      { 0xa8f9432da6dfc562L,0x0c7b74ecdc54c213L,0x56b4b751df24c7e3L,
-        0x5b32314bb42c77d2L,0xcf2312a419053195L,0x60bf22144f2c75ebL,
-        0x0207884171877095L,0x8acd999da44f75faL,0x0000000000000152L } },
-    /* 33 << 168 */
-    { { 0x45a2719a8907ce54L,0x013d1b3aea166fa5L,0xed88621b21199f5cL,
-        0x7700e61eede4254bL,0x5939852d884c08a4L,0x19734a9b2d1d89aaL,
-        0xa246df9f0dfa3941L,0x9879316c979c73daL,0x0000000000000151L },
-      { 0x8dbcc1180b113864L,0x7ee1a88ce82525b4L,0x0c43f86653bea16eL,
-        0x37ff6f028824f34eL,0xfa8838b9b027581fL,0xed25a70c8647d511L,
-        0xd63ae1953618e600L,0xcf0b98339b9a93d4L,0x000000000000003bL } },
-    /* 34 << 168 */
-    { { 0xd506324903eb9185L,0xf65164dd7c1fcccaL,0xb69558864fb70360L,
-        0x0d697e8afac2988cL,0x9c4c06a537c97636L,0x635c88f58055600fL,
-        0x4ea4c09a74703af8L,0x81ec33b9e7a75723L,0x0000000000000089L },
-      { 0xda9a2dc047213f93L,0x6ed717efabaac078L,0x3076325bed22d7f4L,
-        0x951dc05863bd3f8bL,0x77f1cf965b1c8d00L,0x9dea7ebab5941b35L,
-        0x293095f4d4e61491L,0x0e7ead86eb9ae037L,0x00000000000000d2L } },
-    /* 35 << 168 */
-    { { 0x39f9f819f6c209f4L,0x089db5253c2a5cb7L,0x20c5ff24accedeb3L,
-        0x82f84b46d2b5c3fdL,0x1a1ed43fb90a33ffL,0x436766d3e973e5afL,
-        0x2294111437456b11L,0xe860807c70ae9ea9L,0x0000000000000059L },
-      { 0x9009e20ab72f6cccL,0x741fefc4fe6e5cafL,0xf1a848dd63098fc9L,
-        0xac752a505ede32ccL,0x9efccb9732ba5b6dL,0xb2856b15b94e8d20L,
-        0x99e35bc499607f7dL,0x113f31762f82564aL,0x00000000000001d6L } },
-    /* 36 << 168 */
-    { { 0xea8b99529f5e6fbaL,0x667318ea35ac6c04L,0x7485f1c55ed348acL,
-        0xee18ff33019501b6L,0x90107a5f3e904e7dL,0x2ec33497aed29e07L,
-        0xafd289974c20de45L,0xc48cd0bacca26170L,0x0000000000000018L },
-      { 0x9ba74136a948ebdbL,0x78ed508ac81acda0L,0x9facc76fef5fedcbL,
-        0x36faeef8a3b6ddffL,0x5624949573b54036L,0x089e6fa3c9408662L,
-        0x1604ae228f9f0744L,0xc1297a7657db098eL,0x0000000000000065L } },
-    /* 37 << 168 */
-    { { 0x3992cb6807815aaeL,0x7195db4f1b803175L,0x97cd250b424fb1cdL,
-        0x016049f38ff45927L,0xb64141ada1ad30f3L,0x8f16a5857dd25547L,
-        0xaec66e6aea7f6a7fL,0x4dd29ee57846a86dL,0x00000000000000bfL },
-      { 0x6e964890f5112f11L,0xb011a6269bb780f1L,0x6e448385bd208e60L,
-        0x5210e0dd83eb0a37L,0x996090715d94a88dL,0xc8bfcac7273e631fL,
-        0xfc414a18bb2f9b24L,0x975182160c054385L,0x0000000000000196L } },
-    /* 38 << 168 */
-    { { 0x9b304aea874e82c3L,0xffbfb0822b7d090aL,0xd9196a7d06ec403aL,
-        0x9209f5cde36151faL,0x8935c8aae25e0c13L,0xdb1a4c7716593d65L,
-        0xd1e963377d694686L,0x4356bae0e08dcb7eL,0x000000000000001bL },
-      { 0xea20f2c0c14af785L,0x48d27833a4295f88L,0xf05d85ca6c7d3114L,
-        0xe58db881730ea2d3L,0xdfbe2a686b20c2a2L,0x31768d41efcae9f4L,
-        0x9cb4a4e393d8386bL,0x63ce4ef1ad75a399L,0x00000000000001f9L } },
-    /* 39 << 168 */
-    { { 0x5614856e14f693f9L,0xee48d0157ccc71a7L,0x943ba66129590c3dL,
-        0x154b5cc174db3bfaL,0x3d1ee077d73d37dfL,0x05d5e0cea58a17d2L,
-        0x6abb262dfdb1cf05L,0x858b3bec8b39082fL,0x000000000000013aL },
-      { 0x394f12df6ac53fe7L,0x9d14a39e3a811443L,0x051a0ce3addbf1b9L,
-        0x7e4fc131013bd7c8L,0x5795cfb876750d1bL,0x14f8ee5d3ab7d068L,
-        0xcb83f31d2f526886L,0xe6f51eea0b3f327eL,0x0000000000000032L } },
-    /* 40 << 168 */
-    { { 0xe17cf4f985e05448L,0x5e29ec55936b85d7L,0x5f4969344230c449L,
-        0x6fc1d8a08206a6f0L,0x399712364d5d2de2L,0x42689259be3a7848L,
-        0x77279b58c493be56L,0x43cbcf5c7d422c0cL,0x0000000000000004L },
-      { 0x6b1df3f0438b9048L,0x293cee3bd53799a6L,0x44b4dee8945bae0cL,
-        0xdf3236a21fc75aedL,0xead6de57fed25024L,0x68541a4ce87d013fL,
-        0x72be3aeb4a734d6eL,0x5e84735bc7371e3cL,0x00000000000000f3L } },
-    /* 41 << 168 */
-    { { 0xd3aca247bfebd246L,0x7d956df376ca7483L,0xb7b30bf20f3a19b4L,
-        0xb062c4b5697de983L,0x31cdaf2d79521344L,0xb8daa6236ced6cf0L,
-        0x73830cc4156e1821L,0x6364e445b8644ed0L,0x0000000000000152L },
-      { 0xb26d84846704d687L,0x42ebf82d2c2b018aL,0x68b526dcdc65295eL,
-        0x145615d496530ca1L,0x3ece93877955b80aL,0x177d234769f38006L,
-        0x19f33f4c84e14bbaL,0x01c98346e0704d10L,0x0000000000000082L } },
-    /* 42 << 168 */
-    { { 0x735eb443357ba15dL,0xdfa17a9a54409ca0L,0x6ef5378cabc39f28L,
-        0x7936cd2a1ccd0467L,0xd85db56a5c9af9e0L,0xfcf9e3d12316133cL,
-        0x3904ded86c2487c6L,0xbff674d2b8cc515cL,0x00000000000001ceL },
-      { 0xbb912bd83ddb6e4dL,0x9d82f6936116dc27L,0x3b72986d952ee214L,
-        0xc932e3fd03c36dd4L,0xd787bc68500decb3L,0x39092ea64b6dc85fL,
-        0xb3cb876162e68168L,0xc4df21b060e2d9eaL,0x0000000000000029L } },
-    /* 43 << 168 */
-    { { 0x77cf38dd8b9bbedeL,0x7b0a344f7b110970L,0x18827ec691d85793L,
-        0xea6a1f394d11d455L,0x2fcabbd4a81e87bbL,0xeae28f10dc775f92L,
-        0xa3df2a95e8acef4dL,0xc5e112384901a4f9L,0x00000000000000c1L },
-      { 0xda7885dbc589a008L,0x1054bc12edbebdf5L,0x24ffbe9e60727f53L,
-        0x89be3122c2e1b79eL,0x28e91a4be68dc55cL,0x2232a01160a852c4L,
-        0x578de9e994036a7fL,0x6e5b3ef4936e8e5aL,0x00000000000000e7L } },
-    /* 44 << 168 */
-    { { 0x8a7b02d872e5f18bL,0x29c3db48b8dd1860L,0xf3b0f47fa5b307f2L,
-        0x6bc9ea8cbaf7b51bL,0x6651b8dfc59c6616L,0x11df28a9da6f33adL,
-        0xc8879af48b93d7fcL,0xc119ade4e9b03431L,0x00000000000000c5L },
-      { 0x6bafe0406631c4f0L,0x4ecf64f6c34562b8L,0x1ceb750c3c4c04caL,
-        0xadff4c89b93e2106L,0x9e281057459e3e63L,0xbf3b3cdd4b54f2c3L,
-        0x7547b18beb880314L,0x34d7af52e0663b30L,0x000000000000017aL } },
-    /* 45 << 168 */
-    { { 0xcf9abd89b41c4c8fL,0x5232bc8561dc8213L,0x02da5b3b1cbcb9e4L,
-        0x43ba9d21f98b522fL,0xa061c2b6534bf7adL,0x5f375638a48855a3L,
-        0xa0450b26113089e3L,0x9ce6a8484ff249d5L,0x00000000000000b8L },
-      { 0x9fbdac93bedac56bL,0x4f95bd5bcdf67eb4L,0x657253778d668ae4L,
-        0x762845ea23c3aa43L,0x3af6d2c21ff463b5L,0x6f2aeb6c0ec166d2L,
-        0x134f65a49be5d26dL,0xeb728f6afabccaddL,0x00000000000001a5L } },
-    /* 46 << 168 */
-    { { 0x4a0927077c43553cL,0xabd2598f43690980L,0xab06313fa8572f82L,
-        0x56e8f3ac4cb0844fL,0x0bd7554aa69f60b1L,0xadaa48b599f8ff55L,
-        0xc7f85e160e0ed3d2L,0x906dfd3f77e510f2L,0x0000000000000064L },
-      { 0x1629167574a41facL,0xc679c38178d601bfL,0xee9838c2bd9fa391L,
-        0xe1fabfc20c7f88abL,0x7759b0943183eaaaL,0x62bdc1f4cf96a23bL,
-        0xaf85e735b9a8dd9bL,0x1be45d2bfe461052L,0x000000000000017fL } },
-    /* 47 << 168 */
-    { { 0x8add55157869f938L,0x8328e90a3567ecdbL,0x265f489d0ab7633aL,
-        0xda46aaa44a9a5a8dL,0x725f698404b3b4a5L,0xd5cb793e1d7e98acL,
-        0x77a2e141b724608bL,0x711415c04b81416cL,0x0000000000000173L },
-      { 0x5d2381001f95cc6aL,0x8eeb20613f6f9261L,0xa9f048ce38ff1f73L,
-        0x39ff65199978b00cL,0x1e81ccd1a7a52e68L,0xfd1103a50c01e3a2L,
-        0xd533b3a501de60d6L,0x7746c9c4374412d8L,0x000000000000013fL } },
-    /* 48 << 168 */
-    { { 0xfbdd71d76da23955L,0x58aed61e4e9dca11L,0xc8f75ddcc41906acL,
-        0x37020b118ae30a21L,0xf91295233fe85c4fL,0x201400fdbe4b3724L,
-        0x9739962d3a2d4446L,0x917e35cda0f4b655L,0x000000000000018fL },
-      { 0x99496b29ae9e0ffdL,0x98a9369f6dc1cb95L,0x5db5ca11cf116e11L,
-        0x3df10d8508fb818cL,0xddc80cc991ddcd37L,0x8e8647da496af53bL,
-        0xe244c394573a894aL,0x056a45e741b4de2dL,0x00000000000001a1L } },
-    /* 49 << 168 */
-    { { 0x84c2553f194efd8eL,0x15247b56051d3139L,0xc1e3437f7cdf7295L,
-        0x8c154778be6ef662L,0x809b77523cdb4e9aL,0x573cbaf2cf155669L,
-        0x083e1d6cc2fec451L,0x879d2b2408e53cb4L,0x00000000000001f3L },
-      { 0x6ed740af3991a529L,0xcf5df2320ee78333L,0xd597b1865f2a7fe1L,
-        0x169b4d47e1da55b6L,0x4b61da2128866db1L,0xbedf5c1851a98c39L,
-        0xbcfa723bd4c47affL,0x293bc51c24bc0569L,0x0000000000000193L } },
-    /* 50 << 168 */
-    { { 0x2a3902169926b505L,0x8d78ef77e00be256L,0x1b4243060813f0f7L,
-        0x7bbe8aea99e1bfc2L,0xee0d8bfb2c16d048L,0x0f52f62c16927281L,
-        0xfa1eed898b0aab8eL,0xc960284b03aa8ec9L,0x00000000000001f0L },
-      { 0xc0cea54084e2c7d4L,0x2c967298631cd12fL,0x9d363cee377d24ddL,
-        0x8044dcd6a5143a2eL,0x827cd09de5438b71L,0xfa445ab5e086affdL,
-        0x6bde5b7ea21ab95cL,0x473e55f7e1344c94L,0x000000000000018dL } },
-    /* 51 << 168 */
-    { { 0x1806b23055de5e11L,0x66181382a8b7907bL,0x9a53b2cd761b28ffL,
-        0x99b04005e0d8111fL,0x2329d028af15774dL,0x0c69a9aeed7ab9b4L,
-        0x679b29e25ba9fb26L,0xc4da383c1109c306L,0x0000000000000096L },
-      { 0x0c596d701ec7b181L,0x2320a21d38dd635aL,0x76fb5cbbbef074c3L,
-        0x659c69f34c245d5aL,0xd4cb6c4f73910addL,0x7a9b35b02bcb561aL,
-        0xe6a998c30b42e5baL,0x1d13f70aedffeffeL,0x0000000000000050L } },
-    /* 52 << 168 */
-    { { 0xb063202f31fe14fdL,0xbb003d9c8bbc840cL,0xf0e2d2cc3d91dd50L,
-        0x09db1c24722cafcdL,0xdb3b82e189c2e546L,0xe719cfa86f470d17L,
-        0x909871aeb4c59142L,0xbce979234a64f3fcL,0x0000000000000112L },
-      { 0x95b635710d88533eL,0x778f74c30006844eL,0x2821500ad11a08e6L,
-        0xcb91cf3a0d64bdc9L,0xe1ae9e56e2129232L,0x7f7c927ab11ff55aL,
-        0x8db638e4416ac07aL,0x3a38dd3d1d2c2dc4L,0x000000000000002bL } },
-    /* 53 << 168 */
-    { { 0x12c5026f19d3a430L,0xebd36b518531be4aL,0x2d0eedc93dca12efL,
-        0x441f0dec6cc652f4L,0x8b0fd67bf1272c4aL,0xd9b90373ecb89af5L,
-        0x75514cf9029341daL,0x438f0a8da9e45ec9L,0x00000000000001d0L },
-      { 0x79fa46f4b976862eL,0xbd0b6a77cc80c75aL,0xf37779ebb69d3f59L,
-        0x77b1d47d8cfc2042L,0xab8c9d21eb6f9983L,0x02620b797cff3615L,
-        0x4000cec1d74dafd6L,0xd5cc4e4a5cc17f2fL,0x000000000000000aL } },
-    /* 54 << 168 */
-    { { 0xde6d2f0250b19dedL,0x17e09363c883d0e3L,0x583f1980473a0d98L,
-        0x669ec3ddc3666af9L,0xfc4c58c495d4ca2fL,0xcbba5d0a4125183cL,
-        0x878a81f19cd646daL,0xc3fb9edf12f64d9aL,0x00000000000001eaL },
-      { 0xdb504ffc97bd5280L,0x05aedba0a49b016aL,0xfdada5630d234e6eL,
-        0xf7d210f9201efad7L,0x41e2fadcbad7f0c4L,0x8746684bf35f6af5L,
-        0xebc37b5a8f816409L,0x5fe729b874ccb6cbL,0x00000000000000feL } },
-    /* 55 << 168 */
-    { { 0xfdc15977e34a2d53L,0x03a3ecd71eef5a01L,0x4a024948549c37d6L,
-        0xf9b6ebba3572805dL,0x8468d745a3904985L,0xa446d8636fe46f66L,
-        0x6425a52a6242e469L,0x0d8ea4349722c51cL,0x00000000000001dbL },
-      { 0x11603f9e75d953e9L,0x424af418470a0f3dL,0x62dec6c2e5d8071dL,
-        0xd26d146f32dad225L,0x99f756df8f286bb3L,0x4c0f5d7c1dd19cbaL,
-        0xdb43a2d1dbe50905L,0xce07db2555d15d34L,0x0000000000000145L } },
-    /* 56 << 168 */
-    { { 0x060ad0b2473d5f1aL,0xba73eccaf0d23a2aL,0x38ff0b96b44913b1L,
-        0x551791f011ef6a24L,0x728c5333b5d8ff2aL,0xa22a2fb1f6c23b09L,
-        0xfbf8a99a6442b975L,0x2433fcf020e16f2cL,0x00000000000000d2L },
-      { 0xd98e567c33ad7094L,0x386b2d8e3689fe95L,0x842afb8d5d2e0b51L,
-        0xb04c9c8d2f412733L,0x09acadadc3a3812bL,0x6ca2083c78c320ceL,
-        0xdff84922933deb8fL,0x729eef0f270fa28cL,0x00000000000001ecL } },
-    /* 57 << 168 */
-    { { 0x0e70ba30d1457b21L,0x06d7b4372aaf52a4L,0xb5fd37195a0d8d07L,
-        0x57f2d337eaca1022L,0x2fb19653b038b66dL,0xb7aab5519f1835a2L,
-        0x183eb2b9e5565ff2L,0xbe91ace36018b442L,0x0000000000000052L },
-      { 0xcfbd5ca05082d526L,0x4f358cf275761316L,0xe67eeb30dbf98fffL,
-        0xf3719573a45ffb48L,0x1fe011d829cc0c3fL,0x640743f0507ad2f6L,
-        0xe2e66fb4d225c2fdL,0x37933dcbf3f6de1aL,0x00000000000000beL } },
-    /* 58 << 168 */
-    { { 0x56d47bc171146be1L,0xeb3ec09f4e911458L,0xa9dff639184c52e8L,
-        0xe68567f4b5d0a63eL,0x1c2ee8b7126e32dfL,0x731d04202898412eL,
-        0xfc01fc84e0b2f347L,0x0599ae70d031d939L,0x0000000000000011L },
-      { 0xb90a4fc12e48754aL,0x8c4c8dcccfc67435L,0x8986e7b11cd90cf7L,
-        0x080af15a92813705L,0xf31e604f94c68b5fL,0x178bab1966ad70b8L,
-        0x017bfa632a529227L,0x1e4d20d3e0e9d229L,0x00000000000001bfL } },
-    /* 59 << 168 */
-    { { 0xd7680aaa26e31466L,0x90f7d3a84ed9df83L,0x7ce63b23f4cc85fbL,
-        0xc97e8e4d3d2b2ee6L,0x8e1b908f2f0ca474L,0x6d334abfe6f70df8L,
-        0xc8ba8486ab24e38dL,0x21f8763be7ca8513L,0x000000000000018cL },
-      { 0x238477ee82cf6a21L,0xbd6b5c610164a8f3L,0x4a931e61674dad92L,
-        0x48f0a0a926e566deL,0x0e8886143f5f44c3L,0x42f5473b4302e1beL,
-        0x322092857a5fca8fL,0x4f77cc8c4b4b7cb1L,0x00000000000000b2L } },
-    /* 60 << 168 */
-    { { 0xa1dc7875d24cc937L,0x8bcc5f83efc3446bL,0x26da651ee8126a41L,
-        0xe784188a356f436fL,0xa5765424d774138aL,0xfc685d4cc8a96662L,
-        0x036ac0f080a3fd62L,0xec41502a6dd04e6dL,0x0000000000000006L },
-      { 0x6982079813ec2f1eL,0x52ceaa44e8f956dcL,0x9f8211bc6c221df1L,
-        0x4cedf8cfdcd0689bL,0x915c690a05fbe468L,0xb745f676942032b6L,
-        0x531dfaeb81ab170bL,0x63163f66951d11b4L,0x000000000000016cL } },
-    /* 61 << 168 */
-    { { 0x59a83a30ebfe0068L,0x532358c703d578c0L,0x20e092c3d7cb9ad8L,
-        0xea469bf62dec6c49L,0xcecff1a9d541249dL,0xe8346d1ff9970638L,
-        0x90c33c61a2e00cb4L,0xaa2babde0c03ebbaL,0x000000000000015eL },
-      { 0x6905928fd6423e1eL,0x68fd55acb4419fbfL,0x9475915a53727da0L,
-        0x6d4d6b768dd0d218L,0xeca16dd535e418acL,0x67962c9e28ea6a4eL,
-        0x7e5a60333071a0a4L,0xcaa404212bdbb2f3L,0x00000000000001cfL } },
-    /* 62 << 168 */
-    { { 0x24a1ffcd85febcc0L,0x4e2d4cce5fd15677L,0xa52aaecdf168ed5cL,
-        0x7fc6ca94de1944d8L,0x7b058166dc2e18f1L,0x6ebb51366c4c7ac7L,
-        0xa11f966fd06c33e4L,0xcc445c9f1e602e6aL,0x00000000000001e8L },
-      { 0xd8622d0945fc989dL,0x48b4f9dfc820794dL,0xb3a22f12ceff02c8L,
-        0x1fb5feb7350fc5d3L,0x6590d85b716bd79dL,0x923b166fb46d3df3L,
-        0xae7d111bfb66e05dL,0xf869c3913e382cb3L,0x0000000000000035L } },
-    /* 63 << 168 */
-    { { 0x91592d60beca406fL,0x2d8ce8f2838ff992L,0x194caec60bba2292L,
-        0x38833614c8d8769dL,0x04f36284a443febaL,0x3352e7afed8c2369L,
-        0x431ee9dbda6ad421L,0x2ffd00f078f1f563L,0x00000000000000d8L },
-      { 0x47fcd60325da5fc7L,0x5b55a33e45b44e69L,0xa8ea02a5be9c36d7L,
-        0x510aa45fcd6fb386L,0x1378ce53b8adeea6L,0xcc015dd0847ef47cL,
-        0x77f3813358f44061L,0xca4610c8de8eac82L,0x00000000000001a1L } },
-    /* 64 << 168 */
-    { { 0x0cfa67a640b0a066L,0xe97c179e8057a710L,0xb69d285227cce600L,
-        0xf7dde8c5419687d1L,0xdbcb15185d5b039eL,0x3e47772fd99abbe0L,
-        0x71c9c23ab2a9c6a0L,0x5af10b9b94496951L,0x0000000000000152L },
-      { 0x0f96137f2c91f83aL,0x1f743fa449f15b33L,0xd43b3ec0ccb4c1b1L,
-        0x895a3be3cfeea9b0L,0x27c3b4959eefee4dL,0xf1b4212712e344eeL,
-        0x023afa76ff929c1eL,0x3078097686d07325L,0x0000000000000166L } },
-    /* 0 << 175 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 175 */
-    { { 0x48a2fc84658b96b8L,0x039af24c465ebf34L,0xa7a9b0144f404eb3L,
-        0x80176ef0763ab5c4L,0xd4984b136b5617adL,0xa6a39ed89195ee81L,
-        0x1ce2974905c2eff8L,0x78aeff6c1281fa56L,0x0000000000000199L },
-      { 0x40cf462310374f0aL,0x89212e99958219f6L,0xe7599b2027b97cbaL,
-        0x1ae1cb659e551710L,0x62881658502e6670L,0x8f78ccf876e23a8cL,
-        0x78e165ad732cc46eL,0xd6b5ab1cf7670684L,0x000000000000014aL } },
-    /* 2 << 175 */
-    { { 0xb342d85dda44ff51L,0x54ba0522d08596ffL,0x3da8e8ceb0ac99c2L,
-        0xcebe6a9691f37dcbL,0x8ebad3d9c24d7d1cL,0xf11a4319c75945efL,
-        0xd4dfe534ed1ac001L,0x745e27721a521e4dL,0x00000000000000c4L },
-      { 0x745e5b41df65e0bbL,0xf8887b533b84ed58L,0x1a54bc479c0684eaL,
-        0xfd4f1d36ce9c7672L,0x490bc265ce5730fcL,0x2fa1ad6d8430adb9L,
-        0x0f117bdcb7db19b4L,0xbd339a789c246e44L,0x000000000000005bL } },
-    /* 3 << 175 */
-    { { 0xbfc7e834db350c46L,0x3c5690ac4efc9f55L,0x2fa3c78e3dac8271L,
-        0x0a74acbe0c8572aeL,0x8923620856c68aacL,0x8fca20bdc305b75fL,
-        0xb42c64d995be9334L,0xa738887613fa1dedL,0x00000000000000cfL },
-      { 0x03c242e114b5ce0aL,0x89ee94768381d1adL,0xdd3c7dcb2d1ceb97L,
-        0x64f13ad71ee7368fL,0xa014619a5ca7fdc4L,0x5a62e9bd3cf1e7aaL,
-        0xb9e9288a45541059L,0x3008f4f6055be852L,0x0000000000000019L } },
-    /* 4 << 175 */
-    { { 0x5f8fd91ae19a881cL,0x355105b08cf8a2c3L,0x442b97782810e499L,
-        0x930d835ada7972c5L,0xd2266522555ef4d8L,0x943d9adb64e05b06L,
-        0x480bd27f42fc02faL,0x9265b289699e5b7eL,0x000000000000008dL },
-      { 0xb60df9c855c7cd14L,0x62131e73270e2672L,0xe6983794672942b7L,
-        0xbf8c55d1817db72eL,0xc3785f3608a5963dL,0x4a6646098f39218cL,
-        0x95c868541b5b49ccL,0x045a0243178df85cL,0x0000000000000019L } },
-    /* 5 << 175 */
-    { { 0x52a05628990339a3L,0x5ef0637a72ee1accL,0x88b9dfca0eb46118L,
-        0xc529dec836cbba9dL,0x0a9a77cd549d674aL,0xba2d3b7b6e878eebL,
-        0x3585c2a2ed48127fL,0x79c54417a4fc7430L,0x0000000000000130L },
-      { 0x70f7b87e0affc41dL,0xf0e0487fd5b72949L,0xd9b820bb6ad325efL,
-        0xd3d96caf9a05b4d4L,0xb4785d8a951e1dbaL,0xcb985c219eb25fc3L,
-        0xb11c96769313e51fL,0xd6e66bc87fc01e6fL,0x0000000000000100L } },
-    /* 6 << 175 */
-    { { 0xccc1bb64b666ff60L,0xe786f358ba04b5c3L,0xbcd5e56d384c0ad4L,
-        0x5d22436fd0372bbdL,0xfeea9ed9a061a543L,0x6f81f168fa3d34beL,
-        0xf52059d24ba47193L,0x5ff055894ada65adL,0x000000000000006fL },
-      { 0x346aded56d4cabf2L,0x65e4b11f4f1a8ee1L,0x1521718b07eba73aL,
-        0x8a2f32bad16d7d56L,0x01d49595d3acbb17L,0x67625faad3f62095L,
-        0x7c3cbecf613b6059L,0x3908f6506118c496L,0x000000000000016bL } },
-    /* 7 << 175 */
-    { { 0x98a6459bb3ccbfebL,0xf71c7a35cafe23f3L,0x7bb7dc9d87162f32L,
-        0x547b6132e519e8a5L,0x3663ff8b259f407bL,0x5bf1ec1a75b127d3L,
-        0x00cb4c43429402e3L,0x129914ec09801ce9L,0x000000000000017eL },
-      { 0x4ce81e8a0e74a262L,0xd40155c7834f3480L,0x17b56afeb5575007L,
-        0xd977fa3a692ceb5cL,0x6efadcc239b47d03L,0xdcbe2b844d776ac4L,
-        0xfdc2c5f16ba4ae9dL,0xada2148824840515L,0x00000000000000f1L } },
-    /* 8 << 175 */
-    { { 0x06494428cab2443dL,0xc52ad2d86afd7840L,0x8ef6e0a6fce7b5f7L,
-        0x6151d2b3a82ae7e3L,0x08abb38a14e3b825L,0x9782e6f9366cada3L,
-        0x9f0127b25076c2ffL,0x2f29b7282d812ed5L,0x000000000000004fL },
-      { 0x7142e7e004e049f5L,0x9338a870d7f99e76L,0xf7e4837b72a90177L,
-        0xa7bff79911aacd17L,0x5442d6f2d1d10b06L,0x986e7bc45ecc3f54L,
-        0x02cf381831286fe1L,0x5cdc56d1cd383eacL,0x000000000000002dL } },
-    /* 9 << 175 */
-    { { 0x3383252d2cc34f63L,0xffaab47215c2cf2eL,0x04fb57cdf89242edL,
-        0x6b87076af9b1e42fL,0x9ee7a62c24682e88L,0x23d9fb1a99ffae3bL,
-        0x24a055cdce125019L,0x33ba5705ebdee308L,0x000000000000019dL },
-      { 0x911f2dd9f00fb803L,0xbc3c90d88ccecdf6L,0xac2a5eead4d059dbL,
-        0xde8cfc4cc3dc4a6fL,0xf51a932dc565a8b6L,0xe0ac04382b13a372L,
-        0x6f9dc1bf079c4979L,0x386c19b4d0c32e09L,0x0000000000000068L } },
-    /* 10 << 175 */
-    { { 0x7303ec69c80291f9L,0x0f2c64390c9ff7f4L,0x96c08ea0f3ada285L,
-        0x3cb50f3ddeae887cL,0xaba571fafefe26dcL,0x4e4dba336c6f1071L,
-        0xf5796982f02bda38L,0xa59c60b140485de2L,0x00000000000000a1L },
-      { 0x28d7c281cab044f7L,0xa5eb04fe515d247aL,0x5b42d919ba014b10L,
-        0xb150b4fbde221cc1L,0xb5cb8c3a22a5a502L,0x62c0da97cc37e34aL,
-        0x4b9bfb1f9e827814L,0x96666256c97679acL,0x00000000000000e6L } },
-    /* 11 << 175 */
-    { { 0x0df173a23adf88d8L,0x519aec4c0cd5f80fL,0x83c410d4af5f84deL,
-        0x9cc04e5db1f7f73aL,0x1aec97b529db8865L,0x12748d28220ee9e1L,
-        0x9fb6df0a4d6669a8L,0x02305a83b3714010L,0x00000000000000f4L },
-      { 0xbd96e2ea2c8a86caL,0xc5436ccd0f9a14c0L,0xf428f7fcf0d34672L,
-        0x952b703956697a68L,0xdffdd1770bbf56c6L,0x8b4ea6932b65057fL,
-        0xdcef28d3630e47e4L,0xef879aca74cb48baL,0x00000000000000b6L } },
-    /* 12 << 175 */
-    { { 0x415fab9a8b894ac8L,0xb189914d64822449L,0x0abfdbf50f4b9444L,
-        0xa333e872eb96cf1fL,0x91d3473db8c5318aL,0xbb5740e624d09cb4L,
-        0xebe6ef7f5b5d73eaL,0xbe33338809f67393L,0x00000000000000fcL },
-      { 0x9970d38e1ffa22b4L,0x00d1fb74003e55f9L,0x0d1ef824820f7bfdL,
-        0x4352125173fc040dL,0x295f8a66e51b5870L,0xceacb67d3dbfe159L,
-        0x0ee77417a218d2feL,0x25a0e0a9f3b7d44aL,0x00000000000000f8L } },
-    /* 13 << 175 */
-    { { 0x3e2e135a15a102e1L,0xa4b33d115fb3faf6L,0x12da9549693b3a58L,
-        0x32c39adbee7132b1L,0x87da9a38fea6b800L,0xd32b22eb92074fa9L,
-        0x3f8d05570673a898L,0xfededb49a5044d27L,0x00000000000001fdL },
-      { 0x89658bcc94e1a724L,0x5ad21f6e48a02c0cL,0x4d17fd1d0c70669fL,
-        0xdef09b95709fc4a4L,0xbbf206eb610ed18eL,0x4f454d2e2282af7aL,
-        0x5c8334bb75660c93L,0x0037d62bd4064169L,0x000000000000006fL } },
-    /* 14 << 175 */
-    { { 0xc1f7698483ef0448L,0xc4d18389fb276974L,0xfef2c810e52836c2L,
-        0x3687104bc09e4020L,0xec3248ef0cc4bf06L,0x38daa51bc401078bL,
-        0x84bd9f6157bc72f2L,0x68b23e45003676ebL,0x000000000000009dL },
-      { 0x22526e98d78b9d6bL,0xc4ccdc71c4f28366L,0x7dd12d941c646b9dL,
-        0x0cc00136931bd51bL,0xfebf1e1e512ec8a6L,0x6bc281f6bdc888b1L,
-        0x0bc271f3f6ab354fL,0x27d1ee7630c4e559L,0x0000000000000038L } },
-    /* 15 << 175 */
-    { { 0x98275c41fd5ea81aL,0x74f37478b8ebd833L,0xb91006f1e7e3e071L,
-        0x6c900f222a0389e5L,0x7fecd4c8919e031fL,0x36625840d6596951L,
-        0x3f43ae32a685759dL,0xfb2b004d44199a43L,0x00000000000001faL },
-      { 0x92383e835e0731d2L,0x387ddec2cdb84d5bL,0xd4dbfa0ab10f9abbL,
-        0x50172a7a4e02cd21L,0x6b1b8c40d0a95f48L,0xc47d694d5c2cd4f6L,
-        0x4b0402695e712406L,0x4fb68605536a77c8L,0x0000000000000041L } },
-    /* 16 << 175 */
-    { { 0x12427d324acccf77L,0x3194664ffb77f869L,0x07e01cac61a58e24L,
-        0xc506637b91bf22b5L,0xce7d0251dd2d701aL,0xf9a662d4befc0d7fL,
-        0xa54117ba2c6c9454L,0x31864e416978e919L,0x000000000000007cL },
-      { 0xbbe419029d971044L,0x68742001f8f24116L,0x6d0065933e4a40ecL,
-        0x9fc1b8e282771429L,0x59b2f9342e7968caL,0x4817f90b470dd353L,
-        0x3d32e10f7e2c1429L,0x43e9474e00206509L,0x0000000000000076L } },
-    /* 17 << 175 */
-    { { 0x30a937cc52c7da7aL,0xe5ea72ba19c1f2b9L,0x6bc71d9c417aa5aaL,
-        0x10aab323644f9edbL,0xcb37ff967bfdcf69L,0xb0a66538b7e9b0cdL,
-        0x40d040ead2138d03L,0x8aec105b0bb5c9fdL,0x0000000000000074L },
-      { 0x19ed6f4d481e74caL,0xc36fb9f46f0a3b87L,0xb010d6af88bae63fL,
-        0xc7eb8196dc29e08bL,0x4a7e448713523497L,0x9c01c48c96c052d3L,
-        0x71342956f6210924L,0x8034186347f93f2aL,0x0000000000000099L } },
-    /* 18 << 175 */
-    { { 0x2ac928fa4ffa68bfL,0xafb482236b647009L,0xa7b54f134cfae9cdL,
-        0x8a271e4bbb3f772cL,0x78faaf7ebf953d68L,0xb5f12134519aa8e4L,
-        0xef343445359ae969L,0x86e25aad76816a06L,0x0000000000000110L },
-      { 0xa0b1814536a88707L,0xdd48d1f21f9a1284L,0x48670dad845e01beL,
-        0xc13d5aa9fc7fe6a9L,0x611969b964757542L,0xa4529c72689bb1c7L,
-        0xd7c3f96a06f31f72L,0x8b09a45a5418d15eL,0x0000000000000121L } },
-    /* 19 << 175 */
-    { { 0x0b8c943bc8c379e3L,0x00e426a148453fc4L,0x15fdfec387f6176dL,
-        0xd298cda5d2efc806L,0x8be18a1c7d81d810L,0x45580c064b172b23L,
-        0xac5fa9093b7607d4L,0xcac47041e73d7361L,0x000000000000001cL },
-      { 0xb2b2c5bc0eed9820L,0x2cc057538ff7e335L,0x35caa1845f2063a8L,
-        0x342669b5a43751d7L,0x222d457413260988L,0x2bd0633f296a6b04L,
-        0x3c803e22f5904b86L,0x1fd07d57a93673c9L,0x000000000000019aL } },
-    /* 20 << 175 */
-    { { 0x58170eb934fcd20dL,0x8205ac09c669b90bL,0x2dd08c383d1c1595L,
-        0xea1217ac91da182aL,0x3c9275359d2cff8aL,0xe8223f7a2a4a396aL,
-        0xd206d341db22c77fL,0x6e03fe3227864348L,0x0000000000000168L },
-      { 0x3a717c4665d9bb06L,0x234158eb1431d7afL,0x389290045a27a3b0L,
-        0xd745267181008744L,0x7961f9c3055610e7L,0xe260f8a1936a3625L,
-        0xc05dfba284b88f57L,0x930747e71f67fd22L,0x000000000000002fL } },
-    /* 21 << 175 */
-    { { 0xc7079fd7a4e9afe7L,0x43bbec79f95430a2L,0xafb58ef46bf066bcL,
-        0x074e17d918835bd8L,0x9fa64f88ec35838fL,0x627686e0a6a44e92L,
-        0xb2fa7adbf0040657L,0x064a31740debb6c9L,0x00000000000001a8L },
-      { 0x37d6f29579c093ddL,0xa72f5b6a3288b841L,0x46c586707cfe2a15L,
-        0x221b3107d1f7e80fL,0x0e332aa17826dad0L,0x38c9217328c7b27fL,
-        0x522ac38d4d0aec11L,0xdc271d8fcef88378L,0x00000000000000b2L } },
-    /* 22 << 175 */
-    { { 0x886c7f2258ef1600L,0xd581f2bc4eb5bba0L,0xd6c7b858e64666b2L,
-        0x114250884e813bb2L,0x428e86f000c98e08L,0x3ac9b40376eb5c59L,
-        0x904f313961bd2db8L,0xa3144a05c71cfa5dL,0x000000000000002aL },
-      { 0x002ee77cb69fa450L,0xa1f5050c87240a19L,0xd7df65abbe333836L,
-        0xb64362dcb8cd4a96L,0x058d9bc3d814096bL,0xad04c7e39687901cL,
-        0x67aef9e2f5527030L,0x20dae8096f375a8bL,0x00000000000001ddL } },
-    /* 23 << 175 */
-    { { 0x6cdcb4f4d7358b2aL,0x721a661239de828fL,0x90fe45b87849fa10L,
-        0xcbf025e4f5f3dd29L,0xafc867ddd5e38af7L,0x445f0caec89ee1fcL,
-        0xa1bb95133a94995aL,0x9e2677e8a7fc2cc0L,0x000000000000013bL },
-      { 0xfaac6a7e45067fe6L,0xf6e4b6c3db3c4c8aL,0x9505248205472bc2L,
-        0x99a92d49b96169dfL,0xe9f7dcdc77a9943fL,0x5962e40811c6f013L,
-        0x9f2209abb25ab9f6L,0x9a3c6ccf1c4e31c0L,0x00000000000000abL } },
-    /* 24 << 175 */
-    { { 0x2124d45c3f9900d0L,0x2452fe1db6a32111L,0xf12b476586f1f700L,
-        0xc04e44ec977316f6L,0x582ca8509705fd58L,0x51ef29493167cf6aL,
-        0xca75486404f204c8L,0x61dec7f3a46fd945L,0x00000000000000b9L },
-      { 0x78114ed6af6e04d1L,0xe1ec56f601a4b6d2L,0xc26f5416ba41c631L,
-        0x76b8204b7d9b9f82L,0x665fe0fec0565f61L,0x7ccd8aa573c27925L,
-        0xcd6756d82f58e901L,0x6e932418e8f75a4fL,0x0000000000000019L } },
-    /* 25 << 175 */
-    { { 0xf40476e4bcea293fL,0x7b36fc1824605173L,0xddc9d807136fecebL,
-        0x07e3f62b80bde5c8L,0xff1a3e28f192162cL,0x6e38386668f587e8L,
-        0x7f14a26b473ca679L,0x8370dc18bbb2a08bL,0x00000000000001abL },
-      { 0xc10876849fae944bL,0x8b7105dd319085b9L,0xa81fceb47e689653L,
-        0x9a69e78c74054550L,0xc13a53b0d742d36cL,0x57e2bd060cfde494L,
-        0x2d7eb0afe06377e1L,0x21f439a8df91f422L,0x000000000000001eL } },
-    /* 26 << 175 */
-    { { 0x11113aff28dbbef1L,0xac6ac5329515632dL,0x1e88244e42a245a7L,
-        0x30f28f4a9b0e20e2L,0x8bc178722b15e0ecL,0xc15e2549ba5a885aL,
-        0xb42f06201685ce7cL,0xd80f13b9df452e98L,0x000000000000008bL },
-      { 0x39df7724f9a80bbaL,0xc734b0bb28dcf06dL,0x6e09c92bb43a5cd4L,
-        0x175127da8c0ee83eL,0x50bde213f88485b4L,0xd9f6c90124a0ef83L,
-        0x66ce46bfc205d20eL,0xd6f1c04fde4968adL,0x00000000000001a2L } },
-    /* 27 << 175 */
-    { { 0x0b0c0c46b26e8efdL,0x9afae2cbef3aeaf3L,0xce90d21ea18d8d77L,
-        0xd951a21fb7ae720cL,0x33317bc9a460d39cL,0xe5be6b979a5930baL,
-        0x9ea57837ae7f0e7bL,0xeec5b7efc747589eL,0x000000000000007fL },
-      { 0x454e0e744ac962c6L,0x3b802e2b396bb8c0L,0xd3aa625a4cd0c242L,
-        0x44ea67800cf000fcL,0xce7a84112be0e87aL,0xa9448c66754f626bL,
-        0x62c789ed9e6d6832L,0x0f5bd24ad7463e7dL,0x0000000000000096L } },
-    /* 28 << 175 */
-    { { 0x920e0cf981414e26L,0xb45cf442498a580dL,0xd424e9e24cbbfa67L,
-        0xe64390071decf2e2L,0xc7fae004d9051a61L,0x9fd02f2898e66be9L,
-        0xcc4afb0b419b7e92L,0xfd421f03ef8af4b3L,0x0000000000000126L },
-      { 0x7b45c797e0e5eaccL,0x04a9b25f202041aeL,0x27888ac85849c309L,
-        0x9325ce353f58628dL,0x90e98c4a25ef6fdbL,0xf4ff673cfd3dfdf2L,
-        0xe56aad1a32ccfb2fL,0xa6c6d2caab9d6f10L,0x000000000000011bL } },
-    /* 29 << 175 */
-    { { 0x4a4d81339e5e7cc1L,0x80abf8ea31cb6f3cL,0x098274246ffe6f1cL,
-        0xa164acfc5b814af3L,0x5141097ba9b76b27L,0x1693d5fc6e26a0a5L,
-        0x70d5e6e75223f787L,0x417a7ddfd3686b7dL,0x0000000000000082L },
-      { 0x9315994a8004c24aL,0x1bb50e549423011aL,0x0c8b3470ead2f81cL,
-        0x9afa2a0e52c11f14L,0xc7094b863b019170L,0xc3405dacd8518bb6L,
-        0x3df2a5c805b718b3L,0xe0dbf810b65b9d21L,0x0000000000000038L } },
-    /* 30 << 175 */
-    { { 0x13f45d45ed942a64L,0xfcafee83705cbec8L,0xbc9a11d052186f58L,
-        0xb5ec924941ee3189L,0x71d770cbc95c6c4fL,0x7f348c27d610f241L,
-        0x9116747564ab476fL,0x30396f906d8350abL,0x00000000000000b6L },
-      { 0xb866ca72a9c8b74bL,0x26aeabdb3d3df97bL,0xd4ea56a365cae75aL,
-        0xc873fde088facf27L,0x4d4211cedb995516L,0xa01cf05289799b04L,
-        0x55d85824d0f0c2a4L,0x434682b0dd83ded2L,0x000000000000011dL } },
-    /* 31 << 175 */
-    { { 0x920437b6b0463ae7L,0xed6c97665155b076L,0x06ad4f3c0a2cdb79L,
-        0x98cb88f2485ffea3L,0xc8ba1b252988de4dL,0xce3a27f73529a997L,
-        0xb1440b30b2796951L,0xb810edd37887e411L,0x00000000000000c6L },
-      { 0x22d9308a6c094e06L,0x01d5e2e57cb1cafeL,0x2587378cc3de4bbcL,
-        0xf60e9c3d774d4435L,0x689cff22147428d4L,0xc3dc80c093139fcdL,
-        0xb3c4ba93c526a089L,0x623be8e82e6e4891L,0x00000000000001d3L } },
-    /* 32 << 175 */
-    { { 0xc03c182d851368eeL,0xbb94a33d57c919f2L,0x9cf0c767e333ace3L,
-        0x037c7d47d974de7fL,0xe96e02cf8b18fa5cL,0x6f1a3e9126cf35f7L,
-        0x47affdc033486c59L,0x2c370bfeec8c2a2bL,0x00000000000000e1L },
-      { 0xdce5de2c18a3f84bL,0xc4bb672e2ad42ca2L,0xb6581d7edd0731b2L,
-        0xb6ca46ca2809ac7eL,0xde8edba2189b0ff8L,0xa72ee3e81ff4631dL,
-        0xf44a8fc6f1004bcbL,0x103dd1b9c8878531L,0x00000000000001caL } },
-    /* 33 << 175 */
-    { { 0x4d01b08c332bfc6bL,0x8223c8936205e95dL,0x4d003a46cb91bfccL,
-        0x08316e3431e111dbL,0x30c85a86e0c13d49L,0xce3c5846b4fd3073L,
-        0xe4b316bc05c18409L,0xd7e8304cc72b6cb1L,0x00000000000001ddL },
-      { 0x9ceb7fccaa1fc1eaL,0xcefb89e96f61cf07L,0xb1728fd5a3daa487L,
-        0x2476192440ab1f39L,0x23d5fdba2e9e2328L,0x0ba18c70f81dd4c5L,
-        0x61333b1c10884f58L,0x57ef145f6496ae54L,0x000000000000014fL } },
-    /* 34 << 175 */
-    { { 0x5bf22305ea6d16ecL,0x1a13c5bb3ae82195L,0x622ea9454f1c43f7L,
-        0xdf1011f675063cf4L,0xbe98aca99eec62e8L,0x2face80fd88258b0L,
-        0x9e3dd0c4bd532a0aL,0x1c13334252ad512bL,0x00000000000000faL },
-      { 0xe7004937964433d2L,0xf15f8f25b5d0a434L,0x392242bbb1c07babL,
-        0xfd3c197437177cfcL,0x611a58203051cf50L,0x4a830e19f9c0b4ddL,
-        0x2675d3aa2d92d1b7L,0x7a2ae9dcb649859eL,0x00000000000001e3L } },
-    /* 35 << 175 */
-    { { 0xed601d01372f2e61L,0x989f14361e886ed5L,0xc924db9cee004808L,
-        0xbe07b40b7469977dL,0x2be5445a075e3ed3L,0x2dcb8edfb00fb21eL,
-        0xbc859cd63ee23c76L,0x484c8988125dd98bL,0x00000000000001dfL },
-      { 0xf6b5b6871f25661cL,0xc95ad2c580939d4cL,0xfa12444f920a40aaL,
-        0x7880e344a99e78a0L,0x6539ed2251356672L,0x41f6c73ba4910f50L,
-        0xb6372d7ea09afb69L,0x6e7a691b1e8c75a4L,0x00000000000001adL } },
-    /* 36 << 175 */
-    { { 0x659f832f1cc592e3L,0xd9c86a4591c3bf97L,0x1b1166b918c82b12L,
-        0x82ad18e294eb33ffL,0x0678927a15699561L,0x7cd0ef8016f7b8a5L,
-        0xfd885fe19451b7e7L,0xaf7de79539a9fc7eL,0x0000000000000052L },
-      { 0x6f2206e984cc8626L,0x71d11d08a976b5b7L,0x0ac59e61b66812ccL,
-        0x1b40ab0a9c675e35L,0x6562f93810775f6eL,0xc2da3006def4955bL,
-        0x89a9418346554627L,0x2972033edfe70a84L,0x00000000000000f2L } },
-    /* 37 << 175 */
-    { { 0x985f25c699200f88L,0x262dad2bfac98496L,0xc9274cc72ed4811bL,
-        0x413e0b2d02b34d7eL,0x57462287f3201f03L,0xefa6d0a869264714L,
-        0xc052453a9baffce0L,0xab1111b0929171a0L,0x00000000000000e0L },
-      { 0x1358d4d4112c22ffL,0x2fbbda6874617bcdL,0xbe2bac8e85a767f9L,
-        0x5a30778114862b96L,0x82c0ea86a58e1ec5L,0xe096587186208bacL,
-        0xda711c4c6dd71c57L,0x8babe7ae242273a3L,0x00000000000001e8L } },
-    /* 38 << 175 */
-    { { 0xfb985617a96468b6L,0xc71a196944df6e18L,0xb8f7a7d810c008aeL,
-        0xdfa67bd1372d99b5L,0x328e967977169ef4L,0x20e3b7e505134517L,
-        0xfa7cac595097dc00L,0x09631199122797d8L,0x0000000000000003L },
-      { 0x6ef792160862ee06L,0x71996694a81f02cfL,0x133519becbd2e915L,
-        0x193f486759e47728L,0x90195620a28aff0fL,0x5da4a9d642049561L,
-        0x60372d2126350d3bL,0xa7b159f3c9f56af2L,0x000000000000003eL } },
-    /* 39 << 175 */
-    { { 0xa58f7256ccd817f2L,0x0465664ef4fbcf70L,0xad43a3ec1608a6a2L,
-        0xad7caae01bfe0a90L,0x3f2599a0b3a447bbL,0x4ddd47b8f61936f6L,
-        0x61a3607779e2c9edL,0x6cbe8278c92cb5b7L,0x000000000000013aL },
-      { 0x3c882911139061b8L,0xd6d348d221d48350L,0x5979da6b4860b3fdL,
-        0xd051bc321869311eL,0xf3ba42446ad422fcL,0x3b84c1810d1d093bL,
-        0x2f29f5a6a96ab441L,0x8f9c5d395bf8399eL,0x00000000000000e0L } },
-    /* 40 << 175 */
-    { { 0xa3b9aaacdc1c3f86L,0x529872b63f893dadL,0xff3e74c2e604ac86L,
-        0x39652c96857a9dd4L,0x494455e9fa60a469L,0xa11b7cbf1320b873L,
-        0xeb26217c6ee60a53L,0xf732544484560f96L,0x0000000000000125L },
-      { 0xdd6e98a1c4996f4dL,0x5fc566d07e9e70c1L,0x59e3c611dd9ee515L,
-        0x4d60fb0795e436c0L,0x50e75e0cc096c8c2L,0xaa7d04addebafd21L,
-        0x2fd1b14c7ea109b7L,0xd72ee3392594d6f8L,0x00000000000000c0L } },
-    /* 41 << 175 */
-    { { 0xff378e0a242ee38eL,0x38d26881d4264551L,0xca783b631e1df843L,
-        0x019aeefff9c95555L,0x2fcd1e94eb753522L,0x16c244eec1225950L,
-        0xbc7a6a75685338b9L,0xae67fa3b6215cf68L,0x0000000000000012L },
-      { 0x53b4e8f437defd78L,0x2263cc33e9d41961L,0x62814a2a2119dc07L,
-        0x50dd22ec96b76d54L,0xbf0b2b8727c615d8L,0x66c9c5f1730ae555L,
-        0xc04c86a937cd7d89L,0x451915bed4ed94d0L,0x00000000000001f5L } },
-    /* 42 << 175 */
-    { { 0xb3e69f756c45239eL,0xa015685259815529L,0x37951fa13984661aL,
-        0x8f7699e888e8fd3dL,0xae10f84b6ebf1690L,0x7f2baff5ec3175edL,
-        0x2d6f42f53266e09eL,0x94482ac1273e04a6L,0x000000000000015aL },
-      { 0xa3ed1424e85317c4L,0x7d9afa32db2a9492L,0x660fc8e609558105L,
-        0x611bbeb9a8be7a44L,0x8d66417600638075L,0x4685c94a4d7a0954L,
-        0xb23ae4dd1ec88785L,0x766a2eddccb991f4L,0x000000000000016bL } },
-    /* 43 << 175 */
-    { { 0x1c24478a341f455fL,0x8132a6b905502538L,0x5c23c4d9528d2865L,
-        0x6fd3bc4e93b35d0fL,0x88838b49f6f4768fL,0x60c0a07f18a8ded4L,
-        0x4fb44a8e0d71dcc0L,0x4b41b64efbd17fc0L,0x0000000000000198L },
-      { 0xdb828f7a2f01d067L,0xad69f37320b0b060L,0x650cdaf51f7c4be0L,
-        0x00b810e8ef9f47e6L,0x924e5a636e908d72L,0x4836dd4ef82efeeaL,
-        0x91855928e8ee36b6L,0x747f47d578e6199aL,0x000000000000001dL } },
-    /* 44 << 175 */
-    { { 0x7844a30e11f5f4d4L,0xbd36ad4cc9663248L,0xaf697c63af7b4892L,
-        0xe1f94853bb03fb6cL,0xd5da7f43e368631aL,0x970c4f6c783be7a9L,
-        0x2321bd2643f90845L,0x5030a262966a8c34L,0x00000000000000e6L },
-      { 0xf12d877ff7a82150L,0xbcdd93fea5ce6cbbL,0xe6c917b93c59668fL,
-        0x4184cf3046222b1dL,0x24b27ee14b67d28fL,0xba7e6f7345e0b96bL,
-        0x64dd699bf935b686L,0xaf0be69e62eb62c4L,0x00000000000001cbL } },
-    /* 45 << 175 */
-    { { 0x74ae258fe63f6b8fL,0x2f58e84b09144f8aL,0x858165d0064af3f4L,
-        0x77ecf07c5a2081f6L,0xd9e9be22e211fb05L,0x3758f5b14971cc28L,
-        0x68ca7d8af535a5d2L,0x2addd4138398e52dL,0x0000000000000046L },
-      { 0x442dfac0dc04d140L,0x6abc234ebae00092L,0x63209027118de0d8L,
-        0xb2510bc14b1bb070L,0x6bda803e3b104f51L,0x1821f785bcf2d58fL,
-        0x506f07e25785c8deL,0x9d78c916b2e16847L,0x0000000000000028L } },
-    /* 46 << 175 */
-    { { 0xd3bb0945ec04d3d9L,0x3a706fed4eca5fecL,0x9b228ea2c93eefcdL,
-        0xd412dfcf0a627f68L,0x906c39a812f470a0L,0xa115f5899c93c4ecL,
-        0x5f22b7175e649e76L,0x83ba978a159e8642L,0x000000000000014bL },
-      { 0xde363c41c76cdb50L,0x909b66c948f7ba77L,0x30d1e4ba7d0d3b17L,
-        0x39336ef38b390c4eL,0x8cb65cef53420b4aL,0x5c811baa11b8a142L,
-        0xa4be4bebf8eef3ffL,0x4a11fd509bc39344L,0x0000000000000097L } },
-    /* 47 << 175 */
-    { { 0x8474dd63efa97351L,0xa12cf18a58d6b638L,0x3bd605e35d890e6cL,
-        0x21cf4525a2127369L,0x7db4aa6a5466e713L,0x3f034b4fcda4954dL,
-        0xce44ccb88ede8849L,0x6e5ff0eb6fe75314L,0x0000000000000191L },
-      { 0xa700e7fe9dd62d65L,0xa2be6afacff305a6L,0xfc61f045f675a7e6L,
-        0x69be21693f984612L,0xb5e140abaabd7748L,0xcdac92d519c004cfL,
-        0xe28bf3bbd7164a07L,0x1ae1ffdfbe784423L,0x000000000000002eL } },
-    /* 48 << 175 */
-    { { 0xf57c47836c0f67a6L,0xa5704e7dd3a38f5aL,0x24fce48d4f9422eaL,
-        0x0dabc5a4d9982f3dL,0x6bf4f9eb3f09226fL,0x944ed407a196f481L,
-        0x949495bd7d88490cL,0xbae973645634cf1dL,0x00000000000001e9L },
-      { 0x5bebd8ee1e5dca35L,0xbac77371b329d451L,0x124ff920b7a9d67aL,
-        0xf7e8e1f69616c1beL,0xa518deb38dbc7e17L,0x13ffa792d52e3e76L,
-        0x6dc6ef5d93109227L,0x5ba160b49ce19c4eL,0x00000000000000ccL } },
-    /* 49 << 175 */
-    { { 0x1dfa85794d2a0cf8L,0x48618e4b2bfba0c2L,0xf266f3b7177f1fc5L,
-        0x0f12b884cf1720e2L,0x0ae8e5a8ddd5c9f0L,0x33a683cfca4456c4L,
-        0x68b15ae27b153cf3L,0x78c717e3f483a724L,0x0000000000000135L },
-      { 0x3416113cd38af77aL,0xd5063d39fa9c36dbL,0x97daad1fc1a854fdL,
-        0xf7b1efa6f2599bffL,0xaa3314678e129857L,0xb920da73a4b7c9f2L,
-        0x6aa551a06d96f499L,0x2b7f6f1fdbcc5e09L,0x00000000000001d9L } },
-    /* 50 << 175 */
-    { { 0xd823b9961d977aa9L,0x88decc8f402a5bddL,0xc7b191d8368c7e5cL,
-        0x556e9ec0f5ed5110L,0x4a81febdffecce67L,0x75919f76814bb429L,
-        0x04d08334849762c4L,0x9a037df8ab24edb7L,0x000000000000004bL },
-      { 0x9cab359f9592c8e9L,0xcf5dd731f35f9450L,0x49ff6c9083f04d04L,
-        0xce238fe14f50c7adL,0x6a971ec477442addL,0x7aaff382eb6dada3L,
-        0x14b43e873b7f4447L,0xc9e21cc7c67838aaL,0x0000000000000032L } },
-    /* 51 << 175 */
-    { { 0x3c5764d9e652d9e9L,0xf6d664d15c58afd5L,0x6f72c39c5263ea19L,
-        0xb7c2a994e740eb02L,0x24868934ecf6cd38L,0xeb5aaa0ab07e9b54L,
-        0x76893a641cf1a8dbL,0x13b31739fb9f2e6aL,0x000000000000012dL },
-      { 0x185abf0f52104f6aL,0xa352e81acf2e3361L,0xf3d248cdd9a21f71L,
-        0xdae16ec865f3686cL,0x42ce080c6bd346e8L,0xd0354599fab70983L,
-        0x9259e6c9a24aa4fcL,0x816c3c813b4fe5d3L,0x000000000000007eL } },
-    /* 52 << 175 */
-    { { 0x4df0de9441fb96a0L,0x4412561574225d62L,0x02c82702def80205L,
-        0x7611d83d8585c7f3L,0x4b30c7c70a4a0380L,0x5f2089fb0d1c3a3aL,
-        0xce0fd7a169b754f7L,0xcbcf956d7b840647L,0x00000000000001eeL },
-      { 0x9254d02e9152b2f6L,0x0004290f5a55c8eeL,0x1e65776a06eeb968L,
-        0x1aa40ca875898404L,0xe5f6d7e1082b1b3dL,0xe8a4447d432c62aaL,
-        0x5c988bde7f251463L,0xf1a617221e477a2bL,0x0000000000000082L } },
-    /* 53 << 175 */
-    { { 0x6e94a400a12e0ed3L,0x7ec7f137693f0b2bL,0x3369312a64dcb97dL,
-        0xb6ae9d92bb174be6L,0x4343763fb49f4545L,0x2781f0c93988b19dL,
-        0xae34e2bfa54bfd46L,0x19a6243e347e1992L,0x0000000000000135L },
-      { 0xab693a17f339cc98L,0xcda5aa8a306031fdL,0xcdbd42722daafd10L,
-        0x8fafb43f6dd6c153L,0x1eb19e412ba28ddaL,0x34a0298c447fde55L,
-        0x7872662a05fc38b9L,0xa174d1070222688cL,0x0000000000000032L } },
-    /* 54 << 175 */
-    { { 0xbe5631d2d56dc535L,0xde5e0ef7f0485a91L,0x848a5d3836185a80L,
-        0x61dbcdebc44e4ba7L,0xb9a36cbf13524447L,0xb10894ae6417cda2L,
-        0xfdf2be12c4321744L,0x604734309cfcb161L,0x0000000000000031L },
-      { 0x13f91ab30bb077cbL,0x27f4d378846d00deL,0x3a75d114c18b6495L,
-        0xb33cd9d3cff1421eL,0xf72e1ba92e077183L,0xe6d74ff2fb4bc174L,
-        0xcd5a5f06d2ed2ef7L,0xeaa9a4d132ead477L,0x00000000000000adL } },
-    /* 55 << 175 */
-    { { 0x208c52b387c78c83L,0x8a814dcb41c862e8L,0x278976d32ca53494L,
-        0x488caf4bcd7bf0ceL,0x2a07f905074b5f09L,0xb53383af0fccf4cbL,
-        0xcff62835deefe7b2L,0xbb0afbcbc2febcf9L,0x00000000000000c0L },
-      { 0xea3673b6d107b949L,0x9253804482d5a087L,0x52da8af43c18e3beL,
-        0xcf635990b6fe0565L,0x7be60be52dd319a4L,0x246d7e44be349ee4L,
-        0x395a48efc0cb8352L,0x3013388d08100678L,0x000000000000000cL } },
-    /* 56 << 175 */
-    { { 0xf43f57f1644be376L,0x5ead8d33cf66858eL,0x40d9ab0358ad4128L,
-        0xaa6ad5b5707e7c69L,0x52d2bee602b4e5f0L,0xb39b48968b1a1287L,
-        0xa9f1e0ecebc32b16L,0x7ff75a69f442c70aL,0x0000000000000039L },
-      { 0x118149e893cee35fL,0xdc281d8fcbb28a72L,0x33055e64e8a60d55L,
-        0x8c247f5a89367610L,0x246297062f93e57cL,0xff8dc0ef68104540L,
-        0xea50e01fccda4787L,0x18ae4a7472e80504L,0x000000000000015dL } },
-    /* 57 << 175 */
-    { { 0x974295ab6f7aa51eL,0x5f1f806d43926d80L,0x803b6f7cdc56e092L,
-        0x02a052652cbe5bf6L,0xcec50eba11dcac2bL,0xebc5da4767993ba7L,
-        0xeb38f44945afb69aL,0xf84fc77f0e5d3809L,0x0000000000000103L },
-      { 0x31bbb0ec544fb496L,0x3d31c7f9675994d0L,0x8c77b0c4c5116ee0L,
-        0x8f212d31360d5cbaL,0x133fa56c95775eb7L,0xea09f1bbeb5fa46aL,
-        0x50d1ec5096379da9L,0xe07b4ad7d54e7be9L,0x00000000000000bbL } },
-    /* 58 << 175 */
-    { { 0x6e83884fcc138ec4L,0x776f59d1af876d2aL,0xe884ba6e1138ec1cL,
-        0x1f5ac35fb7ee8a3bL,0x411a904dc6f0ca3dL,0xa0e25f75698458f4L,
-        0x8ab4b3f1270abf22L,0xc45f0668afd72a81L,0x00000000000000ccL },
-      { 0xe93b101ab1428555L,0x49c43cefe1110034L,0x5d33dd3532cec22dL,
-        0x6c96474469e47c69L,0x2a3af875eee1b050L,0x9ef7e37c53339d75L,
-        0xf7b4e7cc69f70379L,0xe52c507c005d6188L,0x000000000000016aL } },
-    /* 59 << 175 */
-    { { 0x900a407c16ea7e9dL,0x7472498ebf1e2d4fL,0xc41b8e8f47d6ffd6L,
-        0xd93cdcdb567590d9L,0x2361492cab650660L,0x0ada3e50975a5b7aL,
-        0x4342909767613b71L,0xa8d9a32cd90f479fL,0x00000000000001ceL },
-      { 0x67c544a1722a95d2L,0x68312626d409ec5aL,0xed244c5c2738cbb0L,
-        0x491e21fa8fbbe571L,0xbc6431fdbe4b131dL,0x8b84091b8eb05fb2L,
-        0x7d82a00220103d94L,0x016cc8bc6ef8af3cL,0x00000000000001cfL } },
-    /* 60 << 175 */
-    { { 0x5e2b4a26cd5ccc7aL,0x44e349def1b8db05L,0x034d54b8efeedfb9L,
-        0xaf410c3eb0de1cf0L,0x0e6cbe44ed9148e5L,0x752ad823e9cc2a8cL,
-        0x3917cc72e9af3244L,0x8639e4a393e23c63L,0x0000000000000111L },
-      { 0x4c0d05a46faf150dL,0x2d93d0d2d8d42497L,0x70669c4383f3c667L,
-        0xea34f74cf766b202L,0xcfd2dfc1a8cccad3L,0xbe520b4002cb38f7L,
-        0xeeeebc97677939b8L,0xc7a734e82e86cf07L,0x00000000000000d8L } },
-    /* 61 << 175 */
-    { { 0xf72c72940d75ed6fL,0x3135f686ccf5cc3bL,0xe971c1f6cb3219edL,
-        0x01aeed44d7c35486L,0xb9fe395d13a4d803L,0xad124ee40f47fdc0L,
-        0x113d1117ee46329cL,0xe252a70e8ffb9c24L,0x0000000000000072L },
-      { 0x88f443817efec9e2L,0x2444c821133a819bL,0x558382008114f80eL,
-        0xc3a4e191088f5c42L,0x222c3389f8775660L,0xee7e2c8b0329f914L,
-        0x3a4fad9f45c18e0cL,0x3ace9e4b3309eca3L,0x00000000000001daL } },
-    /* 62 << 175 */
-    { { 0xd343830f2ab0160aL,0x731c5a9bd81bd1a9L,0x4443103457b8df66L,
-        0x2af1ef67433ef550L,0x9e84336c278ea0d9L,0x53f2c6addb1c8881L,
-        0xbdcdeadf12be675fL,0xfca45c98ffb39ecbL,0x0000000000000109L },
-      { 0xd7e752f42cd3a337L,0x245572edf0c5ccafL,0xad130568627281c2L,
-        0xf1948b1494920647L,0xc35f002381b60cceL,0xc99bf95e4d6d439fL,
-        0x827a29de2c19ed5bL,0xbefcd94f65737517L,0x0000000000000157L } },
-    /* 63 << 175 */
-    { { 0xf54cd73b46227f96L,0xb6beaa8d1a062ddcL,0x1d6ea57dca017154L,
-        0x47292049f2c3f854L,0xe0b35769eb41db25L,0x58573070cdef8384L,
-        0x8cd35c89d8eb4e66L,0x883e914d4fdc8982L,0x0000000000000056L },
-      { 0x0e47c705af242c24L,0x864a4cc18e09b24fL,0x32ee11e88747f144L,
-        0x72d496348f666496L,0x74a0a314bbf0720bL,0xabe29f1db6ba8cc1L,
-        0xae92d4e7c20e7e84L,0xc2e5dd9336f6c9f1L,0x000000000000005aL } },
-    /* 64 << 175 */
-    { { 0xcb35df1c0a0eb364L,0x6d0479606efaa084L,0x2ae2d2833735ce56L,
-        0xe0b9d7e8df82fdffL,0xff7a316c39cf5ab2L,0x23254f4e26b6c05fL,
-        0x4751cb2de5c125fdL,0xfa059629894e9a61L,0x0000000000000148L },
-      { 0xe64ca47b49112eccL,0xf4f9f08cf5fd0dd6L,0xad1c8c7274bdc4b6L,
-        0x34660962bba001e4L,0x346d7a407e2ad36fL,0x68c8b34bd27181b2L,
-        0x8aeb7ea43b424e34L,0x257ab659d4498d11L,0x00000000000001f2L } },
-    /* 0 << 182 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 182 */
-    { { 0xad57280abb5be7e6L,0xf102ff10066e97a7L,0x5308cb8e61c86340L,
-        0x11b53155d02e15c2L,0x50ed7916ef223374L,0x8c48f8371ee821e2L,
-        0x0b3010cf7931b97cL,0xb84cd0142062ec30L,0x0000000000000007L },
-      { 0x05a7a5a024b6e1ebL,0xf8364d18b5a7402dL,0x2b9ec6c5f9eb3538L,
-        0xf363dac905915b41L,0x2a567784a7909cb6L,0x5b386ead22fa3badL,
-        0x646554b91e873fbfL,0x99f6ad72b88ca34cL,0x0000000000000077L } },
-    /* 2 << 182 */
-    { { 0x8f37e861fc3d5a8eL,0xd09d8e74901ce1a2L,0x212e32a992f81574L,
-        0x38ac8ba60d96a933L,0x3d990b98b84c99d4L,0xb97f4e73df58647bL,
-        0x95ae93cc7641888cL,0xd7bdb083a0969dd3L,0x0000000000000182L },
-      { 0x6531530c17830426L,0x9db488f48a57b683L,0x9452ca0f0d87eca3L,
-        0x19b198f08b4be2a7L,0x17939ab22775f0fcL,0x7f662a0625bc5c0cL,
-        0xdf04cbef428884f3L,0xa4d202209f9ff142L,0x0000000000000090L } },
-    /* 3 << 182 */
-    { { 0xd36d95e98d20af1dL,0x042b6b721475a01dL,0x90de7dc34e5322d2L,
-        0xd7201c9c8085753bL,0xb2467afb2a41a80eL,0xde0b994dfcbef3eaL,
-        0xab46bec5219735a2L,0x5c6efc5a9f068a58L,0x0000000000000167L },
-      { 0xad80498ffbe3e605L,0x0e49b878b58b1af1L,0x5a90b3d5f7467e30L,
-        0xb6feeb53d872561eL,0xd33ca82162456735L,0x6262f717cdf5cb42L,
-        0xb7fe12752d9b039fL,0x3d76868940af9134L,0x00000000000001efL } },
-    /* 4 << 182 */
-    { { 0x4585d3aa31ff6e80L,0x8521ac35c19ae65bL,0x983e0c6af9f78334L,
-        0xc4131279435db0f0L,0x0f2d350b51bdb67fL,0x1fea5391d65d265fL,
-        0x7f0b55f7798e80aaL,0xf322493ad549eaa9L,0x00000000000000ceL },
-      { 0xdf7b80aafe9e5dabL,0x5585f93a1861e785L,0xb70fa9abbbb5764cL,
-        0x23ce8aed3a39ef40L,0xa719329a14920ff9L,0xa74511124a00e5b9L,
-        0x48b0001bff5c3588L,0x8dcb5fe10e0551ceL,0x00000000000000f1L } },
-    /* 5 << 182 */
-    { { 0xa31575ca4b4c5966L,0xae86a8c831b5d540L,0xd19ce0a2386fc523L,
-        0xce86998b4540a480L,0x7a4897ab0f0eeee5L,0x0dea1fa0042b6dc6L,
-        0xd1c403044ff99780L,0x3d882bc861fb0837L,0x0000000000000023L },
-      { 0xef942ae4bd2b6cedL,0x7a91fbca038d1540L,0x644571d23631a109L,
-        0x865061c09289c9a1L,0x9f9d809df67c8866L,0xa73777bb75b91533L,
-        0xd4128ce73ee99cd6L,0x2c83701571d8a67cL,0x0000000000000043L } },
-    /* 6 << 182 */
-    { { 0x1e318c6a5ab019e7L,0x83c490b03660eaccL,0xe464c85856e4b9edL,
-        0x6724aedbecf9b627L,0x83f9312e6a28f322L,0xe1f8314f3e3758e7L,
-        0x8ac29afc1c0639f4L,0xa0390923591fb450L,0x0000000000000132L },
-      { 0x0188fc767dab76e1L,0xcff3c75f570fa4c0L,0xd1a1db3a4be7e55eL,
-        0x6f97be3c575e816aL,0x5ea0e3240a9acea0L,0x05699068a9be2cc7L,
-        0xbe8c58299391ceb6L,0xcb55ac5d672c1fcbL,0x000000000000013cL } },
-    /* 7 << 182 */
-    { { 0x82320b25e4eec241L,0xa93543d00c54433fL,0x5ff474b1024c6917L,
-        0x70337516d2e8c7c0L,0x5d97d6b2eff507c2L,0x415cc09eb642c29dL,
-        0x6234cb715a3b675fL,0xf4721ec9bf150b2eL,0x00000000000001bfL },
-      { 0x5e4120da2a377b63L,0x518a3bf81a851ddcL,0xe2dd2b95dcc9ee26L,
-        0xc2b153998fd7b647L,0x1b4b43df7eb436e8L,0x7c354da61ca50fa6L,
-        0x2997e27dd1f1b4ceL,0x89b755a4f0e78f01L,0x0000000000000097L } },
-    /* 8 << 182 */
-    { { 0xdaa72ebc797ee80dL,0x5ee6de5e13bde073L,0x8f21fd78a69b5019L,
-        0x5a8fce8c89191df9L,0xce39466d725f4f61L,0xe1015721d258c98eL,
-        0x22a2f6a5bfb1acc6L,0x5dfef1da97265eaeL,0x0000000000000164L },
-      { 0x4697804882470cadL,0x5a62de6c92e3daeeL,0x95cbc0199163a136L,
-        0xd1f51a60f0ad7fbeL,0xd300b7c6f2380828L,0x3fce67f4b1246df8L,
-        0x6aec1313466ec418L,0x95ffd2856063ce6fL,0x0000000000000080L } },
-    /* 9 << 182 */
-    { { 0x082a54184ceb12b4L,0x20d67a8ce6889f68L,0x5beee4dcf78c7ee3L,
-        0xe234bc07a7c70d07L,0x57957765845cd20bL,0x9f16fc18ce9f8562L,
-        0x7793805865d54d1fL,0x244d5d5c0a33ac80L,0x000000000000000dL },
-      { 0xa7642eceb3d0302cL,0x7553b599438b82ceL,0x35db7e6e3bca2614L,
-        0x0f549f7414c632c4L,0xe9d8a3122cf8bdaeL,0xa27062b3281d7c68L,
-        0x1023e6791155cd46L,0xa2d781fb734a6f3fL,0x0000000000000017L } },
-    /* 10 << 182 */
-    { { 0x46cd5849f6ef2fdaL,0x5b3fa640b1d02cdaL,0x0fb696664e1222b9L,
-        0xf7c6c4a888c8de4cL,0x742c5f24ef16cc79L,0xa4866982c0032997L,
-        0x076035dbbf0a2982L,0xffa69b49779ef790L,0x0000000000000068L },
-      { 0x74a20b1174e76a5dL,0xb9bf4b3f35722dd9L,0xad2de2d42bf57ad6L,
-        0x413223308bb9d811L,0x6e7574a05ee8d6c2L,0x16253e6b439a3683L,
-        0x8ba8f866d611da87L,0x11f5f946c9e2df24L,0x000000000000006aL } },
-    /* 11 << 182 */
-    { { 0x1fa5a29708431e9cL,0xa400cf7ae43aea69L,0xc197afcabd8182b9L,
-        0xd8a48cb691ed64e2L,0x45b3b155fcd39e10L,0x4951cc79cbe71480L,
-        0x939e1a833101aae8L,0x4c354aa4c1bc4f13L,0x0000000000000042L },
-      { 0xc21a1cab3571c9c2L,0xe85b99fb54b5d704L,0x0b26a9e0e740e33cL,
-        0xcc33a25ef6780727L,0xaa203d30c2871675L,0xfee96fc8735015f8L,
-        0xea5f0118fb6c489eL,0x1ee87d166e566a79L,0x0000000000000012L } },
-    /* 12 << 182 */
-    { { 0xd3107dc42eb6d453L,0x3897a60ba3f6b312L,0x5d8ae4b9a26ebd5eL,
-        0xf83e1efa445f3ea9L,0xcdf3f2d6e9c5ae62L,0x43624a7ffe4a7f11L,
-        0x9169460f6634235dL,0x642b8b112f75464eL,0x0000000000000186L },
-      { 0x7924b1cdc84496a4L,0x0a5eb42c5f8f5f30L,0x14068d49492cd04aL,
-        0xe0824856f2a5f227L,0x6e146cdead328ed4L,0xc63a68c19118fabdL,
-        0xa295b4127e56624bL,0xc1d31ed187055125L,0x000000000000001eL } },
-    /* 13 << 182 */
-    { { 0xeb7242709aeaf343L,0x51e4dda7521d1303L,0xb0867bcf4b6d79ecL,
-        0x9f3769280dc1e1c1L,0xc807e9397ce09227L,0xd46d4ccf18f02ee5L,
-        0x4f50c46e7cbe5fbfL,0xee0d19eb8464a6c6L,0x000000000000008fL },
-      { 0xf9eabcaf838eb681L,0x3a04860e43b0649aL,0x3ffc96f3f6f4a93eL,
-        0x0e1cefca2689da24L,0xa5c0b7cc6aaca275L,0xa5bbc5ab87f572dcL,
-        0x4c577d4f315e7e93L,0xcdd104b0be10ef14L,0x0000000000000065L } },
-    /* 14 << 182 */
-    { { 0xa267789abceb62c0L,0xc3536fa5dd342598L,0xa0a158edc66bb97dL,
-        0x2282d372413001f7L,0xcc6365d7bb80b2b0L,0xcfcbab5a75e3e8e9L,
-        0x0b0c89a9d832c899L,0x4c5f3c139109e60aL,0x000000000000013eL },
-      { 0xe9437990177cdf1aL,0x0ce91379f9a4d1bdL,0xb3a1a40968b5bdb7L,
-        0xf9a22cc775573480L,0xd05f00d5bdd43f32L,0xc65e107c24cd9011L,
-        0xd3c7f981782fd8d9L,0x4b998ad9771b4074L,0x0000000000000153L } },
-    /* 15 << 182 */
-    { { 0x3829eee292c5afbeL,0xd6ceab835f385af5L,0x80feac24ad9740b3L,
-        0x2795a4aa1425ac94L,0xf8a2e2fea345fd1bL,0x83e9ee2e41cf9386L,
-        0xf384b56b675a9faeL,0x8dd8fd07ad024c34L,0x00000000000000b8L },
-      { 0xe5e8b6b647baac01L,0x0cf5cdaeebb4627bL,0xa0c05d92d9ece132L,
-        0xb778b8723138e22fL,0xf15d930b482fb046L,0x4420d1953ef00d49L,
-        0x07c2bce32acdfd2cL,0x5f0932a7df5d86deL,0x000000000000008cL } },
-    /* 16 << 182 */
-    { { 0x241872e36910d714L,0xdfcd9db5cf96f106L,0xd32e27facb3a51e7L,
-        0xa55ecaeac4a051c2L,0xfc54759af8944204L,0x569d9efdf938b503L,
-        0x8882ab15c54bf05fL,0x9a8869ed0cab8124L,0x0000000000000007L },
-      { 0x1f5995bf361ce52aL,0xda53a556b51ee176L,0x735bfcd6cb664a03L,
-        0x4d8e405d38486de8L,0xeeca6379a807c481L,0x9a24ac8a4d456d2eL,
-        0x159b9f4c3b85ab21L,0x77524d58f256c82eL,0x0000000000000125L } },
-    /* 17 << 182 */
-    { { 0xabe54ca59d266057L,0x10173cf8ad5590e8L,0xd52929fdc2710408L,
-        0x75164c9941c9bbd6L,0xe2042c2e09ec8272L,0x244a305e411aa6ebL,
-        0x004b6a2930ab6539L,0x58d67a63bb2284dbL,0x0000000000000190L },
-      { 0xd830c66efcd95a1cL,0x0e023ec73b20bcd5L,0xc136f25c50b4c7a8L,
-        0x2e36e65af69c7a3aL,0xfca3db62e46a0699L,0x2615d7fe828e0fdbL,
-        0x4bcd0acac894a9f6L,0x1f6a011bc266e64cL,0x00000000000000d6L } },
-    /* 18 << 182 */
-    { { 0x9624aea7c3ba79a5L,0x303f5c44356b4d55L,0xb266745f4420746aL,
-        0xd554d641ab2157c3L,0x270e293a89a1b1c6L,0x73541da2e81fb3d0L,
-        0xa3af4df99d28ef8cL,0x83e20fe57f159a0bL,0x0000000000000075L },
-      { 0x6d4032ad216ce79aL,0xa979ded996dc5993L,0x0653ce03a77cf5e7L,
-        0xd4c7c0f8e612cbf7L,0x664b14144cfd535fL,0xfc1127f460795eafL,
-        0x3c612b6b68378b1cL,0x023e398ec1c7d949L,0x000000000000013dL } },
-    /* 19 << 182 */
-    { { 0x6f1d92ec3d4ae696L,0xb86106f398fab4fcL,0x822b872e3d5b0645L,
-        0xe99b1302745556efL,0xf7d257a7ffb5a1f3L,0xd1c72810c5469b4cL,
-        0xc023f597f796298aL,0xfe1e4d4c37019403L,0x000000000000016dL },
-      { 0x0afd0124d8c8e429L,0xdc549ae033397fcaL,0xcb6b425ffef20af6L,
-        0xf179caa3d3ee3c39L,0xa2bafb4ae2cd0281L,0x6ed7124a8c6764beL,
-        0xe347fd98c891540aL,0x6b531daa0ba5c525L,0x0000000000000176L } },
-    /* 20 << 182 */
-    { { 0xd83376b06e0604e7L,0xf3da2540b9bdabcdL,0x8a64129ab0069b9cL,
-        0xf98d8a694ed21f8aL,0xcd7950fb17c1fdd1L,0x988ac822a1b303f3L,
-        0x2d6dc22444468a4aL,0xed780eb123f65549L,0x00000000000000c2L },
-      { 0x38e4f1e17c4f29cbL,0x030f563663776af6L,0xea357f378032b066L,
-        0xbc96afa12141ebbaL,0xe1396e9f7cacbe45L,0xdc5e9f07c62172a2L,
-        0x00ca038fa26039a1L,0x23796edf96c93fa4L,0x000000000000014bL } },
-    /* 21 << 182 */
-    { { 0x016e72db586f95f7L,0x7f9e2c36c2400728L,0x052457cf2bf04972L,
-        0x029911681fb30152L,0x5be915ba80cd0439L,0x5e151e1c6faa956cL,
-        0x21ab062272dcf9d1L,0xba0e51b09414b9b9L,0x000000000000014eL },
-      { 0xf0a1bc7a201e1ca9L,0x768f5444c7ce120fL,0x2961c06b496c605aL,
-        0x3dfd88f3c22605eaL,0xca174491e4a89909L,0x71319e378b5c6ba1L,
-        0xd56268a9e975dbafL,0xb2e5ff36f38511b5L,0x000000000000014aL } },
-    /* 22 << 182 */
-    { { 0xa943c94277e540eeL,0x9d13fef6443f5f5fL,0xe9c360fc9ef01a49L,
-        0xf2e1fb0698f8ab08L,0xcb966ce4cc21b8e9L,0x212a01e81f1cecdfL,
-        0x800a4f8be95f2409L,0xa0a6b162fa1a1310L,0x000000000000009aL },
-      { 0x23b1052ee4bde75fL,0x032a7dcbb01aa17eL,0x5e4cb05ba641f2b7L,
-        0x6ff29dd715184d0eL,0x29181004f479238fL,0xc3f7b9466a04f7f9L,
-        0x12db296a2c9e0a68L,0x323542c22f7f2a7dL,0x0000000000000108L } },
-    /* 23 << 182 */
-    { { 0xd9cf8b726028a775L,0x3850c15741cfa8ecL,0x6b4bc9b606915137L,
-        0xae55a728d1c99839L,0x045b7719e23ff638L,0xcae591faf3269ec6L,
-        0x04d5743ff130730eL,0x53372a0e6208ad0cL,0x0000000000000036L },
-      { 0x7db65e4e4af7b7f8L,0x9dfde4aee67bba08L,0x62dda13e2cc2e030L,
-        0x4ffd3135a4080e00L,0xd06a20444b48aad0L,0x9442188e59609700L,
-        0x10ffbebaa9ce37a8L,0xe22428600ecb7346L,0x0000000000000005L } },
-    /* 24 << 182 */
-    { { 0x20f7c6ee1bcf9917L,0x1c7d940f8cbc7d2aL,0xc2a1139ed592def0L,
-        0x0b6b644a936c827aL,0x1b16bf59abb4f3ebL,0x1693fe7916b8b498L,
-        0x4b81cf5badbf552eL,0x620ef3be7e0cb980L,0x00000000000001a3L },
-      { 0x6106878f2f6f9a16L,0x15c2303e6cf02778L,0x18c605cf7f7e7e27L,
-        0x6bd45dc798a8de3fL,0x5874172095869ddeL,0x621d8a4b2de20d0aL,
-        0x7632703cdca67562L,0x9374d05536957eecL,0x00000000000000f1L } },
-    /* 25 << 182 */
-    { { 0x291cad563c81c389L,0xfa1b6f768a663dfaL,0xc23bccfb4d4e1bfcL,
-        0x14218a8881c16ee9L,0xf4c48023fae0c87eL,0x58e978728e9874dfL,
-        0x690b375959dabf0aL,0x45e8790a2f13f6bdL,0x0000000000000156L },
-      { 0xc1070b3f17bd5f8aL,0x4bb893cf246d0744L,0xf5e5d9a855e6f814L,
-        0xfea75ee5a20ad845L,0x000d0926d4e9a182L,0x120ef85508b102aaL,
-        0x495db2342947588cL,0x5101834a455b2626L,0x000000000000011bL } },
-    /* 26 << 182 */
-    { { 0x2a8ebbb27efc758eL,0xc14880f28e3bd85aL,0x95ec9fa6536a42e7L,
-        0x07a26257f6cf0da7L,0x67976b68d1a6a137L,0xf143f97bfcd0179aL,
-        0x99645da231832f2bL,0xbe0940ca0955eb50L,0x0000000000000076L },
-      { 0x6d01c753e3acb83eL,0x9cb6f41194373f4aL,0x935f9fc2e758ddffL,
-        0xddee3e64b16c8ae5L,0x5b16820748e77dafL,0x2c0a5f0862a3cf00L,
-        0xf47f143a79315466L,0x2adc4a4853a7d9beL,0x00000000000000dbL } },
-    /* 27 << 182 */
-    { { 0xd2d98879bb29fe08L,0x261ca47e9e1e47cfL,0x349da8771951592cL,
-        0xe6da4080eb147166L,0x036929ab99d5410fL,0xa870f2a4ff40d8a3L,
-        0x6e12a9c78b775ae9L,0x0c493e092de6fac1L,0x0000000000000193L },
-      { 0xea12c2dec0522680L,0xb3a5c0e533afbcc6L,0x5e7da51f049aab7aL,
-        0x5dba87587f2dfa4eL,0x4e931594e3339e83L,0x100c2dcd0c75a4c3L,
-        0x6795a18e562cd1e0L,0x3778c7509aa010f2L,0x00000000000000e5L } },
-    /* 28 << 182 */
-    { { 0x2d0e0e8c3a12be03L,0xa4febeba75aaa59dL,0xe5ac02d67e8056d8L,
-        0xf3788c67bacd030cL,0x4018ae3921fda504L,0x690259dcf16aa240L,
-        0xf51723b291ad5d2fL,0x9cf893221f0aa525L,0x0000000000000166L },
-      { 0x0f4b0c2a09388e2cL,0xb8308ceff40b8763L,0x2462458061a66221L,
-        0xb67a79e8165aaa95L,0x94bc0b4708789bc2L,0x8b234c8708114d2cL,
-        0x1ee26556bec8d5efL,0x22e3055df315d134L,0x0000000000000118L } },
-    /* 29 << 182 */
-    { { 0x46cf9a123b3ba75bL,0x1d186c661adb1a26L,0x56c777349bf1316cL,
-        0x0f3e2f5ed8304840L,0x01baabfbe6070ce6L,0x503f8d930c9102d2L,
-        0x4dcd3adacd453ef9L,0xd1a8baf5fc6aad57L,0x0000000000000084L },
-      { 0x1faf5d6dd292a0c7L,0x910d30cb74f8c530L,0x442d713a6c0fa806L,
-        0x0a18ec4704b1a792L,0x880b2e809501a8f2L,0x2f074b43aac9e8f5L,
-        0x44209c655e1eddb7L,0x5916efadee7e28f3L,0x0000000000000131L } },
-    /* 30 << 182 */
-    { { 0x91e1ced21c8781b1L,0x1b160a6cd9eaceccL,0x32169b6de05009ccL,
-        0xa6e611cbd398f69aL,0xce953c71b0eee5fbL,0xf0b9112de9cdb766L,
-        0xad581159c871f5d8L,0x0ebe554be2279127L,0x00000000000001e4L },
-      { 0x89976adf1ab77e95L,0x33164f3df139a517L,0xef133446a1c4a5aeL,
-        0xdcbd304791d5782cL,0xdbd5c67c9750d5e5L,0xa23fc0fea185893eL,
-        0xe094fe8ec7f91de6L,0xf9e3a96a99faa7a7L,0x00000000000001bbL } },
-    /* 31 << 182 */
-    { { 0xd116cbade405020cL,0x7c108b67c633aba9L,0x2b7856f5e8aa0582L,
-        0xf8eab5a93ec464a6L,0x0e90e325e59632daL,0xd4dee596e85e20bcL,
-        0x4cf2c91482dd5124L,0xdda35341a6160911L,0x0000000000000073L },
-      { 0x4d225d4108a2c6f5L,0x481686652c17247aL,0x65877f1497b579b6L,
-        0xda95b1fa53d48dd2L,0x43fb7079ca44e73aL,0x7b69f069e3ec902bL,
-        0xdfd35aa860d9ab1cL,0x3457f579b3e5b6edL,0x0000000000000041L } },
-    /* 32 << 182 */
-    { { 0xf43e7556bd385e53L,0xbf8f9681875c0190L,0xe3d90dee555bd31fL,
-        0x3baf65546edfe5ecL,0x3d6df218960e906dL,0x7b6635cb873d0635L,
-        0x98a44993ded25371L,0x918b7555ad8e24b4L,0x00000000000000d7L },
-      { 0xb776f9146553287bL,0x7075a0a36fa9fa1dL,0x7bc1d77c11d5513dL,
-        0x789a19867993f668L,0x6162a249612a7f5aL,0x04348eb04ee7f938L,
-        0xf7102ceb56583274L,0xae423442e356e7bbL,0x0000000000000002L } },
-    /* 33 << 182 */
-    { { 0x523d61302f4ead44L,0x201058f04e5b8666L,0xf7680d4267d123adL,
-        0x0884457684ebdfb4L,0x84274505abd16ac3L,0xb9fafd02b3ea127dL,
-        0xbbfa958703e32460L,0x291a5eb015781790L,0x0000000000000173L },
-      { 0xe91a30aee53f10c3L,0x9584ef2bfd5dd433L,0x108924ba581b9fcaL,
-        0xc2fd60ccfd8e8fa8L,0x318e224fcab2784eL,0x0c81392b9d31ae14L,
-        0x9b2311108aa8130aL,0xb270d685276f3462L,0x000000000000010fL } },
-    /* 34 << 182 */
-    { { 0xdb7ce23edde05ffcL,0x3498ab21c6d0e52dL,0x70c111977b0e5286L,
-        0x2397818f56a3293fL,0x8e5190030f16f124L,0x42f9ae77dad7d391L,
-        0x5b6d52b49000eaadL,0x0250415c53e5d19aL,0x00000000000000a4L },
-      { 0xd5134d31720c627fL,0x5225579c2ace2686L,0x43db384eb8a3ec7cL,
-        0x3f857459f0f7a16dL,0x897549699739d8dfL,0xb1a377181c8ce480L,
-        0x81c5b1868267d330L,0x3f45401b037f89c0L,0x00000000000001ddL } },
-    /* 35 << 182 */
-    { { 0x4e66abd437417d43L,0x9514ca813998603eL,0x3fd620ece6ffe0c3L,
-        0xc72d522ec2371320L,0x9aa50a59acf05fbfL,0xc3e9213306fe5a5dL,
-        0xc1d244d73c56f206L,0x7c22b8ea72b4d2e0L,0x0000000000000114L },
-      { 0x2cd8c20869310665L,0x41bc43a56af1617eL,0x41acd532d54f9707L,
-        0xc3fe18ad05c56c89L,0x706756a536a5189dL,0x63137c9f3815ce6fL,
-        0x2ff051973eaabf9bL,0x0c3118fe365d4a01L,0x00000000000001d8L } },
-    /* 36 << 182 */
-    { { 0x5d07a2964e588df1L,0x141993bb19b144a5L,0xabc8b7f17aef2cfcL,
-        0x6a447e47adf5f260L,0x3617bbf9413523aaL,0xae2df3568658871bL,
-        0xb73a2681eca0d3d9L,0x9faa02a845905049L,0x00000000000001daL },
-      { 0xcea9672c9249e1f3L,0xd6030dd792b80377L,0x1731a9b6b430427aL,
-        0x707319a7dd23ecd8L,0x7497f2d3137eac72L,0xfd455e149fc57ecdL,
-        0x1d5be9f6f7a02326L,0x58127f1635ac3188L,0x00000000000001daL } },
-    /* 37 << 182 */
-    { { 0xa465edcff4ff1298L,0xf6875a88fb3ce39aL,0x0f8c3e4154571e9aL,
-        0x9750c93b2a33bcfbL,0xa4dda6a9c95cd2d0L,0x09512242e236cfe6L,
-        0x7045f4a1f8b5241bL,0x6cfba4be0c875c33L,0x0000000000000053L },
-      { 0xbbda856f057cc244L,0x039c06c1a80b8883L,0x909d27543627186cL,
-        0x02163479f6b0fc43L,0x46c3962436cc44beL,0x83113b35d0abcaadL,
-        0x0d62ed6f0ef103ffL,0x04100f40c2c14b5fL,0x000000000000000cL } },
-    /* 38 << 182 */
-    { { 0x5492babe8e507a53L,0x01ef00154f5fdf0cL,0x5b07f050e8bf3b02L,
-        0x06205d089907fdc9L,0x4ce4ecc11ad754c1L,0x3d01c3b63723fdafL,
-        0x77064d779065a5a2L,0x5de5e1cb725ff125L,0x000000000000006bL },
-      { 0x32d6e29d839ddf7aL,0xb5908a08f6518318L,0xcaedb6a5e99f9497L,
-        0xbe22eccb8509addaL,0x46511cdcdd3a6f5fL,0x74e345cb75b8d2e3L,
-        0x041b65006c166683L,0x23c654ead41aa178L,0x00000000000001a4L } },
-    /* 39 << 182 */
-    { { 0xd79f98edc740422aL,0xb365a02f6f658438L,0xcbd68ebb726bb3d3L,
-        0x1a74279568c9ffe1L,0x173b3d054253a108L,0x2873faa613d84b25L,
-        0xba2b605b705e1276L,0x35aa0bfe1d1e7e13L,0x0000000000000013L },
-      { 0x54a4ac10ae28e669L,0x392bcb0022d8b070L,0xf15f6b0819e99d02L,
-        0xd3019505f97077efL,0x8ba03e9342036fc1L,0xf1b3b093837e9fd2L,
-        0xc92b110d891b000bL,0xb99d4924e628c1deL,0x0000000000000169L } },
-    /* 40 << 182 */
-    { { 0xa62acac89702711bL,0xfa8afde1e5a60500L,0x6d0b6ec9851d3077L,
-        0x2928a849ddb4d927L,0x40731d2fee9c5656L,0xf53c199c78402e28L,
-        0x8d704153bf178d27L,0x67bccd2a3f735c1fL,0x000000000000008fL },
-      { 0x1fb2240d935c8aa5L,0x1fa6b65f794daaa0L,0x30aa4bd3c31a7abcL,
-        0x7b571e77f50b1a73L,0xe5105e178d05b874L,0x224ce4ac6574a6a3L,
-        0x64f2c14ba2d9fba5L,0x30e0f151c304c3dfL,0x00000000000000feL } },
-    /* 41 << 182 */
-    { { 0x7400571b0014829aL,0xc976d3db3d15b8adL,0x2d3780591335164cL,
-        0x57e68ee0e2e843bdL,0x0df368cc40341b75L,0x004e99f63666a071L,
-        0x80898faa2ded5ebeL,0x2d5e2b8d5d64a7c2L,0x00000000000000a4L },
-      { 0xb54da69bd389bb74L,0x3f2bfe1ddb6e2d4aL,0xeb09473dc831acffL,
-        0x64455b0c0ad6afc8L,0x38ac4f0c13088a99L,0xcd44c67980602e36L,
-        0x6b28f3b36c93cc94L,0xcc9ed6f2649f16c0L,0x000000000000001dL } },
-    /* 42 << 182 */
-    { { 0xcb8db302d5aaec94L,0x58fb71700e303300L,0x0a78247a8b0e0ddeL,
-        0x2d30370d6c007b9cL,0xb9d1fd916bd6d93eL,0x8e4be06b02362bd0L,
-        0x373af6632227469cL,0x1a1b76090bac6e9aL,0x0000000000000171L },
-      { 0xae3c93ace2962773L,0xbd96ef35232d4523L,0x44b5d53f254b07b0L,
-        0xbdc86e94658ea74eL,0xbde3eada9d758615L,0x267b46acc55f69d0L,
-        0x91fc9a2d4f0a8474L,0xc3757adce7249118L,0x000000000000006cL } },
-    /* 43 << 182 */
-    { { 0x18b7327734169522L,0xc80df3cade9f570cL,0x2248ebd72ee0abb1L,
-        0x719461e77ebb6b43L,0x8432cb62cbf4f4e6L,0x031df9951dcda661L,
-        0x1889b33b9e588c1dL,0x1d9ba4a04dee2e11L,0x000000000000017dL },
-      { 0x57ee376f719a392bL,0xbc128291bcfce4c0L,0xde788ed68be2ebb3L,
-        0x865d088f0c72b0a0L,0x720f285ae7b5af3dL,0x716d0d401f6564faL,
-        0x68b5093e16b7733dL,0x3ce4e5a3544922acL,0x00000000000001c3L } },
-    /* 44 << 182 */
-    { { 0x3e157f2273ee88f7L,0x1c0630464384bb96L,0xfa8ccff1163124abL,
-        0xf2a63516e1c82e20L,0x06f7a495ecc52cbdL,0xd00255d7d546b8b3L,
-        0xa4e0ea97f2c1bd00L,0xc279c9b9d8367846L,0x000000000000018cL },
-      { 0x493ca0d2f4846640L,0xf2f65176836101bbL,0x9a2131507c4f5f62L,
-        0xe7a4d6cb33ca1654L,0x6705565959e1757aL,0xae2233738bbdda8eL,
-        0xe915be3be856975eL,0xcd6117edb40db96eL,0x00000000000001cfL } },
-    /* 45 << 182 */
-    { { 0xb4e8c9370aca7d71L,0xaac0761b9812c1fdL,0xe8596d4bee0886f8L,
-        0x9bcbfa589fc12093L,0xb9e4b19c06967ae7L,0xc0e4f5c98172cd32L,
-        0x94098a335ccb77f4L,0x8996dc27bdfdee8eL,0x0000000000000129L },
-      { 0x81b4d7ee284d4731L,0x263845cfdbf96ca8L,0xe773b3cd3a19983dL,
-        0x7e16a7d17e7d7707L,0x7270b36600cffe6cL,0xef2ac9029c2de9feL,
-        0x3cfae8b0c875b52bL,0x8bf88154f21e1d82L,0x000000000000002cL } },
-    /* 46 << 182 */
-    { { 0x9c765f620a5e3ebbL,0x970ccd4e818fffc4L,0x9522877a70bbf4fcL,
-        0xa720852dcd9f1e17L,0x50dd2c7e15b0005dL,0xd5ff9c20842795ddL,
-        0xa942f53eaab55facL,0x9c8350e25cfb4548L,0x00000000000001bfL },
-      { 0x8afd20bb94f7a376L,0x17de2a98a5c8cabaL,0x97d74ac55ae239ddL,
-        0xcf5925c5917be399L,0x0092fdd6185c43f8L,0xbce625310c2334a6L,
-        0x264385c8688c7ea4L,0x09b75046c0a5b76dL,0x0000000000000000L } },
-    /* 47 << 182 */
-    { { 0x1569eaf24cb224cfL,0x269fa0409f146821L,0x76debe784598e444L,
-        0x55dbf9b1dfe244a5L,0x16cbf26eb67a835eL,0x59af39e01281e580L,
-        0x71eda217a229a7a9L,0xbada5b1369432cfcL,0x00000000000000e2L },
-      { 0x59356f88eb5b5f1fL,0xac200a20ee82718cL,0x870cbb11bd305f9eL,
-        0x6ef0a89a969de1ecL,0x89c705ef0110fd77L,0x2c944b594c73e141L,
-        0x4bac7679c140aaa6L,0x910125524b4d3534L,0x0000000000000024L } },
-    /* 48 << 182 */
-    { { 0xb77b2273b687e9e4L,0xd0c9629b158071baL,0x7b0d0576bd865783L,
-        0x47ca9a1b48334138L,0x22c0b777990beeffL,0x3dae022d7e8dbe92L,
-        0xdecf568567233c8bL,0x96eadd8a999e9c94L,0x00000000000000d6L },
-      { 0x8aefeaf1b8755eecL,0xbfd2bc88789362fdL,0xa2c3bc994e34479dL,
-        0x5025831148df5301L,0xd392cb00c0e07947L,0xc8c4c6a5e4a0c2baL,
-        0x315a9be295c84fd7L,0x12be251d40cb144aL,0x000000000000007dL } },
-    /* 49 << 182 */
-    { { 0x600281fafdfb666dL,0x89b2e2ee9bee6f0fL,0xe8f208e3124ff0a1L,
-        0xd674853a97ef8785L,0x333f682b7c613cc0L,0xa7bcf59549dc2ea1L,
-        0x3431a30d26a67e52L,0x1023799fbe4720f8L,0x00000000000000abL },
-      { 0xf98a30432480bd59L,0xc46d6cf7fdffea8fL,0xf6f7c7e58a9d667dL,
-        0x2a7fac095c65f054L,0x389cf284df19c157L,0x7b70ba00b35cc84dL,
-        0x068cc13ee30d0abcL,0xca24da284f1db63fL,0x00000000000000adL } },
-    /* 50 << 182 */
-    { { 0x22becdcd9c071a34L,0x66bca042c09cda4cL,0xf701267bf0732913L,
-        0x25c3b4b5a6a84d63L,0xd20b654f96a4bccfL,0x649bf2c16963824eL,
-        0x3e173b274d84f899L,0x0573e68b5ae76effL,0x0000000000000193L },
-      { 0x850d688aa7578c52L,0x9e967e16cacaef52L,0x24e39bf84daec11eL,
-        0x9ee4a66878b0072eL,0x3255f3f8f17b5e45L,0x1d8b5306c11d1f63L,
-        0x79b70aa80fd0248eL,0x1e15707ccfcc577eL,0x0000000000000095L } },
-    /* 51 << 182 */
-    { { 0x6e9477a46b25f458L,0x808fe2c599cb8c78L,0xad2dccf34619ad52L,
-        0xf2424ad828e3efdeL,0xb4cf55c2bdd4b5b1L,0xf03879f1d1735445L,
-        0x74fb4795f9feaf2dL,0x588c3fd6312ca1eaL,0x0000000000000046L },
-      { 0x13b13beed8007d8fL,0x5c5b92246fdaacf9L,0x84ab74efc221e90aL,
-        0x37384eb8758581d9L,0x923205a320eaa26aL,0x0cfc39ffd0995704L,
-        0x8b3bd7a2d4ede2ecL,0x4a640b0002c020dfL,0x00000000000001a2L } },
-    /* 52 << 182 */
-    { { 0x9649b0c126bd0385L,0xdf659955ac77dd42L,0x512cab0f5f1d946fL,
-        0x3365c06cb8e888ceL,0xd5b139364003ad9bL,0xb9ddf7422e777936L,
-        0xd882a2e7f0a2ea17L,0xca25477d329706f7L,0x000000000000002cL },
-      { 0x109144281f14b985L,0x8c6727485f7bcafbL,0x43da81611a6b62b8L,
-        0xadee9242ffc82eccL,0xb7dcdb418f391fa4L,0x1fbbf2e0593add60L,
-        0xfb551a699ec74127L,0x2ae9b20e7443a903L,0x0000000000000116L } },
-    /* 53 << 182 */
-    { { 0x1ef97491410cd077L,0xa8206904f205d56bL,0xdfea5b4c334d1427L,
-        0xf1982219bef52120L,0x2f5de7f02af4cbccL,0xb80fa224b097d873L,
-        0xe7ebce309b3ef192L,0x34043ba58508a38cL,0x0000000000000044L },
-      { 0xe73a1b716e77eddbL,0x422356ea070ebe74L,0xd1e293e6b5fe5ce7L,
-        0xe8897492231d1036L,0x04241a1ea9676b41L,0xbfe53ca26833593dL,
-        0xb52a531006b71326L,0x09b13c8e66a34460L,0x0000000000000197L } },
-    /* 54 << 182 */
-    { { 0x65b70bc6eeae508aL,0x78b81935b70e19c5L,0x9652937bee8c6b85L,
-        0xdfb53e2a9ba55188L,0x9bde675e8ce3f3baL,0x021519ed8693d863L,
-        0xb64130071fd9ac55L,0x428560d4845869c4L,0x0000000000000170L },
-      { 0xeae5f3757b7ec622L,0xe582b16f49a0d23aL,0x23c4a6c413352ff2L,
-        0x29ac206336a323c6L,0xc1be1ef1f7fdd1f1L,0x490e35a0a7d81d3cL,
-        0xe6fce48a29caea09L,0xa8b619aaf3969db2L,0x00000000000000f5L } },
-    /* 55 << 182 */
-    { { 0x1870f45409e7211fL,0x63654bcea1a5ce06L,0x82f781ebaee02970L,
-        0x704b05b98e6cfb1aL,0xda7779919e75ee2fL,0x9c311b5c8119aee8L,
-        0x878920321ec5731dL,0x45db4af638e2efbaL,0x00000000000000f7L },
-      { 0xc9da8fd8e60fa998L,0x2a908c8fa661efbfL,0x948c9b3fca468a51L,
-        0x485238d4944e68b9L,0x4d696e8be223a143L,0x260195a48ab78084L,
-        0x3c53be3a2fda134dL,0xaab965b37d24899bL,0x0000000000000028L } },
-    /* 56 << 182 */
-    { { 0x2698187d69d2a365L,0xceac05a40b4636e7L,0x508d87efb39d959bL,
-        0x7dadb94ac08ac0caL,0xbb5161f9df1dc5eaL,0x9f9118e6ec7a8f47L,
-        0x5f7d5a7ee578d6bbL,0xd2cf3964beb0c4c3L,0x0000000000000076L },
-      { 0x312ccd712dd174e0L,0x84bf3b4bf1b3cf22L,0x4215bd31f0927edbL,
-        0x062cfeefc2aafa52L,0xdd22d90155eec990L,0x18e19734057e44e8L,
-        0xdfc288d25f2cd2dfL,0xbfbe2cee43c3cfcdL,0x00000000000001b0L } },
-    /* 57 << 182 */
-    { { 0xede9dba37de1996dL,0x5cd619af1e5e92b0L,0x10a0c857f0d58153L,
-        0x61315a1882d47722L,0x66dd97910865fea2L,0xd2de59878c9ba9c4L,
-        0xa5824d290e0820d6L,0xe5d76f638dfb9646L,0x000000000000007cL },
-      { 0x50c9cf139ea56fc3L,0x6da6381cbdb8339fL,0xb032c6afcd108fc0L,
-        0xfa7e5df3f3b77a78L,0x5341541b5164eb5eL,0x155b51417cceb4c4L,
-        0x4f553c4b4beeb913L,0x6843d58366d8e171L,0x000000000000012cL } },
-    /* 58 << 182 */
-    { { 0x46edae7d7392fef1L,0x13c81fa327e3da29L,0x131235e48fc31b9dL,
-        0xd45727f4b5da6124L,0x01da47fdef43cb27L,0x5bf5a111ba1b6f30L,
-        0xd139d86b94e2ec2aL,0x4509851b27a5489dL,0x0000000000000050L },
-      { 0x8e15e7da4e69630dL,0xb108240ba9cd3f1aL,0x3a17d2e7e78db971L,
-        0x5c5d774bbb9907c6L,0x28a2b3d988c7b081L,0xae4db188a3b1b36dL,
-        0x2f3dad86d87987a6L,0x9a5bf38f3ab24f4eL,0x0000000000000158L } },
-    /* 59 << 182 */
-    { { 0xdcf8bff495b0e157L,0x53222102015e65c5L,0x26806b4211c7c94bL,
-        0x5d3b14efad4a65f6L,0x5b3c27aa8f1803e1L,0x9903b6938f835996L,
-        0x459cd77f13b3933bL,0x895307a086b8393cL,0x000000000000004aL },
-      { 0xc82810de845e5630L,0x8eeb40e14c46edd9L,0xd71578b209ff3691L,
-        0x5d4c8c8d7d9b5b99L,0x27751925ddbab2dcL,0xaa917a7c563fc5f1L,
-        0xdbeea6a290fd3955L,0x758fe38ec8b0effaL,0x00000000000001bcL } },
-    /* 60 << 182 */
-    { { 0x3069b9d66e77aef9L,0xd042ac052eb93fb9L,0x8335fe4212830002L,
-        0x293146e6e1b614fbL,0x652317e76ddb3ae5L,0xecf47236fefba037L,
-        0x24b51adf58eb0b7bL,0x5109f7df4874fb35L,0x00000000000000d6L },
-      { 0xff02ac885f1d5485L,0x8a993daf530607feL,0xc63139c93ba41f73L,
-        0x934a2f9445f411a8L,0x2208220bc95aae6bL,0x96710a9c63292771L,
-        0xc1b102e35b2a77a3L,0xc8177ecba35d5e23L,0x000000000000014cL } },
-    /* 61 << 182 */
-    { { 0x9203060baa7b98a3L,0x07051a435181b164L,0xd3fa67c3eaf21604L,
-        0x088e3498db6572d5L,0x7bab12be9fe1247fL,0x3c0eccaaaa9ff72bL,
-        0x57f2e32204b15e7eL,0x633bc218494c1a0fL,0x000000000000010cL },
-      { 0x773b7a085bd8eadeL,0x8f844710f88f009dL,0x13dac3f48190c4abL,
-        0x48d9eb6ea3f2ae28L,0x81f21ad313664e39L,0xd4110b6316c4b065L,
-        0xa11b1afa2b8e957dL,0x0a5f65cd9bc85cb9L,0x00000000000000a6L } },
-    /* 62 << 182 */
-    { { 0x8739e462a1a8188eL,0xca1226f5110b4497L,0xce536f0a7d506e8cL,
-        0x9f0e49dc8a1e00f5L,0x8abd40830a409966L,0xee494417b4ff83a2L,
-        0x6a2c14d4c8b8e02dL,0x2eba1a0242c27ed3L,0x00000000000000b6L },
-      { 0x4991518dec3148eaL,0xa516810f34200143L,0xd15d96f86b6513deL,
-        0x359a3d9657b574aaL,0xa689c45cdeda4bdbL,0x764cbd196bba4697L,
-        0xd9d7997f82988c9dL,0x24dddb31d7554449L,0x00000000000001daL } },
-    /* 63 << 182 */
-    { { 0x51bc4616753f0ed2L,0x7c3c6eee58b2a1c0L,0xcf37a0748131bc15L,
-        0xf06bd740fa7909e1L,0x2d7984b54b800a3eL,0x57f583984ced2487L,
-        0xdc68de17f0f308caL,0x813c4b8e3a16b769L,0x00000000000000ffL },
-      { 0x26daebaea97c43c2L,0x258edf708fe82e3bL,0x64847056879ab94aL,
-        0xfab3c35232f43e05L,0x01aa155831a2f7f9L,0x0ac01ea817d8b3f2L,
-        0xa7e3667b67cf00d7L,0x83e9a2ef50ccf5eaL,0x000000000000000bL } },
-    /* 64 << 182 */
-    { { 0xdbeeb421cfd387adL,0xd208fe085bb4d523L,0xff2282dbed24edf7L,
-        0x30556ff9c806b492L,0xe7716c3cd5b5bf57L,0x847e3a43153fb3b2L,
-        0xe9a8fb3c391809c5L,0x52b4a72992596244L,0x00000000000001c0L },
-      { 0xe49b344e59d9ae12L,0x5a5e32a1c925b6daL,0xe81d38d1f054a1c6L,
-        0x4ae4fe0cf15fb6d7L,0x6ef46dcd5cf03296L,0xbf46b97612da300dL,
-        0xfb373fe835fa7fddL,0x0f78e5ee62bcaf82L,0x000000000000003bL } },
-    /* 0 << 189 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 189 */
-    { { 0x9f3034247a56433eL,0xbbfa0fd960307947L,0x21c78cd331db3e3dL,
-        0xa837641c0a2a5f1fL,0x28338efb56b8bdf5L,0xc0b66594f0600d27L,
-        0xc07399315cb9a3bcL,0x95eac1715267267aL,0x00000000000001e3L },
-      { 0xe9ee22d1897f04b2L,0xb6002a034cde7dfbL,0xcbb7be483c3b494cL,
-        0xbe6c1a98670f740cL,0x9e9d0b911fc603e2L,0x532af80c351c0915L,
-        0x0bbf9ea379802339L,0x96c16ecadd33d50bL,0x000000000000002bL } },
-    /* 2 << 189 */
-    { { 0xd7ba67b2dca5c86fL,0xa2ad0453e4c65e75L,0x77cf1258e190bc9fL,
-        0xb3f630142c69bc9eL,0xd962eac71689858fL,0xc1b865c669336a7cL,
-        0x3f97565d9b5a5216L,0x93ea967c1a73a39eL,0x0000000000000083L },
-      { 0xa8e4af6b6ea73ebaL,0x3ff8e52dbe248173L,0x28a4e2bd3f3d34acL,
-        0x5d52213e1be61adbL,0x8ebaa43d02968a4bL,0x735958e06fadce98L,
-        0x2f143cd6c15f7644L,0x533bec76a7fbfc74L,0x0000000000000061L } },
-    /* 3 << 189 */
-    { { 0xfbd6e794814311efL,0x1751996b26cc272fL,0xe6a2e157a4d9ffa3L,
-        0x10fc93529a7d88f4L,0x02545d80395d7365L,0x56b7ee84dc6c4d32L,
-        0xc3dea31ea455538aL,0x582e311bb82cd5f3L,0x0000000000000151L },
-      { 0x1eadf021b3bec16dL,0x3406d4109ce73860L,0x6785be85eadb4c7aL,
-        0x68adfdc3e1e59a9eL,0x131ead3cab13f561L,0x0b2c0c4925936137L,
-        0x6c318ebc0f35b6f1L,0x0abe8c27f819e825L,0x000000000000015dL } },
-    /* 4 << 189 */
-    { { 0x44b3f23919fec274L,0x1dc89875e3a66eccL,0xe36ec60985eab4f3L,
-        0x3713bcd6840458e2L,0xccea99d32bb88a8aL,0xebd3d4bafd21e802L,
-        0x03437c286ffc588bL,0x3a21efba413b06bfL,0x00000000000001d8L },
-      { 0xd9afa45c16355e69L,0xe9b28f5b2502acc5L,0xef1999b91711da7dL,
-        0x4657efa14eaa0320L,0x0729dac2badbe83dL,0x45b0acd9b9cfbc6eL,
-        0xa014eab6bb296d4bL,0x29f6bef363b0d362L,0x0000000000000101L } },
-    /* 5 << 189 */
-    { { 0x30016ee322b152c0L,0x70de4bbf114bfedcL,0xcbdbef831e26173aL,
-        0x7614a523370e3b92L,0xd7d0c5f4d3e9e924L,0x221af66abbea4a57L,
-        0x2da2bd107007e4f7L,0x17d2a5bacd5b3b7eL,0x000000000000012cL },
-      { 0x6e8482436639e4ecL,0x9eeab903ee4d0989L,0x0bb3fb64dd0b4efbL,
-        0x07089df4ce8f6909L,0x7ef71f65545a7c71L,0xe91cdecc6884437fL,
-        0xe1d60e1401c4ba6fL,0x398484de2ab50390L,0x000000000000011fL } },
-    /* 6 << 189 */
-    { { 0xebce4a115a224092L,0xfe887cc974e91ac0L,0xed3beff1626717d8L,
-        0xd6915dc097f9e7d2L,0x6c5aeb18a6de7e4eL,0xe18c932268e302a2L,
-        0x4ef08d0ee3a4fce4L,0x7524f6f1a36161aeL,0x000000000000001cL },
-      { 0x096e3563fe82f5f0L,0x54cecafd13216b13L,0x51d809421d3cde0aL,
-        0xdbd61ad0c2608747L,0xaf378b29ddc6c9f1L,0x09a4057360507871L,
-        0x755fb6481251c43eL,0x7eeaf993a14377deL,0x0000000000000035L } },
-    /* 7 << 189 */
-    { { 0x354d6470cff89fc1L,0xd5880e0184c3f4a5L,0xe8cb2497dbd934d9L,
-        0x80244f291dd7a63cL,0x87c983b43117c661L,0x72361de291c17b69L,
-        0x2c94190b2ee78d13L,0x995a4ff57d91fc16L,0x00000000000000f9L },
-      { 0x98b17d2525c080a5L,0x3f2403b05b281b5aL,0x30f4915af7f4c45bL,
-        0x01310b2ab9189ec2L,0x3dd5f6adef36c514L,0x39c3a0e711fd5062L,
-        0xcb2063dc862bd28eL,0xe1a75d8e90a76270L,0x0000000000000037L } },
-    /* 8 << 189 */
-    { { 0xfdf7681d6debbcf6L,0xe21aef25600ea3c3L,0x181fb048bb30b75bL,
-        0xf9d8c43d8d8b7b4fL,0x3d3bc6deca68ec32L,0x6d469252af1641ebL,
-        0x1be3c9ba10252291L,0xb57f2c328fa4c10bL,0x0000000000000155L },
-      { 0x599e10e59ea96c94L,0x4426deb740593ce0L,0x948d92862d48d29fL,
-        0xd3ad8e54c03f5cc5L,0x53fe15e4219cd0d4L,0x03b914210c8fc479L,
-        0xa023c978e5aa96e6L,0xdee00502edb69f81L,0x00000000000000b7L } },
-    /* 9 << 189 */
-    { { 0x2cd49083e79f9778L,0x7f9946f671882e65L,0xfb08405c07d0fe20L,
-        0x5ed7e04781c7bafaL,0x01aa5ca253de8921L,0x71ada196b70cdb9aL,
-        0x2db79a24e4149028L,0x2d2a7f5c94c21733L,0x000000000000016eL },
-      { 0xecf6e42f2cbeb376L,0xe632d553b396294fL,0x5cca8cb36fd4084bL,
-        0x92bbab151b2a587aL,0xb2e240be130d1e99L,0xa0672abac859261dL,
-        0x84cf5fd413d5c102L,0xf470027bb2cdd4ccL,0x00000000000000dbL } },
-    /* 10 << 189 */
-    { { 0x27e1ae748e84955fL,0x09aaf5ae9c4f7a26L,0x4ec5554621e1e993L,
-        0x800515f0370d3efeL,0xc32a04e6c4c06f83L,0x5483476dd5fab42cL,
-        0x07278cf44de2d405L,0xad26e4ed4e6413ddL,0x00000000000001e4L },
-      { 0xbb9628ee17f12587L,0xaa5ff06f578f0bcaL,0x5c7a8d11d465f293L,
-        0xbf2955e83f6e5394L,0x262cc5a3affc8451L,0xc35a8e8a722ffad7L,
-        0xb93e5c2aa09cc5e1L,0x4cea80e846301158L,0x0000000000000185L } },
-    /* 11 << 189 */
-    { { 0xc18386a836ae1465L,0x7f620b6851f49485L,0x35ff5db59ac12858L,
-        0xa24cb377e1b66ef8L,0xc5a5f120824944e6L,0x6ba1777e2c75d5a9L,
-        0x9b02b8a4205b5e9dL,0x06a6688c47c4473aL,0x0000000000000039L },
-      { 0x17801becd6b7a9eeL,0xf99177ee7266ee48L,0xce538f55eb961569L,
-        0xeaf8059b06dbe1e2L,0xf136975608a59309L,0xd86d2a94532ac00cL,
-        0x64467ba65380bcbaL,0x0301f9be27d7e1ebL,0x0000000000000164L } },
-    /* 12 << 189 */
-    { { 0x29d39a4a7807bc2cL,0x835ca5afc2a6dc42L,0x26bb5781ac817836L,
-        0x3def5563525f97d2L,0xc6cf91e9237a68b5L,0xe1e954d9f9f587a7L,
-        0x7854a450126484d2L,0x0690c82dd3ae3825L,0x000000000000010fL },
-      { 0x3d46b028271428d1L,0x278c1fafd766ea34L,0x9c59b166355eec06L,
-        0xd6570ec7a36f1efeL,0xb64c51d48e8de46eL,0xdc4c58e2b39a5f35L,
-        0x1c46808b966c687fL,0x0d045d3e28f0fa4bL,0x00000000000001f4L } },
-    /* 13 << 189 */
-    { { 0xe1f8f593e4035d20L,0xf3115ca872b27c29L,0x6f021dbcce8a79a5L,
-        0xc9b99de992e812c4L,0xeef9605ed479ced8L,0x17bf75d1ed230e0aL,
-        0x1c37a667604f45a0L,0xba2e8685455b00cfL,0x0000000000000159L },
-      { 0x8d9901318b4e88e5L,0xfb0085e29fa679e9L,0xd4b5a294d35bc826L,
-        0x65e3da16624f4c16L,0x28dfc963738be5c3L,0x093e9cb0de3d8c84L,
-        0x83ea7628f32f052dL,0xe095054317da9fb1L,0x00000000000001d0L } },
-    /* 14 << 189 */
-    { { 0x55b440bb989b4a3eL,0x4a558cdb7ca65342L,0x0243665f6848d1afL,
-        0x46e00dd3eb611d13L,0x7cdbc1eb485f070dL,0x0b6b2a4e37d9317cL,
-        0xb86c7c90d9212b88L,0x0a5a39d8f0436535L,0x0000000000000185L },
-      { 0x0d127ab6cc7ad679L,0x87e9e7400651b018L,0x4c87124af0507f1fL,
-        0xc89734aeae2e207aL,0xba7939ac576d7e51L,0xb95bd1af45eba10fL,
-        0xc1674d96f2530deaL,0x227312b48e61b9f4L,0x0000000000000066L } },
-    /* 15 << 189 */
-    { { 0x1b31108442459f4dL,0x7cae90dc5e878116L,0x127607a98c0a313eL,
-        0xd2c39871a55fd972L,0xdc51776a077e2127L,0x34b0a44a2fdcf34fL,
-        0xa79ff2c28333072cL,0x384befa6bf1e4db8L,0x000000000000014eL },
-      { 0x1163018471e4da59L,0xe8eb4bd16da9fa16L,0x169061c82cf15f97L,
-        0xef24bf4b32753221L,0x79cf9b4e978c0e94L,0x4ee31d9fb2e8c08eL,
-        0xa9999a9b491f866aL,0xb40eaa6d61d44be8L,0x000000000000018aL } },
-    /* 16 << 189 */
-    { { 0x28904911200ad609L,0x6fb2b6633505c98bL,0x1bf6e6b517ad4abaL,
-        0x6d0e654fdbd8e9b0L,0x8db772c1f588fbb6L,0x5c2b736fa292489eL,
-        0xeac6e04ab902a7c9L,0x249c84e7b2dbafadL,0x000000000000010bL },
-      { 0x2cbc039029de2306L,0xac01d1a5bfc36a57L,0x89f1a059bacd8b95L,
-        0x2e1e095a3e92c99aL,0xf172bad607b4e976L,0xdce0b2e435885013L,
-        0x9a0c55567fa11b87L,0x1df0dfd67eab7ad3L,0x000000000000008cL } },
-    /* 17 << 189 */
-    { { 0x55c1cb327ee5e091L,0x9b3b38b6a4f1553eL,0xa93f2ab9ca3703b5L,
-        0xe153206da14864aaL,0x53cbdcbff2500ecbL,0xd70649347984ffaeL,
-        0xf0193f44c239a4cfL,0x6bfc462f1567d5deL,0x00000000000000a5L },
-      { 0xcd6b480b381c54e5L,0x17190f5f936eeb1aL,0x55514c1aab4dd2d5L,
-        0xff15013f4d378b6eL,0x086bca23e25466d6L,0x84b630fef5c92761L,
-        0x6909e2adf9aaf597L,0xea3054a8e1b21ec2L,0x000000000000003dL } },
-    /* 18 << 189 */
-    { { 0x5225f56496479004L,0xfe7f6ae01d60f576L,0x1215e4a2885f56a8L,
-        0xe70f09235d1e6df0L,0x7cbf30fb66614db3L,0x346de189209d9a42L,
-        0xff0cec30249c0bacL,0x76488efe69c479beL,0x00000000000001a1L },
-      { 0x4ad5db4a81213654L,0x748c9e51a3b0203eL,0xd9c64583acb72ac8L,
-        0x3926c7c4856aab8aL,0x62eae82ca80385efL,0x74d7d9713c061721L,
-        0xe647d75b3a7ddbb3L,0xab2b33724d872279L,0x00000000000001a0L } },
-    /* 19 << 189 */
-    { { 0x563ada4da040a5ffL,0xea621ac31fff0784L,0x28e6ff0875ce88f5L,
-        0x09769ec371f3aeceL,0x0ff40dcb3d45fb95L,0xd7b33147eb09a022L,
-        0xf62ccb4a81d97a19L,0xe45cc4d83f51b39aL,0x0000000000000137L },
-      { 0x79aa7c43e9a9779dL,0x36b108fb70f8c585L,0xe1736644af50cf32L,
-        0x820b16320c429c35L,0x442c9d21b01595cbL,0x28c0c7683c79c26cL,
-        0xde4901b3e59608caL,0x0a19facf0b39089cL,0x00000000000001e0L } },
-    /* 20 << 189 */
-    { { 0x1b5336d7e43ff8d0L,0xc6586c542375cf3cL,0x751a95b05d372296L,
-        0x95517fa7db98d315L,0xb7671c0f015782f7L,0x467c1fe893c3fe96L,
-        0x2a6c0f17f284f967L,0x76bff3a612aa02beL,0x00000000000000d9L },
-      { 0x3242434e39647784L,0x4cfb956b92a3ffe2L,0xebebb9bd37da53caL,
-        0xb0c81cc581b8ee8bL,0xe3f6dd68212e7cb8L,0x7bc578594c1c5556L,
-        0xc053d123d233497aL,0x599caf98bd4c5762L,0x000000000000017aL } },
-    /* 21 << 189 */
-    { { 0x461e855e310573dfL,0x54014992600cd5d8L,0xf59622b38d9f5217L,
-        0x8a12593ce712e5d9L,0xc3ec3c3adfefd672L,0x424c770e4264f3aeL,
-        0x08be0d0020979dd4L,0x5d78b2e57c42109aL,0x0000000000000147L },
-      { 0xe0136d93f5bad4bfL,0xd06d7d2e2957b516L,0x43aec5cba5b37693L,
-        0xfb83976ee625c1bdL,0xf244bc273bbd2729L,0x82b9d28ff5aca07bL,
-        0x0accd6d898b95aeaL,0xad438298370aaec2L,0x00000000000001f8L } },
-    /* 22 << 189 */
-    { { 0xc7c33c5eecca4b24L,0xf9044a18db7e92a0L,0x33676183cba7445aL,
-        0xa9ae5991d5766cb2L,0x77c6ccfb59467537L,0x7f0b64d45a680fc8L,
-        0x942a29960cb827b1L,0xec6fda25fe4e54e9L,0x000000000000003fL },
-      { 0x89d45bbf50285e48L,0xc367bbc6bbb6d77fL,0xcea1ade71e45ff58L,
-        0xcf02f6dc094f0616L,0x87e28486305c7815L,0xb1509ee1bb11a8bfL,
-        0x17d6e7d1b32df112L,0xc8c5a7f784aced31L,0x0000000000000038L } },
-    /* 23 << 189 */
-    { { 0x1dc8bdbe227db0f6L,0x1e425be636244ac1L,0xc6c7f5b0164da7f4L,
-        0xe2aed98497ff7952L,0x92e74200872554e1L,0x15004c56b9be5350L,
-        0x402804113966ca44L,0x5ac0cfaa80173c93L,0x0000000000000149L },
-      { 0xbbe3e8071236a9b6L,0xf1699483b8a492bbL,0x7a217dfae96083dcL,
-        0xfcae468c2ee8724bL,0x2a1ced809815ca66L,0xc8a7078d0644ff4eL,
-        0xbda30ba562fb3e52L,0x7a487bb502077ec4L,0x000000000000017dL } },
-    /* 24 << 189 */
-    { { 0x3555f75c6a7e545fL,0x1ea37a8e7a15bd6cL,0x188207a366f5c712L,
-        0x0fc45bd94926901eL,0xc55d2d8cd34b1e01L,0xfc75e1afd84f7268L,
-        0xded24e68bec74ee3L,0x0f611682b82806baL,0x00000000000000e2L },
-      { 0x5454065af1943440L,0x88291bffd01b257eL,0x6eaca283c6ae2502L,
-        0x88f29ce08a74cbe8L,0x6ddb3ae9adce5e80L,0x93df4593bd911187L,
-        0x16bdc203a6b62e07L,0x3a0ad818e8eaac95L,0x000000000000011fL } },
-    /* 25 << 189 */
-    { { 0x28e370db59a880c7L,0xa84aac2c2a3c718eL,0x4f9fc4fab725af9dL,
-        0x52ae3e8947f0e1abL,0x4684a83853068039L,0xa3f5b78f6eb5b99bL,
-        0x631dcbf590a53bb1L,0x65924aa0fbbc4453L,0x00000000000001a8L },
-      { 0xe12adaad50519774L,0xc9899fa49227bb12L,0x496631535bfe092bL,
-        0x7ddad74485659edfL,0xd527efb9d5a37c69L,0x52d5d81842abf762L,
-        0x8a41c43b2d11ba2eL,0x97bf9f89a7abf282L,0x00000000000000c4L } },
-    /* 26 << 189 */
-    { { 0x3f21fb13ef8235fdL,0x488567261d6a5b98L,0x6ba7b7667852a2adL,
-        0xcb927631373de0deL,0xcae220066eb7e6a0L,0xe58ea13dfac8816bL,
-        0x4dc4f35b4b2cf759L,0x7a8c6844737f6e13L,0x000000000000016eL },
-      { 0x0ae2eab434c605b7L,0xd78433a0fcd4c618L,0xa7596dae82b46a25L,
-        0x35dcb1ff9d1608b8L,0x6380a771432f758cL,0x73bf36ed012ea66aL,
-        0x923c12bcdf4a3ba1L,0x4cfb1a1b12249dbfL,0x000000000000002fL } },
-    /* 27 << 189 */
-    { { 0x21c6dda909afafd5L,0xc3ffe02f54ec3531L,0x81c46e852f5b6b5dL,
-        0xfbca5691640e9b41L,0xf3a8c5f270a6f613L,0x47f8636a333304d4L,
-        0x9619088688f84bdcL,0xa74c957089b07f7aL,0x0000000000000003L },
-      { 0x8ac2444429053fe3L,0x5f016a56f3422459L,0x3957735f6aba2e10L,
-        0x1bf31ff8ed5bdd25L,0xc4c8ee2ef7e5572dL,0x6c36f06fae94f876L,
-        0x5abeb8b11cf49d8cL,0x9226e08369e4554aL,0x000000000000015bL } },
-    /* 28 << 189 */
-    { { 0x6b89e2e509ace912L,0x5f4e515d7b067334L,0x6aa5259aec702301L,
-        0x9cf73f7f688485cfL,0x48a5f3410659825eL,0xde9eefd6a1d3be96L,
-        0x34a432aafaa769f6L,0xd1f8f08434abde10L,0x0000000000000025L },
-      { 0xd9b076e3bbac8db4L,0x85858504f72ee1b8L,0x451a18815ebc2846L,
-        0xc8cb018a0ff63a36L,0x5256a51f13eebe02L,0x85058bc0160ac671L,
-        0xd110ea4ed0d4a62aL,0xcaad594b2b033a9eL,0x0000000000000023L } },
-    /* 29 << 189 */
-    { { 0x1d34963913c1a7a6L,0xd980f79ea896afb9L,0x701959597495f839L,
-        0xf0615616e8aa79c8L,0x80061bd87a3147beL,0xe5d69e15f6973e6fL,
-        0x2522bad76030ef18L,0x8acfbac4495c762cL,0x00000000000001acL },
-      { 0x5cd25ef7321a2280L,0x95b9b0d0a0458db8L,0xccf4f8ce8ac8b7deL,
-        0x904356985aa93f11L,0xe50024d1e7df2595L,0x09d83948ac09ff49L,
-        0xfbaaf1d19abb573cL,0x28e4b4cd92bbe12aL,0x00000000000000daL } },
-    /* 30 << 189 */
-    { { 0xe5ca83fa634ddcb6L,0x5460a43245f882c8L,0x01a701ff4d1b379fL,
-        0x743801734316aac9L,0x5e1a0761c8e815d0L,0x4f129ade260d2619L,
-        0x3dab946d6a892a9dL,0x6ec73a540d8efc75L,0x0000000000000048L },
-      { 0x7d8189195a78b6c6L,0x110936717cd52f20L,0x42d3bed515e9988fL,
-        0x1c55dcea772def70L,0xcbdacd7c334ec5e9L,0x0686fd8a7201506eL,
-        0x6148b0ee02462ea5L,0x55acec514eec4f0dL,0x00000000000000a2L } },
-    /* 31 << 189 */
-    { { 0x009751a569eb5133L,0xda66bc95a61f94abL,0x839c283d21b8e5ecL,
-        0x77b3814771f6e8b4L,0xf08e62f140cbe8fbL,0xf1e7ec5e33993050L,
-        0x3e540919a5c6f5d6L,0x143d5a48b948ae50L,0x00000000000001abL },
-      { 0x227237fe6d7c37b6L,0x12b782ba91c864faL,0xe770b68f8bb0141aL,
-        0xc3059e3f470cb922L,0xc55ecc13e3494d25L,0x7c7ad20198ead855L,
-        0xed29220cdbf56bcdL,0x55607debe48d3158L,0x00000000000001bbL } },
-    /* 32 << 189 */
-    { { 0x1206ea28cd7bbb6aL,0xeff556d0c63062faL,0x8ad321fadeb86a3aL,
-        0x9ea9fbdaf78fcdc3L,0x3ef406cb0e8c80a8L,0xc168b5970f593d36L,
-        0xd6456267c352a3a0L,0x303bd08332c5a9a8L,0x0000000000000102L },
-      { 0xbf911f73e680d0f9L,0xb12fcca8bc1a1b47L,0xb8264577ef8024f6L,
-        0x9d17b8b7f66ae119L,0xb135dfc275b33227L,0x4cbf0d6d96e667c2L,
-        0xfff742beba373b24L,0x218e787e776cbd3bL,0x00000000000000ccL } },
-    /* 33 << 189 */
-    { { 0x6ea795ecf0b3e8e9L,0xa8d0f3ef415b14e0L,0x388d0b9eb2b8bdd7L,
-        0xbac3606b47077e99L,0xf27e9a49fd56307bL,0x879d0ad938cc9279L,
-        0x2b33ad7acd8f229cL,0x948444d5577207fdL,0x0000000000000164L },
-      { 0x028ff3d3b9b6280bL,0xec12413d8aba1800L,0x8fa64506ac21d32cL,
-        0xfb3b64089ad6c573L,0x4e558b8146d75117L,0xdd4a2eea3159469fL,
-        0x7c9060ddb61dbf21L,0xadb892fb4fe85705L,0x00000000000000e6L } },
-    /* 34 << 189 */
-    { { 0x610cb28654137f6cL,0x1aede3330753a5c9L,0xc67e4426f48014beL,
-        0x85b1131f733f87ebL,0x4b5b882d2cea996fL,0x29c274a0859aabbeL,
-        0x822e16883647b4a9L,0x484e63777cae42c5L,0x00000000000000b1L },
-      { 0x358f911aacf0fda3L,0x0693edbb8fe82648L,0xfbec08a1c04f3fd0L,
-        0x45316917607c7c60L,0xc8ea888ada6dfc1cL,0x2121c681c65bf16dL,
-        0x00ed364fa1da19afL,0xa28b1de4514495d3L,0x0000000000000184L } },
-    /* 35 << 189 */
-    { { 0x2999ad23a2dc7f0dL,0x77d0c3861314df56L,0x01f67ce42a664882L,
-        0xfe134b6c5787a492L,0x2bcd1d1996126d18L,0xf190abf67aa5602bL,
-        0xcc21b699f42256adL,0xc629989d7e2510b3L,0x0000000000000001L },
-      { 0x7aabff2fa2c86a01L,0x8f5272cc0bbe44c5L,0x86c041b44308cfe8L,
-        0xb14043018862f6b2L,0xbe9d148d51fa122eL,0x651dfd87b3519fd0L,
-        0xa0610f30d9e81817L,0xb6976414ed2a30c7L,0x0000000000000110L } },
-    /* 36 << 189 */
-    { { 0x386cb3067bdfc975L,0xb8ab848e10483147L,0x7fbbc54074dde708L,
-        0xd58eb2b596761accL,0xa885a6e8b8a0f062L,0x2630f19117e92bb0L,
-        0x7169a8ed1258ed15L,0x471e6bcb40976b29L,0x000000000000007dL },
-      { 0xa6d493e2795c47a6L,0xe118ad5806746dd9L,0x47ea093ba29cee54L,
-        0x2a61aa20f7d8e228L,0xd78ec0e1fa70eda7L,0xf9511b38e1f2734cL,
-        0x491fb14ec91629c2L,0xa3379d598e002052L,0x0000000000000170L } },
-    /* 37 << 189 */
-    { { 0xc505a9bdbc1a0a26L,0xb85a1e9478d9ed45L,0xdea7d140b7a562f3L,
-        0x9930f6d4e2ae8f4fL,0x1159929213476304L,0x13e811ae421ff4f6L,
-        0xd9e2eee649cc4771L,0x73c04b328b036469L,0x0000000000000180L },
-      { 0x4664a7a522123d30L,0x053c5233f9cbf61eL,0x0c6d121442902bb0L,
-        0x61a509855f6d2484L,0xb427545c1f3fb40dL,0x55e444a4dbf4c320L,
-        0xa8311978c13da776L,0x4623001ddb288ee1L,0x000000000000001eL } },
-    /* 38 << 189 */
-    { { 0x1cb6ff10734c362eL,0x3ec3afdc195a00b1L,0xa1ea59124f0957c3L,
-        0xd9fc3ff63a5f5203L,0x9949e8d68e8a558fL,0x252995ac0e4cf7d1L,
-        0x517b1dfacc935cd7L,0x7d8bdba8f0db0cf8L,0x000000000000005aL },
-      { 0xe8ce78b579f92ab1L,0xd9fde900ede42817L,0x5a6add0bb9b4bf72L,
-        0x845e8b94a03706c2L,0x3bb16f047eaf2758L,0x29d823930580ca79L,
-        0x5930385b7bf0462fL,0xd69171b381b47f3fL,0x000000000000007aL } },
-    /* 39 << 189 */
-    { { 0xb054987a59b57345L,0x690f4ea00df9adbcL,0x709a2218b262038dL,
-        0xb5df8e93e44eaaedL,0x3e1580e4b2db7099L,0x1ebefedb2b3342e3L,
-        0x6e0ef1246521bd90L,0x767b444de97f9531L,0x0000000000000112L },
-      { 0x4fa11e48d4e8e902L,0x804eb6b4375336b0L,0x0d79d368f96e7400L,
-        0x66fa057582576c82L,0x514fbfc45ec62c7fL,0x72eff87ed38bd85aL,
-        0xfe9185f4d8d6cc9cL,0x47a733213fd2ed50L,0x0000000000000171L } },
-    /* 40 << 189 */
-    { { 0x1f8215f9efb91de7L,0xf3add5d08a2f74d9L,0x56433008a520d556L,
-        0xb6df83c58628ac75L,0xf3c38ea27390eea0L,0xb1aadf0f6078a673L,
-        0xa9e0832827b6b8fbL,0x22e64291f3b7ce53L,0x000000000000017fL },
-      { 0xb3e7ae4c6e69500aL,0x740b9752c441e02cL,0x3d04d6dcf503d4a0L,
-        0x22490a59862f3496L,0x0f4a62aab2472177L,0x668475b979720c85L,
-        0xf6ebeb0bed9b4fd9L,0x8a5a6926914e8bf4L,0x00000000000000f2L } },
-    /* 41 << 189 */
-    { { 0x88714284d7f15d9bL,0x23bb89a963dae31bL,0x1dd869f770aad758L,
-        0xade2a58dbc0c8b8fL,0x4e34cb29ecee1b5aL,0xffc36695a418cf27L,
-        0xe6b995d08e90eb26L,0xdb6704209e7edb4cL,0x0000000000000030L },
-      { 0x11a61ac697a71becL,0x01a7863ce7f9c778L,0xb33e274f0dc175d2L,
-        0x5bc952b86bd31118L,0x3d3c7b5ecb4a461aL,0xb247e08560a81989L,
-        0x98cead253cabd814L,0xcbda7ffe5f3774b0L,0x0000000000000015L } },
-    /* 42 << 189 */
-    { { 0xfb865e6491e6c598L,0x88b4cbc94f5c3464L,0xc14f04519bba56dcL,
-        0x283e370e9828f0baL,0x178381311807abb9L,0xbd9227dc91eb4794L,
-        0x998862db036ae356L,0x64214f5650a6534dL,0x00000000000001d6L },
-      { 0x5c07fc067be97a7dL,0xb83d3ca51f918746L,0x1fc4ac0bf600c884L,
-        0x00c1c0643ff9138cL,0x37107da9fe8ae63fL,0xce43f9671a021382L,
-        0x533716b2dcafef65L,0xa50b01d91c1ba0a3L,0x0000000000000140L } },
-    /* 43 << 189 */
-    { { 0xc8c61097bfe6c874L,0xe4a957c48c7b1695L,0x8975c3d5cd617093L,
-        0xb55cf8b8a2aeb3c3L,0x210a5fa0412b23dcL,0x3b306039222fd5e8L,
-        0x58ebec8802e8b2b8L,0x85a935b9175925d9L,0x0000000000000088L },
-      { 0x20262a2acd9e1515L,0x23dd0510bad24e8bL,0x3f904417b39e83bfL,
-        0x4767a90419e5a1e2L,0x4cd0316ec8b10371L,0x33f91aa8c3985efdL,
-        0x2d2eabb1bcaf62e3L,0x61c39f69a9070a71L,0x0000000000000197L } },
-    /* 44 << 189 */
-    { { 0x2f548b4254bd23edL,0x9bdccde5e22e32ecL,0x01b0646f4d769b35L,
-        0x749212ca1ddb13a7L,0x01aeb2c2793156d2L,0x1dc2dd05afed290bL,
-        0x2dc90777f5976b90L,0x69b807201c24d363L,0x000000000000000aL },
-      { 0x927ebc909024b3d2L,0x04befa23e7fba843L,0x179ed851cc504025L,
-        0xd66e92d06f1e878fL,0x27604533a48eacd1L,0x25f304c0be099838L,
-        0x12f01ab1ff150469L,0xfc009f4cb502c2c3L,0x0000000000000067L } },
-    /* 45 << 189 */
-    { { 0xd18e7cdd15b76157L,0xb8b81063545ee371L,0x18860c3a5685e78aL,
-        0xd2d62d66fa06d7f1L,0x7d518c8ebe31f479L,0x49634d5aca4d86edL,
-        0x73510393286743faL,0xac5cb2646b005aeaL,0x000000000000006dL },
-      { 0x3ef1fb8c995ac4f7L,0xb1b476da5041fdc8L,0x013bba673ae16bdeL,
-        0x8edf24bd989ab5d7L,0x27cbab12f77269c8L,0xd0df40b13ea9fa4aL,
-        0xa0ef8425ec2bb20dL,0xe69c5d12bbb95ee4L,0x00000000000001edL } },
-    /* 46 << 189 */
-    { { 0x38d4b079f0269288L,0x024ba79538c84188L,0x8dce75a4f8f34375L,
-        0x12ed9b998811a78eL,0xc43f9833966242c8L,0x1ebf2a2893a4de55L,
-        0xb77ba54b5df20ecbL,0x0b59c76549fb4c99L,0x0000000000000001L },
-      { 0x23d73eaa305df024L,0x17641a8bd4804cb0L,0x3d7e68433251d480L,
-        0x3a7ca4126fb3aef7L,0x511263cf18747d97L,0x670de6bd5cd3b9c4L,
-        0x6cdd5a8ae71b247aL,0xd984e646528e3fbbL,0x0000000000000108L } },
-    /* 47 << 189 */
-    { { 0xe027d07b2f4be08cL,0xbcc10ac427c3e5ddL,0xf64b8a22e63fdda2L,
-        0xf9df0d4046b68556L,0xc08d7d8e7e2240fcL,0xd854c44766a163bcL,
-        0x5c52966b491bba4dL,0xb84134db9f066e7aL,0x0000000000000044L },
-      { 0xb09bdb9264c613b1L,0x2ca2ccbdac59d414L,0xa97aa22e6436bcf3L,
-        0xf22bc357227e1feaL,0xd8a7b25c7f842c67L,0xfb4cb6c88939f9f0L,
-        0x28b488967f1d398bL,0x8de5e61a807c6f89L,0x000000000000000eL } },
-    /* 48 << 189 */
-    { { 0x4231da59e97ea880L,0x5d4c048745262614L,0x3718643736aeeaeeL,
-        0x17229d1dbbaa66cbL,0x342daf59a5d41097L,0x5fc2cc015080f051L,
-        0x657c05a20e6527beL,0x3e61c315949e36ecL,0x0000000000000008L },
-      { 0x961bdc35d8a5319fL,0x5b8f4db874708cd1L,0x901d28564726604cL,
-        0xe35ad211ccc10400L,0x5a9b120594004a0fL,0xdbf493bf5c8eaabdL,
-        0x6ccc828bbaff6fd2L,0x83003f1077e9a126L,0x00000000000000b9L } },
-    /* 49 << 189 */
-    { { 0xd0396d365c605661L,0x736a0fba8c8a36ddL,0x120af17a26d18bcfL,
-        0x2846334514e206a3L,0xd3690bd20f5657e7L,0x5f7879531bb3ddbbL,
-        0xee94af0449d00002L,0x29f266ce19c87885L,0x000000000000005aL },
-      { 0xe4c501899ceb0396L,0x065237a9181dd431L,0xf6b4de78102156d1L,
-        0xfadd137e9466701bL,0x556194d58bad4752L,0x4d7cd2ed0b23e83eL,
-        0x770c7e894b1329fcL,0x4af47a31fb173fdcL,0x0000000000000035L } },
-    /* 50 << 189 */
-    { { 0x111c4e8e15567b4dL,0xba2af2f3d1278cb8L,0x95e0ef97c8a0c184L,
-        0x47e7053b2a46e1f4L,0x1e288ab774cb99fcL,0x2a5285bb17060961L,
-        0x50bf49cf6921f98aL,0x4ce741821d7e1372L,0x00000000000001d1L },
-      { 0xcf181e712a064bf7L,0xc534c01e49b3e010L,0x277fe91f939ef9aeL,
-        0x0724737c2a40040eL,0x2a320ce8ffe77170L,0x391b6f9f8eff74edL,
-        0x83b4195abe5b9daeL,0x937f0bcf4114237dL,0x0000000000000021L } },
-    /* 51 << 189 */
-    { { 0x41d6ef761ab2d533L,0x298cc67e04d17f47L,0x062870d3c680b409L,
-        0xa74cd183e9685d65L,0xe2db43ef1eb8e1cdL,0xb0125ff3856c97e5L,
-        0xe7d81e0b672a3ae4L,0xaf12df591600af74L,0x00000000000000d7L },
-      { 0xc6a9d40b7bdc041aL,0x8e91290a49e7d705L,0x52beef55ae198296L,
-        0x5c4b1922f23fb61aL,0x79a2a393957a052bL,0x1452ec147c8cc360L,
-        0xf168e6f217c63a38L,0xbe17a226707be9dfL,0x000000000000012fL } },
-    /* 52 << 189 */
-    { { 0x717f198fb091e5e2L,0x13a018ba5a3c1a39L,0x2f8745d8131531cbL,
-        0xfc9c44e53e11e93dL,0x7240364643a6f330L,0xebbbe261babaef99L,
-        0xc4f1941da2e2749dL,0x6bb03f4bdec5c4fcL,0x00000000000000ceL },
-      { 0x321b501994a5c6e6L,0xc6b51804a3f6b8ffL,0x269f2a832561b248L,
-        0x3b97ea7807238ba9L,0x2fe33d8bf290911cL,0x5d148537c8cb8e95L,
-        0xd1a1305196d62b4bL,0x44121143649ad208L,0x0000000000000049L } },
-    /* 53 << 189 */
-    { { 0x18c67cee142f459eL,0x374f0e63c240a5c7L,0xccb426eed0b3c8ceL,
-        0xc83a69c7018a50d7L,0x9a2e51154c61e39aL,0xec5edbee6dc14408L,
-        0x45725abe624cdb91L,0x4c0a11373d6d72aaL,0x0000000000000154L },
-      { 0x7accd15cc3b86af3L,0x78de4ff07ef41f2cL,0x3601519c309d2841L,
-        0xa8712f8c378ff8f6L,0xb6e9045a0b8f9a4eL,0x2ef0a92ac1501d2eL,
-        0xfff126325c745eefL,0xb0712d67b91b1b4aL,0x0000000000000165L } },
-    /* 54 << 189 */
-    { { 0x7714e43a0f7b0604L,0x225769c178d565bcL,0xedbd4a162759fc30L,
-        0x5094390eb8daef23L,0xcac7cdb538737603L,0x6ec71d48993c34c2L,
-        0x9eb0c65edf4ffd86L,0x9a9076f819830bd7L,0x0000000000000159L },
-      { 0x43d60e2fafe174ecL,0xbc38a3da61f4d263L,0xcca7c7f7dd11ad45L,
-        0x8aaf2e3342e975cdL,0x9d8b2919134c2420L,0x5f8c989ebd92fa2bL,
-        0xb4ee181c72b418feL,0xaa7368d199f80763L,0x00000000000001a8L } },
-    /* 55 << 189 */
-    { { 0x7baebdad95697470L,0xf6fe566efb547be8L,0xb087ed3f2a8fb882L,
-        0x1c4d32db206e9a27L,0x3b047777f384b8edL,0xf2a55b91a1dd6624L,
-        0x949d913812f34dafL,0xdb09a6fe227067acL,0x00000000000000d4L },
-      { 0xfeb27fb80160f0f1L,0xbc082e7c89550518L,0xea404d2ff506e716L,
-        0xac5ac13f410aaeffL,0xa6463d178eafe900L,0x41febe7847b7f1b8L,
-        0x7f6304ec189426d4L,0xf481347ff7b60b29L,0x0000000000000178L } },
-    /* 56 << 189 */
-    { { 0x3d91ea604c2a4cefL,0x8de8f69c3de838adL,0x9a725723538c37d7L,
-        0x3923fa077948b4ecL,0xd1a25d23d23e67f0L,0xa2d7b9d7396fbc50L,
-        0x8f8504e41d36f98cL,0xaa9e585159191798L,0x0000000000000147L },
-      { 0x8edbf0c2e3db7296L,0x677a299681fc8f30L,0x05e27b8db727e6aaL,
-        0x4f5a9a6903113b4eL,0x9d4724e83ed42117L,0x06c0b8a572fcb859L,
-        0xecdcf4d8ad040b87L,0xe6bb9a0e8cda9eb0L,0x00000000000001d4L } },
-    /* 57 << 189 */
-    { { 0xcf9d92912f2e8e0eL,0xa061e2d775701d6aL,0xf4a75abcb896c99dL,
-        0x7b502799c595a675L,0xd703789763e618e2L,0xf076e4da3fbfb9e6L,
-        0x3b7196719736bb0bL,0x0e2f898f4f343030L,0x0000000000000056L },
-      { 0xa67c36c34ce58368L,0x42fc1d6643ec3b5dL,0x2bc8c76731b19f69L,
-        0x66bb8a65b40529acL,0x2ddbd08a1bd5d8bbL,0x3358549130479ed3L,
-        0x4fe81de647ea8842L,0x9d43206628fb9086L,0x000000000000000cL } },
-    /* 58 << 189 */
-    { { 0x0ab82b7cfd9f395bL,0x6a40f5c4b4edd9d2L,0xdff6705215b2434cL,
-        0x52a16a6a7627d662L,0x42d0a2e3360868d1L,0x7bd61bc13135ddb7L,
-        0x756baf27fd0b2628L,0xc66119f396b6d910L,0x0000000000000054L },
-      { 0x1b35db2327a27e71L,0x3de3025d74802d8aL,0x1d1924ad6911cfedL,
-        0x56b50c4fc3626e7fL,0x5ae02f9e48297981L,0x92c82e544102fd01L,
-        0x0824a2f45de66a6fL,0x0e3e069689d53be8L,0x00000000000000eaL } },
-    /* 59 << 189 */
-    { { 0x31330a7b71c94713L,0x4311eeb630cbcf92L,0x6cbdc637c826f128L,
-        0x07911288df0bb278L,0x13c1197a55ca042aL,0x7058c95b521d6793L,
-        0xb4f7251008580366L,0xae2725c7fa6780eaL,0x00000000000001cdL },
-      { 0x132cefa9e24b6b80L,0xb87b576fa20cfc85L,0x596c4323e05b359dL,
-        0x2ad43ee0a8c677f6L,0xb4bdfd4283cb25e5L,0x0cb93226376be03eL,
-        0x5617ae0aeb0a9712L,0xf2a2e92048e8e273L,0x0000000000000040L } },
-    /* 60 << 189 */
-    { { 0x20be8f1deec0daffL,0x06e4f56b826d13aeL,0xa4c7e5313d4e15daL,
-        0x27dce66c40aa5d0bL,0x88778febdc9227b4L,0x64304c472cecbc95L,
-        0xd9d8f0d3d393cef4L,0x3383e2dc872b3f66L,0x00000000000001dfL },
-      { 0xe805eb457cf69310L,0x961caa7041f9dbf8L,0x3053e3c57e2d4b33L,
-        0x4b877980a63a655eL,0xc41dc07cf1836df4L,0x6d1c3b9b2634f265L,
-        0x368c4bd1062e70e4L,0x35c6e6c42b00fe78L,0x0000000000000106L } },
-    /* 61 << 189 */
-    { { 0x664ea3fa8433f73eL,0x20696c8e1e96d416L,0x8ac356ece1e2cdbfL,
-        0x104c4bd5e64270ecL,0x8f25722b0c79a50eL,0x43523e2977d6a915L,
-        0x04bc5be29f26d4d4L,0xfb4a05a84542270dL,0x00000000000000fcL },
-      { 0x908b94c28618efebL,0x99dceba2b5266591L,0xf3834ace94cf34b4L,
-        0x69e6d2cf5a56d236L,0xf4030a4f05de63ddL,0x05ffad5422571079L,
-        0xd5fff5da4cdc3814L,0xf0c143e2079d4e91L,0x00000000000000a5L } },
-    /* 62 << 189 */
-    { { 0x57f9bed894e9705aL,0xb2152f6c13e76e24L,0x35c88fe5d3293955L,
-        0x2f9eae4d5ff3839fL,0x9c81a6c705d09a9cL,0xfa25a810240d9691L,
-        0xb72c661177297890L,0x6181b2bd10c73788L,0x0000000000000101L },
-      { 0x4339f177dad59376L,0x03decffdc272fd1eL,0x0e311e8c5e1915cbL,
-        0x89e003b809e2d503L,0x4356b8d46f2fb5edL,0x459d3fe5f482888bL,
-        0x8851c7086fafe565L,0xf29b97c5da78e2b5L,0x00000000000000e3L } },
-    /* 63 << 189 */
-    { { 0xdee86d864b8e33f0L,0x2db9e320e3d4a055L,0xefdc83bc93eda388L,
-        0x8960e57a47eda00bL,0xb96aaddffff77657L,0x44b1deef8dc0dd1bL,
-        0x5a154403cb477801L,0xb14a66c5a8f3ae22L,0x0000000000000103L },
-      { 0x3acee5a7c5a696e7L,0xa833e7959e1e41b4L,0x1956f091705706c0L,
-        0x0f37ea79ba39f516L,0xecc5e91b4a48092bL,0xbf42b417f640b7abL,
-        0x2f32ddc0addbe690L,0xa136296a9903bfd6L,0x0000000000000153L } },
-    /* 64 << 189 */
-    { { 0x6287bbca1236bec1L,0xc16eabd8608e6b5cL,0x253193ef15fcd3c6L,
-        0xd4ee71c7da5fe623L,0x62531449ac806cb8L,0x9152cf1690d7e00dL,
-        0xa1e05703d20a1668L,0x6480d486bbf588daL,0x000000000000014fL },
-      { 0x37f70ab3fe2753e3L,0x562f4a46023ebdf8L,0x97358d7d89caf63aL,
-        0x387422a7ab4b1dfbL,0x80d654962c8c3421L,0x7d338b4bdb8e13cdL,
-        0xa535529dac590192L,0x39a28761a6760430L,0x00000000000000c7L } },
-    /* 0 << 196 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 196 */
-    { { 0x1e226a938f1ef579L,0x8aeebec9138fedd2L,0xa7e39d7d1ca4c4e2L,
-        0x5e53f86d49724f86L,0x9815987deb759db4L,0x538c9f700e9cd47aL,
-        0xfffc98c71a7fac87L,0x3195776e7ce980e1L,0x000000000000019fL },
-      { 0xccab7b37e33cdcbdL,0x561d18f2855619d0L,0x56aa5963818f21d0L,
-        0x1413193b571c3c5eL,0x9b30214cfd748c72L,0xef0bd8d48eadf936L,
-        0xeb6d831fd1964b92L,0x4b37d5e09bc42bebL,0x00000000000001efL } },
-    /* 2 << 196 */
-    { { 0xb854567b979551eeL,0xf97b8cab3f3f499dL,0x3e343aca603fe8e0L,
-        0x2c4167f8813abd6bL,0x6b23eed8a74bfd77L,0xf88b1cecd47dd491L,
-        0x9e613c3226b2fd87L,0xc1b1ac19fe54bd69L,0x00000000000000afL },
-      { 0x12bcafbb43b4df17L,0xbd0829247266cd9bL,0x9d1e0eb35a197805L,
-        0xf44ac91276cae6cbL,0x7d4e90e630d68179L,0x5407a9a02ad9609fL,
-        0x02cbce1c921ecca2L,0x058ab973a246d665L,0x00000000000000c9L } },
-    /* 3 << 196 */
-    { { 0xf31853c99a73eba3L,0x3fd889550e6e4613L,0x0f685bb932a3d4acL,
-        0xaeab0cd88cca35faL,0x8f65c0f7ef18d468L,0xbd45dd2509f0f948L,
-        0xfc2ea6e46ba83339L,0xf6f79e60ae6934ceL,0x0000000000000158L },
-      { 0x3d279791e60d9028L,0xc2ca4234f0c3cf4fL,0xf21ec8f085ac780aL,
-        0xc2d9b19ee6fdb32bL,0x9e2811fe0827c781L,0x42e1538749e61bdbL,
-        0x936b8e23414d6887L,0x7fe54043d7edc198L,0x000000000000008aL } },
-    /* 4 << 196 */
-    { { 0x61b51bb04bee80d7L,0x0e1f6a1f7692de69L,0x8379e46ca0ebc3bdL,
-        0x1c0bffa7930644f0L,0x97c67b87390db077L,0x095c33e1fada1ce9L,
-        0x3c500addac54b512L,0xc231d360d3118656L,0x00000000000000b0L },
-      { 0x0628929839bcab2fL,0xc0c0678064dd220aL,0x062f6084763dc2a0L,
-        0x88e9da731938c3e3L,0x69be8f2d52e46eb9L,0xe55c8d2d6a5de0fdL,
-        0xf3a3fd63db2c0e26L,0x899c6d9f1e4bff57L,0x000000000000014aL } },
-    /* 5 << 196 */
-    { { 0xef850c0a886b7b20L,0x8f635025bb9943c6L,0xb81d4c7d73ea21aeL,
-        0xcb8f069f99d3a6eeL,0x6cf775a6fa33eeb0L,0x4e222f778f96805dL,
-        0x143517aaa6141ea6L,0xe38a3c64167210c0L,0x0000000000000116L },
-      { 0x0fb62f621fc78dbbL,0x2c6410236cab326bL,0xa72ea35af1549e38L,
-        0x537f6ea3830f25ceL,0x9e079cae33eefb84L,0x38c173bab87ddbf0L,
-        0x1b4373897184af77L,0xf978084cb1868bccL,0x00000000000000aeL } },
-    /* 6 << 196 */
-    { { 0x37456b07d454e1cdL,0xca872026e651ca99L,0x66d075726a03d9a8L,
-        0xe6e9ba231d31cbaeL,0x2b720e01a80f7b13L,0xb6d7f827615f6ca5L,
-        0xf88f8cd69012b0afL,0x5024d5de7a8e112bL,0x000000000000019fL },
-      { 0x24ea6d08a8749354L,0x1143855e290612b8L,0x64cfb996e2edb77eL,
-        0xaddfbf4f77a5f775L,0xdd57f915dd64fd57L,0x89ce3192055a07d0L,
-        0x9323e3e13cd0549cL,0x7cc109cdd89fc00cL,0x00000000000000dfL } },
-    /* 7 << 196 */
-    { { 0x09dac9edf4222533L,0x241333a9fd65cf38L,0xaa15ecbaaf69f2f4L,
-        0x680cc1a0e6afa6e0L,0x581099c95f6f8c82L,0x32f948104dcae40bL,
-        0x0fad007d4ff8175cL,0x5dfd36385450471eL,0x00000000000000bbL },
-      { 0x57a1bd6b9bedad5eL,0xb187ede777139166L,0x66ab56bbd66ab437L,
-        0x8d67305e0875cc7bL,0xd1221e1d2130fbabL,0xed4482700a435b57L,
-        0xea5da47bf4089497L,0x280b2cd4e8bfb1f6L,0x0000000000000115L } },
-    /* 8 << 196 */
-    { { 0x8f33504dedb74cb1L,0x1edd5d969d2a2437L,0xb4a43aadbeced5e0L,
-        0x94faee53a6679dceL,0xda5ca04ff6d1589dL,0x4e55494935d8be40L,
-        0x3df8d236d5311f54L,0x46f9c2d24988fe68L,0x00000000000001f7L },
-      { 0x4d0d9475fb2327cdL,0x552291cef0b8faf0L,0x3e3f4a98661e3c78L,
-        0x2c452f05bda95549L,0x53276d708bb411bdL,0xfde0440e539322f3L,
-        0x02d8d55b20961bf1L,0x3c1e105518739dccL,0x000000000000017cL } },
-    /* 9 << 196 */
-    { { 0xc03f25c3c4aa5646L,0x86c63161f5058946L,0x524d9f422c02da6bL,
-        0xffd709d2d08cfc8fL,0x1e8214f8bd67d9acL,0xfdb0716ea4953705L,
-        0xcee198f0637d647cL,0x0eda33411fc50c8fL,0x000000000000014cL },
-      { 0x3771081ba26d80ecL,0xf495ac4f7ee1f2e6L,0x458ecda5cc9f8790L,
-        0xa98f84aa11d6c1d8L,0xe9d067997b694bd4L,0x510a0f753eb0c3f8L,
-        0x9747f31b40f2693dL,0xa08798275c3a8fdbL,0x000000000000014dL } },
-    /* 10 << 196 */
-    { { 0x2588c869678be8ecL,0x643c5bcd70a17049L,0xfa8ac412627e6964L,
-        0xc9e2c5e1d12b30bbL,0x6189df6fd7f8b20cL,0x7fd5df1593b30b2bL,
-        0x30176abaaa08dc30L,0x12c058c36722406aL,0x0000000000000166L },
-      { 0xf11e3160e2a9cc34L,0x839d94196b6ddfb8L,0xae2e884680035a3eL,
-        0x8bc4c61bd1f3c45bL,0x128980af18fd9ad6L,0x4210b25ee59cc085L,
-        0xab245ee01ef3a74bL,0x256fac53af76d59eL,0x00000000000000d9L } },
-    /* 11 << 196 */
-    { { 0x31509afca5f6cedaL,0x147406dd5010591cL,0xbc35c5699341d9ceL,
-        0x7ce9ace9ba35f50aL,0x19928ac5ea9234bbL,0xe036d3987fe039f4L,
-        0x920ffca4004965e5L,0xd18e5104051a7e12L,0x0000000000000040L },
-      { 0xf5630cf3a22366a1L,0x52e3ff045ca6ab82L,0x98b95576053a65e4L,
-        0x8e7f4a1b08b986a1L,0x7e4f3c04e03a5dbcL,0xca92d084a3cc2e38L,
-        0x92ebfe5fefcd06f6L,0x88f060b35a709eabL,0x00000000000000d6L } },
-    /* 12 << 196 */
-    { { 0xab2a1492a5cba744L,0x6a6a4317986c613bL,0x9c8d1d01e872357eL,
-        0xe7c3d762a1a8701eL,0xca296c88937b667fL,0xe5ddb632b105ffabL,
-        0x602efda3db9d7cfeL,0xb72b8ee5075fa1abL,0x00000000000000f7L },
-      { 0x420f01bf09297d3fL,0xe6cdd604ce02895bL,0x475de3990ec6827fL,
-        0x2a44d697d96cd553L,0x889200f98c9d9769L,0x4fa1f222a7289c6bL,
-        0x5a45ff976d4d1b4cL,0xdc9910a51e63aa2dL,0x0000000000000098L } },
-    /* 13 << 196 */
-    { { 0xb6a85b1106456038L,0xa422307cd48af4a7L,0x25c9835ce781207fL,
-        0x61e1a5ac67c18dcbL,0xe294353581f948f2L,0x427f9ac30f7fb178L,
-        0x2dc53c002e2bb161L,0xda0d1835b838b9f7L,0x0000000000000122L },
-      { 0x2e4d3e46df6800cfL,0x66910d0655d86505L,0xae5a0dd7f0d1ed6eL,
-        0x0f3f3d6a84643a02L,0xe9d03f79eecf2e38L,0x8a7c07d8ef3e2228L,
-        0xba7786af35a3f709L,0xff8997ead43da7c4L,0x0000000000000044L } },
-    /* 14 << 196 */
-    { { 0x78fbe6ecff0fdb4dL,0x4625db146786490eL,0xd296291fdba395e3L,
-        0xa6a1df669878e3c8L,0x0aa57c9655fe0afaL,0x9294f74589235066L,
-        0x6fb4692d1d24d786L,0x7fdaab78e13f2a4eL,0x00000000000000ecL },
-      { 0xced57ecbeec9bdbdL,0x5b935678813a87cbL,0xefed2811b9c45d4fL,
-        0x17b12bf552c52dd1L,0xc8f5c7e0211123faL,0x387fa7dd245804d9L,
-        0x2a42349809bc76eeL,0x5b95c590457daa36L,0x0000000000000089L } },
-    /* 15 << 196 */
-    { { 0xd2006fad8a90d8c0L,0xae1a509ab872540bL,0x774048a4ea281ecbL,
-        0xa53efead7a84cfc0L,0x5d970194332cb313L,0x4b2736352866ed7eL,
-        0xb646a148a3d68d32L,0xfaca3712cf8b5d7aL,0x000000000000011fL },
-      { 0xc726fbc2c789acf1L,0xabf5095893f6d7f4L,0x5c9b593f8791335aL,
-        0x83523e7de5e84484L,0x5dccab399f06edacL,0xcb72c6d6bc2cd75eL,
-        0x5038af212638469fL,0xfa7eba1954b0dba0L,0x0000000000000165L } },
-    /* 16 << 196 */
-    { { 0xfd0261287468e327L,0x789e8dc4ee755906L,0xea0453e480218c94L,
-        0xe263fe27088d7c56L,0x9219cee630277200L,0x293401d28ce5ad85L,
-        0x627036d3b960ebbaL,0x8be032fef92da0eaL,0x0000000000000030L },
-      { 0x7ab52e739daf8d6dL,0xd6d75d4c3f789f6cL,0xc3b7560ebfc9a31eL,
-        0x87b7f183d7db7ad5L,0x0f60a2db9c213425L,0xc2e67c9452c58981L,
-        0x001cf3e81b6d0b43L,0x31efa39b78235b3fL,0x00000000000000ceL } },
-    /* 17 << 196 */
-    { { 0x82dcc474b926527eL,0xb05d073fc3255b46L,0x3a5d46c0a94534d5L,
-        0x90e7d00664949c9cL,0xe4de4002925753d1L,0x68653da277145588L,
-        0x8161ee0fb6d85753L,0xa76d05fcda37d8b8L,0x0000000000000030L },
-      { 0xf0baeebad0cbedc4L,0x6aee7715d6cb0047L,0x9d0952da03cdda9dL,
-        0xd90557e55fc2f41bL,0xe30c3f5a68e8a4deL,0x2393e17cc79fca8bL,
-        0xb11077041c6c604eL,0x6bc9e1e163858b47L,0x00000000000001ddL } },
-    /* 18 << 196 */
-    { { 0xa27480914603ef03L,0x3f533f5d3c01915dL,0xfbafdfb8da43a354L,
-        0x730d876e3f58afaeL,0x72a24af75e4a20cbL,0xcfb685270e8ac725L,
-        0x98dfcd5a0ac3e4cfL,0x24183e26023324feL,0x0000000000000033L },
-      { 0x47f328728f9a1a5bL,0x24813af407534a66L,0x928fbfd422744d19L,
-        0x4f40a8ad4dc1aabfL,0xe39d2cf81946d1feL,0xf5ff40ea1ad5eb5fL,
-        0x84e96cb1cc4f45c9L,0xb35d04bd39761faaL,0x0000000000000045L } },
-    /* 19 << 196 */
-    { { 0x0bd7313310603fe6L,0xb1b275b4ef3295dcL,0x1c6cf47747c52883L,
-        0x950000c5904cba77L,0x36086feec437482dL,0xd59c1b42b7e63ab4L,
-        0x66106e22b1b9479aL,0xd0f2f68620df7528L,0x0000000000000180L },
-      { 0xacb366106e9a8384L,0x7db709202b9b5667L,0x4a1fb3fe1f19a121L,
-        0xe5e0295f9e62333fL,0x827ae3f70cc830aeL,0x4546f4aa82d17628L,
-        0xbc357b50afdcfe1fL,0xd5287e6e8ed152d5L,0x00000000000000afL } },
-    /* 20 << 196 */
-    { { 0x829ed3209592cb28L,0x86b85a02f9bfea7cL,0x895d6cf2a22a9de0L,
-        0x9cabe2bcbfd6d129L,0xb1c051eb4a792e52L,0x6684d6d90fbf1905L,
-        0x77f1483ccb09e7cfL,0x8e04529b9e4cc9deL,0x0000000000000103L },
-      { 0xb4e2ff1ee3817349L,0x5486debd159eed89L,0xd58f04d8f1b7cfbcL,
-        0x825120be1fd7a7f8L,0x3db1a0c20fb0d63dL,0xda92a7911ca49429L,
-        0x21772918dadc1761L,0xff883825e3d1c3daL,0x0000000000000151L } },
-    /* 21 << 196 */
-    { { 0x6e8d3a7747c54a44L,0x2fbbee944c70d069L,0x3b0b5d7dcfce5abdL,
-        0xa1588de81dd88c6fL,0x8bea3b2f3970b25aL,0x9b57781fc0211a66L,
-        0x41559a91a0f70d7eL,0xac02eea95d7a7d8aL,0x00000000000000feL },
-      { 0x7fdaae745ec7c1d1L,0x21301b2354323760L,0xa5575e5b951e014cL,
-        0xf6ddf2aea1689a42L,0x9f9b01adda3ec528L,0x21dfb4c20341571eL,
-        0x9f2734abcda1a75dL,0x794ad1e16d2418bfL,0x00000000000001c4L } },
-    /* 22 << 196 */
-    { { 0x2b0a6d8949380b2bL,0xb6be08f3d53dda84L,0xf12421a02bc75f54L,
-        0xc6aa94691172bc8bL,0x9ae6f245bc269c6fL,0xea55b4def0069449L,
-        0x2efdfe343235c756L,0x48d89a45a7f9471aL,0x0000000000000006L },
-      { 0x6aac03fd019f94c8L,0x6cc17e953487dcb4L,0xd3be9f21dac7ae3cL,
-        0x85c706c50cfe0d60L,0x15cdd8e82e74e362L,0x043cda214f1829b3L,
-        0xaff541f04b50619fL,0x27f7440b29562dcbL,0x00000000000000aaL } },
-    /* 23 << 196 */
-    { { 0xcee0dd4d2d4aff98L,0x8cd8c37c025d56dbL,0x2855e53f95b39565L,
-        0xfd72a2f7a7cba4d4L,0xc36a463b8758cef7L,0xaacda7d98488a435L,
-        0xb77cbe7dbdca5af5L,0x019c571e46e70a6cL,0x000000000000008eL },
-      { 0x37e15e7801d4a3a0L,0x5ff7813ccd35c388L,0xcfea3bf2ac8378caL,
-        0xf8b1ecb62e32328bL,0x2930b5ffe4c83cf2L,0x489f0f1ad6f765cfL,
-        0xc8be93137d7c2d1bL,0x3ee2ba463c16e2c5L,0x0000000000000084L } },
-    /* 24 << 196 */
-    { { 0xbbcf2dcf3deb0321L,0x999e365320b9a035L,0x80ef540546c0470eL,
-        0xe80ed2ab9934bc72L,0x512c5cb9f684a11dL,0x3d5b66118185f3a7L,
-        0xdf159ef4885ea75dL,0xa3ea9b394ed4cf9fL,0x000000000000013eL },
-      { 0x7b66126b8c20b4d1L,0xc4ed6bc1544ac0e0L,0x279f02aab2923004L,
-        0x0b40e88bf0747e04L,0x05c9e6d27312dc2cL,0x6294972e1b7860ceL,
-        0x14a57cd533881463L,0x8b82ededa1248b49L,0x0000000000000185L } },
-    /* 25 << 196 */
-    { { 0xd7d62aa27fb8b741L,0xcc49ebaa22c2ceb0L,0xb7bfb7a6d783b548L,
-        0x38bc7436ce389959L,0x8b0f8386da43e59fL,0xdfc845523c0eb486L,
-        0x45ec3ccb01814a76L,0xe962b5073a441d4eL,0x000000000000017dL },
-      { 0x2b9bf5d3e7daa36aL,0xf3db2ff2de01078dL,0x8329d82a2f10cb32L,
-        0x8a933f560a0240efL,0xb05ac0fcf0ab8458L,0xdc32a5492dd7cd0aL,
-        0xa53ce7ea66018a68L,0x8d453dece96184f0L,0x0000000000000017L } },
-    /* 26 << 196 */
-    { { 0xfd28fd2f06a1b72fL,0x54d721eb28ab431eL,0x131944e6449a31ceL,
-        0xcee896aaf743b99cL,0x5a22f9b61f309b87L,0x52595371d6f002c9L,
-        0xec1119fd2f9c5506L,0x685f82c7228d2e82L,0x00000000000000d2L },
-      { 0xee614493cbf1b3bbL,0x44d7be7af3861222L,0x4b01c72974a0b60fL,
-        0x8272691f411bef96L,0x276d9a53b6a0abc9L,0xec66bc5e0495166aL,
-        0x0c3802fb8127af16L,0xe1d8c99ccfd1e4a4L,0x0000000000000021L } },
-    /* 27 << 196 */
-    { { 0x4fe4d6cc0345e12eL,0xfc55a162bd0ba258L,0xf5945aba4fa7fa6fL,
-        0xef5b2f368a815568L,0x345ed8ff6f8d1f91L,0x57a9ecae13e62497L,
-        0x121b4b4054ea607cL,0x2e33b7eddc577373L,0x000000000000015bL },
-      { 0x69b188f030164779L,0x5a5c8bf1b5595d69L,0xa5ddf2d33c99af05L,
-        0x5421f999e5f631a2L,0x75741d7fc9767800L,0x9f3f1a7c1e91e805L,
-        0xed1f12ac428cde8aL,0x0cbc29b61258e75fL,0x0000000000000179L } },
-    /* 28 << 196 */
-    { { 0xdb0b25781169daafL,0x6136642d2a9d17caL,0xfa6bc4e8f72df335L,
-        0x1778a4c225b9ed79L,0xb633fd4f4310dbcdL,0x4b13b4faafd58778L,
-        0x4522514b00e07b54L,0x559f9ab9e477fe71L,0x000000000000011eL },
-      { 0x5c8d43b07ddf0054L,0xa53226de46f8cac6L,0x065c1269f2f221b0L,
-        0x9cafcd4a9956f22cL,0x982ac10bc519cd6bL,0x15318af6799774cdL,
-        0xe71307981ac986c1L,0x73d702b5045f1c18L,0x00000000000001e3L } },
-    /* 29 << 196 */
-    { { 0x8eadf42faf4686cdL,0x1d08e2137ab97161L,0x0f210dfa3f500b83L,
-        0xf1b2e0861ce61acbL,0x7eaede2891fd68dcL,0x895d7935745fb13dL,
-        0xe01b00823880eb43L,0x6f6f1e0287e35884L,0x00000000000000a3L },
-      { 0x54e32082e6dbaf6cL,0xe7a3aaddfb20f209L,0x9a0378062a9ec5d4L,
-        0x03e8f27aac9a81a8L,0x2a98abdec88a9bc4L,0x71ef89d99dc10283L,
-        0x4f0489fad411c02dL,0xff054fe1b63afa4dL,0x000000000000002aL } },
-    /* 30 << 196 */
-    { { 0x5c9de5a4256a761eL,0x683f423188f0d612L,0x2a78b4b8280c04f5L,
-        0x57b2bf75e3f6518bL,0x477eea36ca8677f5L,0x71035e47b0bb0034L,
-        0xc12117e2aff585d4L,0xfc2faeca0c076757L,0x00000000000001cbL },
-      { 0xeaf9bdfa3be3d035L,0x8d68f8ccf1ff65dcL,0xf293f7cad465c674L,
-        0x89ba6110617b8082L,0xe20a69b05a81151cL,0x6846f5bf5cdee0ceL,
-        0xc152ffdd86d5304aL,0x0b309e4ff1a6e86dL,0x00000000000001c5L } },
-    /* 31 << 196 */
-    { { 0xd0483c82a8530876L,0x63098f1b0e175f10L,0x3f2b2af973cc5d1bL,
-        0x1e1a0147e2868b4bL,0x2c156d2e0a5b21d5L,0x58954ed044ca50d6L,
-        0x66c0fee44271ccf5L,0x4671b5ead83255c9L,0x0000000000000072L },
-      { 0xc96b825264cc2271L,0x79bf4ed687d0b7d3L,0x90aa275e308f708aL,
-        0x556639c530812a17L,0x926fb02487645ec9L,0xec979253102ed54aL,
-        0x5317b9e51478db12L,0xbd141acf0110f601L,0x0000000000000171L } },
-    /* 32 << 196 */
-    { { 0x04e8dc9fbcb97cccL,0x4652847e88086fbaL,0xe5ec071965411266L,
-        0xaf72b4a169e1c843L,0x48e75c318161e951L,0xab6457928a39806bL,
-        0x3fa10b38a2a97512L,0xba9e2ee7fc3a693aL,0x00000000000000ffL },
-      { 0x3b96e7c33b70d15fL,0x87c3f3dd4ae9e52cL,0xa256e7e864ecc9f1L,
-        0x541d8b6d07c90736L,0x2367141f6c2b4160L,0xe32aa363cab770f3L,
-        0x51e2c83261282e7eL,0x194b06a2f3fa7817L,0x00000000000001c1L } },
-    /* 33 << 196 */
-    { { 0xe8a62c0de1d32dbfL,0xf1f616421cdaf3eaL,0x70881e0fbf70d93dL,
-        0xf031d4ea8bca2111L,0xa19a22ea7037de31L,0x37018144040b9b64L,
-        0x6890d852d77984a3L,0xe460fa7552eda9feL,0x0000000000000105L },
-      { 0x6446173460a056fcL,0x708f17630b561251L,0x8e32715ffab9f6f8L,
-        0x562046fb8987e3bcL,0x6fe352a8e555a225L,0x9a1db7632433a38fL,
-        0x81887733cbb91ebfL,0xeff8a2c627793c77L,0x00000000000000e9L } },
-    /* 34 << 196 */
-    { { 0x3ca6f47973e4c097L,0x6ff9fa2ae38e7294L,0x1289d5bc9ea599abL,
-        0xf2a37ae7a8928130L,0x50f2f989f1a6c895L,0x8757f302d7d6cbbeL,
-        0x4196104d4e40f53fL,0xebbe471fbd519cf2L,0x0000000000000107L },
-      { 0x2ffa710db24b0064L,0x02cddcf4aee5996eL,0xe16b2968e5d23a32L,
-        0xe5c9be9072f414d2L,0x8a5c1db065de7f6fL,0x2130bd6b0ccef750L,
-        0xdd3df13f4f42f281L,0xc13fe304695f4b82L,0x0000000000000084L } },
-    /* 35 << 196 */
-    { { 0x93e7f4ec605cbaa3L,0xae4407b383e3f52bL,0xa2097b0241a92aa1L,
-        0x9e7466e3deb06bacL,0xf8f92193bd45255dL,0x8b5f880087cc518dL,
-        0x3f49ebef9ff8b60fL,0xde7fa84a2963894eL,0x00000000000001bfL },
-      { 0xb50f8ad28a71215eL,0x458e00b689d5ea0eL,0xd7713a988a12ca3eL,
-        0x3a87bb016251a8ffL,0x9628caabf1b37745L,0x33b4c2ffd0d6c193L,
-        0xc3ce2cd7168ba8e8L,0xcf2c2dd14078fec2L,0x0000000000000147L } },
-    /* 36 << 196 */
-    { { 0x8bf7c9c33cf23534L,0x5653e5d9a1868c02L,0xbfec2eeac365617bL,
-        0x2b6f61f1ecc8298dL,0x40396d9f1a169a31L,0x42eb3d8659bd4b25L,
-        0xa1b8cc7d241065d7L,0xa6e89c216fc1ace9L,0x00000000000000e7L },
-      { 0x10d6248e72bd3d50L,0x1a6446b3c4671f34L,0x6734a9f04bfde2edL,
-        0x84afb994938bdf38L,0xa122be493fee450aL,0x9b83520e500ee214L,
-        0x11982bd9dd8ad22dL,0x3bd3f748c9839b36L,0x00000000000001baL } },
-    /* 37 << 196 */
-    { { 0x621af6617e7b439cL,0xd6e8e2b815afe413L,0x97c6b17c7b245ddcL,
-        0x289e61717feb0b73L,0x98505d821c5e51f0L,0x33cb22cd631d3314L,
-        0x723a81a5e1e6b48cL,0x8e32d81164218c3eL,0x000000000000014dL },
-      { 0xf98fef26fdc0e56dL,0x0e9cba0ad776149fL,0x896f5700cc8b41d0L,
-        0xc2361bf783699489L,0xad6795f43e5d1c59L,0x717681b64d2c7cfaL,
-        0x5fe3591eeb9a970eL,0x47c95b0d8350b6e6L,0x0000000000000184L } },
-    /* 38 << 196 */
-    { { 0xbf0616bd5ddc2698L,0x765ac3d4be906553L,0x1f75a167f5494395L,
-        0xf81d9ad94284513fL,0x9d6e5bdc7d63f117L,0x64311ef80dd9a72fL,
-        0x1e03cb88a093fd4cL,0xc044f4baf45dac7aL,0x000000000000004dL },
-      { 0x01c2507bcd22efaaL,0x62a24322e919f292L,0xb1b116e684c75e56L,
-        0x8ec19402f1471232L,0x4b206e3ba7712367L,0x91ef56c2038e4419L,
-        0x9facfa3e5ab207beL,0x4fdd07bc11203cd6L,0x0000000000000106L } },
-    /* 39 << 196 */
-    { { 0x4d0117ffbfec68f5L,0x4cd18a0033d8d3c4L,0x3d63af1e96480162L,
-        0x8b2bf467fa9ff1b7L,0x74b4ad4943c77644L,0x35725c2f089a359eL,
-        0x639a66f4df226886L,0x50b29f65fedcac88L,0x0000000000000018L },
-      { 0x0afc4f29bd92ab9fL,0xbad68d8a47163560L,0x1ffa046d37e10fbcL,
-        0x2b49d323ec249cbeL,0xac325052aec86c45L,0x3a7519254b6a83a5L,
-        0x22ede30b2f277217L,0x8f88e2e854d41982L,0x00000000000001dcL } },
-    /* 40 << 196 */
-    { { 0x7278584f6efe90ecL,0xffe6da80c2971903L,0xd05ae9ff0e5b498cL,
-        0xef414b291a1027b3L,0x2f651f532ca82e24L,0x2f0da56297e1b677L,
-        0x7e984b0792315558L,0x30f1b1f81c3e6b0eL,0x0000000000000183L },
-      { 0x273edf2427a65a6cL,0x6ff4b6fa7b16c778L,0xfedb4e3731fb5dfeL,
-        0x181e43b8cf9d4e15L,0xd60dc117191c9415L,0x9daa6f3583e150ccL,
-        0xeff60ac45cf670adL,0xa75fc519da594d74L,0x000000000000005dL } },
-    /* 41 << 196 */
-    { { 0xe20b5aec250f9de7L,0x1aae76fb3fab5e0aL,0x0becc02b33318cb6L,
-        0x3238d3a763f85fb8L,0x32b6b02f81279952L,0xfbd0321d4463d8dcL,
-        0xbcf5583706ba9c4fL,0x215737ab3e66a0d2L,0x0000000000000047L },
-      { 0x0630af2f21485b77L,0x98d384749422760fL,0xd5ad435706253457L,
-        0x3d72489a60164b41L,0x1eceddf2318658e2L,0xc01ea9d766ad11e8L,
-        0x85381580468ad1daL,0x6fbf66bb215835b0L,0x0000000000000000L } },
-    /* 42 << 196 */
-    { { 0x89733251bc6e092dL,0xceb697d37f36c9faL,0xcdd80fe333cded69L,
-        0x4e1dacdcad9308baL,0xa2ffd125033c2941L,0xe8d009e6974bb3ccL,
-        0xd72c5fa93368b9c9L,0x8d7ed4ff5a1331c7L,0x0000000000000189L },
-      { 0x4813b528e8edc388L,0xdc17a243e0c0af22L,0xf1bd51fa74495d32L,
-        0xec53b061b286aa96L,0xa6abdf9619068cc1L,0x820646d9e4207cdcL,
-        0xf74a8d2d1bcfa5c3L,0x8633342d5f097f9bL,0x0000000000000078L } },
-    /* 43 << 196 */
-    { { 0x0c95ca695ac18348L,0xf75ca2fa5b052634L,0x28d4424b71bf0289L,
-        0x0d40063f31653756L,0xc814832deb0bcc02L,0x0158f9995e70861fL,
-        0x05d5a762936ad90aL,0x434a7f74a144b3f8L,0x00000000000000dfL },
-      { 0x6ffd78fee3f669f4L,0xe16f72d982c47401L,0xe6e5963f36c8f97aL,
-        0x05c42226cf7de123L,0xd4101edcb94ee7c6L,0x6b3e2b62daa047a6L,
-        0x4d55db3b99607484L,0x70960806e3c0818bL,0x0000000000000055L } },
-    /* 44 << 196 */
-    { { 0x0c19aae6b0dcfc0fL,0x9e0eb373c5c3aae8L,0xc161fd1c4a50f55cL,
-        0x1ee02a2b9e0697e0L,0xd57f6a602ee4267bL,0x5d336ac44a0ddf2dL,
-        0xe695c75e6e4a7d7fL,0xa79a0ff3fb055923L,0x00000000000001d1L },
-      { 0x2e7ea0098188fce2L,0x81ef9870c12184a3L,0x4e03c68fb1e88e83L,
-        0x3b5ebc5d7e85694dL,0x436f1044bbcd787fL,0x56c1bc0d2d3e5789L,
-        0x23c6542d6fe9f054L,0x8a1bf0c65ffd53ecL,0x0000000000000162L } },
-    /* 45 << 196 */
-    { { 0xee9e0619502108a8L,0x4f1b33366a1062e3L,0xfe009ec650a122d9L,
-        0x2d8fcb69c9e48f99L,0x808241ac63c706c2L,0xc91225fdb524a19dL,
-        0x4a8e5dcc9ec80451L,0xa03ef54586005457L,0x000000000000015eL },
-      { 0xac3efcae7fd50c83L,0x7e0b922f431aa19dL,0xa715c2def3d56a91L,
-        0xc92deab66be3d952L,0x1c388d660db1584fL,0x65d59dea3102a4c9L,
-        0xaa23da841d251b83L,0x12234fba7c16c390L,0x00000000000000d7L } },
-    /* 46 << 196 */
-    { { 0x908fc9cd1bcbb1ccL,0x1c8e79c605c7336aL,0x3be79537e9943726L,
-        0x50fbdd811d9cea24L,0x0bfab19d8c2c7fbdL,0xc5549a0ad1ce3a2fL,
-        0x9b9d925f8cd9652dL,0x9897484a739e0cd3L,0x000000000000007dL },
-      { 0x393991e454df8672L,0x3182ec23505c2450L,0x1a6d66342e010ffdL,
-        0x4862c7f13a3a0457L,0x04128c4709ce1141L,0x7665a44691ecac9eL,
-        0x4d35845d698e56a2L,0x2bd11b9c63edd2e5L,0x0000000000000069L } },
-    /* 47 << 196 */
-    { { 0xf005c9a8b9a2702cL,0x810498cf2c1e6de2L,0x6befe7b4e18f6d56L,
-        0xc6589cf794b8d39fL,0xbf8d443c00cbf65bL,0xc7c9879f45df1b9eL,
-        0xccc79b076de50858L,0x929bea822826a4e0L,0x000000000000010dL },
-      { 0xb296b3eca13db6f7L,0x7e5d7795faf5b85dL,0x2ff9b0b266854f2bL,
-        0xc25523050a9a844bL,0xbe3c89f03882805eL,0xa9cf3ecf3b332aa9L,
-        0xbe5ed1a69fad543cL,0x0f7d29f52bec4b80L,0x00000000000001e3L } },
-    /* 48 << 196 */
-    { { 0x22d8c3c4d2a1f241L,0xcb6055158ed2c14bL,0xbd634a2e2939f855L,
-        0x30b2b6b91e9519b4L,0x19911c0008a31d22L,0x60b0713b979cd33cL,
-        0xf41a8abdb94f9b61L,0x3f2d8c91ef72cf1eL,0x00000000000001b4L },
-      { 0xf0acf9b3d78b56eeL,0x12112d24e915a265L,0xa18c93adc1d7025fL,
-        0x279a4db82e652107L,0xbca73ad02bffb5daL,0x2cdfeee4e2d168eeL,
-        0x6d83a77f5a4aca12L,0xc203514b1d22e8f4L,0x00000000000000f8L } },
-    /* 49 << 196 */
-    { { 0x91055288c64e6ec6L,0x8c16e01acd04e9b3L,0x4036627a86571434L,
-        0x881ed57082957000L,0x310c958bfa5d4e68L,0x06baf7e9bb2d87a9L,
-        0x4fe3ea057c2f0a2bL,0x38bb26bfe948412eL,0x000000000000007dL },
-      { 0x66b2c752f3e37ae3L,0x0dd0ff8df7224205L,0xf90ce316e12378caL,
-        0x6491f235c3d6855bL,0x4fb4f58faf02496fL,0xde97dddce1cb8cd6L,
-        0xd92c7227fa3d595fL,0x9f6b1ce8fceea6b4L,0x0000000000000180L } },
-    /* 50 << 196 */
-    { { 0xbd22be71b0de2450L,0x2e3f91b14c3a57a3L,0xa977e3772a4ffb4aL,
-        0xdbf6fffe5aa5cd91L,0xbc48435eee1e3920L,0xa563e4307d378540L,
-        0x62f6de0dfb41e34cL,0x8011c6cce38ee8efL,0x00000000000001baL },
-      { 0x005b98bcd74a67ceL,0x8befdb54ccb7e590L,0x9f161fae5663c8aeL,
-        0x3693d9d550eb0d37L,0xafb1e38ebf1d75d3L,0x087fcc9c5153565fL,
-        0xf43377b8105862c2L,0xeb84439f6dec3a5fL,0x00000000000001dcL } },
-    /* 51 << 196 */
-    { { 0xcde6dee7eca8f051L,0xe3f3cf361cc4d62eL,0x25ff2aa03b1c36b8L,
-        0x6e72443eafdc5613L,0xf893f5ecb9772bc5L,0x38371f1262192ac7L,
-        0x9c1813baf309d94fL,0xb449174edc9a7a48L,0x0000000000000111L },
-      { 0x3b0e446d09c82a82L,0x6f50ae7c89493d60L,0xf1903236a6080476L,
-        0x5e3827be27267e80L,0xc24b7fe32bc49a51L,0x616056db7c842855L,
-        0x97ba566f1e70d7b8L,0x4dc726365a13ac33L,0x00000000000000d0L } },
-    /* 52 << 196 */
-    { { 0xf4f43b19e0e59b2cL,0xc6e2be38afeb7cdfL,0xae8a39acc29cebd1L,
-        0x6efba10c45c2e785L,0xf8e52a9ab2641116L,0x40c2f2414196bec3L,
-        0x60a7d1e4b1d839e0L,0x5d7d06d259f62c00L,0x0000000000000130L },
-      { 0xea760695ac9c3c53L,0x5986bea02581f9d6L,0x59308ce3cfc0fd55L,
-        0xea705a6119235af9L,0x443894840718acaeL,0x836bf3f6328cc902L,
-        0x235deb73230f3339L,0x8e0c21f18ee4baf2L,0x0000000000000164L } },
-    /* 53 << 196 */
-    { { 0xe926ef80c0a99509L,0xed1649689ccfc4f2L,0xe99b4885e39ff73fL,
-        0x8ccce32809d0e1beL,0x805d18ad17806543L,0x10726fcfd6d2a9a6L,
-        0x0e3467645de89209L,0x9b900651642b18f4L,0x0000000000000027L },
-      { 0x2b74d221bc1b36e9L,0x7e989f8c6caed8c8L,0x1e25efb759d92e98L,
-        0xc6de531b1b5c7709L,0x26e58ed46b64af05L,0xd86e96d549e9e433L,
-        0x4fecebf92c240df5L,0xe0d4dbf983308bfeL,0x00000000000000b9L } },
-    /* 54 << 196 */
-    { { 0x0e30bb6868a51131L,0x0989155b462c88c1L,0x548c6c52d03cae33L,
-        0xbc452d0ffe58d840L,0x24200a5335a13957L,0xa601a8497546a30fL,
-        0xe5d9c7e607f23c63L,0xfc71ce9d10a1c525L,0x0000000000000015L },
-      { 0xf6a1299a1fe5ca30L,0x2f81c374ea5824d5L,0xe644122857981dceL,
-        0x3df02523b1a2de8fL,0x54e40ac804cc4237L,0xa3055eea7bd400d9L,
-        0x48872d662187a56fL,0xa69e9dee884aac47L,0x0000000000000181L } },
-    /* 55 << 196 */
-    { { 0x75eefbfc42f8fcbdL,0x07eb8d597ba7414aL,0x84cd31bc2c8f2b79L,
-        0x4d26c915d04becaeL,0x36868d1c210fb6c8L,0x6cfccace72f79b53L,
-        0x3cdf02781ebdbe12L,0xdb4a114286fc40ddL,0x000000000000000bL },
-      { 0x73f66dd28db9ed5fL,0x889959a887f6b0c7L,0x6704c74140878e48L,
-        0x1090b3d446b6c3a1L,0xd7b7aca178e5c4b1L,0x2d612e96ad1a5598L,
-        0xca5da9eb614b70ebL,0x9ca5c48a854622e0L,0x0000000000000031L } },
-    /* 56 << 196 */
-    { { 0xd20ea6d6f77ed05eL,0x4ba76f5ad4eba7fcL,0xb8f202d214b757d4L,
-        0x4c9fe411a5fa5280L,0xf6e25d132839f868L,0x13ea010ba1cad300L,
-        0x480c268bf85ea22fL,0x4d0cf6672072c1bbL,0x0000000000000023L },
-      { 0xf1e5e5230b6bb224L,0x0d56223d8d239295L,0x3682808df54c3f69L,
-        0x0c17e3ca1e59cb8cL,0x7d756e19ec2f17dbL,0xd836652462e7664dL,
-        0x3768cbff8ac12886L,0x5e741a688c3d34f5L,0x0000000000000020L } },
-    /* 57 << 196 */
-    { { 0xc54fe29871847964L,0x8280a8fcfdf1f5dbL,0xd6a0534af822e863L,
-        0xdc9d3cf826386f9dL,0x9bc6b98e0407ff49L,0x017784bd80755fe7L,
-        0x213c81559a977a8fL,0x8dd3801d4e65da56L,0x00000000000001bcL },
-      { 0xef919759c03c33b2L,0x75233bef62d3430bL,0x3f1cfea4e4cc6a49L,
-        0x38ab926464e971bcL,0x423b0ed9d5eb0c22L,0x6624a340b79c6d63L,
-        0xd6b3fce896fa51f4L,0xadd1d8b35d609eceL,0x0000000000000070L } },
-    /* 58 << 196 */
-    { { 0x35045126ad9eda52L,0xc2ea75df374dd433L,0x487538ab0373e6c3L,
-        0x33614263e0eee811L,0xc58358ea57c10df4L,0x32dc5cc35073a6c4L,
-        0xb045e46a13446f08L,0xa5732ad5b66c0656L,0x00000000000001baL },
-      { 0x7a153e655b0966fcL,0xb603017fb8c3c1afL,0x1a39c8dba067a681L,
-        0x3033a65440667020L,0xd7801a9db73a160fL,0xac1ee568789ccc50L,
-        0x554288945893ec7cL,0x384002a000eda7e3L,0x00000000000001e0L } },
-    /* 59 << 196 */
-    { { 0xe8b72ba4767216dfL,0x2bd7cc62233437c1L,0x2ec3866c25595c2bL,
-        0xad8e4cadcb1171acL,0xb3013d8151bd5ac4L,0x6b5abdd61b508534L,
-        0xb4cc2718d3050696L,0x6b986ac7816e843cL,0x00000000000000cdL },
-      { 0x674cf9e1a395c9f7L,0xba207b7ba99d5579L,0xb88e686fa1933b93L,
-        0x12c6706d9df81c4fL,0x15e65e3946b23f93L,0xf35458c73fc0f44aL,
-        0xf1e31de2002e545fL,0x4af49917e9f03de5L,0x00000000000001caL } },
-    /* 60 << 196 */
-    { { 0x9dbe2571dddb531aL,0xcb512e4c394ebff0L,0x4b63c8a4a8d37bdeL,
-        0x97beaa21bdb7f8f0L,0xf200e1e9b0a7a3f0L,0xdb7fe7da3a46a4e8L,
-        0xa180445dad11a863L,0x74cf8239b2a4b922L,0x0000000000000108L },
-      { 0x427c0b0eb74b8368L,0x55c6a2ea42e1ee50L,0xcecb56d06ee5f819L,
-        0xdd52e9cef6d2ec2dL,0x1c990f3f9331556cL,0x9178c5a82f80fd9fL,
-        0x75d32ffded631398L,0x0cedb14b019fba96L,0x000000000000012aL } },
-    /* 61 << 196 */
-    { { 0x69faed89822a012eL,0x53c0271bc1ad8f52L,0xee0d31f1937d338bL,
-        0xa06b3a494041a239L,0x8b63fb07702f6ba9L,0x41d5178398b69014L,
-        0x8486c40b544bbcb0L,0xcf2a64640917e881L,0x00000000000000ceL },
-      { 0xeadcae05e83b1cf0L,0xc225b14edd855ea5L,0x1ea3000a0373f195L,
-        0x28e08aa0bef5f415L,0x323f250c04f8b333L,0x5c2790bc8c761109L,
-        0x49334e096d0e9ebcL,0xf82c8cd830e0fcafL,0x000000000000010bL } },
-    /* 62 << 196 */
-    { { 0x4c1a21f51222a135L,0x7ffc7eb85e187c31L,0x2b6d847fe1fe189aL,
-        0x19dfc0372d394d0bL,0x55dc23a056e7e285L,0xeadb01c77fb7a5c1L,
-        0x885f8312bd11402fL,0x7bb2f26fff2843e4L,0x0000000000000137L },
-      { 0x4be6d277183e33d9L,0xdb4a534c64233c38L,0xf6cb271db58af85bL,
-        0x41e0e7e5e334d256L,0xc91e2cea2d50cf26L,0x7819aed35fda0020L,
-        0xe8f81026c0a98fb6L,0x109243793a618687L,0x000000000000009aL } },
-    /* 63 << 196 */
-    { { 0xac831cc6dd08552fL,0x749fb06f21e38f55L,0xffe1fa0503348862L,
-        0x8181db69c8c3e026L,0x1404819e3dd3daddL,0xb065c5a303749cdaL,
-        0x9f2ff76605fdc4e1L,0x6c73b8ccf67793efL,0x0000000000000080L },
-      { 0x807f0dcbc1f25aa0L,0xa38b959a84dfac44L,0xa112f1c8427a1fa8L,
-        0x8bbe3c9dca7866e4L,0x67777e1960dbae5aL,0x323e9a90a9f6aa43L,
-        0x693abeca12ab7028L,0x262a90dad5667809L,0x0000000000000053L } },
-    /* 64 << 196 */
-    { { 0xad8f0fe4c4e24c8dL,0x81cf16fdd1eaa52dL,0x710a08a7d68864caL,
-        0x8e736c0e7539de5fL,0xca6583377f67341cL,0x63892b7d900b74b6L,
-        0x5d1d91db6e9be886L,0xa4da95649633a600L,0x000000000000019bL },
-      { 0xcdae7a975c319d97L,0x873b4f53d0316874L,0x7ac186845c213ab4L,
-        0x4f0b5ae2ae9109c5L,0x1934b7ed7a661690L,0x0f98acd90707b518L,
-        0x12f07c5534017e00L,0xe9b121a16ce4ad49L,0x000000000000015eL } },
-    /* 0 << 203 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 203 */
-    { { 0xf4d3bcb3e588a775L,0x63161619365983c7L,0xba7334ad66782f6cL,
-        0x1f14dedb8783d25aL,0xff6fe73c50c67fe1L,0x711ddfe3f79a86a3L,
-        0x7cbd7f3a027d18eeL,0x7f63d331c4ecd52aL,0x00000000000000d7L },
-      { 0xf463a32bcb49037bL,0x66e4ce3de7c35c02L,0x1d175313116e0d6bL,
-        0x3bcfa6722d307ee9L,0xc6f9bcdc7c79261dL,0x79bb33dc994649cfL,
-        0xb491b05f6d4ee55cL,0x4bd0668e1e6846bfL,0x00000000000000ffL } },
-    /* 2 << 203 */
-    { { 0xe7bfc99fbdec6efbL,0x2bd3d26b67326c7bL,0x23f041ff594c614eL,
-        0x5a778c67ec9b4420L,0x75b5618b30eaa444L,0xf8e2bb92ae6d50a4L,
-        0x7278c60b1fdeb6f0L,0x5b8471dd97c654ccL,0x0000000000000139L },
-      { 0x115a81123e959ca8L,0x13dc4aa38bed7eeeL,0x02340f86ef94c5fdL,
-        0x519293a499a5d5ccL,0x09573381294349a0L,0xdefe063fda33b39fL,
-        0x6a18640aa382a806L,0xb3e25fdbd227a86fL,0x00000000000000d3L } },
-    /* 3 << 203 */
-    { { 0x64018be514712d81L,0x5fafa8b67cdf8720L,0xd92dbefac4676cc7L,
-        0x81b9d5d13ff37dbaL,0x2ecd7dde297a8d41L,0xc893b59f1f558676L,
-        0x5d8d83ce75659922L,0xe1dc82f90559beacL,0x00000000000001bfL },
-      { 0xa3cc74ebdce6c952L,0xa76fdacac95505acL,0x67ab4bddbfa02be6L,
-        0x2a24dae8df7d00e4L,0xf82d0a5af2523788L,0x0b3db8532f8ffc37L,
-        0x65ee0920549e630cL,0xb682bfc6e02b93afL,0x00000000000001ceL } },
-    /* 4 << 203 */
-    { { 0xe3169760d3a4d912L,0x5568005c7ba3a1a6L,0xb469884dd7e7b5d5L,
-        0x6be70c098cecec62L,0x6300a32fc5d6363dL,0xc2fd66e44db63578L,
-        0xa131ea2135ae7bebL,0xa82fd7fbd31a6f2fL,0x00000000000000daL },
-      { 0x1280d69100deb4b3L,0x72865157a4ea0abeL,0xc87881678934a09bL,
-        0x5733cc11a70dd871L,0x139e88760ffc8eb0L,0x8e9436e30d958521L,
-        0x06d1a845b3059f58L,0x3c220ab3a81354f6L,0x000000000000000bL } },
-    /* 5 << 203 */
-    { { 0xadb4a7d18cd7b861L,0xa73ebcba1bf42950L,0xd952d5552c86dad2L,
-        0xe3f82d13b988894aL,0xc389b7497ad6f062L,0xef0ed10973ec36d6L,
-        0xecd5d73dcdd4431aL,0x006edb8d828f55e5L,0x0000000000000144L },
-      { 0xf19bb0ce05a40d99L,0x152e0fd650dd05b4L,0x057bbf2e9508569dL,
-        0xa125e601f434a3adL,0xcfbf6d31dbd7abf3L,0x8a47f4fbabb7ec67L,
-        0xba9b13e665be73a5L,0x06d9f4989a033039L,0x0000000000000113L } },
-    /* 6 << 203 */
-    { { 0x1499ff98ac49d960L,0x98f7925a3940ff6fL,0xf6c696dd743f2ccdL,
-        0xe7c6c272ef310a73L,0x4029492d91ad1858L,0xa2e65af9483037ccL,
-        0x080c3fd0d3453348L,0x4a1f9803068380c0L,0x00000000000001bcL },
-      { 0xa39427ddd9dc2514L,0xe0f733ecb2a91d48L,0x0144d74f29219e28L,
-        0x25ddcc92e3fc6c5fL,0xb90e371391f871e5L,0x3f763adb81a245caL,
-        0x1fc6a1492f3e2323L,0x92cc2090b41f0b93L,0x00000000000000a7L } },
-    /* 7 << 203 */
-    { { 0x16fc10ab7052570aL,0xb8ba7dd0743fc619L,0x74e19ac2fdc9c41eL,
-        0x8c377fa7ad8dc91dL,0x9c7d2ea6e0cfa9fbL,0xb1f1b0d571b1aa87L,
-        0x912d33bc900e1282L,0xe8efdbbb0235ab3bL,0x0000000000000193L },
-      { 0x2f42a780ecf05e45L,0x4abc067a5ffea26bL,0xd934e1bf3b8f86d9L,
-        0xc622689102f42e09L,0xb828a02f94bdda3eL,0x08d0e0d8fd23164aL,
-        0x49138165cd40abe2L,0x2cad4154325e1e74L,0x00000000000001d4L } },
-    /* 8 << 203 */
-    { { 0x293385edb0596774L,0xcdf619f0dc09fb31L,0xc4af9e6a90f76d96L,
-        0x54b471b7cc8596fcL,0x18ffee0265bb2ef9L,0x4942b53fcf9d919eL,
-        0xd6f9d2a9e553f316L,0xd83946cc6a58eaa5L,0x00000000000001b2L },
-      { 0xa1d2daecdf8aa88fL,0x62cd7b320caed19dL,0x7c08bc5735b5b292L,
-        0xe1a60a4454118651L,0xb1d83a9eaa8e4f5cL,0xc47b05fda30e7ac3L,
-        0x9167e33e388daa83L,0x27a10be2b9685de6L,0x00000000000000bbL } },
-    /* 9 << 203 */
-    { { 0x61072e6115d296f8L,0x11fc465ebc5f7f34L,0x93eb012252ce572dL,
-        0xe66fe1a8a14f9fc8L,0x0857caf11118519bL,0x0ec99efbce22fd7aL,
-        0x9630984caeebd7b7L,0x06e2507983a6f11eL,0x0000000000000123L },
-      { 0x6b5c0e4a5b5a2bf8L,0x0a0430a05250b970L,0xa547c2981f8d2d99L,
-        0x942a92d7773b6ae5L,0x3832ae1f9b1776f7L,0x9ff2f6eaf2484715L,
-        0x8e886adfed1ac349L,0x5fa46fc33779f565L,0x0000000000000112L } },
-    /* 10 << 203 */
-    { { 0xf5fe39ed1fe5f835L,0xe17a6fb3164e9741L,0xeb9a084a0f1180e9L,
-        0x95f55d56a1174f31L,0xc33fa3d103850ac7L,0x15a29bac6e0ddd06L,
-        0xb80a0b7836f2f29eL,0xe5d8ddf467cde67aL,0x0000000000000133L },
-      { 0x1767c74cc5ee0dd4L,0x1d61299bd7e4bddbL,0xf4d89a2ffa74fb11L,
-        0xe8a63c4a0037fb90L,0x30fcdb047800ec4aL,0x49a1e298d490df3bL,
-        0x3d3510a2da5acae7L,0x2d4184aa78ce9832L,0x0000000000000024L } },
-    /* 11 << 203 */
-    { { 0x461789e5a7e331b4L,0x94f5c063e056cf9eL,0x51c4cb0bafe86b1dL,
-        0xa77f9298ef14a074L,0x077bb1b48fc7cda4L,0xe5463bbe3ec37500L,
-        0xd8929e637a85c083L,0x99bde81e8a6a20f3L,0x0000000000000039L },
-      { 0x3267c02daa1f7d63L,0x23d9787ed3ea992dL,0x8bd7ecc6eadfc006L,
-        0x1dcc457818d40a6aL,0xf4e545c5c2837f18L,0x4936de14599552abL,
-        0xf7ba407716ae7bc3L,0xb5a4143a28bd986bL,0x0000000000000132L } },
-    /* 12 << 203 */
-    { { 0x7af8ee911d17b705L,0x8e4e597421098f55L,0x0542a394d5cecacfL,
-        0x4d8eb8395094f357L,0x8c86900c62d5a150L,0x7ad4081bafe653e7L,
-        0x387c8a7e677a5bbcL,0x088120b9be7886d1L,0x0000000000000156L },
-      { 0x986523706c398918L,0x7c9c49714f6c44c4L,0x443abe7820a8fa98L,
-        0xf42a7ff4137f926fL,0xff4c7aa9f464b480L,0xf88b491a277d4eb8L,
-        0x170a625fc3cab7f6L,0xf9bba62bcdcab435L,0x0000000000000186L } },
-    /* 13 << 203 */
-    { { 0x31b0c09c5bf0852dL,0x18aaaed5d0a908a1L,0x4895590f40ba0908L,
-        0x5b3c1647b5ce8ae3L,0xf1b7f80893496465L,0xd5dd6bab9f019279L,
-        0x85473bc14ec60138L,0x5e219e24c353225eL,0x00000000000000b9L },
-      { 0xb175cd2ff10b3294L,0x8cdc3ffa902373d3L,0x49bf103f9b547ce4L,
-        0x78437a78684806b9L,0xedf8cea1ecb2881dL,0x3f74415f802d7f2aL,
-        0xf921f614ec2bd162L,0xc5e11e9860a14a15L,0x000000000000007eL } },
-    /* 14 << 203 */
-    { { 0xda963dc90741634eL,0xc2b6b3cc6a62e31dL,0x726ffdb0926a9817L,
-        0x2bc8a0c6a7a05347L,0xb440bef6dad1f7a5L,0x96ae7cb3666ebfb7L,
-        0xf3b41ea36955bba1L,0x2ed577ffb1869190L,0x0000000000000025L },
-      { 0xcd5dc527b188b5e5L,0xa3fa5778ce6e943eL,0x463b9aa822daf81fL,
-        0x2a0544efdfb44926L,0x7c78f0e5c5f56c83L,0x83a5552b87a0cacfL,
-        0x8a5a5cdbf491affeL,0x419ba8841b8398d3L,0x00000000000000bfL } },
-    /* 15 << 203 */
-    { { 0xc7a233d26a1409e2L,0x75613083d555f813L,0x57856cf213217cf0L,
-        0xa98b1bfbf09af4a8L,0x43ce553426956b0dL,0x952672fca3623606L,
-        0x6c5123aa9b1676b8L,0x7ea503cd2c03b708L,0x00000000000001ddL },
-      { 0xfe97c8445f696473L,0x41fc8b4210c17454L,0x5988fe457d0bc836L,
-        0x771a9260151ffcdcL,0xb20c19f78f31f140L,0x6a616316ea95a25aL,
-        0x16ca637432de15b1L,0x428f650bfdd3aecbL,0x00000000000000fdL } },
-    /* 16 << 203 */
-    { { 0x4ac7cf5e23e6c204L,0x7b4459a48deb8019L,0x2ffd2583ebe4e27bL,
-        0xab15feb705e6ae2aL,0x270a5d8fc902355cL,0x8d3df414faf419fdL,
-        0x191b90b534ae3d01L,0x497282c4bb5abd9eL,0x000000000000011bL },
-      { 0xd2232ae08c7267f4L,0xe1fec69b17b6532fL,0x1c6a586eb1a2d82cL,
-        0xeb84318629128558L,0xbf24d2f13a80efd7L,0x93763ddbb22228d1L,
-        0xf9da00393cb37b92L,0x780d8ba986cd2952L,0x000000000000018aL } },
-    /* 17 << 203 */
-    { { 0x85ce6086c42c91ceL,0xe3730ba1beff726fL,0x3a03ccef7b5cdd1bL,
-        0x21f5dd5f74df90ccL,0x515f92541dd8a8a5L,0x32e144b04540ec56L,
-        0xd5b0f4ce1bf59220L,0xf7475efc15b613a1L,0x0000000000000009L },
-      { 0x9648786de09a8312L,0x637db864dec600f8L,0xc8d80a2aeff36b2cL,
-        0xb35ee379748d7b89L,0x80480f180bc51ee5L,0x93ecb703dc1e3844L,
-        0x96285408970354c9L,0x1d025481acdc2e04L,0x00000000000001b1L } },
-    /* 18 << 203 */
-    { { 0x11da16733b2b4777L,0x0da01f6bee05eca4L,0x4a39b2c1b5c102bfL,
-        0xb1c398f40180ecafL,0x0f34076588c87533L,0x0c47914ac3c66289L,
-        0x3696a6fa0dd34c31L,0x81e365a2a368c6d7L,0x00000000000001f0L },
-      { 0x840b207fbd408342L,0x30261282fece17e0L,0x40257c9f3da41fb8L,
-        0xa4cae7603b1ac31aL,0x5fbcff5f594f704cL,0xe351cefe85314299L,
-        0xe22cb75c12b975ceL,0xb1f453d9aa5cac15L,0x0000000000000004L } },
-    /* 19 << 203 */
-    { { 0xc9ead8a3a32cf5c9L,0x7dc1770b97c506e6L,0xe7c79e2d42a4fbc7L,
-        0xb04c9f61bd24d6a0L,0x3205b73d256b6b7bL,0xf16c9e4b2de3cb16L,
-        0x227f1ff5d82a3f34L,0x0019b2fde6349182L,0x000000000000016eL },
-      { 0x1f14191b7572f22cL,0x7302f1d0bf7099bbL,0x7fb16da069ac373fL,
-        0x3339a34583f442ebL,0x2e9f4d5b3748f434L,0x824a57612b80770fL,
-        0xdbb71eccb3f15c50L,0x1682849bf4442e7bL,0x0000000000000195L } },
-    /* 20 << 203 */
-    { { 0x178d85d0416d2153L,0x4c5e98ac3192f6b3L,0xa2bf4a99f469bfb7L,
-        0x0cf96dce79b1c827L,0x1f0c1c1426bfefe5L,0xb311eb1d1eed9d89L,
-        0x740f6075a0e8edfbL,0xaf5aaccd20253b96L,0x000000000000004aL },
-      { 0x383c53e0e2c5bcb2L,0x2bd6968fddf8bed4L,0x3f7fded26470a5adL,
-        0x4262c3d7081745f0L,0xda4dd333cdf6dfd3L,0x3198e00505d05d05L,
-        0xc90c1c96590157c9L,0x2ab65d5b805804c4L,0x000000000000018cL } },
-    /* 21 << 203 */
-    { { 0xc8b63533163574afL,0xd4411f669392afb1L,0x39cae3efe849fbb4L,
-        0xb6905a8d734c3270L,0xb67c07e1cbbb8c06L,0xb255b4db9aac51d0L,
-        0xf199d235564033e6L,0xa95f3a7c0f798793L,0x0000000000000188L },
-      { 0x991b58c05d94e2acL,0x160c5d37fee15559L,0x34604e5ab17d3f15L,
-        0xf5a0f8bdfb1b01f8L,0xe991821b060c46a2L,0xf7a38307a55a0299L,
-        0xc356d8e03afaa0d2L,0x333a3c25f0970ad8L,0x0000000000000175L } },
-    /* 22 << 203 */
-    { { 0x127344e29f66bf23L,0xe5072714c3ff9b2aL,0x9aa6b001571e9d32L,
-        0xe92e4ae6e6738a5dL,0x4616e315433defabL,0xe1309a4a0b892330L,
-        0xde5f54f81acd85a9L,0x6615d532a0013a39L,0x00000000000000b2L },
-      { 0xae7fe9461948c112L,0xaba4b1f25fc94eefL,0x622344602eebeedfL,
-        0xe9794e6c8c0c8afeL,0xa2dbac68aa7d5990L,0xf59d5a7ad07e966cL,
-        0xc301f1334490bb8bL,0x05102377fac91f14L,0x0000000000000076L } },
-    /* 23 << 203 */
-    { { 0x60373c888966b32cL,0xea1c42d6dc6c28c8L,0x18d4ad6301e1db60L,
-        0xbdaaea6027297a7dL,0x8195b41927d1104fL,0xc48c92ed6b0c1bc8L,
-        0xb73823906b31a986L,0x33294cc20e930151L,0x00000000000001c0L },
-      { 0xc482e8e3c6e67f35L,0xeeb9cc9aee7cfe14L,0xff393c6df96fd071L,
-        0x77f360224c240d36L,0x7aa6e6d4008cf062L,0x33f7ba5e334659e1L,
-        0xb7bb47e3338f19e0L,0x24641529965a354bL,0x0000000000000081L } },
-    /* 24 << 203 */
-    { { 0xff3620b84bdbf53eL,0x9a92f844cfb096a3L,0x3b4c39d9d79176efL,
-        0x5c23425d20c67ba8L,0x2a3a36c2aa571818L,0x131fbff694d33bceL,
-        0x8a647ce852fc474bL,0x082f25d4708dee34L,0x00000000000001b7L },
-      { 0x0b83c1f0799941fcL,0x39efdd8895537412L,0x569503fdb5578a16L,
-        0x858772ff0ac52d85L,0x1eb29ef86eeaed65L,0x416b2a4900efb022L,
-        0xc34726fb98e0e612L,0x460f3c084eb7474bL,0x00000000000000b9L } },
-    /* 25 << 203 */
-    { { 0xfd46e1db27a1181aL,0x1ee50b461711b1f7L,0xa60af377813334e3L,
-        0x8151c9876ce57ecbL,0xc75b6a7d140d4b4fL,0x1b8f031e29797048L,
-        0x142493c798c35dc6L,0xb2cfe7b7cbe996a7L,0x000000000000015eL },
-      { 0x80544a487edde636L,0x46353ae9fd5db792L,0xb20013c8220846afL,
-        0x2416e5bdde7762b7L,0xe64be27df87fd397L,0xab712e13e2ffa788L,
-        0x5193155a057b1e4aL,0x5469e2a4b847b16cL,0x000000000000001cL } },
-    /* 26 << 203 */
-    { { 0x5d942f48eea1b609L,0x5b5928f55d45821eL,0x4e902a63e4334d8cL,
-        0x9487288dfd9c133aL,0x076583ec0562afa4L,0x15ac51ce847620a8L,
-        0x75614dcd6bb7db20L,0x61b4f0ac79817a3cL,0x0000000000000135L },
-      { 0xafa3db2917e1ade5L,0x34c874f1303a98a8L,0x46a0324db21aa653L,
-        0x6bbd6e145845d604L,0xa08a64424c41da8dL,0xa86f0eced381c0bfL,
-        0x680383de6177267eL,0xd8a8c02c2eb78f7aL,0x0000000000000182L } },
-    /* 27 << 203 */
-    { { 0x510c5be254c5aa6eL,0x814e5b33a2c96898L,0x5c5409cc0bc238d9L,
-        0x5b5f3771d0f892eaL,0xc6d889cb5adb6dd6L,0xd69b4a965bcc3a28L,
-        0xb005053762d3d8caL,0xb649554bbbed8aaeL,0x00000000000001ecL },
-      { 0xeed46bb08eb806a6L,0x9b77f90339b297c4L,0x768412874c81b21eL,
-        0xb9f15aae9f97d21fL,0x860ca9350ecfb6efL,0xe4199e02d03a9365L,
-        0x4b4f34036b22befaL,0xfce4b34a3e909e2cL,0x0000000000000035L } },
-    /* 28 << 203 */
-    { { 0xa29eabe4613c2400L,0x6da11ad55fd4843bL,0x6c479b3ea02471adL,
-        0x36f15bc6fbb5c3acL,0x4fb2678cb1d9580fL,0xffe413ff946486c5L,
-        0x5907bfdfa12b55e6L,0x32f96e37446dbb1cL,0x00000000000000f6L },
-      { 0xd371325a5f34ecbcL,0x4381c3cd2296b634L,0x059d9308e5fd27ecL,
-        0xf6ce8b258e757bbaL,0xddbf8e7ade871b1eL,0xe66728521ed3e5d9L,
-        0x6d20b61da5d76131L,0xb8902120ed8a464aL,0x0000000000000029L } },
-    /* 29 << 203 */
-    { { 0xafd1249ea0049ad9L,0x17e3f90da460a3f1L,0x9bf7805cad6c8671L,
-        0x4de57997e5e4efdeL,0xb6d31c92436e52fdL,0x3b5d07d0e66dfedcL,
-        0xe8f61a8613b6040bL,0xdb120430540de2f0L,0x0000000000000046L },
-      { 0x17a3a42b480fcae3L,0xe6724148df4383beL,0xd0d8e825e7398a02L,
-        0xff5e909116413545L,0x80a83d1b9e9f32d7L,0x1e64d4128169cd89L,
-        0xc06a950009862dd0L,0x5ab3d610135884b7L,0x000000000000017fL } },
-    /* 30 << 203 */
-    { { 0xb22b6df53fe8f109L,0xe4ae50e7c00edcd4L,0xbf891ce36387044cL,
-        0x0716f49bd08fb385L,0x0efbe8c154934b45L,0x08e66176982f659dL,
-        0x042ce73691962a9eL,0x1f08748ca2974528L,0x000000000000006eL },
-      { 0x8fa7abdd6b9af5d7L,0xaa2fbf79978b04ccL,0x4ea61bae7f3136b7L,
-        0x406b670e150cad9cL,0x22be2a1b08aa96f6L,0xffcc680d566c56d7L,
-        0xe65207819a111236L,0x940aef1c69d2e843L,0x0000000000000062L } },
-    /* 31 << 203 */
-    { { 0xd129e91b896698afL,0x73b41a17181e6925L,0x97ce44352236ade8L,
-        0xd75aebca34fb46a8L,0x14c944000e23617bL,0xcd8b9bfbeb166d12L,
-        0xee040a4c3a905495L,0xb72ecd7ec410f093L,0x00000000000000dcL },
-      { 0x061e964149500be0L,0x6bd1c08f37d923d5L,0x20ace6977d7c8942L,
-        0x4b0799a17ec28340L,0xd78d922cc03f7a1eL,0xaa5ed16c52d72598L,
-        0x9a9465fc536adef7L,0x1520c2f1b2190fa1L,0x000000000000014fL } },
-    /* 32 << 203 */
-    { { 0x0fc6c549c4c762bcL,0xc43915e34e5eb96fL,0xad88ee68d1bb0b5bL,
-        0x484a9fad3f1f26a3L,0x0d93055c2bc15e9dL,0xa745abbb06d26bb7L,
-        0xf60ed3b8464f0731L,0x963d8d94ea9058bfL,0x0000000000000039L },
-      { 0x4608ac087b67b298L,0x3baf2ae6c85cf812L,0xb30aec550d25bedfL,
-        0x581493507ce48459L,0xfcb39f45d3c41e2dL,0x48d241a0126e11a7L,
-        0x7b425421909a1621L,0x9bb349dde746bf4bL,0x00000000000000abL } },
-    /* 33 << 203 */
-    { { 0xf78ef0177735364dL,0x4242a9b94f24972cL,0xaafb2ff361309582L,
-        0x68159118c9fe5e6bL,0xa139c9d817d00812L,0x396e0ab8226a0decL,
-        0x3a30e3c673ea4520L,0x18df75b8a9dd6918L,0x0000000000000104L },
-      { 0x1604bdd3791132f0L,0x0d35e98dca54008cL,0xe9ceeb9b6c26b2a0L,
-        0x4a4c2574b1f5b2a2L,0x69fbe01ff67ec174L,0x869a7c63315bc86cL,
-        0xf08c67d6679659abL,0x5569ff11470dfd0fL,0x00000000000000dcL } },
-    /* 34 << 203 */
-    { { 0x3f0253b63cbfb254L,0x6ae0490dfbc31984L,0xe3211ed9838456d9L,
-        0xa777ce33d6dda841L,0x2477049c8192bf72L,0x272fd5e9a4c1ffceL,
-        0x4d93c00b02a926a8L,0x1f2575f0e049893bL,0x00000000000001daL },
-      { 0xee660c10a1ea2fafL,0xd873fc0cb8c5388cL,0x567dcbe9dca70a47L,
-        0x9d40a36f11c8a42fL,0x3676748d0ac98534L,0x2bcbf2174d49d6cfL,
-        0xe11f56cea7891326L,0x1ab209d7060afa57L,0x000000000000009fL } },
-    /* 35 << 203 */
-    { { 0x4b6d579ba05593bdL,0xc6285d8e3e95708dL,0x9241a96b5c289411L,
-        0x25ca7d1a7ff046d7L,0x2590294a1361f71aL,0xb49a914ec83ad83eL,
-        0x89aceb3a85fb27d8L,0x6776c7f95575641fL,0x00000000000000ccL },
-      { 0x4b835dbc0613476bL,0xc94fdc0798cd4c80L,0x335103581a99e1e3L,
-        0x904d83c4be2dc3aeL,0xbd1970b7528f5723L,0x6bd945cdf6821722L,
-        0xe3f06e613361a4b6L,0x6dd9696ad6bd360bL,0x00000000000001aaL } },
-    /* 36 << 203 */
-    { { 0x060220b0d5aabf1dL,0x7ec07ddee8faef1bL,0x1c30e81f33c88f67L,
-        0x3ab29b3b460c1969L,0xc884e421d4f18871L,0x3d76eba1e1d5f78eL,
-        0xad2f04f5f5600f5eL,0x2e07b7c6fdfaa998L,0x00000000000001ecL },
-      { 0x94aa1de0801495d7L,0x35dead394496468eL,0x3b3856ac27ab597fL,
-        0x0d1781704ce8ab57L,0x32add9b6a50d197fL,0x251a00a000be8d21L,
-        0x8c65dd58c2200093L,0x2da03bd64b7ac520L,0x00000000000001f3L } },
-    /* 37 << 203 */
-    { { 0x7d77930ffe885231L,0x7c1d348265515480L,0x1028d2f332001982L,
-        0x7bdd01a2f88d1e1fL,0x08e5a9624fc0514fL,0x5fe3e2f0bdf8eb8bL,
-        0xf4028d9cf33bf562L,0xfd0aac8b9adec91aL,0x00000000000000fdL },
-      { 0x262500f4c7eecbc5L,0x8e1ea6e773113904L,0xb4fda953c677fb11L,
-        0x15e2bec7f004bb4cL,0x0ec674739adf1319L,0x30c7b3002e1908c8L,
-        0x72b9155302f8fe1cL,0x4c1ae8241fef5d3dL,0x00000000000000bdL } },
-    /* 38 << 203 */
-    { { 0x65afe7c36fc63e54L,0x6c79e1d949f2ee4fL,0xc8c051c698930252L,
-        0x433fbf5bda5a1e42L,0x0f5fb506d2262325L,0xc3ac5598bf7bb66eL,
-        0xb4080aff038c1d7aL,0xae7fdc8a879a0b88L,0x00000000000000fbL },
-      { 0xc8633f62b2ccd88dL,0x7a8c4df946413bf3L,0xbb3a0aff154bc142L,
-        0x0a25d6637f99f5ceL,0x2f9b556d91512e7dL,0x5856e88dd4fcbfc1L,
-        0xfbac60880d590e7bL,0x3e74b8f7572a6a15L,0x00000000000001f5L } },
-    /* 39 << 203 */
-    { { 0x2e92481a490bf8c3L,0xb234c92c44d07befL,0x23be000f6010e6abL,
-        0xdd24b74db1f6e796L,0xb885f4d57f2b555fL,0xf884923f24e9d3e7L,
-        0x12bb9608f5252325L,0xeb4d240142895b93L,0x00000000000001d8L },
-      { 0xb7639fb2e02a475cL,0xbf16704256218563L,0xe8f52550b704617fL,
-        0x35fbc89365a77f60L,0xb7cf34eb39d0d9f9L,0xfc9a3a37721dfea9L,
-        0xfbdd63fe12b1bd09L,0x8319294c9b186376L,0x000000000000002dL } },
-    /* 40 << 203 */
-    { { 0x760be85ba57579c2L,0xe47a63aeea20d741L,0xf80319e5232ac17fL,
-        0xe3a492894c6087d2L,0x3d8d470fe20d0690L,0xfb770c1ae9a1e231L,
-        0xd7e1cba177a0824aL,0xc90a181ef7ab7398L,0x0000000000000123L },
-      { 0x26bd2f3b59ec175aL,0xbf65beef751bd1bdL,0x242a83d6fe1b44e7L,
-        0x9c16d231a1dccec8L,0x7ca438f66e6b3e04L,0x50b091d4c43e7f09L,
-        0x23a893f32d886f9aL,0xb18a52c8b26c60c7L,0x0000000000000069L } },
-    /* 41 << 203 */
-    { { 0x9bd5bea7d2af96d4L,0x6fb5de3bbc502c9aL,0xb5fe88e904928dd6L,
-        0x660accf4c03c98a1L,0xe59d202975520adcL,0x12c50027fe29eef8L,
-        0x6d2739cf3758dc66L,0x49b418f24b9cb6a0L,0x0000000000000021L },
-      { 0xdf55798a1a079e8bL,0xc7c4f956fe9f31c6L,0xca1c9c93604849fdL,
-        0x29d32b26f33c9d98L,0x79f867bfd1cc0d6aL,0x776857b4bd3b05cfL,
-        0xf445083cdc53ac52L,0x19f3a0e3be72024fL,0x00000000000000faL } },
-    /* 42 << 203 */
-    { { 0x4a5cee83dee4aed4L,0x670871eaaccf44e5L,0xd325710515daa7dfL,
-        0x41ed4dee9573f014L,0x0621cfe9c7e9c774L,0xdb71a7db46ae0c35L,
-        0x5fbbb44236d96fe6L,0xfc4ee442791497f8L,0x0000000000000025L },
-      { 0xb58373bfda824d48L,0x2eba350be2b6feb3L,0xe732690e5cece104L,
-        0x42f7dc57a0fade31L,0xb2ac02a777a8ea62L,0x2c39600f2730cc77L,
-        0x71ec3499ab92a6ccL,0x857ac22e85b8f70eL,0x000000000000013dL } },
-    /* 43 << 203 */
-    { { 0x351b69db61e98acfL,0xb2699c2328ac4d57L,0xee2392c34b2cd5c6L,
-        0xcb4914379838b68cL,0x11af2ea4a79b35a0L,0x0baaf41584ec5f87L,
-        0x380dbda247432ae0L,0x5949262bbd9fecc1L,0x000000000000011aL },
-      { 0x461c1a7c33de0a7dL,0xed6b4f1a2158de9eL,0x1b51b42f97af5453L,
-        0x5dd95efc0b1f9f62L,0x43680178f2fe73b7L,0x43eb48a07ad44206L,
-        0xfefa59bbbc57342dL,0x92be4ae731e62d3eL,0x00000000000000ebL } },
-    /* 44 << 203 */
-    { { 0x50720100fd88d0daL,0x6c96ed6eff0c9301L,0x5cfee40f95d538bdL,
-        0xb8a8dc1d8ce5618cL,0xc4f7326f15fc988cL,0x2c93679915b83096L,
-        0xf99f2517cfa85d25L,0x822fcfae5900af2cL,0x0000000000000011L },
-      { 0x4c87b89e2e424f4dL,0xce5f4f37eb2ebfe7L,0x9bea312196392a9fL,
-        0x30c5e7742855b498L,0xa9fef9945a06b8f3L,0x9372653173d076d1L,
-        0x3237fe278510f6faL,0x2889eaaa1ed4a243L,0x00000000000001bfL } },
-    /* 45 << 203 */
-    { { 0x2854d519527d1fa4L,0xec81e71f030bfa56L,0x7c7a6f6c74f9b14eL,
-        0xc14b2e2fac46e139L,0x266d547234be2050L,0xc76508966ee9b75eL,
-        0xbcb2a8ff31cc54dcL,0xd30db5283217cbb0L,0x000000000000005bL },
-      { 0xc60582de3d8f4fe7L,0x3571cea717d2bcceL,0x51f2c889cdb6114aL,
-        0x67599f6dd8034eb2L,0x39ea1fb81c73d606L,0x202f869715dcadd0L,
-        0x75b193f9ed7493ddL,0x0594f438966147b7L,0x00000000000001baL } },
-    /* 46 << 203 */
-    { { 0xe8a247b9ddb773eeL,0xf011460b3a15d54eL,0x513260d9c6c9729aL,
-        0x3141d40090f7c352L,0x08abd3ed3ad70a9eL,0xecc1c0b0d4416182L,
-        0x378a698baf4f30d8L,0x0e16d0c80d60ca6eL,0x00000000000001beL },
-      { 0x1dfd2561ff8f8008L,0x81ea4aa79a575caeL,0x7c786f74b483667fL,
-        0xd8fed3f94ee8c195L,0x90fbadb4a6f48ec1L,0x60ffc1f0427e2ac1L,
-        0x50278a1d955ae40eL,0x6ad088ec707c1993L,0x0000000000000040L } },
-    /* 47 << 203 */
-    { { 0xc5fa1b24da9e4707L,0xb2ed74501186afbaL,0x6a7b01ee5671cf3cL,
-        0x533241c421e91105L,0x33fe3ce08e6c7277L,0x6bc05f002376d680L,
-        0xe35268f1a828e28cL,0xbbe9432cb60d1db9L,0x000000000000002bL },
-      { 0xc11785a77cd09d89L,0xa68d9f4cc5495098L,0xfd929e7877817c92L,
-        0xfc91a43abb6c8891L,0xa931f7edb133140cL,0x30f07e5841125b2aL,
-        0xff9ddb7427f03ab2L,0x0cb025851fd99248L,0x00000000000001b9L } },
-    /* 48 << 203 */
-    { { 0x9cf44ab408998910L,0xdb3fc2ed1a5c47c4L,0x7752c31eee0be9f5L,
-        0xbd4bdfa943658470L,0x6fe2594572f2fc86L,0x237e1bcfef842a76L,
-        0x74a857e47220a961L,0xd007b3e3c6bc996fL,0x0000000000000075L },
-      { 0x133e7f3d64ae70e0L,0x31966cdb96444608L,0x88fe449aacf0d4efL,
-        0xddc0df233b47912bL,0xc19d556d5771cdb5L,0x122a6b4c834c9d4cL,
-        0xf4fd9193128abd43L,0x42dde25bc55b3ec4L,0x000000000000004cL } },
-    /* 49 << 203 */
-    { { 0xfdb3c4406206a4feL,0x125e23203bd37671L,0x51afe42085c66b55L,
-        0xc82746a7c940c824L,0xd2f7bb9f815d4539L,0xafc81b12635037a1L,
-        0x52186ca4c7627416L,0xe1af5236303a7901L,0x00000000000001d8L },
-      { 0x2f110c396dc058ebL,0xbe11880e4a4c8a7aL,0xd08d8ee763cc89a4L,
-        0x609e4b127ff4eaa7L,0x34344cbe13acbbdfL,0x327f290902faa861L,
-        0xa78fdd5ac3ebf0d0L,0x0bb5a4256c4d55c8L,0x00000000000000afL } },
-    /* 50 << 203 */
-    { { 0x42aad690805acc53L,0xa7493fc7dd905627L,0x487f9407d9ff6965L,
-        0xdaf7232e6c45192aL,0x403d57cd8d6e7d00L,0x931d29065fd272e5L,
-        0xfd7ddc1c35824aabL,0x587760407dd72d28L,0x0000000000000194L },
-      { 0xa559885f94fb6cb8L,0x18dd399e1dfeaa2dL,0xa6f23d25eb1a0248L,
-        0x4875945120e84064L,0xd481f3bae40bec92L,0x7bd5cf14464e0aa2L,
-        0xdcfcce53ab13bd66L,0x47391f2ba2ec1297L,0x000000000000000aL } },
-    /* 51 << 203 */
-    { { 0xac5fad77cb3652b2L,0xf60c981b1702815cL,0x3f848d658c5451aeL,
-        0x158ab410e63af4c6L,0xcd7bb3a5f46545efL,0x81dac1f4dd4f3e3eL,
-        0xae18eb6b0ca68587L,0x3c11c12b0f2f0afcL,0x0000000000000027L },
-      { 0xa770e6757e36cb2aL,0xdf6d0de92153e716L,0x84b953bc23da6df9L,
-        0xa2b731d222921fadL,0x76d5d2bd6f721c04L,0x84826a176ccf0ba4L,
-        0xc5876c6a0f44e9e3L,0xb215b5099f6f565fL,0x000000000000003fL } },
-    /* 52 << 203 */
-    { { 0x156a9949f151db06L,0x22b6b0fd06a70b1aL,0x32d582e4ce617d0dL,
-        0x84fb33d0992eed75L,0xa1c7f6b2c077d815L,0x3285938f313dbd79L,
-        0x8a8fede6076f503eL,0xfdae2afe7c95c93eL,0x0000000000000139L },
-      { 0x96f542035812daa7L,0x479ba6d3a2d361b6L,0xa3793b005705ed2eL,
-        0x943d444ad5ffe440L,0x474e4864379e007aL,0x9ff8bc4dacd38afbL,
-        0x508f54e5a6195a99L,0x3085a04113817842L,0x00000000000001feL } },
-    /* 53 << 203 */
-    { { 0xfc91e9f6bfd0daa6L,0xaf6b749fa3f661c7L,0x01909cf557e3ccf5L,
-        0x35b238be3ee3bca3L,0x4bcd54419bf8184dL,0xfba84a8c70887c36L,
-        0xfcbb0d1de463801aL,0x50ccf27f439a5570L,0x0000000000000087L },
-      { 0xc4493206a8126517L,0x7fe519f9f3614d98L,0xd384e085c3b33b80L,
-        0x7cb14d0b2f997b13L,0x768db950e87f06d6L,0x970b51fbbfee3e6aL,
-        0xa39779e815cd21a0L,0xf677327e5bb60c21L,0x00000000000000ccL } },
-    /* 54 << 203 */
-    { { 0x1da1477e29decfa5L,0xda072008f02d4900L,0x308e95bba4a4a5efL,
-        0x7ea7a7e700684dadL,0x8fdecb5864c70f1aL,0xac1f215de2b6bc4cL,
-        0xae5dcfe17aee88e2L,0x755dc3734b87ea15L,0x0000000000000113L },
-      { 0x31cdcd38c9abbdf0L,0x002275fbb68c75beL,0xa597136936819c82L,
-        0x0d32bd7478d0808aL,0x8c6272fd441d62d9L,0xac06165632ff00f8L,
-        0x21b9e0076a1b924fL,0x38af0f3fff5ff630L,0x00000000000000dcL } },
-    /* 55 << 203 */
-    { { 0x55989a4e1513fe24L,0xd6fabb7a377c6d9dL,0xfb823e5b0578f12cL,
-        0x2468f83105377082L,0xd4878755ace05f05L,0xcdb85e0e1e391758L,
-        0x45635c6b145f3ebbL,0xd278b81411717273L,0x00000000000001c3L },
-      { 0xc72cd647b50c5d7fL,0xf047d529dd74bb7aL,0x9300b986938084c6L,
-        0x39476814f0b7388cL,0xc7b74b2fcc7f991dL,0xd684e2f5bed333beL,
-        0xc6191b9f5f713216L,0xfacbf180c5995497L,0x0000000000000065L } },
-    /* 56 << 203 */
-    { { 0xe3cf0d5abdae44fbL,0x71ecef1ef6f5cfd1L,0x7fa5ff37a11bc661L,
-        0x2e0d9032ab6a8007L,0x8e465ff4b99ed2b3L,0x63ee69531a62a4cdL,
-        0x31ffa26bad2e514aL,0x0c5e085f6ff7bb4aL,0x0000000000000128L },
-      { 0xe1b74ab9d20c8193L,0x0f67229ad63050feL,0xeeaf4ec6ce73ff43L,
-        0x10094ecf114d6d87L,0xf515978540801d95L,0xa09334933f23d6dbL,
-        0x0ac122515f242117L,0xa1a4a37f5643d48aL,0x00000000000001d7L } },
-    /* 57 << 203 */
-    { { 0x08bb5ac7384a5d01L,0x4b476ae6141e85b7L,0x00590a5e1d16b1baL,
-        0x722dce02a2654e49L,0x380d3ac2483bd792L,0x247a5eb2ce16ad4eL,
-        0x5ba4f9402eeba293L,0xec77ec84a7507cc4L,0x0000000000000137L },
-      { 0x1abf1b23c775da9bL,0x51926f26193fd227L,0xd4a448fe01380d03L,
-        0x681fe1925ea66a42L,0x794acc9567e1d118L,0xe712708229692e86L,
-        0xbf4924323e527353L,0xd9aa506903fc2288L,0x00000000000001adL } },
-    /* 58 << 203 */
-    { { 0x8f6c6de220075145L,0x2005c1b150c10e08L,0xcb6f289fe8304e93L,
-        0x8772c2f895b33af8L,0xfc9ac3cfb78f1556L,0xa4a401e2be444c8bL,
-        0x140354191c3ecbe0L,0xa65d09c100ac6e64L,0x000000000000015fL },
-      { 0xa6d278eaa028bb56L,0xf8fd2af7f7809e33L,0x8ae6c10268f7c2dfL,
-        0x6c70558658cdaa11L,0x2bfbbef7e3c31f4cL,0xf8b8a7cb9e618b41L,
-        0xb521782dd7782d09L,0xd779f775dff8910eL,0x000000000000013bL } },
-    /* 59 << 203 */
-    { { 0x5320eefa9777d185L,0x68beb1e5eb1e2074L,0x78dee05ec1e19dd5L,
-        0x5f860f6599bd6062L,0xdee3934194257635L,0x342770ce8635d6c5L,
-        0x8a06a3512e8be17fL,0x9d59963df78ab6fcL,0x0000000000000153L },
-      { 0x39d400fbb2b8dd24L,0xf133abbb1acfdb33L,0xffd9d7a4d0506911L,
-        0x134d6fedff9d17c2L,0x64622ea9d5149d82L,0x8ff0c386bab0505aL,
-        0x7998c2288977e003L,0xc41aea628ad09185L,0x000000000000001aL } },
-    /* 60 << 203 */
-    { { 0xe8f81e67f0dbc26bL,0x67a84c46f8124049L,0x7c12baed629b2402L,
-        0xd39ab731384afbbdL,0x7abb971abe6168eaL,0x3ec476fb5dc96bddL,
-        0xf568fab44fa5f270L,0x739374abac51818fL,0x00000000000000bdL },
-      { 0x83d36009af42bb0fL,0xc6958d2c42dbd415L,0x39f20878bfd8cb62L,
-        0xb2528156e23525ecL,0xdf6b3537ea725e7aL,0x6ddafd2d6c2dc45dL,
-        0xb696f0b8b8682ed4L,0xdd22cc010b611962L,0x0000000000000123L } },
-    /* 61 << 203 */
-    { { 0x10a08a1d429ade6cL,0xcfebf0de40932626L,0x2a55e9c5e357b14fL,
-        0xd551713e4ac50b0aL,0xeb32aa3fa3be7addL,0x6c10ef40612e530aL,
-        0x887ba5fed318f9dbL,0x9328d459bedf5ba0L,0x000000000000013aL },
-      { 0x91af92d7c4ce63daL,0x2500a7b7aa099030L,0x5cea55f7f0e69a79L,
-        0x28ca6b389e2136ffL,0xa0a71734e6472420L,0xfb6dfe6f191baf68L,
-        0x80d32b3c985c5e32L,0x29d49cdaf82c5f47L,0x00000000000001a2L } },
-    /* 62 << 203 */
-    { { 0xb55c2c748f50537fL,0xdd9c6df320a3297dL,0xb0b5477afce6109eL,
-        0xdde894cfd5a0ccedL,0x4499db297480d3a2L,0x22dfd2bb556180eeL,
-        0xde7299830c83a1cdL,0xf4dc6b95a709c0a5L,0x00000000000000f0L },
-      { 0x2f295e2db07bd50aL,0xc0a72738bd5546b5L,0xd52477a78ec7811eL,
-        0x92e14d8eba3186a7L,0x8eb36ad32467a3e2L,0xebe38e24a07ed270L,
-        0xfbebfb87fef24897L,0x6bf271137005debfL,0x0000000000000144L } },
-    /* 63 << 203 */
-    { { 0x9441cc5908dc7a12L,0x64ac736d8fca53eeL,0x19d3acb882a58c26L,
-        0xc159d488cda04962L,0xfe82b61dba03928cL,0x8a7234e590149eeeL,
-        0xa561263424bf8caeL,0xfb65e1ea2ac90b43L,0x00000000000001ecL },
-      { 0x646b4ad41ab30bd1L,0x49c490c08bc81256L,0x0e07b398bb57c018L,
-        0x8d00bbea5bae6201L,0x1e3cbbaf746d5441L,0x48ea6a235bc6f24eL,
-        0xf6828b36cbbbf53aL,0xb54e8f928f84432bL,0x00000000000000ecL } },
-    /* 64 << 203 */
-    { { 0x8f45148da52d1421L,0xe89923fd09daf522L,0x112ca311c8f15492L,
-        0x91b33ccb469e61fbL,0x040de443fb2ab91bL,0xb9d124fd4f9b32e8L,
-        0x84da47a9f07573bdL,0x93b7ee6baacdd14fL,0x0000000000000064L },
-      { 0xb3af161f4be64122L,0x5946d2ec149c5475L,0xdc04fcd0256a1ecbL,
-        0x4fc571b7327e7a8dL,0x5206ea559580edcbL,0x7f41a742f20a94c0L,
-        0x1bfddff0f7fe1fbbL,0x3860b232e2f1fddcL,0x00000000000001caL } },
-    /* 0 << 210 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 210 */
-    { { 0x7eaefe12155c337bL,0x357f27cec7186596L,0x90c26c69654dbbebL,
-        0x6bcca278a1b63a6aL,0x776b7a928edd9123L,0xb2bef5076c6da5e9L,
-        0x805ed3aa0e3c747bL,0x298ef458659df2efL,0x0000000000000098L },
-      { 0xe3dd893935a79f8dL,0x672b109ca1972c6bL,0xad41cbae07953a4dL,
-        0xde07527fd206de77L,0x1f55a4c0b61d9811L,0x929d56d57a75360eL,
-        0x9f2becff5032efe6L,0x0de654c760f0622cL,0x0000000000000018L } },
-    /* 2 << 210 */
-    { { 0x50e39fd1ea8dc4aeL,0xc68d8b0f5fd16c88L,0xc95f46e90ced75abL,
-        0x845ee3947375e952L,0x5865161d3c14b1c2L,0xe29ae3a6399431acL,
-        0x02d1c6eaf0feca0eL,0x76059dad24f35b02L,0x0000000000000081L },
-      { 0x29fefca13ac6a96eL,0x260a7f7d5d01c1d8L,0x63fa36033ef9812fL,
-        0xab1a91c9f9404b6dL,0x32555cfda9406e88L,0x666eae1c5b63890dL,
-        0x22ec92aafe9605e0L,0xde2a85103235e860L,0x00000000000000c3L } },
-    /* 3 << 210 */
-    { { 0x6587c0b191979247L,0xf06dc068ccf0762eL,0xc3a2b88e277351e8L,
-        0x42e9494a2f607af3L,0xd1aeccc782b271dfL,0x3ac627d494648a93L,
-        0xeb180b78bb62dfa0L,0x7e34653033232d06L,0x0000000000000183L },
-      { 0x084e8c75e5c2357eL,0xa380334756c91ac0L,0x772e24a0015742f3L,
-        0x2610a9b247393c4aL,0xb58ced0b436a641dL,0xd55dbdc01850fb56L,
-        0x64c97fc5aecf40afL,0x6de1de5d00330087L,0x000000000000009cL } },
-    /* 4 << 210 */
-    { { 0x2bad7686d90119aeL,0x8dcd64f0464b230cL,0x1d1eeb94dad19cb1L,
-        0x3b47038986f0eb48L,0x42abb37d2c50f380L,0xfabbcebba7a99eb1L,
-        0xfeed69dd33fb0b08L,0x8de8b50e31dc2b1eL,0x0000000000000057L },
-      { 0xe10dc8a6054ed7a9L,0x7094fc36cf39bec8L,0x487789a825848527L,
-        0x8786eaa339974124L,0x47a0d6b0a6e3e5abL,0x54ed0b21e981e517L,
-        0x85cf17eae768123bL,0xd9a933b0636e78c6L,0x0000000000000127L } },
-    /* 5 << 210 */
-    { { 0x773317e5e965abe3L,0xe8862edea879f77eL,0x4601164bc562701aL,
-        0xbeb011903d4e07b4L,0x75a41c645c19194dL,0xd86e32ca954ddfb5L,
-        0xbe5ca8c991a87274L,0x034c2e1d26aacfeeL,0x00000000000001e7L },
-      { 0xc2bc377abea32ea0L,0x9de44c2dbe946f97L,0x5d4e3f655c44e66dL,
-        0xbaa8d970ac2805f5L,0x706fe3da518a0081L,0x2bf6f7c79bc1f747L,
-        0x1b468d12759da2e6L,0x3f5a410239f61705L,0x00000000000001deL } },
-    /* 6 << 210 */
-    { { 0xe3acc0e88e647c26L,0xf22855fa2eeccf87L,0xf31f71d569ff841aL,
-        0xa9e26b1ad8ef203aL,0xb3fd64db61ef98cbL,0x29af19d73b642e77L,
-        0x94474091741591eeL,0x904e7fd077619d47L,0x00000000000001b2L },
-      { 0xe4c9e0608f0e5bcdL,0x9a35f72d0905a05eL,0xd0ba9e95fa0cf7dbL,
-        0x445ca1a5614f1042L,0xbbd0d5dcaf5a5318L,0x67782d6e0a41d90dL,
-        0xb296381bb6a00b72L,0x57fad3940de3382cL,0x000000000000006eL } },
-    /* 7 << 210 */
-    { { 0x6da8acb7636d8777L,0x17555ae8d341b800L,0xb1568202f44d6da9L,
-        0x08a44805f4dc644fL,0xc55f2c18e121a82aL,0x5b5aad0b568d7db6L,
-        0x3ee3c48b686c7713L,0xc57cac2c6d44f289L,0x0000000000000128L },
-      { 0x0f14e697858b59f0L,0x00d714b14d03cf4bL,0x709f77084de0de30L,
-        0x708cd7f0c5ee4559L,0x38dd88083e9a8665L,0x0a5fb9589f83fbcbL,
-        0xc224694a5c7dd1b5L,0xeb7258003626ededL,0x00000000000000ddL } },
-    /* 8 << 210 */
-    { { 0xd388e288cf34553bL,0xd09b7877c6d36700L,0xc3e51b059504c41bL,
-        0x0bbd1313d0ef31abL,0x455759080a3e2144L,0x774bf584d4b738b8L,
-        0x3f4d85bae9d97733L,0xdfea7f28f0e4a66bL,0x0000000000000172L },
-      { 0xa6b684558118ae5cL,0x7a387b8b8e41c0e2L,0x96193c31f2b2cd4fL,
-        0x54d8c8934c5c7414L,0x397ba89f0ab2b85fL,0x2ab9e8f773eebea5L,
-        0xf4b5eca1e8d4c927L,0x026a0b0842ac45bdL,0x00000000000000abL } },
-    /* 9 << 210 */
-    { { 0xc2c87545298feddbL,0x470bb0bd57824145L,0x8535201fe71f2a83L,
-        0x15c5c54c117080d6L,0x128d4fe3a05e76beL,0xd4e70c4a4bf91f37L,
-        0x54fe9a939826b38eL,0xd67c68802a561594L,0x000000000000011bL },
-      { 0xa82826c1a97b6d7dL,0xe2da2126e413c90dL,0x2d897fea71a14c78L,
-        0x507ffba7806b4541L,0xc9ce796501b35c08L,0xaced047127638092L,
-        0xbcbf0b84ed0ea6ebL,0xb63a061b05d84400L,0x000000000000002bL } },
-    /* 10 << 210 */
-    { { 0x57e9a69316532d1aL,0xf478a1fbc138250dL,0xf361a41cd2ac2c5bL,
-        0xf25c676d2e731c53L,0x279560ad1ebc7490L,0xe8236eddc10384e9L,
-        0x7441e5732d5228caL,0xd118d9328feb88d7L,0x00000000000000a0L },
-      { 0xf31779e746032b98L,0x05ab63064ee8d408L,0x4e67de56b0bcef53L,
-        0x762e211f843fe3a7L,0x22bf07e8774b56d0L,0x3aade5d730c2d994L,
-        0xa7f2f71246c80546L,0x3ac087b22883ca5fL,0x0000000000000087L } },
-    /* 11 << 210 */
-    { { 0x407c5d9aeb5d82e3L,0x30a608780f78a237L,0x245819947c64f8aeL,
-        0x731df3f705e01562L,0xa2e62428758cc895L,0xd211176cfb7413daL,
-        0x7e6e91ec84b68277L,0xa3f3f7633b3b5b35L,0x000000000000016aL },
-      { 0xb6008526ecd1f4b0L,0x713463dc81f30634L,0x6453a4f7bb65e2e0L,
-        0x1a1116bc0aa7ed8bL,0x363735d5d3c34ab4L,0xf0333b9b525b97f3L,
-        0x284602fc50aa6cbdL,0xa9f283df0cadf6a1L,0x0000000000000145L } },
-    /* 12 << 210 */
-    { { 0x4b736d32df234e4eL,0x66237d17d14bed77L,0x552baa3e4dde4942L,
-        0x947169dc23756ffcL,0xe595f2646749eed0L,0x2ed82e6ee3c8ec5fL,
-        0xd52dd4bc495b60a0L,0xccd7a2b340553cfcL,0x00000000000001b7L },
-      { 0x9de7e73e889fbda2L,0xeb68c0d9c02a698bL,0xc433363b1510c24bL,
-        0x329f6b4ee2af686fL,0x3bf95cb33cd6cbd5L,0x2c9924b339e49b52L,
-        0x3a4322bb3e1ae491L,0x3efb3b85504f582eL,0x0000000000000150L } },
-    /* 13 << 210 */
-    { { 0x013dc2bd0444d98fL,0x4de8b097924c66e2L,0x9ec9f89623d19d49L,
-        0xfe687746b87f064fL,0x246382118a91a448L,0xc67b870471e274b7L,
-        0xc4418f6008d4a531L,0x4586c1eb20ce1a9cL,0x0000000000000131L },
-      { 0x7ad3cd88751ffcc1L,0x18d68df10ce22160L,0xccfeac397abea4ecL,
-        0x29d9fddc2685bf7fL,0x9e6b18ff47a6efeaL,0x3b627d6f57d0e3d5L,
-        0x58ce41ec7ff343f2L,0x5158919391a231faL,0x000000000000017cL } },
-    /* 14 << 210 */
-    { { 0x21e51a0354ff9df9L,0xbc033f12390d78abL,0x7faa458e9c43347fL,
-        0x2057222fbf867c8fL,0x6f5b703c3e064f9bL,0x4e36ce8df6330e33L,
-        0xfa0198f8267ee695L,0x68eaf31f89f13590L,0x0000000000000153L },
-      { 0xb493ba909970b82bL,0x31e3a61197d166daL,0x0b11fb84ae14be07L,
-        0x10d94ceb5fe0479eL,0x56c6f6fae10acb34L,0x46f3308f1d2441e1L,
-        0x1374e4f3ec9db49bL,0xd948930f13d2533eL,0x0000000000000025L } },
-    /* 15 << 210 */
-    { { 0xbd79f69a17f3e079L,0x581645e9398eb5c8L,0x1164a83314fbf1e0L,
-        0x578256f31c79999dL,0xc3dd57963e64e48aL,0x00207040947387efL,
-        0x73a0b57ed406b606L,0xd9d3c48c970a0d17L,0x00000000000001dbL },
-      { 0xde458dfe8fa49aa3L,0xe87a7a3cde431fd9L,0xc6f7d8ffcbc16172L,
-        0xc105217099a5121bL,0x4a8cdcc81598125eL,0x748703e3e913bc06L,
-        0x906112b45fb246a4L,0x784afb8f1a1a56f0L,0x000000000000006cL } },
-    /* 16 << 210 */
-    { { 0xa01f0a1936b984a3L,0x46ad91732ae5ad96L,0xbd7c413ddf12a570L,
-        0x24a748c0fbe510aeL,0x27ff3748434d6671L,0x96ad6f33e1d69baaL,
-        0x4b89a84a7daf1390L,0x2e25577782e527cdL,0x0000000000000129L },
-      { 0x78b130d2615c0331L,0xf5a9b025fa3cef15L,0x67b99de5fea12b29L,
-        0x5f5b07e21f56caceL,0x2af1ee2faeb8b26dL,0x04e82314346279b3L,
-        0x0f1d88179ae70e2cL,0x85f03c614c3ea88cL,0x00000000000001fcL } },
-    /* 17 << 210 */
-    { { 0xbbf913425e25254eL,0xae8a194d65fa3727L,0xe2ed53b88c80987cL,
-        0xe90dd4e4332d1115L,0x858c5b438276591cL,0x96af9612cf030af3L,
-        0x334408b230f81b63L,0x50a0b93648908e62L,0x0000000000000156L },
-      { 0xc07a9b16e44f7fbaL,0x64b736ca33fafed2L,0x701e1cb3ac0f2dabL,
-        0x7d4fc722562b85a1L,0x2c86fea7d2b4d291L,0x83ee4a5d9f6970e8L,
-        0x6620f63f3d8c97b0L,0xe3bca31b9ad21699L,0x0000000000000123L } },
-    /* 18 << 210 */
-    { { 0x92101b445ffe5dfaL,0x6b76bbf95527f907L,0x2869cfd96356a819L,
-        0xfd98991f858d1a94L,0x8d5d5864f0fd9b00L,0x625cab968f9c11e6L,
-        0x0da53e4909b866b8L,0xca447b81b24cabbeL,0x0000000000000178L },
-      { 0xd0ac32d58a4893cfL,0x2edd684e9a4293e3L,0xfbc5f91fc233ef37L,
-        0x2516eb7f682025b2L,0xc25529e742c123aaL,0xf5da8e54c9f4f7a0L,
-        0x8c3d0de074eaf57dL,0x6794c4bfccd164a2L,0x00000000000000b9L } },
-    /* 19 << 210 */
-    { { 0xc69f59364255c77cL,0x62a41fef78ceaf18L,0x94bd08105a8dd0a1L,
-        0x7afbb99a49892f3fL,0xb9544236faf945a6L,0x28836d015e540f1cL,
-        0x244e6a470bc80b13L,0xb283cf827c32d810L,0x000000000000014eL },
-      { 0xf47d267a487a9f79L,0x2ad81400b00b749aL,0x7f9b103420d209bdL,
-        0xfbf1adbd49d3785fL,0x8d59d9898a036103L,0xc6f4b53a089998a5L,
-        0xace1e9ee478e179dL,0xa749c8aad355bf72L,0x0000000000000005L } },
-    /* 20 << 210 */
-    { { 0x63c835437badaa12L,0x2929fbf993d1298fL,0x22d8a8e5a6d3c271L,
-        0x4361a0966cc70feaL,0x4c1698920b060761L,0x43b3a57b7b83b19aL,
-        0x8e4e16ed5d1e0382L,0x1c4596c101fb83b1L,0x00000000000000d2L },
-      { 0x571e0f7a2d0878bbL,0x28efbf803ba6448bL,0xc49eadd53f53ec10L,
-        0x5f67c5799b6b85b6L,0x999676ed0f279676L,0x62ba191b129e0870L,
-        0x5f0823b621475e41L,0x8bc381adf2c8b56bL,0x0000000000000164L } },
-    /* 21 << 210 */
-    { { 0x343c04685b855e62L,0xd05a781d65a9e8a0L,0xad965cc0d76b69d1L,
-        0x0a60d928e3a92585L,0x8eb709dc93667a1fL,0x4612c3b7f09f0396L,
-        0x76e56cdfe5ba21c3L,0xefd26ea6b6dfce55L,0x0000000000000142L },
-      { 0xe8ef0107c3ea51b4L,0xc510a688a6e86ef9L,0xe1382167be6e6ff2L,
-        0x6235ea21a22146a1L,0x0e75ef83dec8e173L,0xc3aa17235d276798L,
-        0x81b77ebb6f964ef4L,0xb332f534b9a1daf2L,0x0000000000000062L } },
-    /* 22 << 210 */
-    { { 0xc71a3f48dc690e06L,0x449a246c614381b4L,0xce239cf6f0ea8df3L,
-        0x2384abc79f46bb3aL,0x1c93a8ec536f0722L,0x60521fc696bdd0e7L,
-        0xd3c1a0736defa22aL,0x5e2ffd99b0905245L,0x00000000000001a0L },
-      { 0x865d018d4fa96567L,0x2e861bcde51f532aL,0x0512006f4808fb7dL,
-        0x3b0ec5befab3cc28L,0x79df334934155d68L,0x4799a6e956e98b04L,
-        0x620b5b8666630df1L,0xdc690f70a3e08672L,0x00000000000000b1L } },
-    /* 23 << 210 */
-    { { 0x85d162cd106f9475L,0x44f080894ef3dae9L,0x9cf807e0bd35511bL,
-        0x578df8ace663e312L,0xa653190ceeb0b989L,0x9ed6127f1ddf4b8cL,
-        0x8b0c20c4f18fed73L,0xf4b71bd731359811L,0x00000000000001adL },
-      { 0xc4f7a8d1c65be73aL,0xbe69a441506a8e82L,0x6d5546328fe4f097L,
-        0x617fa14727ccad49L,0x1652a47ced10618eL,0x3daa7571df5f43f5L,
-        0x2bd307ea683542bcL,0xef379a1097a6ae86L,0x000000000000015cL } },
-    /* 24 << 210 */
-    { { 0x86b14b1452e9a506L,0x06f9f838ecd178c9L,0x3d605ee53599039bL,
-        0xdd3ad5a22e3df8f7L,0xbd51af94fdd6867fL,0x707034f3d45cf3daL,
-        0x54edcf4a3f70a45cL,0x7b6164392979902cL,0x00000000000001aeL },
-      { 0x7d63ee2728389bcdL,0x8b39bb03b8eba714L,0xfe5a3aaaa6e99d38L,
-        0xaf6074ac14a97bafL,0xa15ac327aff2ed81L,0xba728133fe4fd2efL,
-        0x9db04ddae93db974L,0xd50f26293a858d00L,0x0000000000000119L } },
-    /* 25 << 210 */
-    { { 0x5313dae6dfa56156L,0xd94f3ae7ac345c99L,0xe78fb5be35108fffL,
-        0xce8566813a5e8c70L,0xa235711d5b1f6104L,0xa71be1748b87dc50L,
-        0x896b4d545b8939c1L,0x8a8231c084f3ab7aL,0x00000000000000c9L },
-      { 0x817bf1fb1e85d890L,0x184f61cf5d643f88L,0xcf5848918efc7679L,
-        0xc9861a5c09913c4cL,0x9957437efca0ed7dL,0x26eaeb36d4e9c4a6L,
-        0x62a2b4ce68bef05fL,0x35eee957532fb33dL,0x000000000000012fL } },
-    /* 26 << 210 */
-    { { 0x0d102216761b3f5fL,0xc20c57002b98c864L,0xf843d83e1aecabe3L,
-        0x9f6208ea8ebbe2cdL,0x0a052c4a80658842L,0x10da1ddaf5022171L,
-        0x75bb824b9d07cdcdL,0x13e6b38440d6c610L,0x0000000000000047L },
-      { 0x9ba0732bd447fb06L,0xfaa3332e7c85db71L,0xa4b5cb19124daefbL,
-        0x030a7ebf84434aeaL,0x90bb08622da1bf4aL,0x92e2162ee7273d3fL,
-        0x58dad0586f9f95d6L,0x4ce76e55838aa919L,0x0000000000000099L } },
-    /* 27 << 210 */
-    { { 0x1ba73b76eea26fe5L,0x10311b589f6d8b56L,0x1e7165b4f59dcd15L,
-        0xd84021591383a1dcL,0xe0e1eb96c044dfbbL,0xcd512afcb13d4262L,
-        0x0770855a201de5aeL,0x426e52a9e44af8a8L,0x0000000000000064L },
-      { 0x2b3f973f1b631b61L,0x3facac113c56e76cL,0x96d8fde961b33795L,
-        0x3d15ae3c51fe1162L,0x966f56a2d095fad2L,0xe5cec26f7a7ed99bL,
-        0xc86a297d339268ffL,0xac1327d95a7d5aacL,0x000000000000010bL } },
-    /* 28 << 210 */
-    { { 0xea0d44c4e34e4c6aL,0x6f50243de8b02105L,0xede2b16c796c212cL,
-        0x3f7169f242a087c6L,0x33fa8470a4762cdcL,0x05f65db613ffc120L,
-        0x9bf29f3f4fb1c4f7L,0xef4ca47345433134L,0x00000000000000f8L },
-      { 0xe59da628331968bcL,0x3fbf6bc46946b696L,0xec6ab1d7f82ef2afL,
-        0xd0423e4f260bb4a9L,0x956fef511d44cbf6L,0x26f861228e5195c9L,
-        0xbe8b410c5daca40aL,0x3fac01f29d08bdadL,0x0000000000000104L } },
-    /* 29 << 210 */
-    { { 0xd296d03e4da85b59L,0xd20dca5fd6b01747L,0x3f815ec4dc2596abL,
-        0x2e8ffb20523225c2L,0xa03e3bec4c45bcbaL,0x8b8a4e375be794ddL,
-        0x1e80fe190c2625e8L,0xe38cdda7ecb0a216L,0x0000000000000125L },
-      { 0x78939a7c40a4f676L,0x38a302b8686cd8abL,0xf39054024d368792L,
-        0x52f9befe123a4394L,0x5386d9fb555bef5bL,0xc8d8eee487e29a25L,
-        0xfd789f9f36cb1b91L,0xe75f606b085c477fL,0x000000000000006dL } },
-    /* 30 << 210 */
-    { { 0x76c885eb91229a3aL,0x2604b6f7f73e4d9aL,0xbebdfaa988fa9a1bL,
-        0x442a747cb58bb763L,0xd8fa3f9ca1ef860dL,0x719d6316f2d89cacL,
-        0x39eebc32fad21ad8L,0x5c00d02d886de11cL,0x0000000000000148L },
-      { 0xab82282a837d7661L,0x638d139d5cbb4510L,0xe6066d3862fc0035L,
-        0xce4a49a8185cd0ebL,0x48f9a3ee3d41d802L,0x95d7f1ee067d33eeL,
-        0xc5e89c814c069fc4L,0x25e2b6e5d8b300b7L,0x000000000000016dL } },
-    /* 31 << 210 */
-    { { 0x125cb0656fd3f45eL,0x5d373f9c2da83750L,0x596131d335c71844L,
-        0x93ab568a7590cd52L,0x4296d1f04f64934eL,0x2af6028ba38c427fL,
-        0x5578235374fe642fL,0x10ae3ac1911c7354L,0x0000000000000064L },
-      { 0x24d13d1cdca07c95L,0xa76e8a5d5578ab0fL,0x8a3c17a4af1f99f9L,
-        0xa1a2a81e49509859L,0xf7a6e870a17853faL,0xe77c3c235989a9b2L,
-        0xacb43c903f2d4d84L,0x0e10eb44d3af2b00L,0x00000000000000b5L } },
-    /* 32 << 210 */
-    { { 0xbfecf64a8f358002L,0xa9fa4a5e9179b6f0L,0x8c1ecbec5b44cf88L,
-        0xf443c158eb342a9cL,0x0eee17b6ada473cdL,0x4eb51b723af99df4L,
-        0xa524e6d1e0fe8dfcL,0xedc72c8efe2a4f42L,0x0000000000000073L },
-      { 0x34eb386de0cd65afL,0x387c3874cc80c3b0L,0x75ac76b751883b25L,
-        0x0f6ccbfb6b514806L,0xe85c5856867909e7L,0x61a5bc9e5a9b263cL,
-        0x08b8491ac6228360L,0x6835d3592850dbc7L,0x000000000000005aL } },
-    /* 33 << 210 */
-    { { 0xe5a1c0f716762f99L,0x18e150a00e1ffb05L,0xd8d254b5dd30ab2eL,
-        0xca9fbad497982447L,0x704cf09c072ceeb3L,0xd983772bb6dc2abfL,
-        0x60d8e8589d4a88cfL,0xb7370cc99a762e11L,0x0000000000000042L },
-      { 0xdd8c613394f66f49L,0x854a0a8a64840d80L,0x8b36199429e09701L,
-        0x720bc46c87681a8bL,0x3e659cf95832499fL,0x639e121a3a965654L,
-        0xafe73745a0e877fdL,0xdb5167d3c73ddb0fL,0x0000000000000041L } },
-    /* 34 << 210 */
-    { { 0x93ca4468eb54bb36L,0xc9f2df65fd1a5e06L,0xfc22174b03097b4bL,
-        0x91fd9ae9c45c49f5L,0x6102dd35230002e3L,0xaea4b2e3ff6b1838L,
-        0xb762468b28453764L,0xa05639a86875b179L,0x00000000000000b6L },
-      { 0x406563adc60f9413L,0x61b6bb5f75616054L,0x1625fc74b653f9e0L,
-        0x7ea58a6a21ca1e00L,0x6461c50537e49dedL,0x904294a956620a78L,
-        0x4c01cc1dca8aa6d2L,0x3f8e60a4beb7b9c0L,0x00000000000001f5L } },
-    /* 35 << 210 */
-    { { 0xe65251c39be7d1b0L,0xd8e18151bc857666L,0x80d8d4670142a8f7L,
-        0x411203864e50d192L,0x44e9b0d1d0683bb4L,0x6027de4339b0cd7fL,
-        0x39cda0ca1570eb84L,0xe0cfbadb6ee54d8fL,0x000000000000007cL },
-      { 0x613dc76cfd483908L,0x9f4c35cf97d9650eL,0x1ec7107c69d29e0eL,
-        0x11de8c70c58a2a1cL,0xc1d1bd39db5936e3L,0x0645f3a73278328dL,
-        0x44a30bf055cc8564L,0x918eccc88531a826L,0x00000000000001a7L } },
-    /* 36 << 210 */
-    { { 0xfbfa18bfa4b8ecdcL,0xdb161f18fa7c7c3dL,0x1ec53bad24a21f6cL,
-        0x3e5343aaf4f6ce31L,0x8ae86fcd1b669758L,0x394b964b7befd9beL,
-        0x84b25af45c60a585L,0x02ad7f6ba5888ffaL,0x00000000000000d1L },
-      { 0x0b86e101c83fb0aeL,0x6e16e6e6d2b8e139L,0x29425fb60333faf0L,
-        0x8d0d9ad20ceb6480L,0x9249e8d0b3e18ad7L,0xae3b935bc94d5491L,
-        0x06fe7f0744260b3aL,0x1d8af88339ec64d8L,0x0000000000000158L } },
-    /* 37 << 210 */
-    { { 0x2e41b2ed1d704acaL,0x03c2bc0817bf101fL,0xce1bfaaa844c18f7L,
-        0xb4df6b7a96909ca0L,0xbf63a091ee5e0867L,0xd4388841d246a432L,
-        0x2f79892f9ad915f0L,0x32338dc06b41b066L,0x0000000000000118L },
-      { 0x78bf5ce2c53b3850L,0x989487d6540132ceL,0x3b028312158f0507L,
-        0xe5505d7a61847bccL,0xbd26640fe9c5f58fL,0xea786834f46d807aL,
-        0x12b9c22738c8f52aL,0xbb0394c11e8ce727L,0x000000000000006fL } },
-    /* 38 << 210 */
-    { { 0x5c442a83c9cff0aeL,0x6e3e75c4d44225eaL,0xf41d8d06757bd27dL,
-        0xabb92c7ca16c6a26L,0xdb02bef102370af2L,0xa394000dce87ef1fL,
-        0xe4d6eb87c3ac8949L,0xabff55c1682ec032L,0x0000000000000002L },
-      { 0xf2439cb836f99a0cL,0x871399611f895491L,0x86e73bb2972293fcL,
-        0xffb0f9c0f4587a52L,0x9158a262fcccc9b8L,0xe20f8fdc77325b64L,
-        0x9691d90945464152L,0x3026f5898a043f9aL,0x0000000000000147L } },
-    /* 39 << 210 */
-    { { 0xd75c363aca0bb47fL,0xe06dcec09b0fc2feL,0x1d124ff2ed47c2e6L,
-        0x68ae6fbf9c71dd3cL,0xd425be30410658daL,0x88b954dad343a932L,
-        0x64648b8bab08b1c5L,0xf891ed517f60614eL,0x0000000000000007L },
-      { 0xe06bce61aef1da1eL,0x4d8cbe4802d489fcL,0xa5cce046ba95c57bL,
-        0x71410ffba132fa69L,0xa708d710840160e7L,0x7d480584f5c1605bL,
-        0x31d61aa873bad916L,0xc34e2a1339c4685aL,0x0000000000000032L } },
-    /* 40 << 210 */
-    { { 0x97330958b61d5315L,0x9b1fed27813d91e0L,0xfc2aac10d0c63423L,
-        0x4a30af61043b9728L,0x0f62b5c1ed8502d8L,0xd9575c7c3b16f0d1L,
-        0x03c27db727b8c8d4L,0x3244778e33be7fadL,0x0000000000000106L },
-      { 0x8537bd35641d5339L,0x81bf82ddb3c40dc8L,0x20172430409d603dL,
-        0xb5da061ce2469826L,0xed42f1f0959d0f5aL,0x00dad493913111f5L,
-        0x1cfddf2bf851b239L,0x9851d1e84275e8f9L,0x0000000000000051L } },
-    /* 41 << 210 */
-    { { 0x4855d1dba965d2c8L,0x5f30449c244e4576L,0xf1f66ddc102836a7L,
-        0x8e9131a9ec4310cbL,0x0408e0751723bfb6L,0x328592dc99ea53beL,
-        0x0d16c086afb2a7d0L,0x08ea2ef221079ac9L,0x00000000000001adL },
-      { 0x5e9c1e1cb8a4268dL,0x22500bb2fdca442eL,0x423f0e3ccdfb9609L,
-        0xb07f48f43b66dab4L,0xac3334e53a9a16b3L,0x11f147c037448161L,
-        0x486506187014f21dL,0xaeecce6968960de4L,0x00000000000000c8L } },
-    /* 42 << 210 */
-    { { 0x819fe7e06ed79a0fL,0x784ceef609f8e8a1L,0x57d5b1bfcb22dff7L,
-        0xc4f56fc69ae9661eL,0xbdd03823162750f5L,0x92bb9df3f146dabbL,
-        0xee6ff7d7605cee53L,0xcf0c1d6c6350f6ccL,0x00000000000001f9L },
-      { 0x1c9c29e313fb9416L,0x60aac35195ce11d9L,0x7f9a4b110ffd00b2L,
-        0xc81e3235f6f182b6L,0x398950bd16cf3c7aL,0x5b69da1297a24847L,
-        0x642f9f183df06a74L,0xd8879543ae3dc599L,0x0000000000000184L } },
-    /* 43 << 210 */
-    { { 0xc62e4a9bccf48be5L,0xb6e83e2b8c35dbceL,0x0191a9c69385a75bL,
-        0x8db45f037f8a7eb3L,0xc05fa5da716b86b4L,0x85aff148ef42c3eaL,
-        0x0bdc01682db38738L,0x93337937d776daebL,0x00000000000000feL },
-      { 0xa17b9fd4403afd34L,0x7b09c077646aff94L,0x90597e2d8dc6a08aL,
-        0x744099e0183f3e3eL,0x1c5fb306071fb772L,0x92b8d6a4d997fb7aL,
-        0x0de13d6454bb10dfL,0xf31dfa573608964fL,0x000000000000015dL } },
-    /* 44 << 210 */
-    { { 0x7f7941d9888f4bfaL,0xc4f99685476bc929L,0x3f73018d8e853ce0L,
-        0x68a86f6134fdf8e9L,0x7c88b0312a6fb200L,0x3bab6755f6911821L,
-        0x06b84c1788917fc6L,0xa9f91561f5254039L,0x00000000000000dbL },
-      { 0x76c522936dd119d8L,0x6571dd2beb1cb340L,0xc66e8c823a33b42bL,
-        0xaf289ebefc43ddfcL,0x203bba75ed2b085bL,0xdb1d86048176f169L,
-        0xf762fbe0d91afe68L,0x7dd617af2026cf1cL,0x000000000000005cL } },
-    /* 45 << 210 */
-    { { 0xf92aaa90b3eec59aL,0xbffbac4cb98fa157L,0x4a6eda99c95c081bL,
-        0x31c0fde9dbbc33a6L,0x9ad4e5b9ab1887edL,0x580110e38983bb1eL,
-        0xd7156bd5507d9979L,0xe03e75829ecccea1L,0x000000000000002cL },
-      { 0x672fb2c3fcff6b71L,0x7d73a95202c0fcacL,0x6217982052b713ffL,
-        0xcdaabc9d8923912dL,0xf0d3eb3a651247bdL,0x5484c30ba50c00cdL,
-        0xa9f1173c03bba882L,0xbe7465af19a18e5fL,0x00000000000000feL } },
-    /* 46 << 210 */
-    { { 0x88fcfb06d58a4ee0L,0x00a415e2c9be2df9L,0x84e1ba6b22d03ed3L,
-        0x51cd83af2567aa47L,0xef6aac434fda2455L,0x2a32b1e255ea0dd2L,
-        0x013e1751228720f4L,0x57afcdce7bdbd78dL,0x00000000000000b5L },
-      { 0x094f8441471c7d66L,0xac4896c544539ae3L,0xe82e74eb5776831eL,
-        0x21087391291c65cdL,0xd340f5ed3160a6b1L,0x85bbe11244d404aeL,
-        0xca35de4823d823a2L,0xc20e39e406df497cL,0x000000000000011dL } },
-    /* 47 << 210 */
-    { { 0xfc68fe96d1751282L,0x8a1f297e5936ef4cL,0x4fc2f368e07ac5feL,
-        0x5ef7311f109bf107L,0x6fbed28144342ef3L,0xf825e7ea55138f1fL,
-        0x2c91032471e64888L,0xac2d0335ae2f2246L,0x00000000000001aeL },
-      { 0x9fbad98320933d06L,0xea69d15035c00e2dL,0x559df842a04206ecL,
-        0x2a9cc878d54938e9L,0x16e14d674408551eL,0x022ec0d86db7e02aL,
-        0x54cacfa9f1bcbfb4L,0x25095d1626646fcaL,0x0000000000000181L } },
-    /* 48 << 210 */
-    { { 0xf147f1a2e7e50e60L,0x1309c8a5e30cad85L,0x565c5e69621ed64aL,
-        0xbe5a64757938c494L,0xe56315e5d7792054L,0x64855cfdd97f771cL,
-        0xe95a4b9e599e2f5dL,0xef1c8a857b06d720L,0x0000000000000015L },
-      { 0x2331c4282a92c2f1L,0xe155a823f37e82a7L,0xb47cfc2976020919L,
-        0x6131a11ffe98e8e0L,0x965adc12c0be6be5L,0xf773d72c153cccbdL,
-        0x10d64e59d8ed6127L,0xfa7d60258b5ec467L,0x0000000000000063L } },
-    /* 49 << 210 */
-    { { 0x51c2bdba271b6102L,0x965c59b90e9a8af4L,0x0a54e4d7610fb124L,
-        0xed96a5b2a543ff6eL,0xbab9d37243265ab1L,0xe63366bd24cf6541L,
-        0x5fcabfec17413aecL,0x6ba1941437041b8eL,0x000000000000009aL },
-      { 0xc746f20dfcc3cfccL,0x2b0937465e1dfaecL,0x2e75151e14285929L,
-        0xb4ef90301b96cff8L,0x54cbbef998c89aeeL,0xcc53de423a028272L,
-        0x8373e2805f57ba4bL,0x551c46b3b1498773L,0x000000000000008dL } },
-    /* 50 << 210 */
-    { { 0x1c238ed06300acf7L,0x8eb48c65bcf1125cL,0x65b5c0cb231365bfL,
-        0xd9d40c2683d76f5dL,0x7dbe2462ae3872f0L,0x4262f282de107d81L,
-        0x48bf1e05b21512ceL,0x27e6ff2817212e1bL,0x0000000000000184L },
-      { 0xb39aedb29b451cb5L,0xe96de26a84a29aeeL,0x1a3154cc9725d43fL,
-        0x587e1cf56d8be1fdL,0x840560b633539bd1L,0xd4b6a7c4663d836aL,
-        0x4203e22eb3f669b5L,0x02be0e3cf18b437cL,0x0000000000000095L } },
-    /* 51 << 210 */
-    { { 0xc1f65b0d9dc37e45L,0x89275a9136b7d53bL,0x2949c4982e971c79L,
-        0x8c04749a1a538febL,0xcc9b6fa02cc328a8L,0xe22336ea602cfc59L,
-        0x47f83e70f41f9ba2L,0xbbfd03212cbd1052L,0x00000000000001cfL },
-      { 0x4711443cede128e2L,0xea12ed3f30c82c13L,0x17f83633829d3106L,
-        0xf1202f38f5b5bc62L,0x5850efbc562fc338L,0x07fa11815e423b47L,
-        0x9a419bae32459cabL,0x8add9587ec4146c5L,0x00000000000001a4L } },
-    /* 52 << 210 */
-    { { 0xfe4cd502f1b7c167L,0x679fadc6dab47f91L,0x1bf2bb513037e209L,
-        0xd9ea6d92822e8a02L,0x7a2a77d530ccb948L,0x6fde628029a7a46dL,
-        0x8b71cb731bd2bdc9L,0xaf8d591ca3c0ca96L,0x000000000000004aL },
-      { 0x63fcc569d852c164L,0xca7202764f07d6f0L,0xa7e6e11ee7dc1581L,
-        0x325d3921440980ccL,0x098bd53a148a56a4L,0x4eea0c37ebc5e005L,
-        0x89434ac1b9773a5cL,0x97bd03a875cae957L,0x000000000000017eL } },
-    /* 53 << 210 */
-    { { 0x00d9070caf1910dcL,0xc617cd48dcfbd522L,0xb533991595cfa421L,
-        0xbed0e54c1c7f6141L,0x5fc82c432e31d64eL,0x4c95d5c841370bb0L,
-        0x384401ba1dc077b7L,0xe88940db1b711f2cL,0x000000000000017dL },
-      { 0x60e0ccb946cd94eeL,0xfbc8e63f705dad8bL,0xad2f8d2430990961L,
-        0xd6724b3aa578ad6eL,0x8b11d8339c176f25L,0x12e79dbbbf8e3ac8L,
-        0xe4a943d7fd9940cbL,0xc888a09a909e8fe4L,0x0000000000000122L } },
-    /* 54 << 210 */
-    { { 0x6109ea2de8fb7694L,0x3ec1e872086093e4L,0x978e96c0f4225f3aL,
-        0x2695c6c91952ecdcL,0x728be492d83757cdL,0xc810df7023ac63eaL,
-        0x9485d432d730ebadL,0x86e4d8518f91edcaL,0x0000000000000009L },
-      { 0x1a3378469ea9e56bL,0xa27a55a28a9debbaL,0xb23af748c0f66a79L,
-        0x5d8b134dd11bc92dL,0x00567e5825e02569L,0x4e55a9c941991079L,
-        0x4ddebd3f77d6ad31L,0x6933b46e536f3d79L,0x00000000000000ccL } },
-    /* 55 << 210 */
-    { { 0x812a9b2184f5a0c8L,0x33d0143243a13fc4L,0x9e71afb2efaf3fc7L,
-        0x1663885a0884b6c4L,0x97be8fad8c8fcea3L,0x8a3eed05a8e13913L,
-        0xb2262ce22e54b510L,0xfe9acf7eba246055L,0x000000000000003cL },
-      { 0xa302ad0e8b89f53aL,0xa73ed70070b8d772L,0x9e311983c5c37f58L,
-        0x01e6b111978870fdL,0xd584e4e06afd83b2L,0x70707df88e6f511cL,
-        0xfe0812356f6fab16L,0xc476c66841571d07L,0x00000000000001d6L } },
-    /* 56 << 210 */
-    { { 0x442afc6dddf45a12L,0x91e285345c5e6114L,0x29813a938589fa9dL,
-        0xeb71194671a4ae9dL,0x5dcd8adc9044306aL,0xaedcb84bf9b52561L,
-        0xc21e290a402e75f2L,0x70510bcaf6550a52L,0x00000000000001d3L },
-      { 0xde9843e884f2532aL,0xa14af3a6f79d325fL,0xf6906268bb1868bfL,
-        0x8ac9b2825fb4a6caL,0x6c5dedcd4676cd53L,0x149996604f339636L,
-        0xde2a17658d7b427dL,0xe8c56a66710567a7L,0x00000000000001f1L } },
-    /* 57 << 210 */
-    { { 0xa8ec1a8d2b835d07L,0x8c8dfa457ecde602L,0xf08edd6c0d0246cfL,
-        0xf33a88675d9bc1adL,0x39c5d909b8675ea3L,0x282a2d848a96fc50L,
-        0x019ee082d2d27a32L,0xfcf2f31ba5e0dcc9L,0x000000000000003eL },
-      { 0x6a0ed3b9c1f6a4afL,0xdb83b0612c7730e0L,0x169a96abfe5cb03eL,
-        0xad5ae2df0f055afeL,0x50fa3820d27ed7d3L,0x050484f10e2b1595L,
-        0xd07a515e63ebf720L,0x406f5d0cd68d846fL,0x00000000000001bbL } },
-    /* 58 << 210 */
-    { { 0x04d02219db404261L,0x85b9c71ed3c9e7d3L,0x52acbf57505dee08L,
-        0x9e35ee60c4e1ad8fL,0xd4c0ce77194c1493L,0xfadfd42351103eeaL,
-        0x11403891926541b3L,0x25c4c172eb4f082cL,0x00000000000000cfL },
-      { 0x1f7c31b8ac3bd930L,0x88a8cccb65d3a485L,0xe081d0a295e69145L,
-        0xc513ae2e9804d14eL,0xf7b6aa084dcb993aL,0x47de6f4d191aee26L,
-        0x42b005f56011eb61L,0x05f03ae3f7e525beL,0x000000000000015cL } },
-    /* 59 << 210 */
-    { { 0x0f37890e7c825579L,0x4fd5d272b3c0d6d7L,0x9a299db6ddb4405aL,
-        0x0730a9825deb2939L,0x28d8bac57c904d7eL,0xa71c627fe6a7919dL,
-        0x52f1b334b49c2af2L,0xef7414134b512f97L,0x000000000000000eL },
-      { 0xfedb9bfd92b96ec9L,0x613a1e5742d22f35L,0xdf9ee8d6b9175ebbL,
-        0x085d38923a0ce558L,0xb7207bf1f3f089c9L,0x31660368ded15db0L,
-        0x4ea4ebce0beecacdL,0xcaab38cc88eaeb88L,0x0000000000000159L } },
-    /* 60 << 210 */
-    { { 0xa10cda065dc2aa4aL,0x89d874e605ad6cbeL,0x7d51bfd5d061da12L,
-        0x457d656c376141d4L,0x36ced50a1a715c73L,0x252b0b021d27223aL,
-        0x053aef6fe2d6e01eL,0x8096c5e332716027L,0x000000000000013fL },
-      { 0x1864a030cd3635deL,0x5aa25da659cc5701L,0x8af63026ff2bcdd9L,
-        0xebdb7f1717c277ffL,0xf94d8299758b7979L,0x38025e0009bd3eb9L,
-        0xf7c4c29e5bd5c30aL,0x202201c752f90b3bL,0x00000000000001d5L } },
-    /* 61 << 210 */
-    { { 0x1af17d6b9a9a68f2L,0x1922895850d8202eL,0x5f26f6141d379566L,
-        0x8842f3f0ba041c62L,0x856e05ae211c23dbL,0x7fd5b4c8db979091L,
-        0x61f3b3740064021dL,0xee2403c789416b44L,0x00000000000000a6L },
-      { 0xf52f661156a4b455L,0xc3da69834dd9ba22L,0x58cee2db445eb941L,
-        0x20f0bd4632a7bbb7L,0x212b03f7ea3e0325L,0x810b632b68653bd0L,
-        0xf7a4c209c6cb33d9L,0x2f5c990c6c3facffL,0x000000000000001aL } },
-    /* 62 << 210 */
-    { { 0x6b3cf500b77b2655L,0xc203e28b60b8b5ffL,0xf19e8ec597cbcd7eL,
-        0xb1cfa6bb6369ebc0L,0x4bcee60766936b2fL,0x49c8783749743037L,
-        0xfebdbbae374df175L,0x6db093b69f79968eL,0x00000000000001daL },
-      { 0x6dd1ddbd88f766e4L,0x91fd01c5e8ee248bL,0x5837f9b63c727a7fL,
-        0x336706e3393e3990L,0xe1e10fe46d43c4f7L,0x20ca5f27d6266f87L,
-        0x7f2db9d9c2c42304L,0x3f3536bedaad6d40L,0x00000000000000e7L } },
-    /* 63 << 210 */
-    { { 0x1c8bb48681b82b0bL,0xddb9f1979b95474dL,0xa53b69cef11441e1L,
-        0xcc7971f5218104ffL,0x40e07e762fd8166dL,0xd7f1d93ac9d44c2cL,
-        0x3322abe434b2fcadL,0x7d0aab3a9bcb07b0L,0x00000000000001c7L },
-      { 0x60db8e39682100afL,0x747095769a4ff812L,0x93df55e1c3eef35fL,
-        0x6ce66fa8b82acf43L,0x3b3b298818e25e0aL,0xc288d46523740df4L,
-        0x824c5d4cecf599f6L,0xae5bb7388de7b001L,0x000000000000001cL } },
-    /* 64 << 210 */
-    { { 0xec9a8956f6d20ecaL,0xeda0a24d684e0169L,0xa55ae258e583c40aL,
-        0xbe8c6286455d3ce1L,0x05bf63132096ae62L,0xf68e024920b48bdeL,
-        0x1b6595bc4d99cd14L,0x0e740830774958beL,0x0000000000000030L },
-      { 0x3241b0df9fd73274L,0x7b6532398fe5a5ddL,0x2d4dd56e38412a8dL,
-        0xe2925f33cc58a62aL,0xb859ea32f5cee12bL,0x5af7c4027c25d1d2L,
-        0xe172cec16f196e55L,0x34815491de00641cL,0x000000000000010bL } },
-    /* 0 << 217 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 217 */
-    { { 0x0869ed35fa226aeaL,0xcbc7bd56645f4485L,0x611101b13e6c3d97L,
-        0xa1550183f7a56f83L,0xbe209b3c80a6fcd4L,0x0e2c9da9ea3beaffL,
-        0x0fc7a16f14d9f7ceL,0xeb8a5e147a1e6db1L,0x0000000000000047L },
-      { 0x55a78c253b0fb32cL,0x449a7852a430d4c9L,0x1383a88a412509f0L,
-        0xe895d858329af78dL,0x14afc01cf8d65a07L,0x89303bc5193d67e3L,
-        0x42b20c9716fbcdf5L,0x79fe69660ee012aaL,0x00000000000000d9L } },
-    /* 2 << 217 */
-    { { 0x7480912f507ce79eL,0xf2251da23a1ea21fL,0xb925aadbfbc957f9L,
-        0x79a66979f4548e12L,0x9200714b6de9a9feL,0x779792bbee62d344L,
-        0xeed3d08357501cccL,0x51ecec8b0ef8c948L,0x000000000000014cL },
-      { 0x734a634b05271e42L,0x70e28c86643cdb88L,0x849fc7dd0c24a7eeL,
-        0xcec60426b20506a4L,0x6ee05fce35655c14L,0x79ca2be8c072d950L,
-        0x6c473203105c09efL,0xd9698b133dbf27b2L,0x0000000000000010L } },
-    /* 3 << 217 */
-    { { 0x15079b9d3a7de86eL,0x97e07c04354faf62L,0x045f48f34280e300L,
-        0x9a5fd235bd9ea013L,0x3f75a31f8760c3d8L,0x18aec5ffd05d488fL,
-        0xccfb484b617daf6eL,0xf33084debffab914L,0x000000000000015eL },
-      { 0x1c034f37dd5bc9b0L,0x8e2bedaf882c69a5L,0x6789f307a61afc24L,
-        0x8540d05dc57b651cL,0x7214914319f83ea8L,0x57af134d962c6ed0L,
-        0xcd059751d98b1089L,0x08ad5d1d42e7077aL,0x00000000000000dbL } },
-    /* 4 << 217 */
-    { { 0x163cd52464d8c387L,0x0cfe9416cb029390L,0xce6b5dab9e9ec846L,
-        0x96a78639e9ba4592L,0xa78e42968f174287L,0xe5d09a7637763d66L,
-        0x9f47acf6b54f368dL,0x8e63481b6a0fa894L,0x0000000000000026L },
-      { 0xe1663ca805c8bab5L,0x99bf02aaca0af033L,0xfb1c0c7faa1d7c42L,
-        0x05ac75b011bdcc7dL,0xbfa1dc7399d86019L,0x8f11d0a4937cfa73L,
-        0xf4795bd7d24e356dL,0x7c1f3dc478b4e4ffL,0x000000000000014cL } },
-    /* 5 << 217 */
-    { { 0x3dfeef486fd25746L,0x5940add47d758bd3L,0x9f08c453d26de538L,
-        0xbc7dd28b040d20e4L,0x92cebd97aab4420fL,0x79f4bb203337466eL,
-        0xa72fae2ecb132a17L,0xb394a9c29a59e4c7L,0x00000000000001f8L },
-      { 0x6146396eb48c979cL,0x24b453db99a310e3L,0x7e3917a871967c56L,
-        0x3be40e190e539ed0L,0xc357bac87206739fL,0x8f8c1d8229b17828L,
-        0x06f0ea1f949db344L,0x922daa8467ea4ce3L,0x000000000000013bL } },
-    /* 6 << 217 */
-    { { 0xe2473fe401d47863L,0xdf01581ba1940ffcL,0xa35005ef71f1311bL,
-        0x647d568ca5eb4e66L,0xf1dfe4475da1c32bL,0x05d5c8b5ba555b7bL,
-        0x2584842719302166L,0x5bae9fdf71dcfa1aL,0x0000000000000184L },
-      { 0x531661b422bc00eaL,0x3db39e0ce55a5757L,0x1cdac297fca4fbfcL,
-        0x1dd0012bb1d24a8fL,0x52ae5759714bc921L,0x016aea1fe8481e89L,
-        0xf34842d1254d5d7eL,0xeb75ac8af21fe811L,0x00000000000000f0L } },
-    /* 7 << 217 */
-    { { 0x27a66dd1e4c74b72L,0x9942ada0c51b39c7L,0xaa53c8461a3166bdL,
-        0xc987efb7b9d48025L,0x991f01bd361c98d0L,0x5bfb025e3b09f9e1L,
-        0xab478eb54514704bL,0x784f1a8de0c6dd62L,0x0000000000000031L },
-      { 0x42757f2cc630dfe5L,0xead6fb443f3e6723L,0xe8128bbe1a1c8b83L,
-        0xe35a9d2fab681466L,0xbf9be668356c2595L,0x0e3cf40f99e2b833L,
-        0xfee57f088ea10a4bL,0x207da69ed45302c9L,0x000000000000017bL } },
-    /* 8 << 217 */
-    { { 0x36cdc3e624acb1faL,0xf593d32d6c6d43adL,0x766c2fcd373c8e18L,
-        0x0a1518363d12b7f3L,0x924427f4b4234a24L,0xaab877852335ff44L,
-        0x9e5811897c362011L,0xd86f8fba5ee724dbL,0x0000000000000184L },
-      { 0x25f04ed9c9558569L,0x0a315324ef9562c5L,0x65a02a289ccefb92L,
-        0xb2429dd488115608L,0xc1714c93641d646bL,0xba4d369148bb144aL,
-        0x48ec2d9d9efa3a6fL,0x5ff6a4fbf1a93ae3L,0x00000000000001edL } },
-    /* 9 << 217 */
-    { { 0x6a3f7799955cae01L,0x8fedb6b1e4f38ce0L,0xdb6107f34e85864eL,
-        0x03ade49547410da3L,0xddcbf5190038d029L,0xf0f29d5fe5d4d46aL,
-        0xae17f5923b27f562L,0xf29afa56e7c3f779L,0x000000000000001aL },
-      { 0xd5026e725d8adb02L,0xa06db93aec16acd0L,0x83acfde18042236aL,
-        0xc38abf4033ae9809L,0x22fe6dfbdca5d7eaL,0x383a9fa5a2c8db99L,
-        0x6d9ccce5d334a39dL,0x7861d1e9359da075L,0x0000000000000120L } },
-    /* 10 << 217 */
-    { { 0x8fec394bb678283aL,0x24675c5b80934192L,0xe910c009495ca6ccL,
-        0xe27707e02e53b765L,0x804e24f1a4ea631dL,0x3f919eb5058db7caL,
-        0xa5010f37cbbf29eaL,0x758bd2cc225ee400L,0x0000000000000019L },
-      { 0x52fd1ce51535d519L,0x2b1decdc28e1db07L,0xe076dbeeb4b9815aL,
-        0x670c75e2f9f5ad5dL,0xc9fc07876a78d26dL,0x52951cf34ae31294L,
-        0xe318cad8e793634fL,0x0e9242886e01fcb2L,0x000000000000015aL } },
-    /* 11 << 217 */
-    { { 0x892b3b400cfb1d04L,0x3bea12122b96b4b2L,0x70f73b359c1f649cL,
-        0xcae6ffb47e679dacL,0x96b8d2aec55695fcL,0x0050271f424e84bfL,
-        0x8650dd5119533f6bL,0xc383e0b7571d0e67L,0x0000000000000042L },
-      { 0x3b0bfdab1f7cfd38L,0xea8f9b107b7ec7d6L,0x43139c4e0919083aL,
-        0xd69f6d790fe910eaL,0x094221d3e7ba5fb2L,0x4f374df8f556a667L,
-        0x328a7762ed30e6dbL,0xfc57fcee326a62bdL,0x000000000000008dL } },
-    /* 12 << 217 */
-    { { 0x4c7be70cc22a178bL,0x396b7df601209f9bL,0x2816070b60b48d09L,
-        0x0995b11e9d11e63dL,0xde65c7d35ac5b1b2L,0x29c06ce1dda415b0L,
-        0xf95189d9abdb408fL,0xb6f3dde38bbf2454L,0x00000000000000cbL },
-      { 0xbd38febf8dc44542L,0x2c9d18903f962af0L,0x34cea4d76e93a735L,
-        0xf63e364df81f25ebL,0xad8d7b89df0cdfdcL,0x126ac26d730e8a2fL,
-        0x434700f896d59c8dL,0x1aa5875eb3da4bcbL,0x0000000000000139L } },
-    /* 13 << 217 */
-    { { 0x2598aa4de58417d7L,0x73315ae4ba28fc1dL,0x5517268c46243119L,
-        0xc4974c53b719bdfcL,0x6100c44e189538d8L,0x9db41e3800cd674aL,
-        0x18d5dd5009fe8bf3L,0x4e55b10393ed2b3aL,0x00000000000001f2L },
-      { 0x6bdabaafa06be83fL,0x7521de13204a1caeL,0x1a330aaabbfcf7aaL,
-        0x7d263940f4260f0dL,0x9f8f411dec87d8bfL,0x7a6f66562f9d628eL,
-        0x0ffef527076cad32L,0x1702ce89176beb62L,0x00000000000000a9L } },
-    /* 14 << 217 */
-    { { 0x52965a07e1c091b3L,0xc19999534000c8f5L,0xb46cb0961b5972d1L,
-        0x4a308aa918f8f6f4L,0x3cee84ce606ccca8L,0x486fcae6a169fc9eL,
-        0x5b19c4bb5b7288ccL,0xa20b1b3b9004638dL,0x000000000000005aL },
-      { 0xc63c9bbd9e2f0f41L,0x23cb2e54e409e31cL,0x7da5e7c8549c6dbaL,
-        0xa5c2d1b958a734a6L,0x710b2953b6fb8021L,0x17c27048b5adc912L,
-        0xc775ab78900f7c18L,0xc77a1a632b014e3aL,0x00000000000000e2L } },
-    /* 15 << 217 */
-    { { 0xe77fd781f0aa0c3dL,0xfab5faadce9dd050L,0xdada6c655657f21fL,
-        0x783b1101e768bcbfL,0x6589af44e3340018L,0xcfb592b9da65a6a7L,
-        0x7bd5567297e1f3a0L,0x88785334ffb1fd45L,0x0000000000000119L },
-      { 0xa63a0a55b5cce8f0L,0x6f3064b4eac3c4bbL,0x268dfc16c3931cf1L,
-        0x2e70af6b4661d0dfL,0x1d3463d47cf9a2d9L,0x06221386427a35c3L,
-        0x0fcc93fc18f7dd40L,0xe1df83f19e78e3a1L,0x00000000000001deL } },
-    /* 16 << 217 */
-    { { 0x8661728eb584af4eL,0x954bb8753a25e264L,0xc839860915be119dL,
-        0x06a54d7f989fb866L,0x27b590ede0375bc8L,0xc394a6b7afbf60ddL,
-        0x32cb71643a892981L,0x61b46241cae4336aL,0x00000000000000d3L },
-      { 0xa2e80eed970af48dL,0x087c2e6320f95e36L,0x82956a6eee080071L,
-        0x933a2568f9fc2967L,0xaa2b21a31b5430b1L,0xb1efdf09b6502fa8L,
-        0x56b2b8b50a897789L,0x3a6f9fda663dc2eaL,0x00000000000001e4L } },
-    /* 17 << 217 */
-    { { 0x6a53c0b0f4e4f6bdL,0xbed51fa0b3339216L,0x9e1c31446ae0a294L,
-        0xe8f9136d0186061aL,0x6f0f313f188527fbL,0xc8b712bfe45aa9f5L,
-        0x6a4edc9711290895L,0x8f5a9d9328245576L,0x00000000000001a7L },
-      { 0x77e9f20e207e93acL,0xf2aac110e8d7f6ecL,0x6d098ccf619f7771L,
-        0x7cad915e8ce10c43L,0xfd880f1671cec05eL,0x1c2925678cf46b99L,
-        0xfc5d2f1c5226011bL,0x157e69596cc74eeaL,0x00000000000000f3L } },
-    /* 18 << 217 */
-    { { 0xbc6a400038abf795L,0xee50c23a9287efd7L,0x2e49103a9a5fe5c8L,
-        0x932f55e7ec47bc0dL,0xfb9d8ba5a1e42656L,0x14bc1a30bfec520dL,
-        0x0e22436e2c51ebdfL,0xb45f409c227f0203L,0x00000000000001dbL },
-      { 0xdb059428e549200dL,0x944be2239a2f5fa0L,0xb50e8d34ddb8f268L,
-        0xcf19eea782193454L,0x89965b1de0c72633L,0x6d5dd72287cb4786L,
-        0x87dfc6f877b57b33L,0xa3814dd5d3b6507bL,0x00000000000001b0L } },
-    /* 19 << 217 */
-    { { 0xd3422f5b02e8723fL,0x77b65a704b483835L,0xfb8db8f5e6c4fa44L,
-        0x178119d69bca2cbaL,0xd3011b68fb7c2516L,0xb51eb8ed7b2422d2L,
-        0x638d850b4fbdfe7aL,0xef478553a4a2cc4eL,0x000000000000006dL },
-      { 0xcc1b4cbab66d461aL,0x85209539ab0614a7L,0x9284a459d7b45e90L,
-        0x6261939b3d6b31c4L,0xd440f1eca261a369L,0x8b9f30274347957bL,
-        0xeb40b1e9593ca13cL,0xe4bc3937f76f36a2L,0x00000000000000f8L } },
-    /* 20 << 217 */
-    { { 0x8979880e76ef73cdL,0x6b6723b19811ce62L,0x76b79fd3ebf26fb6L,
-        0x485a962d3a38e353L,0x55df05bbf650782aL,0x2708cce29010a481L,
-        0x55a55950611af69cL,0xdcb0ff444d195963L,0x0000000000000012L },
-      { 0x02313a03b53e1297L,0x0496acc4d53e4561L,0x71dc5bb477fff348L,
-        0xb3a90b9a3497b65dL,0x1cc2d09ab0eb0550L,0x6d92c629525a2a0dL,
-        0xacf38f9941e776c6L,0xdde54e8b76ce2676L,0x0000000000000040L } },
-    /* 21 << 217 */
-    { { 0x75be2409fd243c58L,0xfb1f463bdac51e3fL,0x509862194d0a4586L,
-        0x36bd9a9e93c8ee2fL,0xeef97f6992bc64f0L,0xa78103bf1086dfc5L,
-        0x88aa88434e424ed1L,0x0a5b655e99ba7ee6L,0x000000000000009cL },
-      { 0x249c1f37a7bff9c2L,0x524a308b3e8c734aL,0xbe9e7a1c4cca4101L,
-        0xbfe5d60006384eb3L,0xb7d6b88ba7870afeL,0x9298e013c329ae1bL,
-        0xf209c57749fa728aL,0xf266f26d14fa6743L,0x00000000000001f7L } },
-    /* 22 << 217 */
-    { { 0xecaa972f97a6c375L,0xaa67099f3c5aa416L,0x5e4734dc5f9037b4L,
-        0x5a71f4d8feaac9beL,0xb66122ce9fd22e94L,0xd09f8f79796500a9L,
-        0xb6e9a33d09e807a9L,0x44a1b6f515b33f25L,0x00000000000000feL },
-      { 0xd1c9abc3752c8f9eL,0x9b55269a8dfff422L,0xedfdfd976e33a411L,
-        0x624051be5fc39babL,0x09b5446a79090558L,0x59df039c097b7956L,
-        0xbc79ccb2f4c7668cL,0x04b2b4066bda888cL,0x0000000000000157L } },
-    /* 23 << 217 */
-    { { 0x01657adf2b32a82cL,0xa562f4cf4f956c2fL,0x84ad34232910648fL,
-        0x9ea4e24d2bbdbd02L,0xdead6b9a4da91c2aL,0x36d5efe14c04f787L,
-        0x7fba5358fe4dddb1L,0xa6479901f366a73fL,0x000000000000018dL },
-      { 0x3feba9211c557b81L,0x8a7d55ab07441493L,0x2494fea073a3361bL,
-        0xe0b259a20c4b1040L,0xb916142e58b9d4d9L,0xbc680954f8a4db27L,
-        0x5cd9b153e5640dffL,0xf4a05f27ae9b5981L,0x000000000000009bL } },
-    /* 24 << 217 */
-    { { 0x8b2f31a02c825d50L,0x5fa4a38e0b3dd67aL,0xcc07eafedd220e0fL,
-        0x3a8496f853666cd5L,0xf1e8b23e116da23eL,0xf48de9f41631080dL,
-        0xcc3274454139c8dbL,0x3270ce0a1dbe7c3dL,0x00000000000001c6L },
-      { 0x210895785054f6b3L,0x8295ec2dd94bf609L,0x1922bdba854941f4L,
-        0xa95eb4de357020e9L,0xd15fe663df0d7747L,0x89ca6db1ff86b9ceL,
-        0xc3bbaadc4f1a6d6dL,0xdeab3f658a0c471eL,0x00000000000001bcL } },
-    /* 25 << 217 */
-    { { 0x52c4c94bafa6c8a4L,0xcccdaac638d082d5L,0x6756e588603919fcL,
-        0x46e53d034f729c3eL,0x79a9a3ba3642d064L,0xf7f9370b6e781f51L,
-        0x871f38423fc72274L,0xa2be2d7f631fa996L,0x0000000000000169L },
-      { 0x33d1dbbdca0f5b6dL,0xfa5e0a4020137338L,0xe03314dea4fd1455L,
-        0x15c0dcb0e68a4ad0L,0x5c99e48ccf09b744L,0x80be1812142f6b65L,
-        0x13aa8e51ca2e9df6L,0x7a1772606a44f01dL,0x000000000000002cL } },
-    /* 26 << 217 */
-    { { 0x600b48b92806f212L,0x24f49b0b9ce93a73L,0xa61905f11fa33a53L,
-        0xd8112bb3e9c9f4ffL,0x668461e5cd923562L,0x6a04eb9c7c8fd814L,
-        0xcfebf8b2aa0b7176L,0xf5aeff5e9fdacbcbL,0x0000000000000089L },
-      { 0x6a4e78ccb73a9977L,0xff5464997a7fe914L,0x9a3851b2e4e9e8acL,
-        0xece7462ca3e78784L,0xa3a59ea640b86efbL,0x7247b5df42bac9ceL,
-        0x0807058cc4751049L,0x0f02c3bc79e24b3cL,0x0000000000000120L } },
-    /* 27 << 217 */
-    { { 0xaaa07644734ec473L,0xd85e99103b702814L,0x21a498758173c202L,
-        0x2c890717cb3f4b5bL,0x33c149506922f4aeL,0x124c5e49ad484e7dL,
-        0x611d7a967d9e2082L,0x7df895594d15f0b6L,0x0000000000000098L },
-      { 0x2e345ed3a5039457L,0x34947b7cce38e17cL,0x8fd52a5e30f99d29L,
-        0x4f8f3001c0b186f0L,0x2581c68bc7b4641aL,0x5006916be7dbbd07L,
-        0x2f2495f23e744e9bL,0x449cc2d31db7cbc1L,0x000000000000013bL } },
-    /* 28 << 217 */
-    { { 0xb30ff36d7eac7e6cL,0x388bbe38ee0df2a8L,0xf2398b6858bf4ee6L,
-        0xc7af5233c8a3f768L,0xac4dd8d6f880b20eL,0xc09ce5090735320eL,
-        0x50ad570da58d9c39L,0xadc538325bc36a0fL,0x0000000000000021L },
-      { 0x177653737fa3650eL,0xd8e95e4f742687e5L,0x3209d3007af39d87L,
-        0x67bc05f8a5910ecbL,0xc3af4f238d00bc76L,0xd314a1fac6edf5f9L,
-        0x41cf7b7ee3a65fdfL,0xe40089715a11eaacL,0x00000000000001c1L } },
-    /* 29 << 217 */
-    { { 0x0c838f9887c8edecL,0xe5dd51181e7c478fL,0x2ff66c0512dc028cL,
-        0xac5ad1a801931b29L,0x329df33f2a15b905L,0xf092020568a1a962L,
-        0xebc983869ed7766fL,0x6f88971bad265df9L,0x00000000000001b6L },
-      { 0xa06e9c10c9c14848L,0xcafd6d9fe8e7e01dL,0x77ea7583859a3229L,
-        0x934d04af8688d9faL,0x35e7ddcd558f96b2L,0x6961dfc8332509caL,
-        0xceeb4359f0cac525L,0xbb84703578878919L,0x00000000000001e1L } },
-    /* 30 << 217 */
-    { { 0x4348c0d62208ea16L,0xa6b7c867828ecfa3L,0x5e6e24f8bf2263f3L,
-        0x44a63dcbd3a6da5bL,0xe19a8335346f0280L,0x92f45f0a44192c6fL,
-        0x2683e6fff5c5e5e3L,0x687acfae77d82944L,0x000000000000011aL },
-      { 0x64dadbd27318bba1L,0x06775603e713f894L,0x5a86db2702699287L,
-        0x0eb2657c9dc65560L,0xad0ecf6ae85b2f8aL,0x5213fbe63ce623b6L,
-        0xe728f470f79b4791L,0x2f462b02e21f708bL,0x0000000000000185L } },
-    /* 31 << 217 */
-    { { 0x316de848faeaedfeL,0x78a110cb74883e78L,0xc02acbf279b5bfb9L,
-        0xf2a4e3d18302fa76L,0x82098a687e585e68L,0xab0f26c8b64373beL,
-        0x17a96c041f6667b4L,0xa5804b6a8049357dL,0x00000000000001f3L },
-      { 0xc4cddde35fe9e210L,0x52214a65e888afb2L,0xd1e861acda8a2060L,
-        0x228f7b6e8c3a37f0L,0x81cb013a4631a725L,0x1500ad208bfd51f0L,
-        0x17504e9c496fa6f0L,0xcb0a2b4070e311bfL,0x00000000000001fdL } },
-    /* 32 << 217 */
-    { { 0x1874803fd759f021L,0xe16e4f43f7ccdc14L,0x33b15c686ca96e4aL,
-        0x16647507c0c8f6a5L,0x0a69a27b0ddc1a2bL,0xefa1d7d28c4496ebL,
-        0x8bd873d347064396L,0x13b07fa653dd5370L,0x0000000000000008L },
-      { 0x97373827dbf8a088L,0x0f48a5dfdcd37018L,0xf3bc5022172e6d9cL,
-        0x96a0d7020867bc4eL,0x26130628d1a46e33L,0xba6c1f6a8c2bdda5L,
-        0x273f3f4d4e5e6112L,0xc9f3341ecf810455L,0x0000000000000084L } },
-    /* 33 << 217 */
-    { { 0xba5684306a70e5e5L,0x2dd3cf84f677fdb2L,0x4639444c2093d4d4L,
-        0x48145ac0cfa9d695L,0x1947f72dcbcdffdcL,0x8ee3d63223a695efL,
-        0x3f7cef682c0c00e6L,0x50a326aa9f8878a3L,0x00000000000001eeL },
-      { 0xf2ef9b77f3659baeL,0xb02047c9bb5d2078L,0x9342227bf5473552L,
-        0x6af1262c972198b3L,0xf06c8495545c59d6L,0x5b76b44d7d2254a6L,
-        0x0edf239adae2db07L,0x808bcb01b071a927L,0x00000000000001e0L } },
-    /* 34 << 217 */
-    { { 0x751ecd118ea4d1a3L,0xa416549385584530L,0x3c998d2f48ca5366L,
-        0x5d2a945994867756L,0x40eb22d0ed2ce938L,0xf2384049eb6fa53cL,
-        0x1dfae9f4452bfcd0L,0xfde76aeb67aaa0a6L,0x0000000000000070L },
-      { 0x3971401bcff41b83L,0xe60901c2652b56a8L,0x4e58a099f4f9d6bcL,
-        0xb822ec2f3cb0761bL,0x2199ca7ff5a4cea9L,0x52146c0e87d35cffL,
-        0x507233f309f44c81L,0x24a9f28e1ba0c4d6L,0x00000000000001a5L } },
-    /* 35 << 217 */
-    { { 0xadddf2ffd9c057f1L,0x6634c99638431f5cL,0xdeb1e0e10e0ccc49L,
-        0x5b08f82a9eda3938L,0x5ac5ba95b7be5ac3L,0x12e7c0a6d405b331L,
-        0xa7e8f80e1ce1a099L,0x09192de2086e69e2L,0x00000000000000b2L },
-      { 0xfd1c75f964436336L,0x02a5a6cdd3750eebL,0xfcb0759338ceb24fL,
-        0xe613ce9408e8d3d1L,0x84bd977dbbc20a44L,0xc301f3f18b41ad98L,
-        0x75dc2519a7586874L,0x2c179de3bb4cc82cL,0x000000000000001dL } },
-    /* 36 << 217 */
-    { { 0x783751f1ace85e33L,0xe9bdcbb4d36f8988L,0x51d219a6e7361da6L,
-        0x5f374eab9fd26dfbL,0xd62ecb9f12301759L,0x77f528f2f3af5667L,
-        0x38de7fed85a91b36L,0x52a085d7d022c0bbL,0x0000000000000045L },
-      { 0xf7f423fb3a234e71L,0x69e75f34635eed5eL,0xb2196ded1d3590a4L,
-        0x46a9094b52c84b99L,0x039260d5c36fa19cL,0x755dd132b5b09dd1L,
-        0x85d599e7784fe05eL,0x71187dd1167916d1L,0x00000000000000fdL } },
-    /* 37 << 217 */
-    { { 0xc2003f2f71056506L,0xbd1af63cbedf3b7dL,0xb8bfebef0a027704L,
-        0xcf2b3463da5747a7L,0xd7620b0138eb7d5aL,0x04ba1fe62aec3578L,
-        0x99b988baa26a76faL,0x059d1e5079ac26dbL,0x0000000000000182L },
-      { 0xca94d1c96ef3129bL,0x361e2c88bdcca8b9L,0x446fbd76cc7b11afL,
-        0xbc12cc4345c1ff9eL,0xf61d708a1b41f633L,0xddb2bf042db37562L,
-        0xa470ca1eff6e0b9fL,0xbf4c9c9e1ce7e20fL,0x0000000000000026L } },
-    /* 38 << 217 */
-    { { 0xdd3f12d68dbdc1c2L,0x01e34587f4c4a308L,0x29de44b9243d76ecL,
-        0x5d17233cc2f30f10L,0xa09262e4bbc6db0bL,0xd17c9a64d629b3ceL,
-        0x57d7afc416e00ed2L,0x7968b7727b3d962bL,0x0000000000000011L },
-      { 0x07c08b240363a6f6L,0x37ca731f096b5148L,0x3bfea8f7cac7db7eL,
-        0xda2e44f5fd9625cdL,0x5b4cdad91660ca28L,0x085b48054e493323L,
-        0x7c6994fd2f3ba77bL,0x0a0387299decf7b4L,0x0000000000000071L } },
-    /* 39 << 217 */
-    { { 0xfffbe77ba9ae3378L,0x9beb958edc28dbdaL,0x7fec7dbe060ba465L,
-        0xeee11a73a6098a07L,0xc83f4667ba7234f3L,0xdb034e18753fb743L,
-        0xe274fb5a5f53a77dL,0xd2a161d640d9d73fL,0x00000000000000abL },
-      { 0x9c9880a8ff15ef46L,0x97bf6f4576ed1f9aL,0xec02ab9ec55d9ee9L,
-        0x8a3e57efb5ad0d12L,0xe9db08c164d665e7L,0x0e7074369e1b30c6L,
-        0xe953299b83aecc46L,0x9ec97a400bdbf832L,0x00000000000001f3L } },
-    /* 40 << 217 */
-    { { 0x677450828f3756c2L,0xabf1e75d0a7bfcc9L,0x047931dbb8bad3afL,
-        0xa380c9855e392278L,0x5195e47d0237d6bcL,0x8c7ef452fee7427cL,
-        0x4f078dd2585b6365L,0x4e82eb4b1e10d24eL,0x00000000000000d8L },
-      { 0xda54dc52610b349bL,0x96746e43904633f2L,0xd2a58f332c50aa46L,
-        0xffea4d06987f9fc3L,0x5505265acc521553L,0xaf2b7da0c316df83L,
-        0xa74f09b1ea362ecbL,0xcf9f0ac3a2e1f4f5L,0x0000000000000078L } },
-    /* 41 << 217 */
-    { { 0x59af0c27a1a02f35L,0xe0ac14ea079fffb3L,0x7eb918803ba6efeaL,
-        0xf4f7ece1c20a4df2L,0x38d3a92237d80bd8L,0x54c4a59d6a6ea3f3L,
-        0xb2a32bcebdcfa4d5L,0x700e28b56b9040fdL,0x0000000000000170L },
-      { 0x56e3b014ab113b65L,0x0ec2175c548c1c84L,0x35fef7ad0213402aL,
-        0x4d91c747b2ce0bedL,0x9c699db9ebfc8d58L,0xfa3d5a081329db85L,
-        0x74b910498a16ccdfL,0xbb98d8300887072cL,0x0000000000000131L } },
-    /* 42 << 217 */
-    { { 0x96c26386e4cbd521L,0x0b1a38abd272b855L,0x30a03997f9875ff5L,
-        0xe00ab13a61dbb1c1L,0xb31c80251bf9a773L,0x4d09ff2938888083L,
-        0x356496085a48bffdL,0x8734455b7c0ceff5L,0x0000000000000185L },
-      { 0x4e3f5b3369306de7L,0x54c1bf0426328640L,0x7405d971c8b247deL,
-        0x0193c644218439ccL,0x91d5c51bc5bd4db2L,0x083af5e8d97ea0c8L,
-        0xc29d34ebba9533ecL,0xa61393defdc6e9e3L,0x000000000000006bL } },
-    /* 43 << 217 */
-    { { 0x4cbc18fd8f743330L,0x794313312b0a18ccL,0x1a8f8cfe4b46dd3bL,
-        0xea6a1b0a78faffa6L,0x71b836b8520dcc57L,0x5efddbd89b6e74bbL,
-        0x3d6b6151dc6b7c9dL,0x95f2cabff235d63eL,0x00000000000000f4L },
-      { 0x15b2e9802245f71cL,0x557c9c3eb1ea762cL,0x7121b8e7a57e9103L,
-        0x31c6a917b2bff1cdL,0xe6883a84ff413e00L,0x33f8655f4a67ca7bL,
-        0xa548bf42c27e7e2cL,0xe32f78ad352d4fb4L,0x00000000000001afL } },
-    /* 44 << 217 */
-    { { 0x75ec3f26656e2672L,0xcf0d9739ddf3748bL,0x5765797c7991dabdL,
-        0xaf30965268cee722L,0x5bcf9603ed47b3c5L,0xb739ce4e493a140eL,
-        0xb209fb5dcbfbd96fL,0x10de84841ecedf68L,0x000000000000007fL },
-      { 0x297535a097eeb1fbL,0x40bc00d9479587cbL,0xd20d467736f110f6L,
-        0x029ce5ca422c636cL,0x9c8133c2172916e3L,0xf6e1a538e3a60dc9L,
-        0x17809428fbfdb3abL,0x399fdabc973f2523L,0x0000000000000155L } },
-    /* 45 << 217 */
-    { { 0x103d1964126508d7L,0x9374fc63953fe4a0L,0xa3e5fef2bf65b5c3L,
-        0xcf1e9f434dea09f3L,0x73cf4433db5dd9c6L,0xe0cd97b415af4b48L,
-        0x6ff6d7f6ebecabe5L,0x67ab5f01e7947376L,0x000000000000006eL },
-      { 0xe36cafbd0ef747caL,0x69cff962339f8b52L,0x0aaf54ce45c3da2bL,
-        0x15c960ce248fc6dfL,0x0464d7df61eff9c6L,0x1f783e7b3a1eb474L,
-        0x37d81b791791de17L,0x356bda6296b6e9c5L,0x0000000000000188L } },
-    /* 46 << 217 */
-    { { 0xb0afc4e65c223c96L,0x88f2e5f35aaede44L,0xc3183f1cb71a856eL,
-        0xa41a1487b9c00b69L,0x28b5aaaa69d2bc7eL,0xf5c5dc2172fcc598L,
-        0x6c70b857400234dfL,0x861eedb2c2d21c53L,0x0000000000000060L },
-      { 0xc9d7f77696cb55a0L,0x0497d6176a92197cL,0xa3e0f3a608b23cbcL,
-        0x2110a78eda86341aL,0xdde07944da306990L,0xbf6cfc6ab988aed8L,
-        0xe2add66fd14d708fL,0xa44d983157dbfd52L,0x00000000000001d0L } },
-    /* 47 << 217 */
-    { { 0xc56bbdf675812dabL,0xd9e2cea8a82d54d0L,0xc78535044a6379c2L,
-        0x2c974afd849f9130L,0xb35b4d7bb75ea82eL,0x7fa6b09c58bd2e96L,
-        0xe1416607f1d13d0fL,0xb684652fd79eb307L,0x00000000000001ccL },
-      { 0x987764f187c31932L,0x99c1ba6ffb1d4bbcL,0x2ed38e948015c51fL,
-        0xf424922c93ca5a9eL,0x201c868c6510cf1cL,0xfcaacc9a10c4ed5dL,
-        0xe622fa46dc5316eaL,0x6f9a6df2518b7d2aL,0x00000000000000a9L } },
-    /* 48 << 217 */
-    { { 0xce7ae0b6075676dfL,0x24daa3aa29be05beL,0x795b32d17b2f292fL,
-        0xf71dbf4f77ae64feL,0xe5f8b83bdcca4f00L,0x111a06db71e2e120L,
-        0x6e7937f5a861e714L,0x7b14d15817bf3be6L,0x00000000000000e6L },
-      { 0xa8748d319d04daacL,0x28e3fdac9325722bL,0x4384ac259e26fc1cL,
-        0xcbce8c3320f8d023L,0xa21e8abb9fed4b2fL,0x5f1d2dfca075f969L,
-        0x43d3c57f5e8e705bL,0xcac9948fdeb0bca3L,0x00000000000000a4L } },
-    /* 49 << 217 */
-    { { 0x66a65e83dad7d797L,0xdbd972bc359e9564L,0xe35acc8a5eccb5ffL,
-        0x35e3ffac0ad3ef9bL,0x851de6e98dbecf69L,0x90c0b3bc520a3d86L,
-        0xdca6e3dd40607f03L,0xba8a7ea766dc9c2eL,0x00000000000001b0L },
-      { 0xe2a78b19c0187be3L,0xf0bfde9ebd554b70L,0x6a61dbf7e7357ee1L,
-        0x7189a9916f16a7a9L,0x1027a7495028b3bdL,0xab2f2df6a104d723L,
-        0x3f214e95834a7f51L,0x5033df8cf6019533L,0x00000000000001f3L } },
-    /* 50 << 217 */
-    { { 0x49d49732774494b6L,0x3c9506bd04770a4aL,0xbb8415e4c248a4fcL,
-        0x60ed58b8374418ddL,0xc26440d39aeaa332L,0x1601233a7aefa5a0L,
-        0x8ba67f98ffcc867fL,0xb93887e4e716de59L,0x0000000000000028L },
-      { 0xf9467d0a3f1ea0e3L,0xd69dc7b3c349e641L,0x21bb7c3d47a1fb70L,
-        0xcdce7b0485baf8f8L,0x6a94cd2df74d61bdL,0x9b4aaf70d80c40ccL,
-        0x67958b15554675a2L,0x1212272b37de6aa5L,0x00000000000001a1L } },
-    /* 51 << 217 */
-    { { 0x65b30c4693d202fcL,0x69278e20a91bc534L,0x2159b74620ebfcbaL,
-        0x9a039589158a9358L,0x3431bf268fbe3a07L,0x3f052e4d5ac5aff9L,
-        0x0c9236c539ee1355L,0x95924b8148fcf947L,0x0000000000000179L },
-      { 0xd60db53922fd1648L,0x6fa28ffd2d08381cL,0x48efc7edf1831068L,
-        0xbcbc20d73ebf4420L,0xaa29a9d85f3f90fdL,0x79b874cc5a1ca0ebL,
-        0xc177fb6d3a75b3faL,0x45005fcc887cd30eL,0x00000000000000e5L } },
-    /* 52 << 217 */
-    { { 0x22c042b9ae0ff839L,0x532ee1b07b82dbadL,0x05e95394dd5b19d7L,
-        0xc6702ff7d56b7f6cL,0x55d30e5d0e9b86feL,0x709ba115f1732c78L,
-        0x74a6cd649ac1f9aeL,0xc692aec65f088cabL,0x0000000000000067L },
-      { 0xa276f7466deff8f2L,0x36b98e844ee21c9cL,0x862c26e1b552c998L,
-        0xd5a2a5bbbc4fbe00L,0x4919ca8c18fdb4ddL,0x66d9bb81c77b7776L,
-        0x5aacc969d0db6420L,0xd14d5266a5ac63abL,0x000000000000000aL } },
-    /* 53 << 217 */
-    { { 0xef65a4d01f4c8edeL,0xaa46b120dcb08a38L,0x40f468df7069f2d5L,
-        0xcb4829542bc58171L,0x8be42227c99b25f5L,0xb0f18b7307eb98b7L,
-        0xa1fae0b29b9ec47fL,0x8be5738cb5a371b2L,0x00000000000000bdL },
-      { 0x4c571a9fdc6a7103L,0x34ce343edce86822L,0x8d732bf9cc528a1fL,
-        0x4203e1f92a313cdeL,0x3ae79ca7a5626baaL,0x0b552456eaeef625L,
-        0xfa5b3a161b406f85L,0x25b35d73eb95605bL,0x00000000000001d8L } },
-    /* 54 << 217 */
-    { { 0xa9dfea9c3c7a06c3L,0x529d3a3644d3e30cL,0x7f8d907f76897d3fL,
-        0x309a2182581c26b6L,0x4d29dc6f0c0581fdL,0xcdbc510a7bf06072L,
-        0x9d0cbdf3f55f687cL,0x5a5443e55b0b307dL,0x000000000000019aL },
-      { 0x5738cbb543970892L,0x3219a82ae52498eaL,0x00e3f1db9a0b043fL,
-        0x87e704902e29f37dL,0x3bb34b3bd2d0b401L,0x8ca921c189b818faL,
-        0xf122b4d3fa6c6e6dL,0x70098c5f3ea74c79L,0x0000000000000097L } },
-    /* 55 << 217 */
-    { { 0x4faebb5ed4d176abL,0x793cb9749742e217L,0x42c33d81e013378bL,
-        0x4ac4b7ac800a3d3cL,0x929871ea86ae5230L,0x02e2b5fbd923d457L,
-        0xba95bf17b797df41L,0x4f2509a33651e982L,0x0000000000000117L },
-      { 0x1a4e60c5a0afd2c7L,0xe96f14e4d2685919L,0xdf1961fdab7a498dL,
-        0x8692057a65b97a84L,0x4ceaacb1ed5ec892L,0x806aa214f34b0220L,
-        0x285dd9b1501fc893L,0x401b959d0115c368L,0x000000000000002cL } },
-    /* 56 << 217 */
-    { { 0x17100a613bb93eafL,0x7ccb5bf3d80ac200L,0x585d17b6eab320c3L,
-        0x8d53eff1e7258f8dL,0x9d671ee13f21f78aL,0x76e7ab703dc4ad54L,
-        0x9ef2272419b3ffc7L,0x67b54b1fafd5a3caL,0x0000000000000122L },
-      { 0x629dfafb33a86edfL,0x237e33d97e4ae084L,0xe1d102344ca49a1aL,
-        0x768d5901b6e2e180L,0xfebbd9dad2ec4ad3L,0x90ab63eba9e332dcL,
-        0x5e2636c78da3786bL,0xcbabb3fad3f6ff9fL,0x0000000000000190L } },
-    /* 57 << 217 */
-    { { 0x96c2b30c8b4503bcL,0xef8079b76ea400dcL,0xa8693f0228e1ce2dL,
-        0x3f191b4d2d51f267L,0x32e177ca3361ae9dL,0xbd7d0a66ddfc80a5L,
-        0xdd761eaf25fb8d88L,0xa2e52fd503d4a584L,0x00000000000000f1L },
-      { 0x023d3607fda8c4d2L,0x51a0c87a59aac242L,0xcf51d25c4f8a9c42L,
-        0x3a8a96c6aaac8b07L,0xa635ca96feae776bL,0x09f4b77ce5b272d7L,
-        0x1edda904f7a74fccL,0x3baf043648f0578aL,0x0000000000000015L } },
-    /* 58 << 217 */
-    { { 0xaaa50d58f000e356L,0x0b3193c7016dd924L,0x8fb754d8a0ea14b9L,
-        0xd91c9f3fa50b4c23L,0x10e6d8a82bb95226L,0xca4a37214dd94671L,
-        0xadafc0d9ce05e753L,0x1ed81caf97e6c298L,0x00000000000000e8L },
-      { 0x230fcce8d8b0bb47L,0x04b5df73c0f13872L,0x844ee3ee24286c1bL,
-        0xd25336e8292c55b7L,0x49b25059b9fe1d90L,0x88302407130bf270L,
-        0x164ea993ee3efa36L,0xa2967cc81606a7aeL,0x0000000000000063L } },
-    /* 59 << 217 */
-    { { 0xf3e4e4d3c3c8fb65L,0x51ce545919cbf83fL,0x11a1dc28f47ff417L,
-        0xc47cc26a9408c5fdL,0x8e59575bc25546eaL,0x462f9375aea3d032L,
-        0x9c0a03996f33ed40L,0xedb8b2b6d15ac9d5L,0x00000000000000a6L },
-      { 0x50c5c11ffcbc7ad2L,0x3cdaedf0e5d53272L,0x7e5df4def7d3737eL,
-        0xfd4570fe5964b614L,0xf29db31b4d1d0bb0L,0x1927ae724617ec1bL,
-        0x7f3dd228e3f040bbL,0x4b4fa22b6617a2b1L,0x000000000000012fL } },
-    /* 60 << 217 */
-    { { 0xa71ecbf6370b5ec7L,0x2ed3a5916ae50f0bL,0x5197ab87111470faL,
-        0xaea260dbe30df740L,0xcd7e1f9d02e37578L,0xa3569bfd8bae68d9L,
-        0xea8e96e7c2a89697L,0xb9d1f162f9fcc566L,0x00000000000000f8L },
-      { 0x32cd11647ef36ad4L,0x1e58205fe4b08a4fL,0x6e7d004a3dc37cbbL,
-        0xd639b5b527ebbda0L,0xe92db32e2cb36fdbL,0x25ea06757e17bfe7L,
-        0x5f49bd54c8e8cd0cL,0x793d24cfc3e25af2L,0x0000000000000033L } },
-    /* 61 << 217 */
-    { { 0xe5c1b03d6c5f70c5L,0xc634f61e0bda5d66L,0xf7fa1fb6c3782a1aL,
-        0x9da5e4eb94b3a1ddL,0xab10baef997aad2eL,0x9bfff40e40296f45L,
-        0xa17714fcaf3ca04eL,0x44315b37424f4d32L,0x0000000000000152L },
-      { 0x1898f6677a2bb552L,0xf73bf0419fba5d55L,0xa0505207adb92bfdL,
-        0xb5f8949940775fdaL,0x0a4bba547c52106cL,0xb238bff05336edfbL,
-        0x7586b6aeb6c0f11bL,0xf3b1a6d93320ed85L,0x000000000000016cL } },
-    /* 62 << 217 */
-    { { 0x1ed5330496a2c264L,0x25d19d7be58b1775L,0x87234824d1c26e46L,
-        0x2eb0c2acba0860f7L,0x1ae2194cc81321d8L,0xd45ec0f1fcdf40faL,
-        0xa0953ba97e3d11e6L,0x495a35ac11350bd8L,0x0000000000000184L },
-      { 0xbcc2861b80ecf438L,0x859849509750ccb7L,0xbdb997929e1cc8e6L,
-        0xf64a9df281f7c4e1L,0xd1860d60ca400f68L,0x9782a95d5e2b500eL,
-        0xa3af2257d6320c6bL,0xd0a1666d0488032eL,0x00000000000001f1L } },
-    /* 63 << 217 */
-    { { 0x69a468fdb7a36758L,0x297d8dd0da785f23L,0x66c8518c215c8620L,
-        0x2b420fdb7e84feb7L,0xaef8a39b26a3e7afL,0x81979bfa23484aabL,
-        0x5b9c8bf22d0d13d8L,0x1dcbdb5fa6ac2309L,0x0000000000000132L },
-      { 0xa9c831fa65bc4bffL,0xbd8b10387d5f077cL,0x361b762378a3206eL,
-        0xbeec611b4724ba57L,0x423f56177b690d52L,0xbc6dcd6aeaa09b15L,
-        0xf0b60ebf7d9c160bL,0x1c3af39c6918b37eL,0x0000000000000110L } },
-    /* 64 << 217 */
-    { { 0xcf8e03c512a09898L,0x2090118438287af8L,0x8fd47e85371620a2L,
-        0x5a2b2ec87f16350aL,0x45841b1c608c7488L,0x627c632e01739426L,
-        0x3cb05aa78f8e8224L,0xbe277fd79b643a85L,0x00000000000001feL },
-      { 0x950843e61538cb4dL,0xe88383994f7ae0e6L,0x6b90ac85d2e1d225L,
-        0x78c211321e5361b4L,0xce09f24034b950ffL,0x3884016974b71400L,
-        0x58ae40a665e2bbafL,0x5d370978c823b954L,0x000000000000017cL } },
-    /* 0 << 224 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 224 */
-    { { 0x7ddf47051733b3c3L,0x7c7878a3f4a25d85L,0x4d86f57c29ad09a6L,
-        0xa97d4ab6b26d5c69L,0x71cc925004b07913L,0x08a84131b4c0b7b2L,
-        0x388fc8aa5119f83eL,0x23a3bd0b6bfda0cbL,0x000000000000007eL },
-      { 0xdfc7c8448e549373L,0x439dc785b52ad215L,0x9e157e18fb9de6dcL,
-        0x9283c3318793d562L,0x79f9ec9033ddc16cL,0xed0dbb7fceff5086L,
-        0xfa4668078765145eL,0xba9411a9a3b387b7L,0x0000000000000176L } },
-    /* 2 << 224 */
-    { { 0x319885d110e10587L,0x2da8979a609853a4L,0xfe907fe389b08ef5L,
-        0xa3a338a61a97d9dcL,0xa5ad1a9ad7e3fb92L,0x77a3bfc07a0136e3L,
-        0x99634588aa6ed29aL,0x41f148beef4787b6L,0x00000000000000dcL },
-      { 0xb8671195ebf698bdL,0x323b6965e2974ee2L,0x1411c67084c20702L,
-        0x840b396eba4bc1edL,0xd857a525eecff9a6L,0x0afad4f4d2d6829bL,
-        0x84ef6315bf6ce02cL,0xc38fe857ccc6b333L,0x000000000000001bL } },
-    /* 3 << 224 */
-    { { 0x2d9ba7e36f07eef9L,0x46ef4ce6eb692362L,0xa869ee262fa2cdc9L,
-        0x5b7d3a81642a2378L,0xc024410ad4d6bcd4L,0x88cc0f7121ceafefL,
-        0xeee011ebe04af152L,0x9cf87d1d7829107fL,0x000000000000002eL },
-      { 0x49260571e07147b1L,0x632583460ca0c303L,0xf1cda5ae6602e056L,
-        0x418b618681a45861L,0xcbf17fcdd1921fa5L,0x355e5d1ae07a08f1L,
-        0x3f4f5bb0a26b6b2fL,0x898ca884ade69b50L,0x000000000000008fL } },
-    /* 4 << 224 */
-    { { 0x1a00fc111c417fadL,0x8816dd0b3fba7366L,0xb3a5499232c0e5a9L,
-        0xb6a634789ec0fa14L,0x880b10b8a8d8615eL,0xe3635bb83abbe5fbL,
-        0x62a209f64de9be52L,0xac41cce182b76cf9L,0x00000000000001c5L },
-      { 0x287c7bc77dd1e73fL,0x072bb2ac1f8c7d2cL,0x399011fb3af5565cL,
-        0x787b94845e2a7e13L,0x5858c3df5761ae9cL,0xf0f831ae6d2875daL,
-        0xd5f5bf2dae9c82f1L,0x191b45fbb247a36eL,0x00000000000001ddL } },
-    /* 5 << 224 */
-    { { 0x1d2d4ab0fe772021L,0xd6e75054041053d5L,0xdb480d2e5705d868L,
-        0xf68a09f76aa63e89L,0x0bcf4c31379a4d0cL,0xcbc0c737b681873cL,
-        0xdb6931a6b886d407L,0x0fbaa44bf84e033dL,0x0000000000000056L },
-      { 0x5339b4f34f90a0fcL,0x2743f6818ebc0b28L,0x37567e5bf7db2715L,
-        0xf339c91aa5b1053aL,0xde65f7188125ebfbL,0x32f7c06d6bf4ed15L,
-        0x8071d1aa40353dcfL,0xb8fdddd93c994068L,0x0000000000000198L } },
-    /* 6 << 224 */
-    { { 0x1c081356b6965640L,0x7a01b38990c7a0f0L,0xf72fdba4874007eeL,
-        0x6bd85d94dcddefa2L,0x80fbde7e48db2fa6L,0x60b2be1c4a319dadL,
-        0x996217fbee51fb71L,0x85f1b13be0edb983L,0x000000000000012bL },
-      { 0xdf53aa14ecfb1d0dL,0xdd77fc37760a217cL,0x659bf31e99b56fbdL,
-        0xd0f042ebaca3e106L,0x50c215ba1f907ea8L,0xc6bb892ca4ef5f48L,
-        0xc3beb73bfeb86870L,0x04b740bd4123f812L,0x000000000000007cL } },
-    /* 7 << 224 */
-    { { 0xd50c9fcf6016e8f8L,0x27f12c32b8c12f9aL,0x2e13fd2b08e0e13cL,
-        0xe48a1bce89e659efL,0x1bbe7f01f62a49d6L,0x87e0ca4fd417e497L,
-        0x1cf55a48364ee9cfL,0xf4fbc7eaf66635a7L,0x00000000000001a6L },
-      { 0xbe3e55113eb12a0bL,0xaffcad4b462ebdcdL,0xf6f097ace8f4d182L,
-        0xdb1fe0f2404a92feL,0x9e2a51594fc084ebL,0x6acd3a8e7af882b2L,
-        0x17654a579602fc6bL,0x1307d12271de39cfL,0x00000000000000deL } },
-    /* 8 << 224 */
-    { { 0x470bfdd42540e5c8L,0xc2c849a1057592ecL,0xd8f4b30d2f886637L,
-        0xce56d15025ba43e0L,0xcaca4a05f200d2fbL,0x38fdfb3595d80545L,
-        0xe274649f22418951L,0x155badb2cb7437beL,0x00000000000000a4L },
-      { 0x09195792c828a666L,0x3ceaf45353f59336L,0x3982e19643850a1dL,
-        0x02f8077df2d2afbdL,0x83197e1e6a6946faL,0xf158b0b4c4ffad53L,
-        0x12559573853b51daL,0x8838409e8d35c9deL,0x000000000000019cL } },
-    /* 9 << 224 */
-    { { 0xa844a48f37315ba1L,0x2db10df96f401d40L,0xb092031359508b56L,
-        0x4ccd40a51df7356bL,0xf6e6de667cba0994L,0x8d052d22aff1e407L,
-        0x6579f0aee1ad5185L,0x02a2654c2fe56ff9L,0x0000000000000107L },
-      { 0xfbe7245fc52e3a9aL,0x5cf1f315767802eaL,0xd1bc98865cfa064bL,
-        0x6fe2e272218c2d74L,0xfbc0f239e105d3c2L,0xe93040f86c2d5d8dL,
-        0x3564207844f0c1ddL,0x526cafb534a20e65L,0x000000000000007bL } },
-    /* 10 << 224 */
-    { { 0xa403b2cd3e0bf039L,0x1f331cd769ae1607L,0x5808812d9341e113L,
-        0x3bdc37f4acaef9c4L,0xeef79000a056ccf7L,0x6e36e89079f26a8eL,
-        0x225a7216a5a165ffL,0xb0f49eea4a8d4e72L,0x00000000000000c7L },
-      { 0x7df03cd678eaf6ebL,0x4e96fcfc7a3ef5e3L,0xb4578857fd3bfa43L,
-        0xaf079521906c3961L,0xa8e06dea1227fc18L,0xf0f06e6808be24bbL,
-        0x0af15713b84b3fa1L,0x6bb9ba45d30f7aacL,0x0000000000000111L } },
-    /* 11 << 224 */
-    { { 0x7055735e2734bc7cL,0xdbbb0d7f2015daffL,0xde7f735ad048c6f7L,
-        0x1401c4fe3d025035L,0x3017088af09b1518L,0x53beaa128c919403L,
-        0xe623ff8d6e6f4894L,0x1622621fa6c45b25L,0x00000000000001a6L },
-      { 0x3aacbd8120e1fd32L,0x21963a49f0c52d67L,0xb521f29dda79f988L,
-        0x5ca6538ab632a340L,0xfeccb403a1c38793L,0x800a81e46c1993a7L,
-        0xbfe7989e08775f1fL,0xa7c0bb935f6056cbL,0x000000000000007bL } },
-    /* 12 << 224 */
-    { { 0xba1f3d04e155a234L,0x83285cb7a2f5d3afL,0x120231908196da46L,
-        0xc05f48389399a9b8L,0xe1604051a097e0c1L,0x3c48963b8f3cb46aL,
-        0x7ee7debebc20857aL,0x74c375ed8ef449ddL,0x0000000000000148L },
-      { 0x6086f7e549a22d3bL,0xcf65faa71ff513f7L,0xe5f24ae161c6db58L,
-        0x085cdc7708664d9aL,0x8e2385ab1df20e4cL,0x58910a818006cd4aL,
-        0x1858bc67c143e34cL,0xf88a9ca118f7d8ebL,0x000000000000000bL } },
-    /* 13 << 224 */
-    { { 0xac6ed780d8dc7694L,0x1517db0f7f0ce3c9L,0x14e574efe2724276L,
-        0x06bf1c0ad420a1b9L,0x092fcdc0ecb5bb09L,0x00b1952db3c22e3fL,
-        0x8486050d66dfef5cL,0x4162baf5b4aa2363L,0x0000000000000035L },
-      { 0x5f188ef1ccd62e93L,0x357224c0a78fc426L,0x6a38a6a0f311d595L,
-        0x632d3b1d9363d024L,0xda7edb5aefd29098L,0x1ae7e00046198910L,
-        0xd299ea6c8637f141L,0xa33a21d96dce1f27L,0x0000000000000191L } },
-    /* 14 << 224 */
-    { { 0x33b557a9edcbf5e2L,0x8d42c77f4fb31e95L,0x3f006dce258e5a7eL,
-        0x07ab56329dc0f10dL,0x6a79f1d388012825L,0xbbc9f71d997f67e9L,
-        0x733aee4fb0484d0cL,0x0d7d26af06b23588L,0x000000000000007eL },
-      { 0xae584763447d2b4bL,0xe3c380900abe0533L,0x19dc9a0946a66debL,
-        0xc5e21596f7351889L,0x67efb3732e9062b0L,0x38c539278def3d27L,
-        0x8f2afe546ec1f561L,0xa80f0c62159002baL,0x000000000000007aL } },
-    /* 15 << 224 */
-    { { 0x0574b1c11fe4b65fL,0x564bc4eb99fc3470L,0x040cf7e88ad913eaL,
-        0x72f64fde21e6dc7aL,0xf061a2f945e43f1eL,0xb30d7ace4cf73cd7L,
-        0x4e67338fed5303f8L,0xd1ca92f827fb18b4L,0x0000000000000123L },
-      { 0xec92ff11b2ff61b9L,0xa1196425dd3bd645L,0xeab1a0b3ffc4a720L,
-        0xbb01e20dcde12819L,0x222fca782f6f9062L,0x5343239fbf735e40L,
-        0x8e4c78ee7a1efa11L,0xbb68361cacee5111L,0x000000000000009bL } },
-    /* 16 << 224 */
-    { { 0xbce0f1074175e7e0L,0x51ac63d71965464dL,0x429f6b9f52aaa9ebL,
-        0x6ed3c53b2a1846d7L,0xfa87d5876dcda98aL,0x9858c801c72d6d0aL,
-        0x94a5bcf367681451L,0xb7c46ecdd3de0285L,0x0000000000000183L },
-      { 0xfd301b76d2dfd89cL,0xac9c2b0d0f38e6c1L,0xcf9d3acf2da8e6d4L,
-        0x99db13dceb9024c5L,0x4ebfc5ba9ee659a9L,0xbded80949b2fa547L,
-        0xfcf035f9c08d98c5L,0xb50dd13656b8b217L,0x000000000000014dL } },
-    /* 17 << 224 */
-    { { 0xbd6785f67bfbd788L,0xf5b0998e64b74e2aL,0xb9807c2339968512L,
-        0x7de81d72cbb6513fL,0xca27798033ef0d45L,0x09ea26e95b9b19d8L,
-        0xbf8414db4390e170L,0xef1287bc2e6a7e43L,0x00000000000000c3L },
-      { 0xd10112737f0c5ef6L,0x47393f003fc452dcL,0xb193a4a17f51c291L,
-        0x7d0ffe318cbc8483L,0x330d79be90e56adaL,0xb913a2e9c8c6c717L,
-        0x3c5e0d0c3f227508L,0xf57d2ea48a43f045L,0x00000000000001f7L } },
-    /* 18 << 224 */
-    { { 0x00b8eebbbd959bd9L,0xc5406f8e65f420cdL,0x6a60db3f063154c5L,
-        0x5d36e596311dbdeaL,0xa2bd49a842a485e7L,0x661fe033dd24a2ecL,
-        0x00d78bfb695ba009L,0xfcc1198129afe784L,0x00000000000001afL },
-      { 0xf30ad5348384e611L,0x46f55e5266df249dL,0x5cb69969ee339313L,
-        0x266a39971707af6dL,0x58d83aaf3a65d217L,0x46289bda29bc352bL,
-        0x13a780b3a7375993L,0xc694ec0434a72490L,0x00000000000001d0L } },
-    /* 19 << 224 */
-    { { 0xf54fce2fa396f979L,0x69dd3e5e44540d2dL,0x4bdf033a2929586cL,
-        0x055090d894086923L,0xda62e5374c8595c6L,0x8a9e1def4d489859L,
-        0x84a3f9502ac811faL,0xe6753ec71733f749L,0x000000000000011bL },
-      { 0x1d3b67d036f97445L,0x6f154f990f2533b4L,0x69493d6eb0e8573aL,
-        0x4ca3dad5b8f6d7acL,0xd3ec695236a717e5L,0xd8c719b7e78bfc25L,
-        0xf4746d3e069fc4b0L,0x8d967a3a6486c44dL,0x00000000000000e9L } },
-    /* 20 << 224 */
-    { { 0x7d8f48632cfeec8dL,0x9974152a814a01dbL,0xddc0bc6cc92694faL,
-        0x4e7bff595e2b5689L,0xbaa96e1a812f16fcL,0x800462f4f6585b6aL,
-        0xbd8c7d984cf44364L,0xe49ad28a84fa6863L,0x00000000000000d3L },
-      { 0x417df8bca87cb33dL,0x4fccdc1bdcf62845L,0x8784400a576b1235L,
-        0x708f13ce2676a8a3L,0xa7534d0dfdc376c9L,0xbdcc20da643f1159L,
-        0xc0f21e2e86b8fbe7L,0x632c15d52f0326c9L,0x00000000000000a6L } },
-    /* 21 << 224 */
-    { { 0x68fdb156f0af9d3bL,0x5f53c821be3429a8L,0xf37ba120798adc16L,
-        0x13793b18980624a3L,0x5f6297ab421c8a0aL,0xd429fe05b9a9bd9fL,
-        0x80b7d860ff3a84abL,0x10ecc26a3e1769e6L,0x0000000000000020L },
-      { 0x0a1afce2c04cbbd5L,0x9b6b5b9cdb6c081eL,0x5759236d62cada78L,
-        0xce57613aedc49bd7L,0xf66a9105f4df2865L,0x738e3e09768d556eL,
-        0x4ea024b2487b98d6L,0x69f02ea84e9bb27dL,0x0000000000000078L } },
-    /* 22 << 224 */
-    { { 0x8499723aa10fbd04L,0x638fdf9d1d392e78L,0x7befbecbdf12c367L,
-        0x522a5d26db60f06dL,0xce23f73fe6ce2fc3L,0x42f4ea36b20e9b7bL,
-        0xcaf5a320e0401d85L,0xdf4bf7a79938d740L,0x0000000000000131L },
-      { 0xfc8a14c7b9493be8L,0x2e89cef551148e47L,0xea3375758b804aadL,
-        0xce58b786362d9aaaL,0x0f3cdaec13bc5120L,0x1e773c0d49f1afd7L,
-        0xe9127a8b4ef25b4aL,0xe6d30caf29f670bdL,0x00000000000001c6L } },
-    /* 23 << 224 */
-    { { 0xbd401bcae131ef57L,0xbbe597a154c52236L,0x6d1c702efcd7d43bL,
-        0x0eb0316d8a359106L,0x143b98b6ac6374afL,0xb2578bfac4a2b559L,
-        0xa210d0c1bd53053eL,0x5fcb9211c1779f63L,0x00000000000000f6L },
-      { 0x5f83788c000e35a2L,0xd00c38172eeb99d2L,0xa565d239c63ff60eL,
-        0x147f29dcd0d4caa8L,0xf8b63389115dbd52L,0x2dcb407f6856405dL,
-        0xb1bd3bb6469671d9L,0x4468b9a148cac2d5L,0x0000000000000013L } },
-    /* 24 << 224 */
-    { { 0x2db0707f8144a351L,0x0885661375ca2dd2L,0x7a5052e1db5369b9L,
-        0x0ee205ccd81351b7L,0x17352e8de1a0c288L,0xbb36a1cf89c9cc19L,
-        0x5797a9b2768d2d2dL,0x2736a45cd28ca1e5L,0x0000000000000118L },
-      { 0x0c9e5469931503b9L,0x2c0487af3d942235L,0xb71d495e95ae408dL,
-        0xb5c2e5d1a853a205L,0x09747539585803b3L,0xc703600a44cf93eeL,
-        0xa0a16aed1904461dL,0xfb5c6e6ab0333ff2L,0x0000000000000119L } },
-    /* 25 << 224 */
-    { { 0xc4c7b8c62b36290bL,0xe2fb417d81e58d27L,0x086f3d384750dfe7L,
-        0x8359ab7548c6d58eL,0x7b78687a094386f2L,0xcb1d4021a140ec3bL,
-        0x52a8d9962d7dbaa3L,0xc7552a9b8facccf9L,0x0000000000000182L },
-      { 0xfc3ce1ff88706b52L,0x5cfb2c61ee0aa036L,0x3c52b2c9b87e28faL,
-        0x01ceb01f22eb006dL,0xb0fd7d823174e206L,0x190d8131ade8d5d2L,
-        0x1d195d6ac3f7f087L,0xdbfae9d2eb09decdL,0x0000000000000134L } },
-    /* 26 << 224 */
-    { { 0x9b21b0eb2daa2fb7L,0x62506bd10665aaf4L,0xfbdb475b82e9704eL,
-        0x4088093f50b1377eL,0x5397eea199707c61L,0xd3356b6e75fd8b3dL,
-        0x561c380705fe8914L,0xd0304825f77342d0L,0x00000000000001b8L },
-      { 0x7daa92433fdaa949L,0x12f461af51ea7441L,0x56c37d995a63573fL,
-        0x5d6c77c84a7025e9L,0xd2f2be05817b31a0L,0xc3b01b281f472be6L,
-        0xa9bf6a9f861524ccL,0x1dc74be29f0ca5b6L,0x000000000000002fL } },
-    /* 27 << 224 */
-    { { 0xdf2687a38ee78e5bL,0x5ca01f45dd1c0e1cL,0xf2bb5db54161d203L,
-        0xabe1d9781258d82dL,0x9ed61dc1371f1fc3L,0xb5882d2e8ebcd9bdL,
-        0x62d2a79ea86df9f4L,0x925a80af6c50a563L,0x00000000000001b8L },
-      { 0x472e8479a891d8f3L,0x47741910543b0678L,0xa1df2d293d53f8d9L,
-        0xde28fb0e30acb4b1L,0x9683ff8d5d4e1f2aL,0xeb74a8044ae8a13eL,
-        0x727434e967e736d4L,0x514af3dc0db30c54L,0x000000000000010dL } },
-    /* 28 << 224 */
-    { { 0x8b883f22fd5b9cfeL,0xebc175f592656667L,0xbe995418d9c86f02L,
-        0x9dee3ec51ed7a5adL,0xe9c7b177a10117b1L,0xae7ead0547724e37L,
-        0x4baba8316fefa7e4L,0xb496a2d1d7727641L,0x000000000000013eL },
-      { 0xed31fca226014cc5L,0x3b36d6148a223091L,0x32ac1f7b521e4fcdL,
-        0xcc7348015ad644d7L,0xf60d0ae0931450aeL,0x1db3acecd993d7c7L,
-        0x0f3e95427a9cbf22L,0x7c688fba58fede8aL,0x000000000000005bL } },
-    /* 29 << 224 */
-    { { 0x53259e5950ef71baL,0x1dfc6bec47c25dcdL,0xfbd8d5c47087cf41L,
-        0x5a5ecfd10249e9e4L,0x2c6af4a91ea582fdL,0xd01b1f80cc54d09bL,
-        0x9cfa9960500567ffL,0x7c744e9348b2e9d5L,0x000000000000004cL },
-      { 0x5c596099783f1792L,0x7e2b1d15d0f14bddL,0xcc195fedecad2e07L,
-        0x324953104117835cL,0x8eb7128ca206aabcL,0x0b9d40cd4873c84cL,
-        0x4ffb71b40648225eL,0xe7ef4f33a4139697L,0x0000000000000081L } },
-    /* 30 << 224 */
-    { { 0xf6171f9bdc8d6167L,0x1bef4c1bdcdaca1eL,0x069ea1943224f5b9L,
-        0x16e603adae98eedaL,0x1c2551a03527f99bL,0x677bfceef3324cf7L,
-        0x89739e2afaa65d81L,0x7c63f321ee01a2a8L,0x0000000000000083L },
-      { 0xfca4b775684bf04eL,0x12b2accc10aacf28L,0x60eb59796f5b70daL,
-        0x0973753341ad9c9aL,0xcbfd801c2698b98dL,0x6915f2608eece898L,
-        0x932c7de6e88b02bbL,0xb183858db0f499f9L,0x00000000000001daL } },
-    /* 31 << 224 */
-    { { 0x9a4db1714ada6df2L,0x113d6ca8a6503065L,0xfe1ce2a393f30e86L,
-        0x0ec4df0f5b883187L,0x2ba9f9377b6de31bL,0x6319ca2907d3cc32L,
-        0xadf2d42c0de3d0c8L,0x1cf47cbc8b60ebcbL,0x00000000000000f3L },
-      { 0x9737b3155a5c472bL,0x405097d38f44ac04L,0x11d7b5e098060980L,
-        0x1031d3a49c649638L,0x851dd24036cc36a2L,0x72174467106c19e7L,
-        0x0689ee3ef1ab03b9L,0xab05c26f83c47bfbL,0x000000000000002eL } },
-    /* 32 << 224 */
-    { { 0xa198d04b1b9ed16aL,0x2244536251340438L,0x77078e91251deca8L,
-        0x1d7b7be1be67e98eL,0x106648be2cc726d4L,0x79dd8d7bf5877e13L,
-        0x42bbd30e37993843L,0xe768f54dca7796c9L,0x0000000000000078L },
-      { 0x91c5e19d1acdf2fdL,0x0a2eff89e93c20d4L,0x6a84e609ce41ac1aL,
-        0x186ab6e8df08373cL,0x44c2aef6f6f9abc1L,0x9c7070b0dd735102L,
-        0x0e58b51807643871L,0xbc9f2e800b15d805L,0x00000000000001ecL } },
-    /* 33 << 224 */
-    { { 0x2cd086126ac3eebeL,0xe2163c355db014f3L,0xcc0834dc214e34deL,
-        0x67d2cc1775ee3864L,0x804612d5c4b02021L,0xa11ef6c76c805b05L,
-        0x898fc69d371dfecfL,0x8e977d1ba62b7df8L,0x00000000000000d9L },
-      { 0x037816ccb8e7e3c7L,0x2bc7a1eb52cd66b8L,0xf12d63ac37ef823eL,
-        0x42f8b36b29442388L,0x5b1d0dd6caa4d841L,0x21e213cd81986c48L,
-        0x492df17ff19ef6e3L,0x8a08cec5a5bac400L,0x0000000000000033L } },
-    /* 34 << 224 */
-    { { 0x49d545a21757c756L,0x8610764d3c78c7fdL,0x888363b0285ce4b1L,
-        0x6afe14c4d52e0e81L,0x612a58397177ffe0L,0x05a4bea49679b41dL,
-        0x121bb1c14c519b94L,0x844a95ddf521675cL,0x00000000000000d7L },
-      { 0xc6045c5c7288cf7bL,0x79319df2da1016c6L,0x67ef5845055e3ea0L,
-        0x91e7ead7bee71541L,0x285c08d78843f3afL,0xa90f3a94c2089d1fL,
-        0x3d0e6d1caa37b132L,0x2f18d93b62fb149bL,0x0000000000000013L } },
-    /* 35 << 224 */
-    { { 0x9287f41090921a21L,0x0cb3476c2f63ade5L,0x87eea82b66e3e879L,
-        0xb3c50d698eaa88f3L,0xe5b64f705624741fL,0x6fcac6de5e6a215eL,
-        0xe786b1dd66acd6caL,0x9e478411a5244800L,0x000000000000009cL },
-      { 0xf784aa4fa84c388dL,0x801593a26cdc8009L,0xadc07673ff1109a6L,
-        0x708a579d42678ae7L,0x2d246455e0d1dc79L,0x42f5c10a232c0027L,
-        0xd7adecb1785590d3L,0xeb58cecf139cf371L,0x0000000000000061L } },
-    /* 36 << 224 */
-    { { 0x5f0ef75a63dbd14fL,0x70883cf607b91b63L,0x2a1a32252f16a270L,
-        0x4d2ea66709740ebdL,0x50d5f3687e12f70dL,0x94442fbf06eda6c6L,
-        0xff1df80648f80934L,0xb5b52dadc7599220L,0x00000000000000e1L },
-      { 0x307f5ffafef02d74L,0x980fc52d49e703feL,0xa1006542c0eb1a94L,
-        0x2748d7af25476aa3L,0xcf9eda78370f6f57L,0x56c8f00f6ec2b826L,
-        0xc61b847a72375d88L,0xb0833b255e744eb8L,0x00000000000001c2L } },
-    /* 37 << 224 */
-    { { 0x78124c4f967e4b4eL,0x7ed9ab8d15a66ffdL,0x26af569efc3a3f52L,
-        0x0286ff20425d38d8L,0xfec9b67f51e9e240L,0x6d8a01c657256933L,
-        0xfc8f705ad2ca6b4fL,0xac3d7833da28a9d3L,0x000000000000008aL },
-      { 0xc4371b8ea0924274L,0xe543f30a55a72435L,0x03405ef6afa7c869L,
-        0xa44ce2098226a4b6L,0xc0aac941a0f9fc88L,0x3fd69258a497b61bL,
-        0xd431b511f80688b3L,0x664b77780a42eda0L,0x000000000000009dL } },
-    /* 38 << 224 */
-    { { 0xb9d84fc9d0cf69e7L,0x98f1940ea8e34a97L,0xe4bffa94dfc118ddL,
-        0x1849a3edfc66b9fcL,0x623db3947287a7dcL,0xde0d7d087019e9ecL,
-        0x2331aabf80aa347bL,0x44a365b11b999a3aL,0x000000000000010fL },
-      { 0x198f73ac92ae7427L,0xf62dc73002e04aecL,0x0506c93d3088101fL,
-        0x945ac732184edd51L,0x57f825fdaf7c6201L,0xeda00ab31c31f295L,
-        0xeda9d910f425b2e6L,0xa360259c7cdd8528L,0x0000000000000040L } },
-    /* 39 << 224 */
-    { { 0x7f0b99ba527dce55L,0x34b0ebfe5507d70eL,0x17cf8c47887de484L,
-        0x24a47965c1e5db40L,0x7d00b4a73f930257L,0xb294ecc224daec20L,
-        0xe8b20a6d4dcf26d0L,0x3214127cf13fd50cL,0x000000000000015eL },
-      { 0x8cc788b35eb3732fL,0xfd1ae000133d4b75L,0xf9bce1bc69223ceaL,
-        0xdb5a3d114511bb55L,0x39a956cd174c7629L,0x8b986a5b97c29420L,
-        0xa2a1eb4b38c80915L,0xa61c0e9f0cbb3c1eL,0x000000000000009dL } },
-    /* 40 << 224 */
-    { { 0x225c059ed015590aL,0xe49bada67483540fL,0x2318feb81b31b7a6L,
-        0x2f21ceebe675c20eL,0x3120aaf01c4da767L,0x96ab6834faf8f96aL,
-        0x3d4658ec30ea971bL,0xd1ea8938bf6a4e03L,0x00000000000001acL },
-      { 0xfd222beee78e187fL,0x56be63dab3c6322bL,0x8d1df732b9be02d7L,
-        0xa3df259fc2738beaL,0xafba1c5a5132fe56L,0x3fa503e9e7b27139L,
-        0xa27ca7549faf45eeL,0xbfd0a46e69c674caL,0x00000000000001fdL } },
-    /* 41 << 224 */
-    { { 0xe4addb8a7c626af5L,0x95410e92784c28c3L,0x46cf5d1e41cc58ecL,
-        0x84ef22e1ed080326L,0xd2a89dd536622acdL,0xbbce8e6ab278d4ffL,
-        0x7e82c968ef05bffcL,0x529507651613c4e7L,0x0000000000000191L },
-      { 0x66b1666ebbbb1311L,0x6e7c4d8967c415b7L,0x349f95b4f99b5985L,
-        0x1570e3124410e7e1L,0xd580b98a20a06e99L,0x6d57fcf02719178cL,
-        0x33adb81f803d3d62L,0x00289e3d44e383ffL,0x000000000000014cL } },
-    /* 42 << 224 */
-    { { 0x4c6047e27f3de4d2L,0x52a7f1291f69a829L,0xad9795a543bd0bc3L,
-        0x5c71a352ab36a628L,0xb208e87f6fe6bd16L,0x8b2cd1443b7ddcaeL,
-        0xec7432bb74041659L,0xfb284cccef17cb28L,0x0000000000000032L },
-      { 0x046dc83e96a2607fL,0x8134edca02e02d8dL,0xacdfc4551b88ca47L,
-        0xd0074a612695bb9aL,0x11987bd8c3074bc3L,0x5438070061264550L,
-        0x00b82a987a57f0b8L,0x66c456c5454b48d6L,0x0000000000000168L } },
-    /* 43 << 224 */
-    { { 0x900944e57151aea8L,0xdbad74a8f5bff8a2L,0x1eafcf55286f204bL,
-        0x82458315f3dc6626L,0xd4007ce5a7714adcL,0xf73b313fb5ba570bL,
-        0x044331b1151fb782L,0x45880fd4a6e31445L,0x0000000000000167L },
-      { 0x42f4af3c14b5e10eL,0x8b5d030c99a6683cL,0x79e437bc5e5633aeL,
-        0x2d81f1998b1a40ccL,0xcddd50cbdacea56aL,0x8211a78b39d40f43L,
-        0x5191c58618becac1L,0x749d45b75e116bf3L,0x000000000000006aL } },
-    /* 44 << 224 */
-    { { 0x6b40cb65a890ca97L,0xd7c6159338fc3078L,0xc78089f208c33a15L,
-        0x43e1b721021432bcL,0xc865bd2ccbef3f81L,0xbbcbee060108433eL,
-        0x336daf037cbe3b8eL,0xa10111577168018cL,0x000000000000007dL },
-      { 0x267f0241c0b153a9L,0xfc22a8b8984c2ad8L,0x6906a223572e597aL,
-        0xd964050675f9a034L,0xc9187173533e0c25L,0xd8b9f9f87c94582dL,
-        0x66fbb9c58980b28bL,0xf8446492c9daecc8L,0x0000000000000098L } },
-    /* 45 << 224 */
-    { { 0x2d9ea0622878a241L,0x46de4cda5368642aL,0x4fa9ad358a5243abL,
-        0x5ca45b8ff67260e4L,0x50a702ff0b4f3d28L,0x0f7f2095dd1fce0eL,
-        0xe417061dba620770L,0x86cae35273b13911L,0x000000000000002dL },
-      { 0x8ab3ae4b76e1fc5aL,0x06f704572033cefaL,0xa5bff96c08db98caL,
-        0xff04cbaf958d6e43L,0x43eefc8fe3c74fa8L,0x76185b498db92137L,
-        0x920ee668bd3c9f38L,0xe1f4f3f2758c856bL,0x00000000000001f8L } },
-    /* 46 << 224 */
-    { { 0x0f97a466381dc2a6L,0x3113353553f904e9L,0x69dfb20035d8fd47L,
-        0x6cfcbaffbdee4042L,0x54a55759ff2c161aL,0xadb79909f50226fcL,
-        0xf13ec08be24595a7L,0x39d14bf39ab2b842L,0x0000000000000127L },
-      { 0x87045804e123ba29L,0x795dc65abe8c6f6fL,0xbc7dda3badade7d8L,
-        0x9f5dae17f9cb4dcdL,0xf1289fa8b261a79cL,0x9e5958fc2330157cL,
-        0x20d13331d798dd7cL,0xadd88400a218259dL,0x0000000000000065L } },
-    /* 47 << 224 */
-    { { 0xd7059bcbd7a1a42cL,0xcb29b62ddd63d4acL,0x2ddfe66885e05419L,
-        0x78011be6b23f63caL,0x40eb7f025dfc1c3aL,0xea4802d856a4fd4cL,
-        0xb4ec884c80924d5cL,0xd095d9a909fbfe59L,0x0000000000000115L },
-      { 0x4b5bb25c529993bdL,0x2be02abeb9b7521cL,0x8c0176b7641b7babL,
-        0xf479474a9c6a564aL,0x6dfc0b64f26968abL,0xab5dfefcd5ea697dL,
-        0x6f077f0cc6b8cfc0L,0x67e7275df6bfcd48L,0x00000000000001acL } },
-    /* 48 << 224 */
-    { { 0xe83dfbfb6987a9bcL,0x311372dfe03b29b7L,0x1b88ad50f4176bdcL,
-        0x5771946f37733cf5L,0x4a020165d5c0cd18L,0xb8e35a40c7603086L,
-        0x3d06b8d0db55f57eL,0x9cdb00cab17b440aL,0x00000000000000fbL },
-      { 0x840ec34134bd8619L,0x40b0c10700ab86c3L,0xf478205885c69c9fL,
-        0x22e8d92e10d63734L,0x5b8e637420a53cdfL,0xe80c3d14fec8a052L,
-        0xb9c0834eede62895L,0xb2ae0eb3de2ef959L,0x00000000000001aaL } },
-    /* 49 << 224 */
-    { { 0x61c9a15ff1779177L,0xf9aa8a6cc76f1327L,0x913619829bedde20L,
-        0x2649f43e26525601L,0x411daf56f5d6018bL,0xaa5c02480e72e330L,
-        0x5d4c0d86d07c778dL,0xf6219f689575ab53L,0x00000000000000d2L },
-      { 0x3b3e3119f9e2f91bL,0x842508feb3dd20abL,0x1715d9be576222d8L,
-        0x47805f30e4ac2305L,0x7d5a8bff610df90aL,0x82289362f166a8b8L,
-        0xb10cd13ca0b00aafL,0xce3012dc2bd95a52L,0x000000000000008eL } },
-    /* 50 << 224 */
-    { { 0x7f3557744356b52cL,0xe4df74da343a8082L,0x0ad02ea630fd3ccdL,
-        0x41c092de81ee408eL,0x5b7314cc0b7af2cfL,0x4f14ea6e18876155L,
-        0xee09e162c5bc9211L,0x33b0203b754d1a04L,0x0000000000000119L },
-      { 0xbba2396d5a659158L,0xc8bd42a381dc2121L,0x96ca706eebae2b49L,
-        0xa47f6a3b27997ddaL,0xea8114cfcecdd7f9L,0xd2c8ebeae936e2e5L,
-        0xd7472cb9fb68d089L,0xa23bd4403d346567L,0x0000000000000024L } },
-    /* 51 << 224 */
-    { { 0x1cb466c1b9c5c233L,0x644e56e7ca17089fL,0x87689df22f23ec6bL,
-        0x7fb193160983cadeL,0x3f174e023542b10fL,0x896aa0aa52204547L,
-        0x0fac42698f3a3319L,0x16bfb9186ea6d467L,0x00000000000000b8L },
-      { 0x9f2675ddc7905198L,0x2377a69ba0bc6a9aL,0x789bb3609de78affL,
-        0x3c9e13121dc56711L,0x7e45f51897a01744L,0x57d6f870229ee331L,
-        0xf4e661027c84830dL,0xa8a3ff8f92a41beeL,0x00000000000001e7L } },
-    /* 52 << 224 */
-    { { 0x47a968bae826a120L,0xc0fb676354042559L,0x97dbf43c0b0b45edL,
-        0xd11788e1d819d0baL,0x6209a0c57eda726bL,0x65a8225cbb83ca8bL,
-        0x1cabddf0a6e5d980L,0x19cc1e75572ce15bL,0x00000000000001f0L },
-      { 0x292a9cf080e60532L,0x93ad928f418cbfdcL,0xeefb9eff36c16b79L,
-        0x2b2bb7cb6df5235dL,0x06920ab01a3f0e35L,0xafe3ce52c22c596cL,
-        0x7e04284c52a95640L,0x2a270b1a7b4789a1L,0x0000000000000121L } },
-    /* 53 << 224 */
-    { { 0xc6b314c1f4239b73L,0x4e54432f8debd8afL,0x1e45f0025aec3601L,
-        0x4b7090c312f51571L,0xdce4e7a4c9c1cea5L,0xe75161b104928b9bL,
-        0xa454b9d35dd8b9f9L,0x50ebb50835b06602L,0x000000000000011dL },
-      { 0x07a84718985c8551L,0x2563d00d0e100ba7L,0x3f69f4101b90b25bL,
-        0x6cf41c9be0ed8b78L,0xb71319ed7d01acacL,0x978d8b39525d0edaL,
-        0x064db8e6734ed194L,0x9ea11ecb8d6d9654L,0x00000000000000cbL } },
-    /* 54 << 224 */
-    { { 0x2b8b31c4eed9cdf5L,0xe7e616bfcb262a4cL,0x41dae45e4b7d7dd3L,
-        0x982a2408caa8c982L,0xffcbce7a3f2a9e6fL,0x50121acccc21ea38L,
-        0x4c2cf642e32f6ca0L,0x22f3a5335b36d5a2L,0x00000000000001c9L },
-      { 0x1f2ad6eee92b1fe6L,0x6a3bf10db5ef5acbL,0xae6f23edd3503528L,
-        0xc2baee0f5ded8513L,0x1f29e1b304c9a105L,0xadd1d742e6b6e61fL,
-        0x72dd27a22e532676L,0x9a53e3a5ac0aaa7aL,0x00000000000000a9L } },
-    /* 55 << 224 */
-    { { 0xe0c8af94cdd6ae96L,0x7a4ea983e2977012L,0x9e749b02365a4de3L,
-        0x2ad28ef487969ffaL,0x93dfae73b6015cd4L,0x6a0350fcd291c2bcL,
-        0x8899eb4142cbcfd4L,0xbf324b61613604beL,0x0000000000000112L },
-      { 0x2a22b916e110f342L,0xe9b1f40520b9a301L,0x7429d456c530c11bL,
-        0xc8c6bb369c275befL,0x65e9dba104319247L,0xd3433e680d8f08b4L,
-        0xe6d50c0a297ee342L,0xa35cd9c083615fc4L,0x000000000000016cL } },
-    /* 56 << 224 */
-    { { 0x8439b14cbaa20680L,0x5f16560db2c77c25L,0xe3c19ca9554f95cfL,
-        0x9e494f8ec3e722e3L,0x3d4b917f1908e637L,0xbc08600dfe6f4915L,
-        0xd730de4026e8d819L,0x28025a154c864edaL,0x0000000000000106L },
-      { 0x0fe4b4805cf7d60eL,0x1d9c195fd22286e8L,0x7c30b704daca5bfaL,
-        0xbfddf0e2b1185d19L,0x1ddf3bfebfa68c75L,0x95d6947fa94774a2L,
-        0x491b041fc28aaaf6L,0xdd984208014c07d3L,0x00000000000001eeL } },
-    /* 57 << 224 */
-    { { 0xc006f8261c14b152L,0x607b76d8548caad4L,0xc533d8f6644b2fedL,
-        0xb5949a09a9cbaf32L,0x980f4e5ee9b82934L,0xb69c4940e0bc902cL,
-        0xc483bd7010ceb0afL,0x85a7296f0da99f98L,0x000000000000015dL },
-      { 0xae2476dd7693b27cL,0x4fa6dd3599041a13L,0xb3ce6a53c4e4e838L,
-        0x4eaf476a9801412bL,0x615d927d421334a8L,0x663ccce26297dbf3L,
-        0xe2e7668e3d03a5e1L,0x4d15aa4099993736L,0x0000000000000188L } },
-    /* 58 << 224 */
-    { { 0xb7639306e80de633L,0x8206add9ee5e527bL,0x2f5e86f4baa789b6L,
-        0xbc772de757d25d54L,0x3ce87740b4b2b380L,0xf61acf7ebc08ab4aL,
-        0x1b81b706e4c17950L,0x70e16670f97a672bL,0x0000000000000084L },
-      { 0xb3c11d39ee5d0d74L,0x57470243c23309bfL,0xc04f806ad970c46cL,
-        0x0a91f05641f15577L,0x0888829070ab35d2L,0xb413e83fe301207eL,
-        0x0b17e3648bba92e8L,0xb1b97d4ed7b430e6L,0x000000000000017cL } },
-    /* 59 << 224 */
-    { { 0x89447b27bd4b54d0L,0x19cf8afd7f8112f3L,0xf8b4a959bf831e34L,
-        0x6dd1726a6b244017L,0x5783a070413e1aedL,0x27438461d5a29d55L,
-        0x29a921f789e2fbdeL,0x1abdad7e001a5932L,0x0000000000000106L },
-      { 0x9c35f7e9947b1ac9L,0xfe5f4c5b086b5e09L,0x12da650c105c5c10L,
-        0xd6e60f998dbaa678L,0xd3f99655ca972737L,0xeed2c3bd48d3ad22L,
-        0xfa0d06cf42a51f2eL,0xafe258e8c9d10b1eL,0x000000000000007eL } },
-    /* 60 << 224 */
-    { { 0x920ef3b8f225d101L,0x14533fb672346f7dL,0x8f391dc232eaa7edL,
-        0xca99c1fc9cf81d89L,0xbd298ba671bd3ed7L,0x2ee73abe68942dd3L,
-        0x2cb7b2009bca1375L,0xad67f957123137f3L,0x00000000000001b8L },
-      { 0x838fad634c6ecb7dL,0xb79af8cbb96744e2L,0x7c4190fcd3bee960L,
-        0xdb298cdf1740bbdbL,0x801cfc4a655bc379L,0x35869a8d80ce1b99L,
-        0x437c60f11004665fL,0xb904ae8df965f967L,0x0000000000000176L } },
-    /* 61 << 224 */
-    { { 0x9b6cb18391a51175L,0xdd88aec4fb80c7eaL,0x29cb000bb640c84bL,
-        0xb391ad58d58c3da3L,0x2671ce7f83dea34bL,0x3daf6c2d490ede19L,
-        0x39e152910ec82d99L,0x8c5df3d73928795fL,0x0000000000000124L },
-      { 0x00f19b087e411379L,0xd74a2e9ee6aca0bdL,0xac5723e381207f79L,
-        0xe888e1b58224168cL,0x9f54500800c0b0efL,0x14e8160dad9e4155L,
-        0x8f04a2a28203bc81L,0xef916792d7fb7e1aL,0x000000000000014aL } },
-    /* 62 << 224 */
-    { { 0x5057d40664da7708L,0xcff34770c7f0fb54L,0x71779c1c72de7d6eL,
-        0xe3245536baafe87eL,0x3547d3cc27ee8200L,0x6fd335b373ca8819L,
-        0xfe68353f13487c33L,0x3465439099cdd431L,0x00000000000001d5L },
-      { 0xb1b27dd4e9031706L,0xce565fc49d72eed0L,0xb48715abb1962bc7L,
-        0x849d8b56bae93f30L,0xa3548c4ddb34ac91L,0xffa60fb4985a3543L,
-        0xe43b129448a4c7bcL,0xeca115250e74194dL,0x0000000000000021L } },
-    /* 63 << 224 */
-    { { 0xf1bac1afb0f94217L,0x93744bd640f2ef25L,0xd920ea38f832f1feL,
-        0x95ddcf8c13a22b90L,0xaf759f72e0087be3L,0xdd03642be6baf27aL,
-        0x012d7445cd0dec66L,0xef35032ab1bfa5cbL,0x00000000000000bbL },
-      { 0x980f0d5290448667L,0xf4cca39fef1eead8L,0xe11005d6d02b1b57L,
-        0xff6253f2cc5182aaL,0x75f3838e96a49c6bL,0x49b5a038a5348a1aL,
-        0xe2ae0b06dcd79d60L,0x976e296a0a8fa296L,0x0000000000000196L } },
-    /* 64 << 224 */
-    { { 0x4b67fb4118d0a514L,0x0a9fdb8e32ae28f3L,0x786b00f8c238ebb0L,
-        0xf73d53d11cbb7ea0L,0xe3928456988a4366L,0xa108e52a1d62fcebL,
-        0xb923f2471d9484f2L,0x9c8dfc0caf781f08L,0x000000000000012dL },
-      { 0x6485c32f15c72d41L,0xf7ef7e581a01f229L,0x2dca15d289c87f68L,
-        0x91a22920d86c6968L,0x6015a068fe0747cfL,0x429c4d4dd744a2cbL,
-        0xd707e9ea43d3b8a7L,0xa03aa304040ed223L,0x0000000000000107L } },
-    /* 0 << 231 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 231 */
-    { { 0xa9338e3d41b1cb9eL,0xe9173c96c409be61L,0x2b8ea989ba7ea91eL,
-        0x5ad99388870edd75L,0x9d3c5a11c2112dafL,0x5a7c3d52851694a8L,
-        0x8ecc1d6dfce31234L,0x2aca74ef790d720bL,0x000000000000002cL },
-      { 0x66dc50ee20df1f66L,0xe8785c5b3b05ea85L,0x0e28d55e569d94c6L,
-        0xacd3c1651a119f91L,0x51910b8e7226e29dL,0x849b5229dc3eadb4L,
-        0xc8c44e85a88f3b08L,0x990504945e42bc66L,0x000000000000019bL } },
-    /* 2 << 231 */
-    { { 0x27068f87578b7a3fL,0x506446f1423a5346L,0xe9d9c75b58dac5e4L,
-        0x8ebc86e561b8f695L,0x272ac14e611c51e3L,0x67863a1d4e24fb32L,
-        0x270d4fdc02e5b539L,0x96d7b7a9a4186d8dL,0x00000000000000f4L },
-      { 0x1a60ef0526627252L,0x31682a839bdc0f5fL,0x52a055ada112be82L,
-        0x9c3a88484ecf7367L,0x5235087249e70680L,0x61b6b478b881b9cfL,
-        0xbec16c5a887d3c1eL,0x8a8b2b82d598a671L,0x00000000000000efL } },
-    /* 3 << 231 */
-    { { 0xc493e06c7cfbc9e3L,0x7238a446e82d3bdbL,0xf388c069940bcf25L,
-        0xb82837d2da27a485L,0x693111380941d771L,0x93a43f0de8bede22L,
-        0xb3578669b3bafb47L,0x44d6e546bc7d5cc6L,0x000000000000010bL },
-      { 0x9f703d04c2f5a320L,0x6cf923ae1a4d8cbeL,0xe24663d06bec90d0L,
-        0x94870abbb4276e9aL,0xd690b52fecc55c0dL,0xbed5a84236316797L,
-        0x8edde42f1e63e3fcL,0x2f6f5311b2a7c97fL,0x00000000000001b6L } },
-    /* 4 << 231 */
-    { { 0x3dac1eb44cb7b72bL,0xb027bce2e0c7deeeL,0x69032db2e994001bL,
-        0xde2c253a4d22b49aL,0x957977f9bf66a47bL,0xc118eae521ad303dL,
-        0x40c78cb818ba4889L,0x09901c2ce69238cbL,0x0000000000000162L },
-      { 0x8099814b08bc1ceaL,0x3e74578a38139921L,0x899412a6d9d15fe2L,
-        0x973a21ac29446072L,0xe6c4ce99ee7401cbL,0x03a86c736a4c5223L,
-        0x6976124e6f3e93cdL,0x074326df34dd40ecL,0x0000000000000065L } },
-    /* 5 << 231 */
-    { { 0x02f0014275880224L,0x6ee059da7021973cL,0x931f296db3dfe309L,
-        0x9ed8b1e9485c0d9bL,0x6f3fc0cb1e018747L,0x9add7a9b697a142fL,
-        0xe2ddd8f3e94cc581L,0x666a9b29b6d8d36cL,0x000000000000015bL },
-      { 0x1eed14bb24add8dfL,0xfcf71bd2216b86a8L,0x0f87aa7920faa29cL,
-        0x7aba4fdd9fce47e7L,0x48902baf0a014042L,0x93e911622f4b7154L,
-        0xa39079f6e5f3dae0L,0x6114f249e871766cL,0x0000000000000071L } },
-    /* 6 << 231 */
-    { { 0x943dbc45cedc41c5L,0xa3889cfc075fbcddL,0xab0a889dbee1ac11L,
-        0x9a5319b1d8721711L,0xc4228d8987ecea8eL,0x55cfce64e8221d39L,
-        0xd3e9699d39e3e962L,0x8ed1dd020549f4cfL,0x00000000000000baL },
-      { 0x1729967dfb5fec20L,0x16246ab37a6208f5L,0x10904e4b5f5af897L,
-        0x68c575bb273b4049L,0x973f128b97335687L,0xb696381ed6cb8cd4L,
-        0x3ef2ec73d2fba17bL,0xe4c62fde5233aeb4L,0x00000000000000bbL } },
-    /* 7 << 231 */
-    { { 0x2f171a11b947f8c2L,0x56959046cff17f3fL,0x824fb57f66097883L,
-        0xdd07bd642c2c8782L,0x5b17dd22867ee913L,0x9adb1675796b2aedL,
-        0x9cd315516326bf4eL,0x5839ce47d98c3c62L,0x000000000000001eL },
-      { 0x03323a3fb463977aL,0x95dccccf667a3e88L,0xe3a04d01dea1a6bbL,
-        0x427caf8c2c159eb1L,0xbb2dd277ca73e601L,0x833e194b414b5d11L,
-        0x6594999ed51e212eL,0x5423b8373e583089L,0x000000000000017cL } },
-    /* 8 << 231 */
-    { { 0xb685f627dd308ae0L,0x78d327cb5a08f7caL,0x83e55dd1ee74108bL,
-        0x906408358d01ffdcL,0x6d7694e81625f9a7L,0x48b92a43d782c8bcL,
-        0x61f7b571bf98ee6bL,0x02b2a743e511df25L,0x000000000000003bL },
-      { 0x020b09053aea9b6bL,0xc648d06d989114d9L,0xd7861a73ec1e3d92L,
-        0x2c0eb0720a0581e5L,0x5be8c4da3fdd93bdL,0xd45049f2897946c7L,
-        0x0fa12b386ebb7fbdL,0x7b5391783aca1751L,0x0000000000000001L } },
-    /* 9 << 231 */
-    { { 0xc8f1de47497aeb0eL,0xa1535a60dfd637d3L,0xda8089a50d3b3e38L,
-        0x9981de1279280d2bL,0xd0259e6c483a9659L,0xb16ad60f1cadaecaL,
-        0x150e8c7e335fcb39L,0xba8a6b8c3224d554L,0x0000000000000028L },
-      { 0xcdf6bc521dfd36bfL,0xd89e8950109ff325L,0x2bfbb3aa949c6cf7L,
-        0x5d155ffeb638dd02L,0x9f778149256af551L,0x6ad7a0913e7b2743L,
-        0x4045ec8341939950L,0x6d36b14a36c29ce4L,0x0000000000000009L } },
-    /* 10 << 231 */
-    { { 0xf61f56901631f481L,0x31cd4a4460057252L,0x11c6764a7f3683edL,
-        0x813e617d855abd6dL,0x07dd6c6674bffc99L,0x4eff77903d28a486L,
-        0xda809b5a1236cc16L,0xf3a0a984e1b1fa07L,0x0000000000000015L },
-      { 0xc1557c02fdbaa820L,0x22f1b155490ace41L,0xaadde80bbb30fe96L,
-        0x3ecb3b1e8005fcbcL,0xbfef06d968a1db30L,0xa8e0a6a1a6b85ed3L,
-        0xa602e5b52b82ae83L,0x567eabd6fa699305L,0x0000000000000177L } },
-    /* 11 << 231 */
-    { { 0x714021c9367bc63eL,0xdfe85b6765d131c1L,0xaba75de76eeda148L,
-        0x53a1d3775e567a81L,0x2990d626909efc1aL,0x178755cfa636420cL,
-        0x9b168b964750968fL,0xdb2cc57e5af133a1L,0x000000000000008bL },
-      { 0x58ce08b0e2ffaab5L,0xfd0ff4ad1865bb21L,0x838c66c9bb65b3fbL,
-        0x4a4b95229893cf54L,0xf50f0afb0467f480L,0x1380b003555da012L,
-        0xb2a7dda45126e11dL,0xc88ac327dd17c592L,0x000000000000018fL } },
-    /* 12 << 231 */
-    { { 0x9d86d84feae13cfbL,0x6d235a5f994991dfL,0x0b5b3e99352cbf4aL,
-        0x9512101aa087ee0eL,0x2ab9fec1900fd50dL,0x48129fe5c8fd91f5L,
-        0x69ed1f4d08c5117bL,0x533e83c6e7007bafL,0x00000000000001e1L },
-      { 0x10a0c08d2f0fac2dL,0x35a77d2af3e1daa4L,0x447a8e905f5e78a5L,
-        0x0f5835b0d3acde30L,0x5486f6b961b9aad8L,0x9be0a9b8ecbfd6b2L,
-        0x95a5bd0409452928L,0x4fc3182dea830996L,0x0000000000000125L } },
-    /* 13 << 231 */
-    { { 0x91c85cd2fc7a969bL,0xb16347ac0b3e36b1L,0x66a36f694a3e8b27L,
-        0xb8ef5e3f91cb5d5eL,0x0aace6f26be296f5L,0x4e6d9d9d548235c6L,
-        0x9f24f5c8a7a35b0bL,0x3260930390a55e8cL,0x0000000000000048L },
-      { 0x57924d7afc9c2b83L,0xfc60aa68e403b1e3L,0xdb73a35932ffed37L,
-        0x68d0af3455642effL,0xef0d8368290a4929L,0x7be7c6143930fca3L,
-        0x22ac1195c9f52bc6L,0x074fde05df055539L,0x0000000000000191L } },
-    /* 14 << 231 */
-    { { 0x9e71f0bb8bff6d2cL,0xf35c6c1367b26058L,0xb8791d9e9fb2cd17L,
-        0x834f77fb655344b7L,0xf672749488c6106bL,0x1d51d49a83bf0b92L,
-        0x2888ca81b2598cc2L,0x454c00258377dcf4L,0x000000000000000fL },
-      { 0x622ab6ebe9046dc1L,0x3594e53e40d5f30eL,0xaf4fd362632372beL,
-        0x08601954aa276034L,0xa2369d15a10a69efL,0x9c9ffcf525bf301bL,
-        0x7cd516d5dbaf10e3L,0xc24aacc1f35e5f7cL,0x00000000000001f9L } },
-    /* 15 << 231 */
-    { { 0x518f40a0ba132499L,0x3773088dea2f1aa0L,0x232cfab18b326435L,
-        0xa399e58d73900055L,0x0b416d331a80306bL,0xa34d9a80d9f9b09fL,
-        0x8f9f4355cb95746eL,0x73a7c35d1ce94cecL,0x00000000000000a6L },
-      { 0xf619fafd8b3a57a5L,0x80e70710632fe43fL,0x287b444e581e2becL,
-        0x916afe78030be2a7L,0x6ebe236508f41e02L,0xfd7b7641b70e8c84L,
-        0x1a131e7bdda3edbaL,0xb8e1748a0677e206L,0x0000000000000110L } },
-    /* 16 << 231 */
-    { { 0xb5b80c0e82a8845fL,0x6fdd0a0f42fa43cbL,0xebfa4307803cf184L,
-        0x1dd85b5b4935a211L,0x2438607c6beecb33L,0xfbbb723e40ea88b4L,
-        0xaf5258a6e84db1ebL,0x2c2b8cd9b7ad5e3bL,0x000000000000013eL },
-      { 0x313ce4450a092935L,0x9fc84cec8d0efda6L,0x004929dc197593c0L,
-        0xebd50bb3fbef27f1L,0x9e71f61938c08b52L,0x590ef00571196231L,
-        0xae3c0d2eafc73d42L,0x768bd9624da4a91cL,0x000000000000010cL } },
-    /* 17 << 231 */
-    { { 0x47c8d3c8ab1c60b6L,0xaf198413d12a659bL,0x73fcfe24bd4d19d2L,
-        0x59c7728758032192L,0x48b1aa1f88887224L,0x01e399cd38e96fbeL,
-        0xf1a74ef9ab366e8eL,0x5087c7eb4f2103f1L,0x00000000000000e4L },
-      { 0x8861cfef7dda9880L,0x92b60a92d734c648L,0xefd3e299ed7977feL,
-        0x658f37a6e874dc55L,0x4b3fb1954e7aa888L,0x1c6111122ff97d89L,
-        0x25ad74f9f8345cd3L,0x676666b8ef50e0ffL,0x0000000000000157L } },
-    /* 18 << 231 */
-    { { 0x716cad1e90c8a719L,0x631d6acf882637e0L,0x42fd6468b140d288L,
-        0xe8dfb49488b10f5eL,0x5fd3394471d6849dL,0x51459c14c0026192L,
-        0x4c72b94fd25c7d5bL,0x157cf7e3c3a7ed7bL,0x0000000000000123L },
-      { 0x046419ab6bd8dbe9L,0x4be7f1c837eee4d3L,0x27f5a81aac98ab3aL,
-        0x830a7200bf7071f0L,0xa4dba25c4ebd5b40L,0xa8af3addf94bab5dL,
-        0xc5156c404fd3e972L,0x1fe23347c1a472c5L,0x0000000000000096L } },
-    /* 19 << 231 */
-    { { 0x314e6990933c502eL,0x3eb198b24230fb72L,0xed31a6ac78b0ebd9L,
-        0x98ac708cb7cffa58L,0x41e4880762ee91bbL,0xdb80a5fd6ff7ad3fL,
-        0x647ab9160c32c160L,0x258ca51ad736fefaL,0x00000000000001c1L },
-      { 0x65c312791e5576c9L,0x8393256a7c73070aL,0xdbcbab2ebfd3ad2cL,
-        0xb4ef593498b6146dL,0xf3e6d641f150b4ceL,0xb4ca1b92aa5589d8L,
-        0xc19f635f440c31ffL,0xf3d5705f5bb1fe31L,0x000000000000012aL } },
-    /* 20 << 231 */
-    { { 0x96618bec30be228cL,0xdc83ae086b84d4f4L,0x260b2652348c399dL,
-        0x7c10ac42e6ac3a94L,0xe3d44aeb367c5edeL,0xe0c1989639ce735eL,
-        0xa2bccd0b708b357dL,0x30d6969b489d30b3L,0x0000000000000039L },
-      { 0x3e9d894367d235dbL,0xe6ab2b4427ea16dcL,0xd5b60a504c54afbeL,
-        0x48f39402c0c645f2L,0x44fb14e9a03ed92aL,0x8a66c28c8ecf7a8fL,
-        0xf5ba4cb58d9f6e44L,0x8dd59588edf7d7d3L,0x00000000000000c8L } },
-    /* 21 << 231 */
-    { { 0xa9f649382296ca7dL,0xd80c7ae06b898494L,0xe041220c5a93cd3aL,
-        0x5d42e026f46c53dcL,0x9574fdec710ec9c7L,0x2f2e24b48dbdece9L,
-        0x87afdef250244f09L,0x325f4866235858d8L,0x0000000000000003L },
-      { 0x13e624ede637e34cL,0xa841d34a17e610a5L,0xf899a907bf2faa12L,
-        0x3d28b531ebb38d02L,0x73d1eae320ec138dL,0x6799644ed687d71fL,
-        0x51b93047fff6691cL,0xeccdd0242e44e87aL,0x00000000000000f8L } },
-    /* 22 << 231 */
-    { { 0x0d8a75e7972b1d30L,0x9556f1ee4f05a10bL,0xb0a90e0afe233210L,
-        0x5899ed3fe8c3ab51L,0xb3f56019411d224fL,0x2fc2ad6f9a30b1b3L,
-        0x66b1a36860c33436L,0xcb5310cde3490548L,0x000000000000011eL },
-      { 0x520fb4e711647babL,0x2c5403554e4c5f55L,0x3b4f3cbd58a8e072L,
-        0xaac1cf335d4dbcaaL,0xb5ff4b0426ac1c58L,0x456d3fb2cf35e684L,
-        0x6c05aac04b1eebaaL,0x3eb4e1447d0debb1L,0x00000000000001fbL } },
-    /* 23 << 231 */
-    { { 0x9f9f128f83dccaefL,0x285a6d9d3e4d202cL,0x1dce04e0fe2f32abL,
-        0xb63ad64b5c47d746L,0xc620a818ca9e5cbaL,0x5599183b102c367cL,
-        0xfc28310f1bb11cf3L,0xa518ef8ae7fe07a0L,0x0000000000000125L },
-      { 0x05d6e328aaca5233L,0x3485f1f7c0d36868L,0x2418102af2b53b08L,
-        0x2d7820ab3d138665L,0xcfd8d841fa9a106eL,0x70abdc68a83768a0L,
-        0x666ec137bd673c42L,0x0f55e404e77d49adL,0x000000000000002eL } },
-    /* 24 << 231 */
-    { { 0xbb5261dba4cc0ff1L,0xf63383eb52d5233bL,0x8ab1587033aa18a6L,
-        0x1779ee6ed6b62ce9L,0x80ef23be8ef0f8e7L,0x9ec1cfb401c71a76L,
-        0xb18a364ac7c793f1L,0xffc4c25b753ab994L,0x000000000000015bL },
-      { 0x80645523d4ca91f1L,0x7e8594c5f895f3afL,0x5e0d810510b5a95dL,
-        0x9a087f09fb4356b9L,0x7784383794c16770L,0x5f6c04ef5837e54aL,
-        0xa0803997f3166db1L,0x797335e56b68a586L,0x0000000000000075L } },
-    /* 25 << 231 */
-    { { 0x8821f20b25ea7faaL,0xea6cdaf038359721L,0xef36817a60f5c37bL,
-        0x79058c6589c3b6f8L,0x5f3e57a4f0e9c92aL,0xea23b73ca0eeddf1L,
-        0x3ce00ce36e7ca79eL,0xd7301945b21fe070L,0x0000000000000199L },
-      { 0x37f5e88ca60f2418L,0x4eab2df52a6caeecL,0x5a02d837c64cc4b6L,
-        0x6316cbb4f8a52989L,0x54985f0512b8c43aL,0xaa0b8a9313cc4fa3L,
-        0x19b9999e164acd3cL,0x3e99a0388122f26dL,0x000000000000002dL } },
-    /* 26 << 231 */
-    { { 0x86bb6a2fcf51acf8L,0x8cfb578447a49e34L,0xa931fc6be3b6d1faL,
-        0xd960cde64a9d14a8L,0xe4c4116245b21189L,0xe4aeb21abbbeb75eL,
-        0xe45db020d9be6508L,0xa001afb4789ad9e8L,0x000000000000002bL },
-      { 0x5f754551c271c0d6L,0x4926b87f0543b435L,0x3157188ab3123bbeL,
-        0x2a77d4547b3addfcL,0xb1c6000b0ee40ae4L,0x6de2cc2872f6a072L,
-        0x64fd97f7f1dd26b5L,0xd43467c38f229a39L,0x0000000000000041L } },
-    /* 27 << 231 */
-    { { 0xd00fdf12e6fa0314L,0xd447ca319be251fcL,0x27bc3f9abfd2b9e3L,
-        0xda101c4d5b716609L,0x109ee4ee24e9876aL,0xf8887370d3fb25a8L,
-        0x0491476e95f97cceL,0x6b7b4ebf8296d338L,0x00000000000001a2L },
-      { 0x52f3da4126bc2048L,0x0be18a87f37ed665L,0x83c03d105741e841L,
-        0x9477ee3354bbb810L,0x0ae3b6318e10be02L,0x13581e1a7ec3bc35L,
-        0x04ed1310294c0925L,0x8b6b71746718a4e9L,0x00000000000001baL } },
-    /* 28 << 231 */
-    { { 0x5717fd84a98f0156L,0x968337919a823677L,0xebe83d77a05e6d66L,
-        0x39e669f95c1d28c5L,0x0f577b1f0bf89425L,0xb3c2f12c9dfb7d73L,
-        0xe9ffe3e1987f449fL,0x14f8a1d9a57e7e4aL,0x000000000000017dL },
-      { 0x4e980189dfe5b34cL,0xa5561e4e202cd41bL,0xf6df35fbfb0d13d1L,
-        0x7f002e1707e1500cL,0x9324d1d0ca1bf4b4L,0xd3112b6a3e7adfa3L,
-        0x65b4c876e04902b5L,0x4ebbc331bb04398fL,0x00000000000000e4L } },
-    /* 29 << 231 */
-    { { 0x6863329b21c34854L,0x3ecb8aa8e4cc2e73L,0xf0e9fa087d257dbdL,
-        0x41ae92e4882c3c29L,0xd637e8e96de51602L,0x60745807093e1831L,
-        0x4b79a97b71922332L,0xb6903e0875e68278L,0x0000000000000157L },
-      { 0x4c8fab3b704b19d2L,0x550c2a56b34c0d32L,0x67347887bbcc5f6eL,
-        0x63946f225a9bebe1L,0xf0c5304d01c39700L,0xea8d8d6872deb3c5L,
-        0xd8369ef1c2a03da6L,0xaa3fd01140135bcdL,0x0000000000000025L } },
-    /* 30 << 231 */
-    { { 0x7b5e2027b631ab3cL,0xa4ab4559f2c42e69L,0xd8a3adc1b1670c20L,
-        0xa2240db40abc7c17L,0x104ae5cff054f41fL,0x5c08b0bf128df5f1L,
-        0x651f1be1877d5d9eL,0xafb7992265e13f7fL,0x000000000000015aL },
-      { 0x140370ee632ac61aL,0x7cc393058a188e1eL,0x21a228d9f6eac7d0L,
-        0x8a6f15613fd21c04L,0x64418721c35936a2L,0xf9f06b28f3e01680L,
-        0x7efe7361fdeace5bL,0x6a7264a96e30226aL,0x0000000000000017L } },
-    /* 31 << 231 */
-    { { 0x3f5aafe0bddc0937L,0xd2d0dd4a79f1b07eL,0x56e48aadca9cadcdL,
-        0x44f035c701af31d7L,0xf288f9b9baf4a56aL,0x8a486f9d65fc0205L,
-        0x0047f8d1941bb761L,0xebdae91b757a98e1L,0x00000000000000c1L },
-      { 0x1bb72fdd52fd742aL,0x5073de5a4fd8ea03L,0x47d8be4faa00a9ccL,
-        0x9c262879e45ce75eL,0xbd62c1d3f0a9c65aL,0xbb434e5b8c15c467L,
-        0x611816bfbd22def7L,0x8aa8cf5383778ac8L,0x000000000000016fL } },
-    /* 32 << 231 */
-    { { 0xe1f0c1aefcfefdb2L,0xb5bc33d344930c59L,0x253d5f4964d2c6e0L,
-        0x25efddede316ba1fL,0xeb3ab21fe30c3a34L,0x797a1ad6cfa52a9dL,
-        0x6a3ca2e0a81ba831L,0x27bb664ce112dd07L,0x000000000000007eL },
-      { 0x91fa1e121961aa16L,0x381b2d7167dd7513L,0xbae8635144db8a51L,
-        0x4cc1915fbc31c1cdL,0xf79f40598ec6e9e1L,0xb142b6eca8929a72L,
-        0x4629c6488ed71fb2L,0x9f79bccfbd52faa7L,0x0000000000000029L } },
-    /* 33 << 231 */
-    { { 0xa550f18a6cc76e30L,0x22627d8f61df412dL,0x1d0dc5d69ca28ee4L,
-        0xababc480beafb2bbL,0xb0a7d6926fbfd3a5L,0xf1a64e38a521f4e5L,
-        0x2ee40ff432ada17dL,0xad661a64254597f9L,0x00000000000001a4L },
-      { 0xc6d509050b6c9498L,0x0853d7fe81c37fddL,0x41fec397945c0241L,
-        0x9d94a286648033d3L,0xa977521cd11a039fL,0x9d70047366f73195L,
-        0xf3925c9498f1d8a5L,0xe03e6214f2182e10L,0x00000000000001c4L } },
-    /* 34 << 231 */
-    { { 0x8a13a69fe9708f78L,0x127338fe9439033cL,0x1a55f4be1c0ae257L,
-        0x687f3349da266c1dL,0xe84a7b031264780dL,0xdc796cef48a52f85L,
-        0xc0fd19a2aa4f5258L,0x72b52c44c6e60b07L,0x0000000000000069L },
-      { 0x754a8552ada70b8bL,0x7384869e2ab69b35L,0x1eb9a71bb23f4955L,
-        0x699c11f83f8656e9L,0xacab43310b640cf6L,0xee38be2d21b0d6e8L,
-        0x9d57cbd55499e2e9L,0xb90d2b06448f08faL,0x00000000000000d3L } },
-    /* 35 << 231 */
-    { { 0xbb9af2d1f25aa87fL,0x633f9eaf006ff7eaL,0x32cc47c05d875219L,
-        0x9245422d65a7fed1L,0x7b6095ee882e7479L,0xb0921b30038514acL,
-        0x599167f588ba84a2L,0xf15c510b4de07284L,0x00000000000000d3L },
-      { 0xb152f53babf4a045L,0x019016bf296dd5f3L,0x3eafdc360650071fL,
-        0x4843e9fc756a424fL,0x3f90b62472a46c6dL,0xfd2948483854ef62L,
-        0x139dc631ee3f68a4L,0xdc88b9b1f8d64497L,0x0000000000000044L } },
-    /* 36 << 231 */
-    { { 0x9ef8fc68b3f02f00L,0x4eaaefc11b404dfdL,0xb1a6864fa257718eL,
-        0xab09391e2d8d0067L,0xc38aa83ce8204af9L,0xe1bfb2b08c822776L,
-        0xe2cf738131273df4L,0xb2d517e40cd8fa47L,0x00000000000001f1L },
-      { 0xe5e30566969d3c42L,0x14fdf845f7d7eddcL,0x7eb18e1c25c3adf3L,
-        0x32abb9b1be777247L,0x3b129a9caeb73f86L,0x112ad378338cedd3L,
-        0x885cc5a12602d011L,0x4fc5afd3bc5586fbL,0x0000000000000066L } },
-    /* 37 << 231 */
-    { { 0xcc800639d6008057L,0x9c266f39bbc8d8f7L,0x95ceb2f0607153c1L,
-        0x45f0801babb7937fL,0x3642f3177d002d68L,0x3c72feaeec4c17bbL,
-        0x86921b33df45d803L,0x2166557618a187dcL,0x0000000000000116L },
-      { 0x16fc57bf455df4c8L,0x6a3f8e24a0a801ddL,0x44f80fcbe3f46c99L,
-        0xb6a005d8815493ffL,0x9fb7e1ddb10c1c29L,0xd427ba4473b5524fL,
-        0x8b46a23436db93d5L,0xa2c3267a65278f1cL,0x00000000000000b2L } },
-    /* 38 << 231 */
-    { { 0xcd0681f765c96952L,0xd11c084db226a120L,0x6961cff3a518daf4L,
-        0x72d85fbfaaa2d432L,0xbb0bfa37d8029adfL,0x8b307974f3e263afL,
-        0x1e78acfe4357cbf0L,0x1b24c3c478faf796L,0x00000000000000beL },
-      { 0x29e359eb15c49c42L,0x2a0e85c6bd5142a0L,0x2ca4919c8f74c2f3L,
-        0xc2c0522dab7dcd71L,0x78448d5f2687cfe8L,0xd7fed0780bc1b515L,
-        0x21d8acbbc78392e9L,0xc825030ceddd3383L,0x00000000000001b5L } },
-    /* 39 << 231 */
-    { { 0x6ded17c668888e6fL,0x7d04fbec48d7a438L,0xc95939f56720bd0fL,
-        0x32116dca5b339abaL,0x9868395c78b10c61L,0x9a631ebf64f83fe3L,
-        0x353adbd78b655864L,0x780ed89288891331L,0x000000000000014fL },
-      { 0xa1034f139209f475L,0xc3119769ebdacdb4L,0x5e46e5b81adcc433L,
-        0xb13ab568c9ea84d3L,0x65af681d3d982349L,0x495774cdb9fe5358L,
-        0xc4f40572e4dea0dfL,0x64ddade9d672b677L,0x00000000000000e2L } },
-    /* 40 << 231 */
-    { { 0xdfe1e6afd3bc4454L,0x940641a79e92d2f3L,0x9ad218730e1c2fa0L,
-        0xb6e06bc5a411d441L,0xb54c27d838bf29f0L,0x7dacafceb14f35d2L,
-        0xbfe2b09082b7bc07L,0x868699ab8d3eeed0L,0x0000000000000072L },
-      { 0xbb74a259b8f76318L,0x3ed5995df91b3df3L,0xa4a97a19ac6557b1L,
-        0x07255a2568cf70d0L,0xb28d48077f106380L,0xef6b891b7375c430L,
-        0xf638f42c90c29af5L,0xdf57cc5407c206daL,0x0000000000000088L } },
-    /* 41 << 231 */
-    { { 0xcce61ebaa95f4034L,0xc03193858d3934cbL,0x48125313045ecf08L,
-        0xa5293e9e00a86a56L,0x9685609ce4739621L,0xb4763b6e45a8cdacL,
-        0x0f7efc7417e70b13L,0x3fa90ba2b41aaabcL,0x0000000000000088L },
-      { 0x38849e404a869a92L,0xbe5d13dcf392f0c4L,0x564182b6a7a77b35L,
-        0xad96f8613b51e934L,0xcda67468a8944a6dL,0xc3a4639791afc06eL,
-        0x46517e758aa12264L,0x600044e225aa0d28L,0x000000000000019fL } },
-    /* 42 << 231 */
-    { { 0xac0f2e82bf2a6824L,0xe4a045edfde799c0L,0xf4bedaf812796db6L,
-        0x852692d02f95b690L,0x5991cfd95d3f8741L,0x91cffa0d40b8c83dL,
-        0x26c9dc52a566930aL,0x3dcf171f8c1fd3deL,0x000000000000001aL },
-      { 0x977041071ef70b29L,0x3419dd6b356da0a7L,0x69a6690c3f4259f7L,
-        0x643596f23f596c22L,0xdfa2ac5495452620L,0xa98ed767c7c2b5cfL,
-        0x78d44543a1b281f8L,0x2d6f804fb1800c0bL,0x000000000000007cL } },
-    /* 43 << 231 */
-    { { 0xd820a109f48d85ccL,0xacacc587ae63a21aL,0x64e3da09e0beb46aL,
-        0xa5020c60fca415a6L,0xb1ce6feb30ac9de0L,0x796e8d8ea918a87fL,
-        0x14d8b838e24fc12dL,0x50543fda5a2748e6L,0x000000000000007cL },
-      { 0x998570177a2fdb75L,0xae937494f7002ebcL,0x99906c28e38e1a23L,
-        0xc922a7b49285a1c9L,0x3783412560208b56L,0xfddcb5db55aa5343L,
-        0x7e1aa3e079405671L,0x717994d9b6c5afaeL,0x00000000000001ccL } },
-    /* 44 << 231 */
-    { { 0x3a6e35396a057b5dL,0x96bfc6907338fb26L,0x9dd6b30a6ec9a962L,
-        0x13980a46d62386f5L,0xe2efd90ec9e88bceL,0x2e952aea56736496L,
-        0x0f711da87eeed705L,0x25c0012c4f696d10L,0x00000000000001ccL },
-      { 0xd4f64d9daaecfe2aL,0x77d4ff6c04f3c02dL,0x6dfe2746f2d2d351L,
-        0xbe133c6bd547c567L,0xe3eefd95ed234f60L,0x5de33b9d0cbf5f2eL,
-        0x563fbcfd11ecd741L,0x4dd1ff2449ec76f9L,0x0000000000000166L } },
-    /* 45 << 231 */
-    { { 0x7f90db705dc505baL,0x0ed287e682dff023L,0xdc1e823736006439L,
-        0x45f7189e5d5fbcc5L,0xb0519882a90fa834L,0x88e1b59f135e2379L,
-        0x5f22a5ed447a0e94L,0x12230205384b1b44L,0x000000000000006aL },
-      { 0x4c6df3168a6a5944L,0xdd99a4c395811e9aL,0xdc18aba483642434L,
-        0xb5d321bda71f9f25L,0x338aadb635fc1540L,0xf7d5d16c9c5d076fL,
-        0xe9aed76046537780L,0x0b88e00e065f90bcL,0x0000000000000050L } },
-    /* 46 << 231 */
-    { { 0x5eba88dab51a448cL,0xc59140a1a3bf6be4L,0xfcb188c338515c47L,
-        0x5d212b1bf85097c4L,0x0a031432c37af0c8L,0x1434b11f8a69ea4fL,
-        0xf196646e16e47ba2L,0x49acc62d4ce5d965L,0x0000000000000062L },
-      { 0x63725ac292f56298L,0x18022c719412d3b4L,0x992db0a6db2b50a3L,
-        0xc57263c1c99dae3fL,0xa5cf2e9592d1d97aL,0xb5f93d02b730a5aaL,
-        0x500efdb45dff5370L,0x30e83357974821d1L,0x0000000000000198L } },
-    /* 47 << 231 */
-    { { 0x8e008d522c941ea0L,0x59156f3bb3ec2760L,0xf8e5257f72bd1775L,
-        0xfeb8a6caab104dd1L,0x0aa7934f1e24e935L,0x082a542f75b78c22L,
-        0x08a13d3ac08f5967L,0xafcdee9dbd0f2e83L,0x00000000000000b5L },
-      { 0x7d14271c4b5bc3a0L,0x0aef85c6d39586e5L,0xd92fb2fd460c3ea9L,
-        0x17c4554cbee0de36L,0x80e5aba407dd1df4L,0x23e588707cb3ce68L,
-        0xae5fe85678e22f39L,0x8cbf32748b9cde6dL,0x00000000000001aeL } },
-    /* 48 << 231 */
-    { { 0xf4d18a133b6da0e9L,0x10102e98bbaeb6f3L,0xb82cf999e6f414ebL,
-        0x5a2d09f201420725L,0x51ef37070d541392L,0x044404a7a4b6cbf7L,
-        0x98b51c307f783763L,0x154e7643eaa19df9L,0x000000000000012aL },
-      { 0xbba4d0924bea27e5L,0xfba7ca7dfc03da36L,0x4399448fa62fbccbL,
-        0xcf7863be93fbb08cL,0x41954ccdf35720c1L,0x6c37e6594ed8dfc6L,
-        0xfd3d7cc05aa73a82L,0x616281f077f1e04cL,0x00000000000001e1L } },
-    /* 49 << 231 */
-    { { 0xb8843a3baecb9c56L,0x471c521f71eb02e7L,0x2646f42f1978dff2L,
-        0xd1840b68db9b06ccL,0xf1c565cdd2eaefe7L,0xac478d82e5aac498L,
-        0xbb81c5731219236fL,0x9cef590eaf3ec7ebL,0x00000000000000fbL },
-      { 0x00fa48fd12839c79L,0xbe6930b2f9ba96f6L,0xca60400a52dbbdc6L,
-        0x97cdebbba58fbab3L,0x6cd668db0120fba7L,0x030f7cb1b6282babL,
-        0xf6a0f50c8096a500L,0x13f0031822365ca4L,0x0000000000000137L } },
-    /* 50 << 231 */
-    { { 0xd3e0a88bc7a47d95L,0x9c63dfdd73d59495L,0x02515679ddfa7285L,
-        0x719c60b134a9c1aaL,0xf7ed64522d297d47L,0x018ba27bb3864320L,
-        0xf0bbeb08c51f9896L,0x55977ff5c2943b8cL,0x0000000000000106L },
-      { 0xe29e2e6d9d310344L,0xa73c141821499e9fL,0x37f93b334f2b6177L,
-        0x1a953d005b41fd72L,0x079596887fc4c74bL,0x51fa8d6a18b54a16L,
-        0x8a2f0b23d73b8d7dL,0x81dcdf27c35d31feL,0x00000000000000bcL } },
-    /* 51 << 231 */
-    { { 0x86a623829fd8b32aL,0xabdfdda101d41983L,0xa53f4563528a7673L,
-        0xab916c12bedacf84L,0x3dc44fc48b14352dL,0x993c3213260d4c30L,
-        0xc539686f7e662556L,0xf1138c58b39a1a90L,0x00000000000001a0L },
-      { 0xcad7199577e5eb4eL,0xaa31beaacc030f64L,0x0f60b8841f7cfe77L,
-        0xa420cb1721b8d4f6L,0xd09feccb7de24d35L,0x63320b49b3473f35L,
-        0xb5bcc3e10bfbe930L,0x57a963500fedd838L,0x00000000000001ccL } },
-    /* 52 << 231 */
-    { { 0x00ed7a23a6fdb2c9L,0x1409a2b34b8ba58aL,0x4851489b0a6a87eaL,
-        0x66659b7f33733bf3L,0xda3870049ec4876fL,0x35ad268a1554dc93L,
-        0x8bf6bbf30c00d57eL,0x32a2935c06b48eaaL,0x00000000000001e1L },
-      { 0xe212ae20816d8641L,0x8cebe342575da6b9L,0xf2bd08277c7ccd5aL,
-        0x7a418ca5b8c2e3c6L,0x2348a14f2994a6fdL,0x5a31412a5490a371L,
-        0x73f8d42f36fd59c9L,0x161fdd18a541ed5dL,0x0000000000000038L } },
-    /* 53 << 231 */
-    { { 0x300696f3057c5ceaL,0xcad8a2c50df8356aL,0xfc4cb7fd7c706e7eL,
-        0x60e7d69ebe6a669dL,0x40003669ef923169L,0x5930b76457070b74L,
-        0x3ef2e5f99cff0d14L,0x7ade11730db36e1eL,0x00000000000001e5L },
-      { 0xa0705ba5db6d6631L,0xb1a50dd1e4903c95L,0xa8b727c765e44762L,
-        0x07f6f4c60825fd15L,0x33baf983444de623L,0x655caaaca138402dL,
-        0xe0cbfea729652452L,0xa99c262e681e5a6cL,0x00000000000001d6L } },
-    /* 54 << 231 */
-    { { 0x3132e6ce76fc9e0bL,0xcebc5afbd0dd32bcL,0x2c75ba8753bcc7f9L,
-        0x8cc874cd8ab343c3L,0xd2021ec20024924bL,0x2cda2074c5678891L,
-        0xd724916957e36dcbL,0x7097b4f7611442f7L,0x000000000000002dL },
-      { 0x6e6cea215db4d265L,0x7257f2934bba329dL,0xaa12a1bb9bf3c783L,
-        0x0702399538239dc4L,0xb4d22bdc73524369L,0x204186e3b3252770L,
-        0xe61c9fd037080fbcL,0x9c9a7d157396cc53L,0x000000000000010dL } },
-    /* 55 << 231 */
-    { { 0x4d6356cea8b6ae97L,0x55e296caebe17bcaL,0xfb9ed8b353d6b21aL,
-        0xedf72d6ada093a8eL,0xfa81761c24490122L,0x97e3e7c62f808d4fL,
-        0xad75f995aa0130a7L,0x641a63cfee06c9b0L,0x0000000000000083L },
-      { 0x309921eba0884ac4L,0x1cea2e3f6c788b29L,0xb412c4919295fc7aL,
-        0x9eb836cabbe43b7cL,0xeffb3ae33c591e1bL,0x825cb6d838f93652L,
-        0xcef6276e83301934L,0xcd857684c28e8b6dL,0x0000000000000195L } },
-    /* 56 << 231 */
-    { { 0xe5755448cd5974dcL,0xdc4336085d6bc190L,0x291521f7431ba450L,
-        0x31e71c894d80164bL,0xb42bb11ca6ed9fc5L,0x3a0966fead792be1L,
-        0x7f75f881469b8352L,0x38ef2c56448076a9L,0x00000000000000a2L },
-      { 0xac95a77d7d743f9fL,0x06026129f3465546L,0xd56bee30e9fc9605L,
-        0xfad39345bbcc7494L,0x2b178c653f526356L,0x22418748c661ca67L,
-        0xeb53cf749b79aeccL,0xe7c48bdce76a53f4L,0x0000000000000092L } },
-    /* 57 << 231 */
-    { { 0x781ddc8410eb4bceL,0xfe20bc22689f566dL,0xabf9614b250b11c2L,
-        0x2abc1259fc25b7b2L,0xeb9d15476817ae1dL,0x9e614c5fc00482a9L,
-        0x284a7be697aa02e3L,0xd2786becb912f11aL,0x000000000000006bL },
-      { 0x3e5b8b80f712bff4L,0x2b276fe8615a7bb8L,0xb7e4a47741667babL,
-        0xdbf07505785e403bL,0xdafda3048e5d87d1L,0x651fa13f2485f1e7L,
-        0x0e96561c41fa8c33L,0x9a964b6afc9533c6L,0x00000000000001f6L } },
-    /* 58 << 231 */
-    { { 0x5efb8a35a9a4aefeL,0x69f838d2ce792292L,0x56e06b1041f75d79L,
-        0x39c0f9fb6db28a88L,0xdc03a5303f58d36bL,0xc80062fdc6689d55L,
-        0xcd52297236e0a293L,0xa0179bb20ffb115aL,0x000000000000000dL },
-      { 0xab0bb76d856d0d54L,0x2513146539f307faL,0x4bedb07820813767L,
-        0xf9a1263f59928c34L,0xefe5bdc4909d6dd5L,0x5bec7330c4f8aaecL,
-        0x434209fc1c5c1187L,0xc6f261bcb3b2946cL,0x000000000000015fL } },
-    /* 59 << 231 */
-    { { 0xb939ba08271eac87L,0x01b74a5f96572526L,0x0128e1a8d003e6caL,
-        0x0acc7456cdde9dc4L,0x645651efcd70a637L,0xe19b922266eff529L,
-        0x12e19d5d5e40a325L,0xe0ba91f712d0572cL,0x0000000000000009L },
-      { 0x1b2ebb6600213e90L,0x0f796868e8f5a418L,0x460b815804d5336cL,
-        0xef5b776a8f3acd2fL,0x2d61e4f233112586L,0x13cb818d4d8859ebL,
-        0xae3177cd776f15c5L,0x9ce64970a87d1497L,0x00000000000000b6L } },
-    /* 60 << 231 */
-    { { 0x9cb870731e4539afL,0x9478d2def6271c13L,0x090c027268d3482eL,
-        0x8c977ce0f731a796L,0x13f5710bdc318bd2L,0x2dae989a9a151ed0L,
-        0x598f15eed94e7992L,0x72aafc8f4d65daf0L,0x000000000000012bL },
-      { 0x4ad64f6d702eb8f6L,0x2151ae34a1ef79d5L,0x98837c0e3ce0c875L,
-        0xd63615b6a2e6eb4eL,0x447c6fc3b7d9edb7L,0x67f864f5a86179a6L,
-        0x1e980d0ce354cae7L,0x983691a48c4e9674L,0x00000000000000b8L } },
-    /* 61 << 231 */
-    { { 0x81446ce047b083ddL,0xeb0eb48ded4164dbL,0x92159ee968b817beL,
-        0xfb501e7cb43bc0efL,0x7486c8f67ac944b2L,0xd091b2f3d63a9c1cL,
-        0xd80fde4c25e0d296L,0xc22410b3ba3d2bb5L,0x0000000000000042L },
-      { 0x547f85ccae50848bL,0xaa2af55884859461L,0xdbdd0e1a20f810acL,
-        0xe6f7bb90536880ebL,0xcd47da15f32226b1L,0x8a5bf84843885abeL,
-        0x0a95beffe5ade276L,0x49f09071102f85efL,0x00000000000001c8L } },
-    /* 62 << 231 */
-    { { 0xe16cc278d16c8677L,0xf0f1c0291aa4823aL,0xf235fc167c6b2ef4L,
-        0x854561cc58128c62L,0xb9553b64017d2fd0L,0x8f733f2883213fa5L,
-        0x52ededb79f93720dL,0xd7f0a1cf64f4fb42L,0x0000000000000070L },
-      { 0x23d01627ac7cc128L,0xbe2bb56afa287351L,0x961cade267bd39eaL,
-        0x1ab8cc062eaf0e26L,0xb46886315db2972dL,0x6e48cee137868d66L,
-        0x37856b801193521cL,0xac3f87662ddd16edL,0x00000000000001b5L } },
-    /* 63 << 231 */
-    { { 0x90c3310c6550603cL,0x368ddcb260508b36L,0x22724f188d23847fL,
-        0xe486e47c49eb4fe7L,0x4fe67da23edc4892L,0x437b4cda2c8767dbL,
-        0x61352775146e8e6fL,0xfc0a61384acc18f9L,0x0000000000000043L },
-      { 0x2faf71994c5f4459L,0xc82c0ac392e4b40aL,0x0044de2896e9663fL,
-        0xbf301ebfb957c578L,0xa25deea70d544928L,0xa78c79201fd91e0aL,
-        0x0e8f9087ba045978L,0x33fe0d7b7b01bdf8L,0x0000000000000142L } },
-    /* 64 << 231 */
-    { { 0x5a6db3a8e35ab524L,0x2e6954315117b9cdL,0xd81f6f6417217cb3L,
-        0xb4296467910f3354L,0x7249dcfb5a83e39dL,0x7b6df96f8c87a277L,
-        0xbc8ccd9fcfb09d4cL,0xb644e4e35f67508dL,0x0000000000000174L },
-      { 0x1a228c95246be9d7L,0xd9b7805b669d44f0L,0x7c240e63f5a7d167L,
-        0x863012f56bd7f19bL,0x1cf3d77e3a9321beL,0x407dcfd2782b061fL,
-        0xdbccc9df881439f7L,0x4a3a07a3116d1beeL,0x0000000000000198L } },
-    /* 0 << 238 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 238 */
-    { { 0x9ab5fe51e870201bL,0x181be214428dcc9dL,0xea30361a335ab6fcL,
-        0x8f43702a3af87eceL,0xa46b867147df3e87L,0x4b2fdc3fbb02e25bL,
-        0x72e3bc8e68e4d43eL,0x854ae7242cf96610L,0x0000000000000075L },
-      { 0x56ecf90bfeb21bf5L,0x75d38316e555d52aL,0xfaea840084cbcf08L,
-        0xbd4a0672b5126460L,0x33c3dd8fee751f85L,0x4d658970d8fd6a67L,
-        0x49e1041a439f0c52L,0x0480366fbd63268fL,0x0000000000000101L } },
-    /* 2 << 238 */
-    { { 0xcc24e895e1756b7aL,0x3874a79a3c09615bL,0x30e2489d9014ffc4L,
-        0xedfa2851e9070c97L,0x69113ac763017e47L,0x2dbd4d59ee9161c5L,
-        0xbd93abe740c20e53L,0x2eb660e491ccc0f9L,0x00000000000001f5L },
-      { 0x1363f45a719c9f85L,0x32dfb30ea43cd38eL,0x35933e9a0b75d1ebL,
-        0xaf1fc78775aebc26L,0xb444f393a27240c4L,0xdb46c96df7592075L,
-        0x59c26ad852510ad2L,0x163890bf029bb7a0L,0x00000000000000a6L } },
-    /* 3 << 238 */
-    { { 0x35e461c73f298075L,0xdabce92b476fd938L,0x1a928e413e13910bL,
-        0xb2e8f656cc7dd6cdL,0x8a8aebfa4d4cd65aL,0x23cc2419d684d87bL,
-        0x6e96b40ba93085c3L,0x303b86411f9c3babL,0x00000000000001f6L },
-      { 0xe66619d05a55180bL,0xab397f7d3be53831L,0x103c38d48f88fdb7L,
-        0x7e6d67dfadf9520eL,0xc93512456e517e33L,0xd8596b94a69929b8L,
-        0x9611f83a43dd1ff0L,0x46568571d30d5f6cL,0x000000000000006dL } },
-    /* 4 << 238 */
-    { { 0x0f8341fe21dd6e7aL,0x5c106f8eea93e5c1L,0x8e2ad8e9ad0114bcL,
-        0x277ef823f059d291L,0xed4a28e5dc50fd78L,0xa071965189cdf20dL,
-        0xe393b2641fde162cL,0xd383b86d30a5b16dL,0x0000000000000041L },
-      { 0x04b8115bad6dbeafL,0x7d7f0bb9a996519bL,0xab54d4c89c397c91L,
-        0x1750b97d77a6a3e3L,0x1637909b14554321L,0x7311da687a5aeea3L,
-        0x1f91a0fd52130453L,0x4338b3d686753f28L,0x000000000000014cL } },
-    /* 5 << 238 */
-    { { 0x555a5ed3e41bdc8fL,0xa4c7146e378bf6c2L,0x38ec797a397ff807L,
-        0x0a90aceb5054b6b5L,0x51c4fbf35013868dL,0xd02e806b4c84f3efL,
-        0xe6b25f2947687bd6L,0x9c80d5336dcd81fcL,0x000000000000003dL },
-      { 0xa804c672bf2ef9aeL,0x4a9ee6cf0608b597L,0x2e9648af9b9c23c3L,
-        0x4b4c51d97c465908L,0x742376d23f199fb7L,0x2c2466d04892a894L,
-        0x65b4a926f76de379L,0xe991d330e599d231L,0x000000000000018dL } },
-    /* 6 << 238 */
-    { { 0x524e9cb4da163afbL,0x8a0e4a8f228fb3bbL,0xf664c14b45960ee1L,
-        0xe6eea91bc51f2265L,0xbc9515293ce6bbedL,0x1dcb0c979f66a923L,
-        0x3c1dcaeffa6e34abL,0x8566db771ec37478L,0x00000000000000deL },
-      { 0xbabc8a979886e4daL,0x7be9df692fc58670L,0xfecd51cafbbd20c7L,
-        0x3d9edb6c856ca68fL,0x842d8464e1a1b32aL,0x7bb8fb391fab27d8L,
-        0xc7a7b8614b4c1060L,0x942bd576d69619c6L,0x00000000000000e9L } },
-    /* 7 << 238 */
-    { { 0x6870abbb49d18a7eL,0xeca5915c9e4dd9d3L,0x394f185c0196125eL,
-        0x5b1885351bb56e6bL,0xcdaf07e8e1299083L,0xca4421e89e734760L,
-        0x4288c2236376839aL,0x06e9e6aac7f2476dL,0x0000000000000043L },
-      { 0x83c257a2e91a87cbL,0x37d3a58193ba96d1L,0x23c753bf4ea5fd63L,
-        0x202f819864a1df10L,0x97a5b3dc5b6d5dc4L,0xb3262185add5915dL,
-        0x37a728f3055d11a8L,0x1110f66b8d850652L,0x0000000000000028L } },
-    /* 8 << 238 */
-    { { 0x99a1daa94cf92b1fL,0xb08a7bdecf013530L,0xcbe6c7bc1576e51bL,
-        0x9f88c296e6c13e9fL,0x13fdc9556370791cL,0xadefac0da42b1973L,
-        0xe69418a412cb2ffcL,0xaf05ce9762eae4e0L,0x000000000000005bL },
-      { 0xadb36e6565e89a12L,0xde7fee5853131bd7L,0x7335c5cbabffa9c1L,
-        0xabf94bc392947061L,0x11d2e02b6109bc5bL,0xfc1fc1d28a097cdaL,
-        0x4512fbb6f3d5db21L,0xd40e8637336a3d5fL,0x000000000000013bL } },
-    /* 9 << 238 */
-    { { 0xb927982ec0e8a1abL,0x478a75ff53dc6cd9L,0x45e6200fbe786ed0L,
-        0xee2c3a3699401156L,0x042c35b2176e07e7L,0xc09e54deb073382aL,
-        0xb23b8397c14ed4c6L,0x296c490bcedd676cL,0x0000000000000181L },
-      { 0xab1a53120317d2e2L,0x63ba4b47c5b44b41L,0x2c8a05a1a006a95dL,
-        0x4c3b5bebc7f285b8L,0x14371a425d385fdbL,0x465ae20ee294b472L,
-        0xd3ec2abb5edaa3f4L,0x72641b9f580e0a46L,0x0000000000000078L } },
-    /* 10 << 238 */
-    { { 0x005ce3f7d14c0264L,0x8ef018dc6b7d372fL,0xad9b3a6ec20ea32fL,
-        0x860938b2c327793dL,0x6c1669174b6867f4L,0x8d96f5fa19062b2eL,
-        0x484a2deb22be3819L,0xcad084fb965dec51L,0x000000000000004dL },
-      { 0xd3afa07be469f94eL,0x58e526d7762e7cf6L,0xec8641d0a6338b20L,
-        0x7694b364330d3bfdL,0xf5d8cf6f4193c78fL,0x7395355f11616b29L,
-        0xe29b7a83ab78eb55L,0x71c471aa4eb0dd18L,0x0000000000000079L } },
-    /* 11 << 238 */
-    { { 0x27a0dcec4640a9fcL,0xe00471295ee9a3a5L,0x94d54b86054af15fL,
-        0x21f6ae1dc99e6364L,0x9cb3b7413a5ecd7dL,0xdd128fa1c6840ab5L,
-        0xf62bd90375f71498L,0x5651778f8bd73c30L,0x0000000000000148L },
-      { 0x0c84978d1977a031L,0xee1868aba79b8071L,0xfcf1485672e09b67L,
-        0x0b1982dd174d8166L,0xa43baf2886045a38L,0x089d267e5b6bcf85L,
-        0x7bba2d8b97f39f60L,0xacccd7c488b1a299L,0x0000000000000030L } },
-    /* 12 << 238 */
-    { { 0x3671d520e411c88bL,0xe56d2622af747caaL,0x8c2d939f3f298a36L,
-        0xd09f955e38b36307L,0x7aef92fdacfe3a5fL,0xaa1b543a3c3413e3L,
-        0xa68bcf7585e8eea2L,0x1c33b90957271ab1L,0x0000000000000175L },
-      { 0xe829b5480993374bL,0x93ace6b43758fa53L,0x378932adfb48d303L,
-        0xa0be54cd7b9aca58L,0x6f020d2f07d56bfcL,0x661cc6df332d5724L,
-        0xe1c67b4c4702e14eL,0x6d7e1534fe0ce1f4L,0x0000000000000165L } },
-    /* 13 << 238 */
-    { { 0x542bcf698602b37eL,0xa5abcec8d9ccafc9L,0x9bbef4144d01c669L,
-        0x1cbe4eb53f21f94dL,0x73e4bd548d17cca3L,0xc71a14ef0fc467fcL,
-        0x965e6d4741791872L,0x53d248008a5d401cL,0x0000000000000045L },
-      { 0xc5e9fb2b7bc260c3L,0xaff4fa860768d8edL,0x3d9b189fe9bbb088L,
-        0xc2b32e2cb971a9c0L,0xef0b19a9500994faL,0x9a916d6b4ca815aaL,
-        0x3808a111df10d2f4L,0xfa259ef2d7d6440aL,0x00000000000000c1L } },
-    /* 14 << 238 */
-    { { 0x427e8420abc1c27eL,0x21124fb3118cc0c6L,0x3fa9121b7030b6d2L,
-        0xda46a2b7cba1c68bL,0xb248a68d3fa27645L,0x55268b8ec3876d05L,
-        0xd12a2229ca45c78bL,0x65aabd782de0e319L,0x00000000000000e4L },
-      { 0x6e660d9b77d9dd90L,0xe4edced2707fbf26L,0x8c8269de5d53a600L,
-        0xa9d2ac7cc1d0cb90L,0x7adf4c79998ce4bcL,0x553294473903cbb1L,
-        0x2af44eb383b6a801L,0xf3b473a71f55b558L,0x00000000000001c8L } },
-    /* 15 << 238 */
-    { { 0x650d6b150b56ca3cL,0x510d05a999013060L,0x8f317f930173d49dL,
-        0x1ba9a82c346efba3L,0xf21915c9238c3a66L,0x400b5e7081e3727dL,
-        0xb7a6c68ff2e8bfe8L,0x4ff4a4efe83e0afeL,0x000000000000003dL },
-      { 0xcdd4dd7cc85ada21L,0xef6508c1604c767bL,0x1155f07962894489L,
-        0xe85ce6f65b58e49fL,0xa5be7867bcdbe11eL,0x94251f2e0254ac77L,
-        0xb7e1e2fcb2a4c84fL,0x93b3013dad5da02aL,0x000000000000013eL } },
-    /* 16 << 238 */
-    { { 0x70eae5e2b7c097fdL,0x690c65c6becc7c65L,0xf684ce2cbeb8a529L,
-        0xfb5bd6fa772826c5L,0x12025c313b0d8680L,0x8f20fac7cbef00adL,
-        0xb810bf456fc66ac3L,0xa960e1b3c7878181L,0x00000000000001a1L },
-      { 0x85a5e619f6103b53L,0xcc4cf223fc14a4b5L,0x68985b1f977a8c64L,
-        0x410eaf63fe82447cL,0xe20381490453d341L,0xe1d008ad719258deL,
-        0x26c1b1773410d895L,0x93cad3da45bae984L,0x000000000000012fL } },
-    /* 17 << 238 */
-    { { 0x83470dd85087e317L,0xdb7733bae1f29847L,0x54f0d79b32b8ee6cL,
-        0xddc71c2d83573e46L,0xfd1fffb55e2b6321L,0x3daa5b01a31cbcafL,
-        0x084026ba3ea75ecaL,0xd4e58127f22d9f33L,0x000000000000018aL },
-      { 0x3ea9cefcbd40d455L,0x4350051a09e79ec1L,0x0e7888a7ce0a3585L,
-        0x32dab5ea59e3067aL,0x4843818f5953e6d3L,0xde8b4b0fcc703daaL,
-        0x386a70895d1c9c6fL,0x68d1bfbc6eac5abdL,0x00000000000000b4L } },
-    /* 18 << 238 */
-    { { 0xbd7c96176411ed7fL,0x39202b58f9a594c7L,0x4c20a11472ff2f6bL,
-        0x8eae9ef7641d9c13L,0x89aa633f48b0cce2L,0x92b63306557288b0L,
-        0xb3a581c0ce7380aeL,0x8666b913fb705467L,0x0000000000000095L },
-      { 0xf15719ceee9abfefL,0xe780789a4e41aa97L,0x9d21215431e6afb7L,
-        0x17d9bfab5cbf72ceL,0x0c48ccacb0237bb2L,0xe0a08569d349a092L,
-        0xa409e08ded3cfb4aL,0x79e67928a1c0e87aL,0x0000000000000182L } },
-    /* 19 << 238 */
-    { { 0x1d3c45e847667107L,0x866ca278c080ca9aL,0x9a41e8792dc42392L,
-        0xad3283a25b513845L,0x14d23b50b285d0a7L,0x4aef4370d7364e64L,
-        0xc5043319b807cdb7L,0x88c508189673ed5cL,0x000000000000002dL },
-      { 0xd56fa0fcf39ca196L,0x97e6dbd9852a5db8L,0xd8361629027563f3L,
-        0x93495e12e4c1ef8aL,0xcd5776f11bc10140L,0xb21ef334e3b873c9L,
-        0x48f0ece3098c8fa7L,0xd97318a4f2302f9dL,0x000000000000018dL } },
-    /* 20 << 238 */
-    { { 0xb83fdb669de748b4L,0xc46f81000c41f158L,0xade8932fb8f8f374L,
-        0x5728e8aac7ab11feL,0xa3be4365601535d1L,0xf366f0d450c52b71L,
-        0x6e00860084db7699L,0x39c5934c32bd9061L,0x0000000000000003L },
-      { 0x4c5f3ab49c964a3fL,0x30ee02c369a70ba7L,0xe4f4e7721699b55bL,
-        0x957efd09f2104682L,0x7be1bdb0298947d8L,0x128be588a6ce37daL,
-        0x10f0abbb5110d219L,0xfe63de4b6c433528L,0x00000000000000a5L } },
-    /* 21 << 238 */
-    { { 0x0ce1685131ae8a81L,0xb72c77b2d7337ca8L,0x7e74dba79aedcdf8L,
-        0x18d4e5e3da3c5c9bL,0x19ccdba8edb516a9L,0xe62b675c446ece23L,
-        0x5b4aa29acf1e7f89L,0x37dd4f643940453dL,0x00000000000001b4L },
-      { 0xb3c5170a3b3b6d8bL,0x476b1d951f6c85cfL,0x7eba2355afd2f7d8L,
-        0xd6496bd907671014L,0x9b1e6ea26f122c61L,0xcf03fff746b200adL,
-        0xeac4278017b28fdeL,0x38eab344da84d1a7L,0x00000000000001bbL } },
-    /* 22 << 238 */
-    { { 0xb5bc3117e7c0701fL,0xb48e5dc0d6fd7595L,0xd1b5fe1a3b0f2afdL,
-        0xf1099d2f9248f207L,0x6cc721d9ca2b2ed7L,0xdb339d46a360ed1fL,
-        0xfa226637396de0adL,0x2fba134ae405fd2eL,0x0000000000000110L },
-      { 0xb1d2d7ac0b4bf098L,0x79d1b226f5ff126dL,0x92a0d70fbd01aa18L,
-        0x67e5828531f22085L,0xf694f833d8b14f5cL,0x13c3cc45a40691daL,
-        0xa3405c019388bfb8L,0x6003716261c4da19L,0x00000000000001b2L } },
-    /* 23 << 238 */
-    { { 0x9a02b009aaccf1f7L,0xb6ffb0541f2fd3a2L,0x16512f3487e4db60L,
-        0xf23615007af3e638L,0x3fe5d84a1d4c8fc1L,0x73c21064f2251788L,
-        0x54f27fc6fd65b906L,0xc2262a4040e07e0eL,0x0000000000000072L },
-      { 0xb8c93aab02b4791eL,0xae54bd0ca0bfd55eL,0xebb909da4ea41398L,
-        0x8af3c61555c3e881L,0x61d0d6b9cff9966fL,0x1c28b62eb85433a2L,
-        0x58167c244f422e5bL,0xae2dfae6446a4077L,0x0000000000000063L } },
-    /* 24 << 238 */
-    { { 0xee8b94e0bcbcf019L,0xa3965127952a5a75L,0x5d306ffdbd99b8e6L,
-        0x9726acfcf7f77f82L,0x52a8c48f333e69a2L,0x2561b47ee5310f8cL,
-        0x5c707992ddba50adL,0xca39fec1d49f9302L,0x0000000000000197L },
-      { 0x773374e03330c1deL,0x3c186e5a12186692L,0x7c50d77c2a07fe4fL,
-        0xb0387d01ec8cb87fL,0x891a741524af7e0dL,0xacd3fc805dce5454L,
-        0x2a92f9cb257238d4L,0x25075cbc4415b2a6L,0x000000000000006fL } },
-    /* 25 << 238 */
-    { { 0x7884bbb629f1ff9eL,0x2b3706ed9719d7f0L,0x3a418c4929172624L,
-        0x1857e4ddd83e00c4L,0x8d5bea69add00324L,0x60ee0dacb3d682c5L,
-        0xf34b52b594bf155eL,0x9cbc6954fa986cc0L,0x00000000000000ffL },
-      { 0x23d72f25e31ed109L,0xa053addcebe1cbecL,0x375503015674aeefL,
-        0x2651c46a6eefe964L,0x600c18699dff26f4L,0xc20ce2878be15274L,
-        0x17f6b16a86f62663L,0x919c4e3d4158baeeL,0x00000000000001daL } },
-    /* 26 << 238 */
-    { { 0xe8d55c1e634e034dL,0x344ec79cd9e13479L,0xf3b583bf4be319f2L,
-        0x36bd595ea43a6c72L,0x64c244cb8ee00c73L,0x592642553034b765L,
-        0xf98e04c8d6d25e62L,0xfe83950036bfb0f0L,0x000000000000004cL },
-      { 0xcc19547c4f773a47L,0x1b974525f727e658L,0x36290dd2b17ab2bbL,
-        0xb1e03bc6dd339b6dL,0x3d2fd734d4b510dfL,0x56e14c3136363925L,
-        0xa61a6fd8574c83b9L,0x7340921e4c17fa62L,0x00000000000001afL } },
-    /* 27 << 238 */
-    { { 0xe6eeba2ac872b54cL,0x3734508057576f82L,0xc82723574939b69eL,
-        0x4c9f83c24460d5baL,0x635d558bfd73c262L,0xf58b7a7750cb2d56L,
-        0x14bdaf8abd4c14f1L,0x31d03f3b5acf2c6eL,0x0000000000000099L },
-      { 0x595629f11a4aae0cL,0x2f72899cf87bedc0L,0xbe2d7dcff6797377L,
-        0x49fb22c2ff654225L,0xfa99f364161f0820L,0x6f069ff13b8a9200L,
-        0xf07433d474600803L,0x4035ba9921b24016L,0x000000000000003eL } },
-    /* 28 << 238 */
-    { { 0x64f0ae6630ae5727L,0xeb7fee1cccfe2f46L,0xcb52d65cc17226f5L,
-        0x11bfdd3c4bde2ff6L,0x14593dba22f56523L,0x7549c2a8e5a07b06L,
-        0x27e857b0a259420cL,0x5f2702cfd795bf2bL,0x00000000000000ceL },
-      { 0x50247b7799ef6f42L,0xc5d4d501a9496281L,0xc2898fd0848ee90aL,
-        0x5916df473b105ea7L,0xc963d568a3fc2a93L,0x4f5dbd88a71e69ffL,
-        0xb1dfb820ed98520aL,0xf91d6e9e5bbb0779L,0x000000000000010eL } },
-    /* 29 << 238 */
-    { { 0x96ad602860bf7a00L,0xc3426e16c47cdc65L,0xe57e994a1e2760b1L,
-        0xeb93b5f7b3fb4b03L,0x31bb9ec24a492c4dL,0x65d3cf03584d5be8L,
-        0x601b91ccc97a4958L,0xc969b84d7336cea0L,0x00000000000000e7L },
-      { 0x0979646c913be9f6L,0x6320c63456598b42L,0xfb1cb31e59f91ddfL,
-        0xa2f17bfc0c88b8d8L,0x894985b268d26956L,0x3e960fcbabfa8376L,
-        0x913526f20caa7b2dL,0xaa97458ead4a33e5L,0x0000000000000087L } },
-    /* 30 << 238 */
-    { { 0xa3931ead385812f2L,0xa5d9d3ab9ff9b9a1L,0x8b98aee83299344fL,
-        0xb9e1f38bbfc5c57cL,0x66c8223742e07798L,0xf2bb539d6f4bc8baL,
-        0x022615e0eb11077fL,0x41059629845c0f9aL,0x00000000000000d5L },
-      { 0x05e13d3b4953c8ceL,0x4892bd1e05ecb056L,0x15c3d629e54ce7b4L,
-        0x818460931bc0c8cbL,0x70ae6768e5b06fc6L,0x549cae2800e46659L,
-        0x674019953a739df8L,0x3323b1b868fcc1e8L,0x00000000000001c8L } },
-    /* 31 << 238 */
-    { { 0x1b81beaa3dce6ebbL,0x3232328e2986bcc8L,0x08562a2e7a7ec1b1L,
-        0xeed1e9d9c46c24b9L,0x15a05107ef0106c2L,0x54dbe4e566610461L,
-        0x4c5fb5c51ec80c7eL,0xa7507d581e15f329L,0x000000000000011dL },
-      { 0xc3de850e31675fecL,0x2164d583de66dee1L,0x2346eecfef36f11cL,
-        0xd3037b676d397030L,0xc88b32b46c94a3e5L,0xb9494d80fcb7031cL,
-        0x45060066a79a0c8bL,0x2c283d47fd946bacL,0x00000000000001ffL } },
-    /* 32 << 238 */
-    { { 0x6bce4008db3002ceL,0xe109980c03fe67efL,0x35f077201cd61540L,
-        0xb0adfba4723c0ef2L,0x811b100860ca9a5bL,0xedd17f04c0d112c6L,
-        0x8cc7cc5f49688782L,0x716f36bbd5f89c31L,0x0000000000000031L },
-      { 0x700cb92a1d19d891L,0xb99918262daa7a23L,0x834cd1fdd9ad0c74L,
-        0xd74ee37682c919daL,0x6569353497696deeL,0xe2615c6e12e9ab53L,
-        0x4be93a40090bbdf3L,0xb811069663437098L,0x0000000000000162L } },
-    /* 33 << 238 */
-    { { 0x3776e68de439b6e6L,0xc11c5cf2a93fec79L,0x18322c456e8cb760L,
-        0x6d23d5923074466cL,0x922635baff1e0ba8L,0xa37b56544de73b12L,
-        0x0767e97a82224c9fL,0xae0f9650044cded8L,0x0000000000000050L },
-      { 0xa0a9a5b35971b232L,0xa1aef7a02da1a761L,0xdf1cfc2c85b63dfeL,
-        0xf91bbb7d5d293c49L,0xcba0ba2a9a832665L,0xe5a1b4c739fd3a27L,
-        0xe647ded0140ed954L,0x6ea2c367f0e619ccL,0x00000000000000dfL } },
-    /* 34 << 238 */
-    { { 0xcdf28f7cb59ac237L,0x2d2fb106ea4e11ccL,0x0c4d36c2120a150bL,
-        0x21adb80a382f0b0eL,0x3559de088dde2c46L,0xf419d3758b9d7854L,
-        0x925741d95bea2eceL,0xe94a66a4372032e0L,0x0000000000000170L },
-      { 0xb34b3fbba5e4a112L,0xf14faedf1303ea36L,0xfd2f1daa22e48527L,
-        0xee04e38138ae2616L,0x4f70a2f74b4262fbL,0x6cdf8c988f9eaf7fL,
-        0x89287d7a67171cc5L,0xbc4f369fa911d65aL,0x00000000000000b4L } },
-    /* 35 << 238 */
-    { { 0xe0b1e01ea1fc8413L,0xd1272c9abbb3e2e1L,0xb79eff0eb97e058eL,
-        0x3e22d38d68027d9cL,0xb8a10d739d6e9ed5L,0x2987ceb003d3a5b1L,
-        0xc039b0fe1d7eb0f8L,0xa40991bc58942c9fL,0x000000000000004bL },
-      { 0x0b8602254bd1a64aL,0xa2a6a556eeeaa4f6L,0x2006573bd5fb4f71L,
-        0x7e2ec04cfcf5eb9fL,0xdded1c6ad3080364L,0xf0eac914ed587661L,
-        0xbbad7d89912701dbL,0x1926f99ed89b48faL,0x00000000000000c1L } },
-    /* 36 << 238 */
-    { { 0x2640b0474717da49L,0x6b303097f0a90682L,0xe3fbb37ba4756b74L,
-        0x084581b1e3f7ea6aL,0x942b168d67a536e8L,0x4cecb7ef8e8e4dbdL,
-        0x48f4b7c0b17164d3L,0x8a464b3a93bfca74L,0x00000000000001ffL },
-      { 0x21f4906f7268ec93L,0xd61c24432acbde61L,0xde475d32d6fa2261L,
-        0xbaae1526a02f45c5L,0x16b2c6b30212c1fdL,0xd6afdfe9fddea6a2L,
-        0x1f8fb94d5daf789dL,0x2f89389b576846a0L,0x00000000000000ffL } },
-    /* 37 << 238 */
-    { { 0x9382f1039bf6e708L,0x17d1164758ef0269L,0xace45ade38ec27d2L,
-        0xcfc559ceb0a356d1L,0xa771069d6edef1e0L,0xc0dc328f753868d8L,
-        0x19a2e784b9621a36L,0x2a959514f8607fa1L,0x000000000000007bL },
-      { 0x2edb1cad55f7e034L,0xb17fb1b8a475236eL,0x06c1cd91ec88e88fL,
-        0x01b3ac7c9b4b4972L,0xb826191aad44bee8L,0x80260416b37c96a9L,
-        0x3ca2a771b7132816L,0xc38c82ad652906e9L,0x00000000000001edL } },
-    /* 38 << 238 */
-    { { 0xec3a61c2762601e9L,0x4b70960158620f6dL,0xa4d1de2b8cb3717dL,
-        0x926fc94297198836L,0xa3b5a26b93c6aeffL,0xc6f933c6ee4999ffL,
-        0xf2fc0ac93b15ac85L,0x645c919b43ced35dL,0x00000000000001d9L },
-      { 0x543749ecccb952e0L,0xa05917794fd35411L,0xaf499a4fecd3e486L,
-        0x3a78d1f489b19c12L,0xe110f2333129acbcL,0x13e4941b73ea2d43L,
-        0xed5c7b9f61892b8cL,0x9cbe3ebf9fd89b47L,0x0000000000000092L } },
-    /* 39 << 238 */
-    { { 0x5abb2e1f0648f550L,0x6f964c0a58d46cc3L,0x568ceb9058852020L,
-        0xe01f9481e794a871L,0xe5687af6d5c440dcL,0xd88b9baa6ed0bf7dL,
-        0x8730befb073a24f1L,0x950d38f59614bd97L,0x00000000000000d5L },
-      { 0x49e471eba5517b5bL,0x1fdc6a0f9ba2bb7eL,0x9e3baa4d4a47f403L,
-        0x96ba18b57bbc5ccbL,0x570a28b31bbd2780L,0xbf948e37002edc95L,
-        0x6a92422b11a4eca3L,0x00a21cb769b7b1c1L,0x00000000000001e8L } },
-    /* 40 << 238 */
-    { { 0xff9f5e5ed7c958a0L,0x99585b2f434a426dL,0x07b475a96db1ed0eL,
-        0x1ea7f5d7a973929cL,0xb4006a0b7bbc180bL,0xa86f75d4925bfaa9L,
-        0xf986de1075c8a7e3L,0x43e74f08f25ae706L,0x0000000000000088L },
-      { 0x4ffd5c105068acf5L,0x6ffd7eb6063d53ccL,0xe899d17938343cb5L,
-        0x9451a0150a3df7beL,0x8a581525a24b1528L,0xe5dfdb1b67a03545L,
-        0x715d2b87caaa5064L,0xae4594ce0ea125baL,0x00000000000000c5L } },
-    /* 41 << 238 */
-    { { 0x3d8b52ea7a44f134L,0x9831076a6478318dL,0xc343c2e93314ea42L,
-        0xce35d8739724b677L,0x4f9c688b8f14677dL,0xc7c080a58d1bc77fL,
-        0x512359ab2b8053a1L,0x5bcae66250c3b651L,0x00000000000000aaL },
-      { 0xc82f3a8769afbb4aL,0xb073c1da2d601213L,0x68d6cf6518ce0d09L,
-        0x620f23a591c7fb05L,0x938c96dc6d56e8edL,0x966e1f705007a705L,
-        0x3e4a940a2db66d9bL,0xac446031d466e3ccL,0x0000000000000026L } },
-    /* 42 << 238 */
-    { { 0x87aa2f8da0cc66f1L,0xcf4b9975e899fbf0L,0x45cc21ef33edf673L,
-        0x7005319b091438f1L,0xc1e62e05fd50eaacL,0xe49ef8a210d2041dL,
-        0xf49778b07531821dL,0x8390c7378c684a3dL,0x000000000000012bL },
-      { 0x435518173d6cf7afL,0xc011d17b97f2560fL,0xd222f97d5c29d8b3L,
-        0x5a9ffa8ccce3a4e6L,0x9271c90c8587b8ccL,0x73277e5099870509L,
-        0xe004a07eeca76a93L,0xff9a8582086c9530L,0x0000000000000115L } },
-    /* 43 << 238 */
-    { { 0xb04a4b529d47f4d6L,0xa1c4d096aee9c324L,0x98e9d57517076ad9L,
-        0xea9ab91c22dea26cL,0x58e4d80a64a5ea57L,0x2ec9a6e0dcb2a76fL,
-        0xd05f78756a1249a1L,0x0cb424f2ba719843L,0x00000000000001c8L },
-      { 0x20832c3e5f3b404eL,0x033963e7451b36cbL,0x74046f923cc7d7f7L,
-        0xdfe2ad55c47171c1L,0xe7fd701821fb7d83L,0x7bb4722bf8319c2fL,
-        0x1b7cb3224986e88cL,0x7ab64a64a9ab0760L,0x00000000000000bcL } },
-    /* 44 << 238 */
-    { { 0xaa0898403516e4d9L,0xdfbb159afba094abL,0xdcb895e26bb49ebfL,
-        0x7a7b572756cf3c64L,0x52861b3c38c7bc1dL,0x7c34176c27352c7bL,
-        0x5b3cc2177d33ae38L,0x4a2083698c494a63L,0x000000000000002eL },
-      { 0xd32926625f514fadL,0x5dee99706020b420L,0x8aff8c84fdae8486L,
-        0xfdc0ee6551e60c42L,0x564287bd236681daL,0x6da3e12ecaa82af6L,
-        0x6d17c67ce1efbe58L,0xa0334020ccc6c519L,0x000000000000006aL } },
-    /* 45 << 238 */
-    { { 0xea94c88e4fe1d344L,0x0a08e3ce5bb17e77L,0xfa1bfe20b9b51a79L,
-        0x8d455cf8fb324d32L,0xe58f0de564d6dc3fL,0x01e80692f396b39aL,
-        0x86a1250628441338L,0xa81733dd8e134355L,0x00000000000001e3L },
-      { 0xb5952292228e3d82L,0x3582cb17e1eb802bL,0x84129ab6accfd9feL,
-        0xd3cbf4eca3db67b7L,0x5dfcb4576325750dL,0x638916ed9030a81fL,
-        0xa26d196d5d39a3b3L,0x26d30fec1b8864fdL,0x0000000000000124L } },
-    /* 46 << 238 */
-    { { 0x6c72d4108c03da42L,0x3b05e597d8d0e71eL,0x947e55e37b5f1e9dL,
-        0x3c899ff708629865L,0xffbb711ddaaa3d57L,0xb888cf7bedecbe75L,
-        0xd7b6bd46961d1f1eL,0xda9a7125dc451900L,0x0000000000000121L },
-      { 0x683d251ae65785ccL,0xd00439685a2422c2L,0x6d4668e5d36c1417L,
-        0xe8df49820c580ec5L,0x80f79552b28680aeL,0x4e777d7eab114520L,
-        0x67995b1ae5b2f6b7L,0xddedce535855291cL,0x0000000000000064L } },
-    /* 47 << 238 */
-    { { 0x219101904aeb5bb1L,0x3e9a204ae5de24ffL,0xe8ec4721ae3b23c7L,
-        0x1e87147a6dc89b75L,0x13ca53950d19680dL,0xf1352672920c68b0L,
-        0xc6cc77db4ad11314L,0x78d984df75daeeeaL,0x0000000000000186L },
-      { 0x6cad576e442cc089L,0x74bd0f59409ad43fL,0xfb0ec10fcd1f82dfL,
-        0x6b46a052bf822010L,0x90658aa13d6c9741L,0xa56000a1d91bb102L,
-        0x7c8e2b47f0edb777L,0xc0607199447fdf10L,0x00000000000000faL } },
-    /* 48 << 238 */
-    { { 0x0609a97b58033238L,0x5b9678b1d40689e9L,0x4ecd26c3986c40f7L,
-        0x7a6083dc2002e8ffL,0x73fd1d708b769797L,0x0fa7df7924e06e55L,
-        0xfa7254f8d49b9efdL,0x742ad69df862350fL,0x00000000000000b1L },
-      { 0x78e2366a314a07f3L,0xd0ecaebdaa487012L,0xfb13a82507fd4b1bL,
-        0x6ee4483aec0c854aL,0x0e7d617e72fd006eL,0x0cdfec5b291b4018L,
-        0x2b9fa205f66cca32L,0x261f67f6149d20deL,0x0000000000000075L } },
-    /* 49 << 238 */
-    { { 0x664c27d0a20d557aL,0x896b2675f0744080L,0x8beaf01afc5af408L,
-        0x40ffc5cd38622d77L,0xc43885d4a2528371L,0x81e1f6745b02e290L,
-        0x4916d18799d1631bL,0xb223123e8dd86517L,0x000000000000009dL },
-      { 0x40d9d05f2fb7c4aaL,0xe40e4753a50abfbfL,0xf850526214078e53L,
-        0x5e24344182804fa8L,0x7915bb4726da0a8fL,0xb2c6b557779d3504L,
-        0x04e9ded5050e4e95L,0x9e99a2bb5f476a78L,0x000000000000006bL } },
-    /* 50 << 238 */
-    { { 0x6c34a56a6ea0b1cdL,0xc71325505a787710L,0x7b88ee97e9a5ea07L,
-        0xe74726638239f9a0L,0x4d37a6dde17258d3L,0x15bae9319708c6bbL,
-        0xc174958fbbc04aa0L,0x7625733b86528ebdL,0x00000000000001efL },
-      { 0xafb5465248095b06L,0xc1c05fafd067b459L,0xa6ad20025bc1a76aL,
-        0xaa096c10cd725a94L,0xd37e975f282785d6L,0x2ab89b9ff67d3a9fL,
-        0x5d6f3ed7b7b6e4c2L,0x04ff41ca29502853L,0x000000000000005dL } },
-    /* 51 << 238 */
-    { { 0xc888d1d441ece6c0L,0x26df9e1bbfeb1062L,0x0b4ddd821bb94aa4L,
-        0x71efd8d119ffddd7L,0x9b3998224e47d498L,0x59872b31aa653dcaL,
-        0x759a84fb2712e2c9L,0x398af98399e74778L,0x000000000000007aL },
-      { 0x35ebaf9392c7b6c2L,0x8bacd47278141bd8L,0xd60364f09c53d1e9L,
-        0x790e9dcba27a7a57L,0xb5e554f8991e40b3L,0xc7f3ce27da7a13f5L,
-        0xfb65dc3926398b00L,0x2c6cb9b8229dca96L,0x0000000000000036L } },
-    /* 52 << 238 */
-    { { 0x46d6266d92756c0eL,0x3164f6a8305e1611L,0x65dfea3d613b00c0L,
-        0x75ea9ab9571828a5L,0x5184dc138be872a9L,0x8c59c14192347d22L,
-        0x96b331914baa4678L,0x0d34cc5a2ae17a1bL,0x000000000000000dL },
-      { 0xc05c3c516fcb342dL,0xb36a7efb677d6ea3L,0x016811b2a8067b2bL,
-        0xffff97f94822fa85L,0xfc646b5145883bb0L,0x56c40d49c28d61dbL,
-        0x91be8847eadd1593L,0xecf0a8f5128d8ad9L,0x000000000000002bL } },
-    /* 53 << 238 */
-    { { 0xe276b588d7262b3fL,0xa64b1324064fc6ddL,0xf82cb69a9cd02e25L,
-        0xf399f6f385ba9d89L,0x3903c34dc52f03e2L,0x91d41630888c7aa6L,
-        0x0402b6f8cc39ea02L,0xfda829d4f8c6dce9L,0x000000000000015eL },
-      { 0xba3c550fb2f9160cL,0xc4ef6745e2ad5099L,0x528d3a72cba7c269L,
-        0x38e13dec67106a10L,0xff878c2e05687e58L,0xa6f53fec246e5459L,
-        0x4f30e0c2f126c843L,0x4d3dedcbbdfc0320L,0x0000000000000131L } },
-    /* 54 << 238 */
-    { { 0x897294e8dbf874eeL,0x84ec352267d9abddL,0xacb0e94b830bb2fdL,
-        0xe4e81bd945db3a07L,0xfb029eaa52e22815L,0x920edf272170ad75L,
-        0x4ebb3c5001e13530L,0x01db6df29b62da53L,0x0000000000000096L },
-      { 0x555a5a6823815d09L,0xc3c7463a59449b21L,0xebfe5fcc964b5b8bL,
-        0x1683e495c2076735L,0x361c14526e18bdb3L,0x14496fa3aa0ef3fdL,
-        0xdd45b105a48eee14L,0x91cc21d205ac61dbL,0x00000000000001d6L } },
-    /* 55 << 238 */
-    { { 0xb539df1f919748f9L,0x942df28d9ab585efL,0x22d555d147e56084L,
-        0xdee5bf1a34baa8ddL,0xe9eef1adca2d8eb5L,0x78505f54b404690aL,
-        0xe4d77116b87f8bd2L,0xae4949dbdcee6b7cL,0x0000000000000177L },
-      { 0xb6861e9ac81fd641L,0x113403993596b4c9L,0x588dcca1444a7b1cL,
-        0x573e6b83df0cc0d5L,0x429e5ae8d6610ceeL,0x060d9bb429bd62d5L,
-        0x1337eefec513318aL,0x5c3cda2664cc2019L,0x0000000000000081L } },
-    /* 56 << 238 */
-    { { 0x436121db4291d3c6L,0xdb32e56791d00413L,0x17e048dfd571849fL,
-        0xcadf80d09d174b7aL,0x504fcd8cf3a16f6dL,0x0bca040b55a79e74L,
-        0xae5e562a9dd8e72cL,0xa2ad35266d83c58fL,0x000000000000001cL },
-      { 0x68cc0e2f8be48c08L,0xa4cf89f3a957cc18L,0x7ee580a6720e8f3aL,
-        0xd45347c5ce9222edL,0x2043ba4b964685a9L,0x8a59c2fd1ad8acb9L,
-        0xb2ab5a3fa3a1fb58L,0x6f0d28c3e7a7befeL,0x0000000000000060L } },
-    /* 57 << 238 */
-    { { 0x02c32597e24f4558L,0x6b8cd177f3b8d3e7L,0x51fac672365fb517L,
-        0x5553c4053855aaf3L,0xfa6c278a2250753aL,0x5c1b7cbccd07fcbbL,
-        0x84300435520e2f45L,0x4913a52b00bf3f6aL,0x00000000000001a0L },
-      { 0x438a1803fb3388e2L,0xa15ebc4ec2b44780L,0xa830255c9087838aL,
-        0xb7e6abf7884847d1L,0xf31fc86eaba507f4L,0x72009f406675e50fL,
-        0xadacd3a574ec178aL,0xd6d36127afba1b1cL,0x00000000000001d1L } },
-    /* 58 << 238 */
-    { { 0x768d163a3a14efdaL,0xa080b14468d84579L,0xd477061fdb39ae5fL,
-        0xbfea91ebc229bda7L,0xe28c79fa07f1e026L,0x0a0fb62d143ffd3eL,
-        0x41b2fbc3a2ac222bL,0x184753613ba365f9L,0x00000000000000f6L },
-      { 0x70329a2a27d288b5L,0x02abc5a928617e54L,0x14f646bfa0ba713dL,
-        0xf5b3652fb5d28656L,0xe0841164ce97deccL,0x0aa84aa74b63dcf6L,
-        0x59613768715e4e05L,0x23d572c0c884e71cL,0x00000000000000adL } },
-    /* 59 << 238 */
-    { { 0xbff79e46c5aae205L,0x4c77219362eb2de7L,0xa6d723f0b383be53L,
-        0xc2f26458e641839bL,0xfcf6980d5442a5ecL,0xc755fd48bfc3bddbL,
-        0x7a1a100b9504bc93L,0x8864ef9fedf3f45aL,0x00000000000001dcL },
-      { 0x58dd0f0e5a20814fL,0x52770e9bee9ed846L,0x64c23fef02e82a1aL,
-        0x4fbca3bc96d16619L,0x547101a099489c36L,0x92869dbbaffda8d9L,
-        0x28fe8e2924c28bf1L,0xa859941e8b9885bbL,0x00000000000001e7L } },
-    /* 60 << 238 */
-    { { 0x33ccf08de10db8f5L,0xe481ea75d2b4cba5L,0x8db73d5bee9cdb6fL,
-        0x5d11d992b5c523baL,0xe9d79978d11b927bL,0x61be8fc17a355c88L,
-        0x5c31c7a65a062e74L,0x2aff5a1117a4a844L,0x0000000000000061L },
-      { 0x9f5386773c9f31b4L,0x7f7681c7766dfcb0L,0x1d759dd9cb41b746L,
-        0x1842ce5a3df8b332L,0xd6650a1d46cf5438L,0x3afad154d8e57a31L,
-        0x72df5ed3c779ec95L,0xa9f04f62733f1f9aL,0x0000000000000072L } },
-    /* 61 << 238 */
-    { { 0xa4c9bad76cd25119L,0x0893c15c677a2ff2L,0xd4c74a285fa5309cL,
-        0x811ace597343a331L,0xb4a1a3738b5d30f1L,0x2d2b14a4650fba78L,
-        0xf38fc6d263c2365fL,0xc7ab7a5135ada1beL,0x0000000000000021L },
-      { 0x24c8de56b90ba651L,0x47e5107fc3a16ea7L,0x48d7396e8d859e56L,
-        0xd9eef922d1c2b3d0L,0xf7d7c0fa24267a36L,0xc1b416e77f92ade4L,
-        0x88ae119ef0634ab6L,0xe2c4fb17dc882f42L,0x00000000000000f7L } },
-    /* 62 << 238 */
-    { { 0x5678bea8848f8152L,0x09edf78a2db8f5f7L,0x577354a80e7a5101L,
-        0xde84b145d55f3d58L,0x6ce8a6e52f8a88c3L,0xab0c3fd1f9ac5318L,
-        0x163316926681788dL,0x4e1eba4bb9aac85eL,0x00000000000000afL },
-      { 0xaf37fba2668c4bf9L,0x5916958ee908dc73L,0x3b15e5e0d1351d09L,
-        0xcd0e3ea56388db27L,0x37a3364b5ddebef5L,0xf881e32c12e18700L,
-        0xd52db48980d36881L,0x67630057f5db73f9L,0x0000000000000094L } },
-    /* 63 << 238 */
-    { { 0x1574e5fe8e01c90eL,0x9a04e874681401adL,0x29186da48992dd9dL,
-        0x2625bf89f6a91151L,0x7292c99664fb81e6L,0xdb4e7747f161c777L,
-        0x21977978208c9469L,0xa25997d421d3699eL,0x00000000000000ecL },
-      { 0x3546a978ddd52ddbL,0x9242e4d42d7cf82fL,0x1080e50bb80f359aL,
-        0x70bb06fc98035b62L,0xf1ea6ee2098bbe60L,0x0e5cc73d8ba58df8L,
-        0x383ef670e8608307L,0xfdeaac2ef5e05b50L,0x0000000000000064L } },
-    /* 64 << 238 */
-    { { 0xdd9166282d3d7641L,0x99029e9b39c02ceeL,0xce03fac9b6de7881L,
-        0xc2cd0f784f66ebbcL,0xe391948364c83e37L,0xfc853cb8fd7bb155L,
-        0xa5a99b24432314ccL,0xef0b7ed0133b2709L,0x00000000000001d0L },
-      { 0xe4c4d8a054de3ecbL,0xe2f88ac25f8cb5ceL,0x17a4e60d68eb11a2L,
-        0x6d0e05fb3b79619aL,0xa54874b7d5da75efL,0x18c2b1b3c77f6ac1L,
-        0x5a2a6fdd829736c3L,0x9ce62f22cd44843bL,0x0000000000000059L } },
-    /* 0 << 245 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 245 */
-    { { 0xc3e525d2afd7c4f7L,0xc11fd457ae2b9475L,0x6cf55e765d48ead5L,
-        0xf9546fe48f93eb95L,0x3e3712a75e124ba8L,0xcb71caafcf7a3e81L,
-        0x512060172f3d629dL,0xe226fe2dbab1761cL,0x0000000000000079L },
-      { 0xbb618c7bf963a03aL,0x2fd9211cd55e0ab2L,0x25be6c8a20dfe924L,
-        0x40f5ff09135b7156L,0x7770ba4af706b788L,0x5a2146e0dc114357L,
-        0x48f25eda54b6fae3L,0x5adc7aa519ead5c4L,0x00000000000001e3L } },
-    /* 2 << 245 */
-    { { 0x21e292cb67355505L,0x7cdf9c24e192a20dL,0x07228775f6753eecL,
-        0xcd83121b93217c7fL,0xf6e99141ad41ce70L,0x2214296a41a8ec10L,
-        0xcdf7237b0200ddb1L,0xe2d943f5c7ca562dL,0x0000000000000056L },
-      { 0x9f743d7c9627a12eL,0x33ff2e7e31099d8aL,0x3c9e84d12a07248aL,
-        0x9cbc405a6136b3f7L,0xb131c000970be1e5L,0xea9c160b84162e6bL,
-        0x1c54fe695ba3f7a9L,0xd5a98fdcd51b962fL,0x000000000000015dL } },
-    /* 3 << 245 */
-    { { 0xd01bfb1f891d513fL,0xacf22e961375d0d4L,0x6f5c76f9d43c24f1L,
-        0xa220f50707a66e1eL,0xa0b91c2af227b93eL,0xefe049868fc8f377L,
-        0x58482184fbf6c7cfL,0xb224b543cab58946L,0x0000000000000094L },
-      { 0xe07e7d7914855341L,0x68881fb60a675863L,0x4083d236b9736e0fL,
-        0xec6ce43102dac8a4L,0xb0477cf188891340L,0x67c0cc0512cd1f4fL,
-        0xf3101c296f7b5340L,0x60f49d6d1e980837L,0x0000000000000116L } },
-    /* 4 << 245 */
-    { { 0x3cd54b988ffa8932L,0x73a8c09947855c60L,0x5272d16b3ecc6b44L,
-        0x7cf96927b4e83ce5L,0x08af41c8a3908edeL,0x98de920a73495d2bL,
-        0x6ddc94e1be247419L,0x0936e34f5e3e7c96L,0x00000000000000acL },
-      { 0xf3b1a1aa9d269d4bL,0xb20aff071103e749L,0x9a43c7a4632098aeL,
-        0x221c12cbf450a9eeL,0xf04a8e7c7f773a12L,0x427a8cccb2ad0ee7L,
-        0x93f7ee9dc0b2a786L,0x6592bb0089bbc18dL,0x00000000000000fdL } },
-    /* 5 << 245 */
-    { { 0x8f1c77f7a9e8cde3L,0xeb057a9562fd5799L,0x8428a885dbee1bc1L,
-        0xaf8c03c38acd2865L,0xd5c2c0039061a6feL,0x4daad9cad2016bd3L,
-        0xf698f86cd10ce994L,0x5da25e28b620fd65L,0x000000000000007cL },
-      { 0xe3162c8fff2198a7L,0x60b05d1f9084af55L,0x64ecff3c74ccc32dL,
-        0xadde221a29f6e28aL,0xd6d98db85f2a1653L,0xb661bb0b597a14a9L,
-        0xbaa4d0b80bf62ea4L,0x60b8da55e7feeacfL,0x0000000000000118L } },
-    /* 6 << 245 */
-    { { 0xf760f828ebf01d55L,0xd9e13bb2143c38d6L,0xdd69a7832620bb25L,
-        0x6d16106459a570bfL,0xda4ed76759a7c1a7L,0x5b07d2a0a22ce561L,
-        0x2d1614b0616ba6a2L,0xc2c99b092013b7b5L,0x00000000000000f6L },
-      { 0x532f835b6606eb53L,0x11e4eb8cd0fca568L,0x3d12bcb83abd1c3bL,
-        0x293651b7eeebaabbL,0xe49cf58535da243eL,0xf0377e4414e175c4L,
-        0x12a1f99f39a28cfcL,0x5b3c4c81c02ecdf6L,0x00000000000000bbL } },
-    /* 7 << 245 */
-    { { 0x6670d91e241fce4cL,0xeff7977950cec570L,0xcbdafc5ecfa2eafaL,
-        0xa40c09e53265b4a2L,0xc4fb20c0fb68c280L,0xdd0b12e9bb2e6910L,
-        0x31437bff0f2bc13aL,0xa92209d7493eae11L,0x0000000000000124L },
-      { 0x0dfa947c893d23e1L,0xed7f8f9c103e6b81L,0x2dd62ed73002e4c1L,
-        0x6ddda0871f9973e2L,0xb79ed2773b014d60L,0x12fbda2fe51b686aL,
-        0xac9c34b6911b0e3bL,0x6fa28f425f117d64L,0x0000000000000106L } },
-    /* 8 << 245 */
-    { { 0x1ebc5309b6bf5ec4L,0x29ca5ba73a92ba16L,0xbdb1bce470839c14L,
-        0x963fd369de1f966cL,0x208fdc754faba5b7L,0x2f1ea65a678fc163L,
-        0x792fa255a773bbc5L,0x752a08fab22a653bL,0x000000000000008fL },
-      { 0x096aff662e58f405L,0xee92b17dd6658910L,0x65792cb3d33b5b5aL,
-        0xfa503f215678f269L,0x4e2757c8efdffc67L,0xbe46a6f1665347f5L,
-        0xd049a1586d9773e7L,0x9555b002b0a28ac5L,0x0000000000000145L } },
-    /* 9 << 245 */
-    { { 0xa7c17d0350b289b1L,0xe3a9a8a3443f567bL,0x9c99bd6ac3e63db0L,
-        0xcf6a4c889362bf69L,0xbba95ac8927e459cL,0xb80f52a8dd937105L,
-        0xc518fc9b74c7d215L,0x8fed53990bae5104L,0x00000000000001ccL },
-      { 0x2389f46b189ab2bdL,0xf139d7af7d235907L,0x9aca655892901705L,
-        0xbdcdd09046ee4c1bL,0x0a0a655db42f41a5L,0x284d525ace537427L,
-        0x18dd8dea58dd7840L,0x379387c05ca95c31L,0x0000000000000040L } },
-    /* 10 << 245 */
-    { { 0x239fc64e9727b936L,0x1de0020395de5e1aL,0x219a07de1a43157dL,
-        0x2f427b59cdcec250L,0x557502cb4c36c8b8L,0x537492cd37e0f19fL,
-        0xe3d2dfb34d57d9a8L,0x48ef0bf3324ed81eL,0x00000000000000dcL },
-      { 0x9315dbc85a1538b2L,0x0591ee6e61aa41f9L,0x0c0c5fc2151dbb76L,
-        0x651f06aff4c47091L,0x89a2c2611a1f91b5L,0x6fe23d1b6d668c27L,
-        0xf8dc9ee1aec2fdebL,0xe253b8d8cc0d69afL,0x00000000000000bdL } },
-    /* 11 << 245 */
-    { { 0x9eccc0619669ebc7L,0x7bf661a6126d010aL,0xe72acef27390cab5L,
-        0xe4a7f348dffd3e7aL,0x3e37551fb1e12c74L,0x53e9e142887a122aL,
-        0xb0209d65daf5f134L,0xcff03a74033bfc15L,0x000000000000011dL },
-      { 0x3a133010d1f95cedL,0xdec6cfb744c85df0L,0x31308eafa9e486feL,
-        0x454ed725f49d5ed4L,0x4a3e969ce6dd4580L,0x6feab60dd7bb11baL,
-        0x9cd05773f075d873L,0x010563d04c9c43e6L,0x00000000000001f2L } },
-    /* 12 << 245 */
-    { { 0xfba8a8a05b07b574L,0x936590094fae646eL,0xdf8077f4446c60c1L,
-        0xb7680afc92fd0bc0L,0x1306288acacfb628L,0x674a6a5a74ed5a73L,
-        0x75a261a6d68d0dd6L,0xa583ee269868f3d7L,0x00000000000000ceL },
-      { 0x62c16e2068186114L,0x2403de3e993c15efL,0x1a539413fcfda8e5L,
-        0x97f7f8afd65a7fc5L,0x72fcd1fd33fff67cL,0x83b84ac442b4cdceL,
-        0x8b56062c4f14b831L,0xe29d467a09559420L,0x000000000000015dL } },
-    /* 13 << 245 */
-    { { 0xcfd36b8773920568L,0x199605c3bd6b45d1L,0x3d17e798231be8deL,
-        0x93901889a9b26b26L,0x922f8d5d101ebf1aL,0xdcb7b7b5e9748c52L,
-        0x87e18bc1250b67efL,0x1e23453034bdfc23L,0x000000000000016eL },
-      { 0x604df42a18efccdeL,0xfa49291cf9a7eb84L,0x1685a7f7495c62acL,
-        0x58a272e26b469c70L,0x7fea89e721cc23beL,0xa979783e76435dfaL,
-        0xe993c6cff9404884L,0xb653fe56934876d1L,0x0000000000000079L } },
-    /* 14 << 245 */
-    { { 0xe586141f43c118d1L,0x0d76256cbe65c263L,0x8f0413fd8fb5ce5aL,
-        0x451d3b65c1f76b2bL,0xf9a2ed094e7dd6faL,0x538af492d1e10a14L,
-        0xb8e78de206963767L,0x59887d285b003a25L,0x00000000000001b5L },
-      { 0xc9b05b2112b423aeL,0x6df1631e64549910L,0x1eea65ded96c323bL,
-        0x6d740f2bfd188fb9L,0x73b45366ed093cd7L,0x987a12abdcd33ed0L,
-        0x5807600262ef953cL,0x58db0e16370b300dL,0x000000000000012dL } },
-    /* 15 << 245 */
-    { { 0x9fbc14aadc38ead1L,0xb9f7df7f1a362565L,0x0745197f6a333aefL,
-        0x73dccd67666cc110L,0x8f3f2dff9fd92535L,0x7e7180ccf014a6eaL,
-        0x59028fc434220f3cL,0x92c45cc3fcf7431aL,0x00000000000000e3L },
-      { 0x8b17b3e2eb8c17e2L,0x2b02cf29251a6593L,0x415193432efcf7e8L,
-        0x359e00a1d098ec6eL,0x25f8934e771d7b65L,0xb51d511b14852dbeL,
-        0x36c3fe357bd243eeL,0x36a7b1f3424f4d55L,0x000000000000012eL } },
-    /* 16 << 245 */
-    { { 0xb09a3e8b160e37a4L,0x8ed9ac0627db36b6L,0xecf1838a99cbfcbeL,
-        0xb12c94da28b4ee00L,0xd0841818c5f1fdc4L,0xc43e50b2bee0adf4L,
-        0x19f3f05b122324c6L,0x796bac65988338bbL,0x00000000000001e3L },
-      { 0xf211af1ab50f7626L,0xdecf7989ca2f6779L,0xcbba6b74e1ecbba1L,
-        0x73f60e835e5fb261L,0x3eebd6890629dd5dL,0x8906a06e05fba7eeL,
-        0x7a23d83a58152375L,0x0f4b9b2de9f1d23dL,0x0000000000000009L } },
-    /* 17 << 245 */
-    { { 0x6ce126e4d85698daL,0xf003860ccf075ef6L,0x94424096d5716919L,
-        0xb0087ff76be87caaL,0xbc01f71788808904L,0xcdcb3e3812c3e361L,
-        0x66f47afef1ea9907L,0x2ff5843cd4fd5d8cL,0x000000000000005dL },
-      { 0x75de692e3ba79e08L,0xc49213b6aa146821L,0x61e443642707efa7L,
-        0x2fd64e12f5923cdeL,0xe51ec2ec37fea533L,0x03d72d4d2b36407eL,
-        0x6b84a2abe430e4e0L,0x1a1435c7bb4cafc2L,0x0000000000000028L } },
-    /* 18 << 245 */
-    { { 0x109514806348bb81L,0x58ae664bb1393e25L,0x206c4681f3ace22dL,
-        0x5984dabba050e142L,0xe1505d6e42ded28eL,0xfe2d93213e9a8afbL,
-        0x93770eed1a368d4eL,0xd3341598faa53c5eL,0x0000000000000136L },
-      { 0xf6818bc6a2785e49L,0x4cead604627405ccL,0xfcf4a9e7f9aa0a7cL,
-        0x8edff908798642c5L,0x34760c98e4554131L,0xb0849ed68b48863bL,
-        0xe5ed18d214caa88fL,0x556aff0a0cf7a0e4L,0x000000000000002eL } },
-    /* 19 << 245 */
-    { { 0x8cfd5c7326c01d7eL,0xce0dd0049cc28137L,0x7bdb6939b057fe81L,
-        0xf5655f1d1a601839L,0x700651ddc4d38ed8L,0x4715da6ad0c0338cL,
-        0x7c55a32fbe60326dL,0x30b13a3e98b89aa3L,0x0000000000000038L },
-      { 0x557d7dd83a5be149L,0x102ac658be542331L,0x66ff48f819017e3cL,
-        0x27a63afe85e0ba4aL,0x432a65afa1825871L,0xd6468f214e9d0950L,
-        0x096b0aeda4e2a365L,0xdb22f9adc561a95cL,0x0000000000000046L } },
-    /* 20 << 245 */
-    { { 0xa85ed91b7adf4067L,0x5b954f9965cacc6bL,0xb7da20a12f4aa0c3L,
-        0x23a0819e1862e363L,0x6c89e6eef4277b93L,0x49352790f3cbf94eL,
-        0x05e6e05515eeb890L,0x36ead153d2477c80L,0x0000000000000152L },
-      { 0x8ff423f9e980c969L,0xc70c24c96aeda7ddL,0xd2de4028b39df2f6L,
-        0x39a559b5f10f8f9bL,0x63fd365c5f8db29cL,0xed98f7141e8cd83bL,
-        0x1a8436d2a9f2a6f0L,0x089cf3ce58244f99L,0x00000000000000eeL } },
-    /* 21 << 245 */
-    { { 0xa9fd702dd495b62dL,0x766d1e6148af0c7cL,0x47f352707278e7c5L,
-        0x2aa27ecc84042027L,0x52159d31712a50d9L,0x180d507f699ec99eL,
-        0xe39fe323c1243d21L,0x7401559b0f3447e1L,0x0000000000000004L },
-      { 0xe920ac3e65cb715bL,0xd8cb492cf07c740fL,0x833b8edbf1d5efc0L,
-        0x43948f5714286a01L,0x935934879d912791L,0xb5a2432fb3767c2cL,
-        0xe21bc65688710c3dL,0x1a221b9a8df3f76aL,0x0000000000000077L } },
-    /* 22 << 245 */
-    { { 0x387b2584b1906296L,0x8584a570a0a5329bL,0xb0661a62c81806c4L,
-        0x5ad2e7599a819368L,0xd0ba7b8c1935cf34L,0x9333ac71b650c085L,
-        0x8c44bf98270788e5L,0xa1cab6f9e489817cL,0x00000000000001a9L },
-      { 0x44b0c84dda4fcce7L,0xe0dc701408d74a53L,0x29f3c3aaf88d0826L,
-        0xc605de2dd59e82c3L,0x5a98c98fc992079dL,0x356000aaded5509cL,
-        0x4574e63a9a00a60fL,0x02d48eb1e09e5c5dL,0x000000000000000eL } },
-    /* 23 << 245 */
-    { { 0x97d1f1180b0ff62fL,0xfa0770e729e1d0f6L,0xca7267da66d367dbL,
-        0x5b45034eddb1fdd8L,0xb3c238531ac7f4bdL,0xa4b9b677a12063dbL,
-        0xfc210b01c13ec6ecL,0x08dbbba6a89a2e69L,0x000000000000003fL },
-      { 0xe4ea8bbb6db96407L,0xfbbdda3e4fc2c9b8L,0xd18a140e6d2779d3L,
-        0x61cd8ce8845b983cL,0x6761497b8625b6adL,0xd2cb01c2f6ed8b35L,
-        0xddb4236ebbd0de0bL,0x5b9f0f78c73e54a0L,0x0000000000000097L } },
-    /* 24 << 245 */
-    { { 0x353ae6fd77b9aba6L,0xbaab19af013f3158L,0x14d0564c7b9b7aaaL,
-        0xe591b96a2d9ff473L,0x327e3fb873f46109L,0x61c0191e6be11242L,
-        0x9696f1bd6345cf6dL,0x3dd87573684c060bL,0x0000000000000058L },
-      { 0xdab49ba0285a6ddeL,0x7d66e2c3075ea1c1L,0x721973502d8ce1f9L,
-        0x5e64c366ae730c53L,0x17154d6dd30475e5L,0x14153f7a3341d88bL,
-        0x711dfab66235304eL,0x0e010897bd4533fcL,0x0000000000000177L } },
-    /* 25 << 245 */
-    { { 0x90afab7861c062deL,0x085ac4c2aae92dfaL,0xcdd94ace38f3885aL,
-        0x6c65b82d47a3478dL,0x66eee2c9f6eaaf3aL,0xe8a38973dc89840fL,
-        0xd2521b00921f59d0L,0xbda51f4f1181d481L,0x00000000000000e5L },
-      { 0xe3827db66a211907L,0xf410b7cc6515551dL,0x09bbd3d40a46f1f2L,
-        0xdaad1c9c2e0d139eL,0x54b99d040d9c10adL,0x9f1f110e278404afL,
-        0x29de72bad41fbe0aL,0x6f428ceb3c27e332L,0x000000000000002cL } },
-    /* 26 << 245 */
-    { { 0x76f0baf9f438a35fL,0xfa3966c30e5c85e7L,0x665a4870128d42bcL,
-        0x8d58fb6289898e12L,0x9626f184d06176ebL,0xe88973ea03d85e8dL,
-        0xbb142568436dda00L,0x712753b8eda9d061L,0x00000000000000baL },
-      { 0x8b191872ecfb2bb2L,0xe7642ce7114331a6L,0xd94e89fb7b3f2f87L,
-        0xdb4f769e3ed434edL,0x8c523d17a03c029eL,0x3d8653b866bb80baL,
-        0xed8721cc07b5bee5L,0xd64141c9844de9a9L,0x0000000000000140L } },
-    /* 27 << 245 */
-    { { 0x1181f23436682974L,0x63798602dccc4ea9L,0x80305e1d99b2ec36L,
-        0x274a84d12b53add6L,0xf45a7bce6bc50022L,0x7d855ff90f7d22c4L,
-        0x5ff789e9d60e96d8L,0xc84f80d186a8a1fbL,0x0000000000000087L },
-      { 0x49754d1d801c8558L,0xd27f7b211e49e2c3L,0xd93d0ac5d01e947bL,
-        0xf581f071a6785e70L,0xe2049e7954584369L,0x300d73a40f8c465dL,
-        0xaa7f684546083b76L,0x9f6345f0a50d63b6L,0x00000000000000c0L } },
-    /* 28 << 245 */
-    { { 0x6d8d90ccac308a80L,0x862fae36c3f7e859L,0x9bf414eea742e940L,
-        0x4ddc964c49029fb4L,0x39750fc64a18bf6eL,0xf8942dee1635f7d1L,
-        0x93e9fc2d8da2b6c8L,0xd42be164a18d4d86L,0x00000000000001b9L },
-      { 0xc831040e0d6c2213L,0x15f8e86f52d9e6dcL,0xcb79a0d697616828L,
-        0x7953d51dae14208cL,0x6a92f51122ec1792L,0x560d3bf6a8891fdbL,
-        0x418b3565a7acd242L,0x523a75944f8e5129L,0x00000000000001f8L } },
-    /* 29 << 245 */
-    { { 0x503e9a04849613c3L,0xdfe7b77ff0d7e56cL,0x6f2697fcdb76d90eL,
-        0x65933ee209bd9c92L,0xd5685ecd28343738L,0x710f4176749952faL,
-        0x42e023189f5d102fL,0x36d10f77f94440f5L,0x0000000000000159L },
-      { 0x0d4263d509266d0aL,0xdd8b8663db5bdbd7L,0xefca1b51b558c145L,
-        0xf5ee60e3e70a0974L,0x37dd6d658dc33d8cL,0xfd4a3bdf6814d0a2L,
-        0x153b585c1553384aL,0x7d4f0dea08b2ec0eL,0x00000000000000b8L } },
-    /* 30 << 245 */
-    { { 0x4b3eb15613fdc5c9L,0x449dcca9a182c015L,0xc78094722f93b771L,
-        0xda7036300e7455d0L,0x513554a53b5a9e06L,0xec7fcdbf4fa313a3L,
-        0x047528ffe3fb4d67L,0x38bdf53faef7306eL,0x0000000000000118L },
-      { 0x24680a5476ccdcebL,0x96e42aa84664792aL,0x02494069a27801bdL,
-        0xcb8439da7bf928a0L,0xe60d6eda322f44ffL,0xb0642335e482b462L,
-        0x6336c8709f3803ffL,0x92e9919ed725c323L,0x000000000000013bL } },
-    /* 31 << 245 */
-    { { 0x5e729774cb774815L,0x17da6efe704192afL,0xdb3c15ed0faeee6aL,
-        0xd9b8570bec65984eL,0x56c96381470571eaL,0x6962e90b4e573376L,
-        0xa7e5c4ff990ffae0L,0x4c90d86ef841ae38L,0x000000000000013cL },
-      { 0x27cca1fe0c9cf81eL,0x4e5348da7fef5618L,0xa59515bce0a75316L,
-        0xd66ee09d1c82ccd1L,0x79be306784c1bea5L,0x13fa7967e65dc45cL,
-        0xf47f47eda8987a90L,0xf329d0e19d0d80bdL,0x000000000000014fL } },
-    /* 32 << 245 */
-    { { 0x75b620639659f9e9L,0xa5568027c4b6dc18L,0x1c5dbfff1f499e7bL,
-        0x35b20ffdffa60eebL,0x4368ac975e2237e6L,0x502c0e789ed425d7L,
-        0xf8877b29f5aeaa27L,0x137e015dcd2e9bcfL,0x00000000000000fcL },
-      { 0x69be3c6d3fffeb71L,0x5739d6c9e33b4ca6L,0x94672002643a1eb8L,
-        0xd1359e0570fd238bL,0x3b7ef87493916a8aL,0x4ef08127efdaf809L,
-        0xde4174e74143ab1aL,0x3bb964e042e7aee4L,0x0000000000000151L } },
-    /* 33 << 245 */
-    { { 0x3693de23e707614bL,0xf7ec069499298960L,0x556f28cf89f11c00L,
-        0x7931968eb75a3c61L,0xd6c72278485683d2L,0x734c3512d4369fa8L,
-        0x08671bfcf17d7c5bL,0x1f06b63a5d69bd69L,0x000000000000011cL },
-      { 0x64d8055d7c23e2a8L,0x96251f5e1d95c234L,0x5fce87cea0f43bc1L,
-        0x67071f622f15f523L,0x40eb36b8d3fea005L,0x1d9ee274012556e9L,
-        0x10730e770887e50bL,0xa1a356784004f24dL,0x00000000000001c2L } },
-    /* 34 << 245 */
-    { { 0x8bd447567568da86L,0xcae3a56a8d725c85L,0x2211f108801c5fc6L,
-        0xe5de07da4c3c8b44L,0xff2167cbd0fbe37fL,0x7ef2307074994e56L,
-        0x150e804810cf15abL,0x052337af2c095024L,0x0000000000000106L },
-      { 0x7c6057f0e87d4ca6L,0x77900e45486f4fb9L,0x566981d17ba84399L,
-        0x8f863f24198b27dcL,0xa84e0841e7a49f6dL,0xd17dd7370f1060b9L,
-        0xe4f4d9b344f7961aL,0xa1b242e5da29c5a3L,0x0000000000000027L } },
-    /* 35 << 245 */
-    { { 0x47c2e6ed3a5f7687L,0x2dafe7db3cce6bb8L,0x419ffe4b771db38fL,
-        0x8410ddfd2d624c59L,0x0779b3125b900ecfL,0x1b01dc1c0ab57b8eL,
-        0xd245703de2fc4c74L,0x37c542c2f9f31707L,0x00000000000001f4L },
-      { 0x941e03652f8379e7L,0xf76dc50d288ef711L,0xba0af92876ab8d8eL,
-        0xa3e8cdbdc0c73e45L,0x522c45b349565c3cL,0x00f5e95a79c8c078L,
-        0x7554d72bef1b71feL,0xa36855168a5118f3L,0x00000000000001d2L } },
-    /* 36 << 245 */
-    { { 0x8bf63edd8e519803L,0x7d6d968474760503L,0x99afb2fff64f6308L,
-        0xc2df0c31c23b3a72L,0xaf8529c6950f14adL,0x9af0832dee96370cL,
-        0x46194ea77aef8e49L,0xe92679536da47b01L,0x0000000000000031L },
-      { 0x55bde6f749681136L,0x41ab4f3da512f655L,0x6dbf743677c5141eL,
-        0xa2c75d2e5507fa84L,0xc8117d02f9b98137L,0xfe2760c706888e33L,
-        0xc13bb97d53002110L,0x385619defd63f2e3L,0x0000000000000067L } },
-    /* 37 << 245 */
-    { { 0xfa1aa2447f27814eL,0xab02051c5105d84cL,0xccef8bcfe9b00b16L,
-        0x3783041e1158a067L,0x5b79215725e29b71L,0x401c2417fb1b4107L,
-        0x39c42434410a421fL,0xf10e887b5c4f6b31L,0x00000000000000e8L },
-      { 0xacea55d402076600L,0x9054fe9a59b7f920L,0xbcb07980e8a4b5e1L,
-        0xe33c2ab1dbb2df1aL,0x1651e2d0390680daL,0x68446f35401d8675L,
-        0x9f2b69d026985f00L,0x4446113258d0f8faL,0x00000000000000fcL } },
-    /* 38 << 245 */
-    { { 0x29d634179986b9d7L,0x39e022af0df6e934L,0xaf6cc96ebe1e9fb6L,
-        0x0891c88dc858c743L,0x7925f4300375dff4L,0x02fa4b94b52848d5L,
-        0x6db74714e2416cc1L,0x7af11e364b95f2caL,0x00000000000000f2L },
-      { 0xe003401840add981L,0xccccc6929796397dL,0x387856d06074f7dfL,
-        0xe812adcb61907678L,0xef4f33383c753d8cL,0x052c6e49e90021b7L,
-        0x384bcf9006bfb694L,0x5c0dec98d371fde8L,0x0000000000000012L } },
-    /* 39 << 245 */
-    { { 0x8029b1cd33b35443L,0x26829ac6820cd2abL,0xde4f535f48a6b896L,
-        0x1b9e10d51639919fL,0x20ebdfe88bdab109L,0x6ed42c3b39b129b6L,
-        0x73dc485879c78aa5L,0xc98fc0ea9a71f600L,0x0000000000000184L },
-      { 0xacb1ccb55aea360dL,0x7d835bfbddc1cfefL,0x32bfa37ed7c954a0L,
-        0xbf2da393f2998fb3L,0xa1d82913b19bfdf4L,0xe16c3b4a32ac5588L,
-        0xb9ac5ec37b25f23eL,0xe15ddc917547c489L,0x0000000000000011L } },
-    /* 40 << 245 */
-    { { 0xaa4a212a2177c1c1L,0xf08f1f5d4c8a2a83L,0xeeb0a8940fe14c27L,
-        0x564a1c8f3f0c1f0bL,0x6b73048c9297b55eL,0x3ddce9077a810e5bL,
-        0xd8f99efc3de8797fL,0xd9b3fa2e37379157L,0x00000000000001b0L },
-      { 0x65a7dc22fe9275e2L,0xbe8b93fb6960a690L,0xc783df8863f437eaL,
-        0x4fbcf1465a22f1efL,0xa1b86ab3cfdcf231L,0x0b1309cf50cb90c7L,
-        0xa77f0bdefc3cce3cL,0x86deff3cc30ac697L,0x0000000000000170L } },
-    /* 41 << 245 */
-    { { 0xbfed1d85a5415e7eL,0xf2cdc9c92a5ee8f8L,0x3a474a3965d153a3L,
-        0x1ba4eaf88d3a6303L,0x1710d1c4a46a689bL,0xe2f2cbbc3a54597aL,
-        0x3b223c6c76dc2731L,0xaff989c894979d28L,0x0000000000000158L },
-      { 0xa41d3a99df88fbd2L,0x75c1ec4cfb23896bL,0x915a2173fcfce02aL,
-        0xddc565efe861b7b0L,0xb1d0fa3f1ec84240L,0x93bee4d79ffc81bbL,
-        0x236a25221687f61cL,0x7d49c63e462bda79L,0x00000000000001afL } },
-    /* 42 << 245 */
-    { { 0x692567a5f802386cL,0xa13a56f6a6dfdde3L,0xa50394cb37c39a0dL,
-        0x3d16f5aa7040d3eeL,0x3aadd2f5e6edf55bL,0x187fbe5ca51277bbL,
-        0x55e700a285daa140L,0x280d135ca930617bL,0x00000000000001bdL },
-      { 0xf8d3e2267e0c0d8bL,0xdbb1cca204aa1cf1L,0xbb77b8f06552a12fL,
-        0x8e70802ad8ad6b41L,0xa021a4d7010ddbf9L,0x76ea576d780704b9L,
-        0x9e3a04148cfb7119L,0x8a6f4f2384e51f1eL,0x0000000000000177L } },
-    /* 43 << 245 */
-    { { 0x12aa2288f305b6b9L,0x8f748eae3e09e0afL,0x8a8746cf8e3f1a4aL,
-        0x51cbe927d1e329d8L,0x1e39a4366f29094aL,0x54d285eabc8f1209L,
-        0xe590966b4e8e7975L,0x5dec63afe66ae4aeL,0x0000000000000116L },
-      { 0x3b0e71ae7e09821fL,0xab231a0941d1372cL,0x852865276a4390eaL,
-        0x4d60e9bbb914c18dL,0xf0ad8d4e2ad21e36L,0x8bb1cc09fa2444eaL,
-        0xbdbfb2b40d8c7208L,0xcb2f1f7a32f413d5L,0x00000000000001efL } },
-    /* 44 << 245 */
-    { { 0x4515599dfdc05854L,0xda8ff3a6782c42a8L,0xdd8e941349490283L,
-        0xd85e445578dce0e8L,0xa77329fb7ac7177cL,0xb067a59806fd1d4eL,
-        0x6f1ddf79c8cd2f44L,0x1dee178202e39ce4L,0x000000000000007bL },
-      { 0x1a0dbd3e38a3a617L,0xa3c67e5f162bbdfbL,0x316f1b4a3173b0f1L,
-        0x1e49c5c3e5224d7eL,0x3f88443f64108b19L,0xae6531a1f6f95472L,
-        0x7c046d1e7c89c919L,0xcbc20e84ca70cbb4L,0x00000000000001e6L } },
-    /* 45 << 245 */
-    { { 0x45ae06b2bdcc3342L,0xd509e8020d55ebf4L,0xd1fe846db7bfe591L,
-        0x7e45117b66ea6d0cL,0x07f7ba94b5cb8e33L,0x2365cffa4c1fe4bfL,
-        0x59614a7a9e7ed518L,0xdba553f88f9fed0eL,0x00000000000000aaL },
-      { 0x99ca2d5a345708b0L,0x835ad98cebd1a22eL,0x66f253ba9c713fbcL,
-        0xf1015a40ae272ea1L,0xe582f157d00914a6L,0x9906ea50402ca5c4L,
-        0x299870d22428dccaL,0x7cfd6b258095af1aL,0x00000000000000fcL } },
-    /* 46 << 245 */
-    { { 0xe3be5d0d627f185fL,0x2c3d75b32b3389b9L,0xd0313bacee1e001fL,
-        0xe82de4821eb0a534L,0x8321862f2d78d8aeL,0xa2872545e1ffbacaL,
-        0xf8d9d239c1719916L,0x15cfd49783909f63L,0x00000000000001daL },
-      { 0x1e3e01f01063999eL,0xc5d2f9e1bd7538e6L,0xb25f6bcfbe3c8745L,
-        0x20c30f7613cc6a66L,0x77edef8bfee4b1ddL,0xb7b09fa8731e7a9eL,
-        0x3c514cc2bc686eedL,0x699ed1d2ae1d335cL,0x0000000000000025L } },
-    /* 47 << 245 */
-    { { 0x8850e09b2de78492L,0xa4f91fba9d81e3c5L,0xa47dca1e2b1eb8b4L,
-        0x2983ad5bc084e7f2L,0xde8c13ab5f4efc52L,0xff2fcf43652354fcL,
-        0x81e86497f601c563L,0xc3d6d3864dffcb43L,0x00000000000001a3L },
-      { 0xbab2f6d53a79466eL,0xa087360abab23b64L,0x5b37df4aac31247dL,
-        0x2b145d97d5de2624L,0x4851c9515cb00cc3L,0x22c4304ef34ad1bdL,
-        0xbdb1ce92cfbb9914L,0x07ccef0abe21104eL,0x0000000000000170L } },
-    /* 48 << 245 */
-    { { 0x9584a837980c0f9bL,0x4c2c21b4f234ff0fL,0x584a18241068eee2L,
-        0xb3c08003c5b71c77L,0x98a59e372505132cL,0xfeeb536724513321L,
-        0x83f623522c9afa82L,0x5a470aad23d28bbeL,0x0000000000000160L },
-      { 0x2aa901fdce4e21a9L,0xc0fb45706c14573aL,0xe0711b5e21c1a7afL,
-        0xee3bfbfa2a47a293L,0x12830261ff0de285L,0xd334f3ee68d87d16L,
-        0x3fb8d74765c6b8bcL,0x1c40f1aba12a5638L,0x0000000000000070L } },
-    /* 49 << 245 */
-    { { 0xd8de01e7d09513b0L,0x0e224cf695a57479L,0x66098ecb776d5c68L,
-        0x31dc808681d73198L,0xf34ab49771885d5aL,0x245b101068c07bccL,
-        0x1b0415956f754ffeL,0x28d98ac39eed986cL,0x00000000000001edL },
-      { 0xa5b7b90083abb8f7L,0xbbccf881305576feL,0x7ecadad7abfff444L,
-        0xac85c6b037ee04eaL,0x7fd13117a17cd3d6L,0x21d25a19ddd5bc0aL,
-        0x28de095c009073caL,0x3961d13dcb0c209fL,0x00000000000000beL } },
-    /* 50 << 245 */
-    { { 0x10bb54d9391ec713L,0xf25eb2bfe18ff505L,0xa45400ba6cc76e34L,
-        0xb1e654a2e55f9f1dL,0x6a929b7df4ab5d8aL,0x7cbf9f1318655654L,
-        0x1221d22fac713cefL,0xcdac9c9be1fc247aL,0x00000000000000b8L },
-      { 0xb83d4bf76480f3c8L,0x0cf881acf07b9b03L,0xb1fb5d2137534ebdL,
-        0x15bab0952c0e8fe1L,0x7f18cd140fecd0e1L,0xbbbfff81257469e3L,
-        0x7067debb1615060aL,0xd2be688fb55abf01L,0x0000000000000016L } },
-    /* 51 << 245 */
-    { { 0x608780b7e2bc7bb1L,0x561f8901ef5a0e12L,0xf0542f44549f8bd6L,
-        0x963cf806da34a9a6L,0x478e5efcfe94c12dL,0x35bba59014a9626cL,
-        0xa601a1bbc34e6af0L,0x269dffd4d19c944bL,0x00000000000001f8L },
-      { 0x6f2956333e41b8f0L,0xee0766054b4a2e7cL,0x15bdc7de38d4d8e1L,
-        0xaca4398008c99e00L,0x34c67680c545ca80L,0xeae77ef56ce03f0cL,
-        0x27fa04e27e5bff0cL,0x87b2f2a846a0e91bL,0x000000000000007fL } },
-    /* 52 << 245 */
-    { { 0xf60ae3ffcb6d2a3fL,0x482de542c33f5aa1L,0x22d7de4039386ccfL,
-        0x798f81e53a7d4c56L,0xd4d64bde3c8827d9L,0x1faf02c38b3b5cbaL,
-        0xaa438f22b1afda7fL,0xfbfbebdfc3170b92L,0x0000000000000122L },
-      { 0x429680862811743aL,0x82b9e326d780ee2bL,0x9105ddae1fe0dcb6L,
-        0xee40a9d2d989fbf7L,0xb3bbbe7a4dc53350L,0xb68fe7420a6e7da0L,
-        0x3e0083720512a045L,0xb766291ddaec0849L,0x0000000000000088L } },
-    /* 53 << 245 */
-    { { 0x01a091d8d3c4976dL,0xe976df9f909844adL,0x5a02c8a4247d52fcL,
-        0xb1aa080f7be65bb4L,0x7706859fef4a179aL,0x527a3e36b3d4fcd2L,
-        0x3984a1c97a4a6782L,0xefe16fbd714ae36bL,0x00000000000001fbL },
-      { 0xa8211b1c25cbb098L,0x4859a0eb3bd99868L,0x6c9649c20efd41d2L,
-        0x1bb4ba1856a41c6dL,0x0c8121ddb6bddebeL,0x34837d357d24a62cL,
-        0x5c3d55bcff33e24fL,0x45030bfd16840912L,0x00000000000000abL } },
-    /* 54 << 245 */
-    { { 0x5e50374c3a2da57dL,0x5f78556b1119606dL,0xd16ae65786badbf3L,
-        0xbcdc9d3ef7ddc184L,0x4272a8b0992238fbL,0x60ed6dffce0899b9L,
-        0x0c3d43145f78be82L,0x250527665a51c6b0L,0x0000000000000069L },
-      { 0x0fa9b9ce4a2967c9L,0xde64435bda5253ffL,0x466eacc0338fe90dL,
-        0x8ebe67813d7ec117L,0xd32402bfc1104e59L,0x5dba885e90be00a3L,
-        0xadfd197ad73138beL,0x8137f0c52ef27a3eL,0x00000000000001c3L } },
-    /* 55 << 245 */
-    { { 0x7f02f467394ad9efL,0x285df1a69f23b02aL,0x16e5676ecde7acc7L,
-        0xe3e9c6238fac90dcL,0x76aef25902c87d17L,0x92e6a16157eb512dL,
-        0x37eca5054023938aL,0x6b1963cf77e7fdd6L,0x0000000000000158L },
-      { 0x27a4063d61891784L,0x858d6af50fd9cb7dL,0x8af301b292403037L,
-        0xf4b2e253c2b52eceL,0x226bffe2eb92c43fL,0x50fbc9f200c974e8L,
-        0x7d07d1186b7dbb3fL,0x8fba39c8af045ee6L,0x0000000000000194L } },
-    /* 56 << 245 */
-    { { 0x1a4d19d6b580e3a2L,0xcee647c220834fccL,0x94066a7c2e9454e0L,
-        0x220b4993b1b480e6L,0x0a89c3e330e72308L,0xf22f323e6294e865L,
-        0x27dad374645c364dL,0x16b70ed4b47a7a2cL,0x00000000000000cdL },
-      { 0x208a7f56cc79e99aL,0xb844ed7d1991087eL,0x6f19c1c07ee9fc8bL,
-        0x12a4140bb9208633L,0x8f976b252c1a5947L,0x083544dda1bfc7c3L,
-        0xd432604b206df951L,0x0f3c03b57eca93b3L,0x0000000000000115L } },
-    /* 57 << 245 */
-    { { 0x99d40986753d916dL,0x76e71d0dc6f9ad8aL,0x7c1b28a9131d329eL,
-        0xd572e26068eda873L,0x6573c96b3dc992fcL,0x7f37ed7ff8056b40L,
-        0x8763b71e7e52cfb2L,0xb95a7916e3cc1875L,0x00000000000000d3L },
-      { 0x063f06bfa0d93ec8L,0x8e86a0ae68082206L,0x00d504f407041b08L,
-        0x4dd113bf92c96a08L,0x52e9b7eac04ae2b9L,0x84e384d5fdcb7b5fL,
-        0x493ca1391d0c6202L,0xcca8ca15fe81207dL,0x00000000000001a4L } },
-    /* 58 << 245 */
-    { { 0xd5d4d7cff6f13b77L,0xa235e197561ed919L,0xfb2fe413292a81c4L,
-        0xc0813a2712fd60fcL,0x5810faf1d63cb00eL,0x9f5f197d3fd6725eL,
-        0xf14546b1874b8146L,0xdfba72ae7fee7377L,0x0000000000000194L },
-      { 0xeae4ae28cbc9ce37L,0xec3f756dcd373c41L,0xa06e06a8f77cea19L,
-        0x94d4d6712105ff62L,0x72cc585c06f6fd6fL,0x663727a62e929fcfL,
-        0x8b961949dbf5886dL,0xda00c0f69718340aL,0x0000000000000021L } },
-    /* 59 << 245 */
-    { { 0x1f690177297f5c08L,0x829e1e491a44476bL,0x546ce72c95b8a526L,
-        0x775796e3c8b75808L,0xc88ded0ba53f8e9cL,0x6c9d25f77d4c14caL,
-        0x19c94323081d88efL,0x558a9201bd375822L,0x0000000000000011L },
-      { 0x3f9d75a8b8d1b7eaL,0x7922b2448df0af6eL,0xad5e8cc1abc15eedL,
-        0xe3b3754bf3b890e1L,0x379f1383a7648fddL,0x9eaff495874c0014L,
-        0x67e39f779ab784b9L,0x620e2eb4778ccdbcL,0x0000000000000127L } },
-    /* 60 << 245 */
-    { { 0x8f73b2234438a469L,0x39a3151a312f3e82L,0xc1b4a65f4fd6149eL,
-        0x5cfd0145d0d76e86L,0x391146bb1a77eab4L,0x3e4961491c97071eL,
-        0x60e4eddaec115d98L,0x0e58bcd6dcd6b9e3L,0x00000000000001a1L },
-      { 0x64049099d8bd20efL,0x2204f491ea12243bL,0xa219aa014de1a0f6L,
-        0xf04edad6989ff1f5L,0x5187c5776afebbdeL,0x6b50208e8707b524L,
-        0xf92f5bc8911785b9L,0x939c770bffc55f6cL,0x000000000000014aL } },
-    /* 61 << 245 */
-    { { 0x23bee635f7258c06L,0x167cae1604f1f357L,0x44dd3c13265880aaL,
-        0x14d4fcf659e7b653L,0x1cce371ab23c6ca4L,0x1f0d3fd2be665d7aL,
-        0xf9a6b67edbd611d0L,0x3914288b373b5d3eL,0x00000000000000b8L },
-      { 0x35ece3f280efbc9eL,0xf5ca78c4e90d9d2bL,0x28a4ac1626f91851L,
-        0x6c410ee1547cb8abL,0xe034876ad121a20cL,0xef1f5ccc10ad2acbL,
-        0x46b897f276faa816L,0xcfc360975d09bc6eL,0x00000000000000d4L } },
-    /* 62 << 245 */
-    { { 0x4e9b70429fe870d6L,0x6b3a18c95b05c44dL,0x9402371050c1dd23L,
-        0xc73dd6f17ec19f72L,0x341988d5d13247c2L,0xa2507b4211b903adL,
-        0x317804a96ab937b4L,0x61a65fcea908e4c7L,0x00000000000000f0L },
-      { 0x39645ebd823fbc2dL,0xb735849ea4146076L,0x3155c49373ffc246L,
-        0x38a8186d9eaef0bdL,0x6dcaacacad300f96L,0x1aa11954454bd19bL,
-        0x4742ad6d770ef5f2L,0xb5e674ead3dddd4eL,0x00000000000001e4L } },
-    /* 63 << 245 */
-    { { 0x2e70fc86d8f34db1L,0x5465c430a63abec9L,0x7ec081a39b336fe3L,
-        0x5dce23079972d290L,0xd92f92e87c892943L,0xc47b48bcd6dacbb0L,
-        0xace480e295957dcbL,0x762e668932a0e43cL,0x0000000000000187L },
-      { 0x3475d0d61e89009dL,0x943cd5f0db2bd19bL,0x534c64936ed81e64L,
-        0xbe764b65e36cda5dL,0x5a315225d65e0449L,0x6e045dc36797dfb5L,
-        0x50e92a969bf6935aL,0x08bc07d4aa863084L,0x000000000000005cL } },
-    /* 64 << 245 */
-    { { 0xc3246fc8bddb33c7L,0x68dc29bb81972f1fL,0x7b5edc9bee7ed0fdL,
-        0xee83430ce158deafL,0x8a924b48df7c5708L,0xb421a505f2c65a04L,
-        0xb5da215e5c289f82L,0x752d5ff9b9d02b8aL,0x0000000000000165L },
-      { 0x55564b4a0d9d7788L,0x70c744916cab3607L,0xf53bc98690091526L,
-        0x1e88044d9abc41a6L,0x38e9d3dd2bb6d384L,0x4177105e84bc3dfeL,
-        0x2b95a432674df1b0L,0x38196726eb1de0dfL,0x0000000000000137L } },
-    /* 0 << 252 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 252 */
-    { { 0xa6d6b095dbbd171fL,0xf0d3b95744f06181L,0x46b9786578fab381L,
-        0x7da97845ae356e29L,0x4a0c3e00d01b3c09L,0xaed18677e106d5beL,
-        0xd7309c761affdb67L,0x9715875425f2b8c2L,0x0000000000000193L },
-      { 0x65d3657b24785079L,0xb1d2b5f75e064334L,0x0736bfda2b7b61e1L,
-        0xb39c4db1284e4fa6L,0x66cedf43bd934998L,0x8f9f6243324d2de1L,
-        0x92f2524e4c193171L,0x75705acd964a8383L,0x0000000000000031L } },
-    /* 2 << 252 */
-    { { 0xfce13e03d0739036L,0x0af573f2a4161596L,0xf3db4c750bdedd89L,
-        0xb594cca3e8eae413L,0xd9ad2edce2e66f2dL,0xe99c048166f7f599L,
-        0xd141ff976886e453L,0x087714a153e3221fL,0x00000000000000beL },
-      { 0x91eab39e5daebd46L,0x3f9ddea494fb01f2L,0xfaaa200b142ae67cL,
-        0x853da6b0ca631c4bL,0x4c9ca396fb3f4229L,0xb00a8de2e3690f95L,
-        0xe8000000c2c7704aL,0x65c0ab7393ad0dbcL,0x00000000000001e0L } },
-    /* 3 << 252 */
-    { { 0xedec6d350f810445L,0x2ee468445fe4215aL,0xdace7f0e969acde4L,
-        0x3708f4f4c754dff6L,0xa510303f6c0370abL,0x9d5cac3ab4adc2feL,
-        0xf33d4a2b395a765bL,0x437bfdca1856e0c8L,0x00000000000000c5L },
-      { 0x287dc7f70812a78cL,0x30cb0cd905dc3fcdL,0x80343b51008ec68bL,
-        0xbb3da3a5cc404f65L,0xd5276af593d9f303L,0x85a875d47daa5950L,
-        0x5baae52f078e6556L,0xddd9e3efe58a4e97L,0x00000000000001c5L } },
-    /* 4 << 252 */
-    { { 0xa3ff48a37252eba7L,0xfe771fd391359daeL,0x9dda3a45d05be01fL,
-        0x5cfa713de97a9a89L,0x5fd23bd887cb6c64L,0xbe45c0758d9ae4bbL,
-        0x90f9438478e27270L,0x3e1b0d18f0dbddd9L,0x0000000000000018L },
-      { 0x6e5283f7f2fb7facL,0x232e9cd13593d0e4L,0x97418d9cee81f08cL,
-        0x339540f51f2e8dc0L,0xeaacb20b619b5ee8L,0xefc8079a4ae00660L,
-        0xa968fb1c765802b5L,0x60088783f20650faL,0x0000000000000145L } },
-    /* 5 << 252 */
-    { { 0x322efe142a7cbe50L,0xaf425a7db2f85051L,0xcc7c9d91812b26a2L,
-        0xd89fd04968066e44L,0x79ba895fec83b2f1L,0x570c2db410e90a64L,
-        0xe00f1ae889c59658L,0xd94f065c78edd742L,0x0000000000000021L },
-      { 0x3fa27bd8c5b5b0bdL,0x432599d6a5121de7L,0x528925da2e8294cfL,
-        0x28c15142cf0f9464L,0x38498320a6fa7f3cL,0x92cde9b1ba93f4b8L,
-        0xefe2455e4bb98cacL,0xe0cc0ef1d1b0e59cL,0x00000000000000d6L } },
-    /* 6 << 252 */
-    { { 0xc538d35074a00efdL,0x4776ad9697bc3ac7L,0x22041b531867f889L,
-        0x2aa3594319cbf055L,0xf00a49d00c38f064L,0xcf40e6177bd0991fL,
-        0xa59df69b0155ffafL,0x1f2d50feace4aa07L,0x00000000000001e4L },
-      { 0xf1a777ee5cce1b0dL,0xfb8a0ab09c7ad9aaL,0xc0d3b78058a6aff6L,
-        0xa9f4b3a3370af1d6L,0x3a0731a53d39d147L,0xf7aa9df732c93fa5L,
-        0xd9a0599f9c938c2dL,0x2702735d01b0c0d0L,0x0000000000000152L } },
-    /* 7 << 252 */
-    { { 0x64f62dcba1d24f4bL,0x134da7c1f5776ef9L,0xb6699e3f534bf835L,
-        0xc9b93539ef275259L,0xa9d68c870f7cf548L,0x4ee54ff7fbd2d9a9L,
-        0xcaf81404465e7c2cL,0xa02fce30048cad5dL,0x00000000000000d4L },
-      { 0x9ce2e24c6e76c091L,0x8353d7c941ec4c75L,0xe7f5bfbb43a019d0L,
-        0x74cf2bbe508e92c9L,0x58f2e1b68dfcbacaL,0xbe79df8b98bdc65dL,
-        0xceabfa1cc699db7eL,0xe237815e0e3f9421L,0x0000000000000093L } },
-    /* 8 << 252 */
-    { { 0xcfe4f02e36e4a40dL,0x3af87a7df2b51e5eL,0x3b6baa2683fbf682L,
-        0x9a7a9339063e5979L,0x77214ebf41b680c9L,0x1fbdee591ae59f71L,
-        0x9a4dd12ee1530c0aL,0xe113839691fe54b0L,0x00000000000000baL },
-      { 0xf84d66ebfc229914L,0xfcc47954452da1c3L,0xe662b9c06f9743c5L,
-        0xd0db646d087d7194L,0x2abc096b6e1bbf6fL,0x24272840331f3a96L,
-        0x0da86ea2a6b9f40dL,0xedb363317dcb4554L,0x00000000000000d5L } },
-    /* 9 << 252 */
-    { { 0x35ca7b714da6061aL,0xa9bf19f0003e19c8L,0x1298c7034c3c37f1L,
-        0xef43fc92921f123dL,0x065e9cb5cf8acdbbL,0xaf1392df0a25165fL,
-        0x2174ceea344d3fc5L,0xebfe81c529d22225L,0x00000000000000d6L },
-      { 0x0fd8fdf2bff99ba3L,0x7789d27d28498d5cL,0xc5d731b872535985L,
-        0x4dac761544e0ec8dL,0x1997b34953628596L,0xda8f1b453df08420L,
-        0x2cf56fdce0df23fdL,0x3c9a7005f2c7864dL,0x000000000000019dL } },
-    /* 10 << 252 */
-    { { 0x5c1c16872c1e8de6L,0xd70ec472b1c70780L,0xeb11585ec5b43635L,
-        0x943929d2fe1004b8L,0xefec44e1735d06beL,0x22380d73c2f367dbL,
-        0xcf498e0d550f497bL,0xb9d7707958da0a67L,0x00000000000001cbL },
-      { 0x4a86da6a6139e58aL,0x59828182eba6ee4cL,0x117ea761d5b978b9L,
-        0x6e5c95fb421c7b72L,0xcb8ab1e8b9da6233L,0x8a99b06f696c2a02L,
-        0x128544479166802eL,0x66c2c35cf1aa2cccL,0x0000000000000120L } },
-    /* 11 << 252 */
-    { { 0xd558d1c2d75dd2d2L,0x835a529183c47104L,0xbe1680cbd6a8d82eL,
-        0xf1ed775571b65f2dL,0x375ac4137edd4aa0L,0xca2bf9c9863979e3L,
-        0x8b2d261eb6a3f48cL,0xe3fa313d74fd8349L,0x000000000000001cL },
-      { 0x0b8664383e70dd66L,0x6a5fb43b15cef5dcL,0x83a0fe8cf8871f0cL,
-        0xb879a0e6848f9812L,0xf93ce978f35ca817L,0x74643f68687d2a6dL,
-        0xb9e7ba00c6df8a5fL,0x151a645afdd5d515L,0x00000000000000c6L } },
-    /* 12 << 252 */
-    { { 0xaf39cf7917f8115eL,0x538d81c5b1e2e5c2L,0x6d3a29b22661d6e6L,
-        0xbf9ab97716f4f3d1L,0x1ff2e621c84d4f92L,0x985dff6bdb14f203L,
-        0x24559c328f4f0e0bL,0x960527201a1e7a96L,0x00000000000000feL },
-      { 0x398cc66a79786d47L,0x009bc173b2b9653fL,0x295b412ed23322beL,
-        0xaa78b521ffe060a9L,0x5ff5a5feb808d2b8L,0xe84af56c3182e463L,
-        0x94972ab444022236L,0xa17d7b55de52f2baL,0x000000000000014fL } },
-    /* 13 << 252 */
-    { { 0x8c90e71abe54c3a6L,0x449b10eaf71c5359L,0xeea87dfd829fa44eL,
-        0xd8353ef02ca80e90L,0xaa71620cd1229447L,0xb0445ef2d4344caeL,
-        0x2792ebb0451ce474L,0x3581deedc2907707L,0x0000000000000199L },
-      { 0x39ebef0294adefa4L,0xc44fb92c3ac01ca7L,0x4df141e2c456c3caL,
-        0x20aed69b471dbf3cL,0xb31db16ce85b7ce0L,0xc239e7166911a4fcL,
-        0x3d8c230321f7392eL,0x98f6f7e6e19b03ebL,0x0000000000000142L } },
-    /* 14 << 252 */
-    { { 0xf3d8f02c9371d8ccL,0x034277222083bc29L,0x1bc1a1a2e0a508d0L,
-        0x75402b4365386b1dL,0x7832c7a2a81ea689L,0x30fdf8d8d3c43e8dL,
-        0x11af93da8bdabe83L,0x1fc117f8df22b64fL,0x0000000000000015L },
-      { 0x266747ceaaca36f0L,0xa3b4bacfb8eb0f62L,0x60b72b71577519e7L,
-        0x689653954bdded3aL,0x0366164aab2ff463L,0x5615191444c3432bL,
-        0x2040ed772700d67bL,0xf6b08ac8cff9e250L,0x00000000000001c8L } },
-    /* 15 << 252 */
-    { { 0xb8e81a2dddb4eb9eL,0x89f9c08f3947b43aL,0x69d84b2bb0e758a3L,
-        0x862f559972bc3e5fL,0xe9c567914ac68eabL,0x8d66059f8912bd54L,
-        0xa386e77fee35a78cL,0xa434e2e64303b216L,0x0000000000000165L },
-      { 0x545f743413593d90L,0x745c910055bbcb3fL,0x45e63824bb344485L,
-        0xc26c34dd38c0f16bL,0x55c10ecddf952e71L,0x60c4a2e598fd979aL,
-        0x5ff003efa6ff9ef9L,0xdfb5fce95e578209L,0x0000000000000077L } },
-    /* 16 << 252 */
-    { { 0xa87650d1eaffd713L,0xec781c97a797ad44L,0x1e94accdb4bcac17L,
-        0x2284f96fb3981cc9L,0xb8b2ef57091634ebL,0x4accf5e8cad053d0L,
-        0x0eca4f9b5d1ef480L,0x1598ef27d6e76957L,0x0000000000000131L },
-      { 0x7cbc9061b72d8840L,0xe611924d86a5ba36L,0xe02e9ca8e066d292L,
-        0xdb092f52a68a0466L,0xf5d97f5d0c0b18f8L,0xb5e171465c99b95cL,
-        0x1bafbe749d3d6acfL,0x606103fef370bd5fL,0x000000000000013bL } },
-    /* 17 << 252 */
-    { { 0x3fe39e9cda6f368fL,0x4af61b0fabb8e7a1L,0xc4fc73f42b9c9912L,
-        0x20ef2e5ecc24e5dcL,0x481cdbd4f1023146L,0xcb417697117bf9ceL,
-        0xb8436bbb544036a2L,0xd828ba5c0a8f949aL,0x00000000000001fbL },
-      { 0x19515a04ac53c4beL,0x909688614a652fdcL,0xddbc6aacea6eab85L,
-        0x15a84e31dd8f09c6L,0x1482d4ed2a71c6baL,0x48887451b38da85cL,
-        0x885c36530c77e28cL,0xca5e7a1b99505152L,0x0000000000000004L } },
-    /* 18 << 252 */
-    { { 0x040a2260aa34bc2dL,0x121519766afe1aeaL,0x6cef13fc4b8bff60L,
-        0x648802d6ff7615d9L,0x840563e335e69c6bL,0x39b0d6a55fa0b253L,
-        0x88a3c3ba4bb58678L,0x126b85d347abaea3L,0x00000000000001afL },
-      { 0xcc56805c23a0415aL,0xc577101dc281dd52L,0xfd3ef16d7ca89e69L,
-        0x4a7283f560b671afL,0x852732a794a73553L,0x3cdb84d0f7951035L,
-        0x6d9330e01c556d8dL,0xec1e7cd492cf6b85L,0x00000000000000e1L } },
-    /* 19 << 252 */
-    { { 0xd51138a7d7841050L,0x5a5253a482ee0b99L,0x724f84f5c6740508L,
-        0x80a3e456c2d2de09L,0x19dfa21c187141e2L,0x4d41ef7b42877c25L,
-        0x9d6b3326d75209b4L,0x3a21cd023587efacL,0x0000000000000006L },
-      { 0xa492f40456ad32a6L,0xfcda204c21031b3dL,0x4cebc3ba8fa9f767L,
-        0xf96068d423837f90L,0x99013dab42ea9f03L,0x6e21bf1b0ddd2cb5L,
-        0x0c9a452bdf051b9cL,0x5c9d2ed27034ea63L,0x00000000000000efL } },
-    /* 20 << 252 */
-    { { 0xc3c8d26f643c4cbaL,0x3a5bb59455e63c4eL,0xe0a25b35545e3cb6L,
-        0xc6d52abeed177530L,0x2eb287968f4cd3c3L,0x01b5433943c6ceddL,
-        0x85930ae934575ceaL,0xcf13a14404294cffL,0x0000000000000172L },
-      { 0xe9cf3a7c89e62cecL,0x19f62eba02e58adcL,0x0b98464bd3762108L,
-        0xd148d77d942b9f9dL,0xefd8cf2b6ffd03d5L,0x2ce97d571fe049ebL,
-        0x684bd7957de2640eL,0xf509af614fadaf12L,0x000000000000000eL } },
-    /* 21 << 252 */
-    { { 0xdaeeefc8bd7db126L,0x9aa0f6ca3e712793L,0x3219db3fc2424c7bL,
-        0x176f35eb708e50ebL,0xecd6fe934b0b3588L,0x897e0be7e25dd575L,
-        0x37764d7c511df00dL,0xf2534cd41e410d17L,0x000000000000005fL },
-      { 0xe086716404e39c47L,0xfcaa5822faa76d22L,0x325e11738fa74426L,
-        0x744a07fe3c45bc8aL,0x554c7032d61136b6L,0x0530bfc9ba0e8c67L,
-        0xf25a3a8ed53c15a6L,0x2f2c8715310c9174L,0x0000000000000134L } },
-    /* 22 << 252 */
-    { { 0xc4edf2abef129aabL,0x669fce1c0d57c727L,0x1d02a96d42e87512L,
-        0xe150a353f32d3174L,0x6808c4ab4d52e358L,0x16c366cbb7c74f3fL,
-        0x143e3bb816eb7940L,0xc50b78ebcc3ed5a4L,0x00000000000001a8L },
-      { 0x9cb287a40ac87da7L,0x35ecfd38b9dede9aL,0xfc155649fad6c214L,
-        0xfb97929926af1c4eL,0xb4fd33291b4ba2a3L,0x5027b62cd8079f78L,
-        0xcef56123ef96d8aeL,0x5c7c3b2ab1952e0fL,0x0000000000000147L } },
-    /* 23 << 252 */
-    { { 0x5a3018dfed37f7b8L,0x7a3b0c2a057bed1eL,0xd616a40033284d2aL,
-        0x86517965e501d780L,0x2216349cdf6fe150L,0x8af9ad6f9114ac94L,
-        0xc1a53ab4a61c04b5L,0x8dcbb53b09eb46c2L,0x000000000000010fL },
-      { 0xe672328378dcf9b4L,0x3aeddb5334ae43fbL,0x616116d1e4997ea6L,
-        0xd0fa538e3f22345fL,0x25131525fa6fa9fbL,0x7c1a8081705d6d97L,
-        0xc89bbc7389f5d450L,0x542a0882dbd80319L,0x00000000000000ddL } },
-    /* 24 << 252 */
-    { { 0xd883edca1854dcb7L,0x158f2ad5e4b33262L,0xa89ba702743cfdc9L,
-        0x762616ff85efe2cbL,0x01c666119880709aL,0xec6df8890999a8f8L,
-        0x11cbe7f35006451cL,0xdb0dc5696a551e2dL,0x0000000000000078L },
-      { 0xc8ac5659a91c9a13L,0xd146235491cfcd3fL,0x8031f8ffb83429e2L,
-        0x12f36b88c7c807beL,0x9bbe73ada17696d9L,0x631f9dbe13e49ec5L,
-        0x6a868794fccaf136L,0xe0341491d4c71b95L,0x000000000000001fL } },
-    /* 25 << 252 */
-    { { 0x714fded2fb616313L,0xd1f8be5c4138197bL,0xe06020deda814497L,
-        0x16e6c5994f00cb7cL,0xb75cfe69712c2c0bL,0x303d77a3db529279L,
-        0xaa2d207ddca146f7L,0x587e3f839bbeb98cL,0x0000000000000158L },
-      { 0x988d1f50a6b10157L,0x43a1d2fb914103b3L,0x8d3afdfca224786eL,
-        0x52bfdecb99a99cfbL,0xa6f20f93dc38e50cL,0xe71ad506ab79cb34L,
-        0x937405c803ca3b19L,0x12b16d20ade81e6bL,0x000000000000000cL } },
-    /* 26 << 252 */
-    { { 0xe14ddf295a95e0d7L,0xfb5740d3f0aa2850L,0x5e8c11d18d654360L,
-        0x3aaed8340252e7caL,0x1aeba10cf88cdedaL,0x1a57aa22cb63f2a9L,
-        0x89ae2ab42123c4aaL,0xf8665895bb8d9ec1L,0x00000000000000a9L },
-      { 0x73de3b4627fe0dafL,0x1267a3e741ca4fd7L,0x26684605cca84b06L,
-        0x9190d4d64bded61bL,0x50d97803989719ddL,0x605632471d59b025L,
-        0xc151df922083bb72L,0x6fdbeb823d3ce909L,0x0000000000000094L } },
-    /* 27 << 252 */
-    { { 0x0626cb92c7c9761dL,0x20d73ca5c6afa3e7L,0x1e20927bbdd40e51L,
-        0x39788dd2d806e2caL,0x143aba83269c8534L,0x127e8992cc4cd1ffL,
-        0x29eb0e1d86bb67bbL,0xe6cd55afdef639abL,0x000000000000005dL },
-      { 0x42f52e70509595ecL,0xc41012f3bf39cfe4L,0x6f7fb05ea709badbL,
-        0xd80b13e292cf6184L,0x23683493edc7bd6cL,0x277892f1dc43b987L,
-        0xc76285574535695eL,0xac2a363a1b8d2e1aL,0x00000000000001aaL } },
-    /* 28 << 252 */
-    { { 0xe90f84570012e81eL,0x6fa09e16b98fd2b0L,0x0a09399d9805fedcL,
-        0x2e315eef2d5c3795L,0x890ace479a886fafL,0xa901e7b5d1690ec4L,
-        0x45116659bbd30a26L,0xa07c60ad19302f7cL,0x000000000000016fL },
-      { 0xda9350157782fa75L,0xb0253020981b2b85L,0x3a2434f0f76c5389L,
-        0x51b7a3ea04884584L,0x09d81db0d12297ecL,0x46842ca99d202166L,
-        0xe9fd1469d502c092L,0x61703bf654ddf5cfL,0x0000000000000176L } },
-    /* 29 << 252 */
-    { { 0x6fd8079edb2c1400L,0x143a2304cd0e2f67L,0x9987e77144296e69L,
-        0x6d27cba4601afb95L,0x8f6d58c41a75b55fL,0xac76bf6fb30a6c2aL,
-        0xb6e0fa7760de6c0eL,0x1793832b98b30d3eL,0x000000000000018dL },
-      { 0x7d7582eccc35416eL,0xf0472b74398092a7L,0xb122b93c58c6b243L,
-        0x100b1fe07e032f1dL,0x62b71644058ca84bL,0x036760890ac11b8bL,
-        0xb36d7ad9092839edL,0x092759cf5f77a937L,0x00000000000000c2L } },
-    /* 30 << 252 */
-    { { 0xaf6d6bee01c05a63L,0x3d7282dbd5a612b2L,0xa4bcb677f9b49c9dL,
-        0x1186eeb8b8f5a993L,0x08fede59fdd551f9L,0x6ac2844cb7c047eeL,
-        0x972583e24e4c3786L,0xefb8e22533d3b9fcL,0x0000000000000145L },
-      { 0x9164f2c84f585b1cL,0x7f49bfd2d53a4a93L,0x4ad4bfca07ec3188L,
-        0x0412a46f933b2990L,0xddfcdb113f03779dL,0x1d7078ff17678e3dL,
-        0xe3fbc9b2e9b85930L,0x25bbb056ee1174c2L,0x00000000000001e8L } },
-    /* 31 << 252 */
-    { { 0x6a2da2be4951a177L,0xa7712dade0249695L,0xca9500ddebd45219L,
-        0x9512855fe6a249cbL,0xd2fd8a82b7b464f3L,0xc32ea5d18aea2d80L,
-        0xeb2a2ca3e13e3278L,0x629f37f5ac6e4e6bL,0x000000000000001eL },
-      { 0xfa92ca3d66778869L,0x994101dfad4fa305L,0x00e70ff2866528e5L,
-        0xf4e501e9fe725c14L,0x35f8f43e07d0014bL,0x55689c488108dad8L,
-        0x998730a593fa8b70L,0x640054d4497da817L,0x00000000000001fcL } },
-    /* 32 << 252 */
-    { { 0x272ec59646e69dafL,0x348d7acd79b09a47L,0x8731070bd806f931L,
-        0xe1191599011d80caL,0xd001ced01b8cd947L,0x31dd3c9878a6654eL,
-        0xde8dbd0cc6409599L,0xb8939d44691b6141L,0x000000000000017aL },
-      { 0x146fdd629c45660bL,0xeb9a13d3a6283d26L,0xb99e7e66c9e2a86bL,
-        0x926ee0abe626a5eaL,0xf01ec218e8a93dedL,0x8562b91a040fb497L,
-        0x25fa595f6ddd2f63L,0x9389fffca2612413L,0x00000000000000d2L } },
-    /* 33 << 252 */
-    { { 0x6c4d9184bf16e29fL,0x70e6d2ab705bb9c2L,0xfcabd209b2118b5cL,
-        0x66321abfc9722264L,0x7a36d66f3200176fL,0x674a9b43fdf743c2L,
-        0x0b70838fed49945dL,0x274a8631bf04eab2L,0x0000000000000028L },
-      { 0x08650f55a3b6345aL,0xa2cda848cc418bd7L,0xea80cd7d13c42880L,
-        0x6895e5e434f7c51aL,0x1c51266d65380432L,0x5a024a2f94c33187L,
-        0x5e5fd4988a8c0674L,0x1b9f5d2d250b1cacL,0x00000000000000ccL } },
-    /* 34 << 252 */
-    { { 0x54a1d996f85100b2L,0xcbc5aa64db80cbefL,0xe91d2b9f59e324dbL,
-        0x9a5be55343d54cb3L,0x0ce9b03acb01dac4L,0xba4de3a2c63fd291L,
-        0xb1deed8fe51325e2L,0xeb22652f5595c748L,0x00000000000001d1L },
-      { 0x1ba3d9749c6ab6f4L,0xea84bc15d4814870L,0xbba9c3a7b8034e24L,
-        0x07482120618eb92dL,0xf6e8b897bf7a2f69L,0xbb141cd921f09ce1L,
-        0x4737cb5e28f04b32L,0x333210812dbf0affL,0x0000000000000148L } },
-    /* 35 << 252 */
-    { { 0x3fbd36619f67786dL,0x0301a8134bc980f7L,0x3ccde4731d1abf93L,
-        0x7ec69b27aac22970L,0x02e4efca9d9ef464L,0xd3ecb5f7e4b97c90L,
-        0x22fc87ce2817aeb6L,0x3703fcc9926bb15eL,0x0000000000000151L },
-      { 0xf0906667a44ed08fL,0x685d2d12441de931L,0xfbc0bd4c2d6d7984L,
-        0xf76a510d39dbe5d7L,0xd2b30ce9192862c4L,0xbdea2ba3ba2b8335L,
-        0x020d4e210976edb4L,0x67d9047cef64f6acL,0x00000000000000f6L } },
-    /* 36 << 252 */
-    { { 0xcbe3c6553fca4498L,0xfe7348762b198c78L,0xd29325d2244e4325L,
-        0xf811d9a114fc0ce9L,0xaefd7d9540622672L,0x9e01aeebb59070b6L,
-        0x14811a71f8dae8cfL,0x9c4680d5c01426c9L,0x0000000000000154L },
-      { 0xf106ef2abc07c7efL,0x249a2234a39f9edfL,0xc8183c09615d7a51L,
-        0xe250cd31f509f19fL,0xf28eefe149134f13L,0xee2b97e95ddaff55L,
-        0x28b2f72ad3959547L,0xf40f9d6a47cd3c7bL,0x000000000000009dL } },
-    /* 37 << 252 */
-    { { 0x319d18853945bc6bL,0xc0569cb414c1c53cL,0x0e23bbe24104fd05L,
-        0x22ec69d1af763b66L,0x79816606bb0000e7L,0x6a3a8ae493893673L,
-        0x0573de9d2d6abbc4L,0xb28bdaa38fb6032bL,0x00000000000001d6L },
-      { 0x50baaea5ac05f0cfL,0xe88864181615f297L,0x9311a1dfa9d25c58L,
-        0x3333e14f8d6c9eeaL,0x6a8f3dce13608d91L,0xbb6b6955b736b86fL,
-        0x5aeb5a41eb0a22d8L,0xccf9043b974aa869L,0x0000000000000161L } },
-    /* 38 << 252 */
-    { { 0x9634396daf728c46L,0xa5bc9b7d247224e7L,0xdfbc08af5c081218L,
-        0x40daef2f74944bf7L,0x363b2863461700f9L,0xc7b2d7bc173bb294L,
-        0x99080d3eefbfe051L,0xf987b4b797e98cf6L,0x0000000000000023L },
-      { 0x3984bf231aeb61d0L,0x4d59b524b46acdc8L,0x5523fe15227d50bfL,
-        0x77b1691dcec5964bL,0x6517492432344e0aL,0x0778001be2ac2d32L,
-        0x8cea375f288c0542L,0x92aae3acad80ca37L,0x0000000000000047L } },
-    /* 39 << 252 */
-    { { 0x5f72b28080743791L,0xf6d24353bad4058bL,0x40941ebcfb22ed42L,
-        0x46f017e280467bc1L,0x43155ecf5b2eaf8dL,0xe7c3771ea97e0752L,
-        0x87b477068a9a2623L,0x8ca0232ae08b1132L,0x0000000000000184L },
-      { 0x32ef7ae5683dbb52L,0xa8dcbbe761094cb0L,0x9f2062fc2c48a96fL,
-        0x16bab4ceed9269ddL,0xf2b4713d2b9caa66L,0x81ccd94c07417deaL,
-        0x71dfb81ae196d3b3L,0x836e59ce53016c55L,0x00000000000000c7L } },
-    /* 40 << 252 */
-    { { 0x94804b92b95527d4L,0x90dd532b78404dbdL,0xf8e5b1c62c372391L,
-        0x7c4b488d68836ee7L,0x9d266ad6f8300a06L,0x16fb86b496340c5aL,
-        0x593521324c6fb7a6L,0x20328cf8e55babb5L,0x00000000000001a7L },
-      { 0x8cc5cf828c337a9eL,0xed52a678cb12ddf7L,0xa38d7a38af21e702L,
-        0xf4ea981de8c19a9eL,0x0e4e6bdc79a44d8dL,0xc76b800a5236cabdL,
-        0x4ac864e69c3644f3L,0x418d9fe3162729f4L,0x0000000000000132L } },
-    /* 41 << 252 */
-    { { 0x632fac9b6c0b884dL,0xe64b31b11fc25e52L,0x96132f079cbd3314L,
-        0x0e24dd947d867c6bL,0x895f8df9b24daf39L,0x8436f4630d7b8ad5L,
-        0x292df4b9f79f4019L,0xffefe90e02a7ed35L,0x0000000000000007L },
-      { 0x4ce7024fd1b1dfcaL,0x8ec5462cbcd0728bL,0xaf6d3ed726fa57c6L,
-        0xe6c42b8d3f45f510L,0xf8c2493a062a663eL,0xe988a4782075f60cL,
-        0x641270957d167671L,0x3fd8cd1558cf1479L,0x0000000000000152L } },
-    /* 42 << 252 */
-    { { 0x46159bb21866454fL,0xdb5d23dbf1c1de9dL,0xa5b2b20f73b122e7L,
-        0x1a5328d36e867746L,0x82d316f43432f556L,0xe1773f940a06b40bL,
-        0x283be2a70cbb906bL,0x3ba5f206a07eb52aL,0x00000000000000f9L },
-      { 0xf0fb626d3c7cb6feL,0x823e7d48108f5d54L,0x3e2713ac7b3646d7L,
-        0x23042db5afba0565L,0xc8d983df57696cd7L,0xdc2055c0f11edcedL,
-        0x3476704b495ce49dL,0xcb1299b72f5349ecL,0x000000000000002eL } },
-    /* 43 << 252 */
-    { { 0x44b93e40fd864ec5L,0x605efca6e1c25de8L,0xb0a3cd7d5f1178d6L,
-        0x4bff709678414d02L,0xc6c0f44c9e501072L,0x77967c9f92ad4719L,
-        0x579a4782a54e73ebL,0x0130dc8919eb16b2L,0x00000000000000dbL },
-      { 0xc93dcbfb4e105bbeL,0xe67766b5e0552c72L,0x05677f76faca76d4L,
-        0x766985710bce1720L,0x63946321e3270162L,0xa67411fbc2d2c96cL,
-        0x1e3dfd40c17bd0d9L,0xac6177b43071540aL,0x00000000000001b4L } },
-    /* 44 << 252 */
-    { { 0xccdb3eded06656ccL,0xbe5af4fa347da6ffL,0x22c0b0573b487907L,
-        0x027b5dcf0b018142L,0x18cbedfa397640bdL,0x296c1adba9ac930fL,
-        0x2dc0515599454bb2L,0x5a7c04edc0072ff9L,0x00000000000001ddL },
-      { 0x817ec973da3ec7e0L,0xbf7de96bcb692075L,0x5ec2350044bff6eaL,
-        0xcefad43c6f9cedb1L,0x808cbeda0e575221L,0x9631a43c7d0ed004L,
-        0xbbd48ef5cc055d44L,0x7adced52db3a9305L,0x00000000000000e8L } },
-    /* 45 << 252 */
-    { { 0x4479d35b7ce3f5eeL,0xea8a93523bdf4c0dL,0xccc3b4b4a0f641a1L,
-        0x4f9baeb1f1275498L,0x288f6fbb535c1ad2L,0xaf50e68f7d7e5e34L,
-        0x1573c99dc8c366c5L,0xf29ed752cda48eecL,0x000000000000008cL },
-      { 0xf61dfe1cce19d1fbL,0x3f0ba2cbf727fb66L,0xbf17e60c5a46a948L,
-        0x58bd4583e9e2c738L,0xe2ba0170ca15e3b6L,0xffe816af2fd57fd1L,
-        0xd258abc333e06a1eL,0xd48a7702b820bfbfL,0x000000000000012aL } },
-    /* 46 << 252 */
-    { { 0x1e9da85c3cb7986aL,0x8ca319700a232882L,0x6c1d4813d8db00b0L,
-        0xf05b2bb6728803a7L,0x757a5bfee989dbbbL,0xfe3782b857179a1bL,
-        0x580279433184f652L,0xed24df1e636b602fL,0x000000000000010eL },
-      { 0x23f24bae4b469488L,0xa30177834d56de00L,0xe304cfa2ed103477L,
-        0x4a55640cb8c80476L,0x58e7adcfb9b7feacL,0xf4f50f1087583584L,
-        0xf38761e72ee6decfL,0x62d87e7311f8bef0L,0x00000000000000d2L } },
-    /* 47 << 252 */
-    { { 0x64c6e2ee38f640b0L,0xdbff010c230cd78bL,0x7b6805e3711d0b19L,
-        0x31953411b2ead66cL,0xd03cd197e3497d2eL,0x7aa2213ee0b7847dL,
-        0x68c6e618540fd2a5L,0xee78f1944b427d04L,0x000000000000019dL },
-      { 0x110e84797561c23dL,0xcad5537536e5b2c6L,0xcb7d30ac9827ac1bL,
-        0xf609071cb3eff64dL,0x5a62d75bde8b2b8eL,0x2232be091a7ce124L,
-        0x266ebe5057ad42dcL,0x1b421359c61e775bL,0x0000000000000065L } },
-    /* 48 << 252 */
-    { { 0xc65023db6599420cL,0xd5f259932de4f201L,0xdf04eb7f325db6deL,
-        0xba7a4c67088c5b7bL,0x4288030314fff349L,0x5d8c5ac1ced29b1cL,
-        0xba44893aa9d0ff4fL,0xc94974baed3f3117L,0x000000000000010fL },
-      { 0xd804dafcffe235f6L,0x1701e38d67c31efdL,0xd6b499096b9307c1L,
-        0xf33c74961fa96ebaL,0xfab4f9f892099d0bL,0x3cc5ed866d5334f5L,
-        0x41745249c94e6d74L,0x27ef9399dd4b2b7cL,0x000000000000018fL } },
-    /* 49 << 252 */
-    { { 0xf099cc75f8a9e112L,0x3c74b4cb76c67a3aL,0xfa20479f8dc52ec8L,
-        0x65abe5c0989c6964L,0x3af2709a4f2c71f1L,0x57640513f76588b6L,
-        0x6353f91e26a792a6L,0xe89c1bdb21c67c8dL,0x00000000000000bdL },
-      { 0x0b515fad1e10dca1L,0x90abf43dcdaa45ecL,0x062412e84bc4b73dL,
-        0x718bd3c5b7e454bfL,0x39ad2babc0ac0ad2L,0xc873e3cf0fcc426aL,
-        0xd62abb4369ef63f2L,0x2586fe964669d4c8L,0x0000000000000034L } },
-    /* 50 << 252 */
-    { { 0xe39f0511307f1c16L,0x5b10e8b6bbb6c973L,0x0309e94f4d0b7a24L,
-        0x260ce1fd6621d244L,0x45fc1a57139898f6L,0x8ea7b91a596fd366L,
-        0xde6371e00771a0eeL,0x5482ebb5731efc15L,0x00000000000001dfL },
-      { 0x11d6093d8aff3f7fL,0xcda42fb9470d25aaL,0x005b142823539f03L,
-        0xb8c213cf33a131c4L,0xc8d4d05bc2d06673L,0xc280e948257b0746L,
-        0x382e6cb317e2d479L,0xdb86d2f4febdf3feL,0x0000000000000027L } },
-    /* 51 << 252 */
-    { { 0x78caffd2c356407bL,0x20edea9e58f1eb89L,0xd16fc85fb2dc193bL,
-        0xb1cd53747c8d19ebL,0xe2e606b24e7a43f9L,0x8c6f1b375ae2453cL,
-        0xb3e9a3ea3ab64627L,0x043518e52094ca40L,0x0000000000000084L },
-      { 0x2c793d0352c34b1dL,0x21222d8dafca2b29L,0x951527fbcef8af6aL,
-        0x73984b4bc18db31eL,0x30bd73641bf872baL,0x6c06495be01d557bL,
-        0xacb554b9fc5f7d63L,0xc02a11b7f50b0bc4L,0x0000000000000017L } },
-    /* 52 << 252 */
-    { { 0xdf677374c18bfe67L,0x03daa39249685742L,0x69d2a99736b62aa4L,
-        0xb7c3f6dbf4a734a8L,0x6ad1791560bb2339L,0x266dfc1f08f94b78L,
-        0x2d3d477dd21b35dfL,0x41aea44988cfec52L,0x0000000000000125L },
-      { 0xfd65ad5e5f780039L,0xffe76cbfd96b8044L,0xf7ae0f1428bac68fL,
-        0xe84394e6b4333bc8L,0xccce5687ad2c4225L,0x70471c81a6a9c7e4L,
-        0x60c5e87940b576e0L,0x2f4ef8bb92e9f4efL,0x00000000000001bfL } },
-    /* 53 << 252 */
-    { { 0x3e0a60297892ba11L,0xe21b499382962ba4L,0x3b60b6f50126f7fbL,
-        0x981850279dd3e473L,0xb337b151eb77334dL,0x32fdde882bed2f71L,
-        0xfb8f226fb6070306L,0x8f2db293b0c2ca16L,0x0000000000000130L },
-      { 0xcd05c367cc0de01fL,0x07bdf2d67df2cb4cL,0xb8082bfb2af2a6bfL,
-        0xfe5118c41f02c02fL,0x5c991d3da008a47dL,0x7f1fa1d4d8b33356L,
-        0x0e9d143a397fafb1L,0xaa7061308868a859L,0x000000000000011cL } },
-    /* 54 << 252 */
-    { { 0x827702a8005513c4L,0x716246abd9b83e12L,0xd204accf5fb3021dL,
-        0xaf843f358a4d8221L,0xbc3afbc0f965adc0L,0x7123eaadba9a8f54L,
-        0x21d08b162c8578f6L,0x5e0ab2f832307214L,0x00000000000000baL },
-      { 0x9c1fc84883e1c1a8L,0xb9c17d7ec713b134L,0xb1fbc3be4cbb0030L,
-        0x933803110d6f6b13L,0x5881c5cf7e61b510L,0xfeb0553c44ff008eL,
-        0x2c22a2f1e14b8b02L,0xbdb4134af7f01665L,0x00000000000001f9L } },
-    /* 55 << 252 */
-    { { 0x1e57a0852a7b7c1fL,0x501cd11a379f8b64L,0x2005ea95719460b2L,
-        0xe4cd1ea340555356L,0x6a2088ea43dd7f96L,0xc825ffeab958affdL,
-        0xec97ea43d0db0c21L,0x4d5da9be6175e131L,0x0000000000000076L },
-      { 0x754f2673e8c6ac0fL,0x822a8787328cfe16L,0xa2b1e03d7390327fL,
-        0x71a953aae3470001L,0xd29bef5157384b61L,0x6faae163b4e19442L,
-        0xd180a23c76c973c0L,0x356ee274d45e2bd4L,0x0000000000000021L } },
-    /* 56 << 252 */
-    { { 0xde124a53d9996176L,0x1ec1e39cdc53c313L,0x91917a6c42d879f3L,
-        0xa81372c74e70e810L,0x33d61ba95780fa10L,0xb52f521c73805446L,
-        0x81bba0727bcbb8d7L,0x91a608a605f22a02L,0x0000000000000164L },
-      { 0x6f11a4a870220345L,0xa3513d6d297b6e84L,0x3dc485a1de56cf82L,
-        0xf5e5240385610560L,0x72803421fa22b180L,0xb1e2031c7f0dc46cL,
-        0x676c5f9e43d4c03dL,0xa891aa30dfa7f707L,0x00000000000001c8L } },
-    /* 57 << 252 */
-    { { 0x8080622ee89b1d39L,0x34718e3b8c5f94f8L,0xd8aa15ea60bd7116L,
-        0x795258304437b505L,0x82c1c2707e5823faL,0xfcc0012b92d8a1baL,
-        0xff16cf3c978289d5L,0x01b487fe51fcb704L,0x000000000000007eL },
-      { 0x271a09c44bfec059L,0xe3ab9cd3fa138ec8L,0xdc8d866309c5dcc2L,
-        0x4caf43f7e599f66bL,0xbb4dd3b4688cd1edL,0x07eb1d9caa0ebb96L,
-        0x80eac6dc610cba68L,0x55e5e866ead2696aL,0x0000000000000085L } },
-    /* 58 << 252 */
-    { { 0xd27f55b9c46df5c6L,0xd940f368e310c4baL,0xc1697f3a32602d58L,
-        0x020061eebd564d22L,0x3042100cfa5d7c97L,0x937a3a303d8a5709L,
-        0xc60488f76c8b2008L,0x3dda8ffaab473dbeL,0x00000000000001f2L },
-      { 0x6f893aab79642b56L,0xf329524470359a71L,0xd7462e6ed933ef1eL,
-        0xccf86cd167e8de14L,0x0e8675605a4acf89L,0xc72ed3fef8e9e4d6L,
-        0xc0dc88afd19e4a39L,0xf2e51d088ff2b106L,0x0000000000000161L } },
-    /* 59 << 252 */
-    { { 0x94c5c2faa76e3067L,0x74c5f7baa9e0ba68L,0x503de3ffc79e67a2L,
-        0xe9da75b49903d81fL,0x52f7d9e94da7e1f5L,0xa83731d7b613e973L,
-        0x2dae3eefc35a30c5L,0xbfb55d4be5ffe984L,0x00000000000000b8L },
-      { 0x174b687d0636d4a9L,0x00f11f55b75b9375L,0x70524e62e10ec42fL,
-        0x0ef83d5da15440e5L,0xab7c2c2b7a7046f2L,0xa155482caf88ba29L,
-        0x5aa1f5c5edd7b984L,0x5b7323ff9eab391eL,0x0000000000000001L } },
-    /* 60 << 252 */
-    { { 0x4f18d1477a7d8443L,0x0d76e1b7d1967058L,0xee35bb031486e355L,
-        0x2b32b859da1bc577L,0x063f800d38adb65fL,0xd65ee21ff3f59f4cL,
-        0x56ccb1068382ccb9L,0x74e330b878c00d95L,0x0000000000000179L },
-      { 0xa3aa4a6f8436a8d9L,0x2b1f2c1a7144c8c3L,0x95a3d612fccef510L,
-        0x3c20cfce1af2d8c4L,0xddfdbbd52c0b33e3L,0x4236a2daf230e136L,
-        0x22b8cad2b533d171L,0xc5398e4f52bd69b3L,0x000000000000001eL } },
-    /* 61 << 252 */
-    { { 0xf9998925356a789aL,0xb035d4d643e44f5fL,0xa362c1d3c0491bb1L,
-        0xf9139080777ccd77L,0x7d0109074fefec2fL,0x77961dd61ea1b160L,
-        0x3674c27d2f9de773L,0x6d1ff90f84e79d39L,0x0000000000000065L },
-      { 0x54b1da37ba03c500L,0xe9a2696034fdc983L,0xb4ab12ee290f32acL,
-        0x6589b027a54917aaL,0xef94b1549a84fd5cL,0x1c598975cea54c74L,
-        0xbc50a9b7ee3e0bdfL,0x5d755951d99ab48eL,0x0000000000000004L } },
-    /* 62 << 252 */
-    { { 0x3607f884f22962e3L,0x7fbb0064f0bfe22bL,0xbad02b9b716b8109L,
-        0x2d2f55801bea19f6L,0x119a51eda3da1600L,0xed4bdc13a03e7da1L,
-        0x52cf75e0e1594dc2L,0x5cd2a02ad2740de2L,0x00000000000000deL },
-      { 0x1c1cb857aaa37069L,0x69623f57f69b1560L,0x77e24490cebe0023L,
-        0xca262a30e6395606L,0x4c68833affe15b74L,0x4daa7aa356fcb2a8L,
-        0x4beede7dc40f75e2L,0xa00dd3197a34c150L,0x000000000000002eL } },
-    /* 63 << 252 */
-    { { 0x15c921c8bf854109L,0x91333f4fff524ec9L,0x739e37ee20bfd5d0L,
-        0xe61087f8f8a8bc93L,0xcfc07fcddbe59f26L,0x1f5ac6d2f568fbe9L,
-        0x78a1b8654452a4d4L,0x585d2501d6b939b7L,0x00000000000001d0L },
-      { 0xdb4c45affd113ba3L,0x0741c4004abbacd3L,0x84f69bd7c86145c4L,
-        0x023850e1d597a974L,0x5d3a93d41f667362L,0x24eaefd5d8326769L,
-        0x79ebdedb45edadbcL,0xf8833039310dedefL,0x00000000000000cdL } },
-    /* 64 << 252 */
-    { { 0xd1a48c6847edd0e3L,0xfefb60be253c6bb5L,0x7265ebb75ab3e95dL,
-        0xc8d1b679f058192cL,0xcdc478d6fa21c3ebL,0xdf6360dc10b2b221L,
-        0x824b28a71101d18eL,0x4bc043f1e04269d1L,0x0000000000000032L },
-      { 0xa342984e5d49e112L,0x981ac5544e80cd3bL,0x489ede322c45f14dL,
-        0xb97b3ba50671c724L,0x3818c351bae2cd87L,0xf3719c9261521947L,
-        0xb9116ed9a8252d72L,0x992761ed9c406f54L,0x0000000000000141L } },
-    /* 0 << 259 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 259 */
-    { { 0xdfbfa8c0b9f59031L,0x683df70ba5e17023L,0x07958fdc42ce28b7L,
-        0xb8965b5bc6d4dc78L,0x78441b9a6e4b4290L,0x3909e659ea4b4aa1L,
-        0x9c8f59c629b6cd62L,0xf400a01919a026ccL,0x00000000000000cfL },
-      { 0x09844edef77fa34fL,0x9da8cdc495b4acfaL,0x5bb762074d52835bL,
-        0xc39505e29c0584e1L,0x4c9a0f296c4f318eL,0xdd1a8f417d87f206L,
-        0x423805cd95ec312cL,0x21639f519304343eL,0x0000000000000092L } },
-    /* 2 << 259 */
-    { { 0x6d9b0c3c9185544dL,0xad21890e8df2765fL,0x47836ee3cbe030a2L,
-        0x606b9133f7651aedL,0xb1a3158671c00932L,0x9806a369cfe05f47L,
-        0xc2ebc613f57f3700L,0x1022d6d2f065f07cL,0x0000000000000109L },
-      { 0xb292c583514c45edL,0x89ac5bf2947e68a1L,0x633c4300af507c14L,
-        0x943d7ba57da4020aL,0xd1e90c7ac0ed8274L,0x9634868ce59426e6L,
-        0x24a6fff2c26bc9deL,0x1a012168152416cdL,0x000000000000000cL } },
-    /* 3 << 259 */
-    { { 0xcc2fec030b4a18c4L,0xfc29fc82165d1776L,0xc8ab611ac317fc9dL,
-        0xa8d299571029913fL,0xa225949049f64636L,0xda588063c1db5e74L,
-        0xff94c5e6c0d70127L,0x199c1b8e74f89721L,0x0000000000000062L },
-      { 0x168ebf642d3b8836L,0xb05a8c0f1c2db301L,0x409e24edc0a052a8L,
-        0x6b6bb0163125a8edL,0xea9b956bf64bc66cL,0x4453021083f44d9bL,
-        0x0eb41037fe8b6632L,0x555c39b858ef78d4L,0x000000000000002eL } },
-    /* 4 << 259 */
-    { { 0xc2453d609102b570L,0x70840e5c142c3e23L,0x7294b1f1c30037d9L,
-        0xa2500f121dbf5ab6L,0x03eceb67c9c8ee6eL,0xa19c319330820abbL,
-        0x7aad59e87da6b820L,0xe97823f8c38d842fL,0x000000000000006dL },
-      { 0xce5bb75ea7b6bb9eL,0x9090358d569c9eddL,0xa8b5ec369cd0c065L,
-        0xb2b5ac1cf81c82b8L,0x8feb364c3ffceb86L,0x355ed9ecdf4f9f7eL,
-        0x6f2efe425ce12ff4L,0xb23168780155070dL,0x0000000000000035L } },
-    /* 5 << 259 */
-    { { 0x38a82571854f48c1L,0xd1b1b09af520fd6bL,0x7f01089cdf7207c9L,
-        0x96a6180fc9393ec5L,0xa736bb517aea3ec3L,0xd25dcafeb56b8f87L,
-        0x48933536a43ea781L,0xbbdbedab8e0fd61dL,0x000000000000003cL },
-      { 0xe8b599d37f7a088dL,0x85ade4938e5efd0fL,0xe3049a17adbab77fL,
-        0x3a24830b430f3f92L,0xe267f23e183b494fL,0x05f42dd6166e606aL,
-        0xbee09553f479301aL,0x5adda2a63ee09623L,0x000000000000012eL } },
-    /* 6 << 259 */
-    { { 0xd8be53eb86660e96L,0x72c2673c8be7763dL,0xa7c5462ec6b55bf0L,
-        0x9def337b574a104bL,0xa8fe70ae9e9a1386L,0x6070f210bd010cf1L,
-        0x5d3eda3894ae907bL,0xa69d86791bea88cbL,0x0000000000000000L },
-      { 0xd1dde97203c8dd6aL,0x562332d1d8950c30L,0x33be213e5ea340f7L,
-        0xebb49ed4eb40e91eL,0xefe4aac270b2ca5aL,0xf6ad3cc1900ceeb3L,
-        0x67e9a8816cc704d6L,0xdd3f2baf12fe8a0aL,0x00000000000000beL } },
-    /* 7 << 259 */
-    { { 0x7d8fff086a2f9346L,0xdf0fb4f2d1e2a388L,0x45ba8c01535d98ffL,
-        0xce448379f67301f2L,0xbedd58c03767978bL,0x7b1171f555aef5a3L,
-        0x66b7c88d5a486411L,0xd35c98709f6c12dfL,0x00000000000000d8L },
-      { 0x9dc04b408b746e49L,0xdef5954d4eef5b2bL,0x4bc53645fdc0ba16L,
-        0x3b488da37054acf5L,0xc610686016a0c2b8L,0x299f1abb911bc8b8L,
-        0x5422e599ecec19b3L,0x9ec27cb47fd2c939L,0x00000000000000f0L } },
-    /* 8 << 259 */
-    { { 0x5f56b5a41bc0fa77L,0x6cdd6bb564fd36f5L,0xd0ac68b58a5b7c7fL,
-        0x4a92d9bf09919ef9L,0xc305e12b71c3c520L,0x554a9d1cdb699aeeL,
-        0x7fde007761f54643L,0x99c13124479115ceL,0x0000000000000039L },
-      { 0x25f890e1c271ac2dL,0x1353ccd394b370acL,0xc7b5adf6744d4011L,
-        0x9ccd7687be378127L,0xa8489b5c06c4e3cdL,0x1945580a305505f9L,
-        0x07190a204ab3b12bL,0x0ff53eb11534ea4dL,0x0000000000000159L } },
-    /* 9 << 259 */
-    { { 0xa3f06f7e03301a8dL,0xfadeedf1ec05ed54L,0xe26adc226b4601b1L,
-        0x1b283cdddadcb386L,0x3acec9e811b4a113L,0x91b8284f1118431dL,
-        0xe18d0cc4ac01391dL,0xeb2c1b0a7cc7d837L,0x0000000000000074L },
-      { 0xd0662bde8e3877a7L,0xc979f8a15d0641caL,0x28d798bd044f4903L,
-        0x296941594e7b2108L,0x84d5ff89c5381df8L,0x299250a7a51d6348L,
-        0x02ee4fd3909ecdbcL,0xcfa39db1c84b1fafL,0x0000000000000114L } },
-    /* 10 << 259 */
-    { { 0xe774eed9b1167003L,0xecde86e1932845b9L,0x0381d17897a8a10dL,
-        0x995a4926aeb8bef7L,0x3ee19c812304bae0L,0x541449e3fe977e97L,
-        0xd7ef476ba517b358L,0xe55330bce0d847cbL,0x0000000000000012L },
-      { 0x1620a1d6f06a91d6L,0x714b3502ac578bfaL,0x2606ebdb6bed112dL,
-        0x8b7b271563f8e778L,0x31833913651fd543L,0x14929f1adc9638feL,
-        0x2637ec813ee709d3L,0x39faf7e705547eaaL,0x000000000000009cL } },
-    /* 11 << 259 */
-    { { 0x224aff4aa7b53656L,0x93b4629f1786efa8L,0xdcf8ce96a546dcbcL,
-        0x55f8dbafc17cbe15L,0xe0377d7cd48c57adL,0x28143a41d9a9a135L,
-        0xc1c07a77d9b71cc6L,0xed6d2a8fb29ae6b2L,0x00000000000001e4L },
-      { 0xe5dc2a6836867275L,0x7bb1a0b5349e1d5fL,0x326d1d94c30c763cL,
-        0x06389c1a6db2148cL,0x3a572e33ba33a05cL,0x4244f4884ff8334bL,
-        0x0a63419a240e3005L,0x8fdde11d479fe00aL,0x0000000000000038L } },
-    /* 12 << 259 */
-    { { 0x785e09ff6c6a364bL,0xd00a50fe53e3c393L,0xad964c6e0d36fb23L,
-        0x353441feebada914L,0x4e16727ea5ba72fbL,0x5114c6e07bdc78a4L,
-        0xca3a8e27f38384ceL,0xe48f64cc77307092L,0x0000000000000089L },
-      { 0xb3152778351aa439L,0x0bbc970e6a2e6c8cL,0xae03de8312cfdc8dL,
-        0x1622d6db779c99e6L,0x82d6078b59ef9e70L,0x3539ffd07368486aL,
-        0xe61a3e2b083f7b1aL,0xb214f0b74b874dc2L,0x0000000000000155L } },
-    /* 13 << 259 */
-    { { 0x97a1306e9e1d014bL,0x59ede0475517a3ffL,0x327b01f207a6b3f4L,
-        0xfc8bd2c2fd4f1a9bL,0x0e1b92c4b1af517fL,0x646bae59e1f96248L,
-        0xd14955bc75d5c91cL,0x6f849a406c2dfbfaL,0x0000000000000134L },
-      { 0x984d6925802559b7L,0xc51f33f880d5fd4fL,0x6fb6927113165975L,
-        0xb5ed83cd5dec0cc7L,0x53314bcd8649d155L,0x716d891fbef7bfa8L,
-        0xd7c07da0c3486607L,0xcab5e610669368bcL,0x0000000000000048L } },
-    /* 14 << 259 */
-    { { 0xe77c03eed7ecb581L,0xb0b4de18cef15beaL,0x318e5b24fa1ea3ffL,
-        0xfd1d902e710e95fdL,0x8daeda0655cafa30L,0xcaba29bf2bd11001L,
-        0xaec1861bd88085bdL,0xfaa66562e591d19aL,0x00000000000001f6L },
-      { 0xeee386f7b68c7429L,0x0a876aec502c0797L,0xcb587df8c6806fa9L,
-        0x4f7cb6dca84de772L,0x407a1f0ff746cc93L,0x7862e9bb6b953e5cL,
-        0x6c106caa0a4c9357L,0x04213043c0096e5dL,0x00000000000001abL } },
-    /* 15 << 259 */
-    { { 0x6c0ea19b675e5fddL,0x40b9015015507582L,0xf7237ea726e603f5L,
-        0xc4dce1026e0be9ffL,0x5f0d8a2e3c5b733fL,0x26a280f86ed664deL,
-        0x5f532bcb33c11487L,0xb0f9d44cacf164f3L,0x000000000000009eL },
-      { 0x70fbc712b712571dL,0xa2becc32da63e6aaL,0xaae77cf6c170057eL,
-        0x2f1d39620a4897dbL,0x4c1b5709079995e1L,0x5771457fe2de734eL,
-        0x7b355bf238fcd883L,0x1acad483a6f023b3L,0x00000000000000bdL } },
-    /* 16 << 259 */
-    { { 0xc68052c94876bab8L,0x81f704baf84c2e38L,0x28bb9436f2cf9927L,
-        0xb89bbfa0d06c972cL,0x00fe1dd8b7a78e76L,0x3adfb05af7f1e1aaL,
-        0x45321e42b7278eeeL,0x13d850e0a528ebe4L,0x000000000000006fL },
-      { 0x6b724c681934143aL,0x2f944afdb657d809L,0x38e501dfaba2fa08L,
-        0x9285ece1be66e568L,0x7af221f7f9df3327L,0x00b8a86fde74aefcL,
-        0x19d675189a992072L,0x806d1c88d9ddbbb6L,0x000000000000009bL } },
-    /* 17 << 259 */
-    { { 0x20ea1405d04d2000L,0xea35dca5c089a6c9L,0x038602bf3bdda2e6L,
-        0x477b746aebf1aaa6L,0xd47867e49e7854cfL,0xd8b1935170bc2ee9L,
-        0x76412c62a44fee1eL,0x129d55355abfa5d8L,0x000000000000019eL },
-      { 0xa5e36fcf3ab81c33L,0x6245c51eaf823a1eL,0xd62852eb0e836757L,
-        0x3b2db4b779c4b928L,0x11dc7ad28063e57aL,0x0316df7eeafc4648L,
-        0x44a90cbbfb758030L,0x3db503f2caa01c6eL,0x00000000000001ceL } },
-    /* 18 << 259 */
-    { { 0x2aaea367bd35d8cbL,0xf2a64bd7ae020e8fL,0xd7f80264d6dc5572L,
-        0x890e23621f36c56fL,0xb9daf028a09342ddL,0x6cee1fb190bf076fL,
-        0xfae167e70f0412ceL,0x2a79d89a8a2fd483L,0x00000000000000e0L },
-      { 0xc222a2450849a624L,0xed4033dd0082dedaL,0x11f78e31df0dc525L,
-        0x34240b3ebb3eb85dL,0x135d407dc287296aL,0xc47fbfce741ff1b3L,
-        0xe34dd021da643502L,0xf183174d65e3ba7aL,0x0000000000000116L } },
-    /* 19 << 259 */
-    { { 0x10f9009fe7aa5ec4L,0x125939c308e38826L,0x85a399e720424b3fL,
-        0x04eafd33c0ac71f3L,0x79c534b4452782e8L,0x57a8e52137e8307cL,
-        0x905909823134ebceL,0x8c0acf7565ff10a6L,0x000000000000015bL },
-      { 0x27afc0afe6436fe3L,0x9739bc6f13b24125L,0xe7b31b50902904b5L,
-        0xf7ac9e9c0e8dd2deL,0x8b0c28b2295bca58L,0xdc5817376beafa7eL,
-        0x1ccce1e33aa35160L,0xe57661cc297eafc9L,0x000000000000000eL } },
-    /* 20 << 259 */
-    { { 0x83c6b9ded09b1b31L,0xc2325238e3c06d55L,0xee4a352851db1a32L,
-        0x69bba3f21edd1449L,0xa445212e855c819aL,0x00a83136b62b4fefL,
-        0x1c51eb23e3edd8bbL,0xf5eba0c09a238dcaL,0x00000000000001daL },
-      { 0x1223b0b5b2448058L,0xb6e3ad9f699217e3L,0xa7ae6434584dfe78L,
-        0xf7d3d93f5b407cbaL,0x68b167ad39035117L,0xb369219cfe239c88L,
-        0xf3d9bc4913bba594L,0x6123679d698e3bb5L,0x0000000000000183L } },
-    /* 21 << 259 */
-    { { 0x95f7b69fd2f71619L,0xf96d943794b12017L,0x6d0cf626a6415ee3L,
-        0xd6ca14a945b74621L,0x9cf18c6eccba609cL,0x3d33890bfba5a052L,
-        0x38426ba5c7e9a4e6L,0xdd28b78e61840224L,0x0000000000000062L },
-      { 0xfff724ab6d9606c1L,0x9b61bc1178750133L,0x2137470f8fd0f355L,
-        0x84605f37daf83165L,0x24ee8714edc5f305L,0x77cca00adb7ee62aL,
-        0xf45654e1212cc286L,0x638f7126ef2ed80fL,0x00000000000001abL } },
-    /* 22 << 259 */
-    { { 0xfa37c4d089b3a5a0L,0xa8ed9bd86065deccL,0xc5068acfef8cc1dfL,
-        0xea2a71018c98a08eL,0xde77dd771b4baeaeL,0x855a8b672b794f71L,
-        0x1acf5585cfc02477L,0x1535d73cc30f94c2L,0x0000000000000149L },
-      { 0xc7f723eba566c87bL,0x88d22c712cd0a69dL,0xd7f9318bf60c47c0L,
-        0x8d652ed79c239254L,0x186ab5d6c46760cbL,0xf83bb0d588e7879dL,
-        0x2976daac122a83b2L,0xc7bc8602f240460aL,0x000000000000010aL } },
-    /* 23 << 259 */
-    { { 0x6c4da53b55c8c9fdL,0xcae3b7ba785cfe10L,0xcdb8f1c59c4cd91cL,
-        0xbd1c603ab874a86bL,0xfb8654e1043ea4acL,0xad5c88fbca482074L,
-        0x89d5aa873262bbd5L,0xdcda775402ad836dL,0x0000000000000076L },
-      { 0x4d5190e63441966aL,0x99698619c7ff468fL,0x0a5e1697bb1a77beL,
-        0xb5c0dcfd32ea31f9L,0x2121cd321b6f6ba9L,0x53b7874f779a966aL,
-        0xadb4e60ea3c6172cL,0x5de2f937754ab9e7L,0x00000000000001fbL } },
-    /* 24 << 259 */
-    { { 0x4a7aca2f4dde4b24L,0xe56e7b54b4a15f13L,0xecb9c748eb5705b0L,
-        0x675ffbc695977aa7L,0xd200cc67501dca3aL,0x82b4152d3c43e1ceL,
-        0x64be95945c124198L,0xfc52e520389aa160L,0x000000000000000cL },
-      { 0x157e8281f875201eL,0xe98a64c03b179b49L,0x8df77ef0d4bce1c6L,
-        0x8b6764909a9fd8e8L,0x6d8879b8bb67721dL,0x558091cc19e81bddL,
-        0xebacde3fec6e7394L,0x987a87d51bc77288L,0x000000000000010fL } },
-    /* 25 << 259 */
-    { { 0xd2fded8759ce0d63L,0xfb2c78fdad3f2b6aL,0x1e47201d30bf7a0cL,
-        0xefd45dfcdd7cca88L,0x9d46cdcf392768b2L,0xbddabe42411e4cd1L,
-        0x6a2d18754088dddbL,0x56ac6278c731d94cL,0x000000000000011eL },
-      { 0x11aec7dcca650d47L,0x0f4e8a9e2d8a5dedL,0x92a664a4c2c1f5b3L,
-        0x2cef12ef01e930d9L,0x87e8b0bd01ac4347L,0xdb547402a854a695L,
-        0xcc487db9b9d1733eL,0xe8dfdc0472b35b30L,0x00000000000001a5L } },
-    /* 26 << 259 */
-    { { 0x866ff3c908ea3335L,0xfb58377c88d2ec52L,0x5715d9e014a8829cL,
-        0x9376778b0595d929L,0xc1ccd5d59b8ed6b5L,0xd90d82dc00d1367fL,
-        0x15bce4d84cd41c48L,0x1144874144a2b97eL,0x000000000000017fL },
-      { 0x0e3e35fe60aa94e0L,0xaa1456964891e593L,0x51ec590f402ead1bL,
-        0x23c0996d7345d47dL,0xd93e5a1a2ca244e6L,0x80c00f6fdf85d7f8L,
-        0x1ca50525867d760eL,0x29cf9fb20984377bL,0x0000000000000196L } },
-    /* 27 << 259 */
-    { { 0xbd692d023a5647efL,0x964c9bae291eb75eL,0x704d6f07f201fd7aL,
-        0x6fdc417b52db9f6eL,0xbf85909f6291d4a1L,0x75d316a483e42991L,
-        0xaeed45ef9cc62549L,0x1f4d10c5995a6c4fL,0x000000000000002bL },
-      { 0xe5ff3d1dbc6c43a2L,0x552282bdff596546L,0xc9a7f0f45518beeaL,
-        0x29e5b89aa6339aaaL,0x1b7acff5f0d0399dL,0xcec8edaece588c77L,
-        0xaeb3a8e88fe82680L,0x96f35f5b9fc80e41L,0x00000000000001daL } },
-    /* 28 << 259 */
-    { { 0xb95253361ea445c9L,0xa8a0fe24c10de158L,0xaba4da83211f91e9L,
-        0x307538caf2390466L,0x1e0313e0153d0062L,0x8f5ee2c89ffb2a03L,
-        0x49f2777ff412ebc8L,0x463f67093d268ae8L,0x0000000000000057L },
-      { 0x3856bef0a32a201aL,0xd240074b30514b6fL,0x277c70d8a9c71d35L,
-        0xe35d68cf7aa435f7L,0x8a3c9a0960681a98L,0x4ef5a19a5d25e946L,
-        0xdb60e7fc4316cb53L,0x2693e9a568601ecaL,0x00000000000001a5L } },
-    /* 29 << 259 */
-    { { 0xad35ecaee98cd7adL,0x906bd768a474bc5dL,0xda3926c0d0ff4afdL,
-        0x9b850c9da31111e9L,0x426e3fdc6caf82a7L,0x9644b0d4bfb03a61L,
-        0xc524fe4534531e4bL,0x0bfc8bcd7c3802beL,0x00000000000000c6L },
-      { 0x9342cee294463876L,0x83cc9e39f1be35a2L,0xb18ead7df321b335L,
-        0x00c2fb7044628d65L,0x7b320756ac074cfbL,0x71f3cd03644e931fL,
-        0xf82be78c1e0df54fL,0x397a7d9ed542dddeL,0x00000000000001e0L } },
-    /* 30 << 259 */
-    { { 0xd8bf062c1e073747L,0x26c96d9fee2e6d05L,0x79d919d7890b4d75L,
-        0xb42e2bb900653fbbL,0xf8987798e3ccc877L,0xb47d6eb25033de8dL,
-        0x39f94c596c5fd1a3L,0xf3c0c3882fa0ab65L,0x00000000000000c9L },
-      { 0x9661d7f82b18b119L,0x6fa045ecc4b5c3d0L,0xc858de883bcf37a2L,
-        0xd81d90fb3224d885L,0xf251a9f77a8377e5L,0xfeb83a50a3d8c771L,
-        0x853cfabcb5394fe7L,0x950559bf67c9eba6L,0x0000000000000000L } },
-    /* 31 << 259 */
-    { { 0x08cf7dfbd3c147b9L,0x12ac86d2f10d9656L,0xe02add8249b8805cL,
-        0x9456f02a5f74b988L,0x4a631e1087cdba37L,0xb51ee73a96da245fL,
-        0x1378e514042f40e4L,0x9ca9b65c1f1d6aa9L,0x000000000000002bL },
-      { 0x01757173a246897eL,0x943f9cc04c7b233cL,0xdf545f8e7858a222L,
-        0xb8b36cae3d074306L,0xb7c5c74d9a30dc70L,0xe3b361764c35c88cL,
-        0xb0a1f4f1f0bac884L,0xe86e2f8874506af4L,0x00000000000000d4L } },
-    /* 32 << 259 */
-    { { 0xee31e71a286492adL,0x08f3de4465f86ac4L,0xe89700d4da713cb4L,
-        0x7ad0f5e9a86b7104L,0xd9a62e4f2572c161L,0x77d223ef25cc1c99L,
-        0xedff69613b962e0cL,0x818d28f381d8b205L,0x000000000000008eL },
-      { 0x721231cf8cdf1f60L,0x8b640f2b6717760fL,0xbe726f8ce045a403L,
-        0x422285dc0370689fL,0x7196bf8f72ea0dcbL,0xa16f7855c8086623L,
-        0xd4e19fc7c326fe48L,0xfdbc856e8f68bf44L,0x000000000000013eL } },
-    /* 33 << 259 */
-    { { 0x28ae363b4f9810f3L,0x3c8be1a72b4adaa2L,0xb6ccf2e9a106c1dcL,
-        0x1eaa8df5dc082342L,0xa9d31a0f093f4db0L,0xc21ccdd96a7d1821L,
-        0xb65f98905a9fd515L,0x2277f550f370da1fL,0x00000000000001c6L },
-      { 0xe9c244cb48277947L,0x1c4bd7fbd7f2e795L,0x0f131239511d2132L,
-        0xa8414dbb86c7eecdL,0x191644a8486dca5aL,0x1ca965ad6c84a2bdL,
-        0x56022cf1985eb7e9L,0x25b227393c581accL,0x0000000000000118L } },
-    /* 34 << 259 */
-    { { 0xb1b6d3a65bbb33a1L,0x3075d6caf5c56c88L,0xe6dfb0e533d4db68L,
-        0x7f2ef47003fc741dL,0x2bd5d92bec7c0497L,0xaa499ca8edca6a5fL,
-        0xb16771e43fd78f37L,0xc110eac51e8f7acaL,0x00000000000001a6L },
-      { 0x1faf956a555073f9L,0x2e665871977f2a0cL,0x2fe68703a4ed455aL,
-        0xcc2bd95fa496e153L,0x8233f9bfafc21f60L,0x402fea60f2144bfbL,
-        0x680a736ca2ffc242L,0x69634dcc94d4f0c9L,0x000000000000013cL } },
-    /* 35 << 259 */
-    { { 0x230cadee4136c79aL,0x53a2dce673945040L,0x94f8a859e6429d9cL,
-        0x52383e90b1ed3b5dL,0xf2a0901f5fa55cd0L,0x2026ccf13e2f8760L,
-        0xcdbaa7cc91a22dacL,0x5b2163adbd3c3a35L,0x000000000000017fL },
-      { 0xdd444ce700d782bcL,0x100dcc2abe1fe73fL,0x640c492a0ab9b972L,
-        0xa487fe3863528daeL,0xfc1e9dac220fe227L,0x299b97cdc6c10c53L,
-        0x598cccf628179b7eL,0xe4991c506af23688L,0x000000000000017fL } },
-    /* 36 << 259 */
-    { { 0x1f021ef05478138aL,0x53076dc4067de90bL,0xb325a033c6cbb9c7L,
-        0xd41768278793b908L,0x3cb14074a18b1a70L,0xf50ef63a236f4953L,
-        0xc59bf449c8bc84feL,0x2952abb6f0b868b8L,0x000000000000005cL },
-      { 0x2a0e56c1652bb7bfL,0xf2186af3b9a9a9f7L,0xbfb054232c2d7ef8L,
-        0x9aceb677cabbdd86L,0x40314bd8270a74efL,0x71e9c648d933146eL,
-        0x9a19956d14b0eac3L,0x9797358c0c75f494L,0x0000000000000121L } },
-    /* 37 << 259 */
-    { { 0x80bc51e0c4a4f043L,0xf18f17f98fe0c29cL,0xdd6b0e054c815822L,
-        0x63bffee5b3d55da6L,0x84b0917351b59231L,0x71689568a7d603b1L,
-        0xd579f92e227fbaa1L,0x962feaddbb1f1d79L,0x0000000000000079L },
-      { 0x52e249efd48c66eeL,0x400c89e816b9737bL,0x39cc526b4abe856cL,
-        0xf38ccc7eca5d4e44L,0xb215a07bacb8ef4aL,0x0712bcf081443047L,
-        0x494d622ee238c55bL,0xcf6a1baa50e72dfdL,0x0000000000000117L } },
-    /* 38 << 259 */
-    { { 0xd8eb671dd0e16c37L,0x426b4fe04fac827eL,0xa5ca693c33cbc22bL,
-        0x54de649e6a5c797dL,0xd9e900bf9e0e10b6L,0x531cffe217dfa29fL,
-        0x0482aa87674ac4efL,0x210528300059648eL,0x000000000000010aL },
-      { 0x056126f75d644042L,0xb2cdfa0f893ad834L,0xdd7935cd9cc62fcbL,
-        0x820515a09f640985L,0x6aebdaeeb809328dL,0xdfe17ad7fc12ef5eL,
-        0x6b650484501f50e3L,0x3b8eaf3215fd9a0dL,0x0000000000000002L } },
-    /* 39 << 259 */
-    { { 0x82ed9a8dda6639adL,0xf6024a774e995343L,0xe6a1cdf6070572a1L,
-        0x6a15e3512ab3eb5fL,0xcb4f48bb6655ecccL,0x9295854303dcb66dL,
-        0x060fd5396523aa99L,0x3004bc44f42a7f0bL,0x0000000000000090L },
-      { 0x8e2060ce679910bfL,0x512c4ea8e342d6b3L,0x6d125c9b569f8e2aL,
-        0x833d68f3ecacb92cL,0x7ecfa091e570be21L,0x14539cfe17dae806L,
-        0x111cb671599c5e7bL,0x7d0361e735cad2bbL,0x000000000000006eL } },
-    /* 40 << 259 */
-    { { 0x0206454024a7e70dL,0xd7c69d0cb892b167L,0x4b5a7d36f6f94cb8L,
-        0x7237ffff807698d1L,0x90ca471730d2a69dL,0x052ba947da584fe9L,
-        0xea15b35b970ee0ccL,0x0d7ba4f0be2d7cc9L,0x00000000000001ccL },
-      { 0x10d8cd17f953d168L,0xcd255ba241da2817L,0xed38eccb2381ea26L,
-        0x53eee2ef55ed1ab5L,0xc94ad92333ac6a32L,0xd000d271a71253bfL,
-        0x77c8d5c9547f8b3aL,0xbef4d3aa18ae2ddeL,0x0000000000000159L } },
-    /* 41 << 259 */
-    { { 0x3eeba73f7dc5de84L,0x61f94421baf4ce8eL,0xebf5e4c01e5e5d3fL,
-        0x87b7a9d18b008fdbL,0xc78a071f49b69718L,0x56743f3d87413117L,
-        0x28ca8e2f94c872cdL,0x5f36f860fac7f330L,0x0000000000000100L },
-      { 0xbce6c975e85d255bL,0x21e0235a4066ae6dL,0x786e6d4ac50be9f7L,
-        0xfdd3a4ee582e9ec5L,0x5d8ee443c1fda7e1L,0xd076758e1bf06a98L,
-        0x31508bfc8534eecaL,0x27ab9f1931641184L,0x00000000000000d7L } },
-    /* 42 << 259 */
-    { { 0x76b363b63c5ce17cL,0x75e8ba323e1f0c00L,0xafe8f47ea3ad49f4L,
-        0xdeb90e8dd38a4c8bL,0x59e3777d07743abbL,0x1092a633dd2a10deL,
-        0x082446e157e17d7cL,0x0d01da2edce36407L,0x0000000000000019L },
-      { 0x73a9f09639a6db94L,0x96bc010721374c72L,0xbceda9caff17e1edL,
-        0x32b708692d130febL,0x14a201008f0e1601L,0x34f1cbbbee4a4a76L,
-        0x488b76db85c287b8L,0x4e64b547b6a7d1feL,0x00000000000001adL } },
-    /* 43 << 259 */
-    { { 0xa836842eb6ae189eL,0xf1b19c170056ab75L,0xae3374042b01c3a6L,
-        0x89d5cc7a0bb8c2bdL,0x6e02b009fb866289L,0xdcadc0fc5abf3d3bL,
-        0xce7b2d6604290e7cL,0x94ee4a4d18364ed0L,0x00000000000000afL },
-      { 0x672841bfc58e7b41L,0xf2fbd6fa87db5ad0L,0x2511d4e7dce7195dL,
-        0xd21c4d314dffb69cL,0x8231cc4396b5a36fL,0x75c447f63ea477ecL,
-        0x2574bee0d6186096L,0x52870fd9c167aad7L,0x00000000000001b3L } },
-    /* 44 << 259 */
-    { { 0xece40f9775f9275cL,0x686e628af28cddfcL,0x544b842b887b5aa2L,
-        0xb33a8517c4ad2061L,0x1525dcd7bdfe3c4fL,0xc771ef08b09c44b5L,
-        0xeb02c6bf781ae208L,0x784dbff997fc9c2eL,0x000000000000012eL },
-      { 0x10717e71d93974bcL,0xd6a9e82900a10d31L,0x27b00c7f35d5e291L,
-        0x451d556e0bed8699L,0xa3ff4fe0f5118f55L,0xfb5d9590f07091d4L,
-        0x2dea085ea6378d60L,0x24dac7bb4741b622L,0x00000000000000b6L } },
-    /* 45 << 259 */
-    { { 0x58f22e521589fc91L,0xd26d923c1572f936L,0x119123075356419cL,
-        0xac8ef534d050441dL,0x2095327f1a4e0cf4L,0x39cc6a1ee169d2ffL,
-        0x8ebb4d099b67523aL,0xcc3a215be1bf9afcL,0x000000000000001bL },
-      { 0x39abe3cfd0c96670L,0x1948c476066b056eL,0x47932f316512b7d0L,
-        0xc905d875ca50f67eL,0xe94876bfcd454f38L,0xf15a676e69ed3d3dL,
-        0x32320896d595a940L,0x0656340a48ad1e79L,0x000000000000006aL } },
-    /* 46 << 259 */
-    { { 0x8f6ca036a25c9b50L,0x56356d4785bcc87aL,0xe646d82299817898L,
-        0x6f9c87155d43bafeL,0x09e17a9509926705L,0x1eb95e765fc6bd98L,
-        0xe5894e0146e44174L,0xf345a2821c1f16f6L,0x000000000000018bL },
-      { 0xe6a6189e502ca51fL,0xea04086caf88b82cL,0x400cf34589a390c7L,
-        0xf1da9ba44ed71572L,0x07b61a37913f522cL,0xc69f7f0c0e27f8e4L,
-        0x25d6a2dee6073472L,0xb1d97674586573e4L,0x00000000000001e0L } },
-    /* 47 << 259 */
-    { { 0x3bf9c246be511a2aL,0x528e184cd12e41f6L,0xe473382fff9c33cbL,
-        0x7b152e99e6e39137L,0x01d3d113a4a2e625L,0xa7ab2c27eea47137L,
-        0x0a69cf3194b87f50L,0x36af1fa902fcf00aL,0x0000000000000177L },
-      { 0xc5a45d54b2ff7576L,0x18998a609b2e0046L,0x70720cc450e4fdd5L,
-        0x8ab8a8766f9adbf0L,0x0c09fe59285f4e50L,0x41f772e1aa49ce03L,
-        0x70675276e7e928b3L,0x9e4c40d95f1dffb6L,0x000000000000002bL } },
-    /* 48 << 259 */
-    { { 0x3b52947390b32585L,0x57359ccd7b3ba1d5L,0xb6daa5e0f8889d88L,
-        0x6ef5de0607674ccbL,0x5c000c596eb2b8c9L,0xdc4f33e5fbfbbf74L,
-        0x195a92f58a060ed9L,0x49c845be41beff63L,0x000000000000014eL },
-      { 0x7190d74d265e6dedL,0x95373592453d9809L,0xb087112de8f1b76dL,
-        0x1341db8a73d34d52L,0x54075f5b4bfa2fc8L,0xef25714741071528L,
-        0xfe227bc8c3a0079cL,0x6dff050f64de7e14L,0x00000000000000d2L } },
-    /* 49 << 259 */
-    { { 0xefa6ae34e7d9c270L,0xb1abcf3dcd99fc38L,0xed1681698ef0d319L,
-        0x3648e51e7269773aL,0x0b08bb8036ce881bL,0x9055f280db3f6fc8L,
-        0xe95823b16ad5efdeL,0x0a18738401dfee23L,0x00000000000001acL },
-      { 0x2a8f55bea8a15ccaL,0x96c9c72dde4c36a0L,0x439e0198306f2426L,
-        0x225257a55ad4151dL,0xbd8a9150e4407dbcL,0x93ded257490cbb52L,
-        0x70f1e3f2f0fb6dcfL,0x8d424da6ceb42cfaL,0x0000000000000194L } },
-    /* 50 << 259 */
-    { { 0xd80664eabe1827eaL,0x8444e48081e18779L,0xb6e6246bfc3ae63eL,
-        0x48ff2368b6e36f8bL,0xf79455fdd4a8a970L,0xe3403cbb1f46a06bL,
-        0xad00139dab2a8c5dL,0x68a9ece4fabd20d8L,0x00000000000000bfL },
-      { 0x8240e0275b7b9242L,0xe89bd598dbd8c035L,0x761d0b2eec9d4f1aL,
-        0x111fa0e57df88f57L,0x4741f6b016d01143L,0x0f4b1c1ae59c8337L,
-        0xa23d571e0fe0544eL,0x84be6651ada2d65aL,0x00000000000001bdL } },
-    /* 51 << 259 */
-    { { 0x4835246b6aff5b05L,0xb280322a955831bcL,0xf96ece94ea39c9f2L,
-        0x3282ca94819d4198L,0xffed1187773856f8L,0xd9f62443678893c0L,
-        0xac106b951224557aL,0x4ab67573ee3a017cL,0x00000000000000d5L },
-      { 0x5a4f21a86940798bL,0x25024af6ee0b3a60L,0xeeb9fdf73f8b5370L,
-        0xa76a2c14c102bf6fL,0x0c1da7e1f47f6803L,0xd2f244e7ed271ffbL,
-        0xbc823e462de8cdc9L,0x07bbcd925979772aL,0x00000000000001aaL } },
-    /* 52 << 259 */
-    { { 0xe1db6b7c281e407cL,0x2bd41b23f0f0127aL,0x8c62b1db49d40963L,
-        0xa0a5378e4aecf129L,0x0ab063f6afb779b9L,0x9fce0a3976caf17dL,
-        0x361c82ec51f85f9dL,0xdc45a48c857d1c19L,0x000000000000019cL },
-      { 0x01fd89c64251f9f8L,0x1ba0872e3d68ecbaL,0xed3894017d29b968L,
-        0x7de4a3b2496be4e3L,0x3e8815a6d28dc1a4L,0xb4a743b262683444L,
-        0xc9c4a64ad0be70a4L,0x3e79e5754095638bL,0x0000000000000053L } },
-    /* 53 << 259 */
-    { { 0x65d9c77be8976523L,0x0ac11fd66fc3be5eL,0xe939a935d9655ecfL,
-        0xc9debc12fed311c3L,0x0b460f9bae0088a6L,0x28a82b09d0f0139bL,
-        0x15465c4bc746dd3dL,0x4c149c73f132fe91L,0x0000000000000061L },
-      { 0x7556718de6868a48L,0x8da2dee8b28b880eL,0x24856a384e5dda6aL,
-        0xdc76c7a70ea27973L,0x9fc3053c360bd595L,0x8d41a89c3e1540e4L,
-        0x4b7e977841c20751L,0x14907ac0e8d84b0eL,0x0000000000000011L } },
-    /* 54 << 259 */
-    { { 0x4f736d9a66c5c0c9L,0x2677a79c58a4b4fcL,0xf612bcf8a49ad272L,
-        0xf39799188256b986L,0x1957f6626eb7515dL,0xefbd5ff12964c253L,
-        0xc33ddfe1e8447ca9L,0x9638690a39b7430dL,0x000000000000015fL },
-      { 0xa3552fe58470d9dfL,0x2a0d1fdf093484ccL,0xb81bda1be2eb7fa8L,
-        0x3634d9242688d523L,0x11f94f70cc600f24L,0x87021e6c2adf964fL,
-        0x35b07acd5ace8426L,0xfa2853e1dc2e6f71L,0x0000000000000142L } },
-    /* 55 << 259 */
-    { { 0x2575efbd283e89e9L,0xdb769726720a620fL,0x37c9268d59c0da16L,
-        0x7f35d8bbd0357166L,0xbe8309c61eb19a85L,0x74eb837d19a077efL,
-        0xb1eb237daca65900L,0xcdc312ad0d7c99c7L,0x000000000000002aL },
-      { 0xbe10915aed84c76aL,0x7b0f723a85519abbL,0xf538710f42a081a6L,
-        0x78265356dcbbd734L,0x0f499a07096e7577L,0xff5daaf70079b100L,
-        0xc8bf37a2eb6c1ba4L,0x84ac26592b098eb6L,0x000000000000017fL } },
-    /* 56 << 259 */
-    { { 0xab4d88d64a5595dfL,0x6c8dcabeef39ae0aL,0x2624df12f37103dbL,
-        0x86be6542141f2376L,0x647ba3bba25fabc3L,0x5332a3fce7456368L,
-        0x6d3c328ba44bfa16L,0x34a647fa239e3b29L,0x000000000000009bL },
-      { 0xaa7ad625991ffeb1L,0x4e43f778d03d63f2L,0x39cf73f43cab9baaL,
-        0x2250a6ab66f0706bL,0x83bbddff0e7828edL,0x8c63c4f79209731eL,
-        0xce7951a6b2988761L,0x9d4e402fcac241c2L,0x0000000000000150L } },
-    /* 57 << 259 */
-    { { 0xa12465c4df67bdd5L,0x9218ff8bbc9eca2dL,0x794924a761d09f06L,
-        0x89d11f65e1dbf4b3L,0x60e94678bcbbbecbL,0x34187685a297c4c2L,
-        0x2169b8c93c788f5bL,0x61e7a4603bb5d6c8L,0x00000000000000e3L },
-      { 0x25af24472719a0edL,0xdc1c88f4edfbfd6dL,0x0eaec9a6d9888a49L,
-        0xcf7bc7e4fc0565b0L,0x7d9b1b74cd500f9dL,0xd2664e1ae2b62831L,
-        0x18412cb253f95ba4L,0xb652b95b9c4b365eL,0x000000000000012fL } },
-    /* 58 << 259 */
-    { { 0xcbcce98ffc07fefeL,0xdf3b08fa0bdfc750L,0x4e39fcd4fc05529bL,
-        0xf2aaac2e27114979L,0x7131d54541e195cbL,0x933fa5193f41e9fbL,
-        0x630c99b3e95fc9dfL,0xbd5163825cbe8a8eL,0x00000000000000c9L },
-      { 0x3c6b0a2406057628L,0xff27b4a4ef249b30L,0xe42dc28302e9465dL,
-        0x71d7d424dd0bae7bL,0x4d04ba9f602f88c3L,0x6111058a74d2ae5bL,
-        0x2c382c9cc3712cc6L,0x80b7d0e14d5b66d2L,0x0000000000000017L } },
-    /* 59 << 259 */
-    { { 0x019c03604022dbe0L,0x592bb5efcfee0bd0L,0x19be33c02b149c03L,
-        0xc89d18c2ba04db0aL,0x5a3f5d450bba9aa2L,0x01319e4ad2d6cb21L,
-        0xf6e9f27badc7b155L,0x5bdb9a7844825e84L,0x00000000000000cdL },
-      { 0xfd75100dca64ee61L,0xe13ed4adcf163911L,0x56d0e58980d2069dL,
-        0xf8064a05c45fd383L,0x64567521ca0632f6L,0xebfe94ed94c7f528L,
-        0x80f8b30a5e4debb5L,0xa3d53bbb3bc900f7L,0x00000000000001baL } },
-    /* 60 << 259 */
-    { { 0x72ce80061672b5e3L,0xe0d15784257ac5bfL,0x2083a445fbb308f1L,
-        0x2fc46f2dc8e53f2bL,0xad835795aa2adb58L,0x89b3d1edf35d6ebdL,
-        0xcf54ea81724a0efbL,0x3085e94b513eb0ffL,0x0000000000000046L },
-      { 0xc1d6ca589b47ffc7L,0x553268ba41a17354L,0x15f50394aaba1ae7L,
-        0x9377378dcd023c80L,0xf5556f2a70213614L,0xb56122a4cb30db70L,
-        0x03ae2b4c59650a3bL,0xbbfaa947e337a318L,0x0000000000000108L } },
-    /* 61 << 259 */
-    { { 0x0c07f65f3e218411L,0xf93336dc34e3653eL,0x915543013151ee8cL,
-        0xcdeb170ac7b83bc3L,0xae1673cd6ed8c8afL,0xd6fa1c4b8a778809L,
-        0xd98dc5cc95d4e2f8L,0x50a6f916a906d0afL,0x0000000000000048L },
-      { 0x9842940d56885519L,0x487e1610eaed31f7L,0xb4336a8018cc4dd5L,
-        0x92384fdd9eed314dL,0x39f2647569b8de9dL,0x9fd9be6b397286f7L,
-        0x861bc717ce04611aL,0x5eb3a63d5d9aafe8L,0x0000000000000022L } },
-    /* 62 << 259 */
-    { { 0x577a30fa4b357fb9L,0x36a9492463e6b447L,0xfce5c432731fd6c4L,
-        0x48eaf60527d69a4bL,0x0c5fabdef271da03L,0xab9ab8bd570d0974L,
-        0x07780c6b9c004fe5L,0xe78c11feecd1146cL,0x000000000000015aL },
-      { 0x52c4fa6239153966L,0x7aebe3aa7ba8471bL,0x618c9a3ce81fa8a0L,
-        0x7abd26a68a47b9d1L,0x844c1024f06473efL,0x6231f29ab4072d4aL,
-        0xe698c315218d976eL,0x39b20c9ebfbe05f4L,0x000000000000001aL } },
-    /* 63 << 259 */
-    { { 0x407010d297770b95L,0xe2490ae0b2c13f78L,0x7cb994e1b8634a50L,
-        0x8ccc0776281300b9L,0x1c7a056d83f81cc6L,0x592034c74d47f984L,
-        0xc170bd8f7df09160L,0x07b59c4e6cf44c96L,0x000000000000003aL },
-      { 0xdc66941021689ed3L,0x4ddc860456288484L,0x68bfe9ed8f1a853aL,
-        0x426531e548e4f90dL,0x574498889bc57ac4L,0x5144cfe92e90e5caL,
-        0xfc1d8502d5f8796eL,0xcf50aeba50c5f60fL,0x000000000000018dL } },
-    /* 64 << 259 */
-    { { 0x225256fdb79711e5L,0xbdcf3433a6a843b7L,0xbd3d4548414a71abL,
-        0x2e13fd39e29e7606L,0x194b6e92e07f29c4L,0xd6f5e492b68fd0d2L,
-        0x3ac649985de0ae9bL,0x10e5afe94e5ba961L,0x00000000000001f7L },
-      { 0x27df3c4b8ec9ccffL,0xdb2913722a7b0a2bL,0x1ca89222f045afdeL,
-        0xa666763c69c99247L,0xd8d9f6b199033177L,0x10b696f690eca082L,
-        0x41991d660d180f50L,0x7cee7f9b82d6f6bcL,0x00000000000001dfL } },
-    /* 0 << 266 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 266 */
-    { { 0x853233c2b24565f3L,0x43478b915fbd38c5L,0x962087ffd2a6992bL,
-        0x403427f45ec71ec0L,0xc07276099b151a4fL,0xa8bb2dc4dfa1844cL,
-        0xa20d339e101140e4L,0x0df52fbda1c70e3bL,0x000000000000002eL },
-      { 0xdc4129870447de06L,0x080b5dd16cd90fa6L,0xcb6a6bc7c4ecddc5L,
-        0x9462fbda970fe140L,0x4b0cda7ea7581610L,0x6437af41dcab0c19L,
-        0x3ab19e3f4e100705L,0xf8e93a95adc5e7feL,0x00000000000001f7L } },
-    /* 2 << 266 */
-    { { 0x38ee58f048e075e3L,0xf285797e18d38b67L,0x02e97c63a120348dL,
-        0xc64defa717bff13cL,0x0fd5b7237f983d56L,0x70acc4a830d1770fL,
-        0x0f0ec2d749151740L,0xe99f0a612968c0dbL,0x0000000000000174L },
-      { 0x4a5d683a67aa8ad3L,0xfa3a36cc56c69e37L,0xa392130edf8a093bL,
-        0xe80d7527c840b37cL,0xa28eb4926ab73b96L,0xeece0912c7d4304cL,
-        0x0b900a1130b9dd79L,0x43d757e3a20c5d55L,0x000000000000018aL } },
-    /* 3 << 266 */
-    { { 0xdbc8e45f29056168L,0xb1789b8f8aa24063L,0x8e394ec4e8af7801L,
-        0x451958953e6dacb8L,0x42e76886d8e18229L,0xe9be1e0238912e71L,
-        0xf4cc3bbbc793af2dL,0xa7dc4d1bb6ef26b0L,0x000000000000011eL },
-      { 0x0255437c02adbc28L,0xad007fd57f4098d0L,0x5b827c408ecbf87dL,
-        0xb9acb85cbf9b34ecL,0x6d45ae094a85c2b6L,0xee94e87b95bd71adL,
-        0xa7f0f61b420c1eafL,0x8f39c45c8f1291d2L,0x00000000000000c0L } },
-    /* 4 << 266 */
-    { { 0x56f74e6985edc827L,0xafe2ef0a6a731640L,0x61f8bcfdd51647d7L,
-        0xbeabbb8f41e33fa7L,0x3e4c3aaeec83c547L,0x48a9d1e92cc8dd97L,
-        0x7b4d53b5e57d3822L,0x92387ac8a45c0584L,0x00000000000000d5L },
-      { 0x802ece3dfacdb1cbL,0x9e4f5d209e537236L,0xd10acc25386a5610L,
-        0x53f55d464c6c0247L,0x390fe9808c419fa4L,0x8b0a8aa6bed2bd92L,
-        0x90e7f479f854424fL,0xd714bfb59e7f4392L,0x0000000000000074L } },
-    /* 5 << 266 */
-    { { 0xddbded0597026decL,0x12f1ff098a199bb2L,0x761a746fc1428d3eL,
-        0xb9495d7ef012002fL,0x7a7c2c3aa50c6565L,0xc1264e37dc970f6dL,
-        0x4f05342c865a7518L,0x9818d13d49d9ae95L,0x0000000000000195L },
-      { 0x1bb4a4a08cc45e7fL,0x5fba73b315781343L,0x1e704a47f68560e4L,
-        0x90fb65e54eaceb4fL,0x95438866400ac026L,0xbc4b4d817e6f6a48L,
-        0x3b2bbaaf6e7d0d0dL,0xddf027615419780fL,0x0000000000000070L } },
-    /* 6 << 266 */
-    { { 0x2f9cf1972fe33230L,0x17021cdb2ceae391L,0x18b273a28a2ad728L,
-        0x53289496e7d3cd0aL,0xfbf1d2dd06775a09L,0x445cf659aa70465eL,
-        0x69ef17ef44d92276L,0x852c4f629a70a820L,0x00000000000000d9L },
-      { 0x24819cb9192b4bfcL,0x2a3259fffd8c7b97L,0xb39c9e000e31618aL,
-        0xf4dfe5b7f802aa84L,0x57bd5d63fec026deL,0x4cb4de99848b4c62L,
-        0x68c65e5354a00cf3L,0x37ed0124161b63a7L,0x00000000000000c8L } },
-    /* 7 << 266 */
-    { { 0x2a5e0c228610952eL,0xbf871948e20cb271L,0x24fe902d31955404L,
-        0x9678b0feab00b79eL,0x0d170ac43fd72c73L,0xc91bb075236c56b0L,
-        0x45feeb4f75044149L,0x8cd5418362f8b77aL,0x000000000000015eL },
-      { 0xadceca285c84440aL,0x27d8d9ddcc727b54L,0xcaa94f511f1d6f1eL,
-        0x2e5e70ce41c288a6L,0x2bc6ff5b6c8116cdL,0xd84f24cf5725753bL,
-        0x71d36b45a268b9d2L,0xb10ff02719274e7fL,0x0000000000000065L } },
-    /* 8 << 266 */
-    { { 0x9abf4318e7c8e1a2L,0x89fd5c8d5ef038d0L,0x20641c7c755be1d6L,
-        0xfff489fb38b2c08cL,0x792104e1b3b3a7b1L,0xd8a69114c507e7d7L,
-        0x4c07f5bac1ac93f9L,0x0a2e3d13315c3a89L,0x000000000000012cL },
-      { 0x016026bed523d79cL,0xd4e3d86f00ee5640L,0x07627a1ca8e8f5cfL,
-        0xc07c67f8533afedeL,0x081a516dd3bed1acL,0xddc6f44086e8ff0cL,
-        0x4df71bc8c112d075L,0x2b8cc08f7cc49d32L,0x00000000000001d0L } },
-    /* 9 << 266 */
-    { { 0x8f20e8e5296dd3e6L,0x5b35a6296564254cL,0xee36dfc32969a7f7L,
-        0xa32df83a9b8ce874L,0x449cb63355989616L,0x1cfec15081a04ac4L,
-        0xd625a5fa5f6ac24bL,0xea46b54e1f95a1ceL,0x0000000000000093L },
-      { 0x08e7153e171cc8e0L,0x0b4cc450c58a9d47L,0xcca705da93881d6fL,
-        0xbb825112c702b9a2L,0xffa42735ea68fb62L,0x5ccf465db32b28d7L,
-        0x6c099defd7fc4547L,0x91a920d33f37b44aL,0x00000000000001cfL } },
-    /* 10 << 266 */
-    { { 0x3377ff96a34b8405L,0x735fe3b8a3607c6dL,0x05bb89954a680280L,
-        0x2a1b844443f751d4L,0x88577381b6131136L,0xf6095111bd4bf7bfL,
-        0xdbb63de95babc815L,0xdcbda003457174ffL,0x0000000000000125L },
-      { 0x4c0dac17d659699aL,0x0c97f1a4b90797e1L,0x86e3f70037c1752aL,
-        0x28770759661a54f7L,0x696ccdc1f0226610L,0x36399bea2424ad25L,
-        0x94f98b4bbaa7e4e0L,0x7e2207dd8e149164L,0x00000000000001e3L } },
-    /* 11 << 266 */
-    { { 0x3e459b94f997f2b7L,0xe2c4670e5a5ab47fL,0x6c42f7bea7277f71L,
-        0xb6f4a867b849ea22L,0x9c261ef533ef93ebL,0x14faef70383434e8L,
-        0xcc2581fe68ecf568L,0xbb425d21b0d9b128L,0x0000000000000069L },
-      { 0x43dd049b2a74207cL,0xd89e8403d14cc7c9L,0x5e4b96d61aa77222L,
-        0x64f3514b16efa356L,0x9336114aa79aa125L,0x86cfa19308e23be5L,
-        0x6b0d3088316a61e2L,0x8ba7f7d478b735b8L,0x0000000000000041L } },
-    /* 12 << 266 */
-    { { 0x74af3f63edfcbedeL,0x6b0830b11356f827L,0x060db15a02536f8aL,
-        0x166f9099f7095358L,0xd759efb4e03b9601L,0x05a4e29768484f67L,
-        0x469b4832dc631a7aL,0x7c5406150bb2b1b6L,0x00000000000001b2L },
-      { 0x590174e012481c04L,0x8d4ef6c7d7180a84L,0xd134b543303674ddL,
-        0x60dbf72600c378b0L,0xc60e026a93d8406cL,0x57af4a82082c527cL,
-        0xe3d038fe349a607fL,0xa7cb9b475a3582e5L,0x00000000000000c6L } },
-    /* 13 << 266 */
-    { { 0x113d76470bd80953L,0xe4478391e4fd3d00L,0xb599a4a78a9e2693L,
-        0x9b0a26a00c2122b9L,0xa06d75d822f2ab6cL,0xa91bce84d181c4b8L,
-        0xdcb896f252c19efbL,0x5c009091838a3552L,0x00000000000000faL },
-      { 0xd077530a7a3feb1eL,0xb923c5e923a5b8ecL,0x518a1fde94742d7fL,
-        0xf5d7ccd85609a48eL,0x98a271bf88865d38L,0xafea9987a60efbd2L,
-        0x145df51ead05f497L,0x776f6dcf9f9e829bL,0x000000000000005eL } },
-    /* 14 << 266 */
-    { { 0xb4b3726011219674L,0x47c3a79526626299L,0x64c93e90f7b9b98aL,
-        0x08eff93aff8e46adL,0xb4204ee85b43c5f6L,0x520b0790611d0ad4L,
-        0x29d122dcc1dc2742L,0xcbcefa6e3169b5fbL,0x000000000000000aL },
-      { 0xd43ca630a537c7b5L,0xae40e59aa9c0a428L,0xfdf9b81999f2182cL,
-        0xca851eccec7e7227L,0x6760158bab6a8d6dL,0x3875e88ce215b7ebL,
-        0x569be1e84514f9e0L,0x0a0a202ae14d5c5eL,0x0000000000000124L } },
-    /* 15 << 266 */
-    { { 0xf6eefade50247dc1L,0x507af32ce36262f1L,0x7e981908f13b6ddcL,
-        0x7212c2b68c8c8580L,0xf643133ca54e7f13L,0xa1b10239c4a0069fL,
-        0x18ae36e186279c29L,0xe4f7235a61fbeaf2L,0x0000000000000167L },
-      { 0x4bc859b15533c37dL,0xdc59cf0624b1408bL,0xf488d1e9100554dcL,
-        0x3eaf3d7920b37912L,0xa87f0850ee5acf54L,0xec6d7d40fd3bb7e7L,
-        0xd95e630cb6b4eefbL,0x1aa0a4a5b2a5e55dL,0x000000000000005fL } },
-    /* 16 << 266 */
-    { { 0x69017ed5f1c86157L,0x8ad717eb3aabcca4L,0xe14dd980e57ac297L,
-        0xc2f0da4b931e307bL,0xde7fd5799080b37dL,0x45bf6f6414134de4L,
-        0x5cde0727ac019cf3L,0xb4e5c2e7863e739eL,0x00000000000000e6L },
-      { 0x094e085628e15f36L,0xf92c44fb46276090L,0x9219998521cb21ccL,
-        0xcedcd4f2de53957dL,0x802c6f95b6c417ebL,0x0ea41a2b6075e71dL,
-        0x194d6fb1b9eec681L,0x8e7cd41f2e0320d8L,0x00000000000001caL } },
-    /* 17 << 266 */
-    { { 0xb35b4973fc9a8271L,0x07df6c1baa64d87bL,0xf8a40753c20694b8L,
-        0x9e99bcc963c0ee99L,0xd1a9e1547b93b57eL,0xdf820e3853787f84L,
-        0x27f53ecd99f332cdL,0x4fb11f5a9232ec79L,0x0000000000000088L },
-      { 0x24b553cbee20f924L,0x0b7ef51349d43360L,0x96c9487ce38d79baL,
-        0xfdb1c74fb5ed12bcL,0x21685ed84900c152L,0xa357e469e3bf2258L,
-        0xbd08ba2c6fb351cdL,0x6bf4eab57c702332L,0x000000000000019bL } },
-    /* 18 << 266 */
-    { { 0x4d9b809e882e2e8dL,0x9c08905471a4d335L,0xf7d10eab057174cfL,
-        0x2362775e835f8b97L,0x02cffff193e325e5L,0x5da2c5e530a19357L,
-        0x3682adb3fac8a110L,0x0c80cbc5842d7712L,0x00000000000001d6L },
-      { 0xb1f34b5ce63fcecfL,0x1b7ef8b72036dcacL,0x1e77a65bf2918bdfL,
-        0xee7953ef56dec2d7L,0x3bb9d2d96e8dce20L,0x690991b765dc8ddcL,
-        0x289f7b1c5127b031L,0xcfc012e6b308fb5fL,0x00000000000000dfL } },
-    /* 19 << 266 */
-    { { 0xe4e588655455e3ddL,0x0a3faf6e37979e4dL,0x0fb1185abc2baf05L,
-        0xa7757468231db3c6L,0xdfaa6b1e2dece4e4L,0xe0fd7fbb57b73e1bL,
-        0xd0a759633c1319ebL,0xfe723d7944751078L,0x00000000000000f2L },
-      { 0xf34d75824e65024aL,0x4f3e335728712abdL,0xd736d0a0dc0619d8L,
-        0x700cb63c18df1a77L,0xa741d8188dc6f72fL,0x1fb046b4e3f4ce0dL,
-        0xe4c65bcf36daa0d3L,0x7de83bf3e0a1b42aL,0x0000000000000118L } },
-    /* 20 << 266 */
-    { { 0x5466a9901fe423c0L,0x59f6a48ba57e7875L,0x09a9f84acb7bd46aL,
-        0xb5ae0d9469e02df0L,0xaecc3392d9fec11cL,0xc94de920a4bcd130L,
-        0xfb5b36f882c78f1bL,0x32ad1cf22d4fc970L,0x00000000000001fbL },
-      { 0x8cd894d5df0a2534L,0xcb83665c9735fc04L,0xcbd9157635169f6fL,
-        0x2f3b64a72775c9d4L,0x80c9608fdd6410d3L,0x6503badcbcad20d5L,
-        0xbdb308571b2b1640L,0x92338c7878fbc82aL,0x00000000000000d6L } },
-    /* 21 << 266 */
-    { { 0xac3b7a4a49a3cdceL,0xf58661f0a02ad4fdL,0x1ffcfa7c613c7e53L,
-        0xf2524615a312b766L,0xcf475cfb5616df03L,0x4cfa2b326c13fc81L,
-        0xbccd8375bc58b87bL,0x8abab16ea321ba9dL,0x000000000000011dL },
-      { 0x3e0c8aa36c9c6bdeL,0x52b709235145030fL,0xb3b79def957b71bbL,
-        0xc5d4d6d82ae65cb2L,0xe46b42854fe000d6L,0x7f0cbea3df9a4175L,
-        0x184a74fff4816509L,0xd4309c3fda9b614fL,0x00000000000000ceL } },
-    /* 22 << 266 */
-    { { 0xc8015af9e84d1058L,0xfde0b0b44630167fL,0x75a6485be04303a9L,
-        0x386d40635dc6a595L,0xb6a7e6ddb5e1fea7L,0x88760f62a98f79ffL,
-        0x0fa02a3715ceb5eeL,0x3b5f506d6b7b4aa6L,0x00000000000000f8L },
-      { 0x03364c2377688a7bL,0x8efa63b109c6d5c2L,0xb57aa39794f3f323L,
-        0x1527ffadfc11fce0L,0xfe42ecd364d6096aL,0xfdc0cc40d56842e6L,
-        0x4e82c4c8770bfa36L,0xc43342307717694dL,0x00000000000001d9L } },
-    /* 23 << 266 */
-    { { 0x4fcdc0c1d5f4e912L,0xfa7cfaa4004a4db8L,0x25aecad367023dcaL,
-        0xca002afd5eb57cd6L,0x34541373741405d5L,0x67a0d594d3812ce2L,
-        0x7b34bef0cfcf2d6dL,0xd6cf2f835bdd535aL,0x0000000000000110L },
-      { 0x454609ac442959beL,0xe9237086b8a51511L,0x6fac92553babcba9L,
-        0x78f71e6b27e7884aL,0x92d4c3ede8f4feb6L,0x52c5d2b4420fbfedL,
-        0x009792ee9f40b090L,0x82b8ba85df824367L,0x0000000000000179L } },
-    /* 24 << 266 */
-    { { 0x3f99e9b3ee05cae4L,0x32cc71107fa0e686L,0xfefe300a1ef8a5c1L,
-        0x232d446e86846634L,0x250f4e801ce3e75dL,0xca3146f236bae498L,
-        0x41b28b529339513fL,0xf05d31b6623cacb0L,0x0000000000000066L },
-      { 0x12b4c656682f53c8L,0xc865fa0ef72ed178L,0x7d41ffbc55f68dbbL,
-        0xe4aa53b7c0ac64aaL,0x66e397bbb7194380L,0xba629db6834331f9L,
-        0x6d14e879ea0c0083L,0xdf2e7eb0039343fcL,0x00000000000000d6L } },
-    /* 25 << 266 */
-    { { 0x0397ef6f17081314L,0x9546deb646fff7e1L,0x5b4dd93bc94171ecL,
-        0x0a8a85527444b12cL,0xb1513889b9c40474L,0x9cf88d84bb2a206fL,
-        0xb910e92085c19e6eL,0x45eccb62676a3583L,0x00000000000000feL },
-      { 0xae266163ff1f2098L,0xf440e5da0d1ec4a4L,0x3253fc3f92193348L,
-        0xe74818b8e34f82e7L,0xd5a623060676bff7L,0x27b66af8199cf83fL,
-        0x3f10e57fcc0d1357L,0x5e957d2472cc938eL,0x000000000000008fL } },
-    /* 26 << 266 */
-    { { 0x575278cf18bc690fL,0xcacf60ceb54dc657L,0x26bbb292b42fbfb1L,
-        0xdc41efa143d3991dL,0xe1b66a31f437cbfdL,0x78f6b7c39a9fb752L,
-        0x91bb4eee42b805d5L,0x6be454c8c53eb4c3L,0x0000000000000003L },
-      { 0xa33f2a2a709d0dd7L,0x991168d9fb00c9eeL,0x33f59abe2755ae74L,
-        0xddbd1abb9f173047L,0xe45fa246f4075d82L,0xbaf7b425bddf38fbL,
-        0x6a934744ccd0af06L,0x3f33c9152473c3b8L,0x000000000000017aL } },
-    /* 27 << 266 */
-    { { 0x354623ea02695dddL,0x311af2095e666b21L,0xf8aaa2aa323d976eL,
-        0xff0efef950504afeL,0x87d20f09de7f31dcL,0x6295e64a7c4596b6L,
-        0xdc29db81de13042bL,0xa145cbbe42be7ef5L,0x0000000000000111L },
-      { 0x0833ee13598cec0bL,0x3915b741a55c1756L,0x56a8ab1191e38ffdL,
-        0x8ab41e3bc1b823ebL,0x18fa8910defb1732L,0xe3454a259a628d6dL,
-        0x9e4264e494e99e1dL,0x31832bb5637d5ee6L,0x0000000000000182L } },
-    /* 28 << 266 */
-    { { 0x3ee61d53e8a300ecL,0x65e529c7e0cd8617L,0xb8c03cb0077b303bL,
-        0x05eba936d5c88dd2L,0xc1e54497d42bb4afL,0xab477aafb0589057L,
-        0x55acddc8e8f70a56L,0x6579b78b4fc80182L,0x0000000000000164L },
-      { 0x535e7ff0bc97c72eL,0x65e954c9809dc093L,0x49edc4b8cd182ee3L,
-        0x804874f9877d38adL,0x20104ab16df1638dL,0x78459a4b748ee6f2L,
-        0xb895205d3504aa35L,0xbf26ac8af8089e32L,0x0000000000000041L } },
-    /* 29 << 266 */
-    { { 0x414660fad60c46d9L,0x771ea3b5defcc1eaL,0x47e275514478526fL,
-        0xe13deda6872bc6bcL,0x6a8af4a708e6829eL,0x0d234a58c0cc0817L,
-        0xc209a0b1993176d4L,0x703a36e8e4d7c55bL,0x00000000000001e5L },
-      { 0x00e521dbaf301144L,0x8cd4f076373a95e5L,0x1c409a63aacbb198L,
-        0x1712c6cf0c0dd3d5L,0xc2bc08609ade8d6fL,0x0f2f51bcce84b335L,
-        0x76bf54aa4a193540L,0x0b17b9455c0db4e1L,0x0000000000000040L } },
-    /* 30 << 266 */
-    { { 0x76251b3e9f2d82b0L,0xaeb86af12e4a0ac3L,0x01448c52ff3f9965L,
-        0xa3280f7c61042ff9L,0x1845a38fa1a3a6fdL,0x802be4bc51d4dd8dL,
-        0x189cd677d4837b6dL,0x9b052dc25af0fb47L,0x000000000000007eL },
-      { 0x91e76d5f5c765e26L,0xa63a93d821904658L,0x03318a472af96a70L,
-        0xe2b55958bc3a294cL,0x4aa9d90d9f7a740bL,0xdbb00ae4baa31d88L,
-        0x83df26343920d053L,0x33b1b418ce51fe2dL,0x00000000000000baL } },
-    /* 31 << 266 */
-    { { 0x6c95ebc8b8c1d76aL,0x70c33cc22d77832aL,0xa73477b6b48e542bL,
-        0x6d00020b6eeb8df9L,0x03888e1c3df975fbL,0xae48633704e49a91L,
-        0xfbc90f2f0d90bd52L,0x44ead1e3dfec8b7cL,0x000000000000013dL },
-      { 0xedd5fc2f83ac4742L,0x88933280ea5af10aL,0x369ae840a19847d7L,
-        0x2404ca4e99b4a8f0L,0xade7c798d4e88a47L,0x049832ae08308b57L,
-        0xb5fe206808d5ff33L,0x234872b6142fa38dL,0x0000000000000130L } },
-    /* 32 << 266 */
-    { { 0x3dff858061e5aa9eL,0xa33aef70955100c9L,0x7a52da3956ab4275L,
-        0xefe16518102c4123L,0x8faeb0188d2e4d91L,0x3516243081719f70L,
-        0x4ef1fb91fa78398bL,0x95eb0d18c351721cL,0x00000000000000dfL },
-      { 0x90c4d877e5f04c88L,0xe108471abf176e9fL,0x8efd42750ef8e8fbL,
-        0xadb1fc8e3b26ba83L,0x35050fd319bcb6aaL,0x00a7180d1e9a804fL,
-        0x23ae97b660b511c8L,0x07d0be62403cef81L,0x00000000000001b3L } },
-    /* 33 << 266 */
-    { { 0x5c7f1fa9f7983284L,0xad20a27f4cf3733dL,0x848a72d4d256795dL,
-        0x11cd1a8f31c2d9bdL,0xd101e6cc7875f7e6L,0xea169cd1013cee4cL,
-        0x7c00964f6ba5c6f0L,0xce957f49def21557L,0x000000000000019fL },
-      { 0xd87fec0c8fd38646L,0xc44d7c05105da346L,0xbbf95c4d910c4d58L,
-        0x6a379cd0ed266251L,0x3201baf27b4b75b5L,0x6835bd3cf593add8L,
-        0x09e93440b444ffa3L,0x8dd8d5428a999e34L,0x00000000000001a8L } },
-    /* 34 << 266 */
-    { { 0xcdcc17966d01191eL,0x76069b30cc266a67L,0xfe9a5cc93738b9e9L,
-        0xbf210857b8d72f0eL,0xe71cb6f7c51394e6L,0xad01d21bdaf33303L,
-        0x34c92183dc573fc6L,0xa293b60a8177e535L,0x00000000000001e5L },
-      { 0xe9e6f1516e74482bL,0xd9b14871a07f28dbL,0x9ec270143e8ba372L,
-        0x9050edcf579d622dL,0x2b3d57a3b7a0dec1L,0x5282d3fd7399d805L,
-        0x46fbf40518b06ba7L,0xf0d75d34706066edL,0x0000000000000089L } },
-    /* 35 << 266 */
-    { { 0x88b9a526ca277da1L,0xe990008438a61571L,0x899e1a40fccf02aaL,
-        0x5b352690d569929bL,0xc363f9897750040aL,0xad91ef44bd062400L,
-        0x3dc71c7812eaa485L,0x7644bd1efe306e6dL,0x000000000000007dL },
-      { 0x7f8ad11ceccd773eL,0x13cc76ea8b4bd7ffL,0xfba893a3a1e0a336L,
-        0x3563ef917150a5e3L,0x2676215848bb8dceL,0xd02351235bc0826bL,
-        0x284c75afcaf00888L,0x127c932a48b68a1eL,0x000000000000012cL } },
-    /* 36 << 266 */
-    { { 0xd877404a6fc3e4d4L,0x90f4424143959c60L,0xb11bc0dfadd26aa4L,
-        0x45c833fe8773bddeL,0x26e39709ca264f8dL,0xcc87592446314f2aL,
-        0xd9def19853ddf49aL,0xcd60de6495742a00L,0x00000000000000bbL },
-      { 0x5cb1207487d742a0L,0x41ddaa31655afe45L,0x69765ba5a54ece2cL,
-        0x575d21810b4b57b8L,0x8540de4bfdec936bL,0x2d73ccba13c17184L,
-        0xdeba26f2a345fe93L,0xf9a8115844fc190cL,0x00000000000000e6L } },
-    /* 37 << 266 */
-    { { 0x20db3c8c67046c7eL,0x5c5899fcbd8b92cfL,0x707ec19eda3d6021L,
-        0x3d4b9927fbc017dbL,0x6d8757ba35097e5dL,0x6daf1a7097e8598aL,
-        0x84677a8a65cf83adL,0x99e82cb24b4483a1L,0x00000000000001b6L },
-      { 0x85ac6ec39423cf6fL,0x746d4cd7f8ea9921L,0x7829a0ad8b6c7446L,
-        0x17833a99799b235aL,0x04cc99281cdb0e56L,0xe119f3213d1957beL,
-        0x9d723d47d6f73bb6L,0x478afffc456cd261L,0x00000000000000cfL } },
-    /* 38 << 266 */
-    { { 0xcac9ee0296bb50a1L,0x344a30a171b75917L,0x7040c29be338ca78L,
-        0x7d11b5ab7f1329d3L,0xf545164d5deb103aL,0xc056825de377a217L,
-        0xd1b8ce5d1fdc5ba4L,0x4ea7fa876b3f275eL,0x00000000000001f1L },
-      { 0xeac8c31323ff0cdeL,0x4317e5a759d122e1L,0x402d1078cf955e30L,
-        0xa26f2bb9e2aefe0eL,0xb33602a6779d0928L,0x5ad6f902966256a4L,
-        0x9f13eca6064745a5L,0x49432dbade6d235bL,0x000000000000018eL } },
-    /* 39 << 266 */
-    { { 0xa1dd69bd5714383bL,0x1ecd74467128e274L,0x5c14f4e26a0407deL,
-        0xda00128e3ea0e272L,0x3f07ca2c2e4b7815L,0xc886f05e80348645L,
-        0x987b488fb9edab2aL,0x56a44c68aa59100cL,0x000000000000000cL },
-      { 0x31c490fc20216efbL,0xc7d7cd07a226907eL,0x4f8dc600fbb809ddL,
-        0xbe7d49f895a97bb8L,0xc8632c28bc899729L,0xbccde2198bbfdb6fL,
-        0x9c20db29a3bffcd9L,0x63ae8bba2a16b4f5L,0x000000000000016dL } },
-    /* 40 << 266 */
-    { { 0xdd8026ea8d40a41fL,0xb0e2795c8f0752e0L,0x6f120a8d5e6d1f7eL,
-        0x0aa99441abaf2381L,0xa60677641815fcf4L,0xfa43027bfe2668e2L,
-        0x74557a4f87d678a7L,0x5c068d13c6096024L,0x0000000000000053L },
-      { 0x0ce11532bfd0f624L,0xce62d3a67e476a2aL,0x467ae9f11667b2b7L,
-        0xc418d77f4e4ea4bbL,0xb96c33825132ff6dL,0xca75d16c5fdb9483L,
-        0x24cf4df2d08f6f87L,0x70388217eff3b645L,0x0000000000000106L } },
-    /* 41 << 266 */
-    { { 0xce9620b3056271d8L,0x6612d8926cf33e57L,0xcd12436bbb8f54f3L,
-        0x98972847878977e9L,0x066c6a3753a12cf9L,0x80af4b986f85ed96L,
-        0x939721e3a7d2b688L,0xc07ca3cfe4b6e967L,0x00000000000001dbL },
-      { 0x5b3c9f28b32ef369L,0x2e365cec90bec7a7L,0xd2755e2441f7a73dL,
-        0x6eb6f889ea6be0adL,0x19a373073dda2212L,0x07bd68ee7ab4b633L,
-        0xadab0fac6a787bfcL,0x5cf888d8ce37e38dL,0x00000000000000d8L } },
-    /* 42 << 266 */
-    { { 0x9818697810a4cecaL,0x6360bc55d3c03045L,0xcebe3bc3f1e322f0L,
-        0xfb5d861458625a5fL,0xe91937a64f41216cL,0xd94e229fa392d9f4L,
-        0xe9cbfba022aa028bL,0x7c8a3d9b9f26e506L,0x000000000000004cL },
-      { 0x8095d4ac44690ed0L,0x8e76d94ab578e759L,0x25a1ead877504659L,
-        0xe7ffc4626bd2caf9L,0x18085dd8c7dcce0bL,0x336faefbf5476396L,
-        0x5e94e9dde08c63f9L,0x9be80bf65614a1c5L,0x0000000000000051L } },
-    /* 43 << 266 */
-    { { 0x225252040c05d291L,0x8254fc5ea459cd01L,0x7826a55fb121c3b1L,
-        0x0000dd29a49d91aaL,0x49463679dee46523L,0xcb5fab5db2c6c30fL,
-        0x70d7ed1edabb3865L,0xceac3e388d1d4152L,0x000000000000012aL },
-      { 0xe5ab8203b1dc6339L,0x00871ca7d6a1dae0L,0x3831e96762dc6379L,
-        0x6d423be07a6a29caL,0xad645df0e61ffe3fL,0x68567d31e414b0ceL,
-        0x48455422119b3661L,0x6860c25d6c3cf9ceL,0x000000000000005dL } },
-    /* 44 << 266 */
-    { { 0xf04691638d0bc669L,0x62b84488e939f5a9L,0x0d3f495380fe63b5L,
-        0xe39a7aa158880c15L,0x74df281ee613f21dL,0x908934dcfa016692L,
-        0x5b9cf6cc980904b0L,0x0f3aa0f43a17dd3aL,0x0000000000000105L },
-      { 0x346bd219651d59e1L,0x51024297c71b37bfL,0xc634d031f0640f18L,
-        0xa657da60ff003294L,0x9cfc79fc15aabd29L,0x56807dd77b4a869fL,
-        0xcd97cd8959d9033cL,0x58640103a3233c39L,0x0000000000000090L } },
-    /* 45 << 266 */
-    { { 0x1c1d333fe7c0c2e9L,0x5dad349290d5ed65L,0xfd50637bd1fbf910L,
-        0x73765e39d92af73eL,0x97100d8c7e12eac1L,0x2dd53ccca486a059L,
-        0x0a8949c5fca9464eL,0x86fee09ec1d1e819L,0x00000000000001f3L },
-      { 0x14a6857f2f1b392dL,0x55e63e4b61f6f679L,0x096b8806e2721792L,
-        0xe0c5fcf597b80c13L,0xbabc39f6d78c2248L,0xd7a963e14b2c3516L,
-        0x5d1bf511e8c0ee67L,0x15b6e43183b7041aL,0x00000000000001d8L } },
-    /* 46 << 266 */
-    { { 0x9fd0467622691895L,0x7bc9efbad1407b18L,0xbeaa1052bef6c449L,
-        0x5ec3fde4887ba913L,0xdc330887b93cc69fL,0x2f45e738189d6049L,
-        0xa5561ceda7b55419L,0x6c02e536c7c0c880L,0x000000000000013fL },
-      { 0xc480b98a11c8b600L,0xbce33f4ca381f348L,0x0993dfc429fe9783L,
-        0xde78a2b0e6c1590eL,0xe61ed1285347e99dL,0x51af7410e78af478L,
-        0x65be48f114275d9fL,0x3434df3d7cf1aca6L,0x000000000000011fL } },
-    /* 47 << 266 */
-    { { 0x2eb82ba1bd51b234L,0xc17a47adf106770eL,0x913b0804bcdd7ce4L,
-        0x2be5948e905cd641L,0xa2db49622ce3902aL,0x22c48f2c8ad6d3f0L,
-        0xab188f07cc119a95L,0xd8177552595fd7a9L,0x000000000000003dL },
-      { 0xd4de0f9cdbc3d844L,0xd195cd3257218c66L,0xbf9e5b684e68fd4aL,
-        0x6e6f3122bc74f17eL,0x6daa87f5d46c0547L,0xf636ac5282c5a92dL,
-        0x897bed5f780d6a32L,0xbcf2b58bde400db6L,0x0000000000000146L } },
-    /* 48 << 266 */
-    { { 0x79ba87baf1c9c2ecL,0x0e53555266aab703L,0x31d1d9712c990b59L,
-        0x1e0b5d0e12c6b29eL,0x014d53ff563bcab0L,0x425986f2f64309d0L,
-        0x475fc9d5318b9d6cL,0x02739c50ff59e392L,0x00000000000001b2L },
-      { 0x8bf58dfc16f1caccL,0x1c93ba4e6b08ce06L,0x79b5e0399fe18430L,
-        0xc9f67bd47de66325L,0x5def2733713d0fefL,0x31bd8b37b9945412L,
-        0x8b2b69f3f3b99628L,0xf08a7e5a3118ce62L,0x00000000000000d4L } },
-    /* 49 << 266 */
-    { { 0x421966e5b03d785fL,0x3dbb06bb2db82562L,0xfef17870e406ab4aL,
-        0xa6f04241b0f7f7ddL,0x69b5bcd1cb5270d7L,0xecbf4272e68d39e4L,
-        0x722a3a295fb029edL,0x12e1d8236a535ae2L,0x0000000000000080L },
-      { 0x57f3541d31af5bf7L,0xa9463bc40db44d31L,0x320dc4d335748c65L,
-        0x86e70f72eabc0fddL,0x47911116c02d0191L,0xb66114907b95b2f9L,
-        0x60ad777bb050875cL,0x168967505cfc66b9L,0x0000000000000015L } },
-    /* 50 << 266 */
-    { { 0x2f89c1663c2c5333L,0xddab9a55df09beceL,0x4bf00d3c6640cf11L,
-        0x8366d23df05a2e65L,0xaf81ce01e2c9f1ecL,0xbca9287ae2678ff5L,
-        0xab1854ea91ec560bL,0x2c74e77c6381b109L,0x00000000000000c8L },
-      { 0x36214f8f0b1c20e1L,0x658bf89c86a631eaL,0x160b2ce485061fe2L,
-        0xf7d151ea1d7b78f5L,0xb50a06792bdd0675L,0x8dbbd631d2f1cae3L,
-        0x2548deae849ce90bL,0xba74f3b7bb58c6f7L,0x00000000000000ffL } },
-    /* 51 << 266 */
-    { { 0xdbc33fff01a3ae90L,0xdc1fb1371737a61aL,0x7213e66891def29eL,
-        0xd99530b841d7df49L,0x23a50594943c90e3L,0xfefcb98881dd6daeL,
-        0x736b8505dbf5986bL,0x6f4c28a987496a5dL,0x00000000000000f4L },
-      { 0x92d13be9ca00d61fL,0xebd928d6dce1556dL,0x307e3fecc71ae83dL,
-        0x2a4939c2c15ca194L,0x13947cafbcad067dL,0xf4ce58667d41f480L,
-        0x1ef59d7047e07cecL,0x5d8068403796b61dL,0x00000000000000b1L } },
-    /* 52 << 266 */
-    { { 0xfea0d82ec8a4656dL,0x0fa181b503d94a84L,0x3666bfd2f8b5c4f4L,
-        0x4e246013619d399cL,0xea46dfc9c11c1ce3L,0xdfb408aa10af3583L,
-        0x94fce3f2785d7d61L,0x3244f6181feff091L,0x00000000000001b8L },
-      { 0x939d98f4add4f84aL,0x4c2e3d15e9d04356L,0x08529c57c5d1729dL,
-        0x4966bf7709597836L,0x03b9958cf4b32760L,0x2e7213b46a9536d0L,
-        0x455ceb5984faa490L,0x7d83e2f5146ed682L,0x0000000000000004L } },
-    /* 53 << 266 */
-    { { 0x3006b4db99b32f7cL,0xcc70659922b7c67dL,0x2ef09c9c5259dc6dL,
-        0x732ef8c90faf1eb3L,0xf3c83942a1837500L,0x6633ddde6cc28b75L,
-        0xd1c95f71e1ebcaa0L,0xcd6609dc9e548e3bL,0x000000000000017aL },
-      { 0xb35f17893b3da933L,0x8d169444379ef7f6L,0xbc00a35a8c84c365L,
-        0x3411d83a5ea4534aL,0x209414cbada5b0fdL,0xd0ae1bce1a59ed3cL,
-        0xeb7542c292c524f8L,0x0d233104eb75a43eL,0x000000000000003bL } },
-    /* 54 << 266 */
-    { { 0x9a4dd7b8ac1a7884L,0x2067b936b874749eL,0x52260e05d13b0d4dL,
-        0x61476a10a9c3e750L,0x2047d74ca0f97967L,0x8655120d1d34b122L,
-        0x60cd407c935034ebL,0x499ba4dd8bbe83b1L,0x00000000000000b1L },
-      { 0x6213fd52b2bdce3cL,0xda3f6f864cc05a03L,0x24183f37b78a7247L,
-        0x996bea8201ebedc6L,0x7de1df0aaed2def9L,0xb59c1f5a624d5b0eL,
-        0xd9b892084ec7e5ccL,0x230df59c54090935L,0x00000000000000feL } },
-    /* 55 << 266 */
-    { { 0x0e683a79496c5739L,0xd855e4884737520cL,0xf3b0fb38b1dea15cL,
-        0xf5118c492c55746fL,0xd313798ab9dcf49eL,0x33e97020992ef98fL,
-        0xc6ae345eabd13522L,0x47fa0669425f9edbL,0x000000000000012eL },
-      { 0x697599ad5e3eb523L,0x977313269216d4e8L,0x2bf6d652088d222bL,
-        0x852230c5114a21aaL,0x8e713dee3f02aad7L,0x02c85a4ffccdaa39L,
-        0xbebd0ff6b7a53b32L,0x103bd947b9b77764L,0x0000000000000199L } },
-    /* 56 << 266 */
-    { { 0x984d21e6b92a02beL,0xf2bba82c09f08a26L,0x9c4259d1909fba26L,
-        0xa36bcd437030f0a5L,0xf6c218e468ae6f05L,0x199a1ef30ed869f9L,
-        0x803860ff417e95faL,0xbd6bb9b4f29f7c84L,0x0000000000000130L },
-      { 0x5fd4e3b2d4e924d1L,0x388d2e0a9b2814d5L,0x8e4696653e9b1aecL,
-        0xe24a5cfe9a8320a8L,0xffd986e2a83ed877L,0x8499105d9c00fbc3L,
-        0xc6b2171f73f5deaeL,0xf1432d70f9d058f7L,0x00000000000001e3L } },
-    /* 57 << 266 */
-    { { 0x030550d7132338dcL,0xd768b93af6e8f267L,0x90ea975362c49edbL,
-        0x3d4ff755ca1676faL,0x2a6f71962a52f67cL,0x85f2473be355efcaL,
-        0xe1fbd88920c998dcL,0x70bfdc6fd8491c54L,0x00000000000000d1L },
-      { 0xcc89bbcf2b71306aL,0x10ea9edd6100aaa5L,0xd1774fbfe1f76710L,
-        0xf006f841ec8bb412L,0x7dfaa7290c2fa1dcL,0x45cca48e8fed926cL,
-        0x4600d2919e67f94aL,0xe363f267269a4cefL,0x0000000000000132L } },
-    /* 58 << 266 */
-    { { 0xd167783be279b76aL,0xa10f42afc988d262L,0x41da90eb8a53ddf3L,
-        0xa66061125539740aL,0x0575a23cff000f06L,0x150f47e563a5124eL,
-        0x8c923bf91a1c07a4L,0xac510583f4752dadL,0x00000000000001d7L },
-      { 0x32fa0b887c3a94ffL,0x7625bb5ffb91c0cdL,0x2f2be34111b94d00L,
-        0x824f6bfebcf2e24eL,0x95a9120f6f255fc2L,0xbde9336c35e3c721L,
-        0x95742cc454f31228L,0x689d8bf3a899e1bbL,0x0000000000000155L } },
-    /* 59 << 266 */
-    { { 0x04bab74886920088L,0x0cb1d789aa224f96L,0xc93eb318d28e0286L,
-        0x523d44902dda423dL,0x5150f518bcd81054L,0xe0443e329498fbc3L,
-        0x0089a01e8fd77381L,0x7f5cebd637ce0637L,0x000000000000011bL },
-      { 0x40cbeb26cb481b5dL,0x29d513b817e35565L,0xf884cd0182b961c8L,
-        0x2ebd1a191cf01a93L,0x2ab31a0b8f398d6aL,0xa15f3eaec09c3a9dL,
-        0x549b4cfc31f19b5dL,0xd42d563bdb0d2199L,0x0000000000000164L } },
-    /* 60 << 266 */
-    { { 0x8626cba3cd27ff10L,0x5f83c650dc15323dL,0x370d973042cc94e3L,
-        0x06ebd6efdb164003L,0xcda6f2d782850e4bL,0x74e500ef17a82fcbL,
-        0xddab08dbb228248bL,0x56e403d5870a453eL,0x0000000000000083L },
-      { 0x507272fc79dcfe50L,0x25ee735db3d2ba34L,0x92386ed3fc3349eeL,
-        0xb0a88de8f9ebdeb6L,0xf1ef010cdd93abf9L,0xead25256a0838914L,
-        0xce2acbc0d54b6544L,0xbc78ce9a7c94ce27L,0x00000000000000d9L } },
-    /* 61 << 266 */
-    { { 0xc6914e748df59decL,0x1fe914fc5fb68222L,0x6927c9ee4c5a99bcL,
-        0x6b391ac926d71724L,0xb702eac64ccabd0bL,0x30140f3225ef1fb0L,
-        0x2925f1a5368574cbL,0x019a246c817bdcd8L,0x0000000000000148L },
-      { 0x8b5bc82843a579fdL,0xa7df3a7e0428a197L,0xdc92a823b299e290L,
-        0xb4796ea49b9eaf60L,0x37fdf758efff2b39L,0xb51d61b119a00b8aL,
-        0xd0ba025158fec2dfL,0x4481424bdb70c86cL,0x000000000000019dL } },
-    /* 62 << 266 */
-    { { 0xdaf4f001c3742075L,0x9d21b51ee86d1e9cL,0xfe5359f1041b08a3L,
-        0x68890b43565a56b2L,0xa5dd5889cf437ef2L,0xf78e7c4621323d5aL,
-        0x0d6b8410646f2ff6L,0x7d08bb8206a40139L,0x00000000000000deL },
-      { 0xd9a729497ac5686cL,0xf03be45847486981L,0x7f3c9dc4cd31b81fL,
-        0x5c3b01b791730a67L,0x4abfeae42bcdc09cL,0x3e98e2ec1f65b976L,
-        0x280fe587b1686b96L,0x7038ea9fbcdb3f69L,0x00000000000001c2L } },
-    /* 63 << 266 */
-    { { 0x0788729410b5679fL,0x4a660d8e0e9207b5L,0x65f23f96a702eeb6L,
-        0x4d2892f71035ebdfL,0xcf6962a6237548bdL,0x599710afb3dc6988L,
-        0x0787789e9e8129faL,0xefe5135a7b65d139L,0x00000000000000f5L },
-      { 0xc1041db3dc996150L,0x61f30cbfb3b9717cL,0xcc86186dd933fafaL,
-        0xa89429239edd4ba5L,0x3b35f50b2d323ad7L,0x8f43b479acc1d0e8L,
-        0xda38daa46793e392L,0x564b87346fb6121bL,0x0000000000000004L } },
-    /* 64 << 266 */
-    { { 0x0e13c1ddcecdf0dcL,0xacd530b6eeb9aa6cL,0xbe3c0fc80af8d3a8L,
-        0xee67f380ce44ae8bL,0x9adc56363854b528L,0x527f7f90130f4497L,
-        0xee085713e80c35ceL,0x29bc4b3e190fae23L,0x0000000000000064L },
-      { 0x17ea6fb5dbb3838aL,0x192eca92b425af89L,0x5fd3bfcf85a94659L,
-        0x8d75b3f5daa4b4ccL,0xbacc18b89bee144fL,0x57591774ff60ec49L,
-        0x319cba952363ac43L,0x6c0d079e472ee36cL,0x00000000000000f0L } },
-    /* 0 << 273 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 273 */
-    { { 0x28cd16ce7333eea3L,0x601ab611845655fcL,0xf18179d957ed4bf8L,
-        0xa704b004172167c2L,0xe22ec70382e3fcf3L,0x4cd9bd0de64c4745L,
-        0xd1eb58dfec9737e7L,0x540c29e8e6658aacL,0x0000000000000124L },
-      { 0x4f35d47d4b18bb58L,0x3ee2a66ad4be21bcL,0x9d3d69a1052b60fdL,
-        0x556347ef8f07eb0dL,0x66014006165af89bL,0x808eb84331e62cc0L,
-        0xfd119574309553a1L,0x4945b9cd7656234dL,0x0000000000000060L } },
-    /* 2 << 273 */
-    { { 0x05bfabadb30c227fL,0x163a01129ca0d9f2L,0x448f630b4a448ffaL,
-        0x7a304fdcf52d44f0L,0x4ceb9902f50356e7L,0xe7615ab1c43b436bL,
-        0x9fd56374d63f192dL,0x38470c8f418bd616L,0x00000000000000d1L },
-      { 0x4b42c1459554d529L,0x5556cf8b2bfe7bc9L,0xe28b6f8994eb909cL,
-        0xc00748ee637dcaabL,0xf71e0fcffc076bf8L,0x57642f92b580d617L,
-        0x755fdf2e1d91f20cL,0x9c3c9c86dd5ab14eL,0x0000000000000187L } },
-    /* 3 << 273 */
-    { { 0x8dfa447387950112L,0xd032940ae8d5c1aaL,0xeb909e673379771dL,
-        0xe780d40da336a4f3L,0x318e1a69ce022106L,0x36b6b1748702e3c8L,
-        0x327e8db4f8e60cedL,0x9c1a790b8380c97eL,0x000000000000008fL },
-      { 0x8eec3caac6534a9aL,0x650fa0d556cfdcf4L,0xfe45e2ce58c3798cL,
-        0x320fac25a60e6872L,0xb399ec98ef983104L,0x133c9f01be57c16eL,
-        0x9736e7543b73b0a7L,0x12c0ce90b48f9618L,0x0000000000000155L } },
-    /* 4 << 273 */
-    { { 0x2ff940bfa7c8fc21L,0x9b3cbeeea6a86c6bL,0x5cd96c7d171573a2L,
-        0x49bb08e812cb3013L,0xddba493e34b92d91L,0xa56f49a5ef35e196L,
-        0x7a454c1c2cdca6c3L,0xb9c038ae684d25fcL,0x00000000000001b7L },
-      { 0x15adc72daf46c7eeL,0x21450db25eaf9891L,0x115517e153a32b0aL,
-        0x5bd9d862e26d8171L,0x991737bf3f8e37e8L,0xcbb33580531a836dL,
-        0x96aff0213d976493L,0x9be26568ca69b662L,0x00000000000000beL } },
-    /* 5 << 273 */
-    { { 0x32d089edecfa97e6L,0x9bf82c96b9f080c2L,0xf1798cd9af6bf9aeL,
-        0xa111bd63cc9b8764L,0x9d1aebb4295a4931L,0x37f6c9ac32442dc0L,
-        0x3785c17e6d6b2b32L,0xae63aea3ccbaa5adL,0x00000000000000e9L },
-      { 0xc2207aa55718e310L,0x5aaede6c9004a15fL,0x07e98d521a4b7f1bL,
-        0x351eca4df3f71723L,0x0026164672a30c08L,0x838f24ecf46357d8L,
-        0xa8278e1a05348650L,0x402ee68e10ec3795L,0x00000000000001e9L } },
-    /* 6 << 273 */
-    { { 0x91955973e33296fcL,0x83dc2cea4212671bL,0x59b7959a3ef3d3ddL,
-        0xad706c14147b4051L,0xff0e938e46217be6L,0x3550f6ba963236afL,
-        0x26a254a435de4d64L,0x829799ebd3fb0643L,0x0000000000000194L },
-      { 0x30dcbccb348f4e93L,0x1211c003aaa258acL,0x9d8500d9383698a3L,
-        0xc2c4310a530725faL,0x6f60e024d88235feL,0x1bcdbca5715c563aL,
-        0x2100b4b2000501c5L,0x9f483a0505c8bf39L,0x00000000000001f5L } },
-    /* 7 << 273 */
-    { { 0x618d04f0001b7109L,0xc5cbefa8a94e8a9cL,0xd5f0e7b20aed80f2L,
-        0x9c876050cd2e2661L,0x18a046bbe3f15e9bL,0x3568d9e165664a6bL,
-        0x8ef9c3b4b0b7229eL,0xa779b68d66dde1eeL,0x00000000000000dfL },
-      { 0x9997a707b3465741L,0x28192afa90f61124L,0xea06c8b89ace2e5bL,
-        0x208f1ad1acb7cf35L,0x1ac49e4ae569efa2L,0x7daffa0f8368ecb8L,
-        0xc559483f40e4879bL,0x8de74638753b0b83L,0x00000000000000e5L } },
-    /* 8 << 273 */
-    { { 0x51db2d9d07207165L,0xc7d56a41c3d4c59cL,0xa47fadda4e278b0eL,
-        0x5c3964e204ffc588L,0x52bc9f389719ecfdL,0x2c9292c035a04049L,
-        0x885ff9bafae7580eL,0x2319a2dcd5cc866eL,0x000000000000015cL },
-      { 0x8b77ddb70ae9af6eL,0x0e21b050dd7fd36cL,0x35d968ecdc8b9c19L,
-        0x6f3f0785a624ad4fL,0x97778a681d42c97eL,0x86103bf0a2a4342cL,
-        0x0aef36fd3ababc35L,0x46c8fb212fe10364L,0x00000000000001e1L } },
-    /* 9 << 273 */
-    { { 0x21488bccf8cbba8bL,0x6cd7d298c6cd24b8L,0x0c83f3ee5de8e8e5L,
-        0xdf29c9784582fcabL,0x7024c1526806aafcL,0x979cd4ff958067f2L,
-        0xc13fbc7c8cde09dbL,0xd468e6f5da3a5090L,0x000000000000000dL },
-      { 0x1ba673a47757fef1L,0x6992b5485070e0e7L,0x8b2c42327acfd5ccL,
-        0x27210f84a508dedaL,0x883d6e39c2629e49L,0x1b83cba19e7dd61dL,
-        0x455f212a4f2bee2aL,0xed70ce46ee719f5fL,0x0000000000000182L } },
-    /* 10 << 273 */
-    { { 0x5c3a0ed97adc9d29L,0x37ad64e4796a4dc2L,0x0d5920486ce3c6a8L,
-        0x2f5d313d166ba729L,0xda128b7bb5ea827fL,0x97c63821f4a68914L,
-        0x35a2d15501c3f074L,0x07fa2fb4b80123e9L,0x000000000000004aL },
-      { 0x408d54c34c208ee5L,0x75119aa6b2f910c3L,0x424a684d1453eecdL,
-        0x800c87a64e1cc60cL,0x1ca02fe5f835f438L,0x019870df716b0991L,
-        0x94e36e623cf7b652L,0x45cc33a25dabec4cL,0x0000000000000019L } },
-    /* 11 << 273 */
-    { { 0x304d81e391a9d18eL,0x152664f7aa95f5c9L,0x6507a739a51eeedcL,
-        0x77d8c41271aadc19L,0xf9908b36a7b6ba22L,0x8b2dd6ce2d5c2f59L,
-        0x38f2787cb66f5e0dL,0xccd13ca9b2c40bf0L,0x000000000000012dL },
-      { 0x1887e4a728b4694dL,0x417981e3a25eec32L,0xe07f28ff6490e81dL,
-        0xd2ba6c79f00abe64L,0xe0af21fccddfeb36L,0x82fbcfeb986898d3L,
-        0xae77cb38e0718462L,0x0818cb63fba01b54L,0x0000000000000193L } },
-    /* 12 << 273 */
-    { { 0x188c77cc75eccbbdL,0x424f7ec52aa03503L,0xfa5819b9c8fde26bL,
-        0x70a39f9b566dae00L,0x70ea7dfba22f5199L,0x502f681e60b863e4L,
-        0x0fd204ff4581af1cL,0x536f4b875d1aa7e9L,0x0000000000000044L },
-      { 0x52d311fb5713fa2eL,0x28d3afee2b0af3a0L,0x82aca5d14dec093bL,
-        0x9d6a3856a946f620L,0x91eb4618e32ae798L,0x62580350783bff5cL,
-        0x610110e5b76e4c61L,0x76287f2f3c2ae4aeL,0x000000000000002aL } },
-    /* 13 << 273 */
-    { { 0xdc5bba7b75716569L,0x41487a141dac5c65L,0x36e2a740b5c823e7L,
-        0xe40d249065e0b210L,0x77d4708f8839779dL,0x879b9a4ba1d7eab5L,
-        0xb3409669311b4f51L,0x6d1899fe423b3b2fL,0x00000000000001e1L },
-      { 0x2d351db99db2b624L,0x7143d053d054c63fL,0x3ad8fce9c5ae5097L,
-        0x98ac8ae089757358L,0xcbb20672ee232061L,0xf703f203c02c786cL,
-        0x9f7f153b2f4907aaL,0x2b2d7f4056eeb499L,0x00000000000000dfL } },
-    /* 14 << 273 */
-    { { 0x5054d6c0d4daec55L,0xe75aaa4d2d795df2L,0xa72ffe306da506adL,
-        0xe019fd58e375432eL,0x9827f72b4fde3a24L,0x54f713e42a3320a5L,
-        0x41408596baa1f5f6L,0x9c42b30fc65b3ff9L,0x0000000000000038L },
-      { 0x1b36dca6031dba90L,0x5e80043e0c0c3559L,0x17a387f6a3a6c663L,
-        0xc9a8c64f000711d6L,0x304a1f4178156da7L,0xdc5de4a9cbdd6bd9L,
-        0xf65f6d1a599ddcc9L,0x591e35e24c1e3e7aL,0x00000000000001afL } },
-    /* 15 << 273 */
-    { { 0x8a775e63fc349e8dL,0x25de6478e3b39a51L,0x1962bc0927ae51faL,
-        0x7d3cc7f79952670cL,0x9a09a697059050f0L,0x392dbf4355234066L,
-        0x1cbff05524efc89bL,0x68a50b092f805012L,0x0000000000000078L },
-      { 0x1c48213e47bef4e3L,0xae844a2a0d5e95d2L,0x95f0efc014c40369L,
-        0x0e1d7c2d59ee29dfL,0x1ed16e33d68d68f3L,0x0c54c8d47babfe13L,
-        0x155a3aa83b036552L,0xd9fd099e9efafce5L,0x0000000000000123L } },
-    /* 16 << 273 */
-    { { 0x2fe08a10462e6862L,0xa86db08f35ca4eceL,0x4af069a05960b9c7L,
-        0x9f0086014c7fbbe4L,0xfe91aaab59bcd54fL,0xbb6cd66467a1bc8aL,
-        0xf3b3590354ab69bcL,0x2d5b1227ff914c06L,0x00000000000000f9L },
-      { 0x22226588f7d5ac27L,0x5bf4d921d14893e4L,0xa0a5c850c384f172L,
-        0xc5deff764351441cL,0x9cba07b4539d45baL,0x324345620a80ae0dL,
-        0x0e144257bb44f664L,0x1c5c19c163da2750L,0x00000000000001a4L } },
-    /* 17 << 273 */
-    { { 0x51e56fd2377fe385L,0xd7492e760b164c7fL,0x2f6b60c80ef96709L,
-        0x9b0711e5922f73a4L,0x94778ad3f280a8eeL,0x64c426437a4bcefdL,
-        0xb0c26afc659c9918L,0x82ee9fab35019434L,0x0000000000000074L },
-      { 0x3d35f4ad7e800ff4L,0x238e7f313d01d6ceL,0x172c4169e901ebbaL,
-        0x3232f5673a643a41L,0x4c6f397f79701e48L,0xc8b78dae42cb8029L,
-        0x456590ca23d30eb2L,0x4822aa96ecef86a1L,0x0000000000000136L } },
-    /* 18 << 273 */
-    { { 0x2827509940aa836bL,0x4ff61db18e6dfe44L,0x8402c1a4b2ff8beaL,
-        0x35306c0483432ff2L,0x038990de7e604bd8L,0x24c5056d94db9d3fL,
-        0xe7b9a01fdf1dc845L,0x10d538b1c5918c0aL,0x00000000000000a5L },
-      { 0x1d80e8bd54959824L,0xcb6fd66c89a5d7e9L,0xf3af6940860e3fdfL,
-        0x421ce5e8563137c7L,0x03e6f677661866ecL,0x71e09e4b5276a885L,
-        0x915f8f97aa9aeb74L,0xa95c50572cc76508L,0x000000000000001aL } },
-    /* 19 << 273 */
-    { { 0xb3809974fb81dcebL,0x04c8b5f63319a12aL,0xfb0f28c8888e81bcL,
-        0xacbe4a1d2ad580c5L,0x98364afc0bb15f66L,0x989e8123ad9238a6L,
-        0x1c447ce56b1c3603L,0x5aefd392295aa36aL,0x00000000000001c2L },
-      { 0x9710f3e830cc890fL,0x7282afbae4c45659L,0x14ca9438c207839cL,
-        0x1ed458d898c2b015L,0x3f2a4c7af1ba2f97L,0xd9a0fd1c44908498L,
-        0xde8553a737b341a7L,0x2da1c2272e563011L,0x0000000000000140L } },
-    /* 20 << 273 */
-    { { 0x73d2ec27a3fa7b6aL,0x97ae7b3a601abb5eL,0xd42c967294f25a78L,
-        0x9516e3b715a54045L,0xae7bcc8d6b889d29L,0x1cde169f55b50252L,
-        0x52e0bd3767c5274dL,0x8784031d2ef34a50L,0x00000000000001ffL },
-      { 0x8993fe21afdcf8acL,0x09332a37f854b7d7L,0x7e59ab356cf0ef3dL,
-        0x296081d775691e53L,0xadab7d8697d96038L,0xd517a740df09ba1eL,
-        0x0883ca2d330b20e9L,0x930bfd5f43b56a48L,0x00000000000000bcL } },
-    /* 21 << 273 */
-    { { 0x8f9362b782308867L,0x4c617f3d2b121634L,0x7128d265a0c31abeL,
-        0xb149770ec374c526L,0xa30771d74c5ecbefL,0xabdc769627acda27L,
-        0xc258797b6450a1feL,0x8f0ac6d683044b48L,0x00000000000000b0L },
-      { 0x92e7643b6ce14f0dL,0xbb0cc016cc8cf431L,0x7a9fce4ef1056d87L,
-        0x7ebc00349fd21abcL,0x76ad91162c8c09ecL,0x38a51d4d3b161bedL,
-        0xe1f7286b9a9b8590L,0xd2bef39669822c45L,0x00000000000001e4L } },
-    /* 22 << 273 */
-    { { 0xceeadc92e3dba9dbL,0xd218a237a95c8cffL,0x03302b21eaf709daL,
-        0xbf3e305a8111468bL,0x72ab2ec07e82860bL,0x1a2df5a3e186f8f4L,
-        0x12579936f1a95aecL,0x61e2b1e1c19a4e2eL,0x0000000000000000L },
-      { 0xcc6802561edb4b21L,0x73d87649d7bdc78eL,0xe440ad1918073608L,
-        0x016ef0c7d90974abL,0xa466d5335c7e0663L,0x2885493eee21a1a9L,
-        0xf459216a2e4d05c1L,0x6dbce2c807a94608L,0x00000000000000c1L } },
-    /* 23 << 273 */
-    { { 0xfaac87ee84d6cef3L,0xd90ce8f916e9316aL,0xb90a157b7c9c7338L,
-        0xed9b08d2005e1b8bL,0x2439244636898a59L,0xa6ca07901c2f7350L,
-        0x9a93d39ad9447b26L,0x56acad519cb4c8a9L,0x0000000000000051L },
-      { 0xf8f0216874848490L,0xa86f9dc8d08c617aL,0x49b48bf8a0731a33L,
-        0x78126e62538afcd6L,0x40cde5c8ed4d2ea8L,0x254dee95831e1aebL,
-        0x7532ce3731639537L,0x27fe56322d4f834cL,0x000000000000012aL } },
-    /* 24 << 273 */
-    { { 0x604b730ef1ebe533L,0x336e362e0b4b9191L,0x246e5c1ab711e872L,
-        0x652dc2c1f46e3f97L,0xc3492e151398e328L,0xd85f2669475cd2bfL,
-        0xb4b28424a3c972bbL,0xf3d5711649a9ac4eL,0x0000000000000148L },
-      { 0x2a5e5f5425e365feL,0x9202ddff6abd415aL,0x314e872acb24f45aL,
-        0xced1dcd9b7bcc7d1L,0x0d39cf240377ce8fL,0x75eb96c9d1065414L,
-        0x984b4a459fe0ee9aL,0x8237616704703ab1L,0x000000000000011fL } },
-    /* 25 << 273 */
-    { { 0x2839ff0b73edf179L,0x0c86f7213c27933eL,0x0635f21660380a50L,
-        0xe30ac47e08978124L,0x9ef7580ca3c4c0c9L,0xfe842e3b5c323f9dL,
-        0x320eb96f2322e2a9L,0x37e518f3ea489b6cL,0x00000000000000e9L },
-      { 0x382199260b9d992eL,0xd96ade19441272a1L,0xddfb5d87ff188af1L,
-        0x0bb3a1d0afbb820bL,0xc81b98b73d9f94e9L,0x9fd45fcc0f4b8cbbL,
-        0x2b2e3a3ac5127190L,0x92c22ecf750fda83L,0x0000000000000047L } },
-    /* 26 << 273 */
-    { { 0x614ba6ccc44776c1L,0x80fede5815132829L,0xd69d5d613359d3ecL,
-        0xf302a63e0d76029fL,0x201938b1bc711f3fL,0x1e7db241764f0544L,
-        0x466d273d60c27af9L,0x472d12f244190095L,0x0000000000000027L },
-      { 0xb30bbbad213788c2L,0x64d2b58670427068L,0xa0040d46f4c71bcbL,
-        0x025d2898a6fb55daL,0x8f6bb191b5d4d6c2L,0xd9899a763ad65acfL,
-        0x08acb6e19fea8d7aL,0x75cd5e5c63dd79b2L,0x00000000000000a9L } },
-    /* 27 << 273 */
-    { { 0x217ede5bae998a64L,0xb49ddfe7f6bdf2a7L,0x27344e0df7b9fd0fL,
-        0x6692431a88552d89L,0xf22f33be0cc964fdL,0x56140230df10ab05L,
-        0xded604f02c79339eL,0xeb4b1cedf36bd72aL,0x0000000000000079L },
-      { 0xba2b0ff9f7844c49L,0xbda1e2396fb21a72L,0xe9ac028a95fb942eL,
-        0x33324e2b37bffacaL,0xb5068cc3dcce1f97L,0x3cf1b594dd4cc89aL,
-        0x65c4fd79ab81d662L,0xffd08615372b50fdL,0x000000000000018eL } },
-    /* 28 << 273 */
-    { { 0x06b3e15d5771af61L,0x1235e2b0a0b64d87L,0x5454afd261821972L,
-        0x94396699d6c76c37L,0x2aac7459c61d6be6L,0x94893168ca05d3cdL,
-        0x8d77047bc2250b78L,0x9adb6b8db1a06efaL,0x00000000000000c4L },
-      { 0x8cbe58961a7b33a1L,0xd75a2d7bd83f7033L,0xe81731f314f445d2L,
-        0xe905889593c865f8L,0x6caea833605f5264L,0x96df9656e3b6d3dcL,
-        0xe7afb0760b224f18L,0x4cb4c72107aa123fL,0x0000000000000090L } },
-    /* 29 << 273 */
-    { { 0xaded87ed9d1637d6L,0x6d5d5b3b694a536fL,0x6aba5271494ef964L,
-        0x5a9d8207f899f7acL,0xb426737cd77bd7d8L,0xe8de83bc8e7761fcL,
-        0x99f09dab881d65f4L,0x145efe113369e1a4L,0x0000000000000084L },
-      { 0x385830fac6470ecaL,0x08d8e0664a415836L,0xbac25039b5241a86L,
-        0xf02ed14198be6a68L,0x172cbd25fb41f819L,0x8e8c6c3ec0a203c3L,
-        0x4a7861303316f5ceL,0x0e5195fb1ecc5915L,0x000000000000012fL } },
-    /* 30 << 273 */
-    { { 0xb067305d41f4e9eeL,0xe2c3afab7b26ad35L,0x620dc76da158082aL,
-        0x13e8afcc03213e9fL,0x64018f55c12946a4L,0x770066dd8c4c89cfL,
-        0xa07b753efbe52d37L,0x79cec78b7424b86aL,0x0000000000000072L },
-      { 0x5ec514f1a5dc80a7L,0x7e70e414c049c348L,0xc3daf2f2eebcac00L,
-        0x0f49f8a703563a24L,0xc36c093204e789e6L,0x6c17a7c02b59bbd2L,
-        0x3a84fc9dc6cb7b49L,0x05e1457e0de6085aL,0x0000000000000109L } },
-    /* 31 << 273 */
-    { { 0xc90eb31fc17d94b2L,0x8ed3a7945e87b6dbL,0x85ebc38150d82b3cL,
-        0xc906cf47dfff4d95L,0x122b7a67f28fdcdcL,0x96bd35386bf4a9acL,
-        0x67788dc93f96461fL,0x982412df832f92faL,0x000000000000007fL },
-      { 0x5eaf69178324dd6fL,0xbd5ae389c8093147L,0x1c19b1917939568aL,
-        0x5fc18a88e5600018L,0x5c483792b28ac566L,0xd15eaaac13b67938L,
-        0x3ad1d25e8cab3ebbL,0x6e68deb0247e9904L,0x0000000000000031L } },
-    /* 32 << 273 */
-    { { 0x2347e38373435eb6L,0x75563e7858ea9f89L,0x20ccb854efa62cb9L,
-        0xdac97aec1cc86c06L,0xbe99c357f432d1b4L,0xcd89da561c2e03f6L,
-        0x7e424afda789af68L,0xc386d1bf401f225dL,0x000000000000009fL },
-      { 0x46f9bdbba1a12ca1L,0x489bdf59a6469919L,0x94ad85a73974bf6eL,
-        0xa7fe1c85c9fde759L,0xa26931a072b3c209L,0xbd5b56203db247ccL,
-        0x9ecb8a741085c481L,0x9134bbd1ea48e281L,0x00000000000001dbL } },
-    /* 33 << 273 */
-    { { 0x10689653e6397251L,0xd36ab8d90f9f0184L,0xa8c95b34a5da43efL,
-        0x1920d31fb6e047b5L,0x0dd12f4ce1469d06L,0x94efeb8c3cdee90dL,
-        0xf6b42234490b18f4L,0x4ffd0c3f9d9c97d9L,0x0000000000000165L },
-      { 0x04db694b8907f755L,0x1297a489cab5d47fL,0x531adce1572fba2fL,
-        0x63960f81014224ecL,0x61175880c4a771a5L,0xbb9116fd2941f7a3L,
-        0x04047b18a59d986aL,0x671b243166eb690cL,0x000000000000000eL } },
-    /* 34 << 273 */
-    { { 0x9db986ad8855ba41L,0xc106268894b3744eL,0xa92f7d8b15201d6cL,
-        0xe1e9769008782567L,0xc9bfc18a482f9905L,0xcc6569b1f54a18e0L,
-        0xd623f6e0ad8f5366L,0xb312dc0c5852a673L,0x0000000000000024L },
-      { 0x82a24990455c2368L,0x77771a72791c090eL,0xbbcd5223698071e5L,
-        0x4877919b2f7dbcb9L,0xb5b54e4e8622b142L,0x6c0f9b68c924f541L,
-        0x40f658639de92f6aL,0xd1b03e4e626f28ffL,0x00000000000001aeL } },
-    /* 35 << 273 */
-    { { 0xe357497c44f788aaL,0xeb886a8f9952cd9fL,0xaabac389c4d3a590L,
-        0xaf02fe81b2782010L,0x4cb27146ec5da884L,0x7104f1641074d877L,
-        0x3c049a5c4bcda0fbL,0xcf680a9200118890L,0x000000000000005aL },
-      { 0x76ea5fa1d2ca967bL,0xc8e6d78fb8d792d3L,0x203e8ca7e4fb3e32L,
-        0x80a8f1e34959b68bL,0x3b5a8c7f0165eb1eL,0xbe35a03d5c518971L,
-        0x815cc58c3dff7dceL,0xf4684b055909c47bL,0x0000000000000065L } },
-    /* 36 << 273 */
-    { { 0x7a8173004fabf449L,0x73b582d840f2b2a9L,0x3a3d45a8c970d55dL,
-        0x4b929ad041a73083L,0xc39402f969c262bcL,0xdbc16a80f9b3d2cbL,
-        0xf9abdf398d4fd1cbL,0xb3b5baa009125d99L,0x00000000000000afL },
-      { 0xe8d916331263ea71L,0x34f37faa9afe25feL,0xe00102248d62a061L,
-        0xfd4ac0ee89324085L,0x1ad23c7839425188L,0x3e04ce94f9b054feL,
-        0xad2630664ba78a71L,0x1be2291a86fdcda7L,0x00000000000000baL } },
-    /* 37 << 273 */
-    { { 0x6acd94de05e1e1f4L,0x673190a0645a2a41L,0xa35fc575310fafd6L,
-        0x3ac9c62230e58773L,0xb82a873cb07d1795L,0xe9946d72a34ccba6L,
-        0x46c81998a6222e44L,0x2ff50bbcc8faabe8L,0x00000000000000d4L },
-      { 0xa0b601a6786a9817L,0x93b775763e461079L,0x97ef405844808435L,
-        0xf5a7b80c1199d980L,0x9e41ce271e84febbL,0x208a021be7f836e4L,
-        0x58bf3f9231e33980L,0x00755fc7899562edL,0x0000000000000117L } },
-    /* 38 << 273 */
-    { { 0xdd5761c511676ffeL,0xb0cce6b697334331L,0x0cce322c7ef96ef9L,
-        0x79fc56838c450809L,0xac7ad874bad8c85cL,0x41f7958cc41af040L,
-        0xf491765edf1245d8L,0x02e26e6ccfceb02aL,0x0000000000000039L },
-      { 0xb1abbef48131e277L,0x7aa601fe63dca0d7L,0xb2c6c9b5d7e372dfL,
-        0x0b7298ad989af18aL,0xc7f3a5e3d5fe8f67L,0x769001fffde1066eL,
-        0xe10fded0dda36343L,0xa92f0d1b15d0522fL,0x0000000000000131L } },
-    /* 39 << 273 */
-    { { 0x6c1a6c256f3eef55L,0xb08580701c18b346L,0xce1c87968b4446ceL,
-        0xf17d9053e23c4f17L,0x327e132e89f21512L,0x205508fe284e94ebL,
-        0x1e62dda7f24fbc99L,0x344bbe262d39e997L,0x0000000000000060L },
-      { 0x770d0acb3035df5fL,0xdcd8b49049761501L,0x632b7d51ee075e78L,
-        0x6d945e49b47d9adbL,0x0f8c0b321d0ed89eL,0xc279b05c89cac70aL,
-        0xa227cc73353633eeL,0x925d141639a4d0deL,0x0000000000000046L } },
-    /* 40 << 273 */
-    { { 0xad4f18816bb2c3b8L,0xd45f9a0cd380ca18L,0xfb839dafaca25641L,
-        0xb89884f27e519019L,0xde295e5458cd6c25L,0x1bc5070e25a1e8cbL,
-        0x66f1635747c21e93L,0x379e8f32a4bddfa8L,0x0000000000000108L },
-      { 0x9141ea4e87cc4a52L,0x285cbaf972cff2ebL,0x27898f4df492be77L,
-        0xd49d035f223c8859L,0x763866c2726065cbL,0x0886e8d5b2eb9e8aL,
-        0x7deb06b31f70bf7bL,0x8ce6bcb7889d3e33L,0x0000000000000060L } },
-    /* 41 << 273 */
-    { { 0x271a04f88ce4f4b0L,0x2414550726b4b7f8L,0x159a895bbef3547bL,
-        0x3c71622e5db5a5f9L,0x7ea8523192ece243L,0x65c89b75bc972333L,
-        0x936ef797fc711efdL,0x05b810c7af98632fL,0x00000000000001b8L },
-      { 0x233474cfdbe53feeL,0x13f02ed581983f5cL,0x26f0244eb5c5b790L,
-        0xc39151490fd4b89aL,0x5d5731029a9ff308L,0xaa9ca0826b5e3103L,
-        0xcae619b710f4837cL,0xcd1617e2cf88ff6eL,0x00000000000000c5L } },
-    /* 42 << 273 */
-    { { 0x1b012cc6fcc7c3d5L,0x02b9f445dde71f72L,0x5f2cfd665a2000beL,
-        0xfd676315c8780139L,0xa594ecd3ae9b27dbL,0x9b06895afd3cedc4L,
-        0x0d532a0d1a268fffL,0xe06bfde60dfb1337L,0x0000000000000103L },
-      { 0xaa0a8cfdfbe7f2e7L,0xb2eddfb7adf3624cL,0x452e0b4fddeeeaa1L,
-        0x4bc994baa46e664cL,0x2bd9645ea0eac15eL,0x4d34b0e75e550962L,
-        0x6295f4a1697c8f01L,0x778a20923c08aab6L,0x00000000000000a5L } },
-    /* 43 << 273 */
-    { { 0xc4b1b87656477894L,0x9f8b9485bc8ff924L,0x55fa6ad5e675d0aaL,
-        0x27cc06eb926549deL,0xa53fe770d61fa7adL,0xb407e08f8fd62473L,
-        0x4c2c03f2a92b75d5L,0x810deda5009ca888L,0x000000000000016fL },
-      { 0x0f8e637dcca00512L,0xb195a15968dd81afL,0x44a70f986b904e07L,
-        0xb264193f52c9eb87L,0x5e838f6fe75cd8fdL,0xd25d4157a7123b3dL,
-        0xc6a13879cc52e032L,0xdda5d51ccffcbb8bL,0x00000000000001c7L } },
-    /* 44 << 273 */
-    { { 0xc7879147afb7d394L,0x8ec1b7fd4fb2b482L,0x955ea97dbd72c391L,
-        0x9c5c1ec6cdb4e57cL,0xeda7ae96723ade30L,0xc27b17b48054db82L,
-        0x0d1e386b91170eb1L,0xc6366e519aa3db3dL,0x000000000000002fL },
-      { 0x710fde5f6111f40cL,0xd231d1b3fd9de6f7L,0x9cbca1b1a15652beL,
-        0x1d1b5b4d0a93c0b0L,0x29f6c799dc4c3234L,0xc414ea5fcda6aad7L,
-        0x7c44805f3ead0e82L,0x1eea7f63e86c4877L,0x0000000000000036L } },
-    /* 45 << 273 */
-    { { 0xea03e06e6909b7b5L,0x1eb59e94dd60ebe2L,0x34dbf67688d4c7b9L,
-        0x45027f88f72d9b9dL,0x31b1f57995e61759L,0x61dfe2f6d4650f5eL,
-        0xbd0d212d6d0b74f4L,0x3f9948eb48083b0aL,0x0000000000000013L },
-      { 0x2bc49a766742cc59L,0xf83f88b2df5d4832L,0x3334aa91a688f8eeL,
-        0x8a225b1d50913867L,0xe3d0925b9f5830baL,0xdef272bc88056d19L,
-        0x22310572a90551e7L,0x5be1f7e622653c85L,0x0000000000000164L } },
-    /* 46 << 273 */
-    { { 0xc39065a8339a9d0aL,0x003e9b1e5ed50927L,0x1bddb64990510e1cL,
-        0xc9cd7f8305bf885aL,0x1f6f6b26c677e374L,0x22c8e14499d0ce42L,
-        0xe73b3c75760954c0L,0x8f1169532abfdac1L,0x00000000000000a7L },
-      { 0xcb29557273c46650L,0x9eadcd045832208cL,0x81a07d4b6a6f83b0L,
-        0xddf5c6863ab3dd60L,0x8f79004b68e2062aL,0x4dcc7bc7d2487a89L,
-        0x23a734b65d1fc56bL,0x8bd92ff31445da6cL,0x00000000000000beL } },
-    /* 47 << 273 */
-    { { 0x2484e9b86f9d25d5L,0x15a3eef11bb1562fL,0x2877237285a8fdc1L,
-        0xbdbe7ba434f5a652L,0xddef4b0751555a0cL,0x9ce61078fb946931L,
-        0x3f96d51e4a63b946L,0x870c89e539f2af27L,0x00000000000001a6L },
-      { 0x502642ad8155bbecL,0xf6405faf03db10e1L,0xe8a6560fa29bb9c3L,
-        0xe50d29554c3a2c35L,0xcde535401a0decc4L,0xbba9da77090bedf9L,
-        0x14ae1323a72b5b8fL,0x21a90f4992c11268L,0x0000000000000167L } },
-    /* 48 << 273 */
-    { { 0x0a65feba78bb30f6L,0x0235d91a50eabf36L,0x0b8ec4a4cd2d934dL,
-        0xa122f10b8dfcce34L,0xc3c86b639b2e6536L,0xb8002fac84962539L,
-        0xa6893cfbf6d36ba4L,0x280e9d60dccb7f1fL,0x0000000000000072L },
-      { 0xcbb4609e279551b6L,0xc6e893884b03a718L,0xdf62f063744dc7e2L,
-        0x1799ea3e4146ea10L,0x73d8cef29ecd77ceL,0x2b87c10eb2229d1fL,
-        0xe9d08175cabfdf74L,0xed1d16a83f0d60c4L,0x00000000000000ecL } },
-    /* 49 << 273 */
-    { { 0x2631e8bd95df30c9L,0x247fec887ec7359eL,0x37b1e3913bc00041L,
-        0xcbe855f3b87062faL,0xd338fd26481816c3L,0x0d8dd09ad0f19ebfL,
-        0x2741bf86ddff6006L,0xaef4f2e5495cc8cfL,0x00000000000001aeL },
-      { 0xeb8c8ac5a59d77bfL,0x63e588b77c3fc77aL,0xbeea43ed5d00f92dL,
-        0x8dff885a80169336L,0x5c0cef670a35b365L,0x4c61a43ba705b9e9L,
-        0xe95772c54a8c46f8L,0x0d81ff84829ff66bL,0x000000000000005dL } },
-    /* 50 << 273 */
-    { { 0x3dc4ad30a16aec5bL,0x9cf3022a8eb3ec7bL,0xd940cce316b6219fL,
-        0x6324514378a15c73L,0xa70b4f69107ecdeaL,0x3ac7eb803b2bfeddL,
-        0xee677c763137afceL,0x9686744c986c1392L,0x0000000000000115L },
-      { 0x9db83670d591110eL,0xfdc8ae98d29a560cL,0x0e27d3c0f840aed9L,
-        0x98bce3eb7e127e30L,0x7c1bb6b9184ba73eL,0x410c3f4f986eb84aL,
-        0x8c28448dac4caa8bL,0x2e3c82365a3618ccL,0x0000000000000101L } },
-    /* 51 << 273 */
-    { { 0xbf1dd991bb37b704L,0xb36ed5ae0cd09760L,0xd9750a8697aa7d3eL,
-        0xd1a27c2cc8a95b0fL,0x399937693893c07cL,0xb85a62c28ba9319aL,
-        0xc233630451b89005L,0x1c942e9fef7a20a2L,0x00000000000001c2L },
-      { 0x291509822572cb48L,0xe1ca81031d0b9df4L,0xfb70c750ba52c264L,
-        0x4cf3fb966bd2e72dL,0x04b65b4daf9a2bcfL,0x56eaf0f7db2205e2L,
-        0x5551b3333466cfadL,0x886b3275c55a1b10L,0x0000000000000139L } },
-    /* 52 << 273 */
-    { { 0xa976f5a2f8701332L,0x203dc2057771c835L,0xb1c541bde425fcc5L,
-        0xbe9921205c2cb7eeL,0x300e2b0279278283L,0x24b80fbfc88d605bL,
-        0xfd23544c3006aa2dL,0x1a212c5fd593c6d4L,0x0000000000000103L },
-      { 0xd9fe69f1ca88f548L,0xf2e065d1a37c6e22L,0x5804ff61e43ecc0bL,
-        0x34abcb423becc85eL,0x7d223605fd8e1751L,0xa2a0ea503b76b819L,
-        0x6c7b9dfe147f6beeL,0x8db65fbd3be2fcbdL,0x0000000000000178L } },
-    /* 53 << 273 */
-    { { 0x633d962c0c9fe7cdL,0x8fb7af4e05e74840L,0xb9cfda5ce5228fe1L,
-        0xcacff0b65199eb36L,0xb9ac48c7b6155dc2L,0xd147c6d3300bab8cL,
-        0x4f58e235a5034c42L,0x097078470291dcc9L,0x00000000000000edL },
-      { 0xacfde54d059836b0L,0xf755e402b6d8e2f6L,0x282c2d5581436e4dL,
-        0x0a8eff54b3ba7338L,0x910d9a5dc0551151L,0xcb2a43a629e3a972L,
-        0x49974730b85e35ecL,0xf79b7d5ccd5a58fbL,0x000000000000017dL } },
-    /* 54 << 273 */
-    { { 0x65d17a41539696a0L,0x57f8e852def0e88dL,0x8ef4f324c7739797L,
-        0x532ceb30ab421668L,0x691ae9641db40e22L,0x19a80aabc518454eL,
-        0x520e94d1338ad96fL,0x172bc7b6d28f8389L,0x00000000000001c1L },
-      { 0xbb52038d92e07ed9L,0x7ebce2feb5272282L,0x2cd12a6bfbf12724L,
-        0xd1c0d0f017e36d0bL,0x46b0fc6ca1709284L,0x41f37ca9d0015640L,
-        0xcc5dea20be174e7aL,0x2831510fbcca4571L,0x00000000000000eaL } },
-    /* 55 << 273 */
-    { { 0x488370b5e902f19eL,0x1fc4025b68b7a415L,0x27c316dbc935ac89L,
-        0x2fb89fb00293079cL,0xe4c123f52ad9ad17L,0x7031724aeb3910deL,
-        0x38223c12db0a05aaL,0x199b557bdce2bb89L,0x00000000000001efL },
-      { 0x49462b3bf467f0c4L,0x53d52ebfda88978cL,0xfe52b9ef3b5363f5L,
-        0x64ed965fa8acbd66L,0x92e5b025750c6e88L,0x0f4841bfe5b28b0aL,
-        0xd2a3d837e73509c1L,0xdf28934e0db0512bL,0x0000000000000078L } },
-    /* 56 << 273 */
-    { { 0xc466fd7b7514e752L,0xc0c9a0af8e1fd662L,0xd4b0ae397f3083fcL,
-        0x9af1c21f24cb5771L,0x8c20329d469dcd1eL,0xb115fdd26579990dL,
-        0xccd93d2a3160b749L,0x4aa17bb996f8fe36L,0x000000000000004eL },
-      { 0xea95c80a4118ebf1L,0x267ce3a6e78b533bL,0x54167eb7152ee4f3L,
-        0xda581b52d6d5b4c9L,0x285ddaa44f9408c6L,0xa1e4d6dc1ff6c988L,
-        0x9d1464077540a223L,0x127967a3f46c92d9L,0x00000000000000ffL } },
-    /* 57 << 273 */
-    { { 0xb39e35c824e3fbfdL,0xafef277235e6a7afL,0x25b3068748cd5a9bL,
-        0x305cd07226cd12d2L,0xbe0af44b191d2eb4L,0xe0c88872b14a8482L,
-        0xffa8362a895930d2L,0xe2da964817b31851L,0x00000000000001ebL },
-      { 0xc073c946625426d8L,0xd397726f62c66394L,0x3d1398374528c5faL,
-        0xd8da5a25b3221944L,0xf50efb6b2635e15dL,0xf68306be42115851L,
-        0xfc4919fa16837a4bL,0x5d4ab1f6b111cecdL,0x000000000000015cL } },
-    /* 58 << 273 */
-    { { 0x1fd61fd0b5286dd8L,0x237ed76f1b4f3393L,0x3e86a9a9d71eceffL,
-        0xc8ab89b8e74180c8L,0x2402e229e2014494L,0x41893effc276af0bL,
-        0x4b0c1a54eb97a632L,0x8d403e5aabdd0d62L,0x00000000000001d1L },
-      { 0x033c88e0e7df1bb5L,0xc4ff0974917b53cbL,0x6834e17dff5540f3L,
-        0x333daed32024b7efL,0xd76d2d74e7919887L,0x16ad783eccf4d0d6L,
-        0xe57b0eb14cd5587bL,0x9e52405b4c7e37b4L,0x00000000000001a3L } },
-    /* 59 << 273 */
-    { { 0x2233ca7fb47270f2L,0xae765c245a51e38aL,0x685a629043be58fdL,
-        0x070f79e18346ee5fL,0x09dfa96060cc36f1L,0xba1b744a516ab0bbL,
-        0xb99d4a5d2b2125afL,0xa88ef3ca45541791L,0x00000000000001d8L },
-      { 0xaa2d4980e27c4c50L,0x7bb1302b2a828c2eL,0x2b7f34c6e586f990L,
-        0x182b69e2b22de340L,0x084ae47141494741L,0xff811bebdda7aa90L,
-        0xb62bc87c0b45b4acL,0xc3971692251fa3a0L,0x00000000000001bcL } },
-    /* 60 << 273 */
-    { { 0x08c553f113562036L,0x11b803b8e4d93e33L,0xe7b3f20692fb7e89L,
-        0xd8352288cd0cc8c2L,0x2bf9cd2faaea0945L,0x828bf1c71d16f78aL,
-        0x9228c534afc79192L,0x1d7fc7f1c87becfeL,0x000000000000008bL },
-      { 0xbc9bc44354ed41f5L,0xfd759f9579a650b9L,0x951687f8bbe6ecb1L,
-        0x396d94a79e55762cL,0x4e489097b787cfabL,0x522cc6c3111e72bfL,
-        0xf494094c7a4d01d8L,0x2f0b8ed600666f1dL,0x00000000000000ddL } },
-    /* 61 << 273 */
-    { { 0xdaa376d3bf886d75L,0xda77b4e0c5fa164dL,0xc5fa99d7e140d0afL,
-        0xc1298a7f239e4b91L,0x656278ea77b95e2aL,0xd4615db928c2dbf7L,
-        0x679e343ab4fffdf4L,0xf454c81fb109106fL,0x0000000000000020L },
-      { 0xebb250e9d09e1320L,0xc1bacc99bc92b5b8L,0xd2bc9ce8c6fa578aL,
-        0x4b5480d06d5411c2L,0x4a667abdbc01eef9L,0x2293ff502b5b5ae1L,
-        0x064d795250578246L,0x4999b1244736e18dL,0x0000000000000056L } },
-    /* 62 << 273 */
-    { { 0xacabe0d649acab59L,0xf5c52f50022e503bL,0xc388decf5bc47f3eL,
-        0x8d0cdcf14f1b89a5L,0xae32536823906d64L,0xc3ce9106967e20ebL,
-        0xa820be6f821b2939L,0xa323b31a73d7b74cL,0x00000000000001eaL },
-      { 0x4a67d5f8ea7184dfL,0x34355eead1834b43L,0xdeb639e821ecfdc7L,
-        0xfa16656adbc01369L,0xb8791490db78b8d2L,0x8433fb9c29d46e0dL,
-        0x7327033b802bbe56L,0xcb2f72c7be24f129L,0x0000000000000091L } },
-    /* 63 << 273 */
-    { { 0x6d4e39d3ac1f4630L,0x1fa0065075a61ac6L,0xddc652c51817a6e0L,
-        0x42b1966823e50264L,0x3e980ad593896122L,0x8a47a5191081f154L,
-        0x6b4199134c2ffd1aL,0xcfb1914f16b21385L,0x000000000000004eL },
-      { 0xce79f49b2fc5c303L,0x9efee352e1d19a11L,0x7d084d1833b27ec6L,
-        0xd078a4c3479ee85bL,0xc88a27f1983e02c4L,0xf7493d4c411e9106L,
-        0xd13cca1d20cfca34L,0x80a39dc9c4f5a885L,0x00000000000000fcL } },
-    /* 64 << 273 */
-    { { 0xcca33db42a22b97fL,0x808d2e981942f8f7L,0xd972d1a737133c3cL,
-        0xfe4b5f5f5ff8d7aaL,0x8bd08c189175512eL,0x67bad971bb95ce67L,
-        0x885de1d49cf69b1bL,0x00d0ebbe54ba8e61L,0x0000000000000111L },
-      { 0x50aeec386c90b677L,0xc765c4753df368c1L,0x3865a7395d423382L,
-        0x5f843adf7e55f0d3L,0xa8c20b65e6159793L,0xbc3d7a4f05c2f2b9L,
-        0xb6663d297a052d8bL,0x50cdb83a65a7ea81L,0x000000000000017bL } },
-    /* 0 << 280 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 280 */
-    { { 0x4c740ae10ac4cb66L,0xc8a66d9759c635ffL,0x328b65af2569dac8L,
-        0xfdb6599b8838dbc9L,0x702473f87fd83c9fL,0x0d1f2ad8128683f6L,
-        0x00ae5b505030b76bL,0xb1375d706d15b5edL,0x0000000000000159L },
-      { 0x7a772a901f1e1f7fL,0xa790dcb7c669aa61L,0xdad905aec5e4f185L,
-        0x3bd91c29116ad6ceL,0xf87c96eac329d8a7L,0x399c929cb5b14581L,
-        0x6fd2983c3a8253c0L,0x616a8b61da988b39L,0x0000000000000181L } },
-    /* 2 << 280 */
-    { { 0x0d6e6eedae0e245dL,0x5c37e80f26f68799L,0x575626142aeeb588L,
-        0x9261cb14de82abc1L,0xa4b446f5ebeeb914L,0xe8b749efffb71dc9L,
-        0x3e1382391fcf5e8eL,0xcbdc4c5315c8cfb4L,0x0000000000000185L },
-      { 0xe8acd37da80326b1L,0x4aa2d80f6ffc9ae9L,0x46da631fdb069e01L,
-        0x1463768de7abe06bL,0x932e528dc3be779fL,0x756bc3de494fd10dL,
-        0x4a181a650b0c9870L,0x0ceae429ae34b70bL,0x00000000000000aeL } },
-    /* 3 << 280 */
-    { { 0x3a070e58524bc705L,0x86404f01fbd0358fL,0x88456d7874567144L,
-        0x91aabc494cb2bf46L,0x829df4fdb1e29372L,0xf177ce20230cf9f5L,
-        0x404eca037a3d29caL,0x6d9b609a231007dfL,0x0000000000000159L },
-      { 0x7ff3369eb1bf4593L,0x94ff624f5e4049a7L,0x5b7ef74134194bc1L,
-        0xf4bac202131b06f0L,0x70a46357b7549633L,0x0b293380761ae1bbL,
-        0xb2d9c64d974c1977L,0xe27e23b400e7751aL,0x00000000000001dcL } },
-    /* 4 << 280 */
-    { { 0xe15ef16cfaadef15L,0x0f2927a1babe010bL,0x252539dbcefdeda3L,
-        0x1e8ff8c4a98613a8L,0xec7026d9f76d425fL,0x507c1214ac386095L,
-        0xfba6c762c8024ee0L,0x1088460c3f4dd18eL,0x00000000000001b0L },
-      { 0x6ccf1452202080cbL,0x33b934d5b645d8e0L,0xebd4d772c0fd54b2L,
-        0x62a8045e207e1dfeL,0x9e5d3b88601b9f43L,0xc8f7e47d77e357fbL,
-        0x1c8764778ec21437L,0xc08c5a27069dd1c9L,0x000000000000005cL } },
-    /* 5 << 280 */
-    { { 0x8b7bad84aa505f62L,0x8052b3cbecbd5f9eL,0x0e985e1ab3660a2bL,
-        0xc17e62d3a69bdfaaL,0x9bb1033189b5e1e8L,0xc572485a6b55d39aL,
-        0xc322f39adf1f6747L,0x88881e7fc81cb6fdL,0x00000000000000d9L },
-      { 0x31d3f8493310a660L,0xdd188984fdc9db36L,0x89a0af2c3c61b203L,
-        0x508fae9c8e454871L,0x2ebd3d7a69879c4fL,0x5ac4c93d83e6e3f8L,
-        0x71744332c59f4c51L,0x0322f749ad204b19L,0x0000000000000057L } },
-    /* 6 << 280 */
-    { { 0xd445e8962dac6a90L,0x6904dd238a6d208cL,0x83adfbbf4e016973L,
-        0x91630953a384d374L,0xcd5e353435cac47eL,0xcec42d1088bc5e3aL,
-        0x13d0e8aa5141de2dL,0x3bbd85d1be1d414aL,0x0000000000000105L },
-      { 0x2b200480b911ac9aL,0x0c681a4332bd4596L,0x68e2718368edeb24L,
-        0xf8a34ce78950ff7bL,0xa58265b03afb03e3L,0xd0d866606bc58ad1L,
-        0xf9542bba3303c185L,0x13afe747cc393e4bL,0x000000000000005bL } },
-    /* 7 << 280 */
-    { { 0x6871a6e155b6f895L,0xb935913e9d7e2730L,0xfe1eebb1a9ac21a4L,
-        0xfdab879429c16938L,0xeb9afe9adeeb21b9L,0x967a2fb2797f546dL,
-        0x2fe2023bb9cf34cbL,0x9272977ee049697bL,0x00000000000000caL },
-      { 0x348928ef50b4a316L,0x115e58ece32c9a4fL,0x6d858be4e3a235ffL,
-        0x7464d70472b943b7L,0x6e785131e862030bL,0x4060a8c7b8a27819L,
-        0x831b7288d3e4f0d6L,0x81c21f75b36c3f8bL,0x0000000000000004L } },
-    /* 8 << 280 */
-    { { 0x640c489c80744c7bL,0x76c2615a09c3bd56L,0x0a0a64544b2e41b9L,
-        0x1f67ea463635acddL,0x7a93c39af36dc54cL,0x4efd6c2f386cdcccL,
-        0x789ffbcd8dd41a02L,0xb718d8187068e710L,0x0000000000000002L },
-      { 0x463b2b5d8e3ed0fcL,0xef348838c77bcb34L,0xf3cd1bbd8e9bf495L,
-        0xc275c5432a4ec1faL,0xe606d611cc394e16L,0x45c1e7c61a56a93cL,
-        0x828c42db1f6707b2L,0x59ff294843754051L,0x0000000000000100L } },
-    /* 9 << 280 */
-    { { 0x23ac84cd9e107222L,0x011f6752130abb36L,0x83d1979f5931a184L,
-        0x87880be04349bee2L,0x785209566b06ebe2L,0xa12c6e2f5c02eecfL,
-        0xcfb3b87d2c027b98L,0xe399b69f59d49343L,0x00000000000000dfL },
-      { 0x73f60492f763472aL,0xd0630d7aa32c8e02L,0x64fda2740b7eb763L,
-        0xd2ebdd95c0295433L,0xd3bf0c58f8650b05L,0xc0c0a4abdf491d11L,
-        0xfdd83464bec2efd6L,0x42dbbf3363fec348L,0x00000000000001e4L } },
-    /* 10 << 280 */
-    { { 0xeaefe760e7307475L,0x660015223de4536aL,0xc0c1396d45928311L,
-        0xb972d84029ea65fcL,0xcbf018ad83c0faa0L,0x0ce90359f5116096L,
-        0x33a6e9c82c9e2cdbL,0x1e61a90c5f1aa2abL,0x000000000000001eL },
-      { 0xcddf71f961709e18L,0xae43057240f72033L,0xde53f951b1b7d4a2L,
-        0x409f0a90cc853277L,0x341fa0c03789a7e2L,0x9cb4a809daf6b61dL,
-        0x3b42585df7bd34f3L,0x7a624ac415d77b4cL,0x0000000000000078L } },
-    /* 11 << 280 */
-    { { 0x02e9c325f196b6a1L,0xcfc01de1b0374324L,0x289b25be0121a620L,
-        0xec188af9f09b541fL,0xac954bc5fcb86a52L,0xd883b21f87a757b9L,
-        0x1194e3a12741cd24L,0x3d1914b61e3ef5eaL,0x00000000000001fbL },
-      { 0xb13ea4836bfd085dL,0x6e20b8d504a5dcd1L,0xcf5fba257f7af4feL,
-        0x58625751914d9c51L,0x1005bcc9eb304193L,0x7b54ef23579943f8L,
-        0x50ead06cc7d1c9baL,0xcd9877673664cf97L,0x000000000000010aL } },
-    /* 12 << 280 */
-    { { 0xe78a2eefd978be2cL,0x1958503c388b0164L,0x63a5d6fb3d35eaf6L,
-        0xff6e50d5dbfb3304L,0x4b9c89e3931e2555L,0x93d6c6e9e2a419d2L,
-        0xb2b26a9296f11b80L,0x1ba661c44c413fb3L,0x00000000000001feL },
-      { 0xea30821624fc3599L,0x83000d9ae1823a76L,0xb614483695d2aac8L,
-        0x661640c0996c6b75L,0x5212a79fa7b4f33eL,0x40c6bfde5a2fbee7L,
-        0x8ce6e88e86ce3a36L,0x4a9b0c5eccb757a9L,0x000000000000010bL } },
-    /* 13 << 280 */
-    { { 0xc8b31578e40e993dL,0xdd419459041d243fL,0x0c47e4492fbaf7c6L,
-        0x10b731c47d71b295L,0x41dca681f36a08c0L,0xec3582403d924e38L,
-        0x891991a88593f600L,0x8d684b374a984c9eL,0x0000000000000109L },
-      { 0x44787399a8a706dcL,0x307e57cb53caa9baL,0xea0ad37576a3276eL,
-        0xb1b79db12e025195L,0x96703f51aa828a3fL,0x174f1c27536e5266L,
-        0xc2d7da86fba650e5L,0xe69208051bed53a0L,0x000000000000010fL } },
-    /* 14 << 280 */
-    { { 0x6076eba5d73f6d54L,0x2dc200db4826039bL,0x683c59a00761fbffL,
-        0x525681dffaeb001eL,0x84175769d29ce601L,0xb5301cfc04112e5eL,
-        0xa242021d3aed1274L,0xc2f154ceb3cf3089L,0x000000000000005fL },
-      { 0xc754a9e65799204cL,0x186ec103d6251a86L,0xaa3bc7933f06cc52L,
-        0x2512fb5391c10e49L,0xe63f08c7df01b044L,0x4138d8974a7a5bc2L,
-        0xd23a1be79258b0e3L,0xddb136202bb7743bL,0x00000000000000c5L } },
-    /* 15 << 280 */
-    { { 0x409beff853938400L,0x3593e4f9c460d38bL,0x6d0b5d57f0673911L,
-        0x22c8dcaec72c6491L,0xe6e263f173e0ea62L,0x14c1e16512ece129L,
-        0x45b34f069a474ff0L,0x36c07c4fb96851d9L,0x00000000000001fcL },
-      { 0x250b8e258259bf92L,0xfb6826a6866e22feL,0x1d0fb6d935566f47L,
-        0x6381018504537faaL,0xf8f10b30f1d6bcdcL,0x6ce068c4abbf20c8L,
-        0x3ceaa8c944fcf678L,0x44c0ee4daa121e6bL,0x000000000000012cL } },
-    /* 16 << 280 */
-    { { 0x3878c70adf5ee186L,0x62f4f54a6fffef9fL,0x0a7664c380400fa0L,
-        0x99be58c2d0ea21b9L,0xfa70b9ade311aa6dL,0xafadd452abf43a4dL,
-        0xe6291c610f7b5de5L,0x388a421578d61e62L,0x0000000000000024L },
-      { 0xf188f980ee1bcdafL,0x9ccc1a6bc991f497L,0x6f733d1221ec6f5dL,
-        0x59ce56b9da9f5bdbL,0xe03a9a1f40e88d50L,0xa5e60328c0190a2aL,
-        0x382bdbe69ff9d482L,0x26895085bb792de6L,0x0000000000000013L } },
-    /* 17 << 280 */
-    { { 0xb62405a5676a3e6fL,0x5ef780579ac1ab5eL,0x4aba44936c1169c3L,
-        0x0e3dce11827d4ae9L,0x2d8bffba23687976L,0x9fc0f8a871502c8fL,
-        0x7bddcff7be7d4d2cL,0x00784e850b6a00acL,0x0000000000000163L },
-      { 0x54fa77ad66a2abbaL,0x14fc08c88a96575dL,0xf1b50adef2dd1b8eL,
-        0xeecd2a0f774ea727L,0x6cc9ccbcf14625cdL,0x8800d8a0ba597acfL,
-        0x52ee2b93f9dec864L,0x5da5fb84e642a27dL,0x0000000000000056L } },
-    /* 18 << 280 */
-    { { 0xcd861ffbe4649d6fL,0x2ed9b50d8dd76900L,0x5e5cff5dcc6dd1f1L,
-        0x2f649d9fe440c31aL,0x1b6cab30e1b50625L,0x0280ffb2fedf3d27L,
-        0x41fea755cdd53867L,0xda1c31ff4b6b3458L,0x000000000000009aL },
-      { 0x504a5a4a1c5bfa1eL,0x3b16eff4cb6c1131L,0x42ae4011ae721056L,
-        0xadcb0a5c2f4db3ccL,0xe9f89fbe43d4383fL,0x243f76cc28188da6L,
-        0x836268eb0f53be46L,0x2fa1ca1b386264f4L,0x00000000000000e8L } },
-    /* 19 << 280 */
-    { { 0xdf5b66aab830b085L,0x2f6cdf43b7a797cbL,0x0101d0724241a303L,
-        0x0a16ad64a6623b9eL,0xcdbd54b3a9f4c582L,0xc97a95567ee209feL,
-        0xac166a4f72e05927L,0x944328443d9fa567L,0x0000000000000073L },
-      { 0xa051a3107a366e15L,0xfd0e5a53c6bf5c08L,0xa240cf6d978ada91L,
-        0xe8ad78c9349ea3b3L,0x9494acb015573256L,0x2bdfd51e391180d4L,
-        0x911ad26d30e11852L,0x066206b1c0d32653L,0x0000000000000173L } },
-    /* 20 << 280 */
-    { { 0x682b6f1d6f37fe71L,0x3754800ccadcbcd8L,0x12367b4b70b949f5L,
-        0xa470950748bd0160L,0xf46eb3dba321a86bL,0x9ea717597b65a082L,
-        0x49607c639e80e35eL,0xcae1103f0ed3f9afL,0x0000000000000110L },
-      { 0xfecfb034c97c9712L,0x46794ae3487685c8L,0xd801e8d1d123a90bL,
-        0x6ee2529e5b0b89caL,0x2b3b7f4cf650661aL,0x23257437dbf31d1eL,
-        0x6d2e599d2f61e4b7L,0x4853ca0956a975a9L,0x000000000000013eL } },
-    /* 21 << 280 */
-    { { 0x4641c185951032bdL,0xb4a82d1ed654967bL,0x4f60abfaebe0534aL,
-        0xd8d59a71563969dfL,0x69a8365d897b93d0L,0x34dcbce7a3ddcad6L,
-        0xb4798d7484801108L,0x1ef48f2b9509858bL,0x0000000000000186L },
-      { 0x8f01ec3308d02285L,0x8f361eccfa7f5f30L,0x03d8d9aa173946f2L,
-        0x2ee8b5750e55fbc9L,0xf3d5ab9b804c4aa0L,0x928acfc13fb93feeL,
-        0xb60fb73a1f387d73L,0x4f0a74e1fabfa19dL,0x00000000000001aaL } },
-    /* 22 << 280 */
-    { { 0xdd033085ffc38940L,0xbdf00b79e0cbd312L,0xe027364751bfe81bL,
-        0xc9dd4f9d4889fd94L,0x307b0e6e06260888L,0x1cc21a4c57fc3aa6L,
-        0x80015db80375ec4fL,0xd8cd58e27ec6ce20L,0x000000000000017cL },
-      { 0x46ba9532bf2925beL,0x948247d693eaa62aL,0x7dd8c538b71fae69L,
-        0xc90496865561d353L,0xdcbb708b427cf50aL,0xa367d55f861bc80eL,
-        0xf46ec4634a8f28ddL,0x3481474dcbce8110L,0x00000000000001acL } },
-    /* 23 << 280 */
-    { { 0x254c69ed55155f2cL,0xe14b1c5db7d2603eL,0x2dffb214ba8bd917L,
-        0xcddb7eb590dff8acL,0x66e23246426e1109L,0xcaa97ba1cdf4a95bL,
-        0x56522b0177be0ef6L,0xa81706f55d3f77d4L,0x0000000000000011L },
-      { 0xd4b76f04639ff0cdL,0x15091830d19f7652L,0x64d3e1589351196cL,
-        0x63b04349370e92f9L,0xf247c96d68ca3652L,0xfda88c1295b0a39cL,
-        0x09ec4902691b35f7L,0xf1e93e7656a345a6L,0x0000000000000195L } },
-    /* 24 << 280 */
-    { { 0x1c1293a1f9640d38L,0xc24e8f93b6709da3L,0x5d9b87cb8cbfeeaaL,
-        0xab49ee81b0fd1d5fL,0x09cba9064c63b1b5L,0x379febb06f867688L,
-        0x2061b6eec99ba636L,0x966f2eaf51159b58L,0x00000000000000b0L },
-      { 0x4a130277873b42abL,0xacd92f6c1c8ab9b2L,0x117dcc6ba66d3168L,
-        0x70362ec85dae335fL,0x1f13ef5eea5f8570L,0x8268cf14a075c01dL,
-        0x2f8431fad2b71b7fL,0xfff9c7d1382b4939L,0x0000000000000046L } },
-    /* 25 << 280 */
-    { { 0xed53320a5467b695L,0x95777379d81bc3c6L,0x1f53f221165800f8L,
-        0x5a3a36ac90c1143eL,0xf319be6f7a9ab721L,0xb6d3e1158c4ed728L,
-        0x6a9e9dccfaceb5d7L,0xa8abd38370e27532L,0x0000000000000080L },
-      { 0x28f0cede226f9ad0L,0x8a96ae65e9efd27fL,0x4fe7eb7fef2564a2L,
-        0xdea5e9aaedd96a1aL,0x818a8f76469bfc52L,0x0e8eab80c7f687f6L,
-        0xebe81c5d4198b48fL,0xdd7e25c68d9d05f8L,0x0000000000000144L } },
-    /* 26 << 280 */
-    { { 0x5cfa7cbf1f54bc21L,0xd37a2401c5bf8ac1L,0xd6e4aa9fe1b4948cL,
-        0xc0af78bb87876571L,0xd5f38c4a9435c756L,0xdeaf4d5d196d5a67L,
-        0x847999d3665b16adL,0x55e422ab944e41cdL,0x000000000000011aL },
-      { 0x1c73a7be1f893849L,0x98773cab9b84e408L,0x5e6a4e145ed1c89dL,
-        0xe78d1b90716a5325L,0x1513fe4a577ed006L,0x7b8cfbaa90824caaL,
-        0x663d3fa73c2a2886L,0xc9d7e9608eb5b6b7L,0x0000000000000167L } },
-    /* 27 << 280 */
-    { { 0x7804ab0cd5dd017cL,0x2ee33f77c259ae7cL,0xbc379b5e1987fb05L,
-        0x472603f311e07d17L,0xfde157912168f043L,0x474bbd4c5d357133L,
-        0x278fdbb181d0f190L,0x44d8a1465f7a199cL,0x0000000000000090L },
-      { 0x7cf6a404bbd57b48L,0x19a5cb69db6852eeL,0x6f08b1da1b26de4bL,
-        0x04262f2a58360fe7L,0x287dbfd73bf7c760L,0xddcf22856e702e73L,
-        0xe4f8a899fe86dc89L,0xee9807e0c06c6e6fL,0x0000000000000118L } },
-    /* 28 << 280 */
-    { { 0x0a59179b025c0e2fL,0x43088758ddb8e4e4L,0x9ccb5d9baf9e3d51L,
-        0x5b220d64f6cc6fe2L,0x43a38530f69d1a66L,0xcf4dace9fdc5b0f2L,
-        0xf1bba4e1418ba2bbL,0x70e502e9d82fb27eL,0x00000000000000ccL },
-      { 0xb4fb372ba990ec9fL,0xc1c31603c5fa0250L,0x79b46f6cecbe934bL,
-        0xad2fc8f7b28f7d50L,0x240f4901b4d4e6d9L,0x11c72be533c59d92L,
-        0x16cb9bc5c94ffb67L,0x8517fa2b2e957b97L,0x00000000000001e0L } },
-    /* 29 << 280 */
-    { { 0x8672f8c178c2fae1L,0xce853dc0b390e692L,0x50cf0558fc7389d6L,
-        0x0eb7599014218bbbL,0x8942e82713a837c8L,0x07fb92d0213f6565L,
-        0xc3e799a7db1d4bafL,0x93ef2dbe0d7238aeL,0x0000000000000087L },
-      { 0x7e1c949a4d6f61edL,0x0951d2409855b4b2L,0xe99da0df0768f131L,
-        0x3a9895ca40b9263bL,0xeec3111e988e877cL,0xb887eeb1392e2a50L,
-        0xd26c888f3ae6a3edL,0x60db343170b42b56L,0x000000000000001cL } },
-    /* 30 << 280 */
-    { { 0xd6d025d839e224e4L,0xea671ba973ee2abdL,0xf71e527f0b2458ebL,
-        0x97adc0a443f0bb0dL,0x39d5e7b826a9a537L,0x02ee550a7e29adfcL,
-        0xd7fea1b5e6433c20L,0x6777e7f94b13721aL,0x0000000000000126L },
-      { 0x4682b1468c2c454dL,0xd6e496150d5c34dbL,0xe84ad426a9213f48L,
-        0x9143f004be2e5e10L,0xeb48a5a485f087d1L,0x10d141c784d2ceecL,
-        0xc96c7d6673ca411dL,0x28aa426c59faea28L,0x0000000000000144L } },
-    /* 31 << 280 */
-    { { 0xbb86295ab95fe143L,0x7a0778a004aa86f0L,0x72402bb054f3df03L,
-        0x5d2146943f81659bL,0x19aaa8e646689638L,0x8de0ef98937688a2L,
-        0xda612f96d910473cL,0xb0b8a1120a41c825L,0x00000000000001b9L },
-      { 0xd8d116daef118dcfL,0x4e24efd829a90bebL,0x3bc302db0e413b54L,
-        0xa0e984fd1a8c9f3eL,0x7b485798206268a1L,0x52a1f4523d769ab3L,
-        0x7bcb688e6853067bL,0x6b7f3335e784e934L,0x00000000000001e2L } },
-    /* 32 << 280 */
-    { { 0xba3a04f75f8fa47eL,0xb9c44aa1833dfb7cL,0xe4f3a4a6af4ea679L,
-        0x02b4bc288240ae75L,0x390076ae282412ecL,0x74e5bd6406709592L,
-        0xb87b1a57dbad0025L,0x71e0c6f732123b04L,0x000000000000016cL },
-      { 0x266b71d5e4ffc2c8L,0xb061cb88a73f6fdfL,0xbca068cd75b93ff4L,
-        0x4552d43b97712a14L,0x1035134c5b941ba7L,0xc14623abf31b6915L,
-        0xdfdd91c4aa972a0dL,0x54e8e7e0e17b9ad3L,0x000000000000008dL } },
-    /* 33 << 280 */
-    { { 0x664d379c66087692L,0xe4cfe5932b4cc0e5L,0xa293eb7c765981c8L,
-        0xa366a8be9ac9be69L,0x18a8fabdca5c9348L,0xa3d94fcda2a2c5e9L,
-        0xd6d42b142c19d210L,0x90c8d32950ebedf6L,0x0000000000000077L },
-      { 0x4b232a133ea6cce2L,0x9709a4f5efe51889L,0x6641e274e233ec8fL,
-        0x68744e54abf46598L,0x8c12e8da847eb365L,0x31c4a313be0dc8beL,
-        0x88503ca97bce4bd9L,0x98356a4724bf7fdaL,0x0000000000000058L } },
-    /* 34 << 280 */
-    { { 0xdd5dfc11a0dad11eL,0x6af8128d95bbbc01L,0x2a09533d2ba204d8L,
-        0xf656433c14308665L,0xfb9b0752873ddf2aL,0x462baf84bff789b4L,
-        0x4119391c36f8d363L,0x24a0d61bc83d0643L,0x0000000000000128L },
-      { 0xa811558a81d32679L,0x73ebefc16d51d480L,0x52e334d76723ca36L,
-        0xe102931c3bc64e40L,0xe0fc619a226f57ebL,0xc6533d88d5a49296L,
-        0x8a96610b856dc0b3L,0x7fc05cda95a3bcb8L,0x0000000000000128L } },
-    /* 35 << 280 */
-    { { 0xbdbe8a3a30b14db2L,0x7e4bc20c9a8247cbL,0xa620bdf811e536d0L,
-        0xe972971a67a49b87L,0xa10d8379f31c11efL,0x8908fe100b816ab1L,
-        0xe44858845c7db701L,0xacb4e91129807371L,0x0000000000000028L },
-      { 0xdb757df6497c4dc0L,0xad84afa0fd068916L,0xb98bb9c9c0ed25c9L,
-        0x9af8511a42c7c5feL,0x853e412f8549f45aL,0xe5fcb0b400cdd781L,
-        0xdda7fef0653d6e1bL,0x3340956d20aa3f18L,0x000000000000018bL } },
-    /* 36 << 280 */
-    { { 0x3751cc30569b8171L,0x0a5f50721195ceb6L,0x67a550c5aed5f6f7L,
-        0x9fa0ca1a467c1996L,0x342155f04c5cc05bL,0xa8fd7a3b1265b643L,
-        0xa105382b94eba9ddL,0xd2dc6762655a3ed5L,0x00000000000000c7L },
-      { 0x2913e45239c2dcc4L,0x81fa35062758d09cL,0x7df16b9411840bb6L,
-        0x0d96f28f04eeade0L,0xf5ab6c8c883daf5aL,0xa53d625e24e9795aL,
-        0x14158b332a711c2eL,0xd5ce7e2a97ad3f03L,0x000000000000010cL } },
-    /* 37 << 280 */
-    { { 0x9871dafee3cd99cbL,0xca11ffb2f9d1422bL,0x0cbec630ffe7633cL,
-        0x095207519701f5fbL,0xe7cdf5f0b714a25bL,0x54b44266e17aa21aL,
-        0xc53a84760ef13940L,0x9e8c18f56acbd9dfL,0x0000000000000057L },
-      { 0xabd27e097605396aL,0x731f83a012ea5abaL,0xb6a23513f28d07f9L,
-        0xbba530fa2ea3b230L,0x38f79ffe89abfb21L,0x2767e58ab7dce472L,
-        0x7eb867f9c16bd8b5L,0xeab0414eb76ce0c7L,0x000000000000009bL } },
-    /* 38 << 280 */
-    { { 0xe100e0eec1c91709L,0xa73bbf8c56238cdfL,0xe8b191e09196fb53L,
-        0x0c54c7820203b3d5L,0x914cd8154ad45f0cL,0xf488ed49b504e7ebL,
-        0x91983a3b525a0122L,0x7a9db32607a6bc76L,0x00000000000000fdL },
-      { 0x9e5874870b0b0ef1L,0x0c5df87d4deca852L,0xa671e125fcfb2b5bL,
-        0x4c0dc9d789fb90a9L,0x8bc6b9a1b47b79f0L,0x5ed3c685bcc0d53bL,
-        0x107f5ef1ec8aaab6L,0x5f93971f98ffcd41L,0x00000000000001e2L } },
-    /* 39 << 280 */
-    { { 0x81d5acf81e69cfcfL,0x5786ae3471bda15cL,0xc3e9c790d4ba8896L,
-        0x78415f43b320fab2L,0x5407bb1189d23809L,0x6b5d5e41d3007de8L,
-        0x1f686d5c39797363L,0x0be555c28d9004c2L,0x00000000000001ebL },
-      { 0x8eb5c5bf91addc9dL,0xe8b81cffe200f350L,0xca3b953d44b42146L,
-        0x6ba06ea9ecc482e4L,0xa6a70a446e4d1a38L,0x3210ff44eff587e8L,
-        0x9ad9ba8e1d8a7cf6L,0x813c4d94c77bf97eL,0x00000000000001f3L } },
-    /* 40 << 280 */
-    { { 0xe31effa2306c1354L,0xb5e2c13d85925368L,0xb1f2607f35ef339dL,
-        0xb06e916138e6170eL,0x4e6644b8f3f3e31bL,0xda16e937e3e59db4L,
-        0xc66e7dbf6accfe20L,0x31622dae364dc59aL,0x0000000000000187L },
-      { 0xc9d619cbc2b0bd83L,0xfe780349cf4a8cacL,0x8109dbb48b3d6584L,
-        0x55e1a93c943709d9L,0x651c52d321ed38d8L,0x87ca86938ef82c60L,
-        0x6ba45f8f4280d960L,0xe903e26b7e505800L,0x00000000000000a4L } },
-    /* 41 << 280 */
-    { { 0xbeaefb738d027004L,0xb93ae273b643fdf8L,0x171130c78b054ce8L,
-        0x03e50d97fa4348b9L,0x1e136c40bcd5a01cL,0x4c3c0b3320e072eaL,
-        0x5b07b9f5fb37369aL,0xc306209f6aae7067L,0x0000000000000096L },
-      { 0x28f228fdd8133dd9L,0x5e97b819ed9f4989L,0x0511850fa8e2e90eL,
-        0xfba9dac8a577a370L,0xd8f8a690e9748a8aL,0xc4061391c30a3f0bL,
-        0x22a676e042f585a6L,0x252bd6609c5f7211L,0x00000000000001b0L } },
-    /* 42 << 280 */
-    { { 0xd9e89ab1b2261b5aL,0x896f863c0bccf5d5L,0x09ba590aa5b7eb39L,
-        0xc8f52dfb0fa4086dL,0x3f236dfd1075176bL,0x0e0cc891296f969aL,
-        0xdfc18d50a2313921L,0x8494f9a73ef48a34L,0x0000000000000084L },
-      { 0xd57a2f227f5e334cL,0x69d7c5b7ded57c18L,0xcdb18f19b1ccf76cL,
-        0xeaec2b7c33021735L,0x41b62e1affce6cf5L,0x12282e773aad7e4cL,
-        0xf9c2216e9db6619cL,0x5f1678eaf32e4661L,0x0000000000000079L } },
-    /* 43 << 280 */
-    { { 0x3806aa79ed2215aaL,0x77b2b474fda96f56L,0x4957726aacc33f60L,
-        0x3aeede639dcb6de3L,0x7c5a4b2dd1f46307L,0x03638122d27dc35dL,
-        0x5c8c687cad802f35L,0xfb84505dcb2b917fL,0x0000000000000089L },
-      { 0x86ad4d10d3241367L,0xa5bbbe2804283e3fL,0xae8a8a156cf1b159L,
-        0x8b30bb7f97d37100L,0x302e14e45dc590ceL,0xe3aa0b5dcdd1751aL,
-        0xb2d7de843c7c9c0bL,0x9693fc8121ea3e9bL,0x00000000000000baL } },
-    /* 44 << 280 */
-    { { 0x30e7e4bda557a890L,0xb6a8ecf96b5cdb6fL,0xbec5ed5023b68ea9L,
-        0xc359d11f3fe99380L,0x84e9e7d83bd97138L,0xa58c8a9a3a5815eeL,
-        0x759839a47c240941L,0xb652633099670993L,0x0000000000000144L },
-      { 0xe3f92bef6bfae59dL,0x6eb6a3ef34c6f089L,0xb35ddc7862aa2a94L,
-        0x2495301b6c27da9eL,0xea719a48d8d23941L,0xf0be43ad79c61b1bL,
-        0xbafb76e1a27c859aL,0x9d2f814c97f29bb0L,0x00000000000001f7L } },
-    /* 45 << 280 */
-    { { 0xe3d9794863bfeecbL,0x787b7b93c4e33b5dL,0xd193545380e717c7L,
-        0x80f09edff51d7ee8L,0x5ece8dec2cb8e492L,0x1c2e49aeb0fbdd75L,
-        0x555ffd0c62ca40e8L,0xb087f09cc34239e1L,0x000000000000011fL },
-      { 0x058e0296c7e17929L,0xc37bb9507cabdf29L,0x3f760103337ba5a9L,
-        0xb04c49872eebc4d3L,0x06ed604d12273246L,0xb2b6a2ac48a00bdfL,
-        0x7b9eee4ef1e6f9caL,0x2bd8117abfcb3b3dL,0x000000000000003cL } },
-    /* 46 << 280 */
-    { { 0x9f03aa3fbadc0444L,0xd4646ae421350843L,0x9d669c31ae89c5cfL,
-        0x28f2dcfa88476683L,0x1a27c9a49927c5d4L,0x05f0d014342307c4L,
-        0x74a305b664bcee6dL,0xf2d3fa9c6b8102a1L,0x000000000000004cL },
-      { 0xb2801ee8e8313032L,0x484d7fc270c2bf31L,0xb1e823146bcb4da5L,
-        0x01c6855cf5dbd4bdL,0x59bc8152d21f4295L,0x452be6974095767fL,
-        0xd1557ede45d79429L,0xec32dcc2afb02a09L,0x0000000000000173L } },
-    /* 47 << 280 */
-    { { 0x196940e45ba5d05dL,0x6576d0f4bbc541ecL,0xe5e984bd3a91a1daL,
-        0xbc63c9eaf3498971L,0x89135ed31f03c14dL,0x44fe60e13379f59eL,
-        0x28a5a0b752e302bfL,0x14d350309b2c7e38L,0x0000000000000073L },
-      { 0x1c34012525832327L,0x88c1ebb85e862352L,0x5e82c2f646d29a75L,
-        0x98aa3bf4b5f97690L,0x17a8b7d4fbcc02caL,0x8190772afcc8f81bL,
-        0xee79fec1e5a4dc65L,0x62c89b093fe96241L,0x0000000000000166L } },
-    /* 48 << 280 */
-    { { 0x521cb4e322b7448bL,0xb51bca884c726beaL,0x9391bdea39c312eeL,
-        0xf9128ef72c8b9a0aL,0x988f9f78a8e51d04L,0xdd44418f96c8257eL,
-        0x3688fb242d7f2f00L,0x2f92e5ff1b1fdd4cL,0x00000000000000e3L },
-      { 0xba865459e98c49f5L,0x3545cf759dfe9dd3L,0xeb3ef7ffce823a85L,
-        0x39bc813a9b39a2a8L,0xb753463592a11c12L,0xb16a5bd61ee6d123L,
-        0x3192e6dd82fef180L,0xebfb81b4287687c4L,0x000000000000008fL } },
-    /* 49 << 280 */
-    { { 0x41889a308e521628L,0x353bbe7cd54a23f0L,0x6e30dc47b96e2ee6L,
-        0x957c31e030bf9a04L,0xe87fac6e880b0a80L,0xe7f5c5c603c6d936L,
-        0x2b605a09abd24985L,0x24da8804c0227c2bL,0x000000000000009bL },
-      { 0xbe44195151deea0cL,0x1d27a5349a94a2b3L,0xe89bd706906fd00bL,
-        0xbe0e3af4b48a3888L,0x462540f9ba0f807fL,0x5698134e4480f7e0L,
-        0xefbf0694f9470f38L,0x622aa439f2147a77L,0x00000000000000eeL } },
-    /* 50 << 280 */
-    { { 0x3d0eff5a9e14a157L,0x17b32d7a1e610aebL,0xd7d7e6da192e4c2cL,
-        0x9fe47524bafe7a78L,0xffde6e808f0f59d8L,0xfa5b05067f07595fL,
-        0x727527ab0c4ca54aL,0x3125b812f2ff633cL,0x00000000000001c5L },
-      { 0x9949eb375ebf3165L,0x6b3b1ca23d969575L,0xbdc906e777691f06L,
-        0x5c7fb79048e77747L,0xe14e6e1461b6e449L,0x168745a6ae1ca8c2L,
-        0xb1a8c53a10d7485eL,0xafba1519b3f97687L,0x0000000000000012L } },
-    /* 51 << 280 */
-    { { 0x1954666c0c70fb24L,0x82266d143f951a55L,0x05d351fb7571c7d1L,
-        0x18474822a33960cbL,0x9e21b386aff4d604L,0xdc1523b7c7722030L,
-        0x97d8d47c3b40f662L,0xe46c6e58c518f8e3L,0x0000000000000197L },
-      { 0x33776420fdf51fe5L,0x13c170deea2d40baL,0x9f058330686e0c42L,
-        0x187d65578e9b7d13L,0x60731c312fd50daeL,0xc4a33b8f616a056aL,
-        0xde3318374d1e0552L,0x883f0b1c76622fddL,0x0000000000000004L } },
-    /* 52 << 280 */
-    { { 0x702fec554340d2f2L,0xbfddf7ab5a6c6a38L,0x52d5a7ef0a77c874L,
-        0xb31d293155a58f3bL,0x3088d8036274e0d2L,0xb939133876fc6ab3L,
-        0xb144eb7c8e936c61L,0x9c6f8e0c31f651c4L,0x00000000000000eeL },
-      { 0xc4f7ef971969c94bL,0xd0ae9ee1b1ee6473L,0x9a2310ae3c6ef7b5L,
-        0x201667dcd9af7a6dL,0x177ef629e661696bL,0xa295439c27dce2c8L,
-        0x917e7ad90654b39dL,0xf4f4160e253e2455L,0x000000000000016fL } },
-    /* 53 << 280 */
-    { { 0xa5f4d18206539fa7L,0x00e9ca62193bd001L,0x4f82a43b34a98a26L,
-        0xf191a2c7acba36e6L,0x24af9551e410e4f3L,0xc497e07f6d3535ddL,
-        0x29c932541c60ad3bL,0xc979ef0d599a657aL,0x0000000000000155L },
-      { 0x0481964ddc0c026aL,0x02af224ad01e5c0cL,0x82bf913f1c2ef89cL,
-        0x86f6d32c471bf1c0L,0xca2ce84ad8022d80L,0x4f145b6799803487L,
-        0xebd0ffccda0964d7L,0x19f8d6f7bcef48f7L,0x00000000000000bbL } },
-    /* 54 << 280 */
-    { { 0x509b71b9ac36d28aL,0x15d32c770811d528L,0xb793235561dc6575L,
-        0x05233f01fabb650dL,0x3a16d034167495fdL,0xd567e0bf8c1efb75L,
-        0x253895e41fec8e93L,0x6b69015c5648158fL,0x000000000000000eL },
-      { 0x879a7df915627f86L,0xab3caf87f08f9464L,0xaebb91e351cc0b72L,
-        0xf5f3a2ce80718925L,0xb5740882c3e6f70bL,0xed18d27690f16d5dL,
-        0x318733e770b09c3cL,0xc1e1c737e4c59a44L,0x0000000000000095L } },
-    /* 55 << 280 */
-    { { 0x88537bbe883279acL,0xd66ce961da9ea3d7L,0x5a009e7f6f24804cL,
-        0x1aa5de7b572a81f5L,0x0a2d89e029910a84L,0xff6d0adba6a3b709L,
-        0xf709ae9d176ecf3bL,0xb55a2f97857e7161L,0x000000000000013eL },
-      { 0xd6ef2ad66d5ac444L,0x0cf086d7c738f5bdL,0x36484c34061945a8L,
-        0xad1acdb879dd65c5L,0xd58ac17af96e2538L,0xb1bc5d14ee8ca9ecL,
-        0x51ee010ef4765340L,0x2285cc3b31335245L,0x0000000000000138L } },
-    /* 56 << 280 */
-    { { 0x939fe75a6fc48236L,0x23d3887d911d8cbfL,0x258fea93b7d3a0e2L,
-        0x9b073bf37f01bba5L,0x7324e1698e6cb543L,0x44843d4aaf26dedfL,
-        0xa04a7c60ede00d61L,0x10218bd6cc5a03bdL,0x00000000000000a2L },
-      { 0x33c5563a2b93360bL,0xd50f6be0d4e9d47fL,0x78e7dfa1c7ad7ac7L,
-        0xff7c2c5a92c64ebeL,0x932531e7bb22d05aL,0x1c8f30604bc070ddL,
-        0xbd9787cb8d8150d1L,0x8ce2223b0cee42b4L,0x00000000000001f6L } },
-    /* 57 << 280 */
-    { { 0x6731c027e046c0a4L,0xf718dcede5a06138L,0x78ee5eb548b6ba4aL,
-        0xc2d5dfcadd81e407L,0x35da8dfe47dcfcacL,0xdc81e42a8eb7a98dL,
-        0x35db538102f60af3L,0x137c92f71af4e84cL,0x00000000000001a2L },
-      { 0x5fff48bc7fae3e38L,0xed6bb7ba7bfb9009L,0x3ea9829b94d9f8d9L,
-        0x1b02d966e57ac9f7L,0x2a2e7b3b9e17a7b5L,0xfd677d10f8b5971cL,
-        0xf02c62c4feac2153L,0xb2853d963d277f34L,0x00000000000001a0L } },
-    /* 58 << 280 */
-    { { 0x34cda6b2e8bcbdccL,0x1ca83d8ac58e01bcL,0x9c38e61d6a6033dcL,
-        0xd3df77d1696792c9L,0xdf573ec644eb1ecdL,0xa8a065432d74f38aL,
-        0x3cb79ad7491230eeL,0x828962151a271b8eL,0x0000000000000182L },
-      { 0xb889ef07d85525c3L,0x39a37a8da74b5e4bL,0x6dd97fe1ba9f0edfL,
-        0xfc32a4c55df3ce92L,0xfa0958f820517719L,0xd2570ed03c80801bL,
-        0x7b0d90f5df333517L,0x5448e3b21cbee93dL,0x0000000000000005L } },
-    /* 59 << 280 */
-    { { 0x9dafe225907309ceL,0xb5c7f7796ab4285bL,0x025fe316475406c6L,
-        0x6427b6a73703b8aeL,0x077b26865c34c5ecL,0x16bcd88fb1889dd6L,
-        0x963169a8eab6ae3aL,0x2a42b76c7535cd94L,0x00000000000001d2L },
-      { 0x7a7d5f3e60ea3972L,0x03495625a755ec1dL,0x441847032b183692L,
-        0x8303d22fadd33ccdL,0x6932dab9215523e8L,0x26f696dea7164118L,
-        0x682a8f9abb3aa620L,0x86aa638d15247803L,0x0000000000000078L } },
-    /* 60 << 280 */
-    { { 0x51849a5b53fbf94cL,0x2436d1f33647dfb1L,0xbfd7dfe1ac158d60L,
-        0x4157581eaba95982L,0x574c1d648b89798cL,0x6d659219754f1eb0L,
-        0x0654acce001d0c68L,0x8f1cafc9c86fb259L,0x00000000000001aaL },
-      { 0x96cf49426662061dL,0x6928d7c4565613e2L,0xfa3e5e7011afa907L,
-        0x2bedac91cd3c3062L,0x7b05951c87adb45bL,0xa2b68ef665e3fffeL,
-        0x682b65bedb7b8c54L,0xf8ef1353338a27a4L,0x0000000000000153L } },
-    /* 61 << 280 */
-    { { 0x3eec74aaf0d73d13L,0xb1200378a199d41eL,0x0501130712fce9ecL,
-        0x59e08d4685af38d6L,0x1c3028b097eb7439L,0x4389b2a7c8c2d7f4L,
-        0x41155e4c03df89a8L,0x06a993c37e415914L,0x00000000000001e3L },
-      { 0x1a57145402fb35d5L,0x818c71f0107f51ecL,0x009f840d42da6adaL,
-        0x67e4374f54a5468dL,0xf2250a74b245d86aL,0x09bc3e44bca120b1L,
-        0x6fdb2a6b308416a3L,0x0bd60e1c6a9146c0L,0x000000000000010fL } },
-    /* 62 << 280 */
-    { { 0x19ba4fdb0b35a9e4L,0xfc93eff181057e1bL,0x852ae0abf5380848L,
-        0x910c30d66877b719L,0x3bf62a9503916cb0L,0xd56a881ea3c2d070L,
-        0x256c3542a356f757L,0xcef8a8d929d75c65L,0x000000000000007eL },
-      { 0xca44a43576ea795bL,0x611ecedea8f27192L,0xfcb3a868de9182bbL,
-        0xac04e9d7dfa3eca5L,0x03f47adae89f80a7L,0xde7b801854858348L,
-        0xbf27c5a14a0e3befL,0xcd91a04d3461a145L,0x0000000000000117L } },
-    /* 63 << 280 */
-    { { 0x76dec50fd577c07cL,0x5a1d94bf5a8d2c7aL,0x871183453616e745L,
-        0x8b4e25d136e7d7daL,0x0464ac2c0033ea1bL,0x62f6569a2c5caacaL,
-        0x1989e0f6d2649cc3L,0xcd5990464b02997cL,0x000000000000006dL },
-      { 0x8df4238f7a8f232dL,0x04a5230661f90575L,0x179274765fdb83b7L,
-        0xddba74da6f09f3f4L,0xf6cfd200793d48bfL,0xe3ee41a1c980f85dL,
-        0xab48c17ae75f5667L,0xb09a7c62d4d971e8L,0x0000000000000009L } },
-    /* 64 << 280 */
-    { { 0xa99e0fa88b404760L,0x5f6b7eaa28835bbaL,0xebe75466811f0bccL,
-        0x3d69da3e9d0fffa4L,0xd815e361185f1ae0L,0x78623276b30ff597L,
-        0x3518246ea8466de1L,0x3c8e0d4a516b0e43L,0x000000000000003dL },
-      { 0xf4bc4434d1614abaL,0x49d062b7bfedf3abL,0x878c93290fc7e5b4L,
-        0x727ea9198a92c516L,0xd159dd269ac43994L,0xcc04bc19c25a36a5L,
-        0xcc7ffb96172789e1L,0xc136b9c92f2ee22cL,0x000000000000014bL } },
-    /* 0 << 287 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 287 */
-    { { 0x758be5677ed6ead3L,0x5aab37984ea30f41L,0x8a66701d724bded8L,
-        0x3e1ad9a070544b4aL,0xd0286777ee940423L,0x3335377b329a995eL,
-        0x244d471a4eee58a7L,0x32d4dfa067275e49L,0x0000000000000105L },
-      { 0x7ef7dd10f91eeef2L,0x51c22e8bba0c7d57L,0x45c515d485233341L,
-        0xd9d7cefcd353231aL,0xbef9d961da5bd561L,0xa5110c6f5531a41dL,
-        0x0f1f7a194328f21cL,0x1ad6d24c49ec18e6L,0x00000000000001a9L } },
-    /* 2 << 287 */
-    { { 0xbf2ffcb76e640a8dL,0x63479501a0b5a07eL,0x55bb30015f36f2e7L,
-        0x9890f999058a676aL,0xd9ee341b455c0d27L,0x6c95780c18e08fc8L,
-        0xeb63a675442a075dL,0xce46a1a5fb69da00L,0x000000000000006bL },
-      { 0x8c618934f3ed6253L,0xe00342446e9433b4L,0x989b99214260b2c5L,
-        0x11699804d9df4747L,0x125fe61f763a7f63L,0xa972786dc6ec395aL,
-        0x662f9fe7b7b7b8c6L,0xfb644a615456556eL,0x000000000000008aL } },
-    /* 3 << 287 */
-    { { 0x2014334668cd4338L,0x46b6c25dddec02b3L,0x7ed7b8e00f3bdda3L,
-        0x233b739abd4bfa08L,0x5d637074764e5f80L,0x16dca3c8bf2e9eb6L,
-        0x833e08beee088b75L,0x2e6d8782d0ef69a0L,0x0000000000000067L },
-      { 0xdd6bac439054fc97L,0x20f0fe3f00b0046aL,0x1f53f565aa8b318aL,
-        0xf74826286eba16cfL,0x899f86ddb055944fL,0xdecc577c4b26279cL,
-        0xefd021ba3dd92904L,0xa8be3c70f9aa1d87L,0x0000000000000029L } },
-    /* 4 << 287 */
-    { { 0xed29c2ffb0bb44d8L,0x0874c2a5fa00ddabL,0x9398e8a2065a4a5eL,
-        0xa6e1952691aab917L,0x20a816ac667898deL,0xda4b97934b94a66cL,
-        0x6fee1473b00e36e2L,0xcd9958d793a46ce6L,0x000000000000000fL },
-      { 0xeab9fa64a362872fL,0x87cc55b095457fb6L,0xe3e3f13d3c702019L,
-        0xe025b3c8ff6208c0L,0x8fcd5b2fd8b8f87cL,0xcf9ded31789bc9edL,
-        0x7474244818d40f49L,0xbf14e1f046c33140L,0x000000000000016dL } },
-    /* 5 << 287 */
-    { { 0x509b4ebd2a3f7a56L,0x284be6724315de88L,0xd9bc95a7708c6237L,
-        0xb614a4d485dfe317L,0xe35de3d30c1c5737L,0x9e0b17191bd97337L,
-        0xc3b084f841c2b929L,0xce03487b0953b7ecL,0x000000000000019bL },
-      { 0x35d5de3da22978fbL,0x7207c915b2212285L,0x109219a2328771e5L,
-        0xb262f06c8716c153L,0xc47aadea45f2bdfdL,0x7032cbeb4a1497f4L,
-        0x1603a5f69eabdf95L,0x56c6eb2bf53bb028L,0x0000000000000033L } },
-    /* 6 << 287 */
-    { { 0x0aa08334a3a5a2a2L,0x7b1e2f91dcfc5939L,0xe1c64158673e221aL,
-        0xa9ce2061cb3319d0L,0xb359c34b977a9b41L,0xc127af82b7f9fc83L,
-        0x18ada73481166c12L,0x1c4c48fb092d64d4L,0x00000000000000eeL },
-      { 0xfed1a8da4c5015c4L,0xefd54478526e1897L,0x0ac4f64075bbdc91L,
-        0xc0774cce910661ecL,0x699bb035c30ccc07L,0x836b7b1780952ccfL,
-        0x03b8bfef9788bdc1L,0xb24604c5fd47a69dL,0x00000000000000d6L } },
-    /* 7 << 287 */
-    { { 0x8f58d77c3904520aL,0xeaf3076af6db1f47L,0x249c1fdb6a139301L,
-        0x26211ebaa843505dL,0x4d3b5e4366b80789L,0x9adf20c48887bf76L,
-        0x411b47eb328f97c2L,0x3d00025636d82c8aL,0x0000000000000022L },
-      { 0xf0826b0c86b4639cL,0xcc429385bf2141c6L,0x72d72d948f036210L,
-        0x4aa9b7afc64f7650L,0xdfeb64b0b237cb8bL,0x7f901ff757a7461fL,
-        0x273abe41dd134f03L,0x026d1740005c1f46L,0x0000000000000033L } },
-    /* 8 << 287 */
-    { { 0x35e7af927e198aecL,0x2937b845ad58220eL,0x9c8c65cc625b0972L,
-        0x91991d8a1a9911c8L,0xc9f134d90a4ef588L,0x1cbe5c250e01d57fL,
-        0x4c31016e85251d47L,0xc587777652dc527cL,0x000000000000018eL },
-      { 0xa9232336d429c5f4L,0x60454705bfabb412L,0xf5f84846794cc5c2L,
-        0x1bd49ea0bfc8532dL,0xd4b45b2c3042cd43L,0x49590033374ab02bL,
-        0x78770266ee464c45L,0x0a33044eda262362L,0x0000000000000144L } },
-    /* 9 << 287 */
-    { { 0xcc4bae5e0e57b63fL,0x3d11ca0f42641e4eL,0x3bbfa96aefeece66L,
-        0x4857057f6abcde9cL,0xe796df9dc90f2d13L,0x28e49c241a945e44L,
-        0xb57f90935abaacacL,0x49a910222d46547cL,0x0000000000000058L },
-      { 0x868bc6345a6f0bbfL,0x466dce120f7ccec2L,0x23df20ee964331dfL,
-        0x281867e6b92cecd6L,0xd198e769f76f2ce7L,0x2461e009b02bb0f6L,
-        0x1a2009db2911f73cL,0x112c2f8e0897b7efL,0x00000000000000e8L } },
-    /* 10 << 287 */
-    { { 0xc17c5414720aebb3L,0xeaa1a7b97089e6bfL,0x9ee50ba136de9f22L,
-        0x4beb00685b3bf8ddL,0x330e8c045b3f6992L,0xf477636d6e7a978cL,
-        0x5799678a9543861aL,0xceb7d074810077e6L,0x0000000000000019L },
-      { 0x0d20db6dcafef71cL,0xb1c02cba35fa4e9fL,0xeb6628684630ee0eL,
-        0xda4bbe8c88265202L,0x71b53dc3e1aa127cL,0xf4e2e52f0abcaa62L,
-        0xe4c4cc96f8f6c926L,0xf9cf5ba414aaf997L,0x00000000000001e0L } },
-    /* 11 << 287 */
-    { { 0x34d27e320a34e7b4L,0x7fa34a4218845536L,0x54f38c415010e48fL,
-        0x1d19749a05382614L,0xcd7a8eea88443b45L,0x12534e16ab25cc4eL,
-        0x609939ae83f50958L,0xcd6795401a366d0aL,0x0000000000000027L },
-      { 0x877cd4c17f225eb8L,0xb0125faa2fd2154bL,0x4ee9df665f1aa132L,
-        0xb14bc327752041d4L,0x606da47f0db62194L,0xf4f0a39330e3f6b3L,
-        0x7f0d0e0743435381L,0x4078be8ab43b6346L,0x000000000000013fL } },
-    /* 12 << 287 */
-    { { 0xf946ab5188098f73L,0xe98c6e73ffd8bc23L,0x30d30a3c98758f69L,
-        0x302d5f8fbc8e359cL,0xadaa2ff6fcd2f1fcL,0x694de81c4adec57aL,
-        0x69735a5a97698a60L,0x15bbae8c2d55531dL,0x0000000000000164L },
-      { 0x2398abf08c6b2d9bL,0x258bdc0e9ec5ee96L,0x80aca75ca9bf887eL,
-        0x3e3adc8cd1495ad2L,0x1a30f94862d2f571L,0xebdbf063989dda10L,
-        0x86bddede74d3efaeL,0xa42598aac749c868L,0x00000000000001f4L } },
-    /* 13 << 287 */
-    { { 0xb8f4898284e24afbL,0x5df2eabb25b308adL,0xce0372215016261dL,
-        0xcf815e15125443d4L,0x0e41691c69ba86afL,0xb766cbd5d8f262a8L,
-        0x4ed7451e7fb6ecf2L,0x5df5ae6ef7f4659eL,0x000000000000005eL },
-      { 0x93994f1bcb7e522dL,0xc69bb9db8eb5bd8cL,0xc5a23729da4ece9fL,
-        0x33f2b7fbf2b293e1L,0xef4bcb035cb85fd4L,0x6c325c5ad8976753L,
-        0x5d3acef4ea95ccb4L,0x7ec98c6cc5de15c3L,0x0000000000000053L } },
-    /* 14 << 287 */
-    { { 0x6af0b935c936a7e5L,0xde94d724d4a248abL,0x0491c733594e53b7L,
-        0x238ef5341ccd7088L,0xaf0e791e4f5052c3L,0x70cbea8110c3411dL,
-        0x6b7c8574577d38bcL,0x00e147ae4ea6a924L,0x0000000000000085L },
-      { 0xcab57e2a497b793dL,0x3f642966edf47059L,0xa276326d2eb66b98L,
-        0xeba64255a76e1221L,0x698fd276d23677b9L,0xcbb4637445a0625dL,
-        0x5d92dddc50b672ebL,0xbef8ccd00839333cL,0x0000000000000091L } },
-    /* 15 << 287 */
-    { { 0x262fcdfa594f0099L,0xafc1ab5cbe87ba17L,0xfcb0b4ee7101073dL,
-        0x015c42afebd8503dL,0xee71a1a41b5a7741L,0xd77265524bdea91fL,
-        0x1bfe39a18879ccceL,0xb0ba1bfd516f30feL,0x00000000000001f8L },
-      { 0xcc05e22168028efcL,0x248242e61ad5d85cL,0xfa93caa2de771fc2L,
-        0x76d50a1a7d5ef758L,0x028a0b8d7b147dbcL,0x00f8e82a37b904dfL,
-        0xe105ca38ea612d6aL,0xc985187504292b07L,0x000000000000007fL } },
-    /* 16 << 287 */
-    { { 0x225420c396139042L,0x90a38d5c5bcf13cbL,0xb99a43ae99d999b0L,
-        0x5bbbe4d450a20372L,0xaa92420245a7eda6L,0x49543e058bb2a5b6L,
-        0xbd11556497d32f2dL,0xc57d1af95d680f19L,0x000000000000016fL },
-      { 0x93af05115ff37259L,0x89c88bef9b9cc398L,0x85526ff5a91987b5L,
-        0x8b7bb52adfbf9615L,0x25767d030839c531L,0x6b15aa2e1cd9033eL,
-        0x47490261dfae7d95L,0x4ee02157e7e1e8edL,0x000000000000015dL } },
-    /* 17 << 287 */
-    { { 0x61b3233b6fc2ac46L,0xf300ca4f577be5eeL,0x20751b6858ff827dL,
-        0x84f4dcd94fe2d451L,0xf566f8aebf7191ebL,0x4e0bb7c0ab75d2e1L,
-        0x3d4267d7246dbf2eL,0xce9ecb9b3888199fL,0x000000000000004eL },
-      { 0xd53b33dacd5cb1e5L,0x7c62f3c8dde86c33L,0x133ba1c89594264fL,
-        0x41e6d49f69a3d324L,0x3256265cae79db2cL,0xbf68642bd17a25eaL,
-        0xc3828f62f72d6723L,0x4e859cfbd6e41d3dL,0x0000000000000050L } },
-    /* 18 << 287 */
-    { { 0xfce66781065c3b1cL,0x2f28b538b5195f93L,0x9294fa3ed5f99ba0L,
-        0x32ef709c66c624bdL,0x4c555df34f610d8cL,0x90ee123f438e3d99L,
-        0x92d19b98919841e9L,0x2e228d8aeae83102L,0x00000000000001e9L },
-      { 0xb4566d09009cf7c8L,0x60b0ca8338105c3aL,0x9a4fa08aa8da65beL,
-        0x3208ad03b5fde8eeL,0x8462daa4737b4ec8L,0xbc182470a5c1b058L,
-        0xb1bf27ce7f0b478aL,0xdede341e67045b89L,0x0000000000000156L } },
-    /* 19 << 287 */
-    { { 0x1e44dd062149658bL,0xb1e065c68c59cd31L,0x8c96ff88ad2dd1ffL,
-        0xa18fb42b4f3c3753L,0xdd93c68fc4f74914L,0xf429553b8a075411L,
-        0x12086bb9bee2c2ccL,0xc0662dd733a37788L,0x000000000000002fL },
-      { 0x7830ac9733d6e53fL,0xd680aa17f434e81aL,0x2e2c636cbe139240L,
-        0x72e62040f21e8aa1L,0xcb4ac7a150aba0b2L,0x73f9f305362c3428L,
-        0x8582ca9c2d5d90edL,0x272c8dd4ca5ee047L,0x000000000000005dL } },
-    /* 20 << 287 */
-    { { 0x8cc3adc33883bee0L,0x306b08f63f15b848L,0xbf4896fc2340f68dL,
-        0x19b1de94b541ad34L,0xf343c4602c320a09L,0x1e5fa35ff581b0d7L,
-        0x34d600c7b3db161aL,0x54cd8526e9f8b6d9L,0x000000000000015fL },
-      { 0x4aa6ccd6ceb32adaL,0x2c2c5e7e7497bc17L,0x531ec78678791b13L,
-        0xa7f862c881596a68L,0xeb04236972e7ad06L,0x306db5ce7edad2f1L,
-        0x5e7a162ea1cdbb31L,0x06f0b4f3565f914eL,0x000000000000006aL } },
-    /* 21 << 287 */
-    { { 0x7d799dcfcf519949L,0xf36bf428d2734641L,0x775036b5b77431d3L,
-        0xa5a5c727b6b45979L,0x5aa5863d1c9b3278L,0x9330e8bbbc1f335dL,
-        0xfbf7cb34780d9905L,0x2287f0a50c894491L,0x00000000000000a2L },
-      { 0x1f922f765522c3eaL,0x52a337049e9a1399L,0xf0a0d965ba537263L,
-        0xb18778ccb87027faL,0xf15ece21a7bc1a07L,0x34ff0a5a0ebbdb94L,
-        0xf7875a19a18106b2L,0x6e17627f9432c0c3L,0x0000000000000040L } },
-    /* 22 << 287 */
-    { { 0x5f16528ba968accdL,0xdcfd5dc1261063cfL,0x99c6a790ad45c838L,
-        0x4b83b5dc811ff9d4L,0xc3c067f23c3deab8L,0x447ecca83496c2cdL,
-        0x212e9948ad2663c3L,0x080d13f5354fdc23L,0x0000000000000074L },
-      { 0x4e4a2ffaf202bae2L,0x12ee692f0b704ea5L,0xdf48fe7d66a3e286L,
-        0x13228b5095bdf85fL,0x65ab3ff9422dbe99L,0xfd795432b376e1eeL,
-        0x7dca34ac0de9e917L,0xf907ad9a8614521dL,0x0000000000000159L } },
-    /* 23 << 287 */
-    { { 0x6a62326cf2bef374L,0x0148ab35d0229744L,0xfec14cf2e5c28016L,
-        0x7f7a20b8f2913691L,0xe68c19f0a7a66511L,0x64181257c831bc8bL,
-        0x79373addb8bf5318L,0x3be916c44ab48ca2L,0x0000000000000197L },
-      { 0xab6dc2ae0e694594L,0x3e6d6dee6f24abaaL,0xe8f7befa436d78e7L,
-        0x40917244dce86463L,0x04837770fb488d63L,0x1645ed1b53cb01f8L,
-        0x492f484212320a08L,0xeea413edf21580d9L,0x0000000000000033L } },
-    /* 24 << 287 */
-    { { 0x1bcb1d73c96d566cL,0x0b51a27a1b6f4d02L,0x773be48b463d8fc1L,
-        0x267e606a6f19334fL,0x67a49a30db4a4bb1L,0xe33033bb6f476620L,
-        0xa2e4076b92025915L,0xb1845ee448f182afL,0x0000000000000070L },
-      { 0xdaf44e82d2f77d9cL,0x753f7f717caff6b8L,0x7fda258ac5d9943fL,
-        0x2f47f8379b012134L,0x9cbbdae94d2a9bebL,0xdb39f169221f799cL,
-        0xee68daf32048a54bL,0x36939e9d7f5aef38L,0x00000000000000f3L } },
-    /* 25 << 287 */
-    { { 0x21d565da891c0901L,0xe7258e5a02e8d871L,0xf7683e6e8d22ac60L,
-        0x40188b73d38b13aeL,0x09f41af92bf12facL,0x3a928b645a7b3178L,
-        0xb7eb9139de59434eL,0x12c96b6ff71e130dL,0x0000000000000003L },
-      { 0x0e18e0904423f103L,0x5e5184ba34e17c6bL,0x8fcf43a26fb05bb9L,
-        0xe5990252181ce682L,0x7deda4923df077f4L,0x37d276b504c18d50L,
-        0xb95438914c706ccdL,0x94d023c4ddbcb26eL,0x000000000000010cL } },
-    /* 26 << 287 */
-    { { 0xabf61a9ea3b3f8c3L,0x90237370b62fc9daL,0xc1d3de232c5128dbL,
-        0xf67097fb65ae3521L,0x0016debd78d68d97L,0x23ea15ddeeb9df30L,
-        0x4a09e240431259f6L,0xeb81173106ffdc4bL,0x000000000000001cL },
-      { 0x3c709776a20611b6L,0xd695948645d62433L,0x86c9232cc8344819L,
-        0x636675f6a260c3b3L,0xb927e00a2b6adb42L,0x9644f9e9f1c8c3f9L,
-        0xa0842190e01260eeL,0x6ea161f8e2a15fa9L,0x0000000000000127L } },
-    /* 27 << 287 */
-    { { 0xf245e320841600e3L,0xc597f039837d15e7L,0xa427b0c93669ff83L,
-        0x1b1fa11c054ce42aL,0xf985c1ab66e1c039L,0x7ee24b84af17c731L,
-        0x90d42d66f467a998L,0x670192d6222a6bd6L,0x00000000000000e4L },
-      { 0x252106f6b89fb34fL,0x8fcde56c7af89916L,0x9a6897639a7b371dL,
-        0xd92b0bdc14b4d750L,0x295cd60df7fe2ea5L,0x4f16e7fa93025bb9L,
-        0xb50d8e98acc07895L,0x0b2c2aab85295081L,0x000000000000001fL } },
-    /* 28 << 287 */
-    { { 0x84450f4a2d3a1514L,0x1ca1912da211fa6dL,0x18a4e99f487df3dcL,
-        0xae9dd13e6535495fL,0x0ec3771fba83ee44L,0x3ef3b94359ed9f53L,
-        0x0bae7d1fa163406cL,0x387121a0b815b7afL,0x000000000000001cL },
-      { 0x2dec1270f94fd988L,0x21680d0e3d3b53e6L,0xcc653cca28c69753L,
-        0xc03803d715d406f8L,0xae4e927ee939bf4fL,0x01dbf41d381933f7L,
-        0x602169e07ef8dbc9L,0xe782930581026dd0L,0x00000000000000aeL } },
-    /* 29 << 287 */
-    { { 0x793030dcfec9973dL,0x5e9bc45d259f2cefL,0xf691294dfb8710e9L,
-        0x371e0880556e5077L,0xe396fa2c3875f837L,0xc8062d5a607aa969L,
-        0xd17b9ac343675d61L,0xbe71883cde013cf2L,0x00000000000001eeL },
-      { 0x4495699ba7344978L,0xf546f5591c109544L,0xda2f84f37dd1fa4dL,
-        0xce4166a343595270L,0x1341e861a7df4f65L,0xf6ee6a0739292f29L,
-        0xe61f4613e5f02532L,0x3b36f58881f967c6L,0x00000000000001f9L } },
-    /* 30 << 287 */
-    { { 0xccfc7051875e2133L,0xfc3c0b55821f76a0L,0x544e229fcd8ef672L,
-        0x3666479347494f15L,0x22c05e5f109b2ce0L,0xc294314c492bcbb1L,
-        0x15beecde16558d91L,0x4518316761ae3008L,0x00000000000000a6L },
-      { 0x80bc2b2c26c28852L,0x941f0224510b0086L,0x0fcb9de4abffeb4cL,
-        0x0b1e80a966f723b4L,0x186fcc2be5cd0627L,0x8b1df932ca71dcf8L,
-        0x789cb0a1eb01452cL,0xb2e81e3681ffe1eaL,0x000000000000009dL } },
-    /* 31 << 287 */
-    { { 0x1d0a215efdb151faL,0x3e242b9cb0e023c9L,0x7b69678cc83b6d8bL,
-        0x2e8beb24f99e1e2cL,0x93149d54e690affeL,0x2b4e1f769b805cc9L,
-        0x68ca06fa9599daa1L,0xeab0311f5ca75c0fL,0x0000000000000170L },
-      { 0xa1012deb5102ca3aL,0x72335ccf4312d2e2L,0x1012b2bf4ab55d59L,
-        0xd09a5f033368547eL,0xd9b1570985acd78fL,0x6d3b9f42f7e576dcL,
-        0xc1de787eea6f8f55L,0xac3238aafb4c948fL,0x00000000000000fcL } },
-    /* 32 << 287 */
-    { { 0x5ec6427b05487074L,0x0b59fa1f80c426adL,0x0207d510c9946594L,
-        0xba1fe985d38f83d0L,0x113aec98c96eb133L,0x3424ad0182515193L,
-        0x3eb15aeffb6f9b10L,0xccb719e8f15d8be1L,0x000000000000013cL },
-      { 0x63f898834c67518dL,0xb5ca3508f85eb1d9L,0x1ea1c74faf652b25L,
-        0x4fbc5476bddedc4dL,0x22daa81af4b33c74L,0x9f7941a03f36ae29L,
-        0x90c2b8cebca5ca40L,0x53e736a1b587b3d6L,0x00000000000001b3L } },
-    /* 33 << 287 */
-    { { 0xb2c4b8f8fdcda3baL,0x5913f72464002d11L,0x978aed4cec7c81e6L,
-        0xfb9e4c7819795e08L,0xa63ad972e046e1ddL,0x4c913ef2ca493c76L,
-        0xa7b7de5c67d5a177L,0x34ea3faed5d548edL,0x0000000000000076L },
-      { 0x263ab24db8e17278L,0xf9db154a9ade657bL,0x66eac09c731d358cL,
-        0x40f840edb8d08934L,0x409adfa60c35b4adL,0x96e6e42913ed3e4dL,
-        0x4f8bc420d468368cL,0xbe6e5b6a5f85e95bL,0x00000000000001a3L } },
-    /* 34 << 287 */
-    { { 0x739e7cd7ebab693dL,0xcd08edef192f5597L,0x34ce91e9b4ab362eL,
-        0xbf0869027d8e9063L,0x9f85b3292893d739L,0x7b7713eb12c08939L,
-        0x81aef3b177d34b27L,0xfa873780f155d573L,0x00000000000001f5L },
-      { 0x1ec60390a76da4e5L,0x14047fa7fc79130aL,0xc4e484be8c4dd66cL,
-        0x347d3c918b008f74L,0x7a9fc84aca0ddaedL,0xde23768b59c02ff5L,
-        0x353ba3ed8983d294L,0x70bfbadad7535907L,0x000000000000016bL } },
-    /* 35 << 287 */
-    { { 0x7dd4835098829cd0L,0x6839f375c56e3a5eL,0x860921cb36c4f91eL,
-        0x0ca5e0b8159903ddL,0xb123ae8b23724973L,0xaa807279fb25d155L,
-        0x2b58fcf5f2d0840eL,0x33c635c7409f55e2L,0x00000000000000efL },
-      { 0xbdba4c387aa5323bL,0x8b3acb9b864fe257L,0xd440031e6ae45ddbL,
-        0x37b9bb525d86d712L,0xcc88786333cdcabdL,0x1f6533527c1daefdL,
-        0xc7bcc11e8a84fdccL,0x676e3d84b34be64aL,0x0000000000000004L } },
-    /* 36 << 287 */
-    { { 0x0b7c799943b4fc88L,0x47ea96a46a55dc86L,0x67fe6b4ba0bec552L,
-        0x8164398732aef8ebL,0xcbe3ebf7b23195ffL,0x23a03ed1b70013ccL,
-        0x3bfe99e80f6a4762L,0xdee758be7483a709L,0x0000000000000190L },
-      { 0x05a52134be5007a9L,0x869f393c68e4cf51L,0xc7b56267c28c1a88L,
-        0x2bd98f7e0dc40b0cL,0xfa631a8321f9d503L,0xde940d201fa14801L,
-        0x26fdb625c3e152acL,0x7f72d33650d8d6edL,0x0000000000000093L } },
-    /* 37 << 287 */
-    { { 0x7298111644c81fefL,0xff5c80aa32f7a76bL,0x82f5d039182a39d7L,
-        0x2f32365a7960f5f3L,0x0488e8918cb0e827L,0xd8549d180721822bL,
-        0x5c80c8d57d9cf4dfL,0xc607bd030ead496bL,0x0000000000000016L },
-      { 0xc7ff1e33ab77acf5L,0x1a514f0a044e2661L,0x12911922b906ce12L,
-        0x847951f023f86570L,0x83242de153bd17b8L,0xd04a3e96190ad7e7L,
-        0x3445dc26604be4d6L,0x616a61a208bac680L,0x00000000000000d9L } },
-    /* 38 << 287 */
-    { { 0xdc35d8c52cfeea6bL,0x45a9d97d99c6b24bL,0x727b2ff281261d8bL,
-        0x87bfa12e9a446a97L,0x44b5cb46d045b1efL,0x4aae3f8a70c29285L,
-        0xb911c6a8e7a014a0L,0x0692e0e36e1c9679L,0x0000000000000117L },
-      { 0xa3759e511300d87eL,0x461e8bd13ce09839L,0x55a8b8194932e9acL,
-        0x0623e3207eeff04fL,0x6f21721881e0ff93L,0x0b726fc0f9ccdbceL,
-        0xb94f97d15fb03e1eL,0x9339f75bbbd8417fL,0x000000000000009bL } },
-    /* 39 << 287 */
-    { { 0x4b7fd5cd70221112L,0xe95de56b71ae6670L,0x2cb7d98df08bbdedL,
-        0xabcbcd2fe57331a7L,0x69c3b30710dc3694L,0x5587e28e8e64f72dL,
-        0x29d7a61b02846a2eL,0xfd4abcfac88e66c0L,0x00000000000001f5L },
-      { 0x80ba4555d4f9d318L,0x7038827722c31c44L,0xeef78af085d0468aL,
-        0x846341582221ca01L,0xc8ec963f726e877cL,0x3aba70060d2be74bL,
-        0x71274ecbb2a71a81L,0x4a7c7680a6648fddL,0x0000000000000016L } },
-    /* 40 << 287 */
-    { { 0xa5d6c61faae6fe14L,0xff4fd50037b0da63L,0x087ca2202386bb0bL,
-        0x80a0d03deb70f71aL,0x1b5ed1d861b7b396L,0xc49483c906218384L,
-        0x3a3b534cb715959dL,0x4109d89408511c23L,0x000000000000018eL },
-      { 0x0524d716504b62e2L,0x514f91699a0104bbL,0xc41c74c8e9c613c3L,
-        0xce7a9561b4df2024L,0x17116cae95be7a5aL,0x372d47642172e2c5L,
-        0x9aadf8d65aae7d3aL,0x77bd6304d35903dbL,0x00000000000001baL } },
-    /* 41 << 287 */
-    { { 0xdc15770ef840ae67L,0xa3aefed136f17978L,0x38cf706b58806eafL,
-        0x7b5317312b8ca8e1L,0x45c9f9de1eb7b6cdL,0x8410e75a44a70febL,
-        0xd362903a942c4e05L,0x43e5ec0b482b04fdL,0x00000000000001a0L },
-      { 0x176aecfcf569465bL,0x8c6de88ca5f800a2L,0xb4efde01873fdbb3L,
-        0x1d4f10aa523beda9L,0x7299f81d77f8dd80L,0xae24679ffafe5f4aL,
-        0xff5eedaf142ab79fL,0x4f0aa1d58274cfaaL,0x00000000000001b3L } },
-    /* 42 << 287 */
-    { { 0xd9e66f808bbcda48L,0x6bf81e10ab2f71ffL,0xc0410a0051ca5f9cL,
-        0xd4c92b1195d2aff7L,0x83f38269af7927b1L,0xab3223cedeb329c8L,
-        0x1efd631048360a2cL,0x8aa5d85e4ed0a930L,0x000000000000018fL },
-      { 0x595e653509c61585L,0x00203ea9f8489891L,0x4a048a9784a2d1acL,
-        0xc3ccb4d21c6df789L,0xe7d740b3ab880e8cL,0x6345e96775fd1a87L,
-        0xf5636d795359993fL,0x100b98e94907e135L,0x00000000000001d9L } },
-    /* 43 << 287 */
-    { { 0x8f91e1fd96799962L,0x55b13fe2a1ccf057L,0xded45a5794d8177bL,
-        0xb9dceec579709266L,0xe3be73222eb10923L,0x8b06ffc8fc82aeefL,
-        0x46d6485a742741aeL,0xe1e0f1bc0e82d8e4L,0x000000000000013eL },
-      { 0xced2707e39ee8a27L,0x5c2664879dd5a0ceL,0x1d4115d44e369f35L,
-        0x92c350e24ba9cf2dL,0x6533ce6ab1d46440L,0x633115437de4fb1eL,
-        0xdc75f32cc0b8f159L,0xc04579e13b5b946fL,0x00000000000000f5L } },
-    /* 44 << 287 */
-    { { 0x980752e1b618c3fbL,0x1c15864b25161e86L,0x490bec9c83024300L,
-        0x20d33fca89ce7925L,0x34c7ab08582837dfL,0x207a275e0bfd6076L,
-        0xf09157704f9e58d0L,0xa8525b2f1b53bc52L,0x00000000000001c4L },
-      { 0x1a6f37d694130fe7L,0xbc72fdaaa18d2529L,0x6e51aec7bb557067L,
-        0x44860fc5147b7b40L,0x64f81f1cd254589cL,0xb4ba31930406123eL,
-        0x9dd412efe8b8be32L,0x8dbcb40b15702711L,0x000000000000013fL } },
-    /* 45 << 287 */
-    { { 0x9eca299b06a27b5eL,0x79f6fdc3bc3f5221L,0xc5b3305b7346f300L,
-        0x570a19511022cff2L,0x58740fccc5207454L,0x5215d8164004ea39L,
-        0x522224c739c8ddd9L,0x174c95e1039a27c5L,0x0000000000000001L },
-      { 0x4f69c604296bcce0L,0x51755ce45119beb1L,0x3d12e7d8a35cc907L,
-        0x360935b0ab351798L,0x75eba43bc11b521aL,0xaf991a2cd31467daL,
-        0xfaaf67ac17e63972L,0x44abfc569f13868dL,0x000000000000003dL } },
-    /* 46 << 287 */
-    { { 0xec7238d7c2d59d30L,0xaa4ef2e4aaa203fcL,0x566f58f4dcf9fc1eL,
-        0xc8474f1a0869c0e1L,0x2d77f6726ad3ccd6L,0x9325fbc3dbfe2d82L,
-        0x2860c924182a952fL,0x07b221d085b5769aL,0x000000000000000dL },
-      { 0x259039edbb854ca5L,0x70342bbcfc89ff2fL,0xc9a179010e634818L,
-        0x6a06796dc81f0292L,0x3f625bdd35063f58L,0x5d78a549f498f7f7L,
-        0x5fb6be9d911b1e7aL,0x9a3fb5bc3ba9e1daL,0x000000000000001aL } },
-    /* 47 << 287 */
-    { { 0x5731b8f3d98e6e5dL,0x6778b260d5a03ad1L,0xf279515b649b1ebcL,
-        0x48610ff53312d0c8L,0xd389681f46354ff0L,0x80e063c9ef3c2717L,
-        0x10ce407a83f0dd58L,0xbee78d46158e8ac2L,0x00000000000001b0L },
-      { 0xb5676bdb1a5531b2L,0x3ce62d7f2fb26867L,0x76e1b2152b0af296L,
-        0x76875d567a42d01bL,0xb59fbfcb56991384L,0x7faea2f32de3a3a4L,
-        0x06298c2772f7718aL,0x79264b65651d7515L,0x00000000000000acL } },
-    /* 48 << 287 */
-    { { 0x4de60e1e16d44fc0L,0x86143bbbd5546f49L,0x41fa8fd595ad6b38L,
-        0xf2f21b350251812cL,0x2f5ade77eb2a57e4L,0xced255c0ac290bf7L,
-        0xd1e7969058b23e1fL,0xba7a7514f406ffc4L,0x00000000000001fdL },
-      { 0xe2a9e7bc7b8ce9b6L,0xcc6107e8803955b7L,0x8a59ec8c432fa865L,
-        0x6886d08c481bbb72L,0x0de2fe38db7fcc20L,0x654419299976d353L,
-        0x0527047ec4efae8cL,0xfeec201ee21b2e66L,0x0000000000000086L } },
-    /* 49 << 287 */
-    { { 0x3f121bc676bffba9L,0xed8f7b175c3251faL,0x4755cd3f2c99c00eL,
-        0xe79768df8e766134L,0x58662ef2b2a09ffaL,0x6f8d645a6a29c866L,
-        0x5973d32426f990c9L,0xae9beecf5ae23357L,0x00000000000001baL },
-      { 0x64c20c91b3f0d194L,0x36b4d96ce153d1b9L,0xf294b342c9707d50L,
-        0xb269c9b80599d63fL,0x2aa166e48a672b71L,0xdd8cf8ad8c69d106L,
-        0xe446c91269bb8492L,0x3a5068e1e0afc64aL,0x000000000000006bL } },
-    /* 50 << 287 */
-    { { 0x7748105e4dfefb66L,0x952fc9823de55ef3L,0xc945662fec01a7dbL,
-        0x57dfc326136c9246L,0x5864f8aab3c0dd2aL,0xdd11387181126d21L,
-        0x096e017bc2f6ee68L,0x2bd384b529f22a80L,0x0000000000000171L },
-      { 0x7acc273262443e2eL,0x21f545cefa227e81L,0xbc0f387d716b1121L,
-        0x8756ea78a8d3df9cL,0x91294298cf6c071bL,0xa109d544d37e7a16L,
-        0x2c27c61c4a979e5dL,0xad4662bf6bb98eebL,0x00000000000000c7L } },
-    /* 51 << 287 */
-    { { 0x8f24735f7ef57d61L,0xfe764b217a74fb7cL,0x6b90cddaa7913c97L,
-        0x89001bfd3d0fed42L,0x874d170a776c73c0L,0x7a7095c6e6fd64e8L,
-        0x5f787a9dc5b6b31aL,0x550f1c531ff8424aL,0x0000000000000048L },
-      { 0x384c067743b13b54L,0x65d8884e2e5b67d4L,0x7106b3682b2b005eL,
-        0xc22c663d2cb1f1a1L,0xc3bb1b8294e03ce8L,0x04a562df2d97ddaeL,
-        0x7886ec4ba917202bL,0xa8eb4ac88bb2ae23L,0x00000000000000efL } },
-    /* 52 << 287 */
-    { { 0xf9a8bc79c269cd29L,0xbe6982a835a97cb7L,0xa7740e027200f43eL,
-        0x72be0da1165175c6L,0xf7c5f902e8aea997L,0x079dd00fe6d7de98L,
-        0x82940a7e0e5cd7c2L,0x615687af6e74f7ebL,0x00000000000001dcL },
-      { 0x84a93d46969bec3aL,0x673f8a1a81283fd1L,0x59ae6b7d1a24c4c1L,
-        0x1506e799db5385d2L,0x43f89c2dfaf7c9e5L,0xcd4a58e507df349dL,
-        0x87d1239226eff985L,0x9c7b514286548735L,0x000000000000000bL } },
-    /* 53 << 287 */
-    { { 0x8bbe703a952e81fdL,0xdf43b74182f9b684L,0x9c6ac3560ffbeeaaL,
-        0x78aacf6dc17fcb23L,0x2698f3bec9ee6c25L,0x707d8033a6fd9701L,
-        0xe844b5ae82b097acL,0x02cbc3fa57be01a4L,0x00000000000001bdL },
-      { 0x14ebe4367cedc9bbL,0x1d64fe901c921970L,0xe55c69b4daa0458aL,
-        0x0f68f561da8951b9L,0x606ce9ddeb7f4390L,0x8b249877c8204883L,
-        0xdae70a0a533eea70L,0x8367156bebbfc8d6L,0x0000000000000050L } },
-    /* 54 << 287 */
-    { { 0x4f085c6b70d71433L,0x500e36aeffe3039bL,0xbbb595eeecdbb49bL,
-        0x49b4a39e84d8418bL,0x657af86547150026L,0xa1b6888f3495dd49L,
-        0x3db61acb5f0cddd8L,0x86208eb95b9b0493L,0x000000000000017eL },
-      { 0x378f7c79a3a8e19bL,0xfe9d20c80225c551L,0x7192347f8a7d2706L,
-        0xaf66bd88bd5a1a12L,0x184528325eb963bdL,0x0eddc645fe3cfb9dL,
-        0xc50b1fa21f6d4faaL,0x582fc52f738cdaacL,0x000000000000015bL } },
-    /* 55 << 287 */
-    { { 0xcd8bb30ccff1f7f5L,0x2e476a3d52375afdL,0x84b205ede21acdfbL,
-        0x0c07485624b6524dL,0x081539bb079c9199L,0x0ff9151612dbacdbL,
-        0x0e2a291d778ea0efL,0x2c6bb624b6ae1b88L,0x0000000000000115L },
-      { 0x559603e05013ff58L,0x91ab545e04d6892cL,0xe58c8f9c9aabb577L,
-        0x460c88fc3f50fb7fL,0x1d36f37d2c29abefL,0xc32f5683e698ffa8L,
-        0x4311a22b14f77974L,0x061f7526c6512ae6L,0x00000000000000c9L } },
-    /* 56 << 287 */
-    { { 0xd0fc63b0ea5c4656L,0x87e24742b04936cbL,0x242865fef6223111L,
-        0x0a1c9f7c88c3fdb2L,0xa1ce393deb785b41L,0xb57b01e50f014ec6L,
-        0x84cd63f91eae978dL,0x28a02cf7615a8787L,0x00000000000001c6L },
-      { 0x000d32fb64317827L,0xeec5181bd8ebcb3aL,0x4f559972be5be8f9L,
-        0xaaae45d1ff34fa5fL,0x34330820ec25372cL,0x3d3d88af5f583d42L,
-        0x16e14e2dac9463faL,0xbfe401edd02c6401L,0x00000000000000fdL } },
-    /* 57 << 287 */
-    { { 0x303f7c2191026338L,0x1044db852d912c48L,0xfc2085c2470306fdL,
-        0xf1ae74d7d6261c9eL,0x9383596cca88358bL,0x40e3fc61130fed49L,
-        0x5b31503e7fb7caddL,0x74ae8b314ede0bbcL,0x000000000000019fL },
-      { 0x762dd492f4cfe3f8L,0x73ff4852c626dc61L,0xd71c7548dde18f9cL,
-        0xb0f6e288549faaaaL,0x1e4864e9596d3c8dL,0x9d6ef29060783b2dL,
-        0x4d4887031ec18d75L,0x18bb5d8f44f1de93L,0x000000000000005cL } },
-    /* 58 << 287 */
-    { { 0xd773ed1b16219cdbL,0xa9bc2d4bfd8c1c68L,0xb43ef1e5878e384fL,
-        0x1b070439a150dd75L,0x8d5c9984e8a4281fL,0x7b4371effe5192aeL,
-        0x4ca528f0fceb6294L,0x3657f78ac01f35a7L,0x000000000000008fL },
-      { 0x00b1077093170e8aL,0xab16fb4e1d2e8bcaL,0x9f313a1a4f2f8602L,
-        0x88521cae6b9b2573L,0x6f6bf5ddee331076L,0xcf05b7228e09934cL,
-        0xf8b445c395762a35L,0x2e1579120c892f04L,0x00000000000001a1L } },
-    /* 59 << 287 */
-    { { 0x3766a4d7858bc9caL,0x295bb5db99714cdaL,0xac54938ab5298fadL,
-        0x2ba0547a429ecfa1L,0xc49c9daef173653aL,0x1de672b7e9d21243L,
-        0x24960d342b2352bdL,0x46067324b31663a5L,0x00000000000001cdL },
-      { 0x13eae0f3789923d1L,0xb1849a53eac934d6L,0x354d92ffec456259L,
-        0x88a4b03fe558f44aL,0x8e9d23e101d5bb7aL,0xf5734a3494fdf6baL,
-        0x79e3d56e16e73899L,0x1ed057ee0e63d42eL,0x0000000000000099L } },
-    /* 60 << 287 */
-    { { 0x287d78f48c86cf27L,0x957ebaca51081682L,0xc5e2c0757ae4db49L,
-        0x4fd137c952000f40L,0x614a4ab213285161L,0x71a6928ddae9e341L,
-        0x9758874ba666dafdL,0x4bc8b6693697e3c7L,0x0000000000000161L },
-      { 0x5c31b76a89aac81cL,0x365bcf13bf1fcb91L,0xc64df528441b324dL,
-        0x8b57f07fbe9a9cffL,0x7ae23c2186fb45d6L,0xc3bf3c3b136ebdd0L,
-        0x6b5dc92e6dbd0b61L,0x330886f1d519ef41L,0x0000000000000019L } },
-    /* 61 << 287 */
-    { { 0x6d2e03fe6d8655c7L,0x0487d0369a5d4136L,0x86b1ba539c89b36cL,
-        0x168a8617c25c8477L,0x818ec8e4ce0b81d6L,0x5f7e1f5aa79096adL,
-        0x3ed99ae7396d84d2L,0x2798c459eef4e012L,0x00000000000001d7L },
-      { 0xe6564f4f531b9dc3L,0xb6627fe65b38bbe7L,0xd9ad26a6bea83504L,
-        0x1b9d887b0e3d69e1L,0xb67ab97090f81c05L,0x16c1fc9ffcdbb086L,
-        0xd7732e23d19f14b4L,0x047368461ec62389L,0x0000000000000100L } },
-    /* 62 << 287 */
-    { { 0x1dbc0bb16ddfa714L,0xda0302b7eec67fc7L,0x6daa1cba5a9dd848L,
-        0x640d3b5ed9e894e2L,0x461653b3f87be8b5L,0x5a9dcbfef36a148eL,
-        0x2e4784fca907eee0L,0x234c8b37b34d04b2L,0x00000000000001c4L },
-      { 0x2e70d5abec9c6abaL,0x6e9c28cbf32925b5L,0x77fd60422d0e1d25L,
-        0x216e3254980aa40bL,0x75e1075516878b0cL,0xcc80010706a2ba55L,
-        0x5f1f53368bfe962aL,0xc043f7eae6e46f09L,0x00000000000001e1L } },
-    /* 63 << 287 */
-    { { 0x2cbaa9d79a7d2353L,0xc8ddfcbfe0405dddL,0xd8b33d0c694fd5abL,
-        0xe1c2a3f3c2c6dfbaL,0xb26f832191fe9c8bL,0xd30b644aa794437fL,
-        0x2a94f86d74a29d06L,0xc249a27839b16ed8L,0x00000000000000b4L },
-      { 0xa2e31c29ea3096fdL,0x622d7af518e9785bL,0xf9a9c952c1cf5446L,
-        0xe5c66c9d44c9a592L,0x128613e545227c47L,0xc57169f2f5ed7a49L,
-        0xf5fe83dd15211638L,0x7cfbfa9beeaff7d0L,0x0000000000000140L } },
-    /* 64 << 287 */
-    { { 0x8645efeb9545bb61L,0xf696af86207181bbL,0x94d3014ca2b2d411L,
-        0xb8f1515665c54db3L,0x6574f1cb011dd592L,0x7d9c69ebf3247ab4L,
-        0x1708b24d5a391a77L,0xaaa19d08312e131fL,0x0000000000000167L },
-      { 0x1d3f4510ebaea62dL,0x2186c9c26c118b52L,0x81c0b0afcaaadd5fL,
-        0xa0256b3c665bb598L,0xec461656eced1f38L,0x77bfe65265aa7914L,
-        0xd2600229333f7aaeL,0xd916fbbde1f081ddL,0x0000000000000010L } },
-    /* 0 << 294 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 294 */
-    { { 0xb64361a93f7cae04L,0x23cfcf76af64efbcL,0xb4539c3cd4965ae5L,
-        0xf16e3e884df1182dL,0x2bf7eed4dd75fed1L,0x831a5956a215b733L,
-        0xc23e3f1a9732d4ddL,0x3644961904677879L,0x0000000000000068L },
-      { 0x14675e68e07af31cL,0x82c3d1baabcd16d6L,0xab1b388e6fe13962L,
-        0x3490b5218016a6aeL,0x13b584a11ce7f93bL,0x44265da4a5cbeb76L,
-        0x17e4726763df9697L,0x10144c87cf2b278bL,0x0000000000000013L } },
-    /* 2 << 294 */
-    { { 0x4e75aeb08523aab6L,0xd32a993258144cddL,0xe7a2ea2d3c055e41L,
-        0xc25dc24e31c1949aL,0x719e3bdaa124dbc2L,0x331bf1820c1b238cL,
-        0x6fb91096fb86656bL,0x6a12ae8db484c49dL,0x00000000000001e0L },
-      { 0x4e4b8553e97e59afL,0x6a2b1f0d8e98d66eL,0x9001ace6d49bc96bL,
-        0x70b21c8a3e8d2774L,0xba4c7da4473972a2L,0xf159ea8b7b898adeL,
-        0x7a0e87a0cceda981L,0xb886ab7d2f280717L,0x000000000000003aL } },
-    /* 3 << 294 */
-    { { 0xdda29d3be583a2c5L,0xbc0632201b0c039aL,0x31c58c6f602b6077L,
-        0xc8ddbb1bbb639a64L,0xdea19aefea3cf3d1L,0xbca9f001e9a2053aL,
-        0xf0ec77121930345dL,0x4f2cddd43b9b8eccL,0x000000000000015dL },
-      { 0xeb7851a8abf98eaaL,0x12d75a839dc39602L,0x252365a4ebb5f975L,
-        0x1b9301bcb8efb6a9L,0x0b489a405e8ddd2aL,0xd3629e5fce3b1dacL,
-        0x2064a36707a223ffL,0xdc7e94d10080ee45L,0x000000000000014aL } },
-    /* 4 << 294 */
-    { { 0xe0828a5b448996e2L,0xdd3f4d9b516e440dL,0x223b4f87ab10e109L,
-        0x766bde384ce7241cL,0x0b1cc320dcaf88a7L,0xb0470e7dd75440d5L,
-        0xe3894e41ba76b7e8L,0xa0341305a762bb9eL,0x000000000000013fL },
-      { 0x4f5581d30eadf722L,0x6e4e31e050d8999bL,0xc14bb14802f03368L,
-        0x41f1964326a263b5L,0xc0642e4c3b5f480eL,0x0a3280df63191881L,
-        0x4ee1959a78fa9069L,0x7376078a557a8dc0L,0x0000000000000181L } },
-    /* 5 << 294 */
-    { { 0xbe2d598bff25ee79L,0x2a7c3b68c82ea4ecL,0x2914f1c160cc7b7bL,
-        0xd9676e92e29a111dL,0xa5c2d63ba8ee3c8cL,0xa5c3ce60331676c4L,
-        0x865ae6a4e189bc61L,0x73e0bc606cc0c210L,0x000000000000004fL },
-      { 0xb36fdaebc2480585L,0x9e32b2fb0aa27761L,0xc1bc360f749efcb7L,
-        0x7bb61cd4a1c021cbL,0x78d559a81295d34cL,0xdb3da27d9ed2b89aL,
-        0x2cd8e29bdd5ef272L,0xc8ef3c63de181b01L,0x0000000000000092L } },
-    /* 6 << 294 */
-    { { 0x1d99435dc6064b04L,0x7fa5fd072b95a7ceL,0x40ef3a291dacc40aL,
-        0x95af1d5af4c68a6aL,0x67a2b605532c2d93L,0xfcb49b4b78620565L,
-        0xf814de99833ae939L,0x5770eba80f620cb3L,0x0000000000000190L },
-      { 0xbf93ee90ff475874L,0x334debc1a2a5b169L,0xc67fbf1e68aa4bedL,
-        0xfb1410ed74d07240L,0xb0a00657a9eb3f94L,0x59c6aa0a0f1be110L,
-        0x5d615203b40b739fL,0x8724fc0b4ad94ffaL,0x000000000000006eL } },
-    /* 7 << 294 */
-    { { 0x30c955f422b25fbeL,0x0469be6e38702ec5L,0x24dc7ed77b4c3dddL,
-        0xbcd2c1e51999ec26L,0x63d42519eb5918a4L,0x5b92b4a9b9272f31L,
-        0xd02102ce79dedbcbL,0x09bae7da4777b662L,0x000000000000017fL },
-      { 0x96d4a0c4897b1f72L,0xd481098d85bb152eL,0x226203a263df30bbL,
-        0xca5e74089bb6051aL,0xc89f1c4be0dead4eL,0xf9d8f9b5503a124bL,
-        0x9e73ea84a08dd221L,0x5a898d3d7b5a3e30L,0x0000000000000173L } },
-    /* 8 << 294 */
-    { { 0x5c6dcfe8fcb68ca5L,0x499866e3902e03cdL,0x28638635cff1adc7L,
-        0xd224bf5d6538cf65L,0x59fac5c2d7c55f70L,0xc710492699cda00aL,
-        0x043001c39ae92020L,0xbaf959dbc325cc56L,0x00000000000000c5L },
-      { 0x76aec243e69664a7L,0x0885dbb386d69554L,0xe4a288833647325cL,
-        0xdb1adc9a6e8e47a4L,0x3e2230dab14e1019L,0x49a16a19ac7da236L,
-        0x12eac3e98df54dafL,0x78d48ea77964ab39L,0x000000000000008eL } },
-    /* 9 << 294 */
-    { { 0x6033de1bbaf7f635L,0xc253533472bc0c5aL,0x8192188210a5ae12L,
-        0xa15accef6c3b8435L,0x6d0c30b8371eff0cL,0x877daecc0e7e663fL,
-        0xae63f47ab0fdba65L,0x9b91f14bbb19f291L,0x00000000000000fbL },
-      { 0xf98cbf19c9ed84d4L,0x26265242c73f3fb1L,0x62fba52fa237aff5L,
-        0x561e0ed381f85bc9L,0x18825d251d817972L,0x53de722c9ed3f84bL,
-        0x8a2817fa3854812bL,0xd03138cf3055d672L,0x00000000000000c6L } },
-    /* 10 << 294 */
-    { { 0xca64371d1b6ba219L,0xaee6dd0f5d49fd5dL,0x3bbf0a2ce222ca70L,
-        0xcdf5981fdfd4aa18L,0xd59333e9703352b0L,0x63c14fbce8c9d667L,
-        0x59c6249ee1c82654L,0xf74f29f7a2f2b42aL,0x00000000000000cfL },
-      { 0x78a98f744fb7397fL,0x3b72aacb7d62ee2aL,0x5a2b827142b78618L,
-        0xe73a88377efdba25L,0xe029ba19bb860133L,0x47b0f0fd48745802L,
-        0xb416fb7d8b425a5aL,0x1716aca7838eaabdL,0x000000000000006eL } },
-    /* 11 << 294 */
-    { { 0x7b5e9555e7377511L,0x764963ddf57ac8a7L,0xc9d4d1202bc0c55cL,
-        0xc89debb21325db7aL,0x768b37c0a42ad0a5L,0x6c47d86ab2c32964L,
-        0x592ce7ff10712241L,0x5fc45fc1874d5848L,0x00000000000001c2L },
-      { 0xfaa50c97de74b8a0L,0x3552df05a90e0a0eL,0xd9fbb1a5d216a436L,
-        0x08a1940cd78657f8L,0x2d91c2d64f5a0ba1L,0x0c1b9d61812b8946L,
-        0xe048c827ea96bec8L,0x71315883fa6e2770L,0x000000000000016cL } },
-    /* 12 << 294 */
-    { { 0xcb52bfa5386c4e0cL,0x9ad631ce173c0506L,0x7779fd8d1f481a10L,
-        0x0ce5155cadbf3b01L,0x946c3d6c4a66e714L,0x82363b8efc39257aL,
-        0x5bff5f529f7ddfa7L,0xf6019194c959f74aL,0x0000000000000195L },
-      { 0x97e049ccd1a7e5e3L,0x20b70812ba5aba47L,0xaa1ae913eed6d2feL,
-        0x3a742bce668bb4b6L,0x4527c1a564d51f79L,0x70e8a3c89295bfadL,
-        0xa30663031cc82fc0L,0x2c7c0291fd3f6160L,0x000000000000006bL } },
-    /* 13 << 294 */
-    { { 0xe645810f34132c1aL,0x77c28cc35de4c75fL,0xbb2f5483a0de31e3L,
-        0xd0fb9a7bdb26a8b2L,0x8886a0245235b15fL,0x526b04be0b4d1737L,
-        0xcf6084d9489f9855L,0x971ca8398ed5829fL,0x00000000000000e1L },
-      { 0x33b5bd61ca6b951dL,0x6bf54e1fb00b2c5aL,0x3e739a1de67b50a4L,
-        0x4a9af7f0ce82ee0bL,0x0fb8696146a2ee3eL,0xdb9363a79c97b9f9L,
-        0xabd29abbdb1be929L,0x7d4fb696e812de1aL,0x000000000000014eL } },
-    /* 14 << 294 */
-    { { 0xca22e1011f4db09aL,0x1a821888be1a96d0L,0xa5b1218d300d31d8L,
-        0xb4e11200befdce35L,0x6900c54fa507c579L,0xa343019dcc9fddebL,
-        0x1ef6f8e7ce55a800L,0x0b7e6f2eb39b7d09L,0x00000000000000a9L },
-      { 0x67aee879d16b84d2L,0x4775d42bc4a9e158L,0xd13945291f790f48L,
-        0x2cbd6d019bbcca5fL,0x08205b6360ad2134L,0xe69529826beba839L,
-        0xda24d18c265360e7L,0x070fe85c1afb1319L,0x000000000000002aL } },
-    /* 15 << 294 */
-    { { 0xb382471bded9c20bL,0x2a710cf6db64da44L,0x92e11ddce8b5040bL,
-        0x81d6600416313d98L,0xf9e48b77cfeef40dL,0x8a566a5c1961a274L,
-        0x7e288e774935ffb4L,0xf4d9e1a989fb716aL,0x00000000000001b3L },
-      { 0x27596e1e6d08166fL,0xc36263f89c92f5d9L,0xff7193ddc1150003L,
-        0x928de56fa4c5e839L,0x5709e478ecf9d5d0L,0x78834f6b90cc279bL,
-        0x3581d7a4a251ce7fL,0xe66b47cd30d757fbL,0x000000000000013dL } },
-    /* 16 << 294 */
-    { { 0xeb4b23274247e72eL,0x6660a1e5175cc2ddL,0xb6cb2db4fa58cacfL,
-        0x035b7ab3f93c9b5cL,0xd2582c31bbc94809L,0xb80863e54328d05fL,
-        0x61f99dd580b782b5L,0xa17fb8fc59e27db6L,0x000000000000004dL },
-      { 0x4bdd2a99e6b71bdcL,0x586b3ce9210c0d88L,0x590b0c459295119bL,
-        0x1ee8b021a417f7deL,0xce83ae394efecb1aL,0x06298f05eb3e3c84L,
-        0x0e13905295e6d8c8L,0x5e8a4031babc6bd8L,0x000000000000011fL } },
-    /* 17 << 294 */
-    { { 0xa45c4393de825f40L,0xb9ec95008c3cf0b7L,0xebe3990e65d35126L,
-        0x2de346a7703debc2L,0xdaaaa35182941b06L,0xb233de5e0a85d32cL,
-        0x6f954814ea2ff0fcL,0xf60aaa4dbbd2cf8fL,0x00000000000000a4L },
-      { 0x844743f9f912025aL,0xcc428af1e86e6a91L,0xdfe077bdd8b2ecdcL,
-        0x20eb2e7a0b8f76e2L,0x6063a73f0c3abbbaL,0xdbdcff05caba37acL,
-        0xec2f6cb84aaa8012L,0x1ae4c16d8cad3681L,0x00000000000001c4L } },
-    /* 18 << 294 */
-    { { 0x57d2461128803c3cL,0x9c6f153e905c766dL,0x2a8d0e65a3df5f03L,
-        0x5fb1c0c5ff0dc35dL,0xe3420a10bb4bd9b3L,0x464e2fa04c4a9eb0L,
-        0x511a5d07694c91cfL,0xb23f2f1a52c89680L,0x000000000000014aL },
-      { 0x3d9d955113088161L,0x3747c9ca64c5a2d3L,0x5d13ffb630032fbfL,
-        0x5f162ef0c0855550L,0x68bc14cc7f54d72fL,0x8ede5be68d825c01L,
-        0x437cafd1d87e0007L,0x7040f1e0bca3477bL,0x00000000000000dbL } },
-    /* 19 << 294 */
-    { { 0x28cce0ecb9bebb36L,0xb29c8a152f0621fbL,0xf651326b8d2580f0L,
-        0x26df142f35cc66fbL,0xe3750e9e14989eecL,0x55305d0d09feca96L,
-        0xe006e3b93188fa22L,0x19b0e9242df6f347L,0x0000000000000093L },
-      { 0x53811345b5c4cdb2L,0x57ac7a2a79fcfca5L,0x7814795cae76763eL,
-        0xecc5a5628821cdb4L,0x4cb555779a55aef9L,0x8e7a4b3792ef5935L,
-        0x45f20156f18a1791L,0xa785efdbf98c417bL,0x0000000000000038L } },
-    /* 20 << 294 */
-    { { 0xb9b6ebf9b1351aabL,0x3199f6e349a08f81L,0x3cfdb7175df347a9L,
-        0xad627841b15d1ecdL,0x994ac9a2d4918f31L,0x3f3b84a1a482e07eL,
-        0x82f47118d01df2a1L,0x1ce7c2530612e165L,0x0000000000000117L },
-      { 0xa4d357d1b1a67846L,0x0ed36337a5f6313bL,0xf759acc56224b03dL,
-        0x9f79550a43833acaL,0x71238a8d5b80bab0L,0x2f5d78d1f5a7e9d2L,
-        0x34844c10af79cf0cL,0x202250a1878e03c7L,0x00000000000001deL } },
-    /* 21 << 294 */
-    { { 0xcee095846722f2e2L,0xa7e2d5ef2b812e11L,0x021a444781d9a125L,
-        0x53b6ac752c3c35a1L,0xd41b7fef6cad23ebL,0x6f10644550687730L,
-        0x6c5f184cbda38409L,0x4fcae4e8afaeeeabL,0x0000000000000058L },
-      { 0xa6a280db7a9ad8daL,0xbfab051035f6f97eL,0x32ca44d4a6d62fe2L,
-        0xc7d3521955b5a2b0L,0x5ecd78fd85d6e1a4L,0x40b504b0f0f12cdfL,
-        0x483df9abceb7c1b2L,0xf416371483db0c9aL,0x000000000000000cL } },
-    /* 22 << 294 */
-    { { 0xd7d6b8dae1e2262fL,0xdd1ce7929442a0a8L,0xb3338e7a23ab20c5L,
-        0xc454dd1843e4d64aL,0xc03cf46e65e83085L,0x219b81220c11eb73L,
-        0x9e2f67deff2cd3d4L,0x46fff24e3a0d6beaL,0x0000000000000131L },
-      { 0x990fc4b50f52b1d3L,0x980926dcfa16bdcaL,0xf70295610e725151L,
-        0x009a73258100d906L,0x14beed1973be583dL,0x862ab646ee8ad63bL,
-        0x96bf39cdac7c1267L,0xe73e0eae5d9e3cabL,0x0000000000000053L } },
-    /* 23 << 294 */
-    { { 0x3ca878fc4806181bL,0x405c7b2811146abdL,0x2d16043c0771366eL,
-        0xd07c69fd4027bbabL,0xddadf4e4fbcac82fL,0xf5a67b2b7559132aL,
-        0x942a4965f1a47aedL,0xfca25633a52e8212L,0x0000000000000022L },
-      { 0xaae49d7b10ca9169L,0x97c05152759d11deL,0x655d94ad51815da1L,
-        0x57445ad9b5063685L,0xfced3ea4c51e8dfaL,0x2e9e229089e37384L,
-        0xe62ae24628f62dccL,0xfd5969067f5a5b72L,0x00000000000000c9L } },
-    /* 24 << 294 */
-    { { 0xaa91d38ba207739fL,0x8c5e7ae36cb4b052L,0xa785648126932370L,
-        0xec5f6683810f6a28L,0x56d9b66fdd4a1a39L,0x936d24f5b4ae3605L,
-        0x5b89adb53ccefa36L,0x7d893e3ac6a0096aL,0x000000000000015eL },
-      { 0x98cecb6d99db465cL,0x66db3e132c1113b7L,0x9dfafbca881d1c5cL,
-        0x78d6b56821503e69L,0xb0197722f05ac1b1L,0x2523d52bc45e608dL,
-        0x8e77c13ceeb9ef93L,0xc5c6e0e756a50594L,0x000000000000010bL } },
-    /* 25 << 294 */
-    { { 0xbe9639f5607be4ddL,0xb7d415b59e82139eL,0xede6ac04d77f0ac4L,
-        0xd8471424ceeb4155L,0x3fde6834bc76aa1bL,0x9020c58cae990b2aL,
-        0xbe49e85009e1f067L,0xfe76c73de5218d9dL,0x0000000000000077L },
-      { 0x787b9b1a0b3809c0L,0xd095141cf230c780L,0xfd6de04e1550c58cL,
-        0x648eef5d108a70f6L,0xbd0974b51fd5d1caL,0xc29be634e9f30f9eL,
-        0xb8559f72240c47b3L,0x8787033507c3bcdbL,0x000000000000001eL } },
-    /* 26 << 294 */
-    { { 0xfcf2897b3170660dL,0x29f6635c142ac9b8L,0x1b6d6f170b575017L,
-        0x254f887f443ebbfaL,0x5659e0e267479d77L,0x7f8597a73e6e63f8L,
-        0x13d34c6edcbe3f6cL,0x061b32786dbd9c9bL,0x00000000000000b0L },
-      { 0x9240fa42f1d121d3L,0x596d9037c65540a3L,0x420820c53103dd1aL,
-        0x494911c61334ddb6L,0xe0b43cc55fee1bfaL,0x6336d37087b32edcL,
-        0x726ed517f52b8682L,0x7c94653320a217b3L,0x0000000000000031L } },
-    /* 27 << 294 */
-    { { 0x13f2450b909c1a88L,0x3344c3cdccbda714L,0xe230f4a809da0a01L,
-        0x3fed866bfb805ca4L,0x2fe1c1cfca3269efL,0x49f7a32b47965aa7L,
-        0xaecab243bd604104L,0x79769ec1a97dc613L,0x0000000000000134L },
-      { 0x107daf6c16bcca1cL,0x1593235a005a0645L,0xae1114dcea3b7e40L,
-        0xfc3e330ec40033b9L,0x579ceaaf9e3b41e1L,0xee0d6fe7a459911eL,
-        0xfc55400245f98d3aL,0x2b995f850e73fc4fL,0x0000000000000102L } },
-    /* 28 << 294 */
-    { { 0xf7ed6ffdf50a3d85L,0x920b807525ecd014L,0x9074d5d14ebbd57eL,
-        0x2c7656f08ce72dfeL,0xd17c1313336df7b8L,0x342593894a6a7112L,
-        0xf9112c8171d23283L,0x80ee8f87b19617b0L,0x00000000000000daL },
-      { 0xd411f8b2e36790d1L,0xe0352d7ac03b68a7L,0xe2b16d4e55dd2c1fL,
-        0x3282a3de3b874068L,0x26fbc96e1b3d4991L,0x42f10b4520d08473L,
-        0xf17dce35c84ed8e7L,0x78da06e791f15069L,0x00000000000001daL } },
-    /* 29 << 294 */
-    { { 0xf9775c57cd2967d5L,0x65123c2cd738174bL,0x4d91a7cdd3820c86L,
-        0x3e709d34caf234acL,0x66250e69863a7e8bL,0x73cccdebb1885fbaL,
-        0xca872751809b48d3L,0xeb4ca203f236ea5cL,0x0000000000000115L },
-      { 0x7e499db1bb1d64a0L,0xff0b67f3c37a7a2cL,0x443c5f612741f78eL,
-        0x0768cb396aa2725fL,0x98c48c0d92dfbd7cL,0xfdada4a36fb67cbfL,
-        0x00c916f66b221b57L,0xb25a08a38fa18490L,0x00000000000001bfL } },
-    /* 30 << 294 */
-    { { 0x32fa6aa0ebf76affL,0xbbb4b69eea27786bL,0x1a61db994113e36cL,
-        0xd9ec11e72884fc1dL,0xa196c2e729d7cacdL,0x076ce25757e81101L,
-        0x2d9b9f7041062d32L,0xa0f7f96948d96dc8L,0x000000000000016dL },
-      { 0x7ae29604caa1564cL,0x7860e39ddbb46de3L,0x099372d4dfc84fb0L,
-        0xf784833c650622aeL,0x9711ddf9d66fff47L,0x62b51a5f046095eaL,
-        0x50d05cef44618f6cL,0x2b3bc7637a5aefdbL,0x0000000000000024L } },
-    /* 31 << 294 */
-    { { 0xbd875cc5b89c9889L,0xaf8042931aa82e4cL,0x4ce2924dde1defecL,
-        0x01f089d19b41586cL,0x9f2310e7ff9732bfL,0xe4c86bf3b0bb7eb1L,
-        0xaa010c968bbc420aL,0xed2c9c7164c47381L,0x00000000000001d8L },
-      { 0x4a6b565e045bc12eL,0x36bf29cf77275cdaL,0xb464be38b331e0c4L,
-        0xbdaec4d0cd49e3edL,0xa8c0eef1a647036aL,0xc40dd02ed31fa960L,
-        0xc7a368ccdc2f5113L,0x3bad9d88e632a505L,0x000000000000006aL } },
-    /* 32 << 294 */
-    { { 0x709ac1575b6e48aeL,0x7ef27b0f95eb72ebL,0xb1bca839d987e330L,
-        0x16d0f9b110b85d29L,0x08d6d9b2a5e559f2L,0xdcb7602d980b6daaL,
-        0xb38f08a5f2f9b64cL,0xd9adc282e2cf92b2L,0x0000000000000164L },
-      { 0xcc6a51913137f926L,0x9e4ccf8488821c6cL,0x0b3991794c8babe2L,
-        0x4269ee3929c119f0L,0x1374f63a3509d23aL,0xb7563c4386b73069L,
-        0x2ad51f46077f8bbbL,0xc383bf47d8d3310cL,0x0000000000000079L } },
-    /* 33 << 294 */
-    { { 0x1d6891d39c0144e6L,0x52ac8f54ccdbe3ccL,0xb8332000c88c51c3L,
-        0x033a0df23700556fL,0xf97e93d0ae841be2L,0xd8b2ae2e08523501L,
-        0x6eeb8117928f1a3fL,0x81999870a8d353f4L,0x00000000000000b3L },
-      { 0xc84500b07b8bb4b0L,0xae616e25d3320838L,0x0bd7d96a43cfdad3L,
-        0x8f9f3fbe4f1f18b3L,0xcbb1ebb2592a0c27L,0xfe42cf82368d7ebbL,
-        0x6ddf64b8747c2e25L,0x20e39304cbc56bb6L,0x0000000000000152L } },
-    /* 34 << 294 */
-    { { 0xa1259eb0bb2db655L,0xa89c9e6723209bffL,0xf09647c4a6c417deL,
-        0xf92aefac3904a74bL,0x0704a73616ca9de3L,0x9adca9d445a1c8e8L,
-        0x07a94afe87213d9bL,0xf74f1787766b608cL,0x000000000000002cL },
-      { 0xa9546f6cb6803298L,0x890b7f942c895a2cL,0xb63ee1f2ac1c77f7L,
-        0x1d40ecd67d5d03b8L,0x170a292646dba729L,0x11c4fcbbcd7545ccL,
-        0x39e139d129a71c77L,0xfba76833cdb60a56L,0x000000000000019dL } },
-    /* 35 << 294 */
-    { { 0x8887dfd9515bc9c3L,0x1cae6d1e9a3bf242L,0x37ab9d8905a3a363L,
-        0x1d37a7a883c27e10L,0x053e57b62672c074L,0x97d3adbad73a2ac8L,
-        0xb633f506bcc69d6dL,0xd4e3c2b08a152835L,0x00000000000000f9L },
-      { 0x6ee41d786c369bbcL,0x4ad8ad62941e1248L,0xf4e782a534050f32L,
-        0xa8ea4017752206f9L,0x073e2905a6c0904eL,0x536f600f5e5e161cL,
-        0xd67e05f5518ceee8L,0xde6a5527c3b67d17L,0x000000000000010bL } },
-    /* 36 << 294 */
-    { { 0x7bfeb9af12391b95L,0xd79181d83d2855d9L,0xeb0cb5ba84bc3f73L,
-        0xc7aaee27d4577568L,0xbebb1d976d62aaf2L,0xdf7f87711c0d2c76L,
-        0x8e735dc01390efe5L,0x324a3fef10b0342dL,0x00000000000000ddL },
-      { 0x0f074d4be5ef45e7L,0x2af56abee6c99cfbL,0x55f70e37666b03e4L,
-        0xb1f0116afed0a21eL,0xf9fe9c995603998dL,0x70507e45a43bfa71L,
-        0x68d2f7d4ce0e4a10L,0x819fd53796d5a95fL,0x000000000000006fL } },
-    /* 37 << 294 */
-    { { 0x0c0b1628c0ce3722L,0xef71fa4e06194427L,0xe9ffc8fd35815428L,
-        0x5ba6b0819d519771L,0xc0ff3c5e81293238L,0x5a91a345e4d2fa29L,
-        0x6bedab154d0e36d9L,0xa2860c0014f98febL,0x0000000000000145L },
-      { 0xd39d5aa9b47fcfd6L,0x7d6097fdb3537bdcL,0xcc18e7c947a1b76aL,
-        0x3a4f5d36e2ef31f8L,0xab932eb1656164d1L,0x48ad2dae3bb3c089L,
-        0x79240de0dd6942a5L,0x526b6529f9e208c8L,0x0000000000000130L } },
-    /* 38 << 294 */
-    { { 0xf53da60c28eba272L,0x120745e32d8a9f6bL,0xaecd0eced8dacf70L,
-        0xa40838eab208a28dL,0x5a1a7c465d52ddc5L,0x3a57c3b47e8ea970L,
-        0x0e1cbbe5ac84baeaL,0x6b65d65510465e38L,0x0000000000000170L },
-      { 0x0f1ebb96b489253dL,0x0c973fcbc40f5d44L,0xfa1cc30044a55f05L,
-        0x35173c9e07b22802L,0x4ba69f3619062869L,0xd0986139f6602251L,
-        0x26fa63d1e46cbd26L,0x5b75686d57991c42L,0x0000000000000082L } },
-    /* 39 << 294 */
-    { { 0xc5115f182596f8fdL,0x3eb7ab5627e6366fL,0xb46be9749a07d0ecL,
-        0x5a6e73b4dc031cbcL,0xcaaa10655df414f5L,0x42f6367757566770L,
-        0x475e0a1036b5a3d3L,0x2fa0375c46291bc7L,0x00000000000001e4L },
-      { 0x541780b5c542ce68L,0x8a2dca3d229cf7b2L,0xe792776ef974bae0L,
-        0x998503c7f582aed6L,0xc8c05f91dc12e582L,0x8fe4af98095607b5L,
-        0xccf8f7d8eb35165fL,0x292d6f084818a888L,0x0000000000000085L } },
-    /* 40 << 294 */
-    { { 0xf2f55e6187055f7cL,0x96c05bad1c7b6ae2L,0x24d4ba609b81ccc6L,
-        0xc4c666e9b704f1f6L,0xc505d03fec354e60L,0x6ee24bea512b62beL,
-        0xe86bc686b5ad8726L,0xdea6279ec3fc6e18L,0x0000000000000196L },
-      { 0x2bb0ed8b4f92584bL,0x4cdf258aa481affcL,0xf067c8c665362effL,
-        0x0341567f73099e69L,0xa42fa640487d6afbL,0x4856eb7e41d7455bL,
-        0x7deaf1b1d3730d35L,0x7158dfe5d247b629L,0x0000000000000068L } },
-    /* 41 << 294 */
-    { { 0xcc0ff75ba1efb92eL,0xba0ae458675c11e2L,0x7e9bb0646ac807cbL,
-        0x5050c5000f219badL,0xf8135f19babe7ae8L,0x3e7c7d8e65eda230L,
-        0xe7ce162a30069ec8L,0x7c3c5a9262a18f99L,0x000000000000015fL },
-      { 0x82e3dd1fddf2de5aL,0x130d220e94ff0565L,0x06f36b112ac2b85eL,
-        0x78f3dd866617c47fL,0x1aa3510d1a1d5df9L,0xce8b3b99c16a9a31L,
-        0x6b56971575712816L,0x573cac34cb8ca234L,0x000000000000000cL } },
-    /* 42 << 294 */
-    { { 0xd92f6b9d75b13008L,0x9a504d49a2bb0d27L,0xb38fde71b9ba11f1L,
-        0x4901413b2e9f2060L,0x8d13eeeadee6353eL,0xd84abab0485f7dd2L,
-        0x620df02792f99ca3L,0xc03f647f5e4d1b12L,0x000000000000019aL },
-      { 0x54560d5e25f0441fL,0x4338b22c51d1f048L,0xed6b559a159b7a05L,
-        0x476886554fdc8368L,0xf42f1a082eab0196L,0xac60f4d1f3b18394L,
-        0xa915b254a5f7a4b2L,0x73b6a490db363c41L,0x00000000000001bdL } },
-    /* 43 << 294 */
-    { { 0xdcf1a754ea2591e8L,0xfd641959381e2f22L,0xfbf1c118a66001ffL,
-        0x4269279d3413d83bL,0xe4ac33ac4b48066aL,0x6e6c559e0dc98b68L,
-        0x02a9a9e02faa1329L,0x8648b1ba747c1385L,0x00000000000000d9L },
-      { 0xc0aad5a5256c9a1cL,0x73129d17a8e79c07L,0x23145244eca7c812L,
-        0xfed6f8e785cac27dL,0x0054b0438269c8f3L,0x5a78b38da889f04aL,
-        0xbb890a92bf9897f6L,0xc7ce53668d484412L,0x00000000000000e6L } },
-    /* 44 << 294 */
-    { { 0x23095fdf14c98670L,0xa48c421e9dc0f253L,0xbe07424b0e23ffa6L,
-        0x2d6b8ac86e8dc32eL,0xe3d6e195ad8e1120L,0x2f1ee8e1ffc71daaL,
-        0x603908be648bd635L,0xff134805e912c300L,0x00000000000000ddL },
-      { 0x0ffcc425d4322e89L,0xc809f5ed8f09f42aL,0xc1114010ef2508a2L,
-        0x5c07dc01c51cb0c1L,0xf3d650a11d946eb4L,0xd907ad9a51e6b2b3L,
-        0xd588d588c945f2d0L,0x7dab07bfd1faab39L,0x00000000000001e1L } },
-    /* 45 << 294 */
-    { { 0x9d5b2544a3d51ab0L,0x084588178813a487L,0x4159e69cb8d92933L,
-        0x59494a445c5ee13aL,0xd339bd9cdcad1546L,0x3c021d0f1fae07edL,
-        0x07c938bf8be84dd4L,0xe4509d7a3163647eL,0x000000000000011bL },
-      { 0x29cf63b6756908ceL,0xa229c250b92741b3L,0x1d4507fd023662a4L,
-        0x5ec7929f7f96cee4L,0x6c6abb6dad431e51L,0x99b1af2bb7feede1L,
-        0xb08a47e466ceded9L,0x77b5577b2af814d4L,0x000000000000007bL } },
-    /* 46 << 294 */
-    { { 0x23c220f22f3ee9b9L,0xb3a0e0c9bf727513L,0x3e276e115108bd41L,
-        0xf269c6b23fb319d4L,0x28a035b0e40e70f5L,0x9974d2d490400c05L,
-        0xf7d62731e4e71f3bL,0x44119e4474b742deL,0x0000000000000000L },
-      { 0x502b39745f29b07dL,0x02f9f845c8b1ec1aL,0xa80e587d1ff9b054L,
-        0xc0e07aea1fd0e64cL,0x8b7e83622e582f60L,0x3e21f291ad1f1dbaL,
-        0x214395c034de6756L,0x5728d60a7d45dc64L,0x00000000000000b7L } },
-    /* 47 << 294 */
-    { { 0x39922191c05c3ffeL,0x5de7dd5586c48ba9L,0x325c9b5cd38564afL,
-        0x6a88a43990fa14b2L,0x87cf5b102362445aL,0xfa0eab8bc88b3f68L,
-        0x18f7e5b5341e78b9L,0x31b27ad4116fd87eL,0x00000000000001c8L },
-      { 0xf0ff17d4932024cfL,0x205a03fe3a30a631L,0x60b6627b733c9445L,
-        0xb091ba56a715d6f1L,0x0c4397ab3b1a6b21L,0xf16a58e63a2bfd3aL,
-        0xd217ddb7b6447176L,0x79d9a86cc2536744L,0x00000000000000faL } },
-    /* 48 << 294 */
-    { { 0x29d8faf43544cc95L,0xcdde285818e4e95eL,0x0a01b08dfe9368caL,
-        0x40512dd7c6dbbcdaL,0xcef252a068c1423cL,0x98204e95aae7650dL,
-        0xb922928b77e51a04L,0x9a77021a72eb97a3L,0x000000000000018dL },
-      { 0x5647c6f296c7c29cL,0x6a17e12a870ba81bL,0x42df0e2e73c0ee75L,
-        0xa214b4098765ee48L,0xc098d30234faf6eaL,0x0f5b59a79aa0e1a1L,
-        0xd73224f17c87855fL,0xb78b168cd6d2a061L,0x0000000000000050L } },
-    /* 49 << 294 */
-    { { 0x070fda90fa5df695L,0x3160656226b01e04L,0xf6e12156de3aaaf3L,
-        0xed0f215de7dd01d6L,0x57e283329659a00fL,0xc5969e57935e63c7L,
-        0x90e3b2844178ad18L,0xbbcb285453123b93L,0x00000000000001bcL },
-      { 0x36b29ac2195f63e8L,0x5771e9f017eb8981L,0xfe74b12b5da40865L,
-        0x5f0ff67386d920b2L,0xd327498440426defL,0xdeaef693e06941f1L,
-        0x61416da7dd68bf90L,0x8ff9d2bdf1723ba8L,0x0000000000000109L } },
-    /* 50 << 294 */
-    { { 0xd1da2b970f4ced78L,0x9486496aaff53bddL,0x3b2c09e905787a65L,
-        0xd714235e3bf092b0L,0x2c2bd98def495c76L,0x48d93c1256044673L,
-        0x897376addff54802L,0x68777721468af1b8L,0x000000000000016cL },
-      { 0x5bbb6bed1f304dd6L,0x35dd2294241518a1L,0xb94de945df0e416eL,
-        0x016ce62126a1b13bL,0xbd7cca2324a58997L,0xe3cb85775eb8b579L,
-        0x8ed1e530dfb46f50L,0xd3e45de5b7bebb2fL,0x00000000000001f4L } },
-    /* 51 << 294 */
-    { { 0xe3819d9a1c771ea1L,0xbf690720dc59eb84L,0xa541e37699348dcaL,
-        0xb7888fc369fbe622L,0x1c8a5762136e6a6fL,0x9ead48dabbfa63abL,
-        0x23ea7bafb1ceea24L,0x9e5b105b5f2cdd03L,0x0000000000000179L },
-      { 0xa0d739e636b63e7cL,0xdbe55702dbda9abdL,0x73866365556299bcL,
-        0x4c48b2c9efe0e38eL,0x06427eeebf017592L,0xf3d389aae05788eaL,
-        0x1db17dbb783c8e0dL,0xf1a6d1560552d575L,0x00000000000000baL } },
-    /* 52 << 294 */
-    { { 0xd185cfc3f5823bcaL,0x94e833382d648a40L,0x719def2c4d22d2deL,
-        0xe23be64f266e78a8L,0x8830cb3e752ac9cdL,0x2598bc00d0f2cc62L,
-        0x42513e2c62336adaL,0x7343da72b35e9e9dL,0x00000000000001a8L },
-      { 0xa38d5d2219b56641L,0xd7e2949e94a2e805L,0x03f06fa6a850f355L,
-        0x744779e0dea5393aL,0xf6078b4c9cf8ff02L,0x3a150184d43248faL,
-        0xf2b064f88cce580aL,0x3894f51466eaf1aaL,0x0000000000000049L } },
-    /* 53 << 294 */
-    { { 0x5bf8be23e3841518L,0x390df312c1d8812eL,0x87c36912461bffaaL,
-        0x9159a05a2adfaa7cL,0x7c1ebbe962f281cbL,0x9c0a76c9082166d0L,
-        0xa929dffb920301aaL,0xc32334dfd7fd6366L,0x00000000000000b5L },
-      { 0x3d292b74f63f5f63L,0x022e7982a5482092L,0x45808135f3179942L,
-        0x7256ff64865831a6L,0xa5c9588e5a3e9363L,0xcc7d2ca88c82986eL,
-        0x7bec162f05626c9dL,0x89da9ae77b9ff705L,0x0000000000000198L } },
-    /* 54 << 294 */
-    { { 0x5b038af3f5bb585bL,0xb98ecb5f37bd3ae5L,0xc1b18cb194be2a43L,
-        0xa9618ec095e4d777L,0xc40f2dabc748a4bfL,0x21904d556228ac53L,
-        0xc660cec8dde83410L,0xff36f88f50979bf2L,0x0000000000000160L },
-      { 0x9628fa6551d8881bL,0x73f061b88947cb47L,0x79f5d6c845cf0762L,
-        0x49504051376a43d5L,0x70c737b7a3f83f46L,0x59d034dd0cc593bbL,
-        0xaa0875df26342c19L,0xa585ead811d79d98L,0x00000000000001ddL } },
-    /* 55 << 294 */
-    { { 0x1779f234ef839635L,0x8f58efb1f40a5a65L,0x1d6206ab3e5cc402L,
-        0x1bbd6fd7e912df6eL,0xc924914685b7d132L,0xff29fea43e802e9cL,
-        0xc61175867bcf48b9L,0x6540528e9282c06dL,0x00000000000000e1L },
-      { 0xd0f41b96127c2594L,0xe7b7f49987819eaaL,0x86005a00584aaa91L,
-        0xb82005e47840a3b8L,0x37a7f2cccf139be1L,0x483a5922c7f15281L,
-        0x606a1b81c55ae9bdL,0x93027e7d27ed3387L,0x0000000000000144L } },
-    /* 56 << 294 */
-    { { 0x095c54694caddfa0L,0x7db5b97d383c724eL,0xb4698e9a92ca76e8L,
-        0xd964ac2001ae58ecL,0xd743f813b822b97dL,0xd8de0d8520171bacL,
-        0x549e8ae5ea164044L,0x03c9d920f8426c21L,0x00000000000000bbL },
-      { 0x794be56d907e69abL,0xd3c037943abe9f98L,0x9a5eae5c84e132d7L,
-        0x9a7afb80bf979b72L,0x624910c94bcba819L,0xfef0daf5adb707c4L,
-        0x7c9d0680ecc8bf66L,0x342fd8b9681d3792L,0x00000000000000a5L } },
-    /* 57 << 294 */
-    { { 0x31af9ea81c876e00L,0xf54b3306c17ce3b9L,0x9da29ba8b7b66baaL,
-        0xe8f958bdec97fbaeL,0x9aed85e5d5d5ca73L,0xde6ee26dfcf4f1d7L,
-        0xf4e2831640d20e59L,0xc344605f84d7d1c1L,0x00000000000000b3L },
-      { 0x5488e1b958226056L,0x79c948a9cb124c25L,0x278af742f40ff7b7L,
-        0xecc60fa1740757d1L,0x648f9a18476f60f2L,0x28d72cd41ec656a0L,
-        0x0679149a291cc21fL,0x74d87b8355eba80bL,0x00000000000000e4L } },
-    /* 58 << 294 */
-    { { 0x6d48fb31ad6f4fb9L,0xe536f4b6b626e78dL,0x49aae08b0d7fdbe4L,
-        0xcb3963457a9ed668L,0x041268b9b63b577cL,0x0b1593d8ea5b7d95L,
-        0x26c9109ca54dcef4L,0xcf5576e783ea872cL,0x00000000000000b2L },
-      { 0x835382690ae7e08eL,0xe844c9b9f4c32ddfL,0x839bf854110c1a1fL,
-        0xfaa5f6775c69fab1L,0x198e91e6e763e4adL,0x47da5f178f63cd42L,
-        0x61c638a62c872558L,0x6bf1c8895618547eL,0x000000000000018bL } },
-    /* 59 << 294 */
-    { { 0x6a8cc986caae6ae4L,0x1d7c2d67d6d6435aL,0xdcdf751c1f27d040L,
-        0x084a8ad907b0b209L,0xa03ce81aa4cb20a0L,0x8bd7ee7273b7ce3dL,
-        0xc30a9ee4bdc436dbL,0x09c04ae46034aff0L,0x000000000000007bL },
-      { 0xfabd79026c6bd45fL,0x799e004bc957c862L,0x5638fc917a905a28L,
-        0xf0faba028a378c7eL,0x89e982772ac3baf0L,0x80c111429112a683L,
-        0x134bf54ad1c0a381L,0x6981a134a371b908L,0x0000000000000165L } },
-    /* 60 << 294 */
-    { { 0x8cdf5496ea2d6f47L,0xd16475ce1384a82dL,0x443c6bbe79dce016L,
-        0x520583ea11c229e7L,0xc345965d32d1ee47L,0x046c5c214eff5930L,
-        0x9810075e19d48e5cL,0x3e1425909cc794ddL,0x0000000000000186L },
-      { 0x254d003679cf471eL,0x87a8c5ed0d5a2f06L,0xbc16fd945516fbdfL,
-        0x2e7c1bf26fa2a909L,0x28297856237ba960L,0xcfb6b336091507fcL,
-        0x0cab1eb283a9939dL,0xe49bc8d8aec9cb63L,0x00000000000000b0L } },
-    /* 61 << 294 */
-    { { 0xc62b48a8982b000eL,0x8277c2682d1953b3L,0x19cfe475a9b47cd0L,
-        0x310d9c740992a068L,0xc03ee94ec1dbed2bL,0xc26915c631c025c9L,
-        0x46d1a3136d451124L,0xd8840ea94a5e33afL,0x000000000000005eL },
-      { 0xbcb605537c315236L,0x01b759256d7c2f69L,0x31e142f17568be8fL,
-        0xd39380b76ad30805L,0xeafc7a683c516d0cL,0x83a284ec418c61d5L,
-        0x493a0f10045a330fL,0x548e81d57c31cc6aL,0x000000000000006cL } },
-    /* 62 << 294 */
-    { { 0xf3445d6401011685L,0x58c874941bcba0abL,0x4a5fb2a29e299226L,
-        0xf76e578d815c50bbL,0x996d096f14f6347fL,0x6056b8185831b153L,
-        0xda2fd3d05d5d22b4L,0x512217c398f9bc2eL,0x00000000000001bcL },
-      { 0x82c87114979f39abL,0x7a032a31ca612d87L,0x81bd29f591930220L,
-        0x361732d21fc75c2fL,0xff5fd67e43ce4841L,0x53b8c32d784a180bL,
-        0xc666c0a34a359515L,0x78095258fd91743fL,0x0000000000000002L } },
-    /* 63 << 294 */
-    { { 0x22c1d1baa579fa74L,0xa3000c7398e2761cL,0x35fa789b86e47f27L,
-        0x78247dded7ceb040L,0xe86dae9bf0211813L,0x4526464eb9a8e680L,
-        0x8a415c8dcf84b9e3L,0x2a3d5df6bc25d1acL,0x000000000000006cL },
-      { 0x34af41b5b5ad0cd3L,0x18920068740f40d9L,0x3efc1ccfbd6c4c23L,
-        0x7d188dcb889947efL,0x9b63949593e850cdL,0xce1d6ae38bf50f30L,
-        0x3f8370629c1740b0L,0x80d89ab62e93fa82L,0x000000000000008fL } },
-    /* 64 << 294 */
-    { { 0xcdb8a92c817221d9L,0x7ff2643e780ed8a2L,0x5efcceda56fc9caaL,
-        0x59b5aa12f823d2fcL,0xfe97818b9dbfeb54L,0x2becceafa13dde72L,
-        0x5d5b53cee8692b1bL,0xf5e5ac69cae9ddc6L,0x000000000000000fL },
-      { 0x6ee75741c692d9ccL,0xd97eb6f262a91d4dL,0x8858ba5de2924e75L,
-        0xb8e1b22a517030b1L,0x651a68382af83dfbL,0xc1fb14d21c21be14L,
-        0x87689d46c9eba60eL,0xe16cfc1a0da1a29dL,0x0000000000000107L } },
-    /* 0 << 301 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 301 */
-    { { 0x4021a24de3c91b63L,0xf7cbd01a0b896f6cL,0xb005e27e145743c1L,
-        0x170d30313d2c0449L,0xb2369781715e87bcL,0x7ef5d8e0d6e85650L,
-        0x1a5fa6c7b232c66dL,0xc0455caedb20ffd8L,0x000000000000001fL },
-      { 0x3acf9bd305c7c488L,0xbf769bb0294df5b3L,0x8d5f90958fa692fdL,
-        0x9b20f4c777aef48dL,0x312134317987ad09L,0xc0b03aead6a327e1L,
-        0x5be9a205e6f56badL,0x2db39c5e6c7ff60dL,0x000000000000002cL } },
-    /* 2 << 301 */
-    { { 0x06e672911fbe4b1aL,0x2df4c01c7328b43cL,0x811847ea7350889aL,
-        0xee53f7eff19988a8L,0xcc3fc6d371578d7dL,0x20682a7b7b0f48ecL,
-        0x6979a4f21ec4cd51L,0x58272b7c845bc78fL,0x000000000000000eL },
-      { 0xceec799c35e8ef48L,0xa01333eff9ec8ae5L,0x5b99b83ef9262e87L,
-        0x37c4df170f427205L,0xb20cef3ff972dea8L,0xb63ac380c6c4c976L,
-        0x0b915c3290866381L,0x8817b26a91eedcabL,0x000000000000001bL } },
-    /* 3 << 301 */
-    { { 0x7ace3143a092069aL,0x0bc9cd595e70d5caL,0x1c26df9860dae8ccL,
-        0xf4358cefb881888bL,0xfeddc9766632ab56L,0x08206f72b870dda8L,
-        0x46f76ea4cc81f687L,0x865b6cb3ca702001L,0x000000000000007bL },
-      { 0xc064a2e3b099af17L,0x88beb2371d625dcfL,0x507be25af7b18ac9L,
-        0x46c8c36077f8ed84L,0xb019195fadf90251L,0x386ed5ce56c4eb40L,
-        0x46427f9c870504a2L,0x156e3c6f36d0f019L,0x0000000000000033L } },
-    /* 4 << 301 */
-    { { 0x06e0332e000535eaL,0x5c58e86403bbbe55L,0x4d9a6db110b9b5a0L,
-        0x7ef09cfc6a24db5dL,0x61d105f4819d4d78L,0xc5e243dd82d474a2L,
-        0x8742d427886e0d59L,0x08cc598e079399e7L,0x00000000000000afL },
-      { 0xb1af75d1c8e53592L,0x74857a7fca9dbfddL,0x2f7f11d8d49cf79fL,
-        0x82c78c0d7c4073d2L,0xbe13602fab4c74c0L,0x4282184ed0d37ad7L,
-        0x719bb29728289fe0L,0x08fe79e9b09427e0L,0x0000000000000192L } },
-    /* 5 << 301 */
-    { { 0xfb9970015eaa1129L,0xbec9a530e84da535L,0x133710955d6afc1eL,
-        0x7156b33510b368edL,0x86d22c634c902f9eL,0x64ea7336eaf83f1bL,
-        0x700571f6d4313851L,0xe6398407a8fb758cL,0x0000000000000191L },
-      { 0x004bcb3ad7673444L,0xa0ad23ff6c5d7b10L,0x86969ed559aa896fL,
-        0x80c4897508a9f27cL,0x37a8337cba7fc097L,0x295b4ece65a34328L,
-        0xb14eceddf56efccfL,0xcf9265ea638d1620L,0x000000000000017cL } },
-    /* 6 << 301 */
-    { { 0x91a6ba108d64773aL,0x18e9f8c089ac1f66L,0x49f08c886ff68e9cL,
-        0x57b6fb9131913442L,0xdce8f943d9be3a61L,0x03a6d0137c897a92L,
-        0xa3cf84d469451d27L,0xf9d603b978585859L,0x0000000000000019L },
-      { 0x9b651ee0bbe619d9L,0x6595951edf219411L,0xc4b2ffb73e53e02bL,
-        0xc32b5aa6f8bd17f1L,0xe7788f4a97f05123L,0x31d33abeb624663dL,
-        0x9e736612d8b9fcd9L,0x6b948711fa3eaa15L,0x00000000000001a5L } },
-    /* 7 << 301 */
-    { { 0x7f209595588ba3f7L,0xe2407c9a57ea6473L,0x9beac14648c8914fL,
-        0xa76746da7281653dL,0xb98edf137b9eaf4dL,0x4af237b992b8e681L,
-        0x9681674885d4493fL,0xcf67088b2d55fb92L,0x000000000000002fL },
-      { 0xfc9967792f89cd08L,0x62bf8d1b54cbddc2L,0xd9395c418dff283aL,
-        0xc384a2e9e7ffadd5L,0x39f0e602bedf1036L,0x0fc173dcd28e10d4L,
-        0x574c346fb4a775a3L,0x9f62fef62b897266L,0x00000000000001cfL } },
-    /* 8 << 301 */
-    { { 0x163a9e62eec6e312L,0xd11432c1459162d8L,0xdde7d941a25d4934L,
-        0x9067028e8d868aadL,0xb71b17085b6e3d21L,0xaed73637e95d3c7fL,
-        0x51bcc93c1dce0d78L,0x2f45d06a504a9d0bL,0x00000000000000beL },
-      { 0xec12ea4b300b2478L,0x91ac6eedf2a48388L,0xfbdc1bba7a7631adL,
-        0x5b2669cb79d5f4ceL,0x219d64f948c8f025L,0xadcaab29aadb5873L,
-        0x3b07af1c671bd673L,0xe66e7c67b7f2d8f5L,0x00000000000000c9L } },
-    /* 9 << 301 */
-    { { 0x877a56c5e8c21c07L,0xaa9b34cc64389ebbL,0x05d0452d80b06ab4L,
-        0xef13a83f48e78fb1L,0x8f1ccb089003b1f0L,0x9b6f68ae0e240740L,
-        0x3b4e3941e661e336L,0x3d50ab4f9673bef9L,0x000000000000002fL },
-      { 0xd84e8415839a034eL,0x9af0ecb379490c58L,0x3fa5698f53a7f6c2L,
-        0x7ee6a1fe1f5f8a6cL,0x759f0ff62d9134d8L,0x413d44f634a2bc05L,
-        0xecaf95ee0fc28762L,0x881b307762a3eb28L,0x000000000000001bL } },
-    /* 10 << 301 */
-    { { 0x1d2684d8817a08b0L,0xdb7dca26c8be8d55L,0xa069d7e07c8974a2L,
-        0xc061be91d03247e4L,0x1c6b377d7bd92a76L,0xcd7e0d7f50330391L,
-        0x6de4e84426762364L,0x07276c1516426e46L,0x0000000000000102L },
-      { 0x1744a4f50c65db3aL,0x08c6a33f9b8fb672L,0x31f23108ebf4762cL,
-        0x7b2c0ab0181df967L,0x53cd3abd2be95364L,0x0be1aaa87bbb3eddL,
-        0xbb0cb0531b469e7fL,0xea338278d6e16032L,0x0000000000000047L } },
-    /* 11 << 301 */
-    { { 0xc7f394748381c552L,0x986d2d61d55f8773L,0x1748580c54b59ccdL,
-        0xe071cdd56194dad0L,0x1440e99aa75ba866L,0xd162309c0cb3e564L,
-        0x45786580289fc2bdL,0x1d4120f1da2a714cL,0x000000000000011aL },
-      { 0x564bfb392e7a47d8L,0xc43ad5f9c38c2c08L,0x60d4dd7acc7ead2bL,
-        0x89166f8b91fde4a6L,0x7f1ac6ee9f62d204L,0x1a5728aafbfd7551L,
-        0x7997f14a2e75d1a5L,0xfc2804ea649488adL,0x000000000000019dL } },
-    /* 12 << 301 */
-    { { 0x2d511de52dae34a2L,0x280126a9cc783bacL,0x247eb07f3b00a441L,
-        0x909b0ea7567b28f6L,0x6045d39b53c3600cL,0x41714d14c75815a6L,
-        0x6bef6123c601eadfL,0x3683ccf3d6343c4eL,0x00000000000001b0L },
-      { 0xcfce0c48b23f24c2L,0x8a051e71622cd9bbL,0x07ec1bc49eb85129L,
-        0x4ca832899cabb17eL,0xf095659733580331L,0x88e7f968e465e3beL,
-        0x61c5c643086d84d3L,0xcd236eee26444e10L,0x00000000000001c6L } },
-    /* 13 << 301 */
-    { { 0x6a3f660b0dc590beL,0x32d22798247e0247L,0xc90cd006d66c6982L,
-        0x653993195369eca2L,0xa1346bcab0838f49L,0x3b5d8514fb956f90L,
-        0x17fa86f9b27e8c72L,0x61b430690dbbfbe8L,0x00000000000001daL },
-      { 0x3d46ae770fb82755L,0xeac173262c02b0f6L,0x869be2347fc42178L,
-        0x845d561ac8b457dcL,0x8295d7de2c8495efL,0x57e84cd5f079a84eL,
-        0x30e443fe60b7d282L,0xe0340819a844632bL,0x00000000000000e1L } },
-    /* 14 << 301 */
-    { { 0x0cec34cc215c702cL,0xf9534c2acde28ed6L,0x5694c1addb2b1db4L,
-        0x78834607f0ce1dd3L,0x0897479ede16ad83L,0x711db79e7ad8d6cbL,
-        0x4fec3d6a30d12f46L,0x2fa068bab2925929L,0x00000000000000e5L },
-      { 0x79ae08ddd6d413d1L,0x7afae372233385f9L,0xa9faea3a1c5915fbL,
-        0xd1d81ccddbf76a40L,0xbcee5b60311bd5b4L,0x33fd134e0d295473L,
-        0x8971c976a1499b9aL,0xbe778d06c2dd33cdL,0x0000000000000128L } },
-    /* 15 << 301 */
-    { { 0xe165fe45591537d3L,0x494e9b586f9e77daL,0x05048c2406b5f840L,
-        0x27b142e0669c0541L,0x266d5823ebf3cba1L,0x2c9668a9f5f6117eL,
-        0x92b1a670041d08abL,0xd2e4bc7d98b28dbcL,0x0000000000000110L },
-      { 0xd96f0a4eb50c672eL,0x2a5ba3084f40bed9L,0x6ad427836ada6e01L,
-        0x11d68fda636a6b24L,0x38d87a77bfcb526bL,0x3666085af7663abdL,
-        0x9e8dd236688f4c58L,0x3f5eaea3577ddb84L,0x00000000000001c2L } },
-    /* 16 << 301 */
-    { { 0xf03e26842bc15ca5L,0x0b130b09bf196674L,0x3c27538756217f5fL,
-        0xb26d17d4349aca89L,0x3faf18590269bf70L,0x3cdeb74fb288736aL,
-        0xeba8f6007e38ea96L,0xd24052c851da8c99L,0x000000000000015eL },
-      { 0xa5582bacb2f51cdbL,0xa325b5cbd0a7f7c7L,0x065a27f009931317L,
-        0x1abd17b6cddc78ecL,0xd8fd426937962ce7L,0x5d8403c8002cf3c2L,
-        0xe62f5305e3eb09a4L,0x1900f36ceeaf6fb3L,0x000000000000010aL } },
-    /* 17 << 301 */
-    { { 0x284fc126babba399L,0xda961c2d629b5b0cL,0xdb458a6c7acc2fc6L,
-        0x2d048b73b07e4eb6L,0x9ee17cf76011f0dcL,0xff56041501eb1f54L,
-        0x39ed447f8b55cf30L,0xcf2256f1d85dbed0L,0x00000000000000bbL },
-      { 0x084a817403650842L,0x71be289cb89d85e1L,0xb9c9f5b8f0aa2e1dL,
-        0xf454a8a2a0048186L,0x67e89b8f11c62ecbL,0x3fefb1f66eeb3419L,
-        0x19c5c988db8b8343L,0xd477b615cb26d01dL,0x000000000000012dL } },
-    /* 18 << 301 */
-    { { 0xfebd0210b24b42c5L,0x4f8bb6ab782d99ddL,0x624530b516f9fb4bL,
-        0x9f9ac0dcf52469a9L,0x6cd360b7a7297153L,0xa1989d5ae3ffe52bL,
-        0x493e7f8e086c3ae2L,0x598af31b052d016aL,0x00000000000001a4L },
-      { 0xd22cd1eeecebf13fL,0x1dece9d773807b67L,0x9d68d0462573e787L,
-        0x70f7848f24c5d05cL,0x2e846609ad526173L,0xc8a05dcd05ce91f8L,
-        0xc39b7711eeae3077L,0xcbb8347d040614a9L,0x0000000000000127L } },
-    /* 19 << 301 */
-    { { 0x87eac716c5722d13L,0xc1afc869d61ef2abL,0x496b7a2aacf51364L,
-        0x5d48541015d5ca0bL,0xcb57650b8772fb05L,0xd26d4f958869f973L,
-        0xb320d08e025cc659L,0xa950e9363419e9a4L,0x0000000000000030L },
-      { 0x5e80b7840e4326edL,0xe712d1b6118b4b67L,0x9188de4ab4e2f1d5L,
-        0xddd7c742931ba11cL,0x19856e2d083a8b4aL,0x28fd9f4ec237b67aL,
-        0x264aa6aeb17c199bL,0xbb708f00b04ee318L,0x000000000000009aL } },
-    /* 20 << 301 */
-    { { 0x9d1eae14e6c6fa68L,0xc10a9135e799dc68L,0x7abe45371d7af249L,
-        0x50c5b3e44b78fb26L,0xba92be148298b03cL,0x6229f220227a8e85L,
-        0xde2d6415248042a7L,0xeaaddb9bcbfda7ebL,0x00000000000001bdL },
-      { 0x3495558bc0642562L,0x5649a710eb006b80L,0xdeb44b295e284cb8L,
-        0xfb01767c2fb2ad7eL,0xb40225510f9ccfacL,0xbe4eb5c0a67be6fdL,
-        0xb5d9f3e86d920a44L,0x918cde4238b14e5eL,0x00000000000001f8L } },
-    /* 21 << 301 */
-    { { 0xf14dd13f7e46d751L,0xde1faee5de539ce6L,0x1f580420a878c7e4L,
-        0xa4536a613feef467L,0xa7e9291d7b545e56L,0xded28c89e2b7025cL,
-        0x59506d85d042bacaL,0x14b37eee8a3adfd3L,0x000000000000000dL },
-      { 0x89d83dd3823c023cL,0x8dc3c29fca288645L,0xdd64a1a648af0bd8L,
-        0x79f885a65f285574L,0x26f5a31b60248187L,0x70bd4d6ace84d4b2L,
-        0x3f15dbc4463583a2L,0x6544d8e78426710cL,0x00000000000001baL } },
-    /* 22 << 301 */
-    { { 0x76d2d5eb9381aba1L,0xb2322af89b7df6b5L,0x71f40e2e58f343b9L,
-        0xb61e43f9efcc85ffL,0x0300fa7259a01585L,0x5988ff95db05e553L,
-        0x2b62aa0f5e93de6fL,0xc87ff47b4b549154L,0x0000000000000021L },
-      { 0xd77a8a93ff66a25dL,0xa68eea535e13f466L,0x794995e4f79a54c9L,
-        0x6df911fc56076e44L,0x8d78ab8c47c83b15L,0x3507ec1cb38bbf1dL,
-        0x613c3c1f6a89e612L,0xc07da4b905f7fa61L,0x000000000000009eL } },
-    /* 23 << 301 */
-    { { 0xb88f49e250318e89L,0x0b6037ef58a8e5b1L,0x62b4464f8305be22L,
-        0xda32be6c695d0c2dL,0x53718af39a3f3741L,0x7eab5da6e64b6964L,
-        0xd3594c8663064d0fL,0x39279566f6eaee98L,0x0000000000000012L },
-      { 0x4bbb1b13042a5dd8L,0xa70b5d62793e0d15L,0x30393d03d1ba796cL,
-        0x4a21fdf287555c23L,0x9646d43c61ba2ab2L,0x6408cb45419993c7L,
-        0xb9acd44b338322f9L,0xf283c84d4759b6ffL,0x00000000000000c4L } },
-    /* 24 << 301 */
-    { { 0xd142bfa992701a9aL,0x0b59d01447539e92L,0x7cefec6e8724475bL,
-        0x5c77d10dbcfd641fL,0x4946dbabdd42eb47L,0x4ae66c3a14f1c33bL,
-        0x05ba3e754c9f2c71L,0xb618a5071fc0f7b7L,0x0000000000000065L },
-      { 0xdd94ee057c169a16L,0xa29e26195a337e5eL,0x30e106eb9ad816b6L,
-        0xb91e66f71a17810aL,0x46abf80d5b672e86L,0x0f40f077f89626ffL,
-        0xa474dfbe8b67b224L,0x9d3af9248053aa79L,0x00000000000001ffL } },
-    /* 25 << 301 */
-    { { 0x7d22cf775e1f232dL,0x548fda9e7e51a2c7L,0x11a9774149cf868dL,
-        0xf0db0b7e2fb759c5L,0x1796b06efc5eb57dL,0x60ede66826f8e4f9L,
-        0x7c37fa5cf37f1ae2L,0xf5348593ac10e958L,0x00000000000001abL },
-      { 0x05239d1323d8b38bL,0x2c55a6e0d76a3773L,0xcea20821cd282bc4L,
-        0x9e552a3a5ca82699L,0x3f1ae5bfa1548eb2L,0x56ca5414452552bcL,
-        0xec3a3f85e1ba16dfL,0x91ed704a56240ce7L,0x0000000000000041L } },
-    /* 26 << 301 */
-    { { 0x525d2794aa3af70dL,0x62666bbfbf65bbd6L,0x250750d4b925995bL,
-        0x050457f8e340c57bL,0x919451793b4931b3L,0xa4a0e728d223ec63L,
-        0x9aa8b43380a43404L,0x9c52b96aaaaa7d45L,0x0000000000000149L },
-      { 0xa4dcb38e2dc7ef6bL,0x115ba55675a63e19L,0x31541c6e90d13e8aL,
-        0x4e0b09787401562dL,0xd81287b447cfebc2L,0x59ec023f074cc01eL,
-        0x7086b3db94d89d32L,0x274daafbbf9b0f39L,0x000000000000009fL } },
-    /* 27 << 301 */
-    { { 0xd7fd9795758d15ecL,0xbe89bb8c335f014bL,0x3be772ba54b6b739L,
-        0x2d652a561a35e643L,0xfd8b75fe36ab48b7L,0x89fa8e1d9c89c766L,
-        0x75e124aaea145d8fL,0xdf889765299c9171L,0x0000000000000170L },
-      { 0x103dda2e55540308L,0xc3c035e7cf05bb03L,0xd346e06a52488d57L,
-        0xe7833e27f8c702d6L,0x25b942ca6be87eccL,0x7b0588057505ad4bL,
-        0xa6fa90a5c97e6686L,0xd1d89bee28a9c029L,0x000000000000009eL } },
-    /* 28 << 301 */
-    { { 0x2b1a24297e163accL,0x07a52207912df2c1L,0x8b00c607c28459a1L,
-        0x172a4e12d0d1c992L,0xd7d28839f97852b8L,0xfa91f13ff8fd2bdcL,
-        0xb40ceb9cc7c71e5bL,0x6dfbd3ef1bb25495L,0x00000000000001d8L },
-      { 0x77d795eaecb9e7d7L,0x307ec55c034640ceL,0xc81199211dc90456L,
-        0xf336a8d62e6c8828L,0x39f69ea7efbdf285L,0x9f9b88446f6376edL,
-        0x9cf44f2767ef7e9cL,0xcfb6ea37759662d0L,0x00000000000001deL } },
-    /* 29 << 301 */
-    { { 0xac8e3a669a265363L,0x0bcc6be9a837586eL,0x1800b8af5b913525L,
-        0x6bb8bc3eaf0766d1L,0x83ca07cb0bad6358L,0x29442dc1330633bbL,
-        0xce862c876fbccbf4L,0xc5550669b96ea743L,0x0000000000000073L },
-      { 0xf015f8b97920c9d7L,0x34a73daf4c203156L,0x97bf03c337bb3adbL,
-        0x7a7f0014000c2070L,0x04a1bac2d9d1d2beL,0xbd7991e0b7297737L,
-        0xdbb0bd6d8deac191L,0x8ddab47a8386ee08L,0x00000000000001a3L } },
-    /* 30 << 301 */
-    { { 0x3d87a8098b966d8cL,0xb435d15896c76473L,0xefbd14d8e443c697L,
-        0xa1d59738435950d1L,0x53a2c7714b9bf3dcL,0x712bc49a2cf7a12bL,
-        0xa73d130b39f96cb9L,0x4c00c64ead7eebcdL,0x000000000000006eL },
-      { 0x75300d109db550eaL,0xa7235321f4f7bd1cL,0xfba90cd35f63a433L,
-        0x49b56ce3aeaeca59L,0x1d562d49f8ceae69L,0x42bf5c058ae7ade7L,
-        0x571ef4b5c6aa760cL,0x2beb1d379fdd6c7fL,0x0000000000000074L } },
-    /* 31 << 301 */
-    { { 0xf025bfb65b9ab00aL,0x5afcde150c317febL,0x2dbf474e5deefa10L,
-        0xfa820330f1e3a088L,0x52d1d96aa577534eL,0xaab36a89d11cbc7aL,
-        0xe5b59c3e1028606eL,0x11298e30688131c6L,0x000000000000017aL },
-      { 0x4e1d910a80a78b33L,0x82826cbfb3ed3ed5L,0x6259a943c011cfa6L,
-        0x81284e4503ee6f69L,0xc3b994d2b86b8f5eL,0xd4dda4b45f239bddL,
-        0xbaf7541f709ad8a9L,0xeaa31ffd52390dc6L,0x0000000000000186L } },
-    /* 32 << 301 */
-    { { 0xcfdc285df79421d8L,0x263289988674686eL,0xf991086e1ed73cd0L,
-        0x65046369a36bd06dL,0x9712bb0b72adcd0aL,0x9b2d422f5faf9c7cL,
-        0x7e3989f851491c47L,0x9fc24bf809aeead9L,0x0000000000000029L },
-      { 0x8584ee840370acb9L,0xed56c569ea40417dL,0x6443587557b4cb9aL,
-        0x752c5fa691d35c5fL,0xbbcf8703abd0eb6fL,0x0dd72d15c233db59L,
-        0xf2b7a1ab692baae3L,0x6ee634377baadfbeL,0x0000000000000111L } },
-    /* 33 << 301 */
-    { { 0x2f00b1014d3f67f2L,0x02773442dabf0299L,0xb050dd0649b08536L,
-        0x155d73c3ee3a8e0aL,0x0e468ccb7c29c66fL,0x3b7660e15b398646L,
-        0xb6b2782165c7155bL,0x09cd57fcecb519d3L,0x0000000000000133L },
-      { 0x3aa32f6097fcfd5dL,0x35d5448b279abb9aL,0x54bab5ce95cf663fL,
-        0x9dc193ea1776f8d6L,0x6d2bed78f4d90465L,0x08da1c145e61f723L,
-        0x68c8bb0604d91875L,0x03458fea8b3a3a3cL,0x00000000000000eaL } },
-    /* 34 << 301 */
-    { { 0xb40737908373a6e5L,0x9ce42cd2a1188649L,0xce446162ad0eb978L,
-        0x322dadd09b7ffb70L,0xe568d26ddb803c73L,0xd74eb110c414c261L,
-        0xa1be744270b5c055L,0x5f70ec901a420208L,0x0000000000000175L },
-      { 0xad6727ca8c2a9937L,0xe9fd6825a03949a5L,0xe4790c050a8c931fL,
-        0x80943e80b52d4b49L,0x104bd74362d38bd5L,0x0510772ffcc1cf4bL,
-        0xc669adcd5f9185c7L,0xae818ff028123eceL,0x000000000000006cL } },
-    /* 35 << 301 */
-    { { 0x7a5717a10792b4faL,0x2c248be7fcfdf67dL,0x970a7feddcb61131L,
-        0x0234eb04df345fefL,0x3eb4489ba2745622L,0xb145f3f95ed28a99L,
-        0x0384b4cc064fe474L,0xea70e7d96931ea00L,0x00000000000001c8L },
-      { 0x331e0fd9802e2aebL,0x42417e6c8732f311L,0x6006728b12056492L,
-        0x3ce9e7fd5b979aa4L,0xcaaffb764b4fa416L,0x064dd6eca006759aL,
-        0x28b047d186a9190bL,0x029d74a7595fc9faL,0x00000000000000c5L } },
-    /* 36 << 301 */
-    { { 0x657f1a4a0d3a6ecaL,0xe4131c3c9584cfd2L,0x75ecc937303e30e6L,
-        0xb062e9f44c0801a8L,0xd9cf5f10d3221408L,0xae77108f25262e9fL,
-        0xf5f313faaf40a968L,0xe40dcb7d2c4518f7L,0x0000000000000163L },
-      { 0x949fdc6e98e347c8L,0xef10af84b013c3abL,0x4c48606d0e6d48feL,
-        0x97e690a711fb595cL,0x9f47aea713f11f69L,0x1d670e6e31bae984L,
-        0x35020db9e62e6909L,0xc43ff5489d07874fL,0x00000000000001d4L } },
-    /* 37 << 301 */
-    { { 0x28316d8b9441a550L,0xff7227210a759555L,0x5481756e2ab2ee17L,
-        0xf3cbe2e8e3dd7974L,0x7dc4b0f78aa159c8L,0x9e5b4f561bf333e7L,
-        0x63ff9f52a91020b5L,0xc76c6456bc08d5b0L,0x0000000000000103L },
-      { 0x69bcec9d3a833b1fL,0x07441e04281f6fa7L,0x08315e671838e4e7L,
-        0xcdbae7275209d351L,0x14c1373de5e46a7dL,0x8e3601e092125731L,
-        0x6fa6044488b745e4L,0x8ec5cb7e562f6bedL,0x000000000000004eL } },
-    /* 38 << 301 */
-    { { 0x9936081ddd58574cL,0xcd952445fe2c792cL,0x852d5476ed663b93L,
-        0x4b13dd0faf869b0fL,0x8793e140290f6625L,0xdd61017faaf6d5b1L,
-        0xe7d2fe4699c8aae8L,0x8794c5703e234ac0L,0x00000000000000e3L },
-      { 0x2586bc84622848ddL,0x81816931dc799fa9L,0x84e590e24092ee76L,
-        0x7c11f235d863e257L,0x5f43fd9706988708L,0xeb474948e569a68aL,
-        0x66b18d86d3b8b848L,0xcaf4df955083487eL,0x00000000000000c9L } },
-    /* 39 << 301 */
-    { { 0x89d29ec37898d2fcL,0xd5e69b49b98c5a0eL,0xe3c7a979b49ac9f3L,
-        0xebe0c817530d25dfL,0xbbec2d1a2e03e0ccL,0x6447dc091be011beL,
-        0x1d990dee2d10c2c8L,0x8ad4a24baf507a38L,0x0000000000000197L },
-      { 0x8f38e29bac7a283aL,0x3ce5725db29af2c4L,0xe17035ef8077fba2L,
-        0x5b50a50390b970fdL,0xfca6cdafb8efdf69L,0x0d252e814d349a01L,
-        0xfe068bd123d614dbL,0xeb14408f3810431aL,0x0000000000000086L } },
-    /* 40 << 301 */
-    { { 0x97defe3d7938d98eL,0xe2458feafd0bec69L,0x7df8d2b58b42ddbbL,
-        0xa82aab40ff39914cL,0x78549b01d30f07e6L,0x253f8c461331557eL,
-        0x771750d919648cceL,0x96ad6776d045bc36L,0x00000000000000f2L },
-      { 0x4a2ee334e08b83f8L,0x3e9c4cb72e3086deL,0x913eae4b9936bab0L,
-        0x3cf83551d23cd36aL,0x7c51d84adfd27d4aL,0x2595a90f4d006eddL,
-        0xb2d5c68461cc7be7L,0xbb02bd59a4b310f9L,0x000000000000018aL } },
-    /* 41 << 301 */
-    { { 0xea273b8fd19caa8aL,0x8f2eb0e5fbdceb6fL,0x13e96cf4cc37e1f6L,
-        0xf91f2f4d7b6607e6L,0xdb70dc3e919dcb16L,0x752725306a35e521L,
-        0xd48d0a08e930983fL,0x62bb3d8f9e955697L,0x000000000000001fL },
-      { 0xc492f1a5bc57ce3dL,0x0496b245370d6a7aL,0x2a0b281dc8ed431aL,
-        0xb8a3ff7922cc9f02L,0xfb6c685d7d711d84L,0x68e508ad40b6b8b6L,
-        0x437d076c1f1236edL,0xdab5a2ef69a9f09cL,0x0000000000000009L } },
-    /* 42 << 301 */
-    { { 0x45ad42dec9ebfcd7L,0x4054e68145eef6c3L,0x05427862b00d1763L,
-        0x025fc05fa9852684L,0x717a17c10de39afeL,0x618c2b085586b46fL,
-        0xff0a80f7f6b71672L,0x3c7fa577f5e7c531L,0x000000000000010eL },
-      { 0x33e3534c52ccb986L,0x9ddd2298303c58a4L,0x261e5b794a324d2cL,
-        0x52c1c46af081f324L,0x0216cb8dfd3db922L,0x8e5b647c45a5a0e2L,
-        0x1b1c0b847184888eL,0xc1297760e66e1c57L,0x00000000000001d9L } },
-    /* 43 << 301 */
-    { { 0x555d70c34aeab359L,0xc57ab8bb64f78762L,0xf95aba0b8d3e12c8L,
-        0x8bf166223b0a34c8L,0xd9b90d4a97a02258L,0xd2718cd14e070653L,
-        0xfc0b4a7243ae776eL,0x10b07a1f9e739e1eL,0x000000000000017dL },
-      { 0xc53e4794dbf1d1baL,0xb82723e1ab28bff7L,0x5cc8876d993dffebL,
-        0xc84384567c943552L,0x98d1a6ea3e1940aaL,0x1bb513db6e2214d7L,
-        0x27a9e1daf0e11ef9L,0x000546decb247662L,0x0000000000000114L } },
-    /* 44 << 301 */
-    { { 0xf6820c898f7f0d51L,0x470f631b3e6bb71cL,0x1489563d67e33eb0L,
-        0xf9a58c5e34260065L,0x2f0cbe5541d317c2L,0x3501da3bfae4b6f9L,
-        0x25caef56436223a2L,0xe86cd4faaa1af452L,0x0000000000000178L },
-      { 0xbcda46bd2a68b8bfL,0x7005074bf6e3ff4eL,0x17eb86a110cc5301L,
-        0xaa01cafcfcf4b5a2L,0x8f4954e944dd4413L,0x485d7a8e3dbc7cb6L,
-        0xd042f1f4fef97fcaL,0x8e1bd4289991c8f5L,0x000000000000007bL } },
-    /* 45 << 301 */
-    { { 0xc6611fa87a271022L,0x10ac4d7405f4fa97L,0xf94e7e96b448c4a7L,
-        0x24a2e0ae49c62985L,0xa2d6dd08a74848f0L,0xf7710e0eef1b6b35L,
-        0x3e6eca62ceae13e0L,0xcc1397bb0a3d98c3L,0x00000000000000e2L },
-      { 0x4220e9e620923648L,0xecbcfc545b686455L,0xeb4580c51656d644L,
-        0x9d1747a6a197f15fL,0xcf2b77a1f78eda46L,0xe417400145448aa3L,
-        0x9a23f9a71649a48cL,0xfc6d16ab76272579L,0x00000000000001d1L } },
-    /* 46 << 301 */
-    { { 0xacf13584ec5f73b4L,0x14f5910a780e4469L,0x556672606fa1789dL,
-        0x5866c80b9a4d28b5L,0x4a3a72f3217e2b8fL,0xc774aa4118da75fcL,
-        0x9c9be5c98ca2cd13L,0xcfcbaedc2145b62fL,0x0000000000000070L },
-      { 0xf78d77ee3833e520L,0xc536906550caeadcL,0x0392c83f4af31e0bL,
-        0x9b9f30ce94537049L,0xb56dc7c2ef2c1d25L,0x820e464242363f57L,
-        0xe70134f9abbf4146L,0x55264e69abc9ff2eL,0x00000000000001a1L } },
-    /* 47 << 301 */
-    { { 0xdd3503c5cee406e7L,0x4b64dd4333236849L,0xac777279889363ebL,
-        0xeec078a0cf6f0811L,0xfd559e756d243ab0L,0xaac1010f2e4d26baL,
-        0xc0b719ef55e9c8f2L,0xefff2f164e29695cL,0x000000000000016dL },
-      { 0x3717eb9cad47f17aL,0xb39b8c6162b05e31L,0xac892a92918390b6L,
-        0xaa3c7f01650cfed9L,0x6a8f7ec0fba21f56L,0x4732e5129121bba3L,
-        0x220ce23e1a14d894L,0x9199750e5dff1692L,0x0000000000000038L } },
-    /* 48 << 301 */
-    { { 0xcaa727068efb0157L,0x713a7f37f08f035cL,0xff58c6a1aa4fd5e2L,
-        0x760b066000a48205L,0x4a39e66655f07cb4L,0x0f6bedac67558061L,
-        0x9eaa88c266a118fdL,0x8d9ea75c97d29ca9L,0x0000000000000190L },
-      { 0x50a4bc7abc6094f3L,0x105120ce68f17d91L,0x514fdeca4e559f9aL,
-        0x414f4c0ee8d688caL,0x1b91555424de5ac2L,0x5d983c0e298823dbL,
-        0xa537321243264448L,0x4baf77e986eede9bL,0x00000000000001cdL } },
-    /* 49 << 301 */
-    { { 0x5233363c3908e1ddL,0xd337db04f34868cbL,0x67e60b131108934fL,
-        0x197bff64d6300ccbL,0x2ae67541ba25d4a5L,0x2cecde5e52500639L,
-        0xc89f08d4f30776caL,0x5a8a70c2d54d3966L,0x0000000000000119L },
-      { 0x69950ee38b87ac93L,0x82f8ef8a8aae9a41L,0xa7240350d2ceebf8L,
-        0x89babd2121a729faL,0xb32954b0bf228627L,0x0dfef1aac46b78bbL,
-        0x9ea9cd1f4c5f1ea3L,0xd23bbc8bc8c76503L,0x000000000000017bL } },
-    /* 50 << 301 */
-    { { 0xa095037ded6f2736L,0x0646535bad883679L,0xf786126e9a39a143L,
-        0x7b0ca7e623b36c0aL,0xf24b3e4b927379bbL,0x9b7fb39b25e2bb09L,
-        0x9274d841abe08b45L,0xf6c52548dbee12c4L,0x00000000000000d8L },
-      { 0x50b4222ef75cb030L,0x166b97d284f9c593L,0xe850289b5a778cc3L,
-        0x36ac8e7bdbacde12L,0xcf3371820d8b021aL,0x01f6d14c223203c3L,
-        0x4680d14e6369d2ebL,0x6c0e46e4e17a4aa9L,0x000000000000011aL } },
-    /* 51 << 301 */
-    { { 0x7061a9f024b2f7edL,0xbb9981d31b3a2b57L,0x2656f1674fea4e43L,
-        0xd302b1ff4e19186aL,0x99747d59605eaac2L,0x462f9060bb48ed8cL,
-        0x45023c424c6159c8L,0x580520656cbe1bc5L,0x0000000000000041L },
-      { 0x87e0f7951f1a47dcL,0x4ea66203080b099dL,0xe9051bdc1dce1263L,
-        0x30ec89d3e469142cL,0x6daa81dab80471f7L,0x2e12e2fbfb7c0aedL,
-        0xc395d4415db48de3L,0xedde9d18069032faL,0x000000000000014cL } },
-    /* 52 << 301 */
-    { { 0xbcc582303e5ab417L,0xa60c1a36b86fa32bL,0x3918edf55e73256fL,
-        0xff9846acf315fd9eL,0x31b17c0d4471f470L,0x953aeb49574ef0a1L,
-        0x98879828271105fdL,0xc61be3605efdad16L,0x00000000000001f1L },
-      { 0x64a9eff28dee2c40L,0x61c07dbb3ce994d5L,0xd5f17ebaedd78e35L,
-        0x2cad1e605fa0d125L,0x4a769e59482f87caL,0xf9d4824301c7ca2dL,
-        0xa283ff0e1070afc0L,0xc2dbfd1c7d19332bL,0x0000000000000165L } },
-    /* 53 << 301 */
-    { { 0x658850d16ce799deL,0xcc973847aef174f3L,0x6caf2e528de6a894L,
-        0xb84584ad02fa012dL,0x1e78d607213be59fL,0xd9bf24ad7c2ee0adL,
-        0x8fe953f726b076c3L,0xd38dc31c14cee17bL,0x0000000000000178L },
-      { 0x8d0b066db1c6915aL,0x21ccd05457340145L,0x5885c54667ec6ddfL,
-        0x41e073c91b2ec5ddL,0xf847703ff931f748L,0x20d56c94c21f1fabL,
-        0x5dcb60b7021229beL,0x5193baddbaadd8d0L,0x0000000000000024L } },
-    /* 54 << 301 */
-    { { 0x37f1fc2d03a65cc2L,0x521d119a085fe64fL,0xfc0fa31a43e08d7dL,
-        0x8f29f08e14fb6112L,0x79513894d29b5799L,0x8c2a5e15290f1bc8L,
-        0xb0626ceaab7d477eL,0xde49612f5a1f5a67L,0x0000000000000035L },
-      { 0xef75ebd052be58d6L,0x480a1e4323635dadL,0xb57c91739a3cbeb8L,
-        0xe84cbe7311c90c9dL,0x53973bd42c272fdfL,0x5a69a9e16b1fc029L,
-        0xf510e2b810568445L,0x8abe0317a03d18b7L,0x000000000000010fL } },
-    /* 55 << 301 */
-    { { 0xa24d79fc1f915fbdL,0x6f9b01cac405aff7L,0xa3f928dac9dc1424L,
-        0xb6d7a76790832142L,0x1bffa8759c7ec089L,0xd8406c711f1d58cbL,
-        0xc10c59f08ec01b2bL,0x0e6c986c5c4d7bafL,0x000000000000001eL },
-      { 0xcaba835f0b06de2bL,0x82f3ad2b2bc71659L,0x987d851df34a59e4L,
-        0x3ea0707f48bfc12dL,0xd79e3cbe936f8bdeL,0xf496192f8bd05c8aL,
-        0x8c3ba6aed29848eeL,0x87f5784cba394b14L,0x00000000000000feL } },
-    /* 56 << 301 */
-    { { 0x47212cd83110ef21L,0x351356ca7dab31daL,0x5c31add7777a302fL,
-        0x44844eb4dc66a1c6L,0x559f3fb428384807L,0x95dab974ff78dee6L,
-        0x2fe12e92fb20857bL,0x41436000ef499bbaL,0x0000000000000106L },
-      { 0x5e0e5f369df7b969L,0x2c96f308dc819d59L,0x3258db7411cf4119L,
-        0x6246da5476676d2fL,0x5be278cfca079f54L,0x61ab6eb06e36452fL,
-        0xe7742741461fc9a3L,0x252fb6386a926fe5L,0x0000000000000171L } },
-    /* 57 << 301 */
-    { { 0xd15425a0044b1e79L,0x30c1da1c01c4e18bL,0x2a8fe18f5b56cf96L,
-        0xa65a8c353ec8ae22L,0xd5b3902b1ce4eff5L,0x25dd04aa45191df9L,
-        0xeeede6edd2ec0e96L,0x3dd71ef21178f647L,0x00000000000001a3L },
-      { 0x61cbd8a0a99485faL,0x2e3a830310b88a62L,0x821545277d196b55L,
-        0xee30afd7176227b8L,0x0d7f8cb387f3f451L,0x461ab2741c2ae402L,
-        0xb510aa7e7c25eb24L,0x2064a9326d6cb16fL,0x000000000000013aL } },
-    /* 58 << 301 */
-    { { 0x3a647a701e66ebb3L,0x87eda648234fb017L,0x522f0e31ab81b9b8L,
-        0x0b423e7514efd69dL,0xa4876674b8df1b85L,0x43be28d578427a50L,
-        0x2959b6b085148f33L,0x49b1b83da5796dabL,0x00000000000001cdL },
-      { 0xe42c30325d6b2eb8L,0xdfa003ce05f8e677L,0x59e1401917e9254cL,
-        0x34009be012ac5202L,0x7e0ebbb0db58cac7L,0x590acd1a64a0ffdfL,
-        0x100e7b6afca1d458L,0x8933fc7a84524656L,0x00000000000000ecL } },
-    /* 59 << 301 */
-    { { 0x5251639ab0e87051L,0xf6f979ce0ca338d5L,0x144d90c7b6e253b1L,
-        0xf037aa216a68696fL,0xf89c93246540c170L,0x29ff81b785893ae1L,
-        0x4adef9b90e2c8c1bL,0xce6b4390efee4a2eL,0x0000000000000002L },
-      { 0x8ddf233de075825eL,0x6b1e1fb82bb7ce2dL,0x6b6d4972646ee9e4L,
-        0x83b3d991a7723d1fL,0x99b83cd10ec203d1L,0xc03b08a4e02da448L,
-        0x02a118288fc47033L,0x604306491e6f5d22L,0x000000000000018cL } },
-    /* 60 << 301 */
-    { { 0x9628c0db8ed909faL,0xd3b2a86d0580185eL,0x5735bd594bd03ffbL,
-        0x4f83f8fd1cc44682L,0xbfa641e8a18ede58L,0x840c9d0a5ea97db7L,
-        0x66b28600dd4a3122L,0x8e603955d4678750L,0x00000000000000e8L },
-      { 0x7da4912cd87216c2L,0x1ff65b078fca0ee4L,0x7e1fd56ef9bc6ddaL,
-        0x566b2e611503ac12L,0xda75d74167835799L,0xc0ea3d59dc72ec9bL,
-        0x6e72e5f65e154614L,0x7c42bca592cee288L,0x0000000000000185L } },
-    /* 61 << 301 */
-    { { 0x745a839ffd28d6bcL,0x4589047acd47e3b7L,0x93b23d94bbb197acL,
-        0xa34679ceecf4fc7bL,0x034298450d34fd44L,0xee153249190fa29dL,
-        0x3ad1071072eda190L,0xcb61b38e3b741423L,0x0000000000000119L },
-      { 0xaf04e1516a6a568fL,0xf197ced617e3e52aL,0x0940b3238f8d327eL,
-        0x5ac9433f0d86d681L,0xa5cff71ee57e66a8L,0xebe9a6ff3736d6feL,
-        0xb84eef1671bf3727L,0x3c02e98d17c1cf71L,0x0000000000000088L } },
-    /* 62 << 301 */
-    { { 0x4c6238c497dd1d20L,0x3fa03dda3196ab67L,0x5fc72512a7f69b5fL,
-        0xfa56e5413948db72L,0xe631f4fbd8fa32d6L,0x8495ca1d086e83eaL,
-        0x715f2aad61ea493dL,0x7d8cfba3b12179dfL,0x0000000000000124L },
-      { 0xff5705a163c29a0cL,0x6b7f470e4fd2f2a7L,0xd4a25c106860eb08L,
-        0x479eeecf19028042L,0xdc108a08934796a5L,0x6dfd7872672cac03L,
-        0x809fd3bfc86d5c23L,0x193e18ab4ad9c302L,0x000000000000016cL } },
-    /* 63 << 301 */
-    { { 0x5f0eb4740d66d7d3L,0xad88da12ff43b22bL,0x6ddd0823f87427f3L,
-        0xa8753432c0af65aeL,0x8e4d1f970f47e6a3L,0xb9a187a3ec52c9c5L,
-        0x7df606cae458ff72L,0xb5b21deea1c108f9L,0x0000000000000107L },
-      { 0x14111844be16cc0eL,0x9bca8c559765b2a4L,0xf0649ee7e8f13547L,
-        0xce303044c8254c5eL,0xf277fadc62c52494L,0x8634d4d0b31a1319L,
-        0x3076ab431394abaaL,0x2ba1f7ed9e0ac32cL,0x00000000000001b3L } },
-    /* 64 << 301 */
-    { { 0x70c5acdc38693d3aL,0x9edee68238f054f9L,0x16e053f22960ceeeL,
-        0x5926857c28bfe7b1L,0xb9f7420e6145f8d1L,0x9e0c42f59c0298efL,
-        0x50b7210edd7d9fc6L,0xf9e4bd53d7be096fL,0x0000000000000078L },
-      { 0x428c2455ed19fc57L,0x9e8f777d56aa75dbL,0x4caeba30a671d991L,
-        0x5f927d79eae0f53eL,0x00d6ad369e4c2a5bL,0xc8811438a2e12d0aL,
-        0xa36d664eb2aeb4b1L,0x74e76676929a8748L,0x0000000000000191L } },
-    /* 0 << 308 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 308 */
-    { { 0x358eb53667db4570L,0xaed3f999685fa5baL,0x4593c950cb571fcaL,
-        0xdff7278c0411dc5dL,0xd62a44643bfe7e51L,0x53b87ca249f6f05aL,
-        0x72327899f2c3d2dcL,0xbaa194aa9df4da5eL,0x00000000000000c7L },
-      { 0x3e73accfb50a3e06L,0x0d8ebee30754f2fdL,0x3cd0ae954b3f3fd1L,
-        0xc4a4eee0c08bb2dbL,0x7955296319d71e5dL,0xf91e1ab7872e35c9L,
-        0xc85090f6f6c102afL,0x8edf8c5d1e42a1baL,0x0000000000000179L } },
-    /* 2 << 308 */
-    { { 0x56923e55f33c5a4aL,0x1c5624ec829a3c22L,0xed234e3870000295L,
-        0xa8467561edf3ff42L,0x717a939e9cec9497L,0xf80e28024e6be199L,
-        0x5023bbec06fa7b8fL,0x16e26a9ddd95c07bL,0x00000000000000fdL },
-      { 0x88091d673c3485e4L,0x0377260fd40b6b47L,0x6d9c6df416f7b3abL,
-        0x65376516f71b1fddL,0x89cc11f991956d40L,0x58992a09807610b8L,
-        0xdeb47aa2b2799c7eL,0x3ee5834c8a327765L,0x000000000000012aL } },
-    /* 3 << 308 */
-    { { 0x421b840e80905a7aL,0x97c7f1d394b48cbcL,0x421a23843b79f360L,
-        0x1121a2d8eaf59ef3L,0xddbe9d9959fb65d3L,0x6ad2be2371d9d306L,
-        0x36fa0077789af534L,0xb928a6e78013dc59L,0x000000000000017bL },
-      { 0xb4c26798a38d78e5L,0x8884dd394cf38545L,0xb74dd46112a2023bL,
-        0x1b242f854133277dL,0x401d32f2d29d7071L,0xcd7c9aa43d2e2a0cL,
-        0x9df2157e06ba6ad8L,0x749bfc4c80e2c3c5L,0x000000000000018bL } },
-    /* 4 << 308 */
-    { { 0xccf8b57aeffb980aL,0x82ea22f5d0108b23L,0xcab6a69f6c902061L,
-        0x7a3d74d843663f25L,0xb12ca29a0ad5df2dL,0x9d3ebbeb2f9fb277L,
-        0x6f975e2189bc5273L,0x75e8bf950929deceL,0x00000000000000a9L },
-      { 0x14493740e1af64e4L,0x9ce3ae66109961dfL,0x36651bb7e31f4ffdL,
-        0x18b7131cff1fcfe2L,0xded3378b085a67b7L,0x28efb2896e283271L,
-        0xb66deb9a73427ac3L,0x3c5fd6d2a9baa451L,0x00000000000001b3L } },
-    /* 5 << 308 */
-    { { 0xec1f6a5762efd94dL,0x1d80b5e87b95536cL,0x01f8ba60af47e2b4L,
-        0x6e8ae542a3b0e6d0L,0x5ecb52d9e45fefb7L,0x2108032a327299a8L,
-        0xc49fc5c5044ed33fL,0xd1fd083752cd0833L,0x00000000000000e1L },
-      { 0x3f6ae9b6cdad11acL,0xad3f0fa813bb828bL,0x812626816ff056e1L,
-        0x2fd37492a73196cfL,0x172beb76df90d5f4L,0x63f2c6e466144036L,
-        0x3e1f497457f6d086L,0x5e0d8e49fb6eb366L,0x0000000000000095L } },
-    /* 6 << 308 */
-    { { 0x611f4a795e2d7653L,0x966e843cceebb0a9L,0x2e358cf506e8a15dL,
-        0x2ce41dc740a74fc7L,0xa2fdea4f5eb455b2L,0xbbbd718f120fa4d4L,
-        0x210bff82030fff11L,0x5a1b943aa68b00a0L,0x000000000000002aL },
-      { 0xeb814a67ff037be3L,0x3b08220469f52c59L,0x3f72143e74ff3224L,
-        0xe7e85cc436f89aedL,0x2afcbe04caaf314bL,0xf8c8bb32bf93fd35L,
-        0xe41f8328ac1dae25L,0x5318c6d7bdeb2001L,0x00000000000000f5L } },
-    /* 7 << 308 */
-    { { 0x630190bb95989889L,0xe041da504e659dd2L,0x5d88d99b5df8e753L,
-        0xdbac25445ac2e158L,0x1ff6ece7699eda49L,0x3d0860a21051bd60L,
-        0xd4d8685740c3a989L,0x2bfcc26c4002d915L,0x000000000000012aL },
-      { 0x0c43772c2f4acc7fL,0x54963f2fe3753d32L,0xc699be8765dc40e8L,
-        0x6dbc95ad81560a01L,0xc805d7411dedf025L,0x46b049c177fa74c6L,
-        0x7c0f62fb288c1133L,0xa8a2e1f9e6f066baL,0x00000000000001feL } },
-    /* 8 << 308 */
-    { { 0xce24d42c1b72e95cL,0x7fa4289beab74b64L,0x42ba739e523fc1e5L,
-        0x9293167b814c4fc8L,0x4418fbfd8623db10L,0xb079853f76a132b6L,
-        0xec5bad8abf394947L,0xc78e5748e7b0a665L,0x0000000000000169L },
-      { 0x6038ad95d7eba9ceL,0x421ecdc9572f3671L,0xc6b7effc60bc3cfcL,
-        0x2c4b7b77a48fd001L,0x80280ec9d57795e8L,0x350815c93a7f6d67L,
-        0xce30bcdd7da13b86L,0xe36da7b123c894d8L,0x00000000000000c9L } },
-    /* 9 << 308 */
-    { { 0x31105c7864ea99c5L,0x513faf09396e75e9L,0x34a79931a04b75a5L,
-        0x3e026b0ed4c954f0L,0x70d2aeeb235bf7e9L,0xdd6c193bdf5682b4L,
-        0x7cf6e8f29b1d9704L,0x41fc6b32026eaac2L,0x0000000000000132L },
-      { 0xd09919ef5413aa96L,0xdb06523a393fc9e6L,0x8c6f8bcb74809cc3L,
-        0x7d2a5b46b27e50abL,0xc4f0d0792a507c1fL,0x28c3944b4a751fe8L,
-        0xcd55d261bf88e984L,0x56d48d0616da21b0L,0x000000000000008cL } },
-    /* 10 << 308 */
-    { { 0x2cf7fa7761bfa954L,0xb24bbea98e5118a9L,0xc5c77927689db327L,
-        0x8d12557569c43762L,0x41f4bb986c359329L,0xf0715fbed02caf97L,
-        0x3319662497538059L,0xfc8ae58b5ea0263aL,0x000000000000005eL },
-      { 0x7245131ce020630fL,0x459c5721ee23ba9fL,0xf25f9be9ac36a41eL,
-        0xbed1a35049589c41L,0xa72555b2c636e1cbL,0x35398149c006b213L,
-        0x7761c08b6a446a84L,0xed021d8673e41c6aL,0x000000000000001dL } },
-    /* 11 << 308 */
-    { { 0xf8d97141473e6d47L,0xe73699d31e25f25eL,0xbb3aa86000986563L,
-        0xd8158f88653b68e8L,0x1c7d943eb586d23bL,0x1074ee6888ee5191L,
-        0x6f60808b0b60c796L,0xa7fa912d84dd4730L,0x000000000000002aL },
-      { 0x589bccf26b6fe852L,0x902c7b946abbb0e2L,0x9145309822db1367L,
-        0x6febda2d555ff37dL,0xb6fd9b3008771767L,0x968892ece5a8b409L,
-        0xfe1910a2e1233793L,0x13fe7f04213d591eL,0x0000000000000184L } },
-    /* 12 << 308 */
-    { { 0x59975b4fdfc4e7ddL,0x35d9e63a3fa2a870L,0x7d6653749901f064L,
-        0xe89caa890e9dca74L,0x6eeb63913d92e7f8L,0x19d9af358a4ccbb0L,
-        0x405c35c2928e5cf9L,0xed771157ddb633ffL,0x000000000000008eL },
-      { 0x6ad1dcbc685b9a90L,0x479ab5746efb4e61L,0x27a023b6e72992c3L,
-        0x3607decab94c54fcL,0xfb2f50d0fbf16aa6L,0xaf3f098398c7c140L,
-        0xd1a20e9ea3814586L,0xf1bc43165412b23eL,0x000000000000018eL } },
-    /* 13 << 308 */
-    { { 0xa047b2e89a705668L,0x2fb2a1b74cd0215dL,0x90ef0bb734146de2L,
-        0x340074458c103e1eL,0x4803ee28d95e743aL,0x574f1ca6bb762bdfL,
-        0x703fec4e2ed0dc5fL,0x3f19a069d27172caL,0x000000000000002eL },
-      { 0x3dd8f275c44bcf81L,0xa32f84ac517a8afbL,0xc065ba2bf26384b8L,
-        0xb3fadb9619d14499L,0x6258447d07523eb7L,0x4c8c791afd107696L,
-        0x041ab2e7d111b4d3L,0xfd008507e28a3a07L,0x0000000000000165L } },
-    /* 14 << 308 */
-    { { 0x75d00875fbdd51caL,0x8c2e5ff75d7aa834L,0xee4fbe0aa4a1a123L,
-        0xdf61ce6939ea5515L,0x8a747ddaf3ee68beL,0x106c5c5d3cedff21L,
-        0x51ecf5362c3519fcL,0x6581ec138cefa861L,0x0000000000000187L },
-      { 0xa8668f9d0eecd8dcL,0x4dc8fbe96bdd6803L,0x5aff8cdd339f6f89L,
-        0x7a39f0ab91d488acL,0x20e1dcc8d8fa0333L,0x12e03a970fb08c2aL,
-        0x265c2724173af27cL,0x962fa034cc395512L,0x00000000000001bdL } },
-    /* 15 << 308 */
-    { { 0x5fa1aa9d9283f38aL,0xe0dcef924846cfa5L,0xea5d81e7e4c20234L,
-        0x5959dbcadf690b8cL,0xb77391b0c6e466a6L,0xdf6353c23982757aL,
-        0x6516e711b064d2c4L,0x6a29f216df8f77c9L,0x00000000000000e5L },
-      { 0xb5fd98187a2702b1L,0xdc2a2e1d49291bcfL,0xf18db82a493dbb22L,
-        0xaaef9aa431732b87L,0x6ce115f70f27262fL,0x4784c2ed93afc24bL,
-        0x97df3c8932540ad9L,0xc01564c169f2a2c6L,0x00000000000001dcL } },
-    /* 16 << 308 */
-    { { 0x92401ab5853572e7L,0x957d2ca6eddea020L,0x7d54dd653f9fbd6fL,
-        0xad0c7d092e05d05dL,0x6656fbab04183b30L,0x543b50170b716d5bL,
-        0x2481449d9857d796L,0x86173b6de3a39722L,0x000000000000005dL },
-      { 0x7130d0cae71e511dL,0x168ef9d935663592L,0x63a9936eadbf816fL,
-        0xaf63ee57d4f7a44aL,0x59f21032cd0ea152L,0x2f552046a881056fL,
-        0x26eda9a621ba6bf5L,0xe75991c7d0a0caf9L,0x000000000000004cL } },
-    /* 17 << 308 */
-    { { 0xd892c4c47f86d0feL,0x56f68e92d138ac8bL,0x8b6cea6b812bef69L,
-        0x65e6668136fb366fL,0x61708f66c5da12b8L,0x0f58c3a4c22b7b76L,
-        0x51d69be4faa405a1L,0x468bd1ec9efef316L,0x0000000000000182L },
-      { 0xfd9983c6150289b7L,0x7eb083abd79ab364L,0x2931bc8877a84d7fL,
-        0x521e5eaa959467b2L,0xb6c94464c1b64119L,0x6012353f4c2cadbfL,
-        0x134c778a4a2afac0L,0x996a73009c581747L,0x00000000000000e2L } },
-    /* 18 << 308 */
-    { { 0x33e1640091a78548L,0x0be887bfab17fd14L,0xd0a2c5b684e585a3L,
-        0xa7263ff6c9aad376L,0x3043f2fece1efd0eL,0xa0680aabdef6a593L,
-        0xe60970a1f0023f93L,0x3a37d9532721a60cL,0x000000000000019dL },
-      { 0xa6f89b88c747ceb9L,0xef6327fbd2f9af42L,0x9fc2f4e140059ad8L,
-        0x8cf625fb17fd0a67L,0x7b274e49d4b8e5fcL,0xabdf2b193b7de841L,
-        0x33ace325cb52a6faL,0x245e8346cedd79e1L,0x00000000000000ceL } },
-    /* 19 << 308 */
-    { { 0x01bacaeabea17fe6L,0x59915363440c14b2L,0xaa37092ab5b2c0b1L,
-        0x0d2bf652ab5e63ceL,0x78f5ca508ad78521L,0x22c92a71ed54e597L,
-        0x25e63d45070cfe02L,0x4bd01cf9443e0e82L,0x0000000000000092L },
-      { 0xd059eaebbee76889L,0x6bc4542fa6dffb4aL,0x249940849553d515L,
-        0x2ce00cb4cc103183L,0x45a3fdc168016708L,0x2bad1eabbac0273eL,
-        0x38ef326920c8a277L,0x849cd583f91eef7fL,0x00000000000001feL } },
-    /* 20 << 308 */
-    { { 0x1da8036a7a1e7dcdL,0xeba687ced11490f5L,0xc64142142c78ff92L,
-        0xf74c827871e76977L,0x4f4870199295ccc6L,0x9f1f19e06d459a5fL,
-        0xbd88bfbb1a7a5b0bL,0x64780f07e527efe7L,0x0000000000000042L },
-      { 0x9e3e79f3e6b1281fL,0x0b7b6ea6cf470445L,0xa1b8c1490c2ab815L,
-        0xc063df408bf69287L,0xc8db56473cda2051L,0x44a55be78b19b178L,
-        0x359c27432185346fL,0xf88c095f67dbbce5L,0x0000000000000103L } },
-    /* 21 << 308 */
-    { { 0xb91e5920ac8ef011L,0x7a54d4adfbcdb74aL,0xfe11613ffc5098b5L,
-        0x1336af032aef6001L,0x84605c56a061b0f6L,0x0f60d5e2e1fcaf04L,
-        0xde8852e49907ac17L,0xb28a7d61ea6f8bdfL,0x000000000000005dL },
-      { 0x4004301e0f0e5fe5L,0xf197d689fc10a41cL,0x0b0fa151123330c4L,
-        0xf03abc5f0d80b3fdL,0x70938e36c84adc56L,0x56e25d0682880d7bL,
-        0xe4ba61eab767a4f9L,0xfec4056bec7805ceL,0x000000000000007bL } },
-    /* 22 << 308 */
-    { { 0x71b0470927f2d575L,0x4ce1b5a35ec90c8dL,0x1fa98cc92ed1c562L,
-        0xffac24ea60a174a8L,0xa9eb67c721c17f93L,0xdff4dc8fc22a0e55L,
-        0xd44fe45a97f21f99L,0x617b224cd9032856L,0x000000000000012bL },
-      { 0x807472aea19c8053L,0x83365805a0ea3ce7L,0x15ade403800a5422L,
-        0x1d7f62916bfeca38L,0xd3454c6c3975cdabL,0xba22ba37899c6b79L,
-        0x46901af86bd4d316L,0xd7dc618e8259a72eL,0x000000000000006cL } },
-    /* 23 << 308 */
-    { { 0x2c1a594ce5e70724L,0x9827008023b65011L,0xc4bfcb78112d48a3L,
-        0xe9f153719f70adfcL,0x95fe6dfa442466aaL,0x11f7ba5cc44e4c58L,
-        0xbbb7c63059794602L,0x3caea52a595ab424L,0x00000000000000beL },
-      { 0x7bc2206923fddef3L,0xdd953f62707e24fbL,0x4711583a602d304bL,
-        0xb63e6c862ceb6dc1L,0x37485fd80d5380cbL,0x9dd8e21be6c10e7cL,
-        0x47e4555b2bf9a466L,0x12bffd0346e86fd9L,0x00000000000001c3L } },
-    /* 24 << 308 */
-    { { 0xe2f4e66122495a58L,0x0f547f2112dedb25L,0xda70b4ccab617fa2L,
-        0xdf8f0a8727716051L,0xda92b34e5b9602c9L,0x13f62ddb9edc1bb8L,
-        0x4c9453427196c75aL,0x03d6a92485cc70b4L,0x00000000000000b4L },
-      { 0x5b3255495f951e47L,0xcfdf328e31c6c06cL,0x4c747ca3b4409bc1L,
-        0x82b37aedb2420014L,0x254fad7217af258aL,0x8520c05a9aaf24d3L,
-        0x22c81bd52f2d8a68L,0x15f846222126085bL,0x00000000000001eaL } },
-    /* 25 << 308 */
-    { { 0x49cbcd516677335fL,0xff3b5c376973a2a6L,0x24fbdf0a76d9b3b1L,
-        0xb90d67e23be472a8L,0xd3104c78a0370080L,0x2d0c35e019f99197L,
-        0xc01ae666656ff6cdL,0x70357f51c10c44d5L,0x00000000000001b1L },
-      { 0xe922e0ca48b5b2f2L,0x8f4a74eeba82bfd9L,0x78744832f23c0329L,
-        0xdac7d5e418144f0eL,0x4b6c8a5573ab198bL,0xad8701552aeb0191L,
-        0xcb25a018937740afL,0x217c8ebb064ab75eL,0x00000000000000ccL } },
-    /* 26 << 308 */
-    { { 0xc3e6e304b6017e8bL,0xe0f4658e93da01e9L,0x7c000b973650f195L,
-        0xa252398f0db26432L,0x5b8c3d166a3e2695L,0x58aceeec15c35d5cL,
-        0xfbd04cf40c9d3e37L,0x91e494fb96955becL,0x000000000000006cL },
-      { 0xf233b2294ef54821L,0xdf93fae3e9f9da80L,0xbcdd5253e7d7234dL,
-        0x4b8a114bd07bb906L,0x32e091a2d6937e9aL,0xcc369893ad38b041L,
-        0xcc0a70efd48839a3L,0x243948c57344ccffL,0x0000000000000070L } },
-    /* 27 << 308 */
-    { { 0x7d6c6c044e864354L,0x0a901df4875d7d03L,0xb5907546246dae1eL,
-        0x6729f83134e1570dL,0xd764551bcfdea622L,0x313f1c743b5e6805L,
-        0xa1481042669a54ccL,0x5f415fd1b868de4dL,0x000000000000004cL },
-      { 0xd716453f41282c78L,0xd0195eb53fa4d88cL,0xe89c4289ab207259L,
-        0xcde2eb67f7971651L,0xcea4c8f7c8412a8cL,0x0bc1ad8e99a02f0aL,
-        0xae4acd7a8011b76fL,0xa1631045edd271d2L,0x00000000000001eaL } },
-    /* 28 << 308 */
-    { { 0xef3289b04ad9d4d3L,0x1642bc9a269cee37L,0xc43668c748c83a9dL,
-        0x1273811b4be20506L,0x6ac04b3ad754dea6L,0xd7fc6015233d6ef0L,
-        0xe1f876a478099339L,0x95f3600d848cc174L,0x0000000000000093L },
-      { 0xd887337dfe703d68L,0x7fe8618d7fbb4be6L,0xcc8553bb5e92c232L,
-        0x7c8c470d76d61087L,0x895e49a664c6ee9dL,0xd18e92679cce131bL,
-        0x37e1526eafcd5762L,0xb36a29bace71ee8aL,0x0000000000000012L } },
-    /* 29 << 308 */
-    { { 0x5bd3e13724ef2377L,0xe78c3cf63fdfcae6L,0x4e142cabb58a6d07L,
-        0x3e136d15d953e9a1L,0x0a7cc513153a91f6L,0x43b28b2c402eae12L,
-        0xcc70a80949e328e6L,0x36f604d3e4e3b6d3L,0x0000000000000137L },
-      { 0x9dab1378923289cdL,0xf78d3f45bde1d213L,0x5ab3e38b81422f9cL,
-        0x1380b31a8ba8cbebL,0xe4a0c0d8f6d62dccL,0x05a681bd04c2e5fcL,
-        0xc2dc99873ae76bacL,0x1b5b77687287ffa4L,0x000000000000009eL } },
-    /* 30 << 308 */
-    { { 0x313ffe575bed3c7bL,0x89efad76113b0db7L,0xa4068d0b23656bf8L,
-        0x58b54b358440fcd0L,0xf012adff64e85c0bL,0x95fc8d711b1a0be4L,
-        0xd8dda43290669498L,0x43a699b8cb319f35L,0x0000000000000030L },
-      { 0xb47ffe3b8d9462a9L,0xd89b60f9768e68eeL,0x8679af2a3a0033a4L,
-        0x585f61ee9dcca100L,0xaa093db603db700aL,0xe80a02fe08a588b7L,
-        0xd6ad55849c2f6c6aL,0x0955a470748f1c99L,0x00000000000001c3L } },
-    /* 31 << 308 */
-    { { 0x6323f8eed9c72869L,0xd78b8344726240f5L,0x7eee40c79fcc91c6L,
-        0xfe0d1b6a43b91a09L,0x9254b68dbdf3e3e0L,0xf7ab62718f3b0872L,
-        0x913f625223694657L,0x306927fe683200daL,0x0000000000000151L },
-      { 0x68e2727cbf01e24eL,0xcfc5c7bd9ce8a665L,0x97659cc53e39c7f5L,
-        0xeb81619823c6a080L,0x40b159fb9cc5fbe1L,0xed0d128e7072081eL,
-        0x15146656cfa8fd34L,0x8a860e6be7cd5746L,0x00000000000000adL } },
-    /* 32 << 308 */
-    { { 0xed90e62b5e3ced2bL,0x160214bb5a919213L,0xdfb8ac078cb4fc2dL,
-        0xea5aa6e7ea384db0L,0xc9492ed2f916fb11L,0xf40cecce1305bd78L,
-        0xb98af5013f28555eL,0x4e9f84b268417d62L,0x000000000000014eL },
-      { 0xbe791feaac7df2e2L,0x15c9429ce745ba60L,0xb02c1705198a2d50L,
-        0x0a67cdce9b6e6a44L,0x640506295ad00221L,0x75620ea82b314076L,
-        0x64c89ead87b02aecL,0x0e5ff515a92113ecL,0x00000000000001caL } },
-    /* 33 << 308 */
-    { { 0x2c19949ef2406274L,0xeb1e901251f176c7L,0x2695dcbb4ba80dc6L,
-        0x2e07a7e0f5334f98L,0x9428720daf669d01L,0x82c33b4fefb29d88L,
-        0xb2e43bcd57ca108eL,0x04a02cd6212733c8L,0x000000000000001aL },
-      { 0xa88f7adc850c9f85L,0x3e05d4e2e6d0c323L,0xfd785dccf2abaaa4L,
-        0xf4655ef4740cf540L,0x8ccd72a6db4f34c1L,0xff73999f3cb7f1afL,
-        0x7a8f7afb67b965c6L,0x689736dc011e9fccL,0x0000000000000190L } },
-    /* 34 << 308 */
-    { { 0xe370e04bda8b5457L,0x63b60bea8169a63aL,0xca9c40db704d3577L,
-        0x3232585b00e9f510L,0x917ba31c02396333L,0x7c5080f6b91efb06L,
-        0x1eb3475cbf68771cL,0x4cec20604cf02263L,0x000000000000011cL },
-      { 0x507d8e2d9a69e3c9L,0x5851d2297408ec4eL,0xb2ade543a8576e51L,
-        0x37a8e2664dc34c8fL,0x3bdee95ac43ffaaeL,0x0a0c91250fa2332cL,
-        0xe24013f395ee30f9L,0x5147e3805619b0f8L,0x00000000000000bcL } },
-    /* 35 << 308 */
-    { { 0xf004e4c8373d4c8aL,0x7822596b460ac6b0L,0x471aaf043775d740L,
-        0xcf749e00d276f1e1L,0xcaccb1f7f2ebb22bL,0xb5588cee33256066L,
-        0xcc12f8a3b5237d3dL,0xee1ddeae0b0be19fL,0x0000000000000019L },
-      { 0x447a0ca173675ea4L,0x635562ac3d1ae535L,0xf0743ca5170b653aL,
-        0x1104441f680762e2L,0xde5a0d91fdb1f4acL,0x2e7d6445c33ac495L,
-        0x9dcd3ccb794a087bL,0x1d3f68a58696a6a5L,0x000000000000015aL } },
-    /* 36 << 308 */
-    { { 0x2789d11789bd607fL,0xa49b3a3d1cf5731bL,0xb4d1ae40375eac7bL,
-        0x7a9e3214709d9d95L,0xc7af5abb98b3eea0L,0xde6ea6f093831eceL,
-        0x0a4230d2a22c398cL,0x7a2d8ce8484e09f8L,0x00000000000000d7L },
-      { 0x41dd59f7641a8d21L,0x160f13b2f280dbb1L,0x5a3ccbd65a915aa1L,
-        0x2bdc905e2c8b1919L,0x94c2351282289eecL,0xce5342af75f08e5aL,
-        0x6fb1fe090c9c86e0L,0x8eac3f4599539227L,0x00000000000001f4L } },
-    /* 37 << 308 */
-    { { 0x3994c61f837a73fcL,0x05e46220c3c61376L,0xc0e2194910b886b8L,
-        0x8359b1f1189ab28eL,0x13999cf923e8fe68L,0x04111bba06dab3daL,
-        0xf18121394ca82f29L,0x5dd0e72bd9943929L,0x000000000000004fL },
-      { 0x04858d7e9fe6d683L,0x2a004635afbc7265L,0x107e46cab959a351L,
-        0x2f3e6d698b035e0aL,0x801c719799822213L,0x4fc2eb1161f5bc41L,
-        0xf7c878ac5cbd4694L,0xb9dd8d02b6b9a266L,0x0000000000000196L } },
-    /* 38 << 308 */
-    { { 0x2cc54df39a952054L,0x47e7fb8b51ab4e98L,0xaff4e345b6e2cbd4L,
-        0xd610c468f8c1d6a1L,0xa7563cfa992df027L,0x140c736189033162L,
-        0x63971f30eb289c93L,0xe2d280352b4f7844L,0x00000000000001eaL },
-      { 0x82228cb1bae96b69L,0xdf0d49c6a3083751L,0xbe69f9c9c81c58d0L,
-        0x3cd796d57b379ce3L,0xccd51828bf65993dL,0x211b60262d97d104L,
-        0xd4fc2ed814cae057L,0xc6ec10767e620833L,0x000000000000012fL } },
-    /* 39 << 308 */
-    { { 0x5f9c3dd34c7a6d9fL,0x980f2239fc7c6101L,0x2f9d1cdbce021a46L,
-        0xa28bd3e778b27c58L,0xd945b2bc1c8ef989L,0xda48a77c0d1cb17cL,
-        0xfd09eebd7610f5aeL,0x56a9dd2796b6ac9fL,0x0000000000000167L },
-      { 0x849e468d1395f988L,0x2ab3d74264a87f6dL,0xf31f45c333b48458L,
-        0x3919d83712166e26L,0xbd8adf1e79b58f44L,0xfb3b7a45366e3d27L,
-        0x6290beabbba7525aL,0x7c682d245b4cecbdL,0x0000000000000147L } },
-    /* 40 << 308 */
-    { { 0xbe900c2b8b2cdcd6L,0x9cf651cf310d52b5L,0xd4a52f802935c768L,
-        0x6e2e1c7e42edb029L,0xcdc8d47abefe41acL,0x199ee4beeda259faL,
-        0xe706031f7f85ad33L,0x5a45278532b0f784L,0x000000000000004fL },
-      { 0x2d3934ba35610090L,0x398169e89e7de644L,0x471618b4dd43f89fL,
-        0x54961e3c7f1ef9b1L,0x46d59c5ed6fd43f8L,0xf5b2ecf88f2fb30aL,
-        0x6c423061b68e08a0L,0xb491e42bdf61a0e1L,0x0000000000000080L } },
-    /* 41 << 308 */
-    { { 0xdd61e4a3e3a78953L,0xbf87cfd848d529a0L,0x05aa387d57575951L,
-        0xd7335ac15d8653b6L,0x5a87134fa75e619bL,0xd3b65b4ffb2975faL,
-        0x60914e3730514133L,0x164480addf63e2d9L,0x0000000000000089L },
-      { 0x46993b20c16d3f41L,0x56b02cb3f40e7e23L,0x40dccfe49fd8bf53L,
-        0xd27718e9865bd74bL,0x7e67918f4f316243L,0x1496d27854c01a95L,
-        0xe335a4aabce954eeL,0x1c65a2279c07cc82L,0x00000000000000c8L } },
-    /* 42 << 308 */
-    { { 0x88c2882bd4c52879L,0xf5a17282601e9b5bL,0xa2cdc54876b70fe4L,
-        0x58dd0c4b6978da58L,0x745243423ffc240dL,0x24d69e0ea8be34baL,
-        0xe8e520f3fa0a2e8bL,0x3dbd0ce31ec56e1bL,0x0000000000000053L },
-      { 0x30f5a879ad6210bcL,0x2d50247054846592L,0x0fbd0ae1e24df628L,
-        0xca9f795424f3e652L,0x33c6f50b4c7907ffL,0xc6985026d1598043L,
-        0x05041dcd7b3e68c9L,0x16ce3f929c508fc0L,0x0000000000000012L } },
-    /* 43 << 308 */
-    { { 0x662b4d35c3726445L,0x5720f5305038de2fL,0x19da86837f89ec6bL,
-        0x73da9d38c6ee50d1L,0xd29069f62da75c84L,0x946fa6989562b2a0L,
-        0x39659a1c99802cc5L,0xeba11d668e39c13dL,0x000000000000013bL },
-      { 0xe30e9161797cf75fL,0x77a27dc6dd246755L,0x4681dd15f948fc78L,
-        0xce663c6999c0ffb3L,0x4b7a85cb661acc30L,0xa9a796cce444094dL,
-        0x36c43bcb6c9f5061L,0x2545040379695bfeL,0x00000000000001edL } },
-    /* 44 << 308 */
-    { { 0xba81ed506a19d751L,0xd7d6c9a08ede7c16L,0x20a58314e4efb6faL,
-        0x6cf44b6f17466134L,0xfabeff5243e52adfL,0x8bdd16b1c5f6f126L,
-        0x4a30ac449514d967L,0x1b589fbac46ab077L,0x0000000000000180L },
-      { 0x77cbae8d7a9f8a8eL,0x09f14f7997385badL,0x8136efa828b2c50eL,
-        0x9d13c7d39d3f91e1L,0xbfa47812231393c4L,0xd5e2e14001104469L,
-        0xd3e4a6876112a9bbL,0x3bb8410cfced65caL,0x00000000000000b2L } },
-    /* 45 << 308 */
-    { { 0x495b282a648a530eL,0xd97f888bbf1bfeddL,0xb8d68e2a724ef32eL,
-        0xdcb78c0f092d41ebL,0x225506b0d83cb14aL,0x9697dda14cd71449L,
-        0xbb1813e322d21a2bL,0x7e0e1f41ed79869fL,0x00000000000001baL },
-      { 0x8da6a9cc02b9ce33L,0xd4e48938353fb0c1L,0x4071ef95164b3e77L,
-        0xe00f67a4c29fdca6L,0x24ac0818d8687a9aL,0x3f2bbfa3f2c95e4aL,
-        0x3732ed47b24c03f2L,0x287b67fdaa853fa7L,0x0000000000000012L } },
-    /* 46 << 308 */
-    { { 0x71f8ab3171e1d201L,0x66af84451112f38eL,0xadf03cc091779ef2L,
-        0xde8028abfd0ab5dfL,0x4fa210fea692662cL,0x145649061d83000fL,
-        0x925492c383e1d5e3L,0x980ad314f0d5fb5bL,0x000000000000012fL },
-      { 0x8d0164410565708eL,0xd4ee65af3b1c93d2L,0xf2759e7872ea4b77L,
-        0xee155661b4384101L,0x354a5e0f85775c4dL,0x0d8ef755c8163ffaL,
-        0x9ea27178c24bbdd4L,0x9b53bbce1a2571bcL,0x000000000000018cL } },
-    /* 47 << 308 */
-    { { 0x30766fec7f664c94L,0x7409db5ad21d54f0L,0xd49b56fe5dcd8399L,
-        0xc78b523220b37488L,0xb2b34e987db34742L,0x453f193cc27ee29fL,
-        0x819f1a9ce7ae5b8bL,0x3da6aced7c36808bL,0x000000000000009aL },
-      { 0x6cfd9af22dd54b89L,0x774fa5ee9ff83338L,0xe4d38d08b9373ef9L,
-        0xb7e1f43fe23f834bL,0x1333a5c20add6baeL,0x4fbffd23faa1e20fL,
-        0xce555c822816888cL,0x34303fb8dd0eff4aL,0x0000000000000034L } },
-    /* 48 << 308 */
-    { { 0x52a60da401ecea43L,0x00e1ab1441bf6835L,0x785545cadd97b88aL,
-        0xe2bc1326d2f2894eL,0x3c730457e398bf19L,0xa4c297531bdd3170L,
-        0x7f01a08492ec7e73L,0x54d483b824bb9d11L,0x000000000000005aL },
-      { 0xedc13dd6beea4dd5L,0xbcecc285125ec53aL,0x8b7de1ba5bcd72ccL,
-        0x1853dbccddbbc9b6L,0x799b97b28f47fc1eL,0xc01253b8176cce73L,
-        0xab6c5fdd5430bf2eL,0xf9250653cf5b31e6L,0x0000000000000042L } },
-    /* 49 << 308 */
-    { { 0xbad1e3b4b1814e8bL,0xdc80df020017a14bL,0x92e7c7f5d0caa98aL,
-        0xd0fedadf154a72acL,0x83700909e5406a31L,0x009b49af34a6a9f1L,
-        0x49747a7f5e86330aL,0xa14c39aabd0ef998L,0x00000000000000aaL },
-      { 0x26eebaee360a5e0eL,0xfbf14808edfa126aL,0xe4d1dac6b7d01479L,
-        0xf04493dbd8063451L,0x8429cb9e48a0421dL,0xfa1a9ed2c7323dfeL,
-        0x1efcb833ed9d72e8L,0x3e8726103cf78a46L,0x000000000000010dL } },
-    /* 50 << 308 */
-    { { 0xc38371374a0bde6dL,0x675b967c2d8556a0L,0x6eaf1e86aae51478L,
-        0x36675d0c822be9c8L,0xcbcbfe0f90625398L,0xcc96e4dff88a4d3bL,
-        0xeaec101cdedaee78L,0xd87f4dc26c6fba50L,0x0000000000000071L },
-      { 0x2cffa71ef76c62cbL,0xe7adbdb562fc75eeL,0x991645e69f96589dL,
-        0xb838a48a46b866b7L,0xf77a287f7526217bL,0x255a2868320f6b81L,
-        0x59f9a54802fd4fb6L,0x3883508a2441ca7cL,0x0000000000000049L } },
-    /* 51 << 308 */
-    { { 0x6b348fd624b337a6L,0xa4e8dd141026a300L,0xae405b249069dc46L,
-        0xeb322a385cd34d1cL,0xacffdda0bfddc93eL,0x2d3ead70a2004269L,
-        0xca6ef046c923eea6L,0x95ec33c04d1c30e0L,0x00000000000000f6L },
-      { 0x8a4391ac74ff127cL,0xed6f4c5ff3de50bfL,0xd956fad840e42f57L,
-        0x078b1fbfab13da63L,0x53b8c6760f03b200L,0x7620a901916e1116L,
-        0x60ba8e8d5d005bccL,0x5aeb871b8c06ea49L,0x00000000000001bdL } },
-    /* 52 << 308 */
-    { { 0x3a62717c0ffd6985L,0x1fd32f21733d9f3cL,0x011dbe5d8147aa6bL,
-        0xcd9908fee54d912aL,0x3a816c571d8a478dL,0x2c3b8621546c8c6aL,
-        0xeed9efbfe7163461L,0x486c1588b1748edaL,0x000000000000014fL },
-      { 0xc74f435a42f32ff9L,0xcbb8a284762199ccL,0x21786a042b632b1aL,
-        0x4f00521e9c0f441eL,0x9731b233a4693246L,0x61903ec24f45b460L,
-        0x90d06bda1812873fL,0x233ebe9ac7dd899aL,0x0000000000000189L } },
-    /* 53 << 308 */
-    { { 0xd0cc6ac7d1604578L,0x8f7c03bd9a7cf248L,0xc3737964837f507aL,
-        0xd2cc12f3eb1aec18L,0x08827d5b1130097fL,0x1345bcab91f0bea0L,
-        0xad565af5255b4d20L,0xcefc35609f26fdcbL,0x0000000000000105L },
-      { 0x8242ac7a2f183ca4L,0xa6018cc3f9824ea7L,0x6efb40a2aafae2dbL,
-        0x34ac62097610e9fdL,0x86ec4e010120c604L,0xa63ab91f18999b56L,
-        0xf56dd81f2c39681aL,0x5e77017c8a7397f3L,0x0000000000000048L } },
-    /* 54 << 308 */
-    { { 0xcee29d979fd8ac86L,0x100ebc46736e18ebL,0x772b082c315677bdL,
-        0x9c1db95fb0a2e064L,0x396ce154ab199211L,0x1e30a3a2c6daa93aL,
-        0x9a7ac319f96900f6L,0xf1e451de804c81cdL,0x00000000000000f7L },
-      { 0xb332554cc5dcb3e8L,0x7417b3062c2bb6ebL,0x049d887506fac3fbL,
-        0x534ef151175afdd7L,0xf342d62e3a58683aL,0xe583a4bfe09ea4c3L,
-        0x5cf0b6caaf2483c0L,0x8faecd4f589f4692L,0x0000000000000189L } },
-    /* 55 << 308 */
-    { { 0xb73d4ba8c609a9acL,0xa3ae20b5e8cd2948L,0x6c9f7f2cf5ba63ceL,
-        0xba195b445d88340eL,0xee88c9c07e1cee38L,0x7ba10f56fcfa1694L,
-        0x4834f9cb439198d5L,0xa4fa944dd69d83fbL,0x0000000000000045L },
-      { 0x9488f1e0aee1243cL,0xf3931d8f731dc6a0L,0x6ea82c88b9a9311dL,
-        0xcae86a35158843d9L,0x7d8f6b9789e3d41fL,0xe45413a917a8638aL,
-        0x54fc84f72fde14adL,0x4889b4d4045c542dL,0x0000000000000137L } },
-    /* 56 << 308 */
-    { { 0x3b6ae375df5713a1L,0x507539c8eeb08615L,0xeea363fd79f23ed8L,
-        0xd35de9c05a24a3a6L,0xd655632794c5e698L,0x43cfb402eea346eaL,
-        0xf7f0d1e1bebe4d32L,0x3b36bd8c70a22463L,0x00000000000000b0L },
-      { 0x78777cd9c845e984L,0xcb446e18a31e5dcbL,0xb4851ea3dabefc01L,
-        0x18d2a234ef97b76dL,0x50a85010d5a74049L,0x14b78201acb00ffaL,
-        0x0a8fc98c4cbb648cL,0x4be4551f9873fce5L,0x0000000000000124L } },
-    /* 57 << 308 */
-    { { 0xb363062aa7afddabL,0xd8268f1de5dd4407L,0x3ace2a091b790e64L,
-        0xa0c92d9c3555f9a9L,0x0f752fb5384658faL,0x6749e84e52980595L,
-        0x7084539ff40b0d0dL,0x9eb1046f552ed611L,0x0000000000000052L },
-      { 0x4d47f6856686c007L,0x44bbdeccedbb1abdL,0x114cafdc075d0809L,
-        0xf4f4eeea6a05c788L,0x75ddcddfd45dfcc3L,0x147b1787235c7924L,
-        0xd492c7aaf5a4ab5bL,0xaa4b32a02bac18a4L,0x0000000000000075L } },
-    /* 58 << 308 */
-    { { 0x084a6b6311d23a5cL,0xab5f9756b3a73439L,0x252f50e4cf1a7bceL,
-        0xa066a37e7a498ac8L,0x29206e9e8c559d33L,0xf9fe43ec8c602500L,
-        0x2bb76d93c7c77774L,0x68609df4f9689fabL,0x00000000000001fbL },
-      { 0xf6223435a31c6d6aL,0x016ccdb2eeabda79L,0x33ef208790e53bb3L,
-        0x942ea7869d04b29fL,0x86905d345ba2a37bL,0x613723c8ac546743L,
-        0xd5a462b093c3a659L,0xf133494680b4a914L,0x0000000000000095L } },
-    /* 59 << 308 */
-    { { 0x0e964bfae51c867dL,0x4f3f0bcc3ed4de99L,0x66c3bc1c46193003L,
-        0x5ea89fcea9802a49L,0x1e81c4b4399876daL,0xa68d345dbf61cf47L,
-        0x2a527a8bf4ac1373L,0xcde8a8a922975cf0L,0x00000000000000d9L },
-      { 0xaad318a1d012c097L,0xca78d31b9b8d36dbL,0x2448c6ace479884dL,
-        0x7c43e6d65bb93799L,0xd293de3aeeca6834L,0xaec6d7d535dd9091L,
-        0x34f04c3b3ed39ff8L,0xa79da00f1ce455afL,0x0000000000000174L } },
-    /* 60 << 308 */
-    { { 0xd9e135d4909e5d9bL,0x1ae0a17c2e0bc5d7L,0x1fbfefd075076db8L,
-        0xe071dc39a834aeb9L,0x1eeb9d2eb5d650b1L,0xaa20dfbb76cddd0bL,
-        0xc32c3efc3795fae8L,0x5adcde3c2a3650a9L,0x00000000000000edL },
-      { 0xdb923c659f719586L,0x8c1b9bd1f69546b2L,0x4823b2184ffcc633L,
-        0x841f3292451d0538L,0x52a64ca0ebeb45e8L,0x8a0b375b64d61c71L,
-        0x0425f6cee13c6ae6L,0x98cf4b4d00827285L,0x00000000000000a7L } },
-    /* 61 << 308 */
-    { { 0xdcf7204a502a5841L,0xe8803fd9b3c2389dL,0x98af342ac7587e46L,
-        0xf6d845cf1b1a333bL,0x1fbe34235acdf342L,0x8ad324448c6cef92L,
-        0x4a48cbc2ac8608baL,0x105bf24a88f4bfb2L,0x00000000000000cfL },
-      { 0xf5bd7fbb45d5cc83L,0xd251ae69b14bb0ceL,0x7f6c9961cda6e920L,
-        0x5548da95b0e20d2cL,0xb2d81a5eeeb3f6b4L,0xd3c1ac3f83ee7b22L,
-        0x1198f80d9dcdee2fL,0x0f1113270cca9beaL,0x0000000000000052L } },
-    /* 62 << 308 */
-    { { 0x681c9c9e5551d22dL,0xe1011410c24d40bbL,0x1a659728df00294fL,
-        0x1d4ac5e4045c6bd6L,0xb61e6eb0c71e0ac5L,0x0aa6738fbd4c522dL,
-        0x278bee73f286cbdcL,0x9a9ca40d64f560a3L,0x000000000000003cL },
-      { 0xd18807d339aa5452L,0xcc5b2a69613b3726L,0x230b5e89c8957cb8L,
-        0xd32a1ec3b346ab21L,0x8a21c20975cf8d12L,0xd5d16bd029962528L,
-        0xc6f8836703130361L,0x034d6f15925aef31L,0x000000000000011dL } },
-    /* 63 << 308 */
-    { { 0x42e9edc80584715eL,0xd218b0a4011faf8dL,0x055e4eb095fd2a15L,
-        0x68ea9b5ddccea016L,0x0180246ffe9af8f8L,0x38bd9a02b832006dL,
-        0x9af977eca3414177L,0x0746ad2fa173e5e0L,0x00000000000000ceL },
-      { 0xefef29e60b444e14L,0x4357b9377d74016bL,0xeb63316d6bec3801L,
-        0x25164848dbfc9d02L,0x00d845fccd52497eL,0x8c54d90c615fd91dL,
-        0x33ceba564ec93464L,0x7a9e51d9f6f85b80L,0x00000000000000cdL } },
-    /* 64 << 308 */
-    { { 0xc071157213cc2875L,0x422583136ec01830L,0x32cfef4101e95528L,
-        0xa8741ca0af8116b4L,0x3195f7f358f1fa26L,0xf2e969281144142bL,
-        0x5a9c331f6b179bf4L,0x45e363f236c6c42fL,0x0000000000000057L },
-      { 0xbe2e55f12c04c8aeL,0xa522f7d53af16430L,0xeae2b2c42904630cL,
-        0x58f5c76e8e151736L,0xdfa21ea65aee8e9eL,0x103b7ad681717f92L,
-        0xa89e274a9b4464eeL,0x316f580f2daa3259L,0x000000000000004eL } },
-    /* 0 << 315 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 315 */
-    { { 0xd1ce126eec3d1383L,0x0c7f980a4805b18eL,0x65945086fc1b1f4eL,
-        0xac1703ae092e0ca0L,0x834c77f98b5ee5c0L,0x3e722f576d19fbb5L,
-        0xae8a944af6770bd1L,0xe1d110502a7c7101L,0x00000000000000d7L },
-      { 0x62029fd2ca303000L,0x366c72c9acb52ecdL,0xcf89c1aacc8dd8a2L,
-        0x95c235bf5d1b984dL,0x3434d10dd1a80d52L,0x094d0a8f77e95addL,
-        0x03890027d1203660L,0x32faf27329791ab3L,0x0000000000000075L } },
-    /* 2 << 315 */
-    { { 0x18cadddda03efd8cL,0x9d59bb52aeb3a762L,0x571d86bed1fd3f91L,
-        0x81642aa1d2f26d6dL,0x7d1c3bc999877251L,0x0518eff8d7c2fd25L,
-        0x6a54f17037b6c641L,0x8ffedfc00d33a426L,0x00000000000000c8L },
-      { 0xacf67416bb54847bL,0xa293a8d7f2b54b28L,0x32f2b11a1f7f6b47L,
-        0xc11948bcc6d67a9dL,0xc8b86b1f47623783L,0x357326aa5c2362e6L,
-        0xc298be1b6cf79126L,0xf07b3ea784c5a79cL,0x000000000000006cL } },
-    /* 3 << 315 */
-    { { 0xe4cc8937c5cfe5e0L,0xb01db28fe534260dL,0x3311127e76c1f2f6L,
-        0x0f4f7cfcdd8e1644L,0xd788f9f85ae2b93fL,0xf64431f8007d4765L,
-        0xb3ad8af287159ff4L,0x8401e32600a7857fL,0x0000000000000016L },
-      { 0x49b5a301e78a8db5L,0x97b3fd44b4d74fcbL,0xf5e2754d19f77e5aL,
-        0x908fbc9c7bf17a6bL,0xfbe48b086980179fL,0xc33a8480cd28c69bL,
-        0xa74a2ebed11832dcL,0x572b5f3957d49627L,0x0000000000000115L } },
-    /* 4 << 315 */
-    { { 0x4379897720210875L,0x8e95ab32d58004c6L,0x33058f96c68a6aa7L,
-        0x2db1fdb8914082e8L,0x7841a48993e12423L,0x051a4e151f9d2ff5L,
-        0x618eeac54da88e65L,0xc52113cd512c1795L,0x00000000000001b5L },
-      { 0xb6dace96e93af674L,0x4ea1073bedb5c3f6L,0x4352509fa0b861d8L,
-        0x05451d6f7adb5cfbL,0x194e3acd9a3375d9L,0x6258a5ab33658d41L,
-        0x2bc60cb7f542a8d8L,0x68e50e5a74afe0cfL,0x0000000000000187L } },
-    /* 5 << 315 */
-    { { 0x8ab1a9337e8401d3L,0xdb8a437374dd345cL,0x8fc17b06dfc52ec6L,
-        0x53a4528c3a8cbd43L,0x791f0050ff746544L,0x97c15abf468923c8L,
-        0x4ba5521cd71e2cedL,0xe7ff5cc44367a0f4L,0x000000000000011dL },
-      { 0x2397c8b2ca828fa8L,0x2d18f0b05bbc8858L,0x8aaec79f7ccdcee6L,
-        0x058906aaef1284beL,0x2bfc7d36d3e0d3afL,0x497a175435bb97ffL,
-        0xb270ae8ea8383a01L,0x3a7f70b8db1e5515L,0x0000000000000083L } },
-    /* 6 << 315 */
-    { { 0x5ebbd7015a0c9415L,0x7bcef0e229572d13L,0x539a78133f5a169bL,
-        0x6f3a84a4bac0abfaL,0x822da09bea1d0b7aL,0x9b2d6a6c05c00dbfL,
-        0x134fe65dcd8c7e6eL,0xe4622a9f6301e4caL,0x00000000000001ffL },
-      { 0x5fbeb1f8073963ddL,0xcca648b0e595aad8L,0x5cc97e773d15c1d4L,
-        0xf2d7697062989b5eL,0xf321c0c78afe8351L,0xbf361aa293a60c7bL,
-        0xd9938c1174c2503aL,0xb05daaa5e409747aL,0x0000000000000008L } },
-    /* 7 << 315 */
-    { { 0xc6874a121147f509L,0x0882051c83b58e0dL,0x25553306823e9395L,
-        0xba5751a97954be0eL,0x86056e04f06cf7f0L,0xdb057ca02c10577bL,
-        0x8ec2f7fd400e24a9L,0x32356d2fbcf34c3cL,0x00000000000000cdL },
-      { 0x931835514bb690a0L,0x373451d622798da7L,0x2474aa366b8da44bL,
-        0x947d984cdaeba693L,0x3c3e3b2b21f6d6c8L,0x37b0234fecc78a44L,
-        0x4b49e661959f6b39L,0x29cafa8b37bb5b1eL,0x0000000000000097L } },
-    /* 8 << 315 */
-    { { 0xc43876449d2224b8L,0x80c92ac5563094e8L,0xef919bdbf6d0542eL,
-        0xc71a882d5c40a787L,0xdb3851be0880c1b1L,0x4f72ff0c287cae73L,
-        0x0a628f172bf3efe6L,0x29db69240150e4a7L,0x0000000000000175L },
-      { 0x7983f80acc367287L,0xfe2c8f3dc4633183L,0x41b0e222ae89f8c9L,
-        0x93fdd59beb58ac1eL,0x5ee164c797538725L,0xb8e3b75b7591fb4eL,
-        0xa2d0fa2e355a6a6cL,0x391a05540405f33aL,0x00000000000000e6L } },
-    /* 9 << 315 */
-    { { 0x1b0bf08bf55f34e4L,0x5fe51caa1de9b981L,0xc243b50297197570L,
-        0x2cadcc3d699ac777L,0x80b62305dd9c8010L,0x93a003d3113ad5e8L,
-        0xbb920d789e783dedL,0x2a2df2e8cdfc37d0L,0x000000000000010bL },
-      { 0x14e3757112860379L,0x99f12790521bc74cL,0xc05287f50407d2b6L,
-        0xeb6b8d61b3fd9150L,0xe41ab7595d637ad6L,0x8efa6e451fb70681L,
-        0xe371b32cf025b1ceL,0x5bf35241e85fa064L,0x00000000000001e9L } },
-    /* 10 << 315 */
-    { { 0xfde8d0ed0254d2d3L,0xdc6868c5f24357a8L,0x1806776f26106991L,
-        0xa3a1446d387d0f81L,0xeb83f7b319591fdcL,0x97678d46136e098cL,
-        0x89292ad342e7487fL,0x53b24c0ab3c12865L,0x00000000000000b3L },
-      { 0x06fc68f37a74e056L,0x10354bae9d0dd6d1L,0x713509d967092c45L,
-        0x5ddd0fba52c97523L,0x421e81604616eaf9L,0xacaf5cf0a795b907L,
-        0x1ca067c8beb5a28cL,0xe07cbbcdb79cea20L,0x0000000000000179L } },
-    /* 11 << 315 */
-    { { 0x59900b5c8b1b724eL,0x8dd0246c388c09c0L,0xbcf033ea7b567f8dL,
-        0xaeb6215272898dc3L,0x01d8cefa24f7cceeL,0xa34d4c312415a08bL,
-        0x60315ab2bee682c8L,0x28bd510f85ec5fc7L,0x000000000000000dL },
-      { 0xc031c759d505a0e7L,0x40d1a56cda783571L,0xc15647414ec503e1L,
-        0xbd02b9a6621e3c52L,0x618d1cbbeb48b235L,0xdf1bdb37880c3090L,
-        0x95d53d4b664302a0L,0xeaf9e9bde9acab6cL,0x00000000000001ebL } },
-    /* 12 << 315 */
-    { { 0xcc511efe456925a5L,0x4290a6e5f0a1b7e2L,0x1705dcce8756548bL,
-        0x4c139046b509c290L,0x9d0bb0844cd17379L,0x4643b4bade17e05eL,
-        0x12be04c35f7100f2L,0x3ce4459479197058L,0x0000000000000191L },
-      { 0x065c3e87f32703cdL,0x5ae023cc11390895L,0xd2a40ecac01552a3L,
-        0xfcd1382288ee5054L,0xf61ca6f773498d40L,0x2a4653be0dd5e19aL,
-        0xa56016eef88e9af1L,0xbd5c973aa73e0e21L,0x00000000000000f0L } },
-    /* 13 << 315 */
-    { { 0x4416d2e6c4cb8040L,0x004946f92aceef23L,0xfbeb8979a86b1ea6L,
-        0x878481c65fd3c659L,0x28f514fba8e572d3L,0x8b9e4bdd55d6f02dL,
-        0x3e76d73546867a07L,0xa1050be7517430a4L,0x00000000000000c8L },
-      { 0x6538fa01526ae111L,0xf277a4bb142b038bL,0x6be27430efe4dd66L,
-        0xd8ed5e9f8f8d8888L,0xca67196065dc30b6L,0x1a1ee5afc652d2a8L,
-        0xe1a803044b3fccbdL,0x0ec65bd04cbd0471L,0x0000000000000177L } },
-    /* 14 << 315 */
-    { { 0x72e348491df30301L,0x71ba20a6a7ae2709L,0x2ac2b9e7eac84515L,
-        0x7db23e2c684fdd3dL,0xb7ff18f9b1b07c3bL,0x296f805422f64d40L,
-        0xe7e74e51aca26121L,0x2382baeba4abf51aL,0x000000000000004fL },
-      { 0x076d34bba03677f6L,0x42bcc9c76484f153L,0x7b5fd617d74dd1bbL,
-        0x1ba3e99c797cf9d5L,0xa907800787403dc5L,0x98278850d6d1e062L,
-        0x456314ca6cc37a89L,0x3d3cff1b0a6daf4bL,0x0000000000000117L } },
-    /* 15 << 315 */
-    { { 0x1a19978f485193f0L,0xadb5a7bdde0df861L,0xbaaeb9a4f73b9dc8L,
-        0xc66335183779f809L,0x9b55d68f3edee638L,0xcb261cf96a5affdaL,
-        0xcb6a9ba2e39b793fL,0xa4ee0df08936019aL,0x00000000000000faL },
-      { 0xe482665d53161177L,0xe3b2fc496ea0bdb4L,0x783ca2b5dabcdfdbL,
-        0x9025498735a60e50L,0x6b9114ed0414d9ecL,0x2a9467665f239c27L,
-        0x4623c042397b3971L,0xe683e6e532995c63L,0x0000000000000001L } },
-    /* 16 << 315 */
-    { { 0x088b099e8cdfe07dL,0x5a641cf1b905708eL,0xc281af16a221b96aL,
-        0x8bfa8dc0f622f5bfL,0x432872735ecb0216L,0x13ea7e4d6dab8b7bL,
-        0xa478fb012212b506L,0xcb4be166a0c1a955L,0x00000000000001d3L },
-      { 0x38a2aa3dcf16c121L,0xcd70ea8a7f8eed07L,0x54532cd7e3a04c52L,
-        0x8939f904ba78e53cL,0xc0132c268b563a91L,0x6730a0fcc093e75aL,
-        0x1e6d961600fb49e3L,0x0af2a79f28587059L,0x0000000000000176L } },
-    /* 17 << 315 */
-    { { 0x866bec9ed63e2975L,0x8a29116c3e8d9c3cL,0x2b0d1b0436ea7fa8L,
-        0xbf75196cf80c5e0dL,0x94dd18d370a51d7eL,0xdd9d61b9ea3f979eL,
-        0x7ce80604db84f9c7L,0x4207dd17a593918aL,0x00000000000001b1L },
-      { 0x5ab49cbf0b981980L,0x336f5442a93b94b9L,0x6568223fc5e38c54L,
-        0xff80f21b3b2b4ef6L,0x6a77ff11c1e9ce9cL,0x07d4d0c02fca93e4L,
-        0x955d771d76e3c109L,0x2f22c54d0ae199b7L,0x00000000000000c4L } },
-    /* 18 << 315 */
-    { { 0xbd742bb58c8601dcL,0x0d577d51bbd68faaL,0xb1ba3c3398b6e280L,
-        0x1bfc6c723e8a148eL,0x59a16f766e41826eL,0x3ee5c3e7161094f5L,
-        0xa98675bc24c86f2eL,0xb94c47abe2761752L,0x00000000000000b9L },
-      { 0x1824673056dc8149L,0x846838c94ff82f9fL,0x23c95268450afb9aL,
-        0x40cc51aa14fb3828L,0x28d1619711f0d733L,0x0efcce77513057a2L,
-        0x9edb17beed0a7d9eL,0x4d6ed1fac7b17549L,0x00000000000000d8L } },
-    /* 19 << 315 */
-    { { 0xbaca7240c82b5aa4L,0x61e27f19ef5855f9L,0xb4c9237aea0e986fL,
-        0xd090d6a554db69bdL,0x6b4fb63fccceaed7L,0x0cc89909fabad461L,
-        0x9f7676cf0b9709e1L,0xbe92aa69fdda8413L,0x000000000000018fL },
-      { 0xd99cc5a0410aa767L,0x39b6f4a87e75f2d8L,0x1980d6925eec5fa5L,
-        0x9b314dc3b8846f32L,0x9714e192286dd13bL,0x94cccd2c467b8524L,
-        0xd7b3d49005fba305L,0x75b7f38f7a5ff3c4L,0x0000000000000096L } },
-    /* 20 << 315 */
-    { { 0x15396e6b8c4141d3L,0x3ec8a34ef7755d55L,0xa9bddf95f39fb433L,
-        0x79e71beaed69b7d6L,0x51c722cb9d0122deL,0x8de4cb47e0e7b60cL,
-        0x726ba86dcbb17e78L,0x2815c3bf5c037641L,0x0000000000000032L },
-      { 0x3366bd3547050a39L,0xcf665be239de8ff8L,0x0b1b2dc88b657ce8L,
-        0xac1e0b80db61f750L,0x09f5eeb8971e2a24L,0x92850350ee755facL,
-        0x3ea8358d3e97465dL,0x755b7ed954cb917eL,0x0000000000000188L } },
-    /* 21 << 315 */
-    { { 0x374097fdd5c529c4L,0xeae8aeaf14e14b24L,0x6246c5fa5449b2cfL,
-        0x99c13884f8dc4b4bL,0x2e72eaedec7b3eeeL,0x877887a6f9f0d5f4L,
-        0x4f97725fc0e5a19eL,0xbd7971fe9bc83533L,0x00000000000001a0L },
-      { 0x79302079c035fa1bL,0xfa3e954f075d1cbeL,0xb59fda4254310460L,
-        0x35004b05cb8dc827L,0xfa4227dd598766a4L,0xd6610ed7257db68bL,
-        0x91f34e57df3d7a8aL,0xbc586bd69c420862L,0x00000000000001ceL } },
-    /* 22 << 315 */
-    { { 0x930cad152d7a2680L,0x6d7a0454c719cf5bL,0x7478744ebbb88406L,
-        0x2598c4885883c3c3L,0x466925014f5fab3aL,0xc803c49ddd8a471eL,
-        0x10cfa5b5831d5062L,0x2bce8e3c8cd03021L,0x000000000000004dL },
-      { 0x8a75f6cd09a2cca3L,0x44598d59b03cff30L,0xf49eefdc9b9d4ac1L,
-        0x6d759aea116a7518L,0x0f330edc02b18830L,0x52612307c41fc942L,
-        0xea4652fb41b5e855L,0x5dce0d5c3ad0f9a9L,0x0000000000000018L } },
-    /* 23 << 315 */
-    { { 0x685e156c633e8718L,0x664dbda487a0c479L,0xbd5bd2516b3e4747L,
-        0x873fb05ad9204996L,0xe1c1b3745b9ca959L,0xaee1fe5ab48568b8L,
-        0x2b8a77560ccc64aaL,0xe0fffa144a842525L,0x000000000000001dL },
-      { 0x81ab0b04d7864a53L,0xd2ded9626dce74dcL,0x20f4f42ae6ee03b4L,
-        0x216939d9b133502cL,0x1c164e2ae583d735L,0x558bb0247a01a682L,
-        0x68e8d4b88ff470e4L,0x1b500f437a69dc9aL,0x000000000000000aL } },
-    /* 24 << 315 */
-    { { 0x87cd5f5b43522030L,0x9b95d7cca97925f2L,0xa97d2673c4f3d98dL,
-        0xb760715ae3a33b1bL,0x6848b7f36f47818fL,0x19d3d312f4b35002L,
-        0x94faf039b3f57798L,0x62a72bfeb76ae400L,0x0000000000000100L },
-      { 0xdbbbafdc31877679L,0xa68c50a2945b79f0L,0xd5b6b7c1a457a77eL,
-        0x1d5249e0e8ea38c6L,0xef61b6ab33b52300L,0x864aca06e3d8c9a1L,
-        0x852087916060f8d6L,0x1827cac1e1dd6babL,0x00000000000000ecL } },
-    /* 25 << 315 */
-    { { 0x417c93d92a097cc4L,0xe2006ea23311b1c5L,0x6265dae786c3a4d3L,
-        0x22777fa2fd61a771L,0x21c8566ee52726a1L,0x5544b0ba525cbc66L,
-        0x0227192516a552ddL,0x26f159fe26ee27ebL,0x00000000000000a9L },
-      { 0xa03998cbaecc32f4L,0x3836f5f386372aa8L,0x0d708a1f5fb988bbL,
-        0x8d865eebac677bf6L,0x9386ec40244e47bcL,0xf38e252310e055dcL,
-        0x938b35a76ac7bd8bL,0x79cc344948973178L,0x00000000000001a7L } },
-    /* 26 << 315 */
-    { { 0xf8f4c244d0a59fe9L,0x0b34084b76402697L,0xe4240b863e032519L,
-        0x7cf7b7aac2065720L,0x798134d64cb1ffe5L,0x78e358f275f60549L,
-        0x4557430370582d54L,0x452570d4828dfbfaL,0x000000000000009eL },
-      { 0x1b0bcbc468d79237L,0x8bcb0d804f5a6a6cL,0xd108b4f099609cfaL,
-        0xe08db1ff71be7d63L,0x7ad777da27bd2d03L,0xce7fae775749c830L,
-        0x1ad692f7c4565777L,0x93798a2aff8b8327L,0x0000000000000010L } },
-    /* 27 << 315 */
-    { { 0xa44bd43b7d176e2eL,0x73017a4eae0c21d1L,0x6f98fe80c170cbb6L,
-        0xab5799b293df22fbL,0x765f4dcaa85dd542L,0x854eddbc619b4adcL,
-        0xe1dc52446cf558e6L,0xc0a4f996e45f4052L,0x0000000000000150L },
-      { 0xc1e0e94ea8a05aa1L,0xaf1abf91f3f24aedL,0x58c0603ec4d3ce6eL,
-        0x9c496e91dc76c75aL,0xe6049fc196d9aa52L,0xd7862b4a2ed5b8c4L,
-        0x41ceb99338f87e08L,0xe769c78f3c16ca50L,0x0000000000000000L } },
-    /* 28 << 315 */
-    { { 0xc50efa15dacda34cL,0x159e94dbb6e96210L,0x94b10231bd9319beL,
-        0xa5914f55e2a461f6L,0xb75fb2ab47bb66c7L,0x4ffcfa6756b6e4cbL,
-        0x559918efc40a2512L,0xad434761b66c07d4L,0x00000000000001e4L },
-      { 0x9885be1bebae3f4fL,0xbd84a8ee4302a9a7L,0xbea75f26c373e684L,
-        0x0da8fdf6472f2c17L,0x381a92bbb5dffe57L,0xc69646bad24160cdL,
-        0x0577b8792ecad05bL,0xc59496c27fb62711L,0x0000000000000068L } },
-    /* 29 << 315 */
-    { { 0xab4afde7ff46e9d5L,0x33e45d21d2516ec8L,0x5561315ae08354cdL,
-        0xde6e1582510407f3L,0xad202e0aad3ef0cdL,0x03c92749fc289a62L,
-        0xc5022bb7bd3bf154L,0x3b2112f0358497bfL,0x0000000000000085L },
-      { 0xd97a76c60e367447L,0xdd1c70ee13a73f92L,0xef80383807320e00L,
-        0x92fa2d854bd797b8L,0xaaeec02b5287a9ccL,0x8dc7d907101f13d4L,
-        0xffebb4d5f8c6b255L,0x76ea86c8a78c99b6L,0x000000000000007eL } },
-    /* 30 << 315 */
-    { { 0x04cc8a0b9c2de291L,0xbde190d41b774116L,0x76fd915e0cef5563L,
-        0x08980204a3ad15abL,0x8532bff00047227eL,0x93713303df68231cL,
-        0xa4d4b863b1b0de98L,0x67686192e0cad308L,0x000000000000007dL },
-      { 0x6748cd2672cf3e2fL,0xa342c5d7eb321523L,0x0466141c5021d422L,
-        0x116bf2246a70d2d8L,0x7129a3a4ce05f6fcL,0x86600259d9185da8L,
-        0x8a6db564dd965c37L,0xb073f80c79e8f792L,0x0000000000000049L } },
-    /* 31 << 315 */
-    { { 0x00da97d33d831a04L,0xd929cf2a1eac836aL,0xf7d5c4c77c7c118eL,
-        0xde71253e1c4c51ceL,0x6d2474376ec3e2e0L,0x9b912b7bf31fa3abL,
-        0x10f538043da99cb1L,0xfcf8a99c2a16e669L,0x0000000000000098L },
-      { 0xa70d9571d49b2fc3L,0x081849f4834cd35bL,0xf1e28cf98756bb05L,
-        0x2fa729aa5568d3a9L,0xbb5d124899bba4c8L,0xcd742b7c3ee032a3L,
-        0x693342cbd87a7668L,0x9bb74be7bfcfe6a8L,0x0000000000000176L } },
-    /* 32 << 315 */
-    { { 0x5f47ddb9ab9923d7L,0x839865d48e3fac52L,0x0214e93f647424b0L,
-        0x266c909c31d65c6bL,0x956deca451457facL,0x8e8d240ea85ce8a5L,
-        0x736652c4a4d9b281L,0x131a4191b77a526dL,0x000000000000008aL },
-      { 0xa848319532d8542eL,0x1f7a8e67c3f38387L,0x162ac248d6797f2eL,
-        0xd26469e10a6a1118L,0xb33aff1ff203102dL,0x63a52154aadf0ae9L,
-        0xf0431dbb4bb313a7L,0xf93c18fbca9da156L,0x000000000000015cL } },
-    /* 33 << 315 */
-    { { 0x39974a2672134c85L,0xd7aa0a9d4c7e0f6eL,0x1b9edbab3443bd65L,
-        0x6cd2d98bdccd2e50L,0x632879884b109d43L,0x44825b34d397a0feL,
-        0xd53353c27118c8b5L,0x268cd6d6c01b82dfL,0x00000000000000f2L },
-      { 0x8c5babff457c84bdL,0x117faa3055b81ff0L,0xc124c04661bbd4edL,
-        0xe136b9a5a787f1f3L,0xa06373d1bdafa50eL,0xea1b6c0844a7284aL,
-        0x9330d2feb1a5b08aL,0x25aa027d162f9e9cL,0x0000000000000182L } },
-    /* 34 << 315 */
-    { { 0x568ec079d87b35feL,0xa08deac6958c3388L,0x715279434034a877L,
-        0x0859576ef2fef769L,0x60bd705595201257L,0x9f19d411dd68e3c4L,
-        0x595fb01498308e14L,0xa2a84c0d4fa07f02L,0x000000000000000aL },
-      { 0xdf1e5d32e69aea45L,0x9557a618318f191fL,0xd4f95c503b1c6341L,
-        0xaaef0d9e6ae9e855L,0xea3847180c9cb2d8L,0x13e92ab81a52a30cL,
-        0x1651ed2863bb271bL,0xd97ff1ee98a52306L,0x00000000000001d5L } },
-    /* 35 << 315 */
-    { { 0xfe80b99efbbf1e27L,0xfb7b5ee11955b0c0L,0x4f3a5833e1708fefL,
-        0xf5a2e09a55e25e94L,0x9c6d38ed81d8c307L,0xe55d8fbc85262c42L,
-        0xd65f395c2d4726eeL,0xdc540d4333cd1d74L,0x0000000000000149L },
-      { 0xc010dccfd74a298eL,0x9e7056864a666f1cL,0xe0cfe3db254c3b4fL,
-        0xb979124ff7b07fe9L,0x649ceddfb1b99c8aL,0x400cca2d83df18a7L,
-        0xb0572105b99596b6L,0x30719cbf1edf710fL,0x0000000000000087L } },
-    /* 36 << 315 */
-    { { 0xa19953973af2d340L,0xfeb7bfb1d4141779L,0x64f0f9677a4bd845L,
-        0x55dfb0868b2b75ddL,0x3b71a0508bbb38e1L,0xaf038a2aeba716a2L,
-        0xc49b38c6a91319eeL,0x71f1e3cea8535e9eL,0x0000000000000105L },
-      { 0x3f07f7e964c26f33L,0x953a5abb347b8f7bL,0x5104f896c06b5c17L,
-        0x8a2e1b533c3e52c6L,0x2127f321ffba4ee1L,0xaf288b9499e502b0L,
-        0x04fde09b29407d69L,0x29d8e20c86bf0d35L,0x00000000000001d6L } },
-    /* 37 << 315 */
-    { { 0x1aee0faf9fbec97eL,0x7d82f31e42ad7101L,0xc9f00d2750e8458eL,
-        0x5c099fbe6b18313aL,0x96a679ef65d81613L,0x4fff394b8db6638eL,
-        0x53a97eea9248e6a3L,0x707785311729be5eL,0x000000000000018bL },
-      { 0xb8c6dd9e948f04aeL,0x4eb6c7f94a39815fL,0x1501c0bd1b7294deL,
-        0x33ed433f9a242a2fL,0x3d50c608994d9f32L,0x324ac45bfda6fbddL,
-        0x7d8a03ef6736a16dL,0x631d6c60ef0faacaL,0x0000000000000008L } },
-    /* 38 << 315 */
-    { { 0x01fe1042e436d76aL,0x2b65db559d05ddffL,0x48d26665932d9e5cL,
-        0x01c106ce8a761836L,0xbd83cdb30e8c1caaL,0x9a02dca8ac1b3140L,
-        0x6c27ef627d158450L,0x927980c2bedbbed5L,0x0000000000000123L },
-      { 0x965261732483b8e3L,0x5665a308b841e686L,0xc8dd3428f4a890ffL,
-        0x824c2b9522ade66bL,0xcf13a52fedb93640L,0x2af59ea913125d21L,
-        0x975485e0deb818fcL,0x1c34566416212cb9L,0x0000000000000074L } },
-    /* 39 << 315 */
-    { { 0xb327a7bf9b17c8deL,0xa8ec6459cea7bcb7L,0xd6939689168426e7L,
-        0x370eb9046450b774L,0x1f06ba383d71defcL,0xe185afa6aa16d5feL,
-        0x3814a269b3148755L,0xcf44b1bd8bb9de20L,0x0000000000000005L },
-      { 0xcbb2da404b8ed855L,0x32b8240ebf15a195L,0xf0cccd5a739cc9d6L,
-        0x2b6147c4d907536bL,0xada9b9b4b3b57e0dL,0x75abb8dff4093307L,
-        0xc503586c3ecd482fL,0x60a0b02fcd1d3312L,0x000000000000012bL } },
-    /* 40 << 315 */
-    { { 0x20527cec16bbc6f0L,0x1af2887295b9b3caL,0xea34ee171e96e75fL,
-        0xa45bba37e4b8a04aL,0x41f417225f3036dfL,0x4b86d3e223157bf7L,
-        0x1e67259e1a02706eL,0x8c1a3d9994a77d8dL,0x00000000000001e4L },
-      { 0x8c9fd4c4e3ae391cL,0x69e1f95801a97eccL,0x5e0c660b4f7bcd62L,
-        0xf3952575a21f57d6L,0x6b7d050c79bf361dL,0xf7a8893ffc95fe58L,
-        0xe28efa2075d0c333L,0x7b561de2ce39269eL,0x0000000000000042L } },
-    /* 41 << 315 */
-    { { 0x479800978563f771L,0x3410f8763c5662deL,0x5bc9cdab15e8afdfL,
-        0xd53088caea947c39L,0x9443dc753bdd8982L,0x71da1712be12e18fL,
-        0xdea9106b816abd0aL,0xc7145d12fe4cbce7L,0x000000000000018cL },
-      { 0x9be617aca5361866L,0x540a22e459fd2228L,0xf93e692ee3292da4L,
-        0x9f730056c797fbcfL,0x0f5b37dc080fb9dfL,0xee979d41dfd5be21L,
-        0x2fe9bbd377da5594L,0x7392b500940c7fabL,0x00000000000001d2L } },
-    /* 42 << 315 */
-    { { 0x534669b6bfd08da9L,0x0131ce0bad7f4feeL,0x3d07710449c9f551L,
-        0xa0519089124d6d6dL,0x9df5e6650e3c525cL,0x03e0caa51b0855c0L,
-        0x70f2d1aeaed8b293L,0x5258a199d9adab56L,0x00000000000001ebL },
-      { 0xab747165401dd32bL,0x5048cc1cab988597L,0x1080390a14dc9ff5L,
-        0x71808335ec187b93L,0x894a24ab1a1eac91L,0x97f922c61c234f84L,
-        0x245d34ae36d5595eL,0x8a43c41f6aaa4b14L,0x00000000000000a3L } },
-    /* 43 << 315 */
-    { { 0x295a4c6365d5cfa5L,0x5a8a43db51adce61L,0x25de9d5fed6aa752L,
-        0x934b8f517f9df62cL,0x6534c400235bebd6L,0xcaefa633d24cff48L,
-        0x4c55585a8562870cL,0x0a5d10180ddeb2e1L,0x0000000000000031L },
-      { 0x58d16026be4d501fL,0x38874de4d04fcc16L,0x4b795f00352da735L,
-        0x9e97091eac8c0b50L,0x91b153a99ebf81f6L,0xacf58b7ba5ec6a01L,
-        0x22374c638e177fb9L,0x62b7622c28edeed0L,0x0000000000000183L } },
-    /* 44 << 315 */
-    { { 0xc24d78dd440656c9L,0xca4fb99cb3819092L,0x88caaa9847f6ea2eL,
-        0x3ad7dcd37bf55007L,0x2a94011d87af1062L,0x176b3e376efcf26aL,
-        0x907e6108c362be62L,0xf00a10062b7c25a0L,0x00000000000001d0L },
-      { 0x435481d3adb9d45cL,0xbba44b115b840331L,0xc7c2869d4c4de57bL,
-        0x8cdffae2d43dab64L,0x1aa7c5f0c28d2e22L,0xb3f11b4bcab6c7aaL,
-        0xa0153a91cb4e8df7L,0xddf80a114ca337bfL,0x00000000000000ecL } },
-    /* 45 << 315 */
-    { { 0x6dae6ce65d4bac9bL,0x7e0cef116b6b0289L,0x45c7d3063e081f88L,
-        0xaba7cab9700ca222L,0xe8d94fef1fabd270L,0x0e76aac6f6b272a5L,
-        0xfe456c4b4ca8b682L,0xd021e03d4d6a93ccL,0x00000000000001f6L },
-      { 0x08355e745d39f92dL,0x6c1360477eb5dcfdL,0x90169cd5975ce76dL,
-        0xd01445f219764b90L,0xd67c0cb3d06031acL,0x9d522c431c5f97b0L,
-        0x5fde48bb040b9a24L,0x718a636325d29470L,0x00000000000000e4L } },
-    /* 46 << 315 */
-    { { 0xfd7f44ed23a3af11L,0x6333bd403ae53e07L,0xf1d2c8efe459a255L,
-        0xa0c37f9d8799c62dL,0x37ef089911e1d53fL,0xef656bda08fca1f8L,
-        0x0af3992870158e0dL,0xab14f9d1328c88d9L,0x00000000000001b5L },
-      { 0x51b410993d600c77L,0x343fc57816ffb129L,0x248ecbda469c89baL,
-        0x2c28ff288dc1b85eL,0x767141bf62952b72L,0xbcc3e57bafdcd8a2L,
-        0x80051675cc86283cL,0xa19961c6af99a56fL,0x0000000000000182L } },
-    /* 47 << 315 */
-    { { 0x0e5ec8bfc833c8d2L,0x17a323039aeb80ddL,0x0c8054818f413e42L,
-        0x53199f904fd9773aL,0xc6aa9d94e4fdce86L,0xe86019a45ea3d808L,
-        0xb2b25ecebe5d522cL,0xe50d1357b9dc03e5L,0x000000000000005bL },
-      { 0x18d688efd7d8655eL,0x9f297b45587aa095L,0xeb6488495ed1bfd1L,
-        0x2d62357eb283a41fL,0xd95a7a38244d4363L,0x3e01047c58e32ec7L,
-        0x4919ac6899283274L,0x84094ea76a033583L,0x00000000000000b1L } },
-    /* 48 << 315 */
-    { { 0xe54c6f706e842fc6L,0x19bf910e6f75efa8L,0xcc5b5fbd630e0ea6L,
-        0xf157ce88092d7e53L,0x1022928d11cf8dc2L,0x8f6b3753d03e642dL,
-        0x1cffc03b083e6d0bL,0x265c111b7e943f5fL,0x0000000000000025L },
-      { 0xc6cfd943368cce07L,0x1a14c3f74cc79e09L,0x38d2c6d092562102L,
-        0x98b25e33a91a0815L,0x0ac5666f3d7c75edL,0x1d89b14a9aa46d95L,
-        0x8c53e6ca3e1d0cacL,0x7e07bbd31325bf89L,0x000000000000011cL } },
-    /* 49 << 315 */
-    { { 0x0df1c4977dc11a7cL,0x223a1262b01cb5eaL,0x25dd803c0810c4dbL,
-        0xcb11f08785e41656L,0x73ec3e8b2f1dae29L,0xe50ec09af3bb0e96L,
-        0xbeb6b3fc3fc029fbL,0xdbcd195de9278518L,0x0000000000000144L },
-      { 0x1e51439cff7c554bL,0x7dd293ce2201bf38L,0x6521c8b6a1239dd1L,
-        0xd2200070b51cd909L,0x727d874744dfb20bL,0x57b82eaaca155e14L,
-        0x10761f46b6a7c6beL,0xe2b999e41d4536c9L,0x000000000000005bL } },
-    /* 50 << 315 */
-    { { 0x22af766ca4d900afL,0xf9a8bad8a91576d6L,0x532fb69eaad75d1bL,
-        0xc11ff92d39a81213L,0x51e63b1dc464eab1L,0x651b3246a2f8057dL,
-        0xeb84666f3dbcbf15L,0x98ac1e1baac37a68L,0x00000000000001e5L },
-      { 0x3083c4843eddc711L,0x0bc703f86ed884e3L,0xd1e76ede3d5e550fL,
-        0x4c24d2caa561ba09L,0xb7c212f9f8192b2bL,0xc683270c6e012870L,
-        0x1a5fe85a82b37cb0L,0x91289562a1818811L,0x0000000000000156L } },
-    /* 51 << 315 */
-    { { 0xe48906e35f228d80L,0x6216e75f94bedc7cL,0x9707ebd62f8e26a0L,
-        0xaa3958ca1a673e7fL,0x01ac80f2df41fe97L,0xb23738e01bf96493L,
-        0xe7684540e0b97882L,0x770056549fe02c76L,0x0000000000000151L },
-      { 0x910af00f89327a45L,0xd534a172f8205cadL,0x959d2b243776c9b4L,
-        0x3ac5f308cbb27ef7L,0x51ba3c3d49b5ab33L,0xe0177e6705861588L,
-        0x3fd40125c93b0f10L,0x29f0bcbb828131d6L,0x00000000000000adL } },
-    /* 52 << 315 */
-    { { 0x6bae11c47053fb58L,0xfed4afb1535c8c5cL,0x620bebb4fb6dca6aL,
-        0x5759da42ed7f3e91L,0xb537fcf726663077L,0x2829ffe0fbf0d31eL,
-        0x93666d29f290f144L,0x4de9a65e5826718dL,0x0000000000000146L },
-      { 0xbeff2ca3b96fd449L,0xeb3c9ddfbd865ac0L,0xd6c2bd3d851f94ceL,
-        0xaa428d52f9f0af14L,0x5a1106774f5cc20cL,0x3e976fa8ae1e9de4L,
-        0x82d0634b6dc9a17eL,0x4d4a7bd7afa5e744L,0x0000000000000171L } },
-    /* 53 << 315 */
-    { { 0xa3e8d517e8867df3L,0x59597f2323e2a3cfL,0xa5bcfb3e413462bdL,
-        0x69942cb7f1f38aa8L,0x8cb693756d9a2565L,0x4e5914dde3fa45a6L,
-        0x45ea2ce7124a4896L,0x0c9700171f1299f3L,0x0000000000000000L },
-      { 0xd543d0a6ef855750L,0x04dd229ce72dddf0L,0x2c72b7c73ffe71adL,
-        0x726f5c442305ab6fL,0x64438793d6704991L,0xc5a4c2667ff42b14L,
-        0x76ddf391b3086b51L,0xe5b30282588400b6L,0x00000000000000d8L } },
-    /* 54 << 315 */
-    { { 0xe5142d28595b12d0L,0x55e40067a14fe68fL,0x2b84189dd93da1feL,
-        0xa65531bbbe6833dbL,0x7b7eea747c7d7e8eL,0x41c72bc07215eb28L,
-        0x0a90cf0ce2d3c42bL,0xc3232468acb45de7L,0x000000000000007bL },
-      { 0xf045e44eba15d9c6L,0x2c6f4bd762fce75bL,0xcc6ed0fab9430ca1L,
-        0x2683da6990020f7cL,0x7c4cec7dca6d9077L,0x3e7e028b8fe80396L,
-        0x06f3e60f0ddbf616L,0xc0fabfc1d2a2e8d8L,0x00000000000000c2L } },
-    /* 55 << 315 */
-    { { 0x092a8391a47dbcdcL,0xbae279ea63678f3bL,0xf395a2501fb0434cL,
-        0xe1183e16105b8bc6L,0xb001cfbfdfd13240L,0x252d420549ae1be6L,
-        0x27006420135a39f1L,0x2a130dbc2d859c73L,0x000000000000009bL },
-      { 0xe638dc7141b6b9aeL,0x6a5f1007bc07e485L,0x7574919914cad421L,
-        0xb6012f24c1f1d11cL,0xfd20f9dfdb1f7592L,0xd7f2dfb9fa2a3c16L,
-        0x8ac19b7459368297L,0xb95552cd4e1622dbL,0x00000000000000c1L } },
-    /* 56 << 315 */
-    { { 0xe319a4da11c1ef91L,0x117ca85fa8ead392L,0x38784b6c757ae2fbL,
-        0x457a99aea307b95bL,0x698e3e9c8bb14a8eL,0x7172c6b2571ef3c5L,
-        0x02cd25bf3cb33498L,0x390b5efba243fce4L,0x0000000000000003L },
-      { 0xad23a309fd0eb02fL,0xd22e490f36c9fa28L,0xcdf111a3ab8b5d09L,
-        0x257bbdffe1c0b8c2L,0xd405532721284f9fL,0x46e4a9a534bb090aL,
-        0x7284ab106b2b6998L,0x46aba7e6f57bde50L,0x0000000000000099L } },
-    /* 57 << 315 */
-    { { 0x7475a134e10a04bdL,0x2e024e9bde9287bcL,0x48ef65326be4a304L,
-        0x761c87702ed78c9bL,0x450d1cc689b960dbL,0x2ba413a36e1855fdL,
-        0x0af0c64be2a82c40L,0x43c4773285bd1f85L,0x00000000000000b0L },
-      { 0xb79d374d5e6e57c3L,0x19d597c487b58f00L,0x2f08689424272b25L,
-        0x6fc826ce4ba5e7dfL,0x1daa63e338f961f5L,0x792ed02f8f78a2c9L,
-        0x93075e80fdb2ab90L,0x4b5aa382b67ba93eL,0x00000000000001aaL } },
-    /* 58 << 315 */
-    { { 0x4e9aa71ef43a6307L,0x58c0f6106e978e59L,0x093500d272236e84L,
-        0xfc4ac660ffc659dcL,0x47c0fdad706b4f50L,0x2056f72fe095393eL,
-        0x0b7adb25dd3ece91L,0xb6e5174297d8f944L,0x0000000000000023L },
-      { 0x009f45c1d0aabe39L,0xd2041cbbdb8e94e8L,0xf0ef2bc26a4112a3L,
-        0xd4b13654552e8c7fL,0xc2e819a41fa6f19cL,0xe9595ff52d299fceL,
-        0x2125ca74767e22d2L,0x99902ab316614806L,0x00000000000000a0L } },
-    /* 59 << 315 */
-    { { 0xe4fd64ae0cc153cbL,0x78e9e456424b39d7L,0xcdaf25a5d3fb88daL,
-        0x8b5157c5d1d2090fL,0x3009df9409a3b59fL,0x8993e887afcc70daL,
-        0x98d62e4b6aba6ca6L,0xae5bd1e9d0b55588L,0x0000000000000091L },
-      { 0xe51727ead2a73231L,0xbb78c75a11119940L,0x46cd02d334fead71L,
-        0x516fb90f79f074e0L,0x95794a415926aab3L,0x2acb4273ca95c0d8L,
-        0x2a554c55046d8abfL,0x3ea635345e0541c8L,0x000000000000014fL } },
-    /* 60 << 315 */
-    { { 0x39e516db05bd6b40L,0x6326d151b3450a21L,0x3f0595f40cdbf670L,
-        0x330c29d1933eccf4L,0xd4b341de30d980edL,0xcc507c0b49b16dfaL,
-        0x7013862cb0cf6c26L,0xea9aa644dd0f4300L,0x0000000000000104L },
-      { 0xaac1ae33a1a7c1c5L,0x990e19302e944d25L,0x3494435a34e6e768L,
-        0x2bffd9d0fdea3e73L,0x3449aa3d63401018L,0xd0742bd47458c879L,
-        0xedc90d58f893bf14L,0xc78a12f7ab8cd554L,0x00000000000000b1L } },
-    /* 61 << 315 */
-    { { 0x47b5e95d00a65e5fL,0x0d78b1d6649f9ff6L,0x9e2aa63ce37ee6a0L,
-        0x58f817a994c11bf3L,0x8c170c9fd5ba3c18L,0xe27da94f98518956L,
-        0x7e12d7a9bd858fd0L,0x913469c75403cba6L,0x0000000000000026L },
-      { 0xc0dd6e546195786aL,0x618e56115011e7e0L,0x06e017b330513dd5L,
-        0xd3af20882b48ca95L,0xc622ce0100e7de21L,0x40605d3ed4a05456L,
-        0xe3ea86f3be2886acL,0xa32b791e48371f63L,0x0000000000000185L } },
-    /* 62 << 315 */
-    { { 0x7475dd141a434a2eL,0xc1e3790411388191L,0xc94b7692bdadfaabL,
-        0x92ebeb2376d05a84L,0xead9002dddfc6806L,0xf8e3b5ab13f239d6L,
-        0xe76ca47a2f934e01L,0x05a1ecc18aded0a6L,0x00000000000001c9L },
-      { 0x545938b83172c0f9L,0xf0b5a269bd43272dL,0x8293c33a4c480501L,
-        0xb10ab474e2acb95bL,0xfe46ba6ee7f9dc18L,0x4ee4b0fc931c6276L,
-        0x9a2730d99b042b1aL,0x2d3175b3367479fcL,0x00000000000001a9L } },
-    /* 63 << 315 */
-    { { 0xf08f79df91452e27L,0x826c0321a1c388dbL,0xeea26b8de44c7caeL,
-        0x46b654482b6c49eeL,0x2c7c6d5d512e6928L,0x3279f451651d9718L,
-        0x8be44bdd001af2d0L,0x85bc67e29221e194L,0x00000000000001bfL },
-      { 0xc3adab308c929562L,0xd50abbf382b1d07cL,0xcb2300bd7c0e0792L,
-        0x275fc0b89c6c9591L,0x906b1ac03c1ea028L,0x4251b8a186a2a725L,
-        0x30af7c5057abc4f4L,0x865249727174416dL,0x0000000000000101L } },
-    /* 64 << 315 */
-    { { 0x8a9e56659d53ff0eL,0xe4c4fcd2c7ccbb62L,0x95a2b7a2b60b6fabL,
-        0xcf39fde59242b4d1L,0x43983f305b49d9f2L,0x4b5fece7220ec7baL,
-        0x10b1639c221fb872L,0xf5955c1df594795aL,0x000000000000008cL },
-      { 0x73dd1711eb1eea2cL,0xf027dae274f9e73cL,0x11c87d1589586cb5L,
-        0x16bc03cf1380814fL,0xfbbbe67a19693d82L,0x9ca4b47e5b37ae4dL,
-        0xad59beeedc7860a0L,0x46ff6ded599ca348L,0x0000000000000031L } },
-    /* 0 << 322 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 322 */
-    { { 0x47fe51518f87ae00L,0xf49ebf83b2d64637L,0x11eca7b4a1e86582L,
-        0x58bb53f9cbde2995L,0xa620bba204af7663L,0x2a01040d7221bc31L,
-        0x1734531da243ac9fL,0x1dcb67d6117d06e9L,0x00000000000001acL },
-      { 0x5bb6699b43275ffdL,0x4b141be73bfea061L,0x805d08b0dae58347L,
-        0xbbbbbae321ee35afL,0xfa863bafef02b56dL,0x21460360b35e5127L,
-        0xb64a8ac4dacdd7b7L,0x51582b4f92b58b6aL,0x0000000000000172L } },
-    /* 2 << 322 */
-    { { 0x74f71c976305b1faL,0x75c64449aae6788bL,0x072b8b0afc132537L,
-        0xd66862f496fd8bc3L,0x32cb2f3a5ff59f77L,0x9667801b58ffe8e1L,
-        0x227b57a4558302c6L,0x0c384f6e441664b4L,0x0000000000000130L },
-      { 0x0cfd7a96c16bc635L,0xe8f67af8d846d4c0L,0x7a398e333637d199L,
-        0x2648cdd111d7443bL,0xfe3bdc069843f169L,0x8192bff3b42d2c33L,
-        0x7caddfdcfd2b8fc0L,0x42d128611456b53bL,0x00000000000001dbL } },
-    /* 3 << 322 */
-    { { 0x4c7066df84e9430dL,0x77abd2e8e1f59506L,0x784cde21534bda51L,
-        0x84176c345bea6125L,0xc4f00c4c11104b82L,0xdbb8ef7087f79adbL,
-        0x1e47fff55961812dL,0x70326449202d45cbL,0x000000000000002cL },
-      { 0x84ecf48df169b460L,0x972348061a19979bL,0xde2caf4d9bdcf29dL,
-        0x90acca5e218caca8L,0x66480bb594715145L,0x70d761509ba70365L,
-        0xae45e69a924d4c52L,0xab48997cc321ca7dL,0x000000000000013fL } },
-    /* 4 << 322 */
-    { { 0x5637ceab569dfcd1L,0x0d1cf091b2c13802L,0x09115a1f731087b6L,
-        0xeda479febdb45b2bL,0xed883a7d8e6e5507L,0xbc9206ba30bd8162L,
-        0xff2af28ec6294b24L,0x2058521ac8947bc9L,0x000000000000003cL },
-      { 0xfcfa87a55a82fbaaL,0x988a9a6c1569f45bL,0xe65849f65d3d6aa5L,
-        0xa3d0879f05446b48L,0x45571ccf76f480d1L,0xacd9a3230efd5f79L,
-        0xf30e5ec4ae956132L,0x325306d0ea93f245L,0x00000000000000a7L } },
-    /* 5 << 322 */
-    { { 0x8582acf43008f8f9L,0x78d113721bd79b09L,0xab3aaaf5e6af3cc0L,
-        0xecdc672eae9dabd8L,0x56f69a15ed65ca69L,0x51b4b25a3932ae63L,
-        0x8047c54c6f8e81f3L,0x7fee87e2910eb492L,0x0000000000000006L },
-      { 0xac401b28e398d849L,0x5cda81e9c78212ccL,0x1d38ac77ab650ca3L,
-        0xf1c7e42583da6475L,0x2150ce594108cdceL,0x9a59ba89de85336dL,
-        0x3bf646ba9551319dL,0x2db133dd2540ea12L,0x0000000000000068L } },
-    /* 6 << 322 */
-    { { 0x7c1d8a0eaae05a6bL,0x4906595862835a21L,0x66338e4d7023e607L,
-        0xa8aec3272501507bL,0xe3eb9783283179faL,0x11908e2f9703f59eL,
-        0x08ff92f55a86e591L,0xe4c7c4d922806045L,0x00000000000000c6L },
-      { 0x27f1b842af9bd2edL,0x238d7152eb1c7239L,0xf02ca4f06935f71eL,
-        0x528b57266888b5feL,0xb9965603e8e613dfL,0xebd0e8fe7e1b59f7L,
-        0xeaf264d6f09bae67L,0x01ff76c9a540edcfL,0x00000000000001fdL } },
-    /* 7 << 322 */
-    { { 0x80a0e45b314cc74dL,0xd7fa3610b57c5800L,0x848d96d7b67e5f65L,
-        0xc861fad13449baceL,0x68cb8a38ddf3f1adL,0x66d16b9c66a153ddL,
-        0x94b81dd9e8236d66L,0x26b5570869130397L,0x000000000000008eL },
-      { 0x0b0a8f43a6bf9b14L,0x185a239e96c9d7aeL,0x1119dec363fcebbaL,
-        0x952da42323c83456L,0xbcecf110bdc4a430L,0xc64ba9f6b2a77ed2L,
-        0x75d06bb1323b6059L,0x192de9edf709226fL,0x000000000000004aL } },
-    /* 8 << 322 */
-    { { 0x5f7d9850fb6f765bL,0xafe6dbcad0ccfce0L,0x9e66a5e9d97d6f42L,
-        0x1b402928377f7e90L,0x44b0d87abfc71aabL,0x3cffd5151de366f6L,
-        0x845d7d74b292c4f5L,0xe0822ef93f88e818L,0x0000000000000017L },
-      { 0xfff7c1d7104d2069L,0xe53e122dec0fdb18L,0xf07a43395646b614L,
-        0x3f2341d0b47765f6L,0xfde6dd5e2cb3def4L,0x87d324787a97d20cL,
-        0x27235476bcb7b256L,0xb03f98dc9303c7d0L,0x000000000000010bL } },
-    /* 9 << 322 */
-    { { 0x634e5bf3d3323dedL,0x3bf31a84f4d4e862L,0xdd6b8f2235e8b445L,
-        0x0b82f8ffaa9b65cbL,0x34c6a6fd744b4cf6L,0xe1831208a43f35f5L,
-        0x7cd47de06db12386L,0x845e032b5b4183e5L,0x000000000000013eL },
-      { 0xc7b8b5ecb448fbe4L,0x779c1f1019d44cd8L,0x63be24d85e05ecd4L,
-        0xc34e9ff989f86617L,0xe1b13059d96a53a8L,0x92101f9fec8a4021L,
-        0x56150074ecb053eaL,0x802050cb44760734L,0x00000000000001d9L } },
-    /* 10 << 322 */
-    { { 0x29f559f30101f121L,0x755e6943457fc6c4L,0x4531ef607c423ebbL,
-        0x2e214b5f5c1752afL,0xfbb45080bf760382L,0x4ac072f6fb9ec95eL,
-        0x1c738977d3f9dc13L,0x8941f56b46cd8ddaL,0x0000000000000035L },
-      { 0xd99d101d543301b0L,0x9cbe76c1eb88a1f0L,0x3a83d44c974b3e02L,
-        0xaa0fad91d4c62aafL,0xa4393659c1aac52fL,0x5cc89ddeb695fc35L,
-        0xd248c1bdc017698dL,0xb232bd2028af0b2aL,0x00000000000001f1L } },
-    /* 11 << 322 */
-    { { 0x09742d9a3320fef4L,0x211ff0f93e06ff4bL,0xd78969686f42e626L,
-        0x6bd0c95a11fb5505L,0x28d29ee1288e9a9cL,0x6ff437b97d75ef3cL,
-        0xaae59f1669ad35ccL,0xa8d0a7a2e20c026bL,0x00000000000000faL },
-      { 0xdc4feadd783a9b51L,0x387f15e0622a4a07L,0x78005c174a207939L,
-        0x2f1c8ed7a4ad0da9L,0xba0da149f12ae544L,0xd3085ef61db1ce40L,
-        0x8185ae15c8027370L,0x672ae84ee7699af7L,0x0000000000000107L } },
-    /* 12 << 322 */
-    { { 0xc1d74d05ac5fab15L,0x6ea132c49b102d52L,0xd3ada4ce0d890cd3L,
-        0xab7248f092823f62L,0x246c373023871113L,0xebbca0b998424f07L,
-        0x0061eb2c2e62e741L,0xac1b03d25e90c5b4L,0x0000000000000136L },
-      { 0x0748c14a7eefae68L,0x82525b3581f8a2ceL,0x31a64097398363e1L,
-        0xcbf57e0257b6b33bL,0x523f0584807217e6L,0xd607efe780b9700fL,
-        0x79afcc9435596890L,0x140ed6f46985a97eL,0x0000000000000160L } },
-    /* 13 << 322 */
-    { { 0x994d6f091dc32085L,0x7ef66c0ca1ec3338L,0x862f3f00d05f032bL,
-        0x14b255ab398a3cd5L,0x15dcba7d14d0afb9L,0x426d2d2b0eba73c0L,
-        0x49c12810c97b173bL,0x1b41ee58de677412L,0x00000000000001e5L },
-      { 0xf95f8080e3f62ad7L,0x2043cc48def132ffL,0x675e320a4ac025a4L,
-        0x70d97e051e334fb8L,0xf1f374fdd5c92698L,0x092930a4e24b9c4bL,
-        0x9df749fe264df791L,0xba72b3748ec13529L,0x0000000000000170L } },
-    /* 14 << 322 */
-    { { 0xd9b7a5b9e1c9df84L,0x709198f2b5280f15L,0xb34b95d48277fd56L,
-        0xfd99a4ec9de8b8a2L,0xe382385a3a437ec0L,0xec27c9e21c556ecbL,
-        0x40e3599d22df4e54L,0x01c11920edd21904L,0x000000000000016dL },
-      { 0xd4049aebdd8453f7L,0x8c013265d4ed86eeL,0x97aff20706af369cL,
-        0xa09fb20b053ebdd8L,0xa0864a12daa9bb5aL,0x046821b0487993d4L,
-        0xc60e798c71b8e214L,0xe34ceba3b599ac41L,0x00000000000001d6L } },
-    /* 15 << 322 */
-    { { 0xa5828c36d7a89dc3L,0x469a1d568dd9c304L,0x66de18a2fd9cd815L,
-        0x9c9dbdc6b2dc8e19L,0x1a498589fd4ac190L,0x5a56e72594b98ad2L,
-        0x01af3fa4075c69ccL,0x1545c78e90dffbb5L,0x0000000000000050L },
-      { 0xa65c03dcc589d32aL,0x17e9f0ce6060cac0L,0x0e4407a37302e7a5L,
-        0x0b6d8617e87d0d8cL,0x6c4d924e82c0970fL,0xb8323cda4e7cf7a9L,
-        0xfec1519afc7592f4L,0xe3ca60ad3b413603L,0x00000000000001d6L } },
-    /* 16 << 322 */
-    { { 0x116ca45b2e19e0b1L,0xa49d8f1b730ac8c2L,0xda037586eb7a1238L,
-        0xeae3abd5e834391bL,0x8675c82a277eeb94L,0x975ac10634b19d06L,
-        0x6ab169a96b83a163L,0x3ed9a40a967424fcL,0x000000000000013dL },
-      { 0xa23d2b9b2082d8bfL,0x853ae3f39a7d0a3fL,0x04c7ce962879d8eeL,
-        0x17da556d29c66703L,0x1b3a760f1fde40f6L,0xb98726458c5b2120L,
-        0x59b18fee260aff65L,0xf2a8908d5df615dcL,0x0000000000000116L } },
-    /* 17 << 322 */
-    { { 0x0c565f6dbf610ef7L,0xfb3f938daf30f04fL,0x3e626c858b8f63a6L,
-        0x46b39352fcc292aeL,0xf7d0a0563a488d11L,0xdcc803337f10c63aL,
-        0x9ce707d99c6af943L,0x5a919c777093b168L,0x0000000000000198L },
-      { 0xc635f424549b3f1eL,0xdffe84686bfd7fbaL,0x2ca865d6999c72f8L,
-        0x904ff1826178fabfL,0xb431f3d908971a3dL,0xb6f8633bcbc2b248L,
-        0x65788bf3b9173f22L,0xfb2c9aaa9e356216L,0x0000000000000091L } },
-    /* 18 << 322 */
-    { { 0xa0fecc4018e76bfcL,0xaba8add4477d51acL,0x41057a450ba7ff2eL,
-        0x75b902a119cb81e4L,0x8e5b4a580e68c3adL,0xfcb68db8cc58a3d4L,
-        0x0a7e44ce4f044a64L,0x40e4907ed0543f9aL,0x0000000000000006L },
-      { 0x32195dac8df38660L,0x6e1d60e5377aa840L,0x847cf167ef79a408L,
-        0x3be397f0d44fbdebL,0x6bf1298cb6474131L,0x116995a6fd22822dL,
-        0x5af45b34c8290ecdL,0xddde3eecb230c779L,0x00000000000000e9L } },
-    /* 19 << 322 */
-    { { 0xd3d86741f2c7d24dL,0x21d5116b19322c3fL,0xaf9d1a0819063e10L,
-        0x5b594a50e31c6774L,0xe61198cd516f6354L,0xec9e8eb451088a79L,
-        0xcc3031bbfcba2683L,0xeb08633e531785d2L,0x00000000000001f4L },
-      { 0x539664466d67c0fdL,0x2a42f1e974ae1a80L,0x6c12467c885ea4ccL,
-        0x81ab0c5b0efb792eL,0x71ddf7497b91b2e2L,0xec246aafead35602L,
-        0xa0f4a61d2563662cL,0xc717f71c505df6c4L,0x00000000000001c0L } },
-    /* 20 << 322 */
-    { { 0xafc75c178ec70a8dL,0x32686ebf7b117380L,0x16050cda21e28c47L,
-        0x70c05654e731b083L,0xafa2e57571d1f6d2L,0x0df1a032c1982fd6L,
-        0xc0e7b1461e86f69bL,0x0df3c6bcdce1864cL,0x000000000000012aL },
-      { 0x46fa0fa600b0d0b1L,0x1f0a42b21691a590L,0xf5a6e4e8ac8c1189L,
-        0xa2cc987973a0ab49L,0x721ca290cf17f795L,0x4026f9c3ecf32b7bL,
-        0xbabd20c019cd7057L,0x99378e8c5c30cbccL,0x00000000000000d2L } },
-    /* 21 << 322 */
-    { { 0xd0cbcc47c26a88c6L,0xc7b0cda13f2dc480L,0x405f4a1024029c61L,
-        0xa79337861f262318L,0x009fa8def18a254aL,0xd8e1d3ff56e86d6bL,
-        0x9d1c8cb1cf685730L,0xe9e94c8373d42c86L,0x00000000000000b4L },
-      { 0x03d5e8cf263d6639L,0x008d0a7caf59818dL,0x030bfbf3d18597c3L,
-        0x7e6faa51312d4f8fL,0xbe896d83b2d948e3L,0xd6a7d6786f4f8181L,
-        0x2140942ed01ccf0aL,0x458145e3bf228206L,0x0000000000000182L } },
-    /* 22 << 322 */
-    { { 0x9925822b53727667L,0xb75905699f8ec5bcL,0xab4ec9d48d2a5fc8L,
-        0x1fdf79f123996a2bL,0xb7c9dca72e618aa4L,0x70df99533cce63acL,
-        0xdb24712df2c51a36L,0xd95239ec9d3a3f59L,0x0000000000000083L },
-      { 0xd649c751d2ef6338L,0xb18fa99e47365d93L,0x1f96c9811d979826L,
-        0x752db605cc8def36L,0xe723f8151830cba5L,0x11a2323f7123ba6eL,
-        0x63fb9a0d0a390d71L,0x41a6131c77638870L,0x00000000000001daL } },
-    /* 23 << 322 */
-    { { 0xa3e39aae9386104aL,0xde389403c6bab3e7L,0x2aba3b6dc8ecba58L,
-        0xaba666e342eda205L,0x247aa93c7ec04499L,0xeabe55e2811dc300L,
-        0x955ad4c37f7c679bL,0xffa5d2930dd8edfcL,0x000000000000001cL },
-      { 0x6cd7828c8d795923L,0x93fdd33bcf549b25L,0x8a2a61d68e5ca30bL,
-        0x5e0466db7302313aL,0x296faf9fba7c9c91L,0x4f8645cf5999f063L,
-        0x589f67f837992492L,0x0bed28248081dc37L,0x0000000000000177L } },
-    /* 24 << 322 */
-    { { 0x2229e06cccd6d98dL,0xad78008c2bbc14eeL,0x361ffa4fda34a88cL,
-        0x6023fcf46cf499fcL,0x72051f272a50f74fL,0x56cc61c8e9a59a2aL,
-        0x2defb0a1bf0392cfL,0xa5ed8b89d29013a8L,0x000000000000008dL },
-      { 0x9d396c29d3d7339aL,0x0d21b9dfca0262d1L,0x164b69e0a000d10fL,
-        0x2f7f7dfce1147d4bL,0x3cc2909978310e2dL,0xdca71fac36ae5a21L,
-        0xe0c8579aa0f4cfd4L,0xc05c548904582119L,0x000000000000013fL } },
-    /* 25 << 322 */
-    { { 0xecc1d27d517fd248L,0x5e8aa5936053787bL,0x46fe1e027a0727d4L,
-        0xe190ed905b0731cbL,0xaf9197611b2c2c55L,0x6d3b24cf61100b10L,
-        0x354826b3638b7314L,0x2ab60c42a335005dL,0x00000000000001b3L },
-      { 0x60406971fb3548c7L,0xa39ee5b246ea496fL,0xbda9226bdea5de60L,
-        0x125efd34ee468f88L,0xe04d9f1abe0b4fadL,0x123e18b7c72e7621L,
-        0x0e4c5a0dc75a09c6L,0xb31d669e57d867c5L,0x0000000000000162L } },
-    /* 26 << 322 */
-    { { 0xf5747cbc85245da0L,0x120980ce618dcf96L,0xec629da41d48d206L,
-        0x4419aa98d3952436L,0x01a4a6e1bb4544aaL,0xed247d13a94aa6dfL,
-        0xbceaddb76a5924fbL,0x11fbff73e1cf234bL,0x000000000000017fL },
-      { 0x224a152e21813c71L,0x6e2a6f4a20f47b53L,0xbf1a147535e50638L,
-        0xf1f713223308616bL,0x64d14f69d2f8fef1L,0x1e8b9fffa246cbfcL,
-        0x62bf5aa4d3763484L,0x7c57e682b86702acL,0x00000000000001baL } },
-    /* 27 << 322 */
-    { { 0x3a70dcd25f13c332L,0x576f41afe4313910L,0xd0b6b3c552430b5bL,
-        0x0d5e9e48e8996f32L,0x207b17fe77e70a78L,0xd0d76189584a4c91L,
-        0xd35b7d9ee12153afL,0x1b5f87f40becd4e2L,0x00000000000001cdL },
-      { 0x4bc65a348ff1d0a7L,0x4eefffa356825c30L,0xa42098b2616e22dbL,
-        0x46bc46e15e3e3225L,0x015f358ae05be037L,0xe02307bbd86e016aL,
-        0x14bc3a329a393613L,0x5bdce022e6a07114L,0x00000000000000b5L } },
-    /* 28 << 322 */
-    { { 0x161b9770b7dc0f64L,0x42ad385a84f67076L,0x6a94116c710d4992L,
-        0xddfa30033ec54457L,0xa17c61d12d520342L,0x7e673638f36c6f21L,
-        0x7654e648eaa1a95aL,0xc4b4a3c40dd8029dL,0x00000000000001cdL },
-      { 0xd748525500c9033cL,0xcf0d9c3551acd2cdL,0x02022ded596a8678L,
-        0x56fe8164d90b82ecL,0xe376a376863801c8L,0x559b0f3fad337694L,
-        0x3c720b4f06e23e58L,0xe02dcd8191914c96L,0x000000000000003aL } },
-    /* 29 << 322 */
-    { { 0x7c7c5db9082cfac8L,0x3598e5560a7f3db9L,0x2601b07557884076L,
-        0x6ff31de8b9759bd5L,0x8a065c1fe55fc009L,0x61b3433f212241c7L,
-        0x20413706427bcc47L,0x11748db7fc48d7c5L,0x0000000000000004L },
-      { 0xe5cf15518d4fd88eL,0xd68399f20567016fL,0x8e255e59ce2a0316L,
-        0x5214f9d91ac90dc8L,0x1e0c990eef6bc99eL,0xd604cc6438467d13L,
-        0xc3e5306af38a48beL,0xadf8009b6d167ca7L,0x0000000000000044L } },
-    /* 30 << 322 */
-    { { 0x21487ed2e126ce5dL,0x49bc01bc5bd1e210L,0x1aa5f2c20fa11fabL,
-        0xa2242af403fff4b4L,0x973eca3c209db9aeL,0xf2db2f1b3dd561d9L,
-        0x784606951bcd0ed1L,0x5510ea75e062faa1L,0x00000000000001abL },
-      { 0x5e7d9dd5f2bebc17L,0xe4244808d597a75dL,0x0aa0f5a516b9fe86L,
-        0x61d40d8a03e38a68L,0x934f4bef9e2e8268L,0x52a157da1ef90390L,
-        0x7b1a6498cc5d0b9aL,0x95b9693300f06240L,0x0000000000000072L } },
-    /* 31 << 322 */
-    { { 0x7952dc96c4dcca38L,0x71e01c35fdd766a9L,0xd4ad5e22d4782655L,
-        0xe4e886ca808c793eL,0x636e86b943abdc47L,0x00a2bee29483f877L,
-        0x6a88f59186462a7cL,0xff8140be192bbe07L,0x00000000000001b3L },
-      { 0xd8e44cf01ff8cf63L,0x82b1238f14439990L,0x9f1800edc4edd1d0L,
-        0xae0de82d7eb239ecL,0x9b60b1dfaf69441bL,0x4e521d71e632474dL,
-        0x964fd7357e9a7351L,0xed7cf4349f2ad1cfL,0x000000000000001eL } },
-    /* 32 << 322 */
-    { { 0x699f72e9e084ea4aL,0xd1c4bc45dc721bcaL,0x7eb43d78995db3e6L,
-        0x76e84fae02088e1aL,0x1b061123e048084dL,0x7caf0d3279abe6feL,
-        0x9340583753b13e9dL,0xa05d1313cc58f64aL,0x000000000000013cL },
-      { 0x81d54e675fa5b0aeL,0xee551c40086b46c4L,0xe7b98e209b7daa1bL,
-        0x8082803eb868c9d3L,0x036502f236731930L,0x075455aef9a93c2bL,
-        0x080e704652a61944L,0x9f4bbcf0580494e0L,0x0000000000000154L } },
-    /* 33 << 322 */
-    { { 0x298a0e46721ade9eL,0x677e8b3ac7e30064L,0x0568fd0178016c49L,
-        0x994f0036d3ec1adeL,0xeb07215b15c5599fL,0xa97133b3e01597c1L,
-        0x6c991e6ed54986a6L,0x2fe04bae2e971e6aL,0x00000000000001dfL },
-      { 0x25c966cdf287199fL,0x7e9f51d01c337d60L,0x0c823f68216d1b44L,
-        0xb381e0434d7ca148L,0xcb0cd817bcd421f3L,0x188b342f88fea786L,
-        0x751d7c1bb2a40514L,0xb05475b4f0efd0dbL,0x0000000000000083L } },
-    /* 34 << 322 */
-    { { 0xf12858a030e60874L,0x885b746a49363fcbL,0x89677efa9e6267faL,
-        0xda86b591948152a0L,0x13a52d2eefe62f36L,0x44a7c6cc22770a18L,
-        0xb71c6a83c8b69076L,0x239a31f25ed31aaeL,0x00000000000001c6L },
-      { 0xa91974f8adbb6beeL,0x0cef8b3d5fef0a99L,0x47accfa21999c491L,
-        0x8d9fd072192c2a13L,0x925393d4d87514a7L,0xad667ad4e6c482d0L,
-        0x812fbf47a5668487L,0xf1c2e82276e7bd3dL,0x0000000000000019L } },
-    /* 35 << 322 */
-    { { 0xbf8363be4df133aaL,0x00d7ebe6830d997cL,0x2059980566b5fdb9L,
-        0x2b682dec73cd9f64L,0xc4ab8c87e5db0383L,0xfa2dc9686d539483L,
-        0xb0ede1675e8498eeL,0x5d8c23dfa6a71bb3L,0x0000000000000002L },
-      { 0xed62df962ddcfedbL,0x62dbb40ddecfde69L,0x3a847e28ea8d6afcL,
-        0xb4c7f1db2fcf58a2L,0xd774982684eebdafL,0x0a5078bd6259f54bL,
-        0xf9d2df2d9b7545e8L,0xa5b293c9ca1ea850L,0x0000000000000053L } },
-    /* 36 << 322 */
-    { { 0x0e4b463a886b2e59L,0xa7091bdde1730e93L,0x53693de2e485313cL,
-        0x32137cec9d335d4bL,0x30983f46e7b8f7b6L,0xa8f5732c36785d2fL,
-        0xfc96dd6d27f2db5aL,0x649054e25a562614L,0x0000000000000164L },
-      { 0xa4b1b99714766d09L,0x93af1a132001eceaL,0x436fdf6a69bb5799L,
-        0xb0f3e655eae264adL,0x1ff369c761838a92L,0x3780d328a24da60cL,
-        0xe126d99241cade42L,0x9cc0e1ea9ea7d1b4L,0x0000000000000056L } },
-    /* 37 << 322 */
-    { { 0xe3f5c92af2c9c91bL,0x9fe56b3fc64b60e7L,0xe651ab8b2d15166bL,
-        0xf7421bb890e51defL,0x0adde7402cacdf7bL,0xdaaa12e1cb9e11e5L,
-        0x42dde46b5211a0ccL,0x621aea01f0da0299L,0x000000000000004cL },
-      { 0xb1c259a1a55cbce3L,0x10fd90719f2f0057L,0x8242faffc92645adL,
-        0xabdf00a3cbc7aa9bL,0x0b2deaa426b1272bL,0xc9edb172bc53e47fL,
-        0x7e3c26de93e77e99L,0xcadf52633d8eb2e5L,0x00000000000000ddL } },
-    /* 38 << 322 */
-    { { 0x89f03416a0f14094L,0xd56358745bf6b5a6L,0x07140f5ab2d9fec2L,
-        0x3a6be1f713d6753aL,0x29f0b6713669ba9eL,0xd3e499809c9edd9aL,
-        0xa1222f0a876e1af0L,0x7e4b2d8e3a539f63L,0x0000000000000197L },
-      { 0xb9fb59ba3657e3ffL,0xb0bdaaca95a402e9L,0xd6f9607d9fc5fcb5L,
-        0x08277d4ec95e8496L,0x9d6231d624a10303L,0xc45279e62ff82594L,
-        0x925b8d7bff7c6659L,0x2ce594e8599f6b14L,0x000000000000009aL } },
-    /* 39 << 322 */
-    { { 0x0d0927adec179a82L,0x9bb9d81707986ba2L,0x4dde10ba9a1e77a6L,
-        0x52ceeab0fa680f62L,0x7415c752e0dc60e9L,0x45bbf4dea0c28835L,
-        0x926ccc195a41d082L,0xc18e0bf9fcaf9128L,0x00000000000001e0L },
-      { 0x212b073ade970121L,0x2f3acba643d17f79L,0xc4f7513cb540cfcfL,
-        0x5d4ecfec9dba50a6L,0xb6ac72945403b601L,0x445f1431a3e52e7bL,
-        0xa4471581a24dd4c9L,0xbcac26f166e43679L,0x000000000000009eL } },
-    /* 40 << 322 */
-    { { 0xb3e7eabf951c2d0eL,0xbf9959209512c00cL,0x0f1d97a8dbf1f0f9L,
-        0x6a52615c430981d0L,0xfb0f0d2097073d82L,0xd843bc6cc0430de7L,
-        0x1bd02e5440061f87L,0xca4930b25dd88dc1L,0x0000000000000056L },
-      { 0x92c1350259a249afL,0x1597c507b2ca76b5L,0x298751f3039592d2L,
-        0xc50bb3a4e8a71d91L,0x4d3a058405f1e850L,0xd16f70a3764af248L,
-        0x5d508a243f2215ceL,0x2cbcdaed889ab117L,0x0000000000000193L } },
-    /* 41 << 322 */
-    { { 0x33651b0fa901023bL,0xb284799cf74f9e94L,0xca2adf58ab42f967L,
-        0x5682cd2f8f916cd1L,0x1fa28c120716ddd4L,0xc7fbd070fcce3af4L,
-        0xe2584ea683c7d494L,0x292cf09563e96f86L,0x00000000000000d3L },
-      { 0x978eab0d561ae9f0L,0x505bd69d87b3fa7dL,0x6da8f644e5f1eb0dL,
-        0x23835289de97f4beL,0xcd57f90042407f6eL,0xebbf612c3210ffbaL,
-        0x7b4bacd8094d959eL,0x8bff4d6940769457L,0x000000000000003aL } },
-    /* 42 << 322 */
-    { { 0x0afc9e7020994117L,0x0e57032cd363dcc3L,0x7524eb6c993e395fL,
-        0x8ef74be384122007L,0x7d33ed5003a27726L,0x27513a4eb65c88c8L,
-        0x6af64d0b7d9f370aL,0x4cb05a9b45c17a8bL,0x00000000000001ecL },
-      { 0xfd7afd321f4198b9L,0x385d1c7039b3b13cL,0xab60c146d2b332b1L,
-        0x50b827d7dc655444L,0xa2c7a8ddd25c4e3cL,0x0a27f3eab718ce9fL,
-        0x14ff04ece2dbeea8L,0x63f281fe2fef5044L,0x0000000000000074L } },
-    /* 43 << 322 */
-    { { 0x49fbd643eab88f85L,0x564f4ba7e8c9011dL,0x1d818e0bc7b1478cL,
-        0x1803f387883b4833L,0xedba2a623bc03335L,0x634a781db6fc5a17L,
-        0xe8196ce6811f8210L,0x76af8a379732049aL,0x00000000000000fdL },
-      { 0x8c283abdc06054cdL,0x34308c7a8998068fL,0xde75159933710724L,
-        0x992f8183afd84b44L,0x893f046a3e7c8ce0L,0x0a967e5f70f40608L,
-        0x95c11e854bc01128L,0xa5e3708141fc13dfL,0x000000000000000eL } },
-    /* 44 << 322 */
-    { { 0x8ed9e22a9439311eL,0xd3f46e41314b0141L,0xbdb1570568382359L,
-        0x149adebfb65d3aabL,0x4f73e3254fb4c8c2L,0xef7883ccecdfb62cL,
-        0x7a0ecaa2123003b4L,0x8da68ece15a2a7fbL,0x00000000000000ceL },
-      { 0xaac484e542250748L,0x5e1020b2e43c22e1L,0x755475a75f3c8e7bL,
-        0xbc1fd16e533061b7L,0xd10d8530011d193cL,0xb8d9c97e4ae8efddL,
-        0xf19de2648f813fc8L,0x3a0b5f66415daf6dL,0x000000000000009eL } },
-    /* 45 << 322 */
-    { { 0x9969b5fd3135fadeL,0x9bc95aa606e484cfL,0x355ddb588b0fc080L,
-        0x1093422b3bf11d43L,0x5d5237f95bc21dfdL,0x25c184a661758002L,
-        0x1625b15c318e6360L,0x32d2ae19b508e1ebL,0x000000000000012cL },
-      { 0x722ed1b76e253643L,0xe9242c221809165eL,0x5c962af74b9630a7L,
-        0x36d676d51fe4f40aL,0x9c6232022f1b1556L,0x209b0bc4daf3120bL,
-        0x72726a0105689599L,0xc16d60ab500ef70cL,0x000000000000004fL } },
-    /* 46 << 322 */
-    { { 0x9808593467fbef8fL,0x22bc62a9f82be097L,0x98cded2d74bb7957L,
-        0xf315e03a49c8bd33L,0xf9e872d565490065L,0xa5a6bd39857ea243L,
-        0xded7128e8cfe8539L,0xd763a75b8905dea9L,0x00000000000001c8L },
-      { 0xc9861044843cde89L,0xe3761912078c8f57L,0xefa422f7582d9659L,
-        0xb50a0a959632fa91L,0xf955855a469df6c0L,0x0ea369f34669bc3dL,
-        0x368ab00685599310L,0x2ad00a5eb7a8b481L,0x00000000000001deL } },
-    /* 47 << 322 */
-    { { 0x4c84c9f9ea65b932L,0x0b54ecf8bec4ea40L,0xd5de970a9e70ecd9L,
-        0xc940c1ed40455e5cL,0xc8bc7dca3838fdf7L,0x63c4efb6ef33dfd4L,
-        0x82b51dd6c47f4e20L,0x5cb41a27ff99b86eL,0x0000000000000123L },
-      { 0xe7b1d8113117d1faL,0x517166515e4a173dL,0xc6d75c1834fbc8acL,
-        0x4646316c524b402aL,0x361c0a1b7b71c7b7L,0x777727080796b95bL,
-        0xe6e931370451eccfL,0xb43aa00d237aacf2L,0x0000000000000108L } },
-    /* 48 << 322 */
-    { { 0x77b4759ecdc28bedL,0x2c9485511067b654L,0x97a30e9c1be3d888L,
-        0x1b8ee1134d8a74eaL,0xec2a632c3b1697ffL,0x60ac030fa8d72746L,
-        0xee82efee20b60c63L,0x6c7904a018c6ac9dL,0x00000000000000a0L },
-      { 0xefabd68d11a97778L,0x0c8e7905d29960d2L,0xc58e496f0b58310eL,
-        0x8bbcb95ce092e4e6L,0xcfefaa5cd7b6d076L,0xddb0d933600c7c58L,
-        0x7ec76492d34b8f40L,0x6ad971caad23f589L,0x000000000000004cL } },
-    /* 49 << 322 */
-    { { 0x9c3eaccf73c220baL,0xecd040d222e53490L,0xe4e958c14dcc1e96L,
-        0xdba4a808b1af5f74L,0x3106a290a95fbb79L,0xffb704293792882cL,
-        0x7e595219f8432c48L,0xdde6ce6c8e43e77bL,0x0000000000000125L },
-      { 0x5c5bed0062b3c950L,0x4287ec7870ec2a41L,0x31f56d23604c34a9L,
-        0x39550dc938e5e90cL,0xce05656c3502e7a3L,0xf65501831c683d8bL,
-        0xcb128c0981e26495L,0x4f4f4402cc33b9e6L,0x0000000000000053L } },
-    /* 50 << 322 */
-    { { 0xe5a77166be5da74fL,0x32f62c8e2fa814e0L,0x70ae9f87b6c207d6L,
-        0xd803c9a7fce84376L,0xa7e7e9ec53846c94L,0xeb357fcc3fa01a22L,
-        0x2fcdd432d264e780L,0x4ce115c9c352af13L,0x00000000000001faL },
-      { 0x9543539d8912fd69L,0xe1eb19b8d14ed2c2L,0xc47ab4f0beea02a9L,
-        0xa097de0020a38f8cL,0x182cb223511265f0L,0xcdaae98f01614e32L,
-        0x9968eee31ece63d3L,0x6219a46db34a7e22L,0x0000000000000080L } },
-    /* 51 << 322 */
-    { { 0x9e12cfec9c3a4c3bL,0x779628a45f53855bL,0x7ac6e3494ee550f6L,
-        0xc167283c7a4b2192L,0x58c2fa2063e39e4dL,0xbab2d6ae0b743e23L,
-        0xa34a920cca6e9cb0L,0x7818f9f4ececa894L,0x0000000000000010L },
-      { 0x3416933959b9f008L,0x0a9c68d604ef634eL,0x18a98bb9e6a78900L,
-        0x124443d61e0fa784L,0x56668b018fc2d6cdL,0xb5ddc6d2faa5ef32L,
-        0xeb89133aec245cffL,0x5b3dd85dc2929841L,0x0000000000000197L } },
-    /* 52 << 322 */
-    { { 0x42c6902d17001ab9L,0x6bcd13b0e3c3bef7L,0xe61d8161a3b5a78cL,
-        0xa201774e05b85e95L,0x9c0940abd7e54543L,0xd8c739a71066397fL,
-        0x2a086159a49687e8L,0x6e5a1b2592222916L,0x00000000000001d9L },
-      { 0xc2fe70be069126eeL,0xd337ff0cda37306aL,0xd91e07f157f8eb8cL,
-        0x83eef5e6c3e8974fL,0xa0584968665f08cfL,0x377cdce9b5297c10L,
-        0x581d1c013d1f2799L,0xa1b669d8bc2e1714L,0x0000000000000096L } },
-    /* 53 << 322 */
-    { { 0x087569b150902c90L,0xf91f6a3c073c744dL,0x7811c91daa8b077cL,
-        0xa5ec0a6d68dadbd6L,0xb885e064f45ab631L,0x24b696dc452bd6b1L,
-        0xa528be732e9ef035L,0xc5683c7afffda366L,0x0000000000000196L },
-      { 0x944aef1b14b55baeL,0xf9b890250d064e11L,0x47c699ca4c807c41L,
-        0x37312d6d205c11d7L,0x5d1546c69319437fL,0xdb86c05376c56164L,
-        0xc554d7719937d348L,0xfd1f3aac9cff2d06L,0x0000000000000140L } },
-    /* 54 << 322 */
-    { { 0x4e5f70bd593eeec7L,0xa08a3a07c68adf61L,0xa939150808b6d600L,
-        0x0b36d861cb6b65f8L,0xa5b6fccf274f5cabL,0xd821c75ed6a29c3fL,
-        0x61f56a9e5d06fe0cL,0x818aaa46240372a9L,0x000000000000010bL },
-      { 0x97e136c0c49978b0L,0x9ae5030e27f22acaL,0x9a2ab3a3ebb6f0a4L,
-        0x4eccb9a421c62aa3L,0xb3c264e17e298f4aL,0x5681ce55f5126a1dL,
-        0x2e55fbbb2dc003dfL,0x96eea8b06c8cdffeL,0x00000000000001bfL } },
-    /* 55 << 322 */
-    { { 0x225b4c7ca087d667L,0x1c7212bf5e019ad6L,0xb4d883fa55533217L,
-        0x060a1cb3a9382203L,0x0cdd75b0c64dfca2L,0xbca3849f8129ca54L,
-        0xea0f1541fdc4ba6cL,0x76420c089f8d1f5fL,0x00000000000000e6L },
-      { 0xa53a534f6ce1b6a2L,0x2489f4cd43caa085L,0xce3afd72f0ea6160L,
-        0xaf9e1e469665daedL,0x947a8d04312ec1beL,0xd802b36ed89e92feL,
-        0x41a7f3301ed24021L,0x6b8789018bfa23a0L,0x00000000000000d5L } },
-    /* 56 << 322 */
-    { { 0xb42ef882816f7665L,0xb3afb61fb9084579L,0x3127e9a54745395aL,
-        0x1fa6611f0126d538L,0x798fa552070097ccL,0x6f41901c704f16d6L,
-        0xf528b063bd6749f9L,0x3ca460784b9fff68L,0x00000000000001dcL },
-      { 0x0096eb977d54eb8eL,0x9de669afe24facdeL,0x1582b22ac6df403aL,
-        0x8f4fbd44a91242ebL,0x1696fcc0e0ad2760L,0x334c9d4ad2d90e25L,
-        0xe57995440d5893e9L,0x5074b63ed1077be4L,0x0000000000000029L } },
-    /* 57 << 322 */
-    { { 0xc11c1de6640b3b9aL,0x3075eec8641ac7c4L,0xa2484dec7b144ab5L,
-        0x4ac49f44e53e597fL,0xaabefa613e6c80d7L,0x2d964c50b363a587L,
-        0xcb58a0f06d2d92f3L,0x2015b478e899fe65L,0x000000000000005dL },
-      { 0x7c51a1a88df037fbL,0x86b9973bd5582434L,0x946f58e266867f0cL,
-        0xbe9451d97ed59b38L,0xfecd089d4c5df184L,0x3f14866afe5f8eeeL,
-        0xae2f927fc486af2aL,0x684917776c511735L,0x000000000000004fL } },
-    /* 58 << 322 */
-    { { 0xd8bfc4c4210815c5L,0x13012a4f8aeec2dfL,0x2fa0e6847ae5255eL,
-        0x1088cf4336a2fa9bL,0x94cd1efe36ab082dL,0x128c234009a7804bL,
-        0x159360ff1bb24487L,0x0a458b52ae3eab0aL,0x000000000000001cL },
-      { 0xc4775d3d9576ecc4L,0x13a0078c5c9c25a5L,0x92ef8e4e4062c8e8L,
-        0xf196769660375b3eL,0xd072937ba24b431cL,0xe5e3bf64d0420605L,
-        0x68712d5bb23660a3L,0xe89fff9ae6358c41L,0x000000000000016eL } },
-    /* 59 << 322 */
-    { { 0xff0da5c42a22890cL,0xc044cdfc46bff2d8L,0x2fca586d876f2f60L,
-        0xf06e8c8c14dd39adL,0x042dff7320789797L,0xed6a327aeb5cf944L,
-        0x844d7c94375fa477L,0x710ee88704b7b91cL,0x00000000000001f4L },
-      { 0xb8c9507ae8e1a9f5L,0xc273343f9575c160L,0xe3da5ae5991fee34L,
-        0x712ed5679ba2b295L,0x9301bef49b3f465fL,0x8ed51c6c25950377L,
-        0x5f46a90cad56c370L,0xb7694541fed996efL,0x0000000000000014L } },
-    /* 60 << 322 */
-    { { 0x5f4ba23b78e658c5L,0xa9463d66dd8f6428L,0x2b6792e9fb241842L,
-        0x10dfa360934aa1f1L,0x7769322ab7bf8a36L,0x223c1474f127aa05L,
-        0xebee2760d048d6c5L,0xf495b445e7b13526L,0x0000000000000032L },
-      { 0x7baa637e8bb79c71L,0x349709051681a7b2L,0x12359173edd0293aL,
-        0xbd9deb854e888c4cL,0x43f03f70563c6c2bL,0x42d131b2f20fe520L,
-        0xb080e82cdcf32d61L,0x7aca6b8c0817ea86L,0x00000000000001f4L } },
-    /* 61 << 322 */
-    { { 0x430d75a3c507c83dL,0x4406dddeeebe1adbL,0xdfe966eb94d0023eL,
-        0x7a403a862a422704L,0xc7f74e48d3fbbc05L,0x47ef018fe07bdeb7L,
-        0xb69187f8e5ee7ca7L,0x9340009d4fda175eL,0x000000000000001bL },
-      { 0x6eb88ceabc7b237bL,0x862c7ae95249e73eL,0xb517b7e79cf910d6L,
-        0x2b780471297fe7b4L,0x99738346acbbc73bL,0xc0a18e55e317c474L,
-        0x3fdba5cfe254a076L,0x02f6984cd7a4c08eL,0x0000000000000174L } },
-    /* 62 << 322 */
-    { { 0x70310eb86def0125L,0xdc681d69eddbda48L,0xcb29aa5c303d3057L,
-        0x93a7cbfff83bc576L,0xff9e461be48ded6cL,0xf0ba47061d15d104L,
-        0x2700a174bb028212L,0x85b2f2b815ed0881L,0x00000000000001a3L },
-      { 0xf48c263c758e2de5L,0x5fc91b78a810b626L,0xcc57c5471ef04f52L,
-        0xa3bc05d6db2ff614L,0x5918d61139c567b3L,0x8af3817bbf54d907L,
-        0x0f65e1a44cd3470bL,0x26d7c80b9d7f6cebL,0x0000000000000122L } },
-    /* 63 << 322 */
-    { { 0x6854aa7ee687f6e1L,0x74212a251b7b35eeL,0xadef57c11b3f79a5L,
-        0x1a748b8e45511b30L,0x5725c9e78c892a6aL,0x94cc52b54d12a323L,
-        0x633cda13a8b2824bL,0xdd069d05b24a8579L,0x00000000000000c6L },
-      { 0x563f4058af114a39L,0x820ab6c934462a35L,0x4340b6d903cc02e3L,
-        0xe8104176d06f02c1L,0x0b6583783c825b98L,0x07d0c3f46311ea4dL,
-        0x34b6a707673e0f0fL,0xcc3e2922dea3d23fL,0x0000000000000086L } },
-    /* 64 << 322 */
-    { { 0x4d1ba365c000e4f4L,0xcf34a1a87b2caa8fL,0x0e4a58d5783e3c39L,
-        0x1ad4b5ce2c1fcbd9L,0x6b30bfb9e8b9556cL,0x304ad2366301b3a4L,
-        0xdacf31b8c8d571f1L,0x25b7a0fdec93e088L,0x000000000000012eL },
-      { 0x2863bcbf3b6cc6ddL,0x70760671e9430f99L,0x46cce87b7586cddeL,
-        0xc1f58398161a045fL,0xa84ca0cf291636aeL,0x11242d2726892bd1L,
-        0xb1d85da78c971e9fL,0xc66e0e1d61aa5039L,0x00000000000001b1L } },
-    /* 0 << 329 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 329 */
-    { { 0xbd52d5127c1a3915L,0x88b64d2e59d9dc08L,0x142d5364a1da166eL,
-        0x138ed011c8ef7e38L,0x90e189904d6d06eaL,0xb0081001147f3f6eL,
-        0xa8e9f89711a1ee9aL,0xe7607f70e28c7a31L,0x0000000000000011L },
-      { 0xa73dc4e4db957a5fL,0xb3c023c02fa7966dL,0x590ca0877aefc5b1L,
-        0x63427f912ca0d266L,0x7bc0f1ef4eeb8864L,0xef9125d279239e3cL,
-        0x12e924a1a90c09c1L,0x0fec85e3b3663a4eL,0x0000000000000085L } },
-    /* 2 << 329 */
-    { { 0x6c6119f6a1c88f3cL,0x924e5fec2ec6944aL,0x4c8aac605742ff2aL,
-        0x60adde1eddb22c7cL,0x9728938cfa5d25bbL,0xfa5ac4f7ec117de0L,
-        0x41f35ab7482929c1L,0xd1c4e8f90afd95f5L,0x0000000000000180L },
-      { 0x2fc4e73da7cd8358L,0x39361a57f2a1c920L,0xf6f2f130ad94d288L,
-        0xe37e24662b6a78e2L,0x0babff8b79c262cdL,0x6cae01ef61b597b9L,
-        0x9c1e33f0a60d4e64L,0x52a42280dd01f845L,0x000000000000000eL } },
-    /* 3 << 329 */
-    { { 0x9f19b3e18c730727L,0xa2231248d5e33b72L,0x0505b3dd5bde07e8L,
-        0xaa30e5ace8a2fc4fL,0xb2d24a392f964eabL,0x2d9d22a460ca41f1L,
-        0xc7183625e0e8dd2dL,0x87f3ab032653d84cL,0x00000000000000d8L },
-      { 0x52e505e3c7fb02d2L,0xed5fcc2c7154e8b7L,0xc0df346f8e8397adL,
-        0x1c9abde6f542ce97L,0x158cd908e2a2205eL,0xfbf550dfe60b9a18L,
-        0x66a4aa43bd817d90L,0xeca35b6cc60dc534L,0x00000000000001beL } },
-    /* 4 << 329 */
-    { { 0x09bc56744c81da95L,0x9756c443f23b526dL,0xac041332abbece84L,
-        0xd933aaa327696aa1L,0xfe78e91d3e4e9032L,0xe491ec63cd67fcfcL,
-        0xb73746e7e8fe9c4aL,0xd2ca6f6a199f1eadL,0x0000000000000191L },
-      { 0x86a7466aad125891L,0x4817dd6e42499ff4L,0xf5478e3b7c6a0addL,
-        0xb92d8e5d2a394366L,0x5c5238e3bcdf955bL,0xfa855ff10489d6b1L,
-        0xbb15d2fd134f7f2dL,0xd5faf13744bd6838L,0x00000000000000f0L } },
-    /* 5 << 329 */
-    { { 0x0fc11e4c84b0f4eaL,0x435c27d47d244a14L,0x3996925dc6eb93caL,
-        0x0b699c9f09f7e1e4L,0x92d5807e1eb96a28L,0x772a095b9c14e99aL,
-        0xda362fd51bc8f956L,0x157e3c0b9d4800b7L,0x00000000000000a8L },
-      { 0x5efb3b8f90d9ec28L,0x8cc8c25ffa2e2948L,0x1ee212252668d00fL,
-        0x37102fb19651d783L,0x341ab0e5a50af73bL,0x868464e967e0b7b5L,
-        0xe264f59d5ba120e4L,0x661650aae80385c3L,0x0000000000000158L } },
-    /* 6 << 329 */
-    { { 0xfab2f74c3ef1eeb1L,0x71af5a9992007e36L,0x384d6a18a0273729L,
-        0x03df77a9ab5eaf13L,0xbe0136fa0e0bdcb0L,0x5f4be468bebaa588L,
-        0x2ebfcfb42840138aL,0xf8e098f02594311aL,0x0000000000000053L },
-      { 0x84055186c73f0476L,0x92dcdd0e729b0b1dL,0x7c523b4806be9764L,
-        0x95357b956a57baf6L,0x4b556882860ce9b4L,0xdc08b8f831882647L,
-        0x11c9b3c738c3deafL,0x50b6fea8e68f20c0L,0x0000000000000164L } },
-    /* 7 << 329 */
-    { { 0x76b2671fa4c28ca5L,0x91a0d41bd0f62e23L,0x3db3924db448f296L,
-        0x0925dc3fa60a9738L,0xa37774b00371c080L,0xfd182ac7b5167fe8L,
-        0xce4795b714eb4895L,0x7c993d229887590dL,0x00000000000000b6L },
-      { 0x6090f452a0feb93aL,0x032de9c217e4f78fL,0x29ffff34a237d15cL,
-        0x81205285efad6015L,0xcf90cf14ab143ecfL,0x56d1caab0dbd215bL,
-        0x2648af04284b4611L,0x6df91b71bc20a51cL,0x000000000000013aL } },
-    /* 8 << 329 */
-    { { 0xbf0b5ea3d34b138fL,0xc49513813ac7cad4L,0x82ca5536cab6a319L,
-        0xff56913688bb4ea8L,0xcee2512a4761d3e9L,0x4695e52155ef9647L,
-        0xbb83316b9378f132L,0x1d447f048d43bb4cL,0x000000000000002bL },
-      { 0x777ab201ce5889f5L,0x635d968f4c6f0545L,0xbb48a0cf872777eaL,
-        0x33f4de62c616138fL,0x93e74192bc8d65ceL,0x532ca9bd5ebae1f0L,
-        0xd783e104fbaba8d0L,0xb32af569bdf2d850L,0x00000000000001baL } },
-    /* 9 << 329 */
-    { { 0xa0bb7fffad4e0ec6L,0x6621d487b0fd2273L,0x7dac286992bb025eL,
-        0x2daea181e142e35dL,0x6d2ad2a7b5585b04L,0x7c156b91c67b8de3L,
-        0x018e5ad7f9a8259aL,0xa2fbf18af52813cfL,0x0000000000000176L },
-      { 0xf5f511266c344a4bL,0xc8ca1d94c7d3e7f0L,0xdb27ea15da64dad1L,
-        0x248a9d6eb2dd60c7L,0xc27b6461b6e10f17L,0xf64f36ecd01fa2bcL,
-        0xd395dad1052a4c0eL,0x2ed72e101ac0c910L,0x00000000000001b8L } },
-    /* 10 << 329 */
-    { { 0x218712c5d244dd3dL,0xed19fc5f3849ea68L,0xe4bef41212cdd2e3L,
-        0x4189ad768e675f49L,0x818140c606411e8bL,0xb13cdb88bd3e301bL,
-        0x8696b6b929e10534L,0xf325c324cdba3b73L,0x00000000000000b9L },
-      { 0xd41cdb59966ebb3fL,0xb82e5cba766a762bL,0x4cb02db9628fab85L,
-        0x1092daf6bd4d732cL,0xf307aad8333ec4e3L,0x956be117c56ddc0cL,
-        0x2e03ef708674b500L,0x9a540a11d836fff7L,0x000000000000010cL } },
-    /* 11 << 329 */
-    { { 0x5fe1030137825aa3L,0xa74e7065f13007ceL,0x7d3ebd9df6e9c94eL,
-        0xcba3ac5535e6d681L,0x602758b91c29d435L,0x6199e8ffebf0335eL,
-        0x338348e5e2747f04L,0xf3585a73bf365565L,0x00000000000000c3L },
-      { 0xb3c68f52e99b1b1fL,0x4f91a78bc8085753L,0xc7e549a78c010053L,
-        0x17912acc9790e0b7L,0xabbeaab400cedc5dL,0xe885041467136ca1L,
-        0x166b73459b51dc45L,0xc12d21e36d037065L,0x0000000000000102L } },
-    /* 12 << 329 */
-    { { 0x88367eebb1714fe6L,0x7e62026793ba98daL,0xc32ba6878352de93L,
-        0xf542af8c979410b0L,0x929bae6b0e5b7cf2L,0x1201a42abe4afff0L,
-        0x8dd7508567016e6eL,0x6cba441bc820de5dL,0x000000000000011bL },
-      { 0xeda68f37476e21aaL,0x16fcf4f2e71dfdbeL,0xc43966b272a6702dL,
-        0x2732f8f0d6af1eb7L,0x2bbd7368572832d9L,0x83807036b54abbb5L,
-        0x1f34a2c505aa9032L,0x0840702abc5297b9L,0x0000000000000130L } },
-    /* 13 << 329 */
-    { { 0x9989f80307ef564fL,0xb8b2ad57d8354633L,0x6f40c68a0ec997bbL,
-        0x1c7963bcff213ab9L,0xa9548ec25a844439L,0xe55816bc980a798bL,
-        0x724de727d2674309L,0x5a50a29195e2a8a4L,0x0000000000000119L },
-      { 0xf46573aa104d6a06L,0xff5f3f99d9d12718L,0x9d527c1889d06ed8L,
-        0xdfeb3fef6ba0946bL,0xa156e73dd8fcc522L,0xcf5fb969177f3823L,
-        0x98210af8c27cc78fL,0x452ce06048c56dd6L,0x0000000000000116L } },
-    /* 14 << 329 */
-    { { 0xce7489926632ad8aL,0x334efd2bdee28c6eL,0x5486cc6ba645df0dL,
-        0x5f02c1614bf66fcbL,0xcf2ca9b5e228e838L,0xeb7b3e95c58148d8L,
-        0x25f22a19a344184bL,0x8f522dbb73976e50L,0x000000000000013eL },
-      { 0xd758bbbbe87ee0d7L,0x6d7c077ae946a6cdL,0xd9732f17c80954b0L,
-        0xae1d674e56d292c0L,0xa1fba7cdebea75caL,0x533d65b08398242aL,
-        0x22fc479e22740f06L,0x5c13ab6063ca9aecL,0x000000000000008dL } },
-    /* 15 << 329 */
-    { { 0x9941d21ab49db659L,0x5284918d18fab9deL,0xa325293ef612f99cL,
-        0x2062c4dd8ebff205L,0x7b4b97775321cff8L,0x10d0c4726905b8d1L,
-        0x1645eefea2c71febL,0x7fad527a27ec5eb4L,0x00000000000000d7L },
-      { 0x36795144f93f74a9L,0xca5177b36115fcf9L,0xc49b404e5df5ccc6L,
-        0x940ca8bc2bda601cL,0x60d8607073ae2f2eL,0x410c1e9c3f1321a1L,
-        0x3181ce2c713e1037L,0x1d252106ec2ba1cfL,0x00000000000001a3L } },
-    /* 16 << 329 */
-    { { 0xd552c9d248351408L,0xa6d83a480ef56558L,0xad5e955a313b47c2L,
-        0xdf3caff7f6dc03beL,0x3d62ff1951cc488dL,0xdb49f397966a34f9L,
-        0xe10e72130bf6a9e7L,0x560e329abc5852d2L,0x000000000000004bL },
-      { 0xfdad029af3017c8cL,0x6ca51acbb78d4d1aL,0xf984fa8679d7d7d3L,
-        0x75d9044b911a4d3bL,0xc5b20c87ef955e4eL,0x413d6838f064fd0cL,
-        0x37a5ec08ec7fb5c9L,0x634cb97f74561d5bL,0x000000000000015bL } },
-    /* 17 << 329 */
-    { { 0xad1efc90854c308aL,0xff83fb8276d035cdL,0xd1959a8384fefc47L,
-        0x62c1d0574906d383L,0x8634b4ac4f968d2bL,0x03ff550c1a5571d2L,
-        0x76f35ffb3a99965eL,0xafa6323331f48bcaL,0x0000000000000100L },
-      { 0xb5c0272bad54971fL,0x4cb20e716cd136bdL,0x6245003b6f9aae9dL,
-        0x0be08260dd76ce6dL,0xe45b5015d2a01ad8L,0xa079ad1be686ab99L,
-        0x6ab15c9d69f8ac52L,0xa52bdbd741f5309eL,0x0000000000000161L } },
-    /* 18 << 329 */
-    { { 0x0b617b8a00484cadL,0xd966cd8eedfb5312L,0x78daeed22e0556bfL,
-        0x3770c07d5f740718L,0x0ca5bf4b4716ccf7L,0x0ed0493a9b99f851L,
-        0x9fd997f26f7a9b17L,0xa0bd37177c8b6fdbL,0x00000000000000f4L },
-      { 0x708283ffb63b3e84L,0x41f2f8872ab27c88L,0x2af970973e877cd1L,
-        0x9ded7532521ef940L,0x939a47de0eeff999L,0x630c45887ae38086L,
-        0x34268747773f602eL,0x9a91920734993ab5L,0x000000000000008fL } },
-    /* 19 << 329 */
-    { { 0x707b18b6c3928c9eL,0x465e5a820aa48af4L,0x2c18c4e7e68a74beL,
-        0x9b9037c2ac6930e1L,0xa1560f34b3416163L,0x511406a69285d6dfL,
-        0xf68235cb6e106799L,0xbd3d844a088a6ad6L,0x00000000000001e5L },
-      { 0xc4f78bfd85e2f692L,0xc83f003671075cbbL,0x8a75bafa208b6885L,
-        0x8b4097d0654cf76eL,0xf567fd4ff884572aL,0xf5dfb3b1ada26881L,
-        0x4f423f8bd71ea04eL,0xb148a467cfdbf809L,0x0000000000000147L } },
-    /* 20 << 329 */
-    { { 0x98d7ec4574b83fb2L,0xda049f4667938ccbL,0x6abf18a43e04316eL,
-        0x200bc564efa482a2L,0x5858ac6c029cfe0cL,0x2d81cea5a5bdc064L,
-        0xe7ab7be81636eb12L,0x6e7bd59fd1ea4c1cL,0x00000000000000b7L },
-      { 0xaee1246920b44e57L,0xeb14e358836b5462L,0x9b4f621d2b22fdecL,
-        0xa6b8be6be8b1a5d9L,0xc43a3ec35e3da0a5L,0xd89e2333d43f2c85L,
-        0xe534c8393fe85436L,0xc8f70bb54d6862b4L,0x0000000000000106L } },
-    /* 21 << 329 */
-    { { 0xe3f343d136aab671L,0x872612411057e237L,0xc649dacfd4686627L,
-        0xac5c2e85d6976ca9L,0xa778bdd13322b77bL,0xab619e1c856b0eb6L,
-        0x0b5fe3ad8a9941ebL,0x2f9b420a9c019561L,0x000000000000014bL },
-      { 0x185fefbbeb33f10cL,0x1cf9640cc41725d5L,0x55b9968c85d74435L,
-        0xede863e0504b63a5L,0xf59711270e07a7e9L,0x50d97b0da57bae09L,
-        0x6dbd2b8ab0f76892L,0xf52601b7f929729aL,0x0000000000000179L } },
-    /* 22 << 329 */
-    { { 0x9f97c2576700b350L,0xd002835d78f746faL,0xcf3ecd578da75e7bL,
-        0x8768abd95e23f219L,0x3f9e66466cf8ff2eL,0x3064948b1f360d9fL,
-        0x92bfce3bb129b55eL,0x4de97c12253a1789L,0x0000000000000180L },
-      { 0xa94b1dff29e5efcbL,0xb9c77f91f225c1b6L,0xeaf061bff40e20caL,
-        0xc7f20a1e5a880560L,0x1a49752babd0d172L,0xb2397b9b7704d613L,
-        0x1bf06d60563fd774L,0xb6bf63b045039cd5L,0x00000000000000d3L } },
-    /* 23 << 329 */
-    { { 0x7ea8ee24b4cc0562L,0xb5885f8fe2af04aaL,0xaa012337275d5351L,
-        0x76e54bb937e29944L,0x7f9b8f182ea56782L,0x4b3d999e28d442b8L,
-        0xf8b0e3804718f1e2L,0xf137fa8334e560c9L,0x000000000000002aL },
-      { 0x7fd295c0dadf8134L,0x4677e5ebe41515edL,0x5f4a4ea2b67de812L,
-        0x083b497c8e609e41L,0xb70b8f2669132911L,0x62c6e87f984b49d3L,
-        0x2549a999e54f6ee3L,0x16bff3e87206acfdL,0x00000000000000f4L } },
-    /* 24 << 329 */
-    { { 0x9fa30f39e43b6c21L,0x4d3822aab9fc57bbL,0x0230adcf69a8a55eL,
-        0xdc8ab2796f87f988L,0x2d642a82b2af81fcL,0xb9e63a7730765913L,
-        0x5787400625f2a77cL,0x0aa30a6f5bfee0f1L,0x000000000000003dL },
-      { 0x796f6508fce49daaL,0xb586299fbf907285L,0x21ccfc555838145bL,
-        0x20a0f8c0e6d43b4dL,0x17170a2be5e80fc6L,0xbb8f840688fba946L,
-        0x5c226b0e411fcbe7L,0x35ace6e02ae8e090L,0x00000000000000b0L } },
-    /* 25 << 329 */
-    { { 0xb547200a9bb37cabL,0x0f91bad87af4fc99L,0xb714d3e6695a4975L,
-        0x6f563effb9242c77L,0x6ee4ef17510f7214L,0x7119fbcc1b9f9343L,
-        0x0fd99faf8ce55139L,0xa9595dd66c1d1f5cL,0x0000000000000149L },
-      { 0x78fa8f186fb6dccfL,0xc9458c1fa23f4d29L,0x3c91cd7025d83072L,
-        0x05d221aa5d471830L,0x2c8874b90e7270b7L,0x88b5608741995b6bL,
-        0xbfa1e6af9c1280d5L,0x47e5b560d7d76623L,0x00000000000001c0L } },
-    /* 26 << 329 */
-    { { 0x35456330801af096L,0x8f66380bcdef18ceL,0xfd31fa5e4d12da33L,
-        0x931659924b9ed4a6L,0xc5112dc875c17662L,0x326d6659939112b6L,
-        0xab1acfab4f3be3f0L,0xac364fbb2e4d4d54L,0x00000000000001a5L },
-      { 0x45c40db020574528L,0x6a6667eaf0339597L,0x6e4543629c83c9c3L,
-        0xb385d150e06d9313L,0x3e135b18bcb29487L,0x5f5c63f833110b15L,
-        0x5b0e0ba2c9488f2dL,0x9bc7194609682bedL,0x00000000000001f8L } },
-    /* 27 << 329 */
-    { { 0x3472744006e20becL,0x7fac38c38c7ef888L,0x54d2cd7ecae2f3e3L,
-        0x8d4cf97a5064f2a7L,0x3db5cda7e928fb60L,0xa7a160cf6269afa4L,
-        0xd3612410e4aee8e2L,0x1a72c3961a2ec9d6L,0x000000000000000aL },
-      { 0x95a203bdbd1ee880L,0x22c099e645b639cbL,0x67dd291643ae9aadL,
-        0xdad086a4aa05dfd7L,0x8b832fd8c468741dL,0xd3b83b4b3b45c4c2L,
-        0x99c4a32791dd0c79L,0xee55689e99f169b2L,0x00000000000000fdL } },
-    /* 28 << 329 */
-    { { 0x15b283fd125d84a3L,0x56aeb34bc1890bbcL,0xd3b9d608a09c584aL,
-        0x0c2cb39dd4cb3bc0L,0x46db0f67fc3cc700L,0xf5cc2708db50f7dcL,
-        0x5795e7521f0867f2L,0x7cc9145f0427b3cfL,0x0000000000000178L },
-      { 0x2fe532cb31e66ab0L,0x2ac67713eee69b01L,0x38f6d515d77ed9feL,
-        0xf275c56a2118c560L,0x21a9c7f00fdc638fL,0xc50b3c693254e3f3L,
-        0x8fbbc2505f950b32L,0xf7122780014ae500L,0x00000000000000e9L } },
-    /* 29 << 329 */
-    { { 0xdd3ec700226f04ecL,0x0df90c19482e80e7L,0x68dc1e01c63dd9a2L,
-        0xa4f28e23a15fe774L,0x565f36a73ca7a790L,0xafb1eabf67ad7df7L,
-        0xd0cf7ff0d1c1da4dL,0xaeff6da8edc5e910L,0x000000000000005cL },
-      { 0x3c053168041b88a4L,0x988833f5df29cc86L,0xeed26f752ed77d58L,
-        0xf7f4788983991f9bL,0xa1271ee5e35e68a2L,0x312e0d918f01ec3cL,
-        0x839f1a84dea08bfeL,0x387d533914668886L,0x000000000000002fL } },
-    /* 30 << 329 */
-    { { 0x3e48d19e46fa0eb2L,0x3c52023de9765fc6L,0xee7c3a58ac5628c8L,
-        0xcdc6dc5fe06e780cL,0xda092f8a33c55394L,0x3f53c57f6eb9b6e2L,
-        0xa2f3321bbbf66534L,0xf14d50d72a650a3cL,0x0000000000000116L },
-      { 0x6e9f43d0f6b86d3bL,0xd845899a16fcfb74L,0x9ab03ba416f965f3L,
-        0xbb61b4a2cc21c1baL,0x13f64e24d547c4e9L,0x484e226bb2b9ce9cL,
-        0xddbc2681a05d3c18L,0x3c16171abbf49b24L,0x00000000000000aaL } },
-    /* 31 << 329 */
-    { { 0xee38edb2dd1bbe51L,0x80e6050243f2c49bL,0x74c3e9d891622e00L,
-        0x5a8bd3cd4047f50bL,0x4dd146c4f8cdd703L,0x91e38765ec128a35L,
-        0xaf641c18735f735cL,0xef96fbd12fcab7adL,0x000000000000000eL },
-      { 0xc3cbc6ca45287b7eL,0x55aec8fea1ac0f00L,0x630fa637af6e4abeL,
-        0xd83b22d2587d5779L,0x84fa662a50afa01dL,0xbd8dd789b19f62afL,
-        0x490ccda6f64aefedL,0x5008037e4af86aa0L,0x0000000000000164L } },
-    /* 32 << 329 */
-    { { 0x446b17b0e695916fL,0xb3b0dcebf9bd8da6L,0x6c76c3ce5ff86aadL,
-        0x0785d5a20cde74d8L,0x2ce9fae12bb7ae7aL,0x87cd05685f32e59aL,
-        0x8e229326e1598559L,0xa0bad54e34edfb01L,0x000000000000015dL },
-      { 0xa54529c20e1290b4L,0xe7c719cab795dba1L,0x68cac3a5109b4740L,
-        0xb032bd2ba68e8e4aL,0xce03d9321658337dL,0xb39d102ecc95d9dfL,
-        0x79838d96be248c98L,0x02562708d7df0b44L,0x0000000000000127L } },
-    /* 33 << 329 */
-    { { 0x65202498cc143cf4L,0x09f80cd704445898L,0x54fe51bec4f61a5eL,
-        0x29013981597d0979L,0x13b63add19e0ee5eL,0x1ea5e689341200cdL,
-        0x1bea4d3663d7514eL,0xe7d322f47b46f902L,0x00000000000000a6L },
-      { 0x349b1972cc60de8eL,0xed79aafaa2075005L,0x88f0a5b6004f0314L,
-        0x8c0738bc46dee06eL,0x870acd790b63003aL,0x64a1205ca367811cL,
-        0x8aa20bebd4a99dfeL,0x5f8eba3fc39ef513L,0x000000000000013bL } },
-    /* 34 << 329 */
-    { { 0x4cb51584855891a5L,0xfcd86f0188f33a98L,0x9ca889eb8e39e929L,
-        0xc0a5ca46bdff8628L,0xba14fbf09e965cefL,0xce2474e21b5cb8ceL,
-        0xde7d528bfa459a1bL,0xd741fd3992785092L,0x00000000000000dcL },
-      { 0xeb956f25ddbc488bL,0x29bacdcb6682a201L,0x03cbba50fb38ad85L,
-        0x0687794318ad03f3L,0xccb0a078e746ec1aL,0x4518bbf1c6d1f10eL,
-        0xf769f2dc1f59b213L,0x3b8b1035e24118c0L,0x0000000000000123L } },
-    /* 35 << 329 */
-    { { 0xa52e2eb373c6ed28L,0x3cbcd662c077dde7L,0x0a2b9b2967eeb3d8L,
-        0xcd61f644d697239bL,0xa934b899cd0e9bdbL,0xaf89b6ed95b01dfcL,
-        0x7cf64dadc1fd5fc8L,0xf9ed347799099fe9L,0x000000000000006bL },
-      { 0x473364deca19dae8L,0xb33f7926c2de1948L,0x9f77368bc9fef6ffL,
-        0xe9d364e3aa467f92L,0x825ebc2192bb93b6L,0xb348b9bec4932331L,
-        0xd66d94ed152467b3L,0xb6970ac7bb4591fdL,0x0000000000000028L } },
-    /* 36 << 329 */
-    { { 0x18584526dd5eaf27L,0x316d5c3591e8b4c8L,0xf0515b605b8d3ddbL,
-        0x5b64260a45525bccL,0x4f05352788d9435eL,0xa92426af7aa1b06eL,
-        0xac351063a5dc466eL,0x5b9ea7dd575a1f35L,0x0000000000000187L },
-      { 0xaca204a297772298L,0xdcd6314ff757e252L,0x2f9c3b40aa5ea9b6L,
-        0x1cc338f109311e8fL,0x441c170303512e14L,0xd1da2ca59c64f91eL,
-        0x9730d382c7ddc586L,0x84cea67d55dc73e9L,0x00000000000001e5L } },
-    /* 37 << 329 */
-    { { 0xbbc4e624ee3271b5L,0x6b5e21b6fe977a0dL,0xa3265ba66d0452d6L,
-        0x1ec78dd87baf2b08L,0x2c05e3122eebc034L,0xaa1b947bea4f5ad2L,
-        0x94f4933a06ebc241L,0xed58b946d50bb167L,0x000000000000014dL },
-      { 0xaec8d2b31be81ae8L,0xd86c6d69b3d0e22eL,0xa1ac5934c12c7d6dL,
-        0xcab83b6a54faf69aL,0xdde77363c47d62b7L,0x71f0a7769d919c14L,
-        0x5606c72bfbf2ab5cL,0x453a2d5d9db0d55dL,0x000000000000006dL } },
-    /* 38 << 329 */
-    { { 0x998d5368a9b51f22L,0x1f15d19ff477ab5bL,0x37442775d68c28bdL,
-        0xd64687ec2c0cd5c3L,0x90e88caf0f326169L,0x35fe08e939109538L,
-        0x32f70606af2c556bL,0xc6fc69bd96a5aa0aL,0x0000000000000095L },
-      { 0xff2f1fcae1d825bfL,0xabd7283905cc4840L,0x5e6ea842c3ceac94L,
-        0xa37eb05d7bf5800bL,0xc7e8cd9218feb383L,0x2cb64fd5a0e35725L,
-        0x14c7de98f5b53b67L,0x8c6f364a3280ab21L,0x000000000000004dL } },
-    /* 39 << 329 */
-    { { 0x052a61531ef9be5dL,0x2ce3b605a27b942cL,0x2d1982cec7a50a00L,
-        0xd2ab12fc3938c01eL,0x1aba919ad4e38b6aL,0x6464772967f6c405L,
-        0xcacf20a9efd8f7f1L,0xa8d90b0f84d73009L,0x0000000000000170L },
-      { 0x20b77432d6e9b843L,0x47d93d17d9df2d13L,0x15ac011057912081L,
-        0xa24fc7094dbc99b8L,0xe2f6ba470ed28e94L,0x6a9d4bb1e81889f8L,
-        0x48035db36831c638L,0xbc7f16c9b7b511f6L,0x00000000000001a7L } },
-    /* 40 << 329 */
-    { { 0xa39d4ac8162dd91dL,0x5704769322e67a01L,0xdfe57f997c446028L,
-        0x0f49df77d131a2c8L,0xc8f26682f7f779bdL,0x1696655818e884f1L,
-        0xc5d9d516f390907bL,0x23356e77617f5f5cL,0x00000000000001edL },
-      { 0x5e6830b9679deabaL,0x18bcc37f9fd1a70eL,0xfa84e86272225892L,
-        0x2e6cd938c610763cL,0xc179376a671378eaL,0xe3b844b5f502ea1fL,
-        0x74a390b75fb4dc36L,0x51f019400ed8d535L,0x000000000000018fL } },
-    /* 41 << 329 */
-    { { 0x829f07763b84874aL,0x43871c3c629f0068L,0x67ea591aabb86558L,
-        0xcd9d158842e26ff5L,0xe790b7b4b87fc2b3L,0x8fe0b1aded7d3f58L,
-        0xbd60a61ed9c77f0fL,0xfdc080c3779dd449L,0x000000000000013aL },
-      { 0x2a1419e0e10dd216L,0xc53633aedf69bf09L,0x8750156c554560f6L,
-        0x45d18d5211057cd2L,0x668e9f5d6bc3b095L,0x23c0ca2bbef1182bL,
-        0x66b5954e307147d4L,0xb55897fa6582e607L,0x000000000000001dL } },
-    /* 42 << 329 */
-    { { 0xc560dffe49b36a45L,0x93e588366b8574d5L,0x8181236440ae3131L,
-        0x0b7a1cc90adbbe10L,0xf0300653f9d147a1L,0x74bd55b4db6ee70fL,
-        0x04f147f86856ffd7L,0x62a12dea5e8fea8dL,0x00000000000001fdL },
-      { 0xe387062af295523bL,0x3c88bb54562c7c5dL,0xc1c6d25554ab4cb0L,
-        0xa2aa7dc600ede737L,0xf102965348769099L,0xe7fb6655931dbf6eL,
-        0x9b7f1bca63b027c2L,0x1a04490be25853c3L,0x0000000000000061L } },
-    /* 43 << 329 */
-    { { 0x2cad6e8e7d7a3311L,0x192637a101d2ce9dL,0x54408f763b09d1e0L,
-        0x056fbb0e6c9f1c9fL,0x5d86dd60e8a73041L,0x3cef3dc1649edc73L,
-        0x2a5855721c3a9234L,0x6fc27608d555c011L,0x00000000000001f1L },
-      { 0x084bbef69c34f177L,0x3e28813737096f4dL,0x4d163b57a397ab9eL,
-        0x2b50f5310e1e07c7L,0x8440e162a93ad09dL,0xe8e444632593df14L,
-        0x197660292b20316fL,0x90ef0d967f635186L,0x0000000000000190L } },
-    /* 44 << 329 */
-    { { 0x30ac47e8f7a5ad23L,0x9c7749b063788eb8L,0x74b0ccb37ba11421L,
-        0x95738a0b1c6a3f64L,0x0aae5fbe05110374L,0x53cfe62bc0c6e8eeL,
-        0x0c56162d6af02414L,0x3257726d88eb33eeL,0x0000000000000148L },
-      { 0x3f56ab59dcbe894fL,0xdc75f5e0bd7699eaL,0xb8f7d880e6f78aa8L,
-        0xffbb24f65e5e8d85L,0x7833e090f2011756L,0xcf9af908a0349a95L,
-        0xd31658498856a70dL,0xfaf01d021845a0d6L,0x00000000000000e9L } },
-    /* 45 << 329 */
-    { { 0x8b9b44f29e4685aeL,0xef81af6a7b8cf6f7L,0x8adef463de2bcbddL,
-        0x1b69518ffcffa721L,0x561f0c5a405464acL,0xe28b2f168bfc6e45L,
-        0x9172848b090e79c0L,0xe3c6092f2826d317L,0x0000000000000129L },
-      { 0xd95f1d0b79a9a188L,0xceac08db1f69871cL,0x93a8b01280b65e91L,
-        0x48d3e503ce3e8c95L,0xed2ceabcdf74d29fL,0x71220652c2119809L,
-        0x4bb4bca76642cbb1L,0xd228abd74d461a6dL,0x0000000000000122L } },
-    /* 46 << 329 */
-    { { 0x13cbe9d39086d901L,0xd71e1a2890ec6eabL,0xb8ae9ebb66472a41L,
-        0x4e3a88fd205e2c55L,0xab212c986f72621fL,0xcea45a44e27bb1b9L,
-        0x9056afc557d42873L,0x9d2d273bcb3c220bL,0x0000000000000056L },
-      { 0xf13ce2c9170143e2L,0x1f44bb4286d61f29L,0x005bf7e894eddae6L,
-        0xc24a3c91c0d3e2fbL,0x553b308db50ea90cL,0x9e779eb0a6c0a0ebL,
-        0x8d8a0321d980d46fL,0xba0df44d582cf028L,0x000000000000015fL } },
-    /* 47 << 329 */
-    { { 0x44c65a3ddcd99092L,0x68e73d6682c4c760L,0x19c50c79b8ca4e79L,
-        0xbd60adfb0971debaL,0x0bfa8cc333ecbf46L,0xb178da302146a1a7L,
-        0x1e60002d50fe9c55L,0x6ec488ea055d5140L,0x000000000000018fL },
-      { 0x79affabd184acae0L,0x7fb90a1c9869ee93L,0x2f1f9a663466f356L,
-        0x02a8273d4ef8be31L,0x8ba3132741874651L,0xc56ff44fd2483813L,
-        0x5efdb725a6e5448dL,0xaded563f0992ce80L,0x00000000000001acL } },
-    /* 48 << 329 */
-    { { 0xc9a88248ca91f6f4L,0xa368fd8ac7d5acc8L,0x33d9fd5ccea11e10L,
-        0x0af2f470816de633L,0xe78e8101ac186f1fL,0x0d97de7d5e3c4857L,
-        0x9346af7407946bb1L,0x81c2bd5ec7044ea9L,0x0000000000000003L },
-      { 0x04c2eda3696d947bL,0xc3f988f301efa843L,0xe839587792f22674L,
-        0x376972a2c83396c7L,0xaa679a3144f2ad2fL,0x61a46ebc3112b6afL,
-        0xbda02ce0c6b3224fL,0xb42aaba7dd4c7b77L,0x0000000000000060L } },
-    /* 49 << 329 */
-    { { 0xfd99ddf3949f1e54L,0x9e37bc9a42c74bcdL,0x667e6412b528c0acL,
-        0x45b8bbdceb560efeL,0x2605f758266eae0aL,0xd45cba357019456fL,
-        0x1e7abac6b80ad6eaL,0xccb23c42ba18ec32L,0x000000000000004eL },
-      { 0x3e3b6948e4a456abL,0xe98cc81ccdfaf3a2L,0xc3a78e4acfc4cf5dL,
-        0xcf981aefe80c61daL,0x4423a07d0a0699bfL,0x80a93eef8c2fa65fL,
-        0xe7396c7f7cac8832L,0xd9866a7b731d27fcL,0x0000000000000042L } },
-    /* 50 << 329 */
-    { { 0x8d452f698f1ef9c7L,0x87eccf87baea3098L,0xfc3204e24903728eL,
-        0x35db9b5ea004f3b1L,0x6094bdc2ebb31480L,0xfae255eb95e7fa59L,
-        0x59012cfcf0cf198fL,0xc7622600b97968b3L,0x00000000000000beL },
-      { 0x477ee91af42b1d5cL,0xf8a49e41b38f6e92L,0xc194985a0f78930aL,
-        0x829ec9f4fa14de02L,0xfe13d75852882268L,0xda34194f3e1e5ad2L,
-        0x0eec2380dbbe0391L,0xa33de0d430cc7f21L,0x0000000000000040L } },
-    /* 51 << 329 */
-    { { 0xab573086122f0868L,0x76c0316c261b14f7L,0x83bf61c4050c5fd4L,
-        0x41ca4dabb9bab773L,0x8071890301138744L,0xe790898da00fb373L,
-        0x502ad727a7ee4925L,0x4f02eb663990928dL,0x0000000000000086L },
-      { 0x73860d4fb81fa334L,0xec04cbff2fa2a1eeL,0xda93b91043041addL,
-        0x2fbb81e1afc62072L,0x3534caef06e6fd7aL,0x38c3238d9bcc1697L,
-        0x4ef619b141f85807L,0x97e4cb5432d5853aL,0x0000000000000140L } },
-    /* 52 << 329 */
-    { { 0x78dba3df1b03222aL,0xf9a19f4df743b0a5L,0xd9025fc728786953L,
-        0x974c35dd0e75b160L,0xec2ad730190ab6e7L,0xb9c3d4efe7417b0dL,
-        0x0e19df5b715a93ceL,0xac4cd49c6cb2d8e0L,0x000000000000006fL },
-      { 0xff2080ed69898bd3L,0xc0e345b7e724b25dL,0x4632246b33da2d5bL,
-        0xa031381d832ae2aeL,0x38d4d94fa7bf9935L,0xd7ca7e55f30d34fdL,
-        0x5ddbe112c9320a7aL,0x69fa155ed90e6170L,0x00000000000001fcL } },
-    /* 53 << 329 */
-    { { 0xf3fcd3f329070358L,0x61bcf6a94766608dL,0xae11489bfdc834a4L,
-        0x153265f486fa8a4bL,0xb39af52a03431002L,0xeb126ae4c8551498L,
-        0xd606f364aed87f5cL,0x38f70cbcb9361319L,0x00000000000001e3L },
-      { 0x6b1582752f3d2eedL,0x1e8d787cc83309eeL,0x4e7802fda22933fcL,
-        0x98a126cb4e0120dcL,0x1701b21f14accf81L,0x94d92ff6e9dd2425L,
-        0xeb6c98e6deda42cbL,0xea752ae39a83bbf7L,0x0000000000000088L } },
-    /* 54 << 329 */
-    { { 0x74c7966431e64320L,0xa73a381035e3541dL,0x1ef1544db34c3f57L,
-        0xf71aa56d9a16c02bL,0x42d6f0ef06f35f04L,0x674e853d76201cd4L,
-        0x4d416adc0eaadc1eL,0xe5434f2af51ddd7aL,0x000000000000015bL },
-      { 0x6a5d1969438cbc53L,0xb97f4776646e4cc8L,0x79f5d3dc66273332L,
-        0x93fbdc3b3afa59e8L,0x0c142dfb9af35764L,0xa27741a2a47ac0b1L,
-        0xd3a0f40d48383b7eL,0x7d05a2c010bffaaeL,0x0000000000000087L } },
-    /* 55 << 329 */
-    { { 0x32bec69a22d06febL,0x20b57b7bd6ed9f30L,0x65ca9046547cb8e3L,
-        0x689788bd1f69889eL,0xa4cfd9a0d2378606L,0x94db81ec364645eaL,
-        0x554dc20ad90cf501L,0xfda49475b0075c45L,0x000000000000000aL },
-      { 0xec832a2b513eebf3L,0xa3810d026f4c8dcdL,0xd92de6469737c052L,
-        0x32f07ce28b7a8178L,0xdc9adea7f8e7ea6dL,0xb078a52bd7e3c857L,
-        0xf70c3ad51cdd8d09L,0xebe8bcc6aa541cccL,0x00000000000000b0L } },
-    /* 56 << 329 */
-    { { 0x8879637b3d70360cL,0x053c278f72f41087L,0xcc895e1ff07f009eL,
-        0x4c9b8c6468db6690L,0xb45473981b97dac5L,0x0399cac8af65ff38L,
-        0x295e09141fd0a6c0L,0xab605fcd871bdefaL,0x00000000000000d0L },
-      { 0x3f2d42975ad63582L,0x28fda2bbdc7d3a40L,0x7f14436765672d9eL,
-        0x9322ab082937e8c8L,0xf351279faf748929L,0x63a624f5149d6f5dL,
-        0x3351f4ff989f5325L,0x0456187bbc7dd8d9L,0x00000000000001b1L } },
-    /* 57 << 329 */
-    { { 0xfcbf34524112884dL,0x7112c9ea903f7279L,0xa82dea538dfd3bc4L,
-        0xad4f103abbd451a6L,0x49d6cb3f59f7f2f3L,0xffe87f02c526bf33L,
-        0xf2b85e4ed9e6c585L,0x7c5777c158b38628L,0x0000000000000120L },
-      { 0x250a9befb4b57ef8L,0x3b872628b7cb867aL,0x35b111a51a879fadL,
-        0xcfd5cab5f73c98b2L,0xe484a6f6312c4749L,0x84f719e11c8b573eL,
-        0x83edb875f8840f86L,0x915e1ef95d2dc42fL,0x0000000000000064L } },
-    /* 58 << 329 */
-    { { 0xa77f1d5f92bf4853L,0xcd9ce94099447d87L,0x4cd274fcba386d27L,
-        0x075c64605c0cdd46L,0xfe26dec8d7583ed0L,0x4c0a447759e4255cL,
-        0x247938de6aef2ed9L,0xd8dbd48a3d227000L,0x00000000000000f2L },
-      { 0xfb51bb52916ce89dL,0xb7997a98092acb0bL,0x94bbe9d8ac2e55d7L,
-        0x899feb11827bea20L,0x469b4834919b2a7bL,0xc994c41b1dab85a6L,
-        0x8479555ce43d5b1dL,0x6635657f3b0925c0L,0x00000000000001c8L } },
-    /* 59 << 329 */
-    { { 0x81a0c97ada91e249L,0x5e1e5d32838076e9L,0x389ca1e02c7cf349L,
-        0xde81e23cbb367fc5L,0x926f32b9e5e4a732L,0x061a6b8f92c1b204L,
-        0x6e5faf35ed97ed0fL,0x4e1d4d170caf4fd6L,0x00000000000001b7L },
-      { 0xc8dc770aa4583241L,0x12e4ecf1e1ef9744L,0x099f111cf7d6264dL,
-        0x2b2307382e6772a8L,0x65cf0a517f27f826L,0x8ba92657ed871105L,
-        0xe9d1d3f5887e4295L,0x5cbeaefe4562fb6dL,0x0000000000000190L } },
-    /* 60 << 329 */
-    { { 0xeb7316a61a0dfca9L,0x12d74d0102113c17L,0x518499bf8b72396bL,
-        0x8151dceddcf70010L,0xcea6bb1168208deaL,0xa1127162501ab541L,
-        0x3b35298f471895d1L,0x1e43d852103950f4L,0x000000000000009fL },
-      { 0xe259a9b2a01e30b4L,0x8af1dc7b7c0b94bbL,0xb1020ba1b8d2d163L,
-        0x91d4953f11932c5dL,0x393b1a0c79689ea9L,0x42222ff8a18ad561L,
-        0xad03a6dbdeccde82L,0xe2a11f661162399eL,0x00000000000000f9L } },
-    /* 61 << 329 */
-    { { 0x6bc7b50525db69deL,0x4482b033d8b4b0e3L,0x52fe701dcc9e8d21L,
-        0x050c4edfc61dbddeL,0x7c631930d20dc520L,0x123db30c2e5b2f60L,
-        0x2fd7e1ec35d20b9cL,0x8385cf8e2644151dL,0x00000000000001afL },
-      { 0xb885a30bcc451719L,0x21c65d8e47e67d5dL,0xe971a878fa2b6a6fL,
-        0xa60fa1b2838c9aeaL,0x4efefeb5e4efcd77L,0xee35b7474fc48efbL,
-        0xa95f3beaa06a6906L,0x371c74645e0e6ebbL,0x000000000000019fL } },
-    /* 62 << 329 */
-    { { 0x5c59edc157066b91L,0x08407d6cc76fa7ceL,0xb3f0b31abfb5115dL,
-        0x54a04e6483f65955L,0x8f95167b035d326eL,0xa0eebe160d24f491L,
-        0xb1a1caf05e5b0ffbL,0x802645e2d08382c2L,0x00000000000001d8L },
-      { 0xcc8f65eaca39e065L,0xea7e6b2a6df057d1L,0xa725e7f64dbc48a2L,
-        0x60f36a0fd5c8d0dfL,0xd2adbc8c8f0cc4ebL,0x5cf276c19f0c2849L,
-        0x77ade71c8cc56dffL,0x77f04f45d35bc65cL,0x0000000000000121L } },
-    /* 63 << 329 */
-    { { 0x927e172adf84476cL,0x850b77b9a02bc731L,0xb6ccc003cfd20fdeL,
-        0x43ff11ca335e3da6L,0xf5fcebf888b42166L,0x08508ffce90a7019L,
-        0xaa50439e5c4b02b0L,0x64666563af1407d7L,0x000000000000008aL },
-      { 0xf0361fa97015d2adL,0x06c10c06c3f6d10aL,0x6b30ce607a0b50adL,
-        0x905727d44499ab51L,0xadaabac64b4ca19eL,0xb97d87dff24f4c97L,
-        0x9bd3bb9db808e478L,0xc0476491fd5b3b47L,0x00000000000000dfL } },
-    /* 64 << 329 */
-    { { 0xfab6fa734e185ee5L,0xec85b9edf15957d4L,0xa978adbd72ba04e7L,
-        0xc7e3107e7986fb14L,0x0e97063de37740b4L,0xf26f51c225e29918L,
-        0x66b9445312e6f22fL,0x6617deae68090e9aL,0x00000000000000a3L },
-      { 0x86595b1dd2dafd33L,0xcca6cd7ff3c234faL,0xd24847edaac709ccL,
-        0xbe089df8fc689536L,0x4fdcc1dc367bbbeeL,0xc2592739a01bef50L,
-        0xff4d427aa53d6b64L,0xd3ddc2bc47d9af89L,0x000000000000000dL } },
-    /* 0 << 336 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 336 */
-    { { 0xadf5e06ea79cb073L,0xcb46aca98bf180e6L,0x5bf0d9eb835f8e22L,
-        0xd692cd207713f3adL,0xa33e9d7ff0d87f74L,0x9f2b6950f602a362L,
-        0x27a4c70bdfa4f77cL,0x99c699dd3c56080aL,0x0000000000000105L },
-      { 0xdfb1b25595338fa8L,0xabadba3ad59e754dL,0x2338452b436e70fcL,
-        0x34cfb5b2e07a21b6L,0x25ddb684f81ea5a2L,0x98f463c0aa325fc8L,
-        0x963bbc8094aeb02eL,0xa98fe976434ab9faL,0x0000000000000188L } },
-    /* 2 << 336 */
-    { { 0x9a7fc933204a966eL,0x7c1c59150d9680ecL,0x0643609730415e73L,
-        0x574b06528ea44e8bL,0xd35d1340f4b8fe58L,0x81ddd1f4daa40ca5L,
-        0x5c908486ac09937bL,0x467dffa614c180deL,0x0000000000000034L },
-      { 0xe6f97acc8000602eL,0x2650e9570f527147L,0x3af58dd97c3923e6L,
-        0x67f7102e69f5cafdL,0xf80e76c00ecb60fcL,0xd3441285197f6bdbL,
-        0xdeed257a52050b0bL,0x8c28afea0703c0efL,0x0000000000000052L } },
-    /* 3 << 336 */
-    { { 0x2ea6e18456500523L,0x566ccdd0f44d63fbL,0x8cc0208db01114ccL,
-        0xdb7bf61311e5dd4eL,0x65e4263eff83d7b1L,0x12d2924cd6da83e9L,
-        0x093bd19078380401L,0xd2835bdbff97c4f9L,0x000000000000013cL },
-      { 0xd3ae4c901d8e9521L,0xe2c92a4c42dc5bbbL,0x478e934b8c96057dL,
-        0x0e526187ec6155f7L,0x3aca950d2bbe77d5L,0xe7edf96a6e492364L,
-        0xfc039fd22fe76745L,0x68dfce9653928c27L,0x00000000000000f3L } },
-    /* 4 << 336 */
-    { { 0xab482b76e225fbd9L,0xd561f4cdd3c33a7dL,0x18813777ccb2f003L,
-        0xa163377524cebce8L,0xddbe587d16adb540L,0xbc0d225f79e133cdL,
-        0x8fa3d30032a4c54aL,0xded1ece4243dc5e5L,0x0000000000000024L },
-      { 0x94ce92a3ffd4b7ddL,0xeac8e7a15a8efbd5L,0x0c842c3fa9dc648aL,
-        0x19172f460d286101L,0xc8681e80beca770aL,0xfaaa1ab4a8795d3bL,
-        0xe8625d4663944868L,0xe13004f94f3254ebL,0x0000000000000104L } },
-    /* 5 << 336 */
-    { { 0xb0fece2bb7f3d4b1L,0x8b6168aa47b042fbL,0x207d9b0f01658a57L,
-        0x52deebf25cf0bb71L,0xc678dcc72fc808a8L,0x8bea9d0975a39999L,
-        0xf26b5d2b7042c5a7L,0x58b1d1bbdbe12667L,0x0000000000000120L },
-      { 0x10cf0b69d821c3eaL,0x045a9342c684e985L,0x2245c17f56babdcbL,
-        0x7859852ab40c5f7dL,0xcbc11caf35b36fe0L,0xcbce03baddc4abe5L,
-        0xfa4797269e11ee36L,0xc70cf89a8b993b9aL,0x000000000000013fL } },
-    /* 6 << 336 */
-    { { 0x2e911bb30d9ea003L,0x50503fd6dd7bbb56L,0x23780725f43c710cL,
-        0xf3854bc2d236028aL,0x0bb0cd7085f08816L,0xaf2ba06878e34910L,
-        0xb0ab1008558b8babL,0xe0676170e24955dbL,0x0000000000000049L },
-      { 0xe2b0161a87b571f5L,0x1676b3346209d9adL,0x402122ece2f86308L,
-        0xbd0e364487d6f082L,0x587ef7c464747111L,0xe8edfeec8f3386a7L,
-        0x2b70f9333a489db5L,0x819e1d7c442a278bL,0x0000000000000025L } },
-    /* 7 << 336 */
-    { { 0x731be59d6ee24007L,0xe96884c4b97efd86L,0x9e4a2bbecf73d698L,
-        0x7820a2d72ef12084L,0x1ebbf048c5692055L,0x707194dac1b300f9L,
-        0xf45fe3fec0d5dc37L,0x20cb9bf6df061c3cL,0x0000000000000000L },
-      { 0xef76e09349841247L,0x7e963d5c5673eee7L,0x135d2ca7c5eab79fL,
-        0xf0d3ac04ceeb60e6L,0xdb33fc361d07b5f9L,0x37ef4405f1443ae5L,
-        0xe4716fae6ec33bd0L,0x3a6e33a14fd6f657L,0x000000000000003fL } },
-    /* 8 << 336 */
-    { { 0x6f01c26104e188ffL,0x0d9bf057c7ff2e86L,0xf9cd2dd6c8e36163L,
-        0xbfc6200bec1562e8L,0x735836b48afb5102L,0xb7a29e92035e1ed7L,
-        0xb16b14ca5f2e5924L,0xa77550a628630d59L,0x0000000000000032L },
-      { 0x7b4bc3ef7418d27cL,0xdf5c38b623b67adbL,0x168d61e3ea3713c8L,
-        0x806f95491abd92f8L,0xe806ab7b98eb3239L,0x47f49e50f09b81cbL,
-        0x4324da1706fd5ba3L,0xd54dc8613193dd6bL,0x000000000000003cL } },
-    /* 9 << 336 */
-    { { 0x9f88ff35a3d49d3dL,0xe4284139fce247f8L,0x6c4d5c7af9dcb985L,
-        0xfbcf4fa1161d138aL,0x2704ef59a06a95f5L,0x2a277e200d0e4d15L,
-        0x3105f965c5de8f83L,0x10fd313deabd284eL,0x0000000000000133L },
-      { 0x308bbdee0774ab51L,0x3e273e4200f231beL,0x843c53d8f8392927L,
-        0xbbae99a3c0007797L,0x110b8e4ce1f84317L,0x456790c6e26fc087L,
-        0x13144322bf6798e3L,0x35d44ed5217a52ceL,0x0000000000000020L } },
-    /* 10 << 336 */
-    { { 0xd7c148b3841f5e75L,0x4fb757644b5442a4L,0x95e65524dcdfb2dbL,
-        0x2265e0edd3446c55L,0x7d95f3b17a24cbddL,0x852beaa10567103dL,
-        0x48c62a902808760fL,0x5f872492fc689aebL,0x0000000000000065L },
-      { 0x11fa99ecd6740dfbL,0x0b028e97621f47f7L,0x2a75276c3b2a21bcL,
-        0xbad738bbb779b390L,0xa178ac3072cf8732L,0x4c515b788ef8ebc9L,
-        0x5a411714b745b0deL,0xb7c566faf0341a62L,0x000000000000008aL } },
-    /* 11 << 336 */
-    { { 0xad24d78c5774fc6eL,0x0ae7e57b8dccc508L,0x92d4a44ce70f8e39L,
-        0x3915c8eb837de2f6L,0xf7fd688854dd047aL,0x13bcad45d1bbd515L,
-        0x86e766a1302bee43L,0x788ea08a0986a53aL,0x0000000000000188L },
-      { 0xe0117403716f966cL,0xf2ff910991cbdb03L,0xb30a2a3cf6368671L,
-        0x29d49766adf90b6fL,0xe7333e2338d741c7L,0x11995ae97e584997L,
-        0x0f46aad3bbc84668L,0x98ad5a3f89992582L,0x0000000000000197L } },
-    /* 12 << 336 */
-    { { 0x42814ac122ff19a0L,0xde569bc8b27c568eL,0x1d08a1226ada1db1L,
-        0x3a3fde2e6e513dc5L,0x29c0813b1f856f5bL,0x13d3bc840b6cb7dfL,
-        0xabba0aba2c40bc67L,0x1fb6edcc8a718cf5L,0x0000000000000072L },
-      { 0x806a0ca2b312563aL,0xbb056c4891380b70L,0x0c90364b0a157f24L,
-        0xf79016c3d9e3f68dL,0x8d12edf88944a622L,0x333d61b31ec7abdcL,
-        0x372a693d50bded2dL,0x08bad7dc2dfefccaL,0x0000000000000081L } },
-    /* 13 << 336 */
-    { { 0x95aecad65c1c6ddcL,0xdd32cd749ae10bd1L,0x81882ab6a84c69dfL,
-        0x8a7d8cbe8838d94fL,0x099ad520bcc1300bL,0xd63bb039c30e4469L,
-        0xb3bef31417356877L,0x48fea9063238c2d5L,0x0000000000000047L },
-      { 0x772aa8f68e8fbfbaL,0xe852c8f15845a5ffL,0xf1355ee5a907e9d5L,
-        0x18c0ba0e5ba624e3L,0x32a3b125b72c700aL,0xe4e19fe46afd2a5eL,
-        0x08009bd907e95944L,0x14a813f019294091L,0x0000000000000106L } },
-    /* 14 << 336 */
-    { { 0xfd9946a699102917L,0x62df6a373c73b904L,0x9998064f29c4664fL,
-        0x626c7d71a38aeb0fL,0xebb4ba2d9ddbe513L,0xfb7b78301d72725cL,
-        0xc1314481e4c19372L,0x90c5ec66ed09077dL,0x000000000000003cL },
-      { 0x05bccd2f92b2ca1eL,0xffb71e3f55d4157cL,0xe4913c2eb5edf4e2L,
-        0x185eb955a96247b1L,0xd70ff9614d7924b3L,0xe6ebce13ed6c45f0L,
-        0xcbb30c53786c10d3L,0x37b6a2f2137354e1L,0x000000000000015dL } },
-    /* 15 << 336 */
-    { { 0x4d82915996367153L,0x60562a5910e88061L,0x2b2c480b942bd412L,
-        0xc015240fefbbe7b6L,0x363ddb1df084fba3L,0x21739dffd1c2f9eaL,
-        0xbf972d6fefe1ac54L,0xdfc5ff12edbef772L,0x00000000000001e7L },
-      { 0x2f0a919a39250f37L,0xca4b3f9711cb4bddL,0x85909ebfc15252c3L,
-        0xef2421d0f81d74c4L,0x7f8a45d7faa5d679L,0xcc97e0caaf2c27acL,
-        0x11fa8448f0393356L,0xd0727c3b091f3a2fL,0x0000000000000098L } },
-    /* 16 << 336 */
-    { { 0xd17bc05981fe2fbdL,0x8247a0c7cdfc711dL,0x973eab2f63ce74eeL,
-        0x270a6bdc4191b5f1L,0xe21afb51637f5917L,0xa84e71c550326c7bL,
-        0x14cef332f30c35cfL,0xff0e5f89b7407d5eL,0x0000000000000011L },
-      { 0x7b23a55df8b6b176L,0xbc660c66c679c536L,0xad82144a897fde1aL,
-        0x5082037d545baf12L,0x4bf2b1174448059fL,0x59c25c1bf1e8c52dL,
-        0xc01a4b8d8e030e69L,0x45077803229951c1L,0x0000000000000184L } },
-    /* 17 << 336 */
-    { { 0x06ab930118ba92b8L,0x0ecfb20658c698f5L,0x0d07b9580c53b831L,
-        0xeb8bcf504c6b8a70L,0xd6aa30dd46cfe9a3L,0xc0373457e824156cL,
-        0x14ae78702b281201L,0x3c50eefa57c56e20L,0x00000000000000cbL },
-      { 0xcd4eac45dc159da0L,0x3e09b24db817f40cL,0xb1a9ddb4f1ce719aL,
-        0x27e01e5ee7c528a3L,0x6d3effe69f1aa448L,0xcc3ea2c66c529ff2L,
-        0xf2ad16d9cf1095a2L,0x8497e6bf6795d3f1L,0x00000000000000d0L } },
-    /* 18 << 336 */
-    { { 0x5936402fea46c7b7L,0x611f48a4c8e292fdL,0xc9178953b1ef5c93L,
-        0xf8c3b0bf45132752L,0x6f60ee45243ba68bL,0x7aae87523de7945bL,
-        0x9a2526667e5b0f06L,0x39503fed24112340L,0x00000000000000e3L },
-      { 0x8479c73c64655be9L,0xd3c0a16e00645b62L,0x4e71df09fbe33ac9L,
-        0xa0dafba123f21934L,0xba16e195a3689496L,0x0dea634e05508b68L,
-        0x6855cfe25ebe2694L,0xec373e0b7d85a1d4L,0x000000000000009eL } },
-    /* 19 << 336 */
-    { { 0xb8c3dacd4ca0c4d1L,0x8424abd597274623L,0x081fba1ddc429d00L,
-        0x4ea6805c77022b62L,0x09561cf5610a6c42L,0x06bcb6857c4d0400L,
-        0xbf9d4591ee3eda1fL,0x6bee800bc391cf2bL,0x0000000000000011L },
-      { 0x5e41cb27c0611ef1L,0x7a25441cc7cd8245L,0xc5bd725ca22201aeL,
-        0x554ff12ef99102f4L,0x55ea06a484c51d6cL,0x93cc43c1fa4d3a28L,
-        0x1e930d0e95158c18L,0xdbbd3924f3aca4a0L,0x0000000000000064L } },
-    /* 20 << 336 */
-    { { 0xa929ab929b4fcaa8L,0xbd15698f18c196a7L,0x52ba54d9ed6b3cd1L,
-        0xaedec8263afce3d9L,0xc26a7b6aa7a05e27L,0xbfacb969c40091d7L,
-        0x73f5ccaec8fc6e07L,0x7fd306960a44e5f9L,0x00000000000000b3L },
-      { 0x00ddfd1f2a5bedbeL,0x417d4298c591c174L,0xf91f5a4c55f96920L,
-        0x3a6623d3936f7a6dL,0x9b67aaf628dd7721L,0x5bdda9995184915fL,
-        0x14cb50bf61a502deL,0xfbb382b2f0d3a5f1L,0x00000000000000b4L } },
-    /* 21 << 336 */
-    { { 0xd2e51c02358407feL,0x379ba801aa5d1f95L,0x78805d1d433bee43L,
-        0xc8406d4e30368d9eL,0xf1afbc18181d8bcfL,0xe1b5418dedcc02caL,
-        0x594140aade21f349L,0xc935edc90960aedeL,0x00000000000001d0L },
-      { 0xb4bac9577c6b52f4L,0x193cae40a1f988eaL,0xd3611a5686c73777L,
-        0x8861119d10907a06L,0x4080e88e97c5aba2L,0x13d48f856177a63aL,
-        0xd98a14637d1505ebL,0x712f5704345cbb1bL,0x0000000000000145L } },
-    /* 22 << 336 */
-    { { 0x9602183a8656a9dcL,0x38d9cf9914e10f6aL,0xc4480df1af352f91L,
-        0x312a0ee97284509dL,0xf8f1609428a89368L,0xdc60750c394fc38dL,
-        0xa45097b8c4b076ebL,0xebc69f19188f7500L,0x0000000000000011L },
-      { 0x0b82a33debf35521L,0x38cfc247822af398L,0x7e47262408ea1a06L,
-        0xdbf9ae15ca3b03b0L,0x992f77515b8ec4c3L,0xa2d4411d491fd8aeL,
-        0x00e5457f6d6707dbL,0x91e79e34a3d679faL,0x0000000000000123L } },
-    /* 23 << 336 */
-    { { 0x729069f3c2aac2e0L,0x0a3cbdbdcabc2ef7L,0x1ac994e853919f9eL,
-        0x988345d28f722950L,0x6c446036b3eaed7aL,0xc8d1ea591af32590L,
-        0xcb555a29c5f0298aL,0x2245dadc5a95ddc9L,0x0000000000000003L },
-      { 0x28b43e4040fd5df9L,0xa37c16c1700ddf94L,0x57f4770188bdd8cdL,
-        0xe46cf6913a7b7b20L,0xc2982480151c16ecL,0x064d58699ab5b911L,
-        0x282e068b1e2e9b4eL,0x8bce73305ca7880fL,0x0000000000000079L } },
-    /* 24 << 336 */
-    { { 0xb8f663eeba7642c0L,0xd6de3ffd8e5f9f42L,0x5f7a9a7bb661e29aL,
-        0x43e035a5e709fabcL,0x115ff746d241f6feL,0x9aff188d3a889406L,
-        0x35a4d29a00ce6f54L,0xa43706eb19542e2cL,0x00000000000000d8L },
-      { 0x6d4d00fe5307c22eL,0x97c82f0ac02f495fL,0x23857399a4563bb5L,
-        0xf5ad0f92e621b072L,0x5e28217f73ed71d6L,0xb850554f7c532cb8L,
-        0xb75dcba289b00deaL,0xa9252801fabb05cdL,0x000000000000016bL } },
-    /* 25 << 336 */
-    { { 0x113df94b7d7ca596L,0xd0d81f973a09c4e0L,0xfdf25b6dde5f749aL,
-        0xb7a9ca9ff56f6819L,0x4e227c423c76e2adL,0x8f568606fb0c6c74L,
-        0xc68a1311e7d75727L,0x3cae257ea97c6a06L,0x000000000000003eL },
-      { 0xb8fc17b67c4eec48L,0x859ababb5c2177e3L,0x372a76051058469eL,
-        0x82bc83878198208dL,0x362b7058289b96d9L,0x008fdbb14b1ff834L,
-        0x6754a93e001b5d35L,0xaf0588963cb788ecL,0x00000000000000e6L } },
-    /* 26 << 336 */
-    { { 0x7f0b78bf7e8da44dL,0x6bc7705a76e657e0L,0xf62df055522bd33bL,
-        0xcfa310d2d5730259L,0xdb3c752706babe9eL,0xa53c9580c5b35c93L,
-        0x88a085faa6e6210fL,0x2436bc42bfbb2a0dL,0x000000000000011eL },
-      { 0xfa99d4eddcfc0929L,0xc08653aec8373758L,0xdd402a641820eaf3L,
-        0x8fe28a88991a187fL,0xb2a8d2aa14e3031aL,0x5d15745af340b738L,
-        0x03f304abb5d057bcL,0x42b9c992b2d32a29L,0x0000000000000130L } },
-    /* 27 << 336 */
-    { { 0x7bf6c878e6f3697dL,0x0da60fe25286dc50L,0xdaf811cf4427b675L,
-        0x21263e1a63b81439L,0x6c1588eab23ad5d6L,0x67ae668ecf30a50fL,
-        0x019d2c48dedb60c5L,0xcfb3ef72898225efL,0x000000000000010fL },
-      { 0xceb271fc50d5ad72L,0xc590aa97a684a6a0L,0xf0c51ceb97b0397cL,
-        0xb0abb09c6f549db0L,0xb04b4898b6adf961L,0x4e5b4948ec0602ddL,
-        0x892d411e95a537b7L,0x613fc8af84b4dcaaL,0x0000000000000166L } },
-    /* 28 << 336 */
-    { { 0xc9eb8a3732462315L,0x91893c7c6e4e47afL,0xc2c9569bf9bbc7b4L,
-        0x656b2ce30314c0e0L,0x90b866af7e012597L,0x235d7f2adf853ba8L,
-        0xce824693266a534dL,0x3b362419b30f8251L,0x00000000000001cbL },
-      { 0xf5c990529df9422cL,0x261a1d31ab69da5fL,0x29ac221f2d225cd4L,
-        0x37090fc6ae4cec4cL,0x257983637417f8bfL,0xcd19cb04f6898caeL,
-        0x98580a0a75239b7aL,0xd1a38556e19c424eL,0x0000000000000025L } },
-    /* 29 << 336 */
-    { { 0xc4b2e4321ec0f9bbL,0xb6d9c02b4f72792aL,0x692936bcb7745461L,
-        0x70c8d81bf16ed29fL,0xfaf6602cead1e3f4L,0x9ff71ca731f17e50L,
-        0xae87c59b5a4f7187L,0x8103cc5ccbbded31L,0x000000000000013dL },
-      { 0x973df81487cb1debL,0x8d733cccf3e31541L,0x3f9a0a7bd66e3904L,
-        0xd9deff68e1a92726L,0x15118a0f9a57ef64L,0xfc1e37f6a079c288L,
-        0x1f3b8593d66e3a5fL,0x2f41c9df69904b4eL,0x0000000000000130L } },
-    /* 30 << 336 */
-    { { 0x2438afa71bfa8266L,0xe42c4d707aca9c58L,0xed95a6df3a0b8f82L,
-        0xc63e62418c218d8dL,0x17cb1bcf4a467ea9L,0x00add391e6a13b32L,
-        0x84f65ead54bca5fbL,0xf3a6b748d44c6849L,0x0000000000000077L },
-      { 0x46a9ffa49a19a7a0L,0x0e8a201247152131L,0xbf3cce1b9e569e70L,
-        0x8ad6f57ecc68962aL,0xdea8fc4929a6daaaL,0x71a147d711e9686fL,
-        0xb705d31d21d2ae96L,0x6bab44926ad7409cL,0x000000000000008aL } },
-    /* 31 << 336 */
-    { { 0x3bcbec5b43f1bc6dL,0x82f1c117e173ff5aL,0x86732bfc5f7bbae2L,
-        0xb369f7b53b3a68bfL,0x09723468dabd0f05L,0x536a17524466eb28L,
-        0x797ce5a43d685bdbL,0x5c6904da797af4d5L,0x0000000000000112L },
-      { 0x0125dc59b2365e89L,0xe95c31e5e6b036b9L,0x025da8ff1bd84808L,
-        0x980320c96689aa70L,0x7a7cf8959ce14041L,0x09fc1e84eddb13a6L,
-        0xa562767a27a54095L,0xdd0ed2f995de4423L,0x0000000000000023L } },
-    /* 32 << 336 */
-    { { 0x6a55868f11c50119L,0xb78abb45c7912bbbL,0x00ec6edcf2598660L,
-        0x45b396bf3b330dddL,0xf1e1b15d430b461bL,0xd7d7ad1de8c572adL,
-        0xc236b2601ec38412L,0xb668a33699889cf7L,0x0000000000000109L },
-      { 0xe39ab64b0bf6ef3bL,0x83496baeb87b2f04L,0xc9a9009ddd04f4b5L,
-        0xcd813e028fbed8dfL,0x8766407ed49842feL,0xed08303dd72a0525L,
-        0xed117dd7b47e882eL,0x62ec57f744ce2e25L,0x00000000000001a9L } },
-    /* 33 << 336 */
-    { { 0x2f7726ba8e8a63f1L,0xb0c2ad66ecb3ae83L,0xe57a64b99accb54eL,
-        0x79eb94ce3968e980L,0x1030ec413a04e7daL,0x60900b75ae88b7fdL,
-        0x6a2b74e30d22ebeeL,0x93e1657222357db3L,0x00000000000001c6L },
-      { 0x0cbe946b8feb2f46L,0xeebf1e20d5d78ad9L,0xbf52e57dccc955e2L,
-        0x03ca5245a84019c3L,0xd83c5de77390eec9L,0xdfb17932c7ca0529L,
-        0x4408ddc221cf2ae0L,0x4b217712bd878077L,0x000000000000010eL } },
-    /* 34 << 336 */
-    { { 0x19c2fb35e68bfa93L,0xd194609c6be8cd17L,0x3d5bac21c0950167L,
-        0xc6f452ad320fa097L,0x5efbc350c519d010L,0x04b5f5091ce6ff40L,
-        0xbc81371fd33d1152L,0xec1882e91ec5cbdfL,0x00000000000000d8L },
-      { 0x389fdd4ad929e151L,0xbc3bf1fc30b376ceL,0xb57789146458a81aL,
-        0xa1b02703bd08823bL,0x6e0bafc8b8ead9bbL,0x05009a9da4a6510fL,
-        0x788cd68402719b2cL,0x4abb7c12f4eaace8L,0x000000000000015dL } },
-    /* 35 << 336 */
-    { { 0x924834880d6e1420L,0x0f6b842f02a9e525L,0x5f195b9ef2c23ed3L,
-        0x872b7dab188c8a40L,0x6ea520e57a05f397L,0xb84f6f52a8318cf3L,
-        0x7c20f13cb4ab7198L,0x94c07e8634d193fbL,0x000000000000007fL },
-      { 0xa665378f640101c4L,0xf718aba2f23d6880L,0x7feaa46ae39f34ecL,
-        0x0c5e49bc45be61a3L,0x6c9e53e91d1097bbL,0x1f8311795b9afba2L,
-        0x7c91abbff68ea497L,0x84c407ffcfb9359bL,0x000000000000010eL } },
-    /* 36 << 336 */
-    { { 0xf66002a7532cded3L,0x12ae6fbd9b51ba09L,0x1877c71151a4511fL,
-        0x75a3a374b468daaeL,0x09f3fbee0866ffb3L,0xfb535b7479a0e5ffL,
-        0xa9f20777119d443cL,0xb0d45806818ba850L,0x0000000000000089L },
-      { 0x9ebce29758c4764fL,0x25239275d673bbbcL,0xb8e731d526a3b9f5L,
-        0xe00ea0a81b7a1218L,0x64e38615251ebaceL,0x1861ba0c43c768d9L,
-        0xabffeab0faa8388eL,0xd7a8dc7e036e9163L,0x0000000000000138L } },
-    /* 37 << 336 */
-    { { 0x3a548ee6767f67e0L,0xf43995d96e7381e8L,0xfc613affe3f4fa78L,
-        0x75b8421853a88ca2L,0x4efc41a4a34d77d8L,0x67704b6c6dfeccc9L,
-        0xb6301c73ad702b28L,0x2257dc83b0bd12c7L,0x00000000000000c6L },
-      { 0x01f144891820d290L,0xd2b2e7b74b212d5aL,0x2372e19e203ffa93L,
-        0x7847f736afc48e54L,0xfd061aa2b0d47790L,0xeb5d269c56107e9dL,
-        0x90e172f6f400c123L,0xf13bd3b9a924ac2aL,0x000000000000014aL } },
-    /* 38 << 336 */
-    { { 0x2f1e5d38c7d8a5a9L,0xc812dad7d2f00aedL,0xcccd0e9be04e41ecL,
-        0xac5b0abd217a004cL,0xb1332777129d0219L,0x7ec641f09f912102L,
-        0x53d6db38ef3b0f35L,0xc9d6b3cacabcfc1cL,0x00000000000000bdL },
-      { 0x834b4b341b206ac7L,0xb6e4bc6ba8a9615bL,0x024f9e7d83fef8fcL,
-        0x659a16fd427d6556L,0x56c796186ea415a4L,0x26b75d757aa919acL,
-        0x01522021d880f489L,0xa250d22c6089862cL,0x00000000000001d5L } },
-    /* 39 << 336 */
-    { { 0xd90132009928e628L,0x1193d8578046a060L,0x4121d1e40ce4e473L,
-        0x4c4d212253cd7702L,0xcd42376919823037L,0x696394e8b5506010L,
-        0xbd26c4266e10bcceL,0xbb15eb862869fc0bL,0x0000000000000148L },
-      { 0x24e36d1ce3895fb0L,0x99b1202f62a2e7adL,0x7be82d41360abc5dL,
-        0xaa8b30afe64dda1fL,0xa5c5cdf693938b09L,0x8a0d8440db48efedL,
-        0x17db9cab6dbdc7c6L,0xe0f3f1a778477ea9L,0x000000000000014fL } },
-    /* 40 << 336 */
-    { { 0xa35909198b52c773L,0x76609450fa34c84aL,0xcbc53186e1eb0e17L,
-        0x4f1f328a93f87b38L,0xad5a48aaf3e70effL,0xb90942f9338873f4L,
-        0x8d9018db7c92f220L,0x883ee17010edbe69L,0x0000000000000090L },
-      { 0xacbf26d4352788caL,0x6e1134413124e676L,0x8c23d996bf850dafL,
-        0x8781a364b318b4f9L,0xe9ccfb474366d53fL,0xc36fddcfa2522307L,
-        0x0d9d490f5c18063fL,0x70e6946a7c772f22L,0x0000000000000021L } },
-    /* 41 << 336 */
-    { { 0xceb65c253265473aL,0x0848d8c109e9c600L,0x7a1d52b5da02fa2cL,
-        0xc9d059a187ee1d9bL,0x6fc44d08796f782dL,0xc986ddc0de4faa1dL,
-        0x7ae99e1cdb221bbaL,0xecce252439e934b3L,0x0000000000000145L },
-      { 0xebf9741ec8b2e015L,0x8291788dcc2829e9L,0x85e30cb4b92d367bL,
-        0x6306f633d498e495L,0x982bf2b64b7d0e51L,0xec78717623b5ce39L,
-        0x13813e58d7dbe278L,0xf35d5ab7de0b9f48L,0x000000000000010aL } },
-    /* 42 << 336 */
-    { { 0x3465a55880b2842bL,0x69ae8ee5fb5c4ab4L,0x0f60b67f1d9d3c2cL,
-        0x43c637aba61d5441L,0xebb11af2616bb3beL,0xb233d60c8ebb368fL,
-        0xfe78b8e8e666a6bcL,0x40c89e61199647bfL,0x000000000000017dL },
-      { 0xdfd02f7d1a7e4004L,0x67ea0f94f0db6c8fL,0x75fb799d0b25ec12L,
-        0xbf15842512e0b07bL,0x6232d56ccf7cb388L,0x62852eadd2b1cf35L,
-        0xdebdf566d4d5a337L,0xd4224257c5d68925L,0x00000000000001f0L } },
-    /* 43 << 336 */
-    { { 0x3b3b236a2705c8ecL,0x18e596fe8f9ca382L,0x6cef674b595529f9L,
-        0xdd4d79e523afaeb2L,0x96b687668c095755L,0xc20d270322f1303eL,
-        0xaf55fa652118e930L,0xc1598fdb6ab3adddL,0x0000000000000007L },
-      { 0x8c72b53a9f7ec947L,0x230c6c33ea8256afL,0x3631364728ff1428L,
-        0xedd1a1d226269503L,0x35142f60f50ad51dL,0xfb1597d3365f7d6aL,
-        0xc0d5b6da40fb6f18L,0xc3cf67973fa48c72L,0x00000000000000e4L } },
-    /* 44 << 336 */
-    { { 0x7d59c3f4712ddfbdL,0x839dd63f84f37f9dL,0xb7d4176f102b47ceL,
-        0x91549e3ab3e2d34eL,0xf82494656176fa4eL,0x34cef89d534e8a88L,
-        0x5752810fd05652fdL,0x05878d59e8109c08L,0x0000000000000045L },
-      { 0x83e223e70f9b0af9L,0xd4094717d8b7e4e9L,0xfd6789140f16428bL,
-        0x39782a1591a6f1c7L,0xfc637c567d10b525L,0x396ce1a419b2719dL,
-        0xe3c112a59d21f5baL,0xcc9423b1fec40d42L,0x00000000000001e6L } },
-    /* 45 << 336 */
-    { { 0x9918e21421c67dc6L,0xbbbe96db3ce73d10L,0x646749af353facceL,
-        0x4471d11f941a1ae8L,0xdce491d8254be83dL,0x2a734d2b06044c3cL,
-        0x015bb26f33e90f68L,0x2986a9179b397235L,0x0000000000000000L },
-      { 0xf2bc225392d0328bL,0x3cf80ec41c01f96eL,0x7059378025f2b93fL,
-        0xe218c28f8caa3c34L,0xed5b3b01acf08f85L,0x78e7130b675abf03L,
-        0xdc164f62e61ea709L,0x5e9bcdafe7cce590L,0x00000000000001d7L } },
-    /* 46 << 336 */
-    { { 0x7dd978412969cc46L,0x464f831465c2a193L,0x0f0814d7556ba73cL,
-        0x4e0b01c2a746479bL,0xf769a86a222abae4L,0xaf204519b06949abL,
-        0x219f3dd4bc0cae6aL,0x41e7fd75bb04e014L,0x0000000000000111L },
-      { 0x8c81a4171b4685ecL,0xc2cdc2fb56fcf448L,0x047f00b60ffe70b3L,
-        0x4fb3e96353c0b627L,0xd6eb99c304092d40L,0xcef9e712824d32d6L,
-        0x22438fe0661c9073L,0x1d24b9508b5d62a6L,0x0000000000000179L } },
-    /* 47 << 336 */
-    { { 0x776548c41646b926L,0x5da803c6cbd4f251L,0x9fb4cbbdcafbff5fL,
-        0x136e5ab46b1967e8L,0xbf3187c655c2cc0fL,0xb5cb7010ce03caffL,
-        0x75f960d74cba3a38L,0xf1f7da468c4de719L,0x000000000000008aL },
-      { 0xaa9771cf8e145328L,0x955607127e9c7154L,0x7576c566c54ac3ebL,
-        0x83a1cc22b9565637L,0x65a033e85f237916L,0x0fc5b3076eecda9bL,
-        0x6a8a26805a6bbbc6L,0x3f5df88eace3f66fL,0x000000000000011fL } },
-    /* 48 << 336 */
-    { { 0x8ee76fb84b60e7d4L,0xcdcf289366df99e4L,0xf0a8087980648b08L,
-        0x3c499205ae3ade6dL,0x73d8d03503d4984aL,0x4fcd2c1ce21a233cL,
-        0x0b5c1e89bf51ca1cL,0x1b7a009f237792d1L,0x0000000000000116L },
-      { 0xd2dca97044961ef0L,0xd5a6fbcba97a7b6aL,0x5e6da5975a4f98c9L,
-        0x2421c548bca536b6L,0x7a591af11f7ee8a4L,0x320308818a8817c3L,
-        0xd98a21782af67257L,0x31fb8f953828bbddL,0x00000000000001cbL } },
-    /* 49 << 336 */
-    { { 0x2fe629cce3886eebL,0x703263920694724cL,0x42ea1744001fde6aL,
-        0x285ba5fcb4b7c99bL,0xa7474f9203317986L,0xfa84421405f64263L,
-        0xe64e02dfea76091bL,0xe5356b2ddff26696L,0x00000000000000e7L },
-      { 0x47e54d6513506a2bL,0xb66069948dd04445L,0x86413fcafda61d05L,
-        0x58a825310779b2ebL,0xaeebe93899414dd7L,0x838add05bf1cc63dL,
-        0x98cbe079d98429d5L,0x7416b93677ceb9ceL,0x00000000000000d5L } },
-    /* 50 << 336 */
-    { { 0x196b992f7903265aL,0x3f8c505985ac43caL,0xa0542a9832f558a6L,
-        0x34493872f8f15c20L,0x8422611411ff2331L,0xaaa95263dad5aa4dL,
-        0x5ba3c89449618a2bL,0x7114cb67ffb0b7afL,0x00000000000000ebL },
-      { 0x22896ed5c413488fL,0xb68be598e59cf5a3L,0x8aece01d5a9f0b73L,
-        0x5ef6ef9fe44bf3c7L,0x276042132e665544L,0x5cbaae365b4fb862L,
-        0x2bc1f35ed164d7b8L,0x353fe76e05a5405cL,0x00000000000000c7L } },
-    /* 51 << 336 */
-    { { 0x5c6259f3f2bd866dL,0x74f730eb67f990fbL,0xeda67791bac84b24L,
-        0xd77e5d5ff0d8e9e1L,0x997d32d627f0633bL,0xe26e2cff845bd85bL,
-        0x214962750bcec89cL,0x615c7f755ab41a61L,0x00000000000001c5L },
-      { 0x5b5e76ff238ba9a4L,0x5a66c41f6342061aL,0x036bd57b984949baL,
-        0xb8bd4d4c78893803L,0xade10dafc8bed951L,0xb17d2e19dd61db30L,
-        0xa36f13476346eaccL,0x43ef15d396e37846L,0x00000000000001c2L } },
-    /* 52 << 336 */
-    { { 0x2e82f2e8fc7dfeebL,0x4351215c52c20206L,0x3b7875804be6deabL,
-        0x480d4e87e24e7b8dL,0xbc1e73e71a2fee06L,0x9ee62e8dbbe97079L,
-        0x729883c30c65ff12L,0x7d79b4450d40e7a4L,0x00000000000001c7L },
-      { 0x0040e8251338a343L,0xd46631e703c25efaL,0x69038f5ec8d68911L,
-        0x5cdcc85d67efed4cL,0x7bc6c0d960dec282L,0x0ff1944dc69bd184L,
-        0xe9c1f924840c0a85L,0x8744d9a243df13f2L,0x0000000000000039L } },
-    /* 53 << 336 */
-    { { 0xffb073725731b8dfL,0x55b50655528162dcL,0xb06b7e4fbaf43a0aL,
-        0x2384151f3205c2ceL,0x2fb3a0ff0796e15eL,0x145b6de137a2080fL,
-        0xa7fc63f1eb9e8ed7L,0x282c8eeddbb2c666L,0x00000000000001deL },
-      { 0x797ac3c0cdb70b94L,0x9ed6c19f8afe775fL,0x959e53d08fdf4354L,
-        0xee3422904c6cd016L,0x878e3ce6da3d2171L,0xf91eb6cc0c0ecd98L,
-        0xa4c9deb0352ddefbL,0xe0fbf7404cd91881L,0x0000000000000093L } },
-    /* 54 << 336 */
-    { { 0xcf3ab1a8c06a14cfL,0xe1dab4729134a070L,0x02695c59d307b78bL,
-        0x6ff63c8927584f96L,0x0f2d84c83591c925L,0xc3f41483aee8afb2L,
-        0x9f1021819b9720d0L,0x990e1e26ecc16999L,0x00000000000000b3L },
-      { 0x3bd5760e1240a3f9L,0xf40840d9bb9c9613L,0xbee95c7dccb1cc9bL,
-        0x094f695218da33f7L,0x116776dcb55c954dL,0x7d5820b102e92e9fL,
-        0x06fb44a56ee9fb47L,0x35771a46baeb1c66L,0x000000000000007cL } },
-    /* 55 << 336 */
-    { { 0xd0440862ec99e2a6L,0xab4a43a33ba340ebL,0x12bae2691f10a256L,
-        0x4351afbd77fa12cfL,0x940ca3c3316a9a8eL,0xda41cfb0e7e77bd3L,
-        0x0fa1738fa142b7e2L,0x00fc2c8afc50ace3L,0x0000000000000157L },
-      { 0xb1d820d0714f689bL,0xe64117180c4c8717L,0x59083d80ba8d5ce6L,
-        0xcc2f13ab5a3b4531L,0xaddaf07ad5a8ebbeL,0xba541abb21a54993L,
-        0xbf86b7ca801cc68aL,0x23d9dae3b2f94878L,0x0000000000000107L } },
-    /* 56 << 336 */
-    { { 0xebe606acae034f8cL,0x818cdf076b6018d6L,0xfe55379b7608ef90L,
-        0xaa46536f8ba09a70L,0xc013d0e9c8e4d932L,0xf6c3c883da15fbfdL,
-        0x9d01956feee975bdL,0x12559e14ca159bd6L,0x000000000000013dL },
-      { 0x13cd63821aedc90bL,0x0702dfbdbb2ab040L,0x30b7ab23ff22a921L,
-        0x5e348016544e103dL,0x478ca80b00ef78b1L,0x5f56249af37d1238L,
-        0x330515a9222de97fL,0x415dc934b0a87d9fL,0x000000000000015bL } },
-    /* 57 << 336 */
-    { { 0x1c4d07047b5bd6a3L,0x48c3ef051b90b22eL,0x70a08c1f1a64461dL,
-        0x4a04e537dd99999aL,0x150e2d2272551b9cL,0xce73d701f738d935L,
-        0x0075c2f9282e466bL,0xd4fb74363bbfab78L,0x0000000000000198L },
-      { 0x4aa5ceeeb6af5e61L,0x3d5e02891ce71dfcL,0x4ec385390a795137L,
-        0x26a82c384e4c960cL,0x853dfe6003e80d25L,0x05c38fe7f833c27fL,
-        0xa0fc2cad0e5fdc8eL,0x651964f066b1409dL,0x0000000000000155L } },
-    /* 58 << 336 */
-    { { 0xbcd1b8fdcd2c882aL,0x972b6862b2561e9fL,0x0f3d3eed44ec7dadL,
-        0x2f193dca33dd798bL,0x16923e1b3425be8aL,0x424ac2d0fcea5e3cL,
-        0x04dae6a5d3088f6bL,0xb37290420a495a9aL,0x0000000000000191L },
-      { 0x233de0d8c36dd1b6L,0x4201b3dd8a627653L,0x193ee18fa4ba6c52L,
-        0xafd48153da4125b9L,0x893c89d06ef2233aL,0x1181fc422ad683d6L,
-        0x6e9a5811f22ee65bL,0x2b60ec5e843e7be1L,0x00000000000000c2L } },
-    /* 59 << 336 */
-    { { 0x6906f9196f71d92dL,0x05811b7aa400e02aL,0xad0a7fbeb1147b49L,
-        0x14756b6e854e11a8L,0x2f1ae8e68e071b70L,0xa923d788938cf9e2L,
-        0xa2798bc0dafa6f8aL,0x0762c1b7bcd2c30fL,0x0000000000000097L },
-      { 0x53c32ec5438538b4L,0xb81a76f9225d6abbL,0xa6bfdddb1596d571L,
-        0xe7fdd67a7bcbfa9bL,0x90bcccd91136787bL,0x2407ce31ef192712L,
-        0x89dc7c1c2656dcdcL,0x613cccda158f3d14L,0x0000000000000044L } },
-    /* 60 << 336 */
-    { { 0x17f4ae2fa457f66fL,0xdcbaaf86f7f9b42fL,0x63f9b6a4512eae83L,
-        0x0e7005e8906c197aL,0xa6dbca2a47d9a62aL,0xabfc7eb772e1d3d5L,
-        0x67a98eeb1f26cd4dL,0xda8b076a0cbf90e1L,0x00000000000001a6L },
-      { 0x6b0ad7ac20b776ddL,0xc866b4abfcd80552L,0xa61879f9df7a54fbL,
-        0xed17d02b5d624997L,0xd91598090e81e750L,0x0950c09fb796dd7cL,
-        0x2841052885acec3fL,0x951a064a247e3b6dL,0x000000000000007aL } },
-    /* 61 << 336 */
-    { { 0x92e45635293aa8cbL,0x632ad2cb47abe5b5L,0xa90124982269db7cL,
-        0xb43095b71331e914L,0x4791600f7092ae50L,0x12270e800afa04b2L,
-        0x6734fdca0a89a3b2L,0x703efce3cef04cdaL,0x000000000000004cL },
-      { 0xa3a0c24dac19c42dL,0x56dd189a4b3e8f25L,0x9413431f3ed8d5eeL,
-        0xb4f9626ec0db57d5L,0x7991275b8d43d9d1L,0x154a82d9aca25085L,
-        0x30d558d279af6d23L,0xc37d14ed0894d400L,0x0000000000000152L } },
-    /* 62 << 336 */
-    { { 0x8a52f15018291f3aL,0x0ba052fb8e4a18eaL,0xb33beb1850947674L,
-        0x24e7295dda7960d2L,0x9c881fa7b4252751L,0x141a115777d3eeb7L,
-        0x98ba241b6d50cac6L,0x6e7627ae87169304L,0x00000000000000bcL },
-      { 0x4d7bda103d0d4bcfL,0x22827deb008a4463L,0x0e52c2e79a70f90cL,
-        0x6712a9fce39b6617L,0xfd8973c0505fe510L,0x11cc0de558c8409aL,
-        0x210477f3c64f2cdfL,0x0e6e51af443cc0a0L,0x000000000000001bL } },
-    /* 63 << 336 */
-    { { 0x4e7381532c5b1678L,0xf1264efdf0c3ad21L,0xe6b67649c37f0993L,
-        0xb3250481fdf7a6adL,0x34841e26d656f64eL,0x6c582f17eb5e5266L,
-        0xe98350b4455c5d17L,0x58f8e6d373857797L,0x0000000000000156L },
-      { 0x43289122e842a3acL,0xeb6f13b743590803L,0xc62511d75946d265L,
-        0x68a0c27f718aebadL,0x0105232e8a8e7627L,0xf5c3f66c62bbebeeL,
-        0x8ed456985e690cddL,0x3eeacd862e990ee2L,0x0000000000000076L } },
-    /* 64 << 336 */
-    { { 0xee2f0d5e485da448L,0x1ed09705ff6f7ae7L,0x14eecc17280081ddL,
-        0xa120ee797230161cL,0xcc768683ff269a0aL,0xf63e5dfc2a872fafL,
-        0xbb5b1ae6acc10cb2L,0xd110650707a71c22L,0x000000000000007cL },
-      { 0xa17256895a78b340L,0xc8802d2a8d805b2bL,0x4f1bd019e62fac2eL,
-        0xa1dd8419806b6762L,0xe6808f48a9223942L,0x50a99d62a6a1e281L,
-        0xfa71344852fbacc9L,0x09e7a5fbb5d82a8bL,0x00000000000000c8L } },
-    /* 0 << 343 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 343 */
-    { { 0x56b1560ac1c7ce9cL,0x619fddf45fedc58cL,0xe8d35dc7b59afa4bL,
-        0x0c5f5ac8eda188adL,0x14d11e1b1a468155L,0x9a5fd6c91529288dL,
-        0xf8b121d3e9da413aL,0xcd307365e231527cL,0x00000000000000e4L },
-      { 0xda248cc0f086ec25L,0x800ea7d4306b0d1aL,0xa5011ab86b74d50aL,
-        0x68bad0af749befe4L,0xc1ad06091bbbce0fL,0x363078eb2727c718L,
-        0x2e2e4aec18c61d23L,0x41f8fd81c84e4120L,0x0000000000000137L } },
-    /* 2 << 343 */
-    { { 0x9a579dee796de182L,0x6f780aa7f6fd67c5L,0x8e2e0d6d6c566337L,
-        0xd8d685b5e5314714L,0xbc0bcb3a8099f308L,0x7127691f585ce610L,
-        0xb1dd4f51fe15ed8aL,0xab542e06217bd3c7L,0x0000000000000183L },
-      { 0x67e189835f29dbd2L,0xf0092c9f74d67113L,0x3faa747c847dc935L,
-        0x798604f27f5be1b1L,0xf766db9a8c76c26aL,0xa38d86f05c205ca3L,
-        0xfec097778c6e65adL,0x1c2b356c156b3b92L,0x00000000000000d1L } },
-    /* 3 << 343 */
-    { { 0xfd161d574973e99dL,0x10ee5e335fd197b8L,0x931929e7e937363eL,
-        0x3593ac90e29447f7L,0x69e629fa511c53beL,0xa9140acf40818adaL,
-        0x2228aa6cdbc45f65L,0xdac3b76cb6956fedL,0x00000000000000b9L },
-      { 0x6f387c616730915fL,0x167ce892b42fb653L,0x88ae15d58258e7e5L,
-        0x5b5467b445c89d8fL,0x4689f145d122a7afL,0x47c3167dbd359cfeL,
-        0xbaa7f767939f7d23L,0xd2457722cf62d4fdL,0x0000000000000051L } },
-    /* 4 << 343 */
-    { { 0x40e2e814378740bfL,0x63a78984cbd2bd7bL,0x372e13db8a8dac87L,
-        0xaf09f900f60984c2L,0x5fcb7a8e79dd89c2L,0x29b8a792ff667cb1L,
-        0x9f8db873adaa64f7L,0xc52129f85dcc5522L,0x000000000000016cL },
-      { 0xa7c053bf00c4f4cfL,0x236a5b2399f2b4cfL,0xaa4e794a7d8f5dfbL,
-        0x42752a2262ae7550L,0xbf731493b6aa180eL,0x4cfeb68e0c875ff4L,
-        0x0c30dcd7e0c5141fL,0x3dcf620376da59f2L,0x000000000000012fL } },
-    /* 5 << 343 */
-    { { 0x95dd4eb5f8656474L,0xd4669a971cd62198L,0x0cc8ef1e92d0b064L,
-        0x9dcf50884d3ec93dL,0x98579f40ebb7f117L,0x5d355b938f1d1f2eL,
-        0x84b5a27e9e66bea0L,0x813076efea829073L,0x000000000000013aL },
-      { 0xc377cf528a995f59L,0x51d5d552504af77cL,0xe78a03839e855f7bL,
-        0xc28dc8efd54d0003L,0xeca6acc485efd53fL,0x94835190e0a0125bL,
-        0x26df5fda0ecfbf08L,0xdeb29864cb0dd7d4L,0x0000000000000046L } },
-    /* 6 << 343 */
-    { { 0xdfb64f02974d9b78L,0x31f9a91b41cce8d3L,0x34dcb6e34999e143L,
-        0x01d57ca3739197eeL,0xc0f2108c78b9f00aL,0xadc6692c4a735404L,
-        0x8358671e3bcc3b72L,0x3fc1ea7d6f09f3c5L,0x00000000000000e7L },
-      { 0x9c983854e86d270cL,0x4d51aa04ae44b27eL,0xff192db6d49c136cL,
-        0x8b4eb830e0f2963cL,0x839723cc894608a5L,0x39df449cfd6315ecL,
-        0xa65f47eff69010dbL,0xdf70203694f69bacL,0x000000000000017cL } },
-    /* 7 << 343 */
-    { { 0x98a217d8a7979eb7L,0x2f4859d405e2e911L,0x37ec784f9f43d39bL,
-        0x6047068b55a35243L,0x2d40c1194be6cdeeL,0xa28ca46cc2d0a82eL,
-        0xf3f91ea1e53f26e5L,0xfaa1f1ee0ad5a3d9L,0x00000000000001c4L },
-      { 0x8774d3bab3deb139L,0x94e79e50bfe48f58L,0x31425427b8a91318L,
-        0xac77740efab106c0L,0xb496d88441a74a18L,0x45952361c5556450L,
-        0x3d513f1474936fcfL,0x80f8d50ebe0c79c1L,0x0000000000000006L } },
-    /* 8 << 343 */
-    { { 0xb3eee6fe2a5a58feL,0xe8fac6485f1bd90cL,0x8c76159758fb2b1bL,
-        0x58d5a7ec41103723L,0x33335bb4a9800518L,0xa2ded46025ed26e0L,
-        0xa8996e7829e98932L,0x819f8f8bcdfb40d1L,0x000000000000006fL },
-      { 0xb8b1d0edb98e803aL,0x29fd31264620cea3L,0xea10dcb49eebe49cL,
-        0x29b7b6999ad55911L,0xc77d33dbf0ca87e5L,0xb9a166ecfe915661L,
-        0xc2ad03b0eccf8c45L,0x7b16346d053affacL,0x0000000000000082L } },
-    /* 9 << 343 */
-    { { 0x916fd08c8984d1dbL,0x7c7870365b1bf3d2L,0xe148da9f2b88ff97L,
-        0xa962ff45ac7c4189L,0x7c1ecc275768d54cL,0x33da8d97d43156d9L,
-        0xbfe05acc50f9f6c3L,0x0fd6737671323d62L,0x00000000000000ebL },
-      { 0xe45e1307c547c707L,0x3db010d28499f1ebL,0xeabff4004f388db4L,
-        0x0b46757cb6041ecaL,0xca91315ebf746334L,0x5980424bd4445cdfL,
-        0x7ccb2bb7482799ccL,0x9c9aa96e3129e0d9L,0x00000000000001b9L } },
-    /* 10 << 343 */
-    { { 0x5e6daeb491bf9e59L,0x9dc3d78928978a08L,0x8ba213793cf5ab93L,
-        0x13e05a849f7f32d8L,0xca46a51d24d864cdL,0x49da1d0958f27ab1L,
-        0x3d44ac191dd5bb6bL,0x14eb042f960ba63fL,0x0000000000000031L },
-      { 0x8c9a73c4857451b4L,0x61a5f60d29e1992eL,0x6b6cd67b1aff692dL,
-        0x3b702f11b835afc3L,0x4270a9babfc9d3c0L,0x68c63f32ca0c7cc0L,
-        0x841cf2826ea38e95L,0x85c69baf0d60d28aL,0x00000000000001eeL } },
-    /* 11 << 343 */
-    { { 0x45e6c6b23f5f1b24L,0x15c28586b7cce3beL,0xe985cedf965cfc87L,
-        0x26747eb284cf2b49L,0x681700f7c15ce505L,0xe2d3e6344273ba87L,
-        0x09e2e994691f61b5L,0x13dccaf844b47927L,0x000000000000014cL },
-      { 0x8c7d0330798eedbeL,0xe0e7fa0ec3f4951cL,0x99e5422f22ffa060L,
-        0xa977fefc3e202a9bL,0x40d939b29fda521eL,0x49c677526e65acd9L,
-        0xc17c3b685171db47L,0xda5735369cc9843bL,0x00000000000000faL } },
-    /* 12 << 343 */
-    { { 0x085d3a3cd827cc1aL,0x66ade8b0b0a2b341L,0x4b810c4cb68dfc88L,
-        0x77fe410ee5230a76L,0x8426dd8e389a3a1dL,0x2dda407d7d94bcf3L,
-        0x5c661465415e7675L,0x442edb73273f2602L,0x000000000000016cL },
-      { 0xe079d5bcb074acfaL,0xa72d9c62d08169caL,0xe1d49019f8828607L,
-        0x6ec373632e99dad2L,0x00f11e7bc8707b4cL,0x8b3275a0face4dc8L,
-        0xfd045d4660ad7b4aL,0xb59f6b352d870ba7L,0x000000000000005fL } },
-    /* 13 << 343 */
-    { { 0x8d68557b51272392L,0x5309f4ee45658c02L,0x3095b408efe64d18L,
-        0xaa43cad23d85c797L,0x859fdd6a4466d136L,0x19522c68bdd1220fL,
-        0x2def78829b8cf52bL,0x3374cc6bda0d3564L,0x00000000000001caL },
-      { 0x70ba7af1481ff4fcL,0xbfec18ace52060eeL,0x193045817332c570L,
-        0x9bca275ae05313dcL,0x792532b3e4688a8fL,0x73a7088b2cc15270L,
-        0x0d5f57a3cdd433a5L,0x53928b9ce4932780L,0x0000000000000119L } },
-    /* 14 << 343 */
-    { { 0x360e5a48a3d933ecL,0x0ab120bdf7bbea20L,0x30b58f9adb780cdcL,
-        0x30736d9595285853L,0xd52795fb1b3839deL,0x61abb62ef74f223aL,
-        0x7134f16b31f8ec5cL,0x716089459beced0dL,0x00000000000000a1L },
-      { 0xe346fc2d8d5e323dL,0x56aa6ef5ae6c4aa1L,0xdea1e40d130796eeL,
-        0x7685efdcd71960e8L,0x07e19bb51040e1bbL,0xb89e54e64709427dL,
-        0xb09e9978ab677ccfL,0xd155e8cae4e79e41L,0x000000000000017fL } },
-    /* 15 << 343 */
-    { { 0x37911cec263d9d14L,0xf47b2325e6c4d1beL,0xda885016f0147d78L,
-        0x0885ca03887ecb3bL,0xed86eb282d186bfeL,0xbdc86af2532d79c5L,
-        0xb383a5e811c79f33L,0xe07db5fe06434eeeL,0x000000000000005fL },
-      { 0x94ebda7ed0e9c38eL,0x890cbadf57eec5ccL,0x0307af50c3e7bb87L,
-        0x7a736b3ad82a5ccaL,0xa11df6677ff0813aL,0xb6108387e88d8258L,
-        0xbd705b30d4d86b60L,0x8236cf82dac7fb06L,0x0000000000000038L } },
-    /* 16 << 343 */
-    { { 0xc08891ef1f60c05eL,0xf9407f855915d764L,0xde8e7a4f0c96f04eL,
-        0x6f2753d62cc9d658L,0x59c566b1ddd346f9L,0xf47b8329e3197938L,
-        0x279a225bec0f1790L,0xd2001390302c441dL,0x000000000000001cL },
-      { 0x71f6e57c20ea5e7fL,0x12786ba3c8eccc18L,0x31bfeee7563adb36L,
-        0x688bbe01c99e4db1L,0xc1a39c8458226d89L,0x4a23db6dd0436b3dL,
-        0x9009c835bcc4a5d0L,0xb5765b5b4bc5e903L,0x0000000000000147L } },
-    /* 17 << 343 */
-    { { 0xe6b4a598aa1bedf5L,0x961741ea269742a1L,0xa70c0ead730beb27L,
-        0x6630a4735b0951b6L,0x7705bf6ebe99d329L,0x72c5d355f107c12aL,
-        0x3339727727eb0146L,0x88057c43805888faL,0x00000000000001efL },
-      { 0x0e50400725ef77eeL,0xe4055d7b45c6b5d0L,0x50fe7dc291aab5e1L,
-        0x0a4a41f4b30dde14L,0xf79ef05566d0acecL,0x47ff1b08d751cbebL,
-        0xb3b376414b70d1cfL,0x839901ca495f96c5L,0x00000000000001e2L } },
-    /* 18 << 343 */
-    { { 0x70f293f78d7a1a55L,0x6d47ae698dbd1bcbL,0xd972ce7e2a482890L,
-        0x565b5a69ae414647L,0x1ff7f1f4fac08052L,0x6ac7e4f7a6b8ea59L,
-        0xb00046d54c758546L,0x57fda89278c94b54L,0x00000000000001efL },
-      { 0xc89c53d4ab9b1fd8L,0x120412c01939d37fL,0xacf8ab74178a657dL,
-        0xf02ff62e6277e2f9L,0x6d388adadef2648fL,0x0a21d194d18d7ec9L,
-        0x28a91fb9620af185L,0x9a4be9c4cb7ebf4bL,0x0000000000000025L } },
-    /* 19 << 343 */
-    { { 0xbc45e6e4b2dae93bL,0x078b15245136d380L,0x61d2079bcde5d587L,
-        0xdcb2f7bf4d18976aL,0x3134fa08f1163d89L,0x4548e1cc166d26d9L,
-        0x372b77f520cf54c8L,0x21e059e7370c6405L,0x0000000000000090L },
-      { 0x88f8eaa80398ad72L,0xef4dfabdc756e71fL,0x9793c8cd26ef090bL,
-        0xa2183be477e6c7ebL,0x89687bae0c15e96eL,0x973c780afb7901f1L,
-        0x98d0434c8c13b4e5L,0x5ac0079c7d545f02L,0x00000000000001b8L } },
-    /* 20 << 343 */
-    { { 0xb6cc18ebda4a348fL,0x75ec91dea1828b88L,0x33d09001749d90e6L,
-        0x09157f665444d6a2L,0x3d99e23ec900287cL,0x5b7ea7f56e259af4L,
-        0x23cf7c3d7f716c57L,0xf3eb640ffe71bb94L,0x00000000000001aeL },
-      { 0x8244fc846e9cdcf1L,0x595beb65e002db4cL,0x5caff71941a87d50L,
-        0x79b6aab4e3ccf8aaL,0x1c57658749d3eb51L,0xe81912249671a8dcL,
-        0x64c41ec1651fc983L,0x9f8680d37983f157L,0x000000000000006bL } },
-    /* 21 << 343 */
-    { { 0x60ab42fbe05b2926L,0x1c587bf61d33e1dcL,0x96f5e70249ff79e9L,
-        0xb962af43e24c2e89L,0x30042cb3be7c4f64L,0x79f652a81d63ce35L,
-        0xd898a931ad6a7c44L,0xb2fb1570230d1accL,0x00000000000001f2L },
-      { 0x2022d6a58be3811dL,0x00194f6b73c51c56L,0x3ef9434003d77a7bL,
-        0x6d1989c6b8e27ccbL,0x03eae3f13a64841aL,0x41fadc74c63267efL,
-        0x3e79f28722c3f704L,0x9d6bb8f454828d4eL,0x000000000000018aL } },
-    /* 22 << 343 */
-    { { 0x185cb8e721e2e26eL,0x1866dbbff82c3492L,0x5a5e2a8913fe27abL,
-        0x2a97a225ba74bc51L,0x9699342b754d7055L,0x11cbb11a2395566fL,
-        0x7a1a2e8d98ded0a3L,0x17986e2379b54681L,0x0000000000000003L },
-      { 0x646f4099da8c44d5L,0xb738986d451eeaeaL,0x09dbb26b7a3b8625L,
-        0x5b427f68db3935bdL,0xd946c20da7131ae5L,0xae04ca918a745c0dL,
-        0xa1b0ef3a3f2341a6L,0x7b87fe01d6c790e1L,0x0000000000000098L } },
-    /* 23 << 343 */
-    { { 0x72170b94be3f7ed3L,0xbce35d7df87e5a5bL,0x475dc4f4a187c49dL,
-        0x8f70214da1e51c4cL,0x4a4f2173b03f9991L,0x0f402769644bfa17L,
-        0x1fcb1fd205185c69L,0xc73f4d6ad59730d6L,0x00000000000000f3L },
-      { 0x718cba01d0af16c4L,0xf877dfc0321d02baL,0x92005bdd160a85bdL,
-        0xa77c73b9fa3cc000L,0xd32784fa789d71a5L,0x1fed3e8451aa04d6L,
-        0xe5eff488d6838f92L,0xc6dd5be9b197e512L,0x00000000000000b2L } },
-    /* 24 << 343 */
-    { { 0x78a6a00515ccb3f5L,0x77707acad710f874L,0xa9f60018df76fab6L,
-        0x7a05131eb0ef7585L,0x73076403c0347bd4L,0x5677f9b970f16928L,
-        0x71e01afcacdb7c70L,0x2801531df2261bc4L,0x00000000000001b3L },
-      { 0x2e0884c087ab879eL,0xcef683ae5692f07fL,0xe9378ca2ecb5108fL,
-        0xb259e58446581fb3L,0xbf13bd74d9ab63e2L,0xdbb1a8660488e2f7L,
-        0x308d1a9c791c614aL,0xc064c4b74bafecceL,0x0000000000000068L } },
-    /* 25 << 343 */
-    { { 0x3baa82b9d0344395L,0x61b0ae22f03f32d3L,0xfdf609fdb9ab6330L,
-        0x8d2d4961e63485d7L,0x118bcbae7ed8bf75L,0x48084311dab22cceL,
-        0xd878e073ffa72bf0L,0x2d31d41024088b64L,0x00000000000000d8L },
-      { 0x1e2ad88893e537ccL,0x723c084c89496f7dL,0x154523b8e2095efeL,
-        0x60efb050a2a64c74L,0x1da398ac0f97d458L,0x3a4f1f7c382044e6L,
-        0xced99f7be34a1f0fL,0x7d757166ecebb070L,0x00000000000001f3L } },
-    /* 26 << 343 */
-    { { 0x2368670204035fbcL,0x494b7bd0a09ffd39L,0x24d81683d3d1a346L,
-        0xd8717302a15611edL,0x67d48150235fbe70L,0x7056885b92733e93L,
-        0x7088dd8d149e63c7L,0x9d1fa18c9fa2b660L,0x0000000000000093L },
-      { 0x05ccc95bab42e341L,0xf8ddae598d84b663L,0xecbabdff710e5d05L,
-        0x6bf408efe7d83fa7L,0x01e9fba9cc612f03L,0xb11b149a4b68351fL,
-        0x2eb12cb1c441fdc5L,0x1c5aa7073f1779f2L,0x0000000000000079L } },
-    /* 27 << 343 */
-    { { 0x71a41f98b7c8df35L,0xc0956536a098c8e6L,0xba543f95b726e746L,
-        0xc930b14a1d6414bfL,0xbe77ca4d1ffa41b9L,0xe2c9b33a01b6503fL,
-        0x8f618a589be1f9f7L,0xc5352fdb58a1e937L,0x000000000000015aL },
-      { 0xab583155d4d38a4dL,0x7dae65b732f456ffL,0xe6dceba0864ea025L,
-        0xe1b8eedb2beb7e85L,0x1afa273c24ef0333L,0x15c04d35f74c8c1cL,
-        0x3df77f47fe398bc2L,0xe6759438fca98336L,0x000000000000010dL } },
-    /* 28 << 343 */
-    { { 0x37097c79f3582e38L,0x32fb2f72acb94fd0L,0xe9f248615bd8e99eL,
-        0x021bd377d89f261eL,0xc27ccfba354d698dL,0xbd90006363d0d0d1L,
-        0x1a2ff3650ffe8c76L,0x2e06e2ac0a5a912eL,0x0000000000000056L },
-      { 0x32d5f87321ac73f8L,0x6071df7f1ce57659L,0x7b26cfe7f3d02f88L,
-        0x49889f71ac4b7cceL,0x6a8e756e4aa74667L,0x68698ee6cb72bec2L,
-        0xf10fc0e132a6e923L,0x25d53885dde3045cL,0x00000000000000d2L } },
-    /* 29 << 343 */
-    { { 0x2578f6e4c55d2794L,0x33d4f6c052c21979L,0xcb692ea7f0ac80ceL,
-        0x4a075eb4d0d2bb1eL,0x2bdca085d766fb6aL,0x28800b66f9cef794L,
-        0x79a504a18e1af8efL,0x87b7c42918f6d72aL,0x00000000000000e5L },
-      { 0xa0315547c4fd70bfL,0xed90418d1bf84addL,0x9444ed07561cc0a9L,
-        0xe218634f926e1d91L,0x1c2867c9c45cccb5L,0x8867a11b0088364aL,
-        0xb33066483293a8c2L,0x5379837264319b9dL,0x0000000000000059L } },
-    /* 30 << 343 */
-    { { 0x6261f11a490fcb56L,0x80e1e5b92166a7fcL,0x2156e7b7410ca8f1L,
-        0x6ba2949dcf083d43L,0x6f8c280e85f7a658L,0x86921a03c5362a6fL,
-        0x212c2960a82059ecL,0xcd6e8bf65535b1fbL,0x000000000000003eL },
-      { 0xde0debf94fa231d9L,0x3891ee50bb251008L,0x4f2e882b1d3cf2f7L,
-        0x55ae8ab4a441ea5eL,0x1a2fd89697f3d7d0L,0xaddcebb8240f6844L,
-        0x00c9e36a7c1ae8a1L,0x017a9763b8c7c299L,0x00000000000000bbL } },
-    /* 31 << 343 */
-    { { 0x7f8843aa27c1fd2cL,0xc7c12738b7767dd1L,0xed262ca40459641bL,
-        0xcfd418f94ae40df4L,0xfea0e51e4b4adc47L,0xf71a6afbc1076188L,
-        0x51c967efae2fb1ffL,0x10af8b7593d3d135L,0x0000000000000005L },
-      { 0x60b155619802e32bL,0x1b766903875c51c2L,0x8e8f66b6afa3d68cL,
-        0xb174d2ebe8cf549dL,0x514733991f65fa9aL,0x5bc23426688a0642L,
-        0x7dafa87c49871359L,0xa01b3e316ee4c06cL,0x0000000000000069L } },
-    /* 32 << 343 */
-    { { 0x1e2df23635210df1L,0x387b5c569aace566L,0xdd8152c9ee401323L,
-        0x56fe9ec99cac0076L,0x88ed7fc1e1a9f782L,0x6551487d681f0428L,
-        0xeaacc10197689006L,0x626bcad13b7e7fe6L,0x000000000000015eL },
-      { 0xe1b3574a7acb23caL,0xadda7c9e3636a1c2L,0xfc998cf89f3d947cL,
-        0x38ee4df41ba0511bL,0x1f40cc1403e4694bL,0xccecf4e0800fb6d9L,
-        0x021f708ae1665d06L,0x2bcd7975c492d329L,0x0000000000000063L } },
-    /* 33 << 343 */
-    { { 0x96b4d04fab8001feL,0xe57a3a7bfe85f93aL,0x8ddba50b81d1d925L,
-        0xa721d664f4b81297L,0x97ed33af14009a3eL,0x566f67398d669f51L,
-        0xe390958133398239L,0xd7a868f9b1e9107fL,0x0000000000000027L },
-      { 0xdc583df06773c4c8L,0xd92a6a1e5e741619L,0x9fc62275eb819e25L,
-        0xf9854e0cf083005fL,0xecbd75ce7b51e108L,0x4cc07d2722a8eea2L,
-        0x06b4a95fa203629dL,0x65458a822e92393fL,0x000000000000009dL } },
-    /* 34 << 343 */
-    { { 0x0c33804b49726318L,0x02d8b4cea9a6b656L,0x308eaf52e8cf960aL,
-        0xb36b768adf3a112eL,0x8131fab42b004e40L,0x0559670c887c5137L,
-        0xff0aaaa311f55b20L,0x08f4a3c37882a219L,0x00000000000000f6L },
-      { 0x1e4c54f236e35580L,0x75b801076317c307L,0x08da116384ed361aL,
-        0xda9c804e9fd2252aL,0x12f480031c027a95L,0x4c2edab64ba5b4b6L,
-        0xc7e6ba6f307f959fL,0xb541004fdfb90d0dL,0x0000000000000099L } },
-    /* 35 << 343 */
-    { { 0x6e84f0d99170c45dL,0x6c18bb4d38aaf72fL,0x07982c04541fb2a3L,
-        0x87b518be80d9c949L,0xdee66e2966394187L,0x31511309f8dbf99aL,
-        0xa8778cbaf823156bL,0xf9faea959b606d0fL,0x0000000000000093L },
-      { 0xfd31893563961535L,0x7986e24f3f52f702L,0x5b1159b45ddfae4dL,
-        0xcd9fbfec2eab8be6L,0x7b02b3fc8041e138L,0xd6a03b7891c5a91fL,
-        0x27bbfa95e2cb2f1cL,0xa9ce01ce466ef3e3L,0x0000000000000133L } },
-    /* 36 << 343 */
-    { { 0xee5cc4b56463339cL,0x5db849afd60e46a8L,0x376ec6edbb0cd719L,
-        0xb25bc974b73d2548L,0x4d3b9651ce5787cdL,0xc9f56856fb8a6b9cL,
-        0x40712dcf9997fafcL,0x1e9a979d88c38605L,0x00000000000000ebL },
-      { 0x65aa240f387c6c7bL,0x8dba59ea2e4d5a46L,0x4dae7703cbc76db7L,
-        0x616a9765ce122f7aL,0xa7ba80479be5f249L,0x0e3cc2bc559ff606L,
-        0x533dc60febcf865dL,0x07f49e3224af8ab6L,0x0000000000000104L } },
-    /* 37 << 343 */
-    { { 0xdd77ebff685989acL,0xb6f95799ab8308a4L,0x4e3a55af398e759dL,
-        0xa450ca615693678cL,0x54fc55a0b225faaaL,0x16584ec91dc73d17L,
-        0x1a5d318febfd0546L,0x76b7d32f96c3c17aL,0x000000000000003eL },
-      { 0x51be80cc328cc1fbL,0xa7a78f194965e6aeL,0x5381b42874544db9L,
-        0xaff29152aacad99cL,0xc48bbcc61156add8L,0x363047efe566895dL,
-        0x33d0a4a5bd032371L,0x880ec2cbff5f5959L,0x00000000000000a8L } },
-    /* 38 << 343 */
-    { { 0x9690d5e55f5e7c31L,0xef7369b18adef74eL,0xf74ee9ef2a7db0c9L,
-        0xd59cb64addf21c43L,0x6eb9fb438da8e4ccL,0xd1962bb086d3a35bL,
-        0x7f8df70c107dd755L,0x4226aac2d64da7dfL,0x000000000000008fL },
-      { 0xe8ba50a0fff053a4L,0xcf3d93f3aa55315eL,0xb3cdbb97d1f458b0L,
-        0x4b08420dd5d406bfL,0x7d869582f55c2820L,0x6fcb33b1698de39dL,
-        0x6b7745f5daaa8a63L,0x6ecec49a60db3a06L,0x0000000000000189L } },
-    /* 39 << 343 */
-    { { 0xe7ec7a73a6fb4bf7L,0x9c4cb462c58d8eecL,0x1774812b9e39b420L,
-        0x3eb336168ef96477L,0xfeb07e85981c4ce4L,0xc5cbf961bc2806edL,
-        0x558213f9c99082deL,0x6da1895930463857L,0x000000000000006aL },
-      { 0x55fc5626e084de84L,0x1c14a1b6b1388433L,0xbcd81c8c13bcb966L,
-        0xf3c19eac80ec3df1L,0x3d8209db319be8c9L,0x009dd32c97cb53ceL,
-        0x11b045b569348a7cL,0xf062b5bf08a42755L,0x000000000000013eL } },
-    /* 40 << 343 */
-    { { 0x1c48fc22b0b3927dL,0x0bde722f69b0963fL,0xe408cacafa23304bL,
-        0x0286346c33892f47L,0x4edfa1d344dca6d2L,0x4ed4dc92dc7e794aL,
-        0x875f0a691bc2fa3eL,0xb6719990c61f95f1L,0x000000000000010aL },
-      { 0xd69e90f6b9d1af63L,0x78a0578fb8525cdbL,0x423058d607e5dd88L,
-        0x4566d2724e64b363L,0xfa878a8931cb06ecL,0x88ff5b4a1bea9ffcL,
-        0x343e558867212ac2L,0x0e4cb5b440dd6e75L,0x0000000000000184L } },
-    /* 41 << 343 */
-    { { 0xe0d0a82ddc9454b3L,0xf487a58cd0bd7052L,0x872289d507f23cb3L,
-        0x739561b660a4d759L,0xa785b509596c0ef8L,0x0013852d0842b0e4L,
-        0xf52d1e53d66380ecL,0xbff385dd62bb1e96L,0x0000000000000113L },
-      { 0xbdcb323fb841727cL,0x6943c4849a825146L,0x31893c76e74e00c5L,
-        0x62c0e3d55e3801ccL,0xa692149105663bc5L,0xc521169e924ea71eL,
-        0x3082a14de324bd5fL,0xa571779c8641c086L,0x000000000000004eL } },
-    /* 42 << 343 */
-    { { 0xfb39fb3373facaaaL,0x1305273c23052258L,0xa9205e1175193205L,
-        0xef9fecbb8cc8098fL,0xdd0f157be588ca9eL,0x3364b687f8f2e14dL,
-        0x3e0a4cb00594f821L,0x2697b264600abec1L,0x00000000000000e5L },
-      { 0x5f1048d60c425ae0L,0x596a72abd8196cc0L,0x76dbf0a6ff36707eL,
-        0xc7ab267255665a0eL,0x27ae6b082aacd81eL,0x4a2646471184702cL,
-        0xb6420d7981ffcc1fL,0x7ac1e298536904d8L,0x0000000000000188L } },
-    /* 43 << 343 */
-    { { 0xab8b3503416f5d87L,0x4fc288e16651df50L,0x3f0adfd9f62ec45dL,
-        0x92cd8547172e5630L,0x434fbc19c3aca907L,0x38eb1388ccb55646L,
-        0x19729f62dafb3a47L,0x8ced2ee49cfc34cbL,0x00000000000000edL },
-      { 0xb08ba1c3cdbc6116L,0xd075c733b7ab4b91L,0x547d457ff97f1759L,
-        0x919a38e18c601000L,0x2fae128fc9a3a7ceL,0x050486e31643b442L,
-        0x9034efad2afd1aa0L,0x92702ff21af79b99L,0x000000000000007dL } },
-    /* 44 << 343 */
-    { { 0x68d0506218f40095L,0xe085992447df111bL,0xab2400df4b409e59L,
-        0x5f8d22db555656f8L,0x606ced3146df6523L,0x4c92283116251601L,
-        0x8b383573007bb6a2L,0x99bb3be83dd4c4eaL,0x00000000000001e6L },
-      { 0x65838cf4d21d9bc7L,0xe07a59110168059dL,0x193d6b80c27c988aL,
-        0x08d7198bb6411f17L,0xb229275330ee2a99L,0x4dba6885690e2ed7L,
-        0x658b187cf10e2b34L,0x8002fb6b9ac63db3L,0x00000000000000aaL } },
-    /* 45 << 343 */
-    { { 0xf2aa7ff4fdb6b1f7L,0xfb45d9ab038645afL,0xfbe46a595d991f1fL,
-        0x777ebeadd152a3f9L,0x830688a04a7e59fdL,0x205e03ef3a6d1d41L,
-        0xe61a446a1ff8c82eL,0xc2557922ee29bd8dL,0x00000000000001e1L },
-      { 0x9181192fabfa9a84L,0xbcb13e6a99b82faaL,0xa509d7609f24f727L,
-        0x30f91875d7fcdb25L,0xf5e87646a279f077L,0xa1abe3b1afcd136fL,
-        0x5096c338f5d393a0L,0xe18e7d97c77f082cL,0x0000000000000023L } },
-    /* 46 << 343 */
-    { { 0x99a8fbb5a161f30dL,0x4b936314a6dca904L,0x582fbb6285f072baL,
-        0x638b964291f813ebL,0x8fbc4a5f33b67634L,0x75c4f8854786ce86L,
-        0x12fe375cb2be82fcL,0x57b6c79e1af62afaL,0x00000000000000ffL },
-      { 0xc584de033815bf50L,0x59284a85a5d2a462L,0x99205733a2db6069L,
-        0xac414cedc789585fL,0x74c918a17924fc12L,0x4179d5c0e01a417bL,
-        0xf3f6d46b2de7f1dfL,0x04d576ff993a462cL,0x0000000000000058L } },
-    /* 47 << 343 */
-    { { 0xe9599d6ac0d5f4e1L,0x175f50fe3ff2ad8dL,0x8387d0c9cbe62ffeL,
-        0x19bd7a93f759c79cL,0xd6dc8c1718264806L,0xffcd7dc91f93bdb9L,
-        0x272bbbde842b0f37L,0xa25c2429cea01bf8L,0x000000000000001dL },
-      { 0x6a294073e4187767L,0x209d9bc423ee345bL,0x720ae363dea56eddL,
-        0xe3bf827a23447df3L,0xec4fc4d9dbcb4442L,0xa523dea0df06b38fL,
-        0xb7a20ff275ff70edL,0x758975429c985220L,0x000000000000011eL } },
-    /* 48 << 343 */
-    { { 0xd6772399efd3e26cL,0x08fad2b4016cc649L,0x04b688e18c93ae74L,
-        0xee4cd37f884e93feL,0x0adfc5f43f4161e4L,0x38b754b36a15d63bL,
-        0x0a7c520fb63e3bbbL,0xc6d4a82a6bfb98c7L,0x000000000000006aL },
-      { 0x3fa2075432fe9124L,0xbb2d3081b6ba6e4dL,0x21294a30716ec099L,
-        0x930eebfcd2636892L,0x0f2d1febac11c6dcL,0x4a22383d797f5a02L,
-        0x40c0453b4e874895L,0x1d1ea32146bf9197L,0x000000000000012bL } },
-    /* 49 << 343 */
-    { { 0x98adef8589638e94L,0xef3d1a9e3d38b340L,0x6ce88584062c0c59L,
-        0x7a306b12e4d7ed2eL,0x3fd19f650e0ad96fL,0xfd800846bdd0f7f9L,
-        0x41aa2176c8958c40L,0x662b0a5f6b80a9f2L,0x00000000000000fcL },
-      { 0x3c1da866bc0ff89eL,0x8f659183ae7b7052L,0xf499f6a9c3ab5947L,
-        0xbca8b00cb8e883ccL,0x71b521e4ffbd2095L,0x6d9347e395bc461eL,
-        0x974c20ade248b5b4L,0x8b0e856009a7b234L,0x00000000000001e6L } },
-    /* 50 << 343 */
-    { { 0x0b011c32ee2b97d5L,0x79200cef3ad0b2ecL,0xea1decec50b54070L,
-        0xec2fa4a8daf1d7c9L,0x9c2061eaa9203504L,0x01ca3089e8e76ddbL,
-        0xf009b4ecb2ab1903L,0xd42e9d8d17418ffcL,0x000000000000003cL },
-      { 0x05c5851078dcb449L,0x366e588014134c89L,0xd3c226ca0f9d0ca8L,
-        0x90368b2231202cdaL,0x4900c6c679c08f36L,0x282ba56a42a6f1b1L,
-        0x3146c4170b497bceL,0x4b6a7d5d8b761fa6L,0x0000000000000182L } },
-    /* 51 << 343 */
-    { { 0x9687fad20f33e22dL,0xee13cbf0f861fe0eL,0x7bfd7b51e420708fL,
-        0x7e3b03c29408f6c3L,0x98e32d6cd2478ff4L,0x46c6a5ee34a542b3L,
-        0xfb063d20a9d664c8L,0x0d46f2fa462cd3bbL,0x000000000000005fL },
-      { 0xd864149319bdb879L,0x4c1eb5a09c32b27cL,0x7245a9ac8bb683f3L,
-        0x6c0416d6147ac3bdL,0xf0b832fcf13b6273L,0xe4cf4607f2140e06L,
-        0x3627fed4b74a3da2L,0x0b285a0d5eeec17fL,0x0000000000000118L } },
-    /* 52 << 343 */
-    { { 0x1fdcd60d607b148eL,0x52ba3a64ef0af894L,0x93d7e10f8e017e3fL,
-        0x54586254a1c56691L,0x7ba1d3344dc39c87L,0xdb980aa5947633fbL,
-        0xe005885333908ff9L,0x752e4a4cfc9c017fL,0x0000000000000111L },
-      { 0xf00b5caadca578c9L,0x33e7b721e5e36c85L,0xe12eabb0d35b31b4L,
-        0x7e7f6feb77020642L,0x593a80b27efc68aeL,0xd15b1c05b098be57L,
-        0xf2f8a3d4a680dd49L,0x41bcfdbc8743a900L,0x0000000000000152L } },
-    /* 53 << 343 */
-    { { 0xe941ed524f65e73bL,0xd3e1d57affc2f0daL,0xc6d535243702b0f7L,
-        0x81cbf7778599b1e4L,0xec7ea8a9c500dfabL,0xba77eb049d0bfbe4L,
-        0xa3d1cb95e1324dd6L,0xc8ef4cceede51d63L,0x00000000000001a3L },
-      { 0x6c2624e5052f9069L,0x235b7957a284f707L,0x2cef19e959304063L,
-        0x0e2ccfb01ea15b4eL,0x9a4c9bf0010f6519L,0xc1edf0173339bed5L,
-        0x5677cbbf8bddb55fL,0xe487e6d90b86d922L,0x0000000000000097L } },
-    /* 54 << 343 */
-    { { 0x942ee9fa3f9dfb04L,0x98f99ee04bb518c8L,0x7e82e828b4c177deL,
-        0xcdc34f88cb890189L,0x7662d2b1295eb6c7L,0x40f6e30126ff62adL,
-        0xb09ada6615539133L,0x0240f1ab994c1ee3L,0x0000000000000119L },
-      { 0xb788badd5b186991L,0x2f0f51d1feef6adeL,0xa6fcad6697ebc752L,
-        0x7a41969ecb9d2718L,0xe8b76733a3690ba0L,0xfbb3978055a3075fL,
-        0x905400f11e407ebaL,0x1cf6c26d29b33ca9L,0x0000000000000026L } },
-    /* 55 << 343 */
-    { { 0x82e0c91375602369L,0x37772fd0cdf88991L,0xed11013ce687811bL,
-        0xadc2a6ef0e32e842L,0x9b95a8c33183cb5dL,0xb7ea194ef178fd02L,
-        0xdf35cb1b0e373bbeL,0x4c70f3b2d5b46c11L,0x0000000000000154L },
-      { 0x62570b6cc73964d1L,0x0a0b268480c4e024L,0x400b160c1205a6a2L,
-        0x826be2f82f65aa46L,0xd10b64a20a054f68L,0x12bffa7464766cf5L,
-        0xfe9420788d929d96L,0x78a8682b8fa29a3fL,0x00000000000001a2L } },
-    /* 56 << 343 */
-    { { 0x567357340ee20005L,0x1867e14953306288L,0x30a011a2a8c834cbL,
-        0x85dd3b76e4be86d6L,0xe080a590059d6838L,0x27ba4bbc384fc1a9L,
-        0x08bd92bc1fb5f754L,0xbfe47313795078b3L,0x000000000000016dL },
-      { 0xd266058c646b3dafL,0x32edfdb12fbe6000L,0x641eba0fe2f9c075L,
-        0x02c67e0c69ad2966L,0xe2f469e903ae6d25L,0xe7e4198ad0927943L,
-        0x63e387902caf56f2L,0x563c3fe290ba1dc6L,0x00000000000000daL } },
-    /* 57 << 343 */
-    { { 0x986795c4e5fa0ed3L,0x6cacef9a47ffc3c3L,0x8406f9175b1dcda8L,
-        0xfeb8ce4570d199f9L,0xbbbc1f37d1b1aa68L,0xbdab7e0ecf1643a5L,
-        0x4fe791e953c4a8abL,0xebae700e4d20cc4aL,0x0000000000000177L },
-      { 0x702b8bdb97b76b31L,0x73da6623d6e6fde5L,0xb36946a708ea1f3dL,
-        0xfb25cd3ff11e7ae3L,0x996cf485c8475ecdL,0xf3ac42d20ef1dcf7L,
-        0xf218353842a60719L,0x3cc178281d61944aL,0x0000000000000191L } },
-    /* 58 << 343 */
-    { { 0xfcd47f6b67508a16L,0xe31427401bdf577cL,0x4895185967f0cff3L,
-        0x7d6fcef807638e5eL,0x39b9d003e9235a94L,0x0f58af795a824938L,
-        0x6cf21f76518b7880L,0xc485929558044273L,0x0000000000000186L },
-      { 0xe0f75e1aca93ef08L,0xd5644e7b4340dbbdL,0xcf01ad2491a927d6L,
-        0x43829aa53be7c5e0L,0xa0c72646c54fdd3dL,0xabedecc81d939f5aL,
-        0x8bd70b024c607671L,0xa0dc64200adc7aa7L,0x00000000000001e1L } },
-    /* 59 << 343 */
-    { { 0x26a9889300d4249fL,0x65abdecb009278b3L,0xc118a3f337065e41L,
-        0xea008486e7ce142eL,0xb98918b36b326823L,0x0f1031f33887e45aL,
-        0x7530610e1629d0aaL,0x6193410a3bdd47bfL,0x00000000000000c8L },
-      { 0xb1da190f84192eadL,0x61f8d02c3303a700L,0x6faa862b1b3bcdb6L,
-        0xf55bc5e116da96baL,0xd95bdcfbc7109dd6L,0x1a75f2179573e7a4L,
-        0x04ccd08b873cc228L,0x5b2039ee25a9f6f7L,0x00000000000001c6L } },
-    /* 60 << 343 */
-    { { 0x5fde9be18e99f004L,0xda1fca7fc4fcc705L,0x8776b448e77c338dL,
-        0x12ae11e1e0384911L,0x28172fff338ac117L,0x7d32e433fc4479b5L,
-        0x55f257f9c5c8cc74L,0x70190a52ed205691L,0x000000000000011eL },
-      { 0xb255a18ad36a0c3eL,0x435abf4b3c166cdcL,0x51f796a0d75211c3L,
-        0xfa43f06b521d35baL,0x47fae95d0575debbL,0xf9f7ac07626266b8L,
-        0xefd12b4837e8edc4L,0x03ccbf8b6af450f5L,0x0000000000000001L } },
-    /* 61 << 343 */
-    { { 0x4c3a5b247b4fd7f9L,0xbe4f6aaa73cfa932L,0xf8720019c183b294L,
-        0xa88e61113efbffd0L,0x02a45a2f505fa176L,0x5614def1ca32b335L,
-        0x27d80f82eb09898cL,0x341f3eb60072f7dcL,0x00000000000000bdL },
-      { 0x3b1074917ef9c7f4L,0x1db05b0daaca0f0fL,0xb4e8236c35fabb88L,
-        0x9ecdb35c2d887bdbL,0xe9e477a4685ff351L,0xd66108c5c8693cb6L,
-        0x3f45b6e0a0408fd2L,0x712b6b89197ecc54L,0x0000000000000075L } },
-    /* 62 << 343 */
-    { { 0xad5096b436373ad1L,0xc5c5d96a67e09911L,0x71d976bcd1c1bd0eL,
-        0x734eef2e26276014L,0x39826b9398abb08dL,0xf97c29bb60504d90L,
-        0x03e6b7bcc8dfe26fL,0x62fbcd06edab53bdL,0x000000000000001aL },
-      { 0xb8e19bcaba51fc6eL,0x51980bedfb188d4bL,0x947062215f9340eaL,
-        0x55fd26f2ea1bf912L,0x9b4bfd5b52acf80aL,0xe0cfdad11517a40eL,
-        0x0231b221bc0813aaL,0xd93ede1067c8de5bL,0x00000000000000f2L } },
-    /* 63 << 343 */
-    { { 0x14c36eed98352662L,0xb2fc535820cc7dc2L,0x4d9d0399afbf0b1cL,
-        0xc45410e2bf803069L,0xadf0b1e408a75f7eL,0x32483ad625d55976L,
-        0xe03ac79a40134cdeL,0x8a5e15bfeca20104L,0x0000000000000094L },
-      { 0x54bb69bfb2ad7a77L,0x1c7e147a4c7a969eL,0x3abd4c100ca1cfc4L,
-        0x25cebf8026549e9dL,0xbc93e23dcf7a3014L,0xd35c8df023b55805L,
-        0x6febda25410f6adaL,0x724a6fb680ffb7e4L,0x00000000000001e9L } },
-    /* 64 << 343 */
-    { { 0x2fb204ffc6ac25bfL,0x04264d4a20b8ff3fL,0x95b64338a430a774L,
-        0x573a4b367da8bba5L,0x950affbb5b83d767L,0x9254695bb560c0f6L,
-        0xfcd8a4fbff22df77L,0x8625ed302d6e43dcL,0x000000000000004aL },
-      { 0xed8010f61cac9547L,0x0612e17392c7ba4fL,0xaf48aeed051d9478L,
-        0xf7067a1069a78479L,0xb17c4be898a1aa82L,0x2b21d42a7a94d7e1L,
-        0x461b848fd38e3b49L,0x76af1bd6563a87e7L,0x00000000000000e8L } },
-    /* 0 << 350 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 350 */
-    { { 0x5a4ab9c18d71ef32L,0x08205f9bf4f4cf75L,0xfe64565db34a8c55L,
-        0xd12be047169994bfL,0xd3c3f84f43f91e62L,0x1dae2e732601b686L,
-        0x2a07fcbe2dee30e1L,0x25e562459a754926L,0x0000000000000174L },
-      { 0x288455f32ce4d340L,0xa1f4e6b0e321170dL,0x9a36bac390039106L,
-        0x1682b04d98c7ed01L,0x27166c68e9ebef5eL,0x41efe4f001ca803dL,
-        0xf76898ac460a4c5eL,0x6a787fc31acbcda4L,0x0000000000000103L } },
-    /* 2 << 350 */
-    { { 0xdcaed4e0eb86608eL,0xfdfd21688d7ba967L,0xd4793142866e3436L,
-        0x259b748bf9e22704L,0x86914896ac039548L,0x2236c40dd7c7eec2L,
-        0xd76953aea1c8873eL,0xf3e9f9539cd08a3eL,0x000000000000013cL },
-      { 0x2d653796535c50c7L,0xcb8b6a753478f1c4L,0xa2abfb2acf0ad848L,
-        0x9cd60fbf7fc08e6dL,0x3706c38749f48743L,0x3ea91a1d3e0781e3L,
-        0x8c19973bd007f364L,0x566d7cb522e5f10aL,0x0000000000000103L } },
-    /* 3 << 350 */
-    { { 0xff04036328faa051L,0xefc95341172c6ce0L,0xe4028c4a7d53a624L,
-        0x481fb2fce3aa1e70L,0x4671faf3d2d92ac4L,0x0d581a28cad49733L,
-        0xcfab195da5e23867L,0xf6784d62c8bd1eadL,0x0000000000000170L },
-      { 0x2ba73d671694ffaeL,0xbaf16d6d47d613b7L,0x5748fb2fe24a2182L,
-        0x337d36ad8b9d5587L,0x07b92ce38cfcf82fL,0x99b04584fca2cb04L,
-        0xe8fe5417a5db355eL,0xa29a83971e795369L,0x00000000000001f6L } },
-    /* 4 << 350 */
-    { { 0x674e392f0261ada4L,0x5af762f55bb103a8L,0x281ad6a5c9e8bf69L,
-        0xa88ad2e45c57af63L,0x7fbce1f23b909ce5L,0x37883da84a8c86daL,
-        0x94f7c5708fc8357aL,0xa1f2fb59c7c21ea8L,0x00000000000001acL },
-      { 0x30c79e7b1cba57c5L,0xf71d84be6062fa39L,0x8fb70b03e2b9c131L,
-        0xbb0f27e7cd862b12L,0x2fea10874ffd6a0aL,0x177871582a7a7b08L,
-        0xf79606cc8653ce49L,0x9514c960629a5ff9L,0x00000000000001a0L } },
-    /* 5 << 350 */
-    { { 0x685cb5e1ee76561fL,0xc7eed1f695507f6bL,0xeeeab42cd2aff6dfL,
-        0x32417d37c5c5362eL,0xf1dca5a7362b5f64L,0xa632d6b9fce1fb3aL,
-        0xdf5ef2ab8d95fa9dL,0xebae375560e41269L,0x00000000000001ecL },
-      { 0x18090f8b62102f3eL,0x1f92da5a150229deL,0x3c7262f9f45b03a9L,
-        0xf12f42c84967dec8L,0xc68b707051a319cdL,0x5fb0202c58e88be6L,
-        0xea58670dbacf6553L,0x4a218180bb263c69L,0x0000000000000038L } },
-    /* 6 << 350 */
-    { { 0x2df8ac505afa5f7eL,0x6df783774959ec90L,0xb26bdddb192bec1aL,
-        0x1c8d1feb809b6d87L,0xbf8e71e3c90fd61fL,0xb779d00f9d3abfd2L,
-        0xc9b25e7d40d5d7a4L,0xcf5dc7c2ca6c2dadL,0x0000000000000100L },
-      { 0x360d9b18c50b6ba3L,0xdf5958ff1b4ca3ffL,0x1073b7f6e05fce33L,
-        0x819739fa5936c3e7L,0x5d7bf0ce95b80771L,0x27043464d723e7a8L,
-        0xf665f01f769d0313L,0xe8ba3b82d21e5578L,0x00000000000001afL } },
-    /* 7 << 350 */
-    { { 0xcc1a5d125c84085fL,0x689ccbbf11e07a83L,0x818e90645bd5ce0aL,
-        0x7ff51fe77dd3b557L,0x244b2fc597c092fbL,0x56b49f61ce7dc3e5L,
-        0x60465ba316e1cb43L,0xdad9e6d70bca87efL,0x0000000000000159L },
-      { 0x410a5b331f2824f5L,0x7940293fff4bbccaL,0x2c37932925ce7150L,
-        0x4b0fcc706add5653L,0xbc7fa7355ad55175L,0xc751542bef886eb7L,
-        0x4c8352570b74d18cL,0xae7eeb6061542f24L,0x000000000000004fL } },
-    /* 8 << 350 */
-    { { 0x1fb30b26534de721L,0x467328664123d0bcL,0xe4e83c0d3a143f8eL,
-        0xe1f5f92a691180e2L,0x5fb00e76081f7230L,0x0e4e513d083c3776L,
-        0x5b81ea91eb042c2dL,0x7a221cb200af7f4eL,0x00000000000000e4L },
-      { 0x7bfd3f9131e75c9dL,0x8545adada2c68d12L,0x01c295b9f986ad9fL,
-        0x186952a541eb1f2fL,0x6f7e3e3ee802ffc8L,0x704e75d0b98fc92cL,
-        0xc233afee4800a8fbL,0xd0111a57549d5fa9L,0x000000000000010bL } },
-    /* 9 << 350 */
-    { { 0x703bdfc28fa5a117L,0x3324b4c7a72de61eL,0x66bffd4e189dd1aeL,
-        0x0dd312e197be2e90L,0xc0f200e159e34175L,0x494e207fb97fc751L,
-        0xd1a1b7a1bb27e3eeL,0xaffbced9b305b999L,0x00000000000001b0L },
-      { 0x82ecc5d084711c62L,0x339f3eb9f8990ca3L,0xbf24f07a5e5cf050L,
-        0x0e63379096b80f96L,0xb2713b232cd928d0L,0xdb2acbed1bec9ba8L,
-        0x259a9461a584c845L,0xd024aa292d12b85aL,0x00000000000000b6L } },
-    /* 10 << 350 */
-    { { 0x162d7affa798f350L,0x904fd12e7ccf599fL,0x2e13439240e92c4fL,
-        0x7439ad22afeb0edaL,0x2111df7dbb3a3984L,0x17da71600ba49716L,
-        0x03c556c8ef500d81L,0x292974427287b40dL,0x0000000000000066L },
-      { 0xc61ab9d32dc3165bL,0xa427265826fcadf3L,0xb8ccd6c0838ee2b8L,
-        0x2b43ac9dcad6ed19L,0xc5e072a314ac704dL,0x148021b6b3289a83L,
-        0x3da3fcb61d3e7f5eL,0xf6e0d0596fbc3f05L,0x000000000000018aL } },
-    /* 11 << 350 */
-    { { 0x07d7152724577876L,0x0ad731b07475d82aL,0x8181bc1ecc35789eL,
-        0x47453c419ab56a3bL,0x87ae49281343be4bL,0xff1e1a462366665dL,
-        0xd89941a533896339L,0x8603a0feee010861L,0x00000000000000e0L },
-      { 0x9aa8f8f3ebc782ceL,0x0b8cdd59dfe2867cL,0xe6bd219d63a7e153L,
-        0xb7748a8c62371590L,0x6f5ff5a8f67ba1d9L,0x9f057b843cc70904L,
-        0xb3949d0a3aa770d6L,0x1d7417ebc36c1dfeL,0x0000000000000134L } },
-    /* 12 << 350 */
-    { { 0x238d0f45e5375e53L,0xb576c6ca60b1447cL,0xa3a372a662216556L,
-        0xa36f6c4a8649c9d5L,0x00e80b35ab50c2cbL,0x11e5520e2556c5a2L,
-        0xac58d6f1d3aa02dfL,0xd56bf8228b95fddfL,0x0000000000000094L },
-      { 0xd172331a2a513cc5L,0x35eee6975ef6a6baL,0x4f02b17fb0acdc95L,
-        0x07ec621e1eb68058L,0xf266346cdac73d4cL,0xbe978e8aecab7ddaL,
-        0xda0244e8968c2eb6L,0x50b38345cee91ed9L,0x000000000000014bL } },
-    /* 13 << 350 */
-    { { 0xe86714c444bbba14L,0x4a0ba67fe0ebe2c7L,0x4d7b6342e19e2833L,
-        0x29e0766b768b7bbfL,0x109e7003d5b9f660L,0xcfaf2ddb39cb47bfL,
-        0x4be8337c9fd257d6L,0x5ee652afd3082203L,0x0000000000000185L },
-      { 0x0eace717a4e898fbL,0x936b7743a3ed5280L,0x13bb777fe20eb2d5L,
-        0x6e3fe7ac2e467eeeL,0x8b1bc5234bf9a409L,0x8e6eb8d336a9bc8aL,
-        0xcb22f89c060f98a2L,0x18a47fe4fe67785fL,0x0000000000000171L } },
-    /* 14 << 350 */
-    { { 0xfb7641f78dd2f484L,0xd3968fdc8458af7fL,0x49aae2a03f2256aeL,
-        0x3868855c184b5272L,0x02207efdb0964247L,0xc2e07ae88f026dacL,
-        0x6043c98a10fccbd7L,0xa0dbf1ec385aaccfL,0x000000000000014aL },
-      { 0x8e75ed542cffc319L,0x83c12af3727fb8e1L,0xf3fb0e7d5665201cL,
-        0x282b216e2c59469aL,0x7a71d0b07a2722ccL,0x3eab574727700dc1L,
-        0xbec4c097b809482dL,0x5363ca88baa425a3L,0x0000000000000182L } },
-    /* 15 << 350 */
-    { { 0x3e16bd1f7200a8ddL,0x028318f4b10ec669L,0x1fa937c6b9c35fa7L,
-        0x0ca277d969c407d8L,0xe0230f44ed5a32efL,0xa04df533e9dc21fcL,
-        0x5775e2b0847b808fL,0x7319f97b14c0cb44L,0x00000000000001c6L },
-      { 0x4f313cb5e7259335L,0xc2de5cf8a2e9a717L,0xc6daf9a41a0c65a2L,
-        0xe304c3aec39e1b4aL,0xa9a178e03cfad39cL,0x35dd14cdd2555011L,
-        0xdaa2701adf9b2103L,0xbf3d425b40c31b92L,0x0000000000000087L } },
-    /* 16 << 350 */
-    { { 0x01188022f8816103L,0x64e1c614db3855d8L,0xcd4bd4c229a7c0d2L,
-        0xd7ec42894d5ece84L,0x947a8bdc722fc703L,0xa4c09186bfebacffL,
-        0xf7fda81edcf3b746L,0x3bf6dc1b435034fcL,0x00000000000000c8L },
-      { 0x319fc666878b4418L,0xd600347ccfa14a68L,0x5abcf8fc912b3c2bL,
-        0xc82c5e12c5cd581dL,0x022f767c50a27865L,0x5c606862ead1f5f7L,
-        0x2702e8192259d674L,0xae371a48e02204abL,0x000000000000001bL } },
-    /* 17 << 350 */
-    { { 0x97e034b8a9080de0L,0xd85ffb9e7489f5dcL,0x5e82572b143fa372L,
-        0x0011ac86471e02ecL,0xedb1f0e68bd15910L,0x9f88d9fb76ba5f6bL,
-        0xa93eec11e73fd22cL,0xf4980f348e89e8d6L,0x0000000000000131L },
-      { 0x6972155ccb678eeeL,0x8450fe29b3f64220L,0x92a56dd2a22f685fL,
-        0x5938dc70bb05e6cbL,0x83b058f8c28d997dL,0x570df3b018f71a2aL,
-        0xb7cea974dc59cccfL,0xdf9376c83099d0fcL,0x000000000000006dL } },
-    /* 18 << 350 */
-    { { 0x767a6f66b1d1d2c2L,0xa1322854fe1b6fa1L,0x4be1a1cc6461d755L,
-        0xeed07ec250c221bbL,0x1ecbc0e0d9a306f0L,0xbe134f4df014a398L,
-        0x5b391aae8a62aa33L,0xf89d0bd98f8374d9L,0x00000000000001cbL },
-      { 0x834f7a49bd81ad66L,0xc0847d0c5b161a3bL,0x55ca398ece94c03dL,
-        0xee52a9325f7e7da9L,0x3c0764552256b0f3L,0x70a087cd10daae34L,
-        0x1e749e8b041e8275L,0x32e770866583c7c2L,0x0000000000000187L } },
-    /* 19 << 350 */
-    { { 0x1705841bcd474570L,0x8286faca79fdf349L,0xfc5cfc0fab4d7902L,
-        0xeaa4781d494df4d3L,0x160dd228a8d6515bL,0xc5e6a4393fac5de4L,
-        0x6f080b52e14684a4L,0xa1171a632a68c81eL,0x0000000000000185L },
-      { 0xf6da51320bd7b821L,0xf02d821685f6e165L,0xe4fc78f80c8b9ae0L,
-        0x0cb0278872ccbb8aL,0x37972865c36b4672L,0xa2e0aded0ddef47cL,
-        0xcdb8736483760595L,0x5ca51c2951194739L,0x000000000000003cL } },
-    /* 20 << 350 */
-    { { 0x2af67b2b1d6f6e88L,0x02b012d358551562L,0x6b82b1fecafa5d8aL,
-        0x7f82b4e2e6fefe9bL,0xac91d292e6b8bbdcL,0x1e330708aeb0467dL,
-        0xe5723339d2226ec1L,0xdcb1dfc411ce4198L,0x000000000000017cL },
-      { 0x4c55853aa74e39fbL,0xdeadb9343e55add6L,0xbb7f6b234d9052ceL,
-        0xc39590032f3e7badL,0x78636279ad990758L,0xc476679e34bcb90bL,
-        0x9ab2badcf9fe3f2aL,0x414a32c01b69ef65L,0x00000000000000c1L } },
-    /* 21 << 350 */
-    { { 0xf972e207226d5378L,0xcd708a71ff9ac89fL,0xbf32f744ba4d2463L,
-        0x46fe3a5fe3e118afL,0x746a334f64442a45L,0x716caa321f011c2cL,
-        0xfbfd3914b0a5fee4L,0xc1e251fd8637d992L,0x0000000000000086L },
-      { 0xb45d3c09336dde94L,0x418b61d9bab03eaaL,0x1ec1facd52276f8cL,
-        0x31a2838d276b4c3eL,0x5c0ac0e5344b4fc0L,0x84c5b86c7802d850L,
-        0x7f2bde812d1f1518L,0x749429ab89820544L,0x00000000000000a6L } },
-    /* 22 << 350 */
-    { { 0x8fd557cda14acfe3L,0xa78896e226a144cfL,0x9171e9bb7e81425eL,
-        0x1b03073ac232010fL,0xa2a67f9e4506d254L,0x9c74103f9b9e87abL,
-        0xf03b5f8cfd9e2110L,0x701e9602fceae96eL,0x000000000000008eL },
-      { 0xed614e9542b8326bL,0x1deca584f7c276fbL,0xc1c4acbc5c38606cL,
-        0x6c1d93a6a03fce8bL,0x114af997f1d63590L,0x63ff01ed89679610L,
-        0x6c1091e92ef1af27L,0x7577c9b8e47fbe2bL,0x0000000000000115L } },
-    /* 23 << 350 */
-    { { 0xe1e509705873e203L,0x92537e522ccb0f6cL,0x57f7ce82a48a196bL,
-        0x355baf4fa3f71850L,0x564770cb0fe17d67L,0x5f17428ce88a7b9aL,
-        0x2ea41803c7ede7e9L,0xcb4b4df25e9ae4d6L,0x00000000000001a9L },
-      { 0xd9149883a345b2baL,0x5f6edbf7aff49765L,0x6ccb568246bb6e78L,
-        0x28df77696f46d96eL,0xba7ce7265c6d0f7eL,0xef69e4d2e8c413d3L,
-        0x12be550be5d1ee20L,0xfee595f001ecba93L,0x0000000000000116L } },
-    /* 24 << 350 */
-    { { 0x114453e727f2f67eL,0x7199960246edb75aL,0x481cfc650714f2ecL,
-        0x7a359e11bd48c221L,0x6807f0b5bf80fbdcL,0xdfe57fff51b3a6fdL,
-        0xe58f3c47b6794229L,0x7f22cf6adef683baL,0x00000000000001a6L },
-      { 0x551bbae28c39f9afL,0x5057c3a7b1e075dbL,0xeeedd6009e0d386aL,
-        0x8d60b730715b2507L,0xd65f990b840be62eL,0x666437b2287cc361L,
-        0x11c2019c9cfe886bL,0xbeef8eb4ebf4ce61L,0x0000000000000008L } },
-    /* 25 << 350 */
-    { { 0x71df4f783f6d4a3dL,0x6ac9564700648a32L,0xb4173a57d4684f87L,
-        0xf0ae2e221d713b5dL,0xe8eef4e62c7e0fc5L,0xd646dd421ec5f774L,
-        0xc5e4f3dc1af0e91dL,0x73fcee0ba0aeff88L,0x0000000000000123L },
-      { 0x054667e6cb349e02L,0x2d76accf002f27bcL,0x639a3672d120b014L,
-        0x8402c2d156548bc6L,0xfdcef81372e04759L,0x09aed35779d36956L,
-        0x5d0843b61de45356L,0x16e122f7b2d31760L,0x00000000000001c7L } },
-    /* 26 << 350 */
-    { { 0x5ff6e5554594bca8L,0x85a83cd1bcb20291L,0x4202282673cb711aL,
-        0x24303de0175675c0L,0x426f264d2756e198L,0xbf84530704f7f348L,
-        0xe8203455e5137f75L,0x5ab0febd0a6119acL,0x00000000000000a3L },
-      { 0x7e826f3fc403eb15L,0x84d63da08c0152f8L,0x4c0b1ad51370c544L,
-        0x3a5afc691444a291L,0x4ffe236f29fec214L,0xb55331949df836dbL,
-        0x816a0784d7e7ef89L,0x28a78c1c534192f2L,0x000000000000018bL } },
-    /* 27 << 350 */
-    { { 0x1ef828db53638a6eL,0x946738cd62a782dfL,0x126f1b39d74972fdL,
-        0xae08daf5321db625L,0x8ed69c8a39bf7767L,0x3c65874016d76e57L,
-        0xbebf5778cac27566L,0xcfbcae3b36ef536dL,0x0000000000000088L },
-      { 0x3f548dcbd43d8987L,0xcfe2a5921e3b8a98L,0x19ec85179e1c2d42L,
-        0x9ebfff35ffe49227L,0x127821fc499ee1a3L,0xf02ebf0ae455b9feL,
-        0x6e9864a56340b993L,0x615e97fedcc15810L,0x0000000000000012L } },
-    /* 28 << 350 */
-    { { 0x422833d5e2cce69eL,0x3c1c8bdb69ff8b37L,0x44d41dfbc9fb427fL,
-        0x15bee2ddc54a1824L,0x9c804025e8ce4aeeL,0x5bcc7e5d9e5665b2L,
-        0xf38636a040b6270dL,0x84cada1a60b6778eL,0x000000000000014bL },
-      { 0x28b4411b9b47ccbbL,0xe4bc1e916c368197L,0xc0f36e6b2562c900L,
-        0xc60d562888c55430L,0x2e9613dffb81c20fL,0xfdd934ed56872b5cL,
-        0x6bacd3ad187bbdddL,0xf6f821d7d1e42d9bL,0x000000000000012eL } },
-    /* 29 << 350 */
-    { { 0xcd767d6025104f3eL,0xe0d35530b0b2f859L,0x6ca28dab02abdd82L,
-        0x6067b9bbdf3510a2L,0xdedc9f658f189d83L,0x80496472f42b7bcaL,
-        0x9c8802199fd57966L,0xe6774cf970aaf3bcL,0x0000000000000107L },
-      { 0xb1fb2955713d14faL,0x9ea12ac28769fe2bL,0xb0a35fbaeff1af3aL,
-        0x1fbdd1db98d8b108L,0x6d7db12ef9b6f0a4L,0x0a56e4cbdadac116L,
-        0x08431700b1c6b49eL,0xea501d0b69c53deaL,0x000000000000001cL } },
-    /* 30 << 350 */
-    { { 0x28007de29245c149L,0x0befcc909b90ec07L,0x734c6339e8639957L,
-        0x3f754697d0a82a41L,0x4336d11d47c0be63L,0x8325f084bda10defL,
-        0xff63085e6c2de53cL,0x67ee3dfcd36ba132L,0x0000000000000057L },
-      { 0x315b2f045951d063L,0x5c7f6d6eb6f8a257L,0x4783c43abe41ee82L,
-        0x08bf94b9341eda90L,0x85f12aced8558536L,0xb6cef1f47c1a76afL,
-        0x10c93a9304c6e842L,0x48967ee1f5ea5860L,0x0000000000000074L } },
-    /* 31 << 350 */
-    { { 0x66227cd38c9b254eL,0xc23c940e19fc7eaeL,0x20d5a008c3ccf958L,
-        0xd81a909cec5f6eb2L,0xfa042069526ce89eL,0x9d5429428e7af449L,
-        0x79cd81ded46860c7L,0x490a80a877275fc4L,0x0000000000000061L },
-      { 0x056ee04b63c81130L,0x4c31c93ad967f41dL,0x4f91d3347b98d3c1L,
-        0x5a584efc0f5d4299L,0xb591f98e4bb653f4L,0xa4bdd54c2f4e0cabL,
-        0xe2b6ae4e8905a6eaL,0x0101e1289d3abe7dL,0x0000000000000087L } },
-    /* 32 << 350 */
-    { { 0x15581925de0d59fdL,0x861dbef21e668987L,0x000ca03681fdaea7L,
-        0xee45e5edb5007bf9L,0xd98680509485c5fbL,0xd58ca541e2a800b9L,
-        0xa0d643df05e1bf66L,0x3db52cbfbdcf7da2L,0x000000000000011cL },
-      { 0x0a1db94387af7109L,0x33754c60fd35138cL,0x2bdff118fc19982aL,
-        0x2e8eb645d22ccc69L,0xa7873cd2c73e39d4L,0xd024363e1d04ff18L,
-        0x492503d60cc6abdbL,0xade16418185ab722L,0x000000000000015dL } },
-    /* 33 << 350 */
-    { { 0x69f6ad632c6d6564L,0x547345e6aaa70f65L,0xfe220b531e796903L,
-        0x9dc4208eac90043aL,0xdbcb2f9b1ac77eb0L,0x1509e41b952cb582L,
-        0x5fe81cfafa615100L,0x271bdeea16628120L,0x0000000000000084L },
-      { 0x09d9f31d93ba6f29L,0x87762e121d5b9333L,0x5c78a0f96729ad96L,
-        0x252d6ba8fb40c1fdL,0xfa3b5aae976145fbL,0x3838d4e64345c9ebL,
-        0x90a0427561b22f62L,0x3f2b49f9eade3582L,0x0000000000000139L } },
-    /* 34 << 350 */
-    { { 0x7e06283b88db8098L,0x5254f2d8bdc2ee3bL,0x19a4b99da7d1d2bcL,
-        0x5b7cb7c9c823fcafL,0x1610c35b55920769L,0xe39bf6381629e60eL,
-        0xbb17270b9ffdb484L,0x41f2041ae9758c69L,0x00000000000001fbL },
-      { 0x51a46b85b2c0c563L,0x2b69e1e711275735L,0xb671220e53b3dcbeL,
-        0x7340bec853362fa3L,0x6f57ddb541eb7772L,0xdf0ee415cb596fb9L,
-        0xc417728bff8477c1L,0x684c4fa4c3d566e6L,0x00000000000001d3L } },
-    /* 35 << 350 */
-    { { 0x43631e362ace4d30L,0x476ddfb7e15627dfL,0xd855ee87e9821f21L,
-        0xaafc352d13a160fcL,0xd491b1e722a31120L,0x2e330621a26e8121L,
-        0xb50d21650feadde8L,0x223817649b3f8fdbL,0x0000000000000161L },
-      { 0x577fc13560e6851fL,0xf4782a8cb3f655caL,0x74d5c579b0f5f244L,
-        0xdc93688ba2d001acL,0xa28376ef70768956L,0xbcb66d8a81df4a2eL,
-        0x2d1fd4b5f6ec5bb9L,0x95fa7d6ebc9d4619L,0x0000000000000069L } },
-    /* 36 << 350 */
-    { { 0x9c427efd472a1c76L,0xbb1abff22bb334b6L,0xec7c11468050c592L,
-        0x3795ab5851c77dffL,0x403fa93cd0a8565aL,0x7ea1b2ca8560a630L,
-        0x644b40bfd92ff341L,0xb83c8b3e25f2cbbaL,0x0000000000000178L },
-      { 0xe46c901a355d1a67L,0x0c8aab17077d71ccL,0x7d04573304f187a4L,
-        0x3849de53bd2def81L,0xb0b7dd7bb334041bL,0xb05f3b1d245df6e6L,
-        0x561b16a93433e78cL,0x25e1f0a1995c0111L,0x00000000000001b1L } },
-    /* 37 << 350 */
-    { { 0x998716bf439d38a7L,0xd7f8d80f14ec2b79L,0x52cc523e0a116fbdL,
-        0xb6fa8f35c553eb57L,0x2a9daed4b1df475eL,0x0f2a03f56efb1ea3L,
-        0xd87de564a207c6daL,0x0d29f1b85c150d6eL,0x000000000000000dL },
-      { 0x35c9657e7f6bd7b5L,0xcc1b5f16e96359f6L,0xc90a1783a5f70bd1L,
-        0x27e8319147906464L,0x107cc69df52d2fb1L,0x224e7abbf2dfc93fL,
-        0x6e0e805ec41e54bbL,0x30574ac25e5db791L,0x00000000000001d1L } },
-    /* 38 << 350 */
-    { { 0x32b656e891d18868L,0xadfe8b2599eece6fL,0x6c153a31bdf1972bL,
-        0x1b84a569401b1912L,0xa2dd8754adb8c7f0L,0x15bd0ffb165374c2L,
-        0x7d7f5807ff9e26d0L,0xe009311e92a12880L,0x0000000000000156L },
-      { 0x54d8f6bc9af03d71L,0x1126a5a5e0a9ef63L,0xc1f792885b103cb6L,
-        0x5e67739473108a70L,0x9a3befb284db9b2cL,0x9333f1aca12fbb34L,
-        0xa5d2a0f07cda2b55L,0x5372d3c2551e98a3L,0x00000000000001a5L } },
-    /* 39 << 350 */
-    { { 0x3d682a3d4db17b24L,0x7560eaf34eca0d89L,0x47e3a60c20dd7043L,
-        0xab67577582a0d23bL,0x2714437809a33798L,0x117b3f8609a73afeL,
-        0x15f677792e71e0daL,0x861f0bb2216749aeL,0x0000000000000034L },
-      { 0xb6755fb0e3ecd9c8L,0xc2db4ae203f7866fL,0x5d4e3aa16690fbd2L,
-        0x1e38e9a09b18ec9cL,0xc2c95824c703231bL,0xa8c457089d8a4205L,
-        0x5504ec5e4e6d1e7bL,0x42b6c5bb54127e2cL,0x000000000000016bL } },
-    /* 40 << 350 */
-    { { 0x94dcb7602d3724f7L,0x092d781e5fcdc7d4L,0xc3fedca6dc823e29L,
-        0xc2c19e31aebf4ac9L,0x2aeac69beaee6608L,0x2c2e52376c85a59cL,
-        0x08949223a91d8cf7L,0x9ef9b311f0811914L,0x000000000000003bL },
-      { 0xbc09e4ad786d0a50L,0x482bc9fd3b427aacL,0x614bde569d2ef9b9L,
-        0xd9d846800763d7b6L,0xe1c9849c7685856cL,0x5761de36532a8b13L,
-        0xaee9ae018ab8534bL,0x6297f7cdcffe238eL,0x0000000000000045L } },
-    /* 41 << 350 */
-    { { 0xfab2dfc946c1f383L,0xd3520f6418f56f5aL,0x443d47dcf8bd38b2L,
-        0xdb480bec4f279932L,0x5bb596b154a485e4L,0xdcfb04fde2601b21L,
-        0x0271c9d48a3b9c6fL,0xf67d082d938b7bb8L,0x000000000000015fL },
-      { 0xeef77c2d42f4ac8eL,0x2dd70fb546d67b2cL,0x5e588ff9d68b1997L,
-        0xe29565b76ba5fa5aL,0x6764f0e9d4f57c19L,0xd6b78633e66716aaL,
-        0x3483bdb27fd1a5a0L,0x24be2d70396089daL,0x00000000000000d4L } },
-    /* 42 << 350 */
-    { { 0x13ebb2e30333009bL,0xa842a7f9346ee656L,0xcb9fb67a1cb3b9f9L,
-        0x9b5fc3e5903d755cL,0xe776dadc2c519041L,0x1a3bbea475246222L,
-        0x8a1f073c2b03e847L,0x85beb02d5652c2deL,0x00000000000000adL },
-      { 0xae2eada769e89348L,0xbc20bd57cb14c2cdL,0x079bf80535196234L,
-        0xbb48228f19ee0845L,0xf53f5367fb15d09aL,0x256bd1e0244cd8e7L,
-        0xd4a0ec81c471a7e8L,0x9ba40ccbd4b56f89L,0x000000000000000aL } },
-    /* 43 << 350 */
-    { { 0xd8f106f9a769db32L,0xfca92fe9493257bcL,0x32b2bed729a888b6L,
-        0x13fc9590529f5843L,0xe2edce083bcd4012L,0xb316e6af3edeb588L,
-        0xa0bd8dde9cbb3ae9L,0xddb5d928d8601cbcL,0x0000000000000053L },
-      { 0xced907601d3ae473L,0xaf2f245cbe08d340L,0x15eef9c599466d91L,
-        0x3bfb970e9a2dd09bL,0x03c79319fd4d1efeL,0x9c6204518ce8f852L,
-        0x34b1b4dd37bb72ddL,0x225b8a0b6e356b38L,0x000000000000009fL } },
-    /* 44 << 350 */
-    { { 0x354d7d39ff3579ceL,0xd61a6c33687273dcL,0x8e79f8ba0bf66ea7L,
-        0x0914b68cc532810fL,0x86a1f3be19d74cd1L,0xf663a8d2ea1de01aL,
-        0xe890d4e8f989647aL,0x1c31bdc54c3460f6L,0x00000000000000edL },
-      { 0xc48f0b654d05c7c2L,0x10f0830687586519L,0x3a28a202b0b0b6edL,
-        0xa1ebb5b9a5655d5dL,0xbf19a5ab05790e30L,0x1e4ad7b17d237ad6L,
-        0x829ae2daa98c9125L,0x5406f57a544704b3L,0x0000000000000099L } },
-    /* 45 << 350 */
-    { { 0xb9a01925ff611f79L,0xd0dea6882d74a7d0L,0xd80aae28a95f1244L,
-        0xf70563196bebe957L,0x4ae651ef7898c6c5L,0xd293ea624619976fL,
-        0xee6b9a710bb857f5L,0x360dd469c307fd59L,0x0000000000000060L },
-      { 0x1a0bd0e9eb91952eL,0x30b79c523a77c2b4L,0x847f13fa4936db71L,
-        0xcd9fe25186f14605L,0x7f06535625b761afL,0x01d47bae6eb335f1L,
-        0xfdd96f8d6c1417adL,0x7dbd3cab6631990eL,0x00000000000000e1L } },
-    /* 46 << 350 */
-    { { 0xd83c97e2086cf3d4L,0x590b4f8641268fe9L,0x5c1bb1b8a6161137L,
-        0x49a11f2f49eeaf5aL,0xc2cf4d03cbb75280L,0x21ce922a465592f9L,
-        0x8c6eb3c8ee919d03L,0x5b9a98e8c6b5102dL,0x00000000000001b2L },
-      { 0xb4ef0faef120a8b7L,0x5e89cb627dcb8d5cL,0xcef0e7bef2f28c26L,
-        0xb52b392db642cfc8L,0x040a684ef03da73dL,0x5a723b5297933d4fL,
-        0x29fee2268dc82a55L,0xe3c0f2c4aca0067bL,0x0000000000000051L } },
-    /* 47 << 350 */
-    { { 0x8e229d60a712d633L,0x7f1fe86bdd051e59L,0xc11af604d4ee7fdfL,
-        0x9c0795378a1c305bL,0x6a1303f3cb306a9dL,0x07ddfe2aa268a120L,
-        0xc779ab13dae81354L,0x99f2a4b38406f8f3L,0x00000000000001daL },
-      { 0x484fb852a158cfd0L,0xa4af6f9d2ca5e503L,0x4a8f9542f4809264L,
-        0xe2c2fbd1146c0eafL,0xf06da61c067ff9c1L,0x33667ed5cd3a0fc2L,
-        0x708523a842fcb10bL,0x18b6364260d97a55L,0x00000000000000f9L } },
-    /* 48 << 350 */
-    { { 0x6af20098edcc581fL,0x744e603fb1d8ef85L,0x77a155e23a4c70c4L,
-        0x7cfec62980e719e5L,0x6ad16816771adb9aL,0xab2b9ae6917101b6L,
-        0xfa1c8fa122b8606cL,0xc6ade9b6912fc59aL,0x0000000000000099L },
-      { 0x5842a39a8bbc4442L,0xf7ccacc0937825eeL,0x8af901af76669dddL,
-        0x4cf82e79e7ca6918L,0x379dab5022df76d8L,0x7070302afcc877bdL,
-        0xa959a86b0dbbc81cL,0x38c984cb78c2c637L,0x000000000000008aL } },
-    /* 49 << 350 */
-    { { 0xe5e34c9afe2aa4e3L,0xbeef09e66cbd98ceL,0xf2326ace0f624fe7L,
-        0x3145bf2e6b6bd9e5L,0x8e26b154371241dbL,0xa8d70886b20897bfL,
-        0x240fcf30e4ec8a60L,0x065ad618b722ddfaL,0x0000000000000184L },
-      { 0x04e64b08825ed711L,0x2bc526e052ae37dfL,0x0d76611b2229209cL,
-        0xc5ec72065543bb31L,0x5d661329bd37b323L,0x4aee961c97f208f9L,
-        0x296e8e5af8bcea25L,0x55be6c51c7f25a43L,0x0000000000000183L } },
-    /* 50 << 350 */
-    { { 0xbd485a2168b9bac6L,0x96f8ca66b92c9bd3L,0x54651d6c9d5cd2ccL,
-        0x85a397f49b4d3558L,0xf9d46be109323661L,0x0345303a0efc8936L,
-        0xd7cb4ab7b2193896L,0x3838fc1e8567d8a5L,0x0000000000000092L },
-      { 0x9d27d6cc5888449bL,0x92fb49af08f1717cL,0x7bd684a61b7df8faL,
-        0x8d22465d49ddd9f5L,0xea8a1ab00ce6997cL,0x8a1f6f92b62a9a5dL,
-        0xba4ee8c067caa406L,0xeea34c787853c0fbL,0x0000000000000153L } },
-    /* 51 << 350 */
-    { { 0xcca88cfe71c9210eL,0x80dfea7f906985e3L,0x2d6d64511adc705aL,
-        0x1f00f1cd6a679020L,0xc90876f676b76b73L,0xb6782716fda27e31L,
-        0x38816e90e3a35a4cL,0x68eccad2ba92fb37L,0x00000000000000a0L },
-      { 0xe79f9da1ee9ca568L,0xf5177267a2f60f20L,0x51bd81c4442792a4L,
-        0x16871ba6b31012d2L,0x423ae3d46c49f876L,0xc1761593ca51334aL,
-        0xe3e4701cbf879981L,0x718001bdf5648e7bL,0x000000000000006aL } },
-    /* 52 << 350 */
-    { { 0xe05ad50282808e09L,0x7b5dc16001e4f0b6L,0x78d1ca1933a6eea2L,
-        0x9af18043509cb3caL,0x1e796ce5ff953005L,0xcac11cada26b33f2L,
-        0xfb9db0d67d84e525L,0x1b66890a8bb37875L,0x00000000000000adL },
-      { 0x7bdca42375d780efL,0x0af21a0bd16d7858L,0xb56371f7cf42aee6L,
-        0x0ed2542214bc7ae3L,0xafafd8948c5de97eL,0x340a2c54bb065e75L,
-        0x4adb4195861c19d2L,0x98c390dba914dc62L,0x000000000000001fL } },
-    /* 53 << 350 */
-    { { 0xa7f5f77023a25854L,0x95c125267a96c4dbL,0x61219e73c1777cacL,
-        0xc6fee78ab8df403dL,0x78e99f85fbf090aeL,0x9b7e068c86a1283dL,
-        0xbe9e1b8565ed0dcdL,0xf7a0bb1948a40837L,0x00000000000000bfL },
-      { 0xd389955952c2db22L,0x40469180e852e506L,0x450f976387d5db74L,
-        0x7cd7fc5ccc0b418cL,0x1fb11db4a5fe3416L,0x4b72467f1c837bd7L,
-        0x5619b345e8279f50L,0x4d0dea319ff61f46L,0x0000000000000107L } },
-    /* 54 << 350 */
-    { { 0xa948d7bf766acf6cL,0x8f741ac1004e4c47L,0x7f1a1ef4defbd931L,
-        0x5c0d5e57e6cfa20eL,0x496aead973d9db88L,0xb5f11ff5d6f826d7L,
-        0x668dd88800cd9347L,0x22f18499a4ba53dbL,0x00000000000000d5L },
-      { 0x420e05d696fbb953L,0xbe035ecb7c5c8155L,0x8027eea1d72b42f1L,
-        0xd679566ddb39e9c0L,0x60205b0969fc5b43L,0x9a8ba2d92cfe4776L,
-        0xb6677a309c14db60L,0xf9a134b3f1fc12dfL,0x0000000000000024L } },
-    /* 55 << 350 */
-    { { 0xc696cf6211e1d5caL,0xbbb285ad84300330L,0xf241d535d08e2f4aL,
-        0x0c85f24ee196ee2eL,0x2b070d57bf38d376L,0x7ef93bd06a98849eL,
-        0xb45d3d7bee04656fL,0x5fe517a5ad03b679L,0x000000000000015bL },
-      { 0xd3536e2059c48b4dL,0x5cf6b777913f2941L,0xab4e101bd476b4e6L,
-        0x1f717cd6a1e63091L,0x65c565f6c58ba036L,0x72bc476f79c53ac6L,
-        0x467ede3be42bf81bL,0xc31436b46e7c6917L,0x0000000000000161L } },
-    /* 56 << 350 */
-    { { 0xe8077e42ed76067aL,0x7a4d661b5885cfc8L,0xed03423d6e12c1efL,
-        0x2af0bd867d62b094L,0x5d5c959dbcde7990L,0x91f3292361c8c493L,
-        0xd3a2d1371ddd8404L,0x43cf907ee9416bdaL,0x0000000000000179L },
-      { 0xadd9d450f88ab3d4L,0x26abefd97b3c1b2cL,0x0eabdf60f0ec7168L,
-        0x48584461499d981eL,0xe2024f8a65f1e952L,0xb13926bdcc1fc913L,
-        0xe32e53c3ba02b960L,0x44b16d28b114c958L,0x000000000000003bL } },
-    /* 57 << 350 */
-    { { 0x0015027283ce0bcbL,0x5a6f1e8ad0a33983L,0x4d483980f1c66143L,
-        0xb37a9caf03204939L,0xb5e0caab9891623fL,0xaa5e602a0af5cfd2L,
-        0xdb19404a6aeb8e1fL,0x5e564a47d547c845L,0x0000000000000077L },
-      { 0x6502ddab6fcff0b4L,0x9b3b917c3c4d269fL,0x4277a91c89572b60L,
-        0xc4ab1a611c4fc851L,0x5e50a72e44e44005L,0xfcbb6af8780ad0dcL,
-        0xb4a90497c67497ebL,0xe9db959ad12b1f98L,0x00000000000001a9L } },
-    /* 58 << 350 */
-    { { 0xdcad1a7a26b19fb9L,0x0c1c5ff9750b92a2L,0x0f1fa28b058f95fcL,
-        0xb032e27098ee6b1eL,0xec3517835342789bL,0x61a075fe7dfa4090L,
-        0x2f5bf3468f71a0faL,0x3c420b15ba67509aL,0x0000000000000179L },
-      { 0x96facab3da8a643bL,0x1072c6a32b8a5245L,0x9b4459674b2a6bacL,
-        0xe7f134edb7657d74L,0x6fa48f3fa4ef87d2L,0x716df761e3af3715L,
-        0xe49d3969fc7f3d67L,0xd570e53846ba85dcL,0x0000000000000096L } },
-    /* 59 << 350 */
-    { { 0x47a2e7b45d421347L,0x049637bb55c6424fL,0x5213873c8891d0afL,
-        0x06df936818937d59L,0xab5b355bb5d15bd8L,0xd7cf6264f203554bL,
-        0xbc1ddb87b0e99f34L,0x8fbc558ac4d2b9e1L,0x0000000000000084L },
-      { 0xb56dec543b99c8abL,0x41e629b48623e2feL,0x47827ed735ba9b9fL,
-        0x23b57733e9486cfeL,0xa700b45f5fd4f31bL,0xb79d74ad710066b8L,
-        0x7b479783645d8579L,0xee14d73cf1a07835L,0x00000000000001abL } },
-    /* 60 << 350 */
-    { { 0xe769d8f767a1352dL,0x49b1d2c3e9856974L,0x9c15a1fc86e54afeL,
-        0x2d2c7e68b0e5b119L,0x3556ac15432cf4a2L,0xe25ebe20f39d2d76L,
-        0x048843ae51e8c89eL,0xce4822e802531be3L,0x000000000000004dL },
-      { 0x4992a988c947b6d7L,0x7eb5fe67eb717c00L,0xd4f2215be33b7f1fL,
-        0x32b9fcc2a4511d0aL,0x4884419d4d1089c0L,0xd7457e3e3dead6f2L,
-        0xf12c9f16c66123f8L,0x2ff7bccda2831727L,0x0000000000000025L } },
-    /* 61 << 350 */
-    { { 0x0e0272a0d8d3b893L,0x63fb603b4c72d7cdL,0x2f171bdfcf3b582aL,
-        0x624213d2708de1bcL,0x8a005cb66837c905L,0xd4146129e3c98adaL,
-        0x1ab6660facaabcb7L,0x0db3d2d28ac26da3L,0x00000000000000d5L },
-      { 0x48509cfbc07194c3L,0xff8f379fd2f9b6d4L,0x08de73963fc8d8cfL,
-        0x01b7305c8cdb7e13L,0xc49a1ceb4975a9a1L,0x5d43e036ac7b27e9L,
-        0xd966fb67695b828fL,0xc7ec9f958dbdffebL,0x00000000000000acL } },
-    /* 62 << 350 */
-    { { 0xb044c5b0a1f25fdcL,0x6bd4233dcf34c1edL,0xbdbfa1ee0d505218L,
-        0x1437801986e88bfbL,0x954329dfc9a0bf44L,0x7fe788acfcddd582L,
-        0xc89b05d567f5acc9L,0xfb5501ae95b0f029L,0x000000000000008dL },
-      { 0xd48fc71fa2c08347L,0xd7b35093f58203e8L,0x577552bf58cd9e2eL,
-        0x4832a9a2b63e6139L,0x6c51bff38d52008aL,0xb06b694411d85498L,
-        0x617537ad72466c2bL,0xd62576bc4e09a213L,0x0000000000000087L } },
-    /* 63 << 350 */
-    { { 0x66ced69ad8552a05L,0x53532f6f8c357a98L,0xf59b886be8474111L,
-        0xa434122383b36ae0L,0x5116daeee9fb4e22L,0xcbf240f8f9944958L,
-        0x7f5ee08c446b39b9L,0x7b1439a31d6d5952L,0x0000000000000013L },
-      { 0x1bd881fb009f21c3L,0xd0e41f4209dc3ff4L,0xa0a93d64bf8bd854L,
-        0x4755443ddf4bce85L,0x2c7dd3ae5137e57cL,0xb46efb67abbc8e6dL,
-        0xa9992f040bb87209L,0xf87c5f8f5b4ea762L,0x00000000000001b3L } },
-    /* 64 << 350 */
-    { { 0x58e8ca2cea2e4075L,0x5307ba37f271d545L,0x14de3b6e7ae7ad07L,
-        0x6bf3dac6169efeb3L,0x7be665b6f0996ac4L,0x3cbd076660a81ea5L,
-        0x93369d84b0876044L,0x33cd68dc8a489412L,0x0000000000000133L },
-      { 0x44912d16dca5b802L,0x3c30f445808db8c1L,0xd59e92904d2b7d5cL,
-        0xc1e20a6b2697a600L,0xfbbe023c3a028772L,0x8873d0bbc6e3b099L,
-        0x5fe76ac9050828adL,0xcf2ac286c0ab0ab0L,0x000000000000003eL } },
-    /* 0 << 357 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 357 */
-    { { 0x5fc885130076c379L,0x85e6f65cf31e63d1L,0x5def4f28ebc87b34L,
-        0x74d28f51ed0be6efL,0x1b83692d38771840L,0xd791f738a859b7beL,
-        0xed0cc1fea02d058eL,0x2b1befc5fecd2e54L,0x00000000000001a5L },
-      { 0x63864b8948cca591L,0x38195d6129335913L,0x8dc688bcc799aae4L,
-        0xb6d23959417331b4L,0x3d08b4f2743f8e65L,0xd46215b24fec2809L,
-        0xb37d17000497e0f5L,0x6bb17cc026ee48a6L,0x00000000000001e7L } },
-    /* 2 << 357 */
-    { { 0x59614f8580c55f68L,0x9dcd662c60ced87bL,0xe6dc932bf852f5aeL,
-        0x9db84a914f45a31eL,0x6062b2d6babea7acL,0x54a5881d28b65906L,
-        0x551e0b60b0f80dbfL,0xdb468350b286f88cL,0x000000000000005bL },
-      { 0x905656106bbb805fL,0xe38f65a46668e10cL,0xe619256657f2578fL,
-        0xc26d80922a72a1abL,0x904a9a525119d939L,0x622f5869d6709295L,
-        0x0a6ed42974543616L,0x8dad3c361c388e75L,0x0000000000000135L } },
-    /* 3 << 357 */
-    { { 0x8bf2fd7e6dae890dL,0x6b675c1fc9028f7eL,0x627b27a810d1a8c4L,
-        0xd24c988bf522e753L,0xab18f36ae0be9869L,0x9ff0e1fa962cdfa1L,
-        0x14911ef55945db5eL,0x6fd48fb37652ab6dL,0x00000000000001deL },
-      { 0xf8184ce8fbb2e5ebL,0x02056b25b09791edL,0x2e11264024abee11L,
-        0xcf22e0fec5119309L,0x64e4ed26136a9cd4L,0x16bbcc713e9b4baaL,
-        0xf2970b1f83d64789L,0x82c66547ec9a3758L,0x00000000000001cfL } },
-    /* 4 << 357 */
-    { { 0x9bf40d7110205c46L,0x10f27886161df55dL,0xdda5b7624763c7b1L,
-        0x4bce55110fbe9f17L,0x8fa954484bd30a7dL,0x302e33b31d27e799L,
-        0x4ddde60f9752ffd2L,0x98ddb153cded611dL,0x0000000000000069L },
-      { 0xdd9abcbb3e817caeL,0x3c6b3ffd52c627c2L,0x3209e7b3e28c3dfcL,
-        0x376f4071edb287bdL,0x9ddaaa58af0fab10L,0x969074cff859b34eL,
-        0xe16aec58c87e6ef9L,0xc5c7d470d113b6e0L,0x0000000000000066L } },
-    /* 5 << 357 */
-    { { 0xf0007020c199ebccL,0x1b8570d6f910a2a2L,0x35daadb9b2f82126L,
-        0x49a1e3218ca81d3aL,0x608ed9749a7ad74aL,0x92ae9decbb27faf9L,
-        0xea7db297dedcc552L,0xb61e57ff65e726f1L,0x00000000000001deL },
-      { 0x8b30b706d4b6b7e1L,0x9dcfebdd75d5772cL,0xa1e51c660b5f72fbL,
-        0xc594354756a7d61dL,0x45520f75912e1f45L,0x5c5df563771562edL,
-        0x8a2ee7850bc64d28L,0xd2c21b1430d7b664L,0x00000000000001b5L } },
-    /* 6 << 357 */
-    { { 0x845cd18adeaefda9L,0x0e694ca269b50e21L,0x060bd03952e5334bL,
-        0x4ab963a525bae929L,0x7904f9fd2a8fceb0L,0x535df726e889b7beL,
-        0x1fe0c30dab8d94f2L,0xddc0e7323f92e2a5L,0x0000000000000106L },
-      { 0xcc4c26e5404844ffL,0x53c01a4d301aa56dL,0xf7eff6a4a13a9558L,
-        0x994253bcb771fc98L,0x5b9323e8b1d9733cL,0x29ed522b1cb7c6acL,
-        0xe537003a3e4426a7L,0xbd83f66c36f23bb7L,0x00000000000001afL } },
-    /* 7 << 357 */
-    { { 0x732634970e7e5ee4L,0x01e0819a4f8e43afL,0x04dc6911b2620d54L,
-        0x5908bdeab166dd4bL,0xc27f597530b81a6eL,0x4f969894d47d8ce4L,
-        0x7d26b944a9b9b5fbL,0x1c77d724f2e481a0L,0x0000000000000007L },
-      { 0x99eafe7b9fefc298L,0xafeab30d35dfc4ceL,0xd9868f02b3fd8794L,
-        0xe8470c347893a641L,0xbde8016f9a5f544cL,0x5735714a2d93e0baL,
-        0x72d7a1dc41d47e55L,0xced50d7a89fe1dc2L,0x0000000000000137L } },
-    /* 8 << 357 */
-    { { 0x9dae6d7af8ece594L,0x7ad12f48cce0b041L,0x9d97efc7e7374970L,
-        0x7b8b1668311f5e2eL,0x0d68a7b6bb741640L,0xf9ea3dea9be65aa4L,
-        0xaa3e6811a11c78a5L,0x155ad4e50ac6e65eL,0x0000000000000062L },
-      { 0x5936d4fefebbfad7L,0xc94f1262a30ed6c6L,0x6013faf4b2081a7dL,
-        0x684ffdbf85a4e883L,0xaaff243819dbdad1L,0x8f3484441f91e40fL,
-        0x145d06f61ecea707L,0xeb7a4980ecbade82L,0x000000000000004dL } },
-    /* 9 << 357 */
-    { { 0xaf2d0a71a39faa14L,0x8c192e6be5bb2afeL,0xd62e45a44cfcdd3dL,
-        0x7b553314289c2da9L,0xfc4135f79db2af8aL,0x9f4be8fde9590378L,
-        0x20cb71f77e1f9d5cL,0x7b970c069a6d8b0eL,0x0000000000000090L },
-      { 0xdad63341ad2a5036L,0x8939b2fc3a6dbfb5L,0xd660a719b32c3bd2L,
-        0x61fea0eae187ad41L,0xc6e6c4ea766eed17L,0x0e85a989e14c91a0L,
-        0x8bf97e641167f7f1L,0x7a2eecaf37718ebfL,0x00000000000000d9L } },
-    /* 10 << 357 */
-    { { 0x374b1611a7274ad1L,0x2a0b82fdfe17b597L,0xa38209dedbe87483L,
-        0x2d31a7607617b6e9L,0x8b68a60b8c2631d7L,0xe290dfe601490869L,
-        0x9eedf0d622e67ae5L,0x17cdcb0f9c04930cL,0x00000000000001e0L },
-      { 0x8946af4e6874b6ecL,0x76be50db614e6518L,0xaf1e6990ff304e05L,
-        0x810413073edb16eeL,0x9d7160e06d0ff72cL,0x580b29bd12ef3a1dL,
-        0x47c5d81c5af9a9f4L,0xf96ef0842d828b7fL,0x000000000000009eL } },
-    /* 11 << 357 */
-    { { 0xa49b5b4d854620c5L,0x9e05bef6a25f2145L,0x53939ef2c63ed521L,
-        0x436783a1db13d740L,0x38f3aa8913f1e4b7L,0x23317818c364e263L,
-        0x301a26769ed21c63L,0x6e11a2342730950dL,0x00000000000001fdL },
-      { 0xc0dd00fe5bb3e26dL,0x0af3994912689233L,0x7ac01fb7c309b0bdL,
-        0x21ee2903f25bebf8L,0x9d9ae3a052f8b604L,0x3602803614c273dfL,
-        0x26126518bf5a2cf8L,0x022b5683c773cfd8L,0x00000000000000fdL } },
-    /* 12 << 357 */
-    { { 0xad453d3e15710148L,0xd5a72dcf93265c01L,0x153d58940f137f83L,
-        0xd15b25236577f8f0L,0xc378424bb1bd2bcaL,0x7ad83eb42dcc38e1L,
-        0xbe6c5006dea00d85L,0xf381d7b3003be5f5L,0x00000000000001cbL },
-      { 0x4290cf81a85be17cL,0xc4387af383bc4817L,0x81afe2281c4b8079L,
-        0xf231b430a26513baL,0x1d86f33cd7539aeaL,0x1bb43b3e9c4253fdL,
-        0x4eb49f8461000d51L,0xeaf801bc8115d791L,0x0000000000000053L } },
-    /* 13 << 357 */
-    { { 0x4fb83cd0f34cb82fL,0x69c93fd4019a99e9L,0xf9b3eb3e08b00516L,
-        0xcf76e0e08510cc7aL,0xe20bf27cacf20956L,0xa953142555e33a65L,
-        0x03e4e262d550453dL,0x493cf4e09dd063a0L,0x000000000000004eL },
-      { 0x677087f92a9ac3feL,0x4e26f17fdd36a879L,0x35822e0e3ced41c4L,
-        0x0e5d370bf3c6996cL,0xc7a460b123afc844L,0x2b4d9af0771476f7L,
-        0x5c3fffd48f8c1c25L,0xb02bbf7ab8ab8cb2L,0x000000000000016bL } },
-    /* 14 << 357 */
-    { { 0xfafd5607c5208d6fL,0x827f270e00c9ba87L,0xe8e7a1c84b607882L,
-        0xdd16443cf35d1a14L,0x2bd6a6a7bedfd9feL,0x62942d8dc5b2c568L,
-        0x590c4759127313a4L,0xc53b5fc26501778cL,0x000000000000009dL },
-      { 0x77c992e56221cd29L,0x1087ff0a2a5ecbeaL,0x1fca36f63f82e7dfL,
-        0xdd6bd34d86fcbc98L,0x1edd8206d7088562L,0x2d9973d492bd31bbL,
-        0x7f0e3aaba49088c9L,0x5a80616ca6b9082cL,0x00000000000001a6L } },
-    /* 15 << 357 */
-    { { 0x6c9c00cc9425d127L,0xb73e7c9e46995ad4L,0x63ea143a999706a4L,
-        0x6c760fa3855b0262L,0x596b82bd2e3f833cL,0x6d1125d423701b52L,
-        0xe44c7901fd4fdba1L,0x6e669d073ac0d4f9L,0x00000000000001e2L },
-      { 0xa580b58e12c34bcfL,0x56f7058f44605f24L,0x10addb7d59c18830L,
-        0xd6c8cebf0522df9eL,0x1d4e0092ce01eedbL,0x545e99de98246639L,
-        0x5898dc3c288b42dbL,0xfca8d04f85fc96dcL,0x00000000000001e4L } },
-    /* 16 << 357 */
-    { { 0x600c5b055bb88603L,0x9e4b5b739be3b3fbL,0xd485d76b4844ab63L,
-        0xffa20a3320cd3b55L,0x6003ad11e40ec83bL,0xeb5423b4eed37ac2L,
-        0xc25c87c09d4a0f44L,0x2de4bfe703c0e7d4L,0x00000000000001eeL },
-      { 0xaa9ee44d14bc1043L,0x9fc3875a24c86d4eL,0x8f9bc8b6b7405ee2L,
-        0xaede13e5b46a336fL,0xbf5de69f6651c1f8L,0xb8e7a34070dc1e30L,
-        0x437d3592f4d76655L,0x2d2c90e1beee67b4L,0x00000000000001c6L } },
-    /* 17 << 357 */
-    { { 0x4664ebe900c657d5L,0x7a43a626fad6a0baL,0x0fae848fa1a45bf4L,
-        0xaaba18c1a7724169L,0x10f5d5da8bd42cf2L,0x7e8c8325bf839af2L,
-        0x8d93d80931e37653L,0x74a5f0c70d179a63L,0x00000000000001f1L },
-      { 0xa04092aac673ef06L,0x22273ee1f1f44e71L,0x82b91d97d2424e61L,
-        0xa9bbc3a3e15c0618L,0xe5affe60c664d826L,0x69a5df34ef461b41L,
-        0xb5fcb32a9537f22bL,0xab073066f0b136ceL,0x0000000000000077L } },
-    /* 18 << 357 */
-    { { 0x291c30d8d404dbe2L,0xae586d4eba4aaab0L,0x4aa25d064fe7c560L,
-        0xdd8a3fa74a2c320eL,0xb4d269773ce46c90L,0x095e11baa1e6595cL,
-        0xbbc02c14dfcf4a78L,0x300d1c7c6fca5975L,0x00000000000000faL },
-      { 0x8f0f92e04d75128dL,0x32cf5813b7cce9f5L,0x723bf4fb506f432bL,
-        0x6d4165742f9bfc6cL,0x6d46f9a0afeedb54L,0xa80d2408ab7e42b4L,
-        0xdee2b761092cd638L,0x5ca05ac471680b52L,0x0000000000000078L } },
-    /* 19 << 357 */
-    { { 0x67ac7288f9b1e2a9L,0xd39accd88a9618dcL,0xf2eea4079788f1cdL,
-        0xad399fed231e29d4L,0xdd9ed7a7c3fb75bcL,0x5e209b29d3b22d47L,
-        0x207a0f402d4f8b93L,0xd6c21ae9ad537dd5L,0x00000000000001d6L },
-      { 0x12f0d8e20c6e991dL,0x9b2203f781f55960L,0x682308fa3fb0ba6dL,
-        0x58c21718501385bfL,0xe7edb949f2e89261L,0x711b06333e12d5dfL,
-        0xac5ff61ab4711546L,0x359f9e52fbe942ecL,0x00000000000000f1L } },
-    /* 20 << 357 */
-    { { 0xa7141cb5aa76edf9L,0x709fb9dbcdcda2d2L,0x49a8a4a4cafc26ecL,
-        0x4fc050c2b2aaa10cL,0xffdc2eabf44d5826L,0xf762925f09ea8dd8L,
-        0xd6378df3f8d1c25eL,0x26e9594cf8ef4a7eL,0x000000000000012dL },
-      { 0x17199c483eece377L,0x629bc6f2efd1ac52L,0xf4d78f2194fc4c0fL,
-        0xce45f81dc083c2b9L,0x26e4498e79b23374L,0x8e61a4c5d50a6fe3L,
-        0xde6b4c398df5a418L,0xc5b45d1908a404ecL,0x00000000000001a9L } },
-    /* 21 << 357 */
-    { { 0x59b3569b5557920dL,0xad74bcaee1289fcdL,0x1da74246b83a07d3L,
-        0xb8281e1a04d7b322L,0xff7eb19711c785efL,0x401faa11f3120671L,
-        0x757abd6ac64f7560L,0xba32b8d9912332e2L,0x000000000000015cL },
-      { 0xbb6740b88645d3ddL,0x21300afd5fb11e5dL,0x52e8e04d824b3790L,
-        0xff431ad6955ae754L,0x297251b6af3db93cL,0x815b56ad6e5fe4c4L,
-        0x7bc72cb2302c1847L,0xb47872d5d8ae63fcL,0x000000000000010eL } },
-    /* 22 << 357 */
-    { { 0xef086d92606c5ccdL,0x0368a9b91ad1f2a1L,0x7dca53159a4216d7L,
-        0x3b9722752ba7308bL,0x680fb882cbdcb20dL,0x8cf5b86093be3a49L,
-        0x2c366b9798528bf8L,0x83e51a9a2a100078L,0x0000000000000039L },
-      { 0xc4d52471a89bca47L,0x1b57283abe28d462L,0xd2435fb58f2b7ffeL,
-        0x9c3b714e58596f3cL,0x29cc40da99689f33L,0x1f94e6936d34becbL,
-        0x226148c7690e3096L,0x1b37296b5db2e1a9L,0x00000000000000d9L } },
-    /* 23 << 357 */
-    { { 0x86aaa7871589aaafL,0xa58a71afcf62397bL,0xb3f39935783c57c4L,
-        0xb4bb84bd1d05d2daL,0x8dcaa3a8bcf38515L,0x0328ff676c302fbbL,
-        0x2f6ae585de90d3bfL,0xce78807594b3fa66L,0x0000000000000082L },
-      { 0x3020d12b6ae46a4cL,0xa4a0efdd0714efd6L,0x4ce6635189a1f1f7L,
-        0xa42a3a2d17f8bbb6L,0x3e63a2011cd5084bL,0x0e34ebb1e4b7753eL,
-        0xb0db48f4e104b70cL,0x6365edb85230ae6dL,0x000000000000016bL } },
-    /* 24 << 357 */
-    { { 0xeaa998a0008164d4L,0x15d52dcd413f4ff0L,0x3b180c19e4ff76a9L,
-        0x879fdc34c30ecbf4L,0x7ec379cd518fd432L,0x8a51bb32e6161641L,
-        0x92e85885d582e0e8L,0x5503550ae00847a0L,0x000000000000008fL },
-      { 0xddf4c5cc039b003cL,0x0c8d3f93c4814d97L,0x213ca9b502075f02L,
-        0x347d87b988920f8eL,0x96ef11c896dbf1b7L,0xb092ba1ccf927dc6L,
-        0x6a12dcc7d068f694L,0xe98db68d16a6e447L,0x00000000000000aeL } },
-    /* 25 << 357 */
-    { { 0xc29f18d0d033e447L,0x4bf3a1eea22ae892L,0x92527cbfb0eb6f5bL,
-        0xbf7f74b77873907eL,0x32e0d8d0c55a06f2L,0x801bcde493e6f6bdL,
-        0x8ea36c4790dac3f8L,0xa17b404d8d084a01L,0x0000000000000096L },
-      { 0xadab47b6278c74d3L,0xbd17de910fa2bbdeL,0xb85a0413ca875158L,
-        0xade2a656639a7532L,0x5434ba0b0f86e65aL,0xa4b00d71423a16d1L,
-        0x2025b8db4f9d19e8L,0x774d5ba564a9c56aL,0x00000000000000e2L } },
-    /* 26 << 357 */
-    { { 0x89e6bc861181af3fL,0x989fcb1039d582cdL,0xdbe760be95374939L,
-        0xc2a3b1a495db6d56L,0x00ca290f0bef3e32L,0xa80d17d5fb7e42c6L,
-        0x37f23682391433b0L,0xa1497300fd3ba245L,0x00000000000000faL },
-      { 0x6684500110b99e4dL,0x163a5154d25f774bL,0xc3cb0e0eedd0e224L,
-        0xf3b428594639adfbL,0x29b757cb827a88cdL,0x3b93e712313a5d62L,
-        0xe90427941f2b4ad6L,0xd96f3be6f339ce2fL,0x000000000000010eL } },
-    /* 27 << 357 */
-    { { 0x9d900733986982c4L,0x318552d9ac043e1bL,0xc31329e818f19cd9L,
-        0xd4545cc6e6d8fedfL,0x584a8c309990ad83L,0x9822bf5cc7f5de2aL,
-        0x88a4ab27a1a0595dL,0xf33dbec11849603fL,0x0000000000000044L },
-      { 0xee18a6fa902af180L,0xbd6749d62d8a0745L,0x90f819e378988322L,
-        0x77cbf6c1a8a89881L,0x2b25b032afc38279L,0x039111b11f85e6f7L,
-        0x2d5c9c44f53149aaL,0x612b1f34576a5889L,0x000000000000017aL } },
-    /* 28 << 357 */
-    { { 0x57e0945b3f162106L,0xbf09909356b68350L,0x0dc60a427081a881L,
-        0x83130a725c91ff51L,0xdfc2900ab5421031L,0x7adcbe4cda92cb5bL,
-        0xe3b1b4e350fe781eL,0x825e00dc27e2e2f5L,0x0000000000000023L },
-      { 0x69dd98e974ae5f26L,0x65920f1833082671L,0x9667d392dfeeace1L,
-        0x080e764c3d330572L,0x2e4af049cbec5f4eL,0xc33a0fcd50d4523eL,
-        0xea84623a4fd8106cL,0x030d9f36f111aca4L,0x00000000000001deL } },
-    /* 29 << 357 */
-    { { 0xd59b137dd906f557L,0x13e53d54b000c6f4L,0x97b11ef277220004L,
-        0xefa864eaba1ad04bL,0x01bbe0c53b9940a5L,0x093438c59461c4f5L,
-        0xb8bd4858f02e4c47L,0xab236955aacdcf32L,0x0000000000000177L },
-      { 0x300f6e4fdc6fa477L,0x636c5e24479bc943L,0x162fb16b0a3037b9L,
-        0xc9b34c7d8d1c8090L,0x7575aeaa39f26c09L,0xea576004e4a9b03fL,
-        0xaa6ffb966b070d8bL,0x5f363e8ee19d31f3L,0x0000000000000156L } },
-    /* 30 << 357 */
-    { { 0xaec64b223ceb9d8fL,0x01c0e019c11322e0L,0x7fa117ffa28fed94L,
-        0xb4fd42817951378eL,0x9272e9c11a7e709cL,0x778d28e9d6c3adabL,
-        0x5dff9492913d9fb1L,0x5295e39d2db50e08L,0x0000000000000022L },
-      { 0x0793b7a2b251c930L,0x38b7ac80b20ea902L,0x63832322ecd86c5dL,
-        0x7c7085f103041135L,0xc6a97824da3beea4L,0x243049099bbf9d98L,
-        0x1dbbd3e6c5aa02c5L,0x777406cf81715102L,0x0000000000000101L } },
-    /* 31 << 357 */
-    { { 0x9ac223c2833f5b6eL,0xa41661e2c8ce1d45L,0x8e5c81882f76714bL,
-        0xee29488c14400154L,0xf64aff1c7f02d81fL,0x2b93109a6b843a48L,
-        0x88156fe61c2562efL,0xd4636076ee474fb2L,0x00000000000001c3L },
-      { 0x42c4cdd8a6b2aabcL,0x0cefb9353c0ab8d5L,0x950ee61226769ee7L,
-        0x516831ada2977cacL,0x1174ac00ed854041L,0x261d3bcee16cfcdeL,
-        0x8706465a2f4e7899L,0x18f2aaaff290e5cdL,0x0000000000000037L } },
-    /* 32 << 357 */
-    { { 0x46f9436c06c9837eL,0xa4feb9d508fea5bbL,0xc733ef31aa2ff650L,
-        0xa58f3ffe205e0f43L,0x54d1150fbf567988L,0x78c0ac9216052b8bL,
-        0xed2e587ba2f59a1bL,0xf80d6e5c2d6b5969L,0x0000000000000105L },
-      { 0x5029c675207ff447L,0xd8842988dedc6a4cL,0x5c3b90e4cf78d639L,
-        0xa008ae416e8e9794L,0x098d2fe729023bd6L,0xf4bc574a003e7a86L,
-        0xa7a024993d4ffa1eL,0xd55641098d521bd5L,0x00000000000001e8L } },
-    /* 33 << 357 */
-    { { 0x747b5923d475cebdL,0xe868d30ae7454df7L,0xc60fcf2ae8560236L,
-        0xddcff0f2967f3f67L,0x84fbe85f458c2bbaL,0x3daf2c80fbff1388L,
-        0x4799d4f27e86e7f0L,0x84482f9e8a74569dL,0x0000000000000018L },
-      { 0x521f01352b57d1d3L,0x7b4a58b49c2977e1L,0xd4b814010c9765b2L,
-        0x50c0eb1af6d91eefL,0x2ad82cb773e68f47L,0xd4768ebb16252241L,
-        0x92b37e3e308599d7L,0xea44f24f999beabeL,0x00000000000001d4L } },
-    /* 34 << 357 */
-    { { 0x7ec4adf92400c234L,0x956e6df24207eac9L,0xd2676feac9e07ecaL,
-        0xb1d7900cd44e5bc2L,0x7371f0078421b464L,0x9dd2c07c552ddfb8L,
-        0x55b32fb91ab48f64L,0x4c7aa6352d161efcL,0x0000000000000016L },
-      { 0x62af0f34d40817d4L,0x2bc7f399354cef0fL,0xf614ed51aef88f33L,
-        0x2a8aaaf6562eb7b7L,0x3f69e05f9374c7f9L,0x4e8580ac24a5d254L,
-        0x9fb8ded394aaed09L,0x47ee6861b44f65f8L,0x000000000000009fL } },
-    /* 35 << 357 */
-    { { 0xb88da0dd0cb7d987L,0x5803bf709d01e454L,0xcaa7cc1831cc5a05L,
-        0xfd0c0e2094704898L,0xd20841e583df7331L,0x0dadf18abf70720aL,
-        0x0eee9aa2e95a1826L,0x47c43dbaf7356e8dL,0x00000000000001b6L },
-      { 0x46f3881f01992a30L,0xf99d10419928c31aL,0x8cd5efdffba1c52fL,
-        0x527ddf05123c3357L,0x46943c89233150b9L,0xf41e12734bbd1ea8L,
-        0xa0cd7fce8c62e10cL,0xfd21a999192e00f3L,0x0000000000000183L } },
-    /* 36 << 357 */
-    { { 0xe6e75221cfe610aeL,0x1c98a33934eb829cL,0x1c8d8d909a4ac715L,
-        0xace287a451bd9ccfL,0x24fd7cfcbd6b8384L,0xce03abe6093b52baL,
-        0x42ac7a7ae38467d1L,0x97663c10c0df6af2L,0x0000000000000173L },
-      { 0xeab753a507e4f493L,0xe36b7afafecb8668L,0x02694012da27628cL,
-        0x8cf6fdf942bc520aL,0xe8549a7e7f995666L,0x5f0a927973d4a08aL,
-        0x1a87664ab708a5f3L,0x68333933435d6adcL,0x00000000000000ceL } },
-    /* 37 << 357 */
-    { { 0xb577c1533f989761L,0xae35d211bfa3d8fcL,0xd47c40c9b1f4a399L,
-        0xd5b0975b2364454dL,0xed4d9984b3237eedL,0x97c31b497df401f9L,
-        0xb7b427e22bc4659aL,0xd9bf226f45a55ae6L,0x0000000000000075L },
-      { 0xa5990f28073531a6L,0xe76bc93d8f8b9a4dL,0x588489cb74e5ed46L,
-        0xd13ed6ab72ee0648L,0xc2577aeefed5353cL,0xdab9de078dc20accL,
-        0xcac8e1f9d57b513aL,0x5e76607aad484dc4L,0x000000000000002cL } },
-    /* 38 << 357 */
-    { { 0xbcb19c11883359b4L,0x3ad2e194c4e7949aL,0xb773fca20ffa7882L,
-        0xbd1a7603e60cfad7L,0xbea03ebea5b4d66bL,0x875da4b871223c53L,
-        0x2e33d74ab5abef29L,0xa3ce7d910fd9b58bL,0x00000000000000d2L },
-      { 0x54784134feeafab8L,0x0af5113379e28a21L,0x02245680f0f5e643L,
-        0xf467cdb0027bfdd9L,0x9446e78a520929e4L,0xc0190cecb05f7059L,
-        0x31cbdade20e99cd1L,0x970d57f4c9001716L,0x00000000000001d6L } },
-    /* 39 << 357 */
-    { { 0x19dfeadf318077a4L,0x646f8bdab99ea8cbL,0x9c32bf839bce9a97L,
-        0xf054bf9ba74ef02bL,0xb51e016b44a4ca3aL,0xc6e07a7bcd3dc334L,
-        0xab3b52ad878eb40dL,0x12aa8a92ed323d42L,0x00000000000000acL },
-      { 0xa3436773633c177eL,0xa9c7bee1e2b5ef90L,0x175955d8acc698a1L,
-        0x473dd3eb2725fc60L,0xa7b4bc94c65fecfcL,0x8767e77f84427009L,
-        0xb719a53fe6c0bfa1L,0x66025e6e3b082160L,0x00000000000000a6L } },
-    /* 40 << 357 */
-    { { 0x8b335fa8eb78796fL,0x632a1e3598c921feL,0x8a81e3dc13ebb873L,
-        0x6ea0a1ca392ac9a2L,0x12ac8f7d7a111fe3L,0xe8019e481b74982fL,
-        0x970840ab372bd012L,0xf08f46778030b6baL,0x0000000000000191L },
-      { 0xf1daff85ff6ca70bL,0x83a30831c4c98b48L,0xb3d1402f4b44f090L,
-        0xea42a852ffc5fc43L,0x64fb5a0e5adb2237L,0xa3f97d5cef91d510L,
-        0xaa8a0026f0d6d405L,0xa9db41befedcd04aL,0x0000000000000061L } },
-    /* 41 << 357 */
-    { { 0xec4e0725f2d955e6L,0xf65913b6ba0ad53aL,0xb5436673f9c3c2edL,
-        0xdbb1e9214c59fa00L,0x480014831381e59eL,0x688f1d33ba2b09c1L,
-        0xcf5af8117a4e2a57L,0x11e023ee52198011L,0x0000000000000162L },
-      { 0x62cf35fa3dfe2dc7L,0xbced5f18d977b622L,0x240d0df41edd8ab6L,
-        0x7e047352991127e7L,0xdc9572f31df7bc5bL,0x97b0d175afbc0867L,
-        0x6a42f136de3d2346L,0x1fc3c25f5158affeL,0x0000000000000138L } },
-    /* 42 << 357 */
-    { { 0xeab39f78787edb77L,0x56a60472ff2e9f55L,0xce7b46bff785cb54L,
-        0x278a0c9ec7d39690L,0x0cf992f68c3e887dL,0x9e148e8051d0d1c6L,
-        0x5b33c695f3755acfL,0xb0451f2f658905c1L,0x000000000000018aL },
-      { 0xa6e028307fbc9643L,0x9338cbb303b27b50L,0x5c64eda85026ee72L,
-        0x7f1647d2fcefe41dL,0x85619fccf3dbb4bdL,0x393e6efa01d6451aL,
-        0x935171004e8d8ef0L,0x32c37325ffea99afL,0x00000000000000c8L } },
-    /* 43 << 357 */
-    { { 0x2b555d0e6fe03ba1L,0x773f545a8b03d806L,0xa31ffe71bcc6d9deL,
-        0x446edf311990a436L,0xd8c4fc206592df48L,0x3317ee33c15ac3beL,
-        0x41696fb6f63b4e1bL,0x83a4cba346027c25L,0x0000000000000084L },
-      { 0xde69ed4512dd9c85L,0xd667dcced6c26d22L,0x4ded2f5b385619c4L,
-        0xd2655d51821e0244L,0x1311765ebf2c49a6L,0x9415d8cc38383d4bL,
-        0xe71bcaf8bf9db4b7L,0xb3e5627ccc381e0eL,0x0000000000000025L } },
-    /* 44 << 357 */
-    { { 0xa4933fbea92fddffL,0x7c32d97032b86443L,0x2e9a7398b183d623L,
-        0x486972894721f8c5L,0xbee88c0cc969e75fL,0x842542613c4d5de1L,
-        0x909eae9e787a1700L,0xe31ff428974bad84L,0x00000000000001dbL },
-      { 0x984cb4ee752c8899L,0xa92f6ac567310f87L,0x47f0e7caa6a1de3dL,
-        0x5c3dcb5fcfeb910eL,0x7dca121b1205acf2L,0x6399f030cb5ebb96L,
-        0xe1c316b2e398cc1aL,0xfa8d37e0852051fcL,0x000000000000004dL } },
-    /* 45 << 357 */
-    { { 0xa2b6eb345f87572aL,0x0732cec41782a0d3L,0xd9435216d41ea9d8L,
-        0x543571ed5cc97716L,0xe3521d10956feeadL,0x750eb198f41fe528L,
-        0x4af6cf943d29c833L,0x78e073e6436a223fL,0x000000000000018fL },
-      { 0x49c4e5bc26897e4dL,0xb80996a2959ec43bL,0x13ae0906c00242e5L,
-        0x9aee89d706f4670bL,0xd06613d5c8d05987L,0x201b5d15c8675f76L,
-        0xd19defe0d4c74f5cL,0x043e361e6cb41c71L,0x0000000000000180L } },
-    /* 46 << 357 */
-    { { 0x3c015437c95ad2b2L,0xca901614d09999a6L,0xf8549f51d5fa15c3L,
-        0x7fdb2f64c5630ea8L,0x1e4ee6802b7b842bL,0xf475e8cf313eb14cL,
-        0xfcafbdb3d6c70e1cL,0x77bca78f4bdd4355L,0x0000000000000032L },
-      { 0x1512a85e9b20aef6L,0x2728e6820c9decf2L,0x8b3cf87bbefd8a4dL,
-        0x3a42b96e601b9833L,0x6f27e84d058180d8L,0x0cfbc003489fd730L,
-        0x208b7f66f8db094aL,0xf5987e8fc3f1fc46L,0x00000000000001a3L } },
-    /* 47 << 357 */
-    { { 0xf79e90d3ba0cfa35L,0x3d442ee9cd0223cfL,0x21b64ccc2dc0768cL,
-        0xcbe9a804db61bf73L,0x5871a42fa4d78ca6L,0x67e5f390e0b6be3bL,
-        0x9f4b155bff116508L,0x73f1924ac84bc47fL,0x00000000000000afL },
-      { 0xfb1d1caa6f41f665L,0x4e2717a196ad7cffL,0x1772f0581d490e34L,
-        0xd52e78b067c82478L,0x53e323f99b612421L,0xb23240ab51b055c3L,
-        0xb479a9cd2902f229L,0x1a63508d40c0e2b3L,0x0000000000000005L } },
-    /* 48 << 357 */
-    { { 0x56f46aeea79fec2fL,0xae7420e6caa8072eL,0xa8d82818e0909a51L,
-        0xb6fde2a2d53b908dL,0x2c291216aa4b288aL,0x522c8be8315bc370L,
-        0x27d342ed48cbe4c9L,0xcc7e7d2282bda6edL,0x0000000000000179L },
-      { 0x28c243b826b789cbL,0x0ee9307a736b8f95L,0x6bb0026317c8d0abL,
-        0xfb2563cb96c50f3fL,0xda495d9aff006875L,0x4fb2a94706b90869L,
-        0xf00cd1a64aec98d5L,0x0eff72f28bd40482L,0x0000000000000197L } },
-    /* 49 << 357 */
-    { { 0x98b780b5760dcbf1L,0xf260047b515a1d29L,0xfac95ac3814e0ee9L,
-        0x816e57a0fba262ecL,0xfc5cd59e48334247L,0xa341052546e7e886L,
-        0xd1db72bdddb0dcadL,0x5624b146ffd69bd4L,0x0000000000000178L },
-      { 0x35e3ace300b92a71L,0xc32822663c82793bL,0x53c3e94494ffd3b8L,
-        0x9f71ff3e58dbdfd0L,0xa7a41d4df73e87c2L,0x78c91fa31039d1c0L,
-        0xb58daa057807f696L,0xa450af015c2cd7b7L,0x0000000000000035L } },
-    /* 50 << 357 */
-    { { 0x7619732f42b7fc50L,0x765e9ae03259ee5aL,0xc6e36b88f486fc6eL,
-        0x7161e3133e057364L,0xb06faa190eb94e6dL,0x5018350dd7092a7aL,
-        0x2cd31d11fb6c1de8L,0x9561568bbc8ec647L,0x0000000000000126L },
-      { 0x839b1c55ed5d4d74L,0xf167bec107576342L,0x8afd2ae346e1cc51L,
-        0x2546e4ffa5126110L,0x403b72bef10cc605L,0xe611d43086ab00f7L,
-        0x6c828ae6ced04aefL,0xdac7bcf83ad5c8e8L,0x0000000000000029L } },
-    /* 51 << 357 */
-    { { 0x921b03409c60750dL,0x1fa1dc07a742d533L,0x2001a510cfe647c0L,
-        0xfdcec65d559bac54L,0xb006791b6c9979ceL,0xd8786269d197b3b3L,
-        0x8ba2d90530372529L,0xf0552a77063e1943L,0x00000000000001c2L },
-      { 0xaee03501d5b06ec0L,0xefbc6b5a906d4e35L,0xcba825b51f8fe6e1L,
-        0x098a5cf0e1db85e0L,0x0ca97bd479d75481L,0xe2090d3481d62082L,
-        0x0ee36412b26ca32fL,0x349e9c106f66e6d8L,0x0000000000000110L } },
-    /* 52 << 357 */
-    { { 0xe4fd1cf233c62e14L,0xbd7961f581615b2fL,0x1b82c51effc3ea38L,
-        0xa02c70e8e04b3a9aL,0xf8853863926b63d2L,0x57013d79e2733711L,
-        0xb62f0fb7006a0326L,0x225a8b3b98a22842L,0x0000000000000175L },
-      { 0x6718ed9f53021cd8L,0xdea4cdec2a3bf941L,0x0323bb3a5211899fL,
-        0xd83957736e557ae1L,0x657633b4a363900fL,0xda61a25732721ca0L,
-        0x9e53c3dbd9eb3821L,0x28972548aaf7a7adL,0x000000000000001dL } },
-    /* 53 << 357 */
-    { { 0x0e6ab03f3358352dL,0xaf91d6e912a5cbdfL,0xfc0c814d8350e169L,
-        0x6d76035e025bc3f5L,0xc48c841c91cc2fffL,0x988a58692d378112L,
-        0xe6b22cf41f1c5d84L,0x4d6a80c966be7431L,0x000000000000017cL },
-      { 0x329989467452fe56L,0x7c949998851cde83L,0x62f685df83aae234L,
-        0xebc255cf3273ce30L,0x5d9b1076cc1c544bL,0xdcb2cc0ba0afe211L,
-        0xb4985ff2bf40b28aL,0xe6162860dd765e5cL,0x0000000000000059L } },
-    /* 54 << 357 */
-    { { 0xdd36dad51f7dbea4L,0x668dad4d6506ae83L,0xb38d22d45b93e93bL,
-        0x8f01ab0073a449e9L,0x66d3db72d8e6e6e8L,0x19a9dd5d3d2427faL,
-        0x0fd8d0da3d40a973L,0x479f47bc10ca67abL,0x00000000000001f0L },
-      { 0xdf05de0bff3a276eL,0xc54847b14ffdc307L,0x56caf53a6fca2200L,
-        0x9fb352117ecda564L,0x9a0a56923369ffa9L,0xdcfbf647f8af9180L,
-        0x5b6d4451678c3fb5L,0x5a60678c6ff73ed9L,0x00000000000001bbL } },
-    /* 55 << 357 */
-    { { 0xd478174e1742c389L,0x5a2383c346b36bc3L,0xfbaca1a26581793aL,
-        0x2a1d1fa6f855f601L,0x14a376f0308d3c27L,0xee58276c0cc714f5L,
-        0xcc4030a2344e36b0L,0xce095846f956b0c2L,0x0000000000000093L },
-      { 0x89a622e8aeecd9c9L,0x206e4d6f27cd372fL,0x317476b49441b11dL,
-        0x399a84cf983641d8L,0xe9f70bdcf169555eL,0xfe01d5c38ad9b9b0L,
-        0xba6a96fc72ed19a9L,0x30239e4187057a78L,0x000000000000013fL } },
-    /* 56 << 357 */
-    { { 0x4ade586f26762e69L,0xa4d590d75c5452e9L,0x866d96d7a3d17b63L,
-        0x4820299b54373909L,0x9c4970f071889f59L,0xbe409ea4a47395c5L,
-        0xa1c14b17960a0ea2L,0x4a33c8a0307327b7L,0x0000000000000102L },
-      { 0xe590fe7c2b54a6c6L,0xb4a1ab5bc8f7ed0cL,0x91f19a290051c927L,
-        0xd9f5d6078eac2400L,0x9bc268f6f0cf556bL,0x823c77404112a75fL,
-        0x1a8168497d3647c4L,0x46f70e49b3b45d09L,0x0000000000000050L } },
-    /* 57 << 357 */
-    { { 0x66bea937a3a32754L,0x780ed9ca96a00b32L,0x65e5ad8e2b5cc630L,
-        0x7283fbc3dc7657b5L,0x15dc690b934d9824L,0xd6f130dba98a847dL,
-        0x0096e9cf3f226e42L,0xe2a54507e1e7d57fL,0x000000000000014aL },
-      { 0xee2fd2150bbc21edL,0xe095c08d4301f751L,0x32b119d43e5cb50aL,
-        0xe435e70435ec749fL,0x83369dd530a40178L,0x594a72fe98292f0eL,
-        0x118880ad3d2ea843L,0x9eb5cc991890318cL,0x000000000000011cL } },
-    /* 58 << 357 */
-    { { 0x361c1f3b4d6df598L,0x6956400f491b9e2eL,0x84efa820336843b6L,
-        0x88c0cdee43925859L,0x29193ebb69c6047fL,0x13607b35f0aad25fL,
-        0x20206ebd61dddd4aL,0x0e644f1eb9fc054dL,0x0000000000000108L },
-      { 0xca58a7ac1436fe82L,0xa817cc24e935e783L,0x2345a558c8ad7900L,
-        0x64c0aff682da4250L,0x3070a842a7e6b289L,0xab848eb00aecec1eL,
-        0xa26ce7e0900a03f0L,0x3fcafea7f76a6eeeL,0x000000000000018dL } },
-    /* 59 << 357 */
-    { { 0xc93375d857c613e4L,0xd6e163aa792ef674L,0x5b8da9694c9f17d0L,
-        0x51f0cb78ce67b932L,0x3c1667b022f10ad6L,0xb370de10b6a741d3L,
-        0x5b359e3527254ceeL,0xa4699c4001436030L,0x000000000000017bL },
-      { 0x444d66615ab27a0fL,0x7a63495561218274L,0x7accc97c8b6bc0b3L,
-        0x31e90f52e9feb480L,0x0ae5f490d73c2467L,0xb42bb6330947f2efL,
-        0x12130e62ca8bdc7cL,0x87538842afc7773dL,0x000000000000014aL } },
-    /* 60 << 357 */
-    { { 0xa0e61ef29c860a3dL,0x82efb508a7a35111L,0x95110f183fdf7c57L,
-        0xd08244f748f762fdL,0xe2584f839119ce6aL,0x0818a297f38db17cL,
-        0x0e604711bc3bc9e2L,0x46d5fe361b183756L,0x00000000000001b3L },
-      { 0x3c6c64217662e9b9L,0x1e057724d4a00cfbL,0x285c8771102bcc5cL,
-        0xa606d16e09724e97L,0xab2089a86dd635dbL,0x6fdd9e810b59f6e3L,
-        0x43d64d58ff787a8eL,0x7fd128ddd9699167L,0x00000000000000eeL } },
-    /* 61 << 357 */
-    { { 0x6e1e35308e1abfdcL,0x108178640e58238bL,0x91902f99aab590acL,
-        0x5132a07808a83158L,0x530791584fdf05d6L,0x629edbe68ad80625L,
-        0x32e9651d3f107300L,0x3e162ac228a30c6aL,0x0000000000000155L },
-      { 0x32d00fc0bb96dfefL,0x14d6778057d671d4L,0xd644f22da23a3842L,
-        0x68c9d17f7564276eL,0x4081b0b960b55ea5L,0xfb317cd3bd1dd449L,
-        0x3ae6ef5a8a1905a7L,0x2daed738a3b1e642L,0x0000000000000003L } },
-    /* 62 << 357 */
-    { { 0xab014c8728aa98f7L,0xf140362355cf61a1L,0x193f4267b5240bf3L,
-        0x07d29ec4df79676fL,0x7e5d124afef053f3L,0x577b7ef54d8a7c4fL,
-        0x05e53aa25f9e45cdL,0x0306e26cc0709ec7L,0x0000000000000145L },
-      { 0xd4609e0b47d36131L,0x0a27167e024b55c9L,0xc913e714bec0a1b7L,
-        0x391fbba1aea3e853L,0x5541c7015910da47L,0x40e545fd1c083ebfL,
-        0x73a6b44870eea6e2L,0x9578a3a138a320b2L,0x0000000000000133L } },
-    /* 63 << 357 */
-    { { 0x4d63d8568a4afc5eL,0x8dba9bbb93fe42a9L,0x2786def64388b3ffL,
-        0xb178c71c588ff35aL,0x9acff904dc6b8ddeL,0x96fc5adfe39951bbL,
-        0x36c16b128622694cL,0x8d3c04a120bbc11eL,0x0000000000000088L },
-      { 0xe910f16ab73d75a5L,0xce8c56594d0c3e49L,0xf9682dfd11ec38c4L,
-        0x1c98872dec673776L,0x65e891ea498fb63dL,0x9c743402270806bdL,
-        0x773660181eafb44eL,0xb52ff43420582f10L,0x00000000000000fbL } },
-    /* 64 << 357 */
-    { { 0x768ed0f6f74fb22cL,0xc967f6567e169c57L,0xf6c74d22e59559c1L,
-        0x0a419045556961cdL,0x97e83ef261c6f540L,0x434d28d7f523b49bL,
-        0x0f83e17117ac09eaL,0xfb02352b4a281f4eL,0x0000000000000160L },
-      { 0x78577044666031b0L,0x2aa75f54d401794dL,0xabf814bbde68d202L,
-        0xc1d18b79fd8f841dL,0xb68edc5e8c8449bdL,0x837b65b088a85d15L,
-        0x31a2c34e13249fa7L,0x2e20348e54be5f59L,0x0000000000000148L } },
-    /* 0 << 364 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 364 */
-    { { 0x1d40359e91609a61L,0x9adf4e086890616dL,0x89dd66358b14a62eL,
-        0xfaa34c0a49adeb20L,0x174689f7105a9bf0L,0xbf727a3da83a1154L,
-        0x4afe90c10d6d5d50L,0x9954d9d01f2fe4ffL,0x0000000000000126L },
-      { 0x027df2555d2ac4b2L,0xa61a555783078809L,0x6f5d2cd40237c9bdL,
-        0x7cd9f911cef7c441L,0x0d5256efabc19578L,0xd86047aff338db58L,
-        0xaa2a1b5014d7c98eL,0xbe9edffaf5e65a3aL,0x00000000000001bdL } },
-    /* 2 << 364 */
-    { { 0xfd4ac9a343d7f5d4L,0xefaf0979c99e0960L,0x49f0cee8309e568cL,
-        0x72b9d2770e83b629L,0xc9462e6b6b2c1601L,0x20fd87a59014edf5L,
-        0xf153ae0a4589a246L,0xdfc0c033d0ad9b0cL,0x0000000000000034L },
-      { 0xea4cfb1187abe460L,0xde9d0bf08e491e8bL,0x8b4f7381e7b44c51L,
-        0x5b470fd4582fc6f2L,0x351d31d09bd31114L,0xae86870521911e42L,
-        0x8c25ead699c6cceaL,0x6372bb04f6408194L,0x000000000000012dL } },
-    /* 3 << 364 */
-    { { 0xf76d94ea2648a187L,0x65cd1ed8841945b5L,0xa8b8b52c6d3b41ccL,
-        0x729f4f50c03e31c3L,0x2b315b9d4d930a40L,0x32c503647c78db5bL,
-        0x53b03b69e0cab657L,0x1cb16125d343324aL,0x000000000000007aL },
-      { 0x0d0cc220cbba148cL,0x21e13a15066281e5L,0x304904e6ae6bb049L,
-        0x9ed34cf1580464daL,0xb1c66d4684a6cdaeL,0x6ad36012751e42a6L,
-        0xfeeed4dcc89edbbeL,0xd9897853a31a337dL,0x0000000000000002L } },
-    /* 4 << 364 */
-    { { 0x9f89743c7de96ad8L,0xb36af506b0e3c020L,0x92ba9b369da8c48eL,
-        0x3b06a6c914e3dda7L,0x4ad7dbd9d035a505L,0xfd87c28a5825e565L,
-        0x1f117e6b5633716cL,0xcef5e5d6dcd99a7fL,0x00000000000001e9L },
-      { 0x839ba6957fed2cecL,0xba25c337132c54ccL,0xf032353e857c3815L,
-        0x9119f2e5b3b42940L,0xcf21d2c0fecbf8f8L,0x66b09ab9b5bafb4fL,
-        0xdbe05a703946ff07L,0xb83571fc2d9ba878L,0x0000000000000018L } },
-    /* 5 << 364 */
-    { { 0xf62c03a397de0e00L,0xf48d1de82611619dL,0x15d1a317721bc870L,
-        0x6ac60d814ed06bf2L,0xb8bc2ce0890cdbd6L,0x7810822846f4b48fL,
-        0x04ef830c287c7697L,0x32961e64a49838daL,0x00000000000000feL },
-      { 0x97cd5e96d8551d19L,0x68053374b2b1fd05L,0xe3013cfcccf9a8f2L,
-        0xcefdd29f981fa6c1L,0xef3a4ba402683ffbL,0x2e945f5855edc412L,
-        0xa4a58e25bfd433f1L,0x621ef049513f74f4L,0x0000000000000120L } },
-    /* 6 << 364 */
-    { { 0x9e1fadfb16822e74L,0x601a0218e2fde79bL,0xfaf91c0fcc11fb66L,
-        0x39b3d9cd38141aa4L,0xaecee4237b5e91a7L,0xe78c36baa418ff4aL,
-        0x97ffc63f7f084d25L,0x8d9f7b524160ab02L,0x0000000000000079L },
-      { 0x4460a50327772a7bL,0xca164baf7bb4b563L,0x576f7498cf894432L,
-        0x62af7b73b7c21ef1L,0x6559cd67a1ff287dL,0x366d49030189b834L,
-        0xce4f2dd602496d3dL,0x140a8383d27b4ffdL,0x0000000000000125L } },
-    /* 7 << 364 */
-    { { 0x16a826340847c82eL,0xb70042545f9a9912L,0x798f9e628d0b4dffL,
-        0x65342a6503c638d1L,0x4f20eebe5c54e53fL,0xc14bbfc9f840e2ccL,
-        0xb7bdaec4bf5122a8L,0x36f7770447b6ee89L,0x000000000000014cL },
-      { 0x1a055b39452878a4L,0xec912e63a4357006L,0xfa8318c8ffc61cedL,
-        0x2b0d1441f05c5661L,0x0b31a6b7f197ab70L,0x69d91f5999bc8257L,
-        0x62ce77826b1fe057L,0xcc37b64e8fbf4a9fL,0x0000000000000160L } },
-    /* 8 << 364 */
-    { { 0x73c9ca8c32bf47dbL,0x9914d5863827df79L,0x594400907e5d5d65L,
-        0x1fe4f4bdcc1f4322L,0x8e14f73d38ad9ffeL,0x4b47c892eea079b5L,
-        0x753f974ac9bd577bL,0x4231ef4ec3271dfcL,0x00000000000000bbL },
-      { 0x871424ac14bcaefdL,0xb1b24d5c97355e9dL,0xd38496396b934706L,
-        0xe90a821ca8c892f6L,0x884df6cc145aa180L,0x0dc1730e4c7dcb49L,
-        0xdad8a1ef67744185L,0x444de13badd5ca97L,0x0000000000000008L } },
-    /* 9 << 364 */
-    { { 0xfa51638c3342c8cfL,0x0f68b9af3860e485L,0xea4d914d06cd5f80L,
-        0xd5a9b6123d548a1aL,0x19cf167328c71d7aL,0xf88496f3e3ea941bL,
-        0xf7458d464cd8d096L,0x40a7eccdc3a72c66L,0x000000000000009eL },
-      { 0x017e43b0f067b7ebL,0x0e89bb59ae8610feL,0x0c2437f2b2bc6765L,
-        0x58c0a84449bf2eedL,0x723b0a50c13a6053L,0x3c2f581a1d1b46a0L,
-        0x2a930c3a68e9e875L,0xf6144dd459874673L,0x000000000000013cL } },
-    /* 10 << 364 */
-    { { 0x501c908869c2c724L,0x114cd1394d26e7e7L,0x2c8e71896128092cL,
-        0xd379c77c98d95167L,0xf4dc94f8c54fd3c2L,0xcb5d6568d61f0a9dL,
-        0x57e935c0222d29c5L,0x19707d68e5ebead7L,0x000000000000018eL },
-      { 0x0ca3d650df704c4bL,0x3a11092f9e7fbd89L,0x94accaf17b93a0dfL,
-        0x5e2ee6fc7a3cfa2dL,0xfe64b185e29c1ab4L,0x450622cc0dd624bcL,
-        0x19b6dace885fe0efL,0xbca6ee1159121790L,0x0000000000000026L } },
-    /* 11 << 364 */
-    { { 0xc3561d8aba77ae3dL,0x9668544884e9a9faL,0xd02a219cfabb2bc7L,
-        0xf05419ff19500a0dL,0xddec1e04fd9db302L,0xe8163eed27bb75e8L,
-        0x167a448cf55bedacL,0x0674936fcf331bb5L,0x0000000000000112L },
-      { 0x6fdd6a8f05915d9eL,0xd10aba566bc230bcL,0x3d08b2be6495b1deL,
-        0x1a677d3e25d490f3L,0x5435cabfabbb4e9aL,0xb1b88fe09dd066faL,
-        0x4143d97f96ad240cL,0x84d22c1a8105c161L,0x00000000000000bbL } },
-    /* 12 << 364 */
-    { { 0x50c7c1f5570b56deL,0xc4ec2d0e45e64231L,0x30d743c79fc8812cL,
-        0xc156a390336a6837L,0xed05f8e2ab56ec07L,0x9f31cb93c6ea8f39L,
-        0xb4e6d426fe637c9eL,0xa2940274a1068079L,0x0000000000000131L },
-      { 0xe90e065d0de0a523L,0x6a732029e7aa66e1L,0x54d8e21335eff2d8L,
-        0x316c567a8c25f616L,0x4926a680d4d8b337L,0x5af43676371babccL,
-        0x3de2803eea35e392L,0x1a31dc8d2569c1f0L,0x000000000000015aL } },
-    /* 13 << 364 */
-    { { 0xe37816de9b725c0bL,0xcc2a89c9166bb8fdL,0x49ca0257d89fe85bL,
-        0x48fd498a9b83fce1L,0x6ba525640cf52c0eL,0x1123fbde28ef21ffL,
-        0x85f8991d4d0cdebaL,0xfe5797d8772b53b3L,0x000000000000007bL },
-      { 0x3fdf5c44dd6b4d3fL,0x5321b885e2dcd484L,0x69ce5c11dfb203b2L,
-        0xe9a482386f8935bbL,0x9fcd2c9c75cc99b6L,0x251ac714e76daec2L,
-        0x772611564802f1c5L,0xaf4e8d575d6e5d84L,0x0000000000000170L } },
-    /* 14 << 364 */
-    { { 0x7fc39bb869546059L,0x17a87451dc30034fL,0x66bd74dadc7c93a3L,
-        0xf511104bf8e0b2a5L,0xffc0b9cecf5112f7L,0x32da477959194a90L,
-        0x37f686a5fc465013L,0x4418ddc33c921bd0L,0x0000000000000074L },
-      { 0x60e891417cca9624L,0x924e88461d0c45a8L,0x63575d9e03f81752L,
-        0x39ffb99931b565cfL,0xd2f96beca087029bL,0xbf5c66a0dd1e6fd2L,
-        0x3a3bb584a7da0587L,0xeeac3f724fc63a28L,0x000000000000007cL } },
-    /* 15 << 364 */
-    { { 0xc06eb52d95408d0aL,0x617f37aae6cd02bdL,0x605c3d6c1493be3cL,
-        0x74f50aedf516ed28L,0xe57889af120f76faL,0xcad1cd04a4bbda56L,
-        0xfd346ecbfc158650L,0xaee419b5ae3c475aL,0x00000000000001faL },
-      { 0x53ab6494eba5c579L,0x89baeaa366501244L,0x76714c0a0e1dfcd7L,
-        0xc31b6ae005ce3982L,0x38742418192bfb7eL,0xb303fdc69fa107f8L,
-        0x50f6e46723401680L,0xed7828e6032db727L,0x00000000000001eaL } },
-    /* 16 << 364 */
-    { { 0x2a7e8ac175804da9L,0x0b41f6118d50bdc6L,0xcfa0a757d8fafb1cL,
-        0x75540d94d231a6b0L,0x524440fb0c4fe03dL,0xb8665fbfce9738ddL,
-        0xbb74f6a88f1bd64fL,0x063afa3cbb8d6c67L,0x0000000000000189L },
-      { 0x259b9da4a864385fL,0xdbafc55c17c2597bL,0xde890acb56bf5d23L,
-        0xe51182c0f8455b59L,0x75d51a03c456e1c7L,0x9c7929c6b318e747L,
-        0xaf23a7f139b3ed84L,0xee136a2b910f4ab2L,0x00000000000001acL } },
-    /* 17 << 364 */
-    { { 0x0d6618c6b5262bd0L,0xd008879e083e8d42L,0x46be04761e2a0f05L,
-        0x29355fcba5a5a5d0L,0xf2990303abcc3151L,0x2ce9c4275a2b71a9L,
-        0x1c9bd913b773a173L,0x64748c121fbefea8L,0x00000000000001f9L },
-      { 0x386d740f94f39cedL,0xa22fe8b4b4202079L,0x23754fe4118f988bL,
-        0x3678c0d6fc32136dL,0x5fc81b01feb30812L,0x948119e46b9c9859L,
-        0x5636de19370dac51L,0xf614eea049b1fab7L,0x00000000000000c5L } },
-    /* 18 << 364 */
-    { { 0xd019c1759fc99b40L,0xf967bba57f015d82L,0x3cb81a604805189dL,
-        0x964ad8c7a00da205L,0xc888c43a64539ab5L,0x431eeadc9e553bdcL,
-        0xfc5527a9fb748695L,0x208a7a8bd0016886L,0x0000000000000123L },
-      { 0x5094299ba7c932fbL,0xaad7933f74be1be9L,0xfbc80552444ba30fL,
-        0x4ab16553f035fcc6L,0x364f1240c3e85c28L,0xa682343c2bb08da1L,
-        0x87f463e18186f10eL,0xa693ff1c33925907L,0x000000000000019cL } },
-    /* 19 << 364 */
-    { { 0x09f6995a1c48a442L,0x247f21612a842352L,0x31ab8596522e8ba6L,
-        0x5a378b5cda550880L,0x3cd7546920a22f99L,0xcc2308ad2a1b6f3fL,
-        0x102b70a618c84da4L,0xd4fb60db44ee1f04L,0x0000000000000019L },
-      { 0x26f00eb8c1395620L,0xb74ce39019a12c39L,0xe4942801abec4e92L,
-        0x975d591b94361e1cL,0x2996b121f3a13003L,0xcf1d269e23c37980L,
-        0xe140df82c6996c73L,0x10e9b26e40c5047fL,0x0000000000000054L } },
-    /* 20 << 364 */
-    { { 0x7dde1d1d5efb05b4L,0x6b37ab24499b96d8L,0x9a11b06965ca03b0L,
-        0x26cab3b3efe4f8e6L,0x438ff1523fa08ec0L,0xefcf8f96378206fbL,
-        0xab9c72cb8483c3e7L,0x0870abe23c21f2eaL,0x0000000000000045L },
-      { 0x04b9b4a909d596d7L,0x45d7b711168e1715L,0x86f4b7024059f9e1L,
-        0x1e23920b80207075L,0x247d24b7e32dcffdL,0x7fd7ee339b29daecL,
-        0xae0501392e5b646aL,0xf15cc9311f0b3acbL,0x0000000000000047L } },
-    /* 21 << 364 */
-    { { 0xa7585ddfcda0c2adL,0x5cec5557fbb2fddaL,0x1548595a1e228a3fL,
-        0x002f9003085c420aL,0xb68b0ae22c655b80L,0x9a41ed4526ea4931L,
-        0xbbea439a2b93a6f8L,0x37e82cde83f487a5L,0x0000000000000036L },
-      { 0x44fb9f9aa4688d59L,0xf43ccad09af2f558L,0xcb0bd99c421900acL,
-        0x6b14194f74d5dd67L,0xa515fb0e19820676L,0xbe5d2afffd020877L,
-        0x7861af502826917dL,0xee0fe35be172b2d6L,0x000000000000011fL } },
-    /* 22 << 364 */
-    { { 0xaed4feadb6cf4a42L,0x6a1bf5325717bfe7L,0x276babf2e055049fL,
-        0xe01a9b211147d4abL,0x92e2937e4d68fe1dL,0x4c40460f2682f5d6L,
-        0x7921148cbeebb6b0L,0x0f17c058d8a93c95L,0x00000000000001f4L },
-      { 0x97b9609deaf84a2cL,0xc723aedd1812bc14L,0xa884415778c0b6d2L,
-        0x5b68fd87c8fedc3bL,0x8109a51e6bec8a71L,0x476483e4a764bda7L,
-        0x7a997c16a7945df5L,0xccbfe8d8ad8f125cL,0x000000000000019eL } },
-    /* 23 << 364 */
-    { { 0x3d7957be4e45dc3fL,0xb06a358bc65dd97cL,0x63040ec31388da6aL,
-        0xe9adbf2a28e9515bL,0xfc0edda0f7900882L,0x4e1b100bb6465e9dL,
-        0x331d94772276c413L,0x95d57b9c2e8f8278L,0x00000000000001a9L },
-      { 0x163d561ce4c6e97bL,0x911f98435b29a4caL,0x1577698cc6de446cL,
-        0x48e6b4f38767f7e4L,0x126e23c51ea0038cL,0x8d52323e03c2a5f7L,
-        0x56e33850a0a2f55eL,0x5eb93209ba225457L,0x0000000000000124L } },
-    /* 24 << 364 */
-    { { 0xd797e61ad1ac73e4L,0x8b484aed7b9eb978L,0xc447ce99d1eb07a8L,
-        0xd899e82580667c06L,0xda95128239aa8ed6L,0x822cd6da7f6791f4L,
-        0x50600320ded12afcL,0x8934ec503214d5abL,0x00000000000001aeL },
-      { 0xf517b1b73737e867L,0x0ceae5828cf888ddL,0x450dce832afa92f0L,
-        0xc5fd288ac704f4d1L,0x5743e5b0f2c5c86aL,0x81bf9379d3c76ab6L,
-        0xbab459db9789efd6L,0x1d34125a28e098dbL,0x00000000000001eaL } },
-    /* 25 << 364 */
-    { { 0xe068ffa804c78d4bL,0x9d83b38317fe7e23L,0xa43422d05ffbd663L,
-        0x784837bf1788e709L,0x6a19ae5ea3723448L,0xbe6915ec36bb4307L,
-        0xe34cdcaaa29d7e4bL,0x7f3a28c031be1af7L,0x0000000000000062L },
-      { 0x3c476ec90af51a99L,0x8cd5d84f4b33e5d1L,0x4a257f60e9cd7f91L,
-        0xf6ce609ca61dd30dL,0x972ada9af1fc10e3L,0xf3e400881bbab939L,
-        0x886722f3585887a6L,0x0cb7cdecebaf6fa6L,0x0000000000000104L } },
-    /* 26 << 364 */
-    { { 0xd7d4d4e717431ee1L,0x8625a46a4dd90921L,0xf9c316c0dcecbca8L,
-        0xdbce57c02b95909eL,0xe97ae5d403ab6816L,0xab298218fd75225fL,
-        0x3434b7146592f521L,0xe5971064d7eb9710L,0x00000000000000eaL },
-      { 0xe1455ae54bfe5904L,0x15c778976d8f481fL,0xb400810f008ce4c8L,
-        0x779d772955e45c01L,0x8db56fb1e7d37e5dL,0x16686881921b330cL,
-        0xe1bce71f3b2e17a1L,0x07149446c5c3c7a3L,0x00000000000001cbL } },
-    /* 27 << 364 */
-    { { 0x3257b5c4f07663a5L,0x929494c319ff6597L,0x15af82a9765f4edbL,
-        0x483993cb5143381fL,0x6943fcf0b09287fdL,0x2fbb3117c67415b8L,
-        0xd7034c07b7c892f1L,0xf10b0db718d9a7a5L,0x0000000000000120L },
-      { 0x76c9338468458d05L,0xdf2208aca2a5d536L,0xb5a419630a99477bL,
-        0x51567562348c976eL,0xc695998909c4dcd4L,0xbbb28a3706af3fa4L,
-        0x15191540091300dfL,0xad333a273f1804fcL,0x0000000000000065L } },
-    /* 28 << 364 */
-    { { 0x5de5079168e68512L,0x6eaf85bc7be5bbdbL,0x308bfd92de4b2460L,
-        0x616a1141a7e52011L,0x9112ea97ef642831L,0x43149479aceeb127L,
-        0xf1b98d034c36c7daL,0x8eb9ffb8b493cbf4L,0x00000000000000c4L },
-      { 0x146df8d848853921L,0xf179eb875b1d03c8L,0x1a59f02db362eec2L,
-        0xe83b9f80c763c091L,0x17683a39794f86afL,0x6cd845d8f501ac40L,
-        0x873e5f099dff69acL,0x3442ded6af6124ccL,0x000000000000013aL } },
-    /* 29 << 364 */
-    { { 0xc5590498d555d898L,0xc3d1e58af00e8206L,0x499ebd23f5f2de8eL,
-        0x396cf1ae7ee84857L,0x14f61adf09b5553cL,0x8e6b51ddbf0b1843L,
-        0xc49674c2948f473bL,0x95aebd3a86d2ba2aL,0x0000000000000036L },
-      { 0xb804d00b393f0237L,0x0bb1751cabab5c21L,0x1413fa32a74a192bL,
-        0xbbb543ce65016834L,0x2d8a08b90125f257L,0x3663a514bf052c53L,
-        0xc69d8e20946815fbL,0xbfb6a7656272ee32L,0x000000000000003bL } },
-    /* 30 << 364 */
-    { { 0xaea6f72ff310550dL,0xf9e9ffc76380fb54L,0x074b3feda3542522L,
-        0x7af0bce77943f24dL,0xdbd33292ce11b0c2L,0x2e4f83e8bffe48cdL,
-        0x32a133ee388ae49dL,0x1b3521eab2f1f673L,0x000000000000007cL },
-      { 0xc4ae5fe493f8a0c0L,0xfaf94f2b69efd7b6L,0xc5838b693296409dL,
-        0x98330b32525a280eL,0x174ff22814c11c9aL,0xc8e5b0912047f8feL,
-        0x15d70d58072b06efL,0x8dcfcc607c7eed95L,0x0000000000000088L } },
-    /* 31 << 364 */
-    { { 0x00d6f3b0bc8bc4c1L,0x369b84bf4048d8deL,0x0faa2409e1ade43bL,
-        0x0fdb76c28c01adbeL,0xdccfe4b7706c272cL,0x4407382cb8f26255L,
-        0x07a11518539912a8L,0x1dca7e6519fca10aL,0x0000000000000091L },
-      { 0xd012c49634100b1fL,0xbbf05b6d90c5a9c3L,0x574bec951ae000d1L,
-        0x0006bcb031af3f21L,0x4efcfd1c01b77496L,0x0d7de152d781ba22L,
-        0x404117375fc20376L,0x4b1ef6553da0d8d5L,0x0000000000000146L } },
-    /* 32 << 364 */
-    { { 0x6e1b7d0b35e16743L,0xcad975b354d72c65L,0x78f7434a453b8906L,
-        0x8d140cae9690fa05L,0x6c8e152a31fe6bffL,0x1721155e418e415aL,
-        0x73b115dc77693d9fL,0x1274ea409bbecdf1L,0x0000000000000134L },
-      { 0x5953c5fef3354b80L,0x1e60a291bcda146aL,0x1e20c5c571ebe5d6L,
-        0x0bd949bfce4dfd53L,0xe489a64483280185L,0x819082883743f2a4L,
-        0x6126ed3581ec227dL,0xa4aab2907ff6cfefL,0x000000000000012bL } },
-    /* 33 << 364 */
-    { { 0xfb1b1a6cf4b320c7L,0x8cdac3fdb49695b3L,0x7c408a7acaba7e3dL,
-        0xdebef05ebf18e5f5L,0x806100c4ea74f06dL,0x3a0632a981be0875L,
-        0x16729db36099042fL,0xda8ade1d095c77f4L,0x0000000000000115L },
-      { 0x44e85000f9515d7dL,0x5ebfe250cb748746L,0x09543f257df28b44L,
-        0xc39738d79bb0b64eL,0x75a2ff624e839850L,0x690b6ea356b25b71L,
-        0x6e23e1ff783dca86L,0xcb504c26dfe0ea77L,0x00000000000001a9L } },
-    /* 34 << 364 */
-    { { 0x08c2ce64b4d5547bL,0xeb6567bb7570811bL,0xd2d7337a3e351a31L,
-        0xef2e55f1e1dcb4d2L,0x87a1f20bbd45eadbL,0xb378609624c1cffeL,
-        0x4aee03b50bf03514L,0x56417387fd881168L,0x00000000000000bfL },
-      { 0x8d047d51fca2895cL,0x82ae96e1da4c8e44L,0x95a9a423cfd2216bL,
-        0x448c829927592c95L,0xf825d63f8fc79200L,0x074291671bf6baabL,
-        0x0ff441a2842248bbL,0x20f55cb3f2c6bed7L,0x00000000000000a4L } },
-    /* 35 << 364 */
-    { { 0xd0dcc4d999045a60L,0xb160c98a07cee1b6L,0xbe8cff874c5b2888L,
-        0x70d351c7798a555dL,0xad3b4ed6fe119e8dL,0x9757616c9c6c31f4L,
-        0xc52176c7462106d7L,0x77fddc8df2ad67afL,0x0000000000000131L },
-      { 0xcf84d1f92610cdb3L,0xbb418eb03591c4f0L,0x0b494ecbde10bf20L,
-        0x70bf152917d05487L,0x566b9d733ea9d353L,0x93597d749bccb340L,
-        0x803844ce3462181cL,0x1786dd011a14d060L,0x00000000000000fdL } },
-    /* 36 << 364 */
-    { { 0x9c89e7cd382cccb9L,0xe53e72d7ad6eeff4L,0xa3f5e6442aa88cbaL,
-        0xb469c241d0a71546L,0x42273290f1c278adL,0x28a6cc29c0ea960bL,
-        0xe580ae1c9ff3b57bL,0x1bc9463b7b46d573L,0x00000000000000a9L },
-      { 0x810616e386692079L,0x486d7875765a87f7L,0x85a742aae0ea3788L,
-        0xd2c1955ea491b157L,0x1258547a517fc3a4L,0x69856b22b73f61a8L,
-        0x5dc2140349f00472L,0xafd5b26dde8c4751L,0x00000000000000ffL } },
-    /* 37 << 364 */
-    { { 0xaebc5a8a3c902e8aL,0x0039907bb2ff532eL,0x6bdf54a1854fbcc5L,
-        0x47e47af3bee412e3L,0x2366a7967b1e5aaeL,0xb2727457a8752568L,
-        0x2a5bb5b73e2d49c4L,0x43fd4aba846e36b9L,0x00000000000000dfL },
-      { 0x07fd53c858bf3f4aL,0xf5d34130b3725916L,0x75ffa232665c44d7L,
-        0xb016eb7dbc13d752L,0xfafa7dfaf6e37ef0L,0xdaa24625b805e1adL,
-        0xb197266153688d53L,0x1641661f16cb34abL,0x0000000000000027L } },
-    /* 38 << 364 */
-    { { 0x298160581c03281aL,0x75d01a189bd0684dL,0xb81bb844686e7da9L,
-        0xd71a3c0bc40baf8aL,0xa4b3a9cedf1cf9aeL,0xf3bea4bbb31c2e29L,
-        0xbf969b09628d5818L,0xbb1228938a88b8b0L,0x00000000000001a4L },
-      { 0x1a053aeaf0bdd2abL,0x3f1e00a781b5cb4fL,0xbf606681ee3eed67L,
-        0x30882b9db7a8958cL,0x4c4ba93ff0f63b80L,0xc55305cfe4dd1958L,
-        0xc7980ec98839886dL,0xd0baf2020b84f8c9L,0x00000000000000c6L } },
-    /* 39 << 364 */
-    { { 0xc169b72d1a9696d0L,0x79d5eab70f71a373L,0x78392dc783d9401bL,
-        0x27d3106e64b017d5L,0x2ce058abee26b0c0L,0xf22292a464858df3L,
-        0x77df2276a825f6edL,0xf5c2e794c745605cL,0x00000000000001d8L },
-      { 0x5842cad01e3262dfL,0x46c2d6695f54d3ddL,0x62f0553f0317e888L,
-        0xbbd1443d6a562002L,0xadb380e016279319L,0x1748e13513a945d9L,
-        0xd2681a0e43efa572L,0x38243ccf1668bf58L,0x00000000000001dfL } },
-    /* 40 << 364 */
-    { { 0x58b0739464e7b370L,0x20ef7659a93df058L,0x7ac8f45caa81fd2fL,
-        0x90c96baf8a23f6faL,0xe9598d129d6246a6L,0x75d74776229c6106L,
-        0xc6d98ba922f9ac4eL,0xf8792c97aab500aaL,0x000000000000012fL },
-      { 0x3264168025617adaL,0xd86e42c0a6be76d4L,0xd5b8928f0df9cdabL,
-        0xedf03a9f72787fbeL,0x257c8c9ab5556315L,0x97848014e655dc92L,
-        0x06634000b2992b0cL,0xe138f022e211ecceL,0x00000000000000d5L } },
-    /* 41 << 364 */
-    { { 0x1cf9d9c562b826efL,0xde0751a348e1c189L,0x733c861c6c5c6359L,
-        0xa75beab65162e6f7L,0xd84ce05b9aa1c7e5L,0xb69b230c41121218L,
-        0xc120a79fc1206f23L,0xcdf5ec7b4bb91988L,0x00000000000000ceL },
-      { 0xaf493f97a913ee89L,0x19e21de5ac7f1f20L,0x7f0754187bdd0e2dL,
-        0x439565b4bbab0c3dL,0x84fabbfddaab4827L,0xd5a718839b957b40L,
-        0x65dd01abff3ed391L,0xe83562f3a0eb441aL,0x000000000000002aL } },
-    /* 42 << 364 */
-    { { 0xf532d6f892fc2c85L,0x1a97475f9caf0c74L,0x44916ac4803e9c82L,
-        0x80f014aac9945b50L,0x9ebcba5a4b8a8324L,0x9637f84bbfc2d0abL,
-        0x1d7908a96150d329L,0x389543cd86b92024L,0x0000000000000035L },
-      { 0xfa7fca4ff8d0e456L,0x248bb158f3de61a4L,0x1df7b5ebd5327ee7L,
-        0x374c2f0c2af8ad25L,0x51f3a8052aa22e38L,0x373e647638aa0576L,
-        0x2dd8f6d1b9f97a4cL,0x6ee1f4bee073724bL,0x00000000000001bfL } },
-    /* 43 << 364 */
-    { { 0xab26101395d029a2L,0x9f45cf6c13c9832cL,0x1e2e6b3ac91c3af1L,
-        0x91dabc8d3d494d57L,0x038545e9d43ae977L,0x5ead75a54db2d953L,
-        0x5efdfcc5311df140L,0xee39830768154467L,0x000000000000013bL },
-      { 0xb485d389e6691cbfL,0x1c58b2e497046a1dL,0xb29aaf67b741e05eL,
-        0x6874c8a5612c46d4L,0x52630bffc1e99d9cL,0xe43b1e7b0eab9a81L,
-        0x9478a8cba64b601cL,0xa70734a2196fee1bL,0x0000000000000002L } },
-    /* 44 << 364 */
-    { { 0x3587f767bfa255dfL,0xfc983ef16af83cb0L,0x5659537ddb44c3f9L,
-        0x12c8477b4f59440cL,0x3e19703bd25c5fb5L,0x4cb6e3973476d63cL,
-        0xe96e9d7e04a21d13L,0x02e48301348ff11dL,0x000000000000015bL },
-      { 0x2940b770d2f12b6fL,0xcd619390a18a0f70L,0xcdd831ab0615603bL,
-        0x0e20657a0b4b54a5L,0x8a8ff290eb63b419L,0x6e48d4c674903abdL,
-        0x8478c94ff92d7568L,0x626c5a4784711d96L,0x00000000000001ccL } },
-    /* 45 << 364 */
-    { { 0xaa734cc4102a3487L,0x3ebd19d83a09e6d1L,0x7a5e991c510cc7d8L,
-        0xce45833c76adfd7dL,0x77c3dcda166b0b39L,0x5ba724c159d056b3L,
-        0x6b925b8a841ece2eL,0x568a6bf7a7f90edfL,0x0000000000000139L },
-      { 0xd0b1c8c1322539a4L,0x1e34c638530b052aL,0x6905b2added5b43cL,
-        0xe7b28e65808ea0b7L,0xaa066ef38d84deddL,0xdbd9101db7d82120L,
-        0x9ab79b41f1b84018L,0xf4772c849e4ca179L,0x00000000000000cdL } },
-    /* 46 << 364 */
-    { { 0x38bc3f9dadeda939L,0xa31d9bba85bb4ee6L,0xced24b2e359d0796L,
-        0x50df5f0d6683d656L,0x976d878c99e37319L,0x6c283c459b607d4dL,
-        0x8ed89d1d9ce07db7L,0xbe380a9c0bb04d85L,0x0000000000000198L },
-      { 0x32a3bf77e788dc40L,0x7efa9172473ae393L,0x405f0a92035ff1faL,
-        0x92e3f9ce4bc2d463L,0x925514e40a2021f6L,0xcd3b486a24f17a36L,
-        0xb3d53d04f3613476L,0x71c3f97fe77820f5L,0x00000000000001fcL } },
-    /* 47 << 364 */
-    { { 0x852f1fbcfb7f52b7L,0xb0cc00e8a5216d54L,0x8672df32b5963f15L,
-        0x762e9282a02e8cb0L,0x4d7014de28e19483L,0x00d4fe7499924b2eL,
-        0x3774ec31f8b18141L,0x0420a9c17157790dL,0x000000000000007cL },
-      { 0x911b65954e573db3L,0x32acdb9fa20c4d41L,0x711a9ec71305a54eL,
-        0x9c3d65a366d148ffL,0x625f52948fe247d7L,0xfab2043c4670bf1aL,
-        0x12582823a07de38eL,0xafb1eded5b959f06L,0x0000000000000129L } },
-    /* 48 << 364 */
-    { { 0x5d8c23c4ef873f3eL,0x2a29d680ce7bae33L,0x5109e098bc00fc8eL,
-        0x9bf92efc3cfad961L,0x272dfa3362036bcfL,0x5abb516cc2b13688L,
-        0xbfad4cccddcb08abL,0x05945b934f260709L,0x0000000000000043L },
-      { 0x67fe093b08a5f87fL,0x5f8e248a6c6fe1b1L,0xf54f710ba3b887a2L,
-        0x12e1b68790f7e972L,0x7002bd70429cd6c6L,0x0f010d4ae896b58bL,
-        0x44fb054b1a7f5713L,0xb9f3026865508714L,0x0000000000000173L } },
-    /* 49 << 364 */
-    { { 0x65483a1ab5c1fbc2L,0xa155ccbd53bb27d9L,0x9094f0ed3d5359f1L,
-        0x362abba1d9f40d89L,0x8d7bc1e7fa134421L,0x636633a976bdfe89L,
-        0xc6ef5d639c5869b1L,0x8e7ba642480bb0a0L,0x000000000000000fL },
-      { 0x88d645e1d0feed4dL,0xeb4adfa1c20d0d63L,0xe2209996fb1b2e2fL,
-        0x87d28ed192f8ce53L,0xed470981ceaa7a0dL,0x85aa8a0d90cf06b6L,
-        0xc60e34c958714ef8L,0xc8981d2c3809d2b1L,0x000000000000012bL } },
-    /* 50 << 364 */
-    { { 0x72fc8211bef81f27L,0x537a557025bf42deL,0xcf4897acb921c86dL,
-        0x5c8699ef53e61dbeL,0x8035b6a21224893dL,0x2898a3da7493e0eaL,
-        0x513c67d938bb7c30L,0x061bd9489096e40aL,0x0000000000000045L },
-      { 0x6dfd6e4f28d8262cL,0xa5e899779626f8faL,0x96ad23672ccf3544L,
-        0x942edf03854002f4L,0xbb5cc34da9661773L,0xb80cf020b8d08e21L,
-        0xaf4b59e6c43a0450L,0x808e168e090b9341L,0x00000000000001ffL } },
-    /* 51 << 364 */
-    { { 0xa21298f924d00a8fL,0x72bfd3d362d44b6cL,0xca5b5295b39fb777L,
-        0x5825f273d6c47ffdL,0xff94e450245eb6afL,0x6bc3a25b526f6540L,
-        0x7e2ab869326c3a3aL,0xfe19c44598793894L,0x0000000000000048L },
-      { 0x458eaf5d312c9130L,0x799818f21bc835f0L,0x9a0379fca84cf15fL,
-        0xe1e881b333eb47eaL,0xe8f388c96c148464L,0xdfd0331bf918dd3cL,
-        0x0fe9948d37c326bdL,0xa2e594354fdeacd5L,0x00000000000000b3L } },
-    /* 52 << 364 */
-    { { 0x167a44a4f48d1a6fL,0x17bd533c0674b096L,0x608ef0ff851af68aL,
-        0x853711b006c5a744L,0xe673db4b76e6aafeL,0xa818d41e84bb4967L,
-        0xce0648d4874cd99bL,0xe54897de3fd7bffcL,0x0000000000000121L },
-      { 0x4459a34f07254e0dL,0x134eba30898bf5e9L,0x7ee5ba719c1abf50L,
-        0x66a612de34bf7003L,0x78acbb6315d9f945L,0xb6d28e14bdb7f451L,
-        0x689d24f8b95c7028L,0x6483c9b4ebadf135L,0x000000000000004fL } },
-    /* 53 << 364 */
-    { { 0x822f612e68d5a09eL,0xacb6e113a31bd8cfL,0x2c3ad4eae8d17d74L,
-        0xab51cf8edfaf7e2eL,0x449183963772dca1L,0x62a617efa96de321L,
-        0xf09187352e20c698L,0x6e7a487e6bb591eeL,0x00000000000000deL },
-      { 0x1d33a89b7db906a1L,0x4091e01471dc64dfL,0x0540b534a58cc14dL,
-        0x849222c707396a5bL,0x58aef7eb775ea99bL,0xce7c63f65f302c6cL,
-        0x7a1e02cd1b867273L,0xebc4857b3743b723L,0x000000000000017dL } },
-    /* 54 << 364 */
-    { { 0x0671c7e112ca894dL,0x6b0a2c88c57f111aL,0xca88bfaf1721a2c3L,
-        0x61cb31da9a514c04L,0x4514bd8599b99880L,0xa9f46871a2059f8bL,
-        0xec4e6edad93af5b5L,0x1cec9d601d560d16L,0x000000000000017dL },
-      { 0x6257f235a79d25f3L,0xb1979a667f90a7a1L,0xb38545ac0679b79dL,
-        0x0703d6507dbe20d3L,0x5b88e91e64a68386L,0x7a5629c6c91e584aL,
-        0x0915e551ff339016L,0xf8a9e56d23a0500cL,0x00000000000001a8L } },
-    /* 55 << 364 */
-    { { 0xee27859c0521098aL,0x970c4051d872b16eL,0xad0ecde9c3c5bbf1L,
-        0x019f0c2c4b149f15L,0x9a5a4e5503a6d0d6L,0xa52621d2895c64f2L,
-        0x707aa7e689956400L,0xbd0e5a053795410bL,0x0000000000000181L },
-      { 0xdc51bda6b2a3e2a5L,0xde72d588cfe02f6fL,0xb18b4bec1be05194L,
-        0x68f8b786d6037923L,0xa494a1c4415279c0L,0x0e51e168a5aebb47L,
-        0xe79a88f04a96a716L,0x1feb112e1d788449L,0x0000000000000186L } },
-    /* 56 << 364 */
-    { { 0x281825f0af90c0edL,0x508b8ef58b11c46cL,0x3cb0e5a0ff67b87cL,
-        0xee6365c9a50bdce9L,0x3f933c55f589fb98L,0xf7950a283567064cL,
-        0x21e677926924a0ffL,0x6d5be0aa7eaceff1L,0x000000000000005aL },
-      { 0xa914263d816da5c1L,0xf5a6429d6a464081L,0xea57f436d831fafeL,
-        0x23641c3901b9ece7L,0x661d8811e2403f65L,0x023481f7816a7a7bL,
-        0xe93d5b84dc13eaf9L,0xacb875252dee995fL,0x0000000000000011L } },
-    /* 57 << 364 */
-    { { 0x7bac8a1f71752fe1L,0xb6ee08d1ef8dbcc6L,0x3fdf644ebb0a75a5L,
-        0x51e3c1eea521e7afL,0x920792c578e167dfL,0xbab8522244800674L,
-        0x02e31bbf3cb5b8f9L,0xf0bc9665b24b43c1L,0x00000000000001b8L },
-      { 0xc3b8ebc338cf85bfL,0xb1c104d25af1dd95L,0x2bdfd6dcda6cbd8bL,
-        0xe6ac454268e06800L,0x468c05305cbf5287L,0x65a8a23cdc2a274cL,
-        0xe44faf739e3692d8L,0x88b9600a9770e1f0L,0x00000000000000b9L } },
-    /* 58 << 364 */
-    { { 0x78186f42d20e93e5L,0xf882de3b52cb40b5L,0xe02c79387365549cL,
-        0xbc1fff4ede0f24f6L,0x4716829f33e8fb70L,0x487999c200e2d58cL,
-        0xd32e04f967046452L,0x5c6c7d0f139cd04fL,0x00000000000001a0L },
-      { 0xf5210c69ac33a880L,0xd32472219054b79bL,0x399bf1bfb9b9b279L,
-        0xb145a7345fa2a328L,0x70cb655f6a7cb853L,0xbb5c9d5edb9862fbL,
-        0x239fe8d6762ffc06L,0x912d2a518fed6745L,0x0000000000000084L } },
-    /* 59 << 364 */
-    { { 0xcb67ef37ff6c372bL,0xe9425af5c428b56fL,0x7854e7f36ff3a356L,
-        0x5965c0105029b282L,0x493d32f7fc87cae6L,0xc7ad7ff9dfc472e3L,
-        0xcd9ab378d8bf71a9L,0xc49c4707acec3621L,0x000000000000005dL },
-      { 0xe4c80149cf6db5aaL,0x52602b84909b1173L,0x36ce666e6714c0c4L,
-        0xc72ae2b5f3bdddb5L,0xbb0d0ceb584464efL,0x78bd6e2e92cdc8abL,
-        0x77107721019f02edL,0x7dbc999bec0397b9L,0x00000000000001d5L } },
-    /* 60 << 364 */
-    { { 0xf252109992d52590L,0x30ed7b6d4f408844L,0x4955bd8bbba75995L,
-        0xd37937658cb5aec0L,0x1261cf5df69bde61L,0xce174a491155e67cL,
-        0x7a1dcb85672e120eL,0x01af5025a31f4618L,0x0000000000000194L },
-      { 0x5d88154d535c4264L,0xcf3544f8262baf6cL,0xcb20720cd283226eL,
-        0xbaac302321f39572L,0xfe4b16de5314be46L,0xfd21b184e3413cb6L,
-        0xd03c87359ac85ca5L,0x0ca26710bafa0f60L,0x0000000000000084L } },
-    /* 61 << 364 */
-    { { 0x502241e716f77078L,0x6bfa20aab341ccc0L,0xf1778314d15149d2L,
-        0x7bcaa76057a09879L,0xdf92e0fc69388438L,0x203a14ae7744871dL,
-        0xe7327d6a7937eee8L,0xa319cc7ba9d12fdcL,0x0000000000000126L },
-      { 0x909ce004523922bcL,0xd1da8fd14423b041L,0x7166e840ec1fd1fdL,
-        0x7c04a7938d916182L,0xafa25c31611e6ef9L,0xaecab8083296fcdcL,
-        0x5483703b06078065L,0xd008cd2df0c882a0L,0x00000000000000f1L } },
-    /* 62 << 364 */
-    { { 0x0e7d946f1dfa75e8L,0xb1e329eb0eb8e7cbL,0xe1df4442ba80dccfL,
-        0xb3a29cdfc142cb7aL,0x3712a3cb0e5e7f49L,0x7037fc67a1f9236aL,
-        0xf049ac787833129eL,0x638fe65adac94ad0L,0x00000000000001a9L },
-      { 0xec8ac9e743be67eaL,0x84d8f6db517473c1L,0xad9de5dbc4ec6612L,
-        0x2f7ebb78e15058b4L,0x129353c9adf4076bL,0x7dab2a69d2683ad0L,
-        0xff049895a4228a12L,0xd0348267bb32f462L,0x0000000000000067L } },
-    /* 63 << 364 */
-    { { 0x2e0d4e523c99d98bL,0x2ef5e71343e2da00L,0xc0c2309974663959L,
-        0xc9df3fc467c2cd19L,0x5da2f192ba2721c8L,0x8702415febb5f418L,
-        0x4db2fd402eec0530L,0x2295bd8643c2146aL,0x0000000000000174L },
-      { 0xe7a701ddd762e18eL,0xca06d33a84fe83ebL,0x168dafbfc46cc2ebL,
-        0x398e74542544fc12L,0x4bce2b7d0e00ca94L,0x2488fa21756ef9e6L,
-        0x8e5b79ce4e3f6937L,0xbf90406a0a5d699aL,0x00000000000000a0L } },
-    /* 64 << 364 */
-    { { 0xd414309fa567339cL,0x4ee5c7a8dff5fbcaL,0x33d8e6c3064cc887L,
-        0x15992eb4ca553cbdL,0x3d733bb4459da20dL,0x98c2de2ea682b305L,
-        0x68c13bed5602ed92L,0x639b79f1c3bf7b46L,0x00000000000000b5L },
-      { 0x93de5e06289407e1L,0xa8f2b4e1b05a27beL,0x9d07927a9f5a6be0L,
-        0x9a5d02e2f1b97f94L,0x320db20df2dabbb9L,0x991313330c14980bL,
-        0x44845e16f888e761L,0x1baeb18063a5538fL,0x0000000000000196L } },
-    /* 0 << 371 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 371 */
-    { { 0x55417ffa525abf32L,0x1ff40e1678067dfcL,0x431a0ae12795ea6aL,
-        0xc3de691cef54c597L,0x60a0c51b95f9d2bbL,0x30840ca982772f1aL,
-        0xddaf460496eb0344L,0x03a9f6f48615d783L,0x0000000000000035L },
-      { 0x74598cb233edcfa4L,0xbb866bc9de9dccdeL,0x0c4831162a673bb2L,
-        0x3eddd388fee306a7L,0x8785a002c80eb5b9L,0xe2bd81f71937371fL,
-        0x501648595684a105L,0xf0f3fdde1f26e0dbL,0x0000000000000119L } },
-    /* 2 << 371 */
-    { { 0xa8c68b9d76bcd267L,0x95f78ca896362c64L,0xbb8302f303603f09L,
-        0xf15b0d54272622b9L,0x4cebfcd197692826L,0x4d29d2b119c758fcL,
-        0x4703bb56e11ac4feL,0x7152abd536b53bdbL,0x0000000000000060L },
-      { 0x68ac983427bede63L,0xd5c6c405e54a999bL,0x3d763e32231e8eb0L,
-        0xe36ca2ff47c7edb7L,0xd9f185058d2b6016L,0x4e576eb060d55105L,
-        0xe3e9f24976e3f591L,0xd5bf8f0083ea6a2cL,0x0000000000000157L } },
-    /* 3 << 371 */
-    { { 0x19167b042f78b31dL,0x0bc39ff3ee7cf690L,0x1ba8b94e84229ddbL,
-        0x3246debb20f057feL,0x48ca85514add6cc9L,0x8b7f118143ae3103L,
-        0xb668a2b5a6c8bb6cL,0xb64cc5c6b9096bb4L,0x00000000000000dbL },
-      { 0x9c55192350f09302L,0x9d4b2f64b0cd8facL,0x5082aef750c652ffL,
-        0x8bcd4095cf098fe1L,0xa0548bd149d1d0daL,0x88bb345714f1bd75L,
-        0xc0d5ee3412d51f96L,0xbf0bc99b3428d838L,0x00000000000001dfL } },
-    /* 4 << 371 */
-    { { 0x43164d3a02079397L,0x2a3fd379490d948fL,0x79ad8714635e0c5aL,
-        0x5ba9289871b5cf85L,0x1babc5a1956bead4L,0x5408a355ff6d701dL,
-        0xd924d7a369570fe3L,0x60d41a46831755afL,0x000000000000000cL },
-      { 0x7ccfe1a4ec2f26c2L,0x549a32be85ebc29bL,0xe183ff35d46e8b7bL,
-        0x0e8dfc66d421604eL,0x1ab4332cb30ddee6L,0xad4b6b316c35cea0L,
-        0x1d9c4df7856f9258L,0x65882c90850f81e4L,0x0000000000000052L } },
-    /* 5 << 371 */
-    { { 0x55a5a6ccdddca192L,0xb38bb7287b3e7f50L,0x7b9a20026c38d9d2L,
-        0x1d2b51021b932082L,0x999e6e2237f9c375L,0x4479906f28599828L,
-        0xf2f530c4a190dd77L,0xedf7a92bd90a48c8L,0x00000000000000a7L },
-      { 0x1f671a64995e4d4cL,0x600bfd00452d4641L,0xba5ff839569ac924L,
-        0x0b7be6fdbe11e6a8L,0xd6254f776167c3fbL,0x9ca2fb561db1833fL,
-        0xeaf23c8a2f38a1d6L,0x5ae79637580328b8L,0x000000000000007fL } },
-    /* 6 << 371 */
-    { { 0x14b97da09278f093L,0x77b62eb2aaf50774L,0xc94c47e5595788ebL,
-        0x3f6fbf17e78a7acbL,0x8beaed91d648cdaeL,0x1402478db0281eeaL,
-        0x06f48d3e057a9cc4L,0x9a75cb7b56f972cfL,0x000000000000001fL },
-      { 0x74749b84a7049117L,0xee6187df275efa96L,0xc8a4dd7fa7daefb7L,
-        0xc2a5680ff26b4deeL,0xe64ae23802c8ed96L,0x55d8e7bdc75ab457L,
-        0xc29f93f613daad11L,0x7e485b3f10ef96b4L,0x000000000000001cL } },
-    /* 7 << 371 */
-    { { 0x1c9e957789aec483L,0xba5e770a1bf4467fL,0xd7526f872451b462L,
-        0x75016fd27032ba28L,0x2dabd34d28d9400bL,0x061fcf0b059924b3L,
-        0x7b10c93f7ffabc41L,0x0036de6be31e7493L,0x0000000000000138L },
-      { 0xbc1e36684cf1f0a5L,0x7ee63407d00afe1fL,0x6cbde6d008365960L,
-        0x547354bc69072183L,0x6034bec0b1ac8702L,0x87fd85e523bfc10aL,
-        0x4324629f3e70e47eL,0x297e13f8b293881dL,0x00000000000000a7L } },
-    /* 8 << 371 */
-    { { 0x27cdf0121f91a935L,0xa3a2d0ab9b1da866L,0x62bc6ad520c6250cL,
-        0xe637b6b235233aaaL,0x3921e6a2e5109b06L,0xa24b99c558d73641L,
-        0x33073b25d3bd99f7L,0x60fad5fec0498cfaL,0x000000000000014aL },
-      { 0xb187185263080bdaL,0x8270739112d3fcf0L,0x770b113c7b3cd673L,
-        0x2cf6e741ca843432L,0x77c74d8dd75af1c0L,0x979e1fd4a0c24279L,
-        0xbf05a641f335ef51L,0xd7ec205d26b269b7L,0x00000000000001e0L } },
-    /* 9 << 371 */
-    { { 0x4a39cd1170a3f57bL,0xf7fad21a6293478bL,0x764c268bcdefc0feL,
-        0xa00708591e0f3357L,0xede58f82eb1922d0L,0x892fff77f01c6ff9L,
-        0x7560da0994b99265L,0xfa2a8b7655cd790dL,0x00000000000001a0L },
-      { 0x654458aebe04cab0L,0x54ae24c556d74126L,0x57a824ee98adf4c2L,
-        0x40bad2871153f8faL,0x6ccafa8041c1dcfbL,0x04ca0dec0f0d346fL,
-        0x823065b4b8909c28L,0xa2e9d0ed691fc92bL,0x0000000000000108L } },
-    /* 10 << 371 */
-    { { 0x12df8924cdf52775L,0xd89749666e3bc06fL,0x7f3310ce3e68cf93L,
-        0x0a012c7f97117fe2L,0x65288f5ba16adbb8L,0xb1e26bb892bc7054L,
-        0xa6833ac98a63d1c7L,0x5f3b945a5de7f156L,0x0000000000000176L },
-      { 0xeb8958990dd3a366L,0xef27b635958aa6f3L,0x8ef1df5f1dabec19L,
-        0x871fec8b0f53bdd9L,0xfbb413be9efe0c6aL,0x06e372b6aa16add4L,
-        0xdd08c66fa945e423L,0x66c1b806f3b12febL,0x0000000000000166L } },
-    /* 11 << 371 */
-    { { 0x933b1a154bc2cb58L,0xac8e7a848ef1d6b4L,0x70260e4618701778L,
-        0x57de74846479f950L,0x978936a560f27f7aL,0x4e7bb94ff6be0506L,
-        0x1457516e3fb3ea20L,0x0441479c4f869273L,0x000000000000017fL },
-      { 0x685fe4c987220437L,0xfa0bfbb2e943a125L,0x6fa0b3ed370ece4aL,
-        0x93c118d6dfd5cc92L,0x6030a716ddc2f6a4L,0x0a8ac606b43868e2L,
-        0x297b0af0c5884f2bL,0xd1a4017575bdb5b1L,0x000000000000007eL } },
-    /* 12 << 371 */
-    { { 0xa200e9eefc3de00dL,0xe02a24d1d3a22751L,0xc793c92ead1898f2L,
-        0x46ab743bb70f915eL,0x274fed3cd9a716c3L,0x292a43535c0d17a2L,
-        0xe7619f937874c664L,0xf21dbab53e3c8169L,0x000000000000019cL },
-      { 0x6d19c5de10f6e0d1L,0xc8d263ffddffa70cL,0xac7886e640a77aefL,
-        0x22bd9cf6d4a9191fL,0xc53a3301624532d3L,0x8edfa100fa74a13eL,
-        0x15f04d3357701dd1L,0xd5cfd2ed793d4da4L,0x0000000000000170L } },
-    /* 13 << 371 */
-    { { 0x398ee0581ecd73b7L,0x2f0d408133d6ed24L,0x1fdcc54b5fdbdcf0L,
-        0x0395f23a4c72a862L,0x367f52079a32bf9dL,0x5b0e3a0c52b644bbL,
-        0x1a611bc7d98749d5L,0xf33a5068dbd98abbL,0x0000000000000171L },
-      { 0x2e997900353531a4L,0x61b43baf887ff703L,0xc7f77d0a186f6196L,
-        0x1848d88b69925319L,0x5714b501bc49f4fcL,0x8fea9fe19f096741L,
-        0x967d954bbe08a7bdL,0x3924cd2b8379598dL,0x0000000000000187L } },
-    /* 14 << 371 */
-    { { 0x627f65fd51ed20ecL,0x1c31d4a36dec3a4eL,0x8f222ec0ea76b32cL,
-        0x890e15c3bd5a76a5L,0x236174697a3e2d67L,0xbed29d6dd8178f45L,
-        0xd61f7707c90e2df7L,0x31c286dd91be7739L,0x000000000000008fL },
-      { 0x7ea9ae7ce3d9f5a5L,0xcc26143e9dda23c5L,0xc231022efd1ef741L,
-        0x66e91f63dc1fa1dcL,0xe831781e364d03e9L,0xf2247b2b629af703L,
-        0x08f7eb82ae2b773bL,0x7c543051a0a208b0L,0x00000000000001d3L } },
-    /* 15 << 371 */
-    { { 0xb761f9dacad555a5L,0x1158077a4c08bebfL,0x20eb5340d9178836L,
-        0xa017580fc9cb0f56L,0x6398ac5dd6a9dd78L,0x8c61b607b81a037dL,
-        0xaeff0fa89e9b6cb8L,0x87114bb165251d54L,0x0000000000000047L },
-      { 0x54fe66cde6d7bffdL,0x691934c952cbec15L,0xeec20a71b2822a05L,
-        0xca8eb263df0d5327L,0xe64d4637b7c3f818L,0xeafa8d4f41fffc65L,
-        0xbeca4d821438206fL,0x5b1e7299b08e6da8L,0x00000000000000d4L } },
-    /* 16 << 371 */
-    { { 0x55a64b0a30239552L,0x447c6e084bfab408L,0x43cb43277063035cL,
-        0x68afe121d293b9eeL,0xa975707bed50a41cL,0x15a6a8be4488f96cL,
-        0xdbb6a3d81bf798e4L,0x0de2f103b5e600c9L,0x00000000000001f0L },
-      { 0xc070dab445bb5352L,0xd590d895afdac74cL,0x679fd21d37bfade9L,
-        0xe8dc87e7a0aedd41L,0x9e48f870b31dbd72L,0x21afacd8c7ea78b4L,
-        0x8ac51f26fbcf9d22L,0xb52293afde2b01dbL,0x00000000000001f8L } },
-    /* 17 << 371 */
-    { { 0x3758f2af7936635aL,0x74b798c72b40548dL,0x8f746cb7bc08951cL,
-        0xe7c48c0db90c67e5L,0xb3aecd64547b6065L,0xa7abe0f2357ebb83L,
-        0xf7870c3f514cd9bbL,0xd4d390c38af455d5L,0x0000000000000026L },
-      { 0xe3adfa666f5d6b82L,0x8aaf5a4741ab8606L,0x9f3a4e2e5c7cb83bL,
-        0xbfb5e5f97f817e03L,0xa1774513f962e421L,0xd8530e824f95199fL,
-        0xc634291ffd835e8cL,0xfccc2dcaabd346f0L,0x0000000000000086L } },
-    /* 18 << 371 */
-    { { 0x7f428dac77331596L,0xbf977f5fc255949fL,0x3da177d5c4d98be0L,
-        0x7cb4b3b7a8527c4bL,0x040683908032ca6bL,0xfab16224bb04c171L,
-        0x6660197a9c5610cbL,0x8fe2ad3091c7c2fcL,0x000000000000018fL },
-      { 0xc8df54981bc9c007L,0x9901a26b6aeeb5ecL,0x0c6cd18f85b8d02bL,
-        0xcddd3b72972a7ea2L,0x603843318c6fec2cL,0xd4200454211f8358L,
-        0xc7f5670ee44ccacbL,0x9fcb7d2d97a7417dL,0x00000000000000bdL } },
-    /* 19 << 371 */
-    { { 0xd144b65c368e0f94L,0x2aa6fd1861635627L,0x3f31fb42fe180a54L,
-        0x8883d6b30264febcL,0xe08156372a275187L,0x1b41b0ab2efeb608L,
-        0x7d4d5c8cd9209a9eL,0x059b7e52fb5e4ae8L,0x00000000000000f1L },
-      { 0x99f230bf1ae6d4a8L,0xd4305aa703d12070L,0x500e9eb3bfe7d196L,
-        0xed0419172cc4d4c1L,0x86b8ce8a7c13ad0cL,0xb98fbc926325540fL,
-        0x40a2b38df38b9857L,0xd9db5066e09d37d7L,0x0000000000000079L } },
-    /* 20 << 371 */
-    { { 0x00c31d64181f278bL,0x582351a85e31f839L,0x825b8006a74edfabL,
-        0x3d9bcb438e3019c0L,0xa05cc896415f4421L,0xfa32c6f82e7c6507L,
-        0xbbabcd82d133935fL,0xae65b063ca469a57L,0x00000000000001b7L },
-      { 0x6c872de99ba01391L,0x2905a70571855ccfL,0x9cd262192d4210d1L,
-        0x9de7f89b7aa6af53L,0x8b4cf2b2be39c3f0L,0xc563fc954e4d215bL,
-        0x957fa0bce34c2924L,0xfa619e7a4af69b61L,0x000000000000013dL } },
-    /* 21 << 371 */
-    { { 0xe46ef9e2f940c3e6L,0x54d48ea1dfd4f480L,0x35065f580b11f229L,
-        0x18835d382a2631f1L,0x986d96526284ec7fL,0xd7edda2e522a1c50L,
-        0x351d9e0abcef1fb2L,0x42a4da050d3f2923L,0x0000000000000048L },
-      { 0x65621778920b9d2cL,0xa4e48292ca599b9bL,0x705f6b5f09a51b05L,
-        0x17e2e9be14fb9f4cL,0x626f13c1fdbae0a7L,0xe0fff527a6c97623L,
-        0x0a492326e3b401a9L,0x14005f55d4c7923bL,0x000000000000014eL } },
-    /* 22 << 371 */
-    { { 0xe86339bafd804ef7L,0x0167369276bbf53fL,0x41236f2e3918ec65L,
-        0x1043b6b3c14159d2L,0x732bcb46ab04bb98L,0x88d1cb4c30d86216L,
-        0x3dca271b85ddd190L,0x927fba7b58e758caL,0x0000000000000182L },
-      { 0xca047c60f46e0e28L,0x915c93fc92b64674L,0x8fd233c6794d425dL,
-        0x028132b544a3ec1fL,0x975c8aa816509efcL,0x041ef627622584e8L,
-        0x1989a692938c99dfL,0x7704d7c7bfbbc611L,0x0000000000000192L } },
-    /* 23 << 371 */
-    { { 0xa7eaf4c895142d4cL,0x61e607a03cd97db9L,0x4763744a14981a6eL,
-        0xf54972914ede7722L,0x149141767b2054a3L,0x214aa26ecbf81d43L,
-        0x0f6799c64e524018L,0x0973267933808997L,0x00000000000001dfL },
-      { 0xd8603475f3af64a2L,0xf5e79fd58ab0f9e4L,0x691d0e631fe48f7bL,
-        0x58500c202bae9eceL,0x8867f3767fa96563L,0x5ec76c8c31bb14b5L,
-        0x4a24a4cf719e74c1L,0xa55ab3dc3018ac71L,0x000000000000008fL } },
-    /* 24 << 371 */
-    { { 0x8013eb783899c832L,0x463a9c46e6ba78baL,0x6d3a471ac9682ac6L,
-        0x599a9fb58dbd293eL,0xfabfd28a1897913bL,0x1de9fe55b9a23b31L,
-        0xdd90ed9ad55d93c7L,0x07581309290a5eabL,0x000000000000000eL },
-      { 0x54443bb9978f36b2L,0xc2c254c99f6c65c6L,0xaf9b5009f7b984bbL,
-        0xc5416eec0b97ffd9L,0x1107f9bb5ebb7853L,0x0ff4c94c9d487ffcL,
-        0x7b4f0985507ba23bL,0x0accf6dd5eb91f71L,0x0000000000000044L } },
-    /* 25 << 371 */
-    { { 0x192da2cd26f4c420L,0x572cee9631d8df5dL,0xdab3e7f5bdcf0a04L,
-        0x6a1d4dfbce93d59dL,0x61e82d140038c2cfL,0x8dcf11e453b76f40L,
-        0x0a4a89fff6fd7ad9L,0x1e290ca5ef8283c0L,0x0000000000000115L },
-      { 0xa9681e1b041ae86cL,0x8ed63e5f3f833d4dL,0x3610987bb4d3ddb4L,
-        0xd2ccde6e391b2249L,0xca83117b8d72067eL,0xe1ddd26fa6bdb2afL,
-        0x15ae36b72c70e306L,0xf98cd43ea7758469L,0x00000000000000beL } },
-    /* 26 << 371 */
-    { { 0x1a07bb1c0ac926c8L,0xdbdad1e77cde114dL,0xd677815bc1f3a574L,
-        0x5758e60628dff5e7L,0x95c76291a7501407L,0x5cd2407fdcb4d1f6L,
-        0xeb6d28c4b9472593L,0x0092a86b0b6fd187L,0x00000000000000fbL },
-      { 0x961f53cb791dec5cL,0x77e3a3129a8cd9d7L,0xcfc28c0775f8fc57L,
-        0x748ab16f531e8336L,0x100e37fe05192627L,0x9477fb71d0292d0cL,
-        0x924c1e0546a38ba8L,0x2018a9da4543f219L,0x00000000000000c8L } },
-    /* 27 << 371 */
-    { { 0xfc15c19894d6a58cL,0x6f96632933f600a9L,0x739ca01ad3897cceL,
-        0x4d55aa32f9951c45L,0xba939be9855859c4L,0x6036fd9015e2f163L,
-        0x5d186f9beeb5f81bL,0xa4fcf9103c005c91L,0x00000000000000d6L },
-      { 0xfbc5c0d24972f122L,0x98ba7c8a5c76ac91L,0x2ee0549a178b8a08L,
-        0xa4b87f877d08e3a6L,0xb79bb97e78826c20L,0xf4d47cc987e0716eL,
-        0xaf149859ce5232fcL,0xf06f3b636558ee4fL,0x0000000000000078L } },
-    /* 28 << 371 */
-    { { 0xdca43ef744ad140dL,0x18c95116f62a3beeL,0x766d5e214e144f65L,
-        0x1087ab025d99574cL,0x3bae4ddc4954da34L,0x673d2cac0ddb3e23L,
-        0xfc2f18ff40cd4d2bL,0xb67bbdbf2e578cdcL,0x0000000000000142L },
-      { 0xa3352aac08191be9L,0x24523f454fcf86eaL,0xca79a37a6eb6b7ebL,
-        0x24b8db952ce7f66aL,0xb8ba67584e8f293eL,0xf38b987a8bde44aaL,
-        0x0f3f142659cbcb5dL,0x647440675a6bc1fdL,0x000000000000001aL } },
-    /* 29 << 371 */
-    { { 0x4f553f1e50084eafL,0x17d18de4080f9a12L,0xc601052c365b8689L,
-        0xbcbc88ed44666175L,0x520b172e6e738779L,0x17cf5474d9331305L,
-        0xe5ca54f6af37d665L,0x729f3bb20505c180L,0x00000000000000acL },
-      { 0xb10c1bff0f04c79dL,0x521302ad827da287L,0x2beca71081205674L,
-        0xe817a9cc8bfc4bc6L,0x22bec5a6eb2b7888L,0x57bc24e031e4912aL,
-        0x1a575f46f1fc81a1L,0x52726c48a7f20ee2L,0x000000000000006dL } },
-    /* 30 << 371 */
-    { { 0xd9d203c4598d6047L,0xe1356b6104351a31L,0x8657a9c458b1e12fL,
-        0xcc26f6378ed5aaf3L,0x7272b2e03b6c0450L,0x2ac17670212aaa79L,
-        0x354b375423e6acbdL,0x22b9deae2a4f7adfL,0x000000000000005eL },
-      { 0x20421426b405d02bL,0x62f72a9f20ed4116L,0xb93c24e0308d525dL,
-        0x5489564edbc245ecL,0xa904ab8f3b6d7c99L,0xe4c11c4d99f5d096L,
-        0x1685220588930daeL,0xc2569fe5faef9b94L,0x0000000000000079L } },
-    /* 31 << 371 */
-    { { 0x54b7d472b9625eedL,0x96bf80ab1a3fb182L,0x29904fff4ee84a0fL,
-        0xdd03b6edb1a2ee86L,0x940f809aa2dc4daeL,0x2afc6d8d553e27baL,
-        0xc40f2a4177ffdc58L,0x8af0695509881ffdL,0x0000000000000052L },
-      { 0xbfd40b6420913ccfL,0x4fc3e9d8f708e344L,0xe401cede8f9c65a3L,
-        0x524d923b6757c00dL,0x34ae158b58ac6a2aL,0xcca4076ede97ca62L,
-        0x2504275746574675L,0x5b8c8366883cbd67L,0x00000000000001faL } },
-    /* 32 << 371 */
-    { { 0x0079a845a2fda60fL,0x6dfdf102da8db63aL,0x7d2759600148a559L,
-        0xe089c346684b9737L,0x09f865b2820bdb1cL,0x000daef6891ae57eL,
-        0x384f5eeea4f64f15L,0xdd68e4903da7e79cL,0x000000000000013aL },
-      { 0x20b7457d514ac5dbL,0xa03028fb954721fdL,0x6f20d5185c77cb17L,
-        0x28f92697ad74495aL,0x630e01566b327dc8L,0x6c5067d665832ca9L,
-        0x9c9305fbd3f6db89L,0x681013fa905fffdfL,0x0000000000000188L } },
-    /* 33 << 371 */
-    { { 0x052a6504fcde276cL,0x9ff83d3e03dca446L,0x6c456483086044c5L,
-        0x400568d5025b2693L,0xeb70c97d3644f851L,0x1c742ab829e4ac6fL,
-        0x6af46714baae2f04L,0xd4479f7478f947c6L,0x00000000000001cdL },
-      { 0x1e1fbf4082e4fc01L,0xeaa68ae275f50a5dL,0x499c4cf8e48656c0L,
-        0x3f40e8ea21124f0aL,0xc566ab479726ab46L,0xfd51c6e3f33cf47cL,
-        0xf8534cc9851da00dL,0x2d986dc979325a3eL,0x000000000000009fL } },
-    /* 34 << 371 */
-    { { 0x2d1cc7a62d628095L,0xbcbecaccf7084f83L,0x78bad38b2160880dL,
-        0x1df37a887240ee90L,0x0b59cee4ffc4d943L,0xd4bf72533ff81538L,
-        0x13ddd2ed2d735a8bL,0x70db19b11ebbaf08L,0x000000000000009dL },
-      { 0x7aab738e2d9699b2L,0xf14683cb590a2690L,0x70724263822d9936L,
-        0x814b413b358857e9L,0x9b284542f4d1fbe3L,0xba341ce4894486c9L,
-        0xecfa29df24e844b1L,0x8c25f4197db398e4L,0x00000000000001bfL } },
-    /* 35 << 371 */
-    { { 0x0989fd6fa3f8bfbaL,0x02117ba75cf7c0eaL,0x4c5844374540f23dL,
-        0x1710744e9e8e6c43L,0xdc1372b3f6438f10L,0xa0a2cb729c4e8561L,
-        0xd1bab93a68368006L,0x08b2d51c5111f2d7L,0x00000000000001e7L },
-      { 0x705118155d2f0743L,0x7d1b044ea896f737L,0x0f91e692474ba5bdL,
-        0xb3f073c2df57596dL,0xac9fdc864f784ce3L,0x935a5e29481b5c27L,
-        0xa971f3adde7a4bd6L,0xa1cffafcecf9a22dL,0x00000000000001e7L } },
-    /* 36 << 371 */
-    { { 0x1b626aed7e856756L,0x4c02b4f05910510fL,0xa2a90de9ad139464L,
-        0x83ea60047ae191d0L,0x1928f46a9ab9cb7aL,0x5534f73888c91d27L,
-        0xe0031a2f2b97814cL,0x85b9dbf6280ac4a1L,0x00000000000000b1L },
-      { 0xc4c2339403d60f12L,0x946f2de54e7af304L,0xf6586026d0fd54c4L,
-        0x19818309ac2c7138L,0xd9892eb25758d774L,0x451fc66b1c44714fL,
-        0x3f25ab9540fc9e5cL,0xe56efc7a8aac7a22L,0x000000000000016eL } },
-    /* 37 << 371 */
-    { { 0x84f0e7a3cea4d0ceL,0xa7728bf113707f9aL,0x1d933350247981ebL,
-        0x34f0f2bb7bb094eaL,0x2f1819ad7e307990L,0xc52e823c730a56b0L,
-        0x29203f56f2cc5b6bL,0x065fc11932c1430aL,0x0000000000000079L },
-      { 0xc38deb590a0c113dL,0xa8e60a9b5c85b7fbL,0x1b4a907f44e567caL,
-        0xa57c9bff9092f1d5L,0xfa8d7fa56e0d6c5bL,0x559ae140d6c660a4L,
-        0xfabdb4288cfb6e11L,0x54cb7688b87dda9dL,0x0000000000000065L } },
-    /* 38 << 371 */
-    { { 0x4cdf8a5640802856L,0xb093e241a4a7480fL,0x576c0cf150b6457aL,
-        0x14ff4a8b058e9d35L,0xb21d8c190109ed61L,0x7e5665920c1db4afL,
-        0x36ba4ef915791634L,0xcaf371a71d77afa0L,0x00000000000000f5L },
-      { 0xad4eb0fd4602316aL,0x4c1a0bfbe55635f8L,0xce0ed653ee1f570cL,
-        0x8073dd5e35096165L,0x98a7d8c3635ca5ddL,0xc5c250773c9e3650L,
-        0xe1fcd377487c2433L,0x3319733e097d8560L,0x000000000000013dL } },
-    /* 39 << 371 */
-    { { 0x304c6914e1dea7e4L,0x41d73698a178321eL,0x8282c3544499c318L,
-        0xc89303ea889a1aa1L,0xf22db4e07f57871cL,0x4674f5c53ce03a4eL,
-        0x6691881b63513ca4L,0x94a96d0fe012c78fL,0x00000000000000c9L },
-      { 0xc3ecade9ef232dcaL,0xddd2a751d4c84690L,0x2f25657a9d3d585aL,
-        0x87c2944a846e84c1L,0x1d698bf57907e091L,0x65c42161a2f220f5L,
-        0xcff188228c247a7cL,0x3391b401c1c4a35aL,0x00000000000000ceL } },
-    /* 40 << 371 */
-    { { 0xab14f586b69e066eL,0x3d8308fe198d67f6L,0x9bc53a0cbb4ecfc3L,
-        0xa2057c4059a3b558L,0xd21e271d18789187L,0xd6d29ba1562cf2b2L,
-        0xa247ac0da5521075L,0x419bb80c0b39367fL,0x00000000000001b3L },
-      { 0x0950c5ca7fce595fL,0xd07ff0ef4ee87d4eL,0xa2ed463145b980f1L,
-        0x6bc63c99587079e1L,0x285d306134f889c3L,0x93c029ade97b8a76L,
-        0x048f151b1dc86800L,0x69c5d19225bbc4ecL,0x000000000000007dL } },
-    /* 41 << 371 */
-    { { 0xd3f0afc8bdf94481L,0xc2e80a6c7e877adfL,0x640e4c028b332b2cL,
-        0x48e6df1ddadae6eeL,0x2d21985cbe6727cdL,0x508bcca2a0c64c31L,
-        0x2357969462e25c17L,0x2d968e90833629fbL,0x0000000000000074L },
-      { 0x0b400771bf0004d1L,0x0dd2ba8f732ac6c7L,0xd2763f3ee9c8ebcaL,
-        0x5a8ce5f4b4da65e4L,0x1e35a7e4fe30cce6L,0xa06e97884b791927L,
-        0x73f83c9a9857643aL,0x67fa51e3abdb7475L,0x0000000000000180L } },
-    /* 42 << 371 */
-    { { 0x4b13370446e00296L,0x58469825ecf84fdcL,0xe74203b87facef7bL,
-        0x54e0d777083cae38L,0xa4793f4b884beec4L,0x9a8ad2accc02badfL,
-        0x290844ff9959c92eL,0xf20beeebf615c267L,0x0000000000000004L },
-      { 0xe05d9d8869641a28L,0x612febd9d4942cb6L,0xc4beed25bc912c67L,
-        0x2823c041b15d0758L,0xb4a3b23607b1ef19L,0x6d93041ca6fcb0e9L,
-        0x291d2e3a5fd96b41L,0xc8d023c0ad731fecL,0x0000000000000177L } },
-    /* 43 << 371 */
-    { { 0x69db450ecf05454aL,0x525c58ba75dcc6b7L,0xabeeb3bd0f61f7ccL,
-        0xa7f6efe0d44b4aeaL,0x18229e9f49553eb7L,0xb2a463ea04fec5cfL,
-        0x79b8b43a90bd5c0bL,0x4d51d7f82413ad3aL,0x0000000000000077L },
-      { 0x0a5e7644b24c675bL,0xb2bc3292baddaff6L,0x7e9b435708757e9fL,
-        0xa9fca74e7dcf5d67L,0xe472ad966fb18401L,0x0bf3fccaf63d812aL,
-        0xfb195c5c96de8f40L,0x2301c12a4d363556L,0x0000000000000164L } },
-    /* 44 << 371 */
-    { { 0x853466f88199c13bL,0xdd186f3bb0442634L,0x6d825347e8a180a5L,
-        0xf311344bf05ea1c4L,0x543f9e173f1923f1L,0xafe9831ddb31fbf5L,
-        0xaac76e2e3fe85ce1L,0xcb2c4b1739f665e6L,0x0000000000000026L },
-      { 0x3f57a6d775b32737L,0xbab11b99a81e2c0aL,0x8b08cbcc651dac3bL,
-        0x889d9229f60dda2dL,0x01f560868c1dda9bL,0xfd2f6e052a872c52L,
-        0xd3107bf129a751afL,0x1817e8dd467418d0L,0x0000000000000142L } },
-    /* 45 << 371 */
-    { { 0x7c9274e1d1cb0137L,0x01a8534b7cbb09a6L,0xc6c9af57e5131af1L,
-        0x8fab2771d276194fL,0x28137f5170cb22baL,0x5da5963a1723f388L,
-        0x7e695abb9271a05bL,0x5b529cb96f26897cL,0x00000000000000f5L },
-      { 0x6740acd14d086e85L,0xee755ca560ddae0fL,0xc088e52bb4ff1a7aL,
-        0x297fabb504dc5ab7L,0xff60a2d3d794648aL,0x6c6db4ae62e808e5L,
-        0x0d8e99f3839f623bL,0x7578d594663b07d6L,0x00000000000000e2L } },
-    /* 46 << 371 */
-    { { 0x5dd4c07bf5fdc2eeL,0xbcec9e0dd1d27deeL,0xaffa6445e7512c4aL,
-        0xd6b231ba13b92689L,0x0bd338d613334d2dL,0x9bd0284664cf3419L,
-        0x0d52aaf854f6723bL,0x976e912d4b5a9b89L,0x00000000000000cbL },
-      { 0x0948483cf4895aebL,0xa34bdf41f41c95caL,0x85e0ef7f3df7ae66L,
-        0x2815167549268058L,0x78edc00d1b0440b3L,0xff99353b86ea5b8dL,
-        0x6b678541865c84ebL,0xc40ec092b9391588L,0x00000000000000a9L } },
-    /* 47 << 371 */
-    { { 0xa7b60f40bc65e597L,0x37cd630e90841defL,0x58baffce898b2bc7L,
-        0xe885f4a0581ac6c7L,0xf964d08319b9fb1aL,0xf4a5ad855b3ac282L,
-        0x90717aa56443f6a9L,0xac47726ca0dd88c9L,0x0000000000000182L },
-      { 0x3cdce286373ca424L,0xa7aafe97d673367fL,0x0c49b41131deeda9L,
-        0x847dd95df6d479a9L,0xaa72287549401096L,0xb2a054cf08697d21L,
-        0x1b72fdcf99963174L,0xb2cca97313acd04dL,0x000000000000007cL } },
-    /* 48 << 371 */
-    { { 0xa0d6c9190fdc0e64L,0xd937bde3d6679591L,0x9fe10f20a7296b3eL,
-        0xbdf41b3b5deae5cfL,0x6e5b59b969a28c2bL,0x17c81d3b37854490L,
-        0x61256f231f7560abL,0x2696b1a3d3960a12L,0x000000000000018eL },
-      { 0x5ec3263c732ac301L,0x6a9d57cc6da756ffL,0xb613de1323d4d5c1L,
-        0x90e38bc60196d425L,0x68ed94b6587d8458L,0x332f6403561f02e9L,
-        0x0b27d3cec8e40caeL,0xe9390832106640feL,0x000000000000019dL } },
-    /* 49 << 371 */
-    { { 0xe79632c57658c9c8L,0xb1f037013bb06475L,0x5bb0edce86ba01b4L,
-        0x06572eac16fbe169L,0x2c8e64c3a5924068L,0x7ede0ffe23732feeL,
-        0xa4591159b92acbf1L,0x1b4f74c83a486e3bL,0x000000000000011aL },
-      { 0x0d82a706815e1bc0L,0x06a4c7551a01cb3cL,0xeac6109da5a2752fL,
-        0x9c365f91d94f2e37L,0x20cdddbd3616120fL,0x92b19f0c53afa50aL,
-        0x7f2c06d314dc5f36L,0x5a35a24d05dfe73eL,0x00000000000000ebL } },
-    /* 50 << 371 */
-    { { 0x2940829b80478312L,0x6d88f23799ba7c9aL,0xed75717d55f305fcL,
-        0xf6234707f1c984b6L,0xfe0a83681e1eadd5L,0x793a987e7a7b7a56L,
-        0x13e0532a73a9a0d3L,0xd848c44c039e4c62L,0x000000000000004dL },
-      { 0x31b935621a681f5dL,0x0d47a8022edb93fdL,0xa221a02ed1f56820L,
-        0xf9944066e96bcabaL,0x6c3e8d317fc20290L,0x2e17289b025a2ff7L,
-        0x868dcd9301d72466L,0xf3c79dec7f37ad64L,0x0000000000000080L } },
-    /* 51 << 371 */
-    { { 0x80badd631af7163aL,0xe2608a8f629cc578L,0x1892410d5406ae87L,
-        0xbc09e8683d5d72e5L,0x14574558087607f5L,0x00948800d06fba2eL,
-        0x060ad156ab277f3fL,0xc764bee6823c305fL,0x000000000000014dL },
-      { 0x917cc72654d505f2L,0xe7795a1811309b88L,0x081915da5c4cc728L,
-        0xe3effbf55402b2c3L,0x508c65bd11febf13L,0x816b40557ac06302L,
-        0x4c50c5415428384bL,0xbaca344ca425f49dL,0x0000000000000111L } },
-    /* 52 << 371 */
-    { { 0xefebc3458f3735c1L,0xefe2d438ca5765afL,0xfd5881b2e7d0155dL,
-        0x307995a912eee27eL,0x7b9d4f553b608fb7L,0x708a3f06ff1c1eafL,
-        0x211f548861ef1913L,0x7bca0d46345312e5L,0x00000000000000eeL },
-      { 0x4015390c5a59bc8eL,0x669a2ef16c9ea8beL,0x37929e3112ae532fL,
-        0x6de9c6360a87cc7fL,0x676cd09d6c8c1ed2L,0x35aa3cabb7391859L,
-        0x4a95c14768a7d508L,0xda6e0209342e55abL,0x00000000000000c1L } },
-    /* 53 << 371 */
-    { { 0x85cf89c2f55b9236L,0x96d932f8623e2b82L,0xbbbaf4ed76def064L,
-        0x15ba1b2b59036e92L,0x1a2bc54b01f493c0L,0xb1dd70b1dbf80e4cL,
-        0x165dfa44fcd048d4L,0xc5f38ed45a7a26fcL,0x00000000000000efL },
-      { 0xffdb58f7756de9cbL,0x562fdec0964e7b0eL,0x40aff120746111edL,
-        0xcfc66bfe369b2314L,0xd4bd6928d1966fc1L,0x0e4f2a7e7aa9bcd0L,
-        0x7e4b8b6bd7888e90L,0x0bc4574aa4d094b7L,0x0000000000000192L } },
-    /* 54 << 371 */
-    { { 0xd94caad6bf3e4eb9L,0x940077c745546cf9L,0x23828c7cccb72d42L,
-        0xa06e1dd3e7fd28f3L,0x736bbc49c6a02e4dL,0x0aca0d8e8dd80a94L,
-        0x1e7355bdceb1aba9L,0x33cf05a96f071875L,0x00000000000000f6L },
-      { 0x87b3066dd067d6e7L,0x05db3ffab697139aL,0x681dcd62d8d90d65L,
-        0x9710f9de2cc68eddL,0xc7d09e4f9b997b9aL,0x496208d612c858e7L,
-        0x78dfdea3f1692d2bL,0x8ac90137e2dc87f9L,0x0000000000000114L } },
-    /* 55 << 371 */
-    { { 0x28dc28c979900f5dL,0xa2e881e24e099d79L,0x0d7885bbc60cf219L,
-        0x72bc84f5273c738dL,0x9321cc7f255f875fL,0x8e9b118bbc4969afL,
-        0x6886bf6250d698a4L,0xa31bc597d162494dL,0x00000000000001f8L },
-      { 0xdbea4f4c2ca3c41dL,0x7058c9c296f26b6dL,0x6ffbc7e3d72b2797L,
-        0xf15734a58075e016L,0x8ae59627d4df5cc5L,0x942ceaa51c4364bbL,
-        0x63d829e0d5a8b20aL,0x214a81864f8e049eL,0x00000000000000c2L } },
-    /* 56 << 371 */
-    { { 0xc0df77af85724c67L,0xcc83a425dd94fbe7L,0x6923e6ffe4c0e0ccL,
-        0x3dad274320f8571aL,0x7ba73c28b62ef81bL,0xd60f9232838d2f78L,
-        0x49a10395a7a6f55aL,0xc655ff3e8f133f51L,0x0000000000000075L },
-      { 0x5789909e2d6ab713L,0x5410badca52cb233L,0xbd3f37fe63454a5bL,
-        0xc71998f0977b8cc6L,0xc70977414b81b017L,0x1d37afe2393bbc02L,
-        0xc1f809b6d7cc8c20L,0x18920c3706ca3cd2L,0x0000000000000154L } },
-    /* 57 << 371 */
-    { { 0xdba5d98ececb3b2fL,0xfb97226090e743f2L,0xbd6ce397fe42c950L,
-        0x28b067328d584404L,0x980fb92181815117L,0x02054320454978d5L,
-        0x0563def626ab7bf0L,0xf531752a8c7146eeL,0x0000000000000140L },
-      { 0xd5cb7c6a87f97b5aL,0xbc242e6e9e1a8cd7L,0xfdfb12e765cee902L,
-        0xd2e3803a56a42f2aL,0xe8ac69ade9206ed8L,0xfb57c402668b14a8L,
-        0xef8f858c226e171cL,0x5021b98bec8fb4fdL,0x00000000000000d5L } },
-    /* 58 << 371 */
-    { { 0x2449088deebada79L,0xa23a4de43ccdafb2L,0x78b6631a789d4228L,
-        0x419af03cb6ffabffL,0xfa3699ee13133cb5L,0x737ec4d896c22a36L,
-        0x32edef00af55b6baL,0xe6f1c72e96e0d6a2L,0x000000000000011eL },
-      { 0xc0d0be8fc4de6c1aL,0xb7eede852cb83932L,0x65c116ca5f89a922L,
-        0x77b8e6aff6c6c162L,0x7127e0625a82e691L,0xb9ae11c241062230L,
-        0x64716a12cad22949L,0xd6cb5ed80e142596L,0x000000000000000aL } },
-    /* 59 << 371 */
-    { { 0x5563c8044eaaf6d0L,0x83785e884d61282aL,0x2d19641075b9e703L,
-        0x738abe2a67031bddL,0x7351a702392114fdL,0xd74621a2b438377aL,
-        0x224da5806c76f049L,0xa7ce99ec732477c6L,0x00000000000000aaL },
-      { 0x6e0e5a3a38bca0cfL,0x576efbc8ce259960L,0xfef2bf2e07a2c533L,
-        0x0c374e7b37f23263L,0xd8436d82f9603370L,0x5afdbcd6f047d841L,
-        0xa40d0067db50a26fL,0xfbc47928c1287fd3L,0x0000000000000133L } },
-    /* 60 << 371 */
-    { { 0x10c10e89a4f78e1bL,0x0bf7c82eae25d4f8L,0x198522759bb8dd0bL,
-        0xdeccab587ef26c90L,0x51d20addcf49361eL,0x997a0f9909827779L,
-        0x102a745d200dafdbL,0x98e1484b723114d0L,0x0000000000000034L },
-      { 0x3df6bedb00b69cd3L,0x7bd05f836f56e429L,0x9d31ea08762b3f9aL,
-        0xef84ee087204e805L,0x20d6c20de5a264e8L,0x85b6881ad7fc3279L,
-        0x8cff29870dd12086L,0x43898d6cbcca4f36L,0x000000000000007cL } },
-    /* 61 << 371 */
-    { { 0x8fdc9befa560413bL,0xe9ea9e2031f2730eL,0x8f3b05243a61d0e5L,
-        0x2932274c6f9d4628L,0x36d58f3218df923fL,0xf66083b38611bc64L,
-        0x6348e55c2d53743fL,0x69059a3b79693090L,0x00000000000001abL },
-      { 0xd72bb101f0d34585L,0x22d4ada32f8309f1L,0x19c6543bdb11c225L,
-        0xab0ba09d5349e6fbL,0xfa38b0c8fd6bef5fL,0x40e20ab68c5ddf83L,
-        0x28351a4d2e87ae87L,0xf51f0b52b8ff6cf6L,0x0000000000000024L } },
-    /* 62 << 371 */
-    { { 0xf768cfa5b3ce1936L,0x82c193e7cb0845b2L,0x0c2bbb74fc4dec8cL,
-        0x6f0684557438b1bcL,0x7d7535bb62d4a96fL,0x40c7498bcced8820L,
-        0x1ac733eed2c44657L,0xbc9de98f03f077d2L,0x000000000000004dL },
-      { 0x0db45688d55b796cL,0xa2f1857c7be53b69L,0x4df73c3c4671711bL,
-        0xfe01dc6cd27fc313L,0x2f770bdcc11c8592L,0xcc8eb844ac8593b7L,
-        0x8163d65855437a70L,0xe6072e3b4b436e88L,0x000000000000014aL } },
-    /* 63 << 371 */
-    { { 0x6a90b471803837e5L,0x18d7ef7345c32e26L,0xe5f4a8575ee5bdd5L,
-        0x5d0201d0e7e31757L,0xd856baa14b111dacL,0x6e346ca66b462db1L,
-        0x45ea4fb338b88b95L,0xde8cf5a046477f38L,0x00000000000000f1L },
-      { 0xce05bfba7c2ff5b3L,0x27291f1f1f7a8bd0L,0xc7620f3025a57de6L,
-        0x1847ea5c759e1d2cL,0x02ab7ec1e3774792L,0x3807be6e22b81177L,
-        0x389ec8496c206771L,0xf5c4fd984a375d6fL,0x00000000000000cdL } },
-    /* 64 << 371 */
-    { { 0x9d590ca72a708597L,0x5ea564a217c45d92L,0xa7098ca409f8d031L,
-        0x231c716117a9a6d9L,0x5919a777951ecc81L,0x9fb5df367ab0cd85L,
-        0x7f4d2d7a2b6b445cL,0x73a2764668251f9dL,0x0000000000000037L },
-      { 0x7bc56153e9e14113L,0x4747084f030af56bL,0x865abbe91efa69ecL,
-        0xaf6534b5da5d565fL,0x40549f0bb0001866L,0xc451348f812351afL,
-        0xe7323ae9190eb107L,0xfb3fd76fbfc098f1L,0x000000000000001aL } },
-    /* 0 << 378 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 378 */
-    { { 0x7ef1f62ccf0f33caL,0x225317b7184de5d6L,0xba7645c1260fc821L,
-        0x522c34f2d057844cL,0x53282114c4a6dff0L,0x6d3d84005f6dbdbdL,
-        0x165e4194f3fb787aL,0x210a607ac8c575ebL,0x00000000000000fbL },
-      { 0x68c834c2832c8deeL,0xcc4ff8611602f932L,0xdcfa537d456ed4bbL,
-        0x68f201750c079647L,0x972d770b8f28ecd5L,0xaa8fdbe82d099800L,
-        0x06285716ecaddb29L,0x67fa9a61d5dc6040L,0x000000000000015bL } },
-    /* 2 << 378 */
-    { { 0xe12b714e622ed5c2L,0xb1e036a7cb699185L,0x3920a7371ab44645L,
-        0x9844c8d9f5a325e1L,0xa91bea02c02de758L,0xaae624a018ade985L,
-        0x3a700e40cc31937dL,0x47c0b398bfdea449L,0x00000000000000caL },
-      { 0x04213750a9e1b74eL,0xa1d25057b3f7ff5bL,0xf8c7fdcc259dc673L,
-        0xa837e675953ca2b9L,0xe23e1e1fabf04630L,0xafe1f1b99889ea3bL,
-        0x40988791c4db25cbL,0xec8592e4f18669b8L,0x000000000000014aL } },
-    /* 3 << 378 */
-    { { 0x1fcf2222c7504de2L,0x7a048586b37c96d2L,0x75a974ff2600255fL,
-        0xfd8effbeea7922b7L,0x871c04531c3aeb4aL,0xe9445f23f167a3eaL,
-        0xe8b8f95431d66e47L,0x3ba0fb51b46bc080L,0x00000000000001dbL },
-      { 0xfa565b995ec9920dL,0xfeee4e89a25ec3e5L,0x8428e8ea5fe155d8L,
-        0x31b55db4caadb703L,0x1c66ace9fab8f8f9L,0x9190e7bf0f688545L,
-        0x36695f2f7ad75316L,0x6674f106c6d6a5c6L,0x000000000000016bL } },
-    /* 4 << 378 */
-    { { 0x18caff50efbf6b21L,0x0eeb65ec51f2ba1dL,0x2cd8a43f296c458bL,
-        0x04d795b29747ceabL,0x52b0bca6dc306c57L,0x39fe8ad517ec9c28L,
-        0xa4a9e3fb81a0cb57L,0xdd6933a9a638d6f5L,0x000000000000017dL },
-      { 0x9893eb50d39ac021L,0x3bf7087339bd296bL,0xa10440a7792dec05L,
-        0x96be97e7a67ad18fL,0xcf2175ae17ae5f6dL,0x70fbb8bf0b6f0503L,
-        0xbb565fadf7a755adL,0x8904f9a093ccfd37L,0x00000000000000f8L } },
-    /* 5 << 378 */
-    { { 0x971b01fc2042af7cL,0x11b2c0307449ebbcL,0xe151578f6c456ea3L,
-        0xc31adfedd9445535L,0x5dc3e787b13a3d98L,0x980db984e1bc2ac0L,
-        0x97f837868ed9752dL,0x0eccc88119cc9947L,0x000000000000010cL },
-      { 0xe7a55af26e4202cfL,0xb38c0786032e736bL,0xe315cca3db912a92L,
-        0xe02fb77c5d424e69L,0xfc196d63cee674b6L,0xd19ffd2edb4f40e4L,
-        0xb9f89932b6e2749cL,0xfa1b8b625345d087L,0x00000000000001d7L } },
-    /* 6 << 378 */
-    { { 0xbbd6b9b6fcb957a9L,0xb8cd2aac28e9a858L,0x16959f6e00533aa4L,
-        0xa81de300f05c87eeL,0xd64c0234e01f1fc6L,0xa35e2db9035bb306L,
-        0xbf57719d17545c33L,0x67cf28a2fe2c9778L,0x00000000000000baL },
-      { 0x747839247b2ee141L,0xb20fd87638107770L,0x38f43f8a115e285dL,
-        0xe4dc2337be44c1aaL,0xc0a9fdabebdb2590L,0x83b1017260412a11L,
-        0xbc0797cb6c8e3144L,0xde47a666ebc61f01L,0x0000000000000060L } },
-    /* 7 << 378 */
-    { { 0x68c60c44993f8222L,0x3242a8afcabf4bf6L,0x6151a88033d5edecL,
-        0xce5e0d4b5b66eb95L,0xd5a8ddd2df34b84fL,0x0a57559677e14d2bL,
-        0x6b8e78f78bdbc216L,0x1f6b94ac13b5a167L,0x00000000000001b6L },
-      { 0x5a252b95aaa7bcc7L,0xb0366a61ee28e333L,0x721a9b24e1fbdb73L,
-        0x4e73cf1cdc60cbf5L,0x7744e830ddbf9b87L,0x0bc943e99d8e60c4L,
-        0x48c37b3ef7aeaeb2L,0xea23eb3ac6610f28L,0x00000000000000dfL } },
-    /* 8 << 378 */
-    { { 0xc7c5d4242b72359fL,0x9aedfa4ed89718f9L,0x74773e4f858b335cL,
-        0xcccf6730b5020d9eL,0x7f2b567baaa8bee0L,0x929b3d35d1d4c7cbL,
-        0xbf1c55591d6602b4L,0x58fd96154782966dL,0x00000000000001c2L },
-      { 0xf87aa9d87095c048L,0x145af97f67c5dc33L,0x1541a34b5808379cL,
-        0xd5be204572f16afcL,0x008a4aa0a10e4d9eL,0xf75936efadb03c27L,
-        0xcda58468a6d93005L,0x1817e5bad0cfa2ccL,0x0000000000000078L } },
-    /* 9 << 378 */
-    { { 0x7fd99a18a2f628e5L,0xeec261701304cb4fL,0xf99f01680146e6aeL,
-        0xf3e3762978f53f23L,0x5fcabd21f138d376L,0x7872711aa084d16eL,
-        0x96911ccd5f3b555aL,0xf959c94ce8c39ed8L,0x00000000000001d6L },
-      { 0x2470f0a5f551f7aaL,0x7eef9b723dd57d82L,0x04110c484b42ac7fL,
-        0x6c1a12a04eb664c8L,0x47f1715711e0fd68L,0x4e51416c90d00893L,
-        0x38843dcf77b01086L,0xab132a0fbda87debL,0x00000000000000aeL } },
-    /* 10 << 378 */
-    { { 0x6258b29f813fbb71L,0x9f43e2a3d4201179L,0x04bce1fd4ae85168L,
-        0xb6919e51b37d3de9L,0x147eea3e85fe635bL,0x56f4e6e7898401b9L,
-        0x711ff12cb0b8a1deL,0xa6fa12cd8720cbd8L,0x00000000000000c1L },
-      { 0x4b5a3c99e8a60e98L,0xd8e57a658a00f03fL,0x91a8dcbbcaebcec6L,
-        0x44b04cf5355e112eL,0xacc706ab9cd62b2dL,0xd24a1f6ff56e7060L,
-        0xd5d6a2b9b0814270L,0x1f19697e0659fb13L,0x00000000000000e8L } },
-    /* 11 << 378 */
-    { { 0x6cd1913f5c97d8d8L,0xab72e99fbb94b154L,0xc288647a9049a264L,
-        0x6e9d0a5ea9bad9afL,0xc2c7f9c684af75dbL,0x171064782b1355e2L,
-        0x8b29dbe3352a6b20L,0x179974899e7c0e22L,0x000000000000011fL },
-      { 0xef8d33f97c34be01L,0x1469347f10b46c03L,0xfd1e25cbdfc7f736L,
-        0xdc1715fd11482a6fL,0x041c0ca1f7afc700L,0x513277296b2e7b33L,
-        0x820b886909015f92L,0x7fd2bd94ba584623L,0x00000000000001a8L } },
-    /* 12 << 378 */
-    { { 0xf669c4582cff741fL,0x558296d0cb12d0f3L,0x4ca064d770be227aL,
-        0x02b8d5cacf89f9f2L,0xb4e066608f1e5a13L,0xa030d85a9c08b765L,
-        0xdfeb77d6922e04e8L,0x65930c729603967aL,0x000000000000015dL },
-      { 0x70cdeaff4ff2e952L,0xbaa81ba88b6332a9L,0xe573d5b4798836fdL,
-        0x5b68b878605c5eccL,0x3f0a6abd47bc37ebL,0x823a54e1dfa7f440L,
-        0x2fc0aa7a5c500937L,0xb97b588c35953c9bL,0x00000000000001abL } },
-    /* 13 << 378 */
-    { { 0x7d789b9087b7dd4fL,0x4976f243c24b301aL,0x0f6198c9640d22cdL,
-        0x7a23eecf5f188165L,0x822ff8c203fe646fL,0xeac1adb321eb3279L,
-        0xd9d1b22e196e1874L,0xd06dc84c8fe3f31bL,0x00000000000001f1L },
-      { 0xcff3200080218f0bL,0xf427e062189bbfe1L,0x11f7040839650e1aL,
-        0x78cf93c09bd7d3abL,0x297ab5cc4bb1dc5cL,0x3cafe6cabdeb897eL,
-        0x38ba64a35508aeceL,0xdfc60e77a99847bbL,0x000000000000013aL } },
-    /* 14 << 378 */
-    { { 0x727469356d9aeddcL,0x0063b3643e937a7eL,0x4451a20aa161dff0L,
-        0xbcb491a8a3e9efb9L,0x878d694f5134d997L,0xed8ee2f3215771a0L,
-        0xe231e6705410f9ccL,0x72716750ec1fea93L,0x000000000000010aL },
-      { 0x254ea4bca45d8095L,0xb3d903725398d742L,0xe51298cff66aedfdL,
-        0xa530fd64c377e046L,0x68b31f366c7f5f39L,0x7e157769c86662bcL,
-        0x8ff3a79cde21fb57L,0xdd498d1d7c37978fL,0x00000000000001dcL } },
-    /* 15 << 378 */
-    { { 0xf72ba696bad7f9f1L,0xef0bbbbfd7bf9dd5L,0x8b8bb6f20e7a7b7aL,
-        0x86de41c7cebdc20aL,0x3be5c2c2b0e47167L,0x2cf82c5efce45a8bL,
-        0xb309beb60f8be277L,0x485f837752133ceeL,0x000000000000019bL },
-      { 0x3f0fdc6f16b88e7aL,0x6e4ead572b6edd43L,0xe1e73101ebf2ff39L,
-        0xbd513613ff830b18L,0x5803953eae63df26L,0xbc4b8e2d0f2a108eL,
-        0x624c2bdb7feb9952L,0x91ce40cc4a8ed81fL,0x000000000000010dL } },
-    /* 16 << 378 */
-    { { 0xd89de8041ba719b6L,0x9a84d6145b7139e2L,0xc2f91c87d16e4f4bL,
-        0x7adcb047bb8175eaL,0x4c301c4b3c2fe568L,0xec7dea0ce6e82790L,
-        0xcc2c78869ce824abL,0xaa0f82dc64e12c47L,0x000000000000016aL },
-      { 0x3c6dca8ea0b4332dL,0xb161c4e9d82dc4dcL,0xfda8729063029487L,
-        0xace5d0b634209806L,0xb8c940b78968ac6eL,0xb61329e9d0c0973fL,
-        0xbcb0a143b1aa99b6L,0x96b831932211ae06L,0x0000000000000057L } },
-    /* 17 << 378 */
-    { { 0xcc654c3af4fab0d0L,0x3a7193d45e93c2bcL,0xdc03184c037e85acL,
-        0x994431edc77bfee2L,0x7f840982a1d69ea6L,0x64144b55732776e9L,
-        0x6dfdd076f3767206L,0x10851baf67f36980L,0x00000000000000a4L },
-      { 0xbc53bbcd0a6119d6L,0x56f7202f83f4b808L,0x9bb6c525fc7d8415L,
-        0x4e2c95178310de3cL,0x571b5e0936d1c854L,0x624cc7f6fabd72e2L,
-        0x71eb58cdd9dc56bfL,0x9d76432a443b8059L,0x00000000000001c5L } },
-    /* 18 << 378 */
-    { { 0xb9118d534b29393bL,0x8bf825e2e9376465L,0xecc73fc2f6b988f1L,
-        0xb0431205a33b16deL,0x91cc2704f5e72a40L,0x072fa1aca15f1e6dL,
-        0x414dfb0e57824766L,0x86360addb12159a2L,0x00000000000000afL },
-      { 0x9dd10faff209743aL,0xcf7178eb7cdd7a84L,0x8e5d30ddc7e5e621L,
-        0x1a6ce1502049e4b0L,0xa18d488715cee376L,0x0db2ce2deb316c23L,
-        0x0941fda5c1b42ea1L,0x895b347c8213b66dL,0x00000000000000feL } },
-    /* 19 << 378 */
-    { { 0x13fca9016d4b4f9cL,0xd76d3bc50fdeff6fL,0xf389e515b1be5101L,
-        0xda9a159ba6ff67a0L,0xabe611a18258a9b7L,0x300fd58ae44d3117L,
-        0xf942ed560729163cL,0x6a9c601afd9b49ceL,0x00000000000001dcL },
-      { 0x01dd23e56a998f6eL,0x1e8e8da62ed942caL,0x141780e73437bc31L,
-        0x5f81d0587b25adacL,0xd166b90f7126e231L,0x9c4af4b145aaf0d3L,
-        0xb3fd98f0f33f7481L,0x98f6cb285307b8d2L,0x0000000000000037L } },
-    /* 20 << 378 */
-    { { 0x39a64d5d2fd93ad6L,0x667ff12d2637e7f1L,0xed31162e5151441bL,
-        0x9abdf9168277e2bbL,0x1b7630f0ec0a5f93L,0x89a828cc5b002930L,
-        0x912428adb246befaL,0x632b0787765dbfe1L,0x000000000000018dL },
-      { 0xebf44ba86693bafaL,0x3ad447318a12bb84L,0xc0e12abb5d02d2fdL,
-        0xccdcbc009ac44290L,0xfcc3f910ea70a61bL,0xcaed56197dbbd680L,
-        0xeca08d0b2d159763L,0x4f51a9af6d9dc6dbL,0x0000000000000095L } },
-    /* 21 << 378 */
-    { { 0x3730726c925f6af8L,0x524421fae7224ab4L,0x1aec24f0a5f4383eL,
-        0x629f850c80fe5b2dL,0x8aaca9471188c165L,0xccff714298ede9e4L,
-        0x43c517b119ab2bb4L,0xcaf6524f70094fd5L,0x00000000000001f6L },
-      { 0xdc1ec8c7ccff9006L,0x2b848d94bd3c886bL,0xf0450380462da9cbL,
-        0x5fc95f0aa7246725L,0xd8c6a8f472969208L,0x47615458614cff26L,
-        0xceb01f21dab37dd7L,0x2d5fc9084a992e5bL,0x0000000000000095L } },
-    /* 22 << 378 */
-    { { 0x0a5c77dddfc1712dL,0x94a283f3cdb8fe3cL,0x9180c2149c7ddf13L,
-        0xc61e53c7fc061c25L,0x3f2d5898ed6b66b0L,0xf956d429f2775780L,
-        0x009936172599b777L,0x275022d3315c4538L,0x000000000000006cL },
-      { 0x09ffdfe9389149f1L,0xdf706504130dcff6L,0xd5e9e831a43853f6L,
-        0xcb16e7db2c76d906L,0xfa644e731a6023bbL,0x93ccda7c56319253L,
-        0x0f36a540e75c969aL,0xe5824f21d1c63fc4L,0x00000000000001f1L } },
-    /* 23 << 378 */
-    { { 0x12a31002e3beda68L,0xae12c484bc59084cL,0x21f82d81a6320c77L,
-        0x82a9e0e6c37dd1e5L,0x672d57b4396dc114L,0xde55fbfb692cad7fL,
-        0x58613e19cea6fcb1L,0x6c1ac62e9322e880L,0x00000000000000c6L },
-      { 0x92578cedb2d1f22dL,0xdff3a47d86773c2fL,0x6bd302c02edaad87L,
-        0xa320a18615e3ca42L,0x2f12c817bac6dcf9L,0x59fab6f0e98fb56aL,
-        0x378b36fb6afdac5aL,0xb71742e57cba0062L,0x0000000000000141L } },
-    /* 24 << 378 */
-    { { 0x6372245924ff803aL,0x4c6743967c6401e9L,0x322820a88efb71adL,
-        0x49a9bb7e18386499L,0x809f13b4011be153L,0x21ea3bed1caa0e61L,
-        0x062a8eb9cb8a3c34L,0xdad37ca0d371b482L,0x000000000000004dL },
-      { 0x517e7e99425737bdL,0xf0d5129c74652ea7L,0x46e5f98b493390ddL,
-        0x889c952faccd9071L,0xc01d4483732246ddL,0x6e3982ca191b7f2aL,
-        0xef390898ec4ffa9dL,0xac0c56044dcf0ca9L,0x000000000000011dL } },
-    /* 25 << 378 */
-    { { 0xa89e9095f20520f0L,0xb661e4bf9109833aL,0x59a9216a15746d4bL,
-        0x66734a014b9b7b1aL,0x92958d4d87b01cacL,0x1fd10ccd73679175L,
-        0x12a3f35acc92c829L,0x60943f7e876f0493L,0x00000000000001cbL },
-      { 0x8920cfd084536908L,0x27c0cc691195d0b0L,0x8203d7edf0d640ebL,
-        0xc2aa233aa5db5d5cL,0x13dca3e4097a5f7dL,0x95698b5cddbee822L,
-        0x68aa3cfad37f3c60L,0xe481f4454b5db726L,0x00000000000001ccL } },
-    /* 26 << 378 */
-    { { 0x4faf81a13da0fcd3L,0xc4f41b64bf5eedc6L,0x83413747016dba9cL,
-        0x3e386d921053b061L,0xbc1f8c328779267fL,0xfae5180521378daeL,
-        0x4c355e52cf8aed54L,0xbf4cc913379b3965L,0x00000000000001fbL },
-      { 0x9681bfb7b9829287L,0x1f8e11d1d0a0cab4L,0x5eabefb67b24dd7aL,
-        0x49d30515db2856bfL,0xb7fdc303403cf7b4L,0x319eb33d9de58853L,
-        0x7c0a5c445949bdfdL,0xa4de3e0f2cc2f57eL,0x00000000000000d5L } },
-    /* 27 << 378 */
-    { { 0xcc57d8f66ee81af4L,0x0853a12ac61b41b4L,0x1c2547e7fe3ce741L,
-        0x5c804f085be4d27fL,0x470ef59f6b35897cL,0xa0ac230bf6f2a082L,
-        0xdae8427f0e65b7a4L,0xc72903cbe4637dc2L,0x0000000000000170L },
-      { 0xcaf13ad329899253L,0x4ac375937ff415acL,0xeca18182a3e41fefL,
-        0xce65d25d560f469bL,0xea0fd26a373b6eb3L,0x0261286e9b094b32L,
-        0x93f9f0b4d6c2e004L,0x6cca5edad8c82ceeL,0x000000000000010fL } },
-    /* 28 << 378 */
-    { { 0xf0b9ede34dd2d2d3L,0xb06079398c4d1ceeL,0x1ca4ec570611df8fL,
-        0x7f32d19753b914d6L,0x99b6f882dfa4df49L,0xfbe161cfb265f518L,
-        0xc6db288e40c76bbcL,0xc8970e3f281437b1L,0x0000000000000139L },
-      { 0x9d76d4a51a18db0aL,0x59e76809238445c6L,0xa0f52e646a48deaeL,
-        0x3692a8a8338904d4L,0x3fe48d48ba28d02aL,0x9f2130aab958b23dL,
-        0x210a547ecf8cd8e9L,0x46e7623e5179029aL,0x00000000000000bcL } },
-    /* 29 << 378 */
-    { { 0x53f5f5178569de0bL,0x4e6537efa3b8228bL,0x08bfd7df2c494a3eL,
-        0xa3bcb0835d18c56aL,0xe4af9a2015abd36aL,0x09e5e04722ae49d3L,
-        0xc8e36b51c397412eL,0x29196125dfd6ffdcL,0x0000000000000037L },
-      { 0x6693d42066e82af2L,0x4fb5ac25fadfecf4L,0xb164f341bc2eda30L,
-        0x04f0da03df7e18e9L,0x53e083ed285c2522L,0x2f841c4607496d5fL,
-        0x747ed61b427e3224L,0x42d48a2449331c47L,0x0000000000000090L } },
-    /* 30 << 378 */
-    { { 0x85e622f707cff9c0L,0xb8f17575de26c2c4L,0xaa599c8cbd1f2537L,
-        0xa43898660f10a87dL,0xd884accdd54bd70dL,0x4cb6081af85b6a22L,
-        0x795d0348af6068caL,0x2fa1f312111fb967L,0x00000000000001c6L },
-      { 0x80ed98b42ce0216aL,0x11debd5b76a91579L,0xe6e2957b8b468ee6L,
-        0x4342a477d5b0f947L,0xea4dce18e48f5922L,0x52271ff6d5e930f7L,
-        0x957be36854819139L,0xd46357cc2613a69cL,0x0000000000000055L } },
-    /* 31 << 378 */
-    { { 0x2110cec0704bb446L,0x5227cdf087881081L,0x471af5acf3bba746L,
-        0xc4c1c63bddaa6a2eL,0x411d5b30c65b5847L,0x428e1d0e0b7a1558L,
-        0x2b3ee41fa104910eL,0x6dfe7d92a5cb24d1L,0x0000000000000071L },
-      { 0x2d6421d20c322db5L,0x3da59b47ec01fd37L,0x0297ffe5359e020fL,
-        0x772575eb9679d700L,0x22d11608e029b068L,0x6f2151099c5d9d69L,
-        0x23ee93a156e9b96aL,0x3dd497407cf5309dL,0x000000000000011fL } },
-    /* 32 << 378 */
-    { { 0xbe58970d503cfe9aL,0x72000a862dd620a9L,0x5825b2836d0ef833L,
-        0xb88d53b7c706f2c7L,0x5f7df7cd0501f0f7L,0xf1fd2e3b2fa3b809L,
-        0xf3afd9fb557798c9L,0x9254426ab970a87dL,0x0000000000000135L },
-      { 0x577560bee8947e84L,0xc60b998cb0f49a8cL,0x81d18bef9829431bL,
-        0xeaa5fa385f48ada5L,0xba2cb72612db61afL,0xfa9de7ddf3d26bbeL,
-        0x97876d0626881c14L,0xaec866638c84185dL,0x000000000000015bL } },
-    /* 33 << 378 */
-    { { 0x8e48e4e19306d591L,0x4b6d69bfe9712645L,0x7247afac5d8aee55L,
-        0xddf6c68c41f8fc2bL,0x084113863c7c87c0L,0x120957078b0f0c59L,
-        0x46947fbebefc7642L,0x863bdf60f346ed41L,0x00000000000000cbL },
-      { 0x75b2e77916cf6d59L,0x4e9533e6bbea42ffL,0xdce016328f701e08L,
-        0xba39be402e0bc080L,0xa2f9af3ae20f673fL,0x40267291822b60a5L,
-        0xbc77e4c4dbc55825L,0xd05a9f0c76e1abf0L,0x00000000000000a5L } },
-    /* 34 << 378 */
-    { { 0x63fa956e2881ab6bL,0x5f97abe5a6d783f0L,0x344bdf96bcb29243L,
-        0x0472af080c53dc0fL,0x548e9be3e496461eL,0xe42405b45c491e0eL,
-        0x511c368dad995038L,0x8598ee29b972eb7eL,0x000000000000019dL },
-      { 0x0fdaeeaaa63dbc35L,0xe5afbb55acd56541L,0xeb3f3ef7dcfa1178L,
-        0x8ef2f4777f100925L,0xbd0f868ae3e055ebL,0x375cec42990b7aa7L,
-        0xd9208d18c2d32362L,0xdfa689dd976f791aL,0x00000000000000c7L } },
-    /* 35 << 378 */
-    { { 0x6f5a60e4fb6e4091L,0xe2350a12bb9d8f61L,0xc03c9d59633d52daL,
-        0xcf0b5d046e9e386eL,0x3ec86484059f0bfdL,0x26f396363c158dedL,
-        0x608edd54a4550c89L,0x6cb66b6cb7317194L,0x00000000000000c1L },
-      { 0x1cc8c7fdab732b3eL,0xf1855941bc3597f7L,0xcadcddc4802f2f45L,
-        0x95a6da93f7af2141L,0xe555f720ed61d1aaL,0x2a080de97297d73aL,
-        0x8e9cd2c7d3e8e814L,0xfb38e2637857c2b6L,0x000000000000015bL } },
-    /* 36 << 378 */
-    { { 0xc988f588852cd09dL,0x67d21418af218601L,0xda5f50ec0c10a857L,
-        0x504418a30e2b2960L,0x9f44ea6bf4038971L,0x6b5d406a2e458d2dL,
-        0xfc240795801e5fa5L,0x0356185cf7584734L,0x0000000000000102L },
-      { 0x7a948fd177a57d4fL,0x5de3afba2fbb8782L,0x1ae44706bcffc674L,
-        0xb97083b5563f5c74L,0xa91850575466ebd5L,0xf9c3a26cea623a4bL,
-        0xc917551994105039L,0xa570c1c1819c3cdaL,0x0000000000000075L } },
-    /* 37 << 378 */
-    { { 0x46dc6fa89638c421L,0x4cf437b157d0f402L,0x6c0b0445701342c8L,
-        0xf0b14b15d6de77a9L,0x0330a9ea2c12d1f0L,0x7ac4e03e350b8b49L,
-        0x332483357702f7f0L,0x24c3fa9da7f3df83L,0x0000000000000134L },
-      { 0x40137a2bf88c7b4bL,0x00fa0f35cc5d6687L,0x873e236070c137a3L,
-        0xbe8cf5ee9f32b2e5L,0x818f219f5482134bL,0x6c068d2515968a1dL,
-        0x7426988417e92272L,0x8754eee4604a22f4L,0x000000000000004fL } },
-    /* 38 << 378 */
-    { { 0xee6b7f37fad88237L,0x2d162f469c14454aL,0xd67666908adaa0c2L,
-        0x7aad29a762504b81L,0x550d67ce1623cf44L,0x7d50d506ae816ec1L,
-        0x56d5a4f9ffac6535L,0x0bde908295e83917L,0x0000000000000177L },
-      { 0x56a58061dd9c907aL,0xd9d7c49ecd4c54bcL,0x4a9907a4bc6a0d7aL,
-        0xeb86db82f6346080L,0xab70905fd6cc22b6L,0xe14a687600342763L,
-        0xc033b0ad1dfee808L,0x2396008039a9c5dfL,0x0000000000000089L } },
-    /* 39 << 378 */
-    { { 0xf1f290a881e90f0aL,0x458336c79f36c486L,0xa956a20dce22f976L,
-        0x027fc962a8516eeaL,0x7e14bad2c9b08021L,0x698bfa124cc598ddL,
-        0x4bcf3d871d01279eL,0x1b94b7b30114d592L,0x00000000000001bdL },
-      { 0x02fc0a2093157584L,0x92faf06480300f42L,0xb05d7c3f5318f4dfL,
-        0x1fa3eb6f3723e3edL,0x94aac7051da5cedbL,0x50d945d9cc65e3d4L,
-        0x651a7b0c7daa7bf6L,0x4e497b4681a86469L,0x0000000000000052L } },
-    /* 40 << 378 */
-    { { 0x297e708e61fbdc72L,0xf59c64fb4dcb9e90L,0x4a61f848814f38e2L,
-        0x081dabdced48623fL,0x7ca592c953b0cfe1L,0x1462ce03c049d136L,
-        0xb5642b78b47bd071L,0x99e3adbb87d24f68L,0x00000000000001dcL },
-      { 0x643879618e44f3b7L,0xc1910e8c3aa42510L,0x45de7844b07adfc5L,
-        0xdb7910a633804208L,0x77d0ec7574be91e4L,0x3e015cfce842cac5L,
-        0x11c32fa6554fec82L,0x7c43fc38829dc4ccL,0x0000000000000062L } },
-    /* 41 << 378 */
-    { { 0x02ee8b2122993f93L,0x4223000d4723ef89L,0x1c6bdfbfc16af026L,
-        0x116239f3ddb9aadfL,0x14eeb9730c4acc54L,0xf50134a6ffea830cL,
-        0x9ac616a5f1f1d7feL,0x33ffb2cf33eadfeeL,0x00000000000001f7L },
-      { 0x68c32c5dc98eb88eL,0x258448994073d0f5L,0x885f35f066b25598L,
-        0x8410c3f9269b7cdfL,0xee851ec9fb4d1244L,0xd94cf16a0f45f2d9L,
-        0x18846fd1320d195bL,0x31093265cbb27bf2L,0x0000000000000158L } },
-    /* 42 << 378 */
-    { { 0x36f55d29067f0144L,0x31518706a7088a9bL,0x58c145700c4992a7L,
-        0x38d22933424edaf8L,0x75e07014c6ebc015L,0x153a99adc1b7c05bL,
-        0x94ab96cb56b197f9L,0x86645eeeb5eea03dL,0x000000000000001fL },
-      { 0x5f97f0b5125f3db1L,0x981e52e815dc479dL,0x7ba639b09f915ec4L,
-        0x5c27dc763e5a1a0aL,0x350c904109dcfd90L,0xf571c49b5507f709L,
-        0xfa19d576fda7d982L,0x2b60baf9b4533fd6L,0x0000000000000182L } },
-    /* 43 << 378 */
-    { { 0x3fa53846346c78afL,0x3ad12e905ed12162L,0xcecabd5a086ef430L,
-        0xdcc55887eaeef2deL,0x47ef2f7bcd688b2aL,0xd4c09587a1d916a7L,
-        0x0959a988121ec022L,0xf419bde5980a39d9L,0x00000000000001faL },
-      { 0xfed8228e2d3ca021L,0xdb264c8a05dd7141L,0x637f4aa24e4d3e80L,
-        0x49ce73f1be791a76L,0xa9a2d7b25eeabfc5L,0x4961a76bd9e26135L,
-        0xa9af174a2caa9899L,0x8cfe47a6f2b4ec6fL,0x000000000000016fL } },
-    /* 44 << 378 */
-    { { 0x3c3814b8a3acdb65L,0x42cea8683ac121c9L,0x95ccdca1554edbd9L,
-        0xc8127847badd4e7aL,0x8249a372c95fe784L,0x1e5998d520661224L,
-        0xf88a1a0815019264L,0x501ba0a9619de345L,0x00000000000000bbL },
-      { 0x27bce70edabd6eccL,0xbdbf47ad41144962L,0x949d92fd302c2f1fL,
-        0x7ee6077edac7d399L,0x4b1ca3ab70cbd239L,0xbe03cf169c08640cL,
-        0x67d91ddae90bb15cL,0x989110bf3584fe3fL,0x0000000000000033L } },
-    /* 45 << 378 */
-    { { 0x1ca61c2dd76f0dc8L,0xa128cf5611e0f9f6L,0xfe51323b25502465L,
-        0x13ab91d00bc94de6L,0x28079c8f3b1e6a02L,0x38d9d80583cc5869L,
-        0xd6a83dc6dd952429L,0x37bb912864101dadL,0x0000000000000028L },
-      { 0x86036ada8abaa4f2L,0x8f29ab0d2138c5c1L,0x50ae84e55a3f84bdL,
-        0xc1cbb22a565e767bL,0x9b9f37f45a6bd205L,0xad2a69778bb3fbb5L,
-        0x53dbbc715b169cc1L,0x8695b45396820288L,0x0000000000000166L } },
-    /* 46 << 378 */
-    { { 0x957c58ab585f2470L,0x78c7130743ec2283L,0x3c996caae6b95670L,
-        0x6361761891d24b79L,0xe08b5b76a4281338L,0x77269a7a2091999aL,
-        0x83e93389d6fac12bL,0x4599815c57805e7eL,0x00000000000000efL },
-      { 0xddcafd581b749d60L,0xea0911b95dd775ceL,0xb375a06039909bbbL,
-        0x9e821684d7a4a2a4L,0xc1f34df74d520003L,0x427a57eafda0d68cL,
-        0x92e8fd75768380feL,0xc70e584b69988733L,0x0000000000000083L } },
-    /* 47 << 378 */
-    { { 0xbcdc8a861fc73886L,0xbce7b5b885f4eabfL,0xd536699712d0b54fL,
-        0x76ab760e8ac35fafL,0x5da79c8b25cb3d53L,0x435013bd284b22b0L,
-        0x7a9059fffb9c2d44L,0xc8c98a74c8283091L,0x00000000000000faL },
-      { 0xd68585686a560d41L,0x21648ff9f86d0cadL,0x79bae93500f23e11L,
-        0x92b6a5633f41bfe6L,0x1ca24a5ea6ff9d19L,0x12138d86b3a31dbdL,
-        0x7a593f3c4180e5f6L,0x7a93e4a3f75d9718L,0x00000000000001aeL } },
-    /* 48 << 378 */
-    { { 0x77d57155881b7b9aL,0x41639a4746101b26L,0x06edc878203c9899L,
-        0xe4ac1d9648d8ec5aL,0x7cec08752db1051dL,0xaf9facf257c860a9L,
-        0x94ad13ccfa3dd49dL,0x853273184e345924L,0x00000000000000e9L },
-      { 0x9956ad2c84311ec6L,0x3d494579bfb208a2L,0xaa60bb0ed8ccd0a5L,
-        0x6d3d4df518418197L,0x56386035884b2cb1L,0x7a104900464eebecL,
-        0x0785d58b72ebaddcL,0xf5ad930908356589L,0x0000000000000191L } },
-    /* 49 << 378 */
-    { { 0x9cd32d496a0eb239L,0xffc5d2115f947b28L,0xd8fc9f9147a7c456L,
-        0x0aa962f8dabfa006L,0xde49f418f9dc0c43L,0x019ab5542bf89f6eL,
-        0x1feafd6ce086e756L,0x640de15457b70d2fL,0x00000000000001eaL },
-      { 0xa5b450dfb341f2e8L,0x2b3b8dc21fa4d7ecL,0xfe158c5b65700970L,
-        0xc76f0c6c14a4d28cL,0x22b2faa32a1c0cfbL,0x63df95e94f73de9bL,
-        0x649ebafd52ce6fceL,0x1e1e64ad89f379c8L,0x0000000000000128L } },
-    /* 50 << 378 */
-    { { 0xcd7ec65fe314b91dL,0x794c5c9db6d1882eL,0x3be845c193805243L,
-        0x442f9269a76572cbL,0x6a284b3606390457L,0x5017a685566b2b8dL,
-        0x3c429a7e068147d7L,0xe6e676dc3d7d6573L,0x000000000000000dL },
-      { 0xb0e3e213d011d3d7L,0x000fc6342254ec45L,0xe1ae05778f4dba98L,
-        0x051781505eb4cfe7L,0xf48317f98c099058L,0x4aad616562e46888L,
-        0x8b24c7fae08df65cL,0xc6fdaf0725f0f3bfL,0x00000000000001aeL } },
-    /* 51 << 378 */
-    { { 0x54b4c7c446b8ad3bL,0xa20b60629f0c5ef3L,0x6bfd32c40430b0bcL,
-        0x6a9e2a3514c0b78eL,0x0de18d29d1bc6260L,0x9e69f8b6dcacf599L,
-        0xf46879ae0342f0d4L,0x3a97c39069b78c8cL,0x00000000000000e3L },
-      { 0x0d979410c49c5e32L,0xc8ea1cec45e6c311L,0x535c6afae971af26L,
-        0x2d1dfd6cecf4a950L,0x542ddbffbb1970d2L,0x8e8a91100eb842aaL,
-        0x5b8b960b6529ed29L,0x6783066072a2a6ceL,0x00000000000000cbL } },
-    /* 52 << 378 */
-    { { 0xa58e52d8f7a4d317L,0xaf23bf92dc6f7aecL,0x70121c821c520880L,
-        0xf68499f37bc182b5L,0x0edc4e6fb02b3e34L,0x4378badce425564dL,
-        0x3b74b05fe75eb0bcL,0x5a234bae599d4d45L,0x000000000000011bL },
-      { 0x3094e3c091572efbL,0xc370662f6f509233L,0xc741ef37beb6af1eL,
-        0x5e1d62655bf3bbd6L,0x39044bc61029591dL,0x05ff006b7c1724f3L,
-        0xde62a8fca492bb41L,0x9682c9ebd3f4a832L,0x0000000000000159L } },
-    /* 53 << 378 */
-    { { 0x06101e47154beb06L,0x8a47bae12dd56ba5L,0x976db80f6a6e6cbbL,
-        0x301b4afc4cb3e0c5L,0xdd64084a266c37a9L,0xa07718a2cb920e87L,
-        0x9ddf6bc5d55d3754L,0xaaedcf9b5f737e92L,0x00000000000000dbL },
-      { 0x635303c5597c9f7dL,0x1808eca68f6f1955L,0x4ab48d642f11e00dL,
-        0xa458c021206d04abL,0xa008af7312ba62a0L,0x5eeaf4ca985ad01dL,
-        0x1bcc70a06bfde38bL,0x2e6677736abc5c8cL,0x000000000000009bL } },
-    /* 54 << 378 */
-    { { 0x989800d0d51106fcL,0x414919311337369cL,0x1789e03117476c07L,
-        0xc38797d77a766687L,0x1eca11cde24df708L,0xe7932afec333cebfL,
-        0x521256dc587ca6d4L,0x175eeb6278afc48bL,0x000000000000019dL },
-      { 0x9bcc1e605a409618L,0xb09ed90848452cb0L,0xc5b18a20839bb71fL,
-        0x1137bdbf58d1f0ebL,0x4a020da2d9349073L,0x86cb98f90426e19aL,
-        0x734d928504ee89f2L,0x2f82c2c9578df861L,0x00000000000001ffL } },
-    /* 55 << 378 */
-    { { 0xe119b7ec4dc900efL,0x35ef1e2ee7f6b120L,0x6c02b0384a8f5961L,
-        0x8b99d41eea69e482L,0xe43de7767de16897L,0x48c7f64aef564cc0L,
-        0xfa0d48d3b3691c55L,0x27688e1d0cebe168L,0x000000000000012dL },
-      { 0x192bab59f1e8aa56L,0xd9bce84222664c4bL,0x73dee69a5fbb90dfL,
-        0x973907e9678eec7cL,0xa1568020dcefce7cL,0xf0a37f14c72b6736L,
-        0x3c5ce56d115d70abL,0x4c444963700cde74L,0x0000000000000027L } },
-    /* 56 << 378 */
-    { { 0xb32047f1686b8e76L,0xc292c8960fead8feL,0xf552fe3f3d1bab8cL,
-        0xdaa248af483f96f7L,0x2ada20d3b898320aL,0xc0e0325ce0ee1e67L,
-        0x4769dc2e72f55358L,0x33cb916bbf19057bL,0x00000000000000ffL },
-      { 0xc1673b3e8a2a8023L,0x39484339b3d830bbL,0x91f2b0f7fee1a7e1L,
-        0x0e2da8d5eeac1c7fL,0xaa77624c0292b469L,0x0a57d873d551849dL,
-        0x6c78f50f595c052eL,0x33be2fc03744d368L,0x0000000000000000L } },
-    /* 57 << 378 */
-    { { 0x2a44d59cb95bfbc7L,0x02721445757b2e4cL,0x9a35c0d0c4ba0fd1L,
-        0x588679287bbf16cdL,0xb250c3b6cd5c4373L,0x1334f593a72dc1ecL,
-        0xc729aec7e9dd1186L,0x7d783ee76442117fL,0x000000000000006bL },
-      { 0x94d753e01d0c3d58L,0x3c96b6b638fff1d0L,0x0165d4cf9f22aedcL,
-        0x565ce447eb09ecb2L,0x916ab8c27d1b5fc8L,0x759049861fe28f47L,
-        0xdc0172730766822fL,0x295b6799ba9ddf82L,0x00000000000000c2L } },
-    /* 58 << 378 */
-    { { 0xeb2dc700fd394524L,0xfeac25e1d144a193L,0x9b9e20d4d700de34L,
-        0xb7de3dcdcae6c578L,0xd2b130fc64b8c44eL,0x2f38b9c6c0a24c78L,
-        0xbc0c4d2339c51692L,0x09fc3bb7f0a87c29L,0x00000000000001eaL },
-      { 0xc0146d59288a18cbL,0x0390fff82057898aL,0xf50646cc1a248697L,
-        0x2866b5786190c9bbL,0x2179a3e5f18b0d82L,0xa1467d4b6d1550d5L,
-        0x3f764ac4a485f508L,0x713e87e7b16d9964L,0x0000000000000038L } },
-    /* 59 << 378 */
-    { { 0xb78b208d153147d8L,0xbb8fda83f5aba599L,0xa17bebf0692f8e10L,
-        0xea3ce68fe2f61fd7L,0xce34d743f27289ebL,0xf8dc8834a6ed4d37L,
-        0x7823bdc45a72a376L,0x84253be985ccab89L,0x000000000000001bL },
-      { 0xc52b1b18edd17c50L,0x855aa457278702eeL,0xa4df8b06f0d89cc4L,
-        0x9711592b7d65576fL,0x75ddf111029ef7e8L,0x66e25d8b3d858f44L,
-        0x61753b0680ca5a3cL,0x40b270c67025f431L,0x0000000000000026L } },
-    /* 60 << 378 */
-    { { 0xbc3f4c479d702e02L,0x6a06f96d86c216d1L,0x9469cef28c2dc6f3L,
-        0x753d64d2c98d9271L,0x7c7ec13b051508c9L,0x7b94098d95fd48e2L,
-        0x724358006bb4f8d3L,0x01d3f3d188eee18aL,0x0000000000000039L },
-      { 0x764baacf1a6a057dL,0x7d880282f7326213L,0x37c2394043d2615bL,
-        0x7e09836a6eef57deL,0x3f7e265cd790bbf6L,0x10025e4549a4f757L,
-        0x515d51bbdcb5b373L,0x05699be5f534f5fbL,0x000000000000005eL } },
-    /* 61 << 378 */
-    { { 0x7edb67b24d9df16eL,0xbeb1fd5b9697647eL,0x47a1a16ea9c068ccL,
-        0x2c834cb2b36fc492L,0x120019eb5e7d068fL,0x34074d5a2e4afc37L,
-        0xc2e75a089febffadL,0xf789c01d12a0b113L,0x00000000000000ecL },
-      { 0x7cc8481c4f63e95dL,0xb6f5e67341ec8492L,0x4feee2f212d6bbaeL,
-        0xc60be12a62737198L,0xce48ba8d9388c8aaL,0x7e6b28eed47186dcL,
-        0xd62fb8a0145ae15dL,0xb08e7f37a6edd2adL,0x00000000000000b3L } },
-    /* 62 << 378 */
-    { { 0xc9101947f1a2cfc7L,0xe3b88442fe8ff8b9L,0x61ba92f3ab98fcceL,
-        0x58bb6747b2128502L,0x91ea81ead23a937eL,0x8d0846ad6a138d6cL,
-        0x9d4b901e5ec186c5L,0xe2cf1d36f0cf52fdL,0x00000000000000a8L },
-      { 0x3cd95aa50fe009e3L,0x933f220bc246d7faL,0x325b953ec0d3f179L,
-        0x366196e9d25f08d1L,0x1b47a8966b247f04L,0x7e304fe85044a3b6L,
-        0xce4199cc201f4438L,0xd816ed7de850cf8aL,0x00000000000001e2L } },
-    /* 63 << 378 */
-    { { 0x8052bcc2eafde3c6L,0xd80dca3e9b9351c6L,0x957a0b78e510ec55L,
-        0x6cf7a4d7d0f3d49cL,0xb55b5ed2e3708855L,0x94ce53a450515ef5L,
-        0x752e68fdcccde771L,0x95b49c5d4b31604eL,0x000000000000009bL },
-      { 0xed84542a33b84ba0L,0x41656dafcf833a49L,0x60eb8d9113262619L,
-        0xd351476cda206701L,0x67d4bb1c5e340587L,0x9a8ae0da903f6673L,
-        0x5801b4bb90cff4e4L,0x6a4aa36bf8cf6d47L,0x000000000000002dL } },
-    /* 64 << 378 */
-    { { 0x442ebf300bcf3b88L,0x4b863857dc5bfd2bL,0x632a1056c50960c2L,
-        0xdbf49444c9d74020L,0x335f464b78287d19L,0x0cf8d5c75c490a63L,
-        0x4f9d9bd7d7d2d2c6L,0x1490fb61ad52d8a9L,0x00000000000000ebL },
-      { 0x42aabe7434a088dbL,0x871248c89e5b69eeL,0x7d624d6e55a87edbL,
-        0x81bc0bcfbaee4473L,0xf450c5ad9559a1b0L,0xa604379cdf4c738cL,
-        0x36b304e210ec0574L,0x948a50d38d8cf3d9L,0x000000000000018eL } },
-    /* 0 << 385 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 385 */
-    { { 0xc6ecf2f55565eb6eL,0x05e894602b260a3dL,0x459e260432c54616L,
-        0xfbf40aab47dd43acL,0x54d5949f9ad0b934L,0x992295a5cea0eef4L,
-        0x8a5af63cd5520b7aL,0x536ae69fa7f1ffddL,0x000000000000017bL },
-      { 0xddd868a73f0bc9f5L,0xb33a39d1bb82dc6dL,0x878d8aa048953ce8L,
-        0xf2a35ce29802f566L,0xa2b9188a07f25b60L,0xd01fed060933ca89L,
-        0x89013fce3114f728L,0x8128fdbe87828fadL,0x0000000000000054L } },
-    /* 2 << 385 */
-    { { 0xf20e17f13f9fa837L,0x0f66494807db1380L,0x5bcdc63187f0c342L,
-        0x56c64eccbd3f369bL,0x5e2dd96811c76666L,0x77a37823dc4303ecL,
-        0xa88173a174b208cfL,0x1c6268951af41e96L,0x00000000000001c5L },
-      { 0x72da351465467b39L,0xa97a3735ce45abdbL,0xa1cb4a2cc98eee0cL,
-        0x03dd02d494c63a07L,0xd22b087a3b2689f6L,0x5a50b83c3043678eL,
-        0x069adf5f844a417cL,0xa9eb7a19983fcfc1L,0x00000000000000c6L } },
-    /* 3 << 385 */
-    { { 0x4abf6de480e0c811L,0xfb0db238cf33e5aeL,0x3f65131865638f5aL,
-        0x93e5d62e41078c4bL,0x53ec3d90b4b44d9bL,0x9fe564607ddcf3b9L,
-        0x4714385079848b05L,0xbd3495a99e60315dL,0x0000000000000144L },
-      { 0x90409b61670bedefL,0xf0b1baf0b61f1014L,0xed3ccb5ccc4ad55fL,
-        0x391b2125ebc6a449L,0x9f49ab65c399ddd3L,0xf7706ca403eddc81L,
-        0xe42d1379579211fdL,0x9452b0d11ede88c3L,0x00000000000001fbL } },
-    /* 4 << 385 */
-    { { 0x984da95de0ea0baeL,0x7769cffa3ab813baL,0x02fd64a784cc8b68L,
-        0x138655f25ea90ed5L,0x71074c7c40b410c4L,0xf3971b004a05f173L,
-        0x113d8242d36b4f4dL,0x63bd460f4cdd1b0eL,0x000000000000015bL },
-      { 0x26bfaf816db9fe99L,0x001943c40a3c3a72L,0x258eccec8adf321fL,
-        0x8bf97f30f50d775cL,0xa7b60597e6899fbfL,0x622bf2cb49eabd50L,
-        0x9ff457e9b19e9649L,0x607570fde2dbb651L,0x000000000000010aL } },
-    /* 5 << 385 */
-    { { 0xf878768dc39ebd2dL,0xb1b035621b3a6b46L,0xe72832d029c2b56dL,
-        0x218d6d25056bd4caL,0x612ca701aec98ff1L,0xe163cfb4087e18faL,
-        0x87de2193c2bec7a0L,0xd4021463b488ad62L,0x0000000000000063L },
-      { 0x0edd28a4b8a8a68fL,0xf1ffbbca57379793L,0x35148b571e59f460L,
-        0x05e012671c86cefcL,0x8a9be0b60125bc67L,0xe7e5a7b6ba39760cL,
-        0x6f2c362f681eeb77L,0x6da71b8a21896363L,0x00000000000001f6L } },
-    /* 6 << 385 */
-    { { 0xeef26ae3c25300f5L,0x8bbffbbfb5cd52d2L,0xc6883fe52008ae5eL,
-        0xd9c9a0c8e2b01d57L,0x9acae3b306c31ab5L,0x7b2f19eb43b0c30bL,
-        0x95d3152ab1298985L,0x4794f0ec5f12ff03L,0x00000000000000a7L },
-      { 0x3bdefa96ef21ba62L,0x3b32556422a57592L,0x573f6bb2555fba4fL,
-        0x732ad6b3bae1a0fbL,0xfc41bc29a2761ee0L,0x621784f7aba990f9L,
-        0xd4ba1ab2e48a868bL,0x66312db4d1399b20L,0x00000000000001d9L } },
-    /* 7 << 385 */
-    { { 0x8049507015ff7901L,0x1478179a05613016L,0x59efd46ca8be1593L,
-        0xbd1f8e76113933ccL,0x09e6abf36992abb5L,0xc95822eca1d045e8L,
-        0x7436d5981f6c515cL,0x8d7c824f1bbfbeb2L,0x00000000000000e4L },
-      { 0x7d026a123aa9274aL,0x830bfca50bd883d5L,0xea9b5934fbf1bcd7L,
-        0xbf8c71836b06d84bL,0x4c0885bc205fea9cL,0x5fed94ad4cff3b03L,
-        0xd9f7b8f98be81d5dL,0x64d908c6893fa1b5L,0x000000000000007cL } },
-    /* 8 << 385 */
-    { { 0x51318ac974ba879aL,0x23723b6da68b584cL,0xa7872bf002ac441eL,
-        0x1e0c8fd665c7b9f4L,0xe8e3bc24b893449dL,0x2e83c6b8f06e02a6L,
-        0xba754c0178d50ef5L,0x7c6c06ef2c547c38L,0x0000000000000132L },
-      { 0xabbfe4266dee6431L,0x2d51aac612fd88eaL,0xc6f215251c83591eL,
-        0x85c550e59ee42180L,0xe1a4297da8cd1c50L,0x28f07cf6b55723cfL,
-        0xbede788e4113977bL,0x8c7572fcbedaeeabL,0x00000000000001abL } },
-    /* 9 << 385 */
-    { { 0x60221dac8c4046d7L,0xb29cba0533e800a3L,0xadcc3238ade5ecb5L,
-        0x7c31f4169d44fbb1L,0x404d9db9fb584dceL,0x7fb5b64fb56640c3L,
-        0xac38556d5e0e529dL,0xafa97e58214dd3d2L,0x000000000000008dL },
-      { 0xa24be8f4a0417228L,0x0b7b8efb5859d256L,0x70a6c4f46d40f4d3L,
-        0x02c765814b0aa0daL,0x353a45a5197e7128L,0xf9bd691dbb79a5f7L,
-        0xb428835a81ff0839L,0x89031e1bf8d35083L,0x0000000000000062L } },
-    /* 10 << 385 */
-    { { 0x92ad8865b1b131e3L,0xa2d8e77b3103a569L,0xd081c2a22d46d978L,
-        0x7f1757fe957e5123L,0x258ebe578c2f4a29L,0x67dff774bb023960L,
-        0x348ace6f79bb89e6L,0xaa23d41e5297feeeL,0x00000000000000adL },
-      { 0xbe8697e4a856e349L,0x2d3107c7e737bc92L,0x19b99e2f3e58c73fL,
-        0x11837e89c5062b4dL,0xc2a68bd6f73092e8L,0x80babf047dbc2becL,
-        0xfac9c42fe03d29beL,0xb7e929a3aca6ac1dL,0x0000000000000035L } },
-    /* 11 << 385 */
-    { { 0x8c4765f47229f2cfL,0xc8572c7d29c7e408L,0xf7bcff0b98553b8fL,
-        0xbd8e805c1c3e85c1L,0xb2d8dc14369c9dbcL,0x63b17347afd0ed33L,
-        0xb3f90b99d2d47136L,0xf1fadf5488ebb89fL,0x0000000000000052L },
-      { 0xe04cd6862e48f6b6L,0xf76ec1fa7a543a03L,0x20b50eebf9327d53L,
-        0xd9309aa39cce80c1L,0x3997de2cb01adc78L,0xf4a8fcb0aa455bcfL,
-        0xae359685f0199eafL,0xc8bc160985a31115L,0x00000000000001e8L } },
-    /* 12 << 385 */
-    { { 0xcbfda2506cdfcf62L,0x53113f8f15d70806L,0x4cf4b5dce80c79e6L,
-        0x14c33f38b5232e2cL,0xce68bf8a96819808L,0xff81633abec13a2dL,
-        0x969a055f1f77912aL,0x82aedb5c17822f63L,0x00000000000001bbL },
-      { 0x69352a3bdb5017a0L,0xc3ece4982392bd59L,0xdca599bd1b712201L,
-        0xed41a64f4b6bb033L,0x99b107acea5c5ac2L,0x504405d0322c3dbfL,
-        0x5fbbedce26ed81c2L,0xccbc266dcce08f72L,0x000000000000008fL } },
-    /* 13 << 385 */
-    { { 0x4dc83ee2d1ae29fdL,0xbaa31bd4bafce02eL,0xfa74ddcf5d8f2ed3L,
-        0x14b7d53567047459L,0x66b98c8706389572L,0x8215c3ab0a7617b7L,
-        0xd14796ab06956b2bL,0xc80fd323b54dabacL,0x0000000000000130L },
-      { 0x7400113068d54d81L,0x11823157d23ea02eL,0xaba5c32f9bb04c0aL,
-        0x0f99a803a3c680e4L,0x05264fe5ef58a7d6L,0x67e9f52cd303758dL,
-        0x4242203dcd5c1e1fL,0x98bea8cf604d23d4L,0x00000000000001ddL } },
-    /* 14 << 385 */
-    { { 0xc261b128c9294e78L,0x7e683d7ab56d383cL,0xa2af179eaec454d9L,
-        0xb6fa2f8e64f12f29L,0xc0f33050e8ab3d63L,0x333793a2bd5691eaL,
-        0x5db823fc3b368830L,0xf546d32a6a84ada1L,0x00000000000001c4L },
-      { 0x43664d6eac1380a1L,0x2c04be94f4f0f52eL,0xb9371f7f106b47daL,
-        0x110a17dc191734f1L,0x9dc73cb428b143e7L,0xfa1c936f7fd60d8bL,
-        0x7bf9010f2b6073d9L,0x1bb64c7ebece22e1L,0x0000000000000119L } },
-    /* 15 << 385 */
-    { { 0x25fbd37a93744747L,0x33a9d3b70c1a7fcaL,0x989f96796ae94f7fL,
-        0xe2106d35e67bf578L,0x07fc53faf949bd10L,0xa8157d4460c12a97L,
-        0x075634bf35cebe07L,0x71e2a9cdb340fcbdL,0x0000000000000121L },
-      { 0x1ffb67f0c2e6d92fL,0xbb9c28bc18900dbcL,0x3fe4feedc24b9a66L,
-        0x28e9362d04596798L,0x10ba62895c8dc108L,0xe68c61d13a1458d0L,
-        0x13d1e0ad364d8338L,0x123d93809d04965bL,0x0000000000000140L } },
-    /* 16 << 385 */
-    { { 0x72916be74e6df03bL,0xb14241ed090a7b6fL,0xec0532fbcf5e6f43L,
-        0x750cd95b680383c6L,0x2892d449c7cd9543L,0xf0550587d5d3ad9bL,
-        0x3b330694e9c29c0dL,0x6fa03173bfe6860dL,0x0000000000000111L },
-      { 0x6d55b870ab75c854L,0x156f9a4002f049f7L,0x72e2093bfa48732aL,
-        0x4ba2d6cb9a3c272dL,0x58102be5d89ba292L,0x4074f320b3c5c3b0L,
-        0xb478c05ee462c677L,0xebd4978f97182fe6L,0x0000000000000182L } },
-    /* 17 << 385 */
-    { { 0xae41de76e2896c2aL,0x1b2602cc3c601237L,0x9ae2e0c9af035deeL,
-        0x209a883c726c6673L,0x9a58dd920a725ff4L,0x4f8eceb3832a10e3L,
-        0x6c4d809c573317f8L,0x9121d8eac82c2a4cL,0x00000000000000cbL },
-      { 0xadff98fb9601c342L,0x2d42a3a3bae085d2L,0x5cf981d50ac42277L,
-        0xcc545cb079b74c44L,0x1adec8675675aa3bL,0x78603cb5b8e8ddb4L,
-        0xe48875e3002ae8bfL,0x6839bf245e1cb314L,0x00000000000000bbL } },
-    /* 18 << 385 */
-    { { 0xf8fae13deca4dddaL,0x671c8c158c52a92dL,0x5cb3ecc642bbc3c4L,
-        0x2ce7feeb00cf0233L,0xd7c0cb28aa604a63L,0x4a16938b01f87be7L,
-        0x17016645164102ecL,0xb8909311c9d1539bL,0x00000000000000b0L },
-      { 0x9567501142c22cc8L,0xc848925de932f6a0L,0xe4e700a4cd544b40L,
-        0x026bbe7378d519e3L,0x90b7fb394152421aL,0x4e53739aec641e36L,
-        0x481b7945122113b7L,0x49f3857d6b608fabL,0x00000000000001f5L } },
-    /* 19 << 385 */
-    { { 0xacef52d7c680deb3L,0x5387587420059de0L,0x1644e4b1f12a16d1L,
-        0xc1fbfe45c593cdcfL,0x4408421f5d780052L,0xbc641892768b8368L,
-        0x026a2b172ca3e625L,0x25d8c18e8294dd5eL,0x000000000000004aL },
-      { 0xf32800d6f856d7a9L,0x9c00ffb281a1f59fL,0xd4140fa9178c667aL,
-        0x7f1e6c729c9e0df2L,0x5f77c3089371c816L,0x38e375d72850e31cL,
-        0xfbf767e334b9cb0cL,0x69d86303ea279d88L,0x00000000000000b8L } },
-    /* 20 << 385 */
-    { { 0x6d3407e582d09cebL,0xc82381149c2bbfb3L,0x2305405592b91258L,
-        0x8c29220ab1b79073L,0x6e2cb5dd0dc5de61L,0xc93055237d359d6fL,
-        0x73cd337ac477e64fL,0x86a3f9fd7e8a066bL,0x00000000000001bcL },
-      { 0x0da1223f1b1fc70dL,0xc3d2d816b3c73ba0L,0x3a52c249c299cb6cL,
-        0xdd532fb9d7dfefa6L,0x2709093b148749ddL,0x920933d71472abd4L,
-        0x5cbbb77a1e9c9913L,0x582303e159854987L,0x00000000000001feL } },
-    /* 21 << 385 */
-    { { 0xd952ed9293f30e54L,0xf2283ddb40dfd445L,0x081f0864238b3390L,
-        0xf19b4cdf2a2746daL,0xa3328cb41ad23d9bL,0xdadef9c990130bc0L,
-        0xc12002c460008b07L,0xde3d9eb4c595f30eL,0x0000000000000022L },
-      { 0xfe6ef607efd5a387L,0x4cf4797c5e1e8932L,0x8f86442f05605d18L,
-        0xff1f353769eb95f0L,0x79fb4e69e1868299L,0xb39a34470ce7a27aL,
-        0x4c9b1dc040717364L,0xd6b2243f73ee2b9cL,0x0000000000000115L } },
-    /* 22 << 385 */
-    { { 0x1df547c1006a1b02L,0x75d489d5d0ae81b3L,0xd41b67c625b28229L,
-        0x4032ac036d8b9daaL,0x274a3d504296baaaL,0xbbc28a28b538dd5fL,
-        0xcf1f5a62d4df39dfL,0x56a0cad5d4f636b0L,0x0000000000000142L },
-      { 0x09732bfacd4a1f6fL,0x00b7aeb0011da78cL,0x2c967709103ab2f8L,
-        0x47d6805e9f83ec41L,0x67ded88e17c4818bL,0x81d03ea39249a058L,
-        0x5fd3a0fa51bce6abL,0xeb113e83c0a0c60eL,0x00000000000000f2L } },
-    /* 23 << 385 */
-    { { 0xcacc5334dbf7ffafL,0x481e6074e8597feeL,0x22aaa02633a987d6L,
-        0x77e8e0fe6243bb61L,0x786b31ce6f7f8afcL,0x438f8b23c3bfd839L,
-        0x86b7cfbfb8cfe3c6L,0xf996706fa357ffdbL,0x0000000000000184L },
-      { 0x0c3da18e104c5c98L,0x34545c356f3e682eL,0x4f1af92d2894962bL,
-        0x009941c8e16a8ea8L,0x6af6deca88a739f4L,0x846dccbc81b41d5dL,
-        0x867b168b1c5ffc95L,0x58edec94a80e7d65L,0x0000000000000111L } },
-    /* 24 << 385 */
-    { { 0x32c0cf8f2b1148ccL,0x881d8c7cc2086aa9L,0x6b25daf57c9fd47bL,
-        0xbfbb7226cd5ec48bL,0xf2b79deb9f2307baL,0x03d30de55fcfb278L,
-        0x4b2d3a4671ef137bL,0x4e4a24b1cad4495cL,0x0000000000000173L },
-      { 0x363160471ecfc10cL,0x8a4ac3bd75c27aadL,0x6fd1abefca6f6103L,
-        0x6ab15369b741c7ccL,0xdb25d3cd86719621L,0xe0d34a98ee85249bL,
-        0x25beecea370efc6aL,0x7d8a2ffca2cefbf6L,0x0000000000000057L } },
-    /* 25 << 385 */
-    { { 0x2b88e77fedb6e29dL,0x900de27858445e1dL,0x522be722d81ee6b2L,
-        0xb9847465d06e0e28L,0x395dc5cc82b6650eL,0x3fd0468d0c60d859L,
-        0x6aa7a4fff3820f0fL,0xb90a772a88d99f9cL,0x00000000000001dfL },
-      { 0xe2befebb447ef8b9L,0x24f508533c891b0eL,0xa8aa0aaa3230c6eeL,
-        0xa73632633dd77107L,0x46e85896920f93c1L,0xf72d7453b2104594L,
-        0xe5a8f1c909ceb433L,0xd2b8190067e39bb2L,0x0000000000000168L } },
-    /* 26 << 385 */
-    { { 0x1493570cf66b1750L,0x50fa5ae6f33cd4bfL,0xfbe2a3ecf561f917L,
-        0x4b258b77bf898f7fL,0x02d1ec70beac2642L,0x564b6272573b8580L,
-        0x8feedbf9ac5126d0L,0xd28fef1ae3a6f0e2L,0x00000000000000c2L },
-      { 0x75b483070a7958fbL,0x38a08c5c739a7ebcL,0x2fbd9f56e113feddL,
-        0x99aeade0627d745bL,0x333b1f30c79028d5L,0x4d2b246a3ac98d41L,
-        0x27bbeec3a17ca8a6L,0xd112ea7715c67437L,0x000000000000006fL } },
-    /* 27 << 385 */
-    { { 0x0605b9c712740e86L,0xdb6fb159ee416603L,0x1f40031e378c94c8L,
-        0x9e927ae7e0c09055L,0xfb48258a00745eeeL,0x17a704069ead3088L,
-        0x5e2bde8a82fa07ebL,0xcf976c7ddc554a08L,0x00000000000000e2L },
-      { 0x999adaffe0db5952L,0xab1e9977d27441b2L,0x866e1f16e9f1eeb0L,
-        0x72c71bd9ddbd25bfL,0xedd79e2a7b597c62L,0xc6f23d50844b5124L,
-        0x0709f4d02bd5cd8fL,0x5073c53ac01ec73dL,0x0000000000000196L } },
-    /* 28 << 385 */
-    { { 0x225e32b66f12962fL,0x65011534fcab5e88L,0x862db9d870ef87d3L,
-        0x4d97fd3e79bbd513L,0x142eccbffb7fb6dbL,0x9e775e1506e8b3acL,
-        0x6f6d15237bb36a4aL,0xd9b2a0b0c852c087L,0x0000000000000001L },
-      { 0x9fbaa9b411ee4180L,0xc87d89aabe044a8eL,0x60d2115a9d92fa69L,
-        0xf8e31c6d7ba7b5ebL,0x9932329bb6df0134L,0x6c01970a3bc69b2aL,
-        0x6737c958226ddb54L,0x3093ac432e11e8a2L,0x00000000000000acL } },
-    /* 29 << 385 */
-    { { 0xd55aab0baff63fb4L,0x157c404a98f804d9L,0x9093d56a62ac263cL,
-        0x8b2a1a6b7a1d63deL,0xdbb15dd256b07744L,0x53d216cc32950c7dL,
-        0xbd3ba7f922f29864L,0xaee5533c0b98ed47L,0x00000000000000aaL },
-      { 0x09e3a1ebc42105f9L,0x1bf3123ae34db19bL,0xed30f15386624ffaL,
-        0x591b7778c2514f17L,0xdd3df3dcc880f93eL,0x97d5affb755e1411L,
-        0x9465d5cd7316c386L,0xafe559200ce1ed81L,0x0000000000000161L } },
-    /* 30 << 385 */
-    { { 0xc5fdf2cd62f1c1fcL,0xb0646997d3c5ca15L,0xf1c45742869d0aaaL,
-        0x1a9c6f309fad74f5L,0x093dcb0c3c18f5cdL,0x00d14f2fc8ca593dL,
-        0x3f70f7e63c4f17a2L,0x39881e1d95d3df06L,0x0000000000000035L },
-      { 0x7afff24c258658e9L,0x5a4cacfcbade261fL,0xfe7767120735bba4L,
-        0x85ba530a9c82c1f3L,0x5769e18fe973b899L,0x18db2bc75e4fcfcdL,
-        0x9333ceae8e06e55aL,0x458767f2aac217feL,0x000000000000018aL } },
-    /* 31 << 385 */
-    { { 0x7dfd1fd9ca2c4cc8L,0x5f1a04ed9f267faeL,0x444c8449586d471bL,
-        0x02f37da060b87610L,0x6eaadf6d90b1267cL,0x6424f0e60c425c19L,
-        0xead76c1e5979d19dL,0x97135c570b5654ccL,0x00000000000001cfL },
-      { 0xfec92d05477c6636L,0xb5480096c82d5536L,0xe44d98c2c2f86198L,
-        0x86c2ec24cc6a078dL,0x7b95096318833141L,0x7dc32105e34fc08bL,
-        0xc28892a13971cbb6L,0x463463058d0debb6L,0x000000000000007bL } },
-    /* 32 << 385 */
-    { { 0x70148a3a1b27f40bL,0x4ce48c61b7c6cc7fL,0xf6ee8026e7beaad3L,
-        0x37eaec76d11ab074L,0x060f2ede99c1a334L,0xe9ce92e469150184L,
-        0xf90e484852d73bb0L,0x0436a9bf01b5ae4dL,0x00000000000001abL },
-      { 0x3f83381640d46948L,0x318236b2fc39fcccL,0x8835b602122bcc3fL,
-        0xa430b37b965ac801L,0xf448ea0fbd0585fdL,0x49e52f74252bb5dfL,
-        0x810768ae1085ace7L,0xa8ceb3299242e43fL,0x0000000000000189L } },
-    /* 33 << 385 */
-    { { 0xbb72e5ce86bb6ae3L,0x749128972db25cfeL,0xb7c395b6f4e593d4L,
-        0x372cf85ccdd2d6eaL,0x445a6b38d1b19db9L,0xe2f1c5aff02db1e5L,
-        0xf40284f827342884L,0xd719e46f7ff61a12L,0x0000000000000193L },
-      { 0x85eef4cd0c3e37e9L,0xdaab82657d012a8cL,0x53fd0cdf23c548daL,
-        0xc34d267335e40658L,0x2632c0ec6bead888L,0x56b52a6c28040011L,
-        0xa61cba5662cd9b3aL,0xd6c1e7a395ba9887L,0x00000000000000caL } },
-    /* 34 << 385 */
-    { { 0x0f3c881065ae1e9fL,0x799b5a9cf0ffafdaL,0xb34a3084f57f8537L,
-        0x457b247d9712dd17L,0xfd397b692a860504L,0xbb9d2244c382e2faL,
-        0x183b9ddbc05020bfL,0x6f191b5ad4db7efbL,0x00000000000000ffL },
-      { 0x4939abecf2576b34L,0x6e5798a1eeec4778L,0xc3df13c2b3b7580aL,
-        0xdff5b312ac675c29L,0x778a0194555b2cb1L,0xf9cae67a3f92285dL,
-        0x97ce17b1d7de701fL,0x8a9fd15db49e90c7L,0x000000000000010dL } },
-    /* 35 << 385 */
-    { { 0x3a7f3f9d32ef9964L,0xe88455e705b4501eL,0x068b8e3e93d07babL,
-        0xdc8519791ecf38a9L,0xa62a62579f9d6f8cL,0x7ac87da256aa5868L,
-        0xa40029a323a119deL,0x2e49e7d41bc4b0b8L,0x00000000000001e1L },
-      { 0x927eadf7c6307f61L,0x2dfa993d9c5dee17L,0xa5797580174f907eL,
-        0xc72b1db10a1a1a63L,0x138d2381a926cd5fL,0xdbe05d6d4c571edaL,
-        0x2d7239fa034e513dL,0xf768ed948d94b578L,0x000000000000003cL } },
-    /* 36 << 385 */
-    { { 0x222bc61f3aa3ae2bL,0x0b4319f85d0a7022L,0x57b1ba9af02709c2L,
-        0xc67d4a2175d1c7a2L,0x57f3c2dd4dbde7afL,0xe0540e677f154d4dL,
-        0xd326611a854758c8L,0x76d36182953b2828L,0x00000000000001b8L },
-      { 0xcaac624b594e7756L,0x29d87d7566978fb3L,0x7db2834f1a86fec9L,
-        0xc3fdaa53e1e61a46L,0x3247175b496c598cL,0x2a3665e118def4f0L,
-        0x7f16bd2286744f3fL,0x1d857a5588d6bb31L,0x00000000000001cdL } },
-    /* 37 << 385 */
-    { { 0x18e8c833b3916e3bL,0x50322ed8a25a77a8L,0x24a82c230f33743dL,
-        0xd72d2a918dc8941fL,0x97ec76addc5e62c5L,0x37f2aeaee2b1f956L,
-        0x0404f85aa5a4cdf7L,0x2731e35189098b68L,0x00000000000001eeL },
-      { 0xdcd6fb17be2d5536L,0xb6e4ddfd2a940f5bL,0x8f9be7ace6efc7aaL,
-        0x0c3dc0406bc2863fL,0x9e250a533e9db65bL,0x565400b82775b5f2L,
-        0xfbc78c75fbf0a926L,0xfd96db6c14630b19L,0x000000000000012dL } },
-    /* 38 << 385 */
-    { { 0xd1d64c7e70cb0e6fL,0x997708567217b5b6L,0x037f050cb96d710fL,
-        0x5c378b693989e449L,0x45f5ae2c0daa4766L,0xf536e14e7cdc17e5L,
-        0xc2e3f81a4a1e7c0eL,0x5e72b0196a5b8147L,0x000000000000005dL },
-      { 0xe084cdca97933356L,0xf687802de0f5495fL,0x04ef1478fb3f21ddL,
-        0x896ba7f3fcd00810L,0x066c5f0935f6ca88L,0x537e6a61c9437172L,
-        0x335f7cd8ad6a9893L,0xd94e13ac3666f7abL,0x0000000000000192L } },
-    /* 39 << 385 */
-    { { 0x9e5d42e974d23a2dL,0x65600770d82bc0e1L,0x398a0086f26aa51eL,
-        0xf9af5ca91cb33414L,0xafade7f67627615bL,0x9b292aa17f2615cfL,
-        0x5807fead310e94a6L,0x1e448d4bdd2d85c3L,0x000000000000003cL },
-      { 0x4f7f2205a8ed0e39L,0x314a4f3372c1bf70L,0x75555231cf595b09L,
-        0x3e7a57821100fbcfL,0x8f5e0ca34ab8ef49L,0x26e8382b2cb0db78L,
-        0x0712983ead48e8d2L,0x0b8c06c41c943b28L,0x0000000000000022L } },
-    /* 40 << 385 */
-    { { 0xe929b729504f8b28L,0xe706657cb887ef71L,0xb4bd5cda0b83db33L,
-        0x465187f0e761913cL,0xbd632bd6040b98afL,0xd82bf2af91c37379L,
-        0xcc1058b15380aec9L,0x243967a1c506f0bdL,0x00000000000000d1L },
-      { 0xb298442687d73c34L,0x5ffa94ea46cbe44aL,0x5814a34f20ddb255L,
-        0x8ea5436889b68f69L,0xe21603b0d26b66c6L,0x4695dff2320b6862L,
-        0xa5d5332742d53e67L,0xf17df48aa5931fd7L,0x00000000000001bbL } },
-    /* 41 << 385 */
-    { { 0x04c70f3885087978L,0xcd12cce53c8b44acL,0xfd4f376998f7c502L,
-        0x5aff3f2f98e9d246L,0xb3f2d8a82e0cb01eL,0x3f858b53fe4d8812L,
-        0x0b389f33abaf289cL,0xc9bcac4d85e783d8L,0x0000000000000158L },
-      { 0x93e51ba7c3bdb05fL,0x9043397744508070L,0x52617f035d615383L,
-        0xc2c4e23fad138cfaL,0xb701a0c9d06ba79aL,0x48a3165417ef47fcL,
-        0x495700fb2da06186L,0x15cef318fdd26d70L,0x00000000000001afL } },
-    /* 42 << 385 */
-    { { 0x9d3e388e0cd836e5L,0xc974d434ae7e8fa6L,0xceff33a84b7dfae6L,
-        0x27a8202db4d988c2L,0xf74ea8b2ce5a2905L,0x28b4c3d397a229e5L,
-        0x00c1ef677089a383L,0xf9a5cea3f47e577aL,0x0000000000000186L },
-      { 0x44edeb76bec9adcaL,0xbf02c338c5ffafb3L,0xa48a7dad4e0fcb0fL,
-        0x73665bd816a050a0L,0x102f101b93a18024L,0x9fbc6810f7ce9939L,
-        0x18723d426cef653eL,0x54d4b68723015f50L,0x000000000000007dL } },
-    /* 43 << 385 */
-    { { 0x645853a6e2304ce7L,0x6d6f5d6885f9b592L,0x3eca27a281bb3a8cL,
-        0x6cc8c8de108b3b50L,0x586b66bb96537c56L,0xfa80528910974d25L,
-        0xc040c8cf9654df6dL,0xc97f68c367879489L,0x0000000000000080L },
-      { 0xd38c57c16d2eec2fL,0x306846d4f6ea3d15L,0x2ff350501539a565L,
-        0xb45d32a19a8932e4L,0x23bf0d184fcbdd72L,0x12fd080596cd132aL,
-        0x7ff6b0e56bf400f6L,0x9c7d3dad7052b488L,0x000000000000006cL } },
-    /* 44 << 385 */
-    { { 0x5ab5af9029ea9024L,0x62586bb3faa25d87L,0xd43ef6de49148521L,
-        0xffaab71343df6049L,0xc0aed310f00e3fdbL,0xe028fc70c33b556eL,
-        0xf32399e91b8997a2L,0x1194cdd91f8f2427L,0x00000000000001e4L },
-      { 0x8d750b3d3951d0bfL,0x85ecbe512ba1a463L,0x46486edb52e64beaL,
-        0xb66ae34e7ba482abL,0x6d57cca5622a95faL,0xbec47b1e8417d830L,
-        0x740b9a5887cf80ddL,0xa6618207870a8a2eL,0x000000000000015dL } },
-    /* 45 << 385 */
-    { { 0x8a5916f00aa91c51L,0xa976e99375eff325L,0xa8408bc54ae87723L,
-        0x489d2e43f775bf8bL,0xdde2904c56c8ba33L,0x37550da29db2b339L,
-        0x1dc50f82a347dce2L,0x9499d24128c84734L,0x0000000000000051L },
-      { 0x3167754dddbca30dL,0x8a8577969acb20aeL,0x79980c5bd6bb103aL,
-        0x12849fa2f6ad7a1dL,0x84d5a7c0e6a33774L,0xa909f1a10580739bL,
-        0x97a40113e7b102dbL,0x070a98179145c800L,0x00000000000000caL } },
-    /* 46 << 385 */
-    { { 0xbe7c607599d8558bL,0x0822198ba470d7bcL,0x8134516f9b7f5084L,
-        0x5ca862b58ca39d9eL,0xfff8c52dc7bd24f6L,0xdcb06ff955cc6708L,
-        0x7ed3263cbd8b69ffL,0xa789da086cb08d57L,0x0000000000000017L },
-      { 0x7370cbd65877a86dL,0xbef9b4d34365e6e2L,0x73af11d1ff8243faL,
-        0x041c0263639a4178L,0x1907fd7305d03c9aL,0xaf28c8a796ecf611L,
-        0x073e51bc9586b05aL,0xb601e442e8c2096bL,0x00000000000000f8L } },
-    /* 47 << 385 */
-    { { 0x1194c0915f1b4c5eL,0x1d9f3b7afb88b9e2L,0x3bbc16c0a0f8b8ffL,
-        0x2c750d1b3c524bb5L,0xa463b2158ed71219L,0x3732bfcb948322daL,
-        0xe8cd027a3d667adeL,0x13d77bd8189f2eeeL,0x00000000000001e5L },
-      { 0x6adeab389ea63cbfL,0x4cc00ec1873d9cfdL,0x91206bd9dde3e73fL,
-        0x673213982af25a9bL,0xdd29fbc0c7c128faL,0x07e8deda5044c8fbL,
-        0x555612ea3dd8c690L,0xe56de5e753bf04e0L,0x0000000000000199L } },
-    /* 48 << 385 */
-    { { 0xa63bbec0976e030dL,0x7a81ce08e65327efL,0x0ac6397fa7c90248L,
-        0x14ef2887488f9ba1L,0xb2b47a2f497add24L,0xa86a385740274de2L,
-        0x25acdb8c12374808L,0x96f4ef892c57a8b1L,0x0000000000000050L },
-      { 0x3a8d6bfb85199966L,0x78bf5c36fbf35493L,0x8f1db78b5bd8876bL,
-        0xb8ea47b6b2becda0L,0x5decd86d13992438L,0xc0abe6d250dc68c1L,
-        0x85b05da73eaca155L,0xf8095622b1bd9e0bL,0x0000000000000104L } },
-    /* 49 << 385 */
-    { { 0xf17044b942b59f11L,0x716b5bccf9bc1552L,0xcdb5e87eaa109cdaL,
-        0xb4b8bb4a0a21bde7L,0x56914afb00ddf7a2L,0xd9ad9a5b7a0a7463L,
-        0x8cee2a803b0b3482L,0x2bed5feebf03e4feL,0x00000000000001c6L },
-      { 0x410ab42537a1cb27L,0x9811d04052ac89caL,0x04597789c9d044f3L,
-        0x85209250bb67711bL,0xfd886ffc3c39b579L,0xdf3e4df20a8bfdf4L,
-        0x6d2e6d431ca33a7bL,0x8e3aa535624713f5L,0x0000000000000140L } },
-    /* 50 << 385 */
-    { { 0x77f51e0c0442a7c7L,0x500c2b2ca9e3b607L,0x0ee098290847e5deL,
-        0x20349adb09354cdbL,0x6b55b08cc2d79e4dL,0xdcb3401e13d8863aL,
-        0x7baaec44aaf4e45dL,0xe52e2d8030e3684dL,0x000000000000015dL },
-      { 0x400371c05c87ddbfL,0xb6e45175f64b1914L,0x47b78ec27d6647d7L,
-        0xd1b8a05f3eff6489L,0xbf7d56859a637fb3L,0x0928b2419e67d5ddL,
-        0xdcd099e5146112d0L,0x5835194e38fa6f30L,0x000000000000004aL } },
-    /* 51 << 385 */
-    { { 0x994334489930200eL,0x57d680aeca0c5cb5L,0x500b59d823868cf4L,
-        0x8a0c2ca2b5702fd9L,0x365864638d68cb48L,0x99d533d4fe2bd373L,
-        0x76e5f84a8fdccef4L,0xf7a3adeac157857dL,0x00000000000001e1L },
-      { 0x9f89da8738e35a2dL,0xad503f99a5791c04L,0xeb04432cd0b1f650L,
-        0xbb49f73c9de86969L,0x8029aec67728cdc2L,0x668e0a8ea7b3de2aL,
-        0x316e9e0d920d8b5fL,0xd212034d5aafe07bL,0x00000000000000e8L } },
-    /* 52 << 385 */
-    { { 0x97ad23c88762dc4cL,0x20968d0f2d1c69afL,0xe2632e0a129c000cL,
-        0x29f88599dc732336L,0xa44c59d4bac2d80cL,0x0cf8411a987353b2L,
-        0xdcc28c77f498d31eL,0x78b5352a88cd769cL,0x00000000000000edL },
-      { 0xb0e90a4ebfdb4f02L,0xfe9de895a3128446L,0x5e56391e08215646L,
-        0xca6dd28866fa22d0L,0x72eeff81542c7c9bL,0xd6c39a86d59415d4L,
-        0x7b25916353a292afL,0x202fe2b6e8975c78L,0x00000000000001c2L } },
-    /* 53 << 385 */
-    { { 0x9806bd85cbec6480L,0xba6a35c617677c63L,0xfbb6db2a810128dfL,
-        0x88738bb1e9051fcbL,0x9e84681e40f5e477L,0xb8c311c61481f032L,
-        0x9e9a7bef01715e80L,0x281e49e5f705aa5aL,0x0000000000000004L },
-      { 0x9b309b2de678ef56L,0x3debc468f3faf55bL,0x46746951f0341856L,
-        0x001ba8e5718dd586L,0x05ea65aa9144640cL,0x7e7a5e4f9362e2e0L,
-        0xc16935252a9bfa2dL,0x8a8a985a2220ef82L,0x0000000000000022L } },
-    /* 54 << 385 */
-    { { 0x9f3090354dbc1eb3L,0x7c6d6a66748a3ab1L,0x76e43bf83c4a32cdL,
-        0x0556dab29283b2c5L,0xbb92ce2099abd7c0L,0x32c8445805611ce6L,
-        0x351c209534d866adL,0xb812b2e4c8c7f664L,0x0000000000000080L },
-      { 0xdfe378b30e2a92feL,0xe32b3be4077bd06bL,0xa07a0268acec79efL,
-        0xbf50bf0d53a8e15fL,0x2d5cc452ad111c55L,0x9c9138f202874227L,
-        0x2a5c81a2332546beL,0x3dce449a895ef21aL,0x00000000000001d5L } },
-    /* 55 << 385 */
-    { { 0xa63fb2af30833554L,0x54e207774ceef45aL,0x28daaccf9a93de1aL,
-        0x8b71ff06448451c5L,0xfd21f9ee3deb0b23L,0xcfe45600d9f7168cL,
-        0x60de95282235c182L,0xe30cebba4656a139L,0x0000000000000101L },
-      { 0xfc656b2211b55f1bL,0xa13bba09c477a553L,0x66fd4c2893274502L,
-        0x9b86a1fd1a24b861L,0xb6afd1ffe2a47053L,0x6c0769ff48df1e95L,
-        0x2b3b730d1b63f97aL,0xbec1276691aac5a4L,0x0000000000000144L } },
-    /* 56 << 385 */
-    { { 0x1b50fa628d00da24L,0x98c7ac500a0590bcL,0xc33c9f7f6c101946L,
-        0x653848c30c4eaf7dL,0x7ab38c79dc892656L,0x2ce0ae53420316ceL,
-        0x9df9a0087012d563L,0x130cd5656d51bd57L,0x00000000000000b7L },
-      { 0x21a2c95078ffe5efL,0xbc330a097b991b38L,0xc5151e1b2d4a375bL,
-        0x70a29d1080c0f67aL,0x2e75a55f2247b284L,0xc95a638058f332f1L,
-        0x0d7a5242a8fe1cc9L,0xc0b1176ca712a8ceL,0x0000000000000035L } },
-    /* 57 << 385 */
-    { { 0xe534d7e5b1b6b3a6L,0x442cc9a460e15a20L,0xb5b505780fc877d3L,
-        0xef21ffca4c062301L,0xd29e142d0a3457fcL,0xdd64c344ceadc8c1L,
-        0xb590679cb14c251dL,0x3fe76f10ab9b3856L,0x00000000000001e3L },
-      { 0xf136f66e27ca4c20L,0x7146348c84d4b0e8L,0x5d75318419adb36bL,
-        0xa7218c7b88ceb93cL,0x2df7eeaa837ee73cL,0x026cdcf3914bf563L,
-        0xf3f3d1a4997d9514L,0x16dbbf9d40ba713eL,0x000000000000019bL } },
-    /* 58 << 385 */
-    { { 0x0e9c00daa1923d11L,0xa4a935ba9e9a0e88L,0x235a9253ca54fc63L,
-        0x392920afdbd25679L,0x856d174652a57c44L,0xc3504988fb239f6bL,
-        0xa907f9f71cd72a71L,0x2925f0ced9f5d416L,0x000000000000011cL },
-      { 0x208bb07c7c23fe95L,0xb042893810ca84d3L,0xd0b3bf252f00bfa4L,
-        0x34cb8007cd3bbac7L,0xc08e0a6ab206c13eL,0x1462ec66991968dfL,
-        0x409af523c0694b39L,0x8ee92b86a076f928L,0x0000000000000078L } },
-    /* 59 << 385 */
-    { { 0xc9d7fc5dbd1a3ebdL,0x231bb307a5f1851fL,0xc749aba7d0d7e150L,
-        0xebe287d36a97cf7cL,0xa7bbcbfaa5236547L,0xb20cff6656a38e46L,
-        0x9483da01fe570880L,0xc9445f539dade10eL,0x000000000000018bL },
-      { 0xabb59e65fbfc603cL,0xe47b710ffaf6b799L,0xfe3b4ef8bb3471eaL,
-        0x6b525a9fa2deb2bbL,0x66e384c3b6f775e6L,0x0edcc15e3ae04586L,
-        0xb1ece91a0177a763L,0xdf3e41341824cecdL,0x000000000000008dL } },
-    /* 60 << 385 */
-    { { 0xc0f0454dd75aecf9L,0xdc6c13e10d80a3a1L,0xfcf9387eaa843e19L,
-        0x062744c75f9e673fL,0x4930360b8a9a5169L,0xfca298466dfc67caL,
-        0x4b177efcff3e9788L,0x40f92ea72d8232d1L,0x000000000000003eL },
-      { 0xc9ebe2461dab3098L,0xaee9d337a007be6eL,0x9e3a204cf11e73a6L,
-        0x7827ccd7f46edd7cL,0x5c602ab2c4a2c4fbL,0xef03efa28ab96392L,
-        0x22ebf4f017be24eeL,0x0b1dd25cd235301dL,0x00000000000001b5L } },
-    /* 61 << 385 */
-    { { 0x92b6122d364ef40aL,0x0f469c7408803dfcL,0xbb3f660c5008d200L,
-        0x2e4d68e12a330a19L,0x276981d7235df9d4L,0x420bc1c3a23c3b5eL,
-        0x2a0d705524eb5212L,0x576d86d23001513dL,0x00000000000001deL },
-      { 0x6afb220edab35c28L,0x405c936730584725L,0x5a57996203793bc2L,
-        0x7d3538be9fd9bfafL,0x416ce5282511c844L,0x846db71687796d79L,
-        0xf682f8faa73a6974L,0x0b2913aafdd19bbcL,0x00000000000000d0L } },
-    /* 62 << 385 */
-    { { 0x70db7f0c58ddd6edL,0x773c028cdbf9b863L,0xa04ef8b00cfdcb7cL,
-        0x513684b8a4a65e38L,0xb60cf9c1508347a2L,0x54635f38bde9bcbeL,
-        0x0b41f76ee79fc803L,0x6334d72bf373f10dL,0x0000000000000009L },
-      { 0x4cb3f53a0d2bc647L,0xa89a0ae94301232aL,0xacc6701961d28592L,
-        0x82718dd4fa93ad0dL,0x845908b550eed143L,0x7f66caf46403a023L,
-        0x003fdaae32636684L,0x776946a19c27c09fL,0x00000000000000d1L } },
-    /* 63 << 385 */
-    { { 0x1da47097240362a1L,0x30e9b0ff5b43cb0bL,0x5dd728da4f3db2c0L,
-        0x0027f719ffe4271dL,0xf1adecee13577480L,0xf6bf7133b47c7e12L,
-        0x1af855ba8221a9f7L,0x88896c19d53e3940L,0x000000000000004fL },
-      { 0xd07fee83edddb456L,0x362604d7f71a3cb9L,0x040220eda3c197fcL,
-        0x7abad6759101be2cL,0x618e46cbeaab7424L,0x05c1a27e57e4b841L,
-        0x197916805b141498L,0x37ed04403de4c4cdL,0x00000000000000feL } },
-    /* 64 << 385 */
-    { { 0x7b0373e4fd998a0aL,0x0bddac80c37e7937L,0xb979fdca8eeccc27L,
-        0x150c3141e82b945aL,0xcf88a830cebf1156L,0x649c7c1abbef5c8fL,
-        0x3199e1c5f10104eaL,0x31e4fd39898b7fd0L,0x000000000000011dL },
-      { 0xc24063de449bcd85L,0xb0cc16e1b96fef39L,0xfa391388b2f631b2L,
-        0xd39c21b41f4a449bL,0xd036cb3135f5045aL,0x58a0729c367f428dL,
-        0x7dde830655c42fb9L,0xd14ab2fef68c64faL,0x0000000000000163L } },
-    /* 0 << 392 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 392 */
-    { { 0x5663f565a308e123L,0x91a48983157c2290L,0x222f7f93c054408aL,
-        0xd8694963b839a520L,0x864b491dd314da50L,0xa315d96ed675cc09L,
-        0x32964930390531b6L,0x9387671921e11f6eL,0x00000000000001d0L },
-      { 0x20f4598e0c3477faL,0x14c758b4ccf7f114L,0x0c83f642051b875eL,
-        0x14ab1b501b290e7dL,0x99f812c7f1b18fa8L,0xaa60f39988ca8e75L,
-        0x00de2bd0b9c6c5f7L,0x765da97328703a2aL,0x0000000000000015L } },
-    /* 2 << 392 */
-    { { 0x05a704cc2934ed82L,0x647089fb989edd8cL,0xe0b239d40ce7c62dL,
-        0x4c892ea6105a5effL,0xa519395fd5ed6b04L,0x806c7003509ed794L,
-        0x882e9886e70ce5c4L,0x50730ca1ff01f6a9L,0x0000000000000088L },
-      { 0x90a78a16dbcc5484L,0xc1ab078cfd454b50L,0x6f488252cb09e525L,
-        0xdd663f53e19b2ed7L,0x16b10da1a67bf59cL,0xb47f6b9536bb770aL,
-        0x6bdc8428777b2bceL,0xcd02ae3d561553f8L,0x0000000000000017L } },
-    /* 3 << 392 */
-    { { 0x06ba35c1ee2f1290L,0xec34093fd403d1e7L,0xc1b8ed8fa659075eL,
-        0xea322ad8bfe99020L,0x3b7a95d8d5148b86L,0x979d99bec2cd9adeL,
-        0x89a6a55285dba94cL,0xa5b7e51be090e6a7L,0x0000000000000120L },
-      { 0x033b73ceaf82552aL,0x8c98e0b55ca604c1L,0x177a92e5533addf7L,
-        0x6eab8277ed1ad360L,0x05937e24bfb8e3e1L,0x4193e5cfd061128aL,
-        0x4f781b5dfc1326fcL,0x74403eb19d0056bfL,0x00000000000001f1L } },
-    /* 4 << 392 */
-    { { 0x36da34d11edc1498L,0x7ba9673c18d4c455L,0x9acd94ff724eb3fdL,
-        0x5db71c7ad31cfbc2L,0x64357011d49a2214L,0x80b6101f0aae0c21L,
-        0xeffec6209853d1f0L,0xf928ed94eda4fb5bL,0x00000000000001bcL },
-      { 0x0031c5cce3db108eL,0x2663b3aa5110eb67L,0xc0432c4f3b2d50c5L,
-        0xe5b812ab3d94b4fcL,0x031fcbe4e9828d03L,0x048dec907a08492dL,
-        0x7420a4edea50d639L,0x0bd4bdd076eef289L,0x000000000000015fL } },
-    /* 5 << 392 */
-    { { 0xe7718e9bdf3566ecL,0x2acd4c45d1d77e5eL,0xc78694add9787985L,
-        0xc7c600c5f645c923L,0xcd1e697ac393f54bL,0x7928ed5b20054d6eL,
-        0xd3c839e03cafeabfL,0xbfaafdcec46a4425L,0x0000000000000196L },
-      { 0x6baeeca1e1804d34L,0x6996db6c70aa5e48L,0x24e11983b9577c2eL,
-        0x3966f9a104335832L,0x5654cbdd50889c2aL,0xee86177f32df0deaL,
-        0x7e9c591df8d76ecfL,0x57de93bfddbac362L,0x0000000000000022L } },
-    /* 6 << 392 */
-    { { 0x78709a5ca92d6561L,0x36b5d1f10880bc8eL,0xf980cebc0af2078aL,
-        0x4b5e964a14edaab5L,0xd526f78563afd322L,0xf5a9d4c668e17240L,
-        0x0c420e2819fc5026L,0x3327540903459b12L,0x0000000000000157L },
-      { 0xae433226c4d6bb5dL,0x5e39057b13ea6565L,0xeb7729af7aaf08e1L,
-        0xa74c0ed7012567f2L,0x65b64576b6e89abeL,0x6b025e87f2498699L,
-        0xbc92a03cc229c0f1L,0xc54da03b0f1f67c7L,0x000000000000001dL } },
-    /* 7 << 392 */
-    { { 0xeb525fbb07d2778eL,0x4cd96634c965143eL,0xb2ea802d742e1fcbL,
-        0xa2f1ec4c75bc3cd4L,0xe778f1e1125ebaf8L,0xc700e4e4650b81ebL,
-        0x66d593a59c841f1bL,0x4da417578d2984c9L,0x00000000000000a1L },
-      { 0x6e9ed77d57d4a16eL,0xefb8f94c1c1696aeL,0xf2961d2c8acbc2a6L,
-        0x8fc9352de1d5de1fL,0x786158d1a7b8579cL,0x3ab33268fdcbac8aL,
-        0xf237b433d583ed20L,0x3edcc184e4c10d57L,0x00000000000000cdL } },
-    /* 8 << 392 */
-    { { 0x8ec9a4151e96a885L,0xc95ec1ef7e63cb24L,0x8a77bef7c506a04dL,
-        0x4e4dd4100ad06b3fL,0xc2eb62e4dc28fd42L,0x7cb2239454040fabL,
-        0x74a3429a64595d06L,0x05983dfa26fd26d9L,0x0000000000000151L },
-      { 0x56acb9c1291ba5b5L,0x9967485f11c55994L,0xfc8eeb0bb23cd929L,
-        0x0fe8db6b39d78fb1L,0x3d7281e846f04210L,0xe7f29c805d9fe1f9L,
-        0x2ea28b7ef78b31a2L,0x594d39ee4dfe2d5fL,0x0000000000000087L } },
-    /* 9 << 392 */
-    { { 0x67f5679c7c9beac4L,0x985a78336230b567L,0xa250d8de064e4738L,
-        0xb8bfbdd3b564700eL,0x087bf9e82e14ad7dL,0x4cf9220aa0317fafL,
-        0x6614ae6eb05bc341L,0x1deff5d59e41105fL,0x00000000000000feL },
-      { 0x8b47d53a03966619L,0x72d5b26cbff94109L,0xdfc37d1510b76762L,
-        0x669e715664b09f94L,0x16e999e2d3fb006bL,0x3e5aa52b6aa4487fL,
-        0x8bfd7f5533c1350aL,0x68ff6cd44e72ea36L,0x0000000000000161L } },
-    /* 10 << 392 */
-    { { 0x450eccbf95b7cf7aL,0xdf3b7da8b44af149L,0x373e6b4f40c25b44L,
-        0xf9db1d32e6c86b87L,0x02466d20439af230L,0x17bd88275830bba4L,
-        0xf8f5e1805aef36c3L,0x6986ab02b7ed8e89L,0x0000000000000173L },
-      { 0x5c05151d51fe4224L,0x824fbd0f5576ccb6L,0xbe14d2f8e1751932L,
-        0xc608e4c367fa6561L,0x4fa94021a856141fL,0x752b95bdda4ab1a8L,
-        0xf4d032c295439524L,0x408521c03a8e1267L,0x00000000000000faL } },
-    /* 11 << 392 */
-    { { 0x9b7d1f3bfc0f4a8bL,0x7a8f0b0f5ccb978bL,0x00d61c73d3415ae8L,
-        0xf46d7b22c6aede9dL,0x1fc2937114822df1L,0xe3e1d4675f740f97L,
-        0x3a7e3ba3b9159596L,0xf99ca1a803b5ec47L,0x0000000000000029L },
-      { 0x04243bdfbb5ccd4eL,0x055a49f78802bd75L,0x51f2d40a306ea61eL,
-        0xa70666ecda558bdcL,0x92ae69d13e523a23L,0x98055b32c4ef7644L,
-        0x3748d45e0e228566L,0x9c4991a170bae7d8L,0x0000000000000106L } },
-    /* 12 << 392 */
-    { { 0x6502b92cbb5c5c05L,0x85d920e3bfbe8363L,0x7a2aba0d6e2b1eb1L,
-        0xc02768187c1e4e5fL,0x8eed0e03e426684eL,0x164e869178e5d42eL,
-        0x606a3a5498aa47a7L,0x2350730d0b830942L,0x0000000000000148L },
-      { 0x5e1965a01d104b08L,0x7e28dadd373e0f14L,0x77b7c36fac533cceL,
-        0x8c2d1096e00217beL,0x016538a1ae057a93L,0x2fb0bf1e5a58f3dfL,
-        0x0e6a5e9d9785d24cL,0xb945866bd5a89bfaL,0x00000000000000a7L } },
-    /* 13 << 392 */
-    { { 0x143510e9fe207454L,0xb0fd9824bbf845f0L,0x39c13279e8bf1a9eL,
-        0x75fa89a10feca613L,0x2c66a7eb825a3dd7L,0x9c2b32c8b26368aeL,
-        0xf92e1aaaf619a005L,0x4de668fdaaccfca3L,0x000000000000012bL },
-      { 0xa92801b445cfcf06L,0xfbd77f9cf74d70ddL,0x1e47198c6340644dL,
-        0xffba0b1f6b4dae22L,0xe48cb9bbc7b899dfL,0xa2f0ece2c71b8b4aL,
-        0x5d9815e62a173ebeL,0xb9b11bc50e9906daL,0x000000000000011aL } },
-    /* 14 << 392 */
-    { { 0x55ac3726fe2a7478L,0xe94f2031e30ff599L,0x469519bd10936c6dL,
-        0x878d1fc50515a43dL,0x187f4315806e0b6fL,0xe03dc8bb2772ffa8L,
-        0x32b48a444a6b058bL,0xea5822f35164ec93L,0x00000000000000a0L },
-      { 0x5c617856737160e6L,0xc9c64cd423c701eaL,0xfbaeb50175437eb9L,
-        0x99422e75de99481aL,0x0f222393795537c5L,0xf7a2094923a1c0c7L,
-        0x5e14e523f71edde9L,0xe03bfb13c7ec1652L,0x0000000000000099L } },
-    /* 15 << 392 */
-    { { 0x592528bcb0d0888aL,0x32b7ca4dcabde573L,0xa25e1b62404f7268L,
-        0xa3da442d16381bf7L,0x62caeaaf5d6acdc7L,0xc9f64cd37e764a4fL,
-        0x297687a84e48f5cdL,0xb315f2345e2d02a9L,0x0000000000000012L },
-      { 0x4f91c00520acaebcL,0x61ce683cdb8cbfe4L,0x22a4efd555ee34ceL,
-        0xf8d7d3ca64516080L,0x38d087a027af0007L,0xdda0dfb2e0de0ef0L,
-        0x7e0601f0f4c91376L,0x23d16e102ebd6270L,0x0000000000000141L } },
-    /* 16 << 392 */
-    { { 0x1bd8ce7b5a53c22bL,0x78733fcd7cab446aL,0xc44ca4e248acb394L,
-        0xa9888b1ea38c790fL,0x36afb6eb15c34237L,0xb913b8a8fb702063L,
-        0x34b77cc5917508faL,0xa931d7a7f9e4732bL,0x0000000000000050L },
-      { 0xa90a429056d21d18L,0x8266630755b410a1L,0xb4684a8b894a6b05L,
-        0x8a1ade63828cf75cL,0x4fb2f85a127702a3L,0x83ff7d05adf7b709L,
-        0x1d3f5a92a68d1db6L,0x243ce1dbc093cd5cL,0x00000000000000f5L } },
-    /* 17 << 392 */
-    { { 0x747050b4dc1f408bL,0xf1aa5f1cf0e53056L,0xfcd32b5db55215c2L,
-        0x83e780e2a643d3d0L,0x10c32cd4a683aa1aL,0xb566a42ef274f385L,
-        0xa94cdfc13c628a9fL,0x3a4dd494f28cf4d5L,0x00000000000000b4L },
-      { 0xd12f1ca48707dd0dL,0xc250d375379846d5L,0xb3d1f3e6cf8f7906L,
-        0x828c0769504ef581L,0xd8ddb5fb91ed0a99L,0xb53dad6bfe27e621L,
-        0xec6e3cd22a31b15eL,0x402c5dee5cd9ba0cL,0x0000000000000160L } },
-    /* 18 << 392 */
-    { { 0x39b44df663e47f96L,0x2c7206891f130336L,0x5543679012acc921L,
-        0x2944066a5d875d70L,0xb6ba5ecab637f3dfL,0x69c8cadc79abbfd9L,
-        0x359753d5bcef620eL,0x1caf0d9bbd2e9239L,0x0000000000000116L },
-      { 0x2412742cd051ae6fL,0xc8cb1cac54d13ad9L,0x19bdf52082ff17ddL,
-        0x7310001c46f5ae00L,0x9f6dae8cefcb214cL,0xe3afc3481ac29d5dL,
-        0x6162b535843d1a4aL,0xb25ff812e5174c3dL,0x0000000000000015L } },
-    /* 19 << 392 */
-    { { 0x2f2a4ecf475c5d3fL,0x012f076856a9da6aL,0x2d35ab720eb73946L,
-        0x50aefcb5af90f132L,0x8ad439af4c3ab322L,0x70d8e68b3cca3e59L,
-        0xff7ca8f5f7498297L,0xbb166b54aa99e5ccL,0x000000000000011cL },
-      { 0x08dd12eae174eb28L,0xca75bd49a8a34a97L,0x262fc207883d05e7L,
-        0x6372076829e98b07L,0x6434261d442c2457L,0x6cf09b54ec47cd5eL,
-        0x6e4d2a8b5ed4b6d3L,0x6950403c677585bfL,0x00000000000000d4L } },
-    /* 20 << 392 */
-    { { 0xe8bf0d2b9a86c296L,0x56b947a575d4fd5aL,0x7364354793941d37L,
-        0x493899e4728c0b10L,0xa0d636a76ca7e1ebL,0x083f811e16ce84a2L,
-        0x9602ad8b90bb012eL,0xb1c8808cfd7d4057L,0x00000000000000feL },
-      { 0xae262388f65f859aL,0x220164e04c8e2cf4L,0x7e1f59f2639a7befL,
-        0x7777613522bd2b24L,0x191b18530b92201dL,0x9ebf0a3d99fdf0d4L,
-        0xc250ea2f792cdf64L,0x9da499827937b250L,0x00000000000001dbL } },
-    /* 21 << 392 */
-    { { 0xe95372547eec5ab8L,0x20854600dc649495L,0xb2c454502060a38fL,
-        0x074640c83b17ef7dL,0xc2ba81afeafd02b0L,0x76b5593495c308ccL,
-        0x1be30f525d9c01c7L,0x00fb296b0c089ee6L,0x000000000000011eL },
-      { 0xcab278f10884bcb4L,0x81ed4c3515bdd541L,0x69cc0e14f5766a2eL,
-        0xee19b33ffa305dc2L,0x0e66612c3941336aL,0x2d70aea0df5046faL,
-        0x70ede44f5562d06cL,0x92a66c0bebd8019aL,0x000000000000014dL } },
-    /* 22 << 392 */
-    { { 0x7aef7245579e8701L,0xdddc870d737fd8ceL,0x4e4ad894eadbb996L,
-        0x135b46160dfab3d7L,0x0433d57dcd7250b0L,0x4d3f5f9db0292ed0L,
-        0x639e7722eceba527L,0xcd5b2c428487b3c5L,0x00000000000000e9L },
-      { 0xb1bdb67698d0936aL,0xaefe0fffc847c8efL,0x9f1c085f612bd61dL,
-        0x148a96673d232e56L,0x5374bb9deeed1322L,0xb79378900e4302d0L,
-        0x0c269a4be256e409L,0xf0c659b70315057cL,0x0000000000000129L } },
-    /* 23 << 392 */
-    { { 0x71ee59406a722275L,0x523a7e2bfa97bb09L,0x8cea508a21648596L,
-        0x655546cf43160a2eL,0x715fd019b704209fL,0xc906616600197d39L,
-        0xe176a99d7419b773L,0x8a8170e25ce68d76L,0x00000000000000a5L },
-      { 0xfb511b500b8abc3cL,0x6e8474d977a2cb0aL,0x849c55ee2037f989L,
-        0x92e102d9d072d371L,0x90c88a1edd72df80L,0xaffc59588c3725d7L,
-        0x92c20b445eb10063L,0x871b18dac2eb294bL,0x0000000000000129L } },
-    /* 24 << 392 */
-    { { 0xfaf6bd70ac57cb84L,0x32c242073eb61ae3L,0x5986ce0e7c9b61c6L,
-        0x9b36f045f1733320L,0xe4dd9d839f8948c0L,0xebe72911a8a90ea5L,
-        0xd34cb93e2d84d142L,0x787753d11c55d53fL,0x00000000000001beL },
-      { 0x48c0229aa2df0ca9L,0xbc42db5394660967L,0x4b209e4061935318L,
-        0xcf7e4981898ae70dL,0xa42c59694dfb5d28L,0x2ccb13a68e4a6d4cL,
-        0x77bb58626c36976cL,0x7b44f5ab71676ff4L,0x00000000000001b4L } },
-    /* 25 << 392 */
-    { { 0x2a3b21f19fd42b97L,0x388249b469e250e6L,0x7226d729f01c879eL,
-        0xe588203b9e652254L,0xc6fb3b1a846a5090L,0x2dca87ce9a2a242dL,
-        0xaca5c8fa7dc5f4adL,0x65334ff212ea5d25L,0x00000000000000bdL },
-      { 0xc1039e12cc6df18bL,0xb13ab3c2d6a89d34L,0x8573f608686ab623L,
-        0xb34720f8b0a4c351L,0xb42c5a677841be0aL,0xcd53d55f37b5ce15L,
-        0x99d97165e3cc80d3L,0x3c2a9a9ddb06c07eL,0x0000000000000091L } },
-    /* 26 << 392 */
-    { { 0x67dc211ce9a3ea9cL,0x292af224222b2a93L,0x818fb79cfe0f90b4L,
-        0x379d01c415628e38L,0x48a83503ad420127L,0x9ee9b705ea2b1a5eL,
-        0x0430fcdeff6e68d2L,0x3045e6fb6b148eafL,0x00000000000001acL },
-      { 0x9bba4b09d469ed6eL,0x95ac0bbe3cf66944L,0x109546371c2ed0d1L,
-        0x21ece32632403941L,0xc4a8ba03051a64beL,0xb00e5c8aa214703aL,
-        0xce818fb8ef7fa7a8L,0xc9b56befadb9488eL,0x0000000000000178L } },
-    /* 27 << 392 */
-    { { 0x7ad60105c31e7fc6L,0xf361576465d266f6L,0x5608c43e884a8482L,
-        0xdfdf8db35cb2ba2aL,0xee76eb6488c0d22bL,0xf9ee20f3c433d719L,
-        0x09ab2833bef67b85L,0x632230924b54aee4L,0x000000000000009cL },
-      { 0x5d63b8e97bbae00fL,0xb6348d60cfba1a43L,0xe080feba8eace1dbL,
-        0xfc3847f6d9166854L,0x0cf910826edf4f5eL,0xb8cd7739571167c9L,
-        0xcbc05dbd10dd80a2L,0x2a0ee01733e69b2aL,0x0000000000000129L } },
-    /* 28 << 392 */
-    { { 0x64c9253b379d2951L,0xe87333890586cd59L,0xce8eb9b4f6c64aa0L,
-        0xd7a88646774ad3b7L,0x36b395a03dabf772L,0xd7d57f5b8f6f0f7cL,
-        0x58773e9a09a83d1eL,0xb3abd1a2ee22a9a8L,0x00000000000000bfL },
-      { 0xd93010a338b8f550L,0xb2690375f35c0da4L,0x53a4d7c4f484121eL,
-        0x11cb900504509d4dL,0x03f191749f6fa703L,0xb0fe84994edbc279L,
-        0xd5d6975d38260010L,0xd7dd640ee6be46cdL,0x00000000000000e6L } },
-    /* 29 << 392 */
-    { { 0x7cc7d5e9bd89d3a9L,0x60d8204cc9dd7b17L,0x50ade1349d0542c6L,
-        0xbc5be5f2b686ea56L,0xc092f3447f75b822L,0x352363f1339b6094L,
-        0x7e59acc4f04ee90fL,0x4dacc4a31f72da27L,0x000000000000008aL },
-      { 0xe176a7be926af1d7L,0x2c9765fdceddaca9L,0x66708097b7d745caL,
-        0x58469ef977ac7fdaL,0xff4993d33433d277L,0x6b648ba00477ce72L,
-        0xa49cc8d961ca75eaL,0x052cd69af501a8acL,0x0000000000000166L } },
-    /* 30 << 392 */
-    { { 0x2f13fe842dd5e903L,0x339f67a10e555b76L,0x0d2f153c003c2ee6L,
-        0xba0a0aae38f0fb43L,0x11b61a8eef9b72eaL,0xc7f6eca2a5c4597dL,
-        0x0e72636cc732b509L,0x939553ecb7247071L,0x0000000000000075L },
-      { 0x759b4d18978c6c82L,0x232c43fac9b34e44L,0xacdc159177608f47L,
-        0xae6056b93087fbb7L,0x000ca7db5c3883eeL,0x58de6f66140170e2L,
-        0x95a29345ae255893L,0x6913fa78e7508854L,0x0000000000000068L } },
-    /* 31 << 392 */
-    { { 0x2c05d35ab3259931L,0x180318ee63243888L,0xe370c069e4a6d4acL,
-        0x9a0e73d8115a7552L,0xb136040f3024b20dL,0x9ec6cce3c9b71921L,
-        0x8240506569597e99L,0xad8cb3569f38ae91L,0x000000000000006fL },
-      { 0x056452385fc41873L,0xc5444c3e434b2df6L,0xcdaf76b3280c0eafL,
-        0xf5e96a0627548836L,0x7642c921768eb175L,0x309ecc1fc140592fL,
-        0xb46b3c8a55537f8fL,0x215fd24153c7570cL,0x000000000000015aL } },
-    /* 32 << 392 */
-    { { 0x8b3dc3d04aae7354L,0x9ccbf6ce4a8f62b0L,0xb3713c0060c73a7eL,
-        0xf6f73585349ec6a0L,0xa995a64cfc30467fL,0x877334fefad776d0L,
-        0x84588e41b236dcf3L,0xdcfdb088e9ccbd7dL,0x0000000000000181L },
-      { 0x188db860fb36e7aeL,0xe7a0df8df45ea4ffL,0x110245ac5ca6f9f7L,
-        0xd4c3509d7a7031afL,0xf4aa648f34df0623L,0x462aa9497e664bd5L,
-        0x415012b4e2f0138fL,0xec3dafa01c60732aL,0x00000000000000beL } },
-    /* 33 << 392 */
-    { { 0x892947c065b8343dL,0x04d4c1f54cc89339L,0xec0a8dadc9f713feL,
-        0x49a1bdcd7e8cb36fL,0x8416e0725de9db7cL,0xe9d7856a814f2889L,
-        0x00bcd25858d9931fL,0x77622d851e6d5f7aL,0x00000000000001d4L },
-      { 0x8d1d7219651ec975L,0x5d20520ede8d13a2L,0x62d8bd2acb73a5e7L,
-        0x56596d73d791eeb1L,0xfe714aa9c07a2a30L,0x2829967735f34560L,
-        0xc1f5477576599af2L,0x599f6db4c2e97737L,0x00000000000000daL } },
-    /* 34 << 392 */
-    { { 0xe27b3464824eaeeaL,0x2358f6ad5393879bL,0xa7df34d4710fb8f7L,
-        0x833df1e070a35060L,0x0713f8dc37a6da75L,0x5c1f9b86d569678eL,
-        0x5388bf51316a4a10L,0x3533b4196499c876L,0x000000000000005aL },
-      { 0x072045e7f7b0bb1eL,0xfea6dad18806fff0L,0x145700a9967aeedaL,
-        0x7d1daf361c1fd04aL,0xa59fd9c4ba6c47f0L,0x9869b04f2051bc10L,
-        0x922a2c62ed765e5cL,0xc45f00694fe8bc2fL,0x00000000000000d5L } },
-    /* 35 << 392 */
-    { { 0x7d73bb35ae7cd284L,0x95a93265f13cfebeL,0x35311175966ae16bL,
-        0xdc7930b274e48e72L,0x81501ccbf7575898L,0x7999582f6a37a35dL,
-        0x88d4ab111c496f5dL,0xd25f44e7a36d1b34L,0x0000000000000147L },
-      { 0x64ab3239231cfc02L,0x75e653046357d94bL,0xd0f90974d95dd829L,
-        0xabf69128f4dfded3L,0x3cca87402a85856eL,0x1c555726610324c7L,
-        0x46bba522508ec0bdL,0xbf2610b1479a9c93L,0x000000000000014fL } },
-    /* 36 << 392 */
-    { { 0xe1299139f1586f70L,0xd5cb2c10053083dfL,0x9e0ce9829ea052f5L,
-        0x87de595b0efc851fL,0x4cccf7ae98742defL,0x87cfa3788548d910L,
-        0x8ef7bc8e1a6128b7L,0xa605315051d38f20L,0x0000000000000047L },
-      { 0xd0797eddc7635909L,0x1eb856cb63113d00L,0xa2a965c95725aedaL,
-        0x5eaa6eef217ab755L,0x4ada3e4af55bfed5L,0xe4d945933792f0d8L,
-        0x19ea0a3b27ea0947L,0xe90121ad54aa8a99L,0x000000000000007eL } },
-    /* 37 << 392 */
-    { { 0xf2a647cdb728d429L,0x45a1d210eb7133bcL,0x4c8f934b6b83916fL,
-        0x3b98f81e522dd12eL,0x454884a7d6e86fbfL,0x160c65f88689d7e7L,
-        0x9069c27d763c2796L,0xf1405b86fc31e096L,0x0000000000000137L },
-      { 0xb0be8cff6fb3901eL,0xa7a916b0da1ac91aL,0x7c097b23b344f479L,
-        0x6b3aa54eb469472fL,0x8f10c2209edf3457L,0xe485ee25d6189cf5L,
-        0x01c0af56cb45ae2aL,0x16c2ecb7d3a5d9f5L,0x0000000000000004L } },
-    /* 38 << 392 */
-    { { 0x6caa8e9aab24a11fL,0x918618de7f998abdL,0x51ab05a0fa2efd0cL,
-        0xc5db63b47afd5f5fL,0x40ddd9d21671f863L,0xdf21f123e8979929L,
-        0xf964fdaa753f5f9aL,0xa6bc6ee1ac869b60L,0x0000000000000036L },
-      { 0x9ec7b5223fb9e363L,0x9cc1db429d4a17e5L,0xf6abb7fa2490da7aL,
-        0x284023565a5d5231L,0x31c197bad7698b7bL,0x78e3957ee443b4a6L,
-        0x6f747898b809dcacL,0x2cb14df9bc50dc28L,0x00000000000000e1L } },
-    /* 39 << 392 */
-    { { 0x087ae31a39de4487L,0x83eea765449ccd69L,0x4646830a781c8c19L,
-        0x9cdece343b0c1627L,0x82837fda35c2820fL,0x942160f96db9709dL,
-        0xd5d5c0d1874cbdebL,0xf6985f955a058b33L,0x00000000000001a0L },
-      { 0xce8987ae2e31c2f3L,0xf46bc0faeb414481L,0xd6d762899fa9260bL,
-        0xbc302bed030e8a9bL,0xa520f637eba41851L,0x51304e88eecb96ffL,
-        0x41e7a0102072ad97L,0xf7bd7e56c4794837L,0x000000000000019bL } },
-    /* 40 << 392 */
-    { { 0xc2587d72e962529eL,0xd3dac5d00c872ab9L,0x44187663c75c725cL,
-        0x2e65d5ab3d496338L,0x01ca52de8b23156fL,0xa7ebba10d035e4ccL,
-        0xb99dfaa0e871449dL,0x6248c81952b0dd58L,0x00000000000001ddL },
-      { 0x304d544909a0b2b6L,0x193afec00bb26682L,0x00425a2bba188995L,
-        0xd4fc292d04bee432L,0xa56de92439190f47L,0x184b59fbac7e0841L,
-        0xb2462d3ed4c24d7dL,0x6df3cff0827e5144L,0x0000000000000053L } },
-    /* 41 << 392 */
-    { { 0x750a3237cd83b337L,0xfa69ee5897a42787L,0xf38484d92bcd0f21L,
-        0x727e6ceb1ed6eac1L,0x29cd75e4647cca9aL,0xcab25ca99b2e130dL,
-        0xd347c8ae544b56afL,0x236188fa97bbcf15L,0x000000000000016aL },
-      { 0xd353f1b2c35b0afdL,0x5f81b2112df1ee19L,0x3a17334ebfef60b2L,
-        0xf9c53718327923a6L,0xf7fb02d5bba0cddcL,0xaecae9e4533d5c93L,
-        0x3e46f95af2acd6b6L,0xd5e4a5b1aff88b82L,0x00000000000000dcL } },
-    /* 42 << 392 */
-    { { 0x836c879be603487cL,0xc176b372be67aeefL,0xb16c1c093916ed2cL,
-        0xa19f57d1b738de42L,0x19fcdaa9b53fd0d0L,0x4503028c6c65898fL,
-        0x068d459d2a6eba9dL,0x230f913208ae7045L,0x000000000000016aL },
-      { 0x3e3021c260587627L,0xb845066f0a548829L,0xeb7646754d68e59cL,
-        0x7c83af0ba57fd160L,0x41cbc6dd06cfd9b3L,0xa7c211a7c2ac70a7L,
-        0xa97550d867a3cebbL,0x805d0a4b3463d8b3L,0x0000000000000146L } },
-    /* 43 << 392 */
-    { { 0x255df4920aef0552L,0x94df45d226aa07b0L,0xaf376f26633252a5L,
-        0x8264ded59ce08ed0L,0x21195ce9e61e9dbdL,0x012afc4b431f8103L,
-        0xce45e41bb0d6a41bL,0x16dc53f7e44539f8L,0x0000000000000189L },
-      { 0xfe21cebd1fa28378L,0xb1e3d1f305fb6ff7L,0x39b11a3701779f3dL,
-        0x6cdeb0844103ef71L,0x63c18cbb4421b84fL,0x1b2b98a84c2217bdL,
-        0xa219ed87720f56deL,0xde0857ad049a4d99L,0x0000000000000082L } },
-    /* 44 << 392 */
-    { { 0x1d09b95369c3d17dL,0xa867a21dd4d01ba2L,0x9871762c3828b992L,
-        0xe3cda568f6da70c2L,0x68c327a254227c8bL,0xddd426509c5e4075L,
-        0xee64acb06241b455L,0x63ab87f677bf9d01L,0x00000000000001c3L },
-      { 0x94f1514cde039bafL,0x0eee405d1d6d7285L,0x221b6b65199243d9L,
-        0xe1ef5cd2e3b17599L,0xd2e0a39b3856f606L,0x920a00121b433750L,
-        0xd7daeaa074d9b72dL,0xcb1206d333ef5d80L,0x00000000000000e4L } },
-    /* 45 << 392 */
-    { { 0xd79bfda671b41f80L,0x4e2adbae09635317L,0xdd1e0c89d5137b55L,
-        0xac6035369d901bb6L,0xf7d994e2875b6bd0L,0x4493e365ac6726b5L,
-        0xcb1b9b1a021fd3bdL,0xa22ba13d4673338aL,0x000000000000018bL },
-      { 0x6d613468f89eb756L,0x8c13c6accaca507cL,0xb066bbb54f35674bL,
-        0x44f03d0c34fd9ee7L,0x44158ea1798b5c9eL,0x5c340cd7e85265edL,
-        0x69ffabc8a643874eL,0x4b84dc1fe1f23e59L,0x0000000000000145L } },
-    /* 46 << 392 */
-    { { 0xce3e4f6f3537a3b6L,0x2a548acae4be3890L,0x7d257a739c6f309fL,
-        0x517b74e62188a544L,0x92dc6544c008b28fL,0xcb56ac9408dd8b68L,
-        0xd9f11fe9935a4ae9L,0xad4d23a2a1dcf178L,0x000000000000006eL },
-      { 0x1498f1e4e17213f0L,0xd0519b28c758cd28L,0x22057e5f11edd1c3L,
-        0x533378fe26560bb4L,0x15a266a251beeb5fL,0x49d6d63b32a25673L,
-        0xdd62ccbdf0100cdbL,0x872a3d87c5eadae3L,0x0000000000000007L } },
-    /* 47 << 392 */
-    { { 0xb529a755894cd820L,0x7ac841f79aef3e4aL,0x2639532a82c12ceaL,
-        0xa107d5768457ba7dL,0x08cc2140624c6ce4L,0xc75a2afd83169cafL,
-        0x692f8acb9178032bL,0x8835d7e399fdab3eL,0x00000000000000f2L },
-      { 0xcf248e4d21fefeb0L,0x7a5d84be645aab81L,0xa1692e0b81b8aa2cL,
-        0x06c5eb427bb653f7L,0xda8e28a27c4d70c9L,0xf13e2010d45a9397L,
-        0xab9054ad78f1ab45L,0x80453fc864bc5f43L,0x00000000000001acL } },
-    /* 48 << 392 */
-    { { 0xf77afc9ec1f9124fL,0x010af17a5d958392L,0xa9aa7d55eeb66cb6L,
-        0xb41570ca816dea76L,0xb2138d58a983b39cL,0x0fd404cfcd6cbaa5L,
-        0x29c1f2fd40c224ccL,0x1e263cab99c23815L,0x00000000000000e0L },
-      { 0x371cd0937649d2ffL,0x7c79d3cc02038ff9L,0xef3261855ca5e1b9L,
-        0x1beb030be02c0478L,0x134d0c94f859fd4aL,0xa767faa5ee41b919L,
-        0x8d957aacd5d9e3c5L,0x4b1c1deb191fca35L,0x0000000000000175L } },
-    /* 49 << 392 */
-    { { 0xf5232405e8e50647L,0xb61e0f313bba4ef0L,0x0a5328116f05e31bL,
-        0xe3b1d72b683d197fL,0xbd55f76bb72d36f2L,0x2645e034ab6bfa34L,
-        0xd94ce3b970f52ddcL,0x83e891a2470c7338L,0x00000000000000ddL },
-      { 0xe53e6361797af474L,0x9d94b01e8e09f9f9L,0x8e23416db8099125L,
-        0x8f3abc4c8ef378a1L,0x0da6e3fef861c054L,0xe9d3638b203190feL,
-        0x5dce7db98c12ac92L,0x8dd8a61cb8335d65L,0x00000000000001aeL } },
-    /* 50 << 392 */
-    { { 0x0df313e10d732decL,0x0667dd1e5229a7a4L,0x78efd49555c31c0cL,
-        0x554c55303735e643L,0x3b29c30758c97feeL,0x7da349bf85e2c6f5L,
-        0x982f2be25cb9ce70L,0x39274c84c0441b24L,0x0000000000000100L },
-      { 0x77e9356c2307d25bL,0x2e81d63615ed7120L,0xa39ba7a3e3143227L,
-        0x153addc96bcece22L,0xdeebf6c01983ffb1L,0xb5f2d60e43d43f1dL,
-        0x8340038620d8e424L,0xd127aeddf6f0e03cL,0x0000000000000164L } },
-    /* 51 << 392 */
-    { { 0xdcf0cd6a73ccae26L,0x4e52859e04a8a411L,0x085570403909f6beL,
-        0x1aeb429cdd5f5f1fL,0x83c8410392fd6de9L,0x45a05c6efd051de2L,
-        0x334d659ab6a36a9eL,0x9775761ac86254bfL,0x00000000000001d0L },
-      { 0xbb498a7e7ef71b31L,0x54320c2a87a1a905L,0x308a31e5b01357e7L,
-        0x115312b91ec5af64L,0xe3add38ecaff60f0L,0xdd257d552ac78ec5L,
-        0x0e0b29616ac51787L,0xf7537bdd2f9e42fbL,0x0000000000000050L } },
-    /* 52 << 392 */
-    { { 0xb6018ff0078f7ff8L,0xc9a3c8112ae4ec18L,0x974c8b824dbc5b54L,
-        0x323120b429c8b8b7L,0x04c883d798439a31L,0x1ddaaccbbcd28a10L,
-        0xb22b548cb61251c6L,0x2cda48d6c6154ca5L,0x000000000000013aL },
-      { 0xe783d50d03857e72L,0x0cb1de54fe7e9d44L,0x608cd3398526e99fL,
-        0xb9d4ef4ec00cf265L,0x37c326a39eaef59cL,0x435851a4046d5b54L,
-        0xf4813c30147da907L,0xdb37c0b9ecfdd94dL,0x00000000000000f9L } },
-    /* 53 << 392 */
-    { { 0x9f97d529526acd82L,0xbea14de9698d81a8L,0x1da65dfe087fdd78L,
-        0x162991819e331cb6L,0x1770cd3351ed1f90L,0x2241947f48d1fff3L,
-        0x8048c4b872e59f7cL,0xd4c7c70884441c30L,0x00000000000000ffL },
-      { 0xcc713a4b9a697e4eL,0xa066a6de4c19b3dbL,0xab7c9dad5ca3148bL,
-        0x8806b0223699de2aL,0x8d2c17b13c648f2dL,0xc39af0f9a3d21b8cL,
-        0x91f94812fa66eebeL,0x74178170791cae62L,0x00000000000001dfL } },
-    /* 54 << 392 */
-    { { 0x60e7c5987a182f35L,0x60a81db4abc6a786L,0xa067c36017995827L,
-        0x4d1b77557880874dL,0x79a8c6235b3e98d0L,0x0301653a9ae9e287L,
-        0x32be063279f6a138L,0xf8d8c8ed410d08d5L,0x00000000000001b5L },
-      { 0x2b071af2a699c790L,0xa8d0fde78eae615cL,0x76c4cd7340ce53bfL,
-        0x7c36a3f742866824L,0x870e41145d8103bfL,0x1804432af7b9f5c6L,
-        0x755a6755da7a89f1L,0xed97487081c30af9L,0x00000000000000a1L } },
-    /* 55 << 392 */
-    { { 0xc713ff085d801301L,0xf291ca368d9b4f05L,0xb3705a12e497df3bL,
-        0x375e1513870fa5afL,0x1bedb38c4d5d9664L,0x418429ed114386c5L,
-        0x7e3be1187561f279L,0xc7253d1a4481b482L,0x00000000000001b8L },
-      { 0xf5ab88cab54466aeL,0x2dae1aa5a2485564L,0x1c5fb396c500fd73L,
-        0x056e87292af65306L,0xb7b4568100a94c1cL,0xd6401f60194f2a01L,
-        0x526b81492fad156bL,0xa59af828a8705811L,0x0000000000000115L } },
-    /* 56 << 392 */
-    { { 0x7ff87b1828b89234L,0x575b28532190da3bL,0x6cb04cf22920f908L,
-        0xe32b0d0ea76a9361L,0x027f1c53b013a013L,0x77e8e27c2aaf2e7fL,
-        0x3893cb0fa11e5652L,0xb166780751a15388L,0x0000000000000185L },
-      { 0x25c5deff91ed25b2L,0x08e728a029e55ce0L,0x7b1d2010d66015ceL,
-        0x73f667cefeb85d6cL,0x9f9d44e01d9437eeL,0x67a6af17f0ca5a45L,
-        0x187111cc3ef07297L,0xfb461da6e1bf1374L,0x000000000000011cL } },
-    /* 57 << 392 */
-    { { 0x8bca57126c0c1111L,0x3c2a9c8f3987bdfcL,0x195b1886f65f43a6L,
-        0x5edb9cbca9a638d2L,0x1431220ace7b35feL,0x67d81dc8b9c9e116L,
-        0xa7ac26bb4fd8d442L,0x36ed9544c1404219L,0x00000000000000cfL },
-      { 0xe7d51488f0454b54L,0x116abfb6322e62ddL,0xb1f5e4f6001cdbf0L,
-        0x9bd7a0abcd63aeaeL,0x47c74ae592cdc9cbL,0x227b9e3eca320f47L,
-        0xfa2f9090db249cf3L,0x5b61134f5b7d7aeeL,0x0000000000000185L } },
-    /* 58 << 392 */
-    { { 0x43f9e01159567749L,0xa8d74c0c892a23d2L,0xa2a6b93c4bf3e620L,
-        0xd89ed75630144479L,0xe5959b544c80c6bcL,0xa347e101c7491d8fL,
-        0x4c15de92a7b7e26fL,0x6abeeb069eb0ff29L,0x000000000000012eL },
-      { 0x5140f873047e9fd5L,0x95b33ace83629d83L,0xbf2e419db7778fc5L,
-        0x6312ed5f27390d18L,0x786b21f5b52a1899L,0x440713779eba3860L,
-        0x4a5c36d9bf4ba461L,0xe456c1a900bda888L,0x0000000000000157L } },
-    /* 59 << 392 */
-    { { 0x1447b2045e0c66c3L,0x29de6f26ef30a205L,0xde1a4c88ce42e500L,
-        0x5e3b0fd1142dc812L,0xa09c32a50c08edb8L,0xff98ab9bee677bebL,
-        0xfe7f349438e3e89aL,0xc8cdfca112d9eb21L,0x00000000000000a3L },
-      { 0x08002f8e769eaac4L,0x4e6619127e091da0L,0x4f251942d82a7ee4L,
-        0x04224eebaddda269L,0x52263b35de1b38faL,0xa5bf36c7afeb716eL,
-        0x37a49608b7bed189L,0x6adfba3c0e29dfa1L,0x00000000000001bfL } },
-    /* 60 << 392 */
-    { { 0x40081916318060c8L,0xa156d0f0ba050c4bL,0x8dc9db0e2b261fa1L,
-        0x68193be8df24d4d3L,0xbbe73d7801ab2aefL,0x0b5476e951f96cf0L,
-        0x596e6ffcb23a6db3L,0x19c3aa46328c3923L,0x0000000000000125L },
-      { 0x4dd42ff66a2f1ee0L,0xf18649df63cbc446L,0xcc5e8e48ad36c42dL,
-        0xb5d4fa7bbea9ed49L,0xe416534f32b06489L,0x94451bdceeb06919L,
-        0x7ce63f1bda8c40e5L,0x7c5eb653de02e8bcL,0x0000000000000166L } },
-    /* 61 << 392 */
-    { { 0x2b1881b9ddf7ab7fL,0x273489fcd43adb7cL,0x4f3bced12fe87555L,
-        0x67ce19731b543d67L,0x7eb827d4fb21a673L,0x2c874f363c90ce65L,
-        0x63771809ae3661f0L,0x25e81e55185e86efL,0x00000000000000d4L },
-      { 0x75cb5647a9b46abaL,0xe2d43a0498398ae2L,0x082e5804f8448dd1L,
-        0xb6b5fbf01effa351L,0x8b4e95a375ee0d01L,0x06330f8cd78e5cfcL,
-        0xbcc0fb586ad576ecL,0xc22b7b8e85b758baL,0x000000000000010bL } },
-    /* 62 << 392 */
-    { { 0xdc394f862b10c060L,0x7f3635c2f1d68dd6L,0x3b34936258a2aefcL,
-        0x588c1a8631e77678L,0x6b1049c678fc729dL,0x45a9ba71868947e0L,
-        0xe9942ba2cca46979L,0x3d7cb195075f93c6L,0x0000000000000038L },
-      { 0x33d8da16edb3b71fL,0x42573533d151ca7dL,0xb104ef742e4faffdL,
-        0x3f9371862391eaa9L,0xa30cd9a391847e30L,0x9f51fc0894616135L,
-        0x62f836fed3dfb130L,0x8ded8ab1d7469a7bL,0x00000000000001f1L } },
-    /* 63 << 392 */
-    { { 0x1d872ee0919b82d0L,0xbb4d27900009b3eeL,0x3b7329e978baf440L,
-        0x8263e55cb963f90aL,0xdbc7ce8a45acfd70L,0xbab362ce2b929345L,
-        0x9c781d6df934b89dL,0x15e751c458e6ccb7L,0x0000000000000075L },
-      { 0x96c9fc5853add358L,0xf7cecd0bdb680749L,0x65ebb93796cf3096L,
-        0x87a7f1a067509825L,0x5425deef814d4898L,0x654213dbde0f2f8fL,
-        0x958c4db48148c6f8L,0xa910a27703d86f8bL,0x0000000000000141L } },
-    /* 64 << 392 */
-    { { 0x1379b176e80649c8L,0xaa0c2dc8b7fdb132L,0x3f3050ef1134ffd2L,
-        0x28d4e288d4a76f0cL,0x22ca05f7cd9b7f91L,0x9174bee06e7b9ee5L,
-        0xc0ddc6356b341cb3L,0x1cd07d05eea9da0eL,0x00000000000000bdL },
-      { 0x423ec36bbbaa1df4L,0x33ccc8ade74c741eL,0x598d466249b5cd06L,
-        0xd8bfc7e58fa121cbL,0x2cbe86b991bec4baL,0xbf1fe841e8453f40L,
-        0xa35ff85d392592b5L,0x8de9f3df9c5807b2L,0x00000000000000fcL } },
-    /* 0 << 399 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 399 */
-    { { 0x40f66d1915b26e6aL,0xfd654e8a64400d78L,0xe408365366ad9de7L,
-        0xa64ca69b686c1b2eL,0x698749ffa80066e2L,0x197528a4b76196c5L,
-        0x2bcfcf647bf835dfL,0x1a83fe8460e478bfL,0x0000000000000020L },
-      { 0x948f3e0ac46d1075L,0x3ccd3dc1e5c05fcfL,0x11b825b26414eb04L,
-        0x2b7a9a5521e3f864L,0x2a24f5706daba159L,0x51900d4ade3eb61eL,
-        0xaddc9096a6a6766bL,0x357eabf9e9dc3b6bL,0x000000000000007cL } },
-    /* 2 << 399 */
-    { { 0xf5c1a4c690185363L,0x15f58fd920c04ed5L,0xa7b46e0ce913a1b2L,
-        0x1e7167c636f1d8c5L,0xf4fe6bfebf5fcfb1L,0xc46faf10a6c2027bL,
-        0x45d593004e1f12f4L,0x46bcc87312185485L,0x00000000000000caL },
-      { 0x7c5180716432c12bL,0xb7e004ad90ae7556L,0xdf847160d8532693L,
-        0x4d8c7b8aa18b3802L,0x90e2504596872af8L,0xe69d4894aecb6fadL,
-        0x6ddaa06c17d0fe85L,0x49f1a466340c3528L,0x00000000000000d9L } },
-    /* 3 << 399 */
-    { { 0xc6994861edb77a32L,0xc0f2710e201b6740L,0x11783a64ccf36bb4L,
-        0x1630e8ffe0b5e3f2L,0xd2491b8b26aad4b6L,0x3256836112f7b4b7L,
-        0x99a8959b60726313L,0x3cec4f7d4a40d4b4L,0x000000000000011fL },
-      { 0x47cbbf961233c171L,0x1ea33d4222a94a13L,0xb5d248d864606917L,
-        0x6a7bb04e94261f36L,0x701e50e4b981ece8L,0x8d98d5f9f1f36171L,
-        0x13e58d4a2fb6d9e1L,0x9c02d71bdbf4e167L,0x00000000000000a6L } },
-    /* 4 << 399 */
-    { { 0x64782a476da18f9eL,0xb89e0b654a496e02L,0x437a49f6501c3a88L,
-        0xae9ea08748a19f6eL,0xa787948b346d2069L,0xa6b9a3f1532eed3dL,
-        0x728ab35e8ad26937L,0x3cf24801041f4f43L,0x00000000000001b0L },
-      { 0x5e272327cbbab58eL,0xe4a3c5f9f8705ffbL,0x2edc1c8eedd26ee4L,
-        0x1bd46ff5f26d033fL,0xcc566431d87192fcL,0x03c7e40611764c8aL,
-        0xebb80e34882a69abL,0x7a7f694361a08d84L,0x000000000000011eL } },
-    /* 5 << 399 */
-    { { 0xd0861f01b67232e5L,0x3205675cbdf5cb99L,0x2a44e3cf1cfea92bL,
-        0x1eb229f3cd5c6e38L,0x81f6ebd18862b582L,0x352be0bf4d434531L,
-        0xc8516209d530e407L,0x4f591cd009b02235L,0x00000000000001a0L },
-      { 0x8b5483211f7e7b7cL,0x566ba99cc0ef1651L,0x3c01398da82de656L,
-        0x91efd970cc222c87L,0x5dbe62201a5c5157L,0x777a9fa3a2c60991L,
-        0xe77e3a4db85f488bL,0xdfb3c629f1b3b74dL,0x0000000000000057L } },
-    /* 6 << 399 */
-    { { 0x68f4a4e058b77137L,0xd8a34e67f12f5bbfL,0x1781240f1e0619c2L,
-        0x44495373498328bdL,0x98e9f61a545b7d41L,0x767db401602a0c48L,
-        0xe138e5e8806301deL,0x65a3883b4b21aa89L,0x000000000000012dL },
-      { 0x647b00780423fe94L,0x424f483ffd276310L,0xaca222fbd6a06303L,
-        0x47162acbffa52c17L,0x7ae0c5019de267feL,0x998dc9bb667a30c8L,
-        0x988cf192af48c727L,0x0a270986dfa23a3fL,0x00000000000001fcL } },
-    /* 7 << 399 */
-    { { 0xc0de0a4647a483d7L,0x0946aa731afeca92L,0x2c67c9fb91e66640L,
-        0xf3b518e6ebd0a936L,0x8eb8587c263a1c1dL,0x900d28a75c6581b5L,
-        0x50591d7a71723e84L,0x47f2689834a99ff8L,0x000000000000016eL },
-      { 0x52fa5964e25d2f04L,0x0e347f610f4fb57eL,0x4bef23dcbdeed9f3L,
-        0x212f5df4432fedd3L,0xde891c950211bb33L,0x13ed4284567558bdL,
-        0xa113c3552c283e9fL,0xa06260f73e48dd8bL,0x000000000000003cL } },
-    /* 8 << 399 */
-    { { 0x5c9209c1c4646439L,0xceb6698586c5d6bdL,0xa5f5225829e415b4L,
-        0x18fff2c1e95d2a27L,0x21d464f1be40c8d9L,0x11b4696e059828cfL,
-        0x5c1f73c570f76aecL,0x6019fadb273e3f5bL,0x000000000000012cL },
-      { 0x6d1ff5913eefab44L,0xf913524cba2986b4L,0x96fc0b7a290dcf2aL,
-        0xf9e7ab52061df2a2L,0x66401173d47330a6L,0xff2aca188b9f749fL,
-        0x8d4ac80f1ab42ac3L,0x10ec329ea1378039L,0x00000000000001aaL } },
-    /* 9 << 399 */
-    { { 0xc06dc058c4f1cb73L,0x739370439ab6fb16L,0xb663bdf55f7fa374L,
-        0x8f5e3b3839fa047cL,0xf517fb9ad860a576L,0xcb414b9bd755537fL,
-        0xe86864ea508a12c8L,0x49a663b4cdaab9daL,0x0000000000000029L },
-      { 0x9e4da7f330251bfaL,0xb084b69fac60f268L,0x15b981fb93903a9cL,
-        0xa6905f206dcadc57L,0x81e961cf5050b9b0L,0xc583b4e4f6646d47L,
-        0xe30e25dcfbc96082L,0x8c92e5d8f0b0ffc1L,0x000000000000000dL } },
-    /* 10 << 399 */
-    { { 0xa5fc51ef9c1d86ccL,0x66a9b8980b3faad3L,0x96c73c2521d124edL,
-        0x392440db050626ceL,0x02bfb1ac50a4a12aL,0xc70a30741742ddddL,
-        0xf1f9daa647fe811dL,0xd4baa6b1fb3ce6ccL,0x000000000000016eL },
-      { 0x09042d7509d96ce7L,0x4c92ce693315f77aL,0x4992b1f9a9c0d9f6L,
-        0x7c0ffbacd18ec980L,0x53d205dca008ab38L,0xf0a098f7c908481dL,
-        0x2bffd3630ba397beL,0xca36e99f49003f86L,0x00000000000000a2L } },
-    /* 11 << 399 */
-    { { 0xd239593542d95daaL,0xdcda6a94ea334140L,0x9c27790794a62966L,
-        0xc61b5734f86dfd3eL,0xd943aea70796fd19L,0xaca22cf206f55e66L,
-        0x55372159c0b75487L,0xc7b6b1d2d1244fdcL,0x00000000000001e3L },
-      { 0x13f187feb3b5b131L,0x8620e1362bcd4cccL,0xe68718297f061f4fL,
-        0xcb04eeb2f4a85e13L,0x4a93fccba0f352beL,0xe2ecabd9b9d84a8dL,
-        0x7183cdc20b9058d5L,0xbf25cd935d8dda50L,0x0000000000000168L } },
-    /* 12 << 399 */
-    { { 0xa074fdb7be4badb6L,0x97b054950df5f046L,0x5a3f64e4eac3a8b1L,
-        0xafc5e0132971faa1L,0xe6d4ae36568e4a3aL,0xeb0324bb97479a2aL,
-        0x2dcaf3d866a2c69bL,0x9f9b5551813f21eeL,0x00000000000000fdL },
-      { 0xea8f05c8a13d686cL,0xf27edb763bdbd1deL,0xb2e5fd405c65b0f4L,
-        0x5e959c016cbd964fL,0x02ccb301dbc193a1L,0x34ca7ed9013b972dL,
-        0x7191cd287ede3f2fL,0x1d07f45798bf4e0cL,0x0000000000000057L } },
-    /* 13 << 399 */
-    { { 0xe0b1685c5ebfc951L,0xa517e7a232c59513L,0x9a6282865780ed11L,
-        0x499d70c775533b55L,0x593ee20b020f6027L,0x63a5ee05f683a38dL,
-        0xf672f073150476ecL,0x621c8f9616caa574L,0x0000000000000094L },
-      { 0xf0da17c319bf3540L,0x77043ebd6e05c870L,0xf32446b727a4416aL,
-        0x2ef699c612d04df5L,0xdd3cfd1f324cbf7eL,0x0171a41f631b06ceL,
-        0xd12b01852e95d511L,0x043cb48ffd0c0078L,0x0000000000000174L } },
-    /* 14 << 399 */
-    { { 0x284e98f320f12986L,0x3112bf24749ea8d5L,0x5fc7a2c42782914dL,
-        0xb2f7c229d94786afL,0x4b17bcaec7158280L,0xa139d563e6189a46L,
-        0x9c72e9c583cc9173L,0x5cd5a6a0be56b6a8L,0x00000000000001a5L },
-      { 0x51f0e802235a8051L,0x153dc987c4c5fb7cL,0xb549e9c79868a706L,
-        0x717390089bdf5c1fL,0x0d04f60cccbec99bL,0xde66c9617f4bd294L,
-        0xa787d95e51156724L,0x7ce4b4a5ae12b9b3L,0x0000000000000091L } },
-    /* 15 << 399 */
-    { { 0xbcb9c82f32d7d93bL,0x1bfdfba7dce386e9L,0xc05d039a3f8b5ca9L,
-        0x58c78e8e299b0f53L,0x1baa1781e60cbd19L,0x8fb6ae0db0eeb838L,
-        0xf26dfec46483aeedL,0x01b7456091303d67L,0x00000000000000ccL },
-      { 0x39567f445ceae83dL,0x9a407eacf43d8eabL,0x361a32025ab1a391L,
-        0x1c532e29d43e2092L,0x558d4fb789f04a1eL,0x0fe9497d2017914aL,
-        0xe96b05380171fd50L,0xc9b0b3ffeff1c1d7L,0x0000000000000044L } },
-    /* 16 << 399 */
-    { { 0xe7f35808fb6618bdL,0x6abb67e1732ef576L,0xaccabb44cd0bfd8aL,
-        0x176ffa9183459746L,0xcc12958585b88b2aL,0x28d94486fff151ceL,
-        0xf55fca164c84bb00L,0x07cbc8419c3a42b6L,0x00000000000000c6L },
-      { 0x488400d078788c39L,0x15ebb100d8eb1fdcL,0x58decae3bdc05f72L,
-        0x3bfda4a75d56a2cfL,0x7ea3f8ec5ae6701eL,0x652e7e0b3aaacab3L,
-        0x267d275228609228L,0x52ddc983912efd7eL,0x0000000000000029L } },
-    /* 17 << 399 */
-    { { 0x4a33ff03ff5fa227L,0x12b266a45dfb4bb5L,0x18ad0812a77d3789L,
-        0x316275f3135e8b73L,0xb8aeba2e1aaaa211L,0x30578d2fb9d962a9L,
-        0xf8b00f02cb534bc9L,0xb935149cdf535572L,0x00000000000000a4L },
-      { 0xf8d93fe1793528c0L,0xea0a5bcdaa631367L,0x7a221948dfb0e4e5L,
-        0xeab2e52a857da8f2L,0x80f72c632657a647L,0x24118aa3a1509961L,
-        0x1131400950388917L,0x9ff6d9f6a085a80aL,0x000000000000006cL } },
-    /* 18 << 399 */
-    { { 0x0ce0f89f0356ef50L,0xd8cdf51e37f24a9aL,0xd0720e9bd237fd55L,
-        0x20b75973aeb71292L,0x0d6efb23e42b2758L,0x0fcbdd568721aecaL,
-        0x11658ce90fda8ae5L,0x23a4d576700782d9L,0x00000000000001acL },
-      { 0x77fc6f2f903bb623L,0x36710ba75b2a0237L,0x4ea518d1d55a12f4L,
-        0x0c0509e14c95dee0L,0x67e240784bf6c59fL,0xa9bd12b5c925e26fL,
-        0x5865b6c38fabdba8L,0xc6e3433b33b34605L,0x0000000000000101L } },
-    /* 19 << 399 */
-    { { 0x273d761d557caec5L,0xd8de3470242043c4L,0xfc9eec9d6293eef2L,
-        0xa671ef1786203aafL,0xf38b26fe7f44eb34L,0x40c0286ed1ecc573L,
-        0x3ebb5cf5dc14b363L,0x5b2c33762e1dfe45L,0x00000000000001b1L },
-      { 0x836149c9bd11c412L,0x49c3837653342417L,0x4c93a91757fa625dL,
-        0x529ab0965445be81L,0xd172a7c5803a04c3L,0x0c47e6b365873d1bL,
-        0xdcb189bda095bddeL,0x9bc935372caf25cfL,0x0000000000000071L } },
-    /* 20 << 399 */
-    { { 0x8287592e80c0e648L,0x79cfe5b529ce1a05L,0xbc2ed6c732859038L,
-        0x076334f7af367139L,0xe13e55593a592211L,0x94d5548847f87368L,
-        0x15d99113a2f1b6f2L,0x2bc0ebe9ff79885cL,0x0000000000000171L },
-      { 0x68eedbb2ae127d70L,0xadf3485597ae5d0bL,0x02e40ba8d1f6dc0cL,
-        0x46cf4b8f3e7a23c4L,0x111958025626c5cdL,0xde32666e1c728ee6L,
-        0x2c594c77bf2d8b70L,0x3dcf58bb1469bbd0L,0x00000000000001cbL } },
-    /* 21 << 399 */
-    { { 0x7b9d09c5567ced39L,0xf2c277bc10de6fecL,0xd48b924b423b4942L,
-        0x21f49c8bb147ebacL,0x45ce05f0003eef62L,0x291f77ada2b01ea3L,
-        0x754bbb867bf14c9dL,0x2abeb1fedb8f0b77L,0x0000000000000115L },
-      { 0x8de7419c48073c55L,0x540008c26fbb1768L,0x579ae6d9610d5a83L,
-        0x7c2f90d43ca9c514L,0xf5bb5df4e078dcfdL,0x02cec780eae4e114L,
-        0x5c4d230feb0c66f8L,0xce73ffc6c28bf3d5L,0x000000000000005fL } },
-    /* 22 << 399 */
-    { { 0x548235d6da309336L,0xdc058555d0ce4b03L,0x8103a260117d9fb1L,
-        0x7aac6ea7962fbeaeL,0xdf219bc75f9f7c6fL,0xdb529bd239755a22L,
-        0x7b68e00472676f34L,0x99590caac5011f75L,0x0000000000000027L },
-      { 0x8b591dde80e9bfe7L,0x510daa29259b4046L,0xa6f4c61f41cfdbd2L,
-        0x6934a20ef175b862L,0x2a73244068cd3951L,0xcf3ca559d119730aL,
-        0xb8aa2298df77ebfaL,0x8b85cd46f78ece91L,0x000000000000015cL } },
-    /* 23 << 399 */
-    { { 0x6f71753a499b06afL,0xe9d09e3f7221545bL,0x366a725173e4aa15L,
-        0x1cf56688a241d729L,0x45f261b6b7beb74bL,0xb17277cd0d48498fL,
-        0x7009afd203d67414L,0x26ebcdc5e9405ce7L,0x000000000000004aL },
-      { 0xc72b4a31cf1b5cadL,0x047ec0b68676686cL,0x3485799fc8b8098bL,
-        0x62a31effc762e262L,0xf1402ccb07ea3b86L,0x6138f07fd91931f0L,
-        0xa1b2834870baec3eL,0xe8735d8406e9de6bL,0x00000000000000d5L } },
-    /* 24 << 399 */
-    { { 0x5419ed9ae06fb3cfL,0xb454c6fb8e703ea5L,0x9670af86ac4c2649L,
-        0x365e43f40db43887L,0x1ada3d8f00c320b4L,0x1d00cbe5aaffe3d9L,
-        0x1e99987d211142b4L,0xb98381f79cb8bb86L,0x00000000000001bcL },
-      { 0xdd2388378b1718b2L,0xa8cb957e532daa33L,0x20a55f673b041a83L,
-        0x973207121b075250L,0x5a70aa65b7ef4b51L,0xa33056613865f77fL,
-        0x96bd1a89bd8a4303L,0x507d7779fdc197c0L,0x0000000000000048L } },
-    /* 25 << 399 */
-    { { 0x1fa5ad1177a5fbecL,0x8c566037b8b5655bL,0x52848f491321baecL,
-        0x8305e20227f02ff4L,0xedada23bc276f11dL,0xba94317f8acd1abdL,
-        0x8b125970e3edbcfaL,0x75e021d50f5643c8L,0x0000000000000042L },
-      { 0x9ed9e1e313be597eL,0xe271c2a6b74be691L,0xe249fdff2e52b57dL,
-        0xae84ab19d18031b9L,0x7135760af49f27f3L,0x3c4775cc1cc28c5fL,
-        0x49165948fdf0f394L,0xee56522b240d7f13L,0x00000000000000e3L } },
-    /* 26 << 399 */
-    { { 0x16aad8d873f397e2L,0x8cda09d440bb988bL,0xe351cd2da881cd6dL,
-        0xb92fdda9c9a6fd41L,0x2298efad3932267aL,0x76546625a099bb25L,
-        0xdc48a34858230b71L,0xd98ecaccc6ed085bL,0x0000000000000107L },
-      { 0xe3bd2de5dc95f5d1L,0xb890da1f2e2c2366L,0x7c6226a1c4f26cc0L,
-        0xfc1f77bf00356c62L,0x0c8e11f7d87ee6f9L,0x84cc68aa0af9a4a1L,
-        0x70eb714ace01ea76L,0xdc9e3c696ecdbdc4L,0x00000000000001faL } },
-    /* 27 << 399 */
-    { { 0xd3eba8f103dc76a9L,0x92dcb80109d7c9f2L,0x09a3edfb224325ddL,
-        0x78d9b818c87e4b16L,0xbe607e9788d33a3cL,0xdf01263e152e6cf7L,
-        0x49fd31ccb308c83cL,0xed94b658d68d6a82L,0x0000000000000161L },
-      { 0xbaad071e181669a3L,0x5f2e0a1dd54676d3L,0x96ea8e3e4a9ae061L,
-        0x0d2e0ee8ba5bf8faL,0xc1892fe007bb010fL,0xa538bead73632f75L,
-        0x6d794924378c2631L,0xa7c065460205723aL,0x0000000000000185L } },
-    /* 28 << 399 */
-    { { 0xc7f26a2fd5434124L,0x7629d62516380451L,0x8513932307858144L,
-        0xfa1d44bd4627a0a0L,0xebd1be26b90a996bL,0x57baf49237f94e07L,
-        0xabe9cf16d5ee67b3L,0x5ab3cb065fce9c53L,0x00000000000000c0L },
-      { 0x38a153713faee0a0L,0xfc98c0dfa1142d0cL,0x9320556353001436L,
-        0x73acbb7da63e615bL,0x8204c993414da94bL,0x2fd26bc2e8622aebL,
-        0x86a1eb1826467b86L,0xca554d782bd1a581L,0x0000000000000044L } },
-    /* 29 << 399 */
-    { { 0xe33762396cdd9921L,0x4398b198c6386361L,0x05002343551040a8L,
-        0x0a82fca0be2ad7bbL,0x727e2d5f3c1acb10L,0xfcb0c12d4af46347L,
-        0x01782a40ea661ccbL,0x6f1f3e45a49bea1cL,0x0000000000000123L },
-      { 0x3ee55592961c0cf4L,0x15cb90c37c19abf7L,0xad4e930d2ee5a6a0L,
-        0x75b054aa3fa249ecL,0xcea656d85d005c47L,0xcab95ea1be507dbcL,
-        0xda131e43dddfa969L,0xd508e708dfc6e136L,0x0000000000000149L } },
-    /* 30 << 399 */
-    { { 0x01fd929d48d5f1fbL,0x5fb11462724ad844L,0x29442573707ace9eL,
-        0x38b790bcdef7dbd1L,0xb33eef7dd77c1c89L,0x952246e9f8b1403cL,
-        0x11ab7ec0e78d9efeL,0x538af4c702c22634L,0x00000000000000aaL },
-      { 0x3827660d04c6eb59L,0x62a02de83cd9597bL,0x57fa76f246ece58bL,
-        0x03b9fb533c21145eL,0x9e04ec45fa60662dL,0xc28cc184944a4a44L,
-        0xf26c1df341ff380bL,0x6d48b57c13c7f613L,0x00000000000000d1L } },
-    /* 31 << 399 */
-    { { 0x971d5a7b786009e9L,0x846c3469783fdd9aL,0xd9a307cfb335a7b2L,
-        0xd583b59ef86adb9eL,0x17dbcbe05b432839L,0xc67e7b0a35c6d202L,
-        0xc617810a0d50e1daL,0x9c291e5b64bfda1aL,0x0000000000000129L },
-      { 0xcf6a1382ee444a83L,0x073decbf249c2c46L,0x974ad0d3b59b9474L,
-        0xbfc44aa8440132b1L,0x9f959f7d692ea2ceL,0x6653be0fc93ef496L,
-        0x8ed05d4c0b087a60L,0xdcc0c8ba573f0e2eL,0x0000000000000080L } },
-    /* 32 << 399 */
-    { { 0xfed9b067e2eca03cL,0x34ff6f2aeb3230b2L,0xda83b96a31bc82beL,
-        0x3b138d2ccc89c862L,0xf4a27aeeebd59505L,0x29df153a8bb49ddaL,
-        0x2dffec4650a555baL,0xc899108d0fec5d80L,0x00000000000000bfL },
-      { 0xc834e65988da1a0fL,0xb9bfba08eebe47a8L,0xf59d33937b3a2b73L,
-        0xffc7cb5d8decf4e4L,0x72477dd583dc5f4eL,0x0a59e11e43ac64ebL,
-        0xda8aa16ccb10a6abL,0xe571ec8c3759c37cL,0x0000000000000047L } },
-    /* 33 << 399 */
-    { { 0x2890f4b93d32bc1cL,0xf4e8332ac455d6e5L,0x7b1523c8c4d7c367L,
-        0xd5006acba60d5778L,0xf958872021f34b5dL,0x8c36c23628d1d74fL,
-        0xdd2ad5092d0b0f17L,0x1a895017b66a2e02L,0x000000000000014cL },
-      { 0xfe2eb1a11d8ec07eL,0x7d755399215e9267L,0x3cf9b914891f82b5L,
-        0x0a77198f79aeb59dL,0xd71d06ce0acc8e55L,0x911f149d3b3c4c20L,
-        0x86f130115d124fe4L,0x6972ef3ede4f5d98L,0x0000000000000084L } },
-    /* 34 << 399 */
-    { { 0x57459abcecbf10acL,0x2d399838f2c3c306L,0x6467c2753f9b1181L,
-        0x58edac9c040e0722L,0x80cb5d10f23a50c7L,0x6db0315b304aab12L,
-        0x7b662c951cbc56faL,0x421b1f244eaa55d6L,0x000000000000019aL },
-      { 0x0bd62b3f5c87fd33L,0xf309039dd7b12051L,0x155dee7fff9da505L,
-        0x66ed5fe9e35d68fbL,0x5b9829227cd99f55L,0x1de7e5f1cebe48cfL,
-        0x44308df3b0e2e114L,0xb2e026d92735bc27L,0x00000000000000d8L } },
-    /* 35 << 399 */
-    { { 0xa0f27eff25c2b290L,0x5496d39c3c7b110fL,0x96d99f277f278d2fL,
-        0xc73da2d2f5de1a83L,0x77ad34919fe0a789L,0xa2a7bdc8f2e23c14L,
-        0xbc162cebd10ff276L,0xdea043e2ce028697L,0x0000000000000121L },
-      { 0x909a4e1aa11a8d73L,0x985baa0e46b89908L,0x2054d790ac720559L,
-        0xb6b4e53a1f8067faL,0x39b49b6b1e143560L,0xe96e6562581d42e0L,
-        0x7a540841b920ef30L,0x34edae19ff2eccb2L,0x0000000000000196L } },
-    /* 36 << 399 */
-    { { 0xf4c48d376d17d9b5L,0x714b38acd9b7c9e8L,0xb332763c8e59bd23L,
-        0x704ec12ed64f9bc6L,0xef738ab2c472c08eL,0x39d182692313abb9L,
-        0x64b05426cd80c265L,0x0dc6c228345afb94L,0x00000000000001d2L },
-      { 0x7d51410b7a9c096aL,0x3acb41805f7d6f9aL,0x10559f44ecd13fc8L,
-        0xfa6f5288446a07cbL,0x2799b503ded0e010L,0xdc865f094fad1e65L,
-        0xf1de127e0e77baffL,0x25f090228bad6efcL,0x0000000000000198L } },
-    /* 37 << 399 */
-    { { 0x6e9dad7a10b10723L,0x4528b97a9561e0a4L,0xf6ce779cef7aa977L,
-        0xd0a07355c09f82f6L,0xa519f70c6f5a96aaL,0x09917e5a0aa6d4ceL,
-        0x261a96d028994835L,0x28e78eb2ec9a5868L,0x00000000000001e3L },
-      { 0x60efc88871882100L,0x795ce82f5fe4b377L,0x8e805c686f587d64L,
-        0x3cd8bb97cae577abL,0xdfa751c31d8417c8L,0x940341deec17e1b7L,
-        0x3e87a1fc1135e1a0L,0x94f8a8931cbee12dL,0x00000000000001c3L } },
-    /* 38 << 399 */
-    { { 0xf257b5cd9cec713fL,0x928b215a0356f001L,0xb2c44dd22b0a2d42L,
-        0x62055ba191c318deL,0x0e298611dfc58d1eL,0x8840d79c383da28cL,
-        0x324e3dcfb18554bfL,0xea84bee97fabced0L,0x0000000000000041L },
-      { 0xafef969437baed5eL,0xc04bdf2c2f5a6cfaL,0xf75197c07eb37653L,
-        0xe5b011b029cdd976L,0x1f41be962c254ae4L,0xcc771ab718829595L,
-        0xd1215bef12f64b06L,0x5e970494117f72fdL,0x000000000000016bL } },
-    /* 39 << 399 */
-    { { 0x83bb6de40bcda6cbL,0x90f2fbdc1e5fb277L,0x0f6f3261119a1e8dL,
-        0x7f6434f8dc73b93aL,0x8a1b958a9158b9c6L,0x43fb60a45ce9133bL,
-        0x9bd5bb0284d86dc4L,0x1e3a7ca06872b101L,0x00000000000000bcL },
-      { 0x8d2d115f230c41bfL,0x1e7df5d4916b43b7L,0x3815b3c724d94d99L,
-        0xb463eb11ef11894dL,0xccf7ca983c63af75L,0x0bffd871dbaac87eL,
-        0x267db8678dbe5699L,0xfe97d927bf6cff8bL,0x000000000000000eL } },
-    /* 40 << 399 */
-    { { 0xe32ddade157a2ae6L,0xcfc8bf7c0e6e08e9L,0x35f750f3bc2e3f23L,
-        0xbfa297a200d897acL,0xf3283590b52421c5L,0x1f2b851222bf59afL,
-        0x7f63809d62e5d037L,0xc33dc13581ee5e5eL,0x0000000000000022L },
-      { 0x04b006db4bff94b5L,0x373fdb9ab2cee9beL,0x39e63eb4cb8d9886L,
-        0x4b371662202592c1L,0x1f5f94a4f6935600L,0x6f7103c47eefd53cL,
-        0x0db5f837a02bf79fL,0x29cb566178a72ceaL,0x000000000000004cL } },
-    /* 41 << 399 */
-    { { 0x34338894e3f3888fL,0xcd26ba945a0ca66bL,0xef170a1c666f902bL,
-        0x34f0dd0554012d0fL,0x4c8744603ff21e0dL,0xfdfa53e5f2384339L,
-        0xdd11e707557da25aL,0x9cdc67f0075996ebL,0x000000000000009dL },
-      { 0xbe8e6f5910ed53a7L,0xcee1132182822051L,0x3bc4f5f9b57cdbe0L,
-        0xa83b5947d318ec78L,0xc841ef967a0a6d8bL,0x689ee84e011639c6L,
-        0xf07f99d813ee15cfL,0xc49549ad5a0ea35bL,0x00000000000001b8L } },
-    /* 42 << 399 */
-    { { 0x4f2333e5efc1df8cL,0xbd1683fbcf67e9a5L,0x8c867003532ed940L,
-        0x8178b176f39d6717L,0x789e5a65e8865f2fL,0xa288918433099d45L,
-        0x136d38ce4d8936faL,0x3920c375950ac39bL,0x000000000000005fL },
-      { 0x33bcf75a182da275L,0x3b42095667577d3aL,0xe6dd20f8f6767c3aL,
-        0x8dab007359b27062L,0x5186bec68f34af3cL,0xf084043d42d72626L,
-        0x50fbd81a90cd4665L,0xb932207e385b29f3L,0x00000000000000ccL } },
-    /* 43 << 399 */
-    { { 0x3e2481ddcca46795L,0x2ad212182d2f1511L,0xe81633a7aea3821bL,
-        0x60ed6123ca636678L,0x2af841042b8c035eL,0xe4c0875e9f7cd940L,
-        0xeeb262546d649c9aL,0x9c1dba6f70179ed5L,0x00000000000001c5L },
-      { 0x1acf2025e719d7e0L,0x27ac0cb7bca64a98L,0x1a4f58f5f9a54bc0L,
-        0x3c2fc7016a743761L,0xa916ab7a0767dd6aL,0x8953314117fdfe8fL,
-        0x5eef51dc4a7d6265L,0x1a1890e548920a64L,0x0000000000000177L } },
-    /* 44 << 399 */
-    { { 0x7772aad1a323089bL,0x1c3eba0a917ff79cL,0x8b9da0870fc8b113L,
-        0xbe669dc94e5c0c10L,0x3ad27c13cac54859L,0xdb835b140cfda5f2L,
-        0xfca9e3fef20ee2dfL,0x80870761674b7ebeL,0x0000000000000167L },
-      { 0x788ed1db4356cc9dL,0xaa557f015b5c9608L,0x62c22482cd869134L,
-        0xd0ec45740dff5303L,0x3df51b9f5389ca31L,0x59a6e53145b54873L,
-        0xe6052b072df10bc5L,0xcb7107d41f4cd861L,0x000000000000018fL } },
-    /* 45 << 399 */
-    { { 0x24d270b0a2c5f6cfL,0x97246482f54bdbe0L,0x2b71247a8ae3277bL,
-        0x3273c1c9a45552f9L,0x6187912dda706e75L,0xc43665644e2903a3L,
-        0x9243d5b29348f72eL,0xfb5aac5ba7b876e9L,0x0000000000000070L },
-      { 0xe9b247659aab621cL,0x378e7c849cff96f7L,0x794aea34d6ebe2d4L,
-        0x4eadc9d51661a8d9L,0x48c7c8058a105436L,0xcd852b6dd8d196c5L,
-        0x40a4c838d2c05f91L,0x60b4425eab562273L,0x000000000000008fL } },
-    /* 46 << 399 */
-    { { 0x68143217fc5598cbL,0x55f45fe3ecb8be5bL,0xdc707a143627496fL,
-        0x5a60f85e9665cf29L,0xbfa30147a13782ccL,0xcecb4dc9e6496833L,
-        0xa712fe79bd9761a5L,0xcbfbb56a078c3e11L,0x0000000000000030L },
-      { 0xb0a421291e0066d8L,0x23f10112fdd822f2L,0xb83cbe5147e7d2afL,
-        0xf5d65634852e2252L,0x6223702b277cc79bL,0x1bb298814b2433f5L,
-        0xf8ba03fcca6ccb00L,0x0859156462e0a22fL,0x000000000000000dL } },
-    /* 47 << 399 */
-    { { 0x2b6f7947ec51092cL,0xacd21ef95149fc12L,0x5f45cff7fb65ce50L,
-        0x1f51d19eed597402L,0x8b5ddce12b9e93a9L,0xd47f7ace6c0ec08bL,
-        0x7e2e638e2f64a0d8L,0x734b83b65e71988aL,0x000000000000014bL },
-      { 0x4f6e691930b08bf1L,0x7dce78e400390037L,0x22ff88f758d11de7L,
-        0x758620d621202d1fL,0xb94a535664939469L,0x17da7341acee471cL,
-        0x2d37a341fd2310eeL,0xa8601bc372a3c4eeL,0x0000000000000078L } },
-    /* 48 << 399 */
-    { { 0xc0c5b4a6fd219d25L,0x52c7f6ed058ff8a7L,0x1fe69b86b6e0acfdL,
-        0xd1e3e73b52a447c1L,0x31537c0968054dfbL,0xc312a9a53edbbcf9L,
-        0x893237de8b0f13bfL,0x1784bade6ea4ce95L,0x0000000000000191L },
-      { 0x112af36812489269L,0x49acfb797f0d7098L,0x94f9883080743844L,
-        0x46a890ed1c9b2deeL,0x7874e2973b42178dL,0x026f247f131ffe31L,
-        0x9f9e06e01658f803L,0x8beebca7b4c25ec0L,0x00000000000000ddL } },
-    /* 49 << 399 */
-    { { 0xff25d39a56fcbb0fL,0xf3167cd6767aff46L,0x0d149e1fe37f1498L,
-        0x5cc5476e4ef8353dL,0xf483af728a100b6aL,0xdff90a5a5e61a9ccL,
-        0xef06ad071b8683c9L,0x1a51a840f21160b5L,0x00000000000000c5L },
-      { 0x0cf4a4f250535795L,0x6465217feb140724L,0x39b30eb481336b95L,
-        0x4d6808ed2ff959b5L,0xd2cbd262102f0eb9L,0x81a05ea2401e2b5cL,
-        0x1c88cf3f90e33b3eL,0x0e5da177bf342b81L,0x00000000000001f0L } },
-    /* 50 << 399 */
-    { { 0x692d5ad031e4d9f9L,0x404aeda94c975f59L,0x774d5f574567894cL,
-        0x9384a6d394c384b5L,0x5640862431f1ade9L,0xc7fec784ec664a1cL,
-        0x1855d29dd8daa744L,0x215688b92cb5ac77L,0x00000000000001baL },
-      { 0x941ccf2069ed9766L,0xbe0bc408bb264b33L,0xaf690b685fc53f91L,
-        0x2d3d6a0d402b1ca7L,0x15f7858d0d0bbad4L,0xd4107f9a09001d66L,
-        0x5d39101058f42888L,0x6dbab76e1957a5e3L,0x00000000000001aeL } },
-    /* 51 << 399 */
-    { { 0x45213613b7e2c6ecL,0x40eba404231a4131L,0xb6fefe73a732bae9L,
-        0xa1e9bbf5dad5d26aL,0xd4292e9b3754d63cL,0xfa2f7d163b4afd0aL,
-        0x101c23ab45993a58L,0xef2e6c2e76be32b6L,0x00000000000000a7L },
-      { 0x39ab0b2e91c2102dL,0x08c2853a38a0dc87L,0x0bf44cb5fc98a8c2L,
-        0x3944bcc04053d1dcL,0xc58245c95a4c6921L,0x727b1481097fd198L,
-        0x65aeacda0fd2d648L,0x39f714eab57be657L,0x000000000000010aL } },
-    /* 52 << 399 */
-    { { 0x63b6bb80bd8a172bL,0xa4fcf17c5dbcddfaL,0x20d9c687abd07afaL,
-        0xd2c3d30414609e55L,0x54f385032006d72eL,0x26b914c24df39b12L,
-        0x27f45ab386f0c497L,0x3dcc1ec688f50651L,0x0000000000000073L },
-      { 0xdeb2636533f06be4L,0xfcf1a35db48f3d92L,0x7fe1fd3af7cc2a73L,
-        0x41ca3e11e6aa5884L,0x164881a8cdc21e13L,0x8cad911a03484874L,
-        0x767521e9e9c3025dL,0xde97f814218da4baL,0x00000000000000d6L } },
-    /* 53 << 399 */
-    { { 0xd3ecaad9f421e457L,0xa1343944abcd6bdaL,0x5e3976b4ef498da9L,
-        0xb3b59e1df3f12ba3L,0x07bfc03c8e4490c0L,0xd5fa985d5b53f101L,
-        0x715822a34bbf7797L,0xbd2d7345fe9453b0L,0x0000000000000147L },
-      { 0xee1ec3a72f095506L,0x1fcc2581a4577097L,0x8c650b965b1bb6c7L,
-        0xc19686238a67baedL,0x6105e80775b944f9L,0x45b830e0d8ad554cL,
-        0x4bebdb941e52e028L,0x5fb560dfd302d75dL,0x00000000000001e1L } },
-    /* 54 << 399 */
-    { { 0x41cdf0a8090e62c4L,0xc203cf661a389c50L,0x08873cd92fb0e7b4L,
-        0xfb7d8fd2849e2c3cL,0xbf0ecf0abf15a0daL,0xcff06a5ba3288614L,
-        0x3ea4f678a5a1bd6bL,0xd07f4fea5a0b447eL,0x00000000000001e9L },
-      { 0x7bde418b0072eb53L,0xc497b7d7c895370cL,0x360c81eebfb58e0cL,
-        0x4db855d7ca0d8993L,0x21da05101cffe5c2L,0x4e6c55e431da01b2L,
-        0xab33e450a177a1caL,0x4e024158c8d9d072L,0x00000000000000c7L } },
-    /* 55 << 399 */
-    { { 0xf01997349c89c37fL,0x422e2013e23346feL,0x872234bc0fa240cfL,
-        0x073c9ec935c98044L,0xc5f576844da45c45L,0xd9f227f2e036eaffL,
-        0xd624bcb8753152bdL,0x63adde436cdfed8eL,0x000000000000004fL },
-      { 0x6ed39da2e48f14f6L,0x7e044ac48399ed5fL,0x3d32aa1ccadb8a57L,
-        0xb17680e165432f64L,0xd1ac87201062afbaL,0x2977e3c2ea64a181L,
-        0x3c50ec594f5ebbd5L,0x06d71e4b8c0f88e2L,0x0000000000000116L } },
-    /* 56 << 399 */
-    { { 0xb3329e3168581a3aL,0x432c15f5e718d540L,0x50fb0773b5405fb7L,
-        0xd422287361b9c0e3L,0x3a53d3dbae54be89L,0xb7f9d1e582601b93L,
-        0x33d9cabdaefe244dL,0x90c3764d347640a4L,0x00000000000001d1L },
-      { 0x8e0fbf2c912d5804L,0x3b9f0ab36fd05d70L,0xdd8c3192b7d09ac8L,
-        0xf44cab3e47c16785L,0x7de9fd5b35549cfeL,0x38dfdf50eb615262L,
-        0x57e912f224dc69caL,0x69f6970490ea604aL,0x0000000000000199L } },
-    /* 57 << 399 */
-    { { 0x4687247eabad6418L,0x4f83495ac51d51ffL,0xfce781bec0aef136L,
-        0x8abed322580cb513L,0xb85782d6a24589daL,0xb8f7c3ad9c8640c8L,
-        0xa669aef661539d62L,0x9379601cb4477f5aL,0x00000000000001b7L },
-      { 0x332b9e9b0f7d41a3L,0xe7bcdba572f306caL,0xed16c9e3263c7286L,
-        0x5e47df68f8fe3510L,0xf0d18d39e3726bd2L,0xacb28a51274ae3f8L,
-        0xd0de1a497de215c6L,0x4b050057a1b3fd99L,0x000000000000014fL } },
-    /* 58 << 399 */
-    { { 0xc060c814721192ccL,0x1f3185a112876e37L,0x114f15d65821223eL,
-        0x391814b09bd49029L,0x21cb9042f69f5c98L,0x9788e3395a9b2f4aL,
-        0x7b0dfabe54926a1aL,0xbcfa4d6051cd489cL,0x000000000000014bL },
-      { 0x19829a11c90ff321L,0xf6ca593932b21fe7L,0x6d858a7cf4f5aae5L,
-        0x0dca676f9e7b2f50L,0x000990c44b9f09d5L,0x5b89da9c85dfbfe2L,
-        0x3d5e0e8eabe8b3c1L,0x1346693456230753L,0x0000000000000006L } },
-    /* 59 << 399 */
-    { { 0x850d86e94937892bL,0x07fee7bb2443a2b3L,0x33ba4ac4e1cb6357L,
-        0x9d14b81d36923302L,0xe15ac9c895ada402L,0x567bfcd1ac08b951L,
-        0xded4973cab9f0cc8L,0x3b9d665fbe68ffd1L,0x000000000000019aL },
-      { 0x58fbfb85882a8c22L,0x1d20051a57a91ae7L,0xa817c3921ffb42d0L,
-        0xa547264cbd43f75dL,0x5c2c5689eaf301f5L,0x9a6180df6567fe83L,
-        0x3f0b7e47edbc4659L,0x3a74b5825cca8bd2L,0x00000000000000d1L } },
-    /* 60 << 399 */
-    { { 0x8a8d4ca6d8dd2438L,0xd4f4c7bae21c7f82L,0x2146e9df4456d737L,
-        0x99e44513b7846ee4L,0xa1c33ee7dbe655f3L,0x3f9e32737648952eL,
-        0xb2ab63292d2542faL,0xbbd56f29ab7433d8L,0x00000000000000d8L },
-      { 0x9324ab77baf53306L,0x41c9e3370caf808eL,0x29ba5468377d0a1eL,
-        0x20d49c30208ae032L,0x9ed653f68abe7fa3L,0xf31a73b7496e497bL,
-        0x88f1357835532c73L,0x7ae79b0e55591f20L,0x00000000000001f8L } },
-    /* 61 << 399 */
-    { { 0x830254cde199ec6fL,0x0faa16580c6aad81L,0x37a327a5fcd2e4e5L,
-        0xb414910976c46adfL,0x944b4fb9218ba402L,0x4abcc3e5c5df6891L,
-        0x578b24b904111a63L,0xf2d5e4003e278bbaL,0x0000000000000032L },
-      { 0x857d53702414469bL,0x94d6f875d8b14839L,0x83561fe4c13ba3e5L,
-        0x87995be649f39edaL,0x0438cd3e7a4cdaefL,0x56fc49eaa9282dc2L,
-        0x1e7e40c6786edabbL,0x6d7f686a469d086cL,0x000000000000006cL } },
-    /* 62 << 399 */
-    { { 0x73a04d03a28b455fL,0xc84e719cbf57585cL,0xd6d9911fd35e53e1L,
-        0x331034c059f94f9cL,0xadb8fdd3875393a0L,0x3be757f899a478c0L,
-        0x4a62214fe02466a7L,0x18913f0488f2c28bL,0x00000000000001a2L },
-      { 0x952c4e67ff257bf8L,0xf85960a2b4000ba2L,0xb767ebc447e9be29L,
-        0xb4cb73f318047110L,0x2f53d6f5cecc7f40L,0x6d4f9956feaae016L,
-        0x1e8432279badee98L,0x568ef329a23ddf3aL,0x0000000000000141L } },
-    /* 63 << 399 */
-    { { 0x3a99f756c26395e6L,0x4bfbc2e0527eb51eL,0x2e37039c79f00878L,
-        0x78e08d275e6b1e6dL,0x6f6f335145d74f43L,0xbcc475bfc6a9906cL,
-        0x5c60a9a9b8a7301bL,0x0204a0a3d640cb3aL,0x000000000000002aL },
-      { 0xd378e362c2ba81fbL,0x110becf374d1d5d9L,0x14fb5720abb529c2L,
-        0x923d0d28d9b58c66L,0x59d4651aeab145c9L,0x5a9178553c90bf08L,
-        0x5b33d118c24717b3L,0x5142b895dc818c38L,0x0000000000000164L } },
-    /* 64 << 399 */
-    { { 0xb4c4ac143ffe4858L,0x3d9c1b48baab1296L,0xb28b5f0a5791e378L,
-        0x3aa34de82a5d32caL,0x8e90308ae76fb3f0L,0xb74a7ed3c85d002bL,
-        0x48a246ab65840cd3L,0xc8494718771d3f2cL,0x00000000000001b8L },
-      { 0xb3f57d14a28da023L,0xdbc8b8d91d078f91L,0xfa5f5a7aba67f27fL,
-        0x4908adc3fc60df70L,0x4fcdd3e0618486cfL,0x2e725571eb3c5855L,
-        0xdafd1ef5c5d9dd01L,0x806554ee19b9cfb7L,0x0000000000000125L } },
-    /* 0 << 406 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 406 */
-    { { 0xc5f56d18fdb2dd1dL,0xcb31387972b373e7L,0x2fbfa499d85c69fcL,
-        0x49ef4e5504211367L,0x307a9a329f9f852bL,0x00be68013d586d9aL,
-        0x6ab9c6709bea9584L,0xbcb478e24b06f588L,0x00000000000001faL },
-      { 0xb6d095562b1e18c4L,0x2af8b9233a783993L,0xafcf8ae678ca9e44L,
-        0x9139a8376cfec34bL,0xce8cd219583ef0dbL,0x8bf49e56abe307edL,
-        0x89ba853be83c9968L,0xc5694a20008b52d3L,0x0000000000000063L } },
-    /* 2 << 406 */
-    { { 0xc3974b7675276d10L,0xb6e1836c07bb3d19L,0x2b1ba75db1619e9eL,
-        0x1e89c2bd5c4a2ebfL,0x4c2ef54b7285eb6eL,0xba22a605df72938aL,
-        0x51152a2657474591L,0x70c745ff997713f2L,0x000000000000006bL },
-      { 0xa7ab63790835db88L,0x2a6d5526753370f0L,0x157e790a4b2e4edcL,
-        0x0b56220a911f4047L,0xdedaa43bd7c0fb09L,0xc6ff25e35a31e2daL,
-        0x6b0ee7bfa78ab4a8L,0xcbafb78836d00945L,0x0000000000000165L } },
-    /* 3 << 406 */
-    { { 0x537b5f578e6ee46fL,0xf204223120f5b371L,0xaa0921a6b9156758L,
-        0x8e7aa4907ae36aacL,0xdbbfc95da650c738L,0x652cc382eb9c38f2L,
-        0x224f35e15f0d2472L,0x7768c4358367e668L,0x00000000000000a6L },
-      { 0xe0d7b3cfdaef3c5fL,0x4dad6270a0c5684aL,0x24b2fca0e9360710L,
-        0xfd91b89a3e763d1fL,0x822b00bff598fd98L,0xdab869207bca6f89L,
-        0x34db8325c7996505L,0x6e88215523f32f05L,0x0000000000000060L } },
-    /* 4 << 406 */
-    { { 0xbca656eb512e743fL,0xcd94fc24ba4f85ecL,0xf4383ad0048bdf6fL,
-        0xdb10e381587f47a6L,0x47f244e7da3ec391L,0x5f337e380c33624bL,
-        0x9259425f82a3c375L,0x509e56c3f276bf73L,0x0000000000000014L },
-      { 0x2d65148dd94cb899L,0xcac386303b28185eL,0xa36bb7bde102adb5L,
-        0xa1e7e0b5ff3fffb6L,0xc842ceace628e1afL,0x8e6dfa7c8647613eL,
-        0xeafd758584ade38bL,0x7c4c0b0a00188d5eL,0x0000000000000151L } },
-    /* 5 << 406 */
-    { { 0xecb8fc22d872682eL,0xcee69ae9a340ad2eL,0x8aab065f725233efL,
-        0x3314af1015860444L,0xafea039307d4218cL,0x83860c75b56d7265L,
-        0x045d08732f402749L,0xc14d6ebb50676c29L,0x000000000000011cL },
-      { 0x7018485cecc303f1L,0x2c88f82b189755b4L,0xa7d21cd59574649bL,
-        0xff5ce29da5c77fd2L,0xf06a468a58da370dL,0x50d800934a5fd275L,
-        0xcba539d8b69ee483L,0x170868f7f2ee3b38L,0x00000000000001bfL } },
-    /* 6 << 406 */
-    { { 0x21f9e41cf53fcab5L,0x7bf9f35165adec42L,0x6b26bbd558bb94cfL,
-        0x3f786272c6324c08L,0xc4a2eac0f2b7a273L,0xa13f661eac22a668L,
-        0x68b9afc47fe9399dL,0x1b92202959664de3L,0x000000000000009cL },
-      { 0x17c1b9a418a2fe9dL,0x2ba8744435cbdc79L,0xf4a4e0ce0b5f43b1L,
-        0xcf17bf66e7569a01L,0xca184ac9c510d6eaL,0xb90fa4fc1c25e88eL,
-        0xde8a6e1935d88156L,0x1546d7b58d8dc62bL,0x0000000000000122L } },
-    /* 7 << 406 */
-    { { 0xba45c8f36c94382bL,0xc1be84a34e796905L,0xa70a60a281b19d43L,
-        0x5a333dd0a47323edL,0x7b28b6af0b27ff7eL,0x35c03b9fdea38355L,
-        0xb95af1386ae6bcf1L,0xc9ef2a5a2b8ab4d0L,0x00000000000001adL },
-      { 0x324116b7e42a4135L,0xe6f37e6ce3fd98a2L,0x9fd3f19f7c76568eL,
-        0x22b20731515dc1b8L,0x9723434fdb8e80ddL,0x60e6c8e242232789L,
-        0x9716ad2c04d7423cL,0x66529fe435216302L,0x000000000000010bL } },
-    /* 8 << 406 */
-    { { 0xe5d4defb5b3e313bL,0xa821692c272ac52dL,0x63e8db0d853d75ebL,
-        0xe135b25b774da98dL,0x5019813bc0ea0962L,0xa03d6d8f93d92bddL,
-        0x63ad9b320ec90c8fL,0x674e973c21967233L,0x000000000000002eL },
-      { 0x6cfdfea798494014L,0xb9f9c0ce4f03d4bcL,0xb30273db8a4cde4eL,
-        0x81dfaa1b3c413325L,0xf7bc31e7b3964d85L,0xf73996c8fa47fcd0L,
-        0x1d5fe418a94e35b2L,0x7cd3986e9fa4f44bL,0x000000000000017eL } },
-    /* 9 << 406 */
-    { { 0x1b7980a57834d697L,0x9a3aa459c73206aeL,0xe10df0f1912aafe1L,
-        0x3c252699cd81194fL,0x11c78b3f5fa93a50L,0x88c38a165c535f44L,
-        0x33b2a6c905dc99e8L,0xf9a8a90d1ea49641L,0x00000000000001a2L },
-      { 0x96a8c21569486979L,0x97f6097999b6ccb9L,0xfe3df60d18d3f89eL,
-        0x83dfff4ef064bd18L,0x49b4057d54fcb9f0L,0xeab1e88c3f088687L,
-        0xa1765be041072587L,0xf99b2779acf46728L,0x000000000000012eL } },
-    /* 10 << 406 */
-    { { 0x8128204a9a214c96L,0x0e0a82b44882a079L,0x33e5d6b9b27a35b4L,
-        0xab4c56c097462902L,0xe54b628e5b19e791L,0xdf29b1f5d64e8065L,
-        0x6a2862e6ade36f00L,0xcba66d7ddf61110eL,0x0000000000000107L },
-      { 0x76cc421fda5c2464L,0x0c4f2a6322f3528dL,0x2eeb70f2c54214f3L,
-        0x58be1b09eb798dedL,0x2415a2c156bb8dc1L,0xf9c7fd5ca298c0b0L,
-        0xdc7d1ae628082c59L,0xc4ec983d05a44844L,0x0000000000000192L } },
-    /* 11 << 406 */
-    { { 0xa04e47c0c9ed9d3aL,0xed1a5bfaec3716ccL,0xe70c47c1a2e4d7f0L,
-        0x05931685553e5305L,0xa90e6d16c73eb2d4L,0x17058be63459f194L,
-        0xcf1b93fa0e76af5aL,0xbe38213c93f26b0dL,0x0000000000000009L },
-      { 0xa56996c75a0f2a52L,0x9fe2e1846badad6fL,0x64a6ae0d70ff96cbL,
-        0x835954857b77aa01L,0x9910099ceeda6f38L,0x64b3d7f42c333e54L,
-        0x6b13aeb23721114fL,0x791d073c90ca8602L,0x000000000000018bL } },
-    /* 12 << 406 */
-    { { 0x72b023245e3f9a6fL,0xc889374508defdb5L,0xab7235362acd0af4L,
-        0x7ce916a85d02baceL,0xb2abe9dd96314ae6L,0x6b664d88cc74749eL,
-        0x59f417bea5595e97L,0xe77f2e3b52ef341aL,0x000000000000003cL },
-      { 0x1f57cebbe3aa5b6dL,0x870522a68901cd97L,0x926ce7d957cf5e3aL,
-        0x2d8fc69331e15a34L,0xc3a756ad009b6274L,0x498748f3f82857a8L,
-        0x7b27d095b5531159L,0xe2783284c7e359a7L,0x0000000000000082L } },
-    /* 13 << 406 */
-    { { 0xc09185da7e0f6976L,0xd8a1091ec4a3a6c3L,0x7f7a1bdf331817e9L,
-        0x95893105a21b71e6L,0x529b76e0031bc2c0L,0x899c9c15f486e501L,
-        0xa1c9b18f67318b39L,0x2c05bb6aadc3ac81L,0x0000000000000087L },
-      { 0xf051133eb2a8d83bL,0x8b7c0690cecad4bfL,0xcdc32d5c3836511cL,
-        0xf17df7ec1fde03acL,0x65dae2a3603ce6cdL,0x7711a540f1ccc60aL,
-        0x391a3d1b3d8a3950L,0x640a6d5ab3cf9141L,0x0000000000000148L } },
-    /* 14 << 406 */
-    { { 0xcfe4526c7deb11f7L,0x67b27a2787647f71L,0x07eca87da3dfbbb1L,
-        0x6173cd9ab9440d12L,0x0ca8bb2b40f2e74dL,0x3d83a719d740cbe1L,
-        0x0fc562e81d080dcdL,0x16cb8f6f65d8140bL,0x0000000000000117L },
-      { 0x505508d0e8ddf98aL,0xe0d08e494e83c1ccL,0x24215a4d2db487d7L,
-        0x5b91a9b5a9d15e5eL,0xb4d85a71e56eb130L,0x0e03cbc65d7390a2L,
-        0xb43f2613963f58cfL,0x1cb92acaf93a024eL,0x00000000000001d8L } },
-    /* 15 << 406 */
-    { { 0x0b93b131dbe1d1eeL,0xef971fbcfe0effe4L,0xaf4b85c708d49697L,
-        0x497ffb799eb46f2aL,0xb35cd96addc0ccebL,0xd5a55094303e4c0cL,
-        0x3af23c7d86e7b58eL,0xaaed08ec9efb4691L,0x0000000000000099L },
-      { 0xe9dd554da84a6620L,0x87891bcd36fa1b27L,0x8f0d90c7e8344fa9L,
-        0x8342943413b112a7L,0xbc8d11749c77efcfL,0x8a33437af15a8f25L,
-        0x664c7908683b532eL,0x374dc6569c90903fL,0x0000000000000129L } },
-    /* 16 << 406 */
-    { { 0x78d9e7f446045461L,0x841c793e7430d61eL,0xf77b63b8dd245666L,
-        0x4b39bdd5844f837fL,0xce7bb287ab70f0f5L,0xef4b6aa274b7cbc6L,
-        0x9821f978981fdf5cL,0xb63e67a8e506a31cL,0x000000000000012eL },
-      { 0x1d2296041fc1da54L,0xa5b7e873d0c4b6bdL,0xeb72b87bf59127b7L,
-        0x8db0f3859fbc54b7L,0x534ebf9461462a53L,0x97099e7580b9d20bL,
-        0x0ed2d96a88aaa712L,0x415ca08a6a1b85d7L,0x0000000000000091L } },
-    /* 17 << 406 */
-    { { 0xb379144aeb469a20L,0xc5437f8f1cbea72aL,0x7728e8b42b9ec8acL,
-        0x606e8adf8a15a0e9L,0x8d8e962ac004f3a3L,0xd5df086da85ebf2cL,
-        0xd33bcdaafb6dcbb0L,0x0fdb0c9f07f2cc3eL,0x00000000000001e6L },
-      { 0xce44c6c293c2da62L,0x378521fae38bba04L,0x82a8e500db763d85L,
-        0xe78e38955ed8824fL,0x8fbaa40d1538bad9L,0x868f1eba0248ad8aL,
-        0xa6c1a139cd968348L,0xd2778c4b0a2b9761L,0x000000000000002eL } },
-    /* 18 << 406 */
-    { { 0x48e4c0f3361ae7cdL,0x6b7984948046cd5cL,0x12f157df00f16183L,
-        0x3597a186c382bdb3L,0xcd0b5a6b021194ebL,0xc207ed009af8a87aL,
-        0xe4393bc184dc124aL,0x11f71411e91afc32L,0x000000000000015fL },
-      { 0x579a5046c1866867L,0xd866aa1655c785e3L,0x2f76a8d43cf758adL,
-        0x32ac9a89b0d31de5L,0x4962fdef2a973d93L,0xd7187c2b4ac6ff65L,
-        0x7b1c92bfee83ecebL,0xa56863b534638002L,0x0000000000000053L } },
-    /* 19 << 406 */
-    { { 0x25efb568dfc25ec5L,0xd1189d0e1b0e7079L,0x5072903088a9eb91L,
-        0xd590fca710d3bcabL,0xf9c0a5d7df6bea0bL,0x0bf708746efeb1beL,
-        0x42747b384fb6a9a7L,0x2f14f557f56a702eL,0x0000000000000156L },
-      { 0xb9090e1e348c7f6bL,0x922e69d7d7496d2dL,0x6349d2ca92bf15e0L,
-        0x94de29b2129013e6L,0x6e89ee99ec7bb7b1L,0x68ee23481ac1ffb8L,
-        0x60be6017a20aa6baL,0x91a224fc79b16d91L,0x00000000000001b3L } },
-    /* 20 << 406 */
-    { { 0x039c81f5b6501dc3L,0xbeaed737d507075bL,0x080ba34a5c367a46L,
-        0x06a583c5ecd54633L,0x2085119b20eff4cbL,0x26f27b7aa193a015L,
-        0xa2dd99c937b34fb1L,0x99227938fff66c7fL,0x0000000000000107L },
-      { 0xee87c18e1cec40f8L,0x760e880d65532da1L,0x78d00f69be9ed489L,
-        0xf61114948cc9be51L,0x79d826abaafd71e2L,0x831bc3059f39cd9fL,
-        0xfffebc7ec214629cL,0xab14a5cdc0a202e7L,0x0000000000000083L } },
-    /* 21 << 406 */
-    { { 0x85252463481afc74L,0x7b71451828c701eaL,0xc439fd69861bf548L,
-        0x071f8693e3d11f33L,0x6225ebd572e2305dL,0x4ef519ad0d1f6093L,
-        0x1b0453e06ca1c580L,0xb7319f2fb740aabeL,0x00000000000001c8L },
-      { 0xf21d026d84604fd4L,0x1b1b306011b08033L,0x649ad1d36fd4ad38L,
-        0x33f1d68714abb62aL,0x0e7f376997abee33L,0x530e818370a2952bL,
-        0x98a0a545fc905c8aL,0xe6ec2b5559af7273L,0x000000000000007aL } },
-    /* 22 << 406 */
-    { { 0x6cf8f7069c217921L,0xc42e41d7b075c03bL,0x6375246a68982f40L,
-        0x8669580151954ce8L,0xf5310da9a3a60bedL,0x0abca274b68cc2a2L,
-        0xc0ec033b6851665eL,0xb783a62aa463f268L,0x000000000000008aL },
-      { 0x262a839eacc800edL,0x23a464a8b7a47436L,0x48a5d2ba302d2f36L,
-        0xdcc0964d853ccb63L,0x326373ba856a8728L,0x135e2dfce81f2a09L,
-        0x75387e9ce2d61167L,0x2d4026dd77466495L,0x000000000000018bL } },
-    /* 23 << 406 */
-    { { 0x15f1ae548997be68L,0x90aa75ea279fae38L,0x8e6704c0bf52607eL,
-        0xdbdd9e471515aebbL,0x3f13153cfb9d9d6dL,0x6783f0c749f2b830L,
-        0x933ddbd70938f0f2L,0x8c4b834cd7669424L,0x00000000000000a9L },
-      { 0x195637299d946809L,0x9946ba9bbc29db9cL,0x6f9e27fb6cb8b988L,
-        0x3294b03efccfc99eL,0x33374610f7141a54L,0x28f868ffc7673c30L,
-        0x43dc3427bb2c289bL,0x029e076fb96395c0L,0x00000000000001e5L } },
-    /* 24 << 406 */
-    { { 0xc1b7a8f704de7536L,0x4b9e69438570da46L,0x7724c0c2337106bdL,
-        0x6f1367d3054b2f07L,0xd7d30e2004200225L,0xd722d2ff8573567cL,
-        0x3b1a8a31741d03aeL,0x41474e1b878ff79aL,0x0000000000000059L },
-      { 0x3ce983c9fcf8a2fbL,0xe3c71ed67940d19eL,0x7347af8b434df786L,
-        0xa187aa1d08d0762aL,0x618fc81d48cc16f9L,0xfecc62573b0e7f5dL,
-        0xcb1f9e26fe7d47e5L,0x9ddb1566ce3918a5L,0x0000000000000047L } },
-    /* 25 << 406 */
-    { { 0xa7bf65565cdd5de1L,0xd91a3b5ad0299c7dL,0x34ad344fb621c69bL,
-        0x0eaa0119ff537f66L,0xd06eaa83437158b3L,0xc8ef03821b5a588bL,
-        0xc42cdd179a13f8c3L,0xb8bc70a25e7488b7L,0x0000000000000152L },
-      { 0xb571425067a283dfL,0x71221b8349a9b640L,0x84b743d5e5009d45L,
-        0xc7150aa8fc207d0cL,0x5146ec3777f5ee74L,0x64856c0e9cd38d8eL,
-        0x3c6544b4ada269a4L,0x3321ddf10a505d47L,0x0000000000000083L } },
-    /* 26 << 406 */
-    { { 0x679fec081ac21f3aL,0x8e69d49664fd0330L,0x4d520cf622381900L,
-        0xfe8843f23cdada22L,0x9ae1a7245fc715c4L,0x2551beb61c16d5d7L,
-        0x6feb8481d00fcf9cL,0xcaa2b375c91e52b7L,0x0000000000000184L },
-      { 0x24be593ab64e1524L,0x4e1cee9d7332b856L,0x131c5e6a797daf76L,
-        0xc663eb2e75ce3e6cL,0x03ef6a7909834ac9L,0x7d7aa414c52b3350L,
-        0xd66cb98f1430ff4dL,0x8aa042bdd5ceed07L,0x0000000000000084L } },
-    /* 27 << 406 */
-    { { 0x5c157e7b6deb0864L,0xf9d82ac58bbf2f15L,0x8078defe946d3ad0L,
-        0x0202531b76b4ef19L,0x91b204164639bde2L,0x266d4ddbabeb6f8aL,
-        0x099e2d193c697956L,0x622d9fc056634b3cL,0x00000000000000fdL },
-      { 0xb40778e6a1d7b58eL,0xe7e73d837e8f2b8aL,0x1079ead85b307ff5L,
-        0x6edaef3415ec5733L,0xf0af7d8875239c59L,0x2c12598569c78449L,
-        0x0ddb52fddbdb0499L,0x3659ab877726d11bL,0x00000000000000a9L } },
-    /* 28 << 406 */
-    { { 0x810305ab4f244783L,0x99471c5a0e2c1a83L,0xbb3beeb39bd2ba8dL,
-        0xe7fe7b929c189a01L,0x0f5a31c9667f8683L,0x28ee1a59fb7bfbb0L,
-        0x4cb86e098e14240eL,0x47039ec29bab970cL,0x0000000000000183L },
-      { 0x09b761f8f4ea7190L,0x5b109e93637f19c3L,0xe40aa435edd588d7L,
-        0x6b25737881a3b4aeL,0xf5b5cc60591f5caeL,0x2e787d34811b80feL,
-        0x28be1db7b0d84075L,0x2579d623a4db6982L,0x00000000000000b8L } },
-    /* 29 << 406 */
-    { { 0xebfd47a0f3c9663cL,0x5bd6c124fcc1ebacL,0x7a72f2629e4fbc0cL,
-        0x8e12014b04da3327L,0x1644293ff16aee24L,0x51c99ce93d9cbff4L,
-        0x3e202a2905ac2f77L,0xdc053a471a547c46L,0x00000000000000b5L },
-      { 0x33432716d62c57c5L,0xb6a806d7fd1c2525L,0x8fad574efa0879bdL,
-        0xb155c4592f8f0fb0L,0x1164655e58d81213L,0xe11727e694a07b4fL,
-        0xff4b7575c7036122L,0xcb353944c198f11aL,0x00000000000000a8L } },
-    /* 30 << 406 */
-    { { 0x0aba20f753d66edaL,0xa3aeae3b7e525dfeL,0x7b988a6199e675dbL,
-        0x944ca69614798f05L,0x42277a4775fddd0fL,0x281cc5692e466789L,
-        0x3292cdab72d85db1L,0xdfff0593e12591ecL,0x0000000000000079L },
-      { 0x1c2f7a8c0b87e726L,0xc9c4e2867c08d0f1L,0x7244fb70add49ccfL,
-        0x2f9a917876dce245L,0x60d895eb97836a0fL,0x97fdb433fbcd00e2L,
-        0x83017090f2aacd14L,0x292faa800e939a1dL,0x00000000000001dbL } },
-    /* 31 << 406 */
-    { { 0x5a7a6424e3f6f82cL,0xbd371425726aed2fL,0x2f56a6db5da92b20L,
-        0x40dea40847e9f8e5L,0xd214c17ba447c6d6L,0xfc2fc25418e56c61L,
-        0xf21df2b42ba5ffabL,0x38ed181e0c4b74d7L,0x0000000000000116L },
-      { 0xcc7b32aa60988f29L,0x86934d213fb6f043L,0x2f3259e3a7e17064L,
-        0xdd355633aae0132bL,0x6b351d3f58a51724L,0x174aa7de5d3513b9L,
-        0x5ffb74678e5b7018L,0xcfc563cd0b563426L,0x000000000000012dL } },
-    /* 32 << 406 */
-    { { 0x48a6060b5244adf3L,0x196c42f99f9c1646L,0x1dea9fac3946d4dbL,
-        0x30563642183c46daL,0xe5c58915c9e4a634L,0x3e71b542cce36f63L,
-        0x4d91d55c39eaada5L,0xd3f5af0f1c43907fL,0x00000000000000c4L },
-      { 0x1152f1413080db73L,0x3d5031a2b4bda7abL,0x0df9c2bcd0f0daf0L,
-        0xaf4aa1f30d01895aL,0xfe8281302b137acdL,0xfcdbfefff072eda7L,
-        0x8f3e313911d578dfL,0x37d9ce5b92662c8eL,0x0000000000000086L } },
-    /* 33 << 406 */
-    { { 0x87e7f88cc5bed943L,0xfd2e6b03aad8bc5eL,0xf24d94389e249c9aL,
-        0xe47161cb7c008e8cL,0x19d22f2831d8c40cL,0x0671ba709fffd96aL,
-        0x31a6f3ad74d609e7L,0xf90ddf84b6905c30L,0x000000000000009eL },
-      { 0x404c5574e9f17126L,0xafd37819604fb843L,0x4d1d2b92b00db9eaL,
-        0x4a242643a7ecb8e1L,0x23c70b6e8b66b49dL,0xcbd1e9f75995098dL,
-        0x62ee997d643f5b38L,0x2c7285da63549975L,0x000000000000007bL } },
-    /* 34 << 406 */
-    { { 0x70bd76a983f34ba3L,0x372227ca7eca3199L,0x4cc896ce4e57aed0L,
-        0x142d290f0ddd2f05L,0x867a1f6fd6612f3eL,0xcf2e8ca14ebc7530L,
-        0x1d15b0252bdf257dL,0x1b6ea850fcb53380L,0x0000000000000110L },
-      { 0x38c505c3e561bf5eL,0xb5c5b048ae44566cL,0x902051d06c45aaa1L,
-        0x619fec981ea9caacL,0xec4ca3f013e5e007L,0x899d203208bc5341L,
-        0x5869d8e09361ca4bL,0x1850a711fe357cd8L,0x000000000000014cL } },
-    /* 35 << 406 */
-    { { 0xe9d78d73c5fe4cb1L,0x65d4973e63669b5bL,0xf8f26e6758db5d06L,
-        0x1fe46740a5bea178L,0x22e30d273d9d53efL,0xf9c3e1132d740fdeL,
-        0x0eaf2c3782ad4253L,0x1c0a8f57afffe82fL,0x0000000000000083L },
-      { 0xe04ad02fea374c3bL,0xbfebd3637e1ae7deL,0x2f496f966970176fL,
-        0x10eb48976106472bL,0x9ab8cc2922481fc5L,0x806a32fb795e47dfL,
-        0x3920421e8a79c1aeL,0x17c4253868d45930L,0x000000000000009aL } },
-    /* 36 << 406 */
-    { { 0x164a9e29d07b0d60L,0x7d9325bc4a4ced37L,0x389846410a22ea31L,
-        0xc33e1fc1659c12aeL,0x7609475678cc3ad9L,0x3c30033a4cf14874L,
-        0x6c7ed92d23f58493L,0x0040c6d99a41b806L,0x00000000000000c8L },
-      { 0xe9652d66a4f89d26L,0x97aca7ae1e56daa6L,0xa1650f15b8b76045L,
-        0x2f2338b3fc159585L,0x9af48930f243cf7fL,0xdd333c3d923de549L,
-        0x415a035f3083991dL,0x0257bcf5b8f179d8L,0x00000000000001b8L } },
-    /* 37 << 406 */
-    { { 0x785ceb0e60a23046L,0x06693923da26f777L,0x4cfd41e2f6347cc4L,
-        0x375228c909f95926L,0x5f3dff336d32813bL,0x3becb638dd9b1ce3L,
-        0x7e9b3e1160c02110L,0xc46e496d72e500fdL,0x0000000000000003L },
-      { 0x15d186e9c39eede8L,0x00d45c82e2cbe492L,0xcb0430b0e656d2edL,
-        0x52592855cbf91059L,0xed3f498d7ebbb6c0L,0xf537912d8c448093L,
-        0xd02e28094a50080aL,0xde023ed27507fb99L,0x00000000000001c9L } },
-    /* 38 << 406 */
-    { { 0x9189e6492b66dcb3L,0xbd9d89446e0a16c1L,0x7183787c8fbf21b9L,
-        0x48b9a986c84a07e0L,0xc7951767bd3f75ceL,0xfd74f40c709029ebL,
-        0x8e0d48faee163d0fL,0x583247acea13c411L,0x0000000000000029L },
-      { 0x544713627200e61fL,0x43a5caa69151f221L,0x88e1d04480dfe2d7L,
-        0xe166419a814a432fL,0x47d7a7324998873eL,0x06abfc47d649229aL,
-        0x38759e7b790a1bb9L,0x2aade3423d87e983L,0x0000000000000083L } },
-    /* 39 << 406 */
-    { { 0x814f5c1eed4cb90eL,0xc27974eb37f64e46L,0x1ab1171566cd615eL,
-        0x27e7e0d98a254731L,0x1756745a1520a956L,0x4a8d601258af427dL,
-        0x430761eb1c0eee1bL,0x6bbfb93438874a9fL,0x00000000000000d7L },
-      { 0x9f48d4ca3a8603b8L,0xdedd50492e5be7c0L,0xe088e3bdf54289d5L,
-        0x0a3ee65da44290e6L,0x8ab9a318bb9114a0L,0xbbb8fc213ba90e93L,
-        0xbd87016b28aa8d97L,0xf467d852c050a231L,0x00000000000000d7L } },
-    /* 40 << 406 */
-    { { 0xfe306ca855a073ebL,0x35543d282dcab16bL,0xd66bc457a45d0b9cL,
-        0x3fdc1cc24be414daL,0x781093ded7d9bb1aL,0x6b5f2c375d2031a6L,
-        0x9b6b4ba38a23513fL,0x6fe788858f5a91f0L,0x0000000000000188L },
-      { 0x0f952fdeaa340993L,0x860ad393381382b9L,0xf0f1878aa611333cL,
-        0x9d53e1f9fe29f16fL,0xc371ba5fa0d105e9L,0xedf4adf826128fd8L,
-        0x4f4e22ffdaeb10c8L,0x0d27b149d9544e7aL,0x000000000000009aL } },
-    /* 41 << 406 */
-    { { 0x384e080421facdb7L,0x6c8b7244e2b7b131L,0x05f1dd47ad8a4fe3L,
-        0xeb2e048dd4649216L,0x9f1bc2b7ec853458L,0x386f3d5798115589L,
-        0x8c02c32e6fd93252L,0xd1a9526bbd686fe7L,0x00000000000000cdL },
-      { 0x0a4bc5e2a6384682L,0x8281608a042b55caL,0xa41505532a528bb0L,
-        0x96b9f2e72217abd8L,0x9f019996e3251a18L,0x7aa51a6a79a88c6fL,
-        0x90d8c8ad98fa880fL,0x2dd166cf45076ac6L,0x00000000000000e6L } },
-    /* 42 << 406 */
-    { { 0x7ba7b06a5826d6caL,0x42257d9c430621c6L,0xe5dc2c8f02dcf96cL,
-        0x1b63d8ce16550605L,0x9e6341345cde8df3L,0xf9781f21809d18a4L,
-        0x2de5477650c12248L,0x915e036c94f60a0aL,0x0000000000000149L },
-      { 0xe8a91619a2d29974L,0x67a70872b420db3aL,0xb24abe92e50beb4aL,
-        0x760b7119dc0a98c1L,0x1519d8aea70e0dc1L,0x33f102a2679c49e2L,
-        0x5123d8c2c1c358a8L,0xc928fda8bb7899a4L,0x00000000000001b9L } },
-    /* 43 << 406 */
-    { { 0xd2601167ad233a91L,0xc8d9884dcdc5862fL,0x01a22fe0a648ba05L,
-        0xbb3b9e3c515c1511L,0x18c06c97ea8c7464L,0xf20adb09be2c8395L,
-        0xb2f3dd6d371f7631L,0x2e4fe2c91fa77646L,0x0000000000000128L },
-      { 0x9732c4edfed3264cL,0x81acaedb4d287a1cL,0x736e2ee565d0497dL,
-        0xe8b4f6fa9ca05e5fL,0x76f8565567f63d25L,0x3622850f9569a822L,
-        0x4213d66b43a8a078L,0xc601ed61e323d282L,0x0000000000000185L } },
-    /* 44 << 406 */
-    { { 0xc0135e27beb6745bL,0x1fa3e9d57ac01e8bL,0xa713ccd34efaa6adL,
-        0x6b82414232492fa1L,0x1e3dc6b3c5a1550aL,0xe3c7ea75429f42c3L,
-        0x93f0cadbd1d97acaL,0x7b23ee53f7091927L,0x00000000000001afL },
-      { 0x708dc83aecb37a50L,0x802e69b38f9edcaaL,0x02abcd3cc66d3a68L,
-        0x814ec38b1101afaaL,0x20e5d950a1b52623L,0x0ac6ea5fd4dd624eL,
-        0xab26008227a0c3b4L,0x577f5ca09368736bL,0x000000000000001fL } },
-    /* 45 << 406 */
-    { { 0x6d42774c21bf0842L,0x2a4da71bd4d1ea75L,0xc2cedd0cf4d653b0L,
-        0x7d94db7211d82f3dL,0xfaf1ca20a8c32913L,0x9b0c6b3563841938L,
-        0x1ddacce9cf9b706cL,0xb204884772b2c899L,0x00000000000000b9L },
-      { 0x4e7adf267aedf83bL,0x8ded9b05be0cdec7L,0xe5f546d3b5c0649dL,
-        0x270504c8e19891ddL,0xa92e7b14a7261c10L,0xd14be6d3b8f9ebccL,
-        0x7a89d993eccfecebL,0x4ce0afa5ae754f25L,0x0000000000000074L } },
-    /* 46 << 406 */
-    { { 0xcb677986904f5312L,0xe7d62adb29dfabc6L,0x93e4e87b3e4e42beL,
-        0x19bca6264069b407L,0x328eab93ad8142e1L,0x2e7c1a5d52672bedL,
-        0xa5fd1db730aef66bL,0x12ac39b7fb19bf54L,0x00000000000001beL },
-      { 0x01c76a76b5b5ec2cL,0x64de1b6a0861dab1L,0x3258296d637140a4L,
-        0xbda2cb733b3679c1L,0x0041da437024d813L,0x4303794de9a0ce74L,
-        0xf8ee8193c0529c15L,0x53feedc587074b7fL,0x0000000000000115L } },
-    /* 47 << 406 */
-    { { 0xa6ba5b160c617119L,0x204e68fb438beefeL,0x7a20a3972ada8708L,
-        0xdedf232d508368bbL,0xe096d0bc104f521bL,0x7a6b16d711269c40L,
-        0x55d4ed46914143d9L,0xba5c71c427d395ecL,0x00000000000000caL },
-      { 0xa821bc5010cb008aL,0x48052c133adc6d77L,0xd0408c0f53ba3178L,
-        0xd60edcdef9fbd6c5L,0x3cfa4536eeebb802L,0xcababb7b03709682L,
-        0x13ee6a48bce9c097L,0xbd0ef6510d1b0bebL,0x00000000000001d8L } },
-    /* 48 << 406 */
-    { { 0x57b087c3722f09b6L,0x1702ccf501659998L,0xf3e88554769ff3b4L,
-        0x0ceaa311b9b58b5fL,0x3200928faf05be70L,0xd7254305405c2f75L,
-        0xd48bc6c28cff9a05L,0xc951c65d71aaf653L,0x00000000000001e0L },
-      { 0xb1c60c62e06a762bL,0x95d42294d121d094L,0x16b88a5dd0a2ec1bL,
-        0xe5baf8f2f27ab833L,0x81982eb5a7742d30L,0x0244c5595e8d4a52L,
-        0xae2e0d639ff0933bL,0xcac9c143c0641fdcL,0x00000000000000dfL } },
-    /* 49 << 406 */
-    { { 0x0729d23aaf7d4710L,0xcc26cbbed18d4ee5L,0xbbad9a780031ac64L,
-        0x4cf6f0857d9c26d5L,0x4f7a82d40d1a7532L,0xbe268e66d13e2a2dL,
-        0x14bae8a771bdd2ceL,0x3c3d7fae6b5df00bL,0x000000000000008bL },
-      { 0xee205513e5ea848eL,0x3b6a3e27dd421986L,0x21485c6e461b7f1bL,
-        0xa62bc7b5b14b5037L,0xd6372abf560b7bafL,0xaa6228c9c962a69cL,
-        0xdf2b172bb089d815L,0x7d1775058d97fc0fL,0x0000000000000167L } },
-    /* 50 << 406 */
-    { { 0x1b2752ec9c586918L,0xb3fb67c153a201efL,0x105199bdd73f0eb0L,
-        0xae01712810aeafdfL,0x1426b2b52a519a78L,0x68e86c5a1ea4f48cL,
-        0x98699970a6f22d9cL,0xc80564d51a9de939L,0x0000000000000000L },
-      { 0x41f8c7fc85bb70b5L,0x4bdf510c78874a6cL,0x836e36477192332fL,
-        0xe71580260d3877cbL,0x76eab30d9db5fe34L,0x5cf92e6aacafab64L,
-        0x9dfe39041fedad0eL,0xa9be6419c83bcb00L,0x00000000000001d2L } },
-    /* 51 << 406 */
-    { { 0xef6dd59eb9490407L,0x40b3ffc7cce5657cL,0x303b86892997c881L,
-        0x10ba288bac9e88b3L,0x0598dc047e06cbddL,0x6b6070f9b8f3fdc5L,
-        0x1b6e0bf0bf167eb0L,0x832f256f61823b3aL,0x0000000000000066L },
-      { 0xcaa38eb16ba2d1a7L,0x0e9eb2b5e34c102fL,0x45d0a0412f3f191fL,
-        0x1883b65b78e42f37L,0x106790f4b3d340d5L,0x5bbca96e950faf87L,
-        0xa5b7401125d0e75bL,0xbf6a2e4aa9a5b37eL,0x000000000000004aL } },
-    /* 52 << 406 */
-    { { 0x66cb0db47c4f8f4eL,0x81ae6d75fc21f5f6L,0x19e8fb8714951a87L,
-        0x52ecee54602c5224L,0x50a823a8e408b25eL,0x32aad7d9e372c922L,
-        0x80a117c8e03a5ce6L,0x9b62059c2ca7f6b5L,0x00000000000001b2L },
-      { 0xc50397739d676975L,0x6959c6b5becfc0f0L,0x7b73318a43d30b32L,
-        0x0c0aac5b6048cafdL,0x77f3201dba7d3c59L,0xa5a05d3e09004fddL,
-        0x711b1b17ada3810bL,0x0b9f7679a6eb6d1eL,0x000000000000017bL } },
-    /* 53 << 406 */
-    { { 0xb111d5049113f1d0L,0xaca7880f301363d8L,0xd1a3a3a0715d0296L,
-        0x7c7131450ef65ed6L,0x66eaa22b454a687dL,0x3818b9757349a9fbL,
-        0x5062a36e0d2022d4L,0x528e46da2ff88497L,0x000000000000010fL },
-      { 0x32a84b8a5de50ae0L,0x76263a196884f659L,0xfd8bb04c315d19aaL,
-        0x949d5c4b8c484043L,0xa6b46b769af8ac6dL,0x30ceb799b23ae2b3L,
-        0x0ea36685daf44f51L,0xebf5489e57d1f2cbL,0x0000000000000179L } },
-    /* 54 << 406 */
-    { { 0x72ba03aae5c32db9L,0x674c55738d0d3eecL,0x80208af9ccce2df7L,
-        0xa35d4b811c853818L,0x9c9e525e4027990fL,0x1d4307391f2d304fL,
-        0x557a34c0e56780b1L,0xd88631e7384f416dL,0x00000000000001dcL },
-      { 0xe13dbdcc305ed92cL,0x7344f3ebfb1445b9L,0xe84a2541d10d4b7bL,
-        0xc0063b826bc03673L,0xa46a733bf4f6b339L,0xa6c0138431320032L,
-        0x3b6f5b9634212c42L,0x445752ddb9601168L,0x00000000000000b5L } },
-    /* 55 << 406 */
-    { { 0xebcab29ffe8e565bL,0x7b04357f43480e76L,0x153ea7357ce43f36L,
-        0x04ce126da3cf5166L,0x3eb43a6e0f412fffL,0x4ede4ce058733496L,
-        0xe90b4291aec2250bL,0x35811220bc4b63d6L,0x000000000000005fL },
-      { 0x2a1d458659ff9b9aL,0x61d60d77a684082cL,0x3bcdaeb53ca06170L,
-        0xe5793487801582c8L,0x73754dacbdc327b7L,0x4e9f7a1aa91091d6L,
-        0xb1dcf63b688c3076L,0xf781dda2a455387dL,0x00000000000001a7L } },
-    /* 56 << 406 */
-    { { 0x3f28171bd3179895L,0x91ec9bdd6470fbe0L,0xd6713024aa1ab0a3L,
-        0xbdb9e60388393838L,0x29c6d976170ffe51L,0xb415ce2c20c85e4eL,
-        0xc816b042aa9a7f5aL,0x0f7257df41dcb044L,0x0000000000000139L },
-      { 0x16044c1463dbe97cL,0xc36a41e8dca02de3L,0x7c9403766849e580L,
-        0x77b372d1d1bf053bL,0x539e249d175c2a6aL,0xebd056bbf0e17332L,
-        0xf7b71bf6e62c02a3L,0x8e8636d754ee354cL,0x000000000000014aL } },
-    /* 57 << 406 */
-    { { 0x23975ca006ea445dL,0xc8c0af23792afff3L,0x648b22a1089f7960L,
-        0x38be1485789e86a1L,0x09c7f82c8e403792L,0x00e6a9750da77f58L,
-        0x89ff11bfbbabdde6L,0xdd065345ccf6e66aL,0x0000000000000017L },
-      { 0x8c47de427496b1c2L,0x4c7e85508ad8e562L,0x27bf92564ec11ed0L,
-        0x0764d014f7290f77L,0x02a78a70c49b97deL,0xa88a1ccf1ddbbd5bL,
-        0xe42270462e9e274aL,0xba580882466c1d4fL,0x0000000000000159L } },
-    /* 58 << 406 */
-    { { 0xcc1838a04d0dec13L,0x2d4bdfbc97bd2484L,0x3f6defdb8e61f25eL,
-        0x7f6f45104ea8dedaL,0x013f14a40425fa58L,0x956254689d7d619bL,
-        0x5115c63b5bda4f78L,0xea1900e7fa6e1bf0L,0x00000000000001d0L },
-      { 0xa17989e0363fe2daL,0x2cfd22dfca53cb24L,0x45f91d59881a474eL,
-        0x0e4ab11250329824L,0x8ac28370b72739d1L,0x1b310d913b6d9b75L,
-        0x6ec4da965c56e9e9L,0x0671aae0ffc656cbL,0x0000000000000042L } },
-    /* 59 << 406 */
-    { { 0xb3ab40eb790b8e7eL,0x8eb63013d4788dceL,0xbccc0ef6934a5525L,
-        0x680e70c725f88ec4L,0xd485afdbdb65760bL,0x5d426a75efc322d2L,
-        0x0f83571f2e4bf148L,0x91ccb5dabbec6361L,0x0000000000000169L },
-      { 0xd8887e8d1c57d73cL,0x236b0f805f5fd2d4L,0xb63c2775875a5803L,
-        0x414fc01a4a8803ecL,0x52d5e443d98a3657L,0x18a2f004211e0a47L,
-        0x692f1862d077952dL,0xebb3821e3543f3b3L,0x000000000000002dL } },
-    /* 60 << 406 */
-    { { 0xc543163d23d30fa4L,0x45cc53a2b32b27c9L,0x894b9ca07953c4b4L,
-        0xaabba057bba613a7L,0xc50371ae6ccbb39dL,0x610cdcf53fd4f3c3L,
-        0xad08443a19a9d357L,0xabf74787d519c9cdL,0x0000000000000076L },
-      { 0x4ee3a817e5502ae4L,0x7ab2462d8b39a71dL,0xd6736eabfcfe642bL,
-        0x77479bae25c914e3L,0x95fb92af2a14e2c0L,0xcd33464758bd112cL,
-        0x3165b9a35bc0ed8bL,0x980f3176d89bf952L,0x000000000000006fL } },
-    /* 61 << 406 */
-    { { 0xcce789470c205347L,0x2cdc9548317b0bb3L,0x91761877eb18287eL,
-        0x5da4b78d6fe20d46L,0xaa5a0e4c56abc91cL,0x20d5e538f880504fL,
-        0xc8b49ff54cf760dcL,0x84ce19efc16bc484L,0x0000000000000055L },
-      { 0x26ddf4fc8277a9a9L,0x1084e9e795284106L,0x4ae96058d6f31a98L,
-        0x8768d94c4ca76957L,0xabe0c7dc4291c752L,0x742e8a5c902ed035L,
-        0xb19d63427e0da040L,0x8340b9aae19b885eL,0x0000000000000089L } },
-    /* 62 << 406 */
-    { { 0x1db573165a1c76bfL,0xff18d5ec4afc3851L,0x2c1949939579a536L,
-        0x18b565e4bbffa98dL,0x446f6b2146c634e5L,0x7c8e557e54f8c188L,
-        0x0bd678caf2a2547fL,0x3898e9617c679a91L,0x0000000000000195L },
-      { 0xc9629fbf5b94cca3L,0x4f2c7c0bc3a4b9fbL,0xb497be19d7c9194fL,
-        0x7342f77aef265586L,0xaacd585fdb0e0ce7L,0xa4cc7b4bf17cef46L,
-        0x72e0c651d630df1bL,0x39514c9d4e7fd042L,0x0000000000000163L } },
-    /* 63 << 406 */
-    { { 0xf81da77e080bdb19L,0x42e0d16218eff3daL,0xaecdeb9ed5246df2L,
-        0x4bb5a16667f90950L,0x9eea36f3914df6afL,0x92f0cc9b6bd50255L,
-        0xe1756a88acf4b34aL,0xa30cabc40a3069a1L,0x00000000000000ddL },
-      { 0xc407225c59098bcbL,0x957308996d9a4295L,0xb4e208abe995c4f4L,
-        0x42560e5040f907e8L,0x0e6c38dbc174276cL,0x2360c05488cff7dfL,
-        0x31e7aa6539f892a2L,0x4ffde5e9b9592227L,0x000000000000009bL } },
-    /* 64 << 406 */
-    { { 0xf7593760e63885d6L,0xce5054bb86e546caL,0x5910ad526e9567b2L,
-        0xe812cf7be420aff3L,0x266049fd904e9676L,0x42d0e2ab2c8b34adL,
-        0xf79f8f91a4382f29L,0xf8cde3ed41d531deL,0x0000000000000035L },
-      { 0xe514497fb16cc1f3L,0xbc044f39627db2f6L,0x76fa5148a1fa2bdcL,
-        0xcf7eb72e5fe3fd7aL,0x83236c11ee3d45e6L,0xa02d7e92c4eddb54L,
-        0xcfb5bb894d4982a5L,0xee6ac2a27c217ea5L,0x00000000000000bdL } },
-    /* 0 << 413 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 413 */
-    { { 0x1e5e42932f3cdb19L,0x9920316787214e3bL,0xba80fbfe93d885a3L,
-        0x58f3ecacb25a2700L,0x2c4a14d369f5d172L,0x478313d4816ebaf0L,
-        0x41018d31c93f7738L,0x5db7131e06ac6002L,0x00000000000001b4L },
-      { 0xa5d3687295b8edbcL,0x47931810945b9473L,0xea5b3ffea82c5f49L,
-        0x5ed84f08f491bc9bL,0x1492e5349b3b994dL,0x4788372dda6c1225L,
-        0xfda4521440022d06L,0xfb0bcf49fbca3d03L,0x00000000000000a5L } },
-    /* 2 << 413 */
-    { { 0x8a4af8ae25144121L,0xd89467b7ec215026L,0x3ab6cb7fe013fba2L,
-        0xc15a056935f18f1eL,0x8bd48a1d70933beaL,0x6a40474a5b8c61f6L,
-        0xad967b15b5158afcL,0x119a0ee96d7f6e5fL,0x000000000000010bL },
-      { 0x895e3e94a548551eL,0xfcfe2882eb65fa7eL,0xafa1800f3582920bL,
-        0x5cda388ebf58e02eL,0xe7aad6f7fb270f11L,0x95a2636fb7e27667L,
-        0xdec591d7a3be4195L,0xde0e7440808c1315L,0x00000000000001b5L } },
-    /* 3 << 413 */
-    { { 0x57b9da073a771403L,0xde6ee702ab21fe58L,0x60d32de6843aacabL,
-        0xe522b9569064dfbbL,0xb4b429207ea0dcadL,0x4222697aa3f46a45L,
-        0x1557d30b3be7a95bL,0x712ca7479fa83859L,0x0000000000000153L },
-      { 0x162516d415fb1ac0L,0x44b19cb0ee7be87aL,0xce8815eb3d9d86b1L,
-        0xce8f13f957331615L,0x78e8539ef71faac1L,0x29154b098e5ca8bcL,
-        0x45b36262312e4c96L,0x2e03ee8680940f73L,0x00000000000001c2L } },
-    /* 4 << 413 */
-    { { 0xe95ab9e7ef05ef2dL,0x29ec067ffd5cc417L,0x67c10bc739402b0aL,
-        0x109f7d511e9ca8acL,0x0b10550bf8efe529L,0x0bf3624cf18c8decL,
-        0x42f686f33746474aL,0x0f8a831140052446L,0x00000000000001f4L },
-      { 0x56303452329ed806L,0x1d80c752654f22d9L,0xf41fe1729f61f3ecL,
-        0x7d4ad71e0cd5fe42L,0xffda94addd164da0L,0x260a2bdf7f19c583L,
-        0x8e8673245d6229daL,0x1d13d05c2fc87ae8L,0x00000000000000baL } },
-    /* 5 << 413 */
-    { { 0x5750d281b1734753L,0x0146bc94d4a13019L,0x44c6f69714e0f6a7L,
-        0xbe893e5aed528e03L,0x1e980b908750b50aL,0x7edaf7fca9de6cc1L,
-        0x093cd32faee636cfL,0x293d801a61a0b0deL,0x00000000000000d6L },
-      { 0x154f8d1810a54f0eL,0x8a0e70ea4a976afaL,0xb2fe0d041d2e4d9aL,
-        0xc6c5afbc6229b256L,0x8d0ca0e734bc3bc8L,0x93d5a4cf47a7a58fL,
-        0x5413ec8faa6e0b8fL,0x1df389c48d831011L,0x0000000000000099L } },
-    /* 6 << 413 */
-    { { 0xe4f52ec5ba7dcf59L,0x345c1385d5dba9c9L,0x67084813d49a6201L,
-        0x0c8c4fc84ee78000L,0xbe78c6a4e17b9868L,0x6698156608377738L,
-        0x1afdbf526012a726L,0xa884b8f7d2127133L,0x00000000000001a0L },
-      { 0xa4aa47b66590bde1L,0x32398ff9823ee7cdL,0x3f1f7e49967c860fL,
-        0x0ac197d796a0e601L,0xfc6a28c6e61a3207L,0xbe5cb223fbe09f61L,
-        0xe83db350d54bd1b9L,0x44334c2baca898f2L,0x0000000000000024L } },
-    /* 7 << 413 */
-    { { 0xdc7ed009b224af29L,0xc73de9d40e9acb64L,0x81fba2d377629ec2L,
-        0x2f41756aa44ae9b4L,0x7c839101311c713aL,0x608ec3d486c4c015L,
-        0x6a8379c0ee544e59L,0xecd19a437a67b442L,0x0000000000000062L },
-      { 0x05112f63cad5be69L,0x9b97a7f150c4e5d0L,0x8744e98ae7e2d407L,
-        0x9359564016ab7f96L,0x87dcf03cdb24a32bL,0x2f9216bbabf80ae0L,
-        0x38dc2b86701a21e2L,0x60a15b35e64ec8ddL,0x000000000000005cL } },
-    /* 8 << 413 */
-    { { 0x141838bf8fe6f511L,0x8e9ff343ee745e2eL,0x71da9fd502325306L,
-        0xa527b9baf0d0d68eL,0xce19b22c31144649L,0xca9b778b0bfaa46cL,
-        0x66e689a76ce31145L,0xed43460dd8d1da21L,0x00000000000000bfL },
-      { 0x241323f7c1669168L,0x9934b3de79b94b5aL,0xd332c1a2d9f9a406L,
-        0xbe3ebe21e4a49eacL,0x4a00648e678be3edL,0xc9f534eaff09db31L,
-        0x2de774065efdd859L,0x2c218cd800f5c7a5L,0x0000000000000152L } },
-    /* 9 << 413 */
-    { { 0xb1f44e10e8216c49L,0x8242ce59391c90c6L,0xbd3ec80b1e6415dfL,
-        0x8055d00e364ed350L,0xc0499dd8eecef27cL,0x6fd2d8c71658459dL,
-        0xaff8a01800a6c15aL,0xa2f028d8406e8a9aL,0x00000000000001a0L },
-      { 0xc752503f42bd3f43L,0x87e708599710bbddL,0xcda119c090e6eed2L,
-        0xf1a7a1b2596ec879L,0x479f3fec24fd1933L,0x717a613abb82f79dL,
-        0xaae73616faf9c1b5L,0x865e91b7cf129fbfL,0x00000000000001c2L } },
-    /* 10 << 413 */
-    { { 0x9a111bb32120bf4eL,0x18c2fc772458882eL,0x0c3480d8e24ebc99L,
-        0x1832974652cc401eL,0xb424bd884fd6a487L,0x5838dc6a822adf42L,
-        0xf5a46a3cdb196a29L,0xce7baaade6640b4dL,0x00000000000000e0L },
-      { 0x231ac4cdc62a4ac7L,0xa25cea601851842aL,0x5ad82748d7a79770L,
-        0x8fbffa6ebb164240L,0xb64ecaea85db52c0L,0x4ed71ef3b05a83a0L,
-        0xb1a5c366f87d6991L,0x52f4a0043ccb2067L,0x00000000000001b1L } },
-    /* 11 << 413 */
-    { { 0x4d6fd5b3a11c9d5bL,0x423db5f508656d72L,0xb0f9e57833051a59L,
-        0xa6e49ec8797e73aaL,0xd2c1bf6eccc0d215L,0x4b3dd3e2d320576eL,
-        0x317f7ca5d773e88dL,0xc37a7f0f5f88be68L,0x0000000000000114L },
-      { 0x033fd47e1b2e6090L,0x297dbc0e211a3ba1L,0x8808924481671ba6L,
-        0xd2f3670ba568cc06L,0xf41dff3d58ff526cL,0xd9ce52f41a33b324L,
-        0x2e0d362c12adc150L,0x8da85adff5f36b5fL,0x000000000000000cL } },
-    /* 12 << 413 */
-    { { 0x876382e3b6899299L,0x0b4845d3c420faf5L,0x6e09254c04b364c6L,
-        0xdbf5ee2fc3ee3781L,0x518c5aaff1a2f07bL,0x48e496f4e09ca02bL,
-        0x325878764d599f03L,0xedf96e075a7941bfL,0x000000000000005bL },
-      { 0x38dd2793981bdbc6L,0x9b21020129395b8aL,0x924ded1bd1678774L,
-        0x7a77150735ded04eL,0x2275228145c78fe2L,0x8e500fde9ce86720L,
-        0x5998350640caf83eL,0x38ff8869b773ada9L,0x0000000000000173L } },
-    /* 13 << 413 */
-    { { 0xe8ff5ac6ed7cf572L,0x7f686a590f1e28a2L,0x62427eac20faa4deL,
-        0xb6209fe31ad4d13dL,0xd2e05eb22ffba92bL,0x2c9345eae68093a7L,
-        0x281b99996eec4207L,0x7ea83de8e452091aL,0x0000000000000123L },
-      { 0x923bd3311639d5d4L,0x68c713339a8bf71eL,0x4d9d8d20c6a51254L,
-        0x81954588c3eeaf0cL,0x5cab2bcdb7fc166cL,0x0375c8b7c95eddfbL,
-        0xaa864a1f451c9fc1L,0x0c658f1f7b744928L,0x0000000000000058L } },
-    /* 14 << 413 */
-    { { 0xef5c1e91a73432dbL,0xdf98b1e4b4f36c7eL,0x68b70bc8d61583a3L,
-        0x0c8264e2ed0b2c62L,0x2b2c0770ea80cdbaL,0xf057643161bb4804L,
-        0x66e3ebbbc240ceceL,0xf34eada0354bd699L,0x00000000000001c0L },
-      { 0x6134da4fd4514eabL,0xff414ddaca338f1fL,0x588506f10fc1b9aaL,
-        0x5bb66b45bb21daf2L,0x093354525824998dL,0x2c9c4959a8e47c78L,
-        0xf7e6339c6269c6c0L,0x5551260b237e9835L,0x00000000000000c5L } },
-    /* 15 << 413 */
-    { { 0xf4f12f1396123090L,0x471d20baf841a4f6L,0x2086017985371d0fL,
-        0xe655cf99bb77de97L,0x246595b0761430d0L,0x4361b05f54503716L,
-        0xebdb356a33210d4fL,0xc429076db67e1961L,0x0000000000000072L },
-      { 0x3a611d84c57d8e8fL,0xc0bc94ea1b749a8dL,0xd8ce81683a51b900L,
-        0xd595034f38d06f25L,0xc649def4bfc48667L,0x755726c0ee42d04eL,
-        0x100a8ceff26eff8aL,0x6d43ef9ff86d056bL,0x0000000000000112L } },
-    /* 16 << 413 */
-    { { 0xfe1b039aefd5cf86L,0xc7fbca26c0945b5aL,0x6b30e2e0887a27a1L,
-        0x0883a38be7cc98d9L,0xa646c35bfb2138f5L,0x735769df74f0c200L,
-        0x9fcdf60a2ab20e1dL,0x4e0acc801f2e11dcL,0x000000000000013aL },
-      { 0x00caf22515abd8eaL,0xe5f47384cb2e6e92L,0xa9186f93be14ff19L,
-        0x4620d2c916ca5bb6L,0x22d4fc0ebddde27bL,0xd6f04a09a1c81269L,
-        0x25d65811fac277d4L,0x803293db322ab775L,0x00000000000001e4L } },
-    /* 17 << 413 */
-    { { 0xb3ebf1380ba381bcL,0x7289d26e159f83acL,0xd45884b4642425deL,
-        0x644daeecebfd5e89L,0x22c6df37f5f65270L,0x376b8127b6bcf3aaL,
-        0xbda049d4f4ec524fL,0xfd412add737fba08L,0x00000000000001ecL },
-      { 0x060c42cd0ffa17fcL,0xf6e37fbf8b4e9a97L,0x7681530396b17356L,
-        0x92c4519627ef9df3L,0xd048c276a0fb6660L,0xb69785e8b4f971c5L,
-        0x6f2a394cfc90d573L,0x2ff151e18d0558cbL,0x000000000000011cL } },
-    /* 18 << 413 */
-    { { 0x7a118320596008e4L,0x7f469890b45b8849L,0xd05018829fd8988dL,
-        0xdba0b02ec8fc3c87L,0xc10a7d57333e0ac7L,0x63c960014e554169L,
-        0xbbde212e773150ebL,0xb654d3d86d7967aaL,0x000000000000017bL },
-      { 0x8e3087977a2e5d76L,0x8e58379ea352086cL,0x8f9c8c8c4797c0a5L,
-        0x329c35097c491506L,0xe43fc3699312118fL,0x0d96ba0101989af1L,
-        0x60b3e701d8dd5e74L,0xe2954b8011364c68L,0x000000000000018bL } },
-    /* 19 << 413 */
-    { { 0x89318598abb6095eL,0xf838078254f1abd2L,0xbcc578dd4150e804L,
-        0x751c7bdf9c394104L,0x563688d2b10220b8L,0x8f371472362c10faL,
-        0x28e0a341ff5248b0L,0xe79232df6b59cfb1L,0x0000000000000025L },
-      { 0xc7fae1d695e6f9bfL,0xfd2bc6d21b4cb12dL,0x1a67033c7a9fcb6cL,
-        0xe2741449e7f5f237L,0x7bf33fb4c5e0cd46L,0x2bb0a260011b6c96L,
-        0x55b14f8b11c51582L,0x861b24259938fe56L,0x000000000000000eL } },
-    /* 20 << 413 */
-    { { 0xbb34d7849d0d6a8eL,0x181372ae5249d4aaL,0x70542a6f2a73950fL,
-        0x74b04f0ccdf2e96dL,0xfd9cae5b3fecace5L,0x22fb4d8d19fb6b62L,
-        0x3252d045e69c55fdL,0x7290f7fac2bc4211L,0x0000000000000148L },
-      { 0x10d8e574ec7e23eeL,0x8d6c5a23c7a555e7L,0xd583c8aa140a4f49L,
-        0x0de3c0d4f10191c9L,0x985e0201d4d1e937L,0xb5dee6abc3a7e70fL,
-        0xc212b74b44de1f4dL,0x1f745d35ef35b040L,0x00000000000001fcL } },
-    /* 21 << 413 */
-    { { 0x622c60244c78f076L,0x6aeae9383019aef8L,0xdbb4d128ff3e8a56L,
-        0xeedc83ec8eff26c1L,0x3cfe10dfe4beda18L,0xeb555398b2972b48L,
-        0xb79caa949ebce9fcL,0xb0425e6716bc49b2L,0x000000000000007dL },
-      { 0xe7d34bbe0e8a5400L,0x5f50f6422d2e374cL,0xaaa6e26d82100013L,
-        0xa79dfb31cb6bd0d0L,0x81573d70aca0982bL,0xeedac6643d0964ceL,
-        0xf1b12fb1a8f4ea97L,0xf9885103b636c8e3L,0x00000000000001e6L } },
-    /* 22 << 413 */
-    { { 0x6a3f3b0cf066b354L,0x58cc7cfecdf5d33fL,0x299206fb3b7bbe62L,
-        0x590ee606197b5384L,0x09ca781aa8bf219fL,0xd2bb936cc54c6d12L,
-        0x3053151291abf037L,0x5d04db05244e2825L,0x00000000000001faL },
-      { 0x31e28fef6017bd41L,0x44fc27841c446006L,0x6265b3097dfb20a1L,
-        0xb460776dd6aebeb7L,0x3c2abf087b9a1601L,0xac3464126c7f692fL,
-        0x8fef9006b988eb33L,0xad7ea2997832d27dL,0x0000000000000053L } },
-    /* 23 << 413 */
-    { { 0xd5d2fa1109089d81L,0xb4399d888abd7968L,0xc1716638eb869300L,
-        0xd993cdb9e1cd6275L,0x241d4c2ab8310dd0L,0x031e500abe369875L,
-        0x5a6ed301297c9a3bL,0xf2435b9230b41f99L,0x00000000000000c2L },
-      { 0x08100d2cdf2c3657L,0xa6ac7c13b29b6405L,0xc3a7b5461f343164L,
-        0x8fd10a6b9665ca07L,0xfbfeed84171e0f50L,0xa7d5c01d4f409d69L,
-        0xdb8be8f366209239L,0x68e69ee888fa3ee3L,0x00000000000001f4L } },
-    /* 24 << 413 */
-    { { 0x323e1b7f0a823516L,0x8f4e9152673254f7L,0x5e5d719041599b9cL,
-        0x96bfba24a1198accL,0xb1b6e75bbbfcd72cL,0xfd5955f2f4894626L,
-        0x109edfea898bbbfdL,0xd36929041f468074L,0x000000000000016aL },
-      { 0x089d12a99bb7d749L,0x893ebf254ffc33d9L,0x6ed72c609097ff49L,
-        0x9291e1eeb4e1d91dL,0x0dbfe58272a07882L,0xac41065fbe0636ecL,
-        0x43d74f8bf4234bd5L,0x01bfb0850a28fdefL,0x00000000000000b5L } },
-    /* 25 << 413 */
-    { { 0x01eebda491b42f54L,0x891ca7438f8e24d8L,0x98ff0a26d2362d60L,
-        0x82147d21085b187bL,0x469ab10225f97fb1L,0xc404bd2bd0280e20L,
-        0x292592698ecdb68eL,0x570b7a92d5f50c44L,0x000000000000010fL },
-      { 0x381f68256c856631L,0x4c3d2172fb2c1f40L,0xc1beda5173da2dfdL,
-        0x442095377d9d1ad6L,0xe94807503a33e01dL,0x697d86895fcfeaa8L,
-        0x5d933887a8b9155aL,0x2582c294d2a8f48bL,0x0000000000000064L } },
-    /* 26 << 413 */
-    { { 0x03ba5094920b66a3L,0x65239fc4ebe42bebL,0x68c63f3dc4ce1efeL,
-        0x33084ea54ad8b52aL,0x28873c93b9e33e89L,0x00d6e65e1410a1ecL,
-        0x21cc87d07e79c97fL,0x32bb9986b1277db9L,0x00000000000000daL },
-      { 0x659619b4c1ae88c5L,0xef1b0ea112d24497L,0xc0646672983fec9aL,
-        0xb105138fb42b7079L,0xe0a6eccec2900a1eL,0x5e2eac870b094635L,
-        0x8750a30ab8659fc0L,0xc3aa9a0f9b73a020L,0x0000000000000024L } },
-    /* 27 << 413 */
-    { { 0xf6cd90c7b7e01593L,0x3c0e6245c0096352L,0xb55ed8331cf5a335L,
-        0x480e68de18962d59L,0x83d09d6992f059beL,0xcbd11b027f28d3deL,
-        0xdc5b2e864e26e34cL,0x66e2f6e9eac14dddL,0x00000000000000bfL },
-      { 0x1c0928fba612de24L,0x407a55a5d1db9f9bL,0xa64ea668b6f50f0aL,
-        0x7d1c14e9ede7c9d9L,0xef7fb4b775353ab5L,0x7cc7e66146f1bc70L,
-        0x73dc29babf7e44d5L,0x26b2e00643e6f0beL,0x0000000000000146L } },
-    /* 28 << 413 */
-    { { 0x3463165d755e8efdL,0x96650fb2ac359a78L,0x1059dde3f00748afL,
-        0x0e20212f58e38d2fL,0xda345fe4debdfa10L,0xdf920bc8667e54c1L,
-        0x03953f8ba4dfa4edL,0xc7638154ebb27882L,0x0000000000000110L },
-      { 0x950085ee132434eaL,0x8a2bdab57120a652L,0x28ded0be42ab161bL,
-        0x9b55dc39bf1c6faaL,0x71e94dc9261ea91bL,0xe52990b0c6996959L,
-        0x62bd7c41582570a0L,0x61d8fc99be597471L,0x00000000000001deL } },
-    /* 29 << 413 */
-    { { 0x6dab19378a42408dL,0xc005cc1ff3a80b5aL,0x0a1030f0b8a2cb36L,
-        0x171576f06fc3169aL,0x0b7dc150952294e9L,0xf506b4c3053cf79cL,
-        0x417ca443c70ed2aeL,0x80bbc72684c09424L,0x0000000000000113L },
-      { 0x6ecc2c85cfe818a1L,0x9610f7d24e78801bL,0x8c33fe9336b49aa4L,
-        0x10eda040e5b58e18L,0xd58d1b7b2a8213fcL,0x4db6dc12d932602dL,
-        0xb3a161343b1df67eL,0x734f2ef4b1746724L,0x00000000000000a0L } },
-    /* 30 << 413 */
-    { { 0x37ab4d79ce269559L,0x80ffc5068ba6574dL,0xbcddc7871b2a6d07L,
-        0x8d2f43928c76de3aL,0xfd6347a2f6c3616fL,0x2c47372d5d8a2a7dL,
-        0x246d8873d86e2015L,0x265dc733e339dc8cL,0x0000000000000172L },
-      { 0xa0c9d81159538718L,0x0f7fb3fc26e1da06L,0xa5aaacf82c28577cL,
-        0xfd956a4de59804bfL,0x2046deb77de0e903L,0x7388e7374774c173L,
-        0xcce82ee06107d1aaL,0x2c3d2f51b2eca2deL,0x000000000000012cL } },
-    /* 31 << 413 */
-    { { 0x4294d5f39a9fc27fL,0xfca710b946c678aaL,0x34fbc512549d8927L,
-        0x918de41068015dd0L,0x7c2cf8de5260a6f3L,0x4b248ddb0523096aL,
-        0x7b8493dcb1a42b11L,0x5fe79c0650631110L,0x000000000000016cL },
-      { 0x3dd89707a7ed1ec3L,0xfcc8bb190042f593L,0xedfd3f0813a4e462L,
-        0x33ea61fa56ec2b76L,0x56cd7669dd665c93L,0x62ea3ebdcd19b6eeL,
-        0xa312ca02426ceb4fL,0x7b3645d0137b2440L,0x00000000000001a6L } },
-    /* 32 << 413 */
-    { { 0x9d0dbabb1ec238d2L,0x3f6c4af337e67e7eL,0xf7a6b09464dec6e9L,
-        0x1f53fd502c2724ccL,0x5f333d4751bcaa0cL,0x63cc89baebae3589L,
-        0x2b90af90f0632831L,0x8f6af6cd4d18cfd3L,0x00000000000001ceL },
-      { 0x8b34e44576940e65L,0x264a0d8fc1c34c11L,0xd433303f4120afc2L,
-        0x240a12d6f7e738b8L,0x574fa7156e921883L,0x6b2bb33c02d74e8cL,
-        0x7b193e240fe8e9b8L,0xbe954bad506cc6d4L,0x000000000000011eL } },
-    /* 33 << 413 */
-    { { 0x63299f8ad1979cd4L,0x76ce11cd53a8f2ceL,0x8f5247314756f0e4L,
-        0xb360ef86d6312ae0L,0x26b6aa23146945f7L,0xfc5e0b3453c2b57eL,
-        0x41cf74a99e4fa20eL,0xbc94194f872c03ecL,0x0000000000000179L },
-      { 0x30c171bd96d3ac18L,0x6a93906b7a26ef90L,0x60f1820bf5a6d675L,
-        0x2abec262860a7536L,0x82a44ef7a356d631L,0xa00527c8dd13a5b5L,
-        0x009955617328996bL,0x8e004ab9a0e8f5ddL,0x00000000000000faL } },
-    /* 34 << 413 */
-    { { 0x591f47c9c2db5c7bL,0x83799ff638afcd10L,0x02aca0a07a4fbfe6L,
-        0xe2cf1215d818414dL,0x46330ef3f9419a89L,0xe57b3b7dfcacb608L,
-        0xe2af0b7111de170cL,0xb3dae14ca9f7cb22L,0x0000000000000001L },
-      { 0xf518e5500ae03740L,0xaf9575680d43e335L,0xf341260f5fda61ddL,
-        0xf7fabc68d815ff6bL,0x446f516f11bba091L,0x7b6a7a028c2cbe3aL,
-        0x3ef55ec98ead682fL,0xfa11057b08472496L,0x0000000000000105L } },
-    /* 35 << 413 */
-    { { 0x2ef8dcb991d78c71L,0xea57b096b79b7989L,0xd9cf5cb49b8be524L,
-        0x692d270c0fa151a8L,0xfdd28e1b32b69968L,0xcd3323ae8d8d1e47L,
-        0xfa44d78f4c086337L,0x756f8b1c42359ab6L,0x00000000000000a9L },
-      { 0x5d2941884498e4d3L,0x486cc3fb4a2e8a97L,0xb3629ceb4420f08bL,
-        0x23cb3922a710733cL,0x17ad6e1a321478b0L,0xfe521732df1ff995L,
-        0xdc11dffc4dffeff1L,0x5ae4b2e2957afd54L,0x00000000000001f1L } },
-    /* 36 << 413 */
-    { { 0x4b597ec0dba12c57L,0xb3b2dc7de1fc4b5dL,0x4752e40f15050e90L,
-        0x1fd86c1acda9bff2L,0x5a398964f73d82ccL,0x1f59263b323ec620L,
-        0x350c881919bf5ae6L,0x6736c9f029ecb6c0L,0x000000000000003fL },
-      { 0x4c7f061a627720abL,0xc5011823b7be99bcL,0x5ad5f70496a77f9bL,
-        0x9843b728a8f8d2d5L,0x82d03acee3a8b30cL,0xd03952fe2b786acbL,
-        0xe01b07d58d17f32aL,0x21a6c2baa479b6f1L,0x0000000000000156L } },
-    /* 37 << 413 */
-    { { 0xbd4996a6408964b4L,0xd39f56b289c25effL,0x4b58c175a1935189L,
-        0xeeeb51b457351b32L,0xbad2424c58c15022L,0x88532ce5e3ac5df4L,
-        0x297db1951a613b42L,0xa9826d4bc9b4b0f6L,0x00000000000001faL },
-      { 0xf487960c57881c0fL,0x1b67319734f10432L,0x484f2a40f6a2141fL,
-        0xfb9e8fd2449bdb38L,0x088d6e6184f4e1adL,0x93b7cb1a2e4ac094L,
-        0x855999084b9fb3bbL,0x6f601e992f3be966L,0x00000000000000e6L } },
-    /* 38 << 413 */
-    { { 0x24993c953bb81c62L,0x93e513dfff3eb22eL,0xf23a18b7b756ddd6L,
-        0xa6cfc668247dea49L,0xc2aa1665cd3a8b9dL,0xb5a556189fa99e24L,
-        0x615682b309f23beaL,0x1d669c5bc44b4017L,0x00000000000000a8L },
-      { 0x605339e218b6f759L,0x624202ff67b89ad5L,0x679698559145a96dL,
-        0x6ddb181c7e1ba76aL,0x437631e06eb22bbfL,0x41c8c70078e93567L,
-        0xee67a9ae5e3003f0L,0xeadb9626981a58dfL,0x00000000000001a2L } },
-    /* 39 << 413 */
-    { { 0x47340a8dff6e5e58L,0x597caab368c8ad6dL,0xde8c32ae6b628a7cL,
-        0x694f8cf92168a60bL,0xe41264649434c688L,0x4849f57ba8be6f19L,
-        0x5ed6e3517879dbf8L,0xeaabde98d33e7390L,0x00000000000000b5L },
-      { 0xde51fff7393a3029L,0x40930f72b285d593L,0x6cd65dc0ee41a1bfL,
-        0x77c5681d80dfeed0L,0x8f33ecee8afd229dL,0x137a4d675cf8d15cL,
-        0xa7855f8aa67e504aL,0xb9a6700bb52b6c48L,0x000000000000012fL } },
-    /* 40 << 413 */
-    { { 0x4054b365d1a4a65eL,0xfa395e2aa04b2f59L,0x1c6c3b41bf63d17aL,
-        0xa639fb26abe2aad0L,0x008f81600c9a565dL,0xf5efa9e691061e61L,
-        0x7731c2f76e881f7fL,0x3623cd7c9074b4aaL,0x0000000000000016L },
-      { 0x20ba924b1037873eL,0x7b7107acabcfd34eL,0xb492ebb905e13406L,
-        0x6dcc3342f08fd2faL,0x08f3a1d364126080L,0x8fb54869fb5bf009L,
-        0x5e66163282442dcdL,0xbab2d8dd5c21d62aL,0x000000000000003dL } },
-    /* 41 << 413 */
-    { { 0x526bab49e03531dbL,0x6c2eb8722e649aacL,0x96751e97a364a699L,
-        0xcfffdf6e00d01fc2L,0x40861a4b3d572fa7L,0xfccb951f606b2b3fL,
-        0xf8659daa1950c2bbL,0xb436a4638af98008L,0x00000000000000e9L },
-      { 0x35d0267b9b0b76eaL,0xc4c6961226bd292cL,0x098afee2f060dd93L,
-        0xc7cbd9c79843bd5eL,0x137f8b62152e8229L,0x81825a8462142fffL,
-        0x5b25f6e808d3a5a4L,0xdaab67c3384476afL,0x0000000000000058L } },
-    /* 42 << 413 */
-    { { 0x989bda89821ccd3eL,0xeddc91644cdc3d8dL,0x6a06cd546cf20b6fL,
-        0xf53d75fcb49b3f50L,0x18e2b09f8e214907L,0xff1c4a578857d58fL,
-        0xd2ea3b54af88ce82L,0xc40ea7f424289152L,0x000000000000010cL },
-      { 0x6e9760861ae764a2L,0x79aa8d11fad90855L,0x4e04c7c51ac4067dL,
-        0x4e48d0714b54abd3L,0xc15e12f487c57ef4L,0xcf0dc49e73dea84aL,
-        0x87d2022055e54611L,0x20aa68d70b68bb26L,0x000000000000017dL } },
-    /* 43 << 413 */
-    { { 0x90ddc3205b3c6e1cL,0xaa2d087cbff4a8c1L,0xbdb8dcf2062349a6L,
-        0x06b762825d602038L,0x9f0411cf6739dce2L,0x603ecc513feeaa4fL,
-        0x8b86e3803aba1b86L,0xfdbeff61e0da26dbL,0x0000000000000050L },
-      { 0xd403b2587366a1ebL,0xfdd4afc3fe7e6844L,0xc55a20ed2e8391dfL,
-        0x31d85dd7c875e460L,0x50afaf2183d6c41fL,0x0ddb52a859e9a2b0L,
-        0x5481ec9d971ed465L,0xdd22f0619de7c8d1L,0x000000000000011dL } },
-    /* 44 << 413 */
-    { { 0xa62823964d464d88L,0x4723b946caeab8f1L,0xe68a25c31a3f1da7L,
-        0xb8c1bae54696044bL,0x7cdc5fa6c27e2468L,0xd54c65dc55d7b1c5L,
-        0x9fe5872486b67022L,0xe4e5bf99be39934fL,0x0000000000000069L },
-      { 0x1e79773b464a3c68L,0xbbdccc3899fcf4caL,0xa3023f20e69d9927L,
-        0x39de0edb203fce2aL,0xebfd0e18fab9a998L,0x14b7b1e1bc60d079L,
-        0xfa9a20add10760c5L,0x5050fd3e820f2a0eL,0x00000000000000a8L } },
-    /* 45 << 413 */
-    { { 0x4d4028e3962d3e22L,0x221795bb8df85019L,0x3e93eba3b7f3dda7L,
-        0x18d2aa25ba5f7d48L,0x5811dbcf5b36ec49L,0x74878d24bec9449bL,
-        0xb331d19575d88654L,0x68d14252ee93f20fL,0x00000000000001f6L },
-      { 0x4c3947ef517f4d8fL,0xac81ff08fd781b82L,0xa8183a60afd02499L,
-        0xf11fcac98cbf1552L,0x639c9edd2464822eL,0xa6a0974551617891L,
-        0xf475d74536c25dc9L,0x0e2df3059e3de853L,0x0000000000000133L } },
-    /* 46 << 413 */
-    { { 0xc412881ffe8e6e27L,0xad72506e12423bbaL,0x557e822a887695eeL,
-        0x42741b0e91b1f6c8L,0xcd108283790a1959L,0x526c066463986f8eL,
-        0x7b3c480388675baaL,0x7c7a94618d2b8f28L,0x000000000000012bL },
-      { 0xf3b31c681f34e4e2L,0xe27f6de0d22cec8eL,0x3cb7d2770a843a7dL,
-        0xab143cbe02ae4431L,0x9b786935cce27ca6L,0x63c73cde9c515282L,
-        0x0b6854a1f1ef32f1L,0x843fc37eb5d08cddL,0x00000000000001e8L } },
-    /* 47 << 413 */
-    { { 0x81d165c841a1e954L,0xba30ab7ad97a9a90L,0xebe7c890998f67d2L,
-        0x972185aa63216872L,0xf9859ed7eb4ff20dL,0x13dcc62399e6f6a8L,
-        0x5d2cf8ce47a6b661L,0x2260e1445fa93eaeL,0x000000000000004dL },
-      { 0x062cb12721186595L,0x15bb3dad9cdbfe1aL,0xad2bae7b944c54b3L,
-        0x0dfa4da0ba724aacL,0x6b342cc6bfe51025L,0x4d8bf909d9c2630bL,
-        0xb374c6c6131de964L,0x475e6872835f73c1L,0x00000000000000e1L } },
-    /* 48 << 413 */
-    { { 0xc296b1f684c1985aL,0x971547c5aa4f7132L,0xe3705e1183e168cfL,
-        0x8d00e588c935a3deL,0x853154235262789bL,0x46f2c2ca005f7c35L,
-        0xfbfbadd217ea733eL,0xb32a38b6c9e496a6L,0x00000000000000d8L },
-      { 0xa82e95e5cec8d3f9L,0x8a1efca3e378be9dL,0x6e114d078080d874L,
-        0x514dc754fb9c056aL,0x5781be8966ef6c48L,0x0586bd3834b1ebe3L,
-        0x0e31b44f8a8b161eL,0x20c2b78ad4d62dd5L,0x00000000000001dbL } },
-    /* 49 << 413 */
-    { { 0x97a8c5a9870c8cf3L,0xe01acc6f904f3673L,0x42ee78a16905580cL,
-        0x237eb3fb4e2f3c90L,0xab1806eabe2deba1L,0xf2b6643f66c68eb3L,
-        0x75e0a1d4a509adf3L,0x7a7dfcb64779af07L,0x000000000000000eL },
-      { 0x951ef5e34263b572L,0xe203f49b636a5067L,0x8d229b333377c5f1L,
-        0xd3427aa4c030994eL,0xdc7861d91a84d51cL,0x6454562f195e282cL,
-        0x74a7c351f6882e78L,0x4eaefb0f0798f8c2L,0x000000000000018eL } },
-    /* 50 << 413 */
-    { { 0x2b2188b680f1f0b3L,0xefed65ae394debd7L,0xbeda0fe75d7c51b5L,
-        0x3989a2b6cd0db074L,0x0f5406253d9437f6L,0xf58203c70c0169a0L,
-        0x400e35e9bbc38332L,0x3ea9b7a961baeca4L,0x00000000000001b1L },
-      { 0x58cc97c45059b23bL,0x8f5e67fccf7bd0e2L,0x6baec2aedfc1882fL,
-        0xa0f796283aa69ec4L,0xed7986f2a6d520cfL,0x5fa28f4ac454e929L,
-        0x5835f87541151c50L,0xa3d1fdce3143de1eL,0x000000000000002fL } },
-    /* 51 << 413 */
-    { { 0xea6629b82b899daeL,0xb372b86257edbb50L,0x053f9c62cd45f9f8L,
-        0x395c0f8529604bb2L,0x24100041a1e9e16aL,0xd89d20d72b979b9cL,
-        0x4ff39f96845213e8L,0x077d286e70ca9f63L,0x00000000000001d5L },
-      { 0xa250b87c56f1bcacL,0x9d71c979886fd8b6L,0x079a52682c052432L,
-        0x80d965ccbce043bdL,0xb7590694806ee3e3L,0xa829475e77f75c78L,
-        0x6311b404667c2bffL,0x88343a1c8aa15256L,0x000000000000012fL } },
-    /* 52 << 413 */
-    { { 0x10e4b5a2ad1c282eL,0x6f768a2376e6a2a4L,0xd92b73cdcb93da72L,
-        0x477c839eecc382a3L,0x761d18d5a70b8e5cL,0xd09779d2270ba0e8L,
-        0xc2c8eedfb2ea6bbfL,0xeadbb724599593b9L,0x0000000000000026L },
-      { 0x6eb0aa1c8ec01fdfL,0x3dc88cd0b3ded71eL,0x8c4bcd807bc58ea5L,
-        0xea9404def976a709L,0x97e33a53d73a2a75L,0x8c20e2ea165b3e6fL,
-        0x4193a051ef0c6a5bL,0x1edf6f8c3fb398d6L,0x0000000000000016L } },
-    /* 53 << 413 */
-    { { 0xa1718bfdb4a3de01L,0xe962902ea830bb59L,0xf25d70441a38302dL,
-        0x285917cd4c16cb5aL,0x0b86ce611be8e2e7L,0xb1f2900c6e96d268L,
-        0x18d5185e834190f9L,0x96c4db4bdacbe228L,0x00000000000000afL },
-      { 0x7b57f2eeec9822c2L,0x36ceebfd9b46f49dL,0xb11fa678043a7394L,
-        0x75a9f067e86cb17dL,0xd13a22746e1185b4L,0xa7137a6a24b92829L,
-        0x30f74cfc2edb7707L,0xaa14984f56fca5beL,0x00000000000001eeL } },
-    /* 54 << 413 */
-    { { 0x85d2856b0231dafaL,0xd7fabb5108028fbbL,0xca0066e8602a5eb9L,
-        0xc6d7512e885466e4L,0xe5d1fea841615e58L,0xa2de9d5f996b2a88L,
-        0x0cbd9831554a3c32L,0xabb8d9cbd675917eL,0x000000000000003dL },
-      { 0x10fd5eb68255009fL,0x47fd9bb733d24399L,0x4a4d9629ac5cd8b4L,
-        0xae5aa75cbb1b9747L,0xa6f7516e98397c51L,0x38d011e92ed7e028L,
-        0x3e2e3a3357c86547L,0x13f713fa701e9db9L,0x0000000000000122L } },
-    /* 55 << 413 */
-    { { 0x2662f1810115f051L,0x7e2fe420aa76e71aL,0xe198883adf6a9851L,
-        0x9e4698fb250b8ce0L,0xa9c27caec73858a0L,0xba746550df3344aeL,
-        0xc7c7a7a7a6e81567L,0x942c6f66e35727b5L,0x0000000000000187L },
-      { 0x08a018d6e8a4fbddL,0xfc08d2fd6798242aL,0x093b8894b21316baL,
-        0x4320f88aea4ef1adL,0x28fe97c8e6141abbL,0x50ad5c65d21bc6d8L,
-        0x0840a2a4473c5901L,0x20297e1baf604adcL,0x00000000000000a7L } },
-    /* 56 << 413 */
-    { { 0xea6e467aaeb0d0f0L,0x9fa030d9eb5ee813L,0x9be99873515cdbf8L,
-        0xe608db63a805d16aL,0x5e6255dd9ce2f64bL,0x2d88fb427418bb31L,
-        0x147c74fee7ac60bfL,0x34df0171672b0f90L,0x000000000000004dL },
-      { 0x6c1f267177f1f4feL,0xf64d4242138fa188L,0x55ab5ddd4c0097caL,
-        0x354bb5f3bdbdb465L,0xad6142d579060e68L,0xd9adc1101017b5fbL,
-        0x656ffc3a9f510299L,0x568945bd741ebe49L,0x000000000000009fL } },
-    /* 57 << 413 */
-    { { 0x3b3b40ee0d593a59L,0xd8655c25b704b4d9L,0x58d47bae4ce690aeL,
-        0xe99ebb1f44bfd996L,0x5039cb719e993a47L,0x0e30fe78f47ed3a0L,
-        0xf73f450b5bd344f2L,0x35a41fc7ca7179a1L,0x0000000000000053L },
-      { 0xc9b89a7d4b94e4a7L,0xf84e3eae978f1d58L,0x18ac261b1ea29601L,
-        0x004424d32d91713eL,0x61bfe2f4e594f2ecL,0x444d234da62b8403L,
-        0x77c35ae6dc6b4b34L,0x75fbae457da07a2aL,0x00000000000000deL } },
-    /* 58 << 413 */
-    { { 0x42c072b856afffc1L,0xecf5aac3405b1205L,0xe64a6af0f8f4c098L,
-        0xb29e488cc9cdf82fL,0xa859c42dabc487e7L,0xfe6bd7e9464bdd74L,
-        0xdee72074eafd8d10L,0xa9da876d40f4074fL,0x0000000000000020L },
-      { 0x733dfb9a970d4e05L,0x1560161d4e08df26L,0xadf0d94e3675567fL,
-        0x0e063d520703fd74L,0x91f7dfdb32500e7dL,0x4d20c3881456db62L,
-        0x49311bdb8b5ddfe7L,0x6e844794f76e2067L,0x0000000000000071L } },
-    /* 59 << 413 */
-    { { 0x31c81bd38d139215L,0xb2e03ba0aa31ea08L,0xe8e0824db68f165aL,
-        0xfea377926694a8d8L,0x3f967e438274eb91L,0xe4bd0c82cca1557aL,
-        0x1daa85547bcd3067L,0xd3334fc48baaaa35L,0x0000000000000141L },
-      { 0x9281ae374fe8c1f5L,0x91fe949cdc284160L,0xb50a91b15fc70688L,
-        0xbffd0e40b7ec7809L,0x2ec95feacf809d19L,0xbfa250a6f70c5c78L,
-        0x3c3111505dccc3e7L,0xd2d9107cbddae7f0L,0x0000000000000136L } },
-    /* 60 << 413 */
-    { { 0x30a7aebd85a53d34L,0xf42e79a34ffe774dL,0x60e6bbffd567b09cL,
-        0x30c427bee46a553eL,0x3083088d3ef4ab24L,0xa2959e2b8411405aL,
-        0x72732346f6ec7452L,0x260a48eb44d2b722L,0x00000000000001c9L },
-      { 0xb5f775e0b1160f42L,0xd7b0ebb4266a2d91L,0xf66d1fec455c9e75L,
-        0xbb3adc9e66d89a69L,0x0c49158dd66a3216L,0x5eab18da51e0df4bL,
-        0xc008165e7ca542dbL,0x6007ee56065967f6L,0x00000000000001afL } },
-    /* 61 << 413 */
-    { { 0x3e43fea8d59d042dL,0x826f5eccd135dcddL,0x937fac11e783cd85L,
-        0xe514de033495a28fL,0x16da07dc0217f127L,0xdd4edb0f9f1049e6L,
-        0xf4bab49015317cc4L,0x8a4d5834510edce9L,0x0000000000000048L },
-      { 0x3daca528a6ab3760L,0x4a210108aa22cdb0L,0x8f7d2289cd53851dL,
-        0x494ff277eaf66a0dL,0x406301d01b33a9d5L,0x1993932f8d87f67eL,
-        0x20ae660e73829af3L,0x3bb045bf23729097L,0x00000000000000eeL } },
-    /* 62 << 413 */
-    { { 0x3131547bdda780aaL,0xec4bbfd7618a818bL,0x06a9305b376c9580L,
-        0x7af0133e4068efa0L,0x089725c5c0dd9815L,0x41620e90380fc678L,
-        0x3e93df46704179fdL,0x350b0a9f498b064aL,0x00000000000001c4L },
-      { 0x46d40dfd908a6651L,0xe872529e45405cb1L,0x71f9883ba68ee627L,
-        0x77732ecd56e0c803L,0xcab27f558c00c613L,0xd74f55bc6d431b96L,
-        0x84426040a332bb37L,0x9f1aca8ac247e7adL,0x00000000000001f4L } },
-    /* 63 << 413 */
-    { { 0xd491491efd080c64L,0xfb48d7df52544552L,0x2dc3bca98e495dc7L,
-        0x4a82f1464dd3d735L,0xcd7034f325427421L,0xf25d1072fc1e5323L,
-        0x1d90639574c48551L,0xd3383ab8d11bc0e8L,0x00000000000001eaL },
-      { 0x9b2bcccbe3d16f54L,0xa1f4b6eb85354b8cL,0x4c6a0456950886a1L,
-        0xa36a9009f5394ac9L,0xcfd0a2a221950a10L,0xf4ca275ede4cff54L,
-        0xe755c08c693839a3L,0x4f04cd6185190443L,0x0000000000000190L } },
-    /* 64 << 413 */
-    { { 0x61d252da63d7540bL,0x5977687dba87605eL,0x53be7d04f8f3558eL,
-        0x76c4c49c99f1aaf0L,0x129e0bffce8bf731L,0xcdde32a166a1555bL,
-        0xedb9e9e5d4bc5b6aL,0x675b5d1252bc3c6fL,0x0000000000000130L },
-      { 0xfb3dabae91b491f4L,0xef1967c39ea0b6d1L,0xb68a0e75e6370d8eL,
-        0x6dd017fce2ffb7b5L,0x7e3dc82606d66169L,0x802b269056271658L,
-        0x117a4ee3c3da3c9fL,0x80bb9fcf167d09afL,0x00000000000000d0L } },
-    /* 0 << 420 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 420 */
-    { { 0x73a6ba3810a8c4fbL,0x5153d959ecc93e5dL,0x7ca58012b59e9871L,
-        0xedc0dbefafd442f1L,0xb9050a22b9cf7691L,0x3d1e96fe464d017dL,
-        0x541781a482074dcaL,0xedce0db38b355413L,0x000000000000006bL },
-      { 0x1a13e3eeae2b39c2L,0xc431081d3c218179L,0x5cbc14c1ae68b7c6L,
-        0xcf2559bb9005a304L,0x14d7c1e92ec7aed5L,0x5c379bfe1e2e2f0dL,
-        0xfc33e4d2886f0cf9L,0x2f14e7d0ac4e1d17L,0x0000000000000071L } },
-    /* 2 << 420 */
-    { { 0x27e639c92c82d5c0L,0x035527b8104b9d44L,0xd0a7f3c88a17be05L,
-        0x3c529b91813cb246L,0x296074b2b8e54b08L,0x660118578dca703cL,
-        0xfa30e9de41606a8dL,0x2652c08c9ad1d94aL,0x000000000000006eL },
-      { 0x09724ba6d42d26b2L,0xc0a02c2e25eecab7L,0xb004174845e7fb83L,
-        0x24e80b604503354eL,0x4f3045f9da55516dL,0x97d76335cc7b2627L,
-        0xc8bfd79bb380f10fL,0x987396522becbc27L,0x0000000000000146L } },
-    /* 3 << 420 */
-    { { 0x9394910f0093fd88L,0xff7760d2547fc3e1L,0x7b81fcf5a904c24eL,
-        0x120a558dfd80644cL,0xfad07009a715d6fcL,0x24bd3ad8abf6246fL,
-        0x7c5b04c779c968a7L,0xc7df9266108ad586L,0x00000000000000d3L },
-      { 0xe37db2e0b655b6e1L,0x0a029277568c6373L,0x0bd0526f428a6b69L,
-        0x54bd7b9b3d4f3847L,0x42caca2fcb6bd60fL,0x657b0f1f6d10bfa6L,
-        0x97f9f99d0fef238dL,0x93171b4dcc3795a8L,0x000000000000009dL } },
-    /* 4 << 420 */
-    { { 0x83fa275b0ddd2ba9L,0x71f5b43dbaddbdeeL,0xb67814112244290bL,
-        0x075580601244c56cL,0xfdd85cce2ce4fc6bL,0x7fc52dace53b1502L,
-        0x3243b95255a68467L,0x06ef6a6540900cefL,0x000000000000009fL },
-      { 0x562d06ac65457f82L,0x9dbd63519a9e8e58L,0x0d218265496d9349L,
-        0x940bf3f4a218ec30L,0x1e9c0aa3d605883dL,0x2cb9bcc6427f8a5cL,
-        0xba3119b23685376cL,0xfc2c2f0df0c5783fL,0x00000000000000dcL } },
-    /* 5 << 420 */
-    { { 0xb7b63d0fa73a1aa4L,0xfadba5955532ec0fL,0x19a61405ff9e47d6L,
-        0xd9a44ef1aa210afcL,0xcab8bd2c3c3e2b07L,0xdd8f8d154e1428a8L,
-        0xa5eabcc591f63ff2L,0x7dd9635666f368c9L,0x000000000000018aL },
-      { 0xb35c9e17d84c056dL,0x0f27cd01eddff5deL,0x855c10a92c0d1066L,
-        0xc7aee7feb4bfb648L,0x9f9d978d5803338bL,0xfca5a25f4f4f2b95L,
-        0x9d5d5fbfadf37f8aL,0x13482b1e5059c65cL,0x00000000000001a4L } },
-    /* 6 << 420 */
-    { { 0x6e95a3aefda1ffdfL,0xc4014ebcea5aed3bL,0x915719f862b64816L,
-        0x2ea08a71de90b2f6L,0xd2b45d301b4836dfL,0x5647580021840212L,
-        0x169110f6ffca7e1aL,0xb32ee8a9f5f43dfdL,0x00000000000001bbL },
-      { 0x7ba4dcd71962c792L,0x539fabac5fddda2dL,0x48913d37cfc7b6c2L,
-        0xaa2e0fb009d93b9fL,0xa625455b63f79f1eL,0x0f26f80b7c45060aL,
-        0xdba77c6793ee96fbL,0x54ba37408711afcbL,0x00000000000001eeL } },
-    /* 7 << 420 */
-    { { 0x95da54447500f10aL,0x6935ca2aa6b14d2aL,0x58f4555c30dc9660L,
-        0x949ec82aac954b30L,0x94027576e7fa5c4dL,0x035d525a21960c7fL,
-        0xe3ed1e66c2092c76L,0xbd151aa3df9779a1L,0x000000000000012cL },
-      { 0xda7d7c3de59368feL,0xb4c240648ddce4fcL,0x05360bf847eb7a34L,
-        0xe0889804700d30fdL,0x99e1add207f447f6L,0x30e5b7574a4e8762L,
-        0xee9f06953329b2fdL,0xbb6fd0fc6894a597L,0x00000000000001a6L } },
-    /* 8 << 420 */
-    { { 0xb70f255cee12880eL,0x0fcff02402831c27L,0xd92706fe87241978L,
-        0x75c7a550fb475daaL,0x128971bb889e3be2L,0x032c8d2651f95444L,
-        0xabe4d7dd7251b1c7L,0x8c903fae332e627cL,0x00000000000001faL },
-      { 0xd00f7bfc32b6fc85L,0x33ebf5c256e1cd16L,0x0cb224fd42b24457L,
-        0xfd0d2136a0ec189cL,0x4718b1736cce225dL,0x403528f6e04d9e2dL,
-        0xc7312b00e6e6e81dL,0x3d146f6002202a72L,0x00000000000001b1L } },
-    /* 9 << 420 */
-    { { 0x1a20556e1034bea2L,0xd717d9172be51df5L,0xe95f091286ac317dL,
-        0xf3923fbec1304ee3L,0x3f763629e240f768L,0xcbf933bcc8c2af96L,
-        0x0e7cbef612c667f3L,0x6f01599295d25e69L,0x000000000000012fL },
-      { 0xf941627f4b56bdafL,0x06ee3b59eec4ed47L,0xb2c0882e4d951b00L,
-        0xf5304c7c8652dbcdL,0xf59e2884a6245127L,0x2f9752c14e4444a4L,
-        0x91d5fa7af8ded8f5L,0xe5bde5985c3a5632L,0x000000000000003dL } },
-    /* 10 << 420 */
-    { { 0xd9e55a11a0d1be9cL,0x4c3bfaf24c1c1b10L,0xb0d8ba7d2e8bdca5L,
-        0xd67631c3e2b2f07eL,0xa7bc810f085dc2acL,0x0df53d51ea54ed35L,
-        0x09cf707235ba17f4L,0xd6bd518ebe70853dL,0x000000000000004aL },
-      { 0xa7cd3940b78c4776L,0x9ba0f564e9be7ca5L,0xc40944c61c45432eL,
-        0x44fff573472b1abcL,0x80ebafa1c1ec6836L,0xff7eb86e0c55f71fL,
-        0x20c8e2695b805b7cL,0xdf0e571b16aa5eefL,0x0000000000000199L } },
-    /* 11 << 420 */
-    { { 0xb765a24b2af340d9L,0x958178050b487cdeL,0xf2b88c2cf47f322aL,
-        0x7fa33ce51ee6fa6cL,0x98002c9a11a0096eL,0x5507eb0bbb6e514dL,
-        0x7b3dd65c1a52bdceL,0x80a29cc867bdeb7fL,0x0000000000000069L },
-      { 0x0cdc241d6d7c8921L,0xb1506bfc039a455fL,0x14ecf2f7ee18c2bfL,
-        0x3317ba71027f00feL,0x2c12d6706662fd91L,0xe9cedbfd87d5376fL,
-        0x3e0f51b5b3bc972bL,0x2450c347b2c1a068L,0x00000000000001e7L } },
-    /* 12 << 420 */
-    { { 0x484732401f8815a7L,0x46168826199e1b61L,0xbb9a52bc07807f97L,
-        0x7b3824d9ba31351cL,0x67cd58b460a2da3cL,0x0d99d6d621957903L,
-        0x7c3380d37b459b99L,0xdd0a602353b07588L,0x000000000000010cL },
-      { 0xebc49bc0ab2213b8L,0x540f6fc558615ccaL,0xe873ee56d8bc64cfL,
-        0xaed30c80ffe085b5L,0x03d39214d0de645dL,0xc6ec44b959f64e2bL,
-        0xffafef87c7f37e31L,0xef7985a21ea39c70L,0x0000000000000159L } },
-    /* 13 << 420 */
-    { { 0xcddb65c37f55b79aL,0x6e26c45f5d85b33eL,0x111919ceb1470acaL,
-        0x7aa294e0e6c06007L,0x35207de63c009509L,0xcf119448ddd0c472L,
-        0xc01bf29c3c05546dL,0xadf8465854126fe9L,0x0000000000000054L },
-      { 0x2c13d69dfef83427L,0xe539c2da0960af28L,0xbe374a8297ccc699L,
-        0x8020d224523d7f91L,0xdab7f7d6531b6154L,0x37ae51127cfaaf1bL,
-        0xb5e3e2036f69e8a9L,0x4291b0454b708b58L,0x00000000000000e9L } },
-    /* 14 << 420 */
-    { { 0x4c085162a78092beL,0xcf80206180d90634L,0x95c122b69f81ff39L,
-        0x5c936cacaf784312L,0x9f4796ae350bde15L,0x0fd2eacad138a2f3L,
-        0x5764f1cec825ae43L,0xc9b9d5ec9b4f1332L,0x00000000000001adL },
-      { 0x3049e55456c15c19L,0x61c0dd81e3fcab36L,0x2132d9b2376e573bL,
-        0x875184b1c05ee74cL,0xc37f8e51a427b9e5L,0x6a2fb427e6c5b9d5L,
-        0xcf13c1ef7b754328L,0x146447f8d1749292L,0x00000000000001e3L } },
-    /* 15 << 420 */
-    { { 0xeb3388479418ced8L,0x68f55b32506ed21cL,0xccdb0bd335ec2dfdL,
-        0x63b075e8b65f515eL,0xd3d07af8f6905524L,0xad5a170ad1589131L,
-        0x97ffc56d61582a3cL,0xf15add9a34c2d2e4L,0x00000000000000e0L },
-      { 0x79d0330ef5d91b62L,0xf3e8f69ce46eb580L,0x1b5ea4a8067e7599L,
-        0x425084336b335559L,0x85863c2eb4ad41bdL,0x9572cd16aa1db8fdL,
-        0x55756be84f205835L,0x82ed485f53de8f6aL,0x0000000000000049L } },
-    /* 16 << 420 */
-    { { 0x7d6e42404e1080a4L,0x5cf6c427e1adb078L,0xe74ec6033d594e28L,
-        0xc0185404bdf853f2L,0x287d94dec3335717L,0xf735656ac3179807L,
-        0xd356f2bf604e93f7L,0xb1fdc2f2cbe27815L,0x0000000000000151L },
-      { 0x7b17e356da1d3ea1L,0x0ed57d7ea7af9610L,0x4a6ac3e53ae89c0eL,
-        0xc8f722b85f82b4a3L,0x453d5a4a7f0850faL,0xd6f79d237b3ac4a3L,
-        0xe1c9dfc20dbae800L,0x56e4f0f5c4b9258eL,0x00000000000001caL } },
-    /* 17 << 420 */
-    { { 0xe80852c1ddc395faL,0xe58da639cf6e9427L,0x2d80ef4ccf9f6f4fL,
-        0xfc2bc3b9469f9ec9L,0x90dd2047b5059098L,0xbc7dc5b8a38a135dL,
-        0xba7a504e14d5187dL,0x1e5cea620bf39092L,0x000000000000016dL },
-      { 0x71afc93587e487e0L,0x5ecc86b7ef01d44fL,0x0987add313d2d4e4L,
-        0xf64716e189b1c583L,0x2ef8a366b9927a7fL,0x83bf2fb6a43e9f9cL,
-        0x16f2b1856dfd62d8L,0x0720e52aeae049a7L,0x0000000000000027L } },
-    /* 18 << 420 */
-    { { 0xb372ca6459f57bf1L,0xd71dd5777941180cL,0x71685edf4e9ff4caL,
-        0xe587c1c10ea50561L,0xa8807733b4de6fa7L,0x37fd0baaf54d261bL,
-        0xbd41723b63d60c25L,0x1db8a7d40ee723b6L,0x00000000000001d2L },
-      { 0x4ed434f57731688eL,0xcd0b204990872443L,0xf1cf19d6f08bcd59L,
-        0x0a2421868d0e3d48L,0x05071d83631b9d75L,0xe6c824d71f5ea438L,
-        0xee72e77f733eab36L,0xa2edb32480653b67L,0x00000000000000efL } },
-    /* 19 << 420 */
-    { { 0x3c66f086179844eaL,0xa6a8ea1bd3130343L,0x392cdad799fc9f0bL,
-        0x3394632e63b0b646L,0x29bf4836f7748943L,0xff18e250c24214deL,
-        0x6758a91d0c636fd6L,0xd2cc47e168fee4d3L,0x000000000000013bL },
-      { 0xd6d1f413ef6d4af9L,0x0092046fc87c16e4L,0x93d8aa9f3ce6f5d9L,
-        0x8f7642089eeb6b0dL,0xb40ff54c3cf6b39eL,0xafa404ed994e9d85L,
-        0xe0aaa8228a7a8b6fL,0x74e6a937fd01cbb6L,0x00000000000000c6L } },
-    /* 20 << 420 */
-    { { 0xf52e68cc04a4640fL,0x469ce7167a073c4bL,0x3ef46bb0bba28a24L,
-        0xb963bc66d966a270L,0x5195fa9dcac49906L,0x3265912718c2f3bbL,
-        0x5bb5b809a43a8d57L,0x654653503806ba70L,0x0000000000000163L },
-      { 0xb3ddf2d683ef27eaL,0xc490dbad6a698a1fL,0xa13676175dbef692L,
-        0x2a41f99f4a8d7af3L,0x3a6ed906f7cd77e5L,0xc842b863533e5cfcL,
-        0xc098708ee1bec806L,0x9c21e280e32088cfL,0x0000000000000000L } },
-    /* 21 << 420 */
-    { { 0x8404d82c0f06d9bcL,0x547289a5294acf16L,0xb468ae64c502621dL,
-        0x985c267fb3b353a2L,0x4e11dd3e5721f0b2L,0x2f5cd568ce1a24f1L,
-        0x1dedf5ebb5fb7148L,0x42a82389c1626fbcL,0x0000000000000110L },
-      { 0x8543730601bfc317L,0x7f7784a2e5cae3adL,0xf3dacc6469be54d6L,
-        0x038528a3c9d9e32fL,0xf98309683a6f6357L,0xf325307d3f837cfeL,
-        0xe805afa33af3d0c6L,0x275272065252e357L,0x0000000000000078L } },
-    /* 22 << 420 */
-    { { 0x0aaa344b99371256L,0x0a066fe2d37c69aaL,0xdf78a35d25e09230L,
-        0x53c1bd11d8dc7960L,0x02a2444bc9fce3efL,0xad94f6321b02c0f9L,
-        0x827e0e363ab86bb1L,0x378fd466c7c1a0a4L,0x00000000000000ffL },
-      { 0x94780574032e1eeaL,0xc220064001cb9b20L,0xa27c53bbaa195a72L,
-        0x41cfa39c1fd255aeL,0x0727c31a99f3b693L,0xea608501ae941816L,
-        0xf6f564d91ffecb1bL,0x78a17e5e5f980bddL,0x0000000000000188L } },
-    /* 23 << 420 */
-    { { 0x8bb946e2dfa393a4L,0x08fb2f81f615c758L,0x1db09d68b2e74865L,
-        0x470d784d3fb6b0f4L,0xd7e9135501b6735bL,0x8b7d570a051cba9dL,
-        0xfc3e0b2c70b205c5L,0x06869d5e1e7cbb3aL,0x00000000000001adL },
-      { 0x55ca4fd936ef4edbL,0x69d852beecc47c2cL,0x1bb04f285c5b235aL,
-        0xbc4ab04d098a7ba8L,0xcc8ac9027b5f540eL,0xf538468155d8047bL,
-        0xe494d2587ade6e54L,0x7f6619105cd2e315L,0x0000000000000134L } },
-    /* 24 << 420 */
-    { { 0x9f89d5bb56aa4115L,0x63fbfdcac2d35218L,0x595276045879b205L,
-        0x546e9805863191fdL,0x01d6bb2b492bbed9L,0x837d7e9c73daa6dcL,
-        0x3d3a90f2363a7a49L,0xb50a603d703ec617L,0x0000000000000160L },
-      { 0xc7d60aa51d767edeL,0x78b275545178ee0eL,0x45d33bfbc598f46aL,
-        0xdb05f976bf59b320L,0x4d4d3206f704d3a5L,0x883fada582590e40L,
-        0xe9369fe09ef9a17eL,0xc1d11e068661cad5L,0x000000000000009dL } },
-    /* 25 << 420 */
-    { { 0x76b3e52bd80b2b0eL,0x1ddeab08d57b3e26L,0xadeee95e05d4095cL,
-        0x8a441ed876b470c5L,0xb40ea63b598bb942L,0x7a69955764e9311fL,
-        0xf41e2dbda3b34c65L,0x36041d213038b04cL,0x00000000000001a0L },
-      { 0xa8630639aff87e50L,0xcf330929a9050224L,0xe1343f8f9555f24fL,
-        0x7b2b57fd4486e5beL,0x901a1fa3892f8985L,0x48ecf1c0ba0578f9L,
-        0x062036a458c5803bL,0x64db8ad3d495e812L,0x00000000000000b5L } },
-    /* 26 << 420 */
-    { { 0xd828a1eea7cd3d7cL,0xa39918741c46e505L,0x2907f22b977a89dfL,
-        0x1a97284ea8bda785L,0x3be00be53e2c7eb8L,0xa09b9df661392237L,
-        0xad6d2e582734a180L,0x9c8fad43f305fea8L,0x00000000000001b1L },
-      { 0xdf8354b4d3157befL,0x1bbbb2ea3fff9736L,0xd875650ab541b7d2L,
-        0xa219b4ff11f808dfL,0x8fddc92292b811e6L,0x8ae8e5e556e34e2fL,
-        0x9c90ed9d431f2ef4L,0xb83c8e8d6e5aeb06L,0x0000000000000033L } },
-    /* 27 << 420 */
-    { { 0xab542a3bec6d5a30L,0xf3a89c0cbcedbe21L,0x06d93f10f42b171fL,
-        0xc05c30b19b2f005bL,0x4402de5b488c69b1L,0xc4fb5dac03bff7ceL,
-        0x8cd55dad7ab06022L,0x52af902df9b2cfafL,0x0000000000000193L },
-      { 0x16f1519f32e721a4L,0x868f20628f21c68dL,0xd0af3d8f1d1b6568L,
-        0x476cabdc0655b4e2L,0x180bc7c910912bd7L,0xccbe77e248758e83L,
-        0x5248fe84c984174fL,0xe69a6bcc64f9eeb5L,0x0000000000000073L } },
-    /* 28 << 420 */
-    { { 0xf736440000feca1dL,0x037b3d49852c31b8L,0xea78fd256c6687b5L,
-        0x2ebe2e7bf447b783L,0x654f16b156d7f1a6L,0x8f71c03583b9bec7L,
-        0x26211de5f46e3a73L,0x64c26d1d9d823907L,0x00000000000000d4L },
-      { 0xf055c6a0dd7faf2eL,0x0f98d13a2ca825c0L,0x539a62a67bc8d8dbL,
-        0xadc25a49b69842dcL,0x8a5f304557914947L,0x9c8541cfdc1ddb47L,
-        0x9e133348f4ec01faL,0xd0fe103be3eba2fdL,0x00000000000000c1L } },
-    /* 29 << 420 */
-    { { 0x5b1d13ec418a83dfL,0xe9288a19dd578685L,0x8c90adfff1199fd2L,
-        0x535f7ff5c9dfea76L,0x2bc4a3dbf0846631L,0x36a1bd74a6b94ae2L,
-        0x5c61d3a32c51a655L,0xf03d31519da1a40bL,0x0000000000000118L },
-      { 0x4deee9fda7c44cecL,0x4d3cba4911e4cca1L,0xeb066f59b33266dfL,
-        0x45b3856fb3d19c6eL,0x3ac917f0cc142930L,0x8d067ea4a5cc182aL,
-        0x1dbbb1c652ee009cL,0xd5769d6027ff54c7L,0x0000000000000110L } },
-    /* 30 << 420 */
-    { { 0xa15a7bbf8eefad48L,0xe6e89e742651197fL,0xa61a3e84bd94ed51L,
-        0x0d244f552b588bf5L,0x65a05bcd083d4e00L,0x439c2e1c135d813fL,
-        0x48e05e558b3ffcb7L,0x215bb215254e73dfL,0x000000000000010cL },
-      { 0x240758f78096e07dL,0xd60bf24f18137989L,0x0b8be39738a3a7f1L,
-        0xad8e978490bed9d6L,0x292131c39b75ec5aL,0x1159fdc879cc4fdeL,
-        0x42fa8c1f64454a70L,0xc8c4d18461a34ddbL,0x0000000000000053L } },
-    /* 31 << 420 */
-    { { 0xf64f3d95dfb33552L,0x4f52fde0ae6e4644L,0x43ae88ccd887707cL,
-        0x0873f0578ffac488L,0x39fae3481d00f41eL,0x9f0f2187f47c974aL,
-        0x5e63a28114aa2ad1L,0xe12e811cc6985285L,0x0000000000000196L },
-      { 0xab5ae9ccac35731eL,0x8967bfb5bed4d30cL,0x92ae61f5c2ed4d32L,
-        0xde3ec6960ad912a8L,0xc931c7b5cf649a14L,0x5588d02492043e7bL,
-        0x19c4fe955cc40a0fL,0x9709c5ab8e76d659L,0x000000000000018aL } },
-    /* 32 << 420 */
-    { { 0xc3c84fd2b5f54682L,0x3488244e32c3a3d6L,0x08c89d9ec1f6e2a1L,
-        0x9a8aadac957ef7deL,0x0a54f7fa07cca3e8L,0x42ad7295ba97bb36L,
-        0xd82cae54871ae976L,0x0eb9357204bf46d8L,0x000000000000009cL },
-      { 0x2a3aa55f45ae741dL,0x9b2168b79034b489L,0x66c66f0921f91264L,
-        0x6823b0fb70703195L,0x5e43efad96e215b9L,0xe1940d5a4ca42901L,
-        0x792cdc63294ccde6L,0x5be5af8a4446ebb1L,0x00000000000000b8L } },
-    /* 33 << 420 */
-    { { 0x34fc69cbeb2f5277L,0xc7e5637326425593L,0xb0a2de928f05fc88L,
-        0x143963814468bb18L,0x926b5160a3b0a9d2L,0x8af3d2af44487fc9L,
-        0xf93e45cc3bea6d12L,0x6a8eaa6a97905e78L,0x0000000000000184L },
-      { 0xe3d982841f13bdd8L,0x8a93c07ad628c0c2L,0x12ff398667d10ab3L,
-        0x9de71f1a25b30544L,0x4193e07914788cedL,0xa297bf3b8979e06fL,
-        0xaaf8e7c8a5c33e4fL,0x996bad366c986dbbL,0x0000000000000192L } },
-    /* 34 << 420 */
-    { { 0x3cc8f593e5967354L,0x6526ed4871aed083L,0x6ed8306e8209df3fL,
-        0x3b6811db26d0cc40L,0xfecb44243ef4bfc4L,0x7b1d0c977c380292L,
-        0x5f8d1053f3155334L,0xd5a6671d57606f5fL,0x000000000000018aL },
-      { 0x91a333f78ca15d85L,0xe401daa9ccaff56bL,0xecfc424a3642272bL,
-        0x293bac7dc265dabaL,0x3728937d35176032L,0x32095630b8dc5e90L,
-        0xa7e40a33fa3238b2L,0x800e51aed54ae7b0L,0x0000000000000112L } },
-    /* 35 << 420 */
-    { { 0x5e9ddc946cfe150dL,0xe80cdf7de931ae6dL,0xd653e42269e75084L,
-        0x5f2457112d80bb7eL,0xdf34a45bbaa1ff31L,0x4aa1544db4555a76L,
-        0xbe131a26420ba11cL,0xeef42ea9df8e840cL,0x0000000000000075L },
-      { 0x0954b8900447d3b2L,0xb56748258273dd87L,0x4e475be49554e8abL,
-        0x9565d985123d94dbL,0x5c2d1bcec2abae12L,0xe74826e441d39436L,
-        0x0a61e8d6e5c430daL,0xa6db3e630f131767L,0x000000000000012bL } },
-    /* 36 << 420 */
-    { { 0x48ac5636f221fa1aL,0x8b75f29afa87732aL,0xa56becb1ba0db0ceL,
-        0x372230897daf8fc9L,0xe2569a163d2f2365L,0x52509c3fe5a4b5a5L,
-        0x78158611cfa993eaL,0x9935db074f0642b2L,0x0000000000000099L },
-      { 0xbef1547fa883def9L,0x5ea9d1b0c3ffcd28L,0x4aa992f9e8cd0500L,
-        0xc259eb625a46f7beL,0x242f5516e7d4212bL,0x7abf19ecd6fbd446L,
-        0xc95987380d54d6a5L,0x5622a0476a7b5e9bL,0x0000000000000190L } },
-    /* 37 << 420 */
-    { { 0x0f55ed468bf89a5eL,0x1cfc2ac48952261fL,0x9c3c347ee4cba9c5L,
-        0xc308a0f46c3adde6L,0x01054a9145571f72L,0x1cd4829193982030L,
-        0x74fc84ff51306753L,0xdab8cd4e8cfdaa2fL,0x00000000000001a3L },
-      { 0xa224dad5cded7237L,0x49d51a129bdf65aaL,0x09a36334a4f5586cL,
-        0xba0faddf2ae77a6bL,0x07b748b72f29e747L,0x9623f46e3478ff8eL,
-        0x518b3bbe8b3af3d8L,0xc4fee8ad78840f15L,0x000000000000017aL } },
-    /* 38 << 420 */
-    { { 0x5650b564bd61ce2bL,0x7eaef69224f299e2L,0x2a0df96fe6d4489cL,
-        0x812d43518ce9d28dL,0x0815a72b59e9646fL,0xd7c2973b017708e9L,
-        0xbb2ff9abd4d799b6L,0x2801293e04228a85L,0x0000000000000120L },
-      { 0x509c20ae3c5f9553L,0x0b59b77c393ba611L,0x2635f780da2c8feeL,
-        0x8f2a267b41f93f7aL,0xff6659a7537ae88bL,0x9a224d7a7fa76913L,
-        0x191113ed42cad3dcL,0x0fc807e43f06db46L,0x000000000000015eL } },
-    /* 39 << 420 */
-    { { 0xc1ce03c9b0f7ddc4L,0xe9c3a1f6b5545247L,0x45e0feb9c1c782f7L,
-        0xe2c1170d5fa69f36L,0x155bf55e15407d53L,0x54d33d0902d578d2L,
-        0xf566ec081442a6ddL,0x4a144739f67fe9abL,0x00000000000001edL },
-      { 0xfb449e2032d83f99L,0x3efebd58fbbaf71fL,0xbeae9abcf8b67d53L,
-        0x64c6c39a442e271aL,0xed0b3ffbd8510f0aL,0x778a250b882c28cbL,
-        0x8924bca243ed493eL,0xffbe451e7e1b7b11L,0x00000000000001bdL } },
-    /* 40 << 420 */
-    { { 0x75b27730fe4c5bdbL,0x00613beabd678c1eL,0xb12a8fe817d6e608L,
-        0x5c6ce1ae0158785fL,0x72f9e5dc1ed9f069L,0xde5caa848a05f3d6L,
-        0xccfb76716536f0b2L,0xe7378e81b634be60L,0x0000000000000045L },
-      { 0x61d85c77f724dd8aL,0x91b6e75dcbe10dadL,0x382bab75adeb3740L,
-        0xafa638046b3b344cL,0x136d755fe8d2f35cL,0x45416ba496ee3d72L,
-        0x92533b2be175a63dL,0x51facb6560cbc9c8L,0x000000000000001fL } },
-    /* 41 << 420 */
-    { { 0xa9020bb2bf0ca667L,0x2433b9c5d9660317L,0xde04b705f3de0b9aL,
-        0x46fd25b653ec2cd6L,0x0448e5dd4960b51aL,0x4c06d6a16721a33fL,
-        0x19f91ed6655171b5L,0xe5974b3f78df179aL,0x000000000000002eL },
-      { 0x77b2230d27199e71L,0x3a655385f30abd35L,0xf5e630e34fcdf51dL,
-        0xd65f90c494535658L,0x01b3c3083f9ebddcL,0x209f2e378f886a9fL,
-        0xc6145c12d24b1178L,0x1431a5087dc07344L,0x0000000000000119L } },
-    /* 42 << 420 */
-    { { 0xee3406d1e638a4aaL,0xd688467a2fffd8d4L,0xe56cbf66141afb81L,
-        0xa3b39278d2093407L,0x4e0e475b63f0a6a5L,0x0cde9be59e82370bL,
-        0xb20476e7f6a08824L,0xc9193506ccbbb74cL,0x00000000000000caL },
-      { 0xe4d9074c6fa10c37L,0x4519eecae5095ad7L,0xfc5f4e21a6b9417dL,
-        0x14bafee71076f557L,0xf6999f8b3b0d7e6cL,0x0fff28293d147610L,
-        0x9db346f7c1dde148L,0xc3648d0cbb06be0cL,0x00000000000000adL } },
-    /* 43 << 420 */
-    { { 0xd9b2900c41e98124L,0x535389b81e5e8d0eL,0x1eafd301052df92aL,
-        0x6fb1af8781c04ce8L,0xbf53896454faf2a5L,0xa6d771c9c33d4cd5L,
-        0x3cbc0b99b7985721L,0xa8fc80fb4bffec76L,0x000000000000001bL },
-      { 0x669d9031eb22ffc9L,0xff1d9af297694f7eL,0xa9583293f7b30304L,
-        0x8c0ec270de3e2e04L,0x6e6490c9ac3051afL,0xe554e8fdb77d165cL,
-        0x2fe899dbd7547c9fL,0xbcd900fc5d034decL,0x00000000000001ccL } },
-    /* 44 << 420 */
-    { { 0xcd1ed5190f67298eL,0xbd6ec57814d77ae9L,0x6d8b2ab4f38a5da3L,
-        0x55d9555be9a51909L,0xc4988f443f290779L,0x403297f645c00586L,
-        0x1df14102017a5468L,0x81aba58618d98daeL,0x00000000000000e8L },
-      { 0x8fccd75d3d78fc68L,0x727adeed26fb1966L,0x1e7cd41598a17cb8L,
-        0xba026b83de88062cL,0xc11e4bfe933e04c7L,0xece90a097abd303aL,
-        0xf09a827b0b73aa6bL,0x31e7471f9fe9d6deL,0x000000000000005eL } },
-    /* 45 << 420 */
-    { { 0x65d2e86156ac524bL,0xa0f398c44dbd7a05L,0xb51e471f247e0ebaL,
-        0x6fb7515e1cd2b3c5L,0x8d4129cc4019d508L,0x1523c52fe21dad33L,
-        0xe929492f2319f582L,0x76c5862899d946d3L,0x0000000000000160L },
-      { 0x4cc4e9553641774aL,0x469e1d4c39518dd0L,0x679e1cf2dbb4dd35L,
-        0x5a34378a7e756f2cL,0x09fe4915534df7d3L,0xbf6a2c47eb2dd58eL,
-        0x073d3889e26761b2L,0xa6edc4da1ba2ad04L,0x0000000000000133L } },
-    /* 46 << 420 */
-    { { 0xa43aa7fb067722b4L,0xc7bd872e2d19638eL,0x04d8838d6683f1acL,
-        0x6df5e4441167542eL,0x7aa48da719d4b02fL,0x81f9fd58f6237d71L,
-        0x91f5815c17ba998eL,0xb9613d178d8d72faL,0x00000000000000a7L },
-      { 0xf529d3986a6a407fL,0x6d22899caccae345L,0xd126146a563863dfL,
-        0xec3241f617f1f2efL,0xe09a57205e69f591L,0x8ef992d3c00ffad8L,
-        0x872822af82dd79dcL,0xa8cc65a6adf02b46L,0x00000000000001e3L } },
-    /* 47 << 420 */
-    { { 0x67777d056c680d36L,0xcee0e9eb765a8da6L,0x8e18422e2410bd23L,
-        0x087b9b2bd73057baL,0xf6ed0c4373a435b8L,0xbae2117c0aa2620fL,
-        0xb97d1cb5d9ba7028L,0x417aa6bec3f20528L,0x00000000000001d8L },
-      { 0xa6daa33f114871ffL,0x889c853e69e3c506L,0xfb5cef1de42b8ed3L,
-        0x249b0fe7e2ec351fL,0xbb94de883fcae45dL,0xfbfa5c9f3a94cc20L,
-        0xb80b5bba253c1736L,0xb23924460770b8ccL,0x0000000000000171L } },
-    /* 48 << 420 */
-    { { 0xc7d454186a52747dL,0x034cb6d1523d74d6L,0x073a404e0e2b859bL,
-        0x9a38e6d89345da73L,0x4c4771d5c7fdcce3L,0xaee8c00c025c1423L,
-        0x10c94e72d7203e0cL,0xea9f58bb4547289cL,0x000000000000000aL },
-      { 0x030c1df531b952a7L,0x8177a6e11d47e37eL,0x9e2222b0de6f3c0eL,
-        0x1ed75c871399560fL,0x9b818c5d829af1e8L,0x75c7751945db80a1L,
-        0xfac13445d73c446aL,0x91a2741362844292L,0x0000000000000027L } },
-    /* 49 << 420 */
-    { { 0xcb7db4ccc19e2d86L,0x829ccd00df87335cL,0x8d2d73e940ed4392L,
-        0x926cdff5b78c8289L,0x1c76f094e7cc750eL,0xadeb089fa3a6923dL,
-        0x1d1946c3167dc508L,0xca796f6852a57472L,0x00000000000000baL },
-      { 0x94ba42d7a1526724L,0xee549d5ca5fd1158L,0x9e5da9d47645a4d0L,
-        0x05d4d6efcdd6a638L,0x5619dcf729ddb41fL,0x34ae766d98d04e6bL,
-        0x125b901956b51686L,0x5127a0b08ce76994L,0x00000000000000fcL } },
-    /* 50 << 420 */
-    { { 0x8040cbe83e0a2ad9L,0x8be1ff91e6cf93d6L,0x03b887834d371ee5L,
-        0xd70eb00752a3f93aL,0xc3cdb6cfd333a1a4L,0x5edbb599b8f27078L,
-        0x339236a4e1faa8f0L,0x70c8fb9a461463d7L,0x000000000000014fL },
-      { 0xd55dbd41033fc6e4L,0xb53ee32b3a7e3f55L,0x2274a2d905b7e980L,
-        0x9b037c48b27fa57bL,0xb0584718ce3683cbL,0xfe230ee62cfae448L,
-        0xe3f0c7eb7fdef3bfL,0x5c3af24ba17e64d1L,0x000000000000016fL } },
-    /* 51 << 420 */
-    { { 0xe08921a1d2295f2dL,0x7b16da7bc2d62e51L,0xab35c918b7fa9ea8L,
-        0x809eb392dc39f49cL,0xf094f0be00be5695L,0x1a7d60ef782f29ebL,
-        0xf0a9dd07968759d0L,0xdff0d6565ada0b06L,0x000000000000014fL },
-      { 0x0875da554d4c798fL,0xbe726982435ee34eL,0x1e880746a069c9e9L,
-        0x0ea957f7eb120213L,0x5f88c63e19f064ebL,0xe07a2047c8a7d994L,
-        0xafd33fef4aeb2130L,0x4b7ad49154e880eaL,0x00000000000000ceL } },
-    /* 52 << 420 */
-    { { 0xf090e674c02453a8L,0x95c5135eb672a218L,0x5cfa269b7ad4f0b4L,
-        0x35da68b2c36c7952L,0xa8fbb5981f48b8f3L,0xbe2cf8255897269aL,
-        0x503c997f3d216a5dL,0x365f223401fba58dL,0x000000000000008aL },
-      { 0xac2cc265454cbfadL,0x36c3406228c1232aL,0x55d6f9f6d9c91dc5L,
-        0x7ee8f96e911d7488L,0x7f9b42d548f93862L,0xd6e242b2add639dcL,
-        0x03131280d2d1eba6L,0xaa3096d2db5b01c7L,0x000000000000009dL } },
-    /* 53 << 420 */
-    { { 0xce23ccbc11c799f0L,0xb09e370e6d8105a7L,0x05002372a187616aL,
-        0xc34d46e4f41c6585L,0x365fdffff1641b50L,0xd78b6bd5d5283ee4L,
-        0xd5855eced0d84ea5L,0xf3490e30a484c1d3L,0x0000000000000093L },
-      { 0x03d85dfff30302e3L,0x800f89f9fbcd54feL,0x75a431e4a8a7bb3aL,
-        0x46a785f87b30b1ecL,0xe90e2b361de5152cL,0xb5b65fcde4ed0df0L,
-        0xd8682ed77fd1e92cL,0x805419c72392b876L,0x0000000000000177L } },
-    /* 54 << 420 */
-    { { 0x036072e3602365d6L,0x0eb6814b499d5b3aL,0x02dabe21585e81b9L,
-        0xe58f4a6353272f40L,0x442c5511aed0d19aL,0x8c880c028d85cbd2L,
-        0x187265ff24a978b1L,0xcdd62d82452fcf0bL,0x000000000000014eL },
-      { 0x8142a2909cd1eeedL,0xeb03b362317c3443L,0x7814dac5d2cf66e1L,
-        0x3d24c15dcdd1a642L,0x1579027d89e46eb8L,0x25bc682cc0c6830fL,
-        0x952370e314712b5dL,0x579a2c0fa50221c1L,0x0000000000000071L } },
-    /* 55 << 420 */
-    { { 0x3a88a023b129f90aL,0xaf0c62ef2525b31aL,0x89e75e13756fc51dL,
-        0xb3ae0d9d7e69c4ffL,0xf8cd4b08756c7379L,0xbfb1d6468d905b47L,
-        0x35b759f3abfd39c6L,0x67ec7a6a8607a1fcL,0x0000000000000053L },
-      { 0x524ec8171b34aa5eL,0xcf1f37cbcce1b38dL,0xdab23e703413c644L,
-        0x4463a1e986c8f8fcL,0xfbb14a202b600686L,0x98b964a57c7bbd38L,
-        0x1fe6c9397c1dce81L,0x5ae65ee42a9950afL,0x00000000000000bdL } },
-    /* 56 << 420 */
-    { { 0xcf77ab4e7c68e159L,0x941498eb23a412baL,0xddd4b9272ac19495L,
-        0x516bfa1b32e1f686L,0xcd8eb8a8702d0649L,0xf0563debe4f963a0L,
-        0x1bf5e540fcd5127bL,0x0d588b6454eaa78fL,0x00000000000001f0L },
-      { 0xfa0dcab27de22d97L,0xc5760a0f5f48ea48L,0x0f8b46db3d33e0e8L,
-        0xa7a1f86fac66a28bL,0xbf23e7cb64923dfaL,0x8a7bdc180ee51801L,
-        0xd4d0d78ef5ffe76dL,0x54edfe409408a217L,0x00000000000000aeL } },
-    /* 57 << 420 */
-    { { 0x55f79f5cb58dd212L,0xf4801c93dc1260adL,0x658b2bf530175013L,
-        0x5d2a2e5fb90c6463L,0x8adcc6414c2f1448L,0xf4fc68fc1898dc30L,
-        0x04b471f888c1b9f0L,0xe70fe4ba798487fdL,0x00000000000000fdL },
-      { 0x24ccae8d0d4d95d4L,0x3be4976338fc4b49L,0x9586e6997912aedcL,
-        0xb3aa52bfb74cc6b2L,0xd96d0f460cc9b267L,0xf02f4f5a27bfd74aL,
-        0xb23ab22c46682e37L,0x9fefdfba01157990L,0x00000000000001fbL } },
-    /* 58 << 420 */
-    { { 0xc90121b8f156217bL,0xaaf825757939b674L,0xf60bf6a8dda00f0aL,
-        0x5d5e16d8eafba2edL,0xe920fa52f2b9d2b9L,0x4128025e7b9fd078L,
-        0x9abb0d5d331b9fdbL,0xaecee7f1b6dad1b1L,0x000000000000003fL },
-      { 0x4441c32ff77c8fe4L,0x3896a2fa0b254727L,0x2fa20f175bf54dabL,
-        0xaef65731d543e3feL,0x2fd6c568ba9dd36bL,0xcf4d161a1fa960f2L,
-        0xdb09ef161aa90dd4L,0xcec37c14a86b9292L,0x00000000000000f1L } },
-    /* 59 << 420 */
-    { { 0xd9f6ad7dad254f14L,0xf94afff19d0754d7L,0xc7fcf1aa7390a63fL,
-        0x3e1401b4dafaca98L,0x23119a5fb1b00455L,0x2748906273ba24dfL,
-        0x1786deafa8263814L,0x147175799fc6cbbbL,0x000000000000017fL },
-      { 0x79696e9e66467ce5L,0xbf7b7b6a3df74e9aL,0x9f13032837bfea44L,
-        0x63fac8d5afcbe8dfL,0x0b3aea515eca7aa6L,0x77a62c62deeb47b2L,
-        0x0afe2fa8ed28a210L,0x1a7e4b557e34cfc2L,0x0000000000000146L } },
-    /* 60 << 420 */
-    { { 0x2d1c3c48a6c00b46L,0x8e2190ddd2e6f87aL,0x3a98a1d1a272ae2eL,
-        0x38ee3366d3fe5d39L,0x57fc9b50c56eaf4aL,0x8593e95fc6fe6f1cL,
-        0xae51c967e1d59d7eL,0x2a5dbf23f599aa76L,0x00000000000001deL },
-      { 0xaedd9ccf7307c238L,0xb26cc95d943b18afL,0x58338caf644bef84L,
-        0xdae311b916f04018L,0x6ba2c14073b20692L,0x7d1e2f7269fcd5dfL,
-        0xf9a0763ce750776cL,0x17496ac5f959c158L,0x00000000000001b5L } },
-    /* 61 << 420 */
-    { { 0x6cd44056369b1126L,0x76163c1b5053300bL,0x9ea62d1ee93928b5L,
-        0xb19ad078adeb0c1eL,0x0df14acad93446b9L,0xbeb6ed1725011b4eL,
-        0xb1cb0790181ae9ebL,0x39777187d2012ffdL,0x0000000000000084L },
-      { 0x7017109513039577L,0xf2401d4a070d136dL,0xe313554aa0841a4eL,
-        0x0fa389e5e8d0c631L,0x2ddd35cd89da61a3L,0x0baa99b9c6d8d4b8L,
-        0xc10864df82dbd5cfL,0x45d1a07927e73c87L,0x000000000000014fL } },
-    /* 62 << 420 */
-    { { 0x2b23cfa513f0114fL,0x150fd33dbc4f0b34L,0x12c3170a9ad79bb6L,
-        0x46d0cb95b1beb85bL,0xfb7ffa77416e67a0L,0x342c023411484398L,
-        0x7a141e512f2b0cbfL,0xb78b3cfa27ab4f9bL,0x000000000000010bL },
-      { 0xb5e185cacd2372daL,0x6c10c435389aafc8L,0xf00d3d16deebb0a3L,
-        0x15de86422e5f7c40L,0xe3855c8935e337bbL,0x400e20877cfc7e5aL,
-        0x8ee2550c2e37e8b1L,0xd0621db2323e0fb9L,0x0000000000000083L } },
-    /* 63 << 420 */
-    { { 0xa8116eb9db8f861cL,0xf130b16a474aad84L,0xaa22dbec029b6996L,
-        0xd71690ff74108051L,0xc18b20fbc8203260L,0x4768ee8e652d96b6L,
-        0x6533a2229ca212b8L,0x282f0d5a448c7ce1L,0x0000000000000155L },
-      { 0x8dcbf8c7a62c88b9L,0x899d99fa49028cc9L,0x6b585197d1d43367L,
-        0xf977bac51bc4e9beL,0x9a829b1ce9a20a04L,0x2ae79e6892febd86L,
-        0x688bf2ee19feb821L,0x3e7f2232c81dfa25L,0x00000000000001f1L } },
-    /* 64 << 420 */
-    { { 0x3d239c6b6a81c377L,0xbf4d092e7bcf552fL,0x3d2af909abd2cae8L,
-        0x3d5ae04cebef1533L,0x9c57ddd8c7d656ceL,0xa345ac44c552693eL,
-        0xc66e8710b604ff42L,0x5743b43318cb68b4L,0x0000000000000170L },
-      { 0x2ae332c9427e80c7L,0xc3c529d4dcaed647L,0x1d1a183473f44043L,
-        0x4f5155d63b71f27dL,0x4239074473ee7e4cL,0xb23433b84e09e697L,
-        0x9a4264daa60c57c2L,0xa7f72ff8486992ebL,0x00000000000000b7L } },
-    /* 0 << 427 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 427 */
-    { { 0x1352b764a2839e80L,0x61a50d9716058b22L,0xbd02c6879d6ae08dL,
-        0x1349ee8b6679516fL,0x3d7e69c9bc4c2fa2L,0x4c2e12a10d24e1fcL,
-        0xc69535a147436039L,0xa477f86b0ca25c70L,0x000000000000011dL },
-      { 0x756e379c2a4c1871L,0x4d0b08b35943df83L,0xd8a9b302cd8f5abbL,
-        0x53865d1e8c240617L,0xd422a9b114a2e093L,0xbdbc3d7d03014fdfL,
-        0xa4c8b35a11578dd8L,0xe4427ef87a3afbc1L,0x00000000000001c1L } },
-    /* 2 << 427 */
-    { { 0x8af346c57d874400L,0xd9e98cb571098f45L,0xdb40081079565740L,
-        0x0f7625ebed9a7dcfL,0x5d1415d0c93d2542L,0xf87f74b4688d0692L,
-        0x9fa2e31b9f648523L,0x4e505024cb387129L,0x0000000000000006L },
-      { 0xe2087f9c446e7206L,0x60f69447b48bb585L,0xda3658622020bbf2L,
-        0xc8a263673cd51256L,0x8cc663b1c62f7c5eL,0xc86d4165e72bbd20L,
-        0xffce9039aac68be3L,0x6c6c747cc3c360a8L,0x00000000000001d4L } },
-    /* 3 << 427 */
-    { { 0xa74637fe39b2b1cbL,0xe81e51e9f280efdeL,0x450ba9ae6356c12aL,
-        0x0d23bf43d9768f5cL,0x686e344b1c4fa118L,0x3b6f0edf9ecf4874L,
-        0xf51830635a22fdd0L,0x6ef7d57de9ae039aL,0x0000000000000046L },
-      { 0xa6a7f6f54fa66238L,0xd61028909787026dL,0x12e10e29801cc4bfL,
-        0x660a4c82e98a16b5L,0xc22e4d53415ec2e6L,0x4c0ac2c10e64c2faL,
-        0x2d2d2bc87c576994L,0x843f23adfaafdf3cL,0x000000000000009fL } },
-    /* 4 << 427 */
-    { { 0x290e4ff1781f48a0L,0x020d9e3d66d6f7ebL,0x1c0da98e084d19d4L,
-        0x42c64660030dd190L,0x996602dd29aa0eb8L,0x7719fb105d0d86e5L,
-        0xe20032629145140aL,0xd2dc210c97e687a2L,0x00000000000001e3L },
-      { 0xe704ecdb18c76449L,0x30a4377044131380L,0xaec3cf4b372cf9a8L,
-        0x4033c8c03df882a5L,0xa5e23683969af81fL,0xf42c5b9580263b3aL,
-        0xbff4ed559323c9c4L,0xa1d992b800ef132eL,0x0000000000000100L } },
-    /* 5 << 427 */
-    { { 0xc9701a1591849a47L,0x05a00e8ceb572ad1L,0x0d5062393cf6f9dcL,
-        0x6434131bb421b5ceL,0x1142248aa0c289e7L,0x9b5a89d75735da7fL,
-        0xbf8377d6e3ff625eL,0x076cc0af36a7fa2eL,0x0000000000000173L },
-      { 0x8e8aab15aa837baeL,0x96c61e2b389fb0b3L,0xe4f00866954a8633L,
-        0x9db8fd3f8311855fL,0x317810367e76eae0L,0x4633933d1aeb3b62L,
-        0xc47a2dc1cec925d4L,0xae1c392369aa084bL,0x0000000000000002L } },
-    /* 6 << 427 */
-    { { 0xad854bde1842eb75L,0x52d44a39fd913403L,0xde2d5fdd964bf528L,
-        0x00fc48b0be2d138fL,0x497778287968e858L,0x326f8a6379b5f778L,
-        0xb093b6d8026ee753L,0x36bd9300067c336fL,0x00000000000000b7L },
-      { 0xf63d269d3d3b0373L,0x7fd4555e8901ce7aL,0xfeb8a5abf0c00754L,
-        0x2b855524d1e4f38aL,0xeb245c9a10593ea9L,0x8d0428915303ae29L,
-        0xcc86c4617be4ec45L,0xd05d843bb1a35c03L,0x00000000000001a0L } },
-    /* 7 << 427 */
-    { { 0x2c5034d201ceebebL,0xe55562ee8a5f5149L,0x72de18472b04dec6L,
-        0x59f580cc12742363L,0xefc95b49fe90504cL,0x1f7355ee93d13fb9L,
-        0x2ea3bb73ec8811e6L,0x8f5c272a92208e52L,0x0000000000000068L },
-      { 0xeba0c66dc7f8b064L,0xda096db86441a58eL,0x345dce44b56dd9d4L,
-        0x4adfaf2326fd92a4L,0x35c0f9a74a8d2df2L,0xa2a0f0cf8a6afa89L,
-        0x05a14a6862097318L,0xb10a3b7dd8a0bf21L,0x00000000000000dcL } },
-    /* 8 << 427 */
-    { { 0x4a3ba7d35a80eea6L,0xafabc45f138ed8a4L,0x8500a36b08955eb2L,
-        0x3d6b2ec617a6c2afL,0x23470f5958d5e66dL,0x5db86555a1df0eacL,
-        0x3a2e16179974c9bcL,0x08480d1eb4dfe2e6L,0x00000000000001d8L },
-      { 0x89ec8a91c3dca584L,0x6c06d419f2aac2beL,0x427cea3ca57e58c9L,
-        0x54ae1a697b0b1b12L,0x40b5c77e3965ce2bL,0x3223c7e53ce07598L,
-        0xc2df893146948ff6L,0xfd997c8655d12af0L,0x0000000000000155L } },
-    /* 9 << 427 */
-    { { 0xcdba58e2ed6d1a95L,0x345e6a00b4ca1bdaL,0x1c65f4f8b08907d1L,
-        0x99506f0ad15a285cL,0x602479cf8c31df19L,0x935e607397b6aa05L,
-        0x57d3627e1d814bf3L,0x4161619e26d070f0L,0x0000000000000085L },
-      { 0x5ef502f18fefd13fL,0xc0a551ba2241012fL,0x655978a86c235318L,
-        0xf708895cca82f195L,0xdf32de1a7c5dc00aL,0x53014f9711d92fa8L,
-        0xcae56947517ce815L,0x58e0469551904244L,0x0000000000000014L } },
-    /* 10 << 427 */
-    { { 0x615a13d91bf64aabL,0xad0c56a0ee125e48L,0x5622df0d2f1ab618L,
-        0x7331c9b97e465f36L,0xe9f79f235e69238fL,0xe71d8ade22200715L,
-        0x0f2c7539c1111751L,0x0a3e1894b9287b5eL,0x0000000000000172L },
-      { 0x20e9e6d2311c0623L,0x2d2ea9d91cc824f0L,0x4f188539344e1b73L,
-        0x468983b4a32ce555L,0x5a610f7ab185efc3L,0xa65ed115dff9f69bL,
-        0x61f20b69f79d8be4L,0xa496802121d50124L,0x0000000000000036L } },
-    /* 11 << 427 */
-    { { 0x6e2e5357dec7c016L,0x4331a55e19d6b3bdL,0x03e618cbb8047f97L,
-        0xcacb5933d8cd8c09L,0x0121db5bae62c20dL,0x7347fc4d471bd47bL,
-        0x1dbed250b2369abcL,0x1385da8b0b503a86L,0x0000000000000184L },
-      { 0x05b1de38c3dbed55L,0xb9e877fc80818aecL,0x28143964ac119fb7L,
-        0xce773a4ccc648a43L,0x1f71b5d4d0138213L,0x0029fab77e42530eL,
-        0x789aefc3fa18d353L,0xd6a441614d6b5903L,0x000000000000007aL } },
-    /* 12 << 427 */
-    { { 0xf393bdb41c4e903aL,0x7c7be529356e8b65L,0x17cb86bb5b85085bL,
-        0xda6493819224b373L,0x53b88eb810832b05L,0xfc02cb4798c0250aL,
-        0xf46c49940f0221ecL,0x28376e37eac2ffc9L,0x000000000000002dL },
-      { 0x2f6c2ff9afc8827cL,0x12ff0f5917ef8723L,0xac1aa2d22455917dL,
-        0xad3764b0f8910f17L,0x5d4a355c3bdf893dL,0x7387c7a3eeee0b8fL,
-        0x9b3e2f884356038eL,0xf4affafdc75003b5L,0x00000000000001aaL } },
-    /* 13 << 427 */
-    { { 0xc1e3b4605aaf5b29L,0x81e82a8aae180dafL,0xf37efa0d445e87c0L,
-        0x599a537e16e6330cL,0x85bc6d9706c410f0L,0x28d5a15fb362500aL,
-        0x2ff92fb621b87c85L,0xebba633facf33979L,0x0000000000000105L },
-      { 0x7fc199a9dec8dbeeL,0xef2e49ebc489b71aL,0xd7f6fce89a528946L,
-        0x169d0a2ef358dc52L,0x6a61d2c891922c6cL,0xd2aef478e59327faL,
-        0x6def24948ef04d83L,0x253711d72f66173aL,0x0000000000000092L } },
-    /* 14 << 427 */
-    { { 0xd7de8cd0fc9be442L,0x0a52e40fc9dde6a1L,0x05a4ff641c7149bcL,
-        0xcc966d0d5f2f3aa5L,0x5ece6a196e2d25cdL,0xcd0a1086f6441a77L,
-        0x1c27360085904d79L,0x44a59f2ecf8c85acL,0x00000000000000aaL },
-      { 0x266fa397db6bfcdeL,0xf68d7a368bf6394fL,0x0d19162214a079d4L,
-        0x3fc59bd33f93fde7L,0x9edbb13e691c417fL,0x50a5045a4b6d9aa9L,
-        0xf5f738d8a35b9642L,0xd0fab4f3471d4f3cL,0x000000000000013aL } },
-    /* 15 << 427 */
-    { { 0xdf87750b40973d15L,0xbaf02e703fa8caecL,0x7020957bc8144da8L,
-        0xaf4275cbd2578871L,0xe669df8d0500056dL,0xa432b1d84391f122L,
-        0x576be73ea4c4e08dL,0x63de36a3db2e9164L,0x0000000000000025L },
-      { 0x5e3a636c0af7f448L,0x7abe9a07bd788577L,0x6a39bb248b212db0L,
-        0x1d99e0a5aa72098cL,0x75df398dc0ed5bccL,0x730e175316ac1e36L,
-        0x5029aa6376079634L,0x30538a42216528faL,0x000000000000004fL } },
-    /* 16 << 427 */
-    { { 0x85c4bd23ad5b7e60L,0x9a21b0b0f41a63b8L,0x368399f11991539dL,
-        0x67f2c9217b2b3b1aL,0x7dc0513338b4a267L,0x3ebee98741104a8fL,
-        0xe73da9a9f8687167L,0x04b9f294155f4eb5L,0x000000000000007fL },
-      { 0x1adb7a1453dcbf7eL,0xfbc526ae08b7789eL,0x004fbf8fa1f9c5cdL,
-        0x7ca3ff9b48b46608L,0x08a90d3083829a47L,0x90a442adfe3c66daL,
-        0x36d2d6bd4c69b3fbL,0xd5307e6b67675cc3L,0x000000000000000aL } },
-    /* 17 << 427 */
-    { { 0x8523cc86f38cc458L,0x6f95b125c82eb162L,0xde7e9372e4770eb9L,
-        0x20f67d244ffcff31L,0x88c19b6d857e009eL,0xa6e94060846c385bL,
-        0x9b4a3fcbf5f6e292L,0xfd730d62d494452dL,0x0000000000000053L },
-      { 0xf1d11d02d9c01d92L,0xbee1f672d81f0bacL,0x43333ad7d8fa5d6cL,
-        0x3ea8f6fe8014dbc4L,0xe69afa5323c7799fL,0x1a60df1e437b3c02L,
-        0x3449cba2fdfeb094L,0x79636fbbe1d7af5aL,0x00000000000001bdL } },
-    /* 18 << 427 */
-    { { 0x38d50ae2b1340c26L,0x98d9a11bbd6c48bdL,0x71342c9d2a770fb2L,
-        0x641b25aad42c16b6L,0x9b9caa6900a7b958L,0xb2e0f3d21c6f21faL,
-        0xcaa3c0854ebdff9eL,0x907443377ff33500L,0x00000000000000a5L },
-      { 0x680bfb3c9295497eL,0xcd4c1cc25be8f97dL,0xfe7dee3bcb911f56L,
-        0xabbdfd216980d877L,0xc134efd566109f84L,0x83200bc03adbce88L,
-        0x1ae3359ddecbf40aL,0x4f63adbe2135d328L,0x00000000000000aaL } },
-    /* 19 << 427 */
-    { { 0x0afeb995ee429693L,0x1a1793aed33c2875L,0x3011c348aff376dcL,
-        0xe14d4d40fa291a4dL,0x2bc85ccc328ce212L,0x51afc390ca16ac0dL,
-        0x7f1f2524cea3c7a8L,0xfad2721775fcaef7L,0x00000000000001f3L },
-      { 0x23419bb74f5163b4L,0xe4520607ab546931L,0xb6f171a4246b5851L,
-        0xf6f00f0a4c8e6602L,0x4a84dc07f25bba45L,0x9f1eff155959d040L,
-        0x686a15867d49ceadL,0xec9e5a8da8990689L,0x0000000000000173L } },
-    /* 20 << 427 */
-    { { 0xd35b9e3138ccdc36L,0x193d19235b283364L,0x3f11086716ac2730L,
-        0xc858771ef63f67b4L,0xfa465ba5426ad999L,0x2f23aeb634208c28L,
-        0x1804c3f488e3b573L,0xd40adabed5865046L,0x000000000000018fL },
-      { 0x43f3fab933b8a100L,0x854d92b7b1bdaae0L,0x71b54f79564bdc47L,
-        0x45a21a1a1a5ba2b9L,0x34e2636ab2f40276L,0x30a97302e43c1e12L,
-        0x1c8b46c36422eed8L,0x788d649283623652L,0x0000000000000055L } },
-    /* 21 << 427 */
-    { { 0x9fe3e597bad87407L,0xbcc2af4e9450ec40L,0x45a510949f71d8dfL,
-        0x5209eee4afaf3e95L,0x029c59ab77b5c348L,0x16f2acc25e10ee90L,
-        0x640a7d135b710171L,0x51eff75a282ebe98L,0x00000000000001f0L },
-      { 0x38626ea764fe09f8L,0x8503a9d745408d36L,0xeff27b96d1a3ecf8L,
-        0x549fbb5cd78b52d2L,0x95215d10884f4653L,0x2d1fdb98b1ae33ebL,
-        0x0e0cd5f91008a6a2L,0x43c9181326d87e9cL,0x0000000000000031L } },
-    /* 22 << 427 */
-    { { 0x13cc8a3798a740faL,0xc99aa3ed2632ece5L,0xeaaeecd6b9e1c72bL,
-        0x3aec5c4956487374L,0x89a403cc14674797L,0xca0ea19a6e0c69ecL,
-        0x86b528a68ed9f435L,0x06be957dbce563b4L,0x000000000000005dL },
-      { 0x35d9c838ca34abfbL,0x0dd8cb6d4f813c5eL,0xaac57a0356dfecfdL,
-        0x0f11909337223e93L,0x5f8781c95b447b8eL,0xab2f96c0ed13b66bL,
-        0xd38636ebe3af9074L,0x296c578268da2b8aL,0x00000000000000e1L } },
-    /* 23 << 427 */
-    { { 0x4a1ed69265e97671L,0xcda466e2890bce4fL,0x3dd5210c31b4d676L,
-        0x7061885e97026fe6L,0x5f50b6f7541cdf81L,0x1c1c3fd8fcdec849L,
-        0x77e19a9781cedc49L,0x35c05a1359b27262L,0x000000000000016cL },
-      { 0xe74e401b05aba6e3L,0x1da6d83aaca696c5L,0x6e9d07b3549455e5L,
-        0x5a121ee1c7dcb5d0L,0x34346781d46f00c7L,0x534b1136ecacb619L,
-        0xf196cbf3b24e6e3eL,0x7a31c822aecc0b23L,0x000000000000011eL } },
-    /* 24 << 427 */
-    { { 0xdfd43ebda9f23142L,0x707183f61ace42feL,0x2db54733954f2170L,
-        0x1a10e785e3a33da2L,0xef315020b848d1cdL,0x179454ce5ecdc048L,
-        0x845369cf13e1aee8L,0xb924faa0b536990dL,0x0000000000000012L },
-      { 0xecf9a0ef7d22a7b1L,0xc8dc42e20e95f354L,0x2db31a2ff194a767L,
-        0x31063e42b67924efL,0xebc3ca6c48537ba1L,0xc59746eba8363616L,
-        0x6c45f60203d2c783L,0xefc327471e59fd7eL,0x00000000000001a0L } },
-    /* 25 << 427 */
-    { { 0x38709b4b8eb4707eL,0xa07de12525ca12f8L,0x0cd83aa26c2d4220L,
-        0xb916ea38f1853536L,0x8d2d7f602bcb2378L,0xc7f353c265863a3bL,
-        0xef8293aab05aa95dL,0xc99ce91fdb80d1c3L,0x0000000000000077L },
-      { 0x66feb65f5751344eL,0x89587ddf80016cccL,0x9732106be14e338fL,
-        0xa0cd0f26164039f5L,0x3a4ac3f1c656cfdbL,0xe91d606cef332647L,
-        0x7c8dfb2328e19b43L,0x6d94937494d26529L,0x000000000000006eL } },
-    /* 26 << 427 */
-    { { 0x393a7dcbd3c3aa79L,0x8a3a2240a23c9656L,0xdbc3a5f8cf3eefeeL,
-        0x128e5df243801f53L,0x2915bd679f3b1e81L,0x9c317104741c8852L,
-        0xdad2c02867107eb1L,0x17c5c24994300eacL,0x00000000000000ddL },
-      { 0x8e33383090087c9cL,0x3b477580533f2a2cL,0xb6395d04a0b8fc27L,
-        0xe16f86d626ac5091L,0x376968721370dd63L,0x17277a7f0dbda08bL,
-        0x7cc056e800825ec2L,0xa37c952239724e7bL,0x000000000000002dL } },
-    /* 27 << 427 */
-    { { 0x16df84f88cdcb3d8L,0x08e2203eaa095d0eL,0x60356444b912565dL,
-        0xdb9fa32bdf68d347L,0x37a7a24fddb99999L,0xbec968d30327527dL,
-        0x9ced58e7e0d299c0L,0x3ec26b36eb40f891L,0x00000000000001a4L },
-      { 0x51fe548e3cbcb1dbL,0x9c7b645212019828L,0xafece3855d8853f8L,
-        0xa5b7e31c373f3ce3L,0xfe574de1a56827e6L,0x6b717d575b124f35L,
-        0x3478142156048b07L,0x2d0f9a599d2a86c8L,0x0000000000000131L } },
-    /* 28 << 427 */
-    { { 0xa8d55ba1f6f83320L,0xe7493496c4ee60d0L,0x55a0e10fe16bb4e8L,
-        0x7da768acaf161711L,0xeea132c0be96a3b5L,0x4a09ffff7fb41dcaL,
-        0xbd69c04713f6bf90L,0x4aeb854a82509b35L,0x0000000000000156L },
-      { 0xcb9c060d70f0c260L,0x91fab0dbf52f971dL,0xd2fac4c89dbcd806L,
-        0x92f23fa3266b3438L,0x01bb7d4b56ad0784L,0x0216d0acc864ea06L,
-        0x8c126be50b55df14L,0x9541a18baa2a1f85L,0x00000000000000fbL } },
-    /* 29 << 427 */
-    { { 0x10ed68cf51480510L,0xfa750fc26cccef7eL,0xc0a95e54120622e6L,
-        0xa7b8a3eb98cb5878L,0x67b9482d47b7a85aL,0x7ccc6eaafec17f20L,
-        0x0556723dce3e75baL,0x3e047342181e55baL,0x000000000000006fL },
-      { 0x58094d0329e6c93fL,0x3fc1c1fa454c358aL,0x303c9624fe9d019bL,
-        0xfec90ff16d018035L,0xf15f05418266f9bdL,0xf3fdb456cacd7be8L,
-        0xdf7d1fc03dd66192L,0x2b9617b8c3f9acddL,0x0000000000000027L } },
-    /* 30 << 427 */
-    { { 0x3f8344d51426b278L,0x8f7ddf8a9a9b479bL,0x1a964eb3c669901cL,
-        0x6fa4cd8fcaccb2c3L,0x65facc3706e7ad1fL,0xf29ffbb490a7f25aL,
-        0x3d1ad490e68a505eL,0x5a5cd3fa88d6e4e6L,0x00000000000000baL },
-      { 0x9ca4b1fbb503a9c8L,0x94938bf8ad8685f3L,0xe9c8fb4af178c339L,
-        0xbfc000d25ed5928fL,0x7b8b0f6ee7298bf4L,0x46c7096a7fba0571L,
-        0xde65dc553dd656a8L,0xee6b622341a31a9dL,0x0000000000000196L } },
-    /* 31 << 427 */
-    { { 0x17deaa271ffd501eL,0x2376a41b0d4ff4daL,0x35928095d8cf506bL,
-        0x1b4ccb2aa9312ac8L,0xd971fc980fc0131bL,0xff85e073c4e30e91L,
-        0x82420dfdf59f79d9L,0x81961c5f5d12f268L,0x00000000000000bfL },
-      { 0xa3167cadbc31557aL,0x5e3000588089f9cbL,0xf3b49fcaf6ada736L,
-        0xcf3a28d0502a7f0fL,0x547068bd5e020aa5L,0x9a8d88ed5537e4fbL,
-        0xfe8a3d5693f0d6adL,0xf8e02f75d71aa5a6L,0x00000000000000c6L } },
-    /* 32 << 427 */
-    { { 0xa66cccc8d6e1bd72L,0x1ea4e9214ae2fa5cL,0x66775af22d021fa7L,
-        0x6d711dfb2a4c4677L,0xddaae8bb5ae380b3L,0x53158994600f11fcL,
-        0xfeb122dbda94d443L,0x7cbf1afadffc21ddL,0x0000000000000006L },
-      { 0x03cfa731834bf891L,0x4e016085630b8032L,0x90cf9b5949db4d96L,
-        0x96fd2614335c9dddL,0xc02145108e3b98fbL,0x6ded06331da2ea2fL,
-        0x2bda6d769d0ead76L,0x4ba00e99f3e4fbf2L,0x0000000000000169L } },
-    /* 33 << 427 */
-    { { 0x92de07fbfbf8e53fL,0x73ac4f82b63807fcL,0xcc4f442b27affccbL,
-        0x2d62daf18bb57cefL,0xa7d49c8d70519e9aL,0x0c4b3d051b5b5b71L,
-        0xa157cc8f70d64bd3L,0xd127d42ce74f2b2aL,0x00000000000001cfL },
-      { 0x79eb99c7cb079cc9L,0xbdc25d7fb011154dL,0x872b357c399ce92cL,
-        0x3e6cddea714f21cdL,0x9f6164964b06671bL,0xb1830b11fb8072d4L,
-        0xf2fa236813044f12L,0x1ac80049e95ad608L,0x000000000000010dL } },
-    /* 34 << 427 */
-    { { 0x9269dc702740d740L,0xff34da75c999e65bL,0xff47227b44d3a050L,
-        0xa32b5a8c6930d914L,0x06a3fa67b194ccf2L,0x21f0ff632045ff06L,
-        0x76f08dc2f25f41baL,0x0effecd5071e60bfL,0x00000000000001ccL },
-      { 0x509f29ba52771829L,0x9c992d40f2b740d5L,0xd62799bdfa7f8244L,
-        0xb403785ce16a20e6L,0xe1a98c8c9e156027L,0x0d397dcdc18b859fL,
-        0xbac3cb83c9d70388L,0xc5316eadfb7d5568L,0x00000000000000f3L } },
-    /* 35 << 427 */
-    { { 0xc856f24cf4a0af77L,0x43161834b585a74aL,0xaa1b75e173f7cb2dL,
-        0x8349aa98061aefbcL,0x2e5847d2c610cfd9L,0xf1e0b1d393bd106bL,
-        0x6d239a5e14efc60fL,0xe7a6418f1e30dbfbL,0x00000000000001cbL },
-      { 0x8258a5df6955a0b2L,0x832126776e90817eL,0x63a78ff5110e989eL,
-        0x84dbefcc96ab15e3L,0x7d0a08c003ac922dL,0xbba5ae39a50d0bbcL,
-        0xe480626e9c7466f2L,0x278bc8daaa73d0feL,0x000000000000005fL } },
-    /* 36 << 427 */
-    { { 0x2df7a47e6a625873L,0x30bf6394d0cc5aedL,0x44f942da51af3189L,
-        0x2b700239ea2b12f4L,0xb5aea5e8e9af1742L,0x948b6b30dd4d5386L,
-        0x5eca1a7bab06b047L,0x19ab42c24f3f2baeL,0x000000000000013bL },
-      { 0x903986b0f22488a3L,0x9ccce9ec066ff5deL,0x8149450d08e6babbL,
-        0x176b2286cd8884f1L,0xa328bdd3c05b78d6L,0xdbaf8ea4d0b14a6cL,
-        0x139734eca2e92cecL,0x453c8e96dfbee5b5L,0x0000000000000049L } },
-    /* 37 << 427 */
-    { { 0x3e36dae1b3de3ea9L,0x4d67dc22b1048176L,0x9c3f39b27ca60a49L,
-        0xd4a75e25f7600352L,0x03dc181cd298be2fL,0x18ae60f43016d93dL,
-        0x871f677ca3a7aeaaL,0x1977f85af92c5d38L,0x0000000000000055L },
-      { 0xa51c1634692bb41eL,0xca455e9dc37c90ddL,0xf48be721c7a8731dL,
-        0xaa030d88b9da10cdL,0x35029fd9ed039c9eL,0xb3d2e1e89423f362L,
-        0x555246ed4ee59557L,0x292a8be6905a0decL,0x0000000000000088L } },
-    /* 38 << 427 */
-    { { 0xbfe67c557a8d10f9L,0x1e8167b2f54e78dbL,0x01cdca1f4234bfe6L,
-        0xbbd9a3acd655fafdL,0x02bf164c7854f6f2L,0x8241f9ff52ce9fc5L,
-        0x2fc147122689e156L,0x527855adbd0e10cbL,0x0000000000000143L },
-      { 0x8adcba30f57d2022L,0x95093ae15fc652deL,0x4d830641ad841830L,
-        0x702148f87da2878eL,0xf47d81009531f234L,0xd6391216ee253ee4L,
-        0x99e201a00732fabbL,0x693327a7a11d3ef4L,0x0000000000000037L } },
-    /* 39 << 427 */
-    { { 0x257b2c08a87a1545L,0xe1e118548a4a4ccbL,0x099d563158109e59L,
-        0xe395c06560d8cf6dL,0x2da7e6dbdac91c22L,0x113bd02ee0632099L,
-        0xcc7111b98d953366L,0xb76e6af3a5983204L,0x0000000000000047L },
-      { 0x0c44689c7bbce3a7L,0x26bc71a8fcb6c961L,0xf34027d8f31cdad5L,
-        0x1fddc33cd929cc3cL,0xeb5682a0eb37a1ccL,0x4755ba0df7ec039dL,
-        0x0a94d4aaf33d0836L,0x19e00d7947a72a04L,0x000000000000016dL } },
-    /* 40 << 427 */
-    { { 0x2cf3b1fa322864adL,0xe2206b9b9e3f46a3L,0x76348b0f41d0ce6aL,
-        0xd41b3ed8a4325cccL,0x9d9ccbb21d3405a8L,0x65abee1b7f11ee03L,
-        0xd977c7ab0aa890a0L,0x220e26661a890787L,0x0000000000000052L },
-      { 0x136e9c9769519db4L,0x2e563a4757f5ccccL,0xad3a43887feb68ecL,
-        0x5e71644ebca01b85L,0x45a4cd156a97b3f3L,0x3c8779307e5e79cdL,
-        0xf104f21a4ff32d62L,0x656dca67ee2e827dL,0x00000000000001c5L } },
-    /* 41 << 427 */
-    { { 0x538e141005d2dce4L,0xc517290ecb65b292L,0x171cde90f26b5fcaL,
-        0x0f58cb2f09e7a385L,0xe0c681b758c62021L,0x0f7f0891acc7ceeaL,
-        0xe8edc977a5872183L,0x073a1069d7756934L,0x00000000000000a5L },
-      { 0xbc2a3fc512d27ad9L,0x0207f142076be131L,0xa72fea2658f61ae5L,
-        0xb74a4667c5878639L,0x08b02b75d3027808L,0x06cc19d64340d00fL,
-        0x957bc371e56573d7L,0x97f805cca8bb03c9L,0x00000000000001f6L } },
-    /* 42 << 427 */
-    { { 0x942815d76ea3d821L,0x8881dd1046468a84L,0x30aeb26b67e28444L,
-        0xcc1f79d53d0d7f04L,0xe66ba1e36db5fadbL,0x307dc24b821415f6L,
-        0x3ca98ae0f143a003L,0x461e517a9e4c0596L,0x000000000000010cL },
-      { 0xf6873034c32523baL,0xacf66d608fc9f270L,0xa7bbe4df9e29d4b8L,
-        0x06382f3fe4866269L,0xd02b5fe55bd0878cL,0x313d61815536ac79L,
-        0x4ef5bc9b92c66a64L,0xdf2cb0b4c6507408L,0x0000000000000108L } },
-    /* 43 << 427 */
-    { { 0xe64eab7050f2ad0aL,0xb0836a25989d3480L,0x646266df62a0e974L,
-        0xe31a0fcd0786a00bL,0xeb3ce16c8d094173L,0xe027c0361b383372L,
-        0x4b98279927e50720L,0xe1be59ddd0db5c1cL,0x0000000000000191L },
-      { 0x251b4415aa8b2696L,0x7c76e719cd241ccfL,0xa927921cd20b8c2cL,
-        0x3bab44460e5395caL,0x085f53b8b4f6fd5eL,0xfdc7d362585747a4L,
-        0xe01aa6f8b49df12eL,0x98b64a06cd96102eL,0x000000000000013cL } },
-    /* 44 << 427 */
-    { { 0x97cb33b1a4555f7dL,0x43df1ab01b9e2de5L,0x786a7bb7783d728dL,
-        0xcecfdcdc0ed18d15L,0x1d7d0ef878175e9fL,0x688a6a93ae2d03e3L,
-        0x86370b065f8b6e9eL,0x430bbf48dbd9c4faL,0x00000000000000f7L },
-      { 0x2edf29360f7eb5a7L,0xf5420a13cf6ad480L,0xda6ab6be65d089f6L,
-        0x596de3a24a8d9ab7L,0xae767579b2c581aaL,0xaab09d434572bb0bL,
-        0x112a1f2b4928b1f5L,0x38e069e2f93ad7a1L,0x0000000000000021L } },
-    /* 45 << 427 */
-    { { 0x941ca2415ca5585bL,0xd923343df644f5f8L,0x71a7d718b18c3e17L,
-        0xed8dd0de99436ddbL,0xe1fac7baba2f9c39L,0x34358aaef116190eL,
-        0x403bac20e41c6b1dL,0xabc6637b3b26b4f4L,0x000000000000007eL },
-      { 0xd117748197fb706fL,0xe41b34db815019bfL,0xb5228a6772199b3aL,
-        0xf022c6474d89f217L,0x00696885d7150cf3L,0x1f655091377a6789L,
-        0x6cf689158649e629L,0x3219372d4b28e7efL,0x0000000000000171L } },
-    /* 46 << 427 */
-    { { 0x2fb27dbb68b4cf14L,0x83cf08a47542d4c2L,0xedea4b048059f2e3L,
-        0x1222f64a6f67d4a5L,0x1d790b02e6c04450L,0xcfe52ec5cf4dc563L,
-        0xb42d56e9a5fa0b1aL,0x2ef31effc3d864f0L,0x00000000000001c4L },
-      { 0xd62492da6114eaf0L,0x04f4c8d4d40afeddL,0xfaca6c0a08af05adL,
-        0x7171982cce26c849L,0xa7bc880548e683a7L,0xc150763774d06896L,
-        0x0f49ea72c3fcef58L,0x8c32076913cf0f49L,0x00000000000001f5L } },
-    /* 47 << 427 */
-    { { 0xaf181e82985582d4L,0xcdcd966e4e992b86L,0xfb5402b6a35ca1b2L,
-        0xf74d80512add6ba5L,0xb7895c4f41091b8cL,0xde51f53e3a6355afL,
-        0x050164b1ed0a60ebL,0xcd62660cbd2047c7L,0x000000000000015fL },
-      { 0x38f3d8571cbd7da3L,0x24586de2b9f659bdL,0xd8110d99860eb4a7L,
-        0x44464b4562cf6fbbL,0x7eed4e2a0144bba3L,0x3e54c13af303cbfbL,
-        0x30ac8c5f15d1fa60L,0x64450110a92fa2aeL,0x0000000000000035L } },
-    /* 48 << 427 */
-    { { 0xb24539ba81c69120L,0x04505ebccfb6ad04L,0xc834374bfb3dab0bL,
-        0x1387d634c6993dd4L,0xc2e664886b2f12dbL,0x96ddf76e8b1f1c7aL,
-        0x0af8836d0c73112eL,0x60fc8d5c87471da5L,0x0000000000000160L },
-      { 0xbb469810eaf8f9a1L,0x578f6ab463f8ee9dL,0xc94a65ed62b399f4L,
-        0x7dbe97209ed6026dL,0x33fb692d4dd7fec0L,0x1809935aec02996dL,
-        0xeb564aa5b4362311L,0x7721c318a6eaa32cL,0x00000000000000f4L } },
-    /* 49 << 427 */
-    { { 0x6fe34646132b6d6cL,0xe8ad45578b5df74bL,0x5edbe10544181a9cL,
-        0x876ad5acade27e8eL,0x709d9c087a2bc939L,0x8e3fc5dcaf2cc6faL,
-        0x69f278e6f034d895L,0x76f09ec5c27e1c76L,0x00000000000001bfL },
-      { 0x4cc16808db60bb50L,0x8783bcabc0049677L,0x26987cfac55833d9L,
-        0x68a244380dcdb1c2L,0x7c83c14a42bb8497L,0x6b582da63e47412aL,
-        0x3b7e4b7eceb07167L,0x6b8a30351c1bb2e8L,0x00000000000000a9L } },
-    /* 50 << 427 */
-    { { 0x7fc67685987b0150L,0xa8abf2f762b4cd90L,0x115c21725726f489L,
-        0x861ab367948a78f9L,0xbfb4d3a1804286c7L,0xa4512b172771cb85L,
-        0x48d255811beb89b0L,0xbe78f826daa51a26L,0x000000000000014cL },
-      { 0xe2829f61644031e8L,0x80de3e3475877fdeL,0xbcb6bf9527c7a40cL,
-        0xc823751734abfa0cL,0xc476ed04d4a33668L,0x715393764f9017b7L,
-        0x085bb25f90ecddf7L,0xe63273c0a6f3dbd0L,0x00000000000000feL } },
-    /* 51 << 427 */
-    { { 0x06a48d0bbf507ffeL,0x59caa8e90b047e91L,0xa10f715478b708dfL,
-        0xee72692a5cb625c7L,0x1fec6d20c83e6aaaL,0xcfba2c7a3532329eL,
-        0x83970bffa919b5eeL,0xbe15513c6a2a46c1L,0x00000000000001d6L },
-      { 0xfa14892670cb9e0dL,0xa56e8b43ad374337L,0x7d18381ec20e39c8L,
-        0xc7022ca35b739c55L,0xe8d0c9d08ec3667cL,0xf7ee5edaf4244d4aL,
-        0x501af624a2c20c8aL,0x55699815ee5cccc3L,0x000000000000011dL } },
-    /* 52 << 427 */
-    { { 0xa2d0161263e5d445L,0x318c60fb81a2b810L,0x4564edf6ab744edfL,
-        0x21cbb72b7129260aL,0x7ab39feca9d01ee0L,0x9b4d0991aad2d43aL,
-        0x5bf41341e8c8f5dbL,0x61002ceb83ee50daL,0x000000000000017dL },
-      { 0x94b575db1c891b7aL,0x348538dcb7f8b85dL,0x91503a10c1877296L,
-        0x9ff573b2503b002bL,0x4886698ecbd46aa7L,0x6564266de31a6020L,
-        0xfa1da81ee61a1eb7L,0x2df2b1604e03554dL,0x00000000000001e0L } },
-    /* 53 << 427 */
-    { { 0xf8a6c112818062f9L,0x8d08a4ddb301afb9L,0x6d7305c20b074bc5L,
-        0x279f7e4c3470f4bdL,0x59f3f94b6e8c4a0dL,0x680a11913e917609L,
-        0xdd6758459621dd8aL,0x1ab73dc00bc5e395L,0x00000000000000d8L },
-      { 0x2dd9e1385f223a32L,0x4d87bf99ccdf9a1fL,0x8a67b8908a2f1b38L,
-        0x329c08b5969b592fL,0x9f15de53e70135edL,0x537ad5329408ce34L,
-        0x00f468c6d91dd253L,0x07514043d47da37eL,0x0000000000000138L } },
-    /* 54 << 427 */
-    { { 0x26144feeeb6e7d44L,0xa3d0e47b419d7a27L,0xc97f088e22e55c60L,
-        0x611ff17696306002L,0x5be12ad9e06949d3L,0xa044ae3d199da892L,
-        0x3e45377b9337f515L,0x6c3d1a82b9c008f3L,0x00000000000000ceL },
-      { 0x7576e2901950a782L,0x0f137065091e8675L,0x32b05e3c59703452L,
-        0x0ea85fa33e8a80aaL,0xad2e35276f9bff8dL,0x50cbed34efae1927L,
-        0xb7dc26ee13ac433eL,0x42b282472925f0ddL,0x000000000000011cL } },
-    /* 55 << 427 */
-    { { 0x2e49ba37ff3d2c8eL,0x8b7eb6db17f31cdaL,0x81fe046de11d97c9L,
-        0xed15756eda082707L,0x685e44031195a75aL,0x56e7aab54492062eL,
-        0x5ca5797e3a978f5fL,0x4591a8bdeca382e2L,0x0000000000000097L },
-      { 0x4fb2fb61ee14d996L,0x4723a61f5803e9a0L,0xed2c32c01740f872L,
-        0x9cfb2e942c46e342L,0xf664be63842b362aL,0x4ab1e9d06d396a61L,
-        0xb0930e94a2fe10a7L,0xdc17d952a8fe6f70L,0x0000000000000110L } },
-    /* 56 << 427 */
-    { { 0x586c6846413b14edL,0x936bb2927edcbc73L,0x893e795583cf2054L,
-        0x386a770bab5def06L,0xe753fc8a28830523L,0x3e651f83a9e5952cL,
-        0x42c2d31ebddb4b3eL,0xb9ebb8c23d9485e4L,0x0000000000000130L },
-      { 0xd0f7512dfdd9c07eL,0xdb9b61d37c17370bL,0x1d5542e40e023630L,
-        0xd7367ec1e751a8b2L,0x3ee2c75913e4ec75L,0x331c85fa9cb027a4L,
-        0x9b1d0f016fc9c60bL,0x7e6a19cf34080c71L,0x0000000000000142L } },
-    /* 57 << 427 */
-    { { 0xe6bb0584e75480b4L,0xb3a154d2cc7fb34aL,0xb297a7260d5ac90bL,
-        0x46cd0c4f19075d40L,0xc3375c6733a6825cL,0x64904deac9512c02L,
-        0x4f17c760ce09f4e9L,0xde401d3cf301d829L,0x00000000000000adL },
-      { 0x89155ce8d39f2376L,0x39a8df112371e03fL,0x65d702536fee325bL,
-        0x54ff235708ed7dfbL,0xc19258ca932476b6L,0x13cc49b26dfeddf1L,
-        0xa2b26c3c850f96daL,0xde83c98d86e4d2fcL,0x000000000000002dL } },
-    /* 58 << 427 */
-    { { 0xc4f1693f0af0d7d1L,0x04df4ffe075feb82L,0x4f818a9543f8745bL,
-        0x3f8bdedd8c94b232L,0xa4af5aa35314fd6eL,0xf4911b6bc3ca1b45L,
-        0x9924adf319e2f569L,0xa7794358dd09e72dL,0x000000000000006dL },
-      { 0x4f87908e973ff83fL,0xcac68ed2bbcb94e6L,0x99c8c1d8689acda0L,
-        0xb0d9d2a9e581b37dL,0x413d1edfe1ec4002L,0x1585f1cce9fabb62L,
-        0xbbeff8aca026d8f9L,0xfee19657d13ced0fL,0x00000000000001faL } },
-    /* 59 << 427 */
-    { { 0x2b24b3c019ce885aL,0xb53de0cbb854a17fL,0x9a0df03ecf26c32dL,
-        0xe6e276ff18141773L,0x29033b53711c8b3cL,0x367c7c6827b85921L,
-        0x8a0f8999c6f4439eL,0x7dabbad4a3d38307L,0x00000000000001a1L },
-      { 0x88b4790caaaabfb9L,0x39726e9aee90a6c2L,0xbc324a8c2a08e052L,
-        0x5044c686f2835310L,0xb4b2ee401a62e2a6L,0xb5bb8ea4715a09faL,
-        0x4ba0b1caa2406da1L,0xee2a9ea4066a2a26L,0x00000000000000b7L } },
-    /* 60 << 427 */
-    { { 0x244f7e0c14c92774L,0x0e07d01007243141L,0xc07fc4185d862fe2L,
-        0x052eb9b39eff52e1L,0xa39dcf3e79cb7730L,0xd4bc1e0ada1a0cd7L,
-        0xcbcbed4ed398b073L,0x466686ba732f9530L,0x0000000000000110L },
-      { 0x67d348f78f15b8cdL,0xa681bab6d8cca9bfL,0x5dea910aba84678aL,
-        0xb89d861524525de1L,0x7536a8e711faeef7L,0xcb049dfaaeeb1f92L,
-        0x647de8ded21f0b55L,0xc2e8852ffb9fd11aL,0x00000000000000b8L } },
-    /* 61 << 427 */
-    { { 0x53e4c63ab7849f04L,0x065e74bdc84a5960L,0x4c437df833b4638aL,
-        0x3e8046b785eb9a9aL,0xbf96115d5136388aL,0x7682edd57d6ea4beL,
-        0x4939f243b3c638fcL,0x71d0774fb46c9fadL,0x000000000000012eL },
-      { 0xe57fa566f6f9843fL,0xfc6102e7f9b4659eL,0x51279da3ee351e88L,
-        0x1913f351622fb01dL,0x5a1ada08ec899057L,0xca36809acf2110feL,
-        0x58afbe7f68df1b01L,0x025adf57f30e4d6eL,0x00000000000000b7L } },
-    /* 62 << 427 */
-    { { 0x66de14604a32d769L,0x7085c561b00b7baaL,0xf3781f27ca887f70L,
-        0x067b88390f609588L,0x4dde43f9de1aa960L,0xdf0d5c73246e1756L,
-        0xfb7e6cf0e32b6b74L,0x832383085785f432L,0x000000000000017eL },
-      { 0x85244d7e30556b4fL,0x7d7ae5c25f2b01dfL,0x6d217088afca87aaL,
-        0xcce2eb33c6746f35L,0xa214db754c48ee16L,0x7075d0059af9c236L,
-        0x05acfa551dcb066cL,0x51808254399e0cadL,0x000000000000002bL } },
-    /* 63 << 427 */
-    { { 0x37140db02c17ece8L,0x67c86862a2f14a31L,0x8661ca8b7f2ebba1L,
-        0x44ea992a1592fbe6L,0x23c0aa41dbb650d2L,0x7e3b31be84e08d74L,
-        0xdc2437d958374fe6L,0x7080a4802a00d6dfL,0x0000000000000084L },
-      { 0xcf036b4f784a660cL,0x368783d64202a5eaL,0x70f9ea976ab86497L,
-        0x10e443598d9be8d3L,0x804e0b878e0a9738L,0x7251be8c013faba3L,
-        0xbf2df4fc39e0f147L,0x0b31ef1115f25948L,0x000000000000000cL } },
-    /* 64 << 427 */
-    { { 0x5fbf73adee70e781L,0x29a81e4f67793cf9L,0xd7e9ccdf80bf503eL,
-        0x6c06d49cd6edda9dL,0xc33c7ee6d96e70f7L,0x30d7d644ef6114b1L,
-        0x0615b576ab81af49L,0x56b8af445a09a31fL,0x0000000000000076L },
-      { 0x32e0b33475cac764L,0x0b123da0dc2d7e31L,0x67d72e7ad11b58eaL,
-        0x93165a21961098edL,0x4ae95e5add1d2b8cL,0xc26794a07ee3715fL,
-        0x6887f532cd333782L,0x67e608d5af37aedeL,0x0000000000000179L } },
-    /* 0 << 434 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 434 */
-    { { 0xac333e4aecfa8831L,0x9d08f6ef8a6d6e93L,0xf2eed835ea97fb6aL,
-        0xddf44417070c46f2L,0x1e3159bf37694ea3L,0xb0c4319c8b7d6a05L,
-        0x0abc757261f314fbL,0x0057f6c701a6047eL,0x00000000000001e7L },
-      { 0x204cb3dd6af8283bL,0x4eedfa1644ab9ea7L,0x79f1569993b7d9e5L,
-        0xaac8f0c7d29dcc8aL,0xe293fd274800f5e5L,0x6ec0a739e22da004L,
-        0x8cbee62fb903094cL,0x86dcb1fda88c3bceL,0x00000000000001ccL } },
-    /* 2 << 434 */
-    { { 0x3a44dde085f45eddL,0xc543bb6498309156L,0x82d1ce827597d0d0L,
-        0xb2dc0f228106ca3eL,0x66f394472c3a313aL,0xd8f6fcdaa6cf2e03L,
-        0xed6e0e279e6bf40bL,0x7dcd3a305b9a41afL,0x0000000000000095L },
-      { 0x0a870cec12be5b78L,0x912c21c51406e140L,0x977417fdd5e13ca1L,
-        0x9edbae8ab9e21e28L,0x9fce45ea13b2f069L,0x25bd760b84f3cbf2L,
-        0x29e0c3ce2489fd01L,0xe16d31c1ec62a766L,0x0000000000000061L } },
-    /* 3 << 434 */
-    { { 0x9badc953ab98f2bfL,0x867b5f5e6f45ec55L,0x36c30111539ab291L,
-        0xc663fbe74feeef3cL,0xb2da1de355213dd8L,0x2c3e4a54a8f58884L,
-        0x2c2794c713f166adL,0x1b31c3a69bb7b65bL,0x000000000000018eL },
-      { 0x1a866f47b06e4f37L,0xbbe067a17a609c0dL,0x83073920151f64fbL,
-        0x899421eebba549b1L,0xa2145adf91f21d16L,0xbd5f420952c37c74L,
-        0xbf18214c7c7afc51L,0x917e6547b69ba831L,0x000000000000013eL } },
-    /* 4 << 434 */
-    { { 0x6985bbd6ee32e2ffL,0xe69f0f223c35a00bL,0xb1abb4ae0ede3c1bL,
-        0xa3d7ecde93d96532L,0x69eae2594f693cabL,0x52e38b65fe3665f9L,
-        0x17664e93f2fa7a85L,0xe1a2febfa5300907L,0x0000000000000000L },
-      { 0xbb35ef0ca538774aL,0xac9aa3ce2b28e6fbL,0x57e02d060a801edbL,
-        0x6977544394847324L,0xb526bb1929dd0a3bL,0xaed93900c468815fL,
-        0x3eb1b9b2221df814L,0xe421e27ad9472dafL,0x00000000000000b9L } },
-    /* 5 << 434 */
-    { { 0x86c72d693a4d1314L,0x8a0b4b5a5c7db07eL,0xb77d353706fde68fL,
-        0xcb5446077f5e412aL,0xb399cf67eebefcd0L,0x8b1f0e0a274fa0ddL,
-        0xbf0e6dc875a8fa65L,0x1c405959c78432ebL,0x00000000000000cdL },
-      { 0x50aef83472b78101L,0xf4477ba98ad40428L,0xffafa24a11d9b90aL,
-        0x41b8927e81c56505L,0x0f9920639e742b07L,0x1e7d380631dbf256L,
-        0xd4c41bf666ba635aL,0x895bd3de14246d32L,0x0000000000000179L } },
-    /* 6 << 434 */
-    { { 0x4ca733dff28aebc3L,0x408d980ed8f0c8feL,0x64cff1fd113fe1beL,
-        0x3ecc3e9706c2bdc4L,0xfa7cd864c6e6802eL,0x728c7528d9975387L,
-        0x96ae9f3bd6abcb5fL,0x24a5251a89ee857bL,0x000000000000009fL },
-      { 0xe49c9cc6c5a6f9b0L,0xdd026901c60fb1c2L,0xc0c58dacc212b65bL,
-        0xf2ea35783677c2b2L,0x7d2c7e6de6ca86aeL,0x8ca90cffdc0561a1L,
-        0xa4e849704061a2ebL,0x852086dafe948ce5L,0x0000000000000135L } },
-    /* 7 << 434 */
-    { { 0x64d982d29e4a102cL,0x4526200619d68225L,0xce9edcab495a7a30L,
-        0x49255fd1405baf0eL,0xd9e98392b5055fa9L,0x5deb038d3910964fL,
-        0x3c53120d8c7d1e1aL,0x4690a6be39ee8dbcL,0x000000000000003dL },
-      { 0xcbd6c1035f941144L,0x0cc8a7b3d72dba80L,0x09d89abc286785b6L,
-        0x7f545c4c4d52dde7L,0x1f0b173d3212b0c7L,0xc82280472dacdc27L,
-        0xd9a295be16301255L,0x75cf7419ed5f40ecL,0x000000000000005dL } },
-    /* 8 << 434 */
-    { { 0x823a3093dcc0c55dL,0x48e4f42c8667bd82L,0x6483b8acdd036949L,
-        0x0d3f6e52154b38e9L,0x713a6450cb96db0aL,0x791efd97ac907250L,
-        0xe491a5192130c99cL,0x333277e57df593fdL,0x00000000000000ceL },
-      { 0x4deb4d72d7d90a84L,0x7f39203ea13778c5L,0x2308cd8a7bb79168L,
-        0x470cef35a710bd28L,0x6db6b1a213ba5c45L,0xe35b95dde9e55ec1L,
-        0x68f023ab7819af5bL,0x50d449896770441fL,0x0000000000000187L } },
-    /* 9 << 434 */
-    { { 0x4710bb318de4fd4eL,0x169135edf00d87afL,0x36bd504900a94292L,
-        0x90c1c9c2ee73e959L,0x604cdf4c627461f3L,0xf123980795d64fa6L,
-        0xa60a3fb61f64ccc9L,0xdff7fc6e358d52d3L,0x00000000000001d6L },
-      { 0xa97592eec296e9a0L,0xcfda4984fbc367ffL,0xa22077102957a911L,
-        0x596f1f66ca8ec572L,0x7bb35c4f4723310bL,0xb8f39027336b3010L,
-        0x4c2ad1f39d1bfbccL,0x99f721ababd1e48aL,0x0000000000000103L } },
-    /* 10 << 434 */
-    { { 0x761d77943135f08aL,0xc8ea69f3c9ff4b0bL,0x3a427a226d6f567cL,
-        0x4f8fbd235866181cL,0x4ab492868b5a14d5L,0x2cf7fb42ad46afe0L,
-        0xfe411657b6759dc7L,0x9610138134a7b11bL,0x00000000000001b4L },
-      { 0x1c306fff2d0bc15bL,0x23830bab33793532L,0x959e8e6406ebcd49L,
-        0x8ed9b284f60bceb3L,0x7d9c5d2acba1b607L,0x8aa698e5ea1a280eL,
-        0x75025662502aa440L,0xe1b6a557d8462948L,0x000000000000004eL } },
-    /* 11 << 434 */
-    { { 0x1bcd8a7db6ef3dafL,0x12c9d413f4253275L,0xba8941d2eff8e698L,
-        0x3c29be9700772aabL,0x4d3932bc466ddc96L,0x9d8f7ea612b8dbceL,
-        0x54b26ab2e90a0e8bL,0x28ecc5262ab562e3L,0x00000000000001d0L },
-      { 0xef47706ebc52c73fL,0x88ac550f31ca0b88L,0xefc0b9993f371074L,
-        0xf757ea265a09d4dbL,0x4f614d7d4eca4514L,0x3b597b46bc70e805L,
-        0x5f65ff72861a04c5L,0xa2fa0cd6a07d93a0L,0x00000000000000cdL } },
-    /* 12 << 434 */
-    { { 0xfd2c6ba8c03c8a93L,0x6287baae255a51a6L,0x6cde095efc336858L,
-        0x668c6f54acb5fb8cL,0x26b65582568a5789L,0xd51684effcfeb7baL,
-        0xb5d91d3d8dfe63fdL,0xd366cae7560188b9L,0x00000000000001c6L },
-      { 0x587d06cc9844367eL,0x527a075f589d9acaL,0xd581ad9f4f88ccdbL,
-        0x3499e8073a56ca59L,0x50b8b14dd6328d96L,0x9b06ce845936a744L,
-        0xab46f398e693da36L,0x4c5e0d9abc55f498L,0x00000000000001e0L } },
-    /* 13 << 434 */
-    { { 0x35e6f3aeedd8cdd5L,0xe7d1f84e3c70eda1L,0x2fa8a57c99601b6bL,
-        0xf4cd235a499f2353L,0x9200190c848ec0f4L,0xd8e57c44524a27b7L,
-        0x5a32ea3b935a4f48L,0xd31839aa14181ffaL,0x00000000000001ffL },
-      { 0xe60c02142be2e8d7L,0x4149c75ebc31b48bL,0x87917bef8716d826L,
-        0x70259495ce66f29bL,0x457f892b3868150dL,0x8f604f018c143012L,
-        0x802b15781b1338e7L,0xb8e25cdbe0d1d962L,0x0000000000000116L } },
-    /* 14 << 434 */
-    { { 0x8f89563d4f5a170bL,0x9b4bedca2a08933eL,0x270d697123bf430bL,
-        0x589177b13db77dcdL,0x2c7fe43654015de9L,0xa190fe6f76847478L,
-        0x161fb872744696e7L,0xa272a78c692f59d0L,0x00000000000000deL },
-      { 0xdd80e1522a95538aL,0x2d9da36b70fe17caL,0xfe5bfe5823144f73L,
-        0xd3239a7c02c3a576L,0x01efa88bd359a33dL,0xe6af55f7269d3166L,
-        0x15e3f06e0b135041L,0x20be0cf9492369fdL,0x00000000000000bfL } },
-    /* 15 << 434 */
-    { { 0x76c2738f4e339d8bL,0x2f6527a787c02e91L,0xc39a95b131e5a030L,
-        0x8a733cc6c748a0f8L,0xd9ddf3065851fca7L,0x0cc640146e2fa015L,
-        0x39d03d51fd0aa84fL,0xaaaa83861c8f6581L,0x0000000000000138L },
-      { 0x750194db2640d9c0L,0x3415c97add9e522bL,0x002ae6be920d5398L,
-        0xf544445d80534cabL,0x3c62a5dc6f30a7c8L,0x26b9e329a45929c2L,
-        0x7675e5d566978e76L,0x905599fbb8d851c6L,0x0000000000000198L } },
-    /* 16 << 434 */
-    { { 0x6cdf7285e8cf496bL,0xa27becaee1460283L,0x0291e5e3a8331004L,
-        0x436d8dea957e58fcL,0x52ade5768f6a37b3L,0x4c31e9eb08ca0bf7L,
-        0xd918c8a0547bb960L,0x85ceb1004394f6d3L,0x000000000000007bL },
-      { 0xf796100862db1e32L,0x875fa000c20f8b1eL,0xbd4bb865e621e53eL,
-        0x9346c7c57235cf42L,0x8ae88a5692cd8c70L,0x06b82e3ac68ab6d4L,
-        0xd0dea99a736a6b71L,0xa54ceaa48c6a1235L,0x000000000000012dL } },
-    /* 17 << 434 */
-    { { 0x0fa6807fc5da532bL,0x55d9934a4ff8c1faL,0x2eb4a07eebdcf033L,
-        0x4b02434624189b33L,0x2ac6561b755eb9fbL,0xaea6cd0ad3eb3456L,
-        0xa36e3823c15ba5acL,0x94b73998c83d3098L,0x00000000000001e0L },
-      { 0x7fc341f11f8b078cL,0x713203356df305b0L,0x37a2030430ec9e60L,
-        0x7999cd74c660bafaL,0x7521e720ec45a6f7L,0x6fa8a84d4fb05d84L,
-        0x16e0315c1f4f5dfcL,0xdd5cfcc90cd47592L,0x000000000000008fL } },
-    /* 18 << 434 */
-    { { 0x7ca1ffa7541e8082L,0x00f359827383faaaL,0x04a27995ddbea281L,
-        0x11cb61e87b84e2aeL,0xb22cabebc2411c38L,0x684f6d0266eb6691L,
-        0x712d6e1f4d7d1723L,0x5717734104bda106L,0x00000000000000e4L },
-      { 0x72616b593feb0af8L,0x6e76d929924cd70aL,0xf6d917784239138dL,
-        0xfa7bd85f84918a4eL,0xb90ba79df7073d27L,0x4edf2a217e42f694L,
-        0xb4840c74e1064c54L,0xdbcefd0b133a8f82L,0x00000000000000d9L } },
-    /* 19 << 434 */
-    { { 0x74207ef458e13084L,0x64cd272b775520dcL,0xfd6c279b16d75480L,
-        0x0de0dfa321b58672L,0xd156b0bdaa4fe111L,0xa006bb34bdc41a5bL,
-        0x586bb1e3f7423cb5L,0x39ffa18d5c61fd49L,0x000000000000011eL },
-      { 0xe3f73412ec60c0b7L,0x7a6bc1434ab8bd9aL,0x935d3e7ac11d433eL,
-        0x1559ebf9dc6e4b07L,0x6a4fbf74d1ff2ce8L,0x58526dc6fa40bacbL,
-        0x36abb094c5a9d599L,0x4ce17b30e5b1452bL,0x00000000000000cfL } },
-    /* 20 << 434 */
-    { { 0x14de106989b694f7L,0xfa202a91453ed74eL,0x19344093b7c462b0L,
-        0xddb9f1159d5f7733L,0x6110f1cd6e71efcbL,0xe9dbc336d27d9f95L,
-        0xd9b29e011ba3bb66L,0x7b218536a9677cf4L,0x0000000000000178L },
-      { 0x7fe687840eafdb07L,0xde335a451c0d642fL,0x11b4b98a208d5237L,
-        0x53f2c20236b0801dL,0xf07f20935cde08e1L,0x5e0e5d3a0f34078dL,
-        0xf1fc7f3480286b22L,0x4c305a8bc48e9216L,0x00000000000000f4L } },
-    /* 21 << 434 */
-    { { 0xd6df42236705ed72L,0x370df16b66596b1dL,0xcfd44ffd24fd4817L,
-        0x3d6143cddc924183L,0x26b486833c93f868L,0x54926c39c19a83d5L,
-        0x3d07a6ae95119375L,0xb882bdf8d83bcc99L,0x0000000000000034L },
-      { 0x3cffe30d64e14848L,0x0dec1cdaa7c2b18aL,0x22757d5836be59cdL,
-        0x7ddacf11d39f6627L,0x83237713e4a0e59fL,0x755523683e890a59L,
-        0x6473baf3ff8e3c4aL,0xf8a58f623318c5f3L,0x000000000000013aL } },
-    /* 22 << 434 */
-    { { 0x3fb7ab81dd8b0441L,0x9b12b4f4080198a6L,0x765ab538611543c5L,
-        0xd1b6ca116043b1e1L,0xe8e0c15a1e579bbcL,0xc9005a7fb00fd558L,
-        0xb0ee75168c91ddfcL,0x85c607eb8506ec71L,0x00000000000000daL },
-      { 0xf9016a2cc0ae0796L,0x1cc194908bddc9bfL,0xb49f46aff31a5da5L,
-        0x172441592beef5bfL,0xd8596e0bb4e4021aL,0x272d8334936dbec1L,
-        0x6b819cc236552640L,0xf6bf179cdf801f6aL,0x000000000000018dL } },
-    /* 23 << 434 */
-    { { 0x2ae917945ba71ac1L,0x8812d26b5fb18507L,0x50d7c5af4e8f8ab4L,
-        0xcbab980b252f505bL,0x53ef95460538a252L,0xbaa38f3b2c7e3061L,
-        0x6227e7032ced0186L,0x3eff1b0b81e073ccL,0x0000000000000184L },
-      { 0xcb8042e53e110191L,0x8b718b8d844874b5L,0xec43894e2c55ef49L,
-        0x089d49b33c1b5249L,0x431cfb0951502463L,0xbd443d7152d52366L,
-        0x6d21c0b3b0e9dce1L,0xca17c72c4b785911L,0x00000000000000ceL } },
-    /* 24 << 434 */
-    { { 0xdb8a02d18294cc29L,0x6aca02ec9a9a5709L,0xee2b10e6d554c17cL,
-        0x29aa181881c661ccL,0xbe522af71fd10eaeL,0x3c4bb5242b5589f7L,
-        0x5a5600b1681236a9L,0xf7ffd0917f235a88L,0x0000000000000007L },
-      { 0xfdfb09268ad17511L,0xc8964821ba2b0a60L,0xa6edc26433608d96L,
-        0xd98937de18d1b857L,0x0feecaad85a5a3b9L,0x567bbb021f102192L,
-        0x89147837441b4a0aL,0xaa4716104e0f3d86L,0x00000000000001b9L } },
-    /* 25 << 434 */
-    { { 0x93f9cccf7863976aL,0xfdbab5361c91781eL,0x6774ae57904d212eL,
-        0x6cbfac24eb9ead07L,0xbd90380ba53968deL,0x0fde4f3a0a3b43b9L,
-        0x4c738cf2096efa0cL,0x1a3a02b223c171f1L,0x00000000000001d6L },
-      { 0xecd4893c71151a16L,0xb6a710f6c733301aL,0x28758b01587eec91L,
-        0xb131f8b73bcdc933L,0xd5f86b40871cd739L,0x2ee24f351b13cde0L,
-        0x743cf511dc7a4ae4L,0x88f47ad7177a75e7L,0x00000000000000c1L } },
-    /* 26 << 434 */
-    { { 0xfd8ed032796edb60L,0x24d59d721ecab1efL,0x34dfd046f4ff8f0cL,
-        0x8606b5075706fce9L,0xc97ed07d35c5b36bL,0x7f4f2338c412e11bL,
-        0xd071191ded311016L,0x2df826748840bf8bL,0x0000000000000192L },
-      { 0x9225258095905d12L,0xae0da381a714a1f6L,0x59c89c85914bcea5L,
-        0x625501930a6928b0L,0xdeaa1009b4cc872cL,0x1c66457791b860e9L,
-        0xe52c89f4cd323335L,0x1b163d294211ab43L,0x0000000000000082L } },
-    /* 27 << 434 */
-    { { 0xc9e03c6c0eb94372L,0x8a373721b3f7a044L,0xb81c3b953e48abc0L,
-        0xb4a8a4b733c5a6f5L,0x5e4f35752c6ffb15L,0x369c3d68d3cd8567L,
-        0xad684b69cd922456L,0xfc195cb8ca0961abL,0x0000000000000083L },
-      { 0xb54609c5e604a834L,0x028b402f975cb6a1L,0xd61cec8482493224L,
-        0xc0d930d5d339794aL,0xb86c38891b9a3b61L,0x7d2eff3793827f00L,
-        0x7ff8c2bf9ab658a2L,0xe7f3aea8cfdd8fc3L,0x0000000000000156L } },
-    /* 28 << 434 */
-    { { 0xe030feb9814abc1cL,0xaa7ef7427387fcfdL,0x134e4ea847e5ce93L,
-        0xce9f3cb52949ffb0L,0xa83252a83e11a1c5L,0x2b308229ba0f2644L,
-        0x1eb76fb7ea75a292L,0x0d9bd36b73cf1481L,0x0000000000000021L },
-      { 0x45bdd68dc50e223bL,0xc6a83635a6c0be76L,0xaa61ea3fc0e1f910L,
-        0x7ad38095e8fd27fbL,0x2deaa3b2796c8efeL,0x9ad0a578d099bcdaL,
-        0x5819856a2a953ea1L,0x2b7b7793593d3e2dL,0x00000000000000ddL } },
-    /* 29 << 434 */
-    { { 0x5d863e60fd21235eL,0x1737c3f3325a1732L,0x6d933847ccc5bf11L,
-        0x00a192d493e00d81L,0x89a45bfac2c643ceL,0x02a13ad00765649dL,
-        0x26458f12fa509f47L,0x74c8aa2d16f09353L,0x000000000000013dL },
-      { 0x3fb91bb9f034a301L,0xc374e95b48dd0af7L,0xe1b0cc306d83c081L,
-        0xbbd70743e19f9a52L,0xd036958d37f45c9aL,0x02e6c68263326db0L,
-        0x65b7b79941872949L,0xa2e9e2dc4a5cd039L,0x000000000000016bL } },
-    /* 30 << 434 */
-    { { 0x68dc9f921bdf35d8L,0x037282cfa1a62dc9L,0xdca2ce576cb7d912L,
-        0xd565f7f06dd74592L,0x33e5cd32c2cf6a12L,0x86e50fbbd1ce584eL,
-        0xdec9cac5a91b3424L,0xb0c5e080b9b711e9L,0x0000000000000170L },
-      { 0x76d0834ade8dc323L,0xc7c54d2e20e86b82L,0x262b43488d8a41f7L,
-        0x35d84018b7751aebL,0xbf41d90a5e4cb30cL,0x3561f5f7c0cd08eeL,
-        0x0da722077b161b52L,0x6dae1a62cd604660L,0x0000000000000169L } },
-    /* 31 << 434 */
-    { { 0x8a4f3392d8eac947L,0x6c5c77fb762e311fL,0x29873696050f18eeL,
-        0x1736f47d8bf20331L,0x6a7e4e5256b5a106L,0xabdc39f8b502e6deL,
-        0x92d66f5e192b6aaeL,0x81266111e45b2f7bL,0x0000000000000038L },
-      { 0x12c3d68218222288L,0x2619aee789444667L,0x15c4af7dde3e55b6L,
-        0x3ea45634f3cf8dd1L,0xa4ec538f4dea2c6aL,0x8a5698ec39ce9315L,
-        0x3748d917aeb0b056L,0x1698cc83705362a5L,0x0000000000000007L } },
-    /* 32 << 434 */
-    { { 0x88fbc549470d7e36L,0xf091232ae079762fL,0x8e84ce7e027a4477L,
-        0x21e570dfb704f424L,0x51e89ca1d36fc205L,0x52451d98cb04c0f3L,
-        0x4233a3569a256b13L,0x42f33c2422636d07L,0x0000000000000186L },
-      { 0x88d6f4d60445345aL,0x8b03b9f60c2faa71L,0xa45ab219c3baf6d7L,
-        0x67c7eba1b9beb6d6L,0x3eb7beb99c8fcf22L,0xb35dfc4371d9a1aeL,
-        0xc1204af558436e2fL,0x543e4f318dd710f6L,0x0000000000000096L } },
-    /* 33 << 434 */
-    { { 0x4e2ab19ccecc8f96L,0x4b5b98ba2dc2c44cL,0x0b69cf0a14cf2ddcL,
-        0x109772e225a59fbdL,0x14e18ca6dc1ce60cL,0x8d542628d9b88c07L,
-        0x088494bb355c86c7L,0x6ead45471c0ca228L,0x00000000000001bdL },
-      { 0xcac21f389be7431dL,0xd238795012a91cbdL,0xa719bcba717b6555L,
-        0x5df1906c4b27ec0aL,0x489f2341704016b9L,0x7a6b8295439665b3L,
-        0xd48a672f6bd0e2d9L,0x7c109dfc85d4da53L,0x0000000000000062L } },
-    /* 34 << 434 */
-    { { 0x95923905c4e86d59L,0x03d679ea822fe184L,0xd620a19613200a7eL,
-        0x9e83b378747e1eb6L,0x39596aa1709c1988L,0xcc66a5db1570d652L,
-        0x3e97c888759f7faaL,0x7a97227391133073L,0x000000000000009fL },
-      { 0x044c93fdf39e6260L,0x152909941bb2cfa6L,0xcb1274af09a76fc4L,
-        0x430e3da16de5dad0L,0xc91bf14c1fb5f32fL,0xc2b6692c0587e533L,
-        0xd318416f41343775L,0x55ab5e96b0acf93dL,0x0000000000000098L } },
-    /* 35 << 434 */
-    { { 0xb847386fa177d3dcL,0x06d3c04864062f50L,0xe818655887c6c7f0L,
-        0xc72485a20bbe2d45L,0x36e906749ebc1de9L,0x02ea3f0a95c940b8L,
-        0x32502e0f9de384a7L,0x412d534093bc0c9dL,0x00000000000000a3L },
-      { 0x234b35877cbee5d8L,0xc8b3c8b7715bd276L,0x64efc64eede0417aL,
-        0x76fd0880130a4b05L,0x7629e3ac5d8dc2f6L,0x3d1bb123377d965cL,
-        0x672bac542c2bd073L,0xd6de18f0763028d5L,0x00000000000000deL } },
-    /* 36 << 434 */
-    { { 0x8c0fbbd4799716a6L,0xcc051818aa53a2afL,0xbca333e86044b4d4L,
-        0x119f4ff585c795f0L,0x4b480cb57ea3cadeL,0xced7fb1dc4c1c28fL,
-        0xcb53655dccc703ceL,0x1fe0b7538c5540d0L,0x00000000000001ccL },
-      { 0xd937f3957c5bc459L,0xb6756328ad67f0a0L,0x3a5bc8d0fe7c0533L,
-        0x796ac0b0e4565f1eL,0x8377d5884913c2c0L,0x2faa11ac7d65704aL,
-        0xe207ffd25e625bdeL,0xbf3d689068bd440aL,0x0000000000000147L } },
-    /* 37 << 434 */
-    { { 0x36917a0fc5d50ee8L,0xf67584a91182034cL,0x6e3f6816ddab541fL,
-        0x252c3846fb4383f3L,0xd486c56a79135f2bL,0x5cf7ae823a7b6256L,
-        0xc903396746135cd4L,0xfa78d00cc9fdfe0dL,0x0000000000000007L },
-      { 0xaa198a27acef8834L,0xbc5b9d6f97b2f05fL,0x9f0aba712c3f6799L,
-        0x11990d450c5baaabL,0xee42d800d468664cL,0x5d20517f8cd348edL,
-        0x4e5cd17de02cc9e5L,0x2cc4892c040e5585L,0x00000000000000b4L } },
-    /* 38 << 434 */
-    { { 0xd9bda3f36d9412caL,0x759172bde7d5a033L,0x9162350fe29748cdL,
-        0xea7e260f7ce78177L,0x6630e96465a27eb5L,0x2745ab185575a078L,
-        0x197118fac60ec2b2L,0xcfdc1b2b7b511ae9L,0x00000000000001e4L },
-      { 0x3f09c640ee1c385eL,0x64473a006dbb4205L,0x6bed5856526fa99bL,
-        0xfd8ca51fdce3dcc1L,0x5f5bf3dfc76817deL,0xc19d1b50e480b4b7L,
-        0x1028a8009198a639L,0xd505d500a57b69ecL,0x000000000000009bL } },
-    /* 39 << 434 */
-    { { 0xf9a3263685b14170L,0xfaaea08426db6ffbL,0x84a477d90e115823L,
-        0x922ce22b3f333890L,0xc0386be7cd7d2d74L,0x10ea11cc30d0eb44L,
-        0x85207d417dbb318dL,0x7194658ad2411ca4L,0x0000000000000039L },
-      { 0xdb898a4506da169eL,0x0aa090c2467b64c3L,0x2cd2e8360970b9fdL,
-        0xaa6c8478f176f199L,0x176a0fc397e78d6fL,0x70e4e4b0f93e0f7dL,
-        0x184642658f26159aL,0xc7cbb454e455ffd3L,0x0000000000000058L } },
-    /* 40 << 434 */
-    { { 0x2f7b339b2b037a05L,0xe42f3e95c499d10aL,0x0160d72e07be03b4L,
-        0x153548a37a4601d1L,0xb0fc5c52ea960842L,0x275739870fe92d67L,
-        0x4c0862b5dea7eac0L,0xcd613cde55b71eb2L,0x0000000000000023L },
-      { 0x28530abf98a98d28L,0x85a1af53cb349226L,0xdf816addeea21f09L,
-        0xa9b60f768c0d127eL,0x508a88e61a151e50L,0x25ac746c3d750f33L,
-        0x5011a102a225271aL,0x3b5029b548113215L,0x0000000000000037L } },
-    /* 41 << 434 */
-    { { 0x38c9b635309d5353L,0xcb77df72ff53eabfL,0xe116962d62804686L,
-        0x6949fbe02faf8d17L,0x7899699b97f3100aL,0xcf94c761b8ef13fbL,
-        0xbca74d760416373dL,0x4ca1c8e9b9562432L,0x0000000000000068L },
-      { 0xed281e63efb5a925L,0x67e0fa020dd70085L,0x01ca8b2cc32e60e8L,
-        0xa78c502dcacbb1a5L,0x8cf30c5145222199L,0x306de139ace8b1b5L,
-        0x3614b36b961f8addL,0xe3ee448a204661cfL,0x00000000000000f4L } },
-    /* 42 << 434 */
-    { { 0xed6f4f24b9102544L,0xf209b09d85d70bd4L,0xd7e7b9b1c727863bL,
-        0xa52ecaaf946895adL,0x4128d7380b92132aL,0x02b9b836f0afd5ebL,
-        0xbff72d5e25e0c7ddL,0x67eabf0bae65295cL,0x00000000000001aaL },
-      { 0x210820f484bb95b5L,0xd5e78b484e691cc3L,0x6ac799475179f470L,
-        0xf1bafa8f493c2266L,0xd772f2b402acc5caL,0x25c600fff28c1f86L,
-        0xe57413f85ba4a90bL,0x1040f65dc9237b57L,0x000000000000008bL } },
-    /* 43 << 434 */
-    { { 0x721a88c5f4a96867L,0x1a6f08e0c7e3964aL,0x0c702afe5874917cL,
-        0x3660b192488af1a6L,0x4cb5255f1d7d5ca9L,0x1f31efeb4121bb44L,
-        0x6853d58c5cc7c475L,0xe222fcb5a50c5a86L,0x0000000000000104L },
-      { 0xa10d5a0167ca5d9eL,0xa5000c01b40801afL,0x7621eed07bad8270L,
-        0x36a455c869afadccL,0xe7659c2588f3d64aL,0x2e81486da9d2e3f5L,
-        0x4a64f4cf9dd9834aL,0x32a3821eeb0c3985L,0x0000000000000176L } },
-    /* 44 << 434 */
-    { { 0x32269c1bdc9fc49bL,0xad26e06e9fc27f50L,0x40d2a97d6b4e84a9L,
-        0x736b98d4910ef791L,0xc48559b078702918L,0xb38b860861be6975L,
-        0xcc86b5ac35b00e9cL,0xf06c1fb5335d2dcfL,0x0000000000000177L },
-      { 0x24bfe015658a4588L,0xbcf3af27ab32678aL,0x55e6b2e160abc5b8L,
-        0x55fb213b917c8360L,0x9e981ed52f427c30L,0x43665885c4fab94cL,
-        0xbf8864fac0afabe4L,0xcabd2939cee3a355L,0x00000000000000fcL } },
-    /* 45 << 434 */
-    { { 0x3501e6801439c78bL,0x45a176bc14dee0d4L,0x5d33c48ecdc93ed4L,
-        0xca8d913e0f11febeL,0xf9553c9ae595b009L,0xc546040165fd9c88L,
-        0x1d88fd1c067148d3L,0x05d5e73168c32d38L,0x00000000000000ebL },
-      { 0x57df5f2ac01721c8L,0x46eea36794fc35b6L,0x1a80221d3532fe8dL,
-        0x58a569de2fe6110bL,0xd58d99cb9d006486L,0x01a70beac7d58257L,
-        0x0f7676b2d56eb44eL,0xb503c4212bb311c9L,0x00000000000001dbL } },
-    /* 46 << 434 */
-    { { 0x48b2eb5bb8f016ccL,0xe1f7acad2889fcbfL,0xe2fbd9c195de450fL,
-        0xa2ae397601759f50L,0x03e182f9966abb7bL,0x6b87622f15f8b8a8L,
-        0x8234b5a6559f8478L,0xc3eac3da12e79b2aL,0x000000000000014eL },
-      { 0x98d557a4bf09ce09L,0xfe2e1a6e9b890fd4L,0x773b8fee056880b1L,
-        0xb7df5bfa733d34d7L,0x9ae1466b7dc667edL,0x1f3c57ef1db24478L,
-        0xcf7a87b31c706e65L,0x52bf0e2a08204e04L,0x0000000000000108L } },
-    /* 47 << 434 */
-    { { 0x12dcc5ed7de6a415L,0xc2d54417adf91247L,0xa5b6b79c9cd65815L,
-        0xc89a400c59c0db1bL,0xb11b7522837951e2L,0xf50d64cba967c6d2L,
-        0xed1de5b667ad5dbdL,0xb0188dfbdfdf950fL,0x000000000000006cL },
-      { 0xe590422636ce4973L,0x62d15372ee9e7e8eL,0xe03a02160bc5bf10L,
-        0x594b360ec424638cL,0x9631644a46e4980eL,0xb4c6d0935ce887f0L,
-        0x34e073072af0a673L,0xd1c705e7cd22b648L,0x0000000000000076L } },
-    /* 48 << 434 */
-    { { 0x83fe2ac97051ea31L,0xa76b3ac1b39476f3L,0xee45d2e03e2433edL,
-        0x606db8a30d999a0bL,0x12be94ba99c5c5b2L,0xe2231745695b061fL,
-        0x0aff87140392ef4cL,0xbdc82de6e03641b7L,0x0000000000000172L },
-      { 0xc9a067a61e4ddb23L,0x924466e6c5fe49e1L,0x56c25e66498a09a8L,
-        0x2ff93349603dd109L,0x6173e4ef0cfe1653L,0x486c08b8861e5694L,
-        0x675b2d4e4460ca71L,0x9ac71cb2dd05403bL,0x00000000000001f0L } },
-    /* 49 << 434 */
-    { { 0x594bee43add1ffa3L,0x81b3f78384ba86a8L,0x4d4d314504753e0cL,
-        0x86918b199618ea5dL,0x4342ac93de51e92cL,0xedc80f689d28bd5eL,
-        0x4d3cffa667558269L,0x8d61908adbd3cef6L,0x000000000000011bL },
-      { 0x4b24dc12ddfdca3dL,0x27f4baafe5dcba84L,0xf6a5bb67d4f24194L,
-        0x704e87a577187a98L,0xd69baff3c81d6027L,0xf0695b948d86bf10L,
-        0xb60137a1a2c69accL,0x0854af7a4dd76e60L,0x000000000000007dL } },
-    /* 50 << 434 */
-    { { 0x28c546ab91960c2fL,0x6c1382d2d67d35b5L,0xf1fd4ece5c68d954L,
-        0x2dadd781a99cf73fL,0xa97a79671519360eL,0x87392a02f36e5f39L,
-        0xd3ba240d4d75be7dL,0x1ec49cacecaf25eaL,0x0000000000000087L },
-      { 0x8aa2388cf7daf8baL,0xf19bb702c9b04b01L,0xacc01044bc682431L,
-        0x3d7bfffca43a6b52L,0x73468005d108c945L,0x6ca56166f402b740L,
-        0xbda45ddecd486b57L,0x9f26b50036456623L,0x000000000000005aL } },
-    /* 51 << 434 */
-    { { 0x5248a930a805fa39L,0xafa9a623ee9049b6L,0x32d8272bf57b62caL,
-        0xc57c6742ac33b6adL,0xe67e374781628ffbL,0x12efe0414055d283L,
-        0x85c2388a6afc546bL,0x3e7454dd2325904fL,0x00000000000000dfL },
-      { 0x27113ea3bad0b4a3L,0x23c3a6b6c7bb4233L,0xeaebb97bacb43960L,
-        0x751bf53c12765e44L,0x5a5843830c3d1a27L,0xc6e8bc1baa75a625L,
-        0x1cc8684bb84e4b2fL,0xcca40425c687f410L,0x000000000000017aL } },
-    /* 52 << 434 */
-    { { 0xeefc28baa0c707cbL,0x610a0bf5b5e8a4b1L,0xd74559f39b53d25eL,
-        0xb987896d504c5e8bL,0xae65dd137b25a6b9L,0x967698fecf659983L,
-        0xa10cf8fc302cb07bL,0xc116f1c94447f110L,0x000000000000019aL },
-      { 0xca833c3f74b590eeL,0x6099ad10a90703dbL,0x1b05eb478dc0a094L,
-        0x8e611a9ffd61f58bL,0x220f8e3cb6376b63L,0xd3ef40d06276c206L,
-        0xb496ed2c80be240cL,0xcc1e4fee4c62d68fL,0x00000000000001e9L } },
-    /* 53 << 434 */
-    { { 0x0aa9cafcfb53fdb6L,0x9bc4068864ad41f1L,0x89f2ed95361e5281L,
-        0x93721ee2d3ebc5c5L,0x099676e1059cbaf0L,0x32034ec33ba1925fL,
-        0xa372ccabe58c5408L,0x4198c3ba3a1925acL,0x00000000000000eaL },
-      { 0xd573dd0472e39b81L,0xbd53680227fb43eeL,0xb4a9b13773ac68b2L,
-        0xecc58184afc54cd5L,0x0f4ef62140216af3L,0x37a4d9e63ab7f116L,
-        0x7c3b8e87fc8e3ff0L,0x7860d91b2112304fL,0x00000000000000f9L } },
-    /* 54 << 434 */
-    { { 0x8b8684e1d9f5da59L,0xc52ddfcb3bbccec8L,0xf37f477d0614edf9L,
-        0xa6f89b1dfbf73c9bL,0x65e2b9fdbd39f9f3L,0x9b027ba9bd91c4ceL,
-        0x4178ae818da1ecd5L,0xe926bc1bf8108614L,0x000000000000003dL },
-      { 0x9b622c1d398d43a0L,0x56774237f050f68aL,0x599aa2b9c376824aL,
-        0x8e56adb3e4f31fbeL,0x62af9ad61d87cfb6L,0x2340d1df8baee620L,
-        0x378bbe281fd803a0L,0xfb8fee939543c614L,0x000000000000005aL } },
-    /* 55 << 434 */
-    { { 0x771a68f7d2aa178aL,0xb95ab9c4b8c86d0dL,0xc305c165d1780b7dL,
-        0x495d129eebede15fL,0xf84a588398216869L,0xf5bf03808faecf27L,
-        0x3a6f8a73c8709373L,0x49cc5d0f53b3905dL,0x0000000000000046L },
-      { 0x170add44ffbb3294L,0x723db04c457403f2L,0x0f6c3750bc22011dL,
-        0x56e0e96571df11c9L,0x9a9d1508fa898187L,0x35699de6bde2d196L,
-        0x5c63eef632409db2L,0x4041e690bdd73fd7L,0x00000000000000ddL } },
-    /* 56 << 434 */
-    { { 0xbae333cec37cc3eeL,0xf3c270f736721328L,0x42ca9e1c3e762919L,
-        0xe58208bda33ea0c4L,0x659c9e0588a736a2L,0xe4aafabff2ce2fd5L,
-        0x6c42985d2fc82799L,0xa83e18ea7bcaca5dL,0x0000000000000074L },
-      { 0xa94f77548e8fd835L,0x2d730134babc4dd1L,0xdf79c84dd9fd0a30L,
-        0x642756577b1061cdL,0xa8a2a2dcdfb545c5L,0xbd5248e2b32e562cL,
-        0x09c33229db76e132L,0x70f63a074ff616ffL,0x000000000000005fL } },
-    /* 57 << 434 */
-    { { 0xea1693d10689fb01L,0xeef647104d87521dL,0x382fc26cd4fe6b97L,
-        0xc179b949f19e86b8L,0xe3084066a88d4985L,0x9e590678bf8727baL,
-        0x23cf020a5de7c97aL,0xca99cdefd686a87bL,0x0000000000000183L },
-      { 0xd268f2d96478339bL,0x54a2403255ea7d66L,0x85f864bdc95560c2L,
-        0x86abfd934597c282L,0x1279888901f25eebL,0x1a9d8482c2eb4653L,
-        0xb1312836217a63faL,0xc33f92ee8f733178L,0x0000000000000196L } },
-    /* 58 << 434 */
-    { { 0xa0d7c4edaded1585L,0x8d4ea04dbf7fb3faL,0xb25ba60333e42c20L,
-        0x660a0b5a73d754b5L,0xb84c5639c6a35d0fL,0x7efc0030cf59e3c0L,
-        0x32417038868c3823L,0xd0e71cc934586091L,0x00000000000001bcL },
-      { 0x9b28a972202e4521L,0x5846906ce6d90c80L,0xd3d25ef2b38d46cfL,
-        0xcebe3581c209c445L,0xb36008a1d1a0e99fL,0x21f0df426da9da35L,
-        0x5f5f088dcf6b4935L,0xc6eeb3a8447a39cbL,0x0000000000000187L } },
-    /* 59 << 434 */
-    { { 0x85ef589cda7fff0cL,0xbb7d2d187aaac2c9L,0x62da1c79861a01c1L,
-        0x20c960dfa6a290c3L,0xe3e5fa87b841bb53L,0x56f776ed030b234cL,
-        0xe3ea771922aee8c3L,0x562e9d08df60618eL,0x0000000000000003L },
-      { 0xaa56fbb1be6ba82cL,0x052d23638f908eb6L,0xd0f896afd5cfa9deL,
-        0x1c90749369f1787eL,0x634393c8e73e153eL,0x6d1a88b10383a7f4L,
-        0x9e56e70c59aeb927L,0x43f825ccce34cb9fL,0x0000000000000096L } },
-    /* 60 << 434 */
-    { { 0x6a2d32b0f3338f86L,0x4a5c3db2c9710433L,0xd298f3b0a5f68f1aL,
-        0xae78b804732d40d5L,0x860d74d8dc109412L,0x0f3d42ce2c898732L,
-        0x63e5cb193d321599L,0x796c17cf1462a77eL,0x000000000000003cL },
-      { 0xbb71e1b917837e4bL,0x9711dff889cf36deL,0xdf6c0a2ab1fd56b7L,
-        0x6f07fdd1d7e8e866L,0xecfc1ba5b4f1bd81L,0x4ac6b88a29db023bL,
-        0x2bb7f22a6de37b7cL,0x86e37d902c35fa00L,0x0000000000000113L } },
-    /* 61 << 434 */
-    { { 0x5126634734a859fcL,0xf9f2b2e478f47a8aL,0xd8391cff0044a94bL,
-        0x6f2eb81f2357b297L,0x1c4f2bbbc7ef458bL,0x3a1d92225e46dc98L,
-        0xf97b3e71727a61f8L,0x8edeab095546e3caL,0x000000000000014dL },
-      { 0x8cc6143e4b4de1e6L,0x78fcfad7fc1524c6L,0xc805ef2343fca983L,
-        0x37753cf32b7fb591L,0x8269ad972df94bfdL,0x2768ac2617382c88L,
-        0x28767bc5589bd8f7L,0x7d96d75f12aecb9aL,0x00000000000000f6L } },
-    /* 62 << 434 */
-    { { 0x8460354fb970b064L,0x4da9baa59ad28208L,0x81f9b7fb546876e0L,
-        0xee7368f787933e9fL,0x95f61bae3d91b713L,0x29ecf884ab29d102L,
-        0x61a68fc2ba02eeb7L,0x2a62ecc38eecd5a5L,0x000000000000017cL },
-      { 0xcca8a64d65fc05daL,0x04e1b84433befb34L,0xc799d13c1aaaa85dL,
-        0x431d1495bb40bffdL,0xfb991dce7dd23e02L,0x9944de58a4ce9e1dL,
-        0xf5ca8246b3b4700eL,0xa2307905364d87f4L,0x000000000000015cL } },
-    /* 63 << 434 */
-    { { 0xfad3776ab2c1d16aL,0xd0885428474617b3L,0x09f73d4268c33a2dL,
-        0x0a00131a4f77e376L,0x92cb3f114947663fL,0xbae96a84fed01f57L,
-        0xb5b55e2bba697677L,0x6f1a684cc671ff81L,0x0000000000000088L },
-      { 0x1f41fe2e1931053bL,0x9745971032a2249eL,0x180bcd1c3c403728L,
-        0x422195462474f7fbL,0x7917cd1812f67c1cL,0xfab12214316ab5b2L,
-        0x6415634ac6d0c5bdL,0x0ecd28b49e499fc3L,0x000000000000011eL } },
-    /* 64 << 434 */
-    { { 0xa0f946b34c7f31f1L,0x122b97ec004b810dL,0x98f876d1831a9cb2L,
-        0x6690030aaebd922bL,0x12a235d1a21b0412L,0x5ced8104e097208fL,
-        0x049b33ed49d32fb6L,0x2e88d76287b187ebL,0x000000000000007fL },
-      { 0x08801d4eaeaaa0d2L,0x3b052b0a6fc2830aL,0x4e02318f6fef40c1L,
-        0x5a24478a06f38abbL,0xc90c53926dedd4f3L,0x402e4a9eff07397bL,
-        0xde13d7bff1bdec37L,0x8a363ccb727eb837L,0x000000000000014dL } },
-    /* 0 << 441 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 441 */
-    { { 0xa749f2661accb5d0L,0x8ee12c7ebcc9460eL,0xf3a52fdf3d25e73cL,
-        0x187bbe7100c5540fL,0xcdcc3cc1561beb89L,0xe54df2b48eacfcabL,
-        0xbe6d1874cda02530L,0xbb717f8fd072a684L,0x00000000000000bbL },
-      { 0x79de2d6504bd7407L,0xd8ae0921ccea6b74L,0x358cf798695de295L,
-        0x004e73b2b81c02a2L,0xd252441e9e6caea2L,0x557f228caaaf568bL,
-        0x6f92ec1d357d9e37L,0x31efd9bfe91fd306L,0x00000000000000dfL } },
-    /* 2 << 441 */
-    { { 0x650e3a2694a7efd8L,0x0e18083dc739b54fL,0x4ef3232e9367e306L,
-        0x2de3d70cf0838edbL,0x1364e843ca8715d2L,0x854dca361c25b1c8L,
-        0x73c011bcbc117070L,0xe83bd36f051286e9L,0x000000000000019bL },
-      { 0xf1226611c0f59bfdL,0xb910f5b64287520cL,0xa408790bffcdbb02L,
-        0x9d56f34d1a0bc553L,0x1530c726ce9a67a7L,0x96f5fa25dce794f5L,
-        0xd5a224c8077377aaL,0x2e9d8e98d016e05dL,0x0000000000000093L } },
-    /* 3 << 441 */
-    { { 0x3e884116e71bedebL,0xc43114f0d8e683d2L,0xc65277b4709db235L,
-        0x135e623363401611L,0x5e6cc4ca4ceccd3cL,0x9d481fa0f73e6e64L,
-        0xd52236235c253aecL,0xd60d849991f70b82L,0x00000000000001c4L },
-      { 0x5db01dd6632f8eb2L,0xc4695bbfa948669bL,0x143ae7567fef1ac0L,
-        0x3958cd3f21487ff3L,0x00c79f337da2ec59L,0xce54451e07f9a8bdL,
-        0xfc1017fb62f7eea0L,0x6bb256b462f0f204L,0x0000000000000008L } },
-    /* 4 << 441 */
-    { { 0x3e9a969a777a2dd1L,0xa928fca6f0b88aa3L,0x7282de355f56eec8L,
-        0x6fc69cd1076833b3L,0xb082ae0411751566L,0x09a31956ceee94fcL,
-        0x6d3a6221158a2cb5L,0xb29c6ae7788752efL,0x0000000000000105L },
-      { 0x44ee879abd125523L,0x8297eaa04e8990b5L,0x9deee7c4d7723740L,
-        0x3c6037179a8bf178L,0xa851306b1207191fL,0x13eee334bebcb461L,
-        0xc13d695eb8cce34cL,0xf3f594a50ff4755bL,0x0000000000000196L } },
-    /* 5 << 441 */
-    { { 0xd370ca154611d4ddL,0xdca296e58f40e4ecL,0xc2c0a54fbb7413e0L,
-        0x99064624c90f6194L,0xfa357ce2798e03acL,0xf782d7099c6ba76fL,
-        0xc3718575129fbaf7L,0x9275ddcf09ad3f74L,0x000000000000016aL },
-      { 0x6ee77b4cc4919031L,0xb09eec783947c6c5L,0xbd8f2eb86a83f5bcL,
-        0x2584dfcffbfd128eL,0x11f97bd08c68c3adL,0x157420d05f2133d1L,
-        0x8f3c1815d1dd4835L,0x11e09e8f326d9859L,0x000000000000015dL } },
-    /* 6 << 441 */
-    { { 0xbe0ae36cd038af41L,0xc3e663659074c082L,0xf3a754972111b39fL,
-        0x853840556be5e224L,0xe6a841a8fdc29253L,0x6f242df76886082cL,
-        0x4de2664606880770L,0xa8d7ab3e57695441L,0x0000000000000105L },
-      { 0x452fa47042fb45c1L,0xcd54e43102d65857L,0xf6439594c6aa1fcaL,
-        0x910ff5bfca2c8838L,0x5db4b1df093db021L,0xc6c529725d06ce9fL,
-        0xed40a0482981de06L,0x394308e642e75708L,0x00000000000000a5L } },
-    /* 7 << 441 */
-    { { 0x1140d1b13f7e1b85L,0xe5d9542e558f5a89L,0xf01590081347e2eeL,
-        0xf4140adaa83cd3eeL,0x1388e29d1f9958dfL,0x177f13dff1d926eaL,
-        0x5aac4c2037209003L,0x46bed0a6cb9e0456L,0x0000000000000165L },
-      { 0x635535b494312d7aL,0x662149bfa396a95dL,0xb23c59dd4348ab81L,
-        0xa059d555cf24fb7dL,0x3dc39dbfbe9011a6L,0x7e11b9d98d1ed5a6L,
-        0xde503b26a1fb4b12L,0x04d12ec729aa2854L,0x00000000000000ceL } },
-    /* 8 << 441 */
-    { { 0xbf07e90d8114885dL,0x76d513b29f39a562L,0xd98ae4f77e5446a1L,
-        0x7e3314e96264b6c0L,0xe634dee76f3a7560L,0x1dfa2392a08d539eL,
-        0x45764812bdae3c53L,0x858b836fd824e9acL,0x000000000000003eL },
-      { 0x9bdd0365e324ea11L,0x9625d01b1117cdc2L,0x491ea6427f6c259cL,
-        0x61b79486125826f0L,0x573debc818a56486L,0xe224dd3b0d31132aL,
-        0x075c3bf780be8263L,0x0eced67ab84a07faL,0x000000000000010eL } },
-    /* 9 << 441 */
-    { { 0xe937531c77ee5e92L,0x2a248ed6cde38019L,0x9d56715bf16bcb1bL,
-        0xb232a0b13682fee6L,0x50adcfb76062ba66L,0x853ecaafc15a8617L,
-        0xe2ae82eafbf86cb2L,0x2387b9e996e5d5d9L,0x0000000000000126L },
-      { 0x2c949e78d1ad4cedL,0x2dbb570f7e1df51aL,0xb3b00e4a1f09cb9dL,
-        0xd50d45499ddc5774L,0x22bc724199ed1407L,0x0c6b49fea2462565L,
-        0xb7ea7261ad2bb7a2L,0x14edf03146fa95baL,0x00000000000000aaL } },
-    /* 10 << 441 */
-    { { 0x0c0d310cf9039efdL,0x954127e0be623269L,0x2c8de379ad37d5f1L,
-        0xc88058c24ae1e101L,0x953cced393612558L,0x6f795799562ff195L,
-        0x04b43800f75dc91fL,0xc388110878a305a3L,0x0000000000000023L },
-      { 0x3a910a199d0e636bL,0x8fd231dea9233a03L,0x61c5a3511799791bL,
-        0x0f6e33cf24e1aa4aL,0x99fcbe6d24c1749fL,0x6d6dc4ff29e84e10L,
-        0xdfd3919445a30b2cL,0x551811cf3d438976L,0x0000000000000042L } },
-    /* 11 << 441 */
-    { { 0x19fa754692c76a06L,0x09b44b739cdf4192L,0xdd474e2429a471ffL,
-        0xb33d4b633c1f2efbL,0x352bb3c87b6ba5bbL,0x33be999f7a25c837L,
-        0x455849c9708753a5L,0x4bebf7228c356712L,0x0000000000000082L },
-      { 0x491c083d1c932272L,0x53e741ac7902ce78L,0x3e913b13cc553480L,
-        0x28d36b5162b46cafL,0xdaa8df3ec5c92702L,0x1b8ce0face5b521eL,
-        0xc3a12ef4346a9c86L,0xa88531c1af543e95L,0x00000000000001b4L } },
-    /* 12 << 441 */
-    { { 0x225c4d89218083c9L,0xc8ca7c0bd951e863L,0xc48c23d1ae8d2aedL,
-        0x2e5a185d12f3fdbfL,0xd459188cb12bf51fL,0x42707a3376a84f56L,
-        0xe647d5ba0c5646f1L,0xa18986803140e000L,0x0000000000000132L },
-      { 0xdf3b68773acdacf7L,0x2e2ce1ead81dab2fL,0xd3a3397dffa2aa06L,
-        0xcc9192cb2a580c69L,0xc171c2ba6291b080L,0xa886917af908ea1eL,
-        0xd49b41cab0ee690eL,0x53d75ee28a4699a0L,0x0000000000000055L } },
-    /* 13 << 441 */
-    { { 0xad0120df46dc9f05L,0x9dece9ccd80e1f06L,0xb55d9ea96661d61aL,
-        0x3bcc804d06e86dc4L,0x711a39a0a1fd8a7fL,0x5dc5752e514bb596L,
-        0xbd07dc9cdc01996bL,0x745d1b95166bb5c5L,0x000000000000009cL },
-      { 0x896d26ee45568558L,0x995524f1c875e781L,0xdd27fb7f85ae1606L,
-        0x6d2a995ab6ce93a4L,0xfdde5c2a6bfab47aL,0x6cf168956a8f8625L,
-        0xf36f40b9c9697605L,0xd85528d7a2ac13adL,0x0000000000000123L } },
-    /* 14 << 441 */
-    { { 0x245c6974e996e859L,0x18140823357fffc4L,0xbbeaf2d9268c0e61L,
-        0x84c491bf1ec3a60aL,0x92519cd3932c2143L,0x2f8026a50e9c23bbL,
-        0xb3ea1321fad88c26L,0x253e9873ca612741L,0x00000000000001afL },
-      { 0x96ac89af04eb167cL,0x1d51ede280839911L,0x0ea85b4126be1ea8L,
-        0x2d788d0d3e5c6fd0L,0xc0565fec84fef7ffL,0x605449368a5337f4L,
-        0x8eebabc69bfcd3e4L,0x0e0fb4da4a66bbf1L,0x0000000000000059L } },
-    /* 15 << 441 */
-    { { 0xd3bf69da0970051dL,0x93f43d8c436c6222L,0xe07658e68ef8f7aaL,
-        0x0644fc85e0da692dL,0x5b21003afa44ed0cL,0x7a63520b55fd30cdL,
-        0x2e494a11c200c9f1L,0xa3c6951d20e8ddaaL,0x000000000000007bL },
-      { 0x4af75dab2fc74e40L,0x1413b04a35e18492L,0x3a5ca7ae646c012aL,
-        0xdf45e095444c9da3L,0x28ad4ce37723586cL,0xe7d27e128baf9d42L,
-        0x41f7f06f8ec93610L,0x0636c501c7c2f47bL,0x000000000000000aL } },
-    /* 16 << 441 */
-    { { 0x486d3c489c4cd8ddL,0x2ceed6f8f7e8160bL,0xfb38315da76fc3c5L,
-        0x521ac7bb7863c459L,0x17252331576f783dL,0xf0fcaaf23e6d4bcaL,
-        0x8db1cffce6f8e385L,0x2e2ef7f478c49eebL,0x000000000000001aL },
-      { 0xa3c3c341f690d5aaL,0xc14cffb041e05923L,0x2c7e4bcba2c02f22L,
-        0x79352516c38aafe2L,0x67bf3709daf3e5f9L,0xfd7c30a974d2aad4L,
-        0xb46886878b971591L,0x7adf565ab5f34fd8L,0x0000000000000132L } },
-    /* 17 << 441 */
-    { { 0xc6f3ddbf3ee1b1b6L,0x3ae199de367775f7L,0x869e3f277b5c2062L,
-        0x01adf55de699e103L,0x6fa9b9ca3efcf30eL,0x60babac333616bd0L,
-        0x619cb20628f783fbL,0x0d5cc6775ed241ffL,0x0000000000000124L },
-      { 0x7906ac2d14876366L,0x5182e7f2bc304f89L,0x2252436f2139416bL,
-        0x80955cfe62bb6596L,0xa097c5da2ccc76c8L,0xbe48d244b6a4de18L,
-        0x4a6ab624ffe47914L,0xca10c376f974a0a3L,0x00000000000001f9L } },
-    /* 18 << 441 */
-    { { 0x8fbb3cd7496cb13eL,0x107cdb9a258b584bL,0x5d0e6918a848ca32L,
-        0x73891c7cbcd21ce5L,0x3ea57b2c791d65dcL,0x6c5e0cd6d9b5669dL,
-        0xd81229f8f1321da6L,0x8b9972dfb0b17706L,0x00000000000001e3L },
-      { 0x8939d7a7d6e10f59L,0xe160bd16cbbe5271L,0x3348b4f04fbb8a8eL,
-        0x147e36393fd01b59L,0xbcc1210d7ee93c4fL,0x949ce71dfc4dd8e6L,
-        0x1436c0f549890833L,0x4cdcee717273ac5fL,0x000000000000019bL } },
-    /* 19 << 441 */
-    { { 0x512a10934e9a039aL,0xb6470fb2e0c95392L,0x7dba72fa82400a70L,
-        0xd3dd821930685212L,0xcbfb1de9ac7a38d6L,0x4146c087c670cf2cL,
-        0xee1e0ca179e513c0L,0x1b5015d74d53c35eL,0x00000000000001fdL },
-      { 0x601cc1e63cf7333cL,0xf1f4c134f785b4caL,0xbd1aa34463f3fdacL,
-        0x221f0a2573056a6aL,0x197d6ab8e6aba28aL,0xbc0019e0a3d17004L,
-        0xd18a3b87825d6d76L,0x5178300e5f4e4796L,0x0000000000000072L } },
-    /* 20 << 441 */
-    { { 0xd01fff9dcc045310L,0x937dcc6f352c1840L,0xb17d2b6f355c78afL,
-        0x42e3d467a1b4c507L,0x9007d976d1ec1c6cL,0x04e44bd51c604ac7L,
-        0xac5f6d35f3c28e52L,0x6f9382f57c78a5e7L,0x0000000000000197L },
-      { 0x8f6894774e717f2cL,0xc59589f0279c36e0L,0xe4b11ec19dac55aaL,
-        0x37ecce34b2301ce6L,0x396745a27ab894dcL,0xbae3de55fcf34e70L,
-        0x3f670dd62158968bL,0x9b8ef31efc1f9ab2L,0x00000000000001b0L } },
-    /* 21 << 441 */
-    { { 0x89402e7a36636861L,0x0e121ba28da879c7L,0x824ec11d9caa72c4L,
-        0xb03d625b90ee0713L,0x16b477525af76e3dL,0x314d2daffc116c0dL,
-        0x00e42bbcca591142L,0xebd124bc2a28d332L,0x00000000000000c7L },
-      { 0xfbb0938305f3a77bL,0x5478a7d2fa1f96c8L,0x2f04b86dcbab30deL,
-        0xaf1c81f41d38bcaeL,0x873794acb0e3391eL,0xe5234d10d1ba629aL,
-        0x7854ab94fdb4901fL,0x447d05a5f48ba9e2L,0x00000000000001bdL } },
-    /* 22 << 441 */
-    { { 0xb3dfccf01d967d35L,0xa68315ea3f71108fL,0x928e15c2837a8c3dL,
-        0x6f2114c3085d00efL,0x77d86e5e1a86a583L,0x3d97e64935f597cbL,
-        0x9c729cbcfb5a4d92L,0x7c99562d7d946695L,0x000000000000011eL },
-      { 0x41632d38aabbfae3L,0x48793078c835493cL,0x8e90be311d5f8e61L,
-        0xa09b5add33bda788L,0x3dd23a2e80c7b31fL,0x9a46ee40f7657031L,
-        0x7b4d15e30b070becL,0xf2071f44878a2010L,0x00000000000001eaL } },
-    /* 23 << 441 */
-    { { 0x06cfb330d10147efL,0xe756da6b749d4ad2L,0xf6fcb9200f956530L,
-        0x7c3bdafe04cdc530L,0xc89aae334e3f46f9L,0x0dce363962eaae49L,
-        0x267909518d9133a2L,0x0f27bbe5e46de833L,0x0000000000000087L },
-      { 0x8cf40e37bfe09ceaL,0x09cc65b1e1f4df2dL,0xf964911777cb793aL,
-        0x78e249ee3fbc5ea1L,0x305049579084b235L,0xc008de498a39b17fL,
-        0x6e0117bc4ac4f445L,0x34fa696658aac50fL,0x000000000000001bL } },
-    /* 24 << 441 */
-    { { 0x82e9010daffbd971L,0xab6fea0bc7ac3199L,0x8d38894050383d27L,
-        0xc37ab3b3be775398L,0x8ef10af154bf74aaL,0xa1c39ed452aeaf9bL,
-        0xcd2b6ee670f42d7aL,0xcb57643738a53a34L,0x0000000000000087L },
-      { 0x5a1416996f80e03fL,0x0d7a7ab1408678e3L,0x33db44d87d279aa8L,
-        0x25e82c9032a33193L,0xc68f43737fa96201L,0x4e2fbe8a1c15c8c4L,
-        0x5b5ce8055429a403L,0x1dc2f304f6543e19L,0x00000000000000d0L } },
-    /* 25 << 441 */
-    { { 0xfd27036f6249d4a0L,0x80732c4c05aaaf64L,0x13a02ccb3aa41caeL,
-        0xd2d117204bac8ecfL,0x33b4f7e4e0b47969L,0xe9719c3634ffcd7eL,
-        0x0b5584bef041a2bcL,0xad35638388240cd1L,0x000000000000008cL },
-      { 0x4597cab65d253821L,0x136b4eea8621290eL,0x1a053fee74cfbd39L,
-        0x38390a30e8ce29f9L,0x85008d8de17589d6L,0xc9a9b0bf3a55618cL,
-        0x21247a63adcf68f9L,0x6353a40ac8eaa840L,0x0000000000000072L } },
-    /* 26 << 441 */
-    { { 0x2a84edeb611dbd82L,0x928512d7250d7b4cL,0x26101f84bfe2aa8bL,
-        0x2e79ff22920044b1L,0x2e23d451e99667cbL,0xfef41352f63db866L,
-        0x17db59799385090bL,0xee24e159c43db739L,0x00000000000000feL },
-      { 0x3a23eb35c2fc1ff6L,0x2ecd2057897f8b11L,0x0b94433b2cfc90d8L,
-        0x625b69a8345d638fL,0x04830925115fbab8L,0xc73ec42631db6ec8L,
-        0x7bff020d32aa0c57L,0xf097aa60d3ae8c0cL,0x0000000000000001L } },
-    /* 27 << 441 */
-    { { 0x8261b41492e7787cL,0x46a920b300919d6eL,0x0a5ac766ca0174d7L,
-        0x2dd5584380d01c6dL,0x27104845253c74dbL,0x2e86fc89511c661cL,
-        0xc24fe84d2d4623ccL,0xfed49394f8d720f0L,0x0000000000000084L },
-      { 0xe3246ec04a711e6dL,0x5aaec97fcb25754fL,0x33571e67eb2598fcL,
-        0x90f4667029ad653eL,0x3885ac625aacd507L,0x9c7106c4000bf4aeL,
-        0xdfd9bec142352fbeL,0x0cd94630dcd3b524L,0x000000000000003eL } },
-    /* 28 << 441 */
-    { { 0x265e7e144a61c8cfL,0x7108ac8e9c01168dL,0x8c00c591c1db0c2fL,
-        0x4fd76164c7eb2880L,0xee207ae8072c9afeL,0xf291ac662af4f872L,
-        0xd556354e38e6ceb5L,0xd1ff944a901b9c88L,0x00000000000001a2L },
-      { 0xf058a1e5ea374b44L,0xcdd1f0b7d282af39L,0x5095378c3ba681b3L,
-        0x2da2db904e8befbfL,0xd73223a361edb289L,0x305ec380221d18bcL,
-        0x5b191c1ca45ed6b2L,0xf28be70a0e63d2a1L,0x000000000000005eL } },
-    /* 29 << 441 */
-    { { 0x293d2e8a6dd376faL,0x400a186e9918b3c5L,0x693265b7a7483fc8L,
-        0x0f38d5e1dba14394L,0xfcad07b3d554e653L,0x9536e6a909d37398L,
-        0x0c20469422b5fb0cL,0x4d22c2e77593be0cL,0x000000000000016cL },
-      { 0x320a27ff4e8770f9L,0x341f5628e9b27b2dL,0x13c713b8d7797f73L,
-        0xac4636d2bd4289a6L,0xc6cd28cf096621efL,0xe866b2e9f1dddce5L,
-        0x36872e001add8506L,0x7a82493c1835b90fL,0x00000000000001a0L } },
-    /* 30 << 441 */
-    { { 0x0efb34abc520c268L,0x2ef017b00b3ae7a8L,0xd8ba2baef1f916ceL,
-        0x495b8a2801a2e8bbL,0x76c86a31e37fe26bL,0xbdddbdcd2787c00eL,
-        0xc2d98c35f431de88L,0x7642a3382953f309L,0x0000000000000112L },
-      { 0x10436513df59f330L,0x2a63f6ca21d133ffL,0x01f2b7e8d8e16c98L,
-        0xacab87a5b3b1c312L,0xff9c344c37aec499L,0xabe46f7b4afed453L,
-        0x826c9894c1feed8cL,0xb89d0a04aa543610L,0x00000000000000fdL } },
-    /* 31 << 441 */
-    { { 0x85d18171c9e4a7cbL,0x54d525b7d2a22758L,0x1abc342ccd696c36L,
-        0x812a42651c781fa1L,0xbcbc450635f8c1b1L,0x97c302369fb7c9d6L,
-        0x705db3f328bb1e6fL,0x24bdcfb4a6df36e9L,0x0000000000000107L },
-      { 0x09eaef27e74ec8e7L,0x367427963e1028f1L,0x6e525404023c3e4cL,
-        0x0c8eca526ede11eeL,0x502e86b6184a8d28L,0xcf8ba9d9125dce7fL,
-        0xd4e534c610b11eccL,0xc9a33890effe448bL,0x0000000000000116L } },
-    /* 32 << 441 */
-    { { 0x074092b0518c2b4eL,0x4efd0358226849ecL,0x384ec468c8582d0fL,
-        0x6348e93a1b6530ecL,0x752f051586723e53L,0xc0124a0a18b6d228L,
-        0x8e61db8af16144b5L,0xa3b3bcdbc57ad828L,0x0000000000000096L },
-      { 0x7b5eaac0d5d72677L,0xc6a4fd2fc826acdcL,0x06f1269583835c84L,
-        0x287eb11866c70474L,0x824e4c576fb32f64L,0x6aab90483326b6d2L,
-        0xefef96e49dddf339L,0x8e113990df13705dL,0x00000000000000feL } },
-    /* 33 << 441 */
-    { { 0xe2accf1d679c7a0bL,0xd91d0623370058d5L,0x838dfaf51c44effbL,
-        0x478d6317c891c192L,0x9a1d69833bcdbdf2L,0xa2adcb29206a78daL,
-        0xf032d6439ecf90b5L,0x998eeb68b6f4b66aL,0x00000000000000ffL },
-      { 0x3ce5d445246d19c5L,0xafeef35bf2be8053L,0x1cd93d149c3354f6L,
-        0xab8d758584c1d532L,0x67887e7fd06af98bL,0xdae0dd587ecc066eL,
-        0x37f0c7cd24990908L,0x2a9a78c654a855f5L,0x000000000000017aL } },
-    /* 34 << 441 */
-    { { 0x14518e8d2e7f1be7L,0xddf58460b39604b7L,0xb9b7abcc97a83cffL,
-        0xc23ed4b77e595bfcL,0xb83200b68301e5caL,0x593a1e9dc5460472L,
-        0x344bb417a4aa1ee2L,0x7e005a7b53932656L,0x00000000000000c0L },
-      { 0x0d7d26803f56e1f2L,0x22f567b107fff8aeL,0x99b49f32be054a82L,
-        0xa94832d6275528d9L,0x997fdac4842ed9cdL,0x476353ac85fd9ec5L,
-        0x515f0503ca503c68L,0x9571eec431a59bf2L,0x000000000000001cL } },
-    /* 35 << 441 */
-    { { 0xf5b648deca4167daL,0x3f3046dd2c8f0e2eL,0xc4e0c6b4038d24c8L,
-        0x3c16985789b7da6bL,0x4d3649863cfe2320L,0x2fe23040c895aad8L,
-        0x786f1a119f4272abL,0xf91aa91a9fb42f8bL,0x00000000000001e9L },
-      { 0x93e6c70ea114a55bL,0xa6a07aaaf46f5649L,0x3ac845724b626a02L,
-        0x63d936001650bd78L,0x80ef98cb58064535L,0x3994f55051c8d7b8L,
-        0xdac64abc01b4971bL,0x1165fb7be97d3193L,0x0000000000000051L } },
-    /* 36 << 441 */
-    { { 0x79f135f005771675L,0x398910e27008ba42L,0x72f9a899e2cfb304L,
-        0x0e7448ed51bf359cL,0x814a9f6453d82f6dL,0x02cc1df8cc0bd057L,
-        0x03a77c0a754becd3L,0xde0385b37427d79eL,0x000000000000013fL },
-      { 0xc3aedfb3b5cf64bcL,0xba344d912f11967eL,0xd269443db9dfc1a2L,
-        0x1ab57001a5a70140L,0x414cf58ef408fe92L,0x7b9adfb6d890280eL,
-        0x705bb16539242a3bL,0x66db67486bad4596L,0x0000000000000150L } },
-    /* 37 << 441 */
-    { { 0x2c3cd5a0108c9893L,0x8a240794bac6cc23L,0xaeeb36df823fe6fbL,
-        0x9c2476d068aab363L,0x8b9d9703c0cc02fdL,0xa8e483fdb8d2a4ccL,
-        0x0e3cb987fb774e3bL,0xedd76b875f1f80c4L,0x0000000000000036L },
-      { 0xd7ee3e4719615126L,0x2afa7e8df5547692L,0xe7d92c2f2133f245L,
-        0x3005e6e925c73cdbL,0x3efc8169ab362edcL,0xdb546c5d06b3dc8fL,
-        0xcb75f0d88067855aL,0x03189f39698a4373L,0x000000000000010aL } },
-    /* 38 << 441 */
-    { { 0x77f6a34facbfb019L,0x0bd1100e4518a2ccL,0x96b927d7ca8c27e2L,
-        0x5ada2880718c432bL,0x09765ed620641c90L,0x6e516e8b3f7090c3L,
-        0xb27c6c5f5bbe4811L,0x0268577d3b1eab5aL,0x0000000000000187L },
-      { 0x8da5cea7c1571bf7L,0x6c28d100cb30dfe8L,0x94f462ac40839b28L,
-        0x84e174469893e5e6L,0x632d3f321f4e932cL,0xa791cf199cb57b35L,
-        0x17cfc8606d58252aL,0x8b93b8cf95d09a97L,0x00000000000001b4L } },
-    /* 39 << 441 */
-    { { 0x3406f11d524f9da8L,0x162475082c9d9f83L,0xcd6306049ad35aecL,
-        0x4a06fd2a9377e247L,0xaedf8263836a2ea5L,0x2e23b143be771b59L,
-        0x53a8aebc67330056L,0x6a01eb9620b8fbd7L,0x0000000000000164L },
-      { 0xac3ffdedaea4e0b8L,0x15c59c69ad153673L,0xcee2f459856f7af1L,
-        0x654725f8f84e2d29L,0x36ce53ad68875b2fL,0x5fecc9d05e8dd247L,
-        0x9fd2d8b73100f3caL,0xcd28d36c030be688L,0x000000000000001fL } },
-    /* 40 << 441 */
-    { { 0x75605b034319c263L,0x887fdfbb9e4740e2L,0xde488a31d43f9b89L,
-        0xb0e691668e84f79cL,0x8ad2cf6570a03015L,0x20c0c8a49151cb55L,
-        0x9c4d58100538315fL,0x18b7eb2712204fa8L,0x00000000000001c0L },
-      { 0x2701f40ccd3d6255L,0xb6302374684db0fbL,0x1934bd385986c5a4L,
-        0x277ca623ac3eb927L,0x1f8e83f33c9260caL,0x1d42b0b1cdd488c6L,
-        0x03dd506202069bedL,0x1edf5be80713fb4cL,0x000000000000012dL } },
-    /* 41 << 441 */
-    { { 0xbd340554f68cd488L,0x5ba629fe4c4e9de7L,0xbf0904b5598a592aL,
-        0x090d3b7797f22215L,0x35271f6f32f10ce9L,0x5ba1143f4ee5ff39L,
-        0xeca98e4948f5e741L,0x312c71324d4fc387L,0x000000000000005dL },
-      { 0x9a42c0a19f83c1ceL,0x070c9ff00c8a3828L,0x8c0ec42d1a0dfae4L,
-        0xeb0739df69b7ea10L,0x19e3841e3fda056eL,0x967531161e991eabL,
-        0xf304dfd98ce9c7bcL,0x3ef71431a70d2876L,0x0000000000000002L } },
-    /* 42 << 441 */
-    { { 0x1b85459bf86e2a23L,0xd7b46e148126f294L,0x547e1e6613227f84L,
-        0xe520b291a8600d75L,0x8836425dca9aefb9L,0xfb12993c3089b09eL,
-        0x38e644f9963654d8L,0x115bfcb733b309adL,0x00000000000000e1L },
-      { 0xed33a090771004f4L,0xc97174545f405e28L,0x055b8e0e983ff84eL,
-        0x43b21455945a54afL,0xf5ece9981da15a4cL,0x0135baaddbb0512bL,
-        0x09832d2c97dbecc2L,0x142102fad396c4e1L,0x0000000000000022L } },
-    /* 43 << 441 */
-    { { 0x56c6e12ff218d75eL,0x82ae876717040ba5L,0xde953898ec9ae18dL,
-        0x74801498c973dc1aL,0xb8fe18b74ddfbe5eL,0xcc2fabfc221a12f0L,
-        0xdf3d3ce3095717b2L,0x063315b301674069L,0x0000000000000166L },
-      { 0xbb0b8502a5d6015fL,0x0319da6b3267e7eeL,0x8a3f055b330a7d42L,
-        0x24633fbb578d3e0fL,0x42b3d57732d001e9L,0x6b4bd31841c3de6fL,
-        0xf67e14de7674f280L,0x872c31500945d653L,0x0000000000000113L } },
-    /* 44 << 441 */
-    { { 0x79dc032fd1ddcb83L,0x9502a00f09f7b95bL,0xcea6cdc8719ad453L,
-        0xe631629a13c95a17L,0x6e0bd6783e242b36L,0xd5a4ce6070adda24L,
-        0xeb16526ecf9c3e3bL,0x6b56885de376134dL,0x0000000000000046L },
-      { 0xcefbb6e0ee1a7e20L,0x55931c877bbba16fL,0xbef858780527496bL,
-        0xefe470f2fc66b0ebL,0x10170d9f357e9f6aL,0xdc427c1534bcabf8L,
-        0xa2fafe51543ad6c4L,0x9a3ca5f80bac368fL,0x000000000000003aL } },
-    /* 45 << 441 */
-    { { 0x6f7e38cb4a64ba29L,0x0274530761def10bL,0x4a7875c1777d5a43L,
-        0xe8288a8a30046b61L,0xcd56398ef4e306c4L,0x13546b98f0619a51L,
-        0x7d5b477d91c8e36eL,0xad040ea782ee4243L,0x00000000000001b4L },
-      { 0x3bd14037cebf5073L,0xc9278b5deb3e67f6L,0x0a6920c3c29f3e6eL,
-        0x98866c9e93420540L,0xfd3ad7f76b32119dL,0x1a6a91e1261778f9L,
-        0xa97267d7a571a92dL,0x8b2ba189dc9a6d11L,0x00000000000000a7L } },
-    /* 46 << 441 */
-    { { 0x8d51e510e5ca5d70L,0x2d5791140c52c1b5L,0x82eb4358c0cb0f63L,
-        0x8f2f681264a008a8L,0x58a8e17648b6cb17L,0xa9471be2b8a072d7L,
-        0xbacadbb5268eb661L,0xd461695702720623L,0x000000000000006aL },
-      { 0x1087e596bf609130L,0xcfdadd188556e863L,0x5352546b03f39394L,
-        0xb427f549781817f6L,0x67901c47b7016c1eL,0xfa4bdbad16c8cb78L,
-        0x17210e07e949f687L,0xfa9d5907476f0c79L,0x0000000000000035L } },
-    /* 47 << 441 */
-    { { 0x328e727f9b8c2326L,0x7012c2200d0a3acbL,0x282ccb9b33f31c09L,
-        0x90c088dfe8610f6aL,0xda4af662c6723acaL,0x60a4df7eb50061c2L,
-        0xc523af09bf77cd76L,0x58c1d1d6440105b3L,0x0000000000000048L },
-      { 0x608a3ccb2ebf4a7cL,0xdc6f70652e90faefL,0x5af50c8330229489L,
-        0x2ae1f05a455c5d97L,0x04e6c953ef78a185L,0x64bfebe30e773105L,
-        0xb4e9e049b897d690L,0x324bccaf6141dd22L,0x00000000000001edL } },
-    /* 48 << 441 */
-    { { 0x3fe0adaca4c2a3f0L,0xe8679478929e1f33L,0x4779b883705b8214L,
-        0x00776735e23c0cffL,0xf663f8158f766bd9L,0xaab22b6bc30b548aL,
-        0x089032b0d56597daL,0xd72918f251d92e66L,0x000000000000004cL },
-      { 0x152af75d026ccd7fL,0x9e12b11ddc3e849eL,0x5d6f7b8664244b05L,
-        0xbc9c468b1d80629bL,0xa14ed1a1f2f109c9L,0x49e6d42cab8403f8L,
-        0xbfe90229e34a6f68L,0xecec84484234d819L,0x0000000000000101L } },
-    /* 49 << 441 */
-    { { 0x35fe58b55f58fe63L,0xd274d4931f30f4f7L,0xc54580b42d20dcbbL,
-        0x8a45c948af35249fL,0x7b282280b07c25e0L,0xae3d9c8104da51d4L,
-        0xf0c972129f58356aL,0xaf7b07f069e61c0fL,0x00000000000001b3L },
-      { 0x194629861f68b78cL,0x6f8829503105a795L,0xfbd30e3501f044eaL,
-        0x6df976b2f89de7f1L,0x83d9fcee5548ff7aL,0x45975517820607e9L,
-        0xd30cfc72254a1342L,0x9886898289c44b4fL,0x00000000000000a5L } },
-    /* 50 << 441 */
-    { { 0x500057ba7e564993L,0xd7526cfb59e53d40L,0xb633fe53c5af2433L,
-        0x18e8adb2dc8a9738L,0x6f81b8dc6b666052L,0x1d2f08b8451c8fa7L,
-        0x7bfdc1f3d8f33d9fL,0xd07b2ed6d86f41b4L,0x0000000000000005L },
-      { 0xc652298baaf2a31cL,0x9bae8c281463ddaeL,0x54a4159ae1af0d62L,
-        0x61b847dae074c303L,0xde70d48e4f1a52bbL,0x0b208a372feb1c68L,
-        0xc2b2b3a4963d5fd7L,0x05ca95d478706fffL,0x000000000000003fL } },
-    /* 51 << 441 */
-    { { 0x7a722f7f0095970cL,0xc5f0befac60f55dbL,0xc5afa461df29f5ecL,
-        0xf01bbf1161ac1f57L,0xdc6ec1e80bc3b86dL,0x321a34a437f04963L,
-        0xdb0512a25c6ed011L,0xa104cdabac1a345bL,0x000000000000003aL },
-      { 0xe9a1eca87437f0aeL,0x54ef25424d949bf6L,0xca3300f0039a9770L,
-        0x648c20a304bdae20L,0x3655df9fbeb0d46eL,0xfcf7a10c95f888e5L,
-        0x1e19fef16e669132L,0xced02e38218c93bdL,0x00000000000001d8L } },
-    /* 52 << 441 */
-    { { 0x366152e3aa65ddbfL,0xfc53f8af6a5fe671L,0xc7cad59195c7f6abL,
-        0xe9c3b6d552052ed7L,0x31c94766e4b302ccL,0x2bcb7ddf7477506eL,
-        0x0cfae42e86ee3dd5L,0x1de11cf355923fa9L,0x00000000000001f3L },
-      { 0x43018d98df6d337aL,0x1f679cebc484673bL,0x341c38cc6acce244L,
-        0xa732e5782edf01b3L,0x8d0b29601551ae1bL,0x0dbaec30509d1fcfL,
-        0x5655b3dc5c9679abL,0x45b3c31b63161444L,0x00000000000000f3L } },
-    /* 53 << 441 */
-    { { 0xc4ec1f1acc4d57ecL,0x7c006c3aa3f8581eL,0x94f683110ccebe4fL,
-        0xfece2dbd68be3d0aL,0x51affa5406d27f4bL,0x3bb8b836fbec32aaL,
-        0x908bbbeab2a0e297L,0xcb7ebbf201196d89L,0x0000000000000078L },
-      { 0x0e3185e9ce461e7dL,0xd6931227013e20abL,0x64313c538c85e000L,
-        0x00fea6dbff7cbb26L,0xb8bed8fa5b26b6e2L,0x91bf6292dba94d45L,
-        0x6816ab5998d8c01aL,0x01a52687eab4002bL,0x0000000000000033L } },
-    /* 54 << 441 */
-    { { 0xf6a61a467f854608L,0x5e7417c80bcf85b0L,0x9000efbc1cde2bf0L,
-        0x2ef0c39edf86fd2eL,0xf494697a18a12510L,0x425c1fd09ed7398cL,
-        0x0bdcf04f27afee20L,0xbc353a89282a8863L,0x0000000000000161L },
-      { 0x7f643929a58a4e6bL,0xe899530b7ce61fa8L,0x8d07cf175ffa47f4L,
-        0x572269977e217444L,0x789a6625526bf412L,0x656ad4358df93bc2L,
-        0xc6d0fb0b46868e2cL,0xccfaf97090b50ea3L,0x00000000000000dfL } },
-    /* 55 << 441 */
-    { { 0x1dad0dade6860303L,0xd9126836c7e91c97L,0x9855fb600feec65fL,
-        0x5ad336976c9564e7L,0x81a2f362d8548916L,0x642b4014ee4a88fdL,
-        0x9c23de5ee3e3e988L,0x19c510415a0e4881L,0x000000000000015aL },
-      { 0x27f5a80c00aaf668L,0x296827e796728192L,0x165a649e4e124c4eL,
-        0x3268bb940f8e937dL,0x69f171678b9d4987L,0x3ce36b905e06f20eL,
-        0x97287b68cbbd791bL,0xc1a6fd4c18564d91L,0x0000000000000181L } },
-    /* 56 << 441 */
-    { { 0x8c466ec6afa6274eL,0x935ac8e6e57d9338L,0x3ffe008e7b5ca188L,
-        0xffd8ba41dfbb530aL,0x9504dbc067d0b3e8L,0x95ebde8c622f0b00L,
-        0x984bc63c209c6309L,0xb2bdaf4a6b23d9dbL,0x00000000000001f8L },
-      { 0x248363240e2bb6e9L,0xcef90f5c65cc3116L,0x4c71c80816bbf8ddL,
-        0x0d6ccbc38de8d626L,0x6e51fc2960c000d7L,0x1e3116e3dfff70d3L,
-        0xf3d91182dd570c6eL,0xf02fbb1b6827d006L,0x0000000000000191L } },
-    /* 57 << 441 */
-    { { 0xc81bd2b8decb7c02L,0x956e27a4b894def6L,0x0311fa9403356805L,
-        0x0e13ccd322aae58cL,0x0196f20f3ac70b3eL,0x7d4bb4e1a7b2c93cL,
-        0x10fb01386510c50dL,0xd031b898e8f926c1L,0x000000000000003fL },
-      { 0xf46543b5f8f5dc8aL,0x4233ee03e330d2b5L,0x1c13f707c81f39f7L,
-        0xb5894eec28d508e9L,0x0ce78fe7eaaa453cL,0x4ee0ea5a0b2c7d8cL,
-        0xc96edb248034a086L,0xd935778349cd9be2L,0x00000000000000a0L } },
-    /* 58 << 441 */
-    { { 0x871955d28b93f569L,0xf05605295a48b689L,0x0820a8aa467e5891L,
-        0x7a4f5cb3f58b25d1L,0xc94ed47f8587a84eL,0xa99cd056fe982ec2L,
-        0x371cbf3fd1d06d5fL,0x491d9acaf90440a1L,0x0000000000000179L },
-      { 0x9df7fa8740a5fe24L,0x942fe6b1d96d3e57L,0x0f21d3127c7497f8L,
-        0x7a28f02bb1685a0bL,0x45264d84fdb0e456L,0x08b20dbf95f14f94L,
-        0xf36dbdd57b299fa9L,0x644f73a96dd0a74aL,0x0000000000000136L } },
-    /* 59 << 441 */
-    { { 0x4e0aa1cac34f2a7dL,0xd00ee2d1c4678255L,0xc74603ad187fc9f6L,
-        0x6aab1d2ece9d3267L,0xb74dd371f511fcb5L,0x8b822e5c8836ab61L,
-        0xc504820cb338d04fL,0x247e13889d12238fL,0x000000000000012fL },
-      { 0x421d4c327f6e0a6bL,0x82a8854ba04228dfL,0x6003515d12b7fe81L,
-        0xabe47e71d0a397feL,0x59feb1eb6aaca148L,0x45bd603375a8831dL,
-        0xd4612d5917d1ccb3L,0x1b89ba9c74ee1027L,0x0000000000000042L } },
-    /* 60 << 441 */
-    { { 0x03e7026b3fc38c51L,0x43eb0760581918a8L,0x2229030dfb2b26dbL,
-        0x178bb4bca8973dfeL,0x79204ab49902d625L,0x9dfd5966e57d8747L,
-        0xcae096fd8b664963L,0xc3b1fc25fb1dc64cL,0x00000000000001d6L },
-      { 0x7f136d66e577916bL,0x11834be442bf8511L,0xbdc623e83428bb9bL,
-        0x14f10cad49c2d303L,0xd2e47e509dd1bcbbL,0x79bb7eb356290215L,
-        0x7a2500b36d356e99L,0x6d01df1e1f30e17dL,0x0000000000000158L } },
-    /* 61 << 441 */
-    { { 0xf99cd5725ba74517L,0x93baaf6e166dcce8L,0xac938b88601599d6L,
-        0x30f247f47404a032L,0xeb3d46c03b10dbb2L,0x414e0218371dd7faL,
-        0xf1164440ef4849faL,0x86420604faf4e6d6L,0x000000000000005aL },
-      { 0x3376a08ebc96ecfeL,0xec288c773697c3ddL,0x6f6c6e24447a27a4L,
-        0x31711e8947104345L,0x21a2e7cb8188d79cL,0x4e0ea8809c2385b1L,
-        0x59d2c5af1e7a9f39L,0x644fe4e08e884dcfL,0x00000000000000a7L } },
-    /* 62 << 441 */
-    { { 0x7c8c7f684dd64f0cL,0xc7820e341855ce9dL,0x1544117d323f6ce5L,
-        0xcb768820e373e48aL,0x464428b73c3c4c90L,0x4cd0e1ceaae35437L,
-        0xd25046831ceb2a4cL,0x0e3338ccdf439915L,0x000000000000017bL },
-      { 0x865ba7db6618c759L,0xca0a323710e77d05L,0x9d13842b2b28085fL,
-        0xf941b5fa9fea876fL,0x041d0845e6d70255L,0x4c1a7d64428b57ccL,
-        0x33f6bd2429ebd1a4L,0xe80522479a17c0d0L,0x00000000000000e4L } },
-    /* 63 << 441 */
-    { { 0x267820c97c2cf8a4L,0xaf23c49e7d43b5b6L,0xe83af4497452297dL,
-        0x406618b2ddbb37c2L,0xfa481044f0cfb99bL,0x237d923c37e98319L,
-        0xdbdc034a9ab1956fL,0x30ec502ebd6f3826L,0x0000000000000176L },
-      { 0xe63ad325815972a5L,0x1f1cd2b8cfd1b1e1L,0xcc91e37e0c0b11acL,
-        0xbc62347cbcc8f659L,0xb6a838e80fc52227L,0x1975db004cfa70bdL,
-        0x7c4bd8bca73d6fe5L,0xef91ced9ad2e5c83L,0x0000000000000029L } },
-    /* 64 << 441 */
-    { { 0x560ed5e263840645L,0xac6c9d02b99ffe18L,0x0510a7b7bf7b7fe0L,
-        0xe1dc108356aec190L,0x29b4ad9527581115L,0xa8021a6026a12461L,
-        0xfbbccee845144aa0L,0x2c93ced8ded40b1cL,0x00000000000001e3L },
-      { 0x2c841a6ef3fb0d14L,0xe8b8b8ecb1f67b7cL,0xbd4c9a2219e26083L,
-        0xece8dc33c1c6a093L,0xfb47210f948aeae7L,0x98a8b0211569c5fcL,
-        0xc92cb9c7399c9d0eL,0xdaa97144b0f6f23aL,0x0000000000000145L } },
-    /* 0 << 448 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 448 */
-    { { 0x6d7eedc48f69079eL,0xf02e8e404f03b92fL,0xdf751116cb76b181L,
-        0xc255eb2c234c1925L,0xaf997d5ea94af9b2L,0x797f3df0d1374a41L,
-        0x357fd20b23986cdaL,0xf1caccda1540adb8L,0x000000000000007dL },
-      { 0x2a04363cc01605a9L,0x0d7cc0d87d7d1e54L,0x0515eb70a0f9fd2bL,
-        0x725d12a9bb4ec5e8L,0xd1b5b8a33a6eb09aL,0xb6c836b187027d7bL,
-        0xf4773322aaf9cd03L,0x2fb3354e2500c647L,0x0000000000000081L } },
-    /* 2 << 448 */
-    { { 0x83da529b41750b74L,0x9e431a5c76e28bf5L,0x225e2eb97fde2491L,
-        0x951e2cede7c469bcL,0x35f384caf0e10c32L,0xb8ed4a312b1aadbcL,
-        0xd39393ba7b797492L,0xc82685f847597f4bL,0x00000000000000c9L },
-      { 0xb04e1261436e2563L,0xdc3e83052de3e4e7L,0xa32102bdee3dbbf4L,
-        0xdfb5378945f15efbL,0x34904b0b6246965eL,0xcd645c46aac06ca8L,
-        0xd4e3f322358398f3L,0xaebfe7c7a54f3311L,0x00000000000001f3L } },
-    /* 3 << 448 */
-    { { 0xff2fa49cf2afae47L,0xa2c86068f9f2b257L,0x73dd56a446cb76eeL,
-        0xbffb9f017dc0a64cL,0x0ee2b60d44b4a4eeL,0x49939f0837c5959fL,
-        0xb302fcd178603de3L,0x03c2a2204017c122L,0x00000000000000a7L },
-      { 0x48acda9757413107L,0xbd8f584d4c01caf8L,0x38f448a71ac29755L,
-        0xcc3884836d29bf3eL,0x15c4baf974401fedL,0x7826e5cd9023bc05L,
-        0xc7a70d094f459413L,0x1de803c631896429L,0x00000000000000b8L } },
-    /* 4 << 448 */
-    { { 0xabb0d91dcef34144L,0xbc5903fa42b2a8bbL,0xe279ef5638e4c5faL,
-        0xb3416e9e6d5b04ebL,0x447819187bb923ceL,0x58fefa212914a3a4L,
-        0xb0456b2ee2c19f36L,0x176361bbe92c1e50L,0x00000000000000b3L },
-      { 0xbc56a1af824fde34L,0x33bfbfb3098a50fcL,0x6e720f55ab9cfa73L,
-        0xf1e104b908e4dfa2L,0xb96b8abd77865b2fL,0x69eb257aa36740d1L,
-        0xd73b946d26a50f43L,0x588e4a1470cd91e7L,0x000000000000007aL } },
-    /* 5 << 448 */
-    { { 0xd1da41a113dc8b45L,0xf4886d248a639b8dL,0xf3431ccedef9c5c3L,
-        0xae07317d8c204a2fL,0xcbbd49a1f3d6383aL,0x43d3593229bbe61eL,
-        0x6bfa06099643a1a8L,0x391499b22005a71fL,0x0000000000000188L },
-      { 0x40774a7e79d0771bL,0x31987151595038a1L,0xff6df557c48b5063L,
-        0x26c03269c3751769L,0x660c36ced2d0ce99L,0x71378e21d3d79ea0L,
-        0x7b2ec7ea30be88eaL,0x1b342d41eaed0f73L,0x000000000000016dL } },
-    /* 6 << 448 */
-    { { 0x0f1b2a0ee2c08642L,0xc110227519fbfff6L,0x3e49142104574825L,
-        0x058232d599552fdfL,0xa83f1a2f0e083797L,0x7c387d90860acbcdL,
-        0x7d8440d7d59d4ffeL,0x45111fc778f12d73L,0x00000000000000a5L },
-      { 0x77acf98e28e9b450L,0x0823b735a8129a6eL,0x1abaa0f98d1f0ef3L,
-        0xc2fb1108dec36172L,0x4d486fd4855585e0L,0x27d002549d440b52L,
-        0xc2b556135b964bacL,0x251ad413a29f6fdeL,0x0000000000000142L } },
-    /* 7 << 448 */
-    { { 0x47de9d47e138d37eL,0x7387f3693e7e1c87L,0x9c00813e0a48af71L,
-        0x9df47c63e8829fcdL,0x7dc7c04819e24a68L,0x3d1823e16942e130L,
-        0x2f4440ffa2cd6199L,0xebf60be098168aa8L,0x0000000000000049L },
-      { 0x989690073b5f346cL,0x00a0ecf9b79ae683L,0x1b6f0ddbf8fb676fL,
-        0xd536d3717998c836L,0xe1dbda549c4bc7cdL,0x2b752ca371e12239L,
-        0xd633d0eec296c03dL,0x548b37c59f6a0015L,0x000000000000003fL } },
-    /* 8 << 448 */
-    { { 0x6ed1bbb76ed0892bL,0x4921306bb788bef7L,0x7200d473bf3cdbdbL,
-        0xf1cb448feefdce6cL,0x199b07a2836591b0L,0x804ff00948fc6659L,
-        0x697600593b8f405aL,0x14755be59ef63732L,0x0000000000000103L },
-      { 0xd0a6d1b323383b1aL,0x50c7e33bae42ca1eL,0x564b46552563bd12L,
-        0x48640d21fe7baf1eL,0x6a0b495ef7717825L,0x9e4ad9aec7df9fc0L,
-        0x4ceea6a6e038e19eL,0xea0e3bf8010887deL,0x00000000000001ddL } },
-    /* 9 << 448 */
-    { { 0x4da845a0a4851434L,0x75176aa6ec7c655cL,0xcb64f9e9f093c7daL,
-        0xf80504e644bf8c6eL,0x13958864001ac4a3L,0x067e1167de28fbb9L,
-        0x0ee319d6708782ddL,0x90e661f3f0a8a799L,0x00000000000001c5L },
-      { 0xa161caa15db20757L,0x2adaf4e05350825aL,0x5e2bd35abcc582c0L,
-        0x9989c8fe71a3bc28L,0x454827e228898a24L,0xa7108d022fd729feL,
-        0xeb2b76ad8c310f5cL,0xeafd847e634c3d7eL,0x00000000000001aeL } },
-    /* 10 << 448 */
-    { { 0x46e47ecff0136b5cL,0xf17ab7f6344965a0L,0xf3faf3b354e24a42L,
-        0xee7c7b5b6e7035e7L,0x78529226908afe39L,0x440aefb22e64eef4L,
-        0x08ac260a1849e45bL,0x7203a8f76fc7bc4fL,0x00000000000000a9L },
-      { 0xf36d34eb171f3c98L,0x4a2e2716e65bea70L,0xa7387fbbf8f31760L,
-        0x9e33161eb9cc24f3L,0x808d8d2957715f35L,0x5bca0410150ba9fbL,
-        0xe8823a72d019f4a9L,0x5e14abe756165147L,0x00000000000001d7L } },
-    /* 11 << 448 */
-    { { 0xd7f60f17d77089e3L,0xb68b3c61a10cb23fL,0x72a83575094e8bd2L,
-        0xd9a28d29915a575dL,0xb30e811f211c2f4bL,0x3a62fcf658119ebfL,
-        0xb692e3bb679eaa2aL,0x2375e13c3fe29c8aL,0x0000000000000069L },
-      { 0xd613b9ea2b8b53c8L,0x6ad8d6eeaefe8d7cL,0x25163969b1d6fb5bL,
-        0x6b37519e76a6f0d4L,0x8fc9208359eaa8eaL,0xd2a15a1d560539cfL,
-        0x35d7a7b70f7e555cL,0x590426c042a30fbbL,0x000000000000015aL } },
-    /* 12 << 448 */
-    { { 0xdc6fd0b27ff5fdd9L,0x663c5481fab729baL,0xf70938531fde9e82L,
-        0x293d27fa71f684c1L,0xc05cb3d07fcf66fcL,0x709d86ba11cd0445L,
-        0x1cd6d595497fa0b1L,0x5eabd8a0d47408ffL,0x00000000000000c6L },
-      { 0x001ea477b6b64713L,0x148f2b5049fa00dcL,0x00106f97efce2ec6L,
-        0xaca11586e205cc9cL,0x60d70881a6d874acL,0x37dd5c14d29f29c1L,
-        0x586ac6c8e11191b1L,0x96470f229677b2d0L,0x00000000000001eaL } },
-    /* 13 << 448 */
-    { { 0x179058303a7f3608L,0x172de35e26f0fc61L,0x323d2d7334d7c1a1L,
-        0x464cd498aec45adfL,0xc4f38d5062ae054fL,0x3f016202a66711e2L,
-        0xd105f907e8d33e40L,0x3a102b6a75225100L,0x00000000000000fdL },
-      { 0xc754a811dd02719aL,0xe4a5ea1f4bcc6cefL,0x3d64cba45fcc954dL,
-        0xefe41b2c12cf1ec0L,0xa8e5b613969c79ceL,0x42e6fb9b288a3a37L,
-        0x1c9e65a6aac4dca8L,0x160703b36bd7bc54L,0x000000000000013fL } },
-    /* 14 << 448 */
-    { { 0x4888c71de2f66bcaL,0x548a0a8f8ade3531L,0x0162233c6638686fL,
-        0x4d2c6af83c30e52cL,0x62124a0fc19a0df8L,0xfce8188dcc7c56f3L,
-        0x6da68920b8b77752L,0x370dc630b622bf61L,0x0000000000000044L },
-      { 0xe3072dc65b51fb0dL,0xa06bd9c232cc673bL,0xe374dd3e991c7eb1L,
-        0x1052bbee887d8d76L,0x9b43d6dd897746d0L,0xfb7797ed6cc50b4fL,
-        0x83d30a082bf11803L,0x24d36df97d78f93fL,0x00000000000000efL } },
-    /* 15 << 448 */
-    { { 0x0158728662e9c602L,0xe3f31aa9c7803839L,0xecd16d810cea9177L,
-        0xe203943e82b139b5L,0xcdae675da59ea3aeL,0xacafc1fd79b0b7afL,
-        0x1f3ff6b96d0e87efL,0x3c52993bd84b4b55L,0x0000000000000172L },
-      { 0xc8fcf451415e906cL,0xf25cc44fcc223afcL,0xa0fb3f66f80c4a7dL,
-        0x6c936445ebeec08eL,0x35215495a50739c8L,0x9c197b15d8322e65L,
-        0xe263f119ecc81fb0L,0xeeea2e6f37bd4d5aL,0x0000000000000148L } },
-    /* 16 << 448 */
-    { { 0xd7c0efa36ea09a93L,0x95f69e09fb01c2b3L,0x021b1721d43150e2L,
-        0x39ff07e05879bc51L,0x0dd73c326cf50ce3L,0x9d69d32a5758870fL,
-        0x5df4cc8c1c0e91d9L,0x0033508815df54abL,0x0000000000000182L },
-      { 0xbb656a89f2dc12f5L,0x6c4a32bb5c46fcf4L,0xf324462c70e7a152L,
-        0x4b1d509a1f7eaad2L,0x3da87fa776e51583L,0x9a435e2019fc86ccL,
-        0xb97d3f449eab8de3L,0xc56c7c988f92304bL,0x00000000000000a8L } },
-    /* 17 << 448 */
-    { { 0x46beca92c9464906L,0x620775e18f2f81e0L,0x767f4266c5771682L,
-        0x6c6dde810bbc65ecL,0xfd8fabfbc405cc39L,0x5d9b8d18643e0d72L,
-        0x30303e19109ea8dfL,0xefea4ab30929cd4bL,0x00000000000000a6L },
-      { 0x993ca142b25badb6L,0xb647dc6d2880eb4eL,0x2d6e2faa551f13fcL,
-        0x444f2ea3ba3e00d7L,0x3c89c8af62c6bf24L,0x1e2b1b9993ff5675L,
-        0x9f2809305dbdf81cL,0xa0c0b2c11618ab5eL,0x0000000000000076L } },
-    /* 18 << 448 */
-    { { 0x8814ee08f2ff8ee7L,0xed9db8fd0c8aca2bL,0x36967aed6b8d81d3L,
-        0x1a937d3f5cf2ff0aL,0xbedf97c9461382b2L,0x29bf2b30aa5a5388L,
-        0xa5b6918fa8796dfbL,0x76662a2b2df5c39bL,0x0000000000000050L },
-      { 0xb8157fbbb44fc79fL,0x17c3ad0b40212b26L,0x06bfa618e49dee6eL,
-        0x81a338f1422b2017L,0x200f6dcd203fb523L,0xa904931782a544bcL,
-        0x9d12fa1489795453L,0x92997d54910f9258L,0x00000000000000d4L } },
-    /* 19 << 448 */
-    { { 0x958450c54ec281fcL,0x5cf3bd6193c614acL,0x99919178a2759a65L,
-        0x256015282dc88c30L,0xf3a2766a8f15f90eL,0x12362084c8a6e56cL,
-        0x4359fa34ee82faf9L,0x492b73c91c03100fL,0x0000000000000000L },
-      { 0x1467c71469f444baL,0xe10379562d904cd4L,0xabc81c9a648ab04eL,
-        0x4c0ad4f7910123e9L,0x7bfb6a0943b8ac8eL,0xb51f3de73934362dL,
-        0x70d304aba030cab7L,0x577cebb04e8b0148L,0x000000000000009dL } },
-    /* 20 << 448 */
-    { { 0xe16f41aa44be78bdL,0xb5436f21e014c4aeL,0x9711718156ea17d7L,
-        0x77eb089b37c05237L,0xde53fd3bf974ea0dL,0x27c4c2e9c84daec0L,
-        0xa7c70452639b53a2L,0xab34cef9122cac08L,0x00000000000001cdL },
-      { 0x45942b2b520fed74L,0xe339e2ec18185e32L,0xef29fc70799a5848L,
-        0x81cd214092bc0623L,0x56f9ba7d7502fd5eL,0x8c0c55507d06b23fL,
-        0x4835f4e6f6780730L,0xe0c0adc9f3b8b6a4L,0x0000000000000078L } },
-    /* 21 << 448 */
-    { { 0x93c6329431a43160L,0x19f6aa9bf70fdafaL,0x74922f2451c93c44L,
-        0x2771a1d8a482a3bcL,0xdab23427ffc50d8fL,0xb06ca094a3138e86L,
-        0xdef003634bc843a1L,0xd6bf9e1228d99dc8L,0x000000000000014cL },
-      { 0xc618a4c3d49e9c02L,0x202558298a891299L,0x8acb42a297e53ed0L,
-        0x012a299092167efcL,0xfde4d81cc425cb45L,0xa7a4f2b788705295L,
-        0x958260fb365f6d39L,0x24d12f9c7281e7d2L,0x0000000000000039L } },
-    /* 22 << 448 */
-    { { 0x51fbbf5fdb40af14L,0x0e795ad376869107L,0x353827bd99d8accbL,
-        0x41b9b0f3f0a03c54L,0xdf2e0c6ea3a0f1bcL,0x80c2b91e83d84847L,
-        0x28240a87333924fcL,0x0cc6dc8139166ac9L,0x000000000000019bL },
-      { 0x150e42b72c3c6ba1L,0x165bafd96b10b2d6L,0x990f141114a18123L,
-        0xe89b21600746c897L,0xfbc4fc51f7efda9fL,0xf2e2285526fc48e5L,
-        0x95ea0ba212346b4bL,0xfc5b414977e223ceL,0x0000000000000186L } },
-    /* 23 << 448 */
-    { { 0x0be0a5de07a16d69L,0x9ef32d03e11ca186L,0xccda2049a9ffe33eL,
-        0x3470ac5a4b670afeL,0x8770a1ef74a0d67bL,0xe7011ca9df62093eL,
-        0xe08c557ac48bddc9L,0xd458493937876750L,0x00000000000001f9L },
-      { 0x8a93b565a84fca82L,0x4db14cc9c6be1ba6L,0x06cf1b331830b8d7L,
-        0x048707b3eb991fd7L,0x005ef51378b92e81L,0x444b5dbbbf444785L,
-        0x158fec89923f5885L,0x2a681a4a1900dfb9L,0x00000000000000abL } },
-    /* 24 << 448 */
-    { { 0x22a96092b0fef65aL,0x75400e255b4b6264L,0x2d6bf21fcf25cbb8L,
-        0x2fd07e1c9289dbf3L,0xe56e840c6814e503L,0x15063366005f14d4L,
-        0xf156222e66516b79L,0x56d9d1fbf5167303L,0x000000000000002bL },
-      { 0x9c095b7cbe93ea4eL,0xbc26271f7eff54ceL,0xfdca10ae48cb19cdL,
-        0x7c582ed41967cc71L,0xd5de0048870d2bd6L,0x92973e875914e7cfL,
-        0x56e0b7a321edd49bL,0x1bea592023d39a84L,0x00000000000001d3L } },
-    /* 25 << 448 */
-    { { 0x830fb6b0b22e2bddL,0xeecc9175ec46dddeL,0xbc5653dc92ba4ea2L,
-        0xda57d028df0f6920L,0x0b6373b613d599b4L,0xe3408fbe5a64be7aL,
-        0x835d777666ee7d46L,0x2410f0dcd60a8af2L,0x0000000000000116L },
-      { 0x74a4658a92a29714L,0xf8a8f1fe844af49bL,0x15d77ccca2b02157L,
-        0xa33511645b5c9343L,0x2bd68a266e54c8c5L,0x88d773dd041c6279L,
-        0x4aee4590d6a3c00fL,0xa1697b605166b43bL,0x00000000000000fdL } },
-    /* 26 << 448 */
-    { { 0x08757c74ec97eeeaL,0x27e8eb74fd3c52b8L,0x2809524d010a4f7eL,
-        0xc9e0dd4a1377b31aL,0x9cb226d1e082c564L,0x901073ed5af132e3L,
-        0x8ce944c8188dfe5fL,0x347892858c5260a5L,0x00000000000000c1L },
-      { 0xe363f14e1cc9ba1aL,0xd4d8c73f194037afL,0xc9b307c79c2f34d7L,
-        0xf02b5ddb947966b6L,0xbaa7d2e0b7ff7f37L,0x78c228d0f6991d25L,
-        0x9bd96a4c0aa5bae4L,0x93155e7c16f862c3L,0x000000000000019dL } },
-    /* 27 << 448 */
-    { { 0x3a730ac01ccc9a22L,0xe876db8a07b71c34L,0x5a4aa392fe69aae3L,
-        0x502aa22d9db171d2L,0x7c5fb005ad0f33ebL,0x5a2169a88c3bec21L,
-        0x76efaee9781c7629L,0xfb933efd72fb60dfL,0x00000000000000b8L },
-      { 0x1d4fca2eb1e91e17L,0x7187a86f864fd2a9L,0x896e3acbd37c6e14L,
-        0xb10aef2d42cb0645L,0x5c0c4b235e72c54aL,0xec0ae29ed1e2f299L,
-        0xb72c7f4c77e91c26L,0x41c241c4f37a54f7L,0x00000000000000a8L } },
-    /* 28 << 448 */
-    { { 0xca49e4056736b7a8L,0xbae02b57f438c9a8L,0x871ecf1d8dd5bd49L,
-        0x46b05ef1974903f5L,0x549128c348aa1a22L,0xe8f8d085ef5b4439L,
-        0x62fbea2fefee9906L,0xecd06f55c49261ffL,0x00000000000000f8L },
-      { 0x603a56fe1def19d6L,0x48d65f1d3e4cf99eL,0x6b92c5694559a51cL,
-        0xd133cca108c45240L,0x9656a7c46c134b2fL,0x7e407c2907d6c7f7L,
-        0xc346409adbb7cdf8L,0x4ebc0b91eec47250L,0x00000000000000aeL } },
-    /* 29 << 448 */
-    { { 0x04b789f81da8a341L,0x81827ac482bac9afL,0x85a2510cc0a342a4L,
-        0xe3d17837200d2557L,0xf951b01ff55cceb7L,0xa00d66f41472e87aL,
-        0xfe101e3e0a0b1ff6L,0xfc4b05f60f9e8587L,0x0000000000000173L },
-      { 0xd64fdd33fbea0ce4L,0x8aa0680aedb5fcdfL,0x78876c00e08cda89L,
-        0x9c3424f9034f2cbcL,0xea7170d1a86845c8L,0xd36a89c084650b43L,
-        0xfa5ef9e6ab2a83ccL,0x0458b4b756c03914L,0x000000000000000cL } },
-    /* 30 << 448 */
-    { { 0xef816b5cbca24a14L,0xe56ef49d80999021L,0x5724b7fc5984a0c4L,
-        0xdf9250fc23c4f692L,0x05b5d16a4a329eceL,0x389dd3268f017928L,
-        0x49cce29d7376ef1fL,0xd005fcf9adbb3387L,0x00000000000000ddL },
-      { 0xf7d7a2da1919ee1bL,0x99312ba17108fc88L,0x6e0fd013819b2ab5L,
-        0xac6dde9ca0415b09L,0x76aa7ad61116cb56L,0xa4164cb64d7e2873L,
-        0x25a4982b00d5204bL,0x3d528fb42ca1bc08L,0x000000000000011eL } },
-    /* 31 << 448 */
-    { { 0x7eaa6f4f202177aaL,0x407c3797edda27a9L,0xd1cc20254d51d733L,
-        0xc7950454c1c04a95L,0xb657108ffbb858fdL,0x6068f5a94b7af32dL,
-        0xbe741bb72701b289L,0xe786ab377dca6c64L,0x00000000000001f8L },
-      { 0x9f04d1950f884ecaL,0x036589956f965937L,0x62e3afa42c33ebc6L,
-        0xa2b8ba656f0e5fbbL,0x798f812abbc0c7c6L,0x7cc29ea1537a5d81L,
-        0xccd03bf8f1509aafL,0x3cf256c590799937L,0x000000000000013fL } },
-    /* 32 << 448 */
-    { { 0x30b495ff9b09ac83L,0x7767e8a105d9c9ebL,0xb15ecb0a1690a79eL,
-        0xa7b87cce1b301763L,0xc6849deaf28b14d2L,0x16d0b1585e5c94f2L,
-        0xbfda45241aee3ca8L,0xe52961635d737c3eL,0x00000000000001f1L },
-      { 0x339f76cc589b8ae6L,0xa133954ae02ea428L,0xf11e77f7980481acL,
-        0x890c3c2c87596275L,0xe0cfdace80b79bf7L,0x0031db26a3e3906bL,
-        0xedf2e3dda1c31197L,0x888f12192bc3f1a4L,0x000000000000006fL } },
-    /* 33 << 448 */
-    { { 0xfa11efb73c598a06L,0x1a9de85eaf29fc12L,0x9e436a4a3a85a95eL,
-        0x169c615c9e3c41d4L,0x2b29db6bf79e4c98L,0x22a26e1e1a467ad5L,
-        0x14e86abf782ac769L,0xfeed751a0e260ce6L,0x00000000000001e9L },
-      { 0xd4355ffdfe99690eL,0x186ec88dcf7d461dL,0x8422a8fed2d736f2L,
-        0x18f55e53ad868624L,0x1020ec9fbc659311L,0x86ddcc05affee0adL,
-        0x06931cb237608917L,0x850013ff1ef526c7L,0x000000000000002cL } },
-    /* 34 << 448 */
-    { { 0x125c5fab85fdc7f1L,0x78c6271112df7083L,0x2fd974779a17dfc1L,
-        0xafce9bff8de8fb96L,0x7a45cc8723fd724fL,0xfd1522f2de2fe1f5L,
-        0xbc1eceafbe939d20L,0xe8f9b64c5d35cbe2L,0x00000000000001a1L },
-      { 0xcebe167b4e9edaf5L,0xc40095abd68c6c3eL,0x5cbd305e44500fa1L,
-        0x52d56df841fc36ecL,0xc6dcaf21a267407eL,0xbef96b050a0d5c0eL,
-        0xd6cca309cf13700cL,0xe1efd83734b2d474L,0x00000000000000eaL } },
-    /* 35 << 448 */
-    { { 0x47d2bcbb3a59d179L,0x84c060960c814989L,0x25021261b2543f3cL,
-        0x5a894a77824a6674L,0xa80055cff8a90d72L,0xb67da52c3bbd3840L,
-        0x41b6cf441d172937L,0xaecb4a0fd0c7f2f9L,0x0000000000000184L },
-      { 0x4112abfdadec6f45L,0xec2292fd5af997b9L,0xec81483ea66da6b0L,
-        0x2d788ca6bf6e9369L,0xee6d66d64c9df525L,0x652248dfc233275eL,
-        0x26ab55ff60d792dbL,0xed6c78699d30d510L,0x00000000000000e3L } },
-    /* 36 << 448 */
-    { { 0x2827f5a2cfacc519L,0xfa201f6328fe5462L,0xd12ba386e76d1ed1L,
-        0x4eecc04b3f1857b2L,0xab2d2292bac8e16cL,0x94ff8f3ddc3f22dbL,
-        0x63248a3603b56f1cL,0x391de5d28c4539e2L,0x0000000000000100L },
-      { 0x58dda167baea3e6eL,0xc9c93a6d88e1646aL,0x16c540b124b20d76L,
-        0x9cfbc92113a036b6L,0x2c3b07ec6322b9ccL,0x88c8cdf43f0fcf9aL,
-        0xfd62cb99da598c89L,0xd6a4bbf8fa164bd8L,0x0000000000000146L } },
-    /* 37 << 448 */
-    { { 0xc393c42ce88d83acL,0x5c8b69266733c944L,0xda086abbca3012b9L,
-        0xff283a9b5acae577L,0x61bd875c3059cf58L,0x994aa16617621d60L,
-        0x519f8cd8be49f68bL,0x3a0a9a9e98e2cb2dL,0x0000000000000154L },
-      { 0xf9b9bd45dc4fa221L,0x0ace7ab384d38b83L,0x88d9fc2be55c1c3cL,
-        0x84905b18c6565620L,0x55c76c803bf25fe7L,0x96c9375fcd06b977L,
-        0xf890bfe99ce18390L,0xa6d94dbb19361d60L,0x0000000000000001L } },
-    /* 38 << 448 */
-    { { 0x708f272f49cf39c0L,0x10a48d4cc2ee3fa0L,0xab1e16f901c642baL,
-        0xb5eedde41983ee46L,0xe3c55cd6899e461dL,0x23000eba18d744d0L,
-        0x2276e90d9eca5818L,0x28ba08fea79959bdL,0x0000000000000174L },
-      { 0x19c844006e8985cfL,0x8c47325f19c95cd8L,0x8ce8f9be8cc20f75L,
-        0x5c1f05f4ccbe5f74L,0xc7611000293f57a9L,0xdf4273f284dad825L,
-        0xd90562d63ba6f844L,0x70362280592e0687L,0x00000000000000d3L } },
-    /* 39 << 448 */
-    { { 0xff33e72ebc72e5fbL,0xbf62bd87e7d6882aL,0xda5147fdb89aef99L,
-        0xb6f32dbd17a2f509L,0x9bd0eddfb286a468L,0xdd4d1b28b31307b0L,
-        0x4866ded9c76ded47L,0x22513a3a1ab2e1a8L,0x00000000000000ebL },
-      { 0x89e2f77acc1225a9L,0x6557eb9ce8a4d6a7L,0xd06696e55d2b30d3L,
-        0xffdbd1fa38241fb1L,0xece18f786da9b3a1L,0xc7be81d7f3778b45L,
-        0x551942079c94ba90L,0x4a4151d863583b90L,0x0000000000000165L } },
-    /* 40 << 448 */
-    { { 0x482c4b824cb11206L,0x2201973cda6ac67fL,0x90df76215995d743L,
-        0xee362af67e7b155dL,0x7f3893b65997d300L,0x9cb6280f48c1f500L,
-        0x334dcc96c04921e6L,0xd657696028bcbad5L,0x0000000000000182L },
-      { 0x9dd406cb615b1c61L,0x7de33627d9cd2e7bL,0x7bb1260c8775b9c3L,
-        0x8660e68e17b15699L,0x679fda73ed79d75fL,0x10d1c3e755a10c2fL,
-        0xc4a3f01c652e4c33L,0x34c91d58b7c42d3eL,0x000000000000002bL } },
-    /* 41 << 448 */
-    { { 0x9747a5bd85fa2a0dL,0xe15ad21ed11886aeL,0x2eef7ba93a2651f0L,
-        0x9e77aa5962686644L,0x9e7b79d4fb694bafL,0x3a430ea7a6b0849aL,
-        0xfb6f511c8c34f2b0L,0xd5c58ed10140425dL,0x0000000000000166L },
-      { 0x98c16d41e9539297L,0x287e5e5f403d122aL,0x52ded89abda5f4e9L,
-        0xa541ea800d429eb4L,0x763796a0dd2eb689L,0x5e35cb2d2001730fL,
-        0xfe0f4cade305badfL,0xd110a0cf2ee75cc5L,0x0000000000000029L } },
-    /* 42 << 448 */
-    { { 0x516e69a0c5a71125L,0x998a22f25c95ad7aL,0x8a14544f648f80ccL,
-        0xa59f36584ed65117L,0x4b5a92a85dd7e675L,0xd262307ac9fa87afL,
-        0x936957f30fdc3362L,0x994f83054b783d0bL,0x000000000000006bL },
-      { 0x56d8d538ab411cbbL,0x6c3be61485d78e8dL,0x4234020c833fc8e1L,
-        0xe4fdbf97b41ed949L,0x8c36618c0f3a1f2fL,0xe7dae0ee58f49465L,
-        0xe5b2b939b6a95411L,0x822fe9e126a6e121L,0x0000000000000094L } },
-    /* 43 << 448 */
-    { { 0x9cebe2a9d059f7d5L,0xb4c8f6deabc86eafL,0x7dacabf6c6e5ffdcL,
-        0xd8b22f229922c453L,0x676154f2174ea57dL,0x4d7ce6fdf9819e39L,
-        0xb19bc1bbd47ebfc5L,0x24383cd04709da01L,0x00000000000000abL },
-      { 0x8d5e8f8a3cb2e7eaL,0x2899be2733d8d462L,0x5e6e982153eb2879L,
-        0x04637531a17178c2L,0x8ce508f1f4495e86L,0xbbcc3223935c7f1eL,
-        0x72c33d4fd2e53b1cL,0x3f02c919bab47cdbL,0x0000000000000056L } },
-    /* 44 << 448 */
-    { { 0xf25929a379c36058L,0x6d0eaa35a743c8a3L,0x24943137c5850310L,
-        0xb78fcdc74d01efb0L,0xdf7a2cbd2a5e9f3cL,0x6d8c2cb9df226a5fL,
-        0x32f82caaedfffa33L,0xb520a44381c3f37fL,0x000000000000018dL },
-      { 0x477f91b7e71efa02L,0x9bdb34a93e3ca801L,0x29bdb247fbaa8273L,
-        0x1094b513dd94b717L,0x97c93aa247d54bfaL,0x8899075c84807d06L,
-        0x6cb0824b57f6ae04L,0x5d1def90e6c92379L,0x00000000000001a0L } },
-    /* 45 << 448 */
-    { { 0xa9abb86dc72edfbfL,0x976e9021ac090215L,0x045277f4e22e6e61L,
-        0xc7659062b8e5caa4L,0xfb951c4a8313d948L,0x5cf7b980aab03d43L,
-        0x638ad72853011671L,0x8982856158bf9edcL,0x00000000000000b6L },
-      { 0xa9f8e9d5670893a0L,0x950c5bd4695bfd4dL,0x9385ed198b1c6915L,
-        0xe65fea3ce8a000c3L,0xf115e65f45299c03L,0x5ea19e3260785ed1L,
-        0x68335fb1829d2dc5L,0x486ac0a949a1c2d0L,0x00000000000001baL } },
-    /* 46 << 448 */
-    { { 0xd1b72ef8e18d7e88L,0xe97656fb4c48d545L,0x72f28d05eb70cd01L,
-        0xace95a386825c358L,0xfa20240fed25cc72L,0x4bcd0bba8fc571c9L,
-        0xa8a77a6940165a4fL,0xaa0d24d5f1a5e08aL,0x0000000000000046L },
-      { 0xb2704a1a257cb8cbL,0x0606229140b7acd7L,0x3fced7fc0418bc8fL,
-        0x1d063bf612b0ffd4L,0x7f35d6845b8c2990L,0x11d5f9a3e8035f81L,
-        0xa8eb0824708300e7L,0x8bbae009cdff1bddL,0x00000000000001d8L } },
-    /* 47 << 448 */
-    { { 0xc98465cf1e099827L,0x231b39ff67a1f512L,0xb71a173966598bdaL,
-        0xaec36ef7b70b4422L,0x6115ba31fc2de257L,0x2caff11ae2fe1837L,
-        0xd1e8fe55a0aab548L,0xdbc7863b19ef5f6eL,0x0000000000000011L },
-      { 0xde6a08d39bd49a13L,0xa9b22ee15b3da1eaL,0x69f16ae2b6f6a425L,
-        0x81647bfef93b2684L,0xb20f7c385a5214b6L,0x9f3e7078d7dee661L,
-        0xd03efad577719f99L,0x58a09d6e42df766dL,0x0000000000000020L } },
-    /* 48 << 448 */
-    { { 0xba0a5d23dc831ac0L,0xcf0fe6fcbd41cfa5L,0x11d490d3adee7925L,
-        0xa8c359fc491d988aL,0xb97a48a53ff98345L,0x6c8ac5f21b8bb845L,
-        0xa9c9f2a85f157746L,0x79125887cf6ad9a4L,0x00000000000001aaL },
-      { 0x3dc5db89e8469532L,0xa9610220639df36bL,0x5806f730828bababL,
-        0x5ad5e58f60ef0fbeL,0xbcdfe863aad0a654L,0x818cdc6134f936daL,
-        0x3b6839b4d47dd376L,0x80db0098be99035fL,0x000000000000002aL } },
-    /* 49 << 448 */
-    { { 0x57e66d8002ac31a1L,0x7cfa3c5249aa4fa7L,0xfa49bed0cbe9b21eL,
-        0x52cb15789db98c26L,0x1d47d195301a3fe4L,0xdeb6e083d69b7093L,
-        0x1f5ff8447d4af7a7L,0x1d5de0701e12a92dL,0x0000000000000035L },
-      { 0xd78224473e451fa1L,0x604c458c535301ecL,0x25c9c867dd8c2390L,
-        0x1810f8d0aa93f0a7L,0xc2210ddb316fefb5L,0x25a94d5b68af35f8L,
-        0x53300a3e4a46f220L,0x53cd0eff6567eb3cL,0x0000000000000107L } },
-    /* 50 << 448 */
-    { { 0x463a0c31858ac43fL,0xf4549a21501dc385L,0x349e94abe9aa4f09L,
-        0x3e0650cb6df0e53eL,0x266d445b8a31d2d6L,0xe9bcccfe8740fae4L,
-        0x2497641bf4678f4cL,0x1399e0a702904c35L,0x00000000000001f4L },
-      { 0x2b3fa40fe14ed6faL,0x6cfd3a80a2d6adfaL,0x69b4e928f0fd74f4L,
-        0xc1392f2469c56022L,0xfa22fb98a24b1facL,0x5f69d1a2a25757a0L,
-        0xabd01cd5c5482128L,0x8c45115297d5a39eL,0x00000000000000adL } },
-    /* 51 << 448 */
-    { { 0xb0dcdad079443d3dL,0x2d9a42fe3a52d58fL,0x7955958903b2d65dL,
-        0xf1b0c12f8a0b9cd0L,0xbd734262222bdb0fL,0xb035bc18d2f0707cL,
-        0xaa3516119c456cf1L,0x46f91b9228a7d3fcL,0x000000000000018cL },
-      { 0x32b8a62934c1eda1L,0x0ecc02bd130644a8L,0x23d8ce282bfee465L,
-        0xbb8a3ed82e8997bbL,0xc46d3480432ff8c3L,0xfc2ebc497233d495L,
-        0xe55621e587b0b6f9L,0x928ca258af75145bL,0x0000000000000129L } },
-    /* 52 << 448 */
-    { { 0xf49c63f00ddef055L,0x48aa7a19d452b85eL,0x2e25071477b7fa65L,
-        0x214846773c8ecc33L,0x0bb90b9b9f3eaf10L,0x37b1620414c4c51dL,
-        0xc872bb78a1a5a425L,0x9346566a2f80d134L,0x00000000000000c4L },
-      { 0x68ac1057a1a2f1bdL,0x12c6c5bcfd33db61L,0x99298470a35fa26dL,
-        0x54af5dbf7dfb15c5L,0xca576278357de229L,0x003d3219872e6db0L,
-        0xbf3420e5722a6d5eL,0xe3256c9ec29eaf3fL,0x0000000000000024L } },
-    /* 53 << 448 */
-    { { 0x1bf4838b2a29f47fL,0xfbdc24b3518d9454L,0x75a3de3cf8240b38L,
-        0x6da0b6f7893631d1L,0xdfa309cac90586f7L,0xaf89f6d1801d0c3fL,
-        0x37544bb8ccddc955L,0x8b20db078bbcf759L,0x000000000000014aL },
-      { 0x3ad9424106b6601bL,0xf26564e2d069e9c7L,0x9370b0d5417b0b98L,
-        0x572bdd32e88921edL,0x2468cb1b6b12f081L,0xabedc7f96d585c3dL,
-        0xdd6625e6956519e4L,0x39d98d7bd3896f1cL,0x0000000000000012L } },
-    /* 54 << 448 */
-    { { 0xb8bdf12a5e0dafd5L,0xc84b1a43242f9295L,0x7b2ce3ced23a98f3L,
-        0xddc3cd517ac86f66L,0x53c1528aa5228de5L,0x8d1ff4e4ba69123fL,
-        0x32f4bc01b5ce90d4L,0xad5158cc8cb1409eL,0x00000000000001f6L },
-      { 0xb5ffd15aab839bdaL,0xd4652cb2f6c03850L,0x5ed9ea35ba6cdf1aL,
-        0x6963ebc45529204aL,0x7f5c0d7f3cbe2e09L,0xf7aa9f58878afde6L,
-        0x078e5e24e9c780a6L,0x78da0aee78a975adL,0x00000000000001c5L } },
-    /* 55 << 448 */
-    { { 0x071cf98df7134d20L,0x707f5869578e1b0aL,0x07a11e13a0c74aedL,
-        0x1c32de4466086da0L,0x0ce4c3dc156e6365L,0x3ca495174ca4ea96L,
-        0x929409321b049f10L,0xcdc6c5e45549420bL,0x00000000000001d5L },
-      { 0x11092c8b111881e5L,0xfd4467c943845ac7L,0x43a474e99b0dccc1L,
-        0xb3eb7612ed69f0cbL,0xc5ea3915e920a3faL,0xa80778f17580cc78L,
-        0x58bf893d588d51bcL,0x3ea95a47c036844fL,0x000000000000018cL } },
-    /* 56 << 448 */
-    { { 0x5f8fb091c8a11088L,0xc528c08244a8e84dL,0x2a38b398f419ab48L,
-        0x3e6a4d574f9e3fffL,0x84dbeb5e0f91941aL,0xa5d2364e8df0b630L,
-        0xbd79a9f578edc885L,0x20cca408771efab1L,0x000000000000000fL },
-      { 0x92c00dd612581153L,0x76a00a16d160483aL,0xc5f2f97ef8b8c8cfL,
-        0x9c51e9949039fc0aL,0x9ae8239115a1e161L,0x611f60f3f04c80b7L,
-        0x7ddee53b5930f39fL,0x139e22293734c045L,0x0000000000000169L } },
-    /* 57 << 448 */
-    { { 0x492a0d612b8f7df4L,0x9e5938bfdaddc812L,0x270ed13acd3591a1L,
-        0x96c535ad5b526ef5L,0x3fe87cb1c08417a5L,0x535abbcbcafeb810L,
-        0x682cfa1029bb9f46L,0x5cb429b34e142fe8L,0x00000000000000ffL },
-      { 0x3daac71ed0634825L,0xcf6e237fe85711fdL,0x804f34c977556d5bL,
-        0xe34f12c3f521b81eL,0x9f4c137f292e32a0L,0x3a8a1ccac9694a76L,
-        0x6e2378c78c3b70deL,0xbe0f52a6c07fe2ccL,0x00000000000000d8L } },
-    /* 58 << 448 */
-    { { 0x118fab8d79a79a9cL,0xbc2c9888bd218b46L,0x4ea3bd8c096a5354L,
-        0x75a99a2783850578L,0x2498a867b61ed37dL,0xd99eca87a1b4d8cbL,
-        0x78069810e502e8c5L,0xe124a2b0c1ee2bc0L,0x00000000000000f7L },
-      { 0x0fb991f57ea8324fL,0x5d03f2fc1b2fa900L,0xd7aecc39a2afaf48L,
-        0x6f5834408f8eae4eL,0xcbaf72380821726bL,0x5bac3a5826891763L,
-        0xb032fffce3476ef7L,0x5cbb984b60c21791L,0x0000000000000037L } },
-    /* 59 << 448 */
-    { { 0xa2cdcf6fc7a6656cL,0x3890d3dd2a668d45L,0x234f2e594925e5c5L,
-        0xee308962c91f5611L,0xa5c2244dafd2a34cL,0xe1f87b4883b55aa4L,
-        0x073efb988e8d2151L,0xf5a2060add8c1fd4L,0x000000000000010fL },
-      { 0xb36704d4f67f4c92L,0x5187b6fa3cf744ebL,0xe9e542fd24e4a727L,
-        0x80e7047c49cfad5fL,0x289d555413901f7fL,0xb3aa2b678638b4c1L,
-        0xf849ebf97ec3d745L,0xbf3ae59d9d645f83L,0x00000000000000ddL } },
-    /* 60 << 448 */
-    { { 0x62e3e3726899a80aL,0x84d09be49df44b97L,0x6e05ba9f147b7cc7L,
-        0xdbc7ebb4786f89e1L,0x59bd342f5fd35148L,0x74ff10abf21cd7bdL,
-        0xe9adec9a4963a567L,0xdf49024bbcf19942L,0x000000000000016aL },
-      { 0x583ad342e4e67976L,0x384f24864b4036acL,0x2d1de0460fded50aL,
-        0x5979c2d3231e9f33L,0x4357f19a6f1f6362L,0x03dc0490c7206d38L,
-        0x0a809b04d1f6a3d0L,0xb86a36390dad4ae4L,0x00000000000001f7L } },
-    /* 61 << 448 */
-    { { 0x4a43f2f8ab33fe25L,0x9b5f5c47cd37c48bL,0x9638182e53cd35b8L,
-        0x15080c5a2a01d11eL,0xa2ad1d1681cbdad0L,0x4d368c121388f3d9L,
-        0xa52874d32b5fca12L,0x3144ef491c9937e7L,0x00000000000001e4L },
-      { 0xaf4c873c1bef2db1L,0x854dbb8b41802396L,0x04ed772d8a107858L,
-        0xc302309c9922bb22L,0x8934bf22f903f12fL,0x1895a13453ac5388L,
-        0x4e3a136f9795b063L,0x132201f7ed77451cL,0x00000000000000cfL } },
-    /* 62 << 448 */
-    { { 0x3af5f35a9f1ead38L,0x2251fb919de293edL,0x35e60ce0549a3799L,
-        0x2daca779449e2012L,0xfbe464d153de4a11L,0xfc18cb66fec4b981L,
-        0xcdcc49d118082f41L,0xe06054d362025456L,0x0000000000000008L },
-      { 0x5402f1bd9bd9602bL,0x2f1c926627c3b232L,0x06b4503e2de448d5L,
-        0xbbeede93092ef103L,0x266cb7d16ba9f227L,0xaca181901b3802f8L,
-        0x358cf8b0902424a3L,0x03288ff4cfc7b845L,0x00000000000001e4L } },
-    /* 63 << 448 */
-    { { 0xd647fd5243cd6708L,0x3f6caa7ce80ca7a4L,0x446fbd00d53a4555L,
-        0x50e707aaf87efc06L,0x6194ffea631474abL,0xe59478e2846b6fd2L,
-        0x589039414b8854f7L,0x3b3c679daccf580bL,0x0000000000000034L },
-      { 0x3388ccd6d6d55e6dL,0x4f1e9f0c878cd970L,0xc2f128f4c7501b77L,
-        0x69d023525f9082d3L,0x350954abbe02b4baL,0x1d5f5bc828f937dbL,
-        0x9b01373dc36b85acL,0x0f3810828be8c7d0L,0x000000000000001fL } },
-    /* 64 << 448 */
-    { { 0x394cdaf5af579e74L,0x892cb4839f0656a6L,0x0ecd401f3e8e1495L,
-        0x655f01524caf97c0L,0x9712d15881912568L,0xd16e997a89dbdb52L,
-        0xeec17a551a8c4097L,0xbc19e865322bbb31L,0x000000000000003dL },
-      { 0x6b181fb67cfb9654L,0x3afdca352d651201L,0x19d26af461453278L,
-        0xeba73d693ebeaf7eL,0x39f7171e1832e1e3L,0x84b46c0e31a9f559L,
-        0xaea096cdd89db3c3L,0x193c91e76c409761L,0x00000000000001fdL } },
-    /* 0 << 455 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 455 */
-    { { 0xfb24c5b4c56caae5L,0x3855473b71a1a7f6L,0x225a79370cf6ff1dL,
-        0x3cdb0634b5ace9e5L,0x46de798d26b6384fL,0xf1ede134ebc11704L,
-        0xe80e4e37554519f9L,0x812e76db6349eebfL,0x0000000000000179L },
-      { 0xb0b69f323b354956L,0x27c782ecfc0d2a5dL,0x2bb2ebefa0dff80fL,
-        0xae8e58262c887ac2L,0x2e4886170ca3bf38L,0x77b1b7b434c9e517L,
-        0x5d42ca18db708de3L,0xc1b0482a4305eac5L,0x0000000000000091L } },
-    /* 2 << 455 */
-    { { 0x4331cdcdd6a37babL,0x67b8913785c741c8L,0xaeffcbdb4fc72389L,
-        0xcc12e59a1c7ae6ddL,0x4a35540bee1e838bL,0x6148fb60ecd3e84dL,
-        0x7319e868b2290730L,0x4321baae4de5208bL,0x0000000000000160L },
-      { 0x10c813e987717bb9L,0xd9e1f5a8cfb9252aL,0x0983c1f7d7bde47cL,
-        0x7446023b5474e52dL,0x1f189de81941b518L,0x1997c69bb425810aL,
-        0xe15b5f1e58bca332L,0x715da4c949092985L,0x0000000000000076L } },
-    /* 3 << 455 */
-    { { 0x384e3f6f58451e49L,0xaeb80f831e31dd0dL,0x4533e3674b9d5a8dL,
-        0x531d29f192c91343L,0x3ad61300badb78f7L,0x9430ca90b88c7e34L,
-        0xb29faff5d04c4cb7L,0xd1d5172032b962a8L,0x0000000000000037L },
-      { 0x15e09965dec37027L,0xd2cb9e7ef367e0baL,0x64c02f1bee17c9d0L,
-        0x64a78127eb7a74d4L,0x94bd3d97e2733ab3L,0xefbac0a22548d742L,
-        0x1834dd09691ced31L,0x5cd623906f6cbf38L,0x0000000000000193L } },
-    /* 4 << 455 */
-    { { 0x3e5927537600c9f1L,0x115da68ae4653acaL,0xa83d3cdea21c03b3L,
-        0x5821515780477c90L,0x876e0150c43df921L,0x176767d6410801f2L,
-        0x95e1b6c9b0b638edL,0xcda8e401979e84c6L,0x000000000000001eL },
-      { 0x5500c69c85cb274fL,0x5f2d975bde004d59L,0xcd545d2aa005b4deL,
-        0x4d3d02ae4e3b1b94L,0x53e64ccdb8ec522bL,0xacc3386f12efbb9eL,
-        0xc8f529c21cbd540fL,0x8428942d2f854a91L,0x0000000000000182L } },
-    /* 5 << 455 */
-    { { 0x52ac93ab9d106cc0L,0x6ade3bb2a1a00a39L,0xa6de45cbfe378be1L,
-        0x77ad40dcd0670c0dL,0xf86878493a2759c5L,0x483cea2b331d66d3L,
-        0xbf7da5e30c0a8a8fL,0xb6ae584ae13ed38bL,0x000000000000011dL },
-      { 0x80e9d0a253710983L,0xf52a813a2499bdeeL,0x3abc9538b0a63f6fL,
-        0x1abbdb5e88454852L,0x42562c99b16c6366L,0xb320389a1fe20061L,
-        0x3dc5368a0aafe965L,0x22165cb8786c4c36L,0x00000000000001a0L } },
-    /* 6 << 455 */
-    { { 0x2cda398733430edbL,0x7f0593f8ee487eb9L,0xe458e275d8765895L,
-        0x45c2e09311be3df5L,0x32545b1e51450f54L,0xf35bc1ee49d52cfaL,
-        0x59b8b719da91cec2L,0x4426171bab7fe631L,0x0000000000000135L },
-      { 0x17c4e11ce00a5618L,0x7a6ff5b1fe8be941L,0x72e91c8c2c90c5d3L,
-        0x9f45087980cfdf98L,0xb0d5d0d106ce62fbL,0xd9deb71557fa7188L,
-        0xf1d09702ac85d50bL,0x65ab22b5a170e75eL,0x000000000000018cL } },
-    /* 7 << 455 */
-    { { 0x8dad33f0dc5d94abL,0xf4db966bfac13747L,0x8a77811c06e37e4eL,
-        0xf9363ed30c3604e7L,0x90756e243ba7fce8L,0x3696963496b80bedL,
-        0xee684c2077d60148L,0xa5c2fb34655054d6L,0x000000000000015bL },
-      { 0xc3add12d16926ab2L,0x05ec8eafff3a3fb8L,0x0d04206ee9427d91L,
-        0xbeb4f190129e73b0L,0x17261339c4d688a5L,0x24dad00d6ed53db0L,
-        0x2528c44d45319ea2L,0x934c89cf849c5440L,0x0000000000000018L } },
-    /* 8 << 455 */
-    { { 0x92c099d20bec2201L,0x364fa15ab67ff463L,0xfb32ffd0b02f7e0bL,
-        0x5b57f9939d4c9f2aL,0xba5f437e4996b151L,0x961bd5fc431462e9L,
-        0x1fda019fdcd39411L,0x8ff5288eccdfbe62L,0x00000000000000ddL },
-      { 0x43f49a318ef349acL,0xe4f5a626301bae8fL,0x945e6a62d2681847L,
-        0x8ef66b51857c09beL,0xdaff64743f15435dL,0x215793cd3db84e5dL,
-        0xb2044d4bab1bb6c2L,0x4c7ac000580855ceL,0x00000000000001b8L } },
-    /* 9 << 455 */
-    { { 0xa136b9c582159046L,0x140057f04c4ead62L,0x8ca6289ebc981d19L,
-        0x4d649954c7decb99L,0xe5a5dd22865132baL,0x997c4359c0ac595dL,
-        0x0de89fbab741c450L,0x88ff00d621eaec9cL,0x00000000000000c4L },
-      { 0x588c3562c9825937L,0x36715b023cee8780L,0x2a36c31fbc044ec4L,
-        0x3122c43ddc1830c2L,0x502d3747d0ad0521L,0x0154ba8f1f2a32daL,
-        0x81ba266bb3b79bb3L,0x20f1812f498a41f2L,0x00000000000001b3L } },
-    /* 10 << 455 */
-    { { 0x52bea9dbc2a1b7edL,0x7844cd85e0d786e2L,0x17168d7a4d565a2eL,
-        0x1213c72b155affb4L,0x26a4857d606a308eL,0x6f0560d6b55b0018L,
-        0x7c8549e874e1b9cdL,0x322ba0629deeec3dL,0x00000000000001cfL },
-      { 0x0a7016b8f59fd1d3L,0xa81ce2f8aeebdf96L,0x3ac89a8a0f7e145aL,
-        0x3fe8a38d70351907L,0xa636fd48bf10697aL,0x4c0f860d7f93878cL,
-        0x546e63f5957d25e3L,0x1fd01e4a1df8262aL,0x00000000000001baL } },
-    /* 11 << 455 */
-    { { 0x247a1ac087e07d2eL,0xb3ba31de267cec57L,0x70c28376dfdff923L,
-        0xa5b0933e98010a4aL,0xe8a5384f36233cf8L,0x629f4df7bb8d7c34L,
-        0x08d3ce1f86e72077L,0x42d10ace698660b6L,0x00000000000000bbL },
-      { 0xcb6f4d27db329183L,0x702ddbde1d7d2f87L,0x3b33b2b0efbfd731L,
-        0xecbd887c8623c86dL,0x33cb70623a026857L,0x37e317913b7ed919L,
-        0x51936c18079f2a15L,0x7118bad7bc8668cfL,0x000000000000002cL } },
-    /* 12 << 455 */
-    { { 0x37e766a6c64f9c9bL,0x6cf5e0b616c4ce5aL,0x31a2b1e27bbe708eL,
-        0xf784a55291e24f0fL,0x1cdf807a1fd25709L,0x2669d80270ced72fL,
-        0x79e4492dd49751dfL,0x7fe014d87e7f3162L,0x00000000000000b4L },
-      { 0xe0a2be33ada43f51L,0xbc88356945f6e16cL,0xb3d2248ec5873251L,
-        0xd1118266e3f9b61fL,0xc427e30bf6d1dd12L,0x43f0925b0d8313a1L,
-        0x729dfe2a39edf59dL,0x7189f5a4ff4b7293L,0x00000000000000b1L } },
-    /* 13 << 455 */
-    { { 0x39502a01368c3556L,0xb35130c9e9123869L,0xe3134618586c2e0fL,
-        0xdd3442cf24f259d3L,0xf57c35ec40687844L,0xe90532e576f52793L,
-        0x55fc2464359633b4L,0xcae06ebd1dbc4636L,0x00000000000000b1L },
-      { 0x5489517f5b600d27L,0xc219eb240984d56eL,0x7b016f7ed9384e65L,
-        0xfb57337cb879d9a8L,0xb449a322baf2c015L,0x023817267f138634L,
-        0x1368bf27c9b321fcL,0x6385cb06247247faL,0x0000000000000004L } },
-    /* 14 << 455 */
-    { { 0xe4ea02cf8f3110b8L,0xfed60231de50a1e9L,0x62bda5e80a8fe01aL,
-        0x882f5313ade31339L,0x30102cb926f12837L,0xbbfcd761c1851e44L,
-        0x6e1c5d2b073b2ae5L,0x1542324c357ad561L,0x00000000000000faL },
-      { 0xa8eac464c37d1a01L,0x8e5b465daeedd902L,0x7f7b68f5fdaf7257L,
-        0xd88a2cf6b4badb28L,0xe0dfde89e4102b12L,0x9ed8dab7ab851c47L,
-        0xbb44bd5db4865d1eL,0x0c6d69d57f2f666aL,0x000000000000004bL } },
-    /* 15 << 455 */
-    { { 0xf1db7612f8af29f4L,0x0da52d90eec6ab10L,0xd16bfb69b851b5f3L,
-        0x8c660efa6c961596L,0x3f6f6951bea2c3ebL,0xfdf53cb06ee47dd0L,
-        0x305e36d03805cb39L,0xb02da6181c1bebf2L,0x00000000000001b0L },
-      { 0xfefb61ddd5edce86L,0x2f7081225cd97a1eL,0x120d97f785787836L,
-        0x10ba1b5da5c3f3feL,0xbf2320827474dcf2L,0x94f2cfe21431647cL,
-        0xcf6e137c7d9e88bcL,0x77f6796bcb8d5d69L,0x00000000000001d0L } },
-    /* 16 << 455 */
-    { { 0x9fb0a0d27a2ae93eL,0x89c9dfa314d3224aL,0xe70f39ef1ec1ea92L,
-        0x8c7c0024ad2dfd78L,0xc285ed1c3c5b7c09L,0xce6436d11fb27511L,
-        0x65f427ade3d07577L,0x22ae30d26827554fL,0x00000000000001dbL },
-      { 0x35ab2a33fe772f97L,0xb26d3f9db6b12767L,0x0a55e68e6c9da0fcL,
-        0xb481a8f865d2662bL,0xa670cb04ed1fc69aL,0x77e568a7f1c98c0cL,
-        0x85c30516952db9e8L,0x8a4ea765f15c664aL,0x000000000000012aL } },
-    /* 17 << 455 */
-    { { 0x24b51a35aef7687cL,0x77bcd6cd1d943eabL,0xf969c9d01f866f56L,
-        0xf7027c8e59f4f482L,0x1261f7e83e164d3cL,0x41ca85ec8188b6c7L,
-        0x6958934e4e646b45L,0x26a31442b45b4318L,0x00000000000001a5L },
-      { 0xffa95fba76172fe7L,0x8f3bf348c7dfc41fL,0x7b47ee9d9a3249b5L,
-        0x91b2331ee3041b11L,0xa8e47621c81d85ffL,0x69c6e66a7d34d69dL,
-        0x746f8fa00228f5a7L,0x49b1ab297ad79030L,0x0000000000000117L } },
-    /* 18 << 455 */
-    { { 0x3346c5da3b8d5865L,0xf9e603778f785ca1L,0xcd7267d26d5dc885L,
-        0x96ddf769d69ccfafL,0x2d6dbb25d9594959L,0xa04cb2836b6f3992L,
-        0x1a525509f70ba665L,0xd92bb7dc62535572L,0x0000000000000089L },
-      { 0x11ced4d3d325263cL,0x7722335f67a97800L,0xc5a85f2dffdb96cbL,
-        0x1f96d41972f44be4L,0xc1d49b3ab9261115L,0x0e5855b52419b535L,
-        0xd30bc50e4ba83be2L,0xc32fc472bf33f0dcL,0x00000000000001eaL } },
-    /* 19 << 455 */
-    { { 0xd22d064fd55dd06cL,0x8c131707554e5c06L,0xd0834b1c5ab31d71L,
-        0x068e97c08a8ec55dL,0xb354b9fbf2c24393L,0x68526695f43824caL,
-        0xeca17949714f7eb9L,0x3bac155a28673581L,0x000000000000016bL },
-      { 0xd623a454e1405449L,0x6f6344968257e0a5L,0x48a6f559686924d4L,
-        0x183eafd0b335dae6L,0xb0016fca611ff16dL,0x415cb8b78b736901L,
-        0x5613c8cb24ce9cd5L,0x923c4567f82c8007L,0x00000000000001b3L } },
-    /* 20 << 455 */
-    { { 0x5c720be258ab3605L,0x2820c97e11919f9aL,0xa4bc44dbebae5562L,
-        0x8d6d08d350fb9167L,0xde7d84ec8006e434L,0xb6e321bd9a42fff2L,
-        0x70071b01de4127fdL,0xbb67a667f73c64a0L,0x000000000000013fL },
-      { 0xfb25e553f31d98b8L,0x70c787fbe10132d0L,0xf28de5cf258b7508L,
-        0x709924fbf8b95916L,0x78ee0fef73060a42L,0x94eba1441ca70596L,
-        0x1d9405604113ad0eL,0x6ebaeb9d5eb59b5eL,0x00000000000001deL } },
-    /* 21 << 455 */
-    { { 0x8f3c34038513ad8eL,0x23d1068ce02335e8L,0x4df15aa26c8c07faL,
-        0xc8c79d63208b6e5cL,0x3baba1b5694025f4L,0x7537c5fcfc644cfdL,
-        0x67a988643eddd726L,0x5e802190290837ccL,0x00000000000000faL },
-      { 0xc972581abbdecc67L,0x1d388e42d42df1edL,0xa36e26d73014b6bfL,
-        0x68e7d409c17eb104L,0x1fba2f37c9bd416cL,0xa70c61d86280285eL,
-        0x1cca0fba92a82faeL,0x6b7f1886957ab120L,0x0000000000000156L } },
-    /* 22 << 455 */
-    { { 0xd55a28a7dc10eb96L,0xad0d50f0b772c881L,0xe1574305f391a2ccL,
-        0x0406799baf3c73f6L,0xadb82a35b80d865dL,0xc4aa10c63e74ddb2L,
-        0x0f9fa673a31c89b4L,0x134b2949ab05eb58L,0x0000000000000101L },
-      { 0xd3718bcacd00f753L,0xa01c7f4c5581cdc6L,0x25e7432b8ae54a23L,
-        0x9f1f4be4a8864359L,0x2578e281ba8918f6L,0x3df9ca3b8527e2adL,
-        0xcf13344198b23373L,0x32ad0ce945d70a62L,0x000000000000010bL } },
-    /* 23 << 455 */
-    { { 0xebf15c12cd6df125L,0xf8742bede0c3bb09L,0x7400e7b42949e0acL,
-        0x25ebe2a5b908bebcL,0x06c181ac9088df95L,0x17250bead541a8aaL,
-        0x3b57a812cae85f6eL,0x675f0f006d47478dL,0x00000000000000dbL },
-      { 0xff41c2f7a425450dL,0x7e448c6ef6b5814aL,0xc18ac9561125f917L,
-        0xc9b09818cf6dc728L,0x0ffb8f8ba74b6314L,0xbd600655ccdd3a35L,
-        0x5abf65d02dc8b7d4L,0x3ab6cecdb06470ceL,0x00000000000001e7L } },
-    /* 24 << 455 */
-    { { 0x4fb8b429f594dbfeL,0xc57ec74f3702a306L,0xa88664eb38a5e224L,
-        0x03bd2d507529c812L,0xb4890478fee034deL,0x77840108a3b354aeL,
-        0xffb76cdc93f4eb36L,0x0c211ef043c4667aL,0x00000000000000eaL },
-      { 0xc3e39ee2336294afL,0xc13f4a278b47f0bdL,0x90c93312fe8d9430L,
-        0x23e4f98c8899a8b5L,0x4e623a41007c34a9L,0x22f9e5d9bad91217L,
-        0xdace8fffcc6f1916L,0x49cdd45f2be203b1L,0x0000000000000166L } },
-    /* 25 << 455 */
-    { { 0xd62f4e0bf838c030L,0x5ee8619eff5e4c04L,0x573f6322f2ae5f65L,
-        0xf521755a815f196aL,0x52ddf3b992e013edL,0x9b1832f75789e543L,
-        0xb79c173b1aa8ee89L,0x6387e6de7a2a6291L,0x0000000000000141L },
-      { 0x2851d4792e19982dL,0xb824811991e95866L,0x986123011f6a3323L,
-        0xc3acf6105e17b5efL,0x3fc21269157bf97bL,0xacb8c9fe75aaf98aL,
-        0x6b4d228c3c3bdfa3L,0x4baf44ceabe5622bL,0x0000000000000189L } },
-    /* 26 << 455 */
-    { { 0xa8228eb3494ec6d4L,0xf4c3f2df66e6036dL,0x4a0bcbe1987742cfL,
-        0xc95b99a8e26fc56aL,0xc97d73eabc55ac05L,0x4ed64770e346b78aL,
-        0x3be208dfff5ba2d8L,0xdd2b3048d9de7d1cL,0x0000000000000134L },
-      { 0xba1c047088c3bbb7L,0xec2a0e1b7a3f7f2dL,0x6714b1767a37c017L,
-        0xf37978ebfca5dcd1L,0xe12941486fe75a3dL,0x563cb5467b5a6d85L,
-        0x730a871ae6255730L,0x0526e4aa06b13c50L,0x00000000000000b0L } },
-    /* 27 << 455 */
-    { { 0xe6e5671391d9ff3dL,0xde573dad43ff0f2bL,0xff2b0f78ead1ef3aL,
-        0x65d277c1a953c752L,0x86b27d0729c92783L,0x115d71bbaac092adL,
-        0x49abda98f48e8e98L,0x4a8dd8b689b41f8eL,0x00000000000000e9L },
-      { 0x3cb6410a0ba5dbe6L,0x59714ff58f9c260aL,0x76c17272988b3f5fL,
-        0x82cb77d8e171e7d7L,0x736ad952e19f1172L,0x4440cf6ffc6650a3L,
-        0x1dedd658fd78e3b5L,0x44cf2b3b8e33297eL,0x00000000000001a4L } },
-    /* 28 << 455 */
-    { { 0x71eb9485fb8547b3L,0xaf1da3442e086ab2L,0x6dbd491639614d0cL,
-        0x612a6ca365e06d5dL,0x2707f1b2e07c53ffL,0x790f26d549783b98L,
-        0xa940f16e94bad8e8L,0x2e1a7bcadb6ca03aL,0x00000000000000b6L },
-      { 0x3546c7ffccafca6bL,0x63272d70e14ce7d3L,0x27bf1e92de8a95b7L,
-        0xa8f658b4e40923ffL,0xe7e7d90319aaa4c2L,0x31419704616938f0L,
-        0x60badb4c73607bafL,0xf5a8c9f71a7f8968L,0x000000000000009eL } },
-    /* 29 << 455 */
-    { { 0xe8a1be53f7cf8076L,0x835d75075ed17febL,0xdd4e7d82a137d007L,
-        0x034b4a4ebec4128cL,0x97a6e77869848477L,0xf5f497447b7cd22eL,
-        0x7ebcd6f2e4ae90c3L,0x639a23d313d1fe20L,0x000000000000009cL },
-      { 0x63a94a750b5a12eaL,0x5ed1316535a18dbeL,0x108f40b1250766a5L,
-        0x0699fd0f3be758a6L,0xef0651edf555cef4L,0xc7cddb0991e0d002L,
-        0xd812e01ecc15cb77L,0x45a3ead3ae02880cL,0x000000000000016eL } },
-    /* 30 << 455 */
-    { { 0xd958953f38053cfeL,0xd0dca4087982a66eL,0xd1e7e8ffedf296d7L,
-        0x89403f2546c71095L,0xf9dd442a2197e27eL,0x04c09109a1856828L,
-        0xe0f10851c30471fcL,0x9845881cc5fbddfdL,0x0000000000000024L },
-      { 0x296b2075de6d1a79L,0x31700b8125baf333L,0x7eacd4191e723113L,
-        0xe296b9124dd7b2f2L,0xec4a609c3284a3d7L,0x20d5b58c0edcd7dfL,
-        0x4ae17e8562a0a946L,0x05db3034acd03e7bL,0x0000000000000037L } },
-    /* 31 << 455 */
-    { { 0xe117f7c6c77ec006L,0x52aa819720d4293eL,0xa513494e12cb1789L,
-        0x6bc91133c8458cfaL,0xef421ded0667ad04L,0x383dbeb1edea9c8cL,
-        0xd47d49b59db7b079L,0xa39d6cb4a990d3b3L,0x000000000000013fL },
-      { 0xc7d38b61e69c3f9aL,0x851ecd8f6b0830b7L,0x8a4086e71e5c2abeL,
-        0x3a717b444f21af8cL,0x15b162ef29f03bd4L,0x046ebf9d8bff7773L,
-        0xdaf386f8c226205fL,0x3b6c08c60f50c5c5L,0x0000000000000098L } },
-    /* 32 << 455 */
-    { { 0x6ad03106c4dd900cL,0x8227fb5d7ca08923L,0x2e3c1e7f863ba5d9L,
-        0x5f76d6bfb5be20d0L,0x841dc1d29492569aL,0xfda5b20e47e0dc0dL,
-        0x65aba1062d720dc5L,0x9eab8ffb03e6765eL,0x0000000000000046L },
-      { 0x32d92252497da0c6L,0xa2d4c8b1beb7b1f1L,0xede29968f01c7409L,
-        0xad902eb5da06607fL,0x2c60236c5c1e7d9eL,0x51f51ddd17a3b1f0L,
-        0xb71b393f40ab7cb8L,0x710fc9f9a16ac6bdL,0x00000000000001ccL } },
-    /* 33 << 455 */
-    { { 0x17a9f511c817a522L,0x43a3b550007aece4L,0x96a038d0c081e0b5L,
-        0xbe555f9fabc7c9fbL,0x3d97da9bd3f2d813L,0x924e5ed26daa6206L,
-        0x6060389e149fdfb2L,0x63405c57e663161fL,0x000000000000012cL },
-      { 0x1d535749a4996c62L,0x154d702fb7d9b367L,0x0683f9a7958437ecL,
-        0xed90375c67c11730L,0x25ec469479487577L,0x63d81f9ff945815dL,
-        0x62fa26f1ad0df408L,0x443de5eb41432e39L,0x00000000000000a0L } },
-    /* 34 << 455 */
-    { { 0x9a7ae6cf1937fbdfL,0xe520bc25b3b127d6L,0xbecbb9ad3f934c09L,
-        0x4eea4a4bad3dfdb0L,0x44a3e5454d6092d7L,0x79f2a6084b131c63L,
-        0xacdc5157338e48b2L,0x5895180b31633996L,0x0000000000000034L },
-      { 0x53d6e9a967add219L,0xdbda58e57a0acb39L,0x2beb62a9a501e4fcL,
-        0x09ae642eb8bcd189L,0xd99bd74cd3070382L,0x818602ea5fa033d6L,
-        0x2c7a8b66bd6174efL,0xc528911ad73d7039L,0x0000000000000107L } },
-    /* 35 << 455 */
-    { { 0xb097a9c2f6574536L,0x01dfb1ead319bb2eL,0x919b41fd10b8126cL,
-        0xd387f3fadafc4fccL,0xf07fe9237b4b8b0dL,0xaca2f681bfdbb170L,
-        0x2e229073a14a8bbcL,0x1e583333a004c3e1L,0x0000000000000121L },
-      { 0xe9c44b5713153005L,0x74f67017e0319549L,0x893b54f0aaafa8d1L,
-        0x61f414ef72b64577L,0xebe1f4aa89e38aecL,0xeebee7400152e2c0L,
-        0x63822c46e22b96e1L,0x8145b880f9e04ea4L,0x00000000000001f6L } },
-    /* 36 << 455 */
-    { { 0x70f229cbb6f71f93L,0x527c300f096b2a6dL,0x7eb15fc35d2b2a1eL,
-        0x073037886bf3f2b3L,0x09f662c4d861d407L,0xd56f054e95f869cbL,
-        0x2bff96ccdb9ac292L,0xee2d64d25e9b133dL,0x000000000000014fL },
-      { 0x5369672b2305675fL,0xeeee27df7c52d654L,0x3e3f0183901109b6L,
-        0xf71689afd656a411L,0x7c3d84abc38b5e62L,0xcea0ef8521a746b3L,
-        0xc5bcfd6af0d2c28aL,0x90cb94f6898a7fa9L,0x00000000000001c9L } },
-    /* 37 << 455 */
-    { { 0xaba2f77640133b1aL,0x9114351127a6fef9L,0x31687b81884480c7L,
-        0x6c7052c84c380de0L,0x7dfebacf0c44050dL,0x29a6e20b301d0518L,
-        0x83f7b2ef05e760cfL,0xa7761fa0e4c7bda3L,0x00000000000001f3L },
-      { 0x5e81cf8f5f22a316L,0x0eb5cd7a5b6e2718L,0x311f1e41a7c3b19fL,
-        0xfc878ca8e0c1b8adL,0x9ba4b865dce88c89L,0x42170861e7a6c11dL,
-        0xc302bd176a3c551eL,0x981f282f0b95bda8L,0x00000000000001c5L } },
-    /* 38 << 455 */
-    { { 0x45e81509e8e44c3bL,0xb45241a79f5ecaa8L,0x07e66b9bb2dcacc3L,
-        0x40043c9c19768addL,0xbc8029652dd99cf9L,0xfab3cdfb005a5e9eL,
-        0x36e1d42bed774e95L,0x76967c78d3e4bd9aL,0x000000000000002bL },
-      { 0xfbae6c36ce44de1aL,0x0fc8f7010721ad16L,0xde6105a31dd0cfc6L,
-        0xb7a3f2c209ad74b6L,0x516e7cf8fcf82cecL,0xd836e0e6b5552158L,
-        0x3eb895880579b9dfL,0x2fc2edd075f65cb0L,0x000000000000005fL } },
-    /* 39 << 455 */
-    { { 0x209fd86fc4137737L,0x34bf527b978a68f4L,0x567eb20b0524f6b9L,
-        0x86c410e79eea1c80L,0x97dee397954cc697L,0xc18b5bd59a84dd36L,
-        0x2a2da3a7ee023a11L,0x86a285102dbc351bL,0x0000000000000093L },
-      { 0xfbcf67f59f2e22b7L,0xfd1c4381e2309b87L,0x70afab784b2ef658L,
-        0x97e54cad9d17cb2fL,0xb0c6b4df35aa6422L,0x83fa36a31237f048L,
-        0x9ad8104a331e9c53L,0x8bb00b123d97ab25L,0x00000000000001b4L } },
-    /* 40 << 455 */
-    { { 0x918afde6dd0f65e6L,0x667ac91da60ee85fL,0x0b1a2ad0f5ff339dL,
-        0x3a6125964b0cfab3L,0xaa581d090d017c03L,0xbeddacc0fb5e501cL,
-        0x55b8408587c6b6c1L,0x00f407609e6153d0L,0x000000000000010fL },
-      { 0x205043e2c8e8cb57L,0x3d3727c5823a3034L,0x23370101d9e5df15L,
-        0xf731c40fc5114c53L,0x8e75d60430a82cc0L,0xd37ccfb8121c66f7L,
-        0xedf7a2a6c8593bd5L,0xbbf51d6535e1fb10L,0x00000000000001deL } },
-    /* 41 << 455 */
-    { { 0xa17bb177dc0e1ef8L,0xf584de3446ed722bL,0x4b0603607255afe5L,
-        0x6d3f576ca596d508L,0x48631ef184744e19L,0xd46c50ad0ef56fe3L,
-        0x6ddb4398ea9feb8dL,0x5657e597d644bcb2L,0x000000000000005eL },
-      { 0x70c62c4674ceb129L,0xaa4fb4f7f7dc52e2L,0x0d4c8ffe05ec9b3cL,
-        0x99df5287e6ec0a63L,0x3113604225242ecdL,0xcd6a183fe5a9f9d5L,
-        0xd637a75ce46032a7L,0x3d1a48b60ab918b9L,0x000000000000003bL } },
-    /* 42 << 455 */
-    { { 0xc171893ab62f6307L,0x79d5af9085ab06e0L,0x9c3679f3599351c4L,
-        0x736031906d60ff6eL,0x2c98c205c5148a73L,0xe81ca4cb9f935ffbL,
-        0x5101448879df55ceL,0x10d3424ab4c0e674L,0x000000000000014dL },
-      { 0x00aeb5cbe469eef0L,0x07c01cfc0f37d3e4L,0x4e267bc688ced992L,
-        0x237d6f19027453a6L,0x6ce9a46ca02dff38L,0xb48c2de3e9b59a51L,
-        0xf35d0e66ddf74ad1L,0x86f7437185cd3698L,0x000000000000000aL } },
-    /* 43 << 455 */
-    { { 0x263bf75377aee0e3L,0x5b295858c1eedb82L,0x5331a56b952329a5L,
-        0x48a0796cf6a59c36L,0xe85f29551b055becL,0xf93e92e2d0dbccc0L,
-        0x3ef186a50aa5763aL,0xb29991763e1eaa92L,0x0000000000000038L },
-      { 0xf79fdc4de38ccabaL,0xe7b0c6558caf6844L,0x296cce34714fcdd3L,
-        0x1a48345621cfec87L,0x2a8312d2358e9594L,0x610e6381a0afd4dfL,
-        0x89e6492a8e1029e6L,0x21374b02a785d5a7L,0x000000000000015dL } },
-    /* 44 << 455 */
-    { { 0x2861a30eb68c0635L,0xc2129da0128d086cL,0x71851e3d95fb00d8L,
-        0x6be824592c8800ceL,0x5521a722ce3a6551L,0x695af21cf0572143L,
-        0x1b01ba0f9a2b9d06L,0xc7a637ebc61d4109L,0x0000000000000176L },
-      { 0xde540faa89107147L,0xa69764f80cc6d6dcL,0x81569f23de0c90d9L,
-        0x517113424a2222f3L,0x0c490876bbbe9e08L,0xb218ae1da3475159L,
-        0x0eadae96c8e51833L,0x7993eb897570ca6fL,0x0000000000000003L } },
-    /* 45 << 455 */
-    { { 0xe9d8cf2d8785a41cL,0x36959f1c8d4f1dcaL,0xb0f16556f44c8f0cL,
-        0xf788aaac699f6e69L,0x8abb277294c578f9L,0x8c38c394dfc06c9eL,
-        0xdfafe95575442f3cL,0x2d9e16378435de99L,0x000000000000007dL },
-      { 0x774db458e4ef85edL,0x198e3637ea0e6694L,0xa5e77830e40e988aL,
-        0x180c3b5b74b081e6L,0xa39ebb6fe5bc23f9L,0x5c98492369c1387bL,
-        0x0d9d7416587975baL,0x424b5201488c1367L,0x00000000000001ecL } },
-    /* 46 << 455 */
-    { { 0xff5a55c214efd7e6L,0x1adca75e365a094dL,0xafa2b130605e96adL,
-        0x4aaf11849898ced8L,0x5599ad68f50c7414L,0x94be391326bd2eabL,
-        0x54ec8fa2f0cb23abL,0xf5920c89b6d8b96dL,0x000000000000012fL },
-      { 0x017d7945611261a3L,0x542c34269a3b84e9L,0xe2f9e3b19aa43757L,
-        0x75f2e88847f67da4L,0x64eb39e58eeee318L,0xdd8fb1eab23b0d46L,
-        0x0971767d60e07045L,0xf8c25ba53967eedfL,0x0000000000000036L } },
-    /* 47 << 455 */
-    { { 0x7ac23ed5462ca57aL,0x859f1e17b839657cL,0xfd9e2e325a5e48a8L,
-        0x45bbd738aeeb1b7aL,0x1786362c8e2b75c2L,0xcb5a7415854623e0L,
-        0x1b71ca28e753b2d4L,0x92dfa281fb021727L,0x0000000000000070L },
-      { 0x0af516c1c9ffa091L,0x42980007ddbf8d4fL,0x3a9df51f9a67fae2L,
-        0xa984f61c8383e456L,0x6eba62bcde9db2f5L,0x612efdba5b905e6cL,
-        0xfe1e383995aae128L,0x75a64613ed632571L,0x0000000000000015L } },
-    /* 48 << 455 */
-    { { 0x2ada7940334d380eL,0x02f067bd7076d98fL,0xbe6af9ceb6975322L,
-        0x1d145ee3dc8fec6aL,0xa222be87758076e9L,0x1a8e5d43b84e9fedL,
-        0x137692d4ddf34cbbL,0x6dfdb9297eae4ae1L,0x00000000000001d2L },
-      { 0x7e231c00d1551943L,0xcc44391628a2f7e0L,0xeecf6cb476040912L,
-        0x6d4c14e8be5a22d9L,0xf90d649d3282241dL,0xb5419dc2e561a554L,
-        0x4b69138e82ab84efL,0x5224b9b561afd072L,0x00000000000000adL } },
-    /* 49 << 455 */
-    { { 0xce08fcf6d04171b8L,0x4470ba5dab720d25L,0x2e7666ad5071f025L,
-        0x15f9107c0490cfbfL,0x03786dfbf7edec5aL,0xa3ab26f2371f6194L,
-        0x665c2e17943af89cL,0x181c21f31c3493cfL,0x00000000000000a3L },
-      { 0x9a689ec87ca04084L,0xbc10f3e5a1b7ad4fL,0x3848a05d0e4629c1L,
-        0x5d1524e1594465a3L,0xe73e3208939b6dfeL,0x394cab75dcea7042L,
-        0x4e6325fcf6c3716fL,0x68a3e3ed7796be72L,0x0000000000000176L } },
-    /* 50 << 455 */
-    { { 0x599cd0ec19878894L,0xe7143cbef201ce5eL,0x10da3714a5fb9cf7L,
-        0x1c9122b2773764c3L,0x4635467e2027dfaaL,0x891a7d9dcd55ed99L,
-        0xf343aec526f12cdaL,0x12c08f3a438e2784L,0x0000000000000179L },
-      { 0x8e2ef2fe5bae4783L,0x9d7cef170232cbbaL,0x083db67c52253a59L,
-        0x37e59d4263da345dL,0xa8e574ea3d0d079cL,0x86ef4870a66d7cc2L,
-        0xe52c34274734a3c0L,0xbb6fbdb41bcd144dL,0x00000000000001d3L } },
-    /* 51 << 455 */
-    { { 0xa00168b412379ad3L,0xa2868b5b4a48c0e5L,0x3e403c86504a9c17L,
-        0x75b6907209543de1L,0xb75b42c499043a93L,0xa2e009d45e566fb8L,
-        0x11d754e0a583b69dL,0xbe0fa1b4de63df49L,0x000000000000015aL },
-      { 0x612814a12c6aae03L,0x408b7372915e29d1L,0x61f61e12e73428dcL,
-        0x2085d678f7e77717L,0xb1029211f963b36cL,0x25bd69c89327c6e2L,
-        0x7dd7d1a1c981dcbaL,0x2d539c7ce37c6a61L,0x0000000000000022L } },
-    /* 52 << 455 */
-    { { 0x8d21680e0728f4ffL,0xf7fcafebd3f8ff89L,0xd2d0f396fc6b6546L,
-        0x8cf7d514e633a609L,0xeec1ab0faa3e51acL,0x0a48bf23f0f80226L,
-        0x4cac2e1fc760431cL,0xcfdea2348ed7cb1aL,0x00000000000000d1L },
-      { 0xe9f93bca5750470cL,0x152b0ce438fc7e24L,0x1ef36c9ed4a355beL,
-        0x749ecc7dc9cca53dL,0x4ef6355437f7c108L,0xd52c4ba48aedf964L,
-        0x8b7ea74c64626574L,0x932ea2a11b2b87f5L,0x0000000000000164L } },
-    /* 53 << 455 */
-    { { 0x9ff3327685f612fdL,0xdf4f0b6dc3c52e70L,0xa1a1e4a964bb28a6L,
-        0x36d03f2ef1d7d1c3L,0x713fb6f44ae93407L,0x0c2663100ec30593L,
-        0x66aca9e329b5d9c3L,0x7d37a8fc0a1def97L,0x000000000000000cL },
-      { 0x98796288fb425696L,0xff1a6d29cfefe3a4L,0xcfa5943801fd64baL,
-        0x6a4024ce28438b13L,0x7f2c7ef6301c73c1L,0x5157f61082d44729L,
-        0x9cba0eb974e95fbaL,0x2af6f3c9da31cc7eL,0x0000000000000164L } },
-    /* 54 << 455 */
-    { { 0xff6f5774e9c6175cL,0xb2021f132c173fc7L,0xc83a71f46216e5f5L,
-        0x92cdfd754c193206L,0xde732cde4d22b91bL,0x4cc370e5d7a01b58L,
-        0xbfa177b448ea185eL,0xbf12228870f5f0acL,0x000000000000017bL },
-      { 0xd724f42f8316c8efL,0x6905c0c0ac459200L,0xab0cbe91dbc7be67L,
-        0xf06b9cbae5fef79aL,0xd7a0f1a2cb237962L,0xf69b237bb47d05aeL,
-        0x8a81d536c2c53527L,0x51225080b0f26302L,0x00000000000001d5L } },
-    /* 55 << 455 */
-    { { 0xfea9cc0820d402a1L,0x509a70ebc76080f2L,0x7580e94558aa7d0fL,
-        0x6471e00c8d610043L,0xf7c55c9f0fb867ecL,0x7d6d03dd6b89866dL,
-        0x3fc18d3420c4eff8L,0xe3dbea145d1d2313L,0x0000000000000179L },
-      { 0xb2c10b3c736797f4L,0x9c095e9dd5fb62feL,0x743ddb07edfd0c2eL,
-        0xa8800366fa8d5851L,0x29347e8eb6cfa213L,0x42ad89046c7c633dL,
-        0xed00235329db442aL,0xad54d66623a2dc5bL,0x000000000000003aL } },
-    /* 56 << 455 */
-    { { 0x2ebae39103bd7a6fL,0x13ff72a0140373b3L,0xa5b141a530872b9cL,
-        0x61ac67b5d9c814ceL,0x6e6ab6920438b9b0L,0x6f4aa29364f88c78L,
-        0x72d11944e9552beeL,0x7d9f109277e33318L,0x0000000000000054L },
-      { 0x1c5268b29acfdd22L,0x228c8fc024fac5bbL,0x016752ec0ec7ed62L,
-        0xd8ef13a7b5a87ec9L,0x9bc2ae729b4b08cbL,0xd893fd89557487eeL,
-        0xafa93167c5392bc1L,0xd9c4fb99ab6145d8L,0x000000000000005eL } },
-    /* 57 << 455 */
-    { { 0x1149336e72ac95d1L,0x4c91f13b36a6036bL,0x225902f97996e931L,
-        0xc909dad12d1a49cbL,0xa04dd8823e602465L,0xaa74cf8f81ad983bL,
-        0x763f241dc0602498L,0x01e44d072ee437faL,0x00000000000000a4L },
-      { 0xb3db828d8f95d8d9L,0xe9b27a3e4450b812L,0x52d0967e11b19723L,
-        0xbd50c86ce35c5c80L,0xdb536850b0b1f3efL,0xf5ac19c371efd402L,
-        0x54bef49e59cd819bL,0x290ad09a7465ee11L,0x0000000000000082L } },
-    /* 58 << 455 */
-    { { 0x8c81d20117796415L,0x96df8961a41a5c87L,0x2f683ed593038a8eL,
-        0x716a79c9ed5e731fL,0xe68ef96066ac1e81L,0xc9bebccec524da56L,
-        0xf4b5d4a9177bbe84L,0x6ce36c9ce6186b68L,0x000000000000014eL },
-      { 0x161dc2e2883dff67L,0x51307f27eb431a89L,0xde5d4eb546e62c45L,
-        0x8fe6dd46e534d7ccL,0x36425cca2c53c201L,0x415b963968c204e7L,
-        0x89e7bdcd9f23732dL,0xfe64f5cfe68f1042L,0x0000000000000173L } },
-    /* 59 << 455 */
-    { { 0x5435603769b30790L,0x51ed00912f5b77d6L,0x6b54b15b131a7282L,
-        0x211ad378cbd36a8cL,0x34c16f4bed3eecbbL,0xc24f076bd9171627L,
-        0xd886847908657939L,0x244ec1baafebdba7L,0x0000000000000192L },
-      { 0x1b800e47fd724355L,0xcaa24c65dcc4bcf3L,0xeaa8571a7e3df4ecL,
-        0x2dcdbb0c5958fc6eL,0x2b1576b4cdd587e0L,0xf4e38c6cf3704941L,
-        0xe8e9bc2cc74de3a0L,0xd8594532fa4c5a2dL,0x00000000000000c7L } },
-    /* 60 << 455 */
-    { { 0x1a2de621d3f97283L,0x6490069191ca7921L,0x8ccc97d8fc69ccc1L,
-        0xae42e47f82a38371L,0x6903459a7e1d913eL,0x195ce6e4a78938d8L,
-        0x166416eb2712a0d2L,0xfc643243186b4b06L,0x000000000000019bL },
-      { 0xd54ca42aeee3a04dL,0x2d541413d5efca8eL,0x49115fe689fbe015L,
-        0xbf27d2678dd0851dL,0xbe50e034bc0281a7L,0x3f4e7ff1ca2d692dL,
-        0xd14dce191ca3c7b1L,0x27f9941a395f0b98L,0x00000000000001b4L } },
-    /* 61 << 455 */
-    { { 0xeef667b0e59502baL,0x7004ebb230c2dc42L,0x7dde5dc19816002fL,
-        0xcabedadd130cdbe2L,0xd3e313886b61a332L,0x9361770331e77c39L,
-        0xe152f854d2e9a54cL,0xf692b0e0409b7761L,0x000000000000006bL },
-      { 0xcdf2a769675db132L,0x9cf60fb4c021c4b5L,0x85ae29ccc6f8ab53L,
-        0x3f2604555d8ba929L,0xf12440613a526ab4L,0x07f6786582d7e4a0L,
-        0x1ee6dc4a196b3b01L,0x63d990fbfe1ddb4fL,0x00000000000000a2L } },
-    /* 62 << 455 */
-    { { 0x1582b86eb4498ac2L,0xf11f80e2ee605f5fL,0xb7c8dc4e60dcd7f9L,
-        0x2a06825b4b80356fL,0x41bb0da77e959943L,0xc0d5e398b4590db2L,
-        0xcb3232f28756eab9L,0x9d4ceef76e88c536L,0x00000000000001e5L },
-      { 0x73935b8f4dcbc4afL,0x5695ec670d9f27f0L,0x53a03172d530386bL,
-        0x51b1e293a6e98f81L,0x1ad5c0e0dc3e5b39L,0xa5414a2128acb62bL,
-        0x96a450f791d1f852L,0x398f2a08aa5db342L,0x000000000000014bL } },
-    /* 63 << 455 */
-    { { 0x25e1f974e7957ba7L,0x2926ba4a36f165afL,0x92eada47e14be343L,
-        0xc7acd9f7d2eb5160L,0xf2f1c7004a2f58e3L,0x991e3726c2d83bf9L,
-        0x3526d6bb8b367f2aL,0xad87a25e2365148fL,0x000000000000010aL },
-      { 0x04bb40a8f2902a8cL,0x69316b4a004e47eeL,0xaf8f683e1259c9dbL,
-        0x36f36eff9ce6b2c9L,0x061325ecb4327f6fL,0x4d8a6a22ba5f20a6L,
-        0x7ac29df33e3eab51L,0x0cb65295d4063ef3L,0x000000000000009dL } },
-    /* 64 << 455 */
-    { { 0x8a3e381ccdcd741bL,0x2c5acc0b14e8f964L,0x209d040429621441L,
-        0xd27a65cb2995c3b4L,0x3a776ff06ec13968L,0xa2d95ca7db4f8a0bL,
-        0xfdbc547d6c04ea3bL,0x30ba75a8db40f58cL,0x00000000000001adL },
-      { 0xf6406a6b84115d90L,0x7d2e26ac0f228b65L,0x1e17672b9029a8abL,
-        0xeaa84d813ecf05fbL,0x9e16e91db5f5b798L,0x7287dbd5e978749dL,
-        0x85880f457fe092aaL,0x80b3126c514afdcaL,0x00000000000000e0L } },
-    /* 0 << 462 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 462 */
-    { { 0xadbf4f9faf2ed12fL,0xce1d19e4f380fd8aL,0x0957bdb5a39e81aeL,
-        0xf9833321626ef6bcL,0x110ae5ea0cf5b28dL,0xab15945020392cd4L,
-        0x67c498876bc67855L,0xce7e5938a3fd61c6L,0x000000000000004aL },
-      { 0x59c5b9ef28c7dea9L,0xd02f95ba0a6a7184L,0x034dc2578202769cL,
-        0x213b0b0894dd6896L,0x03730b7fb5dea95aL,0xfe243ed0617ca889L,
-        0x16cf4d17fb1ba052L,0xd8691d6b226f96daL,0x00000000000001c0L } },
-    /* 2 << 462 */
-    { { 0x15a257c527a668abL,0xa437f499c920d8dfL,0x297b6764d4cd271aL,
-        0xcbedd33b87ce8d52L,0x4ab3b76110385c75L,0xca68612323436b58L,
-        0x44d5a94d8d52f4e5L,0xd125e021605bba0eL,0x000000000000001eL },
-      { 0x578cd28335e40c74L,0x898f4684244ea58eL,0x158ae785154fc334L,
-        0x466c1c29d8d62231L,0xef781790c48b1013L,0x7a902e83c3253275L,
-        0xd0aab751b1aeae85L,0x89248d120ecd9b0eL,0x00000000000000e7L } },
-    /* 3 << 462 */
-    { { 0x92e5bc5c8c7671dcL,0x0eda1a20215e6b5fL,0x158462923104e97dL,
-        0xd0513d5868bfd00cL,0x3439d9cdbd88796aL,0xb3d0c7919ec37b3dL,
-        0x8e0ac88900c49d4fL,0x3ee90cb4441e1f08L,0x0000000000000079L },
-      { 0x24c36d60fe7e66eeL,0xff0aae245f990abbL,0x78308e0d041b19c4L,
-        0xecaa1b05c7ed7c0eL,0xd1d45e1cd86c1272L,0xff74e3e91b7ddd34L,
-        0x17b6d9984948d333L,0x1d2c2bae12ead07aL,0x00000000000000c2L } },
-    /* 4 << 462 */
-    { { 0xe12d8922cd5f918fL,0xec7c176349f73f1bL,0xcc5a3a14c744eb3dL,
-        0x2b96f342782dbda1L,0x87284905ab68dde4L,0x647354b9e720668aL,
-        0xe07da694739c4393L,0xbae499bf2cc145f9L,0x00000000000001aeL },
-      { 0x74eeeaa477c16db0L,0x297624e8eb22ce92L,0x9d3944bc45098c91L,
-        0x6ff31fa0fa4dc50cL,0x3c7fb6dacc40c211L,0x74d95dec96b4cd1cL,
-        0x829423dba6388941L,0xaa2b7d45fc3123b5L,0x0000000000000119L } },
-    /* 5 << 462 */
-    { { 0x90a1a0ec3f49a005L,0xacb7506b94508ef3L,0x3e44866b8af044beL,
-        0x00240490deda67cdL,0x88a83372b773399aL,0x84c5c9ab2969b007L,
-        0x9fab80da8cc3eb59L,0x55b3ceef0472347bL,0x00000000000001b7L },
-      { 0x886acce0c83ffd24L,0xcba2aa08a61f2f61L,0xf4ff7cecbc7ab151L,
-        0xc825c0ae23a23bb1L,0x4bbe707cd3b316b7L,0xcab4a987ca9bbd00L,
-        0x4cb9d017a4741041L,0x3e5014b4718db768L,0x00000000000000b1L } },
-    /* 6 << 462 */
-    { { 0x3f614850400ed29aL,0x6ff097c0d252cdb3L,0xafbeb6cb589c3201L,
-        0x0f900ae78d3782d5L,0x69902554ce4bfee8L,0x91d1ce3e51965228L,
-        0x61c93b4ae8630088L,0x066dbdd793d1c0beL,0x00000000000001adL },
-      { 0xf65ac289fc255d76L,0x1ad9d35d122e0cd0L,0x3b29d3fe4f08dde9L,
-        0xa1a3a083d1829c0eL,0xc7500da1469b3ce2L,0x8cba6c9931ea259dL,
-        0x6724d90dc78af820L,0x0be3b075170d6e15L,0x00000000000000dfL } },
-    /* 7 << 462 */
-    { { 0x108c69d8ffdb2cdfL,0x95008e039022f9dcL,0x9206904662c29258L,
-        0xc388264486233b0bL,0x79862fb5f196c059L,0xe47b071f515c7d8bL,
-        0x019d7c9a96ef0fb7L,0xef99e754d21aa1a0L,0x0000000000000068L },
-      { 0xfb114e4348013bcfL,0xd510664864739742L,0x4a4f811b623625f2L,
-        0x7f36f16b9c64ea5fL,0xe829e645bd173948L,0xfde730475af3200aL,
-        0x8bbe62cffc337d06L,0x98549a55c985b1aeL,0x00000000000001b7L } },
-    /* 8 << 462 */
-    { { 0x404216db33849ba6L,0x7979ab027b42813fL,0xb0cabf29117e27aaL,
-        0x3e449cb65a0ab76dL,0x34efba77460b6964L,0x7553e0a66fead00bL,
-        0x8ac8857116963cf0L,0x01716cbe017ad9d1L,0x00000000000001f8L },
-      { 0x30cfe5c1d21fbd36L,0xc7a0e466df1fe3b4L,0xca38fd1cc8ea2c29L,
-        0xde2e20394e54630fL,0x3b152ec3885b124fL,0x704a1d76d39818c8L,
-        0x0e74a9825207d2c2L,0x2b2dc7c8ec4d71a5L,0x00000000000001f8L } },
-    /* 9 << 462 */
-    { { 0x4e5c2656a20ee12dL,0xc4beb2bbf38239bdL,0x8911466401e32b71L,
-        0x9282668c52808f4bL,0x99825c89586715f7L,0x73e4d0b0f6760accL,
-        0xf24743d27956e8dbL,0x219289ab9074bb3bL,0x0000000000000147L },
-      { 0x0ce42484e18d70c0L,0x865b0a12ed9a8b42L,0xe9e2c3a206e2060dL,
-        0x11ad93e462d02433L,0xf9faceca382d0deaL,0x13fdae7bc2f70442L,
-        0xd5ecf82693862d21L,0x3286fd7361440676L,0x00000000000000d1L } },
-    /* 10 << 462 */
-    { { 0x9059c13b115d7186L,0x42c5cbffaee2253fL,0xb326c80627914590L,
-        0xd78cd2604c197c2eL,0x076b4d3c84d14e78L,0xc75fba4cbe666d35L,
-        0xe564935922126692L,0x62773e9a1d415c9aL,0x0000000000000144L },
-      { 0x39518f5ffba49366L,0x15a2865a6a82670eL,0xe6e08537e05bc13fL,
-        0xd69de2c00bf3f3a0L,0x75096c76d362830eL,0xf3744a2e0177a66aL,
-        0x3de2a9ddc9baf0e6L,0x3c0f980fb6d810d5L,0x00000000000001b4L } },
-    /* 11 << 462 */
-    { { 0xcc94284db189ddb8L,0xb485dd3e810cb5b3L,0x7962589cac622d13L,
-        0x66d67d6807da5abfL,0x159b0de064fac523L,0xfb87c9e036ee4172L,
-        0x8efdd2605f67a45cL,0x967626223addee84L,0x0000000000000185L },
-      { 0x612588e0207d2d04L,0xfcea78b33a859390L,0x73e90526997cba0eL,
-        0x805d7844afdcc542L,0xc3f76999e81e478bL,0x9cdebd300a4966e3L,
-        0xbf267a7251a2070aL,0x36c52bf4cd0f0a22L,0x000000000000006dL } },
-    /* 12 << 462 */
-    { { 0x01ef33cf16e0f612L,0xbccc51c3eeb7a33dL,0xcc35c1e346a12c50L,
-        0xd2151223b915b370L,0xb03030143aff625fL,0xb7e34e67b76ed5c4L,
-        0xd5b48e2210b988f7L,0x5edada0557f1882fL,0x00000000000001eeL },
-      { 0x70919a6126a93c88L,0x2729baf111491a74L,0x895470b5541b2e39L,
-        0x88e52a03c85fef39L,0x605d48085b35ad5aL,0x3203783c87561036L,
-        0xac1c8568546e9de2L,0x61c5703c62d3bc75L,0x0000000000000192L } },
-    /* 13 << 462 */
-    { { 0x0f55f94ed641f8ddL,0xb2dec9ebc1daf64eL,0x5bcf6cb3f70c3974L,
-        0xc0e4304c24e93de0L,0xf3d5cea7b59b116dL,0x34a1d943e9dfdb47L,
-        0x908d0e134f9d468aL,0x52b536cb61c837e5L,0x00000000000000d2L },
-      { 0xff2678be174d1c4dL,0x952da2e880b4eb5cL,0x474b27b13e739143L,
-        0xfc9871cd70a02e7eL,0xcfd72308c6d5fbdaL,0x0a9812e6ecee2813L,
-        0x1461ce73b4f29fc9L,0x2f643e82c08cc647L,0x0000000000000131L } },
-    /* 14 << 462 */
-    { { 0xc1ab1a2af439f3f8L,0xc1aaac5405a1ec00L,0x5df5d950abab5451L,
-        0x13114abf23f29c1fL,0x0cdd9aade17cf9b0L,0xd16efb64b78fcf8cL,
-        0x9fd47a7ac0d274b0L,0x9bab71c2fa1da55cL,0x0000000000000095L },
-      { 0xdccdab46293e406aL,0x40e3b0cc310ece4dL,0xd18c09e52463ace2L,
-        0x65122363364dc7ffL,0x77fc1848657b65f0L,0x422392cfc4011670L,
-        0x382cd9ee2bb61fa4L,0xdcb156d14558bb3eL,0x000000000000003bL } },
-    /* 15 << 462 */
-    { { 0x8e96bef0dccad82aL,0x0ff19a8e4919f552L,0x9dd5e116498d3dc5L,
-        0x5d25b8a36173057dL,0xdbef9c9586f15c1aL,0x445d807d6f12eaa2L,
-        0xe494386943108eceL,0x5736908d88b2f68eL,0x00000000000001eaL },
-      { 0x9757f44fbc6b53c9L,0x61faaf06c2072e4eL,0x9fba7b4bd5ac4681L,
-        0x130e8e184ecba083L,0x9c12e614b297edbfL,0x746c82a360efb65eL,
-        0xb42ca8c31cfe64c2L,0xaabb762ffac5abb1L,0x00000000000001b7L } },
-    /* 16 << 462 */
-    { { 0x493d8a3fce43380aL,0x27d1657b1511e823L,0xf09125a7e6112eceL,
-        0xafd3f48218c2ddc1L,0xc1207ac1602ab092L,0x22fdfe83f80fe3f9L,
-        0x736ad27ff479c304L,0xd1fc1905784ca960L,0x000000000000008fL },
-      { 0xe87798d27fb35409L,0x86b0257161cffd40L,0x12d991f963058303L,
-        0xef9e933e033f10c9L,0x8221774cb298a118L,0x95dcfd1080dc2858L,
-        0x83747d7168bfaa1fL,0x03567035a213129bL,0x00000000000001dcL } },
-    /* 17 << 462 */
-    { { 0xeeaaf96644dfbf9bL,0x86df2b8af44c56c0L,0x2bf28ec1976c6682L,
-        0x50c5528dcb7a8ff3L,0xcf2be4a643420ec8L,0x4c214e8984341eedL,
-        0x7b65e1aa232ab304L,0x02622feebbffdf3aL,0x0000000000000077L },
-      { 0x907131fff1637afdL,0x51693f9b107885e0L,0x7035ec8c41aee9aeL,
-        0xa45531d5f94a191fL,0xf3556642188aa104L,0x58aee7a7d7992ed8L,
-        0xc1bde242750e9e10L,0xa2bee7d8b6ac4e78L,0x00000000000000edL } },
-    /* 18 << 462 */
-    { { 0x7ff30e30b92acd78L,0xf64e2e1e397f204eL,0x85ceca93595a69aeL,
-        0x82d987dd4dfec414L,0x41e53688f2448e97L,0x9024642e5a064c46L,
-        0x706066f5e60807e3L,0xa8743118e8cea80aL,0x0000000000000167L },
-      { 0x3a88f81b112ee142L,0x1d43947513e86304L,0x73ce796df75c9d7fL,
-        0xfa5edc926cc4a9ddL,0x2b1bbc20981ed026L,0xb632ae87c6a7a48cL,
-        0x27425c2d622960f3L,0x4501465610fc0860L,0x0000000000000072L } },
-    /* 19 << 462 */
-    { { 0xd10883102f412cedL,0xeafe72656e718a1cL,0xb632786f6f5a00a5L,
-        0xfb0909685048cf77L,0xf80eaeceeb8fc82fL,0x3a6ecdf3610279c9L,
-        0xefa7c7b42855c157L,0x46a8af036abf4d8eL,0x000000000000011fL },
-      { 0x492ffe9726805929L,0x1619613e41e559e7L,0x97e9a4f38e33bd9aL,
-        0x9ad49693091798d5L,0x356bebd74653b12cL,0xfcc7f27e9fcfd552L,
-        0x5ed9331c742cd38dL,0x1645ed1198af87e3L,0x0000000000000088L } },
-    /* 20 << 462 */
-    { { 0x15aea420d5ac5d48L,0x6e11bf30178c5a77L,0x01f1180d2651dee6L,
-        0xd7602ed459e7a8f6L,0x5d3ec901de3746deL,0x314d1580e2400304L,
-        0x08f8259265f15588L,0x22e8ff88d9ffe64cL,0x00000000000001d2L },
-      { 0xf3f23abc99e0f136L,0xef5d94840f1ae78cL,0x616e957ff6e34ca1L,
-        0xe2e237b080b7054aL,0x7987761592baa214L,0xcd321299dd291296L,
-        0xf9b74adb20d8bcf6L,0xefcf323631661404L,0x00000000000000e6L } },
-    /* 21 << 462 */
-    { { 0x91e0a5c0c94fba83L,0x367b5806dc42c01fL,0xe88e6ae4b4373ef2L,
-        0x3f51875cd7874231L,0xcfcb6890f984b4a4L,0x8da4e461d4276ba2L,
-        0xe47110934f261c73L,0xf8e578b314cbc501L,0x000000000000005bL },
-      { 0xea568d5507f17331L,0x4a2e61fe70a5e9ceL,0x1df72d8e970cba01L,
-        0xd03d5d92c8f4777aL,0xde53ef7f2e2d88f7L,0x32e0862d4fab2632L,
-        0xbd0feb3e82194583L,0x2f2def128b4b82d7L,0x000000000000004eL } },
-    /* 22 << 462 */
-    { { 0xba8ee1394fa0962aL,0x0f568c5be733014eL,0x5a16b363ffb66b9fL,
-        0xcf83600ddb746ec8L,0xaa67a3d2e6bc9390L,0x801fa15f8930fcddL,
-        0xfb374cf0005c0eafL,0x66552348ffad00ebL,0x000000000000006eL },
-      { 0xb8529088874d7ed9L,0x64a7e8e0843ddc7aL,0x26a9496205980ec7L,
-        0x6e219d44341b4fa3L,0xe07b2068161ef467L,0xe6d89d6d3e504a9aL,
-        0xf473ae9c290f40dbL,0x250a539ef51dcc67L,0x0000000000000018L } },
-    /* 23 << 462 */
-    { { 0x8f3d851cbc598deaL,0x95c3f4fb968d82cdL,0xb406ff2f644e4030L,
-        0x8b084b6cfb0c34c7L,0x978c1241d9b9337cL,0xdd156dc3d2d630b2L,
-        0x976b5a2df1795879L,0x5a188835753b7f8eL,0x000000000000013aL },
-      { 0xeb5df8ff0100cfd2L,0xbf96012da14b7ddeL,0x9228c2c593a9a2f4L,
-        0x66ea58ffc695a320L,0x5c370488bebf78ceL,0x14c0ab834750ca0bL,
-        0x0beb6f8e8fc91786L,0x714eb7802291fce2L,0x00000000000001eeL } },
-    /* 24 << 462 */
-    { { 0xeaa89410f084380fL,0x9491f70e458ab9e4L,0x6b6772051d8ec684L,
-        0x1a9fc7951ef7e9edL,0xc47e84efb05c41efL,0xee377f78c6014e09L,
-        0x91d14a75521171ebL,0x1b11fbbc32361217L,0x0000000000000111L },
-      { 0xf789cc6ba63bc7a1L,0xbbd74f359393b5cbL,0xb43ff6170bb024a4L,
-        0x73800410a844508cL,0x93a28632c5468780L,0xc96c62e52aefa8c1L,
-        0xa500ce0b7df9b61fL,0xb59527f2369f304aL,0x0000000000000172L } },
-    /* 25 << 462 */
-    { { 0x8674334a8ccadedfL,0x2d016c2b11f6012aL,0x4ec4ee5ac3a12902L,
-        0x26217299b221e73bL,0xdf28bb47a5f9357aL,0x3676902cba35c37bL,
-        0x90e2f3cd24232740L,0xa30b34e8d62d95beL,0x00000000000000bdL },
-      { 0x1671d5affeef8af1L,0xbcd9d2aa4c3a31f3L,0xa38ec0bab0adaed1L,
-        0xa2cf817f0bd7172dL,0xa30940a00f887402L,0xba1b3af828713fe4L,
-        0xb837467dd1b89a24L,0x13361a345c6d8b94L,0x0000000000000103L } },
-    /* 26 << 462 */
-    { { 0x3f3f51f3dc8fbec3L,0xe7b0c2ea83a6a2b8L,0xcbf7b399a2b70075L,
-        0x74e2302823ca18faL,0x0c1600f1e46c6cddL,0x5434852363af7990L,
-        0x10506b67950245b6L,0x9d277adb7ecb14fdL,0x00000000000000dfL },
-      { 0x9f8cd4536be91611L,0x362a07d783e99454L,0x9e89aa5e1065da40L,
-        0xf7f67219c5087c27L,0x1a0dd1c0a36553f4L,0xcb8da38dfbbc5aaaL,
-        0xd43603bfe8784073L,0x9354aa7e0acbeb25L,0x00000000000000fcL } },
-    /* 27 << 462 */
-    { { 0xa7f369b6a543148bL,0x08eb19b28b24443fL,0xca61b0501b1d7de5L,
-        0xa17e2e434d630122L,0x77ece0be0b065578L,0x85337244b4997376L,
-        0xac8d2abab970ee48L,0x724afcfed85c9efdL,0x00000000000000a2L },
-      { 0xaba323225c2cb2b7L,0x63f1f3f64757f00fL,0xf1be3eff90e18446L,
-        0x3e5a2a9a9a238a61L,0xfbb3e075a135b254L,0x7187eb847361e1e6L,
-        0x340db506c881addfL,0xcb356eac5468e658L,0x00000000000000b0L } },
-    /* 28 << 462 */
-    { { 0x68b81be9052d2ea5L,0xeadfb53105294d6eL,0xcd41f773a3258647L,
-        0xf6b1c867d70fd9d0L,0x9a89cc017be523e7L,0x2499d793487ebf56L,
-        0xc82cefe8c0d072a2L,0x91c2bfbbe82cb4f8L,0x0000000000000105L },
-      { 0xd705cf5a6705dce5L,0xfcbe204e4462a67cL,0x5e198bc3430d627fL,
-        0xe13da562e765991fL,0xb6cfca287032c5f8L,0x0868d9ab1783308aL,
-        0xc5b628c6c8050c8cL,0x243e2ec13a93a8deL,0x0000000000000139L } },
-    /* 29 << 462 */
-    { { 0x98d6256c20245960L,0x457d105137b7415aL,0x0cb5d0dc767184c0L,
-        0x8652a67b5bde6afaL,0x42679642e838bb0dL,0x0b577bc7178558efL,
-        0x1e03da5c14212285L,0xa591ff706f6c2a33L,0x0000000000000031L },
-      { 0x49a0d6f9f68489d7L,0x87763a7005cbcc01L,0x7843af2c848170ceL,
-        0x9f7c25bea45226c2L,0xfe56752466707eecL,0xea029f2f0db1412aL,
-        0x4f2c2e5d93a8d4f9L,0x405015ba0b3b9910L,0x000000000000013bL } },
-    /* 30 << 462 */
-    { { 0xa4dcc51572a88c35L,0x132016d41a8ac7d6L,0x65acb09f7a272350L,
-        0xc77cc6401ff191caL,0x3fa4c8e460673588L,0x4770229b646a14f3L,
-        0x8dbfb85fd19872edL,0x0fade56dd7f01b99L,0x000000000000019aL },
-      { 0xbd59629410a943ffL,0x74b893733857ba32L,0xd22c2856fc1ff38aL,
-        0xa8f2aa31b1c6c561L,0x033a7f8b5d322178L,0x3efb1ee6a075bde1L,
-        0xd9ff5d90aff85287L,0x1c909307f8075ebfL,0x00000000000001e8L } },
-    /* 31 << 462 */
-    { { 0xd8e925414f766448L,0x06618fed856b424eL,0x25293a2cc4774117L,
-        0x0fe866dedcd89015L,0xd06fe1e1625164bdL,0xa5be1bcaca21865fL,
-        0xa15048438449a87dL,0x1342fd55911a905dL,0x0000000000000069L },
-      { 0xf90da038d98d58c1L,0x69444f7f114e147cL,0x42211c1da866632cL,
-        0x78828291b657d2c1L,0x014c0cb987bb87f0L,0xed3d697194d14553L,
-        0x5b9df642dbbedc15L,0xcb94c1f3ff65dc9bL,0x00000000000001dbL } },
-    /* 32 << 462 */
-    { { 0x461c1512910f4978L,0x8ca7f0dd63d2ec28L,0xda9297d2607ce3c5L,
-        0x592ba13f81bb2dbbL,0x157d4ac7f740c331L,0x1d5311e782c49ae7L,
-        0x5c3046713bec9a94L,0xd81fa25b0a23ab8dL,0x00000000000001eeL },
-      { 0x6d8c6efaf51614ffL,0x20cfd353868b4fbcL,0x9b9dba152201aac2L,
-        0x6bbd8ded8d1900d7L,0x6ca3e71afa946925L,0x7381e45aa0c3735aL,
-        0xcd9db7a2b93d4feeL,0xae40115145bdce69L,0x00000000000001bbL } },
-    /* 33 << 462 */
-    { { 0xa6dbe971dda4b355L,0x8f07b76adbb73b5aL,0x1aa44431454114d1L,
-        0xbc540435c1036c8cL,0x79b688ef916b6533L,0x47a020d49bf029e2L,
-        0xa669d577c093a75cL,0x734c102c6a6c09b3L,0x0000000000000184L },
-      { 0xc90106c15b9211b4L,0xf076663eef5e999bL,0x50143616d8aaa415L,
-        0x62e33d915dfa07afL,0xd0bbb32724d176b2L,0x091bb80a291db76fL,
-        0xddfe277c8c809e75L,0x4c890027e3160b27L,0x0000000000000063L } },
-    /* 34 << 462 */
-    { { 0x30f1ef52ad35c0c9L,0x612892843c67bce8L,0x139970fcd128fe01L,
-        0xf5b1d3cf33cc222fL,0x972e134b9547e5eeL,0x5d32f64d19aecc5aL,
-        0x5172742be7c61b95L,0xd64abb911323f811L,0x000000000000005cL },
-      { 0x16463fb98f92a5bbL,0xd32f5194b1fc0a53L,0xf36b396b4bfefde2L,
-        0x83eec78ac9f4aa74L,0x1e4f3f25af333f1bL,0xc5f9a8710407544eL,
-        0xe2268d05367d93f1L,0x6634b2c450c02febL,0x00000000000000a6L } },
-    /* 35 << 462 */
-    { { 0x4dab3300137a409aL,0x045e43dd13a206c0L,0xea9f0e00a76a7c9cL,
-        0xcdddc2b562c647a7L,0xaf673bf31d6f043dL,0x7d16a2d372adb549L,
-        0xe25427e8edd38a7fL,0x090e5b177a9e105aL,0x000000000000010fL },
-      { 0x2f64bf1100d25195L,0x6439c231eed4846dL,0xad6c59f7318ab661L,
-        0xb9883d0585cb9b6cL,0x646d32e70d3f1dfaL,0x8165416abd4a686eL,
-        0x4b7f45101d638a74L,0x4d3d143be8dae5c7L,0x0000000000000094L } },
-    /* 36 << 462 */
-    { { 0xb20d7fef01dd7411L,0x9f9a104047aa41c0L,0x37677f41aaedbfb3L,
-        0xe3e23e4722350c64L,0x93964e8a30ff0ceaL,0x956a88124b5b4758L,
-        0x6bad595e7552aff2L,0x0de81b3d2b93308bL,0x0000000000000199L },
-      { 0x64899c662f0bd592L,0x41616275f3969762L,0x8cfc9ddac434793aL,
-        0xeeeba2d4cdf048f3L,0x6f2d05b12b87e0c5L,0x1abf46121bf8117bL,
-        0x674deca6b630a10aL,0x061cca5779acde0dL,0x000000000000006eL } },
-    /* 37 << 462 */
-    { { 0xbf73223a615df738L,0xb0f9d8e26e8ee169L,0x7f7aaed7a4f7f685L,
-        0x7e16553a207bca3dL,0x29893c7c9342b6dfL,0x6a4b16aa6e7f48e4L,
-        0x4ea7fa828eb3893eL,0x53e4146d6dc5de8aL,0x000000000000004bL },
-      { 0x51549c3a9eceaebcL,0xf7484acb280d64edL,0xa5a7b9319947daccL,
-        0x949b17ca4b59849aL,0x52689f53bd033b58L,0x23696fa3f648f6d2L,
-        0x1081e1fb55ab3259L,0xb240a833ece6561aL,0x00000000000001f2L } },
-    /* 38 << 462 */
-    { { 0x000b7bdfb3e1b3beL,0x612d3ff2b5bc3fb2L,0xa3d0960b093edcadL,
-        0x3b256f3bb671e1faL,0x97c8e0f576a1f2faL,0x7ed1db11a5c9641aL,
-        0xb46ccc7d006051bcL,0x932c2d1a403a21c8L,0x0000000000000063L },
-      { 0x81a9d8e2ad21fcacL,0x1a1ad119061dc386L,0x1cfdb59dd2c66b25L,
-        0x80a2f73d5b1d3223L,0xd214b239a132a94aL,0xfd263d6816369c47L,
-        0x511bfed818c54c13L,0xdb57736c68a9b65cL,0x0000000000000044L } },
-    /* 39 << 462 */
-    { { 0x254c45f5fc8a16bfL,0x0998c4a73e0e13feL,0x3678d827444e685fL,
-        0x7e81038b391118bbL,0x1b49935aa752e752L,0x3c3d9ce4e799cad9L,
-        0xed9bc30f2b1b2569L,0x8e4faddb0dd293c2L,0x00000000000001f0L },
-      { 0xf6d16e3934933756L,0x5949198eab748e09L,0x5e5accbad4b3d3fcL,
-        0xa96f70b6f0177d5fL,0x226abfa1a0e50e79L,0x8ea06e063323f2adL,
-        0xb05b8c59c31da2faL,0x7cd44db8c6e09ee3L,0x0000000000000135L } },
-    /* 40 << 462 */
-    { { 0x19f565b51420debdL,0x9a19ab6e5291fe77L,0xd729fff2b428ae74L,
-        0xe237994c6d8256beL,0xb74f543cd93d3e98L,0xc460e7cfd599c9ffL,
-        0x6bd6d31f7924ebf9L,0xad07316cceacb2b2L,0x00000000000001e6L },
-      { 0x1436f3231735fe0bL,0x2e13910896a8983fL,0xb18c48fc100cdb54L,
-        0xd777496c81e38ca4L,0x9dbc2d4457bba02eL,0x0b5949a121c1d384L,
-        0xd1cdb9b170e6d68dL,0xc6b803539621e4c9L,0x0000000000000164L } },
-    /* 41 << 462 */
-    { { 0x6da3a967d08f917eL,0x090db6a01bdb8109L,0xd087e8ad559a4ee1L,
-        0x5e3104faf6af44a6L,0x15104cf52a8bbfbcL,0x5af76555ef32bd3aL,
-        0x165a9153f38429cbL,0x03ff29aa3eaa52d2L,0x00000000000000a9L },
-      { 0xb841ae420ca5f75aL,0xd119e95ff2f4063dL,0xbe45f4d88e1dcd37L,
-        0x56ca9d99446b1fe3L,0x1c796119161e7c84L,0x91b1ea75a6098a52L,
-        0xa2248d4a4c94a9c7L,0x4b86cac0e9cb5d3cL,0x00000000000001e5L } },
-    /* 42 << 462 */
-    { { 0x8970aacb2a4748e7L,0x6887665163ba1e04L,0x08e1037e56a8f850L,
-        0x88edd5d94a14780cL,0xf85dc5e2d01fb425L,0x41ea90dd96ebecf4L,
-        0x052996e99442c9f3L,0x3ca7dddba5fcdb15L,0x0000000000000034L },
-      { 0xd541059044b9fc63L,0x9f546de20a523dfbL,0xe1d18513d39a6bcbL,
-        0x830c4a77e61b66c3L,0xdf0da6545a4d1d7cL,0x620c1d84287aba62L,
-        0xa0941743ba971acdL,0x28b96fff367a1d57L,0x0000000000000075L } },
-    /* 43 << 462 */
-    { { 0x0125e7cb3d67d593L,0x948900e272eb89e6L,0x4cf465978810287dL,
-        0x086d2b5bc21c7406L,0x996874adcf082ce7L,0xb72176f2b8523d29L,
-        0x6be04d3184c4a83dL,0xe407ada12517a615L,0x00000000000001deL },
-      { 0x35ef6a5d0d931f5fL,0x55f15fdd69c1db16L,0x43d2e66069c6bfc8L,
-        0xb67513ea8993e68eL,0xd0591d864892844fL,0xc530cb5925b1216dL,
-        0xbc971e9a92a1390bL,0x5ad3d777b5efa5d7L,0x00000000000000beL } },
-    /* 44 << 462 */
-    { { 0x8aa2fd3a0324bbaaL,0xfb02da2e28cb3ea1L,0x938876146493b3fdL,
-        0x68c6a8a4da6d66b5L,0x31477d83222398fcL,0x9498701a98da59d1L,
-        0x73eafd532bdd61a1L,0x6dea3d8cd8b1b1bcL,0x000000000000005eL },
-      { 0x30d3c83a929e403eL,0xffd69ca5c2c1881eL,0x36e2dd8f21383e3aL,
-        0xc0702450c42cd33bL,0xdc2ba2ae01146955L,0x74ae932a3060efd3L,
-        0x1f01d81b1f96136cL,0xed2a00caa434d7d4L,0x0000000000000121L } },
-    /* 45 << 462 */
-    { { 0x1aa3adde98e3be01L,0x11b63a1782d4a9a6L,0x48452f3d8f8d8fd7L,
-        0xa83c3daffd794b08L,0x9cc7138f1149204eL,0xbac5f41644e190a0L,
-        0x1b835e8d2533b4b8L,0x1486716a654cf4e9L,0x000000000000013fL },
-      { 0xbb1300a807389decL,0xf4d28849eab42f87L,0x0cbde28ea8e39949L,
-        0x3837fddab7a80ec2L,0xee970327aa8141f1L,0xc204fa0442caaee8L,
-        0xe516c2275a08d44fL,0x7b706f80ff20b54fL,0x000000000000017dL } },
-    /* 46 << 462 */
-    { { 0x96c595d04345853aL,0xe761a852cdbb2404L,0x2a83d0fab05cd025L,
-        0x067908543d1728d6L,0x0cc868e988564b8dL,0x72a369ffe715f13bL,
-        0x4a09518266b3aea0L,0xe4498f3188a89d31L,0x0000000000000186L },
-      { 0x669bd0b549234ea0L,0xee783a18c484a4f8L,0x1219541596adeaf0L,
-        0xb1b395886a1084e2L,0x9c553221983d47a4L,0x97bd48e4e145793aL,
-        0xee9bc1d4d465ffb1L,0x81a0e9d512deb77dL,0x0000000000000189L } },
-    /* 47 << 462 */
-    { { 0xff7a3b81c38382d0L,0x0e47569c54b9c17eL,0x9d9bb42f06eed152L,
-        0x0f584d32ba6d6964L,0x1a73edeef6aafa41L,0x1a9ae3e5b4442b3aL,
-        0xa70e0e98592269a5L,0xa91be178c77cb2f9L,0x00000000000001c1L },
-      { 0xcc0528718ca1e18dL,0xa2f8ec2d89bc1ec0L,0xa4f2de28a1dd1f74L,
-        0x93f7e481a49289f5L,0xcedad21b51007754L,0x5b2cfc40f9df77aeL,
-        0x77d5bd687e39e15eL,0xe3d5331f241cc064L,0x0000000000000195L } },
-    /* 48 << 462 */
-    { { 0x90d2dcf1251fe06aL,0x4a9e61312213edb2L,0xa86cc889db34c6beL,
-        0xc7c9ef492fc20da6L,0x62831aa947aad9d8L,0xb8ef1f7f79aa0e99L,
-        0x4d8254a91e016254L,0xaaeb6757c5cea077L,0x000000000000011dL },
-      { 0xa8f5e18502f4709bL,0x3cc2096d28f8fd0cL,0x6d384ee1bbabbcdbL,
-        0xaa16805edc2fdc58L,0xd5a61658a4d13408L,0xae9c4071255c1b61L,
-        0x1588a828a6436d33L,0x0e07bad24e74d1a7L,0x00000000000000c5L } },
-    /* 49 << 462 */
-    { { 0x6940796af899523eL,0x94846b1d315ec56fL,0x025781d6859d96c5L,
-        0xe016820639653920L,0xf4ec2f4e51ad51d9L,0x225ee1b72ec9bcffL,
-        0xdeb2e6d76317aad0L,0xcee9b056541569b7L,0x00000000000001b9L },
-      { 0x2c60d275d2a7a25fL,0x09200147306bb343L,0x8b3bdbf0178a2c60L,
-        0x1abb7417cc0cb699L,0x50f8f8200976f08cL,0xbf142ef66273fba0L,
-        0x1eea00f53268f7abL,0x141ecaa300cfd5dcL,0x000000000000003cL } },
-    /* 50 << 462 */
-    { { 0x6f522b1b2190c116L,0x77a85bf90072e3f0L,0x7bbb62f976b08b4eL,
-        0xab4878bd0c4970b8L,0x758b6e91dd7752ecL,0x3979894756baec80L,
-        0xc8860bb4aea97d48L,0xfc446d97154895f4L,0x00000000000001b3L },
-      { 0x8d8f9950072c678dL,0x3b46c8529ace0a49L,0x356b87c69f2f64c6L,
-        0x2f0e47accf59cf99L,0x73c0fea460efde36L,0x64ea7c7f00aa8852L,
-        0xb6f020820d9b7b8aL,0x1edc53d62f92a2a8L,0x0000000000000057L } },
-    /* 51 << 462 */
-    { { 0x8d66caaa357071a4L,0x635b07527ee00192L,0x517a6792c818c034L,
-        0xf93830a391d08486L,0x1368f7b673d5b938L,0x077f9d50cb4ebfa5L,
-        0x8a7855ecce5a34dfL,0xffa4063f122de424L,0x0000000000000171L },
-      { 0x1410dc66ab6a99feL,0xfa2c782485c80476L,0x4fa85fa6b00bd91bL,
-        0x9fa465c2e83c2beaL,0x866e4cd18c657a22L,0x0c49aaa1995f77e7L,
-        0xf7e5521b2b0e30c9L,0xdac4d4b507f7b749L,0x0000000000000128L } },
-    /* 52 << 462 */
-    { { 0x3ac08717b8501555L,0x884c3347812fbee3L,0xa934580777363609L,
-        0xdb4de6841aede158L,0x6d3850ea6312d55aL,0xd4247574a47c5a6eL,
-        0xb5cd31b2047c8ebfL,0xcca5ed851d8cefe6L,0x0000000000000124L },
-      { 0x4afe51372a51a7cdL,0xd28b0d5de510ba3bL,0x1ac5ade85d1c1d2bL,
-        0xddecd8024d330dddL,0x7f03c6419259bc0fL,0x9901f74bb3cc0e2aL,
-        0x997b76d0adee582fL,0x4562419478dff0f3L,0x00000000000000adL } },
-    /* 53 << 462 */
-    { { 0x0a05118e4f11ecf4L,0x0f0df5d498d05869L,0x0703359921333009L,
-        0xcfcd5c427de5b677L,0xdcec94971bb48849L,0xab4f855137e51f02L,
-        0x0ff5e9dc686f1e15L,0xce51572a73711fd2L,0x0000000000000053L },
-      { 0xedc9c0318dc19110L,0xf701cf6e9516787bL,0xef8846d98b359d47L,
-        0x59c48207309176deL,0x2b820298bda74af1L,0xbfdaf25de022e2ddL,
-        0x906a64e0a21e66dcL,0x35b661b622569e50L,0x000000000000002fL } },
-    /* 54 << 462 */
-    { { 0x3d2a23547d37e036L,0x15fa6258b069c547L,0x971084595a585197L,
-        0xa1ffc74e71f550fbL,0x1fd862279a2a1355L,0xeebca426540f8363L,
-        0x9511a7b70357d4f4L,0xf55a55a2786a3114L,0x000000000000005dL },
-      { 0x4d95d924d2dfc1dcL,0x02bea96358f88b67L,0xb29bb82aa213c829L,
-        0x5c334c6c4fb103c7L,0x1788c6f3237b3fdfL,0xe04ca128ff38a49bL,
-        0x657435fcec49e78aL,0x86cb93b2b77ff94fL,0x00000000000000d1L } },
-    /* 55 << 462 */
-    { { 0x09336b9eb22a4bc2L,0xe5b69e8454d2cd44L,0x21f75483f29260f4L,
-        0x95aeabdb24e2ab76L,0xb2d234334ee7e921L,0xb989e4477eb10e8bL,
-        0x11f2aca492c511a1L,0x2fa2108fb4411745L,0x00000000000001c5L },
-      { 0x9ba0fa7de8e834d5L,0xcde5ab91e5fb25ccL,0x064eba31b24855ccL,
-        0xe6c909ff648d6e5aL,0x937bb03c03acf9a0L,0x2e8988a3193b5fc2L,
-        0x670a1f72fc822accL,0xdbf52ce2aee811a1L,0x00000000000000b5L } },
-    /* 56 << 462 */
-    { { 0x0261a6571304c934L,0x86e5b425f4254d3dL,0xd6b8c7293330a402L,
-        0x67ee96544281090dL,0x3056a9113a1d5fbfL,0x7dfc3e9e98494b38L,
-        0x12c53a18777cea04L,0x2cc4ffec23165e61L,0x0000000000000005L },
-      { 0xf16c1e271d3c8db7L,0xc4954310ab46ca93L,0x1a5a066b158cfe00L,
-        0x62b499a9f192e1feL,0x0c9a5e489a9bb573L,0x2907b4fb630008c1L,
-        0x9c832da019ae083aL,0x6159daa1c26961f7L,0x00000000000001f5L } },
-    /* 57 << 462 */
-    { { 0x73cf6f1f0a7cff9dL,0x5990e7855d970d95L,0xb0a27227d43818a1L,
-        0x8416719cc806298dL,0x9b9c4684a499cd3dL,0x80e188e59dae634fL,
-        0x96d56fd6999b8803L,0x25747b11714423c0L,0x000000000000000fL },
-      { 0x109847c5145aa843L,0xb4610155b5c2d75cL,0x9193c45dd9014b50L,
-        0x8102f8118a050159L,0x46c50351e1d9e3b2L,0xb7992a3b0535b00fL,
-        0x416cc678dafb0a88L,0xda1554890526c87eL,0x00000000000000cfL } },
-    /* 58 << 462 */
-    { { 0x3b96330d5a106b1eL,0x4261e39e301af093L,0x96b81a66369534d3L,
-        0xea444b4a97b9861dL,0x19a98ade47fae332L,0xb540c85ebf30cbf7L,
-        0xbd205dd1bd6a3c2aL,0x53606fc7d30e5984L,0x0000000000000193L },
-      { 0x43f3560d4cc4d643L,0xd02e6d1ed892f3afL,0x410d637e8680b671L,
-        0x91cc5b1bb60494edL,0x6a19cc7f1044ee62L,0x378962fc56a89c1aL,
-        0x4c9eb689adadce81L,0x4f9ffad100d88194L,0x0000000000000147L } },
-    /* 59 << 462 */
-    { { 0xef4f9fa755ae6dccL,0xec7bf270f1f5304cL,0x2bc4d7a9401b4a40L,
-        0xd0cd7b680044f20fL,0x0e0e7f8dd324e238L,0x2c13feb72fcdc80eL,
-        0xf1a695f47f4d3dbfL,0x931c17b7233a8395L,0x0000000000000048L },
-      { 0x3e5b9691f598ebb0L,0xf343309a57eacadaL,0x5ff3a06acce81fccL,
-        0x2bbd1f7dfad4a66cL,0xa3185537e78d466fL,0x69121af74d50571bL,
-        0xce3f6351d8d90fbaL,0x2e89c90e992614dcL,0x00000000000001e1L } },
-    /* 60 << 462 */
-    { { 0xbf9c09d3e9b072d5L,0x627e64871aceaf57L,0x21938240829175eeL,
-        0x781ea3f25bc4d226L,0x996532aca6726027L,0x567da8151177e922L,
-        0x9b3fec8aee0ea637L,0x793f1038091eeef4L,0x00000000000000deL },
-      { 0x30a23a7581d2a890L,0x41f22a0c973e9ba3L,0xda3e78685c1a136bL,
-        0xbe524c93084420d6L,0x53518e4026661908L,0x7bd7c768fa169b4bL,
-        0x0477e8834709e45cL,0x41b66d3827ed78a7L,0x00000000000001a0L } },
-    /* 61 << 462 */
-    { { 0xf684635ac1aff7f3L,0x815ad1a840c52364L,0x1aa44c22ee68d865L,
-        0xd4ccb5a9d42e7c4cL,0x280ee2b19a67bd2eL,0x8eb3e67583e89a28L,
-        0x7adfd31240147486L,0x5297a92c030f6dbdL,0x0000000000000074L },
-      { 0x93f574b97ddac781L,0xb60f1f78431eb598L,0x76ce97fd505b1c12L,
-        0xf129e08ef9584629L,0x99d5c2eb189756f2L,0x077576da3f376986L,
-        0xebac685cf932a27dL,0x22bf40db85bfc6b6L,0x00000000000000c4L } },
-    /* 62 << 462 */
-    { { 0x1d9044cd1279e866L,0x124f41d1376eb5c4L,0x5ea4fb8d97030140L,
-        0x38339643a1412be1L,0x5dc984b181b0ca10L,0x3caca47205353734L,
-        0x6cc45d1cc111cd9cL,0x27abce536b44e337L,0x00000000000001a8L },
-      { 0xde5d6867c8beb49dL,0x1fe2ba1f6e6747d7L,0x0c6ea670fec38d24L,
-        0x28b701a08091cf52L,0xca72ca34ef2c8462L,0xd6e8d3fd9fb18624L,
-        0xbb1c102467c9700bL,0xb78362320eeea37dL,0x0000000000000118L } },
-    /* 63 << 462 */
-    { { 0xd32c1d2cc13c0d24L,0x03a69200a8085693L,0xf18102e90989d81aL,
-        0x0d57994b8af284d3L,0x54a3c55b2ac803f0L,0xc43f6f5ae4601c43L,
-        0xb3184a8f59c5c667L,0xd8052c20a179b319L,0x00000000000000fbL },
-      { 0x78b9d9197a9af989L,0x5df6c709c925390cL,0xb442eaf5e4846e5bL,
-        0x680158b4316ff4e8L,0x528f587fa99e1dc6L,0x3788609a6fb34357L,
-        0xbb9ea9c9d901d43dL,0x09cb2dae346643c0L,0x00000000000001ceL } },
-    /* 64 << 462 */
-    { { 0x2bf35f94ab7a841fL,0xdcbda33878e3fb0dL,0xb913947aa0195f98L,
-        0xc8e30a9c4370e51dL,0x8a403e1ff0e558eeL,0x7dd167c4606db1dcL,
-        0xaa343cbe5827ef91L,0x1404f2d6aace0f43L,0x00000000000001acL },
-      { 0xdfe19ea53db1c500L,0xdd04717148ef4a56L,0x38ab939eb9a5ec76L,
-        0x8f2d56855648f852L,0x7f81313f2726f67eL,0x41cf3794f68f54bbL,
-        0x9d400e52de14d6ecL,0xc046fda14c9eb1baL,0x000000000000008aL } },
-    /* 0 << 469 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 469 */
-    { { 0x563f57ff87744684L,0xd8f2f1476562ce2cL,0xbf323b07ce7b4b70L,
-        0x67b2111a9098ed36L,0x0c8a85c10b687259L,0x23a569d745d51e50L,
-        0x6643f19b88d97057L,0x1eab273a875181d0L,0x000000000000013eL },
-      { 0xbd33de9418a1bffbL,0x3edd0df89700ac60L,0x3757dbeb61839145L,
-        0xd31a9aab1a59a97cL,0xcaffafa2faf790ebL,0x9f36c13414676e8bL,
-        0xef6eda5b18545787L,0x806a74c509ac46a4L,0x000000000000005dL } },
-    /* 2 << 469 */
-    { { 0xe6b236300de2a07cL,0x64d219926e52ba0eL,0xe5786eda68d1e768L,
-        0xad163f8ecb6a04f5L,0x5a09908a101039e2L,0x8708327611a5f49eL,
-        0x231d61fb5446a61aL,0x39e98ad1e7ddbba8L,0x0000000000000185L },
-      { 0x54ca5f0f3861f6e7L,0x0e0f1667d20d86e6L,0xcf229fd613d9adaeL,
-        0xc8852aedc488ec9fL,0xfee0c03dee1061e2L,0x7167271a35298521L,
-        0xf4fcf268fc0cfd1cL,0x645a9d2fdf809af6L,0x0000000000000057L } },
-    /* 3 << 469 */
-    { { 0x38c2b6bca021ca92L,0x715f2bf72d1c900fL,0x79d4428f5dce0826L,
-        0x7466180355b0f95aL,0x59d9ba60059f6b0cL,0xa3a157eb1cad0687L,
-        0xcb4e3f7aeacfd2e4L,0xdea5cbcb1e36ad17L,0x0000000000000090L },
-      { 0x49b0c5be4040f60eL,0xd354d658cadc11bbL,0xb17f1aa48b5ab35fL,
-        0x09956859856bdc09L,0x4bdd06fff18da95bL,0xbf66d16d235e890aL,
-        0x57d83d0076201868L,0x0bb0291f91e1a0c3L,0x00000000000000e6L } },
-    /* 4 << 469 */
-    { { 0x7a6b3fcb3b407efcL,0x05f6d0a3063ced31L,0x4a79c880f3f03bf3L,
-        0x94181fff7a1438c8L,0x47fa4e4956106ed0L,0xaa97355dfaf7201fL,
-        0x1264069e02f7c119L,0xf702c7f04d06b273L,0x0000000000000187L },
-      { 0x368dcb7ae7e258bfL,0x5f8a64eae8e4597bL,0x98bbcf2b6f13bcceL,
-        0xc00c8e627d099f3aL,0x4803c4005e326891L,0x229deec9342badbbL,
-        0x3b810a6f49e0992cL,0xfb55c6cd63758695L,0x000000000000002fL } },
-    /* 5 << 469 */
-    { { 0x07da16efbb07562bL,0xb7f9c5dbde14c8a6L,0xe687783fb79d420bL,
-        0x14fec271567ceec8L,0xd765d3336d608c4bL,0x70e67e3a92960599L,
-        0x24060de6d9a5a16bL,0xadc2fcf91c6f83b5L,0x000000000000014aL },
-      { 0xb78d9ad205aaecb1L,0x8e984114bcdeedc1L,0x0bd480509394336bL,
-        0xfb533f263a0aea2cL,0x6308aa76b8c58b3cL,0x80124d89f64d3a4fL,
-        0x58064b407bc9e04dL,0x64e21d55adbeb1b6L,0x00000000000001bfL } },
-    /* 6 << 469 */
-    { { 0xe0096d0f5c98771eL,0x05c2327096228ce9L,0xb38f45accbc9c99cL,
-        0xf44d39cbb7abd830L,0x583a57461600275bL,0xe7911b696bd758e9L,
-        0x54545d59b691c578L,0x0b03c85c8394c30eL,0x000000000000002aL },
-      { 0x988ac22042c8fe20L,0xde56a00b7832fc78L,0x8ea363bae0cd6d15L,
-        0xfdcaee21cf51cea7L,0x104bd64ccfee6e76L,0xd9a935a575e0cdddL,
-        0x775cbdf5da1bdc5cL,0x019215c361758097L,0x0000000000000113L } },
-    /* 7 << 469 */
-    { { 0x26ad960425b64fa7L,0x65d59abea783eacdL,0xa2c81fe86f55f993L,
-        0xdb6068b8fed6d301L,0x52f76e9add95612bL,0xce2060f002858a68L,
-        0x369c2092ff3912cdL,0xdc2d072aeac4c085L,0x0000000000000117L },
-      { 0xf6142267de8e4075L,0x74ffa58005e07abeL,0x13331f5dbec8999fL,
-        0x08c7046124188d1dL,0x63a12765a9375cd0L,0x5afe946f3b9f95caL,
-        0x2ced26b921e69960L,0x614458d7512f10cfL,0x00000000000000f4L } },
-    /* 8 << 469 */
-    { { 0x02fb84fd5f7abaeaL,0xa238ad04e991e445L,0x0d9b2d417c972addL,
-        0xac2439f9478c558aL,0xc3c78a2c1ec86ed8L,0x3735839b2d3b2f29L,
-        0x259728d450317454L,0x7b53a9cbe2377abaL,0x0000000000000179L },
-      { 0x95f44add5e4846ceL,0x85d2a8e87211225eL,0xcbf0abd8091a6646L,
-        0x9d8b3475102deeaaL,0xe2a0a4ab602ba91cL,0xa6276d7f131de0d4L,
-        0xbb90d1175f215c70L,0x49a60e3e07e3aa82L,0x0000000000000019L } },
-    /* 9 << 469 */
-    { { 0xeb40bcc4be860ee5L,0x47622caebabd1dbbL,0x5b4881286df7411eL,
-        0xbb0a57dc8e4ae017L,0xdecd1b251a27c9ebL,0x9c33044ebd3d1b20L,
-        0xd9e1d80e3205ffddL,0xa5f51d61a07581caL,0x0000000000000096L },
-      { 0x51a3a0a4441ea9b2L,0x0034263f805898deL,0x20ffe434628e71e1L,
-        0x51b50e3897075cf1L,0x556732f72ae952c2L,0xcae37d27433977e5L,
-        0xa79160c2bde9cfafL,0x2dd6cce9b25d68e5L,0x000000000000014fL } },
-    /* 10 << 469 */
-    { { 0xc5edbc6f85e4dc22L,0xc5933f26efc6be8eL,0xfd818a793f5edbf6L,
-        0x09af29cde4c05b4bL,0x386ed43c5cb088d5L,0xa50a8e572fbfa65dL,
-        0xfc3e90492effb79bL,0x8aced5f19883127dL,0x00000000000001e0L },
-      { 0x8aa6a432b05205a4L,0x7d5100c71ab38cdcL,0xed0d59ae9f026787L,
-        0xf9812b5d04497c3bL,0x66ed8c8cfbcc0dbdL,0x9597f83779f6138cL,
-        0x076883cd899808c8L,0x9884a305f4024d9dL,0x0000000000000118L } },
-    /* 11 << 469 */
-    { { 0x87d449701c005da6L,0x109fc435e49f09ceL,0x3070e9b5df09fb82L,
-        0x6627c2c8fb79e375L,0x23c488d5aacf7040L,0xf7d96b62c4f9bd5bL,
-        0x54e5c4d917734569L,0x02d5cee9240dce26L,0x0000000000000152L },
-      { 0xb4f24ee03d62aa32L,0x41ebe4e11051470dL,0xfc3a01594ef1cf93L,
-        0x80efd898e64e8687L,0xd9b3993e8daa3365L,0xc0de82692618ee26L,
-        0x461447cb4c5e1d3eL,0xa28313e53e23eb2eL,0x000000000000016dL } },
-    /* 12 << 469 */
-    { { 0xd898aad7aa89f44eL,0xa62a2d93c518f791L,0x6acbea45ad2d934eL,
-        0x4dedeab78d3bd1f7L,0x072894788c0ff7e9L,0x11a995f7e6828443L,
-        0xf0c92ed4d44b4181L,0xb7440b69416d7dd7L,0x0000000000000121L },
-      { 0xe800b3c21e920c11L,0x5c7dc454e9d3af72L,0xb2211645283116e5L,
-        0x71675dff4ad35006L,0x2a8783eb5231dea8L,0xf79c777c659a3cb6L,
-        0x1e8eadecee43df0aL,0x7ba45eb224be6f96L,0x0000000000000001L } },
-    /* 13 << 469 */
-    { { 0x4044fb9aa0e53379L,0xd71b9050787f853cL,0xd87e57ee44779c58L,
-        0x5f3009e4470fb0ebL,0x378b1a209941a1c6L,0xa677ef62504924faL,
-        0x7be3f1274b7545a1L,0x3ff5508eb5960cd7L,0x00000000000000f2L },
-      { 0x4cef6ffac4fc4869L,0x6898cb2900c32214L,0xdd8345ec9f931b5fL,
-        0xd0a51e6c1777d16dL,0x4e3f7a028833256bL,0xf2eec60d0be037ddL,
-        0x8ebf92143a28cb07L,0xfe94e5812e9a7bd7L,0x00000000000000f0L } },
-    /* 14 << 469 */
-    { { 0x9cfd0d70379920ffL,0x5b138849a7d11592L,0xfa3e1debda21ceb3L,
-        0x65a7da37afbce19cL,0xad36c1e2ac24e4d2L,0xe82248727b2f4c24L,
-        0x6b62f348d52a2de0L,0xf6e56f5762566193L,0x0000000000000018L },
-      { 0x5231f0dff354e7b4L,0x677e082ce7a8c0c9L,0x8d3b59ca91e10de4L,
-        0xc8b5d573099d1495L,0x33ace8529f6dc625L,0x78bba7b132668cb4L,
-        0x20f626184a9b0c01L,0x641ba19c9de82920L,0x0000000000000078L } },
-    /* 15 << 469 */
-    { { 0x701b527393cf6217L,0x1cb48f663555e29bL,0x22181c63c8f9bf06L,
-        0x12da892bdc0c2b3cL,0x57522bc3cf766a0dL,0x521ffabc04f79b89L,
-        0x1d10e64ec217b9a3L,0xf613de04359f3d30L,0x000000000000006fL },
-      { 0xeb657ed419c0bf3dL,0xa9ccee58bb8fd14dL,0x27bc141e9e50598dL,
-        0x6b5e14c593fc9ab0L,0xd050fbb65ae50f0eL,0xf9f8760fa0521b92L,
-        0x1ff8bff96c853693L,0xbe061e788df6d469L,0x000000000000010bL } },
-    /* 16 << 469 */
-    { { 0xcb30076118e71dd8L,0x01d2684604886b27L,0x22871d7b7cc1d69eL,
-        0x1d138a47d0b3caf9L,0x53aeb97400a7c0b0L,0x712aa1a2262f9366L,
-        0x58c84da46bcae07aL,0x521b7dbcae8708b5L,0x0000000000000045L },
-      { 0x03bd36438d3cd884L,0x20a737ee1d62a335L,0x37e1775f904f5c53L,
-        0xb76783dd3baa91fdL,0x7c5521189a84e971L,0xd085796e4488ede7L,
-        0xb418e7085068d6dcL,0x4417e81ae5275a73L,0x00000000000000d2L } },
-    /* 17 << 469 */
-    { { 0x81c12b63e30e72b8L,0x354fe20db4ad0c2cL,0x3bd33ee584fb3da9L,
-        0x80c265beab0605a9L,0x4652ec39d3ab432bL,0x85b6357af4ac355aL,
-        0x824d9e895096834cL,0x5b6886fce0e0bd26L,0x00000000000000a7L },
-      { 0x9747dd8b530ba303L,0xca95b8cff5a8cf9eL,0xcf0766268c2ca53fL,
-        0xd62aa41a2f2b99fcL,0x21b4c001ead7300dL,0x536b0a59e026d010L,
-        0xcb625f1b66ca8331L,0xcb613a3a56b6f938L,0x00000000000000ceL } },
-    /* 18 << 469 */
-    { { 0x1e26efcad3dad3b5L,0xc3f580c0ec404efeL,0x63e4f54bba07fc5fL,
-        0x2c208d6c1655cb23L,0xb10a1a18e482f788L,0x7f6fd02dcd7f89f3L,
-        0x5411e0380743db4cL,0x0e22bd76ce4efb17L,0x00000000000000a2L },
-      { 0x873c0af60d01af74L,0x2f4a0ec9ba060e1aL,0xded0dfbdaf48d8baL,
-        0x5d2b528d780ec754L,0x42a02e2dbadf7060L,0x90d1c9a037ba2665L,
-        0xb002f7c4a1007a96L,0xfff6be26355ad02aL,0x000000000000008dL } },
-    /* 19 << 469 */
-    { { 0x0bd4a3f0f9bb7cfbL,0x8d61b1c4087487ccL,0x9fc2ea4af9c93934L,
-        0x77ae38d82326e828L,0x0c0ae32cd531fc73L,0x46b6a9c04b35fa57L,
-        0x36798f1570f76923L,0x3941fd5cf13b2b6bL,0x0000000000000047L },
-      { 0xfa79c31c97ad3427L,0xae83362f4b6a8c6aL,0x19da33c36893337fL,
-        0x15d666fcd8edfad6L,0x378ad97ba6648fe5L,0xba2d4463ff23dd7cL,
-        0x687e42e6868e99d5L,0xf6c5d9dd88f69974L,0x000000000000000fL } },
-    /* 20 << 469 */
-    { { 0x14d14f636b330a4eL,0xf943c489289430d8L,0xc220f9b3dacb5aa6L,
-        0x5f64ce3dbbdbc661L,0x32bdc1d5ebf6d100L,0x6d2cefa026f8304eL,
-        0x55bc066635196423L,0x099f19e813c68f56L,0x000000000000017aL },
-      { 0xf8898c0067fd6808L,0xc9fcdd64aedb5d38L,0x141911bc93ecf107L,
-        0x7e2034093432891cL,0xdd9f385e1b9f5f0eL,0x61b231e96f97e818L,
-        0xec1dd4b9e8cc8371L,0x4e0a1cb9f44505a4L,0x0000000000000127L } },
-    /* 21 << 469 */
-    { { 0x929bafeded53c5e0L,0x14ddb02139df049fL,0x06226f149b246597L,
-        0xf60eb64085bee3faL,0x37606f309b15a907L,0xf5b90ecde7fbb734L,
-        0x038410daf9e730afL,0x4e2ee195f5d72e08L,0x0000000000000134L },
-      { 0x461c2d552cebcef1L,0xa43f38b5a32863ddL,0xfc3a8ded6b8d3365L,
-        0x03b48889360f80bdL,0xd22be91598cbea9dL,0xc32a9ab72557b88aL,
-        0x2ce4a476ae78f249L,0xae5831e640f9bf03L,0x0000000000000095L } },
-    /* 22 << 469 */
-    { { 0x41b796bf4796af15L,0x177d42f351a325a2L,0x487f3715601c15d9L,
-        0x15ca3b1b40649c1fL,0xb06abca7f36a5e64L,0x14bad851e4b57bafL,
-        0x2d42059d1862f500L,0xd2bf6d28db084902L,0x0000000000000186L },
-      { 0x128345b83e7774bcL,0x4598fe8563520a7aL,0x444316e72587d345L,
-        0xc44643f03c926f91L,0x1ee021d93f3cfca1L,0xf5c84920bda26ccaL,
-        0x673620287af1bb9cL,0xe05d4e740075bde9L,0x0000000000000061L } },
-    /* 23 << 469 */
-    { { 0xedd410e397f8467fL,0xf16210b41a5ccaa8L,0x2f078b037f73dd71L,
-        0x2c2a5f448e99ae3cL,0xb2bf1970b7dfc8fbL,0xf37185b250883783L,
-        0x7d5412a36a24e693L,0x18ee647497be701aL,0x00000000000001b1L },
-      { 0xdf6b6594435265b4L,0x876e6a7a9004e6a7L,0xe3ac6f6873cf7ae0L,
-        0x965460544bda6cceL,0x84e762aca94218f7L,0x06425f2496b3336bL,
-        0x569da13247d63056L,0xb4cb63d0b2d5a789L,0x0000000000000135L } },
-    /* 24 << 469 */
-    { { 0xee2ca82b76f521d5L,0x404c95b98d54184cL,0x7ef78330d43e178eL,
-        0xed67f94305f36bd2L,0xd734f6b845f09837L,0x8760f0f7bd8f5a29L,
-        0x2e7cf02112059285L,0x8d0be801ec54d3afL,0x00000000000000a6L },
-      { 0x51ba60c971042440L,0xea9c35ae614a4512L,0x006bbca51d410f81L,
-        0x3d31ac431170157dL,0x69b0be25fc7e723bL,0x6da152ba38276789L,
-        0xbe486c0593492808L,0x3fd119d980afa598L,0x000000000000008cL } },
-    /* 25 << 469 */
-    { { 0x8c94532ffb7677d0L,0x397f7f18f8a5be84L,0x94356c7499cce279L,
-        0xb334201593980d55L,0xbf6ef9d18cb8520aL,0xfb28b68edd535916L,
-        0x9cb149ed4dd8cc9bL,0xb97ea42aa9e2c064L,0x0000000000000035L },
-      { 0x9171a89ad37f9c82L,0xddc272092d5c7bf1L,0xadc3af681b9e94b7L,
-        0x613f81ca5682caf4L,0xaedd0d66e3453e90L,0x651161a92971b9f3L,
-        0x0399d25284688cecL,0x40d177e41be785fcL,0x00000000000000a7L } },
-    /* 26 << 469 */
-    { { 0x6871be7478d0c1f5L,0xf6c364f7456a1d88L,0xee53602c1666ff19L,
-        0x8b0a05995621622eL,0x8937537341feb4d2L,0xf34622cf94a0e8f0L,
-        0xeb9e1ee76efcc350L,0x1312f3a350063323L,0x0000000000000055L },
-      { 0x2fc73efe356883d3L,0x62a03b106d884fb7L,0x901bc04d7cabf01cL,
-        0x2511c5e129ebb711L,0xf94d884739bf842cL,0xe50486da63edc964L,
-        0x8cb348db60b10d7fL,0xe29a998c08ede95bL,0x0000000000000174L } },
-    /* 27 << 469 */
-    { { 0x3f8ddcd46347473cL,0xc61ed0f9a7e239f6L,0x45dbea9289ccadc2L,
-        0x2c5683f3cef07a9bL,0x51df4da3df13c487L,0xd78c61c30a089e81L,
-        0x47302b22831fa26aL,0xe3a79e8940504a7bL,0x0000000000000088L },
-      { 0x16d3f12ba4b11470L,0xa70377ad6ea07a36L,0x959342d5cc15cad5L,
-        0x1fd7d8cd8e4d42b7L,0x70696e3cb694988aL,0x7c73847433e52d9fL,
-        0xe96d5471c41dc241L,0x49cb9b9ca6f8eb8cL,0x00000000000001a7L } },
-    /* 28 << 469 */
-    { { 0x29dac47503b83778L,0x13fdb36b56f8223fL,0x15108cf7b189bf97L,
-        0x04cb678c3d959be9L,0xbfb72511cddec7cdL,0xd255fb17b2a649f7L,
-        0xe7b7616ff0210128L,0x49891af158674716L,0x00000000000001dbL },
-      { 0x5fa647c585e511daL,0xe6d774239b517adfL,0x131596649e9e0ed5L,
-        0x6a090a1234cbf60cL,0xc213cfe51b5cd8e9L,0x152c5434d7236d27L,
-        0xfc7df774944f90c9L,0xb1890bc9c119589bL,0x0000000000000167L } },
-    /* 29 << 469 */
-    { { 0x9b16f2144a14d787L,0x1036d9fa52079b2aL,0xa83ff9ecce07e344L,
-        0xddfeb66c46311e85L,0xbf554a70cfb9513fL,0x467bab678b31b889L,
-        0xdfae7a0fe9372329L,0xe4f2f5917e51c8f8L,0x00000000000001f2L },
-      { 0xc486a286d75feb83L,0x69c676f3087f2443L,0xbfb329c2ad4f54e1L,
-        0x301e122a09a7f840L,0xdc1ed7aab169543eL,0x3ae1310799c64627L,
-        0xdfbfa25ca5c949fbL,0x6eb39e641b020190L,0x00000000000000e5L } },
-    /* 30 << 469 */
-    { { 0x4d98b2ac32d8dbe8L,0xace115d91cc99ad7L,0xb8f9b3315543aef7L,
-        0x7d65d76b79819d68L,0xe70fa04ca7b35f9cL,0xf0679fe75fbe62b6L,
-        0x8e878e2f00de3fc4L,0x1a90ed223a42887dL,0x00000000000000caL },
-      { 0xd80cbfe401063d2dL,0x6cdc0a2c27cf1c3aL,0x447c49dcc0141542L,
-        0x98f2ec0c0cb0cf80L,0x07549703ff297bd2L,0x833c79f2a23585e4L,
-        0x4224adb3ddf0936fL,0xecb57a5a699ea6eaL,0x0000000000000018L } },
-    /* 31 << 469 */
-    { { 0x56e17019ff059f29L,0x002581359d92fa55L,0xfc9b7a6925777d70L,
-        0x9870806ae3f5ce87L,0x99e086f26d73ecc3L,0x3b2e4d9fa35841dcL,
-        0x485817f1b62ce114L,0x0bac63bdb5c1be62L,0x000000000000018eL },
-      { 0xcffa5dc1b9ac6c2bL,0xc3a26fdd56f9eb8aL,0xcaef1a4f3898781fL,
-        0x426a86c5a8cd88d0L,0x1716fd7cab614e6eL,0xe12c9101c06bbbb7L,
-        0x63e9171f62757ef1L,0x4cec09acd1f320f6L,0x00000000000001a4L } },
-    /* 32 << 469 */
-    { { 0x099c2888d6c5b0b9L,0xe35ce1381ffe8a3bL,0x133c35ca74939411L,
-        0x13521b322ff27ae3L,0xbde73625f760a06eL,0x199340715ee54408L,
-        0x69db07e102f9b217L,0x1389c23586a5e6a5L,0x0000000000000112L },
-      { 0xcf5b0e89ca1aa74fL,0x0cfa76325d844ccfL,0x04be199c65c3286fL,
-        0x483e0ff9d204e249L,0x9df8ce9704c424b5L,0xe35cda3ec05c0793L,
-        0x8a595df3f2798180L,0x7522b808fbe7f5c9L,0x000000000000009cL } },
-    /* 33 << 469 */
-    { { 0xcadd02a27d7784aeL,0xcce86dfea7fcf493L,0x87cd6f95bdc14ad8L,
-        0x27d2fe24611512f7L,0x9bc408a777dfbb5eL,0x9cb1f6603e961625L,
-        0x08542ccc1c253a6aL,0x1ec8713fa541f855L,0x00000000000000edL },
-      { 0xc358a687448cd884L,0xb75d140050d6ba88L,0x137a7569196b52c7L,
-        0x0cc62c0712f61a5aL,0xaa3653cf8d2497abL,0x9c79351e5d45d412L,
-        0xecababc65af55894L,0xc409198b52097ed1L,0x00000000000001c6L } },
-    /* 34 << 469 */
-    { { 0x0e472757f7011a71L,0xcebb0eba09da90e8L,0x933ee6b4aef7b7d2L,
-        0x0d2e742cb68ae8c6L,0xf373fc3f32de83bfL,0x0b51f343d249eaa0L,
-        0xef0bd45abab03af6L,0x965b8fefa1c07e8cL,0x00000000000000cbL },
-      { 0x571817f5ed0017b4L,0x6aee829608047226L,0xf4334820a389806fL,
-        0x2e0c2dab167c885fL,0x2c1894f48d6c34fbL,0xcba4358013ce3154L,
-        0x816b7e7132649e05L,0x3b02046e20aebd59L,0x000000000000019dL } },
-    /* 35 << 469 */
-    { { 0xa949bdcc0216439dL,0x72e5adadad102c3fL,0xaa9183ba0af396b9L,
-        0x41a83eacadac5678L,0xda7577495ea96f88L,0xac27f511f7e5d25fL,
-        0xbc92e35389a6c9eeL,0x472b947c1dd5234dL,0x00000000000001c9L },
-      { 0x1c9d64a4fcb14344L,0xa6d842b3c98a85e8L,0x1b4fb2636cd3f69cL,
-        0xc484dcfa2189d8c3L,0xe4e45792e280a9eeL,0x65da8ef6202443b7L,
-        0x2ee30251e71dd154L,0xf650203adea3ba9dL,0x000000000000016eL } },
-    /* 36 << 469 */
-    { { 0x0fd34803710bfda8L,0x697671fd37d08a77L,0x61590350952da84aL,
-        0x6355b6ef4eaffb94L,0xa654647f3712f7deL,0xf7d3db844bf5551dL,
-        0x803b4b6f92e47512L,0x2dac8ff69e3838c8L,0x0000000000000109L },
-      { 0x55e242b9515c2e04L,0x6802de1d9eead096L,0x3e2098970399ca1cL,
-        0x62dd1077a4ef1ac0L,0xb89f5b0c24e1d439L,0x8ff7dc3093678ea4L,
-        0x9858576394713929L,0xc14b25abdc8d0a7fL,0x0000000000000042L } },
-    /* 37 << 469 */
-    { { 0x7e70f8794d7f6f2bL,0x419829cc4a31a41aL,0xb4eeaa99324fd76dL,
-        0x95c37844d200095dL,0x95873b642c3e8cf4L,0x9fc8600ff3733834L,
-        0x13ea6eba7403564cL,0x2d4f9ec2f93389fbL,0x00000000000000d6L },
-      { 0x4e0f87b3220667ecL,0xbe666aacc0f871aaL,0xe22ba2305c46c0a9L,
-        0x3f7f397cc2fb5d1bL,0x701ca7f8a310ab98L,0xf561043c97da4402L,
-        0x9d7d99c7dc5e2e08L,0x854db674bbd1ff7eL,0x0000000000000065L } },
-    /* 38 << 469 */
-    { { 0x48b0c44b10fbb232L,0x23efcb9474bb12cfL,0x2283fd4289254aaaL,
-        0xf824e6cfafc254f8L,0xcaac3118aebd820eL,0x9a69ec62a1e6b686L,
-        0x50ccc5245df7b70eL,0x2bf74a2119c0ef11L,0x0000000000000097L },
-      { 0x1cb448466450f3d1L,0x316968226ff2a91cL,0xa32c75e1e3e83f42L,
-        0x45cdb5ddc766d607L,0x44e4f4644405a2eaL,0x1ce0895a2af43ed5L,
-        0x546bcf8f5d4fabddL,0x2ae184db680ad728L,0x00000000000001eaL } },
-    /* 39 << 469 */
-    { { 0xf873545aadd1bb8aL,0x6df75855b3381916L,0x85a46959282f5600L,
-        0x7f63ee00cab1b8d7L,0x61d5dc47e3960f89L,0x2ec0164befcfb0d7L,
-        0x05fe38cf325dbeaaL,0x786e7fa34b0292e5L,0x000000000000008bL },
-      { 0x29c1395fce8b30e7L,0x0aaff0c90c3ea317L,0x3b0ef202a4dfab3eL,
-        0x675cd59aac01dacfL,0x8a22b232aebb8ca6L,0x552271b7f28586ddL,
-        0x2a23a56dfd03890bL,0xbdc3ca28de16b4e5L,0x00000000000000eeL } },
-    /* 40 << 469 */
-    { { 0x14596043e92e85b5L,0xe3caa4f1309bcc86L,0x0946eecd6a004131L,
-        0xa8f39a0a5d559370L,0x2907f0fb9dd39852L,0xd26639c2b3624b6cL,
-        0xb45f0d32034709b8L,0x0ae962d48065c9d8L,0x0000000000000144L },
-      { 0x3de036a5d521ed0eL,0x5ce0990022e88bedL,0x2170357d527f6be6L,
-        0x7cc9e9ff5b47a6c2L,0x801ff33b9748eb94L,0xcb3961d6372d1840L,
-        0xc3db0b3bbda53a97L,0xfff1a0789bd74f00L,0x0000000000000127L } },
-    /* 41 << 469 */
-    { { 0xe2beef9875c4e3d5L,0x6e2985be41385dfcL,0x3dc139491d5be62cL,
-        0x421ad84a59db88a2L,0xe290f65ef1cd9c62L,0x8cad81dd031fdf5aL,
-        0x2ffff38b7a70772bL,0xdbcae403aed61b17L,0x000000000000003aL },
-      { 0x685cff22a6961366L,0x46543384b061a17aL,0x1d93260699b2b99dL,
-        0x115b73e62486c41dL,0x6cbea3427fea8a8cL,0x21e238b85fb70622L,
-        0x13df7dc40dadf79dL,0x89b2c737bb4fed33L,0x0000000000000008L } },
-    /* 42 << 469 */
-    { { 0xe470a3f68811f377L,0x8389beb00236aa7dL,0xf0f6c917982f42daL,
-        0xa8d017fca5e6a3dfL,0x00a281a86f6c2422L,0x5a713942a6cdb487L,
-        0x4a1b57083f4d0029L,0x64d0114ab2000863L,0x0000000000000145L },
-      { 0x842dd8a0569a9ca2L,0xb55b007b3b347c48L,0xba12f822b3667837L,
-        0x67579db2bbe1a4b3L,0xee34c780b2ee7cd0L,0x08c9f20244fcd799L,
-        0x592790de609495baL,0x6c279b065fb8bc01L,0x000000000000009bL } },
-    /* 43 << 469 */
-    { { 0xd9ec089d45a61664L,0x6adda151ef4d7edfL,0x788c96573e74cdaaL,
-        0x2b73df110162a42eL,0x70fa479627178991L,0xc028dde06b7360eeL,
-        0x683cb8de527692e6L,0xb06c972e4039737bL,0x00000000000000aaL },
-      { 0x6ecd795e03cf1545L,0x4cb6ef7ca49d14f6L,0xe7d26ea24c9f0793L,
-        0x74f86a00c5bb3a0cL,0x2f029188b022a7c1L,0x1f5a67a5d11a7ac5L,
-        0xac81b2fe6a5724bbL,0x8c149f3d175d86e0L,0x000000000000019fL } },
-    /* 44 << 469 */
-    { { 0xec1c52dfbcd98d89L,0x311fa61f10eefe3bL,0xc46f60f85e624ea6L,
-        0x30c2171be17a2b62L,0xb12102e30b8729aeL,0x8be6c0ceb4723895L,
-        0xde06c2aaee640520L,0xa71ec10da86e11baL,0x0000000000000051L },
-      { 0x73019b3097a7bd73L,0xa01007744052d44aL,0x52cd660f34686dd3L,
-        0xd02b71fee0879244L,0x8efc04c0f2266eeeL,0x1ee192c7b71ba925L,
-        0xa6d63f084408ef54L,0x23adc3915c77390fL,0x000000000000003cL } },
-    /* 45 << 469 */
-    { { 0x84ba05e3bd62d818L,0xfa9746922dfb9f05L,0x6b15453937718201L,
-        0xa6624bf9106687d4L,0xe09a44c3d9f29e00L,0x87d2e4bc137d2f83L,
-        0xff90b283b9b00e40L,0xcfb6978b87df7a57L,0x0000000000000129L },
-      { 0x4aa5e02c503bd70cL,0xc985efc743315974L,0x61e2ef6999fd881dL,
-        0x8ddec42d5c84dcd1L,0x4eb1d068f6d37ccfL,0x39e186198b84a79fL,
-        0xf3924d7f4a78ec0eL,0xbb702e055c90b885L,0x00000000000001e1L } },
-    /* 46 << 469 */
-    { { 0x2885ea42d044abd7L,0x13f7e9191c8843b4L,0xae0401519f420498L,
-        0x8829dba445329e31L,0xd1a19fcf17754079L,0x367b6764c564ea64L,
-        0x5f27569de885a386L,0x660bc6bb97b48147L,0x000000000000000bL },
-      { 0x5936d68d04ab459dL,0xe45234d817c2a65bL,0xd76cb1fef46a84eeL,
-        0xc310f74af3bcd4a2L,0x605f3f125c2dacf8L,0x3e533d128bef904dL,
-        0xd389dd9b76ea5518L,0x7fb8d72eebce15a8L,0x00000000000001bcL } },
-    /* 47 << 469 */
-    { { 0x1b39356dadbcad10L,0x611d06efd2c02a3eL,0xce5b763a4c497670L,
-        0x48fc1378ab055283L,0x46b39cb9678c2c83L,0x03a783b393eb7d11L,
-        0x72b6d5f8f5a13b37L,0xe69316dfa85fe503L,0x00000000000001b7L },
-      { 0xabf89b61520f51b5L,0x93e7cdc45db81dc7L,0xc4be33eef9ee3d28L,
-        0xe1e43f98d5983740L,0x8f37e5a35ad31353L,0x97083b97a896a61eL,
-        0xd117eb5e292c0624L,0xba08108c874f328dL,0x0000000000000081L } },
-    /* 48 << 469 */
-    { { 0xb758f2cd23509208L,0xd4f7af5088ba1557L,0x8ff26bbde472d9feL,
-        0x071723868960ac4aL,0xf63e404e9025de52L,0x05053c3fcacbca10L,
-        0x55ad71f0e90cdfb2L,0x25d5716580e65089L,0x0000000000000125L },
-      { 0x5de6508419a94651L,0x9aa2dbc01bf9c999L,0xc97a237737d94752L,
-        0x9963d33ca4d21f9cL,0x679f837fd92c494aL,0x1876a9cc69fc4047L,
-        0x028e4edfca690225L,0xa49474168359a44bL,0x000000000000004bL } },
-    /* 49 << 469 */
-    { { 0xade71ac8fea31c97L,0xcc8f381103919f2eL,0x066d7a1c0fd575abL,
-        0x5c1bb1f252a3e9d5L,0x830ae9819689a600L,0xac9bb5b66763b7c2L,
-        0x40db293aab2e1ad9L,0x8f0de39f530fa624L,0x00000000000000cfL },
-      { 0xc963031f35628945L,0x9a2e7f3e99ea6df7L,0x8b759a2fd3491ee5L,
-        0x88136e3f009653aaL,0x48198194c5239084L,0x9fef1f19e4af6853L,
-        0x42cd9f4adaab6571L,0xd834784943ac38daL,0x000000000000010bL } },
-    /* 50 << 469 */
-    { { 0x77b95920abd07a42L,0x66ae951e1b05f9d9L,0xa0b29e1f1b845797L,
-        0x460087bdea66fa1eL,0xfca234ff973965e8L,0x4ef0d58742218113L,
-        0xbb90f9c0e58e2ba6L,0x2106ece57a1ded9eL,0x0000000000000004L },
-      { 0xa9d190182787b7aeL,0xb127a7d318cc1c8dL,0x46455feadf775a3fL,
-        0x4bc1973ab91f6f24L,0x2941ac6d1a3e4cbdL,0xedc8328bf1740029L,
-        0xe4068b2e54ed0273L,0xa7228a7e8c23a1d4L,0x000000000000019aL } },
-    /* 51 << 469 */
-    { { 0x957939dae7894375L,0x1b2775f257816ca9L,0xf67d7c380004bfe9L,
-        0x4582ae0821eb8de4L,0x55df582abcbb4aa4L,0x30e5b50b16723f24L,
-        0x91f672daa350f89dL,0xb77fe0544be6380fL,0x0000000000000117L },
-      { 0x1710653ceeb1c98cL,0xf82be08c6ae35cc8L,0xdbcdf1421680e596L,
-        0x2032b7410227e6c9L,0xe478bd37f07adb40L,0xc8b549c8aecc5475L,
-        0xff5f364c7ba0a27fL,0x654355061768ee6bL,0x0000000000000042L } },
-    /* 52 << 469 */
-    { { 0x22fe2e191a3ccdfdL,0x55f8139c13a8c7cfL,0xedc73b1c01e0f56eL,
-        0x5a9c1968a3fec725L,0x782182d6f8ae2cd5L,0x5f66b8c17f9f64b4L,
-        0x17a2bb332c101e97L,0x187ef5a232a96850L,0x0000000000000197L },
-      { 0x5d5fb38747d1be1bL,0x3713edbf1de57442L,0xb04956d328a92374L,
-        0x9c92546515debd61L,0x0e0f52fec13defccL,0x891c71261307bbbdL,
-        0xa772556bc296d5aaL,0xd7eb1d8ea8f6b37fL,0x000000000000018dL } },
-    /* 53 << 469 */
-    { { 0xf241efe3e318cb2aL,0x03033711ac571aa6L,0xe3efeeae1b42ad11L,
-        0x49bed2b2dcf40cd9L,0x3c9fd4976f2832c9L,0x598a96e609c7dc68L,
-        0xfbf270ecf5686223L,0x3c0871ee7cbf72a3L,0x00000000000001e3L },
-      { 0x477eda86b7fefe1aL,0xd36256c26d037d5eL,0xb0df707391f39886L,
-        0xbf2c97fbaa590f83L,0x7b8e2aa452150aefL,0x1d0fcc93482aeb90L,
-        0x5086665c90256ba7L,0x90a4de3f64e6ee28L,0x00000000000000e3L } },
-    /* 54 << 469 */
-    { { 0x9880edbb634779f8L,0xa78c28e60c979f1dL,0xe94854d81204dd29L,
-        0xf4a09ef365453269L,0x8015c054bc074682L,0x3648356358d5013eL,
-        0x0d2b20adf0cf4a28L,0xb96421ac0a192c94L,0x000000000000017dL },
-      { 0x923b881f9418af47L,0x5f86d74cd0744d6dL,0x9bbc2f0317c2ede0L,
-        0x2ff3016d4d7f81f2L,0xf7e99bdc588dd88bL,0x60988dfd36e09430L,
-        0x7fcd2c1911cc41eeL,0x7dbb6444436063b6L,0x00000000000001bbL } },
-    /* 55 << 469 */
-    { { 0x13a7925b4f357fe8L,0x54250aaab46ba080L,0x6b75101f52792018L,
-        0xc1f2737f27e87303L,0x8496a09b7abc0687L,0x36a23d44f65d79fcL,
-        0x1079339f87d831eeL,0x529ae62aa07364ecL,0x00000000000001caL },
-      { 0x2742ce4c81b0623aL,0x513a65fa584a9f69L,0xe5b6b1ece25bd3f5L,
-        0x1a6a7359d5883ef7L,0xd5a90c6dec6efe65L,0x5db42aea38802659L,
-        0x31671373bff583dfL,0x9fccd94f6920e040L,0x00000000000000dfL } },
-    /* 56 << 469 */
-    { { 0xcc51cb4b1aa88055L,0x55c2dfc46dac9c77L,0x4e0019affb5e8de9L,
-        0xd686f86dd0d60937L,0xfe4bcb522f3ac7dbL,0x102adf661cbd8b5bL,
-        0xfe830c11f89ad228L,0xb635e0e1969b169bL,0x00000000000001a6L },
-      { 0x6b51c9abd5b1c229L,0x1d2912be9ee262caL,0x6208f3dd838c6d6eL,
-        0xc3b9a9e5d6e11544L,0xb88e99336a2696e9L,0x81b5b9c8ea9d3206L,
-        0xa7f2f30243123369L,0xbb51e48673bc3a3bL,0x0000000000000113L } },
-    /* 57 << 469 */
-    { { 0xdd0f189b4c77e727L,0xfe4cd2f6d9bd0fe2L,0x6454e3cd94c2a526L,
-        0xdff102f317ad2166L,0x461734c46191e95cL,0x04cc3f496c830f05L,
-        0xa8740c863dd2ed7bL,0x5dca654622703431L,0x0000000000000019L },
-      { 0xa80ffaa51518d57eL,0x9e1fcde11f48dd75L,0xb0498a4b829f4b88L,
-        0x4823bb28b7f05dd1L,0xd9c6f5d262938b03L,0x4d1660c414d15f13L,
-        0x444a74a0a0fd9a40L,0xd764f15e3770cf5fL,0x000000000000014eL } },
-    /* 58 << 469 */
-    { { 0x7c62a8d4146c122cL,0xe575b2ca1799b0a5L,0xe5195dae1b06ffeeL,
-        0x5f0dc83a847f27fcL,0xcc10735305898b9dL,0x7f2ef8ec4713c3b5L,
-        0x653844ca4760afe0L,0xc6d972950f6152b1L,0x0000000000000065L },
-      { 0x996a0d1a59bd137bL,0x6511d7685abb04b7L,0xb916dc2f78ef48c9L,
-        0xf46d1bf3de129423L,0x3f7f3de897ac10d1L,0xa37c5c11676afc7dL,
-        0x39dbdf85d2671f5fL,0x2b5607945657c0f2L,0x0000000000000088L } },
-    /* 59 << 469 */
-    { { 0xb24089fa6d540d96L,0x77c1e4b018a57d1fL,0x1c62eb46e056b93cL,
-        0xb98bc55624e9658fL,0xf225c49850aaadb8L,0x9843ca5ece753e67L,
-        0x27f231f12c66df92L,0x9825c25b34934cb3L,0x000000000000001dL },
-      { 0xf92f334c84795c3dL,0xc1f54e7b36b19eb7L,0xe891a3cc496b86deL,
-        0x405cac982f43e3a1L,0x319c8569e8d9c821L,0x8ce93789ca7db1bdL,
-        0xa4a4227155c7920dL,0xf63a98e73fb59f04L,0x0000000000000088L } },
-    /* 60 << 469 */
-    { { 0x3d9e327a3dffaccdL,0x23e7de91b57be47cL,0x34af6490996a4df3L,
-        0x9024fdcd23d46ef7L,0x9b55c37bef6749e8L,0xcc0e2ea4750217ccL,
-        0x9c0aa3a54f07fee1L,0x678db2f28154dfc2L,0x0000000000000007L },
-      { 0x3ca56f0f1355da47L,0x7ab6eb7d4cc64fbcL,0xd68b2467a367d8dcL,
-        0x908dadb995cbc15fL,0x0694c136c5ca5ea6L,0xc444772432837dbeL,
-        0xb29f989c23df02d4L,0x43a6d58a7d60fe91L,0x0000000000000103L } },
-    /* 61 << 469 */
-    { { 0xaf60ddd4fd331e77L,0xdb2b23b6e4bda275L,0x50de018692fabaf2L,
-        0x18f4ee1e439f1467L,0x1d6ad1c55f41e1d8L,0x1870539a6185d956L,
-        0xa469cd954b7c195bL,0x0512eee3a8f71640L,0x00000000000000c0L },
-      { 0x649527de55b56f56L,0xb6c666f14fa873e2L,0x8c12fcc042440b9bL,
-        0xe44ce0c97ddb3192L,0x5c9d67f0c5e1f50fL,0x4d2e9d041c957109L,
-        0xece745bf334a3f13L,0x4c0fdc639473d8cfL,0x00000000000001b9L } },
-    /* 62 << 469 */
-    { { 0x214dd24ea5dda3ffL,0x4423c61b58d48ab1L,0xed596e642546d55cL,
-        0x3e0c6b0726ca41edL,0x47b13e973bd71b9cL,0xdca94741169e56c3L,
-        0x6c380c7598078a65L,0x364caeb1ab093024L,0x00000000000001ecL },
-      { 0xf5dd2e474ea3d662L,0xaadb18becc01369cL,0xbedca5296be99116L,
-        0x4dca80e0934f07a8L,0x99adb72766b0b50cL,0xb478a6f79766ca8eL,
-        0x771ac1e2d3573d18L,0x0c64c745619fd002L,0x000000000000014bL } },
-    /* 63 << 469 */
-    { { 0x1ff694760c4e06f6L,0x00e69af1532a26ceL,0xf86f1f52c6b2dd00L,
-        0xfdf77e8a92114d6dL,0xf5d2ac406197eb57L,0x66465d59ca274247L,
-        0x708608a82c41da24L,0x3f3d3a4afc46e7dcL,0x000000000000000bL },
-      { 0xbf456142b8e1680aL,0xe98df23e3d5d3376L,0x4e0c78faea79d6a5L,
-        0x1e7cfeb16436e15fL,0xf7ba6fef589b8115L,0x1cee877d7b5d2271L,
-        0x1a9a5e2faa96639aL,0x1b756ea93bd35dc4L,0x0000000000000171L } },
-    /* 64 << 469 */
-    { { 0x5ea6d7ec70be25d7L,0x7123951418497519L,0x86ec4211661279b0L,
-        0x3c673364d41deb71L,0xc7f5bf951884db68L,0x17eb082e77ecec04L,
-        0xec159bb14ccef5a8L,0x630d61dcee69d948L,0x0000000000000130L },
-      { 0x0d0db8b4c1a69df7L,0x28590b46cfc11acfL,0x5137b85bb19d5a7dL,
-        0x6069874da376813aL,0x871126092ab28149L,0xddc1900069e6d09cL,
-        0x7b3544c70114f9bbL,0xae2d081fe842291eL,0x0000000000000110L } },
-    /* 0 << 476 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 476 */
-    { { 0xc7cc50fb09b5947bL,0xe166a9afd5eae02fL,0x47c7953fda349c90L,
-        0xc3d4bcae21c0984dL,0xcee13c2f45ff2419L,0x334cc1f147780ddcL,
-        0x21381fb6f1157180L,0x28ff4f86eaede87bL,0x000000000000017dL },
-      { 0x10c72b8260e096a3L,0xc73306ec5ff796baL,0xb3f60666fecc17ecL,
-        0xb9e0d51f46f82c8dL,0x6cbe5c7e296da50cL,0x87cb11044fa6c1ceL,
-        0x5d5e0f6d491f9b8bL,0x187baf6970eb3d18L,0x0000000000000103L } },
-    /* 2 << 476 */
-    { { 0x2fafc73f189a0360L,0xe08428f1a68509e8L,0x4700e3eb3a2af597L,
-        0x143c0bf14b298188L,0x9fb03775f0b9b8f6L,0x7c9e5a3a2653d193L,
-        0x41109c62d1f8ab93L,0x8ad7cb71434536b8L,0x0000000000000073L },
-      { 0x82c43b2daa844eddL,0xad5be7ac3cafb62dL,0x8dd99c5b4a5b4b0cL,
-        0x2a11dc4131c113aaL,0xe62332e93390e968L,0xa912cdea4b073b39L,
-        0xbb0b8141bc11cb2cL,0x504272d1c9dca239L,0x000000000000007fL } },
-    /* 3 << 476 */
-    { { 0xde0324030689ca3fL,0x4584fd9714fd0202L,0xbea63186c84bfe39L,
-        0x0e579aadaba48f51L,0xcda28545c1a4c309L,0x33629507fd645c90L,
-        0x0c77cd5627b58e13L,0x4d84313664dda00fL,0x000000000000016cL },
-      { 0x281cddf1e91a439cL,0xaedc15d538bf386bL,0xf2f22343f35ea657L,
-        0xf9fe82ea18a01f1fL,0x04f9f4730b5a27bdL,0xd296626d025df338L,
-        0x45b950ba633dca68L,0xeeef58ad19f73b2eL,0x0000000000000008L } },
-    /* 4 << 476 */
-    { { 0xd92a04c26573f504L,0xb69c2dbb85de7ce9L,0xb2b82853a2a36153L,
-        0x2899bd376af7feb5L,0x301805e5433c9010L,0x5bed8acab616d5dfL,
-        0xc8afda4270e4b63eL,0x496eb13248cce468L,0x0000000000000103L },
-      { 0x6ebcd0500973771cL,0x6377d971474e651bL,0x7d0a936b0f6dea19L,
-        0xf7cf4fce0aeaf504L,0xcee2076c170c2fbaL,0x158448263af78646L,
-        0x67737e06e27f2225L,0xdfff84af4601bd5bL,0x00000000000000c1L } },
-    /* 5 << 476 */
-    { { 0x035d0a019df3894bL,0xfcfb77c6c2f36a07L,0x04957358c9319662L,
-        0x52fb2c650e0fbe5bL,0x26d1fb01cf3ebed5L,0x3a417dc06f338b83L,
-        0xfb234b48d11a9621L,0xbba96393db3f5cbbL,0x00000000000000d1L },
-      { 0x78b95f1495129ff9L,0x10504de14d5f0abeL,0xe8c7250d3f4dde14L,
-        0x20c04ab4ea00ac99L,0xfaed11686eb2143bL,0x23e32bf4544284b5L,
-        0x0512a28dbad3acb7L,0xaa1926aa86d008a6L,0x0000000000000192L } },
-    /* 6 << 476 */
-    { { 0x81f919bc75e0a1f7L,0x89de5dd7cd6a017dL,0x14d88451c9a96fcfL,
-        0xf3f61d046c5b2967L,0xd21b7e9c453a4189L,0x18e9c74dc8b7bf46L,
-        0xf8903f4f63921ee6L,0x1cabb3f025060de5L,0x000000000000006aL },
-      { 0xf15cd5c8c291f1cbL,0x26c8a484d0311e2dL,0x1e5d93b9d9e366c1L,
-        0xb037cbdd812fd505L,0x8614127c0c567514L,0x4125bc9b4256930aL,
-        0x84f62f976a0a82acL,0x5b12e21e8dbd5c67L,0x0000000000000192L } },
-    /* 7 << 476 */
-    { { 0xbe5764c9caf7fff7L,0x16cc873d6d606b04L,0x6a6f20784268cdfbL,
-        0x06cd7ce627bd5738L,0x532d5c4242e47936L,0x704f0b2a7d0f8758L,
-        0x6046d9f36d2e977aL,0x53feb41a1327c874L,0x00000000000000fbL },
-      { 0x9425b4d1013ef2beL,0x98b50c6e98a45194L,0xbf181a2b9df34265L,
-        0x39c40ce4c2de575cL,0x6757daeb883b4dccL,0xcb224d4bf8b5efbcL,
-        0x2dcf10aeed49a2a0L,0x9c1fff7a9ffda898L,0x00000000000000ecL } },
-    /* 8 << 476 */
-    { { 0x7d2636053e0c991eL,0xee3ed571275db80fL,0xf20cf648561dd429L,
-        0xed7ea515f12bddc2L,0xb84130bd0a544f33L,0xd56fb7297832d23aL,
-        0x728ebeec0bbd7452L,0x6006394d28216463L,0x00000000000000d2L },
-      { 0x43b5561b228b41f1L,0x90eba77819b17767L,0xca1ac49ea2533ac2L,
-        0x23b080f75ee9175aL,0x98a9470773a70bb7L,0x4ca74d0815cecbebL,
-        0x5141db56b4a97b7cL,0x758fe34ef1450caeL,0x0000000000000111L } },
-    /* 9 << 476 */
-    { { 0xd2b17efdc9bf0c9bL,0x79352df94a3175e0L,0xde19af86841b5f46L,
-        0xd2bdefc98317fe9fL,0x4349c726a5ae3bc1L,0x9991211e43cad229L,
-        0x3245ce6ef16a1f19L,0xb7a43c99f6b0a022L,0x0000000000000027L },
-      { 0xa0d43e88bfdd7fa5L,0xb9fdb126a56aef59L,0xe36fedb3eb1646b9L,
-        0xc2a5b17fb2d25b2aL,0xd1db0f0f7526ee70L,0x526e46c6739fe3b6L,
-        0x5cfa3185a6320001L,0x908282721717cee8L,0x0000000000000054L } },
-    /* 10 << 476 */
-    { { 0x61ed6a7f6e9e6e88L,0x0456d4c464e89e5aL,0xea5fc9d8f9e17ed0L,
-        0x2dc7dfafcb542d12L,0xca40f95c8c90f19dL,0x347f0c9f375c2872L,
-        0x3a5e1ff600f96cd2L,0xe3442888a9fb6359L,0x00000000000000f9L },
-      { 0x16e56ae6a6743465L,0xc9e24ada478dfe6fL,0x298ff6dfe42d5813L,
-        0xfacb1cf51531c516L,0x9b778fde097be036L,0xaa17ea655155b221L,
-        0x8fad7e57c8266064L,0xcbb079a05536759fL,0x000000000000013aL } },
-    /* 11 << 476 */
-    { { 0xbc23aeb2d1fc50f7L,0x5a63b2379b184c0cL,0xbc43ff0ee6794086L,
-        0x64713b62031f0138L,0x3db4b0bd81da7dacL,0x4d6a996b36d6fb58L,
-        0x6b064df122b4e62aL,0x0612931c7f6b9cbeL,0x00000000000001c8L },
-      { 0x55503228462bbc5cL,0x5651ec3a244999ccL,0x93b5b3d709872c80L,
-        0x8cf163af070882c7L,0x7a2923223b30afe3L,0x8d92b4aaee45a4faL,
-        0x94646bd3697a47b4L,0x99bde8f96423023bL,0x00000000000001feL } },
-    /* 12 << 476 */
-    { { 0xb627fdfbc0062d02L,0xa527c2db7c3ecc6eL,0xbd959f5d49faa954L,
-        0x5e110744f6c6a3c9L,0x40f10e096d3907ebL,0xa94e585ee27341f6L,
-        0x8f0e11851cb56481L,0x0f687b831cec3022L,0x00000000000001b3L },
-      { 0x5f8c166d962a12d0L,0x00b41edad2445d5fL,0x2b259ccee9690a54L,
-        0xe4bdac1d6bfe61bdL,0x30cf14bcf51dc15bL,0x43e72573c600759bL,
-        0x0bea781ff86f10c8L,0x3259d6086a363f83L,0x00000000000000c1L } },
-    /* 13 << 476 */
-    { { 0xc288ee74cdf30f6cL,0xa8fa52b3d8b19859L,0x1ff94a3023f725acL,
-        0xf02bef5b58b44ec1L,0x0af81bdfb862bec6L,0xcb19979d38d65bb7L,
-        0x4469bcf7c662adf9L,0x6f29e33195e8305fL,0x00000000000000bcL },
-      { 0x72244e292093d379L,0x590c16a0ec9d9897L,0xc635439ee45d50c3L,
-        0x5b5562779b40b375L,0x9c9c449643d0381eL,0xd61c59c2378d8002L,
-        0xf0811d15ac014d42L,0x37da2de58afa297cL,0x00000000000000f3L } },
-    /* 14 << 476 */
-    { { 0xdd15b8890006da10L,0x415306bf6643193fL,0x79036f1f242d9d57L,
-        0x6c9d5588b36f9ecdL,0x58305c8bf19d2f9eL,0x383d6245f5c17b58L,
-        0x9c6af8d8640cabedL,0xe8d10e728adb59ddL,0x00000000000001d5L },
-      { 0x5490f2f98e99708cL,0x5373965efdd3f754L,0xade0363389e6bff2L,
-        0x59d82f758ea6e9dcL,0x3ddb97148ca95fb3L,0x25bc3b9a85713ed3L,
-        0x0b118e05090cf1b8L,0xd95ea9cfc707cd92L,0x0000000000000028L } },
-    /* 15 << 476 */
-    { { 0x73bbc51cec9886f0L,0x6d91832d76c9105aL,0x3a4938ff7734de0dL,
-        0x68613d279f71510fL,0xecc8b09f9c201233L,0x2b426b0d02f20792L,
-        0x917bab5133f87aebL,0x21014269b921e7e8L,0x0000000000000139L },
-      { 0x366b3a8b91a3cef2L,0xbf63ed9910bba815L,0x98143ae944329e33L,
-        0x7bf47db912c92e6fL,0x3e298e35de7bf2e6L,0x517d6a51770daa8dL,
-        0x80a04c0e85e292c7L,0x252aac413a6ce0a0L,0x000000000000009dL } },
-    /* 16 << 476 */
-    { { 0x62a1f73e3fbadc57L,0xeabf4b68b1ba2d35L,0x711d7f6376f3bde7L,
-        0x162f5183b31c3fb3L,0x0dcd66fed7d716f7L,0x6e1dbb78e46816d9L,
-        0x532831b8f833a6f7L,0x64191ccb4cfed0cfL,0x0000000000000190L },
-      { 0xdb3763396d7824adL,0x6b948aefb16a391bL,0x2d174fd64ae9013eL,
-        0x9b5c22ee16a57de2L,0x3bfed1da9e857a25L,0x635187a64d644bbdL,
-        0x94786e3a6fe288acL,0x827c8b03ece25962L,0x0000000000000092L } },
-    /* 17 << 476 */
-    { { 0xdb67687a67d36ad4L,0x3d1af6ac40f1e687L,0x2c71a3ddae798682L,
-        0x645140cad7a2071fL,0xc3517c50eb0d963fL,0x355c6438ab08414eL,
-        0x4cc8ac9e0180c6cbL,0x561c7ca326fbc369L,0x000000000000006fL },
-      { 0x0342d1496e7e396dL,0x5a5cd24a1ba4fac5L,0xdaee6359a50d62beL,
-        0x05d3140c9f8ec814L,0x1468a0a3faaf4476L,0x57b01227507375b4L,
-        0x4577d26211476222L,0x6b9ff34821fcaf64L,0x0000000000000169L } },
-    /* 18 << 476 */
-    { { 0x053b265090739d6cL,0x81b004bd712093bfL,0x7f50af875afe50a8L,
-        0x9b5ffb5e616741b8L,0x681137aceb3c3a6dL,0x69b12c2245ec1c2eL,
-        0x43bf3b334d35bbdeL,0xd78593fe2a340a3cL,0x00000000000000d1L },
-      { 0x995af65a2422397bL,0x832b654bd1e5f2efL,0xdbde76cee8f57027L,
-        0xbf107d39ac9d310aL,0x028a3faf7ef5943cL,0x2a51126a9db46e73L,
-        0xaaf481c0b65d02dfL,0x6c0678a8cdd9a840L,0x00000000000001abL } },
-    /* 19 << 476 */
-    { { 0x7509b5b0a968ac0fL,0xd55260f8c75e5f25L,0xb517c59a16a4515fL,
-        0x85e826661c3270d8L,0xf42ef8d3b92dcd94L,0x0cf375adc36f162dL,
-        0x4335872c0da09278L,0xe1256b6a06d898e1L,0x000000000000011cL },
-      { 0xbed033f087f764ceL,0x55e48707aed0398eL,0x721335dc155cc588L,
-        0x97b2e056d98215c1L,0x6348051fb6149163L,0x005844d2ea832fe4L,
-        0xec5b0eb5c8d9470fL,0xd89a66da78fa2054L,0x000000000000019fL } },
-    /* 20 << 476 */
-    { { 0x4fe79ab617384010L,0x0113f08cf667c198L,0xacb83a5dc1b7d603L,
-        0x3894655a113e8492L,0x4198a4dda53d7e23L,0x4154cb63a659d9b2L,
-        0x87dc05902048cc45L,0x75bd93c9c871f14aL,0x000000000000017cL },
-      { 0xc5d2c8571c27cd43L,0x63c9590620c15abaL,0xb7338ea047b68435L,
-        0xa328b780f45c64d9L,0x5830791649070f2eL,0x00fcabc4434c1e1bL,
-        0x49af9ad69c28099eL,0xf45e8e264cb91946L,0x000000000000012aL } },
-    /* 21 << 476 */
-    { { 0xa566513cd10f4d45L,0x96be203262cf6caeL,0x3c901109bed653c4L,
-        0xc9ddc6f5c9e6aac3L,0xd71c7f5cdf7736dfL,0x8e668bacc14d30f1L,
-        0x8472c592082aa9f9L,0xa956d0c59e379045L,0x000000000000009dL },
-      { 0x2a30d8f689f409f5L,0x959721c74f2040f2L,0x4f2e28eccab44c6eL,
-        0xd03ad278fa69fdbdL,0xf23605b67d5434e3L,0x5b23a0fb99dfd293L,
-        0xbc9005f5cd1aa7b2L,0x9b380071de406705L,0x000000000000003eL } },
-    /* 22 << 476 */
-    { { 0x9cd76d418f852e50L,0xe53ef54d74e73fedL,0x719560097ff71362L,
-        0x7063bd9fb11e07eaL,0x612e763de01438fbL,0xec67b225fea1f881L,
-        0x689a7e7f935b985bL,0x32110c564098c919L,0x0000000000000052L },
-      { 0xa6f57214c1811d27L,0x72f18b108b658477L,0x24c30d8cf4eeab7bL,
-        0xaa6d60131c6f8ab5L,0xea6b996378dba5ceL,0xdb404acebca2295eL,
-        0xfe583aab514c8334L,0x6497bb4d15394b37L,0x00000000000000acL } },
-    /* 23 << 476 */
-    { { 0x199de705d09dce53L,0x3677a5add36a0a45L,0x1f052544a09d949cL,
-        0x79cd422fda21efadL,0x01669ab6f92c9479L,0xec05bcd94b070ffdL,
-        0x78cd06d3915dd773L,0x657eac7820febb9eL,0x0000000000000078L },
-      { 0xdbc2430b4f4fde91L,0xd68c37e8d9330002L,0xe37f66a0a1ca0636L,
-        0x42420f8b219f789dL,0xddaae3cfc9391916L,0x964b9ea1de5040b8L,
-        0xba0d5701f5637d90L,0x2433cff430254a91L,0x0000000000000136L } },
-    /* 24 << 476 */
-    { { 0x19427f7c3a0dd44fL,0x2422033f899cb9bbL,0xca5616531c414cdaL,
-        0x2a6dd24ff611151cL,0x785ac036cb1ae063L,0x523c8d8947ed9de5L,
-        0xa73e893cd2a988cbL,0x2c3013cce4b8ed7dL,0x00000000000001a6L },
-      { 0x4eecf37e9d92a8f3L,0x5e624fc1a23ca927L,0x4093ed7b54675ceaL,
-        0x0ab770fc3071943fL,0x2d70962e31069eeaL,0xb1f1c5acae0038d5L,
-        0x1b3164d04aa60fcfL,0x941eb6e60de4061fL,0x00000000000000daL } },
-    /* 25 << 476 */
-    { { 0x3dd4ee8e19a73314L,0xfe0237c31ee71340L,0x304ef3c4dabd8295L,
-        0xa470f16e2b0e401fL,0x9b9b18bda90af043L,0x16879d527d4b1066L,
-        0xa64163238a3d7f8dL,0xaa9ccc7e65ace4acL,0x0000000000000026L },
-      { 0x57dfdb26efd2582aL,0x31a4cbd5816472adL,0x3696706110bc7c16L,
-        0x5a4b9b40653ced98L,0xdb6ebf15a0a04521L,0x7837ec24873b5291L,
-        0xa7e51a29a5790ea5L,0x4fe225932c1f90a3L,0x00000000000000a7L } },
-    /* 26 << 476 */
-    { { 0xe04751fd84b60e15L,0x907bdd54dfdb9fc8L,0xde29491fccea9731L,
-        0x08b53084558b3469L,0x932829537bf3fe60L,0x9542d0cc571d9a75L,
-        0x3e280110dcd0424dL,0x1c653fd7f1fffe62L,0x00000000000000ecL },
-      { 0x0fe3420222f47f20L,0xc55aa305727b5ca5L,0xda700ec9cb053631L,
-        0x5b540840d29a3db8L,0xa3215fb991f76098L,0xfd43d98f587dce0cL,
-        0xaf9356d4b0186f34L,0x42fae7d342631c7cL,0x00000000000001d5L } },
-    /* 27 << 476 */
-    { { 0x809a4ee19e29d9bcL,0xca98f3eb866d85ddL,0x8b012a73c6076d52L,
-        0x2d3c172d25f44794L,0x9c51f8b7aaba69c6L,0x0d8418773aaf1dfdL,
-        0x9f8d5aea3aca08b2L,0x2d259c4d82594f4bL,0x000000000000016bL },
-      { 0xbb8f9a9ec0d718f2L,0x6731472692f7dd58L,0x30d7fb584429c13bL,
-        0xbbb606d88a6127bcL,0x40e9739fe02e8f49L,0xc14feea8cd2d0037L,
-        0xd08e46c31c288befL,0xad94174d58456ddbL,0x000000000000004fL } },
-    /* 28 << 476 */
-    { { 0x918ddc53c03584e2L,0x63792fc32a8e3474L,0x8f62970f8d6bf25aL,
-        0xa865f2e231898fe8L,0x39dc06d1ded08fd0L,0xee1d4e6f603536e0L,
-        0xcd4951727a60552fL,0x427b8e9eb63f05a9L,0x0000000000000045L },
-      { 0x2229440303fced47L,0xec0db4da27fc6286L,0x0ec8947b4f7f7b5fL,
-        0xea2cae19d7dbce85L,0x9bcf3f58900d2b20L,0xc8688ae67529f727L,
-        0xd45e9ee17169208dL,0x1b6c3acc1513e205L,0x0000000000000080L } },
-    /* 29 << 476 */
-    { { 0xc9ea814896361293L,0x7e8dc3b2cbe8593fL,0x133f210f3a9b8cb6L,
-        0x90a01852e96e46b4L,0x5075484c849ce67fL,0xb452de9c8e5b2fc1L,
-        0x0a3a41c03efc8f60L,0x2466d6310970d1beL,0x0000000000000056L },
-      { 0x3ef2e84ffc6a068bL,0xe878a857b90a37d2L,0x983320953070a043L,
-        0x3a884fcd9a96f4a2L,0x023ece985cfe8c13L,0x5d397f8566a6e2bcL,
-        0x566cb17a6e325e8cL,0x8583e930d325b396L,0x00000000000001b7L } },
-    /* 30 << 476 */
-    { { 0xe4e1585378ad5c40L,0x88bb989adac2b22aL,0x0640a72813d25937L,
-        0x453c268adc17fe6cL,0x1405015ffff90425L,0x6df4af98c282227aL,
-        0xe903cd7dcd424986L,0x3a642d65ddbe81a6L,0x000000000000009fL },
-      { 0xf69256ff0b072bbeL,0x025e83d594792f5dL,0xfae73b56e1a0d4c8L,
-        0x41b4794fd773135cL,0xbf533baefa6a7c6eL,0x8d10d72c9370e86cL,
-        0xaf4005bb45c5b34fL,0xc929d758bc34a7d8L,0x0000000000000149L } },
-    /* 31 << 476 */
-    { { 0x4595f8cce9d67ceaL,0x6943ca4166942ca4L,0x53b1cac7945ab052L,
-        0xc6c82175cf0ab86cL,0xabf93f532f16a36eL,0x29a01d58ccc0db55L,
-        0x71cc7e2b2e389be1L,0xef5bd8ce5f396997L,0x00000000000001e9L },
-      { 0x2344a22bfd5a46d3L,0x0e4804a34e184097L,0xb24186d5ae5021caL,
-        0x7688f016081e9625L,0xb42d53683dbc5299L,0xeb8db964fc0f984dL,
-        0xb4ef82a2421e1f8cL,0x1af0710a07050a74L,0x00000000000001caL } },
-    /* 32 << 476 */
-    { { 0x027f4ff2d35b5acdL,0x0e0fec359eee8cafL,0xa99aa6e2544c2a44L,
-        0x0548945fa9de5ee3L,0x02ee7fb3c4c5263fL,0x3fae05eec75a400dL,
-        0x50ecff533640dfc6L,0xe57c180fc0cecb87L,0x00000000000000c2L },
-      { 0x22b3504387ba8e83L,0x6c47f5d21c652199L,0x2ec15d3d19f3260dL,
-        0xcf9e5050e95faea6L,0x7adc35cca4f5d193L,0xa7b0f1f33ddee652L,
-        0xdfb751246e213c07L,0xe33a115a7946ddc3L,0x000000000000009fL } },
-    /* 33 << 476 */
-    { { 0xbad8626ba00b3223L,0x28f525c1276bf50eL,0x5473d3efd0d599f9L,
-        0x8327c435483a8f1cL,0x0d6bd8e891b88a89L,0x3ed2f18bb691fa7aL,
-        0x4bb37c999089f2dcL,0x7872a7d971139d0fL,0x0000000000000073L },
-      { 0x5075c85dce1794aeL,0xc677297b24378c22L,0x9f7ff8617d981d06L,
-        0xdff027c8defa63c3L,0xebe3157882b6ae41L,0xad2afc54c16e74baL,
-        0x29f51ea9c2b7ede2L,0x8af4f36efdc2ad9dL,0x00000000000000eaL } },
-    /* 34 << 476 */
-    { { 0xaeedb8fff0380ebdL,0xb4c5f02397de16e4L,0x6d48399034558657L,
-        0x7c35f8d58dde237cL,0xf6476a21ade8cc2fL,0x610f9504bf380f9cL,
-        0x66d63301ba054ee0L,0x2f1bcb891340be68L,0x000000000000019bL },
-      { 0x4a514ab9bfab6e8bL,0x6602369b2eb7baf6L,0x6642e1f1c7c4bd05L,
-        0xaf22b1bfc31de5beL,0xac45bff337ba8dfeL,0xd3d3be278a0f3484L,
-        0x39ad805e35d3e9cbL,0x5cad4328fc61a017L,0x00000000000000a1L } },
-    /* 35 << 476 */
-    { { 0xb485946aa3d8dfadL,0x1e0ef60f4d09e4edL,0x2465fb251f947cd4L,
-        0x86ac22024f26eb6bL,0x1ef5a7e60ade65acL,0x7e9e1e9ad1343201L,
-        0xaac3955c7be0aaf2L,0x59c532f852752348L,0x0000000000000136L },
-      { 0x502f0d9b95d6df86L,0x695153fdc8819108L,0x46488395b504460bL,
-        0x0dd02f9d7f9bedf1L,0xd03f5b64be406a37L,0x81ca920f0d3f5fa5L,
-        0xabc154fa56564543L,0xf7e482f6ad9dd5cbL,0x00000000000001c5L } },
-    /* 36 << 476 */
-    { { 0xed7c87484052967dL,0x539e1bc034ec54e2L,0x45a999801315ccc6L,
-        0x6ebab37dfd3c16fdL,0x35c88fd9776a636aL,0x1d5074b9545a61bbL,
-        0xe13c2ef55e5fa705L,0x161fe458b33824eeL,0x00000000000000f3L },
-      { 0x6e403b0577aa5135L,0xf830daa6bc413029L,0x778b4c30533435acL,
-        0xd8436f9421a4dbf3L,0xfb75c9677ef5d437L,0xbf31e122f1c93e89L,
-        0xeba1e3bc524a71d9L,0x68458dac4b75e86cL,0x000000000000006fL } },
-    /* 37 << 476 */
-    { { 0x6f4f3dd0662499e4L,0x52fc1991d3366014L,0xf3e18982832a72b8L,
-        0x139e6a0aa61c4ed6L,0x30f28391fc271a46L,0x0567b845d969103fL,
-        0xa37f178406ccbc6bL,0xef56b5fda5093031L,0x00000000000001deL },
-      { 0x1254563e29bdc854L,0x51dffa0a17e7bfeeL,0xeb23b7b813055a8eL,
-        0x6a0c00672f115b69L,0xfde42254f5451cf4L,0xfad70d3250091f5cL,
-        0x8e3344f7169ff7dfL,0x509c843aa437d427L,0x0000000000000195L } },
-    /* 38 << 476 */
-    { { 0x34a512a52212da86L,0x35e49c33dc085fa5L,0x67559f2c3268fb8fL,
-        0x5a0e4c28fa04bd3eL,0xcc71661f406b00b9L,0x10b53ac137f6f369L,
-        0x322427439de56f17L,0x50992ef21074232dL,0x0000000000000086L },
-      { 0x2710c0242e9778bbL,0x6a445e195e6730f9L,0xe9db7c6b182bcf75L,
-        0xcc2c0c169cff3237L,0x38495c929e91016bL,0x14a3999b65c4b494L,
-        0xb94667e0ab92f8ddL,0xc52df245a2e4dddcL,0x00000000000000a7L } },
-    /* 39 << 476 */
-    { { 0x24b43f0449465931L,0xe9846e833c923c39L,0x640cf800272924aaL,
-        0xc9b6037cebb88275L,0x3e920427a1656018L,0x7cb62370b8f85c77L,
-        0xa9df472ad4347c6bL,0xe438aa66e042c30aL,0x0000000000000031L },
-      { 0x853f201d6011ebd8L,0x065d9edd4ce480a2L,0xc2eabdfcee6a18d9L,
-        0x9a03831d83905426L,0x09d2b3fc3a039862L,0x75040f7227c291b3L,
-        0x77dcba094598435dL,0x1391704ac9b9e54dL,0x000000000000018fL } },
-    /* 40 << 476 */
-    { { 0x0cfe94974ad63b91L,0x39411a2cadcc08d6L,0x198aa66d98605b89L,
-        0x0c1153da708841cbL,0x7edd21f29e46a446L,0xa45f38dce62221fbL,
-        0x9cf28ee83580482bL,0x06aeba1fa674e7a4L,0x000000000000015aL },
-      { 0x38e7fd4db449387fL,0x6179190109421a33L,0x65c1a5844fe13330L,
-        0x6fbf269567144a82L,0xa06241c4d40afbe0L,0x9af35b88eff6a461L,
-        0x001b6b24e2be2435L,0xf1ec4414905dddc1L,0x000000000000000fL } },
-    /* 41 << 476 */
-    { { 0x00de445f7006f9feL,0x0786824e311bf00dL,0x8206644605c0fce0L,
-        0x25cc4fd9905278f0L,0x1882ee6eaa7c33ffL,0xcd1577bc651cdc8dL,
-        0xd31936e360161788L,0x9ab9852fc5fa4f46L,0x0000000000000170L },
-      { 0xc3979e72c25c1871L,0xe6ab079252c82442L,0xa1da5c25e8949acbL,
-        0xd91b3d9bf02b7d0eL,0x54fa0575516699a2L,0x8efb5dfc11397f0aL,
-        0xa694a0446f27a9ddL,0xd776b8b7635f3527L,0x000000000000009eL } },
-    /* 42 << 476 */
-    { { 0x18ceeb27896f7815L,0x2e6a7298196a8bdeL,0x3a104d3eacbe43a9L,
-        0xcc207227823bbaa8L,0x6d905c49f492f53aL,0xe6ff675f6839c256L,
-        0x0458eb94c0dd385bL,0x0fdda10a3f558bdaL,0x00000000000000c3L },
-      { 0xaf516cffa8da33b6L,0x1ed91b01df22270bL,0xb11f0c5561393addL,
-        0x44c5ae29d31390f1L,0x5b2b530a894ae78fL,0x4dbdca81df45dc47L,
-        0x5f0834c94e3827d0L,0x302a6a06ea2a27c6L,0x00000000000001d3L } },
-    /* 43 << 476 */
-    { { 0xbd2cdcafcbac1d22L,0x8b67a628bbf18095L,0x8360fbd4b99755deL,
-        0xaa3c1abd36b6a3d7L,0x90258eccaa6f0471L,0x75df5700a954109eL,
-        0x6ed4ac78486b2593L,0xb456ccbf8b51a370L,0x00000000000000d0L },
-      { 0xa6aa0ad865cf6c0aL,0x3b1965ac95863b68L,0x129262647c831811L,
-        0xb02283d73e9eed94L,0x7314ae01b2126091L,0x39219a7287aa13ddL,
-        0x2ee49375c32a59baL,0xcb689e7335851c67L,0x0000000000000109L } },
-    /* 44 << 476 */
-    { { 0x75c28be714a5265aL,0x8dd13c72b4c7802dL,0x26d2cee7c8d89192L,
-        0x83c5d55d24272316L,0x882f4e1c4c5b6041L,0x477bbf51d3237af9L,
-        0x929ad1da89e4635aL,0x462e54e4440dcf82L,0x0000000000000115L },
-      { 0x92e86b7bd6710cc8L,0x9ae2cb4c210a3bdbL,0x5e366b0765cc970fL,
-        0xe0c9c82b7713075fL,0x4fe46ed1410513e1L,0x655944acf5b5edc8L,
-        0x328afb24e3986180L,0x2c86c170ec210c87L,0x00000000000001afL } },
-    /* 45 << 476 */
-    { { 0xdf078ff3615fae7bL,0xbd1e1ff130dfd4aaL,0xb5acc56700ef9988L,
-        0xc8deb6c5e593e61dL,0x9705431612ce76fdL,0x466d5faedc8235fdL,
-        0xa7887816e3802e8bL,0x8c477b7168cee998L,0x00000000000000caL },
-      { 0xf7f7097b7146d6d2L,0xbf5012c5ede058c0L,0xf093ce34a1cd690aL,
-        0x6412920239deeba9L,0xfad016ef45d0ec64L,0xb8006ac513ce1bc2L,
-        0x519ff55a527f8971L,0x8203739fdf660805L,0x00000000000000d2L } },
-    /* 46 << 476 */
-    { { 0x589116a0f1e8c56fL,0x6ea85ed6cd20d5b0L,0x5f1f5d6832ad1f37L,
-        0xf98c761eba7ec611L,0xf5295fcd103f1f7aL,0x26b7bb746cd41f07L,
-        0xd8ab44aaa0d20471L,0xbf4002f4cac0098dL,0x0000000000000182L },
-      { 0xc6e82ac8c6c269e5L,0x5140dd2468160d85L,0x98e7440ceaed9d4fL,
-        0x72eb1107ba61a8c7L,0xced4753f28c51ea0L,0xfbae3303b6a8c96dL,
-        0x2b03bdff7c3e52e5L,0xefe149227825d3dbL,0x000000000000002bL } },
-    /* 47 << 476 */
-    { { 0x42359d455c79dd95L,0xc58e19f927540084L,0x430f0e5278fe7d63L,
-        0x16a8589a0faf615dL,0x3839b8a7503a9f7fL,0x0310ebe623e6b6b5L,
-        0x2c585bbb62de235eL,0x91cdb04da2d3388eL,0x0000000000000035L },
-      { 0x31b09c074ccae626L,0xbad7e2a38eb5fd2bL,0x609f75e05bed3b8cL,
-        0x61ae6c2b8b23d6a9L,0x7f9c74bb2b493455L,0xa7ca5bb0beb78ac5L,
-        0xb2413a13d4af6a09L,0x23169f3e554697ddL,0x00000000000000baL } },
-    /* 48 << 476 */
-    { { 0x6e965255ef4b1b98L,0x3f63b6bd8ba97bf6L,0xc6cacadb19bb0ba0L,
-        0x9f88f0c83c8edcc4L,0x3a2d4bc51a489aceL,0xaa3075b75529bb67L,
-        0xcdb0c4d6ffbbd2bfL,0x4a3b41d33a568fd4L,0x0000000000000146L },
-      { 0x46442711effa56aeL,0x941858d847acc062L,0x9480d79c7434d565L,
-        0xa92e885943322eccL,0x650cd6de5f82931eL,0x4ef5d48397876156L,
-        0x04ca704aaaf946f4L,0x75258aac0a95e02cL,0x0000000000000132L } },
-    /* 49 << 476 */
-    { { 0x2544f5d10856d9fcL,0x29678dabe80f610dL,0x0987e134066ea695L,
-        0xa208023070fe1ac3L,0xc65df557fb51ba2bL,0x60a2d5693320b29dL,
-        0xd097f83de67d902dL,0x7f92f3d3d76522f8L,0x000000000000005fL },
-      { 0x7ecc057cbd6ff176L,0x5abcb1d0d907062dL,0xc49f4bed9fd1bcf9L,
-        0x4042dd6399c27c6eL,0x1b1a7480a867644fL,0x8d65632c49d3134dL,
-        0x6f31a12a548695a9L,0xa0abbea7be0ed228L,0x0000000000000170L } },
-    /* 50 << 476 */
-    { { 0x16e0e933c494da37L,0x3018f05aa75b90ceL,0xa382c38aa8dffc72L,
-        0x66775c45f105047bL,0xd4f234b08929555fL,0xfc5c829646525c45L,
-        0xf65136353442a793L,0xcf862712fbdc67ebL,0x00000000000001adL },
-      { 0xa1afce91c8e7f888L,0x23a79d7eefd25a7bL,0x36d5b89881e2f333L,
-        0x4e9f1db4e12880deL,0x4ae2df6b6ea83f9eL,0x3dacb4b7f81caaf5L,
-        0x03d46680fb01b238L,0x3b6ef2c1077e2c41L,0x0000000000000104L } },
-    /* 51 << 476 */
-    { { 0xb5549eaaade2d6e8L,0xecee8b8177078851L,0x75f43854e0913393L,
-        0x5752bf7208c25924L,0xcf0f36aa1873d036L,0x6fb99df52d814f28L,
-        0x12fcade24f4460c7L,0x1f39dfc0d1ff8940L,0x0000000000000073L },
-      { 0xc4821f9e1f3474cdL,0x52eae506d410f535L,0xe5fdda1f337122f1L,
-        0x7436c966551d7704L,0xb1315a9b7e5d83ebL,0xb47b7fa163dbe687L,
-        0x9de3f163e1ad5528L,0x4eab78571865d6caL,0x00000000000001e9L } },
-    /* 52 << 476 */
-    { { 0x4e989dfe03410c9dL,0x33cba247a0b9dc26L,0x00a287260ec09c0fL,
-        0x5ef32ea9166a3d1bL,0x11acc0b22efa02c9L,0x78780ccbc37bb3a9L,
-        0x80695d7957cd294dL,0x2d2fcf8d22a843baL,0x00000000000001e3L },
-      { 0x01b2f4a035455b91L,0x0501fad5292c8300L,0x1d2c358027a13460L,
-        0xc58b09314cdbe18cL,0xa00615bb09c40371L,0xc07dc42a31e3bb1eL,
-        0xb85f8730f5bd0e84L,0x9f6fbbfff41772afL,0x0000000000000030L } },
-    /* 53 << 476 */
-    { { 0xd09c91bc77553a15L,0x361e49601bd5da39L,0xd3980e9f72042f3aL,
-        0xfcd4543d671a9b4bL,0xe0f776a8a6acfc0bL,0xca99229a69a5624aL,
-        0x831862aaa1f64885L,0x5883a7af179436caL,0x000000000000019dL },
-      { 0xc40411817d06a8c9L,0x8a0941ef8965fae2L,0x6150d992eb25d71bL,
-        0xfbaf356ee2350cd8L,0x5cffc7c6a439b155L,0xc3566052a70c21ecL,
-        0x9d4432847f016d22L,0x30295f053f58948bL,0x00000000000000ecL } },
-    /* 54 << 476 */
-    { { 0x6f279f62ede689e7L,0x9b66e05622e958e0L,0xbf0df539b143ca4cL,
-        0x945ffe3c094f5f2bL,0x425a9a9008dcd6e5L,0xef36de89a6fbae42L,
-        0x9e5291e573bb2760L,0x93b5925a57d1173aL,0x0000000000000183L },
-      { 0x4dda1a9760968355L,0x7c45e7440760b638L,0xa80c805f102af8e2L,
-        0x3b784e7d0d1802b6L,0xae9196a070c07c40L,0xdec2da01ef7d0af9L,
-        0x0159c65e60349221L,0xea3091d6801d78d6L,0x0000000000000080L } },
-    /* 55 << 476 */
-    { { 0xa09d33ba8c2aa8bbL,0xa73e2da2a4db5575L,0x62caaad1556990feL,
-        0xdaffaed72d31b382L,0x8504f2e08be1f79cL,0x15f8630b9a60fca3L,
-        0xa2ac9180540630ccL,0x1190d92dd7720e42L,0x00000000000000d9L },
-      { 0x208070c9c36d06deL,0x1b195581806e6fc5L,0xe358e901b6f52524L,
-        0xdc2bebf342ab3a2eL,0x4825f836a7a28526L,0x64ea6668c0a29d15L,
-        0x8c66792927af62bbL,0x3b9b031889fd3214L,0x000000000000005eL } },
-    /* 56 << 476 */
-    { { 0xa901a71312538fe5L,0xce0c9871f2f66dccL,0x05e90fbadbfa8c57L,
-        0x82626b4d4a84065aL,0x95101f3bcec2fdc0L,0x00fedbd1c2389459L,
-        0xc38e00945c1ce6acL,0x07d68900b4ef5efcL,0x00000000000001c7L },
-      { 0xbee9a6aacab8c27bL,0x5a8c52d998486109L,0x68351a08da2cf44fL,
-        0x83e72bad29e7f1a4L,0xf6397648b1220a5cL,0x791fb8c6230e46b3L,
-        0xab83c6386b1dfa43L,0x8b7d1b711d99ac55L,0x00000000000000f8L } },
-    /* 57 << 476 */
-    { { 0x765aa8e7876c772bL,0xe6843325b5b97f6eL,0xfe9fd6c58ab54c16L,
-        0xd6a1e62441d8de82L,0x42a5842800260cb5L,0x407b0e42520aab9fL,
-        0x039d551ec8ce6af2L,0xa884cf26f0a5f4d6L,0x0000000000000155L },
-      { 0xc32e89bf69c53346L,0xeaabbd18c5e05a39L,0x88520159b89c3d28L,
-        0x9d7431d255e2270eL,0x6a27c977c289dff5L,0xfcd3b6da33729f3dL,
-        0x30a1e20283c7398bL,0x19f5f537da4e5125L,0x00000000000001dfL } },
-    /* 58 << 476 */
-    { { 0xd6b1be19b2227e11L,0x089708a5103e4640L,0x234103f813d0eaa9L,
-        0xcad17afd3fe18f65L,0x86b69be58933c95fL,0x3cb944820cbde5b2L,
-        0x63ef96ce553e46ecL,0xfcc54f027ee7ab01L,0x00000000000001edL },
-      { 0x6c85f7c1b24788e5L,0x3b7135a7ed618715L,0x7cbeed1899453d4fL,
-        0x2494a201ee56ea6fL,0x718327b3cff78c9cL,0x0b51a87c87f006c6L,
-        0x0da34203f2a2a6e4L,0xdef43eb70f3d8ddbL,0x0000000000000118L } },
-    /* 59 << 476 */
-    { { 0x5660ef89fca5e4dbL,0x147cb2c562b1adafL,0x656e8f4565f6200dL,
-        0xed790c437415cb36L,0xe9edf21257aa09adL,0xbc19c5fc95d36d02L,
-        0x43f17f8678de47e7L,0x2850fe7691b3b0c6L,0x00000000000001f9L },
-      { 0x5d9cf8962551c84dL,0x66bba935edaea8e2L,0xa8ad879ddd2adb96L,
-        0x332b3b65a8ecffc5L,0x598adbd76449ab1bL,0x92d14bb3e3ab3305L,
-        0x5288b2dff02d0b51L,0x63556a666aa36025L,0x000000000000008aL } },
-    /* 60 << 476 */
-    { { 0x26693bfd33fd2555L,0xc6ffca6e0d7d3eebL,0x3df570919647dcb9L,
-        0x05ee7744cd5235acL,0x4f33bcbd0acccf3fL,0x10ff4e69e5176e6aL,
-        0x059a1dbefd230eecL,0x1589dce81c63e145L,0x00000000000001d0L },
-      { 0x283ef53ad892bae1L,0x25787ebb1e7b35adL,0xe4d612fe84ddaa2bL,
-        0x1350f60986da9a4aL,0x0daf1a86d28940d9L,0xb58efecedc742269L,
-        0xb316aea1c05daa85L,0xfc0c48a1c8adb92fL,0x00000000000000caL } },
-    /* 61 << 476 */
-    { { 0xc8e460eb5db3df35L,0x4a3b8c99fc914e7fL,0xf8352c30e961adfeL,
-        0x2c2fe81b2f9c30f6L,0x3f8d9d32676a3d21L,0x663e1dea77a990a5L,
-        0x54974a741998b5f5L,0x78968bd0304b02c2L,0x00000000000001afL },
-      { 0xf07c9eb52479b8baL,0x90a4eb34b2f78c13L,0x8d4c1421d769cdf8L,
-        0xc2ff257feac177e7L,0x5a7f84c740363d1bL,0x845c7d87cf3e6f23L,
-        0x0801827661f1cc24L,0xa6f875b23bf25783L,0x000000000000019cL } },
-    /* 62 << 476 */
-    { { 0xf9fefec9d7a4cf66L,0x38ce98608bfc8387L,0xd72acfec1c10d914L,
-        0xc98c23e6f2daea2fL,0x9395abfe41cec6a9L,0xedde92f2ecab3380L,
-        0x403c12cfece67cd5L,0xdc77f38e72ef3b83L,0x000000000000015cL },
-      { 0x05d31e27bdbfeae2L,0xeed3521c3cbc6102L,0xdae5b97d85b16c89L,
-        0x2211c4770d03349eL,0x8de8a13fd5f6ba3cL,0x769676f194a76b70L,
-        0xd7487982a0097db3L,0x39c43746da241827L,0x00000000000000cdL } },
-    /* 63 << 476 */
-    { { 0x5c311656b5797336L,0xe90cb3caa840d076L,0x20bbd61e2cf37453L,
-        0xa0d0e7e30487e7aaL,0x56ab5c950c73dd7cL,0xd239c650a42de3c7L,
-        0xf6bcaab92e59b709L,0xfcd8f1277623641cL,0x0000000000000162L },
-      { 0x6025552300cd2ba8L,0x95be73bfe5ad4751L,0xac7188bc800a9c4bL,
-        0x7f30bcb9e920f752L,0xc9b970f03e122bbdL,0xb95efc15eb82e5bfL,
-        0xed09e0d7aecce9f3L,0xa75e92cdb123af88L,0x000000000000002cL } },
-    /* 64 << 476 */
-    { { 0x7aaa8f37d3cb8e9fL,0x8f3b48a91a73d853L,0x783ebbe7ef285a53L,
-        0x4f9d97291c3ef389L,0x130f276c6453da69L,0x76683273834facedL,
-        0x026a3722af5af17cL,0xd588aa37f08a5e50L,0x000000000000016dL },
-      { 0x81b6610bbbdc76b3L,0x406785dd563a6902L,0xe0755f6ced775283L,
-        0x08d6c84753b16d0aL,0x48ebb570654f906aL,0x3f0c62b7184b373cL,
-        0xd6bb91b6314d776aL,0xab9bfb3a224744a7L,0x000000000000012fL } },
-    /* 0 << 483 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 483 */
-    { { 0x5abd70212d7e7be5L,0x5ae72dd6b01cca76L,0xba2a179499fa6345L,
-        0xbd22d699b5d0cb9bL,0xde336adffce9c6b9L,0x602dc43cfb816436L,
-        0x9d86318f33b17e66L,0x43f8ee75dcdd628dL,0x00000000000000e6L },
-      { 0x1bf13bba3d223930L,0xd77bbb123b6b0034L,0xa4ea21c4be34bac8L,
-        0x95e5f221aab61589L,0xb4494eb79d411c28L,0xa423c6f5cbe6faa1L,
-        0xab882ee7a6e4e735L,0xb36eacdb546545b3L,0x00000000000000c2L } },
-    /* 2 << 483 */
-    { { 0x651b47c813b42e63L,0xe705441316bee2b6L,0xdcf60ca386a71ac0L,
-        0xabddb357e3baf787L,0x99d631d181a2db2dL,0x3f1e3c7fc8c9b834L,
-        0x3b30fa1861adf4d7L,0xd1d8d98014b9f46bL,0x0000000000000139L },
-      { 0xae6f6b72f6af1252L,0x0fc583984ff8a00bL,0x1b2c0cc5a81fd641L,
-        0xbdcaabe6e68b6fbaL,0xd1af82fe70b14e44L,0xe9c35419e55ce735L,
-        0x3c83d9dc01dcefb9L,0x42604200fb5824c9L,0x000000000000011fL } },
-    /* 3 << 483 */
-    { { 0x83b863c448455ab7L,0x76d7a946b45ec4d2L,0x3a26946f1a9dbb92L,
-        0x3912023daae7ac94L,0xa55fdf4ab43e7baaL,0x0b84464b5164d35bL,
-        0xdafbaecd58ac3925L,0xcf5aa8cb1f7b30bdL,0x0000000000000089L },
-      { 0xb3fa2268858cb669L,0xd325b4a6074aafacL,0xe364297587e39973L,
-        0x1d9aac78d8125423L,0x205ae65940a7d2d6L,0x102e8f88220f449bL,
-        0x5b98b50f429d6d97L,0xef341ac978674bafL,0x000000000000002dL } },
-    /* 4 << 483 */
-    { { 0xc4c1d5064d245501L,0xc7c62e341083602aL,0xd5d6895961f152c7L,
-        0x3b142866906e6f00L,0xfa4d7aec3468335bL,0x6c36da5cf4687f7fL,
-        0x6643389b0dc658daL,0x99cb5866d8447de8L,0x0000000000000037L },
-      { 0x0fecfbab807a703eL,0xeca0bd01ee68c875L,0x375589c920d8bdd0L,
-        0xc0fbd62f14025692L,0xbf5a0c1ee6b70d27L,0xf9630aed9cbbb1aeL,
-        0x9776abebba99b392L,0x883c8b53c97978c6L,0x0000000000000095L } },
-    /* 5 << 483 */
-    { { 0xe79aa3fb79b1fd27L,0xf4613c54cb46f207L,0x9a56f2c3b0a5bcd7L,
-        0xf6ce188a5ecd38d4L,0xfd52c36f90250becL,0x182bd1b97d054438L,
-        0xb1401bdf2586edc0L,0xe147512afa989224L,0x0000000000000044L },
-      { 0x68fea57855a2d55cL,0x547f9129b57a7470L,0x4627c2ca8df3b0d9L,
-        0x4ef699bee8aad7cfL,0x62677d53f996c4f1L,0x7f79982e924cf349L,
-        0xbd5db9da4d785216L,0x2554390fe96df8acL,0x00000000000000baL } },
-    /* 6 << 483 */
-    { { 0x753ce74ae22f1171L,0xae29377f15f959eeL,0x90d8c9c5dace4bdcL,
-        0x45f210f7ab4dcffcL,0x32135e10e1283166L,0x23a0610932072197L,
-        0x4d3cccb74d767572L,0xccdc43a3807a50d1L,0x00000000000000e5L },
-      { 0x6a5534206880d712L,0x92b60f04dd80c4cbL,0xf3538ba2dcc9d35dL,
-        0xd3166fafd0787305L,0xd2a1b177b7d68560L,0x847aaf905e9f7915L,
-        0x210046e55b83cc7aL,0xd26ce0bdb4964926L,0x0000000000000179L } },
-    /* 7 << 483 */
-    { { 0x2a569603208e6bcfL,0x8d08f4df9f8f8597L,0xc13bef95f9d62574L,
-        0xc17f7fae4fdec97bL,0x7810ce14a511c162L,0x10fa0d23941c7cd4L,
-        0x2f41e9f76aff6e68L,0x70665ea2ffb8f648L,0x000000000000000aL },
-      { 0x0b5f267fff4baad5L,0xf1f79c10cb85a780L,0xd2003dee61e33305L,
-        0xda556c2fbc3b90cdL,0xbb799f45e116a936L,0xc6183fd80ce85ebeL,
-        0x57b3224fa035eef6L,0xf6840485e96bc901L,0x00000000000001baL } },
-    /* 8 << 483 */
-    { { 0xdcbfbb8be5f5826eL,0x31fbd1c02954969bL,0x452c254d09536e44L,
-        0x6b733e3b36cd821cL,0x8fdfe02f2d8260f9L,0x26163d810e2a44e3L,
-        0x23e435a33e2e3a4fL,0xcd8529b5777baa61L,0x00000000000001c0L },
-      { 0x634dd97aa246d14eL,0xdfed13a7d443a978L,0x4668e97a8752bec5L,
-        0x1f52f42826a0f8e7L,0x0d69a760308ddff1L,0x54602bf7591ed51eL,
-        0x223e342b3bbab1b8L,0x1cf905cbd5003ef7L,0x0000000000000132L } },
-    /* 9 << 483 */
-    { { 0x070339e46d0ba610L,0x57de05dccb0e3fccL,0xb4f1cd37d61a1266L,
-        0x92ca341caa4f2316L,0x4ae641fc258976faL,0xdb7cb7cb079c8bcfL,
-        0x88c11cb58ec68df1L,0x42cb801909df9b8bL,0x0000000000000198L },
-      { 0x3cd7238e57aded5eL,0x0773bd3cf50528f0L,0x4c2b4f24c93b6753L,
-        0xcbd40a940481c43dL,0xf37fc077262905a7L,0xf079fd24bcc8664cL,
-        0x6e7453fd34a874d0L,0x41d6bcfaae635cd9L,0x00000000000000f7L } },
-    /* 10 << 483 */
-    { { 0xdebd96ecded7931aL,0x409a230cdfdb9955L,0x0eae02d5b65c48e6L,
-        0x3ab3dff83515edc3L,0x0440a0c53d119f82L,0x7601d278f7b8048fL,
-        0x3e0da58153655d73L,0xa04162f342c66d32L,0x00000000000000b9L },
-      { 0xdc305022e0d030b2L,0xb812c6a1af7d339eL,0xf845455f91973a30L,
-        0x3a40c4d454ade939L,0x7d5b0f691e0972bfL,0x7eadf7a28839861aL,
-        0x87a2e7067d36e5a8L,0xa25554c5d13c7670L,0x0000000000000055L } },
-    /* 11 << 483 */
-    { { 0x2f313869d8f59e86L,0xab16466f00c93e40L,0x534952a8f5901890L,
-        0x597b8bbfd3e7e334L,0x2a1d5909bf2e93e8L,0x74910268a78e52c2L,
-        0x3c2077e0e09c8fbcL,0x36e2b7500dd6ec37L,0x0000000000000168L },
-      { 0x21c2d362c58660b7L,0xcf97b440205ece90L,0x81e5da200af6629aL,
-        0x285fd88ad30ea06dL,0x9da2d653cf67478fL,0x6cb24c21fc1128d3L,
-        0xc32d0dc119cc5d3aL,0xffc4fcd6ca1c7866L,0x0000000000000113L } },
-    /* 12 << 483 */
-    { { 0xfc6e3abd7e791a5fL,0x8b60a8b7394f9865L,0xf07f164cb0f31984L,
-        0x3b0f7be135fbcdd5L,0xfa914a53c372e0ecL,0x6142002a0392f749L,
-        0x8f7ddc3b952ccab5L,0xcec17ddfa5e85e1dL,0x00000000000001a1L },
-      { 0x376e182e3bfb6450L,0x34275e3b5874742eL,0xc6c3bbc436fd4d5bL,
-        0xd5359a5f17024a3fL,0x690901d1be783d99L,0xd98f0714be92b949L,
-        0xd7ff8e0ffa44b971L,0xae0b1ea4a248a978L,0x00000000000000a5L } },
-    /* 13 << 483 */
-    { { 0xf6f8b353b1fa4f9dL,0xbc0ae01304d67400L,0x95e7d657984c5864L,
-        0x6e6799c1923cd2bfL,0xa98f35f7c07c86a9L,0x5149ab912c79f53eL,
-        0xb8219f4e278fa756L,0xfc6562d707de4775L,0x000000000000007eL },
-      { 0x92731c6de48adba4L,0x479c5d6bec0f7335L,0x8cf900f0a1d5e919L,
-        0x4bf6c08bfc45f29dL,0xee14bfe8c59cdc1dL,0x134bf2088cb8a93bL,
-        0x8d9f4d2221f26bfeL,0x602528a79bebee86L,0x00000000000000f4L } },
-    /* 14 << 483 */
-    { { 0x8ec2bc822c79e1e7L,0xec5c692cffb8b4d4L,0xa0d4d5090846b9f3L,
-        0x41eaccac33456629L,0x43e23429d484f510L,0x0bf959d35018896dL,
-        0xa817bfedf257daf3L,0xcd04bc49a1fb8e26L,0x00000000000000bcL },
-      { 0xda060441d92bced4L,0x278c04c95d4ef4f0L,0x8b6f0231396b753dL,
-        0xf68caa504533e041L,0x49d2f5f1d52bc9bcL,0x83ac55150141e329L,
-        0x453951c6c866b038L,0x09b032d479acdc69L,0x0000000000000196L } },
-    /* 15 << 483 */
-    { { 0x067e44283cbbdce6L,0xb8ebf52529eab785L,0xc28bb79079474bdcL,
-        0xc29cfe635c83856dL,0xd95ac7b911322ac1L,0x8e3d2b8879c119f1L,
-        0x9870c2c572896608L,0x2adcb4c763374d0cL,0x000000000000005bL },
-      { 0x2dd8023e63551e79L,0x5ae537db0a8e6116L,0x4fd274598917909cL,
-        0x5e805e1cb79a58c9L,0x12d0b7a853b21d48L,0xf80dca62cba9f1baL,
-        0xf90fe39681b2231fL,0x552083b960bab640L,0x0000000000000170L } },
-    /* 16 << 483 */
-    { { 0x1ae0819be9933309L,0xdf8bdb84232a74bfL,0xe0cd42ac756981f5L,
-        0x658128186734b942L,0x6b63d0a2f4accf5fL,0x4dc5d87a55294162L,
-        0x0ba927b230bc9a8aL,0xcdaae01ed8e36a78L,0x000000000000013bL },
-      { 0xbb632bfe8e1f565fL,0x29ebfdda53e94443L,0x1f98a0d3e10d165bL,
-        0x9f82830c637c795fL,0x3b33128740e0c47bL,0x8940d375f4bee639L,
-        0x05cc4dc38b8ad839L,0x3b4d9dbe10d505eaL,0x0000000000000117L } },
-    /* 17 << 483 */
-    { { 0x7549c45aa2216b1aL,0x221596f16518866eL,0x4f8ca3c1fe5fd8e9L,
-        0xb78df22a96363b34L,0xd189cef05ae37982L,0xc157b84591a02318L,
-        0xe1b74e4197511a4aL,0x5877f96c53320c2fL,0x0000000000000025L },
-      { 0x12689dc6861c57bfL,0x598b361ad283a108L,0x939b82fb7fa13a89L,
-        0x311cca2a36cfe81dL,0xec335b17bab0c07eL,0x440b8c5c65642a12L,
-        0x813884de04a2ed28L,0x7d19429e87290a2bL,0x0000000000000069L } },
-    /* 18 << 483 */
-    { { 0x5753bbb8a848cf13L,0x82b32a43d90c938dL,0x7f5770d7e6faa6e2L,
-        0xc7cbcaf37d684cbcL,0xcf943b1b2e7b48a1L,0xd1a7ee6f8d5c5321L,
-        0x1ab34e2d15cc06dcL,0x27d2cfbb74b5a5cdL,0x000000000000006eL },
-      { 0x022c5255ad3c3bf9L,0x3026a8b4f744d697L,0x5cfb32d674b6a2ceL,
-        0x8df70a0b5e50e51fL,0x8c9156a9ace784b5L,0x2efad6cd487c3a9bL,
-        0xf5e804c0aa2cec88L,0x5780cc59f9bd480cL,0x0000000000000035L } },
-    /* 19 << 483 */
-    { { 0x89c3d30477369722L,0xae2ecb09201a68c2L,0x8d5769fecab6da8cL,
-        0x6782778b33aa7ec0L,0xc74ec1254fc65e80L,0x72cc87bf6bdfc390L,
-        0xc8689471ddc0391fL,0x6f58f3f3482baac6L,0x00000000000001e2L },
-      { 0x27ccce608b129566L,0x41008f6064f9fa40L,0x2aa9067f4fa0a001L,
-        0xa1f2ba9a46716791L,0x2d4d15cf3a5e32e4L,0xdc75218aa4f0884bL,
-        0x349e45bfcf86c131L,0x1e11015c3228a631L,0x00000000000001aeL } },
-    /* 20 << 483 */
-    { { 0xf240d36be4ab3d55L,0x7acb5bf0593c4a6fL,0xb7456194130fdfbcL,
-        0x3d3af6220ec1bca5L,0x14a5cbd878b4f4deL,0xde12e1cd6c32e96dL,
-        0x5063ff425b7bce8fL,0x37efaca1003dc72aL,0x00000000000001b0L },
-      { 0x4274de57ccda7e54L,0xff66c962086c6d20L,0xca33121d4c9071d9L,
-        0x97b4200b3e732b5eL,0xec371b1543208ba0L,0xf6aaeaece25d09ffL,
-        0x226e14d2e18bab6eL,0xda5464f9459a3df6L,0x0000000000000130L } },
-    /* 21 << 483 */
-    { { 0x017af4517f7b8b0fL,0x0dfc68bca4a49a70L,0x789e4ac8e231f9d6L,
-        0x20db8ef6065ede81L,0xb739cb55d638a77dL,0x79d863e1184c2b26L,
-        0xca7312bbc0240acbL,0xf300fb15d3645326L,0x00000000000001beL },
-      { 0x1d991e4e459dc169L,0x7000c7d42cd45ebeL,0x96e9b26038f97f29L,
-        0x0c3f5c5fddb39121L,0xabdfe949839ccf8fL,0xa5c2a20559df3d2eL,
-        0x39295c3c114de48aL,0xbf438537678d7b4eL,0x0000000000000158L } },
-    /* 22 << 483 */
-    { { 0x9e96ebde76178c94L,0xb30646eb53081e92L,0xb2541cf8f47b37ceL,
-        0xf5899b4a72cdfe16L,0xe86f9bebbc9855dfL,0xcd97de762a3c7176L,
-        0xe792c9ccad4af521L,0xf4efad3de059fcecL,0x0000000000000153L },
-      { 0xad541c6a53a88fbbL,0x817ceac1fb7c79b5L,0xa4a04dac7daa33c6L,
-        0xfa09f56ff3d2d674L,0x9f53ef31eec7d069L,0xad1e5af49211cd93L,
-        0x0ff0a6dc959d77d0L,0xcb232def76ed9affL,0x000000000000002eL } },
-    /* 23 << 483 */
-    { { 0x9d7f958a886f6543L,0x0cfd178d4b11f4f2L,0xbccf93cb83966213L,
-        0xa733d7f47868f2bbL,0x35b2cefc80a83472L,0x791fd530e3108c17L,
-        0xd8b2fc0e8366c15eL,0x4aa1a7a237d4c1f1L,0x000000000000014dL },
-      { 0x965850c704d1e2acL,0x0cb5a3c0a6d83cc9L,0x1e354634a97bdc9eL,
-        0xc40e3a6cc4361defL,0xf5383a2d1945be19L,0xe2b5c363e4245615L,
-        0x685cd8c1716af301L,0xb0817184a59dc09cL,0x000000000000005cL } },
-    /* 24 << 483 */
-    { { 0x9134dac8966dd7c6L,0xb53909cb72bfde57L,0xa06f7191d2a4fae0L,
-        0xb22a5d860d8aded5L,0x9b0869337ba88547L,0x6a027da5ca1b3e75L,
-        0x55e8542182831df6L,0x52811cacca4fd543L,0x00000000000001d1L },
-      { 0x9184b34252d1a260L,0x046f70f2d4ae87f3L,0x75f0132452052638L,
-        0x9476a1609a4e8cadL,0x1485632621396b03L,0x381f263ff5af85aeL,
-        0x8e77b921f7010305L,0x7fab4d8838f30a00L,0x0000000000000072L } },
-    /* 25 << 483 */
-    { { 0x1ba8c7879deee4caL,0x0de11c34b39ac162L,0xe3c13cf606577091L,
-        0x4afa40f1069ce9c3L,0x8c4c9362c9588cb5L,0x70cefa89fd8388d2L,
-        0x5b93bd0bae70801dL,0xbf19651b29e3f773L,0x0000000000000173L },
-      { 0xcc716100d6635a0bL,0x785ab9e497770cd3L,0x97ad8f05f2d3d0f4L,
-        0x9153f661210b85efL,0x6ea72d9be05e09b7L,0x674d169512a35919L,
-        0x734afc5174d1756fL,0x685d097d4e4a7d3bL,0x000000000000011aL } },
-    /* 26 << 483 */
-    { { 0x586a5a4f92f845ffL,0x4181e8bf433b9969L,0x8ca665031bb30e35L,
-        0xddb8880029ef7c76L,0x91ec943993a91394L,0xa102438734acf11fL,
-        0xb31bab71e3a99420L,0x46671df0823803acL,0x0000000000000182L },
-      { 0x4311612323967817L,0x10bcc7e1d83add78L,0x5cb65ce01b4d7ea3L,
-        0xc204e7395fc7aacfL,0x138fd0eb0df86632L,0x5a7f3bf92920e7aeL,
-        0x323b55da74fb04a2L,0x87a1cd2dcf6b4579L,0x0000000000000105L } },
-    /* 27 << 483 */
-    { { 0x99426408c2095c41L,0x77924d94d2203699L,0x63282e3b8ad5282cL,
-        0x0e342f0a9c3dddd2L,0x0ab9c156579aa49dL,0xfd67a28d49baf18eL,
-        0x9dec1fc0f0ff38bcL,0x2120dfdf91e8bd79L,0x0000000000000038L },
-      { 0xc33a4e7791297f43L,0x90d0ca4fd1d21410L,0xf5e6111862b0ce45L,
-        0xc99e5063601631abL,0x3d22412ec894eb2cL,0x78ce86202ddc8d51L,
-        0x38961c0bdfc1a41aL,0x2b435857e1b449f2L,0x0000000000000190L } },
-    /* 28 << 483 */
-    { { 0x7df95a3c1b3f5cf1L,0x3b30e0f2ea0077fcL,0x733880b50aabcc34L,
-        0x2050bc2701193010L,0x2dd36def5c80fe3eL,0xf2e14b2be8e228d6L,
-        0xf13a348574802ebdL,0xf08bb1ef17f57cb1L,0x0000000000000087L },
-      { 0x4f81dad0a662456aL,0x8c645bb185f5b388L,0xa39acf0e19503f7aL,
-        0x214d1956d7530999L,0x2dfb62dec339d2aaL,0x9c54f1a27a04264aL,
-        0xde5e1fa9bb74e313L,0x3fb024216dcdac67L,0x00000000000000b0L } },
-    /* 29 << 483 */
-    { { 0x23b886a9393c3fe7L,0x7408b94f4b1b33b0L,0x01c0254af542525eL,
-        0x4ce60b318ddf1982L,0x97a6fee7ddee6485L,0xa2f7d7b2a99f2778L,
-        0xe685a50bbaa0ffe9L,0xbb82afef930aaf29L,0x00000000000000d2L },
-      { 0x32e878790644ee4eL,0xf736c70517d83725L,0x44c56e15b3b2e87aL,
-        0xd3eec9133baeb44dL,0xbc10fa0741ad6c2dL,0x26c8d0c696115e03L,
-        0x8d826950a411254cL,0xdde6af743abd2faaL,0x00000000000001bbL } },
-    /* 30 << 483 */
-    { { 0x28702dc496ab1d1bL,0x2dbd79460dc11ba4L,0x0956696b883faf9fL,
-        0xcdb23f5f227932d1L,0x34957d5e0de851edL,0x40065b9ed930f741L,
-        0x1be825122138d1e5L,0xb9f0d75934c7c9b7L,0x00000000000001e3L },
-      { 0xbaf4143b567ead92L,0x5eef3357fb9cc866L,0x4095892ccb122a8bL,
-        0xa3e50ae814b8aa9fL,0x72024c42376f6b0bL,0x6c63ee2ddae219e2L,
-        0xbba101782069c115L,0x3ba8834d7f96def1L,0x000000000000015dL } },
-    /* 31 << 483 */
-    { { 0x2f7beb7f56438c0cL,0x42a16fa2ab4f67d3L,0xbc8d85f6e40ce460L,
-        0x3428e0fb2f34378dL,0xea54de6ddc41a2f3L,0x5ccf4b0d17ba5e5aL,
-        0xe27843c9abf87924L,0xcf117ea6101dab80L,0x0000000000000082L },
-      { 0xc340c90e1e82611fL,0xb894452a8e4173a1L,0x9a4b787ab9afa27cL,
-        0x417736a5d0f14693L,0x5f1a49924ae95026L,0x1206bbd394734633L,
-        0x5dede89ad6f4a4c9L,0xb766440df1f24b1dL,0x00000000000001a6L } },
-    /* 32 << 483 */
-    { { 0x8dd33d1c66bc31a5L,0x80a074959d19c1c0L,0xda13c485e03a1ee5L,
-        0x316d85f968acfd38L,0x8617c80d0d9d6273L,0x6ddebb71f94d5f22L,
-        0x1c3452038efd0a44L,0x7ca0b4067b3746e3L,0x000000000000007bL },
-      { 0xbec7b15087436d56L,0x07cf1192a01f6c04L,0x047b37f6f73971b0L,
-        0x7e7d8b9b5ae1f9d4L,0x0e311b4fca1a9900L,0x5dc55f3d6a81fb38L,
-        0xe257401a2956af04L,0x90c2ad09f66ae95fL,0x000000000000016bL } },
-    /* 33 << 483 */
-    { { 0x6f3e5a621a735a98L,0xf17c344e4c0f9811L,0x0985657887068d99L,
-        0x3c9e47d0fdd2aac0L,0x9ef34869797f8a14L,0xbb27f6da4ee23bbfL,
-        0x51b7f59c213596cfL,0x60aed74c54a4b339L,0x000000000000012fL },
-      { 0xbc361782384a09baL,0x6fb5c273ea0b54d1L,0x41d2c9755423bc32L,
-        0x5938aef020a6d38dL,0x07e0841a132dc550L,0x0b8fe98196944602L,
-        0x77ce11d1eff12314L,0x13b30d3f01450ca9L,0x0000000000000127L } },
-    /* 34 << 483 */
-    { { 0x6167ce3b4c38b2f0L,0x78bfe46ccf1a74b9L,0x40519177b17eb1c4L,
-        0x5379831fa2ea88f5L,0xc7aa54520f90d032L,0x1b77f1a1b1ad4c9bL,
-        0x1456a598aa55a518L,0x638b62720114002aL,0x00000000000000afL },
-      { 0x2c04235caac99882L,0xbf34e8dd41d65ef0L,0x49e51a8c79af103bL,
-        0xce352f3a901a1a57L,0x00e123f6a49e5646L,0x351a25801d22efc8L,
-        0x883f53b385bbb439L,0x7ad4f5539780ce59L,0x00000000000000afL } },
-    /* 35 << 483 */
-    { { 0x317db0ef6b43f86dL,0x187e452ec376cdd6L,0x1ee31d29b1c17bc5L,
-        0xf0c4ae43e8a19f7bL,0x71525f553e9bc311L,0xe948de7a66d91aafL,
-        0x947a0c70638f5b34L,0x8affa837e7c40657L,0x00000000000000e6L },
-      { 0xc76f3535c3acf132L,0x6066128710d80c77L,0x55db52e39cfad0bfL,
-        0x9d65e598c72d88a7L,0xffe8b7d5a016cceaL,0x73cd6e7bfcc198bbL,
-        0x90142e63f7277c8aL,0x73d673ffedace584L,0x000000000000009eL } },
-    /* 36 << 483 */
-    { { 0xfa1c0bda6a639f04L,0x0d34fc8850a3c441L,0x0e2d322ad15965adL,
-        0x700433af853b1f5dL,0xce7454a25cafcb5aL,0x2201bc0473b16a2fL,
-        0xc178af49986e01feL,0x00383c44f4196a72L,0x00000000000000c1L },
-      { 0x26951af44027cbd8L,0x0a64b5bd58133d67L,0x55c70f8bf9edd0ebL,
-        0x43762ee7c4ebeb49L,0x5d5b9d8b33a6b1c1L,0x1446f8bcbdc002f1L,
-        0xab85db78ce19c7e4L,0x4daf43d163f0ad8eL,0x00000000000001b8L } },
-    /* 37 << 483 */
-    { { 0x3afd28b85d94ef9fL,0x81257a58c3177e20L,0x38dfaf6c65eb35a5L,
-        0xe6f3ef64288e980aL,0xb97158885cedaa77L,0xe99de3f8a7eb0cdbL,
-        0x81059e958eac3ddeL,0xf37c0a32c9c83c67L,0x00000000000001faL },
-      { 0x1823b2fcd4f70ceeL,0x57762228e9c5bd49L,0xa17f38348a42a86bL,
-        0x1cb50d437b41063aL,0x12a24600639b5b82L,0x70cead17dc2a9befL,
-        0x8604e4aa0bcaa435L,0x8425f4b68890b5c5L,0x0000000000000059L } },
-    /* 38 << 483 */
-    { { 0x9b9bed42938f1c9eL,0x3d20941e97fd1135L,0x441f7e6ef64abe42L,
-        0x1def7b3f0e07fdd7L,0xcc052cc7ba19fac0L,0xad9a823b94b5a3e5L,
-        0x76a1332af3b3bf6bL,0xe7f4dea925d8294bL,0x000000000000008bL },
-      { 0x1327bf2381bf2ae5L,0xda8af8f9c5ae36bcL,0x5a03be7b253aa57eL,
-        0x16c4d1e0d8673996L,0xdf37a5c5ade6c913L,0x326cea3193cd3c79L,
-        0xd5bfca3f8b2ce002L,0xde1ef94ad2966ee8L,0x000000000000016eL } },
-    /* 39 << 483 */
-    { { 0xe848a22c8a20f973L,0x7d4838938707d89dL,0x743e47af3a602f42L,
-        0xa793999ee80346e6L,0x70c2abb4072cf57dL,0x10de7dd0f254926cL,
-        0xac0465d0b3f05ba4L,0x37222ff549ebdf47L,0x00000000000000adL },
-      { 0x84a14bc688843ac5L,0x251de0ffa7cc807bL,0x81df07af0e43fdfdL,
-        0x6b799a7269b2f867L,0xa4a0f81fe9f40220L,0xa4d91dc17e0d6fbdL,
-        0xec9940f238cb4a33L,0xb802f2e17771ac3dL,0x00000000000000c4L } },
-    /* 40 << 483 */
-    { { 0x82fb9f71437c9b3cL,0x8f892941aa7bbbd8L,0x8c0f30acb4aef227L,
-        0xbcddb282afb0ffd0L,0xd6ac26bf9835b70cL,0x2a2483ff28422e87L,
-        0x3839a2cbbffd1ff1L,0xa3c660355b9cd379L,0x000000000000006bL },
-      { 0xe6dc8fb8e50a7d38L,0xdca90512836bfcc1L,0x7688a1b3e4e9ce06L,
-        0x1740f1a5f17e5457L,0x697380917ded4120L,0x33d97aa918814d34L,
-        0x530cfc7af7927f48L,0xe6d6c9ec929172b2L,0x00000000000001b0L } },
-    /* 41 << 483 */
-    { { 0x428216a6c2b89eaaL,0x80af7400c889421bL,0xdbf3e6d5ab483733L,
-        0xa174a26fc80b04a0L,0xf43d9f300a0a9600L,0xf6bc9b055a36c398L,
-        0xeec10bbaaecb2d9bL,0x4b6343a90db85b00L,0x000000000000019bL },
-      { 0x8f3b5dc05b69a5fbL,0xfe36ce3f962d1949L,0xb1ed23e1b901c965L,
-        0xa27d8354310d5c7aL,0x8d8cd709cf1c8261L,0xde318e922ec59425L,
-        0xcd74892887cdd65cL,0xd5000ab0cc3df271L,0x0000000000000145L } },
-    /* 42 << 483 */
-    { { 0x70d80c68accc8cddL,0xf18270444d36dae4L,0x1de1d63c5c1b23dcL,
-        0x3f692f0db6af112dL,0x90be5f8cd1627389L,0x269bcd96e3cb096eL,
-        0xdb3da141e52f7191L,0x020fd372236f6719L,0x0000000000000026L },
-      { 0x32d2aa912e6b5359L,0xc69d58b61355b897L,0x019f986593f03d9dL,
-        0xcd3ab51998cc76f4L,0x0a8d4dabe1f31d9bL,0x13fb607b605b601aL,
-        0x3412ab49d1b0a857L,0x9d4f6cc56a59c8e9L,0x0000000000000024L } },
-    /* 43 << 483 */
-    { { 0xa4ff17fb90aa8d12L,0x4b11676ffe3b60e5L,0x4b6736d5520b491eL,
-        0x111ed0242549df91L,0xcd9a9f14e120c6a2L,0xe9a1ab1a16e281bcL,
-        0xa8c787c8464e5043L,0x7b8ba81beb71f3faL,0x000000000000008aL },
-      { 0x9b0a74f9ee5f33f4L,0x1387695a7e5e34afL,0x378e761f008494b0L,
-        0xa9497876b556e962L,0xaa58debd121a018fL,0x97f52405a924e778L,
-        0x432f362dcd07aedfL,0xab22f4c6f814c3caL,0x00000000000001cfL } },
-    /* 44 << 483 */
-    { { 0x75a95d201ba19e5aL,0xc4ac280da7814129L,0x39d17e5a0053757dL,
-        0x8b5fe8f5c29a489eL,0x2616039717aace25L,0x561c8f439652ddaaL,
-        0x61822a50f5c95227L,0x072f8e5dc007cc38L,0x0000000000000152L },
-      { 0x9ff7313cc50fad23L,0x8092be14bb03aff1L,0x922d11fc480cb8dcL,
-        0x9c2524ddf22d2e95L,0x5b2ab1f4f8672817L,0xb77fe4669b52a810L,
-        0x09ad0883f510b41aL,0x302b7c261b4138d2L,0x000000000000013fL } },
-    /* 45 << 483 */
-    { { 0x18e8c1d2b312d646L,0x00e3253bceda36afL,0x45d2d5d0752540a0L,
-        0x87a38fc7a3d85d35L,0x2c3862aefd90f76cL,0x5af9307c79fe8ba8L,
-        0x35214c7c8d686649L,0xa7fba7f225ef82e4L,0x00000000000001faL },
-      { 0x66014ff18124515aL,0xde9da3353fced30cL,0xac96a6ac7f50e6ddL,
-        0x0f96e01a39abdad2L,0x67a39cb6b46bae57L,0x596edccd2fc272dfL,
-        0x4ebdfecfb15ca893L,0x3e5f5903e0b3c942L,0x000000000000006aL } },
-    /* 46 << 483 */
-    { { 0xb17ba42760f48d19L,0xa4ef46ab969dcc37L,0xee09b13a004629c2L,
-        0x7936d9b1947f6795L,0x7b0167f8ed153962L,0xb3dd551c1b18a245L,
-        0xb15372159f7517f8L,0x3f6cdd5d9f9aa1ebL,0x000000000000018eL },
-      { 0xf72f53d22ff0201cL,0xf072228ac9d861c2L,0xe35876de8febce56L,
-        0x5fc283033c8f7bffL,0xa12b0a81d2893b8bL,0x57ded7bde89263f6L,
-        0x81494bfcabb2822bL,0xdb399fa9f2c8ec57L,0x00000000000000dfL } },
-    /* 47 << 483 */
-    { { 0xaefa7fb0808cd5d5L,0xe80f21e484884ca0L,0x9d0486cfae65b5faL,
-        0x4b54c759e8168cc8L,0xfd1c1a068ddd9c6aL,0x8c04efb02a8d8bebL,
-        0x33d61fb78b5ab913L,0x4fafce55715f0cedL,0x00000000000000e6L },
-      { 0xb9c352f46c0d348fL,0xc60a94bb45bc984dL,0x9f743556605c71a8L,
-        0x176de676067997e0L,0x7ddd2aec7d72394cL,0x3de5a535411ef5c2L,
-        0x818a2fb45e052585L,0xadf2f7ea83ce38d1L,0x000000000000018bL } },
-    /* 48 << 483 */
-    { { 0x15f956694d4a5461L,0x56f1b9232775dac2L,0xa4f77a80b3028c01L,
-        0x4c7c09f84a216681L,0x1469e858444401beL,0x9bbe83c5f4fd909fL,
-        0x3f52c7eb914d3efdL,0x769e218db97ccb6dL,0x00000000000001b4L },
-      { 0xca757e3b80dd9fbcL,0x741fee50f5fe9f79L,0x8a7bb30cbab00224L,
-        0xa33bcefe4ec16137L,0x62d0604c2fdaf3e9L,0xad66f9f66d7376b3L,
-        0xca856f8d02c9ab0dL,0xaad774a6df87aa79L,0x00000000000000e3L } },
-    /* 49 << 483 */
-    { { 0xf446887e5b80ef17L,0xeef1494d936989d3L,0x6058c0405f82a6f1L,
-        0x6f97d2f5624c5294L,0x4772ad1a59e08502L,0x41ca4882993ec149L,
-        0x4890ef7309e3ec9eL,0xe1843ede041133feL,0x000000000000012bL },
-      { 0x42d78ebb7b2f37e1L,0xd130e9a18b4ea8c7L,0x002cc021fa9d9adbL,
-        0xf26e382454996fd5L,0x206eda2db4ee2ad9L,0x95e069ea3a1147e9L,
-        0x8f1ce0085798b869L,0x96f99e7fc24b7809L,0x0000000000000131L } },
-    /* 50 << 483 */
-    { { 0x74bc731aa521a2dfL,0x2a7dad589ca35915L,0x24ba1b555ce46968L,
-        0x1c00375723481711L,0xd1b381c6e1986244L,0xb2c4710846b9c4c0L,
-        0x11ef4e90a2ed3152L,0x4c1c7086f0863dafL,0x000000000000003eL },
-      { 0x795131fe66eb30a2L,0x0ea3589b94b68f85L,0xdc7e3fd070ef34d4L,
-        0x14a5499a44df4e9fL,0x9b340e60a69e2691L,0x91c5e50752f35777L,
-        0x7582716785c69903L,0x547f96ecd8536e21L,0x00000000000001a3L } },
-    /* 51 << 483 */
-    { { 0x96fe0761a501282dL,0x79bd2cbe04a97c94L,0xb2445622206c0bf9L,
-        0xfa2bd5260a8c8b82L,0xc22acd0c7aa2cd47L,0xd541785b67bd2672L,
-        0x5644081f97b909d2L,0x97ba1dd70779b879L,0x000000000000003dL },
-      { 0x3586ceff5a15e6adL,0x347005ce76b70d67L,0xafe431e24ae4b2b5L,
-        0x6de0cdb6183abbf0L,0xca058f19fb220de0L,0xb6284b1d1e1dbd82L,
-        0x81c3068ccde36a43L,0xf45a2d76aebf2615L,0x0000000000000197L } },
-    /* 52 << 483 */
-    { { 0x2fed71ab13191ef0L,0x4d093b4bcbc0201fL,0x04d6d7b64e54b64bL,
-        0x335641e3afaeeab7L,0x36a8bf03f565f906L,0xe0a1162706db040aL,
-        0xfa9564f345ce75e7L,0x62220cd0d1651390L,0x0000000000000172L },
-      { 0xb86f0816fe6efb3aL,0xbe06aa2752ca0a50L,0xfe5aff01ca6a34bcL,
-        0xf1d3f54920f73725L,0x16db75d8f822f3e8L,0x3aac55a586dea1b2L,
-        0xb4e6e8f2e6a3437cL,0xa8239de5f86343ecL,0x00000000000001bfL } },
-    /* 53 << 483 */
-    { { 0x8d18bf08a3bf7997L,0x391cf08b6fade171L,0x7991a05de5ca321cL,
-        0x23ece7ee451ce87eL,0xa6362e03a977f619L,0xade9302513907e13L,
-        0xd91cc1f52e2e9088L,0x44e5824df58e5620L,0x00000000000000baL },
-      { 0xf8e7816527b063b9L,0xbe43d2c36eb79697L,0xcf36bc31c97e543bL,
-        0xb2051af018cd43abL,0x9ed9341dcdd344e4L,0x30701b2957da9489L,
-        0xdad39c53f3b5d5ddL,0xa2116edac4c47541L,0x0000000000000047L } },
-    /* 54 << 483 */
-    { { 0xdeb91f90da9ab6daL,0xcb56bf2e406a3cd9L,0x58b62e487e8b0b3eL,
-        0x48b2605634436be3L,0xd6cbd675edbbccf2L,0x84ca877854f9a5d2L,
-        0xb63f26c8f06dc3e5L,0x9d447a727c79478bL,0x00000000000000c8L },
-      { 0xbe4c5f568720253cL,0xd4079cf2a66930ecL,0x262b2dd86742b311L,
-        0xf72c0a9437c98222L,0xb375cb9908db8f62L,0x034efaa36502ab48L,
-        0x2f679b5720420bffL,0x0834c67ae890bc7cL,0x00000000000000acL } },
-    /* 55 << 483 */
-    { { 0x2f056bb90280425eL,0xc045a362804b751fL,0x8267e19fb9b62232L,
-        0xd25162b3f6b83e5aL,0x4bd3f73c52872a79L,0xbea0f70e2c4d8454L,
-        0x93630251bdc7bb71L,0x62421c79d6eb5964L,0x0000000000000152L },
-      { 0xc6ef31326a4c9b1fL,0x10407eace4383f40L,0x40efa08cf6ba160aL,
-        0x61931947438f0e09L,0x083519fa2b79a0ccL,0x1323a71d85b17aafL,
-        0x3c745547b5841d46L,0xd3b26e8bb60d1f8fL,0x000000000000013cL } },
-    /* 56 << 483 */
-    { { 0xbc02d7b5a958b119L,0xa924be8546b327caL,0x5964c5e9b0a46409L,
-        0xac8450ca97d92118L,0x693b41b24e926688L,0x03099cabb8d094b0L,
-        0x02b779c117d76963L,0x92e5b73f8eb4ddc8L,0x00000000000000a8L },
-      { 0x36c561713f20d59dL,0x12f7a1815115b8b4L,0xf6e1be6845535c8dL,
-        0x7706701a41ec92d7L,0x7569d232e849b822L,0xf6adae238fe67de8L,
-        0xe43d347c6d2f8982L,0x734a8be36cc683e1L,0x00000000000000a0L } },
-    /* 57 << 483 */
-    { { 0x715334a7e1a910e1L,0xa92a800408ac113eL,0x8bb38d39d14c4a79L,
-        0xfbc37ee2a2f2932bL,0x3e57033229575dceL,0xeafb135a22021b9bL,
-        0x72efc8661066b3ebL,0x03b2dbf7b7719907L,0x000000000000014dL },
-      { 0x7e7331c7f6d4e630L,0x1e13582ade86bf74L,0x18907e4bc3b9eed0L,
-        0x79374dc6003080b7L,0xcbf4f614c62cd738L,0xccd41e459f20a97bL,
-        0x96f32f37ffcf7fc3L,0xd1e204949781c875L,0x0000000000000035L } },
-    /* 58 << 483 */
-    { { 0x9643c5266c6ea0b3L,0x4702ff43bd69bee2L,0x2670cb7e6cc182faL,
-        0xe98e50f972705286L,0xbec3b5a84fdd27e1L,0x72f1a20be3ef8bfcL,
-        0x918033ccd2ba4245L,0x0e41de68e1b00b7eL,0x0000000000000127L },
-      { 0xc0ed8187396b5808L,0xca20ef18132aab1aL,0xfbb1f99a81240c77L,
-        0x2e7e99c89dc5003dL,0xe0bf0f3d599c63d9L,0x5caf5b2cf267734aL,
-        0xa22e005dcd02332aL,0x4e905dc503980512L,0x0000000000000096L } },
-    /* 59 << 483 */
-    { { 0xd2169049caab35deL,0x6c5528742823e046L,0x9a79cc29108047a6L,
-        0x97bbf70d9d8ede4eL,0x977167668212110cL,0x33e99c39371101edL,
-        0x09d4af70ecaba866L,0x3d862acf46064375L,0x00000000000001acL },
-      { 0xac064f7c335c3c36L,0x6407ec11432968baL,0x440593247aaaddd5L,
-        0x3d2a9b26f25718f9L,0x03aa5c73ce3da559L,0x40154af74b8098cfL,
-        0x14ef244fc84d6eb4L,0xce11d75ca4fb0dffL,0x00000000000001a8L } },
-    /* 60 << 483 */
-    { { 0xdf396a64435e6567L,0x515561def1b4f6f0L,0xa2f3488c17f354c4L,
-        0xa93b55f2015e8c9fL,0xba4caa85f6e40c57L,0x540a0df42dc22395L,
-        0x09d3208e4d93e932L,0x53902eee0a578b7aL,0x0000000000000123L },
-      { 0x431a21ddaa811b87L,0xf7dfaa57e535f1f4L,0x76ec86761a516854L,
-        0x914cdc51a55047d5L,0x8ca17868e13643f4L,0x2e0d6bbe3507d525L,
-        0x614677534be4b04cL,0x66fa0a07d060337dL,0x00000000000000b0L } },
-    /* 61 << 483 */
-    { { 0x6d505ed813aee1c7L,0xadb253ecb510cac1L,0x799dc47e52df92e0L,
-        0xe4a6f8667e721b9cL,0xcc769496928e3833L,0x77f90f407b701ed8L,
-        0xad4605cb6c36f3d9L,0x396b31b5fd3dcf33L,0x0000000000000129L },
-      { 0x01a28e7ce5e1e93bL,0x72105a72947e6131L,0x1ced05353a4700e4L,
-        0x3a2868be782e5b4cL,0x4b8a224e7e1f4bf0L,0xc984bd6aeb002e28L,
-        0x75ff62558ae5757aL,0x573907a8f4b0f10eL,0x00000000000000a0L } },
-    /* 62 << 483 */
-    { { 0x7435bf81b0aba4d2L,0x2f9cf230a9304dc5L,0x8d2a2f7efef7bca2L,
-        0x6a7bc8be83196a5eL,0xf1307d2a3fc22eadL,0x40ec9e45e1063531L,
-        0x663d9867fefecd17L,0x0b271efb3c0bbb6bL,0x00000000000001c7L },
-      { 0x7c694979933db66bL,0x962d1c3acae9cbc9L,0xbbaa0d5b73298f99L,
-        0x950dde19bf0c7515L,0x3689529e6f23e672L,0xe9ba0a528e7c9720L,
-        0x98841855b3d3fb27L,0x9fb4812a1b62a7e0L,0x0000000000000026L } },
-    /* 63 << 483 */
-    { { 0xffc68ca0becea497L,0x67aad6d19361196bL,0xf73b3170f64ff2eeL,
-        0xd6cd04b308cf964eL,0x6f025d2f2af74054L,0x6a75708d110f5de6L,
-        0x459a54092f314ddbL,0x8b546498a68bdd6bL,0x0000000000000053L },
-      { 0x2ecc3c54d94ad9c3L,0xb4aa6c1674d8ee26L,0xab443dd9a6e38149L,
-        0x1fa9aa6983111140L,0x416ce37bb0d97e03L,0xb4058478f2437c90L,
-        0x8fca985139e81813L,0x0a0454b3c956b700L,0x00000000000000a4L } },
-    /* 64 << 483 */
-    { { 0xa949016c027effaaL,0xd4fb4288e691a213L,0xd18a53b17fcdfd96L,
-        0x6808bf4c0ce4cac9L,0x7e7dc551bed1f520L,0xb84f242f2db78ffeL,
-        0x7e6d15d34261fdbdL,0x836f8254a8ffc498L,0x00000000000000f0L },
-      { 0x029233daabe4e4f2L,0x9617f000d0327536L,0x444fdc65de62e889L,
-        0xf9170a9969512dc4L,0xa37edb8d4e765028L,0x7c003ad00852dc5dL,
-        0x628756447cdf14efL,0x87ae7bb59b509913L,0x00000000000000a5L } },
-    /* 0 << 490 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 490 */
-    { { 0x51199e42088a01d8L,0xa9c970190e6c6197L,0xcc8bba8aec9f00dfL,
-        0xdb0e728aa3534e0aL,0x4f130e04b74d62e5L,0x3e26abba0368bf53L,
-        0xf97571a599d4743fL,0x64863a87c7eb2500L,0x000000000000003aL },
-      { 0x0cbb2434a3d02698L,0x3c37545572eb32aeL,0xf8555f578806b951L,
-        0x11215434ce2dbe0aL,0xf0d7a7f00470fb38L,0xc4e0ad472707cb8eL,
-        0x4caef200c03c9c3eL,0x5ba3893846612de4L,0x00000000000001b2L } },
-    /* 2 << 490 */
-    { { 0x4f3c3bc3a1e703a9L,0x134edac80f4d9e8bL,0x55da5480fe4727cdL,
-        0xa8f98d584c37a7b2L,0x06bc173cc5f9592aL,0xd1f2103c5220ee93L,
-        0x956efef67acf01bbL,0x55746c426c878b89L,0x00000000000001a2L },
-      { 0x1927395435dd9b7bL,0xb81ef6482a61252bL,0x508f2cb818236f94L,
-        0x655ec86d31b04f92L,0xdc06ce6a381743aeL,0x46059e3637e92347L,
-        0x6dac815fbe6a29d8L,0x4b4fcf720b369888L,0x0000000000000181L } },
-    /* 3 << 490 */
-    { { 0xf8106d6fdb1a83c1L,0xc55816668a3b992fL,0x30be609761e65036L,
-        0xb7e260eded1ad38fL,0xe51ec351f98254fcL,0xfd1e301827f9210fL,
-        0xc209ab2533522612L,0xf68c7a487baaa1d8L,0x000000000000007cL },
-      { 0x6677dc5814fc9ff1L,0xe57b02bb6a95a729L,0xf520b6157618c694L,
-        0x61b4174f60b020afL,0xa0f2cb83185d0531L,0x647a5daa640f434cL,
-        0x1b1ea4352d853d74L,0x222ea56cd31bcdceL,0x00000000000001bdL } },
-    /* 4 << 490 */
-    { { 0x6106402972e2518aL,0xfacd33fa7b5fbfc1L,0xd50f77717632ad67L,
-        0xba8688071f0d2282L,0xacacd91104d90803L,0xf94b3e0f51496ee8L,
-        0xfb8a5406ece3c365L,0x96f5c5e7620400f2L,0x0000000000000109L },
-      { 0x7389f3dd36988cbaL,0x4ab5c460762ca5f4L,0x9b96cf82b5cf8989L,
-        0x2ffa0db5158a4c79L,0xb5821b1a3a3d24f4L,0x17771cb7f8c464d0L,
-        0x9ffd764662c59a09L,0x0eefa35fdc162385L,0x00000000000001e1L } },
-    /* 5 << 490 */
-    { { 0x020e0b3723563c41L,0x51cb4e065011a829L,0xd4ce6fbaac22f4c8L,
-        0x953bdb3db2415370L,0x316a668da8bbc065L,0x6b97ad5dee418011L,
-        0xc595b7d16c4bab89L,0xd5a5e27163504ba4L,0x0000000000000104L },
-      { 0x9325755d1808ab7cL,0x89bae8ad5bc9c781L,0x690f475bbe6cfdb1L,
-        0x12c3ce21a07a4c3fL,0xf71a959da04a872fL,0xcf877db397297763L,
-        0xc7549bfa18e0c680L,0x98e9a6092fc07c3cL,0x000000000000001eL } },
-    /* 6 << 490 */
-    { { 0x9a672f1d10413087L,0x411e1e5bf1f3ff42L,0xe82c5986273d35f7L,
-        0x92e879a6b685dbadL,0xdecbf5453ddb51bbL,0x9ff90e3a39eec3d5L,
-        0x08a257ea40810789L,0x62bf063097c15f38L,0x00000000000000a0L },
-      { 0xadbc2699525f4599L,0x431b2afdef56cc0eL,0xbbf0c5497df748d6L,
-        0xf68f2e050031a3d8L,0x30e5621f74d09f61L,0xfac58606bf9b7376L,
-        0x83216950be2ea8e4L,0xf039db24af8340a5L,0x0000000000000187L } },
-    /* 7 << 490 */
-    { { 0x741ab54678b66b18L,0x1c5f59b4e9fa653aL,0x9e0085be4e2c1d9eL,
-        0x69c5ed9c89b83f53L,0xee80d5102b74ebf3L,0xf1ac08ba53fdaee3L,
-        0x89551a3689f58574L,0x55298a412d97b54aL,0x000000000000000bL },
-      { 0xc12b2160a54c169eL,0x557ac5fad1ba765dL,0x8fc94a99af6d1ff0L,
-        0x01ffeb4f50587c6eL,0x030b43f838ef4acbL,0x0f9f1e53091d7b0fL,
-        0x2a6e11c6edd00a6aL,0x6a611260fa85f47aL,0x00000000000000a8L } },
-    /* 8 << 490 */
-    { { 0xfa050bbd035b25a2L,0x2a14076e36ee92fbL,0x3e95a7eb2f514218L,
-        0x8a67615dea3b77d3L,0xe2764f071da9263eL,0x47bbf1ff92b51d79L,
-        0x82cd065659df9eacL,0xc80bb0f05e020e6fL,0x00000000000000b2L },
-      { 0x7dac49e7a7560919L,0x7238fa6ec82b9da0L,0x3ffcf645ff7cacecL,
-        0x72087198be9302ceL,0x13094b5c513ba920L,0x8cca51f343eb77deL,
-        0xeffe0e7d60b89283L,0x036368bfdf9075deL,0x000000000000019dL } },
-    /* 9 << 490 */
-    { { 0xae445f227b4593b8L,0xef35356ad4842ce6L,0x2db43c86bf3bac89L,
-        0x414690ed7dc182c6L,0x84a514a50ae14289L,0x5ecc2b3c805b103fL,
-        0x0bd5f847fad21f5bL,0xee1dd686b358a036L,0x0000000000000000L },
-      { 0x22052b302fee1645L,0x84910ab0d993b563L,0x58431b24c62691faL,
-        0x0d573a5ad696d720L,0xdf3b69ed9c571a76L,0xef2bdca8814c3185L,
-        0x35e2a1ce22a6530dL,0xc3d59a8c72873a48L,0x000000000000013aL } },
-    /* 10 << 490 */
-    { { 0xea12baba36c07770L,0x7149b07d7aa338dcL,0x7dd392b45d156c18L,
-        0x84a12f7cc4365ee0L,0xb44e45db4084be8cL,0x5d54b2fd5fe57a77L,
-        0x302ac5bb71c43590L,0xe66a79c59fde373eL,0x0000000000000134L },
-      { 0x2bfd7beab5bca463L,0x928522e5980a8823L,0x00a2c869b924694aL,
-        0xdd8a185649d07554L,0x16b0b4c34cec885cL,0x37f1fc54599c8460L,
-        0x7d27418a7d607e4aL,0x8fb68d5ebd28f94aL,0x000000000000004cL } },
-    /* 11 << 490 */
-    { { 0x9f19c16c46720d7aL,0xf378e65e2c7603f1L,0x4767d22438b49a6fL,
-        0x54745d098b03e0e9L,0x4b04b342d735cda5L,0x4f2b0ea305c600f4L,
-        0xa951a8762c6442daL,0x306df593775e0120L,0x0000000000000114L },
-      { 0x626a917bf58d9acaL,0xcb451ec176b10f78L,0x93da7a771559c731L,
-        0x7fbec23ebbdac761L,0x5fdd3a75a36dfd28L,0xbf715077d53ec252L,
-        0x0b7d2f675fe204ecL,0xe2d696507278bc38L,0x0000000000000008L } },
-    /* 12 << 490 */
-    { { 0x2ff0f1cbea39d3beL,0xa756a96ec7f3195bL,0x1dfbdedfdeb42713L,
-        0x7cb9e1be4a87567aL,0x64541aa30d2cec73L,0x8eec22690a0327b0L,
-        0x967b1bc10c157f20L,0x2a6f1a402d8969e0L,0x0000000000000181L },
-      { 0x42547f4cc471c0cbL,0xb990b1a2815ef0f1L,0x672398cbfbc29aabL,
-        0xfb7e649b104ac38fL,0xf0ba1354e9cf1e5aL,0xb0c191da2cd48a07L,
-        0x1fc70fcdb41854f5L,0xf11295462504091bL,0x0000000000000195L } },
-    /* 13 << 490 */
-    { { 0xac46f9b5cb50100dL,0x515da1b65497f79aL,0x5e5cd6053fdc142cL,
-        0x40b22f9fd29696b7L,0x6f54de30d431a575L,0xf031047cc22eccdfL,
-        0xb93ab0eb3686ff2fL,0x2916ce36d93d864bL,0x0000000000000060L },
-      { 0x09309e3b78bcbe2dL,0xedaa63647012435cL,0xadca8f2837274001L,
-        0xaf2ddf5fb46f8b32L,0x1cee73d6478e7979L,0x76de95d86428aba3L,
-        0x13e5f39308dd313eL,0xcff92fc04cf616f8L,0x00000000000001b5L } },
-    /* 14 << 490 */
-    { { 0x3546089d84333088L,0x60abe80c5c2a72d2L,0x1c1c8e6a1698cfadL,
-        0xcd2fcdddc6364862L,0x858e2049539275c2L,0xf238daa1d1452d8eL,
-        0x6c50daa23fe94cbeL,0xebaf801da026f28aL,0x00000000000001f5L },
-      { 0x28bdb6603bf45e6dL,0x44465513fedab00eL,0x0a86e5a08f0bf163L,
-        0x6d14d86fc43eca4fL,0x0c6eaaad4aebdd05L,0xb974e68bd4a58166L,
-        0x7208623eb468b01cL,0x56cf14ab87826367L,0x000000000000009aL } },
-    /* 15 << 490 */
-    { { 0x51531ee8e746180bL,0x43121900720c9cb4L,0x2e2dd6ab3e0d0ed3L,
-        0xd8c964b4d1bb19beL,0x693688ccbf410642L,0x5cc38a4f81ef0113L,
-        0xe4564abcafc1e72aL,0xdf8f203c9c2ebf93L,0x0000000000000099L },
-      { 0xea13eb46763e5b3bL,0x945069aa4cc61cddL,0x3758dc5ce40e7f01L,
-        0x7ec20717b8a812aaL,0xbc5492e988dd7752L,0x993eb9cc2d7336f1L,
-        0xe10cbab49e4ff77aL,0xd4ca5b63e32f8934L,0x0000000000000197L } },
-    /* 16 << 490 */
-    { { 0xb8a3f6bda1bd56ccL,0x3b8f16bd2e598d13L,0x304cd218dc92bf6dL,
-        0xec30d12dac0b947eL,0xf7fa65eccf12510bL,0x9c45d10c7f2df1dbL,
-        0xaf49aac9cc89cbbdL,0x7771c58aa3936ff0L,0x0000000000000141L },
-      { 0x486b202acd4e00aaL,0xd4ce59c3e9cc0cffL,0xdc299e6110dcc4f2L,
-        0x64f83481559569cbL,0x005fda65297ad136L,0x929eb2207cad3258L,
-        0xfd85773d62647bf0L,0x776fbaff177af6a3L,0x00000000000001a4L } },
-    /* 17 << 490 */
-    { { 0xe79e46cd5fc30347L,0x674285a267e94f51L,0xd31d7d420c5dd942L,
-        0x7172dd7f3a511c36L,0x765b80b7db09bf5cL,0x5c13a3197e80a403L,
-        0xbc4af3e874c08746L,0xe103ca58fd80a7f5L,0x0000000000000025L },
-      { 0x8ca87d3999ca3f40L,0x9db2fd4e540cb22dL,0x757103a3d792fc7eL,
-        0xffe2bc304dd1afbcL,0x9d12a8273ed96ed3L,0x2e3ce176b658113cL,
-        0x95938a67fc9f6e7fL,0x9794212ca41fb2ddL,0x00000000000001d4L } },
-    /* 18 << 490 */
-    { { 0xd361033049be3163L,0xa62047a34d55201bL,0x6a4e87786f886ff0L,
-        0x604ce4c96b10def2L,0x786a6da1db90c42dL,0xb8d75e55c29e737cL,
-        0x1c19c2d0b9a6bf51L,0xe444d64f8fc3a7a8L,0x00000000000000d4L },
-      { 0x7853870ac196ee6eL,0x1be278b5c127bc47L,0xdcb5a00c50ac1962L,
-        0x37bd8ee5ff0e97bcL,0x88847dbd1907b331L,0x66c67e868ec11029L,
-        0x0e664bb33a23b51dL,0x3b9552ac67489da6L,0x0000000000000185L } },
-    /* 19 << 490 */
-    { { 0xb21548262e25f5c0L,0xd2ec6bc2992d921eL,0x2dc4a7a869093ae0L,
-        0xfa7d331b63a7e7daL,0x625d366c96e835f2L,0x796cd894f83cce59L,
-        0x296bd295152b78f7L,0xaa68fb2b0807b951L,0x0000000000000150L },
-      { 0x7f6be3866d0cd79dL,0x04e17e832b100dc2L,0x34edaf1a36c37de2L,
-        0xaee7d6ac66758307L,0x0cd64d977e13f95dL,0x94ec5730a07f1e19L,
-        0x5bd6888ac4aa4311L,0xc81682ecfd0c4555L,0x00000000000000b1L } },
-    /* 20 << 490 */
-    { { 0x49082b82f794bfedL,0x090ad58da7508ba4L,0x016c6c61abf36de8L,
-        0x69744e76c17d97e8L,0x64ba471f5087cce7L,0x45bac2bbf3fd22daL,
-        0x1bbc08f0e8f6671eL,0x6e45905d268427beL,0x000000000000007cL },
-      { 0xfdc632d4d810ab70L,0x2d68f73cf9546668L,0xf506ef8b178148abL,
-        0x95db78df162c23c7L,0x4df86cb933dbae55L,0xe47825b77d81edc1L,
-        0xbe78419056e1496eL,0xd707fa3a48f497ecL,0x0000000000000008L } },
-    /* 21 << 490 */
-    { { 0x02255e039c52c74fL,0x9d3fcbd7f200eb00L,0x16aa73a9acbf4abbL,
-        0x70e1ca461687653aL,0x2756e86c3bab9f5aL,0x4443f19c6e3180d7L,
-        0xf6da43fedebf5b52L,0x8c4901ec7788d048L,0x0000000000000172L },
-      { 0xb9d9e5d51277636aL,0x0277a4d11a31a1f7L,0x5f4b0a7c948ccda6L,
-        0x1548a1eb9a6c4ddeL,0x8ccec5bceb7e26b2L,0x955a00b8ae69a2f1L,
-        0x4cf07abc10fc1875L,0xebcffdabf4395ff8L,0x000000000000013fL } },
-    /* 22 << 490 */
-    { { 0xac56388e6483d8a4L,0xfdfe4569e227c038L,0x450294e22eb72fabL,
-        0x88409dce0fe1329bL,0x29fcce43fe7f2e69L,0xde4876f54b1a398eL,
-        0x3801bc1a201ae634L,0x0fb643e1c7b52ec9L,0x0000000000000126L },
-      { 0xa11b43e67ca49857L,0x23d4c95c7a771e14L,0xbe8fcfac9bae2b51L,
-        0x777f2e78be5a50fcL,0xb8cb4c6fcb75d302L,0x270687f1d494af8dL,
-        0xb2c986981e494043L,0x2b6e60e78a8179f4L,0x00000000000000b0L } },
-    /* 23 << 490 */
-    { { 0xe6bdf3b488959264L,0x5542a7fd644ce746L,0x63ab33f2dce11936L,
-        0x3553de8e474efdefL,0x8af61691c83e85a7L,0xc884742bd56fe2c5L,
-        0x3f040aca37f03427L,0xb60c9b41263319d9L,0x00000000000001daL },
-      { 0x2c57b645883caaf9L,0xcf22170bd9ae6a66L,0xd9df329915b5c403L,
-        0x9a8e8a4aa5c81461L,0x48a6ea41145a6d0dL,0x82539f6ad425ace1L,
-        0x79d9a233ad3a89f9L,0xc7f8856bdc08a1e9L,0x00000000000000b4L } },
-    /* 24 << 490 */
-    { { 0xc2ec5aee77528da4L,0x3c8c6f50b12e7da5L,0xe36d0b4775e8fd04L,
-        0x49affce87e0189c5L,0x2c23922de166e234L,0x44f5033a7e52c62fL,
-        0x1d3b1a480e1dd67dL,0xc530693580ff9f3aL,0x000000000000012fL },
-      { 0xfacfb18bf94695a9L,0xda2ea3903a8c9298L,0xf8a29d06b18c310aL,
-        0x10bee839046bd445L,0xa78643a0094093bcL,0x77cd1796a2c10fcaL,
-        0x5fcfed6a5ac6c799L,0x8331b5b782907caeL,0x00000000000000a7L } },
-    /* 25 << 490 */
-    { { 0x782b00c9ff08cd68L,0x3bebf3ecb5c82844L,0x0db519c634fbe0edL,
-        0xc6d0b96b80968dd2L,0xca8a16449fd14732L,0xdbc7ba82770939aaL,
-        0x57b96f47947233f8L,0x94cc0ccd686cb7d3L,0x0000000000000092L },
-      { 0xa1ec820aaecee40fL,0x81fee315a9e2e645L,0x4794883f242620acL,
-        0x68adbdd9890be143L,0x1dceec7b76458c1dL,0x90737afab7c270a6L,
-        0x640520d1c504fec9L,0x7db9a04721283767L,0x000000000000014dL } },
-    /* 26 << 490 */
-    { { 0xdc7ea260fb335eecL,0xf4fb771645e4162fL,0x83083490caf2fe89L,
-        0x236f08720175995cL,0x36111ad435504affL,0x0071b03ff342248aL,
-        0xafa645143c794f89L,0x81caa96447a160d2L,0x00000000000000e1L },
-      { 0x3dbacd20ac902e52L,0xf65e2a91a533f9c5L,0x6cb5952b31b56177L,
-        0xb9d864204aed174bL,0xdad31e286f481fd0L,0x47018a784b45b876L,
-        0x2de43a62934e6063L,0x8893fc2e48f73becL,0x000000000000018bL } },
-    /* 27 << 490 */
-    { { 0xf3a63c14bdae5604L,0xe11ed2086d3e10efL,0x10639e5e6021fbffL,
-        0x6b6f4e5d76c3b6f2L,0x153e9ad8ae20d93dL,0xa0d205d3a3c51052L,
-        0x84802526d77f38d5L,0xd14890d7bf780614L,0x00000000000001c3L },
-      { 0x9aa8671588be4774L,0xa877900f0edbc5e3L,0x1106cd8a0231c6c9L,
-        0x2a08b3dc26146217L,0xa98a1202f7041571L,0x2352cf2fec9e24dfL,
-        0x990d2feb89c59932L,0xaca88d14d00fbc45L,0x00000000000001b9L } },
-    /* 28 << 490 */
-    { { 0x9a9d1b1914198957L,0x09272b36b8b27468L,0xa8adb29478d8695eL,
-        0xb2a77ef928e6b551L,0xb92c59a171983bbdL,0xae27218037661116L,
-        0x8aedb3dd9058858fL,0x2ea5bebd716b7a4dL,0x0000000000000188L },
-      { 0x43bcd03eb534ac3fL,0x0a3a64298d025a80L,0x3e6a0674dcaa5ea0L,
-        0xa0b446922a7bed53L,0x962c45437d1d2fdcL,0x4651ccf2e3ec4a2cL,
-        0xaa08f169a883b3f8L,0xbcd939e4513a5d60L,0x00000000000001b8L } },
-    /* 29 << 490 */
-    { { 0x3ebb07d66165d930L,0x8e91d5450ae51c2eL,0x3583819e644fcafcL,
-        0xa50fc18d091544e9L,0xc0d83ac6d906526bL,0x8dda11369adafa5eL,
-        0x641ec76d47b69511L,0x4a8c8b3c9b78be9bL,0x00000000000001d4L },
-      { 0x9bf7a595b578fba5L,0xd19f5d5b35363b48L,0x59ffc205b60d4397L,
-        0x566d5dc8405a1ad8L,0x6fefa0d077eb44b3L,0xe541d6ce224d90b8L,
-        0x2ed4482e17f7feb9L,0x7f19a002fa2bcbbcL,0x0000000000000027L } },
-    /* 30 << 490 */
-    { { 0x547c70b4548ca6d2L,0xd6a7a51ebce5664dL,0x92e8ccd00472cd19L,
-        0xbb32b3050441f3e0L,0x9ba8b75a17a40be2L,0x544c456d08adeea8L,
-        0x37972d606ad0417aL,0x812b7c83d87711afL,0x00000000000000f2L },
-      { 0xdc0584d5f57681f0L,0x4a450ce001727532L,0xbeeb07d401eb264eL,
-        0x0d6b72c444f15915L,0xebf41a6f2ce8922fL,0xf342d770f71b84a9L,
-        0x45e38af44fa730c9L,0xc65be7b2ae916caeL,0x0000000000000168L } },
-    /* 31 << 490 */
-    { { 0x346422ccd8be3ef4L,0x78e55bbd6b6397c3L,0x1122c7c23eb94d9fL,
-        0xe335c88d6ebd1011L,0x5d69022902d6a508L,0x32404617bae4b52eL,
-        0x4105738dbe1bbbf4L,0x4633d69992bb6653L,0x000000000000007fL },
-      { 0xecdb3d91f642459dL,0xda072b00b406bec3L,0x15c08fda4b06ff3bL,
-        0x8a66e8cdafcfb908L,0x4f142a2cb4892aabL,0xf6c64b9220d47b2bL,
-        0xfdf4c62737194064L,0xd8ab8881d881142aL,0x00000000000000bcL } },
-    /* 32 << 490 */
-    { { 0xaf9bf352b2648196L,0x00a9569d042fe760L,0x43854e69b9d94444L,
-        0xa01a26456e3392b7L,0x43d8ae3686c0702cL,0xb658edeedd0f9617L,
-        0x0676b0ef8b270ab3L,0x71ceba8f02072f7cL,0x00000000000001daL },
-      { 0xaf1b398d4d9bc7bbL,0xe6f033c930e4a71eL,0x38919b421c8d3fd5L,
-        0x4dca8a1f31065bb9L,0xba5a637e0bd4bea3L,0x30f886eb9a42d432L,
-        0x1e7c0fa3000fcd13L,0x9dffac1d7299786bL,0x00000000000000daL } },
-    /* 33 << 490 */
-    { { 0x9c6981caa81142f7L,0xfda7dbd4fd156b03L,0xb55db395f9ad1b37L,
-        0xd7614d623bc530f7L,0x0cdae9d22c905663L,0xbf9d97cec181cc24L,
-        0x84e1995a0462b7d2L,0x02eb429532ed0544L,0x000000000000016dL },
-      { 0x37f3da4c8f85488bL,0xdd74c11700010fdfL,0xd73da972faa1b459L,
-        0xcfa6099fc4fee2aaL,0x831e38705c0b914aL,0x0c7e3a8fd4a13005L,
-        0x4b0c86e03a3d633cL,0x9c104f0720231bfaL,0x00000000000001d1L } },
-    /* 34 << 490 */
-    { { 0x2c6420ccdc38445bL,0xf8636ca67fa9a5cdL,0x4222168ede7cafe0L,
-        0xbf9f6254f0e34b77L,0xdfcc8d0688f9e0ecL,0x06d3252d988e02aeL,
-        0x56557b2ce3609068L,0xc4d157a4b96068e1L,0x0000000000000032L },
-      { 0xf1135648cf72d12fL,0x37e911e5811b868cL,0x2cb5772f4b7bcabbL,
-        0xddf409b0c02c026aL,0xdfcb7373a6c344d6L,0x2b71c0dedf718cfeL,
-        0x8107675ff9043a2bL,0xc4cdb35c04f0f193L,0x00000000000000d0L } },
-    /* 35 << 490 */
-    { { 0x677701ccd5a7e191L,0xab23235dd26500eeL,0x0802b5f4f83e8885L,
-        0x0113e7f2072026edL,0x343f785ff5757027L,0xcf49e2e57b6406ecL,
-        0x5fe76f7dd846655aL,0x13a05fec06dd0b73L,0x00000000000001c9L },
-      { 0x3ced3cbe8b640e13L,0x945068dbd6b72e95L,0x2181cee07981bb0aL,
-        0xdf3fb0d3fe9aca7fL,0x4b29a06f1a49a253L,0x4f29456252436f51L,
-        0x50798afd75f5ae8eL,0xeb4fb55d4b0e21c9L,0x00000000000001cfL } },
-    /* 36 << 490 */
-    { { 0x35900c17f31f03e4L,0xd46ab57ecacb20d0L,0x346e2e7d1f2ec957L,
-        0xcc002ceded3e9556L,0x34af851dd2729afcL,0x38f4c7007ef8ad10L,
-        0x9383b41e2514f43aL,0x41f5a0c43156a417L,0x00000000000000c9L },
-      { 0x0430eb170573cf6eL,0x75cc52b227b7f3d0L,0xa0306601a0c813bdL,
-        0x202894d4bf1a5bc9L,0xaa87196d9ce7d613L,0x23a3fb14644485acL,
-        0x5d9b9f3ae9854099L,0x76d3383791c4b3daL,0x000000000000007bL } },
-    /* 37 << 490 */
-    { { 0x7be352469c44d309L,0x864ae27e8f4e2484L,0x9f457a4f3af5a594L,
-        0xf215103c858aec93L,0x792d6a3f138244e1L,0x6bb16e51920ab210L,
-        0x2560020ece573467L,0x2d6e20b5bc565058L,0x000000000000011dL },
-      { 0x429c2f1cb8826bb4L,0xfb092daa14d953aeL,0x70d6a39a9ea3076bL,
-        0x8bbad6153bc68687L,0x1f429219a3f6d0b1L,0xe335739bd50a3ca8L,
-        0xfb76e216b8f25500L,0x55e606b970172ee4L,0x000000000000009eL } },
-    /* 38 << 490 */
-    { { 0xfbdc60f37bf5b26cL,0xe42fed785e165d3dL,0x8eae9ace8103041eL,
-        0x68c8d798e97cbf71L,0x4d7dc5156fbd8c5aL,0xa047cf13f473bce5L,
-        0xc7e18565a71c679cL,0x12c321ccfaae7237L,0x00000000000000daL },
-      { 0x896bf0d3e357c359L,0xb05051dcd83f4e44L,0x2cacb7bf71a73589L,
-        0x7418b85011c1aa4eL,0xf5780ebd98f16d37L,0x01ea234502b2e8acL,
-        0xc4210ee8ca205ac8L,0x4e166dcb055d8862L,0x0000000000000077L } },
-    /* 39 << 490 */
-    { { 0x4926e24e5b63b15eL,0xfb0ad1e7ccca4dc5L,0x13c006d3529ecf40L,
-        0x03ef68cb6fd4c202L,0x56267eb15fce340aL,0x116fb062ca544956L,
-        0xc318e26a69799c4fL,0xe700e63ac7b0e582L,0x00000000000001cdL },
-      { 0x492f4fc30a8acdc6L,0x58dbc159ca8e09a4L,0x837eff9405a42e25L,
-        0x2ab5849271b0ae77L,0xbbc2c2541b9eae08L,0xf7ce5295b6fd5969L,
-        0x7358028beaee4711L,0xb2b7233552b004d5L,0x0000000000000046L } },
-    /* 40 << 490 */
-    { { 0x295b183393dc69c5L,0x8eb4b6ab3c37e07aL,0xa6e07d0f04408713L,
-        0x2cc845f2c69254d1L,0x93f7aee14396112eL,0x44c963cc55c306dbL,
-        0x7e18cecdd5eab009L,0x4397a27ff9a2c2d3L,0x00000000000001e2L },
-      { 0xadb5af020031c31dL,0xe273ade87aa7656bL,0x3c97406a8cf07d6cL,
-        0x348d729e460e4aafL,0xae24daeeb2373a39L,0xef275cb1b3b2264aL,
-        0x947252cfed43148eL,0x4237243e33c44033L,0x0000000000000105L } },
-    /* 41 << 490 */
-    { { 0x6a9270fdb51c81c3L,0xd9e2b1e12e4b9a01L,0x303aa12d63918a66L,
-        0xf5128af5ef62e4c4L,0x91518d003bdbfe66L,0xe877b72a2e705e37L,
-        0x5825aef41e608e82L,0xdb47715ea274cdfbL,0x00000000000000bcL },
-      { 0x8e760b7fbc4f794aL,0xfed90cdb13aa043bL,0x2e34fab55f258013L,
-        0xba455f09e6282952L,0xb2a41de10be69b3fL,0x6a1d3f45312ba3f5L,
-        0xd92e0895e78874c2L,0x77439f3ab99cb460L,0x00000000000001c5L } },
-    /* 42 << 490 */
-    { { 0xad16ea1a15f7f16eL,0x7536eaeaf0d41825L,0xc8db9cb5e341f9caL,
-        0x4f565eb5627278b9L,0x2016945238adfec5L,0x754261a91855a678L,
-        0x8b8e9eb9b6341562L,0x55119faaecb6f837L,0x00000000000000aeL },
-      { 0x06bd4c7f758c138bL,0x859730874ae4e99dL,0xfeb70bbc6eba9b30L,
-        0xb5e394a4d593b54eL,0xc54ceab4e18068aeL,0xd9d13043702dad7eL,
-        0xa822afc22d6a1621L,0xebce87fe99b2c7edL,0x0000000000000057L } },
-    /* 43 << 490 */
-    { { 0x210636ee6e2f194eL,0x653d19cccd3aa630L,0x1211c87bc72f054cL,
-        0xaadb7dd07de52f23L,0x3ac4892a014a9826L,0xfc871d728c3dfe32L,
-        0x453434ea1acc75ebL,0x15668e025611b7a1L,0x0000000000000060L },
-      { 0x1e4c1d7254f88188L,0x06891c05992e686cL,0xb8b93008914cae00L,
-        0x2e1a4ca56e494b72L,0x63a4fdaa50f56be5L,0x9059e7c4b2d616c6L,
-        0x586aee6d4bda7608L,0x90428414735778caL,0x00000000000001f1L } },
-    /* 44 << 490 */
-    { { 0x3aedec9f37932307L,0xc90ba7cc3c278c5cL,0x2172d22004be1c8aL,
-        0x9d9943b37ce8e3f3L,0xbfec2077211548bcL,0x938e1d2f1d011ee4L,
-        0xac9bb9d5f14f2246L,0x44152b2dad89a636L,0x0000000000000182L },
-      { 0xee7da6c1c7e6c8a8L,0x3c6d8dbf61fd9a43L,0xbf8daaec74a9c52fL,
-        0xf71e888e9bfad08dL,0xb16028e58aad6006L,0x203343ca89a9ef88L,
-        0xb218490db9b624adL,0x8b7ba480d01f5fa5L,0x00000000000000e0L } },
-    /* 45 << 490 */
-    { { 0x36196133272975fbL,0x01384c75cb6a974aL,0x7fa975c36340a057L,
-        0xc24df57784a3583dL,0x2da75192bb84c62cL,0xf1f3a70b14579cf1L,
-        0xd50474daa2e588a4L,0x4aabd6d26f1e9de5L,0x000000000000018cL },
-      { 0x76e60ea6fab24b05L,0xf42bbbd2df7d817eL,0x3520cef607b34b07L,
-        0x2def153d9996c9c2L,0x179dce6195252be7L,0x34a49977959fb4f2L,
-        0xbb05b0c6414e4630L,0x582b85ee8e51ba0bL,0x000000000000010aL } },
-    /* 46 << 490 */
-    { { 0xb3f85e6bdcb0257fL,0x9f7c94610db3ae5aL,0xd1309e33f7db50ceL,
-        0xe6be4681d69ff6cdL,0xabcfb97f45b3e25cL,0x611bde5acf2cbfa2L,
-        0xcbebd63d8a0ee819L,0x84f589922a881952L,0x00000000000001daL },
-      { 0x375d99a15eafd5b1L,0x1624edfd343c8399L,0xcb922ca0486cb49eL,
-        0xda5bf79afb059ddbL,0xfbd112db909e0533L,0xe45142308e9322c1L,
-        0x4e4484879fe403eaL,0x90fa5474a20f933bL,0x0000000000000148L } },
-    /* 47 << 490 */
-    { { 0x2f0d4c3b48d8f2cfL,0xe7c0c77e31ac3990L,0x8ecc391aaa04fe9cL,
-        0x6de447a596d400f8L,0x1e4e295ef1a240d8L,0x68850f917621d6d9L,
-        0x56018d58316c4b1fL,0x814b364b00c15d95L,0x00000000000001acL },
-      { 0x5bef4d63f3de314fL,0x396301ec89c3021cL,0x248f51e95efc1e80L,
-        0x1e9acc4af7b3209fL,0x17094679973357c4L,0x7ce6f1b39506621eL,
-        0x564fd1c1b2bdc480L,0x574423eb3a4c1975L,0x0000000000000177L } },
-    /* 48 << 490 */
-    { { 0x7078a5f8c793fc62L,0x5ed9d1d57dfa971bL,0xe1f701b4a25cdee9L,
-        0x362b88524b57f87eL,0x2448012320869233L,0x025ff4771481f116L,
-        0x3ca9f2f68a6275deL,0x562666c7da246190L,0x0000000000000086L },
-      { 0xb5cb110004d25dafL,0xc869f7b3748d3d45L,0xa68f07320c847ab3L,
-        0xe03e1ae202c1d0a9L,0xb4f46c5ec2a80ef6L,0x79b46f90606e1371L,
-        0x0bc1f2a0a728979aL,0x9e8f17833037fe72L,0x00000000000001a1L } },
-    /* 49 << 490 */
-    { { 0x92c876eaba57a5ecL,0x91b9ccc35f0a0aaaL,0x6a208e24040313faL,
-        0xbac2e28d87983b26L,0x5956ba23851ee137L,0x6efec8e850c067c9L,
-        0x7bd5118ae2dc92d8L,0xc88977760dd4481fL,0x000000000000002eL },
-      { 0x170d9e4bebf66902L,0x7dc58ca4351c94c8L,0xf0338c8a9f4bf58bL,
-        0x54dab2aea52e0c73L,0x0f4a6a5177eda7a7L,0x5356635827e03485L,
-        0xa43fa520a87f96d9L,0x8b82a2dc026c86a0L,0x00000000000001e5L } },
-    /* 50 << 490 */
-    { { 0x9a17a22e28c209c3L,0x4c3776f5275c7b6dL,0x2b78c520e4b62488L,
-        0xef7cf9ba8b99989dL,0x540c3a11a7883805L,0x314401635fcc1197L,
-        0x27a51e77406245d2L,0xfeb5c66a87da3cc5L,0x00000000000000adL },
-      { 0x2406a28ff97dc5c0L,0xc44de6717cc0304bL,0xd8b8c3a7a893730eL,
-        0x1755fec500c14fcfL,0x34e16a56e61a6b56L,0x936f471d8469199dL,
-        0xeee12092ddfd51c6L,0x912b3141617a3645L,0x0000000000000112L } },
-    /* 51 << 490 */
-    { { 0xe68216c4acabfc0bL,0x575047098206f7b7L,0xeeacfd72278d0fd6L,
-        0x26009914125b3bffL,0xf2c4d59974430c62L,0xa883c18c6576fecdL,
-        0xe8c29e2b58f5c1abL,0x19715f47d63f80ebL,0x0000000000000136L },
-      { 0xf1fbd8413907f8e8L,0x3b6d0ee100b6840bL,0x582779a8e7ea2006L,
-        0x24d05b01c79c4ba1L,0xc11c23d1e48ed567L,0x31ca1d96ca92fcd6L,
-        0xfbae1fdfdc9f7647L,0x47d7d61d94549301L,0x0000000000000035L } },
-    /* 52 << 490 */
-    { { 0x31da39dbb68cf907L,0xb02e9060d1e99729L,0xadd55a9689bb1507L,
-        0xecc7856a4b5470a1L,0x40a83460eab8cb1fL,0x1c1f3c112b2c9159L,
-        0x7b97b58f7883ff7aL,0xe7e97a4abde1caa7L,0x0000000000000139L },
-      { 0xfa1da9d4b8ecc0d1L,0xe6212df16e7641b3L,0x828c55c6ebb36f6aL,
-        0x5b7ead1609d6a861L,0xdb35a05fc2844248L,0x3c5089b2776dd2cbL,
-        0x2b6595bfed9eb5b0L,0xbddfaf004d176cc9L,0x000000000000008fL } },
-    /* 53 << 490 */
-    { { 0xbcd382ebea56a75aL,0x53e072c1532eddfbL,0xf9e876e05394a791L,
-        0x8d1b21bc90cd2760L,0xf1dfbd70d35c0c7fL,0x5f974acd25822227L,
-        0xb7f59ce3ad8a5cbbL,0xdf4c1e5a5266c9abL,0x00000000000000d7L },
-      { 0x49c8ff4e5896a558L,0x38da671d1b3eec29L,0xe8ad9b620128778aL,
-        0x99478bf41d53b8daL,0xe0196e99b521a1c4L,0x9075689f5ed4551dL,
-        0xa89983aed3b8db57L,0xbf2e18e0920ed9beL,0x00000000000000b8L } },
-    /* 54 << 490 */
-    { { 0x0f498b6bab33f9d8L,0x4ad288a62ccfc0fbL,0x7115968d312aaf15L,
-        0x3c01241a2ecffcc8L,0x80f841855f6704e8L,0xbfec176e279033b9L,
-        0xa72fec76e9634860L,0xb3b673afafa844ccL,0x000000000000009eL },
-      { 0x0c0409d7f67aa5c3L,0x06d70f351f87efb6L,0xb203904279578f67L,
-        0xd72c5ae7d4a73775L,0x15146ae382883850L,0x368d7af83f25050aL,
-        0x1fbedcfc4025b2b7L,0xb75fc92f5ab52601L,0x00000000000001f8L } },
-    /* 55 << 490 */
-    { { 0xbcea48fce7f90fefL,0x2948f00104a5cad2L,0x741f5fd7381f63c2L,
-        0x2480d66320c40d0cL,0xcc71dd56fa3933c6L,0x32537996b42aaccfL,
-        0x2058a90ec1de949fL,0x8cddb8a4337c3d9cL,0x0000000000000118L },
-      { 0xbec707c69f6d7d34L,0x3961a86455e2adacL,0x6ef452a7e74039a5L,
-        0xc7dc50b0ad925d03L,0x9abece09b0c3266bL,0x7099d99a9bed8b60L,
-        0xcf86e9b4dddc307fL,0x4b55f07acff68c17L,0x00000000000001d5L } },
-    /* 56 << 490 */
-    { { 0x3e39683dcd351b10L,0xe16197210a895f34L,0x252e80da411d3459L,
-        0x1cf1f5433456c4a8L,0x7d561558fbe9379bL,0xb851ccfa95445524L,
-        0x63047f7cd73af554L,0x9414829ccd036021L,0x0000000000000138L },
-      { 0x1a267c2a72c27112L,0xa663014f7031c061L,0x6c342632bdb60991L,
-        0xeabab7ce0d230b20L,0x0bb0e281c3bae5dbL,0xc46b86b7d63a462bL,
-        0x1964d38cb34aeafdL,0xc165169bb2548043L,0x00000000000001e1L } },
-    /* 57 << 490 */
-    { { 0x0069f78595054d41L,0x1915d067ffb41edfL,0xd2a26117106803ecL,
-        0x01aee38f45acc15fL,0xc17f9a13e5e0ca69L,0x9650dd183b3c005eL,
-        0x80dcb7b979ea11a4L,0x8016e13f161b05b1L,0x0000000000000005L },
-      { 0xc34447de63240c80L,0x7055b0885924cfd7L,0x0827c7ddbd76a15aL,
-        0x2c0986b73aa18316L,0xa6c6a88f2ac32019L,0x0738b1b3cf9a7941L,
-        0x7b55ebfc25337538L,0x533fcc0a015f8678L,0x000000000000014eL } },
-    /* 58 << 490 */
-    { { 0x1a96801aadb8bfe3L,0xe75278daf390769aL,0xcb8de5149bc85577L,
-        0x26d506ca59959b5eL,0x134f13278a3ecd50L,0x990cb7b3bf13e3c4L,
-        0xd2c83b2625b4cab7L,0x762f5e88306fda07L,0x00000000000001f4L },
-      { 0x4c07d7fbada306d4L,0x4bec248d3e507275L,0xd2e58fd9b23246baL,
-        0x9cd7d608419a7944L,0x85b076b56ff066e8L,0x75815995ad21887fL,
-        0x898f9f2d778e8eb2L,0xda74a1c47d16b4e7L,0x000000000000010bL } },
-    /* 59 << 490 */
-    { { 0x5a99a36a89e67b6eL,0x6a9fadb934faa0e1L,0xbff8efff81886662L,
-        0x6d30dbba5e4281dbL,0x793e30fec50c8b7bL,0xcd8b5ca3d31f298bL,
-        0xc3618e2f8b3ab7b9L,0x6d9afdddb566cbf6L,0x0000000000000192L },
-      { 0x588a45bf8c86b790L,0xe384791ccbcc0262L,0x94dcfb139220da30L,
-        0x0a11742af8a98f9dL,0x8b32affa180b4e5eL,0x009e3017900f981bL,
-        0xdc0cdb67077045ebL,0x6370593425e84b0bL,0x00000000000000deL } },
-    /* 60 << 490 */
-    { { 0xd8a907f1495af650L,0xbcb3f6e27a3ac35dL,0x1aced00f606706adL,
-        0x8ce32c00a2e1cf9dL,0x1e0e979705f91cacL,0xab21e96b9e98af3aL,
-        0x92f4e6dbbbe3c415L,0xfd9b407646c929afL,0x0000000000000097L },
-      { 0x5da0209deee8423fL,0xa22af5cf098eeb14L,0x5e379be216e722beL,
-        0xe06cda5b9680b5acL,0x832c5aeb311d0269L,0x7471c5d7e4943d03L,
-        0x148e2ef20776d3ecL,0x658a17b50c51efc3L,0x00000000000001f2L } },
-    /* 61 << 490 */
-    { { 0x661c9b4356ddaea0L,0x293c59e2922d963eL,0xc4cde92daaebd3afL,
-        0xab071b5f1d039ea1L,0x001a3455800846aaL,0xed60d946be47068eL,
-        0xae57d28e81e38d14L,0xc1ebaf7aea1b4b13L,0x00000000000000d7L },
-      { 0x813636f2f6189471L,0x18081bb61053facfL,0x5df021c61a72f2bdL,
-        0x95867c61e6221fb5L,0x98230da20f68c36aL,0xf8a71504bb930cb1L,
-        0xc66f68c49206110aL,0x6d859d5b4a9704b4L,0x0000000000000107L } },
-    /* 62 << 490 */
-    { { 0x945527c00753ebb0L,0x58d67d3c66168307L,0x0ec55d7dcc6d285eL,
-        0x53f3f9edfd180ff3L,0x862c163e841badf8L,0x3a283e8fe6405388L,
-        0x1f21be3ca83e0e8aL,0xc8be2fba8d854e58L,0x000000000000015eL },
-      { 0x9f10d5bcb68293e1L,0x634a08d72787aaceL,0x29edab8649be3cd9L,
-        0xbdaa11c791666966L,0x42a13787d7f98440L,0xbeca84bfcccbc458L,
-        0x7c9e9a69a565c2eeL,0x1a0af783e8b2bb1cL,0x00000000000001d9L } },
-    /* 63 << 490 */
-    { { 0xab166e77803ef03eL,0x02c155561695a136L,0x0d569bf059f0a685L,
-        0x71c9d373fe7d3aa6L,0xb0560c7ae92b0c1fL,0x0f31f03af89493abL,
-        0x9a403a9f2e67af99L,0x39d67688b84fd6dfL,0x0000000000000079L },
-      { 0xa1544f774f550f0fL,0x4dde151021bdfcabL,0xb20ff20adc61a321L,
-        0xd7762640a6b40f30L,0x1ceca244750f159fL,0xebdcad0d46ce6583L,
-        0xae45629873f0b152L,0xa7d11d19be995716L,0x0000000000000141L } },
-    /* 64 << 490 */
-    { { 0x0ce1f2d1945039acL,0x1d1e6504fdf94d41L,0xf36eafd58752d630L,
-        0x24477f7fefbf0132L,0xae8fba2cc02bf85bL,0x53a24ca8eb510e61L,
-        0xeadbc7f79c2c453dL,0xcfdbc9dc310eda46L,0x00000000000001a9L },
-      { 0xfbf287c8d8f82b51L,0xb7ca60967f0ecadaL,0x1dc411b715242666L,
-        0xebf82d6c3dc6ed96L,0x8f82229dd0a92b49L,0x75a6a4a79dac585aL,
-        0x443ae75ec839248aL,0x4defb89f1ba7c9c3L,0x00000000000001b5L } },
-    /* 0 << 497 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 497 */
-    { { 0x20e2fe1972925756L,0x4815ae3332ce7832L,0x183d90c3eb8f4eb7L,
-        0x0e088af52a8045d9L,0xf8232956da04790fL,0xc24661b5ea0118c0L,
-        0xe4152695a72924a6L,0xffcb277840ab56b7L,0x0000000000000120L },
-      { 0x1c766208aae9af57L,0x21769dda239689e7L,0x9dc2194a235ecf56L,
-        0x930e993fcf83a067L,0xb6725ad332913e2aL,0x09bd9ff9fc942b50L,
-        0xdfb47d67600d426dL,0x4cc06c589def7175L,0x000000000000003bL } },
-    /* 2 << 497 */
-    { { 0x9c3f082939926493L,0x6bf1089ee3d0f530L,0x3e91285d7d7d5b4cL,
-        0xd8d70f1b02bb958aL,0xe4b0e8c1bdbd2b6eL,0xea70f1079239f187L,
-        0xd30f4ada27d37ca6L,0x0358f6b3c88eda99L,0x000000000000010cL },
-      { 0x8957ea97e385ac45L,0x707e7445b4ff3d17L,0x4a6d4dc840a361cfL,
-        0xd086353b13aae7dbL,0xd856f4c9a478b479L,0xf687400f4d7cf67dL,
-        0xfa3000b6ce52336bL,0x805459d7d0b88a94L,0x00000000000001ecL } },
-    /* 3 << 497 */
-    { { 0x96632b75abe029fdL,0x38280dbd57aaa853L,0x2a49ff1956556bf7L,
-        0x76af8029017ad9e7L,0xe231979265ea6edfL,0x71b0793c9cbb4069L,
-        0x1f89d54df62d86ddL,0x48601cbd52809190L,0x0000000000000116L },
-      { 0x825a9ec295f5317cL,0x9af044995b568f34L,0x0a74e92670c96172L,
-        0xa87fcc849cbe4ca2L,0x409e58c017b5587bL,0xae221d81686599f1L,
-        0xdb87c25e9b04ae84L,0x2a847873f9a49cb1L,0x000000000000019aL } },
-    /* 4 << 497 */
-    { { 0xe862a17bbeb4f9f1L,0x5e701369310c4b65L,0x01ef66253377f678L,
-        0x56157709da8beb61L,0x7ca21b049ef7da41L,0x9f776dac88e486a6L,
-        0x53dd04cf8aed6f6cL,0x4a7df43e953c2d95L,0x0000000000000158L },
-      { 0xe5bc0ded1fcc4484L,0xb337eb4eef6d0e8aL,0x02208b42dabf0d9eL,
-        0xe64c8529467bfc55L,0x0cf409592e141810L,0xa34af9d656fa0badL,
-        0xf3471d5a5345141cL,0x89a7a82c1ff7597eL,0x000000000000014eL } },
-    /* 5 << 497 */
-    { { 0x3fe4077368245bb9L,0x89a284bba3626a8bL,0x73c190915a9d7ff6L,
-        0x8e3baf6fcef0b5ebL,0xe3d8006921aa008aL,0xaa3f179932b686a5L,
-        0xd20cfb52eb1ea953L,0xd62b692f360c2ac8L,0x0000000000000050L },
-      { 0xb1b8bf37f4c933e6L,0x090d3bdd5af935bcL,0x8e4854d2ad9d74e0L,
-        0x5b38d8eba00bf5f8L,0x837582475f478824L,0x5c7e2413f71a8d3aL,
-        0x955642770665c873L,0x37d95026d1f7a638L,0x000000000000013fL } },
-    /* 6 << 497 */
-    { { 0x10459adc9fae827dL,0xb9c6d71d622dae77L,0x8d379015bed58a7eL,
-        0xe6b71390b90143c2L,0x08eb29c40a8985f3L,0x30c331ff08db169eL,
-        0xbe336067077fcc98L,0xaf6477724e16c914L,0x00000000000000bcL },
-      { 0x1836d521e134601fL,0x8365f5c7a58ceda3L,0xc4c114f6a6fe142fL,
-        0x4651388d461a4d3bL,0x1b4cf10a639f7948L,0x140f9efd361665e3L,
-        0x436f20b0c743b8c7L,0x4e1d732d710cc0a6L,0x0000000000000186L } },
-    /* 7 << 497 */
-    { { 0xbd6db523c85a0848L,0x987c70fddacb2b06L,0x3dbaa519b16e9914L,
-        0x14205aef40b2923dL,0x5d09323ec1d161dbL,0xa68b68850e462298L,
-        0x0eecab4fdb91ceb8L,0x10ff0480339fb226L,0x0000000000000099L },
-      { 0x4bfe6f364def0c94L,0x21b3cd30ae7c0ceeL,0x2396ba6610b510caL,
-        0x2c9b665184b52fbfL,0x25e93bef7a84e6afL,0x83846a6623f7a204L,
-        0xf5eb2e3e5da84c02L,0x73e65cc62c870984L,0x00000000000000a3L } },
-    /* 8 << 497 */
-    { { 0x4270a7973c80f820L,0xe1455e1cd8e3db55L,0xfc7d04b5c31eea36L,
-        0x86d4b43d8237619eL,0xca90fead5696ac8bL,0xd1df350dbe0a5d49L,
-        0x844e818faea06270L,0xfa19b70bd89cc1dcL,0x00000000000000fbL },
-      { 0xbae72ff552fe816fL,0x7b5d9e529a5a3747L,0x7a7eadcca689a68aL,
-        0x18dec239330ba649L,0xafc49e4ceb30bd8fL,0x2504271680c1a715L,
-        0x4d5aafffbf6e92d9L,0x94af51fb7577cc4fL,0x00000000000001b9L } },
-    /* 9 << 497 */
-    { { 0xbb49e8054732030bL,0x0829d482bd03cd5fL,0xb9a6136c5f6950e0L,
-        0xfc781907dd4f9182L,0x9b4141a166ec206aL,0x3577a8fe18a46639L,
-        0xd1aadfcc28960c88L,0x0b13bc74f4dd4d20L,0x0000000000000142L },
-      { 0x99edf0c678898705L,0x9177bd2fb71bce68L,0xe0ce6c6305ba1470L,
-        0xab99c6573f5fe41cL,0x437f2df7367dd373L,0x240fe1bf4d543d1fL,
-        0xd4f2abbfc0ddf245L,0xf230491ad6da4440L,0x00000000000001e0L } },
-    /* 10 << 497 */
-    { { 0xeb2ac3780ca7c04aL,0x6503ef0d2c07f4ddL,0x25f353f3eab6a53dL,
-        0x53d58f68879a37d4L,0xc63460daf7a73064L,0xf6d94b623ebc4da3L,
-        0xd32258dbc810cff9L,0x3aaa05f66f1b0c2aL,0x00000000000000ddL },
-      { 0xb16bf6925cdb2275L,0x3de2596915cdac6bL,0x9e073ef027ab70e2L,
-        0xe343955416e91fc5L,0xbf3afa34b457e4b9L,0x4f7538f76659f402L,
-        0x0eee4ca52c76dd2aL,0x4d756cfb8c55212cL,0x000000000000014dL } },
-    /* 11 << 497 */
-    { { 0x909a8cb6915e964cL,0xba20835036b97440L,0xa316b2e155cffb24L,
-        0x86b2afd21b6c690eL,0x8d3121b8ef32a58eL,0x243e5a3755faf21bL,
-        0x86a70ccd48e1eb3fL,0x7fb7ab7b856482a1L,0x000000000000017dL },
-      { 0x9c565882ab37df1aL,0x2c2e3f640ceb193eL,0xde7462f66fa488a9L,
-        0x9505158bc0a49496L,0xf8c7087263ed98fcL,0x90d169ed35962a1aL,
-        0x9c5a71216e74e666L,0xd0276edf3a407e03L,0x0000000000000005L } },
-    /* 12 << 497 */
-    { { 0xd8e41426a9df462dL,0xb74954b0ed2c3482L,0xa89b9b49cd400ca3L,
-        0x300d10c3ca71c044L,0x6a7d6d0c3f027519L,0xbff329d8daab84adL,
-        0x9df171a25a1bd3caL,0x4d3ac287f908de36L,0x0000000000000155L },
-      { 0x3c39aaacf399d7fbL,0x155af8e309b50490L,0xf1c274c44e8b235bL,
-        0x80dc35149732546aL,0x17bf13806555e151L,0xc41ea61064ee4231L,
-        0x997707e1a29c4555L,0x7c29fdf3658270b8L,0x0000000000000039L } },
-    /* 13 << 497 */
-    { { 0x4470a10c15b5487fL,0x59e0034abf2901ebL,0xa004882f96f26b66L,
-        0xf0747b1f55ac9ec0L,0x00b2726126587c55L,0x08a8217ef3a868f2L,
-        0xc138619039ab6420L,0x75a2f37063ef87ffL,0x000000000000015dL },
-      { 0x31e93fe5ca9cf04aL,0x86cea3141ab48f4eL,0x61576808902a3aa7L,
-        0xdb2d78c451cebc3aL,0xb20d8a8239946890L,0xff048d9292b61791L,
-        0x87a1e8d88e48280cL,0x09921ba4db22a5e1L,0x00000000000001aeL } },
-    /* 14 << 497 */
-    { { 0xf4390ba3fa83b37cL,0xcb3a94f06e227864L,0xd13f93362d54afc0L,
-        0x734b02866bf22e28L,0x027d32d36ecd5c60L,0xb7c8a2936ea8017fL,
-        0x9001729bbbfee411L,0xedc83e030bc69acbL,0x0000000000000042L },
-      { 0xc848406df076c0ffL,0xa7a5157da1258854L,0xe68222a851655acbL,
-        0xd63300044c79c785L,0x4bae7f1b974690d6L,0x934fac86bb32fc1fL,
-        0x8ebf3a73e88a72d7L,0xadac779440b91c50L,0x00000000000001f1L } },
-    /* 15 << 497 */
-    { { 0x3b64a126b7335d8dL,0x2961ee1ba9248dddL,0x640c9146e01dbb47L,
-        0x0b7a2164c2ff9613L,0x5056eb03fdbd4002L,0x0ccaec0a02c765a2L,
-        0x20064fd4a46f0c72L,0x0f0710b082b4ef91L,0x0000000000000067L },
-      { 0xff5d6b7ce04b5b0bL,0xfba3d44ac1f15aecL,0x89765ae5ce66d753L,
-        0x65b3330be6e0a598L,0xd5f357987e388524L,0x1fedce600b10eceaL,
-        0xa49a65d453659065L,0x685a55643162e5ebL,0x00000000000001edL } },
-    /* 16 << 497 */
-    { { 0x513a0c6260637ab1L,0x4a25bee092c5b308L,0xcd3dde9265d8b6a4L,
-        0xce8ece9b60ea70d4L,0x289b7557af5d779fL,0x1df029a4ff6459cfL,
-        0xd00ac6d5ce09288bL,0x9a9f96859a9f5b92L,0x000000000000006fL },
-      { 0x18cb0922b5b63cd8L,0xd4753ff126fd1c21L,0xa4d1f3571080dac9L,
-        0x7fe4f3ac24de88c3L,0x4ba767da3e60655cL,0xaf4a647436c75e45L,
-        0x4854eb2195f2505fL,0x831446cffe3b33efL,0x000000000000016dL } },
-    /* 17 << 497 */
-    { { 0x4fc3ceb50d704c8bL,0x76277d00511f43f0L,0x81319fed1acdcf62L,
-        0x9e45ed07c9e7557aL,0x57486b5372a27c01L,0x37dde1bf44718054L,
-        0xf299012b5f67b6d2L,0xf611272d52b4570aL,0x0000000000000119L },
-      { 0x4e9f26295623b9e1L,0x5e63fd62e8c47729L,0x31c312230ecddef0L,
-        0x5ab7172a2ddf7e5dL,0x916a08f99de4622dL,0xf70f248bc8f3a4bcL,
-        0xe90e066fcce7573eL,0x4a8d09745854a217L,0x00000000000001a7L } },
-    /* 18 << 497 */
-    { { 0x35ce884eef326466L,0x12ea07254fd35784L,0xa8eda224b6c12e71L,
-        0xcd4088a98fca4b4fL,0x2c65668458e0c8fdL,0xa1992c076c3e0026L,
-        0x4585191b0de1ff73L,0x41e41c18b945e9d5L,0x000000000000015bL },
-      { 0x95d265696d686841L,0xc3b5ec5b7c82209eL,0x708412906b2f6dd1L,
-        0x62711988377ec7f0L,0xc5a41362f8044572L,0x5c152ddc6c97a652L,
-        0x315a403c78043e3fL,0x00f750863cae2d02L,0x0000000000000041L } },
-    /* 19 << 497 */
-    { { 0x69eaa031e84a32efL,0xf64318511f18bdb0L,0x45a72bae00ea0ec0L,
-        0xa58114764f8cd7e5L,0xa2d4f720df207a7cL,0x10f9d9582e4b3929L,
-        0x1919647cafd9a331L,0x932093227bb3b2d1L,0x000000000000002bL },
-      { 0x1a489aa9999524adL,0x461e5e8f47ccbca6L,0xb112fa557218dd85L,
-        0x8d6a44e90f5f41bcL,0x8b5dc510de9a654cL,0xe03a3eb28069bb7aL,
-        0xe4c8200320045ff5L,0x683271bdfa37db56L,0x0000000000000085L } },
-    /* 20 << 497 */
-    { { 0x3bf023ad4af30875L,0x618ff68809817545L,0x07d4ead2451da716L,
-        0x794aa49829eb0835L,0xbd59562f42924bccL,0xafcf72eb72e399c9L,
-        0x8bf1a1a963e80b19L,0xbf8bee820f4c4aa8L,0x0000000000000161L },
-      { 0x020961f55448c727L,0xa703507a4eb32427L,0xe1778e68d45d8b76L,
-        0xe649604ffad79eb2L,0x61f41e6254ad0127L,0x0b54947fa01b89d7L,
-        0x5642af5b120716e9L,0xd9aafd3ed0876d5cL,0x000000000000004fL } },
-    /* 21 << 497 */
-    { { 0x24b368c4c9fc49d8L,0x5901a2196ffababbL,0x2b27398ff8d51ee7L,
-        0x7bbbafa1e07890acL,0x4e54902636dc7e93L,0xb9b7f2be5c0aa112L,
-        0x4ef4a83c5f948620L,0x851400c7ba7ecc64L,0x00000000000001e1L },
-      { 0x8e5ca181b6067620L,0x5793d961496faf2cL,0x8ac484364996f453L,
-        0x8df70948137517bfL,0x90cf159779458200L,0x949c38c4aca5b183L,
-        0x319b3c666211c917L,0x57bf88e3500ca01aL,0x0000000000000098L } },
-    /* 22 << 497 */
-    { { 0x78811b6e05fddb66L,0x5658f3a212a3cc05L,0x5b35c76238f7cbe2L,
-        0x57f36fb154f22cdeL,0x4a825341f83dca4cL,0x87e1c04e42965f1fL,
-        0x2791df2518daad8dL,0x14132863a8944d8eL,0x0000000000000194L },
-      { 0x41bb6a0bc1925507L,0x045af8dcd773e57eL,0x19c14986fff5e4c3L,
-        0xdc7c96ca0f7586c0L,0xf37a6e7b439c87c4L,0x1e4e93876e166cffL,
-        0x2111c8ab6872cc08L,0xc078f60d86c301fcL,0x00000000000001d6L } },
-    /* 23 << 497 */
-    { { 0xd79e9b9fa38e1f16L,0xc8ee2fbd74b510ffL,0x9be3175ac09d14f6L,
-        0x417030d3d350614bL,0xb90492c8d8dd55f7L,0x00bd5e70d09ee667L,
-        0x144eab3f9c4f5197L,0xa066177fd1ad6d51L,0x0000000000000149L },
-      { 0x20db4c6c0879aa61L,0x5ff9dc7d1071725aL,0x1d80ccd2b39e07feL,
-        0x3bd60188b3f048d7L,0x5f60142b994c914eL,0x5e858454058ef641L,
-        0x02e1e4a5ff4ae974L,0xc5f4e021399f23b0L,0x00000000000000e1L } },
-    /* 24 << 497 */
-    { { 0x8e1a6c2f3e0bef3fL,0xb715403e14018b23L,0xefc99827613f0c37L,
-        0x92437b5613170a30L,0xe84cbe8f9468e300L,0xe69b08f14bab3970L,
-        0xfcb78f771558e9d6L,0xc0140529af25ed50L,0x000000000000017eL },
-      { 0xff3fa668168134c6L,0x46e8edc72bcc2e99L,0xbbebb21c86bfbf06L,
-        0x6b7d6159f204dd32L,0x75bb85ec1fc7e40aL,0x0f3e1043ad14c187L,
-        0x44187117000a86baL,0x556420bb13d09defL,0x0000000000000177L } },
-    /* 25 << 497 */
-    { { 0x554448c0fba3377fL,0xe136db9d3902cdbaL,0xd47511ebad6e52e8L,
-        0x7339fa6cd9b3e28dL,0xb7642d4a6ca6868dL,0x943007ad8c8fde03L,
-        0x9cc9807a123d09e7L,0x841e97739beae0eeL,0x00000000000001cfL },
-      { 0xe7a94fa8789a0156L,0x76bbe08089619245L,0x0a7314b211444aa3L,
-        0x8984ef43d2639f78L,0xd5a4a5e517699a5aL,0x6c3988ba314c3535L,
-        0x7c82b93ebfc25e87L,0x857f7c3cba2d2b98L,0x0000000000000039L } },
-    /* 26 << 497 */
-    { { 0x7426610eae8eb2f9L,0x2e63e518ed0157abL,0xf4cf1d37ec0141d1L,
-        0x1fa5a97754c8a497L,0x90e2750c50f7cbc3L,0x2465f6e651392c9fL,
-        0x9d19fff295ceed17L,0x13020fb3d3023087L,0x00000000000000faL },
-      { 0x56de6ae0065bf7eaL,0x793e1c385c37fa6bL,0xff3c043b4b74f191L,
-        0x8d7ad72faf2ea8a7L,0xe606b3fde9a85535L,0x6167d112c411751cL,
-        0xe594b53785ed0344L,0x5d10ae657197503dL,0x000000000000000dL } },
-    /* 27 << 497 */
-    { { 0xd75d6bcc525a4ba7L,0x75831970ff5192dbL,0x2881fed46ebf94b9L,
-        0x9287616b74c60c34L,0xbca8e1929750259cL,0x5f06620d9cce8056L,
-        0x88a1cdbdec42039bL,0xd2d7f35782851092L,0x0000000000000194L },
-      { 0x6f7297c9e99faef8L,0xce5aefa067ca905bL,0x8aea3927825cf9abL,
-        0xc61c45a46c6b844bL,0x218b1a55c21688ebL,0x84f51d90b50e00c0L,
-        0xab5528156920a836L,0x19900cfa6be8182eL,0x0000000000000125L } },
-    /* 28 << 497 */
-    { { 0xe27b7fffcdfd27a0L,0x081213e1de02dddfL,0x0506179a90c68515L,
-        0x91f33ddac6979fdbL,0x7a7b766f6c075aeeL,0xf5e9f6bf4f16c84dL,
-        0xa1502a0ec8fb6599L,0xba8682718ed8bdb3L,0x0000000000000182L },
-      { 0xcd8039b45e609153L,0x45112e760e819341L,0xc2dc373c023ea208L,
-        0xe45a2f499dba881cL,0x50b2e55ad8dee4dfL,0xd15b89ba99ccc4e8L,
-        0x943358a9fa42dc9dL,0x73659482f0193e0bL,0x00000000000000d9L } },
-    /* 29 << 497 */
-    { { 0x99aad65bbb3bb203L,0xe0310f2e07991fe0L,0x528a081533b4e15cL,
-        0x342e836e408a61c5L,0x7cfb0b0fe062a87fL,0xee028eecbd81b770L,
-        0xdb3ba8f9f978510fL,0xd5a19a2c8beac70fL,0x0000000000000052L },
-      { 0xc7cc2ec1a4e6baedL,0xf1f5e6088ede29c6L,0x9ab7a0251f2a4e0aL,
-        0x0938e50c2216f6fcL,0xd3fbf3a2d36da4dcL,0x14eb4e27d87198d4L,
-        0xef09f9566a7d394eL,0x82f28f877059da0aL,0x000000000000005fL } },
-    /* 30 << 497 */
-    { { 0x39e766d6fc267beeL,0x21eaa063a51bef4aL,0x04b31088d5b1da6cL,
-        0xa9fb47bdb21fa3e9L,0x2f50eb96cbd14de7L,0x14de2d69f6109a85L,
-        0x00dd17255716845aL,0xb8edfda66e70389aL,0x00000000000001bfL },
-      { 0x1032c9f212d25839L,0xee5027717e862a70L,0xabb31c0594b14062L,
-        0xd9ab09d45d063501L,0x96ff13a5130e8e50L,0xa6c8803b27ba8876L,
-        0xd2e3e7f07dfbbefeL,0x9d2e5ac4eb8ec9eaL,0x0000000000000026L } },
-    /* 31 << 497 */
-    { { 0xe9d412ef1bbceb78L,0xfcf978bd208b992aL,0x6a53da6f703e13e1L,
-        0xaf8956f7a8424181L,0x81a70a68e97cb9e6L,0xed0fbc16341b2d69L,
-        0x70cf66385192869eL,0xbf9dd960f5a0dd0bL,0x00000000000000b8L },
-      { 0xee6e26feea5c7ed1L,0x81c271315321b93bL,0xc66fa92b7608aba7L,
-        0xb63345cbeeef7219L,0x4ae5e8c22895ec0dL,0xeeb3fb467f3b6e74L,
-        0xeaff7601191adf9bL,0x44eab56470dc9ef1L,0x000000000000010dL } },
-    /* 32 << 497 */
-    { { 0xedbb59dca9aff80cL,0xb32f9f1d305107ccL,0x7a0de3d199d4d1f8L,
-        0x701b04850637729eL,0x13d85cc4b86c08afL,0xfe4b62a8cd43b0e7L,
-        0xba8ba3f38a012627L,0xa589240b2168bdf6L,0x0000000000000073L },
-      { 0x028c8c11d8f16b56L,0xff6f2aa753816648L,0x677b98ab29bbd5abL,
-        0x492513b8221f17f2L,0x828fa4baa5eca5aaL,0x15b65b2b560d8196L,
-        0x737cdf4377fe2f2dL,0xcb1bc918c044cc80L,0x0000000000000138L } },
-    /* 33 << 497 */
-    { { 0x0c11966e4353dc79L,0xf39bf5ae84b26b86L,0x9b07118314d565e4L,
-        0xaa9f8c5664977731L,0x12340d1b899b8932L,0x81b43cd0222df038L,
-        0xebacd57fa96f4f7dL,0xd38b93c8e704f11aL,0x000000000000019bL },
-      { 0x485e1ba6836402e1L,0x6f34201901bd178aL,0xf342b57ed7c7d3d6L,
-        0xceb499c57de7c78bL,0xf3be5233a4ad7926L,0x217081dd11cc5b51L,
-        0xc0f92f053c9437d8L,0x38b2b045c0e420bfL,0x0000000000000124L } },
-    /* 34 << 497 */
-    { { 0x82c834ecced14849L,0x35a0e1c96e2ad702L,0x9bce8fc925afa4afL,
-        0x0c78ec0dff85e7caL,0x754f5c1a18db20caL,0xf112798679e6b204L,
-        0xb5148832e6a42b51L,0x9db5ac23ecbdf889L,0x0000000000000180L },
-      { 0x4d07cefb65b7214cL,0x7ef0f7670a8db016L,0x2f7db6ecc9f8d9c4L,
-        0x754299113c619d3bL,0xf8c6e1ea36619891L,0xc016f4c409d50a59L,
-        0xe36545e182b52f78L,0xed17d9dbbacaf6d2L,0x0000000000000052L } },
-    /* 35 << 497 */
-    { { 0x5d1c2189b589ab22L,0xd05f29db8f8c11bbL,0x445edffb8eff8657L,
-        0x3fdad8e54cbc6627L,0x1ee7e60dd2a3383cL,0x7e31b910991ad078L,
-        0x65bd80d5b1a278fbL,0x352d10928e03512cL,0x000000000000000aL },
-      { 0xc726086490b1b600L,0x4d4152ece639a6ddL,0xbd35547f41c4017bL,
-        0xa1d24f1cf1c023eaL,0x8a536e83e7d8082bL,0x8689dd3fbf567013L,
-        0x3c3538ae5cea1147L,0x9ab19fa10c5438c3L,0x0000000000000136L } },
-    /* 36 << 497 */
-    { { 0xe364461feceb36f5L,0xa2c2b4407c5572d3L,0x30e788e4db92e5a2L,
-        0xf3efe8fa6d4ad73cL,0x621f4fd368d3b7b1L,0x0bd9693c3fb46615L,
-        0x52da482fd34f2a58L,0x888f46b79880fd28L,0x00000000000000d0L },
-      { 0x8a0ec5cf1a628d9aL,0x7205caf0c8e29f23L,0x274d619a16f112beL,
-        0x79041e561bf69ac1L,0x5b17ee9cc5ef616cL,0xa66c9d83bf671d10L,
-        0x7bf826d41abdf2ddL,0xfb3391f2135cc6d5L,0x00000000000000e5L } },
-    /* 37 << 497 */
-    { { 0xe7bddcc19fcd4762L,0xb029f4697c5390ddL,0x98ef31963fac7209L,
-        0x4840f8f3513e4762L,0xb6e1f35152698b01L,0x699aba9e4bc640dcL,
-        0x9ea16ea460648961L,0xe6a218fc9a46a0a2L,0x00000000000001c1L },
-      { 0x27371dd1727b38f8L,0x338bed65e0b7a0ecL,0x2e333657c0ba0c0fL,
-        0xc6e7f81340196865L,0x87158160bb8bbb34L,0x179fbf852dce1880L,
-        0xe3b4f4ef9f2c7923L,0x73795470316d5fa5L,0x0000000000000020L } },
-    /* 38 << 497 */
-    { { 0x19712908cce1861fL,0x0359fd743717f4efL,0x9a092879bd3a53e2L,
-        0x97aa8533f6854d5cL,0xc4163cb6d12cf988L,0x80025aec03691f95L,
-        0xb62cf9e5276fcea3L,0xf1ed5103e50af5b5L,0x0000000000000114L },
-      { 0xcc7c15357ba70e60L,0xdbc285f899e1824dL,0x2bb06046666906d3L,
-        0xefdb9e5ecbd68ec3L,0xaccfb9c45061c150L,0xc0107ff714434399L,
-        0x3ee3636f3e9f6b0aL,0x23b13a8fc2a10c8cL,0x0000000000000162L } },
-    /* 39 << 497 */
-    { { 0x995ac8a670b17352L,0x7cf059b2d9d4f826L,0xa82b0722bf98b787L,
-        0x1532410d612d9a79L,0x75668bc2b44ae70fL,0x63cc756cbaf63a0fL,
-        0x5499dfcf97a52695L,0x541e7a68c40906e7L,0x000000000000002bL },
-      { 0xc02c4aac17f7b128L,0x9c456b93a171c241L,0x931d09919b48b980L,
-        0x52cccfad3e0c0ed6L,0xf23004085968a6e5L,0x93a8b420bd3d48a6L,
-        0xb3ca08bda2bd79d3L,0xe02f0782d018ad6fL,0x000000000000014fL } },
-    /* 40 << 497 */
-    { { 0xf0fa90d83b50a230L,0xdd15885ffd95910fL,0x4105a4e148038a64L,
-        0x2f69d817ae07fcd1L,0x0536353fd0484f76L,0xb3beb1eeb8d64baaL,
-        0x2ff37ff558adc510L,0x5677b99149f78e1fL,0x00000000000001b0L },
-      { 0xe22bf1ce43b8275eL,0x5ec18f04b7bc2931L,0xcb53d3e0f01fa620L,
-        0x49db793f9587e525L,0x7f1e4ca35c884f2dL,0x5ad4e4c459437624L,
-        0xa1e3329f4994207aL,0xe4cb938f88594aefL,0x00000000000001ceL } },
-    /* 41 << 497 */
-    { { 0x68609efdc4fbbccbL,0x55975ca04dc6e8ccL,0x54f541b358d63323L,
-        0x6564edb1bc8620afL,0xbe0e1fb6bc6a6d58L,0x78d76d4cc87ed075L,
-        0xe4942b1c177dcb48L,0x382da425ff82d99bL,0x000000000000001eL },
-      { 0xe06e7855568fded1L,0x560b408d0a5c74deL,0x7b77bbb3945fc598L,
-        0xa8c08370cfe47a88L,0xb0616cd18fb375ecL,0x2a0b5ad9ad76d748L,
-        0xd30413703f493011L,0xa69e11003e55d3cbL,0x00000000000000a4L } },
-    /* 42 << 497 */
-    { { 0x7fecf0a771bdf609L,0x3c77f17427388d48L,0xd8a52ea544c38321L,
-        0x5132ddff7ff0262eL,0xdd5b822ebe8e4bcdL,0x2e4ab4a7c6632ea0L,
-        0x58056a95d5597f97L,0x99b300e1b6f7252fL,0x000000000000005bL },
-      { 0x2bb664009a2f2222L,0xe57e826211c55fc9L,0xd9b16efe6529c0aaL,
-        0x2d86e6845811abd9L,0xcaf181305148e5ecL,0xc049a71a5bdfb7b4L,
-        0xa11cd09454df8687L,0xd598e94d69b7f051L,0x00000000000000b7L } },
-    /* 43 << 497 */
-    { { 0x74d7cb89a20d45d0L,0x88bcd5d4b12515adL,0x1faeb941f345ea8dL,
-        0x999006026ef7c319L,0xdeec886fb57ca7e1L,0x8db761df7067b2d9L,
-        0xb2e6ae1ab260579cL,0x64e68265cb5a69eaL,0x00000000000001c7L },
-      { 0x6f3bb54959212b50L,0x821d528591a39e68L,0x1e218e8723df1378L,
-        0xc9ea11eed526496cL,0xca9a1e7dcd9e2d41L,0x3204aad9b1d36251L,
-        0x99e0255efb37b606L,0xd1284e4d5a48ed5dL,0x0000000000000191L } },
-    /* 44 << 497 */
-    { { 0xf1c9da6a27ad2ec5L,0xfd11d5bedb7fb650L,0xa0ed1c2d92df8304L,
-        0x5b74a2fff7e7e732L,0x6cc6fae21e467b7dL,0x8f630f200311f271L,
-        0xcfeaa597c30da635L,0xeef29453958354c7L,0x000000000000014fL },
-      { 0xb228c7be4e6c4c35L,0x4f8071a6ec861995L,0xec449886cad11591L,
-        0x521916a7d12c188fL,0xfe72b9341387b0bcL,0x5c68a3203b91d2aeL,
-        0xf5726b473e702af5L,0x07251e98f461f30bL,0x00000000000000a9L } },
-    /* 45 << 497 */
-    { { 0x535fb2d6ca7b48ceL,0x002b9584f7d6cc4fL,0x52f45ad33a95248cL,
-        0x7501b7a02ea66d7eL,0x9feb38ab7345a8acL,0x4a90561945016598L,
-        0x1e0b2082228eb380L,0xcfacf4979a84068fL,0x0000000000000148L },
-      { 0xe41b7cb46b84c609L,0x8acb9f4520274dcdL,0xa965f88974d7d8a1L,
-        0x9143c0be2ea1e86dL,0x8efcc7e8ec08a1b0L,0xa10dceafa60bea94L,
-        0x38a2118b077b69f8L,0x9f3b1129ec56b981L,0x000000000000009bL } },
-    /* 46 << 497 */
-    { { 0xcc62a4fd61016fa8L,0x34ba576fbcf14171L,0x4f276a77b50a1ac1L,
-        0x55b7c1f3dbf3ec85L,0xddf585ff68176817L,0x09f83a7f463b7850L,
-        0x23001f87d980c554L,0xd119b8c6d12ea1f6L,0x000000000000015bL },
-      { 0x3ca9eef95c1b985dL,0x11c46468ec7fa0d8L,0xc91bf9bb7b7e67e5L,
-        0x2f745795894a4c24L,0xe927075a2d6f2a3cL,0x16334965df569634L,
-        0x95e8b1156cf5f8d2L,0xb1498e3675502a1cL,0x0000000000000147L } },
-    /* 47 << 497 */
-    { { 0x8bbde2c84b59597aL,0x2cf819ee0ecf18f3L,0x98960e16463a1dd5L,
-        0x69ac53598837c406L,0x375c963416a0917bL,0x5688d330d9b9a5b7L,
-        0xc204410d1cbcef2cL,0xaa89d49bc57e3a50L,0x00000000000001c4L },
-      { 0x314671e4520b4cddL,0xae039a6c4844a7f3L,0x8504d47e7244c720L,
-        0x23761b887653a33bL,0xa019334b492e2ce9L,0x238325d889d81fd3L,
-        0xab0d048b2a6d5e42L,0xa279aee301f953d3L,0x0000000000000143L } },
-    /* 48 << 497 */
-    { { 0x00a2ad7eaafd5467L,0xa8290d94f9741f30L,0x6173f2e7a3d3adc7L,
-        0x0ad6ab5468875a74L,0x48e49f0324328133L,0x2d2d704a19e27e19L,
-        0x3bd63d36de1ed374L,0xdebc4384c0ac7774L,0x0000000000000195L },
-      { 0xeabafce86fd61140L,0xef8c38af22938df5L,0x407c6d243c98d287L,
-        0x75bc698685564dd7L,0x240a470c4c9d6c14L,0x9cdc41ff8aeca79eL,
-        0xcf08acaee1dd8f22L,0x2d99cbe50d69225aL,0x00000000000000dfL } },
-    /* 49 << 497 */
-    { { 0xa7c51b21072d7fdeL,0x527140744830f224L,0xf2bcee38e86c8630L,
-        0x2ae48a3607a11ce1L,0x5d88a9a479f6305bL,0xe2cc312d9e125713L,
-        0x90af98b3735bbaaeL,0xf5c2758b2a9a7a92L,0x000000000000008dL },
-      { 0xd0b7dcbbca0b4267L,0x462becdeb843a792L,0x5f0837cabbfd7278L,
-        0x4033b03b9db29327L,0x19050f0d9a038b59L,0x920cf7fbbcad1171L,
-        0x2b588f590ae5890fL,0xa0d6a15e8c69264dL,0x000000000000006eL } },
-    /* 50 << 497 */
-    { { 0x256d92b449692cd8L,0x16f7806ac8753022L,0xdfc975c9ad8910a9L,
-        0x291e020a38d4c11eL,0xa2bf3aafcd6bc9dfL,0x93188d8b6859ced2L,
-        0xf9a0f5634267273aL,0x1f02826bd0aca382L,0x0000000000000037L },
-      { 0x7d4e7d11495e0018L,0x69a51736af7093d8L,0x9cb0839c29b16fecL,
-        0x2bd6421bed5e6623L,0x29fb37de288b50d3L,0x046755a28942d297L,
-        0x7b68173a922a5964L,0x13ae2a14617887a4L,0x00000000000000ffL } },
-    /* 51 << 497 */
-    { { 0x37f2f1bd1008aa59L,0xebbe4ee8d7877405L,0x6534b8205e1dfa69L,
-        0xffd83302ab461e03L,0x220833bf46370ac6L,0x0c809ad6ed94ac0fL,
-        0xe9b985e776abecf9L,0xcb9f63a464052dd1L,0x000000000000008aL },
-      { 0x16a0502cc177e4f5L,0xb2021209c8a5268eL,0x89d764aeccb9dc38L,
-        0xc0971fe940f39ed6L,0x1692bb66210ff610L,0x7c43540c6b860ad0L,
-        0xc27a870f92c90811L,0x0af5c7b08874ba9aL,0x000000000000000bL } },
-    /* 52 << 497 */
-    { { 0x0c160909c0fddb5bL,0x20b497a4723ded94L,0x5798938ff2559f5fL,
-        0x1f08e0b26fd8f7c6L,0x91734f0ea9ea8a83L,0x190d5cd5fd9ec96fL,
-        0x0039942a156842a1L,0xf2dd3eeb57f5b843L,0x00000000000001ddL },
-      { 0x8fbf191fc432fde3L,0xccc105d79b2e7247L,0x13e19408d412c84dL,
-        0xd109e1b8955eb313L,0x32248ed7d485a078L,0x6f869288f7d20534L,
-        0x16335bb41aadb56dL,0x156ee1e9c93ea83bL,0x0000000000000079L } },
-    /* 53 << 497 */
-    { { 0x6b27600514d5cf52L,0x26d3dd2557bf242dL,0xfcb2ad25e77b65aeL,
-        0xa2696c484496d9d8L,0x40fb884bbed1711aL,0x5ab56199af6676e3L,
-        0x3489a42d1d50bc5dL,0x267f4b1a5dd94b04L,0x000000000000000dL },
-      { 0xd0cb67206cd4c268L,0x7a304e3241bd7e32L,0xe9e0393e3385b3b0L,
-        0xc5af909585f2bf82L,0x5e6518cd54b9fa71L,0xb0a424955fea5182L,
-        0x51454d1a5db5447cL,0x78d932d27470d4e9L,0x000000000000013bL } },
-    /* 54 << 497 */
-    { { 0x4fa2b894e601946aL,0x7fe34aecc58937c0L,0x0ece9764fb14315bL,
-        0xe99a9966ad9c094cL,0x1b6c9df4c2636283L,0xab8675e311af1698L,
-        0x5089ae244644775fL,0xf61c9b6ad97a729eL,0x0000000000000146L },
-      { 0x9708305696c187d2L,0xce73fe18ef43b92fL,0x9430722d10aa21e7L,
-        0xe6678192d9d6566fL,0x20774c5d8c1b282dL,0x18d835b6a31caaa9L,
-        0x5f0210647dc2591cL,0xe78685554b424eeaL,0x00000000000000c8L } },
-    /* 55 << 497 */
-    { { 0x5af375ed01d68e46L,0xaa1a3ae3693092efL,0x0fb33f563388045dL,
-        0xe142b8de023fbb2fL,0x20abf7183d17e8a8L,0xbe65e5a0c20f91fbL,
-        0x387c242d053bc18cL,0x7aeef64a0e658156L,0x000000000000014fL },
-      { 0x8f4db305913dcd07L,0xdb17ccfdc527b72cL,0x5cb063552d09ad07L,
-        0x9af5f2abf21ac13fL,0x76960c0cb12dfa2dL,0x0091281b7edbfb4cL,
-        0xe6bb97f288dbd682L,0xfb0ec5e6d6444d47L,0x000000000000012cL } },
-    /* 56 << 497 */
-    { { 0xcd2cdd2e734c5662L,0x086508dd52fcd5a2L,0xd1789e1f65545779L,
-        0xa3e5a37a3ebf0e2eL,0xa648b51121f33614L,0xc1b816d4000154beL,
-        0x7d9c4292a8f82a71L,0xf0f81cb86f43867bL,0x000000000000001bL },
-      { 0x1fe1f9962b51c7d5L,0x5c77e78006a54f1cL,0x79dc60e2dcfa901bL,
-        0x2c548507bbd1244eL,0x59cce9c315ca7601L,0x2ec825718f106b96L,
-        0xc1ebcf8df5dc4e24L,0xb785ee5f1448c529L,0x00000000000000d5L } },
-    /* 57 << 497 */
-    { { 0x3bf38b30bdd410d9L,0x1418a30dfbac23c4L,0x9bd796936f78ea59L,
-        0xc439273c741242f5L,0xb82a4e2943963c86L,0x7da09c8b0c12438dL,
-        0xc4f95cbc28340db6L,0xb5d5f1b32ee06cc3L,0x00000000000000c3L },
-      { 0x68715c7d4916e9f8L,0x762df94538b674f1L,0xd2cd99ba52df5f98L,
-        0xbdc945e1a4ed2f3dL,0x2470084a3226802cL,0xf2198726336db006L,
-        0x281c597cb7580370L,0x152de2640a85f991L,0x0000000000000076L } },
-    /* 58 << 497 */
-    { { 0x6a2a065186b12001L,0x85e1b44db31c50f1L,0xb529629443af7c4bL,
-        0xb17bcd8ff5f5d300L,0x886b618135999ea7L,0x1e7b5f91221fab4dL,
-        0x5e542fe3e0933741L,0x8480aafe1c2cf270L,0x000000000000014cL },
-      { 0xd0d34bb30eb3e31aL,0xdba2b2f352cefa30L,0xdccdf0c8be98f160L,
-        0x06a9e3f7c6700364L,0x751a1bf37b35ae43L,0xef2b6388718b6c06L,
-        0xcae98c2a20384ab3L,0x6d888903192eea76L,0x0000000000000017L } },
-    /* 59 << 497 */
-    { { 0xdaed4f22f9c98384L,0x54a1d279de9d7aa7L,0xdad853c369e40ef9L,
-        0xed2d7bcc72c325b2L,0xd4917c6ccac877c1L,0x8b1ab23c20238c1eL,
-        0x82238d3d304f3c1bL,0x0c40a679c838bc69L,0x00000000000000d9L },
-      { 0xd8c865944347dc9fL,0x7b5ec837488b47f6L,0x4e13c2451871b524L,
-        0xfcc994a13ab456ebL,0x25d937b72a177a59L,0x149f53800e48d935L,
-        0x27a91603d014aa99L,0x0da2ba0f7132ac64L,0x00000000000001b8L } },
-    /* 60 << 497 */
-    { { 0x0e040aa82121e195L,0xc5c6b8ebe60295fbL,0x6373b8e834e041adL,
-        0xee6f882377096ac9L,0x9725bc9eb85d2c70L,0x72adf47e6c4bc9e7L,
-        0xd4927a8002819598L,0x6888aba6a37d446bL,0x00000000000001dbL },
-      { 0x06bf993746fc5462L,0x301d1031e41eaeb5L,0xf7db3c5128914430L,
-        0x0fcdd9a2b00293b3L,0xb2cbbcf0a1adf14fL,0xc5da67fe89c9b883L,
-        0x2f06cac6303fb018L,0x3b56905f892a426eL,0x00000000000001e6L } },
-    /* 61 << 497 */
-    { { 0x7351dfd061af0e72L,0x8c0280a7c4ce075fL,0xdc7bcf53d2b4d750L,
-        0x302914d4a13c3af3L,0xad93d8e6eb3856e3L,0xac0833fd710879ddL,
-        0xa18ecda6b53eade5L,0x8857fc9d4a68e884L,0x00000000000001b7L },
-      { 0xcf85f1cdaa81a0ddL,0x115857a3492a9569L,0x44815c1fd4e35cd7L,
-        0x00ea5f0f3910e239L,0x526bf994ab96b0ceL,0x73e9c0578a5314e2L,
-        0xa77a5d00a17ebb49L,0xfaa340bba606f00cL,0x0000000000000032L } },
-    /* 62 << 497 */
-    { { 0xecd039c8b79b0b50L,0x3e979b0d7669260dL,0x9f4a0105a2946901L,
-        0x9108708a15e67e45L,0x947bb04c64fd7c28L,0xa5575a2d0b583d41L,
-        0x8e63253dd6b1f55fL,0xa61f3c5f117fc622L,0x000000000000013bL },
-      { 0x499d5c08dca3362cL,0x1e6712a4655bc057L,0xcee49de8531b83bcL,
-        0x26be0a09a3cce725L,0xe3a9b79f0de01b60L,0xcd70dd0de7e3f04fL,
-        0xd7d6cb72b1a3e8aaL,0x9eef0dc3addcaaf9L,0x00000000000001e9L } },
-    /* 63 << 497 */
-    { { 0xc272ae2e41f1a555L,0x60d289f28ec78c74L,0xec1ec46cc2733581L,
-        0x9b5e503e1072df26L,0x20ef9df8dd04b6c1L,0x3f912a7e098645abL,
-        0xaa73fe18f541328cL,0x15319a5c09b4185cL,0x0000000000000031L },
-      { 0x0ed3c388229ef248L,0x73fd903ccc1aac19L,0x4fd6dab3c863e1efL,
-        0x9dd6b78894ceda3bL,0x8056b1eaf09fc3c1L,0x4c69a9ca6985a660L,
-        0x7054de2ef0c22c86L,0x6ab6c43a9688cf95L,0x00000000000001a7L } },
-    /* 64 << 497 */
-    { { 0xbf2b204cdb0e34f0L,0x177ee402b55297cfL,0x1008722a0905589dL,
-        0x92be4754965ef825L,0x4ce902bdeeef76a6L,0x55b910714f318009L,
-        0x96beae611484b98fL,0x5d84b61535b88659L,0x000000000000015aL },
-      { 0x43c74ce31d78d96aL,0x131fbc58a17753baL,0x4e430af6dc789aacL,
-        0x31f38805e9af4951L,0x834de4aaa61cbb24L,0x8437617ef678c74aL,
-        0x411e5009e030372eL,0xbe15903ca2047bcfL,0x000000000000001aL } },
-    /* 0 << 504 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 504 */
-    { { 0xfc5ba8d59da7bb54L,0x29f3e817a7c7fbcbL,0x31a34412a40ad3fcL,
-        0xe17b93692d1711b0L,0x41c7bc1716ee6505L,0x5feecffd3d1db8caL,
-        0xcbb9337802f9e04eL,0xaeb67b8b091db41eL,0x0000000000000187L },
-      { 0x611fe09d4c695615L,0x087334f6323b6dccL,0xf7bd51bbd53bcfdcL,
-        0x98ab5c925a8bcdb4L,0xe7e9d273cccd6f6aL,0x2582b21924b4a3eaL,
-        0xf8fea0e3f22c4405L,0x42c0f700d3e5a701L,0x000000000000006dL } },
-    /* 2 << 504 */
-    { { 0xe9f67439cf6368a6L,0xf570101a4c1c8628L,0xf3cce189c652a95dL,
-        0x85a1af6b75cedbf5L,0x8b7f513d68d0ffbcL,0xc71778fb136394beL,
-        0xd0e7f981d99c9f74L,0x6a4ae0f46471443bL,0x000000000000018eL },
-      { 0x702bf6631f3f2c6dL,0xc1233cdecedad859L,0xa8ea4a8398c674eaL,
-        0x338b3334f3c423c5L,0xbea2bbf7dc103dc3L,0xd49c4a620fbd8a4cL,
-        0xa73566de57b93da1L,0x0ad24597f56838b4L,0x0000000000000127L } },
-    /* 3 << 504 */
-    { { 0x38e5b06f76f468b8L,0xeab47690c79fa86dL,0x990e59de6ef8cd4aL,
-        0x826c78e86884d059L,0x951732fe341b20f7L,0xf249fae4449ddae6L,
-        0x32c4b1e5a30a08afL,0x79fb2cab15be777bL,0x0000000000000027L },
-      { 0x1c65411bc3f609d4L,0x4a8ec1376194fa7eL,0x025dd9caa41c5f89L,
-        0x878f8d01e9d5aa4bL,0x34c9e12e0f364d3bL,0x5f4403d0344cf712L,
-        0xe66bb7825bea60c3L,0x4dc50e44d40e673aL,0x0000000000000125L } },
-    /* 4 << 504 */
-    { { 0x104e0c37f8cb0cdfL,0xba344bc4b934f03fL,0xf963fc250a5aa9d6L,
-        0x8bbf6e9e662e69cbL,0x5b9945c916fca9b1L,0x6805abd3682c739fL,
-        0x3d1ee371c3f18432L,0x4708b55c05e69189L,0x00000000000001e8L },
-      { 0x9682d9d3143ec89cL,0x519a8b7ab2b5914fL,0x7fb197f1fa9d63c6L,
-        0x6c4d61eed19fd1d8L,0x3a2a488ed637793dL,0x1dbb1b1a1ffc620dL,
-        0x66eab0524b551244L,0x290e50fd434c6cc1L,0x00000000000000cfL } },
-    /* 5 << 504 */
-    { { 0x4515da106221c6f8L,0xbf5fd8e5bd34caf6L,0x9174ad19c7a869a1L,
-        0x3e327c1357152ef1L,0x58656b31222cbbe4L,0x111892141c4191efL,
-        0xa5e5ad3eb7143ec8L,0xe0646afa4536e2fdL,0x00000000000000e9L },
-      { 0xb13d24486d16bae5L,0x42431b34af57b380L,0xcafe41015e097fd6L,
-        0x5f794cd6e5b0937fL,0x4de1813d55270a50L,0xca0a5c09b660bc2bL,
-        0x08f20f6b76579886L,0x21268e682ada1c30L,0x00000000000000b1L } },
-    /* 6 << 504 */
-    { { 0x9793778b98c439d0L,0x79788f592af8ce86L,0xc1520a86146d0c4fL,
-        0x541063da596b5b59L,0x47823a1e9eba6471L,0x7f66a3891d23923fL,
-        0x4b23c930452ecbdbL,0x40c7d3dde30657beL,0x00000000000000f0L },
-      { 0xb63d974a77d535c7L,0x2e16ac32ca31932fL,0x68da3cd12b8664b1L,
-        0xc895a61fcee5478dL,0x34bbac9042c0ac31L,0x5cdbd70da3267f5eL,
-        0x8b4d75beb4a7ae31L,0x1555caf3f43c9c86L,0x0000000000000039L } },
-    /* 7 << 504 */
-    { { 0x50714fb3c0d037f7L,0x071bfa5b8c050618L,0x7f1798269d15e2f1L,
-        0x2081039729e730faL,0x7948c181b45794d1L,0xc8fbdee3171227acL,
-        0x1faa467045da4e9cL,0x565405c00d3fe74bL,0x000000000000007cL },
-      { 0x353fc94a3f42236aL,0x684a11c27bc40d6cL,0x182ca3af52826e75L,
-        0x7b24ecccd4058f7fL,0x6cadb9ba82386f7bL,0xeebcdeb53567d0eaL,
-        0x904fd55c1e8c8ce2L,0x43fd20db6b578b37L,0x00000000000000a5L } },
-    /* 8 << 504 */
-    { { 0x842e5742310be81bL,0x9cd6a5ac815531f2L,0x1c8179b837f9f02fL,
-        0x009cfa294fac713bL,0x091f5101d2aa2c79L,0x70360695ef9256c6L,
-        0xd8d52d11fad0a22aL,0xf395fef240ff5ee7L,0x00000000000001abL },
-      { 0xfbd0e2d746cccde9L,0x8e8a81f7f8d82fe8L,0x63bb8ce1c0766bf2L,
-        0x917ba75ac70e96e5L,0x2baf9fa493d4d0feL,0xa203f382c28324d4L,
-        0x36385f59b1b2c7d3L,0x746bce122c80ee37L,0x00000000000001e1L } },
-    /* 9 << 504 */
-    { { 0xec99f07e8b313476L,0x9856c5b352530de1L,0x08ca437cf2693956L,
-        0x990f6a868f4122aaL,0xa36c9d84d76bb2abL,0x6004fbbf1e657ef9L,
-        0x6c64f52f4108d873L,0xe3e589a670224f93L,0x00000000000001a4L },
-      { 0xae219487d6132691L,0xb26711505bb911e5L,0xcdd0bc5f15177196L,
-        0xb093aae02605fd89L,0x26d1c416c319a26eL,0xe8916e3d6ef59cb6L,
-        0xb05a13d56e79807dL,0x8a178214c039cd95L,0x00000000000000b6L } },
-    /* 10 << 504 */
-    { { 0x7282c91615fead87L,0xbc1aaf596565472fL,0x5a7bbfc458b387f5L,
-        0x665eb3b16defa8e5L,0x1944cfc86da1ca94L,0x41aaff4d2a2de565L,
-        0x4497cdbab7311f8cL,0x129ecc29f2264d67L,0x00000000000000e5L },
-      { 0xa0e20df230229efbL,0x7c4e6966bf174745L,0xe96f0ab07c0177fcL,
-        0x221d8cb684fd2c4fL,0xccf21ec330689b70L,0xd7daa585f24cf84cL,
-        0xccc2582b438b0f34L,0x6940385ed02cce0bL,0x000000000000011fL } },
-    /* 11 << 504 */
-    { { 0x6e985fdcf7286539L,0xbf44ae0526699adfL,0xbfe83f9d751da127L,
-        0x7df2f5c0d22871d2L,0x61a184da09f210a7L,0x69b4001a9e56e9bcL,
-        0x3f48dc50f5801782L,0x114fb0a2e0bc2f08L,0x000000000000002bL },
-      { 0x44eb8f92011d6de8L,0x3e0fe24320df8124L,0x494b83e071b8153aL,
-        0x6b50c1e31cbc91e6L,0x260d1694b8f14373L,0xf12e1b9298782cd5L,
-        0xb8bc2afe7211a9deL,0x3604c2396ebbad8bL,0x0000000000000123L } },
-    /* 12 << 504 */
-    { { 0x5f9a4772e44f4ddbL,0xff089398a0479feeL,0xc7984a9a309c362dL,
-        0xc8858f6c2ecf134dL,0xfc9c56401a56d029L,0xd77e773207b47628L,
-        0x36bb84d6d5d61144L,0x8d6e8e0df628bb09L,0x0000000000000171L },
-      { 0xfd69c84a1b585b76L,0x2fe3fc195bfe6558L,0x9365c43c978729f7L,
-        0x3bea9b49b368b24aL,0xb6fef7db69a7b390L,0xc85c1d51848bd710L,
-        0x7b3a49fa90bbc984L,0xd65e2e2d651df377L,0x00000000000001bbL } },
-    /* 13 << 504 */
-    { { 0xe8eaa2b093ee1688L,0xab51392f1bd7b754L,0x70faaf847f0113f0L,
-        0x0b68566cccdfa903L,0xbd54a08c9114d07dL,0x4370af4a2eb3d473L,
-        0x6f5596b430650b8eL,0x1d9d998ebdaeebbbL,0x000000000000009bL },
-      { 0x1e07aab3eb570ca0L,0x6cc5717883d78d65L,0x5c13b03927e07ba1L,
-        0x4a8db7258593acf1L,0xf2fbba8b4560970bL,0xa7ee45fb79fe5510L,
-        0x8defa4ec7df14edaL,0x664e0d14f6249cacL,0x000000000000005aL } },
-    /* 14 << 504 */
-    { { 0xfe6bc737ba913d04L,0x5356a7c0e8d667f3L,0x71d72789c6a981fdL,
-        0x7b33cccc1d45cea8L,0xec69e42ad2f757c8L,0x3e228959a5590d96L,
-        0xc04189aa63be779eL,0x2649054dc984b85aL,0x0000000000000188L },
-      { 0x332af6f228fb3abdL,0xe8de53e45031c4cfL,0x881f78f7363bb9f8L,
-        0xffd28eaa31d76d0fL,0xf618633502723c25L,0xcc4d0074e497dd32L,
-        0x7c24a1c114be4804L,0xfefeea3e5150ca3dL,0x00000000000000b7L } },
-    /* 15 << 504 */
-    { { 0x93d8a6cc1cba39aeL,0xc09391f078b306ebL,0xc50192796bbe7209L,
-        0xae87581b69c4000fL,0xaaca7f02e29cde0cL,0xf495236787d2f7b9L,
-        0x831f4d68d01d00d5L,0x17c135acbae32d64L,0x000000000000002aL },
-      { 0xe83e6bbefa7a973eL,0xaa3d68978ed040daL,0xb2915bb0b7726a22L,
-        0x84c84815c39a8a47L,0x42fb407eb29908b3L,0x9a5be91841b90531L,
-        0xd534b5ce6025ec50L,0x56f74c30bd08106dL,0x00000000000000acL } },
-    /* 16 << 504 */
-    { { 0x312dc896a3a2be76L,0x9e77c0c361da109bL,0xb1c5379dbf0993beL,
-        0x9272b9e8b7bcc4ddL,0x5437f62509337d54L,0x5c897a61cf735302L,
-        0x368e21ca002db288L,0x33197cc1184aee4aL,0x00000000000001afL },
-      { 0x76ec7312e5c35f69L,0x6832a65ac07874d4L,0x398dab5ac121e8c9L,
-        0xf88aa2c897b47c38L,0xfc77e1c007678cf3L,0x7327a90f345a9b89L,
-        0x267417a049240b3eL,0x3aa3ea97e3912921L,0x0000000000000116L } },
-    /* 17 << 504 */
-    { { 0x16517bb959607b44L,0x58608704772ed61bL,0x32fef9718443087dL,
-        0x9f12aefdc264831eL,0x2c40d8ec3f264eaeL,0x958ef2e1822e53fdL,
-        0xb4538e5fa48195deL,0x5af48f9e914ed410L,0x000000000000019dL },
-      { 0x6495c1c2ac7152deL,0xd4f608df5b546ddeL,0x91ae22e465f6c27dL,
-        0xf35827bfd2b14d0fL,0xdd6bb7ba3ef928d6L,0xcdb8ffc3fe3f1e15L,
-        0x7d86649006bf8de0L,0x23bccaed54c4f18bL,0x00000000000000faL } },
-    /* 18 << 504 */
-    { { 0x34a26ac92efd1575L,0xd3cdf9b63ddc81daL,0x54f503deb2b82effL,
-        0x76470a9ae9dd4f78L,0x4cdda269f255e55fL,0x4a41053e48c647ffL,
-        0x2034a1a932ab5322L,0xad82c6c2573c0345L,0x0000000000000083L },
-      { 0x9bb0cb5cc498d833L,0x7593917eee4055e6L,0xe3d6061ad2555ed9L,
-        0x16a5ed5c5fedc448L,0x6ce815f86f54029dL,0x844b1cb950a4ef2dL,
-        0x80f5a634cd8ee69fL,0x94429987738e45afL,0x000000000000009aL } },
-    /* 19 << 504 */
-    { { 0x6b26293c55373725L,0x44d86d44d9b7d4d2L,0x63bb25dd8c19dcdfL,
-        0xed80dfdf15e7ee04L,0x0d41bb216778dd90L,0x2247af2ff3835136L,
-        0x4661b4c1c2b2770dL,0x97c716acebf37b12L,0x00000000000000ffL },
-      { 0xbce5ea8d1257f979L,0xef5854b4cc612fabL,0x484669d15cf5f330L,
-        0x036ff03ac916d5c7L,0x199255965a0316e8L,0x527fa32eef2b4e43L,
-        0x35b5691a24cc4432L,0xbc3f392ba525aa00L,0x00000000000000e9L } },
-    /* 20 << 504 */
-    { { 0x6be6e36a4e67687dL,0x769be7472011695bL,0x7874176fbdc16d7dL,
-        0xe1d4d7112ecfd4d9L,0xcf6d7df697d9c412L,0x55f8bd12161eeafeL,
-        0x2771d1072a331bceL,0x8f5e36f2560bc2d8L,0x00000000000001edL },
-      { 0xda8a3b0ae614739aL,0x5a6beb773bbf6fa2L,0x9998ec8de200b58bL,
-        0x35b43df935407009L,0xe1417a07ede69a33L,0x655b564015528691L,
-        0xe358cd067124064aL,0xf9274d0801093150L,0x0000000000000165L } },
-    /* 21 << 504 */
-    { { 0x0833c14b828446b5L,0xb5eb590f3df9e196L,0x1ecd9d2eaa99ebc2L,
-        0xf09914d0f3d5ee35L,0xed839373970b266fL,0x47cdf5303cbbe599L,
-        0x53aae86c3c9d6be5L,0x48397114d01a4f2fL,0x00000000000000bbL },
-      { 0x49a7d8895bd1e0edL,0x7529cb4958c666c4L,0x93dd25d1d5ede656L,
-        0x6e221d6536276585L,0xcd09546ffa0d3db0L,0x4d4eaa62fe48abeaL,
-        0xf0ec27945bc60c2aL,0x2955763602052899L,0x00000000000000adL } },
-    /* 22 << 504 */
-    { { 0xea3bdb8c7886dba1L,0x59aa2a6c8d15be37L,0x17527731f8bc12e3L,
-        0xd61af3db387439e9L,0xc21f6203738ae818L,0x13d3ed72d0333648L,
-        0xcec655779c9e07c4L,0x58d6b0692a992bddL,0x000000000000006dL },
-      { 0x81abbd9c660424f8L,0x38d2ee2d29992dd6L,0x483a59bbe9f85330L,
-        0x5efa6313f18f1b3dL,0x93a79facf698990dL,0xf9ed5f5b3c66a3e5L,
-        0x99a61ee05582b82dL,0x5630acce3ba9602dL,0x00000000000000c8L } },
-    /* 23 << 504 */
-    { { 0x6711c3b83bc0738bL,0x1a48588a747bb955L,0x64cd7a5d64fa3ea8L,
-        0xd63b165af7ac67e6L,0x019bad5ab2a7d054L,0x13d53c68a775a2bbL,
-        0xac13f9da74aab4e2L,0xbe3d79dd84f166f0L,0x00000000000001a1L },
-      { 0x5d591f141d79ec2aL,0x310a04bcf86e3b5eL,0x3219ccae81f9ba7fL,
-        0x3058a5646f69a5d8L,0xba6d658a17b969ebL,0x04d9596f48efab07L,
-        0x47608a070cf8472aL,0x443c8a3f122ffa4aL,0x00000000000001b6L } },
-    /* 24 << 504 */
-    { { 0x372fa55f96c43863L,0x7395007ecbdc87d3L,0x77261a297e9a1418L,
-        0x9009f7081fe5569dL,0x43644eecf3186f12L,0xab5348754d413313L,
-        0x7d795ade94cdd269L,0xb9c7bcce390cb5baL,0x0000000000000061L },
-      { 0x70e879398b2a76c7L,0xcf9a990b4d0a94d8L,0xd8bf89e734eb7c11L,
-        0xe2b79ff8f33be326L,0x62f7f2e73ccd3327L,0x6e64a25cb871bc98L,
-        0x0fd70684f42448dbL,0x162769cc7f3e6d46L,0x0000000000000098L } },
-    /* 25 << 504 */
-    { { 0x929dec7dda33404cL,0x68dd0e8c9b6afedeL,0x610dbd629e32f8aaL,
-        0xad0a251f30192ce9L,0x6b9aeb4328e01611L,0x9c984eecb9d4a292L,
-        0xb53bec5485ebd1a3L,0x765ae5798458714eL,0x0000000000000116L },
-      { 0x622071df31ed5307L,0x38945da1f6fa8116L,0xe1e1d1f3ca229eaaL,
-        0xf8959af5acf489e5L,0x0816a41eb2abe438L,0xb00f3a2e251aa88eL,
-        0x6aae71efe018e553L,0x2cdc74d817357be4L,0x00000000000000aaL } },
-    /* 26 << 504 */
-    { { 0x9767c342cd3915b8L,0x52206babc8b72893L,0xbe65a1ce6c589a4dL,
-        0x69e29cc876ef527bL,0x8d656d54b58e124fL,0x0e645dfdaa0b6624L,
-        0x89808ac8e7f38d9dL,0xed9ea95e458a43ffL,0x000000000000001dL },
-      { 0xbff236387d49f886L,0x20d403d22a2ed0f3L,0x7755c59da90909d0L,
-        0xecd97f616c5555a5L,0x815f269fa6ec5bd8L,0xe2cd2c32d3ec306eL,
-        0xee1816903d1a8ddfL,0x94e7e62fecf72211L,0x0000000000000003L } },
-    /* 27 << 504 */
-    { { 0x5d3d66768d1f4d27L,0x12f0837d7b1cd52eL,0xebc608c48838c280L,
-        0x66689d737564013dL,0xe48e496f630cae1bL,0x8693853fef551190L,
-        0x9db620a86f7855d3L,0x51bc8e485658469dL,0x00000000000000f3L },
-      { 0x55fb173c5ae32677L,0x287c372d09d83dc1L,0x5faea3396768dc7aL,
-        0x3f0b476886a95fa8L,0xfd22197742d617b6L,0xe12ab48537728980L,
-        0x5f458000fecafdc6L,0x86f0eaa95ba83a8eL,0x0000000000000065L } },
-    /* 28 << 504 */
-    { { 0x71f1dfa99806b3cdL,0xed41b6d4f784cfbdL,0x1e803f9dd8f8bb61L,
-        0x4106986517cb357dL,0x2f389dd4d4040c02L,0x27693585e59684b7L,
-        0xfd400b8e04e1c8cdL,0xff53e1e1a9c47d96L,0x0000000000000193L },
-      { 0x358de8b359771fb2L,0x87ec3a6fa7e440eeL,0xde6391d307c30cbeL,
-        0xcf9116cc866e2bc3L,0x293676994011f5caL,0x1303ce2c9f52929fL,
-        0x85e2c0ab4dedfcfeL,0x612d08a650f8610bL,0x00000000000000f3L } },
-    /* 29 << 504 */
-    { { 0xa143f0e16750e3aeL,0xda58596363f7e043L,0xc393fb468a82e2dbL,
-        0x152e78159c18b33aL,0x07690241c322bfd1L,0xb7d34430f9a7c039L,
-        0x30a02eacd91a3b33L,0x0333b1c5fe1f5e15L,0x00000000000001f7L },
-      { 0x892ecd1b3a10dff1L,0xecac73e2d7792032L,0xda8792e443089985L,
-        0xe921f6f77e8b9e6cL,0xad5ca8d078844200L,0xd08b2c0ec4902474L,
-        0xfa5928ee76ecb1c4L,0xa6f32e2284703e74L,0x00000000000001faL } },
-    /* 30 << 504 */
-    { { 0x6b83ceef1e86021fL,0xc4500e85fe4f727aL,0x45a925374e43e89cL,
-        0xf73d7392cc6c3522L,0x3f7d2f0484cbe016L,0x02584521b02203aeL,
-        0x901c127550206becL,0x0c55c247de3580efL,0x0000000000000198L },
-      { 0x7fd8681dba78f98aL,0x5084bad583d1e7a9L,0xd6024a7bf5fed50cL,
-        0x9605ea57ae4b56ddL,0xc2bb29d60451b3e5L,0x339a6c82b1280ec7L,
-        0x5711b1280c3cf155L,0x20308f7a86c613f1L,0x0000000000000188L } },
-    /* 31 << 504 */
-    { { 0xbd43c00d79623d05L,0x8d6020e28c78137aL,0x38c6c2126fb0dd3bL,
-        0x9cdf9293666d2d43L,0x0f0d17dd3331b5daL,0x9e3fc10de29bf866L,
-        0xdc2b1a910c04d32aL,0x94f8f744755315e1L,0x000000000000009aL },
-      { 0x4dce110b54f9068cL,0x2584dfc82e106069L,0xebc73668a694f59eL,
-        0x4610b4b2512ecff4L,0x6afdf6064cd507f0L,0xf7b208d6fda16ccbL,
-        0xfa72234c123b45ceL,0x474e7152c4e7c78cL,0x000000000000016eL } },
-    /* 32 << 504 */
-    { { 0x11771bfc92e6cd70L,0xf5bd487f65c65a34L,0x1b3cb720081b98d1L,
-        0x32485ec4026b378fL,0xe3c71a99529c1313L,0xc85bde7d3526ef07L,
-        0xa85c138b84e3dbebL,0xe6e886afa239b5a7L,0x00000000000000f4L },
-      { 0xf65240a56e2040feL,0x1596f10816af1685L,0x20b38d3eb90b3a9cL,
-        0x81a30feb9c3fdf7aL,0x04031bb33731c3bfL,0xadfe3fb3ad2b6d6eL,
-        0x243b36230fee06e0L,0x2bc6df9225d016e6L,0x0000000000000053L } },
-    /* 33 << 504 */
-    { { 0x6aacd1b33a694c8eL,0xda4292439920facdL,0x8eeaf582b2d8d80bL,
-        0xa03afa0b32a1c52eL,0xab7822fea3b16c64L,0x415e3dfd85cd40a4L,
-        0xba75e4d576958759L,0xec9a95e88e58d2eaL,0x00000000000000a7L },
-      { 0xa096ee7bbebf8902L,0x799d6979afd1460dL,0xd1b8d605ebc51254L,
-        0xb077aa8e1c2cb180L,0xc31759f4f8fd1e58L,0x704f588bdd1bcd8aL,
-        0xc22ab0d67ddf1e1dL,0x8f5d78d3968074beL,0x00000000000001b2L } },
-    /* 34 << 504 */
-    { { 0xc5daabcd932ff166L,0x7f5eea67a8d77d4aL,0x3d6d04eeb62e5ee7L,
-        0x4736983815707ed7L,0x05738964e8183517L,0x3537ccc50255f489L,
-        0x156ef32d9b13c129L,0xc2a62d7eb3002c45L,0x00000000000001a2L },
-      { 0x37e128bda21b49cbL,0xd2bb496ef8dea102L,0xba43bd9cd8814cbfL,
-        0xcc475dfa3707a908L,0xa86675a1ef5c5c74L,0x321544dd25ba90fbL,
-        0x65ebc4bbe77d6fd6L,0xdd5e75955fcf3feaL,0x0000000000000070L } },
-    /* 35 << 504 */
-    { { 0x6c474c2718234b72L,0x3631873d1ba8afc2L,0x4fff947bfc6cd2d0L,
-        0x91a95c6aa6187a12L,0xc18812d51a5161ceL,0xf8182c4728ba5591L,
-        0xfa08a35ae05abb0bL,0x49a5f3a0f3fc003aL,0x000000000000003cL },
-      { 0x1f2fc52f0253b00bL,0xdce041369e3ebd22L,0x6b326cbb0b545102L,
-        0xe06e27cfc2b15e4bL,0x96294d881cb480fdL,0x62add48fc24a99c3L,
-        0x8b5f2549ebbc3afeL,0xf7108acacd6c9533L,0x000000000000011cL } },
-    /* 36 << 504 */
-    { { 0xe928f1ace4606931L,0x2fb928a4fc874afeL,0x87ed3480ac730690L,
-        0x18c8bac63f3b5593L,0x870d817bba8f50c7L,0x37b17f1e1dc4f816L,
-        0x14ac19394828b6d8L,0xb66131579f7594fbL,0x0000000000000055L },
-      { 0x59887289d3e0d261L,0x2e38efc348aee80aL,0x8362fe6d1c19065cL,
-        0x714d078031d57631L,0xd38e42dd96f0ad85L,0x2ba3990c16bb603eL,
-        0xc79e2fcf756396a7L,0x3897420f536c1994L,0x00000000000001ebL } },
-    /* 37 << 504 */
-    { { 0xa7d5782fa86ba30cL,0xfe671190e309d5a5L,0x2b8d391effa437d8L,
-        0xccf1231d4ed20668L,0xcb2e725ba841c8ccL,0x8551c6a6d12c0043L,
-        0x40b6efb484751314L,0x4cd15f5ec044b80eL,0x000000000000004bL },
-      { 0x3d0f897b73ea15ccL,0xa5d6c44dacae986dL,0x82b035b4e098f68bL,
-        0x2e004b3153e48458L,0x4033ced959c997e8L,0x45fb094539c64c7dL,
-        0x244ba9c3d1ac61b4L,0xe05fdc81367bdaafL,0x0000000000000083L } },
-    /* 38 << 504 */
-    { { 0xc7a406be012b5684L,0x1652b7ff5d60f261L,0xc2d4d16178843bc5L,
-        0x3f50380e1a1955bfL,0xb2d8f5d2368f254bL,0x14b0b3f931c0c910L,
-        0x7587bd7a099232e9L,0xf29fea7c7a379369L,0x0000000000000014L },
-      { 0x92c5844ae54bc692L,0x0798175cf2c3171fL,0x177ef51601a94811L,
-        0xe5632d4aaad297a0L,0x7069e9fe58584a58L,0x6eb4de9187428d96L,
-        0x8354ca18d1679a12L,0xd296dc08a7660684L,0x0000000000000025L } },
-    /* 39 << 504 */
-    { { 0x1a42f1615e99315eL,0x84762c55407122fbL,0xc46bc953c8d0f1a5L,
-        0x2523a0261be38aa8L,0x274145a1b36d1ab8L,0xc0d9a5f585c407a8L,
-        0xa8b0e1afd8dfec41L,0x8c5bb30851100703L,0x00000000000000dbL },
-      { 0x843a2657aae55c46L,0xc92b3449d905af3aL,0x6ac9ef1d9775d9ddL,
-        0xf6c822000e3b1212L,0x85f51f8cdce6fe66L,0x5349a598c92594b4L,
-        0x6f61700302270118L,0x70f2c99de38d8200L,0x000000000000006dL } },
-    /* 40 << 504 */
-    { { 0xd636d4c4da43d267L,0xa3b87528e75bbb4aL,0xa60189a1f2246ad7L,
-        0xe8904e536635c4e7L,0xbf1af52d8a2dcd98L,0x7b93a05344fac70aL,
-        0x8bb6fc09d73a81a4L,0x05536fb265f165fbL,0x00000000000000cfL },
-      { 0xe366e5dacb409af6L,0x755696bfff43ee63L,0x3a97d43e3709ed1cL,
-        0x644438f85e58f866L,0xdebd5495e8fe5577L,0x6e84a3b5375bfa1bL,
-        0x987b5dd1202c78b0L,0xfc3e4908b822d808L,0x0000000000000150L } },
-    /* 41 << 504 */
-    { { 0x73ecabcf3acbb512L,0x9533fc1e8997573cL,0x5d5c5e92f163c949L,
-        0x525a58a51ee35ab5L,0xbbd9e4986db9fa29L,0xf3233214954015cdL,
-        0x710635f82ae6ad57L,0xe2dc148513b93e37L,0x00000000000001b6L },
-      { 0x0b972426c062c228L,0xf68356f3c831fedaL,0xdbca88e0294d3418L,
-        0xa0b2ccfb74891390L,0x15a50844452848bcL,0x3d40a30bf020c354L,
-        0x78654b100f743e38L,0x5830b682071e5c54L,0x0000000000000024L } },
-    /* 42 << 504 */
-    { { 0xdc7e268751b64c15L,0xd64e9963851661d3L,0x6dd6e61155c36ceaL,
-        0xc9dda78f95af04eaL,0x0e36204b717529d6L,0x18307d7b1a934b4dL,
-        0x9a2d9ccab18f8a3eL,0xbef73bc2a39cfa59L,0x0000000000000014L },
-      { 0x0ea74fcba1a4ca75L,0xea6233eedca12c9aL,0xd189f92afec9fb84L,
-        0x4b60da2d2d6bc935L,0xec09409fae1a492bL,0x2eaf3c6a96ecef1aL,
-        0xbd5744de79cc9c96L,0x137f9e124b817ef3L,0x00000000000001b5L } },
-    /* 43 << 504 */
-    { { 0x501c4b77a206d5d0L,0xeb9e35026823bdb1L,0x9c630625e12d89b0L,
-        0xe907a0599c9efd7cL,0x2fd286f722eacdd9L,0x6816d3af1bbf7f70L,
-        0xf28d01cd148540fcL,0x494b69af35e1db97L,0x00000000000000b5L },
-      { 0x27a04d983ee774f8L,0x7429986edfe44dc9L,0xe9ced611c5d67f13L,
-        0x3064c8278e8f1883L,0xe355a38fc6690faaL,0x8f46002a56ae4f60L,
-        0x2a02daedda54740cL,0xb7c3b9dad082c12eL,0x0000000000000182L } },
-    /* 44 << 504 */
-    { { 0x0a6349315830d60dL,0xd8eb73b8bbe24eeaL,0x0e5c491d01d78f8fL,
-        0x6a64025fc3741449L,0x3cd080c70e2ed20dL,0x2daabc21d2898b84L,
-        0x66dc0235f4c36524L,0x9327c374780d6ea5L,0x0000000000000180L },
-      { 0x3d37d86133febf4dL,0xc14534786988a93cL,0x3f74774eec0ab171L,
-        0xa3404c1e3cfac694L,0x045db8c32f3b022eL,0x8eabe9f35c01b893L,
-        0x61d83f12a7ed9fa8L,0x99bcee45a35d2628L,0x0000000000000005L } },
-    /* 45 << 504 */
-    { { 0x762ef77032a8e116L,0xd143a6c5fdcb778bL,0xda97c9de66b5309aL,
-        0x30a842f58e90a23eL,0x49c70a68e1a6b687L,0xc075044167230ac7L,
-        0x95a702baf0cd790aL,0x40a23752b7e6f3f6L,0x00000000000000efL },
-      { 0x7ad3f0231b216453L,0x8848cf889478adf8L,0xb59a0b8a73ffc8a6L,
-        0x3890a4b18886ef88L,0x01f563b7721c750aL,0x27200ccef586d6a6L,
-        0x3a00ef84acb996e1L,0xaf308a0d87ae84faL,0x0000000000000082L } },
-    /* 46 << 504 */
-    { { 0xed73a960cecaf2c6L,0xe3e2fc9f72f3e432L,0xe342c3c4b43440a3L,
-        0xcffcd0b38eb23a04L,0x97c0e69ae0230013L,0x8240dd50988f4aa3L,
-        0x450801c0934df0e7L,0x2ae8732d8b5e1134L,0x0000000000000185L },
-      { 0x88e7c72895bdb2feL,0x8b89c3a481110a0aL,0xd5c325dc38403b6dL,
-        0x8c9981cf462fb4caL,0x8d8ee77b4bc4127eL,0x66f0849209dd6dd8L,
-        0xae3c2cf2156f42e3L,0x05a9a2f7624bcdd3L,0x0000000000000188L } },
-    /* 47 << 504 */
-    { { 0x4b2cede9736d1080L,0xf3493b40f7a20cedL,0xd2ae2b575506f48aL,
-        0xbf15b5f1b26852fdL,0xbabf030c296d9bdeL,0xca059522434de93fL,
-        0x05e285648bfbf1f2L,0x6f3025ec7358ef2aL,0x00000000000000f6L },
-      { 0xf58301b7edfb2019L,0x66fd8abe39bc999dL,0xde69e5c9fa32955fL,
-        0xa238f72ae59bc937L,0x895f843786635c79L,0x26699c76bfaf8f08L,
-        0xc17214b9136b91b5L,0x362d2e7465ecc70cL,0x0000000000000113L } },
-    /* 48 << 504 */
-    { { 0x29d30ccfdba3263aL,0x3ddec6f458f319d0L,0x6859be59aa8889deL,
-        0xd21b5a3f37e57788L,0x0bc2f50b8e56e5f0L,0xb76d24e42b8c2b6dL,
-        0xd7b4c5575731d66fL,0x59d33a6e8a0e50a1L,0x00000000000001e3L },
-      { 0x4decdb8e57dc5e0bL,0xe1fd10aed8e33978L,0xbc70d10b17f26c32L,
-        0x15026720a9d2255dL,0x68a1e644fb625ffaL,0xdd3dca9f0b24bb44L,
-        0x3a192d90f8932bc0L,0x0f7120b476268713L,0x00000000000000d5L } },
-    /* 49 << 504 */
-    { { 0x40b536383a312500L,0x3583ad2393dd5ce9L,0x9edc8f2c2a6c32bfL,
-        0x331d9f888a7af41aL,0x8c2e24be679248b8L,0xfaaddcec55d3d6baL,
-        0x5389eeb3d7f4b6f2L,0xcfba884a6dbc261eL,0x000000000000009bL },
-      { 0xd297f9d412c86f42L,0xb1efdde1bf731999L,0x83e2c8ec1c74c90dL,
-        0x25172953e1a86c88L,0xe085e66d3ad7c757L,0x6a4205165f2264acL,
-        0xfec41f5ae94c09d2L,0x7b04d8889fc2520eL,0x00000000000000d3L } },
-    /* 50 << 504 */
-    { { 0x780729c7cc378344L,0x57e5492132481eabL,0xed30489faeff7f7fL,
-        0x915fbf7ce5f1c7e5L,0xa447efaf62b8497eL,0xfa764a3273aa8012L,
-        0xb1a75f1ec5f79a73L,0x904bbface55412abL,0x00000000000000feL },
-      { 0xedf27e0035d70f3dL,0x7403d8160c686661L,0x780f88caf8226941L,
-        0x0f3dba77374750dbL,0x22f036ec463ef54bL,0x05c98a11b4bcd349L,
-        0x0b9c1e1066c6c48cL,0xf97542e3aa4d23d8L,0x00000000000001ddL } },
-    /* 51 << 504 */
-    { { 0x8eb6298bd1c2340fL,0xa69b2a078c93effbL,0xa0fff41717e5cac5L,
-        0x4dbda6416788219cL,0x67ff5f5b77ee2712L,0x798d318757e8c5e9L,
-        0xcac3a4211adcedfaL,0xb77a995db508dd1dL,0x00000000000000ecL },
-      { 0xf5fabda250f13f9eL,0x2d3248164ab98a01L,0xef848f30862ec877L,
-        0xdccc661edb74997aL,0x6f1f9efcccc7a331L,0x03d6e862bc776e7aL,
-        0xd178f910bdea3158L,0xb6608ef07b9f535eL,0x00000000000000c6L } },
-    /* 52 << 504 */
-    { { 0xea95917775247610L,0xc03f4326d5528775L,0x8d46289b5b48a156L,
-        0x9447bc35cdcd8d8eL,0xc5688f26210bbfa1L,0x539bc76734f83af5L,
-        0x371c1bf9804413d9L,0xd38c342187de862eL,0x000000000000001bL },
-      { 0xb2a00040b183085eL,0x43f284af2524738cL,0x361c7e8eb6834e75L,
-        0xfe4ea9ff720b8af1L,0x87c7eac60299f9b7L,0x7f6f668ea0c54c54L,
-        0xe4e14938275b843eL,0xbf786cd0274de49fL,0x000000000000009bL } },
-    /* 53 << 504 */
-    { { 0x7b47c51e6e8c29baL,0xe8b5828112556021L,0x7b9996154cccd41eL,
-        0x80829cb5a6bd4f11L,0x8165e02b4261a0a9L,0x94c3b0b10516943aL,
-        0xb81de83d0a6c224dL,0x91d8d20a87625a2bL,0x00000000000001b6L },
-      { 0x3f36fec901bee5b2L,0x9f393611070292c9L,0xd54c6d895f498ab5L,
-        0x398e1f9042264500L,0xbbfaaf64ca95ca7cL,0x6cd5062414ab92a7L,
-        0x44ac4b76fb688987L,0x7bd8192888a78c22L,0x0000000000000077L } },
-    /* 54 << 504 */
-    { { 0x90ff1fe8d54b0174L,0xb2ebfbb8684f403aL,0x30d99502f405689fL,
-        0xd5ccc821baa34800L,0xdf3b996ca272984bL,0xe27f1378e9d1ef86L,
-        0x0a411e3fadf082d3L,0x54a704968bbf2c2aL,0x00000000000001d7L },
-      { 0x08cd18eaba4c82e3L,0x5487015aafe09e1fL,0x4036ec0feb49e0edL,
-        0xe5c93ba052d7820bL,0x6abbbbf084b8e6c0L,0x9303cf2644072ab0L,
-        0xe680096617b73ea2L,0xd0910a6b92c47ac1L,0x000000000000001dL } },
-    /* 55 << 504 */
-    { { 0x07c321cd72888b9dL,0xffdbfd2032dfac5fL,0x18e938cb5e246911L,
-        0x01e54403d22c20d9L,0x8a61ba0678040df9L,0x29b01d78b68c8c8fL,
-        0x52a16c436254a93bL,0xfe54503959f8cef2L,0x0000000000000133L },
-      { 0x9af34c9a1c33772aL,0x0c558a079c3fbb98L,0x91c66b9709f6ec94L,
-        0xdd67fd474a98dcddL,0xe6e210db396eacafL,0x14b35f752518c8d3L,
-        0x5094c31a411c5a07L,0x80aa1b8a6623c16dL,0x00000000000001bfL } },
-    /* 56 << 504 */
-    { { 0x9aa63d02cdcf2ceaL,0x5723ddf40c02861fL,0xe2642a0fb5f899a2L,
-        0x2066e595ff9a8295L,0x09a1e790cab91b8dL,0x01ce51d5dd4de2dfL,
-        0x661e1d8ba91a7c90L,0xad71031cabcc182aL,0x0000000000000002L },
-      { 0x374339b7290a7058L,0x42e89d09a15f4303L,0x8ec108f35cf10478L,
-        0xc13a2d048f10111eL,0x98a8386ba87259eaL,0x2039e70ef38794edL,
-        0x5d142439e8b922faL,0xf9af7e06caa6f96fL,0x000000000000010aL } },
-    /* 57 << 504 */
-    { { 0x04879dfe6a2ed236L,0x77038ae59d6d8c40L,0x2bd91ed47b88661bL,
-        0x7d66fdd1efec46eaL,0xc25adcbe1c315781L,0xc26b39782b2936f5L,
-        0xe88f1265bd9c530bL,0xdf6dc2bfadd1306eL,0x00000000000000ddL },
-      { 0xb105f92eb6bf1010L,0xff5971d686b2fb4eL,0x57dcbd9c796d21d9L,
-        0xca5e8768c6ca78a2L,0xd45c6f483a77d271L,0x87510561077977e3L,
-        0x50a4d3b1f03a3df7L,0x6d6487051a921d24L,0x00000000000001d8L } },
-    /* 58 << 504 */
-    { { 0xeefdb850013f564dL,0x10005fb12555de7fL,0xa2974fb059b20bc5L,
-        0x12544629137bfcb1L,0x8825f36f940b7f02L,0x628241621e47d20dL,
-        0xcf8c26e06e353253L,0x9abafc166e5e0754L,0x00000000000000b1L },
-      { 0xbde39c9a360d199fL,0x51dbeeca981c811fL,0x221f8008941f52acL,
-        0xf807c3dd0759984aL,0xa8fe7157b30a65e2L,0x4e3a799cd1894cacL,
-        0xf4b935eb2164eb00L,0x6c3792c0bdce96feL,0x0000000000000014L } },
-    /* 59 << 504 */
-    { { 0x1fd42bbda9198a11L,0xacddf8f2753687f0L,0x43d36ae6608ff4a8L,
-        0x216457684c59d30bL,0x93bcac7770397bbdL,0x8e90bc116c01a663L,
-        0x95771938531cc0e4L,0x2075e6e5ba8ec166L,0x0000000000000115L },
-      { 0x06c9883d44df0f72L,0xcba38ada86240567L,0x8b1d6a7a6765cca4L,
-        0xba76644c5013d624L,0x4e1261cb40b8f5fdL,0x0d0f9598c47fbe89L,
-        0x6ab7a704f44977e6L,0xd07aa31acc08c06bL,0x000000000000006aL } },
-    /* 60 << 504 */
-    { { 0x7b8418f213402889L,0xc8b3b1fbffc1d05bL,0xc3746149da384c02L,
-        0x3ea1be4b2491f86eL,0x694ebec1df96386bL,0x16e114752f4f39abL,
-        0xa042cdd70b357d4cL,0xc769a1b67fa71919L,0x0000000000000077L },
-      { 0xa51c483cabd2c768L,0x1cf05c6c7b0db8d0L,0x8ae60ab9eb16bb67L,
-        0xd2d75ed8531d5cd3L,0x5e9c20a46c476eceL,0x794a41fc8209e94fL,
-        0x0da3bd97c01ab9f8L,0x83682c72b3a18c74L,0x000000000000013bL } },
-    /* 61 << 504 */
-    { { 0x6dfdecfaed5deee9L,0x09adb9fae0897b6aL,0x9291b38089b471d0L,
-        0x2f2df6bfd95ba0b4L,0xbc44d08fb5564882L,0x2217b76cda298b3bL,
-        0x3cd6025f972f3b35L,0x9f6daa7db04ed8c2L,0x000000000000005dL },
-      { 0xb08ea52022feb51aL,0x40dde4545059e8f9L,0x47d16db04a9e1b07L,
-        0x47d4d1d19faa1affL,0xcc720686bd48f06dL,0xce3ffd573ce5f368L,
-        0x03789475048a878cL,0x163c7421eb4ac6c4L,0x0000000000000088L } },
-    /* 62 << 504 */
-    { { 0x097575c0b0812157L,0xb6c24f4ccdf6b760L,0x8ae073f297c5e905L,
-        0xfde1488d6ca3a648L,0xb758040f8987147cL,0x6f894fdd869e28f3L,
-        0x123cc1be7110e0c8L,0x039fa2bee9e9a359L,0x000000000000010dL },
-      { 0x92986cb50a63a55cL,0xb7669237de5e1cfdL,0xd6a1c865196de727L,
-        0x10345506215d79beL,0xa398a1557075f3ccL,0x82fdd1af7bfa5d76L,
-        0xe8e47652a81532acL,0xe5a95521bff4cc65L,0x000000000000003eL } },
-    /* 63 << 504 */
-    { { 0x9b578eaff318749eL,0xf68770442b6052c7L,0xb3d507b51cb82483L,
-        0x25504c1ca62c3df6L,0x57caf5be0a74d81eL,0x09fa69a1666c57ecL,
-        0xdf66521cb8e4c36bL,0x02a68a2f0dd04c8eL,0x00000000000000b0L },
-      { 0x928aa60db5b35d53L,0x10e8be306c50bae7L,0x361aaed1f0adf725L,
-        0x01168db479a6b055L,0xb9e4511c0bc87e60L,0xbae0e9bff45879e4L,
-        0xe55823837ab6e8e5L,0x4bcb4072658c5b05L,0x00000000000001dcL } },
-    /* 64 << 504 */
-    { { 0xfa5944257d7d3912L,0x208af690f57dc595L,0xa277e9808287e9a5L,
-        0xfe15c6e2d556fa0bL,0x4b4612ee81a8260cL,0x6e171bd7cda05ab2L,
-        0xc417d3d1de584e28L,0xaff5e9b98eff9ff5L,0x0000000000000188L },
-      { 0xb0700568c6c3151aL,0xccd55dc01f049293L,0x7c6e61ab443d10a0L,
-        0x9c2c964b0a4546a9L,0xf470d97e7fa4474dL,0x378d416f74b749fdL,
-        0xc821766f1d9fea8fL,0x71c9fab02e3d8dd9L,0x0000000000000027L } },
-    /* 0 << 511 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 511 */
-    { { 0xbba0d1f988468571L,0x4b15325d14edf415L,0xba40ad2e5b315437L,
-        0x4cce24b45214deb0L,0x33ccc948f3217ca3L,0xc9a387c88d2d7d56L,
-        0x19c908921569445eL,0x6b925ff0c50a9417L,0x00000000000001afL },
-      { 0x55fcfc767fa33215L,0x2b7b66383e2b25b5L,0xb765a15b602d0860L,
-        0xefdebace1a252b65L,0x8117e367f315947eL,0xbdd3a76a501fa6a2L,
-        0x0f224474f4b0cc16L,0x694e2254515f0dcbL,0x000000000000013eL } },
-    /* 2 << 511 */
-    { { 0x22b8eccb56b092a2L,0x0a47d70e736ea9aaL,0x3eefc772d64a7d08L,
-        0x85408cecbb2e0f14L,0x73047afd285cb70eL,0x1732f01663297a2aL,
-        0x4dfe656a4cf37eacL,0x147d6d66c0ec357bL,0x00000000000000c7L },
-      { 0x1f3e59103c115125L,0x0d2d18fcbfb07241L,0x5d6aa860ba4b009dL,
-        0x8d0d9368806ff8edL,0xcc5ca3701a05c049L,0x7bf21caee9ab4c41L,
-        0x6632c3e0001d5ccaL,0x3a4f99b6b60e5593L,0x0000000000000008L } },
-    /* 3 << 511 */
-    { { 0x67f918a4e83a74c7L,0xb5b93d318aeeb8daL,0x04f033bddf8b5ab2L,
-        0x8625cb2864df3389L,0xeeec07936b2c8470L,0x7af4facc85a3edf6L,
-        0x3c591c09ce38c9fdL,0x56714b52dc84e5aaL,0x000000000000000dL },
-      { 0xa6fa0f8d93455dfcL,0x9436150e130b8d9fL,0xf87d15ea9c4e016cL,
-        0x9845852f510467aaL,0xe512bdcfb63d9a99L,0x820a8b737c6c01ffL,
-        0x30dcf512698b9654L,0x3917e6a8bc52d8e3L,0x0000000000000062L } },
-    /* 4 << 511 */
-    { { 0xaed7666ae6b2853fL,0xa1fc0332be96140bL,0xb99a5dc81c1e38b1L,
-        0x56194675f38c5243L,0x16c6f80e80d38681L,0x1117841314205f46L,
-        0xd2dc67bc6ee03089L,0x5e18245ed3dad965L,0x00000000000001e3L },
-      { 0x389e59cafda7741eL,0xf341d649259e4dcbL,0xec15d27a260b32b0L,
-        0xf3a1a08207640ceaL,0x15ac31456e811313L,0xb9027ce47cf68896L,
-        0xb43e4fd77008a356L,0x541aa5b4640c2c60L,0x00000000000001c3L } },
-    /* 5 << 511 */
-    { { 0x9a29c770d75994f6L,0x324345412f6c1df7L,0x8339d6aef2b285a4L,
-        0x8bb1ff0a6feaab2dL,0x8f9137cbcc3a0a42L,0x19e09b7c1e385985L,
-        0x8ca610ef45e2f771L,0x8482833a4b37ae8fL,0x000000000000003eL },
-      { 0xa305da774a619736L,0x9f3bb1d47475f158L,0x5b30ac0741aa2ff4L,
-        0x19963057a9bfc2f6L,0x89a3d94d1f12dadbL,0xb5da354359d81991L,
-        0xcaa559b88668161fL,0x2cbb1a1af8ddae34L,0x000000000000006cL } },
-    /* 6 << 511 */
-    { { 0x3c32f4e34cb99695L,0x0db56646c1241e0cL,0xa4cea13b28515d66L,
-        0x1c8f63975f3ab5dcL,0xd466a1b34defd3ebL,0xcdbb66b5e6d860d2L,
-        0x26fc2fd5fe87183eL,0x02d81a03d18233a9L,0x00000000000000d2L },
-      { 0xdc570644caa08959L,0x7791cc35cf763c20L,0x3c0dc132272a1068L,
-        0xd7ad702cc8a74578L,0x7689c46eada1d72cL,0xbfc2e06f2b8b4369L,
-        0xde85e36ec0bbd6c4L,0xd879e086f9849084L,0x0000000000000077L } },
-    /* 7 << 511 */
-    { { 0x35702db34e0b5199L,0xbb02636c273c5fdeL,0xf73cabb563fc329fL,
-        0x1a280b288c1addefL,0x4844dcd4422f07d6L,0xdd6851167518acd7L,
-        0x9ff8c1efd2bd73e5L,0x9465a3b26afb5416L,0x0000000000000194L },
-      { 0x1d68a6e413b729ccL,0x10758206a54e8db6L,0x20f8fbba9708de79L,
-        0x1c5eefd2c1abd968L,0x3c7742c2525f1fe4L,0x3175190b2c612f17L,
-        0x4020af7742207e24L,0xde4bed37fa5fa6c2L,0x00000000000001a9L } },
-    /* 8 << 511 */
-    { { 0xef192aeddba16581L,0xff1342112e8db0fdL,0x32551c61bdca8d0dL,
-        0x96e1ff06c55b9aa3L,0xa211b1107e4c635fL,0x2708e5427c4b6b4aL,
-        0x70ff7c3fa6575526L,0xd26e2db636092ec8L,0x00000000000001aeL },
-      { 0x1fafd3c2533251d0L,0x1602462d8a9a439dL,0xc057595a1cc5af27L,
-        0xa27197f3be839c9aL,0x03c1cc4bbfc1318aL,0xb78c7b7f34d0a378L,
-        0x0f9d754e161b4257L,0x8dcf43cbf355d916L,0x0000000000000194L } },
-    /* 9 << 511 */
-    { { 0x9181244f3e0d4347L,0xb189acf795b45d19L,0x8877efde70a55c91L,
-        0x924b0d70c1d9c777L,0x7c3a5a49b703ad70L,0x72c4fad3e44f1b1eL,
-        0xc1efa48525544d96L,0x1f6ee5617af50683L,0x000000000000000eL },
-      { 0x518630dd1fa2e8dcL,0x3507130b38be0359L,0x989190f52993ccfcL,
-        0x793361df738a29bbL,0x44700a46d43eebf6L,0x03622bdca60b214bL,
-        0x956992cddd6703c9L,0xd85935a3d7ee66dcL,0x0000000000000148L } },
-    /* 10 << 511 */
-    { { 0x51df490ddc3577ecL,0x6d8a70e97e28be3eL,0xd87a7ed31de95e73L,
-        0xf97c968da6c7086eL,0xc47b64dc6b4afe00L,0x489f1d988b432676L,
-        0x9f2b7996f72c2153L,0x4acd5ae8f820af70L,0x00000000000001a9L },
-      { 0xa5cc854bd7263fcfL,0x7bd94b2f864febf7L,0xb3def0ff9460c5d4L,
-        0x5f0766b5042d47b5L,0x9e8484f28ae51b32L,0x26ec4ea6f8c729e7L,
-        0xf279d7336c2ad315L,0xb2d22e6edac3e8d0L,0x00000000000000f6L } },
-    /* 11 << 511 */
-    { { 0xc9b6366728cbdea1L,0x6920862b9e8756dcL,0xd522608028c90b04L,
-        0x52f9c421f5bde803L,0xe075ad1141b5ce80L,0x2aeee7e51c04e56dL,
-        0xcc6053a428eb7657L,0xb523d16d4cfcb113L,0x0000000000000041L },
-      { 0x33028ceb6e812f6eL,0x654b5ffcc2cc46ceL,0xc9d28de56f143379L,
-        0x6ce0fd8343a626dbL,0xbcc0a10be9fdcf7eL,0x50b2f0747119a936L,
-        0x91b1782d11f4af5cL,0x7472e053ed0b5481L,0x00000000000001edL } },
-    /* 12 << 511 */
-    { { 0xb2b4d4085967b43cL,0xc660c6c1f35923d2L,0x696d9140a27fde01L,
-        0xfcd766eb259432a9L,0x6831fde1cad2a4e0L,0xa157be88928838eaL,
-        0x4b31c1d6791d2740L,0xf1958bba850a1760L,0x0000000000000085L },
-      { 0x23a6800ed777e0d8L,0x84d2780d71cb04d2L,0x691076f7d7a8f688L,
-        0xcff1a453e2237b7fL,0xb1d9dd8f0a9037d4L,0xface3a31d9199814L,
-        0xff7bfc81da563993L,0xa0f655abc61dd36eL,0x0000000000000111L } },
-    /* 13 << 511 */
-    { { 0x9199785a30677670L,0xc74d3404c0ade42eL,0x8ce0d96b0613519fL,
-        0x3c7c64533e40200cL,0x02cd19101dbe0935L,0x0c37218968cc3a24L,
-        0x51887d02a1588133L,0x33757613c105adcfL,0x0000000000000032L },
-      { 0x74a955d103f1fa25L,0x518b2de6fb22b0d7L,0xfa48229fdfe08961L,
-        0x47df7eebb4cb58d9L,0x5b9c683f4601e92aL,0x4a3a2c3f81d5dfd8L,
-        0x15d6b44f4a5c99edL,0x6646f77e020eb968L,0x00000000000001c5L } },
-    /* 14 << 511 */
-    { { 0x43c5bdf15d73ed9aL,0xe3766738e71c6e7fL,0x625cb8c43947ea97L,
-        0xadf7ccc082241ba7L,0x629f45b307329130L,0x9cfac1748d0c281aL,
-        0x92069e577d14ca06L,0xca121495dc9f83a5L,0x00000000000000cfL },
-      { 0xf4e6da377de97fccL,0xd3a271b7025d39dfL,0xbf2ebfe8389e12eaL,
-        0xf434f29932f184f2L,0xfbc3ccb9366ef539L,0x4e159cdacdef4a8fL,
-        0xc311bd82b0f0bb8eL,0x380b2eb1779669adL,0x00000000000000b8L } },
-    /* 15 << 511 */
-    { { 0xfdaa86c09b3aac40L,0x7dad3911133885d4L,0x09897075e7c6b586L,
-        0x79f816ab78daf275L,0x914786aab75eab7aL,0x7713bfd59584eaa4L,
-        0xa7e01a7440496a4bL,0x165c6601831641c8L,0x000000000000010cL },
-      { 0x73be34b6f05c5a20L,0x7ef7738886b6d280L,0x872cfe9eaa2fc4c6L,
-        0xa56cb3513c57c990L,0x7b533f43964fd18fL,0x036822e86d1c2d7eL,
-        0xf59ffb19ddce594aL,0x823a71fd3d012d0dL,0x00000000000001f3L } },
-    /* 16 << 511 */
-    { { 0x9a0062d31c2df559L,0xc130a85d2d4e9996L,0xb226e6cf370a02f6L,
-        0x3fa94ade7386b10fL,0xddec1e75d4576547L,0x0251109d1dba7f8fL,
-        0x9a3f5313c3a003a9L,0x4742778bab26e65eL,0x0000000000000094L },
-      { 0x828ca5adfb997e14L,0x3826b0be65001ed7L,0x53fb9cd3cfec55a5L,
-        0x53e96d2831a1b7e7L,0xb5cbfde924f2dfb5L,0x3a26a665e944f4a4L,
-        0xd637639834e527b2L,0x709e156dedadf5b8L,0x000000000000018aL } },
-    /* 17 << 511 */
-    { { 0x35cf82a447dc8eecL,0x321037e6a09222b5L,0x27a2eded92b90121L,
-        0x27f5b4de081ba487L,0xc7855daee753515dL,0x4454e808f3591d41L,
-        0xb0b1bac6d009559eL,0x89b3ca825e2e4cd7L,0x00000000000001e9L },
-      { 0xb84d611afe9e0356L,0x1c90bc63e04ffc14L,0xf6a8250546133950L,
-        0x95c570d8599722d8L,0x6bda993379908046L,0xde91eb54417a3742L,
-        0xb87c0e1adedebb29L,0xe1a3b0370fc4207fL,0x0000000000000166L } },
-    /* 18 << 511 */
-    { { 0x412eb9d00d3825aeL,0xed91e11c20b658ebL,0x0da403aee6918918L,
-        0x8ec67ea3b084b920L,0xa213aa3a1f3d3ff2L,0x21dfb5519efc3cadL,
-        0x30ee2a8a19845c68L,0x07b47d281835550aL,0x00000000000000b6L },
-      { 0xb3ef46192657bec2L,0x607d10122cc2c528L,0xa86d31edc07db93eL,
-        0xc07b3da980c25cf2L,0x5c56cd075c83c1f7L,0xf32a98b3a0d7ea59L,
-        0x5f1e6fe10cef77c1L,0xfad8a85ec5b5a9b7L,0x00000000000001d5L } },
-    /* 19 << 511 */
-    { { 0x31a101bb4067b430L,0x5c825d7d1311d821L,0xcd7b3b4589274960L,
-        0x3d1a68f1f9774bd2L,0xb0807f2674397634L,0xa36f44f5f95f9f93L,
-        0x55f6d9fbd1943507L,0x2f86208dec85260fL,0x00000000000001c9L },
-      { 0x3dc94ef8f634d6fdL,0xb924b8297d89b934L,0x2479d0aa6b8f4da3L,
-        0xd6c651f63d5f8200L,0x43215c18aa04ae4aL,0x76dcb5b5408f7727L,
-        0xae66f252907a0f8eL,0xf528e4222387bab1L,0x0000000000000046L } },
-    /* 20 << 511 */
-    { { 0xab146802bc0d4745L,0xf767df8ffe603917L,0x2bbae80c1988e88dL,
-        0x69e9c7e1cfde1857L,0x25a609f58a7c8c60L,0x46bcbd1b57cf84d4L,
-        0x89ae0be245c52763L,0x13482d1d98558305L,0x000000000000003aL },
-      { 0x66ac9ee936a3d944L,0x6822ce1171ec895fL,0x8c5f2551938d1792L,
-        0x7d5157bcdc481d3bL,0x0aab532d63fa5debL,0xad1fb55b99adbfe7L,
-        0x5338d6ca9fcc46deL,0x84b2a63bae3aa998L,0x000000000000018eL } },
-    /* 21 << 511 */
-    { { 0xb2dcb83ac5a10aa8L,0x93a449f901878026L,0x91f2d986f475e7a7L,
-        0xc6a6be5fdd461273L,0x8dcbd0524f0e65daL,0x48d908800b3a8247L,
-        0xd0306f8630fc4481L,0xa4ed5cbd7f05a36aL,0x00000000000001edL },
-      { 0xe6a4688114185d74L,0xd20cfe6e0d17aaa9L,0x48b5ebf4b67cbf53L,
-        0x00ed88d0eca0b0e5L,0xa184ea8a01795a9eL,0x2a26f41a8b1e4ab4L,
-        0x1640fbfcf7e86bf4L,0x49379fd35b08a012L,0x0000000000000160L } },
-    /* 22 << 511 */
-    { { 0x220024890128270fL,0x60df1294574584f3L,0x80da07d1339afaa1L,
-        0x49cb3fb54873bbe5L,0x5e274ce99e32907eL,0x2ab695c69c2bd23bL,
-        0x63a53145084084b6L,0x881ea559b7c43b59L,0x00000000000000faL },
-      { 0x3d9de6ffec7f7938L,0x1b40e323c53223bdL,0x2b6f33785d3fce2bL,
-        0x5a16083f94bf2ff0L,0x4da0ae8fc30458b5L,0x743dfc12f0d0b1c2L,
-        0xffe8b8591863d312L,0x1fcba995114da460L,0x0000000000000065L } },
-    /* 23 << 511 */
-    { { 0x0ef498c2fda0bc58L,0x84f03c51e18d1f4eL,0xada00b832b89b834L,
-        0x2ac43953cbf7d8fdL,0x8a7a37ddec0eba45L,0x24ed7dcfadafee4dL,
-        0x2e900677c0a554d5L,0xc961ce69f179b0c6L,0x00000000000000c5L },
-      { 0x21769ee979d32556L,0x14c417fb317b715dL,0xa2848ec69b034410L,
-        0x651c9465f29126dcL,0x08446de16d88dbd4L,0x3b03622149b26d96L,
-        0x2d9102293b1512a3L,0xc909f04560ab613aL,0x0000000000000032L } },
-    /* 24 << 511 */
-    { { 0x119638ae44d87d78L,0x8980cddeff77f891L,0xb001aa0f2e3c9f32L,
-        0x8cc959d96c93b9a3L,0x3889ddd42516f042L,0x390fb5c1b2d34007L,
-        0xa39b106f093e4a57L,0xcb1856652168bca7L,0x0000000000000015L },
-      { 0x85adb26d33e39fbfL,0x68b6c5946ed3932cL,0x320813886ff4fb12L,
-        0x24b50dda14c7e9f7L,0x3e84edee6eb8db2cL,0x0d0879a304222282L,
-        0xd091b141db79827fL,0x41c1ea1c63d30563L,0x00000000000000c5L } },
-    /* 25 << 511 */
-    { { 0x33b7058ab3cb6db3L,0xe247bc85c826ca4dL,0x430cecac23018f67L,
-        0x2d633897b9e1fe93L,0x93de63d283b8bac6L,0x84deea4de2294567L,
-        0x9116e7bfd9d60cf1L,0x32715396bb9627e7L,0x0000000000000020L },
-      { 0x49452782bbea6240L,0xa0247a9b29a23527L,0x7576093c9e6ad610L,
-        0x3d7cce9ba983807cL,0x3cae59f6e5b737c7L,0xec383fbf5090c8caL,
-        0x3c09262f7fb72ae4L,0x3cd1a9d116ad7cceL,0x00000000000000a7L } },
-    /* 26 << 511 */
-    { { 0x394547b643684ad6L,0x27c93a87a4efc0b7L,0x97914b633832c7ecL,
-        0x89291edd995801b4L,0x1b7e633b9ed8dfb4L,0xa2a21e650cf5637cL,
-        0x4afebef08428be9aL,0x527fc65f42269b08L,0x000000000000011bL },
-      { 0x30099375278302baL,0x0b15cc9a6b1ade38L,0x6b6ad14ea4bb5288L,
-        0xc0dbbe3f6425657eL,0xa611247f7bc91657L,0x0ff0aa026ba54b82L,
-        0xa695a6941a44fa38L,0x7ff5f88e2e491f15L,0x000000000000005fL } },
-    /* 27 << 511 */
-    { { 0x98fbc213d8430bb6L,0x785226503a768732L,0xc44c1313c77b0847L,
-        0x61de63d2a21a8f5cL,0xc57d7ad64ee27d3cL,0x0d70a8414f19405fL,
-        0x696647aa7f6721ecL,0x067d6891c409e1e9L,0x0000000000000025L },
-      { 0x4188632f2b8f5085L,0x8e9b1a3789693e29L,0xd12668d218a2eb06L,
-        0xf3aed630596b2ef8L,0x1f8368bbc0589c86L,0x4722d8261eb0b305L,
-        0x797cf073488c1be0L,0x835aba08032ba315L,0x0000000000000154L } },
-    /* 28 << 511 */
-    { { 0x6994d68d7acdb128L,0xea6c1bcaf3e42194L,0x45b4e1e5c14a3782L,
-        0xc1d3ff5ca5089907L,0xc7d8b8bab2ecc0c8L,0x5756897b8af09517L,
-        0x54248bc42d37631bL,0x4ec2b153748dc34dL,0x0000000000000018L },
-      { 0x0be76102bcd4b8f5L,0xf59b6d2fae1fbc73L,0x3a82d42614de6312L,
-        0x603fd1ba99d221deL,0x31371c44349ada8dL,0xecb2cfab22e3eea0L,
-        0x5134413e744a9e46L,0x1d91fe459e0de97eL,0x0000000000000042L } },
-    /* 29 << 511 */
-    { { 0xbe0d267fabe7ca12L,0x00aa0e5de45c1440L,0x3f943a133936bcebL,
-        0xbe7e6ee2c10a5afaL,0x9a05de6433854a57L,0xd2635265bd538c38L,
-        0x2d8b1ee1bc23b270L,0x1b817b956662d16dL,0x000000000000005bL },
-      { 0x0b34b0d6993f32abL,0xd29e841ca594d824L,0x659f13d59ae853cdL,
-        0x50bd99b1f134a1ebL,0x96185d6777657f3bL,0x9866e7a14b16d264L,
-        0xd6f7f2ac20d2efc8L,0x27030aa51ea5a842L,0x00000000000000c1L } },
-    /* 30 << 511 */
-    { { 0xca2a69328e4c1bb9L,0x5406d95b89a810adL,0x181690a007059605L,
-        0xf6b80571db36c201L,0xcdb7ceefc0da0fb1L,0x0e0f2c08382dd238L,
-        0x530c9a2e943fd3d9L,0xc14d7c55a5f3e1f4L,0x000000000000005fL },
-      { 0x38c5afdfccf6ebc7L,0x9f2e2d25f0d0c1b8L,0xcb96d5873af9bf69L,
-        0x150f940c89391daaL,0x5d80c9765901c338L,0xca2c7c5f7134a0b6L,
-        0x615abd199a37b224L,0x03504959e2b8790aL,0x0000000000000067L } },
-    /* 31 << 511 */
-    { { 0x99d98ce9c151c763L,0x45d75a156c9f8403L,0x398ca5858ad4d96cL,
-        0x5aea77ac7ab5a6e2L,0x31daacac60ca3cd8L,0x0be70a0c33089a45L,
-        0x37d11b417ae57ec8L,0x0daa79b92b36c7a1L,0x00000000000000fcL },
-      { 0x86fe4b66e6bfbeedL,0x471e1284dbc755aeL,0x93f985d974ad1658L,
-        0xfc9301d7c5cfe717L,0xcdfec01a08b28faeL,0x38a8a97d15684b4cL,
-        0xef3c8e4da413cd92L,0xa3a9ea581f848825L,0x0000000000000038L } },
-    /* 32 << 511 */
-    { { 0x1d45c5c8dd04afceL,0xce141a50bbd9c392L,0x44ca5fa5c9e0fc05L,
-        0x4b9496ff60ccfb3cL,0xbe260bc6db5552a6L,0xa0eabfdd7d3a7a09L,
-        0xe9cc06ae1c77c1f9L,0xfa792d042aabee9eL,0x00000000000001dbL },
-      { 0xf2224e6f72765171L,0x3f9ea54811b89e04L,0x1e07c6eb138f1a43L,
-        0xd9b61817621f1f7eL,0x08e851aa2f69af1aL,0x3e75da6fc0d63f32L,
-        0x49a72d31f0f0d74dL,0xfccfc561c516a10cL,0x000000000000009fL } },
-    /* 33 << 511 */
-    { { 0x50f7e4f10a927e25L,0x21a09f957b043982L,0xe57eb5d0a7f4ae19L,
-        0xaa5f21c688c23fa0L,0x345eb906b671a416L,0x3f75a771e1cd246eL,
-        0xdcb1400211d9833bL,0xcf9f9effd4757fadL,0x0000000000000027L },
-      { 0x8cc47957a51fbfd0L,0xf2f7514db21b49dcL,0x342c1525b167a27fL,
-        0xd9189df73bfe544bL,0xf1e992d72ef945cfL,0xbdb74deff88ba1f9L,
-        0xfd978291b82afc9fL,0x64c2d06b8072b2ccL,0x000000000000004eL } },
-    /* 34 << 511 */
-    { { 0x02b8ce6504071b42L,0x846c0eca3f395d37L,0x5f02aa27aa3c2f7dL,
-        0x6812ff735c5b86fdL,0x617425a2fed24a25L,0x8c4aa371a388dc78L,
-        0x866aabc850041de7L,0x8634b3cbd1ff9bdeL,0x0000000000000193L },
-      { 0x0b64b43ea717f98aL,0xfc2f70a8c9b0fe04L,0x00811a41e3545cc7L,
-        0xe073c45bc396da28L,0x56fe07f4905ade48L,0xb123dab359ca3c9bL,
-        0x155282356f0803e0L,0xd66e80e281b40eb2L,0x0000000000000141L } },
-    /* 35 << 511 */
-    { { 0xe6df057a87307af0L,0x57673587e4a49774L,0xb4626535243828f5L,
-        0x74f829480d6b51b3L,0xcb1c59f43de3f59dL,0x34e8ac234df85c57L,
-        0x363c7f11a6d0c631L,0x050904e0163f8845L,0x00000000000000ecL },
-      { 0xa2d31e7ae522c580L,0x2192828a1418a8e4L,0x8bf7419f81f5c03bL,
-        0x610522a6cf674c6eL,0xd038897d6b1d1b0cL,0x3ecb81e6b9a1192aL,
-        0x0e88a8d53e80564bL,0x395f9bf85d76c33cL,0x0000000000000032L } },
-    /* 36 << 511 */
-    { { 0x5390df114314f744L,0x545733637f8ff5eeL,0x22442fa33849bbf4L,
-        0x1c462aadb46045f4L,0x2b0758050817d8a3L,0xffd73fc3f5669e27L,
-        0x546917fa1aa20f00L,0xb7143ce6713fb9a7L,0x00000000000000b5L },
-      { 0xa4c372206dd0bf11L,0x52731f73af632b4bL,0x7c309663118ea369L,
-        0x076a35880a8a687bL,0x07e93992e0a835c4L,0x7e5f1bbd4bea801cL,
-        0x3b3f6fdc83bc661aL,0xdb55c7e2364cf3a1L,0x0000000000000039L } },
-    /* 37 << 511 */
-    { { 0x4f6b908de90be946L,0xe1f9650ffb405564L,0x1db8139fdd3a7d6bL,
-        0x71d6a50705d77cd1L,0x3b858f748f73a748L,0x217b6c7d9298eb99L,
-        0xbb713b613fca2518L,0x676e6f89d0dea256L,0x000000000000016cL },
-      { 0x05c293ef29c8372aL,0xd3f26db950326885L,0x66177b402cea076cL,
-        0x5e590103c94a3e60L,0x12f5268c5f24c0e7L,0x79cb7296cd30051dL,
-        0xc7c9b49b4b77f8fdL,0x8a19a8c92fa04a11L,0x0000000000000002L } },
-    /* 38 << 511 */
-    { { 0x22401bc6535dfb08L,0x893c44e95b4abfddL,0x3ea62c91a4e38edbL,
-        0x5b2bc290ca12f3ffL,0xec707dd69051cbf2L,0xb07a24f8e229c022L,
-        0x30ef2af96883d74eL,0x2ff30fbdcb8b1f4aL,0x0000000000000108L },
-      { 0xdeda6c35fb49ddd0L,0xcbd14fcfe75c49cfL,0x1e4bc372ab2fbcccL,
-        0x9b3a3efac145242fL,0x6ce05f8162c39e2bL,0xa5bc8d92adbfae6aL,
-        0x171424988855b100L,0x29892ee2b0f012b1L,0x0000000000000056L } },
-    /* 39 << 511 */
-    { { 0xeeb9875d19d809c6L,0x8dd24196e2064977L,0xabf1f5c25807f8cdL,
-        0x317fcb9d75d9af79L,0x0bd27847641a0dd7L,0x52fdf8fddfc25539L,
-        0x0bb20880b72d79b4L,0x7403cab9b050f06dL,0x000000000000008cL },
-      { 0x39ac8805f83224eeL,0xe74625294c06d65cL,0x9dd00df370d5aae3L,
-        0x8ddaf294a460289eL,0xaad00c0b8c2b12c8L,0x897fb3d5c570bcabL,
-        0x7f069c7b7d06c691L,0x40f5a2d2f44b375fL,0x0000000000000147L } },
-    /* 40 << 511 */
-    { { 0x66fba7b2e7441cb4L,0x9703fa4d0edf3396L,0xff524baf4f3a5b75L,
-        0x9a8f25db1d173b34L,0x29d81a1a1cdb278aL,0x4cffa124a410cdeeL,
-        0x5388c4036feec1d2L,0xcd9411a470cc643fL,0x00000000000000cfL },
-      { 0x7b229e6550e05667L,0x3175d10dbbdddf46L,0x9dfefe2390b31338L,
-        0xf97db78253a89eeaL,0xcb8acd29da67068cL,0x61c34b5725f19838L,
-        0x856cf76a6c605d31L,0xf4ae77b201effc73L,0x00000000000000d0L } },
-    /* 41 << 511 */
-    { { 0xaf3cf777a26b8056L,0x5c43dd61241360a6L,0x58b083c67fdb2f60L,
-        0xd2e7c4c8d351c4e3L,0x3dd61d56f94892e7L,0x195876a7e8995a49L,
-        0x01a0a17dabe083d9L,0x52beb3136552590eL,0x0000000000000066L },
-      { 0x1a3347effc405688L,0x26bd6de805ecb62cL,0x857d636da52f40baL,
-        0x58a784783188a7a7L,0xe0ea2b9cfce84abfL,0x2fdf6d3e5a673decL,
-        0xa18d4112bde7405cL,0x4271c5f9c015e112L,0x000000000000010bL } },
-    /* 42 << 511 */
-    { { 0xf370ed52a459ca74L,0x7cf21ea4025cd3f2L,0xf925a200a1bbac0aL,
-        0x3abcad9afbc36076L,0x10ff56a08e382f60L,0x2f72b3e29adb35bfL,
-        0x57e668316c2a7131L,0x6201c63b1cfb3b53L,0x00000000000001e6L },
-      { 0x6fc57e654e3919cdL,0x5d34bc0e789ab429L,0x0f1401b897c4f56bL,
-        0x1ab6888a8678c37cL,0x90c07e9d168f4c19L,0x9c4fbaadf2f7efa0L,
-        0xd917c926142b5340L,0xd92f2667a5ca3f5dL,0x0000000000000173L } },
-    /* 43 << 511 */
-    { { 0xc8625d648fa89b66L,0xd7a2e7ef484c0085L,0x296d5cec57a26972L,
-        0x624e03edc087e675L,0x3eaedbd4bcc8ccf4L,0x24267aa04f5cab98L,
-        0x494f2a3554d6a0c3L,0x4782932db4554a33L,0x00000000000001deL },
-      { 0xf2ea212c17c4784aL,0xdbfc5551c152619cL,0x2643df61118f875dL,
-        0x6577ff540fb8865dL,0x2653fc8fabd035f6L,0xc1ae1c669ed7ef7bL,
-        0x4d602fb24a25ccd2L,0x6391a7332afe8120L,0x00000000000001e8L } },
-    /* 44 << 511 */
-    { { 0x04b2f9f2ccbe7de0L,0x8870c0dae6c58facL,0x69fceb5b23174377L,
-        0x8f1ad157f12131c8L,0x3e925501ee3048cdL,0x96a0b31e386d5003L,
-        0x586a530340e9c76eL,0x517d83e314857a31L,0x0000000000000115L },
-      { 0x4d02d42902d8ecbbL,0x68b811f62e9c8238L,0xe213c3949310f7b5L,
-        0x200ec52ba8d8187eL,0xd80c192da0fb4110L,0x35c985ff7c450678L,
-        0x43577470db1e8f13L,0x6810ef036900807cL,0x000000000000012eL } },
-    /* 45 << 511 */
-    { { 0x379ee09f103bd6f9L,0xc6455764cd4b3d01L,0x785ac6571d53dda2L,
-        0xb6c194c93eba3017L,0x6aec6839ee84180fL,0xc94dff5ad09c51bdL,
-        0x933c64be4038c3caL,0xfb3e230565c87b9fL,0x0000000000000077L },
-      { 0x04b71ef8ac8ab240L,0x6a16d0e5193fd7e0L,0x86fcef220c40a10dL,
-        0x28228cc910f211c4L,0x5ede88e706ae9d8fL,0x67067909a5f0e8feL,
-        0xad79f0c8df338ba8L,0xe39836048ee0c62eL,0x00000000000001f7L } },
-    /* 46 << 511 */
-    { { 0x7d703295f5e4f7f8L,0xc3fdc161143af599L,0x25ae8c6d10a6b4ecL,
-        0x8f3ffce44eda9576L,0xa2383338f649674fL,0x38642f550eb3892eL,
-        0xeabb7046f0cb8779L,0x57dabaa2dee84d91L,0x0000000000000154L },
-      { 0xbb850ab36173a285L,0xbca5655928b6fb38L,0x8e3428380df79eeeL,
-        0xe52853dffecc7940L,0x792e753ad9dd12adL,0x7e2cb3406420ebd6L,
-        0xb585ab566d827017L,0x2dc2202c5a41aa40L,0x000000000000008eL } },
-    /* 47 << 511 */
-    { { 0x23845c7c715a4da2L,0xb337c0ba6e0aff7aL,0x41b68812f9a9f520L,
-        0x4a10ab9bad1a5c83L,0xd8fcea40ccc1a37cL,0x51d69fdfb25a1b3eL,
-        0x83ce07a3022b27b1L,0x762e56c9f29621f0L,0x0000000000000017L },
-      { 0xc193077f19482f39L,0xcd5eeec001d3bf64L,0xb2d5f8a51d7e8890L,
-        0xf63d9476672f223eL,0x6cee15df7c3f98abL,0x17e3a150da97838eL,
-        0xcedd10e73c50762eL,0x22d5f479795cd480L,0x000000000000018cL } },
-    /* 48 << 511 */
-    { { 0xf854e6e695c41349L,0xe7d4dcb0476ad721L,0xcaf79afb764dcaecL,
-        0x99a065a2e85595acL,0xcb613dd111beed86L,0x1ec36351b5a4d300L,
-        0xa1acae740f8b5580L,0x6d6bd5a7708071a2L,0x00000000000001a9L },
-      { 0xfcac06c11f4f15a1L,0x75a9003c1050adf6L,0x61b71ef7ea874ec8L,
-        0x0de589f5ba499bebL,0xc1470e300d93fee4L,0xc981a814d175ce74L,
-        0x2549b4a3bc96e422L,0x14d44f006728ed6aL,0x0000000000000085L } },
-    /* 49 << 511 */
-    { { 0x798a73bec4e4028bL,0x6388051a3353c08cL,0x028b0677e9ede279L,
-        0xcc3d488cf6339bcdL,0x87c818187e5ccd8cL,0x4e7186598c7b25c7L,
-        0x4196e50586f7ef16L,0x9b107e634d57b458L,0x0000000000000061L },
-      { 0x4d6c0c1fef82fb6eL,0x8c244a96888b56dcL,0x8b464d425577066bL,
-        0xf7ecc8ca8261ddb0L,0x3570d8a77002aa15L,0x8e694bd46197aea4L,
-        0xff32a72d301d8b31L,0x8e7f4f8ce64abfd9L,0x000000000000008cL } },
-    /* 50 << 511 */
-    { { 0x4192297482a6c06dL,0x5d74d871af00d803L,0x8d08becbbb060085L,
-        0x73c0f98f88c68d5fL,0x57ab930e1eee2808L,0x58bce0b0994c1dedL,
-        0x84b44834720f64a7L,0x026e1e6cb2fbd380L,0x0000000000000001L },
-      { 0x80b288943d2bd6f1L,0xdecf8fc035fca89dL,0xae9673adc3dbebccL,
-        0x52b2a6114c7205c0L,0xbf9efb9567a057eeL,0x55e70e9e8da648dcL,
-        0x4497e043e39ba91dL,0x12b586111fccb6d0L,0x0000000000000143L } },
-    /* 51 << 511 */
-    { { 0x1375591eb29c6942L,0x558b9028695298ffL,0xd72d549d7f26580fL,
-        0x499eb5853b5c56a0L,0x2f077d8fb9ce1359L,0x1262a69d0d7ba25cL,
-        0xbf740566f77d49ddL,0xb61e1de4089024f2L,0x0000000000000031L },
-      { 0x9600de6a5cea3678L,0x369af7f9e5016941L,0x4ed8550d502f6ecbL,
-        0x6dc1c264ad1f1bbbL,0x9f0c69ee1f11dae6L,0xb5f7f9e25a6587b8L,
-        0x4213ef97bc54eabeL,0xbe9a1fda336d54a4L,0x0000000000000079L } },
-    /* 52 << 511 */
-    { { 0xbc149ee5e49ef413L,0x39b60fa4d360cf79L,0x2e8d787ba5ac8562L,
-        0x49c84eb7f42102ebL,0x648e9db745aaaa29L,0xc425b3d214ab53acL,
-        0x76ae3baa7dc413f2L,0xd2d1545197d30a00L,0x00000000000001fbL },
-      { 0xdc8dee9ab8b66612L,0xa4158d3140baa079L,0xad72d22df0cba4fcL,
-        0x8086cf0dbf8743a7L,0xd3f991da2520bd39L,0x97506e140f96e56cL,
-        0x552b394be00ac04fL,0x51565a258066c1ffL,0x0000000000000046L } },
-    /* 53 << 511 */
-    { { 0x6c3d617801a96295L,0x43814219fd3c708aL,0x5c897caed13c8708L,
-        0x9f5aeb293f89dd2eL,0x9b939a34a97dfc4eL,0x6ab7bf493c11ac17L,
-        0xe4361a842a64d18aL,0x4e403a2ce2e79fe2L,0x000000000000018eL },
-      { 0x799b8d70aa46cf1cL,0x6c2ea52272cbe39fL,0xbe454c9d7f37d359L,
-        0x4d467bcf8dc10196L,0xb2ff7e3b3592d9c8L,0xeea5653d9533501fL,
-        0xd5ffd9b567a4b6f9L,0xfde6e9228a137ffeL,0x000000000000001aL } },
-    /* 54 << 511 */
-    { { 0x1e3ce488a047b061L,0xbc63c1934dd0b80bL,0x215eb936521502deL,
-        0x9783e9936f19aa62L,0x619021eb9f16efd8L,0xec8ec3c5369a3bf0L,
-        0x1676e68515ae4400L,0xe53e62515b175359L,0x00000000000001a7L },
-      { 0xdfa54a3b97edcc3aL,0x09008a0bf05833c1L,0x977fd92b8a8da5aaL,
-        0xf7fad1857cfe5d6dL,0xe2fa47a6dc11ca11L,0x24bd7530d9ebf4bfL,
-        0x7cebf5a35680963fL,0x4fb7ab14c8665ef7L,0x0000000000000005L } },
-    /* 55 << 511 */
-    { { 0x7e11d9fb45a8dc00L,0x3d5367616a5d6065L,0xe6e07b82e29c3187L,
-        0x4bec2dd98770e1b7L,0x68475bdfcd079a33L,0x16b08e0e6e3f02d2L,
-        0xed11161910a457f2L,0xb0e36f686f05051aL,0x000000000000005fL },
-      { 0xc0029dee068f8671L,0xc4040ef2ff0a6398L,0x87250bb6bc66c114L,
-        0x76a6bb7afcc07b67L,0x8bc7c85758b6b874L,0x83aac6467921d89cL,
-        0x134f5777e7990ddbL,0xb1b5da6baf81c59fL,0x0000000000000024L } },
-    /* 56 << 511 */
-    { { 0x49e0ca1c42892d9aL,0x5b0338a5f1dd866dL,0x9f891dc9ebce0673L,
-        0x9956c1820b302606L,0x2957d2bb088fc616L,0x1ac5570417b75077L,
-        0x5f5910069b67b533L,0x1bf9b4bd69acf0dbL,0x00000000000001dcL },
-      { 0x46de5fe669353a7cL,0xc4ad8307318c6934L,0x155bb477e235ca27L,
-        0xea4bdc8302c92a8dL,0x71120f8c44755470L,0x84db9f10d607e3f1L,
-        0xaa26e77d2f3256c9L,0x33a5a253d015112dL,0x000000000000007aL } },
-    /* 57 << 511 */
-    { { 0x20aec1362116051eL,0xffe2bc551b94c19dL,0xd91e5b74fb20a2f4L,
-        0x08e0eb8f1f337f79L,0x74358d40020a9b71L,0x6c116399a54a0ff8L,
-        0xe6090ccb58499d38L,0x52b4fbfff1be7a36L,0x00000000000001f2L },
-      { 0xe6139d12f1cb27f3L,0x5320639cc84a439eL,0xb9d97a6f588c93dcL,
-        0x47fe72529320567cL,0x978d888735525e0eL,0x9c71616fab85c178L,
-        0x97b0f1a987dd691fL,0x8000752a1ea5c4d1L,0x000000000000017aL } },
-    /* 58 << 511 */
-    { { 0x018d394f82f47082L,0x5c3822d7194a5bcbL,0xcbaa36177f696c2eL,
-        0xa479f542c7ee38baL,0x02ffb8f005e0bee0L,0x96e989ab54c7af79L,
-        0xdc095377118fec7eL,0x1889c6bf473a5d75L,0x00000000000001bbL },
-      { 0xc23dff30186f12dfL,0x2c1e5b533938ea78L,0xf84dec6083271f8bL,
-        0x400b2677699a9bf1L,0x71e646bf1763cb95L,0x049bd5253dc8bd13L,
-        0xca6987502cebc746L,0xe5faa8e720df2537L,0x000000000000011bL } },
-    /* 59 << 511 */
-    { { 0x5795aaa1d72a699eL,0x6ff9310c36c48097L,0xef3f26293739ff45L,
-        0x6963009f1b69c613L,0xe589566bf41adbc2L,0x8519ded7ad44ff6aL,
-        0x962ea751d15b222bL,0xe6fa540cfcca0dddL,0x0000000000000070L },
-      { 0xedab4d678df09693L,0x764b38f4a3f32f76L,0x2acd5a3b31b914ceL,
-        0x1233395075acb244L,0xced00b66c3e58eb8L,0xe3689850bc11b028L,
-        0x94f3e782819636a8L,0x8c95e7bb036dd494L,0x00000000000000c7L } },
-    /* 60 << 511 */
-    { { 0x37439521cea7af22L,0x74ab19d02610baf9L,0xef7e24aa2c3ac33dL,
-        0x3b42932bc1eae083L,0x91478ba263b52bceL,0x125d1d70532e30b3L,
-        0x67ceccc80ae01dddL,0x74c6bb6376afb79fL,0x00000000000001edL },
-      { 0xfc4cc8c83a4adb6bL,0x2e4071bef2fc358aL,0xd81bdde4d9c36d33L,
-        0xd2a33e71c35dc1ccL,0x24eba4f21c1a3d49L,0x04f116a9177f3f5eL,
-        0xd63a542d1eab2502L,0x2fc261c6ba83beb5L,0x00000000000000c5L } },
-    /* 61 << 511 */
-    { { 0xdb557ff48802382fL,0xeae38177f1567c96L,0xa9dbea24f20baedcL,
-        0xce9397baee7504ccL,0xa4442b0a42df93b4L,0x3d7fc49deee5363eL,
-        0x9ee9c35c98da97b1L,0x5d01da6517432d14L,0x0000000000000036L },
-      { 0xf420abf84f2df80eL,0x99f61a31dd55807fL,0x3fc70210891bdc0cL,
-        0x6c61798be047b64dL,0xc154a33bf7ac51e8L,0x5f3b12819fdfc99aL,
-        0x43046ba63397a668L,0xe140dbe79e0355fcL,0x0000000000000156L } },
-    /* 62 << 511 */
-    { { 0xa0c1806642c1f473L,0xbcf0d250eda4e7d2L,0x1cd8ef91b57c4d80L,
-        0x16d95785698e4de7L,0x9239a410825f5b62L,0xba5862c29c45add9L,
-        0xf7f39ffcc844573dL,0xbc4bb8be6d3c4492L,0x00000000000001d2L },
-      { 0x918841a7413d3afaL,0xd46614bf35d3c789L,0xd31164d43ae4637fL,
-        0x62ec57268c2d1641L,0x54745b91bd87cd4fL,0xe3a32720b8ed340eL,
-        0xfffbaeaff90a1288L,0xc61ae40a5c850d7fL,0x00000000000000a9L } },
-    /* 63 << 511 */
-    { { 0x77ecdd788ded8d98L,0x5c4f7da4f3a901caL,0x3f93175b91c2a241L,
-        0x4c0b8664749141d4L,0x6961df53fc600db2L,0x6aee2d3b899f23e4L,
-        0x4396c817fc67b9a2L,0x71043f9a1c33877aL,0x000000000000017dL },
-      { 0x67d33824044cb54dL,0x8623a36b7b85049cL,0x88bfdcb338c9d75bL,
-        0xb861f7b06c3dbb25L,0xd539f69f52a24d72L,0x60428e5b5dc11fa1L,
-        0x3ee93ffb4f13f4ffL,0x04018a96e18516d9L,0x0000000000000101L } },
-    /* 64 << 511 */
-    { { 0x41b3eb86bc1bd2eeL,0x71e8430c50368484L,0xb214e9cbf2b93ad3L,
-        0x13f89335138e0ebfL,0xec96c9c25e690118L,0xde786d182c22cd4cL,
-        0x5b1554abe819e310L,0x399bfab4d01892d1L,0x00000000000000c5L },
-      { 0x2efaee912005a9f2L,0x9cb43e2eb39471d0L,0x0b0d1b565ceb35c2L,
-        0x3bff194056825120L,0xad49b05739a0dd54L,0x35dec8af0e83d425L,
-        0x50b91634687d1ac8L,0x2fb0d9e42f25a98dL,0x000000000000007dL } },
-    /* 0 << 518 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } },
-    /* 1 << 518 */
-    { { 0x58333c8c9c13146eL,0x213c8896d5d37a5dL,0x18e2132d8fd07282L,
-        0x606e8133cd7d66c7L,0x21c19a128743874bL,0xe375d1f56dd96309L,
-        0xe0c48d6d3e1d629cL,0xed6ada6cdee22453L,0x000000000000015cL },
-      { 0xea1c974547b194a6L,0xdd549898850241e9L,0x0e225368407cb796L,
-        0x17b59edb427ad8d3L,0x08d4629ec43f0a43L,0x27f4063d5201d0a4L,
-        0xf6e1518fa5003274L,0xb6196e3ea3286e2cL,0x00000000000001b8L } },
-    /* 2 << 518 */
-    { { 0x593cf4108e41277fL,0x3ae7db6e925c9d91L,0x68519ca7a37a388eL,
-        0xa93a2e815bd94e48L,0x2b8cdbac00ef816fL,0x6fc3cae6eb2796f5L,
-        0x253fe0d4f8dedde4L,0x38405b3095ecc14fL,0x0000000000000092L },
-      { 0x27a7d0f67882df12L,0x14b3264246332549L,0xb8d8c3e6eda10498L,
-        0x6861e53c2aa1cc1aL,0xf2bd03e3a37d7254L,0x175c04f6d78b5623L,
-        0xb3d5202f0b18c14fL,0x30b9b0f6967f2b7bL,0x000000000000012fL } },
-    /* 3 << 518 */
-    { { 0x3b770280731e2b92L,0xd8c7870c7ee974f8L,0xd6fe928343da91b3L,
-        0x563cad012b7968b3L,0x48333ac2d845b648L,0xf1753bdbc02af5d4L,
-        0x48cf506f04a647afL,0xac9f1d5bddcd3a9aL,0x00000000000000fcL },
-      { 0xf9b4124bcb40d52dL,0xc39a85654cb0ab5bL,0xeee9291114c56558L,
-        0xd5182186ff5602fbL,0x32d3441623f351ffL,0xde81de053e387e04L,
-        0x19b6666948aa0ac1L,0x4cd3b987782c2ca2L,0x000000000000018cL } },
-    /* 4 << 518 */
-    { { 0x61829972ce8f9a17L,0x2d21913ce0fda47eL,0x84cb9da252466c05L,
-        0xfcc4eaab9fd85710L,0xab1ec5412f56fb90L,0xbb435bec6a231d4aL,
-        0xe1fffeaee16d3c47L,0xa7db02840f023a36L,0x000000000000002dL },
-      { 0x7259e71938d77a9eL,0xcd2278b1a3661199L,0xcf7fdf77bf6dfc59L,
-        0x6265f9cb96a2b632L,0x1365e44a4eb09c8aL,0xc1ac30542b23bf87L,
-        0x3161a2c05aaec208L,0x1af3a61455db8ae9L,0x0000000000000098L } },
-    /* 5 << 518 */
-    { { 0x60e8e4d3ea396a57L,0xa56c78e0378519fdL,0x783fd1661fd3ee35L,
-        0xf465f7d7174f5564L,0x6e3d2bd397a58ecaL,0x9ddc5d888ed910a7L,
-        0x46b9f89cc0b9158cL,0x1d6995655fae4fa7L,0x0000000000000033L },
-      { 0x8475d7fc10440e6dL,0x048d912b8c257698L,0x536c9062e7c97954L,
-        0x067523a8d0f61df0L,0xfd233e353e97f9fbL,0x38b8db0ed3613d1aL,
-        0xd071e57d61810f87L,0x1f4d1b2e97415a56L,0x000000000000018bL } },
-    /* 6 << 518 */
-    { { 0x129f3f88a1e73627L,0x4d4f1e3abc64f2ebL,0x365c51c94a97ebd4L,
-        0xa681acfc1c60b2b8L,0x98bda6049c22ac9fL,0xc337336f7a3c06d8L,
-        0xb706c685153282dfL,0x4217adc8eb1ce0feL,0x00000000000001f7L },
-      { 0x1d147cd08ca52a15L,0x2fb7fa8e6c45139bL,0x36db6e625c7ec355L,
-        0x603450e0f1b9c840L,0x46181b26f6f43cf9L,0xbe2fa18c68c6844bL,
-        0xc6eb676678305319L,0x47ccf36ff7f05252L,0x00000000000000f4L } },
-    /* 7 << 518 */
-    { { 0x765a6a6afc884a2eL,0xb079d52bbabdf029L,0x9441e6f06f3b9515L,
-        0x524cc31db56d96ddL,0xd9129ecef245efaaL,0x48c3b03bc906f1d2L,
-        0xb2f379fff6334489L,0xea50ce556c3d05beL,0x00000000000001daL },
-      { 0xa23e9095a8b173f3L,0x1163236c0cae0acaL,0xbad7a4ced2fe7ed3L,
-        0xc96b59a64397acc1L,0xa330281002b1f51fL,0xabe9c10cf3c0800fL,
-        0xc0480be858f37470L,0xbc4b63ae0678686fL,0x000000000000000dL } },
-    /* 8 << 518 */
-    { { 0x82e051426b4c3f67L,0x830492593fc34315L,0x2b17027d972d1c60L,
-        0x650bd0df06941699L,0xc960bca9bf06dea4L,0xc9b131eef6bf6453L,
-        0xc7865c906e2a0bd0L,0xffb964e05d5f6799L,0x0000000000000033L },
-      { 0x32db85f6e9fa9189L,0x3f0deb0eb5544031L,0x848456bd704e30bdL,
-        0xade1bb0e862032ccL,0x8deae33afcf305adL,0x918cea68c089cd96L,
-        0xea115fb805a4a146L,0x978f3a2f3633d8a2L,0x0000000000000083L } },
-    /* 9 << 518 */
-    { { 0x62982ababf590757L,0x112fefd670d2e25eL,0xd6f63c34ed861469L,
-        0x626af4f7f78223d9L,0xd26df9887581ae71L,0x884869f820b93f27L,
-        0x5308341576b8e53bL,0x42c0e46f9225dabdL,0x000000000000005dL },
-      { 0xe6610850fd4f594dL,0xe4be8fa1fd6f9d30L,0x5f5f5c2d554a978dL,
-        0x91ba562503eff7b1L,0x278af3e2c0b61678L,0xdcec232f4bc1b63aL,
-        0x05d3b83ce67e86e2L,0x2e7cfb29b15ea746L,0x0000000000000120L } },
-    /* 10 << 518 */
-    { { 0x868efb5c1517a09bL,0x20bfbd8722919dbcL,0x11bf475b6e776274L,
-        0xef04a4135ade4e48L,0xe5b721d41702befaL,0x6613ef46c010811aL,
-        0x8a70cf720286df5bL,0x31a364139961089fL,0x00000000000000cdL },
-      { 0x0ff8f787313062e8L,0x6a9c58a1c7c7876bL,0x3767da6e73cfd9bfL,
-        0x59569e705f92c89fL,0xd2b5ae8f16d2a77eL,0xe287323d9756a091L,
-        0x4f40fefcb0114e2eL,0x5a51851d8f4adeb4L,0x00000000000000f0L } },
-    /* 11 << 518 */
-    { { 0x5037561bac8ebe24L,0xe7ee25348366bd2aL,0x772837d6841bae82L,
-        0x08eb7b46e0ff68c5L,0x8c92b3f60c31b9dcL,0xf87d90b768dc21e4L,
-        0xa6c7c9d70770b025L,0x53c3c5f384510727L,0x0000000000000047L },
-      { 0xde80f1b74569f57bL,0xf3d6318e62b8842dL,0xfa2eb7e2c819f5f8L,
-        0x0faa86691d96d0daL,0xf45e324d3751f6f7L,0xb12f32807a8f2951L,
-        0xc455c3d540edba34L,0xc4624175f5c78269L,0x00000000000000fcL } },
-    /* 12 << 518 */
-    { { 0x93012bbdb3f18230L,0x69b59c81be563374L,0x0fccc9418fbd8070L,
-        0xb2e3e5fddd353c6dL,0x290f2d4065dce413L,0xb79d87416598620eL,
-        0x855eca8c0cfa916cL,0x45029ea197efebb1L,0x0000000000000051L },
-      { 0x7c09eef390438baeL,0x898440c59ec6217dL,0x89f1331330d90670L,
-        0x1588728726ae644cL,0x353e5bfae83d85f0L,0xe8f21860456b1253L,
-        0xeb0fedeacc75e379L,0x215ac25219348cecL,0x0000000000000057L } },
-    /* 13 << 518 */
-    { { 0xc4fc152cdf7adcf8L,0xf1731d853aac8ef5L,0x755b049dd1463ed9L,
-        0xb2584ead794d041dL,0xc6cbad77a4598004L,0x1baf02531eb28df8L,
-        0x972ea8693d442d21L,0xcf1de4ab9d17f0c7L,0x000000000000002fL },
-      { 0x175ee1ac772076f6L,0x8afe0a0b98a219bfL,0x23350b21cf7072b6L,
-        0x255372ec66d6bfcdL,0xc0e878e4ca347854L,0x45943a9fc266b8c5L,
-        0x8e0b70f802304611L,0x7c1914054c1a0ad8L,0x0000000000000129L } },
-    /* 14 << 518 */
-    { { 0xb009865603ff1b77L,0x0c3e56c816d480dfL,0x03cb7430b25b7ef4L,
-        0xc1a1d84f29530ba1L,0x91ea3813a687e8a3L,0x36d765625e955cf5L,
-        0x9791cbeb9871c033L,0x25ed155b29271a7eL,0x0000000000000046L },
-      { 0x0201ae83b863fe15L,0x577c28d5533caf59L,0xa000a53862886d5eL,
-        0xe400a338683c5322L,0x4dbecfe561107162L,0xaa3a88bcbb5603f4L,
-        0x48714504ec53c8aaL,0xc5c8b13a63f8c036L,0x00000000000001beL } },
-    /* 15 << 518 */
-    { { 0xa1ba19f667cf8ca1L,0x71b5032e6aefd0b4L,0xeee3be6cc1649bc2L,
-        0x630e7b8664949a27L,0x5c9b815b9f8d970aL,0x582c63862439a25aL,
-        0xe2acb5564443a504L,0x8ce90b34e50d00ffL,0x0000000000000004L },
-      { 0xd96814912a56ca70L,0x39d0c795ed552ae7L,0xf666288a8d6c3cefL,
-        0x71fb44903f030a8dL,0x20a8dbdf22b5414dL,0xcfc31a6ac244c07aL,
-        0xf6cba0448ef206e9L,0xe2987b8b8f2d974aL,0x000000000000004eL } },
-    /* 16 << 518 */
-    { { 0xfd4abdb4f6f04de3L,0x2d3399bb2708b32fL,0xe3f7a82fae7ea987L,
-        0x63f0093e11c3b0b2L,0x4e771ccb50e1dc6cL,0xed3655479b91c6a3L,
-        0x97c1fd0b332028a9L,0xe8199fe24a65acb3L,0x0000000000000137L },
-      { 0xff2f102fed4f5410L,0xe2ec543cbed8c3c0L,0x7c79a798d4bbff64L,
-        0x5baa5d12bd61bebaL,0xa4766859accb68ddL,0x79fe67260f18b724L,
-        0xfbaa1890c404245dL,0xebae71de1e4be8eeL,0x000000000000016fL } },
-    /* 17 << 518 */
-    { { 0x7a581bdc7e2afe12L,0x8cff83cf14fb3fd1L,0xcba840cc429779e8L,
-        0xf7bd183f9e5201e8L,0xc2c4a1a9fd6d9790L,0x9da08423ef26b1bfL,
-        0x5291a5eee224c1f9L,0xd2fef1565468dfdfL,0x00000000000000ceL },
-      { 0xccae68d1f8e2c083L,0x2b020fcdb6a2be21L,0x0369059c53f70413L,
-        0x1e7d130d80ff6c07L,0x3a0bcee3ae669b29L,0x2f8501f7a3d96b7aL,
-        0x37a337a485e110a0L,0x5496623a30441bd0L,0x0000000000000022L } },
-    /* 18 << 518 */
-    { { 0x66a32a2ff9805932L,0x2ec549c5bef0740bL,0x4e144029127ed87fL,
-        0x34f547eab1728cafL,0x89a0c9026066be92L,0x2acf5a05f15277a9L,
-        0x78de46f40120d365L,0xe9b87d4a61f5eed1L,0x0000000000000163L },
-      { 0x2f0c42289ff30d07L,0xc2f06ed849a8b586L,0x08d431a31b47a0e0L,
-        0x9b88a9bb1e3ef583L,0xc9ca97883a415e81L,0x321cd03e6b091374L,
-        0xb176a99a65091a1bL,0x1be3de61e7dc0e5aL,0x0000000000000120L } },
-    /* 19 << 518 */
-    { { 0xedda4f501a0ce34eL,0x92df6948bf73ec51L,0xc28a8e4c1a72e03cL,
-        0x2af289b610e4eb04L,0x07c600e6b91a74a4L,0x4bb54ad4f0b6a952L,
-        0x13c1236dd1de5b10L,0xb8e9c19bf544bbbbL,0x00000000000001c7L },
-      { 0xe7b10240b7f3dff6L,0xb54fa2387ef42552L,0x928e15bbde030c69L,
-        0x86839d49beeb87f9L,0xc72c04e8fe6a4e35L,0x0bd28b2333a42b3dL,
-        0x78c05d19cf75a3b7L,0x57db32cb05bedd16L,0x00000000000001b1L } },
-    /* 20 << 518 */
-    { { 0x895a36231bdd31fcL,0x3ff4b814a499d99fL,0x3b0b3bc1ae8418daL,
-        0x3f6e8a895eaaa723L,0xf4f87e1303adbdf0L,0x989fcecd01852f42L,
-        0x6dcaf5eda4426bc1L,0x36f55efea43a2bbcL,0x00000000000000ffL },
-      { 0xc7180d5818832a17L,0x47d76d9329c58f84L,0xe54eca936eb5288aL,
-        0x4e7a0ae6621c57b6L,0x475c9919cdad70afL,0x5e0d5c8613d73c3cL,
-        0xee24c9f315db8108L,0x80ff5e2c286ddbdbL,0x000000000000002bL } },
-    /* 21 << 518 */
-    { { 0xe6bb9caf41166535L,0xee910574729bbb65L,0x196bc7188a30dbcbL,
-        0xf5c06afb6b669532L,0x95a6445352798e9dL,0x54310e3293028bb3L,
-        0x2c980460a192c5e2L,0x3e71aa09f1d44ba5L,0x000000000000004fL },
-      { 0x0189f4680f956b70L,0x5d67b04a8f6b209bL,0xf82daa27b3529f92L,
-        0xc4e8d5d18d611d16L,0xc0824d25adcbbbc4L,0xa3151a908a4b37a5L,
-        0x570c39a5eb1b3b77L,0x4e04c57294a2bcddL,0x00000000000000c4L } },
-    /* 22 << 518 */
-    { { 0x817eebab56b577a7L,0x0a56039bdf679d07L,0x66bf1a96f0d319e5L,
-        0xfe007b76ba26cee6L,0x55836ee4d1a82640L,0x2b123a6f568d16a7L,
-        0xc55d3c2bd51ce671L,0x1e0eece0277b1fd7L,0x0000000000000074L },
-      { 0x32629cda26a51b9eL,0xff08209c84140e1eL,0x6b6333578da237ebL,
-        0x33c6765e901d98e4L,0xa3e1409a633fa3b5L,0xa44024d2365a82c2L,
-        0x1f90df3aed9a4771L,0x22a587e4ab00783fL,0x00000000000001d3L } },
-    /* 23 << 518 */
-    { { 0x013713ea9be05096L,0x3843a8fdf3f844efL,0x1e5b0c16555986bdL,
-        0x873570a4fe2ddef4L,0xdbd38a931534c642L,0x2cfb55c0dd37641bL,
-        0xa022f3cf4c9cc92cL,0x8e68f725fec4ae5dL,0x000000000000011aL },
-      { 0x174fd4dfda88abadL,0x471a712bbd3638c8L,0x78120e3fc36f3380L,
-        0x0d306f6e4f257b7cL,0x3b5d78fcc2c7e110L,0xce9f9636a954a62cL,
-        0xaa64c8d8bbf8bb14L,0x11f083636854bbd1L,0x00000000000001f8L } },
-    /* 24 << 518 */
-    { { 0x2e6ad1a9871f197cL,0x0af63210b4a58092L,0xcb9252c242a3b0faL,
-        0x06dbc3149d528c5bL,0xdc5216150601bb88L,0x9db07c32aa3178b4L,
-        0xbb13186bc4212f12L,0x18bdfe06eef4e9b1L,0x000000000000011fL },
-      { 0xf7e64b81713bbfa1L,0x26344818b932b514L,0x3316dd2ae7ca294aL,
-        0x4b266d272f30f1cbL,0xa2642af20de790f7L,0xcb11421279d5abfeL,
-        0x780790487785c36eL,0x8b8a691d9db40ab5L,0x00000000000001bbL } },
-    /* 25 << 518 */
-    { { 0xa6f7435bfa4bffebL,0xd6e291f42bfa469aL,0x58f691c576f06844L,
-        0x46c100d0ebbb4c34L,0x9c11ffde0a546878L,0x0236adb05accddeeL,
-        0x2b5adb70a872847cL,0x75592f462320b5c4L,0x0000000000000173L },
-      { 0xc0a19f24fddf6f87L,0x6abf006e83e9fbd2L,0x0af2d4414bf49193L,
-        0xe97288f52a6dcd30L,0xb13a5e18156a6b6eL,0x250d944ec97de15fL,
-        0x542ce0281d12789dL,0x7f18a27398252875L,0x0000000000000084L } },
-    /* 26 << 518 */
-    { { 0xe082423c26ee9683L,0x26a715041594a61fL,0x137bbd6e6ef85629L,
-        0x2e75b833bf8e7d4aL,0x8912d175a0bf520fL,0x197a7b40d35ab75dL,
-        0x55a51a2208213620L,0x9319af9f0a9a003eL,0x00000000000000a3L },
-      { 0x82740b1ad685067bL,0xd727f51e66fec58eL,0x7f230a384522eac5L,
-        0x9b2472ae2422eea7L,0xacb24446168e9049L,0x995eaf82f8b24133L,
-        0xd4d63051f8b37f7bL,0xb36021bc4d003ccaL,0x00000000000000e5L } },
-    /* 27 << 518 */
-    { { 0x0ea8d0af43da1485L,0x229bd2eee356a58eL,0x766352201eae3818L,
-        0xb1cc532299644ed3L,0x2b29d1889fe0cc0eL,0xbce5b5e6303000ffL,
-        0xb035f61989e0f826L,0x510c51d80e591febL,0x0000000000000187L },
-      { 0x7b2b6f57c1e35d21L,0xbe7100b1b78bcf87L,0x7a4dcd2b1764611eL,
-        0xc3abd1efe0659593L,0xdee37f042bd73310L,0x83d81872a65875a4L,
-        0x324574a77b7a1222L,0xcb0d36670b9b276aL,0x0000000000000108L } },
-    /* 28 << 518 */
-    { { 0x971696469a44620fL,0x3523058dfcfa2ea4L,0x8c3e30d1167c4c8dL,
-        0xf3de3d61e93a3a6aL,0x56e42c97642614f1L,0x3c9c8d2480cc3dceL,
-        0x68d62a528ce9a9d8L,0x482041d2df7be32aL,0x0000000000000127L },
-      { 0xeb4439ea67c7fd4bL,0x350117320a384db6L,0x19f9a3382046f5d4L,
-        0x5dbf9fcc72cacc46L,0x732caa319bb26921L,0xcd7c2088ca05b118L,
-        0x6c815494dbc0ca1bL,0x5334afab825890f6L,0x0000000000000053L } },
-    /* 29 << 518 */
-    { { 0xb38b3455cf0b627cL,0x9e5ecaf020af8835L,0x5e15ceeeea2dd64eL,
-        0xb99b86fad1f8ee12L,0x87af57750227a645L,0x0ee3dab2f604b581L,
-        0x473b2504e5187026L,0x00b2e9d3e92eae4dL,0x000000000000013eL },
-      { 0x609dd618331d29eeL,0x38cd2b0b4b99e2fbL,0xde71fb3f9242cff0L,
-        0x67ac8f5862f6689eL,0x0a99984caefeabbeL,0x6f5dfca538b281acL,
-        0x4a2a46d24dcbc8a0L,0xd595b07e6fed4a26L,0x000000000000016dL } },
-    /* 30 << 518 */
-    { { 0xff258a5138d1847dL,0x713ef4bd7f5e74f6L,0xe56ce9e3e0a0f09aL,
-        0x88f07760772a9159L,0xbc42bf932fb37fc9L,0xb8d9041cf0f2cba3L,
-        0x59dae6249a50cf7cL,0xb7546cb5920f1729L,0x0000000000000145L },
-      { 0xe310812c92011458L,0x9ef42383f158e9beL,0xb3b060fe5311f175L,
-        0x29af47ec20c5da5aL,0xd75668ccc0381df5L,0x6cdb1a0cf1bf133eL,
-        0x6abfb17042c02d7cL,0xf5984d2fd856c84bL,0x0000000000000169L } },
-    /* 31 << 518 */
-    { { 0xbaf9ebcc00544abaL,0x250f8366fe960dcfL,0xa0d3d15d76c4500aL,
-        0x858ea0e985f1322eL,0x443d0aadeaffd468L,0xda9043a709256191L,
-        0x4b83a0035aa2afa6L,0xed05f5bffe5f1395L,0x0000000000000004L },
-      { 0x50934ea9608abffcL,0x1299ef11a883495cL,0xb72333689792ef29L,
-        0xc7074a39f05483b7L,0x06ef2784274fa92bL,0x64e7feb67c864a48L,
-        0xf5fac1f878ca9ce3L,0x595b60d700b935dbL,0x0000000000000033L } },
-    /* 32 << 518 */
-    { { 0xdcd089e5c0f8abecL,0x2d11032081f91ec5L,0x244cef5d8d76055eL,
-        0x7202652d1c9bdd43L,0x396ebf25643f3ca7L,0x811a3695c983ac57L,
-        0x7d1f29a41e6e64caL,0x7cb13cec80827ae1L,0x00000000000000c5L },
-      { 0x16b59e9c2d5c560bL,0x18b069a09dd105e4L,0xb7fc826bb6bc0c3fL,
-        0xf6ab6c7485ea8193L,0x9c768ea01c4cdc7eL,0xa7a149b4d223cca5L,
-        0xa54dafdc8789b618L,0x2656cb46b17328c0L,0x0000000000000100L } },
-    /* 33 << 518 */
-    { { 0xe6ce0ca2ccc0b2a1L,0x3d569ba1cd0023f7L,0x41aecfdb81bb3a84L,
-        0x51d0e514bc37ca47L,0xcd8ea6a433b95775L,0x4bc287d36a213c69L,
-        0x25543e3133ecd721L,0x73b370fd37ccf58aL,0x00000000000001f8L },
-      { 0xc5f14160b6d87edcL,0xd2ad1fce324d39f3L,0x252c0755b8f7bbf5L,
-        0x9a0f47dec97f5775L,0x1d026aebd617bfd4L,0x63ba7c6abc086d63L,
-        0x6dc68bf907845053L,0x5a1ba87296198bb4L,0x00000000000000efL } },
-    /* 34 << 518 */
-    { { 0x71710160519269efL,0xf17dec367f1d6361L,0xf6dd6e7fcf9de894L,
-        0x9f85f14c98a3c278L,0xbf7a86440e5e618bL,0xfbbea240f4f1a389L,
-        0xc762aca8fedf3526L,0xec54e3323a3a1b77L,0x00000000000001daL },
-      { 0x1852de066a518668L,0xd05e9eef6cfab15dL,0xb13386cd6b10958bL,
-        0x793f12b5144bb551L,0x3ec0f36514ff524cL,0xc642095686e2cb96L,
-        0x926456f12381598bL,0xc5508ab0e8c1e2ddL,0x000000000000008dL } },
-    /* 35 << 518 */
-    { { 0x308b59c8e3990529L,0x58f149af2d350a55L,0x6b5f70129bf20ff0L,
-        0x07c324620658a155L,0xcace2e408f753462L,0xf9616b76e31fc89bL,
-        0xad31cff4b6013839L,0xdf2c921ab244102bL,0x000000000000015eL },
-      { 0xb8b3e02b30f6f32aL,0x072935e1835853fbL,0xd7d687c87364fa89L,
-        0x5109c823998e7aceL,0x9e821b0ba8d3f444L,0x75d6211efe652482L,
-        0x690314094b3f5025L,0xf8bf959ff42e9c5cL,0x000000000000002aL } },
-    /* 36 << 518 */
-    { { 0x7ea34b836dd01befL,0xc36e2120effab7a5L,0x1357672fb8845894L,
-        0x7f462c580162aa61L,0xb00958815bae0512L,0x55e27b8ef30be373L,
-        0x3b0b6882a1a367bfL,0x9177f7351f66d95fL,0x00000000000001c0L },
-      { 0xeef0eba1bfbe7524L,0x0cf73ed68025aa0dL,0xae531a884d9267fcL,
-        0x29042ea6a78a045dL,0xecebf42adb2582cfL,0x041babdc566d1be1L,
-        0x55c1d466cfe83774L,0x751c932b40e305abL,0x0000000000000162L } },
-    /* 37 << 518 */
-    { { 0x59d2d2af2193cc13L,0x0321329b5b8746b1L,0x5afef594d22686f7L,
-        0xb66fa579bf1807c2L,0xe3233a19a636faa9L,0x7e39da2f7c82dc5cL,
-        0x24967121715dbaddL,0x0010e24a686dd74cL,0x0000000000000055L },
-      { 0xaf5aa87ac1ab62b3L,0xdaec05ece1a7d955L,0x87e93b656fadda7cL,
-        0x12393f01825da2a4L,0x08ee17429d2b4552L,0xd83408c0f9e092fdL,
-        0x17e78cccf594ebb8L,0x26a3963bff074050L,0x000000000000012cL } },
-    /* 38 << 518 */
-    { { 0x43015ef7328a8d9aL,0xff26649d8c81d304L,0xfeba7112e6c1da31L,
-        0x0303b542f80a8273L,0xaff964a4d5d19085L,0x4060a313fce30f5bL,
-        0x85a6401a3f081f0eL,0x7aa4d2dacc3420a0L,0x000000000000008eL },
-      { 0x3d81528e43a2e0baL,0x749c5e9b3b58a1ceL,0x16e5014642f8c0e0L,
-        0x82223528dacd54e0L,0xe40c5e2bac8d0aabL,0x2e9c3c61230895d8L,
-        0x1644c4f2646b2a74L,0x2eafbc8ea5310192L,0x0000000000000159L } },
-    /* 39 << 518 */
-    { { 0xc16ec56246c1b5b8L,0x677befb255de0e93L,0x764c01d2d18a1543L,
-        0x4b979f483926716aL,0x9be5e4238be326dfL,0x147f78a5b3a2af6eL,
-        0x75629177f36fef7bL,0x3a96d62f01823e00L,0x00000000000000e8L },
-      { 0x286128a697b62907L,0x48c2f245fdb9850bL,0xe233637ed229d254L,
-        0xfb4df7ec5ae54770L,0x387dc9882a0a3a7cL,0x604f12b1f105eb2eL,
-        0x398f6905bef07679L,0x5083751a2d7f18b0L,0x0000000000000012L } },
-    /* 40 << 518 */
-    { { 0xad32e836a56a26ebL,0xad1e697d62485f0eL,0x4cd629607caa8694L,
-        0xdbab5d8129e36b0dL,0x6588f4fb48b7bd27L,0x19c33f2c0923c25fL,
-        0x0a630f121df8f0cfL,0xfeefce53333c63e9L,0x0000000000000045L },
-      { 0x241237a74ae15886L,0x5d11a892c355d430L,0x67ceab2fba945fa6L,
-        0xdb2b516730eaa436L,0x6f9cb6cd2cc960f3L,0x3419806b09e68210L,
-        0x52059822c4cd6e7fL,0xd0bdda660229c0c9L,0x000000000000018dL } },
-    /* 41 << 518 */
-    { { 0xec861da3ab5d5cf0L,0xc7af1e4ad923888dL,0xe0c32502daab79acL,
-        0xf178cf648a4086bbL,0x9a99b8ffd5c7079fL,0x0a2df19d05819dc9L,
-        0x12e792933db59087L,0xc125b64b6ce54c4bL,0x0000000000000102L },
-      { 0xf1961f714feacf50L,0xf969a84656d8ccd6L,0xa1efae3d911b043eL,
-        0xf62c80e1692f7287L,0xc117caea48a190a4L,0x0777c46d14839864L,
-        0x2899245a5a1d7208L,0x489b93c85e329852L,0x0000000000000105L } },
-    /* 42 << 518 */
-    { { 0x67d06d04789228a4L,0x51788e82bdc230afL,0xb7dcd90b32e890c4L,
-        0x1e5d0a7db5d4c8f4L,0x0a9e15ce595e67fdL,0x90b3c15dcf4e9fd4L,
-        0x49753038242e113dL,0xebadd5b8a2416549L,0x0000000000000118L },
-      { 0x45821571dfe7fc21L,0x1363988e803172ffL,0xc5a06b7ae06df609L,
-        0x24aaabec5b40db00L,0x6871707a9340097cL,0x47b919267335f997L,
-        0x785da39e65bde875L,0xf47f662e7fef2231L,0x0000000000000047L } },
-    /* 43 << 518 */
-    { { 0x84be109c1190402cL,0x66ecab5ef20a1cafL,0x1a4e611f0fa6f66cL,
-        0x195629f2aaf23b97L,0xd813525d7ebe9a01L,0x8f628e487ee7212eL,
-        0xb12fdfb811fce1e9L,0x94ed86ec2d2f395bL,0x00000000000001b6L },
-      { 0xaa6a3e5e3b167bccL,0xd70639961f5d7a11L,0xe4017cb2f17395a8L,
-        0xeaff0282476d9f46L,0x1831263f6eb0ac26L,0x04ac0c75bd7aec11L,
-        0x5e0d613a027c01fcL,0x2f4d1bd35bb6ae43L,0x00000000000001caL } },
-    /* 44 << 518 */
-    { { 0x08a92760d317c60cL,0x730d73839529b4b8L,0xfcf81c9d1a050f05L,
-        0x6b2cb8059f9e8bf5L,0xd7d7c79e30ff7124L,0x572a3a7f7206c662L,
-        0xe2052b8c4915d988L,0xa685a31e3d6cf04cL,0x0000000000000183L },
-      { 0x14408f423e71c584L,0x8f24d13415998073L,0x1ec3ad1995f62f3cL,
-        0xf2d8ea1803f06c8dL,0x8ddc0fd6087730a5L,0x7755ed4b280b7d59L,
-        0x26c885dbba67938cL,0x2559753627e81374L,0x000000000000013cL } },
-    /* 45 << 518 */
-    { { 0xfaff0f70b8eed132L,0x45e36c7d284499edL,0x0cb980c3774b8605L,
-        0x217eb3dc7c70ffa7L,0xc0f46f96c3c4a55bL,0x88d3b5cf8c437e4fL,
-        0x7cfcbf0e650eaf40L,0xad4698af733e59daL,0x000000000000017fL },
-      { 0x8b8c1f42717f2813L,0xaf5b8b163b4c78a2L,0x88db88f5c15667ffL,
-        0xf9c0433c0e0eff6cL,0xb9aab9524af85387L,0xfdc7d7932bde3019L,
-        0xdceb1293eb5d10baL,0xa7ee9901c53209e9L,0x00000000000001e2L } },
-    /* 46 << 518 */
-    { { 0x02c71a57c628f1c9L,0xd6b1756a6a8b91c6L,0xc5bec6323a95cbaeL,
-        0x788e2eb0d9409c68L,0x086d6859d7c3fbabL,0x3be49bdb1b498ad5L,
-        0x63f6e76e47bc20aaL,0x3b8aaea41745e23aL,0x0000000000000126L },
-      { 0xbdc9b39f76962e66L,0xad6828ee49abdb3dL,0x6fcb091222df1a3dL,
-        0x1efa4c062f1370b5L,0xff596ee1630b67e7L,0x03e4620cc21c76ffL,
-        0x2cb83ef480982394L,0x65937797baa10144L,0x000000000000002cL } },
-    /* 47 << 518 */
-    { { 0xd09c1c996956b64dL,0xa7fd39df54e71d6dL,0xb63b0c76d813eb3cL,
-        0xe6da21e09a7ccfe9L,0x1d15005aa5502e51L,0xd5358b4110306e2fL,
-        0x6abc6b4667ef79a8L,0x9b5b0ad67c7376efL,0x0000000000000055L },
-      { 0x31bf44b672e5d085L,0x561698e245ee9faeL,0x207d7fe17f532f76L,
-        0xde53af5d389577bbL,0x931929f2a9530967L,0x428e13ee8099f9c1L,
-        0xa20e4bfeabb6b4e6L,0x87d77ad792e6c4b7L,0x0000000000000165L } },
-    /* 48 << 518 */
-    { { 0xa779463d63ea6586L,0x055ac074f5dd2077L,0x5e63875b2be5d611L,
-        0x8261be993b1c53bbL,0x86137b7ba28e14b3L,0xf706d3c77e729ef5L,
-        0xb30413db74902555L,0xed91b88c4e15d0feL,0x00000000000000edL },
-      { 0x0cbbfb03cee5f36bL,0xb210122bb6bab7f4L,0xffa46c283d0cf2fcL,
-        0xa42293e28c05ff89L,0x014f499fa5642b7eL,0x80db63809c6e0d8aL,
-        0xa819787c51d901c9L,0x17662fa8a3201327L,0x0000000000000154L } },
-    /* 49 << 518 */
-    { { 0xdb65de61d1446dc2L,0xa3bdc9d05d8a4c19L,0x2701196f5c624bafL,
-        0x9bda0a41ef24ce3dL,0x9fb34528041c3b08L,0x7b5dbbf4242a51caL,
-        0x336ce5613766cfd8L,0x172c43d2641e0b85L,0x000000000000002eL },
-      { 0x996f146778312bf1L,0x3b4e1fd7426ce268L,0xcbb357014b673861L,
-        0x30c2caa09146cb8eL,0x9b4a4587e6a8d053L,0x6b1a1c3f252a928cL,
-        0xcce378f9f163f641L,0x82a416d80ce8fe1dL,0x00000000000000b2L } },
-    /* 50 << 518 */
-    { { 0x09dc0454add144caL,0x281f6fd9cd8ab4aeL,0xaf4cfdfcb0f1c86aL,
-        0x439e1747e494b168L,0x3e49a5b3e4c400b5L,0x9757873935ded33aL,
-        0xab59dd9ec2a6a22aL,0x4922cb7ceac1e123L,0x00000000000001b7L },
-      { 0xccd8982904d455c4L,0xffafdce83923bdd5L,0xd2a6a8fcbf1c6558L,
-        0xd17a45eaf484c27bL,0x2c39c953d970815fL,0x8fb6670af00d8f91L,
-        0x62182f42a31b339cL,0x5cc40112d38c0768L,0x000000000000012aL } },
-    /* 51 << 518 */
-    { { 0xb308f945331cb928L,0x602999521379ba9fL,0x20f27b4cd0fa31adL,
-        0x88eb30063b553ecfL,0x5c19d8c07231e4bbL,0x9c5844dbc4b5961eL,
-        0x9a5e28be582da2d3L,0x4d9a6de0e85fbb1bL,0x00000000000001dfL },
-      { 0xc22621adab9cc6e0L,0x4679d909c4d8e5e2L,0x917e8cff3e8c3c9eL,
-        0xd9b13e821a1925d6L,0x0c173503c81d5d3bL,0x8cb10799e7e3931eL,
-        0xa1e340b7315c7107L,0x0337254e99f39258L,0x000000000000013dL } },
-    /* 52 << 518 */
-    { { 0x525c70348e080aa6L,0xfb65650b703a31d0L,0xb3c9fc909708778bL,
-        0x712babdd5c0de950L,0x2336b614cf922a9cL,0xc9c01fdb2d1541ccL,
-        0x3b0b5acdda984124L,0xc16edb3e5ca5237eL,0x0000000000000031L },
-      { 0x16d195dcba96a3b1L,0xaeb795135b2d839eL,0xff7ca75c3f468379L,
-        0x195ebf452f7a4eccL,0x368bf1ac2cba9fc8L,0x282778c5ad79da65L,
-        0x1ae709a382204582L,0x60da306180e162fcL,0x00000000000000a7L } },
-    /* 53 << 518 */
-    { { 0xc5c076fd98c1993dL,0x7c963fe6af6e50a2L,0x39921d140591b832L,
-        0xaf817e598e6e78b6L,0x7d20b47053141d98L,0x80209dde2675b748L,
-        0x9784d850f911da2eL,0x10d14b67cc679952L,0x0000000000000024L },
-      { 0xf6f7b8551a80d7cdL,0x68fb06ce0d84480fL,0x9d0df3bf450048d6L,
-        0x14848bbe6d416a5aL,0x3191edc563436e69L,0x53daff59f90fac77L,
-        0x331714fb6c2043f8L,0xb67695bf641cb68fL,0x00000000000001bbL } },
-    /* 54 << 518 */
-    { { 0x2568730c4e5e6dbdL,0x81765faf80c64f5cL,0xbf19f28c6c1e36c7L,
-        0x0530e9a6294bd1c2L,0x80e2e102e4043658L,0x0af1e3845ac951ddL,
-        0x37d8ca04a7cc44b8L,0xf767884a3d138475L,0x0000000000000189L },
-      { 0x8ab296a48ae43c93L,0xc0bda5e841f22f63L,0xb61e12430abf701fL,
-        0xa2d6b5360284b234L,0xb417271d9c8e1f29L,0x9377f53ad346e17bL,
-        0xc9410ca7a8843d62L,0x1d304904fe0dd739L,0x0000000000000118L } },
-    /* 55 << 518 */
-    { { 0x42e9239b9ab2b245L,0x2d966c1a1f9e9cddL,0xa2798c7ef19af9a5L,
-        0xde254ef83c79337eL,0x07c5da22f1db6f95L,0x50875be600a3c98cL,
-        0x2bfa5c26b48438f3L,0xb0ad90e5ab0a8365L,0x00000000000000c1L },
-      { 0x83161fcd3bd1626eL,0xa7863bf855e209d5L,0x9d6ecef0d103b98bL,
-        0x885bdf21f0c55498L,0xbe3cc09af953d02cL,0x7fe7985326d91204L,
-        0x9016e8e4f2f0e08aL,0x051fa6822376d502L,0x0000000000000001L } },
-    /* 56 << 518 */
-    { { 0xcab77140311cc347L,0xab8125d2c64bb9ebL,0x834317210e447719L,
-        0x1b072b94ad7f9bc5L,0xdb70c295ccff1aa9L,0x174b731e8969d354L,
-        0x70c0a462f5761c43L,0x14790895dff9a408L,0x000000000000006eL },
-      { 0xefc566d58f909123L,0x2775b7a810896ca6L,0xfe6927ca0b71973bL,
-        0x40babac2b4c9929aL,0x9610d5214bd6f041L,0x82b6d9da8f075949L,
-        0xcb2129e21e7a406cL,0x85389f05106af2acL,0x00000000000000cbL } },
-    /* 57 << 518 */
-    { { 0x30525170711ceca4L,0x754f1f1fba0c3956L,0x5d7049a8c91b73f8L,
-        0xda62d9a77e22f0b1L,0xcd64a052ed6bda8eL,0x174eca531b83dc5dL,
-        0xb4d7576bd3a8c49bL,0x172d6c7526d15902L,0x00000000000000f7L },
-      { 0x88267b378585b54eL,0x8715a8b010b85121L,0xc944f85d6db0be9eL,
-        0x6ca6dec0e92656b0L,0xa141e7cb217c6ed3L,0xd12f342527240ab2L,
-        0x8529f959942ffa5dL,0x4a1a975915792f32L,0x00000000000001c4L } },
-    /* 58 << 518 */
-    { { 0xfb2ad1ae78825be2L,0xb9c0cfcb5f9f377eL,0xb4cd68b823ec81dfL,
-        0xe48d71227620fa13L,0xf0292c9ccfeafd26L,0xd9e5e727625273a6L,
-        0x7aaf3da42a9aafd3L,0x072f0f48a3df15deL,0x000000000000009eL },
-      { 0x623b2ce93036834dL,0x85e00d655518c1c9L,0xcdb55dcfda8ec9c0L,
-        0xe4cfb058df8e18e1L,0xb10fe1db3f381211L,0x26a05c013c5387ddL,
-        0x6860765d2cd4e482L,0xada5d4823d37a01fL,0x0000000000000018L } },
-    /* 59 << 518 */
-    { { 0xe08a1d582f54610aL,0x0aa2efe66ea27082L,0xf32250e8475f591aL,
-        0x38be597af2bdfed6L,0xf13a28e9717532d1L,0xc01feb0de7c1df76L,
-        0xdb9be38e8b96c944L,0xf0700bfe26ea3f6dL,0x000000000000016dL },
-      { 0x963cd0aa82274bcdL,0xc1ed66e6de2ab836L,0x81c6f2e2cc08c42dL,
-        0xed9224a1e00d896eL,0x0ebe4ff069747a38L,0x2e70f9a40130a3a7L,
-        0xeb9cc3eb55451096L,0xa84de8cfa12cec75L,0x0000000000000145L } },
-    /* 60 << 518 */
-    { { 0x28b801584810ce1dL,0xa18f01cf9cd2a530L,0x3f882662bbacc56bL,
-        0x25a09082c8de9031L,0xee333f92c75a3487L,0xc3f231d78c93dc3cL,
-        0x6d53379ad94c4907L,0x1176368211f2d227L,0x00000000000001acL },
-      { 0x137ae216ab84de42L,0xbc00a7c1e4ee4c73L,0x8a42aeb8fc12b03cL,
-        0x9a717ff1cf6a0950L,0x18cbebe30158b96cL,0x0184646550953719L,
-        0x2c73bd13194fdb1eL,0xbd52a1cf3b0d2c34L,0x0000000000000022L } },
-    /* 61 << 518 */
-    { { 0x5da94915f61f7493L,0x661d3e6efe554d0dL,0x1853f3fd93d6395eL,
-        0x917faaca248a6a8fL,0x31e81318e038ae34L,0xd2cf0cefafe38491L,
-        0x49a2e5083c999b79L,0xd5ba94f8a42b9ea7L,0x000000000000000cL },
-      { 0x0bf5a0fd34c430a3L,0x4cb5013ee01f0d5cL,0x7ea690e6337f036cL,
-        0x128d92118d55e026L,0x1d2e25df6ab8ed2dL,0x95e530878237cd22L,
-        0xba3649ec2875bcd7L,0x6b2be67f654dcff2L,0x00000000000001f2L } },
-    /* 62 << 518 */
-    { { 0x421f3e959e2146f0L,0x3a7b0161b2e052acL,0xefd12db1a6cb7e61L,
-        0x887566316bd4bed8L,0x8bc563448c568736L,0xd0ae1019a26bac6bL,
-        0x678f366193311795L,0x11bc3650f625f4a2L,0x00000000000001a8L },
-      { 0x50c943cc23ab8aa1L,0x6aaba8bf2d3b3339L,0x6727f7ffac79f93eL,
-        0x130c2153cba525a4L,0x6759f8f842058fc0L,0x356b182901c30b3bL,
-        0x0bd3aa809078f323L,0x70cd052134621f20L,0x0000000000000071L } },
-    /* 63 << 518 */
-    { { 0xf124aa8bfa466654L,0xf48e0a111882da37L,0x57ea7b2bd0aa1f09L,
-        0x1936fe19589bd6a7L,0xe9f2fb054bd7d150L,0x390250f71df9add6L,
-        0xd69670f24f8651e8L,0xbc7b1bf3e03566c0L,0x00000000000000c4L },
-      { 0xc3b757b4b30e6c6bL,0xdb2c75c2e95c319bL,0x2790396f3aab64b1L,
-        0x9709df8df6768599L,0xc2a91d3204ced567L,0x561cef3c43ead6e4L,
-        0xea56fb57983d1f3eL,0x2f15dfabc0b397f3L,0x0000000000000076L } },
-    /* 64 << 518 */
-    { { 0xcd6151c20e6a4eceL,0x884e5e75a2840752L,0xa6752672c41b64b7L,
-        0x7585f7cbd5cd2b79L,0xac8f7a1c892fb84dL,0xfdb20c7432a80f6fL,
-        0xaec2531339c7ecfeL,0xc84d7c5c93b1e75bL,0x000000000000011bL },
-      { 0x30ab00a3bc363066L,0xd9a0ab44d371d11cL,0x13697c6aab047490L,
-        0x1adffb54a57574cdL,0x753eafa0e548b99bL,0x51abf774a7f0df39L,
-        0xe8fab02c903eaee9L,0xdf2f5e8af7542020L,0x00000000000000faL } },
-};
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_add_only_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_521 v[75];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_ecc_recode_7_9(k, v);
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        i = 74;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_65_9(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_65_9(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_521_proj_point_add_qz1_9(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_521_map_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_add_only_9(r, NULL, p521_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Pre-computed table containing multiples of g times powers of 2.
- * Width between powers is 7 bits.
- * Accumulate into the result.
- *
- * r      Resulting point.
- * g      Point to scalar multiply.
- * k      Scalar to multiply by.
- * table  Pre-computed table of points.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_add_only_avx2_9(sp_point_521* r, const sp_point_521* g,
-        const sp_table_entry_521* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, rt, 2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    sp_point_521* p = NULL;
-    sp_digit* negy = NULL;
-    int i;
-    ecc_recode_521 v[75];
-    int err = MP_OKAY;
-
-    (void)g;
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_521, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        negy = tmp;
-        p = rt + 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_ecc_recode_7_9(k, v);
-
-        XMEMCPY(p->z, p521_norm_mod, sizeof(p521_norm_mod));
-        XMEMCPY(rt->z, p521_norm_mod, sizeof(p521_norm_mod));
-
-        i = 74;
-    #ifndef WC_NO_CACHE_RESISTANT
-        if (ct) {
-            sp_521_get_entry_65_avx2_9(rt, &table[i * 65], v[i].i);
-        }
-        else
-    #endif
-        {
-            XMEMCPY(rt->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-            XMEMCPY(rt->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-        }
-        rt->infinity = !v[i].i;
-        for (--i; i>=0; i--) {
-        #ifndef WC_NO_CACHE_RESISTANT
-            if (ct) {
-                sp_521_get_entry_65_avx2_9(p, &table[i * 65], v[i].i);
-            }
-            else
-        #endif
-            {
-                XMEMCPY(p->x, table[i * 65 + v[i].i].x, sizeof(table->x));
-                XMEMCPY(p->y, table[i * 65 + v[i].i].y, sizeof(table->y));
-            }
-            p->infinity = !v[i].i;
-            sp_521_sub_9(negy, p521_mod, p->y);
-            sp_521_norm_9(negy);
-            sp_521_cond_copy_9(p->y, negy, (sp_digit)(0 - v[i].neg));
-            sp_521_proj_point_add_qz1_avx2_9(rt, rt, p, tmp);
-        }
-        if (map != 0) {
-            sp_521_map_avx2_9(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_521));
-        }
-    }
-
-    SP_ZEROFREE_VAR(sp_digit, tmp, 2 * 9 * 6, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_ecc_mulmod_base_avx2_9(sp_point_521* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_521_ecc_mulmod_add_only_avx2_9(r, NULL, p521_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* WOLFSSL_SP_SMALL */
-/* Multiply the base point of P521 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, km);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_base_avx2_9(point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_base_9(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P521 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 2);
-    SP_DECL_VAR(sp_digit, k, 9 + 9 * 2 * 6);
-    sp_point_521* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_521, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9 + 9 * 2 * 6, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 9;
-
-        sp_521_from_mp(k, 9, km);
-        sp_521_point_from_ecc_point_9(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->x, addP->x, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->y, addP->y, p521_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_521_mod_mul_norm_9(addP->z, addP->z, p521_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_base_avx2_9(point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_base_9(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_proj_point_add_avx2_9(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_521_proj_point_add_9(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_521_map_avx2_9(point, point, tmp);
-            }
-            else
-#endif
-                sp_521_map_9(point, point, tmp);
-        }
-
-        err = sp_521_point_to_ecc_point_9(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#if defined(WOLFSSL_VALIDATE_ECC_KEYGEN) || defined(HAVE_ECC_SIGN) || \
-                                                        defined(HAVE_ECC_VERIFY)
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN | HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifndef WC_NO_RNG
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_add_one_9(sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_521_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_521_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Generates a scalar that is in the range 1..order-1.
- *
- * rng  Random number generator.
- * k    Scalar value.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-static int sp_521_ecc_gen_k_9(WC_RNG* rng, sp_digit* k)
-{
-#ifndef WC_NO_RNG
-    int err;
-    byte buf[66];
-
-    do {
-        err = wc_RNG_GenerateBlock(rng, buf, sizeof(buf));
-        if (err == 0) {
-            buf[0] &= 0x1;
-            sp_521_from_bin(k, 9, buf, (int)sizeof(buf));
-            if (sp_521_cmp_9(k, p521_order2) <= 0) {
-                sp_521_add_one_9(k);
-                break;
-            }
-        }
-    }
-    while (err == 0);
-
-    return err;
-#else
-    (void)rng;
-    (void)k;
-    return NOT_COMPILED_IN;
-#endif
-}
-
-/* Makes a random EC key pair.
- *
- * rng   Random number generator.
- * priv  Generated private value.
- * pub   Generated public point.
- * heap  Heap to use for allocation.
- * returns ECC_INF_E when the point does not have the correct order, RNG
- * failures, MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
-{
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_DECL_VAR(sp_point_521, point, 2);
-#else
-    SP_DECL_VAR(sp_point_521, point, 1);
-#endif
-    SP_DECL_VAR(sp_digit, k, 9);
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = NULL;
-#endif
-    int err = MP_OKAY;
-
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    (void)heap;
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    SP_ALLOC_VAR(sp_point_521, point, 2, heap, DYNAMIC_TYPE_ECC);
-#else
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-#endif
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        infinity = point + 1;
-    #endif
-
-        err = sp_521_ecc_gen_k_9(rng, k);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_base_avx2_9(point, k, 1, 1, NULL);
-       }
-        else
-#endif
-            err = sp_521_ecc_mulmod_base_9(point, k, 1, 1, NULL);
-    }
-
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_avx2_9(infinity, point, p521_order, 1, 1,
-                                                                          NULL);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_9(infinity, point, p521_order, 1, 1, NULL);
-    }
-    if (err == MP_OKAY) {
-        if (sp_521_iszero_9(point->x) || sp_521_iszero_9(point->y)) {
-            err = ECC_INF_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(k, priv);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_point_to_ecc_point_9(point, pub);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    /* point is not sensitive, so no need to zeroize */
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_key_gen_521_ctx {
-    int state;
-    sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-    sp_digit k[9];
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521  point[2];
-#else
-    sp_point_521 point[1];
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-} sp_ecc_key_gen_521_ctx;
-
-int sp_ecc_make_key_521_nb(sp_ecc_ctx_t* sp_ctx, WC_RNG* rng, mp_int* priv,
-    ecc_point* pub, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_key_gen_521_ctx* ctx = (sp_ecc_key_gen_521_ctx*)sp_ctx->data;
-#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-    sp_point_521* infinity = ctx->point + 1;
-#endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-
-    typedef char ctx_size_test[sizeof(sp_ecc_key_gen_521_ctx)
-                               >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-        case 0:
-            err = sp_521_ecc_gen_k_9(rng, ctx->k);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-                ctx->state = 1;
-            }
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_base_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                err = FP_WOULDBLOCK;
-            #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-                XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-                ctx->state = 2;
-            #else
-                ctx->state = 3;
-            #endif
-            }
-            break;
-    #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
-        case 2:
-            err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      infinity, ctx->point, p521_order, 1, 1);
-            if (err == MP_OKAY) {
-                if (sp_521_iszero_9(ctx->point->x) ||
-                    sp_521_iszero_9(ctx->point->y)) {
-                    err = ECC_INF_E;
-                }
-                else {
-                    err = FP_WOULDBLOCK;
-                    ctx->state = 3;
-                }
-            }
-            break;
-    #endif /* WOLFSSL_VALIDATE_ECC_KEYGEN */
-        case 3:
-            err = sp_521_to_mp(ctx->k, priv);
-            if (err == MP_OKAY) {
-                err = sp_521_point_to_ecc_point_9(ctx->point, pub);
-            }
-            break;
-    }
-
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_key_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-#ifdef HAVE_ECC_DHE
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_to_bin_bswap_9(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_to_bin_movbe_9(sp_digit* r, byte* a);
-#ifdef __cplusplus
-}
-#endif
-/* Write r as big endian to byte array.
- * Fixed length number of bytes written: 66
- *
- * r  A single precision integer.
- * a  Byte array.
- */
-static void sp_521_to_bin_9(sp_digit* r, byte* a)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_521_to_bin_movbe_9(r, a);
-    }
-    else
-#endif
-    {
-        sp_521_to_bin_bswap_9(r, a);
-    }
-}
-
-/* Multiply the point by the scalar and serialize the X ordinate.
- * The number is 0 padded to maximum size on output.
- *
- * priv    Scalar to multiply the point by.
- * pub     Point to multiply.
- * out     Buffer to hold X ordinate.
- * outLen  On entry, size of the buffer in bytes.
- *         On exit, length of data in buffer in bytes.
- * heap    Heap to use for allocation.
- * returns BUFFER_E if the buffer is to small for output size,
- * MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_secret_gen_521(const mp_int* priv, const ecc_point* pub, byte* out,
-                          word32* outLen, void* heap)
-{
-    SP_DECL_VAR(sp_point_521, point, 1);
-    SP_DECL_VAR(sp_digit, k, 9);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    if (*outLen < 65U) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 9, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(k, 9, priv);
-        sp_521_point_from_ecc_point_9(point, pub);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_avx2_9(point, point, k, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_9(point, point, k, 1, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        sp_521_to_bin_9(point->x, out);
-        *outLen = 66;
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sec_gen_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-    };
-    sp_digit k[9];
-    sp_point_521 point;
-} sp_ecc_sec_gen_521_ctx;
-
-int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
-    const ecc_point* pub, byte* out, word32* outLen, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sec_gen_521_ctx* ctx = (sp_ecc_sec_gen_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sec_gen_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    if (*outLen < 32U) {
-        err = BUFFER_E;
-    }
-
-    switch (ctx->state) {
-        case 0:
-            sp_521_from_mp(ctx->k, 9, priv);
-            sp_521_point_from_ecc_point_9(&ctx->point, pub);
-            ctx->state = 1;
-            break;
-        case 1:
-            err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-                      &ctx->point, &ctx->point, ctx->k, 1, 1, heap);
-            if (err == MP_OKAY) {
-                sp_521_to_bin_9(ctx->point.x, out);
-                *outLen = 66;
-            }
-            break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 1) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx, 0, sizeof(sp_ecc_sec_gen_521_ctx));
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_DHE */
-
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_rshift_9(sp_digit* r, const sp_digit* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_lshift_9(sp_digit* r, const sp_digit* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_lshift_18(sp_digit* r, const sp_digit* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_521_sub_in_place_9(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mul_d_9(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_mul_d_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_521_word_asm_9(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_521_word_9(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_521_word_asm_9(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_521_word_9(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_521_mask_9(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<9; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    r[0] = a[0] & m;
-    r[1] = a[1] & m;
-    r[2] = a[2] & m;
-    r[3] = a[3] & m;
-    r[4] = a[4] & m;
-    r[5] = a[5] & m;
-    r[6] = a[6] & m;
-    r[7] = a[7] & m;
-    r[8] = a[8] & m;
-#endif
-}
-
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[19];
-    sp_digit t2[10];
-    sp_digit sd[10];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = (d[8] << 55) | (d[7] >> 9);
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 9);
-    r1 = sp_521_cmp_9(&t1[9], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_521_cond_sub_avx2_9(&t1[9], &t1[9], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_521_cond_sub_9(&t1[9], &t1[9], d, (sp_digit)0 - r1);
-    sp_521_lshift_9(sd, d, 55);
-    sp_521_lshift_18(t1, t1, 55);
-
-    for (i = 8; i >= 0; i--) {
-        sp_digit hi = t1[9 + i] - (t1[9 + i] == div);
-        r1 = div_521_word_9(hi, t1[9 + i - 1], div);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_521_mul_d_avx2_9(t2, sd, r1);
-        else
-#endif
-            sp_521_mul_d_9(t2, sd, r1);
-        t1[9 + i] += sp_521_sub_in_place_9(&t1[i], t2);
-        t1[9 + i] -= t2[9];
-        sp_521_mask_9(t2, sd, t1[9 + i]);
-        t1[9 + i] += sp_521_add_9(&t1[i], &t1[i], t2);
-        sp_521_mask_9(t2, sd, t1[9 + i]);
-        t1[9 + i] += sp_521_add_9(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_521_cmp_9(t1, sd) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_521_cond_sub_avx2_9(r, t1, sd, (sp_digit)0 - r1);
-    else
-#endif
-        sp_521_cond_sub_9(r, t1, sd, (sp_digit)0 - r1);
-    sp_521_rshift_9(r, r, 55);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_521_mod_9(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_521_div_9(a, m, NULL, r);
-}
-
-#endif
-#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_9(r, a, b);
-    sp_521_mont_reduce_order_9(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-#ifdef WOLFSSL_SP_SMALL
-/* Order-2 for the P521 curve. */
-static const word64 p521_order_minus_2[9] = {
-    0xbb6fb71e91386407U,0x3bb5c9b8899c47aeU,0x7fcc0148f709a5d0U,
-    0x51868783bf2f966bU,0xfffffffffffffffaU,0xffffffffffffffffU,
-    0xffffffffffffffffU,0xffffffffffffffffU,0x00000000000001ffU
-};
-#else
-/* The low half of the order-2 of the P521 curve. */
-static const word64 p521_order_low[5] = {
-    0xbb6fb71e91386407U,0x3bb5c9b8899c47aeU,0x7fcc0148f709a5d0U,
-    0x51868783bf2f966bU,0xfffffffffffffffaU
-};
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_9(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_9(r, a);
-    sp_521_mont_reduce_order_9(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_9(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_9(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_9(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_9_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_9_ctx;
-static int sp_521_mont_inv_order_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_9_ctx* ctx = (sp_521_mont_inv_order_9_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 9);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_9(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_9(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_9(t, t);
-        if ((p521_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_9(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_9(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_9(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_9(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_9(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_9(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_9(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_9(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_9(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_9(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_9(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_9(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_9(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_9(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_9(t2, t2);
-        if ((p521_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_9(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_9(t2, t2);
-    sp_521_mont_mul_order_9(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#ifdef HAVE_INTEL_AVX2
-/* Multiply two number mod the order of P521 curve. (r = a * b mod order)
- *
- * r  Result of the multiplication.
- * a  First operand of the multiplication.
- * b  Second operand of the multiplication.
- */
-static void sp_521_mont_mul_order_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* b)
-{
-    sp_521_mul_avx2_9(r, a, b);
-    sp_521_mont_reduce_order_avx2_9(r, p521_order, p521_mp_order);
-}
-
-#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
-/* Square number mod the order of P521 curve. (r = a * a mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_order_avx2_9(sp_digit* r, const sp_digit* a)
-{
-    sp_521_sqr_avx2_9(r, a);
-    sp_521_mont_reduce_order_avx2_9(r, p521_order, p521_mp_order);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Square number mod the order of P521 curve a number of times.
- * (r = a ^ n mod order)
- *
- * r  Result of the squaring.
- * a  Number to square.
- */
-static void sp_521_mont_sqr_n_order_avx2_9(sp_digit* r, const sp_digit* a, int n)
-{
-    int i;
-
-    sp_521_mont_sqr_order_avx2_9(r, a);
-    for (i=1; i<n; i++) {
-        sp_521_mont_sqr_order_avx2_9(r, r);
-    }
-}
-#endif /* !WOLFSSL_SP_SMALL */
-
-/* Invert the number, in Montgomery form, modulo the order of the P521 curve.
- * (r = 1 / a mod order)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_521_mont_inv_order_avx2_9_ctx {
-    int state;
-    int i;
-} sp_521_mont_inv_order_avx2_9_ctx;
-static int sp_521_mont_inv_order_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_digit* r, const sp_digit* a,
-        sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_521_mont_inv_order_avx2_9_ctx* ctx = (sp_521_mont_inv_order_avx2_9_ctx*)sp_ctx;
-
-    typedef char ctx_size_test[sizeof(sp_521_mont_inv_order_avx2_9_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        XMEMCPY(t, a, sizeof(sp_digit) * 9);
-        ctx->i = 519;
-        ctx->state = 1;
-        break;
-    case 1:
-        sp_521_mont_sqr_order_avx2_9(t, t);
-        ctx->state = 2;
-        break;
-    case 2:
-        if ((p521_order_minus_2[ctx->i / 64] & ((sp_int_digit)1 << (ctx->i % 64))) != 0) {
-            sp_521_mont_mul_order_avx2_9(t, t, a);
-        }
-        ctx->i--;
-        ctx->state = (ctx->i == 0) ? 3 : 1;
-        break;
-    case 3:
-        XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-        err = MP_OKAY;
-        break;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-static void sp_521_mont_inv_order_avx2_9(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-#ifdef WOLFSSL_SP_SMALL
-    sp_digit* t = td;
-    int i;
-
-    XMEMCPY(t, a, sizeof(sp_digit) * 9);
-    for (i=519; i>=0; i--) {
-        sp_521_mont_sqr_order_avx2_9(t, t);
-        if ((p521_order_minus_2[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_avx2_9(t, t, a);
-        }
-    }
-    XMEMCPY(r, t, sizeof(sp_digit) * 9U);
-#else
-    sp_digit* t = td;
-    sp_digit* t2 = td + 2 * 9;
-    sp_digit* t3 = td + 4 * 9;
-    int i;
-
-    /* t = a^2 */
-    sp_521_mont_sqr_order_avx2_9(t, a);
-    /* t = a^3 = t * a */
-    sp_521_mont_mul_order_avx2_9(t, t, a);
-    /* t= a^c = t ^ 2 ^ 2 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 2);
-    /* t = a^f = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-
-    /* t3 = a^1e */
-    sp_521_mont_sqr_order_avx2_9(t3, t);
-    /* t3 = a^1f = t3 * a */
-    sp_521_mont_mul_order_avx2_9(t3, t3, a);
-
-    /* t2= a^f0 = t ^ 2 ^ 4 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 4);
-    /* t = a^ff = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-    /* t2= a^ff00 = t ^ 2 ^ 8 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 8);
-    /* t3= a^ffff = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-
-    /* t2= a^ffffffff00000000 = t ^ 2 ^ 32 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 32);
-    /* t = a^ffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-    /* t2= a^ffffffffffffffff0000000000000000 = t ^ 2 ^ 64 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 64);
-    /* t = a^ffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-    /* t2= a^ffffffffffffffffffffffffffffffff00000000000000000000000000000000 = t ^ 2 ^ 128 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 128);
-    /* t = a^ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t2 * t */
-    sp_521_mont_mul_order_avx2_9(t, t2, t);
-
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0 */
-    sp_521_mont_sqr_n_order_avx2_9(t2, t, 5);
-    /* t2 = a^1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff = t * t3 */
-    sp_521_mont_mul_order_avx2_9(t2, t2, t3);
-
-    for (i=259; i>=1; i--) {
-        sp_521_mont_sqr_order_avx2_9(t2, t2);
-        if ((p521_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_521_mont_mul_order_avx2_9(t2, t2, a);
-        }
-    }
-    sp_521_mont_sqr_order_avx2_9(t2, t2);
-    sp_521_mont_mul_order_avx2_9(r, t2, a);
-#endif /* WOLFSSL_SP_SMALL */
-}
-
-#endif /* HAVE_ECC_SIGN || (HAVE_ECC_VERIFY && WOLFSSL_SP_SMALL) */
-#endif /* HAVE_INTEL_AVX2 */
-#endif /* HAVE_ECC_SIGN | HAVE_ECC_VERIFY */
-#ifdef HAVE_ECC_SIGN
-#ifndef SP_ECC_MAX_SIG_GEN
-#define SP_ECC_MAX_SIG_GEN  64
-#endif
-
-/* Calculate second signature value S from R, k and private value.
- *
- * s = (r * x + e) / k
- *
- * s    Signature value.
- * r    First signature value.
- * k    Ephemeral private key.
- * x    Private key as a number.
- * e    Hash of message as a number.
- * tmp  Temporary storage for intermediate numbers.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_s_9(sp_digit* s, const sp_digit* r, sp_digit* k,
-    sp_digit* x, const sp_digit* e, sp_digit* tmp)
-{
-    int err;
-    sp_digit carry;
-    sp_int64 c;
-    sp_digit* kInv = k;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    /* Conv k to Montgomery form (mod order) */
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_521_mul_avx2_9(k, k, p521_norm_order);
-    }
-    else
-#endif
-        sp_521_mul_9(k, k, p521_norm_order);
-    err = sp_521_mod_9(k, k, p521_order);
-    if (err == MP_OKAY) {
-        sp_521_norm_9(k);
-
-        /* kInv = 1/k mod order */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_inv_order_avx2_9(kInv, k, tmp);
-        }
-        else
-#endif
-            sp_521_mont_inv_order_9(kInv, k, tmp);
-        sp_521_norm_9(kInv);
-
-        /* s = r * x + e */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mul_avx2_9(x, x, r);
-        }
-        else
-#endif
-            sp_521_mul_9(x, x, r);
-        err = sp_521_mod_9(x, x, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_9(x);
-        carry = sp_521_add_9(s, e, x);
-        sp_521_cond_sub_9(s, s, p521_order, 0 - carry);
-        sp_521_norm_9(s);
-        c = sp_521_cmp_9(s, p521_order);
-        sp_521_cond_sub_9(s, s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(s);
-
-        /* s = s * k^-1 mod order */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_mul_order_avx2_9(s, s, kInv);
-        }
-        else
-#endif
-            sp_521_mont_mul_order_9(s, s, kInv);
-        sp_521_norm_9(s);
-    }
-
-    return err;
-}
-
-/* Sign the hash using the private key.
- *   e = [hash, 521 bits] from binary
- *   r = (k.G)->x mod order
- *   s = (r * x + e) / k mod order
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_ecc_sign_521(const byte* hash, word32 hashLen, WC_RNG* rng,
-    const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    SP_DECL_VAR(sp_digit, e, 7 * 2 * 9);
-    SP_DECL_VAR(sp_point_521, point, 1);
-    sp_digit* x = NULL;
-    sp_digit* k = NULL;
-    sp_digit* r = NULL;
-    sp_digit* tmp = NULL;
-    sp_digit* s = NULL;
-    sp_int64 c;
-    int err = MP_OKAY;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        x = e + 2 * 9;
-        k = e + 4 * 9;
-        r = e + 6 * 9;
-        tmp = e + 8 * 9;
-        s = e;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-    }
-
-    for (i = SP_ECC_MAX_SIG_GEN; err == MP_OKAY && i > 0; i--) {
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_9(rng, k);
-        }
-        else {
-            sp_521_from_mp(k, 9, km);
-            mp_zero(km);
-        }
-        if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_521_ecc_mulmod_base_avx2_9(point, k, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_521_ecc_mulmod_base_9(point, k, 1, 1, heap);
-        }
-
-        if (err == MP_OKAY) {
-            /* r = point->x mod order */
-            XMEMCPY(r, point->x, sizeof(sp_digit) * 9U);
-            sp_521_norm_9(r);
-            c = sp_521_cmp_9(r, p521_order);
-            sp_521_cond_sub_9(r, r, p521_order,
-                (sp_digit)0 - (sp_digit)(c >= 0));
-            sp_521_norm_9(r);
-
-            if (!sp_521_iszero_9(r)) {
-                /* x is modified in calculation of s. */
-                sp_521_from_mp(x, 9, priv);
-                /* s ptr == e ptr, e is modified in calculation of s. */
-                sp_521_from_bin(e, 9, hash, (int)hashLen);
-
-                /* Take 521 leftmost bits of hash. */
-                if (hashLen == 66U) {
-                    sp_521_rshift_9(e, e, 7);
-                }
-
-                err = sp_521_calc_s_9(s, r, k, x, e, tmp);
-
-                /* Check that signature is usable. */
-                if ((err == MP_OKAY) && (!sp_521_iszero_9(s))) {
-                    break;
-                }
-            }
-        }
-#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        i = 1;
-#endif
-    }
-
-    if (i == 0) {
-        err = RNG_FAILURE_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(r, rm);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(s, sm);
-    }
-
-    SP_ZEROFREE_VAR(sp_point_521, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ZEROFREE_VAR(sp_digit, e, 7 * 2 * 9, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_sign_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_521_mont_inv_order_9_ctx mont_inv_order_ctx;
-    };
-    sp_digit e[2*9];
-    sp_digit x[2*9];
-    sp_digit k[2*9];
-    sp_digit r[2*9];
-    sp_digit tmp[3 * 2*9];
-    sp_point_521 point;
-    sp_digit* s;
-    sp_digit* kInv;
-    int i;
-} sp_ecc_sign_521_ctx;
-
-int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, WC_RNG* rng,
-    mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_sign_521_ctx* ctx = (sp_ecc_sign_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_sign_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->s = ctx->e;
-        ctx->kInv = ctx->k;
-
-        ctx->i = SP_ECC_MAX_SIG_GEN;
-        ctx->state = 1;
-        break;
-    case 1: /* GEN */
-        /* New random point. */
-        if (km == NULL || mp_iszero(km)) {
-            err = sp_521_ecc_gen_k_9(rng, ctx->k);
-        }
-        else {
-            sp_521_from_mp(ctx->k, 9, km);
-            mp_zero(km);
-        }
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 2;
-        break;
-    case 2: /* MULMOD */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx,
-            &ctx->point, &p521_base, ctx->k, 1, 1, heap);
-        if (err == MP_OKAY) {
-            ctx->state = 3;
-        }
-        break;
-    case 3: /* MODORDER */
-    {
-        sp_int64 c;
-        /* r = point->x mod order */
-        XMEMCPY(ctx->r, ctx->point.x, sizeof(sp_digit) * 9U);
-        sp_521_norm_9(ctx->r);
-        c = sp_521_cmp_9(ctx->r, p521_order);
-        sp_521_cond_sub_9(ctx->r, ctx->r, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(ctx->r);
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-        sp_521_from_mp(ctx->x, 9, priv);
-        sp_521_from_bin(ctx->e, 9, hash, (int)hashLen);
-        if (hashLen == 66U) {
-            sp_521_rshift_9(ctx->e, ctx->e, 7);
-        }
-        ctx->state = 4;
-        break;
-    }
-    case 4: /* KMODORDER */
-        /* Conv k to Montgomery form (mod order) */
-        sp_521_mul_9(ctx->k, ctx->k, p521_norm_order);
-        err = sp_521_mod_9(ctx->k, ctx->k, p521_order);
-        if (err == MP_OKAY) {
-            sp_521_norm_9(ctx->k);
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 5;
-        }
-        break;
-    case 5: /* KINV */
-        /* kInv = 1/k mod order */
-        err = sp_521_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->kInv, ctx->k, ctx->tmp);
-        if (err == MP_OKAY) {
-            XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-            ctx->state = 6;
-        }
-        break;
-    case 6: /* KINVNORM */
-        sp_521_norm_9(ctx->kInv);
-        ctx->state = 7;
-        break;
-    case 7: /* R */
-        /* s = r * x + e */
-        sp_521_mul_9(ctx->x, ctx->x, ctx->r);
-        ctx->state = 8;
-        break;
-    case 8: /* S1 */
-        err = sp_521_mod_9(ctx->x, ctx->x, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* S2 */
-    {
-        sp_digit carry;
-        sp_int64 c;
-        sp_521_norm_9(ctx->x);
-        carry = sp_521_add_9(ctx->s, ctx->e, ctx->x);
-        sp_521_cond_sub_9(ctx->s, ctx->s,
-            p521_order, 0 - carry);
-        sp_521_norm_9(ctx->s);
-        c = sp_521_cmp_9(ctx->s, p521_order);
-        sp_521_cond_sub_9(ctx->s, ctx->s, p521_order,
-            (sp_digit)0 - (sp_digit)(c >= 0));
-        sp_521_norm_9(ctx->s);
-
-        /* s = s * k^-1 mod order */
-        sp_521_mont_mul_order_9(ctx->s, ctx->s, ctx->kInv);
-        sp_521_norm_9(ctx->s);
-
-        /* Check that signature is usable. */
-        if (sp_521_iszero_9(ctx->s) == 0) {
-            ctx->state = 10;
-            break;
-        }
-    #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
-        ctx->i = 1;
-    #endif
-
-        /* not usable gen, try again */
-        ctx->i--;
-        if (ctx->i == 0) {
-            err = RNG_FAILURE_E;
-        }
-        ctx->state = 1;
-        break;
-    }
-    case 10: /* RES */
-        err = sp_521_to_mp(ctx->r, rm);
-        if (err == MP_OKAY) {
-            err = sp_521_to_mp(ctx->s, sm);
-        }
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 10) {
-        err = FP_WOULDBLOCK;
-    }
-    if (err != FP_WOULDBLOCK) {
-        XMEMSET(ctx->e, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 9U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 9U);
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_SIGN */
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_rshift1_9(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_521_div2_mod_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern int sp_521_num_bits_9(const sp_digit * a);
-#ifdef __cplusplus
-}
-#endif
-/* Non-constant time modular inversion.
- *
- * @param  [out]  r   Resulting number.
- * @param  [in]   a   Number to invert.
- * @param  [in]   m   Modulus.
- * @return  MP_OKAY on success.
- */
-static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_digit u[9];
-    sp_digit v[9];
-    sp_digit b[9];
-    sp_digit d[9];
-    int ut, vt;
-    sp_digit o;
-
-
-    XMEMCPY(u, m, sizeof(u));
-    XMEMCPY(v, a, sizeof(v));
-
-    ut = sp_521_num_bits_9(u);
-    vt = sp_521_num_bits_9(v);
-
-    XMEMSET(b, 0, sizeof(b));
-    if ((v[0] & 1) == 0) {
-        sp_521_rshift1_9(v, v);
-        XMEMCPY(d, m, sizeof(u));
-        d[0] += 1;
-        sp_521_rshift1_9(d, d);
-        vt--;
-
-        while ((v[0] & 1) == 0) {
-            sp_521_rshift1_9(v, v);
-            sp_521_div2_mod_9(d, d, m);
-            vt--;
-        }
-    }
-    else {
-        XMEMSET(d+1, 0, sizeof(d)-sizeof(sp_digit));
-        d[0] = 1;
-    }
-
-    while (ut > 1 && vt > 1) {
-        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_9(u, v) >= 0))) {
-            sp_521_sub_9(u, u, v);
-            o = sp_521_sub_9(b, b, d);
-            if (o != 0)
-                sp_521_add_9(b, b, m);
-            ut = sp_521_num_bits_9(u);
-
-            do {
-                sp_521_rshift1_9(u, u);
-                sp_521_div2_mod_9(b, b, m);
-                ut--;
-            }
-            while (ut > 0 && (u[0] & 1) == 0);
-        }
-        else {
-            sp_521_sub_9(v, v, u);
-            o = sp_521_sub_9(d, d, b);
-            if (o != 0)
-                sp_521_add_9(d, d, m);
-            vt = sp_521_num_bits_9(v);
-
-            do {
-                sp_521_rshift1_9(v, v);
-                sp_521_div2_mod_9(d, d, m);
-                vt--;
-            }
-            while (vt > 0 && (v[0] & 1) == 0);
-        }
-    }
-
-    if (ut == 1)
-        XMEMCPY(r, b, sizeof(b));
-    else
-        XMEMCPY(r, d, sizeof(d));
-
-
-    return MP_OKAY;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-
-/* Add point p1 into point p2. Handles p1 == p2 and result at infinity.
- *
- * p1   First point to add and holds result.
- * p2   Second point to add.
- * tmp  Temporary storage for intermediate numbers.
- */
-static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
-    sp_digit* tmp)
-{
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-            IS_INTEL_AVX2(cpuid_flags)) {
-        sp_521_proj_point_add_avx2_9(p1, p1, p2, tmp);
-    }
-    else
-#endif
-        sp_521_proj_point_add_9(p1, p1, p2, tmp);
-    if (sp_521_iszero_9(p1->z)) {
-        if (sp_521_iszero_9(p1->x) && sp_521_iszero_9(p1->y)) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_521_proj_point_dbl_avx2_9(p1, p2, tmp);
-            }
-            else
-#endif
-                sp_521_proj_point_dbl_9(p1, p2, tmp);
-        }
-        else {
-            /* Y ordinate is not used from here - don't set. */
-            p1->x[0] = 0;
-            p1->x[1] = 0;
-            p1->x[2] = 0;
-            p1->x[3] = 0;
-            p1->x[4] = 0;
-            p1->x[5] = 0;
-            p1->x[6] = 0;
-            p1->x[7] = 0;
-            p1->x[8] = 0;
-            XMEMCPY(p1->z, p521_norm_mod, sizeof(p521_norm_mod));
-        }
-    }
-}
-
-/* Calculate the verification point: [e/s]G + [r/s]Q
- *
- * p1    Calculated point.
- * p2    Public point and temporary.
- * s     Second part of signature as a number.
- * u1    Temporary number.
- * u2    Temporary number.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_521_calc_vfy_point_9(sp_point_521* p1, sp_point_521* p2,
-    sp_digit* s, sp_digit* u1, sp_digit* u2, sp_digit* tmp, void* heap)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-#ifndef WOLFSSL_SP_SMALL
-    err = sp_521_mod_inv_9(s, s, p521_order);
-    if (err == MP_OKAY)
-#endif /* !WOLFSSL_SP_SMALL */
-    {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mul_avx2_9(s, s, p521_norm_order);
-        }
-        else
-#endif
-        {
-            sp_521_mul_9(s, s, p521_norm_order);
-        }
-        err = sp_521_mod_9(s, s, p521_order);
-    }
-    if (err == MP_OKAY) {
-        sp_521_norm_9(s);
-#ifdef WOLFSSL_SP_SMALL
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_inv_order_avx2_9(s, s, tmp);
-            sp_521_mont_mul_order_avx2_9(u1, u1, s);
-            sp_521_mont_mul_order_avx2_9(u2, u2, s);
-        }
-        else
-#endif
-        {
-            sp_521_mont_inv_order_9(s, s, tmp);
-            sp_521_mont_mul_order_9(u1, u1, s);
-            sp_521_mont_mul_order_9(u2, u2, s);
-        }
-#else
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_mul_order_avx2_9(u1, u1, s);
-            sp_521_mont_mul_order_avx2_9(u2, u2, s);
-        }
-        else
-#endif
-        {
-            sp_521_mont_mul_order_9(u1, u1, s);
-            sp_521_mont_mul_order_9(u2, u2, s);
-        }
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_base_avx2_9(p1, u1, 0, 0, heap);
-        }
-        else
-#endif
-        {
-            err = sp_521_ecc_mulmod_base_9(p1, u1, 0, 0, heap);
-        }
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_9(p1->z)) {
-        p1->infinity = 1;
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_avx2_9(p2, p2, u2, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_9(p2, p2, u2, 0, 0, heap);
-    }
-    if ((err == MP_OKAY) && sp_521_iszero_9(p2->z)) {
-        p2->infinity = 1;
-    }
-
-    if (err == MP_OKAY) {
-        sp_521_add_points_9(p1, p2, tmp);
-    }
-
-    return err;
-}
-
-#ifdef HAVE_ECC_VERIFY
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 521)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 521 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_verify_521(const byte* hash, word32 hashLen, const mp_int* pX,
-    const mp_int* pY, const mp_int* pZ, const mp_int* rm, const mp_int* sm,
-    int* res, void* heap)
-{
-    SP_DECL_VAR(sp_digit, u1, 18 * 9);
-    SP_DECL_VAR(sp_point_521, p1, 2);
-    sp_digit* u2 = NULL;
-    sp_digit* s = NULL;
-    sp_digit* tmp = NULL;
-    sp_point_521* p2 = NULL;
-    sp_digit carry;
-    sp_int64 c = 0;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, u1, 18 * 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p1, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        u2  = u1 + 2 * 9;
-        s   = u1 + 4 * 9;
-        tmp = u1 + 6 * 9;
-        p2 = p1 + 1;
-
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(u1, 9, hash, (int)hashLen);
-        sp_521_from_mp(u2, 9, rm);
-        sp_521_from_mp(s, 9, sm);
-        sp_521_from_mp(p2->x, 9, pX);
-        sp_521_from_mp(p2->y, 9, pY);
-        sp_521_from_mp(p2->z, 9, pZ);
-
-        if (hashLen == 66U) {
-            sp_521_rshift_9(u1, u1, 7);
-        }
-
-        err = sp_521_calc_vfy_point_9(p1, p2, s, u1, u2, tmp, heap);
-    }
-    if (err == MP_OKAY) {
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(u2, 9, rm);
-        err = sp_521_mod_mul_norm_9(u2, u2, p521_mod);
-    }
-
-    if (err == MP_OKAY) {
-        /* u1 = r.z'.z' mod prime */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_sqr_avx2_9(p1->z, p1->z, p521_mod, p521_mp_mod);
-        }
-        else
-#endif
-            sp_521_mont_sqr_9(p1->z, p1->z, p521_mod, p521_mp_mod);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_mul_avx2_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        }
-        else
-#endif
-            sp_521_mont_mul_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-        *res = (int)(sp_521_cmp_9(p1->x, u1) == 0);
-        if (*res == 0) {
-            /* Reload r and add order. */
-            sp_521_from_mp(u2, 9, rm);
-            carry = sp_521_add_9(u2, u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_9(u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_9(u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_9(u2, u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-#ifdef HAVE_INTEL_AVX2
-                if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                        IS_INTEL_AVX2(cpuid_flags)) {
-                    sp_521_mont_mul_avx2_9(u1, u2, p1->z, p521_mod,
-                        p521_mp_mod);
-                }
-                else
-#endif
-                {
-                    sp_521_mont_mul_9(u1, u2, p1->z, p521_mod, p521_mp_mod);
-                }
-                *res = (sp_521_cmp_9(p1->x, u1) == 0);
-            }
-        }
-    }
-
-    SP_FREE_VAR(p1, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(u1, heap, DYNAMIC_TYPE_ECC);
-    return err;
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_ecc_verify_521_ctx {
-    int state;
-    union {
-        sp_521_ecc_mulmod_9_ctx mulmod_ctx;
-        sp_521_mont_inv_order_9_ctx mont_inv_order_ctx;
-        sp_521_proj_point_dbl_9_ctx dbl_ctx;
-        sp_521_proj_point_add_9_ctx add_ctx;
-    };
-    sp_digit u1[2*9];
-    sp_digit u2[2*9];
-    sp_digit s[2*9];
-    sp_digit tmp[2*9 * 6];
-    sp_point_521 p1;
-    sp_point_521 p2;
-} sp_ecc_verify_521_ctx;
-
-int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
-    word32 hashLen, const mp_int* pX, const mp_int* pY, const mp_int* pZ,
-    const mp_int* rm, const mp_int* sm, int* res, void* heap)
-{
-    int err = FP_WOULDBLOCK;
-    sp_ecc_verify_521_ctx* ctx = (sp_ecc_verify_521_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_ecc_verify_521_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        if (hashLen > 66U) {
-            hashLen = 66U;
-        }
-
-        sp_521_from_bin(ctx->u1, 9, hash, (int)hashLen);
-        sp_521_from_mp(ctx->u2, 9, rm);
-        sp_521_from_mp(ctx->s, 9, sm);
-        sp_521_from_mp(ctx->p2.x, 9, pX);
-        sp_521_from_mp(ctx->p2.y, 9, pY);
-        sp_521_from_mp(ctx->p2.z, 9, pZ);
-        if (hashLen == 66U) {
-            sp_521_rshift_9(ctx->u1, ctx->u1, 7);
-        }
-        ctx->state = 1;
-        break;
-    case 1: /* NORMS0 */
-        sp_521_mul_9(ctx->s, ctx->s, p521_norm_order);
-        err = sp_521_mod_9(ctx->s, ctx->s, p521_order);
-        if (err == MP_OKAY)
-            ctx->state = 2;
-        break;
-    case 2: /* NORMS1 */
-        sp_521_norm_9(ctx->s);
-        XMEMSET(&ctx->mont_inv_order_ctx, 0, sizeof(ctx->mont_inv_order_ctx));
-        ctx->state = 3;
-        break;
-    case 3: /* NORMS2 */
-        err = sp_521_mont_inv_order_9_nb((sp_ecc_ctx_t*)&ctx->mont_inv_order_ctx, ctx->s, ctx->s, ctx->tmp);
-        if (err == MP_OKAY) {
-            ctx->state = 4;
-        }
-        break;
-    case 4: /* NORMS3 */
-        sp_521_mont_mul_order_9(ctx->u1, ctx->u1, ctx->s);
-        ctx->state = 5;
-        break;
-    case 5: /* NORMS4 */
-        sp_521_mont_mul_order_9(ctx->u2, ctx->u2, ctx->s);
-        XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-        ctx->state = 6;
-        break;
-    case 6: /* MULBASE */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p1, &p521_base, ctx->u1, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_9(ctx->p1.z)) {
-                ctx->p1.infinity = 1;
-            }
-            XMEMSET(&ctx->mulmod_ctx, 0, sizeof(ctx->mulmod_ctx));
-            ctx->state = 7;
-        }
-        break;
-    case 7: /* MULMOD */
-        err = sp_521_ecc_mulmod_9_nb((sp_ecc_ctx_t*)&ctx->mulmod_ctx, &ctx->p2, &ctx->p2, ctx->u2, 0, 0, heap);
-        if (err == MP_OKAY) {
-            if (sp_521_iszero_9(ctx->p2.z)) {
-                ctx->p2.infinity = 1;
-            }
-            XMEMSET(&ctx->add_ctx, 0, sizeof(ctx->add_ctx));
-            ctx->state = 8;
-        }
-        break;
-    case 8: /* ADD */
-        err = sp_521_proj_point_add_9_nb((sp_ecc_ctx_t*)&ctx->add_ctx, &ctx->p1, &ctx->p1, &ctx->p2, ctx->tmp);
-        if (err == MP_OKAY)
-            ctx->state = 9;
-        break;
-    case 9: /* MONT */
-        /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
-        /* Reload r and convert to Montgomery form. */
-        sp_521_from_mp(ctx->u2, 9, rm);
-        err = sp_521_mod_mul_norm_9(ctx->u2, ctx->u2, p521_mod);
-        if (err == MP_OKAY)
-            ctx->state = 10;
-        break;
-    case 10: /* SQR */
-        /* u1 = r.z'.z' mod prime */
-        sp_521_mont_sqr_9(ctx->p1.z, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11: /* MUL */
-        sp_521_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p521_mod, p521_mp_mod);
-        ctx->state = 12;
-        break;
-    case 12: /* RES */
-    {
-        sp_int64 c = 0;
-        err = MP_OKAY; /* math okay, now check result */
-        *res = (int)(sp_521_cmp_9(ctx->p1.x, ctx->u1) == 0);
-        if (*res == 0) {
-            sp_digit carry;
-
-            /* Reload r and add order. */
-            sp_521_from_mp(ctx->u2, 9, rm);
-            carry = sp_521_add_9(ctx->u2, ctx->u2, p521_order);
-            /* Carry means result is greater than mod and is not valid. */
-            if (carry == 0) {
-                sp_521_norm_9(ctx->u2);
-
-                /* Compare with mod and if greater or equal then not valid. */
-                c = sp_521_cmp_9(ctx->u2, p521_mod);
-            }
-        }
-        if ((*res == 0) && (c < 0)) {
-            /* Convert to Montogomery form */
-            err = sp_521_mod_mul_norm_9(ctx->u2, ctx->u2, p521_mod);
-            if (err == MP_OKAY) {
-                /* u1 = (r + 1*order).z'.z' mod prime */
-                sp_521_mont_mul_9(ctx->u1, ctx->u2, ctx->p1.z, p521_mod,
-                                                            p521_mp_mod);
-                *res = (int)(sp_521_cmp_9(ctx->p1.x, ctx->u1) == 0);
-            }
-        }
-        break;
-    }
-    } /* switch */
-
-    if (err == MP_OKAY && ctx->state != 12) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-#endif /* HAVE_ECC_VERIFY */
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_521_ecc_is_point_9(const sp_point_521* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 9 * 4);
-    sp_digit* t2 = NULL;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 9 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 9;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_521_sqr_9(t1, point->y);
-        (void)sp_521_mod_9(t1, t1, p521_mod);
-        sp_521_sqr_9(t2, point->x);
-        (void)sp_521_mod_9(t2, t2, p521_mod);
-        sp_521_mul_9(t2, t2, point->x);
-        (void)sp_521_mod_9(t2, t2, p521_mod);
-        sp_521_mont_sub_9(t1, t1, t2, p521_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-        sp_521_mont_add_9(t1, t1, point->x, p521_mod);
-
-
-        if (sp_521_cmp_9(t1, p521_b) != 0) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_521, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_521, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(pub->x, 9, pX);
-        sp_521_from_mp(pub->y, 9, pY);
-        sp_521_from_bin(pub->z, 9, one, (int)sizeof(one));
-
-        err = sp_521_ecc_is_point_9(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_521(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 9);
-    SP_DECL_VAR(sp_point_521, pub, 2);
-    sp_point_521* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 521) ||
-        (mp_count_bits(pY) > 521) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 521)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 9, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_521_from_mp(pub->x, 9, pX);
-        sp_521_from_mp(pub->y, 9, pY);
-        sp_521_from_bin(pub->z, 9, one, (int)sizeof(one));
-        if (privm)
-            sp_521_from_mp(priv, 9, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_521_iszero_9(pub->x) != 0) &&
-            (sp_521_iszero_9(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_521_cmp_9(pub->x, p521_mod) >= 0) ||
-             (sp_521_cmp_9(pub->y, p521_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_521_ecc_is_point_9(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_521_ecc_mulmod_avx2_9(p, pub, p521_order, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_521_ecc_mulmod_9(p, pub, p521_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_521_iszero_9(p->x) == 0) ||
-                             (sp_521_iszero_9(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_521_ecc_mulmod_base_avx2_9(p, priv, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_521_ecc_mulmod_base_9(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_521_cmp_9(p->x, pub->x) != 0) ||
-                 (sp_521_cmp_9(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
-/* Add two projective EC points together.
- * (pX, pY, pZ) + (qX, qY, qZ) = (rX, rY, rZ)
- *
- * pX   First EC point's X ordinate.
- * pY   First EC point's Y ordinate.
- * pZ   First EC point's Z ordinate.
- * qX   Second EC point's X ordinate.
- * qY   Second EC point's Y ordinate.
- * qZ   Second EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_add_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* qX, mp_int* qY, mp_int* qZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 6);
-    SP_DECL_VAR(sp_point_521, p, 2);
-    sp_point_521* q = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 6, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 2, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        q = p + 1;
-
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        sp_521_from_mp(q->x, 9, qX);
-        sp_521_from_mp(q->y, 9, qY);
-        sp_521_from_mp(q->z, 9, qZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-        q->infinity = sp_521_iszero_9(q->x) &
-                      sp_521_iszero_9(q->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_proj_point_add_avx2_9(p, p, q, tmp);
-        }
-        else
-#endif
-            sp_521_proj_point_add_9(p, p, q, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Double a projective EC point.
- * (pX, pY, pZ) + (pX, pY, pZ) = (rX, rY, rZ)
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * rX   Resultant EC point's X ordinate.
- * rY   Resultant EC point's Y ordinate.
- * rZ   Resultant EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_proj_dbl_point_521(mp_int* pX, mp_int* pY, mp_int* pZ,
-                              mp_int* rX, mp_int* rY, mp_int* rZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 2);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_proj_point_dbl_avx2_9(p, p, tmp);
-        }
-        else
-#endif
-            sp_521_proj_point_dbl_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, rX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, rY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, rZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Map a projective EC point to affine in place.
- * pZ will be one.
- *
- * pX   EC point's X ordinate.
- * pY   EC point's Y ordinate.
- * pZ   EC point's Z ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_map_521(mp_int* pX, mp_int* pY, mp_int* pZ)
-{
-    SP_DECL_VAR(sp_digit, tmp, 2 * 9 * 5);
-    SP_DECL_VAR(sp_point_521, p, 1);
-    int err = MP_OKAY;
-
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 9 * 5, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_521, p, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_521_from_mp(p->x, 9, pX);
-        sp_521_from_mp(p->y, 9, pY);
-        sp_521_from_mp(p->z, 9, pZ);
-        p->infinity = sp_521_iszero_9(p->x) &
-                      sp_521_iszero_9(p->y);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_map_avx2_9(p, p, tmp);
-        }
-        else
-#endif
-            sp_521_map_9(p, p, tmp);
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->x, pX);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->y, pY);
-    }
-    if (err == MP_OKAY) {
-        err = sp_521_to_mp(p->z, pZ);
-    }
-
-    SP_FREE_VAR(p, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif /* WOLFSSL_PUBLIC_ECC_ADD_DBL */
-#ifdef HAVE_COMP_KEY
-/* Square root power for the P521 curve. */
-static const word64 p521_sqrt_power[9] = {
-    0x0000000000000000,0x0000000000000000,0x0000000000000000,
-    0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000,0x0000000000000000,
-    0x0000000000000080
-};
-
-/* Find the square root of a number mod the prime of the curve.
- *
- * y  The number to operate on and the result.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_521_mont_sqrt_9(sp_digit* y)
-{
-    SP_DECL_VAR(sp_digit, t, 2 * 9);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, t, 2 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 9);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_avx2_9(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64)))
-                    sp_521_mont_mul_avx2_9(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 9);
-        }
-        else
-#endif
-        {
-            int i;
-
-            XMEMCPY(t, y, sizeof(sp_digit) * 9);
-            for (i=518; i>=0; i--) {
-                sp_521_mont_sqr_9(t, t, p521_mod, p521_mp_mod);
-                if (p521_sqrt_power[i / 64] & ((sp_digit)1 << (i % 64)))
-                    sp_521_mont_mul_9(t, t, y, p521_mod, p521_mp_mod);
-            }
-            XMEMCPY(y, t, sizeof(sp_digit) * 9);
-        }
-    }
-
-    SP_FREE_VAR(t, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-
-/* Uncompress the point given the X ordinate.
- *
- * xm    X ordinate.
- * odd   Whether the Y ordinate is odd.
- * ym    Calculated Y ordinate.
- * returns MEMORY_E if dynamic memory allocation fails and MP_OKAY otherwise.
- */
-int sp_ecc_uncompress_521(mp_int* xm, int odd, mp_int* ym)
-{
-    SP_DECL_VAR(sp_digit, x, 4 * 9);
-    sp_digit* y = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_digit, x, 4 * 9, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        y = x + 2 * 9;
-
-        sp_521_from_mp(x, 9, xm);
-        err = sp_521_mod_mul_norm_9(x, x, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        /* y = x^3 */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_521_mont_sqr_avx2_9(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_avx2_9(y, y, x, p521_mod, p521_mp_mod);
-        }
-        else
-#endif
-        {
-            sp_521_mont_sqr_9(y, x, p521_mod, p521_mp_mod);
-            sp_521_mont_mul_9(y, y, x, p521_mod, p521_mp_mod);
-        }
-        /* y = x^3 - 3x */
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        sp_521_mont_sub_9(y, y, x, p521_mod);
-        /* y = x^3 - 3x + b */
-        err = sp_521_mod_mul_norm_9(x, p521_b, p521_mod);
-    }
-    if (err == MP_OKAY) {
-        sp_521_mont_add_9(y, y, x, p521_mod);
-        /* y = sqrt(x^3 - 3x + b) */
-        err = sp_521_mont_sqrt_9(y);
-    }
-    if (err == MP_OKAY) {
-        XMEMSET(y + 9, 0, 9U * sizeof(sp_digit));
-        sp_521_mont_reduce_9(y, p521_mod, p521_mp_mod);
-        if ((((word32)y[0] ^ (word32)odd) & 1U) != 0U) {
-            sp_521_mont_sub_9(y, p521_mod, y, p521_mod);
-        }
-
-        err = sp_521_to_mp(y, ym);
-    }
-
-    SP_FREE_VAR(x, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_521 */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-#ifdef WOLFSSL_SP_1024
-
-/* Point structure to use. */
-typedef struct sp_point_1024 {
-    /* X ordinate of point. */
-    sp_digit x[2 * 16];
-    /* Y ordinate of point. */
-    sp_digit y[2 * 16];
-    /* Z ordinate of point. */
-    sp_digit z[2 * 16];
-    /* Indicates point is at infinity. */
-    int infinity;
-} sp_point_1024;
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_sqr_16(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mul_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_sqr_avx2_16(sp_digit* r, const sp_digit* a);
-#ifdef __cplusplus
-}
-#endif
-/* The modulus (prime) of the curve P1024. */
-static const sp_digit p1024_mod[16] = {
-    0x666d807afea85febL,0x80c5df10ac7ace87L,0xfce3e82389857db0L,
-    0x9f94d6af56971f1fL,0xa7cf3c521c3c09aaL,0xb6aff4a831852a82L,
-    0x512ac5cd65681ce1L,0xe26c6487326b4cd4L,0x356d27f4a666a6d0L,
-    0xe791b39ff7c88a19L,0x228730d531a59cb0L,0xf40aab27e2fc0f1bL,
-    0xbe9ae358b3e01a2eL,0x416c0ce19cb48261L,0x65c61198dad0657aL,
-    0x997abb1f0a563fdaL
-};
-/* The Montgomery normalizer for modulus of the curve P1024. */
-static const sp_digit p1024_norm_mod[16] = {
-    0x99927f850157a015L,0x7f3a20ef53853178L,0x031c17dc767a824fL,
-    0x606b2950a968e0e0L,0x5830c3ade3c3f655L,0x49500b57ce7ad57dL,
-    0xaed53a329a97e31eL,0x1d939b78cd94b32bL,0xca92d80b5999592fL,
-    0x186e4c60083775e6L,0xdd78cf2ace5a634fL,0x0bf554d81d03f0e4L,
-    0x41651ca74c1fe5d1L,0xbe93f31e634b7d9eL,0x9a39ee67252f9a85L,
-    0x668544e0f5a9c025L
-};
-/* The Montgomery multiplier for modulus of the curve P1024. */
-static sp_digit p1024_mp_mod = 0x290420077c8f2f3d;
-#if defined(WOLFSSL_SP_SMALL) || defined(HAVE_ECC_CHECK_KEY)
-/* The order of the curve P1024. */
-static const sp_digit p1024_order[16] = {
-    0xd99b601ebfaa17fbL,0x203177c42b1eb3a1L,0xff38fa08e2615f6cL,
-    0xa7e535abd5a5c7c7L,0xa9f3cf14870f026aL,0x6dabfd2a0c614aa0L,
-    0x144ab173595a0738L,0x389b1921cc9ad335L,0x4d5b49fd2999a9b4L,
-    0x39e46ce7fdf22286L,0xc8a1cc354c69672cL,0xbd02aac9f8bf03c6L,
-    0x6fa6b8d62cf8068bL,0x905b0338672d2098L,0x9971846636b4195eL,
-    0x265eaec7c2958ff6L
-};
-#endif
-/* The base point of curve P1024. */
-static const sp_point_1024 p1024_base = {
-    /* X ordinate */
-    {
-        0x880dc8abeae63895L,0x80ec46c4967e0979L,0xee9163a5b63f73ecL,
-        0xd5cfb4cc80728d87L,0xa7c1514dba66910dL,0xa702c3397a60de74L,
-        0x337c86548b72f2e1L,0x9760af765dd5bccbL,0x718bd9e7406ce890L,
-        0x43d5f22cdb9dfa55L,0xab10db9030b09e10L,0xb5edb6c0f6ce2308L,
-        0x98b2f204b6ff7cbfL,0x2b1a2fd60aec69c6L,0x0a7990053ed9b52aL,
-        0x53fc09ee332c29adL,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Y ordinate */
-    {
-        0x75573fd71bef16d7L,0xadb9b5706a67dcdeL,0x80bdad5ad5bb4636L,
-        0x13515ad7e9cb99a9L,0x492d979fc5a4d5f2L,0xac6f1e80164aa989L,
-        0xcad696b5b7652fe0L,0x70dae117ad547c6cL,0x416cff0ca9e032b9L,
-        0x6b598ccf9a140b2eL,0xe7f7f5e5f0de55f6L,0xf5ea69f4654ec2b9L,
-        0x3d778d821e141178L,0xd3e8201602990696L,0xf9f1f0533634a135L,
-        0x0a8249063f6009f1L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* Z ordinate */
-    {
-        0x0000000000000001L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,0x0000000000000000L,0x0000000000000000L,
-        0x0000000000000000L,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0, (sp_digit)0,
-        (sp_digit)0
-    },
-    /* infinity */
-    0
-};
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_1024_sub_in_place_16(sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_1024_cond_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_1024_cond_sub_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mul_d_16(sp_digit* r, const sp_digit* a, sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mul_d_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit b);
-#ifdef __cplusplus
-}
-#endif
-#if defined(_WIN64) && !defined(__clang__)
-#if _MSC_VER < 1920
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit div_1024_word_asm_16(sp_digit d1, sp_digit d0, sp_digit div);
-#ifdef __cplusplus
-}
-#endif
-#endif /* _MSC_VER < 1920 */
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_1024_word_16(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-#if _MSC_VER >= 1920
-    return _udiv128(d1, d0, div, NULL);
-#else
-    return div_1024_word_asm_16(d1, d0, div);
-#endif
-}
-#else
-/* Divide the double width number (d1|d0) by the dividend. (d1|d0 / div)
- *
- * d1   The high order half of the number to divide.
- * d0   The low order half of the number to divide.
- * div  The dividend.
- * returns the result of the division.
- */
-static WC_INLINE sp_digit div_1024_word_16(sp_digit d1, sp_digit d0,
-        sp_digit div)
-{
-    register sp_digit r asm("rax");
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    __asm__ __volatile__ (
-        "divq %3"
-        : "=a" (r)
-        : "d" (d1), "a" (d0), "r" (div)
-        :
-    );
-    return r;
-}
-#endif /* _WIN64 && !__clang__ */
-/* AND m into each word of a and store in r.
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * m  Mask to AND against each digit.
- */
-static void sp_1024_mask_16(sp_digit* r, const sp_digit* a, sp_digit m)
-{
-#ifdef WOLFSSL_SP_SMALL
-    int i;
-
-    for (i=0; i<16; i++) {
-        r[i] = a[i] & m;
-    }
-#else
-    int i;
-
-    for (i = 0; i < 16; i += 8) {
-        r[i+0] = a[i+0] & m;
-        r[i+1] = a[i+1] & m;
-        r[i+2] = a[i+2] & m;
-        r[i+3] = a[i+3] & m;
-        r[i+4] = a[i+4] & m;
-        r[i+5] = a[i+5] & m;
-        r[i+6] = a[i+6] & m;
-        r[i+7] = a[i+7] & m;
-    }
-#endif
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
-/* Divide d in a and put remainder into r (m*d + r = a)
- * m is not calculated as it is not needed at this time.
- *
- * a  Number to be divided.
- * d  Number to divide with.
- * m  Multiplier result.
- * r  Remainder from the division.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
-{
-    sp_digit t1[32];
-    sp_digit t2[17];
-    sp_digit div;
-    sp_digit r1;
-    int i;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-    (void)m;
-
-    div = d[15];
-    XMEMCPY(t1, a, sizeof(*t1) * 2 * 16);
-    r1 = sp_1024_cmp_16(&t1[16], d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_1024_cond_sub_avx2_16(&t1[16], &t1[16], d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_1024_cond_sub_16(&t1[16], &t1[16], d, (sp_digit)0 - r1);
-    for (i = 15; i >= 0; i--) {
-        sp_digit mask = (sp_digit)0 - (t1[16 + i] == div);
-        sp_digit hi = t1[16 + i] + mask;
-        r1 = div_1024_word_16(hi, t1[16 + i - 1], div);
-        r1 |= mask;
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-            sp_1024_mul_d_avx2_16(t2, d, r1);
-        else
-#endif
-            sp_1024_mul_d_16(t2, d, r1);
-        t1[16 + i] += sp_1024_sub_in_place_16(&t1[i], t2);
-        t1[16 + i] -= t2[16];
-        sp_1024_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_1024_add_16(&t1[i], &t1[i], t2);
-        sp_1024_mask_16(t2, d, t1[16 + i]);
-        t1[16 + i] += sp_1024_add_16(&t1[i], &t1[i], t2);
-    }
-
-    r1 = sp_1024_cmp_16(t1, d) >= 0;
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags))
-        sp_1024_cond_sub_avx2_16(r, t1, d, (sp_digit)0 - r1);
-    else
-#endif
-        sp_1024_cond_sub_16(r, t1, d, (sp_digit)0 - r1);
-
-    return MP_OKAY;
-}
-
-/* Reduce a modulo m into r. (r = a mod m)
- *
- * r  A single precision number that is the reduced result.
- * a  A single precision number that is to be reduced.
- * m  A single precision number that is the modulus to reduce with.
- * returns MP_OKAY indicating success.
- */
-static WC_INLINE int sp_1024_mod_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m)
-{
-    ASSERT_SAVED_VECTOR_REGISTERS();
-    return sp_1024_div_16(a, m, NULL, r);
-}
-
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_1024_mul_16(r, a, p1024_norm_mod);
-    return sp_1024_mod_16(r, r, m);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply a number by Montgomery normalizer mod modulus (prime).
- *
- * r  The resulting Montgomery form number.
- * a  The number to convert.
- * m  The modulus (prime).
- * returns MEMORY_E when memory allocation fails and MP_OKAY otherwise.
- */
-static int sp_1024_mod_mul_norm_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
-{
-    sp_1024_mul_avx2_16(r, a, p1024_norm_mod);
-    return sp_1024_mod_16(r, r, m);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Create a new point.
- *
- * heap  [in]   Buffer to allocate dynamic memory from.
- * sp    [in]   Data for point - only if not allocating.
- * p     [out]  New point.
- * returns MEMORY_E when dynamic memory allocation fails and 0 otherwise.
- */
-static int sp_1024_point_new_ex_16(void* heap, sp_point_1024* sp,
-    sp_point_1024** p)
-{
-    int ret = MP_OKAY;
-    (void)heap;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    (void)sp;
-    *p = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024), heap, DYNAMIC_TYPE_ECC);
-#else
-    *p = sp;
-#endif
-    if (*p == NULL) {
-        ret = MEMORY_E;
-    }
-    return ret;
-}
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-/* Allocate memory for point and return error. */
-#define sp_1024_point_new_16(heap, sp, p) sp_1024_point_new_ex_16((heap), NULL, &(p))
-#else
-/* Set pointer to data and return no error. */
-#define sp_1024_point_new_16(heap, sp, p) sp_1024_point_new_ex_16((heap), &(sp), &(p))
-#endif
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#ifdef WOLFCRYPT_HAVE_SAKKE
-/* Free the point.
- *
- * p      [in,out]  Point to free.
- * clear  [in]      Indicates whether to zeroize point.
- * heap   [in]      Buffer from which dynamic memory was allocate from.
- */
-static void sp_1024_point_free_16(sp_point_1024* p, int clear, void* heap)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    /* If valid pointer then clear point data if requested and free data. */
-    if (p != NULL) {
-        if (clear) {
-            XMEMSET(p, 0, sizeof(*p));
-        }
-        XFREE(p, heap, DYNAMIC_TYPE_ECC);
-    }
-#else
-    /* Clear point data if requested. */
-    if ((p != NULL) && clear) {
-        XMEMSET(p, 0, sizeof(*p));
-    }
-#endif
-    (void)heap;
-}
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 64
-    int i;
-    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
-    int o = 0;
-
-    for (i = 0; i < size; i++) {
-        sp_digit mask = (sp_digit)0 - (j >> 63);
-        r[i] = a->dp[o] & mask;
-        j++;
-        o += (int)(j >> 63);
-    }
-#elif DIGIT_BIT > 64
-    unsigned int i;
-    int j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i] << s);
-        r[j] &= 0xffffffffffffffffl;
-        s = 64U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 64U) <= (word32)DIGIT_BIT) {
-            s += 64U;
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (sp_digit)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = (sp_digit)0;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    unsigned int i;
-    int j = 0;
-    int s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < (unsigned int)a->used && j < size; i++) {
-        r[j] |= ((sp_digit)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 64) {
-            r[j] &= 0xffffffffffffffffl;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 64 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Convert a point of type ecc_point to type sp_point_1024.
- *
- * p   Point of type sp_point_1024 (result).
- * pm  Point of type ecc_point.
- */
-static void sp_1024_point_from_ecc_point_16(sp_point_1024* p,
-        const ecc_point* pm)
-{
-    XMEMSET(p->x, 0, sizeof(p->x));
-    XMEMSET(p->y, 0, sizeof(p->y));
-    XMEMSET(p->z, 0, sizeof(p->z));
-    sp_1024_from_mp(p->x, 16, pm->x);
-    sp_1024_from_mp(p->y, 16, pm->y);
-    sp_1024_from_mp(p->z, 16, pm->z);
-    p->infinity = 0;
-}
-
-/* Convert an array of sp_digit to an mp_int.
- *
- * a  A single precision integer.
- * r  A multi-precision integer.
- */
-static int sp_1024_to_mp(const sp_digit* a, mp_int* r)
-{
-    int err;
-
-    err = mp_grow(r, (1024 + DIGIT_BIT - 1) / DIGIT_BIT);
-    if (err == MP_OKAY) { /*lint !e774 case where err is always MP_OKAY*/
-#if DIGIT_BIT == 64
-        XMEMCPY(r->dp, a, sizeof(sp_digit) * 16);
-        r->used = 16;
-        mp_clamp(r);
-#elif DIGIT_BIT < 64
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 16; i++) {
-            r->dp[j] |= (mp_digit)(a[i] << s);
-            r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-            s = DIGIT_BIT - s;
-            r->dp[++j] = (mp_digit)(a[i] >> s);
-            while (s + DIGIT_BIT <= 64) {
-                s += DIGIT_BIT;
-                r->dp[j++] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-                if (s == SP_WORD_SIZE) {
-                    r->dp[j] = 0;
-                }
-                else {
-                    r->dp[j] = (mp_digit)(a[i] >> s);
-                }
-            }
-            s = 64 - s;
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#else
-        int i;
-        int j = 0;
-        int s = 0;
-
-        r->dp[0] = 0;
-        for (i = 0; i < 16; i++) {
-            r->dp[j] |= ((mp_digit)a[i]) << s;
-            if (s + 64 >= DIGIT_BIT) {
-    #if DIGIT_BIT != 32 && DIGIT_BIT != 64
-                r->dp[j] &= ((sp_digit)1 << DIGIT_BIT) - 1;
-    #endif
-                s = DIGIT_BIT - s;
-                r->dp[++j] = a[i] >> s;
-                s = 64 - s;
-            }
-            else {
-                s += 64;
-            }
-        }
-        r->used = (1024 + DIGIT_BIT - 1) / DIGIT_BIT;
-        mp_clamp(r);
-#endif
-    }
-
-    return err;
-}
-
-/* Convert a point of type sp_point_1024 to type ecc_point.
- *
- * p   Point of type sp_point_1024.
- * pm  Point of type ecc_point (result).
- * returns MEMORY_E when allocation of memory in ecc_point fails otherwise
- * MP_OKAY.
- */
-static int sp_1024_point_to_ecc_point_16(const sp_point_1024* p, ecc_point* pm)
-{
-    int err;
-
-    err = sp_1024_to_mp(p->x, pm->x);
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->y, pm->y);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(p->z, pm->z);
-    }
-
-    return err;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_cond_copy_16(sp_digit* r, const sp_digit* a, sp_digit m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_16(r, a, b);
-    sp_1024_mont_reduce_16(r, m, mp);
-}
-
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_16(r, a);
-    sp_1024_mont_reduce_16(r, m, mp);
-}
-
-/* Mod-2 for the P1024 curve. */
-static const word8 p1024_mod_minus_2[] = {
-     6,0x06,  7,0x0f,  7,0x0b,  6,0x0c,  7,0x1e,  9,0x09,  7,0x0c,  7,0x1f,
-     6,0x16,  6,0x06,  7,0x0e,  8,0x10,  6,0x03,  8,0x11,  6,0x0d,  7,0x14,
-     9,0x12,  6,0x0f,  7,0x04,  9,0x0d,  6,0x00,  7,0x13,  6,0x01,  6,0x07,
-     8,0x0d,  8,0x00,  6,0x06,  9,0x17,  6,0x14,  6,0x15,  6,0x11,  6,0x0b,
-     9,0x0c,  6,0x1e, 13,0x14,  7,0x0e,  6,0x1d, 12,0x0a,  6,0x0b,  8,0x07,
-     6,0x18,  6,0x0f,  6,0x10,  8,0x1c,  7,0x16,  7,0x02,  6,0x01,  6,0x13,
-    10,0x15,  7,0x06,  8,0x14,  6,0x0c,  6,0x19,  7,0x10,  6,0x19,  6,0x19,
-     9,0x16,  7,0x19,  6,0x1f,  6,0x17,  6,0x12,  8,0x02,  6,0x01,  6,0x04,
-     6,0x15,  7,0x16,  6,0x04,  6,0x1f,  6,0x09,  7,0x06,  7,0x13,  7,0x09,
-     6,0x0d, 10,0x18,  6,0x06,  6,0x11,  6,0x04,  6,0x01,  6,0x13,  8,0x06,
-     6,0x0d,  8,0x13,  7,0x08,  6,0x08,  6,0x05,  7,0x0c,  7,0x0e,  7,0x15,
-     6,0x05,  7,0x14, 10,0x19,  6,0x10,  6,0x16,  6,0x15,  7,0x1f,  6,0x14,
-     6,0x0a, 10,0x11,  6,0x01,  7,0x05,  7,0x08,  8,0x0a,  7,0x1e,  7,0x1c,
-     6,0x1c,  7,0x09, 10,0x18,  7,0x1c, 10,0x06,  6,0x0a,  6,0x07,  6,0x19,
-     7,0x06,  6,0x0d,  7,0x0f,  7,0x0b,  7,0x05,  6,0x11,  6,0x1c,  7,0x1f,
-     6,0x1e,  7,0x18,  6,0x1e,  6,0x00,  6,0x03,  6,0x02,  7,0x10,  6,0x0b,
-     6,0x1b,  7,0x10,  6,0x00,  8,0x11,  7,0x1b,  6,0x18,  6,0x01,  7,0x0c,
-     7,0x1d,  7,0x13,  6,0x08,  7,0x1b,  8,0x13,  7,0x16, 13,0x1d,  7,0x1f,
-     6,0x0a,  6,0x01,  7,0x1f,  6,0x14,  1,0x01
-};
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_16(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 16];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 16 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 16);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_16(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_16(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 16);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_16(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_16(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_16(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Normalize the values in each word to 64.
- *
- * a  Array of sp_digit to normalize.
- */
-#define sp_1024_norm_16(a)
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_int64 n;
-
-    sp_1024_mont_inv_16(t1, p->z, t + 2*16);
-
-    sp_1024_mont_sqr_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_16(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 16, 0, sizeof(sp_digit) * 16U);
-    sp_1024_mont_reduce_16(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_16(r->x, p1024_mod);
-    sp_1024_cond_sub_16(r->x, r->x, p1024_mod, (sp_digit)~(n >> 63));
-    sp_1024_norm_16(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_16(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 16, 0, sizeof(sp_digit) * 16U);
-    sp_1024_mont_reduce_16(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_16(r->y, p1024_mod);
-    sp_1024_cond_sub_16(r->y, r->y, p1024_mod, (sp_digit)~(n >> 63));
-    sp_1024_norm_16(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_16(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_16(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_16(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_16(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_16(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_16(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_16(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_16(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_16(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_16(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_16(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_16(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_16(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_16(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_16(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_16(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_16(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_16(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_16_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_16_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_16_ctx* ctx = (sp_1024_proj_point_dbl_16_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_16_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*16;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_16(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_16(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_16(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_16(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_16(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_16(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_16(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_16(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_16(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_16(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_16(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_16(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_16(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_16(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*16;
-    sp_digit* b = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t2 = t + 8*16;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_16(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_16(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_16(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_16(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_16(t2, b, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_16(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_16(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_16(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_16(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_16(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_16(t2, b, p1024_mod);
-    sp_1024_mont_sub_16(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_16(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_16(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_16(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_16(y, y, p1024_mod);
-}
-
-/* Compare two numbers to determine if they are equal.
- * Constant time implementation.
- *
- * a  First number to compare.
- * b  Second number to compare.
- * returns 1 when equal and 0 otherwise.
- */
-static int sp_1024_cmp_equal_16(const sp_digit* a, const sp_digit* b)
-{
-    return ((a[0] ^ b[0]) | (a[1] ^ b[1]) | (a[2] ^ b[2]) |
-            (a[3] ^ b[3]) | (a[4] ^ b[4]) | (a[5] ^ b[5]) |
-            (a[6] ^ b[6]) | (a[7] ^ b[7]) | (a[8] ^ b[8]) |
-            (a[9] ^ b[9]) | (a[10] ^ b[10]) | (a[11] ^ b[11]) |
-            (a[12] ^ b[12]) | (a[13] ^ b[13]) | (a[14] ^ b[14]) |
-            (a[15] ^ b[15])) == 0;
-}
-
-/* Returns 1 if the number of zero.
- * Implementation is constant time.
- *
- * a  Number to check.
- * returns 1 if the number is zero and 0 otherwise.
- */
-static int sp_1024_iszero_16(const sp_digit* a)
-{
-    return (a[0] | a[1] | a[2] | a[3] | a[4] | a[5] | a[6] | a[7] |
-            a[8] | a[9] | a[10] | a[11] | a[12] | a[13] | a[14] | a[15]) == 0;
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_16(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*16;
-    sp_digit* t2 = t + 4*16;
-    sp_digit* t3 = t + 6*16;
-    sp_digit* t4 = t + 8*16;
-    sp_digit* t5 = t + 10*16;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_16(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_16(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_16(t2, t1) &
-            sp_1024_cmp_equal_16(t4, t3)) {
-        sp_1024_proj_point_dbl_16(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_16(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_16(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_16(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_16(t3, y, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_16(y, y, x, p1024_mod);
-        sp_1024_mont_mul_16(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_16_ctx {
-    int state;
-    sp_1024_proj_point_dbl_16_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_16_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_16_ctx* ctx = (sp_1024_proj_point_add_16_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_16_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*16;
-        ctx->t2 = t + 4*16;
-        ctx->t3 = t + 6*16;
-        ctx->t4 = t + 8*16;
-        ctx->t5 = t + 10*16;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_16(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_16(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_16(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_16(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_16(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_16(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_16(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_16(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_16(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_16(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_16(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_16(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_16(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_16(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_16(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_16(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_16(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_16(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_16(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_16(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_16(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_16(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_16(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
-        const sp_point_1024* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*16;
-    sp_digit* b = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t2 = t + 8*16;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<16; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<16; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<16; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_16(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_16(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(w, w, p1024_mod, p1024_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_16(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_16(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_16(t2, b, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_16(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_16(t1, t1, p1024_mod, p1024_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_16(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, y, t1, p1024_mod);
-        /* Y = Y/2 */
-        sp_1024_mont_div2_16(r[j].y, y, p1024_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra,
-        sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t1, xa, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_16(t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t4, t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_16(t3, t3, ya, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-    /* H = U2 - U1 */
-    sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-    /* RS = S2 + S1 */
-    sp_1024_mont_add_16(t6, t4, t3, p1024_mod);
-    /* R = S2 - S1 */
-    sp_1024_mont_sub_16(t4, t4, t3, p1024_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_1024_mont_mul_16(za, za, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(za, za, t2, p1024_mod, p1024_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_1024_mont_sqr_16(xa, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(xs, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(ya, t1, t5, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(xa, xa, t5, p1024_mod);
-    sp_1024_mont_sub_16(xs, xs, t5, p1024_mod);
-    sp_1024_mont_dbl_16(t1, ya, p1024_mod);
-    sp_1024_mont_sub_16(xa, xa, t1, p1024_mod);
-    sp_1024_mont_sub_16(xs, xs, t1, p1024_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_16(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_16(ya, ya, xa, p1024_mod);
-    sp_1024_mont_mul_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(t6, p1024_mod, t6, p1024_mod);
-    sp_1024_mont_mul_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t5, t5, t3, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_16(ya, ya, t5, p1024_mod);
-    sp_1024_mont_sub_16(ys, ys, t5, p1024_mod);
-}
-
-/* Structure used to describe recoding of scalar multiplication. */
-typedef struct ecc_recode_1024 {
-    /* Index into pre-computation table. */
-    word8 i;
-    /* Use the negative of the point. */
-    word8 neg;
-} ecc_recode_1024;
-
-/* The index into pre-computation table to use. */
-static const word8 recode_index_16_7[130] = {
-     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
-    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-    32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
-    48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63,
-    64, 63, 62, 61, 60, 59, 58, 57, 56, 55, 54, 53, 52, 51, 50, 49,
-    48, 47, 46, 45, 44, 43, 42, 41, 40, 39, 38, 37, 36, 35, 34, 33,
-    32, 31, 30, 29, 28, 27, 26, 25, 24, 23, 22, 21, 20, 19, 18, 17,
-    16, 15, 14, 13, 12, 11, 10,  9,  8,  7,  6,  5,  4,  3,  2,  1,
-     0,  1,
-};
-
-/* Whether to negate y-ordinate. */
-static const word8 recode_neg_16_7[130] = {
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,  0,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,  1,
-     0,  0,
-};
-
-/* Recode the scalar for multiplication using pre-computed values and
- * subtraction.
- *
- * k  Scalar to multiply by.
- * v  Vector of operations to perform.
- */
-static void sp_1024_ecc_recode_7_16(const sp_digit* k, ecc_recode_1024* v)
-{
-    int i;
-    int j;
-    word8 y;
-    int carry = 0;
-    int o;
-    sp_digit n;
-
-    j = 0;
-    n = k[j];
-    o = 0;
-    for (i=0; i<147; i++) {
-        y = (word8)(int8_t)n;
-        if (o + 7 < 64) {
-            y &= 0x7f;
-            n >>= 7;
-            o += 7;
-        }
-        else if (o + 7 == 64) {
-            n >>= 7;
-            if (++j < 16)
-                n = k[j];
-            o = 0;
-        }
-        else if (++j < 16) {
-            n = k[j];
-            y |= (word8)((n << (64 - o)) & 0x7f);
-            o -= 57;
-            n >>= o;
-        }
-
-        y = (word8)(y + carry);
-        v[i].i = recode_index_16_7[y];
-        v[i].neg = recode_neg_16_7[y];
-        carry = (y >> 7) + v[i].neg;
-    }
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 7 bits. (Add-Sub variation.)
- * Calculate 0..64 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 65+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 16 * 37);
-    sp_point_1024* rt = NULL;
-    sp_point_1024* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_1024 v[147];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 65+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 16 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 65;
-        p  = t + 65+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_16(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t[1].y, g->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t[1].z, g->z, p1024_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[64]  */
-        sp_1024_proj_point_dbl_n_store_16(t, &t[ 1], 6, 1, tmp);
-        sp_1024_proj_point_add_16(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[ 6], &t[ 3], tmp);
-        sp_1024_proj_point_add_sub_16(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[10], &t[ 5], tmp);
-        sp_1024_proj_point_add_sub_16(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[12], &t[ 6], tmp);
-        sp_1024_proj_point_dbl_16(&t[14], &t[ 7], tmp);
-        sp_1024_proj_point_add_sub_16(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[18], &t[ 9], tmp);
-        sp_1024_proj_point_add_sub_16(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[20], &t[10], tmp);
-        sp_1024_proj_point_dbl_16(&t[22], &t[11], tmp);
-        sp_1024_proj_point_add_sub_16(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[24], &t[12], tmp);
-        sp_1024_proj_point_dbl_16(&t[26], &t[13], tmp);
-        sp_1024_proj_point_add_sub_16(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[28], &t[14], tmp);
-        sp_1024_proj_point_dbl_16(&t[30], &t[15], tmp);
-        sp_1024_proj_point_add_sub_16(&t[31], &t[29], &t[30], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[34], &t[17], tmp);
-        sp_1024_proj_point_add_sub_16(&t[35], &t[33], &t[34], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[36], &t[18], tmp);
-        sp_1024_proj_point_dbl_16(&t[38], &t[19], tmp);
-        sp_1024_proj_point_add_sub_16(&t[39], &t[37], &t[38], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[40], &t[20], tmp);
-        sp_1024_proj_point_dbl_16(&t[42], &t[21], tmp);
-        sp_1024_proj_point_add_sub_16(&t[43], &t[41], &t[42], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[44], &t[22], tmp);
-        sp_1024_proj_point_dbl_16(&t[46], &t[23], tmp);
-        sp_1024_proj_point_add_sub_16(&t[47], &t[45], &t[46], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[48], &t[24], tmp);
-        sp_1024_proj_point_dbl_16(&t[50], &t[25], tmp);
-        sp_1024_proj_point_add_sub_16(&t[51], &t[49], &t[50], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[52], &t[26], tmp);
-        sp_1024_proj_point_dbl_16(&t[54], &t[27], tmp);
-        sp_1024_proj_point_add_sub_16(&t[55], &t[53], &t[54], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[56], &t[28], tmp);
-        sp_1024_proj_point_dbl_16(&t[58], &t[29], tmp);
-        sp_1024_proj_point_add_sub_16(&t[59], &t[57], &t[58], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_16(&t[60], &t[30], tmp);
-        sp_1024_proj_point_dbl_16(&t[62], &t[31], tmp);
-        sp_1024_proj_point_add_sub_16(&t[63], &t[61], &t[62], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_1024_ecc_recode_7_16(k, v);
-
-        i = 146;
-        XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_1024));
-        for (--i; i>=0; i--) {
-            sp_1024_proj_point_dbl_n_16(rt, 7, tmp);
-            XMEMCPY(p, &t[v[i].i], sizeof(sp_point_1024));
-            sp_1024_mont_sub_16(negy, p1024_mod, p->y, p1024_mod);
-            sp_1024_norm_16(negy);
-            sp_1024_cond_copy_16(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_1024_proj_point_add_16(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_16(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef HAVE_INTEL_AVX2
-#ifdef HAVE_INTEL_AVX2
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit mp);
-#ifdef __cplusplus
-}
-#endif
-/* Multiply two Montgomery form numbers mod the modulus (prime).
- * (r = a * b mod m)
- *
- * r   Result of multiplication.
- * a   First number to multiply in Montgomery form.
- * b   Second number to multiply in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, const sp_digit* m, sp_digit mp)
-{
-    sp_1024_mul_avx2_16(r, a, b);
-    sp_1024_mont_reduce_avx2_16(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-#ifdef HAVE_INTEL_AVX2
-/* Square the Montgomery form number. (r = a * a mod m)
- *
- * r   Result of squaring.
- * a   Number to square in Montgomery form.
- * m   Modulus (prime).
- * mp  Montgomery multiplier.
- */
-SP_NOINLINE static void sp_1024_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* m, sp_digit mp)
-{
-    sp_1024_sqr_avx2_16(r, a);
-    sp_1024_mont_reduce_avx2_16(r, m, mp);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-
-/* Invert the number, in Montgomery form, modulo the modulus (prime) of the
- * P1024 curve. (r = 1 / a mod m)
- *
- * r   Inverse result.
- * a   Number to invert.
- * td  Temporary data.
- */
-static void sp_1024_mont_inv_avx2_16(sp_digit* r, const sp_digit* a,
-        sp_digit* td)
-{
-    sp_digit* t = &td[32 * 2 * 16];
-    int i;
-    int j;
-    sp_digit* table[32];
-
-    for (i = 0; i < 32; i++) {
-        table[i] = &td[2 * 16 * i];
-    }
-    XMEMCPY(table[0], a, sizeof(sp_digit) * 16);
-    for (i = 1; i < 6; i++) {
-        sp_1024_mont_sqr_avx2_16(table[0], table[0], p1024_mod, p1024_mp_mod);
-    }
-    for (i = 1; i < 32; i++) {
-        sp_1024_mont_mul_avx2_16(table[i], table[i-1], a, p1024_mod, p1024_mp_mod);
-    }
-
-    XMEMCPY(t, table[p1024_mod_minus_2[1]], sizeof(sp_digit) * 16);
-    for (i = 2; i < (int)sizeof(p1024_mod_minus_2) - 2; i += 2) {
-        for (j = 0; j < p1024_mod_minus_2[i]; j++) {
-            sp_1024_mont_sqr_avx2_16(t, t, p1024_mod, p1024_mp_mod);
-        }
-        sp_1024_mont_mul_avx2_16(t, t, table[p1024_mod_minus_2[i+1]], p1024_mod,
-            p1024_mp_mod);
-    }
-    sp_1024_mont_sqr_avx2_16(t, t, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(r, t, a, p1024_mod, p1024_mp_mod);
-}
-
-/* Map the Montgomery form projective coordinate point to an affine point.
- *
- * r  Resulting affine coordinate point.
- * p  Montgomery form projective coordinate point.
- * t  Temporary ordinate data.
- */
-static void sp_1024_map_avx2_16(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_int64 n;
-
-    sp_1024_mont_inv_avx2_16(t1, p->z, t + 2*16);
-
-    sp_1024_mont_sqr_avx2_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    /* x /= z^2 */
-    sp_1024_mont_mul_avx2_16(r->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->x + 16, 0, sizeof(sp_digit) * 16U);
-    sp_1024_mont_reduce_avx2_16(r->x, p1024_mod, p1024_mp_mod);
-    /* Reduce x to less than modulus */
-    n = sp_1024_cmp_16(r->x, p1024_mod);
-    sp_1024_cond_sub_16(r->x, r->x, p1024_mod, (sp_digit)~(n >> 63));
-    sp_1024_norm_16(r->x);
-
-    /* y /= z^3 */
-    sp_1024_mont_mul_avx2_16(r->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMSET(r->y + 16, 0, sizeof(sp_digit) * 16U);
-    sp_1024_mont_reduce_avx2_16(r->y, p1024_mod, p1024_mp_mod);
-    /* Reduce y to less than modulus */
-    n = sp_1024_cmp_16(r->y, p1024_mod);
-    sp_1024_cond_sub_16(r->y, r->y, p1024_mod, (sp_digit)~(n >> 63));
-    sp_1024_norm_16(r->y);
-
-    XMEMSET(r->z, 0, sizeof(r->z) / 2);
-    r->z[0] = 1;
-}
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_add_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_dbl_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_tpl_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_sub_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_mont_div2_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_avx2_16(sp_point_1024* r, const sp_point_1024* p,
-    sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-
-    x = r->x;
-    y = r->y;
-    z = r->z;
-    /* Put infinity into result. */
-    if (r != p) {
-        r->infinity = p->infinity;
-    }
-
-    /* T1 = Z * Z */
-    sp_1024_mont_sqr_avx2_16(t1, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = Y * Z */
-    sp_1024_mont_mul_avx2_16(z, p->y, p->z, p1024_mod, p1024_mp_mod);
-    /* Z = 2Z */
-    sp_1024_mont_dbl_avx2_16(z, z, p1024_mod);
-    /* T2 = X - T1 */
-    sp_1024_mont_sub_avx2_16(t2, p->x, t1, p1024_mod);
-    /* T1 = X + T1 */
-    sp_1024_mont_add_avx2_16(t1, p->x, t1, p1024_mod);
-    /* T2 = T1 * T2 */
-    sp_1024_mont_mul_avx2_16(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* T1 = 3T2 */
-    sp_1024_mont_tpl_avx2_16(t1, t2, p1024_mod);
-    /* Y = 2Y */
-    sp_1024_mont_dbl_avx2_16(y, p->y, p1024_mod);
-    /* Y = Y * Y */
-    sp_1024_mont_sqr_avx2_16(y, y, p1024_mod, p1024_mp_mod);
-    /* T2 = Y * Y */
-    sp_1024_mont_sqr_avx2_16(t2, y, p1024_mod, p1024_mp_mod);
-    /* T2 = T2/2 */
-    sp_1024_mont_div2_avx2_16(t2, t2, p1024_mod);
-    /* Y = Y * X */
-    sp_1024_mont_mul_avx2_16(y, y, p->x, p1024_mod, p1024_mp_mod);
-    /* X = T1 * T1 */
-    sp_1024_mont_sqr_avx2_16(x, t1, p1024_mod, p1024_mp_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_avx2_16(x, x, y, p1024_mod);
-    /* X = X - Y */
-    sp_1024_mont_sub_avx2_16(x, x, y, p1024_mod);
-    /* Y = Y - X */
-    sp_1024_mont_sub_avx2_16(y, y, x, p1024_mod);
-    /* Y = Y * T1 */
-    sp_1024_mont_mul_avx2_16(y, y, t1, p1024_mod, p1024_mp_mod);
-    /* Y = Y - T2 */
-    sp_1024_mont_sub_avx2_16(y, y, t2, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_dbl_avx2_16_ctx {
-    int state;
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_dbl_avx2_16_ctx;
-
-/* Double the Montgomery form projective point p.
- *
- * r  Result of doubling point.
- * p  Point to double.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-        const sp_point_1024* p, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_dbl_avx2_16_ctx* ctx = (sp_1024_proj_point_dbl_avx2_16_ctx*)sp_ctx->data;
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_dbl_avx2_16_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0:
-        ctx->t1 = t;
-        ctx->t2 = t + 2*16;
-        ctx->x = r->x;
-        ctx->y = r->y;
-        ctx->z = r->z;
-
-        /* Put infinity into result. */
-        if (r != p) {
-            r->infinity = p->infinity;
-        }
-        ctx->state = 1;
-        break;
-    case 1:
-        /* T1 = Z * Z */
-        sp_1024_mont_sqr_avx2_16(ctx->t1, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        /* Z = Y * Z */
-        sp_1024_mont_mul_avx2_16(ctx->z, p->y, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        /* Z = 2Z */
-        sp_1024_mont_dbl_avx2_16(ctx->z, ctx->z, p1024_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* T2 = X - T1 */
-        sp_1024_mont_sub_avx2_16(ctx->t2, p->x, ctx->t1, p1024_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        /* T1 = X + T1 */
-        sp_1024_mont_add_avx2_16(ctx->t1, p->x, ctx->t1, p1024_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        /* T2 = T1 * T2 */
-        sp_1024_mont_mul_avx2_16(ctx->t2, ctx->t1, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* T1 = 3T2 */
-        sp_1024_mont_tpl_avx2_16(ctx->t1, ctx->t2, p1024_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* Y = 2Y */
-        sp_1024_mont_dbl_avx2_16(ctx->y, p->y, p1024_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Y = Y * Y */
-        sp_1024_mont_sqr_avx2_16(ctx->y, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 10;
-        break;
-    case 10:
-        /* T2 = Y * Y */
-        sp_1024_mont_sqr_avx2_16(ctx->t2, ctx->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* T2 = T2/2 */
-        sp_1024_mont_div2_avx2_16(ctx->t2, ctx->t2, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* Y = Y * X */
-        sp_1024_mont_mul_avx2_16(ctx->y, ctx->y, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        /* X = T1 * T1 */
-        sp_1024_mont_sqr_avx2_16(ctx->x, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        /* X = X - Y */
-        sp_1024_mont_sub_avx2_16(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* X = X - Y */
-        sp_1024_mont_sub_avx2_16(ctx->x, ctx->x, ctx->y, p1024_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        /* Y = Y - X */
-        sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        /* Y = Y * T1 */
-        sp_1024_mont_mul_avx2_16(ctx->y, ctx->y, ctx->t1, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        /* Y = Y - T2 */
-        sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->t2, p1024_mod);
-        ctx->state = 19;
-        /* fall-through */
-    case 19:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 19) {
-        err = FP_WOULDBLOCK;
-    }
-
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
-    sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*16;
-    sp_digit* b = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t2 = t + 8*16;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-    volatile int n = i;
-
-    x = p->x;
-    y = p->y;
-    z = p->z;
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_avx2_16(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_avx2_16(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_avx2_16(w, w, p1024_mod, p1024_mp_mod);
-#ifndef WOLFSSL_SP_SMALL
-    while (--n > 0)
-#else
-    while (--n >= 0)
-#endif
-    {
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_avx2_16(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
-        sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_avx2_16(z, z, y, p1024_mod, p1024_mp_mod);
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_avx2_16(t1, t1, p1024_mod, p1024_mp_mod);
-#ifdef WOLFSSL_SP_SMALL
-        if (n != 0)
-#endif
-        {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_avx2_16(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_avx2_16(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
-    }
-#ifndef WOLFSSL_SP_SMALL
-    /* A = 3*(X^2 - W) */
-    sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
-    /* B = X*Y^2 */
-    sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
-    /* X = A^2 - 2B */
-    sp_1024_mont_sqr_avx2_16(x, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
-    sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
-    /* B = 2.(B - X) */
-    sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
-    /* Z = Z*Y */
-    sp_1024_mont_mul_avx2_16(z, z, y, p1024_mod, p1024_mp_mod);
-    /* t1 = Y^4 */
-    sp_1024_mont_sqr_avx2_16(t1, t1, p1024_mod, p1024_mp_mod);
-    /* y = 2*A*(B - X) - Y^4 */
-    sp_1024_mont_mul_avx2_16(y, b, a, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
-#endif /* WOLFSSL_SP_SMALL */
-    /* Y = Y/2 */
-    sp_1024_mont_div2_avx2_16(y, y, p1024_mod);
-}
-
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
-        const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t6 = t;
-    sp_digit* t1 = t + 2*16;
-    sp_digit* t2 = t + 4*16;
-    sp_digit* t3 = t + 6*16;
-    sp_digit* t4 = t + 8*16;
-    sp_digit* t5 = t + 10*16;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_avx2_16(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t1, t1, p->x, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_avx2_16(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_avx2_16(t3, t3, p->y, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_avx2_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    /* Check double */
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_16(t2, t1) &
-            sp_1024_cmp_equal_16(t4, t3)) {
-        sp_1024_proj_point_dbl_avx2_16(r, p, t);
-    }
-    else {
-        sp_digit* x = t6;
-        sp_digit* y = t1;
-        sp_digit* z = t2;
-
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_avx2_16(t4, t4, t3, p1024_mod);
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_avx2_16(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(y, t1, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_avx2_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(z, z, q->z, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_avx2_16(x, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(x, x, t5, p1024_mod);
-        sp_1024_mont_mul_avx2_16(t5, t5, t3, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_avx2_16(t3, y, p1024_mod);
-        sp_1024_mont_sub_avx2_16(x, x, t3, p1024_mod);
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_avx2_16(y, y, x, p1024_mod);
-        sp_1024_mont_mul_avx2_16(y, y, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(y, y, t5, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#ifdef WOLFSSL_SP_NONBLOCK
-typedef struct sp_1024_proj_point_add_avx2_16_ctx {
-    int state;
-    sp_1024_proj_point_dbl_avx2_16_ctx dbl_ctx;
-    const sp_point_1024* ap[2];
-    sp_point_1024* rp[2];
-    sp_digit* t1;
-    sp_digit* t2;
-    sp_digit* t3;
-    sp_digit* t4;
-    sp_digit* t5;
-    sp_digit* t6;
-    sp_digit* x;
-    sp_digit* y;
-    sp_digit* z;
-} sp_1024_proj_point_add_avx2_16_ctx;
-
-/* Add two Montgomery form projective points.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    int err = FP_WOULDBLOCK;
-    sp_1024_proj_point_add_avx2_16_ctx* ctx = (sp_1024_proj_point_add_avx2_16_ctx*)sp_ctx->data;
-
-    /* Ensure only the first point is the same as the result. */
-    if (q == r) {
-        const sp_point_1024* a = p;
-        p = q;
-        q = a;
-    }
-
-    typedef char ctx_size_test[sizeof(sp_1024_proj_point_add_avx2_16_ctx) >= sizeof(*sp_ctx) ? -1 : 1];
-    (void)sizeof(ctx_size_test);
-
-    switch (ctx->state) {
-    case 0: /* INIT */
-        ctx->t6 = t;
-        ctx->t1 = t + 2*16;
-        ctx->t2 = t + 4*16;
-        ctx->t3 = t + 6*16;
-        ctx->t4 = t + 8*16;
-        ctx->t5 = t + 10*16;
-        ctx->x = ctx->t6;
-        ctx->y = ctx->t1;
-        ctx->z = ctx->t2;
-
-        ctx->state = 1;
-        break;
-    case 1:
-        /* U1 = X1*Z2^2 */
-        sp_1024_mont_sqr_avx2_16(ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 2;
-        break;
-    case 2:
-        sp_1024_mont_mul_avx2_16(ctx->t3, ctx->t1, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 3;
-        break;
-    case 3:
-        sp_1024_mont_mul_avx2_16(ctx->t1, ctx->t1, p->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 4;
-        break;
-    case 4:
-        /* U2 = X2*Z1^2 */
-        sp_1024_mont_sqr_avx2_16(ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 5;
-        break;
-    case 5:
-        sp_1024_mont_mul_avx2_16(ctx->t4, ctx->t2, p->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 6;
-        break;
-    case 6:
-        sp_1024_mont_mul_avx2_16(ctx->t2, ctx->t2, q->x, p1024_mod, p1024_mp_mod);
-        ctx->state = 7;
-        break;
-    case 7:
-        /* S1 = Y1*Z2^3 */
-        sp_1024_mont_mul_avx2_16(ctx->t3, ctx->t3, p->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 8;
-        break;
-    case 8:
-        /* S2 = Y2*Z1^3 */
-        sp_1024_mont_mul_avx2_16(ctx->t4, ctx->t4, q->y, p1024_mod, p1024_mp_mod);
-        ctx->state = 9;
-        break;
-    case 9:
-        /* Check double */
-        if ((~p->infinity) & (~q->infinity) &
-                sp_1024_cmp_equal_16(ctx->t2, ctx->t1) &
-                sp_1024_cmp_equal_16(ctx->t4, ctx->t3)) {
-            XMEMSET(&ctx->dbl_ctx, 0, sizeof(ctx->dbl_ctx));
-            sp_1024_proj_point_dbl_avx2_16(r, p, t);
-            ctx->state = 25;
-        }
-        else {
-            ctx->state = 10;
-        }
-        break;
-    case 10:
-        /* H = U2 - U1 */
-        sp_1024_mont_sub_avx2_16(ctx->t2, ctx->t2, ctx->t1, p1024_mod);
-        ctx->state = 11;
-        break;
-    case 11:
-        /* R = S2 - S1 */
-        sp_1024_mont_sub_avx2_16(ctx->t4, ctx->t4, ctx->t3, p1024_mod);
-        ctx->state = 12;
-        break;
-    case 12:
-        /* X3 = R^2 - H^3 - 2*U1*H^2 */
-        sp_1024_mont_sqr_avx2_16(ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 13;
-        break;
-    case 13:
-        sp_1024_mont_mul_avx2_16(ctx->y, ctx->t1, ctx->t5, p1024_mod, p1024_mp_mod);
-        ctx->state = 14;
-        break;
-    case 14:
-        sp_1024_mont_mul_avx2_16(ctx->t5, ctx->t5, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 15;
-        break;
-    case 15:
-        /* Z3 = H*Z1*Z2 */
-        sp_1024_mont_mul_avx2_16(ctx->z, p->z, ctx->t2, p1024_mod, p1024_mp_mod);
-        ctx->state = 16;
-        break;
-    case 16:
-        sp_1024_mont_mul_avx2_16(ctx->z, ctx->z, q->z, p1024_mod, p1024_mp_mod);
-        ctx->state = 17;
-        break;
-    case 17:
-        sp_1024_mont_sqr_avx2_16(ctx->x, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 18;
-        break;
-    case 18:
-        sp_1024_mont_sub_avx2_16(ctx->x, ctx->x, ctx->t5, p1024_mod);
-        ctx->state = 19;
-        break;
-    case 19:
-        sp_1024_mont_mul_avx2_16(ctx->t5, ctx->t5, ctx->t3, p1024_mod, p1024_mp_mod);
-        ctx->state = 20;
-        break;
-    case 20:
-        sp_1024_mont_dbl_avx2_16(ctx->t3, ctx->y, p1024_mod);
-        sp_1024_mont_sub_avx2_16(ctx->x, ctx->x, ctx->t3, p1024_mod);
-        ctx->state = 21;
-        break;
-    case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
-        ctx->state = 22;
-        break;
-    case 22:
-        sp_1024_mont_mul_avx2_16(ctx->y, ctx->y, ctx->t4, p1024_mod, p1024_mp_mod);
-        ctx->state = 23;
-        break;
-    case 23:
-        sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->t5, p1024_mod);
-        ctx->state = 24;
-        break;
-    case 24:
-    {
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (ctx->x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (ctx->y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (ctx->z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-        ctx->state = 25;
-        break;
-    }
-    case 25:
-        err = MP_OKAY;
-        break;
-    }
-
-    if (err == MP_OKAY && ctx->state != 25) {
-        err = FP_WOULDBLOCK;
-    }
-    return err;
-}
-#endif /* WOLFSSL_SP_NONBLOCK */
-
-/* Double the Montgomery form projective point p a number of times.
- *
- * r  Result of repeated doubling of point.
- * p  Point to double.
- * n  Number of times to double
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
-        const sp_point_1024* p, int n, int m, sp_digit* t)
-{
-    sp_digit* w = t;
-    sp_digit* a = t + 2*16;
-    sp_digit* b = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t2 = t + 8*16;
-    sp_digit* x = r[2*m].x;
-    sp_digit* y = r[(1<<n)*m].y;
-    sp_digit* z = r[2*m].z;
-    int i;
-    int j;
-
-    for (i=0; i<16; i++) {
-        x[i] = p->x[i];
-    }
-    for (i=0; i<16; i++) {
-        y[i] = p->y[i];
-    }
-    for (i=0; i<16; i++) {
-        z[i] = p->z[i];
-    }
-
-    /* Y = 2*Y */
-    sp_1024_mont_dbl_avx2_16(y, y, p1024_mod);
-    /* W = Z^4 */
-    sp_1024_mont_sqr_avx2_16(w, z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_avx2_16(w, w, p1024_mod, p1024_mp_mod);
-    j = m;
-    for (i=1; i<=n; i++) {
-        j *= 2;
-
-        /* A = 3*(X^2 - W) */
-        sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
-        /* B = X*Y^2 */
-        sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
-        x = r[j].x;
-        /* X = A^2 - 2B */
-        sp_1024_mont_sqr_avx2_16(x, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
-        sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
-        /* B = 2.(B - X) */
-        sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
-        /* Z = Z*Y */
-        sp_1024_mont_mul_avx2_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
-        z = r[j].z;
-        /* t1 = Y^4 */
-        sp_1024_mont_sqr_avx2_16(t1, t1, p1024_mod, p1024_mp_mod);
-        if (i != n) {
-            /* W = W*Y^4 */
-            sp_1024_mont_mul_avx2_16(w, w, t1, p1024_mod, p1024_mp_mod);
-        }
-        /* y = 2*A*(B - X) - Y^4 */
-        sp_1024_mont_mul_avx2_16(y, b, a, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
-        /* Y = Y/2 */
-        sp_1024_mont_div2_avx2_16(r[j].y, y, p1024_mod);
-        r[j].infinity = 0;
-    }
-}
-
-/* Add two Montgomery form projective points.
- *
- * ra  Result of addition.
- * rs  Result of subtraction.
- * p   First point to add.
- * q   Second point to add.
- * t   Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_sub_avx2_16(sp_point_1024* ra,
-        sp_point_1024* rs, const sp_point_1024* p, const sp_point_1024* q,
-        sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
-    sp_digit* xa = ra->x;
-    sp_digit* ya = ra->y;
-    sp_digit* za = ra->z;
-    sp_digit* xs = rs->x;
-    sp_digit* ys = rs->y;
-    sp_digit* zs = rs->z;
-
-
-    XMEMCPY(xa, p->x, sizeof(p->x) / 2);
-    XMEMCPY(ya, p->y, sizeof(p->y) / 2);
-    XMEMCPY(za, p->z, sizeof(p->z) / 2);
-    ra->infinity = 0;
-    rs->infinity = 0;
-
-    /* U1 = X1*Z2^2 */
-    sp_1024_mont_sqr_avx2_16(t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t3, t1, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t1, t1, xa, p1024_mod, p1024_mp_mod);
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_avx2_16(t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t4, t2, za, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S1 = Y1*Z2^3 */
-    sp_1024_mont_mul_avx2_16(t3, t3, ya, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_avx2_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-    /* H = U2 - U1 */
-    sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
-    /* RS = S2 + S1 */
-    sp_1024_mont_add_avx2_16(t6, t4, t3, p1024_mod);
-    /* R = S2 - S1 */
-    sp_1024_mont_sub_avx2_16(t4, t4, t3, p1024_mod);
-    /* Z3 = H*Z1*Z2 */
-    /* ZS = H*Z1*Z2 */
-    sp_1024_mont_mul_avx2_16(za, za, q->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(za, za, t2, p1024_mod, p1024_mp_mod);
-    XMEMCPY(zs, za, sizeof(p->z)/2);
-    /* X3 = R^2 - H^3 - 2*U1*H^2 */
-    /* XS = RS^2 - H^3 - 2*U1*H^2 */
-    sp_1024_mont_sqr_avx2_16(xa, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_avx2_16(xs, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sqr_avx2_16(t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(ya, t1, t5, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_avx2_16(xa, xa, t5, p1024_mod);
-    sp_1024_mont_sub_avx2_16(xs, xs, t5, p1024_mod);
-    sp_1024_mont_dbl_avx2_16(t1, ya, p1024_mod);
-    sp_1024_mont_sub_avx2_16(xa, xa, t1, p1024_mod);
-    sp_1024_mont_sub_avx2_16(xs, xs, t1, p1024_mod);
-    /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-    /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_avx2_16(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_avx2_16(ya, ya, xa, p1024_mod);
-    sp_1024_mont_mul_avx2_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_avx2_16(t6, p1024_mod, t6, p1024_mod);
-    sp_1024_mont_mul_avx2_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t5, t5, t3, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_sub_avx2_16(ya, ya, t5, p1024_mod);
-    sp_1024_mont_sub_avx2_16(ys, ys, t5, p1024_mod);
-}
-
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Window technique of 7 bits. (Add-Sub variation.)
- * Calculate 0..64 times the point. Use function that adds and
- * subtracts the same two points.
- * Recode to add or subtract one of the computed points.
- * Double to push up.
- * NOT a sliding window.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_win_add_sub_avx2_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 65+2);
-    SP_DECL_VAR(sp_digit, tmp, 2 * 16 * 37);
-    sp_point_1024* rt = NULL;
-    sp_point_1024* p = NULL;
-    sp_digit* negy;
-    int i;
-    ecc_recode_1024 v[147];
-    int err = MP_OKAY;
-
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 65+2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 16 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        rt = t + 65;
-        p  = t + 65+1;
-
-        /* t[0] = {0, 0, 1} * norm */
-        XMEMSET(&t[0], 0, sizeof(t[0]));
-        t[0].infinity = 1;
-        /* t[1] = {g->x, g->y, g->z} * norm */
-        err = sp_1024_mod_mul_norm_avx2_16(t[1].x, g->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(t[1].y, g->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(t[1].z, g->z, p1024_mod);
-    }
-
-    if (err == MP_OKAY) {
-        t[1].infinity = 0;
-        /* t[2] ... t[64]  */
-        sp_1024_proj_point_dbl_n_store_avx2_16(t, &t[ 1], 6, 1, tmp);
-        sp_1024_proj_point_add_avx2_16(&t[ 3], &t[ 2], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[ 6], &t[ 3], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[ 7], &t[ 5], &t[ 6], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[10], &t[ 5], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[11], &t[ 9], &t[10], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[12], &t[ 6], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[14], &t[ 7], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[15], &t[13], &t[14], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[18], &t[ 9], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[19], &t[17], &t[18], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[20], &t[10], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[22], &t[11], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[23], &t[21], &t[22], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[24], &t[12], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[26], &t[13], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[27], &t[25], &t[26], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[28], &t[14], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[30], &t[15], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[31], &t[29], &t[30], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[34], &t[17], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[35], &t[33], &t[34], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[36], &t[18], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[38], &t[19], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[39], &t[37], &t[38], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[40], &t[20], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[42], &t[21], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[43], &t[41], &t[42], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[44], &t[22], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[46], &t[23], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[47], &t[45], &t[46], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[48], &t[24], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[50], &t[25], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[51], &t[49], &t[50], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[52], &t[26], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[54], &t[27], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[55], &t[53], &t[54], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[56], &t[28], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[58], &t[29], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[59], &t[57], &t[58], &t[ 1], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[60], &t[30], tmp);
-        sp_1024_proj_point_dbl_avx2_16(&t[62], &t[31], tmp);
-        sp_1024_proj_point_add_sub_avx2_16(&t[63], &t[61], &t[62], &t[ 1], tmp);
-
-        negy = t[0].y;
-
-        sp_1024_ecc_recode_7_16(k, v);
-
-        i = 146;
-        XMEMCPY(rt, &t[v[i].i], sizeof(sp_point_1024));
-        for (--i; i>=0; i--) {
-            sp_1024_proj_point_dbl_n_avx2_16(rt, 7, tmp);
-            XMEMCPY(p, &t[v[i].i], sizeof(sp_point_1024));
-            sp_1024_mont_sub_avx2_16(negy, p1024_mod, p->y, p1024_mod);
-            sp_1024_norm_16(negy);
-            sp_1024_cond_copy_16(p->y, negy, (sp_digit)0 - v[i].neg);
-            sp_1024_proj_point_add_avx2_16(rt, rt, p, tmp);
-        }
-
-        if (map != 0) {
-            sp_1024_map_avx2_16(r, rt, tmp);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* A table entry for pre-computed points. */
-typedef struct sp_table_entry_1024 {
-    sp_digit x[16];
-    sp_digit y[16];
-} sp_table_entry_1024;
-
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*16;
-    sp_digit* t6 = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t4 = t + 8*16;
-    sp_digit* t5 = t + 10*16;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_16(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_16(p->x, t2) &
-            sp_1024_cmp_equal_16(p->y, t4)) {
-        sp_1024_proj_point_dbl_16(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_16(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_16(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_16(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_16(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_16(t5, t3, p1024_mod);
-        sp_1024_mont_sub_16(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_16(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_16(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-    sp_digit* tmp = t + 4 * 16;
-
-    sp_1024_mont_inv_16(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_16(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_16(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_16(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_16(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_16(t, 128, tmp);
-            sp_1024_proj_to_affine_16(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_16(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_16(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 16 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 16 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_16(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_16(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_16(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifdef FP_ECC
-#ifndef FP_ENTRIES
-    #define FP_ENTRIES 16
-#endif
-
-/* Cache entry - holds precomputation tables for a point. */
-typedef struct sp_cache_1024_t {
-    /* X ordinate of point that table was generated from. */
-    sp_digit x[16];
-    /* Y ordinate of point that table was generated from. */
-    sp_digit y[16];
-    /* Precomputation table for point. */
-    sp_table_entry_1024 table[256];
-    /* Count of entries in table. */
-    word32 cnt;
-    /* Point and table set in entry. */
-    int set;
-} sp_cache_1024_t;
-
-/* Cache of tables. */
-static THREAD_LS_T sp_cache_1024_t sp_cache_1024[FP_ENTRIES];
-/* Index of last entry in cache. */
-static THREAD_LS_T int sp_cache_1024_last = -1;
-/* Cache has been initialized. */
-static THREAD_LS_T int sp_cache_1024_inited = 0;
-
-#ifndef HAVE_THREAD_LS
-    #ifndef WOLFSSL_MUTEX_INITIALIZER
-    static volatile int initCacheMutex_1024 = 0;
-    #endif
-    static wolfSSL_Mutex sp_cache_1024_lock WOLFSSL_MUTEX_INITIALIZER_CLAUSE(sp_cache_1024_lock);
-#endif
-
-/* Get the cache entry for the point.
- *
- * g      [in]   Point scalar multiplying.
- * cache  [out]  Cache table to use.
- */
-static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
-{
-    int i;
-    int j;
-    word32 least;
-
-    if (sp_cache_1024_inited == 0) {
-        for (i=0; i<FP_ENTRIES; i++) {
-            sp_cache_1024[i].set = 0;
-        }
-        sp_cache_1024_inited = 1;
-    }
-
-    /* Compare point with those in cache. */
-    for (i=0; i<FP_ENTRIES; i++) {
-        if (!sp_cache_1024[i].set)
-            continue;
-
-        if (sp_1024_cmp_equal_16(g->x, sp_cache_1024[i].x) &
-                           sp_1024_cmp_equal_16(g->y, sp_cache_1024[i].y)) {
-            sp_cache_1024[i].cnt++;
-            break;
-        }
-    }
-
-    /* No match. */
-    if (i == FP_ENTRIES) {
-        /* Find empty entry. */
-        i = (sp_cache_1024_last + 1) % FP_ENTRIES;
-        for (; i != sp_cache_1024_last; i=(i+1)%FP_ENTRIES) {
-            if (!sp_cache_1024[i].set) {
-                break;
-            }
-        }
-
-        /* Evict least used. */
-        if (i == sp_cache_1024_last) {
-            least = sp_cache_1024[0].cnt;
-            for (j=1; j<FP_ENTRIES; j++) {
-                if (sp_cache_1024[j].cnt < least) {
-                    i = j;
-                    least = sp_cache_1024[i].cnt;
-                }
-            }
-        }
-
-        XMEMCPY(sp_cache_1024[i].x, g->x, sizeof(sp_cache_1024[i].x));
-        XMEMCPY(sp_cache_1024[i].y, g->y, sizeof(sp_cache_1024[i].y));
-        sp_cache_1024[i].set = 1;
-        sp_cache_1024[i].cnt = 1;
-    }
-
-    *cache = &sp_cache_1024[i];
-    sp_cache_1024_last = i;
-}
-#endif /* FP_ECC */
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 16 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 16 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_16(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_16(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#ifdef HAVE_INTEL_AVX2
-#ifdef FP_ECC
-#endif /* FP_ECC */
-/* Add two Montgomery form projective points. The second point has a q value of
- * one.
- * Only the first point can be the same pointer as the result point.
- *
- * r  Result of addition.
- * p  First point to add.
- * q  Second point to add.
- * t  Temporary ordinate data.
- */
-static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
-    const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t2 = t;
-    sp_digit* t3 = t + 2*16;
-    sp_digit* t6 = t + 4*16;
-    sp_digit* t1 = t + 6*16;
-    sp_digit* t4 = t + 8*16;
-    sp_digit* t5 = t + 10*16;
-
-    /* Calculate values to subtract from P->x and P->y. */
-    /* U2 = X2*Z1^2 */
-    sp_1024_mont_sqr_avx2_16(t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t4, t2, p->z, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t2, t2, q->x, p1024_mod, p1024_mp_mod);
-    /* S2 = Y2*Z1^3 */
-    sp_1024_mont_mul_avx2_16(t4, t4, q->y, p1024_mod, p1024_mp_mod);
-
-    if ((~p->infinity) & (~q->infinity) &
-            sp_1024_cmp_equal_16(p->x, t2) &
-            sp_1024_cmp_equal_16(p->y, t4)) {
-        sp_1024_proj_point_dbl_avx2_16(r, p, t);
-    }
-    else {
-        sp_digit* x = t2;
-        sp_digit* y = t3;
-        sp_digit* z = t6;
-
-        /* H = U2 - X1 */
-        sp_1024_mont_sub_avx2_16(t2, t2, p->x, p1024_mod);
-        /* R = S2 - Y1 */
-        sp_1024_mont_sub_avx2_16(t4, t4, p->y, p1024_mod);
-        /* Z3 = H*Z1 */
-        sp_1024_mont_mul_avx2_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
-        /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_avx2_16(t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_avx2_16(t2, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
-        sp_1024_mont_dbl_avx2_16(t5, t3, p1024_mod);
-        sp_1024_mont_sub_avx2_16(x, t2, t5, p1024_mod);
-        /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_avx2_16(t3, t3, x, p1024_mod);
-        sp_1024_mont_mul_avx2_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(y, t3, t1, p1024_mod);
-        {
-            int i;
-            sp_digit maskp = (sp_digit)(0 - (q->infinity & (!p->infinity)));
-            sp_digit maskq = (sp_digit)(0 - (p->infinity & (!q->infinity)));
-            sp_digit maskt = ~(maskp | maskq);
-            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
-
-            for (i = 0; i < 16; i++) {
-                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
-                          (x[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
-                          (y[i] & maskt);
-            }
-            for (i = 0; i < 16; i++) {
-                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
-                          (z[i] & maskt);
-            }
-            r->z[0] |= inf;
-            r->infinity = (int)inf;
-        }
-    }
-}
-
-#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-/* Convert the projective point to affine.
- * Ordinates are in Montgomery form.
- *
- * a  Point to convert.
- * t  Temporary data.
- */
-static void sp_1024_proj_to_affine_avx2_16(sp_point_1024* a, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-    sp_digit* tmp = t + 4 * 16;
-
-    sp_1024_mont_inv_avx2_16(t1, a->z, tmp);
-
-    sp_1024_mont_sqr_avx2_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-
-    sp_1024_mont_mul_avx2_16(a->x, a->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(a->y, a->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(a->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-}
-
-/* Generate the pre-computed table of points for the base point.
- *
- * width = 8
- * 256 entries
- * 128 bits between
- *
- * a      The base point.
- * table  Place to store generated point data.
- * tmp    Temporary data.
- * heap  Heap to use for allocation.
- */
-static int sp_1024_gen_stripe_table_avx2_16(const sp_point_1024* a,
-        sp_table_entry_1024* table, sp_digit* tmp, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, t, 3);
-    sp_point_1024* s1 = NULL;
-    sp_point_1024* s2 = NULL;
-    int i;
-    int j;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_point_1024, t, 3, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        s1 = t + 1;
-        s2 = t + 2;
-
-        err = sp_1024_mod_mul_norm_avx2_16(t->x, a->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(t->y, a->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(t->z, a->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        t->infinity = 0;
-        sp_1024_proj_to_affine_avx2_16(t, tmp);
-
-        XMEMCPY(s1->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s1->infinity = 0;
-        XMEMCPY(s2->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        s2->infinity = 0;
-
-        /* table[0] = {0, 0, infinity} */
-        XMEMSET(&table[0], 0, sizeof(sp_table_entry_1024));
-        /* table[1] = Affine version of 'a' in Montgomery form */
-        XMEMCPY(table[1].x, t->x, sizeof(table->x));
-        XMEMCPY(table[1].y, t->y, sizeof(table->y));
-
-        for (i=1; i<8; i++) {
-            sp_1024_proj_point_dbl_n_avx2_16(t, 128, tmp);
-            sp_1024_proj_to_affine_avx2_16(t, tmp);
-            XMEMCPY(table[1<<i].x, t->x, sizeof(table->x));
-            XMEMCPY(table[1<<i].y, t->y, sizeof(table->y));
-        }
-
-        for (i=1; i<8; i++) {
-            XMEMCPY(s1->x, table[1<<i].x, sizeof(table->x));
-            XMEMCPY(s1->y, table[1<<i].y, sizeof(table->y));
-            for (j=(1<<i)+1; j<(1<<(i+1)); j++) {
-                XMEMCPY(s2->x, table[j-(1<<i)].x, sizeof(table->x));
-                XMEMCPY(s2->y, table[j-(1<<i)].y, sizeof(table->y));
-                sp_1024_proj_point_add_qz1_avx2_16(t, s1, s2, tmp);
-                sp_1024_proj_to_affine_avx2_16(t, tmp);
-                XMEMCPY(table[j].x, t->x, sizeof(table->x));
-                XMEMCPY(table[j].y, t->y, sizeof(table->y));
-            }
-        }
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#endif /* FP_ECC | !WOLFSSL_SP_SMALL */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r      Resulting point.
- * k      Scalar to multiply by.
- * table  Pre-computed table.
- * map    Indicates whether to convert result to affine.
- * ct     Constant time required.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_stripe_avx2_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_table_entry_1024* table, const sp_digit* k, int map,
-        int ct, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, rt, 2);
-    SP_DECL_VAR(sp_digit, t, 2 * 16 * 37);
-    sp_point_1024* p = NULL;
-    int i;
-    int j;
-    int y;
-    int x;
-    int err = MP_OKAY;
-
-    (void)g;
-    /* Constant time used for cache attack resistance implementation. */
-    (void)ct;
-    (void)heap;
-
-
-    SP_ALLOC_VAR(sp_point_1024, rt, 2, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 2 * 16 * 37, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = rt + 1;
-
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        XMEMCPY(rt->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-
-        y = 0;
-        x = 127;
-        for (j=0; j<8; j++) {
-            y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-            x += 128;
-        }
-        XMEMCPY(rt->x, table[y].x, sizeof(table[y].x));
-        XMEMCPY(rt->y, table[y].y, sizeof(table[y].y));
-        rt->infinity = !y;
-        for (i=126; i>=0; i--) {
-            y = 0;
-            x = i;
-            for (j=0; j<8; j++) {
-                y |= (int)(((k[x / 64] >> (x % 64)) & 1) << j);
-                x += 128;
-            }
-
-            sp_1024_proj_point_dbl_avx2_16(rt, rt, t);
-            XMEMCPY(p->x, table[y].x, sizeof(table[y].x));
-            XMEMCPY(p->y, table[y].y, sizeof(table[y].y));
-            p->infinity = !y;
-            sp_1024_proj_point_add_qz1_avx2_16(rt, rt, p, t);
-        }
-
-        if (map != 0) {
-            sp_1024_map_avx2_16(r, rt, t);
-        }
-        else {
-            XMEMCPY(r, rt, sizeof(sp_point_1024));
-        }
-    }
-
-    SP_FREE_VAR(rt, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * r     Resulting point.
- * g     Point to multiply.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g,
-        const sp_digit* k, int map, int ct, void* heap)
-{
-#ifndef FP_ECC
-    return sp_1024_ecc_mulmod_win_add_sub_avx2_16(r, g, k, map, ct, heap);
-#else
-    SP_DECL_VAR(sp_digit, tmp, 2 * 16 * 38);
-    sp_cache_1024_t* cache;
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_digit, tmp, 2 * 16 * 38, heap, DYNAMIC_TYPE_ECC);
-#ifndef HAVE_THREAD_LS
-    if (err == MP_OKAY) {
-        #ifndef WOLFSSL_MUTEX_INITIALIZER
-        if (initCacheMutex_1024 == 0) {
-            wc_InitMutex(&sp_cache_1024_lock);
-            initCacheMutex_1024 = 1;
-        }
-        #endif
-        if (wc_LockMutex(&sp_cache_1024_lock) != 0) {
-            err = BAD_MUTEX_E;
-        }
-    }
-#endif /* HAVE_THREAD_LS */
-
-    if (err == MP_OKAY) {
-        sp_ecc_get_cache_1024(g, &cache);
-        if (cache->cnt == 2)
-            sp_1024_gen_stripe_table_avx2_16(g, cache->table, tmp, heap);
-
-#ifndef HAVE_THREAD_LS
-        wc_UnLockMutex(&sp_cache_1024_lock);
-#endif /* HAVE_THREAD_LS */
-
-        if (cache->cnt < 2) {
-            err = sp_1024_ecc_mulmod_win_add_sub_avx2_16(r, g, k, map, ct, heap);
-        }
-        else {
-            err = sp_1024_ecc_mulmod_stripe_avx2_16(r, g, cache->table, k,
-                    map, ct, heap);
-        }
-    }
-
-    SP_FREE_VAR(tmp, heap, DYNAMIC_TYPE_ECC);
-    return err;
-#endif
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * p     Point to multiply.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_1024(const mp_int* km, const ecc_point* gm, ecc_point* r,
-        int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 16);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 16, km);
-        sp_1024_point_from_ecc_point_16(point, gm);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_1024_ecc_mulmod_avx2_16(point, point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_1024_ecc_mulmod_16(point, point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Striping precomputation table.
- * 8 points combined into a table of 256 points.
- * Distance of 128 between points.
- */
-static const sp_table_entry_1024 p1024_table[256] = {
-    /* 0 */
-    { { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00 },
-      { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00 } },
-    /* 1 */
-    { { 0xbf9c7ec6e0162bc2L,0xddecc6e310a89289L,0x5d599df09e499d81L,
-        0x9a96ea286d358218L,0x01aec7d370c5f8dbL,0xe72e49958cf5d066L,
-        0xc2e7297d3e91d7f8L,0x8621db92da9f2f5aL,0x4b26c8675a5679edL,
-        0x233385df2c56aac1L,0xb88e74d4c6a13f99L,0x1214b173ffa8ec11L,
-        0xa0386a271f3f9fefL,0xbd9b1b4ec0e7b44eL,0xafe528dceecd3496L,
-        0x8dfff96a1c49f80bL },
-      { 0xb4a4753ac03c0c83L,0x68e69d18abcdcd75L,0xe3839b88f775b649L,
-        0x803f949abf58f352L,0x5f702679bd0bc15cL,0x85bf5d168ff298c2L,
-        0x3f6ebd98c6c7976eL,0x20618af445e3e1b4L,0x67d5598e54e64093L,
-        0xb047283b504fed9eL,0x450cabfd70d87517L,0x47d628bf3f5addbeL,
-        0x0037ef3078cb4ccaL,0x4e148d3c6b1c4908L,0xe256d3294fcfd837L,
-        0x2aa1207bde3c01f3L } },
-    /* 2 */
-    { { 0xa95b6dae01900955L,0xa5dc9cc1ceb4656dL,0x50c78907e72fe95bL,
-        0xa1ae5447a040c334L,0x911913707952ea6eL,0x54ff73436d097305L,
-        0xa4db0074bda4d10fL,0xfd5306f191644070L,0x14b9fe738b24522cL,
-        0x1468dad67849f762L,0x87b29a18b0dcd2e4L,0xadd7f1a15e1ad492L,
-        0x9ac63a81dbba2a1aL,0x01379c5b81223379L,0xf402b2f0b0e53bc8L,
-        0x8c3eb27f0bf13b61L },
-      { 0x9a4ad3e1e513696fL,0x0350ba5c18c81ffaL,0x1e2fc1363c033d13L,
-        0x53da6e7117a531bcL,0x42ec64901aed610dL,0xd33e8df7e99ff567L,
-        0xe4aad73e3deed12aL,0xd983b465180f4debL,0x99365269502f30b4L,
-        0x7e2799aba8918d7fL,0x0ffe84b6700fc79aL,0x7b4400d640bfd8c2L,
-        0xc3a21d215d2641bdL,0x79839442c32621cbL,0xace6500bb1401e83L,
-        0x7bf4163e251c4310L } },
-    /* 3 */
-    { { 0x1c174f88e3fd589eL,0xdb501790df974a03L,0xd09623e33e70549fL,
-        0x8d091eff15924f34L,0xeef79cadf9b65ac5L,0xd2cc42623f69c2cfL,
-        0x817d903252cd82bcL,0xacf4f4d9a5f1ddddL,0xd06126355011b6bdL,
-        0x9f74490d2ed140c9L,0x64092e8c4db686d2L,0x225eef16776b0fccL,
-        0x0e8c01e9df16aeb6L,0x6283674184bbd82aL,0x757574e28956e337L,
-        0x9871edc6705a7f07L },
-      { 0xbd0b76d5776535f7L,0x5214d6022635b3b8L,0xc0c25ad99d216f64L,
-        0xfd4df3a75515bf75L,0x24a625bc5e9f1675L,0x3c35efb7406873e7L,
-        0xef5c9a33bb2e5c4aL,0xa971b35e806b198aL,0x9f5c0ca5a3c690edL,
-        0xa8d5dd898e1e2341L,0x4cecbcce955ad9e4L,0x2ecf4407248d3416L,
-        0x1abb381145c0af6eL,0x3f4bee821c780fffL,0xd14df768c272ed57L,
-        0x397ed10a371637adL } },
-    /* 4 */
-    { { 0xcf3e0bb2755c2a27L,0xd38e42f959585c44L,0x46b13e0f19285e60L,
-        0xc3ecd0c076273d0fL,0x7800f085193c569aL,0xf04e74ab4351818aL,
-        0x9258aa388496363bL,0x8456617cb8c894feL,0x8bc62aaa2af969a0L,
-        0x66c2280b5a4668d9L,0xbc9df58ea992f4faL,0x5db0b7d93f401e99L,
-        0xe0614fe1c4c38c0eL,0xd531151c2ccdf6b3L,0x1c7575ece143b618L,
-        0x40247985df9398a4L },
-      { 0xfba251788f055746L,0xc5ba00400ab1e6e0L,0xe1b194fbac292697L,
-        0x771521195b4f4740L,0x250091d09bb7ba54L,0x7a674861b9a139a4L,
-        0xba8413b3f353aa7eL,0xafe771922443ceeeL,0x14468d363847bbd0L,
-        0x61f79ff63da4942dL,0x1563a1c1d425b456L,0x3c270fcd75ff4630L,
-        0x42072090eb2802c9L,0x68f0cdcbc85c7004L,0xca4372fbfa032e74L,
-        0x1a6fd1e6c8b79d80L } },
-    /* 5 */
-    { { 0x967a901a8d5116a3L,0x0b844394b2f5f47fL,0xe39ad45260ebaf3bL,
-        0x1e1be61760ccfc0cL,0xac07e3d2cc3f53f2L,0xdd838e0e1ed11bb6L,
-        0x454753071c15b0c2L,0x70dd4748920fe5b8L,0x1a20be2de471896dL,
-        0x3c3fad8a59276c7cL,0x026a1cc3c886ee07L,0x9fdb6f376e831ac4L,
-        0x26a35d1aac501d65L,0x0ae9890540da8574L,0x65dde0a4abd734e5L,
-        0x29b7d4dc15614750L },
-      { 0x44b3c2cbcbf4e20bL,0x1c3f548f58cc44c5L,0x39809b545b0cac1fL,
-        0x0c0f02b500f80621L,0xe612b890066905e0L,0x8f158ed78350188cL,
-        0xc01dc4583f5576b2L,0x29803272a45492e0L,0x77a5623a0ff92443L,
-        0xd12a2b0029d0dc41L,0xb41254592780e87aL,0x1ebcf9030d53f272L,
-        0xbae6ea4024301e8dL,0x1e5f3f2fa37d0798L,0x9342c31022b4126cL,
-        0x5d0928025382497eL } },
-    /* 6 */
-    { { 0x583a2b7eff2f780dL,0x34d26820d7d76b1dL,0xe3c3284786f74aecL,
-        0x0fd4221210823febL,0x227e417efb5e7bf4L,0x510d49b6a568f8cdL,
-        0x53bce7d61781bbecL,0x9cfe3f222f3718b7L,0x7f44e89fd9de6c1fL,
-        0xf1cc553f3fac9b55L,0x9d2d0846e6f300bcL,0x976c82a29f0ae6b1L,
-        0xe63dbf5e24b8bbe0L,0x4cac7f45973a5aa7L,0xc6eb623784dd33c7L,
-        0x0a26e434142fee5dL },
-      { 0x8081339facaa9a08L,0x40f311055246ece1L,0x892c817061393747L,
-        0x8d8d4103242f02e1L,0x482bfd203b5de98aL,0x89ef946b5abbe952L,
-        0xb8d218b937698249L,0xd5268e8966617c7aL,0x962e75518b7d2b91L,
-        0x2c5c7973fe8d67c3L,0x42e3150a2b017c51L,0x6f4e5ebcc1a29469L,
-        0xa39910ce531c7083L,0xaf4f6eb4b77b9e50L,0x68cbb175da120ad0L,
-        0x19497c61b92636ecL } },
-    /* 7 */
-    { { 0x6920b0c6417659a8L,0xc77ab9c792cb28ffL,0x55b67180b687797fL,
-        0x4caf58c1e7759363L,0x5155bdb65561b186L,0x2e64e355780f4946L,
-        0xeb0ac9b7229a8b20L,0x88594d782571bd60L,0x5dcc0939e3fa78f9L,
-        0x7b8b48302ac2d379L,0x505fbf60b90f1444L,0xac610e813ce4b3c1L,
-        0x39a4f27ad59b5c18L,0x5fa339737cea0222L,0xe578730b8dff1c7bL,
-        0x96b91b8b517bf7a6L },
-      { 0xc1a991f49aac087cL,0xce62f74e6cfdb28dL,0x08d6ff9a5f7600d6L,
-        0xd781cd04f917f9c9L,0x7796f5f63de52dbfL,0xe7db64e02ed72180L,
-        0x0f0876f66fa4137dL,0x3271ee643ca1f716L,0xcb9b20587c4ab8a3L,
-        0xcba1710739481047L,0xdf9a190d598c5c37L,0x0cb6e72a6f20e125L,
-        0xa3142204f4f2902dL,0x42d28cb97ce2dcfbL,0xdf261b8aa3d3c351L,
-        0x73f3d315cffc249dL } },
-    /* 8 */
-    { { 0x5d86855be6fd3673L,0x309b70af9d214b7bL,0x8d332f90dcc46cd3L,
-        0xe553c015595510deL,0x5746a09638c1251cL,0xcd7cea5b85cc1bc9L,
-        0x4ffa1468002eba8fL,0x10a3cb7022fcd77cL,0xb6999dfbc4ea05e3L,
-        0x3375a0d04efa756eL,0x4d90279edced5fd8L,0x48192403251fd56eL,
-        0xe87633a482a4c5f1L,0x3170d1301b34105bL,0x93998b0f7247e578L,
-        0x88934f64436ba1faL },
-      { 0xf09f43b04713eabcL,0x4ca7dd91accdc517L,0x27daa63bef13ca7cL,
-        0x8b2e5a7a2588184bL,0x0a8cb612d95dc269L,0x346975a2e1f2f14cL,
-        0x1f29b8ede172935cL,0xc3cbfd6ed40bc1e3L,0xd3f46b3f132623daL,
-        0xc115be6dfb0b7681L,0x5e31c34556da4344L,0xa7c63f18a8e43d98L,
-        0x55cb20834bddb4eaL,0xb16a0c384a54f58cL,0x74eacca246fd69d9L,
-        0x0d1898bb153548e1L } },
-    /* 9 */
-    { { 0x4ea73461e35ef043L,0x107b67d93496b564L,0xd62c173bd0f83a3cL,
-        0xfad4b03851d29c35L,0x3f42882a71b1c1a4L,0x5d2bcf6654b43b9eL,
-        0xc77b15aa2abdf543L,0x5cb38a80dabe3dc1L,0x15fda0aea481673bL,
-        0x86996b4de7b90ebeL,0x84f87e252bc8f3d8L,0xaded03d637c4e424L,
-        0xe5ede666d7a7afd8L,0x80dd95a2a1ccb93aL,0xa55cfd2546fba391L,
-        0x2bdab1dc46f82e60L },
-      { 0x7a4de22bfa6fed61L,0xca458aa5cc8dd94eL,0x3e372df1071222f5L,
-        0x06a4b44fe5aff377L,0xbc2d0ba74a738e6dL,0x1a470e1d5f31f136L,
-        0x77ff933ae102a911L,0x8b380a50310c7885L,0x9f3c0228783fc5acL,
-        0xec66892544725d06L,0x878f0e165ac84221L,0x9a3af1afcfda6e8aL,
-        0x0183ed3778cd2abaL,0x32cdbd60826d0eaeL,0xb3234661cbee6415L,
-        0x353eb892b9c10120L } },
-    /* 10 */
-    { { 0xc8fdcad610b5521eL,0x1a11b44052e702f0L,0x6302680d8ffda49cL,
-        0xcdb9654acbf36badL,0x7b58ce114c10a2d7L,0x1e5d1f7de630e7e0L,
-        0x8cbe3d7d6760a813L,0xeb35866b6480d77fL,0x58728cf37f036219L,
-        0xdd5865ed42a8a757L,0x283f1f1d906a2870L,0x79e23fa4a51f906bL,
-        0xf2ac6e83543b20a8L,0x4f0b6379b81e7754L,0x57fbc0d4840016eeL,
-        0x8da20771e621b67dL },
-      { 0x3c855004ecce65ecL,0x76d10d1fb748185eL,0x64be7bca78797ad2L,
-        0x43444db077e54aadL,0x17b6b0c9be0df0ffL,0x8fc4256c055086a4L,
-        0xf952c43bfd74d5a3L,0x501e005a01c4edb8L,0xd5172dfc4a57e328L,
-        0xdb40ce4e535d6ee3L,0xbaef1e5c0c650918L,0xe85145e7857561fcL,
-        0xe468536a34a224c6L,0x69a8e2270ec0e0a2L,0xb3f52247242b03fcL,
-        0x862f55e2c3bebd5fL } },
-    /* 11 */
-    { { 0x2d6a390f226049feL,0xcc92a578dcbbc9fbL,0xa52feca497634fb7L,
-        0x2b340cb63dea5893L,0xa39f338a2a49e916L,0x26b2df3d949e41f3L,
-        0xc71c7cdb065a7e40L,0x4a9b84a0468281a2L,0x63eeb503731eeecaL,
-        0xe6d0913476cbb725L,0x0cf979a9b94a678cL,0xb44d8c3b808fd9f1L,
-        0xe60da613e0afc5b9L,0x52dce7de3ea5be69L,0x3a5d6864dc1ee74fL,
-        0x71ab28913bc80790L },
-      { 0xcf618fc43b5b60adL,0x0afb5e304a0c3184L,0xd22381ccbc403302L,
-        0x33cf8953db1c0c66L,0x9c994e4da6112a8dL,0xd7aae2c3d1967a86L,
-        0xc28d54935b7acd29L,0x8075bd136c9a57fbL,0xc9c0373e9c8427f9L,
-        0x2cbca18d193225f5L,0x73777d13442c018cL,0xebe5ed47fbb3a727L,
-        0x70437d491962dc18L,0xf39c1e092dc08806L,0x03e9c6f715fff35cL,
-        0x8d087bb65e360a65L } },
-    /* 12 */
-    { { 0xbe2123023fdc1844L,0x6eca27ef105eac56L,0x2183a606f168a348L,
-        0x295f807de1d7a4cbL,0x7246a6327ef5d43eL,0xae143205c77025c7L,
-        0x4bdfc7caf3484e3eL,0xec939895df52c075L,0x82e655f6d7a9cac0L,
-        0x985dfe208baeddb0L,0x79c817e4527de731L,0x30ce0fbc313de1eaL,
-        0x9df95b89cc4f6cbbL,0xf2aedf1ef5bb20cdL,0xfc1e0a891a8cfb01L,
-        0x225ed34a63edb7ecL },
-      { 0x3e13154dbabb1a85L,0xd3d8dae71e6a565aL,0xd3217d56ab4b100fL,
-        0xd44d934eebc78e1aL,0x0215321b48e73d37L,0xbbc90bfa201e43cbL,
-        0x3c23f1d027500905L,0x2a2e5000c86691a1L,0x08b2bad26065841cL,
-        0x15d41caf30026b60L,0x1712c2f45276ce61L,0x01c4c3e715932ffbL,
-        0x7894e13d6a74caf2L,0x02d6f5df0c0537a4L,0xa8fb7602c2b1c97eL,
-        0x612b60e5d0887c7bL } },
-    /* 13 */
-    { { 0xefd495cfba245d6bL,0x5cf0cbb7a2ce3ff6L,0x24da2ac0dff5feeeL,
-        0x90c914f8cf28c6a3L,0x72fdb50d4308a56bL,0x03dbf77913d72034L,
-        0xcfa5ec91822ac9e9L,0x0dde73c83aea3e81L,0x545ba96266289139L,
-        0xa52f648bca6acbd3L,0xff6f276e98a0683aL,0x2536d3aca378ed52L,
-        0x353c2c54885ac1d9L,0xcaff52da00bc84a7L,0x3971f81c37684167L,
-        0x0f7334e1d2d7986eL },
-      { 0xafbb5c836596067eL,0x33e54e1938c19806L,0x8285d96739cb0dccL,
-        0x2b53f43d424035f9L,0x38c531f8dfef9095L,0x90fbe8e4db0f571aL,
-        0x9a0c1ed2a39ca787L,0x2fecc1d6606f2620L,0x9dc890b172b7cb4aL,
-        0xc33ca6fbccbb7868L,0xd1b11082fe73ee49L,0x590b7d17fcb66c48L,
-        0x9356b0a686e14573L,0x75d682c4053ead85L,0xb2ae55fac54d30fbL,
-        0x67636a72f8aee949L } },
-    /* 14 */
-    { { 0x638063bcb91d6beaL,0xae263a2e923ecb96L,0x9d7b0992c627aca6L,
-        0xc6ed001a77af9e7eL,0x9214accf24aafebbL,0xa3564b9678055a90L,
-        0x00999b1ce027499dL,0xe413a4e1e46a06a5L,0xa05d13f62e51efe7L,
-        0x35e87d349ba843beL,0x0a6338253183159eL,0x6023e8ba54601923L,
-        0x9b107721b7fd1cf2L,0x46b5542bfdf2fd53L,0xb314f4f81c18af38L,
-        0x086f987660ac8965L },
-      { 0x767019548cbb9850L,0x6210b730a20d2c8cL,0x4084d0575335670cL,
-        0x3ecdc5950324baeaL,0x607fc5f2c76ee9b4L,0xf393d00f440ffa64L,
-        0xe01117962dc1463cL,0xf00b82519c7725e7L,0x35e607365bd1d186L,
-        0xf3d8554c2cf72aacL,0xb4dd0fdeefa3497dL,0xd712268cf646ad11L,
-        0x07c20afb9f7b8eadL,0x630969d4fc06dfe5L,0x76b7df1c7245549aL,
-        0x681f9403e61ae810L } },
-    /* 15 */
-    { { 0x7cad5163c9a0623bL,0xdbf8295767fab8d4L,0x2ccab0ec81af7c7cL,
-        0x469e38c8e966d5c2L,0x34430d52f0d4e41cL,0x426075a2a52b359cL,
-        0x242dd3e333bd0127L,0xcda3f6359fed2341L,0x4df33730d7d52ffaL,
-        0x5fff56f07640c3efL,0x4783c21c1bbde57cL,0xd8784a2aeb8bb336L,
-        0x1ec7c533ead08405L,0x4b7f1423f9b62bd4L,0x5543145c7075d4afL,
-        0x0c9de94aba60590aL },
-      { 0x8ed7273595d5682bL,0x711c42832ec276edL,0xd1f4aed58b36a0d2L,
-        0x62ab40c48498a88fL,0x58c8fc624480f451L,0x8bc8ca4bb79cffe2L,
-        0x90ab583c701a359dL,0xaee31a733fd5d15dL,0x02a5597bc912333cL,
-        0x1019cae4b6c3e3c2L,0xe513042c29938088L,0x0e00283df47c8199L,
-        0x90d68e58f2a00e92L,0x69e2df41a775ae3bL,0xb8d2eca5871c30b2L,
-        0x733dca0ebb1de396L } },
-    /* 16 */
-    { { 0xf5b495d04b59213aL,0xca6720398d70200eL,0x4bcb09a62b6771c1L,
-        0x26adeed42b9eb0cbL,0xeb5447548cdba212L,0x0e1abfcdf08890d1L,
-        0x52509963698e46b4L,0xe1bff0b082e9c138L,0xa189e4cd51099a71L,
-        0x2360c9bcc9b91cc7L,0x9bd4d7dc137ec4beL,0xd0356521d1519f6eL,
-        0xbf5f6d78cf832503L,0xe43010318deea2b4L,0xc3132494ef4c319cL,
-        0x2ab3bd470f1fa7d7L },
-      { 0x5753b680922c9fbbL,0x869e7dc80f16c6d1L,0x83445135bac16efcL,
-        0x4326a3b4846d1d9bL,0xb517fee3b2d62c21L,0x6905afa20b292ad5L,
-        0x2a57131a2cadac13L,0xcd904d8febdbca8dL,0xdfeda86f3f365fb2L,
-        0x7097b208dc7eaa1cL,0x89a35a84a45e77c0L,0x417a062ccf5d118eL,
-        0x3c0c04a81f6e99e8L,0xc44704b0ba7a087dL,0x6f8a27d13ea22ad2L,
-        0x93a4b4164c27d229L } },
-    /* 17 */
-    { { 0xd4271bc11f1efb7aL,0xae4e68e633fccc0dL,0x9d9bc8f1b11f50a8L,
-        0x5430398faf076089L,0x45e242fb443d0e03L,0x73ec2519f6e3d4c1L,
-        0xab70f790ba9bad09L,0xde612ad5f9add10fL,0xb837e54e14e942b4L,
-        0x175a56d3ddb8b68aL,0xe85b233c1ac2a408L,0xf8ff6c30f0c80f94L,
-        0x4b7f3fb7898db4f9L,0xa2c6044f45a7dcddL,0xf3abb2f6fe3d3895L,
-        0x342ce0d732ee7763L },
-      { 0xeb261394cf491b1fL,0xdcaaeed71909e395L,0xdcc4055a9fe4dbeaL,
-        0x17a6611d493d604dL,0xba445a3a1ce5ebefL,0xe82e2858e3989cb5L,
-        0xb96f428283f58406L,0x99877b99a156cf55L,0xaf906a664e166a0eL,
-        0xcea1d353b2976d13L,0xefc16f2736c61a01L,0xdb04c433b0f55d86L,
-        0x3cb4b2698eb34c01L,0x38d07f782ae60280L,0x43ac3bcb43be3ec5L,
-        0x455f4af3e156fd20L } },
-    /* 18 */
-    { { 0xc057f262754ec21cL,0x3eacd4c9e3a1ba38L,0x3a0210d1116c1fe9L,
-        0xe4ea4e94eacc8ab6L,0x31c00c9aea6f32caL,0x5cb6239d86b975ceL,
-        0x654d5d8ca14ea1e9L,0x230d31f45067fc8bL,0x48bb90cb6355fecbL,
-        0x78f81ecedc172e8eL,0x288380a8cb006737L,0x19b02e01e162d012L,
-        0x0e087a06c5af145cL,0xf04dc8b7b72dc354L,0xf70ef2148de3c066L,
-        0x4f14824313009fb7L },
-      { 0x5e004fce6e2055e2L,0x89e247ea86c32067L,0x4ebcbd955f9daaa2L,
-        0xd15f212fceb7f63bL,0x5ecc5c1f863784a0L,0x53b3800b75760251L,
-        0xeb9301c38a6a2954L,0x0f16ba18a13cdd19L,0x8313d251887c2d24L,
-        0xf99235859a9413f6L,0x423405e6fe3fd7c5L,0x678aeb3416e0ee05L,
-        0x1f3be7bb3fadaab0L,0x7901fa2c82884471L,0xc950db304d662ff6L,
-        0x74d5d2d43c01170bL } },
-    /* 19 */
-    { { 0xa3002dc02b5bfe11L,0x0733410d52d321e7L,0x15920f659679ba89L,
-        0x0e248c14685b236eL,0x8cfab594346f6040L,0x9f57afb740c717f0L,
-        0x0dbab28c66044576L,0x0fa099689cdc3247L,0x41e02ae2c230ed05L,
-        0x0d961554e45bef74L,0x9688a982ce4d7b6fL,0xfadefac75e62d22eL,
-        0xaf1512a6bd2cba28L,0x78868e62be7c749fL,0x88048d81ae9f5a6bL,
-        0x6b1a5442c5857a29L },
-      { 0x9f5ab9ad43242066L,0x0afef1b52ccca2aeL,0xb1b43ec7988edc4eL,
-        0x0d0c00f10341b0d5L,0x4d68b8f7b50aab37L,0x9a8e4e6ff3a64a99L,
-        0x198338fb7f1a684eL,0x8bc0e748351a0f5cL,0x2cacf2cddac44515L,
-        0xc14d39995e9ff76bL,0x54a01b3f16393055L,0x6ac3eea5888d8376L,
-        0xb84d9a9a723277b1L,0x99132691e11dbbbfL,0x597717aeabb67178L,
-        0x4c2135268bb14ac8L } },
-    /* 20 */
-    { { 0x2e6fe0a695532833L,0xabca228ed626d067L,0x22aef3d9649e73bdL,
-        0x2083a87af03c4c0cL,0xe954e75d35169b45L,0x577509ee74506a89L,
-        0x49cb276e2aeacf90L,0x08275d77fa409f91L,0x61eb6f3df0bbd6b9L,
-        0x948202cbe4132704L,0x35f3fc21b1c498b1L,0x76c68ba8361fee59L,
-        0xa18cbbd950e051f3L,0x2384a879318e7042L,0x292abead80dd1e8bL,
-        0x65713c295c37c334L },
-      { 0xdccca8e9ceb77b9aL,0x2f97e72723b69469L,0xc76abee6a01d6b28L,
-        0x3925203d5abecdfeL,0x8944808229290d70L,0xf9931424b0314438L,
-        0x04209df17cd447c3L,0x7c6f2059c855c827L,0xd97d786256c0e069L,
-        0x5a9db6fe412d94c4L,0x19a64591994c41ddL,0x12348aa1c89e21a3L,
-        0xd6904b50c6a03f0eL,0x55c15156a616feacL,0x4e36d1b57cc7693bL,
-        0x6b0e996c3bae3c38L } },
-    /* 21 */
-    { { 0x32789fabcceced00L,0x3237e71ae5b7aa66L,0x87b2e2692ddebcdfL,
-        0xb7245120b61dad8fL,0xe11e5e48d35f803cL,0xfb4df5d798e50f0dL,
-        0x60ee68b4bcd2ab92L,0x98ab2f5c1ce3363dL,0x15ba39da7cd42647L,
-        0x1a6572eb83f4fb3fL,0x0f77de88e56f08dbL,0x1743761e172562c2L,
-        0xbe349ff88a58f0f4L,0xe04da71b84d1d6e2L,0x368f03429e9ff3b4L,
-        0x4022a205678223f8L },
-      { 0x527bbd0583847375L,0x3ae56b623f451af0L,0x6198f24d4b2c7f18L,
-        0xee323f5b4525b98dL,0xa9d8d39a0e0884b5L,0xd005d7f6fb12c776L,
-        0xd71c483e708bc154L,0x8ca6fd28742541bcL,0x0af3dccdf8397ddbL,
-        0xb80d31253eccf243L,0xc743a10858d81b8dL,0x3f48eb2171391f68L,
-        0x493aff8833bb657fL,0x1d15ed6607e47e31L,0x10159b11e08279f6L,
-        0x312179cb24a6a956L } },
-    /* 22 */
-    { { 0xa94cc3ca07615ac2L,0x85865e64121ad581L,0xae47616fa7986b79L,
-        0x395a40eb9d5e0f1dL,0xa91432643d9457eaL,0x8de6d6a3fa2865d9L,
-        0x0771db961014ae8cL,0x77a7cce6976a87cbL,0xa7de42e1143a0f60L,
-        0xe203cc09d993d934L,0x9201869398ec4c3dL,0xd77546d83a25df4bL,
-        0x0ad9eb4762b02d6bL,0xfaaaf208d05a7189L,0x5238181f431221bbL,
-        0x417d6c78733511eaL },
-      { 0x3cbd81b70e91e9a8L,0x73340418c370d6b3L,0x825db10a8eaa2373L,
-        0x8f2b09e46c7d6756L,0xe288ee9b94c33dedL,0xcd8426bb1695e3fbL,
-        0xa6176c86dce9e888L,0x3f4c89226165e362L,0x514e411f6063fb09L,
-        0x6907ac20c8f9e04cL,0xcef7469cdfd2ad61L,0xba30bae48452199aL,
-        0x3068129312ac3462L,0x011be873c92d482dL,0xff4cbf89e8330995L,
-        0x02189d52d1470a0aL } },
-    /* 23 */
-    { { 0x73e419dd92599c69L,0x5b94221b7fec32caL,0xb2bf9bd209bbfbfdL,
-        0x61ea97a463ed895bL,0x6609146b3f486f79L,0xbd1c7a05fd141a39L,
-        0xc79ec8cf83d64135L,0x7f8fd42f9883507bL,0xafcb53b717b3d027L,
-        0x86658dcd67ca5a21L,0xa6a6c0accd149786L,0x16f3d70e34b95067L,
-        0x371208e3df44958cL,0xd2dd64e6ec280212L,0x33b2c4ab30782c71L,
-        0x7bbf8abd521176faL },
-      { 0xbe9e4aafa78b981aL,0x788b4e36304ec828L,0x0c45cf393959dea3L,
-        0x70a9bdd3240b39c7L,0x499cd7dd28383b7dL,0x30690b2e307a1026L,
-        0x2262d598ee92f1b3L,0xc62d77deb4725a48L,0xa16f25bc7bc3aa0eL,
-        0x62dd8b65d15ef7faL,0xd979221d0b96d68fL,0xb92885c3a00f1906L,
-        0xfa476b9beb74c740L,0x217ddbb5c7576222L,0xc2782c305788504fL,
-        0x860d096cf812716bL } },
-    /* 24 */
-    { { 0xfebc337d4d79bbf9L,0x5d53eab869f74f80L,0xff36a09533104d53L,
-        0x2ab820da196f8b97L,0x961d3d1f75ce6909L,0xb197ec0404683754L,
-        0xa68ce1bf93a6cb9bL,0x503456ffc5f021a3L,0xb50a2db18940ffdbL,
-        0x77c50f8fef004209L,0xd635d17704965875L,0x725766d98bb8770aL,
-        0x8e19b028a078e53eL,0x364d4ccaf9fc8378L,0x1a3df411f0dd39a0L,
-        0x7e80e44203adf920L },
-      { 0x4b5f8a57539a1ddfL,0xd248e7aeee486562L,0x1c7b491d816021e1L,
-        0x2e7b871bfd36d2c4L,0xda38b5040aec00d9L,0xf28276126193f1b3L,
-        0x69c3fe86fb1f78d6L,0x56c8b786e827ac33L,0x1687f6c73487c8f7L,
-        0xab8f221719dee5bcL,0x04e8473fff399418L,0xf384c014a9027c80L,
-        0x9967be9aaa1d2e28L,0x869686d3e065eef1L,0x737c6b08c7bd837cL,
-        0x5dcab5d19e8bd863L } },
-    /* 25 */
-    { { 0x0784283a9a7d772bL,0x6b49e525e540959bL,0x546bb00886414ab5L,
-        0xd44481629d74b2a9L,0x267890ad203b0b1bL,0x1e7a82bcc8d3f86bL,
-        0x1352bfb5d85a83c7L,0xf29f16e3fad07ccfL,0xc02a63b841e0c43fL,
-        0x904f22c56b379fefL,0x19d8a653b1244f26L,0x6635b6df3a28bdeaL,
-        0x18b68851f6d455ceL,0x74ac28189cff3735L,0xad40f9df8b2cbdabL,
-        0x08cc2d9eadc9d498L },
-      { 0x2e6a6866c170c84bL,0xbb989e8b5a49a484L,0x7b0e00e0d04c8992L,
-        0x55ad347861b3a423L,0x3c952450b0d01899L,0xe3922155e3100cb3L,
-        0x19265b6ef03276d0L,0x0fe8595a76d42b53L,0x0a96dee0fc6353b6L,
-        0x761e0dc8246f893eL,0x4ec902bef0a74cbaL,0x610086843fdfad9bL,
-        0x5d6a60e44fdb6975L,0x3f53aac87ef7590aL,0xd29e6be012870a37L,
-        0x991fadc155aa55b0L } },
-    /* 26 */
-    { { 0x82bc4b0fb4844ffeL,0x7392271460f8b871L,0x8ac000e24ce3f1f3L,
-        0xf0d548b4163519ecL,0x7aaf842b88288b5fL,0x9e8b0c4c2bdc9a70L,
-        0xa06d51524ba5fd67L,0xd0b1afa0f93cdec3L,0x280955badf89f8f0L,
-        0x86cbe92deea32c92L,0x0cae3f993fe05be4L,0xf2607095fa6919aaL,
-        0x0f54741e6e0f1b8bL,0x2aed1f7430ecf988L,0x9296f76b734991d7L,
-        0x66cf8d28259f0fe9L },
-      { 0x9b01905b226f5868L,0xc102e88c16909e9eL,0x2bd089164a37eb54L,
-        0xf72253e8c9816323L,0x37f84e9d86bac53cL,0x2e352454afeaaaf7L,
-        0x67c86f772ca0046eL,0x86bce50e6663372eL,0xf6a3a960b6950a04L,
-        0x61f994d7fc1aba93L,0x1957c12bc1326e6eL,0x9b658fe42e56b005L,
-        0x9cd297fc8592740cL,0x7654ce9b177f26a5L,0xaaa699dba79d2ebbL,
-        0x5fca0c5a0ecb6448L } },
-    /* 27 */
-    { { 0xe26e25f3569a6663L,0x09597ee7e6aa4ca7L,0x25a4cda68d18b80cL,
-        0x450602b522926730L,0x9af5f65007387209L,0xfeeedb3426733a53L,
-        0x0f5ce76886572951L,0x872a360b8398ae9aL,0x60347a802b30f6c3L,
-        0xd2113b231a162158L,0x6fd9cf92ee6c6decL,0x85f0a5a85cbcf9e6L,
-        0xd7a5a6e42ba3fe84L,0xaafe672051ecd727L,0xe09c6bb2a2081a10L,
-        0x657acbf0b973b0b4L },
-      { 0x3130466fc274c8d4L,0x4276517630a994d1L,0x217258ca7079435fL,
-        0x44850406eb897a06L,0xf38dfeee561ee130L,0x11f4facfaa1778bbL,
-        0x765c6617b9abb9e9L,0xb135499bd8f10932L,0xc0eb6337a73b9159L,
-        0xf2c1ccf16f7e8b6aL,0x5b32c03a187def53L,0x89ad1d49830b9c62L,
-        0x1735eae32f10e538L,0xb1cbd9c29d5f55bcL,0x42428c47e539db0dL,
-        0x3d2da412c852b3bbL } },
-    /* 28 */
-    { { 0x97702b6e871f2865L,0x56cb639f142920d6L,0x328522a045b58611L,
-        0xf3943ad1f3b13812L,0xe6c2200a712206e8L,0xc2890e5aa34d59eaL,
-        0xab52fd40f6b7f759L,0xf522c8de180bf567L,0x181e97b2accee396L,
-        0xe0375819c4ea5cbbL,0x0d9985e8ab51d3efL,0xe26c96cabcb50fd8L,
-        0xfb9d6b1397e1c80dL,0x582b1814f796357dL,0x89a7822107f4c7fbL,
-        0x02aeef2dc0357e61L },
-      { 0x2ba7926f2c7ec9beL,0x292f307e7258b201L,0x74e62a10c6fa6b4aL,
-        0x80c08549e2bcc5abL,0xb4160db87bb8c073L,0xd5ef0529329f194dL,
-        0x0eb8da146dda4a9cL,0x0b5d43d215ea23d1L,0x6cebef02fc34bfaeL,
-        0xacd364d0848757a7L,0xc14013682d34cca3L,0x09ca67421d2d95e2L,
-        0xc3fd1d6e786eaa28L,0x9eb1136da2965fecL,0x48871baac0779203L,
-        0x6b446c014b15aeb0L } },
-    /* 29 */
-    { { 0xc819eb2e25e8fe80L,0x2b5f790698238a17L,0xd6f1e99681e41849L,
-        0x58ad8ad698ea6d45L,0x5bae5ad4bfd02e40L,0x016dc327a812416dL,
-        0x8b31a985a3347ca1L,0x0b4da61082a65391L,0x1cb91b2db48c35fbL,
-        0x9e96817cd2aaf8c4L,0x1a630483cdfdcdc0L,0x7055936112b69254L,
-        0x5fdcd712f8a2a097L,0x59ab623a35cc5281L,0x30c8ebe0932b6095L,
-        0x8613424bb08e052fL },
-      { 0x28902063b2231d8aL,0xb0f62329d9a61667L,0xaafa0fe7071a9f27L,
-        0x6bcd8960603f047eL,0x118cca76fd92a1c3L,0x3414e62b71d483b6L,
-        0xa123ccddba705262L,0x1a576437fd9b5c5aL,0xa5301bc24c8d0fa3L,
-        0x96f0ad44102427cdL,0x0e6fb5e0d3aa6c02L,0xcd8c4880072a3996L,
-        0x4dafca12840d3fadL,0x29f4ca3dde91d541L,0x0037c5988441734dL,
-        0x86333a999ccfe57cL } },
-    /* 30 */
-    { { 0xd213a751ecf53b40L,0xcff2c6f22f78a542L,0x0f59f0e2f13ae56dL,
-        0x91f8ccbf0e61748eL,0x0aadecb9d72c4145L,0x6b2ed8524c9cdcb7L,
-        0x8e00b72c1eaffc70L,0x89b24285aa728102L,0xaa7ea7e0b679cafaL,
-        0x5d2b8c264f0a6f6fL,0x7ed7b1730e804397L,0x5a93eb45c8573049L,
-        0xc92bf5d40986e93eL,0x526b5a9c6a20c0afL,0x0adf47c9b99dc3afL,
-        0x12b25fe2ba202cc9L },
-      { 0x09b8d78a33eea395L,0xc7a93618f633fc5cL,0x7e821629270eceefL,
-        0x524779b8c628ed0cL,0x91db5ca1a1d68939L,0x8626e18e586edc90L,
-        0xfe023e8bfeb3f3bfL,0x6279fde10250171cL,0xe52ec7dc55e172deL,
-        0x445e8695c6d4ca45L,0x42de3878bdbc10f1L,0x2b114de86fc3835eL,
-        0x9faba4567e10b652L,0x4111d82a390e78feL,0x576b61c2aedf0acaL,
-        0x216279a974accb74L } },
-    /* 31 */
-    { { 0xc14cdabf4047f747L,0x03ca233dc1315a1eL,0x59e7cbd340e5d0a7L,
-        0x1fd0c4e9bb413869L,0x189d08b10f01fbd8L,0x50449c42a76b823dL,
-        0x81c224a1398b00a1L,0x08084e4f8e8179e4L,0xfd8af994698e41e9L,
-        0x1e30e37c5610bf2eL,0x4e6a043fa7d2790fL,0x9d96e60cb3195388L,
-        0xe75f986d03799dfdL,0x3b4a8f11f8ff902fL,0xfa9453787588416eL,
-        0x20683e3f9827535eL },
-      { 0xcb582e26d0378878L,0x9e214c23a7945787L,0x13d000bf8f6688b3L,
-        0x7548d4f540515270L,0x7113c15d40111f5dL,0x3bf5a526a8bff902L,
-        0xbda6b0109b4945ccL,0x83dcc74ebc2f3a05L,0x2aef628443efdfa1L,
-        0xd2e60ee9565c5bf4L,0x4f0fa10d592f243aL,0x6ae58b321bc3bf51L,
-        0x813b086860576a74L,0x0bc023f84d73081aL,0x9fd03aa032dcee59L,
-        0x5e416bf527d6c795L } },
-    /* 32 */
-    { { 0x24313760026cc23cL,0xf819aaeeb5b29058L,0xa92272f8c5d2ee17L,
-        0x8048e7cbee5cc402L,0xdbc7d6ee77def07dL,0x61d69244f6af821eL,
-        0x5f7966ed996cbb89L,0xf81b17ea96a155a4L,0xb2d9ef7003f3ed56L,
-        0x5e6e5906e882a5b2L,0x86fa1072ae947180L,0x34d9fc51658c76f4L,
-        0x9f603dc0cb035aa0L,0xb7b39feb75be6481L,0xca87554acf04a9efL,
-        0x4ff682ec87b4fde3L },
-      { 0x3125627fd0a10ad5L,0x7fd45c72968e6f45L,0x2981bd6b806a1163L,
-        0xb92de1cdde5033e3L,0x3b44b45ebf4f8988L,0xca1b9896dae7e1dcL,
-        0x52166e5a0778d878L,0x82d472bea5116847L,0xfbdd382af2895445L,
-        0x22ed16025d6ec4c9L,0x3614eb1cb6552b02L,0x63c5df73a1e6210fL,
-        0xe9160285021a74a7L,0xa44ca400c65cbd4dL,0x48cb187e0f15e299L,
-        0x51eb818e3402507cL } },
-    /* 33 */
-    { { 0x1fc1d178b92100abL,0xdf2e3d609605b839L,0x12a7c255b71e59d0L,
-        0x3f8b667514fcbe04L,0x0e8a393559fd06afL,0x5632650212020d07L,
-        0x6696fcd1528e7be5L,0x6588514b0c7b7654L,0x0cd80f8c5912a5b5L,
-        0x8bafef04f324cb7fL,0x6b53eecfc6da3d75L,0xedef48d831d1df2fL,
-        0xf336b96573812b6dL,0xc82eae4aee626031L,0x300abd32d244f09bL,
-        0x8b0af95531d9647fL },
-      { 0xb770180a2e603544L,0x2b573ac3221acd9eL,0x3a17f66562407032L,
-        0xad3e74adb89abc3dL,0x8a3d2e3ad793225aL,0x457bba04ef02564bL,
-        0x8875652ffc2dd2b5L,0xd2905d15e67143e8L,0x6d884b4202e48d70L,
-        0x06f99219c7636a57L,0xa8dc342135e378dfL,0x95c1d73d10c64a02L,
-        0xcd6a4ececc157a66L,0xbadcc1c88e24a354L,0x8024f1b29839329dL,
-        0x5363e5494da48ad0L } },
-    /* 34 */
-    { { 0x1f5523b7e23fc641L,0xfe54e72f86667063L,0x294a15f58e009d2fL,
-        0xf203997f8c57f5e1L,0xa229724cb16d64dcL,0x697be4fd4baa2ffbL,
-        0x3f507e460a6e8ed6L,0x0afe3a5d78508536L,0xeeef6cdd95408208L,
-        0x701fd889f2c4237cL,0x496d883a5c385253L,0xe25c67ed72a212f1L,
-        0x4b4167831ff78fcdL,0xe9967004c16f4146L,0xfa45c3a1c45b0697L,
-        0x633340183fbd30c3L },
-      { 0x39c9a0cca2fbbbceL,0x876f6e5caa0cb744L,0x9ce6010e3438ece3L,
-        0x0aad148e13802d82L,0x9c3e5c609cd45a1bL,0x875cb8597bcfc1e0L,
-        0xb19ff790d8584dd0L,0x2598b81ed81c2a2bL,0x118bdf2f02be07e3L,
-        0x074fc8eeb9765ce9L,0x125e9d88b24f95aeL,0x3bb12cdc0c98f09dL,
-        0x4a6aee07a0b74b27L,0x4723d2f9c08077ceL,0x959447d6bea8026fL,
-        0x93a7075c16280b73L } },
-    /* 35 */
-    { { 0x26bbefe2715b27f9L,0xa935a5e22a280923L,0x5ddf23affd58a26aL,
-        0x54c83e167c138694L,0x44799bc9892a2153L,0x4e6e47109b8d09f5L,
-        0xc63af616d588ea68L,0x5e896706883ab1b6L,0x3c1393a03d209336L,
-        0xd02f292192c23ddaL,0xab70cb7adcf6ea43L,0x12434ea8791559e1L,
-        0x040680db6d70ff0bL,0x1a10fe522832ba45L,0xd69f9c08e5f0cb8fL,
-        0x1a7422ac44b141fdL },
-      { 0xc3a9dd2e9f40b675L,0x2a7c6603fcc71f39L,0x18939a611948e342L,
-        0x8f3b6158ed0ab484L,0xa3aa7d97ee31ca6bL,0xbc1e865ef7a8db63L,
-        0x315f8c092c7c62e4L,0xa260788f9f5c6d0fL,0xb18331294b6f3ec5L,
-        0x73adbcd636b4d849L,0x66e14890bc699a9bL,0xbf3790d82a1175e7L,
-        0x7f43605afc53ca4fL,0x577f6c4787ff6091L,0x827c7552600c82b6L,
-        0x0944d6309d25599cL } },
-    /* 36 */
-    { { 0xcfdeb63ee6ab9620L,0xdff4fa6d786cd808L,0x145edd82456320b3L,
-        0x2ae5f862c4943915L,0x9508e813b73b3f87L,0x3bd805f3e52f97a9L,
-        0xf71b5c28c9829b62L,0xb394c70e86e0cefcL,0x534fb1a923bdb36eL,
-        0xd64f5862dbe27e5aL,0xbae23df383ab6169L,0xdd6df1b127c828cbL,
-        0x1901899f3a307a8aL,0x36cc8659811ddf66L,0xa3cb777479943b77L,
-        0x7d89f3836fd86576L },
-      { 0xf8564242c9f92b2bL,0x700c6a75c46e32bdL,0x93e768b77f99a5c5L,
-        0xb6efe85803149568L,0xbbfe8a19c2ce6709L,0x721a3b1bee6ec493L,
-        0x26eeeea9c371c28dL,0xd798115e15177e1dL,0xd7bf3bceb068a5a5L,
-        0xdf8da22046d2b4b2L,0x3df0995b59be9dfcL,0xc96897bc77640b79L,
-        0xce0cf4c25a2bd3c5L,0x16f45d6e89afe744L,0xb53f3acb3a8509bbL,
-        0x449af81f63f2a6e6L } },
-    /* 37 */
-    { { 0xc2fcf132a16d9377L,0x9ab377b37e1a2f9eL,0x72e1a12e86d19ae5L,
-        0xd2b12e66d013bbb1L,0x0972e055cb5f66baL,0xd11de1c0399eab50L,
-        0xc1f314fdc65f5ec2L,0xfc3118418a9ff593L,0xdf73c1ece05246e6L,
-        0xc28d13631625056dL,0x30a9dbd76fb25e19L,0x049ed244845cd2d7L,
-        0xc779b83fd36e852dL,0x85a35fc7f68c8a83L,0x299bf1e1c95e8033L,
-        0x0e8617c320891af5L },
-      { 0x5372060267c81b5cL,0x2fa89dcde737873cL,0x2a7430b0a8144fd0L,
-        0x3006c5a726208c83L,0x4e066660d8ea40f5L,0x9dd025f9896413a4L,
-        0xbdf380cc46b9149fL,0x801566190a125cc2L,0x04d6a3b752793c37L,
-        0xb60013746b7a62f2L,0xa9cfe268585d5978L,0xdcad0cb88395fe66L,
-        0xbab468fc46b261f6L,0xca0ef5ef9d9d9218L,0xc507d4a85e452402L,
-        0x6f4404f1326cf687L } },
-    /* 38 */
-    { { 0xa3e1920b4febd3ffL,0xca6234d8fdfd2bbaL,0xb7d1af2ae19a9829L,
-        0x23de1610c6f5bc20L,0xe204dbf3daa39ca9L,0x2a2de9b86d8c70abL,
-        0x272e0c377c9d370bL,0x80914c06e565510eL,0xb611e7a857cbb6b0L,
-        0x076fc6efd8266a6eL,0xdfac34ee3095801cL,0x69ff40a2b9e24063L,
-        0xa7ba31a9787aa5c5L,0x0e4d1fdf33c70cd2L,0x903e31326895f074L,
-        0x905771f87fb671e2L },
-      { 0x5199ba0da4062beeL,0x18e7238c94d7d9f9L,0xf53f29bc1e0922c0L,
-        0xde9b2a81b12d855fL,0x649f3eed6d68ca29L,0x64adfc34c50c097fL,
-        0x81964ab99db398a0L,0x00d59c477a587224L,0x09fea39674c5903aL,
-        0x6aafd8ee15043dd0L,0xc5721a6e5f1ecc20L,0xb6d6a4830db9b7b4L,
-        0x06ffc61766c8d52aL,0x3de241d6acc82a27L,0x0605f05227f2f7a8L,
-        0x6a22953b6404deccL } },
-    /* 39 */
-    { { 0x92452d8f74fce389L,0x059634c02afa5564L,0x9377ccbbf0ed7825L,
-        0x89f4045b37718e0dL,0x11074e7d9fa69a4dL,0x5d70bb077295b0baL,
-        0xb22d54adf107ede6L,0x5c39a3d8a1a29c7bL,0x37236c02d795e3abL,
-        0xf7282d002b589951L,0x5e2265be5790bee2L,0x91e0ea11a8e65ea2L,
-        0x0e71a7086001cebdL,0x16900f5a2c1c5402L,0xc3b2d5c0357f6981L,
-        0x528c9ea0619e3427L },
-      { 0x1edc86b45f26c577L,0xf80747089438bd45L,0x2dfe1013792582a7L,
-        0xe08eaca0de1e569fL,0x5f952efa9a55a356L,0xa4d80b53e4976216L,
-        0xd2b65855cd5d71f2L,0x246704bf66cea3f0L,0x193f641f492323caL,
-        0xa681855c9adb1325L,0x86d522ce2d19d652L,0x53609f105b82ed7bL,
-        0x3b0f00948e150d29L,0x23ad8bfb0b13e891L,0xcbb1556cf794b449L,
-        0x200f9093738bcf57L } },
-    /* 40 */
-    { { 0xf9b22fc58388387fL,0xcf26f17028e883c5L,0x447cab90d1b7973cL,
-        0x8d5d4ea2f6ec9171L,0x2e16f498c30cdbc0L,0xdc92910c48623c2bL,
-        0xeb1491b030dbc545L,0x631deb2e14de21b0L,0x04a210662fe830f4L,
-        0xa4c6979c379c1f3fL,0x8a732b68fb06a795L,0x3a44327a1619dfa9L,
-        0x91a307d38dbe2c9bL,0x939bc8d203989feaL,0x3daabaf20f4a331fL,
-        0x5c307e98dd0f55dcL },
-      { 0xbbc4e0c435b233daL,0xe3d2908522f6f985L,0x99dd2d21a8b02468L,
-        0x978f40e9a96916e7L,0x0327d86c614bccedL,0x95e95502b290762cL,
-        0x0ffd2197a879f2edL,0xc436513750e0bd33L,0x26c3148a0827c4c4L,
-        0xc79812a83fcfc0b2L,0xc3d8d17e31928589L,0x8b572cfe8830f42dL,
-        0x7cd9ff924b07f83fL,0x331ca9500a51148fL,0xd0c539684c59f9acL,
-        0x1df16dfac1434785L } },
-    /* 41 */
-    { { 0xcc7bb4ac68bcacc3L,0x06ded34f430f58cfL,0xc59f9f4fd461855aL,
-        0xf549199445c9f0bcL,0xdc5f7ec64375c892L,0x1b8708f13c85983aL,
-        0xb32a5cc482fcd087L,0xefdcdc352d6b4c0fL,0x4bb24f048ac6fb2dL,
-        0x5982d4f533906471L,0x162eb52fb83a3ac4L,0x7130df282337a223L,
-        0xdce7b802cbc3dbd3L,0x8b3959592467ac0eL,0x21d3d2e81b56717eL,
-        0x729a7f5046512617L },
-      { 0x874ed1aa8420f90aL,0x6368e19e0fe4c855L,0xb62d4aaab0be74afL,
-        0x76fcc4808ca60ca9L,0xf310b5a57645a867L,0x131bac9bddb1b24cL,
-        0xef77d71d2dea5b44L,0x4706d21072fcc64eL,0x29b92691673d77f0L,
-        0x22e00bf3e89e0663L,0x472d0cd374077d40L,0x3e21040d829232e2L,
-        0x2f916dfb38dc8533L,0x48bbb59b14b8f667L,0x19de9f4ad44be19dL,
-        0x7f6d3649232d9d5cL } },
-    /* 42 */
-    { { 0x3bd064de6e794819L,0x5a6b694ef82ebda1L,0x1f017fe0b91e2804L,
-        0x190d31f307a43cd2L,0x6c26f226630433e9L,0xba488aa70abfdcb4L,
-        0x418d9085a46411c0L,0x1b934fe6bffb5880L,0x75d1e237e200f849L,
-        0xdf04d63fa55413dbL,0xe216ed75e23b3f77L,0xa05866cb0f91bd30L,
-        0x84c395d97729c509L,0xec97e188452ab2d7L,0x8cb7c1f90093d686L,
-        0x2d032395628f086cL },
-      { 0xa81c94074a44b4c5L,0xb9846879cc702c98L,0xcb502287ceb0dc97L,
-        0x303011266e3aa321L,0xc0ac8763e4c256c2L,0x65034d20e55b4845L,
-        0xaa96a040f240f35bL,0x046d26d37cf7eedcL,0x62a5a8e13b810656L,
-        0x86044b9783d70c2bL,0x2fbaff8859e4da8fL,0x929d901a5457f5d1L,
-        0xd29e1eb2b531b757L,0x214dabdc9e4e9739L,0x5bd724fc4eaa9bd9L,
-        0x734c12b31ef9bb9bL } },
-    /* 43 */
-    { { 0x98fe3c2e92f9b086L,0x4641b93eb3fd4544L,0x47ce208b5c02c65cL,
-        0x8a52dca1c4f03242L,0xb5ec17d9679d29f6L,0x11d2fed09406f5f4L,
-        0x260f63dc0d9ba811L,0xde2b056f15472a3fL,0x1b170d9f007290e6L,
-        0xa2e23e8db6b5c8f9L,0x345a2839cf34c3eeL,0x9bdc54611b973ee2L,
-        0x65bda6c2bb24d1c5L,0x97d52ba33c6141a1L,0x47bb16129d2eb201L,
-        0x7c558a8721fbe49fL },
-      { 0xb9485a523f350fecL,0x016678c56a38d4c0L,0x8ef346a20d5aa64dL,
-        0xb85daa02d96da2e4L,0x845ec4ea4f647b3cL,0xc0d1a6ca0d5e946cL,
-        0x41d8d1c14fa9f4abL,0x43972cc59c8b1303L,0x67e1f48d434ffbfbL,
-        0x350ce93a819d2318L,0x49f530906ddef23fL,0x3c2e6cf9200cf12cL,
-        0x42691cc1640432fcL,0xbfff74b472496b52L,0x44527c9f020a97beL,
-        0x34cd7dca7b3c4348L } },
-    /* 44 */
-    { { 0xf031761a59e7fe87L,0xb1eae31a0047cd72L,0x27902e68fae30f62L,
-        0xa666f48db71db143L,0x75ee66780e0038f4L,0x3b45ac6702bdd76dL,
-        0x0d2fb828a0d6cd5cL,0x27ce7f1d9d8c5b11L,0x141fe0e4120b5e96L,
-        0x95a1b984b9267c37L,0x5206e589d60312cdL,0x1867342eda549356L,
-        0x374520b9070c74acL,0x2703cbb59557b0b3L,0xf621f59ca6ed8c14L,
-        0x7ceb1cc2abf7b887L },
-      { 0x0647a5bbdb7fd65bL,0xd8d45cc036c9457cL,0xc6da99db9e12718aL,
-        0xed1dbbf4e93a7fb1L,0x4512c95cbd1566a1L,0x4861ba00dbc0c919L,
-        0x3c6cc2989e7f5269L,0x671961500941aaaeL,0xbfcf5d0fc8c538e3L,
-        0xad6e9929a25a551fL,0x9071098517ca0f26L,0x743b78eafa89ef7eL,
-        0x39d5ea3171ab4549L,0x7442f3f3e6d1c36dL,0x25a683e0059d568dL,
-        0x1f629a99227ced5cL } },
-    /* 45 */
-    { { 0x8925ddace45a1c3eL,0x72d2936541f7545fL,0x45622fcb37e7f828L,
-        0x882345133e4c79d2L,0x5dffaf849c2645d6L,0x3078f4dd994802b9L,
-        0x566927f09d339fa0L,0x9a500a1e9fd91dccL,0xce0081800ab0abd7L,
-        0xd97135a38194e5dfL,0x9e87630798adf088L,0x3baf01b89a45a2a7L,
-        0x6fed6154788b4399L,0x980e5722e77a997dL,0xaac90ffa2a378eedL,
-        0x4a75fda28bd805a2L },
-      { 0xd09a8fbb55e74cbcL,0x737738cefab18f25L,0x0fc23ad69764ec3aL,
-        0xc5a7d35be7e0ad31L,0xe75e068ee481cc9bL,0xf0c2ea993d4aec34L,
-        0xf1324fe80d4a63c4L,0x5dbb7c1699b0592cL,0x442d674da7e0f46bL,
-        0x5a5d66c7a300faeaL,0xe83dc8213333ac83L,0x70ef812e8c408496L,
-        0x96e1dcb699ef5fc1L,0x6e2b771b1734e862L,0x04629cdc583507d8L,
-        0x5819f9ae23d8179aL } },
-    /* 46 */
-    { { 0xd99691216aa78811L,0xf64ee8f42103e7c3L,0xddf0107022b9e698L,
-        0xe6001f9e4f582cdeL,0x24a608af2ecfac1aL,0x6ef4c78406393009L,
-        0x5262eae6ebf72911L,0xddbd0af58c4ee5a0L,0x875aff90ecd87bc7L,
-        0x2fddb34c6f24f114L,0x48104281e865f172L,0x95692426886c1b9aL,
-        0x6f5f32089ef4231fL,0xaf587acfd0a7e82eL,0xd65719179ac395c8L,
-        0x7459603c1364a750L },
-      { 0x1c2475bff41ae519L,0x34401fb14af8f251L,0x70ddfcd2aefb2c3dL,
-        0x9b2d385b51cdaf08L,0x8531c2568208bb19L,0x16c89df64c33f3f6L,
-        0xc23cfa9924571769L,0x2339b51e86d010baL,0x08db0e8d22638313L,
-        0xf769e17900fedeb7L,0x3fd96dcba3687ef1L,0xcd046b2391476475L,
-        0xf3ff20640c45c8ddL,0xefd167bdb8343d78L,0x493ccb6d4b77ee90L,
-        0x33025513b3cf7b45L } },
-    /* 47 */
-    { { 0x36f0046935eaaca1L,0x0c384b7589119102L,0xcb375665e6d2954cL,
-        0xcb9199b9b1e9d6d7L,0x75852349c29c2757L,0x89cbd1bab8e738d0L,
-        0x9b8dbe905923a427L,0xa237793e18fe1889L,0xa4271757a742e083L,
-        0x8c4979d24eebd613L,0x40325054d4f2cf77L,0xa3b8a091958705deL,
-        0x1b191bd933d999baL,0xbafefba43b0fee1eL,0xb3bad1843facdf14L,
-        0x9328adb04387561cL },
-      { 0xabe84e80f906b872L,0x705523a078262665L,0xd89c6a7e3398ccf7L,
-        0x2fab551df55b5323L,0xa0578eca0554dea8L,0xef26523d375589cdL,
-        0xd8fd6242864ad750L,0x93f27fc5178fe1feL,0x7b3e6f309df87422L,
-        0x2862e49e3750d054L,0x7d90c6b25dc038a1L,0xc1a1ae2284db682bL,
-        0x47f3dab79881930aL,0x30e6bd52baf3e0a4L,0x0680025bf62d25c5L,
-        0x0aa1f3cfadd0d5e7L } },
-    /* 48 */
-    { { 0xa982219022a10453L,0xdd1eb91c2a03a10bL,0xafbb5d9596646f3bL,
-        0xa58de344f38b6fc6L,0xce47c3e5b8cfca1dL,0xfcd8e16d0f70da04L,
-        0xac44349bda262ed6L,0x9320d87bc56e2f8eL,0x9ce3ea0819138e58L,
-        0xa5862dffa2b236c0L,0x6b0f9a5c8e7efb0dL,0x4b53432b16ac78ebL,
-        0x6ff43105709b51afL,0x08e236f88f519628L,0x1f93f176eed403adL,
-        0x559337e09636545eL },
-      { 0x30ddf738d8fd807aL,0xf4e0ec9dab131222L,0x14a2f4db625afbc3L,
-        0xd5b706049f12f895L,0xb46f3c23ac3044fdL,0x1b232d1ff540148fL,
-        0x61b458f539b4e554L,0xf694b24a0dd70b75L,0x0fc64299289581d9L,
-        0xc05d49beee5fe22dL,0x7af3447f6a18bf63L,0xe96a1dc27f1929d6L,
-        0x6afe6028c1551e8cL,0x27dacaf32b5d4fa2L,0x4a1631bc545c2cb4L,
-        0x930070f9b0c914d3L } },
-    /* 49 */
-    { { 0xd2f32c5e69a9bc05L,0x0a5c19c6589c4b73L,0x095c9e5e94665f9cL,
-        0x8ab0f293bcfb4c39L,0xb90708771ddb7c31L,0x894e965866b38048L,
-        0xf19a90cf606bd9bdL,0xcc1d58dfb6fd2d69L,0x886dcc4e461d8a69L,
-        0xc455c277f9ce4831L,0x749a5996765f8a82L,0x2ffc668cc3badc8dL,
-        0x380183969112cdabL,0xa98795c3b243c7cbL,0x8775f310010a2224L,
-        0x043a2141587b5e14L },
-      { 0x7bbe9dbc3a873752L,0xee1493f42f442feeL,0x981ca2c8c18c2181L,
-        0x00ce3090e29769e7L,0xb4626ac8de768c5fL,0x33e9ce4634d7677eL,
-        0xf89c2cade0fa94e6L,0x04f5cc1141f5b5bfL,0x2565f7362228c12cL,
-        0xf1bf706a0c05cce5L,0x5d07ffffbe487c4fL,0x3ec43c09a499f1a4L,
-        0x4f4e79bb98d94800L,0x8a335a16073f12f8L,0x4bb5eaf70f970d6dL,
-        0x18d0747bf24d0ae8L } },
-    /* 50 */
-    { { 0x58d3c77c84601fafL,0xc9465be2af1c1f72L,0xff626798d116d806L,
-        0x3996c0c6d5b0d93cL,0x2fa1ad755ec6723aL,0x966a814403ba5349L,
-        0xdc4c94222ac34d8aL,0xddf471deed675865L,0xd8aca597953d528fL,
-        0xb2e463b524ebf67dL,0x258248717e25b4d3L,0x23c5adba43159daaL,
-        0x5458f9c683357540L,0xcf685da7f938b1a6L,0x981a4fdacefed231L,
-        0x711093ed08bb5e59L },
-      { 0x12aa3fc6401f161aL,0xf7358560974c5e87L,0x4aa252fb17b5df82L,
-        0xb0b82b07a48e6299L,0x0023415729dd847dL,0xf1e54d004529c5a6L,
-        0xcc1c539e6d98f538L,0x36162b5328d3abcbL,0x75a379382a84f0cdL,
-        0xf717a81b4dee7484L,0x16cf35fb4c23bf1bL,0x7fd1c29f787e8b3eL,
-        0xb7da7e6859b79ab0L,0x072100a085f6c60bL,0x31840159e7ed48b5L,
-        0x17898bda4d9c97d4L } },
-    /* 51 */
-    { { 0xcd8483d8ae1b8cf8L,0x323d4b42e9a28856L,0x7633584f204a4bc2L,
-        0x4e0b2228ca7a69faL,0x8afbda8bf757bab2L,0x85b240886cc5f9caL,
-        0x47fb4813d41a95c3L,0x3f1bc53cc2aabe6bL,0xf22cda3f1ad1599dL,
-        0x1b2ec081c31ea9b1L,0x048f304b01614ac1L,0xce31cee9c6afa7abL,
-        0x55af76334140dc3dL,0x84b7ab37dce8abbaL,0x50de7648c7cf3efeL,
-        0x73a88dcf15356ab2L },
-      { 0x3f86828806e83b39L,0x477a44139f44037dL,0xf9058b0f17dbc841L,
-        0x2db64f4f54d17549L,0xa23cea6af2307ffeL,0x393efd554f126261L,
-        0x2f4e658a10f37f26L,0xa4437ce3f4ee1e35L,0x64ef42a7a93cde8bL,
-        0x1debc9f4939aa901L,0x44223d6a3d7b5cd4L,0x789a6a11f88a3accL,
-        0x56fb9df82c608a2dL,0xe79db8e3bbf56c06L,0x73c56af2668fa300L,
-        0x52f32b17ae396a1eL } },
-    /* 52 */
-    { { 0x56f524c1e714f71aL,0xc1be12629add8519L,0xad9189d865cadbe3L,
-        0xd88bf5c85a0fb649L,0x9efa6a9221d192d9L,0xe3fe83896f724b6fL,
-        0xec3fae24b250119cL,0x4b6af9f62ae0d3c0L,0x8fceba0bd619624dL,
-        0x7dc3092b2fdb6e3aL,0xc91da3763263cd29L,0x30c0761ef95c43bdL,
-        0x89136400cdeb44d9L,0xfd7dce8443c0d31dL,0x78fec3b19871899fL,
-        0x79e14d28efdf58c1L },
-      { 0xe38222359bb40c55L,0x0a27202d0ed07a42L,0x48e6c1a94838c1f4L,
-        0x2b5f24a7d864a78eL,0x7e7f140a0c6c55c9L,0xe62c104ace12d508L,
-        0x9b0a1a7ec11b1e10L,0xfd8a275fafbb3dd5L,0xdff354fe9a3b6b30L,
-        0x5a105d9e46602a01L,0x3d371b4d93bb65f7L,0xda5cbf0b0f82fdebL,
-        0x4601229bde468545L,0x505e10b9c73d517eL,0x77cfa541672ff492L,
-        0x0d8ec28a99566ce2L } },
-    /* 53 */
-    { { 0x014cf73ecbeee995L,0xb2eb88bcd491e80cL,0x615a6cadd9aba5d4L,
-        0x2f7d46339304c84dL,0xba0501d28ab03c9aL,0xc8f723de91babb94L,
-        0xc885f97750405772L,0xb5e1d2b3c7fcb094L,0x61ee7995df96c71aL,
-        0xb8c8daab3464499eL,0xdb425ddd5f607932L,0x70251ca1b1243587L,
-        0x26d7d3be9fc74340L,0x8c179310c902ac89L,0x72522c154559a74fL,
-        0x86001e27c3734afcL },
-      { 0x13b00ba5e7693947L,0x6478641e012c062bL,0xe1a438e0e85490a8L,
-        0x5173dbbfd9574d5eL,0x9532eb8c9bd3ba61L,0x1f41bcb85f3ea075L,
-        0xac1cc2478cbb92b9L,0x0f34648e1ef901b4L,0xdd929d1ed2b3b2eeL,
-        0x470f1eabc3d75bfcL,0x5cdbc6f7139cf4d2L,0xcd86454df0424953L,
-        0x1e07981247fcb383L,0xb9f209b417df930cL,0x4225fc31114ebc00L,
-        0x020591cb347946c1L } },
-    /* 54 */
-    { { 0xe3003721275e0af4L,0x721141efe78a4a4bL,0x666cfcf6d1757485L,
-        0x5fa1d737168e659eL,0x263e3e540e2842eeL,0xadecc3d4948bd5f6L,
-        0x019de03d246b104aL,0xf8a9e903f343d818L,0xcb57ba4a5b0c0d31L,
-        0x8246c50651e2765fL,0x80c5751f6519bf67L,0x5f05c200f2119a01L,
-        0x7e6487b87821d4f4L,0x262f94aa261c3a06L,0x56cfe48972146052L,
-        0x5119985fa1df05efL },
-      { 0x5819497db18586c0L,0x004415d6c6eeaa62L,0x7c6a46b697cda28bL,
-        0x9a149b287c194594L,0xb56369fa4ed3a506L,0x7092aa6643c94cb4L,
-        0x55bce73aa9e9eee2L,0x34bb287077893509L,0x8af95fb006eb5326L,
-        0x87cd03239638f485L,0x293762685ba75bf8L,0xf32d6f3d9d42d581L,
-        0xa4cad57465c6d64dL,0x985f50fbb2cded41L,0xcf34ce0e9006a067L,
-        0x59eaf26558a57f9aL } },
-    /* 55 */
-    { { 0x7b407efb6ec3876fL,0x780c6123f0f48648L,0x2abb56ffbf893039L,
-        0x9592eaa045a91ab0L,0xce5b84d778811b82L,0x86a71a341f9f3fc9L,
-        0xc17fdd86f0e7e13bL,0x88ed8297655a0880L,0x75d6dc7481d5e666L,
-        0xeffc9df61d171797L,0x36ad4c8de3f79e1fL,0xdb15317d2046192eL,
-        0x78c9fa7a274fda62L,0x04ec924f82dd9914L,0x059d1e383a64971cL,
-        0x3b4450ea2620bbfbL },
-      { 0x3db7a955c776dcdbL,0x35c4a57c81c8ba47L,0xae285003505760fbL,
-        0xe3e80691b3aec353L,0x380335be47117be5L,0xe1c47e3a056ccf61L,
-        0x253cfdeb33977916L,0x3decdfbaf5cb7ee1L,0xf3c9794f7cf4b704L,
-        0x2401680c9ff81462L,0x4e440e11be3daa9fL,0xc5d0437769f91d8aL,
-        0x4106c7a8cb5e9c5dL,0x191909a133b7d24dL,0xe893c8383764b4a2L,
-        0x4a7fe30cc429b614L } },
-    /* 56 */
-    { { 0xe78f3a702455c7c5L,0x5b7636e870157754L,0xf32c45247623262cL,
-        0x2c98b11e1bc780c7L,0xd48eaeac915ed877L,0xbb04d3c0199265f4L,
-        0x6b52b19bcfa5200fL,0xc46a098193ea3fe8L,0xd82c733dba758059L,
-        0xd324bbd61896aaccL,0xac09a2fcce8ecd51L,0x529918fd02fc44b3L,
-        0xf0c45e4aaaa1784bL,0x35626340fe22085cL,0x53cbb676c50c7d61L,
-        0x83fa1ea365126b23L },
-      { 0x60ac86da10ccc646L,0x2ce0637f7b0451e9L,0xbbbcf6308a088610L,
-        0x23c1901920349982L,0x707fc39cfc0bcda0L,0x7f4d1f151bd4fd7dL,
-        0xd6a64e7444713bbbL,0x57bdc676c5ac9e60L,0x456c530337b61169L,
-        0xd3451396dcf40a1dL,0xf3edec254997d2c7L,0x534ae9a4c2c4a739L,
-        0x1401397e6a6ad2e2L,0x20769d4d23e95f81L,0xcee007c6de98fabfL,
-        0x61409779931c51e0L } },
-    /* 57 */
-    { { 0x3ddb32db15156623L,0x68137fbcab7a67c2L,0x26011f506f19e3c2L,
-        0x34218b0289924c61L,0x492a0b0fc6804c1cL,0xd65be706afaae6a7L,
-        0x3b13d23e0d01be61L,0x44545b47f87f4c69L,0xd42236e204dc1aa3L,
-        0x6135261d3c5161ecL,0x1eb46a63bd88bc07L,0x78c6d8361599d720L,
-        0xf6955fe169baf0f3L,0x467eebd617072820L,0x2f1b8a2a3e3a340aL,
-        0x636dac762d0b5f88L },
-      { 0x94280db9b4c80af3L,0x9a189cd14e3892abL,0x26e702e0d1477ddcL,
-        0xe91aee3868f9f14fL,0x2864f63a80baa0b2L,0xacd81f738b714a29L,
-        0x30e1b870c5fe7cb6L,0x883ea1c3b10837fdL,0x2da279536b20489fL,
-        0x3aeb2a6858a2da5fL,0xe2330bf203a8fa14L,0xb5c488b5dc70b1c4L,
-        0x0a78c4d9299678f4L,0x233bd09825df675cL,0x37b5c0767b67d368L,
-        0x2f6dbdfe4d0bef3fL } },
-    /* 58 */
-    { { 0x2f8472fd2e4da7c7L,0x708cfc91ae677932L,0x364af08a3dc268e2L,
-        0x0f10dfe0799a2424L,0xef912d5871d58bffL,0x6bf35dfc988962e6L,
-        0x28b96fa95f47ea0aL,0x734a79eaaad308c1L,0x957303379f437bbaL,
-        0x002cbd8e6cf54f75L,0x47606dcfe7632eecL,0x404b5ecb53193104L,
-        0x0ae0897c0acf729dL,0x89628b863bddf1deL,0xeced154ef87d7448L,
-        0x5cb6e197458d5d4eL },
-      { 0x98cef197008c75edL,0x7cf49d3ef6eeaaf8L,0x1d6f9e021875e96dL,
-        0xfcec2cfedd9b0d8aL,0x38a61cfeb9576daaL,0x10003f3936a7dbb8L,
-        0xb37c386823b814f4L,0x9fb66dcbb80e3153L,0x9e7e2eba059847a8L,
-        0xa4ec63fd35a72770L,0x311f3d91fc9e0ed0L,0x3c1dc094d515baa4L,
-        0x75a06ebca08cd4e3L,0xab6172382ed5eeaaL,0x2e82bbb0e1f52c1fL,
-        0x2149d6305175d6e5L } },
-    /* 59 */
-    { { 0xee1a8e6f5f9311f6L,0xc97e3c9fbabc1f85L,0x4fa7c52eb494209aL,
-        0x04c2f51c19774fe1L,0x5cefd1228555844fL,0xb53862a3b5873ab3L,
-        0x768efdd6cbed19fcL,0xcdc12479ee58469aL,0x11237e313d80c09cL,
-        0xdd74a290c044c28cL,0x9ee6517abd47e287L,0xc2421228ad0ffeefL,
-        0x4273088f818d281fL,0xebc744bc43ec0de1L,0x5b26eccfb415bd73L,
-        0x14e2f350cb07c26cL },
-      { 0x548d2a104216946bL,0x6e801f077a4bd92dL,0x5996d0a343695160L,
-        0x0f1b5c2f63a197c9L,0x79da3c4f061f77c9L,0x1c1cd63493ff7b22L,
-        0x5e61b650a234123fL,0x826b34c5f284033cL,0x718b90e8c2f34214L,
-        0xa5f35620ae806ec5L,0xa2fae345e324a9b4L,0x8c0bb95e8b53cb51L,
-        0xc94f6ac2f9965778L,0x07ec607d6b9def32L,0x63bf1dbad0ed8f27L,
-        0x58537e02dcb61e4fL } },
-    /* 60 */
-    { { 0x1f64b06464f80ba2L,0xe8e055e70559a45bL,0xc3262b34f1f4b634L,
-        0xef4f7d5fde8c8482L,0x9d55dea0c30c780aL,0x1740afb9cfa1e693L,
-        0x2cfe6a667460c34bL,0xf66959411187c1eeL,0x1382f2775f974d94L,
-        0x1ca0ace4004549ebL,0xf8244b3fbabded02L,0xc36f4d064e3653eaL,
-        0xeab9f0dcc55c5f83L,0xd93b9cefacebce90L,0x16658e7219061425L,
-        0x4857835f82d7970dL },
-      { 0xdcd525bcd2576210L,0x9f378aa7d51b5443L,0xfe97bf171bd83994L,
-        0x930d0f63f38ac621L,0xaf8f2c17818408ccL,0x2692c87e260f53f6L,
-        0x0ee45407db0a75e4L,0x0ec47ae5ffdb1b37L,0x769129dc7aa6a44bL,
-        0xb6f932b22e40b75dL,0xe06764d095ef3b77L,0x28fd47f568bc63e8L,
-        0xd18104949c0014c0L,0x90e2d3fdd7995d8eL,0xeb39a05d6c2a85afL,
-        0x6c0277bda21f3128L } },
-    /* 61 */
-    { { 0xe41b7086b509e7efL,0x8842ec7b3d7f9f91L,0xcd285f945526b88bL,
-        0x6e44e064051dd0abL,0x90198c10774f1cebL,0x6ecabe98123e661bL,
-        0x4481113632f647d9L,0x1dd82b4526c52aeeL,0xd650907f939dc9d5L,
-        0xbd5eeef2fcd455bfL,0x7815a4dd8d2e5d7cL,0x5ad4ec9288bc9f2aL,
-        0xc6f10d0b57a3b322L,0xe8d0c1e720b9cbdbL,0x5a0b071a9b774ee8L,
-        0x3067bc9af22fcf8fL },
-      { 0xe0e589f2b7ca9326L,0x17a106fdb1224f63L,0xb2354521747a57bdL,
-        0x2614982d62b0882eL,0x7f3af5444391ffcfL,0x1aaa337ba84e440dL,
-        0x28ea37b0941bb071L,0xa957dcb42e4a7f54L,0xe7ab662c1a6ad5fbL,
-        0xd135e381f7c36a20L,0x42e7980c9baa0b6bL,0x4237030c94e4671fL,
-        0x24cc63ff8b0922e3L,0xd10d5279445a589fL,0xbb99d316a870ff6cL,
-        0x390c83caa996c195L } },
-    /* 62 */
-    { { 0x50d3fa82ffc4a73fL,0x2665d6353bd53303L,0x80a06f8a264bb77dL,
-        0x81c04a6e22d73d84L,0x2409cff50323b8aaL,0x31dce2178c4c4d5aL,
-        0x374aa80e0c0f9c19L,0x0b25a38700186bb8L,0xd0b77a10aaf1487fL,
-        0x15f39ad5ab498de1L,0x92e32da61aa0c116L,0x228e3dbd96e25ce8L,
-        0xb57c88dc5e8646d1L,0x672b1164267b1c68L,0x5d0d807f600bdec5L,
-        0x3ea4007d223e573aL },
-      { 0xd76debd0a595d0a3L,0xa6bd76cbaff0b3b4L,0xbf2c154f9b1bdb97L,
-        0x62b19ab44c714c71L,0xc9bf33b9221af663L,0x23d87c498c941ef6L,
-        0x255804c3d79f0f6dL,0x6f1a10052a7acbc1L,0x5dab79d9550528afL,
-        0xfd77a6f0c8d16213L,0x40508b6dde5e1029L,0xd95ac0f2f95da12bL,
-        0x8860af71758a8ba1L,0x0b194c837160c8fbL,0xa40e6c80ce004d34L,
-        0x09f82a176b14aaa0L } },
-    /* 63 */
-    { { 0x60abe588c21366dcL,0x729c0a4faf75daf9L,0x70501fd9acb93ed4L,
-        0xb97e744e87a16d70L,0xa42e0a7a98e7361bL,0x1acdaff228b54cf3L,
-        0xf087ccbbb7bd9078L,0xda6f3983663250e7L,0x66d693eebaf07c09L,
-        0x79baf4c38cbaf157L,0x5a984e07dfca99d0L,0xab4d3247f26d8dabL,
-        0x4d0be7017eba36f9L,0x37bb9e650e8dd216L,0x72aa4e24531c4f03L,
-        0x77d1e984b753d85aL },
-      { 0xd9373239d8e62367L,0x3361848bb9820cf1L,0x00c7e3445a9c97c4L,
-        0x9a0ec9ae14f960fcL,0xcf41f0cf740474b5L,0xa5eede8fece065d5L,
-        0xb1de5a4e9e808610L,0x17c44ae4ae0cf75dL,0x2fa563236b148d0bL,
-        0x64fa740fd29ff2dcL,0xc605eb8a88cb212eL,0xf2c771ad6a863016L,
-        0x6d6112e7607b4c17L,0xfe90ec0740d49785L,0x599be18be256e0e5L,
-        0x4e6eabecca54adb0L } },
-    /* 64 */
-    { { 0x950323d3fb99cfe6L,0x7b09bc26c9334178L,0x64111e417cbdfb6fL,
-        0x9114174489a75760L,0x4c633df910919cb0L,0x715fc7c7396bfd2fL,
-        0x8ca195128cab62dbL,0x306724734db81aacL,0xe67a246bb4c4c54aL,
-        0xd77ea0fabf229646L,0x5bed15f1fa5b5d70L,0xa5686da5c2f192f3L,
-        0xdecac72a7f6690adL,0x0c4af2a2caa50b7dL,0xf44631c16049ad2fL,
-        0x325d279604ecf056L },
-      { 0xee11fb554848c144L,0x4e062925b6a7af32L,0x125b68e1369e0f9aL,
-        0xad9bdae6ca53b21eL,0xf50d605c2e98ea1bL,0xbdb9e1539f2fa395L,
-        0x4570e32de91532f5L,0x810698ae46a250d7L,0x7fd9546cad9d9145L,
-        0xabf6772111e97a5eL,0xca29f7d5249f82e9L,0xa9c539a99851df63L,
-        0xfd84d54b71d0e3e5L,0xd1e0459c041d2b56L,0xceb3eb6efd80096aL,
-        0x19d48546e32a79d3L } },
-    /* 65 */
-    { { 0xfe19ee8fb540f5e5L,0x86d2a52f04e68d17L,0xd2320db0adbdc871L,
-        0xa83ad5a8d03a7fc8L,0x54bf83c708bcb916L,0x092133ea2e51e840L,
-        0xbce38424cb52dddfL,0xd5c7be4031063583L,0xc1ebb9df458e3176L,
-        0xafb19639bc4dabbfL,0x36350fe4c05725a8L,0xac4a063484e1cd24L,
-        0xadf73154c145b8deL,0x0aa6dd9eb3483237L,0xa3345c3dcbff2720L,
-        0x1b3ace6cb4e453b0L },
-      { 0x0343e5e990a8bdc5L,0xa203bf9d6306a089L,0x98489a358e48520eL,
-        0xbd17debede7d1d06L,0x8fafa6d75f795d3fL,0xa4ceb630387b0a3fL,
-        0xe0166b32ffddeafaL,0xa2fe20547e764e02L,0x55ab9824e871f304L,
-        0xa2bd36bb952ec45eL,0x7b4c1484a90d20caL,0x5319f38775bcfb53L,
-        0x34238a4a6982c4e5L,0xa2bb61c7a102921dL,0x1e061b64db3ab17eL,
-        0x538ec33e192f0a14L } },
-    /* 66 */
-    { { 0x193496fea19b56cfL,0x663d77f47bb99acdL,0x8f04afa857d0a881L,
-        0xcced3da2082835fdL,0x7e21faed5d82cec7L,0x6e175b99f8009c85L,
-        0xd9c6e31b2d05a307L,0x96948d4a81487d82L,0x86ebd3f2d46f6655L,
-        0x86851aa8773ccc49L,0x3e220f228b1640a6L,0x9f06e3a841a20b75L,
-        0x2cfffe5e90ac0a6fL,0xf5a9b1da8ebeb3fbL,0x2587d9976e08e2c9L,
-        0x6fd6029803e9f401L },
-      { 0x54709f8d8eb7516aL,0x83058a74bdc598abL,0xd234dd9887e801ceL,
-        0xfd0f9d90d17b8a96L,0xaa1e549f6e90f6abL,0x2496ff805a7ed55bL,
-        0x0d9f657a6c254c19L,0x3cdea49cb8962575L,0xb685a3f02dff27deL,
-        0x3c50e7fddb8bc04bL,0x904ff0ff987236b0L,0x494298fdbb0d5055L,
-        0x34b3386de14be8d0L,0x7ad34e9c7c3d30d6L,0x1f2b32bde159fdd9L,
-        0x84cfa23cc761e5c0L } },
-    /* 67 */
-    { { 0x13bc11eb8b99b964L,0x8e280c0a58e2fc47L,0x870fbc49d4c9a54bL,
-        0x37a334a2bf6e20faL,0xee583d0dd7c88cfaL,0x05e029a8ef4af1daL,
-        0x6d55e2340c2ef8a6L,0x61b6fdfe209e9b62L,0x3b1dad26bb8e080fL,
-        0x5adbc1629392fc1aL,0x02ac0fe60aae3f4eL,0x8d99801ac2bf4d5bL,
-        0x2333f93fc282fed2L,0x16dcb10cb52db33fL,0x09f90f84c55752e7L,
-        0x287d4c51c84a0d8eL },
-      { 0x5fa582010e9867daL,0x614589b31a874cdaL,0x005e27c5fbdee22eL,
-        0xe357fef5e612bda8L,0x4e0dbedf2d3635f9L,0x62be70e46f125a86L,
-        0xa09b98840d94a2e5L,0x7eb99a1528b5e5d1L,0x21b9416e751028b5L,
-        0x1b137fd7e06d2cc4L,0x6fa1f517fea09845L,0x3ba1e966ffcecbd7L,
-        0xd4c89a4a832f453eL,0x07b1e2afeca68fa1L,0xd0fb44534bd395a3L,
-        0x0132a3dcd8ef9e13L } },
-    /* 68 */
-    { { 0xe53c7785576374c2L,0xe60526d184727040L,0x8a066dc8228ca044L,
-        0x1fe1c1b2f1ce1313L,0x2aeec832cdeb0c5dL,0xa75966999cbf826fL,
-        0xcd188e81de77a589L,0xe5ce0fe0118d1254L,0xa142a9840790b86aL,
-        0xe28f043f39ac28ceL,0x4eef829087de5804L,0x83c31b32f639a8c5L,
-        0xd70454a75887794fL,0xca635d5018b1b391L,0xcefea07631d9c795L,
-        0x13cbee76b6f8aa25L },
-      { 0x79cabe0f8d3f34f3L,0xbda9c31ca3617fe3L,0xb26dee23dd9426a1L,
-        0xe9dd9627f29c9104L,0x033eb169e2c6cd3bL,0x8a73f492fcba2196L,
-        0x92e37e0bb858c83cL,0xe4f2aca623b3fbb7L,0x8101fb1e64be00a2L,
-        0x91a7826a948f6448L,0x414067b4907260e7L,0xf774aa50e30bb835L,
-        0xf922ca80c999c06eL,0x6b8635b90ba08511L,0xbf936b5c25fa04f0L,
-        0x4e0a1adae02e8967L } },
-    /* 69 */
-    { { 0x00ca66708ba29c4dL,0xc08240ce22988094L,0x21c5ca6716dda752L,
-        0x689c0e45abbbfa34L,0x1d7545fd3ed28b72L,0x5f221198d7c56ab4L,
-        0x4b3d8f7438759d65L,0x93490dfb8fe50b89L,0xb641f5d7e80eba16L,
-        0x7b0da5eb79acb537L,0xab6b14970c1d5e5eL,0x2338e68da5da429aL,
-        0xe010c4372f6d2f25L,0x226f16d26530f3a7L,0xefb0f7b6cbef08bcL,
-        0x733e30d99f99c999L },
-      { 0xecfe1582a42a38f9L,0xaec2d58e4730b500L,0x2ee2f2a7de976b2cL,
-        0xf0539db5a969c1bbL,0x31954168fcecdb4aL,0xf2f7348ae7a8e902L,
-        0x1d58d7cc3121541fL,0x5d25b75c2202ae52L,0xdea9965af40835a7L,
-        0x3feb6a41529b4e46L,0x5c97fb6fbd27ad9bL,0xd87554c0261f900bL,
-        0xb43031d904d5b19eL,0x33d5e9b8cb219b9cL,0x7a43d4923ee00bcfL,
-        0x56facb39b79a5c0cL } },
-    /* 70 */
-    { { 0x019165a2a3018bfaL,0x100c6b249ffad984L,0xbbf1b1f655341a9bL,
-        0xe6bd1d9725dc4cc9L,0x52850ed52bfffe60L,0x24e992cc7e5509abL,
-        0xff6c502e4ceb59f1L,0x2f0b35731aa7d148L,0xe90c1ddde7e3aa46L,
-        0xbaec9f45d1142880L,0x475cfd2665be5dd5L,0x83abb14e1febce13L,
-        0x6aba482980942d30L,0x1e1b235d297e82c8L,0xb771cdbe50d8218dL,
-        0x88599266d94d6cbbL },
-      { 0x08847290155ccaf2L,0x8679ebc77c5b773eL,0xa88b2dd1b2dd08edL,
-        0x960a180e87d475dbL,0x80fdb6b76694d02aL,0x3e8758c93f3f9e96L,
-        0xbda3f6fa4ad836c4L,0x9400c58132fb387dL,0x25a785422550200fL,
-        0x2a97c351776ecf18L,0x03ebf46e566db59aL,0x4743a28026545edaL,
-        0xed169d84cf74ab44L,0xbaab931d88cb3f69L,0x70ae932cd8257196L,
-        0x797224a6a0c09719L } },
-    /* 71 */
-    { { 0x632923f8441f3567L,0xc11c31682e24bf1dL,0x4b97726bb7671fffL,
-        0x601746a77a5e1a22L,0x53dddea03addb417L,0x57867a3c7f59b846L,
-        0xb012a98756cd7ff7L,0x1bd5fec9f19ba9a8L,0x750379a2f8306748L,
-        0x7763445dab8c05d1L,0x5d7f441b7903f42aL,0xc011674da903e46dL,
-        0x1b1d3c4dadd126c1L,0xa2752aac61455b40L,0x4da42a68555c356eL,
-        0x3ff09c15d820852cL },
-      { 0x4c0a1bcef9cb7784L,0xaec539bc2422f305L,0x5f40f9fd0c414aa7L,
-        0xd3aa316cffd42bc4L,0x42f5a4c32f358e15L,0x00bdcd9ed6e27682L,
-        0x069f789ff8a5eceeL,0x8078018e05e14f5dL,0x2bb3e4938b40c741L,
-        0x5dbc8c1d7917f72dL,0xe0eea664cc57150cL,0xa25ecc5ac3fa8920L,
-        0x3c21b0f51c797164L,0x8f09a2f2634ad16bL,0x8e730fc558391d9aL,
-        0x47ef18054fdfae4cL } },
-    /* 72 */
-    { { 0x9965f3d13da285e4L,0xba7d4dba3a01e3f4L,0x4738413a61214ad0L,
-        0xd3b7d53522397549L,0xa53dbdcf5a730b92L,0x3130d92b332d165dL,
-        0x44a2854182f97ef4L,0xbf62221c44dce1b6L,0xbba138587e2a0ec9L,
-        0x33f32c8dcbfad998L,0x409e5f3fb5fed44bL,0x5c328c65c66217bbL,
-        0xb00db69ffcdf71a9L,0xa23c2a21b8920788L,0xf8ab28e63ae6464bL,
-        0x1a6b6e9cb8de0861L },
-      { 0xaf6ec2b606af77aaL,0x2e60f5cda887f065L,0x87d214009f498c56L,
-        0xdb595b59fcbaaf4bL,0x0fb592a1271ab855L,0xa0ce10e5d4349b0cL,
-        0x9d6187d8887d8c9cL,0x03ee95f9154bd6dbL,0x8fe532135d06c999L,
-        0xf4a7bc30fb6a64d0L,0x3d22af0d66a4cb60L,0x16952cef5d37367cL,
-        0x6f0ea734997d8e55L,0xb447c70f731732d0L,0x00ab3034a9cb3942L,
-        0x79dd018028510fd0L } },
-    /* 73 */
-    { { 0x04e0033a3ac7424eL,0xdb06b68860fda4d0L,0x236a9766bcb772fbL,
-        0x294a8e2bf297cda4L,0x4b0aab85db013c6eL,0x3d2aec988723a3adL,
-        0x0cae32cd13c84a6bL,0x21888f5e70ec169eL,0x739633bd42a88262L,
-        0x68ac792e7b60d9b8L,0x89f2b72210769fe1L,0x8f3fcfe6d24bed34L,
-        0xd35efb88a3eb24aaL,0xddecfa3f484c706bL,0x7cc119a9929ece0dL,
-        0x87e5ad458d405436L },
-      { 0xba99aa9d7d1000a7L,0x8b94affcae823833L,0xc8229628dfb83dc5L,
-        0x2f59fe11845a418dL,0xa8b970f85d417054L,0x8918c26572b71581L,
-        0xe4ef477dc0d1dd17L,0xb50b4cf33afad7c0L,0x21baea7901870a5bL,
-        0xc77087f9bb3a2868L,0x7857531e124a59cdL,0xed74c26f57f43239L,
-        0xd5f5ae250164c94aL,0x6608b7e2f094bf74L,0xf4cdb5bafdceea32L,
-        0x0b712519990cc045L } },
-    /* 74 */
-    { { 0x5a290ca188d5c64dL,0x0596d749a7492534L,0xa04b0d3d2a00e925L,
-        0x082cd02ccaf7b66bL,0x912b50c2ecdded83L,0x813ce9deff31646eL,
-        0x62ae70c7c75fff95L,0x6f6852e07e2a4615L,0x320fd7d003804fd1L,
-        0xb1a2a4dd8218e8d9L,0x4918a6fbafc645d7L,0xfb080fa1e8d9fdbeL,
-        0x33d4d08a4470b6eeL,0xd2ba20776d974ef7L,0x8ecb95a769dae5d2L,
-        0x7a3f423a7d69596dL },
-      { 0x362d2ca69a929387L,0xabdb7581cb1c1fffL,0xd892ec9f7e51b6cbL,
-        0xee8d86323a4e131fL,0x4680e3f15bd87561L,0xe3a597e1d4e7e732L,
-        0x3cc72b7c5581fefeL,0xf3e77f8aca8cae0bL,0xfcc7d7dc5e2fd4afL,
-        0xdd3a455221355b79L,0x546b24f2a2c07177L,0x415b532d0689621fL,
-        0x2be9af513f78163eL,0x27d63b9b33d7ed21L,0xab019ef296802943L,
-        0x2da5fc551623faf4L } },
-    /* 75 */
-    { { 0x62429cf3c8a5c600L,0xa7a80c223fe33e7cL,0x9ffda7400a57ddcbL,
-        0xd1ae156d925b0c74L,0x097a43f96b100eb0L,0x169e945cef943c81L,
-        0xa1f734e51128cf24L,0x04387c4a419f0133L,0xc007868b01044024L,
-        0xe5416abf90359cf2L,0xf9c76fee478d54e3L,0x66219da642a2173eL,
-        0x61e031569fe30141L,0xa0ff5ce393ef247eL,0x811792ba072b6592L,
-        0x855f021970c854d3L },
-      { 0x61fbfb6c847314c4L,0x97906155eb45b96aL,0x7102e1466ba2afacL,
-        0xed51f975ab949781L,0x9d2f5b17c110c4feL,0x7ac8ce70aff57667L,
-        0xe7366a216eb244e7L,0xdd1bbcec551c65c7L,0xb525060ae1a859deL,
-        0x7a0481748ba7d2e7L,0xe1a2c541ab8ea8c4L,0x6e7824c36fdff078L,
-        0x79b49fc714874b04L,0x22ae337f06b1f733L,0x1c3521926f8fe6cfL,
-        0x292236cf525d0797L } },
-    /* 76 */
-    { { 0xcdb8d80a7d8b29dcL,0xd17a202408ea648aL,0x7db12c5eae92be91L,
-        0x1f347d18fda72fbcL,0x11374b409e760c6fL,0x7361e8f1d8e38d91L,
-        0x7714be9d739ac1f4L,0xc1f9701cb4df5c4eL,0xd9138ed86f72cae1L,
-        0x1c7fe1f76ad180c4L,0xf8c185be9e2dbf9cL,0x835db2697c70c44dL,
-        0xf997cfeab0d15b5fL,0x5101445a61e6545eL,0x16b0688425184e5eL,
-        0x7cfac3597521e7aaL },
-      { 0x811821673c0bc53aL,0x84b5ede37e751367L,0x3ca255fda3657a18L,
-        0x096abbf4ba1fdd98L,0x9ce8369fc5da77d8L,0xf27b9ae7aab342c5L,
-        0x06c91bd6972059f1L,0xee0dab30914ecfe9L,0xbb647fbb93f53f12L,
-        0x30c38a7affa57e0eL,0x517d06ef9f2ad607L,0x49728d87bb99dcc9L,
-        0xb0034af1446080a1L,0xcc810c3f12b9c17dL,0x7225f14f772a22a0L,
-        0x6ce3dc7f1ddf82bdL } },
-    /* 77 */
-    { { 0xc07cd835a4397830L,0x4dd9290cf4733306L,0xdd35d3a829989e8cL,
-        0x79902559563d8152L,0xf278d911e87de61bL,0x9c7340c71024e35cL,
-        0x2d4444614a0d0e59L,0x63e7608ff32626a1L,0x627a37e9c4c9baa9L,
-        0x0c56dc5176fffd25L,0xcb6defc8cef2a1cdL,0xcbcc0d56efc559d9L,
-        0xe45f3fc5041cb692L,0xcd05c239e5161e09L,0x2a731ee95c3b559cL,
-        0x85151122a3d0a16dL },
-      { 0x782d033586ff19e2L,0xc2c60daa1da28603L,0xb2e78cfe557c7eedL,
-        0xa8f6f9841bc4e8b0L,0xcc1f9b4b3df35c67L,0x96e136034764462aL,
-        0xbf910b977c7ae0b0L,0x27c7f30551435956L,0xc14db15cf631eae5L,
-        0xa51d61427e69b34cL,0xdec828515fc12ff2L,0xfcceae13fb887162L,
-        0xda332ac1de1488bdL,0xa20374e22ee3e74cL,0x597ea1a1f0ae069cL,
-        0x8b1159f277bdec04L } },
-    /* 78 */
-    { { 0x4af71a442f961d30L,0xbdf968a87ac7248fL,0xd32df87cb1a906cdL,
-        0x00c10e2604abf925L,0xb8711759b9f04d4cL,0x00d54e60939705daL,
-        0xf7587433c9f80849L,0x2e9abade6a7a2375L,0x5676d47894ac17acL,
-        0x4ca0525bc202d99cL,0x95b8bcadabfae73dL,0x2371ed383405991bL,
-        0x2b69e47a458a99c3L,0x7cac0b182b78c866L,0x6ceaa79be0232c7cL,
-        0x0bd86433588f7459L },
-      { 0xdea1a8b47e734189L,0x52c5ac88cfe5fa17L,0x444a4d4e11437664L,
-        0xc2522308af9e9750L,0x78b1d0c3d30c6b3bL,0x2edae5f04c6df477L,
-        0x53131d9a2ee88dd7L,0xc4e380eeacc93e34L,0xd499b1aca8db0e8eL,
-        0x77348c167f5d49d7L,0xc96632571556ccd7L,0x65ce0e8c2611d13dL,
-        0x2c95fe66b5a2fdccL,0x266988328658faa1L,0xda87d1f431c32c98L,
-        0x46650598fcd91907L } },
-    /* 79 */
-    { { 0x4c6c13cc6b4a5efaL,0xc481989b1d07b265L,0x10b966ce8bdc69c0L,
-        0xf54cfaa22c2531d4L,0xcb5f1808cad0a100L,0xbeb52538ee5da449L,
-        0xa6240085bedd83ccL,0xe792dacfd6255c78L,0x883719062062058fL,
-        0x96615e83ed1658c1L,0x4b549b277d28d542L,0xeaf127db83b75df3L,
-        0x4f60df6d17fbb942L,0xd08631dbf6f7c930L,0x17c38f986018789fL,
-        0x0c43574ab9a9280cL },
-      { 0x76eb324c1d20cad0L,0x90decb098c61108aL,0xa6e9d39c6f06d36dL,
-        0x6cd978babc0da197L,0x5948b1c0507ac5ceL,0x2bd47164c5497eb5L,
-        0x2a9c4c0f4d5914e3L,0x772c5046a759f03cL,0xe7d7328a69ac847eL,
-        0xa8d57d0c3048b330L,0xe60034e040f7baceL,0x823d9193a85f1790L,
-        0xa6e9b66c5c859736L,0x22ca2c7a679e1022L,0x00e7a19c09023fa4L,
-        0x324999f12726d5b9L } },
-    /* 80 */
-    { { 0x667eaed67c834915L,0x9f77aa6abc5eb64dL,0x729ebcb625d62011L,
-        0x0aee24f2699fd9c2L,0xe1eb58742b8d4f6cL,0x7f12710c14c976d6L,
-        0x91390335f6d9ea65L,0x668b704906b50064L,0x65969a0e0876ee4fL,
-        0xf901bf3f2f9d9360L,0xfb1a8651b499e3ceL,0x80b953fbf2dbcaaaL,
-        0x312cc566973b06b6L,0x3534d9c33af36c64L,0xe4463a5210ffd815L,
-        0x57ea2b4bf18c2b91L },
-      { 0x00f5e1628aa0f2f2L,0x8c7e75c50e46bcaaL,0x97ab479aa4a2c42dL,
-        0xb4f308ea14baa202L,0xa901bd146943cc2eL,0xbb125feeeed58804L,
-        0x6502c8f99d180f7cL,0xe53539191580c61cL,0x7e27806927101ee3L,
-        0x7a0a40a1faa72717L,0x32edce024c75b153L,0xda23660b538f1c22L,
-        0x4d511e98be307d2eL,0x24276e409baee0b4L,0xa78c39277ff1f307L,
-        0x60480b46ea7935c9L } },
-    /* 81 */
-    { { 0x31087d663872ece3L,0x5f29be7d955b70f8L,0xb50b4fc79cf95bb8L,
-        0xbae3b58ddbffa621L,0x0e61d280e022ba5dL,0x78ae51174181449cL,
-        0x0b132840cf555485L,0x800ed1b6b8ce0b0eL,0x35dffdd578d5de3dL,
-        0xf7e4237469a56b47L,0xd5e323698d910ae7L,0xb6ff52a06313c7c7L,
-        0x5a2fe20da92de9e5L,0x41b347d3d12110bbL,0xc5905edb40c16f23L,
-        0x0774a0d39a8f88ccL },
-      { 0x3ae181abe3b6c106L,0x4ebe163f8de150b7L,0xcf75b82f6f354836L,
-        0xaa0d20633ac7ac16L,0x5c680668291722afL,0x73941e6111545553L,
-        0x17127e38bf5de3f7L,0x32cfdf031afb41daL,0xc6893c9187bc8663L,
-        0x75046744a62c9c99L,0x96866e2d962c1947L,0x489ec8df378cdf4cL,
-        0x3a60709b3407fa32L,0xd37d2159551290d1L,0x9623d303bab92273L,
-        0x081519542432014bL } },
-    /* 82 */
-    { { 0xf9236d89fb7b2108L,0x3ecc83ccad75f9aaL,0xf7c72b15b4e1da11L,
-        0x552aeaef0315c362L,0x11e140edf272fe3fL,0x99d79bf687843ee8L,
-        0xce6b54fd1d9bb25bL,0xb20b0e215b1bad74L,0x54a0214f5b84c90dL,
-        0x459bbf52fca6cec9L,0xe363c48d9e4df76fL,0x3045f84ed64cf17eL,
-        0x8402a167f62ada48L,0x2c9e1bf36a74ca01L,0xe8cf9d41f691c42dL,
-        0x5abf2178c2c4b874L },
-      { 0x4777966bf3b3bccdL,0x0047e0f0be3e0caaL,0xcb8383b38c7d5043L,
-        0xe77e3baf946fd5fcL,0x79baa785e9ec0e87L,0xd83c557cc8a18d25L,
-        0x9b96e5af25befcfeL,0x4f05d15e98c71b61L,0x081f991a77e62da1L,
-        0x1c6ec781cbaa3821L,0x7522f65de54d9bfbL,0xf5d0557344ed1430L,
-        0x3035b31f95cafddaL,0x47e67f436378f5bfL,0x029f7cad5270b9d9L,
-        0x15ad15874d916a48L } },
-    /* 83 */
-    { { 0x00de2eceaa588ae4L,0x552ebc58a371a232L,0xd00ea93471230444L,
-        0xafbfa67de4b1832dL,0x29216341b689e843L,0x1f96bbbd61f4e2e8L,
-        0x9542068404c29dc5L,0xc7fe382742317fd1L,0xe0a0aec663483162L,
-        0xfc2b94d10700184fL,0x07219973fe1fbd85L,0x648b6ab1fb074352L,
-        0x23bbdaadc46e5392L,0x0db8dd1f00fa56ffL,0x104815eb866725f6L,
-        0x3f9c4cca52e81963L },
-      { 0xff36b29732ce637eL,0x81a15f2df5d25cddL,0x1a1d052d8b02ad97L,
-        0x2e5f3bbccfbab3e9L,0x60d2cbd7614eeb75L,0xd4491843cd5a793aL,
-        0x2242cf75cdba2144L,0xa20705e788b99766L,0x64e12cc0ec77e132L,
-        0xb1c14df6b61a9b05L,0x8fd97f0474825b5aL,0x956048213da31223L,
-        0xde4867274d30c70dL,0xbcab8f151c12ee69L,0x5dc638b4668d893dL,
-        0x6479dad6223f574bL } },
-    /* 84 */
-    { { 0x569044f3b05f2b26L,0xb35a294a80b9f76cL,0x8839fe284290f6aeL,
-        0x761cfb23026a5877L,0x768926b62e5ff9c3L,0xbae6cd200b11c576L,
-        0xdc85775672a03efeL,0x0cae074ae1bad63aL,0x3fe491a1d709d99cL,
-        0x76c5ded66501d9c1L,0x1da6eca1c32aeff7L,0x50849d55c57683e8L,
-        0x9e392e9cdf98d847L,0xfad7982f64d9a564L,0xf7c3bdb7a37b98b2L,
-        0x1fe09f94f0860497L },
-      { 0x49a7eaae7648cc63L,0x13ea251167cfa714L,0xfc8b923c653f4559L,
-        0xd957619b81a16e86L,0x0c7e804b3c864674L,0xfc88134a1616599aL,
-        0x366ea9690a652328L,0x415329604bc9029eL,0xef9e1994ae2aad2bL,
-        0x9e2a8c527f10bef5L,0x73dcb586c67bf860L,0xf61a43fa844cc25dL,
-        0xd74e7eea74eb3653L,0xf3356706dd240f02L,0xeec7694cfd83bcb4L,
-        0x4de95786db62526aL } },
-    /* 85 */
-    { { 0x4867d3153deac2f7L,0xa084778ab61d9a8eL,0xf3b76f960ab7b2d5L,
-        0x00b30056cfdf4f79L,0xd0701e1531ab8f4bL,0x07f948d59c779d01L,
-        0x7c994ebc82675371L,0x1104d4ee48bad4c0L,0x798ce0b5bfc9d058L,
-        0xc7ca898d309fa80bL,0x0244f225acb33eafL,0xd51e8dfc5b2f3175L,
-        0x3e49ba6ba4d7be34L,0x1760f4c7bda02b43L,0x37e36a7e4435275aL,
-        0x1c94418be636980cL },
-      { 0x43a2131309dc1414L,0x060765fc43c93537L,0x6ff3207adf5f79ceL,
-        0x6f18b1fa85d4cfcaL,0xf5c4272e63e995abL,0x121a09e4a82b3002L,
-        0x82b65d1b97147f16L,0x4993c20c20a7fe26L,0x99c9cb98e6716726L,
-        0x5a02d673feb440a0L,0x3f3fa9e1251b4bc5L,0x75dbc474a05338eaL,
-        0x3cb4044b7b09f6cbL,0x6767da1880434609L,0x97851422098ceac2L,
-        0x611bfbb2b55235baL } },
-    /* 86 */
-    { { 0xbdbaa55ef00ad2a1L,0x29efa85e14a290d7L,0x3b4a4768e92b1694L,
-        0x67111bcd11ec8130L,0x0e42570288bd27b2L,0xf28cf2a3d9a03c06L,
-        0xbb7c8d2df318884aL,0xe2ea1462e3aaeb20L,0x3353580443b85d77L,
-        0x81ee4482554ee9bdL,0xeb2eee9ee6aa198fL,0x7a5aa804c26c5944L,
-        0xa0ef2da582ab167cL,0x5a2ab47602fe21a5L,0x169cb3b83370298eL,
-        0x86e6c5440eb3aa8dL },
-      { 0xede033210b793d9bL,0xf79fade11ddb5eceL,0xf73fda9268930b64L,
-        0x06aad97dfe4fd1b2L,0x073a5b1d92a4dc88L,0x8af8cbd8bc976d75L,
-        0x60b4abb163ce26c0L,0x9c8300a9dcb1fb06L,0x335a594cda95b3d3L,
-        0x1f97d7d4b37eac87L,0xa3d2eba220eefaabL,0x3258c906f3e828c8L,
-        0xc832616f85ab7781L,0x725971928c28b617L,0xcd7196bc3233b82dL,
-        0x83867eb919fa126dL } },
-    /* 87 */
-    { { 0x774fe73e22474edbL,0x2a7663941a84e1aeL,0x270329ad9c6dd6e3L,
-        0x00c4a41514f8bf5dL,0x3ce2ea37d2267b90L,0x1275301511d24faeL,
-        0x7c14d854263a1b78L,0x20c8401b1ae0b206L,0xf32a011b081f49fcL,
-        0x1e8123fb959c6df8L,0xa328dc7c800e1d06L,0x5876a37824259a9aL,
-        0x23ada8b5b7ef6c37L,0x023f6b6ea93d4c9fL,0x89f5414dffb6389fL,
-        0x4b26bba2e628b39eL },
-      { 0xd30b1cb45d318454L,0x123b749fd7436cb6L,0x3110c726568a7461L,
-        0xc85de1231c84fd1eL,0xa5f8d6e608403d55L,0x395b6e139b1fabf8L,
-        0xfe6d68c33cfedce0L,0x1d90381f94b91110L,0xf0a8ea812dcc6eb7L,
-        0x59e804137e90ca2bL,0xbeb5fc07c8a25c5aL,0x009c253a5d84663cL,
-        0x00b15073910b6a7cL,0x8607da4c4108f8d5L,0x02c3d9c3cb901e65L,
-        0x4d697bc52c9615c6L } },
-    /* 88 */
-    { { 0xe0db1ef0efa8fb40L,0x29021c5b5ba3989cL,0xa8d6fb15809d19dfL,
-        0x6b787b734c1219e1L,0x6417e16814ef05e2L,0x449342db8f9796e2L,
-        0x2f878a5ebf84421bL,0xe71916d7e94a4536L,0x9818bba3ae119693L,
-        0xec674be95768804eL,0x0a26074cf8424f8aL,0xdbc93b9d466ce6abL,
-        0xb3f15a98c920078bL,0x9d10fd0d3870f1a3L,0xa61241d9e4e785a7L,
-        0x76ca87a1e6c8cd80L },
-      { 0x4357fb56e02e48b7L,0xfbd14b13cc09e9c6L,0xdb5f243524069cf0L,
-        0xf878165c2c3b01a9L,0xe549e7c4e6956dadL,0xf2fe9538bbd60b68L,
-        0x952f856b059dc653L,0xd3f60225b377fe9bL,0x6a0c7328bfe908c4L,
-        0xce6aa2d3bc8f5f2dL,0xf721344324425050L,0x17e1266a3d3b3ce5L,
-        0x75b5e43fc1677512L,0x1592706237fb894aL,0x152607532be3e375L,
-        0x27e7f2c66da3b7beL } },
-    /* 89 */
-    { { 0x638f65ade6a15883L,0xd4a7e68c66afdb33L,0x6207b6abd3f12de5L,
-        0x1c6ff95037b87810L,0xc0d44cb264acf6d3L,0x163ac601f2be78c2L,
-        0x1c63cc5a1636980eL,0x3e92cfe895c9349bL,0x7738e0d841ec7220L,
-        0x6169d7642d5fa961L,0x2aa776c1c3e028e9L,0x93dc5646b16d5409L,
-        0xa0b27fb5706df4d9L,0x9e991170ce9c6b97L,0xea8e42be53c85f40L,
-        0x02e9643783246528L },
-      { 0x91540addae78ea1fL,0x51a1b74d7b670e96L,0xf9936441f7006826L,
-        0x8f97d6ea7d7520c7L,0x0faa6a0269ce12e1L,0x2590aca879208342L,
-        0x7a48386375614436L,0x07c6149ef381408fL,0x733bf584d7853406L,
-        0x8761b0109abbb6f7L,0xe4eb249ff528a09aL,0x08781ed82e00ae3cL,
-        0x864c1b252178effaL,0xcc1e62a29d513a7eL,0xedb8b94e1919062fL,
-        0x739f53da4f16527dL } },
-    /* 90 */
-    { { 0x7a5f4a88924adc5fL,0x95646c16a818f56dL,0x0ec491297795f954L,
-        0x2b48753dd19c5400L,0x16fa236b205912b4L,0x6b3d65f3e87a4946L,
-        0xa7174a01045fd066L,0xb635031312a5e140L,0xa79c4b44a96b8623L,
-        0x7a339d659ab003d5L,0xc72f30c63826f31aL,0xb4e7390c6f7090cdL,
-        0x59ac6c36906ebe24L,0x39a7f06dbba4505aL,0x839991e1c58c413aL,
-        0x020c23ffa20e0e84L },
-      { 0x120e4adaafc74661L,0x37bbcf63277fc065L,0x41049cf6b6dce799L,
-        0x5b8d6b537b161ba1L,0x22218431a9610fb2L,0xde9ec9d1dfdde769L,
-        0xd32bfa4d42d80630L,0x3885702a6244df4bL,0xcdedd1ed45592dfbL,
-        0x0e1df45bfb4e01b8L,0x8f4bded286e215b0L,0x809354876a937e6aL,
-        0x415278ba8130f723L,0xc6dc469238a821f8L,0x2207b119fd8b4f8aL,
-        0x76e7bf53f9269cefL } },
-    /* 91 */
-    { { 0x5f12842827ebd187L,0x8d3320abb65aadbbL,0xb042765a72258695L,
-        0xda3f33f98f0986abL,0x411807a7aebff503L,0x25c776ca825f71a5L,
-        0xc0de7bedff7df24bL,0xda8b0f42165f1fb4L,0x5f3ff737731f3ae3L,
-        0x4cd1d7e7193e0a52L,0x8df84aa3b6b3ba46L,0xba84b897aa1f3782L,
-        0x6e7960cce7733ac7L,0x4d46d6ab50981a21L,0x1ec12c257cbb80edL,
-        0x79e7ad272b96ef09L },
-      { 0x3cd970dc8f30caaeL,0x85cabcf10a6ebef4L,0x63c1863ec714616dL,
-        0x1c50db0b519e3a98L,0xf39b896364cb13d6L,0xdf67d81f22547b69L,
-        0x7157abb9d67db0ccL,0xccca25ba889491b7L,0xf689207c7a27e0dcL,
-        0x34ae8fbe0fd43281L,0xa5d91f735720ec09L,0xb2f61909cdfd7bedL,
-        0x1ec102324a039e32L,0xd3c3d65edb0d8fdcL,0x32c916c84fe5005dL,
-        0x7f8c37ac4c0bea94L } },
-    /* 92 */
-    { { 0x33ec1e5443ac05e5L,0xda4a4da4cd8d3825L,0x86d88c0b88bf9e2bL,
-        0x34d71dd0b53811dcL,0x655040d2a3c3aba4L,0x2bc40949b61611beL,
-        0x1c2d426e279a4fa0L,0x535a5aa23b065ac3L,0xdaa8a32fc52ea890L,
-        0x5a5deca79fddad22L,0x911f05fd2ab3b26fL,0x5dace7dbf37cd81eL,
-        0x0e0e44e790d16b8cL,0x15e68aede4f5894eL,0xafe04999fc92a74fL,
-        0x1d7703aa970e7c2fL },
-      { 0xa8a4c81d3f0062a9L,0xe31eb2b8d96a20baL,0x66dd98df864bd101L,
-        0xba05f5924413b614L,0x51a67a0de9a555f8L,0xacc2f0972e4b52d1L,
-        0xab5daaec7184ab23L,0xce08b43e7c7f691bL,0x520e530b76c427f4L,
-        0x7d352069e423ebdcL,0x6b5e39e834df14ceL,0x3dcbf295446305acL,
-        0x682cb2e1fe34cdc1L,0xd4ac45d1111f5afbL,0xc5ef63cd47f296f9L,
-        0x0a2c40ec93c20871L } },
-    /* 93 */
-    { { 0x09bc384faf5747dbL,0x3bad6086c06ab86bL,0xa406882e9e7c1547L,
-        0x2d5326d155977abfL,0x063a9a05da81deb0L,0x9a86e4a7524b6111L,
-        0x1402f87a4ab2eb90L,0x7d0721d4d5c600baL,0x1a2fd9a9f289fdbfL,
-        0xf5dce66decde6f07L,0x62171277dab9fa73L,0x6d2dc49f6c474babL,
-        0xdc017e1f76eed033L,0xb97175c04da825d3L,0x6c297e3d54b05e43L,
-        0x2efb454656c9c87eL },
-      { 0xa4712b008b21c064L,0xd186fe424a70629eL,0x6435b3409b74f0afL,
-        0x6965aa437ec9e629L,0xdda14673c4c60d08L,0x0b656670bf3057aaL,
-        0x7f05e8403ce86f60L,0xc05073a904401a16L,0x16b1e638294e607eL,
-        0x2078325269cf7046L,0x2941141be8ce7d3aL,0xd38ad8d37577053dL,
-        0xdba68fb3caa6630dL,0xecbeaff1e9504350L,0x9f5166d51d2d760bL,
-        0x337532ce462891e4L } },
-    /* 94 */
-    { { 0x3f1118533a00bb9bL,0x2d2ffbae45f66685L,0x9ae11a85d4aee24dL,
-        0x18ba1e1b0341856eL,0xa9ac81782731349fL,0xc13dfd4a545715b5L,
-        0xa5f7423c5daad2eaL,0x30a483b9535b76a7L,0x92e9ada4ff873e9bL,
-        0x15662d84723a1055L,0xb935497b8edac4e0L,0x61b6441a39d8fa70L,
-        0x1541d75640d1589fL,0x62994237f0a05f0aL,0xfd8b00346bb28908L,
-        0x192a2b5dd4cd32bfL },
-      { 0x63576628365ced07L,0x029f32fb05de1d1fL,0x6d17b9bcbf40a7aaL,
-        0x1b1b2a089bb50a47L,0x9389abbb795a6278L,0x52cff60fb34fc19bL,
-        0xf3ab9492387d8739L,0xa8f053e66920ccd6L,0x3ef2dd4b63a9b4f0L,
-        0x9ab0ede151e82129L,0xafba0c0b0838bfa1L,0x2bd5a7ac9ffc11beL,
-        0x058bfd9595cc0878L,0x686d48a3f8c2f0c6L,0xc33abaaf1d9b31baL,
-        0x632e22893bc0c268L } },
-    /* 95 */
-    { { 0x1c851d2015a1cccaL,0x4efe290c7e522bc3L,0x0b741d5518eab053L,
-        0xae656197bc85e217L,0xae13141e01cf8b29L,0x2e2cb59366948478L,
-        0xeb57bb0fc31bd8aeL,0xdecef5d6c264e788L,0x6fa856cc9cb96d86L,
-        0x2db16813279183daL,0xf03f3820383d796aL,0x58a456ff1d0c6fedL,
-        0x255898058a6abd9bL,0x339f52c583f96f19L,0xcf6ded8fda7e9ea7L,
-        0x68c3d9c15d1ccd45L },
-      { 0x67e26265e6b392b7L,0xcec1d9bf775d9509L,0xe16abcd4d76514f7L,
-        0xd86f59b20de72e1cL,0xa66e43cd1adfb033L,0xdb34434005e457ccL,
-        0xb67a79165681daa2L,0xc32e7babf0114731L,0x066fe16ed3b1e961L,
-        0x924e298ef63d26e6L,0x9bea0dd8541add6dL,0xef9500df9982f971L,
-        0x5c876e63c5f076acL,0x55e12ae5b23d396bL,0x09efbb362ec6747aL,
-        0x8f2055ee233286a5L } },
-    /* 96 */
-    { { 0x4a4ab9e3b82c1af0L,0xfc65e9e7f2cae264L,0x4feaac0a60187d46L,
-        0x27d3f335e393b363L,0x9c9f7c00819bacceL,0x3f7418b5b8aa6611L,
-        0xffa94557372aae95L,0x937d78048db38589L,0xd10c86df6f1fbc1cL,
-        0x48aebd89a2f0a0ceL,0xae5d5fa2367439ebL,0x103a6a0b3f17d2d8L,
-        0xf233f68a411d9894L,0x7fece8b3218b67a2L,0x0422540f2319bf06L,
-        0x1292c8c9340d322eL },
-      { 0xf5eb55870386463dL,0xd4bbc2b20371d97fL,0x1b3645710b819c5aL,
-        0x0cbb42d6cf04ad41L,0x5d819c7666939ec1L,0x8745ac13a01847e7L,
-        0x4f704b021c7232e4L,0x2c9e58a0acb05780L,0x9523b8b3b561e295L,
-        0x3384df0079f9ba35L,0x78231fc21eaa9628L,0xa2eac54f8aea2b90L,
-        0x8075ed7730d1c263L,0xacb44ed5fb339000L,0x92546ac2f011293aL,
-        0x7c78762beb821764L } },
-    /* 97 */
-    { { 0xb8f7d6fb067902b6L,0xb2823a43d1735980L,0x062cfb1259741dddL,
-        0x6e391b074033f95cL,0x3831d0a368589b8cL,0xe3474d49522290f2L,
-        0x4dab14d6222e1f3aL,0x8f00fcde53f08d39L,0x559917ae707f28f5L,
-        0x166aa0ba068e607cL,0x602713e7d7e1f824L,0x7c2555404d6a328fL,
-        0x0d2e32649890cd2aL,0xf2207944eca0b20aL,0x5c98dc0752f4e09cL,
-        0x69403504d84de81dL },
-      { 0xf8b7b366e5407206L,0x1ecf54cf0d88fa8cL,0x6fefe548f7272e6fL,
-        0xd653137281ab4468L,0x52cb5f0e4e474408L,0x9e426b3a6490737fL,
-        0x2576c19b4980d071L,0x91f346280f272cafL,0x78e60a4f468f31c9L,
-        0x8776a32990844d89L,0x8a55700cb951582bL,0xab1af36514b1adbfL,
-        0x22ebff92fbd343efL,0x32f9fb01b7d81f34L,0xad850e06ba6b30e1L,
-        0x6da9e027bc5f9546L } },
-    /* 98 */
-    { { 0x21eee4c25c9490ceL,0xa96ec4a30df68381L,0xe6c607e0a4a9368eL,
-        0xd8b0492a4bc262f3L,0x0846a210460c34ffL,0xf7ff7a6428df33cdL,
-        0x10c5504421827612L,0x9d25fce9149bcd01L,0x725611cdcfc613dcL,
-        0x159f7e8897f51ce5L,0x3fa3bf314e8c08b5L,0xea15611575e7538fL,
-        0xd1e0a95191c84020L,0x0d2268bacf02ad0aL,0xa04c6ac4058b8e5fL,
-        0x773b40b9b3515912L },
-      { 0x00ff2cdc3631cfd2L,0x14c4c2d3807737bcL,0xd600616a338a5270L,
-        0xd0e3306db32cabdeL,0x336738eaa70b17caL,0xf2f4aa8d79f353eeL,
-        0x712f6ad9576f3ad3L,0xe427985289b2bce0L,0x05d8f94dda92ca30L,
-        0x9891d475d8492dd9L,0x3e06a5ca4d15e4bdL,0x4725d4eb254eabbdL,
-        0x31394acec0ed513cL,0x7e0f9859bbfaae6cL,0xdc125546833fd137L,
-        0x12b46385c56c4f75L } },
-    /* 99 */
-    { { 0x810dbebd932951deL,0x96959d425aa69c94L,0x5fc49c04ecb2f08dL,
-        0xac74f0cc2250b82cL,0x96a439a53aec4e1dL,0xc33cab9a90499acdL,
-        0x2fccde6654d9b3afL,0xf4af285c3863ae8bL,0x2373373e46febf88L,
-        0x751d672c3c9ab7edL,0xc1c51130fe12020cL,0xad82402f52f3e56eL,
-        0x3489ab7aa4a64a81L,0x0a1fb661d9f163f2L,0x17c69be10e553317L,
-        0x61c1935e7d88d417L },
-      { 0x2e722d9b3492ae43L,0x1ef89d950538f05aL,0xae77e588200aab63L,
-        0x2872c120eba4b117L,0x5c2432c83a461cb8L,0x315b3434cb938f26L,
-        0x05bf2ac58c4c7dc0L,0xd2e501dd596b378dL,0xa8506c9fcb890c30L,
-        0x3d0af4617c361f0cL,0x21f7b7185a35cbaeL,0xbd1035f1f3fc0138L,
-        0x74628af58b248edfL,0x8d6421d048c9cae0L,0x75e3da392ca18773L,
-        0x27ad0df271d3db94L } },
-    /* 100 */
-    { { 0x9e3bda79305b5aedL,0x2c67d4a45998d6a7L,0xc855e1d30f7eb700L,
-        0xc18a7e9e147d1c44L,0x3ea99618c89540edL,0xa53be20a7e6bfd20L,
-        0xc9487e64ecc14437L,0x7297920734ef85c6L,0xfa0d4e71d5e1ebd5L,
-        0xfda2b1e64d48d6b6L,0x782a1e0566e200d4L,0x2a3c70da5a5366a1L,
-        0xfe3fbd2b1a473738L,0xd7ef8c067fe020e8L,0xec686fdeeacfb665L,
-        0x5d9b5e276dd1542fL },
-      { 0x3637c5a5cb3e472eL,0x2153d92730a1405eL,0x009992e5b4498558L,
-        0x18f00ccdf39a0851L,0x26237c11b5c6c560L,0x418ed4081343540eL,
-        0xfef7cbf07e7f3184L,0xecd92366bf48576bL,0x1b75be1abc94c91aL,
-        0x8e1778de4a162276L,0xc52e57d3c5c6bcb8L,0x5cc382c75ab71858L,
-        0xe12c2c283f6e39f9L,0x4c7e0ef2d62735fcL,0xe071deb1835a5996L,
-        0x24f891cdcbb8c766L } },
-    /* 101 */
-    { { 0x24ef60bf6778c1e2L,0xff49c03d00d5be5cL,0xec11986e2f01a09fL,
-        0x59a728a4ae096e58L,0xaabbcedb7077984cL,0xfb473bd2870ca5a5L,
-        0x8c928c614de30e3dL,0x3fae7f9a4f67abcaL,0x83c2b2ebec21a9cfL,
-        0xafa70d629cd9b5deL,0xadeaea59c60b18dfL,0xd5fef7be4049b54cL,
-        0xfceebc766dd310e3L,0x7748efe38f6321ccL,0xfe9c32b118ee8af5L,
-        0x863ac3cfd42df612L },
-      { 0x0a36fca7b85a2fe2L,0xf3e70d08ee429dc6L,0x8c9ba209141c3944L,
-        0x306a810667272a0aL,0xe69a1555f968bd06L,0xb86f7e47153c603dL,
-        0x9706614aef56e4faL,0xc0dc36b898780b4cL,0x43657fe23a1d3263L,
-        0x01f97a86435522c9L,0xd91897f6edfef679L,0xebbe31d46daa17a0L,
-        0x6f17910085accfbdL,0xe0da6e328f9fc1deL,0x1c9d53dbe1e7142cL,
-        0x3e3f1b1e8b86725aL } },
-    /* 102 */
-    { { 0xb7ea15c07b7fbf05L,0x992f11b61f1a3882L,0xc9ddd95ad1dcd1bcL,
-        0x31f5b7faad0f7e8bL,0x2936e5ebfca7ab79L,0x30f417dc19a55be6L,
-        0x1f6f4e4343cde554L,0x971f5e6582f044bfL,0x73c3b8e44288c408L,
-        0x61aac59fb807f575L,0xa64ee2dd818b58f0L,0x6f7a0a6097a3b0d3L,
-        0x8b85ecc80394b058L,0x9a059474bfb3517dL,0x89ad5977a79c3f06L,
-        0x81208ed8700a8025L },
-      { 0x1093509914c4ce37L,0xf34bb843a1aa48a6L,0x86007024580d58e8L,
-        0x6db42c49b375b8baL,0xac365524ed3bde83L,0x5521e1b4649233b6L,
-        0xbc7cc5d564dd946fL,0x9c14b035bfb5b6aeL,0x7f22ba180146c1a3L,
-        0x0b62fbbc872214f5L,0x3acfd7f7b4921764L,0x5ff10da1cb4d6df1L,
-        0x660e262062600a91L,0x7ac7da9d81d9167fL,0x6e8e260cb6e7a199L,
-        0x44383fb880deb3c2L } },
-    /* 103 */
-    { { 0xe107f01de44f9af6L,0x36381a4d8cb1fa1cL,0xe65be3ecfb7dd493L,
-        0xd0b8435a26a8839fL,0xee60f9153ec789d8L,0xe25fea502bcc5e1fL,
-        0x0477c0c57e44a81cL,0x349e9f83230ba5b8L,0xdd42f32fde180dd9L,
-        0x8b039eaf64a3d11cL,0x80ef884ebeb7083aL,0x288e60c4f12742cbL,
-        0x44156cc5720a0262L,0xcd547de67253b77fL,0x9829a6eca6013a59L,
-        0x8aee708f0d548445L },
-      { 0x18f22d9c32c54409L,0xa9ebfa4675ebaac4L,0x90e2e92886284981L,
-        0xd0201f6f6b3a8e0cL,0xc973016cbd77641eL,0xf926f2f070170575L,
-        0x4984048ffec0ce01L,0xbf696211f319d304L,0x74b5c844c91a88c4L,
-        0x4c40fbcee0030a82L,0xbed67525e4f6d521L,0xaf7e47cc29d67d1eL,
-        0xfa307db8c21d3536L,0x56b6c46abbb29405L,0xf059a7e3033e805fL,
-        0x970f61fe6096a5a0L } },
-    /* 104 */
-    { { 0x1bc53d231bec8e4aL,0x8809ac1435a6034cL,0x4ee081da509e464dL,
-        0x496ae1fd8a488235L,0xa1ae9863325864b6L,0xbaca13e974cd069fL,
-        0x3738cc58b1d8a6b4L,0x5fa71f58e76b9da4L,0xc919be88c7eb16fbL,
-        0xf5c8f13fad4e429dL,0x4583b6712499f9edL,0xbce20115a10d8bd7L,
-        0xf66d76055790bb7eL,0x9316aede482b78ddL,0xe0d8fb2d75f855faL,
-        0x404b5b945a7dcca7L },
-      { 0xf9ee682a517a15c7L,0xaae4cfbcef880202L,0xcee2c1395106a354L,
-        0x5de60192170febe7L,0x589e39fd73d0c54bL,0x195c71358c9092b7L,
-        0xcb7ed53f0a7bfe5fL,0x2bd9242af61cc979L,0x8d2ef16c5395f7d9L,
-        0x0d4ac1ca70b32f09L,0xa587526d52d185c1L,0x2932b04a942d6195L,
-        0xfe25a979a500b0acL,0x5fa1f4ae562fd230L,0x60f55af220da253cL,
-        0x7faa11b583146002L } },
-    /* 105 */
-    { { 0xb0ba4f0c6e402149L,0x3584cc1d963cc119L,0x7740dc1aa6527476L,
-        0x3f77ff75c95715f2L,0xb2f234ad3f89fb0eL,0x55159032ef9be3ffL,
-        0xfc9fb21d04237e82L,0xeb2eff38a153ed93L,0x89d53ae010041d13L,
-        0xcf2e545b7f1bd828L,0xdd4a27ce43953ea5L,0x00d2e5d4d85e75c8L,
-        0xeb93ed62241be1c3L,0x1e53f25f0242032dL,0xb9957636c3a4e701L,
-        0x14b63a52ed98febfL },
-      { 0x7610b55371c43336L,0x19dfd4a623a4824bL,0x7b97a2e00286051bL,
-        0x86abbb9c8f5f1edbL,0x67a57d779b67daadL,0x8ace506dcd5ffafbL,
-        0x85da9f9589ac3c63L,0x081cbaa875a3d150L,0x03353d8fe9346ed2L,
-        0xb2ab61f1a1f9a02dL,0xb0cb09373a659c71L,0xb7e0e30b4f5df8a1L,
-        0x77c4c741eb7d5a1dL,0x8f046c9c728e5cf0L,0x32dd0bc7f7c171acL,
-        0x02485873836d2655L } },
-    /* 106 */
-    { { 0xcd40dd2375a4cd8dL,0x132ca43397bcba78L,0x30c5cd84258d61f5L,
-        0x0a7ec059da1e8e68L,0x07a8f1711d65d40aL,0x869e655ef4350d76L,
-        0xb98ce6f05983ae42L,0x7b61391d9d8bebd0L,0x3a529e25b1ba5d49L,
-        0x46f732e91f6b2cf6L,0xbd66ec6a3fa3b629L,0x397950ecc3ef0ed2L,
-        0xee9008cb5f08b476L,0xfd6be425965a0e2eL,0x78ed513c1177bc87L,
-        0x6798cedffe512daeL },
-      { 0x49e3f8fd1b97c5c6L,0x39fbab3e78c3b33fL,0x4427441240f595baL,
-        0x174225b95d7d4376L,0x880b3fcc79c44777L,0xdc3aca833296b245L,
-        0x55913df71734e184L,0xa4db23d39c934472L,0xcebb3733d1420a11L,
-        0xb9d20cf9f3608bdcL,0xa618acf630cfe13fL,0x75f06b315f30874cL,
-        0x506efe7f9f0005a5L,0x8aaea78c01bfc9dbL,0xf9179255f78e7c41L,
-        0x3ea7aed252e96395L } },
-    /* 107 */
-    { { 0x98617e045b06ae25L,0xbcac148dcb5750efL,0x91ea2f0e604c2ba2L,
-        0x00c19f6b76b78975L,0x79b9b6d0651da181L,0xf3225bebc945705bL,
-        0x30b435f35c005bf1L,0x440b4482bc24d86dL,0x2b8f0996d6373777L,
-        0x65fd6c561c44b4dcL,0xe9405ee630906999L,0x19ff092408aa1ec1L,
-        0xeef3246a3d2f2895L,0x016c3765bc746797L,0x62d2569fd0705f7eL,
-        0x6a8ad39c05250044L },
-      { 0xe45f020d46be7282L,0x9405afed21380f12L,0x4cdca5bdd5da6ad0L,
-        0xc2d6f1847f8be61eL,0x20132953596b8178L,0x8d3b1e7b7a8df954L,
-        0x757c61bb39572b4dL,0xd749b57b80cc3b56L,0x9590ff9337b3ffecL,
-        0x39bbb653145dc94dL,0x70c1c6062335e573L,0x9c2e72d7f763febaL,
-        0x4768e424cc61b732L,0x777d2fa6aa73f2caL,0xdee4dbaac5cb58cdL,
-        0x1a1811799cfae1aaL } },
-    /* 108 */
-    { { 0x6f6ff62f77575ed0L,0x18f14fa97d1da99bL,0x2e72aefb69efd7f6L,
-        0xc45ab4cbddc28633L,0xb0e20d48586c5834L,0xd397011a39775dd8L,
-        0x0130c808f4134498L,0x2d408ebaf5115ed8L,0xc506a05c0260ded9L,
-        0x9e5b736219cab911L,0x4cf508c6e8693a86L,0x4e71245fcc773617L,
-        0x2f71aa1f95d89ca3L,0x4bba7c6a607bbc98L,0xf3a515e7212b7fd2L,
-        0x7d2ddc759230f5a8L },
-      { 0x3d05816d4ed2cae8L,0x4cf6bc7db9c00377L,0xc23e98e6646b08d4L,
-        0xf9ee6c614b9c0180L,0xe11c9a13ef9179c1L,0xa5b6147e8ed9688aL,
-        0x7afeb648d06670a7L,0xd670333c17685275L,0xa89dd96975f9e8f2L,
-        0xbb57228d37a68adeL,0x21a05d5e454cb186L,0x4810158f063dd550L,
-        0x92dd4f084cb6caf3L,0x70c4d8527854abe7L,0x845969dc6e729d76L,
-        0x5a52f87ab1bf40baL } },
-    /* 109 */
-    { { 0xed019e9109ecacbdL,0x6544023d7b89bdeaL,0x7cc51f0b5707371eL,
-        0x14832b0416c8e217L,0xb1aa668281259ab5L,0x6e100f9223e361d4L,
-        0xe593eee9e3a95c2aL,0x699b6bbd16c10e26L,0xad4878739473a13fL,
-        0xf1c14dc5b274987cL,0x57dc00752559e2e9L,0x8449849dc3d47ad2L,
-        0x83df278add527793L,0x770e3ec8eefd5b99L,0x2ae5844676bd02a0L,
-        0x17f027643e705ffeL },
-      { 0xdda4010d29abea1fL,0x636b96952407ac4cL,0x96a601290433218bL,
-        0xf221fc3b163d534aL,0x05ba15beccc20565L,0x1238e54d96285577L,
-        0x1b144257878804d3L,0x96fbf304a89a9fe4L,0xc8a7f06c4be642b1L,
-        0xdd1a20e86e2b085eL,0x8f7f27c2ff4a591dL,0xc17b0753a4a343b8L,
-        0x684b1e88bb173d4dL,0x3accea443dc07bbeL,0xdb15c88d4c441d77L,
-        0x0ef0309a53e5957eL } },
-    /* 110 */
-    { { 0x4fc25721fa8e5b60L,0x646938ad691c0bb2L,0xe46d4b760b0a2248L,
-        0x863f9ac27de16877L,0x503bb6ef2721c630L,0xf8c199df0b67fb02L,
-        0x78c1ed72e07abd39L,0xcf9deb7bb32f0ddaL,0xaff726f06c3c89f3L,
-        0xb7008b2d1972225aL,0x8f5a61174f145f5cL,0x4e0e6f8c457c4f37L,
-        0x8bbdaa441c453c64L,0x57be326da6e92c80L,0xa9bc3fd95d773561L,
-        0x3d3b6cc6bb37b72aL },
-      { 0x6e6f12cc9722c880L,0x3a1b6ae7286b6889L,0xba1cc09bad2fafecL,
-        0xad64ad7a43bb8befL,0xa5af6a0097c3f4c3L,0x2afcb0d9c353a91bL,
-        0xca13fcab69ccbf6bL,0x699a1391f2abc190L,0x2dbd554223a247e5L,
-        0xe206180f95488d9aL,0xba9e7bff1244cc3cL,0x29297abe87d3a365L,
-        0x4054fa38fa4ca5e2L,0xb390623d67be1b6cL,0x1fa67c5778f41a44L,
-        0x2e946e43c7b544e7L } },
-    /* 111 */
-    { { 0x2980fddfc60934aeL,0x2c3e7eff164206d1L,0xf75e7f96416ed75aL,
-        0xfac60cf35cd0b2dcL,0xddc4bece1faad87bL,0x753fa87c9849e5ddL,
-        0xc5d516a32c1bf1aeL,0x565dbea814732b4bL,0x007ebe3ace48696bL,
-        0x40ca74d6cdb97694L,0x3f5cd27065e4e7beL,0x74847c013aac4ebcL,
-        0x6762e03443d6c3a1L,0x690d8c95467a076aL,0x768d78d61eda677dL,
-        0x0997ce550181d8c2L },
-      { 0x9297746c965a0b81L,0x48b58be6e5e12dfaL,0x5573b3c4715f437fL,
-        0xe425e907b565c459L,0x4f43f5121582797cL,0xe5dafa6f8ea5474fL,
-        0x2aeb8fbe13de04acL,0xed7f95f0e8a07c83L,0x3e012a6e662c09feL,
-        0xbf96e9b8c742cf17L,0x8ea5759ae28a1c45L,0x475941b45cf4e2f3L,
-        0x7dd3c02df901a019L,0xe7a4deea70916b2eL,0x50b272b52fa9b988L,
-        0x96f9f09fd0917fe6L } },
-    /* 112 */
-    { { 0x78e8aac42c310a96L,0x32a98303f7a2a734L,0xc46ca83d23962207L,
-        0xad131e6ed9541280L,0x5791fc5e2cabe911L,0x50cb77eb841b6c68L,
-        0xaff93dea3d3c8878L,0x06541f1df1007bceL,0x4ee729c255cdf1fdL,
-        0xe0f71317323e3972L,0xa2de7a41ad4d08c1L,0xa9912abfa35e22bfL,
-        0xa050122b89b03325L,0x8b9e51f406514d4eL,0x423c7aad79d3e0abL,
-        0x71998e2640b8fea5L },
-      { 0x40140fcdceb6ed78L,0x653cf37718534516L,0x0450b65ae8d60dccL,
-        0xce6c1a769dac55f8L,0x8a96a92dae05686cL,0x2fe4476212712562L,
-        0x747bcb50a4f39425L,0xf0ec6ff2fc531fc2L,0xc97c344710fe9ff0L,
-        0xfb4887839c792cffL,0x552c5248026fb019L,0x4001a29cd804c290L,
-        0x742b5ad835c8ca73L,0xc3781f176ee5dfa0L,0xca6b85f03dfa4ab1L,
-        0x8389941a0b0d32acL } },
-    /* 113 */
-    { { 0xc0f062a2de067dffL,0xd4f32690bcb80162L,0x98cd990d0707a2bdL,
-        0x5afc63b8fae4a391L,0x684f1b7bb32ad814L,0xb0a2dce2f199dfb1L,
-        0x2260e17f48f25848L,0x7393db00c2d5e862L,0x9e88f854338cf171L,
-        0x0067942902acf522L,0x19157cb86835af3dL,0x2faa6f92b8a2614cL,
-        0x04ff95f5134ec46cL,0xcf00626efb7a8135L,0x454b3d05b37a4704L,
-        0x1fbfda312694ec25L },
-      { 0xfdebb657c8f69c77L,0x92a8278ba3df88faL,0x463b5571c1fb78b4L,
-        0xd2066a1a11c71a33L,0x10c88143089958b0L,0xb975c7e0cf9d67a6L,
-        0xdaa5d20873037b8fL,0x5ee5005d40bf5861L,0x300e6ce77dba69a9L,
-        0x893c3cb3c962cc74L,0x0ac986294cf84055L,0x0a7ef63a225c9d70L,
-        0xfe184869b91e47e8L,0x1b9d7deb8c2f84beL,0x67788915c0e278bfL,
-        0x4f9488cac426f19eL } },
-    /* 114 */
-    { { 0x610dfcd4dd51b8ceL,0x0857927836230e80L,0xedc7ff1c36599562L,
-        0x905ead4be2cae877L,0xa1c325d9e7967608L,0x3e39edddbd38926cL,
-        0xda92c8685f6f0a4eL,0xe16f800af47a0fa4L,0x50b4db5be5f60aabL,
-        0x3665412f983853d3L,0x64b622509b79789cL,0xea5600584e0e72b2L,
-        0xabbd4901e555c2bbL,0x378419a717292e11L,0x6e0b5aaae174218fL,
-        0x688e06848f796b92L },
-      { 0xcdfef641313b8f64L,0xaef11b7b942c7462L,0x067cfb775c0d8abdL,
-        0x608ea5f0af4041a9L,0x23d5bd826935210fL,0x5ab904fc27917a08L,
-        0x85dbb1fe45d22d21L,0xc3d5e5094d36159fL,0xaebb528e1d39b8f2L,
-        0xdd5ca828f44acef0L,0x24209adf20c57a54L,0x5742b43378f95f44L,
-        0xd11fa7d9a9337d37L,0xd66a0c09c64cfdb7L,0x56e55b8f9bb817ecL,
-        0x1723c7e3e4c41265L } },
-    /* 115 */
-    { { 0x9a6486d8dc8b43f3L,0xfc3e0e6126409e68L,0x1889c437d9b46003L,
-        0x3a8503356284ec7bL,0x5a3665c46a9dbaeaL,0x7bf6941de978933cL,
-        0x1ed5a51069341490L,0x664a7b7a8cb8002dL,0x603f76e460ed0a59L,
-        0xc3e06ba31f4ebf27L,0x296ced41f2c38a7fL,0x2ac18f79cf1db08aL,
-        0xc919e882cde7a3b6L,0x15e77d29dbf68b06L,0x21978baa4e947cb5L,
-        0x84bf542b7630993aL },
-      { 0xc1decda9e364f21eL,0x0d6cf345012e557eL,0xba246848588f90e1L,
-        0x9f6dda4be3b104b8L,0x6bf7a346e3aef57aL,0x210299fee8327ea9L,
-        0xaa99f487da95e6c7L,0x24ff813ed2cdf645L,0xd1dbb2d28bd414b8L,
-        0x065101afcafa1a61L,0x7d9f4b9a9cdebda4L,0xaf41b395e41039e4L,
-        0xe3e9e6bac50adf42L,0x4f2133ae341e9e49L,0x4968c0f3cb157f23L,
-        0x383f827bda068153L } },
-    /* 116 */
-    { { 0x2ec46a216583ff4cL,0x4e645a294ad709e7L,0xdc66e9cfc04ca12aL,
-        0x82f128f49160a7e5L,0xbfb227b1569c762eL,0xf80c7963c2edb8e7L,
-        0xa7dafe0649a0f688L,0xb7e417542d14b8ccL,0x3a0c5c5386de40beL,
-        0xf0d052861db79331L,0xb902ce69fbfe071bL,0x61e46956210e9903L,
-        0xfaef874ef703ebb8L,0xf668947edd5f78b6L,0x6fe865475af5ea3aL,
-        0x3b121f1543f94625L },
-      { 0x5b26e847659275e9L,0x47581cfd6d0fce50L,0x55f5cbfd8aa3f1efL,
-        0x1e7be315e484e60eL,0xd8f1a20ffe9698e4L,0x25d46da97ab04784L,
-        0xa526db75834cdb3eL,0x1fd408d98d08a009L,0xfc004b205b5ca816L,
-        0x5b3e3bb365e4bbe8L,0xf50cc125759bb6efL,0xf05fa817c2fac737L,
-        0x9ee102d2d273951aL,0x2a8e540bfecb3367L,0x673446fb2a6a515fL,
-        0x5505e1d137290c83L } },
-    /* 117 */
-    { { 0x0c3014a1d15e68a6L,0x6f9f0b2664dd35e5L,0x18c3742d03ad67f9L,
-        0x74818c0ed2c14484L,0xc51811690d41a3cbL,0x65c8c83fc49f3e9eL,
-        0x9b260c612c279386L,0xf6086faeced04e9cL,0xa7b2ccebfd7c4758L,
-        0x4b3c313390297fd8L,0xca8264e809701ac8L,0x9f976a87508b3762L,
-        0x5d582714983a8dfeL,0x350d2669d9d598e9L,0x85cb89cb0f6fd348L,
-        0x617d80d4a574317cL },
-      { 0x4cef267e70022b67L,0x80536bb53768b94aL,0x3153a566d2784462L,
-        0x49054d4438243919L,0x8d11e1725df78c4aL,0x9b252a71d5a1e35aL,
-        0x07866c808171e31dL,0x0a8501db1b38a00eL,0x2ed932b8ce770236L,
-        0xa2d776098edaf7d0L,0x3aee5dabb93006e9L,0xfaffc8c4bbfeb036L,
-        0x077b96784e21b38bL,0x491fc59fdca8e069L,0x3f624f550e938471L,
-        0x5156f5087cd1780bL } },
-    /* 118 */
-    { { 0x58234e220206e8d0L,0xf5f6f5d47f15af32L,0xafab7289d638950fL,
-        0x66ec4d097d4495f4L,0xad890c5d68da80a9L,0xe4aa092064f8a36bL,
-        0x799e257e0f4d5c5fL,0x44c677ae24495e31L,0x720387b3a5b8e352L,
-        0x703790f475a287b9L,0x54895cc5c3c1f2f7L,0xb8680f9b41a7fa41L,
-        0xfcd47458b00b008bL,0x149cc838ba6473cbL,0x78ed5f7aac9be19aL,
-        0x5254599cb33765baL },
-      { 0x08739679a21b54c4L,0x029ece2ab6497d9dL,0xf14f1a92c8488640L,
-        0xae48dcffe9fa79d9L,0x14b911c246c208dbL,0x5ab0fbf2dae3f69eL,
-        0x180ac87ed1edb838L,0x146fd718188586bbL,0x210eb6545467cbd0L,
-        0xaa2394081667cfeeL,0xdb125c1ab73d1a60L,0xde685300881c1cbeL,
-        0xfe34c71337c30232L,0xc6c6070e6f3c8d18L,0x07e365bab4af4e83L,
-        0x22f0a7eddcf82b45L } },
-    /* 119 */
-    { { 0xe262791fea7f1b7fL,0x9c3d8c5ddcff09d4L,0x86c2a9c339c7dc58L,
-        0x4dad40174276e8c0L,0x0a918f59e9fe1d56L,0xb8d796702aa810c9L,
-        0xeb7a88364aa5cdc4L,0xfc4c23bbe7afa72eL,0x4dbb5c9e4ac86908L,
-        0x37e390136a0c7e6fL,0x855d700149c218d2L,0xe475bc6794b324a2L,
-        0xc98a8dc66287a071L,0x395a299b5fb4323cL,0xe186c3ee0c0389e9L,
-        0x79f81e6f16734c46L },
-      { 0x83f2c1f3364f3c4eL,0x536b2ac51367e14bL,0x44a6dcfc5933e43dL,
-        0x34e5947510d961feL,0x08234ece7e3f2aaeL,0xcb92e00abdea7f25L,
-        0x1efba4f0a791a124L,0xc2086fd21192d53aL,0xfec0d0fcb51c8af6L,
-        0x48d1b2cadc0f1b5fL,0xb07a388f812dbe19L,0x40873a6adedbdd45L,
-        0xbc2a1268d702589aL,0xbbf6e3a817e27b64L,0x73ee56636d386e85L,
-        0x442ecd379de7c000L } },
-    /* 120 */
-    { { 0xb4cd1ae68a2f90a6L,0xf277d41d6f5ad0ccL,0x6a3828c4401d4b8eL,
-        0xe817a134d8376631L,0x142b758df5e1124bL,0x25fbc69dfd6b95e4L,
-        0xa30c9f5fd74a9e3eL,0x5ac0f163d89663ceL,0x32a9eef70ce6386dL,
-        0x7a690ea5d8ed5544L,0x5de23ff09889427aL,0x75ad36a5eaaced58L,
-        0x3514a6c1d3e18465L,0x3d9162c37f093910L,0x5c10add9e33d56e8L,
-        0x85176b7306aa691eL },
-      { 0xa32110fa28a21e38L,0x97b6379d5773d538L,0xd3697bbf2d020dc4L,
-        0x59177593961833cdL,0x6d7045fae5fa8516L,0x3390f29a786ab5d2L,
-        0xac0bda30dc4f5b70L,0xcca0240adcc615c6L,0x8e1f1702c5146d91L,
-        0xceb472d0a72cef87L,0x848407080b669ba1L,0x79b08f9d7e61aa0aL,
-        0x388160be4669560bL,0x23935c2d948eb71eL,0xd7fd83c09431590cL,
-        0x8ab154bb6e5768b3L } },
-    /* 121 */
-    { { 0x28686003353c4a96L,0x4e5c60e8905cd835L,0xbd5913648f66f8ccL,
-        0xb6b80b989faccf9eL,0xbc1c1faee32639e5L,0x2f6396d2278aadebL,
-        0x00a796d01898202dL,0x18ab548f3a474835L,0xacd056c3b31b0e3eL,
-        0x15ba68dd0164512dL,0x203836d94b03f3bcL,0xd64eca6bd8f206c5L,
-        0x931a361e9f1779b6L,0xd82690fc52ab34a8L,0x342bb8e092922e22L,
-        0x1bfcdd84e00b02a9L },
-      { 0x310b9a4375a365d9L,0xd4ade15e08d8fb03L,0x9c9753d7d742df83L,
-        0xcf7309d4de318742L,0x1228e2123360ace0L,0x1043d238f7669643L,
-        0xfc2adbedf90f5a53L,0x41d64cb77b5f9397L,0x5200b30ac446d010L,
-        0xc3c8642d231720feL,0xfcc0122db9aa2075L,0x856e3b12041eae47L,
-        0x4586445568c876a4L,0x1a1c7842233606b1L,0x9b766d1f227757bfL,
-        0x25b78a3bf7b9d4f1L } },
-    /* 122 */
-    { { 0x90835718156707ceL,0x9bdc23984314f90aL,0x017c885a8be57dbdL,
-        0xd4bba225ad63a4b8L,0x5ce71b8615aacffdL,0x5f26647572954722L,
-        0x0a80f1f74f0ad3ddL,0x010538a3fc352ed7L,0xf8a640454203c6caL,
-        0x2b2c7a88330c73b4L,0xb3433ee602dcac1bL,0x2e0499cfed2b17c7L,
-        0x9f8681a4bd6329c7L,0x3897994636fadc37L,0xdc5650c892b7895bL,
-        0x70ab957065a51cf0L },
-      { 0x46778ec47b585d93L,0xca6d3610a633fe4eL,0x21da154e4ea0311aL,
-        0xaf22190bbd64002fL,0x9e633ac7d91cb7a9L,0xed13c31fee6837d7L,
-        0xda4a07d71616ee8aL,0xd78a27323afcd616L,0xc06696e5ba14d694L,
-        0x733754d74df58420L,0xe85e504e2778e3c9L,0x3055aa0c55b5a5c2L,
-        0x313df5388a3acb5cL,0x5896acb52a088edaL,0xfc8842a084c85ddeL,
-        0x5fec9f7951dde6beL } },
-    /* 123 */
-    { { 0x5ebc2c7cfe519f99L,0xe396bd80e5410353L,0xaded94028a3988f3L,
-        0x1c03b735d601bda1L,0xfd30203614ce64acL,0x5837ebe901240290L,
-        0xcaaea1a3a554097dL,0xdce73d25b0b88139L,0x35ed412becb090b9L,
-        0x99029ff7d63dab3cL,0x555437d9062db071L,0x277d2f5642a4c11dL,
-        0x477fa64524fc9109L,0x7b12e9b72799254dL,0x7ad2ae22d84c618cL,
-        0x0a8d5663ce8ed195L },
-      { 0x43ac51630a21fde1L,0xcfcf5dd66903d849L,0x6d2499ee5fdd6281L,
-        0x4dedc6f077a49a34L,0x46bda2c02875c06fL,0xd0e0e0f6347b8046L,
-        0x1058169b5e67836fL,0xc961912ade8a8042L,0xdf3fea0aa93b3d32L,
-        0x9f138edb0c576bc5L,0x7971ad6ed8d37e47L,0xeab85739cce5e7cbL,
-        0x88a4b4341d202b40L,0x5d842557e3a1fd26L,0x872fabd5b3a86f91L,
-        0x95b934936aa4629fL } },
-    /* 124 */
-    { { 0x9998a70199f951deL,0x8fade596f058db45L,0x4d479c1ef3d03dd3L,
-        0x6e928d5d33b141d3L,0x9a465800acfe8a40L,0xd108ad2fc1cefa3dL,
-        0x64b96921e013726eL,0xb9b6a6b68e83bb9fL,0x29f1e6dc1242e544L,
-        0xd3f8f6762f65966bL,0xa34dd0965e105b41L,0xd4e9139a16011e1cL,
-        0xeea4dc682515541bL,0x6f8030acc822166dL,0xbdc7ae1d31d16124L,
-        0x2e25ef51621afa7dL },
-      { 0x2533cf8fdd8e7357L,0x333ba218eaceddb8L,0x68e3e31d0784d2acL,
-        0x1c927f36f2804ae2L,0x01433d2277e7ad7eL,0x0b401cf0587f78a0L,
-        0x9dfcf036aa0027aeL,0xc9e46c8b1d9a46b5L,0xaa6de4861f288d32L,
-        0xdd56da2f1b8a043dL,0x346230e5f2d0bb56L,0x19f0b6e419defb56L,
-        0x55ec37cd21d2c874L,0x3dbf0397b70e45b3L,0xf0862a8dac7ce852L,
-        0x87979ea7e141f3d6L } },
-    /* 125 */
-    { { 0x9b7e7b3f7f1c747fL,0x151a4c1dc6e63369L,0x4273ff70b372dba0L,
-        0xca6d2234d3ee54feL,0x12fc8e0cd33cae0fL,0x273285385dd6f10cL,
-        0xc86f3fbdf01a9cf9L,0x5322677fe36cae91L,0x39a700332fefea44L,
-        0x2c9ca328ce8af217L,0xc0256776f6a731f4L,0xc687b3df66a96813L,
-        0x194aab128db2eda8L,0xde30dc5aeec4febdL,0xc052236a979241b2L,
-        0x3ec98802c23d4c16L },
-      { 0x0f9e760c4072f74dL,0xe78eb0deab594059L,0xdb3dea40c9b009c2L,
-        0x47e875f038b59ae5L,0xf40eb4362b4daa06L,0x9a6a4f92090f3788L,
-        0xefebe9afedbfaf8bL,0xf87f96a59867e256L,0x1e6fed2375ab6aebL,
-        0x17f2782a3fdb13cbL,0x5102c71e70fa2621L,0x5d2b06ecfd4c0dbeL,
-        0x537cc26830347297L,0x8dbf5e2b2b67e780L,0x2f633f3aba25da32L,
-        0x3e9315e8efaec914L } },
-    /* 126 */
-    { { 0x9255cfa5239a9ea9L,0x20f3c6900be33a62L,0x759eeb4b9cb642bdL,
-        0x3316c54600bae718L,0x874a76d5f3410f84L,0x123b502e90f129b6L,
-        0xadc8f9a812851f1cL,0xf57b764a1b62408cL,0x116ec01f1a80777bL,
-        0x746ecef21f0ddc5cL,0x3c49d47ce5a6a5a7L,0x1e15dbe706e955baL,
-        0x629c0c79b45d79b0L,0x11278308778d1087L,0x22585dc78c6a22d7L,
-        0x2ed02a0d0a682791L },
-      { 0x530434164daa2682L,0x0e26d32b01359625L,0x449c834abd867097L,
-        0x11a19d2bee77ae2eL,0x39bd529a3af6c169L,0x36cca5c05cd61054L,
-        0x6370a59bdc6c0fe1L,0xca420d27b93d5135L,0xd8730d45554c451aL,
-        0xebd258c996cdebf2L,0x0cb1b990a50f9a05L,0x69a8c97a7b0f0151L,
-        0x2cc36d3411d217e1L,0xf117688a752f75e8L,0x1db01394a09b2a61L,
-        0x14627844a9efd7ddL } },
-    /* 127 */
-    { { 0x6bca3aed232803cfL,0xc1e4398b9a96ff34L,0xcaf6757f74ab788bL,
-        0xc3a53e007e68c04dL,0x5f969c195cb7cd20L,0xf28b65a6dc068bcaL,
-        0xe3ca01d31d863032L,0x9b733b8187808e14L,0xb5d704d9efe618beL,
-        0x276f3542b01b946dL,0xe057e19efbedddbfL,0x7d182f2b903275ceL,
-        0x3cdc5f77880f7bc6L,0xd6f03d3f78476c14L,0x035f5557a9ba5072L,
-        0x7acb57b6b4029628L },
-      { 0xd241356944e6b07cL,0x451c4cc9e1c7345dL,0x407444d8e273b9fbL,
-        0xfe496079b88e34fcL,0x77d184cff152776dL,0x6d1033b9c742299cL,
-        0x29a0a68477bf2897L,0x59ffdf10ee8f0420L,0x4e17146c44bb56d6L,
-        0x831d06c2fb9ae855L,0xb2cb82dbd93e7cd5L,0x83381c463c96b607L,
-        0x06aed2517549e2a8L,0xef97891c774a21d4L,0xae9807c78675fbddL,
-        0x6a5a05b96363516cL } },
-    /* 128 */
-    { { 0x92e71ea66a8f4f33L,0xf2fc6fc64dea8f4aL,0xd356252cfee88461L,
-        0x59b0a83e08954d08L,0x5bd68c23468ab766L,0x40281357900f8d04L,
-        0x181c19c052b867aeL,0x986a516918764c41L,0xcb01dfae13575d24L,
-        0x17269ae5593677b7L,0xf6d1702546dc9b19L,0x8de68499c40097c8L,
-        0x76df0032259c407bL,0x4091aad917d29d8bL,0xa7f46d214a7ab5f6L,
-        0x688054b470ece48cL },
-      { 0xf0d168aa51a5b86cL,0x2437e4d895777247L,0xae844076f1720329L,
-        0x0a7ac87d9647a54eL,0x1e597a4b0405622cL,0xedefe5c6f0a79f2fL,
-        0xaf3ef0c24d55156dL,0x917fb04eef047cf6L,0x3792799f54b62137L,
-        0x875ea32f314be0b8L,0xe157c65b0c466b0cL,0xd28c90ce7e218978L,
-        0xb90fc3bacde587afL,0xdd32d71c8b877bedL,0x3b432200ca8e10cdL,
-        0x0021f419d94f6e53L } },
-    /* 129 */
-    { { 0x2191122c43519d26L,0xbdafac1d40a51845L,0xcc6f71e9548bb89fL,
-        0x9ef3375c16844bf9L,0xe7789f79178e8d55L,0x04f599b61f8be1c5L,
-        0x8088c99a2cbbde40L,0x8939a260893206c9L,0xa1ae4bfffcd30851L,
-        0x664cb3fee08feafeL,0x61f38099ff14aabcL,0x0d8394cc2a841ef9L,
-        0x75fad8ad17f01db6L,0x6fc345766debb773L,0x1e716b05a4252512L,
-        0x7985588029e1ed9fL },
-      { 0xa2cb3aaa95106473L,0x95fafa415a61da04L,0xfd3c9362539563c0L,
-        0xbaa4809195312b87L,0x6c7e7582bf885c76L,0x70f6dab6230c78d5L,
-        0x8ce3051c7747440dL,0x6dbebd14ffdb6186L,0xb0e041fa190e4096L,
-        0xba10c4666ee62e2aL,0x93d57e2a74f333d6L,0x006aadc4fe7b9b66L,
-        0xfaf72f6c06d2837dL,0x318cc5e6910741eaL,0x9c50260965692477L,
-        0x95d823c31d0fb08dL } },
-    /* 130 */
-    { { 0x6aeebd86140528a5L,0xf268c2ba53979bc8L,0xb1bc9b8a4ec144abL,
-        0x1efabb0d82a7d7edL,0xf12c70d14e0118d8L,0x31607168a1c1558eL,
-        0x33e428b7e4b7e73eL,0x6317663783aec9ddL,0x5172ffbee12ac35cL,
-        0x37df0bfbbc17b2a4L,0x4212f870741f812aL,0x3dcecbdbe2888f9cL,
-        0xa9dc15aa756ca55dL,0xf31918ecb9028e41L,0x7ede02856aeadb03L,
-        0x0e2708d578654f54L },
-      { 0x2270cc53cde20f88L,0x9338272c5f5b1039L,0x5042e19e5dcb1dbfL,
-        0x4b3de219b72d74c1L,0x16c49a8b2aaaaa55L,0x008443e5bba86ba6L,
-        0xee6bcd7220cf1695L,0x59ffac6ba89abd11L,0x2831217bf115639dL,
-        0xe4d28af2f34cba52L,0xf27f03e70727a906L,0x6842c79f69017766L,
-        0xcb3469bd7a81123eL,0x48c0f346a42973b8L,0xfc5784a623990dbdL,
-        0x0d3dab3bfb299678L } },
-    /* 131 */
-    { { 0x8f8376e6ce29c3ccL,0xcb0507ecf016cbc6L,0xdebff9965e394ce1L,
-        0x24fc526f73c50d41L,0x4edd5a542d16ce3dL,0xbb37bdd991c13141L,
-        0xe3442ef2e33a8606L,0x2ae90337c0629da8L,0x57faec64592ab331L,
-        0x1a938997d82b857bL,0xad6c8cb9a3373176L,0x82595de29086751fL,
-        0xa81e97fb18c17196L,0xe4f48a13bf697357L,0xa1387c2e5cb89f69L,
-        0x530b4eeb5874b426L },
-      { 0xe9f275a1bab7b5aeL,0xbb69dc4d03a57bf4L,0xc974dc4aa45c505bL,
-        0x726369f3416ac402L,0x735e4e78aed985dcL,0x0548d879cdd446a1L,
-        0x84ceb0699e16b02aL,0xf73f6fa4789b11a6L,0x6aa0c41fb2a4e784L,
-        0xb1f7690293a9b697L,0x814cce00f03a8ab2L,0x64cb255b844d66c1L,
-        0xb794e7d630952201L,0xe052d4e43da32271L,0x5278b2e708b6a4d9L,
-        0x9094255280c6577fL } },
-    /* 132 */
-    { { 0xd269a14d0d5b4c2fL,0x2b8fc59b5c8a649cL,0x95becb3ab0e37d4aL,
-        0xfda1a7689111037eL,0x5810e05a94e35322L,0xa24dcc12a178fafcL,
-        0x5c2c63b28e3dce62L,0x995c3f179452c444L,0x35330ec342d45161L,
-        0xa025a60ab4ef8129L,0x854932528bae9c13L,0x25d1a606e2e3caf8L,
-        0xd44091ab3649bf47L,0xc7d0afbf704ec5f1L,0x27bd1d62bd8b3333L,
-        0x50570111cfe616f5L },
-      { 0xd0084acef534356bL,0x9df1de054b4b0fbcL,0x021afe05cee04dc1L,
-        0x64bde688361b78e1L,0xa324fcc7ef78d38bL,0xfeb372ceeb0a5e4eL,
-        0xef04fcb365811996L,0x7dce5d505eb0ab4eL,0x1e29b588238c586eL,
-        0xde5e3197bcd80037L,0x8bf5e4514806b9cfL,0x4330968bd18e67abL,
-        0x26a7d04ef9f63fadL,0xa1c7f123b5c18bb4L,0x485b848225dce22cL,
-        0x8ff0b36fd540e79fL } },
-    /* 133 */
-    { { 0x99f2e2f43ff42cffL,0xa3c19f9d1c35317cL,0xdb749392aba1b545L,
-        0x84232b054afa9a32L,0x0b855d46d7dcd436L,0x8ac35e2045cf9915L,
-        0xd7cf22c7f001a218L,0x057d35aeed408305L,0x25a4a519553ccfcdL,
-        0x5e56579393e2b939L,0xa20332b03422ec27L,0x9b09005e3ac53958L,
-        0x628051a379e9b163L,0xb4a0dc09fc6618d6L,0x9e0e857f6748e7afL,
-        0x71b28eeec577d63eL },
-      { 0x4942b0cd99726bf8L,0x1290a3b91c208f3cL,0xfd7290e7b0598eaaL,
-        0xc6a7791fa25a9128L,0x2d33db24c037d7daL,0xc21efeb070e2837bL,
-        0xbf70d96ee3dae2a0L,0x43ed819185076027L,0x4aeb0aa84d4ad7e3L,
-        0xbc75101fe8c5b74cL,0xdbfb2a6ead26ebddL,0xba8120686b78aa4eL,
-        0xc94aa8f2e1159848L,0x0d10d9db3eba5c4eL,0xce7fec476318295aL,
-        0x7294711a330d925aL } },
-    /* 134 */
-    { { 0xfce4590432bbd495L,0x330f4dd1be54973fL,0x006bee1d5d9c3f4eL,
-        0x40ee607859ba7204L,0xc194fd3f42c2c768L,0xa0e76b12e9fe88beL,
-        0x17cddddbec2b0210L,0x689d436b00811ec7L,0xa6a6ba37284be9e4L,
-        0xabc395b2007d4114L,0xf8cdf9f30f11e744L,0xc5febec8e9396402L,
-        0x8a751743eeb46285L,0x99bf8782c6e0d137L,0x3965e170beb292e3L,
-        0x001c39d85801fd5fL },
-      { 0xf4805cb9da4a0912L,0xd27cb76a4410bca4L,0xef3dcb8eec71d65bL,
-        0x780fbb2b4816849aL,0xef6a7026a8b24635L,0x15625c8812c44e68L,
-        0x624c232c4d7a74a8L,0x81a770374b1631e4L,0x04e4f7f1db917c2eL,
-        0x1d0465fd1f61ed95L,0xb1048049cbde6e3dL,0x637ce0c1d7131fcfL,
-        0x22e4dbc28ada4715L,0xf7530c5cace99726L,0xa0160dccee287450L,
-        0x9132e670bb91af13L } },
-    /* 135 */
-    { { 0x8057efe27996099dL,0xb72344dba06e608cL,0xeb4a8740d0958588L,
-        0xe53daf0679e5aee9L,0xc9560a9a908a2fadL,0x7f4be131107e706aL,
-        0x6d5f3d9b2830246aL,0xa5f8e8da27cca3e6L,0xeb51dca64c28f292L,
-        0x4cfa310ef31dfd78L,0x92e0c7c22ca073e5L,0x102f1694a40da683L,
-        0x16bb07cc750d38fcL,0x703e83e2badae035L,0xea93c066b4d3c9ddL,
-        0x7d0b03e579940ed1L },
-      { 0x5fe7ea304dd94c63L,0x57ef01c5738b0b3aL,0x9534a78ca14e6b4bL,
-        0x07622cdea5353276L,0xaf696a077c22d006L,0x733c18867d46b209L,
-        0x9654ccbb626c2b4aL,0xa098d3a1a84f3c4cL,0x3596f9ed2d734b74L,
-        0xdfd3021a5d551c90L,0xe2ba7d2f1ec5123fL,0xf9726925b2c1aa39L,
-        0xd2e75d0ef8eb2927L,0xfaba712e19192a6fL,0xa606b43a9b83e50eL,
-        0x31b1782fdab5de60L } },
-    /* 136 */
-    { { 0x878dba454034db92L,0xa39779018f34dc4dL,0x8d004f2edf754c33L,
-        0xeaa5954acd563a88L,0xa29d6c89bb5ffad1L,0xa8adf655b0d8bdb8L,
-        0xf7fb842d8cdbdb47L,0xb72e3a0380d3205bL,0xc335b0b27cac7ca9L,
-        0xffc60bcbd8a5475dL,0x736f7719eba4d25fL,0x3d901c380c50fca6L,
-        0x1fdacf7b80c01900L,0x75cf658f5681f84dL,0x57a7e6345cefbbc1L,
-        0x6fc0fbe53e07ed1fL },
-      { 0x496d116bb81b0e5fL,0xd82dd2a52ac853b8L,0x357e22d4327387f0L,
-        0x3e332a84ba912c59L,0x8b71c64349d5dcc1L,0x0c982ee9438d85d3L,
-        0x90b9553cbf7fcd4eL,0x2cb39bbc38fed5e3L,0xa2c67c9c5ac42903L,
-        0xebf21217bf07da55L,0x55ac05ada0b9e4eeL,0x10bb12c28ee9e0c6L,
-        0x5cf3aee548bb6e3fL,0x4ae7269c8b046e91L,0xcb266012aa0e553fL,
-        0x701935a1a94c8fc8L } },
-    /* 137 */
-    { { 0xde58d41da4626deaL,0x25ef66ca15b9039fL,0x99a810a43164e65bL,
-        0x9fe6daad748cfccfL,0x7ab9a6bd2f142fa9L,0xa4cba1685d471796L,
-        0x12d30b366bc3a39bL,0x1f46a5dc8bf45076L,0xb868e5291421ac0eL,
-        0x7a68620659bba1c4L,0x2b4b552eda698b90L,0x5039dcd4e5453707L,
-        0x42a07a9e9e90165fL,0xa838fff3d7d45dfcL,0x41991e5a3b5ceb30L,
-        0x6c961ec8969ca600L },
-      { 0x703bdc1bc4e7eb46L,0xd6bac557596c7b48L,0x4f9917cd66afd74dL,
-        0x56355105656ce6f3L,0x3d1fb50c32497175L,0xfda6783e63effb2dL,
-        0xbd79f1f3eefaa2bdL,0xa4efbe5417af9ef7L,0x6cef64625a55b7a4L,
-        0x116f32381a713304L,0xdb2a2a7fb95625a3L,0x6a0aa43a0b027e96L,
-        0x458fe5d24832b3bcL,0x523418df5adfaac0L,0xc05a89cbc49e7f9aL,
-        0x830883d869e24b53L } },
-    /* 138 */
-    { { 0x959b1c6202557389L,0x5fe5ce97adefc0bcL,0x893bbe7f8330f383L,
-        0x27e0c6af16cfb81eL,0x6f64e65bd04428fdL,0x53de9245b79e6182L,
-        0x08a313c1487e11caL,0x65cec3b9445bce93L,0x33bc0314d67ed49eL,
-        0x69f36b2430782352L,0xd78e5daf93ad31d2L,0xf2682b70c780890cL,
-        0x7015c34f9e45efe9L,0x135d4ba4e6cbafeaL,0x43a378a47e3fcc6cL,
-        0x2376f97f96638f8cL },
-      { 0x0a6e1ec0ae575b99L,0x7e14cb4f81b970dcL,0xf00a3824d3a73947L,
-        0x0b4b9c81fb235a9dL,0x8d15115f5bf62944L,0xcfd35b431e165d7aL,
-        0x5d12fea2b2ee3e3bL,0x629984a6f5182e7bL,0x4e43e2f3c365d08eL,
-        0x9932709130f36e72L,0x698b4a00fd345401L,0x23c4fd0ebaf96dceL,
-        0xa60ba0ae23675554L,0x51bdac2db0325784L,0x8ab4190a215464a1L,
-        0x8c4616616bf10296L } },
-    /* 139 */
-    { { 0xeffca2582d1f36a5L,0x0eded2b2894c5f2dL,0x35a5cdb843ced84fL,
-        0x290f8982db0e3b9bL,0xcce0eaf00719a112L,0xd0e657e439a362d6L,
-        0x5516a55d62697e47L,0x269e1f778e636514L,0x5e3dedcbd50269bcL,
-        0xecec2300441c57c5L,0xdb83f31cc705578dL,0x1bdefb731e489eabL,
-        0x20b678cf395fcdb4L,0x908cf91cff9db001L,0xcbebc6f455f52cc8L,
-        0x155ea622b4c61162L },
-      { 0x94be2f1f876fa42eL,0xab5e87497fadeee7L,0x692e70f538c865afL,
-        0x16e99b84df8059b0L,0x0ceb606e8b5a7ac9L,0xced233572d463d2bL,
-        0x2d0f26232a9a09a0L,0x2529998c3861fbdfL,0x711888a7c1be310bL,
-        0x9b1229c50d8aade3L,0xdbcf9b783b13533dL,0x3ca746f8ff029708L,
-        0xa5a013a1da83ef88L,0x8e904d184ab28444L,0x2fe84b3dbcbd4abaL,
-        0x8f570f24259058c3L } },
-    /* 140 */
-    { { 0xdeb66c8a2ca9c508L,0x2dc5bec269d6b780L,0x16d6126688ead600L,
-        0x61841b9749d72614L,0x41e40e6cce472e6fL,0xada242641fa7a876L,
-        0x45b9fd33cc3997a0L,0xb25e8fa97c15dcf4L,0x0124ceb212e9629dL,
-        0x3a8c72c67db3d956L,0x8e2ded2b7c1a7844L,0x94ab09c66dd027ffL,
-        0xf89a057d7e7a2bc6L,0xad8bf226cf70c763L,0x4cb268e7c8a26212L,
-        0x3d171e87b2c44c1dL },
-      { 0x382ac16e8ce49820L,0x24ee45e2c0c44dc9L,0x0ec6791273e858c4L,
-        0x918cb25c46327cf9L,0x43e3876bc6159c1fL,0xb6b6e0e037545cb3L,
-        0x64b839ab5d12347eL,0x72e09274a300d541L,0x26ab28e6881c1169L,
-        0x4a580fffeb75a843L,0x0a5802ca359120dfL,0x7fee82d03209f4a3L,
-        0xb518016b8e6a9380L,0xb99c6c70c2ee11caL,0x16105af1ab9d4ec7L,
-        0x234e98f834cd9004L } },
-    /* 141 */
-    { { 0xff43520814db9cdaL,0x99cfdc4796adec90L,0x843aaa6faf458b6dL,
-        0x3f1f7415743eaa31L,0x915e192e61735d81L,0x3441a22d0ac595d5L,
-        0x704bbf67c044bc8dL,0x2f960471be23a236L,0xcc32638815d1d557L,
-        0x9410230b76b1dd94L,0xf2e5439f0c1c8a67L,0x56b141ac833c910dL,
-        0x467c999f865b84dfL,0x1b0251fa21f02b7bL,0xde5b526096216950L,
-        0x6a2130e3ce3a1e93L },
-      { 0xd21b67a04b3ca1a7L,0xaf42ed5300c0ce80L,0x22ccd368932cf07aL,
-        0x36523a815c25c35aL,0xecdd39588dd04d06L,0x73da3502b2f93a3bL,
-        0x4c5e0c3cd5e5b530L,0xef9f548613268777L,0xed87fefc1e742292L,
-        0x6d9ac29ea24e5edeL,0x08abc9f033849f1aL,0xb09b229240f23905L,
-        0x6791072c7f934353L,0x102a6381e6aeb550L,0x3ee0740996feb870L,
-        0x34f06faa9c4d2830L } },
-    /* 142 */
-    { { 0x869dc79f2348f005L,0x9b5c5d71df4920b1L,0xfd1b57ca6dee64a4L,
-        0x21b7f734e82a4fb4L,0x637cb834b9578366L,0xc934101b7d287d96L,
-        0x1590f8ac0392ecabL,0x280dc3737f75f4e3L,0x8b36f50f6a61ac62L,
-        0x74f58304a65568daL,0x80d792a9d930870aL,0x6d17b192fc8895ccL,
-        0x498392fa4914939fL,0xaf36027dd41d5b9eL,0x452d79e25caa82b5L,
-        0x764d47b1f4115d1aL },
-      { 0x5df22303a2ee8b9cL,0x1b9f72d385dfcd48L,0x6b42b98310813a37L,
-        0xe28c523b3de741f5L,0x0857625af303bb5bL,0x926f299aac9bf9afL,
-        0x21beac080d445b34L,0x6a523a02d6ba2c0eL,0xe302a1b17fce2864L,
-        0x4516a235e300c1eaL,0x4543736a7b4a9311L,0xd3c0b9e8c0cc89f7L,
-        0x0481904f40ed88deL,0x4f269b563cb7fc70L,0x09a1d53a321b9738L,
-        0x1c0dd9c3230a3810L } },
-    /* 143 */
-    { { 0xffaa1f67c46a7d9aL,0x64743334bedf91ccL,0x45833a7447a42f2eL,
-        0x67980051241ffaa9L,0x70979a84335efe6bL,0x5f0613f5f08b2403L,
-        0x6bb22fcd64f211dcL,0xe1b8b2a3a0572cfcL,0x19e0eb417950a14aL,
-        0xe634bb293eb6cd4cL,0x31a04b25470a25ffL,0xa41f7ac9a3d15a0aL,
-        0xefed85ecbf2fede9L,0x1f581f5f81b94a00L,0xaa3996b09ef4a15cL,
-        0x52d8be39b06041bcL },
-      { 0xbd1536f6fd631a2fL,0x91fae7f0b351a8dcL,0xd1a590c79b126212L,
-        0x52d4875f2bd0f435L,0x9aedb6d392b0ea70L,0x0bd0abdcb83ab89eL,
-        0x827a106289fe192cL,0x6566a960102a0bdaL,0xda083037ce036814L,
-        0x30bed79f58639405L,0x972019b6dbca8df9L,0x89201286efdaa3f5L,
-        0xb337b9965236b892L,0x11d3e38e28fc2e73L,0x70787f41880e8da3L,
-        0x6cff6367dae4a45dL } },
-    /* 144 */
-    { { 0xbd3d0433f89a8bb4L,0x42144c3393b98f71L,0x82b616c803470a2dL,
-        0x98fcc757e5da089eL,0x542354ef7bf5fda6L,0x1885c2539ebd34ccL,
-        0x2e20b285bec5dd0dL,0xe71bbbe1782a1bcaL,0x959ded309b854ef0L,
-        0x172499798997fa6aL,0x50cf8fa8d81f3c45L,0xa9a3b51760c11152L,
-        0xc9b0ef7decf845eaL,0xc9339e23b9fed11bL,0xc93e9c5c28256080L,
-        0x1d2c8217613ec1e7L },
-      { 0x7381347d987cfc93L,0x047603bbf187f810L,0x3fa6bc9d1250ca31L,
-        0x480091e0bb055bf3L,0xbdf95f1a3a3af87cL,0xe2687770140540abL,
-        0x998df730d7fe045bL,0xb398135fb723bc2dL,0xac230f8c15ebec46L,
-        0xe08e18305f5561c0L,0x7c0fbf4cda60a47fL,0x06e95c24e16d4bfcL,
-        0x7416349574617e92L,0x397198694ae0c20eL,0xfe2693122131e2b6L,
-        0x25486e360a537722L } },
-    /* 145 */
-    { { 0x618795ca53572806L,0xb2c89449656968e1L,0x149c2c973fb323aeL,
-        0xfb15de26409bc7d6L,0xa90cda72c79121b3L,0x6d2fa14e204cabbbL,
-        0xcbcda6f791604125L,0x25086261b435f947L,0xdb686c38c282eb10L,
-        0x51016d62f1a791cbL,0x6b1c7ed161a2266cL,0x26780666271d74a6L,
-        0xb5ffeda1824287a4L,0xcbe503ffbbe4f0f3L,0xd7f7f0beb9482a74L,
-        0x751b2358088493f1L },
-      { 0xd597b9d6e9c9be68L,0x1794b5c467d10c6cL,0xa88cdc3d7762b2f4L,
-        0x6d94a63aa1b44e11L,0xfb0bbbb9aaa8eca8L,0xf4b0f2d0c963d87fL,
-        0xb753062c5dc7075dL,0xfed726ac49933989L,0x5da6063857f9ccdeL,
-        0x221c392a75f8c766L,0xcd264d955dc672caL,0x7004ff22b66ecc8dL,
-        0xfb1aa9ae18a458baL,0xea9644df8babd653L,0xa9378e802ba0de7cL,
-        0x144cc12dca2c6c75L } },
-    /* 146 */
-    { { 0x593a0a1d2989aa3aL,0xd83f228359e6e64dL,0xe938b0cbd32e732eL,
-        0xf4c464c53c3cb249L,0x9750a5f8f89ea6acL,0x467e5bbf346cfc32L,
-        0xc9bfab9d37b2b809L,0xf8eb74533b339c6dL,0x3fe01fbe3b766deeL,
-        0xb3154254ef6aea27L,0x555c3df27be61b10L,0x70fb6d81dd818488L,
-        0xda1af3a4bbe714f9L,0x575f20179d18f693L,0xdc08fc6b2465b839L,
-        0x874ecf336b84a951L },
-      { 0x624af83ebbb3f6beL,0xf578fbb908bb423dL,0x5623b0bad7873527L,
-        0xc3659bd8a62e0442L,0x2903b167fe236f79L,0x55a430c6e53f26a6L,
-        0x222547ae3ad712cfL,0xb73890d776eb272bL,0x95b4f70b3d628df9L,
-        0x9f0e13b053eae4acL,0x5b4f5138e7f2174eL,0x75482cf998dbae17L,
-        0x2b69bbde44518480L,0x4f279652cafef15cL,0xa0a3ef2bb6bcaf19L,
-        0x31fb8581ce4c634fL } },
-    /* 147 */
-    { { 0x398306d1615cd607L,0x680c9faaaa32c3a6L,0xe87a705b7779131dL,
-        0x1031013a36708b00L,0x814fa0e19445297fL,0x70c5583aa6a79b56L,
-        0x03039cbf4b16bed4L,0x18a7ca8daaaaf8d3L,0xf33159e75cdb68a5L,
-        0xdea0e738d23814faL,0xeb3527188d0f4f9fL,0xb0b76609dcdff032L,
-        0x65ba8ea93d48338bL,0x18044d8255dd507aL,0x844a223e4a4a50b4L,
-        0x9832300018e19e54L },
-      { 0x28a2102757f3d5a6L,0xffce56486e8cadcdL,0x9590381b02551f3bL,
-        0xb26cc64f935ebdf1L,0x60611291c083aa6eL,0xcd988a6688e4cf41L,
-        0x581c3f73dd53b1b5L,0x78c804a977fc621dL,0x31874330fadca2faL,
-        0xf7008da4c83ccf02L,0xc4122a1da79a4707L,0x9a8e0d3f4a915eb5L,
-        0xa2de157dd0123660L,0x45ef43b265ead2a0L,0xd0a22ade188db285L,
-        0x8abbe39e922e0caaL } },
-    /* 148 */
-    { { 0xb44469053a2d2f01L,0xd27c31935dc6685cL,0x6a908bbf1d74a027L,
-        0x01da350f5b50ec1dL,0x1d3dd45e3f3c2e26L,0xf66e11d0b836ee92L,
-        0x7e03908f474b979cL,0x19e7c5b998b87834L,0xa741d3febd3d1de9L,
-        0x63c68e8d1ef6059bL,0x9b9ff9393674e247L,0x1d7d53e73e7e67f6L,
-        0x698dc326aee9e248L,0x52f23edab3bd984cL,0xf95e31b06f8fe8a7L,
-        0x0f15b4d0c3d0ba95L },
-      { 0x8f2f6635790a8d85L,0x51bffbaee2595af1L,0xd15b7ec624b51287L,
-        0x7639b6ab3234715dL,0x0cdd52992bc5441dL,0x54800ea4f6d05833L,
-        0x21efd752f6d6e360L,0xc0b7ffe519290613L,0xb68a5825eea898cdL,
-        0xecedba9222982266L,0x678a91b0bbd06bb2L,0xb2436dc04bb6b0cbL,
-        0xcf7a99e7caf8ea98L,0xb92d0e6e71aa05bbL,0xbf8d0471f5993eb1L,
-        0x515db37820385ddbL } },
-    /* 149 */
-    { { 0xee43eaaa6f5bef22L,0x952d269820348712L,0x1e4c484e7a3af6c6L,
-        0x18d434c69a8c9403L,0x63e5d7415001899aL,0x5238dbbcfe8ea40cL,
-        0xca6cc8d296798721L,0x73db6aee04acbde8L,0xbf69328db7f993ceL,
-        0xa3f79bbfad45e334L,0x8c51ec937c1f1630L,0x4907325f9b00a6deL,
-        0x49e6acb412d82bc3L,0x5901b36d0ec59fc9L,0xcb09b7109cf34e3bL,
-        0x2de0487e1abf4c02L },
-      { 0x18b722f38dd9d484L,0x833493937c77baccL,0x58dbb8f193d92b8aL,
-        0x80d78d508e3fac25L,0xf0500981745f4a7dL,0xd072bfed877cc29dL,
-        0x67abf8f2c30a89f8L,0x92c567ea9a0820d7L,0x425ab12e8a3a5738L,
-        0xc162faebf055521bL,0xee1c4f26b94ea5e9L,0x1e4149943d71e546L,
-        0x258183b843e8be1dL,0x44917c82ef9eae0bL,0x6813a45773874a30L,
-        0x6f6ac071cc42f86eL } },
-    /* 150 */
-    { { 0xd38822ad4dd6e3b1L,0xfc78e1ccad620869L,0xe78438452cacde80L,
-        0x121cc14aa8469fe3L,0x8e8f3da7e67e8ef2L,0xdb83d16e4d347448L,
-        0x3ba1dd98798631f4L,0xdfab59770a4c4c17L,0x1f0a13063edc701fL,
-        0x4649d6016cd8ff28L,0x2267230bbcc55bc9L,0x02a19c605760412aL,
-        0xc719d5f1328faef6L,0x27cb969ef67eaad9L,0xf342530e719bafb5L,
-        0x6e2c24ccff5a82cbL },
-      { 0x6313024badaf8793L,0x944bccf1035c948eL,0xe9a066b7953500bfL,
-        0x7991a9461d116765L,0x95addb2e9fd93c78L,0x05d2c037e92e5495L,
-        0xcb145b189f03e5cfL,0x81ae48ca95aa1f72L,0x203f2702135a6e4fL,
-        0x2bcef5a249b2a7d5L,0x0687a90002d7f2a3L,0x2f7d32286c6745b0L,
-        0x3da8a87586507305L,0xbe38b8842e8dc58fL,0x6b48bf34dbf11185L,
-        0x5af7fd0d97c08f91L } },
-    /* 151 */
-    { { 0x55f9b950f4a224a5L,0x41904574cc50273aL,0x34f81330643f1fd5L,
-        0x996801bb0e50f783L,0x866d740389581712L,0xdb9a405da4091d36L,
-        0xf1e379df16a46fe7L,0x8d04a93f83bf9168L,0xae4c833532b20bcaL,
-        0x99d334b1f72a1c10L,0x8fbc9977d8195db4L,0xcaeb3dfffba14b5dL,
-        0x60fef02276daf476L,0x4b948dfedb5b72f4L,0x5185c925b6dfb062L,
-        0x27a9c3819609d4aeL },
-      { 0x73c37346f12a93afL,0x028b707c5536634dL,0x8efa58d5498193d1L,
-        0x4f83a5ccef21b69dL,0x05cbb0a3a788a0e2L,0x0103178165b13c98L,
-        0xfea20e582b73784cL,0xdf9713a0e50361f2L,0x31449a0fd0cc22d9L,
-        0x183752e77c5e2e1bL,0x6e44d6bdb67044cfL,0x012dde95733e177aL,
-        0x68b4966908ee2c23L,0xd9bb05411f5f1949L,0x95182c716acd886fL,
-        0x1c690694fbde9244L } },
-    /* 152 */
-    { { 0x5db67d173a880026L,0x89c4f0a0125d95f2L,0x290505513f6cb7a4L,
-        0x3eb231d15cbbdca5L,0xf8cffc99972bcbd3L,0xcb4ef4d4ad55a03aL,
-        0x944d47ca22867c2fL,0x96d885480ead1aa5L,0x76a57cf8cbc8b045L,
-        0xdfe5844b005e55a0L,0x5e9e7e191d18a097L,0x957a26e852923c74L,
-        0xd0867b797f5db339L,0x2553408e63bed0c8L,0x1596e5d5689ad23cL,
-        0x7b8c13d6a504c339L },
-      { 0x2fc43aad52fb6901L,0x1c0313f916ca253bL,0x1475830a515aadc6L,
-        0xc93d19267f577dc2L,0x26e52e8ef723c0ddL,0x2f1e0eb83eb9f6daL,
-        0x9979de82f180376dL,0x43e28ecbb0834939L,0x9a2d51dca39c38e7L,
-        0x6e6063a9a8e3f6b5L,0x4cf1da3a4b9b3270L,0x6e5348a2d2f8915dL,
-        0x5e75e3e050507912L,0xaeffce5720d383faL,0x1d6d53cc8fd2fb29L,
-        0x0e3c3ef6696f4cd0L } },
-    /* 153 */
-    { { 0x3bc337c121ee1d83L,0x97e08f6d787b7788L,0xbf709fcc138fa4ceL,
-        0xbaf77647a0348e58L,0x04f8babca55e672dL,0x0ed2919d7d5ec5ddL,
-        0x8ce64bff33e99218L,0xac09fc5724b059afL,0x506831f9dc5e32baL,
-        0x26a22677465af6a9L,0x3c5efe66c97f1ff8L,0x1515e0d6bc6087fdL,
-        0xb1a39c5eaa8edc6bL,0x3dd816bb0e79ed29L,0x6cc13769bc3788b8L,
-        0x463098e3c092a51cL },
-      { 0x3a6408c7c8bd0fa7L,0xd1764311ce6bde49L,0xe315e108283ef7beL,
-        0x8213cc7799b5d938L,0xaf7f158145a49a6bL,0xd00fdb0fe529e4d1L,
-        0x55d38f77ce66c9d6L,0xb4f7ccc01bd4b952L,0x8d975b49af71f986L,
-        0x12b59fcbcd64d00aL,0x1860e504a5a3bad7L,0x6d9760442b5c89f1L,
-        0xfed0c6597a3e231fL,0x58114c33178cba92L,0xe2e74c066698e11eL,
-        0x7f8fd093a348b85aL } },
-    /* 154 */
-    { { 0xf24592cac19428afL,0x192a1c813a308665L,0x42589812e30bbd7fL,
-        0x10db0723836c6bb9L,0x9c7a41e9598e4987L,0x8aff179e6ead6f4bL,
-        0x70f8f9b975862c44L,0x6b3b02376f21983eL,0x25d83e9b98e65152L,
-        0x3b2d26a8d751218aL,0x9508281a9d6f1da6L,0x8df78d05a5a81f74L,
-        0xd79ee559e4687471L,0x2060ca576787d8ccL,0x427a84ffa8476c95L,
-        0x87b64c51e6435131L },
-      { 0x87f46f654b30d3c4L,0xcdec4c5c23b4ef14L,0xb3b7476663ca4d68L,
-        0x1df34269cf3fb56dL,0xd4f139c40fd7d46aL,0xa3b7c7c76a69a8bdL,
-        0xee56b4c9cbadd7d2L,0xb28ff342ac942334L,0x0046fdfa786f1da3L,
-        0xce5d149cb700c82eL,0xca30ef8150966597L,0x44a20609fcff4bddL,
-        0x0f2f65e744925268L,0xe5b6552cd4021f38L,0x77ea9c2a042dbbd0L,
-        0x8c95267cd9c062f5L } },
-    /* 155 */
-    { { 0x6655032e5fc1abb1L,0x2215af5412fe4743L,0xfd65756029f05ef5L,
-        0xb0e73325dc191be9L,0x7ab3c65ec08639b0L,0x67507f511c3e6673L,
-        0x638befc3c8615555L,0x5d0188cf42f0c4adL,0x843a301cd896186dL,
-        0x045603f7b2c6741eL,0xf7545c0cfa3cd1d0L,0xf612affd4a40672eL,
-        0x56197c9f45b9e8ddL,0xb453237d87922d74L,0xbf132e3a4b2d59bfL,
-        0x8afa1b73b84a6a16L },
-      { 0x6b3596eae793ac70L,0x4c94ef8eeef6dd10L,0x926b4fa270422e40L,
-        0xc8c71dcee9e5d763L,0x352fcb70f512aadfL,0x1b7ba138a883975fL,
-        0x57991390058c3b13L,0x9692092a97740fd1L,0x19ad945b160b0697L,
-        0xbc63438810837ab2L,0x76ee11c4f174bb71L,0x6111bfc1ab1b80ebL,
-        0xbc82bac870ec458aL,0xeee60127312d3325L,0xb4118b1ab240adc8L,
-        0x672111912b5a093cL } },
-    /* 156 */
-    { { 0x91e99306f55cf9bfL,0x9b045308a46b96d9L,0xae3c1e1d9e7a65dfL,
-        0x453cb151c731bcbbL,0x14be5227a4d58a61L,0x39dac92297c74cc2L,
-        0x4d0f7a45822e00d6L,0xafeb1d51c62b03dfL,0xbb1dc3a4baa18b2dL,
-        0x7f3c7178df2b74f0L,0xfcd328a6896b6a33L,0xe95ed4541dce055fL,
-        0x97fbc76b6a4e2b87L,0xe5ec67f1fa59dce9L,0x052368accc0367c1L,
-        0x7c86391654e4a3feL },
-      { 0x55e94b5eca7388cfL,0x17cc0a60c0335d38L,0x9b69b78b616f85baL,
-        0x705d02ef10122980L,0x565a6e801cfd0a79L,0xeb74a96d7d1ee352L,
-        0x5c8832ed427b9dadL,0x96ea8528e6d5330fL,0x30d8862b18d24ee8L,
-        0x9cd38ed59ff939f7L,0x690fc9a201060252L,0xc62d88b82303b3ffL,
-        0xfc42d7a4dd52b469L,0x06f8dfa28cad2d93L,0x5023609060920438L,
-        0x32582758fce855adL } },
-    /* 157 */
-    { { 0xeb20e45f359e8c60L,0xc71bb8a5364ca186L,0x02b15071dff8e110L,
-        0x074e91d34c93e578L,0xc0326e00b829d0d8L,0x3c192258626a83faL,
-        0x387a64d5fb29a09eL,0xcaaa3d34e5ac5c82L,0x8ed685e5ada2da29L,
-        0x92720267eb29650eL,0xf7184b19763802f3L,0x23f5dd0edf6b1aeaL,
-        0xbe1fa34725e6125dL,0xd6287f9d0c872a1aL,0x49aa93d2ac57c3afL,
-        0x1a4e6a715bda7656L },
-      { 0x1a126ede554d1267L,0x37f945331cd02b48L,0xd70af04cce31fb1dL,
-        0xcf410b0b097dc012L,0x930e1d1736c7b6c5L,0x902fee41c6891085L,
-        0x349ba4a779fb638fL,0xa16c5821acd6f8dfL,0xfb3b83c12e076aceL,
-        0x6b8d033be501d14dL,0x0593d45220f2d2daL,0x3752526d99df1880L,
-        0xca32351c9feb33a6L,0xd91343bc1f6ef456L,0xc74857db35b9dc8aL,
-        0x856a7c9385b4e832L } },
-    /* 158 */
-    { { 0xa007d0020d0a5583L,0x2f1301ddeda4658aL,0x91c0796434d939beL,
-        0xa0cb6780a70c0836L,0xc0b4df95be81e540L,0x6cbbcd345d4ac8b8L,
-        0x57c52ed054756239L,0xcac2dca41805ceb6L,0x915ee6ab79344255L,
-        0x366def3124c9a2a6L,0xbd3b962f8c12c674L,0xaab64f1b7dbb7c3bL,
-        0x3c0e4553e22bb95bL,0x2408febac4c63b74L,0x3ca773122a4da631L,
-        0x62889084c636da40L },
-      { 0xa457fd538cb8d208L,0x7a8f8009543f06d4L,0xb66de154f2eff2abL,
-        0xfddb28ebf72517e7L,0x0149fe66f9389d2cL,0x79e8773fd85b88ceL,
-        0x452e090b0ba543f7L,0xdeb9b5cfb0b03fc0L,0x3113448a6c5ed77bL,
-        0x3609f3cf8ffc0372L,0x2bc9c46d5c1b4c4aL,0xe66f3bf38fa59be9L,
-        0x1396bf5fcdb02691L,0xf1ec59d4009f88f9L,0xc29034562ad9dfe3L,
-        0x79d8122c5ada4d58L } },
-    /* 159 */
-    { { 0x14d4e4ceaa529507L,0x056a081474655d00L,0xc0d30a384f0fc474L,
-        0x8a8203ea3443cb8eL,0x33c62fb097f1728dL,0x8a38dcfdb520ef52L,
-        0xa0f90d5d7cac9d3eL,0x28a7b0bf873cea50L,0xd115ae3a6c6c41cbL,
-        0xa35171daa13812c1L,0x25d4bba5624d507eL,0x91dad2897e98f42fL,
-        0xffd6b1e996a41371L,0xd46c2125b69e5b77L,0xc7d2b42420c4f707L,
-        0x2ab3af958142557aL },
-      { 0x86ca074c6a5372a6L,0x728fb83e56292ba7L,0x745596dc77741cf5L,
-        0x70b4cea1520ef49dL,0x1472fe3461e46472L,0xf4d6bd663fb8ac5dL,
-        0x46e52cc9c10bc071L,0x28794efe371a3461L,0xa4850718276fe877L,
-        0xedad57739bef5ab4L,0x24c2d9ff3f15c815L,0x188950e58f8395c3L,
-        0xbae4099680b6a855L,0x4f53e22c8a8803e1L,0xaf233f61039d25eeL,
-        0x07db2c35250409caL } },
-    /* 160 */
-    { { 0xc7f3b8db037d4703L,0xe83708dfc5f488b9L,0x1fba830f8471d402L,
-        0xa55ee8d25a2faae9L,0xc2e5bf105404fc1eL,0x647d5027aa2d5651L,
-        0x37a53c0c7ebaf5f9L,0x7adf0bb295b30abfL,0x5a62e1fed64c93baL,
-        0x7ffc18c0e2ef4a78L,0x139dd9d94d2cd04fL,0x253fbab75ea0af02L,
-        0x7c8100ea0fef9acfL,0x74c5384dc8615aa7L,0xcb28682d9fe52069L,
-        0x08b6ca8fcf7dd759L },
-      { 0xe04e5bea036c3b5aL,0x387261027f9f2b4bL,0xa9fca57029797c0fL,
-        0x1656180b82879ea3L,0x153389bb607f0ddfL,0x99a1223c67b0e087L,
-        0x0d1808ec9d897fc7L,0x9470711a916edf19L,0xf8f52f2b07217118L,
-        0x5d8b29ffd18888b6L,0xef1e22c54cc6f900L,0xc4036165eb24877fL,
-        0xfda9523335479525L,0xd622a4216861468aL,0x5d043b0774faba08L,
-        0x2c337b020d31a7d2L } },
-    /* 161 */
-    { { 0x7b2305bcea22fa65L,0xbe183ef4d159f63aL,0x3473d87d3f35923fL,
-        0xb27fb306c11d7753L,0x702e7e6b2a054cffL,0x3ce9f97caf185619L,
-        0x835502434e7d51c5L,0xa63e3d82f356ac5bL,0x867b7caad7645131L,
-        0xee85e6afa671fc9dL,0x3b985ede2b07cd77L,0x07d598b0ffda5193L,
-        0xb10eca39a942dc36L,0x17f3dcee506218a9L,0x3d94e8d106b7d5caL,
-        0x509b2634ed8831c9L },
-      { 0xb1b9414e48caed54L,0x77a78c6ccbf51e97L,0xa4688c8d4de9b258L,
-        0x0024137c91ee3d78L,0xa68f9234e30ee64cL,0x573255bc88190d78L,
-        0x41e8e05fba80690bL,0x50038d84ec354f4cL,0xb18f02d6dfa52816L,
-        0xc47f9007ccb63fdaL,0x29d480fbe98ae455L,0x4ac45d225d0e319dL,
-        0xd06f3575026db719L,0x733b9e202c3587b9L,0x224839922c317727L,
-        0x1592d5a754bb8752L } },
-    /* 162 */
-    { { 0x5778d9a2cf7453f0L,0xaffb899aed83c1f0L,0xae6506d3e0a82ba7L,
-        0x32c84e1aea3d5081L,0x9ad528c0810aa38bL,0xb1fdb020bd37d041L,
-        0x78d6cbe1d06ce41fL,0xd287f0f02e74b7f6L,0xf5cd2575c43bb022L,
-        0x6d28f2f3f81a71b3L,0xe65bb1f5c633e7f4L,0x32e5fc1cc4fc580eL,
-        0xcd55539fbb7b07a5L,0xb5a94471c3caaf3aL,0xb958bdf44cc22d2dL,
-        0x1614bdbd77a2777cL },
-      { 0x4c1f0230ed0ab04dL,0xae347b006e2082eaL,0x9f10bc63c42c5b5fL,
-        0xb0539e6fde019935L,0xd89bd4e765dd0825L,0x92260fefbbceda16L,
-        0x8aaa755ce62aca32L,0xed762fa95ec82c5fL,0x99e64c0118650768L,
-        0x57dd6245c92e348cL,0x0db88a7731ea6d68L,0xef0012ab07b44736L,
-        0xb9356b94171d70feL,0xe68b062803f891b0L,0x3a54a53ab79c20a2L,
-        0x489656c7b00b0728L } },
-    /* 163 */
-    { { 0xe43649ba71353c25L,0x517f27a113f67e24L,0x10bd333a1c1eb9e3L,
-        0x94e1c05c78e29bf9L,0x84fe7d974743f15dL,0x9c87490890da2df0L,
-        0x82403fa753673be1L,0x7ebf5db41baea1b1L,0xcfe0ae3524180eadL,
-        0x1d15873fc2f50c3fL,0x16851ad670661cd9L,0x802968d9a51e8c2cL,
-        0xe7d1a9cde0161099L,0x2b153c89a8a7ea56L,0x6d41b78906e3c498L,
-        0x082bb2e9d6769dcbL },
-      { 0x6180ef46c4d6615fL,0xfc629dc101b9829cL,0xde222ec00fb264caL,
-        0xc5457e0610ecc2c4L,0x95ce599f1eea2c4dL,0x0433fa728f9c5b2cL,
-        0xee035462cd6310f9L,0x84c57c3bce2e2253L,0x6c8ec31a96d87e44L,
-        0x30bfe393a452c5a7L,0xc592b140a047b235L,0x7bd8be18c018545eL,
-        0x794e01075c178c46L,0x484719462e23005bL,0x2665e237622a54f3L,
-        0x36451a46901c9042L } },
-    /* 164 */
-    { { 0x17802d1819893e71L,0xa1765d8b539a2082L,0xfc6aea012302ecfcL,
-        0x8d4cf51b365bf59dL,0x87741d720d232a80L,0xac343eb318e80427L,
-        0x553ecb2fe74739ecL,0xaeca79a81a8b07caL,0x089ff32256f4ab3aL,
-        0x5e95d7293fa1d1f7L,0x260569aef62a9a16L,0x5e776232aa08ddc2L,
-        0x93fabec31b7bb54aL,0x48a20956743d56e7L,0x749cdb12eb0ebeffL,
-        0x705307a469b8fcf1L },
-      { 0x7a8e4c04e488310bL,0x12726e325325cd7bL,0x5d0fd8b04983efacL,
-        0x796e552c02ddb913L,0x0eeca3f777b9685cL,0x9b766e89b15f24a3L,
-        0x7c2736d648efc979L,0x3d619685a8021c6cL,0xfe33e278a0b2f1eaL,
-        0x95c69879b676d6b0L,0xa07473191af4e0beL,0xa2fab5f136c4ee55L,
-        0x6938b8ff59e5f3b9L,0x1e114da439cafe6eL,0xc9595ec36a6ad120L,
-        0x80f79bd057e62aecL } },
-    /* 165 */
-    { { 0x3cef42a760af09b3L,0x3c016ebd933dfe14L,0x720cf1e0ed85eaa8L,
-        0xd4f5e99fceaa3bc9L,0x7216b9d2b7106f97L,0x65f34c36c9668ad2L,
-        0xa8fb82bc5b0c651fL,0x20f42f1cf2fda4deL,0xeb31ab2cd21f659eL,
-        0xb7a776c7a13d1618L,0xec44102238662be5L,0xc825da70cad08e0bL,
-        0x99299079022c0180L,0x7623bda02aef9ffdL,0xde84f4f3f5c58b50L,
-        0x5f5a5da4d824ff19L },
-      { 0x5737257e7e8311dcL,0xdef94f51466cf136L,0xa73e1645b05ca21aL,
-        0x38ea9b3c02e4ab37L,0x7760eac98579165bL,0xdffdd047c24b01a4L,
-        0x188d4fd13fb95584L,0xfaac38b825548bdaL,0x1a79a6f059e9dcacL,
-        0x983f720f09a2700fL,0x8cbba554fb8a7e48L,0x38a1996847a1fad5L,
-        0x118565475abd6b5eL,0x75113d31f3716ec2L,0x1391e7814212907bL,
-        0x5319c8010dc15889L } },
-    /* 166 */
-    { { 0x2320136e6b61c3afL,0x1d40f2de07b4bb68L,0x651dee7f380c97f0L,
-        0xa978ba706a8c313aL,0x22c587d62011ca10L,0x48bba218ab1f445bL,
-        0x8c5eaf07e50444e6L,0x5549f02a442fccf9L,0x2564746f3d80493dL,
-        0x42d24f6179c04591L,0x1600fa18abdc8887L,0x5cb8600aded38f8fL,
-        0xa4bf9b90923aeb46L,0xd63fee351e1c578aL,0xf3c9c5acebb9ea14L,
-        0x3d13314df11a4ff0L },
-      { 0xe5cc662db4513d1eL,0xde78a8c5d55952bdL,0xe8a37a3fe7f86d0aL,
-        0xca2d12a47a04f0c5L,0x4c6696e42e25d06cL,0x52614698b2136071L,
-        0xf4d2701b89f6e1cbL,0xaafd617780efd95eL,0xe6d73ac4c5bb6907L,
-        0x49e874ac420db35aL,0x11631de4f2751fa0L,0xb29f7336a1fa2eddL,
-        0x4c406864b7fd794dL,0x73cb21d3e22f92a6L,0xeae904e62043cc76L,
-        0x67f28a9fb322c6adL } },
-    /* 167 */
-    { { 0x7c17b258ca148ab5L,0xb9a1976fb3c60051L,0xea260698c8f28df9L,
-        0x87b2cc74e8d45017L,0x372573290578a422L,0x81d5ee2517bec732L,
-        0xd7411fcf1d48bbc4L,0x46217e6b487f5cfeL,0xcb007ac541eb8e1bL,
-        0xc41c57a6e05a00c8L,0x1f954d2bd2f9fa99L,0x370bd5db40941cadL,
-        0xe487879c3829509dL,0x4c1375525ceca5eeL,0xe8ef7fa4fd3efb9eL,
-        0x5ff091741bd1bdb2L },
-      { 0x791912a4579c6632L,0xbb19a44fb8a20815L,0xf4f97b84535639d3L,
-        0xe57e2bcbbc3c9bceL,0x122b3f2bf19e6410L,0x1f0189da1357d9adL,
-        0x675573bb79e5ff66L,0x444e5c98ef2f3c4cL,0xd6f61e2004d10731L,
-        0x0dfa366fac75d635L,0x9fc47c862c854f23L,0xc04ae43e0ad0850bL,
-        0x5ce94f642f720c32L,0x67efae65a753bc9dL,0xc27d30d3b0373a63L,
-        0x6681013a29721646L } },
-    /* 168 */
-    { { 0x1385d913e84509dfL,0xe978beddcf339376L,0x2df425d33423a148L,
-        0x43fa0ae3ee8cb579L,0xf015369d31c4553cL,0x05cf08bbdfbf1d48L,
-        0xadff4be69444244aL,0x01635f81a35dda33L,0x085c8949e76fab7cL,
-        0x4bd7fcde16737783L,0xfd8cb52ca254f8d2L,0x62168a66413ec985L,
-        0xf2db97417a9026ccL,0x3962ee5650e1e1b7L,0xbee0a346d3beffdeL,
-        0x3b35b72f0bdfab1fL },
-      { 0xbff8de9f535c3749L,0x23c1f20f8add9c48L,0xa975b37bc8f8f663L,
-        0x2529e475e8f3ae49L,0xc32f10d51d5e2628L,0x5ac0d29767862f1dL,
-        0x13c79338854cbe36L,0x48f004ef4b67e462L,0xfa37a150e5d10ee1L,
-        0x4974778dd28288a0L,0x96830a66cfb73f4dL,0x9f44401307804952L,
-        0x8233c7099760b694L,0x8340cca525b75c99L,0x3f62e40bc771f99cL,
-        0x47d0a1ebcd95c685L } },
-    /* 169 */
-    { { 0x266f4fff652811f1L,0xeaacaa9362ef3002L,0x6c387a5550cba0caL,
-        0xa350142a007f5467L,0xc7fd102a202f2673L,0x5daee57033dc6e65L,
-        0x60682ec3064a63d9L,0x46cf0bb0462b251eL,0x0e030ca55da936e7L,
-        0xc87a60f2434265b5L,0x9637b2bb69b4e8f5L,0x601fb58c7ad7770aL,
-        0x1f2147f6ed3a15a6L,0x05b47d5e2995e961L,0xcb0ca9b383213a16L,
-        0x8f4b614a4995a85cL },
-      { 0x5aa8ec194b4eb3c1L,0x8c549ac420323a70L,0x00d493224f6cc6aaL,
-        0x0e53b9bb45f9a5a3L,0xe46ef1100897abbbL,0xfe873e57d7acd7d0L,
-        0x7cfccfe50f7cb588L,0x0ea53d65c85557d1L,0xfdd9eb447288f2e2L,
-        0xab2dedfac0eb68a8L,0x5822147008603a0cL,0x6946468900feb06cL,
-        0x804cf5bf25e5caacL,0xd85598589fc91ae9L,0xed9378b173c45eaeL,
-        0x8f942d02524c9801L } },
-    /* 170 */
-    { { 0x1f1ec3028e845808L,0xc302bffab77abfc5L,0x26afd4b9f8d97dc7L,
-        0x3d3a83c43aac594bL,0xe3b74bd1674d94dcL,0x4464b737caa5911cL,
-        0x62925773871c2cd2L,0x419f24853b4440feL,0xdda6a0f3e052ad7dL,
-        0x645280d6846c86c0L,0xa25689faf8324f42L,0xc74ad1e807cf117aL,
-        0x5626dea08ddc9db7L,0x52620373966fc85dL,0xe0ad57c3f3b1eb53L,
-        0x38300252949c1acbL },
-      { 0xa0ef5a405e744723L,0xdb5bcf751ae08481L,0xabfad8ccfec1f76fL,
-        0xfba5d831fab37fc6L,0xbe39e248c8fedb78L,0xa5cfad5fad93f310L,
-        0x747fdb1e913d5c24L,0x052a47c94518b7f5L,0x9e208d6c7cfb4327L,
-        0xb135cb9c70e538beL,0x363527595bb17916L,0xa2c078805b3106c7L,
-        0xd2d42a06c209bb06L,0xb525b471d3c504adL,0xc9f4b368822ce034L,
-        0x15f18796eb4185a5L } },
-    /* 171 */
-    { { 0x094dea060aee4684L,0x42b21f067cdbdbc8L,0xa439e149b1931319L,
-        0xea4bdd4181a7dba6L,0xc62137063c2ae80fL,0xb58b096712823dc2L,
-        0x7443d515832611b1L,0x2e16f83113c20384L,0x0ce204d62bd992d2L,
-        0x499dbcd6f419388bL,0x492ded1d1d3778c7L,0x9d5bd74fc5ddae73L,
-        0xd4813d52994b6259L,0x191d9cf60e86ca68L,0x562179eaf3e9c2acL,
-        0x6146f1f39fee1238L },
-      { 0xbd06d33e078e2aa6L,0x693af7f79dee9265L,0xd56e0f81daa40e84L,
-        0x05fbbb889b9a407eL,0xdcf44adcede99519L,0x7f71f8d3092dba39L,
-        0x675b5da54231774bL,0x7456a251a5f605ebL,0x9031d4af87a39a9eL,
-        0xdb43000605b474bdL,0xbda5dbf2b665aa91L,0x5d1a3df56631eeb4L,
-        0x028149ef62377c58L,0x2e1af4e9685d0bffL,0xe0ea087582a465deL,
-        0x95543f9e06bd0050L } },
-    /* 172 */
-    { { 0xf7cbc6f485d7c6efL,0xcad8084d63b1bc24L,0xdf90ce88bf8cba62L,
-        0x98e4b686b455c192L,0x6146b8d5774fc6edL,0x70e2389e7ae20077L,
-        0x5241c47961c22529L,0x7d2215103884e5f5L,0xd6d20ce217e28273L,
-        0xe3119f514f2674f8L,0x8545905570c011dbL,0xdfab75d9fcfb760eL,
-        0x9546362a9e8c2a19L,0x4b6d3f8a4a7d4b27L,0xa5c87104ee5d698cL,
-        0x6db434782ba296ffL },
-      { 0x064864935c3f0d95L,0x8917db824e748895L,0xf73fdf626b2f3e44L,
-        0xc60edc542b7f574bL,0xbe1c09a2af732723L,0x7d34669d7cad114cL,
-        0x9646600a321aaff9L,0xb94e2bbaed0cd61cL,0x866e1a41dec4750eL,
-        0xa1be990db1a89f58L,0xc39e4d6cf2759693L,0x11cfb780c0e0dddfL,
-        0xf0afcd7fd99c8a41L,0xcebffadb6e1c3050L,0x4f3981b096d2c6e4L,
-        0x07a791e72ae27a94L } },
-    /* 173 */
-    { { 0xe70e90471e9f0300L,0xe0253ad9bccdf904L,0x51c0289dff053078L,
-        0xf1ef092eae893462L,0x2c90a91aa4846845L,0x1946eda0f1dad4b4L,
-        0xf07650f333df67b2L,0xc6e988db0b15a014L,0x72e0c66eb542f0f9L,
-        0x5d4b6311e0c0378fL,0x548badaaae86950dL,0x6801638db35f1c8fL,
-        0x129e3216944d1ad4L,0x9951bac840471d32L,0x03cc29f385e94ddeL,
-        0x6d6acc2e4543ecacL },
-      { 0xeb999e9557b2d299L,0x3a2bcd9be3d721cdL,0x2e60384fbb4cb444L,
-        0xae177709dc060faaL,0x74f0e6d38c987cdeL,0x9a237cf81076fbedL,
-        0x69af15137983fbffL,0x6c3f7a1d323f9584L,0x3e21cacf6db64398L,
-        0x7cd8134f96703d92L,0x0755898fb8393f76L,0x1b5b28bc2e825222L,
-        0xb78799c17924aa7cL,0x1db378f281427a8aL,0xd5a451b1ff289492L,
-        0x79d182123d3c46eeL } },
-    /* 174 */
-    { { 0x1a3edff9109d5589L,0xded52eb4029b4499L,0x13eb9d30b4b54adfL,
-        0x4f9214c1a27bff67L,0x4c817ee767f0f460L,0xbadf8d83c3a50e28L,
-        0xc5dc03c994026237L,0x5f29581b966647c1L,0x10b6a0898a0687f3L,
-        0xae787cec31634517L,0x2001dba562e75188L,0x55d4e1a745e2c3fbL,
-        0xbfcacdebb67d3395L,0xa1a0af9cbc6842eeL,0x50590a2b3e88580bL,
-        0x73104491a784cdc8L },
-      { 0x44ca2cdf2648d676L,0x9a85eca54f1b12b1L,0x1b9dac942980e1ebL,
-        0xf30d37091ac8aa89L,0x73072ab7c719e195L,0xba518c822f703797L,
-        0xac090e14ac0067f6L,0x0e6cfc708dcd2927L,0x4f5889e221e7da63L,
-        0xb4aaa40b8371c7c6L,0x1f9dabe28f7878c9L,0xf78aed6bd84caf3fL,
-        0x3c39dd079e0e1d92L,0x680be5fb122424dcL,0xf41b214d0bdc0099L,
-        0x6a8f8fc95180c54fL } },
-    /* 175 */
-    { { 0x62a1ed6353235132L,0x1db233f159dba88bL,0x85625452291efdd8L,
-        0xc7505297b25111aeL,0xb5921af91d701bd8L,0xb4d05d729774f45dL,
-        0x6e3d4c5ef18e73ffL,0x897d985f899b3038L,0x8a9c30fbc89b1558L,
-        0x3c92d1a34d13181cL,0x292e86ba2223320eL,0xcf2454c201ceed02L,
-        0x27a45f74583f309fL,0x75a6102cad0fd1a3L,0xdb4f45d2cb9c7538L,
-        0x4752d8c1db283fd7L },
-      { 0x514d6cead5dff4d5L,0x74cd5fdb45a827f4L,0x1070a60c4fc7135eL,
-        0xdec0bb781be5778eL,0x271e12cd58dc6b08L,0xb765089b54bc2496L,
-        0x6ddf2c63619098acL,0xfd6ebac667528832L,0xeaa2d025c2508af1L,
-        0x13c2cda84dcfc1f0L,0x1c7836a845510be0L,0x3904688d1a886801L,
-        0x643132aaafaf2545L,0x496855772830a88dL,0x569491ca8744b470L,
-        0x3a6518f375fb8552L } },
-    /* 176 */
-    { { 0xaaa8ed50224042a0L,0x6cb4e3b02452f1e6L,0xedca5f4c768211d8L,
-        0x4e0fe3f9ef4d5d3fL,0x33a8e2a4522d46e5L,0x5998e21ff1446775L,
-        0x1496c50ef592d01bL,0x69104c2f83a67739L,0x28670bcb472bbf00L,
-        0x8ea883b2503177bdL,0xc5d8bc057d2712a2L,0x41ef9317b439c994L,
-        0x9801d3a8dcda1affL,0xd686eeb57038f6fbL,0xe80c5cd0fbfbf820L,
-        0x540ac363edc25817L },
-      { 0xa71969a9fe7f43dfL,0xe66538082c1b9e4cL,0xad9677d8859c2917L,
-        0xbaca954596aa4404L,0x0e9d855fff1297daL,0x1f61897b22aea7deL,
-        0x96edccfd36f13f8eL,0x627d307016e200dfL,0x729f0736c98988a4L,
-        0x95e25e6097f231d2L,0xaf7f221bf6048752L,0xd66826094019b299L,
-        0x1d99de0926b4b1d9L,0xec47cf661acdd7a3L,0x4de9f2b36ebe15e9L,
-        0x17db32ecfa16974fL } },
-    /* 177 */
-    { { 0x75ef69196cf40599L,0x7ea10dfb00c020eaL,0x3da5ae7bfcaaf679L,
-        0x0d663ca388ddd678L,0x5a21f8fe255bcfcdL,0xe9c3f538e344bc7eL,
-        0x35f62b1d548e0632L,0x654f242543c6e64dL,0xc755a7a626993627L,
-        0xa3b7c5f7b0f41324L,0x05697f793a2180f3L,0x6cf85fb11e81675bL,
-        0x6d3cdb35e53428f5L,0xe3aa159152d28b02L,0xa8470255f7a3fb78L,
-        0x460bd01ba194445dL },
-      { 0xbc34dc23c24d8077L,0x82f4b5804c720d2cL,0xa29da9116f5d1ffeL,
-        0x578af52092783ce2L,0xe29f51abb5904af3L,0x46c570d7f7aa1190L,
-        0x4a522fba571bddf0L,0xbf4e2a06ae89bb51L,0x799b35cc59f3444dL,
-        0xc302836726cc2557L,0x94a4e985afcec177L,0xadaf7dcb7c36cbd0L,
-        0xed31b78775d39077L,0x52d6904f2d3e24bcL,0xc5ca26691f95421bL,
-        0x7d342c3c1734878dL } },
-    /* 178 */
-    { { 0xe5cf2c0a11fd127fL,0x66d36bb8119e4c5eL,0x621ab2526ef56ac3L,
-        0x30cfeaeee5430675L,0x2ede27d2ac3e9619L,0x6413513af8fce671L,
-        0x6159c61b075f4c3dL,0xd447efe959069d98L,0xaf8d6f68ea76aea9L,
-        0xac5dc61b0f5bd164L,0xdbab446e1e88bb98L,0x618b8b161ba92320L,
-        0xa0eafb3c78989865L,0x0c7abcc2c08b7e82L,0x10f09b6e20d160bbL,
-        0x5be0afa68e4c63a7L },
-      { 0x82ab6d381bbbf49cL,0x3e09ce498c0703feL,0xeca58b5de10f4263L,
-        0xd9cc6581da5a4532L,0x07e18876f618f7b7L,0x0419a5e3250f7fe7L,
-        0xbb1a9e90de6b86beL,0x584a7deb37359169L,0x38eb34895149db2cL,
-        0x14546a33b0ebabb8L,0x0067f0b0c2f88a92L,0xbde0dfe70a2db019L,
-        0xba51b06cc63e6f3eL,0xa19127b9e9206fadL,0xe4eb5e87fe80dc0aL,
-        0x1e6fccf5d4de30aeL } },
-    /* 179 */
-    { { 0xb57dff66aa8ac924L,0x06e9ad31c298b3e8L,0xd140e32965fb080cL,
-        0x7dab211d1d95c93fL,0x6d68d8428a180caaL,0x1a929408a20ded69L,
-        0xa815175338df461fL,0xff5604ae60eae932L,0x901b9e497dae4c0bL,
-        0x4573a97fde262e89L,0xed69d9a4f1084983L,0x8ffa022f64724f1dL,
-        0xd5f1c2e4ea85a15fL,0x4c626ce901453794L,0x80440cd6bf0907ddL,
-        0x4522d4615ddaa837L },
-      { 0x8895f079ebfbe7c5L,0x30ea1ded84ef3446L,0x716a9eb6d4a1ab96L,
-        0x1a4a5d2250a30c68L,0x5a16631c0043bbaaL,0xbd1075025010e5f5L,
-        0xbffe3e9d3d8c0556L,0x31b30b1807772419L,0x90ff7ef084b82297L,
-        0x00c37d75f21a18c3L,0x18d0a635565bb8f8L,0xbac1da2a45e3bcebL,
-        0x1c38e90c23f0b08dL,0xf1ba1aa25fbc5ac5L,0x09d5256bdda71fc6L,
-        0x346501a96d7e40baL } },
-    /* 180 */
-    { { 0x86be448ccc2b0f1dL,0xe3eb45c9ac4c3703L,0x5387f65d9fc96bbfL,
-        0xcef3c4e95ae27fdaL,0xa008f7761bc18089L,0xf374a08422ca18a1L,
-        0xee88284253b73371L,0xcb6fc6d87cc09354L,0x8489ec1b61496d6bL,
-        0xa92c29b949e325c4L,0x15c6ca527bdec166L,0x95444eeedcea2813L,
-        0x34683eb33a21154fL,0x8fb26f98d39061cfL,0xc3b08aa806c940bbL,
-        0x7c1d42cfe554c96dL },
-      { 0x766e703fdc110aa7L,0xab7b79d7f362e378L,0xd259c75d5aadca3cL,
-        0x2a6eca7960be3373L,0xf4744a4b06c4e8ffL,0xb2842ccef3b705bfL,
-        0x1a3af5aaae304b53L,0x7bbfa2011b2d31b8L,0xc4ba6eba4bee88d9L,
-        0x2d3565ce565cb839L,0x24808696daf7ece8L,0x2c7ccce7e6959745L,
-        0xefd6eb3ce94f9837L,0x0a33b4cf3811a326L,0x14203f43fffa93a6L,
-        0x031e982873c31d90L } },
-    /* 181 */
-    { { 0x4fefecfc765a17ffL,0xa09f3888d1290a65L,0xbf265c46938da038L,
-        0x4bb6145da169ad46L,0x33cf821423a62fe8L,0x562df571abc860a5L,
-        0xbf2a90fa815c38c4L,0x45ba1d6e17eda875L,0x799d881a946fa5e1L,
-        0x6c1be784b90f5a3bL,0x0910a37cb10ff52aL,0xc38c1fe4a4f4fd36L,
-        0xc3180fc58e2d3ba0L,0x3e2ff050b17a6187L,0x3a00059b943a35c2L,
-        0x494d3645a28cc51cL },
-      { 0x398426b64ba021f8L,0xd14c9083796deb6cL,0x6d2e53957e36c762L,
-        0x8f556eca751cf216L,0xdaca1e0019b24a19L,0x47887da44b20c2aeL,
-        0x93ed4ccdff41a733L,0x8d717c445c7c0cd7L,0xcc48634a91bf7009L,
-        0xa1f146f93b59bbafL,0xdd38bb39e5624f15L,0x96d41aad303f8443L,
-        0x6b670f034bf104fcL,0x0503f9ed29706582L,0x768e1f47b34200f5L,
-        0x3cfdcc5ebbd4c6f3L } },
-    /* 182 */
-    { { 0x536c2a86b523e13dL,0x1014a4582920d0a0L,0x3d52b478e7571296L,
-        0x057460667eb51beaL,0x709f786187b0e919L,0x028aed88686888e8L,
-        0x79a809d7d94afcd4L,0x50c6032fe2129af3L,0x75e4be72983c4082L,
-        0x98331bbb7ab3be8eL,0xd31a032cb618c728L,0x36dd85a13f59c4a4L,
-        0xdbece345ed4f61e2L,0xba7aaccd1e571715L,0x138c58da64a1ebd7L,
-        0x89296d0f3d1aeea1L },
-      { 0xb165288fcca82c97L,0x26c6c12d1427e8dcL,0x66a94f074c3edda9L,
-        0x94600e1eeaa01ebeL,0x14abce7c30f5e86dL,0x741d7020cb456a31L,
-        0xab05aa13279f42c2L,0x70b60fafd4238468L,0xa18efec1318d39e6L,
-        0xeb07f1ac8920b318L,0x01e3cba8d8399e03L,0x65f8932e3c81a301L,
-        0xae8bca7dccc667d8L,0xcee1ae79a268607cL,0x3182e64ccac0a12cL,
-        0x9233a2f72b1a4c54L } },
-    /* 183 */
-    { { 0x717e8df60acbee17L,0x0f0959c25c24fcdcL,0x46f09887e54ffcb0L,
-        0xb993decad285116bL,0x0bfaa4f8bba1fa51L,0x9c9249efd0f2183eL,
-        0xf93cb35896847779L,0x284bfb7f2322d421L,0x40cc709ad42af009L,
-        0xc69f22749bb1d615L,0x76f50b3a717c3c6aL,0x8b21e985bb9c5eebL,
-        0x58fb19aea4783b5fL,0x04c86b9b52e1c3e7L,0xaca59092f2971ac8L,
-        0x2bb26a6921ed8291L },
-      { 0x98a3443515f81416L,0x086e72e7aaff5bb4L,0x3d1f64de0317261cL,
-        0x31c0786c5c0a1cfeL,0x542ea4d8b3683401L,0x2f77273a1a39b4cdL,
-        0x14fe7ee1cbef27f1L,0xee7fc09e16bb27dcL,0xc0dccc17410e5dc7L,
-        0xa34667421943b3ddL,0x92934b603f31c1b7L,0x0186ded9c22c1070L,
-        0xa37ee8ba799f966bL,0x0f3bfcb4249b0893L,0xbae614472e92d4deL,
-        0x937cb3f8e196eb08L } },
-    /* 184 */
-    { { 0x57c0e77c16fbfdceL,0xea034cc9c98d4cc0L,0xe7606d7242572d20L,
-        0x9861b55c0019a83cL,0x80ba2803f1597162L,0x0f4141dd05a0fd7bL,
-        0x8865913b4b0daaa2L,0xe6685746aa3848ecL,0x16d15a5a3e0485d2L,
-        0x81c0c7743b6905ddL,0xcec31b7d818af2baL,0x80d8f194d2b74b78L,
-        0xca659db2543e2f28L,0x31b83a7d9fb07c1cL,0x86537fdc1f1048c0L,
-        0x4d57bb0778586a11L },
-      { 0xbc4b768a53b396b6L,0xbc8b24c493b51dacL,0x33e511eba30ae1b3L,
-        0x893bbd95945147c5L,0x6cc86031179fe3ceL,0x34b0a1673f920bd4L,
-        0xb32912eb6b256160L,0xbc69a2a49d168d83L,0xb4949e7aef0dd128L,
-        0x2613419a872699e1L,0x06c58477bf21376bL,0xe55b1909a4f97147L,
-        0x63d6eb757b9b745fL,0xb5365b2908df3c85L,0x0e257e4355fcfae3L,
-        0x1067c118979f2aa8L } },
-    /* 185 */
-    { { 0xc845508432bf8883L,0x4755286a6fd06667L,0xd70b0f8f77c2335dL,
-        0x678e60da2f4a2c94L,0xa468d8acd118acf5L,0xce93830bbf5b90d9L,
-        0xea4b1c74ed4e9104L,0xac67316d27776ea4L,0xb98ad75c361bab12L,
-        0xc323d48299122451L,0x26440220530a43aeL,0x3a44532e3292d5a5L,
-        0xdb48694b5fecf1bcL,0xe4e0516ec667b8b8L,0xb3aa595fa4306adeL,
-        0x7e4f7091f34e9725L },
-      { 0x3f3816e9b7f70919L,0x765216ed16b003f5L,0x46c6cff4778c99e5L,
-        0xe6a5abe830a51810L,0xef6f49e645e728dbL,0x6fdd73eacaccefd6L,
-        0xec394e6f8c37f3f7L,0x73320802b6407fc3L,0x988e8f7a96625cbdL,
-        0x832923637cabfb00L,0x258ba9df407f359aL,0xff01aee5ccbfae50L,
-        0xfbeaeacefe251813L,0x9c69f16183f1cba1L,0x512c58ad9eadcdb5L,
-        0x2ae49cd46ccce8bdL } },
-    /* 186 */
-    { { 0x1239b0e3c40849f2L,0x5136a4cda441098cL,0x61535a99e547f649L,
-        0x92e4bdc47a9bbac6L,0x195a164653547af6L,0x85ecb3198b47a74aL,
-        0x278553fc9de6a2b2L,0x471c038a0e2ba52dL,0x12ba1b8835bcba93L,
-        0xd4bf50da6f31eca2L,0xd146e3f6802b32c6L,0x0c9c01313c64c8c4L,
-        0xad30f12deed21297L,0x9b75bffb9c68530fL,0x23c0ad3e8918de51L,
-        0x180e9d52a73771b7L },
-      { 0xc316542f29ab77b0L,0xdd411d9cf7aee628L,0x044c0685353c2f40L,
-        0x638dc7e44b0ae4cfL,0xa092418595fc266fL,0x639da671fd2feb7dL,
-        0x56858ed55ea39798L,0x7a694f3158f3832aL,0xa94233c6d316d831L,
-        0x2fcacb2630a35a7bL,0xfef8f7ddf1ff713bL,0x8b9b452559eee2f3L,
-        0xd1b4f91b156d064aL,0x177866c22f5cfcfcL,0x12bc25663777eb41L,
-        0x21ca6f3cd8ab85b4L } },
-    /* 187 */
-    { { 0x0e162b13a3e66635L,0x1ef20a2b2a9f76afL,0xab473a3046db3356L,
-        0x0840bd777802bb8dL,0x5b6baf5ea699b44cL,0xc6e119001b2207f1L,
-        0xe5de16a9790b0105L,0x22b12f15db67f004L,0x185fad458a025d25L,
-        0xbccf6953df0a1142L,0x4c42129bf45034c0L,0x0f7404001c277bffL,
-        0x6e440b4c280a9e18L,0x767de8f5842aa2b4L,0x3de20ab805e8d94fL,
-        0x5aff585920227635L },
-      { 0x805acd20a8458e40L,0x5a5557d8149732bdL,0xc70741315f1ca72dL,
-        0x7f2e269c952b5323L,0x5c5925566494fadfL,0x153b7acd1a7d2666L,
-        0xa6df063d86fe2865L,0x1e91db1357d53b6bL,0x9195bb89e93ead01L,
-        0x3d71e1af2963bfe6L,0xfab2b9c288278886L,0x778366923b859b6fL,
-        0x6e695174f7029dd1L,0xc79878767b984561L,0x64fb4f1d5907d849L,
-        0x3eab7e1c88d8a977L } },
-    /* 188 */
-    { { 0xc73a94b652e5718bL,0xe3aefa54f4cee1e9L,0x654e9e63553eedeaL,
-        0xf2541e1b5f3aca1aL,0xd71294890d083316L,0x7965af63fb7f950eL,
-        0xd8fc9e0dc74e3e4aL,0xb4ee48d2eaf79ebcL,0xa458a86a8b7787e6L,
-        0xd8c7621ff7cceaf0L,0x8228eeffdf67980dL,0x210d4742f9106727L,
-        0x91f63501b07e3629L,0x441761c67971e29dL,0xc0ccc65f03a3b8a5L,
-        0x3491da4f38e09544L },
-      { 0x6706d046cb062eaeL,0xee7db7355d08776dL,0x80de8052292315d2L,
-        0x40785662c402bbdbL,0x5f93525c26ed3337L,0x6cea14d67d568ed3L,
-        0x916a118966888b1eL,0x0fbd52055dc71675L,0x833d1077e4575df2L,
-        0x4e93100aec092335L,0x2f9e1d016cd85389L,0xeebd372543226368L,
-        0x401d172b1ba4cfd7L,0x377dab9d574c5838L,0xaeaa695880d517deL,
-        0x0c843dfd6ad15a18L } },
-    /* 189 */
-    { { 0x455811ffc9373300L,0x1c39332a99fdc300L,0xe19bb81c353cb655L,
-        0x774b924a96a83d27L,0xcbfc8fcbb2ee3f1aL,0xaf278ec4010d56c7L,
-        0x6fde682fe0abaf79L,0x7566d0727339aebfL,0xbd35ad5d71205db6L,
-        0xb5bbe6947051c9d0L,0x577db480d3a3067cL,0x2c70ff54572d7530L,
-        0xe8615aece06d853dL,0x71999ccb05abfb5dL,0xeeefc96bea0a8ed7L,
-        0x2dcc469d35f6df69L },
-      { 0xcca6cd06c65f0e77L,0xddcc7980bd71b14aL,0xb6221f8b3c93cc00L,
-        0xddfcd5b3ae8cbf57L,0xbc92973f76f8e63fL,0xe9848a3406e132b7L,
-        0x4cc59a03d51ec9e2L,0x9c9d32bb3a33081aL,0x0012105280e8466bL,
-        0xc2b0032a1bbe7295L,0xdbfc657224938448L,0xe972a0ceb6bba0ffL,
-        0xf60c0a4fc0a94802L,0xf62c41cc599d8bc7L,0x820c96ee312da0b8L,
-        0x5a1a65dbcdbdf9fcL } },
-    /* 190 */
-    { { 0xbfba691a42485684L,0x613116b929c470c9L,0xb4b01971e62a0519L,
-        0xf3245aa65ff499daL,0xc2ef87f4a5238effL,0xc16dc6bacc9d5515L,
-        0x5a7f227e2dbdacacL,0x8dedaac4a9bbaecbL,0xff308a6d2e7c9885L,
-        0x4c6f2fc2e6895593L,0x3655f285177e0611L,0xa63e8d06300b1beeL,
-        0xbed0ce7913c17b54L,0xca4abe35c4974262L,0xf4b44a17bc4e4037L,
-        0x5ae95099efe5fbd9L },
-      { 0x122e5ee7804f7455L,0x341a499722066682L,0x97d24c317795e333L,
-        0x12f4123ce48efcedL,0xe8738d9219fbc21cL,0xbb3bdc610663a3aeL,
-        0x3603d8c28593a6dbL,0x926227f2e3c1ac75L,0xfea92ac05eaae519L,
-        0x5b596f0bfd6812acL,0x3ce7e844fc2a82dcL,0x3840481a63522b27L,
-        0x836088b152867895L,0x21ffb7cc26588688L,0x0ca331612f4a7cacL,
-        0x4110667ea3edd298L } },
-    /* 191 */
-    { { 0x81830357c2d04b63L,0x3fc5a34df4929a18L,0xc73bf6da22d195dfL,
-        0x14df2f89cb432473L,0x345afe5ce997f138L,0xd8e3f5f98b9604f4L,
-        0xad7942e950c10ae5L,0xcefd5447eed25ff3L,0xbf68e51e0e73c0ccL,
-        0x5b1ad591ab54fa4cL,0x8bbc110512b61c8cL,0xbb932913b5abf760L,
-        0xdb1231be01e79649L,0xd0a83e91040ccbe7L,0x3dde426f90a96db9L,
-        0x1cceb64534df11eaL },
-      { 0x2d210c4f0c6d0f55L,0x6cadf61b9c673c9dL,0xdd7f9919a9ce3fbbL,
-        0x135f494c93b063e4L,0x580bdb3c145a93beL,0x4d8723320f52ef7cL,
-        0x74d876e88814bb6aL,0x4f6f723ac7a97deeL,0x7de2b8f03e3cd833L,
-        0x6162f082ae720270L,0xe88ec2d4ddfa486eL,0xd965c8598d3a17c6L,
-        0x62e59e543980171aL,0x0ab6285dbbef6b22L,0x3cf451954d48b203L,
-        0x1f1752334ea25ea3L } },
-    /* 192 */
-    { { 0x808a765b3467ea91L,0x3f4632eefd2d9c45L,0x7b75dc6d9cf2bc6fL,
-        0xefc8d240359813aeL,0x23ecb209e44cbd8dL,0x59ba10e321525622L,
-        0xfa14d9343f1ee19aL,0xdf97c21bfb0c48f7L,0xc4e62890ea30d437L,
-        0xb286e2a4651475c2L,0x291f01e4126672a5L,0x9c6fda5c31aab3b8L,
-        0xb7277a5ae17d22ecL,0xbd88ed83914f0badL,0xd0b05d1b6a2392e1L,
-        0x4cb8af9065893c2bL },
-      { 0xa2b02057bb4b1953L,0x4ce08b44f597f6eeL,0x854f5d9b5e6412c8L,
-        0x1913262db3cd4919L,0x902762e46e42bb5dL,0x8355c8e6d78e7f60L,
-        0x8efaa82438b6c16cL,0xd0173790e550f618L,0x118af462e57d778eL,
-        0xa16ad5e8715b4714L,0x900596c341dea4f9L,0x2a957c32280ca610L,
-        0x2faee800374c65a1L,0xdb10512750080414L,0x8c1db931ff080fa1L,
-        0x486a5c25d79878fcL } },
-    /* 193 */
-    { { 0x0521e213941b4f36L,0xbaacfb14f803b4f9L,0xfdf1e22e52a54ba8L,
-        0xacfabbba8fe4796cL,0xae0788db58dbacb6L,0xdf98d736c19dfa51L,
-        0x155c286a35a716eeL,0xbe7d46769c86461bL,0x50b6380f63a64a5eL,
-        0x14b419149f609262L,0x0919a7d0a2dfc5b3L,0xc454da55cef466acL,
-        0x93fa4a246986aaecL,0x5090b17171a49cedL,0x602f1d6cc1fa75adL,
-        0x5d269f8978e4c054L },
-      { 0x3a74030c14920419L,0x0845d86890968739L,0x81b994c4eeb70fa6L,
-        0xabcaa06dd9fc5bcbL,0x06539427f58f8f2dL,0x35c85f67b1dc52aaL,
-        0x5a7d8d722c911baaL,0x4041005caec2d834L,0xb5868a447a8e5347L,
-        0x04ee180b8de512c3L,0x4daa66e5211168ebL,0xc0bd5dab2317cd8aL,
-        0xa1d4185d61164df6L,0xacedca261dbad7c9L,0x0fe4b5ac09b02683L,
-        0x8ac9995a26d9550fL } },
-    /* 194 */
-    { { 0xb2c8dc9b2640a39dL,0x21ff0b38ede0c9f9L,0x74f469bda1ecba0aL,
-        0x8a902ccd080d0417L,0xe956fa32f4994604L,0x348f85cf9776ab15L,
-        0xc21fc6ee0066f492L,0x35b1ebfefeeef367L,0x7804581c4613e5edL,
-        0xcbdfe8e6ea6ba071L,0xddfcaa32950d73edL,0xc97479361da48889L,
-        0xce867c8cdbaffbd1L,0xd267431f1cbaeae7L,0x68255045897912c8L,
-        0x0c7c1ddcd7ea1e4dL },
-      { 0x53aa30cc1ce963a7L,0x7352f64cc4c5fadeL,0x2b9aa2f82828afbfL,
-        0x64273c56ca212107L,0xaadd765485a576dcL,0x6196ac3e90b5c77cL,
-        0x20d43e9fd1aaf39bL,0xfc392062cd05cbc4L,0x141638724c0ff2fdL,
-        0xcf32b8d82ae821e6L,0x5f58f9433fa7a3f0L,0xaebf1d2df644ca92L,
-        0x0c0615631918a75fL,0x7989b5ed6b876118L,0xbf342445ad412441L,
-        0x24ffc9ae1df633abL } },
-    /* 195 */
-    { { 0x89fcdc0593c7cb2bL,0xc1243b95590053fbL,0x601debcf6182343cL,
-        0x364546ef66c18a63L,0xa5290701ec913287L,0xc35b8026f9788c31L,
-        0x852b862a92d1f7d7L,0x1809cb050aa79728L,0x897d467ca3cb2005L,
-        0xf20c77c09ef5b946L,0xc3372c42f2241984L,0xda053e0df35bb206L,
-        0xbc26c6d0a9c140b5L,0x61cfcc0ccb56fb33L,0x1c3cf9ef299b3968L,
-        0x89e4d3d140621ba4L },
-      { 0xd35e80e7a45a9be3L,0xc4daa57807356fbdL,0x0186d62eb967bc2fL,
-        0xa702679e47cd16e3L,0xca2f1c025f30ce9bL,0xf1205b461f864f50L,
-        0x7fd6d79785061d66L,0x47edc4f68a08809eL,0x5dac04499a4d3ae2L,
-        0xf844664a6d1f9da8L,0x9f30ce84d7a83a71L,0xe9382baceaac33f1L,
-        0x1f033831948622abL,0xb037a4baf7681eb2L,0xd156a90899a1b5c7L,
-        0x675d3e6fe6f1d0fbL } },
-    /* 196 */
-    { { 0xd9767ffd707193e5L,0xe478aa91810358e5L,0x5634f9ff328d8ef7L,
-        0x913a0ee86dbbd9a7L,0x379b29687e215686L,0x903f410a89d9da38L,
-        0xd9f8d7b91b1334d2L,0x9fe74229bd82efb5L,0xdb568b623803c778L,
-        0x93e9a350d3d25344L,0x559c35b0724497e8L,0xc472d436a169e23bL,
-        0x09864632cc5b4c69L,0x9f6d759d83c7f531L,0xa91cf1db1e497888L,
-        0x5f7f92fe60af1a4bL },
-      { 0xf18a1cc60545167eL,0x55ee2e02affa88e0L,0x24cdff51432a7bcfL,
-        0x7382da42a7510866L,0xe894c11f40511af7L,0xaa4e4e312aaf1423L,
-        0x8c3d36f0f63dd2aeL,0xfc5c9550d7660635L,0x0125373137ea7eabL,
-        0x2a5cd59839b950f6L,0x95a0f60140e63442L,0x905e238ef2ac7045L,
-        0x44bacc0e446b0f73L,0x4cd4206ec448578aL,0x367b1aaaa5bd7803L,
-        0x25beced90a2b458dL } },
-    /* 197 */
-    { { 0x079a73820c33a8fbL,0xcfbf6cd10f25dc1dL,0x4ffc73f8c6d482b6L,
-        0x3e51f18c07bf844aL,0xa7651236599162f0L,0xac59a74e14013811L,
-        0x957a6865e55018a0L,0xe1ec51bde3ca09b1L,0xbc0c7eb3a960253fL,
-        0xe83bfd147de03f84L,0xc0540ed152fbdb09L,0x6ba52eddcea15ec1L,
-        0xf3d30ed54b261307L,0x9bd7bae8e8397206L,0xf20d8692096373aaL,
-        0x0a616a4bc3b0bf63L },
-      { 0x2075f3ed6e1339c9L,0x7afaa072bf8b00a6L,0xdfafec82bccd9b47L,
-        0x4713158f00ca54c7L,0x449102f138bc31aeL,0xaf98f158310dfc8aL,
-        0xc9ef207559e954d4L,0xe8021af9c527a0c4L,0x6e8012777a192023L,
-        0x635f538c7fb02377L,0x5df1974fe8c9e951L,0x0287faed15cc9097L,
-        0xfa0728f0f7a5115cL,0x90dbfbe60fac623dL,0xa8d40fd40311ba09L,
-        0x876d154e07c6464cL } },
-    /* 198 */
-    { { 0xd3a4d6d2c2d3ea8aL,0x36be681ba842600eL,0xc53f100de4070672L,
-        0xe3e5b6fe6a7d7a7bL,0x6e6994f95d5e1a83L,0x07cacd2276097c2aL,
-        0x12d98dbaa6791011L,0xddfc4461102e0e24L,0x4815dbc2d493272aL,
-        0x7e38e64ba9436696L,0x4960eb1a32b2bf90L,0xda457525d928e28bL,
-        0x72f75b392a077c9eL,0x27760cbb7fd61d00L,0xaf235d1b0f4b1456L,
-        0x3040c23be76d1700L },
-      { 0xb10dc55b4efa9a70L,0xd4de414f53e86610L,0x3d95c11309f8a27fL,
-        0x505109a506661d3cL,0xcaa2994a60eb513eL,0x3ee415371e7d338bL,
-        0x4fd145fc4651e71fL,0x51bbf838cbc313b4L,0xb039e0781eb92150L,
-        0xe8696b4414bf5ac7L,0x2d6671888be0d48cL,0xbe93b2f5dd8f2b6fL,
-        0xc1dfd1e7eb8a7f8aL,0x862b3dd990f751c5L,0x1eb1ad58a32a74beL,
-        0x5486d79a1ebbc9a2L } },
-    /* 199 */
-    { { 0xcb2e34ffa1359e13L,0x202d8dbf28196051L,0xe95e023d23564b5eL,
-        0xfb1340b642f6ac12L,0x543ba852b653725dL,0x81aedcd68d2466adL,
-        0xbf780224547c728bL,0x559f8a119569fb65L,0x505b7a62dfb22ec9L,
-        0x071075409eed5e52L,0x9c899288299f6f11L,0xa7d692613db6f8c7L,
-        0x30eb7fb3b3ca79a9L,0xcab99bb8fb2160b0L,0xd2012568d28b409aL,
-        0x380f1b0f5ac45f8bL },
-      { 0xc0b99e6be6a0068fL,0x4b67cf2ac8a73753L,0xa6c9a548b2faeb7cL,
-        0x7f417f99340260c3L,0x8ee56855cc0f739eL,0xf08b510f780949daL,
-        0xb1770fc28d5c6effL,0xb4f5abeefd96a7bbL,0xa07b1136f2665a2aL,
-        0x2fb380a4b601dcf9L,0xcc803614162becc6L,0x3498fb96ee6b83b3L,
-        0xea9b0fd6a8c17eebL,0x5834b5baa177efc2L,0x929044f55b110b3eL,
-        0x4abeddedebd7285eL } },
-    /* 200 */
-    { { 0x3355e1b9700ef376L,0xd56e5d9a66cdabffL,0xb3dc257547e87646L,
-        0x28f44b8a00f79369L,0x08c32b1ea0c52e29L,0x5a78de123729b392L,
-        0x4184519ab26d239dL,0x23f6b4b7e0ce4a6bL,0x235f6f8aacb2a9f9L,
-        0xbb8bc454e2064a59L,0x37efd0341bf3062eL,0x6bac683b94dff6f9L,
-        0xc3364b1e8aa7fa06L,0x0616772ace0b3745L,0x46f08d08d1e3fb0fL,
-        0x6a20abb318e132d3L },
-      { 0xea8310166a85cbc7L,0xd0990946934f9aa7L,0xc2211088e778f1b3L,
-        0x7ea4ff8f2247b799L,0xb3171d71454484ceL,0x294039494f98c364L,
-        0x5da911f397df1458L,0xa6b5809309439116L,0x75f9509a174238bcL,
-        0xfeb518218209758dL,0xae0c6021a47925d0L,0x0e946694af8a315eL,
-        0xae7af8a36bad04b7L,0x44c15e7ff072447dL,0x5184668aa5456ffeL,
-        0x45e353a7bf36b977L } },
-    /* 201 */
-    { { 0x7605676493092f71L,0xeb66b6c2f5b92d71L,0x9db3149be2c8b6c5L,
-        0xf62f583a20c0363eL,0x688acd3303cd7097L,0x85d0c0f8ebb916acL,
-        0x1bf7462c84c19b0eL,0xc76ed5f97c4a6ad1L,0xec8b88bad119f369L,
-        0x59b8371bebe50b83L,0x0cc69508866706a6L,0x531c75a3f8373d2cL,
-        0x4e1cd3a32a5a02fbL,0xe8274778da39a1d0L,0xedfc5bbb75da333eL,
-        0x15941f24ca79bd36L },
-      { 0x42e8c0f8a77dd512L,0xa91b59a71dc365f6L,0xe80d14cd08753862L,
-        0x1624230dd272facaL,0xeea3ec164027cb5aL,0xc1700b59c1ef9f03L,
-        0xd411c1270da3148dL,0x801ee448c4181af1L,0xedf285599e3a900bL,
-        0x5d67b0bd0d09affdL,0xd839df968b370024L,0x3b6307e0e6f836b8L,
-        0x5382e588bd3201c9L,0x636d8a6b7a1d02bbL,0x70b7db76968641e9L,
-        0x6d17c34a118fad03L } },
-    /* 202 */
-    { { 0xcf608841c181c99bL,0xb65dc901c87bdcafL,0xb460b4473720dabeL,
-        0x4c79c3965377515bL,0xd447f22e0a96c277L,0x0d9521302ac0f440L,
-        0x8330b26bc90583adL,0xe25e977a928904a0L,0x1deaffd985c50b18L,
-        0xcf4dbcb7a5ad5f6aL,0xcbcd0019c8a37ed5L,0x7846dd901e9850b6L,
-        0x1ac8194ab0b8e605L,0xb972857134132f90L,0x4ce9f149f56ee28bL,
-        0x1ab9b5a43e9e1d4eL },
-      { 0x206dab92314fa7a3L,0xcc4af0f0478ff963L,0x4cce1713904d9fdbL,
-        0xac20a2eb12c045feL,0x44fc5478fd8f6d7dL,0x886e72c5ca7b6ffaL,
-        0x7fa4529b6fd6f758L,0x4df1d1b192a820d5L,0x3d812f9f2789f149L,
-        0x9842f083aabb53d2L,0x2648539b2a03ab32L,0x631ce090b1512502L,
-        0xe1294d15731f6bd5L,0xb229361d9436e634L,0x8c4281c43ca966afL,
-        0x24b34956c21ab3edL } },
-    /* 203 */
-    { { 0x49bdcb86659824e2L,0x6dc4ce484e13e74cL,0xa4c01a266bbe1eeaL,
-        0x47b2b8e71e3ec457L,0x7e8b15e02f5a8e4bL,0xe81eb6e6e333530dL,
-        0xacba369e17a45202L,0x81241431d70e4c9fL,0xc190af4b3e12beb8L,
-        0x5327052311f486fdL,0x9f6c41e129fb2bceL,0xbe6287ebb70f6c08L,
-        0x1479850a3feb4477L,0xfcfdfb119bcf18bbL,0x925c292fda80d040L,
-        0x212d65e57e3c5bf9L },
-      { 0x23adb386ca15cf08L,0x4dfa4ac481e172ebL,0x9d1dbf934d42d0c0L,
-        0xd9cf607374404dc7L,0x60508441e932bfcdL,0x9ae910ca1c682a98L,
-        0x9528fc1841ac1cc0L,0xe6a120aedbbed630L,0x94e0e1ec30ccf250L,
-        0xfe84ba54e58bbf2fL,0xc66d0b4f9faa4415L,0x0c58f1e7ecee7ce5L,
-        0x7a1d43eb6fa6873aL,0x96c6c5a0399f1348L,0xe6ef9aaae6727ab7L,
-        0x66afa5549a5c2447L } },
-    /* 204 */
-    { { 0xda5aaba8c980e91dL,0xa93cf5096ac98efaL,0xb0990e0a8da32662L,
-        0x01d215300081453eL,0x2bb0d33e3d71de84L,0x465f6d803e19a012L,
-        0x5902ff4c78a838e7L,0x74e2afb71931348cL,0xa49327579cfb057bL,
-        0x761ea6423ad03f8fL,0xb7d4c24558ffa40aL,0xb5e9c0d977a87e30L,
-        0xd1c5edbac9c84d26L,0xeca8839a3d1963a0L,0xbc6f2f35ebf6bf0dL,
-        0x01ef06310d58abdfL },
-      { 0x2bf903163ecdcbb0L,0x19e2d72827c1c955L,0x9e5270309575c930L,
-        0x0dc1c5a996983930L,0xef9f80ff7cd082dfL,0xcd915075df97e051L,
-        0xf286fffe9cc61b55L,0x352db38f80f24cc4L,0xed9b99ec36523ae3L,
-        0x109a8ca810b104a9L,0xc2700fe7305203adL,0x2a2ee24e769400f5L,
-        0xd595d399ee0c452cL,0x0ab75d6af7f02a41L,0x341080990db730b7L,
-        0x0e4f5ffd5e8d1202L } },
-    /* 205 */
-    { { 0xbd1c64440ff14c38L,0x9a5b59faaece11f2L,0xaa4605a722af6330L,
-        0xddc9f65a82af24eeL,0xf4ee4bfeeb9a1159L,0x2463d07674e84eafL,
-        0x88cbe1e00e0baaceL,0x7ca568ead5fabdcbL,0xbd80d524c57eb99dL,
-        0x9c46572ce9be9873L,0x918a1dcd7300b85eL,0x4922131240f54176L,
-        0xf7e324ffb5b14236L,0x40dda5012434f16aL,0x08833421a133d97cL,
-        0x33d411610876f020L },
-      { 0x7531a36b9878e5ecL,0x5de3e32146918232L,0xd15f9a33d0a30464L,
-        0x734c1b87aa173659L,0xac2094a2f925d4feL,0x43c965a1c262b0f4L,
-        0x759c903e447d5cbcL,0x92af215e05239300L,0xfffb6d5f1f593f34L,
-        0x65943b4bc3cddb5fL,0x9d03a29cbfdd5408L,0x8f7cda6b198d76c0L,
-        0xc0790a22c0f27b59L,0xba557a848cb58ccfL,0x5922052d76c54fdcL,
-        0x2d3de7aa47b6b466L } },
-    /* 206 */
-    { { 0xaade746265add3b7L,0xe5888f35abf24c2aL,0xd41549cae1a57d93L,
-        0x0e22e18e2c76f7bfL,0x67f288eabe3202b3L,0xb79a66ba1d1d0f0aL,
-        0x0e0ab7492881ad18L,0x7d424086c7adb0e9L,0x870c32c52842132fL,
-        0x858477f158f9a09eL,0x422a9372ec025589L,0xbe428c5ca5098777L,
-        0x45b7956457660058L,0x6c7fc631957f37cfL,0x8b7023ddd6316289L,
-        0x47003bb65b1c12a6L },
-      { 0xd99401c1c91c1c96L,0xaa5dcdf927a12970L,0x3ab92e17c3c29107L,
-        0x26fce8f7a3fe4710L,0xb0d09d5e4ee998eeL,0xafa622048e3a41f8L,
-        0xb1c012a5a26ca506L,0x2c6f734c99b57252L,0x1093d79f512f7fe1L,
-        0x2f30906eacee19a6L,0x6bff8381056d1ea6L,0x61c75856eff35f21L,
-        0x6e07e978c1ad2224L,0x2cca6ca16b20fde8L,0xab4d6d2d633fe81bL,
-        0x73dff504b06a2ce6L } },
-    /* 207 */
-    { { 0x8b615805d8e20fb8L,0x7c6873e482b533f0L,0x5205f00156a854caL,
-        0x87fec6accb369211L,0x1fa3c0ecc7f092b7L,0x5b36647ee845fe4cL,
-        0xd4781e85f8b1f112L,0xc65268398b0f1a6fL,0xceeb8c6cdcb8eb92L,
-        0x133f0ead8e5f6d52L,0x31883e23c8d934dcL,0x214ed5bd428ac45aL,
-        0xf77ca492dbbfca85L,0xdf4113fe07e5ae13L,0x63e4a0d272ab05fbL,
-        0x7544d0b77148f535L },
-      { 0x4fe8d13480797aceL,0x216d6aa0af86d97eL,0xdbf0a688ef5a68fcL,
-        0x18b26f459f9b2684L,0x52fefcfa8999d2fcL,0xd5af8d8262423955L,
-        0x8f123469f63a3780L,0x2933454fdcd4feafL,0xba8018b7a73b5d09L,
-        0x9af1f276e5552c18L,0xc5d4773dff26bb1cL,0x9ef4941006dd4f44L,
-        0xad8f12f95f39ba49L,0x5767f6dcf66ca4f2L,0xba8773f17922f59aL,
-        0x220081eac1e42d49L } },
-    /* 208 */
-    { { 0x3043d573ba37a0baL,0x05a431bcdd176df6L,0x03322cfcc42070f7L,
-        0x5cabd30e67c2d109L,0x362c95decbf8bcfaL,0xd767d2777787b10bL,
-        0x612c915e6ec05e64L,0x9e669631ce69c30eL,0x27c9dd8f682e2635L,
-        0x79021f1295ffcc38L,0x06a8ee798a2adca2L,0x8e00e7844b5d500aL,
-        0x87746fc78d80d6c5L,0x246053be915f10ccL,0x844e328b219f6fd8L,
-        0x620541ac11bd3733L },
-      { 0x0f7fd382509e5a29L,0x8748d7d0b432531eL,0x8f749354cd3883b9L,
-        0xc6b8ac748bfbb17aL,0xa4616a6605f2d2c5L,0xb3d966251bcb1b83L,
-        0xcf7531042fee265aL,0xc70d73fbdb225058L,0x1211d434f0c2d556L,
-        0x862061d854b259b3L,0xffe4606dc42b3f7dL,0x4c5c8585e86a4949L,
-        0x04ddcc8b160eedacL,0x1804ce67568e2420L,0x91f3855a42141656L,
-        0x7f378198f932be97L } },
-    /* 209 */
-    { { 0x9a374bdadfa6639aL,0x0cbd48d402ab7391L,0x5c5ef23647031e2dL,
-        0xb49ee2bcd0599d1fL,0xd285eb60e0d38443L,0xdbbea92f269392e8L,
-        0x91455fbfb8bc538fL,0xae259ff1e469b768L,0xc1cecb1f41de5682L,
-        0xc876f0719952d1aeL,0x1ce25181e7bf7446L,0xcb93ad86282ad2f1L,
-        0x8fa3cd316ba4ef67L,0xfce68a04e507aa3eL,0xced74170a61bb608L,
-        0x6de716b3f6ac10d0L },
-      { 0xd4e58d04172d6dc5L,0xbed2cde66397c65cL,0x7ae77e180c9eb4e8L,
-        0x5627546875fa2edbL,0x4b30324ea91e6738L,0x6023a856235c8b2eL,
-        0x9df6d6c2a8f92887L,0xec2c185ff6f5e8b5L,0x7892e12b3ad5748aL,
-        0x7aebb4f2d54aefbcL,0x14915448ee868821L,0xa26c5f71b1d9bd5bL,
-        0xe5ccd1662ff00df7L,0xebc99f17b95b1deeL,0x909836163fe1f774L,
-        0x51f90830bb3d25b0L } },
-    /* 210 */
-    { { 0x49376fa1f2922461L,0xdbb1b1c31650d0d1L,0x92b91c330dd8608dL,
-        0x3e612c4b36b89906L,0xe1977b0bdf560052L,0xf8afff70636a2545L,
-        0xcda7d27811723d8eL,0x0b0bc4bb81bde7baL,0x3cb080b2ed2a578eL,
-        0x5bda0d0d171b2e02L,0xf6df38cf941bb9aeL,0x85dd81dbc14a65c5L,
-        0x7f98c82dc19dd98eL,0xc613747f52206f93L,0x9e13a2c25f5bbe78L,
-        0x5eed218e0aa34be7L },
-      { 0xe156575401d4dc0bL,0xa1ae5f27f566bb07L,0xe985ebebb82225d5L,
-        0x5f3ad21c1189ec6bL,0x17da518cecce4d9dL,0xc84a2d3ed6b65b59L,
-        0x7f9881758ffa771cL,0x50d6ae122ac69a7aL,0xcb7f30b1c6e6846dL,
-        0x8c023a605bd0bb13L,0x9a10fecdd73f2407L,0x8c5158cce5f0a996L,
-        0xd26bf615bd8f5806L,0xaf32ea87915a46e1L,0xeaf74e810287d308L,
-        0x8c14ba06a6264254L } },
-    /* 211 */
-    { { 0x0c877895b17ee201L,0xc05aa47188e57a77L,0x19c3e76397822456L,
-        0x0be6f8c0c9c3ba1dL,0xfe85f4ffb4389ebeL,0x538bccce0ce7fbb6L,
-        0x876eab2a65266c64L,0x5c9ac690cf9a3842L,0x9f5cf3b1ccc8f981L,
-        0xfa17be6a9cf687deL,0xfcfc10fc83835c15L,0x086b0fdb150ef2ebL,
-        0x9f97ecd9884a52e6L,0x416e6fa2b0cd1eb8L,0xe2bd15993ecc03baL,
-        0x645c0a5deabb165eL },
-      { 0xd94c420550aa7e31L,0xaec8df0c2f851da5L,0x996469093c726e6aL,
-        0x72dbdc362619bf9aL,0x1b4260e0e253fbd5L,0x97c259fb8c709e06L,
-        0xfabf7cbbcddaec5bL,0xb4d5e8b1e4b703e9L,0x1b06e56e0734efddL,
-        0x02d4a4f91f55f8a5L,0x7f8608ba3f565c8dL,0x822f47d2816d1d94L,
-        0x0cc361565ce7b136L,0xe46ee5ef31d04242L,0xb2a65f70683567f6L,
-        0x27e9ff40d2fa6c91L } },
-    /* 212 */
-    { { 0x75251893d7e952e7L,0x15b30583c735bf18L,0x732b599296fe0491L,
-        0x27451858806d2fcaL,0x71ab76a01b885ed9L,0xbdce9d976d9f55ecL,
-        0x3da60b2048f2ba9cL,0x6977c086592b132bL,0xb6dca9cb099051d7L,
-        0xd9c2ab23d188ae25L,0x9f469f3fe20aaf3dL,0xdbd1f7cf5aad74d0L,
-        0x3d5efe5c22a9eb3bL,0x8c5edfa2137010c4L,0xada2217b57870260L,
-        0x4feee5673dac9776L },
-      { 0x30e18d52b5d3d780L,0x4dadb5d307166744L,0x320d386e5a742156L,
-        0x5d8c290e8d6bbb86L,0x981a43232d263dd1L,0x33d0e7ca98984636L,
-        0x5138784da519acb1L,0x832e3fabdddc81ffL,0xfc2785943199a43aL,
-        0x5b4cabcf32743163L,0x9fa010bd74f94fa7L,0xc28a743d5694a627L,
-        0xc1d2a888cb657a24L,0x7eef2503e86a25eaL,0xed11a5d304c561ffL,
-        0x4fe818e79c9ede0eL } },
-    /* 213 */
-    { { 0x00252c9d7fc1c7ffL,0xa9bd419d9fa89ad1L,0xc93a124a4064e9ccL,
-        0x384cbcb843942eccL,0x004c21fd8749695bL,0x69c81d9f421165bfL,
-        0xe2325628dde01102L,0xec9374575a9b004dL,0xfb3346bff6dcfc21L,
-        0xac4da64b4d372c7dL,0xcecb7ad3f20494e2L,0x562c41b5e867c150L,
-        0x299395cec2b723d8L,0xc91adfc57ee53231L,0xe06f1161f10b6597L,
-        0x81915529b74d3ffcL },
-      { 0x8ec124316ed9d4eeL,0x3dffa154689aff01L,0x4aba349f2a89a3f4L,
-        0x2db1e8e2d467efb2L,0x18dea354039102e2L,0x422ab853e52f082bL,
-        0x7130a2c1ed36dd47L,0xca60e86d0295d1eeL,0xe6ac68087c7f5ad3L,
-        0x0f83cecfde864658L,0x72e66c21461d1265L,0xfeef4150bd385099L,
-        0x0f183f3aa6632289L,0x275454be792dc795L,0x2744c11b11367702L,
-        0x7d06bcc7e8ea6ef3L } },
-    /* 214 */
-    { { 0x892859427090212fL,0x691b7d4c5521e844L,0x4c038422be2dbb92L,
-        0x317721edbd81f880L,0xc136cbeeac89bc36L,0x4f71b60b7b8f004dL,
-        0x269132d04e218ab8L,0xb0e2496ee6cc814dL,0x0b2ce31775fadc15L,
-        0x82e3c08466d223c5L,0x9721caa64c612f8bL,0x59a751eba4b65355L,
-        0x3433aad5c7d3d9d1L,0x1e61b9d2e80d4246L,0x149f655ffc673caaL,
-        0x48b52b99d0f9cb92L },
-      { 0xa3915399efdc05beL,0xde70db1813e095e9L,0x447862e9cddb3fdaL,
-        0xa2b031621a009451L,0x4b27980c23920ea3L,0xac5394f1a23b8febL,
-        0x163f72563e5616d4L,0xaa0ff93fb714219aL,0xd26f96d293d62474L,
-        0xdd212ea87dcfe276L,0xab27bf2f47038d15L,0xe58c8325f418168eL,
-        0xe3704222b32a989aL,0xa3694390bfc9f13bL,0xf16e26060d0684adL,
-        0x17c0de879d8c76ecL } },
-    /* 215 */
-    { { 0xbca5f453dcc01958L,0x7d9459541ce88393L,0x5e6350a1561f5b6dL,
-        0x291c3c867e2d36bcL,0xf6c7ed84a5ac3a6cL,0x7913c40bd98006cdL,
-        0xf78bb0875671ec3bL,0x1c928f6eb43e89a9L,0xfdf28df3ae1ea1edL,
-        0x62bba5b1b924b2b5L,0x491d27051a116e05L,0x08ec02b7167ed3e3L,
-        0xe291cf7b5bc0b046L,0x30e501698c5d7f59L,0x0c7c350df5c799b7L,
-        0x6862b9e20ac6e1d7L },
-      { 0x56c6f4e79ffa1f64L,0xfed6a91aa1e24349L,0xe9a0ee0ccdb75232L,
-        0xbfc90b370322d607L,0x29480ad2462fef87L,0xfc214969c2bfcf34L,
-        0x6e5211e0a539e38fL,0x2a59ec2612a5149cL,0x195fe212d706b532L,
-        0xf77fb108e99c8429L,0x74ceaea35dc80482L,0xa5a6030bbd92d298L,
-        0xad42dca5aaea15eeL,0xd6ac3bc74987109cL,0xc64e1c40290af649L,
-        0x5093fa2d51f8de6cL } },
-    /* 216 */
-    { { 0xc4cf32804c2d553bL,0xdc1abe223b966c29L,0x556a549c2296914aL,
-        0xd8c9f8b5999976c9L,0xc22c57bd776e83f3L,0x4f2942ab7c85ec57L,
-        0xef3407e56e2c61f5L,0xf005e8caf213db48L,0x470c853df32698c7L,
-        0xe6f488d7cac0a54bL,0xb6bd6bed60b7501eL,0xf0103106714a4bd9L,
-        0x5285bc3b6e098894L,0xec06741af5f92a00L,0x32f16426ef7ef24aL,
-        0x12f9c44d6c77a438L },
-      { 0x1951e96483313a1cL,0x98edd3da33c58b37L,0x4edbbf52c7ac4044L,
-        0x866ca6f70dcb5ee8L,0xec0ae8f56dd422f8L,0x1077bc540661ec2eL,
-        0x6d39913ad422523cL,0xd105e1e858e7cb3eL,0x47c9397fc979bb45L,
-        0x3221d4a90997b592L,0x0ef628a3e8952fe7L,0xd08d58274e946241L,
-        0x64cbed0f59780f40L,0x13d7c22708e110ecL,0xd186d8667679b1a3L,
-        0x02f75e4e26ae1d18L } },
-    /* 217 */
-    { { 0x1b637ebf47f307d7L,0x6b644a6ad0141477L,0x82a33d652e05a80cL,
-        0xc8f1a0f3fed07b31L,0xc09ee7f93696e597L,0xcdaa7ec3c7ffc01eL,
-        0x549f88fef8f373b9L,0xc88d1961c3bb8989L,0xd92a4fe9dfcaa7b7L,
-        0x12ff9ee23ae4ab20L,0xf5aea641f5ecb1a5L,0xe769237fe32fb47dL,
-        0x96a5c42025d085c0L,0xdc91255826c755a2L,0x580b985f9bce9723L,
-        0x72b1b56663961941L },
-      { 0x9d708a08790e5558L,0x985360410689af80L,0xe85e7b8a42313b5fL,
-        0xe6ba129255a49d1aL,0x5e76c4b0ac371b0bL,0x58504f39938e6e19L,
-        0x8dd4142260ae9a21L,0xd8b04e9b968485ceL,0xf94c4ba5887efe43L,
-        0x11268e67f11c5e73L,0x92623e28cf6b99c4L,0xf2d0aaa87a0a9662L,
-        0xb266772a4ca02ed3L,0x68ee8e4e2d63b551L,0xcdebb2992e78b5b5L,
-        0x5df19216e17225adL } },
-    /* 218 */
-    { { 0x20027e1e8df2e7e3L,0xb183cc68d8da07deL,0xce35ba694b4ae694L,
-        0x896d97df3ca62e88L,0x3de4713b52efed2cL,0xd006c40e26bd084fL,
-        0x1e9b71bbfc81923bL,0x9991c7b61aacc6b0L,0x650c93648f656840L,
-        0x138561d187f47524L,0x610f2b11bffd3ca2L,0x96915faffa191418L,
-        0x8f1236de955e5309L,0x613cbeeaa1872d79L,0x7f7b44ea66a2a48bL,
-        0x452265c2e0a89c32L },
-      { 0x4ad5ec7925430010L,0xcac786ffebd090c0L,0xa5f9f4ff20a9d3f5L,
-        0xfcbf4112a3edc65fL,0x8824839c0cf3eb11L,0xb8dd6d4e8aa5b700L,
-        0xe2271dfdb7568ab8L,0xe43ec373b744560eL,0x78eaf9261cf75296L,
-        0x1809ae0e3fa96d9bL,0x0b312d2ddc25dfd5L,0x6b8f78b46bab7711L,
-        0x069efc8db5ecf1e4L,0xc1952bae609fecaaL,0x43e302ed5f4dbde1L,
-        0x14b02bf91e078555L } },
-    /* 219 */
-    { { 0x2c71c768b87e5b57L,0x0bcc78f7f531a557L,0x4ff93f8bf7597dc8L,
-        0xb28e026d139e175fL,0x6b83b727cb94ca6cL,0x2eafe3b20079f7fcL,
-        0x2aca54decf3bd170L,0x17c4133c6af0dc6cL,0xbea1e665ccf5e35eL,
-        0xa6691a48345505c6L,0x2633abd0e6100b89L,0x966c6706c17d0388L,
-        0x7aefffbe1a0cf90cL,0x4d847be7d0add64cL,0xd49bcdfbaea2aa46L,
-        0x85e07e742cc7d0a5L },
-      { 0x23aae0a60bc25bcaL,0x6e8e55f1e44f64ecL,0xe1e696d8b607b773L,
-        0xaa90a746d3005909L,0x072b1ccd2cbc4990L,0x0d0fe6c6c68e2f5dL,
-        0x920ec5f053e28ec9L,0x79b21fb4f0040cc1L,0xa7375bd3fcc4a2c7L,
-        0xf5f5def9e1bac7ddL,0xdc315d7935c0f8d3L,0x7117c1702cacd318L,
-        0x6f2823c4e926f71cL,0x38db58bbed02f39aL,0xe5b492317db69323L,
-        0x0964039f8d49f430L } },
-    /* 220 */
-    { { 0x21774f1656999ebaL,0x3d8ee287b1de6305L,0xd81af726de0b2669L,
-        0x374469393f8942a1L,0xbcf6b615ea03e13cL,0xd30c0c3594e273cfL,
-        0x4fd33a56c6725c56L,0xa57534ada8be97a2L,0x799242a67c22a251L,
-        0x4e51bdb59d0c5c49L,0xd7cd76ccc6a42768L,0x914097acd426bf59L,
-        0x59404a2c66e9beb2L,0x4738fe985c96e3e9L,0xbcbb3e0eaad666d0L,
-        0x626b0fd263bc5e56L },
-      { 0x47217dbae1a1ec42L,0xaa6ae7dbab5acc50L,0xb7e1ab1e865331d1L,
-        0xb84530703d30126fL,0x280649e0dee61851L,0x8806f4a3ea689544L,
-        0x4bbe43adcb56f632L,0x036b9bdabcaff94fL,0x0d941e65bd0637beL,
-        0x82179d44686f3abbL,0x1486912caad6afd6L,0x9a3b891eff7e1534L,
-        0x88c426ceeb86fd96L,0xb56e6a81117928c3L,0x933e713596399e00L,
-        0x09bbddd9a17b6ac1L } },
-    /* 221 */
-    { { 0x75e39c1de4fd3673L,0xf880d9d1a65c8e07L,0x4725c1dc7289c7feL,
-        0x5b6735ee3529d200L,0xc1f8f2ed3c747af3L,0x5cf3998f912efdf5L,
-        0xed72261849859c39L,0x23793a2f0e69795dL,0x8a6ab8d686b1d2a7L,
-        0x00c815de22a882e4L,0xbe77d6fcf9db8d7eL,0x0886fb3202267547L,
-        0xb62687d449c10edcL,0x9f1c3e177c83ed4cL,0xe6d5d7f05af366eaL,
-        0x2eaa01b8d1efad24L },
-      { 0x5e47fb701f357c74L,0x93085c4aa9e3b794L,0x4f0987336e85a905L,
-        0xf53808ffbe0244c9L,0x91dddf93a3b5660dL,0x8b76377bf3b95ed6L,
-        0x91b911b7bb3920d4L,0x7ccf08bf86a13cf3L,0x53ed8f97ea018e58L,
-        0xb1ea434378c55194L,0x8e6adde9e0d2d5a6L,0xfc2b248f9b96259aL,
-        0x96ebceaeeef17dddL,0xf694b443557f9c85L,0x48cd150f07d5bba8L,
-        0x02d31de9b4c1986bL } },
-    /* 222 */
-    { { 0xa6bb9e1ede79499dL,0xf6ca8ff8fd0fc2adL,0xbec0f8e81a7d9356L,
-        0xbc3d1c9fe8f06327L,0x805c72173b300bebL,0x00420a08413c181bL,
-        0x9e9a167ef0ca9d01L,0x076c909d1aeeddd6L,0x64a1997f8e3a8a72L,
-        0x3ce7f7a7a77b429eL,0xaac0fbf45c94d3e9L,0xf37694a7e6d48407L,
-        0xf56679e2a91921e7L,0xf23fe0f3ee1dbbd6L,0xc7917566cbf9fa99L,
-        0x965860f2e0f4d765L },
-      { 0xe734702b7fa5f79cL,0x930bd4265af2d26dL,0x45bd8b986c73e0ceL,
-        0x7dbe7bed4ee44a2dL,0xc129e024956c8a1aL,0x6fdc05ac77cdf80eL,
-        0x70a6ba2b589ca59bL,0xfc484021999825afL,0x1d284b547a23f0b6L,
-        0xb1da10a428a0a8afL,0xb1eb1b312b2af6d8L,0xf051443a33935ee3L,
-        0x7a07eb268effa6ecL,0x16ee4086d662654cL,0x7a7bc5014549ee4cL,
-        0x650810321fa98a52L } },
-    /* 223 */
-    { { 0x49f0e460b67ed9b2L,0x0cda0fd0c36d93d2L,0xbb5963e988c75e1cL,
-        0x757bbe93614bc0c9L,0x9a9b88019a768605L,0xa8b7e2af48edc544L,
-        0x9e77ed9eb51a5985L,0xdd025274ebbf024cL,0x598b62881545c636L,
-        0x39bdaed04800dba0L,0x7fc2013981e2a23aL,0xdc66fd5c550cb4f2L,
-        0xad27032fb52068c7L,0xc9a0bcae8169fa15L,0x60606f213a7ca8a2L,
-        0x982950469862652fL },
-      { 0x3e3746002e11c128L,0x80dfae5d0e6dca7eL,0xe44016e2d9552264L,
-        0xf65f88f2880b7143L,0xca3d28d4526b881cL,0xf9c59dd1dfb86afeL,
-        0x548860c24c74f958L,0xd06ea43c9cb69f4fL,0x5343c9ae7334ececL,
-        0x5cc2ccd635329713L,0xa95ff4035f3a6c0cL,0x2e01a1ccb372653bL,
-        0x31510fdfa250523dL,0xeee538e2a6227eb2L,0xeadfc8a0ca23cd10L,
-        0x4b7e6e1b3e78f54bL } },
-    /* 224 */
-    { { 0x79c9076fdb5f928bL,0xe6250bb6b7347cecL,0x54b67798ac00ec41L,
-        0x900d20ba9d9619c7L,0xed42c0d059e4343fL,0x3df39e85451935d7L,
-        0x2639118264f701ceL,0xce8f2554e1f87aacL,0xfddd678965f91aaaL,
-        0x96cd163fa324539fL,0x5c815f2c4bace995L,0xd78c8c2aa94f9ea5L,
-        0x7ab2aff4ef24e455L,0xf0ed64091cddc26aL,0x954a420b00ca2822L,
-        0x0611c4c5d3297658L },
-      { 0xf192001ca9e81829L,0xded3332008a282ccL,0x0bfd7de18f9ded9bL,
-        0x6793ac0db7889003L,0xbb00d91d3577a5ddL,0xe17a23a7802d3c2bL,
-        0xff95f88cfb549014L,0x7cd1bf4bc71b6e07L,0x2e3b24a023588c8bL,
-        0x9b5335b8a4112076L,0x2481c05ec4056d30L,0x55c7410ce916a1b5L,
-        0xbbe03271850179f4L,0x15e6c177b3cd1208L,0x509a24c090cbfe50L,
-        0x820795291c108566L } },
-    /* 225 */
-    { { 0x5d2d3cff1c7d353eL,0xd5e7eccd7de0ce3bL,0xb4b1075f6ca87635L,
-        0xda8404e025f9ad3eL,0x6b963e89205cb5aeL,0x9e5ee0d809f221a1L,
-        0xd64c85d9ea41aca4L,0x6a46c4e934442a34L,0xac6ff97e3cf655a4L,
-        0x76565c1ee5417d7cL,0x681009a9eebf9c4cL,0x95b61d3988da6388L,
-        0x6402b46af6b472c6L,0x1fde51650b7f1171L,0x94f8f273be0c05e3L,
-        0x7487b036a88344a7L },
-      { 0xa860e5759c3e2370L,0x19d58193f8048719L,0x3a0dbf3ca6e2f9aaL,
-        0xb6c7e9596144719bL,0xa9049c74deffec21L,0x8ba064b23f50cebfL,
-        0xb12822c049a1de15L,0xb654b7d9b1d527f2L,0xc470859d0ffd0430L,
-        0x37c74a674f05446bL,0xe553251ba3add995L,0x4a3ed6cbe33533b5L,
-        0x2f2f44d027e419ceL,0x2d84ee82a5d1b979L,0xcc76b123db6fa69fL,
-        0x834f85c521fa3bddL } },
-    /* 226 */
-    { { 0x329347c12ce9b31aL,0x1d88522afe3fb3b7L,0x4bcefb4d52ff90fdL,
-        0x53b173862b1a081dL,0x538c11ba2a411f08L,0x7895b93c141b603aL,
-        0x2993b9aab10bd741L,0xccbbd04609912986L,0x669fafb0eea0aba5L,
-        0xd484462235661897L,0x4a63b89c367ffa54L,0xcbad5d1d1c3478daL,
-        0xc5339227aa6034f7L,0x0e6d705fe61b1391L,0xdd14b660f74ff515L,
-        0x639d8b0a5332b54cL },
-      { 0xfa423162162217cdL,0x2e0e4a2a811c28e6L,0x68d9ce1821766dc0L,
-        0x51263739046a06efL,0x44eea231dde92101L,0x0607c8f2114298d3L,
-        0x27f272ba63d957e9L,0xe7ce80cca5e8cae1L,0x5816ebe224f7a63fL,
-        0x4dece5a789673e34L,0x13756a22536babd4L,0x644d61aee3bf77afL,
-        0x60b2bf6e2bcf98bcL,0x3b0b59f329fa962cL,0xb0769a1aabb50023L,
-        0x409031360c75402cL } },
-    /* 227 */
-    { { 0x84d2873a1670433fL,0xc9394df625493dfcL,0xeb05a19a80fcf89eL,
-        0xe39e4310db297616L,0x50742dc9d9e63046L,0xf31ad8c81de9ca9eL,
-        0x86aabf94fb7b1d0dL,0x36cda27a1b3c82d1L,0xfb1a2ef439702d84L,
-        0x280bfddc46081299L,0xe4b2b48dd2396238L,0x2db2c2f37b3c9353L,
-        0xd5b5b31712fb8a69L,0xf9b87a3b08180474L,0xd85909861e952578L,
-        0x80668eedf37a2bc8L },
-      { 0xe2edcd35b39a0249L,0xaf230cd4b2f8aeaeL,0x295b15e47223df05L,
-        0xbb66982ae0e937f4L,0x019d2b728cbc9162L,0x5c512ae9cf49dca1L,
-        0x11b491a7630f07b4L,0x48d4f34ca03874e9L,0xc1fd0ea644cb7433L,
-        0x13f79ae1f95b30c3L,0x40362d4ded8b60acL,0x9e8314ff61ead81cL,
-        0xed600dd4498c3d28L,0x5fcb1c19c2521702L,0x592329fc3a9c1f33L,
-        0x046775481bde6ce9L } },
-    /* 228 */
-    { { 0xee3de56e39233c96L,0x868c409c80737eafL,0xacae11bd201abc68L,
-        0x0f2cea9b2b486205L,0xe32387e16f19056cL,0xea75365aa5dc2a41L,
-        0x76c29acc12b4be86L,0xa01fcab78d63294dL,0x81dbe88b0cab9f24L,
-        0x76646e5bf414c054L,0xfe111893cb96b7aaL,0xb649f5b17664e097L,
-        0xa196422e53fcf5a9L,0x5978c9bd0b7ff634L,0xb5feb38e3c229895L,
-        0x038a49fb0833c456L },
-      { 0x35e3818c13e93257L,0x14cebc9da612741bL,0x4f6e92497caac06bL,
-        0x82278e333daa1116L,0xe7cc565e4de2034aL,0xbb7dc95f0a1ba630L,
-        0x81dd9f2366956fbdL,0xc63e6319bb132dd6L,0x6e22b022fc241337L,
-        0x238481937e8beb1cL,0x83b1994dd8c938acL,0xb54cfacaa6bb5644L,
-        0x1a7cd44e06f91807L,0x1dd439bba8f8d9f3L,0x660c2a787f74a8e6L,
-        0x4bb76e22121b5660L } },
-    /* 229 */
-    { { 0x7a151e8ae6354817L,0x33d494eaf038b438L,0x4c86c68885958986L,
-        0x721538271dcbac12L,0xf487af8cc0edad06L,0xad33051fe500e5d6L,
-        0x0a711b1bd6e47f55L,0xa68709a78c746ad5L,0x27f172626402f35eL,
-        0xc6d08efafb30c130L,0x9ef1c041c06c7497L,0xd0c74ecedcc3e2daL,
-        0x30c5f96e092e1073L,0x0f1393cf2aa12b74L,0x245840162107eb02L,
-        0x8843d25f7b76f98bL },
-      { 0x4e1501dcedb2a83eL,0xbcfe8fb02bb8d724L,0x09020659d925df62L,
-        0x3c715dcf42ab6fc3L,0x73c05055a0f09dfdL,0x126745d8e3590aeaL,
-        0x5382f4d876ff749eL,0xfc69feefa920c663L,0xde1602119fd711caL,
-        0x4219c3bd9075c4d5L,0x3800cbd13ded6bf2L,0x8c7ea0eb6263a116L,
-        0x35bd79587d264c37L,0x56e22e457159c98cL,0x71bf2a2dfa7373b5L,
-        0x0503f9398935c949L } },
-    /* 230 */
-    { { 0x65addc6671dad4f6L,0x238e4889024bea1bL,0xfb76c8e2f605d3ddL,
-        0x13d5f5deb0d96b89L,0xe0b5ba356601b2cbL,0xe37d491d83e3d254L,
-        0xe8860423240c8ea7L,0x374182f3e91c99baL,0x26c2caf9a87ad919L,
-        0x4b13040af574f295L,0x5b9bced1944000a3L,0x4ccc57be06df42e7L,
-        0x22e8ec504bd1089dL,0x0c53177adddbb500L,0x690d31d29ecfeadbL,
-        0x735778fe176668f9L },
-      { 0x0f86ee3e843c1137L,0x3c1c42fa3f0b73cdL,0x0e75679d8ab20e3aL,
-        0x6f95f1f416242faeL,0x7b88e11c39b092e4L,0x1629403e4c236ac0L,
-        0x66105f412dac02e6L,0x74dc28a7862e0632L,0x2118ffb2f3b23c8dL,
-        0x1182417c0745ffbfL,0x49b55a044c05711eL,0x2c665b74cefbe4deL,
-        0x1cc4c01d97bf7107L,0xb2ca06dac54f0676L,0xfc599daa7450d0f8L,
-        0x52e637a61a3182a1L } },
-    /* 231 */
-    { { 0x481700f16bebc6dbL,0x4a6b45dbf9503d92L,0xc715cd3c5d153919L,
-        0x942a1c05e5ad2abcL,0x36a82433ab7b466fL,0xba413bedba13918bL,
-        0x698a562490f4e6ceL,0xbb720da6f3f1f3caL,0x2116d41d63471ab3L,
-        0xe00d2227303d3609L,0x7fd4cc00463ba69eL,0xac609e4d62845fd1L,
-        0x63603b2c80adc9c7L,0xbf16fc9a45fafbcaL,0x41007f7fc4bc94abL,
-        0x7c916b4fa74b1698L },
-      { 0xc1026f9178bac2d4L,0x8a2e80982601a875L,0xad2f276e0073d640L,
-        0x443610c4fcc1fb88L,0x5727b822ca6b291fL,0x0645532c88ec60fcL,
-        0x51e48899ed9ad48bL,0x841b48b5f543f103L,0xa6ccb1bed591ceebL,
-        0xfc4adf0f9dcf5a8bL,0x3a7ca020b347ddb4L,0xaa1accc2cb44c521L,
-        0x773b68280527c0c4L,0xaa374c107023cf50L,0x733d10006b74c926L,
-        0x1ff3916f77a8d07cL } },
-    /* 232 */
-    { { 0xaa218fe4f997939dL,0x3d4dfbbb791583b3L,0xb3a7b5da87f7560bL,
-        0xa9c028015da92c98L,0xe1eb4aad46666f4aL,0x2eb17a5114ce9dd7L,
-        0xf46a66a4ef8f3076L,0x900b45c6810e546eL,0xf7af22584baf04ddL,
-        0x3cc1c8725c84d42fL,0x3093f2258e4c83deL,0x62fade41170d88b2L,
-        0xe19612e4ac076e44L,0xf48d734632dd141bL,0xc1b1f759925e34daL,
-        0x19ed1a56072b90c9L },
-      { 0x9cf7fcde6c735473L,0xaab88e676003bc3eL,0x12187cbcfb199bb8L,
-        0xbb7304419accccbdL,0x214aff3cb0f65459L,0x6aec81a36f926282L,
-        0xaa82cb329f9d20b8L,0x82f3f90f5773cc90L,0x4af60e6bf62257e1L,
-        0xf18b44bfbd4762dfL,0x3948b129db970753L,0xc6e920e97c22c18eL,
-        0x393d620857be97adL,0xe8d7382c46b637f9L,0xf6625ccbf1fed1d5L,
-        0x6f31e0f968681599L } },
-    /* 233 */
-    { { 0xc45afe5582b8f204L,0xac0441b6d358b54aL,0x7213e7bfacd5f5edL,
-        0x1914c70b139bcd93L,0x714b458196dbcbb0L,0xe9297d351ed35d21L,
-        0x8f6408376a3e1f20L,0x150a8a9d2f3cd705L,0xfb36e801dcdd9f6dL,
-        0x5a54eb655cf56d82L,0x7610500c92aa5a21L,0xd10d0ae23b089f03L,
-        0x491b2079c42b66e8L,0x4af1ae3d0eee8d48L,0x137e4c2841556f45L,
-        0x875e330863d8a7e6L },
-      { 0xdc80fddcaf6c0accL,0xd5ad1e66bb1e7c08L,0xdc717ae1828585adL,
-        0xbdc54340275c7da6L,0xf4b4c852d26b9e15L,0x5f0a1fbf6a05fa50L,
-        0xc6f81e47817bcb32L,0x2cbd432870ff2e1dL,0x8a24901667c7f7fcL,
-        0xd045acb7b585a6c4L,0x2e972ad44666c057L,0xc74d87cfe6d7d63dL,
-        0xf7067d870e274144L,0xb2ca157a8b2584aeL,0x495c5bfb75f0fdebL,
-        0x5abb0581f386e009L } },
-    /* 234 */
-    { { 0x8be62d2bf0c97f57L,0x0fe04871962f28c7L,0xc548a46747b50abbL,
-        0xf6b26e0344fa09edL,0xfd44c6e3ab05a96eL,0xedb0032c70e6ae82L,
-        0x28bd402bd7e4899dL,0x43f2e9639b7c11c2L,0x0ec3fc0ece913716L,
-        0x769b8bc902fd0f8cL,0x9d9cb3aa7cabc3acL,0xe88a889206924cc9L,
-        0xa51461aa42609014L,0xc7f4aa8b962e79e0L,0x4ef0210a8b1b3e80L,
-        0x705446801bfee4bcL },
-      { 0xfab3d713121901c1L,0xe90a2627fead54aaL,0x64f6d285bc08ba23L,
-        0x8d99301536ec227eL,0x99a16ab906c191abL,0x86b1cf5bf649ce2cL,
-        0x5920675966be3a80L,0x18836279ccba2cf0L,0x2c157b87eff53486L,
-        0xbfac98964b223af2L,0xcd0fd4f00aae7a57L,0xdaddb94063218a80L,
-        0x3844bb79df88f14eL,0xc1b3e3d4b71ed9fdL,0x6c634a13d6205036L,
-        0x6f56aecfb8680a6bL } },
-    /* 235 */
-    { { 0xb01dc803d9205c5dL,0x68955f7d67123929L,0x3debbffd9d9b6565L,
-        0xb844395ed3b1acfeL,0x04328b216094eeffL,0x6631ffa822991febL,
-        0x0dde66e6190dd075L,0x75b03c55e8577c05L,0x6c91ce5f91722407L,
-        0x9a288a408ebb3a3fL,0x1d376f8a058a1396L,0xf3a594579a6e0676L,
-        0x103029c57b71d288L,0x0843f428b44c30c0L,0xd8e6aff8730e0b9cL,
-        0x7b6be8114ed644adL },
-      { 0x3ec38e4a3d3aa54eL,0x10233943d83d509aL,0xf84aa621243955e2L,
-        0x29104717f51d3d44L,0x62d2442c7eca4e37L,0x8c5a523d85fa55deL,
-        0xc6f5ccda851da1b5L,0x044bcaa820001468L,0xf7501e68e01702e0L,
-        0xf0819359e6a0acecL,0x33dda6adac0ef0b2L,0x97aeedc8fd964f01L,
-        0x48dacd0e530b90d8L,0x4c5fad6fb84122ebL,0x2284ec1ed700a1deL,
-        0x86f9a835dbca5474L } },
-    /* 236 */
-    { { 0x0e1d9055450cc69fL,0x50eb14bcc9edf98fL,0x1bb94e77ee7eba01L,
-        0x5f7a6737998f8e53L,0x588384e31b16eef0L,0xbb928723d85c5e15L,
-        0xfe51e345cbd952aaL,0xc5d0ee287e241674L,0xfdc146ef100182f0L,
-        0x0f739e92e7f5be2cL,0x501ab3afb656bd3eL,0xb1552dde5168e289L,
-        0x940dfe31b8ee104aL,0x42923603c4304475L,0x9306f114c460a913L,
-        0x5bfa9faf03b51f86L },
-      { 0x2a23f52c107b258eL,0x989e82bbd66341dcL,0x54a3ced8823cff1aL,
-        0xf45b7794719b491fL,0x898c22182433dfb8L,0x0f9dd91cc49250eeL,
-        0x50c2a2ae4fa17655L,0xf7aa1ce42c327f45L,0x13a15ad6583b1e41L,
-        0x9aa0d5a5a1bfad9eL,0x9b1caa288e1fbdcdL,0xaf9283b6915f7f87L,
-        0xc10e4e0c87e81a1eL,0x04fdca561080d296L,0x6acc961612755bd8L,
-        0x1b1266aa828feedaL } },
-    /* 237 */
-    { { 0x4ebc0a00774ee49cL,0x776f6852cb6237d7L,0xfc0544ac5df938a3L,
-        0xc3388ec8b6fbfbbdL,0x84ac8bcd745f2eaeL,0xa9c56609b1ece937L,
-        0x656fb6ac7de8fa13L,0x5f8ded74a532b871L,0xab0d428baa889f09L,
-        0x43b27f2810b7aec2L,0x26426e1efeecb34cL,0x44431b6b9e89c2dbL,
-        0xaac4bc5d39211090L,0x926f73684fd81058L,0x452fa691471ef60eL,
-        0x33517fdb218d7a23L },
-      { 0xa9c33f46593c4a36L,0xac69d71836b1a9eeL,0x55a20c1d4277beecL,
-        0x3e8ca24e7e4f179cL,0x57373369d46d88a2L,0x71ceb1cc730702f8L,
-        0x8b184d9735eed574L,0x7f4517a20704cec2L,0x7f129d18d7062a53L,
-        0x07a4571bb1d77e1cL,0x774ac3098350d8b2L,0x27b2919f61fab8efL,
-        0xa7c4cc13b5dd801bL,0xe7e6255b1434591fL,0x349937b85a3592b3L,
-        0x31fac63d30c77549L } },
-    /* 238 */
-    { { 0x2ee8cf1b04913fb6L,0x7e4013501769a6b3L,0x790ebb71783e61f0L,
-        0x1e5107f9e27f2ffeL,0x124ba67fedaf89bfL,0x189200e1e58de68dL,
-        0x962732a36df5abeeL,0x72cc37cfacbeb4aaL,0xb0c5fa96e93c5a76L,
-        0x4c2a317cde63393bL,0x97f65e67830b2d6cL,0x4afc35041be5b96aL,
-        0x0bf40a60730ce66dL,0x96a1ba799340d84fL,0x3ee1825407626b08L,
-        0x01db35db7ab0cbf5L },
-      { 0x6e0fbc2dac0efee2L,0x8406ebcdd71dbb45L,0xe72bde3e19b69abeL,
-        0x49cb7e6137e01822L,0xcbb8c01c11458b4cL,0x420b4847687c5d63L,
-        0x1847dfa1454c6776L,0xbede911dd1839d18L,0x1b9dc9c9278df046L,
-        0x294bd62b881a336cL,0x7f09687993e77adcL,0x7ac9066543ce3ba7L,
-        0x148695fd7764eefcL,0xe0c20f0b9ac465cfL,0x636e8d28a6e2cdb1L,
-        0x7b6ba98cd755341dL } },
-    /* 239 */
-    { { 0xcb1d9e03c1881ab4L,0x19c25d55b3168c88L,0xa82d3d47282364ceL,
-        0x95994390f161aa24L,0x7838bc00e1ebb2c9L,0x8fd5dfccbdec7a75L,
-        0x4dd203c24ff7220aL,0x5ec173b30efeff48L,0x99f1d2b316428b35L,
-        0xc06bd9e5056e813fL,0x929172bac0b319f1L,0x6ae0e384fd223b15L,
-        0xbd01059e98d091edL,0x6b3168e4a654648eL,0x2211447f3375e798L,
-        0x47e8101971eb4508L },
-      { 0x7045d45abc8c290dL,0xa33d1355810fb33aL,0x2baf009246fbbf2fL,
-        0xacff3f1b385c7cd9L,0xc5b150ece161985cL,0xc6ee0a7f2a888748L,
-        0x9d888c8e5e88dcc8L,0x4dd735f2ccb86443L,0xcc1e13b73c40f6f2L,
-        0xfc3a25fff3fed691L,0x4cb43b17257ee5c7L,0xaa654f93f32db135L,
-        0x44f58d0a02dff2d3L,0x78e3f188a8ca6394L,0x39646ccef3e86697L,
-        0x785b1902e0dce87bL } },
-    /* 240 */
-    { { 0xfcce2361a92f9a20L,0xb7bdca879d64540eL,0xd4739a851d00d7c5L,
-        0x067ac8dc2e97c926L,0x2aea3ffe78da6a8bL,0x6828bf5463c51b69L,
-        0x76f1c4797155141aL,0xf4bcbef63977d810L,0x75bc4949541bce7aL,
-        0xe01f4066d17041a5L,0xd282d5bd87755eafL,0x6e2107dd59e7ae80L,
-        0xaa56e166382ab36fL,0x65ee8ef6b9d1d634L,0x99a2160ace4ed844L,
-        0x6557c367b7712c27L },
-      { 0x561b0268d75b6e52L,0xb0813640118d0e89L,0xcff533306a2eb1aeL,
-        0x4e4622266d090894L,0xbb351227b5fc1d48L,0x9365ea0757a3062dL,
-        0x4caca37bd66e2dc5L,0x220d7d23b9095887L,0x9c0fd3938c4473bfL,
-        0xadff370a6787da4fL,0xef0aebccd057f4b8L,0x205e744c1173f33aL,
-        0xb8d1f0a5925a26b4L,0xa9364f49722fbbfdL,0xc891ae778227d284L,
-        0x15c40d04a0e08ab4L } },
-    /* 241 */
-    { { 0x9baf169a2a0e18d1L,0x9971c0174c0327c2L,0xd81a323f7bc262ceL,
-        0x2099db8d818ff379L,0x663f663d4cd3c330L,0xef5325c3011a0553L,
-        0x9cd70bdcf980a470L,0xe64452d11c9ed070L,0xafbf43f4ac676e13L,
-        0x97bec0a6ae85c2a5L,0x2faae550470490c4L,0x0ab97a87491e6ba9L,
-        0x4055f537aafa9914L,0xfc95adbb36726557L,0x646343b9d119d6bfL,
-        0x788e94a09d341e37L },
-      { 0x053a6fe59c53461aL,0x75ec897e08e3b6edL,0xa8f5d2f30768d939L,
-        0x9bd6bff6cc213d4fL,0x590c7b4105b0147cL,0x20a3628b7c7b8169L,
-        0xc66a086e5bce78e9L,0x3dd4d2824dec1d8fL,0x890acf44c19dcce9L,
-        0x6632d875d8435a7eL,0x590167c1ea6381b2L,0xb2259797f0dcc128L,
-        0x91a612b446f8d463L,0x42185d78c15efa39L,0xdf55ec37119f6788L,
-        0x91b19cc6780dea93L } },
-    /* 242 */
-    { { 0xebf2709dcb5d8b80L,0x03b96182fc35660eL,0xb873d991055ef969L,
-        0xd1ea4b4de47c4342L,0xcc4b9244d54f8867L,0x93b1a2cafd8d77efL,
-        0x068d24e7e8c1f563L,0x5f5fabb649973056L,0x83248c500542374fL,
-        0xc36de2b53f38e913L,0xed07e8eb7bb680beL,0x964813d7d8f313b5L,
-        0x7bb6a069afd2d392L,0xc06d848e0848a31aL,0x6867fb2fe4f0c325L,
-        0x3c2ba834067343afL },
-      { 0xab62d7759d3ad63bL,0x3f9cab9759e0eb1fL,0x70332a633885e117L,
-        0xf22cafcee20b2f9eL,0xb529ba7e49eca947L,0x249542166228d88dL,
-        0x80ea23ec39239561L,0x1b8907e7d4370644L,0x4b7fa455563e4e44L,
-        0xcca9829eb2a4b0faL,0xd0a720a448060792L,0x8ccdda0c246991ceL,
-        0x37a2325b348d086bL,0x566ed509f60aee13L,0x3d30e091147f253fL,
-        0x1fa627a5c1073bd8L } },
-    /* 243 */
-    { { 0xa11222a242478fd4L,0xacf4c6f1670b2000L,0xf71bb04f8359c6deL,
-        0x618e28297b93cdbcL,0x96e1bae3230db60bL,0xf17fd3b4965b3b29L,
-        0xa58639c6bc7055ddL,0xc3ea92ed4b817d7fL,0x9082b2a6d23b08a4L,
-        0x8471228adc17010eL,0x753b9e4620e89d97L,0xcf7e4f9703ff77c9L,
-        0x6c3f82452bbe60e5L,0x9e432cbcb80e017dL,0x150a5acdc0a45edbL,
-        0x67b8bd054798743eL },
-      { 0xe66079b4f4797cf7L,0xe31c998ad03fde02L,0x5aa3763a54caaef1L,
-        0x64d9a1fef7649711L,0x7ce0dc73af29b1a7L,0x6661b083fb66ca93L,
-        0xbf4d74fe32fb6a78L,0x25f6ef09df00a561L,0x2bc4383f831d1159L,
-        0x6d5cc10c536bde37L,0xd4945f9f882cc65bL,0x81f48f13451a99b8L,
-        0x140161cd6bac11a4L,0x9d94d4edf18a4a0aL,0x65363165a467a824L,
-        0x74297aa9a4c9aedfL } },
-    /* 244 */
-    { { 0xc49758a4e21124baL,0x99bd8198a87ffbd2L,0x45fbcdd13d6638a8L,
-        0x94645ff815f7bf76L,0x5fa6736fc4e6d57eL,0x1eae647592e61db9L,
-        0x79575c0ccbdf944aL,0xa3d1304725b31d74L,0x7881df224cab5ae6L,
-        0x8dbfd2991a2887f2L,0x23d07590a26ac459L,0x2e589852d8661d4aL,
-        0x37b5c13b8a0140f7L,0x0f94199e3fb3782aL,0x722aa0591bc14e90L,
-        0x89aab7bad55bbb12L },
-      { 0x8b345a96d656bdc7L,0x43bdc8afe176cd3bL,0xd69518b632d64c43L,
-        0xfcf364a779b82b41L,0x907b344effb0cf82L,0xf3d0c83c5101287bL,
-        0xe9f26a5934cd90efL,0xe5f5aaf207082b5cL,0x4eb72c75ece7c165L,
-        0xe9590a81be986cd6L,0xfeef498fff1536aaL,0x04560243a8263d5eL,
-        0x940be14f54ae872bL,0xbee7bcc9e3207686L,0xd496a27dc1bc4d7aL,
-        0x002dc2975940ab46L } },
-    /* 245 */
-    { { 0xee533937b69d60c3L,0x260be552fe972755L,0xb11fb78dc0c725a6L,
-        0x6982c27ecab2e7c2L,0x4bceedd9ee2322cbL,0x952b19ed122704f7L,
-        0x2df4c285854a6165L,0xba40b5bf7b192485L,0xfcbca9500119f52aL,
-        0x7467d1cbe5add86fL,0x9bf536fbd9d0f2c1L,0x3c296e34b8d4ebc9L,
-        0x0495f8f405a81317L,0x8c59e8d673335f76L,0x0b53d324e0542122L,
-        0x4d5645353c3bda73L },
-      { 0x7322f8007e5c0877L,0x481b43e60ca9a764L,0x231f4f4ba2c12716L,
-        0x09596857ed3136c2L,0xae82632238db30deL,0x652fad4099908ebcL,
-        0x0b8d1814af0d231eL,0x2680c54b09cbc349L,0xfd4562f34bf3bf8eL,
-        0x2985090b092b595fL,0xe6f39ca45e15fc34L,0x70175191bc378168L,
-        0x906944b3845a4a87L,0xacc6d74a82a1541aL,0xadc9bab3b155c8b4L,
-        0x1f2f89ce77306c62L } },
-    /* 246 */
-    { { 0x8253ef419affefdfL,0x05d7ece54cf9256bL,0x377002f2b444e483L,
-        0xb189755fcba5471fL,0xc88483cbd5cbe015L,0x254f7c696a0b8429L,
-        0x18850bd461f3f61dL,0x7ba210890a247157L,0x35abbc2ed92eeb0dL,
-        0xfb56cabe965dec89L,0x9da23724bc55684aL,0xd8ba396f6a7a7492L,
-        0xfcb90db72ef4ba46L,0xdd234fe09909b27aL,0xbdf3c16476f4366eL,
-        0x09c8097f17e50d47L },
-      { 0x6a04b14060050c07L,0xc29e831843a8e37eL,0xcb9429b2bb55e41fL,
-        0xed2fea5a2ce60e3aL,0xdc7b1ff3db9d82f4L,0x48ebecc3687d37faL,
-        0x79153e32ecb07539L,0x6a60054f57075692L,0x3871cd0c800759baL,
-        0x17a7386f30922df1L,0x4e9fc59e83357b7cL,0x1d26b3a939415186L,
-        0x912a0222d34db889L,0x6672fcf459fcdb71L,0x5a3f268d44ff3036L,
-        0x6f113ed36911e16cL } },
-    /* 247 */
-    { { 0x52a9df591836f1c9L,0xfa6519f54232307dL,0x8406c7015ded285aL,
-        0x0a1545caaf627f75L,0xae1111eeace0417dL,0xfb28bdf6a6113443L,
-        0xde9ef0ab52dbcbcbL,0xe9dc181b7813e658L,0x0b1dabdb99127225L,
-        0x5f0598e322814c59L,0x5c3b966ed934ee7eL,0x4eb84edab99ba4bfL,
-        0xb2919a343c1b55e7L,0xa9addb4994aa860fL,0x1b7220dff6811ff6L,
-        0x6636a23bd1a183e2L },
-      { 0xdf5d5a2d20587283L,0x0b3822c9ef07fc5dL,0x1786bd550ef6de38L,
-        0x163cf90725d1671dL,0x74bf971f1cdb1defL,0x5749e8300842fc4aL,
-        0x0e2edbc727f854f7L,0xbb27bbdabce24acbL,0xc1b19cec05bed08dL,
-        0xaada123ef7c904bcL,0x02429f1bd89982dbL,0x49d3616e65f6e632L,
-        0xa3789fa8ee59fd32L,0x160ba3bafe9f29f5L,0x0f2d3b61af5378a0L,
-        0x7aeecc7673c2a6f8L } },
-    /* 248 */
-    { { 0xf3a4757cdc43b0dbL,0x3d8a4e8598119cadL,0xf8095bf64616c156L,
-        0x3e2a07bc4f533e97L,0xa982436739cfc5adL,0x18a6ba3acd68052cL,
-        0xbd60e5908a1cec66L,0xae3841a502b1b695L,0x986dff12190a195bL,
-        0x2df2beacad31fd9bL,0x7d893224cc728f7bL,0xc38ea7380cf0a992L,
-        0xa8439a80586a44eaL,0xede7f7f01615f03cL,0x4824990827a1f885L,
-        0x28ec4006b78a7645L },
-      { 0xe1820c2ea2fe0009L,0xe11ba5d2f13874e9L,0x97522454c524db52L,
-        0x4d4774267fede529L,0x01d3419a9b2500d4L,0xce08a4921869244bL,
-        0xba169023dd1be1b9L,0x242c3e5432a301e0L,0x9b56f7ba70906788L,
-        0xf0ad2a09c74a8cc4L,0x99cd1841d76f9439L,0xeddafe0b621fb60eL,
-        0x056bee54bc397634L,0x4653f860ff7f0a84L,0x6bd4876f2011c0afL,
-        0x134f4cc70c9525c3L } },
-    /* 249 */
-    { { 0x9621a3ece938dff4L,0x7d101a7b486a79a3L,0xf2c4ef97de950537L,
-        0xf3184099e65d87dbL,0xb89c7ffb373b8cfaL,0x68baa505e842916eL,
-        0xa790fd094ebea764L,0x679df6d4e592892bL,0x2023331cfcfed741L,
-        0x0bf4efd29880ff21L,0x7ca78dddd0344501L,0x2cb09ecb342858c8L,
-        0x9e5eb6dc2575487aL,0x50675a15ebcb0491L,0x09d2e74f7381d471L,
-        0x6ea3782983d3d6f4L },
-      { 0xc65c094b4e5cc40aL,0x7a2e3f6a1af37dfbL,0xef677e9df9026e44L,
-        0xb7878c9593880f53L,0x4aa30b077f644aa9L,0xa0c516832f208c3cL,
-        0x7c0277ae658d663bL,0xef0b3c38ae1d9130L,0x302f37a7695c3ea4L,
-        0xe004c1c56a0c5e0dL,0x9fd495c420cbcf9fL,0x706d5b9d568a0e7cL,
-        0x8b225dff59286454L,0x527d44658d9a709cL,0x47c558da87c08d68L,
-        0x606ee6e6bb4ef07dL } },
-    /* 250 */
-    { { 0x02d99fc757c621f6L,0x292e40c17fe83d48L,0x1bdfc7a19ef199b0L,
-        0x78a04102e62c7666L,0x16cda370e6738753L,0xbc81974d1e3a65afL,
-        0x19742048f78fe209L,0xc83a058abf5981c6L,0xf26b24349c89702dL,
-        0x988b2f1e9d1a678aL,0x472bf9b0ff29ae29L,0xa143e3981d7cf5ecL,
-        0x9c9d7e45b268ddd8L,0x166cda555fc4ff76L,0x6044cdf0a4aa7673L,
-        0x49dba6f7e9148707L },
-      { 0x20e47fb2a758e37aL,0xaf6b31d72d8eaf66L,0x352ad5f96f9c2210L,
-        0x0093f72790efc32bL,0x435c99dc41e4b264L,0xbfa878e005b15795L,
-        0x99c520a40e673575L,0xca68259487eea759L,0x029f7b81f12a348bL,
-        0xa547cc182aa2ce35L,0xa11d874bead5e2c5L,0x9af0349b55682cdfL,
-        0xf86ebfea8bbe8e66L,0x3dab8782f55394abL,0x458bf797ebc8eb8fL,
-        0x4890a7a49b7de78cL } },
-    /* 251 */
-    { { 0xd72996898da995f6L,0xd39eaae7ec6156efL,0x6959040c356a82d5L,
-        0xb2046b21c135bcfeL,0xea720b640f595c78L,0x02824efae7c5fb40L,
-        0x97d8fd4c0edb3bfcL,0x12f0290579f24ebeL,0x16fc47cf187ea6b9L,
-        0xc219fd27789d5c23L,0x233a6b6c89263eccL,0x823634b28b6d30a6L,
-        0xca352e25c9b33680L,0x9388d6ca40c77456L,0xf8e55b0b3c92065bL,
-        0x5c17474b02439a76L },
-      { 0xd888e7c28aaccab5L,0x18027836aaced05bL,0x185b877dccec0f65L,
-        0x93cadc1c125c2882L,0x45df540a67fdc54cL,0x4f3c86e2c2788a33L,
-        0x3e874469e3a0fa2cL,0xc59daa47273983cfL,0x3063c48b4a96d8a5L,
-        0xc38d2bcfc2e58915L,0x90e78b8784e428c3L,0x900a292cf0c4fd53L,
-        0xb7f92db7941e6005L,0x956792416ca53a1cL,0x35f6f31db1ab0fa7L,
-        0x5d675eb47b58408cL } },
-    /* 252 */
-    { { 0xaeee1a77870c6025L,0xfc4a23b791a2dfcaL,0x7b0e60c4386b64c4L,
-        0xd5d5b17de5ae72b1L,0x6dfc88ac9eefa212L,0x4feaefbed4038b96L,
-        0x099ac3568e2d2eccL,0x548ea612012af207L,0x4ffed9db89c31218L,
-        0x1c1e91c4e0e67331L,0x009bb64faf8300e0L,0x8780501c6773c3beL,
-        0xe0cd6edec08219faL,0x7c055e07f81b06ffL,0x82b63f9ce080b36fL,
-        0x02fccbaf0a9feca3L },
-      { 0x9991d4d1b47cac61L,0x2e9d1687ab86e12cL,0x8c6855ec2b94f042L,
-        0xca40051948e648e5L,0x9ba91fb2ef89ac57L,0x4f4192061be792cdL,
-        0x82d221cbbd0f1e15L,0x062eb13bfc444019L,0xf3a97c3299790fdcL,
-        0x4e796d946067a64bL,0xc46dd3006d23775aL,0x8672c4d5ed7f0f23L,
-        0x821851dc3b4f63d7L,0x50a3ae0cd26273f2L,0x800e58fceac60f6fL,
-        0x56f1e45613845545L } },
-    /* 253 */
-    { { 0x01ccb3f632c24f3bL,0x99eb1c7f06d817e6L,0x8dc640bb6aa26776L,
-        0x7838affe0845d5e0L,0xf34fecb1f81a79a8L,0x6a2e282d3e6819b0L,
-        0xc4b977ce8237a4b8L,0x0f46b3db87636439L,0xa465f54097970497L,
-        0xd7e087628791be43L,0x00220b6c34198ec6L,0x57b38637093d94bbL,
-        0x84012e1629d690b2L,0x02ec9db520aad1a4L,0xafee2fc685dc34e3L,
-        0x911d193625500cf8L },
-      { 0x13b1bd58f5e5af5bL,0xa7ca263b7b6a22a7L,0xab6bec4df3af2adcL,
-        0x16651e59a04420bdL,0x3b448b3b4ba36c11L,0x3c62bfcdff424310L,
-        0xde15c4a5f1a96cbbL,0xbe0ad8a1e4d1f980L,0x812bd14e36673a3aL,
-        0x40303af69212acddL,0x8f6dab9c576095ceL,0x7df1882a107f5ca5L,
-        0xb903e63c8896a3b0L,0xf5048544d863b3f0L,0x5e5019b9c09887deL,
-        0x2be744fea0f53865L } },
-    /* 254 */
-    { { 0x054cd05f5b50f324L,0xb9b1eb241ea3c7a2L,0x4a858a5c7ff8e6b7L,
-        0xd83902feec040882L,0x72b26494d0cba9bdL,0xd0176f90b29c9e1eL,
-        0x05d4eb02cebadb81L,0x874405b1372b8bfcL,0x5c41288179ead190L,
-        0xd44a3dd3ec2b48cdL,0x84499a773f4d5033L,0xb37b38cd564c3a09L,
-        0x80e99497f42e803bL,0xc07b47a0b8f518b2L,0xc710e3c53568fde4L,
-        0x735f542fcead0e7aL },
-      { 0xcaa9a17138380039L,0xadfafe17f74d19c8L,0x92d4393eccbc1a8bL,
-        0x3c5dbf39fe029705L,0x4552b5ab930e9b36L,0x7ee630322afd494aL,
-        0x826a9ad73f02ac43L,0x98c5356299356298L,0x0c869f877342bb39L,
-        0xd7510020e4f9b79aL,0x6361d1a4d34789a9L,0xf0ded5bacfa85637L,
-        0x407ee73f88ac07e4L,0xfac7d03f09ef1cbdL,0x25d697cb4d475badL,
-        0x1e984c9d14bd399eL } },
-    /* 255 */
-    { { 0xc76d05614850c817L,0xb08a5b193489812dL,0x7273d1545e58cbbeL,
-        0x8900b5fa4be61e5aL,0xaa088691d7aeb8e1L,0xe66666afd35a3d4bL,
-        0x38a2c19957ec7d3dL,0xa0648e8f668d6f5cL,0x1f9fc92c7adc1746L,
-        0x23a116c0843065c3L,0x36370a2061e6ae69L,0x626c37362aa47e73L,
-        0x540c25f2deff6d84L,0x9804824ccdbed2d4L,0x4b5bfce0039a9492L,
-        0x6c474a5676942e01L },
-      { 0x3aeb9a417d88e3a1L,0x105d3c88c484742aL,0xe59de8d13fe61131L,
-        0x148f5b6b1a869e8bL,0x7a8abc59aa75d90aL,0x2f0c9bc762146013L,
-        0x43faa747c3824cd9L,0x81763a186a5d0b92L,0xbbc341bc9bcbaebcL,
-        0xe1813160f745d1ddL,0xa53ce52db75ce5f4L,0x15eae66cd50de4c2L,
-        0x5ed8996c75d7656dL,0xe4ff5711c4ca552aL,0x215e985a3c5305b4L,
-        0x6b258954fa1ba2ceL } },
-};
-
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_16(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_16(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#ifdef HAVE_INTEL_AVX2
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * Stripe implementation.
- * Pre-generated: 2^0, 2^128, ...
- * Pre-generated: products of all combinations of above.
- * 8 doubles and adds (with qz=1)
- *
- * r     Resulting point.
- * k     Scalar to multiply by.
- * map   Indicates whether to convert result to affine.
- * ct    Constant time required.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-static int sp_1024_ecc_mulmod_base_avx2_16(sp_point_1024* r, const sp_digit* k,
-        int map, int ct, void* heap)
-{
-    return sp_1024_ecc_mulmod_stripe_avx2_16(r, &p1024_base, p1024_table,
-                                      k, map, ct, heap);
-}
-
-#endif /* HAVE_INTEL_AVX2 */
-/* Multiply the base point of P1024 by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km    Scalar to multiply by.
- * r     Resulting point.
- * map   Indicates whether to convert result to affine.
- * heap  Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 16);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 16, km);
-
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_1024_ecc_mulmod_base_avx2_16(point, k, map, 1, heap);
-        }
-        else
-#endif
-            err = sp_1024_ecc_mulmod_base_16(point, k, map, 1, heap);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply the base point of P1024 by the scalar, add point a and return
- * the result. If map is true then convert result to affine coordinates.
- *
- * km      Scalar to multiply by.
- * am      Point to add to scalar multiply result.
- * inMont  Point to add is in montgomery form.
- * r       Resulting point.
- * map     Indicates whether to convert result to affine.
- * heap    Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
-        int inMont, ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 2);
-    SP_DECL_VAR(sp_digit, k, 16 + 16 * 2 * 37);
-    sp_point_1024* addP = NULL;
-    sp_digit* tmp = NULL;
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_1024, point, 2, NULL, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16 + 16 * 2 * 37, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        addP = point + 1;
-        tmp = k + 16;
-
-        sp_1024_from_mp(k, 16, km);
-        sp_1024_point_from_ecc_point_16(addP, am);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_16(addP->x, addP->x, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_16(addP->y, addP->y, p1024_mod);
-    }
-    if ((err == MP_OKAY) && (!inMont)) {
-        err = sp_1024_mod_mul_norm_16(addP->z, addP->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_1024_ecc_mulmod_base_avx2_16(point, k, 0, 0, heap);
-        }
-        else
-#endif
-            err = sp_1024_ecc_mulmod_base_16(point, k, 0, 0, heap);
-    }
-    if (err == MP_OKAY) {
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            sp_1024_proj_point_add_avx2_16(point, point, addP, tmp);
-        }
-        else
-#endif
-            sp_1024_proj_point_add_16(point, point, addP, tmp);
-
-        if (map) {
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                sp_1024_map_avx2_16(point, point, tmp);
-            }
-            else
-#endif
-                sp_1024_map_16(point, point, tmp);
-        }
-
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(k, NULL, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, t, 38 * 2 * 16);
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == MP_OKAY) && (table == NULL)) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == MP_OKAY) && (*len < (int)(sizeof(sp_table_entry_1024) * 256))) {
-        err = BUFFER_E;
-    }
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, t, 38 * 2 * 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_point_from_ecc_point_16(point, gm);
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_1024_gen_stripe_table_avx2_16(point,
-                (sp_table_entry_1024*)table, t, heap);
-        }
-        else
-#endif
-            err = sp_1024_gen_stripe_table_16(point,
-                (sp_table_entry_1024*)table, t, heap);
-    }
-    if (err == 0) {
-        *len = sizeof(sp_table_entry_1024) * 256;
-    }
-
-    SP_FREE_VAR(t, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#else
-/* Generate a pre-computation table for the point.
- *
- * gm     Point to generate table for.
- * table  Buffer to hold pre-computed points table.
- * len    Length of table.
- * heap   Heap to use for allocation.
- * returns BAD_FUNC_ARG when gm or len is NULL, LENGTH_ONLY_E when table is
- * NULL and length is returned, BUFFER_E if length is too small and 0 otherwise.
- */
-int sp_ecc_gen_table_1024(const ecc_point* gm, byte* table, word32* len,
-    void* heap)
-{
-    int err = 0;
-
-    if ((gm == NULL) || (len == NULL)) {
-        err = BAD_FUNC_ARG;
-    }
-
-    if ((err == 0) && (table == NULL)) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    if ((err == 0) && (*len != 0)) {
-        err = BUFFER_E;
-    }
-    if (err == 0) {
-        *len = 0;
-    }
-
-    (void)heap;
-
-    return err;
-}
-#endif
-/* Multiply the point by the scalar and return the result.
- * If map is true then convert result to affine coordinates.
- *
- * km     Scalar to multiply by.
- * gm     Point to multiply.
- * table  Pre-computed points.
- * r      Resulting point.
- * map    Indicates whether to convert result to affine.
- * heap   Heap to use for allocation.
- * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
- */
-int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
-        ecc_point* r, int map, void* heap)
-{
-    SP_DECL_VAR(sp_point_1024, point, 1);
-    SP_DECL_VAR(sp_digit, k, 16);
-    int err = MP_OKAY;
-#if defined(HAVE_INTEL_AVX2) && !defined(WOLFSSL_SP_SMALL)
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    SP_ALLOC_VAR(sp_point_1024, point, 1, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_digit, k, 16, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(k, 16, km);
-        sp_1024_point_from_ecc_point_16(point, gm);
-
-#ifndef WOLFSSL_SP_SMALL
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_1024_ecc_mulmod_stripe_avx2_16(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-        }
-        else
-#endif
-            err = sp_1024_ecc_mulmod_stripe_16(point, point,
-                (const sp_table_entry_1024*)table, k, map, 0, heap);
-#else
-        (void)table;
-        err = sp_1024_ecc_mulmod_16(point, point, k, map, 0, heap);
-#endif
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_to_ecc_point_16(point, r);
-    }
-
-    SP_FREE_VAR(point, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(k, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_16(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_16(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_16(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_16(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_16(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_16(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_16(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_16(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_16(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_16(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit tx[2 * 16];
-    sp_digit ty[2 * 16];
-    sp_digit b[2 * 16];
-    sp_digit e[2 * 16];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 16 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 16 * 2;
-        ty = td + 37 * 16 * 2;
-        b  = td + 38 * 16 * 2;
-        e  = td + 39 * 16 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 16, base);
-        sp_1024_from_mp(e, 16, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 16);
-        sp_1024_mul_16(b, b, p1024_norm_mod);
-        err = sp_1024_mod_16(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 16);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_16(tx, ty, t);
-            if ((e[i / 64] >> (i % 64)) & 1) {
-                sp_1024_proj_mul_qx1_16(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_16(tx, tx, t);
-
-        XMEMSET(tx + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_16(r, tx, ty);
-        err = sp_1024_mod_16(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Pre-computed table for exponentiating g.
- * Striping: 8 points at a distance of (128 combined for
- * a total of 256 points.
- */
-static const sp_digit sp_1024_g_table[256][16] = {
-    { 0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L, 0x0000000000000000L, 0x0000000000000000L,
-      0x0000000000000000L },
-    { 0x170a46d2335c1685L, 0xeac9e971e1007a58L, 0x40e8f3df43ca4a73L,
-      0x2646f81582642475L, 0x3af49bb4b36576d1L, 0xd89e2d1472bf1afbL,
-      0x27be882c2fd151e6L, 0xaddedc858f88717cL, 0xd6d859bf16ac6c6fL,
-      0x0e741a1b2d8eae58L, 0x6faf7a0061c1f30dL, 0x66dbd09a9b67e096L,
-      0x21f11c067d3b4f7dL, 0x6152ba02c727c98eL, 0xafd58891e86cb221L,
-      0x59e93c6a6bd3baf4L },
-    { 0xe54dd36f71dd4594L, 0xbbc9cc9f00aef1e6L, 0x9ea5a44ea19f6530L,
-      0x8588aa993f520928L, 0x9753794c8f5c1418L, 0x118bd792c11399faL,
-      0xb9bd3afdf5cb6ab5L, 0x813d1cb22ecb9652L, 0xfd45626740389813L,
-      0x51f7119b4ac8431cL, 0xdd9f6a910a180eb6L, 0x13946d179f7bfa2eL,
-      0x16f1863150a9d0d9L, 0x5f19c20d6f8373d3L, 0xbe85ac6a9b6a52b9L,
-      0x63ef187b74f62e03L },
-    { 0x7c376b7f016f45e7L, 0x1c1bdb572bec82f8L, 0x7392f741ce429b60L,
-      0x6fdbf0a2c7afd81dL, 0xbda41b1f7241098bL, 0x5b407474bb60f8cfL,
-      0x933e0d41b330bc4dL, 0xae182830733fa3beL, 0xa0ed299b0f5c6cd1L,
-      0x7ff3354e3f9860c8L, 0xb136098615559c41L, 0xab0cb63c129f85cbL,
-      0x682ecc4947685fbeL, 0x505e8ec2eb199633L, 0x90dcc794ddac2cdaL,
-      0x4fe6791cf192da23L },
-    { 0x94a423d505e8733cL, 0xcc845e651d5717c1L, 0x237c7e88e961b322L,
-      0x0c4471c6db4181ccL, 0x00c875e2713bd721L, 0x9dfde9edb2c17b09L,
-      0x430a6de5e88ceaf6L, 0xaaa7a61a7b81cea6L, 0xea52d026233f98d5L,
-      0xb55efdd060689a9aL, 0x30cfa7ce5cac4aabL, 0xfa4db1148e950761L,
-      0x309570c44e9a1e52L, 0x18c21f611a040170L, 0x555d1ffebe78d9d2L,
-      0x04482a18561db297L },
-    { 0xe7758ac273d486d8L, 0x8169f94661cdc1e7L, 0x723c99fc2188ab4fL,
-      0xa0e54f02f3373630L, 0x560bee25bd8c2260L, 0x28fc307c4531bc60L,
-      0xd6f21f1a7e44feb5L, 0xc8e4499c57128d37L, 0x963b053ed7b2ea45L,
-      0x40c27a0432a3d222L, 0x5b51854d35459668L, 0x66e1a49fd73557e9L,
-      0x0d267fd98692077aL, 0xfa1350d3e7342702L, 0x1a9c3f2568ccdb44L,
-      0x833a0ff8dedbf89fL },
-    { 0xa8c419c7ab376b76L, 0x3b7294f327d0f0ccL, 0xe56bb9e2a90c514dL,
-      0x931ba51ea62575a6L, 0x56fee07b098c0a88L, 0x04be5aeeb4c16a2aL,
-      0xe513350be6eb260bL, 0x339edad6a1d5c270L, 0xf366ed59e9dbadd1L,
-      0x4213be882dd06ec0L, 0x22d639c8cb1187dbL, 0x1fec95e1d8a1058aL,
-      0x03f73ea6a2b744f1L, 0x741fd51af4f05c0cL, 0x2e2df95a85f811a0L,
-      0x692b3ce3eb24965fL },
-    { 0x0ce6cb72d2a127b4L, 0x66a46ea58f92816fL, 0x43ecf46347a37616L,
-      0x163d9a01e0ab96eeL, 0xc8145c6db2edbe8cL, 0x2f426cae4de4e665L,
-      0x174d0b4074e252f9L, 0x54c240d77d2af831L, 0x581fa3973d652936L,
-      0x05b9491ca09d4695L, 0x8c4e85335452643cL, 0x32d64331d4128327L,
-      0x6447903870361f25L, 0x774191b189ef09f2L, 0xc0cf0aaf81de5fe0L,
-      0x333e430af40042d6L },
-    { 0x5df04de4cf26d3b7L, 0x57a77306b53f79beL, 0xa4013c5f1808b664L,
-      0xef291ea485037360L, 0x1ffc9d7d0b061037L, 0xd9d04dd965c913bbL,
-      0x948a37aff13b8587L, 0xb5443483fe3ee755L, 0x3fc21e7404631386L,
-      0xb3a104e5cddeb58cL, 0x94fe18626572cd52L, 0xeb9a71a115aaa408L,
-      0x8adc6fe5459ea462L, 0xbb18d1754aeb02a3L, 0xae1276362f7791d1L,
-      0x10e8b31dd6bbd708L },
-    { 0xb87f03e53ed9f1afL, 0x03ad247756676166L, 0x38dcd63074ce15b8L,
-      0x1877e2b026b1e85bL, 0xb1654d171af99c15L, 0x9782e9e49382547aL,
-      0x6dc7fc7c26d55ef5L, 0x9038f95d2fbeb54cL, 0xfe590dfe036c0357L,
-      0xcfcb6eae4fdc3f7fL, 0xcb1fbc54f35e1a88L, 0x3c8e1db2da0a5568L,
-      0x9a87393f5b6f5557L, 0x38646b32e7ac0a06L, 0xfd261c832a8495abL,
-      0x6485524c0cdcc4bcL },
-    { 0x1abfb3e2c4a6ff2aL, 0x2aa03fba35a6428aL, 0x884227f089aff742L,
-      0x2337883aba5dbd93L, 0x38186ae9d2a182cbL, 0xb9f0764d49a01f05L,
-      0x92411feb917b1e7aL, 0x700b1903570cbb5bL, 0x5d5181d5b914be7cL,
-      0x135c44371981182dL, 0x32758d24574b9997L, 0xa650a8f5632d28b2L,
-      0x24078bacfa383f09L, 0x6546a60c00a33d80L, 0xa4061c7a2df8b449L,
-      0x1f76f3f2f234563cL },
-    { 0x9aa2c14344c436b0L, 0x790705561f69c87aL, 0x35f3117b5f6db2dfL,
-      0x85761f41ed56ba82L, 0xf831464f7d0afa48L, 0xa99f29153adce71eL,
-      0xb27bf693116b7488L, 0xa98a5a8c9bb9443aL, 0x7f8780262ee5fde8L,
-      0x3a6f93dd1812acb7L, 0xaf92a4ccdc84bc92L, 0x3c2562aff1d4995aL,
-      0xfd9fc33c04ed899dL, 0xc028ca944ed2a538L, 0xd0f367bb049ea726L,
-      0x04924ffb3d108e05L },
-    { 0x06548e3dc673562fL, 0xd3b33025e2eae48cL, 0xe61fd32b5e1c6977L,
-      0x424e20646ebe557bL, 0x767391c041d6e18eL, 0x4b8ebb8e14d7e95bL,
-      0x4ae8b7d420991b8cL, 0xf8a0df66e01290d3L, 0xc97e24a3925e5f4eL,
-      0x79a7b2cb1508272aL, 0xb40b072e25072661L, 0xdad9e1829062fa49L,
-      0x8780a784f3c53bceL, 0x58a82b769f142799L, 0x08cd849cc1468426L,
-      0x4dfce809c380ae35L },
-    { 0x45069cb2d527b780L, 0xd52da015977930ddL, 0x10cc600be27d0263L,
-      0x34102c26bb2d1b2bL, 0x4c652623554adf3cL, 0xd689138245f0ff47L,
-      0x83fa8cc5ca916e7cL, 0x1e10f139d15c8d8aL, 0xf173dc2e81dc56b3L,
-      0x7fcecb045c4ed9baL, 0x307fd7d847d01228L, 0x24a571539f3a532fL,
-      0x59e9e81de2153c22L, 0xc562595de428a408L, 0xdc7daff89339bd23L,
-      0x0d075908b8a06802L },
-    { 0x870af2a7de085f2aL, 0x88fcd24fbe99b2e5L, 0x88c0d26159ca413bL,
-      0x1f02a2e48559f851L, 0x83b96021f622da0dL, 0x5c05c2f56dca3615L,
-      0x0148cf1c7910c682L, 0x392f2896272695beL, 0x883d0bb5a8d64ef6L,
-      0xef0d22441cfcbc52L, 0xf5dafcec526117e5L, 0xb68612b9f04928e9L,
-      0x283f744d393f2e2aL, 0xfbeed7ed700c1151L, 0xf2cde215a4360dfeL,
-      0x24fa961c2f08535aL },
-    { 0x0767db3f616df7f6L, 0x643057d8fbd90326L, 0x174daa906e82d544L,
-      0x2284f345689643dbL, 0x18b191dfcc89a060L, 0xbab46af4d6c27d12L,
-      0x5a57f486c9895145L, 0xc03214e9cc942f9eL, 0x273e1c8f41950158L,
-      0x8ceb759f39ad43abL, 0x5e1b8b7fe50ee173L, 0xf635b1fc8f4d7d4eL,
-      0x8eff77e3755603f3L, 0x201f61d17752fa60L, 0x94d7a03d4a6fb6e1L,
-      0x371cc23dfc4f0114L },
-    { 0x289b115dda90c351L, 0x6d196ebf364d9c06L, 0x77a89202f650b31bL,
-      0xcc28c1646f57642fL, 0xdc4f7e3608100127L, 0x8836cd08dc4c807bL,
-      0x1280f156e00240f2L, 0x3f9a6d7899cb3953L, 0x40a494d33a802038L,
-      0x45697e91e87d3474L, 0x70d97d0726dde24aL, 0x06f6a58d7640c30eL,
-      0x03c2c0e85ba6e6c6L, 0x330f6a7af1bc13e8L, 0x3e602e4fc9f4d78fL,
-      0x92b6bca00c80fb7fL },
-    { 0x2e3d5c835f00822eL, 0x0e825712b8b16f12L, 0x81c329c492b0a330L,
-      0x6b4e32ada7cc1954L, 0x0bee9cee1bb1413fL, 0xedfb7baa4a92ca27L,
-      0xcd472afaea3b9153L, 0xe8f09e7e00f0c0f9L, 0xa4e1d8725cdebb70L,
-      0xfe2bae084a9b63b6L, 0xf40141b83fd58f65L, 0xd7ec5edaa3b62759L,
-      0x9aaf6e67790e3088L, 0x215ad8301f277e31L, 0xe7db4b98cf33871cL,
-      0x71ff62c94f02f89dL },
-    { 0xaa4c71022a4a84d9L, 0xe2ee4acd5ebc71e6L, 0x3b11a8a5f1cd6578L,
-      0x83f5ef9ffff120a5L, 0xa4c598e109e65033L, 0xe1e9f990ca044180L,
-      0x8b832d46f59828c1L, 0x753f28a033af536bL, 0x92edc4b1b6d4f68aL,
-      0xedde692a72ccd1f0L, 0xd3aa0f7dd2226432L, 0x38dbb63ea3d2661cL,
-      0xf1e19fc6fdc37ddaL, 0x6c18b35084ef6b4cL, 0xe6a83fe9df1bba69L,
-      0x40fd47e75f958273L },
-    { 0x5b88b746267140a4L, 0x6dbbfc1eeab6f2fbL, 0xdd9ec88e69862548L,
-      0x69beeba12eb6efc2L, 0xcfc2214a8ac8ff88L, 0x95d5c96eb5a21950L,
-      0x93389c054171fb69L, 0x2d85d4521b468337L, 0x14d68a084113425cL,
-      0xe52c0139ec6c2174L, 0x20cf0b97f730084dL, 0x1ac16a261f578aa3L,
-      0x18b9fab3f9b6ae43L, 0x68d82111d854a695L, 0x0b334d98dffbe286L,
-      0x5b1c1157e639338cL },
-    { 0x90edaab172b6bb8fL, 0x8dc64ed202fc92c2L, 0xf42ba3c5fe694c73L,
-      0x316dc65fcb54dce4L, 0xcb2d66a3632420dcL, 0x16e706e7056dcf94L,
-      0x2809c764a4f32c9dL, 0xab18d830ea6edca8L, 0x4fd1ace681c65f57L,
-      0x1f91651c7da12c10L, 0x0ac3bd66c7791a48L, 0xb6ad1cf4785e67a3L,
-      0xe4d3fc44da0fd591L, 0xce1648016e1c6344L, 0x84de9cb833e50ab3L,
-      0x963ab83aa756eef4L },
-    { 0x944b47d8df4ea5a3L, 0x965688155cfe45feL, 0xd16e7d588a3c3564L,
-      0x84e55b3ee7c99e15L, 0x3fee204df55071bcL, 0x71006f2904057dceL,
-      0xfe8c390dbba75570L, 0x3645bcb63319adacL, 0x8189e8b07c20bfd8L,
-      0x8e5509697d7d9578L, 0x037d1321b99f4e3bL, 0x011b2521a60cfb6aL,
-      0x66594aaa837382daL, 0xc89b91fd83c1dc07L, 0x6b82b899076b9884L,
-      0x443480fcbe45c558L },
-    { 0xf8ffffb49114221aL, 0x4aec4f2e3e857a7aL, 0x42e2d0e40fa54787L,
-      0xef3e6b31d6f96152L, 0xb2296537fbfe9b77L, 0xc2a9d0f2fb43a86aL,
-      0x241284ed24572ac6L, 0xa3868917e721ba7bL, 0xdbef7c00c117a78dL,
-      0x38149071d31605acL, 0xc2dada9e065a8ee9L, 0xd5b138d8c442be82L,
-      0x9b6c224bf6d72b58L, 0xb9d355cf8eb03e6dL, 0xab6d1eb0a1700371L,
-      0x97118a88cffaa7ebL },
-    { 0xbf9c59a2cdecb5d8L, 0x8083c81ba93a6866L, 0x24e0dd8104774fbfL,
-      0xe779a3caa02070b4L, 0x9d352fbb0fbfb781L, 0xa8b0d8203ef2a1c4L,
-      0xb858637b14b3e501L, 0x5ba70a498a882ff2L, 0xa27300833b06efa5L,
-      0xa42c02f4102fee2aL, 0xe4e762998a0223a5L, 0xdba2ba2685c3fc72L,
-      0x554fe763fe52eae7L, 0x30b5405a270f45f6L, 0xd56a177aa573387cL,
-      0x17c0778d4b71fa82L },
-    { 0x0e6dff1d2735e37bL, 0xc9884e56656ec572L, 0xa2f5ac9d9ebba978L,
-      0x40fa4518ba09f3c4L, 0x8c3fa177f5b04377L, 0xa1a1decd967a2ecaL,
-      0x768bca700528bd40L, 0xf224952b18691c4aL, 0x16e12c45e86d5fd5L,
-      0x7a0d915737859a6aL, 0x723f4309a0ffce0eL, 0x5a8db79ba96cc9a3L,
-      0x6dd12ae01ad23a38L, 0x9ffec3a1e2bf5d84L, 0xd6ce84e1a452ed66L,
-      0x1219d5c8571fe4c6L },
-    { 0x43eaa67f262969ebL, 0x3a3ab39d2f03e773L, 0xe6127e5157bb0909L,
-      0x0f82b0ed8d150274L, 0xffffcad8e580bdbdL, 0x51d3d075a9743e6bL,
-      0x1484bdb18bac11d6L, 0x95cd9990eb24c388L, 0x216a61d07fac67c6L,
-      0x4308f762a04e6b87L, 0x2865dd61cba57cc8L, 0x3c296b0dd234a07aL,
-      0x76f928393a0793f9L, 0x70b57e1f0be29eceL, 0x1314a82f7e626f42L,
-      0x2c8d7ab2d657f230L },
-    { 0x67cf58920825e4d6L, 0xdf51eaa56ef83b44L, 0x63e665d81310108dL,
-      0x229f89f58dd0963fL, 0x8c4b14dd9df6436aL, 0x99dae469d45ebba7L,
-      0x118aab775a4df381L, 0xda8978bd29e37febL, 0x69ced5aaaca2d7efL,
-      0x6c98d05dc67d6a8aL, 0x7474bf0d77f84a34L, 0xd4428b2eed8cd59aL,
-      0xb0fd1cd5d1d398fbL, 0x596013db94a20b11L, 0x96eb705a1b404c44L,
-      0x2299d2774b09d958L },
-    { 0x5b9cd58dc64397e6L, 0xac198f1ebf6dd31eL, 0x5866d8e13e9f1db2L,
-      0x405ae2878fcdc68cL, 0xa4b280cde53c01fdL, 0xdc963f2d411db5f6L,
-      0xed5d5189bec4f8a0L, 0x336fd13d916ee98bL, 0x6925b1b3042df48eL,
-      0x0cf56291ace0074eL, 0xe8d38b4825317e95L, 0xc7ad1d2b821c446bL,
-      0x71c44135f0b65934L, 0x971b736f52ca0d50L, 0xaf9ffa5727b46c26L,
-      0x21ac67791936618eL },
-    { 0xab420e3f2d7fbcd2L, 0x1272247397bdfc18L, 0x492033f84df5d4b4L,
-      0x6fcd42363807b7d3L, 0xdfc19b09b33c3625L, 0x13d6f375a0f22814L,
-      0x70978a59037c19b8L, 0x4f3989970ff27b9cL, 0xfc0e1a45615a4389L,
-      0xffa3496a3e602f74L, 0xc3f1c431b261ca1cL, 0x612211dbee0164cdL,
-      0x30463ee4e7f7be9fL, 0x015f7e7892c2e1bbL, 0x663d88d624483a56L,
-      0x0e8ec1e70e62d9d8L },
-    { 0xa88ccc298a0878ddL, 0x99ac175d6640071aL, 0x90344820a5173617L,
-      0x316d023edd58a315L, 0x30785bd488d221a1L, 0xb74b3de7959c48e3L,
-      0x42ee03824c67a771L, 0x59ef6cdde0b91453L, 0x7830ae289b237e91L,
-      0xe1847a4c495d8325L, 0x67b1217ed0773666L, 0x58192c86a294a325L,
-      0x76aa0f56864d8326L, 0xe2a2bd12f4b13e5bL, 0xd850c1c01b6b73fdL,
-      0x653a795f5d103635L },
-    { 0xcfe2898550dcb199L, 0xb35b8e5e7fa02b60L, 0xbca7d7c3c97603d0L,
-      0xb0e5288d27f131b5L, 0x3aa704dee2b12d52L, 0xe206b1d81db725c7L,
-      0x0b12839ac5d1b113L, 0x14f970cbdb45d763L, 0xc997f93eb2125e8eL,
-      0xbd75739cee7daa26L, 0x46ecbd3f1fef20e9L, 0xf994a1147c6a42b1L,
-      0xd289eb4f27fb0fd1L, 0x11186d319a40da4bL, 0x083f65a5fb9d7976L,
-      0x30dfc47bd444675eL },
-    { 0xbcfc5ae29eaadfe8L, 0x25027e54b4d4e812L, 0xab0702df8b533561L,
-      0xa2b9c20456a6a214L, 0xb1a3df7a3059068eL, 0xa3514b219883110fL,
-      0xb7be2336c4b78e1cL, 0x17073ce63e2f6984L, 0x86e114a62ddf7ac6L,
-      0x276192bf07d7c3c8L, 0x5da69e0beb1ae289L, 0x983af17525184939L,
-      0x9ac52a4d407a3aa0L, 0x1535c7daae0fe218L, 0xe16fe872397f2501L,
-      0x572a591f54c212cfL },
-    { 0x4966841909a5553aL, 0x3f054318327733bcL, 0xf9ceb4b23eefd690L,
-      0xbd3cbf9bf22126d4L, 0x6d9671c02fed9578L, 0xbba597ceca0306d8L,
-      0xb705ed613d674fe5L, 0xf1d3622b67f33f76L, 0x15bcf3c611cb8c31L,
-      0xa38467dce53d1aa9L, 0x902fe929f908ab43L, 0x6e3e499d8d15767aL,
-      0x8142db5c90afd07bL, 0x120c6fbc6c8b190eL, 0x80c8655324919a4eL,
-      0x65c2cbe1d8c82c3cL },
-    { 0x684cda20a660bb63L, 0x27dc3b0a86e86245L, 0x76472cf66ba0eed7L,
-      0x79c162e5679dd158L, 0xb688427708452d44L, 0x829bc6b3413f579eL,
-      0x92ea15ec95011770L, 0x5e34e30047738183L, 0x8c3ca34973e1d2f1L,
-      0xa5c4f1dc229bd3deL, 0x783eff1b94ef7ed3L, 0x46db738ddfae7a1aL,
-      0x4353d72e1a099852L, 0x2533ad58a0dcf4abL, 0xd80550160e7888b9L,
-      0x831440d53ba77f66L },
-    { 0xf43e2e32f611b2daL, 0x5d066e29d0fa46acL, 0xe897f3e8820b3c0dL,
-      0xc45c28e61d3e44f0L, 0x929d7f66dfd27a66L, 0x735b860a101e8517L,
-      0xea3fce983de078ddL, 0xc9977db5638ce11aL, 0x0488382f48536b3bL,
-      0x7e0c7a3c64cadfc6L, 0x3cd17f7f82147b71L, 0xe95663cc1b411e3eL,
-      0x5739ac8f985fb46dL, 0x385399cdbcf119caL, 0x4a985a70e15a2815L,
-      0x504c3a8a6d5f4566L },
-    { 0x00b55283b8fa53c7L, 0x985cff38509474e3L, 0x234d241c437ce25fL,
-      0x29832430e5a129edL, 0x6ad38956aabcc674L, 0xa2dc001d7ee81ee1L,
-      0x4c23c6b6670b2702L, 0xb35e567ea6e8a3bbL, 0xbc70b3cea69673eaL,
-      0x85a7a9c3e6e28eacL, 0x2ae684de5537b7daL, 0x5ecac3e56de937dcL,
-      0xbf2ea6c9f8430422L, 0x38caf7d077fdc520L, 0xc27af0b169f56addL,
-      0x496e4699c71d21d2L },
-    { 0xba14fc829fa93467L, 0xc2e376840eb2a614L, 0x659bcfaf4833e09bL,
-      0xbc8597523686bdccL, 0x40bfd08081f3216aL, 0xc463bda617c081b8L,
-      0xbd01fa86bb04793bL, 0x5a21ece62cd640c5L, 0x97bf6a542203d5c4L,
-      0xceb40edc951167b7L, 0xd67aacaf765ba268L, 0x8ba0d9e9aeab51f9L,
-      0xc14b215eb0d6863aL, 0x354cdcdbe5f06952L, 0x4f2b5ccfcb3744b5L,
-      0x1338917313037fe8L },
-    { 0xee68064045003cd1L, 0xfdac17bc44ae2ac6L, 0x4bcd419fde8e5314L,
-      0x81e34eb9c7cea95cL, 0xbb57762d38f37e01L, 0xecc4cfb0260990c8L,
-      0x0bc493f950a34a7bL, 0x68074172543304efL, 0xaec0fcb26bc8aa2aL,
-      0x9e7a9b463b45fea5L, 0x4bb2952e55fbdbacL, 0x50f0c0a60485dff4L,
-      0x02c5104d4dea4796L, 0xd2cefa09695e3a02L, 0x4c8102b46da1f345L,
-      0x422eb573f3833fbdL },
-    { 0xac592eb6a6ad3f47L, 0xb0861f6d9714ba0eL, 0x57c1e91907281459L,
-      0xcf7c94e264ea5803L, 0x725376ac54b12723L, 0xf2a6ba41dafb736aL,
-      0xc89e8920cba03cdcL, 0xf2e20cb45b0fd3adL, 0x26ea5a54d66059feL,
-      0xee63fa8b889df8bcL, 0x40f1c7e166a3f2bfL, 0x09febc9c747312e1L,
-      0x7d19b9c2727999ffL, 0xa9fbbb4cb7fd2b05L, 0xcfba27d7a0da2dc6L,
-      0x368541cf2c252582L },
-    { 0x510d3c9e22799d37L, 0x1b677de5acfa333aL, 0x4e6ae18f080f795bL,
-      0x69b53c2aafc8dfc2L, 0x797541b60e842dc2L, 0xd5a6f2afac067fe8L,
-      0xd0208a03bd07d877L, 0x34b473f0654be2f2L, 0xe67c102af515e23eL,
-      0xb00dbf9d2ac1af48L, 0xe264fa41b6a13d00L, 0x1669786a97e94c11L,
-      0x09d8cf2d86a586f4L, 0x073bf869c7f927e9L, 0xb89778802241a566L,
-      0x59a5bf5922261334L },
-    { 0xe9d1c91e81347191L, 0x186c1abceb969972L, 0x07888767a9d46a7fL,
-      0xda93cfccdaa7d397L, 0x08bee9f1d91b9aa0L, 0x8267fd78f8dd3c6cL,
-      0xf93860d094228100L, 0x6a6a71aadadb47fbL, 0x9caa06b7a6156f8aL,
-      0xaa1b05e039848bc9L, 0x36ddc2372aaa9135L, 0x77e7e079b13f3bd1L,
-      0x8d0b5cbe4acc5f4dL, 0x04da45f8984cfd36L, 0xf14ef618d3d3e0f8L,
-      0x467564c143eb799cL },
-    { 0x8d725904b6fff5d7L, 0x037f33af92dc4752L, 0x9095d5756d20b8aaL,
-      0x32235fc143baec39L, 0xa2feb4af68a2b9b0L, 0x61c5031894d35c61L,
-      0xac92b6a2ea877486L, 0x8eb48b15011bc6f3L, 0xa28fe128c79edcb2L,
-      0x9f71bc0ca5d2a006L, 0xf31677322f15b850L, 0xfe8d728c7a036218L,
-      0x068f39cb4f81e09eL, 0x1773f0167b7c50d9L, 0x0d0f7adbed6a1e03L,
-      0x8a0dee164ee984d5L },
-    { 0x504991bf47366e6fL, 0xb8084d9fe86c3005L, 0x14c4c751a40cce36L,
-      0xbbb46aa63f1961e2L, 0x56a785f940445e43L, 0xdb8d1b57c91e215fL,
-      0x6a8e453ec7ee808dL, 0xc0367ef8bbaa1e8cL, 0x310d91f1e3e18109L,
-      0xf97cfd0e7e20a2c3L, 0xf1e80c84554cc277L, 0xe89bbc1d7b628403L,
-      0x7778a9663fe0a17cL, 0x9e9db19fc1f00073L, 0x2ce7fe7db6f6bed2L,
-      0x7b04b5d2ee97ce23L },
-    { 0x5b546bc782c5faf8L, 0x1a734c5e8eb81097L, 0x3d566861e77851e0L,
-      0x833a1013e956d51fL, 0xc7351731c3c3c37cL, 0x607738fbe0c148ecL,
-      0x2ec6f0bbe1bbef41L, 0x0aa2ac6ecfa51857L, 0x072902d766e3adf0L,
-      0xcd4d5089c622d6e3L, 0x3ae21b23a6dd802fL, 0xe5465a5533886372L,
-      0xd85119a0a8d81822L, 0x4f14d0323786977aL, 0x515b081c9c7b272cL,
-      0x1c6a95a4c99be31cL },
-    { 0xa6b14ad5c2821363L, 0x829c18234d17de1cL, 0xaef5d2c4ccade848L,
-      0xf412ab3982489e27L, 0x92c9c098f081d927L, 0x6f87bdf475cbad1fL,
-      0xf4aadab81a1d9fb1L, 0x475a7923b75f3b76L, 0x99dd0ad6dbbba8feL,
-      0x836f61644b70ab45L, 0x2a46488134bd9af1L, 0x5c91226eba9abda3L,
-      0x4cec8709e65625fbL, 0xd4b3919e0818e4beL, 0xa5c09c8414f6879cL,
-      0x72708a0230a864c9L },
-    { 0x4f33c0b1f34a466cL, 0xa1bae09c7f9d45baL, 0xd70f0fee0e28785cL,
-      0x824c714690880881L, 0xe2416c2abb043da3L, 0x733da713cec6f432L,
-      0x2b590649c9793e1cL, 0xdb62d5b0b35c9365L, 0x355eb6e23e5c1b2aL,
-      0xcfe8b5cebb16b515L, 0x9e081869f709691cL, 0xc865f9fb61a85bd5L,
-      0xf169d3ccfae103f7L, 0x9525c47373467e9dL, 0x7db55c0b43695113L,
-      0x7491c74c73265d21L },
-    { 0x312ed5bf80d2b94dL, 0x1b8ac633ba4b260bL, 0xac86c58cd62219a1L,
-      0x317ccf6baeb82c8eL, 0x2dfb29ee59ef9cedL, 0xdaa7d898e42bcd5aL,
-      0x93e295c85974b201L, 0x69e75784d9fc5adcL, 0xd6c4709f012aa3baL,
-      0x1fda9f37c85d3cb9L, 0xe5487e25d3dd4abdL, 0x00fd4b010b3ba22eL,
-      0xcb591493c6e8dcbbL, 0xb7329fabbce68664L, 0x6829d1c268906b76L,
-      0x8bcfd3e574176841L },
-    { 0x06882734d3c8c314L, 0x95f0b2f111870833L, 0xb937f7c3c068ba16L,
-      0x5365e0d877924787L, 0x15527e5e1f992227L, 0x0a06964827dffd4fL,
-      0xd58b3df22f586389L, 0x83446b896af20eadL, 0x09d7970b50746257L,
-      0xd9e8d2064022a691L, 0xd1e5f8af671ec379L, 0x6f542509057fe91eL,
-      0xf14dda8152890418L, 0xbd78010e1db932adL, 0x3e18d1e4905a9378L,
-      0x53cadcf7bd37ab49L },
-    { 0x1bb5edf75e53d0ffL, 0xd886606c888abf67L, 0x6491b0f812206d15L,
-      0xb3018345e22b6a33L, 0xaba6794bb173b317L, 0x8c1e58677dc9e595L,
-      0x4e106482239624d1L, 0x61752e59da55dd53L, 0x018b4eab9e42879cL,
-      0xcaf6784b491f2bedL, 0x3dcdb9d21e79429eL, 0x3694148510f26224L,
-      0x106f190aa650ec5cL, 0x7542a5aeb69a9760L, 0x69bd75e9c32d1046L,
-      0x90849964bf8c62b1L },
-    { 0xb1390cf65a93c661L, 0x184862649db5f056L, 0x92a93a9da51a1788L,
-      0x1b0cbb8f6772de9aL, 0x6e67febd7c71487cL, 0xf9b4382d4e62423eL,
-      0x96fda50ebb5a42f8L, 0xc921b3376089a4f2L, 0x49d32d7b875ec516L,
-      0xbd86d2cac410124bL, 0xf6862209c421fb7aL, 0x3e1949abf6b7de33L,
-      0xcdee18f0e93c9268L, 0xd4edbd5e08dc4cc0L, 0xc2b75be473580d22L,
-      0x3d7f6ffa468cd7e8L },
-    { 0xea7b290cdffbd5d1L, 0x9d759da6970338dfL, 0x56680b0890feedc9L,
-      0xbc690af542dce68eL, 0x8519df2bb2ae4d82L, 0x5612467f7f195b60L,
-      0x659a342cd83c21f4L, 0x55771bf555651633L, 0x5fc68935548ba562L,
-      0xb54192039492f23aL, 0x567528e39c9c6017L, 0x3f064ed4511e6019L,
-      0x303f9eb91d16a555L, 0x3e18c4fd2254abeeL, 0x40994d6ffd434e7cL,
-      0x8fb12d3f6dde74e6L },
-    { 0x6c6381a2293cb7a4L, 0x453e09f0b87b7e4dL, 0x4f212823078ac3efL,
-      0xe89ffad0578cae91L, 0x4a2b696a716ba4ddL, 0x14681a14f6f580a0L,
-      0x1358f97b4c2f1307L, 0x878969962932fb89L, 0x29dd850a268a5af7L,
-      0xaf771f6dfe239f83L, 0x5f20fd2e4f47499dL, 0x9b643e77867ca0e9L,
-      0xe7858ecd375981ecL, 0xbe946a5919ab1c97L, 0x4f9303a206ff3453L,
-      0x3fcc673175d237b1L },
-    { 0x509debd5df21f920L, 0xfaf70e1fc1401b90L, 0x2429cbfd95a64aafL,
-      0xf21208552c37a122L, 0x1d4c93f47deb926bL, 0x12f3e4c09fb3f1dcL,
-      0x56085a595b51bc46L, 0x2a2f5d62f10fdbd2L, 0x60dd62cfdf0cb3c2L,
-      0x154424a36b0f254bL, 0xc3a5a05d564612b7L, 0xbebe30cfa1f5249cL,
-      0x24ec69037e62a188L, 0x75f0fbacaf429939L, 0xd41345dcb3fa8685L,
-      0x645146fdc7151c34L },
-    { 0xecec633aba1924f9L, 0xbba6f136006326e1L, 0x203757ac7e50fc17L,
-      0xca531919ef3d8e00L, 0x9545a6aa51dc5a74L, 0x6e21d58fd31412b8L,
-      0x01bc30057bb1d000L, 0xf1789c696ed1a9c3L, 0x7af2d35f9858fa48L,
-      0x434d09b98197be85L, 0x1dc0775529aa265dL, 0xcad03be7c058fa80L,
-      0x92d70a9f54ba14ceL, 0x6dc785056c050a74L, 0x2a7ca4a94d005ddaL,
-      0x448d3d72abfb9f2eL },
-    { 0xdc56f14529b33989L, 0x868351bca9ae815aL, 0xb3f456134b074414L,
-      0x955ce42a3cd9f33bL, 0x13ade4ec5ff6e4a3L, 0xd3aac715a50eaa91L,
-      0x0c61ec995666efdfL, 0x108a28b8f6a4470aL, 0x402ef584e54844c9L,
-      0xb825b162d0e2f337L, 0x3dcd131fb46f7cbcL, 0x208178ec96f2fd89L,
-      0x4d8c5d6725928c78L, 0x285a33df9963c459L, 0x72497175d92a309fL,
-      0x76881479cb7019a5L },
-    { 0xba43a11491767eedL, 0x5e11b9ad92bf65dbL, 0xe8a22ce003a5e21aL,
-      0x636044212a335415L, 0xc2c563b44a9ead62L, 0x4bc06264a0b2aee5L,
-      0x75b8d5758bf2e1d7L, 0x1cff0ee7d08a265dL, 0x17914e1db0b712a7L,
-      0xc35925d04b18692dL, 0xde253f4c56cce815L, 0xa479241c9fff0e3aL,
-      0x50b9d06eddabed19L, 0x6713526059fae506L, 0xf37600fb532ce180L,
-      0x670eb01c5e5a8626L },
-    { 0xdf73c0af73cdbb43L, 0xcf08ecc57f2431adL, 0x917805412a1a3845L,
-      0x69a104f29224ddf1L, 0x4352f38dbeac7effL, 0xfc3b3b4e7c2d1322L,
-      0xa69e9430b5e4b476L, 0x7d932340975a46f0L, 0x8093899e5d64eeceL,
-      0x7b821250db2345e9L, 0x235529327f4b796bL, 0x2ee9cc154bb90b1fL,
-      0x1fa9c8f59112f7d6L, 0x2d0f2f981cbaae32L, 0xb77f03660075166aL,
-      0x504852e7635dff27L },
-    { 0x2f0f3ce5a2f392faL, 0x326c076aec6c9078L, 0xad01de9284baaaf6L,
-      0xb01b16d3cbe8e993L, 0x71305c242d950908L, 0xc66fd6173853af38L,
-      0x7735140ed3c429a0L, 0x8a31b12a1fabf027L, 0xa0530002058b3177L,
-      0xabffd9fca9c7deb9L, 0xd05ef69be8667d30L, 0x2f3a7308e9a9e13fL,
-      0x3f4c9a19b91eae9cL, 0x50d0cee7618ce6c4L, 0xfb24dc405240f8b0L,
-      0x992fe151f7e90cc4L },
-    { 0x4454db3138f197aaL, 0xa4ded69d87872f98L, 0x97b427b044f0a828L,
-      0x9821e1aea31e48c6L, 0xe38cb09fdd98efecL, 0x20b84fa8480cb3aeL,
-      0xba5bb4a847475573L, 0xa9be080acd50e96bL, 0xc4451e9cef103550L,
-      0x626ee75fc441325cL, 0x6eea5e9838a5e33dL, 0x7321beb9a2b0abd2L,
-      0xca92e4849b6082a9L, 0x1dc8168a992bcc2aL, 0x134ecf4b9c8eb9fbL,
-      0x5a68bfa84c5b71e0L },
-    { 0xb4ff3b45ff0a2bfbL, 0xd105fff95502f8b0L, 0x14de58855b1c0c26L,
-      0xed16865b0d3b9d04L, 0x2f5a2453026d3917L, 0x6a22f493f4db3c0eL,
-      0x4871548ae2418f2eL, 0x6ab363a8509bef61L, 0x91ca1e3ab8cbbbecL,
-      0x71e0dc984011a396L, 0xff982e0a0d5ca577L, 0xeb40b04581897bc1L,
-      0x4bc24a46085ad5e7L, 0xd15c8fa0a6337b7cL, 0x56ce6ef7bef1628fL,
-      0x78acfdf99f5ef439L },
-    { 0x45bf7f15f8520189L, 0x954202a0c77f61c4L, 0x39edc6b9dfa22e1bL,
-      0xd2d602671f4a3487L, 0xcd9339294814cc52L, 0xde76a12405e9f123L,
-      0xe2306ea0ae36b6f7L, 0x53815218b83a58e0L, 0x9862bb76a041231aL,
-      0xe8da253cbf31be71L, 0x2dfc533237de861fL, 0xf25c93f690ae4890L,
-      0x66bcb8f08baa6ed2L, 0x6f10ae0f908b4a29L, 0x8cb4b48cb061c949L,
-      0x0ad92d73d075a366L },
-    { 0xbfb95fedc2ca548aL, 0x4778c62080cd89abL, 0xbe99154b3466c280L,
-      0xea3be093d4be8902L, 0x847b799513e681edL, 0xf22a8f4b02f40161L,
-      0x3ef2cb4d4aeb7fe8L, 0x9adc5151b3aed5f6L, 0xec1ccfd198c31163L,
-      0xdc2ac17ba3d7d88fL, 0x08fa64d346421097L, 0x5ebf80b794b90bcfL,
-      0x1b78b4ba0b50a9ebL, 0x1a4fe934279aa66bL, 0x8ef4dcaf075b3cedL,
-      0x95bbd8a070a6e9aeL },
-    { 0x59f92495e614bbd0L, 0x7567a887b823e363L, 0xe247c9ecfc1bd6a7L,
-      0x2bfaaf478e835c42L, 0x314ef4e0aade066aL, 0x072baa635c16d336L,
-      0xfa429c71e2f0e389L, 0xcac1e5d0bd07d90fL, 0x69ff35ea514f5c04L,
-      0x893053fcc0554ec1L, 0xab1d86b72a35947fL, 0xe29fb0602aebe487L,
-      0xa0a10d6ddfb9cf21L, 0xad147059f20dfcf5L, 0x480dc66fb8867a2aL,
-      0x375a884fc125a919L },
-    { 0x178cbe2e1217f7eaL, 0x1a161e2a875c6dabL, 0xf7707ec01bdb1a54L,
-      0x678864a0e4fd73caL, 0xbaebc664d13a0d86L, 0x40325f99c8d30668L,
-      0xb93ed9c92f1c5950L, 0xfdf36763541e0667L, 0xfd97fbb0b91a6763L,
-      0x26aa69ea6079c9a0L, 0xc7303c801eaa8c47L, 0xdec75c81afa63c55L,
-      0x01cdcde24fd12adbL, 0x9fe0dda71968838aL, 0x66bb093b38415379L,
-      0x268d818b08cb84ecL },
-    { 0x73dae35841580555L, 0x4fc32e67473d103bL, 0x240c1013beccc1abL,
-      0xda4099f2b24ee9deL, 0x37b0cb5b9fa8e066L, 0xb5ae04e46438d7eeL,
-      0x7f7d31642b720140L, 0x86ef4edb339e4a78L, 0xa5e77eed3a7d8375L,
-      0x883fad37bd707c2eL, 0x816b633a0f979189L, 0xe24c028a2e7a208eL,
-      0x1171fe3c4435516aL, 0x3eb93b334f5f2bf5L, 0x8419ed4b01b53a56L,
-      0x8b02735c056ca44bL },
-    { 0xb89bb464e1019195L, 0x1de4c026f3fc28c1L, 0xac120e6e2bfc3b21L,
-      0xec71bc5a91bdf92fL, 0x485d7ab40d995bc9L, 0x97c6768ee6491ffeL,
-      0xd9552d19afbce265L, 0xbae6c7fe8e1b76c2L, 0x167d8281d7e3ad1bL,
-      0x3e149af95e989734L, 0xd1f0024c8a0c8182L, 0xf571ffdbc3006c0dL,
-      0xb32ecf7e58773d4cL, 0x5822a782fd3540d8L, 0x5ab45c3f04365042L,
-      0x400e3aa04b4d85feL },
-    { 0x473216495e46e4a2L, 0x37a2ed6424136074L, 0x659223b1c60ec77dL,
-      0x5e13aac3e5e0ac2eL, 0xda17c41bc5107ab7L, 0x65b22ec973c253dbL,
-      0xff3867b8a5012296L, 0xfed660d50621a99bL, 0xa3c28506c89fc3f5L,
-      0x3ed350b9f16451a7L, 0x27c3e03267cb586fL, 0xc807c779967185b1L,
-      0x09c157d44a13009bL, 0x362f7647adaf1f4dL, 0x4a42b9acf3a6a198L,
-      0x131c3da28da6e039L },
-    { 0x4a785ff1a7da83baL, 0xf415b425d04f4436L, 0x7c0899bdec03f812L,
-      0xc58d411a80f5f4a2L, 0x3d32d610fda251b9L, 0x99bb4504cd3b2f32L,
-      0x198c444bf4c2083cL, 0x60c261af730e83fdL, 0x060ca4dfcb02db90L,
-      0x0ff7838b9df1e7c8L, 0x6b79cf97c4c690c9L, 0x131514d75d75f154L,
-      0xa7c074f11cb0e8ffL, 0xb920aac1b2c17615L, 0xde8098ad44aa0ff0L,
-      0x71d1a46a34545ce9L },
-    { 0x76178f76fa1b382eL, 0xa0d8ecc3772dda0dL, 0xaa5aab2ac5d4d130L,
-      0x27d38ba48d72622cL, 0xc5410db6ca3bed06L, 0xf637a588793ceccfL,
-      0x1f65dafd6e65e3d7L, 0xc3b44a8560a45641L, 0x0f47b3a84f78540bL,
-      0x824fdadd5e4d60f6L, 0xd8ccf90c17d3b6d5L, 0x008eabdf325fc13aL,
-      0x3e90d7163648fab9L, 0x3964ff3a24c52d4bL, 0xb95cc416533d0acbL,
-      0x6cd2699f1167f521L },
-    { 0x2d8c0b3b12f4f3acL, 0xb03dcfe299d1bdfbL, 0x540034f830f37326L,
-      0x22dd68937c5a8c82L, 0xeb7093d0cd8f1442L, 0x892795a7585742f2L,
-      0xe15f282c087adaddL, 0x7bbdc74916ab7b5eL, 0xd30fe40ba58acbb4L,
-      0x0de417ebe2bac39bL, 0x4b4b19a6c61a04bcL, 0x9338c34df2735569L,
-      0xe8f0374230ab196fL, 0xfa2efcb86c88c965L, 0x19eee274c7eeb826L,
-      0x327c063fda345dc2L },
-    { 0xab399eff5b47cd53L, 0xbbe9869d1943aefeL, 0xe64ecc7b1402a866L,
-      0xc3e7c2aab1c25a16L, 0xc4216b79022de271L, 0xe58dfcc8366d6a5fL,
-      0xd159509eda813336L, 0x370400f2130bfb7cL, 0x1be4e05993b48780L,
-      0x0623a1fe39f3cd22L, 0x72aa22b2eecb4f87L, 0x1af4c4966c27b83bL,
-      0x7a42a94bda5fa5bfL, 0x9afba82248b01af2L, 0xeb6b9d2a3670112cL,
-      0x020f19d1c0df6856L },
-    { 0x37051a86a4dbba20L, 0xb618ebc6db1de5c5L, 0x9a780a19e6525840L,
-      0x9440302dd2bccc4dL, 0xe9ff023d10285a24L, 0x3b937ee33a486268L,
-      0xe37ee2f24cd61147L, 0x79fbbfd3a3d057cfL, 0x5fba16d3ccddefceL,
-      0x916058ec5b231727L, 0x47699ebe720c3adbL, 0x262743868b4f6bbaL,
-      0x54b0092af18a0770L, 0x99d090ebacca1160L, 0xf757e1ff0c888f60L,
-      0x79e72720b0050544L },
-    { 0x632acf252820a239L, 0xb1a3974eaae6b310L, 0xd61fd6ba48c0a1dfL,
-      0xd2453c395a3ee7aaL, 0x548455a0b980446dL, 0x9f29d97bde16676fL,
-      0xf252ca0c789375a1L, 0xe961af3e7743a985L, 0x70c79c5666cdbd8dL,
-      0x14a3854ecbc538f9L, 0x58daa73aa126851cL, 0xe9b5bb452a9f558cL,
-      0x37af7f83fbd15e05L, 0xa448792738a1939dL, 0xe428b2b59511a056L,
-      0x001d3ce37015846dL },
-    { 0xd6be36b9e145b1d7L, 0xf3e3938a009c5664L, 0x2e562e7de7c0f6dbL,
-      0x951044e6c343f539L, 0xa5ab62b8d90897b1L, 0xb1a1f70b512f797cL,
-      0x91cdd754750f28e4L, 0xb4c80e2fffb8165dL, 0x65ed39c7594d02b3L,
-      0xcc12a49d56833edcL, 0xe73694bcf3693a18L, 0x34cc134afcd2c404L,
-      0x071bd5fc11d40194L, 0x05759047fc585e46L, 0xb3280360790b7a04L,
-      0x4bb8c6fc40afc684L },
-    { 0x3120e2ddfd0f8796L, 0x6968a40db133c9deL, 0xfea366c0a9369c6eL,
-      0x37e5b6d66007273bL, 0x39e4ecf08cb81439L, 0x487fe9cd9febc005L,
-      0xeb8af4440199b53cL, 0x2f124e3b293519ebL, 0x860c218ac82c9c16L,
-      0xacd1d6f2709dc590L, 0x5696d54536d50529L, 0xc03f5df959120bfcL,
-      0x99a3e88d10ffa690L, 0xd4f9cfa56c432827L, 0x2e8fea9e9a135d89L,
-      0x3699a881b6a77e78L },
-    { 0x5bca33721eb1c64dL, 0xe9cf3a2df1d28154L, 0xb7e2e9b36537106fL,
-      0x06c171514f7cbf4dL, 0xcbde416e2058b37fL, 0x82c53a7e8834e9c5L,
-      0x94dbdfe2e9ac3a75L, 0x795ec6cbc5e67c02L, 0x8c23c25f1426a80dL,
-      0xee2cd20d6a8d4f9fL, 0x838daa54d3b7c235L, 0xb9e08ec03d7a4d52L,
-      0xca9475e9781cb473L, 0x7271f39e5ec31caaL, 0x1df08e9f82535187L,
-      0x4f3a4b03208aff8bL },
-    { 0x0f7b81071ed095f8L, 0x23e37fa6da226d4eL, 0x8b0f9852afb36d1dL,
-      0xb114634e07d8e311L, 0xb9634a97e3e0f16eL, 0x2454bb9c421eec37L,
-      0xb4ecd5dbd72b21c1L, 0xf96038686df20d7cL, 0x9f5359fddf86e0a2L,
-      0xc43d54fa5ac488aaL, 0x56d714abd1049df4L, 0x13152b3eb020607aL,
-      0x49be1c187a02325eL, 0x44f24f4a52ae84dbL, 0x9e525c030b5a7b80L,
-      0x6d874446a6d179fdL },
-    { 0xd29d07aabe9a42f5L, 0x1fd5316c3781ccc8L, 0x71a75a6d9dc69ea1L,
-      0x4e19e0df88fee91aL, 0x99c2b4dcf8d44f12L, 0x05f6df9231ae94e4L,
-      0x27fba876cf28ccc2L, 0x6e1a0f01f57f7cebL, 0xe03f1f34f3fd3b74L,
-      0xa0edc4a742c1d213L, 0x5caac2707deb8580L, 0x0f5d791faf0848bcL,
-      0x17f514ad07ac759dL, 0x95a39734904fc531L, 0x95a4aca97bb70f3dL,
-      0x3cf384c9ff9c5609L },
-    { 0x700506bace1fc9e3L, 0x49721742676b0399L, 0x2b4a1b8de72bf7b3L,
-      0xca8602a879b209f7L, 0x90580b90ce26a8e1L, 0x1ef339b7fe24f39aL,
-      0xb6c5d991629362e1L, 0x51174e1a577b24f4L, 0xf380fcb505e451e9L,
-      0xf4d97afb148321bdL, 0x099806bb747e5d2aL, 0x85525d65be99a608L,
-      0x264828d9d455e820L, 0x8c8c5405d8560a65L, 0x3c67e73c71030770L,
-      0x2b248850ee73df26L },
-    { 0x2173cde68541159fL, 0x78224c184fb410b2L, 0x07a286191f2ca1c7L,
-      0x52c207d6a8b23e40L, 0x071a0210a6b2344aL, 0xdb0e587cb5ed2945L,
-      0x6c56b8ef810fcc6cL, 0x1248c58f62d843b9L, 0x4b90363d74c66975L,
-      0x6348f7f2e66c66f6L, 0xb2f9d441c126bcbeL, 0xac07f2a373ce49e8L,
-      0x52486758e81b0df0L, 0xa108b54d1d4621d1L, 0x17261ece74414a1cL,
-      0x938b3bcc6a3ac215L },
-    { 0xa9e4a16be4ded340L, 0x8e65fb2a80e88036L, 0x97089606dcd73acbL,
-      0x1c3a0434aaa657a9L, 0xf304fc5849101b06L, 0xe60fb61ada0bb64cL,
-      0x818c2aecf5542df5L, 0x7402057656f76d5fL, 0xb566b79092533d97L,
-      0xae4655e574d6eb5fL, 0x60f7a1b5a55b44b7L, 0x7970179b93747ea5L,
-      0x8ae7e0e8f2dace56L, 0x9847460784e83c06L, 0x24e8c9ed15307341L,
-      0x6cff58a5d9e89d6bL },
-    { 0x508c01b003e51f68L, 0xe1d1f2251d2fe7d6L, 0xf7998d0b09bd8805L,
-      0x255e907a03e415b7L, 0xd148467d607d9798L, 0x055c3b1e9b453896L,
-      0x35001013809f50f4L, 0xfbbb2fa6d0233fdcL, 0x0b680b0aff1820b8L,
-      0xb1d404dc38d317e0L, 0x133d5444ccc8c7dfL, 0x7fa847e66ec13f84L,
-      0xc33f83d8046e2e48L, 0x3c627fc54863b3acL, 0x5f67f8aaeb936af7L,
-      0x5fe4ac8f31b79327L },
-    { 0x581aa4bf8b6f401eL, 0x05db12a3ad5c7ed4L, 0x7b0187266fb07b4aL,
-      0xfdd11f049c22bcd4L, 0x5454a7d469371c95L, 0x066c55fb99a46eafL,
-      0x18637c7c7fef96d0L, 0xbafc1d346b83e95cL, 0x55c3859300bb42dcL,
-      0xdd8dec2b34e7e712L, 0x69c9cfb0b184cee8L, 0x8dcc0c4249a27864L,
-      0x290d95f22010f2e7L, 0x86e254c96977a420L, 0x20931c89eb2abdadL,
-      0x81377164121c0548L },
-    { 0x6266b25e9c5a8edfL, 0x6e1388c21078a7adL, 0x5f02737d4876eedfL,
-      0x242fa7f962744617L, 0x3e2cfbd9b385382aL, 0xbadad7b102f71befL,
-      0x562abcfa677d0a92L, 0x573ebd1751fdff34L, 0xd7f658527c250c78L,
-      0xe0cf16eec47ca896L, 0x8ccd79b067622c9eL, 0x31fc5882f8f2c075L,
-      0x9232b37ea6008515L, 0x4d7bb36182e8c5baL, 0xbf24735cd2f146feL,
-      0x79c280ee9cd2db98L },
-    { 0xbdcc8203f2b48122L, 0xa8c04916b04ac48eL, 0xacf064dc9fc4885eL,
-      0xab83899782c1001cL, 0x7339e721676de250L, 0x17aa5aea8e1ab820L,
-      0x24d28ca06bc14b2eL, 0x570c5bb7816b6230L, 0x6c51235ccee6b606L,
-      0x1b2bf89f183eae42L, 0x3e3af3c69c66274bL, 0xe0b04426b51e38bcL,
-      0x26dbc58e73e40e3bL, 0x3f9dd578b5be5be4L, 0x9fd9f79152c8f408L,
-      0x758073a4a9e3ff4fL },
-    { 0x7d27b0578691ca22L, 0xf206bfd613a2a1b6L, 0xe84bd385ac795413L,
-      0xc5d18a2a75536607L, 0x2e166de7c8a0e24cL, 0x56d5750c3c474dbdL,
-      0xdef444c11366843aL, 0x14646e53cf4b8432L, 0x4bc0d030a9fd9783L,
-      0xbda4c824297ee203L, 0x3d0b10bffd7be6c7L, 0x2d21647608c7f3ffL,
-      0x06e52599b4fd4c45L, 0xfbab9fa149e9e104L, 0x9342a7fa8661d32dL,
-      0x3f3e3458faf66aa8L },
-    { 0x51ec35af951597aaL, 0xb677d4ac49df64ebL, 0x0276cd9c9bf4eff5L,
-      0x423eca49515a2935L, 0x8a696553fd9bb9c3L, 0xf99ee9dfede1f09cL,
-      0xb8fa2956199e5f98L, 0xb763875835292c32L, 0x8734eddcfc40e81bL,
-      0xd82d5e9f65457d95L, 0xc8ee323e30c78d2bL, 0xe77b2e4cc1433d67L,
-      0x56d9f8073c8314aeL, 0x441eede22a0e2f63L, 0x1e9e17ed6c48295eL,
-      0x640d20c434c294efL },
-    { 0x4e9a0b8e3284d513L, 0x074c3545f315053aL, 0xb36e740745acd52aL,
-      0xd80bdcfc1de50db7L, 0x8d9d47dc2549fc46L, 0x29b6ef13303f07a8L,
-      0x4e461aca6d4ad4c2L, 0xca8e351dfc9f1b73L, 0x8bc4094d57460e65L,
-      0xb6302b330f32d367L, 0x69a074b6285742e8L, 0xdfe52b11876c29c3L,
-      0xf39e4609912bd17aL, 0x8ee40d66349aa639L, 0xb968902ac72e05c1L,
-      0x0f9c1ca8c0d92816L },
-    { 0x1ebbaab367433df3L, 0xb6aa534715d3628cL, 0x13a320d897f0c5ccL,
-      0x72c918cb65e408f9L, 0x4b638854d5373451L, 0x731399a30b4dca09L,
-      0xcf2567300a3b1326L, 0x5ea60dfa6608b388L, 0x58ad74b07b290dfdL,
-      0x83202789d7694f9bL, 0x48593db8b6630fb1L, 0x3db47f70c65e3eafL,
-      0x63949c913e7263f8L, 0x9b9acec6e6e6ff33L, 0x34bd9ba7098a8240L,
-      0x7e31c12f45d36ec5L },
-    { 0xbe281d680dfd2dd7L, 0x1efacb0024ab61d8L, 0xb9c3005f94431f97L,
-      0x660c8dfa959cb3bcL, 0xfdd5fc30cffbb406L, 0x7a4631be7969a10dL,
-      0x336e309ede13fd1bL, 0x76b3bfadfc947076L, 0xfa91925ddcc72223L,
-      0x741f0d73156c4ee1L, 0x4f64ee410e2b3747L, 0x86be92d3efc4d93cL,
-      0xc53b7e03fc4fbb2eL, 0xac196cf5337ca1bbL, 0x4de41a307e23ba60L,
-      0x1a219c45326d5357L },
-    { 0xfdcf7ef8aa4db0bcL, 0x2e2318067b6c9963L, 0xc26390673d8a192fL,
-      0xc0cec2e2ffdc7771L, 0x997c8e35a2fc0edbL, 0x78e10ec182cc6043L,
-      0xfd0de2cb2b0c8120L, 0x4d6c457f69e57f8eL, 0x953e69b25b53f1c3L,
-      0x422a330ac4f89cb8L, 0x92ff232995566be6L, 0x73cd502d437442d1L,
-      0xf04ce590bea69403L, 0x6ac1537ef8030662L, 0xe02bcf77b6d0bf93L,
-      0x17aaa999bc90192fL },
-    { 0x0d3d56438e55db2eL, 0x835dee433b946851L, 0x1a1440e55b88462fL,
-      0xa6ff3b35ea17e27cL, 0x23f99c36dd95f7a9L, 0x7217fdd9bdd672cfL,
-      0xf400ac1edd2045c0L, 0x94b55c874ff06b25L, 0x0a44a0e50e4a49beL,
-      0xe8925e91b43b6813L, 0x78bedde1214f96c5L, 0x0f456a4c0f97fa97L,
-      0xa28fd86ba5bfd267L, 0x3b4b2d8fbe7608efL, 0xfbd5ff8c226474bcL,
-      0x6b282af0a5f3b24aL },
-    { 0x78fc025f6341a595L, 0x591c38d6a445e28cL, 0x72bd6e3deb446842L,
-      0x3f9466d375547833L, 0x911414d3083e16c4L, 0x145d946695a7acb4L,
-      0x102ddf098fd2fb64L, 0x2a2b2d2d0bfd87b1L, 0x69e9be5c59455088L,
-      0xee378bf4a80245deL, 0x80b0bd68b2306b0eL, 0x76a545c6c2be9f3dL,
-      0x429d167b4802c245L, 0x13e644272b412dfbL, 0xb664f529ee8d9762L,
-      0x6d4f5d2354706ebfL },
-    { 0x35c8f2b600ba9f88L, 0xfdc807e07bb6d0bfL, 0x0a126d42b3b81e5bL,
-      0x335ce6cea7ac781eL, 0x3e308e6ff37dcba6L, 0x028dca6263c96487L,
-      0x72eba57e8818434dL, 0xa9e3d59f79b78a26L, 0xd2f0a7dd2f07aea3L,
-      0xe0fe467824d05f74L, 0xb20851700116deb6L, 0x9c2a5e9258f37580L,
-      0xe78bd7a574070bb3L, 0x551fc872b9977d90L, 0x6eda93c440db81b4L,
-      0x4aaf0b4fd65d34adL },
-    { 0x9bef25063514c7afL, 0xb09e7dadbc181eadL, 0xef3cae878fa3ec58L,
-      0xd8dbfab5173b8685L, 0xb2490fc0921d32ddL, 0x4eef386b8bd9c466L,
-      0xc1cdd52fa061dbdbL, 0x64de989a25bc04dbL, 0x06f9836b85728636L,
-      0x11a5a8048be44aa0L, 0x16dede4e097018c7L, 0x72aec577b2c11fb1L,
-      0x144dade1a721ecd9L, 0xf99c526bd6ebf3a9L, 0xa1d4165b1c2e14d7L,
-      0x8b2cbd3982bc6337L },
-    { 0x28ec1bf28a52e991L, 0x0ba202f6cf9d42ecL, 0x8307d130c634ea45L,
-      0x3fc257b3c5762b9cL, 0xbd3298d1487c2a2dL, 0xca14f1a7a319488aL,
-      0xc70ca93b06ba06d2L, 0x9aa3f4b3ee405e89L, 0xcc64eeb335deeae7L,
-      0xd155f57803bf1d4cL, 0x041ec0b545616bfdL, 0x23df80e6086e33f6L,
-      0x399a79c8f0243cf5L, 0x86c2824e874ccd58L, 0x220eeaec8fc5c831L,
-      0x57e283047dbe3670L },
-    { 0x6e60b698fbcdf666L, 0xbdd06a998bebb1d2L, 0x4044adba80498436L,
-      0xd76bf75e522bc88dL, 0x655c4b9b28423b20L, 0x65c0f49253398a72L,
-      0x76d4f2b70ca37601L, 0x469899252030fa5aL, 0x96b37e87b6054705L,
-      0xef96f73153de1b2fL, 0x5ecbbc8cad54ef05L, 0xeb289d0aa93617b0L,
-      0x3ac0fbd57cba217dL, 0xd0d3cb5619d4a2d7L, 0xe8bee9d4c91d6063L,
-      0x4f12e037696ffda6L },
-    { 0x4ccfa42215f1a610L, 0x804a5c553786519aL, 0x1246a45473838134L,
-      0xfa15b4844b284e2aL, 0x36464c65146d1320L, 0xfb6ba88c70a8a0faL,
-      0x74e7cee793c4804eL, 0x8c34d22cb95ae16aL, 0x9d9ed89ff9c1d4ddL,
-      0x61a0866d32025371L, 0x45b232b29bd6444aL, 0xf888e92cf277bab1L,
-      0x73e69c6ea9448b02L, 0x1a496ea95b521ecbL, 0xa8f78ea75858afb2L,
-      0x83d2333eb1266f91L },
-    { 0x1c63328867b478d7L, 0xa1ee1ae150a2fc9cL, 0x05b6ab3018d2241bL,
-      0x69f1f288893cd696L, 0x159d6660a8117a87L, 0xe812011970e73d77L,
-      0x528fef0093f55f0aL, 0xb3978db8d854dfb2L, 0xd6b43ef6f45d9fbbL,
-      0x17de4bfed5bee397L, 0xa01e0f596bf76dadL, 0x28b2280e3d40754cL,
-      0x8edb6122f8e86ef3L, 0x8226b6afb7d1e586L, 0x463532152f40a55bL,
-      0x7362f13ec5a31621L },
-    { 0x792eb27c73c0c430L, 0x8cc0a65fa51c3657L, 0x50a5ceced2194f1bL,
-      0x18945688814b4947L, 0xbbf0a81a4b6fbbf4L, 0x376f4f58f0aa8608L,
-      0xd9361d683987795eL, 0xb6510cd8e3a8d0d5L, 0x63e2fdbfb6c1a455L,
-      0x2c91154eaec891f9L, 0x0eb1e715ff568f64L, 0xe7af9cd72f2b399eL,
-      0x1fc39bac89f0bf0bL, 0xf0861d9290983695L, 0xd9b16f02da0a20a8L,
-      0x2f10693fa38c0eadL },
-    { 0x07a6ce910c06ded2L, 0xf974842f2fd9087bL, 0xe468bfd6a9f635a6L,
-      0x04b618911ed60626L, 0x1fb2f89f369ee548L, 0x9cbd1113dc96a201L,
-      0x6759acfe10d633acL, 0x64ba66fc8faa629eL, 0xa686ae4947f38283L,
-      0x828c3a05d59cda99L, 0x7c7afb1408ea2f6eL, 0x2551c8e4af3953c8L,
-      0x5b53d2799daa9e4fL, 0x1eff68d4ad6f1940L, 0x2775dbdd96437cdbL,
-      0x985f83e44fe7a043L },
-    { 0x89603c16eaf45294L, 0x70131160c24b5751L, 0x4c11201839d6b52dL,
-      0x7079cf02ed943340L, 0x0c5b028b74f41b68L, 0x3dc3f0769c8ac1e1L,
-      0x5ac5eea3f8b24f0eL, 0xee6684bae34c5c22L, 0xa5259e639abc452aL,
-      0xb07d2cd1e9df45ccL, 0x07019c931a443cfaL, 0x68fddaa992c003b3L,
-      0x2d9f179c0d8cbc2eL, 0xbbf15a6f1e781ca7L, 0x54d779d550dcc799L,
-      0x0c88e5400fe962f1L },
-    { 0x84f71a6ae8f44357L, 0xf75b4bf63a3cab6aL, 0x334c9d9e5aebc680L,
-      0xcecaf0848a753ef2L, 0xe28014c1075e3c8eL, 0xbb9d5a38f74f8d3aL,
-      0x75988464b80e32aeL, 0x7b328e6ff2bc3792L, 0xebbb1fafeed0e197L,
-      0x674eac955a33065aL, 0x8c19fd8f922dbce8L, 0x8c17ae85987b907aL,
-      0x89f336273b3a2cd7L, 0xebaea019fa87772fL, 0x4e5de4993a25ced6L,
-      0x8e2560b8af110715L },
-    { 0x56d3746c3141aba6L, 0x45a1079fbab2cf9eL, 0xb63828319cdd27c7L,
-      0x222376329dfd950eL, 0x1e0b15cd3a9408ffL, 0x49a80200b1160118L,
-      0x2719db5da383bba7L, 0x6078340a651046d5L, 0x8929d4de97523b1fL,
-      0x4040345c8e0a28abL, 0x61275ac20adf09c7L, 0xb41ab2652331d611L,
-      0x230cc77c5391ca50L, 0x88be0c928f922315L, 0xfef3d92b92fd9a29L,
-      0x59005f228324f2e5L },
-    { 0x6bb1750c3c4c1c74L, 0xbe73aac0e966fb79L, 0x85a75d9266c5973fL,
-      0x8c97f9323a8656b6L, 0x2b7043b150446cdeL, 0x548916f73ff3897fL,
-      0x913dd01cb18b72b2L, 0xd0a751f1488c0de6L, 0x191757148558ca58L,
-      0x9771430144a663daL, 0x2df190acb0e08618L, 0x0080fc0cf39ead9cL,
-      0x0085ac6e17382da1L, 0xe97918513262a338L, 0xe4495936b43bae8dL,
-      0x57a78e26d783df6eL },
-    { 0x161b346f40dbddd8L, 0x2b49a9279410c3acL, 0x8c5427831886cf3bL,
-      0x72df323233b93debL, 0x9c8d59f540df579dL, 0xe5d7a67dc20ef500L,
-      0xc46b391867f08643L, 0xecfa2445ad96adc3L, 0x658f589b0c4544d0L,
-      0xe6ec9301e08417d7L, 0x6ca5ef6ac454e288L, 0x4191048fac0f462dL,
-      0x852407d808d8a036L, 0xb4c533a7f6d35b7eL, 0x3251e4128f6ada87L,
-      0x1ca370c581c472e8L },
-    { 0x94bd5171a801b68aL, 0x7312879cfd1998b3L, 0x4905aabf41163202L,
-      0xb5fe87f4f5b01fdbL, 0x78de523a9cda128bL, 0x0bf161a1c7bd31f7L,
-      0xb5decfd023904c35L, 0x224b2882e188f12dL, 0x0dd2801df99dae74L,
-      0xcad467b508cd1cd2L, 0x6c311c3dc0867e39L, 0x71a117202b425072L,
-      0x83bf464e2efd9003L, 0x53d0448a1dbd3b03L, 0x32db52f4e6265baaL,
-      0x2584b34c4c33ac79L },
-    { 0x3cb863892aeec688L, 0xa5e740ba45fbe523L, 0x422e71f7fd60b5f8L,
-      0x455d185c4874913dL, 0x04c2bb36fa17d80dL, 0x3f271854ac054524L,
-      0x76dd3045a8b9a657L, 0x2e42c3e162ee7cc8L, 0x002667064df6c7d0L,
-      0x5927dd51dc7cb488L, 0x6b3faabe187897e0L, 0xfe6ad22ef2d5737cL,
-      0xafb60269ff51a9ffL, 0xe1c8354569807baaL, 0xacddb6ff951ca49aL,
-      0x7e8113743f9ab085L },
-    { 0xad722a8b830a88b1L, 0x91918ea8ce1117e1L, 0x3e02d0b80409b47dL,
-      0xb53812d36c46d1d3L, 0x2fd09db0e589669cL, 0x9845cd0615b0cd5eL,
-      0x0c1c155a2386c453L, 0xda774de5f5ff43cbL, 0xbb076b98e391c0cdL,
-      0x97d71eff5004f286L, 0x23e0b46caeec0bfeL, 0xe453866732a1ad94L,
-      0xfe0c9f81396da422L, 0x6376c1a263db2bfeL, 0x001c7918ba56fa91L,
-      0x436b8c64df8485a6L },
-    { 0x88117e9d8ab764bcL, 0xdfa61e94a077df84L, 0x5a7765d30c18eebdL,
-      0x548916affc9451dcL, 0x01a52e33071a347aL, 0x633b95deb23b41dfL,
-      0xdd7d68c943c8c286L, 0xe4f9d41e18d97068L, 0x79908b908c92799dL,
-      0xe614148ed47394a3L, 0xe5018517cd51e53fL, 0x5060075e0243dcb6L,
-      0xe5dcde6217954405L, 0x6f7c90e1537da5ffL, 0x1df7aae40768cb66L,
-      0x5266ca9e6dbe95e1L },
-    { 0x84ddee6d1386b3dbL, 0xf9e4af5a7c38e540L, 0xb3418440eb04f49dL,
-      0x2138a1e8fde5a4fdL, 0x3e6e692430257cfcL, 0x3519c6e319fd70c1L,
-      0x8f34e17486c31ff0L, 0xf1e298fd940ce1e8L, 0x6fb8cb1d14960d7cL,
-      0x207c13472b2f3bffL, 0x899a20b4146ef8ffL, 0x7dec362b7bd3e220L,
-      0xa975044e626bea27L, 0x0f32b4494fb4cb67L, 0xc17a09201fc6703aL,
-      0x41f325b99cd84a2bL },
-    { 0x312ed513ce2843a4L, 0xe748498e00728afcL, 0xa8ef28224d864ce5L,
-      0x34064704a620083bL, 0x5905e1d94bed338dL, 0x2a578cb5063e7b38L,
-      0x98276d96289e7bb9L, 0xdfe2dc47f17b7341L, 0x5923521f1dac8944L,
-      0x3db6d28d23400aa7L, 0xc647705ea761ba43L, 0x8947ba6d9bfd07ddL,
-      0x00f2e3ac242ca8fdL, 0x49ef4670eb8c3468L, 0x7db3d37bd9aa18fdL,
-      0x56b30fb6e58cea9eL },
-    { 0x07ecdcaacd80a428L, 0x7af922dc8732c891L, 0x20d887983ada441fL,
-      0x3bed9a44924b008aL, 0x2123533cb2e81c3aL, 0xc34e407565f807d3L,
-      0x0bfaefa51f2faecbL, 0x78b634a5ade8a88dL, 0xc4e0b7f894392a91L,
-      0x3092237790bb1cd8L, 0xdea9b4faf87204aeL, 0x3edf81f585d3cd83L,
-      0x58f88c51c6523a79L, 0xe472fb8b17c0d969L, 0x899081e5dccf7f07L,
-      0x1353cc5758bdd146L },
-    { 0x28a5649739bf6e18L, 0x59e8b5a2649b89c7L, 0x8d9434a0dce8b8e7L,
-      0xd935bf512047040cL, 0x2ab3a1646a7b8e82L, 0xf1583ed627f81294L,
-      0x8416a7e072d67297L, 0x49685d86cd39e42bL, 0x8a797fc7958ddbadL,
-      0xa558f928155ce6deL, 0x75f4e570f8a36235L, 0xbc69cfc052877ae5L,
-      0x8f4193a9a6b16ebdL, 0x8d1df43cbb1cc1f1L, 0x723a830e5a21e789L,
-      0x3ec2185df451df58L },
-    { 0xb9d4c7d71f0bc2d7L, 0x6982c6cc6e51d412L, 0x92e02d93a09f80f6L,
-      0xb7dd2d25047ae09cL, 0x3503149f37f351f9L, 0x69d49ce1c77850beL,
-      0x60242acb12f0d2c8L, 0xba188c567bc28b9dL, 0x8e40612106bc0550L,
-      0xb0d84b1f8d7d4329L, 0xb4a67ae7d38951e0L, 0xb527c57b8bc97607L,
-      0xbc93c5f35497aa72L, 0x5f1de8cc39bdd666L, 0x3087dc5ce9d447a3L,
-      0x89b356b6a211abe5L },
-    { 0xed6db0afdfdcc837L, 0x0fb80baaa871b7a9L, 0x413abfc91c1d4b72L,
-      0xf5b56bf7adac9e5cL, 0x5664a2da8b8657a3L, 0x11b04f720e41d94eL,
-      0x63e11d2637433658L, 0xee628ecef426daeaL, 0x011619c9cb162dc2L,
-      0x9cf5817f87648643L, 0xe1bb97025584bc86L, 0x2cc27cef00bf7928L,
-      0x4ef3a80edc60eee5L, 0x7e1202be87adc2f9L, 0x656f18e08a0d4f52L,
-      0x39c4f10d57c5d126L },
-    { 0xb3a9b68ce88aecd3L, 0x555b0918a518aa9dL, 0xedc1cdad4bd4ee54L,
-      0x79b68b6702068d84L, 0x7dac80d0811ac72dL, 0x6d1e6d35a81a0a78L,
-      0xc841e9ea3bd16283L, 0xa7bc1775894c4444L, 0xf2b63725f1aa1202L,
-      0xbec7767ec7d4c556L, 0x2817ebb3d46ff51bL, 0xfde5be8d73f7e339L,
-      0x44c6c9775aed24c4L, 0x0b9a1707b6e579cfL, 0xcff164789069fbccL,
-      0x414b542d49152b00L },
-    { 0x33c31e58606e173bL, 0x5b7f4e1b90e6713aL, 0x425fb512debb20afL,
-      0xc788c61705120e70L, 0x3ef056029013e4ecL, 0x9f9d35ac81c6e6d7L,
-      0xe131e88f9450690aL, 0x708f9b3244af082eL, 0xb2e4d66c1ba2aea9L,
-      0xaf1f4a6e740db29cL, 0x74ab9248d1843007L, 0x13338ef8ed556a6cL,
-      0xf48e623e270d17a6L, 0x3c7362fa9608f5bfL, 0x43977874444e8515L,
-      0x52678d6ae00b8b2aL },
-    { 0x5dff1c59df36aeb4L, 0x52d6653ca92bc0abL, 0x0e03f496927a5f81L,
-      0x8509d4142dfd491fL, 0x258c2c52a571f89bL, 0x2bd6180493334485L,
-      0x1a33e94f3f7d9e09L, 0xfab418d32c1bf906L, 0xf39c490e5aa5695cL,
-      0x0e41196ef6d2d7ffL, 0x3ecd40750f7948a9L, 0x4b58f9b2d3053b4fL,
-      0xb8ee842a5d9974c9L, 0x23a59c1dbf22f682L, 0x045ac614c8efcea6L,
-      0x7040ba5bc10ceeddL },
-    { 0x2c364f81515a1a96L, 0x31a63503184327e0L, 0x0a0966501ad93d4fL,
-      0x9d7694f1273b6173L, 0x8886d876d2cda9d2L, 0x1e01a7422814c177L,
-      0x3492276b8667696bL, 0x2fd4f0c65b25f006L, 0x6527349ffb294c4aL,
-      0xc1fe0d8ade1d336fL, 0xaf9a23e8e7e3860eL, 0x97d2b721b774c31eL,
-      0xfac3e5824365784aL, 0xff2dff4e70f4eaa3L, 0x3d281e1afe873248L,
-      0x9043a6d60bd1c9c1L },
-    { 0x1511a0fe766c7937L, 0x1b2ded5cabbc3be3L, 0x2ac160cce00888acL,
-      0x928754bd616200f3L, 0xb801c83d34a2ea06L, 0x8ad7a03a9cbe106fL,
-      0x996b0822cedfcd94L, 0xc3c3463ae4069880L, 0xfb12ea4df597f663L,
-      0x2c8d383440c92af9L, 0x79bc85c64e8da154L, 0x95771fa2db4e801aL,
-      0x7bd2c1381e3579b2L, 0xe45c75dfffaad078L, 0xb0760a3cb73eac46L,
-      0x26362b483a125f35L },
-    { 0x25c68d28eefc3e89L, 0x2d0ee87769e9ee71L, 0x8b07bb86af5e4b75L,
-      0xdb709072cb86b333L, 0xfd3d20eaff552bacL, 0xa5eeb2b14c0da1e9L,
-      0x391f688a44f97145L, 0x21fbd3101e06d485L, 0x45e4f2a5bea9cd49L,
-      0x7b60d464a7bf21daL, 0x193f88c8054d5471L, 0x5ace53d1bee0f2e9L,
-      0x92c26563c1439273L, 0x9c86e0b296c6b5eeL, 0x452fe23109ff59baL,
-      0x2e952b20555c935eL },
-    { 0x2a846bcad75f886eL, 0xe68a5dbed43dfc58L, 0x103e45b6007b1b86L,
-      0x580e2ec9355ff2b5L, 0xbc702f26a263ecc9L, 0x2835b386181e5e33L,
-      0x025113ec6c122076L, 0xa5c26e3a7fbd856dL, 0x8ef83fb39d6ebcb1L,
-      0x7aaa53f2a44d2fa8L, 0x7c14ef3353b1fa97L, 0xff604a1117559a30L,
-      0x2bcd96b0b09377e0L, 0xa5c14896db2f0273L, 0x1c0a84c9eb53ef06L,
-      0x1236d01730378e4bL },
-    { 0xd7481c8fc084373bL, 0x29ae4768646097aeL, 0x1300dfa0613bc34bL,
-      0x3712714c934bc2b0L, 0x865246290e2be7e2L, 0x554fbb9fed010800L,
-      0xf0ec0b3842314576L, 0x65baf594330a3282L, 0x3bdde1a8706ef817L,
-      0x7d2c727dba7530e9L, 0xbb0c5d6674cc95cbL, 0xb3fcd3652438906dL,
-      0x19881941d14658f3L, 0xe616f5556c97f0e9L, 0x353c2d854b9ec7eaL,
-      0x02a48014620cb56eL },
-    { 0x11d6d23d506ccd38L, 0x229a1c549059baa6L, 0x717c9c2769d011c5L,
-      0xe87e1b46d828937dL, 0xf5d63bbb83835083L, 0xf0a7b427aadac258L,
-      0x99ab26bd9f154d1fL, 0xdec0ffbf8ec955fdL, 0xee957c6749fcb880L,
-      0x32395dee1e0114deL, 0x192a64b7369f46c7L, 0x4304466091eb2599L,
-      0xbe2da887a2e8c3daL, 0xa44e2c25c3556d18L, 0x31390414b55f75f3L,
-      0x1d8bde6f8f217fe0L },
-    { 0x03cd39f8a2028924L, 0x6e54f19cb06ecb9fL, 0x862bbcb7d6f05846L,
-      0xdbe067165a060776L, 0x9397c97ab10fec10L, 0xf42138266f1bb65cL,
-      0x414deccba672ba38L, 0x594d4d43f88b05e6L, 0x7993f57aac94d4d1L,
-      0x74fc2a6abfb17638L, 0xd8196b5bb6fc655aL, 0xdc375c84ee8d2139L,
-      0xb9b00a02360d3a26L, 0xb36ed35cdeb93b87L, 0xf565b28bcc83209eL,
-      0x349c6943c61013c1L },
-    { 0xd1b394444de6c88aL, 0xd5c2c4714700207eL, 0xb6f458a221c2b780L,
-      0x749f75640850993eL, 0x400ba579baef0c18L, 0x2d742938737c70f0L,
-      0xc5a8e2ec21467ebfL, 0x243a666e5337f453L, 0xc991f1c7ed0bd50aL,
-      0x3a7f3e90f4bd1f91L, 0x96089e8a5f0e129bL, 0xd0d3a17707389635L,
-      0x9cf842d527182ac9L, 0x211952990817c5c2L, 0xa32f327e87255769L,
-      0x056587ab89c2d8faL },
-    { 0x008562ed1ce4733dL, 0x5faff7cb98e51444L, 0x5f03021fa9ab46b9L,
-      0x89494c5eb61a8c13L, 0x57c9503636b35976L, 0x6be84c8f2ac2d2f6L,
-      0x0e5b34d89bd2703eL, 0xc4ad918f7e872abbL, 0xc2a89e9fc4052ee1L,
-      0xc2caee3f3190b51eL, 0x58fd14376fff254fL, 0x6f3c0d68883e0972L,
-      0x63d0a0e90fb15438L, 0xc438764bf6caae00L, 0x815f15653f1d0f6cL,
-      0x1b87f2edb86cdbdeL },
-    { 0x35792bbb2b0b15b1L, 0xa3e4b5a7ce6ba779L, 0xfbacffd9dd8f3779L,
-      0x005450bdc298d1efL, 0x0e3f5556c47031c6L, 0x0770f07a95d68066L,
-      0xce3e84e02d1052c2L, 0xb050791e7aa8cc54L, 0x4d621e73ba3223a3L,
-      0x87b9b94d39632990L, 0x8df9cb477eb8056dL, 0xe2430de8edfca0ccL,
-      0x374bf4169712a0caL, 0xbe3f3c7788848a99L, 0xb22b87b1c4a3e59eL,
-      0x8e0227c43e95bc23L },
-    { 0x000e22a83210964dL, 0xdccd5df5ff056eebL, 0x02173a1fdaf1ead7L,
-      0xd02833e067cdcae3L, 0x1cc574cb8bdcc90cL, 0x86eca7143224b4f5L,
-      0xd00e603abb3f8298L, 0xb98ece1b0c1a8debL, 0x228a46e4378c261dL,
-      0xc6f9dd0da6165e5dL, 0xb3ae38994b7ef0e2L, 0x3a3c16b3bda9f306L,
-      0x5e9a26d338a084dbL, 0x528e59935394e950L, 0x848ecb114ea206bcL,
-      0x14b15ab540545d6eL },
-    { 0x0f6d86c9664c59a2L, 0x3dfe2be160fd7aa5L, 0x33f9b5699072cb8eL,
-      0x5f2325d98176a7e0L, 0x79a0d4e74587080bL, 0xa4ee0def0d5d4e05L,
-      0xc0ad9ffac87b28e1L, 0xd6f18d2f3f09b4eeL, 0xcc896ae7292e9d87L,
-      0xca88953d6094763cL, 0xdbee97a818fbf9faL, 0xdf20e0e94b63d701L,
-      0xcbba6e3047ea722fL, 0xce57e1ca612b571fL, 0x1e16ac76009a55f5L,
-      0x742bbed8c4389e2eL },
-    { 0x23ea86dcc1dc2c73L, 0x4bbbfd5bc1643abfL, 0x07f8fa1f24d8ca1fL,
-      0xde68a6e08cb5cac7L, 0x7d54c64b54e66a7dL, 0x789dba22a9b7ad78L,
-      0x4d88d540e364ab94L, 0xc8c2e02d1f72e011L, 0x4c82605746e2a278L,
-      0xe6c35bb34b187c7dL, 0xed8b3dfeeb8fe0c9L, 0xb6bc34e87d11e415L,
-      0xb3908bbfb865c7f9L, 0x717d1ce6e1ecc17cL, 0x151e3308f7cdd69bL,
-      0x97bd5a14b5c94124L },
-    { 0xe01c62fe81e82861L, 0x703d4b6ddd42c40eL, 0x7e52e55be65e91e5L,
-      0xb8b493745abbbfddL, 0xb4f15f52c72a45f4L, 0xce8435a8550f29d8L,
-      0x9df76b9b582de75fL, 0x52e84c5fa20c8b96L, 0xaf77d2d10a8a0af4L,
-      0x0389bbd8ca6013c3L, 0xb0d9b9ba26f8305fL, 0xf053e8480cec8b9aL,
-      0x4d63367affabda18L, 0x50f53be4a6424c2aL, 0xf892c58c864fba2eL,
-      0x317c6d3148cc5469L },
-    { 0x0c3525b02cb7d42bL, 0x55240bc9310facaeL, 0x8d5d2022ff20408fL,
-      0x6b01402fe0c10ea0L, 0x7fbef68a718eb23dL, 0xa0146b5a41252a19L,
-      0x59afce48110e0d6eL, 0xe9a1d27f022de181L, 0x6db96d16dc3f49daL,
-      0xfc1ae3f5efbe4008L, 0xf9d70641eccbc11cL, 0x49022279525f8636L,
-      0x3769796ac2763c30L, 0x9cc3483c1d90630bL, 0x451651f0ee3d3f17L,
-      0x6ae597399da0b8fdL },
-    { 0x57b13bc7bff4d2eeL, 0x2075422930b173d8L, 0xb6254bd50794936cL,
-      0x1d5f232a5efd55beL, 0xc06f4a854e0c3389L, 0xcf2c5b598e61f944L,
-      0xc564861ffd5f87b7L, 0xee261fb15a2afa4cL, 0xb0ff72262d97a774L,
-      0x1a89ae22d6cf007aL, 0x28880534d346f214L, 0x8fe73bff97b6497eL,
-      0x8a8595b2fa2afffcL, 0x9ef9cf3ef151a726L, 0xa84ee5f1e744b82bL,
-      0x6649048dbc63fe72L },
-    { 0x91b7bb781e8b760dL, 0xd47b0bd825aadaa0L, 0x81493d9ffab5226fL,
-      0x4a6dd226bffc148eL, 0x5a032f8aa29be3dbL, 0x318dbc7034b0ab0bL,
-      0xdcccbfb57d654868L, 0x8506ab379c581e46L, 0x09136a6e2830ece2L,
-      0x48b79356cf6c80c7L, 0xfa176377ef6b1e86L, 0x2c9c1cc183f0f1c9L,
-      0x96f0526d16abedddL, 0x3e0e98e2a93b0de4L, 0x6f2d7ada0f13873aL,
-      0x4eb93b5cf3fa49ecL },
-    { 0xbd89f7e5e11fae32L, 0xd13d74f5c4023f51L, 0x1b0014df491c3f6fL,
-      0x1d849a57555279b7L, 0xbb9e889705ba0068L, 0x82222419c13ca2caL,
-      0xafbbb685fd33676fL, 0x931c3f5275878a2aL, 0x12aeefefef3d5173L,
-      0x189a5cc8bd8a6878L, 0x82cffdb3d99f0c16L, 0xbf565406a19d48b6L,
-      0x5605e223e9c6c4e0L, 0x53e781de86804172L, 0xcdf5c90bc7001cc8L,
-      0x2b582d937c043f68L },
-    { 0xa1165c8281abc2aeL, 0xa73380f5e2b69ecaL, 0xc097b3d207fff66fL,
-      0x5d60382654776506L, 0xdcbac9f3b57fa21cL, 0x78750db4c98dbdd5L,
-      0x85e21103d9eff32aL, 0xceed172c2f11c41cL, 0xa8e392649e348c09L,
-      0x71cb936b831eddfbL, 0x915c3d06f50864a3L, 0xfe8e33cde93acfcdL,
-      0x4bee10d7b3f2f7aaL, 0xc1d8eb48eb7cee9aL, 0x4fa49ce3fa574afdL,
-      0x78615109862db4c0L },
-    { 0x3fe3f4807ae72c21L, 0x631aa144fd0f0da5L, 0xc76ee1e8f8c3a454L,
-      0x379ae09451b4f1abL, 0x2a3a4397d7cdbb24L, 0x7a14cffe82bd5fcdL,
-      0xbbe4ed12f427ef5aL, 0x9b0a43ee284d3ccfL, 0x57b78b938eec6e1eL,
-      0x18d404e467b8e87bL, 0x0c8adc0534374c20L, 0x643736055428deb5L,
-      0xb4d80ec0c3afa2cfL, 0x6d51f93c3aa956f9L, 0x9f9a28ab84161c68L,
-      0x540b6bb76bc9c025L },
-    { 0x04e1734c321d315dL, 0x4ef56612d86e05d0L, 0xeafae145bba8cd81L,
-      0x1fb07a49acdc789aL, 0x6a21e9ad5877570fL, 0x2e4a837eb9bc53deL,
-      0x436db2931d6298ebL, 0x43afbc78ea362f45L, 0x2a973d97aabf6585L,
-      0xdce7dabe0c924d60L, 0xf69d98f07cadf0e9L, 0xe0b505a175020538L,
-      0x3db7d1a34461cd29L, 0xe1c287765e20e818L, 0x2ca2586752dd50f6L,
-      0x897cab1492e0388cL },
-    { 0x59ed38130d8bab8aL, 0xc11d364ca438200aL, 0x0687bf2c40581415L,
-      0x86ad0d3a7ac89674L, 0x44928105b97411a0L, 0x74984b11f383371cL,
-      0x70d2ed840d1a831eL, 0xd883628b6c912fe0L, 0x44f8f7fb14fa88d2L,
-      0x564f2a4dcf0ac93eL, 0x82f629aaa6c24fa6L, 0xab906ba3bf6cd949L,
-      0x2c822e6720a5182dL, 0x2ff47dac30eb93a5L, 0xdc62c4a4fff673aaL,
-      0x64b00763476b0ec5L },
-    { 0x1e3f533eb3c9a404L, 0xb1db7f73b7ef9952L, 0xc7f13e296c253693L,
-      0x7ce7f4c40738eed4L, 0xccfd3b33ce26cad0L, 0xd878493501ec5cf1L,
-      0x3f8fc09ddc084e01L, 0x217cab32c39b5acfL, 0x42daf0bb9ef5551cL,
-      0xfbc76f56e1217a95L, 0x80178b12c237002aL, 0x0b52c39fb070a293L,
-      0xe3925153576ca964L, 0x2555942419d68e36L, 0x291fb82c09e50e84L,
-      0x7dd22ea66618ed8cL },
-    { 0x7ffe844b49cbb3bfL, 0xde0cc7045562fb25L, 0x1e6ee5379f5a845aL,
-      0x956d7f26e51277fcL, 0x2c75d4b930635718L, 0x39a1489296957f34L,
-      0x8cf4eb3282e5742bL, 0x6b0d3ddd83247b72L, 0x67a9f633201a4237L,
-      0x416403c11414a485L, 0x60afd447b6f6a916L, 0x95f94930dac6f790L,
-      0x685ff94bbd3b9d82L, 0x5c8f98fc51cadf0fL, 0x9559c88ab13b7489L,
-      0x31377c665f18fcc8L },
-    { 0x35c5de097dcfb35fL, 0x2dccca9f01cc36f8L, 0x7e93e85d7576cb63L,
-      0x0c2dd48af7b4b375L, 0x9d95cd4fb09a19b5L, 0x752ed15971bfe607L,
-      0x439880cf2596dad2L, 0xe52efb5369e90a6fL, 0x4409766303d3e60aL,
-      0xfcf364faa95070e0L, 0xd8f993b605624dd2L, 0xb35a982400d5e467L,
-      0xe289d0240c8f4524L, 0xef45423c648a0179L, 0x3a5fd695587edabdL,
-      0x3dacc50ca11e5271L },
-    { 0xcb3e4f946499ae4cL, 0xa46dcbe17053c527L, 0x807f5ce9be782e8aL,
-      0xb6c64d28d8481e45L, 0xf35e4518aa286fd0L, 0xf7b7b9badf1cdb49L,
-      0xf3fb6210aec23eafL, 0x0a9ba385b9bfd2fbL, 0xe51a0d538807f3a0L,
-      0x7ab24404b17b2842L, 0x6fd57687f9dd9f0aL, 0xcd1efdb4f3e9df64L,
-      0x5dd2df7a60df194dL, 0xbed3f2c3e069df05L, 0x469b756123248a31L,
-      0x866949e1694744f7L },
-    { 0x3a9a0da53f4ab07aL, 0x2cd6f333f54a6fbfL, 0x0c92e921b23cf290L,
-      0xc9581c3e848e3d58L, 0x93af1fbdd3b218abL, 0x38598ea1066cb4d7L,
-      0x5001394e990c03a0L, 0x3b664b1e7d0877b5L, 0xd79db1bbd74c7091L,
-      0x852d44354e2d5dd0L, 0x0d2b841b3329db82L, 0xfa844eb07b96d480L,
-      0x37a50569c295dc46L, 0xc2d3837394f7ec4eL, 0xdc3884ff5b083177L,
-      0x574352b88b1fa598L },
-    { 0xed2193f70d5d7ce9L, 0x3c19fd260b487eafL, 0x7c44ab597be65fd0L,
-      0xdd9da86078270d56L, 0x8a84ec00baa70198L, 0x2ec27e49285985dfL,
-      0x996ccaf0de2028d8L, 0x4e7648c761c2201dL, 0xa96335bc091c19ebL,
-      0x253a3a69f0d6782bL, 0x3f204340d2946493L, 0x444521a1099f6873L,
-      0x5fcbcc096996011aL, 0x3884d5d8f853a94eL, 0x2418c624d3b6a3a1L,
-      0x3e431af206ae3c4fL },
-    { 0xf967d93983d381f1L, 0x36501aaed0c033c3L, 0xbf3af4d054410768L,
-      0xa86d15985093a6d3L, 0x43ae0741d92f2900L, 0xfeb2afa636f0b755L,
-      0xd090a6a3aa456d6fL, 0x336a4fdaaefdb646L, 0xfd1bfe441a942f7dL,
-      0x7fc2a3ed851ee41eL, 0x4f1c968611e935c5L, 0xcd57766653bbb343L,
-      0xf26931baad896c2aL, 0x8a0fbbd186bbfa41L, 0x1c3d7d82a203cef1L,
-      0x6dad3f15e2664d35L },
-    { 0xd1940b7d12ec35a1L, 0x6219c5b6e7dfb128L, 0x2cc278c6f13321d5L,
-      0x5e76904a33c58eb6L, 0x15090f55d9903c43L, 0x061bc926c3d96a19L,
-      0x974a9f038c0acba7L, 0x7a4140217198b21bL, 0xb069599df8958c6fL,
-      0x517f2f1dbebd0129L, 0x1109a613df3a8dc3L, 0x08e58448672375c5L,
-      0x56590ba49383d2d3L, 0xfc3ee7c60bff837cL, 0xc87a539027d2d55fL,
-      0x2438e9d45f517a3fL },
-    { 0xc4a453088815af3cL, 0xe55f1a32f3c9bed5L, 0xaef1cdc997b65ddfL,
-      0x61c61d9412e51eb5L, 0xbd0dac54e63f2490L, 0x6f14429cd0b3e231L,
-      0xf737c3c2f1da6010L, 0x7150e04b6bbc4fb1L, 0x205b4c891be281cbL,
-      0xf1b4633cd7701f5bL, 0x8b33ef462a513490L, 0xddb47c7368f1f7f2L,
-      0xf4ada511bd416b67L, 0x9d2a97cdff795bb3L, 0x00a8b7b296200e67L,
-      0x13f39011afe30e01L },
-    { 0x3dd296ef7bd0c827L, 0x506110f34a29ff46L, 0xf87930681c9a515aL,
-      0xde8d8045268bca77L, 0xcbb83024998045dfL, 0x3f90d71068c0e584L,
-      0x2a838ca8263b6062L, 0x293bb5e7535c5d0bL, 0xceea99d556415110L,
-      0xfe311ad01bbda005L, 0x2497e0bfa4d8d018L, 0x33dd77a01cf2b866L,
-      0xbc075b73d8c4ba8bL, 0x298466d4722b7bc9L, 0x17a7ce24cbda1b0bL,
-      0x458d4b6b680703b6L },
-    { 0x8a26a20e4d54d8b2L, 0x05a5696e4d320a0dL, 0x698b5858f994f700L,
-      0x7a4adc3c2f6549a8L, 0x1812e8193694d00dL, 0x46b9b000730402bdL,
-      0xe10a1449a1b36410L, 0xeae95ea599230220L, 0x3efc2e9b1b4820c3L,
-      0xfe5b5cb585c9eb8aL, 0x21ae031997847064L, 0x68ef0b708f27d49fL,
-      0x3259ef182f72556bL, 0x00ae0457624db01aL, 0x628e3b065668f95cL,
-      0x5f13f5fab6fbbf91L },
-    { 0x7c6ed9ae3a9b0dc6L, 0xaea1bde96f883ec8L, 0xea66bf88ea8b3677L,
-      0xdefa6abc9a66e3abL, 0xc4d3317b68217ffdL, 0xf741c8f2290df05cL,
-      0x1f0fdf177d11674eL, 0xfdf0ece7c35989caL, 0x0eed92df6b9c482dL,
-      0x73713e6655bf1ca7L, 0x90acb29025cec99cL, 0x37c9e3a2e803e69cL,
-      0x7c0a3c5317713a1aL, 0x350dc5656f5a174dL, 0x11625a4405f802f6L,
-      0x2196495da37ba4a2L },
-    { 0x00cb2fd313142680L, 0xab9e91d765d14cf4L, 0xc6a0ceabdfe2669eL,
-      0xbeefce580ae22bc5L, 0x3c2b7986cb6ec250L, 0x84adb1a2d738f1ffL,
-      0x9709bc28516ec8ecL, 0xf36931298e8f7db5L, 0xc48efc6b95b197f9L,
-      0x9ff109529aaaa404L, 0x2c3c8cbd144154b0L, 0x33ef7bc3427f3435L,
-      0x04a17940d21897c1L, 0x5aa0c47d6ce548a0L, 0x2971cea73d56fa62L,
-      0x93ad0eb004475f08L },
-    { 0x7a0b6967988a9963L, 0x61e477f76515e8ddL, 0x6274e3863b6b50f2L,
-      0x63a9b8d5d33922deL, 0x3c38d3fb687a5b3dL, 0x18f6f09c1302e323L,
-      0x254c05c3e02fcccfL, 0xc04ed0b726e662f7L, 0x1d5646b8143fe079L,
-      0xef8a9448c9016c8cL, 0xe5674c4bf823d797L, 0x0586f72fbccde451L,
-      0xc5fc88d54417eadeL, 0x2b952209576e588dL, 0x4408dd425844d1f9L,
-      0x73f8c3f0ea41c034L },
-    { 0x89534fc85df763ddL, 0x3b1427f33ac71836L, 0x0db5be176e8f15a0L,
-      0x1d390944cb20888eL, 0x7804c9ad857caea6L, 0xaa584428519f7bf3L,
-      0x626eecf1293aa8cfL, 0x749e0d98ea36a015L, 0xefff6dae3321edcdL,
-      0x963deea628b791ccL, 0xa14e05522d16e361L, 0xa2e058fcb15ae206L,
-      0x0f268745fca325e4L, 0x7cf9d40721341a8aL, 0xdfed25d97caa51b8L,
-      0x0108ae39adbedd75L },
-    { 0x54d178f3a9e88f63L, 0xaa05b11eab0c7325L, 0x773a53e6e261d8a6L,
-      0x24db7dae8d0b91c8L, 0xde10b073e9bb004dL, 0xfc8befe754e3090bL,
-      0x16af05990cc69c89L, 0xddc838039d59511aL, 0xc3f65b9946c5dafcL,
-      0xfbbe4be81ee0a599L, 0x88891e36fb3a9b17L, 0x0c9aad75445dad00L,
-      0xdffc46abd5097e1fL, 0x8848089bac85a4e1L, 0x348bb42fa0c45233L,
-      0x807c06d8eb13c1dfL },
-    { 0x00a969ec98ee0ef6L, 0xba9d54838bb7b7afL, 0x24484c92a02f8fdbL,
-      0x7bdb201a8b70557cL, 0xe59343e460ad1af2L, 0x53a9a942998c95fbL,
-      0x974db3deda861d3bL, 0xce1525c9ed399c0eL, 0x89b56881f72109bdL,
-      0x08ff7d15998211a4L, 0x5df76b3aef0f275aL, 0x93f180f7fa2f358bL,
-      0xaac4ffcfc39b0634L, 0x2692c62617583b53L, 0xb2fdfa36b55399fcL,
-      0x16424c6c99607a61L },
-    { 0x5dd65c55dd2744a9L, 0x2544c1c2fe3af418L, 0x32c82e99efe8b089L,
-      0x30b7ab25a9df691aL, 0x983845509be99674L, 0xbcecd258caf2d122L,
-      0x88ae4098bcc77272L, 0xd43961414b8efa0cL, 0x44ff67b9ed64d12cL,
-      0xa9e655e42e7f3404L, 0x3d16fc4545b0e9ebL, 0x474a3e14f03ded28L,
-      0xa3c9adffacccb85cL, 0x3dfe6bc17253a51bL, 0xdddaf4b9fb5831b1L,
-      0x5544e602a4f4478aL },
-    { 0x897c5313baa80b4fL, 0x0122716f63bdc8efL, 0xae2742db7b42c5a8L,
-      0xe9d9e1e90883308cL, 0x352c8c3f2d341ab1L, 0x163d0500ed945870L,
-      0x8349dd73c290d9d8L, 0x2053c5e01f6c7d29L, 0x83107446cb42033cL,
-      0x76c88bd209d09af1L, 0xd0f70e6eb2794681L, 0x720b59de19b1b540L,
-      0x80b7ecdc22994b43L, 0xc1a4cdce2dec53cfL, 0xdd7d3edd1ed60f42L,
-      0x5735995ce241d261L },
-    { 0xdc4ba3fba0237056L, 0x6856c16433ab3388L, 0xc01eebbd271ec612L,
-      0xabdeb033e3031becL, 0x4eee44196118a1f5L, 0xec4974215b600f33L,
-      0x1b7185cf08868773L, 0x7b0c46cd7c1b7dfdL, 0xd143b2da4a4c5e89L,
-      0xdb9a5984bb1ff94dL, 0xac3904e4c9cf3465L, 0xf8729bc0eace64c9L,
-      0x5cc22821768ad99aL, 0xbbd3b0818a9540c2L, 0xe468ed5f049a6917L,
-      0x885486df3ec45ef0L },
-    { 0x6a942c934bdff464L, 0x3db2719f25a7b451L, 0xccb0070b325be324L,
-      0x2055a31b19fe3339L, 0xaca69ae8241ee8ffL, 0x7607dd0855ef8defL,
-      0x9e24960f1a1b73c6L, 0xbcb0e8a271d36810L, 0x29e11aa26885e6b9L,
-      0x98b5d0ab185eae19L, 0x1a0b96e40f81f91cL, 0x4d0e8bcf994fc503L,
-      0x33d81697f119d6e0L, 0x29083287aaa4ce0cL, 0xc5dd4d3ec91ff9d7L,
-      0x31cecfe8d4ab962dL },
-    { 0x437bfd9afc8b21e8L, 0xe5dd32b3b19436dfL, 0xfe5902d4921c36a0L,
-      0x8e9de84da3d0fa90L, 0x9663e6ad5bb523bdL, 0x9800a23faecd6975L,
-      0x1009c0d9b4fbb59cL, 0x839aa7bdc9d20ff1L, 0xf502f66decd6fa3dL,
-      0x480ed4fbc5516ca9L, 0x65ffa5f66c742ac4L, 0x2b7c7945ff3252f8L,
-      0x72fefc0575d9cb3dL, 0x11b0863bd6d6f1d2L, 0x5d8f3cf09a6a4ec3L,
-      0x6961b46ada2547b3L },
-    { 0xd07b587ecb35e2acL, 0x1ed5546b57af14d9L, 0xeca17a5bdb28a04cL,
-      0xa1f91d44709d54f0L, 0xa6e719fd9c6f400eL, 0x4e4b88edfb8ce190L,
-      0xf9781edd246e3fd2L, 0xd67120e6b655af5dL, 0xda782d1d93413ca7L,
-      0x697e20a29707fa21L, 0x1eb51f3254e84123L, 0x2e254d9e36051f9fL,
-      0xddaec42b73ce5be9L, 0x89a9a32ecd3f794fL, 0x1964e22f0781aad9L,
-      0x6a63a90c53755212L },
-    { 0x76554e003d7acbbbL, 0x2c01668ab74f6108L, 0xe4a29672388c519bL,
-      0x016677143eb94d4fL, 0x086a3cdf0cd6d2f6L, 0xf86580217b370f7fL,
-      0x658880c15a4d3e7cL, 0xd6ed58165ba3f4a1L, 0xabcc78135ca471ddL,
-      0x809bf074e844a576L, 0xa53a81b36ea502eaL, 0xc20b93070e021ed3L,
-      0x8c27f8928617f165L, 0xa54764468235cd0bL, 0xffc89ffd82552961L,
-      0x51ed4a22d151d90eL },
-    { 0x37d6963a449701b4L, 0xea8d91a3bb27caf2L, 0x3ef9be15b572965fL,
-      0x75a7a055db50bf7dL, 0xfd67480ece643b9bL, 0xf2a60d2d6ceb5d5eL,
-      0x68fc320c5ed7c897L, 0x41c53cf628ce685fL, 0x0e29711f7106615eL,
-      0x7a87213823500eccL, 0xaf0a92606c29fe48L, 0x93df3f2ae1ef9712L,
-      0x0d5f6fb1d2d169bfL, 0xeb7afe2674a9793cL, 0x4173d94ae9f49256L,
-      0x2d6951bc2b8b5ce5L },
-    { 0xdd007d9f904e222eL, 0x333f248f86f4e109L, 0xd4994e8b8f429eeeL,
-      0x29573415cfc77518L, 0x6e7fea3a0b0f42f1L, 0xc795cb7dc2743519L,
-      0x820a8f66711e71a0L, 0x83d95d9c2b874f55L, 0xd4b64d78e70e1627L,
-      0x924353f58b92a742L, 0x322048b1447b5e6dL, 0x0bad730cbcf931a0L,
-      0x75c4d089a7af2268L, 0x464904c1b83b93f9L, 0xa24eba02165b3aeeL,
-      0x65c48e78e08cc5f0L },
-    { 0x1a1c73cede222c22L, 0x5683d8cdfcea23b4L, 0x0301cb14b2143b06L,
-      0x284adf8f59fcec77L, 0xfb1c581c31204cefL, 0xf54d3eee94735107L,
-      0xdbf67f0b4d3188c0L, 0x76a3f2d110f18d12L, 0x3809fa2807d3e013L,
-      0xf06f0a4625e7ece0L, 0xd82867edb2895d2eL, 0xe106f48908b0553aL,
-      0xe2280fa6ef245445L, 0x402d5785a8d9a3cbL, 0xf63dd9ffd438ba2dL,
-      0x36b5cd2c7a6b226fL },
-    { 0x87ff4e20545679a7L, 0x64d80b414520c750L, 0x90a357fa9b459cd8L,
-      0xa19eaf39c85af1a3L, 0x0d475d798d935a5eL, 0x74501983781a678aL,
-      0x748397790cc2e810L, 0xc6a21d112f412244L, 0x8d0e85f936a51a37L,
-      0xff50151eeaa74df8L, 0x14e182a793cf99c4L, 0x45593df1376a9ab6L,
-      0x18f73caf522389ffL, 0xd27cc960f7445e8aL, 0x0692f4c539a51dc8L,
-      0x08d7c144db39bfd8L },
-    { 0x809c0d963ecca773L, 0x87ea9192d48c2156L, 0xf0eccd74db6bd641L,
-      0x773123742a678cdfL, 0x7a966d8bd1587b7eL, 0xf3c1a1016130a4c6L,
-      0x7cc6e8385fce17bdL, 0x95e95bb8a8de7aa4L, 0x3fe1e8b5898308e3L,
-      0x0197243ee347694aL, 0xf3fe9c42bb0cd2bfL, 0xb59052640f9b2b49L,
-      0x4c385e8bc7367d1fL, 0x1d3050aeb5ee147bL, 0x8e2c387904004ad9L,
-      0x5f2aa8eebab70202L },
-    { 0xe208d4641266524bL, 0xb7bf3880d0a19f66L, 0xa5aa685eda106ebfL,
-      0x0a69e8d3e642dd46L, 0xef349c61c682e4d6L, 0x26f6ee3b0fcb534cL,
-      0x7daba12705eb67b8L, 0x2babb27e18be05f6L, 0x959afcba8e2d85d1L,
-      0xedcf2d1ae2d9d386L, 0x59dc52e61ea6f06eL, 0xc28278b4866e5ae8L,
-      0xd9ff034002bcd3c7L, 0xe884ac76784be82fL, 0xa316498083c9f224L,
-      0x62501a98b46ff949L },
-    { 0x563f7d9aad264086L, 0xca6a33dba5e0e4bdL, 0xe82530028c8d3d67L,
-      0xa288dac846e64b19L, 0xfa3c919720aa4536L, 0x8130c9b0ed553eacL,
-      0x622806e02ea8abd3L, 0x52fbf54dceccfe77L, 0xbd9a8e314f0d1b70L,
-      0x519d2133d59b1741L, 0xfd74101c9a6fea8aL, 0xd1acf7a0b5c4eb10L,
-      0x78499b7391f9da5eL, 0xabaa4c49c0dea586L, 0xcc9c5f73a1f3531aL,
-      0x497b15fefd3fc665L },
-    { 0x8a56cbaaf45568e9L, 0xf491a0fec7192a6fL, 0xdbb03dd39ab2539aL,
-      0xc86522f84ac37da9L, 0x8c8cdba202a0f5b4L, 0x8109fc75a29c539fL,
-      0x9cd06d31ca90f02eL, 0x8f31f0443e216dbfL, 0x99aa68acba3ebd91L,
-      0x2a80d0d242c007f4L, 0xdd8dffbf86a9b7ceL, 0x405d3e84d6308edcL,
-      0xdafa33fe068012caL, 0xc2eebd13edea1071L, 0xb7ae7e5c2ff637e6L,
-      0x18d46a6c9e514cb7L },
-    { 0x868cbb22a78b7802L, 0x0745ddb2497cbaf4L, 0xc4eb2f3e42ae8addL,
-      0xac0abcdab4ceb4e4L, 0x2e0d8325a325fd40L, 0x6cfe057113ac7345L,
-      0x7407a788b14171b9L, 0x70eb06036da7a52bL, 0xab0b36f9d85176acL,
-      0x14109d297c2954f3L, 0x370de9c8dcd705adL, 0x3f0db5cd7bb5e751L,
-      0x45f93d41a06e708cL, 0x10d54f8a7e93050dL, 0x69e6f8e45a38fef9L,
-      0x55044601d3f62e40L },
-    { 0xd1c5c91006cb9cc9L, 0x542074d741d00014L, 0x7cd8663e11236fb8L,
-      0x39721ffe29ad5f82L, 0x1d21fbfa2951fc83L, 0x1cde06e7400d144fL,
-      0x9042596b91792e6bL, 0x3365c8e529ad5166L, 0xe2220e859aeefe98L,
-      0xbcb5318970c2aee3L, 0x477ca3db9ff100bcL, 0x27074176f532973fL,
-      0xa12118ac9a2bd01bL, 0xf34252093dd79f93L, 0x563a8ff7c6f5d7dbL,
-      0x0da313fcd7b0ec4fL },
-    { 0x37125a8c15aa2557L, 0xca21d70c00893e9cL, 0x4871399467b8a823L,
-      0x0d3e9a747cb0042aL, 0x2d2bf4ffc9e2ce18L, 0xd5531a0d049aeac2L,
-      0x4d29a616f03d0660L, 0x473d50d61f1b7f00L, 0x3af0ecbbca3de50cL,
-      0xe2959bea09c28f27L, 0x6d7c2ea0f8704664L, 0xadfae4e1731083efL,
-      0x50940c26941c2554L, 0x44167410a1162d03L, 0x620230d81e82290eL,
-      0x63630be8db414accL },
-    { 0xbf8d52228a7d2e41L, 0x49e75823eb62f879L, 0x1b4d33dd6c402d89L,
-      0x883e04d6de2c59adL, 0xbf3f38f449b9dc38L, 0x9d997d18b4b70c4cL,
-      0x1f69b20c13cea045L, 0xca3d702558e2606dL, 0x3d4fd977261d1b79L,
-      0x56aeafa85a1436faL, 0x369b3e98bb443c07L, 0xfce5186ce558f6beL,
-      0xeb0cd478f8ac8f89L, 0x68074f37d5e5aa72L, 0x295845c068544eb0L,
-      0x306a9871f16688edL },
-    { 0xbc451e9d634ec136L, 0x1edf27ca0e6f658fL, 0xa9be0152c0db4120L,
-      0x87b6ef20c5bfee67L, 0x352832389a2d6023L, 0x60e564d8c7afb899L,
-      0x4af22bc00ac9c2deL, 0x28e6f63182a9d22bL, 0xc075c701f532701bL,
-      0xf6d418f882075f91L, 0xf9fa628d1beaa511L, 0x551e7a176e72a13dL,
-      0x9306215b77f4c01cL, 0x71aba73193c9d588L, 0x6443ebe058e57cd4L,
-      0x2833ac41e8103e37L },
-    { 0x7e564b868da5ec5cL, 0xac3d9da81c08db24L, 0x9d7c1f0b8c57a728L,
-      0x3512afe79d343dc2L, 0xb438e4cffdc60339L, 0x7d5a2700dcfa1941L,
-      0xd5f323f827320449L, 0x1b87a58e1393c6e6L, 0xecb68bd104baa431L,
-      0xc09c1c5a4722b4d7L, 0xf42faa97206b5faaL, 0xe1dcbcd69976327eL,
-      0x655ba9e4087787d9L, 0xbd59c757de5c0191L, 0x673020ed0bcf3538L,
-      0x120cd454a49d6303L },
-    { 0xebfdb8f4cab0f9eeL, 0xbc003ef02cce58eeL, 0x9b6a68415a8d0665L,
-      0x642ed3a69b957774L, 0x3de487f04721ab5cL, 0xef2ff38021a4f0d3L,
-      0xbd16f55829dbddcdL, 0x2ef05b4b0e93dff2L, 0xde1faa120bc9aec1L,
-      0x66dae2c2d467fa92L, 0x758daf645eb33e34L, 0xa67ad9f68f0103cbL,
-      0x151f693a9be02430L, 0xd5698496eb4054bcL, 0x8ef1677e7019336eL,
-      0x021cfd167fdeea3eL },
-    { 0x5c73715fdf5c36f3L, 0x703bde37d64ad254L, 0x55368d10f2cf7713L,
-      0x1e5ec7b70f3993c8L, 0xfdb16776304ae4caL, 0x0d8f717e3d3bb18bL,
-      0x5267073f66343d5aL, 0xfaeb52ef156008b5L, 0xb97ad5f9224a470fL,
-      0xaf86e391ed2ab51aL, 0xdc0c7e579974302cL, 0xc88fa817fd0ae28aL,
-      0x807c22dfbf8ed59cL, 0x5dedc231eb128bb6L, 0x71edcd9ca20595a3L,
-      0x07265b46c73cf78eL },
-    { 0x73dd99f0bd66232fL, 0xc59aaf89c4027716L, 0xaf826dfa5b860fc4L,
-      0x239ea8aa7a943f3bL, 0x0e0e1b1a523c428dL, 0x55ea0e3a6973b95aL,
-      0xea399caa2557753bL, 0xf8adf72f06957b1fL, 0x0389f3413bd34302L,
-      0x333f27d0f8a43a97L, 0xcd9c0c08adaf796fL, 0x6dcca49b49c12aa2L,
-      0xdd88deee7a0ac6e9L, 0x8f47575d0644080eL, 0x6e9d667d0cc2f4bdL,
-      0x36c5754b31d1496cL },
-    { 0x9120046ef323d84bL, 0xa69911227e789c4fL, 0x4b0eaf4e921b8055L,
-      0x6339844a8079974eL, 0xc905466a740f8c79L, 0x1c18d0f7cd6def49L,
-      0x5297da6b4b23e4baL, 0x1c09dff3c41800c5L, 0x6c49075b37ef6777L,
-      0xa94c3a4050513dedL, 0x3d6742e96b0b1705L, 0xc0784494c48af5aeL,
-      0x40c01532c95822deL, 0xa2ddade5c164d94fL, 0xfc8a8ac9a2975eb5L,
-      0x06fbf8611946944eL },
-    { 0x2d65338e3f45aa97L, 0xd83b58c81d040febL, 0x05fef59b0fdef8b9L,
-      0x7beb071ae4d7417cL, 0x982b61f5b30a1a23L, 0x4c5f2a2afb65bd03L,
-      0xe40abc9d5cbf6bf3L, 0x422c326df06612a5L, 0xc921e69d9571ae28L,
-      0x7c88b10b23d3434eL, 0x96d2e9579da07933L, 0x833d46a13619cf4dL,
-      0xd9d19653d95eefa1L, 0x2a7d8411a03e8f0eL, 0x5e64295304bb5ab1L,
-      0x5e9ca0fd1f0fa9eaL },
-    { 0x5bd54571197c5dc4L, 0xe2da40bfe78a95a2L, 0x65fb9efcffdb0eb2L,
-      0xe952dc2c0d17467cL, 0xc1fc9c7bc758c6a3L, 0xfc79562cd4034a9aL,
-      0x26e36fbe61f64b56L, 0x6adc4b9e1e84728bL, 0x7f165fd3a8f9ac8aL,
-      0x7bc93a4503e3e013L, 0xeacc5513656478e3L, 0xd3391717064ddc77L,
-      0x75b318dc76936914L, 0x69b1f1c7362424a6L, 0x8cc2045b49955f34L,
-      0x940622b3c6836af8L },
-    { 0x4710ccb70d997973L, 0x3b29625dd3f8f115L, 0x8cf0c4d55b97abd5L,
-      0xc6321e0a673e14a5L, 0x0541af9d3d262246L, 0xde6d87546fc83b11L,
-      0x47e97da8f01652a4L, 0x0f82b3a6ad9802b6L, 0x69aa4075ae9c44b2L,
-      0xaf3f5de2ced2bf77L, 0x1ef1ea8a497a40daL, 0x2e0f86083c23ba9cL,
-      0xd8a998a4f190a2c8L, 0xe2b49c8ccfde3368L, 0xb9f49824bde6bd71L,
-      0x80bb1664785bedb6L },
-    { 0x05e575fefd145cb5L, 0x155ee561ac5e6883L, 0x461e70cf8793b273L,
-      0x9f1553de133b2338L, 0x2fb9e0c3a2a7ba07L, 0xc3bfd6a83e7086faL,
-      0xb6ba85008bb4cb93L, 0x0b66d78976f82dbdL, 0x7d5a6ff654eb49ffL,
-      0xcd65d2371f20b322L, 0x79ea49c254e29cdcL, 0x64975963cb118ff9L,
-      0x969598ddcc58000bL, 0x95107918110c779cL, 0xedfc154863b85a35L,
-      0x077ba5ea41212350L },
-    { 0x0b3a38d3cdd86f61L, 0x431214450502a0abL, 0x1912edc5806d0272L,
-      0x01dc1f988a32f10fL, 0xbb1d31d10e80c760L, 0xd46ec7e5f464e8b3L,
-      0xd569af369abf49eeL, 0x9d286ea72cdade77L, 0x2be7020d45ad5920L,
-      0xabe5236e6299ae7fL, 0xc93179bdd3f55c07L, 0x8138995a52350e80L,
-      0x0901265caff07586L, 0x5b3c81b2f4739653L, 0xbaf7581d9bc77d21L,
-      0x6b2006df4591a2e2L },
-    { 0xb2fe50a8965b1bc1L, 0x931f536a962bb4fdL, 0xd5718d33000e7f99L,
-      0x84728f2553d5125eL, 0x4f8a6184d2125cafL, 0x54f1a701357f679eL,
-      0x70a9f40c1531c05aL, 0x10d0cb976fa8b775L, 0xb476f41e9dc12ce9L,
-      0x5c8d7a752755f894L, 0xd6c12e10625741a4L, 0x262a6fb8c917b16cL,
-      0x24d116e638d6b0a0L, 0x849540c032c38e83L, 0x855b911c66868afcL,
-      0x53217ea6bd26b550L },
-    { 0xfc840473259f52b4L, 0x968da9cbe621146cL, 0x964eb85ecacbd26eL,
-      0xab7daa2de4a54344L, 0x6dc3b848381a4ff7L, 0xa07a96b341c815efL,
-      0xc4fae9e8c3d4b1e1L, 0x0f938d1e42ce9ea8L, 0xa727dacc35cc052fL,
-      0xc81e01c9e9a06f07L, 0xa9e08dcb4a6d65a1L, 0xf8e2d1736044a9a6L,
-      0x99893dd0f2bd295bL, 0xa08d3379f9781b12L, 0x64bd600161830ac2L,
-      0x0386931ed9adbeefL },
-    { 0xd0d7abb3d09885a5L, 0xed9d2b67e355bb07L, 0x3bc238cf536ebaedL,
-      0x61ca2e78699ce4d6L, 0x354ff447111594cdL, 0x55cbe70903316ad2L,
-      0x418679fd49fff5c4L, 0x75bacd750f9c6c40L, 0x677edc882972721aL,
-      0x82596887e5ef502fL, 0x459e9367bf320e0eL, 0x81ce36ef8bbdccb2L,
-      0x1ba097fcb766863dL, 0xcd3a21d6d58c6db8L, 0x0e4967cdb4a8748bL,
-      0x2caaf74915041c20L },
-    { 0x44f980066ed20424L, 0xb3e4ea2322471545L, 0x268ed1a5781a8c86L,
-      0x48d0ab757ae5b70bL, 0x6ca8b320356d3982L, 0x9ce8e6812df31fa4L,
-      0xb909d232d925dcf2L, 0x302c8f78f56723deL, 0x11725d69abac96f9L,
-      0x656a47ca57d1a170L, 0x6bb5d511c18a2be7L, 0xb56e45f1ad50d9d9L,
-      0x36e886e270b05518L, 0xc7c71f3d09d8ff91L, 0x65a1bbe29350361eL,
-      0x86d7f53245fe3bd8L },
-    { 0x99f16eb6b0bf719aL, 0xb69750988bc3d913L, 0xfae50e5226cd01b4L,
-      0xd3e3ac5490898d1cL, 0x4da3b9db887ec666L, 0x58300644fbea45b8L,
-      0x369f3bd98355b058L, 0x0fb239a8579bcc13L, 0x4f5b45396e2bd811L,
-      0x007f3baf24198fd2L, 0x68a676db8837d51dL, 0x68eeea62eae75b16L,
-      0x5ffe5f943db6083cL, 0x52c94d0f7d836c5aL, 0x5a4c3c6fcbc1ff85L,
-      0x682a55e386c0b4ddL },
-    { 0xc8f235a4587495aaL, 0x2276026c34c7245dL, 0xd6ae0cc5b75a46e3L,
-      0x890d3965ecc3e5e7L, 0x1b13342f14296629L, 0xc89927e68a877227L,
-      0x1543f27e2324a68bL, 0x6c44768449cdc21aL, 0x9bc7fd4f1452d0acL,
-      0x2cc30a31ff4b045cL, 0x415d46a0852f7611L, 0xad737052c6fdd7a6L,
-      0xdcecc3ab7b4c7c91L, 0xd2cdf01b7688d70cL, 0x054f2542e40d3905L,
-      0x02227fa6fefe4dcdL },
-    { 0x1805efd9b751948bL, 0x8efeed46fdfd225dL, 0xcb128e094f2c8b22L,
-      0x9d1090bf96f7c5e5L, 0x0959d044b4cbeca0L, 0x21c955f98e08cb04L,
-      0xbc1f279d68fa4fceL, 0xb021e14e0710ae9aL, 0x64d16e9f881167f4L,
-      0xf5a5c22ebbc9f1a5L, 0x5f3716dfe3420eeaL, 0x971eb915d5c4e843L,
-      0x64fc55fc28ffba81L, 0x3427e54d7dd37578L, 0x446e6a6215ebc7d0L,
-      0x547e249a29269778L },
-    { 0x4706868aa1ffda27L, 0xb4e6cdcc7955cf50L, 0xf65151e10a63f3d8L,
-      0x5b4127ea9de5e70aL, 0x3d2c09baf9342823L, 0x18c99d83aa2f7d51L,
-      0xa0c5bb1dddeec025L, 0x7ffddf8403dcf1ceL, 0xe57e4d29616fdedaL,
-      0xd24565697932a1f0L, 0x7475e0e83191d4e3L, 0x3479bea1c220218bL,
-      0xfceb5c908bcb2505L, 0x1c685cea3c6132e6L, 0xc42dc745bfe6c1ebL,
-      0x45a41cc0d2b08eeaL },
-    { 0x3ea9b2c74dbbf0e1L, 0x41ff962fa17cf70eL, 0xdc1ea7585eeb4c66L,
-      0x4f5412d2a9beb17eL, 0x2c9e4f52a285741aL, 0x93df7da4984fd11fL,
-      0xb2afbddc0df3184eL, 0x96323d252421e375L, 0xc87be1e449df781eL,
-      0x145601ed3d589beaL, 0x0f0bd9bd28fff6ddL, 0x2d3259d48a0f298cL,
-      0x362d7a77d88e6944L, 0xa84c06b6b6ac2af6L, 0xba850ac9d087da02L,
-      0x128763c942ee40c8L },
-    { 0x29a80f07acbac178L, 0x7cc2004434b08f6eL, 0xe9631d1470feded2L,
-      0xb2115da386615767L, 0x7c75f5c4cb088548L, 0x5b29d2139a2e8e03L,
-      0xfe9fda668b881752L, 0x3f1d8d88c1de7ebcL, 0xb476565e03218123L,
-      0x07365561b1c995f3L, 0x2160cb18b13eb71bL, 0x7e8da51399b3a0ebL,
-      0x5e8ca1f9b20fcd74L, 0x6a7e0067b4126d72L, 0x1e8204b768bb637fL,
-      0x75e96bccfc4f74d2L },
-    { 0x189d1fdc0d19716eL, 0xdf5850587c384525L, 0x64a846d1ea987d2aL,
-      0x12b6bf836c07150fL, 0x91d85d464d6fd5b7L, 0xa97888364f53f55fL,
-      0x60083bd881509129L, 0xa7672683ea876f48L, 0xe80b2e7ac15b2489L,
-      0x985ef8d242d1d992L, 0x9c57b029cf3de492L, 0xfe02f83cb1487627L,
-      0xaeba4fe48ae5b687L, 0x8a86f09b5d6b8196L, 0xd88f566ba16e523dL,
-      0x309a6e9aba268949L },
-    { 0xef27ee50bdfbe97aL, 0x1a5fe70fb8c50c4dL, 0xcc7beb017fe09f5cL,
-      0x8fa15a85bed36cc5L, 0xc0c3acdb7550ed3aL, 0xc581ef87eb908681L,
-      0xa15b3362c49d5ccbL, 0x0fbb17141fa264e8L, 0x267f8d8f8e1eee88L,
-      0xd31ccfd621c2b63dL, 0x924dbe7d53be7efdL, 0xd42e877fdb2a358aL,
-      0xcf9673c775d68ac1L, 0xe35978fd714fea55L, 0xeeb366535769b202L,
-      0x0458258ad7593789L },
-    { 0x5df71a74a042dbdfL, 0x2d4058575779dfa2L, 0x0e66cba70d2e6657L,
-      0x285d6745ca2e892eL, 0xf56a8def0f0e6b5fL, 0xe0ee851da30767c3L,
-      0x98c0565843346b9cL, 0xb35fce26d6b3c742L, 0xc0895bff39777e00L,
-      0x83c8f6a6e7b6d886L, 0xbee148434f02904bL, 0x7f74915b2e84ec34L,
-      0xbaaf663c96d10991L, 0x004b8757e41facc0L, 0xa2b880e56f86c029L,
-      0x53f4a3e095b77358L },
-    { 0x11bb08ce89fc48e7L, 0xba60c577afab5aebL, 0xf06bcbf8a0c1cb5aL,
-      0x7d2efaea79757cb6L, 0xe26d90b176319160L, 0x42aa1ab62b77b7a9L,
-      0x38eec0cd285df2bfL, 0xd35947f5f3a8f7f0L, 0x97c8dc0efc1cb5b5L,
-      0xfeb8cca0c45845cfL, 0x16e8d989249e26f2L, 0x7c264e6d483ed89aL,
-      0x13a3f14551d91073L, 0x8501562e305e99f0L, 0xaaf98d746908d563L,
-      0x0a99e653d723d236L },
-    { 0x23536f46abbc0559L, 0xc163067b9aa1a160L, 0x229fd2290c1681b5L,
-      0x61254be11378e907L, 0xc60ff57aab793a2dL, 0xa6f2df8b466552dbL,
-      0x9ad318938c170a36L, 0xc5cd9abe29b74d9aL, 0xcf747273f7848523L,
-      0xc126a93a0d0e3063L, 0xfe2021e34248e3d8L, 0xd97343ee8323ddfaL,
-      0x9f768775332639e7L, 0x9650fc3175325548L, 0xb595dbd13eebf7eaL,
-      0x3a95cb45010fcbc0L },
-    { 0x954e68cb39d7ff2eL, 0x8dd1cb4bc1d5c48fL, 0x02a92c777169438aL,
-      0x7965c0b091cad8ceL, 0x0c5798ab32cd08d2L, 0x1a5bc3c3a6902bdaL,
-      0x545d09255186d218L, 0xf0077cdbd27e64dbL, 0x0157caa48cd092daL,
-      0x2a2fa3a024532ab3L, 0xa5fb639b41ccaba3L, 0x01702dc14744aee6L,
-      0x485bb436cdba93daL, 0x93597f66329784f1L, 0x5d713c1ddad672c3L,
-      0x366d222e030b7245L },
-    { 0xd50b4875573ea5b2L, 0x0fce401ba90da44dL, 0x7b53fa657a1a0310L,
-      0x722a80a5cf114460L, 0x0b8ebf05a538bf49L, 0xae141147d32acd21L,
-      0x6692712c7b5ad07dL, 0x6dc5fee73f48ca07L, 0x98ed14992b8a78d8L,
-      0x4e8b3145dd2f1759L, 0x43408de15f971b8eL, 0x055ea6ddadf1b368L,
-      0x4bb76e73e5932b7eL, 0x44287153d30893fdL, 0x173dccd20661bfdaL,
-      0x9072ba9979defd25L },
-    { 0x474de4dd9620ea39L, 0xfbf1649fc831cee8L, 0x0b0e8bb1cd3a9c43L,
-      0x6a38286f3f3df1d5L, 0x4ed072b38f0ec9b3L, 0xa6e4c987729c09e3L,
-      0xea3e8ac68ad12242L, 0x6ae0e22bfbdfa5baL, 0x56171ecfb0a0f592L,
-      0x33b2886d6b871f8dL, 0x6b19bea935e11bdaL, 0x4d815a407f0f153fL,
-      0x7e608d977d6c02eeL, 0x7e8f23d9b6a88f46L, 0x26ac9652439d1654L,
-      0x8d92c6bd35546c29L },
-    { 0xb3e0d7ceabeb0ff7L, 0xfbe352543e0e42f8L, 0x57d1b226de808499L,
-      0x9ece2e1f1cd44bc3L, 0x1245adbc435cfee1L, 0x874ee840f93f581cL,
-      0x916a779cbda0b947L, 0xabcc815afa57ae0aL, 0x97adec2df0a621b0L,
-      0xbe6a502b81f90bdcL, 0x54bf9de153bde63dL, 0xa88fdabf78884c25L,
-      0x30aa52b1cbbb5470L, 0xf805396c29053ef5L, 0x8d43d8988dd827eaL,
-      0x4e4bec175c1ae5c0L },
-    { 0xbf8483a2fcc09676L, 0x457c4a3f19ea9a94L, 0xa6852ef3d702a5ddL,
-      0xe7915fd2843fe7d8L, 0x644bba9816e35158L, 0x8d1b95d09ed746f0L,
-      0x47704581b90af0b5L, 0x0bd4bc6bd4fd135eL, 0xa6dce067b4e833a5L,
-      0x2c0e8f30ff56a9a1L, 0xa9c80800ec2c63feL, 0x449c20a598f508a8L,
-      0x02b94cb33292813aL, 0x647e3d28ec7e81a2L, 0x72e67d1ab4877677L,
-      0x7a4aa3f56f9ded24L },
-    { 0x559ef1bae27a0045L, 0xdc812d4fb242cb50L, 0x23a478e439cf8d24L,
-      0x97544fc59b3f9c54L, 0x5ac68132affa1fcfL, 0x74f8fee034a2c83bL,
-      0x96cc640fcd3f4bb7L, 0x775dce9db0512ea6L, 0x67dca19dcdce381eL,
-      0xc1eeb3f3a9d3fe55L, 0x38e0bf421a19274fL, 0x15992fb428d69b12L,
-      0x48fcebde9fd09df8L, 0xdc9dfa4fb41ab5dfL, 0x0cbd7dc8c0a269c5L,
-      0x60282a7bf7f0ade1L },
-    { 0x7c07e538dceea2e7L, 0x38a322c83c42061dL, 0x676828f94f1f6516L,
-      0xf21b69fbc7776a10L, 0xc63a3417b5e6b405L, 0x4c99f25891a7b642L,
-      0x38692ca82cad1440L, 0xf1e82ffe00869bcdL, 0xc30b714e16fe466aL,
-      0x5fb742f919019138L, 0xe90166d00fa516aeL, 0x5550f7acd8c73a43L,
-      0x2d6a407dfbc5c372L, 0xe47a753968cc39edL, 0x3fd286d94a5fbe70L,
-      0x5f4ae9c723c6b942L },
-    { 0xd96a2dda53f4d561L, 0x286d45d016da1992L, 0x449a01fbfdd4b051L,
-      0x25488a0d9f2195eaL, 0xc4151b0aa37661b3L, 0xb98c471ef9e5ee02L,
-      0xa4bca86ea8658817L, 0xbbcadb877a68fc0aL, 0x88b346496b7366a9L,
-      0x32ee98d415661c2dL, 0xf5b3b4c6c901420cL, 0xa23527352f2752afL,
-      0x2f64ce73510e4d9cL, 0x939a7f26aca4aa80L, 0x9cd3e291401aa503L,
-      0x92a01423dc46afd2L },
-    { 0xe9f24be11c2f7dbdL, 0xda8c900fb7d527faL, 0x963e25bb8648f128L,
-      0x9ab713e248141941L, 0xe87f7d017a6756fbL, 0x274dd85e058d90bdL,
-      0x823fee7a82566abdL, 0x9f6230d774240195L, 0x04579f2cacb5e46eL,
-      0x2a22626316a4c87eL, 0x9ca19a43d99b0857L, 0x86dc2ba3e488789eL,
-      0xf960b5b99406c3bdL, 0x6f2c428b8960957eL, 0x90748706161c515bL,
-      0x0fc8fe1eaa88cb9bL },
-    { 0x68ae1bedfeb90f2dL, 0xf393bb3ca48b1559L, 0x2be62f9cf64e9635L,
-      0x354c2410f8be75c2L, 0xbd7ea7035e6f7529L, 0xc264868e162cab31L,
-      0xb1391e70c860f3ffL, 0xdf367c751d89837eL, 0xe150b6b42bf32941L,
-      0x95e8f46e78c1318fL, 0x2b3f1daba2c4b160L, 0xc6ccf5ce701afbf3L,
-      0x3ad275305e8874c5L, 0x39285e515dc6dcbeL, 0x3c954d86d99892ddL,
-      0x2d0ba862dfd3789fL },
-    { 0xeacd8ee8b472e1afL, 0xeb354eaeb76abbccL, 0x9b520bf8d0d93fbdL,
-      0xfccd60d7fe6fc706L, 0xa9353ddea4ee2f39L, 0x5eb0925e9a81e51eL,
-      0xee334da1d1366777L, 0xc1d28c9fd5354d69L, 0xb977175592a5ed54L,
-      0x5d3e367fb7f70d81L, 0x7be7eecaa933ae7aL, 0x264cf1f9e23cfbb7L,
-      0x0d129f4a89497681L, 0x705375a409b6235bL, 0xccf64c7548a376daL,
-      0x963c87124d41dbfcL },
-    { 0xbae290cbde36a814L, 0x9bdb0195733b12b5L, 0x0ebad867f77fe0e1L,
-      0x0a7d19fd29720ceaL, 0x434d76519029ec72L, 0x856aff17bb51911eL,
-      0xd0a25d9ad80a7f60L, 0xffca86aff848c106L, 0x53e8bdf943ad749cL,
-      0xfb9e0284e3e696bbL, 0x3eb6630aeeee4215L, 0x9d8fbb9e2ecf3c63L,
-      0x71da4ffa4e00c0c0L, 0xb296be595d57beacL, 0x1751fbada8cec7efL,
-      0x2d03eb3cff55d7bdL },
-    { 0xeb16925f04f2ec1dL, 0xa878f2760d147ee2L, 0x442df604aad9d9e0L,
-      0x891df44b3f71035bL, 0xc28272b38cb95d5bL, 0x6f14efb55ee8ed23L,
-      0xf3c4460f13b0f3e3L, 0x889f9bd76bd7335eL, 0x889ee771f755ba6eL,
-      0x626984feed219b6cL, 0x2d44c737ec2ee411L, 0xb94385a263efcd37L,
-      0xd909321b6637826bL, 0xc24f8a793ee6b7a7L, 0xa3ca8d24a7cf61b7L,
-      0x842e40c1c54bacd9L },
-    { 0x5a268ed6a661d843L, 0x02328cca4f5b30cdL, 0x16e6fed11311e177L,
-      0x690decb4c6695967L, 0xbdac5bf657b2e280L, 0x827f82ca1efe42d0L,
-      0xc554ec0aca5fca2fL, 0xac5276c1dde45506L, 0xb7f4cb08e3077513L,
-      0x8caf6d9acc8797ccL, 0xd59648140d9332d2L, 0xcc6ae297285a409fL,
-      0x7773c2a56223d093L, 0x2d5266ac5128fc09L, 0xa596b7cbbc31fe6cL,
-      0x0e63319acac91328L },
-    { 0xb5cd2fadf0360ac2L, 0x86b660de285e605aL, 0x82c6cf10e25b9b14L,
-      0x9d5fa38daa9ac554L, 0x3dfcf1b8526c070eL, 0x0379a96b3fccc52dL,
-      0xe3659c290bfcc7f5L, 0x5b1a3db569d3e6a1L, 0xb41528b59b7b42d5L,
-      0x934defa49c22a006L, 0x90f380189b4ce3b6L, 0xb073bc04b3abaf32L,
-      0x27a5a222ff8389e2L, 0x0b7a9d51ffa5a35bL, 0x4939ecef28e1a7c2L,
-      0x88839da21872705aL },
-    { 0x56b66c30701ce29aL, 0x3acaf12658981d50L, 0xd4dafc0c105f9f21L,
-      0xfee571e6373e3d13L, 0xe7269c86fa2ee3caL, 0xf5cca64add20385aL,
-      0x217f27573000e9acL, 0xc934db470e7273efL, 0x4294f4f7355b6776L,
-      0x1faa36b96fc05180L, 0x8f88b1dbb052190bL, 0x35791b90e9eaef52L,
-      0xf37fb2ebdb681b90L, 0x39d0a51d4415c369L, 0xfc59cca71d2e21c9L,
-      0x64128cfea1f50c26L },
-    { 0xf03678a2e8f5b0b5L, 0x5c7e249cd340f059L, 0x4144044193ca7cecL,
-      0x075ca346bc83af98L, 0xf39f0033faa8bbb0L, 0x3d18f0edf38230f7L,
-      0x78dff00cd448f345L, 0x849228c0d51aa475L, 0xdd4e270830c928d1L,
-      0xc66ba6868f12cfd3L, 0x091049db88b3a206L, 0xd865d059016dae01L,
-      0x4599e905e253e37dL, 0x322cf0c27ce9871bL, 0x014f54da174a132eL,
-      0x93634a09bdabcbdaL },
-    { 0x62826b27a9a2e304L, 0xc57e1866c1a4c124L, 0x913ab83222381710L,
-      0x7e9b6b85a9847cfeL, 0x29655cf12b5f46fdL, 0x7295572b8038e66dL,
-      0xe4cba6016fa95eabL, 0xbbc11071b9deda81L, 0x97f0009a3f1cf61eL,
-      0x5372777b373e0cfbL, 0x302f909cd139d63bL, 0x1ed672da4f87d78eL,
-      0x362077a3b4048763L, 0xc408c32d9dcc22b2L, 0x4b4c5bf226deeee7L,
-      0x266cb467bc06357eL },
-    { 0x6faa4154b56363e8L, 0x4b4fd0783c1aa4dbL, 0x14358dde2b9e6597L,
-      0x5b34ae3efa004b84L, 0xcf44b2ecf19911a6L, 0x55caa833a536bf78L,
-      0x606e1eb98870dc95L, 0xe3c3287d09f3511dL, 0x68b2f4eb9d5cf364L,
-      0xc154e89263ab8c9eL, 0x1548828ec36ab611L, 0x0932bfcba1b7d120L,
-      0x7ee7b5bc5315b8d7L, 0x782fd0d1f7473ac1L, 0xbcb029a83c8f2af3L,
-      0x4b1d5a1b52454ee1L },
-    { 0x12fe517463d52c0cL, 0x3735525e188c099dL, 0x5c621563360e3956L,
-      0x88b3f1caacfa5a43L, 0x90123a0a797e8107L, 0xba31f6b5b15e080aL,
-      0xd7de5e12fca3dadaL, 0x3287361b0df511c8L, 0x7cc800d465757d4eL,
-      0x10810f3d5207ec91L, 0x0d4e56f130eea0e3L, 0xbbf7ee133ea5a2ecL,
-      0x6fc07762be6abbd0L, 0xc831fdce120bf619L, 0xe07439fab622d42aL,
-      0x8186b93f508e4b27L },
-    { 0xc619d15409312867L, 0x7e042c05bfaf7db4L, 0xc1cf16681f5f5ddaL,
-      0x50aa5057a4fc3d82L, 0xed30ed65ce68b8feL, 0xecb01c0bbeb4d644L,
-      0x7b5dc444831c0497L, 0x351e6a009b7d9b1cL, 0x4bb863b9d9477c91L,
-      0xaba6589105d4110aL, 0x30086cf443580b7aL, 0xb139c07690be357eL,
-      0x12bfff1a27b5214eL, 0x79cfc6d722c3ab57L, 0x4743de57f34a9bfaL,
-      0x0bf97e97c9ee2b2aL },
-    { 0x96ec4ec8dda19e96L, 0x54ce18ea6c306e8bL, 0x7e83612b65f6918aL,
-      0x1ac6f68b0d9a0d99L, 0x98a697a462fdcc09L, 0x65ce25f195bc3e13L,
-      0x1896ecdab3939730L, 0x9eb81a0f32f12806L, 0xd3d7416e1d2dc7dfL,
-      0xe22c7976ad473599L, 0x3de37a9a9f5ef439L, 0x6b7ac0ab9e69d94eL,
-      0xe6bfa9e00a9d0bc8L, 0x576a870d5676f120L, 0x3bd91bb4feaac23fL,
-      0x8fe5482c3e40aabbL },
-    { 0x85ae67c2ce9a4d1eL, 0x4c3eb8034f1d2038L, 0x5c6c8f3a25d06192L,
-      0x803de0ad308fb41cL, 0x9961f5bce71c294eL, 0xdc62078df02eb0daL,
-      0xc87ef515b64ae8b6L, 0x69679f1e50b4d18fL, 0xc5c009a152199f43L,
-      0xa7d484be0f640a5fL, 0x4c918bb123dab566L, 0xa67c114c64275d2cL,
-      0x95a913b9cad2ded6L, 0x189ed18b6b4b5c8dL, 0x4aeb6206b42d3bf6L,
-      0x3928c669bbc8bc3fL },
-    { 0xde4bea4adacb4b64L, 0x03f62a44f26179a1L, 0xf3aac94e7a9112a4L,
-      0x90448fbdd36f331eL, 0x426042bc407b85c4L, 0x5ad8a5962121b77bL,
-      0x31674a4f67cee984L, 0x7fae8bbe4e3b2f0dL, 0x681df6dda7c930ebL,
-      0xadeefa98c259d0d4L, 0x1b14d9e6bea1c1fdL, 0x3baadc8b21d405d1L,
-      0xf01dff9373892754L, 0x81c35b3ef071cde4L, 0x1704d2e19150d0d9L,
-      0x6ccc888f355134f6L },
-    { 0xf8d36f0e7ad7504cL, 0xbca3265ff7959dddL, 0x0dcd1edefede67aaL,
-      0x1276f4cebaebf32fL, 0x6825a6e6014edcfcL, 0x0b8c1a8299ad8eb7L,
-      0x312024a909b8ce1eL, 0xcb8fd98b9cbd351aL, 0xa4841378fab1e8beL,
-      0x17ed0f5d3973cacfL, 0xa17e1484259d5254L, 0x53d5b84374b91393L,
-      0x8f792b211aca3ce9L, 0x035ff110c8c0f815L, 0x6afa6357ad4ed7bdL,
-      0x2f151980b26faef9L },
-    { 0x0c8631da29d2d439L, 0x121fbbc2bc039955L, 0x3e5a97926c05b75bL,
-      0x6d6cf4c0b6ce47ecL, 0xbaaa17679d88c658L, 0x031db9e7f3355a17L,
-      0x8381e3d80aef5a85L, 0xc71db29015a31bdfL, 0x638f6b749498fd7dL,
-      0x44edf3f913beeef6L, 0xe6173271f4ab67b3L, 0x3a202c70fd22df11L,
-      0xf7be0389205c4e92L, 0x1c219085a8eb9920L, 0x6c805ce8beb54aaaL,
-      0x354b05b70ac58d65L },
-    { 0x7171e2367a9170e9L, 0x01eec42d4cad50cdL, 0xffbe824f3cddccfbL,
-      0xa73e8ce3a66cae1aL, 0xb7138a7f965c7d01L, 0x00058e3f5c3d971eL,
-      0x52591ac32ff0a72bL, 0xa32fb5bcbbbce76fL, 0xf3241ab8a9f81a18L,
-      0xf31d3332eca68630L, 0x847af9fc4482f13bL, 0x6196e217a4681be2L,
-      0x9938f932e55efcf9L, 0x3e7dacb870acc705L, 0xd41be893cf09fac2L,
-      0x48dc55c4ae3523a1L },
-    { 0x8e623826a5092193L, 0xe46ec3626898970cL, 0x2f1356af25c9eb41L,
-      0x4178064083c7d245L, 0x982def6797d00e38L, 0x382eb6e7a512151cL,
-      0x154e10778af58869L, 0x187070758a51cf02L, 0xcdeba9f771313c58L,
-      0x5d67b973ba155904L, 0x851c9f4b1d0d7b3aL, 0x19f29d718b8af2cdL,
-      0xcb94ccff986b8d62L, 0x8725e24bb93b9c33L, 0x405ce4c566e38c68L,
-      0x5f6a8edd0b6dc021L },
-    { 0x83704ca58f9a8690L, 0x3f3697662f76a407L, 0xfbc12d8c69201028L,
-      0x4cd58f16bce3a4cfL, 0x7804664a04aab26dL, 0x005cfbba4ea457a8L,
-      0x537951b3b8a59794L, 0x4ca2b9e44fe1f739L, 0xe4428acddf325797L,
-      0x648da3420ea243dbL, 0xcce6562bf43ce01eL, 0x840f0421f27db490L,
-      0x156ccb708bfb7cf0L, 0x9b33480d5a8797d3L, 0x2e12e07a9eb814bbL,
-      0x1ca65072ca7f87acL },
-    { 0xfbb321cf2b9d25a0L, 0x66affdca40a746dbL, 0xc1c1530e59e368b5L,
-      0x56ed1ea47d80068fL, 0x9b74d8fe5647dd68L, 0x1d96b50789b78da8L,
-      0x39b752438bbe3391L, 0xef8d443e0d858c5fL, 0x4dd2db499646aa34L,
-      0x7fad3bd1e667543cL, 0xd0d710c068980985L, 0x9f7aff3249facabaL,
-      0x055dec1c14f9a192L, 0xaca663991fb307a1L, 0xac44fd9135ffff64L,
-      0x462cafb6cbad3ceeL },
-    { 0x1660a647de3237ddL, 0x95f735cc82b87404L, 0xf7879f59ddfa55f8L,
-      0x15ef043e726b914aL, 0x1875393d1c93e298L, 0xa1a2be746ef18331L,
-      0x4e7e8dfc25a9a12bL, 0xdfefc97da9c3917fL, 0xbc875d030a2ebe41L,
-      0x0f75d235a732d1ccL, 0x06fee7fed9baa6d3L, 0xaa784fab65f48576L,
-      0x23155e22513f83c0L, 0xd2fb77183e8f9d13L, 0x2a291503b546eafdL,
-      0x1293c98c6cd93608L },
-    { 0x7278125149d53b77L, 0xa6ab403d96eafac7L, 0xb7d7c7db4a36b711L,
-      0x8238c70887e771c1L, 0x495f6abf33b37522L, 0xb0b0289c8c87530dL,
-      0xca83cb86e77b111aL, 0xbe1c0fb8a1bd189eL, 0x58cfb2fb1ae9d7c7L,
-      0xd05c23c54940c3e8L, 0x16e79e4174ad9107L, 0xa0a47f05064e7142L,
-      0xc6929cd4fdfd614fL, 0xedb2584c3946988bL, 0x73e4b5f3e46f8fb1L,
-      0x53b79aa168ea94baL },
-    { 0x216fafce44bbb6a1L, 0xd3a5bba067821728L, 0xef1e4b30a9dd939aL,
-      0x022eaf3df19efafeL, 0xfed5abce7b4ec014L, 0x64968ee6512c6738L,
-      0x2311986929fe89a2L, 0x0d539d8d47397c05L, 0x6400bc54234596c4L,
-      0xb9287f585346611dL, 0x04099903c9d5da0fL, 0xe5ef4997c83af2a8L,
-      0xc89dc01b328151e1L, 0x150fb4a958401104L, 0x40a6f7d5f3872c9dL,
-      0x8290d6d156c2e833L },
-    { 0xf84637c6d8546946L, 0xda134a3969ec57faL, 0xd42359a4d789007eL,
-      0xb42557fe0dc7b809L, 0xe62ae52d2d6784a9L, 0xa2714ca60bcadb5fL,
-      0xcc208de633aafca5L, 0x2380ed5ced967811L, 0x6e6b55e9db321660L,
-      0x1bead02ca675235aL, 0x51cc6ef9b33fa0e1L, 0xfd223e26f06a2a08L,
-      0x00f332e1ec47b3cfL, 0x459f297ba0aa984eL, 0x6fa1d969ee952e14L,
-      0x506ef1ab304fabb0L },
-    { 0x11b4eb2735bff163L, 0x7130b96fea9fa984L, 0x66aceb3f9deb27ceL,
-      0xa2daf1a59dd1c3d5L, 0xf5090a7ea73075aaL, 0x36a6af39e3071b58L,
-      0xa28d633ddf73ad9cL, 0xdd354cacbdc89a16L, 0xdfea3423d4dcbc3cL,
-      0x6eec74d2379d92d1L, 0xe14a456f8eed6765L, 0xfabe7743fa8feb1fL,
-      0x1404ccf8b98fcbc7L, 0x6ccd2fbff71a706eL, 0xdaaf3fdb4d85c678L,
-      0x415b7dbf15200344L },
-    { 0x970105867d8377a7L, 0x068a3d68cb803272L, 0xfd67d289f03a4c32L,
-      0x4bc7095d93c8f290L, 0x712fa13ce9e5a2b8L, 0xfc6ac6c60feb9f3bL,
-      0x0cda36d96e0e54c2L, 0x4549975186320a01L, 0xf9318c9197f00f11L,
-      0x01dc4c3fe6936508L, 0x769a2ef985f068aaL, 0x3522cef0a2b5511cL,
-      0x006965edb4122e05L, 0xfce0fafcc175d43fL, 0x525dc9bdec831d59L,
-      0x1ec314f1af58879dL },
-    { 0x0663feef2c8310c2L, 0xaa7e14da457e3f74L, 0x392b10fce5346887L,
-      0xcde4a38f637ec2c5L, 0x50773320b542f8dfL, 0x341302f9f7de1711L,
-      0x018b1c63ae4b9bc6L, 0xf001c46edd2f9e6fL, 0xd3bb0a9726eccfa0L,
-      0xa931b99d7746e0c7L, 0xe0c8b6f7f5875aecL, 0xbb32f17c96939c82L,
-      0x765135d23de5a664L, 0x71936cb452abfa6bL, 0xad5cc08f2dc105deL,
-      0x17e91d127fff5788L },
-    { 0xbe92ced3b7e051caL, 0xc644d4fd19c776d4L, 0xc8ab4b520086784bL,
-      0x3ea66227ce9d6b31L, 0x395249a3d289e9c7L, 0x54509e65d12a19eeL,
-      0xa7bd46928c365aecL, 0x354997e477963e0eL, 0x0d765957b599732dL,
-      0x99584aeb91d4a3b6L, 0x6e653ea41deb3e28L, 0xca7c98ed572571dfL,
-      0xf301a38fb18ae1f9L, 0x1629f7c263f7b97eL, 0xdf242282afc4a0d5L,
-      0x118f3b4b3ddd0c01L },
-    { 0x74a0a0a87ad4762bL, 0x1aef84da8c58d175L, 0x16ff49604cf76d86L,
-      0xc0be87867e60d98bL, 0x83637ffb3ecc1dbaL, 0xc244a6095dd6147aL,
-      0xa3e178345b0846e5L, 0x735eb686e77a4c05L, 0x5bc18b4fdf758695L,
-      0x15618d0b1bdfe52fL, 0x878ecc0d00715ba1L, 0x1dbdbd1ac2dd617fL,
-      0x21d2b63121b61710L, 0x22ce8a7944f593c2L, 0x3b9b536a44f17024L,
-      0x01d0a67c8d03e727L },
-    { 0x7b9642361e46533cL, 0xe9477990fb88c2aeL, 0x019b5d16a42c4a18L,
-      0x7135e81dd83c7a45L, 0x74a69bdd4cb663e3L, 0x7b67ecdbe76c0d63L,
-      0x03d5452111e68da6L, 0x596cceb5d2e8650aL, 0xcd572dfd2af03b37L,
-      0x52364ba1fabd5952L, 0x7f47d456b4ed8569L, 0x5ad8b572c950d5d4L,
-      0xcadd2dfa486e2f84L, 0xdd527b43c56bb044L, 0xc9adba24997c08e6L,
-      0x1b625b067da6320fL },
-    { 0x44dfaa7b4fd8446dL, 0xc01b2f01af6febebL, 0xbf444388fe8838b5L,
-      0xf33c434fbba9758bL, 0x2b971cba87156bc9L, 0x6b245e5c1f49098bL,
-      0x87dcb5342b41c5ddL, 0xdb1f80c634d852d7L, 0x6d6e32582433da34L,
-      0xf66820653f7df0c2L, 0xc4ca567c360cb365L, 0x321faac29826656aL,
-      0x13f5ca6fbf069768L, 0x15397921a7076639L, 0xbdf143288400736eL,
-      0x333eca9619fc948dL },
-    { 0x23337948ac775d81L, 0x38c2518fd41dbbcaL, 0x623c7a4fbcfce948L,
-      0xaad3623654703fe7L, 0x2b3a13a413fb3b5bL, 0x5db3565a7f5c01f0L,
-      0xd72408dc52359661L, 0x5a17f8e51d616e91L, 0x90c16eebcb25b999L,
-      0xf35e8cf13393743eL, 0x987da74ae54b64a7L, 0x557b322a65cd449dL,
-      0x765082a537e7b15dL, 0x4d25c742f2cd134fL, 0xae9d9c074ccf0746L,
-      0x72fc21108728d135L },
-    { 0xa906b203f96004c8L, 0xd83f95cf458055ffL, 0xd77d586755f35909L,
-      0x4a9ea6fbe550c8eeL, 0x91c8cca955a06081L, 0x4a1fee78bce82062L,
-      0xeb9ade069a3df85eL, 0xfbbdcf0c7d3de666L, 0x228a391b5d336d51L,
-      0x760f8d285c2ffc3cL, 0x1ee48de32f7b165bL, 0x03803d8456177040L,
-      0xe573f6489deff9a0L, 0xe1a2738ea17e35a4L, 0x238ef17c8840a6c6L,
-      0x480946f8b11ed92dL },
-    { 0x84c747a8fd71f119L, 0x19e65c5e53eb3695L, 0x0e2f67866298587aL,
-      0x48a48899ab18d6f4L, 0xa1a99024c630b8c0L, 0x849750962caaf892L,
-      0xc8869abae20fd624L, 0x3b72b04d6c2b7dd4L, 0xe2775eb60992f7d0L,
-      0x0089c06e7d06e684L, 0xcb3b4361e4bbd007L, 0xa1ae666b4ba846e4L,
-      0xc01c2eb246464d9eL, 0xf86f2be6c1f8539fL, 0x16e8e8aecf68afc7L,
-      0x8dab61fdc7386902L },
-    { 0x42a5c903d54d1d45L, 0xacd4297eff4f9ba2L, 0x2d88b52034d478b4L,
-      0x35b2ba2b08c4621aL, 0xd3d239bb34865402L, 0x1de76aed911f32e6L,
-      0x877f8bcf3f06fdc2L, 0x802714c19ec51502L, 0xa10444eba590700dL,
-      0x8694229f31dcc957L, 0x5ece77abb8169fedL, 0x55be8a152caf080eL,
-      0x3eb21b14cbd7cef1L, 0x9def7ad167b97ee1L, 0xe03ca879118f690cL,
-      0x6f77e62df99b29e7L },
-    { 0xa271bdede40bbf59L, 0x177ba4536401aad6L, 0x1755e03573541cd1L,
-      0x3465b4664b71b02fL, 0x22eb7113a813359fL, 0x9792a8fd6f38eac7L,
-      0x11aa012fff3bf3b5L, 0x99aafabff85c3fbfL, 0x91e0a2ef06c0cc42L,
-      0x314d5d57773b7b3aL, 0xae5e2e76d669840aL, 0x861360732e5a8be6L,
-      0xee6d7578c1cf5580L, 0x2344e00f68bed102L, 0x799d78868184f0ebL,
-      0x63819c91c3d2cf80L },
-    { 0xca5392e17884b073L, 0x9ec3a1fceb1267eaL, 0x3d07f5f0907038a7L,
-      0xcb2ac07ce4c47b70L, 0xf96664ee1bf96b91L, 0xebf575892aea4fbfL,
-      0x5aabf391fade6500L, 0xc5b3376f171d1204L, 0x1ff60c51a0d3d81aL,
-      0x10b2cfe7976a844bL, 0xe131cc9abda6125aL, 0xe0fc16d34ebd453eL,
-      0xc0d0319a504b6bc1L, 0xe43a0be70a2f8cabL, 0xc80afeec55e49b47L,
-      0x67d48d128265d7eeL },
-    { 0x068d59a7ea2d56d6L, 0xd71abd0e27480a63L, 0x6bd11db0ae7366cdL,
-      0xfbb639ca07204ebcL, 0x89a242e7f77e6293L, 0xdee7ca2b75ba8c3dL,
-      0x472ddc3d64a2f9a8L, 0x84229df47561a010L, 0x95f62c85c5b649d4L,
-      0xfdd56b1b4dc927cdL, 0xfe8bb1205ee60596L, 0x3efcaa50abf29401L,
-      0xd4900d0f10d1c184L, 0x2cf113a928b01df5L, 0xa3d7ebc31f0e43f5L,
-      0x27950e38e8384dc7L },
-    { 0xeab21ff0e1d0fa79L, 0x4b9fd033048b5de9L, 0x4c9346892fe374cbL,
-      0xbb4827fa4eb21f6bL, 0x46716f79a925e7e7L, 0x1442bf367dd4c531L,
-      0x2073954cd2e96ddfL, 0x4e0141ae8502aa89L, 0x8ee00e1a8eef6cc9L,
-      0x55ce84915880cdafL, 0xff3aba5c69628046L, 0x335cc4f85d15dfbfL,
-      0xa7f0440c9f684f25L, 0xae80453fbb1e5bd8L, 0xa1c99813ff2225abL,
-      0x54ff788479b25d71L },
-    { 0x27c6ee30de40b068L, 0x9226465be6f3a51eL, 0xe24a4604fa3b21f6L,
-      0x50a5a5adc0418115L, 0xe32854418df90d2bL, 0xbb74e58fdcb0c00fL,
-      0xc68f1b3b4a2c08e3L, 0x339df0810ccd9ec9L, 0x915362dcb786ea9fL,
-      0x28945e31c955aeadL, 0xd6a2c01d8b6a6c6bL, 0x069e82dc3678a427L,
-      0x1787550028c9302cL, 0x8acda9659fa101e6L, 0x4e4e4573ee30b286L,
-      0x8adbad853f1830feL },
-    { 0x060ae11f0969d524L, 0xf42fdaf7f39bcc79L, 0x3cec67667cc1fcc2L,
-      0x456b9cf2e2336d4fL, 0x6aa1f5de8e1c0f7fL, 0xcdbc2ad20984fb0eL,
-      0x4090cfa61b464b28L, 0x40d86f301243f3efL, 0x95b16ccccd5e87e7L,
-      0x403f168c3026cd41L, 0xdbe386cb816c0730L, 0x14eb86f358407a1dL,
-      0xf588b4f81717e1afL, 0xb75c41a666cbc96cL, 0xf342c1aa027e71c1L,
-      0x73930036c0945e5fL },
-    { 0x954f757d22cdaf42L, 0x788b591df4181aabL, 0x8b986819f5514f25L,
-      0x69642e08f18fd5bcL, 0x92b305d1022ceb91L, 0x1715903e6a4f6985L,
-      0x4bd7d69d61179caeL, 0xdacdfd5dd29c01aaL, 0x705ddd5ad91108ccL,
-      0x434ac7b164ac8f15L, 0x61a514e1b524632fL, 0x45b9e61b731fc447L,
-      0xcf561348e0961b31L, 0x9c28a96773eaf223L, 0x5bd10182aa7c99d3L,
-      0x8bc6ec4ae42965e2L },
-    { 0xd096e5c0e7f2a32bL, 0xff54800c09388a30L, 0x06fe437c401e360cL,
-      0x6655fc9cbb6054a6L, 0x510e18608457aa6eL, 0xa0acfca22b29b2b7L,
-      0x732483e351b7da61L, 0xe31471ee6be6c8caL, 0xe565431c8b65c9a1L,
-      0xfc9ac3b948d65cbbL, 0xd308fc21ae9b2aa8L, 0xd6a7df0daa60aa6aL,
-      0x2844d96a982fc0d4L, 0xab012c2c5847a4d7L, 0x2b3c8f71dceb8955L,
-      0x8e85437dbe9c7e15L },
-};
-
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit tx[2 * 16];
-    sp_digit ty[2 * 16];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 16 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 16 * 2;
-        ty = td + 37 * 16 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 16);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 16);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_16(tx, ty, t);
-            sp_1024_proj_mul_qx1_16(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_16(tx, tx, t);
-        sp_1024_mont_mul_16(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef HAVE_INTEL_AVX2
-/* Multiply p* in projective coordinates by q*.
- *
- * r.x = p.x - (p.y * q.y)
- * r.y = (p.x * q.y) + p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * q   [in]      A single precision integer - multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_qx1_avx2_16(sp_digit* px, sp_digit* py,
-        const sp_digit* q, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = p.x * q.y */
-    sp_1024_mont_mul_avx2_16(t1, px, q, p1024_mod, p1024_mp_mod);
-    /* t2 = p.y * q.y */
-    sp_1024_mont_mul_avx2_16(t2, py, q, p1024_mod, p1024_mp_mod);
-    /* r.x = p.x - (p.y * q.y) */
-    sp_1024_mont_sub_avx2_16(px, px, t2, p1024_mod);
-    /* r.y = (p.x * q.y) + p.y */
-    sp_1024_mont_add_avx2_16(py, t1, py, p1024_mod);
-}
-
-/* Square p* in projective coordinates.
- *
- *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
- *   py' = 2 * p.x * p.y
- *
- * px  [in,out]  A single precision integer - X ordinate of number to square.
- * py  [in,out]  A single precision integer - Y ordinate of number to square.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_sqr_avx2_16(sp_digit* px, sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = p.x + p.y */
-    sp_1024_mont_add_avx2_16(t1, px, py, p1024_mod);
-    /* t2 = p.x - p.y */
-    sp_1024_mont_sub_avx2_16(t2, px, py, p1024_mod);
-    /* r.y = p.x * p.y */
-    sp_1024_mont_mul_avx2_16(py, px, py, p1024_mod, p1024_mp_mod);
-    /* r.x = (p.x + p.y) * (p.x - p.y) */
-    sp_1024_mont_mul_avx2_16(px, t1, t2, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * p.y) * 2 */
-    sp_1024_mont_dbl_avx2_16(py, py, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Simple square and multiply when expontent bit is one algorithm.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success and MEMORY_E if memory allocation fails.
- */
-static int sp_ModExp_Fp_star_avx2_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-    sp_digit* b;
-    sp_digit* e;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit tx[2 * 16];
-    sp_digit ty[2 * 16];
-    sp_digit b[2 * 16];
-    sp_digit e[2 * 16];
-#endif
-    sp_digit* r;
-    int err = MP_OKAY;
-    int bits;
-    int i;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 40 * 16 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 16 * 2;
-        ty = td + 37 * 16 * 2;
-        b  = td + 38 * 16 * 2;
-        e  = td + 39 * 16 * 2;
-#endif
-        r = ty;
-
-        bits = mp_count_bits(exp);
-        sp_1024_from_mp(b, 16, base);
-        sp_1024_from_mp(e, 16, exp);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 16);
-        sp_1024_mul_avx2_16(b, b, p1024_norm_mod);
-        err = sp_1024_mod_16(b, b, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(ty, b, sizeof(sp_digit) * 16);
-
-        for (i = bits - 2; i >= 0; i--) {
-            sp_1024_proj_sqr_avx2_16(tx, ty, t);
-            if ((e[i / 64] >> (i % 64)) & 1) {
-                sp_1024_proj_mul_qx1_avx2_16(tx, ty, b, t);
-            }
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_avx2_16(tx, tx, t);
-
-        XMEMSET(tx + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_avx2_16(tx, p1024_mod, p1024_mp_mod);
-        XMEMSET(ty + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_avx2_16(ty, p1024_mod, p1024_mp_mod);
-
-        sp_1024_mul_avx2_16(r, tx, ty);
-        err = sp_1024_mod_16(r, r, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#else
-/* Perform the modular exponentiation in Fp* for SAKKE.
- *
- * Base is fixed to be the g parameter - a precomputed table is used.
- *
- * Striping: 128 points at a distance of 8 combined.
- * Total of 256 points in table.
- * Square and multiply performed in Fp*.
- *
- * base  [in]   Base. MP integer.
- * exp   [in]   Exponent. MP integer.
- * res   [out]  Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-static int sp_ModExp_Fp_star_avx2_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td;
-    sp_digit* t;
-    sp_digit* tx;
-    sp_digit* ty;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit tx[2 * 16];
-    sp_digit ty[2 * 16];
-#endif
-    sp_digit* r = NULL;
-    unsigned char e[128];
-    int err = MP_OKAY;
-    int i;
-    int y;
-
-    (void)base;
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 38 * 16 * 2, NULL,
-                            DYNAMIC_TYPE_TMP_BUFFER);
-    if (td == NULL) {
-        err = MEMORY_E;
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t  = td;
-        tx = td + 36 * 16 * 2;
-        ty = td + 37 * 16 * 2;
-#endif
-        r = ty;
-
-        (void)mp_to_unsigned_bin_len(exp, e, 128);
-
-        XMEMCPY(tx, p1024_norm_mod, sizeof(sp_digit) * 16);
-        y  =  e[112] >> 7;
-        y |= (e[96] >> 7) << 1;
-        y |= (e[80] >> 7) << 2;
-        y |= (e[64] >> 7) << 3;
-        y |= (e[48] >> 7) << 4;
-        y |= (e[32] >> 7) << 5;
-        y |= (e[16] >> 7) << 6;
-        y |= (e[0] >> 7) << 7;
-        XMEMCPY(ty, sp_1024_g_table[y], sizeof(sp_digit) * 16);
-        for (i = 126; i >= 0; i--) {
-            y  =  (e[127 - (i / 8)] >> (i & 0x7)) & 1;
-            y |= ((e[111 - (i / 8)] >> (i & 0x7)) & 1) << 1;
-            y |= ((e[95 - (i / 8)] >> (i & 0x7)) & 1) << 2;
-            y |= ((e[79 - (i / 8)] >> (i & 0x7)) & 1) << 3;
-            y |= ((e[63 - (i / 8)] >> (i & 0x7)) & 1) << 4;
-            y |= ((e[47 - (i / 8)] >> (i & 0x7)) & 1) << 5;
-            y |= ((e[31 - (i / 8)] >> (i & 0x7)) & 1) << 6;
-            y |= ((e[15 - (i / 8)] >> (i & 0x7)) & 1) << 7;
-
-            sp_1024_proj_sqr_avx2_16(tx, ty, t);
-            sp_1024_proj_mul_qx1_avx2_16(tx, ty, sp_1024_g_table[y], t);
-        }
-    }
-
-    if (err == MP_OKAY) {
-        sp_1024_mont_inv_avx2_16(tx, tx, t);
-        sp_1024_mont_mul_avx2_16(r, tx, ty, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_avx2_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* HAVE_INTEL_AVX2 */
-/* Perform the modular exponentiation for SAKKE.
- *
- * base  Base. MP integer.
- * exp   Exponent. MP integer.
- * res   Result. MP integer.
- * returns 0 on success, MP_READ_E if there are too many bytes in an array
- * and MEMORY_E if memory allocation fails.
- */
-int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) {
-        err = sp_ModExp_Fp_star_avx2_1024(base, exp, res);
-    }
-    else
-#endif
-    {
-        err = sp_ModExp_Fp_star_x64_1024(base, exp, res);
-    }
-
-   return err;
-}
-
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_16(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_16(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_16(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_16(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_16(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_16(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_16(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_16(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_16(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    sp_1024_mont_inv_16(t1, p->z, t2);
-    sp_1024_mont_sqr_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_16(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 16);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 16;
-    sp_digit* pz2 = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* l   = t +  8 * 16;
-    sp_digit* ty  = t + 10 * 16;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_16(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_16(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_16(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_16(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_16(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_16(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_16(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_16(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_16(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_16(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_16(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_16(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_16(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_16(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_16(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_16(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_16(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_16(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_16(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_16(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* h   = t +  8 * 16;
-    sp_digit* r   = t + 10 * 16;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_16(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_16(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_16(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_16(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_16(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_16(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_16(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_16(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_16(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_16(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_16(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_16(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_16(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_16(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_16(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_16(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_16(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_16(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_16(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_16(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sp_Pairing_x64_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit qx_px[2 * 16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_16(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 16 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 16 * 2;
-        vy    = td + 37 * 16 * 2;
-        qx_px = td + 38 * 16 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-
-        sp_1024_mont_add_16(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_16(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 64] >> (i % 64)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_16(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        sp_1024_proj_sqr_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_16(vx, vx, t);
-        sp_1024_mont_mul_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_16(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 16;
-    sp_digit* rx = t +  4 * 16;
-    sp_digit* ry = t +  6 * 16;
-    sp_digit* h  = t +  8 * 16;
-    sp_digit* r  = t + 10 * 16;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_16(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_16(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_16(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_16(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_16(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_16(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_16(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_16(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_16(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_16(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_16(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_16(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_16(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_16(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_16(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_16(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_16(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_16(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_16(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_16(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_16(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_16(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_16(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_16(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_16(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_16(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_16(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_16(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_16(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 16;
-    sp_digit* pz2 = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* l   = t +  8 * 16;
-    sp_digit* ty  = t + 10 * 16;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_16(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_16(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_16(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_16(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_16(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_16(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_16(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_16(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_16(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_16(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_16(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_16(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_16(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_16(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_16(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_16(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_16(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_16(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_16(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_16(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_16(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_16(p->y, p->y, p1024_mod);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sp_Pairing_x64_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[32];
-    sp_digit (*pre_vy)[32];
-    sp_digit (*pre_nvy)[32];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit pre_vx[16][32];
-    sp_digit pre_vy[16][32];
-    sp_digit pre_nvy[16][32];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_16(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 16 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 16 * 2;
-        vy      = td + 37 * 16 * 2;
-        pre_vx  = (sp_digit(*)[32])(td + 38 * 16 * 2);
-        pre_vy  = (sp_digit(*)[32])(td + 54 * 16 * 2);
-        pre_nvy = (sp_digit(*)[32])(td + 70 * 16 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 16 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 16);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_mont_sub_16(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_accumulate_line_dbl_16(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 16);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 16);
-            sp_1024_proj_mul_16(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_16(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_16(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 16);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 16);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_16(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_16(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_16(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_16(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        sp_1024_proj_sqr_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_16(vx, vx, t);
-        sp_1024_mont_mul_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef HAVE_INTEL_AVX2
-/* Multiply p* by q* in projective coordinates.
- *
- *   p.x' = (p.x * q.x) - (p.y * q.y)
- *   p.y' = (p.x * q.y) + (p.y * q.x)
- * But applying Karatsuba:
- *   v0 = p.x * q.x
- *   v1 = p.y * q.y
- *   p.x' = v0 - v1
- *   p.y' = (px + py) * (qx + qy) - v0 - v1
- *
- * px  [in,out]  A single precision integer - X ordinate of number to multiply.
- * py  [in,out]  A single precision integer - Y ordinate of number to multiply.
- * qx  [in]      A single precision integer - X ordinate of number of
- *               multiplier.
- * qy  [in]      A single precision integer - Y ordinate of number of
- *               multiplier.
- * t   [in]      Two single precision integers - temps.
- */
-static void sp_1024_proj_mul_avx2_16(sp_digit* px, sp_digit* py,
-        const sp_digit* qx, const sp_digit* qy, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    /* t1 = px + py */
-    sp_1024_mont_add_avx2_16(t1, px, py, p1024_mod);
-    /* t2 = qx + qy */
-    sp_1024_mont_add_avx2_16(t2, qx, qy, p1024_mod);
-    /* t2 = (px + py) * (qx + qy) */
-    sp_1024_mont_mul_avx2_16(t2, t1, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = py * qy */
-    sp_1024_mont_mul_avx2_16(t1, py, qy, p1024_mod, p1024_mp_mod);
-    /* t2 = (px + py) * (qx + qy) - (py * qy) */
-    sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
-    /* px = px * qx */
-    sp_1024_mont_mul_avx2_16(px, px, qx, p1024_mod, p1024_mp_mod);
-    /* py = (px + py) * (qx + qy) - (py * qy) - (px * qx) */
-    sp_1024_mont_sub_avx2_16(py, t2, px, p1024_mod);
-    /* px = (px * qx) - (py * qy)*/
-    sp_1024_mont_sub_avx2_16(px, px, t1, p1024_mod);
-}
-
-#ifndef WOLFSSL_SP_SMALL
-/*
- * Convert point from projective to affine but keep in Montgomery form.
- *
- * p  [in,out]  Point to convert.
- * t  [in]      Temporary numbers: 2.
- */
-static void sp_1024_mont_map_avx2_16(sp_point_1024* p, sp_digit* t)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2 * 16;
-
-    sp_1024_mont_inv_avx2_16(t1, p->z, t2);
-    sp_1024_mont_sqr_avx2_16(t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(t1, t2, t1, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(p->x, p->x, t2, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_mul_avx2_16(p->y, p->y, t1, p1024_mod, p1024_mp_mod);
-    XMEMCPY(p->z, p1024_norm_mod, sizeof(sp_digit) * 16);
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-/*
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - 2 * p.y^2
- *   r.y = 2 * p.y * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 8 * p.y^2 * p.x
- *   p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4
- *   p'.z = 2 * p.y * p.z
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 16;
-    sp_digit* pz2 = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* l   = t +  8 * 16;
-    sp_digit* ty  = t + 10 * 16;
-
-    /* v = v^2 */
-    sp_1024_proj_sqr_avx2_16(vx, vy, t);
-    /* pz2 = p.z^2 */
-    sp_1024_mont_sqr_avx2_16(pz2, p->z, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + p.z^2 */
-    sp_1024_mont_add_avx2_16(ty, p->x, pz2, p1024_mod);
-    /* l = p.x - p.z^2 */
-    sp_1024_mont_sub_avx2_16(l, p->x, pz2, p1024_mod);
-    /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-    sp_1024_mont_mul_avx2_16(t1, l, ty, p1024_mod, p1024_mp_mod);
-    /* l = 3 * (p.x^2 - p.z^4) */
-    sp_1024_mont_tpl_avx2_16(l, t1, p1024_mod);
-    /* t1 = q.x * p.z^2 */
-    sp_1024_mont_mul_avx2_16(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x + q.x * p.z^2 */
-    sp_1024_mont_add_avx2_16(t1, p->x, t1, p1024_mod);
-    /* r.x = l * (p.x + q.x * p.z^2) */
-    sp_1024_mont_mul_avx2_16(rx, l, t1, p1024_mod, p1024_mp_mod);
-    /* r.y = 2 * p.y */
-    sp_1024_mont_dbl_avx2_16(ry, p->y, p1024_mod);
-    /* ty = 4 * p.y ^ 2 */
-    sp_1024_mont_sqr_avx2_16(ty, ry, p1024_mod, p1024_mp_mod);
-    /* t1 = 2 * p.y ^ 2 */
-    sp_1024_mont_div2_avx2_16(t1, ty, p1024_mod);
-    /* r.x -= 2 * (p.y ^ 2) */
-    sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
-    /* p'.z = p.y * 2 * p.z */
-    sp_1024_mont_mul_avx2_16(p->z, p->z, ry, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 */
-    sp_1024_mont_mul_avx2_16(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-    /* r.y = p'.z * p.z^2 * q.y */
-    sp_1024_mont_mul_avx2_16(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_avx2_16(vx, vy, rx, ry, t);
-
-    /* Double point using previously calculated values
-     *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-     *   ty = 4 * p.y^2
-     *   p'.z = 2 * p.y * p.z
-     */
-    /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
-    sp_1024_mont_sqr_avx2_16(t1, ty, p1024_mod, p1024_mp_mod);
-    /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_mont_div2_avx2_16(t1, t1, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x */
-    sp_1024_mont_mul_avx2_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 */
-    sp_1024_mont_sqr_avx2_16(p->x, l, p1024_mod, p1024_mp_mod);
-    /* p'.x = l^2 - 4 * p.y^2 * p.x */
-    sp_1024_mont_sub_avx2_16(p->x, p->x, p->y, p1024_mod);
-    /* p'.x = l^2 - 8 * p.y^2 * p.x */
-    sp_1024_mont_sub_avx2_16(p->x, p->x, p->y, p1024_mod);
-    /* p'.y = 4 * p.y^2 * p.x - p.x' */
-    sp_1024_mont_sub_avx2_16(ty, p->y, p->x, p1024_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l */
-    sp_1024_mont_mul_avx2_16(p->y, ty, l, p1024_mod, p1024_mp_mod);
-    /* p'.y = (4 * p.y^2 * p.x - p'.x) * l - 8 * p.y^4 */
-    sp_1024_mont_sub_avx2_16(p->y, p->y, t1, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Calculations:
- *   r.x = (q.x + p.x) * c.y - (q.x * c.z^2 + c.x) * p.y * c.z
- *   r.y = (c.x - p.x * c.z^2) * q.y * c.z
- *   v* = v* * r*
- *   r = p.y * c.z^3 - c.y
- *   c'.x = r^2 + h^3 - 2 * c.x * h^2
- *   c'.y = r * (c'.x - c.x * h^2) - c.y * h^3
- *   c'.z = (c.x - p.x * c.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in]      p      ECC point - point on E(F_p^2) to add.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      qx_px  SP that is a constant value across adds.
- * @param  [in]      t      SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_add_one_avx2_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* c, sp_point_1024* p, sp_point_1024* q, sp_digit* qx_px,
-        sp_digit* t)
-{
-    sp_digit* t1  = t;
-    sp_digit* t2  = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* h   = t +  8 * 16;
-    sp_digit* r   = t + 10 * 16;
-
-    /* r.x = (q.x + p.x) * c.y */
-    sp_1024_mont_mul_avx2_16(rx, qx_px, c->y, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_avx2_16(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_avx2_16(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_avx2_16(h, t1, c->x, p1024_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_avx2_16(ry, p->y, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_avx2_16(t1, h, ry, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z * c.z^2 = p.y * c.z^3  */
-    sp_1024_mont_mul_avx2_16(r, ry, t2, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_avx2_16(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = c.x - p.x * c.z^2 */
-    sp_1024_mont_sub_avx2_16(h, c->x, t1, p1024_mod);
-    /* c'.z = (c.x - p.x * c.z^2) * c.z */
-    sp_1024_mont_mul_avx2_16(c->z, h, c->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (c.x - p.x * c.z^2) * c.z * q.y */
-    sp_1024_mont_mul_avx2_16(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_avx2_16(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = c.x - p.x * c.z^2
-     *   r = p.y * c.z^3
-     *   c'.z = (c.x - p.x * c.z^2) * c.z
-     */
-
-    /* r = p.y * c.z^3 - c.y */
-    sp_1024_mont_sub_avx2_16(r, r, c->y, p1024_mod);
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_avx2_16(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_avx2_16(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * h^2 */
-    sp_1024_mont_mul_avx2_16(ry, c->x, rx, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_avx2_16(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c->x = r^2 + h^3 */
-    sp_1024_mont_add_avx2_16(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * h^2 */
-    sp_1024_mont_dbl_avx2_16(t1, ry, p1024_mod);
-    /* c'.x = r^2 + h^3 - 2 * c.x * h^2 */
-    sp_1024_mont_sub_avx2_16(c->x, c->x, t1, p1024_mod);
-    /* ry = c'.x - c.x * h^2 */
-    sp_1024_mont_sub_avx2_16(t1, c->x, ry, p1024_mod);
-    /* ry = r * (c'.x - c.x * h^2) */
-    sp_1024_mont_mul_avx2_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * h^3 */
-    sp_1024_mont_mul_avx2_16(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c'.x - c.x * h^2) - c.y * h^3 */
-    sp_1024_mont_sub_avx2_16(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static int sp_Pairing_avx2_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err = MP_OKAY;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit* qx_px;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit qx_px[2 * 16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-
-    err = sp_1024_point_new_16(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 39 * 16 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        vx    = td + 36 * 16 * 2;
-        vy    = td + 37 * 16 * 2;
-        qx_px = td + 38 * 16 * 2;
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_avx2_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-
-        sp_1024_mont_add_avx2_16(qx_px, q->x, p->x, p1024_mod);
-
-        for (i = 1020; i >= 0; i--) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_dbl_avx2_16(vx, vy, c, q, t);
-
-            if ((i > 0) && ((p1024_order[i / 64] >> (i % 64)) & 1)) {
-                /* Accumulate line into v and add P into C. */
-                sp_1024_accumulate_line_add_one_avx2_16(vx, vy, c, p, q, qx_px, t);
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_avx2_16(vx, vx, t);
-        sp_1024_mont_mul_avx2_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#else
-/*
- * Calculate gradient of line through C, P and -C-P, accumulate line and
- * add P to C.
- *
- * Both C and P have z ordinates to use in the calculation.
- *
- * Calculations:
- *   r.x  = (q.x * c.z^2 + c.x) * p.y * c.z - (q.x * p.z^2 + p.x) * c.y * p.z
- *   r.y  = (p.x * c.z^2 - c.x * p.z^2) * q.y * p.z * c.z
- *   v*   = v* * r*
- *   h    = p.x * c.z^2 - c.x * p.z^2
- *   r    = p.y * c.z^3 - c.y * p.z^3
- *   c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2
- *   c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3
- *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in,out]  c      ECC point - current point on E(F_p^2) to be added
- *                          to.
- * @param  [in,out]  p      ECC point - point on E(F_p^2) to add.
- * @param  [in,out]  q      ECC point - second point on E(F_P^2).
- * @param  [in,out]  t      SP temporaries (6 used).
- * @param  [in,out]  neg    Indicates to use negative P.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-static void sp_1024_accumulate_line_add_n_avx2_16(sp_digit* vx, sp_digit* vy,
-        const sp_point_1024* p, const sp_point_1024* q,
-        sp_point_1024* c, sp_digit* t, int neg)
-{
-    sp_digit* t1 = t;
-    sp_digit* t2 = t +  2 * 16;
-    sp_digit* rx = t +  4 * 16;
-    sp_digit* ry = t +  6 * 16;
-    sp_digit* h  = t +  8 * 16;
-    sp_digit* r  = t + 10 * 16;
-
-    /* h = p.z^2 */
-    sp_1024_mont_sqr_avx2_16(h, p->z, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 */
-    sp_1024_mont_mul_avx2_16(rx, q->x, h, p1024_mod, p1024_mp_mod);
-    /* rx = q.x * p.z^2 + p.x */
-    sp_1024_mont_add_avx2_16(t2, rx, p->x, p1024_mod);
-    /* c.y = c.y * p.z */
-    sp_1024_mont_mul_avx2_16(t1, c->y, p->z, p1024_mod, p1024_mp_mod);
-    /* r.x = (q.x * p.z^2 + p.x) * c.y * p.z */
-    sp_1024_mont_mul_avx2_16(rx, t2, t1, p1024_mod, p1024_mp_mod);
-    /* c.y = c.y * p.z^3 */
-    sp_1024_mont_mul_avx2_16(c->y, t1, h, p1024_mod, p1024_mp_mod);
-    /* t2 = c.z^2 */
-    sp_1024_mont_sqr_avx2_16(t2, c->z, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 */
-    sp_1024_mont_mul_avx2_16(t1, q->x, t2, p1024_mod, p1024_mp_mod);
-    /* t1 = q.x * c.z^2 + c.x */
-    sp_1024_mont_add_avx2_16(t1, t1, c->x, p1024_mod);
-    /* c.x = c.x * p.z^2 */
-    sp_1024_mont_mul_avx2_16(c->x, c->x, h, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z */
-    sp_1024_mont_mul_avx2_16(r, p->y, c->z, p1024_mod, p1024_mp_mod);
-    if (neg) {
-        /* r = -p.y * c.z */
-        sp_1024_mont_sub_avx2_16(r, p1024_mod, r, p1024_mod);
-    }
-    /* t1 = (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_mul_avx2_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* r.x -= (q.x * c.z^2 + c.x) * p.y * c.z */
-    sp_1024_mont_sub_avx2_16(rx, ry, rx, p1024_mod);
-    /* t1 = p.x * c.z^2 */
-    sp_1024_mont_mul_avx2_16(t1, p->x, t2, p1024_mod, p1024_mp_mod);
-    /* h = p.x * c.z^2 - c.x * p.z^2 */
-    sp_1024_mont_sub_avx2_16(h, t1, c->x, p1024_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z */
-    sp_1024_mont_mul_avx2_16(t1, h, c->z, p1024_mod, p1024_mp_mod);
-    /* c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z */
-    sp_1024_mont_mul_avx2_16(c->z, t1, p->z, p1024_mod, p1024_mp_mod);
-    /* r.y = (p.x * c.z^2 - c.x * p.z^2) * c.z * p.z * q.y */
-    sp_1024_mont_mul_avx2_16(ry, c->z, q->y, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 */
-    sp_1024_mont_mul_avx2_16(t1, r, t2, p1024_mod, p1024_mp_mod);
-    /* r = p.y * c.z^3 - c.y * p.z^3 */
-    sp_1024_mont_sub_avx2_16(r, t1, c->y, p1024_mod);
-    /* v = v * r */
-    sp_1024_proj_mul_avx2_16(vx, vy, rx, ry, t);
-
-    /* Add p to c using previously calculated values.
-     *   h = p.x * c.z^2 - c.x * p.z^2
-     *   r = p.y * c.z^3 - c.y * p.z^3
-     *   c'.z = (p.x * c.z^2 - c.x * p.z^2) * c.z
-     */
-
-    /* t1 = r^2 */
-    sp_1024_mont_sqr_avx2_16(t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = h^2 */
-    sp_1024_mont_sqr_avx2_16(rx, h, p1024_mod, p1024_mp_mod);
-    /* ry = c.x * p.z^2 * h^2 */
-    sp_1024_mont_mul_avx2_16(ry, rx, c->x, p1024_mod, p1024_mp_mod);
-    /* t2 = h^3 */
-    sp_1024_mont_mul_avx2_16(t2, rx, h, p1024_mod, p1024_mp_mod);
-    /* c'.x = r^2 - h^3 */
-    sp_1024_mont_sub_avx2_16(c->x, t1, t2, p1024_mod);
-    /* t1 = 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_dbl_avx2_16(t1, ry, p1024_mod);
-    /* c'.x = r^2 - h^3 - 2 * c.x * p.z^2 * h^2 */
-    sp_1024_mont_sub_avx2_16(c->x, c->x, t1, p1024_mod);
-    /* ry = c.x * p.z^2 * h^2 - c'.x */
-    sp_1024_mont_sub_avx2_16(t1, ry, c->x, p1024_mod);
-    /* ry = r * (c.x * p.z^2 * h^2 - c'.x) */
-    sp_1024_mont_mul_avx2_16(ry, t1, r, p1024_mod, p1024_mp_mod);
-    /* t2 = c.y * p.z^3 * h^3 */
-    sp_1024_mont_mul_avx2_16(t1, t2, c->y, p1024_mod, p1024_mp_mod);
-    /* c'.y = r * (c.x * p.z^2 * h^2 - c'.x) - c.y * p.z^3 * h^3 */
-    sp_1024_mont_sub_avx2_16(c->y, ry, t1, p1024_mod);
-}
-
-/*
- * Perform n accumulate doubles and doubles of P.
- *
- * py = 2 * p.y
- *
- * For each double:
- * Calculate gradient of line through P, P and [-2]P, accumulate line and
- * double P.
- *
- * Calculations:
- *   l = 3 * (p.x^2 - p.z^4) = 3 * (p.x - p.z^2) * (p.x + p.z^2)
- *   r.x = l * (p.x + q.x * p.z^2) - py^2 / 2
- *   r.y = py * p.z^3 * q.y (= p'.z * p.z^2 * q.y)
- *   v* = v*^2 * r*
- *   p'.x = l^2 - 2 * py^2 * p.x
- *   py' = (py^2 * p.x - p'.x) * l - py^4 (= 2 * p'.y)
- *   p'.z = py * p.z
- *
- * Finally:
- *   p'.y = py' / 2
- *
- * @param  [in,out]  vx  X-ordinate of projective value in F*.
- * @param  [in,out]  vy  Y-ordinate of projective value in F*.
- * @param  [in,out]  p   ECC point - point on E(F_p^2) to double.
- * @param  [in]      q   ECC point - second point on E(F_P^2).
- * @param  [in]      n   Number of times to double.
- * @param  [in]      t   SP temporaries (6 used).
- */
-static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy,
-        sp_point_1024* p, const sp_point_1024* q, int n, sp_digit* t)
-{
-    sp_digit* t1  = t +  0 * 16;
-    sp_digit* pz2 = t +  2 * 16;
-    sp_digit* rx  = t +  4 * 16;
-    sp_digit* ry  = t +  6 * 16;
-    sp_digit* l   = t +  8 * 16;
-    sp_digit* ty  = t + 10 * 16;
-    int i;
-
-    /* py = 2 * p.y */
-    sp_1024_mont_dbl_avx2_16(p->y, p->y, p1024_mod);
-
-    for (i = 0; i < n; i++) {
-        /* v = v^2 */
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-        /* pz2 = p.z^2 */
-        sp_1024_mont_sqr_avx2_16(pz2, p->z, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + p.z^2 */
-        sp_1024_mont_add_avx2_16(t1, p->x, pz2, p1024_mod);
-        /* l = p.x - p.z^2 */
-        sp_1024_mont_sub_avx2_16(l, p->x, pz2, p1024_mod);
-        /* t1 = (p.x + p.z^2) * (p.x - p.z^2) = p.x^2 - p.z^4 */
-        sp_1024_mont_mul_avx2_16(ty, l, t1, p1024_mod, p1024_mp_mod);
-        /* l = 3 * (p.x^2 - p.z^4) */
-        sp_1024_mont_tpl_avx2_16(l, ty, p1024_mod);
-        /* t1 = q.x * p.z^2 */
-        sp_1024_mont_mul_avx2_16(t1, q->x, pz2, p1024_mod, p1024_mp_mod);
-        /* t1 = p.x + q.x * p.z^2 */
-        sp_1024_mont_add_avx2_16(t1, p->x, t1, p1024_mod);
-        /* r.x = l * (p.x + q.x * p.z^2) */
-        sp_1024_mont_mul_avx2_16(rx, l, t1, p1024_mod, p1024_mp_mod);
-        /* ty = py ^ 2 */
-        sp_1024_mont_sqr_avx2_16(ty, p->y, p1024_mod, p1024_mp_mod);
-        /* t1 = py ^ 2 / 2 */
-        sp_1024_mont_div2_avx2_16(t1, ty, p1024_mod);
-        /* r.x -= py ^ 2 / 2 */
-        sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
-        /* p'.z = py * pz */
-        sp_1024_mont_mul_avx2_16(p->z, p->z, p->y, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 */
-        sp_1024_mont_mul_avx2_16(t1, p->z, pz2, p1024_mod, p1024_mp_mod);
-        /* r.y = p'.z * p.z^2 * q.y */
-        sp_1024_mont_mul_avx2_16(ry, t1, q->y, p1024_mod, p1024_mp_mod);
-        /* v = v^2 * r */
-        sp_1024_proj_mul_avx2_16(vx, vy, rx, ry, t);
-
-        /* Double point using previously calculated values
-         *   l = 3 * (p.x - p.z^2).(p.x + p.z^2)
-         *   ty = py^2
-         *   p'.z = py * p.z
-         */
-        /* t1 = py^2 ^ 2 = py^4 */
-        sp_1024_mont_sqr_avx2_16(t1, ty, p1024_mod, p1024_mp_mod);
-        /* py' = py^2 * p. x */
-        sp_1024_mont_mul_avx2_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 */
-        sp_1024_mont_sqr_avx2_16(p->x, l, p1024_mod, p1024_mp_mod);
-        /* p'.x = l^2 - py^2 * p.x */
-        sp_1024_mont_sub_avx2_16(p->x, p->x, p->y, p1024_mod);
-        /* p'.x = l^2 - 2 * p.y^2 * p.x */
-        sp_1024_mont_sub_avx2_16(p->x, p->x, p->y, p1024_mod);
-        /* py' = py^2 * p.x - p.x' */
-        sp_1024_mont_sub_avx2_16(ty, p->y, p->x, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l */
-        sp_1024_mont_mul_avx2_16(p->y, ty, l, p1024_mod, p1024_mp_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 */
-        sp_1024_mont_dbl_avx2_16(p->y, p->y, p1024_mod);
-        /* py' = (p.y^2 * p.x - p'.x) * l * 2 - p.y^4 */
-        sp_1024_mont_sub_avx2_16(p->y, p->y, t1, p1024_mod);
-    }
-
-    /* p'.y = py' / 2 */
-    sp_1024_mont_div2_avx2_16(p->y, p->y, p1024_mod);
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * @param  [in]  pm   First point on E(F_p)[q].
- * @param  [in]  qm   Second point on E(F_p)[q].
- * @param  [in]  res  Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sp_Pairing_avx2_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[32];
-    sp_digit (*pre_vy)[32];
-    sp_digit (*pre_nvy)[32];
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit pre_vx[16][32];
-    sp_digit pre_vy[16][32];
-    sp_digit pre_nvy[16][32];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-
-    err = sp_1024_point_new_16(NULL, pd, p);
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 16 * 2 + 16 * sizeof(sp_point_1024), NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 16 * 2;
-        vy      = td + 37 * 16 * 2;
-        pre_vx  = (sp_digit(*)[32])(td + 38 * 16 * 2);
-        pre_vy  = (sp_digit(*)[32])(td + 54 * 16 * 2);
-        pre_nvy = (sp_digit(*)[32])(td + 70 * 16 * 2);
-        pre_p   = (sp_point_1024*)(td + 86 * 16 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_avx2_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 16);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_mont_sub_avx2_16(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_accumulate_line_dbl_avx2_16(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(&pre_p[i], &pre_p[i-1], sizeof(sp_point_1024));
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 16);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 16);
-            sp_1024_proj_mul_avx2_16(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_avx2_16(pre_vx[i], pre_vy[i], c,
-                    q, &pre_p[i], t, 0);
-            sp_1024_mont_sub_avx2_16(pre_nvy[i], p1024_mod, pre_vy[i], p1024_mod);
-        }
-
-        j = sp_1024_order_op[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 16);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 16);
-
-        /* Accumulate line into v and double point n times. */
-        sp_1024_accumulate_line_dbl_n_avx2_16(vx, vy, c, q,
-                sp_1024_order_op[1], t);
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_avx2_16(vx, vy, pre_vx[j], pre_vy[j], t);
-                sp_1024_accumulate_line_add_n_avx2_16(vx, vy, &pre_p[j], q, c,
-                    t, 0);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v and add P into C. */
-                sp_1024_proj_mul_avx2_16(vx, vy, pre_vx[j], pre_nvy[j], t);
-                sp_1024_accumulate_line_add_n_avx2_16(vx, vy, &pre_p[j], q, c,
-                    t, 1);
-            }
-
-            /* Accumulate line into v and double point n times. */
-            sp_1024_accumulate_line_dbl_n_avx2_16(vx, vy, c, q,
-                    sp_1024_order_op[i + 1], t);
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_avx2_16(vx, vx, t);
-        sp_1024_mont_mul_avx2_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_avx2_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* HAVE_INTEL_AVX2 */
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) {
-        err = sp_Pairing_avx2_1024(pm, qm, res);
-    }
-    else
-#endif
-    {
-        err = sp_Pairing_x64_1024(pm, qm, res);
-    }
-
-   return err;
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sp_Pairing_precomp_x64_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_x64_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_16(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 16;
-    sp_digit* t2 = t + 34 * 2 * 16;
-    sp_digit* l  = t + 35 * 2 * 16;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_16(l, py, p1024_mod);
-    sp_1024_mont_inv_16(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_16(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_16(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_16(t2, t1, p1024_mod);
-    sp_1024_mont_add_16(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_16(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_16(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_16(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 16);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 16);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_16(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 16;
-    sp_digit* c  = t + 34 * 2 * 16;
-    sp_digit* l  = t + 35 * 2 * 16;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_16(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_16(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_16(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_16(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_16(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_16(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_16(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_16(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 16);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 16);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_16(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 16;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_16(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_16(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_16(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_16(vx, vy, rx, q->y, t);
-}
-
-/* Operations to perform based on order - 1.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pairs: #dbls, add/subtract window value
- */
-static const signed char sp_1024_order_op_pre[] = {
-   5,   6, -13,   9, -21,   6,  -5,   8,  31,   6,   3,   6, -27,   6,  25,   9,
-  -1,   6, -11,   6, -13,   6,  -7,   6, -15,   6, -29,   7,  25,   6,  -9,   6,
- -19,   7,   3,   6,  11,   9, -23,   6,   1,   6,  27,   6,   1,   7, -25,   8,
-  13,   7, -13,   7, -23,  10,  19,   7,   7,   7,  -3,   7,  27,   6,  -7,   7,
- -21,   7,  11,   7,  31,   8,   1,   7, -23,   6, -17,   6,  -3,  10,  11,   6,
- -21,   7, -27,  11, -29,   6,  -1,  10,  15,   8,  27,   7,  17,   6,  17,   7,
- -13,   8,  13,   6,  21,   7, -29,   6,  19,   7, -25,   6,  11,   9,  29,   7,
-  -7,   8,  27,   7,  29,  10,  -1,   8,  -7,   8,  17,   6,  17,   7, -27,   7,
- -21,   6,  -9,   6, -27,  12, -23,   6,  19,   6,  13,   6, -11,   7,  27,   6,
-  17,   6,  -7,   6, -25,   7, -29,   6,   9,   7,   7,   6,  13,   6, -25,   6,
- -19,   6,  13,   6, -11,   6,   5,   8,  19,   6, -21,   8,  23,   7,  27,   6,
- -13,   6, -19,  11,  29,   7, -15,   6,  -9,   7, -21,  10,  -3,   7,  21,  10,
-  25,   6, -15,   6, -23,   6,  21,   6,   1,   6,  21,   7,  -3,   6,  -3,   7,
-  -7,   6, -23,   7,   7,   8,  15,   9,   5,   6, -11,   6,  21,  11, -27,   7,
-  27,   6, -11,   6,  31,   6, -21,   6,  19,   6,  -7,   8,  -7,  13,  -3,   6,
-  -7,   7,  -3,   6,   1,   6,   7,   8,  19,   8,  11,   9,  -9,   7, -31,  12,
-  25,   6, -17,   9, -15,   7,   5,   6,  25,   7,  -5,   7, -25,   6,  17,   8,
- -19,   6, -13,   6,  27,   8,   1,   7,  -5,   7,  -1,   6,  21,   6,   3,  10,
-  -3,   1,
-};
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-static int sp_Pairing_gen_precomp_x64_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 16 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 16 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_16(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_16(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_16(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_16(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_16(c, c, t);
-            sp_1024_mont_map_16(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_16(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_16(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_16(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_16(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_16(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_16(c, c, neg, t);
-                sp_1024_mont_map_16(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_16(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_16(c, c, t);
-                sp_1024_mont_map_16(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(neg, 1, NULL);
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sp_Pairing_precomp_x64_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[32];
-    sp_digit (*pre_vy)[32];
-    sp_digit (*pre_nvy)[32];
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit pre_vx[16][32];
-    sp_digit pre_vy[16][32];
-    sp_digit pre_nvy[16][32];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 16 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 16 * 2;
-        vy      = td + 37 * 16 * 2;
-        pre_vx  = (sp_digit(*)[32])(td + 38 * 16 * 2);
-        pre_vy  = (sp_digit(*)[32])(td + 54 * 16 * 2);
-        pre_nvy = (sp_digit(*)[32])(td + 70 * 16 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 16);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_mont_sub_16(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_accumulate_line_dbl_16(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 16);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 16);
-            sp_1024_proj_mul_16(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_16(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_16(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 16);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 16);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 16);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_16(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_16(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_16(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_16(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_16(vx, vy, t);
-        sp_1024_proj_sqr_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_16(vx, vx, t);
-        sp_1024_mont_mul_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef HAVE_INTEL_AVX2
-#ifdef WOLFSSL_SP_SMALL
-/*
- * Generate table for pairing.
- *
- * Small implementation does not use a table - returns 0 length.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- */
-static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-
-    if (table == NULL) {
-        *len = 0;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-    else if (*len != 0) {
-        err = BUFFER_E;
-    }
-
-    (void)*pm;
-
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Small implementation does not use a table - use the normal implementation.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sp_Pairing_precomp_avx2_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    (void)table;
-    (void)len;
-    return sp_Pairing_avx2_1024(pm, qm, res);
-}
-
-#else
-/*
- * Calc l and c for the point when doubling p.
- *
- * l = 3 * (p.x^2 - 1) / (2 * p.y)
- * c = l * p.x - p.y
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to double.
- * @param  [in]   py  Y-ordinate of point to double.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_dbl_calc_lc_avx2_16(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 16;
-    sp_digit* t2 = t + 34 * 2 * 16;
-    sp_digit* l  = t + 35 * 2 * 16;
-
-    /* l = 1 / 2 * p.y */
-    sp_1024_mont_dbl_avx2_16(l, py, p1024_mod);
-    sp_1024_mont_inv_avx2_16(l, l, t);
-
-    /* t1 = p.x^2 */
-    sp_1024_mont_sqr_avx2_16(t1, px, p1024_mod, p1024_mp_mod);
-    /* t1 = p.x - 1 */
-    sp_1024_mont_sub_avx2_16(t1, t1, p1024_norm_mod, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) */
-    sp_1024_mont_dbl_avx2_16(t2, t1, p1024_mod);
-    sp_1024_mont_add_avx2_16(t1, t1, t2, p1024_mod);
-    /* t1 = 3 * (p.x^2 - 1) / (2 * p.y) */
-    sp_1024_mont_mul_avx2_16(l, l, t1, p1024_mod, p1024_mp_mod);
-    /* t2 = l * p.x */
-    sp_1024_mont_mul_avx2_16(t2, l, px, p1024_mod, p1024_mp_mod);
-    /* c = t2 = l * p.x - p.y */
-    sp_1024_mont_sub_avx2_16(t2, t2, py, p1024_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 16);
-    XMEMCPY(cr, t2, sizeof(sp_digit) * 16);
-}
-
-/*
- * Calc l and c when adding p and c.
- *
- * l = (c.y - p.y) / (c.x - p.x)
- * c = (p.x * c.y - cx * p.y) / (cx - p.x)
- *
- * @param  [out]  lr  Gradient result - table entry.
- * @param  [out]  cr  Constant result - table entry.
- * @param  [in]   px  X-ordinate of point to add.
- * @param  [in]   py  Y-ordinate of point to add.
- * @param  [in]   cx  X-ordinate of current point.
- * @param  [in]   cy  Y-ordinate of current point.
- * @param  [in]   t   SP temporaries (3 used).
- */
-static void sp_1024_accum_add_calc_lc_avx2_16(sp_digit* lr, sp_digit* cr,
-        const sp_digit* px, const sp_digit* py, const sp_digit* cx,
-        const sp_digit* cy, sp_digit* t)
-{
-    sp_digit* t1 = t + 33 * 2 * 16;
-    sp_digit* c  = t + 34 * 2 * 16;
-    sp_digit* l  = t + 35 * 2 * 16;
-
-    /* l = 1 / (c.x - p.x) */
-    sp_1024_mont_sub_avx2_16(l, cx, px, p1024_mod);
-    sp_1024_mont_inv_avx2_16(l, l, t);
-
-    /* c = p.x * c.y */
-    sp_1024_mont_mul_avx2_16(c, px, cy, p1024_mod, p1024_mp_mod);
-    /* t1 = c.x * p.y */
-    sp_1024_mont_mul_avx2_16(t1, cx, py, p1024_mod, p1024_mp_mod);
-    /* c = (p.x * c.y) - (c.x * p.y) */
-    sp_1024_mont_sub_avx2_16(c, c, t1, p1024_mod);
-    /* c = ((p.x * c.y) - (c.x * p.y)) / (c.x - p.x) */
-    sp_1024_mont_mul_avx2_16(c, c, l, p1024_mod, p1024_mp_mod);
-    /* t1 = c.y - p.y */
-    sp_1024_mont_sub_avx2_16(t1, cy, py, p1024_mod);
-    /* l = (c.y - p.y) / (c.x - p.x) */
-    sp_1024_mont_mul_avx2_16(l, t1, l, p1024_mod, p1024_mp_mod);
-
-    XMEMCPY(lr, l, sizeof(sp_digit) * 16);
-    XMEMCPY(cr, c, sizeof(sp_digit) * 16);
-}
-
-/*
- * Calculate vx and vy given gradient l and constant c and point q.
- *
- * l is a the gradient and is multiplied by q->x.
- * c is a the constant that is added to the multiplicative result.
- * q->y is the y-ordinate in result to multiply.
- *
- * if dbl
- *   v*  = v*^2
- * r.x = l * q.x + c
- * r.y = q->y
- * v*  = v* * r*
- *
- * @param  [in,out]  vx     X-ordinate of projective value in F*.
- * @param  [in,out]  vy     Y-ordinate of projective value in F*.
- * @param  [in]      l      Gradient to multiply with.
- * @param  [in]      c      Constant to add with.
- * @param  [in]      q      ECC point - second point on E(F_P^2).
- * @param  [in]      t      SP temporaries (3 used).
- * @param  [in]      dbl    Indicates whether this is for doubling. Otherwise
- *                          adding.
- */
-static void sp_1024_accumulate_line_lc_avx2_16(sp_digit* vx, sp_digit* vy,
-        const sp_digit* l, const sp_digit* c, const sp_point_1024* q,
-        sp_digit* t, int dbl)
-{
-    sp_digit* rx = t + 4 * 2 * 16;
-
-    /* v = v^2 */
-    if (dbl) {
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-    }
-    /* rx = l * q.x + c */
-    sp_1024_mont_mul_avx2_16(rx, l, q->x, p1024_mod, p1024_mp_mod);
-    sp_1024_mont_add_avx2_16(rx, rx, c, p1024_mod);
-    /* v = v^2 * r */
-    sp_1024_proj_mul_avx2_16(vx, vy, rx, q->y, t);
-}
-
-
-/*
- * Generate table for pairing.
- *
- * Calculate the graident (l) and constant (c) at each step of the way.
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- *
- * pm     [in]      Point to generate table for.
- * table  [in]      Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          LENGTH_ONLY_E when table is NULL and only length returned.
- *          BUFFER_E when len is too small.
- *          MEMORY_E when dynamic memory allocation fauls.
- */
-static int sp_Pairing_gen_precomp_avx2_1024(const ecc_point* pm, byte* table,
-        word32* len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_point_1024* pre_p;
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_point_1024 pre_p[16];
-    sp_point_1024 pd;
-    sp_point_1024 cd;
-    sp_point_1024 negd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* c = NULL;
-    sp_point_1024* neg = NULL;
-    int i;
-    int j;
-    int k;
-    sp_table_entry_1024* precomp = (sp_table_entry_1024*)table;
-
-    if (table == NULL) {
-        *len = sizeof(sp_table_entry_1024) * 1167;
-        err = WC_NO_ERR_TRACE(LENGTH_ONLY_E);
-    }
-
-    if ((err == MP_OKAY) &&
-            (*len < (int)(sizeof(sp_table_entry_1024) * 1167))) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, negd, neg);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 36 * 16 * 2 + 16 *
-            sizeof(sp_point_1024), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t     = td;
-        pre_p = (sp_point_1024*)(td + 36 * 16 * 2);
-#endif
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-
-        err = sp_1024_mod_mul_norm_avx2_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        XMEMCPY(p->z, p1024_norm_mod, sizeof(p1024_norm_mod));
-        neg->infinity = 0;
-        c->infinity = 0;
-
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMCPY(&pre_p[0], p, sizeof(sp_point_1024));
-        /* [2]P for adding */
-        sp_1024_proj_point_dbl_avx2_16(c, p, t);
-
-        /* 1, 3, ... */
-        for (i = 1; i < 16; i++) {
-            sp_1024_proj_point_add_avx2_16(&pre_p[i], &pre_p[i-1], c, t);
-            sp_1024_mont_map_avx2_16(&pre_p[i], t);
-        }
-
-        k = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(c, &pre_p[j], sizeof(sp_point_1024));
-
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            sp_1024_accum_dbl_calc_lc_avx2_16(precomp[k].x, precomp[k].y, c->x,
-                c->y, t);
-            k++;
-            sp_1024_proj_point_dbl_avx2_16(c, c, t);
-            sp_1024_mont_map_avx2_16(c, t);
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                sp_1024_accum_add_calc_lc_avx2_16(precomp[k].x, precomp[k].y,
-                    pre_p[j/2].x, pre_p[j/2].y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_avx2_16(c, c, &pre_p[j/2], t);
-                sp_1024_mont_map_avx2_16(c, t);
-            }
-            else {
-                XMEMCPY(neg->x, pre_p[-j / 2].x, sizeof(pre_p->x));
-                sp_1024_mont_sub_avx2_16(neg->y, p1024_mod, pre_p[-j / 2].y,
-                        p1024_mod);
-                XMEMCPY(neg->z, pre_p[-j / 2].z, sizeof(pre_p->z));
-
-                sp_1024_accum_add_calc_lc_avx2_16(precomp[k].x, precomp[k].y,
-                    neg->x, neg->y, c->x, c->y, t);
-                k++;
-                sp_1024_proj_point_add_avx2_16(c, c, neg, t);
-                sp_1024_mont_map_avx2_16(c, t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                sp_1024_accum_dbl_calc_lc_avx2_16(precomp[k].x, precomp[k].y, c->x,
-                    c->y, t);
-                k++;
-                sp_1024_proj_point_dbl_avx2_16(c, c, t);
-                sp_1024_mont_map_avx2_16(c, t);
-            }
-        }
-
-        *len = sizeof(sp_table_entry_1024) * 1167;
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(neg, 1, NULL);
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * Sliding window. Start at bottom and stop when bottom bit is one.
- * Subtract if top bit in window is one.
- * Width of 6 bits.
- * Pre-generate values in window (1, 3, ...) - only V.
- * Table contains all gradient l and a constant for each point on the path.
- *
- * @param  [in]  pm     First point on E(F_p)[q].
- * @param  [in]  qm     Second point on E(F_p)[q].
- * @param  [in]  res    Result of calculation.
- * @param  [in]  table  Precomputed table of values.
- * @param  [in]  len    Length of precomputed table of values in bytes.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- */
-static int sp_Pairing_precomp_avx2_1024(const ecc_point* pm, const ecc_point* qm,
-    mp_int* res, const byte* table, word32 len)
-{
-    int err = 0;
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    sp_digit* td = NULL;
-    sp_digit* t;
-    sp_digit* vx;
-    sp_digit* vy;
-    sp_digit (*pre_vx)[32];
-    sp_digit (*pre_vy)[32];
-    sp_digit (*pre_nvy)[32];
-#else
-    sp_digit t[36 * 2 * 16];
-    sp_digit vx[2 * 16];
-    sp_digit vy[2 * 16];
-    sp_digit pre_vx[16][32];
-    sp_digit pre_vy[16][32];
-    sp_digit pre_nvy[16][32];
-    sp_point_1024 pd;
-    sp_point_1024 qd;
-    sp_point_1024 cd;
-#endif
-    sp_point_1024* p = NULL;
-    sp_point_1024* q = NULL;
-    sp_point_1024* c = NULL;
-    sp_digit* r = NULL;
-    int i;
-    int j;
-    int k;
-    const sp_table_entry_1024* precomp = (const sp_table_entry_1024*)table;
-
-    if (len < (int)(sizeof(sp_table_entry_1024) * 1167)) {
-        err = BUFFER_E;
-    }
-
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, pd, p);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, qd, q);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_point_new_16(NULL, cd, c);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    if (err == MP_OKAY) {
-        td = (sp_digit*)XMALLOC(sizeof(sp_digit) * 86 * 16 * 2, NULL,
-                                DYNAMIC_TYPE_TMP_BUFFER);
-        if (td == NULL) {
-            err = MEMORY_E;
-        }
-    }
-#endif
-
-    if (err == MP_OKAY) {
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-        t       = td;
-        vx      = td + 36 * 16 * 2;
-        vy      = td + 37 * 16 * 2;
-        pre_vx  = (sp_digit(*)[32])(td + 38 * 16 * 2);
-        pre_vy  = (sp_digit(*)[32])(td + 54 * 16 * 2);
-        pre_nvy = (sp_digit(*)[32])(td + 70 * 16 * 2);
-#endif
-        r = vy;
-
-        sp_1024_point_from_ecc_point_16(p, pm);
-        sp_1024_point_from_ecc_point_16(q, qm);
-
-        err = sp_1024_mod_mul_norm_avx2_16(p->x, p->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->y, p->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(p->z, p->z, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(q->x, q->x, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        err = sp_1024_mod_mul_norm_avx2_16(q->y, q->y, p1024_mod);
-    }
-    if (err == MP_OKAY) {
-        /* Generate pre-computation table: 1, 3, ... , 31 */
-        XMEMSET(pre_vx[0], 0, sizeof(sp_digit) * 2 * 16);
-        pre_vx[0][0] = 1;
-        XMEMSET(pre_vy[0], 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_mont_sub_avx2_16(pre_nvy[0], p1024_mod, pre_vy[0], p1024_mod);
-
-        /* [2]P for adding */
-        XMEMCPY(c, p, sizeof(sp_point_1024));
-        XMEMSET(vx, 0, sizeof(sp_digit) * 2 * 16);
-        vx[0] = 1;
-        XMEMSET(vy, 0, sizeof(sp_digit) * 2 * 16);
-        sp_1024_accumulate_line_dbl_avx2_16(vx, vy, c, q, t);
-
-        /* 3, 5, ... */
-        for (i = 1; i < 16; i++) {
-            XMEMCPY(pre_vx[i], pre_vx[i-1], sizeof(sp_digit) * 2 * 16);
-            XMEMCPY(pre_vy[i], pre_vy[i-1], sizeof(sp_digit) * 2 * 16);
-            sp_1024_proj_mul_avx2_16(pre_vx[i], pre_vy[i], vx, vy, t);
-            sp_1024_accumulate_line_add_n_avx2_16(pre_vx[i], pre_vy[i], c,
-                q, p, t, 0);
-            sp_1024_mont_sub_avx2_16(pre_nvy[i], p1024_mod, pre_vy[i],
-                p1024_mod);
-        }
-
-        XMEMCPY(c->z, p1024_norm_mod, sizeof(sp_digit) * 16);
-        c->infinity = 0;
-        j = sp_1024_order_op_pre[0] / 2;
-        XMEMCPY(vx, pre_vx[j], sizeof(sp_digit) * 2 * 16);
-        XMEMCPY(vy, pre_vy[j], sizeof(sp_digit) * 2 * 16);
-
-        k = 0;
-        for (j = 0; j < sp_1024_order_op_pre[1]; j++) {
-            /* Accumulate line into v and double point. */
-            sp_1024_accumulate_line_lc_avx2_16(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 1);
-            k++;
-        }
-
-        for (i = 2; i < 290; i += 2) {
-            sp_1024_accumulate_line_lc_avx2_16(vx, vy, precomp[k].x,
-                precomp[k].y, q, t, 0);
-            k++;
-
-            j = sp_1024_order_op_pre[i];
-            if (j > 0) {
-                j /= 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_avx2_16(vx, vy, pre_vx[j], pre_vy[j], t);
-            }
-            else {
-                j = -j / 2;
-                /* Accumulate line into v. */
-                sp_1024_proj_mul_avx2_16(vx, vy, pre_vx[j], pre_nvy[j], t);
-            }
-
-            for (j = 0; j < sp_1024_order_op_pre[i + 1]; j++) {
-                /* Accumulate line into v and double point. */
-                sp_1024_accumulate_line_lc_avx2_16(vx, vy, precomp[k].x,
-                    precomp[k].y, q, t, 1);
-                k++;
-            }
-        }
-
-        /* Final exponentiation */
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-        sp_1024_proj_sqr_avx2_16(vx, vy, t);
-
-        /* Convert from PF_p[q] to F_p */
-        sp_1024_mont_inv_avx2_16(vx, vx, t);
-        sp_1024_mont_mul_avx2_16(r, vx, vy, p1024_mod, p1024_mp_mod);
-        XMEMSET(r + 16, 0, sizeof(sp_digit) * 16);
-        sp_1024_mont_reduce_avx2_16(r, p1024_mod, p1024_mp_mod);
-
-        err = sp_1024_to_mp(r, res);
-    }
-
-#if (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_NO_MALLOC)) || \
-    defined(WOLFSSL_SP_SMALL_STACK)
-    XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-    sp_1024_point_free_16(c, 1, NULL);
-    sp_1024_point_free_16(q, 1, NULL);
-    sp_1024_point_free_16(p, 1, NULL);
-    return err;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#endif /* HAVE_INTEL_AVX2 */
-/*
- * Generate table for pairing.
- *
- * pm     [in]   Point to generate table for.
- * table  [in]   Generated table.
- * len    [in,out]  On in, the size of the buffer.
- *                  On out, length of table generated.
- * @return  0 on success.
- *          Otherwise failure.
- */
-int sp_Pairing_gen_precomp_1024(const ecc_point* pm, byte* table, word32* len)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) {
-        err = sp_Pairing_gen_precomp_avx2_1024(pm, table, len);
-    }
-    else
-#endif
-    {
-        err = sp_Pairing_gen_precomp_x64_1024(pm, table, len);
-    }
-
-   return err;
-}
-
-/*
- * Calculate r = pairing <P, Q>.
- *
- * That is, multiply base in PF_p[q] by the scalar s, such that s.P = Q.
- *
- * @param  [in]  key  SAKKE key.
- * @param  [in]  p    First point on E(F_p)[q].
- * @param  [in]  q    Second point on E(F_p)[q].
- * @param  [in]  r    Result of calculation.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails.
- * @return  Other -ve value on internal failure.
- */
-int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, mp_int* res,
-    const byte* table, word32 len)
-{
-    int err;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-    ASSERT_SAVED_VECTOR_REGISTERS();
-
-#ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) {
-        err = sp_Pairing_precomp_avx2_1024(pm, qm, res, table, len);
-    }
-    else
-#endif
-    {
-        err = sp_Pairing_precomp_x64_1024(pm, qm, res, table, len);
-    }
-
-   return err;
-}
-
-#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_from_bin_bswap(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_1024_from_bin_movbe(sp_digit* r, int size, const byte* a, int n);
-#ifdef __cplusplus
-}
-#endif
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
-{
-#ifndef NO_MOVBE_SUPPORT
-    word32 cpuid_flags = cpuid_get_flags();
-
-    if (IS_INTEL_MOVBE(cpuid_flags)) {
-        sp_1024_from_bin_movbe(r, size, a, n);
-    }
-    else
-#endif
-    {
-        sp_1024_from_bin_bswap(r, size, a, n);
-    }
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * point  EC point.
- * heap   Heap to use if dynamically allocating.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
-    void* heap)
-{
-    SP_DECL_VAR(sp_digit, t1, 16 * 4);
-    sp_digit* t2 = NULL;
-    sp_int64 n;
-    int err = MP_OKAY;
-
-    (void)heap;
-
-    SP_ALLOC_VAR(sp_digit, t1, 16 * 4, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        t2 = t1 + 2 * 16;
-
-        /* y^2 - x^3 - a.x = b */
-        sp_1024_sqr_16(t1, point->y);
-        (void)sp_1024_mod_16(t1, t1, p1024_mod);
-        sp_1024_sqr_16(t2, point->x);
-        (void)sp_1024_mod_16(t2, t2, p1024_mod);
-        sp_1024_mul_16(t2, t2, point->x);
-        (void)sp_1024_mod_16(t2, t2, p1024_mod);
-        sp_1024_mont_sub_16(t1, t1, t2, p1024_mod);
-
-        /* y^2 - x^3 + 3.x = b, when a = -3  */
-        sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
-        sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
-
-
-        n = sp_1024_cmp_16(t1, p1024_mod);
-        sp_1024_cond_sub_16(t1, t1, p1024_mod, (sp_digit)~(n >> 63));
-        sp_1024_norm_16(t1);
-        if (!sp_1024_iszero_16(t1)) {
-            err = MP_VAL;
-        }
-    }
-
-    SP_FREE_VAR(t1, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the x and y ordinates are a valid point on the curve.
- *
- * pX  X ordinate of EC point.
- * pY  Y ordinate of EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve and MP_OKAY otherwise.
- */
-int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
-{
-    SP_DECL_VAR(sp_point_1024, pub, 1);
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-
-    SP_ALLOC_VAR(sp_point_1024, pub, 1, NULL, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        sp_1024_from_mp(pub->x, 16, pX);
-        sp_1024_from_mp(pub->y, 16, pY);
-        sp_1024_from_bin(pub->z, 16, one, (int)sizeof(one));
-
-        err = sp_1024_ecc_is_point_16(pub, NULL);
-    }
-
-    SP_FREE_VAR(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-
-/* Check that the private scalar generates the EC point (px, py), the point is
- * on the curve and the point has the correct order.
- *
- * pX     X ordinate of EC point.
- * pY     Y ordinate of EC point.
- * privm  Private scalar that generates EC point.
- * returns MEMORY_E if dynamic memory allocation fails, MP_VAL if the point is
- * not on the curve, ECC_INF_E if the point does not have the correct order,
- * ECC_PRIV_KEY_E when the private scalar doesn't generate the EC point and
- * MP_OKAY otherwise.
- */
-int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
-    const mp_int* privm, void* heap)
-{
-    SP_DECL_VAR(sp_digit, priv, 16);
-    SP_DECL_VAR(sp_point_1024, pub, 2);
-    sp_point_1024* p = NULL;
-    const byte one[1] = { 1 };
-    int err = MP_OKAY;
-#ifdef HAVE_INTEL_AVX2
-    word32 cpuid_flags = cpuid_get_flags();
-#endif
-
-
-    /* Quick check the lengs of public key ordinates and private key are in
-     * range. Proper check later.
-     */
-    if (((mp_count_bits(pX) > 1024) ||
-        (mp_count_bits(pY) > 1024) ||
-        ((privm != NULL) && (mp_count_bits(privm) > 1024)))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    SP_ALLOC_VAR(sp_digit, priv, 16, heap, DYNAMIC_TYPE_ECC);
-    SP_ALLOC_VAR(sp_point_1024, pub, 2, heap, DYNAMIC_TYPE_ECC);
-    if (err == MP_OKAY) {
-        p = pub + 1;
-
-        sp_1024_from_mp(pub->x, 16, pX);
-        sp_1024_from_mp(pub->y, 16, pY);
-        sp_1024_from_bin(pub->z, 16, one, (int)sizeof(one));
-        if (privm)
-            sp_1024_from_mp(priv, 16, privm);
-
-        /* Check point at infinitiy. */
-        if ((sp_1024_iszero_16(pub->x) != 0) &&
-            (sp_1024_iszero_16(pub->y) != 0)) {
-            err = ECC_INF_E;
-        }
-    }
-
-    /* Check range of X and Y */
-    if ((err == MP_OKAY) &&
-            ((sp_1024_cmp_16(pub->x, p1024_mod) >= 0) ||
-             (sp_1024_cmp_16(pub->y, p1024_mod) >= 0))) {
-        err = ECC_OUT_OF_RANGE_E;
-    }
-
-    if (err == MP_OKAY) {
-        /* Check point is on curve */
-        err = sp_1024_ecc_is_point_16(pub, heap);
-    }
-
-    if (err == MP_OKAY) {
-        /* Point * order = infinity */
-#ifdef HAVE_INTEL_AVX2
-        if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                IS_INTEL_AVX2(cpuid_flags)) {
-            err = sp_1024_ecc_mulmod_avx2_16(p, pub, p1024_order, 1, 1, heap);
-        }
-        else
-#endif
-            err = sp_1024_ecc_mulmod_16(p, pub, p1024_order, 1, 1, heap);
-    }
-    /* Check result is infinity */
-    if ((err == MP_OKAY) && ((sp_1024_iszero_16(p->x) == 0) ||
-                             (sp_1024_iszero_16(p->y) == 0))) {
-        err = ECC_INF_E;
-    }
-
-    if (privm) {
-        if (err == MP_OKAY) {
-            /* Base * private = point */
-#ifdef HAVE_INTEL_AVX2
-            if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags) &&
-                    IS_INTEL_AVX2(cpuid_flags)) {
-                err = sp_1024_ecc_mulmod_base_avx2_16(p, priv, 1, 1, heap);
-            }
-            else
-#endif
-                err = sp_1024_ecc_mulmod_base_16(p, priv, 1, 1, heap);
-        }
-        /* Check result is public key */
-        if ((err == MP_OKAY) &&
-                ((sp_1024_cmp_16(p->x, pub->x) != 0) ||
-                 (sp_1024_cmp_16(p->y, pub->y) != 0))) {
-            err = ECC_PRIV_KEY_E;
-        }
-    }
-
-    SP_FREE_VAR(pub, heap, DYNAMIC_TYPE_ECC);
-    SP_FREE_VAR(priv, heap, DYNAMIC_TYPE_ECC);
-
-    return err;
-}
-#endif
-#endif /* WOLFSSL_SP_1024 */
-#endif /* WOLFCRYPT_HAVE_SAKKE */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_SP_X86_64_ASM */
-#endif /* WOLFSSL_HAVE_SP_RSA | WOLFSSL_HAVE_SP_DH | WOLFSSL_HAVE_SP_ECC */
diff --git a/src/ssl/wolfssl/wolfcrypt/sphincs.c b/src/ssl/wolfssl/wolfcrypt/sphincs.c
deleted file mode 100644
index c8510b48c..000000000
--- a/src/ssl/wolfssl/wolfcrypt/sphincs.c
+++ /dev/null
@@ -1,1059 +0,0 @@
-/* sphincs.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/* Based on dilithium.c and Reworked for Sphincs by Anthony Hu. */
-
-#include <wolfssl/wolfcrypt/asn.h>
-
-#if defined(HAVE_PQC) && defined(HAVE_SPHINCS)
-
-#ifdef HAVE_LIBOQS
-#include <oqs/oqs.h>
-#endif
-
-#include <wolfssl/wolfcrypt/sphincs.h>
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/* Sign the message using the sphincs private key.
- *
- *  in          [in]      Message to sign.
- *  inLen       [in]      Length of the message in bytes.
- *  out         [in]      Buffer to write signature into.
- *  outLen      [in/out]  On in, size of buffer.
- *                        On out, the length of the signature in bytes.
- *  key         [in]      Sphincs key to use when signing
- *  returns BAD_FUNC_ARG when a parameter is NULL or public key not set,
- *          BUFFER_E when outLen is less than SPHINCS_FAST_LEVEL1_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_sphincs_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
-                        sphincs_key* key, WC_RNG* rng)
-{
-    int ret = 0;
-#ifdef HAVE_LIBOQS
-    OQS_SIG *oqssig = NULL;
-    size_t localOutLen = 0;
-
-    /* sanity check on arguments */
-    if ((in == NULL) || (out == NULL) || (outLen == NULL) || (key == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (!key->prvKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if ((key->optim == FAST_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128f_simple);
-        }
-        else if ((key->optim == FAST_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192f_simple);
-        }
-        else if ((key->optim == FAST_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256f_simple);
-        }
-        else if ((key->optim == SMALL_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128s_simple);
-        }
-        else if ((key->optim == SMALL_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192s_simple);
-        }
-        else if ((key->optim == SMALL_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256s_simple);
-        }
-
-        if (oqssig == NULL) {
-            ret = SIG_TYPE_E;
-        }
-    }
-
-    /* check and set up out length */
-    if (ret == 0) {
-        if ((key->level == 1) && (key->optim == FAST_VARIANT) &&
-            (*outLen < SPHINCS_FAST_LEVEL1_SIG_SIZE)) {
-            *outLen = SPHINCS_FAST_LEVEL1_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == 3) && (key->optim == FAST_VARIANT) &&
-            (*outLen < SPHINCS_FAST_LEVEL3_SIG_SIZE)) {
-            *outLen = SPHINCS_FAST_LEVEL3_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == 5) && (key->optim == FAST_VARIANT) &&
-            (*outLen < SPHINCS_FAST_LEVEL5_SIG_SIZE)) {
-            *outLen = SPHINCS_FAST_LEVEL5_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == 1) && (key->optim == SMALL_VARIANT) &&
-            (*outLen < SPHINCS_SMALL_LEVEL1_SIG_SIZE)) {
-            *outLen = SPHINCS_SMALL_LEVEL1_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == 3) && (key->optim == SMALL_VARIANT) &&
-            (*outLen < SPHINCS_SMALL_LEVEL3_SIG_SIZE)) {
-            *outLen = SPHINCS_SMALL_LEVEL3_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-        else if ((key->level == 5) && (key->optim == SMALL_VARIANT) &&
-            (*outLen < SPHINCS_SMALL_LEVEL5_SIG_SIZE)) {
-            *outLen = SPHINCS_SMALL_LEVEL5_SIG_SIZE;
-            ret = BUFFER_E;
-        }
-
-        localOutLen = *outLen;
-    }
-
-    if (ret == 0) {
-        ret = wolfSSL_liboqsRngMutexLock(rng);
-    }
-
-    if ((ret == 0) &&
-        (OQS_SIG_sign(oqssig, out, &localOutLen, in, inLen, key->k)
-         == OQS_ERROR)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        *outLen = (word32)localOutLen;
-    }
-
-    wolfSSL_liboqsRngMutexUnlock();
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-    return ret;
-}
-
-/* Verify the message using the sphincs public key.
- *
- *  sig         [in]  Signature to verify.
- *  sigLen      [in]  Size of signature in bytes.
- *  msg         [in]  Message to verify.
- *  msgLen      [in]  Length of the message in bytes.
- *  res         [out] *res is set to 1 on successful verification.
- *  key         [in]  Sphincs key to use to verify.
- *  returns BAD_FUNC_ARG when a parameter is NULL or contextLen is zero when and
- *          BUFFER_E when sigLen is less than SPHINCS_FAST_LEVEL1_SIG_SIZE,
- *          0 otherwise.
- */
-int wc_sphincs_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
-                          word32 msgLen, int* res, sphincs_key* key)
-{
-    int ret = 0;
-#ifdef HAVE_LIBOQS
-    OQS_SIG *oqssig = NULL;
-
-    if (key == NULL || sig == NULL || msg == NULL || res == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if ((ret == 0) && (!key->pubKeySet)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if ((key->optim == FAST_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128f_simple);
-        }
-        else if ((key->optim == FAST_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192f_simple);
-        }
-        else if ((key->optim == FAST_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256f_simple);
-        }
-        else if ((key->optim == SMALL_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128s_simple);
-        }
-        else if ((key->optim == SMALL_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192s_simple);
-        }
-        else if ((key->optim == SMALL_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256s_simple);
-        }
-
-        if (oqssig == NULL) {
-            ret = SIG_TYPE_E;
-        }
-    }
-
-    if ((ret == 0) &&
-        (OQS_SIG_verify(oqssig, msg, msgLen, sig, sigLen, key->p)
-         == OQS_ERROR)) {
-         ret = SIG_VERIFY_E;
-    }
-
-    if (ret == 0) {
-        *res = 1;
-    }
-
-    if (oqssig != NULL) {
-        OQS_SIG_free(oqssig);
-    }
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-
-    return ret;
-}
-
-/* Initialize the sphincs private/public key.
- *
- * key  [in]  Sphincs key.
- * returns BAD_FUNC_ARG when key is NULL
- */
-int wc_sphincs_init(sphincs_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ForceZero(key, sizeof(*key));
-    return 0;
-}
-
-/* Set the level of the sphincs private/public key.
- *
- * key   [out]  Sphincs key.
- * level [in]   Either 1, 3 or 5.
- * optim [in]   Either FAST_VARIANT or SMALL_VARIANT.
- * returns BAD_FUNC_ARG when key is NULL or level or optim are bad values.
- */
-int wc_sphincs_set_level_and_optim(sphincs_key* key, byte level, byte optim)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (level != 1 && level != 3 && level != 5) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (optim != FAST_VARIANT && optim != SMALL_VARIANT) {
-        return BAD_FUNC_ARG;
-    }
-
-    key->level = level;
-    key->optim = optim;
-    key->pubKeySet = 0;
-    key->prvKeySet = 0;
-    return 0;
-}
-
-/* Get the level and optimization variant of the sphincs private/public key.
- *
- * key   [in]  Sphincs key.
- * level [out] The level.
- * optim [out] The optimization variant. FAST_VARIANT or SMALL_VARIANT.
- * returns BAD_FUNC_ARG when key is NULL or level has not been set.
- */
-int wc_sphincs_get_level_and_optim(sphincs_key* key, byte* level, byte* optim)
-{
-    if (key == NULL || level == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level != 1 && key->level != 3 && key->level != 5) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->optim != FAST_VARIANT && key->optim != SMALL_VARIANT) {
-        return BAD_FUNC_ARG;
-    }
-
-    *level = key->level;
-    *optim = key->optim;
-    return 0;
-}
-
-/* Clears the sphincs key data
- *
- * key  [in]  Sphincs key.
- */
-void wc_sphincs_free(sphincs_key* key)
-{
-    if (key != NULL) {
-        ForceZero(key, sizeof(*key));
-    }
-}
-
-/* Export the sphincs public key.
- *
- * key     [in]      Sphincs public key.
- * out     [in]      Array to hold public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than SPHINCS_FAST_LEVEL1_PUB_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_sphincs_export_public(sphincs_key* key,
-                             byte* out, word32* outLen)
-{
-    /* sanity check on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (!key->pubKeySet) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* check and set up out length */
-    if ((key->level == 1) && (*outLen < SPHINCS_LEVEL1_PUB_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL1_PUB_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 3) && (*outLen < SPHINCS_LEVEL3_PUB_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL3_PUB_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 5) && (*outLen < SPHINCS_LEVEL5_PUB_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL5_PUB_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    if (key->level == 1) {
-        *outLen = SPHINCS_LEVEL1_PUB_KEY_SIZE;
-        XMEMCPY(out, key->p, SPHINCS_LEVEL1_PUB_KEY_SIZE);
-    }
-    else if (key->level == 3) {
-        *outLen = SPHINCS_LEVEL3_PUB_KEY_SIZE;
-        XMEMCPY(out, key->p, SPHINCS_LEVEL3_PUB_KEY_SIZE);
-    }
-    else if (key->level == 5) {
-        *outLen = SPHINCS_LEVEL5_PUB_KEY_SIZE;
-        XMEMCPY(out, key->p, SPHINCS_LEVEL5_PUB_KEY_SIZE);
-    }
-
-    return 0;
-}
-
-/* Import a sphincs public key from a byte array.
- * Public key encoded in big-endian.
- *
- * in      [in]  Array holding public key.
- * inLen   [in]  Number of bytes of data in array.
- * key     [in]  Sphincs public key.
- * returns BAD_FUNC_ARG when a parameter is NULL or key format is not supported,
- *         0 otherwise.
- */
-int wc_sphincs_import_public(const byte* in, word32 inLen,
-                             sphincs_key* key)
-{
-    /* sanity check on arguments */
-    if ((in == NULL) || (key == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 3) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->optim != FAST_VARIANT) && (key->optim != SMALL_VARIANT)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (inLen != SPHINCS_LEVEL1_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-    else if ((key->level == 3) && (inLen != SPHINCS_LEVEL3_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-    else if ((key->level == 5) && (inLen != SPHINCS_LEVEL5_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(key->p, in, inLen);
-    key->pubKeySet = 1;
-
-    return 0;
-}
-
-static int parse_private_key(const byte* priv, word32 privSz,
-                             byte** out, word32 *outSz,
-                             sphincs_key* key) {
-    word32 idx = 0;
-    int ret = 0;
-    int length = 0;
-
-    /* sanity check on arguments */
-    if ((priv == NULL) || (key == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 3) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->optim != FAST_VARIANT) && (key->optim != SMALL_VARIANT)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* At this point, it is still a PKCS8 private key. */
-    if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) {
-        /* ignore error, did not have PKCS8 header */
-        (void)ret;
-    }
-
-    /* Now it is a octet_string(concat(priv,pub)) */
-    if ((ret = GetOctetString(priv, &idx, &length, privSz)) < 0) {
-        return ret;
-    }
-
-    *out = (byte *)priv + idx;
-    *outSz = privSz - idx;
-
-    /* And finally it is concat(priv,pub). Key size check. */
-    if ((key->level == 1) && (*outSz != SPHINCS_LEVEL1_KEY_SIZE +
-                                        SPHINCS_LEVEL1_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-    else if ((key->level == 3) && (*outSz != SPHINCS_LEVEL3_KEY_SIZE +
-                                             SPHINCS_LEVEL3_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-    else if ((key->level == 5) && (*outSz != SPHINCS_LEVEL5_KEY_SIZE +
-                                             SPHINCS_LEVEL5_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-
-    return 0;
-}
-
-/* Import a sphincs private key from a byte array.
- *
- * priv    [in]  Array holding private key.
- * privSz  [in]  Number of bytes of data in array.
- * key     [in]  Sphincs private key.
- * returns BAD_FUNC_ARG when a parameter is NULL or privSz is less than
- *         SPHINCS_LEVEL1_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_sphincs_import_private_only(const byte* priv, word32 privSz,
-                                   sphincs_key* key)
-{
-    int ret = 0;
-    byte *newPriv = NULL;
-    word32 newPrivSz = 0;
-
-    if ((ret = parse_private_key(priv, privSz, &newPriv, &newPrivSz, key))
-        != 0) {
-         return ret;
-    }
-
-    if (key->level == 1) {
-        XMEMCPY(key->k, newPriv, SPHINCS_LEVEL1_KEY_SIZE);
-    }
-    else if (key->level == 3) {
-        XMEMCPY(key->k, newPriv, SPHINCS_LEVEL3_KEY_SIZE);
-    }
-    else if (key->level == 5) {
-        XMEMCPY(key->k, newPriv, SPHINCS_LEVEL5_KEY_SIZE);
-    }
-    key->prvKeySet = 1;
-
-    return 0;
-}
-
-/* Import a sphincs private and public keys from byte array(s).
- *
- * priv    [in]  Array holding private key or private+public keys
- * privSz  [in]  Number of bytes of data in private key array.
- * pub     [in]  Array holding public key (or NULL).
- * pubSz   [in]  Number of bytes of data in public key array (or 0).
- * key     [in]  Sphincs private/public key.
- * returns BAD_FUNC_ARG when a required parameter is NULL or an invalid
- *         combination of keys/lengths is supplied, 0 otherwise.
- */
-int wc_sphincs_import_private_key(const byte* priv, word32 privSz,
-                                  const byte* pub, word32 pubSz,
-                                  sphincs_key* key)
-{
-    int ret = 0;
-    byte *newPriv = NULL;
-    word32 newPrivSz = 0;
-
-    if ((ret = parse_private_key(priv, privSz, &newPriv, &newPrivSz, key))
-        != 0) {
-         return ret;
-    }
-
-    if (pub == NULL) {
-        if (pubSz != 0) {
-            return BAD_FUNC_ARG;
-        }
-
-        if ((newPrivSz != SPHINCS_LEVEL1_PRV_KEY_SIZE) &&
-            (newPrivSz != SPHINCS_LEVEL3_PRV_KEY_SIZE) &&
-            (newPrivSz != SPHINCS_LEVEL5_PRV_KEY_SIZE)) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (key->level == 1) {
-            pub = newPriv + SPHINCS_LEVEL1_KEY_SIZE;
-            pubSz = SPHINCS_LEVEL1_PUB_KEY_SIZE;
-        }
-        else if (key->level == 3) {
-            pub = newPriv + SPHINCS_LEVEL3_KEY_SIZE;
-            pubSz = SPHINCS_LEVEL3_PUB_KEY_SIZE;
-        }
-        else if (key->level == 5) {
-            pub = newPriv + SPHINCS_LEVEL5_KEY_SIZE;
-            pubSz = SPHINCS_LEVEL5_PUB_KEY_SIZE;
-        }
-    }
-    else if ((pubSz != SPHINCS_LEVEL1_PUB_KEY_SIZE) &&
-             (pubSz != SPHINCS_LEVEL3_PUB_KEY_SIZE) &&
-             (pubSz != SPHINCS_LEVEL5_PUB_KEY_SIZE)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* import public key */
-    ret = wc_sphincs_import_public(pub, pubSz, key);
-
-    if (ret == 0) {
-        /* make the private key (priv + pub) */
-        if (key->level == 1) {
-            XMEMCPY(key->k, newPriv, SPHINCS_LEVEL1_KEY_SIZE);
-        }
-        else if (key->level == 3) {
-            XMEMCPY(key->k, newPriv, SPHINCS_LEVEL3_KEY_SIZE);
-        }
-        else if (key->level == 5) {
-            XMEMCPY(key->k, newPriv, SPHINCS_LEVEL5_KEY_SIZE);
-        }
-        key->prvKeySet = 1;
-    }
-
-    return ret;
-}
-
-/* Export the sphincs private key.
- *
- * key     [in]      Sphincs private key.
- * out     [in]      Array to hold private key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than SPHINCS_LEVEL1_KEY_SIZE,
- *         0 otherwise.
- */
-int wc_sphincs_export_private_only(sphincs_key* key, byte* out, word32* outLen)
-{
-    /* sanity checks on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 3) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->optim != FAST_VARIANT) && (key->optim != SMALL_VARIANT)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* check and set up out length */
-    if ((key->level == 1) && (*outLen < SPHINCS_LEVEL1_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL1_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 3) && (*outLen < SPHINCS_LEVEL3_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL3_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 5) && (*outLen < SPHINCS_LEVEL5_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL5_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-    if (key->level == 1) {
-        *outLen = SPHINCS_LEVEL1_KEY_SIZE;
-    }
-    else if (key->level == 3) {
-        *outLen = SPHINCS_LEVEL3_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        *outLen = SPHINCS_LEVEL5_KEY_SIZE;
-    }
-
-    XMEMCPY(out, key->k, *outLen);
-
-    return 0;
-}
-
-/* Export the sphincs private and public key.
- *
- * key     [in]      Sphincs private/public key.
- * out     [in]      Array to hold private and public key.
- * outLen  [in/out]  On in, the number of bytes in array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when outLen is less than required, 0 otherwise.
- */
-int wc_sphincs_export_private(sphincs_key* key, byte* out, word32* outLen)
-{
-    /* sanity checks on arguments */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level != 1) && (key->level != 3) && (key->level != 5)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->optim != FAST_VARIANT) && (key->optim != SMALL_VARIANT)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (*outLen < SPHINCS_LEVEL1_PRV_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL1_PRV_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 3) && (*outLen < SPHINCS_LEVEL3_PRV_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL3_PRV_KEY_SIZE;
-        return BUFFER_E;
-    }
-    else if ((key->level == 5) && (*outLen < SPHINCS_LEVEL5_PRV_KEY_SIZE)) {
-        *outLen = SPHINCS_LEVEL5_PRV_KEY_SIZE;
-        return BUFFER_E;
-    }
-
-
-    if (key->level == 1) {
-        *outLen = SPHINCS_LEVEL1_PRV_KEY_SIZE;
-        XMEMCPY(out, key->k, SPHINCS_LEVEL1_PRV_KEY_SIZE);
-        XMEMCPY(out + SPHINCS_LEVEL1_PRV_KEY_SIZE, key->p,
-                SPHINCS_LEVEL1_PUB_KEY_SIZE);
-    }
-    else if (key->level == 3) {
-        *outLen = SPHINCS_LEVEL3_PRV_KEY_SIZE;
-        XMEMCPY(out, key->k, SPHINCS_LEVEL3_PRV_KEY_SIZE);
-        XMEMCPY(out + SPHINCS_LEVEL3_PRV_KEY_SIZE, key->p,
-                SPHINCS_LEVEL3_PUB_KEY_SIZE);
-    }
-    else if (key->level == 5) {
-        *outLen = SPHINCS_LEVEL5_PRV_KEY_SIZE;
-        XMEMCPY(out, key->k, SPHINCS_LEVEL5_PRV_KEY_SIZE);
-        XMEMCPY(out + SPHINCS_LEVEL5_PRV_KEY_SIZE, key->p,
-                SPHINCS_LEVEL5_PUB_KEY_SIZE);
-    }
-
-    return 0;
-}
-
-/* Export the sphincs private and public key.
- *
- * key     [in]      Sphincs private/public key.
- * priv    [in]      Array to hold private key.
- * privSz  [in/out]  On in, the number of bytes in private key array.
- * pub     [in]      Array to hold  public key.
- * pubSz   [in/out]  On in, the number of bytes in public key array.
- *                   On out, the number bytes put into array.
- * returns BAD_FUNC_ARG when a parameter is NULL,
- *         BUFFER_E when privSz is or pubSz is less than required,
- *         0 otherwise.
- */
-int wc_sphincs_export_key(sphincs_key* key, byte* priv, word32 *privSz,
-                            byte* pub, word32 *pubSz)
-{
-    int ret = 0;
-
-    /* export private part */
-    ret = wc_sphincs_export_private(key, priv, privSz);
-    if (ret == 0) {
-        /* export public part */
-        ret = wc_sphincs_export_public(key, pub, pubSz);
-    }
-
-    return ret;
-}
-
-/* Check the public key of the sphincs key matches the private key.
- *
- * key     [in]      Sphincs private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         PUBLIC_KEY_E when the public key is not set or doesn't match,
- *         other -ve value on hash failure,
- *         0 otherwise.
- */
-int wc_sphincs_check_key(sphincs_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* Assume everything is fine. */
-    return 0;
-}
-
-/* Returns the size of a sphincs private key.
- *
- * key     [in]      Sphincs private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         SPHINCS_LEVELn_KEY_SIZE otherwise.
- */
-int wc_sphincs_size(sphincs_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return SPHINCS_LEVEL1_KEY_SIZE;
-    }
-    else if (key->level == 3) {
-        return SPHINCS_LEVEL3_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        return SPHINCS_LEVEL5_KEY_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Returns the size of a sphincs private plus public key.
- *
- * key     [in]      Sphincs private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         SPHINCS_LEVELn_PRV_KEY_SIZE otherwise.
- */
-int wc_sphincs_priv_size(sphincs_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return SPHINCS_LEVEL1_PRV_KEY_SIZE;
-    }
-    else if (key->level == 3) {
-        return SPHINCS_LEVEL3_PRV_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        return SPHINCS_LEVEL5_PRV_KEY_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Returns the size of a sphincs public key.
- *
- * key     [in]      Sphincs private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         SPHINCS_FAST_LEVEL1_PUB_KEY_SIZE otherwise.
- */
-int wc_sphincs_pub_size(sphincs_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (key->level == 1) {
-        return SPHINCS_LEVEL1_PUB_KEY_SIZE;
-    }
-    else if (key->level == 3) {
-        return SPHINCS_LEVEL3_PUB_KEY_SIZE;
-    }
-    else if (key->level == 5) {
-        return SPHINCS_LEVEL5_PUB_KEY_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-/* Returns the size of a sphincs signature.
- *
- * key     [in]      Sphincs private/public key.
- * returns BAD_FUNC_ARG when key is NULL,
- *         SPHINCS_FAST_LEVEL1_SIG_SIZE otherwise.
- */
-int wc_sphincs_sig_size(sphincs_key* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (key->optim == FAST_VARIANT)) {
-        return SPHINCS_FAST_LEVEL1_SIG_SIZE;
-    }
-    else if ((key->level == 3) && (key->optim == FAST_VARIANT)) {
-        return SPHINCS_FAST_LEVEL3_SIG_SIZE;
-    }
-    else if ((key->level == 5) && (key->optim == FAST_VARIANT)) {
-        return SPHINCS_FAST_LEVEL5_SIG_SIZE;
-    }
-    else if ((key->level == 1) && (key->optim == SMALL_VARIANT)) {
-        return SPHINCS_SMALL_LEVEL1_SIG_SIZE;
-    }
-    else if ((key->level == 3) && (key->optim == SMALL_VARIANT)) {
-        return SPHINCS_SMALL_LEVEL3_SIG_SIZE;
-    }
-    else if ((key->level == 5) && (key->optim == SMALL_VARIANT)) {
-        return SPHINCS_SMALL_LEVEL5_SIG_SIZE;
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-int wc_Sphincs_PrivateKeyDecode(const byte* input, word32* inOutIdx,
-                                sphincs_key* key, word32 inSz)
-{
-    int ret = 0;
-    byte privKey[SPHINCS_MAX_KEY_SIZE], pubKey[SPHINCS_MAX_PUB_KEY_SIZE];
-    word32 privKeyLen = (word32)sizeof(privKey);
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-    int keytype = 0;
-
-    if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL1k;
-    }
-    else if ((key->level == 3) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL3k;
-    }
-    else if ((key->level == 5) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL5k;
-    }
-    else if ((key->level == 1) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL1k;
-    }
-    else if ((key->level == 3) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL3k;
-    }
-    else if ((key->level == 5) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL5k;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = DecodeAsymKey(input, inOutIdx, inSz, privKey, &privKeyLen,
-                        pubKey, &pubKeyLen, keytype);
-    if (ret == 0) {
-        if (pubKeyLen == 0) {
-            ret = wc_sphincs_import_private_only(input, inSz, key);
-        }
-        else {
-            ret = wc_sphincs_import_private_key(privKey, privKeyLen,
-                                               pubKey, pubKeyLen, key);
-        }
-    }
-    return ret;
-}
-
-int wc_Sphincs_PublicKeyDecode(const byte* input, word32* inOutIdx,
-                               sphincs_key* key, word32 inSz)
-{
-    int ret = 0;
-    byte pubKey[SPHINCS_MAX_PUB_KEY_SIZE];
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-    int keytype = 0;
-
-    if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_sphincs_import_public(input, inSz, key);
-    if (ret == 0) {
-        return 0;
-    }
-
-    if ((key->level == 1) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL1k;
-    }
-    else if ((key->level == 3) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL3k;
-    }
-    else if ((key->level == 5) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL5k;
-    }
-    else if ((key->level == 1) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL1k;
-    }
-    else if ((key->level == 3) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL3k;
-    }
-    else if ((key->level == 5) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL5k;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = DecodeAsymKeyPublic(input, inOutIdx, inSz, pubKey, &pubKeyLen,
-                              keytype);
-    if (ret == 0) {
-        ret = wc_sphincs_import_public(pubKey, pubKeyLen, key);
-    }
-    return ret;
-}
-
-#ifdef WC_ENABLE_ASYM_KEY_EXPORT
-/* Encode the public part of an Sphincs key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key       Sphincs key object.
- * @param [out] output    Buffer to put encoded data in.
- * @param [in]  outLen    Size of buffer in bytes.
- * @param [in]  withAlg   Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Sphincs_PublicKeyToDer(sphincs_key* key, byte* output, word32 inLen,
-                              int withAlg)
-{
-    int    ret;
-    byte   pubKey[SPHINCS_MAX_PUB_KEY_SIZE];
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-    int    keytype = 0;
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL1k;
-    }
-    else if ((key->level == 3) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL3k;
-    }
-    else if ((key->level == 5) && (key->optim == FAST_VARIANT)) {
-        keytype = SPHINCS_FAST_LEVEL5k;
-    }
-    else if ((key->level == 1) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL1k;
-    }
-    else if ((key->level == 3) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL3k;
-    }
-    else if ((key->level == 5) && (key->optim == SMALL_VARIANT)) {
-        keytype = SPHINCS_SMALL_LEVEL5k;
-    }
-    else {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_sphincs_export_public(key, pubKey, &pubKeyLen);
-    if (ret == 0) {
-        ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen, keytype,
-                                  withAlg);
-    }
-
-    return ret;
-}
-#endif
-
-int wc_Sphincs_KeyToDer(sphincs_key* key, byte* output, word32 inLen)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (key->optim == FAST_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL1_KEY_SIZE, key->p,
-                             SPHINCS_LEVEL1_KEY_SIZE, output, inLen,
-                             SPHINCS_FAST_LEVEL1k);
-    }
-    else if ((key->level == 3) && (key->optim == FAST_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL3_KEY_SIZE, key->p,
-                             SPHINCS_LEVEL3_KEY_SIZE, output, inLen,
-                             SPHINCS_FAST_LEVEL3k);
-    }
-    else if ((key->level == 5) && (key->optim == FAST_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL5_KEY_SIZE, key->p,
-                             SPHINCS_LEVEL5_KEY_SIZE, output, inLen,
-                             SPHINCS_FAST_LEVEL5k);
-    }
-    else if ((key->level == 1) && (key->optim == SMALL_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL1_KEY_SIZE, key->p,
-                             SPHINCS_LEVEL1_KEY_SIZE, output, inLen,
-                             SPHINCS_SMALL_LEVEL1k);
-    }
-    else if ((key->level == 3) && (key->optim == SMALL_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL3_KEY_SIZE, key->p,
-                             SPHINCS_LEVEL3_KEY_SIZE, output, inLen,
-                             SPHINCS_SMALL_LEVEL3k);
-    }
-    else if ((key->level == 5) && (key->optim == SMALL_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL5_KEY_SIZE, key->p,
-                             SPHINCS_LEVEL5_KEY_SIZE, output, inLen,
-                             SPHINCS_SMALL_LEVEL5k);
-    }
-
-    return BAD_FUNC_ARG;
-}
-
-int wc_Sphincs_PrivateKeyToDer(sphincs_key* key, byte* output, word32 inLen)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if ((key->level == 1) && (key->optim == FAST_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL1_KEY_SIZE, NULL, 0, output,
-                             inLen, SPHINCS_FAST_LEVEL1k);
-    }
-    else if ((key->level == 3) && (key->optim == FAST_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL3_KEY_SIZE, NULL, 0, output,
-                             inLen, SPHINCS_FAST_LEVEL3k);
-    }
-    else if ((key->level == 5) && (key->optim == FAST_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL5_KEY_SIZE, NULL, 0, output,
-                             inLen, SPHINCS_FAST_LEVEL5k);
-    }
-    else if ((key->level == 1) && (key->optim == SMALL_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL1_KEY_SIZE, NULL, 0, output,
-                             inLen, SPHINCS_SMALL_LEVEL1k);
-    }
-    else if ((key->level == 3) && (key->optim == SMALL_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL3_KEY_SIZE, NULL, 0, output,
-                             inLen, SPHINCS_SMALL_LEVEL3k);
-    }
-    else if ((key->level == 5) && (key->optim == SMALL_VARIANT)) {
-        return SetAsymKeyDer(key->k, SPHINCS_LEVEL5_KEY_SIZE, NULL, 0, output,
-                             inLen, SPHINCS_SMALL_LEVEL5k);
-    }
-
-    return BAD_FUNC_ARG;
-}
-#endif /* HAVE_PQC && HAVE_SPHINCS */
diff --git a/src/ssl/wolfssl/wolfcrypt/srp.c b/src/ssl/wolfssl/wolfcrypt/srp.c
deleted file mode 100644
index ab81a3961..000000000
--- a/src/ssl/wolfssl/wolfcrypt/srp.c
+++ /dev/null
@@ -1,1001 +0,0 @@
-/* srp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFCRYPT_HAVE_SRP
-
-#include <wolfssl/wolfcrypt/srp.h>
-#include <wolfssl/wolfcrypt/random.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-/** Computes the session key using the Mask Generation Function 1. */
-static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size);
-
-static int SrpHashInit(SrpHash* hash, SrpType type, void* heap)
-{
-    hash->type = type;
-
-    switch (type) {
-        case SRP_TYPE_SHA:
-            #ifndef NO_SHA
-                return wc_InitSha_ex(&hash->data.sha, heap, INVALID_DEVID);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA256:
-            #ifndef NO_SHA256
-                return wc_InitSha256_ex(&hash->data.sha256, heap, INVALID_DEVID);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA384:
-            #ifdef WOLFSSL_SHA384
-                return wc_InitSha384_ex(&hash->data.sha384, heap, INVALID_DEVID);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA512:
-            #ifdef WOLFSSL_SHA512
-                return wc_InitSha512_ex(&hash->data.sha512, heap, INVALID_DEVID);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        default:
-            return BAD_FUNC_ARG;
-    }
-}
-
-static int SrpHashUpdate(SrpHash* hash, const byte* data, word32 size)
-{
-    switch (hash->type) {
-        case SRP_TYPE_SHA:
-            #ifndef NO_SHA
-                return wc_ShaUpdate(&hash->data.sha, data, size);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA256:
-            #ifndef NO_SHA256
-                return wc_Sha256Update(&hash->data.sha256, data, size);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA384:
-            #ifdef WOLFSSL_SHA384
-                return wc_Sha384Update(&hash->data.sha384, data, size);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA512:
-            #ifdef WOLFSSL_SHA512
-                return wc_Sha512Update(&hash->data.sha512, data, size);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        default:
-            return BAD_FUNC_ARG;
-    }
-}
-
-static int SrpHashFinal(SrpHash* hash, byte* digest)
-{
-    switch (hash->type) {
-        case SRP_TYPE_SHA:
-            #ifndef NO_SHA
-                return wc_ShaFinal(&hash->data.sha, digest);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA256:
-            #ifndef NO_SHA256
-                return wc_Sha256Final(&hash->data.sha256, digest);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA384:
-            #ifdef WOLFSSL_SHA384
-                return wc_Sha384Final(&hash->data.sha384, digest);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        case SRP_TYPE_SHA512:
-            #ifdef WOLFSSL_SHA512
-                return wc_Sha512Final(&hash->data.sha512, digest);
-            #else
-                return BAD_FUNC_ARG;
-            #endif
-
-        default:
-            return BAD_FUNC_ARG;
-    }
-}
-
-static int SrpHashSize(SrpType type)
-{
-    switch (type) {
-        case SRP_TYPE_SHA:
-            #ifndef NO_SHA
-                return WC_SHA_DIGEST_SIZE;
-            #else
-                return ALGO_ID_E;
-            #endif
-
-        case SRP_TYPE_SHA256:
-            #ifndef NO_SHA256
-                return WC_SHA256_DIGEST_SIZE;
-            #else
-                return ALGO_ID_E;
-            #endif
-
-        case SRP_TYPE_SHA384:
-            #ifdef WOLFSSL_SHA384
-                return WC_SHA384_DIGEST_SIZE;
-            #else
-                return ALGO_ID_E;
-            #endif
-
-        case SRP_TYPE_SHA512:
-            #ifdef WOLFSSL_SHA512
-                return WC_SHA512_DIGEST_SIZE;
-            #else
-                return ALGO_ID_E;
-            #endif
-
-        default:
-            return ALGO_ID_E;
-    }
-}
-
-static void SrpHashFree(SrpHash* hash)
-{
-    switch (hash->type) {
-        case SRP_TYPE_SHA:
-        #ifndef NO_SHA
-            wc_ShaFree(&hash->data.sha);
-        #endif
-            break;
-        case SRP_TYPE_SHA256:
-        #ifndef NO_SHA256
-            wc_Sha256Free(&hash->data.sha256);
-        #endif
-            break;
-        case SRP_TYPE_SHA384:
-        #ifdef WOLFSSL_SHA384
-            wc_Sha384Free(&hash->data.sha384);
-        #endif
-            break;
-        case SRP_TYPE_SHA512:
-        #ifdef WOLFSSL_SHA512
-            wc_Sha512Free(&hash->data.sha512);
-        #endif
-            break;
-        default:
-            break;
-    }
-}
-
-
-int wc_SrpInit_ex(Srp* srp, SrpType type, SrpSide side, void* heap, int devId)
-{
-    int r;
-
-    /* validating params */
-
-    if (!srp)
-        return BAD_FUNC_ARG;
-
-    if (side != SRP_CLIENT_SIDE && side != SRP_SERVER_SIDE)
-        return BAD_FUNC_ARG;
-
-    switch (type) {
-        case SRP_TYPE_SHA:
-            #ifdef NO_SHA
-                return NOT_COMPILED_IN;
-            #else
-                break; /* OK */
-            #endif
-
-        case SRP_TYPE_SHA256:
-            #ifdef NO_SHA256
-                return NOT_COMPILED_IN;
-            #else
-                break; /* OK */
-            #endif
-
-        case SRP_TYPE_SHA384:
-            #ifndef WOLFSSL_SHA384
-                return NOT_COMPILED_IN;
-            #else
-                break; /* OK */
-            #endif
-
-        case SRP_TYPE_SHA512:
-            #ifndef WOLFSSL_SHA512
-                return NOT_COMPILED_IN;
-            #else
-                break; /* OK */
-            #endif
-
-        default:
-            return BAD_FUNC_ARG;
-    }
-
-    /* initializing variables */
-    XMEMSET(srp, 0, sizeof(Srp));
-
-    if ((r = SrpHashInit(&srp->client_proof, type, srp->heap)) != 0)
-        return r;
-
-    if ((r = SrpHashInit(&srp->server_proof, type, srp->heap)) != 0) {
-        SrpHashFree(&srp->client_proof);
-        return r;
-    }
-    if ((r = mp_init_multi(&srp->N,    &srp->g, &srp->auth,
-                           &srp->priv, 0, 0)) != 0) {
-        SrpHashFree(&srp->client_proof);
-        SrpHashFree(&srp->server_proof);
-        return r;
-    }
-
-    srp->side = side;    srp->type   = type;
-    srp->salt = NULL;    srp->saltSz = 0;
-    srp->user = NULL;    srp->userSz = 0;
-    srp->key  = NULL;    srp->keySz  = 0;
-
-    srp->keyGenFunc_cb = wc_SrpSetKey;
-
-    /* default heap hint to NULL or test value */
-#ifdef WOLFSSL_HEAP_TEST
-    srp->heap = (void*)WOLFSSL_HEAP_TEST;
-#else
-    srp->heap = heap;
-#endif /* WOLFSSL_HEAP_TEST */
-
-    (void)devId; /* future */
-
-    return 0;
-}
-
-int wc_SrpInit(Srp* srp, SrpType type, SrpSide side)
-{
-    return wc_SrpInit_ex(srp, type, side, NULL, INVALID_DEVID);
-}
-
-void wc_SrpTerm(Srp* srp)
-{
-    if (srp) {
-        mp_clear(&srp->N);    mp_clear(&srp->g);
-        mp_clear(&srp->auth); mp_clear(&srp->priv);
-        if (srp->salt) {
-            ForceZero(srp->salt, srp->saltSz);
-            XFREE(srp->salt, srp->heap, DYNAMIC_TYPE_SRP);
-        }
-        if (srp->user) {
-            ForceZero(srp->user, srp->userSz);
-            XFREE(srp->user, srp->heap, DYNAMIC_TYPE_SRP);
-        }
-        if (srp->key) {
-            ForceZero(srp->key, srp->keySz);
-            XFREE(srp->key, srp->heap, DYNAMIC_TYPE_SRP);
-        }
-
-        SrpHashFree(&srp->client_proof);
-        SrpHashFree(&srp->server_proof);
-        ForceZero(srp, sizeof(Srp));
-    }
-}
-
-int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size)
-{
-    if (!srp || !username)
-        return BAD_FUNC_ARG;
-
-    /* +1 for NULL char */
-    srp->user = (byte*)XMALLOC(size + 1, srp->heap, DYNAMIC_TYPE_SRP);
-    if (srp->user == NULL)
-        return MEMORY_E;
-
-    srp->userSz = size;
-    XMEMCPY(srp->user, username, srp->userSz);
-    srp->user[size] = '\0';
-
-    return 0;
-}
-
-int wc_SrpSetParams(Srp* srp, const byte* N,    word32 nSz,
-                              const byte* g,    word32 gSz,
-                              const byte* salt, word32 saltSz)
-{
-    SrpHash hash;
-    byte digest1[SRP_MAX_DIGEST_SIZE];
-    byte digest2[SRP_MAX_DIGEST_SIZE];
-    byte pad = 0;
-    int r;
-    word32 i;
-    int hashSize = 0;
-
-    if (!srp || !N || !g || !salt || nSz < gSz)
-        return BAD_FUNC_ARG;
-
-    if (!srp->user)
-        return SRP_CALL_ORDER_E;
-
-    hashSize = SrpHashSize(srp->type);
-    if (hashSize < 0)
-        return hashSize;
-
-    /* Set N */
-    if (mp_read_unsigned_bin(&srp->N, N, nSz) != MP_OKAY)
-        return MP_READ_E;
-
-    if (mp_count_bits(&srp->N) < SRP_MODULUS_MIN_BITS)
-        return BAD_FUNC_ARG;
-
-    /* Set g */
-    if (mp_read_unsigned_bin(&srp->g, g, gSz) != MP_OKAY)
-        return MP_READ_E;
-
-    if (mp_cmp(&srp->N, &srp->g) != MP_GT)
-        return BAD_FUNC_ARG;
-
-    /* Set salt */
-    if (srp->salt) {
-        ForceZero(srp->salt, srp->saltSz);
-        XFREE(srp->salt, srp->heap, DYNAMIC_TYPE_SRP);
-    }
-
-    srp->salt = (byte*)XMALLOC(saltSz, srp->heap, DYNAMIC_TYPE_SRP);
-    if (srp->salt == NULL)
-        return MEMORY_E;
-
-    XMEMCPY(srp->salt, salt, saltSz);
-    srp->saltSz = saltSz;
-
-    /* Set k = H(N, g) */
-    r = SrpHashInit(&hash, srp->type, srp->heap);
-    if (!r) r = SrpHashUpdate(&hash, (byte*) N, nSz);
-    for (i = 0; (word32)i < nSz - gSz; i++) {
-        if (!r) r = SrpHashUpdate(&hash, &pad, 1);
-    }
-    if (!r) r = SrpHashUpdate(&hash, (byte*) g, gSz);
-    if (!r) r = SrpHashFinal(&hash, srp->k);
-    SrpHashFree(&hash);
-
-    /* update client proof */
-
-    /* digest1 = H(N) */
-    if (!r) r = SrpHashInit(&hash, srp->type, srp->heap);
-    if (!r) r = SrpHashUpdate(&hash, (byte*) N, nSz);
-    if (!r) r = SrpHashFinal(&hash, digest1);
-    SrpHashFree(&hash);
-
-    /* digest2 = H(g) */
-    if (!r) r = SrpHashInit(&hash, srp->type, srp->heap);
-    if (!r) r = SrpHashUpdate(&hash, (byte*) g, gSz);
-    if (!r) r = SrpHashFinal(&hash, digest2);
-    SrpHashFree(&hash);
-
-    /* digest1 = H(N) ^ H(g) */
-    if (r == 0) {
-        for (i = 0; i < (word32)hashSize; i++)
-            digest1[i] ^= digest2[i];
-    }
-
-    /* digest2 = H(user) */
-    if (!r) r = SrpHashInit(&hash, srp->type, srp->heap);
-    if (!r) r = SrpHashUpdate(&hash, srp->user, srp->userSz);
-    if (!r) r = SrpHashFinal(&hash, digest2);
-    SrpHashFree(&hash);
-
-    /* client proof = H( H(N) ^ H(g) | H(user) | salt) */
-    if (!r) r = SrpHashUpdate(&srp->client_proof, digest1, (word32)hashSize);
-    if (!r) r = SrpHashUpdate(&srp->client_proof, digest2, (word32)hashSize);
-    if (!r) r = SrpHashUpdate(&srp->client_proof, salt, saltSz);
-
-    return r;
-}
-
-int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size)
-{
-    SrpHash hash;
-    byte digest[SRP_MAX_DIGEST_SIZE];
-    int digestSz;
-    int r;
-
-    if (!srp || !password || srp->side != SRP_CLIENT_SIDE)
-        return BAD_FUNC_ARG;
-
-    if (!srp->salt)
-        return SRP_CALL_ORDER_E;
-
-    digestSz = SrpHashSize(srp->type);
-    if (digestSz < 0)
-        return digestSz;
-
-    /* digest = H(username | ':' | password) */
-            r = SrpHashInit(&hash, srp->type, srp->heap);
-    if (!r) r = SrpHashUpdate(&hash, srp->user, srp->userSz);
-    if (!r) r = SrpHashUpdate(&hash, (const byte*) ":", 1);
-    if (!r) r = SrpHashUpdate(&hash, password, size);
-    if (!r) r = SrpHashFinal(&hash, digest);
-    SrpHashFree(&hash);
-
-    /* digest = H(salt | H(username | ':' | password)) */
-    if (!r) r = SrpHashInit(&hash, srp->type, srp->heap);
-    if (!r) r = SrpHashUpdate(&hash, srp->salt, srp->saltSz);
-    if (!r) r = SrpHashUpdate(&hash, digest, (word32)digestSz);
-    if (!r) r = SrpHashFinal(&hash, digest);
-    SrpHashFree(&hash);
-
-    /* Set x (private key) */
-    if (!r) r = mp_read_unsigned_bin(&srp->auth, digest, (word32)digestSz);
-
-    ForceZero(digest, SRP_MAX_DIGEST_SIZE);
-
-    return r;
-}
-
-int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size)
-{
-    WC_DECLARE_VAR(v, mp_int, 1, 0);
-    int r;
-
-    if (!srp || !verifier || !size || srp->side != SRP_CLIENT_SIDE)
-        return BAD_FUNC_ARG;
-
-    if (mp_iszero(&srp->auth) == MP_YES)
-        return SRP_CALL_ORDER_E;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((v = (mp_int *)XMALLOC(sizeof(*v), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL)
-        return MEMORY_E;
-#endif
-
-    r = mp_init(v);
-    if (r != MP_OKAY)
-        r = MP_INIT_E;
-    /* v = g ^ x % N */
-    if (!r) r = mp_exptmod(&srp->g, &srp->auth, &srp->N, v);
-    if (!r) r = *size < (word32)mp_unsigned_bin_size(v) ? BUFFER_E : MP_OKAY;
-    if (!r) r = mp_to_unsigned_bin(v, verifier);
-    if (!r) *size = (word32)mp_unsigned_bin_size(v);
-
-    mp_clear(v);
-    WC_FREE_VAR_EX(v, srp->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return r;
-}
-
-int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size)
-{
-    if (!srp || !verifier || srp->side != SRP_SERVER_SIDE)
-        return BAD_FUNC_ARG;
-
-    return mp_read_unsigned_bin(&srp->auth, verifier, size);
-}
-
-int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size)
-{
-    WC_DECLARE_VAR(p, mp_int, 1, 0);
-    int r;
-
-    if (!srp || !priv || !size)
-        return BAD_FUNC_ARG;
-
-    if (mp_iszero(&srp->auth) == MP_YES)
-        return SRP_CALL_ORDER_E;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((p = (mp_int *)XMALLOC(sizeof(*p), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL)
-        return MEMORY_E;
-#endif
-
-    r = mp_init(p);
-    if (r != MP_OKAY)
-        r = MP_INIT_E;
-    if (!r) r = mp_read_unsigned_bin(p, priv, size);
-    if (!r) r = mp_mod(p, &srp->N, &srp->priv);
-    if (!r) r = mp_iszero(&srp->priv) == MP_YES ? SRP_BAD_KEY_E : 0;
-
-    mp_clear(p);
-    WC_FREE_VAR_EX(p, srp->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return r;
-}
-
-/** Generates random data using wolfcrypt RNG. */
-static int wc_SrpGenPrivate(Srp* srp, byte* priv, word32 size)
-{
-    WC_RNG rng;
-    int r = wc_InitRng_ex(&rng, srp->heap, INVALID_DEVID);
-
-    if (!r) r = wc_RNG_GenerateBlock(&rng, priv, size);
-    if (!r) r = wc_SrpSetPrivate(srp, priv, size);
-    if (!r) wc_FreeRng(&rng);
-
-    return r;
-}
-
-int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size)
-{
-    WC_DECLARE_VAR(pubkey, mp_int, 1, 0);
-    word32 modulusSz;
-    int r;
-    int hashSize;
-
-    if (!srp || !pub || !size)
-        return BAD_FUNC_ARG;
-
-    hashSize = SrpHashSize(srp->type);
-    if (hashSize < 0)
-        return hashSize;
-
-    if (mp_iszero(&srp->auth) == MP_YES)
-        return SRP_CALL_ORDER_E;
-
-    modulusSz = (word32)mp_unsigned_bin_size(&srp->N);
-    if (*size < modulusSz)
-        return BUFFER_E;
-
-#ifdef WOLFSSL_SMALL_STACK
-    if ((pubkey = (mp_int *)XMALLOC(sizeof(*pubkey), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL)
-        return MEMORY_E;
-#endif
-    r = mp_init(pubkey);
-    if (r != MP_OKAY)
-        r = MP_INIT_E;
-
-    /* priv = random() */
-    if (mp_iszero(&srp->priv) == MP_YES)
-        if (! r) r = wc_SrpGenPrivate(srp, pub, SRP_PRIVATE_KEY_MIN_BITS / 8);
-
-    /* client side: A = g ^ a % N */
-    if (srp->side == SRP_CLIENT_SIDE) {
-        if (!r) r = mp_exptmod(&srp->g, &srp->priv, &srp->N, pubkey);
-
-    /* server side: B = (k * v + (g ^ b % N)) % N */
-    } else {
-        if (! r) {
-#ifdef WOLFSSL_SMALL_STACK
-            mp_int *i = NULL, *j = NULL;
-#else
-            mp_int i[1], j[1];
-#endif
-#ifdef WOLFSSL_SMALL_STACK
-            if (((i = (mp_int *)XMALLOC(sizeof(*i), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL) ||
-                ((j = (mp_int *)XMALLOC(sizeof(*j), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL))
-                r = MEMORY_E;
-            if (!r)
-#endif
-            {
-                r = mp_init_multi(i, j, 0, 0, 0, 0);
-            }
-            if (!r) r = mp_read_unsigned_bin(i, srp->k, (word32)hashSize);
-            if (!r) r = mp_iszero(i) == MP_YES ? SRP_BAD_KEY_E : 0;
-            if (!r) r = mp_exptmod(&srp->g, &srp->priv, &srp->N, pubkey);
-            if (!r) r = mp_mulmod(i, &srp->auth, &srp->N, j);
-            if (!r) r = mp_add(j, pubkey, i);
-            if (!r) r = mp_mod(i, &srp->N, pubkey);
-#ifdef WOLFSSL_SMALL_STACK
-            if (i != NULL) {
-                mp_clear(i);
-                XFREE(i, srp->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            }
-            if (j != NULL) {
-                mp_clear(j);
-                XFREE(j, srp->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            }
-#else
-            mp_clear(i); mp_clear(j);
-#endif
-        }
-    }
-
-    /* extract public key to buffer */
-    XMEMSET(pub, 0, modulusSz);
-    if (!r) r = mp_to_unsigned_bin(pubkey, pub);
-    if (!r) *size = (word32)mp_unsigned_bin_size(pubkey);
-
-    mp_clear(pubkey);
-    WC_FREE_VAR_EX(pubkey, srp->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return r;
-}
-
-static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size)
-{
-    SrpHash hash;
-    byte digest[SRP_MAX_DIGEST_SIZE];
-    word32 i, j;
-    int digestSz;
-    byte counter[4];
-    int r = WC_NO_ERR_TRACE(BAD_FUNC_ARG);
-
-    digestSz = SrpHashSize(srp->type);
-    if (digestSz < 0)
-        return digestSz;
-
-    XMEMSET(digest, 0, SRP_MAX_DIGEST_SIZE);
-
-    srp->key = (byte*)XMALLOC(2 * (word32)digestSz, srp->heap, DYNAMIC_TYPE_SRP);
-    if (srp->key == NULL)
-        return MEMORY_E;
-
-    srp->keySz = 2 * (word32)digestSz;
-
-    for (i = j = 0; j < srp->keySz; i++) {
-        counter[0] = (byte)(i >> 24);
-        counter[1] = (byte)(i >> 16);
-        counter[2] = (byte)(i >>  8);
-        counter[3] = (byte) i;
-
-        r = SrpHashInit(&hash, srp->type, srp->heap);
-        if (!r) r = SrpHashUpdate(&hash, secret, size);
-        if (!r) r = SrpHashUpdate(&hash, counter, 4);
-
-        if (!r) {
-            if (j + (word32)digestSz > srp->keySz) {
-                r = SrpHashFinal(&hash, digest);
-                XMEMCPY(srp->key + j, digest, srp->keySz - j);
-                j = srp->keySz;
-            }
-            else
-            {
-                r = SrpHashFinal(&hash, srp->key + j);
-                j += (word32)digestSz;
-            }
-        }
-        SrpHashFree(&hash);
-        if (r)
-            break;
-    }
-
-    ForceZero(digest, sizeof(digest));
-    ForceZero(&hash, sizeof(SrpHash));
-
-    return r;
-}
-
-int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
-                               byte* serverPubKey, word32 serverPubKeySz)
-{
-#ifdef WOLFSSL_SMALL_STACK
-    SrpHash *hash = NULL;
-    byte *digest = NULL;
-    mp_int *u = NULL;
-    mp_int *s = NULL;
-    mp_int *temp1 = NULL;
-    mp_int *temp2 = NULL;
-#else
-    SrpHash hash[1];
-    byte digest[SRP_MAX_DIGEST_SIZE];
-    mp_int u[1], s[1], temp1[1], temp2[1];
-#endif
-    byte *secret = NULL;
-    word32 i, secretSz;
-    int digestSz;
-    byte pad = 0;
-    int r;
-
-    /* validating params */
-
-    if (!srp || !clientPubKey || clientPubKeySz == 0
-        || !serverPubKey || serverPubKeySz == 0) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    hash = (SrpHash *)XMALLOC(sizeof *hash, srp->heap, DYNAMIC_TYPE_SRP);
-    digest = (byte *)XMALLOC(SRP_MAX_DIGEST_SIZE, srp->heap, DYNAMIC_TYPE_SRP);
-    u = (mp_int *)XMALLOC(sizeof *u, srp->heap, DYNAMIC_TYPE_SRP);
-    s = (mp_int *)XMALLOC(sizeof *s, srp->heap, DYNAMIC_TYPE_SRP);
-    temp1 = (mp_int *)XMALLOC(sizeof *temp1, srp->heap, DYNAMIC_TYPE_SRP);
-    temp2 = (mp_int *)XMALLOC(sizeof *temp2, srp->heap, DYNAMIC_TYPE_SRP);
-
-    if ((hash == NULL) ||
-        (digest == NULL) ||
-        (u == NULL) ||
-        (s == NULL) ||
-        (temp1 == NULL) ||
-        (temp2 == NULL)) {
-        r = MEMORY_E;
-        goto out;
-    }
-#endif
-
-    if ((mp_init_multi(u, s, temp1, temp2, 0, 0)) != MP_OKAY) {
-        r = MP_INIT_E;
-        goto out;
-    }
-
-    if (mp_iszero(&srp->priv) == MP_YES) {
-        r = SRP_CALL_ORDER_E;
-        goto out;
-    }
-
-    /* initializing variables */
-
-    if ((r = SrpHashInit(hash, srp->type, srp->heap)) != 0)
-        goto out;
-
-    digestSz = SrpHashSize(srp->type);
-    if (digestSz < 0) {
-        r = digestSz;
-        goto out;
-    }
-
-    secretSz = (word32)mp_unsigned_bin_size(&srp->N);
-
-    if ((secretSz < clientPubKeySz) || (secretSz < serverPubKeySz)) {
-        r = BAD_FUNC_ARG;
-        goto out;
-    }
-
-    if ((secret = (byte*)XMALLOC(secretSz, srp->heap, DYNAMIC_TYPE_SRP)) == NULL) {
-        r = MEMORY_E;
-        goto out;
-    }
-
-    /* building u (random scrambling parameter) */
-
-    /* H(A) */
-    for (i = 0; i < secretSz - clientPubKeySz; i++) {
-        if ((r = SrpHashUpdate(hash, &pad, 1)))
-            goto out;
-    }
-
-    if ((r = SrpHashUpdate(hash, clientPubKey, clientPubKeySz)))
-        goto out;
-
-    /* H(A | B) */
-    for (i = 0; i < secretSz - serverPubKeySz; i++) {
-        if ((r = SrpHashUpdate(hash, &pad, 1)))
-            goto out;
-    }
-    if ((r = SrpHashUpdate(hash, serverPubKey, serverPubKeySz)))
-        goto out;
-
-    /* set u */
-    if ((r = SrpHashFinal(hash, digest)))
-        goto out;
-    if ((r = mp_read_unsigned_bin(u, digest, (word32)digestSz)))
-        goto out;
-    SrpHashFree(hash);
-
-    /* building s (secret) */
-
-    if (srp->side == SRP_CLIENT_SIDE) {
-
-        /* temp1 = B - k * v; rejects k == 0, B == 0 and B >= N. */
-        if ((r = mp_read_unsigned_bin(temp1, srp->k, (word32)digestSz)))
-            goto out;
-        if (mp_iszero(temp1) == MP_YES) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-        if ((r = mp_exptmod(&srp->g, &srp->auth, &srp->N, temp2)))
-            goto out;
-        if ((r = mp_mulmod(temp1, temp2, &srp->N, s)))
-            goto out;
-        if ((r = mp_read_unsigned_bin(temp2, serverPubKey, serverPubKeySz)))
-            goto out;
-        if (mp_iszero(temp2) == MP_YES) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-        if (mp_cmp(temp2, &srp->N) != MP_LT) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-        if ((r = mp_submod(temp2, s, &srp->N, temp1)))
-            goto out;
-
-        /* temp2 = a + u * x */
-        if ((r = mp_mulmod(u, &srp->auth, &srp->N, s)))
-            goto out;
-        if ((r = mp_add(&srp->priv, s, temp2)))
-            goto out;
-
-        /* secret = temp1 ^ temp2 % N */
-        if ((r = mp_exptmod(temp1, temp2, &srp->N, s)))
-            goto out;
-
-    } else if (srp->side == SRP_SERVER_SIDE) {
-        /* temp1 = v ^ u % N */
-        if ((r = mp_exptmod(&srp->auth, u, &srp->N, temp1)))
-            goto out;
-
-        /* temp2 = A * temp1 % N; rejects A == 0, A >= N */
-        if ((r = mp_read_unsigned_bin(s, clientPubKey, clientPubKeySz)))
-            goto out;
-        if (mp_iszero(s) == MP_YES) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-        if (mp_cmp(s, &srp->N) != MP_LT) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-        if ((r = mp_mulmod(s, temp1, &srp->N, temp2)))
-            goto out;
-
-        /* rejects A * v ^ u % N >= 1, A * v ^ u % N == -1 % N */
-        if ((r = mp_read_unsigned_bin(temp1, (const byte*)"\001", 1)))
-            goto out;
-        if (mp_cmp(temp2, temp1) != MP_GT) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-        if ((r = mp_sub(&srp->N, temp1, s)))
-            goto out;
-        if (mp_cmp(temp2, s) == MP_EQ) {
-            r = SRP_BAD_KEY_E;
-            goto out;
-        }
-
-        /* secret = temp2 * b % N */
-        if ((r = mp_exptmod(temp2, &srp->priv, &srp->N, s)))
-            goto out;
-    }
-
-    /* building session key from secret */
-
-    if ((r = mp_to_unsigned_bin(s, secret)))
-        goto out;
-    if ((r = srp->keyGenFunc_cb(srp, secret, (word32)mp_unsigned_bin_size(s))))
-        goto out;
-
-    /* updating client proof = H( H(N) ^ H(g) | H(user) | salt | A | B | K) */
-
-    if ((r = SrpHashUpdate(&srp->client_proof, clientPubKey, clientPubKeySz)))
-        goto out;
-    if ((r = SrpHashUpdate(&srp->client_proof, serverPubKey, serverPubKeySz)))
-        goto out;
-    if ((r = SrpHashUpdate(&srp->client_proof, srp->key,     srp->keySz)))
-        goto out;
-
-    /* updating server proof = H(A) */
-
-    r = SrpHashUpdate(&srp->server_proof, clientPubKey, clientPubKeySz);
-
-  out:
-
-    if (secret) {
-        ForceZero(secret, secretSz);
-        XFREE(secret, srp->heap, DYNAMIC_TYPE_SRP);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(hash, srp->heap, DYNAMIC_TYPE_SRP);
-    XFREE(digest, srp->heap, DYNAMIC_TYPE_SRP);
-    if (u) {
-        if (r != WC_NO_ERR_TRACE(MP_INIT_E))
-            mp_clear(u);
-        XFREE(u, srp->heap, DYNAMIC_TYPE_SRP);
-    }
-    if (s) {
-        if (r != WC_NO_ERR_TRACE(MP_INIT_E))
-            mp_clear(s);
-        XFREE(s, srp->heap, DYNAMIC_TYPE_SRP);
-    }
-    if (temp1) {
-        if (r != WC_NO_ERR_TRACE(MP_INIT_E))
-            mp_clear(temp1);
-        XFREE(temp1, srp->heap, DYNAMIC_TYPE_SRP);
-    }
-    if (temp2) {
-        if (r != WC_NO_ERR_TRACE(MP_INIT_E))
-            mp_clear(temp2);
-        XFREE(temp2, srp->heap, DYNAMIC_TYPE_SRP);
-    }
-#else
-    if (r != WC_NO_ERR_TRACE(MP_INIT_E)) {
-        mp_clear(u);
-        mp_clear(s);
-        mp_clear(temp1);
-        mp_clear(temp2);
-    }
-#endif
-
-    return r;
-}
-
-int wc_SrpGetProof(Srp* srp, byte* proof, word32* size)
-{
-    int r;
-    int hashSize;
-
-    if (!srp || !proof || !size)
-        return BAD_FUNC_ARG;
-
-    hashSize = SrpHashSize(srp->type);
-    if (hashSize < 0)
-        return ALGO_ID_E;
-
-    if (*size < (word32)hashSize)
-        return BUFFER_E;
-
-    if ((r = SrpHashFinal(srp->side == SRP_CLIENT_SIDE
-                          ? &srp->client_proof
-                          : &srp->server_proof, proof)) != 0)
-        return r;
-
-    *size = (word32)hashSize;
-
-    if (srp->side == SRP_CLIENT_SIDE) {
-        /* server proof = H( A | client proof | K) */
-        if (!r) r = SrpHashUpdate(&srp->server_proof, proof, *size);
-        if (!r) r = SrpHashUpdate(&srp->server_proof, srp->key, srp->keySz);
-    }
-
-    return r;
-}
-
-int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size)
-{
-    byte digest[SRP_MAX_DIGEST_SIZE];
-    int r;
-    int hashSize;
-
-    if (!srp || !proof)
-        return BAD_FUNC_ARG;
-
-    hashSize = SrpHashSize(srp->type);
-    if (hashSize < 0)
-        return ALGO_ID_E;
-
-    if (size != (word32)hashSize)
-        return BUFFER_E;
-
-    r = SrpHashFinal(srp->side == SRP_CLIENT_SIDE ? &srp->server_proof
-                                                  : &srp->client_proof, digest);
-
-    if (srp->side == SRP_SERVER_SIDE) {
-        /* server proof = H( A | client proof | K) */
-        if (!r) r = SrpHashUpdate(&srp->server_proof, proof, size);
-        if (!r) r = SrpHashUpdate(&srp->server_proof, srp->key, srp->keySz);
-    }
-
-    if (!r && XMEMCMP(proof, digest, size) != 0)
-        r = SRP_VERIFY_E;
-
-    return r;
-}
-
-#endif /* WOLFCRYPT_HAVE_SRP */
diff --git a/src/ssl/wolfssl/wolfcrypt/tfm.c b/src/ssl/wolfssl/wolfcrypt/tfm.c
deleted file mode 100644
index a4f522672..000000000
--- a/src/ssl/wolfssl/wolfcrypt/tfm.c
+++ /dev/null
@@ -1,6002 +0,0 @@
-/* tfm.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-/*
- * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-/**
- *  Edited by Moises Guimaraes (moises@wolfssl.com)
- *  to fit wolfSSL's needs.
- */
-
-#ifdef USE_FAST_MATH
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/tfm.h>
-#include <wolfcrypt/src/asm.c>  /* will define asm MACROS or C ones */
-#include <wolfssl/wolfcrypt/wolfmath.h> /* common functions */
-#include <wolfssl/wolfcrypt/logging.h>
-
-#ifdef WOLFSSL_ESPIDF
-    #include <esp_log.h>
-    #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
-#endif
-
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
-    static const char* TAG = "TFM"; /* esp log breadcrumb */
-    #if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
-        /* Each individual math HW can be turned on or off.
-         * Listed in order of complexity and historical difficulty. */
-        #define WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
-        #define WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
-        #define WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
-    #endif
-
-    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
-        #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
-    #endif
-
-    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-        #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
-    #endif
-
-    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
-        #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
-    #endif
-
-    /* Note with HW there's a ESP_RSA_EXPT_XBITS setting
-     * as for some small numbers, SW may be faster.
-     * See ESP_LOGV messages for ESP_RSA_EXPT_XBITS values. */
-
-#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI */
-
-#if defined(FREESCALE_LTC_TFM)
-    #include <wolfssl/wolfcrypt/port/nxp/ksdk_port.h>
-#endif
-#ifdef WOLFSSL_DEBUG_MATH
-    #include <stdio.h>
-#endif
-
-#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)
-#ifdef __cplusplus
-    extern "C" {
-#endif
-WOLFSSL_LOCAL int sp_ModExp_1024(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_1536(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_2048(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_3072(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-WOLFSSL_LOCAL int sp_ModExp_4096(mp_int* base, mp_int* exp, mp_int* mod,
-    mp_int* res);
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-#endif
-
-
-#if !defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)
-/* math settings check */
-word32 CheckRunTimeSettings(void)
-{
-    return CTC_SETTINGS;
-}
-
-/* math settings size check */
-word32 CheckRunTimeFastMath(void)
-{
-    return FP_SIZE;
-}
-#endif
-
-
-/* Functions */
-
-int fp_add(fp_int *a, fp_int *b, fp_int *c)
-{
-  int sa, sb;
-  int ret = FP_OKAY;
-
-  /* get sign of both inputs */
-  sa = a->sign;
-  sb = b->sign;
-
-  /* handle two cases, not four */
-  if (sa == sb) {
-    /* both positive or both negative */
-    /* add their magnitudes, copy the sign */
-    c->sign = sa;
-    ret = s_fp_add (a, b, c);
-  } else {
-    /* one positive, the other negative */
-    /* subtract the one with the greater magnitude from */
-    /* the one of the lesser magnitude.  The result gets */
-    /* the sign of the one with the greater magnitude. */
-    if (fp_cmp_mag (a, b) == FP_LT) {
-      c->sign = sb;
-      s_fp_sub (b, a, c);
-    } else {
-      c->sign = sa;
-      s_fp_sub (a, b, c);
-    }
-  }
-
-  return ret;
-}
-
-/* unsigned addition */
-int s_fp_add(fp_int *a, fp_int *b, fp_int *c)
-{
-  int      x, y, oldused;
-  fp_word  t;
-
-  y       = MAX(a->used, b->used);
-  oldused = MIN(c->used, FP_SIZE);   /* help static analysis w/ largest size */
-  c->used = y;
-
-  t = 0;
-#ifdef HONOR_MATH_USED_LENGTH
-  for (x = 0; x < y; x++) {
-      if ( (x < a->used) && (x < b->used) ) {
-          /* x is less than both [a].used and [b].used, so we add both */
-                  t += ((fp_word)a->dp[x])    +    ((fp_word)b->dp[x]);
-      }
-      else {
-          /* Here we honor the actual [a].used and [b].used values
-           * and NOT assume that values beyond [used] are zero. */
-          if ((x >= a->used) && (x < b->used)) {
-                  /* x more than [a].used, [b] ok, so just add [b] */
-                  t += /* ((fp_word)(0))      + */ ((fp_word)b->dp[x]);
-          }
-          else {
-              if ((x < a->used) && (x >= b->used)) {
-                  /* x more than [b].used, [a] ok, so just add [a] */
-                  t += ((fp_word)a->dp[x]) /* +     (fp_word)(0) */;
-              }
-              else {
-                  /* we should never get here, as a.used cannot be greater
-                   * than b.used, while b.used is greater than a.used! */
-               /* t += 0 + 0 */
-              }
-          }
-      }
-      c->dp[x]   = (fp_digit)t;
-      t        >>= DIGIT_BIT;
-  }
-
-#else
-  /* the original code */
-  for (x = 0; x < y; x++) {
-      t         += ((fp_word)a->dp[x]) + ((fp_word)b->dp[x]);
-      c->dp[x]   = (fp_digit)t;
-      t        >>= DIGIT_BIT;
-  }
-#endif /* HONOR_MATH_USED_LENGTH */
-
-  if (t != 0) {
-     if (x == FP_SIZE)
-         return FP_VAL;
-     c->dp[c->used++] = (fp_digit)t;
-     ++x;
-  }
-
-  c->used = x;
-
-  /* zero any excess digits on the destination that we didn't write to */
-  for (; x < oldused; x++) {
-     c->dp[x] = 0;
-  }
-  fp_clamp(c);
-  return FP_OKAY;
-}
-
-/* c = a - b */
-int fp_sub(fp_int *a, fp_int *b, fp_int *c)
-{
-  int sa, sb;
-  int ret = FP_OKAY;
-
-  sa = a->sign;
-  sb = b->sign;
-
-  if (sa != sb) {
-    /* subtract a negative from a positive, OR */
-    /* subtract a positive from a negative. */
-    /* In either case, ADD their magnitudes, */
-    /* and use the sign of the first number. */
-    c->sign = sa;
-    ret = s_fp_add (a, b, c);
-  } else {
-    /* subtract a positive from a positive, OR */
-    /* subtract a negative from a negative. */
-    /* First, take the difference between their */
-    /* magnitudes, then... */
-    if (fp_cmp_mag (a, b) != FP_LT) {
-      /* Copy the sign from the first */
-      c->sign = sa;
-      /* The first has a larger or equal magnitude */
-      s_fp_sub (a, b, c);
-    } else {
-      /* The result has the *opposite* sign from */
-      /* the first number. */
-      c->sign = (sa == FP_ZPOS) ? FP_NEG : FP_ZPOS;
-      /* The second has a larger magnitude */
-      s_fp_sub (b, a, c);
-    }
-  }
-  return ret;
-}
-
-/* unsigned subtraction ||a|| >= ||b|| ALWAYS! */
-void s_fp_sub(fp_int *a, fp_int *b, fp_int *c)
-{
-  int      x, oldbused, oldused;
-  fp_word  t;
-
-  oldused  = c->used;
-  oldbused = b->used;
-  c->used  = a->used;
-  t       = 0;
-  for (x = 0; x < oldbused; x++) {
-     t         = ((fp_word)a->dp[x]) - (((fp_word)b->dp[x]) + t);
-     c->dp[x]  = (fp_digit)t;
-     t         = (t >> DIGIT_BIT)&1;
-  }
-  for (; x < a->used; x++) {
-     t         = ((fp_word)a->dp[x]) - t;
-     c->dp[x]  = (fp_digit)t;
-     t         = (t >> DIGIT_BIT)&1;
-   }
-
-  /* zero any excess digits on the destination that we didn't write to */
-  for (; x < oldused; x++) {
-     c->dp[x] = 0;
-  }
-  fp_clamp(c);
-}
-
-/* c = a * b */
-int fp_mul(fp_int *A, fp_int *B, fp_int *C)
-{
-    int   ret = FP_OKAY;
-    int   y, yy, oldused;
-
-    oldused = C->used;
-
-    y  = MAX(A->used, B->used);
-    yy = MIN(A->used, B->used);
-
-    /* fail if we are out of range */
-    if (y + yy >= FP_SIZE) {
-       ret = FP_VAL;
-       goto clean;
-    }
-
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
-    if (esp_hw_validation_active()) {
-        ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
-                      "during active validation.");
-    }
-    else {
-        ret = esp_mp_mul(A, B, C); /* HW accelerated multiply  */
-        switch (ret) {
-            case MP_OKAY:
-                goto clean; /* success */
-                break;
-
-            case WC_NO_ERR_TRACE(WC_HW_WAIT_E): /* MP_HW_BUSY math HW busy, fall back */
-            case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
-            case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
-                /* fall back to software, below */
-                break;
-
-            default:
-                /* Once we've failed, exit without trying to continue.
-                 * We may have mangled operands: (e.g. Z = X * Z)
-                 * Future implementation may consider saving operands,
-                 * but errors should never occur. */
-                goto clean;  /* error */
-                break;
-        }
-    }
-    /* fall through to software calcs */
-#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
-
-    /* pick a comba (unrolled 4/8/16/32 x or rolled) based on the size
-       of the largest input.  We also want to avoid doing excess mults if the
-       inputs are not close to the next power of two.  That is, for example,
-       if say y=17 then we would do (32-17)^2 = 225 unneeded multiplications
-    */
-
-#if defined(TFM_MUL3) && FP_SIZE >= 6
-        if (y <= 3) {
-           ret = fp_mul_comba3(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL4) && FP_SIZE >= 8
-        if (y == 4) {
-           ret = fp_mul_comba4(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL6) && FP_SIZE >= 12
-        if (y <= 6) {
-           ret = fp_mul_comba6(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL7) && FP_SIZE >= 14
-        if (y == 7) {
-           ret = fp_mul_comba7(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL8) && FP_SIZE >= 16
-        if (y == 8) {
-           ret = fp_mul_comba8(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL9) && FP_SIZE >= 18
-        if (y == 9) {
-           ret = fp_mul_comba9(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL12) && FP_SIZE >= 24
-        if (y <= 12) {
-           ret = fp_mul_comba12(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL17) && FP_SIZE >= 34
-        if (y <= 17) {
-           ret = fp_mul_comba17(A,B,C);
-           goto clean;
-        }
-#endif
-
-#if defined(TFM_SMALL_SET) && FP_SIZE >= 32
-        if (y <= 16) {
-           ret = fp_mul_comba_small(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL20) && FP_SIZE >= 40
-        if (y <= 20) {
-           ret = fp_mul_comba20(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL24) && FP_SIZE >= 48
-        if (yy >= 16 && y <= 24) {
-           ret = fp_mul_comba24(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL28) && FP_SIZE >= 56
-        if (yy >= 20 && y <= 28) {
-           ret = fp_mul_comba28(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL32) && FP_SIZE >= 64
-        if (yy >= 24 && y <= 32) {
-           ret = fp_mul_comba32(A,B,C);
-           goto clean;
-        }
-#endif
-#if defined(TFM_MUL48) && FP_SIZE >= 96
-        if (yy >= 40 && y <= 48) {
-          ret = fp_mul_comba48(A,B,C);
-          goto clean;
-        }
-#endif
-#if defined(TFM_MUL64) && FP_SIZE >= 128
-        if (yy >= 56 && y <= 64) {
-           ret = fp_mul_comba64(A,B,C);
-           goto clean;
-        }
-#endif
-        ret = fp_mul_comba(A,B,C);
-
-clean:
-    /* zero any excess digits on the destination that we didn't write to */
-    for (y = C->used; y >= 0 && y < oldused; y++) {
-        C->dp[y] = 0;
-    }
-
-    return ret;
-}
-
-int fp_mul_2(fp_int * a, fp_int * b)
-{
-  int     x, oldused;
-
-  /* Make sure value to double and result are in range. */
-  if ((a->used > (FP_SIZE-1)) || ((a->used == (FP_SIZE - 1)) &&
-              ((a->dp[FP_SIZE - 1] & ((fp_digit)1 << (DIGIT_BIT - 1))) != 0))) {
-    return FP_VAL;
-  }
-
-  oldused = b->used;
-  b->used = a->used;
-
-  {
-    fp_digit r, rr, *tmpa, *tmpb;
-
-    /* alias for source */
-    tmpa = a->dp;
-
-    /* alias for dest */
-    tmpb = b->dp;
-
-    /* carry */
-    r = 0;
-    for (x = 0; x < a->used; x++) {
-
-      /* get what will be the *next* carry bit from the
-       * MSB of the current digit
-       */
-      rr = *tmpa >> ((fp_digit)(DIGIT_BIT - 1));
-
-      /* now shift up this digit, add in the carry [from the previous] */
-      *tmpb++ = ((*tmpa++ << ((fp_digit)1)) | r);
-
-      /* copy the carry that would be from the source
-       * digit into the next iteration
-       */
-      r = rr;
-    }
-
-    /* new leading digit? */
-    if (r != 0) {
-      /* add a MSB which is always 1 at this point */
-      *tmpb = 1;
-      ++(b->used);
-    }
-
-    /* zero any excess digits on the destination that we didn't write to */
-    tmpb = b->dp + b->used;
-    for (x = b->used; x < oldused; x++) {
-      *tmpb++ = 0;
-    }
-  }
-  b->sign = a->sign;
-
-  return FP_OKAY;
-}
-
-/* c = a * b */
-int fp_mul_d(fp_int *a, fp_digit b, fp_int *c)
-{
-   fp_word  w;
-   int      x, oldused;
-
-   oldused = c->used;
-   c->used = a->used;
-   c->sign = a->sign;
-   w       = 0;
-   for (x = 0; x < a->used; x++) {
-       w         = ((fp_word)a->dp[x]) * ((fp_word)b) + w;
-       c->dp[x]  = (fp_digit)w;
-       w         = w >> DIGIT_BIT;
-   }
-   if (w != 0) {
-      if (a->used == FP_SIZE)
-          return FP_VAL;
-      c->dp[c->used++] = (fp_digit) w;
-      ++x;
-   }
-
-   /* zero any excess digits on the destination that we didn't write to */
-   /* also checking FP_SIZE here for static analysis */
-   for (; x < oldused && x < FP_SIZE; x++) {
-      c->dp[x] = 0;
-   }
-
-   fp_clamp(c);
-   return FP_OKAY;
-}
-
-/* c = a * 2**d */
-int fp_mul_2d(fp_int *a, int b, fp_int *c)
-{
-   fp_digit carry, carrytmp, shift;
-   int x;
-
-   /* copy it */
-   fp_copy(a, c);
-
-   /* handle whole digits */
-   if (b >= DIGIT_BIT) {
-      int ret = fp_lshd(c, b/DIGIT_BIT);
-      if (ret != FP_OKAY)
-         return ret;
-   }
-   b %= DIGIT_BIT;
-
-   /* shift the digits */
-   if (b != 0) {
-      carry = 0;
-      shift = DIGIT_BIT - b;
-      for (x = 0; x < c->used; x++) {
-          carrytmp = c->dp[x] >> shift;
-          c->dp[x] = (c->dp[x] << b) + carry;
-          carry = carrytmp;
-      }
-      /* store last carry if room */
-      if (carry && x < FP_SIZE) {
-         c->dp[c->used++] = carry;
-      }
-      if (x == FP_SIZE)
-         return FP_VAL;
-   }
-   fp_clamp(c);
-   return FP_OKAY;
-}
-
-/* generic PxQ multiplier */
-#if defined(HAVE_INTEL_MULX)
-
-WC_INLINE static int fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C)
-
-{
-   int       ix, iy, iz, pa;
-   fp_int    *dst;
-   WC_DECLARE_VAR(tmp, fp_int, 1, 0);
-   fp_digit  carry;
-
-   /* Variables used but not seen by cppcheck. */
-   (void)ix; (void)iy; (void)iz;
-
-   WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-   /* get size of output and trim */
-   pa = A->used + B->used;
-   if (pa >= FP_SIZE) {
-      pa = FP_SIZE-1;
-   }
-
-   /* Always take branch to use tmp variable. This avoids a cache attack for
-    * determining if C equals A */
-   if (1) {
-      fp_init(tmp);
-      dst = tmp;
-   }
-
-   TFM_INTEL_MUL_COMBA(A, B, carry, dst) ;
-
-  dst->used = pa;
-  dst->sign = A->sign ^ B->sign;
-  fp_clamp(dst);
-  fp_copy(dst, C);
-
-  WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return FP_OKAY;
-}
-#endif
-
-/*  C = (A * B)   */
-int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
-{
-   int       ret = 0;
-   int       ix, iy, iz, tx, ty, pa;
-   fp_digit  c0, c1, c2, *tmpx, *tmpy;
-   fp_int    *dst;
-   WC_DECLARE_VAR(tmp, fp_int, 1, 0);
-
-   if (A->used + B->used >= FP_SIZE) return FP_VAL;
-
-   IF_HAVE_INTEL_MULX(ret = fp_mul_comba_mulx(A, B, C), return ret) ;
-
-   WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-   COMBA_START;
-   COMBA_CLEAR;
-
-   /* get size of output and trim */
-   pa = A->used + B->used;
-   if (pa >= FP_SIZE) {
-      pa = FP_SIZE-1;
-   }
-
-   /* Always take branch to use tmp variable. This avoids a cache attack for
-    * determining if C equals A */
-   if (1) {
-      fp_init(tmp);
-      dst = tmp;
-   }
-
-   for (ix = 0; ix < pa; ix++) {
-      /* get offsets into the two bignums */
-      ty = MIN(ix, (B->used > 0 ? B->used - 1 : 0));
-      tx = ix - ty;
-
-      /* setup temp aliases */
-      tmpx = A->dp + tx;
-      tmpy = B->dp + ty;
-
-      /* this is the number of times the loop will iterate, essentially its
-         while (tx++ < a->used && ty-- >= 0) { ... }
-       */
-      iy = MIN(A->used-tx, ty+1);
-
-      /* execute loop */
-      COMBA_FORWARD;
-      for (iz = 0; iz < iy; ++iz) {
-          fp_digit _tmpx = *tmpx++;
-          fp_digit _tmpy = *tmpy--;
-          MULADD(_tmpx, _tmpy);
-      }
-
-      /* store term */
-      COMBA_STORE(dst->dp[ix]);
-  }
-  COMBA_FINI;
-
-  dst->used = pa;
-
-  /* warning: WOLFSSL_SP_INT_NEGATIVE may disable negative numbers */
-  dst->sign = A->sign ^ B->sign;
-  fp_clamp(dst);
-  fp_copy(dst, C);
-
-  /* Variables used but not seen by cppcheck. */
-  (void)c0; (void)c1; (void)c2;
-
-  WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-  return ret;
-}
-
-/* a/b => cb + d == a */
-int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
-{
-  int     n, t, i, norm, neg;
-  int     ret;
-#ifndef WOLFSSL_SMALL_STACK
-  fp_int  q[1], x[1], y[1], t1[1], t2[1];
-#else
-  fp_int  *q, *x, *y, *t1, *t2;
-#endif
-
-  /* is divisor zero ? */
-  if (fp_iszero (b) == FP_YES) {
-    return FP_VAL;
-  }
-
-  /* if a < b then q=0, r = a */
-  if (fp_cmp_mag (a, b) == FP_LT)
-  {
-    if (d != NULL) {
-      fp_copy (a, d);
-    }
-    if (c != NULL) {
-      fp_zero (c);
-    }
-    return FP_OKAY;
-  }
-
-#ifdef WOLFSSL_SMALL_STACK          /* 0  1  2  3   4  */
-  /* allocate 5 elements of fp_int for q, x, y, t1, t2 */
-  q = (fp_int*)XMALLOC(sizeof(fp_int) * 5, NULL, DYNAMIC_TYPE_BIGINT);
-  if (q == NULL) {
-      return FP_MEM;
-  }
-  x = &q[1]; y = &q[2]; t1 = &q[3]; t2 = &q[4];
-#endif
-
-  fp_init(q);
-  /* qb + d = a, and b is an integer > 0, therefore q <= a */
-  q->used = a->used;
-
-  fp_init(t1);
-  fp_init(t2);
-
-  /* Init a copy (y) of the input (b) and
-  ** Init a copy (x) of the input (a)
-  **
-  ** ALERT: Not calling fp_init_copy() as some compiler optimization settings
-  ** such as -O2 will complain that (x) or (y) "may be used uninitialized".
-  ** The fp_init() is here only to appease the compiler.  */
-  fp_init(x);
-  fp_copy(a, x); /* copy (src = a) to (dst = x) */
-
-  fp_init(y);
-  fp_copy(b, y); /* copy (src = b) to (dst = y) */
-
-  /* fix the sign */
-  neg = (a->sign == b->sign) ? FP_ZPOS : FP_NEG;
-  x->sign = y->sign = FP_ZPOS;
-
-  /* normalize both x and y, ensure that y >= b/2, [b == 2**DIGIT_BIT] */
-  norm = fp_count_bits(y) % DIGIT_BIT;
-  if (norm < (int)(DIGIT_BIT-1)) {
-    norm = (DIGIT_BIT-1) - norm;
-    ret = fp_mul_2d (x, norm, x);
-    if (ret != FP_OKAY) {
-      WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-      return ret;
-    }
-    ret = fp_mul_2d (y, norm, y);
-    if (ret != FP_OKAY) {
-      WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-      return ret;
-    }
-  } else {
-    norm = 0;
-  }
-
-  /* note hac does 0 based, so if used==5 then its 0,1,2,3,4, e.g. use 4 */
-  n = x->used - 1;
-  t = y->used - 1;
-
-  /* while (x >= y*b**n-t) do { q[n-t] += 1; x -= y*b**{n-t} } */
-  ret = fp_lshd (y, n - t); /* y = y*b**{n-t} */
-  if (ret != FP_OKAY) {
-    WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-    return ret;
-  }
-
-  while (fp_cmp (x, y) != FP_LT) {
-    ++(q->dp[n - t]);
-    ret = fp_sub (x, y, x);
-    if (ret != FP_OKAY) {
-      WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-      return ret;
-    }
-  }
-
-  /* reset y by shifting it back down */
-  fp_rshd (y, n - t);
-
-  /* step 3. for i from n down to (t + 1) */
-  for (i = n; i >= (t + 1); i--) {
-    if (i > x->used) {
-      continue;
-    }
-
-    /* step 3.1 if xi == yt then set q{i-t-1} to b-1,
-     * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */
-    if (x->dp[i] == y->dp[t]) {
-      q->dp[i - t - 1] = (fp_digit) ((((fp_word)1) << DIGIT_BIT) - 1);
-    } else {
-      fp_word tmp;
-      tmp = ((fp_word) x->dp[i]) << ((fp_word) DIGIT_BIT);
-      tmp |= ((fp_word) x->dp[i - 1]);
-#ifdef WOLFSSL_LINUXKM
-      /* Linux kernel macro for in-place 64 bit integer division. */
-      do_div(tmp, (fp_word)y->dp[t]);
-#else
-      tmp /= ((fp_word)y->dp[t]);
-#endif
-      q->dp[i - t - 1] = (fp_digit) (tmp);
-    }
-
-    /* while (q{i-t-1} * (yt * b + y{t-1})) >
-             xi * b**2 + xi-1 * b + xi-2
-
-       do q{i-t-1} -= 1;
-    */
-    q->dp[i - t - 1] = (q->dp[i - t - 1] + 1);
-    do {
-      q->dp[i - t - 1] = (q->dp[i - t - 1] - 1);
-
-      /* find left hand */
-      fp_zero (t1);
-      t1->dp[0] = (t - 1 < 0) ? 0 : y->dp[t - 1];
-      t1->dp[1] = y->dp[t];
-      t1->used = 2;
-      ret = fp_mul_d (t1, q->dp[i - t - 1], t1);
-      if (ret != FP_OKAY) {
-        WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-        return ret;
-      }
-
-      /* find right hand */
-      t2->dp[0] = (i - 2 < 0) ? 0 : x->dp[i - 2];
-      t2->dp[1] = (i - 1 < 0) ? 0 : x->dp[i - 1];
-      t2->dp[2] = x->dp[i];
-      t2->used = 3;
-    } while (fp_cmp_mag(t1, t2) == FP_GT);
-
-    /* step 3.3 x = x - q{i-t-1} * y * b**{i-t-1} */
-    ret = fp_mul_d (y, q->dp[i - t - 1], t1);
-    if (ret != FP_OKAY) {
-      WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-      return ret;
-    }
-    ret = fp_lshd  (t1, i - t - 1);
-    if (ret != FP_OKAY) {
-      WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-      return ret;
-    }
-    ret = fp_sub   (x, t1, x);
-    if (ret != FP_OKAY) {
-      WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-      return ret;
-    }
-
-    /* if x < 0 then { x = x + y*b**{i-t-1}; q{i-t-1} -= 1; } */
-    if (x->sign == FP_NEG) {
-      fp_copy (y, t1);
-      ret = fp_lshd (t1, i - t - 1);
-      if (ret != FP_OKAY) {
-        WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-        return ret;
-      }
-      ret = fp_add (x, t1, x);
-      if (ret != FP_OKAY) {
-        WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-        return ret;
-      }
-      q->dp[i - t - 1] = q->dp[i - t - 1] - 1;
-    }
-  }
-
-  /* now q is the quotient and x is the remainder
-   * [which we have to normalize]
-   */
-
-  /* get sign before writing to c */
-  x->sign = x->used == 0 ? FP_ZPOS : a->sign;
-
-  if (c != NULL) {
-    fp_clamp (q);
-    fp_copy (q, c);
-    c->sign = neg;
-  }
-
-  if (d != NULL) {
-    fp_div_2d (x, norm, x, NULL);
-
-    /* zero any excess digits on the destination that we didn't write to */
-    for (i = b->used; i < x->used; i++) {
-        x->dp[i] = 0;
-    }
-    fp_clamp(x);
-    fp_copy (x, d);
-  }
-
-  WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-/* b = a/2 */
-void fp_div_2(fp_int * a, fp_int * b)
-{
-  int     x, oldused;
-
-  oldused = b->used;
-  b->used = a->used;
-  {
-    fp_digit r, rr, *tmpa, *tmpb;
-
-    /* source alias */
-    tmpa = a->dp + b->used - 1;
-
-    /* dest alias */
-    tmpb = b->dp + b->used - 1;
-
-    /* carry */
-    r = 0;
-    for (x = b->used - 1; x >= 0; x--) {
-      /* get the carry for the next iteration */
-      rr = *tmpa & 1;
-
-      /* shift the current digit, add in carry and store */
-      *tmpb-- = (*tmpa-- >> 1) | (r << (DIGIT_BIT - 1));
-
-      /* forward carry to next iteration */
-      r = rr;
-    }
-
-    /* zero any excess digits on the destination that we didn't write to */
-    tmpb = b->dp + b->used;
-    for (x = b->used; x < oldused; x++) {
-      *tmpb++ = 0;
-    }
-  }
-  b->sign = a->sign;
-  fp_clamp (b);
-}
-
-/* c = a / 2 (mod b) - constant time (a < b and positive) */
-int fp_div_2_mod_ct(fp_int *a, fp_int *b, fp_int *c)
-{
-  fp_word  w = 0;
-  fp_digit mask;
-  int i;
-
-  mask = (fp_digit)0 - (a->dp[0] & 1);
-  for (i = 0; i < b->used; i++) {
-      fp_digit mask_a = (fp_digit)0 - (i < a->used);
-
-      w         += b->dp[i] & mask;
-      w         += a->dp[i] & mask_a;
-      c->dp[i]   = (fp_digit)w;
-      w        >>= DIGIT_BIT;
-  }
-  for (i = 0; i < b->used-1; i++) {
-      c->dp[i] = (c->dp[i] >> 1) | (c->dp[i+1] << (DIGIT_BIT - 1));
-  }
-  c->dp[i] = (c->dp[i] >> 1) | ((fp_digit)w << (DIGIT_BIT - 1));
-  c->used = i + 1;
-  c->sign = FP_ZPOS;
-  fp_clamp(c);
-
-  return FP_OKAY;
-}
-
-/* c = a / 2**b */
-void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d)
-{
-  int      D;
-
-  /* if the shift count is <= 0 then we do no work */
-  if (b <= 0) {
-    fp_copy (a, c);
-    if (d != NULL) {
-      fp_zero (d);
-    }
-    return;
-  }
-
-  /* get the remainder before a is changed in calculating c */
-  if (a == c && d != NULL) {
-    fp_mod_2d (a, b, d);
-  }
-
-  /* copy */
-  fp_copy(a, c);
-
-  /* shift by as many digits in the bit count */
-  if (b >= (int)DIGIT_BIT) {
-    fp_rshd (c, b / DIGIT_BIT);
-  }
-
-  /* shift any bit count < DIGIT_BIT */
-  D = (b % DIGIT_BIT);
-  if (D != 0) {
-    fp_rshb(c, D);
-  }
-
-  /* get the remainder if a is not changed in calculating c */
-  if (a != c && d != NULL) {
-    fp_mod_2d (a, b, d);
-  }
-
-  fp_clamp (c);
-}
-
-/* c = a mod b, 0 <= c < b  */
-int fp_mod(fp_int *a, fp_int *b, fp_int *c)
-{
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-   int    err;
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-   fp_init(t);
-   err = fp_div(a, b, NULL, t);
-   if (err == FP_OKAY) {
-      if (!fp_iszero(t) && (t->sign != b->sign)) {
-         err = fp_add(t, b, c);
-      } else {
-         fp_copy(t, c);
-     }
-  }
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  return err;
-}
-
-/* c = a mod 2**d */
-void fp_mod_2d(fp_int *a, int b, fp_int *c)
-{
-   unsigned int x;
-   unsigned int bmax;
-
-   /* zero if count less than or equal to zero */
-   if (b <= 0) {
-      fp_zero(c);
-      return;
-   }
-
-   /* get copy of input */
-   fp_copy(a, c);
-
-   /* if 2**d is larger than we just return */
-   if (c->sign == FP_ZPOS && b >= (DIGIT_BIT * a->used)) {
-      return;
-   }
-
-   bmax = ((unsigned int)b + DIGIT_BIT - 1) / DIGIT_BIT;
-
-   /* If a is negative and bmax is greater than or equal to FP_SIZE, then the
-    * result can't fit within c. Just return. */
-   if (c->sign == FP_NEG && bmax >= FP_SIZE) {
-      return;
-   }
-
-  /* zero digits above the last digit of the modulus */
-   for (x = bmax; x < (unsigned int)c->used; x++) {
-    c->dp[x] = 0;
-  }
-
-  if (c->sign == FP_NEG) {
-     fp_digit carry = 0;
-     /* negate value */
-     for (x = 0; x < (unsigned int)c->used; x++) {
-         fp_digit next = c->dp[x] > 0;
-         c->dp[x] = (fp_digit)0 - c->dp[x] - carry;
-         carry |= next;
-     }
-     for (; x < bmax; x++) {
-         c->dp[x] = (fp_digit)0 - carry;
-     }
-     c->used = (int)bmax;
-     c->sign = FP_ZPOS;
-  }
-
-  /* clear the digit that is not completely outside/inside the modulus */
-  x = DIGIT_BIT - (b % DIGIT_BIT);
-  if (x != DIGIT_BIT) {
-     c->dp[bmax - 1] &= ~((fp_digit)0) >> x;
-  }
-
-  fp_clamp (c);
-}
-
-static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c)
-{
-#ifndef WOLFSSL_SMALL_STACK
-  fp_int  x[1], y[1], u[1], v[1], A[1], B[1], C[1], D[1];
-#else
-  fp_int  *x, *y, *u, *v, *A, *B, *C, *D;
-#endif
-  int     err;
-
-  /* b cannot be negative */
-  if (b->sign == FP_NEG || fp_iszero(b) == FP_YES) {
-    return FP_VAL;
-  }
-  if (fp_iszero(a) == FP_YES) {
-    return FP_VAL;
-  }
-
-#ifdef WOLFSSL_SMALL_STACK
-  x = (fp_int*)XMALLOC(sizeof(fp_int) * 8, NULL, DYNAMIC_TYPE_BIGINT);
-  if (x == NULL) {
-      return FP_MEM;
-  }
-  y = &x[1]; u = &x[2]; v = &x[3]; A = &x[4]; B = &x[5]; C = &x[6]; D = &x[7];
-#endif
-
-  /* init temps */
-  fp_init(x);    fp_init(y);
-  fp_init(u);    fp_init(v);
-  fp_init(A);    fp_init(B);
-  fp_init(C);    fp_init(D);
-
-  /* x = a, y = b */
-  if ((err = fp_mod(a, b, x)) != FP_OKAY) {
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return err;
-  }
-  fp_copy(b, y);
-
-  if (fp_iszero(x) == FP_YES) {
-    /* invmod doesn't exist for this a and b */
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_VAL;
-  }
-
-  /* 2. [modified] if x,y are both even then return an error! */
-  if (fp_iseven(x) == FP_YES && fp_iseven(y) == FP_YES) {
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_VAL;
-  }
-
-  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
-  fp_copy (x, u);
-  fp_copy (y, v);
-  fp_set (A, 1);
-  fp_set (D, 1);
-
-top:
-  /* 4.  while u is even do */
-  while (fp_iseven (u) == FP_YES) {
-    /* 4.1 u = u/2 */
-    fp_div_2 (u, u);
-
-    /* 4.2 if A or B is odd then */
-    if (fp_isodd (A) == FP_YES || fp_isodd (B) == FP_YES) {
-      /* A = (A+y)/2, B = (B-x)/2 */
-      err = fp_add (A, y, A);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-      err = fp_sub (B, x, B);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-    }
-    /* A = A/2, B = B/2 */
-    fp_div_2 (A, A);
-    fp_div_2 (B, B);
-  }
-
-  /* 5.  while v is even do */
-  while (fp_iseven (v) == FP_YES) {
-    /* 5.1 v = v/2 */
-    fp_div_2 (v, v);
-
-    /* 5.2 if C or D is odd then */
-    if (fp_isodd (C) == FP_YES || fp_isodd (D) == FP_YES) {
-      /* C = (C+y)/2, D = (D-x)/2 */
-      err = fp_add (C, y, C);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-      err = fp_sub (D, x, D);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-    }
-    /* C = C/2, D = D/2 */
-    fp_div_2 (C, C);
-    fp_div_2 (D, D);
-  }
-
-  /* 6.  if u >= v then */
-  if (fp_cmp (u, v) != FP_LT) {
-    /* u = u - v, A = A - C, B = B - D */
-    err = fp_sub (u, v, u);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_sub (A, C, A);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_sub (B, D, B);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  } else {
-    /* v - v - u, C = C - A, D = D - B */
-    err = fp_sub (v, u, v);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_sub (C, A, C);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_sub (D, B, D);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  }
-
-  /* if not zero goto step 4 */
-  if (fp_iszero (u) == FP_NO)
-    goto top;
-
-  /* now a = C, b = D, gcd == g*v */
-
-  /* if v != 1 then there is no inverse */
-  if (fp_cmp_d (v, 1) != FP_EQ) {
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_VAL;
-  }
-
-  /* if its too low */
-  while (fp_cmp_d(C, 0) == FP_LT) {
-    err = fp_add(C, b, C);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  }
-
-  /* too big */
-  while (fp_cmp_mag(C, b) != FP_LT) {
-    err = fp_sub(C, b, C);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  }
-
-  /* C is now the inverse */
-  fp_copy(C, c);
-  WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-/* c = 1/a (mod b) for odd b only */
-int fp_invmod(fp_int *a, fp_int *b, fp_int *c)
-{
-#ifndef WOLFSSL_SMALL_STACK
-  fp_int  x[1], y[1], u[1], v[1], B[1], D[1];
-#else
-  fp_int  *x, *y, *u, *v, *B, *D;
-#endif
-  int     err;
-
-  if (b->sign == FP_NEG || fp_iszero(b) == FP_YES) {
-    return FP_VAL;
-  }
-
-  /* [modified] sanity check on "a" */
-  if (fp_iszero(a) == FP_YES) {
-    return FP_VAL; /* can not divide by 0 here */
-  }
-
-  /* 2. [modified] b must be odd   */
-  if (fp_iseven(b) == FP_YES) {
-    return fp_invmod_slow(a,b,c);
-  }
-
-#ifdef WOLFSSL_SMALL_STACK
-  x = (fp_int*)XMALLOC(sizeof(fp_int) * 6, NULL, DYNAMIC_TYPE_BIGINT);
-  if (x == NULL) {
-      return FP_MEM;
-  }
-  y = &x[1]; u = &x[2]; v = &x[3]; B = &x[4]; D = &x[5];
-#endif
-
-  /* init all our temps */
-  fp_init(x);  fp_init(y);
-  fp_init(u);  fp_init(v);
-  fp_init(B);  fp_init(D);
-
-  if (fp_iszero(a) == FP_YES) {
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_VAL;
-  }
-
-  /* x == modulus, y == value to invert */
-  fp_copy(b, x);
-
-  /* we need y = |a| */
-  if ((err = mp_mod(a, b, y)) != FP_OKAY) {
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return err;
-  }
-
-  if (fp_iszero(y) == FP_YES) {
-    /* invmod doesn't exist for this a and b */
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_VAL;
-  }
-
-  /* 3. u=x, v=y, A=1, B=0, C=0,D=1 */
-  fp_copy(x, u);
-  fp_copy(y, v);
-  fp_set (D, 1);
-
-top:
-  /* 4.  while u is even do */
-  while (fp_iseven (u) == FP_YES) {
-    /* 4.1 u = u/2 */
-    fp_div_2 (u, u);
-
-    /* 4.2 if B is odd then */
-    if (fp_isodd (B) == FP_YES) {
-      err = fp_sub (B, x, B);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-    }
-    /* B = B/2 */
-    fp_div_2 (B, B);
-  }
-
-  /* 5.  while v is even do */
-  while (fp_iseven (v) == FP_YES) {
-    /* 5.1 v = v/2 */
-    fp_div_2 (v, v);
-
-    /* 5.2 if D is odd then */
-    if (fp_isodd (D) == FP_YES) {
-      /* D = (D-x)/2 */
-      err = fp_sub (D, x, D);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-    }
-    /* D = D/2 */
-    fp_div_2 (D, D);
-  }
-
-  /* 6.  if u >= v then */
-  if (fp_cmp (u, v) != FP_LT) {
-    /* u = u - v, B = B - D */
-    err = fp_sub (u, v, u);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_sub (B, D, B);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  } else {
-    /* v - v - u, D = D - B */
-    err = fp_sub (v, u, v);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_sub (D, B, D);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  }
-
-  /* if not zero goto step 4 */
-  if (fp_iszero (u) == FP_NO) {
-    goto top;
-  }
-
-  /* now a = C, b = D, gcd == g*v */
-
-  /* if v != 1 then there is no inverse */
-  if (fp_cmp_d (v, 1) != FP_EQ) {
-    WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_VAL;
-  }
-
-  /* b is now the inverse */
-  while (D->sign == FP_NEG) {
-    err = fp_add (D, b, D);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return FP_OKAY;
-    }
-  }
-  /* too big */
-  while (fp_cmp_mag(D, b) != FP_LT) {
-    err = fp_sub(D, b, D);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-  }
-  fp_copy (D, c);
-  WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-#define CT_INV_MOD_PRE_CNT      8
-
-/* modulus (b) must be greater than 2 and a prime */
-int fp_invmod_mont_ct(fp_int *a, fp_int *b, fp_int *c, fp_digit mp)
-{
-  int i, j, err = FP_OKAY;
-#ifndef WOLFSSL_SMALL_STACK
-  fp_int t[1], e[1];
-  fp_int pre[CT_INV_MOD_PRE_CNT];
-#else
-  fp_int* t;
-  fp_int* e;
-  fp_int* pre;
-#endif
-
-  if ((a->used * 2 > FP_SIZE) || (b->used * 2 > FP_SIZE)) {
-    return FP_VAL;
-  }
-
-#ifdef WOLFSSL_SMALL_STACK
-  t = (fp_int*)XMALLOC(sizeof(fp_int) * (2 + CT_INV_MOD_PRE_CNT), NULL,
-                                                           DYNAMIC_TYPE_BIGINT);
-  if (t == NULL)
-    return FP_MEM;
-  e = t + 1;
-  pre = t + 2;
-#endif
-
-  fp_init(t);
-  fp_init(e);
-
-  fp_init(&pre[0]);
-  fp_copy(a, &pre[0]);
-  for (i = 1; i < CT_INV_MOD_PRE_CNT; i++) {
-    fp_init(&pre[i]);
-    err |= fp_sqr(&pre[i-1], &pre[i]);
-    err |= fp_montgomery_reduce(&pre[i], b, mp);
-    err |= fp_mul(&pre[i], a, &pre[i]);
-    err |= fp_montgomery_reduce(&pre[i], b, mp);
-  }
-
-  err |= fp_sub_d(b, 2, e);
-  /* Highest bit is always set. */
-  j = 1;
-  for (i = fp_count_bits(e)-2; i >= 0; i--) {
-      if (!fp_is_bit_set(e, i) || j == CT_INV_MOD_PRE_CNT)
-          break;
-      j++;
-  }
-  fp_copy(&pre[j-1], t);
-  j = 0;
-  for (; i >= 0; i--) {
-    int set = fp_is_bit_set(e, i);
-
-    if ((j == CT_INV_MOD_PRE_CNT) || (!set && j > 0)) {
-      err |= fp_mul(t, &pre[j-1], t);
-      err |= fp_montgomery_reduce(t, b, mp);
-      j = 0;
-    }
-    err |= fp_sqr(t, t);
-    err |= fp_montgomery_reduce(t, b, mp);
-    j += set;
-  }
-  if (j > 0) {
-    err |= fp_mul(t, &pre[j-1], c);
-    err |= fp_montgomery_reduce(c, b, mp);
-  }
-  else
-    fp_copy(t, c);
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return err;
-}
-
-/* d = a * b (mod c) */
-int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
-{
-  int err;
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init(t);
-  err = fp_mul(a, b, t);
-  if (err == FP_OKAY) {
-  #if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    if (d->size < FP_SIZE) {
-      err = fp_mod(t, c, t);
-      fp_copy(t, d);
-    } else
-  #endif
-    {
-      err = fp_mod(t, c, d);
-    }
-  }
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  return err;
-}
-
-/* d = a - b (mod c) */
-int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
-{
-  int err;
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init(t);
-  err = fp_sub(a, b, t);
-  if (err == FP_OKAY) {
-  #if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    if (d->size < FP_SIZE) {
-      err = fp_mod(t, c, t);
-      fp_copy(t, d);
-    } else
-  #endif
-    {
-      err = fp_mod(t, c, d);
-    }
-  }
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  return err;
-}
-
-/* d = a + b (mod c) */
-int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
-{
-  int err;
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init(t);
-  err = fp_add(a, b, t);
-  if (err == FP_OKAY) {
-  #if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    if (d->size < FP_SIZE) {
-      err = fp_mod(t, c, t);
-      fp_copy(t, d);
-    } else
-  #endif
-    {
-      err = fp_mod(t, c, d);
-    }
-  }
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  return err;
-}
-
-/* d = a - b (mod c) - constant time (a < c and b < c and all positive)
- * c and d must not be the same pointers.
- */
-int fp_submod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
-{
-  fp_sword w;
-  fp_digit mask;
-  int i;
-
-  if (c->used + 1 > FP_SIZE) {
-    return FP_VAL;
-  }
-  if (c == d) {
-    return FP_VAL;
-  }
-
-  /* In constant time, subtract b from a putting result in d. */
-  w = 0;
-  for (i = 0; i < c->used; i++) {
-    w         += a->dp[i];
-    w         -= b->dp[i];
-    d->dp[i]   = (fp_digit)w;
-    w        >>= DIGIT_BIT;
-  }
-  w  += a->dp[i];
-  w  -= b->dp[i];
-  w >>= DIGIT_BIT;
-  /* When w is negative then we need to add modulus to make result positive. */
-  mask = (fp_digit)0 - (w < 0);
-  /* Constant time, conditionally, add modulus to difference. */
-  w = 0;
-  for (i = 0; i < c->used; i++) {
-    w         += d->dp[i];
-    w         += c->dp[i] & mask;
-    d->dp[i]   = (fp_digit)w;
-    w        >>= DIGIT_BIT;
-  }
-  /* Result will always have digits equal to or less than those in modulus. */
-  d->used = i;
-  d->sign = FP_ZPOS;
-  fp_clamp(d);
-
-  return FP_OKAY;
-}
-
-/* d = a + b (mod c) - constant time (a < c and b < c and all positive)
- * c and d must not be the same pointers.
- */
-int fp_addmod_ct(fp_int *a, fp_int *b, fp_int *c, fp_int *d)
-{
-  fp_word  w;
-  fp_sword s;
-  fp_digit mask;
-  int i;
-
-  if (c == d) {
-    return FP_VAL;
-  }
-
-  /* Add a to b into d. Do the subtract of modulus but don't store result.
-   * When subtract result is negative, the overflow will be negative.
-   * Only need to subtract mod when result is positive - overflow is positive.
-   */
-  w = 0;
-  s = 0;
-  for (i = 0; i < c->used; i++) {
-    w         += a->dp[i];
-    w         += b->dp[i];
-    d->dp[i]   = (fp_digit)w;
-    s         += (fp_digit)w;
-    s         -= c->dp[i];
-    w        >>= DIGIT_BIT;
-    s        >>= DIGIT_BIT;
-  }
-  s += (fp_digit)w;
-  /* s will be positive when subtracting modulus is needed. */
-  mask = (fp_digit)0 - (s >= 0);
-
-  /* Constant time, conditionally, subtract modulus from sum. */
-  w = 0;
-  for (i = 0; i < c->used; i++) {
-    w        += c->dp[i] & mask;
-    w         = d->dp[i] - w;
-    d->dp[i]  = (fp_digit)w;
-    w         = (w >> DIGIT_BIT)&1;
-  }
-  /* Result will always have digits equal to or less than those in modulus. */
-  d->used = i;
-  d->sign = FP_ZPOS;
-  fp_clamp(d);
-
-  return FP_OKAY;
-}
-
-#ifdef TFM_TIMING_RESISTANT
-
-#ifdef WC_RSA_NONBLOCK
-
-#ifdef WC_RSA_NONBLOCK_TIME
-  /* User can override the check-time at build-time using the
-   * FP_EXPTMOD_NB_CHECKTIME macro to define your own function */
-  #ifndef FP_EXPTMOD_NB_CHECKTIME
-    /* instruction count for each type of operation */
-    /* array lookup is using TFM_EXPTMOD_NB_* states */
-    static const word32 exptModNbInst[TFM_EXPTMOD_NB_COUNT] = {
-    #ifdef TFM_PPC32
-      #ifdef _DEBUG
-        11098, 8701, 3971, 178394, 858093, 1040, 822, 178056, 181574, 90883, 184339, 236813
-      #else
-        7050,  2554, 3187, 43178,  200422, 384,  275, 43024,  43550,  30450, 46270,  61376
-      #endif
-    #elif defined(TFM_X86_64)
-      #ifdef _DEBUG
-        954, 2377, 858, 19027, 90840, 287, 407, 20140, 7874,  11385, 8005,  6151
-      #else
-        765, 1007, 771, 5216,  34993, 248, 193, 4975,  4201,  3947,  4275,  3811
-      #endif
-    #else /* software only fast math */
-      #ifdef _DEBUG
-        798, 2245, 802, 16657, 66920, 352, 186, 16997, 16145, 12789, 16742, 15006
-      #else
-        775, 1084, 783, 4692,  37510, 207, 183, 4374,  4392,  3097,  4442,  4079
-      #endif
-    #endif
-    };
-
-    static int fp_exptmod_nb_checktime(exptModNb_t* nb)
-    {
-      word32 totalInst;
-
-      /* if no max time has been set then stop (do not block) */
-      if (nb->maxBlockInst == 0 || nb->state >= TFM_EXPTMOD_NB_COUNT) {
-        return TFM_EXPTMOD_NB_STOP;
-      }
-
-      /* if instruction table not set then use maxBlockInst as simple counter */
-      if (exptModNbInst[nb->state] == 0) {
-        if (++nb->totalInst < nb->maxBlockInst)
-          return TFM_EXPTMOD_NB_CONTINUE;
-
-        nb->totalInst = 0; /* reset counter */
-        return TFM_EXPTMOD_NB_STOP;
-      }
-
-      /* get total instruction count including next operation */
-      totalInst = nb->totalInst + exptModNbInst[nb->state];
-      /* if the next operation can completed within the maximum then continue */
-      if (totalInst <= nb->maxBlockInst) {
-        return TFM_EXPTMOD_NB_CONTINUE;
-      }
-
-      return TFM_EXPTMOD_NB_STOP;
-    }
-    #define FP_EXPTMOD_NB_CHECKTIME(nb) fp_exptmod_nb_checktime((nb))
-  #endif /* !FP_EXPTMOD_NB_CHECKTIME */
-#endif /* WC_RSA_NONBLOCK_TIME */
-
-/* non-blocking version of timing resistant fp_exptmod function */
-/* supports cache resistance */
-int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y)
-{
-  int err, ret = FP_WOULDBLOCK;
-
-  if (nb == NULL)
-    return FP_VAL;
-
-#ifdef WC_RSA_NONBLOCK_TIME
-  nb->totalInst = 0;
-  do {
-    nb->totalInst += exptModNbInst[nb->state];
-#endif
-
-  switch (nb->state) {
-  case TFM_EXPTMOD_NB_INIT:
-    /* now setup montgomery  */
-    if ((err = fp_montgomery_setup(P, &nb->mp)) != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-
-    /* init ints */
-    fp_init(&nb->R[0]);
-    fp_init(&nb->R[1]);
-  #ifndef WC_NO_CACHE_RESISTANT
-    fp_init(&nb->R[2]);
-  #endif
-    nb->state = TFM_EXPTMOD_NB_MONT;
-    break;
-
-  case TFM_EXPTMOD_NB_MONT:
-    /* mod m -> R[0] */
-    err = fp_montgomery_calc_normalization(&nb->R[0], P);
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-
-    nb->state = TFM_EXPTMOD_NB_MONT_RED;
-    break;
-
-  case TFM_EXPTMOD_NB_MONT_RED:
-    /* reduce G -> R[1] */
-    if (fp_cmp_mag(P, G) != FP_GT) {
-       /* G > P so we reduce it first */
-       err = fp_mod(G, P, &nb->R[1]);
-       if (err != FP_OKAY) {
-         nb->state = TFM_EXPTMOD_NB_INIT;
-         return err;
-       }
-    } else {
-       fp_copy(G, &nb->R[1]);
-    }
-
-    nb->state = TFM_EXPTMOD_NB_MONT_MUL;
-    break;
-
-  case TFM_EXPTMOD_NB_MONT_MUL:
-    /* G (R[1]) * m (R[0]) */
-    err = fp_mul(&nb->R[1], &nb->R[0], &nb->R[1]);
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-
-    nb->state = TFM_EXPTMOD_NB_MONT_MOD;
-    break;
-
-  case TFM_EXPTMOD_NB_MONT_MOD:
-    /* mod m */
-    err = fp_div(&nb->R[1], P, NULL, &nb->R[1]);
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-
-    nb->state = TFM_EXPTMOD_NB_MONT_MODCHK;
-    break;
-
-  case TFM_EXPTMOD_NB_MONT_MODCHK:
-    /* m matches sign of (G * R mod m) */
-    if (nb->R[1].sign != P->sign) {
-       err = fp_add(&nb->R[1], P, &nb->R[1]);
-       if (err != FP_OKAY) {
-         nb->state = TFM_EXPTMOD_NB_INIT;
-         return err;
-       }
-    }
-
-    /* set initial mode and bit cnt */
-    nb->bitcnt = 1;
-    nb->buf    = 0;
-    nb->digidx = X->used - 1;
-
-    nb->state = TFM_EXPTMOD_NB_NEXT;
-    break;
-
-  case TFM_EXPTMOD_NB_NEXT:
-    /* grab next digit as required */
-    if (--nb->bitcnt == 0) {
-      /* if nb->digidx == -1 we are out of digits so break */
-      if (nb->digidx == -1) {
-        nb->state = TFM_EXPTMOD_NB_RED;
-        break;
-      }
-      /* read next digit and reset nb->bitcnt */
-      nb->buf    = X->dp[nb->digidx--];
-      nb->bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    nb->y     = (int)(nb->buf >> (DIGIT_BIT - 1)) & 1;
-    nb->buf <<= (fp_digit)1;
-    nb->state = TFM_EXPTMOD_NB_MUL;
-    FALL_THROUGH;
-
-  case TFM_EXPTMOD_NB_MUL:
-    fp_mul(&nb->R[0], &nb->R[1], &nb->R[nb->y^1]);
-    nb->state = TFM_EXPTMOD_NB_MUL_RED;
-    break;
-
-  case TFM_EXPTMOD_NB_MUL_RED:
-    err = fp_montgomery_reduce(&nb->R[nb->y^1], P, nb->mp);
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-    nb->state = TFM_EXPTMOD_NB_SQR;
-    break;
-
-  case TFM_EXPTMOD_NB_SQR:
-  #ifdef WC_NO_CACHE_RESISTANT
-    err = fp_sqr(&nb->R[nb->y], &nb->R[nb->y]);
-  #else
-    fp_copy((fp_int*) ( ((wc_ptr_t)&nb->R[0] & wc_off_on_addr[nb->y^1]) +
-                        ((wc_ptr_t)&nb->R[1] & wc_off_on_addr[nb->y]) ),
-            &nb->R[2]);
-    err = fp_sqr(&nb->R[2], &nb->R[2]);
-  #endif /* WC_NO_CACHE_RESISTANT */
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-
-    nb->state = TFM_EXPTMOD_NB_SQR_RED;
-    break;
-
-  case TFM_EXPTMOD_NB_SQR_RED:
-  #ifdef WC_NO_CACHE_RESISTANT
-    err = fp_montgomery_reduce(&nb->R[nb->y], P, nb->mp);
-  #else
-    err = fp_montgomery_reduce(&nb->R[2], P, nb->mp);
-    fp_copy(&nb->R[2],
-            (fp_int*) ( ((wc_ptr_t)&nb->R[0] & wc_off_on_addr[nb->y^1]) +
-                        ((wc_ptr_t)&nb->R[1] & wc_off_on_addr[nb->y]) ) );
-  #endif /* WC_NO_CACHE_RESISTANT */
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-
-    nb->state = TFM_EXPTMOD_NB_NEXT;
-    break;
-
-  case TFM_EXPTMOD_NB_RED:
-    /* final reduce */
-    err = fp_montgomery_reduce(&nb->R[0], P, nb->mp);
-    if (err != FP_OKAY) {
-      nb->state = TFM_EXPTMOD_NB_INIT;
-      return err;
-    }
-    fp_copy(&nb->R[0], Y);
-
-    nb->state = TFM_EXPTMOD_NB_INIT;
-    ret = FP_OKAY;
-    break;
-  } /* switch */
-
-#ifdef WC_RSA_NONBLOCK_TIME
-  /* determine if maximum blocking time has been reached */
-  } while (ret == FP_WOULDBLOCK &&
-    FP_EXPTMOD_NB_CHECKTIME(nb) == TFM_EXPTMOD_NB_CONTINUE);
-#endif
-
-  return ret;
-}
-
-#endif /* WC_RSA_NONBLOCK */
-
-
-#ifndef WC_PROTECT_ENCRYPTED_MEM
-
-/* timing resistant montgomery ladder based exptmod
-   Based on work by Marc Joye, Sung-Ming Yen, "The Montgomery Powering Ladder",
-   Cryptographic Hardware and Embedded Systems, CHES 2002
-*/
-static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P,
-                          fp_int * Y)
-{
-#ifndef WOLFSSL_SMALL_STACK
-#ifdef WC_NO_CACHE_RESISTANT
-  fp_int   R[2];
-#else
-  fp_int   R[3];   /* need a temp for cache resistance */
-#endif
-#else
-   fp_int  *R;
-#endif
-  fp_digit buf, mp;
-  int      err, bitcnt, digidx, y;
-
-  /* now setup montgomery  */
-  if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) {
-     return err;
-  }
-
-#ifdef WOLFSSL_SMALL_STACK
-#ifndef WC_NO_CACHE_RESISTANT
-   R = (fp_int*)XMALLOC(sizeof(fp_int) * 3, NULL, DYNAMIC_TYPE_BIGINT);
-#else
-   R = (fp_int*)XMALLOC(sizeof(fp_int) * 2, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-   if (R == NULL)
-       return FP_MEM;
-#endif
-  fp_init(&R[0]);
-  fp_init(&R[1]);
-#ifndef WC_NO_CACHE_RESISTANT
-  fp_init(&R[2]);
-#endif
-
-  /* now we need R mod m */
-  err = fp_montgomery_calc_normalization (&R[0], P);
-  if (err != FP_OKAY) {
-    WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-    return err;
-  }
-
-  /* now set R[0][1] to G * R mod m */
-  if (fp_cmp_mag(P, G) != FP_GT) {
-     /* G > P so we reduce it first */
-     err = fp_mod(G, P, &R[1]);
-     if (err != FP_OKAY) {
-         WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-         return err;
-     }
-  } else {
-     fp_copy(G, &R[1]);
-  }
-  err = fp_mulmod (&R[1], &R[0], P, &R[1]);
-  if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-  }
-
-  /* for j = t-1 downto 0 do
-        r_!k = R0*R1; r_k = r_k^2
-  */
-
-  /* set initial mode and bit cnt */
-  bitcnt = 1;
-  buf    = 0;
-  digidx = digits - 1;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf <<= (fp_digit)1;
-
-#ifdef WC_NO_CACHE_RESISTANT
-    /* do ops */
-    err = fp_mul(&R[0], &R[1], &R[y^1]);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_montgomery_reduce(&R[y^1], P, mp);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-
-    err = fp_sqr(&R[y], &R[y]);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_montgomery_reduce(&R[y], P, mp);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-#else
-    /* do ops */
-    err = fp_mul(&R[0], &R[1], &R[2]);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_montgomery_reduce(&R[2], P, mp);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    /* instead of using R[y^1] for mul, which leaks key bit to cache monitor,
-     * use R[2] as temp, make sure address calc is constant, keep
-     * &R[0] and &R[1] in cache */
-    fp_copy(&R[2],
-            (fp_int*) ( ((wc_ptr_t)&R[0] & wc_off_on_addr[y]) +
-                        ((wc_ptr_t)&R[1] & wc_off_on_addr[y^1]) ) );
-
-    /* instead of using R[y] for sqr, which leaks key bit to cache monitor,
-     * use R[2] as temp, make sure address calc is constant, keep
-     * &R[0] and &R[1] in cache */
-    fp_copy((fp_int*) ( ((wc_ptr_t)&R[0] & wc_off_on_addr[y^1]) +
-                        ((wc_ptr_t)&R[1] & wc_off_on_addr[y]) ),
-            &R[2]);
-    err = fp_sqr(&R[2], &R[2]);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_montgomery_reduce(&R[2], P, mp);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    fp_copy(&R[2],
-            (fp_int*) ( ((wc_ptr_t)&R[0] & wc_off_on_addr[y^1]) +
-                        ((wc_ptr_t)&R[1] & wc_off_on_addr[y]) ) );
-#endif /* WC_NO_CACHE_RESISTANT */
-  }
-
-   err = fp_montgomery_reduce(&R[0], P, mp);
-   fp_copy(&R[0], Y);
-   WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-
-   return err;
-}
-
-#else
-
-/* Copy from a1 and a2 into r1 and r2 based on y in constant time.
- * When y is 1, r1 = a1 and r2 = a2.
- * When y is 0, r1 = a2 and r2 = a1.
- * Always copy size digits as that is the maximum size for a1 and a2.
- */
-static void fp_copy_2_ct(fp_int* a1, fp_int* a2, fp_int* r1, fp_int* r2, int y,
-    int size)
-{
-    int i;
-
-    /* Copy data - constant time. */
-    for (i = 0; i < size; i++) {
-        r1->dp[i] = (a1->dp[i] & ((fp_digit)wc_off_on_addr[y  ])) +
-                    (a2->dp[i] & ((fp_digit)wc_off_on_addr[y^1]));
-        r2->dp[i] = (a1->dp[i] & ((fp_digit)wc_off_on_addr[y^1])) +
-                    (a2->dp[i] & ((fp_digit)wc_off_on_addr[y  ]));
-    }
-    /* Copy used. */
-    r1->used = (a1->used & ((int)wc_off_on_addr[y  ])) +
-               (a2->used & ((int)wc_off_on_addr[y^1]));
-    r2->used = (a1->used & ((int)wc_off_on_addr[y^1])) +
-               (a2->used & ((int)wc_off_on_addr[y  ]));
-    /* Copy sign. */
-    r1->sign = (a1->sign & ((int)wc_off_on_addr[y  ])) +
-               (a2->sign & ((int)wc_off_on_addr[y^1]));
-    r2->sign = (a1->sign & ((int)wc_off_on_addr[y^1])) +
-               (a2->sign & ((int)wc_off_on_addr[y  ]));
-}
-
-/* timing resistant montgomery ladder based exptmod
-   Based on work by Marc Joye, Sung-Ming Yen, "The Montgomery Powering Ladder",
-   Cryptographic Hardware and Embedded Systems, CHES 2002
-*/
-static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P,
-                          fp_int * Y)
-{
-#ifndef WOLFSSL_SMALL_STACK
-  fp_int   R[4];   /* need a temp for cache resistance */
-#else
-  fp_int  *R;
-#endif
-  fp_digit buf, mp;
-  int      err, bitcnt, digidx, y;
-
-  /* now setup montgomery  */
-  if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) {
-     return err;
-  }
-
-   WC_ALLOC_VAR_EX(R, fp_int, 4, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-  fp_init(&R[0]);
-  fp_init(&R[1]);
-  fp_init(&R[2]);
-  fp_init(&R[3]);
-
-  /* now we need R mod m */
-  err = fp_montgomery_calc_normalization (&R[0], P);
-  if (err != FP_OKAY) {
-    WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-    return err;
-  }
-
-  /* now set R[0][1] to G * R mod m */
-  if (fp_cmp_mag(P, G) != FP_GT) {
-     /* G > P so we reduce it first */
-     err = fp_mod(G, P, &R[1]);
-     if (err != FP_OKAY) {
-         WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-         return err;
-     }
-  } else {
-     fp_copy(G, &R[1]);
-  }
-  err = fp_mulmod (&R[1], &R[0], P, &R[1]);
-  if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-  }
-
-  /* for j = t-1 downto 0 do
-        r_!k = R0*R1; r_k = r_k^2
-  */
-
-  /* set initial mode and bit cnt */
-  bitcnt = 1;
-  buf    = 0;
-  digidx = digits - 1;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf <<= (fp_digit)1;
-
-    /* do ops */
-    err = fp_mul(&R[0], &R[1], &R[2]);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_montgomery_reduce(&R[2], P, mp);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-
-    /* instead of using R[y] for sqr, which leaks key bit to cache monitor,
-     * use R[3] as temp, make sure address calc is constant, keep
-     * &R[0] and &R[1] in cache */
-    fp_copy((fp_int*) ( ((wc_ptr_t)&R[0] & wc_off_on_addr[y^1]) +
-                        ((wc_ptr_t)&R[1] & wc_off_on_addr[y]) ),
-            &R[3]);
-    err = fp_sqr(&R[3], &R[3]);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    err = fp_montgomery_reduce(&R[3], P, mp);
-    if (err != FP_OKAY) {
-      WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-    }
-    fp_copy_2_ct(&R[2], &R[3], &R[0], &R[1], y, P->used);
-  }
-
-  err = fp_montgomery_reduce(&R[0], P, mp);
-  fp_copy(&R[0], Y);
-  WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT);
-  return err;
-}
-
-#endif /* WC_PROTECT_ENCRYPTED_MEM */
-
-#endif /* TFM_TIMING_RESISTANT */
-
-/* y = g**x (mod b)
- * Some restrictions... x must be positive and < b
- */
-static int _fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
-{
-  fp_int  *res;
-  fp_digit buf, mp;
-  int      err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize;
-#ifndef WOLFSSL_NO_MALLOC
-  fp_int  *M;
-#else
-  fp_int   M[(1 << 6) + 1];
-#endif
-
-  /* find window size */
-  x = fp_count_bits (X);
-  if (x <= 21) {
-    winsize = 1;
-  } else if (x <= 36) {
-    winsize = 3;
-  } else if (x <= 140) {
-    winsize = 4;
-  } else if (x <= 450) {
-    winsize = 5;
-  } else {
-    winsize = 6;
-  }
-
-  /* now setup montgomery  */
-  if ((err = fp_montgomery_setup (P, &mp)) != FP_OKAY) {
-     return err;
-  }
-
-#ifndef WOLFSSL_NO_MALLOC
-  /* only allocate space for what's needed for window plus res */
-  M = (fp_int*)XMALLOC(sizeof(fp_int)*((1 << winsize) + 1), NULL,
-                                                           DYNAMIC_TYPE_BIGINT);
-  if (M == NULL) {
-     return FP_MEM;
-  }
-#endif
-  res = &M[(word32)(1 << winsize)];
-
-  /* init M array */
-  for(x = 0; x < (1 << winsize); x++)
-    fp_init(&M[x]);
-
-  /* setup result */
-  fp_init(res);
-
-  /* create M table
-   *
-   * The M table contains powers of the input base, e.g. M[x] = G^x mod P
-   *
-   * The first half of the table is not computed though except for M[0] and M[1]
-   */
-
-  /* now we need R mod m */
-  err = fp_montgomery_calc_normalization (res, P);
-  if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-    XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-    return err;
-  }
-
-  /* now set M[1] to G * R mod m */
-  if (fp_cmp_mag(P, G) != FP_GT) {
-     /* G > P so we reduce it first */
-     err = fp_mod(G, P, &M[1]);
-     if (err != FP_OKAY) {
-     #ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-     #endif
-        return err;
-     }
-  } else {
-     fp_copy(G, &M[1]);
-  }
-  err = fp_mulmod (&M[1], res, P, &M[1]);
-  if (err != FP_OKAY) {
-  #ifndef WOLFSSL_NO_MALLOC
-     XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-  #endif
-     return err;
-  }
-
-  /* compute the value at M[1<<(winsize-1)] by
-   * squaring M[1] (winsize-1) times */
-  fp_copy (&M[1], &M[(word32)(1 << (winsize - 1))]);
-  for (x = 0; x < (winsize - 1); x++) {
-    err = fp_sqr (&M[(word32)(1 << (winsize - 1))],
-                  &M[(word32)(1 << (winsize - 1))]);
-    if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-      XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-      return err;
-    }
-    err = fp_montgomery_reduce_ex(&M[(word32)(1 << (winsize - 1))], P, mp, 0);
-    if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-      XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-      return err;
-    }
-  }
-
-  /* create upper table */
-  for (x = (1 << (winsize - 1)) + 1; x < (1 << winsize); x++) {
-    err = fp_mul(&M[x - 1], &M[1], &M[x]);
-    if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-      XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-      return err;
-    }
-    err = fp_montgomery_reduce_ex(&M[x], P, mp, 0);
-    if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-      XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-      return err;
-    }
-  }
-
-  /* set initial mode and bit cnt */
-  mode   = 0;
-  bitcnt = (x % DIGIT_BIT) + 1;
-  buf    = 0;
-  digidx = X->used - 1;
-  bitcpy = 0;
-  bitbuf = 0;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y     = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf <<= (fp_digit)1;
-
-    /* if the bit is zero and mode == 0 then we ignore it
-     * These represent the leading zero bits before the first 1 bit
-     * in the exponent.  Technically this opt is not required but it
-     * does lower the # of trivial squaring/reductions used
-     */
-    if (mode == 0 && y == 0) {
-      continue;
-    }
-
-    /* if the bit is zero and mode == 1 then we square */
-    if (mode == 1 && y == 0) {
-      err = fp_sqr(res, res);
-      if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-        return err;
-      }
-      err = fp_montgomery_reduce_ex(res, P, mp, 0);
-      if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-        return err;
-      }
-      continue;
-    }
-
-    /* else we add it to the window */
-    bitbuf |= (y << (winsize - ++bitcpy));
-    mode    = 2;
-
-    if (bitcpy == winsize) {
-      /* ok window is filled so square as required and multiply  */
-      /* square first */
-      for (x = 0; x < winsize; x++) {
-        err = fp_sqr(res, res);
-        if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-          XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-          return err;
-        }
-        err = fp_montgomery_reduce_ex(res, P, mp, 0);
-        if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-          XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-          return err;
-        }
-      }
-
-      /* then multiply */
-      err = fp_mul(res, &M[bitbuf], res);
-      if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-        return err;
-      }
-      err = fp_montgomery_reduce_ex(res, P, mp, 0);
-      if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-        return err;
-      }
-
-      /* empty window and reset */
-      bitcpy = 0;
-      bitbuf = 0;
-      mode   = 1;
-    }
-  }
-
-  /* if bits remain then square/multiply */
-  if (mode == 2 && bitcpy > 0) {
-    /* square then multiply if the bit is set */
-    for (x = 0; x < bitcpy; x++) {
-      err = fp_sqr(res, res);
-      if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-        return err;
-      }
-      err = fp_montgomery_reduce_ex(res, P, mp, 0);
-      if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-        XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-        return err;
-      }
-
-      /* get next bit of the window */
-      bitbuf <<= 1;
-      if ((bitbuf & (1 << winsize)) != 0) {
-        /* then multiply */
-        err = fp_mul(res, &M[1], res);
-        if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-          XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-          return err;
-        }
-        err = fp_montgomery_reduce_ex(res, P, mp, 0);
-        if (err != FP_OKAY) {
-#ifndef WOLFSSL_NO_MALLOC
-          XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-          return err;
-        }
-      }
-    }
-  }
-
-  /* fixup result if Montgomery reduction is used
-   * recall that any value in a Montgomery system is
-   * actually multiplied by R mod n.  So we have
-   * to reduce one more time to cancel out the factor
-   * of R.
-   */
-  err = fp_montgomery_reduce_ex(res, P, mp, 0);
-
-  /* swap res with Y */
-  fp_copy (res, Y);
-
-#ifndef WOLFSSL_NO_MALLOC
-  XFREE(M, NULL, DYNAMIC_TYPE_BIGINT);
-#endif
-  return err;
-}
-
-
-#ifdef TFM_TIMING_RESISTANT
-#if DIGIT_BIT <= 16
-    #define WINSIZE    2
-    #define WINMASK    0x3
-#elif DIGIT_BIT <= 32
-    #define WINSIZE    3
-    #define WINMASK    0x7
-#elif DIGIT_BIT <= 64
-    #define WINSIZE    4
-    #define WINMASK    0xf
-#elif DIGIT_BIT <= 128
-    #define WINSIZE    5
-    #define WINMASK    0x1f
-#endif
-
-/* y = 2**x (mod b)
- * Some restrictions... x must be positive and < b
- */
-static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P,
-                              fp_int * Y)
-{
-  fp_digit buf, mp;
-  int      err, bitbuf, bitcpy, bitcnt, digidx, x, y;
-#ifdef WOLFSSL_SMALL_STACK
-  fp_int  *res;
-  fp_int  *tmp;
-#else
-  fp_int   res[1];
-  fp_int   tmp[1];
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
-  res = (fp_int*)XMALLOC(2*sizeof(fp_int), NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  if (res == NULL) {
-     return FP_MEM;
-  }
-  tmp = &res[1];
-#endif
-
-  /* now setup montgomery  */
-  if ((err = fp_montgomery_setup(P, &mp)) != FP_OKAY) {
-     WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-     return err;
-  }
-
-  /* setup result */
-  fp_init(res);
-  fp_init(tmp);
-
-  err = fp_mul_2d(P, 1 << WINSIZE, tmp);
-  if (err != FP_OKAY) {
-    WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return err;
-  }
-
-  /* now we need R mod m */
-  err = fp_montgomery_calc_normalization(res, P);
-  if (err != FP_OKAY) {
-    WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return err;
-  }
-
-  /* Get the top bits left over after taking WINSIZE bits starting at the
-   * least-significant.
-   */
-  digidx = digits - 1;
-  bitcpy = (digits * DIGIT_BIT) % WINSIZE;
-  if (bitcpy > 0) {
-      bitcnt = (int)DIGIT_BIT - bitcpy;
-      buf    = X->dp[digidx--];
-      bitbuf = (int)(buf >> bitcnt);
-      /* Multiply montgomery representation of 1 by 2 ^ top */
-      err = fp_mul_2d(res, bitbuf, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      err = fp_add(res, tmp, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      err = fp_mod(res, P, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      /* Move out bits used */
-      buf  <<= bitcpy;
-      bitcnt++;
-  }
-  else {
-      bitcnt = 1;
-      buf    = 0;
-  }
-
-  /* empty window and reset  */
-  bitbuf = 0;
-  bitcpy = 0;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y       = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf   <<= (fp_digit)1;
-    /* add bit to the window */
-  #ifndef WC_PROTECT_ENCRYPTED_MEM
-    bitbuf |= (y << (WINSIZE - ++bitcpy));
-  #else
-    /* Ensure value changes even when y is zero. */
-    bitbuf += (WINMASK + 1) + (y << (WINSIZE - ++bitcpy));
-  #endif
-
-    if (bitcpy == WINSIZE) {
-      /* ok window is filled so square as required and multiply  */
-      /* square first */
-      for (x = 0; x < WINSIZE; x++) {
-        err = fp_sqr(res, res);
-        if (err != FP_OKAY) {
-          WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-          return err;
-        }
-        err = fp_montgomery_reduce(res, P, mp);
-        if (err != FP_OKAY) {
-          WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-          return err;
-        }
-      }
-
-      /* then multiply by 2^bitbuf */
-    #ifndef WC_PROTECT_ENCRYPTED_MEM
-      err = fp_mul_2d(res, bitbuf, res);
-    #else
-      /* Get the window bits. */
-      err = fp_mul_2d(res, bitbuf & WINMASK, res);
-    #endif
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      /* Add in value to make mod operation take same time */
-      err = fp_add(res, tmp, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      err = fp_mod(res, P, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-
-      /* empty window and reset */
-      bitcpy = 0;
-    #ifndef WC_PROTECT_ENCRYPTED_MEM
-      bitbuf = 0;
-    #else
-      /* Ensure value is new even when bottom bits are 0. */
-      bitbuf = (WINMASK + 1) + (bitbuf & ~WINMASK);
-    #endif
-    }
-  }
-
-  /* fixup result if Montgomery reduction is used
-   * recall that any value in a Montgomery system is
-   * actually multiplied by R mod n.  So we have
-   * to reduce one more time to cancel out the factor
-   * of R.
-   */
-  err = fp_montgomery_reduce(res, P, mp);
-
-  /* swap res with Y */
-  fp_copy(res, Y);
-
-  WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  return err;
-}
-
-#undef WINSIZE
-#else
-#if DIGIT_BIT < 16
-    #define WINSIZE    3
-#elif DIGIT_BIT < 32
-    #define WINSIZE    4
-#elif DIGIT_BIT < 64
-    #define WINSIZE    5
-#elif DIGIT_BIT < 128
-    #define WINSIZE    6
-#elif DIGIT_BIT == 128
-    #define WINSIZE    7
-#endif
-
-/* y = 2**x (mod b)
- * Some restrictions... x must be positive and < b
- */
-static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P,
-                              fp_int * Y)
-{
-  fp_digit buf, mp;
-  int      err, bitbuf, bitcpy, bitcnt, digidx, x, y;
-  WC_DECLARE_VAR(res, fp_int, 1, 0);
-
-  /* now setup montgomery  */
-  if ((err = fp_montgomery_setup(P, &mp)) != FP_OKAY) {
-    return err;
-  }
-
-  WC_ALLOC_VAR_EX(res, fp_int, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-      return FP_MEM);
-
-  /* setup result */
-  fp_init(res);
-
-  /* now we need R mod m */
-  err = fp_montgomery_calc_normalization(res, P);
-  if (err != FP_OKAY) {
-    WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return err;
-  }
-
-  /* Get the top bits left over after taking WINSIZE bits starting at the
-   * least-significant.
-   */
-  digidx = digits - 1;
-  bitcpy = (digits * DIGIT_BIT) % WINSIZE;
-  if (bitcpy > 0) {
-      bitcnt = (int)DIGIT_BIT - bitcpy;
-      buf    = X->dp[digidx--];
-      bitbuf = (int)(buf >> bitcnt);
-      /* Multiply montgomery representation of 1 by 2 ^ top */
-      err = fp_mul_2d(res, bitbuf, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      err = fp_mod(res, P, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      /* Move out bits used */
-      buf  <<= bitcpy;
-      bitcnt++;
-  }
-  else {
-      bitcnt = 1;
-      buf    = 0;
-  }
-
-  /* empty window and reset  */
-  bitbuf = 0;
-  bitcpy = 0;
-
-  for (;;) {
-    /* grab next digit as required */
-    if (--bitcnt == 0) {
-      /* if digidx == -1 we are out of digits so break */
-      if (digidx == -1) {
-        break;
-      }
-      /* read next digit and reset bitcnt */
-      buf    = X->dp[digidx--];
-      bitcnt = (int)DIGIT_BIT;
-    }
-
-    /* grab the next msb from the exponent */
-    y       = (int)(buf >> (DIGIT_BIT - 1)) & 1;
-    buf   <<= (fp_digit)1;
-    /* add bit to the window */
-    bitbuf |= (y << (WINSIZE - ++bitcpy));
-
-    if (bitcpy == WINSIZE) {
-      /* ok window is filled so square as required and multiply  */
-      /* square first */
-      for (x = 0; x < WINSIZE; x++) {
-        err = fp_sqr(res, res);
-        if (err != FP_OKAY) {
-          WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-          return err;
-        }
-        err = fp_montgomery_reduce(res, P, mp);
-        if (err != FP_OKAY) {
-          WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-          return err;
-        }
-      }
-
-      /* then multiply by 2^bitbuf */
-      err = fp_mul_2d(res, bitbuf, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-      err = fp_mod(res, P, res);
-      if (err != FP_OKAY) {
-        WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return err;
-      }
-
-      /* empty window and reset */
-      bitcpy = 0;
-      bitbuf = 0;
-    }
-  }
-
-  /* fixup result if Montgomery reduction is used
-   * recall that any value in a Montgomery system is
-   * actually multiplied by R mod n.  So we have
-   * to reduce one more time to cancel out the factor
-   * of R.
-   */
-  err = fp_montgomery_reduce(res, P, mp);
-
-  /* swap res with Y */
-  fp_copy(res, Y);
-
-  WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-  return err;
-}
-
-#undef WINSIZE
-#endif
-
-/* Y = (G * X) mod P */
-int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
-{
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-    int retHW = FP_OKAY;
-#endif
-
-   /* handle modulus of zero and prevent overflows */
-   if (fp_iszero(P) || (P->used > (FP_SIZE/2))) {
-      return FP_VAL;
-   }
-   if (fp_isone(P)) {
-      fp_set(Y, 0);
-      return FP_OKAY;
-   }
-   if (fp_iszero(X)) {
-      fp_set(Y, 1);
-      return FP_OKAY;
-   }
-   if (fp_iszero(G)) {
-      fp_set(Y, 0);
-      return FP_OKAY;
-   }
-
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-   if (esp_hw_validation_active()) {
-      ESP_LOGV(TAG, "Skipping call to esp_mp_exptmod "
-                    "during active validation.");
-   }
-   else {
-      /* HW accelerated exptmod  */
-      retHW = esp_mp_exptmod(G, X, P, Y);
-      switch (retHW) {
-         case MP_OKAY:
-            /* successfully computed in HW */
-            return retHW;
-            break;
-
-         case WC_NO_ERR_TRACE(WC_HW_WAIT_E): /* MP_HW_BUSY math HW busy, fall back */
-         case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
-         case WC_NO_ERR_TRACE(MP_HW_VALIDATION_ACTIVE): /* use SW to compare to HW */
-            /* use software calc */
-            break;
-
-         default:
-            /* Once we've failed, exit without trying to continue.
-             * We may have mangled operands: (e.g. Z = X * Z)
-             * Future implementation may consider saving operands,
-             * but hard errors should never actually occur. */
-            return retHW; /* error */
-            break;
-      } /* switch */
-   } /* if validation check */
-   /* fall through to software calcs */
-#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
-
-   if (X->sign == FP_NEG) {
-#ifndef POSITIVE_EXP_ONLY  /* reduce stack if assume no negatives */
-      int    err;
-      WC_DECLARE_VAR(tmp, fp_int, 2, 0);
-
-      WC_ALLOC_VAR_EX(tmp, fp_int, 2, NULL, DYNAMIC_TYPE_BIGINT,
-          return FP_MEM);
-
-      /* yes, copy G and invmod it */
-      fp_init_copy(&tmp[0], G);
-      fp_init_copy(&tmp[1], P);
-      tmp[1].sign = FP_ZPOS;
-      err = fp_invmod(&tmp[0], &tmp[1], &tmp[0]);
-      if (err == FP_OKAY) {
-         fp_copy(X, &tmp[1]);
-         tmp[1].sign = FP_ZPOS;
-   #ifdef TFM_TIMING_RESISTANT
-         err =  _fp_exptmod_ct(&tmp[0], &tmp[1], tmp[1].used, P, Y);
-   #else
-         err =  _fp_exptmod_nct(&tmp[0], &tmp[1], P, Y);
-   #endif
-         if ((err == 0) && (P->sign == FP_NEG)) {
-            err = fp_add(Y, P, Y);
-         }
-      }
-      WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-      return err;
-#else
-      return FP_VAL;
-#endif /* POSITIVE_EXP_ONLY check */
-   }
-   else if (G->used == 1 && G->dp[0] == 2) {
-      return _fp_exptmod_base_2(X, X->used, P, Y);
-   }
-   else {
-      /* Positive exponent so just exptmod */
-#ifdef TFM_TIMING_RESISTANT
-      return _fp_exptmod_ct(G, X, X->used, P, Y);
-#else
-      return _fp_exptmod_nct(G, X, P, Y);
-#endif
-   }
-}
-
-int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
-{
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-   int retHW = FP_OKAY;
-#endif
-
-   /* handle modulus of zero and prevent overflows */
-   if (fp_iszero(P) || (P->used > (FP_SIZE/2))) {
-      return FP_VAL;
-   }
-   if (fp_isone(P)) {
-      fp_set(Y, 0);
-      return FP_OKAY;
-   }
-   if (fp_iszero(X)) {
-      fp_set(Y, 1);
-      return FP_OKAY;
-   }
-   if (fp_iszero(G)) {
-      fp_set(Y, 0);
-      return FP_OKAY;
-   }
-
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-   retHW = esp_mp_exptmod(G, X, P, Y);
-   switch (retHW) {
-      case MP_OKAY:
-         /* successfully computed in HW */
-         return retHW;
-         break;
-
-      case WC_NO_ERR_TRACE(WC_HW_WAIT_E): /* MP_HW_BUSY math HW busy, fall back */
-      case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
-      case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
-         /* use software calc */
-         break;
-
-      default:
-         /* Once we've failed, exit without trying to continue.
-          * We may have mangled operands: (e.g. Z = X * Z)
-          * Future implementation may consider saving operands,
-          * but hard errors should never actually occur. */
-         return retHW;
-         break;
-   } /* HW result switch */
-   /* falling through to SW: */
-#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
-
-   if (X->sign == FP_NEG) {
-#ifndef POSITIVE_EXP_ONLY  /* reduce stack if assume no negatives */
-      int    err;
-      WC_DECLARE_VAR(tmp, fp_int, 2, 0);
-
-      WC_ALLOC_VAR_EX(tmp, fp_int, 2, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-          return FP_MEM);
-
-      /* yes, copy G and invmod it */
-      fp_init_copy(&tmp[0], G);
-      fp_init_copy(&tmp[1], P);
-      tmp[1].sign = FP_ZPOS;
-      err = fp_invmod(&tmp[0], &tmp[1], &tmp[0]);
-      if (err == FP_OKAY) {
-         X->sign = FP_ZPOS;
-#ifdef TFM_TIMING_RESISTANT
-         err =  _fp_exptmod_ct(&tmp[0], X, digits, P, Y);
-#else
-         err =  _fp_exptmod_nct(&tmp[0], X, P, Y);
-         (void)digits;
-#endif
-         if (X != Y) {
-            X->sign = FP_NEG;
-         }
-         if ((err == 0) && (P->sign == FP_NEG)) {
-            err = fp_add(Y, P, Y);
-         }
-      }
-      WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-#else
-      return FP_VAL;
-#endif
-   }
-   else {
-      /* Positive exponent so just exptmod */
-#ifdef TFM_TIMING_RESISTANT
-      return _fp_exptmod_ct(G, X, digits, P, Y);
-#else
-      return  _fp_exptmod_nct(G, X, P, Y);
-#endif
-   }
-}
-
-int fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
-{
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-   int retHW = FP_OKAY;
-#endif
-
-   /* handle modulus of zero and prevent overflows */
-   if  (fp_iszero(P)) {
-      return FP_VAL;
-   }
-   if (P->used > (FP_SIZE/2)) {
-      /* FP_MAX_BITS too small is a common cert failure cause */
-#ifdef WOLFSSL_DEBUG_CERTS
-      WOLFSSL_MSG_CERT_EX("TFM fp_exptmod_nct failed: P.used (%d) > (FP_SIZE/2)"
-                       "; FP_SIZE: %d; FP_MAX_SIZE: %d",
-                       P->used, FP_SIZE, FP_MAX_BITS, FP_MAX_SIZE);
-      WOLFSSL_MSG_CERT_EX("Consider adjusting current FP_MAX_BITS: %d",
-                       FP_MAX_BITS);
-#endif
-      return FP_VAL;
-   }
-   if (fp_isone(P)) {
-      fp_set(Y, 0);
-      return FP_OKAY;
-   }
-   if (fp_iszero(X)) {
-      fp_set(Y, 1);
-      return FP_OKAY;
-   }
-   if (fp_iszero(G)) {
-      fp_set(Y, 0);
-      return FP_OKAY;
-   }
-
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
-   retHW = esp_mp_exptmod(G, X, P, Y);
-   switch (retHW) {
-      case MP_OKAY:
-         /* successfully computed in HW */
-         return retHW;
-         break;
-
-      case WC_NO_ERR_TRACE(WC_HW_WAIT_E): /* MP_HW_BUSY math HW busy, fall back */
-      case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
-      case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
-         /* use software calc */
-         break;
-
-      default:
-         /* Once we've failed, exit without trying to continue.
-          * We may have mangled operands: (e.g. Z = X * Z)
-          * Future implementation may consider saving operands,
-          * but hard errors should never actually occur. */
-         return retHW;
-         break;
-   }
-   /* falling through to SW: */
-#endif
-
-   if (X->sign == FP_NEG) {
-#ifndef POSITIVE_EXP_ONLY  /* reduce stack if assume no negatives */
-      int    err;
-      WC_DECLARE_VAR(tmp, fp_int, 2, 0);
-
-      WC_ALLOC_VAR_EX(tmp, fp_int, 2, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-          return FP_MEM);
-
-      /* yes, copy G and invmod it */
-      fp_init_copy(&tmp[0], G);
-      fp_init_copy(&tmp[1], P);
-      tmp[1].sign = FP_ZPOS;
-      err = fp_invmod(&tmp[0], &tmp[1], &tmp[0]);
-      if (err == FP_OKAY) {
-         X->sign = FP_ZPOS;
-         err =  _fp_exptmod_nct(&tmp[0], X, P, Y);
-         if (X != Y) {
-            X->sign = FP_NEG;
-         }
-         if ((err == 0) && (P->sign == FP_NEG)) {
-            err = fp_add(Y, P, Y);
-         }
-      }
-      WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-      return err;
-#else
-      return FP_VAL;
-#endif
-   }
-   else {
-      /* Positive exponent so just exptmod */
-      return  _fp_exptmod_nct(G, X, P, Y);
-   }
-}
-
-/* computes a = 2**b */
-void fp_2expt(fp_int *a, int b)
-{
-   int     z;
-
-   /* zero a as per default */
-   fp_zero (a);
-
-   if (b < 0) {
-      return;
-   }
-
-   z = b / DIGIT_BIT;
-   if (z >= FP_SIZE) {
-      return;
-   }
-
-  /* set the used count of where the bit will go */
-  a->used = z + 1;
-
-  /* put the single bit in its place */
-  a->dp[z] = ((fp_digit)1) << (b % DIGIT_BIT);
-}
-
-/* b = a*a  */
-int fp_sqr(fp_int *A, fp_int *B)
-{
-    int err;
-    int y, oldused;
-
-    oldused = B->used;
-    y = A->used;
-
-    /* error if we're out of range */
-    if (y + y >= FP_SIZE) {
-       err = FP_VAL;
-       goto clean;
-    }
-
-#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
-    if (esp_hw_validation_active()) {
-        ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
-                      "during active validation.");
-    }
-    else {
-        err = esp_mp_mul(A, A, B); /* HW accelerated multiply  */
-        switch (err) {
-            case MP_OKAY:
-                goto clean; /* success */
-                break;
-
-            case WC_NO_ERR_TRACE(WC_HW_WAIT_E): /* MP_HW_BUSY math HW busy, fall back */
-            case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
-            case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
-                /* fall back to software, below */
-                break;
-
-            default:
-                /* Once we've failed, exit without trying to continue.
-                 * We may have mangled operands: (e.g. Z = X * Z)
-                 * Future implementation may consider saving operands,
-                 * but errors should never occur. */
-                goto clean;  /* error */
-                break;
-        }
-    }
-    /* fall through to software calcs */
-#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
-
-#if defined(TFM_SQR3) && FP_SIZE >= 6
-        if (y <= 3) {
-           err = fp_sqr_comba3(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR4) && FP_SIZE >= 8
-        if (y == 4) {
-           err = fp_sqr_comba4(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR6) && FP_SIZE >= 12
-        if (y <= 6) {
-           err = fp_sqr_comba6(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR7) && FP_SIZE >= 14
-        if (y == 7) {
-           err = fp_sqr_comba7(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR8) && FP_SIZE >= 16
-        if (y == 8) {
-           err = fp_sqr_comba8(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR9) && FP_SIZE >= 18
-        if (y == 9) {
-           err = fp_sqr_comba9(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR12) && FP_SIZE >= 24
-        if (y <= 12) {
-           err = fp_sqr_comba12(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR17) && FP_SIZE >= 34
-        if (y <= 17) {
-           err = fp_sqr_comba17(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SMALL_SET)
-        if (y <= 16) {
-           err = fp_sqr_comba_small(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR20) && FP_SIZE >= 40
-        if (y <= 20) {
-           err = fp_sqr_comba20(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR24) && FP_SIZE >= 48
-        if (y <= 24) {
-           err = fp_sqr_comba24(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR28) && FP_SIZE >= 56
-        if (y <= 28) {
-           err = fp_sqr_comba28(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR32) && FP_SIZE >= 64
-        if (y <= 32) {
-           err = fp_sqr_comba32(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR48) && FP_SIZE >= 96
-        if (y <= 48) {
-           err = fp_sqr_comba48(A,B);
-           goto clean;
-        }
-#endif
-#if defined(TFM_SQR64) && FP_SIZE >= 128
-        if (y <= 64) {
-           err = fp_sqr_comba64(A,B);
-           goto clean;
-        }
-#endif
-       err = fp_sqr_comba(A, B);
-
-clean:
-  /* zero any excess digits on the destination that we didn't write to */
-  for (y = B->used; y >= 0 && y < oldused; y++) {
-    B->dp[y] = 0;
-  }
-
-  return err;
-}
-
-/* generic comba squarer */
-int fp_sqr_comba(fp_int *A, fp_int *B)
-{
-  int       pa, ix, iz;
-  fp_digit  c0, c1, c2;
-#ifdef TFM_ISO
-  fp_word   tt = 0;
-#endif
-   fp_int    *dst;
-   WC_DECLARE_VAR(tmp, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-  /* get size of output and trim */
-  pa = A->used + A->used;
-  if (pa >= FP_SIZE) {
-     pa = FP_SIZE-1;
-  }
-
-  /* number of output digits to produce */
-  COMBA_START;
-  COMBA_CLEAR;
-
-  if (A == B) {
-     fp_init(tmp);
-     dst = tmp;
-  } else {
-     fp_zero(B);
-     dst = B;
-  }
-
-  for (ix = 0; ix < pa; ix++) {
-      int      tx, ty, iy;
-      fp_digit *tmpy, *tmpx;
-
-      /* get offsets into the two bignums */
-      ty = MIN(A->used-1, ix);
-      tx = ix - ty;
-
-      /* setup temp aliases */
-      tmpx = A->dp + tx;
-      tmpy = A->dp + ty;
-
-      /* this is the number of times the loop will iterate,
-         while (tx++ < a->used && ty-- >= 0) { ... }
-       */
-      iy = MIN(A->used-tx, ty+1);
-
-      /* now for squaring tx can never equal ty
-       * we halve the distance since they approach
-       * at a rate of 2x and we have to round because
-       * odd cases need to be executed
-       */
-      iy = MIN(iy, (ty-tx+1)>>1);
-
-      /* forward carries */
-      COMBA_FORWARD;
-
-      /* execute loop */
-      for (iz = 0; iz < iy; iz++) {
-          SQRADD2(*tmpx++, *tmpy--);
-      }
-
-      /* even columns have the square term in them */
-      if ((ix&1) == 0) {
-          /* TAO change COMBA_ADD back to SQRADD */
-          SQRADD(A->dp[ix>>1], A->dp[ix>>1]);
-      }
-
-      /* store it */
-      COMBA_STORE(dst->dp[ix]);
-  }
-
-  COMBA_FINI;
-
-  /* setup dest */
-  dst->used = pa;
-  fp_clamp (dst);
-  if (dst != B) {
-     fp_copy(dst, B);
-  }
-
-  /* Variables used but not seen by cppcheck. */
-  (void)c0; (void)c1; (void)c2;
-#ifdef TFM_ISO
-  (void)tt;
-#endif
-
-  WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-int fp_cmp(fp_int *a, fp_int *b)
-{
-   if (a->sign == FP_NEG && b->sign == FP_ZPOS) {
-      return FP_LT;
-   } else if (a->sign == FP_ZPOS && b->sign == FP_NEG) {
-      return FP_GT;
-   } else {
-      /* compare digits */
-      if (a->sign == FP_NEG) {
-         /* if negative compare opposite direction */
-         return fp_cmp_mag(b, a);
-      } else {
-         return fp_cmp_mag(a, b);
-      }
-   }
-}
-
-/* compare against a single digit */
-int fp_cmp_d(fp_int *a, fp_digit b)
-{
-  /* special case for zero*/
-  if (a->used == 0 && b == 0)
-    return FP_EQ;
-
-  /* compare based on sign */
-  if ((b && a->used == 0) || a->sign == FP_NEG) {
-    return FP_LT;
-  }
-
-  /* compare based on magnitude */
-  if (a->used > 1) {
-    return FP_GT;
-  }
-
-  /* compare the only digit of a to b */
-  if (a->dp[0] > b) {
-    return FP_GT;
-  } else if (a->dp[0] < b) {
-    return FP_LT;
-  } else {
-    return FP_EQ;
-  }
-
-}
-
-int fp_cmp_mag(fp_int *a, fp_int *b)
-{
-   int x;
-
-   if (a->used > b->used) {
-      return FP_GT;
-   } else if (a->used < b->used) {
-      return FP_LT;
-   } else {
-      for (x = a->used - 1; x >= 0; x--) {
-          if (a->dp[x] > b->dp[x]) {
-             return FP_GT;
-          } else if (a->dp[x] < b->dp[x]) {
-             return FP_LT;
-          }
-      }
-   }
-   return FP_EQ;
-}
-
-
-/* sets up the montgomery reduction */
-int fp_montgomery_setup(fp_int *a, fp_digit *rho)
-{
-  fp_digit x, b;
-
-/* fast inversion mod 2**k
- *
- * Based on the fact that
- *
- * XA = 1 (mod 2**n)  =>  (X(2-XA)) A = 1 (mod 2**2n)
- *                    =>  2*X*A - X*X*A*A = 1
- *                    =>  2*(1) - (1)     = 1
- */
-  b = a->dp[0];
-
-  if ((b & 1) == 0) {
-    return FP_VAL;
-  }
-
-  x = (((b + 2) & 4) << 1) + b; /* here x*a==1 mod 2**4 */
-  x *= 2 - b * x;               /* here x*a==1 mod 2**8 */
-  x *= 2 - b * x;               /* here x*a==1 mod 2**16 */
-  x *= 2 - b * x;               /* here x*a==1 mod 2**32 */
-#ifdef FP_64BIT
-  x *= 2 - b * x;               /* here x*a==1 mod 2**64 */
-#endif
-
-  /* rho = -1/m mod b */
-  *rho = (fp_digit) (((fp_word) 1 << ((fp_word) DIGIT_BIT)) - ((fp_word)x));
-
-  return FP_OKAY;
-}
-
-/* computes a = B**n mod b without division or multiplication useful for
- * normalizing numbers in a Montgomery system.
- */
-int fp_montgomery_calc_normalization(fp_int *a, fp_int *b)
-{
-  int     x, bits;
-
-  /* how many bits of last digit does b use */
-  bits = fp_count_bits (b) % DIGIT_BIT;
-  if (!bits) bits = DIGIT_BIT;
-
-  /* compute A = B^(n-1) * 2^(bits-1) */
-  if (b->used > 1) {
-     fp_2expt (a, (b->used - 1) * DIGIT_BIT + bits - 1);
-  } else {
-     fp_set(a, 1);
-     bits = 1;
-  }
-
-  /* now compute C = A * B mod b */
-  for (x = bits - 1; x < (int)DIGIT_BIT; x++) {
-    int err = fp_mul_2 (a, a);
-    if (err != FP_OKAY) {
-      return err;
-    }
-    if (fp_cmp_mag (a, b) != FP_LT) {
-      s_fp_sub (a, b, a);
-    }
-  }
-  return FP_OKAY;
-}
-
-
-#ifdef TFM_SMALL_MONT_SET
-    #include "fp_mont_small.i"
-#endif
-
-#ifdef HAVE_INTEL_MULX
-static WC_INLINE void innermul8_mulx(fp_digit *c_mulx, fp_digit *cy_mulx, fp_digit *tmpm, fp_digit mu)
-{
-    fp_digit cy = *cy_mulx ;
-    INNERMUL8_MULX ;
-    *cy_mulx = cy ;
-}
-
-/* computes x/R == x (mod N) via Montgomery Reduction */
-static int fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp, int ct)
-{
-   WC_DECLARE_VAR(c, fp_digit, FP_SIZE+1, 0);
-   fp_digit *_c, *tmpm, mu = 0;
-   int      oldused, x, y, pa;
-
-   /* bail if too large */
-   if (m->used > (FP_SIZE/2)) {
-      (void)mu;                     /* shut up compiler */
-      return FP_VAL;
-   }
-
-#ifdef TFM_SMALL_MONT_SET
-   if (m->used <= 16) {
-      return fp_montgomery_reduce_small(a, m, mp);
-   }
-#endif
-
-   /* only allocate space for what's needed for window plus res */
-   WC_ALLOC_VAR_EX(c, fp_digit, (FP_SIZE+1), NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-   /* now zero the buff */
-   XMEMSET(c, 0, sizeof(fp_digit)*(FP_SIZE + 1));
-   pa = m->used;
-
-   /* copy the input */
-#ifdef TFM_TIMING_RESISTANT
-   if (a->used <= m->used) {
-      oldused = m->used;
-   }
-   else {
-      oldused = m->used * 2;
-   }
-#else
-   oldused = a->used;
-#endif
-   for (x = 0; x < oldused; x++) {
-       c[x] = a->dp[x];
-   }
-   MONT_START;
-
-   for (x = 0; x < pa; x++) {
-       fp_digit cy = 0;
-       /* get Mu for this round */
-       LOOP_START;
-       _c   = c + x;
-       tmpm = m->dp;
-       y = 0;
-        for (; y < (pa & ~7); y += 8) {
-              innermul8_mulx(_c, &cy, tmpm, mu) ;
-              _c   += 8;
-              tmpm += 8;
-           }
-       for (; y < pa; y++) {
-          INNERMUL;
-          ++_c;
-       }
-       LOOP_END;
-       while (cy) {
-           PROPCARRY;
-           ++_c;
-       }
-  }
-
-  /* now copy out */
-  _c   = c + pa;
-  tmpm = a->dp;
-  for (x = 0; x < pa+1; x++) {
-     *tmpm++ = *_c++;
-  }
-
-  /* zero any excess digits on the destination that we didn't write to */
-  for (; x < oldused; x++) {
-     *tmpm++ = 0;
-  }
-
-  MONT_FINI;
-
-  a->used = pa+1;
-  fp_clamp(a);
-
-#ifndef WOLFSSL_MONT_RED_CT
-  /* if A >= m then A = A - m */
-  if (fp_cmp_mag (a, m) != FP_LT) {
-    s_fp_sub (a, m, a);
-  }
-  (void)ct;
-#else
-  if (ct) {
-    fp_submod_ct(a, m, m, a);
-  }
-  else if (fp_cmp_mag (a, m) != FP_LT) {
-    s_fp_sub (a, m, a);
-  }
-#endif
-
-  WC_FREE_VAR_EX(c, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-#endif
-
-/* computes x/R == x (mod N) via Montgomery Reduction */
-int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct)
-{
-   WC_DECLARE_VAR(c, fp_digit, FP_SIZE+1, 0);
-   fp_digit *_c, *tmpm, mu = 0;
-   int      oldused, x, y, pa, err = 0;
-
-   IF_HAVE_INTEL_MULX(err=fp_montgomery_reduce_mulx(a, m, mp, ct), return err) ;
-   (void)err;
-
-   /* bail if too large */
-   if (m->used > (FP_SIZE/2)) {
-      (void)mu;                     /* shut up compiler */
-      return FP_VAL;
-   }
-
-#ifdef TFM_SMALL_MONT_SET
-   if (m->used <= 16) {
-      return fp_montgomery_reduce_small(a, m, mp);
-   }
-#endif
-
-   /* only allocate space for what's needed for window plus res */
-   WC_ALLOC_VAR_EX(c, fp_digit, (FP_SIZE+1), NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-   /* now zero the buff */
-   XMEMSET(c, 0, sizeof(fp_digit)*(FP_SIZE + 1));
-   pa = m->used;
-
-   /* copy the input */
-#ifdef TFM_TIMING_RESISTANT
-   if (a->used <= m->used) {
-      oldused = m->used;
-   }
-   else {
-      oldused = m->used * 2;
-   }
-#else
-   oldused = a->used;
-#endif
-   for (x = 0; x < oldused; x++) {
-       c[x] = a->dp[x];
-   }
-   MONT_START;
-
-   for (x = 0; x < pa; x++) {
-       fp_digit cy = 0;
-       /* get Mu for this round */
-       LOOP_START;
-       _c   = c + x;
-       tmpm = m->dp;
-       y = 0;
-#if defined(INNERMUL8)
-        for (; y < (pa & ~7); y += 8) {
-              INNERMUL8 ;
-              _c   += 8;
-              tmpm += 8;
-           }
-#endif
-       for (; y < pa; y++) {
-          INNERMUL;
-          ++_c;
-       }
-       LOOP_END;
-       while (cy) { /* //NOLINT(bugprone-infinite-loop) */ /* PROPCARRY is an asm macro */
-           PROPCARRY;
-           ++_c;
-       }
-  }
-
-  /* now copy out */
-  _c   = c + pa;
-  tmpm = a->dp;
-  for (x = 0; x < pa+1; x++) {
-     *tmpm++ = *_c++;
-  }
-
-  /* zero any excess digits on the destination that we didn't write to */
-  for (; x < oldused; x++) {
-     *tmpm++ = 0;
-  }
-
-  MONT_FINI;
-
-  a->used = pa+1;
-  fp_clamp(a);
-
-#ifndef WOLFSSL_MONT_RED_CT
-  /* if A >= m then A = A - m */
-  if (fp_cmp_mag (a, m) != FP_LT) {
-    s_fp_sub (a, m, a);
-  }
-  (void)ct;
-#else
-  if (ct) {
-    fp_submod_ct(a, m, m, a);
-  }
-  else if (fp_cmp_mag (a, m) != FP_LT) {
-    s_fp_sub (a, m, a);
-  }
-#endif
-
-  WC_FREE_VAR_EX(c, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-int fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
-{
-  return fp_montgomery_reduce_ex(a, m, mp, 1);
-}
-
-int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c)
-{
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-  const word32 maxC = (a->size * sizeof(fp_digit));
-#else
-  const word32 maxC = (FP_SIZE * sizeof(fp_digit));
-#endif
-
-  /* zero the int */
-  fp_zero (a);
-
-  if (c < 0) {
-      return FP_VAL;
-  }
-
-  if (c == 0) {
-      return FP_OKAY;
-  }
-
-  /* if input b excess max, then truncate */
-  if ((word32)c > maxC) {
-     int excess = (c - maxC);
-     c -= excess;
-     b += excess;
-  }
-
-/* Not both endian simultaneously */
-#if defined(LITTLE_ENDIAN_ORDER) && defined(BIG_ENDIAN_ORDER)
-#error Both LITTLE_ENDIAN_ORDER and BIG_ENDIAN_ORDER defined.
-#endif
-
-#if (defined(LITTLE_ENDIAN_ORDER) || defined(BIG_ENDIAN_ORDER)) && \
-    (defined(FP_32BIT) || defined(FP_64BIT))
-#ifdef FP_32BIT
-  /* If we know the endianness of this architecture, and we're using
-     32-bit fp_digits, we can optimize this */
-  {
-     unsigned char *pd = (unsigned char *)a->dp;
-
-     a->used = (c + sizeof(fp_digit) - 1)/sizeof(fp_digit);
-#ifdef BIG_ENDIAN_ORDER
-     {
-       /* Use Duff's device to unroll the loop. */
-       int idx = (c - 1) & ~3;
-       switch (c % 4) {
-       case 0:    do { pd[idx+0] = *b++; FALL_THROUGH;
-       case 3:         pd[idx+1] = *b++; FALL_THROUGH;
-       case 2:         pd[idx+2] = *b++; FALL_THROUGH;
-       case 1:         pd[idx+3] = *b++;
-                     idx -= 4;
-                 } while ((c -= 4) > 0);
-       }
-     }
-#else
-     /* read the bytes in one at a time. */
-     for (c -= 1; c >= 0; c -= 1) {
-       pd[c] = *b++;
-     }
-#endif
-  }
-#elif defined(FP_64BIT)
-  /* If we know the endianness of this architecture, and we're using
-     64-bit fp_digits, we can optimize this */
-  {
-     unsigned char *pd = (unsigned char *)a->dp;
-
-     a->used = (c + sizeof(fp_digit) - 1)/sizeof(fp_digit);
-#ifdef BIG_ENDIAN_ORDER
-     {
-       /* Use Duff's device to unroll the loop. */
-       int idx = (c - 1) & ~7;
-       switch (c % 8) {
-       case 0:    do { pd[idx+0] = *b++; FALL_THROUGH;
-       case 7:         pd[idx+1] = *b++; FALL_THROUGH;
-       case 6:         pd[idx+2] = *b++; FALL_THROUGH;
-       case 5:         pd[idx+3] = *b++; FALL_THROUGH;
-       case 4:         pd[idx+4] = *b++; FALL_THROUGH;
-       case 3:         pd[idx+5] = *b++; FALL_THROUGH;
-       case 2:         pd[idx+6] = *b++; FALL_THROUGH;
-       case 1:         pd[idx+7] = *b++;
-                     idx -= 8;
-                 } while ((c -= 8) > 0);
-       }
-     }
-#else
-     /* read the bytes in one at a time. */
-     for (c -= 1; c >= 0; c -= 1) {
-       pd[c] = *b++;
-     }
-#endif
-  }
-#endif
-#else
-  /* read the bytes in one at a time - unknown number of bits in digit */
-  for (; c > 0; c--) {
-     int err = fp_mul_2d (a, 8, a);
-     if (err != FP_OKAY) {
-         return err;
-     }
-     a->dp[0] |= *b++;
-
-     if (a->used == 0) {
-         a->used = 1;
-     }
-  }
-#endif
-  fp_clamp (a);
-
-  return FP_OKAY;
-}
-
-int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b)
-{
-#if DIGIT_BIT == 64 || DIGIT_BIT == 32
-   int i;
-   int j = 0;
-   fp_digit n;
-
-   for (i = 0; i < t->used-1; ) {
-       b[x++] = (unsigned char)(t->dp[i] >> j);
-       j += 8;
-       i += j == DIGIT_BIT;
-       j &= DIGIT_BIT - 1;
-   }
-   n = t->dp[i];
-   while (n != 0) {
-       b[x++] = (unsigned char)n;
-       n >>= 8;
-   }
-   return x;
-#else
-   while (fp_iszero (t) == FP_NO) {
-      b[x++] = (unsigned char) (t->dp[0] & 255);
-      fp_div_2d (t, 8, t, NULL);
-  }
-  return x;
-#endif
-}
-
-int fp_to_unsigned_bin(const fp_int *a, unsigned char *b)
-{
-  int     x;
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init_copy(t, a);
-
-  x = fp_to_unsigned_bin_at_pos(0, t, b);
-  mp_reverse (b, x);
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-int fp_to_unsigned_bin_len_ct(fp_int *a, unsigned char *out, int outSz)
-{
-  int err = MP_OKAY;
-
-  /* Validate parameters. */
-  if ((a == NULL) || (out == NULL) || (outSz < 0)) {
-    err = MP_VAL;
-  }
-
-#if DIGIT_BIT > 8
-  if (err == MP_OKAY) {
-    /* Start at the end of the buffer - least significant byte. */
-    int j;
-    unsigned int i;
-    fp_digit mask = (fp_digit)-1;
-    fp_digit d;
-
-    /* Put each digit in. */
-    i = 0;
-    for (j = outSz - 1; j >= 0; ) {
-      unsigned int b;
-      d = a->dp[i];
-      /* Place each byte of a digit into the buffer. */
-      for (b = 0; (j >= 0) && (b < (DIGIT_BIT / 8)); b++) {
-        out[j--] = (byte)(d & mask);
-        d >>= 8;
-      }
-      mask &= (fp_digit)0 - (i < (unsigned int)a->used - 1);
-      i += (unsigned int)(1 & mask);
-    }
-  }
-#else
-  if ((err == MP_OKAY) && ((unsigned int)outSz < a->used)) {
-    err = MP_VAL;
-  }
-  if (err == MP_OKAY) {
-    unsigned int i;
-    int j;
-    fp_digit mask = (fp_digit)-1;
-
-    i = 0;
-    for (j = outSz - 1; j >= 0; j--) {
-      out[j] = a->dp[i] & mask;
-      mask &= (fp_digit)0 - (i < (unsigned int)a->used - 1);
-      i += (unsigned int)(1 & mask);
-    }
-  }
-#endif
-
-  return err;
-}
-
-int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c)
-{
-#if DIGIT_BIT == 64 || DIGIT_BIT == 32 || DIGIT_BIT == 16
-  int i = 0;
-  int j = 0;
-  int x;
-
-  for (x=c-1; x >= 0 && i < a->used; x--) {
-     b[x] = (unsigned char)(a->dp[i] >> j);
-     j += 8;
-     i += j == DIGIT_BIT;
-     j &= DIGIT_BIT - 1;
-  }
-  for (; x >= 0; x--) {
-     b[x] = 0;
-  }
-  if (i < a->used - 1) {
-      return FP_VAL;
-  }
-  if ((i == a->used - 1) && ((a->dp[i] >> j) != 0)) {
-      return FP_VAL;
-  }
-
-  return FP_OKAY;
-#else
-  int     x;
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init_copy(t, a);
-
-  for (x = 0; x < c; x++) {
-      b[x] = (unsigned char) (t->dp[0] & 255);
-      fp_div_2d (t, 8, t, NULL);
-  }
-  mp_reverse (b, x);
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  if (!fp_iszero(t)) {
-      return FP_VAL;
-  }
-  return FP_OKAY;
-#endif
-}
-
-int fp_unsigned_bin_size(const fp_int *a)
-{
-  int     size = fp_count_bits (a);
-  return (size / 8 + ((size & 7) != 0 ? 1 : 0));
-}
-
-void fp_set(fp_int *a, fp_digit b)
-{
-   fp_zero(a);
-   a->dp[0] = b;
-   a->used  = a->dp[0] ? 1 : 0;
-}
-
-
-#ifndef MP_SET_CHUNK_BITS
-    #define MP_SET_CHUNK_BITS 4
-#endif
-int fp_set_int(fp_int *a, unsigned long b)
-{
-  /* use direct fp_set if b is less than fp_digit max
-   * If input max value of b down shift by 1 less than full range
-   * fp_digit, then condition is always true. */
-#if ((ULONG_MAX >> (DIGIT_BIT-1)) > 0)
-  int x;
-  if (b < FP_DIGIT_MAX)
-  {
-    fp_set (a, (fp_digit)b);
-    return FP_OKAY;
-  }
-
-  fp_zero (a);
-
-  /* set chunk bits at a time */
-  for (x = 0; x < (int)(sizeof(b) * 8) / MP_SET_CHUNK_BITS; x++) {
-    int err = fp_mul_2d (a, MP_SET_CHUNK_BITS, a);
-    if (err != FP_OKAY)
-        return err;
-
-    /* OR in the top bits of the source */
-    a->dp[0] |= (b >> ((sizeof(b) * 8) - MP_SET_CHUNK_BITS)) &
-                                  ((1 << MP_SET_CHUNK_BITS) - 1);
-
-    /* shift the source up to the next chunk bits */
-    b <<= MP_SET_CHUNK_BITS;
-
-    /* ensure that digits are not clamped off */
-    a->used += 1;
-  }
-
-  /* clamp digits */
-  fp_clamp(a);
-#else
-  fp_set (a, (fp_digit)b);
-#endif
-
-  return FP_OKAY;
-}
-
-/* check if a bit is set */
-int fp_is_bit_set (fp_int *a, fp_digit b)
-{
-    fp_digit i;
-
-    if (b > FP_MAX_BITS)
-        return FP_VAL;
-
-    i = b/DIGIT_BIT;
-
-    if ((fp_digit)a->used < i)
-        return 0;
-
-    return (int)((a->dp[i] >> b%DIGIT_BIT) & (fp_digit)1);
-}
-
-/* set the b bit of a */
-int fp_set_bit (fp_int * a, fp_digit b)
-{
-    fp_digit i;
-
-    if (b > FP_MAX_BITS)
-        return FP_VAL;
-
-    i = b/DIGIT_BIT;
-
-    /* set the used count of where the bit will go if required */
-    if (a->used < (int)(i+1))
-        a->used = (int)(i+1);
-
-    /* put the single bit in its place */
-    a->dp[i] |= ((fp_digit)1) << (b % DIGIT_BIT);
-
-    return MP_OKAY;
-}
-
-int fp_count_bits (const fp_int * a)
-{
-  int     r;
-  fp_digit q;
-
-  /* shortcut */
-  if (a->used == 0) {
-    return 0;
-  }
-
-  /* get number of digits and add that */
-  r = (a->used - 1) * DIGIT_BIT;
-
-  /* take the last digit and count the bits in it */
-  q = a->dp[a->used - 1];
-  while (q > ((fp_digit) 0)) {
-    ++r;
-    q >>= ((fp_digit) 1);
-  }
-
-  return r;
-}
-
-int fp_leading_bit(fp_int *a)
-{
-    int bit = 0;
-
-    if (a->used != 0) {
-        fp_digit q = a->dp[a->used - 1];
-        int qSz = sizeof(fp_digit);
-
-        while (qSz > 0) {
-            if ((unsigned char)q != 0)
-                bit = (q & 0x80) != 0;
-            q >>= 8;
-            qSz--;
-        }
-    }
-
-    return bit;
-}
-
-int fp_lshd(fp_int *a, int x)
-{
-    int y;
-
-    if (a->used + x > FP_SIZE) return FP_VAL;
-
-    y = a->used + x - 1;
-
-    /* store new size */
-    a->used = y + 1;
-
-    /* move digits */
-    for (; y >= x; y--) {
-        a->dp[y] = a->dp[y-x];
-    }
-
-    /* zero lower digits */
-    for (; y >= 0; y--) {
-        a->dp[y] = 0;
-    }
-
-    /* clamp digits */
-    fp_clamp(a);
-    return FP_OKAY;
-}
-
-
-/* right shift by bit count */
-void fp_rshb(fp_int *c, int x)
-{
-    fp_digit *tmpc, mask, shift;
-    fp_digit r, rr;
-    fp_digit D = x;
-
-    /* shifting by a negative number not supported, and shifting by
-     * zero changes nothing.
-     */
-    if (x <= 0) return;
-
-    /* shift digits first if needed */
-    if (x >= DIGIT_BIT) {
-        fp_rshd(c, x / DIGIT_BIT);
-        /* recalculate number of bits to shift */
-        D = x % DIGIT_BIT;
-        /* check if any more shifting needed */
-        if (D == 0) return;
-
-    }
-
-    /* zero shifted is always zero */
-    if (fp_iszero(c)) return;
-
-    /* mask */
-    mask = (((fp_digit)1) << D) - 1;
-
-    /* shift for lsb */
-    shift = DIGIT_BIT - D;
-
-    /* alias */
-    tmpc = c->dp + (c->used - 1);
-
-    /* carry */
-    r = 0;
-    for (x = c->used - 1; x >= 0; x--) {
-      /* get the lower  bits of this word in a temp */
-      rr = *tmpc & mask;
-
-      /* shift the current word and mix in the carry bits from previous word */
-      *tmpc = (*tmpc >> D) | (r << shift);
-      --tmpc;
-
-      /* set the carry to the carry bits of the current word found above */
-      r = rr;
-    }
-
-    /* clamp digits */
-    fp_clamp(c);
-}
-
-
-void fp_rshd(fp_int *a, int x)
-{
-  int y;
-
-  /* too many digits just zero and return */
-  if (x >= a->used) {
-     fp_zero(a);
-     return;
-  }
-
-   /* shift */
-   for (y = 0; y < a->used - x; y++) {
-      a->dp[y] = a->dp[y+x];
-   }
-
-   /* zero rest */
-   for (; y < a->used; y++) {
-      a->dp[y] = 0;
-   }
-
-   /* decrement count */
-   a->used -= x;
-   fp_clamp(a);
-}
-
-
-/* c = a - b */
-int fp_sub_d(fp_int *a, fp_digit b, fp_int *c)
-{
-   WC_DECLARE_VAR(tmp, fp_int, 1, 0);
-   int       err = FP_OKAY;
-
-   WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-   fp_init(tmp);
-   fp_set(tmp, b);
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-   if (c->size < FP_SIZE) {
-     err = fp_sub(a, tmp, tmp);
-     fp_copy(tmp, c);
-   }
-   else
-#endif
-   {
-     err = fp_sub(a, tmp, c);
-   }
-
-   WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-   return err;
-}
-
-
-/* wolfSSL callers from normal lib */
-
-/* init a new mp_int */
-int mp_init (mp_int * a)
-{
-  if (a)
-    fp_init(a);
-  return MP_OKAY;
-}
-
-void fp_init(fp_int *a)
-{
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    a->size = FP_SIZE;
-#endif
-#ifdef HAVE_WOLF_BIGINT
-    wc_bigint_init(&a->raw);
-#endif
-    fp_zero(a);
-}
-
-void fp_zero(fp_int *a)
-{
-    int size;
-    a->used = 0;
-    a->sign = FP_ZPOS;
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    size = a->size;
-#else
-    size = FP_SIZE;
-#endif
-    XMEMSET(a->dp, 0, size * sizeof(fp_digit));
-}
-
-void fp_clear(fp_int *a)
-{
-#ifdef HAVE_FIPS
-    fp_forcezero(a);
-#else
-    int size;
-    a->used = 0;
-    a->sign = FP_ZPOS;
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    size = a->size;
-#else
-    size = FP_SIZE;
-#endif
-    XMEMSET(a->dp, 0, size * sizeof(fp_digit));
-    fp_free(a);
-#endif
-}
-
-void fp_forcezero (mp_int * a)
-{
-    int size;
-
-    if (a == NULL)
-      return;
-
-    a->used = 0;
-    a->sign = FP_ZPOS;
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    size = a->size;
-#else
-    size = FP_SIZE;
-#endif
-    ForceZero(a->dp, size * sizeof(fp_digit));
-#ifdef HAVE_WOLF_BIGINT
-    wc_bigint_zero(&a->raw);
-#endif
-    fp_free(a);
-}
-
-void mp_forcezero (mp_int * a)
-{
-    fp_forcezero(a);
-}
-
-void fp_free(fp_int* a)
-{
-#ifdef HAVE_WOLF_BIGINT
-    wc_bigint_free(&a->raw);
-#else
-    (void)a;
-#endif
-}
-
-
-/* clear one (frees)  */
-void mp_clear (mp_int * a)
-{
-    if (a == NULL)
-        return;
-    fp_clear(a);
-}
-
-void mp_free(mp_int* a)
-{
-    fp_free(a);
-}
-
-/* handle up to 6 inits */
-int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d,
-                  mp_int* e, mp_int* f)
-{
-    if (a)
-        fp_init(a);
-    if (b)
-        fp_init(b);
-    if (c)
-        fp_init(c);
-    if (d)
-        fp_init(d);
-    if (e)
-        fp_init(e);
-    if (f)
-        fp_init(f);
-
-    return MP_OKAY;
-}
-
-/* high level addition (handles signs) */
-int mp_add (mp_int * a, mp_int * b, mp_int * c)
-{
-  return fp_add(a, b, c);
-}
-
-/* high level subtraction (handles signs) */
-int mp_sub (mp_int * a, mp_int * b, mp_int * c)
-{
-  return fp_sub(a, b, c);
-}
-
-/* high level multiplication (handles sign) */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_mul(mp_int * a, mp_int * b, mp_int * c)
-#else
-int mp_mul (mp_int * a, mp_int * b, mp_int * c)
-#endif
-{
-  return fp_mul(a, b, c);
-}
-
-int mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
-{
-  return fp_mul_d(a, b, c);
-}
-
-/* d = a * b (mod c) */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
-#else
-int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
-#endif
-{
-   int ret = MP_OKAY;
-#ifdef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
-   ret = esp_mp_mulmod(a, b, c, d);
-   switch (ret) {
-      case MP_OKAY:
-         /* successfully computed in HW */
-         break;
-
-      case WC_NO_ERR_TRACE(WC_HW_WAIT_E): /* MP_HW_BUSY math HW busy, fall back */
-      case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
-      case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
-         /* use software calc */
-         ret = fp_mulmod(a, b, c, d);
-         break;
-
-      default:
-         /* Once we've failed, exit without trying to continue.
-          * We may have mangled operands: (e.g. Z = X * Z)
-          * Future implementation may consider saving operands,
-          * but hard errors should never actually occur. */
-         break;
-   }
-#else /* no HW */
-   ret = fp_mulmod(a, b, c, d);
-#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
-   return ret;
-}
-
-/* d = a - b (mod c) */
-int mp_submod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
-{
-  return fp_submod(a, b, c, d);
-}
-
-/* d = a + b (mod c) */
-int mp_addmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
-{
-  return fp_addmod(a, b, c, d);
-}
-
-/* d = a - b (mod c) - constant time (a < c and b < c) */
-int mp_submod_ct(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
-{
-  return fp_submod_ct(a, b, c, d);
-}
-
-/* d = a + b (mod c) - constant time (a < c and b < c) */
-int mp_addmod_ct(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
-{
-  return fp_addmod_ct(a, b, c, d);
-}
-
-/* c = a mod b, 0 <= c < b */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_mod (mp_int * a, mp_int * b, mp_int * c)
-#else
-int mp_mod (mp_int * a, mp_int * b, mp_int * c)
-#endif
-{
-  return fp_mod (a, b, c);
-}
-
-/* hac 14.61, pp608 */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_invmod (mp_int * a, mp_int * b, mp_int * c)
-#else
-int mp_invmod (mp_int * a, mp_int * b, mp_int * c)
-#endif
-{
-  return fp_invmod(a, b, c);
-}
-
-/* hac 14.61, pp608 */
-int mp_invmod_mont_ct (mp_int * a, mp_int * b, mp_int * c, mp_digit mp)
-{
-  return fp_invmod_mont_ct(a, b, c, mp);
-}
-
-/* this is a shell function that calls either the normal or Montgomery
- * exptmod functions.  Originally the call to the montgomery code was
- * embedded in the normal function but that wasted a lot of stack space
- * for nothing (since 99% of the time the Montgomery code would be called)
- */
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
-#else
-int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
-#endif
-{
-  return fp_exptmod(G, X, P, Y);
-}
-
-int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P, mp_int * Y)
-{
-  return fp_exptmod_ex(G, X, digits, P, Y);
-}
-
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_exptmod_nct (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
-#else
-int mp_exptmod_nct (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
-#endif
-{
-  return fp_exptmod_nct(G, X, P, Y);
-}
-
-
-/* compare two ints (signed)*/
-int mp_cmp (mp_int * a, mp_int * b)
-{
-  return fp_cmp(a, b);
-}
-
-/* compare a digit */
-int mp_cmp_d(mp_int * a, mp_digit b)
-{
-  return fp_cmp_d(a, b);
-}
-
-/* get the size for an unsigned equivalent */
-int mp_unsigned_bin_size (const mp_int * a)
-{
-  return fp_unsigned_bin_size(a);
-}
-
-int mp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b)
-{
-  return fp_to_unsigned_bin_at_pos(x, t, b);
-}
-
-/* store in unsigned [big endian] format */
-int mp_to_unsigned_bin(const mp_int * a, unsigned char *b)
-{
-  return fp_to_unsigned_bin(a,b);
-}
-
-int mp_to_unsigned_bin_len_ct(mp_int * a, unsigned char *b, int c)
-{
-  return fp_to_unsigned_bin_len_ct(a, b, c);
-}
-
-int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c)
-{
-  return fp_to_unsigned_bin_len(a, b, c);
-}
-/* reads a unsigned char array, assumes the msb is stored first [big endian] */
-int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c)
-{
-  return fp_read_unsigned_bin(a, b, c);
-}
-
-
-int mp_sub_d(fp_int *a, fp_digit b, fp_int *c)
-{
-  return fp_sub_d(a, b, c);
-}
-
-int mp_mul_2d(fp_int *a, int b, fp_int *c)
-{
-  return fp_mul_2d(a, b, c);
-}
-
-int mp_2expt(fp_int* a, int b)
-{
-  fp_2expt(a, b);
-  return MP_OKAY;
-}
-
-int mp_div(fp_int * a, fp_int * b, fp_int * c, fp_int * d)
-{
-  return fp_div(a, b, c, d);
-}
-
-int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
-{
-  fp_div_2d(a, b, c, d);
-  return MP_OKAY;
-}
-
-int mp_mod_2d(fp_int* a, int b, fp_int* c)
-{
-  fp_mod_2d(a, b, c);
-  return MP_OKAY;
-}
-
-/* copy (src = a) to (dst = b) */
-void fp_copy(const fp_int *a, fp_int *b)
-{
-    /* if source and destination are different */
-    if (a != b) {
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-        /* verify a will fit in b */
-        if (b->size >= a->used) {
-            int x, oldused;
-            oldused = b->used;
-            b->used = a->used;
-            b->sign = a->sign;
-
-            XMEMCPY(b->dp, a->dp, a->used * sizeof(fp_digit));
-
-            /* zero any excess digits on the destination that we didn't write to */
-            for (x = b->used; x >= 0 && x < oldused; x++) {
-                b->dp[x] = 0;
-            }
-        }
-        else {
-            /* TODO: Handle error case */
-        }
-#else
-        /* all dp's are same size, so do straight copy */
-        b->used = a->used;
-        b->sign = a->sign;
-        XMEMCPY(b->dp, a->dp, FP_SIZE * sizeof(fp_digit));
-#endif
-    }
-}
-
-int mp_init_copy(fp_int * a, const fp_int * b)
-{
-    fp_init_copy(a, b);
-    return MP_OKAY;
-}
-
-/* Copy (dst = a) from (src = b) */
-void fp_init_copy(fp_int *a, const fp_int* b)
-{
-    if (a != b) {
-        fp_init(a);
-        /* Note reversed parameter order! */
-        fp_copy(b, a); /* copy (src = b) to (dst = a) */
-    }
-}
-
-/* fast math wrappers */
-int mp_copy(const fp_int* a, fp_int* b)
-{
-    fp_copy(a, b);
-    return MP_OKAY;
-}
-
-int mp_isodd(const mp_int* a)
-{
-    return fp_isodd(a);
-}
-
-int mp_iszero(const mp_int* a)
-{
-    return fp_iszero(a);
-}
-
-int mp_count_bits (const mp_int* a)
-{
-    return fp_count_bits(a);
-}
-
-int mp_leading_bit (mp_int* a)
-{
-    return fp_leading_bit(a);
-}
-
-void mp_rshb (mp_int* a, int x)
-{
-    fp_rshb(a, x);
-}
-
-void mp_rshd (mp_int* a, int x)
-{
-    fp_rshd(a, x);
-}
-
-int mp_set_int(mp_int *a, unsigned long b)
-{
-    return fp_set_int(a, b);
-}
-
-int mp_is_bit_set (mp_int *a, mp_digit b)
-{
-    return fp_is_bit_set(a, b);
-}
-
-int mp_set_bit(mp_int *a, mp_digit b)
-{
-    return fp_set_bit(a, b);
-}
-
-#if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC) || !defined(NO_DH) || \
-    !defined(NO_DSA) || !defined(NO_RSA)
-
-/* c = a * a (mod b) */
-int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c)
-{
-  int err;
-   WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init(t);
-  err = fp_sqr(a, t);
-  if (err == FP_OKAY) {
-  #if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-    if (c->size < FP_SIZE) {
-      err = fp_mod(t, b, t);
-      fp_copy(t, c);
-    }
-    else
-  #endif
-    {
-      err = fp_mod(t, b, c);
-    }
-  }
-
-  WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-  return err;
-}
-
-/* fast math conversion */
-int mp_sqrmod(mp_int *a, mp_int *b, mp_int *c)
-{
-    return fp_sqrmod(a, b, c);
-}
-
-/* fast math conversion */
-int mp_montgomery_calc_normalization(mp_int *a, mp_int *b)
-{
-    return fp_montgomery_calc_normalization(a, b);
-}
-
-#endif /* WOLFSSL_KEY_GEN || HAVE_ECC */
-
-static int fp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t)
-{
-    int i;
-    mp_digit mask = (mp_digit)0 - m;
-
-    t->used = (a->used ^ b->used) & mask;
-    for (i = 0; i < c; i++) {
-        t->dp[i] = (a->dp[i] ^ b->dp[i]) & mask;
-    }
-    a->used ^= t->used;
-    for (i = 0; i < c; i++) {
-        a->dp[i] ^= t->dp[i];
-    }
-    b->used ^= t->used;
-    for (i = 0; i < c; i++) {
-        b->dp[i] ^= t->dp[i];
-    }
-
-    return FP_OKAY;
-}
-
-
-static int fp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m)
-{
-    WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-   fp_cond_swap_ct_ex(a, b, c, m, t);
-
-    WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_OKAY;
-}
-
-
-#if defined(WC_MP_TO_RADIX) || !defined(NO_DH) || !defined(NO_DSA) || \
-    !defined(NO_RSA)
-
-#ifdef WOLFSSL_KEY_GEN
-/* swap the elements of two integers, for cases where you can't simply swap the
- * mp_int pointers around
- */
-static int fp_exch (fp_int * a, fp_int * b)
-{
-    WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-   WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-    *t = *a;
-    *a = *b;
-    *b = *t;
-
-    WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_OKAY;
-}
-#endif
-
-static const int lnz[16] = {
-   4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
-};
-
-/* Counts the number of lsbs which are zero before the first zero bit */
-int fp_cnt_lsb(fp_int *a)
-{
-   int x;
-   fp_digit q, qq;
-
-   /* easy out */
-   if (fp_iszero(a) == FP_YES) {
-      return 0;
-   }
-
-   /* scan lower digits until non-zero */
-   for (x = 0; x < a->used && a->dp[x] == 0; x++) {}
-   q = a->dp[x];
-   x *= DIGIT_BIT;
-
-   /* now scan this digit until a 1 is found */
-   if ((q & 1) == 0) {
-      do {
-         qq  = q & 15;
-         x  += lnz[qq];
-         q >>= 4;
-      } while (qq == 0);
-   }
-   return x;
-}
-
-
-static int s_is_power_of_two(fp_digit b, int *p)
-{
-   int x;
-
-   /* fast return if no power of two */
-   if ((b==0) || (b & (b-1))) {
-      return FP_NO;
-   }
-
-   for (x = 0; x < DIGIT_BIT; x++) {
-      if (b == (((fp_digit)1)<<x)) {
-         *p = x;
-         return FP_YES;
-      }
-   }
-   return FP_NO;
-}
-
-/* a/b => cb + d == a */
-static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
-{
-  WC_DECLARE_VAR(q, fp_int, 1, 0);
-  fp_word  w;
-  fp_digit t;
-  int      ix;
-
-  /* cannot divide by zero */
-  if (b == 0) {
-     return FP_VAL;
-  }
-
-  /* quick outs */
-  if (b == 1 || fp_iszero(a) == FP_YES) {
-     if (d != NULL) {
-        *d = 0;
-     }
-     if (c != NULL) {
-        fp_copy(a, c);
-     }
-     return FP_OKAY;
-  }
-
-  /* power of two ? */
-  if (s_is_power_of_two(b, &ix) == FP_YES) {
-     if (d != NULL) {
-        *d = a->dp[0] & ((((fp_digit)1)<<ix) - 1);
-     }
-     if (c != NULL) {
-        fp_div_2d(a, ix, c, NULL);
-     }
-     return FP_OKAY;
-  }
-
-  WC_ALLOC_VAR_EX(q, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-  fp_init(q);
-
-  if (c != NULL) {
-    q->used = a->used;
-    q->sign = a->sign;
-  }
-
-  w = 0;
-  for (ix = a->used - 1; ix >= 0; ix--) {
-     w = (w << ((fp_word)DIGIT_BIT)) | ((fp_word)a->dp[ix]);
-
-     if (w >= b) {
-#ifdef WOLFSSL_LINUXKM
-        t = (fp_digit)w;
-        /* Linux kernel macro for in-place 64 bit integer division. */
-        do_div(t, b);
-#else
-        t = (fp_digit)(w / b);
-#endif
-        w -= ((fp_word)t) * ((fp_word)b);
-      } else {
-        t = 0;
-      }
-      if (c != NULL)
-        q->dp[ix] = (fp_digit)t;
-  }
-
-  if (d != NULL) {
-     *d = (fp_digit)w;
-  }
-
-  if (c != NULL) {
-     fp_clamp(q);
-     fp_copy(q, c);
-  }
-
-  WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT);
-  return FP_OKAY;
-}
-
-
-/* c = a mod b, 0 <= c < b  */
-static int fp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
-{
-   return fp_div_d(a, b, NULL, c);
-}
-
-int mp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
-{
-   return fp_mod_d(a, b, c);
-}
-
-#endif /* WC_MP_TO_RADIX || !NO_DH || !NO_DSA || !NO_RSA */
-
-
-#if !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) || \
-    defined(WOLFSSL_KEY_GEN)
-
-static int  fp_isprime_ex(fp_int *a, int t, int* result);
-
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_prime_is_prime(mp_int* a, int t, int* result)
-#else
-int mp_prime_is_prime(mp_int* a, int t, int* result)
-#endif
-{
-    return fp_isprime_ex(a, t, result);
-}
-
-/* Miller-Rabin test of "a" to the base of "b" as described in
- * HAC pp. 139 Algorithm 4.24
- *
- * Sets result to 0 if definitely composite or 1 if probably prime.
- * Randomly the chance of error is no more than 1/4 and often
- * very much lower.
- */
-static int fp_prime_miller_rabin_ex(fp_int * a, fp_int * b, int *result,
-  fp_int *n1, fp_int *y, fp_int *r)
-{
-  int s, j;
-  int err;
-
-  /* default */
-  *result = FP_NO;
-
-  /* ensure b > 1 */
-  if (fp_cmp_d(b, 1) != FP_GT) {
-     return FP_OKAY;
-  }
-
-  /* get n1 = a - 1 */
-  fp_copy(a, n1);
-  err = fp_sub_d(n1, 1, n1);
-  if (err != FP_OKAY) {
-     return err;
-  }
-
-  /* set 2**s * r = n1 */
-  fp_copy(n1, r);
-
-  /* count the number of least significant bits
-   * which are zero
-   */
-  s = fp_cnt_lsb(r);
-
-  /* now divide n - 1 by 2**s */
-  fp_div_2d (r, s, r, NULL);
-
-  /* compute y = b**r mod a */
-  fp_zero(y);
-#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
-                                                     defined(WOLFSSL_HAVE_SP_DH)
-#ifndef WOLFSSL_SP_NO_2048
-  if (fp_count_bits(a) == 1024 && fp_isodd(a))
-      err = sp_ModExp_1024(b, r, a, y);
-  else if (fp_count_bits(a) == 2048 && fp_isodd(a))
-      err = sp_ModExp_2048(b, r, a, y);
-  else
-#endif
-#ifndef WOLFSSL_SP_NO_3072
-  if (fp_count_bits(a) == 1536 && fp_isodd(a))
-      err = sp_ModExp_1536(b, r, a, y);
-  else if (fp_count_bits(a) == 3072 && fp_isodd(a))
-      err = sp_ModExp_3072(b, r, a, y);
-  else
-#endif
-#ifdef WOLFSSL_SP_4096
-  if (fp_count_bits(a) == 4096 && fp_isodd(a))
-      err = sp_ModExp_4096(b, r, a, y);
-  else
-#endif
-#endif
-      err = fp_exptmod(b, r, a, y);
-   if (err != FP_OKAY) {
-       return err;
-   }
-
-  /* if y != 1 and y != n1 do */
-  if (fp_cmp_d (y, 1) != FP_EQ && fp_cmp (y, n1) != FP_EQ) {
-    j = 1;
-    /* while j <= s-1 and y != n1 */
-    while ((j <= (s - 1)) && fp_cmp (y, n1) != FP_EQ) {
-      err = fp_sqrmod (y, a, y);
-      if (err != FP_OKAY)
-         return err;
-
-      /* if y == 1 then composite */
-      if (fp_cmp_d (y, 1) == FP_EQ) {
-         return FP_OKAY;
-      }
-      ++j;
-    }
-
-    /* if y != n1 then composite */
-    if (fp_cmp (y, n1) != FP_EQ) {
-       return FP_OKAY;
-    }
-  }
-
-  /* probably prime now */
-  *result = FP_YES;
-
-  return FP_OKAY;
-}
-
-static int fp_prime_miller_rabin(fp_int * a, fp_int * b, int *result)
-{
-  int err;
-#ifndef WOLFSSL_SMALL_STACK
-  fp_int  n1[1], y[1], r[1];
-#else
-  fp_int *n1, *y, *r;
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
-  n1 = (fp_int*)XMALLOC(sizeof(fp_int) * 3, NULL, DYNAMIC_TYPE_BIGINT);
-  if (n1 == NULL) {
-      return FP_MEM;
-  }
-  y = &n1[1]; r = &n1[2];
-#endif
-
-  fp_init(n1);
-  fp_init(y);
-  fp_init(r);
-
-  err = fp_prime_miller_rabin_ex(a, b, result, n1, y, r);
-
-  fp_clear(n1);
-  fp_clear(y);
-  fp_clear(r);
-
-  WC_FREE_VAR_EX(n1, NULL, DYNAMIC_TYPE_BIGINT);
-
-  return err;
-}
-
-
-/* a few primes */
-static const fp_digit primes[FP_PRIME_SIZE] = {
-  0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
-  0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
-  0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
-  0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083,
-  0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
-  0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
-  0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
-  0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
-
-  0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
-  0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
-  0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
-  0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
-  0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
-  0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
-  0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
-  0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
-
-  0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
-  0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
-  0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
-  0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
-  0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
-  0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
-  0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
-  0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
-
-  0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
-  0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
-  0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
-  0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
-  0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
-  0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
-  0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
-  0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653
-};
-
-int fp_isprime_ex(fp_int *a, int t, int* result)
-{
-   WC_DECLARE_VAR(b, fp_int, 1, 0);
-   fp_digit d;
-   int      r, res;
-   int      err;
-
-   if (t <= 0 || t > FP_PRIME_SIZE) {
-     *result = FP_NO;
-     return FP_VAL;
-   }
-
-   if (fp_isone(a)) {
-       *result = FP_NO;
-       return FP_OKAY;
-   }
-
-   /* check against primes table */
-   for (r = 0; r < FP_PRIME_SIZE; r++) {
-       if (fp_cmp_d(a, primes[r]) == FP_EQ) {
-           *result = FP_YES;
-           return FP_OKAY;
-       }
-   }
-
-   /* do trial division */
-   for (r = 0; r < FP_PRIME_SIZE; r++) {
-       res = fp_mod_d(a, primes[r], &d);
-       if (res != MP_OKAY || d == 0) {
-           *result = FP_NO;
-           return res;
-       }
-   }
-
-  WC_ALLOC_VAR_EX(b, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-   /* now do 't' miller rabins */
-   fp_init(b);
-   for (r = 0; r < t; r++) {
-       fp_set(b, primes[r]);
-       err = fp_prime_miller_rabin(a, b, &res);
-       if ((err != FP_OKAY) || (res == FP_NO)) {
-          *result = res;
-          WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-          return err;
-       }
-   }
-   *result = FP_YES;
-   WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-   return FP_OKAY;
-}
-
-
-#if defined(FREESCALE_LTC_TFM)
-int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
-#else
-int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
-#endif
-{
-    int ret = FP_YES;
-    fp_digit d;
-    int i;
-
-    if (a == NULL || result == NULL || rng == NULL)
-        return FP_VAL;
-    if (a->sign == FP_NEG)
-        return FP_VAL;
-    if (t <= 0 || t > FP_PRIME_SIZE)
-        return FP_VAL;
-
-    if (fp_isone(a)) {
-        *result = FP_NO;
-        return FP_OKAY;
-    }
-
-    /* check against primes table */
-    for (i = 0; i < FP_PRIME_SIZE; i++) {
-        if (fp_cmp_d(a, primes[i]) == FP_EQ) {
-            *result = FP_YES;
-            return FP_OKAY;
-        }
-    }
-
-    /* do trial division */
-    for (i = 0; i < FP_PRIME_SIZE; i++) {
-        if (fp_mod_d(a, primes[i], &d) == MP_OKAY) {
-            if (d == 0) {
-                *result = FP_NO;
-                return FP_OKAY;
-            }
-        }
-        else
-            return FP_VAL;
-    }
-
-#ifndef WC_NO_RNG
-    /* now do a miller rabin with up to t random numbers, this should
-     * give a (1/4)^t chance of a false prime. */
-    {
-    #ifndef WOLFSSL_SMALL_STACK
-        fp_int b[1], c[1], n1[1], y[1], r[1];
-        byte   base[FP_MAX_PRIME_SIZE];
-    #else
-        fp_int *b, *c, *n1, *y, *r;
-        byte*  base;
-    #endif
-        word32 baseSz;
-        word32 bitSz;
-        int    err;
-
-        bitSz = fp_count_bits(a);
-        /* The base size is the number of bits / 8. One is added if the number
-         * of bits isn't an even 8. */
-        baseSz = (bitSz / 8) + ((bitSz % 8) ? 1 : 0);
-        bitSz %= 8;
-
-    #ifndef WOLFSSL_SMALL_STACK
-        if (baseSz > sizeof(base))
-            return FP_MEM;
-    #else
-        base = (byte*)XMALLOC(baseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (base == NULL)
-            return FP_MEM;
-
-        b = (fp_int*)XMALLOC(sizeof(fp_int) * 5, NULL, DYNAMIC_TYPE_BIGINT);
-        if (b == NULL) {
-            XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            return FP_MEM;
-        }
-        c = &b[1]; n1 = &b[2]; y= &b[3]; r = &b[4];
-    #endif
-
-        fp_init(b);
-        fp_init(c);
-        fp_init(n1);
-        fp_init(y);
-        fp_init(r);
-
-        err = fp_sub_d(a, 2, c);
-        if (err != FP_OKAY) {
-           WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-           WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-           return err;
-        }
-        while (t > 0) {
-            if ((err = wc_RNG_GenerateBlock(rng, base, baseSz)) != 0) {
-               WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-               WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-               return err;
-            }
-
-            if (bitSz != 0)
-                base[0] &= (1 << bitSz) - 1;
-
-            err = fp_read_unsigned_bin(b, base, baseSz);
-            if (err != FP_OKAY) {
-               WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-               WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-               return err;
-            }
-            if (fp_cmp_d(b, 2) != FP_GT || fp_cmp(b, c) != FP_LT) {
-                continue;
-            }
-
-            err = fp_prime_miller_rabin_ex(a, b, &ret, n1, y, r);
-            if (err != FP_OKAY) {
-               WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-               WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-               return err;
-            }
-            if (ret == FP_NO)
-                break;
-            fp_zero(b);
-            t--;
-        }
-
-        fp_clear(n1);
-        fp_clear(y);
-        fp_clear(r);
-        fp_clear(b);
-        fp_clear(c);
-        WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT);
-        WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#else
-    (void)t;
-#endif /* !WC_NO_RNG */
-
-    *result = ret;
-    return FP_OKAY;
-}
-#endif /* !NO_RSA || !NO_DSA || !NO_DH || WOLFSSL_KEY_GEN */
-
-
-int mp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t)
-{
-    return fp_cond_swap_ct_ex(a, b, c, m, t);
-}
-
-int mp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m)
-{
-    return fp_cond_swap_ct(a, b, c, m);
-}
-
-#ifdef WOLFSSL_KEY_GEN
-
-static int  fp_gcd(fp_int *a, fp_int *b, fp_int *c);
-static int  fp_lcm(fp_int *a, fp_int *b, fp_int *c);
-static int  fp_randprime(fp_int* a, int len, WC_RNG* rng, void* heap);
-
-int mp_gcd(fp_int *a, fp_int *b, fp_int *c)
-{
-    return fp_gcd(a, b, c);
-}
-
-
-int mp_lcm(fp_int *a, fp_int *b, fp_int *c)
-{
-    return fp_lcm(a, b, c);
-}
-
-int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap)
-{
-    int err;
-
-    err = fp_randprime(a, len, rng, heap);
-    switch(err) {
-        case WC_NO_ERR_TRACE(MP_VAL):
-            return MP_VAL;
-        case WC_NO_ERR_TRACE(MP_MEM):
-            return MP_MEM;
-        default:
-            break;
-    }
-
-    return MP_OKAY;
-}
-
-int mp_exch (mp_int * a, mp_int * b)
-{
-    return fp_exch(a, b);
-}
-
-
-
-int fp_randprime(fp_int* a, int len, WC_RNG* rng, void* heap)
-{
-    static const int USE_BBS = 1;
-    int   err, type;
-    int   isPrime = FP_YES;
-        /* Assume the candidate is probably prime and then test until
-         * it is proven composite. */
-    byte* buf;
-
-    (void)heap;
-
-    /* get type */
-    if (len < 0) {
-        type = USE_BBS;
-        len = -len;
-    } else {
-        type = 0;
-    }
-
-    /* allow sizes between 2 and 512 bytes for a prime size */
-    if (len < 2 || len > 512) {
-        return FP_VAL;
-    }
-
-    /* allocate buffer to work with */
-    buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (buf == NULL) {
-        return FP_MEM;
-    }
-    XMEMSET(buf, 0, len);
-
-    do {
-#ifdef SHOW_GEN
-        printf(".");
-        fflush(stdout);
-#endif
-        /* generate value */
-        err = wc_RNG_GenerateBlock(rng, buf, len);
-        if (err != 0) {
-            XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return FP_VAL;
-        }
-
-        /* munge bits */
-        buf[0]     |= 0x80 | 0x40;
-        buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
-
-        /* load value */
-        err = fp_read_unsigned_bin(a, buf, len);
-        if (err != 0) {
-            XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return err;
-        }
-
-        /* test */
-        /* Running Miller-Rabin up to 3 times gives us a 2^{-80} chance
-         * of a 1024-bit candidate being a false positive, when it is our
-         * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.)
-         * Using 8 because we've always used 8 */
-        mp_prime_is_prime_ex(a, 8, &isPrime, rng);
-    } while (isPrime == FP_NO);
-
-    XMEMSET(buf, 0, len);
-    XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return FP_OKAY;
-}
-
-/* c = [a, b] */
-int fp_lcm(fp_int *a, fp_int *b, fp_int *c)
-{
-   int     err;
-   WC_DECLARE_VAR(t, fp_int, 2, 0);
-
-   /* LCM of 0 and any number is undefined as 0 is not in the set of values
-    * being used. */
-   if (fp_iszero(a) == FP_YES || fp_iszero(b) == FP_YES) {
-       return FP_VAL;
-   }
-
-   WC_ALLOC_VAR_EX(t, fp_int, 2, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-   fp_init(&t[0]);
-   fp_init(&t[1]);
-   err = fp_gcd(a, b, &t[0]);
-   if (err == FP_OKAY) {
-      if (fp_cmp_mag(a, b) == FP_GT) {
-        err = fp_div(a, &t[0], &t[1], NULL);
-        if (err == FP_OKAY)
-          err = fp_mul(b, &t[1], c);
-     } else {
-        err = fp_div(b, &t[0], &t[1], NULL);
-        if (err == FP_OKAY)
-          err = fp_mul(a, &t[1], c);
-     }
-   }
-
-   WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-   return err;
-}
-
-
-
-/* c = (a, b) */
-int fp_gcd(fp_int *a, fp_int *b, fp_int *c)
-{
-#ifndef WOLFSSL_SMALL_STACK
-   fp_int u[1], v[1], r[1];
-#else
-   fp_int *u, *v, *r;
-#endif
-
-   /* GCD of 0 and 0 is undefined as all integers divide 0. */
-   if (fp_iszero(a) == FP_YES && fp_iszero(b) == FP_YES) {
-       return FP_VAL;
-   }
-
-   /* either zero than gcd is the largest */
-   if (fp_iszero (a) == FP_YES && fp_iszero (b) == FP_NO) {
-     fp_abs (b, c);
-     return FP_OKAY;
-   }
-   if (fp_iszero (a) == FP_NO && fp_iszero (b) == FP_YES) {
-     fp_abs (a, c);
-     return FP_OKAY;
-   }
-
-   /* optimized.  At this point if a == 0 then
-    * b must equal zero too
-    */
-   if (fp_iszero (a) == FP_YES) {
-     fp_zero(c);
-     return FP_OKAY;
-   }
-
-#ifdef WOLFSSL_SMALL_STACK
-   u = (fp_int*)XMALLOC(sizeof(fp_int) * 3, NULL, DYNAMIC_TYPE_BIGINT);
-   if (u == NULL) {
-       return FP_MEM;
-   }
-   v = &u[1]; r = &u[2];
-#endif
-
-   /* sort inputs */
-   if (fp_cmp_mag(a, b) != FP_LT) {
-      fp_init_copy(u, a);
-      fp_init_copy(v, b);
-   } else {
-      fp_init_copy(u, b);
-      fp_init_copy(v, a);
-   }
-
-   u->sign = FP_ZPOS;
-   v->sign = FP_ZPOS;
-
-   fp_init(r);
-   while (fp_iszero(v) == FP_NO) {
-      int err = fp_mod(u, v, r);
-      if (err != MP_OKAY) {
-          WC_FREE_VAR_EX(u, NULL, DYNAMIC_TYPE_BIGINT);
-        return err;
-      }
-      fp_copy(v, u);
-      fp_copy(r, v);
-   }
-   fp_copy(u, c);
-
-   WC_FREE_VAR_EX(u, NULL, DYNAMIC_TYPE_BIGINT);
-   return FP_OKAY;
-}
-
-#endif /* WOLFSSL_KEY_GEN */
-
-
-#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(OPENSSL_EXTRA) || \
-    defined(WC_RSA_BLINDING) || !defined(NO_DSA) || \
-    (!defined(NO_RSA) && !defined(NO_RSA_BOUNDS_CHECK))
-/* c = a + b */
-int fp_add_d(fp_int *a, fp_digit b, fp_int *c)
-{
-   WC_DECLARE_VAR(tmp, fp_int, 1, 0);
-   int     err;
-
-   WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT,
-       return FP_MEM);
-
-   fp_init(tmp);
-   fp_set(tmp, b);
-   err = fp_add(a, tmp, c);
-
-   WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT);
-   return err;
-}
-
-/* external compatibility */
-int mp_add_d(fp_int *a, fp_digit b, fp_int *c)
-{
-    return fp_add_d(a, b, c);
-}
-
-#endif  /* HAVE_ECC || !NO_PWDBASED || OPENSSL_EXTRA || WC_RSA_BLINDING ||
-  !NO_DSA || (!NO_RSA && !NO_RSA_BOUNDS_CHECK) */
-
-
-#if !defined(NO_DSA) || defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || \
-    defined(HAVE_COMP_KEY) || defined(WOLFSSL_DEBUG_MATH) || \
-    defined(DEBUG_WOLFSSL) || defined(OPENSSL_EXTRA) || defined(WC_MP_TO_RADIX)
-
-/* chars used in radix conversions */
-static wcchar fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-                                    "abcdefghijklmnopqrstuvwxyz+/";
-#endif
-
-#if defined(OPENSSL_EXTRA) || !defined(NO_DSA) || defined(HAVE_ECC)
-#if DIGIT_BIT == 64 || DIGIT_BIT == 32
-static int fp_read_radix_16(fp_int *a, const char *str)
-{
-  int     i, j, k, neg;
-  int     ch;
-  /* Skip whitespace at end of line */
-  int     eol_done = 0;
-
-  /* if the leading digit is a
-   * minus set the sign to negative.
-   */
-  if (*str == '-') {
-    ++str;
-    neg = FP_NEG;
-  } else {
-    neg = FP_ZPOS;
-  }
-
-  j = 0;
-  k = 0;
-  for (i = (int)(XSTRLEN(str) - 1); i >= 0; i--) {
-      ch = (int)HexCharToByte(str[i]);
-      if (ch < 0) {
-        if (!eol_done && CharIsWhiteSpace(str[i]))
-          continue;
-        return FP_VAL;
-      }
-      eol_done = 1;
-
-      k += j == DIGIT_BIT;
-      j &= DIGIT_BIT - 1;
-      if (k >= FP_SIZE)
-          return FP_VAL;
-
-      a->dp[k] |= ((fp_digit)ch) << j;
-      j += 4;
-  }
-
-  a->used = k + 1;
-  fp_clamp(a);
-  /* set the sign only if a != 0 */
-  if (fp_iszero(a) != FP_YES) {
-     a->sign = neg;
-  }
-  return FP_OKAY;
-}
-#endif
-
-static int fp_read_radix(fp_int *a, const char *str, int radix)
-{
-  int     y, neg;
-  char    ch;
-
-  /* set the integer to the default of zero */
-  fp_zero (a);
-
-#if DIGIT_BIT == 64 || DIGIT_BIT == 32
-  if (radix == 16)
-      return fp_read_radix_16(a, str);
-#endif
-
-  /* make sure the radix is ok */
-  if (radix < 2 || radix > 64) {
-    return FP_VAL;
-  }
-
-  /* if the leading digit is a
-   * minus set the sign to negative.
-   */
-  if (*str == '-') {
-    ++str;
-    neg = FP_NEG;
-  } else {
-    neg = FP_ZPOS;
-  }
-
-  /* process each digit of the string */
-  while (*str) {
-    /* if the radix <= 36 the conversion is case insensitive
-     * this allows numbers like 1AB and 1ab to represent the same  value
-     * [e.g. in hex]
-     */
-    ch = (char)((radix <= 36) ? XTOUPPER((unsigned char)*str) : *str);
-    for (y = 0; y < 64; y++) {
-      if (ch == fp_s_rmap[y]) {
-         break;
-      }
-    }
-    if (y >= radix) {
-      /* Check if whitespace at end of line */
-      while (CharIsWhiteSpace(*str))
-        ++str;
-      if (*str)
-        return FP_VAL;
-      else
-        break;
-    }
-
-    /* if the char was found in the map
-     * and is less than the given radix add it
-     * to the number, otherwise exit the loop.
-     */
-    if (y < radix) {
-      int ret = fp_mul_d (a, (fp_digit) radix, a);
-      if (ret != FP_OKAY)
-        return ret;
-      ret = fp_add_d (a, (fp_digit) y, a);
-      if (ret != FP_OKAY)
-        return ret;
-    } else {
-      break;
-    }
-    ++str;
-  }
-
-  /* set the sign only if a != 0 */
-  if (fp_iszero(a) != FP_YES) {
-     a->sign = neg;
-  }
-  return FP_OKAY;
-}
-
-/* fast math conversion */
-int mp_read_radix(mp_int *a, const char *str, int radix)
-{
-    return fp_read_radix(a, str, radix);
-}
-
-#endif /* !defined(NO_DSA) || defined(HAVE_ECC) */
-
-#if defined(HAVE_ECC) || (!defined(NO_RSA) && defined(WC_RSA_BLINDING))
-
-int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
-{
-    return fp_montgomery_reduce(a, m, mp);
-}
-
-int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct)
-{
-    return fp_montgomery_reduce_ex(a, m, mp, ct);
-}
-
-
-/* fast math conversion */
-int mp_montgomery_setup(fp_int *a, fp_digit *rho)
-{
-    return fp_montgomery_setup(a, rho);
-}
-
-#endif /* HAVE_ECC || (!NO_RSA && WC_RSA_BLINDING) */
-
-/* fast math conversion */
-int mp_sqr(fp_int *A, fp_int *B)
-{
-    return fp_sqr(A, B);
-}
-
-#ifdef HAVE_ECC
-
-/* fast math conversion */
-int mp_div_2(fp_int * a, fp_int * b)
-{
-    fp_div_2(a, b);
-    return MP_OKAY;
-}
-
-/* c = a / 2 (mod b) - constant time (a < b and positive) */
-int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c)
-{
-  return fp_div_2_mod_ct(a, b, c);
-}
-
-#ifdef HAVE_COMP_KEY
-
-int mp_cnt_lsb(fp_int* a)
-{
-    return fp_cnt_lsb(a);
-}
-
-#endif /* HAVE_COMP_KEY */
-
-#endif /* HAVE_ECC */
-
-#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DSA) || \
-    defined(WOLFSSL_KEY_GEN)
-/* fast math conversion */
-int mp_set(fp_int *a, fp_digit b)
-{
-    fp_set(a,b);
-    return MP_OKAY;
-}
-#endif
-
-#ifdef WC_MP_TO_RADIX
-
-/* returns size of ASCII representation */
-int mp_radix_size (mp_int *a, int radix, int *size)
-{
-    int      res, digs;
-    fp_digit d;
-    WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-    *size = 0;
-
-    /* special case for binary */
-    if (radix == 2) {
-        *size = fp_count_bits(a);
-        if (*size == 0)
-          *size = 1;
-        *size += (a->sign == FP_NEG ? 1 : 0) + 1; /* "-" sign + null term */
-        return FP_OKAY;
-    }
-
-    /* make sure the radix is in range */
-    if (radix < 2 || radix > 64) {
-        return FP_VAL;
-    }
-
-    if (fp_iszero(a) == MP_YES) {
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-        if (radix == 16)
-            *size = 3;
-        else
-#endif
-            *size = 2;
-        return FP_OKAY;
-    }
-
-    /* digs is the digit count */
-    digs = 0;
-
-    WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-    /* Init a copy (t) of the input (a)
-    **
-    ** ALERT: Not calling fp_init_copy() as some compiler optimization settings
-    ** such as -O2 will complain that (t) "may be used uninitialized"
-    ** The fp_init() is here only to appease the compiler.  */
-    fp_init(t);
-    fp_copy(a, t); /* copy (src = a) to (dst = t)*/
-
-    /* force temp to positive */
-    t->sign = FP_ZPOS;
-
-    /* fetch out all of the digits */
-    while (fp_iszero (t) == FP_NO) {
-        if ((res = fp_div_d (t, (mp_digit) radix, t, &d)) != FP_OKAY) {
-            fp_zero (t);
-            WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-            return res;
-        }
-        ++digs;
-    }
-    fp_zero (t);
-
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-    /* For hexadecimal output, add zero padding when number of digits is odd */
-    if ((digs & 1) && (radix == 16)) {
-        ++digs;
-    }
-#endif
-
-    /* if it's negative add one for the sign */
-    if (a->sign == FP_NEG) {
-        ++digs;
-    }
-
-    /* return digs + 1, the 1 is for the NULL byte that would be required. */
-    *size = digs + 1;
-    WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_OKAY;
-}
-
-/* stores a bignum as a ASCII string in a given radix (2..64) */
-int mp_toradix (mp_int *a, char *str, int radix)
-{
-    int      res, digs;
-    fp_digit d;
-    char     *_s = str;
-    WC_DECLARE_VAR(t, fp_int, 1, 0);
-
-    /* check range of the radix */
-    if (radix < 2 || radix > 64) {
-        return FP_VAL;
-    }
-
-    /* quick out if its zero */
-    if (fp_iszero(a) == FP_YES) {
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-        if (radix == 16)
-            *str++ = '0';
-#endif
-        *str++ = '0';
-        *str = '\0';
-        return FP_OKAY;
-    }
-
-    WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM);
-
-    /* Init a copy (t) of the input (a)
-    **
-    ** ALERT: Not calling fp_init_copy() as some compiler optimization settings
-    ** such as -O2 will complain that (t) "may be used uninitialized"
-    ** The fp_init() is here only to appease the compiler.  */
-    fp_init(t);
-    fp_copy(a, t); /* copy (src = a) to (dst = t) */
-
-    /* if it is negative output a - */
-    if (t->sign == FP_NEG) {
-        ++_s;
-        *str++ = '-';
-        t->sign = FP_ZPOS;
-    }
-
-    digs = 0;
-    while (fp_iszero (t) == FP_NO) {
-        if ((res = fp_div_d (t, (fp_digit) radix, t, &d)) != FP_OKAY) {
-            fp_zero (t);
-            WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-            return res;
-        }
-        *str++ = fp_s_rmap[d];
-        ++digs;
-    }
-#ifndef WC_DISABLE_RADIX_ZERO_PAD
-    /* For hexadecimal output, add zero padding when number of digits is odd */
-    if ((digs & 1) && (radix == 16)) {
-        *str++ = fp_s_rmap[0];
-        ++digs;
-    }
-#endif
-    /* reverse the digits of the string.  In this case _s points
-     * to the first digit [excluding the sign] of the number]
-     */
-    mp_reverse ((unsigned char *)_s, digs);
-
-    /* append a NULL so the string is properly terminated */
-    *str = '\0';
-
-    fp_zero (t);
-    WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT);
-    return FP_OKAY;
-}
-
-#ifdef WOLFSSL_DEBUG_MATH
-void mp_dump(const char* desc, mp_int* a, byte verbose)
-{
-  char buffer[FP_SIZE * sizeof(fp_digit) * 2];
-  int size;
-
-#if defined(ALT_ECC_SIZE) || defined(HAVE_WOLF_BIGINT)
-  size = a->size;
-#else
-  size = FP_SIZE;
-#endif
-
-  printf("%s: ptr=%p, used=%d, sign=%d, size=%d, fpd=%d\n",
-    desc, a, a->used, a->sign, size, (int)sizeof(fp_digit));
-
-  mp_tohex(a, buffer);
-  printf("  %s\n  ", buffer);
-
-  if (verbose) {
-    int i;
-    for(i=0; i<size * (int)sizeof(fp_digit); i++) {
-      printf("%x ", *(((byte*)a->dp) + i));
-    }
-    printf("\n");
-  }
-}
-#endif /* WOLFSSL_DEBUG_MATH */
-
-#endif /* WC_MP_TO_RADIX */
-
-
-int mp_abs(mp_int* a, mp_int* b)
-{
-  fp_abs(a, b);
-  return FP_OKAY;
-}
-
-
-int mp_lshd (mp_int * a, int b)
-{
-  return fp_lshd(a, b);
-}
-
-#ifdef WOLFSSL_CHECK_MEM_ZERO
-void mp_memzero_add(const char* name, mp_int* a)
-{
-    wc_MemZero_Add(name, a->dp, sizeof(a->dp));
-}
-
-void mp_memzero_check(mp_int* a)
-{
-    wc_MemZero_Check(a->dp, sizeof(a->dp));
-}
-#endif /* WOLFSSL_CHECK_MEM_ZERO */
-
-#endif /* USE_FAST_MATH */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_dsp.c b/src/ssl/wolfssl/wolfcrypt/wc_dsp.c
deleted file mode 100644
index 856245b56..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_dsp.c
+++ /dev/null
@@ -1,325 +0,0 @@
-/* wc_dsp.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_DSP)
-#include "remote.h"
-#include "rpcmem.h"
-static wolfSSL_DSP_Handle_cb handle_function = NULL;
-static remote_handle64 defaultHandle;
-static wolfSSL_Mutex handle_mutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(handle_mutex); /* mutex for access to single default handle */
-
-#define WOLFSSL_HANDLE_DONE 1
-#define WOLFSSL_HANDLE_GET 0
-
-/* callback function for setting the default handle in single threaded
- * use cases */
-static int default_handle_cb(remote_handle64 *handle, int finished, void *ctx)
-{
-    (void)ctx;
-    if (finished == WOLFSSL_HANDLE_DONE) {
-        if (wc_UnLockMutex(&handle_mutex) != 0) {
-            WOLFSSL_MSG("Unlock handle mutex failed");
-            return -1;
-        }
-    }
-    else {
-        if (wc_LockMutex(&handle_mutex) != 0) {
-            WOLFSSL_MSG("Lock handle mutex failed");
-            return -1;
-        }
-        *handle = defaultHandle;
-    }
-    return 0;
-}
-
-
-/* Set global callback for getting handle to use
- * return 0 on success */
-int wolfSSL_SetHandleCb(wolfSSL_DSP_Handle_cb in)
-{
-    handle_function = in;
-    return 0;
-}
-
-
-/* returns 1 if global handle callback is set and 0 if not */
-int wolfSSL_GetHandleCbSet()
-{
-    return (handle_function != NULL)? 1: 0;
-}
-
-
-/* Local function for setting up default handle
- * returns 0 on success */
-int wolfSSL_InitHandle()
-{
-    char *sp_URI_value;
-    int ret;
-
-    sp_URI_value = wolfSSL_URI "&_dom=adsp";
-    ret = wolfSSL_open(sp_URI_value, &defaultHandle);
-    if (ret != 0) {
-        WOLFSSL_MSG("Unable to open aDSP?");
-        return -1;
-    }
-    wolfSSL_SetHandleCb(default_handle_cb);
-#ifndef WOLFSSL_MUTEX_INITIALIZER
-    ret = wc_InitMutex(&handle_mutex);
-    if (ret != 0) {
-        WOLFSSL_MSG("Unable to init handle mutex");
-        return -1;
-    }
-#endif
-    return 0;
-}
-
-
-/* internal function that closes default handle and frees mutex */
-void wolfSSL_CleanupHandle()
-{
-    wolfSSL_close(defaultHandle);
-#ifndef WOLFSSL_MUTEX_INITIALIZER
-    wc_FreeMutex(&handle_mutex);
-#endif
-}
-#if defined(WOLFSSL_HAVE_SP_ECC)
-
-/* ecc conversion from sp_c32.c */
-#include <wolfssl/wolfcrypt/sp.h>
-
-
-#ifndef WOLFSSL_SP_NO_256
-
-#ifdef HAVE_ECC_VERIFY
-/* Read big endian unsigned byte array into r.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  Byte array.
- * n  Number of bytes in array to read.
- */
-static void int_256_from_bin(int32* r, int size, const byte* a, int n)
-{
-    int i, j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = n-1; i >= 0; i--) {
-        r[j] |= (((int32)a[i]) << s);
-        if (s >= 18U) {
-            r[j] &= 0x3ffffff;
-            s = 26U - s;
-            if (j + 1 >= size) {
-                break;
-            }
-            r[++j] = (int32)a[i] >> s;
-            s = 8U - s;
-        }
-        else {
-            s += 8U;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-}
-
-/* Convert an mp_int to an array of sp_digit.
- *
- * r  A single precision integer.
- * size  Maximum number of bytes to convert
- * a  A multi-precision integer.
- */
-static void int_256_from_mp(int32* r, int size, const mp_int* a)
-{
-#if DIGIT_BIT == 26
-    int j;
-
-    XMEMCPY(r, a->dp, sizeof(int32) * a->used);
-
-    for (j = a->used; j < size; j++) {
-        r[j] = 0;
-    }
-#elif DIGIT_BIT > 26
-    int i, j = 0;
-    word32 s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < a->used && j < size; i++) {
-        r[j] |= ((int32)a->dp[i] << s);
-        r[j] &= 0x3ffffff;
-        s = 26U - s;
-        if (j + 1 >= size) {
-            break;
-        }
-        /* lint allow cast of mismatch word32 and mp_digit */
-        r[++j] = (int32)(a->dp[i] >> s); /*lint !e9033*/
-        while ((s + 26U) <= (word32)DIGIT_BIT) {
-            s += 26U;
-            r[j] &= 0x3ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            if (s < (word32)DIGIT_BIT) {
-                /* lint allow cast of mismatch word32 and mp_digit */
-                r[++j] = (int32)(a->dp[i] >> s); /*lint !e9033*/
-            }
-            else {
-                r[++j] = 0L;
-            }
-        }
-        s = (word32)DIGIT_BIT - s;
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#else
-    int i, j = 0, s = 0;
-
-    r[0] = 0;
-    for (i = 0; i < a->used && j < size; i++) {
-        r[j] |= ((int32)a->dp[i]) << s;
-        if (s + DIGIT_BIT >= 26) {
-            r[j] &= 0x3ffffff;
-            if (j + 1 >= size) {
-                break;
-            }
-            s = 26 - s;
-            if (s == DIGIT_BIT) {
-                r[++j] = 0;
-                s = 0;
-            }
-            else {
-                r[++j] = a->dp[i] >> s;
-                s = DIGIT_BIT - s;
-            }
-        }
-        else {
-            s += DIGIT_BIT;
-        }
-    }
-
-    for (j++; j < size; j++) {
-        r[j] = 0;
-    }
-#endif
-}
-
-/* Verify the signature values with the hash and public key.
- *   e = Truncate(hash, 256)
- *   u1 = e/s mod order
- *   u2 = r/s mod order
- *   r == (u1.G + u2.Q)->x mod order
- * Optimization: Leave point in projective form.
- *   (x, y, 1) == (x' / z'*z', y' / z'*z'*z', z' / z')
- *   (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x'
- * The hash is truncated to the first 256 bits.
- *
- * hash     Hash to sign.
- * hashLen  Length of the hash data.
- * rng      Random number generator.
- * priv     Private part of key - scalar.
- * rm       First part of result as an mp_int.
- * sm       Sirst part of result as an mp_int.
- * heap     Heap to use for allocation.
- * returns RNG failures, MEMORY_E when memory allocation fails and
- * MP_OKAY on success.
- */
-int sp_dsp_ecc_verify_256(remote_handle64 handleIn, const byte* hash, word32 hashLen, mp_int* pX,
-    mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap)
-{
-    int ret;
-    remote_handle64 handle = handleIn;
-
-#if 0
-    /* calling to alloc memory on the ION using these settings slowed the performance down slightly */
-    int32 *x = (int32*)rpcmem_alloc(RPCMEM_HEAP_ID_SYSTEM, RPCMEM_DEFAULT_FLAGS, 10*sizeof(int));
-    int32 *y = (int32*)rpcmem_alloc(RPCMEM_HEAP_ID_SYSTEM, RPCMEM_DEFAULT_FLAGS, 10*sizeof(int));
-    int32 *z = (int32*)rpcmem_alloc(RPCMEM_HEAP_ID_SYSTEM, RPCMEM_DEFAULT_FLAGS, 10*sizeof(int));
-    int32 *s = (int32*)rpcmem_alloc(RPCMEM_HEAP_ID_SYSTEM, RPCMEM_DEFAULT_FLAGS, 10*sizeof(int));
-    int32 *u1 = (int32*)rpcmem_alloc(RPCMEM_HEAP_ID_SYSTEM, RPCMEM_DEFAULT_FLAGS, 10*sizeof(int));
-    int32 *u2 = (int32*)rpcmem_alloc(RPCMEM_HEAP_ID_SYSTEM, RPCMEM_DEFAULT_FLAGS, 10*sizeof(int));
-#endif
-    int32 x[10] __attribute__((aligned(128)));
-    int32 y[10] __attribute__((aligned(128)));
-    int32 z[10] __attribute__((aligned(128)));
-    int32 s[10] __attribute__((aligned(128)));
-    int32 u1[10] __attribute__((aligned(128)));
-    int32 u2[10] __attribute__((aligned(128)));
-
-    if (hashLen > 32U) {
-        hashLen = 32U;
-    }
-
-    int_256_from_bin(u1, 10, hash, (int)hashLen);
-    int_256_from_mp(u2, 10, r);
-    int_256_from_mp(s, 10, sm);
-    int_256_from_mp(x, 10, pX);
-    int_256_from_mp(y, 10, pY);
-    int_256_from_mp(z, 10, pZ);
-
-    if (handle_function != NULL) {
-        handle_function(&handle, WOLFSSL_HANDLE_GET, NULL);
-    }
-
-    *res = 0;
-    ret = wolfSSL_DSP_ECC_Verify_256(handle, u1, 10, u2, 10, s, 10, x, 10, y, 10, z, 10, res);
-
-    if (handle_function != NULL) {
-        handle_function(&handle, WOLFSSL_HANDLE_DONE, NULL);
-    }
-#if 0
-    rpcmem_free(x);
-    rpcmem_free(y);
-    rpcmem_free(z);
-    rpcmem_free(s);
-    rpcmem_free(u1);
-    rpcmem_free(u2);
-#endif
-    return ret;
-}
-
-
-/* Used to assign a handle to an ecc_key structure.
- * returns 0 on success */
-int wc_ecc_set_handle(ecc_key* key, remote_handle64 handle)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    key->handle = handle;
-    return 0;
-}
-#endif /* HAVE_ECC_VERIFY */
-#endif /* !WOLFSSL_SP_NO_256 */
-#endif /* WOLFSSL_HAVE_SP_ECC */
-#endif /* WOLFSSL_DSP */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_lms.c b/src/ssl/wolfssl/wolfcrypt/wc_lms.c
deleted file mode 100644
index 94634140e..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_lms.c
+++ /dev/null
@@ -1,1336 +0,0 @@
-/* wc_lms.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_WC_LMS)
-#include <wolfssl/wolfcrypt/wc_lms.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-
-/* Calculate u. Appendix B. Works for w of 1, 2, 4, or 8.
- *
- * @param [in] w  Winternitz width.
- */
-#define LMS_U(w, hLen)              \
-    (8 * (hLen) / (w))
-/* Calculate u. Appendix B. Works for w of 1, 2, 4, or 8.
- *
- * @param [in] w   Winternitz width.
- * @param [in] wb  Winternitz width length in bits.
- */
-#define LMS_V(w, wb)                \
-    (2 + (8 - (wb)) / (w))
-/* Calculate ls. Appendix B. Works for w of 1, 2, 4, or 8.
- *
- * @param [in] w   Winternitz width.
- * @param [in] wb  Winternitz width length in bits.
- */
-#define LMS_LS(w, wb)               \
-    (16 - LMS_V(w, wb) * (w))
-/* Calculate p. Appendix B. Works for w of 1, 2, 4, or 8.
- *
- * @param [in] w   Winternitz width.
- * @param [in] wb  Winternitz width length in bits.
- */
-#define LMS_P(w, wb, hLen)          \
-    (LMS_U(w, hLen) + LMS_V(w, wb))
-/* Calculate signature length.
- *
- * @param [in] l  Number of levels.
- * @param [in] h  Height of the trees.
- * @param [in] p  Number of n-byte string elements in signature for a tree.
- */
-#define LMS_PARAMS_SIG_LEN(l, h, p, hLen)               \
-    (4 + (l) * (4 + 4 + 4 + (hLen) * (1 + (p) + (h))) + \
-     ((l) - 1) * LMS_PUBKEY_LEN(hLen))
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-    /* Root levels and leaf cache bits. */
-    #define LMS_PARAMS_CACHE(h)                             \
-        (((h) < LMS_ROOT_LEVELS) ? (h) : LMS_ROOT_LEVELS),  \
-        (((h) < LMS_CACHE_BITS ) ? (h) : LMS_CACHE_BITS )
-#else
-    /* Root levels and leaf cache bits aren't in structure. */
-    #define LMS_PARAMS_CACHE(h) /* null expansion */
-#endif
-
-/* Define parameters entry for LMS.
- *
- * @param [in] l   Number of levels.
- * @param [in] h   Height of the trees.
- * @param [in] w   Winternitz width.
- * @param [in] wb  Winternitz width length in bits.
- * @param [in] t   LMS type.
- * @param [in] t2  LM-OTS type.
- */
-#define LMS_PARAMS(l, h, w, wb, t, t2, hLen)                \
-    { l, h, w, LMS_LS(w, wb), LMS_P(w, wb, hLen), t, t2,    \
-      LMS_PARAMS_SIG_LEN(l, h, LMS_P(w, wb, hLen), hLen),   \
-      (hLen), LMS_PARAMS_CACHE(h) }
-
-
-/* Initialize the working state for LMS operations.
- *
- * @param [in, out] state   LMS state.
- * @param [in]      params  LMS parameters.
- */
-static int wc_lmskey_state_init(LmsState* state, const LmsParams* params)
-{
-    int ret;
-
-    /* Zero out every field. */
-    XMEMSET(state, 0, sizeof(LmsState));
-
-    /* Keep a reference to the parameters for use in operations. */
-    state->params = params;
-
-    /* Initialize the two hash algorithms. */
-    ret = wc_InitSha256(&state->hash);
-    if (ret == 0) {
-        ret = wc_InitSha256(&state->hash_k);
-        if (ret != 0) {
-            wc_Sha256Free(&state->hash);
-        }
-    }
-
-    return ret;
-}
-
-/* Free the working state for LMS operations.
- *
- * @param [in] state  LMS state.
- */
-static void wc_lmskey_state_free(LmsState* state)
-{
-    wc_Sha256Free(&state->hash_k);
-    wc_Sha256Free(&state->hash);
-}
-
-/* Supported LMS parameters. */
-static const wc_LmsParamsMap wc_lms_map[] = {
-#ifndef WOLFSSL_NO_LMS_SHA256_256
-#if LMS_MAX_HEIGHT >= 15
-    { WC_LMS_PARM_NONE     , "LMS_NONE"         ,
-      LMS_PARAMS(1, 15, 2, 1, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H15_W2, "LMS/HSS L1_H15_W2",
-      LMS_PARAMS(1, 15, 2, 1, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H15_W4, "LMS/HSS L1_H15_W4",
-      LMS_PARAMS(1, 15, 4, 2, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_LEVELS >= 2
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_L2_H10_W2, "LMS/HSS L2_H10_W2",
-      LMS_PARAMS(2, 10, 2, 1, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H10_W4, "LMS/HSS L2_H10_W4",
-      LMS_PARAMS(2, 10, 4, 2, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H10_W8, "LMS/HSS L2_H10_W8",
-      LMS_PARAMS(2, 10, 8, 3, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#endif
-#if LMS_MAX_LEVELS >= 3
-    { WC_LMS_PARM_L3_H5_W2 , "LMS/HSS L3_H5_W2" ,
-      LMS_PARAMS(3,  5, 2, 1, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L3_H5_W4 , "LMS/HSS L3_H5_W4" ,
-      LMS_PARAMS(3,  5, 4, 2, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L3_H5_W8 , "LMS/HSS L3_H5_W8" ,
-      LMS_PARAMS(3,  5, 8, 3, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_L3_H10_W4, "LMS/HSS L3_H10_W4",
-      LMS_PARAMS(3, 10, 4, 2, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#endif
-#if LMS_MAX_LEVELS >= 4
-    { WC_LMS_PARM_L4_H5_W8 , "LMS/HSS L4_H5_W8" ,
-      LMS_PARAMS(4,  5, 8, 3, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-
-    /* For when user sets L, H, W explicitly. */
-    { WC_LMS_PARM_L1_H5_W1 , "LMS/HSS_L1_H5_W1" ,
-      LMS_PARAMS(1,  5, 1, 1, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W1,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H5_W2 , "LMS/HSS_L1_H5_W2" ,
-      LMS_PARAMS(1,  5, 2, 1, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H5_W4 , "LMS/HSS_L1_H5_W4" ,
-      LMS_PARAMS(1,  5, 4, 2, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H5_W8 , "LMS/HSS_L1_H5_W8" ,
-      LMS_PARAMS(1,  5, 8, 3, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_L1_H10_W2 , "LMS/HSS_L1_H10_W2",
-      LMS_PARAMS(1, 10, 2, 1, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H10_W4 , "LMS/HSS_L1_H10_W4",
-      LMS_PARAMS(1, 10, 4, 2, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H10_W8 , "LMS/HSS_L1_H10_W8",
-      LMS_PARAMS(1, 10, 8, 3, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_HEIGHT >= 15
-    { WC_LMS_PARM_L1_H15_W8 , "LMS/HSS L1_H15_W8",
-      LMS_PARAMS(1, 15, 8, 3, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_HEIGHT >= 20
-    { WC_LMS_PARM_L1_H20_W2 , "LMS/HSS_L1_H20_W2",
-      LMS_PARAMS(1, 20, 2, 1, LMS_SHA256_M32_H20, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H20_W4 , "LMS/HSS_L1_H20_W4",
-      LMS_PARAMS(1, 20, 4, 2, LMS_SHA256_M32_H20, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L1_H20_W8 , "LMS/HSS_L1_H20_W8",
-      LMS_PARAMS(1, 20, 8, 3, LMS_SHA256_M32_H20, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_LEVELS >= 2
-    { WC_LMS_PARM_L2_H5_W2 , "LMS/HSS_L2_H5_W2" ,
-      LMS_PARAMS(2,  5, 2, 1, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H5_W4 , "LMS/HSS_L2_H5_W4" ,
-      LMS_PARAMS(2,  5, 4, 2, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H5_W8 , "LMS/HSS_L2_H5_W8" ,
-      LMS_PARAMS(2,  5, 8, 3, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#if LMS_MAX_HEIGHT >= 15
-    { WC_LMS_PARM_L2_H15_W2 , "LMS/HSS_L2_H15_W2",
-      LMS_PARAMS(2, 15, 2, 1, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H15_W4 , "LMS/HSS_L2_H15_W4",
-      LMS_PARAMS(2, 15, 4, 2, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H15_W8 , "LMS/HSS_L2_H15_W8",
-      LMS_PARAMS(2, 15, 8, 3, LMS_SHA256_M32_H15, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_HEIGHT >= 20
-    { WC_LMS_PARM_L2_H20_W2 , "LMS/HSS_L2_H20_W2",
-      LMS_PARAMS(2, 20, 2, 1, LMS_SHA256_M32_H20, LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H20_W4 , "LMS/HSS_L2_H20_W4",
-      LMS_PARAMS(2, 20, 4, 2, LMS_SHA256_M32_H20, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L2_H20_W8 , "LMS/HSS_L2_H20_W8",
-      LMS_PARAMS(2, 20, 8, 3, LMS_SHA256_M32_H20, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#endif
-#if LMS_MAX_LEVELS >= 3
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_L3_H10_W8 , "LMS/HSS L3_H10_W8",
-      LMS_PARAMS(3, 10, 8, 3, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#endif
-#if LMS_MAX_LEVELS >= 4
-    { WC_LMS_PARM_L4_H5_W2 , "LMS/HSS L4_H5_W2" ,
-      LMS_PARAMS(4,  5, 2, 1, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W2,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L4_H5_W4 , "LMS/HSS L4_H5_W4" ,
-      LMS_PARAMS(4,  5, 4, 2, LMS_SHA256_M32_H5 , LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_L4_H10_W4 , "LMS/HSS L4_H10_W4",
-      LMS_PARAMS(4, 10, 4, 2, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W4,
-                 WC_SHA256_DIGEST_SIZE) },
-    { WC_LMS_PARM_L4_H10_W8 , "LMS/HSS L4_H10_W8",
-      LMS_PARAMS(4, 10, 8, 3, LMS_SHA256_M32_H10, LMOTS_SHA256_N32_W8,
-                 WC_SHA256_DIGEST_SIZE) },
-#endif
-#endif
-#endif /* !WOLFSSL_NO_LMS_SHA256_256 */
-
-#ifdef WOLFSSL_LMS_SHA256_192
-#if LMS_MAX_HEIGHT >= 15
-    { WC_LMS_PARM_SHA256_192_L1_H15_W2, "LMS/HSS_SHA256/192 L1_H15_W2",
-      LMS_PARAMS(1, 15, 2, 2, LMS_SHA256_M24_H15, LMOTS_SHA256_N24_W2,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H15_W4, "LMS/HSS_SHA256/192 L1_H15_W4",
-      LMS_PARAMS(1, 15, 4, 3, LMS_SHA256_M24_H15, LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_LEVELS >= 2
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_SHA256_192_L2_H10_W2, "LMS/HSS SHA256/192 L2_H10_W2",
-      LMS_PARAMS(2, 10, 2, 2, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W2,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L2_H10_W4, "LMS/HSS SHA256/192 L2_H10_W4",
-      LMS_PARAMS(2, 10, 4, 3, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L2_H10_W8, "LMS/HSS SHA256/192 L2_H10_W8",
-      LMS_PARAMS(2, 10, 8, 4, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W8,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#endif
-#endif
-#if LMS_MAX_LEVELS >= 3
-    { WC_LMS_PARM_SHA256_192_L3_H5_W2 , "LMS/HSS_SHA256/192 L3_H5_W2" ,
-      LMS_PARAMS(3,  5, 2, 2, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W2,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L3_H5_W4 , "LMS/HSS_SHA256/192 L3_H5_W4" ,
-      LMS_PARAMS(3,  5, 4, 3, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L3_H5_W8 , "LMS/HSS_SHA256/192 L3_H5_W8" ,
-      LMS_PARAMS(3,  5, 8, 4, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W8,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_SHA256_192_L3_H10_W4, "LMS/HSS_SHA256/192 L3_H10_W4",
-      LMS_PARAMS(3, 10, 4, 3, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#endif
-#endif
-#if LMS_MAX_LEVELS >= 4
-    { WC_LMS_PARM_SHA256_192_L4_H5_W8 , "LMS/HSS_SHA256/192 L4_H5_W8" ,
-      LMS_PARAMS(4,  5, 8, 4, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W8,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#endif
-
-    { WC_LMS_PARM_SHA256_192_L1_H5_W1 , "LMS/HSS_SHA256/192_L1_H5_W1" ,
-      LMS_PARAMS(1,  5, 1, 2, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W1,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H5_W2 , "LMS/HSS_SHA256/192_L1_H5_W2" ,
-      LMS_PARAMS(1,  5, 2, 2, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W2,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H5_W4 , "LMS/HSS_SHA256/192_L1_H5_W4" ,
-      LMS_PARAMS(1,  5, 4, 3, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H5_W8 , "LMS/HSS_SHA256/192_L1_H5_W8" ,
-      LMS_PARAMS(1,  5, 8, 4, LMS_SHA256_M24_H5 , LMOTS_SHA256_N24_W8,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#if LMS_MAX_HEIGHT >= 10
-    { WC_LMS_PARM_SHA256_192_L1_H10_W2 , "LMS/HSS_SHA256/192_L1_H10_W2",
-      LMS_PARAMS(1, 10, 2, 2, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W2,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H10_W4 , "LMS/HSS_SHA256/192_L1_H10_W4",
-      LMS_PARAMS(1, 10, 4, 3, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H10_W8 , "LMS/HSS_SHA256/192_L1_H10_W8",
-      LMS_PARAMS(1, 10, 8, 4, LMS_SHA256_M24_H10, LMOTS_SHA256_N24_W8,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#endif
-#if LMS_MAX_HEIGHT >= 20
-    { WC_LMS_PARM_SHA256_192_L1_H20_W2 , "LMS/HSS_SHA256/192_L1_H20_W2",
-      LMS_PARAMS(1, 20, 2, 2, LMS_SHA256_M24_H20, LMOTS_SHA256_N24_W2,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H20_W4 , "LMS/HSS_SHA256/192_L1_H20_W4",
-      LMS_PARAMS(1, 20, 4, 3, LMS_SHA256_M24_H20, LMOTS_SHA256_N24_W4,
-                 WC_SHA256_192_DIGEST_SIZE) },
-    { WC_LMS_PARM_SHA256_192_L1_H20_W8 , "LMS/HSS_SHA256/192_L1_H20_W8",
-      LMS_PARAMS(1, 20, 8, 4, LMS_SHA256_M24_H20, LMOTS_SHA256_N24_W8,
-                 WC_SHA256_192_DIGEST_SIZE) },
-#endif
-#endif /* WOLFSSL_LMS_SHA256_192 */
-};
-/* Number of parameter sets supported. */
-#define WC_LMS_MAP_LEN      ((int)(sizeof(wc_lms_map) / sizeof(*wc_lms_map)))
-
-/* Initialize LMS key.
- *
- * Call this before setting the params of an LMS key.
- *
- * @param [out] key    LMS key to initialize.
- * @param [in]  heap   Heap hint.
- * @param [in]  devId  Device identifier.
- *                     Use INVALID_DEVID when not using a device.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- */
-int wc_LmsKey_Init(LmsKey* key, void* heap, int devId)
-{
-    int ret = 0;
-
-    (void)heap;
-    (void)devId;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        /* Zeroize the key data. */
-        ForceZero(key, sizeof(LmsKey));
-
-    #ifndef WOLFSSL_LMS_VERIFY_ONLY
-        /* Initialize other fields. */
-        key->write_private_key = NULL;
-        key->read_private_key = NULL;
-        key->context = NULL;
-        key->heap = heap;
-    #endif
-    #ifdef WOLF_CRYPTO_CB
-        key->devId = devId;
-    #endif
-        /* Start in initialized state. */
-        key->state = WC_LMS_STATE_INITED;
-    }
-
-    return ret;
-}
-
-/* Get the string representation of the LMS parameter set.
- *
- * @param [in] lmsParm  LMS parameter set identifier.
- * @return  String representing LMS parameter set on success.
- * @return  NULL when parameter set not supported.
- */
-const char* wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm)
-{
-    const char* str = NULL;
-    int i;
-
-    /* Search through table for matching numeric identifier. */
-    for (i = 0; i < WC_LMS_MAP_LEN; i++) {
-        if (lmsParm == wc_lms_map[i].id) {
-            /* Get string corresponding to numeric identifier. */
-            str = wc_lms_map[i].str;
-            break;
-        }
-    }
-
-    /* Return the string or NULL. */
-    return str;
-}
-
-/* Set the wc_LmsParm of an LMS key.
- *
- * Use this if you wish to set a key with a predefined parameter set,
- * such as WC_LMS_PARM_L2_H10_W8.
- *
- * Key must be inited before calling this.
- *
- * @param [in, out] key      LMS key to set parameters on.
- * @param [in]      lmsParm  Identifier of parameters.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  BAD_FUNC_ARG when parameters not supported.
- */
-int wc_LmsKey_SetLmsParm(LmsKey* key, enum wc_LmsParm lmsParm)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check state is valid. */
-    if ((ret == 0) && (key->state != WC_LMS_STATE_INITED)) {
-        WOLFSSL_MSG("error: LmsKey needs init");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        int i;
-
-        ret = BAD_FUNC_ARG;
-        /* Search through table for matching numeric identifier. */
-        for (i = 0; i < WC_LMS_MAP_LEN; i++) {
-            if (lmsParm == wc_lms_map[i].id) {
-                /* Set the parameters into the key. */
-                key->params = &wc_lms_map[i].params;
-                ret = 0;
-                break;
-            }
-        }
-    }
-
-    if (ret == 0) {
-        /* Move the state to params set.
-         * Key is ready for MakeKey or Reload. */
-        key->state = WC_LMS_STATE_PARMSET;
-    }
-
-    return ret;
-}
-
-/* Set the parameters of an LMS key.
- *
- * Use this if you wish to set specific parameters not found in the
- * wc_LmsParm predefined sets. See comments in lms.h for allowed
- * parameters.
- *
- * Key must be inited before calling this.
- *
- * @param [in, out] key         LMS key to set parameters on.
- * @param [in]      levels      Number of tree levels.
- * @param [in]      height      Height of each tree.
- * @param [in]      winternitz  Width or Winternitz coefficient.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  BAD_FUNC_ARG when parameters not supported.
- * */
-int wc_LmsKey_SetParameters(LmsKey* key, int levels, int height,
-    int winternitz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Check state is valid. */
-    if ((ret == 0) && (key->state != WC_LMS_STATE_INITED)) {
-        WOLFSSL_MSG("error: LmsKey needs init");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        int i;
-
-        ret = BAD_FUNC_ARG;
-        /* Search through table for matching levels, height and width. */
-        for (i = 0; i < WC_LMS_MAP_LEN; i++) {
-            if ((levels == wc_lms_map[i].params.levels) &&
-                    (height == wc_lms_map[i].params.height) &&
-                    (winternitz == wc_lms_map[i].params.width)) {
-                /* Set the parameters into the key. */
-                key->params = &wc_lms_map[i].params;
-                ret = 0;
-                break;
-            }
-        }
-    }
-
-    if (ret == 0) {
-        /* Move the state to params set.
-         * Key is ready for MakeKey or Reload. */
-        key->state = WC_LMS_STATE_PARMSET;
-    }
-
-    return ret;
-}
-
-/* Get the parameters of an LMS key.
- *
- * Key must be inited and parameters set before calling this.
- *
- * @param [in]  key         LMS key.
- * @param [out] levels      Number of levels of trees.
- * @param [out] height      Height of the trees.
- * @param [out] winternitz  Winternitz width.
- * Returns 0 on success.
- * */
-int wc_LmsKey_GetParameters(const LmsKey* key, int* levels, int* height,
-    int* winternitz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (levels == NULL) || (height == NULL) ||
-            (winternitz == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Validate the parameters are available. */
-    if ((ret == 0) && (key->params == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Set the levels, height and Winternitz width from parameters. */
-        *levels = key->params->levels;
-        *height = key->params->height;
-        *winternitz = key->params->width;
-    }
-
-    return ret;
-}
-
-/* Frees the LMS key from memory.
- *
- * This does not affect the private key saved to non-volatile storage.
- *
- * @param [in, out] key  LMS key to free.
- */
-void wc_LmsKey_Free(LmsKey* key)
-{
-    if (key != NULL) {
-    #ifndef WOLFSSL_LMS_VERIFY_ONLY
-        if (key->priv_data != NULL) {
-            const LmsParams* params = key->params;
-            int priv_data_len = LMS_PRIV_DATA_LEN(params->levels,
-                params->height, params->p, params->rootLevels,
-                params->cacheBits, params->hash_len);
-
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-            priv_data_len += HSS_PRIVATE_KEY_LEN(key->params->hash_len);
-#endif
-            ForceZero(key->priv_data, priv_data_len);
-            XFREE(key->priv_data, key->heap, DYNAMIC_TYPE_LMS);
-        }
-    #endif
-
-        ForceZero(key, sizeof(LmsKey));
-
-        key->state = WC_LMS_STATE_FREED;
-    }
-}
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Set the write private key callback to the LMS key structure.
- *
- * The callback must be able to write/update the private key to
- * non-volatile storage.
- *
- * @param [in, out] key       LMS key.
- * @param [in]      write_cb  Callback function that stores private key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or write_cb is NULL.
- * @return  BAD_STATE_E when key state is invalid.
- */
-int wc_LmsKey_SetWriteCb(LmsKey* key, wc_lms_write_private_key_cb write_cb)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (write_cb == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Changing the write callback of an already working key is forbidden. */
-    if ((ret == 0) && (key->state == WC_LMS_STATE_OK)) {
-        WOLFSSL_MSG("error: wc_LmsKey_SetWriteCb: key in use");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Set the callback into the key. */
-        key->write_private_key = write_cb;
-    }
-
-    return ret;
-}
-
-/* Set the read private key callback to the LMS key structure.
- *
- * The callback must be able to read the private key from
- * non-volatile storage.
- *
- * @param [in, out] key      LMS key.
- * @param [in]      read_cb  Callback function that loads private key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or read_cb is NULL.
- * @return  BAD_STATE_E when key state is invalid.
- * */
-int wc_LmsKey_SetReadCb(LmsKey* key, wc_lms_read_private_key_cb read_cb)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (read_cb == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Changing the read callback of an already working key is forbidden. */
-    if ((ret == 0) && (key->state == WC_LMS_STATE_OK)) {
-        WOLFSSL_MSG("error: wc_LmsKey_SetReadCb: key in use");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Set the callback into the key. */
-        key->read_private_key = read_cb;
-    }
-
-    return ret;
-}
-
-/* Sets the context to be used by write and read callbacks.
- *
- * E.g. this could be a filename if the callbacks write/read to file.
- *
- * @param [in, out] key      LMS key.
- * @param [in]      context  Pointer to data for read/write callbacks.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or context is NULL.
- * @return  BAD_STATE_E when key state is invalid.
- * */
-int wc_LmsKey_SetContext(LmsKey* key, void* context)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (context == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Setting context of an already working key is forbidden. */
-    if ((ret == 0) && (key->state == WC_LMS_STATE_OK)) {
-        WOLFSSL_MSG("error: wc_LmsKey_SetContext: key in use");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Set the callback context into the key. */
-        key->context = context;
-    }
-
-    return ret;
-}
-
-/* Make the LMS private/public key pair. The key must have its parameters
- * set before calling this.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * @param [in, out] key   LMS key.
- * @param [in]      rng   Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rng is NULL.
- * @return  BAD_STATE_E when key is in an invalid state.
- * @return  BAD_FUNC_ARG when write callback or callback context not set.
- * @return  BAD_STATE_E when no more signatures can be created.
- */
-int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG* rng)
-{
-    int ret = 0;
-    int priv_data_len = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (rng == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check state. */
-    if ((ret == 0) && (key->state != WC_LMS_STATE_PARMSET)) {
-        WOLFSSL_MSG("error: LmsKey not ready for generation");
-        ret = BAD_STATE_E;
-    }
-    /* Check write callback set. */
-    if ((ret == 0) && (key->write_private_key == NULL)) {
-        WOLFSSL_MSG("error: LmsKey write callback is not set");
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check callback context set. */
-    if ((ret == 0) && (key->context == NULL)) {
-        WOLFSSL_MSG("error: LmsKey context is not set");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        const LmsParams* params = key->params;
-        priv_data_len = LMS_PRIV_DATA_LEN(params->levels, params->height,
-            params->p, params->rootLevels, params->cacheBits, params->hash_len);
-
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        priv_data_len += HSS_PRIVATE_KEY_LEN(key->params->hash_len);
-#endif
-    }
-    if ((ret == 0) && (key->priv_data == NULL)) {
-        /* Allocate memory for the private key data. */
-        key->priv_data = (byte *)XMALLOC(priv_data_len, key->heap,
-            DYNAMIC_TYPE_LMS);
-        /* Check pointer is valid. */
-        if (key->priv_data == NULL) {
-            ret = MEMORY_E;
-        }
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        XMEMSET(key->priv_data, 0, priv_data_len);
-#endif
-    }
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, LmsState, 1, 0);
-
-        /* Allocate memory for working state. */
-        WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize working state for use. */
-            ret = wc_lmskey_state_init(state, key->params);
-            if (ret == 0) {
-                /* Make the HSS key. */
-                ret = wc_hss_make_key(state, rng, key->priv_raw, &key->priv,
-                    key->priv_data, key->pub);
-                wc_lmskey_state_free(state);
-            }
-            ForceZero(state, sizeof(LmsState));
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-    if (ret == 0) {
-        int rv;
-        /* Write private key to storage. */
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        XMEMCPY(key->priv_data + priv_data_len -
-            HSS_PRIVATE_KEY_LEN(key->params->hash_len), key->priv_raw,
-            HSS_PRIVATE_KEY_LEN(key->params->hash_len));
-        rv = key->write_private_key(key->priv_data, priv_data_len,
-            key->context);
-#else
-        rv = key->write_private_key(key->priv_raw,
-            HSS_PRIVATE_KEY_LEN(key->params->hash_len), key->context);
-#endif
-        if (rv != WC_LMS_RC_SAVED_TO_NV_MEMORY) {
-            ret = IO_FAILED_E;
-        }
-    }
-
-    /* This should not happen, but check whether signatures can be created. */
-    if ((ret == 0) && (wc_LmsKey_SigsLeft(key) == 0)) {
-        WOLFSSL_MSG("error: generated LMS key signatures exhausted");
-        key->state = WC_LMS_STATE_NOSIGS;
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Update state. */
-        key->state = WC_LMS_STATE_OK;
-    }
-
-    return ret;
-}
-
-/* Reload a key that has been prepared with the appropriate params and
- * data. Use this if you wish to resume signing with an existing key.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * @param [in, out] key  LMS key.
- *
- * Returns 0 on success. */
-int wc_LmsKey_Reload(LmsKey* key)
-{
-    int ret = 0;
-    int priv_data_len = 0;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check state. */
-    if ((ret == 0) && (key->state != WC_LMS_STATE_PARMSET)) {
-        WOLFSSL_MSG("error: LmsKey not ready for reload");
-        ret = BAD_STATE_E;
-    }
-    /* Check read callback present. */
-    if ((ret == 0) && (key->read_private_key == NULL)) {
-        WOLFSSL_MSG("error: LmsKey read callback is not set");
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check context for callback set */
-    if ((ret == 0) && (key->context == NULL)) {
-        WOLFSSL_MSG("error: LmsKey context is not set");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        const LmsParams* params = key->params;
-        priv_data_len = LMS_PRIV_DATA_LEN(params->levels, params->height,
-            params->p, params->rootLevels, params->cacheBits, params->hash_len);
-
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        priv_data_len += HSS_PRIVATE_KEY_LEN(params->hash_len);
-#endif
-    }
-    if ((ret == 0) && (key->priv_data == NULL)) {
-        /* Allocate memory for the private key data. */
-        key->priv_data = (byte *)XMALLOC(priv_data_len, key->heap,
-            DYNAMIC_TYPE_LMS);
-        /* Check pointer is valid. */
-        if (key->priv_data == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-    if (ret == 0) {
-        int rv;
-
-        /* Load private key. */
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        const LmsParams* params = key->params;
-
-        rv = key->read_private_key(key->priv_data, priv_data_len, key->context);
-#else
-        rv = key->read_private_key(key->priv_raw,
-            HSS_PRIVATE_KEY_LEN(key->params->hash_len), key->context);
-#endif
-        if (rv != WC_LMS_RC_READ_TO_MEMORY) {
-            ret = IO_FAILED_E;
-        }
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        if (ret == 0) {
-            XMEMCPY(key->priv_raw, key->priv_data + priv_data_len -
-                HSS_PRIVATE_KEY_LEN(params->hash_len),
-                HSS_PRIVATE_KEY_LEN(params->hash_len));
-        }
-#endif
-    }
-
-    /* Double check the key actually has signatures left. */
-    if ((ret == 0) && (wc_LmsKey_SigsLeft(key) == 0)) {
-        WOLFSSL_MSG("error: reloaded LMS key signatures exhausted");
-        key->state = WC_LMS_STATE_NOSIGS;
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, LmsState, 1, 0);
-
-        /* Allocate memory for working state. */
-        WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize working state for use. */
-            ret = wc_lmskey_state_init(state, key->params);
-            if (ret == 0) {
-                /* Reload the key ready for signing. */
-                ret = wc_hss_reload_key(state, key->priv_raw, &key->priv,
-                    key->priv_data, NULL);
-            }
-            ForceZero(state, sizeof(LmsState));
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-
-    if (ret == 0) {
-        /* Update state. */
-        key->state = WC_LMS_STATE_OK;
-    }
-
-    return ret;
-}
-
-/* Get the private key length based on parameter set of key.
- *
- * @param [in]  key  LMS key.
- * @param [out] len  Length of private key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL or parameters not set.
- */
-int wc_LmsKey_GetPrivLen(const LmsKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL) || (key->params == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Return private key length from parameter set. */
-        *len = HSS_PRIVATE_KEY_LEN(key->params->hash_len);
-    }
-
-    return ret;
-}
-
-/* Sign a message.
- *
- * @param [in, out] key    LMS key to sign with.
- * @param [out]     sig    Signature data. Buffer must be big enough to hold
- *                         signature data.
- * @param [out]     sigSz  Length of signature data.
- * @param [in]      msg    Message to sign.
- * @param [in]      msgSz  Length of message in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, sig, sigSz or msg is NULL.
- * @return  BAD_FUNC_ARG when msgSz is not greater than 0.
- */
-int wc_LmsKey_Sign(LmsKey* key, byte* sig, word32* sigSz, const byte* msg,
-    int msgSz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (sigSz == NULL) || (msg == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (msgSz <= 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check state. */
-    if ((ret == 0) && (key->state == WC_LMS_STATE_NOSIGS)) {
-        WOLFSSL_MSG("error: LMS signatures exhausted");
-        ret = BAD_STATE_E;
-    }
-    if ((ret == 0) && (key->state != WC_LMS_STATE_OK)) {
-       /* The key had an error the last time it was used, and we
-        * can't guarantee its state. */
-        WOLFSSL_MSG("error: can't sign, LMS key not in good state");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, LmsState, 1, 0);
-
-        /* Allocate memory for working state. */
-        WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize working state for use. */
-            ret = wc_lmskey_state_init(state, key->params);
-            if (ret == 0) {
-                /* Sign message. */
-                ret = wc_hss_sign(state, key->priv_raw, &key->priv,
-                    key->priv_data, msg, msgSz, sig);
-                wc_lmskey_state_free(state);
-            }
-            ForceZero(state, sizeof(LmsState));
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-    if (ret == 0) {
-        *sigSz = (word32)key->params->sig_len;
-    }
-    if (ret == 0) {
-        int rv;
-
-        /* Write private key to storage. */
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-        const LmsParams* params = key->params;
-        int priv_data_len = LMS_PRIV_DATA_LEN(params->levels, params->height,
-            params->p, params->rootLevels, params->cacheBits,
-            params->hash_len) + HSS_PRIVATE_KEY_LEN(key->params->hash_len);
-
-        XMEMCPY(key->priv_data + priv_data_len -
-            HSS_PRIVATE_KEY_LEN(params->hash_len), key->priv_raw,
-            HSS_PRIVATE_KEY_LEN(params->hash_len));
-        rv = key->write_private_key(key->priv_data, priv_data_len,
-            key->context);
-#else
-        rv = key->write_private_key(key->priv_raw,
-            HSS_PRIVATE_KEY_LEN(key->params->hash_len), key->context);
-#endif
-        if (rv != WC_LMS_RC_SAVED_TO_NV_MEMORY) {
-            ret = IO_FAILED_E;
-        }
-    }
-
-    return ret;
-}
-
-/* Returns whether signatures can be created with key.
- *
- * @param [in]  key  LMS key.
- *
- * @return  1 if there are signatures remaining.
- * @return  0 if available signatures are exhausted.
- */
-int wc_LmsKey_SigsLeft(LmsKey* key)
-{
-    int ret = 0;
-
-    /* NULL keys have no signatures remaining. */
-    if (key != NULL) {
-        ret = wc_hss_sigsleft(key->params, key->priv_raw);
-    }
-
-    return ret;
-}
-
-#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY*/
-
-/* Get the public key length based on parameter set of key.
- *
- * @param [in]  key  LMS key.
- * @param [out] len  Length of public key.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL or parameters not set.
- */
-int wc_LmsKey_GetPubLen(const LmsKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters */
-    if ((key == NULL) || (len == NULL) || (key->params == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        *len = HSS_PUBLIC_KEY_LEN(key->params->hash_len);
-    }
-
-    return ret;
-}
-
-/* Export a generated public key and parameter set from one LmsKey
- * to another. Use this to prepare a signature verification LmsKey
- * that is pub only.
- *
- * Though the public key is all that is used to verify signatures,
- * the parameter set is needed to calculate the signature length
- * before hand.
- *
- * @param [out] keyDst  LMS key to copy into.
- * @param [in]  keySrc  LMS key to copy.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when keyDst or keySrc is NULL.
- */
-int wc_LmsKey_ExportPub(LmsKey* keyDst, const LmsKey* keySrc)
-{
-    int ret = 0;
-
-    if ((keyDst == NULL) || (keySrc == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        ForceZero(keyDst, sizeof(LmsKey));
-
-        keyDst->params = keySrc->params;
-        XMEMCPY(keyDst->pub, keySrc->pub, sizeof(keySrc->pub));
-
-        /* Mark this key as verify only, to prevent misuse. */
-        keyDst->state = WC_LMS_STATE_VERIFYONLY;
-    }
-
-    return ret;
-}
-
-/* Exports the raw LMS public key buffer from key to out buffer.
- * The out buffer should be large enough to hold the public key, and
- * outLen should indicate the size of the buffer.
- *
- * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
- *
- * @param [in]      key     LMS key.
- * @param [out]     out     Buffer to hold encoded public key.
- * @param [in, out] outLen  On in, length of out in bytes.
- *                          On out, the length of the public key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, out or outLen is NULL.
- * @return  BUFFER_E when outLen is too small to hold encoded public key.
- */
-int wc_LmsKey_ExportPubRaw(const LmsKey* key, byte* out, word32* outLen)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check size of out is sufficient. */
-    if ((ret == 0) &&
-            (*outLen < (word32)HSS_PUBLIC_KEY_LEN(key->params->hash_len))) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        /* Return encoded public key. */
-        XMEMCPY(out, key->pub, HSS_PUBLIC_KEY_LEN(key->params->hash_len));
-        *outLen = HSS_PUBLIC_KEY_LEN(key->params->hash_len);
-    }
-
-    return ret;
-}
-
-/* Imports a raw public key buffer from in array to LmsKey key.
- *
- * The LMS parameters must be set first with wc_LmsKey_SetLmsParm or
- * wc_LmsKey_SetParameters, and inLen must match the length returned
- * by wc_LmsKey_GetPubLen.
- *
- * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
- *
- * @param [in, out] key    LMS key to put public key in.
- * @param [in]      in     Buffer holding encoded public key.
- * @param [in]      inLen  Length of encoded public key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or in is NULL.
- * @return  BUFFER_E when inLen does not match public key length by parameters.
- */
-int wc_LmsKey_ImportPubRaw(LmsKey* key, const byte* in, word32 inLen)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) &&
-            (inLen != (word32)HSS_PUBLIC_KEY_LEN(key->params->hash_len))) {
-        /* Something inconsistent. Parameters weren't set, or input
-         * pub key is wrong.*/
-        return BUFFER_E;
-    }
-
-    if (ret == 0) {
-        XMEMCPY(key->pub, in, inLen);
-
-        if (key->state != WC_LMS_STATE_OK)
-            key->state = WC_LMS_STATE_VERIFYONLY;
-    }
-
-    return ret;
-}
-
-/* Given a levels, height, winternitz parameter set, determine
- * the signature length.
- *
- * Call this before wc_LmsKey_Sign so you know the length of
- * the required signature buffer.
- *
- * @param [in]  key  LMS key.
- * @param [out] len  Length of a signature in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- */
-int wc_LmsKey_GetSigLen(const LmsKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        *len = key->params->sig_len;
-    }
-
-    return ret;
-}
-
-/* Verify the signature of the message with public key.
- *
- * @param [in] key    LMS key.
- * @param [in] sig    Signature to verify.
- * @param [in] sigSz  Size of signature in bytes.
- * @param [in] msg    Message to verify.
- * @param [in] msgSz  Length of the message in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a key, sig or msg is NULL.
- * @return  SIG_VERIFY_E when signature did not verify message.
- * @return  BAD_STATE_E when wrong state for operation.
- * @return  BUFFER_E when sigSz is invalid for parameters.
- */
-int wc_LmsKey_Verify(LmsKey* key, const byte* sig, word32 sigSz,
-    const byte* msg, int msgSz)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (msg == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check state. */
-    if ((ret == 0) && (key->state != WC_LMS_STATE_OK) &&
-            (key->state != WC_LMS_STATE_VERIFYONLY)) {
-        /* LMS key not ready for verification. Param str must be
-         * set first, and Reload() called. */
-        WOLFSSL_MSG("error: LMS key not ready for verification");
-        ret = BAD_STATE_E;
-    }
-    /* Check signature length. */
-    if ((ret == 0) && (sigSz != key->params->sig_len)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, LmsState, 1, 0);
-
-        /* Allocate memory for working state. */
-        WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize working state for use. */
-            ret = wc_lmskey_state_init(state, key->params);
-            if (ret == 0) {
-                /* Verify signature of message with public key. */
-                ret = wc_hss_verify(state, key->pub, msg, msgSz, sig);
-                wc_lmskey_state_free(state);
-            }
-            ForceZero(state, sizeof(LmsState));
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-
-    return ret;
-}
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-
-/* Get the Key ID from the LMS key.
- *
- * PRIV = Q | PARAMS | SEED | I
- * where I is the Key ID.
- *
- * @param [in]  key    LMS key.
- * @param [out] kid    Key ID data.
- * @param [out] kidSz  Size of key ID.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a key, kid or kidSz is NULL.
- */
-int wc_LmsKey_GetKid(LmsKey * key, const byte ** kid, word32* kidSz)
-{
-    word32 offset;
-
-    if ((key == NULL) || (kid == NULL) || (kidSz == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    /* SEED length is hash length. */
-    offset = HSS_Q_LEN + HSS_PRIV_KEY_PARAM_SET_LEN + key->params->hash_len;
-    *kid = key->priv_raw + offset;
-    *kidSz = HSS_PRIVATE_KEY_LEN(key->params->hash_len) - offset;
-
-    return 0;
-}
-
-
-/* Get the Key ID from the raw private key data.
- *
- * PRIV = Q | PARAMS | SEED | I
- * where I is the Key ID.
- *
- * @param [in] priv    Private key data.
- * @param [in] privSz  Size of private key data.
- * @param  Pointer to 16 byte Key ID in the private key.
- * @return  NULL on failure.
- */
-const byte * wc_LmsKey_GetKidFromPrivRaw(const byte * priv, word32 privSz)
-{
-    word32 seedSz = privSz - HSS_Q_LEN - HSS_PRIV_KEY_PARAM_SET_LEN - LMS_I_LEN;
-
-    if (priv == NULL) {
-        return NULL;
-    }
-    if ((seedSz != WC_SHA256_192_DIGEST_SIZE) &&
-            (seedSz != WC_SHA256_DIGEST_SIZE)) {
-        return NULL;
-    }
-    return priv + privSz - LMS_I_LEN;
-}
-
-#endif
-
-#endif /* WOLFSSL_HAVE_LMS && WOLFSSL_WC_LMS */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_lms_impl.c b/src/ssl/wolfssl/wolfcrypt/wc_lms_impl.c
deleted file mode 100644
index e2a4949ff..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_lms_impl.c
+++ /dev/null
@@ -1,3728 +0,0 @@
-/* wc_lms_impl.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation based on:
- *   RFC 8554: Leighton-Micali Hash-Based Signatures
- *   https://datatracker.ietf.org/doc/html/rfc8554
- * Implementation by Sean Parkinson.
- */
-
-/* Possible LMS options:
- *
- * WC_LMS_FULL_HASH                                      Default: OFF
- *   Performs a full hash instead of assuming internals.
- *   Enable when using hardware SHA-256.
- * WOLFSSL_LMS_VERIFY_ONLY                               Default: OFF
- *   Only compiles in verification code.
- * WOLFSSL_WC_LMS_SMALL                                  Default: OFF
- *   Implementation is smaller code size with slow signing.
- *   Enable when memory is limited.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#include <wolfssl/wolfcrypt/wc_lms.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_WC_LMS)
-
-/* Length of R in bytes. */
-#define LMS_R_LEN           4
-/* Length of D in bytes. */
-#define LMS_D_LEN           2
-/* Length of checksum in bytes. */
-#define LMS_CKSM_LEN        2
-
-/* Predefined values used in hashes to make them unique. */
-/* Fixed value for calculating x. */
-#define LMS_D_FIXED         0xff
-/* D value when computing public key. */
-#define LMS_D_PBLC          0x8080
-/* D value when computing message. */
-#define LMS_D_MESG          0x8181
-/* D value when computing leaf node. */
-#define LMS_D_LEAF          0x8282
-/* D value when computing interior node. */
-#define LMS_D_INTR          0x8383
-/* D value when computing C, randomizer value. */
-#define LMS_D_C             0xfffd
-/* D value when computing child SEED for private key. */
-#define LMS_D_CHILD_SEED    0xfffe
-/* D value when computing child I for private key. */
-#define LMS_D_CHILD_I       0xffff
-
-/* Length of data to hash when computing seed:
- *   16 + 4 + 2 + 32/24 = 54/46 */
-#define LMS_SEED_HASH_LEN(hLen)     \
-    (LMS_I_LEN + LMS_R_LEN + LMS_D_LEN + (hLen))
-
-/* Length of data to hash when computing a node:
- *   16 + 4 + 2 + 32/24 + 32/24 = 86/70 */
-#define LMS_NODE_HASH_LEN(hLen)     \
-    (LMS_I_LEN + LMS_R_LEN + LMS_D_LEN + 2 * (hLen))
-
-/* Length of data to hash when computing most results:
- *   16 + 4 + 2 + 1 + 32/24 = 55/47 */
-#define LMS_HASH_BUFFER_LEN(hLen)   \
-    (LMS_I_LEN + LMS_Q_LEN + LMS_P_LEN + LMS_W_LEN + (hLen))
-
-/* Length of preliminary data to hash when computing K:
- *   16 + 4 + 2 = 22 */
-#define LMS_K_PRE_LEN       (LMS_I_LEN + LMS_Q_LEN + LMS_P_LEN)
-
-/* Length of preliminary data to hash when computing message hash:
- *   16 + 4 + 2 = 22 */
-#define LMS_MSG_PRE_LEN     (LMS_I_LEN + LMS_Q_LEN + LMS_P_LEN)
-
-
-#ifdef WC_LMS_DEBUG_PRINT_DATA
-/* Print data when debugging implementation.
- *
- * @param [in] name  String to print before data.
- * @param [in] data  Array of bytes.
- * @param [in] len   Length of data in array.
- */
-static void print_data(const char* name, const byte* data, int len)
-{
-    int i;
-
-    fprintf(stderr, "%6s: ", name);
-    for (i = 0; i < len; i++) {
-        fprintf(stderr, "%02x", data[i]);
-    }
-    fprintf(stderr, "\n");
-}
-#endif
-
-/***************************************
- * Index APIs
- **************************************/
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Zero index.
- *
- * @param [out] a    Byte array. Big-endian encoding.
- * @param [in]  len  Length of array in bytes.
- */
-static WC_INLINE void wc_lms_idx_zero(unsigned char* a, int len)
-{
-    XMEMSET(a, 0, len);
-}
-
-/* Increment big-endian value.
- *
- * @param [in, out] a    Byte array. Big-endian encoding.
- * @param [in]      len  Length of array in bytes.
- */
-static WC_INLINE void wc_lms_idx_inc(unsigned char* a, int len)
-{
-    int i;
-
-    /* Starting at least-significant byte up to most. */
-    for (i = len - 1; i >= 0; i--) {
-        /* Add one/carry to byte. */
-        if ((++a[i]) != 0) {
-            /* No more carry. */
-            break;
-        }
-    }
-}
-#endif /* !WOLFSSL_LMS_VERIFY_ONLY */
-
-/***************************************
- * Hash APIs
- **************************************/
-
-/* Set hash data and length into SHA-256 digest.
- *
- * @param [in, out] state  SHA-256 digest object.
- * @param [in]      data   Data to add to hash.
- * @param [in]      len    Number of bytes in data. Must be less than a block.
- */
-#define LMS_SHA256_SET_DATA(sha256, data, len)  \
-do {                                            \
-    XMEMCPY((sha256)->buffer, (data), (len));   \
-    (sha256)->buffLen = (len);                  \
-    (sha256)->loLen = (len);                    \
-} while (0)
-
-/* Add hash data and length into SHA-256 digest.
- *
- * @param [in, out] state  SHA-256 digest object.
- * @param [in]      data   Data to add to hash.
- * @param [in]      len    Number of bytes in data. Must be less than a block.
- */
-#define LMS_SHA256_ADD_DATA(sha256, data, len)                              \
-do {                                                                        \
-    XMEMCPY((byte*)(sha256)->buffer + (sha256)->buffLen, (data), (len));    \
-    (sha256)->buffLen += (len);                                             \
-    (sha256)->loLen += (len);                                               \
-} while (0)
-
-/* Set the length of 54 bytes in buffer as per SHA-256 final operation.
- *
- * @param [in, out] buffer  Hash data buffer to add length to.
- */
-#define LMS_SHA256_SET_LEN_54(buffer)   \
-do {                                    \
-    (buffer)[54] = 0x80;                \
-    (buffer)[55] = 0x00;                \
-    (buffer)[56] = 0x00;                \
-    (buffer)[57] = 0x00;                \
-    (buffer)[58] = 0x00;                \
-    (buffer)[59] = 0x00;                \
-    (buffer)[60] = 0x00;                \
-    (buffer)[61] = 0x00;                \
-    (buffer)[62] = 0x01;                \
-    (buffer)[63] = 0xb0;                \
-} while (0)
-
-/* Set the length of 55 bytes in buffer as per SHA-256 final operation.
- *
- * @param [in, out] buffer  Hash data buffer to add length to.
- */
-#define LMS_SHA256_SET_LEN_55(buffer)   \
-do {                                    \
-    (buffer)[55] = 0x80;                \
-    (buffer)[56] = 0x00;                \
-    (buffer)[57] = 0x00;                \
-    (buffer)[58] = 0x00;                \
-    (buffer)[59] = 0x00;                \
-    (buffer)[60] = 0x00;                \
-    (buffer)[61] = 0x00;                \
-    (buffer)[62] = 0x01;                \
-    (buffer)[63] = 0xb8;                \
-} while (0)
-
-#ifndef WOLFSSL_NO_LMS_SHA256_256
-#ifndef WC_LMS_FULL_HASH
-/* Hash one full block of data and compute result.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [in]  data    Data to hash.
- * @param [out] hash    Hash output.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash_block(wc_Sha256* sha256, const byte* data,
-    byte* hash)
-{
-    /* Hash the block and reset SHA-256 state. */
-    return wc_Sha256HashBlock(sha256, data, hash);
-}
-#endif /* !WC_LMS_FULL_HASH */
-
-/* Hash data and compute result.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [in]  data    Data to hash.
- * @param [in]  len     Length of data to hash.
- * @param [out] hash    Hash output.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash(wc_Sha256* sha256, byte* data, word32 len,
-    byte* hash)
-{
-    int ret;
-
-#ifndef WC_LMS_FULL_HASH
-    if (len < WC_SHA256_BLOCK_SIZE) {
-        /* Store data into SHA-256 object's buffer. */
-        LMS_SHA256_SET_DATA(sha256, data, len);
-        ret = wc_Sha256Final(sha256, hash);
-    }
-    else if (len < WC_SHA256_BLOCK_SIZE + WC_SHA256_PAD_SIZE) {
-        ret = wc_Sha256HashBlock(sha256, data, NULL);
-        if (ret == 0) {
-            byte* buffer = (byte*)sha256->buffer;
-            int rem = len - WC_SHA256_BLOCK_SIZE;
-
-            XMEMCPY(buffer, data + WC_SHA256_BLOCK_SIZE, rem);
-            buffer[rem++] = 0x80;
-            XMEMSET(buffer + rem, 0, WC_SHA256_BLOCK_SIZE - 2 - rem);
-            buffer[WC_SHA256_BLOCK_SIZE - 2] = (byte)(len >> 5);
-            buffer[WC_SHA256_BLOCK_SIZE - 1] = (byte)(len << 3);
-            ret = wc_Sha256HashBlock(sha256, buffer, hash);
-        }
-    }
-    else {
-        ret = wc_Sha256Update(sha256, data, len);
-        if (ret == 0) {
-            ret = wc_Sha256Final(sha256, hash);
-        }
-    }
-#else
-    ret = wc_Sha256Update(sha256, data, len);
-    if (ret == 0) {
-        ret = wc_Sha256Final(sha256, hash);
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    return ret;
-}
-#endif /* !WOLFSSL_NO_LMS_SHA256_256 */
-
-/* Update hash with first data.
- *
- * Sets the data directly into SHA-256's buffer if valid.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [in]  data    Data to hash.
- * @param [in]  len     Length of data to hash.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash_first(wc_Sha256* sha256, const byte* data,
-    word32 len)
-{
-    int ret = 0;
-
-#ifndef WC_LMS_FULL_HASH
-    if (len < WC_SHA256_BLOCK_SIZE) {
-        /* Store data into SHA-256 object's buffer. */
-        LMS_SHA256_SET_DATA(sha256, data, len);
-    }
-    else
-#endif /* !WC_LMS_FULL_HASH */
-    {
-        ret = wc_Sha256Update(sha256, data, len);
-    }
-
-    return ret;
-}
-
-/* Update hash with further data.
- *
- * Adds the data directly into SHA-256's buffer if valid.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [in]  data    Data to hash.
- * @param [in]  len     Length of data to hash.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash_update(wc_Sha256* sha256, const byte* data,
-    word32 len)
-{
-    int ret = 0;
-
-#ifndef WC_LMS_FULL_HASH
-    if (sha256->buffLen + len < WC_SHA256_BLOCK_SIZE) {
-        /* Add data to SHA-256 object's buffer. */
-        LMS_SHA256_ADD_DATA(sha256, data, len);
-    }
-    else if (sha256->buffLen + len < 2 * WC_SHA256_BLOCK_SIZE) {
-        byte* buffer = (byte*)sha256->buffer;
-
-        XMEMCPY(buffer + sha256->buffLen, data,
-            WC_SHA256_BLOCK_SIZE - sha256->buffLen);
-        ret = wc_Sha256HashBlock(sha256, buffer, NULL);
-        if (ret == 0) {
-            int rem = len - (WC_SHA256_BLOCK_SIZE - sha256->buffLen);
-            XMEMCPY(buffer, data + WC_SHA256_BLOCK_SIZE - sha256->buffLen, rem);
-            sha256->buffLen = rem;
-            sha256->loLen += len;
-        }
-    }
-    else {
-        ret = wc_Sha256Update(sha256, data, len);
-    }
-#else
-    ret = wc_Sha256Update(sha256, data, len);
-#endif /* !WC_LMS_FULL_HASH */
-
-    return ret;
-}
-
-#ifndef WOLFSSL_NO_LMS_SHA256_256
-/* Finalize hash.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [out] hash    Hash output.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash_final(wc_Sha256* sha256, byte* hash)
-{
-#ifndef WC_LMS_FULL_HASH
-    int ret = 0;
-    byte* buffer = (byte*)sha256->buffer;
-
-    buffer[sha256->buffLen++] = 0x80;
-    if (sha256->buffLen > WC_SHA256_PAD_SIZE) {
-        XMEMSET(buffer + sha256->buffLen, 0,
-            WC_SHA256_BLOCK_SIZE - sha256->buffLen);
-        ret = wc_Sha256HashBlock(sha256, buffer, NULL);
-        sha256->buffLen = 0;
-    }
-    if (ret == 0) {
-        XMEMSET(buffer + sha256->buffLen, 0,
-            WC_SHA256_BLOCK_SIZE - 8 - sha256->buffLen);
-        sha256->hiLen = (sha256->hiLen << 3) + (sha256->loLen >> 29);
-        sha256->loLen = sha256->loLen << 3;
-    #ifdef LITTLE_ENDIAN_ORDER
-        sha256->buffer[14] = ByteReverseWord32(sha256->hiLen);
-        sha256->buffer[15] = ByteReverseWord32(sha256->loLen);
-    #else
-        sha256->buffer[14] = sha256->hiLen;
-        sha256->buffer[15] = sha256->loLen;
-    #endif
-        ret = wc_Sha256HashBlock(sha256, buffer, hash);
-        sha256->buffLen = 0;
-        sha256->hiLen = 0;
-        sha256->loLen = 0;
-    }
-
-    return ret;
-#else
-    return wc_Sha256Final(sha256, hash);
-#endif
-}
-#endif /* !WOLFSSL_NO_LMS_SHA256_256 */
-
-#ifdef WOLFSSL_LMS_SHA256_192
-/* Set the length of 46 bytes in buffer as per SHA-256 final operation.
- *
- * @param [in, out] buffer  Hash data buffer to add length to.
- */
-#define LMS_SHA256_SET_LEN_46(buffer)   \
-do {                                    \
-    (buffer)[46] = 0x80;                \
-    (buffer)[47] = 0x00;                \
-    (buffer)[48] = 0x00;                \
-    (buffer)[49] = 0x00;                \
-    (buffer)[50] = 0x00;                \
-    (buffer)[51] = 0x00;                \
-    (buffer)[52] = 0x00;                \
-    (buffer)[53] = 0x00;                \
-    (buffer)[54] = 0x00;                \
-    (buffer)[55] = 0x00;                \
-    (buffer)[56] = 0x00;                \
-    (buffer)[57] = 0x00;                \
-    (buffer)[58] = 0x00;                \
-    (buffer)[59] = 0x00;                \
-    (buffer)[60] = 0x00;                \
-    (buffer)[61] = 0x00;                \
-    (buffer)[62] = 0x01;                \
-    (buffer)[63] = 0x70;                \
-} while (0)
-
-/* Set the length of 47 bytes in buffer as per SHA-256 final operation.
- *
- * @param [in, out] buffer  Hash data buffer to add length to.
- */
-#define LMS_SHA256_SET_LEN_47(buffer)   \
-do {                                    \
-    (buffer)[47] = 0x80;                \
-    (buffer)[48] = 0x00;                \
-    (buffer)[49] = 0x00;                \
-    (buffer)[50] = 0x00;                \
-    (buffer)[51] = 0x00;                \
-    (buffer)[52] = 0x00;                \
-    (buffer)[53] = 0x00;                \
-    (buffer)[54] = 0x00;                \
-    (buffer)[55] = 0x00;                \
-    (buffer)[56] = 0x00;                \
-    (buffer)[57] = 0x00;                \
-    (buffer)[58] = 0x00;                \
-    (buffer)[59] = 0x00;                \
-    (buffer)[60] = 0x00;                \
-    (buffer)[61] = 0x00;                \
-    (buffer)[62] = 0x01;                \
-    (buffer)[63] = 0x78;                \
-} while (0)
-
-#ifndef WC_LMS_FULL_HASH
-/* Hash one full block of data and compute result.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [in]  data    Data to hash.
- * @param [out] hash    Hash output.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_sha256_192_hash_block(wc_Sha256* sha256,
-    const byte* data, byte* hash)
-{
-    int ret;
-    unsigned char output[WC_SHA256_DIGEST_SIZE];
-
-    /* Hash the block and reset SHA-256 state. */
-    ret = wc_Sha256HashBlock(sha256, data, output);
-    if (ret == 0) {
-        XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-    }
-
-    return ret;
-}
-#endif /* !WC_LMS_FULL_HASH */
-
-/* Hash data and compute result.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [in]  data    Data to hash.
- * @param [in]  len     Length of data to hash.
- * @param [out] hash    Hash output.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash_sha256_192(wc_Sha256* sha256, byte* data,
-    word32 len, byte* hash)
-{
-    int ret;
-    unsigned char output[WC_SHA256_DIGEST_SIZE];
-
-#ifndef WC_LMS_FULL_HASH
-    if (len < WC_SHA256_BLOCK_SIZE) {
-        /* Store data into SHA-256 object's buffer. */
-        LMS_SHA256_SET_DATA(sha256, data, len);
-        ret = wc_Sha256Final(sha256, output);
-        if (ret == 0) {
-            XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-        }
-    }
-    else if (len < WC_SHA256_BLOCK_SIZE + WC_SHA256_PAD_SIZE) {
-        ret = wc_Sha256HashBlock(sha256, data, NULL);
-        if (ret == 0) {
-            byte* buffer = (byte*)sha256->buffer;
-            int rem = len - WC_SHA256_BLOCK_SIZE;
-
-            XMEMCPY(buffer, data + WC_SHA256_BLOCK_SIZE, rem);
-            buffer[rem++] = 0x80;
-            XMEMSET(buffer + rem, 0, WC_SHA256_BLOCK_SIZE - 2 - rem);
-            buffer[WC_SHA256_BLOCK_SIZE - 2] = (byte)(len >> 5);
-            buffer[WC_SHA256_BLOCK_SIZE - 1] = (byte)(len << 3);
-            ret = wc_Sha256HashBlock(sha256, buffer, output);
-            if (ret == 0) {
-                XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-            }
-        }
-    }
-    else {
-        ret = wc_Sha256Update(sha256, data, len);
-        if (ret == 0) {
-            ret = wc_Sha256Final(sha256, output);
-            if (ret == 0) {
-                XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-            }
-        }
-    }
-#else
-    ret = wc_Sha256Update(sha256, data, len);
-    if (ret == 0) {
-        ret = wc_Sha256Final(sha256, output);
-        if (ret == 0) {
-            XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-        }
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    return ret;
-}
-
-/* Finalize hash.
- *
- * @param [in]  sha256  SHA-256 hash object.
- * @param [out] hash    Hash output.
- * @return  0 on success.
- */
-static WC_INLINE int wc_lms_hash_sha256_192_final(wc_Sha256* sha256, byte* hash)
-{
-#ifndef WC_LMS_FULL_HASH
-    int ret = 0;
-    byte* buffer = (byte*)sha256->buffer;
-    unsigned char output[WC_SHA256_DIGEST_SIZE];
-
-    buffer[sha256->buffLen++] = 0x80;
-    if (sha256->buffLen > WC_SHA256_PAD_SIZE) {
-        XMEMSET(buffer + sha256->buffLen, 0,
-            WC_SHA256_BLOCK_SIZE - sha256->buffLen);
-        ret = wc_Sha256HashBlock(sha256, buffer, NULL);
-        sha256->buffLen = 0;
-    }
-    if (ret == 0) {
-        XMEMSET(buffer + sha256->buffLen, 0,
-            WC_SHA256_BLOCK_SIZE - 8 - sha256->buffLen);
-        sha256->hiLen = (sha256->hiLen << 3) + (sha256->loLen >> 29);
-        sha256->loLen = sha256->loLen << 3;
-    #ifdef LITTLE_ENDIAN_ORDER
-        sha256->buffer[14] = ByteReverseWord32(sha256->hiLen);
-        sha256->buffer[15] = ByteReverseWord32(sha256->loLen);
-    #else
-        sha256->buffer[14] = sha256->hiLen;
-        sha256->buffer[15] = sha256->loLen;
-    #endif
-        ret = wc_Sha256HashBlock(sha256, buffer, output);
-        if (ret == 0) {
-            XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-        }
-        sha256->buffLen = 0;
-        sha256->hiLen = 0;
-        sha256->loLen = 0;
-    }
-
-    return ret;
-#else
-    int ret;
-    unsigned char output[WC_SHA256_DIGEST_SIZE];
-
-    ret = wc_Sha256Final(sha256, output);
-    if (ret == 0) {
-        XMEMCPY(hash, output, WC_SHA256_192_DIGEST_SIZE);
-    }
-
-    return ret;
-#endif
-}
-#endif /* WOLFSSL_LMS_SHA256_192 */
-
-/***************************************
- * LM-OTS APIs
- **************************************/
-
-/* Expand Q to and array of Winternitz width bits values plus checksum.
- *
- * Supported Winternitz widths: 8, 4, 2, 1.
- *
- * Algorithm 2: Checksum Calculation
- *   sum = 0
- *   for ( i = 0; i < (n*8/w); i = i + 1 ) {
- *     sum = sum + (2^w - 1) - coef(S, i, w)
- *   }
- *   return (sum << ls)
- * Section 3.1.3: Strings of w-Bit Elements
- *   coef(S, i, w) = (2^w - 1) AND
- *                   ( byte(S, floor(i * w / 8)) >>
- *                     (8 - (w * (i % (8 / w)) + w)) )
- * Combine coefficient expansion with checksum calculation.
- *
- * @param [in]  q   Q array of bytes.
- * @param [in]  n   Number of bytes in Q.
- * @param [in]  w   Winternitz width in bits.
- * @param [in]  ls  Left shift of checksum.
- * @param [out] qe  Expanded Q with checksum.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when Winternitz width is not supported.
- */
-static WC_INLINE int wc_lmots_q_expand(byte* q, word8 n, word8 w, word8 ls,
-    byte* qe)
-{
-    int ret = 0;
-    word16 sum;
-    unsigned int i;
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-    switch (w) {
-        /* Winternitz width of 8. */
-        case 8:
-            /* No expansion required, just copy. */
-            XMEMCPY(qe, q, n);
-            /* Start sum with all 2^w - 1s and subtract from that. */
-            sum = 0xff * n;
-            /* For each byte of the hash. */
-            for (i = 0; i < n; i++) {
-                /* Subtract coefficient from sum. */
-                sum -= q[i];
-            }
-            /* Put coefficients of checksum on the end. */
-            qe[n + 0] = (word8)(sum >> 8);
-            qe[n + 1] = (word8)(sum     );
-            break;
-        /* Winternitz width of 4. */
-        case 4:
-            sum = 2 * 0xf * n;
-            /* For each byte of the hash. */
-            for (i = 0; i < n; i++) {
-                /* Get coefficient. */
-                qe[0] = (q[i] >> 4)      ;
-                qe[1] = (q[i]     ) & 0xf;
-                /* Subtract coefficients from sum. */
-                sum -= qe[0];
-                sum -= qe[1];
-                /* Move to next coefficients. */
-                qe += 2;
-            }
-            /* Put coefficients of checksum on the end. */
-            qe[0] = (word8)((sum >> 8) & 0xf);
-            qe[1] = (word8)((sum >> 4) & 0xf);
-            qe[2] = (word8)((sum     ) & 0xf);
-            break;
-        /* Winternitz width of 2. */
-        case 2:
-            sum = 4 * 0x3 * n;
-            /* For each byte of the hash. */
-            for (i = 0; i < n; i++) {
-                /* Get coefficients. */
-                qe[0] = (q[i] >> 6)      ;
-                qe[1] = (q[i] >> 4) & 0x3;
-                qe[2] = (q[i] >> 2) & 0x3;
-                qe[3] = (q[i]     ) & 0x3;
-                /* Subtract coefficients from sum. */
-                sum -= qe[0];
-                sum -= qe[1];
-                sum -= qe[2];
-                sum -= qe[3];
-                /* Move to next coefficients. */
-                qe += 4;
-            }
-            /* Put coefficients of checksum on the end. */
-            qe[0] = (word8)((sum >>  8) & 0x3);
-            qe[1] = (word8)((sum >>  6) & 0x3);
-            qe[2] = (word8)((sum >>  4) & 0x3);
-            qe[3] = (word8)((sum >>  2) & 0x3);
-            qe[4] = (word8)((sum      ) & 0x3);
-            break;
-        /* Winternitz width of 1. */
-        case 1:
-            sum = 8 * 0x01 * n;
-            /* For each byte of the hash. */
-            for (i = 0; i < n; i++) {
-                /* Get coefficients. */
-                qe[0] = (q[i] >> 7)      ;
-                qe[1] = (q[i] >> 6) & 0x1;
-                qe[2] = (q[i] >> 5) & 0x1;
-                qe[3] = (q[i] >> 4) & 0x1;
-                qe[4] = (q[i] >> 3) & 0x1;
-                qe[5] = (q[i] >> 2) & 0x1;
-                qe[6] = (q[i] >> 1) & 0x1;
-                qe[7] = (q[i]     ) & 0x1;
-                /* Subtract coefficients from sum. */
-                sum -= qe[0];
-                sum -= qe[1];
-                sum -= qe[2];
-                sum -= qe[3];
-                sum -= qe[4];
-                sum -= qe[5];
-                sum -= qe[6];
-                sum -= qe[7];
-                /* Move to next coefficients. */
-                qe += 8;
-            }
-            /* Put coefficients of checksum on the end. */
-#ifdef WOLFSSL_LMS_SHA256_192
-            if (ls == 7)
-#endif
-            {
-                qe[0] = (word8)((sum >>  8)      );
-                qe++;
-            }
-            qe[0] = (word8)((sum >>  7) & 0x1);
-            qe[1] = (word8)((sum >>  6) & 0x1);
-            qe[2] = (word8)((sum >>  5) & 0x1);
-            qe[3] = (word8)((sum >>  4) & 0x1);
-            qe[4] = (word8)((sum >>  3) & 0x1);
-            qe[5] = (word8)((sum >>  2) & 0x1);
-            qe[6] = (word8)((sum >>  1) & 0x1);
-            qe[7] = (word8)((sum      ) & 0x1);
-            break;
-        default:
-            ret = BAD_FUNC_ARG;
-            break;
-    }
-
-    (void)ls;
-#else
-    int j;
-
-    if ((w != 8) && (w != 4) && (w != 2) && (w != 1)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Start sum with all 2^w - 1s and subtract from that. */
-        sum = (((word16)1 << w) - 1) * ((n * 8) / w);
-        /* For each byte of the hash. */
-        for (i = 0; i < n; i++) {
-            /* Get next byte. */
-            byte a = *(q++);
-            /* For each width bits of byte. */
-            for (j = 8 - w; j >= 0; j -= w) {
-                /* Get coefficient. */
-                *qe = a >> (8 - w);
-                /* Subtract coefficient from sum. */
-                sum -= *qe;
-                /* Move to next coefficient. */
-                qe++;
-                /* Remove width bits. */
-                a <<= w;
-            }
-        }
-        /* Shift sum up as required to pack it on the end of hash. */
-        sum <<= ls;
-        /* For each width bit of checksum. */
-        for (j = 16 - w; j >= ls; j--) {
-            /* Get coefficient. */
-            *(qe++) = sum >> (16 - w);
-            /* Remove width bits. */
-            sum <<= w;
-        }
-    }
-#endif /* !WOLFSSL_WC_LMS_SMALL */
-
-    return ret;
-}
-
-/* Calculate the hash for the message.
- *
- * Algorithm 3: Generating a One-Time Signature From a Private Key and a
- * Message
- *   ...
- *   5. Compute the array y as follows:
- *      Q = H(I || u32str(q) || u16str(D_MESG) || C || message)
- * Algorithm 4b: Computing a Public Key Candidate Kc from a Signature,
- * Message, Signature Typecode pubtype, and Identifiers I, q
- *   ...
- *   3. Compute the string Kc as follows:
- *      Q = H(I || u32str(q) || u16str(D_MESG) || C || message)
- *
- * @param [in, out]  state  LMS state.
- * @param [in]       msg    Message to hash.
- * @param [in]       msgSz  Length of message in bytes.
- * @param [in]       c      C or randomizer value.
- * @param [out]      q      Computed Q value.
- * @return  0 on success.
- */
-static int wc_lmots_msg_hash(LmsState* state, const byte* msg, word32 msgSz,
-    const byte* c, byte* q)
-{
-    int ret;
-    byte* buffer = state->buffer;
-    byte* ip = buffer + LMS_I_LEN + LMS_Q_LEN;
-
-    /* I || u32str(q) || u16str(D_MESG) */
-    c16toa(LMS_D_MESG, ip);
-    /* H(I || u32str(q) || u16str(D_MESG) || ...) */
-    ret = wc_lms_hash_first(&state->hash, buffer, LMS_MSG_PRE_LEN);
-    if (ret == 0) {
-        /* H(... || C || ...) */
-        ret = wc_lms_hash_update(&state->hash, c, state->params->hash_len);
-    }
-    if (ret == 0) {
-        /* H(... || message) */
-        ret = wc_lms_hash_update(&state->hash, msg, msgSz);
-    }
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((ret == 0) &&
-            ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192)) {
-        /* Q = H(...) */
-        ret = wc_lms_hash_sha256_192_final(&state->hash, q);
-    }
-    else
-#endif
-#ifndef WOLFSSL_NO_LMS_SHA256_256
-    if (ret == 0) {
-        /* Q = H(...) */
-        ret = wc_lms_hash_final(&state->hash, q);
-    }
-    else
-#endif
-    {
-        ret = NOT_COMPILED_IN;
-    }
-
-    return ret;
-}
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Compute array y, intermediates of public key calculation, for signature.
- *
- * Verification will perform the remaining iterations of hashing.
- *
- * Algorithm 3: Generating a One-Time Signature From a Private Key and a
- * Message
- *   ...
- *   5. Compute the array y as follows:
- *      Q = H(I || u32str(q) || u16str(D_MESG) || C || message)
- *      for ( i = 0; i < p; i = i + 1 ) {
- *        a = coef(Q || Cksm(Q), i, w)
- *        tmp = x[i]
- *        for ( j = 0; j < a; j = j + 1 ) {
- *          tmp = H(I || u32str(q) || u16str(i) || u8str(j) || tmp)
- *        }
- *        y[i] = tmp
- *      }
- * x[i] can be calculated on the fly using pseudo key generation in Appendix A.
- * Appendix A, The elements of the LM-OTS private keys are computed as:
- *   x_q[i] = H(I || u32str(q) || u16str(i) || u8str(0xff) || SEED).
- *
- * @param [in, out]  state  LMS state.
- * @param [in]       seed   Seed to hash.
- * @param [in]       msg    Message to sign.
- * @param [in]       msgSZ  Length of message in bytes.
- * @param [in]       c      C or randomizer value to hash.
- * @param [out]      y      Calculated intermediate hashes.
- * @return  0 on success.
- */
-static int wc_lmots_compute_y_from_seed(LmsState* state, const byte* seed,
-    const byte* msg, word32 msgSz, const byte* c, byte* y)
-{
-    const LmsParams* params = state->params;
-    int ret;
-    word16 i;
-    byte q[LMS_MAX_NODE_LEN + LMS_CKSM_LEN];
-#ifdef WOLFSSL_SMALL_STACK
-    byte* a = state->a;
-#else
-    byte a[LMS_MAX_P];
-#endif /* WOLFSSL_SMALL_STACK */
-    byte* buffer = state->buffer;
-    byte* ip = buffer + LMS_I_LEN + LMS_Q_LEN;
-    byte* jp = ip + LMS_P_LEN;
-    byte* tmp = jp + LMS_W_LEN;
-
-    /* Q = H(I || u32str(q) || u16str(D_MESG) || C || message) */
-    ret = wc_lmots_msg_hash(state, msg, msgSz, c, q);
-    if (ret == 0) {
-        /* Calculate checksum list all coefficients. */
-        ret = wc_lmots_q_expand(q, (word8)params->hash_len, params->width,
-            params->ls, a);
-    }
-#ifndef WC_LMS_FULL_HASH
-    if (ret == 0) {
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            /* Put in padding for final block. */
-            LMS_SHA256_SET_LEN_47(buffer);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            /* Put in padding for final block. */
-            LMS_SHA256_SET_LEN_55(buffer);
-        #endif
-        }
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    /* Compute y for each coefficient. */
-    for (i = 0; (ret == 0) && (i < params->p); i++) {
-        unsigned int j;
-
-        /* tmp = x[i]
-         *     = H(I || u32str(q) || u16str(i) || u8str(0xff) || SEED). */
-        c16toa(i, ip);
-        *jp = LMS_D_FIXED;
-#ifndef WC_LMS_FULL_HASH
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            XMEMCPY(tmp, seed, WC_SHA256_192_DIGEST_SIZE);
-            ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, tmp);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            XMEMCPY(tmp, seed, WC_SHA256_DIGEST_SIZE);
-            ret = wc_lms_hash_block(&state->hash, buffer, tmp);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#else
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            XMEMCPY(tmp, seed, WC_SHA256_192_DIGEST_SIZE);
-            ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), tmp);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            XMEMCPY(tmp, seed, WC_SHA256_DIGEST_SIZE);
-            ret = wc_lms_hash(&state->hash, buffer,
-                LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), tmp);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#endif /* !WC_LMS_FULL_HASH */
-
-        /* Apply the hash function coefficient number of times. */
-        for (j = 0; (ret == 0) && (j < a[i]); j++) {
-            /* I || u32str(q) || u16str(i) || u8str(j) || tmp */
-            *jp = j;
-            /* tmp = H(I || u32str(q) || u16str(i) || u8str(j) || tmp) */
-    #ifndef WC_LMS_FULL_HASH
-        #ifdef WOLFSSL_LMS_SHA256_192
-            if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-                ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, tmp);
-            }
-            else
-        #endif
-            {
-            #ifndef WOLFSSL_NO_LMS_SHA256_256
-                ret = wc_lms_hash_block(&state->hash, buffer, tmp);
-            #else
-                ret = NOT_COMPILED_IN;
-            #endif
-            }
-    #else
-        #ifdef WOLFSSL_LMS_SHA256_192
-            if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-                ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                    LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), tmp);
-            }
-            else
-        #endif
-            {
-            #ifndef WOLFSSL_NO_LMS_SHA256_256
-                ret = wc_lms_hash(&state->hash, buffer,
-                    LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), tmp);
-            #else
-                ret = NOT_COMPILED_IN;
-            #endif
-            }
-    #endif /* !WC_LMS_FULL_HASH */
-        }
-
-        if (ret == 0) {
-            /* y[i] = tmp */
-            XMEMCPY(y, tmp, params->hash_len);
-            y += params->hash_len;
-        }
-    }
-
-    return ret;
-}
-#endif /* !WOLFSSL_LMS_VERIFY_ONLY */
-
-/* Compute public key candidate K from signature.
- *
- * Signing performed the first coefficient number of iterations of hashing.
- *
- * Algorithm 4b: Computing a Public Key Candidate Kc from a Signature,
- * Message, Signature Typecode pubtype, and Identifiers I, q
- *   ...
- *   3. Compute the string Kc as follows:
- *      Q = H(I || u32str(q) || u16str(D_MESG) || C || message)
- *      for ( i = 0; i < p; i = i + 1 ) {
- *        a = coef(Q || Cksm(Q), i, w)
- *        tmp = y[i]
- *        for ( j = a; j < 2^w - 1; j = j + 1 ) {
- *          tmp = H(I || u32str(q) || u16str(i) || u8str(j) || tmp)
- *        }
- *        z[i] = tmp
- *      }
- *      Kc = H(I || u32str(q) || u16str(D_PBLC) ||
- *                                    z[0] || z[1] || ... || z[p-1])
- *   4, Return Kc.
- *
- * @param [in, out] state  LMS state.
- * @param [in]      msg    Message to compute Kc for.
- * @param [in]      msgSz  Length of message in bytes.
- * @param [in]      c      C or randomizer value from signature.
- * @param [in]      sig_y  Part of signature containing array y.
- * @param [out]     kc     Kc or public key candidate K.
- * @return  0 on success.
- */
-static int wc_lmots_compute_kc_from_sig(LmsState* state, const byte* msg,
-    word32 msgSz, const byte* c, const byte* sig_y, byte* kc)
-{
-    const LmsParams* params = state->params;
-    int ret;
-    word16 i;
-    byte q[LMS_MAX_NODE_LEN + LMS_CKSM_LEN];
-#ifdef WOLFSSL_SMALL_STACK
-    byte* a = state->a;
-#else
-    byte a[LMS_MAX_P];
-#endif /* WOLFSSL_SMALL_STACK */
-    byte* buffer = state->buffer;
-    byte* ip = buffer + LMS_I_LEN + LMS_Q_LEN;
-    byte* jp = ip + LMS_P_LEN;
-    byte* tmp = jp + LMS_W_LEN;
-    unsigned int max = ((unsigned int)1 << params->width) - 1;
-
-    /* I || u32str(q) || u16str(D_PBLC). */
-    c16toa(LMS_D_PBLC, ip);
-    /* H(I || u32str(q) || u16str(D_PBLC) || ...). */
-    ret = wc_lms_hash_first(&state->hash_k, buffer, LMS_K_PRE_LEN);
-    if (ret == 0) {
-        /* Q = H(I || u32str(q) || u16str(D_MESG) || C || message) */
-        ret = wc_lmots_msg_hash(state, msg, msgSz, c, q);
-    }
-    if (ret == 0) {
-        /* Calculate checksum list all coefficients. */
-        ret = wc_lmots_q_expand(q, (word8)params->hash_len, params->width,
-            params->ls, a);
-    }
-#ifndef WC_LMS_FULL_HASH
-    if (ret == 0) {
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            /* Put in padding for final block. */
-            LMS_SHA256_SET_LEN_47(buffer);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            /* Put in padding for final block. */
-            LMS_SHA256_SET_LEN_55(buffer);
-        #endif
-        }
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    /* Compute z for each coefficient. */
-    for (i = 0; (ret == 0) && (i < params->p); i++) {
-        unsigned int j;
-
-        /* I || u32(str) || u16str(i) || ... */
-        c16toa(i, ip);
-
-        /* tmp = y[i].
-         * I || u32(str) || u16str(i) || ... || tmp */
-        XMEMCPY(tmp, sig_y, params->hash_len);
-        sig_y += params->hash_len;
-
-        /* Finish iterations of hash from coefficient to max. */
-        for (j = a[i]; (ret == 0) && (j < max); j++) {
-            /* I || u32str(q) || u16str(i) || u8str(j) || tmp */
-            *jp = (word8)j;
-            /* tmp = H(I || u32str(q) || u16str(i) || u8str(j) || tmp) */
-    #ifndef WC_LMS_FULL_HASH
-        #ifdef WOLFSSL_LMS_SHA256_192
-            if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-                ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, tmp);
-            }
-            else
-        #endif
-            {
-            #ifndef WOLFSSL_NO_LMS_SHA256_256
-                ret = wc_lms_hash_block(&state->hash, buffer, tmp);
-            #else
-                ret = NOT_COMPILED_IN;
-            #endif
-            }
-            /* Apply the hash function coefficient number of times. */
-    #else
-        #ifdef WOLFSSL_LMS_SHA256_192
-            if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-                ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                    LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), tmp);
-            }
-            else
-        #endif
-            {
-            #ifndef WOLFSSL_NO_LMS_SHA256_256
-                ret = wc_lms_hash(&state->hash, buffer,
-                    LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), tmp);
-            #else
-                ret = NOT_COMPILED_IN;
-            #endif
-            }
-    #endif /* !WC_LMS_FULL_HASH */
-        }
-
-        if (ret == 0) {
-            /* H(... || z[i] || ...) (for calculating Kc). */
-            ret = wc_lms_hash_update(&state->hash_k, tmp, params->hash_len);
-        }
-    }
-
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((ret == 0) &&
-            ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192)) {
-        /* Kc = H(...) */
-        ret = wc_lms_hash_sha256_192_final(&state->hash_k, kc);
-    }
-    else
-#endif
-    if (ret == 0) {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* Kc = H(...) */
-        ret = wc_lms_hash_final(&state->hash_k, kc);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-
-    return ret;
-}
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Generate LM-OTS public key.
- *
- * Caller set: state->buffer = I || u32str(q)
- *
- * Algorithm 1: Generating a One-Time Signature Public Key From a Private Key
- *   ...
- *   4. Compute the string K as follows:
- *      for ( i = 0; i < p; i = i + 1 ) {
- *        tmp = x[i]
- *        for ( j = 0; j < 2^w - 1; j = j + 1 ) {
- *          tmp = H(I || u32str(q) || u16str(i) || u8str(j) || tmp)
- *        }
- *        y[i] = tmp
- *      }
- *      K = H(I || u32str(q) || u16str(D_PBLC) || y[0] || ... || y[p-1])
- *   ...
- * x[i] can be calculated on the fly using pseudo key generation in Appendix A.
- * Appendix A, The elements of the LM-OTS private keys are computed as:
- *   x_q[i] = H(I || u32str(q) || u16str(i) || u8str(0xff) || SEED).
- *
- * @param [in, out]  state   LMS state.
- * @param [in]       seed    Seed to hash.
- * @param [out]      k       K, the public key hash, or OTS_PUB_HASH
- */
-static int wc_lmots_make_public_hash(LmsState* state, const byte* seed, byte* k)
-{
-    const LmsParams* params = state->params;
-    int ret;
-    word16 i;
-    byte* buffer = state->buffer;
-    byte* ip = buffer + LMS_I_LEN + LMS_Q_LEN;
-    byte* jp = ip + LMS_P_LEN;
-    byte* tmp = jp + LMS_W_LEN;
-    unsigned int max = ((unsigned int)1 << params->width) - 1;
-
-    /* I || u32str(q) || u16str(D_PBLC). */
-    c16toa(LMS_D_PBLC, ip);
-    /* K = H(I || u32str(q) || u16str(D_PBLC) || ...) */
-    ret = wc_lms_hash_first(&state->hash_k, buffer, LMS_K_PRE_LEN);
-
-#ifndef WC_LMS_FULL_HASH
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        /* Put in padding for final block. */
-        LMS_SHA256_SET_LEN_47(buffer);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* Put in padding for final block. */
-        LMS_SHA256_SET_LEN_55(buffer);
-    #endif
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    for (i = 0; (ret == 0) && (i < params->p); i++) {
-        unsigned int j;
-
-        /* tmp = x[i]
-         *     = H(I || u32str(q) || u16str(i) || u8str(0xff) || SEED). */
-        c16toa(i, ip);
-        *jp = LMS_D_FIXED;
-#ifndef WC_LMS_FULL_HASH
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            XMEMCPY(tmp, seed, WC_SHA256_192_DIGEST_SIZE);
-            ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, tmp);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            XMEMCPY(tmp, seed, WC_SHA256_DIGEST_SIZE);
-            ret = wc_lms_hash_block(&state->hash, buffer, tmp);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#else
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            XMEMCPY(tmp, seed, WC_SHA256_192_DIGEST_SIZE);
-            ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), tmp);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            XMEMCPY(tmp, seed, WC_SHA256_DIGEST_SIZE);
-            ret = wc_lms_hash(&state->hash, buffer,
-                LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), tmp);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#endif /* !WC_LMS_FULL_HASH */
-        /* Do all iterations to calculate y. */
-        for (j = 0; (ret == 0) && (j < max); j++) {
-            /* I || u32str(q) || u16str(i) || u8str(j) || tmp */
-            *jp = (word8)j;
-            /* tmp = H(I || u32str(q) || u16str(i) || u8str(j) || tmp) */
-    #ifndef WC_LMS_FULL_HASH
-        #ifdef WOLFSSL_LMS_SHA256_192
-            if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-                ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, tmp);
-            }
-            else
-        #endif
-            {
-            #ifndef WOLFSSL_NO_LMS_SHA256_256
-                ret = wc_lms_hash_block(&state->hash, buffer, tmp);
-            #else
-                ret = NOT_COMPILED_IN;
-            #endif
-            }
-    #else
-        #ifdef WOLFSSL_LMS_SHA256_192
-            if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-                ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                    LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), tmp);
-            }
-            else
-        #endif
-            {
-            #ifndef WOLFSSL_NO_LMS_SHA256_256
-                ret = wc_lms_hash(&state->hash, buffer,
-                    LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), tmp);
-            #else
-                ret = NOT_COMPILED_IN;
-            #endif
-            }
-    #endif /* !WC_LMS_FULL_HASH */
-        }
-        if (ret == 0) {
-            /* K = H(... || y[i] || ...) */
-            ret = wc_lms_hash_update(&state->hash_k, tmp, params->hash_len);
-        }
-    }
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((ret == 0) && ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192)) {
-        /* K = H(I || u32str(q) || u16str(D_PBLC) || y[0] || ... || y[p-1]) */
-        ret = wc_lms_hash_sha256_192_final(&state->hash_k, k);
-    }
-    else
-#endif
-    if (ret == 0) {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* K = H(I || u32str(q) || u16str(D_PBLC) || y[0] || ... || y[p-1]) */
-        ret = wc_lms_hash_final(&state->hash_k, k);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-
-    return ret;
-}
-
-/* Encode the LM-OTS public key.
- *
- * Encoded into public key and signature if more than one level.
- * T[1] is already in place. Putting in: type, ostype and I.
- *
- * Section 4.3:
- *   u32str(type) || u32str(otstype) || I || T[1]
- *
- * @param [in]  params  LMS parameters.
- * @param [in]  priv    LMS private ley.
- * @param [out] pub     LMS public key.
- */
-static void wc_lmots_public_key_encode(const LmsParams* params,
-    const byte* priv, byte* pub)
-{
-    const byte* priv_i = priv + LMS_Q_LEN + params->hash_len;
-
-    /* u32str(type) || ... || T(1) */
-    c32toa(params->lmsType & LMS_H_W_MASK, pub);
-    pub += 4;
-    /* u32str(type) || u32str(otstype) || ... || T(1) */
-    c32toa(params->lmOtsType & LMS_H_W_MASK, pub);
-    pub += 4;
-    /* u32str(type) || u32str(otstype) || I || T(1) */
-    XMEMCPY(pub, priv_i, LMS_I_LEN);
-}
-#endif /* !WOLFSSL_LMS_VERIFY_ONLY */
-
-/* Check the public key matches the parameters.
- *
- * @param [in] params  LMS parameters.
- * @param [in] pub     Public key.
- * @return  0 on success.
- * @return  PUBLIC_KEY_E when LMS or LM-OTS type doesn't match.
- */
-static int wc_lmots_public_key_check(const LmsParams* params, const byte* pub)
-{
-    int ret = 0;
-    word32 type;
-
-    /* Get message hash and height type. */
-    ato32(pub, &type);
-    pub += 4;
-    /* Compare with parameters. */
-    if (type != (params->lmsType & LMS_H_W_MASK)) {
-        ret = PUBLIC_KEY_E;
-    }
-    if (ret == 0) {
-        /* Get node hash and Winternitz width type. */
-        ato32(pub, &type);
-        /* Compare with parameters. */
-        if (type != (params->lmOtsType & LMS_H_W_MASK)) {
-            ret = PUBLIC_KEY_E;
-        }
-    }
-
-    return ret;
-}
-
-/* Calculate public key candidate K from signature.
- *
- * Algorithm 4b: Computing a Public Key Candidate Kc from a Signature,
- * Message, Signature Typecode pubtype, and Identifiers I, q
- *   ...
- *   2. Parse sigtype, C, and y from the signature as follows:
- *      a. sigtype = strTou32(first 4 bytes of signature)
- *      b. If sigtype is not equal to pubtype, return INVALID.
- *      ...
- *      d. C = next n bytes of signature
- *      e.   y[0] = next n bytes of signature
- *           y[1] = next n bytes of signature
- *           ...
- *         y[p-1] = next n bytes of signature
- *   3. Compute the string Kc as follows:
- *   ...
- *
- * @param [in, out] state  LMS state.
- * @param [in]      pub    LMS public key.
- * @param [in]      msg    Message/next private key to verify.
- * @param [in]      msgSz  Length of message in bytes.
- * @param [in]      sig    Signature including type, C and y[0..p-1].
- * @param [out]     kc     Public key candidate Kc.
- */
-static int wc_lmots_calc_kc(LmsState* state, const byte* pub, const byte* msg,
-    word32 msgSz, const byte* sig, byte* kc)
-{
-    int ret = 0;
-
-    /* Check signature type. */
-    if (XMEMCMP(pub, sig, LMS_TYPE_LEN) != 0) {
-        ret = SIG_TYPE_E;
-    }
-    if (ret == 0) {
-        /* Get C or randomizer value from signature. */
-        const byte* c = sig + LMS_TYPE_LEN;
-        /* Get array y from signature. */
-        const byte* y = c + state->params->hash_len;
-
-        /* Compute the public key candidate Kc from the signature. */
-        ret = wc_lmots_compute_kc_from_sig(state, msg, msgSz, c, y, kc);
-    }
-
-    return ret;
-}
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Generate LM-OTS private key.
- *
- * Algorithm 5: Computing an LMS Private Key
- * But use Appendix A to generate x on the fly.
- *   PRIV = SEED | I
- *
- * @param [in]  rng       Random number generator.
- * @param [in]  seed_len  Length of seed to generate.
- * @param [out] priv      Private key data.
- */
-static int wc_lmots_make_private_key(WC_RNG* rng, word16 seed_len, byte* priv)
-{
-    return wc_RNG_GenerateBlock(rng, priv, seed_len + LMS_I_LEN);
-}
-
-/* Generate LM-OTS signature.
- *
- * Algorithm 3: Generating a One-Time Signature From a Private Key and a
- * Message
- *   ...
- *   4. Set C to a uniformly random n-byte string
- *   5. Compute the array y as follows:
- *      ...
- *   6. Return u32str(type) || C || y[0] || ... || y[p-1]
- *
- * @param [in, out] state  LMS state.
- * @param [in]      seed   Private key seed.
- * @param [in]      msg    Message to be signed.
- * @param [in]      msgSz  Length of message in bytes.
- * @param [out]     sig    Signature buffer.
- * @return  0 on success.
- */
-static int wc_lmots_sign(LmsState* state, const byte* seed, const byte* msg,
-    word32 msgSz, byte* sig)
-{
-    int ret;
-    byte* buffer = state->buffer;
-    byte* ip = buffer + LMS_I_LEN + LMS_Q_LEN;
-    byte* jp = ip + LMS_P_LEN;
-    byte* tmp = jp + LMS_W_LEN;
-    byte* sig_c = sig;
-
-    /* I || u32str(q) || u16str(0xFFFD) || ... */
-    c16toa(LMS_D_C, ip);
-    /* I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || ... */
-    *jp = LMS_D_FIXED;
-#ifndef WC_LMS_FULL_HASH
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        /* I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED */
-        XMEMCPY(tmp, seed, WC_SHA256_192_DIGEST_SIZE);
-        /* C = H(I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED)
-         * sig = u32str(type) || C || ... */
-        /* Put in padding for final block. */
-        LMS_SHA256_SET_LEN_47(buffer);
-        ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, sig_c);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED */
-        XMEMCPY(tmp, seed, WC_SHA256_DIGEST_SIZE);
-        /* C = H(I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED)
-         * sig = u32str(type) || C || ... */
-        /* Put in padding for final block. */
-        LMS_SHA256_SET_LEN_55(buffer);
-        ret = wc_lms_hash_block(&state->hash, buffer, sig_c);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-#else
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        /* I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED */
-        XMEMCPY(tmp, seed, WC_SHA256_192_DIGEST_SIZE);
-        /* C = H(I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED)
-         * sig = u32str(type) || C || ... */
-        ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-            LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), sig_c);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED */
-        XMEMCPY(tmp, seed, WC_SHA256_DIGEST_SIZE);
-        /* C = H(I || u32str(q) || u16str(0xFFFD) || u8str(0xFF) || SEED)
-         * sig = u32str(type) || C || ... */
-        ret = wc_lms_hash(&state->hash, buffer,
-            LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), sig_c);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    if (ret == 0) {
-        byte* sig_y = sig_c + state->params->hash_len;
-
-        /* Compute array y.
-         * sig = u32str(type) || C || y[0] || ... || y[p-1] */
-        ret = wc_lmots_compute_y_from_seed(state, seed, msg, msgSz, sig_c,
-            sig_y);
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_LMS_VERIFY_ONLY */
-
-/***************************************
- * LMS APIs
- **************************************/
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-#ifndef WOLFSSL_WC_LMS_SMALL
-/* Load the LMS private state from data.
- *
- * @param [in]  params     LMS parameters.
- * @param [out] state      Private key state.
- * @param [in]  priv_data  Private key data.
- */
-static void wc_lms_priv_state_load(const LmsParams* params, LmsPrivState* state,
-    byte* priv_data)
-{
-    /* Authentication path data. */
-    state->auth_path = priv_data;
-    priv_data += params->height * params->hash_len;
-
-    /* Stack of nodes. */
-    state->stack.stack = priv_data;
-    priv_data += (params->height + 1) * params->hash_len;
-    ato32(priv_data, &state->stack.offset);
-    priv_data += 4;
-
-    /* Cached root nodes. */
-    state->root = priv_data;
-    priv_data += LMS_ROOT_CACHE_LEN(params->rootLevels, params->hash_len);
-
-    /* Cached leaf nodes. */
-    state->leaf.cache = priv_data;
-    priv_data += LMS_LEAF_CACHE_LEN(params->cacheBits, params->hash_len);
-    ato32(priv_data, &state->leaf.idx);
-    priv_data += 4;
-    ato32(priv_data, &state->leaf.offset);
-    /* priv_data += 4; */
-}
-
-/* Store the LMS private state into data.
- *
- * @param [in]      params     LMS parameters.
- * @param [in]      state      Private key state.
- * @param [in, out] priv_data  Private key data.
- */
-static void wc_lms_priv_state_store(const LmsParams* params,
-    LmsPrivState* state, byte* priv_data)
-{
-    /* Authentication path data. */
-    priv_data += params->height * params->hash_len;
-
-    /* Stack of nodes. */
-    priv_data += (params->height + 1) * params->hash_len;
-    c32toa(state->stack.offset, priv_data);
-    priv_data += 4;
-
-    /* Cached root nodes. */
-    priv_data += LMS_ROOT_CACHE_LEN(params->rootLevels, params->hash_len);
-
-    /* Cached leaf nodes. */
-    priv_data += LMS_LEAF_CACHE_LEN(params->cacheBits, params->hash_len);
-    c32toa(state->leaf.idx, priv_data);
-    priv_data += 4;
-    c32toa(state->leaf.offset, priv_data);
-    /* priv_data += 4; */
-}
-
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-/* Copy LMS private key state.
- *
- * @param [in]  params  LMS parameters.
- * @param [out] dst     LMS private state destination.
- * @param [in]  src     LMS private state source.
- */
-static void wc_lms_priv_state_copy(const LmsParams* params,
-    LmsPrivState* dst, const LmsPrivState* src)
-{
-    XMEMCPY(dst->auth_path, src->auth_path, LMS_PRIV_STATE_LEN(params->height,
-        params->rootLevels, params->cacheBits, params->hash_len));
-    dst->stack.offset = src->stack.offset;
-    dst->leaf.idx = src->leaf.idx;
-    dst->leaf.offset = src->leaf.offset;
-}
-#endif /* !WOLFSSL_LMS_NO_SIGN_SMOOTHING */
-#endif /* !WOLFSSL_WC_LMS_SMALL */
-
-/* Calculate the leaf node hash.
- *
- * Assumes buffer already contains : I
- *
- * Appendix C.
- *   ...
- *     temp = H(I || u32str(r)|| u16str(D_LEAF) || OTS_PUB_HASH[i])
- *   ...
- * Section 5.3. LMS Public Key
- *                                        ... where we denote the public
- *   key final hash value (namely, the K value computed in Algorithm 1)
- *   associated with the i-th LM-OTS private key as OTS_PUB_HASH[i], ...
- * Algorithm 1: Generating a One-Time Signature Public Key From a
- * Private Key
- *   ...
- *   K = H(I || u32str(q) || u16str(D_PBLC) || y[0] || ... || y[p-1])
- *   ...
- * Therefore:
- *   OTS_PUB_HASH[i] = H(I || u32str(i) || u16str(D_PBLC) ||
- *                       y[0] || ... || y[p-1])
- *
- * @param [in, out] state  LMS state.
- * @param [in]      seed   Private seed to generate x.
- * @param [in]      i      Index of leaf.
- * @param [in]      r      Leaf hash index.
- * @param [out]     leaf   Leaf node hash.
- */
-static int wc_lms_leaf_hash(LmsState* state, const byte* seed, word32 i,
-    word32 r, byte* leaf)
-{
-    int ret;
-    byte* buffer = state->buffer;
-    byte* rp = buffer + LMS_I_LEN;
-    byte* dp = rp + LMS_R_LEN;
-    byte* ots_pub_hash = dp + LMS_D_LEN;
-
-    /* I || u32str(i) || ... */
-    c32toa(i, rp);
-    /* OTS_PUB_HASH[i] = H(I || u32str(i) || u16str(D_PBLC) ||
-     *                     y[0] || ... || y[p-1])
-     */
-    ret = wc_lmots_make_public_hash(state, seed, ots_pub_hash);
-    if (ret == 0) {
-        /* I || u32str(r) || ... || OTS_PUB_HASH[i] */
-        c32toa(r, rp);
-        /* I || u32str(r) || u16str(D_LEAF) || OTS_PUB_HASH[i] */
-        c16toa(LMS_D_LEAF, dp);
-        /* temp = H(I || u32str(r) || u16str(D_LEAF) || OTS_PUB_HASH[i]) */
-#ifndef WC_LMS_FULL_HASH
-        /* Put in padding for final block. */
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            LMS_SHA256_SET_LEN_46(buffer);
-            ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, leaf);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            LMS_SHA256_SET_LEN_54(buffer);
-            ret = wc_lms_hash_block(&state->hash, buffer, leaf);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#else
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                LMS_SEED_HASH_LEN(WC_SHA256_192_DIGEST_SIZE), leaf);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            ret = wc_lms_hash(&state->hash, buffer,
-                LMS_SEED_HASH_LEN(WC_SHA256_DIGEST_SIZE), leaf);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#endif /* !WC_LMS_FULL_HASH */
-    }
-
-    return ret;
-}
-
-/* Calculate interior node hash.
- *
- * Appendix C. n Iterative Algorithm for Computing an LMS Public Key
- * Generating an LMS Public Key from an LMS Private Key
- *   ...
- *   left_side = pop(data stack);
- *   temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp)
- *   ...
- * Popping the stack is done in the caller.
- *
- * @param [in, out] state  LMS state.
- * @param [in]      sp     Stack pointer to left nodes.
- * @param [in]      r      Node hash index.
- * @param [out]     node   Interior node hash.
- */
-static int wc_lms_interior_hash(LmsState* state, byte* sp, word32 r,
-    byte* node)
-{
-    int ret;
-    byte* buffer = state->buffer;
-    byte* rp = buffer + LMS_I_LEN;
-    byte* left = rp + LMS_R_LEN + LMS_D_LEN;
-
-    /* I || u32str(r) || u16str(D_INTR) || ... || temp */
-    c32toa(r, rp);
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        /* left_side = pop(data stack)
-         * I || u32str(r) || u16str(D_INTR) || left_side || temp */
-        XMEMCPY(left, sp, WC_SHA256_192_DIGEST_SIZE);
-        /* temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp) */
-        ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-            LMS_NODE_HASH_LEN(WC_SHA256_192_DIGEST_SIZE), node);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* left_side = pop(data stack)
-         * I || u32str(r) || u16str(D_INTR) || left_side || temp */
-        XMEMCPY(left, sp, WC_SHA256_DIGEST_SIZE);
-        /* temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp) */
-        ret = wc_lms_hash(&state->hash, buffer,
-            LMS_NODE_HASH_LEN(WC_SHA256_DIGEST_SIZE), node);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-
-    return ret;
-}
-
-#ifdef WOLFSSL_WC_LMS_SMALL
-/* Computes hash of the Merkle tree and gets the authentication path for q.
- *
- * Appendix C: An Iterative Algorithm for Computing an LMS Public Key
- *    for ( i = 0; i < 2^h; i = i + 1 ) {
- *      r = i + num_lmots_keys;
- *      temp = H(I || u32str(r) || u16str(D_LEAF) || OTS_PUB_HASH[i])
- *      j = i;
- *      while (j % 2 == 1) {
- *        r = (r - 1)/2;
- *        j = (j-1) / 2;
- *        left_side = pop(data stack);
- *        temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp)
- *      }
- *      push temp onto the data stack
- *   }
- *   public_key = pop(data stack)
- *
- * @param [in, out] state      LMS state.
- * @param [in]      id         Unique tree identifier, I.
- * @param [in]      seed       Private seed to generate x.
- * @param [in]      max        Count of leaf nodes to calculate. Must be greater
- *                             than q. Must be a power of 2.
- * @param [in]      q          Index for authentication path.
- * @param [out]     auth_path  Authentication path for index.
- * @param [out]     pub        LMS public key.
- * @param [out]     stack_d    Where to store stack data.
- * @return  0 on success.
- */
-static int wc_lms_treehash(LmsState* state, const byte* id, const byte* seed,
-    word32 q, byte* auth_path, byte* pub)
-{
-    int ret = 0;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    byte* rp = buffer + LMS_I_LEN;
-    byte* dp = rp + LMS_R_LEN;
-    byte* left = dp + LMS_D_LEN;
-    byte* temp = left + params->hash_len;
-    WC_DECLARE_VAR(stack, byte, (LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN, 0);
-    byte* sp;
-    word32 i;
-
-    /* I || ... */
-    XMEMCPY(buffer, id, LMS_I_LEN);
-
-    /* Allocate stack of left side hashes. */
-    WC_ALLOC_VAR_EX(stack, byte, (params->height+1)*params->hash_len, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E);
-    sp = stack;
-
-    /* Compute all nodes requested. */
-    for (i = 0; (ret == 0) && (i < ((word32)1 << params->height)); i++) {
-        word32 j = i;
-        word16 h = 0;
-        /* r = i + num_lmots_keys */
-        word32 r = i + ((word32)1 << (params->height));
-
-        /* Calculate leaf node hash. */
-        ret = wc_lms_leaf_hash(state, seed, i, r, temp);
-
-        /* Store the node if on the authentication path. */
-        if ((ret == 0) && (auth_path != NULL) && ((q ^ 0x1) == i)) {
-            XMEMCPY(auth_path, temp, params->hash_len);
-        }
-
-        /* I || ... || u16str(D_INTR) || ... || temp */
-        c16toa(LMS_D_INTR, dp);
-        /* Calculate parent node is we have both left and right. */
-        while ((ret == 0) && ((j & 0x1) == 1)) {
-            /* Get parent node index. r and j are odd. */
-            r >>= 1;
-            j >>= 1;
-            h++;
-
-            /* Calculate interior node hash.
-             * temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp)
-             */
-            sp -= params->hash_len;
-            ret = wc_lms_interior_hash(state, sp, r, temp);
-
-            /* Copy out node to authentication path if on path. */
-            if ((ret == 0) && (auth_path != NULL) && ((q >> h) ^ 0x1) == j) {
-                XMEMCPY(auth_path + h * params->hash_len, temp,
-                    params->hash_len);
-            }
-        }
-        /* Push temp onto the data stack. */
-        XMEMCPY(sp, temp, params->hash_len);
-        sp += params->hash_len;
-    }
-
-    if ((ret == 0) && (pub != NULL)) {
-        /* Public key, root node, is top of data stack. */
-        XMEMCPY(pub, stack, params->hash_len);
-    }
-    WC_FREE_VAR_EX(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return ret;
-}
-
-/* Compute the LMS public key - root node of tree.
- *
- * @param [in, out] state  LMS state.
- * @param [in]      id     Unique tree identifier, I.
- * @param [in]      seed   Private seed to generate x.
- * @param [out]     pub    LMS public key.
- * @return  0 on success.
- */
-static int wc_lms_make_public_key(LmsState* state, const byte* id,
-    const byte* seed, byte* pub)
-{
-    return wc_lms_treehash(state, id, seed, 0, NULL, pub);
-}
-
-/* Calculate the authentication path.
- *
- * @param [in, out] state  LMS state.
- * @param [in]      id     Public random: I.
- * @param [in]      seed   Private random: SEED.
- * @param [in]      q      Index of leaf.
- * @param [out]     sig    Signature buffer to place authentication path into.
- * @param [out]     root   Root node of tree.
- * @return  0 on success.
- */
-static int wc_lms_auth_path(LmsState* state, const byte* id, const byte* seed,
-    word32 q, byte* sig, byte* root)
-{
-    return wc_lms_treehash(state, id, seed, q, sig, root);
-}
-#else
-/* Computes hash of the Merkle tree and gets the authentication path for q.
- *
- * Appendix C: An Iterative Algorithm for Computing an LMS Public Key
- *    for ( i = 0; i < 2^h; i = i + 1 ) {
- *      r = i + num_lmots_keys;
- *      temp = H(I || u32str(r) || u16str(D_LEAF) || OTS_PUB_HASH[i])
- *      j = i;
- *      while (j % 2 == 1) {
- *        r = (r - 1)/2;
- *        j = (j-1) / 2;
- *        left_side = pop(data stack);
- *        temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp)
- *      }
- *      push temp onto the data stack
- *   }
- *   public_key = pop(data stack)
- *
- * @param [in, out] state      LMS state.
- * @param [in, out] privState  LMS state of the private key.
- * @param [in]      id         Unique tree identifier, I.
- * @param [in]      seed       Private seed to generate x.
- * @param [in]      q          Index for authentication path.
- * @return  0 on success.
- */
-static int wc_lms_treehash_init(LmsState* state, LmsPrivState* privState,
-    const byte* id, const byte* seed, word32 q)
-{
-    int ret = 0;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    byte* auth_path = privState->auth_path;
-    byte* root = privState->root;
-    HssLeafCache* leaf = &privState->leaf;
-    byte* rp = buffer + LMS_I_LEN;
-    byte* dp = rp + LMS_R_LEN;
-    byte* left = dp + LMS_D_LEN;
-    byte* temp = left + params->hash_len;
-    WC_DECLARE_VAR(stack, byte, (LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN, 0);
-    word32 spi = 0;
-    word32 i;
-    word32 max_h = (word32)1 << params->height;
-    word32 max_cb = (word32)1 << params->cacheBits;
-
-    privState->stack.offset = 0;
-    /* Reset the cached stack. */
-    leaf->offset = 0;
-    leaf->idx = q;
-    if ((q + max_cb) > max_h) {
-        leaf->idx = max_h - max_cb;
-    }
-
-    /* I || ... */
-    XMEMCPY(buffer, id, LMS_I_LEN);
-
-    /* Allocate stack of left side hashes. */
-    WC_ALLOC_VAR_EX(stack, byte, (params->height+1)*params->hash_len, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E);
-
-    /* Compute all nodes requested. */
-    for (i = 0; (ret == 0) && (i < max_h); i++) {
-        word32 j = i;
-        word16 h = 0;
-        /* r = i + num_lmots_keys */
-        word32 r = i + max_h;
-
-        /* Calculate leaf node hash. */
-        ret = wc_lms_leaf_hash(state, seed, i, r, temp);
-
-        /* Cache leaf node if in range. */
-        if ((ret == 0) && (i >= leaf->idx) && (i < leaf->idx + max_cb)) {
-            XMEMCPY(leaf->cache + i * params->hash_len, temp, params->hash_len);
-        }
-
-        /* Store the node if on the authentication path. */
-        if ((ret == 0) && (auth_path != NULL) && ((q ^ 0x1) == i)) {
-            XMEMCPY(auth_path, temp, params->hash_len);
-        }
-
-        /* I || ... || u16str(D_INTR) || ... || temp */
-        c16toa(LMS_D_INTR, dp);
-        /* Calculate parent node is we have both left and right. */
-        while ((ret == 0) && ((j & 0x1) == 1)) {
-            /* Get parent node index. r and j are odd. */
-            r >>= 1;
-            j >>= 1;
-            h++;
-
-            /* Calculate interior node hash.
-             * temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp)
-             */
-            spi -= params->hash_len;
-            ret = wc_lms_interior_hash(state, stack + spi, r, temp);
-
-            /* Copy out top root nodes. */
-            if ((h > params->height - params->rootLevels) &&
-                    ((i >> (h-1)) != ((i + 1) >> (h - 1)))) {
-                int off = ((int)1 << (params->height - h)) + (i >> h) - 1;
-                XMEMCPY(root + off * params->hash_len, temp, params->hash_len);
-            }
-
-            /* Copy out node to authentication path if on path. */
-            if ((ret == 0) && (auth_path != NULL) && ((q >> h) ^ 0x1) == j) {
-                XMEMCPY(auth_path + h * params->hash_len, temp,
-                    params->hash_len);
-            }
-        }
-        /* Push temp onto the data stack. */
-        XMEMCPY(stack + spi, temp, params->hash_len);
-        spi += params->hash_len;
-
-        if (i == q - 1) {
-            XMEMCPY(privState->stack.stack, stack, spi);
-            privState->stack.offset = spi;
-        }
-    }
-
-    WC_FREE_VAR_EX(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return ret;
-}
-
-/* Computes hash of the Merkle tree and gets the authentication path for q.
- *
- * Appendix C: An Iterative Algorithm for Computing an LMS Public Key
- *    for ( i = 0; i < 2^h; i = i + 1 ) {
- *      r = i + num_lmots_keys;
- *      temp = H(I || u32str(r) || u16str(D_LEAF) || OTS_PUB_HASH[i])
- *      j = i;
- *      while (j % 2 == 1) {
- *        r = (r - 1)/2;
- *        j = (j-1) / 2;
- *        left_side = pop(data stack);
- *        temp = H(I || u32str(r) || u16str(D_INTR) || left_side || temp)
- *      }
- *      push temp onto the data stack
- *   }
- *   public_key = pop(data stack)
- *
- * @param [in, out] state       LMS state.
- * @param [in, out] privState   LMS state of the private key.
- * @param [in]      id          Unique tree identifier, I.
- * @param [in]      seed        Private seed to generate x.
- * @param [in]      min_idx     Minimum leaf index to process.
- * @param [in]      max_idx     Maximum leaf index to process.
- * @param [in]      q           Index for authentication path.
- * @param [in]      useRoot     Whether to use nodes from root cache.
- * @return  0 on success.
- */
-static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState,
-    const byte* id, const byte* seed, word32 min_idx, word32 max_idx, word32 q,
-    int useRoot)
-{
-    int ret = 0;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    byte* auth_path = privState->auth_path;
-    LmsStack* stackCache = &privState->stack;
-    HssLeafCache* leaf = &privState->leaf;
-    byte* rp = buffer + LMS_I_LEN;
-    byte* dp = rp + LMS_R_LEN;
-    byte* left = dp + LMS_D_LEN;
-    byte* temp = left + params->hash_len;
-    WC_DECLARE_VAR(stack, byte, (LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN, 0);
-    byte* sp;
-    word32 max_cb = (word32)1 << params->cacheBits;
-    word32 i;
-
-    /* I || ... */
-    XMEMCPY(buffer, id, LMS_I_LEN);
-
-    /* Allocate stack of left side hashes. */
-    WC_ALLOC_VAR_EX(stack, byte, (params->height+1)*params->hash_len, NULL,
-        DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E);
-
-    /* Public key, root node, is top of data stack. */
-    if (ret == 0) {
-        XMEMCPY(stack, stackCache->stack, params->height * params->hash_len);
-        sp = stack + stackCache->offset;
-    }
-
-    /* Compute all nodes requested. */
-    for (i = min_idx; (ret == 0) && (i <= max_idx); i++) {
-        word32 j = i;
-        word16 h = 0;
-        /* r = i + num_lmots_keys */
-        word32 r = i + ((word32)1 << (params->height));
-
-        if ((i >= leaf->idx) && (i < leaf->idx + max_cb)) {
-            /* Calculate offset of node in cache. */
-            word32 off = ((i - (leaf->idx + max_cb) + leaf->offset) % max_cb) *
-                params->hash_len;
-            /* Copy cached node into working buffer. */
-            XMEMCPY(temp, leaf->cache + off, params->hash_len);
-            /* I || u32str(i) || ... */
-            c32toa(i, rp);
-        }
-        else {
-            /* Calculate leaf node hash. */
-            ret = wc_lms_leaf_hash(state, seed, i, r, temp);
-
-            /* Check if this is at the end of the cache and not beyond q plus
-             * the number of leaf nodes. */
-            if ((i == leaf->idx + max_cb) && (i < (q + max_cb))) {
-                /* Copy working node into cache over old first node. */
-                XMEMCPY(leaf->cache + leaf->offset * params->hash_len, temp,
-                    params->hash_len);
-                /* Increase start index as first node replaced. */
-                leaf->idx++;
-                /* Update offset of first leaf node. */
-                leaf->offset = (leaf->offset + 1) & (max_cb - 1);
-            }
-        }
-
-        /* Store the node if on the authentication path. */
-        if ((ret == 0) && ((q ^ 0x1) == i)) {
-            XMEMCPY(auth_path, temp, params->hash_len);
-        }
-
-        /* I || ... || u16str(D_INTR) || ... || temp */
-        c16toa(LMS_D_INTR, dp);
-        /* Calculate parent node if we have both left and right. */
-        while ((ret == 0) && ((j & 0x1) == 1)) {
-            /* Get parent node index. r and j are odd. */
-            r >>= 1;
-            j >>= 1;
-            h++;
-
-            sp -= params->hash_len;
-            if (useRoot && (h > params->height - params->rootLevels) &&
-                    (h <= params->height)) {
-                /* Calculate offset of cached root node. */
-                word32 off = ((word32)1U << (params->height - h)) +
-                    (i >> h) - 1;
-                XMEMCPY(temp, privState->root + (off * params->hash_len),
-                    params->hash_len);
-            }
-            else {
-                /* Calculate interior node hash.
-                 * temp = H(I || u32str(r) || u16str(D_INTR) || left_side ||
-                 *          temp)
-                 */
-                ret = wc_lms_interior_hash(state, sp, r, temp);
-            }
-
-            /* Copy out top root nodes. */
-            if ((ret == 0) && (q == 0) && (!useRoot) &&
-                    (h > params->height - params->rootLevels) &&
-                    ((i >> (h-1)) != ((i + 1) >> (h - 1)))) {
-                int off = ((int)1 << (params->height - h)) + (i >> h) - 1;
-                XMEMCPY(privState->root + off * params->hash_len, temp,
-                    params->hash_len);
-            }
-
-            /* Copy out node to authentication path if on path. */
-            if ((ret == 0) && (((q >> h) ^ 0x1) == j)) {
-                XMEMCPY(auth_path + h * params->hash_len, temp,
-                    params->hash_len);
-            }
-        }
-        if (ret == 0) {
-            /* Push temp onto the data stack. */
-            XMEMCPY(sp, temp, params->hash_len);
-            sp += params->hash_len;
-
-            /* Save stack after updating first node. */
-            if (i == min_idx) {
-                /* Copy stack back. */
-                stackCache->offset = (word32)((size_t)sp - (size_t)stack);
-                XMEMCPY(stackCache->stack, stack, stackCache->offset);
-            }
-        }
-    }
-
-    if (!useRoot && (ret == 0)) {
-        /* Copy stack back. */
-        XMEMCPY(stackCache->stack, stack, params->height * params->hash_len);
-        stackCache->offset = (word32)((size_t)sp - (size_t)stack);
-    }
-
-    WC_FREE_VAR_EX(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return ret;
-}
-#endif /* WOLFSSL_WC_LMS_SMALL */
-
-/* Sign message using LMS.
- *
- * Appendix D. Method for Deriving Authentication Path for a Signature.
- * Generating an LMS Signature
- *   ...
- *   3. Create the LM-OTS signature for the message:
- *      ots_signature = lmots_sign(message, LMS_PRIV[q])
- *   4. Compute the array path as follows:
- *      ...
- *   5. S = u32str(q) || ots_signature || u32str(type) ||
- *                           path[0] || path[1] || ... || path[h-1]
- *   ...
- * path[] added by caller as it can come from cache.
- *
- * @param [in, out] state  LMS state.
- * @param [in]      priv   LMS private key.
- * @param [in]      msg    Message/public key to sign.
- * @param [in]      msgSz  Length of message in bytes.
- * @param [out]     sig    LMS signature.
- * @return  0 on success.
- */
-static int wc_lms_sign(LmsState* state, const byte* priv, const byte* msg,
-    word32 msgSz, byte* sig)
-{
-    int ret;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    byte* s = sig;
-    const byte* priv_q = priv;
-    const byte* priv_seed = priv_q + LMS_Q_LEN;
-    const byte* priv_i = priv_seed + params->hash_len;
-
-    /* Setup for hashing: I || Q */
-    XMEMCPY(buffer, priv_i, LMS_I_LEN);
-    XMEMCPY(buffer + LMS_I_LEN, priv_q, LMS_Q_LEN);
-
-    /* Copy q from private key.
-     * S = u32str(q) || ... */
-    XMEMCPY(s, priv_q, LMS_Q_LEN);
-    s += LMS_Q_LEN;
-
-    /* ots_signature = sig = u32str(type) || ... */
-    c32toa(state->params->lmOtsType & LMS_H_W_MASK, s);
-    s += LMS_TYPE_LEN;
-    /* Sign this level.
-     * S = u32str(q) || ots_signature || ... */
-    ret = wc_lmots_sign(state, priv_seed, msg, msgSz, s);
-    if (ret == 0) {
-        /* Skip over ots_signature. */
-        s += params->hash_len + params->p * params->hash_len;
-        /* S = u32str(q) || ots_signature || u32str(type) || ... */
-        c32toa(params->lmsType & LMS_H_W_MASK, s);
-    }
-
-    return ret;
-}
-
-#if !defined(WOLFSSL_WC_LMS_SMALL) && !defined(WOLFSSL_LMS_NO_SIG_CACHE)
-/* Copy in the cached signature data.
- *
- * @param [in]  params    LMS parameters.
- * @param [in]  y         y cache.
- * @param [in]  priv      Private key data.
- * @param [out] sig       Signature data.
- */
-static void wc_lms_sig_copy(const LmsParams* params, const byte* y,
-    const byte* priv, byte* sig)
-{
-    /* Put in q. */
-    XMEMCPY(sig, priv, LMS_Q_LEN);
-    sig += LMS_Q_LEN;
-    /* S = u32str(q) || ... */
-    c32toa(params->lmOtsType & LMS_H_W_MASK, sig);
-    sig += LMS_TYPE_LEN;
-    /* S = u32str(q) || ots_signature || ... */
-    XMEMCPY(sig, y, params->hash_len + params->p * params->hash_len);
-    sig += params->hash_len + params->p * params->hash_len;
-    /* S = u32str(q) || ots_signature || u32str(type) || ... */
-    c32toa(params->lmsType & LMS_H_W_MASK, sig);
-}
-#endif /* !WOLFSSL_WC_LMS_SMALL && !WOLFSSL_LMS_NO_SIG_CACHE */
-#endif /* !WOLFSSL_LMS_VERIFY_ONLY */
-
-/* Compute the root node of the LMS tree.
- *
- * Algorithm 6a: Computing an LMS Public Key Candidate from a Signature,
- * Message, Identifier, and Algorithm Typecodes
- *   ...
- *   4. Compute the candidate LMS root value Tc as follows:
- *      node_num = 2^h + q
- *      tmp = H(I || u32str(node_num) || u16str(D_LEAF) || Kc)
- *      i = 0
- *      while (node_num > 1) {
- *        if (node_num is odd):
- *          tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||path[i]||tmp)
- *        else:
- *          tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||tmp||path[i])
- *        node_num = node_num/2
- *        i = i + 1
- *      }
- *      Tc = tmp
- *   5. Return Tc.
- *
- * @param [in, out]  state  LMS state.
- * @param [in]       q      Index of node.
- * @param [in]       kc     K candidate.
- * @param [in]       path   Authentication path from signature.
- * @param [out]      tc     T candidate.
- * @return  0 on success.
- */
-static int wc_lms_compute_root(LmsState* state, word32 q, const byte* kc,
-    const byte* path, byte* tc)
-{
-    int ret;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    byte* rp = buffer + LMS_I_LEN;
-    byte* ip = rp + LMS_Q_LEN;
-    byte* node = ip + LMS_P_LEN;
-    byte* b[2][2];
-    /* node_num = 2^h + q */
-    word32 r = ((word32)1 << params->height) + q;
-
-    /* tmp = H(I || u32str(node_num) || u16str(D_LEAF) || Kc) */
-    c32toa(r, rp);
-    c16toa(LMS_D_LEAF, ip);
-    XMEMCPY(node, kc, params->hash_len);
-    /* Put tmp into offset required for first iteration. */
-#ifndef WC_LMS_FULL_HASH
-    /* Put in padding for final block. */
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        b[0][0] = node;
-        b[0][1] = node + WC_SHA256_192_DIGEST_SIZE;
-        b[1][0] = node + WC_SHA256_192_DIGEST_SIZE;
-        b[1][1] = node;
-        LMS_SHA256_SET_LEN_46(buffer);
-        ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, b[r & 1][0]);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        b[0][0] = node;
-        b[0][1] = node + WC_SHA256_DIGEST_SIZE;
-        b[1][0] = node + WC_SHA256_DIGEST_SIZE;
-        b[1][1] = node;
-        LMS_SHA256_SET_LEN_54(buffer);
-        ret = wc_lms_hash_block(&state->hash, buffer, b[r & 1][0]);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-#else
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        b[0][0] = node;
-        b[0][1] = node + WC_SHA256_192_DIGEST_SIZE;
-        b[1][0] = node + WC_SHA256_192_DIGEST_SIZE;
-        b[1][1] = node;
-        ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-            LMS_SEED_HASH_LEN(WC_SHA256_192_DIGEST_SIZE), b[r & 1][0]);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        b[0][0] = node;
-        b[0][1] = node + WC_SHA256_DIGEST_SIZE;
-        b[1][0] = node + WC_SHA256_DIGEST_SIZE;
-        b[1][1] = node;
-        ret = wc_lms_hash(&state->hash, buffer,
-            LMS_SEED_HASH_LEN(WC_SHA256_DIGEST_SIZE), b[r & 1][0]);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    if (ret == 0) {
-        int i;
-
-        /* I||...||u16str(D_INT)||... */
-        c16toa(LMS_D_INTR, ip);
-
-        /* Do all but last height. */
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            for (i = 0; (ret == 0) && (i < params->height - 1); i++) {
-                /* Put path into offset required. */
-                XMEMCPY(b[r & 1][1], path, WC_SHA256_192_DIGEST_SIZE);
-                path += WC_SHA256_192_DIGEST_SIZE;
-
-                /* node_num = node_num / 2 */
-                r >>= 1;
-                /*  H(...||u32str(node_num/2)||..) */
-                c32toa(r, rp);
-                /* tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||path[i]||tmp)
-                 * or
-                 * tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||tmp||path[i])
-                 * Put tmp result into offset required for next iteration. */
-                ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                    LMS_NODE_HASH_LEN(WC_SHA256_192_DIGEST_SIZE), b[r & 1][0]);
-            }
-            if (ret == 0) {
-                /* Last height. */
-                /* Put path into offset required. */
-                XMEMCPY(b[r & 1][1], path, WC_SHA256_192_DIGEST_SIZE);
-                /* node_num = node_num / 2 */
-                r >>= 1;
-                /*  H(...||u32str(node_num/2)||..) */
-                c32toa(r, rp);
-                /* tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||path[i]||tmp)
-                 * or
-                 * tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||tmp||path[i])
-                 * Put tmp result into Tc.*/
-                ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                    LMS_NODE_HASH_LEN(WC_SHA256_192_DIGEST_SIZE), tc);
-            }
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            for (i = 0; (ret == 0) && (i < params->height - 1); i++) {
-                /* Put path into offset required. */
-                XMEMCPY(b[r & 1][1], path, WC_SHA256_DIGEST_SIZE);
-                path += WC_SHA256_DIGEST_SIZE;
-
-                /* node_num = node_num / 2 */
-                r >>= 1;
-                /*  H(...||u32str(node_num/2)||..) */
-                c32toa(r, rp);
-                /* tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||path[i]||tmp)
-                 * or
-                 * tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||tmp||path[i])
-                 * Put tmp result into offset required for next iteration. */
-                ret = wc_lms_hash(&state->hash, buffer,
-                    LMS_NODE_HASH_LEN(WC_SHA256_DIGEST_SIZE), b[r & 1][0]);
-            }
-            if (ret == 0) {
-                /* Last height. */
-                /* Put path into offset required. */
-                XMEMCPY(b[r & 1][1], path, WC_SHA256_DIGEST_SIZE);
-                /* node_num = node_num / 2 */
-                r >>= 1;
-                /*  H(...||u32str(node_num/2)||..) */
-                c32toa(r, rp);
-                /* tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||path[i]||tmp)
-                 * or
-                 * tmp = H(I||u32str(node_num/2)||u16str(D_INTR)||tmp||path[i])
-                 * Put tmp result into Tc.*/
-                ret = wc_lms_hash(&state->hash, buffer,
-                    LMS_NODE_HASH_LEN(WC_SHA256_DIGEST_SIZE), tc);
-            }
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-    }
-
-    return ret;
-}
-
-/* LMS verify message using public key and signature.
- *
- * Algorithm 6a: Computing an LMS Public Key Candidate from a Signature,
- * Message, Identifier, and Algorithm Typecodes
- *   ...
- *   2. Parse sigtype, q, lmots_signature, and path from the signature
- *      as follows:
- *      a. q = strTou32(first 4 bytes of signature)
- *      ...
- *      e. lmots_signature = bytes 4 through 7 + n * (p + 1)
- *         of signature
- *      ...
- *      j. Set path as follows:
- *           path[0] = next m bytes of signature
- *           path[1] = next m bytes of signature
- *              ...
- *         path[h-1] = next m bytes of signature
- *   3. Kc = candidate public key computed by applying Algorithm 4b
- *      to the signature lmots_signature, the message, and the
- *      identifiers I, q
- *   4. Compute the candidate LMS root value Tc as follows:
- *      ...
- *   5. Return Tc
- * Algorithm 6: LMS Signature Verification
- *   ...
- *   3. Compute the LMS Public Key Candidate Tc from the signature,
- *      message, identifier, pubtype, and ots_typecode, using
- *      Algorithm 6a.
- *   4. If Tc is equal to T[1], return VALID; otherwise, return INVALID.
- *
- * @param [in, out] state  LMS state.
- * @param [in]      pub    LMS public key.
- * @param [in]      msg    Message/public key to verify.
- * @param [in]      msgSz  Length of message in bytes.
- * @param [in]      sig    LMS signature.
- */
-static int wc_lms_verify(LmsState* state, const byte* pub, const byte* msg,
-    word32 msgSz, const byte* sig)
-{
-    int ret;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    const byte* pub_i = pub + LMS_TYPE_LEN + LMS_TYPE_LEN;
-    const byte* pub_k = pub_i + LMS_I_LEN;
-    const byte* sig_q = sig;
-    byte tc[LMS_MAX_NODE_LEN];
-    byte* kc = tc;
-
-    /* Algorithm 6. Step 3. */
-    /* Check the public key LMS type matches parameters. */
-    ret = wc_lmots_public_key_check(params, pub);
-    if (ret == 0) {
-        /* Algorithm 6a. Step 2.e. */
-        const byte* sig_lmots = sig + LMS_Q_LEN;
-
-        /* Setup buffer with I || Q. */
-        XMEMCPY(buffer, pub_i, LMS_I_LEN);
-        XMEMCPY(buffer + LMS_I_LEN, sig_q, LMS_Q_LEN);
-
-        /* Algorithm 6a. Step 3. */
-        ret = wc_lmots_calc_kc(state, pub + LMS_TYPE_LEN, msg, msgSz,
-            sig_lmots, kc);
-    }
-    if (ret == 0) {
-        /* Algorithm 6a. Step 2.j. */
-        const byte* sig_path = sig + LMS_Q_LEN + LMS_TYPE_LEN +
-            params->hash_len + params->p * params->hash_len + LMS_TYPE_LEN;
-        word32 q;
-
-        /* Algorithm 6a. Step 2.a. */
-        ato32(sig_q, &q);
-
-        /* Algorithm 6a. Steps 4-5. */
-        ret = wc_lms_compute_root(state, q, kc, sig_path, tc);
-    }
-    /* Algorithm 6. Step 4. */
-    if ((ret == 0) && (XMEMCMP(pub_k, tc, params->hash_len) != 0)) {
-        ret = SIG_VERIFY_E;
-    }
-
-    return ret;
-}
-
-/***************************************
- * HSS APIs
- **************************************/
-
-#ifndef WOLFSSL_LMS_VERIFY_ONLY
-/* Derive the seed and i for child.
- *
- * @param [in, out] state   LMS state.
- * @param [in]      id      Parent's I.
- * @param [in]      seed    Parent's SEED.
- * @param [in]      q       Parent's q.
- * @param [out]     seed_i  Derived SEED and I.
- * @return  0 on success.
- */
-static int wc_hss_derive_seed_i(LmsState* state, const byte* id,
-    const byte* seed, const byte* q, byte* seed_i)
-{
-    int ret = 0;
-    byte buffer[WC_SHA256_BLOCK_SIZE];
-    byte* idp = buffer;
-    byte* qp = idp + LMS_I_LEN;
-    byte* ip = qp + LMS_Q_LEN;
-    byte* jp = ip + LMS_P_LEN;
-    byte* tmp = jp + LMS_W_LEN;
-
-    /* parent's I || ... */
-    XMEMCPY(idp, id, LMS_I_LEN);
-    /* parent's I || q || ... */
-    XMEMCPY(qp, q, LMS_Q_LEN);
-    /* parent's I || q || D_CHILD_SEED || ... */
-    c16toa(LMS_D_CHILD_SEED, ip);
-    /* parent's I || q || D_CHILD_SEED || D_FIXED || ... */
-    *jp = LMS_D_FIXED;
-    /* parent's I || q || D_CHILD_SEED || D_FIXED || parent's SEED */
-    XMEMCPY(tmp, seed, state->params->hash_len);
-    /* SEED = H(parent's I || q || D_CHILD_SEED || D_FIXED || parent's SEED) */
-#ifndef WC_LMS_FULL_HASH
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        /* Put in padding for final block. */
-        LMS_SHA256_SET_LEN_47(buffer);
-        ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, seed_i);
-        if (ret == 0) {
-            seed_i += WC_SHA256_192_DIGEST_SIZE;
-        }
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        /* Put in padding for final block. */
-        LMS_SHA256_SET_LEN_55(buffer);
-        ret = wc_lms_hash_block(&state->hash, buffer, seed_i);
-        if (ret == 0) {
-            seed_i += WC_SHA256_DIGEST_SIZE;
-        }
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-#else
-#ifdef WOLFSSL_LMS_SHA256_192
-    if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-        ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-            LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), seed_i);
-    }
-    else
-#endif
-    {
-    #ifndef WOLFSSL_NO_LMS_SHA256_256
-        ret = wc_lms_hash(&state->hash, buffer,
-            LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), seed_i);
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-#endif /* !WC_LMS_FULL_HASH */
-
-    if (ret == 0) {
-        /* parent's I || q || D_CHILD_I || D_FIXED || parent's SEED */
-        c16toa(LMS_D_CHILD_I, ip);
-        /* I = H(parent's I || q || D_CHILD_I || D_FIXED || parent's SEED) */
-#ifndef WC_LMS_FULL_HASH
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            ret = wc_lms_sha256_192_hash_block(&state->hash, buffer, tmp);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            ret = wc_lms_hash_block(&state->hash, buffer, tmp);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#else
-    #ifdef WOLFSSL_LMS_SHA256_192
-        if ((state->params->lmOtsType & LMS_HASH_MASK) == LMS_SHA256_192) {
-            ret = wc_lms_hash_sha256_192(&state->hash, buffer,
-                LMS_HASH_BUFFER_LEN(WC_SHA256_192_DIGEST_SIZE), tmp);
-        }
-        else
-    #endif
-        {
-        #ifndef WOLFSSL_NO_LMS_SHA256_256
-            ret = wc_lms_hash(&state->hash, buffer,
-                LMS_HASH_BUFFER_LEN(WC_SHA256_DIGEST_SIZE), tmp);
-        #else
-            ret = NOT_COMPILED_IN;
-        #endif
-        }
-#endif /* !WC_LMS_FULL_HASH */
-        /* Copy part of hash as new I into private key. */
-        XMEMCPY(seed_i, tmp, LMS_I_LEN);
-    }
-
-    return ret;
-}
-
-/* Get q, index, of leaf at the specified level. */
-#define LMS_Q_AT_LEVEL(q, ls, l, h)                                 \
-    (w64GetLow32(w64ShiftRight((q), (((ls) - 1 - (l)) * (h)))) &    \
-     (((word32)1 << (h)) - 1))
-
-/* Expand the seed and I for further levels and set q for each level.
- *
- * @param [in, out] state     LMS state.
- * @param [in, out] priv      Private key for use in signing.
- * @param [in]      priv_raw  Private key read.
- * @param [in]      inc       Whether this is an incremental expansion.
- * @return  0 on success.
- */
-static int wc_hss_expand_private_key(LmsState* state, byte* priv,
-    const byte* priv_raw, int inc)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-    w64wrapper q;
-    w64wrapper qm1;
-    word32 q32;
-    byte* priv_q;
-    byte* priv_seed_i;
-    word32 i;
-
-    /* Get the 64-bit q value from the raw private key. */
-    ato64(priv_raw, &q);
-    /* Step over q and parameter set. */
-    priv_raw += HSS_Q_LEN + HSS_PRIV_KEY_PARAM_SET_LEN;
-
-    /* Get q of highest level. */
-    q32 = LMS_Q_AT_LEVEL(q, params->levels, 0, params->height);
-    /* Set q of highest tree. */
-    c32toa(q32, priv);
-
-    /* Incremental expansion needs q-1. */
-    if (inc) {
-        /* Calculate q-1 for comparison. */
-        qm1 = q;
-        w64Decrement(&qm1);
-    }
-    else {
-        /* Copy out SEED and I into private key. */
-        XMEMCPY(priv + LMS_Q_LEN, priv_raw, params->hash_len + LMS_I_LEN);
-    }
-
-    /* Compute SEED and I for rest of levels. */
-    for (i = 1U; (ret == 0) && (i < params->levels); i++) {
-        /* Don't skip calculating SEED and I. */
-        int skip = 0;
-
-        /* Incremental means q, SEED and I already present if q unchanged. */
-        if (inc) {
-            /* Calculate previous levels q for previous 64-bit q value. */
-            word32 qm1_32 = LMS_Q_AT_LEVEL(qm1, params->levels, i - 1,
-                params->height);
-            /* Same q at previous level means no need to re-compute. */
-            if (q32 == qm1_32) {
-                /* Do skip calculating SEED and I. */
-                skip = 1;
-            }
-        }
-
-        /* Get pointers into private q to write q and seed + I. */
-        priv_q = priv;
-        priv += LMS_Q_LEN;
-        priv_seed_i = priv;
-        priv += params->hash_len + LMS_I_LEN;
-
-        /* Get q for level from 64-bit composite. */
-        q32 = w64GetLow32(w64ShiftRight(q, (params->levels - 1 - i) *
-            params->height)) & (((word32)1 << params->height) - 1);
-        /* Set q of tree. */
-        c32toa(q32, priv);
-
-        if (!skip) {
-            /* Derive SEED and I into private key. */
-            ret = wc_hss_derive_seed_i(state, priv_seed_i + params->hash_len,
-                priv_seed_i, priv_q, priv + LMS_Q_LEN);
-        }
-    }
-
-    return ret;
-}
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-/* Initialize the next subtree.
- *
- * @param [in] state      LMS state.
- * @param [in] privState  LMS private state.
- * @param [in] curr       Current private key.
- * @param [in] priv       Next private key.
- * @param [in] q          q for this level.
- * @return  0 on success.
- */
-static int wc_lms_next_subtree_init(LmsState* state, LmsPrivState* privState,
-    byte* curr, byte* priv, word32 q)
-{
-    int ret;
-    const LmsParams* params = state->params;
-    byte* priv_q;
-    byte* priv_seed;
-    byte* priv_i;
-    word32 pq;
-
-    priv_q = priv;
-    priv += LMS_Q_LEN;
-    priv_seed = curr + LMS_Q_LEN;
-    priv += params->hash_len;
-    priv_i = curr + LMS_Q_LEN + params->hash_len;
-    priv += LMS_I_LEN;
-
-    ato32(curr, &pq);
-    pq = (pq + 1U) & ((((word32)1U) << params->height) - (word32)1U);
-    c32toa(pq, priv_q);
-
-    privState->stack.offset = 0;
-    /* No unary minus on unsigned; avoids MSVC C4146 and passes clang-tidy */
-    privState->leaf.idx = (word32)(0U - ((word32)1U << params->cacheBits));
-    privState->leaf.offset = 0;
-
-    /* Derive SEED and I for next tree. */
-    ret = wc_hss_derive_seed_i(state, priv_i, priv_seed, priv_q,
-        priv + LMS_Q_LEN);
-    if (ret == 0) {
-        /* Update treehash for first leaf. */
-        ret = wc_lms_treehash_update(state, privState,
-            priv + LMS_Q_LEN + params->hash_len, priv + LMS_Q_LEN, 0, q, 0, 0);
-    }
-
-    return ret;
-}
-
-/* Increment count on next subtree.
- *
- * @param [in] state     LMS state.
- * @param [in] priv_key  HSS private key.
- * @param [in] q64       64-bit q for all levels.
- * @return  0 on success.
- */
-static int wc_hss_next_subtree_inc(LmsState* state, HssPrivKey* priv_key,
-    w64wrapper q64)
-{
-    int ret = 0;
-    const LmsParams* params = state->params;
-    byte* curr = priv_key->priv;
-    byte* priv = priv_key->next_priv;
-    int i;
-    w64wrapper p64 = q64;
-    byte tmp_priv[LMS_PRIV_LEN(LMS_MAX_NODE_LEN)];
-    int use_tmp = 0;
-    word32 lastQMax = 0;
-    w64wrapper p64_hi;
-    w64wrapper q64_hi;
-
-    /* Get previous index. */
-    w64Decrement(&p64);
-    /* Get index of previous and current parent. */
-    p64_hi = w64ShiftRight(p64, (params->levels - 1) * params->height);
-    q64_hi = w64ShiftRight(q64, (params->levels - 1) * params->height);
-    for (i = 1; (ret == 0) && (i < params->levels); i++) {
-        word32 qc;
-        w64wrapper cp64_hi;
-        w64wrapper cq64_hi;
-
-        /* Get index of previous and current child. */
-        cp64_hi = w64ShiftRight(p64, (params->levels - i - 1) * params->height);
-        cq64_hi = w64ShiftRight(q64, (params->levels - i - 1) * params->height);
-        /* Get the q for the child. */
-        ato32(curr + LMS_PRIV_LEN(params->hash_len), (unsigned int*)&qc);
-
-        /* Compare index of parent node with previous value. */
-        if (w64LT(p64_hi, q64_hi)) {
-            wc_lms_priv_state_copy(params, &priv_key->state[i],
-                &priv_key->next_state[i-1]);
-            ret = wc_lms_next_subtree_init(state, &priv_key->next_state[i - 1],
-                use_tmp ? tmp_priv : curr, priv, 0);
-            use_tmp = 0;
-        }
-        /* Check whether the child is in a new subtree. */
-        else if ((qc == ((word32)1 << params->height) - 1) &&
-                w64LT(cp64_hi, cq64_hi)) {
-            XMEMSET(tmp_priv, 0, LMS_Q_LEN);
-            /* Check whether the node at the previous level is also in a new
-             * subtree. */
-            if (lastQMax) {
-                /* Calculate new SEED and I based on new subtree. */
-                ret = wc_hss_derive_seed_i(state,
-                    priv + LMS_Q_LEN + params->hash_len, priv + LMS_Q_LEN,
-                    tmp_priv, tmp_priv + LMS_Q_LEN);
-            }
-            else {
-                /* Calculate new SEED and I based on parent. */
-                ret = wc_hss_derive_seed_i(state,
-                    curr + LMS_Q_LEN + params->hash_len, curr + LMS_Q_LEN, priv,
-                    tmp_priv + LMS_Q_LEN);
-            }
-            /* Values not stored so note that they are in temporary. */
-            use_tmp = 1;
-
-            /* Set the the q. */
-            XMEMCPY(tmp_priv, curr + LMS_PRIV_LEN(params->hash_len), LMS_Q_LEN);
-        }
-
-        lastQMax = (qc == (((word32)1U << params->height) - (word32)1U));
-        curr += LMS_PRIV_LEN(params->hash_len);
-        priv += LMS_PRIV_LEN(params->hash_len);
-        p64_hi = cp64_hi;
-        q64_hi = cq64_hi;
-    }
-
-    return ret;
-}
-
-/* Initialize the next subtree for each level bar the highest.
- *
- * @param [in, out] state     LMS state.
- * @param [out]     priv_key  Private key data.
- * @return  0 on success.
- */
-static int wc_hss_next_subtrees_init(LmsState* state, HssPrivKey* priv_key)
-{
-    int ret = 0;
-    const LmsParams* params = state->params;
-    byte* curr = priv_key->priv;
-    byte* priv = priv_key->next_priv;
-    int i;
-
-    XMEMCPY(priv, curr, LMS_PRIV_LEN(params->hash_len));
-    wc_lms_idx_inc(priv, LMS_Q_LEN);
-
-    for (i = 1; (ret == 0) && (i < params->levels); i++) {
-        word32 q;
-
-        ato32(curr + LMS_PRIV_LEN(params->hash_len), &q);
-        ret = wc_lms_next_subtree_init(state, &priv_key->next_state[i - 1],
-            curr, priv, q);
-
-        curr += LMS_PRIV_LEN(params->hash_len);
-        priv += LMS_PRIV_LEN(params->hash_len);
-    }
-
-    return ret;
-}
-#endif
-
-/* Update the authentication path and caches.
- *
- * @param [in, out] state     LMS state.
- * @param [in, out] priv_key  Private key information.
- * @param [in]      levels    Number of level to start at.
- * @param [out]     pub_root  Public root.
- * @return  0 on success.
- */
-static int wc_hss_init_auth_path(LmsState* state, HssPrivKey* priv_key,
-    byte* pub_root)
-{
-    int ret = 0;
-    int levels = state->params->levels;
-    byte* priv = priv_key->priv +
-        LMS_PRIV_LEN(state->params->hash_len) * (levels - 1);
-    int l;
-
-    for (l = levels - 1; (ret == 0) && (l >= 0); l--) {
-        word32 q;
-        const byte* priv_q = priv;
-        const byte* priv_seed = priv_q + LMS_Q_LEN;
-        const byte* priv_i = priv_seed + state->params->hash_len;
-
-        /* Get current q for tree at level. */
-        ato32(priv_q, &q);
-        /* Set cache start to a value that indicates no numbers available. */
-        ret = wc_lms_treehash_init(state, &priv_key->state[l], priv_i,
-             priv_seed, q);
-
-        /* Move onto next level's data. */
-        priv -= LMS_PRIV_LEN(state->params->hash_len);
-    }
-
-    if ((ret == 0) && (pub_root != NULL)) {
-        XMEMCPY(pub_root, priv_key->state[0].root, state->params->hash_len);
-    }
-
-    return ret;
-}
-
-/* Calculate the corresponding authentication path index at that height.
- *
- * @param [in] i  Leaf node index.
- * @param [in] h  Height to calculate for.
- * @return  Index on authentication path.
- */
-#define LMS_AUTH_PATH_IDX(i, h)                                 \
-    (((i) ^ ((word32)1U << (h))) | (((word32)1U << (h)) - 1))
-
-/* Update the authentication path.
- *
- * @param [in, out] state     LMS state.
- * @param [in, out] priv_key  Private key information.
- * @param [in]      levels    Number of level to start at.
- * @return  0 on success.
- */
-static int wc_hss_update_auth_path(LmsState* state, HssPrivKey* priv_key,
-    byte* priv_raw, int levels)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-    byte* priv = priv_key->priv + LMS_PRIV_LEN(params->hash_len) * (levels - 1);
-    int i;
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-    w64wrapper q64;
-#endif
-
-    (void)priv_raw;
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-    ato64(priv_raw, &q64);
-#endif
-
-    for (i = levels - 1; (ret == 0) && (i >= 0); i--) {
-        word32 q;
-        const byte* priv_q = priv;
-        const byte* priv_seed = priv_q + LMS_Q_LEN;
-        const byte* priv_i = priv_seed + params->hash_len;
-        LmsPrivState* privState = &priv_key->state[i];
-
-        /* Get q for tree at level. */
-        ato32(priv_q, &q);
-    #ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-        if ((levels > 1) && (i == levels - 1) && (q == 0)) {
-            /* New sub-tree. */
-            ret = wc_hss_next_subtree_inc(state, priv_key, q64);
-        }
-        if ((ret == 0) && (q != 0))
-    #else
-        if (q == 0) {
-            /* New sub-tree. */
-            ret = wc_lms_treehash_init(state, privState, priv_i, priv_seed, 0);
-        }
-        else
-    #endif
-        {
-            word32 maxq = q - 1;
-            int h;
-            int maxh = params->height;
-
-            /* Check each index at each height needed for the auth path. */
-            for (h = 0; (h < maxh) && (h <= maxh - params->rootLevels); h++) {
-                /* Calculate the index for current q and q-1. */
-                word32 qa = LMS_AUTH_PATH_IDX(q, h);
-                word32 qm1a = LMS_AUTH_PATH_IDX(q - 1, h);
-                /* If different then needs to be computed so keep highest. */
-                if ((qa != qm1a) && (qa > maxq)) {
-                    maxq = qa;
-                }
-            }
-            for (; h < maxh; h++) {
-                /* Calculate the index for current q and q-1. */
-                word32 qa = LMS_AUTH_PATH_IDX(q, h);
-                word32 qm1a = LMS_AUTH_PATH_IDX(q - 1, h);
-                /* If different then copy in cached hash. */
-                if ((qa != qm1a) && (qa > maxq)) {
-                    int off = ((int)1 << (params->height - h)) + (qa >> h) - 1;
-                    XMEMCPY(privState->auth_path + h * params->hash_len,
-                        privState->root + off * params->hash_len,
-                        params->hash_len);
-                }
-            }
-            /* Update the treehash and calculate the extra indices for
-             * authentication path. */
-            ret = wc_lms_treehash_update(state, privState, priv_i, priv_seed,
-                q - 1, maxq, q, 1);
-        #ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-            if ((ret == 0) && (i > 0)) {
-                w64wrapper tmp64 = w64ShiftRight(q64,
-                    (levels - i) * params->height);
-                w64Increment(&tmp64);
-                tmp64 = w64ShiftLeft(tmp64, 64 - (i * params->height));
-                if (!w64IsZero(tmp64)) {
-                    priv_seed = priv_key->next_priv +
-                        i * LMS_PRIV_LEN(params->hash_len) + LMS_Q_LEN;
-                    priv_i = priv_seed + params->hash_len;
-                    privState = &priv_key->next_state[i - 1];
-
-                    ret = wc_lms_treehash_update(state, privState, priv_i,
-                        priv_seed, q, q, 0, 0);
-                }
-            }
-        #endif
-            break;
-        }
-
-        /* Move onto next level's data. */
-        priv -= LMS_PRIV_LEN(params->hash_len);
-    }
-
-    return ret;
-}
-
-#if !defined(WOLFSSL_LMS_NO_SIG_CACHE) && (LMS_MAX_LEVELS > 1)
-/* Pre-sign for current q so that it isn't needed in signing.
- *
- * @param [in, out] state     LMS state.
- * @param [in, out] priv_key  Private key.
- */
-static int wc_hss_presign(LmsState* state, HssPrivKey* priv_key)
-{
-    int ret = 0;
-    const LmsParams* params = state->params;
-    byte* buffer = state->buffer;
-    byte pub[LMS_PUBKEY_LEN(LMS_MAX_NODE_LEN)];
-    byte* root = pub + LMS_PUBKEY_LEN(LMS_MAX_NODE_LEN) - params->hash_len;
-    byte* priv = priv_key->priv;
-    int i;
-
-    for (i = params->levels - 2; i >= 0; i--) {
-        const byte* p = priv + i * (LMS_Q_LEN + params->hash_len + LMS_I_LEN);
-        const byte* priv_q = p;
-        const byte* priv_seed = priv_q + LMS_Q_LEN;
-        const byte* priv_i = priv_seed + params->hash_len;
-
-        /* ... || T(1) */
-        XMEMCPY(root, priv_key->state[i + 1].root, params->hash_len);
-        /* u32str(type) || u32str(otstype) || I || T(1) */
-        p = priv + (i + 1) * (LMS_Q_LEN + params->hash_len + LMS_I_LEN);
-        wc_lmots_public_key_encode(params, p, pub);
-
-        /* Setup for hashing: I || Q || ... */
-        XMEMCPY(buffer, priv_i, LMS_I_LEN);
-        XMEMCPY(buffer + LMS_I_LEN, priv_q, LMS_Q_LEN);
-
-        /* LM-OTS Sign this level. */
-        ret = wc_lmots_sign(state, priv_seed, pub,
-            LMS_PUBKEY_LEN(params->hash_len),
-            priv_key->y + i * LMS_PRIV_Y_TREE_LEN(params->p, params->hash_len));
-    }
-
-    return ret;
-}
-#endif /* !WOLFSSL_LMS_NO_SIG_CACHE && LMS_MAX_LEVELS > 1 */
-#endif /* !WOLFSSL_WC_LMS_SMALL */
-
-/* Load the private key data into HSS private key structure.
- *
- * @param [in]      params     LMS parameters.
- * @param [in, out] key        HSS private key.
- * @param [in]      priv_data  Private key data.
- */
-static void wc_hss_priv_data_load(const LmsParams* params, HssPrivKey* key,
-    byte* priv_data)
-{
-#ifndef WOLFSSL_WC_LMS_SMALL
-    int l;
-#endif
-
-    /* Expanded private keys. */
-    key->priv = priv_data;
-    priv_data += LMS_PRIV_KEY_LEN(params->levels, params->hash_len);
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-    for (l = 0; l < params->levels; l++) {
-        /* Caches for subtree. */
-        wc_lms_priv_state_load(params, &key->state[l], priv_data);
-        priv_data += LMS_PRIV_STATE_LEN(params->height, params->rootLevels,
-            params->cacheBits, params->hash_len);
-    }
-
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-    /* Next subtree's expanded private keys. */
-    key->next_priv = priv_data;
-    priv_data += LMS_PRIV_KEY_LEN(params->levels, params->hash_len);
-    for (l = 0; l < params->levels - 1; l++) {
-        /* Next subtree's caches. */
-        wc_lms_priv_state_load(params, &key->next_state[l], priv_data);
-        priv_data += LMS_PRIV_STATE_LEN(params->height, params->rootLevels,
-            params->cacheBits, params->hash_len);
-    }
-#endif /* WOLFSSL_LMS_NO_SIGN_SMOOTHING */
-
-#ifndef WOLFSSL_LMS_NO_SIG_CACHE
-    /* Signature cache. */
-    key->y = priv_data;
-#endif /* WOLFSSL_LMS_NO_SIG_CACHE */
-#endif /* WOLFSSL_WC_LMS_SMALL */
-}
-
-#ifndef WOLFSSL_WC_LMS_SMALL
-/* Store the private key data from HSS private key structure.
- *
- * @param [in]      params     LMS parameters.
- * @param [in]      key        HSS private key.
- * @param [in, out] priv_data  Private key data.
- */
-static void wc_hss_priv_data_store(const LmsParams* params, HssPrivKey* key,
-    byte* priv_data)
-{
-    int l;
-
-    (void)key;
-
-    /* Expanded private keys. */
-    priv_data += LMS_PRIV_KEY_LEN(params->levels, params->hash_len);
-
-    for (l = 0; l < params->levels; l++) {
-        /* Caches for subtrees. */
-        wc_lms_priv_state_store(params, &key->state[l], priv_data);
-        priv_data += LMS_PRIV_STATE_LEN(params->height, params->rootLevels,
-            params->cacheBits, params->hash_len);
-    }
-#ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-    /* Next subtree's expanded private keys. */
-    priv_data += LMS_PRIV_KEY_LEN(params->levels, params->hash_len);
-    for (l = 0; l < params->levels - 1; l++) {
-        /* Next subtree's caches. */
-        wc_lms_priv_state_store(params, &key->next_state[l], priv_data);
-        priv_data += LMS_PRIV_STATE_LEN(params->height, params->rootLevels,
-            params->cacheBits, params->hash_len);
-    }
-#endif /* WOLFSSL_LMS_NO_SIGN_SMOOTHING */
-
-#ifndef WOLFSSL_LMS_NO_SIG_CACHE
-    /* Signature cache. */
-#endif /* WOLFSSL_LMS_NO_SIG_CACHE */
-}
-#endif /* WOLFSSL_WC_LMS_SMALL */
-
-/* Expand private key for each level and calculating auth path..
- *
- * @param [in, out] state      LMS state.
- * @param [in]      priv_raw   Raw private key bytes.
- * @param [out]     priv_key   Private key data.
- * @param [out]     priv_data  Private key data.
- * @param [out]     pub_root   Public key root node.
- * @return  0 on success.
- */
-int wc_hss_reload_key(LmsState* state, const byte* priv_raw,
-    HssPrivKey* priv_key, byte* priv_data, byte* pub_root)
-{
-    int ret = 0;
-
-    (void)pub_root;
-
-    /* Defend against undefined shifts; LmsParams* params = state->params */
-    if ((state->params->cacheBits >= 32U) || (state->params->height >= 32U)) {
-        return BAD_FUNC_ARG;
-    }
-
-    wc_hss_priv_data_load(state->params, priv_key, priv_data);
-#ifndef WOLFSSL_WC_LMS_SMALL
-    priv_key->inited = 0;
-#endif
-
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-    if (pub_root != NULL)
-#endif
-    {
-        /* Expand the raw private key into the private key data. */
-        ret = wc_hss_expand_private_key(state, priv_key->priv, priv_raw, 0);
-    #ifndef WOLFSSL_WC_LMS_SMALL
-        if ((ret == 0) && (!priv_key->inited)) {
-            /* Initialize the authentication paths and caches for all trees. */
-            ret = wc_hss_init_auth_path(state, priv_key, pub_root);
-        #ifndef WOLFSSL_LMS_NO_SIGN_SMOOTHING
-            if (ret == 0) {
-                ret = wc_hss_next_subtrees_init(state, priv_key);
-            }
-        #endif
-        #if !defined(WOLFSSL_LMS_NO_SIG_CACHE) && (LMS_MAX_LEVELS > 1)
-            if (ret == 0) {
-                /* Calculate signatures for trees not at bottom. */
-                ret = wc_hss_presign(state, priv_key);
-            }
-        #endif /* !WOLFSSL_LMS_NO_SIG_CACHE */
-        }
-    #endif /* WOLFSSL_WC_LMS_SMALL */
-    }
-#ifndef WOLFSSL_WC_LMS_SMALL
-    /* Set initialized flag. */
-    priv_key->inited = (ret == 0);
-#endif
-
-    return ret;
-}
-
-/* Make an HSS key pair.
- *
- * @param [in, out] state      LMS state.
- * @param [in]      rng        Random number generator.
- * @param [out]     priv_raw   Private key to write.
- * @param [out]     priv_key   Private key.
- * @param [out]     priv_data  Private key data.
- * @param [out]     pub        Public key.
- * @return  0 on success.
- */
-int wc_hss_make_key(LmsState* state, WC_RNG* rng, byte* priv_raw,
-    HssPrivKey* priv_key, byte* priv_data, byte* pub)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-    int i;
-    byte* p = priv_raw;
-    byte* pub_root = pub + LMS_L_LEN + LMS_TYPE_LEN + LMS_TYPE_LEN + LMS_I_LEN;
-
-    /* The 64-bit q starts at 0 - set into raw private key. */
-    wc_lms_idx_zero(p, HSS_Q_LEN);
-    p += HSS_Q_LEN;
-
-    /* Set the LMS and LM-OTS types for each level. */
-    for (i = 0; i < params->levels; i++) {
-        p[i] = ((params->lmsType & LMS_H_W_MASK) << 4) +
-               (params->lmOtsType & LMS_H_W_MASK);
-    }
-    /* Set rest of levels to an invalid value. */
-    for (; i < HSS_MAX_LEVELS; i++) {
-        p[i] = 0xff;
-    }
-    p += HSS_PRIV_KEY_PARAM_SET_LEN;
-
-    /* Make the private key. */
-    ret = wc_lmots_make_private_key(rng, params->hash_len, p);
-
-    if (ret == 0) {
-        /* Set the levels into the public key data. */
-        c32toa(params->levels, pub);
-        pub += LMS_L_LEN;
-
-        ret = wc_hss_reload_key(state, priv_raw, priv_key, priv_data, pub_root);
-    }
-    #ifdef WOLFSSL_WC_LMS_SMALL
-    if (ret == 0) {
-        byte* priv_seed = priv_key->priv + LMS_Q_LEN;
-        byte* priv_i = priv_seed + params->hash_len;
-
-        /* Compute the root of the highest tree to get the root for public key.
-         */
-        ret = wc_lms_make_public_key(state, priv_i, priv_seed, pub_root);
-    }
-    #endif /* !WOLFSSL_WC_LMS_SMALL */
-    if (ret == 0) {
-        /* Encode the public key with remaining fields from the private key. */
-        wc_lmots_public_key_encode(params, priv_key->priv, pub);
-    }
-
-#ifdef WOLFSSL_WC_LMS_SERIALIZE_STATE
-    wc_hss_priv_data_store(state->params, priv_key, priv_data);
-#endif
-
-    return ret;
-}
-
-#ifdef WOLFSSL_WC_LMS_SMALL
-/* Sign message using HSS.
- *
- * Algorithm 8: Generating an HSS signature
- *   1. If the message-signing key prv[L-1] is exhausted, regenerate
- *      that key pair, together with any parent key pairs that might
- *      be necessary.
- *      If the root key pair is exhausted, then the HSS key pair is
- *      exhausted and MUST NOT generate any more signatures.
- *      d = L
- *      while (prv[d-1].q == 2^(prv[d-1].h)) {
- *        d = d - 1
- *        if (d == 0)
- *          return FAILURE
- *      }
- *      while (d < L) {
- *        create lms key pair pub[d], prv[d]
- *        sig[d-1] = lms_signature( pub[d], prv[d-1] )
- *        d = d + 1
- *      }
- *   2. Sign the message.
- *      sig[L-1] = lms_signature( msg, prv[L-1] )
- *   3. Create the list of signed public keys.
- *      i = 0;
- *      while (i < L-1) {
- *        signed_pub_key[i] = sig[i] || pub[i+1]
- *        i = i + 1
- *      }
- *   4. Return u32str(L-1) || signed_pub_key[0] || ...
- *                               || signed_pub_key[L-2] || sig[L-1]
- *
- * @param [in, out] state     LMS state.
- * @param [in, out] priv_raw  Raw private key bytes.
- * @param [in, out] priv_key  Private key data.
- * @param [in]      msg       Message to sign.
- * @param [in]      msgSz     Length of message in bytes.
- * @param [out]     sig       Signature of message.
- * @return  0 on success.
- */
-int wc_hss_sign(LmsState* state, byte* priv_raw, HssPrivKey* priv_key,
-    byte* priv_data, const byte* msg, word32 msgSz, byte* sig)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-    byte* priv = priv_key->priv;
-
-    (void)priv_data;
-
-    /* Step 1. Part 2: Check for total key exhaustion. */
-    if (!wc_hss_sigsleft(params, priv_raw)) {
-        ret = KEY_EXHAUSTED_E;
-    }
-
-    if (ret == 0) {
-        /* Expand the raw private key into the private key data. */
-        ret = wc_hss_expand_private_key(state, priv, priv_raw, 0);
-    }
-    if (ret == 0) {
-        int i;
-        w64wrapper q;
-        w64wrapper qm1;
-
-        /* Get 64-bit q from raw private key. */
-        ato64(priv_raw, &q);
-        /* Calculate q-1 for comparison. */
-        qm1 = q;
-        w64Decrement(&qm1);
-
-        /* Set number of signed public keys. */
-        c32toa(params->levels - 1, sig);
-        sig += params->sig_len;
-
-        /* Build from bottom up. */
-        for (i = params->levels - 1; (ret == 0) && (i >= 0); i--) {
-            byte* p = priv + i * (LMS_Q_LEN + params->hash_len + LMS_I_LEN);
-            byte* root = NULL;
-
-            /* Move to start of next signature at this level. */
-            sig -= LMS_SIG_LEN(params->height, params->p, params->hash_len);
-            if (i != 0) {
-                /* Put root node into signature at this index. */
-                root = sig - params->hash_len;
-            }
-
-            /* Sign using LMS for this level. */
-            ret = wc_lms_sign(state, p, msg, msgSz, sig);
-            if (ret == 0) {
-                byte* s = sig + LMS_Q_LEN + LMS_TYPE_LEN + params->hash_len +
-                    params->p * params->hash_len + LMS_TYPE_LEN;
-                byte* priv_q = p;
-                byte* priv_seed = priv_q + LMS_Q_LEN;
-                byte* priv_i = priv_seed + params->hash_len;
-                word32 q32;
-
-                /* Get Q from private key as a number. */
-                ato32(priv_q, &q32);
-                /* Calculate authentication path. */
-                ret = wc_lms_auth_path(state, priv_i, priv_seed, q32, s, root);
-            }
-            if ((ret == 0) && (i != 0)) {
-                /* Create public data for this level if there is another. */
-                sig -= LMS_PUBKEY_LEN(params->hash_len);
-                msg = sig;
-                msgSz = LMS_PUBKEY_LEN(params->hash_len);
-                wc_lmots_public_key_encode(params, p, sig);
-            }
-        }
-    }
-    if (ret == 0) {
-        /* Increment index of leaf node to sign with in raw data. */
-        wc_lms_idx_inc(priv_raw, HSS_Q_LEN);
-    }
-
-    return ret;
-}
-#else
-/* Build signature for HSS signed message.
- *
- * Algorithm 8: Generating an HSS signature
- *   1. ...
- *      while (prv[d-1].q == 2^(prv[d-1].h)) {
- *        d = d - 1
- *        if (d == 0)
- *          return FAILURE
- *      }
- *      while (d < L) {
- *        create lms key pair pub[d], prv[d]
- *        sig[d-1] = lms_signature( pub[d], prv[d-1] )
- *        d = d + 1
- *      }
- *   2. Sign the message.
- *      sig[L-1] = lms_signature( msg, prv[L-1] )
- *   3. Create the list of signed public keys.
- *      i = 0;
- *      while (i < L-1) {
- *        signed_pub_key[i] = sig[i] || pub[i+1]
- *        i = i + 1
- *      }
- *   4. Return u32str(L-1) || signed_pub_key[0] || ...
- *                               || signed_pub_key[L-2] || sig[L-1]
- *
- * @param [in, out] state      LMS state.
- * @param [in, out] priv_raw   Raw private key bytes.
- * @param [in, out] priv_key   Private key data.
- * @param [in]      msg        Message to sign.
- * @param [in]      msgSz      Length of message in bytes.
- * @param [out]     sig        Signature of message.
- * @return  0 on success.
- */
-static int wc_hss_sign_build_sig(LmsState* state, byte* priv_raw,
-    HssPrivKey* priv_key, const byte* msg, word32 msgSz, byte* sig)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-    int i;
-    w64wrapper q;
-    w64wrapper qm1;
-    byte* priv = priv_key->priv;
-
-    /* Get 64-bit q from raw private key. */
-    ato64(priv_raw, &q);
-    /* Calculate q-1 for comparison. */
-    qm1 = q;
-    w64Decrement(&qm1);
-
-    /* Set number of signed public keys. */
-    c32toa(params->levels - 1, sig);
-    sig += params->sig_len;
-
-    /* Build from bottom up. */
-    for (i = params->levels - 1; (ret == 0) && (i >= 0); i--) {
-        byte* p = priv + i * (LMS_Q_LEN + params->hash_len + LMS_I_LEN);
-    #if !defined(WOLFSSL_LMS_MAX_LEVELS) || WOLFSSL_LMS_MAX_LEVELS > 1
-        byte* root = NULL;
-    #endif
-    #ifndef WOLFSSL_LMS_NO_SIG_CACHE
-        int store_p = 0;
-        word32 q_32 = LMS_Q_AT_LEVEL(q, params->levels, i,
-            params->height);
-        word32 qm1_32 = LMS_Q_AT_LEVEL(qm1, params->levels, i,
-            params->height);
-    #endif /* !WOLFSSL_LMS_NO_SIG_CACHE */
-
-        /* Move to start of next signature at this level. */
-        sig -= LMS_SIG_LEN(params->height, params->p, params->hash_len);
-    #if !defined(WOLFSSL_LMS_MAX_LEVELS) || WOLFSSL_LMS_MAX_LEVELS > 1
-        if (i != 0) {
-            /* Put root node into signature at this index. */
-            root = sig - params->hash_len;
-        }
-    #endif
-
-    #ifndef WOLFSSL_LMS_NO_SIG_CACHE
-        /* Check if we have a cached version of C and the p hashes that we
-         * can reuse. */
-        if ((i < params->levels - 1) && (q_32 == qm1_32)) {
-            wc_lms_sig_copy(params, priv_key->y +
-                i * LMS_PRIV_Y_TREE_LEN(params->p, params->hash_len), p, sig);
-        }
-        else
-    #endif /* !WOLFSSL_LMS_NO_SIG_CACHE */
-        {
-            /* Sign using LMS for this level. */
-            ret = wc_lms_sign(state, p, msg, msgSz, sig);
-        #ifndef WOLFSSL_LMS_NO_SIG_CACHE
-            store_p = (i < params->levels - 1);
-        #endif /* !WOLFSSL_LMS_NO_SIG_CACHE */
-        }
-        if (ret == 0) {
-            byte* s = sig + LMS_Q_LEN + LMS_TYPE_LEN;
-
-        #ifndef WOLFSSL_LMS_NO_SIG_CACHE
-            /* Check if we computed new C and p hashes. */
-            if (store_p) {
-                /* Cache the C and p hashes. */
-                XMEMCPY(priv_key->y +
-                    i * LMS_PRIV_Y_TREE_LEN(params->p, params->hash_len), s,
-                    LMS_PRIV_Y_TREE_LEN(params->p, params->hash_len));
-            }
-        #endif /* !WOLFSSL_LMS_NO_SIG_CACHE */
-            s += params->hash_len + params->p * params->hash_len +
-                LMS_TYPE_LEN;
-
-            /* Copy the authentication path out of the private key. */
-            XMEMCPY(s, priv_key->state[i].auth_path,
-                params->height * params->hash_len);
-        #if !defined(WOLFSSL_LMS_MAX_LEVELS) || WOLFSSL_LMS_MAX_LEVELS > 1
-            /* Copy the root node into signature unless at top. */
-            if (i != 0) {
-                XMEMCPY(root, priv_key->state[i].root, params->hash_len);
-            }
-        #endif
-        }
-        if ((ret == 0) && (i != 0)) {
-            /* Create public data for this level if there is another. */
-            sig -= LMS_PUBKEY_LEN(params->hash_len);
-            msg = sig;
-            msgSz = LMS_PUBKEY_LEN(params->hash_len);
-            wc_lmots_public_key_encode(params, p, sig);
-        }
-    }
-
-    return ret;
-}
-
-/* Sign message using HSS.
- *
- * Algorithm 8: Generating an HSS signature
- *   1. If the message-signing key prv[L-1] is exhausted, regenerate
- *      that key pair, together with any parent key pairs that might
- *      be necessary.
- *      If the root key pair is exhausted, then the HSS key pair is
- *      exhausted and MUST NOT generate any more signatures.
- *      d = L
- *      while (prv[d-1].q == 2^(prv[d-1].h)) {
- *        d = d - 1
- *        if (d == 0)
- *          return FAILURE
- *      }
- *      while (d < L) {
- *        create lms key pair pub[d], prv[d]
- *        sig[d-1] = lms_signature( pub[d], prv[d-1] )
- *        d = d + 1
- *      }
- *   2. Sign the message.
- *      sig[L-1] = lms_signature( msg, prv[L-1] )
- *   3. Create the list of signed public keys.
- *      i = 0;
- *      while (i < L-1) {
- *        signed_pub_key[i] = sig[i] || pub[i+1]
- *        i = i + 1
- *      }
- *   4. Return u32str(L-1) || signed_pub_key[0] || ...
- *                               || signed_pub_key[L-2] || sig[L-1]
- *
- * @param [in, out] state      LMS state.
- * @param [in, out] priv_raw   Raw private key bytes.
- * @param [in, out] priv_key   Private key.
- * @param [in, out] priv_data  Private key data.
- * @param [in]      msg        Message to sign.
- * @param [in]      msgSz      Length of message in bytes.
- * @param [out]     sig        Signature of message.
- * @return  0 on success.
- */
-int wc_hss_sign(LmsState* state, byte* priv_raw, HssPrivKey* priv_key,
-    byte* priv_data, const byte* msg, word32 msgSz, byte* sig)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-
-    /* Validate fixed parameters for static code analyzers. */
-    if ((params->rootLevels == 0) || (params->rootLevels > params->height)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Step 1. Part 2: Check for total key exhaustion. */
-    if ((ret == 0) && (!wc_hss_sigsleft(params, priv_raw))) {
-        ret = KEY_EXHAUSTED_E;
-    }
-
-    if ((ret == 0) && (!priv_key->inited)) {
-        /* Initialize the authentication paths and caches for all trees. */
-        ret = wc_hss_init_auth_path(state, priv_key, NULL);
-    #if !defined(WOLFSSL_LMS_NO_SIG_CACHE) && (LMS_MAX_LEVELS > 1)
-        if (ret == 0) {
-            ret = wc_hss_presign(state, priv_key);
-        }
-    #endif /* !WOLFSSL_LMS_NO_SIG_CACHE */
-        /* Set initialized flag. */
-        priv_key->inited = (ret == 0);
-    }
-    if (ret == 0) {
-        ret = wc_hss_sign_build_sig(state, priv_raw, priv_key, msg, msgSz, sig);
-    }
-    if (ret == 0) {
-        /* Increment index of leaf node to sign with in raw data. */
-        wc_lms_idx_inc(priv_raw, HSS_Q_LEN);
-    }
-    /* Check we will produce another signature. */
-    if ((ret == 0) && wc_hss_sigsleft(params, priv_raw)) {
-        /* Update the expanded private key data. */
-        ret = wc_hss_expand_private_key(state, priv_key->priv, priv_raw, 1);
-        if (ret == 0) {
-            /* Update authentication path and caches for all trees. */
-            ret = wc_hss_update_auth_path(state, priv_key, priv_raw,
-                params->levels);
-        }
-    }
-    if (ret == 0) {
-        /* Store the updated private key data. */
-        wc_hss_priv_data_store(state->params, priv_key, priv_data);
-    }
-
-    return ret;
-}
-#endif
-
-/* Check whether key is exhausted.
- *
- * First 8 bytes of raw key is the index.
- * Check index is less than count of leaf nodes.
- *
- * @param [in] params    LMS parameters.
- * @param [in] priv_raw  HSS raw private key.
- * @return  1 when signature possible.
- * @return  0 when private key exhausted.
- */
-int wc_hss_sigsleft(const LmsParams* params, const byte* priv_raw)
-{
-    w64wrapper q;
-    w64wrapper cnt;
-
-    /* Get current q - next leaf index to sign with. */
-    ato64(priv_raw, &q);
-    /* 1 << total_height = total leaf nodes. */
-    cnt = w64ShiftLeft(w64From32(0, 1), params->levels * params->height);
-    /* Check q is less than total leaf node count. */
-    return w64LT(q, cnt);
-}
-#endif /* !WOLFSSL_LMS_VERIFY_ONLY */
-
-/* Verify message using HSS.
- *
- * Section 6.3. Signature Verification
- *  1. Nspk = strTou32(first four bytes of S)
- *  2. if Nspk+1 is not equal to the number of levels L in pub:
- *  3.   return INVALID
- *  4. key = pub
- *  5. for (i = 0; i < Nspk; i = i + 1) {
- *  6.   sig = siglist[i]
- *  7.   msg = publist[i]
- *  8.   if (lms_verify(msg, key, sig) != VALID):
- *  9.     return INVALID
- * 10.   key = msg
- * 11. }
- * 12. return lms_verify(message, key, siglist[Nspk])
- *
- * @param [in, out] state  LMS state.
- * @param [in]      pub    HSS public key.
- * @param [in]      msg    Message to verify.
- * @param [in]      msgSz  Length of message in bytes.
- * @param [in]      sig    Signature of message.
- * @return  0 on success.
- * @return  SIG_VERIFY_E on failure.
- */
-int wc_hss_verify(LmsState* state, const byte* pub, const byte* msg,
-    word32 msgSz, const byte* sig)
-{
-    const LmsParams* params = state->params;
-    int ret = 0;
-    word32 nspk;
-    const byte* key = pub + LMS_L_LEN;
-    word32 levels;
-
-    /* Get number of levels from public key. */
-    ato32(pub, &levels);
-    /* Line 1: Get number of signed public keys from signature. */
-    ato32(sig, &nspk);
-    /* Line 6 (First iteration): Move to start of next signature. */
-    sig += LMS_L_LEN;
-
-    /* Line 2: Verify that pub and signature match in levels. */
-    if (nspk + 1 != levels) {
-        /* Line 3: Return invalid signature. */
-        ret = SIG_VERIFY_E;
-    }
-    if (ret == 0) {
-        word32 i;
-
-        /* Line 5: For all but last LMS signature. */
-        for (i = 0; (ret == 0) && (i < nspk); i++) {
-            /* Line 7: Get start of public key in signature. */
-            const byte* pubList = sig + LMS_Q_LEN + LMS_TYPE_LEN +
-                params->hash_len + params->p * params->hash_len + LMS_TYPE_LEN +
-                params->height * params->hash_len;
-            /* Line 8: Verify the LMS signature with public key as message. */
-            ret = wc_lms_verify(state, key, pubList,
-                LMS_PUBKEY_LEN(params->hash_len), sig);
-            /* Line 10: Next key is from signature. */
-            key = pubList;
-            /* Line 6: Move to start of next signature. */
-            sig = pubList + LMS_PUBKEY_LEN(params->hash_len);
-        }
-    }
-    if (ret == 0) {
-        /* Line 12: Verify bottom tree with real message. */
-        ret = wc_lms_verify(state, key, msg, msgSz, sig);
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_HAVE_LMS && WOLFSSL_WC_LMS */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_mlkem.c b/src/ssl/wolfssl/wolfcrypt/wc_mlkem.c
deleted file mode 100644
index d9372f5f7..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_mlkem.c
+++ /dev/null
@@ -1,2169 +0,0 @@
-/* wc_mlkem.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation based on FIPS 203:
- *   https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf
- *
- * Original implementation based on NIST 3rd Round submission package.
- * See link at:
- *   https://csrc.nist.gov/Projects/post-quantum-cryptography/
- *   post-quantum-cryptography-standardization/round-3-submissions
- */
-
-/* Possible Kyber options:
- *
- * WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM                                  Default: OFF
- *   Uses less dynamic memory to perform key generation.
- *   Has a small performance trade-off.
- *   Only usable with C implementation.
- *
- * WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM                              Default: OFF
- *   Uses less dynamic memory to perform encapsulation.
- *   Affects decapsulation too as encapsulation called.
- *   Has a small performance trade-off.
- *   Only usable with C implementation.
- *
- * WOLFSSL_MLKEM_NO_MAKE_KEY                                        Default: OFF
- *   Disable the make key or key generation API.
- *   Reduces the code size.
- *   Turn on when only doing encapsulation.
- *
- * WOLFSSL_MLKEM_NO_ENCAPSULATE                                     Default: OFF
- *   Disable the encapsulation API.
- *   Reduces the code size.
- *   Turn on when doing make key/decapsulation.
- *
- * WOLFSSL_MLKEM_NO_DECAPSULATE                                     Default: OFF
- *   Disable the decapsulation API.
- *   Reduces the code size.
- *   Turn on when only doing encapsulation.
- *
- * WOLFSSL_MLKEM_CACHE_A                                           Default: OFF
- *   Stores the matrix A during key generation for use in encapsulation when
- *   performing decapsulation.
- *   KyberKey is 8KB larger but decapsulation is significantly faster.
- *   Turn on when performing make key and decapsualtion with same object.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WC_MLKEM_NO_ASM
-    #undef USE_INTEL_SPEEDUP
-    #undef WOLFSSL_ARMASM
-    #undef WOLFSSL_RISCV_ASM
-#endif
-
-#include <wolfssl/wolfcrypt/mlkem.h>
-#include <wolfssl/wolfcrypt/wc_mlkem.h>
-#include <wolfssl/wolfcrypt/hash.h>
-#include <wolfssl/wolfcrypt/memory.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(USE_INTEL_SPEEDUP) || \
-    (defined(__aarch64__) && defined(WOLFSSL_ARMASM))
-    #if defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM) || \
-        defined(WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM)
-        #error "Can't use small memory with assembly optimized code"
-    #endif
-#endif
-#if defined(WOLFSSL_MLKEM_CACHE_A)
-    #if defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM) || \
-        defined(WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM)
-        #error "Can't cache A with small memory code"
-    #endif
-#endif
-
-#if defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
-    defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) && \
-    defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-    #error "No ML-KEM operations to be built."
-#endif
-
-#ifdef WOLFSSL_WC_MLKEM
-
-#ifdef DEBUG_MLKEM
-void print_polys(const char* name, const sword16* a, int d1, int d2);
-void print_polys(const char* name, const sword16* a, int d1, int d2)
-{
-    int i;
-    int j;
-    int k;
-
-    fprintf(stderr, "%s: %d %d\n", name, d1, d2);
-    for (i = 0; i < d1; i++) {
-        for (j = 0; j < d2; j++) {
-            for (k = 0; k < 256; k++) {
-                fprintf(stderr, "%9d,", a[(i*d2*256) + (j*256) + k]);
-                if ((k % 8) == 7) fprintf(stderr, "\n");
-            }
-            fprintf(stderr, "\n");
-        }
-    }
-}
-#endif
-
-#ifdef DEBUG_MLKEM
-void print_data(const char* name, const byte* d, int len);
-void print_data(const char* name, const byte* d, int len)
-{
-    int i;
-
-    fprintf(stderr, "%s\n", name);
-    for (i = 0; i < len; i++) {
-        fprintf(stderr, "0x%02x,", d[i]);
-        if ((i % 16) == 15) fprintf(stderr, "\n");
-    }
-    fprintf(stderr, "\n");
-}
-#endif
-
-/******************************************************************************/
-
-/* Use SHA3-256 to generate 32-bytes of hash. */
-#define MLKEM_HASH_H            mlkem_hash256
-/* Use SHA3-512 to generate 64-bytes of hash. */
-#define MLKEM_HASH_G            mlkem_hash512
-/* Use SHAKE-256 as a key derivation function (KDF). */
-#if defined(USE_INTEL_SPEEDUP) || \
-        (defined(WOLFSSL_ARMASM) && defined(__aarch64__))
-    #define MLKEM_KDF               mlkem_kdf
-#else
-    #define MLKEM_KDF               wc_Shake256Hash
-#endif
-
-/******************************************************************************/
-
-/* Declare variable to make compiler not optimize code in mlkem_from_msg(). */
-volatile sword16 mlkem_opt_blocker = 0;
-
-/******************************************************************************/
-
-#ifndef WC_NO_CONSTRUCTORS
-/**
- * Create a new ML-KEM key object.
- *
- * Allocates and initializes a ML-KEM key object.
- *
- * @param  [in]   type         Type of key:
- *                               WC_ML_KEM_512, WC_ML_KEM_768, WC_ML_KEM_1024,
- *                               KYBER512, KYBER768, KYBER1024.
- * @param  [in]   heap         Dynamic memory hint.
- * @param  [in]   devId        Device Id.
- * @return Pointer to new MlKemKey object, or NULL on failure.
- */
-
-MlKemKey* wc_MlKemKey_New(int type, void* heap, int devId)
-{
-    int ret;
-    MlKemKey* key = (MlKemKey*)XMALLOC(sizeof(MlKemKey), heap,
-        DYNAMIC_TYPE_TMP_BUFFER);
-    if (key != NULL) {
-        ret = wc_MlKemKey_Init(key, type, heap, devId);
-        if (ret != 0) {
-            XFREE(key, heap, DYNAMIC_TYPE_TMP_BUFFER);
-            key = NULL;
-        }
-    }
-
-    return key;
-}
-
-/**
- * Delete and free a ML-KEM key object.
- *
- * Frees resources associated with a ML-KEM key object and sets pointer to NULL.
- *
- * @param  [in]      key    ML-KEM key object to delete.
- * @param  [in, out] key_p  Pointer to key pointer to set to NULL.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- */
-
-int wc_MlKemKey_Delete(MlKemKey* key, MlKemKey** key_p)
-{
-    if (key == NULL)
-        return BAD_FUNC_ARG;
-    wc_MlKemKey_Free(key);
-    XFREE(key, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (key_p != NULL)
-        *key_p = NULL;
-
-    return 0;
-}
-#endif /* !WC_NO_CONSTRUCTORS */
-
-/**
- * Initialize the Kyber key.
- *
- * @param  [in]   type   Type of key:
- *                         WC_ML_KEM_512, WC_ML_KEM_768, WC_ML_KEM_1024,
- *                         KYBER512, KYBER768, KYBER1024.
- * @param  [out]  key    Kyber key object to initialize.
- * @param  [in]   heap   Dynamic memory hint.
- * @param  [in]   devId  Device Id.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key is NULL or type is unrecognized.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_Init(MlKemKey* key, int type, void* heap, int devId)
-{
-    int ret = 0;
-
-    /* Validate key. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        /* Validate type. */
-        switch (type) {
-    #ifndef WOLFSSL_NO_ML_KEM
-        case WC_ML_KEM_512:
-        #ifndef WOLFSSL_WC_ML_KEM_512
-            /* Code not compiled in for Kyber-512. */
-            ret = NOT_COMPILED_IN;
-        #endif
-            break;
-        case WC_ML_KEM_768:
-        #ifndef WOLFSSL_WC_ML_KEM_768
-            /* Code not compiled in for Kyber-768. */
-            ret = NOT_COMPILED_IN;
-        #endif
-            break;
-        case WC_ML_KEM_1024:
-        #ifndef WOLFSSL_WC_ML_KEM_1024
-            /* Code not compiled in for Kyber-1024. */
-            ret = NOT_COMPILED_IN;
-        #endif
-            break;
-    #endif
-    #ifdef WOLFSSL_MLKEM_KYBER
-        case KYBER512:
-        #ifndef WOLFSSL_KYBER512
-            /* Code not compiled in for Kyber-512. */
-            ret = NOT_COMPILED_IN;
-        #endif
-            break;
-        case KYBER768:
-        #ifndef WOLFSSL_KYBER768
-            /* Code not compiled in for Kyber-768. */
-            ret = NOT_COMPILED_IN;
-        #endif
-            break;
-        case KYBER1024:
-        #ifndef WOLFSSL_KYBER1024
-            /* Code not compiled in for Kyber-1024. */
-            ret = NOT_COMPILED_IN;
-        #endif
-            break;
-    #endif
-        default:
-            /* No other values supported. */
-            ret = BAD_FUNC_ARG;
-            break;
-        }
-    }
-    if (ret == 0) {
-        /* Keep type for parameters. */
-        key->type = type;
-        /* Cache heap pointer. */
-        key->heap = heap;
-    #ifdef WOLF_CRYPTO_CB
-        /* Cache device id - not used in for this algorithm yet. */
-        key->devId = devId;
-    #endif
-        key->flags = 0;
-
-        /* Zero out all data. */
-        XMEMSET(&key->prf, 0, sizeof(key->prf));
-
-        /* Initialize the hash algorithm object. */
-        ret = mlkem_hash_new(&key->hash, heap, devId);
-    }
-    if (ret == 0) {
-        /* Initialize the PRF algorithm object. */
-        ret = mlkem_prf_new(&key->prf, heap, devId);
-    }
-    if (ret == 0) {
-        mlkem_init();
-    }
-
-    (void)devId;
-
-    return ret;
-}
-
-/**
- * Free the Kyber key object.
- *
- * @param  [in, out]  key   Kyber key object to dispose of.
- * @return  0 on success.
- */
-int wc_MlKemKey_Free(MlKemKey* key)
-{
-    if (key != NULL) {
-        /* Dispose of PRF object. */
-        mlkem_prf_free(&key->prf);
-        /* Dispose of hash object. */
-        mlkem_hash_free(&key->hash);
-        /* Ensure all private data is zeroed. */
-        ForceZero(&key->hash, sizeof(key->hash));
-        ForceZero(&key->prf, sizeof(key->prf));
-        ForceZero(key->priv, sizeof(key->priv));
-        ForceZero(key->z, sizeof(key->z));
-    }
-
-    return 0;
-}
-
-/******************************************************************************/
-
-#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
-/**
- * Make a Kyber key object using a random number generator.
- *
- * FIPS 203 - Algorithm 19: ML-KEM.KeyGen()
- * Generates an encapsulation key and a corresponding decapsulation key.
- *   1: d <- B_32                                        >  d is 32 random bytes
- *   2: z <- B_32                                        >  z is 32 random bytes
- *   3: if d == NULL or z == NULL then
- *   4:   return falsum
- *                  > return an error indication if random bit generation failed
- *   5: end if
- *   6: (ek,dk) <- ML-KEM.KeyGen_Interal(d, z)
- *                                       > run internal key generation algorithm
- *   &: return (ek,dk)
- *
- * @param  [in, out]  key   Kyber key object.
- * @param  [in]       rng   Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rng is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- * @return  MEMORY_E when dynamic memory allocation failed.
- * @return  RNG_FAILURE_E when  generating random numbers failed.
- * @return  DRBG_CONT_FAILURE when random number generator health check fails.
- */
-int wc_MlKemKey_MakeKey(MlKemKey* key, WC_RNG* rng)
-{
-    int ret = 0;
-    unsigned char rand[WC_ML_KEM_MAKEKEY_RAND_SZ];
-
-    /* Validate parameters. */
-    if ((key == NULL) || (rng == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Generate random to use with PRFs.
-         * Step 1: d is 32 random bytes
-         * Step 2: z is 32 random bytes
-         */
-        ret = wc_RNG_GenerateBlock(rng, rand, WC_ML_KEM_SYM_SZ * 2);
-        /* Step 3: ret is not zero when d == NULL or z == NULL. */
-    }
-    if (ret == 0) {
-        /* Make a key pair from the random.
-         * Step 6. run internal key generation algorithm
-         * Step 7. public and private key are stored in key
-         */
-        ret = wc_KyberKey_MakeKeyWithRandom(key, rand, sizeof(rand));
-    }
-
-    /* Ensure seeds are zeroized. */
-    ForceZero((void*)rand, (word32)sizeof(rand));
-
-    /* Step 4: return ret != 0 on falsum or internal key generation failure. */
-    return ret;
-}
-
-/**
- * Make a Kyber key object using random data.
- *
- * FIPS 203 - Algorithm 16: ML-KEM.KeyGen_internal(d,z)
- * Uses randomness to generate an encapsulation key and a corresponding
- * decapsulation key.
- *   1: (ek_PKE,dk_PKE) < K-PKE.KeyGen(d)         > run key generation for K-PKE
- *   ...
- *
- * FIPS 203 - Algorithm 13: K-PKE.KeyGen(d)
- * Uses randomness to generate an encryption key and a corresponding decryption
- * key.
- *   1: (rho,sigma) <- G(d||k)A
- *                         > expand 32+1 bytes to two pseudorandom 32-byte seeds
- *   2: N <- 0
- *   3-7: generate matrix A_hat
- *   8-11: generate s
- *   12-15: generate e
- *   16-18: calculate t_hat from A_hat, s and e
- *   ...
- *
- * @param  [in, out]  key   Kyber key ovject.
- * @param  [in]       rand  Random data.
- * @param  [in]       len   Length of random data in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or rand is NULL.
- * @return  BUFFER_E when length is not WC_ML_KEM_MAKEKEY_RAND_SZ.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_MakeKeyWithRandom(MlKemKey* key, const unsigned char* rand,
-    int len)
-{
-    byte buf[2 * WC_ML_KEM_SYM_SZ + 1];
-    byte* rho = buf;
-    byte* sigma = buf + WC_ML_KEM_SYM_SZ;
-#ifndef WOLFSSL_NO_MALLOC
-    sword16* e = NULL;
-#else
-#ifndef WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-#ifndef WOLFSSL_MLKEM_CACHE_A
-    sword16 e[(WC_ML_KEM_MAX_K + 1) * WC_ML_KEM_MAX_K * MLKEM_N];
-#else
-    sword16 e[WC_ML_KEM_MAX_K * MLKEM_N];
-#endif
-#else
-    sword16 e[WC_ML_KEM_MAX_K * MLKEM_N];
-#endif
-#endif
-#ifndef WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-    sword16* a = NULL;
-#endif
-    sword16* s = NULL;
-    sword16* t = NULL;
-    int ret = 0;
-    int k = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (rand == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (len != WC_ML_KEM_MAKEKEY_RAND_SZ)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        key->flags = 0;
-
-        /* Establish parameters based on key type. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            k = WC_ML_KEM_512_K;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            k = WC_ML_KEM_768_K;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            k = WC_ML_KEM_1024_K;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            k = KYBER512_K;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            k = KYBER768_K;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            k = KYBER1024_K;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-
-#ifndef WOLFSSL_NO_MALLOC
-    if (ret == 0) {
-        /* Allocate dynamic memory for matrix and error vector. */
-#ifndef WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-#ifndef WOLFSSL_MLKEM_CACHE_A
-        /* e (v) | a (m) */
-        e = (sword16*)XMALLOC((k + 1) * k * MLKEM_N * sizeof(sword16),
-            key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#else
-        /* e (v) */
-        e = (sword16*)XMALLOC(k * MLKEM_N * sizeof(sword16),
-            key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-#else
-        /* e (v) */
-        e = (sword16*)XMALLOC(k * MLKEM_N * sizeof(sword16),
-            key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-        if (e == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-    if (ret == 0) {
-        const byte* d = rand;
-
-#ifdef WOLFSSL_MLKEM_CACHE_A
-        a = key->a;
-#elif !defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM)
-        /* Matrix A allocated at end of error vector. */
-        a = e + (k * MLKEM_N);
-#endif
-
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        if (key->type & MLKEM_KYBER)
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-        {
-            /* Expand 32 bytes of random to 32. */
-            ret = MLKEM_HASH_G(&key->hash, d, WC_ML_KEM_SYM_SZ, NULL, 0, buf);
-        }
-#endif
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        else
-#endif
-#ifndef WOLFSSL_NO_ML_KEM
-        {
-            buf[0] = k;
-            /* Expand 33 bytes of random to 32.
-             * Alg 13: Step 1: (rho,sigma) <- G(d||k)
-             */
-            ret = MLKEM_HASH_G(&key->hash, d, WC_ML_KEM_SYM_SZ, buf, 1, buf);
-        }
-#endif
-    }
-    if (ret == 0) {
-        const byte* z = rand + WC_ML_KEM_SYM_SZ;
-        s = key->priv;
-        t = key->pub;
-
-        /* Cache the public seed for use in encapsulation and encoding public
-         * key. */
-        XMEMCPY(key->pubSeed, rho, WC_ML_KEM_SYM_SZ);
-        /* Cache the z value for decapsulation and encoding private key. */
-        XMEMCPY(key->z, z, sizeof(key->z));
-
-        /* Initialize PRF for use in noise generation. */
-        mlkem_prf_init(&key->prf);
-#ifndef WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-        /* Generate noise using PRF.
-         * Alg 13: Steps 8-15: generate s and e
-         */
-        ret = mlkem_get_noise(&key->prf, k, s, e, NULL, sigma);
-    }
-    if (ret == 0) {
-        /* Generate the matrix A.
-         * Alg 13: Steps 3-7
-         */
-        ret = mlkem_gen_matrix(&key->prf, a, k, rho, 0);
-    }
-    if (ret == 0) {
-        /* Generate key pair from random data.
-         * Alg 13: Steps 16-18.
-         */
-        mlkem_keygen(s, t, e, a, k);
-#else
-        /* Generate noise using PRF.
-         * Alg 13: Steps 8-11: generate s
-         */
-        ret = mlkem_get_noise(&key->prf, k, s, NULL, NULL, sigma);
-    }
-    if (ret == 0) {
-        /* Generate key pair from private vector and seeds.
-         * Alg 13: Steps 3-7: generate matrix A_hat
-         * Alg 13: 12-15: generate e
-         * Alg 13: 16-18: calculate t_hat from A_hat, s and e
-         */
-        ret = mlkem_keygen_seeds(s, t, &key->prf, e, k, rho, sigma);
-    }
-    if (ret == 0) {
-#endif
-        /* Private and public key are set/available. */
-        key->flags |= MLKEM_FLAG_PRIV_SET | MLKEM_FLAG_PUB_SET;
-#ifdef WOLFSSL_MLKEM_CACHE_A
-        key->flags |= MLKEM_FLAG_A_SET;
-#endif
-    }
-
-#ifndef WOLFSSL_NO_MALLOC
-    /* Free dynamic memory allocated in function. */
-    if (key != NULL) {
-        XFREE(e, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#endif
-
-    return ret;
-}
-#endif /* !WOLFSSL_MLKEM_NO_MAKE_KEY */
-
-/******************************************************************************/
-
-/**
- * Get the size in bytes of cipher text for key.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  len  Length of cipher text in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_CipherTextSize(MlKemKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Return in 'len' size of the cipher text for the type of this key. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            *len = WC_ML_KEM_512_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            *len = WC_ML_KEM_768_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            *len = WC_ML_KEM_1024_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            *len = KYBER512_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            *len = KYBER768_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            *len = KYBER1024_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-
-    return ret;
-}
-
-/**
- * Size of a shared secret in bytes. Always KYBER_SS_SZ.
- *
- * @param  [in]   key  Kyber key object. Not used.
- * @param  [out]  Size of the shared secret created with a Kyber key.
- * @return  0 on success.
- * @return  0 to indicate success.
- */
-int wc_MlKemKey_SharedSecretSize(MlKemKey* key, word32* len)
-{
-    (void)key;
-
-    *len = WC_ML_KEM_SS_SZ;
-
-    return 0;
-}
-
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-/* Encapsulate data and derive secret.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE, m, r)
- * Uses the encryption key to encrypt a plaintext message using the randomness
- * r.
- *   1: N <- 0
- *   2: t_hat <- ByteDecode_12(ek_PKE[0:384k])
- *                                   > run ByteDecode_12 k times to decode t_hat
- *   3: rho <- ek_PKE[384k : 384K + 32]
- *                                            > extract 32-byte seed from ek_PKE
- *   4-8: generate matrix A_hat
- *   9-12: generate y
- *   13-16: generate e_1
- *   17: generate e_2
- *   18-19: calculate u
- *   20: mu <- Decompress_1(ByteDecode_1(m))
- *   21: calculate v
- *   22: c_1 <- ByteEncode_d_u(Compress_d_u(u))
- *                                 > run ByteEncode_d_u and Compress_d_u k times
- *   23: c_2 <- ByteEncode_d_v(Compress_d_v(v))
- *   24: return c <- (c_1||c_2)
- *
- * @param  [in]  key  Kyber key object.
- * @param  [in]  m    Random bytes.
- * @param  [in]  r    Seed to feed to PRF when generating y, e1 and e2.
- * @param  [out] c    Calculated cipher text.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-static int mlkemkey_encapsulate(MlKemKey* key, const byte* m, byte* r, byte* c)
-{
-    int ret = 0;
-    sword16* a = NULL;
-#ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
-    sword16* mu = NULL;
-    sword16* e1 = NULL;
-    sword16* e2 = NULL;
-#endif
-    unsigned int k = 0;
-    unsigned int compVecSz = 0;
-#ifndef WOLFSSL_NO_MALLOC
-    sword16* y = NULL;
-#else
-#ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
-    sword16 y[((WC_ML_KEM_MAX_K + 3) * WC_ML_KEM_MAX_K + 3) * MLKEM_N];
-#else
-    sword16 y[3 * WC_ML_KEM_MAX_K * MLKEM_N];
-#endif
-#endif
-    sword16* u = 0;
-    sword16* v = 0;
-
-    /* Establish parameters based on key type. */
-    switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-#ifdef WOLFSSL_WC_ML_KEM_512
-    case WC_ML_KEM_512:
-        k = WC_ML_KEM_512_K;
-        compVecSz = WC_ML_KEM_512_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_WC_ML_KEM_768
-    case WC_ML_KEM_768:
-        k = WC_ML_KEM_768_K;
-        compVecSz = WC_ML_KEM_768_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_WC_ML_KEM_1024
-    case WC_ML_KEM_1024:
-        k = WC_ML_KEM_1024_K;
-        compVecSz = WC_ML_KEM_1024_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-#ifdef WOLFSSL_KYBER512
-    case KYBER512:
-        k = KYBER512_K;
-        compVecSz = KYBER512_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_KYBER768
-    case KYBER768:
-        k = KYBER768_K;
-        compVecSz = KYBER768_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_KYBER1024
-    case KYBER1024:
-        k = KYBER1024_K;
-        compVecSz = KYBER1024_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#endif
-    default:
-        /* No other values supported. */
-        ret = NOT_COMPILED_IN;
-        break;
-    }
-
-#ifndef WOLFSSL_NO_MALLOC
-    if (ret == 0) {
-        /* Allocate dynamic memory for all matrices, vectors and polynomials. */
-#ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
-        y = (sword16*)XMALLOC(((k + 3) * k + 3) * MLKEM_N * sizeof(sword16),
-            key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#else
-        y = (sword16*)XMALLOC(3 * k * MLKEM_N * sizeof(sword16), key->heap,
-            DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-        if (y == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-
-#ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
-    if (ret == 0) {
-        /* Assign allocated dynamic memory to pointers.
-         * y (b) | a (m) | mu (p) | e1 (p) | e2 (v) | u (v) | v (p) */
-        a  = y  + MLKEM_N * k;
-        mu = a  + MLKEM_N * k * k;
-        e1 = mu + MLKEM_N;
-        e2 = e1 + MLKEM_N * k;
-
-        /* Convert msg to a polynomial.
-         * Step 20: mu <- Decompress_1(ByteDecode_1(m)) */
-        mlkem_from_msg(mu, m);
-
-        /* Initialize the PRF for use in the noise generation. */
-        mlkem_prf_init(&key->prf);
-        /* Generate noise using PRF.
-         * Steps 9-17: generate y, e_1, e_2
-         */
-        ret = mlkem_get_noise(&key->prf, k, y, e1, e2, r);
-    }
-    #ifdef WOLFSSL_MLKEM_CACHE_A
-    if ((ret == 0) && ((key->flags & MLKEM_FLAG_A_SET) != 0)) {
-        unsigned int i;
-        /* Transpose matrix.
-         *   Steps 4-8: generate matrix A_hat (from original) */
-        for (i = 0; i < k; i++) {
-            unsigned int j;
-            for (j = 0; j < k; j++) {
-                XMEMCPY(&a[(i * k + j) * MLKEM_N],
-                        &key->a[(j * k + i) * MLKEM_N],
-                        MLKEM_N * 2);
-            }
-        }
-    }
-    else
-    #endif /* WOLFSSL_MLKEM_CACHE_A */
-    if (ret == 0) {
-        /* Generate the transposed matrix.
-         *   Step 4-8: generate matrix A_hat */
-        ret = mlkem_gen_matrix(&key->prf, a, k, key->pubSeed, 1);
-    }
-    if (ret == 0) {
-        /* Assign remaining allocated dynamic memory to pointers.
-         * y (v) | a (m) | mu (p) | e1 (p) | r2 (v) | u (v) | v (p)*/
-        u  = e2 + MLKEM_N;
-        v  = u  + MLKEM_N * k;
-
-        /* Perform encapsulation maths.
-         *   Steps 18-19, 21: calculate u and v */
-        mlkem_encapsulate(key->pub, u, v, a, y, e1, e2, mu, k);
-    }
-#else /* WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM */
-    if (ret == 0) {
-        /* Assign allocated dynamic memory to pointers.
-         * y (v) | a (v) | u (v) */
-        a = y + MLKEM_N * k;
-
-        /* Initialize the PRF for use in the noise generation. */
-        mlkem_prf_init(&key->prf);
-        /* Generate noise using PRF.
-         * Steps 9-12: generate y */
-        ret = mlkem_get_noise(&key->prf, k, y, NULL, NULL, r);
-    }
-    if (ret == 0) {
-        /* Assign remaining allocated dynamic memory to pointers.
-         * y (v) | at (v) | u (v) */
-        u  = a + MLKEM_N * k;
-        v  = a;
-
-        /* Perform encapsulation maths.
-         *   Steps 13-17: generate e_1 and e_2
-         *   Steps 18-19, 21: calculate u and v */
-        ret = mlkem_encapsulate_seeds(key->pub, &key->prf, u, a, y, k, m,
-            key->pubSeed, r);
-    }
-#endif /* WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM */
-
-    if (ret == 0) {
-        byte* c1 = c;
-        byte* c2 = c + compVecSz;
-
-    #if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-        if (k == WC_ML_KEM_512_K) {
-            /* Step 22: c_1 <- ByteEncode_d_u(Compress_d_u(u)) */
-            mlkem_vec_compress_10(c1, u, k);
-            /* Step 23: c_2 <- ByteEncode_d_v(Compress_d_v(v)) */
-            mlkem_compress_4(c2, v);
-            /* Step 24: return c <- (c_1||c_2) */
-        }
-    #endif
-    #if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-        if (k == WC_ML_KEM_768_K) {
-            /* Step 22: c_1 <- ByteEncode_d_u(Compress_d_u(u)) */
-            mlkem_vec_compress_10(c1, u, k);
-            /* Step 23: c_2 <- ByteEncode_d_v(Compress_d_v(v)) */
-            mlkem_compress_4(c2, v);
-            /* Step 24: return c <- (c_1||c_2) */
-        }
-    #endif
-    #if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-        if (k == WC_ML_KEM_1024_K) {
-            /* Step 22: c_1 <- ByteEncode_d_u(Compress_d_u(u)) */
-            mlkem_vec_compress_11(c1, u);
-            /* Step 23: c_2 <- ByteEncode_d_v(Compress_d_v(v)) */
-            mlkem_compress_5(c2, v);
-            /* Step 24: return c <- (c_1||c_2) */
-        }
-    #endif
-    }
-
-#ifndef WOLFSSL_NO_MALLOC
-    /* Dispose of dynamic memory allocated in function. */
-    XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return ret;
-}
-#endif
-
-#ifndef WOLFSSL_MLKEM_NO_ENCAPSULATE
-/**
- * Encapsulate with random number generator and derive secret.
- *
- * FIPS 203, Algorithm 20: ML-KEM.Encaps(ek)
- * Uses the encapsulation key to generate a shared secret key and an associated
- * ciphertext.
- *   1: m <- B_32                                         > m is 32 random bytes
- *   2: if m == NULL then
- *   3:     return falsum
- *   4: end if
- *   5: (K,c) <- ML-KEM.Encaps_internal(ek,m)
- *                                        > run internal encapsulation algorithm
- *   6: return (K,c)
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  c    Cipher text.
- * @param  [out]  k    Shared secret generated.
- * @param  [in]   rng  Random number generator.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ct, ss or RNG is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_Encapsulate(MlKemKey* key, unsigned char* c, unsigned char* k,
-    WC_RNG* rng)
-{
-    int ret = 0;
-    unsigned char m[WC_ML_KEM_ENC_RAND_SZ];
-
-    /* Validate parameters. */
-    if ((key == NULL) || (c == NULL) || (k == NULL) || (rng == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Generate seed for use with PRFs.
-         * Step 1: m is 32 random bytes
-         */
-        ret = wc_RNG_GenerateBlock(rng, m, sizeof(m));
-        /* Step 2: ret is not zero when m == NULL. */
-    }
-    if (ret == 0) {
-        /* Encapsulate with the random.
-         * Step 5: run internal encapsulation algorithm
-         */
-        ret = wc_KyberKey_EncapsulateWithRandom(key, c, k, m, sizeof(m));
-    }
-
-    /* Step 3: return ret != 0 on falsum or internal key generation failure. */
-    return ret;
-}
-
-/**
- * Encapsulate with random data and derive secret.
- *
- * FIPS 203, Algorithm 17: ML-KEM.Encaps_internal(ek, m)
- * Uses the encapsulation key and randomness to generate a key and an associated
- * ciphertext.
- *   Step 1: (K,r) <- G(m||H(ek))
- *                                 > derive shared secret key K and randomness r
- *   Step 2: c <- K-PPKE.Encrypt(ek, m, r)
- *                                     > encrypt m using K-PKE with randomness r
- *   Step 3: return (K,c)
- *
- * @param  [out]  c    Cipher text.
- * @param  [out]  k    Shared secret generated.
- * @param  [in]   m    Random bytes.
- * @param  [in]   len  Length of random bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, c, k or RNG is NULL.
- * @return  BUFFER_E when len is not WC_ML_KEM_ENC_RAND_SZ.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_EncapsulateWithRandom(MlKemKey* key, unsigned char* c,
-    unsigned char* k, const unsigned char* m, int len)
-{
-#ifdef WOLFSSL_MLKEM_KYBER
-    byte msg[KYBER_SYM_SZ];
-#endif
-    byte kr[2 * KYBER_SYM_SZ + 1];
-    int ret = 0;
-#ifdef WOLFSSL_MLKEM_KYBER
-    unsigned int cSz = 0;
-#endif
-
-    /* Validate parameters. */
-    if ((key == NULL) || (c == NULL) || (k == NULL) || (m == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) && (len != WC_ML_KEM_ENC_RAND_SZ)) {
-        ret = BUFFER_E;
-    }
-
-#ifdef WOLFSSL_MLKEM_KYBER
-    if (ret == 0) {
-        /* Establish parameters based on key type. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-    #endif
-            break;
-#endif
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            cSz = KYBER512_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            cSz = KYBER768_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            cSz = KYBER1024_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-#endif
-
-    /* If public hash (h) is not stored against key, calculate it
-     * (fields set explicitly instead of using decode).
-     * Step 1: ... H(ek)...
-     */
-    if ((ret == 0) && ((key->flags & MLKEM_FLAG_H_SET) == 0)) {
-    #ifndef WOLFSSL_NO_MALLOC
-        byte* pubKey = NULL;
-        word32 pubKeyLen;
-    #else
-        byte pubKey[WC_ML_KEM_MAX_PUBLIC_KEY_SIZE];
-        word32 pubKeyLen = WC_ML_KEM_MAX_PUBLIC_KEY_SIZE;
-    #endif
-
-    #ifndef WOLFSSL_NO_MALLOC
-        /* Determine how big an encoded public key will be. */
-        ret = wc_KyberKey_PublicKeySize(key, &pubKeyLen);
-        if (ret == 0) {
-            /* Allocate dynamic memory for encoded public key. */
-            pubKey = (byte*)XMALLOC(pubKeyLen, key->heap,
-                DYNAMIC_TYPE_TMP_BUFFER);
-            if (pubKey == NULL) {
-                ret = MEMORY_E;
-            }
-        }
-        if (ret == 0) {
-    #endif
-            /* Encode public key - h is hash of encoded public key. */
-            ret = wc_KyberKey_EncodePublicKey(key, pubKey, pubKeyLen);
-    #ifndef WOLFSSL_NO_MALLOC
-        }
-        /* Dispose of encoded public key. */
-        XFREE(pubKey, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-     #endif
-    }
-    if ((ret == 0) && ((key->flags & MLKEM_FLAG_H_SET) == 0)) {
-        /* Implementation issue if h not cached and flag set. */
-        ret = BAD_STATE_E;
-    }
-
-#ifdef WOLFSSL_MLKEM_KYBER
-    if (ret == 0) {
-#ifndef WOLFSSL_NO_ML_KEM
-        if (key->type & MLKEM_KYBER)
-#endif
-        {
-            /* Hash random to anonymize as seed data. */
-            ret = MLKEM_HASH_H(&key->hash, m, WC_ML_KEM_SYM_SZ, msg);
-        }
-    }
-#endif
-    if (ret == 0) {
-        /* Hash message into seed buffer. */
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        if (key->type & MLKEM_KYBER)
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-        {
-            ret = MLKEM_HASH_G(&key->hash, msg, WC_ML_KEM_SYM_SZ, key->h,
-                WC_ML_KEM_SYM_SZ, kr);
-        }
-#endif
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        else
-#endif
-#ifndef WOLFSSL_NO_ML_KEM
-        {
-            /* Step 1: (K,r) <- G(m||H(ek)) */
-            ret = MLKEM_HASH_G(&key->hash, m, WC_ML_KEM_SYM_SZ, key->h,
-                WC_ML_KEM_SYM_SZ, kr);
-        }
-#endif
-    }
-
-    if (ret == 0) {
-        /* Encapsulate the message using the key and the seed. */
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        if (key->type & MLKEM_KYBER)
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-        {
-            ret = mlkemkey_encapsulate(key, msg, kr + WC_ML_KEM_SYM_SZ, c);
-        }
-#endif
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        else
-#endif
-#ifndef WOLFSSL_NO_ML_KEM
-        {
-            /* Step 2: c <- K-PKE.Encrypt(ek,m,r) */
-            ret = mlkemkey_encapsulate(key, m, kr + WC_ML_KEM_SYM_SZ, c);
-        }
-#endif
-    }
-
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-    if (key->type & MLKEM_KYBER)
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    {
-        if (ret == 0) {
-            /* Hash the cipher text after the seed. */
-            ret = MLKEM_HASH_H(&key->hash, c, cSz, kr + WC_ML_KEM_SYM_SZ);
-        }
-        if (ret == 0) {
-            /* Derive the secret from the seed and hash of cipher text. */
-            ret = MLKEM_KDF(kr, 2 * WC_ML_KEM_SYM_SZ, k, WC_ML_KEM_SS_SZ);
-        }
-    }
-#endif
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-    else
-#endif
-#ifndef WOLFSSL_NO_ML_KEM
-    {
-        if (ret == 0) {
-            /* return (K,c) */
-            XMEMCPY(k, kr, WC_ML_KEM_SS_SZ);
-        }
-    }
-#endif
-
-    return ret;
-}
-#endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE */
-
-/******************************************************************************/
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-/* Decapsulate cipher text to the message using key.
- *
- * FIPS 203, Algorithm 15: K-PKE.Decrypt(dk_PKE,c)
- * Uses the decryption key to decrypt a ciphertext.
- *   1: c1 <- c[0 : 32.d_u.k]
- *   2: c2 <= c[32.d_u.k : 32(d_u.k + d_v)]
- *   3: u' <= Decompress_d_u(ByteDecode_d_u(c1))
- *   4: v' <= Decompress_d_v(ByteDecode_d_v(c2))
- *   ...
- *   6: w <- v' - InvNTT(s_hat_trans o NTT(u'))
- *   7: m <- ByteEncode_1(Compress_1(w))
- *   8: return m
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  m    Message than was encapsulated.
- * @param  [in]   c    Cipher text.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-static MLKEM_NOINLINE int mlkemkey_decapsulate(MlKemKey* key, byte* m,
-    const byte* c)
-{
-    int ret = 0;
-    sword16* v;
-    sword16* w;
-    unsigned int k = 0;
-    unsigned int compVecSz;
-#if defined(WOLFSSL_SMALL_STACK) || \
-    (!defined(USE_INTEL_SPEEDUP) && !defined(WOLFSSL_NO_MALLOC))
-    sword16* u = NULL;
-#else
-    sword16 u[(WC_ML_KEM_MAX_K + 1) * MLKEM_N];
-#endif
-
-    /* Establish parameters based on key type. */
-    switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-#ifdef WOLFSSL_WC_ML_KEM_512
-    case WC_ML_KEM_512:
-        k = WC_ML_KEM_512_K;
-        compVecSz = WC_ML_KEM_512_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_WC_ML_KEM_768
-    case WC_ML_KEM_768:
-        k = WC_ML_KEM_768_K;
-        compVecSz = WC_ML_KEM_768_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_WC_ML_KEM_1024
-    case WC_ML_KEM_1024:
-        k = WC_ML_KEM_1024_K;
-        compVecSz = WC_ML_KEM_1024_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-#ifdef WOLFSSL_KYBER512
-    case KYBER512:
-        k = KYBER512_K;
-        compVecSz = KYBER512_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_KYBER768
-    case KYBER768:
-        k = KYBER768_K;
-        compVecSz = KYBER768_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#ifdef WOLFSSL_KYBER1024
-    case KYBER1024:
-        k = KYBER1024_K;
-        compVecSz = KYBER1024_POLY_VEC_COMPRESSED_SZ;
-        break;
-#endif
-#endif
-    default:
-        /* No other values supported. */
-        ret = NOT_COMPILED_IN;
-        break;
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) || \
-    (!defined(USE_INTEL_SPEEDUP) && !defined(WOLFSSL_NO_MALLOC))
-    if (ret == 0) {
-        /* Allocate dynamic memory for a vector and a polynomial. */
-        u = (sword16*)XMALLOC((k + 1) * MLKEM_N * sizeof(sword16), key->heap,
-            DYNAMIC_TYPE_TMP_BUFFER);
-        if (u == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-    if (ret == 0) {
-        /* Step 1: c1 <- c[0 : 32.d_u.k] */
-        const byte* c1 = c;
-        /* Step 2: c2 <= c[32.d_u.k : 32(d_u.k + d_v)] */
-        const byte* c2 = c + compVecSz;
-
-        /* Assign allocated dynamic memory to pointers.
-         * u (v) | v (p) */
-        v = u + k * MLKEM_N;
-        w = u;
-
-    #if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-        if (k == WC_ML_KEM_512_K) {
-            /* Step 3: u' <= Decompress_d_u(ByteDecode_d_u(c1)) */
-            mlkem_vec_decompress_10(u, c1, k);
-            /* Step 4: v' <= Decompress_d_v(ByteDecode_d_v(c2)) */
-            mlkem_decompress_4(v, c2);
-        }
-    #endif
-    #if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-        if (k == WC_ML_KEM_768_K) {
-            /* Step 3: u' <= Decompress_d_u(ByteDecode_d_u(c1)) */
-            mlkem_vec_decompress_10(u, c1, k);
-            /* Step 4: v' <= Decompress_d_v(ByteDecode_d_v(c2)) */
-            mlkem_decompress_4(v, c2);
-        }
-    #endif
-    #if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-        if (k == WC_ML_KEM_1024_K) {
-            /* Step 3: u' <= Decompress_d_u(ByteDecode_d_u(c1)) */
-            mlkem_vec_decompress_11(u, c1);
-            /* Step 4: v' <= Decompress_d_v(ByteDecode_d_v(c2)) */
-            mlkem_decompress_5(v, c2);
-        }
-    #endif
-
-        /* Decapsulate the cipher text into polynomial.
-         * Step 6: w <- v' - InvNTT(s_hat_trans o NTT(u')) */
-        mlkem_decapsulate(key->priv, w, u, v, k);
-
-        /* Convert the polynomial into a array of bytes (message).
-         * Step 7: m <- ByteEncode_1(Compress_1(w)) */
-        mlkem_to_msg(m, w);
-        /* Step 8: return m */
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) || \
-    (!defined(USE_INTEL_SPEEDUP) && !defined(WOLFSSL_NO_MALLOC))
-    /* Dispose of dynamically memory allocated in function. */
-    XFREE(u, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return ret;
-}
-
-/**
- * Decapsulate the cipher text to calculate the shared secret.
- *
- * Validates the cipher text by encapsulating and comparing with data passed in.
- *
- * FIPS 203, Algorithm 21: ML-KEM.Decaps(dk, c)
- * Uses the decapsulation key to produce a shared secret key from a ciphertext.
- *   1: K' <- ML-KEM.Decaps_internal(dk,c)
- *                                        > run internal decapsulation algorithm
- *   2: return K'
- *
- * FIPS 203, Algorithm 18: ML-KEM.Decaps_internal(dk, c)
- * Uses the decapsulation key to produce a shared secret key from a ciphertext.
- *   ...
- *   1: dk_PKE <- dk[0 : 384k]
- *                        > extract (from KEM decaps key) the PKE decryption key
- *   2: ek_PKE <- dk[384k : 768l + 32]
- *                                                  > extract PKE encryption key
- *   3: h <- dk[768K + 32 : 768k + 64]
- *                                          > extract hash of PKE encryption key
- *   4: z <- dk[768K + 64 : 768k + 96]
- *                                            > extract implicit rejection value
- *   5: m' <- K-PKE.Decrypt(dk_PKE, c)                      > decrypt ciphertext
- *   6: (K', r') <- G(m'||h)
- *   7: K_bar <- J(z||c)
- *   8: c' <- K-PKE.Encrypt(ek_PKE, m', r')
- *                                  > re-encrypt using the derived randomness r'
- *   9: if c != c' then
- *  10:      K' <= K_bar
- *                            > if ciphertexts do not match, "implicitly reject"
- *  11: end if
- *  12: return K'
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  ss   Shared secret.
- * @param  [in]   ct   Cipher text.
- * @param  [in]   len  Length of cipher text.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key, ss or cr are NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  BUFFER_E when len is not the length of cipher text for the key type.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_MlKemKey_Decapsulate(MlKemKey* key, unsigned char* ss,
-    const unsigned char* ct, word32 len)
-{
-    byte msg[WC_ML_KEM_SYM_SZ];
-    byte kr[2 * WC_ML_KEM_SYM_SZ + 1];
-    int ret = 0;
-    unsigned int ctSz = 0;
-    unsigned int i = 0;
-    int fail = 0;
-#if !defined(USE_INTEL_SPEEDUP) && !defined(WOLFSSL_NO_MALLOC)
-    byte* cmp = NULL;
-#else
-    byte cmp[WC_ML_KEM_MAX_CIPHER_TEXT_SIZE];
-#endif
-
-    /* Validate parameters. */
-    if ((key == NULL) || (ss == NULL) || (ct == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Establish cipher text size based on key type. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            ctSz = WC_ML_KEM_512_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            ctSz = WC_ML_KEM_768_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            ctSz = WC_ML_KEM_1024_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            ctSz = KYBER512_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            ctSz = KYBER768_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            ctSz = KYBER1024_CIPHER_TEXT_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-
-    /* Ensure the cipher text passed in is the correct size. */
-    if ((ret == 0) && (len != ctSz)) {
-        ret = BUFFER_E;
-    }
-
-#if !defined(USE_INTEL_SPEEDUP) && !defined(WOLFSSL_NO_MALLOC)
-    if (ret == 0) {
-        /* Allocate memory for cipher text that is generated. */
-        cmp = (byte*)XMALLOC(ctSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (cmp == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Decapsulate the cipher text. */
-        ret = mlkemkey_decapsulate(key, msg, ct);
-    }
-    if (ret == 0) {
-        /* Hash message into seed buffer. */
-        ret = MLKEM_HASH_G(&key->hash, msg, WC_ML_KEM_SYM_SZ, key->h,
-            WC_ML_KEM_SYM_SZ, kr);
-    }
-    if (ret == 0) {
-        /* Encapsulate the message. */
-        ret = mlkemkey_encapsulate(key, msg, kr + WC_ML_KEM_SYM_SZ, cmp);
-    }
-    if (ret == 0) {
-        /* Compare generated cipher text with that passed in. */
-        fail = mlkem_cmp(ct, cmp, ctSz);
-
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        if (key->type & MLKEM_KYBER)
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-        {
-            /* Hash the cipher text after the seed. */
-            ret = MLKEM_HASH_H(&key->hash, ct, ctSz, kr + WC_ML_KEM_SYM_SZ);
-            if (ret == 0) {
-                /* Change seed to z on comparison failure. */
-                for (i = 0; i < WC_ML_KEM_SYM_SZ; i++) {
-                    kr[i] ^= (kr[i] ^ key->z[i]) & fail;
-                }
-
-                /* Derive the secret from the seed and hash of cipher text. */
-                ret = MLKEM_KDF(kr, 2 * WC_ML_KEM_SYM_SZ, ss, WC_ML_KEM_SS_SZ);
-            }
-        }
-#endif
-#if defined(WOLFSSL_MLKEM_KYBER) && !defined(WOLFSSL_NO_ML_KEM)
-        else
-#endif
-#ifndef WOLFSSL_NO_ML_KEM
-        {
-            ret = mlkem_derive_secret(&key->prf, key->z, ct, ctSz, msg);
-            if (ret == 0) {
-               /* Set secret to kr or fake secret on comparison failure. */
-               for (i = 0; i < WC_ML_KEM_SYM_SZ; i++) {
-                   ss[i] = kr[i] ^ ((kr[i] ^ msg[i]) & fail);
-               }
-            }
-        }
-#endif
-    }
-
-#if !defined(USE_INTEL_SPEEDUP) && !defined(WOLFSSL_NO_MALLOC)
-    /* Dispose of dynamic memory allocated in function. */
-    if (key != NULL) {
-        XFREE(cmp, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#endif
-
-    return ret;
-}
-#endif /* WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-/******************************************************************************/
-
-/**
- * Get the public key and public seed from bytes.
- *
- * FIPS 203, Algorithm 14 K-PKE.Encrypt(ek_PKE, m, r)
- *   ...
- *   2: t <- ByteDecode_12(ek_PKE[0 : 384k])
- *   3: rho <- ek_PKE[384k :  384k + 32]
- *   ...
- *
- * @param [out] pub      Public key - vector.
- * @param [out] pubSeed  Public seed.
- * @param [in]  p        Public key data.
- * @param [in]  k        Number of polynomials in vector.
- */
-static void mlkemkey_decode_public(sword16* pub, byte* pubSeed, const byte* p,
-    unsigned int k)
-{
-    unsigned int i;
-
-    /* Decode public key that is vector of polynomials.
-     * Step 2: t <- ByteDecode_12(ek_PKE[0 : 384k]) */
-    mlkem_from_bytes(pub, p, k);
-    p += k * WC_ML_KEM_POLY_SIZE;
-
-    /* Read public key seed.
-     * Step 3: rho <- ek_PKE[384k :  384k + 32] */
-    for (i = 0; i < WC_ML_KEM_SYM_SZ; i++) {
-        pubSeed[i] = p[i];
-    }
-}
-
-/**
- * Decode the private key.
- *
- * Private Vector | Public Key | Public Hash | Randomizer
- *
- * FIPS 203, Algorithm 18: ML-KEM.Decaps_internal(dk, c)
- *   1: dk_PKE <- dk[0 : 384k]
- *                        > extract (from KEM decaps key) the PKE decryption key
- *   2: ek_PKE <- dk[384k : 768l + 32]
- *                                                  > extract PKE encryption key
- *   3: h <- dk[768K + 32 : 768k + 64]
- *                                          > extract hash of PKE encryption key
- *   4: z <- dk[768K + 64 : 768k + 96]
- *                                            > extract implicit rejection value
- *
- * FIPS 203, Algorithm 15: K-PKE.Decrypt(dk_PKE, c)
- *   ...
- *   5: s_hat <= ByteDecode_12(dk_PKE)
- *   ...
- *
- * @param  [in, out]  key  Kyber key object.
- * @param  [in]       in   Buffer holding encoded key.
- * @param  [in]       len  Length of data in buffer.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or in is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  BUFFER_E when len is not the correct size.
- */
-int wc_MlKemKey_DecodePrivateKey(MlKemKey* key, const unsigned char* in,
-    word32 len)
-{
-    int ret = 0;
-    word32 privLen = 0;
-    word32 pubLen = 0;
-    unsigned int k = 0;
-    const unsigned char* p = in;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Establish parameters based on key type. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            k = WC_ML_KEM_512_K;
-            privLen = WC_ML_KEM_512_PRIVATE_KEY_SIZE;
-            pubLen = WC_ML_KEM_512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            k = WC_ML_KEM_768_K;
-            privLen = WC_ML_KEM_768_PRIVATE_KEY_SIZE;
-            pubLen = WC_ML_KEM_768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            k = WC_ML_KEM_1024_K;
-            privLen = WC_ML_KEM_1024_PRIVATE_KEY_SIZE;
-            pubLen = WC_ML_KEM_1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            k = KYBER512_K;
-            privLen = KYBER512_PRIVATE_KEY_SIZE;
-            pubLen = KYBER512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            k = KYBER768_K;
-            privLen = KYBER768_PRIVATE_KEY_SIZE;
-            pubLen = KYBER768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            k = KYBER1024_K;
-            privLen = KYBER1024_PRIVATE_KEY_SIZE;
-            pubLen = KYBER1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-    /* Ensure the data is the correct length for the key type. */
-    if ((ret == 0) && (len != privLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        /* Decode private key that is vector of polynomials.
-         * Alg 18 Step 1: dk_PKE <- dk[0 : 384k]
-         * Alg 15 Step 5: s_hat <- ByteDecode_12(dk_PKE) */
-        mlkem_from_bytes(key->priv, p, k);
-        p += k * WC_ML_KEM_POLY_SIZE;
-
-        /* Decode the public key that is after the private key. */
-        mlkemkey_decode_public(key->pub, key->pubSeed, p, k);
-        p += pubLen;
-
-        /* Copy the hash of the encoded public key that is after public key. */
-        XMEMCPY(key->h, p, sizeof(key->h));
-        p += WC_ML_KEM_SYM_SZ;
-        /* Copy the z (randomizer) that is after hash. */
-        XMEMCPY(key->z, p, sizeof(key->z));
-
-        /* Set flags */
-        key->flags |= MLKEM_FLAG_H_SET | MLKEM_FLAG_BOTH_SET;
-    }
-
-    return ret;
-}
-
-/**
- * Decode public key.
- *
- * Public vector | Public Seed
- *
- * @param  [in, out]  key  Kyber key object.
- * @param  [in]       in   Buffer holding encoded key.
- * @param  [in]       len  Length of data in buffer.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or in is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- * @return  BUFFER_E when len is not the correct size.
- */
-int wc_MlKemKey_DecodePublicKey(MlKemKey* key, const unsigned char* in,
-    word32 len)
-{
-    int ret = 0;
-    word32 pubLen = 0;
-    unsigned int k = 0;
-    const unsigned char* p = in;
-
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Establish parameters based on key type. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            k = WC_ML_KEM_512_K;
-            pubLen = WC_ML_KEM_512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            k = WC_ML_KEM_768_K;
-            pubLen = WC_ML_KEM_768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            k = WC_ML_KEM_1024_K;
-            pubLen = WC_ML_KEM_1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            k = KYBER512_K;
-            pubLen = KYBER512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            k = KYBER768_K;
-            pubLen = KYBER768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            k = KYBER1024_K;
-            pubLen = KYBER1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-    /* Ensure the data is the correct length for the key type. */
-    if ((ret == 0) && (len != pubLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        mlkemkey_decode_public(key->pub, key->pubSeed, p, k);
-
-        /* Calculate public hash. */
-        ret = MLKEM_HASH_H(&key->hash, in, len, key->h);
-    }
-    if (ret == 0) {
-        /* Record public key and public hash set. */
-        key->flags |= MLKEM_FLAG_PUB_SET | MLKEM_FLAG_H_SET;
-    }
-
-    return ret;
-}
-
-/**
- * Get the size in bytes of encoded private key for the key.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  len  Length of encoded private key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_PrivateKeySize(MlKemKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Return in 'len' size of the encoded private key for the type of this
-         * key. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            *len = WC_ML_KEM_512_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            *len = WC_ML_KEM_768_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            *len = WC_ML_KEM_1024_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            *len = KYBER512_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            *len = KYBER768_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            *len = KYBER1024_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-
-    return ret;
-}
-
-/**
- * Get the size in bytes of encoded public key for the key.
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  len  Length of encoded public key in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or len is NULL.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_PublicKeySize(MlKemKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Return in 'len' size of the encoded public key for the type of this
-         * key. */
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            *len = WC_ML_KEM_512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            *len = WC_ML_KEM_768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            *len = WC_ML_KEM_1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            *len = KYBER512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            *len = KYBER768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            *len = KYBER1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-
-    return ret;
-}
-
-/**
- * Encode the private key.
- *
- * Private Vector | Public Key | Public Hash | Randomizer
- *
- * FIPS 203, Algorithm 16: ML-KEM.KeyGen_internal(d,z)
- *   ...
- *   3: dk <- (dk_PKE||ek||H(ek)||z)
- *   ...
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   20: dk_PKE  <- ByteEncode_12(s_hat)
- *   ...
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  out  Buffer to hold data.
- * @param  [in]   len  Size of buffer in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or out is NULL or private/public key not
- * available.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_EncodePrivateKey(MlKemKey* key, unsigned char* out, word32 len)
-{
-    int ret = 0;
-    unsigned int k = 0;
-    unsigned int pubLen = 0;
-    unsigned int privLen = 0;
-    unsigned char* p = out;
-
-    if ((key == NULL) || (out == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) &&
-            ((key->flags & MLKEM_FLAG_BOTH_SET) != MLKEM_FLAG_BOTH_SET)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            k = WC_ML_KEM_512_K;
-            pubLen = WC_ML_KEM_512_PUBLIC_KEY_SIZE;
-            privLen = WC_ML_KEM_512_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            k = WC_ML_KEM_768_K;
-            pubLen = WC_ML_KEM_768_PUBLIC_KEY_SIZE;
-            privLen = WC_ML_KEM_768_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            k = WC_ML_KEM_1024_K;
-            pubLen = WC_ML_KEM_1024_PUBLIC_KEY_SIZE;
-            privLen = WC_ML_KEM_1024_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            k = KYBER512_K;
-            pubLen = KYBER512_PUBLIC_KEY_SIZE;
-            privLen = KYBER512_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            k = KYBER768_K;
-            pubLen = KYBER768_PUBLIC_KEY_SIZE;
-            privLen = KYBER768_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            k = KYBER1024_K;
-            pubLen = KYBER1024_PUBLIC_KEY_SIZE;
-            privLen = KYBER1024_PRIVATE_KEY_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-    /* Check buffer is big enough for encoding. */
-    if ((ret == 0) && (len != privLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        /* Encode private key that is vector of polynomials. */
-        mlkem_to_bytes(p, key->priv, k);
-        p += WC_ML_KEM_POLY_SIZE * k;
-
-        /* Encode public key. */
-        ret = wc_KyberKey_EncodePublicKey(key, p, pubLen);
-        p += pubLen;
-    }
-    /* Ensure hash of public key is available. */
-    if ((ret == 0) && ((key->flags & MLKEM_FLAG_H_SET) == 0)) {
-        ret = MLKEM_HASH_H(&key->hash, p - pubLen, pubLen, key->h);
-    }
-    if (ret == 0) {
-        /* Public hash is available. */
-        key->flags |= MLKEM_FLAG_H_SET;
-        /* Append public hash. */
-        XMEMCPY(p, key->h, sizeof(key->h));
-        p += WC_ML_KEM_SYM_SZ;
-        /* Append z (randomizer). */
-        XMEMCPY(p, key->z, sizeof(key->z));
-    }
-
-    return ret;
-}
-
-/**
- * Encode the public key.
- *
- * Public vector | Public Seed
- *
- * FIPS 203, Algorithm 16: ML-KEM.KeyGen_internal(d,z)
- *   ...
- *   2: ek <- ek_PKE
- *   ...
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   19: ek_PKE  <- ByteEncode_12(t_hat)||rho
- *   ...
- *
- * @param  [in]   key  Kyber key object.
- * @param  [out]  out  Buffer to hold data.
- * @param  [in]   len  Size of buffer in bytes.
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when key or out is NULL or public key not available.
- * @return  NOT_COMPILED_IN when key type is not supported.
- */
-int wc_MlKemKey_EncodePublicKey(MlKemKey* key, unsigned char* out, word32 len)
-{
-    int ret = 0;
-    unsigned int k = 0;
-    unsigned int pubLen = 0;
-    unsigned char* p = out;
-
-    if ((key == NULL) || (out == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    if ((ret == 0) &&
-            ((key->flags & MLKEM_FLAG_PUB_SET) != MLKEM_FLAG_PUB_SET)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        switch (key->type) {
-#ifndef WOLFSSL_NO_ML_KEM
-    #ifdef WOLFSSL_WC_ML_KEM_512
-        case WC_ML_KEM_512:
-            k = WC_ML_KEM_512_K;
-            pubLen = WC_ML_KEM_512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_768
-        case WC_ML_KEM_768:
-            k = WC_ML_KEM_768_K;
-            pubLen = WC_ML_KEM_768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_WC_ML_KEM_1024
-        case WC_ML_KEM_1024:
-            k = WC_ML_KEM_1024_K;
-            pubLen = WC_ML_KEM_1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-#ifdef WOLFSSL_MLKEM_KYBER
-    #ifdef WOLFSSL_KYBER512
-        case KYBER512:
-            k = KYBER512_K;
-            pubLen = KYBER512_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER768
-        case KYBER768:
-            k = KYBER768_K;
-            pubLen = KYBER768_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-    #ifdef WOLFSSL_KYBER1024
-        case KYBER1024:
-            k = KYBER1024_K;
-            pubLen = KYBER1024_PUBLIC_KEY_SIZE;
-            break;
-    #endif
-#endif
-        default:
-            /* No other values supported. */
-            ret = NOT_COMPILED_IN;
-            break;
-        }
-    }
-    /* Check buffer is big enough for encoding. */
-    if ((ret == 0) && (len != pubLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        int i;
-
-        /* Encode public key polynomial by polynomial. */
-        mlkem_to_bytes(p, key->pub, k);
-        p += k * WC_ML_KEM_POLY_SIZE;
-
-        /* Append public seed. */
-        for (i = 0; i < WC_ML_KEM_SYM_SZ; i++) {
-            p[i] = key->pubSeed[i];
-        }
-
-        /* Make sure public hash is set. */
-        if ((key->flags & MLKEM_FLAG_H_SET) == 0) {
-            ret = MLKEM_HASH_H(&key->hash, out, len, key->h);
-        }
-    }
-    if (ret == 0) {
-        /* Public hash is set. */
-        key->flags |= MLKEM_FLAG_H_SET;
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_WC_MLKEM */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_mlkem_poly.c b/src/ssl/wolfssl/wolfcrypt/wc_mlkem_poly.c
deleted file mode 100644
index b13d9305a..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_mlkem_poly.c
+++ /dev/null
@@ -1,6077 +0,0 @@
-/* wc_mlkem_poly.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Implementation based on FIPS 203:
- *   https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.203.pdf
- *
- * Original implementation based on NIST 3rd Round submission package.
- * See link at:
- *   https://csrc.nist.gov/Projects/post-quantum-cryptography/
- *   post-quantum-cryptography-standardization/round-3-submissions
- */
-
-/* Implementation of the functions that operate on polynomials or vectors of
- * polynomials.
- */
-
-/* Possible Kyber options:
- *
- * WOLFSSL_WC_MLKEM                                           Default: OFF
- *   Enables this code, wolfSSL implementation, to be built.
- *
- * WOLFSSL_WC_ML_KEM_512                                      Default: OFF
- *   Enables the ML-KEM 512 parameter implementations.
- * WOLFSSL_WC_ML_KEM_768                                      Default: OFF
- *   Enables the ML-KEM 768 parameter implementations.
- * WOLFSSL_WC_ML_KEM_1024                                     Default: OFF
- *   Enables the ML-KEM 1024 parameter implementations.
- * WOLFSSL_KYBER512                                           Default: OFF
- *   Enables the KYBER512 parameter implementations.
- * WOLFSSL_KYBER768                                           Default: OFF
- *   Enables the KYBER768 parameter implementations.
- * WOLFSSL_KYBER1024                                          Default: OFF
- *   Enables the KYBER1024 parameter implementations.
- *
- * USE_INTEL_SPEEDUP                                          Default: OFF
- *   Compiles in Intel x64 specific implementations that are faster.
- * WOLFSSL_MLKEM_NO_LARGE_CODE                                Default: OFF
- *   Compiles smaller, fast code size with a speed trade-off.
- * WOLFSSL_MLKEM_SMALL                                        Default: OFF
- *   Compiles to small code size with a speed trade-off.
- * WOLFSSL_SMALL_STACK                                        Default: OFF
- *   Use less stack by dynamically allocating local variables.
- *
- * WOLFSSL_MLKEM_NTT_UNROLL                                   Default: OFF
- *   Enable an alternative NTT implementation that may be faster on some
- *   platforms and is smaller in code size.
- * WOLFSSL_MLKEM_INVNTT_UNROLL                                Default: OFF
- *   Enables an alternative inverse NTT implementation that may be faster on
- *   some platforms and is smaller in code size.
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WC_MLKEM_NO_ASM
-    #undef USE_INTEL_SPEEDUP
-    #undef WOLFSSL_ARMASM
-    #undef WOLFSSL_RISCV_ASM
-#endif
-
-#include <wolfssl/wolfcrypt/wc_mlkem.h>
-#include <wolfssl/wolfcrypt/sha3.h>
-#include <wolfssl/wolfcrypt/cpuid.h>
-
-#ifdef WOLFSSL_WC_MLKEM
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM) || \
-    defined(WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM)
-static int mlkem_gen_matrix_i(MLKEM_PRF_T* prf, sword16* a, int k, byte* seed,
-    int i, int transposed);
-static int mlkem_get_noise_i(MLKEM_PRF_T* prf, int k, sword16* vec2,
-    byte* seed, int i, int make);
-static int mlkem_get_noise_eta2_c(MLKEM_PRF_T* prf, sword16* p,
-    const byte* seed);
-#endif
-
-/* Declared in wc_mlkem.c to stop compiler optimizer from simplifying. */
-extern volatile sword16 mlkem_opt_blocker;
-
-#if defined(USE_INTEL_SPEEDUP) || (defined(__aarch64__) && \
-    defined(WOLFSSL_ARMASM))
-static cpuid_flags_t cpuid_flags = WC_CPUID_INITIALIZER;
-#endif
-
-/* Half of Q plus one. Converted message bit value of 1. */
-#define MLKEM_Q_1_HALF      ((MLKEM_Q + 1) / 2)
-/* Half of Q */
-#define MLKEM_Q_HALF        (MLKEM_Q / 2)
-
-
-/* q^-1 mod 2^16 (inverse of 3329 mod 16384) */
-#define MLKEM_QINV       62209
-
-/* Used in Barrett Reduction:
- *    r = a mod q
- * => r = a - ((V * a) >> 26) * q), as V based on 2^26
- * V is the multiplier that gets the quotient after shifting.
- */
-#define MLKEM_V          (((1U << 26) + (MLKEM_Q / 2)) / MLKEM_Q)
-
-/* Used in converting to Montgomery form.
- * f is the normalizer = 2^k % m.
- * 16-bit value cast to sword32 in use.
- */
-#define MLKEM_F          ((1ULL << 32) % MLKEM_Q)
-
-/* Number of bytes in an output block of SHA-3-128 */
-#define SHA3_128_BYTES   (WC_SHA3_128_COUNT * 8)
-/* Number of bytes in an output block of SHA-3-256 */
-#define SHA3_256_BYTES   (WC_SHA3_256_COUNT * 8)
-
-/* Number of blocks to generate for matrix. */
-#define GEN_MATRIX_NBLOCKS \
-    ((12 * MLKEM_N / 8 * (1 << 12) / MLKEM_Q + XOF_BLOCK_SIZE) / XOF_BLOCK_SIZE)
-/* Number of bytes to generate for matrix. */
-#define GEN_MATRIX_SIZE     GEN_MATRIX_NBLOCKS * XOF_BLOCK_SIZE
-
-
-/* Number of random bytes to generate for ETA3. */
-#define ETA3_RAND_SIZE     ((3 * MLKEM_N) / 4)
-/* Number of random bytes to generate for ETA2. */
-#define ETA2_RAND_SIZE     ((2 * MLKEM_N) / 4)
-
-
-/* Montgomery reduce a.
- *
- * @param  [in]  a  32-bit value to be reduced.
- * @return  Montgomery reduction result.
- */
-#define MLKEM_MONT_RED(a) \
-    (sword16)(((a) - (sword32)(((sword16)((sword16)(a) * \
-                                (sword16)MLKEM_QINV)) * \
-                               (sword32)MLKEM_Q)) >> 16)
-
-/* Barrett reduce a. r = a mod q.
- *
- * Converted division to multiplication.
- *
- * @param  [in]  a  16-bit value to be reduced to range of q.
- * @return  Modulo result.
- */
-#define MLKEM_BARRETT_RED(a) \
-    (sword16)((sword16)(a) - (sword16)((sword16)( \
-        ((sword32)((sword32)MLKEM_V * (sword16)(a))) >> 26) * (word16)MLKEM_Q))
-
-
-/* Zetas for NTT. */
-const sword16 zetas[MLKEM_N / 2] = {
-    2285, 2571, 2970, 1812, 1493, 1422,  287,  202,
-    3158,  622, 1577,  182,  962, 2127, 1855, 1468,
-     573, 2004,  264,  383, 2500, 1458, 1727, 3199,
-    2648, 1017,  732,  608, 1787,  411, 3124, 1758,
-    1223,  652, 2777, 1015, 2036, 1491, 3047, 1785,
-     516, 3321, 3009, 2663, 1711, 2167,  126, 1469,
-    2476, 3239, 3058,  830,  107, 1908, 3082, 2378,
-    2931,  961, 1821, 2604,  448, 2264,  677, 2054,
-    2226,  430,  555,  843, 2078,  871, 1550,  105,
-     422,  587,  177, 3094, 3038, 2869, 1574, 1653,
-    3083,  778, 1159, 3182, 2552, 1483, 2727, 1119,
-    1739,  644, 2457,  349,  418,  329, 3173, 3254,
-     817, 1097,  603,  610, 1322, 2044, 1864,  384,
-    2114, 3193, 1218, 1994, 2455,  220, 2142, 1670,
-    2144, 1799, 2051,  794, 1819, 2475, 2459,  478,
-    3221, 3021,  996,  991,  958, 1869, 1522, 1628
-};
-
-
-#if !defined(WOLFSSL_ARMASM)
-/* Number-Theoretic Transform.
- *
- * FIPS 203, Algorithm 9: NTT(f)
- * Computes the NTT representation f_hat of the given polynomial f element of
- * R_q.
- *   1: f_hat <- f
- *   2: i <- 1
- *   3: for (len <- 128; len >= 2; len <- len/2)
- *   4:     for (start <- 0; start < 256; start <- start + 2.len)
- *   5:         zeta <- zetas^BitRev_7(i) mod q
- *   6:         i <- i + 1
- *   7:         for (j <- start; j < start + len; j++)
- *   8:             t <- zeta.f[j+len]
- *   9:             f_hat[j+len] <- f_hat[j] - t
- *  10:             f_hat[j] <- f_hat[j] - t
- *  11:         end for
- *  12:     end for
- *  13: end for
- *  14: return f_hat
- *
- * @param  [in, out]  r  Polynomial to transform.
- */
-static void mlkem_ntt(sword16* r)
-{
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int len;
-    unsigned int k;
-    unsigned int j;
-
-    /* Step 2 */
-    k = 1;
-    /* Step 3 */
-    for (len = MLKEM_N / 2; len >= 2; len >>= 1) {
-        unsigned int start;
-        /* Step 4 */
-        for (start = 0; start < MLKEM_N; start = j + len) {
-            /* Step 5, 6*/
-            sword16 zeta = zetas[k++];
-            /* Step 7 */
-            for (j = start; j < start + len; ++j) {
-                /* Step 8 */
-                sword32 p = (sword32)zeta * r[j + len];
-                sword16 t = MLKEM_MONT_RED(p);
-                sword16 rj = r[j];
-                /* Step 9 */
-                r[j + len] = rj - t;
-                /* Step 10 */
-                r[j] = rj + t;
-            }
-        }
-    }
-
-    /* Reduce coefficients with quick algorithm. */
-    for (j = 0; j < MLKEM_N; ++j) {
-        r[j] = MLKEM_BARRETT_RED(r[j]);
-    }
-#elif defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-    /* Take out the first iteration. */
-    unsigned int len;
-    unsigned int k = 1;
-    unsigned int j;
-    unsigned int start;
-    sword16 zeta = zetas[k++];
-
-    for (j = 0; j < MLKEM_N / 2; ++j) {
-        sword32 p = (sword32)zeta * r[j + MLKEM_N / 2];
-        sword16 t = MLKEM_MONT_RED(p);
-        sword16 rj = r[j];
-        r[j + MLKEM_N / 2] = rj - t;
-        r[j] = rj + t;
-    }
-    for (len = MLKEM_N / 4; len >= 2; len >>= 1) {
-        for (start = 0; start < MLKEM_N; start = j + len) {
-            zeta = zetas[k++];
-            for (j = start; j < start + len; ++j) {
-                sword32 p = (sword32)zeta * r[j + len];
-                sword16 t = MLKEM_MONT_RED(p);
-                sword16 rj = r[j];
-                r[j + len] = rj - t;
-                r[j] = rj + t;
-            }
-        }
-    }
-
-    /* Reduce coefficients with quick algorithm. */
-    for (j = 0; j < MLKEM_N; ++j) {
-        r[j] = MLKEM_BARRETT_RED(r[j]);
-    }
-#elif defined(WOLFSSL_MLKEM_NTT_UNROLL)
-    /* Unroll len loop (Step 3). */
-    unsigned int k = 1;
-    unsigned int j;
-    unsigned int start;
-    sword16 zeta = zetas[k++];
-
-    /* len = 128 */
-    for (j = 0; j < MLKEM_N / 2; ++j) {
-        sword32 p = (sword32)zeta * r[j + MLKEM_N / 2];
-        sword16 t = MLKEM_MONT_RED(p);
-        sword16 rj = r[j];
-        r[j + MLKEM_N / 2] = rj - t;
-        r[j] = rj + t;
-    }
-    /* len = 64 */
-    for (start = 0; start < MLKEM_N; start += 2 * 64) {
-        zeta = zetas[k++];
-        for (j = 0; j < 64; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 64];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 64] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 32 */
-    for (start = 0; start < MLKEM_N; start += 2 * 32) {
-        zeta = zetas[k++];
-        for (j = 0; j < 32; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 32];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 32] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 16 */
-    for (start = 0; start < MLKEM_N; start += 2 * 16) {
-        zeta = zetas[k++];
-        for (j = 0; j < 16; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 16];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 16] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 8 */
-    for (start = 0; start < MLKEM_N; start += 2 * 8) {
-        zeta = zetas[k++];
-        for (j = 0; j < 8; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 8];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 8] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 4 */
-    for (start = 0; start < MLKEM_N; start += 2 * 4) {
-        zeta = zetas[k++];
-        for (j = 0; j < 4; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 4];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 4] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 2 */
-    for (start = 0; start < MLKEM_N; start += 2 * 2) {
-        zeta = zetas[k++];
-        for (j = 0; j < 2; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 2];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 2] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* Reduce coefficients with quick algorithm. */
-    for (j = 0; j < MLKEM_N; ++j) {
-        r[j] = MLKEM_BARRETT_RED(r[j]);
-    }
-#else
-    /* Unroll len (2, 3, 2) and start loops. */
-    unsigned int j;
-    sword16 t0;
-    sword16 t1;
-    sword16 t2;
-    sword16 t3;
-
-    /* len = 128,64 */
-    sword16 zeta128 = zetas[1];
-    sword16 zeta64_0 = zetas[2];
-    sword16 zeta64_1 = zetas[3];
-    for (j = 0; j < MLKEM_N / 8; j++) {
-        sword16 r0 = r[j +   0];
-        sword16 r1 = r[j +  32];
-        sword16 r2 = r[j +  64];
-        sword16 r3 = r[j +  96];
-        sword16 r4 = r[j + 128];
-        sword16 r5 = r[j + 160];
-        sword16 r6 = r[j + 192];
-        sword16 r7 = r[j + 224];
-
-        t0 = MLKEM_MONT_RED((sword32)zeta128 * r4);
-        t1 = MLKEM_MONT_RED((sword32)zeta128 * r5);
-        t2 = MLKEM_MONT_RED((sword32)zeta128 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta128 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = MLKEM_MONT_RED((sword32)zeta64_0 * r2);
-        t1 = MLKEM_MONT_RED((sword32)zeta64_0 * r3);
-        t2 = MLKEM_MONT_RED((sword32)zeta64_1 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta64_1 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        r[j +   0] = r0;
-        r[j +  32] = r1;
-        r[j +  64] = r2;
-        r[j +  96] = r3;
-        r[j + 128] = r4;
-        r[j + 160] = r5;
-        r[j + 192] = r6;
-        r[j + 224] = r7;
-    }
-
-    /* len = 32,16,8 */
-    for (j = 0; j < MLKEM_N; j += 64) {
-        int i;
-        sword16 zeta32   = zetas[ 4 + j / 64 + 0];
-        sword16 zeta16_0 = zetas[ 8 + j / 32 + 0];
-        sword16 zeta16_1 = zetas[ 8 + j / 32 + 1];
-        sword16 zeta8_0  = zetas[16 + j / 16 + 0];
-        sword16 zeta8_1  = zetas[16 + j / 16 + 1];
-        sword16 zeta8_2  = zetas[16 + j / 16 + 2];
-        sword16 zeta8_3  = zetas[16 + j / 16 + 3];
-        for (i = 0; i < 8; i++) {
-            sword16 r0 = r[j + i +  0];
-            sword16 r1 = r[j + i +  8];
-            sword16 r2 = r[j + i + 16];
-            sword16 r3 = r[j + i + 24];
-            sword16 r4 = r[j + i + 32];
-            sword16 r5 = r[j + i + 40];
-            sword16 r6 = r[j + i + 48];
-            sword16 r7 = r[j + i + 56];
-
-            t0 = MLKEM_MONT_RED((sword32)zeta32 * r4);
-            t1 = MLKEM_MONT_RED((sword32)zeta32 * r5);
-            t2 = MLKEM_MONT_RED((sword32)zeta32 * r6);
-            t3 = MLKEM_MONT_RED((sword32)zeta32 * r7);
-            r4 = r0 - t0;
-            r5 = r1 - t1;
-            r6 = r2 - t2;
-            r7 = r3 - t3;
-            r0 += t0;
-            r1 += t1;
-            r2 += t2;
-            r3 += t3;
-
-            t0 = MLKEM_MONT_RED((sword32)zeta16_0 * r2);
-            t1 = MLKEM_MONT_RED((sword32)zeta16_0 * r3);
-            t2 = MLKEM_MONT_RED((sword32)zeta16_1 * r6);
-            t3 = MLKEM_MONT_RED((sword32)zeta16_1 * r7);
-            r2 = r0 - t0;
-            r3 = r1 - t1;
-            r6 = r4 - t2;
-            r7 = r5 - t3;
-            r0 += t0;
-            r1 += t1;
-            r4 += t2;
-            r5 += t3;
-
-            t0 = MLKEM_MONT_RED((sword32)zeta8_0 * r1);
-            t1 = MLKEM_MONT_RED((sword32)zeta8_1 * r3);
-            t2 = MLKEM_MONT_RED((sword32)zeta8_2 * r5);
-            t3 = MLKEM_MONT_RED((sword32)zeta8_3 * r7);
-            r1 = r0 - t0;
-            r3 = r2 - t1;
-            r5 = r4 - t2;
-            r7 = r6 - t3;
-            r0 += t0;
-            r2 += t1;
-            r4 += t2;
-            r6 += t3;
-
-            r[j + i +  0] = r0;
-            r[j + i +  8] = r1;
-            r[j + i + 16] = r2;
-            r[j + i + 24] = r3;
-            r[j + i + 32] = r4;
-            r[j + i + 40] = r5;
-            r[j + i + 48] = r6;
-            r[j + i + 56] = r7;
-        }
-    }
-
-    /* len = 4,2 and Final reduction */
-    for (j = 0; j < MLKEM_N; j += 8) {
-        sword16 zeta4  = zetas[32 + j / 8 + 0];
-        sword16 zeta2_0 = zetas[64 + j / 4 + 0];
-        sword16 zeta2_1 = zetas[64 + j / 4 + 1];
-        sword16 r0 = r[j + 0];
-        sword16 r1 = r[j + 1];
-        sword16 r2 = r[j + 2];
-        sword16 r3 = r[j + 3];
-        sword16 r4 = r[j + 4];
-        sword16 r5 = r[j + 5];
-        sword16 r6 = r[j + 6];
-        sword16 r7 = r[j + 7];
-
-        t0 = MLKEM_MONT_RED((sword32)zeta4 * r4);
-        t1 = MLKEM_MONT_RED((sword32)zeta4 * r5);
-        t2 = MLKEM_MONT_RED((sword32)zeta4 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta4 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = MLKEM_MONT_RED((sword32)zeta2_0 * r2);
-        t1 = MLKEM_MONT_RED((sword32)zeta2_0 * r3);
-        t2 = MLKEM_MONT_RED((sword32)zeta2_1 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta2_1 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        r[j + 0] = MLKEM_BARRETT_RED(r0);
-        r[j + 1] = MLKEM_BARRETT_RED(r1);
-        r[j + 2] = MLKEM_BARRETT_RED(r2);
-        r[j + 3] = MLKEM_BARRETT_RED(r3);
-        r[j + 4] = MLKEM_BARRETT_RED(r4);
-        r[j + 5] = MLKEM_BARRETT_RED(r5);
-        r[j + 6] = MLKEM_BARRETT_RED(r6);
-        r[j + 7] = MLKEM_BARRETT_RED(r7);
-    }
-#endif
-}
-
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-/* Zetas for inverse NTT. */
-const sword16 zetas_inv[MLKEM_N / 2] = {
-    1701, 1807, 1460, 2371, 2338, 2333,  308,  108,
-    2851,  870,  854, 1510, 2535, 1278, 1530, 1185,
-    1659, 1187, 3109,  874, 1335, 2111,  136, 1215,
-    2945, 1465, 1285, 2007, 2719, 2726, 2232, 2512,
-      75,  156, 3000, 2911, 2980,  872, 2685, 1590,
-    2210,  602, 1846,  777,  147, 2170, 2551,  246,
-    1676, 1755,  460,  291,  235, 3152, 2742, 2907,
-    3224, 1779, 2458, 1251, 2486, 2774, 2899, 1103,
-    1275, 2652, 1065, 2881,  725, 1508, 2368,  398,
-     951,  247, 1421, 3222, 2499,  271,   90,  853,
-    1860, 3203, 1162, 1618,  666,  320,    8, 2813,
-    1544,  282, 1838, 1293, 2314,  552, 2677, 2106,
-    1571,  205, 2918, 1542, 2721, 2597, 2312,  681,
-     130, 1602, 1871,  829, 2946, 3065, 1325, 2756,
-    1861, 1474, 1202, 2367, 3147, 1752, 2707,  171,
-    3127, 3042, 1907, 1836, 1517,  359,  758, 1441
-};
-
-/* Inverse Number-Theoretic Transform.
- *
- * FIPS 203, Algorithm 10: NTT^-1(f_hat)
- * Computes the polynomial f element of R_q that corresponds to the given NTT
- * representation f element of T_q.
- *   1: f <- f_hat
- *   2: i <- 127
- *   3: for (len <- 2; len <= 128 ; len <- 2.len)
- *   4:     for (start <- 0; start < 256; start <- start + 2.len)
- *   5:         zeta <- zetas^BitRev_7(i) mod q
- *   6:         i <- i - 1
- *   7:         for (j <- start; j < start + len; j++)
- *   8:             t <- f[j]
- *   9:             f[j] < t + f[j + len]
- *  10:             f[j + len] <- zeta.(f[j+len] - t)
- *  11:         end for
- *  12:     end for
- *  13: end for
- *  14: f <- f.3303 mod q
- *  15: return f
- *
- * @param  [in, out]  r  Polynomial to transform.
- */
-static void mlkem_invntt(sword16* r)
-{
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int len;
-    unsigned int k;
-    unsigned int j;
-    sword16 zeta;
-
-    /* Step 2 - table reversed */
-    k = 0;
-    /* Step 3 */
-    for (len = 2; len <= MLKEM_N / 2; len <<= 1) {
-        unsigned int start;
-        /* Step 4 */
-        for (start = 0; start < MLKEM_N; start = j + len) {
-            /* Step 5, 6 */
-            zeta = zetas_inv[k++];
-            /* Step 7 */
-            for (j = start; j < start + len; ++j) {
-                sword32 p;
-                /* Step 8 */
-                sword16 rj = r[j];
-                sword16 rjl = r[j + len];
-                /* Step 9 */
-                sword16 t = rj + rjl;
-                r[j] = MLKEM_BARRETT_RED(t);
-                /* Step 10 */
-                rjl = rj - rjl;
-                p = (sword32)zeta * rjl;
-                r[j + len] = MLKEM_MONT_RED(p);
-            }
-        }
-    }
-
-    /* Step 14 */
-    zeta = zetas_inv[127];
-    for (j = 0; j < MLKEM_N; ++j) {
-        sword32 p = (sword32)zeta * r[j];
-        r[j] = MLKEM_MONT_RED(p);
-    }
-#elif defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-    /* Take out last iteration. */
-    unsigned int len;
-    unsigned int k;
-    unsigned int j;
-    sword16 zeta;
-    sword16 zeta2;
-
-    k = 0;
-    for (len = 2; len <= MLKEM_N / 4; len <<= 1) {
-        unsigned int start;
-        for (start = 0; start < MLKEM_N; start = j + len) {
-            zeta = zetas_inv[k++];
-            for (j = start; j < start + len; ++j) {
-                sword32 p;
-                sword16 rj = r[j];
-                sword16 rjl = r[j + len];
-                sword16 t = rj + rjl;
-                r[j] = MLKEM_BARRETT_RED(t);
-                rjl = rj - rjl;
-                p = (sword32)zeta * rjl;
-                r[j + len] = MLKEM_MONT_RED(p);
-            }
-        }
-    }
-
-    zeta = zetas_inv[126];
-    zeta2 = zetas_inv[127];
-    for (j = 0; j < MLKEM_N / 2; ++j) {
-        sword32 p;
-        sword16 rj = r[j];
-        sword16 rjl = r[j + MLKEM_N / 2];
-        sword16 t = rj + rjl;
-        rjl = rj - rjl;
-        p = (sword32)zeta * rjl;
-        r[j] = t;
-        r[j + MLKEM_N / 2] = MLKEM_MONT_RED(p);
-
-        p = (sword32)zeta2 * r[j];
-        r[j] = MLKEM_MONT_RED(p);
-        p = (sword32)zeta2 * r[j + MLKEM_N / 2];
-        r[j + MLKEM_N / 2] = MLKEM_MONT_RED(p);
-    }
-#elif defined(WOLFSSL_MLKEM_INVNTT_UNROLL)
-    /* Unroll len loop (Step 3). */
-    unsigned int k;
-    unsigned int j;
-    unsigned int start;
-    sword16 zeta;
-    sword16 zeta2;
-
-    k = 0;
-    /* len = 2 */
-    for (start = 0; start < MLKEM_N; start += 2 * 2) {
-        zeta = zetas_inv[k++];
-        for (j = 0; j < 2; ++j) {
-            sword32 p;
-            sword16 rj = r[start + j];
-            sword16 rjl = r[start + j + 2];
-            sword16 t = rj + rjl;
-            r[start + j] = t;
-            rjl = rj - rjl;
-            p = (sword32)zeta * rjl;
-            r[start + j + 2] = MLKEM_MONT_RED(p);
-        }
-    }
-    /* len = 4 */
-    for (start = 0; start < MLKEM_N; start += 2 * 4) {
-        zeta = zetas_inv[k++];
-        for (j = 0; j < 4; ++j) {
-            sword32 p;
-            sword16 rj = r[start + j];
-            sword16 rjl = r[start + j + 4];
-            sword16 t = rj + rjl;
-            r[start + j] = t;
-            rjl = rj - rjl;
-            p = (sword32)zeta * rjl;
-            r[start + j + 4] = MLKEM_MONT_RED(p);
-        }
-    }
-    /* len = 8 */
-    for (start = 0; start < MLKEM_N; start += 2 * 8) {
-        zeta = zetas_inv[k++];
-        for (j = 0; j < 8; ++j) {
-            sword32 p;
-            sword16 rj = r[start + j];
-            sword16 rjl = r[start + j + 8];
-            sword16 t = rj + rjl;
-            /* Reduce. */
-            r[start + j] = MLKEM_BARRETT_RED(t);
-            rjl = rj - rjl;
-            p = (sword32)zeta * rjl;
-            r[start + j + 8] = MLKEM_MONT_RED(p);
-        }
-    }
-    /* len = 16 */
-    for (start = 0; start < MLKEM_N; start += 2 * 16) {
-        zeta = zetas_inv[k++];
-        for (j = 0; j < 16; ++j) {
-            sword32 p;
-            sword16 rj = r[start + j];
-            sword16 rjl = r[start + j + 16];
-            sword16 t = rj + rjl;
-            r[start + j] = t;
-            rjl = rj - rjl;
-            p = (sword32)zeta * rjl;
-            r[start + j + 16] = MLKEM_MONT_RED(p);
-        }
-    }
-    /* len = 32 */
-    for (start = 0; start < MLKEM_N; start += 2 * 32) {
-        zeta = zetas_inv[k++];
-        for (j = 0; j < 32; ++j) {
-            sword32 p;
-            sword16 rj = r[start + j];
-            sword16 rjl = r[start + j + 32];
-            sword16 t = rj + rjl;
-            r[start + j] = t;
-            rjl = rj - rjl;
-            p = (sword32)zeta * rjl;
-            r[start + j + 32] = MLKEM_MONT_RED(p);
-        }
-    }
-    /* len = 64 */
-    for (start = 0; start < MLKEM_N; start += 2 * 64) {
-        zeta = zetas_inv[k++];
-        for (j = 0; j < 64; ++j) {
-            sword32 p;
-            sword16 rj = r[start + j];
-            sword16 rjl = r[start + j + 64];
-            sword16 t = rj + rjl;
-            /* Reduce. */
-            r[start + j] = MLKEM_BARRETT_RED(t);
-            rjl = rj - rjl;
-            p = (sword32)zeta * rjl;
-            r[start + j + 64] = MLKEM_MONT_RED(p);
-        }
-    }
-    /* len = 128, 256 */
-    zeta = zetas_inv[126];
-    zeta2 = zetas_inv[127];
-    for (j = 0; j < MLKEM_N / 2; ++j) {
-        sword32 p;
-        sword16 rj = r[j];
-        sword16 rjl = r[j + MLKEM_N / 2];
-        sword16 t = rj + rjl;
-        rjl = rj - rjl;
-        p = (sword32)zeta * rjl;
-        r[j] = t;
-        r[j + MLKEM_N / 2] = MLKEM_MONT_RED(p);
-
-        p = (sword32)zeta2 * r[j];
-        r[j] = MLKEM_MONT_RED(p);
-        p = (sword32)zeta2 * r[j + MLKEM_N / 2];
-        r[j + MLKEM_N / 2] = MLKEM_MONT_RED(p);
-    }
-#else
-    /* Unroll len (2, 3, 3) and start loops. */
-    unsigned int j;
-    sword16 t0;
-    sword16 t1;
-    sword16 t2;
-    sword16 t3;
-    sword16 zeta64_0;
-    sword16 zeta64_1;
-    sword16 zeta128;
-    sword16 zeta256;
-    sword32 p;
-
-    for (j = 0; j < MLKEM_N; j += 8) {
-        sword16 zeta2_0 = zetas_inv[ 0 + j / 4 + 0];
-        sword16 zeta2_1 = zetas_inv[ 0 + j / 4 + 1];
-        sword16 zeta4   = zetas_inv[64 + j / 8 + 0];
-        sword16 r0 = r[j + 0];
-        sword16 r1 = r[j + 1];
-        sword16 r2 = r[j + 2];
-        sword16 r3 = r[j + 3];
-        sword16 r4 = r[j + 4];
-        sword16 r5 = r[j + 5];
-        sword16 r6 = r[j + 6];
-        sword16 r7 = r[j + 7];
-
-        p = (sword32)zeta2_0 * (sword16)(r0 - r2);
-        t0 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta2_0 * (sword16)(r1 - r3);
-        t1 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta2_1 * (sword16)(r4 - r6);
-        t2 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta2_1 * (sword16)(r5 - r7);
-        t3 = MLKEM_MONT_RED(p);
-        r0 += r2;
-        r1 += r3;
-        r4 += r6;
-        r5 += r7;
-        r2 = t0;
-        r3 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        p = (sword32)zeta4 * (sword16)(r0 - r4);
-        t0 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta4 * (sword16)(r1 - r5);
-        t1 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta4 * (sword16)(r2 - r6);
-        t2 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta4 * (sword16)(r3 - r7);
-        t3 = MLKEM_MONT_RED(p);
-        r0 += r4;
-        r1 += r5;
-        r2 += r6;
-        r3 += r7;
-        r4 = t0;
-        r5 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        r[j + 0] = r0;
-        r[j + 1] = r1;
-        r[j + 2] = r2;
-        r[j + 3] = r3;
-        r[j + 4] = r4;
-        r[j + 5] = r5;
-        r[j + 6] = r6;
-        r[j + 7] = r7;
-    }
-
-    for (j = 0; j < MLKEM_N; j += 64) {
-        int i;
-        sword16 zeta8_0  = zetas_inv[ 96 + j / 16 + 0];
-        sword16 zeta8_1  = zetas_inv[ 96 + j / 16 + 1];
-        sword16 zeta8_2  = zetas_inv[ 96 + j / 16 + 2];
-        sword16 zeta8_3  = zetas_inv[ 96 + j / 16 + 3];
-        sword16 zeta16_0 = zetas_inv[112 + j / 32 + 0];
-        sword16 zeta16_1 = zetas_inv[112 + j / 32 + 1];
-        sword16 zeta32   = zetas_inv[120 + j / 64 + 0];
-        for (i = 0; i < 8; i++) {
-            sword16 r0 = r[j + i +  0];
-            sword16 r1 = r[j + i +  8];
-            sword16 r2 = r[j + i + 16];
-            sword16 r3 = r[j + i + 24];
-            sword16 r4 = r[j + i + 32];
-            sword16 r5 = r[j + i + 40];
-            sword16 r6 = r[j + i + 48];
-            sword16 r7 = r[j + i + 56];
-
-            p = (sword32)zeta8_0 * (sword16)(r0 - r1);
-            t0 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta8_1 * (sword16)(r2 - r3);
-            t1 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta8_2 * (sword16)(r4 - r5);
-            t2 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta8_3 * (sword16)(r6 - r7);
-            t3 = MLKEM_MONT_RED(p);
-            r0 = MLKEM_BARRETT_RED(r0 + r1);
-            r2 = MLKEM_BARRETT_RED(r2 + r3);
-            r4 = MLKEM_BARRETT_RED(r4 + r5);
-            r6 = MLKEM_BARRETT_RED(r6 + r7);
-            r1 = t0;
-            r3 = t1;
-            r5 = t2;
-            r7 = t3;
-
-            p = (sword32)zeta16_0 * (sword16)(r0 - r2);
-            t0 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta16_0 * (sword16)(r1 - r3);
-            t1 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta16_1 * (sword16)(r4 - r6);
-            t2 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta16_1 * (sword16)(r5 - r7);
-            t3 = MLKEM_MONT_RED(p);
-            r0 += r2;
-            r1 += r3;
-            r4 += r6;
-            r5 += r7;
-            r2 = t0;
-            r3 = t1;
-            r6 = t2;
-            r7 = t3;
-
-            p = (sword32)zeta32 * (sword16)(r0 - r4);
-            t0 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta32 * (sword16)(r1 - r5);
-            t1 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta32 * (sword16)(r2 - r6);
-            t2 = MLKEM_MONT_RED(p);
-            p = (sword32)zeta32 * (sword16)(r3 - r7);
-            t3 = MLKEM_MONT_RED(p);
-            r0 += r4;
-            r1 += r5;
-            r2 += r6;
-            r3 += r7;
-            r4 = t0;
-            r5 = t1;
-            r6 = t2;
-            r7 = t3;
-
-            r[j + i +  0] = r0;
-            r[j + i +  8] = r1;
-            r[j + i + 16] = r2;
-            r[j + i + 24] = r3;
-            r[j + i + 32] = r4;
-            r[j + i + 40] = r5;
-            r[j + i + 48] = r6;
-            r[j + i + 56] = r7;
-        }
-    }
-
-    zeta64_0 = zetas_inv[124];
-    zeta64_1 = zetas_inv[125];
-    zeta128  = zetas_inv[126];
-    zeta256  = zetas_inv[127];
-    for (j = 0; j < MLKEM_N / 8; j++) {
-        sword16 r0 = r[j +   0];
-        sword16 r1 = r[j +  32];
-        sword16 r2 = r[j +  64];
-        sword16 r3 = r[j +  96];
-        sword16 r4 = r[j + 128];
-        sword16 r5 = r[j + 160];
-        sword16 r6 = r[j + 192];
-        sword16 r7 = r[j + 224];
-
-        p = (sword32)zeta64_0 * (sword16)(r0 - r2);
-        t0 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta64_0 * (sword16)(r1 - r3);
-        t1 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta64_1 * (sword16)(r4 - r6);
-        t2 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta64_1 * (sword16)(r5 - r7);
-        t3 = MLKEM_MONT_RED(p);
-        r0 = MLKEM_BARRETT_RED(r0 + r2);
-        r1 = MLKEM_BARRETT_RED(r1 + r3);
-        r4 = MLKEM_BARRETT_RED(r4 + r6);
-        r5 = MLKEM_BARRETT_RED(r5 + r7);
-        r2 = t0;
-        r3 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        p = (sword32)zeta128 * (sword16)(r0 - r4);
-        t0 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta128 * (sword16)(r1 - r5);
-        t1 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta128 * (sword16)(r2 - r6);
-        t2 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta128 * (sword16)(r3 - r7);
-        t3 = MLKEM_MONT_RED(p);
-        r0 += r4;
-        r1 += r5;
-        r2 += r6;
-        r3 += r7;
-        r4 = t0;
-        r5 = t1;
-        r6 = t2;
-        r7 = t3;
-
-        p = (sword32)zeta256 * r0;
-        r0 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r1;
-        r1 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r2;
-        r2 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r3;
-        r3 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r4;
-        r4 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r5;
-        r5 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r6;
-        r6 = MLKEM_MONT_RED(p);
-        p = (sword32)zeta256 * r7;
-        r7 = MLKEM_MONT_RED(p);
-
-        r[j +   0] = r0;
-        r[j +  32] = r1;
-        r[j +  64] = r2;
-        r[j +  96] = r3;
-        r[j + 128] = r4;
-        r[j + 160] = r5;
-        r[j + 192] = r6;
-        r[j + 224] = r7;
-    }
-#endif
-}
-#endif
-
-/* Multiplication of polynomials in Zq[X]/(X^2-zeta).
- *
- * Used for multiplication of elements in Rq in NTT domain.
- *
- * FIPS 203, Algorithm 12: BaseCaseMultiply(a0, a1, b0, b1, zeta)
- * Computes the product of two degree-one polynomials with respect to a
- * quadratic modulus.
- *   1: c0 <- a0.b0 + a1.b1.zeta
- *   2: c1 <- a0.b1 + a1.b0
- *   3: return (c0, c1)
- *
- * @param  [out]  r     Result polynomial.
- * @param  [in]   a     First factor.
- * @param  [in]   b     Second factor.
- * @param  [in]   zeta  Integer defining the reduction polynomial.
- */
-static void mlkem_basemul(sword16* r, const sword16* a, const sword16* b,
-    sword16 zeta)
-{
-    sword16 r0;
-    sword16 a0 = a[0];
-    sword16 a1 = a[1];
-    sword16 b0 = b[0];
-    sword16 b1 = b[1];
-    sword32 p1;
-    sword32 p2;
-
-    /* Step 1 */
-    p1   = (sword32)a0 * b0;
-    p2   = (sword32)a1 * b1;
-    r0   = MLKEM_MONT_RED(p2);
-    p2   = (sword32)zeta * r0;
-    p2  += p1;
-    r[0] = MLKEM_MONT_RED(p2);
-
-    /* Step 2 */
-    p1   = (sword32)a0 * b1;
-    p2   = (sword32)a1 * b0;
-    p1  += p2;
-    r[1] = MLKEM_MONT_RED(p1);
-}
-
-/* Multiply two polynomials in NTT domain. r = a * b.
- *
- * FIPS 203, Algorithm 11: MultiplyNTTs(f_hat, g_hat)
- * Computes the product (in the ring T_q) of two NTT representations.
- *   1: for (i <- 0; i < 128; i++)
- *   2:     (h_hat[2i],h_hat[2i+1]) <-
- *              BaseCaseMultiply(f_hat[2i],f_hat[2i+1],g_hat[2i],g_hat[2i+1],
- *                               zetas^(BitRev_7(i)+1)
- *   3: end for
- *   4: return h_hat
- *
- * @param  [out]  r  Result polynomial.
- * @param  [in]   a  First polynomial multiplier.
- * @param  [in]   b  Second polynomial multiplier.
- */
-static void mlkem_basemul_mont(sword16* r, const sword16* a, const sword16* b)
-{
-    const sword16* zeta = zetas + 64;
-
-#if defined(WOLFSSL_MLKEM_SMALL)
-    /* Two multiplications per loop. */
-    unsigned int i;
-    /* Step 1 */
-    for (i = 0; i < MLKEM_N; i += 4, zeta++) {
-        /* Step 2 */
-        mlkem_basemul(r + i + 0, a + i + 0, b + i + 0,  zeta[0]);
-        mlkem_basemul(r + i + 2, a + i + 2, b + i + 2, -zeta[0]);
-    }
-#elif defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-    /* Four multiplications per loop. */
-    unsigned int i;
-    for (i = 0; i < MLKEM_N; i += 8, zeta += 2) {
-        mlkem_basemul(r + i + 0, a + i + 0, b + i + 0,  zeta[0]);
-        mlkem_basemul(r + i + 2, a + i + 2, b + i + 2, -zeta[0]);
-        mlkem_basemul(r + i + 4, a + i + 4, b + i + 4,  zeta[1]);
-        mlkem_basemul(r + i + 6, a + i + 6, b + i + 6, -zeta[1]);
-    }
-#else
-    /* Eight multiplications per loop. */
-    unsigned int i;
-    for (i = 0; i < MLKEM_N; i += 16, zeta += 4) {
-        mlkem_basemul(r + i +  0, a + i +  0, b + i +  0,  zeta[0]);
-        mlkem_basemul(r + i +  2, a + i +  2, b + i +  2, -zeta[0]);
-        mlkem_basemul(r + i +  4, a + i +  4, b + i +  4,  zeta[1]);
-        mlkem_basemul(r + i +  6, a + i +  6, b + i +  6, -zeta[1]);
-        mlkem_basemul(r + i +  8, a + i +  8, b + i +  8,  zeta[2]);
-        mlkem_basemul(r + i + 10, a + i + 10, b + i + 10, -zeta[2]);
-        mlkem_basemul(r + i + 12, a + i + 12, b + i + 12,  zeta[3]);
-        mlkem_basemul(r + i + 14, a + i + 14, b + i + 14, -zeta[3]);
-    }
-#endif
-}
-
-/* Multiply two polynomials in NTT domain and add to result. r += a * b.
- *
- * FIPS 203, Algorithm 11: MultiplyNTTs(f_hat, g_hat)
- * Computes the product (in the ring T_q) of two NTT representations.
- *   1: for (i <- 0; i < 128; i++)
- *   2:     (h_hat[2i],h_hat[2i+1]) <-
- *              BaseCaseMultiply(f_hat[2i],f_hat[2i+1],g_hat[2i],g_hat[2i+1],
- *                               zetas^(BitRev_7(i)+1)
- *   3: end for
- *   4: return h_hat
- * Add h_hat to r.
- *
- * @param  [in, out]  r  Result polynomial.
- * @param  [in]       a  First polynomial multiplier.
- * @param  [in]       b  Second polynomial multiplier.
- */
-static void mlkem_basemul_mont_add(sword16* r, const sword16* a,
-    const sword16* b)
-{
-    const sword16* zeta = zetas + 64;
-
-#if defined(WOLFSSL_MLKEM_SMALL)
-    /* Two multiplications per loop. */
-    unsigned int i;
-    for (i = 0; i < MLKEM_N; i += 4, zeta++) {
-        sword16 t0[2];
-        sword16 t2[2];
-
-        mlkem_basemul(t0, a + i + 0, b + i + 0,  zeta[0]);
-        mlkem_basemul(t2, a + i + 2, b + i + 2, -zeta[0]);
-
-        r[i + 0] += t0[0];
-        r[i + 1] += t0[1];
-        r[i + 2] += t2[0];
-        r[i + 3] += t2[1];
-    }
-#elif defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-    /* Four multiplications per loop. */
-    unsigned int i;
-    for (i = 0; i < MLKEM_N; i += 8, zeta += 2) {
-        sword16 t0[2];
-        sword16 t2[2];
-        sword16 t4[2];
-        sword16 t6[2];
-
-        mlkem_basemul(t0, a + i + 0, b + i + 0,  zeta[0]);
-        mlkem_basemul(t2, a + i + 2, b + i + 2, -zeta[0]);
-        mlkem_basemul(t4, a + i + 4, b + i + 4,  zeta[1]);
-        mlkem_basemul(t6, a + i + 6, b + i + 6, -zeta[1]);
-
-        r[i + 0] += t0[0];
-        r[i + 1] += t0[1];
-        r[i + 2] += t2[0];
-        r[i + 3] += t2[1];
-        r[i + 4] += t4[0];
-        r[i + 5] += t4[1];
-        r[i + 6] += t6[0];
-        r[i + 7] += t6[1];
-    }
-#else
-    /* Eight multiplications per loop. */
-    unsigned int i;
-    for (i = 0; i < MLKEM_N; i += 16, zeta += 4) {
-        sword16 t0[2];
-        sword16 t2[2];
-        sword16 t4[2];
-        sword16 t6[2];
-        sword16 t8[2];
-        sword16 t10[2];
-        sword16 t12[2];
-        sword16 t14[2];
-
-        mlkem_basemul(t0, a + i + 0, b + i + 0,  zeta[0]);
-        mlkem_basemul(t2, a + i + 2, b + i + 2, -zeta[0]);
-        mlkem_basemul(t4, a + i + 4, b + i + 4,  zeta[1]);
-        mlkem_basemul(t6, a + i + 6, b + i + 6, -zeta[1]);
-        mlkem_basemul(t8, a + i + 8, b + i + 8,  zeta[2]);
-        mlkem_basemul(t10, a + i + 10, b + i + 10, -zeta[2]);
-        mlkem_basemul(t12, a + i + 12, b + i + 12,  zeta[3]);
-        mlkem_basemul(t14, a + i + 14, b + i + 14, -zeta[3]);
-
-        r[i + 0] += t0[0];
-        r[i + 1] += t0[1];
-        r[i + 2] += t2[0];
-        r[i + 3] += t2[1];
-        r[i + 4] += t4[0];
-        r[i + 5] += t4[1];
-        r[i + 6] += t6[0];
-        r[i + 7] += t6[1];
-        r[i + 8] += t8[0];
-        r[i + 9] += t8[1];
-        r[i + 10] += t10[0];
-        r[i + 11] += t10[1];
-        r[i + 12] += t12[0];
-        r[i + 13] += t12[1];
-        r[i + 14] += t14[0];
-        r[i + 15] += t14[1];
-    }
-#endif
-}
-#endif
-
-/* Pointwise multiply elements of a and b, into r, and multiply by 2^-16.
- *
- * @param  [out]  r  Result polynomial.
- * @param  [in]   a  First vector polynomial to multiply with.
- * @param  [in]   b  Second vector polynomial to multiply with.
- * @param  [in]   k  Number of polynomials in vector.
- */
-static void mlkem_pointwise_acc_mont(sword16* r, const sword16* a,
-    const sword16* b, unsigned int k)
-{
-    unsigned int i;
-
-    mlkem_basemul_mont(r, a, b);
-#ifdef WOLFSSL_MLKEM_SMALL
-    for (i = 1; i < k; ++i) {
-        mlkem_basemul_mont_add(r, a + i * MLKEM_N, b + i * MLKEM_N);
-    }
-#else
-    for (i = 1; i < k - 1; ++i) {
-        mlkem_basemul_mont_add(r, a + i * MLKEM_N, b + i * MLKEM_N);
-    }
-    mlkem_basemul_mont_add(r, a + (k - 1) * MLKEM_N, b + (k - 1) * MLKEM_N);
-#endif
-}
-
-/******************************************************************************/
-
-/* Initialize Kyber implementation.
- */
-void mlkem_init(void)
-{
-#if defined(USE_INTEL_SPEEDUP) || (defined(__aarch64__) && \
-    defined(WOLFSSL_ARMASM))
-    cpuid_get_flags_ex(&cpuid_flags);
-#endif
-}
-
-/******************************************************************************/
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-
-#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
-/* Generate a public-private key pair from randomly generated data.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   16: s_hat <- NTT(s)
- *   17: e_hat <- NTT(e)
- *   18: t^hat <- A_hat o s_hat + e_hat
- *   ...
- *
- * @param  [in, out]  s  Private key vector of polynomials.
- * @param  [out]      t  Public key vector of polynomials.
- * @param  [in]       e  Error values as a vector of polynomials. Modified.
- * @param  [in]       a  Random values in an array of vectors of polynomials.
- * @param  [in]       k  Number of polynomials in vector.
- */
-void mlkem_keygen(sword16* s, sword16* t, sword16* e, const sword16* a, int k)
-{
-    int i;
-
-#ifndef WOLFSSL_AARCH64_NO_SQRDMLSH
-    if (IS_AARCH64_RDM(cpuid_flags)) {
-        /* Transform private key. All of result used in public key calculation.
-         * Step 16: s_hat = NTT(s) */
-        for (i = 0; i < k; ++i) {
-            mlkem_ntt_sqrdmlsh(s + i * MLKEM_N);
-        }
-
-        /* For each polynomial in the vectors.
-         * Step 17, Step 18: Calculate public from A_hat, s_hat and e_hat. */
-        for (i = 0; i < k; ++i) {
-            /* Multiply a by private into public polynomial.
-             * Step 18: ... A_hat o s_hat ... */
-            mlkem_pointwise_acc_mont(t + i * MLKEM_N, a + i * k * MLKEM_N, s,
-                k);
-            /* Convert public polynomial to Montgomery form.
-             * Step 18: ... MontRed(A_hat o s_hat) ... */
-            mlkem_to_mont_sqrdmlsh(t + i * MLKEM_N);
-            /* Transform error values polynomial.
-             * Step 17: e_hat = NTT(e) */
-            mlkem_ntt_sqrdmlsh(e + i * MLKEM_N);
-            /* Add errors to public key and reduce.
-             * Step 18: t_hat = BarrettRed(MontRed(A_hat o s_hat) + e_hat) */
-            mlkem_add_reduce(t + i * MLKEM_N, e + i * MLKEM_N);
-        }
-    }
-    else
-#endif
-    {
-        /* Transform private key. All of result used in public key calculation.
-         * Step 16: s_hat = NTT(s) */
-        for (i = 0; i < k; ++i) {
-            mlkem_ntt(s + i * MLKEM_N);
-        }
-
-        /* For each polynomial in the vectors.
-         * Step 17, Step 18: Calculate public from A_hat, s_hat and e_hat. */
-        for (i = 0; i < k; ++i) {
-            /* Multiply a by private into public polynomial.
-             * Step 18: ... A_hat o s_hat ... */
-            mlkem_pointwise_acc_mont(t + i * MLKEM_N, a + i * k * MLKEM_N, s,
-                k);
-            /* Convert public polynomial to Montgomery form.
-             * Step 18: ... MontRed(A_hat o s_hat) ... */
-            mlkem_to_mont(t + i * MLKEM_N);
-            /* Transform error values polynomial.
-             * Step 17: e_hat = NTT(e) */
-            mlkem_ntt(e + i * MLKEM_N);
-            /* Add errors to public key and reduce.
-             * Step 18: t_hat = BarrettRed(MontRed(A_hat o s_hat) + e_hat) */
-            mlkem_add_reduce(t + i * MLKEM_N, e + i * MLKEM_N);
-        }
-    }
-}
-#endif /* WOLFSSL_MLKEM_NO_MAKE_KEY */
-
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-/* Encapsulate message.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE, m, r)
- *   ...
- *   Step 18: y_hat <- NTT(y)
- *   Step 19: u <- InvNTT(A_hat_trans o y_hat) + e_1)
- *   ...
- *   Step 21: v <- InvNTT(t_hat_trans o y_hat) + e_2 + mu)
- *   ...
- *
- * @param  [in]   t   Public key vector of polynomials.
- * @param  [out]  u   Vector of polynomials.
- * @param  [out]  v   Polynomial.
- * @param  [in]   a   Array of vector of polynomials.
- * @param  [in]   y   Vector of polynomials.
- * @param  [in]   e1  Error Vector of polynomials.
- * @param  [in]   e2  Error polynomial.
- * @param  [in]   m   Message polynomial.
- * @param  [in]   k   Number of polynomials in vector.
- * @return  0 on success.
- *
- */
-void mlkem_encapsulate(const sword16* t, sword16* u , sword16* v,
-    const sword16* a, sword16* y, const sword16* e1, const sword16* e2,
-    const sword16* m, int k)
-{
-    int i;
-
-#ifndef WOLFSSL_AARCH64_NO_SQRDMLSH
-    if (IS_AARCH64_RDM(cpuid_flags)) {
-        /* Transform y. All of result used in calculation of u and v.
-         * Step 18: y_hat <- NTT(y) */
-        for (i = 0; i < k; ++i) {
-            mlkem_ntt_sqrdmlsh(y + i * MLKEM_N);
-        }
-
-        /* For each polynomial in the vectors.
-         * Step 19: u <- InvNTT(A_hat_trans o y_hat) + e_1) */
-        for (i = 0; i < k; ++i) {
-            /* Multiply at by y into u polynomial.
-             * Step 19: ... A_hat_trans o y_hat ... */
-            mlkem_pointwise_acc_mont(u + i * MLKEM_N, a + i * k * MLKEM_N, y,
-                k);
-            /* Inverse transform u  polynomial.
-             * Step 19: ... InvNTT(A_hat_trans o y_hat) ... */
-            mlkem_invntt_sqrdmlsh(u  + i * MLKEM_N);
-            /* Add errors to u  and reduce.
-             * Step 19: u <- InvNTT(A_hat_trans o y_hat) + e_1) */
-            mlkem_add_reduce(u  + i * MLKEM_N, e1 + i * MLKEM_N);
-        }
-
-        /* Multiply public key by y into v polynomial.
-         * Step 21: ... t_hat_trans o y_hat ... */
-        mlkem_pointwise_acc_mont(v, t, y, k);
-        /* Inverse transform v.
-         * Step 22: ... InvNTT(t_hat_trans o y_hat) ... */
-        mlkem_invntt_sqrdmlsh(v);
-    }
-    else
-#endif
-    {
-        /* Transform y. All of result used in calculation of u and v.
-         * Step 18: y_hat <- NTT(y) */
-        for (i = 0; i < k; ++i) {
-            mlkem_ntt(y + i * MLKEM_N);
-        }
-
-        /* For each polynomial in the vectors.
-         * Step 19: u <- InvNTT(A_hat_trans o y_hat) + e_1) */
-        for (i = 0; i < k; ++i) {
-            /* Multiply at by y into u polynomial.
-             * Step 19: ... A_hat_trans o y_hat ... */
-            mlkem_pointwise_acc_mont(u + i * MLKEM_N, a + i * k * MLKEM_N, y,
-                k);
-            /* Inverse transform u  polynomial.
-             * Step 19: ... InvNTT(A_hat_trans o y_hat) ... */
-            mlkem_invntt(u + i * MLKEM_N);
-            /* Add errors to u and reduce.
-             * Step 19: u <- InvNTT(A_hat_trans o y_hat) + e_1) */
-            mlkem_add_reduce(u + i * MLKEM_N, e1 + i * MLKEM_N);
-        }
-
-        /* Multiply public key by y into v polynomial.
-         * Step 21: ... t_hat_trans o y_hat ... */
-        mlkem_pointwise_acc_mont(v, t, y, k);
-        /* Inverse transform v.
-         * Step 22: ... InvNTT(t_hat_trans o y_hat) ... */
-        mlkem_invntt(v);
-    }
-    /* Add errors and message to v and reduce.
-     * Step 21: v <- InvNTT(t_hat_trans o y_hat) + e_2 + mu) */
-    mlkem_add3_reduce(v, e2, m);
-}
-#endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE || !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-/* Decapsulate message.
- *
- * FIPS 203, Algorithm 15: K-PKE.Decrypt(dk_PKE,c)
- * Uses the decryption key to decrypt a ciphertext.
- *   ...
- *   6: w <- v' - InvNTT(s_hat_trans o NTT(u'))
- *   ...
- *
- * @param  [in]   s  Decryption key as vector of polynomials.
- * @param  [out]  w  Message polynomial.
- * @param  [in]   u  Vector of polynomials containing error.
- * @param  [in]   v  Encapsulated message polynomial.
- * @param  [in]   k  Number of polynomials in vector.
- */
-void mlkem_decapsulate(const sword16* s, sword16* w, sword16* u,
-    const sword16* v, int k)
-{
-    int i;
-
-#ifndef WOLFSSL_AARCH64_NO_SQRDMLSH
-    if (IS_AARCH64_RDM(cpuid_flags)) {
-        /* Transform u. All of result used in calculation of w.
-         * Step 6: ... NTT(u') */
-        for (i = 0; i < k; ++i) {
-            mlkem_ntt_sqrdmlsh(u + i * MLKEM_N);
-        }
-
-        /* Multiply private key by u into w polynomial.
-         * Step 6: ... s_hat_trans o NTT(u') */
-        mlkem_pointwise_acc_mont(w, s, u, k);
-        /* Inverse transform w.
-         * Step 6: ... InvNTT(s_hat_trans o NTT(u')) */
-        mlkem_invntt_sqrdmlsh(w);
-    }
-    else
-#endif
-    {
-        /* Transform u. All of result used in calculation of w.
-         * Step 6: ... NTT(u') */
-        for (i = 0; i < k; ++i) {
-            mlkem_ntt(u + i * MLKEM_N);
-        }
-
-        /* Multiply private key by u into w polynomial.
-         * Step 6: ... s_hat_trans o NTT(u') */
-        mlkem_pointwise_acc_mont(w, s, u, k);
-        /* Inverse transform w.
-         * Step 6: ... InvNTT(s_hat_trans o NTT(u')) */
-        mlkem_invntt(w);
-    }
-    /* Subtract errors (in w) out of v and reduce into w.
-     * Step 6: w <- v' - InvNTT(s_hat_trans o NTT(u')) */
-    mlkem_rsub_reduce(w, v);
-}
-#endif /* !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#else
-
-#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
-
-#if !defined(WOLFSSL_MLKEM_SMALL) && !defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-/* Number-Theoretic Transform.
- *
- * FIPS 203, Algorithm 9: NTT(f)
- * Computes the NTT representation f_hat of the given polynomial f element of
- * R_q.
- *   1: f_hat <- f
- *   2: i <- 1
- *   3: for (len <- 128; len >= 2; len <- len/2)
- *   4:     for (start <- 0; start < 256; start <- start + 2.len)
- *   5:         zeta <- zetas^BitRev_7(i) mod q
- *   6:         i <- i + 1
- *   7:         for (j <- start; j < start + len; j++)
- *   8:             t <- zeta.f[j+len]
- *   9:             f_hat[j+len] <- f_hat[j] - t
- *  10:             f_hat[j] <- f_hat[j] - t
- *  11:         end for
- *  12:     end for
- *  13: end for
- *  14: return f_hat
- *
- * @param  [in, out]  r  Polynomial to transform.
- */
-static void mlkem_ntt_add_to(sword16* r, sword16* a)
-{
-#if defined(WOLFSSL_MLKEM_NTT_UNROLL)
-    /* Unroll len loop (Step 3). */
-    unsigned int k = 1;
-    unsigned int j;
-    unsigned int start;
-    sword16 zeta = zetas[k++];
-
-    /* len = 128 */
-    for (j = 0; j < MLKEM_N / 2; ++j) {
-        sword32 p = (sword32)zeta * r[j + MLKEM_N / 2];
-        sword16 t = MLKEM_MONT_RED(p);
-        sword16 rj = r[j];
-        r[j + MLKEM_N / 2] = rj - t;
-        r[j] = rj + t;
-    }
-    /* len = 64 */
-    for (start = 0; start < MLKEM_N; start += 2 * 64) {
-        zeta = zetas[k++];
-        for (j = 0; j < 64; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 64];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 64] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 32 */
-    for (start = 0; start < MLKEM_N; start += 2 * 32) {
-        zeta = zetas[k++];
-        for (j = 0; j < 32; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 32];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 32] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 16 */
-    for (start = 0; start < MLKEM_N; start += 2 * 16) {
-        zeta = zetas[k++];
-        for (j = 0; j < 16; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 16];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 16] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 8 */
-    for (start = 0; start < MLKEM_N; start += 2 * 8) {
-        zeta = zetas[k++];
-        for (j = 0; j < 8; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 8];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 8] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 4 */
-    for (start = 0; start < MLKEM_N; start += 2 * 4) {
-        zeta = zetas[k++];
-        for (j = 0; j < 4; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 4];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 4] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* len = 2 */
-    for (start = 0; start < MLKEM_N; start += 2 * 2) {
-        zeta = zetas[k++];
-        for (j = 0; j < 2; ++j) {
-            sword32 p = (sword32)zeta * r[start + j + 2];
-            sword16 t = MLKEM_MONT_RED(p);
-            sword16 rj = r[start + j];
-            r[start + j + 2] = rj - t;
-            r[start + j] = rj + t;
-        }
-    }
-    /* Reduce coefficients with quick algorithm. */
-    for (j = 0; j < MLKEM_N; ++j) {
-        sword16 t = a[j] + r[j];
-        a[j] = MLKEM_BARRETT_RED(t);
-    }
-#else /* !WOLFSSL_MLKEM_NTT_UNROLL */
-    /* Unroll len (2, 3, 2) and start loops. */
-    unsigned int j;
-    sword16 t0;
-    sword16 t1;
-    sword16 t2;
-    sword16 t3;
-
-    /* len = 128,64 */
-    sword16 zeta128 = zetas[1];
-    sword16 zeta64_0 = zetas[2];
-    sword16 zeta64_1 = zetas[3];
-    for (j = 0; j < MLKEM_N / 8; j++) {
-        sword16 r0 = r[j +   0];
-        sword16 r1 = r[j +  32];
-        sword16 r2 = r[j +  64];
-        sword16 r3 = r[j +  96];
-        sword16 r4 = r[j + 128];
-        sword16 r5 = r[j + 160];
-        sword16 r6 = r[j + 192];
-        sword16 r7 = r[j + 224];
-
-        t0 = MLKEM_MONT_RED((sword32)zeta128 * r4);
-        t1 = MLKEM_MONT_RED((sword32)zeta128 * r5);
-        t2 = MLKEM_MONT_RED((sword32)zeta128 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta128 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = MLKEM_MONT_RED((sword32)zeta64_0 * r2);
-        t1 = MLKEM_MONT_RED((sword32)zeta64_0 * r3);
-        t2 = MLKEM_MONT_RED((sword32)zeta64_1 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta64_1 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        r[j +   0] = r0;
-        r[j +  32] = r1;
-        r[j +  64] = r2;
-        r[j +  96] = r3;
-        r[j + 128] = r4;
-        r[j + 160] = r5;
-        r[j + 192] = r6;
-        r[j + 224] = r7;
-    }
-
-    /* len = 32,16,8 */
-    for (j = 0; j < MLKEM_N; j += 64) {
-        int i;
-        sword16 zeta32   = zetas[ 4 + j / 64 + 0];
-        sword16 zeta16_0 = zetas[ 8 + j / 32 + 0];
-        sword16 zeta16_1 = zetas[ 8 + j / 32 + 1];
-        sword16 zeta8_0  = zetas[16 + j / 16 + 0];
-        sword16 zeta8_1  = zetas[16 + j / 16 + 1];
-        sword16 zeta8_2  = zetas[16 + j / 16 + 2];
-        sword16 zeta8_3  = zetas[16 + j / 16 + 3];
-        for (i = 0; i < 8; i++) {
-            sword16 r0 = r[j + i +  0];
-            sword16 r1 = r[j + i +  8];
-            sword16 r2 = r[j + i + 16];
-            sword16 r3 = r[j + i + 24];
-            sword16 r4 = r[j + i + 32];
-            sword16 r5 = r[j + i + 40];
-            sword16 r6 = r[j + i + 48];
-            sword16 r7 = r[j + i + 56];
-
-            t0 = MLKEM_MONT_RED((sword32)zeta32 * r4);
-            t1 = MLKEM_MONT_RED((sword32)zeta32 * r5);
-            t2 = MLKEM_MONT_RED((sword32)zeta32 * r6);
-            t3 = MLKEM_MONT_RED((sword32)zeta32 * r7);
-            r4 = r0 - t0;
-            r5 = r1 - t1;
-            r6 = r2 - t2;
-            r7 = r3 - t3;
-            r0 += t0;
-            r1 += t1;
-            r2 += t2;
-            r3 += t3;
-
-            t0 = MLKEM_MONT_RED((sword32)zeta16_0 * r2);
-            t1 = MLKEM_MONT_RED((sword32)zeta16_0 * r3);
-            t2 = MLKEM_MONT_RED((sword32)zeta16_1 * r6);
-            t3 = MLKEM_MONT_RED((sword32)zeta16_1 * r7);
-            r2 = r0 - t0;
-            r3 = r1 - t1;
-            r6 = r4 - t2;
-            r7 = r5 - t3;
-            r0 += t0;
-            r1 += t1;
-            r4 += t2;
-            r5 += t3;
-
-            t0 = MLKEM_MONT_RED((sword32)zeta8_0 * r1);
-            t1 = MLKEM_MONT_RED((sword32)zeta8_1 * r3);
-            t2 = MLKEM_MONT_RED((sword32)zeta8_2 * r5);
-            t3 = MLKEM_MONT_RED((sword32)zeta8_3 * r7);
-            r1 = r0 - t0;
-            r3 = r2 - t1;
-            r5 = r4 - t2;
-            r7 = r6 - t3;
-            r0 += t0;
-            r2 += t1;
-            r4 += t2;
-            r6 += t3;
-
-            r[j + i +  0] = r0;
-            r[j + i +  8] = r1;
-            r[j + i + 16] = r2;
-            r[j + i + 24] = r3;
-            r[j + i + 32] = r4;
-            r[j + i + 40] = r5;
-            r[j + i + 48] = r6;
-            r[j + i + 56] = r7;
-        }
-    }
-
-    /* len = 4,2 and Final reduction */
-    for (j = 0; j < MLKEM_N; j += 8) {
-        sword16 zeta4  = zetas[32 + j / 8 + 0];
-        sword16 zeta2_0 = zetas[64 + j / 4 + 0];
-        sword16 zeta2_1 = zetas[64 + j / 4 + 1];
-        sword16 r0 = r[j + 0];
-        sword16 r1 = r[j + 1];
-        sword16 r2 = r[j + 2];
-        sword16 r3 = r[j + 3];
-        sword16 r4 = r[j + 4];
-        sword16 r5 = r[j + 5];
-        sword16 r6 = r[j + 6];
-        sword16 r7 = r[j + 7];
-
-        t0 = MLKEM_MONT_RED((sword32)zeta4 * r4);
-        t1 = MLKEM_MONT_RED((sword32)zeta4 * r5);
-        t2 = MLKEM_MONT_RED((sword32)zeta4 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta4 * r7);
-        r4 = r0 - t0;
-        r5 = r1 - t1;
-        r6 = r2 - t2;
-        r7 = r3 - t3;
-        r0 += t0;
-        r1 += t1;
-        r2 += t2;
-        r3 += t3;
-
-        t0 = MLKEM_MONT_RED((sword32)zeta2_0 * r2);
-        t1 = MLKEM_MONT_RED((sword32)zeta2_0 * r3);
-        t2 = MLKEM_MONT_RED((sword32)zeta2_1 * r6);
-        t3 = MLKEM_MONT_RED((sword32)zeta2_1 * r7);
-        r2 = r0 - t0;
-        r3 = r1 - t1;
-        r6 = r4 - t2;
-        r7 = r5 - t3;
-        r0 += t0;
-        r1 += t1;
-        r4 += t2;
-        r5 += t3;
-
-        r0 += a[j + 0];
-        r1 += a[j + 1];
-        r2 += a[j + 2];
-        r3 += a[j + 3];
-        r4 += a[j + 4];
-        r5 += a[j + 5];
-        r6 += a[j + 6];
-        r7 += a[j + 7];
-
-        a[j + 0] = MLKEM_BARRETT_RED(r0);
-        a[j + 1] = MLKEM_BARRETT_RED(r1);
-        a[j + 2] = MLKEM_BARRETT_RED(r2);
-        a[j + 3] = MLKEM_BARRETT_RED(r3);
-        a[j + 4] = MLKEM_BARRETT_RED(r4);
-        a[j + 5] = MLKEM_BARRETT_RED(r5);
-        a[j + 6] = MLKEM_BARRETT_RED(r6);
-        a[j + 7] = MLKEM_BARRETT_RED(r7);
-    }
-#endif /* !WOLFSSL_MLKEM_NTT_UNROLL */
-}
-#endif /* !WOLFSSL_MLKEM_SMALL && !WOLFSSL_MLKEM_NO_LARGE_CODE */
-
-#ifndef WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
-/* Generate a public-private key pair from randomly generated data.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   16: s_hat <- NTT(s)
- *   17: e_hat <- NTT(e)
- *   18: t^hat <- A_hat o s_hat + e_hat
- *   ...
- *
- * @param  [in, out]  s  Private key vector of polynomials.
- * @param  [out]      t  Public key vector of polynomials.
- * @param  [in]       e  Error values as a vector of polynomials. Modified.
- * @param  [in]       a  Random values in an array of vectors of polynomials.
- * @param  [in]       k  Number of polynomials in vector.
- */
-static void mlkem_keygen_c(sword16* s, sword16* t, sword16* e, const sword16* a,
-    int k)
-{
-    int i;
-
-    /* Transform private key. All of result used in public key calculation
-     * Step 16: s_hat = NTT(s) */
-    for (i = 0; i < k; ++i) {
-        mlkem_ntt(s + i * MLKEM_N);
-    }
-
-    /* For each polynomial in the vectors.
-     * Step 17, Step 18: Calculate public from A_hat, s_hat and e_hat. */
-    for (i = 0; i < k; ++i) {
-        unsigned int j;
-
-        /* Multiply a by private into public polynomial.
-         * Step 18: ... A_hat o s_hat ... */
-        mlkem_pointwise_acc_mont(t + i * MLKEM_N, a + i * k * MLKEM_N, s, k);
-        /* Convert public polynomial to Montgomery form.
-         * Step 18: ... MontRed(A_hat o s_hat) ... */
-        for (j = 0; j < MLKEM_N; ++j) {
-            sword32 n = t[i * MLKEM_N + j] * (sword32)MLKEM_F;
-            t[i * MLKEM_N + j] = MLKEM_MONT_RED(n);
-        }
-        /* Transform error values polynomial.
-         * Step 17: e_hat = NTT(e) */
-#if defined(WOLFSSL_MLKEM_SMALL) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-        mlkem_ntt(e + i * MLKEM_N);
-        /* Add errors to public key and reduce.
-         * Step 18: t_hat = BarrettRed(MontRed(A_hat o s_hat) + e_hat) */
-        for (j = 0; j < MLKEM_N; ++j) {
-            sword16 n = t[i * MLKEM_N + j] + e[i * MLKEM_N + j];
-            t[i * MLKEM_N + j] = MLKEM_BARRETT_RED(n);
-        }
-#else
-        /* Add errors to public key and reduce.
-         * Step 18: t_hat = BarrettRed(MontRed(A_hat o s_hat) + e_hat) */
-        mlkem_ntt_add_to(e + i * MLKEM_N, t + i * MLKEM_N);
-#endif
-    }
-}
-
-/* Generate a public-private key pair from randomly generated data.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   16: s_hat <- NTT(s)
- *   17: e_hat <- NTT(e)
- *   18: t^hat <- A_hat o s_hat + e_hat
- *   ...
- *
- * @param  [in, out]  s  Private key vector of polynomials.
- * @param  [out]      t  Public key vector of polynomials.
- * @param  [in]       e  Error values as a vector of polynomials. Modified.
- * @param  [in]       a  Random values in an array of vectors of polynomials.
- * @param  [in]       k  Number of polynomials in vector.
- */
-void mlkem_keygen(sword16* s, sword16* t, sword16* e, const sword16* a, int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if ((IS_INTEL_AVX2(cpuid_flags)) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        /* Alg 13: Steps 16-18 */
-        mlkem_keygen_avx2(s, t, e, a, k);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        /* Alg 13: Steps 16-18 */
-        mlkem_keygen_c(s, t, e, a, k);
-    }
-}
-
-#else /* WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM */
-
-/* Generate a public-private key pair from randomly generated data.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   3: for (i <- 0; i < k; i++)                         > generate matrix A_hat
- *   ... (generate A[i])
- *   7: end for
- *   ...
- *   9:      s[i] <- SamplePolyCBD_eta_1(PRF_eta_1(rho, N))
- *   ...
- *  16: s_hat <- NTT(s)
- *  17: e_hat <- NTT(e)
- *  18: t^hat <- A_hat o s_hat + e_hat
- *   ...
- *
- * @param  [in, out]  s      Private key vector of polynomials.
- * @param  [out]      tv     Public key vector of polynomials.
- * @param  [in]       prf    XOF object.
- * @param  [in]       tv     Temporary vector of polynomials.
- * @param  [in]       k      Number of polynomials in vector.
- * @param  [in]       rho    Random seed to generate matrix A from.
- * @param  [in]       sigma  Random seed to generate noise from.
- */
-int mlkem_keygen_seeds(sword16* s, sword16* t, MLKEM_PRF_T* prf,
-    sword16* tv, int k, byte* rho, byte* sigma)
-{
-    int i;
-    int ret = 0;
-    sword16* ai = tv;
-    sword16* e = tv;
-
-    /* Transform private key. All of result used in public key calculation
-     * Step 16: s_hat = NTT(s) */
-    for (i = 0; i < k; ++i) {
-        mlkem_ntt(s + i * MLKEM_N);
-    }
-
-    /* For each polynomial in the vectors.
-     * Step 17, Step 18: Calculate public from A_hat, s_hat and e_hat. */
-    for (i = 0; i < k; ++i) {
-        unsigned int j;
-
-        /* Generate a vector of matrix A.
-         * Steps 4-6: generate A[i] */
-        ret = mlkem_gen_matrix_i(prf, ai, k, rho, i, 0);
-        if (ret != 0) {
-           break;
-        }
-
-        /* Multiply a by private into public polynomial.
-         * Step 18: ... A_hat o s_hat ... */
-        mlkem_pointwise_acc_mont(t + i * MLKEM_N, ai, s, k);
-        /* Convert public polynomial to Montgomery form.
-         * Step 18: ... MontRed(A_hat o s_hat) ... */
-        for (j = 0; j < MLKEM_N; ++j) {
-            sword32 n = t[i * MLKEM_N + j] * (sword32)MLKEM_F;
-            t[i * MLKEM_N + j] = MLKEM_MONT_RED(n);
-        }
-
-        /* Generate noise using PRF.
-         * Step 9: s[i] <- SamplePolyCBD_eta_1(PRF_eta_1(rho, N)) */
-        ret = mlkem_get_noise_i(prf, k, e, sigma, i, 1);
-        if (ret != 0) {
-           break;
-        }
-        /* Transform error values polynomial.
-         * Step 17: e_hat = NTT(e) */
-#if defined(WOLFSSL_MLKEM_SMALL) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-        mlkem_ntt(e);
-        /* Add errors to public key and reduce.
-         * Step 18: t_hat = BarrettRed(MontRed(A_hat o s_hat) + e_hat) */
-        for (j = 0; j < MLKEM_N; ++j) {
-            sword16 n = t[i * MLKEM_N + j] + e[j];
-            t[i * MLKEM_N + j] = MLKEM_BARRETT_RED(n);
-        }
-#else
-        /* Add errors to public key and reduce.
-         * Step 18: t_hat = BarrettRed(MontRed(A_hat o s_hat) + e_hat) */
-        mlkem_ntt_add_to(e, t + i * MLKEM_N);
-#endif
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM */
-#endif /* !WOLFSSL_MLKEM_NO_MAKE_KEY */
-
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-#ifndef WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM
-/* Encapsulate message.
- *
- * @param  [in]   pub  Public key vector of polynomials.
- * @param  [out]  u    Vector of polynomials.
- * @param  [out]  v    Polynomial.
- * @param  [in]   a    Array of vector of polynomials.
- * @param  [in]   y    Vector of polynomials.
- * @param  [in]   e1   Error Vector of polynomials.
- * @param  [in]   e2   Error polynomial.
- * @param  [in]   m    Message polynomial.
- * @param  [in]   k    Number of polynomials in vector.
- * @return  0 on success.
- */
-static void mlkem_encapsulate_c(const sword16* pub, sword16* u, sword16* v,
-    const sword16* a, sword16* y, const sword16* e1, const sword16* e2,
-    const sword16* m, int k)
-{
-    int i;
-
-    /* Transform y. All of result used in calculation of u and v. */
-    for (i = 0; i < k; ++i) {
-        mlkem_ntt(y + i * MLKEM_N);
-    }
-
-    /* For each polynomial in the vectors. */
-    for (i = 0; i < k; ++i) {
-        unsigned int j;
-
-        /* Multiply at by y into u polynomial. */
-        mlkem_pointwise_acc_mont(u + i * MLKEM_N, a + i * k * MLKEM_N, y, k);
-        /* Inverse transform u polynomial. */
-        mlkem_invntt(u + i * MLKEM_N);
-        /* Add errors to u and reduce. */
-#if defined(WOLFSSL_MLKEM_SMALL) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-        for (j = 0; j < MLKEM_N; ++j) {
-            sword16 t = u[i * MLKEM_N + j] + e1[i * MLKEM_N + j];
-            u[i * MLKEM_N + j] = MLKEM_BARRETT_RED(t);
-        }
-#else
-        for (j = 0; j < MLKEM_N; j += 8) {
-            sword16 t0 = u[i * MLKEM_N + j + 0] + e1[i * MLKEM_N + j + 0];
-            sword16 t1 = u[i * MLKEM_N + j + 1] + e1[i * MLKEM_N + j + 1];
-            sword16 t2 = u[i * MLKEM_N + j + 2] + e1[i * MLKEM_N + j + 2];
-            sword16 t3 = u[i * MLKEM_N + j + 3] + e1[i * MLKEM_N + j + 3];
-            sword16 t4 = u[i * MLKEM_N + j + 4] + e1[i * MLKEM_N + j + 4];
-            sword16 t5 = u[i * MLKEM_N + j + 5] + e1[i * MLKEM_N + j + 5];
-            sword16 t6 = u[i * MLKEM_N + j + 6] + e1[i * MLKEM_N + j + 6];
-            sword16 t7 = u[i * MLKEM_N + j + 7] + e1[i * MLKEM_N + j + 7];
-            u[i * MLKEM_N + j + 0] = MLKEM_BARRETT_RED(t0);
-            u[i * MLKEM_N + j + 1] = MLKEM_BARRETT_RED(t1);
-            u[i * MLKEM_N + j + 2] = MLKEM_BARRETT_RED(t2);
-            u[i * MLKEM_N + j + 3] = MLKEM_BARRETT_RED(t3);
-            u[i * MLKEM_N + j + 4] = MLKEM_BARRETT_RED(t4);
-            u[i * MLKEM_N + j + 5] = MLKEM_BARRETT_RED(t5);
-            u[i * MLKEM_N + j + 6] = MLKEM_BARRETT_RED(t6);
-            u[i * MLKEM_N + j + 7] = MLKEM_BARRETT_RED(t7);
-        }
-#endif
-    }
-
-    /* Multiply public key by y into v polynomial. */
-    mlkem_pointwise_acc_mont(v, pub, y, k);
-    /* Inverse transform v. */
-    mlkem_invntt(v);
-    /* Add errors and message to v and reduce. */
-    for (i = 0; i < MLKEM_N; ++i) {
-        sword16 t = v[i] + e2[i] + m[i];
-        v[i] = MLKEM_BARRETT_RED(t);
-    }
-}
-
-/* Encapsulate message.
- *
- * @param  [in]   pub  Public key vector of polynomials.
- * @param  [out]  u    Vector of polynomials.
- * @param  [out]  v    Polynomial.
- * @param  [in]   a    Array of vector of polynomials.
- * @param  [in]   y    Vector of polynomials.
- * @param  [in]   e1   Error Vector of polynomials.
- * @param  [in]   e2   Error polynomial.
- * @param  [in]   m    Message polynomial.
- * @param  [in]   k    Number of polynomials in vector.
- * @return  0 on success.
- */
-void mlkem_encapsulate(const sword16* pub, sword16* u, sword16* v,
-    const sword16* a, sword16* y, const sword16* e1, const sword16* e2,
-    const sword16* m, int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_encapsulate_avx2(pub, u, v, a, y, e1, e2, m, k);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_encapsulate_c(pub, u, v, a, y, e1, e2, m, k);
-    }
-}
-
-#else
-
-/* Encapsulate message.
- *
- * @param  [in]       pub    Public key vector of polynomials.
- * @param  [in]       prf    XOF object.
- * @param  [out]      u      Vector of polynomials.
- * @param  [in, out]  tp     Polynomial.
- * @param  [in]       y      Vector of polynomials.
- * @param  [in]       k      Number of polynomials in vector.
- * @param  [in]       msg    Message to encapsulate.
- * @param  [in]       seed   Random seed to generate matrix A from.
- * @param  [in]       coins  Random seed to generate noise from.
- */
-int mlkem_encapsulate_seeds(const sword16* pub, MLKEM_PRF_T* prf, sword16* u,
-    sword16* tp, sword16* y, int k, const byte* msg, byte* seed, byte* coins)
-{
-    int ret = 0;
-    int i;
-    sword16* a = tp;
-    sword16* e1 = tp;
-    sword16* v = tp;
-    sword16* e2 = tp + MLKEM_N;
-    sword16* m = y;
-
-    /* Transform y. All of result used in calculation of u and v. */
-    for (i = 0; i < k; ++i) {
-        mlkem_ntt(y + i * MLKEM_N);
-    }
-
-    /* For each polynomial in the vectors. */
-    for (i = 0; i < k; ++i) {
-        unsigned int j;
-
-        /* Generate a vector of matrix A. */
-        ret = mlkem_gen_matrix_i(prf, a, k, seed, i, 1);
-        if (ret != 0) {
-           break;
-        }
-
-        /* Multiply at by y into u polynomial. */
-        mlkem_pointwise_acc_mont(u + i * MLKEM_N, a, y, k);
-        /* Inverse transform u polynomial. */
-        mlkem_invntt(u + i * MLKEM_N);
-
-        /* Generate noise using PRF. */
-        ret = mlkem_get_noise_i(prf, k, e1, coins, i, 0);
-        if (ret != 0) {
-           break;
-        }
-        /* Add errors to u and reduce. */
-#if defined(WOLFSSL_MLKEM_SMALL) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-        for (j = 0; j < MLKEM_N; ++j) {
-            sword16 t = u[i * MLKEM_N + j] + e1[j];
-            u[i * MLKEM_N + j] = MLKEM_BARRETT_RED(t);
-        }
-#else
-        for (j = 0; j < MLKEM_N; j += 8) {
-            sword16 t0 = u[i * MLKEM_N + j + 0] + e1[j + 0];
-            sword16 t1 = u[i * MLKEM_N + j + 1] + e1[j + 1];
-            sword16 t2 = u[i * MLKEM_N + j + 2] + e1[j + 2];
-            sword16 t3 = u[i * MLKEM_N + j + 3] + e1[j + 3];
-            sword16 t4 = u[i * MLKEM_N + j + 4] + e1[j + 4];
-            sword16 t5 = u[i * MLKEM_N + j + 5] + e1[j + 5];
-            sword16 t6 = u[i * MLKEM_N + j + 6] + e1[j + 6];
-            sword16 t7 = u[i * MLKEM_N + j + 7] + e1[j + 7];
-            u[i * MLKEM_N + j + 0] = MLKEM_BARRETT_RED(t0);
-            u[i * MLKEM_N + j + 1] = MLKEM_BARRETT_RED(t1);
-            u[i * MLKEM_N + j + 2] = MLKEM_BARRETT_RED(t2);
-            u[i * MLKEM_N + j + 3] = MLKEM_BARRETT_RED(t3);
-            u[i * MLKEM_N + j + 4] = MLKEM_BARRETT_RED(t4);
-            u[i * MLKEM_N + j + 5] = MLKEM_BARRETT_RED(t5);
-            u[i * MLKEM_N + j + 6] = MLKEM_BARRETT_RED(t6);
-            u[i * MLKEM_N + j + 7] = MLKEM_BARRETT_RED(t7);
-        }
-#endif
-    }
-
-    /* Multiply public key by y into v polynomial. */
-    mlkem_pointwise_acc_mont(v, pub, y, k);
-    /* Inverse transform v. */
-    mlkem_invntt(v);
-
-    mlkem_from_msg(m, msg);
-
-    /* Generate noise using PRF. */
-    coins[WC_ML_KEM_SYM_SZ] = 2 * k;
-    ret = mlkem_get_noise_eta2_c(prf, e2, coins);
-    if (ret == 0) {
-        /* Add errors and message to v and reduce. */
-    #if defined(WOLFSSL_MLKEM_SMALL) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE)
-        for (i = 0; i < MLKEM_N; ++i) {
-            sword16 t = v[i] + e2[i] + m[i];
-            v[i] = MLKEM_BARRETT_RED(t);
-        }
-    #else
-        for (i = 0; i < MLKEM_N; i += 8) {
-            sword16 t0 = v[i + 0] + e2[i + 0] + m[i + 0];
-            sword16 t1 = v[i + 1] + e2[i + 1] + m[i + 1];
-            sword16 t2 = v[i + 2] + e2[i + 2] + m[i + 2];
-            sword16 t3 = v[i + 3] + e2[i + 3] + m[i + 3];
-            sword16 t4 = v[i + 4] + e2[i + 4] + m[i + 4];
-            sword16 t5 = v[i + 5] + e2[i + 5] + m[i + 5];
-            sword16 t6 = v[i + 6] + e2[i + 6] + m[i + 6];
-            sword16 t7 = v[i + 7] + e2[i + 7] + m[i + 7];
-            v[i + 0] = MLKEM_BARRETT_RED(t0);
-            v[i + 1] = MLKEM_BARRETT_RED(t1);
-            v[i + 2] = MLKEM_BARRETT_RED(t2);
-            v[i + 3] = MLKEM_BARRETT_RED(t3);
-            v[i + 4] = MLKEM_BARRETT_RED(t4);
-            v[i + 5] = MLKEM_BARRETT_RED(t5);
-            v[i + 6] = MLKEM_BARRETT_RED(t6);
-            v[i + 7] = MLKEM_BARRETT_RED(t7);
-        }
-    #endif
-    }
-
-    return ret;
-}
-#endif
-#endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE || !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-
-/* Decapsulate message.
- *
- * FIPS 203, Algorithm 15: K-PKE.Decrypt(dk_PKE,c)
- * Uses the decryption key to decrypt a ciphertext.
- *   ...
- *   6: w <- v' - InvNTT(s_hat_trans o NTT(u'))
- *   ...
- *
- * @param  [in]   s  Private key vector of polynomials.
- * @param  [out]  w  Message polynomial.
- * @param  [in]   u  Vector of polynomials containing error.
- * @param  [in]   v  Encapsulated message polynomial.
- * @param  [in]   k  Number of polynomials in vector.
- */
-static void mlkem_decapsulate_c(const sword16* s, sword16* w, sword16* u,
-    const sword16* v, int k)
-{
-    int i;
-
-    /* Transform u. All of result used in calculation of w.
-     * Step 6: ... NTT(u') */
-    for (i = 0; i < k; ++i) {
-        mlkem_ntt(u + i * MLKEM_N);
-    }
-
-    /* Multiply private key by u into w polynomial.
-     * Step 6: ... s_hat_trans o NTT(u') */
-    mlkem_pointwise_acc_mont(w, s, u, k);
-    /* Inverse transform w.
-     * Step 6: ... InvNTT(s_hat_trans o NTT(u')) */
-    mlkem_invntt(w);
-    /* Subtract errors (in w) out of v and reduce into w.
-     * Step 6: w <- v' - InvNTT(s_hat_trans o NTT(u')) */
-    for (i = 0; i < MLKEM_N; ++i) {
-        sword16 t = v[i] - w[i];
-        w[i] = MLKEM_BARRETT_RED(t);
-    }
-}
-
-/* Decapsulate message.
- *
- * FIPS 203, Algorithm 15: K-PKE.Decrypt(dk_PKE,c)
- * Uses the decryption key to decrypt a ciphertext.
- *   ...
- *   6: w <- v' - InvNTT(s_hat_trans o NTT(u'))
- *   ...
- *
- * @param  [in]   s  Private key vector of polynomials.
- * @param  [out]  w  Message polynomial.
- * @param  [in]   u  Vector of polynomials containing error.
- * @param  [in]   v   Encapsulated message polynomial.
- * @param  [in]   k   Number of polynomials in vector.
- */
-void mlkem_decapsulate(const sword16* s, sword16* w, sword16* u,
-    const sword16* v, int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_decapsulate_avx2(s, w, u, v, k);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_decapsulate_c(s, w, u, v, k);
-    }
-}
-
-#endif /* !WOLFSSL_MLKEM_ NO_DECAPSULATE */
-#endif
-
-/******************************************************************************/
-
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_k2_avx2(sword16* a, byte* seed, int transposed)
-{
-    int i;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * GEN_MATRIX_SIZE + 2];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * GEN_MATRIX_SIZE + 2, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    rand[4 * GEN_MATRIX_SIZE + 0] = 0xff;
-    rand[4 * GEN_MATRIX_SIZE + 1] = 0xff;
-
-    if (!transposed) {
-        state[4*4 + 0] = 0x1f0000 + 0x000;
-        state[4*4 + 1] = 0x1f0000 + 0x001;
-        state[4*4 + 2] = 0x1f0000 + 0x100;
-        state[4*4 + 3] = 0x1f0000 + 0x101;
-    }
-    else {
-        state[4*4 + 0] = 0x1f0000 + 0x000;
-        state[4*4 + 1] = 0x1f0000 + 0x100;
-        state[4*4 + 2] = 0x1f0000 + 0x001;
-        state[4*4 + 3] = 0x1f0000 + 0x101;
-    }
-
-    sha3_128_blocksx4_seed_avx2(state, seed);
-    mlkem_redistribute_21_rand_avx2(state, rand + 0 * GEN_MATRIX_SIZE,
-        rand + 1 * GEN_MATRIX_SIZE, rand + 2 * GEN_MATRIX_SIZE,
-        rand + 3 * GEN_MATRIX_SIZE);
-    for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-        sha3_blocksx4_avx2(state);
-        mlkem_redistribute_21_rand_avx2(state, rand + i + 0 * GEN_MATRIX_SIZE,
-            rand + i + 1 * GEN_MATRIX_SIZE, rand + i + 2 * GEN_MATRIX_SIZE,
-            rand + i + 3 * GEN_MATRIX_SIZE);
-    }
-
-    /* Sample random bytes to create a polynomial. */
-    p = rand;
-    ctr0 = mlkem_rej_uniform_n_avx2(a + 0 * MLKEM_N, MLKEM_N, p,
-        GEN_MATRIX_SIZE);
-    p += GEN_MATRIX_SIZE;
-    ctr1 = mlkem_rej_uniform_n_avx2(a + 1 * MLKEM_N, MLKEM_N, p,
-        GEN_MATRIX_SIZE);
-    p += GEN_MATRIX_SIZE;
-    ctr2 = mlkem_rej_uniform_n_avx2(a + 2 * MLKEM_N, MLKEM_N, p,
-        GEN_MATRIX_SIZE);
-    p += GEN_MATRIX_SIZE;
-    ctr3 = mlkem_rej_uniform_n_avx2(a + 3 * MLKEM_N, MLKEM_N, p,
-        GEN_MATRIX_SIZE);
-    /* Create more blocks if too many rejected. */
-    while ((ctr0 < MLKEM_N) || (ctr1 < MLKEM_N) || (ctr2 < MLKEM_N) ||
-           (ctr3 < MLKEM_N)) {
-        sha3_blocksx4_avx2(state);
-        mlkem_redistribute_21_rand_avx2(state, rand + 0 * GEN_MATRIX_SIZE,
-            rand + 1 * GEN_MATRIX_SIZE, rand + 2 * GEN_MATRIX_SIZE,
-            rand + 3 * GEN_MATRIX_SIZE);
-
-        p = rand;
-        ctr0 += mlkem_rej_uniform_avx2(a + 0 * MLKEM_N + ctr0, MLKEM_N - ctr0,
-            p, XOF_BLOCK_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr1 += mlkem_rej_uniform_avx2(a + 1 * MLKEM_N + ctr1, MLKEM_N - ctr1,
-            p, XOF_BLOCK_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr2 += mlkem_rej_uniform_avx2(a + 2 * MLKEM_N + ctr2, MLKEM_N - ctr2,
-            p, XOF_BLOCK_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr3 += mlkem_rej_uniform_avx2(a + 3 * MLKEM_N + ctr3, MLKEM_N - ctr3,
-            p, XOF_BLOCK_SIZE);
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_k3_avx2(sword16* a, byte* seed, int transposed)
-{
-    int i;
-    int k;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * GEN_MATRIX_SIZE + 2];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * GEN_MATRIX_SIZE + 2, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    rand[4 * GEN_MATRIX_SIZE + 0] = 0xff;
-    rand[4 * GEN_MATRIX_SIZE + 1] = 0xff;
-
-    for (k = 0; k < 2; k++) {
-        for (i = 0; i < 4; i++) {
-            if (!transposed) {
-                state[4*4 + i] = 0x1f0000 + (((k*4+i)/3) << 8) + ((k*4+i)%3);
-            }
-            else {
-                state[4*4 + i] = 0x1f0000 + (((k*4+i)%3) << 8) + ((k*4+i)/3);
-            }
-        }
-
-        sha3_128_blocksx4_seed_avx2(state, seed);
-        mlkem_redistribute_21_rand_avx2(state,
-            rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-            rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-        for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-            sha3_blocksx4_avx2(state);
-            mlkem_redistribute_21_rand_avx2(state,
-                rand + i + 0 * GEN_MATRIX_SIZE, rand + i + 1 * GEN_MATRIX_SIZE,
-                rand + i + 2 * GEN_MATRIX_SIZE, rand + i + 3 * GEN_MATRIX_SIZE);
-        }
-
-        /* Sample random bytes to create a polynomial. */
-        p = rand;
-        ctr0 = mlkem_rej_uniform_n_avx2(a + 0 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr1 = mlkem_rej_uniform_n_avx2(a + 1 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr2 = mlkem_rej_uniform_n_avx2(a + 2 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr3 = mlkem_rej_uniform_n_avx2(a + 3 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLKEM_N) || (ctr1 < MLKEM_N) || (ctr2 < MLKEM_N) ||
-               (ctr3 < MLKEM_N)) {
-            sha3_blocksx4_avx2(state);
-            mlkem_redistribute_21_rand_avx2(state, rand + 0 * GEN_MATRIX_SIZE,
-                rand + 1 * GEN_MATRIX_SIZE, rand + 2 * GEN_MATRIX_SIZE,
-                rand + 3 * GEN_MATRIX_SIZE);
-
-            p = rand;
-            ctr0 += mlkem_rej_uniform_avx2(a + 0 * MLKEM_N + ctr0,
-                MLKEM_N - ctr0, p, XOF_BLOCK_SIZE);
-            p += GEN_MATRIX_SIZE;
-            ctr1 += mlkem_rej_uniform_avx2(a + 1 * MLKEM_N + ctr1,
-                MLKEM_N - ctr1, p, XOF_BLOCK_SIZE);
-            p += GEN_MATRIX_SIZE;
-            ctr2 += mlkem_rej_uniform_avx2(a + 2 * MLKEM_N + ctr2,
-                MLKEM_N - ctr2, p, XOF_BLOCK_SIZE);
-            p += GEN_MATRIX_SIZE;
-            ctr3 += mlkem_rej_uniform_avx2(a + 3 * MLKEM_N + ctr3,
-                MLKEM_N - ctr3, p, XOF_BLOCK_SIZE);
-        }
-
-        a += 4 * MLKEM_N;
-    }
-
-    readUnalignedWords64(state, seed, 4);
-    /* Transposed value same as not. */
-    state[4] = 0x1f0000 + (2 << 8) + 2;
-    XMEMSET(state + 5, 0, sizeof(*state) * (25 - 5));
-    state[20] = W64LIT(0x8000000000000000);
-    for (i = 0; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-#ifndef WC_SHA3_NO_ASM
-        if (IS_INTEL_BMI2(cpuid_flags)) {
-            sha3_block_bmi2(state);
-        }
-        else if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0))
-        {
-            sha3_block_avx2(state);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* !WC_SHA3_NO_ASM */
-        {
-            BlockSha3(state);
-        }
-        XMEMCPY(rand + i, state, SHA3_128_BYTES);
-    }
-    ctr0 = mlkem_rej_uniform_n_avx2(a, MLKEM_N, rand, GEN_MATRIX_SIZE);
-    while (ctr0 < MLKEM_N) {
-#ifndef WC_SHA3_NO_ASM
-        if (IS_INTEL_BMI2(cpuid_flags)) {
-            sha3_block_bmi2(state);
-        }
-        else if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0))
-        {
-            sha3_block_avx2(state);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* !WC_SHA3_NO_ASM */
-        {
-            BlockSha3(state);
-        }
-        XMEMCPY(rand, state, SHA3_128_BYTES);
-        ctr0 += mlkem_rej_uniform_avx2(a + ctr0, MLKEM_N - ctr0, rand,
-            XOF_BLOCK_SIZE);
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_k4_avx2(sword16* a, byte* seed, int transposed)
-{
-    int i;
-    int k;
-#ifdef WOLFSSL_SMALL_STACK
-    byte *rand = NULL;
-    word64 *state = NULL;
-#else
-    byte rand[4 * GEN_MATRIX_SIZE + 2];
-    word64 state[25 * 4];
-#endif
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    unsigned int ctr3;
-    byte* p;
-
-#ifdef WOLFSSL_SMALL_STACK
-    rand = (byte*)XMALLOC(4 * GEN_MATRIX_SIZE + 2, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    state = (word64*)XMALLOC(sizeof(word64) * 25 * 4, NULL,
-                          DYNAMIC_TYPE_TMP_BUFFER);
-    if ((rand == NULL) || (state == NULL)) {
-        XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        return MEMORY_E;
-    }
-#endif
-
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    rand[4 * GEN_MATRIX_SIZE + 0] = 0xff;
-    rand[4 * GEN_MATRIX_SIZE + 1] = 0xff;
-
-    for (k = 0; k < 4; k++) {
-        for (i = 0; i < 4; i++) {
-            if (!transposed) {
-                state[4*4 + i] = 0x1f0000 + (k << 8) + i;
-            }
-            else {
-                state[4*4 + i] = 0x1f0000 + (i << 8) + k;
-            }
-        }
-
-        sha3_128_blocksx4_seed_avx2(state, seed);
-        mlkem_redistribute_21_rand_avx2(state,
-            rand + 0 * GEN_MATRIX_SIZE, rand + 1 * GEN_MATRIX_SIZE,
-            rand + 2 * GEN_MATRIX_SIZE, rand + 3 * GEN_MATRIX_SIZE);
-        for (i = SHA3_128_BYTES; i < GEN_MATRIX_SIZE; i += SHA3_128_BYTES) {
-            sha3_blocksx4_avx2(state);
-            mlkem_redistribute_21_rand_avx2(state,
-                rand + i + 0 * GEN_MATRIX_SIZE, rand + i + 1 * GEN_MATRIX_SIZE,
-                rand + i + 2 * GEN_MATRIX_SIZE, rand + i + 3 * GEN_MATRIX_SIZE);
-        }
-
-        /* Sample random bytes to create a polynomial. */
-        p = rand;
-        ctr0 = mlkem_rej_uniform_n_avx2(a + 0 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr1 = mlkem_rej_uniform_n_avx2(a + 1 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr2 = mlkem_rej_uniform_n_avx2(a + 2 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        p += GEN_MATRIX_SIZE;
-        ctr3 = mlkem_rej_uniform_n_avx2(a + 3 * MLKEM_N, MLKEM_N, p,
-            GEN_MATRIX_SIZE);
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLKEM_N) || (ctr1 < MLKEM_N) || (ctr2 < MLKEM_N) ||
-               (ctr3 < MLKEM_N)) {
-            sha3_blocksx4_avx2(state);
-            mlkem_redistribute_21_rand_avx2(state, rand + 0 * GEN_MATRIX_SIZE,
-                rand + 1 * GEN_MATRIX_SIZE, rand + 2 * GEN_MATRIX_SIZE,
-                rand + 3 * GEN_MATRIX_SIZE);
-
-            p = rand;
-            ctr0 += mlkem_rej_uniform_avx2(a + 0 * MLKEM_N + ctr0,
-                MLKEM_N - ctr0, p, XOF_BLOCK_SIZE);
-            p += GEN_MATRIX_SIZE;
-            ctr1 += mlkem_rej_uniform_avx2(a + 1 * MLKEM_N + ctr1,
-                MLKEM_N - ctr1, p, XOF_BLOCK_SIZE);
-            p += GEN_MATRIX_SIZE;
-            ctr2 += mlkem_rej_uniform_avx2(a + 2 * MLKEM_N + ctr2,
-                MLKEM_N - ctr2, p, XOF_BLOCK_SIZE);
-            p += GEN_MATRIX_SIZE;
-            ctr3 += mlkem_rej_uniform_avx2(a + 3 * MLKEM_N + ctr3,
-                MLKEM_N - ctr3, p, XOF_BLOCK_SIZE);
-        }
-
-        a += 4 * MLKEM_N;
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return 0;
-}
-#endif /* WOLFSSL_KYBER1024 || WOLFSSL_WC_ML_KEM_1024 */
-#elif defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_k2_aarch64(sword16* a, byte* seed, int transposed)
-{
-    word64 state[3 * 25];
-    word64* st = (word64*)state;
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    byte* p;
-
-    if (!transposed) {
-        state[0*25 + 4] = 0x1f0000 + (0 << 8) + 0;
-        state[1*25 + 4] = 0x1f0000 + (0 << 8) + 1;
-        state[2*25 + 4] = 0x1f0000 + (1 << 8) + 0;
-    }
-    else {
-        state[0*25 + 4] = 0x1f0000 + (0 << 8) + 0;
-        state[1*25 + 4] = 0x1f0000 + (1 << 8) + 0;
-        state[2*25 + 4] = 0x1f0000 + (0 << 8) + 1;
-    }
-
-    mlkem_shake128_blocksx3_seed_neon(state, seed);
-    /* Sample random bytes to create a polynomial. */
-    p = (byte*)st;
-    ctr0 = mlkem_rej_uniform_neon(a + 0 * MLKEM_N, MLKEM_N, p, XOF_BLOCK_SIZE);
-    p += 25 * 8;
-    ctr1 = mlkem_rej_uniform_neon(a + 1 * MLKEM_N, MLKEM_N, p, XOF_BLOCK_SIZE);
-    p += 25 * 8;
-    ctr2 = mlkem_rej_uniform_neon(a + 2 * MLKEM_N, MLKEM_N, p, XOF_BLOCK_SIZE);
-    while ((ctr0 < MLKEM_N) || (ctr1 < MLKEM_N) || (ctr2 < MLKEM_N)) {
-        mlkem_sha3_blocksx3_neon(st);
-
-        p = (byte*)st;
-        ctr0 += mlkem_rej_uniform_neon(a + 0 * MLKEM_N + ctr0, MLKEM_N - ctr0,
-            p, XOF_BLOCK_SIZE);
-        p += 25 * 8;
-        ctr1 += mlkem_rej_uniform_neon(a + 1 * MLKEM_N + ctr1, MLKEM_N - ctr1,
-            p, XOF_BLOCK_SIZE);
-        p += 25 * 8;
-        ctr2 += mlkem_rej_uniform_neon(a + 2 * MLKEM_N + ctr2, MLKEM_N - ctr2,
-            p, XOF_BLOCK_SIZE);
-    }
-
-    a += 3 * MLKEM_N;
-
-    readUnalignedWords64(state, seed, 4);
-    /* Transposed value same as not. */
-    state[4] = 0x1f0000 + (1 << 8) + 1;
-    XMEMSET(state + 5, 0, sizeof(*state) * (25 - 5));
-    state[20] = W64LIT(0x8000000000000000);
-    BlockSha3(state);
-    p = (byte*)state;
-    ctr0 = mlkem_rej_uniform_neon(a, MLKEM_N, p, XOF_BLOCK_SIZE);
-    while (ctr0 < MLKEM_N) {
-        BlockSha3(state);
-        ctr0 += mlkem_rej_uniform_neon(a + ctr0, MLKEM_N - ctr0, p,
-            XOF_BLOCK_SIZE);
-    }
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_k3_aarch64(sword16* a, byte* seed, int transposed)
-{
-    int i;
-    int k;
-    word64 state[3 * 25];
-    word64* st = (word64*)state;
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    byte* p;
-
-    for (k = 0; k < 3; k++) {
-        for (i = 0; i < 3; i++) {
-            if (!transposed) {
-                state[i*25 + 4] = 0x1f0000 + ((k << 8) + i);
-            }
-            else {
-                state[i*25 + 4] = 0x1f0000 + ((i << 8) + k);
-            }
-        }
-
-        mlkem_shake128_blocksx3_seed_neon(state, seed);
-        /* Sample random bytes to create a polynomial. */
-        p = (byte*)st;
-        ctr0 = mlkem_rej_uniform_neon(a + 0 * MLKEM_N, MLKEM_N, p,
-            XOF_BLOCK_SIZE);
-        p += 25 * 8;
-        ctr1 = mlkem_rej_uniform_neon(a + 1 * MLKEM_N, MLKEM_N, p,
-            XOF_BLOCK_SIZE);
-        p +=25 * 8;
-        ctr2 = mlkem_rej_uniform_neon(a + 2 * MLKEM_N, MLKEM_N, p,
-            XOF_BLOCK_SIZE);
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLKEM_N) || (ctr1 < MLKEM_N) || (ctr2 < MLKEM_N)) {
-            mlkem_sha3_blocksx3_neon(st);
-
-            p = (byte*)st;
-            ctr0 += mlkem_rej_uniform_neon(a + 0 * MLKEM_N + ctr0,
-                MLKEM_N - ctr0, p, XOF_BLOCK_SIZE);
-            p += 25 * 8;
-            ctr1 += mlkem_rej_uniform_neon(a + 1 * MLKEM_N + ctr1,
-                MLKEM_N - ctr1, p, XOF_BLOCK_SIZE);
-            p += 25 * 8;
-            ctr2 += mlkem_rej_uniform_neon(a + 2 * MLKEM_N + ctr2,
-                MLKEM_N - ctr2, p, XOF_BLOCK_SIZE);
-        }
-
-        a += 3 * MLKEM_N;
-    }
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_k4_aarch64(sword16* a, byte* seed, int transposed)
-{
-    int i;
-    int k;
-    word64 state[3 * 25];
-    word64* st = (word64*)state;
-    unsigned int ctr0;
-    unsigned int ctr1;
-    unsigned int ctr2;
-    byte* p;
-
-    for (k = 0; k < 5; k++) {
-        for (i = 0; i < 3; i++) {
-            byte bi = ((k * 3) + i) / 4;
-            byte bj = ((k * 3) + i) % 4;
-            if (!transposed) {
-                state[i*25 + 4] = 0x1f0000 + (bi << 8) + bj;
-            }
-            else {
-                state[i*25 + 4] = 0x1f0000 + (bj << 8) + bi;
-            }
-        }
-
-        mlkem_shake128_blocksx3_seed_neon(state, seed);
-        /* Sample random bytes to create a polynomial. */
-        p = (byte*)st;
-        ctr0 = mlkem_rej_uniform_neon(a + 0 * MLKEM_N, MLKEM_N, p,
-            XOF_BLOCK_SIZE);
-        p += 25 * 8;
-        ctr1 = mlkem_rej_uniform_neon(a + 1 * MLKEM_N, MLKEM_N, p,
-            XOF_BLOCK_SIZE);
-        p += 25 * 8;
-        ctr2 = mlkem_rej_uniform_neon(a + 2 * MLKEM_N, MLKEM_N, p,
-            XOF_BLOCK_SIZE);
-        /* Create more blocks if too many rejected. */
-        while ((ctr0 < MLKEM_N) || (ctr1 < MLKEM_N) || (ctr2 < MLKEM_N)) {
-            mlkem_sha3_blocksx3_neon(st);
-
-            p = (byte*)st;
-            ctr0 += mlkem_rej_uniform_neon(a + 0 * MLKEM_N + ctr0,
-                MLKEM_N - ctr0, p, XOF_BLOCK_SIZE);
-            p += 25 * 8;
-            ctr1 += mlkem_rej_uniform_neon(a + 1 * MLKEM_N + ctr1,
-                MLKEM_N - ctr1, p, XOF_BLOCK_SIZE);
-            p += 25 * 8;
-            ctr2 += mlkem_rej_uniform_neon(a + 2 * MLKEM_N + ctr2,
-                MLKEM_N - ctr2, p, XOF_BLOCK_SIZE);
-        }
-
-        a += 3 * MLKEM_N;
-    }
-
-    readUnalignedWords64(state, seed, 4);
-    /* Transposed value same as not. */
-    state[4] = 0x1f0000 + (3 << 8) + 3;
-    XMEMSET(state + 5, 0, sizeof(*state) * (25 - 5));
-    state[20] = W64LIT(0x8000000000000000);
-    BlockSha3(state);
-    p = (byte*)state;
-    ctr0 = mlkem_rej_uniform_neon(a, MLKEM_N, p, XOF_BLOCK_SIZE);
-    while (ctr0 < MLKEM_N) {
-        BlockSha3(state);
-        ctr0 += mlkem_rej_uniform_neon(a + ctr0, MLKEM_N - ctr0, p,
-            XOF_BLOCK_SIZE);
-    }
-
-    return 0;
-}
-#endif
-#endif /* USE_INTEL_SPEEDUP */
-
-#if !(defined(WOLFSSL_ARMASM) && defined(__aarch64__))
-/* Absorb the seed data for squeezing out pseudo-random data.
- *
- * FIPS 203, Section 4.1:
- * 1. XOF.init() = SHA128.Init().
- * 2. XOF.Absorb(ctx,str) = SHAKE128.Absorb(ctx,str).
- *
- * @param  [in, out]  shake128  SHAKE-128 object.
- * @param  [in]       seed      Data to absorb.
- * @param  [in]       len       Length of data to absorb in bytes.
- * @return  0 on success always.
- */
-static int mlkem_xof_absorb(wc_Shake* shake128, byte* seed, int len)
-{
-    int ret;
-
-    ret = wc_InitShake128(shake128, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        ret = wc_Shake128_Absorb(shake128, seed, len);
-    }
-
-    return ret;
-}
-
-/* Squeeze the state to produce pseudo-random data.
- *
- * FIPS 203, Section 4.1:
- * 3. XOF.Absorb(ctx,l) = SHAKE128.Squeeze(ctx,8.l).
- *
- * @param  [in, out]  shake128  SHAKE-128 object.
- * @param  [out]      out       Buffer to write to.
- * @param  [in]       blocks    Number of blocks to write.
- * @return  0 on success always.
- */
-static int mlkem_xof_squeezeblocks(wc_Shake* shake128, byte* out, int blocks)
-{
-    return wc_Shake128_SqueezeBlocks(shake128, out, blocks);
-}
-#endif
-
-/* New/Initialize SHA-3 object.
- *
- * FIPS 203, Section 4.1:
- * H(s) := SHA3-256(s)
- *
- * @param  [in, out]  hash    SHA-3 object.
- * @param  [in]       heap    Dynamic memory allocator hint.
- * @param  [in]       devId   Device id.
- * @return  0 on success always.
- */
-int mlkem_hash_new(wc_Sha3* hash, void* heap, int devId)
-{
-    return wc_InitSha3_256(hash, heap, devId);
-}
-
-/* Free SHA-3 object.
- *
- * FIPS 203, Section 4.1:
- * H(s) := SHA3-256(s)
- *
- * @param  [in, out]  hash  SHA-3 object.
- */
-void mlkem_hash_free(wc_Sha3* hash)
-{
-    wc_Sha3_256_Free(hash);
-}
-
-/* Hash data using SHA3-256 with SHA-3 object.
- *
- * FIPS 203, Section 4.1:
- * H(s) := SHA3-256(s)
- *
- * @param  [in, out]  hash     SHA-3 object.
- * @param  [io]       data     Data to be hashed.
- * @param  [in]       dataLen  Length of data in bytes.
- * @param  [out]      out      Hash of data.
- * @return  0 on success.
- */
-int mlkem_hash256(wc_Sha3* hash, const byte* data, word32 dataLen, byte* out)
-{
-    int ret;
-
-    /* Process all data. */
-    ret = wc_Sha3_256_Update(hash, data, dataLen);
-    if (ret == 0) {
-        /* Calculate Hash of data passed in an re-initialize. */
-        ret = wc_Sha3_256_Final(hash, out);
-    }
-
-    return ret;
-}
-
-/* Hash one or two blocks of data using SHA3-512 with SHA-3 object.
- *
- * FIPS 203, Section 4.1:
- * G(s) := SHA3-512(s)
- *
- * @param  [in, out]  hash      SHA-3 object.
- * @param  [io]       data1     First block of data to be hashed.
- * @param  [in]       data1Len  Length of first block of data in bytes.
- * @param  [io]       data2     Second block of data to be hashed. May be NULL.
- * @param  [in]       data2Len  Length of second block of data in bytes.
- * @param  [out]      out       Hash of all data.
- * @return  0 on success.
- */
-int mlkem_hash512(wc_Sha3* hash, const byte* data1, word32 data1Len,
-    const byte* data2, word32 data2Len, byte* out)
-{
-    int ret;
-
-    /* Process first block of data. */
-    ret = wc_Sha3_512_Update(hash, data1, data1Len);
-    /* Check if there is a second block of data. */
-    if ((ret == 0) && (data2Len > 0)) {
-        /* Process second block of data. */
-        ret = wc_Sha3_512_Update(hash, data2, data2Len);
-    }
-    if (ret == 0) {
-        /* Calculate Hash of data passed in an re-initialize. */
-        ret = wc_Sha3_512_Final(hash, out);
-    }
-
-    return ret;
-}
-
-/* Initialize SHAKE-256 object.
- *
- * @param  [in, out]  shake256  SHAKE-256 object.
- */
-void mlkem_prf_init(wc_Shake* prf)
-{
-    wc_InitShake256(prf, NULL, 0);
-}
-
-/* New/Initialize SHAKE-256 object.
- *
- * FIPS 203, Section 4.1:
- * PRF_eta(s,b) := SHA256(s||b,8.64.eta)
- *
- * @param  [in, out]  shake256  SHAKE-256 object.
- * @param  [in]       heap      Dynamic memory allocator hint.
- * @param  [in]       devId     Device id.
- * @return  0 on success always.
- */
-int mlkem_prf_new(wc_Shake* prf, void* heap, int devId)
-{
-    return wc_InitShake256(prf, heap, devId);
-}
-
-/* Free SHAKE-256 object.
- *
- * FIPS 203, Section 4.1:
- * PRF_eta(s,b) := SHA256(s||b,8.64.eta)
- *
- * @param  [in, out]  shake256  SHAKE-256 object.
- */
-void mlkem_prf_free(wc_Shake* prf)
-{
-    wc_Shake256_Free(prf);
-}
-
-#if !(defined(WOLFSSL_ARMASM) && defined(__aarch64__))
-/* Create pseudo-random data from the key using SHAKE-256.
- *
- * FIPS 203, Section 4.1:
- * PRF_eta(s,b) := SHA256(s||b,8.64.eta)
- *
- * @param  [in, out]  shake256  SHAKE-256 object.
- * @param  [out]      out       Buffer to write to.
- * @param  [in]       outLen    Number of bytes to write.
- * @param  [in]       key       Data to derive from. Must be:
- *                                WC_ML_KEM_SYM_SZ + 1 bytes in length.
- * @return  0 on success always.
- */
-static int mlkem_prf(wc_Shake* shake256, byte* out, unsigned int outLen,
-    const byte* key)
-{
-#ifdef USE_INTEL_SPEEDUP
-    word64 state[25];
-
-    (void)shake256;
-
-    /* Put first WC_ML_KEM_SYM_SZ bytes og key into blank state. */
-    readUnalignedWords64(state, key, WC_ML_KEM_SYM_SZ / sizeof(word64));
-    /* Last byte in with end of content marker. */
-    state[WC_ML_KEM_SYM_SZ / 8] = 0x1f00 | key[WC_ML_KEM_SYM_SZ];
-    /* Set rest of state to 0. */
-    XMEMSET(state + WC_ML_KEM_SYM_SZ / 8 + 1, 0,
-        (25 - WC_ML_KEM_SYM_SZ / 8 - 1) * sizeof(word64));
-    /* ... except for rate marker. */
-    state[WC_SHA3_256_COUNT - 1] = W64LIT(0x8000000000000000);
-
-    /* Generate as much output as is required. */
-    while (outLen > 0) {
-        /* Get as much of an output block as is needed. */
-        unsigned int len = min(outLen, WC_SHA3_256_BLOCK_SIZE);
-
-        /* Perform a block operation on the state for next block of output. */
-#ifndef WC_SHA3_NO_ASM
-        if (IS_INTEL_BMI2(cpuid_flags)) {
-            sha3_block_bmi2(state);
-        }
-        else if (IS_INTEL_AVX2(cpuid_flags) &&
-                 (SAVE_VECTOR_REGISTERS2() == 0)) {
-            sha3_block_avx2(state);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-#endif /* !WC_SHA3_NO_ASM */
-        {
-            BlockSha3(state);
-        }
-
-        /* Copy the state as output. */
-        XMEMCPY(out, state, len);
-        /* Update output pointer and length. */
-        out += len;
-        outLen -= len;
-    }
-
-    return 0;
-#else
-    int ret;
-
-    /* Process all data. */
-    ret = wc_Shake256_Update(shake256, key, WC_ML_KEM_SYM_SZ + 1);
-    if (ret == 0) {
-        /* Calculate Hash of data passed in an re-initialize. */
-        ret = wc_Shake256_Final(shake256, out, outLen);
-    }
-
-    return ret;
-#endif
-}
-#endif
-
-#ifdef WOLFSSL_MLKEM_KYBER
-#ifdef USE_INTEL_SPEEDUP
-/* Create pseudo-random key from the seed using SHAKE-256.
- *
- * @param  [in]  seed      Data to derive from.
- * @param  [in]  seedLen   Length of data to derive from in bytes.
- * @param  [out] out       Buffer to write to.
- * @param  [in]  outLen    Number of bytes to derive.
- * @return  0 on success always.
- */
-int mlkem_kdf(byte* seed, int seedLen, byte* out, int outLen)
-{
-    word64 state[25];
-    word32 len64 = seedLen / 8;
-
-    readUnalignedWords64(state, seed, len64);
-    state[len64] = 0x1f;
-    XMEMSET(state + len64 + 1, 0, (25 - len64 - 1) * sizeof(word64));
-    state[WC_SHA3_256_COUNT - 1] = W64LIT(0x8000000000000000);
-
-#ifndef WC_SHA3_NO_ASM
-    if (IS_INTEL_BMI2(cpuid_flags)) {
-        sha3_block_bmi2(state);
-    }
-    else if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        sha3_block_avx2(state);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        BlockSha3(state);
-    }
-    XMEMCPY(out, state, outLen);
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-/* Create pseudo-random key from the seed using SHAKE-256.
- *
- * @param  [in]  seed      Data to derive from.
- * @param  [in]  seedLen   Length of data to derive from in bytes.
- * @param  [out] out       Buffer to write to.
- * @param  [in]  outLen    Number of bytes to derive.
- * @return  0 on success always.
- */
-int mlkem_kdf(byte* seed, int seedLen, byte* out, int outLen)
-{
-    word64 state[25];
-    word32 len64 = seedLen / 8;
-
-    readUnalignedWords64(state, seed, len64);
-    state[len64] = 0x1f;
-    XMEMSET(state + len64 + 1, 0, (25 - len64 - 1) * sizeof(word64));
-    state[WC_SHA3_256_COUNT - 1] = W64LIT(0x8000000000000000);
-
-    BlockSha3(state);
-    XMEMCPY(out, state, outLen);
-
-    return 0;
-}
-#endif
-#endif
-
-#ifndef WOLFSSL_NO_ML_KEM
-/* Derive the secret from z and cipher text.
- *
- * @param [in, out]  shake256  SHAKE-256 object.
- * @param [in]       z         Implicit rejection value.
- * @param [in]       ct        Cipher text.
- * @param [in]       ctSz      Length of cipher text in bytes.
- * @param [out]      ss        Shared secret.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation failed.
- * @return  Other negative when a hash error occurred.
- */
-int mlkem_derive_secret(wc_Shake* shake256, const byte* z, const byte* ct,
-    word32 ctSz, byte* ss)
-{
-    int ret;
-
-#ifdef USE_INTEL_SPEEDUP
-    XMEMCPY(shake256->t, z, WC_ML_KEM_SYM_SZ);
-    XMEMCPY(shake256->t + WC_ML_KEM_SYM_SZ, ct,
-        WC_SHA3_256_COUNT * 8 - WC_ML_KEM_SYM_SZ);
-    shake256->i = WC_ML_KEM_SYM_SZ + WC_SHA3_256_COUNT * 8 - WC_ML_KEM_SYM_SZ;
-    ct += WC_SHA3_256_COUNT * 8 - WC_ML_KEM_SYM_SZ;
-    ctSz -= WC_SHA3_256_COUNT * 8 - WC_ML_KEM_SYM_SZ;
-    ret = wc_Shake256_Update(shake256, ct, ctSz);
-    if (ret == 0) {
-        ret = wc_Shake256_Final(shake256, ss, WC_ML_KEM_SS_SZ);
-    }
-#else
-    ret = wc_InitShake256(shake256, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        ret = wc_Shake256_Update(shake256, z, WC_ML_KEM_SYM_SZ);
-    }
-    if (ret == 0) {
-        ret = wc_Shake256_Update(shake256, ct, ctSz);
-    }
-    if (ret == 0) {
-        ret = wc_Shake256_Final(shake256, ss, WC_ML_KEM_SS_SZ);
-    }
-#endif
-
-    return ret;
-}
-#endif
-
-#if !defined(WOLFSSL_ARMASM)
-/* Rejection sampling on uniform random bytes to generate uniform random
- * integers mod q.
- *
- * FIPS 203, Algorithm 7: SampleNTT(B)
- * Takes a 32-byte seed and two indices as input and outputs a pseudorandom
- * element of T_q.
- *   ...
- *   4: while j < 256 do
- *   5:     (ctx,C) <- XOF.Squeeze(ctx,3)
- *   6:     d1 <- C[0] + 256.(C[1] mod 16)
- *   7:     d2 <- lower(C[1] / 16) + 16.C[2]
- *   8:     if d1 < q then
- *   9:         a_hat[j] <- d1
- *  10:         j <- j + 1
- *  11:     end if
- *  12:     if d2 < q and j < 256 then
- *  13:         a_hat[j] <- d2
- *  14:         j <- j + 1
- *  15:     end if
- *  16: end while
- *  ...
- *
- * @param  [out]  p     Uniform random integers mod q.
- * @param  [in]   len   Maximum number of integers.
- * @param  [in]   r     Uniform random bytes buffer.
- * @param  [in]   rLen  Length of random data in buffer.
- * @return  Number of integers sampled.
- */
-static unsigned int mlkem_rej_uniform_c(sword16* p, unsigned int len,
-    const byte* r, unsigned int rLen)
-{
-    unsigned int i;
-    unsigned int j;
-
-#if defined(WOLFSSL_MLKEM_SMALL) || !defined(WC_64BIT_CPU) || \
-    defined(BIG_ENDIAN_ORDER)
-    /* Keep sampling until maximum number of integers reached or buffer used up.
-     * Step 4. */
-    for (i = 0, j = 0; (i < len) && (j <= rLen - 3); j += 3) {
-        /* Step 5 - caller generates and now using 3 bytes of it. */
-        /* Use 24 bits (3 bytes) as two 12 bits integers. */
-        /* Step 6. */
-        sword16 v0 = ((r[0] >> 0) | ((word16)r[1] << 8)) & 0xFFF;
-        /* Step 7. */
-        sword16 v1 = ((r[1] >> 4) | ((word16)r[2] << 4)) & 0xFFF;
-
-        /* Reject first 12-bit integer if greater than or equal to q.
-         * Step 8 */
-        if (v0 < MLKEM_Q) {
-            /* Steps 9-10 */
-            p[i++] = v0;
-        }
-        /* Check second if we don't have enough integers yet.
-         * Reject second 12-bit integer if greater than or equal to q.
-         * Step 12 */
-        if ((i < len) && (v1 < MLKEM_Q)) {
-            /* Steps 13-14 */
-            p[i++] = v1;
-        }
-
-        /* Move over used bytes. */
-        r += 3;
-    }
-#else
-    /* Unroll loops. Minimal work per loop. */
-    unsigned int minJ;
-
-    /* Calculate minimum number of 6 byte data blocks to get all required
-     * numbers assuming no rejections. */
-    minJ = len / 4 * 6;
-    if (minJ > rLen)
-        minJ = rLen;
-    i = 0;
-    for (j = 0; j < minJ; j += 6) {
-        /* Use 48 bits (6 bytes) as four 12-bit integers. */
-        word64 r_word = readUnalignedWord64(r);
-        sword16 v0 =  r_word        & 0xfff;
-        sword16 v1 = (r_word >> 12) & 0xfff;
-        sword16 v2 = (r_word >> 24) & 0xfff;
-        sword16 v3 = (r_word >> 36) & 0xfff;
-
-        p[i] = v0;
-        i += (v0 < MLKEM_Q);
-        p[i] = v1;
-        i += (v1 < MLKEM_Q);
-        p[i] = v2;
-        i += (v2 < MLKEM_Q);
-        p[i] = v3;
-        i += (v3 < MLKEM_Q);
-
-        /* Move over used bytes. */
-        r += 6;
-    }
-    /* Check whether we have all the numbers we need. */
-    if (j < rLen) {
-        /* Keep trying until we have less than 4 numbers to find or data is used
-         * up. */
-        for (; (i + 4 < len) && (j < rLen); j += 6) {
-            /* Use 48 bits (6 bytes) as four 12-bit integers. */
-            word64 r_word = readUnalignedWord64(r);
-            sword16 v0 =  r_word        & 0xfff;
-            sword16 v1 = (r_word >> 12) & 0xfff;
-            sword16 v2 = (r_word >> 24) & 0xfff;
-            sword16 v3 = (r_word >> 36) & 0xfff;
-
-            p[i] = v0;
-            i += (v0 < MLKEM_Q);
-            p[i] = v1;
-            i += (v1 < MLKEM_Q);
-            p[i] = v2;
-            i += (v2 < MLKEM_Q);
-            p[i] = v3;
-            i += (v3 < MLKEM_Q);
-
-            /* Move over used bytes. */
-            r += 6;
-        }
-        /* Keep trying until we have all the numbers we need or the data is used
-         * up. */
-        for (; (i < len) && (j < rLen); j += 6) {
-            /* Use 48 bits (6 bytes) as four 12-bit integers. */
-            word64 r_word = readUnalignedWord64(r);
-            sword16 v0 =  r_word        & 0xfff;
-            sword16 v1 = (r_word >> 12) & 0xfff;
-            sword16 v2 = (r_word >> 24) & 0xfff;
-            sword16 v3 = (r_word >> 36) & 0xfff;
-
-            /* Reject first 12-bit integer if greater than or equal to q. */
-            if (v0 < MLKEM_Q) {
-                p[i++] = v0;
-            }
-            /* Check second if we don't have enough integers yet.
-             * Reject second 12-bit integer if greater than or equal to q. */
-            if ((i < len) && (v1 < MLKEM_Q)) {
-                p[i++] = v1;
-            }
-            /* Check second if we don't have enough integers yet.
-             * Reject third 12-bit integer if greater than or equal to q. */
-            if ((i < len) && (v2 < MLKEM_Q)) {
-                p[i++] = v2;
-            }
-            /* Check second if we don't have enough integers yet.
-             * Reject fourth 12-bit integer if greater than or equal to q. */
-            if ((i < len) && (v3 < MLKEM_Q)) {
-                p[i++] = v3;
-            }
-
-            /* Move over used bytes. */
-            r += 6;
-        }
-    }
-#endif
-
-    return i;
-}
-#endif
-
-#if !defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM) || \
-    !defined(WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM)
-
-#if !(defined(WOLFSSL_ARMASM) && defined(__aarch64__))
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   3: for (i <- 0; i < k; i++)
- *   4:     for (j <- 0; j < k; j++)
- *   5:         A_hat[i,j] <- SampleNTT(rho||j||i)
- *   6:     end for
- *   7: end for
- *   ...
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *   4: for (i <- 0; i < k; i++)
- *   5:     for (j <- 0; j < k; j++)
- *   6:         A_hat[i,j] <- SampleNTT(rho||j||i)  (Transposed is rho||i||j)
- *   7:     end for
- *   8: end for
- *   ...
- * FIPS 203, Algorithm 7: SampleNTT(B)
- * Takes a 32-byte seed and two indices as input and outputs a pseudorandom
- * element of T_q.
- *   1: ctx <- XOF.init()
- *   2: ctx <- XOF.Absorb(ctx,B)
- *   3: j <- 0
- *   4: while j < 256 do
- *   5:     (ctx,C) <- XOF.Squeeze(ctx,3)
- *   ...
- *  16: end while
- *  17: return a_hat
- *
- * @param  [in]   prf         XOF object.
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   k           Number of dimensions. k x k polynomials.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_c(MLKEM_PRF_T* prf, sword16* a, int k, byte* seed,
-    int transposed)
-{
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    byte* rand;
-#else
-    byte rand[GEN_MATRIX_SIZE + 2];
-#endif
-    byte extSeed[WC_ML_KEM_SYM_SZ + 2];
-    int ret = 0;
-    int i;
-
-    /* Copy seed into buffer than has space for i and j to be appended. */
-    XMEMCPY(extSeed, seed, WC_ML_KEM_SYM_SZ);
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* Allocate large amount of memory to hold random bytes to be samples. */
-    rand = (byte*)XMALLOC(GEN_MATRIX_SIZE + 2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (rand == NULL) {
-        ret = MEMORY_E;
-    }
-#endif
-
-#if !defined(WOLFSSL_MLKEM_SMALL) && defined(WC_64BIT_CPU)
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    if (ret == 0) {
-        rand[GEN_MATRIX_SIZE+0] = 0xff;
-        rand[GEN_MATRIX_SIZE+1] = 0xff;
-    }
-#endif
-
-    /* Generate each vector of polynomials.
-     * Alg 13, Step 3. Alg 14, Step 4. */
-    for (i = 0; (ret == 0) && (i < k); i++, a += k * MLKEM_N) {
-        int j;
-        /* Generate each polynomial in vector from seed with indices.
-         * Alg 13, Step 4. Alg 14, Step 5. */
-        for (j = 0; (ret == 0) && (j < k); j++) {
-            if (transposed) {
-                /* Alg 14, Step 6: .. rho||i||j ... */
-                extSeed[WC_ML_KEM_SYM_SZ + 0] = i;
-                extSeed[WC_ML_KEM_SYM_SZ + 1] = j;
-            }
-            else {
-                /* Alg 13, Step 5: .. rho||j||i ... */
-                extSeed[WC_ML_KEM_SYM_SZ + 0] = j;
-                extSeed[WC_ML_KEM_SYM_SZ + 1] = i;
-            }
-            /* Absorb the index specific seed.
-             * Alg 7, Step 1-2 */
-            ret = mlkem_xof_absorb(prf, extSeed, sizeof(extSeed));
-            if (ret == 0) {
-                /* Create data based on the seed.
-                 * Alg 7, Step 5. Generating enough to, on average, be able to
-                 * get enough valid values. */
-                ret = mlkem_xof_squeezeblocks(prf, rand, GEN_MATRIX_NBLOCKS);
-            }
-            if (ret == 0) {
-                unsigned int ctr;
-
-                /* Sample random bytes to create a polynomial.
-                 * Alg 7, Step 3 - implicitly counter is 0.
-                 * Alg 7, Step 4-16. */
-                ctr = mlkem_rej_uniform_c(a + j * MLKEM_N, MLKEM_N, rand,
-                    GEN_MATRIX_SIZE);
-                /* Create more blocks if too many rejected.
-                 * Alg 7, Step 4. */
-                while (ctr < MLKEM_N) {
-                    /* Alg 7, Step 5. */
-                    mlkem_xof_squeezeblocks(prf, rand, 1);
-                    /* Alg 7, Step 4-16. */
-                    ctr += mlkem_rej_uniform_c(a + j * MLKEM_N + ctr,
-                        MLKEM_N - ctr, rand, XOF_BLOCK_SIZE);
-                }
-            }
-        }
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* Dispose of temporary buffer. */
-    XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return ret;
-}
-#endif
-
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d), Steps 3-7
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r), Steps 4-8
- *
- * @param  [in]   prf         XOF object.
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   k           Number of dimensions. k x k polynomials.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-int mlkem_gen_matrix(MLKEM_PRF_T* prf, sword16* a, int k, byte* seed,
-    int transposed)
-{
-    int ret;
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-    if (k == WC_ML_KEM_512_K) {
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-        ret = mlkem_gen_matrix_k2_aarch64(a, seed, transposed);
-#else
-    #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            ret = mlkem_gen_matrix_k2_avx2(a, seed, transposed);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            ret = mlkem_gen_matrix_c(prf, a, WC_ML_KEM_512_K, seed, transposed);
-        }
-#endif
-    }
-    else
-#endif
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-    if (k == WC_ML_KEM_768_K) {
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-        ret = mlkem_gen_matrix_k3_aarch64(a, seed, transposed);
-#else
-    #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            ret = mlkem_gen_matrix_k3_avx2(a, seed, transposed);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            ret = mlkem_gen_matrix_c(prf, a, WC_ML_KEM_768_K, seed, transposed);
-        }
-#endif
-    }
-    else
-#endif
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-    if (k == WC_ML_KEM_1024_K) {
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-        ret = mlkem_gen_matrix_k4_aarch64(a, seed, transposed);
-#else
-    #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            ret = mlkem_gen_matrix_k4_avx2(a, seed, transposed);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            ret = mlkem_gen_matrix_c(prf, a, WC_ML_KEM_1024_K, seed,
-                transposed);
-        }
-#endif
-    }
-    else
-#endif
-    {
-        ret = BAD_STATE_E;
-    }
-
-    (void)prf;
-
-    return ret;
-}
-
-#endif
-
-#if defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM) || \
-    defined(WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM)
-
-/* Deterministically generate a matrix (or transpose) of uniform integers mod q.
- *
- * Seed used with XOF to generate random bytes.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- * ...
- * 4:     for (j <- 0; j < k; j++)
- * 5:         A_hat[i,j] <- SampleNTT(rho||j||i)
- * 6:     end for
- * ...
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- * ...
- * 5:     for (j <- 0; j < k; j++)
- * 6:         A_hat[i,j] <- SampleNTT(rho||j||i)  (Transposed is rho||i||j)
- * 7:     end for
- * ...
- *
- * @param  [in]   prf         XOF object.
- * @param  [out]  a           Matrix of uniform integers.
- * @param  [in]   k           Number of dimensions. k x k polynomials.
- * @param  [in]   seed        Bytes to seed XOF generation.
- * @param  [in]   i           Index of vector to generate.
- * @param  [in]   transposed  Whether A or A^T is generated.
- * @return  0 on success.
- * @return  MEMORY_E when dynamic memory allocation fails. Only possible when
- * WOLFSSL_SMALL_STACK is defined.
- */
-static int mlkem_gen_matrix_i(MLKEM_PRF_T* prf, sword16* a, int k, byte* seed,
-    int i, int transposed)
-{
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    byte* rand;
-#else
-    byte rand[GEN_MATRIX_SIZE + 2];
-#endif
-    byte extSeed[WC_ML_KEM_SYM_SZ + 2];
-    int ret = 0;
-    int j;
-
-    XMEMCPY(extSeed, seed, WC_ML_KEM_SYM_SZ);
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* Allocate large amount of memory to hold random bytes to be samples. */
-    rand = (byte*)XMALLOC(GEN_MATRIX_SIZE + 2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (rand == NULL) {
-        ret = MEMORY_E;
-    }
-#endif
-
-#if !defined(WOLFSSL_MLKEM_SMALL) && defined(WC_64BIT_CPU)
-    /* Loading 64 bits, only using 48 bits. Loading 2 bytes more than used. */
-    if (ret == 0) {
-        rand[GEN_MATRIX_SIZE+0] = 0xff;
-        rand[GEN_MATRIX_SIZE+1] = 0xff;
-    }
-#endif
-
-    /* Generate each polynomial in vector from seed with indices.
-     * Alg 13, Step 4. Alg 14, Step 5. */
-    for (j = 0; (ret == 0) && (j < k); j++) {
-        if (transposed) {
-            /* Alg 14, Step 6: .. rho||i||j ... */
-            extSeed[WC_ML_KEM_SYM_SZ + 0] = i;
-            extSeed[WC_ML_KEM_SYM_SZ + 1] = j;
-        }
-        else {
-            /* Alg 13, Step 5: .. rho||j||i ... */
-            extSeed[WC_ML_KEM_SYM_SZ + 0] = j;
-            extSeed[WC_ML_KEM_SYM_SZ + 1] = i;
-        }
-        /* Absorb the index specific seed.
-         * Alg 7, Step 1-2 */
-        ret = mlkem_xof_absorb(prf, extSeed, sizeof(extSeed));
-        if (ret == 0) {
-            /* Create out based on the seed.
-             * Alg 7, Step 5. Generating enough to, on average, be able to get
-             * enough valid values. */
-            ret = mlkem_xof_squeezeblocks(prf, rand, GEN_MATRIX_NBLOCKS);
-        }
-        if (ret == 0) {
-            unsigned int ctr;
-
-            /* Sample random bytes to create a polynomial.
-             * Alg 7, Step 3 - implicitly counter is 0.
-             * Alg 7, Step 4-16. */
-            ctr = mlkem_rej_uniform_c(a + j * MLKEM_N, MLKEM_N, rand,
-                GEN_MATRIX_SIZE);
-            /* Create more blocks if too many rejected.
-             * Alg 7, Step 4. */
-            while (ctr < MLKEM_N) {
-                /* Alg 7, Step 5. */
-                mlkem_xof_squeezeblocks(prf, rand, 1);
-                /* Alg 7, Step 4-16. */
-                ctr += mlkem_rej_uniform_c(a + j * MLKEM_N + ctr,
-                    MLKEM_N - ctr, rand, XOF_BLOCK_SIZE);
-            }
-        }
-    }
-
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    /* Dispose of temporary buffer. */
-    XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-#endif
-
-    return ret;
-}
-
-#endif
-
-
-/******************************************************************************/
-
-/* Subtract one 2 bit value from another out of a larger number.
- *
- * FIPS 203, Algorithm 8: SmaplePolyCBD_eta(B)
- * Takes a seed as input and outputs a pseudorandom sample from the distribution
- * D_eta(R_q).
- *
- * @param  [in]  d  Value containing sequential 2 bit values.
- * @param  [in]  i  Start index of the two values in 2 bits each.
- * @return  Difference of the two values with range 0..2.
- */
-#define ETA2_SUB(d, i) \
-    (((sword16)(((d) >> ((i) * 4 + 0)) & 0x3)) - \
-     ((sword16)(((d) >> ((i) * 4 + 2)) & 0x3)))
-
-/* Compute polynomial with coefficients distributed according to a centered
- * binomial distribution with parameter eta2 from uniform random bytes.
- *
- * FIPS 203, Algorithm 8: SmaplePolyCBD_eta(B)
- * Takes a seed as input and outputs a pseudorandom sample from the distribution
- * D_eta(R_q).
- *
- * @param [out]  p  Polynomial computed.
- * @param [in]   r  Random bytes.
- */
-static void mlkem_cbd_eta2(sword16* p, const byte* r)
-{
-    unsigned int i;
-
-#ifndef WORD64_AVAILABLE
-    /* Calculate eight integer coefficients at a time. */
-    for (i = 0; i < MLKEM_N; i += 8) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-    #endif
-        /* Take the next 4 bytes, little endian, as a 32 bit value. */
-    #ifdef BIG_ENDIAN_ORDER
-        word32 t = ByteReverseWord32(*(word32*)r);
-    #else
-        word32 t = *(word32*)r;
-    #endif
-        word32 d;
-        /* Add second bits to first. */
-        d  = (t >> 0) & 0x55555555;
-        d += (t >> 1) & 0x55555555;
-        /* Values 0, 1 or 2 in consecutive 2 bits.
-         * 0 - 1/4, 1 - 2/4, 2 - 1/4. */
-
-    #ifdef WOLFSSL_MLKEM_SMALL
-        for (j = 0; j < 8; j++) {
-            p[i + j] = ETA2_SUB(d, j);
-        }
-    #else
-        p[i + 0] = ETA2_SUB(d, 0);
-        p[i + 1] = ETA2_SUB(d, 1);
-        p[i + 2] = ETA2_SUB(d, 2);
-        p[i + 3] = ETA2_SUB(d, 3);
-        p[i + 4] = ETA2_SUB(d, 4);
-        p[i + 5] = ETA2_SUB(d, 5);
-        p[i + 6] = ETA2_SUB(d, 6);
-        p[i + 7] = ETA2_SUB(d, 7);
-    #endif
-        /* -2 - 1/16, -1 - 4/16, 0 - 6/16, 1 - 4/16, 2 - 1/16  */
-
-        /* Move over used bytes. */
-        r += 4;
-    }
-#else
-    /* Calculate sixteen integer coefficients at a time. */
-    for (i = 0; i < MLKEM_N; i += 16) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-    #endif
-        /* Take the next 8 bytes, little endian, as a 64 bit value. */
-    #ifdef BIG_ENDIAN_ORDER
-        word64 t = ByteReverseWord64(readUnalignedWord64(r));
-    #else
-        word64 t = readUnalignedWord64(r);
-    #endif
-        word64 d;
-        /* Add second bits to first. */
-        d  = (t >> 0) & 0x5555555555555555L;
-        d += (t >> 1) & 0x5555555555555555L;
-        /* Values 0, 1 or 2 in consecutive 2 bits.
-         * 0 - 1/4, 1 - 2/4, 2 - 1/4. */
-
-    #ifdef WOLFSSL_MLKEM_SMALL
-        for (j = 0; j < 16; j++) {
-            p[i + j] = ETA2_SUB(d, j);
-        }
-    #else
-        p[i +  0] = ETA2_SUB(d,  0);
-        p[i +  1] = ETA2_SUB(d,  1);
-        p[i +  2] = ETA2_SUB(d,  2);
-        p[i +  3] = ETA2_SUB(d,  3);
-        p[i +  4] = ETA2_SUB(d,  4);
-        p[i +  5] = ETA2_SUB(d,  5);
-        p[i +  6] = ETA2_SUB(d,  6);
-        p[i +  7] = ETA2_SUB(d,  7);
-        p[i +  8] = ETA2_SUB(d,  8);
-        p[i +  9] = ETA2_SUB(d,  9);
-        p[i + 10] = ETA2_SUB(d, 10);
-        p[i + 11] = ETA2_SUB(d, 11);
-        p[i + 12] = ETA2_SUB(d, 12);
-        p[i + 13] = ETA2_SUB(d, 13);
-        p[i + 14] = ETA2_SUB(d, 14);
-        p[i + 15] = ETA2_SUB(d, 15);
-    #endif
-        /* -2 - 1/16, -1 - 4/16, 0 - 6/16, 1 - 4/16, 2 - 1/16  */
-
-        /* Move over used bytes. */
-        r += 8;
-    }
-#endif
-}
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-/* Subtract one 3 bit value from another out of a larger number.
- *
- * FIPS 203, Algorithm 8: SmaplePolyCBD_eta(B)
- * Takes a seed as input and outputs a pseudorandom sample from the distribution
- * D_eta(R_q).
- *
- * @param  [in]  d  Value containing sequential 3 bit values.
- * @param  [in]  i  Start index of the two values in 3 bits each.
- * @return  Difference of the two values with range 0..3.
- */
-#define ETA3_SUB(d, i) \
-    (((sword16)(((d) >> ((i) * 6 + 0)) & 0x7)) - \
-     ((sword16)(((d) >> ((i) * 6 + 3)) & 0x7)))
-
-/* Compute polynomial with coefficients distributed according to a centered
- * binomial distribution with parameter eta3 from uniform random bytes.
- *
- * FIPS 203, Algorithm 8: SmaplePolyCBD_eta(B)
- * Takes a seed as input and outputs a pseudorandom sample from the distribution
- * D_eta(R_q).
- *
- * @param [out]  p  Polynomial computed.
- * @param [in]   r  Random bytes.
- */
-static void mlkem_cbd_eta3(sword16* p, const byte* r)
-{
-    unsigned int i;
-
-#if defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE) || \
-    defined(BIG_ENDIAN_ORDER)
-#ifndef WORD64_AVAILABLE
-    /* Calculate four integer coefficients at a time. */
-    for (i = 0; i < MLKEM_N; i += 4) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-    #endif
-        /* Take the next 3 bytes, little endian, as a 24 bit value. */
-        word32 t = (((word32)(r[0])) <<  0) |
-                   (((word32)(r[1])) <<  8) |
-                   (((word32)(r[2])) << 16);
-        word32 d;
-        /* Add second and third bits to first. */
-        d  = (t >> 0) & 0x00249249;
-        d += (t >> 1) & 0x00249249;
-        d += (t >> 2) & 0x00249249;
-        /* Values 0, 1, 2 or 3 in consecutive 3 bits.
-         * 0 - 1/8, 1 - 3/8, 2 - 3/8, 3 - 1/8. */
-
-    #ifdef WOLFSSL_MLKEM_SMALL
-        for (j = 0; j < 4; j++) {
-            p[i + j] = ETA3_SUB(d, j);
-        }
-    #else
-        p[i + 0] = ETA3_SUB(d, 0);
-        p[i + 1] = ETA3_SUB(d, 1);
-        p[i + 2] = ETA3_SUB(d, 2);
-        p[i + 3] = ETA3_SUB(d, 3);
-    #endif
-        /* -3-1/64, -2-6/64, -1-15/64, 0-20/64, 1-15/64, 2-6/64, 3-1/64 */
-
-        /* Move over used bytes. */
-        r += 3;
-    }
-#else
-    /* Calculate eight integer coefficients at a time. */
-    for (i = 0; i < MLKEM_N; i += 8) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-    #endif
-        /* Take the next 6 bytes, little endian, as a 48 bit value. */
-        word64 t = (((word64)(r[0])) <<  0) |
-                   (((word64)(r[1])) <<  8) |
-                   (((word64)(r[2])) << 16) |
-                   (((word64)(r[3])) << 24) |
-                   (((word64)(r[4])) << 32) |
-                   (((word64)(r[5])) << 40);
-        word64 d;
-        /* Add second and third bits to first. */
-        d  = (t >> 0) & 0x0000249249249249L;
-        d += (t >> 1) & 0x0000249249249249L;
-        d += (t >> 2) & 0x0000249249249249L;
-        /* Values 0, 1, 2 or 3 in consecutive 3 bits.
-         * 0 - 1/8, 1 - 3/8, 2 - 3/8, 3 - 1/8. */
-
-    #ifdef WOLFSSL_MLKEM_SMALL
-        for (j = 0; j < 8; j++) {
-            p[i + j] = ETA3_SUB(d, j);
-        }
-    #else
-        p[i + 0] = ETA3_SUB(d, 0);
-        p[i + 1] = ETA3_SUB(d, 1);
-        p[i + 2] = ETA3_SUB(d, 2);
-        p[i + 3] = ETA3_SUB(d, 3);
-        p[i + 4] = ETA3_SUB(d, 4);
-        p[i + 5] = ETA3_SUB(d, 5);
-        p[i + 6] = ETA3_SUB(d, 6);
-        p[i + 7] = ETA3_SUB(d, 7);
-    #endif
-        /* -3-1/64, -2-6/64, -1-15/64, 0-20/64, 1-15/64, 2-6/64, 3-1/64 */
-
-        /* Move over used bytes. */
-        r += 6;
-    }
-#endif /* WORD64_AVAILABLE */
-#else
-    /* Calculate eight integer coefficients at a time. */
-    for (i = 0; i < MLKEM_N; i += 16) {
-        const word32* r32 = (const word32*)r;
-        /* Take the next 12 bytes, little endian, as 24 bit values. */
-        word32 t0 =   r32[0]                          & 0xffffff;
-        word32 t1 = ((r32[0] >> 24) | (r32[1] <<  8)) & 0xffffff;
-        word32 t2 = ((r32[1] >> 16) | (r32[2] << 16)) & 0xffffff;
-        word32 t3 =   r32[2] >>  8                              ;
-        word32 d0;
-        word32 d1;
-        word32 d2;
-        word32 d3;
-
-        /* Add second and third bits to first. */
-        d0  = (t0 >> 0) & 0x00249249;
-        d0 += (t0 >> 1) & 0x00249249;
-        d0 += (t0 >> 2) & 0x00249249;
-        d1  = (t1 >> 0) & 0x00249249;
-        d1 += (t1 >> 1) & 0x00249249;
-        d1 += (t1 >> 2) & 0x00249249;
-        d2  = (t2 >> 0) & 0x00249249;
-        d2 += (t2 >> 1) & 0x00249249;
-        d2 += (t2 >> 2) & 0x00249249;
-        d3  = (t3 >> 0) & 0x00249249;
-        d3 += (t3 >> 1) & 0x00249249;
-        d3 += (t3 >> 2) & 0x00249249;
-        /* Values 0, 1, 2 or 3 in consecutive 3 bits.
-         * 0 - 1/8, 1 - 3/8, 2 - 3/8, 3 - 1/8. */
-
-        p[i +  0] = ETA3_SUB(d0, 0);
-        p[i +  1] = ETA3_SUB(d0, 1);
-        p[i +  2] = ETA3_SUB(d0, 2);
-        p[i +  3] = ETA3_SUB(d0, 3);
-        p[i +  4] = ETA3_SUB(d1, 0);
-        p[i +  5] = ETA3_SUB(d1, 1);
-        p[i +  6] = ETA3_SUB(d1, 2);
-        p[i +  7] = ETA3_SUB(d1, 3);
-        p[i +  8] = ETA3_SUB(d2, 0);
-        p[i +  9] = ETA3_SUB(d2, 1);
-        p[i + 10] = ETA3_SUB(d2, 2);
-        p[i + 11] = ETA3_SUB(d2, 3);
-        p[i + 12] = ETA3_SUB(d3, 0);
-        p[i + 13] = ETA3_SUB(d3, 1);
-        p[i + 14] = ETA3_SUB(d3, 2);
-        p[i + 15] = ETA3_SUB(d3, 3);
-        /* -3-1/64, -2-6/64, -1-15/64, 0-20/64, 1-15/64, 2-6/64, 3-1/64 */
-
-        /* Move over used bytes. */
-        r += 12;
-    }
-#endif /* WOLFSSL_SMALL_STACK || WOLFSSL_MLKEM_NO_LARGE_CODE ||
-        * BIG_ENDIAN_ORDER */
-}
-#endif
-
-#if !(defined(__aarch64__) && defined(WOLFSSL_ARMASM))
-
-/* Get noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * FIPS 203, Algorithm 13: K-PKE.KeyGen(d)
- *   ...
- *   9:     s[i] <- SamplePolyCBD_eta_1(PRF_eta_1(rho, N))
- *   ...
- *  13:     e[i] <- SamplePolyCBD_eta_1(PRF_eta_1(rho, N))
- *   ...
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  10:     y[i] <- SamplePolyCBD_eta_1(PRF_eta_1(r, N))
- *   ...
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [out]      p     Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @param  [in]       eta1  Size of noise/error integers.
- * @return  0 on success.
- */
-static int mlkem_get_noise_eta1_c(MLKEM_PRF_T* prf, sword16* p,
-    const byte* seed, byte eta1)
-{
-    int ret;
-
-    (void)eta1;
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-    if (eta1 == MLKEM_CBD_ETA3) {
-        byte rand[ETA3_RAND_SIZE];
-
-        /* Calculate random bytes from seed with PRF. */
-        ret = mlkem_prf(prf, rand, sizeof(rand), seed);
-        if (ret == 0) {
-            /* Sample for values in range -3..3 from 3 bits of random. */
-            mlkem_cbd_eta3(p, rand);
-         }
-    }
-    else
-#endif
-    {
-        byte rand[ETA2_RAND_SIZE];
-
-        /* Calculate random bytes from seed with PRF. */
-        ret = mlkem_prf(prf, rand, sizeof(rand), seed);
-        if (ret == 0) {
-            /* Sample for values in range -2..2 from 2 bits of random. */
-            mlkem_cbd_eta2(p, rand);
-        }
-    }
-
-    return ret;
-}
-
-/* Get noise/error by calculating random bytes and sampling to a binomial
- * distribution. Values -2..2
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [out]      p     Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_eta2_c(MLKEM_PRF_T* prf, sword16* p,
-    const byte* seed)
-{
-    int ret;
-    byte rand[ETA2_RAND_SIZE];
-
-    /* Calculate random bytes from seed with PRF. */
-    ret = mlkem_prf(prf, rand, sizeof(rand), seed);
-    if (ret == 0) {
-        mlkem_cbd_eta2(p, rand);
-    }
-
-    return ret;
-}
-
-#endif
-
-#if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-#define PRF_RAND_SZ   (2 * SHA3_256_BYTES)
-
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768) || \
-    defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Get the noise/error by calculating random bytes.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [out]  rand  Random number byte array.
- * @param  [in]   seed  Seed to generate random from.
- * @param  [in]   o     Offset of seed count.
- */
-static void mlkem_get_noise_x4_eta2_avx2(byte* rand, byte* seed, byte o)
-{
-    int i;
-    word64 state[25 * 4];
-
-    for (i = 0; i < 4; i++) {
-        state[4*4 + i] = 0x1f00 + i + o;
-    }
-
-    sha3_256_blocksx4_seed_avx2(state, seed);
-    mlkem_redistribute_16_rand_avx2(state, rand + 0 * ETA2_RAND_SIZE,
-        rand + 1 * ETA2_RAND_SIZE, rand + 2 * ETA2_RAND_SIZE,
-        rand + 3 * ETA2_RAND_SIZE);
-}
-#endif
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512) || \
-    defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Get noise/error by calculating random bytes and sampling to a binomial
- * distribution. Values -2..2
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [out]      p     Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_eta2_avx2(MLKEM_PRF_T* prf, sword16* p,
-    const byte* seed)
-{
-    word64 state[25];
-
-    (void)prf;
-
-    /* Put first WC_ML_KEM_SYM_SZ bytes og key into blank state. */
-    readUnalignedWords64(state, seed, WC_ML_KEM_SYM_SZ / sizeof(word64));
-    /* Last byte in with end of content marker. */
-    state[WC_ML_KEM_SYM_SZ / 8] = 0x1f00 | seed[WC_ML_KEM_SYM_SZ];
-    /* Set rest of state to 0. */
-    XMEMSET(state + WC_ML_KEM_SYM_SZ / 8 + 1, 0,
-        (25 - WC_ML_KEM_SYM_SZ / 8 - 1) * sizeof(word64));
-    /* ... except for rate marker. */
-    state[WC_SHA3_256_COUNT - 1] = W64LIT(0x8000000000000000);
-
-    /* Perform a block operation on the state for next block of output. */
-#ifndef WC_SHA3_NO_ASM
-    if (IS_INTEL_BMI2(cpuid_flags)) {
-        sha3_block_bmi2(state);
-    }
-    else if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        sha3_block_avx2(state);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif /* !WC_SHA3_NO_ASM */
-    {
-        BlockSha3(state);
-    }
-    mlkem_cbd_eta2_avx2(p, (byte*)state);
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-/* Get the noise/error by calculating random bytes.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [out]  rand  Random number byte array.
- * @param  [in]   seed  Seed to generate random from.
- * @param  [in]   o     Offset of seed count.
- */
-static void mlkem_get_noise_x4_eta3_avx2(byte* rand, byte* seed)
-{
-    word64 state[25 * 4];
-    int i;
-
-    state[4*4 + 0] = 0x1f00 + 0;
-    state[4*4 + 1] = 0x1f00 + 1;
-    state[4*4 + 2] = 0x1f00 + 2;
-    state[4*4 + 3] = 0x1f00 + 3;
-
-    sha3_256_blocksx4_seed_avx2(state, seed);
-    mlkem_redistribute_17_rand_avx2(state, rand + 0 * PRF_RAND_SZ,
-        rand + 1 * PRF_RAND_SZ, rand + 2 * PRF_RAND_SZ,
-        rand + 3 * PRF_RAND_SZ);
-    i = SHA3_256_BYTES;
-    sha3_blocksx4_avx2(state);
-    mlkem_redistribute_8_rand_avx2(state, rand + i + 0 * PRF_RAND_SZ,
-        rand + i + 1 * PRF_RAND_SZ, rand + i + 2 * PRF_RAND_SZ,
-        rand + i + 3 * PRF_RAND_SZ);
-}
-
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_k2_avx2(MLKEM_PRF_T* prf, sword16* vec1,
-    sword16* vec2, sword16* poly, byte* seed)
-{
-    int ret = 0;
-    WC_DECLARE_VAR(rand, byte, 4 * PRF_RAND_SZ, 0);
-
-    WC_ALLOC_VAR_EX(rand, byte, 4*PRF_RAND_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-        return MEMORY_E);
-
-    mlkem_get_noise_x4_eta3_avx2(rand, seed);
-    mlkem_cbd_eta3_avx2(vec1          , rand + 0 * PRF_RAND_SZ);
-    mlkem_cbd_eta3_avx2(vec1 + MLKEM_N, rand + 1 * PRF_RAND_SZ);
-    if (poly == NULL) {
-        mlkem_cbd_eta3_avx2(vec2          , rand + 2 * PRF_RAND_SZ);
-        mlkem_cbd_eta3_avx2(vec2 + MLKEM_N, rand + 3 * PRF_RAND_SZ);
-    }
-    else {
-        mlkem_cbd_eta2_avx2(vec2          , rand + 2 * PRF_RAND_SZ);
-        mlkem_cbd_eta2_avx2(vec2 + MLKEM_N, rand + 3 * PRF_RAND_SZ);
-
-        seed[WC_ML_KEM_SYM_SZ] = 4;
-        ret = mlkem_get_noise_eta2_avx2(prf, poly, seed);
-    }
-
-    WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_k3_avx2(sword16* vec1, sword16* vec2, sword16* poly,
-    byte* seed)
-{
-    byte rand[4 * ETA2_RAND_SIZE];
-
-    mlkem_get_noise_x4_eta2_avx2(rand, seed, 0);
-    mlkem_cbd_eta2_avx2(vec1              , rand + 0 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec1 + 1 * MLKEM_N, rand + 1 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec1 + 2 * MLKEM_N, rand + 2 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec2              , rand + 3 * ETA2_RAND_SIZE);
-    mlkem_get_noise_x4_eta2_avx2(rand, seed, 4);
-    mlkem_cbd_eta2_avx2(vec2 + 1 * MLKEM_N, rand + 0 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec2 + 2 * MLKEM_N, rand + 1 * ETA2_RAND_SIZE);
-    if (poly != NULL) {
-        mlkem_cbd_eta2_avx2(poly, rand + 2 * ETA2_RAND_SIZE);
-    }
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_k4_avx2(MLKEM_PRF_T* prf, sword16* vec1,
-    sword16* vec2, sword16* poly, byte* seed)
-{
-    int ret = 0;
-    byte rand[4 * ETA2_RAND_SIZE];
-
-    (void)prf;
-
-    mlkem_get_noise_x4_eta2_avx2(rand, seed, 0);
-    mlkem_cbd_eta2_avx2(vec1              , rand + 0 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec1 + 1 * MLKEM_N, rand + 1 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec1 + 2 * MLKEM_N, rand + 2 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec1 + 3 * MLKEM_N, rand + 3 * ETA2_RAND_SIZE);
-    mlkem_get_noise_x4_eta2_avx2(rand, seed, 4);
-    mlkem_cbd_eta2_avx2(vec2              , rand + 0 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec2 + 1 * MLKEM_N, rand + 1 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec2 + 2 * MLKEM_N, rand + 2 * ETA2_RAND_SIZE);
-    mlkem_cbd_eta2_avx2(vec2 + 3 * MLKEM_N, rand + 3 * ETA2_RAND_SIZE);
-    if (poly != NULL) {
-        seed[WC_ML_KEM_SYM_SZ] = 8;
-        ret = mlkem_get_noise_eta2_avx2(prf, poly, seed);
-    }
-
-    return ret;
-}
-#endif
-#endif /* USE_INTEL_SPEEDUP */
-
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-
-#define PRF_RAND_SZ   (2 * SHA3_256_BYTES)
-
-/* Get the noise/error by calculating random bytes.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [out]  rand  Random number byte array.
- * @param  [in]   seed  Seed to generate random from.
- * @param  [in]   o     Offset of seed count.
- */
-static void mlkem_get_noise_x3_eta2_aarch64(byte* rand, byte* seed, byte o)
-{
-    word64* state = (word64*)rand;
-
-    state[0*25 + 4] = 0x1f00 + 0 + o;
-    state[1*25 + 4] = 0x1f00 + 1 + o;
-    state[2*25 + 4] = 0x1f00 + 2 + o;
-
-    mlkem_shake256_blocksx3_seed_neon(state, seed);
-}
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-/* Get the noise/error by calculating random bytes.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [out]  rand  Random number byte array.
- * @param  [in]   seed  Seed to generate random from.
- * @param  [in]   o     Offset of seed count.
- */
-static void mlkem_get_noise_x3_eta3_aarch64(byte* rand, byte* seed, byte o)
-{
-    word64 state[3 * 25];
-
-    state[0*25 + 4] = 0x1f00 + 0 + o;
-    state[1*25 + 4] = 0x1f00 + 1 + o;
-    state[2*25 + 4] = 0x1f00 + 2 + o;
-
-    mlkem_shake256_blocksx3_seed_neon(state, seed);
-    XMEMCPY(rand + 0 * ETA3_RAND_SIZE, state + 0*25, SHA3_256_BYTES);
-    XMEMCPY(rand + 1 * ETA3_RAND_SIZE, state + 1*25, SHA3_256_BYTES);
-    XMEMCPY(rand + 2 * ETA3_RAND_SIZE, state + 2*25, SHA3_256_BYTES);
-    mlkem_sha3_blocksx3_neon(state);
-    rand += SHA3_256_BYTES;
-    XMEMCPY(rand + 0 * ETA3_RAND_SIZE, state + 0*25,
-        ETA3_RAND_SIZE - SHA3_256_BYTES);
-    XMEMCPY(rand + 1 * ETA3_RAND_SIZE, state + 1*25,
-        ETA3_RAND_SIZE - SHA3_256_BYTES);
-    XMEMCPY(rand + 2 * ETA3_RAND_SIZE, state + 2*25,
-        ETA3_RAND_SIZE - SHA3_256_BYTES);
-}
-
-/* Get the noise/error by calculating random bytes.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [out]  rand  Random number byte array.
- * @param  [in]   seed  Seed to generate random from.
- * @param  [in]   o     Offset of seed count.
- * @return  0 on success.
- */
-static void mlkem_get_noise_eta3_aarch64(byte* rand, byte* seed, byte o)
-{
-    word64 state[25];
-
-    state[0] = ((word64*)seed)[0];
-    state[1] = ((word64*)seed)[1];
-    state[2] = ((word64*)seed)[2];
-    state[3] = ((word64*)seed)[3];
-    state[4] = 0x1f00 + o;
-    XMEMSET(state + 5, 0, sizeof(*state) * (25 - 5));
-    state[16] = W64LIT(0x8000000000000000);
-    BlockSha3(state);
-    XMEMCPY(rand                 , state, SHA3_256_BYTES);
-    BlockSha3(state);
-    XMEMCPY(rand + SHA3_256_BYTES, state, ETA3_RAND_SIZE - SHA3_256_BYTES);
-}
-
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_k2_aarch64(sword16* vec1, sword16* vec2,
-    sword16* poly, byte* seed)
-{
-    int ret = 0;
-    byte rand[3 * 25 * 8];
-
-    mlkem_get_noise_x3_eta3_aarch64(rand, seed, 0);
-    mlkem_cbd_eta3(vec1          , rand + 0 * ETA3_RAND_SIZE);
-    mlkem_cbd_eta3(vec1 + MLKEM_N, rand + 1 * ETA3_RAND_SIZE);
-    if (poly == NULL) {
-        mlkem_cbd_eta3(vec2          , rand + 2 * ETA3_RAND_SIZE);
-        mlkem_get_noise_eta3_aarch64(rand, seed, 3);
-        mlkem_cbd_eta3(vec2 + MLKEM_N, rand                     );
-    }
-    else {
-        mlkem_get_noise_x3_eta2_aarch64(rand, seed, 2);
-        mlkem_cbd_eta2(vec2          , rand + 0 * 25 * 8);
-        mlkem_cbd_eta2(vec2 + MLKEM_N, rand + 1 * 25 * 8);
-        mlkem_cbd_eta2(poly          , rand + 2 * 25 * 8);
-    }
-
-    return ret;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Get the noise/error by calculating random bytes.
- *
- * FIPS 203, Algorithm 14: K-PKE.Encrypt(ek_PKE,m,r)
- *   ...
- *  14:     e1[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *  17:     e2[i] <- SamplePolyCBD_eta_2(PRF_eta_2(r, N))
- *   ...
- *
- * @param  [out]  rand  Random number byte array.
- * @param  [in]   seed  Seed to generate random from.
- * @param  [in]   o     Offset of seed count.
- * @return  0 on success.
- */
-static void mlkem_get_noise_eta2_aarch64(byte* rand, byte* seed, byte o)
-{
-    word64* state = (word64*)rand;
-
-    state[0] = ((word64*)seed)[0];
-    state[1] = ((word64*)seed)[1];
-    state[2] = ((word64*)seed)[2];
-    state[3] = ((word64*)seed)[3];
-    /* Transposed value same as not. */
-    state[4] = 0x1f00 + o;
-    XMEMSET(state + 5, 0, sizeof(*state) * (25 - 5));
-    state[16] = W64LIT(0x8000000000000000);
-    BlockSha3(state);
-}
-
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_k3_aarch64(sword16* vec1, sword16* vec2,
-     sword16* poly, byte* seed)
-{
-    byte rand[3 * 25 * 8];
-
-    mlkem_get_noise_x3_eta2_aarch64(rand, seed, 0);
-    mlkem_cbd_eta2(vec1              , rand + 0 * 25 * 8);
-    mlkem_cbd_eta2(vec1 + 1 * MLKEM_N, rand + 1 * 25 * 8);
-    mlkem_cbd_eta2(vec1 + 2 * MLKEM_N, rand + 2 * 25 * 8);
-    mlkem_get_noise_x3_eta2_aarch64(rand, seed, 3);
-    mlkem_cbd_eta2(vec2              , rand + 0 * 25 * 8);
-    mlkem_cbd_eta2(vec2 + 1 * MLKEM_N, rand + 1 * 25 * 8);
-    mlkem_cbd_eta2(vec2 + 2 * MLKEM_N, rand + 2 * 25 * 8);
-    if (poly != NULL) {
-        mlkem_get_noise_eta2_aarch64(rand, seed, 6);
-        mlkem_cbd_eta2(poly              , rand + 0 * 25 * 8);
-    }
-
-    return 0;
-}
-#endif
-
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_k4_aarch64(sword16* vec1, sword16* vec2,
-    sword16* poly, byte* seed)
-{
-    int ret = 0;
-    byte rand[3 * 25 * 8];
-
-    mlkem_get_noise_x3_eta2_aarch64(rand, seed, 0);
-    mlkem_cbd_eta2(vec1              , rand + 0 * 25 * 8);
-    mlkem_cbd_eta2(vec1 + 1 * MLKEM_N, rand + 1 * 25 * 8);
-    mlkem_cbd_eta2(vec1 + 2 * MLKEM_N, rand + 2 * 25 * 8);
-    mlkem_get_noise_x3_eta2_aarch64(rand, seed, 3);
-    mlkem_cbd_eta2(vec1 + 3 * MLKEM_N, rand + 0 * 25 * 8);
-    mlkem_cbd_eta2(vec2              , rand + 1 * 25 * 8);
-    mlkem_cbd_eta2(vec2 + 1 * MLKEM_N, rand + 2 * 25 * 8);
-    mlkem_get_noise_x3_eta2_aarch64(rand, seed, 6);
-    mlkem_cbd_eta2(vec2 + 2 * MLKEM_N, rand + 0 * 25 * 8);
-    mlkem_cbd_eta2(vec2 + 3 * MLKEM_N, rand + 1 * 25 * 8);
-    if (poly != NULL) {
-        mlkem_cbd_eta2(poly,               rand + 2 * 25 * 8);
-    }
-
-    return ret;
-}
-#endif
-#endif /* __aarch64__ && WOLFSSL_ARMASM */
-
-#if !(defined(__aarch64__) && defined(WOLFSSL_ARMASM))
-
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [in]       k     Number of polynomials in vector.
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [in]       eta1  Size of noise/error integers with first vector.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [in]       eta2  Size of noise/error integers with second vector.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-static int mlkem_get_noise_c(MLKEM_PRF_T* prf, int k, sword16* vec1, int eta1,
-    sword16* vec2, int eta2, sword16* poly, byte* seed)
-{
-    int ret = 0;
-    int i;
-
-    /* First noise generation has a seed with 0x00 appended. */
-    seed[WC_ML_KEM_SYM_SZ] = 0;
-    /* Generate noise as private key. */
-    for (i = 0; (ret == 0) && (i < k); i++) {
-        /* Generate noise for each dimension of vector. */
-        ret = mlkem_get_noise_eta1_c(prf, vec1 + i * MLKEM_N, seed, eta1);
-        /* Increment value of appended byte. */
-        seed[WC_ML_KEM_SYM_SZ]++;
-    }
-    if ((ret == 0) && (vec2 != NULL)) {
-        /* Generate noise for error. */
-        for (i = 0; (ret == 0) && (i < k); i++) {
-            /* Generate noise for each dimension of vector. */
-            ret = mlkem_get_noise_eta1_c(prf, vec2 + i * MLKEM_N, seed, eta2);
-            /* Increment value of appended byte. */
-            seed[WC_ML_KEM_SYM_SZ]++;
-        }
-    }
-    else {
-        seed[WC_ML_KEM_SYM_SZ] = 2 * k;
-    }
-    if ((ret == 0) && (poly != NULL)) {
-        /* Generating random error polynomial. */
-        ret = mlkem_get_noise_eta2_c(prf, poly, seed);
-    }
-
-    return ret;
-}
-
-#endif /* __aarch64__ && WOLFSSL_ARMASM */
-
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [in]       k     Number of polynomials in vector.
- * @param  [out]      vec1  First Vector of polynomials.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [out]      poly  Polynomial.
- * @param  [in]       seed  Seed to use when calculating random.
- * @return  0 on success.
- */
-int mlkem_get_noise(MLKEM_PRF_T* prf, int k, sword16* vec1, sword16* vec2,
-    sword16* poly, byte* seed)
-{
-    int ret;
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-    if (k == WC_ML_KEM_512_K) {
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-        ret = mlkem_get_noise_k2_aarch64(vec1, vec2, poly, seed);
-#else
-    #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            ret = mlkem_get_noise_k2_avx2(prf, vec1, vec2, poly, seed);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        if (poly == NULL) {
-            ret = mlkem_get_noise_c(prf, k, vec1, MLKEM_CBD_ETA3, vec2,
-                MLKEM_CBD_ETA3, NULL, seed);
-        }
-        else {
-            ret = mlkem_get_noise_c(prf, k, vec1, MLKEM_CBD_ETA3, vec2,
-                MLKEM_CBD_ETA2, poly, seed);
-        }
-#endif
-    }
-    else
-#endif
-#if defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-    if (k == WC_ML_KEM_768_K) {
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-        ret = mlkem_get_noise_k3_aarch64(vec1, vec2, poly, seed);
-#else
-    #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            ret = mlkem_get_noise_k3_avx2(vec1, vec2, poly, seed);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            ret = mlkem_get_noise_c(prf, k, vec1, MLKEM_CBD_ETA2, vec2,
-                MLKEM_CBD_ETA2, poly, seed);
-        }
-#endif
-    }
-    else
-#endif
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-    if (k == WC_ML_KEM_1024_K) {
-#if defined(WOLFSSL_ARMASM) && defined(__aarch64__)
-        ret = mlkem_get_noise_k4_aarch64(vec1, vec2, poly, seed);
-#else
-    #if defined(USE_INTEL_SPEEDUP) && !defined(WC_SHA3_NO_ASM)
-        if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-            ret = mlkem_get_noise_k4_avx2(prf, vec1, vec2, poly, seed);
-            RESTORE_VECTOR_REGISTERS();
-        }
-        else
-    #endif
-        {
-            ret = mlkem_get_noise_c(prf, k, vec1, MLKEM_CBD_ETA2, vec2,
-                MLKEM_CBD_ETA2, poly, seed);
-        }
-#endif
-    }
-    else
-#endif
-    {
-        ret = BAD_STATE_E;
-    }
-
-    (void)prf;
-
-    return ret;
-}
-
-#if defined(WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM) || \
-    defined(WOLFSSL_MLKEM_ENCAPSULATE_SMALL_MEM)
-/* Get the noise/error by calculating random bytes and sampling to a binomial
- * distribution.
- *
- * @param  [in, out]  prf   Pseudo-random function object.
- * @param  [in]       k     Number of polynomials in vector.
- * @param  [out]      vec2  Second Vector of polynomials.
- * @param  [in]       seed  Seed to use when calculating random.
- * @param  [in]       i     Index of vector to generate.
- * @param  [in]       make  Indicates generation is for making a key.
- * @return  0 on success.
- */
-static int mlkem_get_noise_i(MLKEM_PRF_T* prf, int k, sword16* vec2,
-    byte* seed, int i, int make)
-{
-    int ret;
-
-    /* Initialize the PRF (generating matrix A leaves it in uninitialized
-     * state). */
-    mlkem_prf_init(prf);
-
-    /* Set index of polynomial of second vector into seed. */
-    seed[WC_ML_KEM_SYM_SZ] = k + i;
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512)
-    if ((k == WC_ML_KEM_512_K) && make) {
-        ret = mlkem_get_noise_eta1_c(prf, vec2, seed, MLKEM_CBD_ETA3);
-    }
-    else
-#endif
-    {
-        ret = mlkem_get_noise_eta1_c(prf, vec2, seed, MLKEM_CBD_ETA2);
-    }
-
-    (void)make;
-    return ret;
-}
-#endif
-
-/******************************************************************************/
-
-#if !(defined(__aarch64__) && defined(WOLFSSL_ARMASM))
-/* Compare two byte arrays of equal size.
- *
- * @param [in]  a   First array to compare.
- * @param [in]  b   Second array to compare.
- * @param [in]  sz  Size of arrays in bytes.
- * @return  0 on success.
- * @return  -1 on failure.
- */
-static int mlkem_cmp_c(const byte* a, const byte* b, int sz)
-{
-    int i;
-    byte r = 0;
-
-    /* Constant time comparison of the encapsulated message and cipher text. */
-    for (i = 0; i < sz; i++) {
-        r |= a[i] ^ b[i];
-    }
-    return 0 - ((-(word32)r) >> 31);
-}
-#endif
-
-/* Compare two byte arrays of equal size.
- *
- * @param [in]  a   First array to compare.
- * @param [in]  b   Second array to compare.
- * @param [in]  sz  Size of arrays in bytes.
- * @return  0 on success.
- * @return  -1 on failure.
- */
-int mlkem_cmp(const byte* a, const byte* b, int sz)
-{
-#if defined(__aarch64__) && defined(WOLFSSL_ARMASM)
-    return mlkem_cmp_neon(a, b, sz);
-#else
-    int fail;
-
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        fail = mlkem_cmp_avx2(a, b, sz);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        fail = mlkem_cmp_c(a, b, sz);
-    }
-
-    return fail;
-#endif
-}
-
-/******************************************************************************/
-
-#if !defined(WOLFSSL_ARMASM)
-
-/* Conditional subtraction of q to each coefficient of a polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in, out]  p  Polynomial.
- */
-static MLKEM_NOINLINE void mlkem_csubq_c(sword16* p)
-{
-    unsigned int i;
-
-    for (i = 0; i < MLKEM_N; ++i) {
-        sword16 t = p[i] - MLKEM_Q;
-        /* When top bit set, -ve number - need to add q back. */
-        p[i] = (sword16)((word16)(-((word16)t >> 15)) & MLKEM_Q) + t;
-    }
-}
-
-#elif defined(__aarch64__)
-
-/* Conditional subtraction of q to each coefficient of a polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in, out]  p  Polynomial.
- */
-#define mlkem_csubq_c   mlkem_csubq_neon
-
-#elif defined(WOLFSSL_ARMASM_THUMB2)
-
-/* Conditional subtraction of q to each coefficient of a polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in, out]  p  Polynomial.
- */
-#define mlkem_csubq_c   mlkem_thumb2_csubq
-
-#else
-
-/* Conditional subtraction of q to each coefficient of a polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in, out]  p  Polynomial.
- */
-#define mlkem_csubq_c   mlkem_arm32_csubq
-
-#endif
-
-/******************************************************************************/
-
-#if defined(CONV_WITH_DIV) || !defined(WORD64_AVAILABLE)
-
-/* Compress value.
- *
- * Uses div operator that may be slow.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @param  [in]  s  Shift amount to apply to value being compressed.
- * @param  [in]  m  Mask to apply get the require number of bits.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_VEC(v, i, j, k, s, m) \
-    ((((word32)v[i * MLKEM_N + j + k] << s) + MLKEM_Q_HALF) / MLKEM_Q) & m
-
-/* Compress value to 10 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_10(v, i, j, k) \
-    TO_COMP_WORD_VEC(v, i, j, k, 10, 0x3ff)
-
-/* Compress value to 11 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_11(v, i, j, k) \
-    TO_COMP_WORD_VEC(v, i, j, k, 11, 0x7ff)
-
-#else
-
-/* Multiplier that does div q.
- * ((1 << 53) + MLKEM_Q_HALF) / MLKEM_Q
- */
-#define MLKEM_V53         0x275f6ed0176UL
-/* Multiplier times half of q.
- * MLKEM_V53 * (MLKEM_Q_HALF + 1)
- */
-#define MLKEM_V53_HALF    0x10013afb768076UL
-
-/* Multiplier that does div q.
- * ((1 << 54) + MLKEM_Q_HALF) / MLKEM_Q
- */
-#define MLKEM_V54         0x4ebedda02ecUL
-/* Multiplier times half of q.
- * MLKEM_V54 * (MLKEM_Q_HALF + 1)
- */
-#define MLKEM_V54_HALF    0x200275f6ed00ecUL
-
-/* Compress value to 10 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_10(v, i, j, k) \
-    ((((MLKEM_V54 << 10) * (v)[(i) * MLKEM_N + (j) + (k)]) + \
-      MLKEM_V54_HALF) >> 54)
-
-/* Compress value to 11 bits.
- *
- * Uses mul instead of div.
- * Only works for values in range: 0..3228
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_11(v, i, j, k) \
-    ((((MLKEM_V53 << 11) * (v)[(i) * MLKEM_N + (j) + (k)]) + \
-      MLKEM_V53_HALF) >> 53)
-
-#endif /* CONV_WITH_DIV */
-
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512) || \
-    defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Compress the vector of polynomials into a byte array with 10 bits each.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b  Array of bytes.
- * @param  [in]   v  Vector of polynomials.
- * @param  [in]   k  Number of polynomials in vector.
- */
-static void mlkem_vec_compress_10_c(byte* r, sword16* v, unsigned int k)
-{
-    unsigned int i;
-    unsigned int j;
-
-    for (i = 0; i < k; i++) {
-        /* Reduce each coefficient to mod q. */
-        mlkem_csubq_c(v + i * MLKEM_N);
-        /* All values are now positive. */
-    }
-
-    /* Each polynomial. */
-    for (i = 0; i < k; i++) {
-#if defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_MLKEM_NO_LARGE_CODE) || \
-    defined(BIG_ENDIAN_ORDER)
-        /* Each 4 polynomial coefficients. */
-        for (j = 0; j < MLKEM_N; j += 4) {
-        #ifdef WOLFSSL_MLKEM_SMALL
-            unsigned int l;
-            sword16 t[4];
-            /* Compress four polynomial values to 10 bits each. */
-            for (l = 0; l < 4; l++) {
-                t[l] = TO_COMP_WORD_10(v, i, j, l);
-            }
-
-            /* Pack four 10-bit values into byte array. */
-            r[ 0] = (t[0] >> 0);
-            r[ 1] = (t[0] >> 8) | (t[1] << 2);
-            r[ 2] = (t[1] >> 6) | (t[2] << 4);
-            r[ 3] = (t[2] >> 4) | (t[3] << 6);
-            r[ 4] = (t[3] >> 2);
-        #else
-            /* Compress four polynomial values to 10 bits each. */
-            sword16 t0 = TO_COMP_WORD_10(v, i, j, 0);
-            sword16 t1 = TO_COMP_WORD_10(v, i, j, 1);
-            sword16 t2 = TO_COMP_WORD_10(v, i, j, 2);
-            sword16 t3 = TO_COMP_WORD_10(v, i, j, 3);
-
-            /* Pack four 10-bit values into byte array. */
-            r[ 0] = (t0 >> 0);
-            r[ 1] = (t0 >> 8) | (t1 << 2);
-            r[ 2] = (t1 >> 6) | (t2 << 4);
-            r[ 3] = (t2 >> 4) | (t3 << 6);
-            r[ 4] = (t3 >> 2);
-        #endif
-
-            /* Move over set bytes. */
-            r += 5;
-        }
-#else
-        /* Each 16 polynomial coefficients. */
-        for (j = 0; j < MLKEM_N; j += 16) {
-            /* Compress four polynomial values to 10 bits each. */
-            sword16 t0  = TO_COMP_WORD_10(v, i, j, 0);
-            sword16 t1  = TO_COMP_WORD_10(v, i, j, 1);
-            sword16 t2  = TO_COMP_WORD_10(v, i, j, 2);
-            sword16 t3  = TO_COMP_WORD_10(v, i, j, 3);
-            sword16 t4  = TO_COMP_WORD_10(v, i, j, 4);
-            sword16 t5  = TO_COMP_WORD_10(v, i, j, 5);
-            sword16 t6  = TO_COMP_WORD_10(v, i, j, 6);
-            sword16 t7  = TO_COMP_WORD_10(v, i, j, 7);
-            sword16 t8  = TO_COMP_WORD_10(v, i, j, 8);
-            sword16 t9  = TO_COMP_WORD_10(v, i, j, 9);
-            sword16 t10 = TO_COMP_WORD_10(v, i, j, 10);
-            sword16 t11 = TO_COMP_WORD_10(v, i, j, 11);
-            sword16 t12 = TO_COMP_WORD_10(v, i, j, 12);
-            sword16 t13 = TO_COMP_WORD_10(v, i, j, 13);
-            sword16 t14 = TO_COMP_WORD_10(v, i, j, 14);
-            sword16 t15 = TO_COMP_WORD_10(v, i, j, 15);
-
-            word32* r32 = (word32*)r;
-            /* Pack sixteen 10-bit values into byte array. */
-            r32[0] =  t0        | ((word32)t1  << 10) | ((word32)t2  << 20) |
-                                  ((word32)t3  << 30);
-            r32[1] = (t3  >> 2) | ((word32)t4  <<  8) | ((word32)t5  << 18) |
-                                  ((word32)t6  << 28);
-            r32[2] = (t6  >> 4) | ((word32)t7  <<  6) | ((word32)t8  << 16) |
-                                  ((word32)t9  << 26);
-            r32[3] = (t9  >> 6) | ((word32)t10 <<  4) | ((word32)t11 << 14) |
-                                  ((word32)t12 << 24);
-            r32[4] = (t12 >> 8) | ((word32)t13 <<  2) | ((word32)t14 << 12) |
-                                  ((word32)t15 << 22);
-
-            /* Move over set bytes. */
-            r += 20;
-        }
-#endif
-    }
-}
-
-/* Compress the vector of polynomials into a byte array with 10 bits each.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b  Array of bytes.
- * @param  [in]   v  Vector of polynomials.
- * @param  [in]   k  Number of polynomials in vector.
- */
-void mlkem_vec_compress_10(byte* r, sword16* v, unsigned int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_compress_10_avx2(r, v, k);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_vec_compress_10_c(r, v, k);
-    }
-}
-#endif
-
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Compress the vector of polynomials into a byte array with 11 bits each.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b       Array of bytes.
- * @param  [in]   v       Vector of polynomials.
- */
-static void mlkem_vec_compress_11_c(byte* r, sword16* v)
-{
-    unsigned int i;
-    unsigned int j;
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int k;
-#endif
-
-    for (i = 0; i < 4; i++) {
-        /* Reduce each coefficient to mod q. */
-        mlkem_csubq_c(v + i * MLKEM_N);
-        /* All values are now positive. */
-    }
-
-    /* Each polynomial. */
-    for (i = 0; i < 4; i++) {
-        /* Each 8 polynomial coefficients. */
-        for (j = 0; j < MLKEM_N; j += 8) {
-        #ifdef WOLFSSL_MLKEM_SMALL
-            sword16 t[8];
-            /* Compress eight polynomial values to 11 bits each. */
-            for (k = 0; k < 8; k++) {
-                t[k] = TO_COMP_WORD_11(v, i, j, k);
-            }
-
-            /* Pack eight 11-bit values into byte array. */
-            r[ 0] = (t[0] >>  0);
-            r[ 1] = (t[0] >>  8) | (t[1] << 3);
-            r[ 2] = (t[1] >>  5) | (t[2] << 6);
-            r[ 3] = (t[2] >>  2);
-            r[ 4] = (t[2] >> 10) | (t[3] << 1);
-            r[ 5] = (t[3] >>  7) | (t[4] << 4);
-            r[ 6] = (t[4] >>  4) | (t[5] << 7);
-            r[ 7] = (t[5] >>  1);
-            r[ 8] = (t[5] >>  9) | (t[6] << 2);
-            r[ 9] = (t[6] >>  6) | (t[7] << 5);
-            r[10] = (t[7] >>  3);
-        #else
-            /* Compress eight polynomial values to 11 bits each. */
-            sword16 t0 = TO_COMP_WORD_11(v, i, j, 0);
-            sword16 t1 = TO_COMP_WORD_11(v, i, j, 1);
-            sword16 t2 = TO_COMP_WORD_11(v, i, j, 2);
-            sword16 t3 = TO_COMP_WORD_11(v, i, j, 3);
-            sword16 t4 = TO_COMP_WORD_11(v, i, j, 4);
-            sword16 t5 = TO_COMP_WORD_11(v, i, j, 5);
-            sword16 t6 = TO_COMP_WORD_11(v, i, j, 6);
-            sword16 t7 = TO_COMP_WORD_11(v, i, j, 7);
-
-            /* Pack eight 11-bit values into byte array. */
-            r[ 0] = (t0 >>  0);
-            r[ 1] = (t0 >>  8) | (t1 << 3);
-            r[ 2] = (t1 >>  5) | (t2 << 6);
-            r[ 3] = (t2 >>  2);
-            r[ 4] = (t2 >> 10) | (t3 << 1);
-            r[ 5] = (t3 >>  7) | (t4 << 4);
-            r[ 6] = (t4 >>  4) | (t5 << 7);
-            r[ 7] = (t5 >>  1);
-            r[ 8] = (t5 >>  9) | (t6 << 2);
-            r[ 9] = (t6 >>  6) | (t7 << 5);
-            r[10] = (t7 >>  3);
-        #endif
-
-            /* Move over set bytes. */
-            r += 11;
-        }
-    }
-}
-
-/* Compress the vector of polynomials into a byte array with 11 bits each.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b       Array of bytes.
- * @param  [in]   v       Vector of polynomials.
- */
-void mlkem_vec_compress_11(byte* r, sword16* v)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_compress_11_avx2(r, v, 4);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_vec_compress_11_c(r, v);
-    }
-}
-#endif
-#endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE || !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-/* Decompress a 10 bit value.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @param  [in]  t  Value to decompress.
- * @return  Decompressed value.
- */
-#define DECOMP_10(v, i, j, k, t) \
-    v[(i) * MLKEM_N + 4 * (j) + (k)] = \
-        (word16)((((word32)((t) & 0x3ff) * MLKEM_Q) + 512) >> 10)
-
-/* Decompress an 11 bit value.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index of polynomial in vector.
- * @param  [in]  j  Index into polynomial.
- * @param  [in]  k  Offset from indices.
- * @param  [in]  t  Value to decompress.
- * @return  Decompressed value.
- */
-#define DECOMP_11(v, i, j, k, t) \
-    v[(i) * MLKEM_N + 8 * (j) + (k)] = \
-        (word16)((((word32)((t) & 0x7ff) * MLKEM_Q) + 1024) >> 11)
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512) || \
-    defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Decompress the byte array of packed 10 bits into vector of polynomials.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  v  Vector of polynomials.
- * @param  [in]   b  Array of bytes.
- * @param  [in]   k  Number of polynomials in vector.
- */
-static void mlkem_vec_decompress_10_c(sword16* v, const byte* b, unsigned int k)
-{
-    unsigned int i;
-    unsigned int j;
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int l;
-#endif
-
-    /* Each polynomial. */
-    for (i = 0; i < k; i++) {
-        /* Each 4 polynomial coefficients. */
-        for (j = 0; j < MLKEM_N / 4; j++) {
-        #ifdef WOLFSSL_MLKEM_SMALL
-            word16 t[4];
-            /* Extract out 4 values of 10 bits each. */
-            t[0] = (b[0] >> 0) | ((word16)b[ 1] << 8);
-            t[1] = (b[1] >> 2) | ((word16)b[ 2] << 6);
-            t[2] = (b[2] >> 4) | ((word16)b[ 3] << 4);
-            t[3] = (b[3] >> 6) | ((word16)b[ 4] << 2);
-            b += 5;
-
-            /* Decompress 4 values. */
-            for (l = 0; l < 4; l++) {
-                DECOMP_10(v, i, j, l, t[l]);
-            }
-        #else
-            /* Extract out 4 values of 10 bits each. */
-            sword16 t0 = (b[0] >> 0) | ((word16)b[ 1] << 8);
-            sword16 t1 = (b[1] >> 2) | ((word16)b[ 2] << 6);
-            sword16 t2 = (b[2] >> 4) | ((word16)b[ 3] << 4);
-            sword16 t3 = (b[3] >> 6) | ((word16)b[ 4] << 2);
-            b += 5;
-
-            /* Decompress 4 values. */
-            DECOMP_10(v, i, j, 0, t0);
-            DECOMP_10(v, i, j, 1, t1);
-            DECOMP_10(v, i, j, 2, t2);
-            DECOMP_10(v, i, j, 3, t3);
-        #endif
-        }
-    }
-}
-
-/* Decompress the byte array of packed 10 bits into vector of polynomials.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  v  Vector of polynomials.
- * @param  [in]   b  Array of bytes.
- * @param  [in]   k  Number of polynomials in vector.
- */
-void mlkem_vec_decompress_10(sword16* v, const byte* b, unsigned int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_decompress_10_avx2(v, b, k);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_vec_decompress_10_c(v, b, k);
-    }
-}
-#endif
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Decompress the byte array of packed 11 bits into vector of polynomials.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  v       Vector of polynomials.
- * @param  [in]   b       Array of bytes.
- */
-static void mlkem_vec_decompress_11_c(sword16* v, const byte* b)
-{
-    unsigned int i;
-    unsigned int j;
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int l;
-#endif
-
-    /* Each polynomial. */
-    for (i = 0; i < 4; i++) {
-        /* Each 8 polynomial coefficients. */
-        for (j = 0; j < MLKEM_N / 8; j++) {
-        #ifdef WOLFSSL_MLKEM_SMALL
-            word16 t[8];
-            /* Extract out 8 values of 11 bits each. */
-            t[0] = (b[0] >> 0) | ((word16)b[ 1] << 8);
-            t[1] = (b[1] >> 3) | ((word16)b[ 2] << 5);
-            t[2] = (b[2] >> 6) | ((word16)b[ 3] << 2) |
-                   ((word16)b[4] << 10);
-            t[3] = (b[4] >> 1) | ((word16)b[ 5] << 7);
-            t[4] = (b[5] >> 4) | ((word16)b[ 6] << 4);
-            t[5] = (b[6] >> 7) | ((word16)b[ 7] << 1) |
-                   ((word16)b[8] <<  9);
-            t[6] = (b[8] >> 2) | ((word16)b[ 9] << 6);
-            t[7] = (b[9] >> 5) | ((word16)b[10] << 3);
-            b += 11;
-
-            /* Decompress 8 values. */
-            for (l = 0; l < 8; l++) {
-                DECOMP_11(v, i, j, l, t[l]);
-            }
-        #else
-            /* Extract out 8 values of 11 bits each. */
-            sword16 t0 = (b[0] >> 0) | ((word16)b[ 1] << 8);
-            sword16 t1 = (b[1] >> 3) | ((word16)b[ 2] << 5);
-            sword16 t2 = (b[2] >> 6) | ((word16)b[ 3] << 2) |
-                   ((word16)b[4] << 10);
-            sword16 t3 = (b[4] >> 1) | ((word16)b[ 5] << 7);
-            sword16 t4 = (b[5] >> 4) | ((word16)b[ 6] << 4);
-            sword16 t5 = (b[6] >> 7) | ((word16)b[ 7] << 1) |
-                   ((word16)b[8] <<  9);
-            sword16 t6 = (b[8] >> 2) | ((word16)b[ 9] << 6);
-            sword16 t7 = (b[9] >> 5) | ((word16)b[10] << 3);
-            b += 11;
-
-            /* Decompress 8 values. */
-            DECOMP_11(v, i, j, 0, t0);
-            DECOMP_11(v, i, j, 1, t1);
-            DECOMP_11(v, i, j, 2, t2);
-            DECOMP_11(v, i, j, 3, t3);
-            DECOMP_11(v, i, j, 4, t4);
-            DECOMP_11(v, i, j, 5, t5);
-            DECOMP_11(v, i, j, 6, t6);
-            DECOMP_11(v, i, j, 7, t7);
-        #endif
-        }
-    }
-}
-
-/* Decompress the byte array of packed 11 bits into vector of polynomials.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  v       Vector of polynomials.
- * @param  [in]   b       Array of bytes.
- */
-void mlkem_vec_decompress_11(sword16* v, const byte* b)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_decompress_11_avx2(v, b, 4);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_vec_decompress_11_c(v, b);
-    }
-}
-#endif
-#endif /* !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#ifdef CONV_WITH_DIV
-
-/* Compress value.
- *
- * Uses div operator that may be slow.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  v  Vector of polynomials.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @param  [in]  s  Shift amount to apply to value being compressed.
- * @param  [in]  m  Mask to apply get the require number of bits.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD(v, i, j, s, m) \
-    ((((word32)v[i + j] << s) + MLKEM_Q_HALF) / MLKEM_Q) & m
-
-/* Compress value to 4 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  p  Polynomial.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_4(p, i, j) \
-    TO_COMP_WORD(p, i, j, 4, 0xf)
-
-/* Compress value to 5 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  p  Polynomial.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_5(p, i, j) \
-    TO_COMP_WORD(p, i, j, 5, 0x1f)
-
-#else
-
-/* Multiplier that does div q. */
-#define MLKEM_V28         ((word32)(((1U << 28) + MLKEM_Q_HALF)) / MLKEM_Q)
-/* Multiplier times half of q. */
-#define MLKEM_V28_HALF    ((word32)(MLKEM_V28 * (MLKEM_Q_HALF + 1)))
-
-/* Multiplier that does div q. */
-#define MLKEM_V27         ((word32)(((1U << 27) + MLKEM_Q_HALF)) / MLKEM_Q)
-/* Multiplier times half of q. */
-#define MLKEM_V27_HALF    ((word32)(MLKEM_V27 * MLKEM_Q_HALF))
-
-/* Compress value to 4 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  p  Polynomial.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_4(p, i, j) \
-    ((((MLKEM_V28 << 4) * (p)[(i) + (j)]) + MLKEM_V28_HALF) >> 28)
-
-/* Compress value to 5 bits.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  p  Polynomial.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @return  Compressed value.
- */
-#define TO_COMP_WORD_5(p, i, j) \
-    ((((MLKEM_V27 << 5) * (p)[(i) + (j)]) + MLKEM_V27_HALF) >> 27)
-
-#endif /* CONV_WITH_DIV */
-
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512) || \
-    defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Compress a polynomial into byte array - on coefficients into 4 bits.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b       Array of bytes.
- * @param  [in]   p       Polynomial.
- */
-static void mlkem_compress_4_c(byte* b, sword16* p)
-{
-    unsigned int i;
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int j;
-    byte t[8];
-#endif
-
-    /* Reduce each coefficients to mod q. */
-    mlkem_csubq_c(p);
-    /* All values are now positive. */
-
-    /* Each 8 polynomial coefficients. */
-    for (i = 0; i < MLKEM_N; i += 8) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        /* Compress eight polynomial values to 4 bits each. */
-        for (j = 0; j < 8; j++) {
-            t[j] = TO_COMP_WORD_4(p, i, j);
-        }
-
-        b[0] = t[0] | (t[1] << 4);
-        b[1] = t[2] | (t[3] << 4);
-        b[2] = t[4] | (t[5] << 4);
-        b[3] = t[6] | (t[7] << 4);
-    #else
-        /* Compress eight polynomial values to 4 bits each. */
-        byte t0 = TO_COMP_WORD_4(p, i, 0);
-        byte t1 = TO_COMP_WORD_4(p, i, 1);
-        byte t2 = TO_COMP_WORD_4(p, i, 2);
-        byte t3 = TO_COMP_WORD_4(p, i, 3);
-        byte t4 = TO_COMP_WORD_4(p, i, 4);
-        byte t5 = TO_COMP_WORD_4(p, i, 5);
-        byte t6 = TO_COMP_WORD_4(p, i, 6);
-        byte t7 = TO_COMP_WORD_4(p, i, 7);
-
-        /* Pack eight 4-bit values into byte array. */
-        b[0] = t0 | (t1 << 4);
-        b[1] = t2 | (t3 << 4);
-        b[2] = t4 | (t5 << 4);
-        b[3] = t6 | (t7 << 4);
-    #endif
-
-        /* Move over set bytes. */
-        b += 4;
-    }
-}
-
-/* Compress a polynomial into byte array - on coefficients into 4 bits.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b       Array of bytes.
- * @param  [in]   p       Polynomial.
- */
-void mlkem_compress_4(byte* b, sword16* p)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_compress_4_avx2(b, p);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_compress_4_c(b, p);
-    }
-}
-#endif
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Compress a polynomial into byte array - on coefficients into 5 bits.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b       Array of bytes.
- * @param  [in]   p       Polynomial.
- */
-static void mlkem_compress_5_c(byte* b, sword16* p)
-{
-    unsigned int i;
-#ifdef WOLFSSL_MLKEM_SMALL
-    unsigned int j;
-    byte t[8];
-#endif
-
-    /* Reduce each coefficients to mod q. */
-    mlkem_csubq_c(p);
-    /* All values are now positive. */
-
-    for (i = 0; i < MLKEM_N; i += 8) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        /* Compress eight polynomial values to 5 bits each. */
-        for (j = 0; j < 8; j++) {
-            t[j] = TO_COMP_WORD_5(p, i, j);
-        }
-
-        /* Pack 5 bits into byte array. */
-        b[0] = (t[0] >> 0) | (t[1] << 5);
-        b[1] = (t[1] >> 3) | (t[2] << 2) | (t[3] << 7);
-        b[2] = (t[3] >> 1) | (t[4] << 4);
-        b[3] = (t[4] >> 4) | (t[5] << 1) | (t[6] << 6);
-        b[4] = (t[6] >> 2) | (t[7] << 3);
-    #else
-        /* Compress eight polynomial values to 5 bits each. */
-        byte t0 = TO_COMP_WORD_5(p, i, 0);
-        byte t1 = TO_COMP_WORD_5(p, i, 1);
-        byte t2 = TO_COMP_WORD_5(p, i, 2);
-        byte t3 = TO_COMP_WORD_5(p, i, 3);
-        byte t4 = TO_COMP_WORD_5(p, i, 4);
-        byte t5 = TO_COMP_WORD_5(p, i, 5);
-        byte t6 = TO_COMP_WORD_5(p, i, 6);
-        byte t7 = TO_COMP_WORD_5(p, i, 7);
-
-        /* Pack eight 5-bit values into byte array. */
-        b[0] = (t0 >> 0) | (t1 << 5);
-        b[1] = (t1 >> 3) | (t2 << 2) | (t3 << 7);
-        b[2] = (t3 >> 1) | (t4 << 4);
-        b[3] = (t4 >> 4) | (t5 << 1) | (t6 << 6);
-        b[4] = (t6 >> 2) | (t7 << 3);
-    #endif
-
-        /* Move over set bytes. */
-        b += 5;
-    }
-}
-
-/* Compress a polynomial into byte array - on coefficients into 5 bits.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  b       Array of bytes.
- * @param  [in]   p       Polynomial.
- */
-void mlkem_compress_5(byte* b, sword16* p)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_compress_5_avx2(b, p);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_compress_5_c(b, p);
-    }
-}
-#endif
-#endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE || !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-/* Decompress a 4 bit value.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  p  Polynomial.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @param  [in]  t  Value to decompress.
- * @return  Decompressed value.
- */
-#define DECOMP_4(p, i, j, t) \
-    p[(i) + (j)] = ((word16)((t) * MLKEM_Q) + 8) >> 4
-
-/* Decompress a 5 bit value.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [in]  p  Polynomial.
- * @param  [in]  i  Index into polynomial.
- * @param  [in]  j  Offset from indices.
- * @param  [in]  t  Value to decompress.
- * @return  Decompressed value.
- */
-#define DECOMP_5(p, i, j, t) \
-    p[(i) + (j)] = (((word32)((t) & 0x1f) * MLKEM_Q) + 16) >> 5
-
-#if defined(WOLFSSL_KYBER512) || defined(WOLFSSL_WC_ML_KEM_512) || \
-    defined(WOLFSSL_KYBER768) || defined(WOLFSSL_WC_ML_KEM_768)
-/* Decompress the byte array of packed 4 bits into polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  p       Polynomial.
- * @param  [in]   b       Array of bytes.
- */
-static void mlkem_decompress_4_c(sword16* p, const byte* b)
-{
-    unsigned int i;
-
-    /* 2 coefficients at a time. */
-    for (i = 0; i < MLKEM_N; i += 2) {
-        /* 2 coefficients decompressed from one byte. */
-        DECOMP_4(p, i, 0, b[0] & 0xf);
-        DECOMP_4(p, i, 1, b[0] >>  4);
-        b += 1;
-    }
-}
-
-/* Decompress the byte array of packed 4 bits into polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  p       Polynomial.
- * @param  [in]   b       Array of bytes.
- */
-void mlkem_decompress_4(sword16* p, const byte* b)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_decompress_4_avx2(p, b);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_decompress_4_c(p, b);
-    }
-}
-#endif
-#if defined(WOLFSSL_KYBER1024) || defined(WOLFSSL_WC_ML_KEM_1024)
-/* Decompress the byte array of packed 5 bits into polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  p       Polynomial.
- * @param  [in]   b       Array of bytes.
- */
-static void mlkem_decompress_5_c(sword16* p, const byte* b)
-{
-    unsigned int i;
-
-    /* Each 8 polynomial coefficients. */
-    for (i = 0; i < MLKEM_N; i += 8) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-        byte t[8];
-
-        /* Extract out 8 values of 5 bits each. */
-        t[0] = (b[0] >> 0);
-        t[1] = (b[0] >> 5) | (b[1] << 3);
-        t[2] = (b[1] >> 2);
-        t[3] = (b[1] >> 7) | (b[2] << 1);
-        t[4] = (b[2] >> 4) | (b[3] << 4);
-        t[5] = (b[3] >> 1);
-        t[6] = (b[3] >> 6) | (b[4] << 2);
-        t[7] = (b[4] >> 3);
-        b += 5;
-
-        /* Decompress 8 values. */
-        for (j = 0; j < 8; j++) {
-            DECOMP_5(p, i, j, t[j]);
-        }
-    #else
-        /* Extract out 8 values of 5 bits each. */
-        byte t0 = (b[0] >> 0);
-        byte t1 = (b[0] >> 5) | (b[1] << 3);
-        byte t2 = (b[1] >> 2);
-        byte t3 = (b[1] >> 7) | (b[2] << 1);
-        byte t4 = (b[2] >> 4) | (b[3] << 4);
-        byte t5 = (b[3] >> 1);
-        byte t6 = (b[3] >> 6) | (b[4] << 2);
-        byte t7 = (b[4] >> 3);
-        b += 5;
-
-        /* Decompress 8 values. */
-        DECOMP_5(p, i, 0, t0);
-        DECOMP_5(p, i, 1, t1);
-        DECOMP_5(p, i, 2, t2);
-        DECOMP_5(p, i, 3, t3);
-        DECOMP_5(p, i, 4, t4);
-        DECOMP_5(p, i, 5, t5);
-        DECOMP_5(p, i, 6, t6);
-        DECOMP_5(p, i, 7, t7);
-    #endif
-    }
-}
-
-/* Decompress the byte array of packed 5 bits into polynomial.
- *
- * FIPS 203, Section 4.2.1, Compression and decompression
- *
- * @param  [out]  p       Polynomial.
- * @param  [in]   b       Array of bytes.
- */
-void mlkem_decompress_5(sword16* p, const byte* b)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_decompress_5_avx2(p, b);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_decompress_5_c(p, b);
-    }
-}
-#endif
-#endif /* !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-/******************************************************************************/
-
-#if !(defined(__aarch64__) && defined(WOLFSSL_ARMASM))
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-/* Convert bit from byte to 0 or (MLKEM_Q + 1) / 2.
- *
- * Constant time implementation.
- * XOR in mlkem_opt_blocker to ensure optimizer doesn't know what will be ANDed
- * with MLKEM_Q_1_HALF and can't optimize to non-constant time code.
- *
- * FIPS 203, Algorithm 6: ByteDecode_d(B)
- *
- * @param  [out]  p    Polynomial to hold converted value.
- * @param  [in]   msg  Message to get bit from byte from.
- * @param  [in]   i    Index of byte from message.
- * @param  [in]   j    Index of bit in byte.
- */
-#define FROM_MSG_BIT(p, msg, i, j) \
-    ((p)[8 * (i) + (j)] = (((sword16)0 - (sword16)(((msg)[i] >> (j)) & 1)) ^ \
-                          mlkem_opt_blocker) & MLKEM_Q_1_HALF)
-
-/* Convert message to polynomial.
- *
- * FIPS 203, Algorithm 6: ByteDecode_d(B)
- *
- * @param  [out]  p    Polynomial.
- * @param  [in]   msg  Message as a byte array.
- */
-static void mlkem_from_msg_c(sword16* p, const byte* msg)
-{
-    unsigned int i;
-
-    /* For each byte of the message. */
-    for (i = 0; i < MLKEM_N / 8; i++) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-        /* For each bit of the message. */
-        for (j = 0; j < 8; j++) {
-            FROM_MSG_BIT(p, msg, i, j);
-        }
-    #else
-        FROM_MSG_BIT(p, msg, i, 0);
-        FROM_MSG_BIT(p, msg, i, 1);
-        FROM_MSG_BIT(p, msg, i, 2);
-        FROM_MSG_BIT(p, msg, i, 3);
-        FROM_MSG_BIT(p, msg, i, 4);
-        FROM_MSG_BIT(p, msg, i, 5);
-        FROM_MSG_BIT(p, msg, i, 6);
-        FROM_MSG_BIT(p, msg, i, 7);
-    #endif
-    }
-}
-
-/* Convert message to polynomial.
- *
- * FIPS 203, Algorithm 6: ByteDecode_d(B)
- *
- * @param  [out]  p    Polynomial.
- * @param  [in]   msg  Message as a byte array.
- */
-void mlkem_from_msg(sword16* p, const byte* msg)
-{
-#ifdef USE_INTEL_SPEEDUP
-    if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        mlkem_from_msg_avx2(p, msg);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_from_msg_c(p, msg);
-    }
-}
-#endif
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-#ifdef CONV_WITH_DIV
-
-/* Convert to value to bit.
- *
- * Uses div operator that may be slow.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  m   Message.
- * @param  [in]   p   Polynomial.
- * @param  [in]   i   Index of byte in message.
- * @param  [in]   j   Index of bit in byte.
- */
-#define TO_MSG_BIT(m, p, i, j) \
-    m[i] |= (((((sword16)p[8 * i + j] << 1) + MLKEM_Q_HALF) / MLKEM_Q) & 1) << j
-
-#else
-
-/* Multiplier that does div q. */
-#define MLKEM_V31       (((1U << 31) + (MLKEM_Q / 2)) / MLKEM_Q)
-/* 2 * multiplier that does div q. Only need bit 32 of result. */
-#define MLKEM_V31_2     ((word32)(MLKEM_V31 * 2))
-/* Multiplier times half of q. */
-#define MLKEM_V31_HALF    ((word32)(MLKEM_V31 * MLKEM_Q_HALF))
-
-/* Convert to value to bit.
- *
- * Uses mul instead of div.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  m   Message.
- * @param  [in]   p   Polynomial.
- * @param  [in]   i   Index of byte in message.
- * @param  [in]   j   Index of bit in byte.
- */
-#define TO_MSG_BIT(m, p, i, j) \
-    (m)[i] |= ((word32)((MLKEM_V31_2 * (p)[8 * (i) + (j)]) + \
-                        MLKEM_V31_HALF) >> 31) << (j)
-
-#endif /* CONV_WITH_DIV */
-
-/* Convert polynomial to message.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  msg  Message as a byte array.
- * @param  [in]   p    Polynomial.
- */
-static void mlkem_to_msg_c(byte* msg, sword16* p)
-{
-    unsigned int i;
-
-    /* Reduce each coefficient to mod q. */
-    mlkem_csubq_c(p);
-    /* All values are now in range. */
-
-    for (i = 0; i < MLKEM_N / 8; i++) {
-    #ifdef WOLFSSL_MLKEM_SMALL
-        unsigned int j;
-        msg[i] = 0;
-        for (j = 0; j < 8; j++) {
-            TO_MSG_BIT(msg, p, i, j);
-        }
-    #else
-        msg[i] = 0;
-        TO_MSG_BIT(msg, p, i, 0);
-        TO_MSG_BIT(msg, p, i, 1);
-        TO_MSG_BIT(msg, p, i, 2);
-        TO_MSG_BIT(msg, p, i, 3);
-        TO_MSG_BIT(msg, p, i, 4);
-        TO_MSG_BIT(msg, p, i, 5);
-        TO_MSG_BIT(msg, p, i, 6);
-        TO_MSG_BIT(msg, p, i, 7);
-    #endif
-    }
-}
-
-/* Convert polynomial to message.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  msg  Message as a byte array.
- * @param  [in]   p    Polynomial.
- */
-void mlkem_to_msg(byte* msg, sword16* p)
-{
-#ifdef USE_INTEL_SPEEDUP
-     if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        /* Convert the polynomial into a array of bytes (message). */
-        mlkem_to_msg_avx2(msg, p);
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_to_msg_c(msg, p);
-    }
-}
-#endif /* !WOLFSSL_MLKEM_NO_DECAPSULATE */
-#else
-#if !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
-    !defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
-/* Convert message to polynomial.
- *
- * FIPS 203, Algorithm 6: ByteDecode_d(B)
- *
- * @param  [out]  p    Polynomial.
- * @param  [in]   msg  Message as a byte array.
- */
-void mlkem_from_msg(sword16* p, const byte* msg)
-{
-    mlkem_from_msg_neon(p, msg);
-}
-#endif /* !WOLFSSL_MLKEM_NO_ENCAPSULATE || !WOLFSSL_MLKEM_NO_DECAPSULATE */
-
-#ifndef WOLFSSL_MLKEM_NO_DECAPSULATE
-/* Convert polynomial to message.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  msg  Message as a byte array.
- * @param  [in]   p    Polynomial.
- */
-void mlkem_to_msg(byte* msg, sword16* p)
-{
-    mlkem_to_msg_neon(msg, p);
-}
-#endif /* WOLFSSL_MLKEM_NO_DECAPSULATE */
-#endif /* !(__aarch64__ && WOLFSSL_ARMASM) */
-
-/******************************************************************************/
-
-/* Convert bytes to polynomial.
- *
- * Consecutive 12 bits hold each coefficient of polynomial.
- * Used in decoding private and public keys.
- *
- * FIPS 203, Algorithm 6: ByteDecode_d(B)
- *
- * @param  [out]  p  Vector of polynomials.
- * @param  [in]   b  Array of bytes.
- * @param  [in]   k  Number of polynomials in vector.
- */
-static void mlkem_from_bytes_c(sword16* p, const byte* b, int k)
-{
-    int i;
-    int j;
-
-    for (j = 0; j < k; j++) {
-        for (i = 0; i < MLKEM_N / 2; i++) {
-            p[2 * i + 0] = ((b[3 * i + 0] >> 0) |
-                            ((word16)b[3 * i + 1] << 8)) & 0xfff;
-            p[2 * i + 1] = ((b[3 * i + 1] >> 4) |
-                            ((word16)b[3 * i + 2] << 4)) & 0xfff;
-        }
-        p += MLKEM_N;
-        b += WC_ML_KEM_POLY_SIZE;
-    }
-}
-
-/* Convert bytes to polynomial.
- *
- * Consecutive 12 bits hold each coefficient of polynomial.
- * Used in decoding private and public keys.
- *
- * FIPS 203, Algorithm 6: ByteDecode_d(B)
- *
- * @param  [out]  p  Vector of polynomials.
- * @param  [in]   b  Array of bytes.
- * @param  [in]   k  Number of polynomials in vector.
- */
-void mlkem_from_bytes(sword16* p, const byte* b, int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-     if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        int i;
-
-        for (i = 0; i < k; i++) {
-            mlkem_from_bytes_avx2(p, b);
-            p += MLKEM_N;
-            b += WC_ML_KEM_POLY_SIZE;
-        }
-
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_from_bytes_c(p, b, k);
-    }
-}
-
-/* Convert polynomial to bytes.
- *
- * Consecutive 12 bits hold each coefficient of polynomial.
- * Used in encoding private and public keys.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  b  Array of bytes.
- * @param  [in]   p  Polynomial.
- * @param  [in]   k  Number of polynomials in vector.
- */
-static void mlkem_to_bytes_c(byte* b, sword16* p, int k)
-{
-    int i;
-    int j;
-
-    for (j = 0; j < k; j++) {
-        /* Reduce each coefficient to mod q. */
-        mlkem_csubq_c(p);
-        /* All values are now positive. */
-
-        for (i = 0; i < MLKEM_N / 2; i++) {
-            word16 t0 = p[2 * i];
-            word16 t1 = p[2 * i + 1];
-            b[3 * i + 0] = (t0 >> 0);
-            b[3 * i + 1] = (t0 >> 8) | t1 << 4;
-            b[3 * i + 2] = (t1 >> 4);
-        }
-        p += MLKEM_N;
-        b += WC_ML_KEM_POLY_SIZE;
-    }
-}
-
-/* Convert polynomial to bytes.
- *
- * Consecutive 12 bits hold each coefficient of polynomial.
- * Used in encoding private and public keys.
- *
- * FIPS 203, Algorithm 6: ByteEncode_d(F)
- *
- * @param  [out]  b  Array of bytes.
- * @param  [in]   p  Polynomial.
- * @param  [in]   k  Number of polynomials in vector.
- */
-void mlkem_to_bytes(byte* b, sword16* p, int k)
-{
-#ifdef USE_INTEL_SPEEDUP
-     if (IS_INTEL_AVX2(cpuid_flags) && (SAVE_VECTOR_REGISTERS2() == 0)) {
-        int i;
-
-        for (i = 0; i < k; i++) {
-            mlkem_to_bytes_avx2(b, p);
-            p += MLKEM_N;
-            b += WC_ML_KEM_POLY_SIZE;
-        }
-
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else
-#endif
-    {
-        mlkem_to_bytes_c(b, p, k);
-    }
-}
-
-#endif /* WOLFSSL_WC_MLKEM */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_pkcs11.c b/src/ssl/wolfssl/wolfcrypt/wc_pkcs11.c
deleted file mode 100644
index d272a3158..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_pkcs11.c
+++ /dev/null
@@ -1,4437 +0,0 @@
-/* wc_pkcs11.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_PKCS11
-
-#ifndef HAVE_PKCS11_STATIC
-#include <dlfcn.h>
-#endif
-
-#include <wolfssl/wolfcrypt/wc_pkcs11.h>
-#include <wolfssl/wolfcrypt/asn.h>
-#ifndef NO_RSA
-    #include <wolfssl/wolfcrypt/rsa.h>
-#endif
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
-    /* FIPS build has replaced ecc.h. */
-    #define wc_ecc_key_get_priv(key) (&((key)->k))
-    #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
-#endif
-
-#if defined(NO_PKCS11_RSA) && !defined(NO_RSA)
-    #define NO_RSA
-#endif
-#if defined(NO_PKCS11_ECC) && defined(HAVE_ECC)
-    #undef HAVE_ECC
-#endif
-#if defined(NO_PKCS11_AES) && !defined(NO_AES)
-    #define NO_AES
-#endif
-#if defined(NO_PKCS11_AESGCM) && defined(HAVE_AESGCM)
-    #undef HAVE_AESGCM
-#endif
-#if defined(NO_PKCS11_AESCBC) && defined(HAVE_AES_CBC)
-    #undef HAVE_AES_CBC
-#endif
-#if defined(NO_PKCS11_HMAC) && !defined(NO_HMAC)
-    #define NO_HMAC
-#endif
-#if defined(NO_PKCS11_RNG) && !defined(WC_NO_RNG)
-    #define WC_NO_RNG
-#endif
-
-
-/* Maximum length of the EC parameter string. */
-#define MAX_EC_PARAM_LEN   16
-
-
-#if defined(HAVE_ECC) && !defined(NO_PKCS11_ECDH)
-/* Pointer to false required for templates. */
-static CK_BBOOL ckFalse = CK_FALSE;
-#endif
-#if !defined(NO_RSA) || defined(HAVE_ECC) || (!defined(NO_AES) && \
-           (defined(HAVE_AESGCM) || defined(HAVE_AES_CBC))) || !defined(NO_HMAC)
-/* Pointer to true required for templates. */
-static CK_BBOOL ckTrue  = CK_TRUE;
-#endif
-
-#ifndef NO_RSA
-/* Pointer to RSA key type required for templates. */
-static CK_KEY_TYPE rsaKeyType  = CKK_RSA;
-#endif
-#ifdef HAVE_ECC
-/* Pointer to EC key type required for templates. */
-static CK_KEY_TYPE ecKeyType   = CKK_EC;
-#endif
-#if !defined(NO_RSA) || defined(HAVE_ECC)
-/* Pointer to public key class required for templates. */
-static CK_OBJECT_CLASS pubKeyClass     = CKO_PUBLIC_KEY;
-/* Pointer to private key class required for templates. */
-static CK_OBJECT_CLASS privKeyClass    = CKO_PRIVATE_KEY;
-#endif
-#if (!defined(NO_AES) && (defined(HAVE_AESGCM) || defined(HAVE_AES_CBC))) || \
-            !defined(NO_HMAC) || (defined(HAVE_ECC) && !defined(NO_PKCS11_ECDH))
-/* Pointer to secret key class required for templates. */
-static CK_OBJECT_CLASS secretKeyClass  = CKO_SECRET_KEY;
-#endif
-
-#if (!defined(NO_AES) && (defined(WOLFSSL_AES_COUNTER)))
-/* AES CTR parameter structure for PKCS#11. */
-typedef struct CK_AES_CTR_PARAMS {
-    CK_ULONG ulCounterBits;
-    CK_BYTE  cb[WC_AES_BLOCK_SIZE];
-} CK_AES_CTR_PARAMS;
-#endif
-
-static CK_OBJECT_CLASS certClass  = CKO_CERTIFICATE;
-
-#ifdef WOLFSSL_DEBUG_PKCS11
-/* Enable logging of PKCS#11 calls and return value. */
-#define PKCS11_RV(op, rv)       pkcs11_rv(op, rv)
-/* Enable logging of PKCS#11 calls and value. */
-#define PKCS11_VAL(op, val)     pkcs11_val(op, val)
-/* Enable logging of PKCS#11 template. */
-#define PKCS11_DUMP_TEMPLATE(name, templ, cnt)  \
-    pkcs11_dump_template(name, templ, cnt)
-
-/* Formats of template items - used to instruct how to log information. */
-enum PKCS11_TYPE_FORMATS {
-    PKCS11_FMT_BOOLEAN,
-    PKCS11_FMT_CLASS,
-    PKCS11_FMT_KEY_TYPE,
-    PKCS11_FMT_STRING,
-    PKCS11_FMT_NUMBER,
-    PKCS11_FMT_DATA,
-    PKCS11_FMT_POINTER
-};
-/* Information for logging a template item. */
-static struct PKCS11_TYPE_STR {
-    /** Attribute type in template. */
-    CK_ATTRIBUTE_TYPE type;
-    /** String to log corresponding to attribute type. */
-    const char* str;
-    /** Format of data associated with template item. */
-    int format;
-} typeStr[] = {
-    { CKA_CLASS,            "CKA_CLASS",              PKCS11_FMT_CLASS      },
-    { CKA_TOKEN,            "CKA_TOKEN",              PKCS11_FMT_POINTER    },
-    { CKA_PRIVATE,          "CKA_PRIVATE",            PKCS11_FMT_BOOLEAN    },
-    { CKA_LABEL,            "CKA_LABEL",              PKCS11_FMT_STRING     },
-    { CKA_VALUE,            "CKA_VALUE",              PKCS11_FMT_DATA       },
-    { CKA_OBJECT_ID,        "CKA_OBJECT_ID",          PKCS11_FMT_POINTER    },
-    { CKA_KEY_TYPE,         "CKA_KEY_TYPE",           PKCS11_FMT_KEY_TYPE   },
-    { CKA_ID,               "CKA_ID",                 PKCS11_FMT_DATA       },
-    { CKA_SENSITIVE,        "CKA_SENSITIVE",          PKCS11_FMT_BOOLEAN    },
-    { CKA_ENCRYPT,          "CKA_ENCRYPT",            PKCS11_FMT_BOOLEAN    },
-    { CKA_DECRYPT,          "CKA_DECRYPT",            PKCS11_FMT_BOOLEAN    },
-    { CKA_SIGN,             "CKA_SIGN",               PKCS11_FMT_BOOLEAN    },
-    { CKA_VERIFY,           "CKA_VERIFY",             PKCS11_FMT_BOOLEAN    },
-    { CKA_DERIVE,           "CKA_DERIVE",             PKCS11_FMT_BOOLEAN    },
-    { CKA_MODULUS_BITS,     "CKA_MODULUS_BITS",       PKCS11_FMT_NUMBER     },
-    { CKA_MODULUS,          "CKA_MODULUS",            PKCS11_FMT_DATA       },
-    { CKA_PUBLIC_EXPONENT,  "CKA_PUBLIC_EXPONENT",    PKCS11_FMT_DATA       },
-    { CKA_PRIVATE_EXPONENT, "CKA_PRIVATE_EXPONENT",   PKCS11_FMT_DATA       },
-    { CKA_PRIME_1,          "CKA_PRIME_1",            PKCS11_FMT_DATA       },
-    { CKA_PRIME_2,          "CKA_PRIME_2",            PKCS11_FMT_DATA       },
-    { CKA_EXPONENT_1,       "CKA_EXPONENT_1",         PKCS11_FMT_DATA       },
-    { CKA_EXPONENT_2,       "CKA_EXPONENT_2",         PKCS11_FMT_DATA       },
-    { CKA_VALUE_LEN,        "CKA_VALUE_LEN",          PKCS11_FMT_NUMBER     },
-    { CKA_COEFFICIENT,      "CKA_COEFFICIENT",        PKCS11_FMT_DATA       },
-    { CKA_EXTRACTABLE,      "CKA_EXTRACTABLE",        PKCS11_FMT_BOOLEAN    },
-    { CKA_EC_PARAMS,        "CKA_EC_PARAMS",          PKCS11_FMT_DATA       },
-    { CKA_EC_POINT,         "CKA_EC_POINT",           PKCS11_FMT_DATA       },
-};
-/* Count of known attribute types for logging. */
-#define PKCS11_TYPE_STR_CNT  ((int)(sizeof(typeStr) / sizeof(*typeStr)))
-
-/*
- * Dump/log the PKCS #11 template.
- *
- * This is only for debugging purposes. Only the values needed are recognised.
- *
- * @param  [in]  name   PKCS #11 template name.
- * @param  [in]  templ  PKCS #11 template to dump.
- * @param  [in]  cnt    Count of template entries.
- */
-static void pkcs11_dump_template(const char* name, CK_ATTRIBUTE* templ,
-                                 CK_ULONG cnt)
-{
-    CK_ULONG i;
-    int j;
-    char line[80];
-    char type[25];
-    int format;
-    CK_KEY_TYPE keyType;
-    CK_OBJECT_CLASS keyClass;
-
-    WOLFSSL_MSG(name);
-
-    for (i = 0; i < cnt; i++) {
-        format = PKCS11_FMT_POINTER;
-
-        for (j = 0; j < PKCS11_TYPE_STR_CNT; j++) {
-            if (templ[i].type == typeStr[j].type) {
-                XSNPRINTF(type, sizeof(type), "%s", typeStr[j].str);
-                format = typeStr[j].format;
-                break;
-            }
-        }
-        if (j == PKCS11_TYPE_STR_CNT) {
-            XSNPRINTF(type, sizeof(type), "%08lxUL", templ[i].type);
-        }
-
-        switch (format) {
-        case PKCS11_FMT_BOOLEAN:
-#if !defined(NO_RSA) || defined(HAVE_ECC) || (!defined(NO_AES) && \
-           (defined(HAVE_AESGCM) || defined(HAVE_AES_CBC))) || !defined(NO_HMAC)
-            if (templ[i].pValue == &ckTrue) {
-                XSNPRINTF(line, sizeof(line), "%25s: TRUE", type);
-                WOLFSSL_MSG(line);
-            }
-            else
-#endif
-#if defined(HAVE_ECC) && !defined(NO_PKCS11_ECDH)
-            if (templ[i].pValue == &ckFalse) {
-                XSNPRINTF(line, sizeof(line), "%25s: FALSE", type);
-                WOLFSSL_MSG(line);
-            }
-            else
-#endif
-            {
-                XSNPRINTF(line, sizeof(line), "%25s: INVALID (%p)", type,
-                          templ[i].pValue);
-                WOLFSSL_MSG(line);
-            }
-            break;
-        case PKCS11_FMT_CLASS:
-            keyClass = *(CK_OBJECT_CLASS*)templ[i].pValue;
-            if (keyClass == CKO_PUBLIC_KEY) {
-                XSNPRINTF(line, sizeof(line), "%25s: PUBLIC", type);
-                WOLFSSL_MSG(line);
-            }
-            else if (keyClass == CKO_PRIVATE_KEY) {
-                XSNPRINTF(line, sizeof(line), "%25s: PRIVATE", type);
-                WOLFSSL_MSG(line);
-            }
-            else if (keyClass == CKO_SECRET_KEY) {
-                XSNPRINTF(line, sizeof(line), "%25s: SECRET", type);
-                WOLFSSL_MSG(line);
-            }
-            else if (keyClass == CKO_CERTIFICATE) {
-                XSNPRINTF(line, sizeof(line), "%25s: CERTIFICATE", type);
-                WOLFSSL_MSG(line);
-            }
-            else
-            {
-                XSNPRINTF(line, sizeof(line), "%25s: UNKNOWN (%p)", type,
-                          templ[i].pValue);
-                WOLFSSL_MSG(line);
-            }
-            break;
-        case PKCS11_FMT_KEY_TYPE:
-            keyType = *(CK_KEY_TYPE*)templ[i].pValue;
-            switch (keyType) {
-            case CKK_RSA:
-                XSNPRINTF(line, sizeof(line), "%25s: RSA", type);
-                break;
-            case CKK_DH:
-                XSNPRINTF(line, sizeof(line), "%25s: DH", type);
-                break;
-            case CKK_EC:
-                XSNPRINTF(line, sizeof(line), "%25s: EC", type);
-                break;
-            case CKK_GENERIC_SECRET:
-                XSNPRINTF(line, sizeof(line), "%25s: GENERIC_SECRET", type);
-                break;
-            case CKK_AES:
-                XSNPRINTF(line, sizeof(line), "%25s: AES", type);
-                break;
-            case CKK_MD5_HMAC:
-                XSNPRINTF(line, sizeof(line), "%25s: MD5_HMAC", type);
-                break;
-            case CKK_SHA_1_HMAC:
-                XSNPRINTF(line, sizeof(line), "%25s: SHA_1_HMAC", type);
-                break;
-            case CKK_SHA256_HMAC:
-                XSNPRINTF(line, sizeof(line), "%25s: SHA256_HMAC", type);
-                break;
-            case CKK_SHA384_HMAC:
-                XSNPRINTF(line, sizeof(line), "%25s: SHA384_HMAC", type);
-                break;
-            case CKK_SHA512_HMAC:
-                XSNPRINTF(line, sizeof(line), "%25s: SHA512_HMAC", type);
-                break;
-            case CKK_SHA224_HMAC:
-                XSNPRINTF(line, sizeof(line), "%25s: SHA224_HMAC", type);
-                break;
-            default:
-                XSNPRINTF(line, sizeof(line), "%25s: UNKNOWN (%08lx)", type,
-                          keyType);
-                break;
-            }
-            WOLFSSL_MSG(line);
-            break;
-        case PKCS11_FMT_STRING:
-            XSNPRINTF(line, sizeof(line), "%25s: %s", type,
-                      (char*)templ[i].pValue);
-            WOLFSSL_MSG(line);
-            break;
-        case PKCS11_FMT_NUMBER:
-            if (templ[i].ulValueLen <= 1) {
-                XSNPRINTF(line, sizeof(line), "%25s: 0x%02x (%d)", type,
-                          *(byte*)templ[i].pValue, *(byte*)templ[i].pValue);
-            }
-            else if (templ[i].ulValueLen <= 2) {
-                XSNPRINTF(line, sizeof(line), "%25s: 0x%04x (%d)", type,
-                          *(word16*)templ[i].pValue, *(word16*)templ[i].pValue);
-            }
-            else if (templ[i].ulValueLen <= 4) {
-                XSNPRINTF(line, sizeof(line), "%25s: 0x%08x (%d)", type,
-                          *(word32*)templ[i].pValue, *(word32*)templ[i].pValue);
-            }
-            else if (templ[i].ulValueLen <= 8) {
-                XSNPRINTF(line, sizeof(line), "%25s: 0x%016lx (%ld)", type,
-                          *(word64*)templ[i].pValue, *(word64*)templ[i].pValue);
-            }
-            else {
-                XSNPRINTF(line, sizeof(line), "%25s: INVALID (%ld)", type,
-                          templ[i].ulValueLen);
-            }
-            WOLFSSL_MSG(line);
-            break;
-        case PKCS11_FMT_DATA:
-            XSNPRINTF(line, sizeof(line), "%25s: %ld", type,
-                      templ[i].ulValueLen);
-            WOLFSSL_MSG(line);
-            if (templ[i].pValue == NULL) {
-                XSNPRINTF(line, sizeof(line), "%27s(nil)", "");
-                WOLFSSL_MSG(line);
-                break;
-            }
-            XSNPRINTF(line, sizeof(line), "%27s", "");
-            for (j = 0; j < (int)templ[i].ulValueLen && j < 80; j++) {
-                char hex[6];
-                XSNPRINTF(hex, sizeof(hex), "0x%02x,",
-                          ((byte*)templ[i].pValue)[j]);
-                XSTRNCAT(line, hex, 5);
-                if ((j % 8) == 7) {
-                    WOLFSSL_MSG(line);
-                    XSNPRINTF(line, sizeof(line), "%27s", "");
-                }
-            }
-            if (j == (int)templ[i].ulValueLen) {
-                if ((j % 8) != 0) {
-                    WOLFSSL_MSG(line);
-                }
-            }
-            else if (j < (int)templ[i].ulValueLen) {
-                XSNPRINTF(line, sizeof(line), "%27s...", "");
-                WOLFSSL_MSG(line);
-            }
-            break;
-        case PKCS11_FMT_POINTER:
-            XSNPRINTF(line, sizeof(line), "%25s: %p %ld", type, templ[i].pValue,
-                      templ[i].ulValueLen);
-            WOLFSSL_MSG(line);
-            break;
-        }
-    }
-}
-
-/*
- * Log a PKCS #11 return value with the name of function called.
- *
- * This is only for debugging purposes. Only the values needed are recognized.
- *
- * @param  [in]  op  PKCS #11 operation that was attempted.
- * @param  [in]  rv  PKCS #11 return value.
- */
-static void pkcs11_rv(const char* op, CK_RV rv)
-{
-    char line[80];
-
-    if (rv == CKR_OK) {
-        XSNPRINTF(line, 80, "%s: OK", op);
-    }
-    else if (rv == CKR_MECHANISM_INVALID) {
-        XSNPRINTF(line, 80, "%s: MECHANISM_INVALID", op);
-    }
-    else if (rv == CKR_SIGNATURE_INVALID) {
-        XSNPRINTF(line, 80, "%s: SIGNATURE_INVALID", op);
-    }
-    else {
-        XSNPRINTF(line, 80, "%s: %08lxUL (FAILED)", op, rv);
-    }
-
-    WOLFSSL_MSG(line);
-}
-
-/*
- * Log a value from a PKCS #11 operation.
- *
- * This is only for debugging purposes.
- *
- * @param  [in]  op   PKCS #11 operation that was attempted.
- * @param  [in]  val  Value to log.
- */
-static void pkcs11_val(const char* op, CK_ULONG val)
-{
-    char line[80];
-
-    XSNPRINTF(line, 80, "%s: %ld", op, val);
-
-    WOLFSSL_MSG(line);
-}
-#else
-/* Disable logging of PKCS#11 calls and return value. */
-#define PKCS11_RV(op, ev) WC_DO_NOTHING
-/* Disable logging of PKCS#11 calls and value. */
-#define PKCS11_VAL(op, val) WC_DO_NOTHING
-/* Disable logging of PKCS#11 template. */
-#define PKCS11_DUMP_TEMPLATE(name, templ, cnt) WC_DO_NOTHING
-#endif
-
-/**
- * Load library, get function list and initialize PKCS#11.
- *
- * @param  [in]  dev      Device object.
- * @param  [in]  library  Library name including path.
- * @param  [in]  heap     Heap hint.
- * @return  BAD_FUNC_ARG when dev or library are NULL pointers.
- * @return  BAD_PATH_ERROR when dynamic library cannot be opened.
- * @return  WC_INIT_E when the initialization PKCS#11 fails.
- * @return  WC_HW_E when unable to get PKCS#11 function list.
- * @return  0 on success.
- */
-int wc_Pkcs11_Initialize(Pkcs11Dev* dev, const char* library, void* heap)
-{
-    return wc_Pkcs11_Initialize_ex(dev, library, heap, NULL);
-}
-
-/**
- * Load library, get function list and initialize PKCS#11.
- *
- * @param  [in]   dev      Device object.
- * @param  [in]   library  Library name including path.
- * @param  [in]   heap     Heap hint.
- * @param  [out]  rvp      PKCS#11 return value. Last return value seen.
- *                         May be NULL.
- * @return  BAD_FUNC_ARG when dev or library are NULL pointers.
- * @return  BAD_PATH_ERROR when dynamic library cannot be opened.
- * @return  WC_INIT_E when the initialization PKCS#11 fails.
- * @return  WC_HW_E when unable to get PKCS#11 function list.
- * @return  0 on success.
- */
-int wc_Pkcs11_Initialize_ex(Pkcs11Dev* dev, const char* library, void* heap,
-                            CK_RV* rvp)
-{
-    int                  ret = 0;
-    CK_RV                rv = CKR_OK;
-#ifndef HAVE_PKCS11_STATIC
-    void*                func;
-#endif
-    CK_C_INITIALIZE_ARGS args;
-
-    if (dev == NULL || library == NULL)
-        ret = BAD_FUNC_ARG;
-
-    if (ret == 0) {
-        dev->heap = heap;
-#ifndef HAVE_PKCS11_STATIC
-        dev->dlHandle = dlopen(library, RTLD_NOW | RTLD_LOCAL);
-        if (dev->dlHandle == NULL) {
-            WOLFSSL_MSG(dlerror());
-            ret = BAD_PATH_ERROR;
-        }
-    }
-
-    if (ret == 0) {
-        dev->func = NULL;
-        func = dlsym(dev->dlHandle, "C_GetFunctionList");
-        if (func == NULL) {
-            WOLFSSL_MSG(dlerror());
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        rv = ((CK_C_GetFunctionList)func)(&dev->func);
-#else
-        rv = C_GetFunctionList(&dev->func);
-#endif
-        if (rv != CKR_OK) {
-            PKCS11_RV("CK_C_GetFunctionList", ret);
-            ret = WC_HW_E;
-        }
-    }
-
-    if (ret == 0) {
-        XMEMSET(&args, 0x00, sizeof(args));
-        args.flags = CKF_OS_LOCKING_OK;
-        rv = dev->func->C_Initialize(&args);
-        if (rv != CKR_OK) {
-            PKCS11_RV("C_Initialize", ret);
-            ret = WC_INIT_E;
-        }
-    }
-
-    if (rvp != NULL) {
-        *rvp = rv;
-    }
-
-    if (ret != 0) {
-        wc_Pkcs11_Finalize(dev);
-    }
-
-    return ret;
-}
-
-/**
- * Close the Pkcs#11 library.
- *
- * @param  [in]  dev  Device object.
- */
-void wc_Pkcs11_Finalize(Pkcs11Dev* dev)
-{
-    if (dev != NULL
-#ifndef HAVE_PKCS11_STATIC
-        && dev->dlHandle != NULL
-#endif
-        ) {
-        if (dev->func != NULL) {
-            dev->func->C_Finalize(NULL);
-            dev->func = NULL;
-        }
-#ifndef HAVE_PKCS11_STATIC
-        dlclose(dev->dlHandle);
-        dev->dlHandle = NULL;
-#endif
-    }
-}
-
-/* lookup by token name and return slotId or (-1) if not found */
-static int Pkcs11Slot_FindByTokenName(Pkcs11Dev* dev,
-    const char* tokenName, size_t tokenNameSz)
-{
-    int           ret = -1;
-    CK_RV         rv;
-    CK_ULONG      slotCnt = 0;
-    CK_TOKEN_INFO tinfo;
-    int           idx = -1;
-    CK_SLOT_ID*   slot = NULL;
-
-    rv = dev->func->C_GetSlotList(CK_TRUE, NULL, &slotCnt);
-    if (rv == CKR_OK) {
-        slot = (CK_SLOT_ID*)XMALLOC(slotCnt * sizeof(*slot), dev->heap,
-                                   DYNAMIC_TYPE_TMP_BUFFER);
-        if (slot == NULL)
-            goto out;
-        rv = dev->func->C_GetSlotList(CK_TRUE, slot, &slotCnt);
-        if (rv != CKR_OK)
-            goto out;
-        for (idx = 0; idx < (int)slotCnt; idx++) {
-            rv = dev->func->C_GetTokenInfo(slot[idx], &tinfo);
-            PKCS11_RV("C_GetTokenInfo", rv);
-            if (rv == CKR_OK &&
-                XMEMCMP(tinfo.label, tokenName, tokenNameSz) == 0) {
-                ret =  (int)slot[idx];
-                break;
-            }
-        }
-    }
-
-out:
-    XFREE(slot, dev->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    return ret;
-}
-
-/* lookup by slotId or tokenName */
-static int Pkcs11Token_Init(Pkcs11Token* token, Pkcs11Dev* dev, int slotId,
-    const char* tokenName, size_t tokenNameSz)
-{
-    int         ret = 0;
-    CK_RV       rv;
-    CK_SLOT_ID* slot = NULL;
-    CK_ULONG    slotCnt = 0;
-
-    if (token == NULL || dev == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        if (slotId < 0) {
-            rv = dev->func->C_GetSlotList(CK_TRUE, NULL, &slotCnt);
-            PKCS11_RV("C_GetSlotList", rv);
-            if (rv != CKR_OK) {
-                ret = WC_HW_E;
-            }
-            if (ret == 0) {
-                slot = (CK_SLOT_ID*)XMALLOC(slotCnt * sizeof(*slot), dev->heap,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-                if (slot == NULL)
-                    ret = MEMORY_E;
-            }
-            if (ret == 0) {
-                rv = dev->func->C_GetSlotList(CK_TRUE, slot, &slotCnt);
-                PKCS11_RV("C_GetSlotList", rv);
-                if (rv != CKR_OK) {
-                    ret = WC_HW_E;
-                }
-            }
-            if (ret == 0) {
-                if (tokenName != NULL && tokenNameSz > 0) {
-                    /* find based on token name */
-                    slotId = Pkcs11Slot_FindByTokenName(dev,
-                        tokenName, tokenNameSz);
-                }
-                else {
-                    /* Use first available slot with a token. */
-                    slotId = (int)slot[0];
-                }
-            }
-        }
-        else {
-            /* verify slotId is valid */
-            CK_SLOT_INFO sinfo;
-            rv = dev->func->C_GetSlotInfo(slotId, &sinfo);
-            PKCS11_RV("C_GetSlotInfo", rv);
-            if (rv != CKR_OK) {
-                ret = WC_INIT_E;
-            }
-        }
-    }
-    if (ret == 0) {
-        token->func = dev->func;
-        token->slotId = (CK_SLOT_ID)slotId;
-        token->handle = NULL_PTR;
-        token->userPin = NULL_PTR;
-        token->userPinSz = 0;
-        token->userPinLogin = 0;
-    }
-
-    XFREE(slot, dev->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/**
- * Set up a token for use. Lookup by slotId or tokenName. Set User PIN.
- *
- * @param  [in]  token      Token object.
- * @param  [in]  dev        PKCS#11 device object.
- * @param  [in]  slotId     Slot number of the token.<br>
- *                          Passing -1 uses the first available slot.
- * @param  [in]  tokenName  Name of token to initialize (optional)
- * @param  [in]  userPin    PIN to use to login as user.
- * @param  [in]  userPinSz  Number of bytes in PIN.
- * @return  BAD_FUNC_ARG when token, dev and/or tokenName is NULL.
- * @return  WC_INIT_E when initializing token fails.
- * @return  WC_HW_E when another PKCS#11 library call fails.
- * @return  0 on success.
- */
-int wc_Pkcs11Token_Init(Pkcs11Token* token, Pkcs11Dev* dev, int slotId,
-    const char* tokenName, const unsigned char* userPin, int userPinSz)
-{
-    int ret;
-    size_t tokenNameSz = 0;
-
-    if (tokenName != NULL) {
-        tokenNameSz = XSTRLEN(tokenName);
-    }
-    ret = Pkcs11Token_Init(token, dev, slotId, tokenName, tokenNameSz);
-    if (ret == 0 && userPin != NULL) {
-        token->userPin = (CK_UTF8CHAR_PTR)userPin;
-        token->userPinSz = (CK_ULONG)userPinSz;
-        token->userPinLogin = 1;
-    }
-
-    return ret;
-}
-
-/**
- * Set up a token for use. Lookup by slotId or tokenName.
- *
- * @param  [in]  token      Token object.
- * @param  [in]  dev        PKCS#11 device object.
- * @param  [in]  slotId     Slot number of the token.<br>
- *                          Passing -1 uses the first available slot.
- * @param  [in]  tokenName  Name of token to initialize (optional)
- * @return  BAD_FUNC_ARG when token, dev and/or tokenName is NULL.
- * @return  WC_INIT_E when initializing token fails.
- * @return  WC_HW_E when another PKCS#11 library call fails.
- * @return  0 on success.
- */
-int wc_Pkcs11Token_Init_NoLogin(Pkcs11Token* token, Pkcs11Dev* dev, int slotId,
-    const char* tokenName)
-{
-    size_t tokenNameSz = 0;
-    if (tokenName != NULL) {
-        tokenNameSz = XSTRLEN(tokenName);
-    }
-    return Pkcs11Token_Init(token, dev, slotId, tokenName, tokenNameSz);
-}
-
-/**
- * Set up a token for use. Lookup by slotId or tokenName/size. Set User PIN.
- *
- * @param  [in]  token       Token object.
- * @param  [in]  dev         PKCS#11 device object.
- * @param  [in]  tokenName   Name of token to initialize.
- * @param  [in]  tokenNameSz Name size for token
- * @param  [in]  userPin     PIN to use to login as user.
- * @param  [in]  userPinSz   Number of bytes in PIN.
- * @return  BAD_FUNC_ARG when token, dev and/or tokenName is NULL.
- * @return  WC_INIT_E when initializing token fails.
- * @return  WC_HW_E when another PKCS#11 library call fails.
- * @return  0 on success.
- */
-int wc_Pkcs11Token_InitName(Pkcs11Token* token, Pkcs11Dev* dev,
-    const char* tokenName, int tokenNameSz,
-    const unsigned char* userPin, int userPinSz)
-{
-    int ret = Pkcs11Token_Init(token, dev, -1, tokenName, (size_t)tokenNameSz);
-    if (ret == 0 && userPin != NULL) {
-        token->userPin = (CK_UTF8CHAR_PTR)userPin;
-        token->userPinSz = (CK_ULONG)userPinSz;
-        token->userPinLogin = 1;
-    }
-
-    return ret;
-}
-
-/**
- * Set up a token for use. Lookup by slotId or tokenName/size.
- *
- * @param  [in]  token       Token object.
- * @param  [in]  dev         PKCS#11 device object.
- * @param  [in]  tokenName   Name of token to initialize.
- * @param  [in]  tokenNameSz Name size for token
- * @param  [in]  userPin     PIN to use to login as user.
- * @param  [in]  userPinSz   Number of bytes in PIN.
- * @return  BAD_FUNC_ARG when token, dev and/or tokenName is NULL.
- * @return  WC_INIT_E when initializing token fails.
- * @return  WC_HW_E when another PKCS#11 library call fails.
- * @return  0 on success.
- */
-int wc_Pkcs11Token_InitName_NoLogin(Pkcs11Token* token, Pkcs11Dev* dev,
-    const char* tokenName, int tokenNameSz)
-{
-    return Pkcs11Token_Init(token, dev, -1, tokenName, (size_t)tokenNameSz);
-}
-
-/**
- * Finalize token.
- * Closes all sessions on token.
- *
- * @param  [in]  token  Token object.
- */
-void wc_Pkcs11Token_Final(Pkcs11Token* token)
-{
-    if (token != NULL && token->func != NULL) {
-        token->func->C_CloseAllSessions(token->slotId);
-        token->handle = NULL_PTR;
-        ForceZero(token->userPin, (word32)token->userPinSz);
-    }
-}
-
-/**
- * Open a session on a token.
- *
- * @param  [in]  token      Token object.
- * @param  [in]  session    Session object.
- * @param  [in]  readWrite  Boolean indicating to open session for Read/Write.
- * @return  BAD_FUNC_ARG when token or session is NULL.
- * @return  WC_HW_E when opening the session fails.
- * @return  0 on success.
- */
-static int Pkcs11OpenSession(Pkcs11Token* token, Pkcs11Session* session,
-                             int readWrite)
-{
-    int   ret = 0;
-    CK_RV rv;
-
-    if (token == NULL || session == NULL)
-        ret = BAD_FUNC_ARG;
-
-    if (ret == 0) {
-        if (token->handle != NULL_PTR)
-            session->handle = token->handle;
-        else {
-            /* Create a new session. */
-            CK_FLAGS flags = CKF_SERIAL_SESSION;
-
-            if (readWrite)
-                flags |= CKF_RW_SESSION;
-
-            rv = token->func->C_OpenSession(token->slotId, flags,
-                                            (CK_VOID_PTR)NULL, (CK_NOTIFY)NULL,
-                                            &session->handle);
-            PKCS11_RV("C_OpenSession", rv);
-            if (rv != CKR_OK) {
-                ret = WC_HW_E;
-            }
-            if (ret == 0 && token->userPinLogin) {
-                rv = token->func->C_Login(session->handle, CKU_USER,
-                                              token->userPin, token->userPinSz);
-                PKCS11_RV("C_Login", rv);
-                if (rv != CKR_OK) {
-                    ret = WC_HW_E;
-                }
-            }
-        }
-    }
-    if (ret == 0) {
-        session->func = token->func;
-        session->slotId = token->slotId;
-    }
-
-    return ret;
-}
-
-/**
- * Close a session on a token.
- * Won't close a session created externally.
- *
- * @param  [in]  token    Token object.
- * @param  [in]  session  Session object.
- */
-static void Pkcs11CloseSession(Pkcs11Token* token, Pkcs11Session* session)
-{
-    if (token != NULL && session != NULL && token->handle != session->handle) {
-        if (token->userPin != NULL)
-            session->func->C_Logout(session->handle);
-        session->func->C_CloseSession(session->handle);
-    }
-}
-
-/**
- * Open a session on the token to be used for all operations.
- *
- * @param  [in]  token      Token object.
- * @param  [in]  readWrite  Boolean indicating to open session for Read/Write.
- * @return  BAD_FUNC_ARG when token is NULL.
- * @return  WC_HW_E when opening the session fails.
- * @return  0 on success.
- */
-int wc_Pkcs11Token_Open(Pkcs11Token* token, int readWrite)
-{
-    int ret = 0;
-    Pkcs11Session session;
-
-    if (token == NULL)
-        ret = BAD_FUNC_ARG;
-
-    if (ret == 0) {
-        ret = Pkcs11OpenSession(token, &session, readWrite);
-        token->handle = session.handle;
-    }
-
-    return ret;
-}
-
-/**
- * Close the token's session.
- * All object, like keys, will be destroyed.
- *
- * @param  [in]  token  Token object.
- */
-void wc_Pkcs11Token_Close(Pkcs11Token* token)
-{
-    Pkcs11Session session;
-
-    if (token != NULL) {
-        session.func = token->func;
-        session.handle = token->handle;
-        token->handle = NULL_PTR;
-        Pkcs11CloseSession(token, &session);
-    }
-}
-
-
-#if (!defined(NO_AES) && (defined(HAVE_AESGCM) || defined(HAVE_AES_CBC))) || \
-                                                               !defined(NO_HMAC)
-/*
- * Create a secret key.
- *
- * @param  [out]  key       Handle to key object.
- * @param  [in]   session   Session object.
- * @param  [in]   keyType   Type of secret key to create.
- * @param  [in]   data      Data of the secret key.
- * @param  [in]   len       Length of data in bytes.
- * @param  [in]   id        Identifier to set against key.
- * @param  [in]   idLen     Length of identifier.
- * @param  [in]   label     Label to set against key.
- * @param  [in]   labelLen  Length of label.
- * @param  [in]   op        Operation to support with key.
- * @return   WC_HW_E when another PKCS#11 library call fails.
- * @return   0 on success.
- */
-static int Pkcs11CreateSecretKey(CK_OBJECT_HANDLE* key, Pkcs11Session* session,
-                                 CK_KEY_TYPE keyType, unsigned char* data,
-                                 int len, unsigned char* id, int idLen,
-                                 char* label, int labelLen, int op)
-{
-    int              ret = 0;
-    CK_RV            rv;
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE     keyTemplateEncDec[] = {
-        { CKA_CLASS,    &secretKeyClass, sizeof(secretKeyClass) },
-        { CKA_KEY_TYPE, &keyType,        sizeof(keyType)        },
-        { CKA_ENCRYPT,  &ckTrue,         sizeof(ckTrue)         },
-        { CKA_DECRYPT,  &ckTrue,         sizeof(ckTrue)         },
-        { CKA_VALUE,    NULL,            0                      },
-        { 0,            NULL,            0                      },
-        { 0,            NULL,            0                      }
-    };
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE     keyTemplateSignVfy[] = {
-        { CKA_CLASS,    &secretKeyClass, sizeof(secretKeyClass) },
-        { CKA_KEY_TYPE, &keyType,        sizeof(keyType)        },
-        { CKA_SIGN,     &ckTrue,         sizeof(ckTrue)         },
-        { CKA_VERIFY,   &ckTrue,         sizeof(ckTrue)         },
-        { CKA_VALUE,    NULL,            0                      },
-        { 0,            NULL,            0                      },
-        { 0,            NULL,            0                      }
-    };
-    CK_ATTRIBUTE*    keyTemplate = NULL;
-    /* 5 mandatory entries + 2 optional. */
-    int              keyTmplCnt = 5;
-
-    WOLFSSL_MSG("PKCS#11: Create Secret Key");
-
-    if (op == CKA_ENCRYPT || op == CKA_DECRYPT) {
-        keyTemplate = keyTemplateEncDec;
-    }
-    else if (op == CKA_SIGN) {
-        keyTemplate = keyTemplateSignVfy;
-    }
-    else {
-        WOLFSSL_MSG("PKCS#11: Invalid operation type");
-        ret = WC_HW_E;
-    }
-    if (ret == 0) {
-        /* Set the secret to store. */
-        keyTemplate[keyTmplCnt-1].pValue     = data;
-        keyTemplate[keyTmplCnt-1].ulValueLen = (CK_ULONG)len;
-
-        if (labelLen > 0) {
-            keyTemplate[keyTmplCnt].type       = CKA_LABEL;
-            keyTemplate[keyTmplCnt].pValue     = label;
-            keyTemplate[keyTmplCnt].ulValueLen = labelLen;
-            keyTmplCnt++;
-        }
-        if (idLen > 0) {
-            keyTemplate[keyTmplCnt].type       = CKA_ID;
-            keyTemplate[keyTmplCnt].pValue     = id;
-            keyTemplate[keyTmplCnt].ulValueLen = idLen;
-            keyTmplCnt++;
-        }
-
-        PKCS11_DUMP_TEMPLATE("Secret Key", keyTemplate, keyTmplCnt);
-        /* Create an object containing key data for device to use. */
-        rv = session->func->C_CreateObject(session->handle, keyTemplate,
-                                           keyTmplCnt, key);
-        PKCS11_RV("C_CreateObject", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    return ret;
-}
-#endif
-
-#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-/**
- * Create a PKCS#11 object containing the RSA private key data.
- *
- * @param  [out]  privateKey  Handle to private key object.
- * @param  [in]   session     Session object.
- * @param  [in]   rsaKey      RSA key with private key data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11CreateRsaPrivateKey(CK_OBJECT_HANDLE* privateKey,
-                                     Pkcs11Session* session,
-                                     RsaKey* rsaKey, int permanent)
-{
-    int             ret = 0;
-    CK_RV           rv;
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE    keyTemplate[] = {
-        { CKA_CLASS,            &privKeyClass, sizeof(privKeyClass) },
-        { CKA_KEY_TYPE,         &rsaKeyType,   sizeof(rsaKeyType)   },
-        { CKA_DECRYPT,          &ckTrue,       sizeof(ckTrue)       },
-        { CKA_SIGN,             &ckTrue,       sizeof(ckTrue)       },
-        { CKA_MODULUS,          NULL,          0                    },
-        { CKA_PRIVATE_EXPONENT, NULL,          0                    },
-        { CKA_PRIME_1,          NULL,          0                    },
-        { CKA_PRIME_2,          NULL,          0                    },
-        { CKA_EXPONENT_1,       NULL,          0                    },
-        { CKA_EXPONENT_2,       NULL,          0                    },
-        { CKA_COEFFICIENT,      NULL,          0                    },
-        { CKA_PUBLIC_EXPONENT,  NULL,          0                    },
-        { 0,                    NULL,          0                    },
-        { 0,                    NULL,          0                    }
-    };
-    /* Mandatory entries + 2 optional. */
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate) - 2;
-
-    /* Set the modulus and private key data. */
-    keyTemplate[ 4].pValue     = rsaKey->n.raw.buf;
-    keyTemplate[ 4].ulValueLen = rsaKey->n.raw.len;
-    keyTemplate[ 5].pValue     = rsaKey->d.raw.buf;
-    keyTemplate[ 5].ulValueLen = rsaKey->d.raw.len;
-    keyTemplate[ 6].pValue     = rsaKey->p.raw.buf;
-    keyTemplate[ 6].ulValueLen = rsaKey->p.raw.len;
-    keyTemplate[ 7].pValue     = rsaKey->q.raw.buf;
-    keyTemplate[ 7].ulValueLen = rsaKey->q.raw.len;
-    keyTemplate[ 8].pValue     = rsaKey->dP.raw.buf;
-    keyTemplate[ 8].ulValueLen = rsaKey->dP.raw.len;
-    keyTemplate[ 9].pValue     = rsaKey->dQ.raw.buf;
-    keyTemplate[ 9].ulValueLen = rsaKey->dQ.raw.len;
-    keyTemplate[10].pValue     = rsaKey->u.raw.buf;
-    keyTemplate[10].ulValueLen = rsaKey->u.raw.len;
-    keyTemplate[11].pValue     = rsaKey->e.raw.buf;
-    keyTemplate[11].ulValueLen = rsaKey->e.raw.len;
-
-    if (permanent && rsaKey->labelLen > 0) {
-        keyTemplate[keyTmplCnt].type       = CKA_LABEL;
-        keyTemplate[keyTmplCnt].pValue     = rsaKey->label;
-        keyTemplate[keyTmplCnt].ulValueLen = rsaKey->labelLen;
-        keyTmplCnt++;
-    }
-    if (permanent && rsaKey->idLen > 0) {
-        keyTemplate[keyTmplCnt].type       = CKA_ID;
-        keyTemplate[keyTmplCnt].pValue     = rsaKey->id;
-        keyTemplate[keyTmplCnt].ulValueLen = rsaKey->idLen;
-        keyTmplCnt++;
-    }
-
-    PKCS11_DUMP_TEMPLATE("RSA Private Key", keyTemplate, keyTmplCnt);
-    rv = session->func->C_CreateObject(session->handle, keyTemplate, keyTmplCnt,
-                                                                    privateKey);
-    PKCS11_RV("C_CreateObject", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-
-    return ret;
-}
-#endif /* !NO_RSA && WOLFSSL_KEY_GEN */
-
-#ifdef HAVE_ECC
-/**
- * Set the ECC parameters into the template.
- *
- * @param  [in]  key   ECC key.
- * @param  [in]  tmpl  PKCS#11 template.
- * @param  [in]  idx   Index of template to put parameters into.
- * @return  NOT_COMPILED_IN when the EC parameters are not known.
- * @return  0 on success.
- */
-static int Pkcs11EccSetParams(ecc_key* key, CK_ATTRIBUTE* tmpl, int idx)
-{
-    int ret = 0;
-
-    if (key->dp != NULL && key->dp->oid != NULL) {
-        unsigned char* derParams = tmpl[idx].pValue;
-        /* ASN.1 encoding: OBJ + ecc parameters OID */
-        tmpl[idx].ulValueLen = key->dp->oidSz + 2;
-        derParams[0] = ASN_OBJECT_ID;
-        derParams[1] = key->dp->oidSz;
-        XMEMCPY(derParams + 2, key->dp->oid, key->dp->oidSz);
-    }
-    else
-        ret = NOT_COMPILED_IN;
-
-    return ret;
-}
-
-/**
- * Create a PKCS#11 object containing the ECC public key data.
- * Encode the public key as an OCTET_STRING of the encoded point.
- *
- * @param  [out]  publicKey    Handle to public key object.
- * @param  [in]   session      Session object.
- * @param  [in]   public_key   ECC public key.
- * @param  [in]   operation    Cryptographic operation key is to be used for.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11CreateEccPublicKey(CK_OBJECT_HANDLE* publicKey,
-                                    Pkcs11Session* session,
-                                    ecc_key* public_key,
-                                    CK_ATTRIBUTE_TYPE operation)
-{
-    int             ret = 0;
-    int             i;
-    unsigned char*  ecPoint = NULL;
-    word32          len;
-    CK_RV           rv;
-    CK_UTF8CHAR     params[MAX_EC_PARAM_LEN];
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE    keyTemplate[] = {
-        { CKA_CLASS,     &pubKeyClass, sizeof(pubKeyClass) },
-        { CKA_KEY_TYPE,  &ecKeyType,   sizeof(ecKeyType)   },
-        { operation,     &ckTrue,      sizeof(ckTrue)      },
-        { CKA_EC_PARAMS, params,       0                   },
-        { CKA_EC_POINT,  NULL,         0                   },
-        { 0,             NULL,         0                   },
-        { 0,             NULL,         0                   }
-    };
-    /* Mandatory entries + 2 optional. */
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate) - 2;
-
-    if (public_key->labelLen > 0) {
-        keyTemplate[keyTmplCnt].type       = CKA_LABEL;
-        keyTemplate[keyTmplCnt].pValue     = public_key->label;
-        keyTemplate[keyTmplCnt].ulValueLen = public_key->labelLen;
-        keyTmplCnt++;
-    }
-    if (public_key->idLen > 0) {
-        keyTemplate[keyTmplCnt].type       = CKA_ID;
-        keyTemplate[keyTmplCnt].pValue     = public_key->id;
-        keyTemplate[keyTmplCnt].ulValueLen = public_key->idLen;
-        keyTmplCnt++;
-    }
-
-    ret = Pkcs11EccSetParams(public_key, keyTemplate, 3);
-    if (ret == 0) {
-        /* ASN1 encoded: OCT + uncompressed point */
-        len = 3 + 1 + 2 * public_key->dp->size;
-        ecPoint = (unsigned char*)XMALLOC(len, public_key->heap,
-                                                              DYNAMIC_TYPE_ECC);
-        if (ecPoint == NULL)
-            ret = MEMORY_E;
-    }
-    if (ret == 0) {
-        len -= 3;
-        i = 0;
-        ecPoint[i++] = ASN_OCTET_STRING;
-        if (len >= ASN_LONG_LENGTH)
-            ecPoint[i++] = ASN_LONG_LENGTH | 1;
-        ecPoint[i++] = len;
-        if (public_key->type == 0)
-            public_key->type = ECC_PUBLICKEY;
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_export_x963(public_key, ecPoint + i, &len);
-        PRIVATE_KEY_LOCK();
-    }
-    if (ret == 0) {
-        keyTemplate[4].pValue     = ecPoint;
-        keyTemplate[4].ulValueLen = len + i;
-
-        PKCS11_DUMP_TEMPLATE("Ec Public Key", keyTemplate, keyTmplCnt);
-        rv = session->func->C_CreateObject(session->handle, keyTemplate,
-                                                         keyTmplCnt, publicKey);
-        PKCS11_RV("C_CreateObject", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    XFREE(ecPoint, public_key->heap, DYNAMIC_TYPE_ECC);
-
-    return ret;
-}
-
-/**
- * Create a PKCS#11 object containing the ECC private key data.
- *
- * @param  privateKey   [out]  Handle to private key object.
- * @param  session      [in]   Session object.
- * @param  private_key  [in]   ECC private key.
- * @param  operation    [in]   Cryptographic operation key is to be used for.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11CreateEccPrivateKey(CK_OBJECT_HANDLE* privateKey,
-                                     Pkcs11Session* session,
-                                     ecc_key* private_key,
-                                     CK_ATTRIBUTE_TYPE operation)
-{
-    int             ret = 0;
-    CK_RV           rv;
-    CK_UTF8CHAR     params[MAX_EC_PARAM_LEN];
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE    keyTemplate[] = {
-        { CKA_CLASS,     &privKeyClass, sizeof(privKeyClass) },
-        { CKA_KEY_TYPE,  &ecKeyType,    sizeof(ecKeyType)    },
-        { operation,     &ckTrue,       sizeof(ckTrue)       },
-        { CKA_EC_PARAMS, params,        0                    },
-        { CKA_VALUE,     NULL,          0                    },
-        { 0,             NULL,          0                    },
-        { 0,             NULL,          0                    }
-    };
-    /* Mandatory entries + 2 optional. */
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate) - 2;
-
-    if (private_key->labelLen > 0) {
-        keyTemplate[keyTmplCnt].type       = CKA_LABEL;
-        keyTemplate[keyTmplCnt].pValue     = private_key->label;
-        keyTemplate[keyTmplCnt].ulValueLen = private_key->labelLen;
-        keyTmplCnt++;
-    }
-    if (private_key->idLen > 0) {
-        keyTemplate[keyTmplCnt].type       = CKA_ID;
-        keyTemplate[keyTmplCnt].pValue     = private_key->id;
-        keyTemplate[keyTmplCnt].ulValueLen = private_key->idLen;
-        keyTmplCnt++;
-    }
-
-    ret = Pkcs11EccSetParams(private_key, keyTemplate, 3);
-    if (ret == 0) {
-        keyTemplate[4].pValue     = wc_ecc_key_get_priv(private_key)->raw.buf;
-        keyTemplate[4].ulValueLen = wc_ecc_key_get_priv(private_key)->raw.len;
-
-        PKCS11_DUMP_TEMPLATE("Ec Private Key", keyTemplate, keyTmplCnt);
-        rv = session->func->C_CreateObject(session->handle, keyTemplate,
-                                                        keyTmplCnt, privateKey);
-        PKCS11_RV("C_CreateObject", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    return ret;
-}
-#endif
-
-#if !defined(NO_RSA) || defined(HAVE_ECC) || (!defined(NO_AES) && \
-           (defined(HAVE_AESGCM) || defined(HAVE_AES_CBC))) || !defined(NO_HMAC)
-/**
- * Check if mechanism is available in session on token.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  mech     Mechanism to look for.
- * @return  NOT_COMPILED_IN when mechanism not available.
- * @return  0 when mechanism is available.
- */
-static int Pkcs11MechAvail(Pkcs11Session* session, CK_MECHANISM_TYPE mech)
-{
-    int               ret = 0;
-    CK_RV             rv;
-    CK_MECHANISM_INFO mechInfo;
-
-    rv = session->func->C_GetMechanismInfo(session->slotId, mech, &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK) {
-        ret = NOT_COMPILED_IN;
-    }
-
-    return ret;
-}
-#endif
-
-#ifndef NO_HMAC
-/**
- * Return the mechanism type and key type for the digest type when using HMAC.
- *
- * @param  [in]  macType   Digest type - e.g. WC_SHA256.
- * @param  [in]  mechType  Mechanism type - e.g. CKM_SHA256_HMAC.
- * @param  [in]  keyType   Key type - e.g. CKK_SHA256_HMAC.
- * @return  NOT_COMPILED_IN if the digest algorithm isn't recognised.
- * @return  0 otherwise.
- */
-static int Pkcs11HmacTypes(int macType, int* mechType, int* keyType)
-{
-    int ret = 0;
-
-    switch (macType)
-    {
-    #ifndef NO_MD5
-        case WC_MD5:
-            *mechType = CKM_MD5_HMAC;
-            *keyType = CKK_MD5_HMAC;
-            break;
-    #endif
-    #ifndef NO_SHA
-        case WC_SHA:
-            *mechType = CKM_SHA_1_HMAC;
-            *keyType = CKK_SHA_1_HMAC;
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA224
-        case WC_SHA224:
-            *mechType = CKM_SHA224_HMAC;
-            *keyType = CKK_SHA224_HMAC;
-            break;
-    #endif
-    #ifndef NO_SHA256
-        case WC_SHA256:
-            *mechType = CKM_SHA256_HMAC;
-            *keyType = CKK_SHA256_HMAC;
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA384
-        case WC_SHA384:
-            *mechType = CKM_SHA384_HMAC;
-            *keyType = CKK_SHA384_HMAC;
-            break;
-    #endif
-    #ifdef WOLFSSL_SHA512
-        case WC_SHA512:
-            *mechType = CKM_SHA512_HMAC;
-            *keyType = CKK_SHA512_HMAC;
-            break;
-    #endif
-        default:
-            ret = NOT_COMPILED_IN;
-            break;
-    }
-
-    return ret;
-}
-#endif
-
-/**
- * Store the private key on the token in the session.
- *
- * @param  [in]  token  Token to store private key on.
- * @param  [in]  type   Key type.
- * @param  [in]  clear  Clear out the private data from software key.
- * @param  [in]  key    Key type specific object.
- * @return  NOT_COMPILED_IN when mechanism not available.
- * @return  0 on success.
- */
-int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
-{
-    int               ret = 0;
-    Pkcs11Session     session;
-    CK_OBJECT_HANDLE  privKey = NULL_PTR;
-
-    ret = Pkcs11OpenSession(token, &session, 1);
-    if (ret == 0) {
-        switch (type) {
-    #if !defined(NO_AES) && defined(HAVE_AESGCM)
-            case PKCS11_KEY_TYPE_AES_GCM: {
-                Aes* aes = (Aes*)key;
-
-                ret = Pkcs11MechAvail(&session, CKM_AES_GCM);
-                if (ret == 0) {
-                    ret = Pkcs11CreateSecretKey(&privKey, &session, CKK_AES,
-                                                (unsigned char*)aes->devKey,
-                                                aes->keylen,
-                                                (unsigned char*)aes->id,
-                                                aes->idLen, aes->label,
-                                                aes->labelLen, CKA_ENCRYPT);
-                }
-                if (ret == 0 && clear)
-                    ForceZero(aes->devKey, aes->keylen);
-                break;
-            }
-    #endif
-    #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-            case PKCS11_KEY_TYPE_AES_CBC: {
-                Aes* aes = (Aes*)key;
-
-                ret = Pkcs11MechAvail(&session, CKM_AES_CBC);
-                if (ret == 0) {
-                    ret = Pkcs11CreateSecretKey(&privKey, &session, CKK_AES,
-                                                (unsigned char*)aes->devKey,
-                                                aes->keylen,
-                                                (unsigned char*)aes->id,
-                                                aes->idLen, aes->label,
-                                                aes->labelLen, CKA_ENCRYPT);
-                }
-                if (ret == 0 && clear)
-                    ForceZero(aes->devKey, aes->keylen);
-                break;
-            }
-    #endif
-    #ifndef NO_HMAC
-            case PKCS11_KEY_TYPE_HMAC: {
-                Hmac* hmac = (Hmac*)key;
-                int mechType;
-                int keyType;
-
-                ret = Pkcs11HmacTypes(hmac->macType, &mechType, &keyType);
-                if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
-                    break;
-
-                if (ret == 0)
-                    ret = Pkcs11MechAvail(&session, mechType);
-                if (ret == 0) {
-                    ret = Pkcs11CreateSecretKey(&privKey, &session, keyType,
-                                                (unsigned char*)hmac->keyRaw,
-                                                hmac->keyLen,
-                                                (unsigned char*)hmac->id,
-                                                hmac->idLen, hmac->label,
-                                                hmac->labelLen, CKA_SIGN);
-                    if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
-                        ret = Pkcs11CreateSecretKey(&privKey, &session,
-                                                   CKK_GENERIC_SECRET,
-                                                   (unsigned char*)hmac->keyRaw,
-                                                   hmac->keyLen,
-                                                   (unsigned char*)hmac->id,
-                                                   hmac->idLen, hmac->label,
-                                                   hmac->labelLen, CKA_SIGN);
-                    }
-                }
-                break;
-            }
-    #endif
-    #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-            case PKCS11_KEY_TYPE_RSA: {
-                RsaKey* rsaKey = (RsaKey*)key;
-
-                ret = Pkcs11MechAvail(&session, CKM_RSA_X_509);
-                if (ret == 0)
-                    ret = Pkcs11CreateRsaPrivateKey(&privKey, &session, rsaKey,
-                                                    1);
-                if (ret == 0 && clear) {
-                    mp_forcezero(&rsaKey->u);
-                    mp_forcezero(&rsaKey->dQ);
-                    mp_forcezero(&rsaKey->dP);
-                    mp_forcezero(&rsaKey->q);
-                    mp_forcezero(&rsaKey->p);
-                    mp_forcezero(&rsaKey->d);
-                }
-                break;
-            }
-    #endif
-    #ifdef HAVE_ECC
-            case PKCS11_KEY_TYPE_EC: {
-                ecc_key* eccKey = (ecc_key*)key;
-                int      ret2 = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-
-        #ifndef NO_PKCS11_ECDH
-                if ((eccKey->flags & WC_ECC_FLAG_DEC_SIGN) == 0) {
-                    /* Try ECDH mechanism first. */
-                    ret = Pkcs11MechAvail(&session, CKM_ECDH1_DERIVE);
-                    if (ret == 0) {
-                        ret = Pkcs11CreateEccPrivateKey(&privKey, &session,
-                                                            eccKey, CKA_DERIVE);
-                    }
-                }
-         #endif
-                if (ret == 0 || ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN)) {
-                    /* Try ECDSA mechanism next. */
-                    ret2 = Pkcs11MechAvail(&session, CKM_ECDSA);
-                    if (ret2 == 0) {
-                        ret2 = Pkcs11CreateEccPrivateKey(&privKey, &session,
-                                                              eccKey, CKA_SIGN);
-                        if (ret2 == 0) {
-                            CK_OBJECT_HANDLE pubKey = NULL_PTR;
-                            /* Store public key for validation with cert. */
-                            ret2 = Pkcs11CreateEccPublicKey(&pubKey, &session,
-                                                            eccKey, CKA_VERIFY);
-                        }
-                    }
-                    /* OK for this to fail if set for ECDH. */
-                    if (ret == WC_NO_ERR_TRACE(NOT_COMPILED_IN))
-                        ret = ret2;
-                }
-                if (ret == 0 && clear)
-                    mp_forcezero(wc_ecc_key_get_priv(eccKey));
-                break;
-            }
-    #endif
-            default:
-                ret = NOT_COMPILED_IN;
-                break;
-        }
-
-        Pkcs11CloseSession(token, &session);
-    }
-
-    (void)privKey;
-    (void)clear;
-    (void)key;
-
-    return ret;
-}
-
-#if !defined(NO_RSA) || defined(HAVE_ECC) || (!defined(NO_AES) && \
-           (defined(HAVE_AESGCM) || defined(HAVE_AES_CBC))) || \
-           !defined(NO_HMAC) || !defined(NO_CERTS)
-
-/**
- * Find the PKCS#11 object containing key data using template.
- *
- * @param  [out]  key          Handle to key object.
- * @param  [in]   session      Session object.
- * @param  [in]   keyTemplate  PKCS #11 template to use in search.
- * @param  [in]   keyTmplCnt   Count of entries in PKCS #11 template.
- * @param  [out]  count        Number of keys matching template.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11FindKeyByTemplate(CK_OBJECT_HANDLE* key,
-                                   Pkcs11Session* session,
-                                   CK_ATTRIBUTE *keyTemplate,
-                                   CK_ULONG keyTmplCnt,
-                                   CK_ULONG *count)
-{
-    int             ret = 0;
-    CK_RV           rv;
-
-    WOLFSSL_MSG("PKCS#11: Find Key By Template");
-
-    PKCS11_DUMP_TEMPLATE("Find Key", keyTemplate, keyTmplCnt);
-    rv = session->func->C_FindObjectsInit(session->handle, keyTemplate,
-                                                                    keyTmplCnt);
-    PKCS11_RV("C_FindObjectsInit", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    if (ret == 0) {
-        rv = session->func->C_FindObjects(session->handle, key, 1, count);
-        PKCS11_RV("C_FindObjects", rv);
-        PKCS11_VAL("C_FindObjects Count", *count);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-        rv = session->func->C_FindObjectsFinal(session->handle);
-        PKCS11_RV("C_FindObjectsFinal", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    return ret;
-}
-
-/**
- * Find the PKCS#11 object containing the private key data by label.
- *
- * @param  [out]  key       Handle to key object.
- * @param  [in]   keyClass  Public or private key class.
- * @param  [in]   keyType   Type of key.
- * @param  [in]   session   Session object.
- * @param  [in]   id        Identifier set against a key.
- * @param  [in]   idLen     Length of identifier.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11FindKeyByLabel(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
-                                CK_KEY_TYPE keyType, Pkcs11Session* session,
-                                char* label, int labelLen)
-{
-    int             ret = 0;
-    CK_ULONG        count;
-    CK_ATTRIBUTE    keyTemplate[] = {
-        { CKA_CLASS,           &keyClass, sizeof(keyClass)   },
-        { CKA_KEY_TYPE,        &keyType,  sizeof(keyType)    },
-        { CKA_LABEL,           label,     (CK_ULONG)labelLen }
-    };
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);
-
-    WOLFSSL_MSG("PKCS#11: Find Key By Label");
-
-    ret = Pkcs11FindKeyByTemplate(key, session, keyTemplate, keyTmplCnt,
-                                                                        &count);
-    if (ret == 0 && count == 0)
-        ret = WC_HW_E;
-
-    return ret;
-}
-
-/**
- * Find the PKCS#11 object containing the private key data by ID.
- *
- * @param  [out]  key       Handle to key object.
- * @param  [in]   keyClass  Public or private key class.
- * @param  [in]   keyType   Type of key.
- * @param  [in]   session   Session object.
- * @param  [in]   id        Identifier set against a key.
- * @param  [in]   idLen     Length of identifier.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11FindKeyById(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
-                             CK_KEY_TYPE keyType, Pkcs11Session* session,
-                             byte* id, int idLen)
-{
-    int             ret = 0;
-    CK_ULONG        count;
-    CK_ATTRIBUTE    keyTemplate[] = {
-#ifndef WC_PKCS11_FIND_WITH_ID_ONLY
-        { CKA_CLASS,           &keyClass, sizeof(keyClass) },
-        { CKA_KEY_TYPE,        &keyType,  sizeof(keyType)  },
-#endif
-        { CKA_ID,              id,        (CK_ULONG)idLen  }
-    };
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);
-
-    WOLFSSL_MSG("PKCS#11: Find Key By Id");
-
-    ret = Pkcs11FindKeyByTemplate(key, session, keyTemplate, keyTmplCnt,
-                                                                        &count);
-    if (ret == 0 && count == 0)
-        ret = WC_HW_E;
-
-    return ret;
-}
-#endif
-
-#ifndef NO_RSA
-/**
- * Find the PKCS#11 object containing the RSA public or private key data with
- * the modulus specified.
- *
- * @param  [out]  key       Handle to key object.
- * @param  [in]   keyClass  Public or private key class.
- * @param  [in]   session   Session object.
- * @param  [in]   rsaKey    RSA key with modulus to search on.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11FindRsaKey(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
-                            Pkcs11Session* session, RsaKey* rsaKey)
-{
-    CK_ULONG        count;
-    CK_ATTRIBUTE    keyTemplate[] = {
-        { CKA_CLASS,           &keyClass,   sizeof(keyClass)   },
-        { CKA_KEY_TYPE,        &rsaKeyType, sizeof(rsaKeyType) },
-        { CKA_MODULUS,         NULL,        0                  },
-    };
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);
-
-    /* Set the modulus. */
-    keyTemplate[2].pValue     = rsaKey->n.raw.buf;
-    keyTemplate[2].ulValueLen = rsaKey->n.raw.len;
-
-    return Pkcs11FindKeyByTemplate(key, session, keyTemplate, keyTmplCnt,
-                                                                        &count);
-}
-
-/**
- * Make a handle to a public RSA key.
- *
- * @param  [in]   session     Session object.
- * @param  [in]   rsaKey      RSA key with modulus to search on.
- * @param  [in]   sessionKey  Whether to create a session key.
- * @param  [out]  publicKey   Handle to public key object.
- */
-static int Pkcs11RsaPublicKey(Pkcs11Session* session, RsaKey* rsaKey,
-                              int sessionKey, CK_OBJECT_HANDLE* publicKey)
-{
-    int              ret = 0;
-    CK_RV            rv;
-    CK_ATTRIBUTE     keyTemplate[] = {
-        { CKA_CLASS,           &pubKeyClass, sizeof(pubKeyClass) },
-        { CKA_KEY_TYPE,        &rsaKeyType,  sizeof(rsaKeyType)  },
-        { CKA_ENCRYPT,         &ckTrue,      sizeof(ckTrue)      },
-        { CKA_MODULUS,         NULL,         0                   },
-        { CKA_PUBLIC_EXPONENT, NULL,         0                   }
-    };
-    CK_ULONG        keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);
-
-    if (sessionKey) {
-        /* Set the modulus and public exponent data. */
-        keyTemplate[3].pValue     = rsaKey->n.raw.buf;
-        keyTemplate[3].ulValueLen = rsaKey->n.raw.len;
-        keyTemplate[4].pValue     = rsaKey->e.raw.buf;
-        keyTemplate[4].ulValueLen = rsaKey->e.raw.len;
-
-        PKCS11_DUMP_TEMPLATE("RSA Public Key", keyTemplate, keyTmplCnt);
-        /* Create an object containing public key data for device to use. */
-        rv = session->func->C_CreateObject(session->handle, keyTemplate,
-                                                    keyTmplCnt, publicKey);
-        PKCS11_RV("C_CreateObject", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    else if (rsaKey->labelLen > 0) {
-        ret = Pkcs11FindKeyByLabel(publicKey, CKO_PUBLIC_KEY, CKK_RSA,
-                                   session, rsaKey->label, rsaKey->labelLen);
-    }
-    else {
-        ret = Pkcs11FindKeyById(publicKey, CKO_PUBLIC_KEY, CKK_RSA,
-                                session, rsaKey->id, rsaKey->idLen);
-    }
-
-    return ret;
-}
-
-/**
- * Get the RSA public key data from the PKCS#11 object.
- *
- * @param  [in]  key      RSA key to put the data into.
- * @param  [in]  session  Session object.
- * @param  [in]  pubkey   Public key object.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11GetRsaPublicKey(RsaKey* key, Pkcs11Session* session,
-                                 CK_OBJECT_HANDLE pubKey)
-{
-    int            ret = 0;
-    unsigned char* mod = NULL;
-    unsigned char* exp = NULL;
-    int            modSz, expSz;
-    CK_ATTRIBUTE   tmpl[] = {
-        { CKA_MODULUS,         NULL_PTR, 0 },
-        { CKA_PUBLIC_EXPONENT, NULL_PTR, 0 }
-    };
-    CK_ULONG       tmplCnt = sizeof(tmpl) / sizeof(*tmpl);
-    CK_RV rv;
-
-    PKCS11_DUMP_TEMPLATE("Get RSA Public Key Length", tmpl, tmplCnt);
-    rv = session->func->C_GetAttributeValue(session->handle, pubKey, tmpl,
-                                                                       tmplCnt);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    PKCS11_DUMP_TEMPLATE("RSA Public Key Length", tmpl, tmplCnt);
-
-    if (ret == 0) {
-        modSz = (int)tmpl[0].ulValueLen;
-        expSz = (int)tmpl[1].ulValueLen;
-        mod = (unsigned char*)XMALLOC(modSz, key->heap,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-        if (mod == NULL)
-            ret = MEMORY_E;
-    }
-    if (ret == 0) {
-        exp = (unsigned char*)XMALLOC(expSz, key->heap,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-        if (exp == NULL)
-            ret = MEMORY_E;
-    }
-    if (ret == 0) {
-        tmpl[0].pValue = mod;
-        tmpl[1].pValue = exp;
-
-        PKCS11_DUMP_TEMPLATE("Get RSA Public Key", tmpl, tmplCnt);
-        rv = session->func->C_GetAttributeValue(session->handle, pubKey,
-                                                                 tmpl, tmplCnt);
-        PKCS11_RV("C_GetAttributeValue", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-        PKCS11_DUMP_TEMPLATE("RSA Public Key", tmpl, tmplCnt);
-    }
-    if (ret == 0)
-        ret = wc_RsaPublicKeyDecodeRaw(mod, modSz, exp, expSz, key);
-
-    XFREE(exp, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFREE(mod, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-
-/**
- * Get the RSA modulus size in bytes from the PKCS#11 object.
- *
- * @param  [in]   session  Session object.
- * @param  [in]   pubkey   Public key object.
- * @param  [out]  modSize  Size of the modulus in bytes.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11GetRsaModulusSize(Pkcs11Session* session,
-                                   CK_OBJECT_HANDLE pubKey, int* modSize)
-{
-    int            ret = 0;
-    CK_ATTRIBUTE   tmpl[] = {
-        { CKA_MODULUS,         NULL_PTR, 0 }
-    };
-    CK_ULONG       tmplCnt = sizeof(tmpl) / sizeof(*tmpl);
-    CK_RV rv;
-
-    PKCS11_DUMP_TEMPLATE("Get RSA Modulus Length", tmpl, tmplCnt);
-    rv = session->func->C_GetAttributeValue(session->handle, pubKey, tmpl,
-                                                                       tmplCnt);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    PKCS11_DUMP_TEMPLATE("RSA Modulus Length", tmpl, tmplCnt);
-
-    if (ret == 0) {
-        *modSize = (int)tmpl[0].ulValueLen;
-    }
-
-    return ret;
-}
-
-/**
- * Make a handle to a private RSA key.
- *
- * @param  [in]   session     Session object.
- * @param  [in]   rsaKey      RSA key with modulus to search on.
- * @param  [in]   sessionKey  Whether to create a session key.
- * @param  [out]  publicKey   Handle to private key object.
- */
-static int Pkcs11RsaPrivateKey(Pkcs11Session* session, RsaKey* rsaKey,
-                               int sessionKey, CK_OBJECT_HANDLE* privateKey)
-{
-    int     ret;
-
-    if (sessionKey) {
-    #ifdef WOLFSSL_KEY_GEN
-        ret = Pkcs11CreateRsaPrivateKey(privateKey, session, rsaKey, 0);
-    #else
-        /* RSA Key Generation support not compiled in */
-        ret = NOT_COMPILED_IN;
-    #endif
-    }
-    else if (rsaKey->labelLen > 0) {
-        ret = Pkcs11FindKeyByLabel(privateKey, CKO_PRIVATE_KEY, CKK_RSA,
-                                   session, rsaKey->label, rsaKey->labelLen);
-    }
-    else if (rsaKey->idLen > 0) {
-        ret = Pkcs11FindKeyById(privateKey, CKO_PRIVATE_KEY, CKK_RSA, session,
-                                rsaKey->id, rsaKey->idLen);
-    }
-    else {
-        ret = Pkcs11FindRsaKey(privateKey, CKO_PRIVATE_KEY, session, rsaKey);
-    }
-
-    if ((ret == 0) && (!sessionKey)) {
-        ret = Pkcs11GetRsaPublicKey(rsaKey, session, *privateKey);
-    }
-
-    return ret;
-}
-
-/**
- * Get the hash length associated with the WolfCrypt hash type.
- *
- * @param  [in]   hType   Hash Type.
- * @return  -1 if hash type not recognized.
- * @return  hash length on success.
- */
-int wc_hash2sz(int hType)
-{
-    switch(hType) {
-    case WC_HASH_TYPE_SHA:
-        return 20;
-    case WC_HASH_TYPE_SHA224:
-        return 24;
-    case WC_HASH_TYPE_SHA256:
-        return 32;
-    case WC_HASH_TYPE_SHA384:
-        return 48;
-    case WC_HASH_TYPE_SHA512:
-        return 64;
-    default:
-        /* unsupported WC_HASH_TYPE_XXXX */
-        return -1;
-    }
-}
-
-/**
- * Get PKCS11 hash mechanism associated with the WolfCrypt hash type.
- *
- * @param  [in]   hType   Hash Type.
- * @return  0 if hash type not recognized.
- * @return  PKCS11 mechanism on success.
- */
-CK_MECHANISM_TYPE wc_hash2ckm(int hType)
-{
-    switch(hType) {
-    case WC_HASH_TYPE_SHA:
-        return CKM_SHA_1;
-    case WC_HASH_TYPE_SHA224:
-        return CKM_SHA224;
-    case WC_HASH_TYPE_SHA256:
-        return CKM_SHA256;
-    case WC_HASH_TYPE_SHA384:
-        return CKM_SHA384;
-    case WC_HASH_TYPE_SHA512:
-        return CKM_SHA512;
-    default:
-        /* unsupported WC_HASH_TYPE_XXXX */
-        return 0UL;
-    }
-}
-
-/**
- * Get PKCS11 MGF hash mechanism associated with the WolfCrypt MGF hash type.
- *
- * @param  [in]   mgf   MGF Type.
- * @return  0 if MGF type not recognized.
- * @return  PKCS11 MGF hash mechanism on success.
- */
-CK_MECHANISM_TYPE wc_mgf2ckm(int mgf)
-{
-    switch(mgf) {
-    case WC_MGF1SHA1:
-        return CKG_MGF1_SHA1;
-    case WC_MGF1SHA224:
-        return CKG_MGF1_SHA224;
-    case WC_MGF1SHA256:
-        return CKG_MGF1_SHA256;
-    case WC_MGF1SHA384:
-        return CKG_MGF1_SHA384;
-    case WC_MGF1SHA512:
-        return CKG_MGF1_SHA512;
-    default:
-        /* unsupported WC_MGF1XXXX */
-        return 0x0UL;
-    }
-}
-
-/**
- * Exponentiate the input with the public part of the RSA key.
- * Used in public encrypt and decrypt.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- *          0 on success.
- */
-static int Pkcs11RsaEncrypt(Pkcs11Session* session, wc_CryptoInfo* info,
-                            CK_OBJECT_HANDLE key)
-{
-    int              ret = 0;
-    CK_MECHANISM_TYPE mechanism = 0x0UL;
-    CK_RV            rv;
-    CK_MECHANISM     mech;
-    CK_ULONG         outLen;
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-    CK_RSA_PKCS_OAEP_PARAMS oaepParams;
-#endif
-
-    WOLFSSL_MSG("PKCS#11: RSA Public Key Operation");
-
-    if (info->pk.rsa.outLen == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    switch(info->pk.type) {
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-    case WC_PK_TYPE_RSA_PKCS:
-        mechanism = CKM_RSA_PKCS;
-        break;
-    case WC_PK_TYPE_RSA_OAEP:
-        mechanism = CKM_RSA_PKCS_OAEP;
-        break;
-#endif
-    case WC_PK_TYPE_RSA:
-        mechanism = CKM_RSA_X_509;
-        break;
-    }
-
-    if (ret == 0) {
-        /* Raw RSA encrypt/decrypt operation. */
-        mech.mechanism      = mechanism;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-        if (mechanism == CKM_RSA_PKCS_OAEP) {
-            XMEMSET(&oaepParams, 0, sizeof(oaepParams));
-            mech.ulParameterLen = sizeof(CK_RSA_PKCS_OAEP_PARAMS);
-            mech.pParameter = &oaepParams;
-            oaepParams.source = CKZ_DATA_SPECIFIED;
-            oaepParams.hashAlg = wc_hash2ckm(info->pk.rsa.padding->hash);
-            oaepParams.mgf = wc_mgf2ckm(info->pk.rsa.padding->mgf);
-        }
-#endif
-
-        rv = session->func->C_EncryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_EncryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = (CK_ULONG)*info->pk.rsa.outLen;
-        rv = session->func->C_Encrypt(session->handle,
-                (CK_BYTE_PTR)info->pk.rsa.in, info->pk.rsa.inLen,
-                info->pk.rsa.out, &outLen);
-        PKCS11_RV("C_Encrypt", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        *info->pk.rsa.outLen = (word32)outLen;
-    }
-
-    return ret;
-}
-
-/**
- * Exponentiate the input with the private part of the RSA key.
- * Used in private encrypt and decrypt.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @param  [in]  func     Function to perform - decrypt or sign.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11RsaDecrypt(Pkcs11Session* session, wc_CryptoInfo* info,
-                            CK_OBJECT_HANDLE key)
-{
-    int              ret = 0;
-    CK_MECHANISM_TYPE mechanism = 0x0UL;
-    CK_RV            rv;
-    CK_MECHANISM     mech;
-    CK_ULONG         outLen;
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-    CK_RSA_PKCS_OAEP_PARAMS oaepParams;
-#endif
-
-    WOLFSSL_MSG("PKCS#11: RSA Private Key Operation");
-
-    if (info->pk.rsa.outLen == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    switch(info->pk.type) {
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-    case WC_PK_TYPE_RSA_PKCS:
-        mechanism = CKM_RSA_PKCS;
-        break;
-    case WC_PK_TYPE_RSA_OAEP:
-        mechanism = CKM_RSA_PKCS_OAEP;
-        break;
-#endif
-    case WC_PK_TYPE_RSA:
-        mechanism = CKM_RSA_X_509;
-        break;
-    }
-
-    if (ret == 0) {
-        /* Raw RSA encrypt/decrypt operation. */
-        mech.mechanism      = mechanism;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-        if (mechanism == CKM_RSA_PKCS_OAEP) {
-            XMEMSET(&oaepParams, 0, sizeof(oaepParams));
-            mech.ulParameterLen = sizeof(CK_RSA_PKCS_OAEP_PARAMS);
-            mech.pParameter = &oaepParams;
-            oaepParams.source = CKZ_DATA_SPECIFIED;
-            oaepParams.hashAlg = wc_hash2ckm(info->pk.rsa.padding->hash);
-            oaepParams.mgf = wc_mgf2ckm(info->pk.rsa.padding->mgf);
-        }
-#endif
-
-        rv = session->func->C_DecryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_DecryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        PKCS11_VAL("C_Decrypt inLen", info->pk.rsa.inLen);
-        PKCS11_VAL("C_Decrypt outLen", *info->pk.rsa.outLen);
-        outLen = (CK_ULONG)*info->pk.rsa.outLen;
-        rv = session->func->C_Decrypt(session->handle,
-                (CK_BYTE_PTR)info->pk.rsa.in, info->pk.rsa.inLen,
-                info->pk.rsa.out, &outLen);
-        PKCS11_RV("C_Decrypt", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        *info->pk.rsa.outLen = (word32)outLen;
-    }
-
-    return ret;
-}
-
-/**
- * Exponentiate the input with the private part of the RSA key.
- * Used in private encrypt and decrypt.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @param  [in]  func     Function to perform - decrypt or sign.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11RsaSign(Pkcs11Session* session, wc_CryptoInfo* info,
-                         CK_OBJECT_HANDLE key)
-{
-    int              ret = 0;
-    CK_RV            rv;
-    CK_MECHANISM     mech;
-    CK_ULONG         outLen;
-    CK_MECHANISM_TYPE      mechanism;
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-    CK_RSA_PKCS_PSS_PARAMS pssParams;
-    int hLen;
-    int saltLen;
-#endif
-
-    WOLFSSL_MSG("PKCS#11: RSA Private Key Operation");
-
-    if (info->pk.rsa.outLen == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    switch(info->pk.type) {
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-    case WC_PK_TYPE_RSA_PKCS:
-        mechanism = CKM_RSA_PKCS;
-        break;
-    case WC_PK_TYPE_RSA_PSS:
-        mechanism = CKM_RSA_PKCS_PSS;
-        break;
-#endif /* WOLF_CRYPTO_CB_RSA_PAD */
-    default:
-        mechanism = CKM_RSA_X_509;
-        break;
-    }
-
-    if (ret == 0) {
-        /* Raw RSA encrypt/decrypt operation. */
-        mech.mechanism      = mechanism;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-#ifdef WOLF_CRYPTO_CB_RSA_PAD
-        if (mechanism == CKM_RSA_PKCS_PSS) {
-            mech.ulParameterLen = sizeof(CK_RSA_PKCS_PSS_PARAMS);
-            mech.pParameter = &pssParams;
-            pssParams.hashAlg = wc_hash2ckm(info->pk.rsa.padding->hash);
-            pssParams.mgf = wc_mgf2ckm(info->pk.rsa.padding->mgf);
-
-            saltLen = info->pk.rsa.padding->saltLen;
-            hLen = wc_hash2sz(info->pk.rsa.padding->hash);
-
-            /* Same salt length code as rsa.c */
-            if (saltLen == RSA_PSS_SALT_LEN_DEFAULT)
-                saltLen = hLen;
-#ifndef WOLFSSL_PSS_LONG_SALT
-            else if (saltLen > hLen) {
-                return PSS_SALTLEN_E;
-            }
-#endif
-#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
-            else if (saltLen < RSA_PSS_SALT_LEN_DEFAULT) {
-                return PSS_SALTLEN_E;
-            }
-#else
-            else if (saltLen == RSA_PSS_SALT_LEN_DISCOVER) {
-                saltLen = *(info->pk.rsa.outLen) - hLen - 2;
-                if (saltLen < 0) {
-                    return PSS_SALTLEN_E;
-                }
-            }
-            else if (saltLen < RSA_PSS_SALT_LEN_DISCOVER) {
-                return PSS_SALTLEN_E;
-            }
-#endif
-            if (*(info->pk.rsa.outLen) - hLen < (word32)(saltLen + 2)) {
-                return PSS_SALTLEN_E;
-            }
-
-            pssParams.sLen = saltLen;
-        }
-#endif /* WOLF_CRYPTO_CB_RSA_PAD */
-
-        rv = session->func->C_SignInit(session->handle, &mech, key);
-        PKCS11_RV("C_SignInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        PKCS11_VAL("C_Sign inLen", info->pk.rsa.inLen);
-        PKCS11_VAL("C_Sign outLen", *info->pk.rsa.outLen);
-        outLen = (CK_ULONG)*info->pk.rsa.outLen;
-        rv = session->func->C_Sign(session->handle,
-                (CK_BYTE_PTR)info->pk.rsa.in, info->pk.rsa.inLen,
-                info->pk.rsa.out, &outLen);
-        PKCS11_RV("C_Sign", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0)
-        *info->pk.rsa.outLen = (word32)outLen;
-
-
-    return ret;
-}
-
-/**
- * Perform an RSA operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11Rsa(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int               ret = 0;
-    CK_RV             rv;
-    CK_MECHANISM_INFO mechInfo;
-    CK_MECHANISM_TYPE mechanism = 0x0UL;
-    int               sessionKey = 0;
-    CK_OBJECT_HANDLE  key;
-    RsaKey*           rsaKey = info->pk.rsa.key;
-    int               type = info->pk.rsa.type;
-
-    switch(info->pk.type) {
-#ifndef NO_PKCS11_RSA_PKCS
-    case WC_PK_TYPE_RSA_PKCS:
-        mechanism = CKM_RSA_PKCS;
-        break;
-    case WC_PK_TYPE_RSA_PSS:
-        mechanism = CKM_RSA_PKCS_PSS;
-        break;
-    case WC_PK_TYPE_RSA_OAEP:
-        mechanism = CKM_RSA_PKCS_OAEP;
-        break;
-#endif /* !NO_PKCS11_RSA_PKCS */
-    case WC_PK_TYPE_RSA:
-        mechanism = CKM_RSA_X_509;
-        break;
-    }
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, mechanism,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK) {
-        ret = NOT_COMPILED_IN;
-    }
-
-    if (ret == 0) {
-        if ((type == RSA_PUBLIC_ENCRYPT) || (type == RSA_PUBLIC_DECRYPT)) {
-            sessionKey = !mp_iszero(&rsaKey->e);
-
-            /* Make a handle to a public key. */
-            ret = Pkcs11RsaPublicKey(session, rsaKey, sessionKey, &key);
-        }
-        else {
-            sessionKey = !mp_iszero(&rsaKey->d);
-
-            /* Make a handle to a private key. */
-            ret = Pkcs11RsaPrivateKey(session, rsaKey, sessionKey, &key);
-        }
-    }
-    if (ret == 0) {
-        if (type == RSA_PUBLIC_ENCRYPT) {
-            WOLFSSL_MSG("PKCS#11: Public Encrypt");
-            if ((mechInfo.flags & CKF_ENCRYPT) != 0) {
-                ret = Pkcs11RsaEncrypt(session, info, key);
-            }
-            else {
-                ret = NOT_COMPILED_IN;
-            }
-        }
-        else if (type == RSA_PUBLIC_DECRYPT) {
-            WOLFSSL_MSG("PKCS#11: Public Decrypt");
-            if ((mechInfo.flags & CKF_ENCRYPT) != 0) {
-                ret = Pkcs11RsaEncrypt(session, info, key);
-            }
-            else {
-                ret = NOT_COMPILED_IN;
-            }
-        }
-        else if (type == RSA_PRIVATE_DECRYPT) {
-            WOLFSSL_MSG("PKCS#11: Private Decrypt");
-            if ((mechInfo.flags & CKF_DECRYPT) != 0) {
-                ret = Pkcs11RsaDecrypt(session, info, key);
-            }
-            else {
-                ret = Pkcs11RsaSign(session, info, key);
-            }
-        }
-        else if (type == RSA_PRIVATE_ENCRYPT) {
-            WOLFSSL_MSG("PKCS#11: Private Encrypt");
-            if ((mechInfo.flags & CKF_SIGN) != 0) {
-                ret = Pkcs11RsaSign(session, info, key);
-            }
-            else {
-                ret = Pkcs11RsaDecrypt(session, info, key);
-            }
-        }
-    }
-
-    if (sessionKey) {
-        session->func->C_DestroyObject(session->handle, key);
-    }
-
-    return ret;
-}
-
-#ifdef WOLFSSL_KEY_GEN
-/**
- * Perform an RSA key generation operation.
- * The private key data stays on the device.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11RsaKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int               ret = 0;
-    RsaKey*           key = info->pk.rsakg.key;
-    CK_RV             rv;
-    CK_ULONG          bits = info->pk.rsakg.size;
-    CK_OBJECT_HANDLE  pubKey = NULL_PTR, privKey = NULL_PTR;
-    CK_MECHANISM      mech;
-    static CK_BYTE    pub_exp[] = { 0x01, 0x00, 0x01, 0x00 };
-    CK_ATTRIBUTE      pubKeyTmpl[] = {
-        { CKA_MODULUS_BITS,    &bits,    sizeof(bits)    },
-        { CKA_ENCRYPT,         &ckTrue,  sizeof(ckTrue)  },
-        { CKA_VERIFY,          &ckTrue,  sizeof(ckTrue)  },
-        { CKA_PUBLIC_EXPONENT, &pub_exp, sizeof(pub_exp) }
-    };
-    CK_ULONG          pubTmplCnt = sizeof(pubKeyTmpl)/sizeof(*pubKeyTmpl);
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE      privKeyTmpl[] = {
-        { CKA_DECRYPT,  &ckTrue, sizeof(ckTrue) },
-        { CKA_SIGN,     &ckTrue, sizeof(ckTrue) },
-        { 0,            NULL,    0              },
-        { 0,            NULL,    0              }
-    };
-    /* 2 mandatory entries + 2 optional. */
-    int               privTmplCnt = 2;
-    int               i;
-
-    ret = Pkcs11MechAvail(session, CKM_RSA_PKCS_KEY_PAIR_GEN);
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: RSA Key Generation Operation");
-
-        /* Most commonly used public exponent value (array initialized). */
-        if (info->pk.rsakg.e != WC_RSA_EXPONENT) {
-            for (i = 0; i < (int)sizeof(pub_exp); i++)
-                pub_exp[i] = (info->pk.rsakg.e >> (8 * i)) & 0xff;
-        }
-        for (i = (int)sizeof(pub_exp) - 1; pub_exp[i] == 0; i--) {
-        }
-        pubKeyTmpl[3].ulValueLen = i + 1;
-
-        if (key->labelLen != 0) {
-            privKeyTmpl[privTmplCnt].type       = CKA_LABEL;
-            privKeyTmpl[privTmplCnt].pValue     = key->label;
-            privKeyTmpl[privTmplCnt].ulValueLen = key->labelLen;
-            privTmplCnt++;
-        }
-        if (key->idLen != 0) {
-            privKeyTmpl[privTmplCnt].type       = CKA_ID;
-            privKeyTmpl[privTmplCnt].pValue     = key->id;
-            privKeyTmpl[privTmplCnt].ulValueLen = key->idLen;
-            privTmplCnt++;
-        }
-
-        mech.mechanism      = CKM_RSA_PKCS_KEY_PAIR_GEN;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-        PKCS11_DUMP_TEMPLATE("Public Key", pubKeyTmpl, pubTmplCnt);
-        PKCS11_DUMP_TEMPLATE("Private Key", privKeyTmpl, privTmplCnt);
-        rv = session->func->C_GenerateKeyPair(session->handle, &mech,
-                                                       pubKeyTmpl, pubTmplCnt,
-                                                       privKeyTmpl, privTmplCnt,
-                                                       &pubKey, &privKey);
-        PKCS11_RV("C_GenerateKeyPair", rv);
-        if (rv != CKR_OK) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0)
-        ret = Pkcs11GetRsaPublicKey(key, session, pubKey);
-
-    if (pubKey != NULL_PTR)
-        ret = (int)session->func->C_DestroyObject(session->handle, pubKey);
-    if (ret != 0 && privKey != NULL_PTR)
-        ret = (int)session->func->C_DestroyObject(session->handle, privKey);
-
-    return ret;
-}
-#endif /* WOLFSSL_KEY_GEN */
-#endif /* !NO_RSA */
-
-#ifdef HAVE_ECC
-/**
- * Find the PKCS#11 object containing the ECC public or private key data.
- * Search for public key by public point.
- *
- * @param  [out]  key       Handle to key object.
- * @param  [in]   keyClass  Public or private key class.
- * @param  [in]   session   Session object.
- * @param  [in]   eccKey    ECC key with parameters.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11FindEccKey(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
-                            Pkcs11Session* session, ecc_key* eccKey,
-                            int op)
-{
-    int             ret = 0;
-    int             i;
-    unsigned char*  ecPoint = NULL;
-    word32          len = 0;
-    CK_RV           rv;
-    CK_ULONG        count;
-    CK_UTF8CHAR     params[MAX_EC_PARAM_LEN];
-    CK_ATTRIBUTE    keyTemplate[] = {
-        { CKA_CLASS,           &keyClass,  sizeof(keyClass)  },
-        { CKA_KEY_TYPE,        &ecKeyType, sizeof(ecKeyType) },
-        { CKA_EC_PARAMS,       params,     0                 },
-        { op,                  &ckTrue,    sizeof(ckTrue)    },
-        { CKA_EC_POINT,        NULL,       0                 },
-    };
-    CK_ULONG        attrCnt = 4;
-
-    ret = Pkcs11EccSetParams(eccKey, keyTemplate, 2);
-    if (ret == 0 && keyClass == CKO_PUBLIC_KEY) {
-        /* ASN1 encoded: OCT + uncompressed point */
-        len = 3 + 1 + 2 * eccKey->dp->size;
-        ecPoint = (unsigned char*)XMALLOC(len, eccKey->heap, DYNAMIC_TYPE_ECC);
-        if (ecPoint == NULL)
-            ret = MEMORY_E;
-    }
-    if (ret == 0 && keyClass == CKO_PUBLIC_KEY) {
-        len -= 3;
-        i = 0;
-        ecPoint[i++] = ASN_OCTET_STRING;
-        if (len >= ASN_LONG_LENGTH)
-            ecPoint[i++] = (ASN_LONG_LENGTH | 1);
-        ecPoint[i++] = len;
-        if (eccKey->type == 0)
-            eccKey->type = ECC_PUBLICKEY;
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_export_x963(eccKey, ecPoint + i, &len);
-        PRIVATE_KEY_LOCK();
-    }
-    if (ret == 0 && keyClass == CKO_PUBLIC_KEY) {
-        keyTemplate[attrCnt].pValue     = ecPoint;
-        keyTemplate[attrCnt].ulValueLen = len + i;
-        attrCnt++;
-    }
-    if (ret == 0) {
-        PKCS11_DUMP_TEMPLATE("Find Ec Key", keyTemplate, attrCnt);
-        rv = session->func->C_FindObjectsInit(session->handle, keyTemplate,
-                                                                       attrCnt);
-        PKCS11_RV("C_FindObjectsInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        rv = session->func->C_FindObjects(session->handle, key, 1, &count);
-        PKCS11_RV("C_FindObjects", rv);
-        PKCS11_VAL("C_FindObjects Count", count);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-        rv = session->func->C_FindObjectsFinal(session->handle);
-        PKCS11_RV("C_FindObjectsFinal", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    XFREE(ecPoint, eccKey->heap, DYNAMIC_TYPE_ECC);
-
-    return ret;
-}
-
-/**
- * Gets the public key data from the PKCS#11 object and puts into the ECC key.
- *
- * @param  [in]  key      ECC public key.
- * @param  [in]  session  Session object.
- * @param  [in]  pubKey   ECC public key PKCS#11 object.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11GetEccPublicKey(ecc_key* key, Pkcs11Session* session,
-                                 CK_OBJECT_HANDLE pubKey)
-{
-    int            ret = 0;
-    word32         i = 0;
-    int            curveIdx;
-    unsigned char* point = NULL;
-    int            pointSz = 0;
-    byte           tag;
-    CK_RV          rv;
-    CK_ATTRIBUTE   tmpl[] = {
-        { CKA_EC_POINT,  NULL_PTR, 0 },
-    };
-    CK_ULONG       tmplCnt = sizeof(tmpl) / sizeof(*tmpl);
-
-    rv = session->func->C_GetAttributeValue(session->handle, pubKey, tmpl,
-                                                                       tmplCnt);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-
-    if (ret == 0) {
-        pointSz = (int)tmpl[0].ulValueLen;
-        point = (unsigned char*)XMALLOC(pointSz, key->heap, DYNAMIC_TYPE_ECC);
-        if (point == NULL)
-            ret = MEMORY_E;
-    }
-    if (ret == 0) {
-        tmpl[0].pValue = point;
-
-        PKCS11_DUMP_TEMPLATE("Get Ec Public Key", tmpl, tmplCnt);
-        rv = session->func->C_GetAttributeValue(session->handle, pubKey,
-                                                                 tmpl, tmplCnt);
-        PKCS11_RV("C_GetAttributeValue", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-        PKCS11_DUMP_TEMPLATE("Ec Public Key", tmpl, tmplCnt);
-    }
-
-    /* Make sure the data is big enough for ASN.1: OCT + uncompressed point */
-    if (ret == 0 && pointSz < key->dp->size * 2 + 1 + 2)
-        ret = ASN_PARSE_E;
-    /* Step over the OCTET_STRING wrapper. */
-    if (ret == 0 && GetASNTag(point, &i, &tag, pointSz) != 0)
-        ret = ASN_PARSE_E;
-    if (ret == 0 && tag != ASN_OCTET_STRING)
-        ret = ASN_PARSE_E;
-    if (ret == 0 && point[i] >= ASN_LONG_LENGTH) {
-        if (point[i++] != (ASN_LONG_LENGTH | 1))
-            ret = ASN_PARSE_E;
-        else if (pointSz < key->dp->size * 2 + 1 + 3)
-            ret = ASN_PARSE_E;
-    }
-    if (ret == 0 && point[i++] != key->dp->size * 2 + 1)
-        ret = ASN_PARSE_E;
-
-    if (ret == 0) {
-        curveIdx = wc_ecc_get_curve_idx(key->dp->id);
-        ret = wc_ecc_import_point_der(point + i, pointSz - i, curveIdx,
-                                                                  &key->pubkey);
-    }
-    /* make sure the ecc_key type has been set */
-    if (ret == 0 && key->type == 0) {
-        key->type = ECC_PUBLICKEY;
-    }
-
-    XFREE(point, key->heap, DYNAMIC_TYPE_ECC);
-
-    return ret;
-}
-
-#ifndef NO_PKCS11_EC_KEYGEN
-/**
- * Perform an ECC key generation operation.
- * The private key data stays on the device.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11EcKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int               ret = 0;
-    ecc_key*          key = info->pk.eckg.key;
-    CK_RV             rv;
-    CK_OBJECT_HANDLE  pubKey = NULL_PTR, privKey = NULL_PTR;
-    CK_MECHANISM      mech;
-    CK_UTF8CHAR       params[MAX_EC_PARAM_LEN];
-    CK_ATTRIBUTE      pubKeyTmpl[] = {
-        { CKA_EC_PARAMS,       params,   0               },
-        { CKA_VERIFY,          &ckTrue,  sizeof(ckTrue)  },
-        { CKA_ENCRYPT,         &ckTrue,  sizeof(ckTrue)  },
-    };
-    int               pubTmplCnt = 1;
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE      privKeyTmplDerive[] = {
-        { CKA_DERIVE,  &ckTrue, sizeof(ckTrue) },
-        { 0,           NULL,    0              },
-        { 0,           NULL,    0              },
-    };
-    /* Empty entries for optional label/ID. */
-    CK_ATTRIBUTE      privKeyTmplEncSign[] = {
-        { CKA_SIGN,    &ckTrue, sizeof(ckTrue) },
-        { CKA_DECRYPT, &ckTrue, sizeof(ckTrue) },
-        { 0,           NULL,    0              },
-        { 0,           NULL,    0              },
-    };
-    CK_ATTRIBUTE*     privKeyTmpl = privKeyTmplDerive;
-    /* Mandatory entries + 2 optional. */
-    int               privTmplCnt = 1;
-
-    ret = Pkcs11MechAvail(session, CKM_EC_KEY_PAIR_GEN);
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: EC Key Generation Operation");
-
-        ret = Pkcs11EccSetParams(key, pubKeyTmpl, 0);
-    }
-    if (ret == 0) {
-        /* Default is to use for derivation. */
-        if ((key->flags & WC_ECC_FLAG_DEC_SIGN) == WC_ECC_FLAG_DEC_SIGN) {
-            privKeyTmpl = privKeyTmplEncSign;
-            privTmplCnt = 2;
-            pubTmplCnt = 2;
-        }
-        if (key->labelLen != 0) {
-            privKeyTmpl[privTmplCnt].type       = CKA_LABEL;
-            privKeyTmpl[privTmplCnt].pValue     = key->label;
-            privKeyTmpl[privTmplCnt].ulValueLen = key->labelLen;
-            privTmplCnt++;
-        }
-        if (key->idLen != 0) {
-            privKeyTmpl[privTmplCnt].type       = CKA_ID;
-            privKeyTmpl[privTmplCnt].pValue     = key->id;
-            privKeyTmpl[privTmplCnt].ulValueLen = key->idLen;
-            privTmplCnt++;
-        }
-
-        mech.mechanism      = CKM_EC_KEY_PAIR_GEN;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-        PKCS11_DUMP_TEMPLATE("Ec Private", privKeyTmpl, privTmplCnt);
-        PKCS11_DUMP_TEMPLATE("Ec Public", pubKeyTmpl, pubTmplCnt);
-
-        rv = session->func->C_GenerateKeyPair(session->handle, &mech,
-                                                       pubKeyTmpl, pubTmplCnt,
-                                                       privKeyTmpl, privTmplCnt,
-                                                       &pubKey, &privKey);
-        PKCS11_RV("C_GenerateKeyPair", rv);
-        if (rv != CKR_OK) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0)
-        ret = Pkcs11GetEccPublicKey(key, session, pubKey);
-
-    if (pubKey != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, pubKey);
-    if (ret != 0 && privKey != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, privKey);
-
-    return ret;
-}
-#endif
-
-#ifndef NO_PKCS11_ECDH
-/**
- * Extracts the secret key data from the PKCS#11 object.
- *
- * @param  [in]      session  Session object.
- * @param  [in]      secret   PKCS#11 object with the secret key data.
- * @param  [in]      out      Buffer to hold secret data.
- * @param  [in,out]  outLen   On in, length of buffer.
- *                            On out, the length of data in buffer.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11ExtractSecret(Pkcs11Session* session, CK_OBJECT_HANDLE secret,
-    byte* out, word32* outLen)
-{
-    int ret = 0;
-    CK_ATTRIBUTE tmpl[] = {
-      {CKA_VALUE, NULL_PTR, 0}
-    };
-    CK_ULONG     tmplCnt = sizeof(tmpl) / sizeof(*tmpl);
-    CK_RV rv;
-
-    PKCS11_DUMP_TEMPLATE("Get Secret Length", tmpl, tmplCnt);
-    rv = session->func->C_GetAttributeValue(session->handle, secret, tmpl,
-                                                                       tmplCnt);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    PKCS11_DUMP_TEMPLATE("Secret Length", tmpl, tmplCnt);
-    if (ret == 0) {
-        if (tmpl[0].ulValueLen > *outLen)
-            ret = BUFFER_E;
-    }
-    if (ret == 0) {
-        tmpl[0].pValue = out;
-        PKCS11_DUMP_TEMPLATE("Get Secret", tmpl, tmplCnt);
-        rv = session->func->C_GetAttributeValue(session->handle, secret,
-                                                                 tmpl, tmplCnt);
-        PKCS11_RV("C_GetAttributeValue", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-        PKCS11_DUMP_TEMPLATE("Secret", tmpl, tmplCnt);
-        *outLen = (word32)tmpl[0].ulValueLen;
-    }
-
-    return ret;
-}
-
-/**
- * Performs the ECDH secret generation operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- *          0 on success.
- */
-static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                    ret = 0;
-    int                    sessionKey = 0;
-    unsigned char*         point = NULL;
-    word32                 pointLen;
-    CK_RV                  rv;
-    CK_KEY_TYPE            keyType = CKK_GENERIC_SECRET;
-    CK_MECHANISM           mech;
-    CK_ECDH1_DERIVE_PARAMS params;
-    CK_OBJECT_HANDLE       privateKey = NULL_PTR;
-    CK_OBJECT_HANDLE       secret = CK_INVALID_HANDLE;
-    CK_ULONG               secSz;
-    CK_ATTRIBUTE           tmpl[] = {
-        { CKA_CLASS,       &secretKeyClass, sizeof(secretKeyClass) },
-        { CKA_KEY_TYPE,    &keyType,        sizeof(keyType)        },
-        { CKA_PRIVATE,     &ckFalse,        sizeof(ckFalse)        },
-        { CKA_SENSITIVE,   &ckFalse,        sizeof(ckFalse)        },
-        { CKA_EXTRACTABLE, &ckTrue,         sizeof(ckTrue)         },
-        { CKA_VALUE_LEN,   &secSz,          sizeof(secSz)          }
-    };
-    CK_ULONG               tmplCnt = sizeof(tmpl) / sizeof(*tmpl);
-
-    ret = Pkcs11MechAvail(session, CKM_ECDH1_DERIVE);
-    if (ret == 0 && info->pk.ecdh.outlen == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: EC Key Derivation Operation");
-
-        if ((sessionKey = !mp_iszero(
-                wc_ecc_key_get_priv(info->pk.ecdh.private_key))))
-            ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
-                                         info->pk.ecdh.private_key, CKA_DERIVE);
-        else if (info->pk.ecdh.private_key->labelLen > 0) {
-            ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PRIVATE_KEY, CKK_EC,
-                                       session,
-                                       info->pk.ecdh.private_key->label,
-                                       info->pk.ecdh.private_key->labelLen);
-        }
-        else if (info->pk.ecdh.private_key->idLen > 0) {
-            ret = Pkcs11FindKeyById(&privateKey, CKO_PRIVATE_KEY, CKK_EC,
-                                    session, info->pk.ecdh.private_key->id,
-                                    info->pk.ecdh.private_key->idLen);
-        }
-        else {
-            ret = Pkcs11FindEccKey(&privateKey, CKO_PRIVATE_KEY, session,
-                                          info->pk.ecdh.public_key, CKA_DERIVE);
-        }
-    }
-    if (ret == 0) {
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_export_x963(info->pk.ecdh.public_key, NULL, &pointLen);
-        PRIVATE_KEY_LOCK();
-        if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
-            point = (unsigned char*)XMALLOC(pointLen,
-                                                 info->pk.ecdh.public_key->heap,
-                                                       DYNAMIC_TYPE_ECC_BUFFER);
-            PRIVATE_KEY_UNLOCK();
-            ret = wc_ecc_export_x963(info->pk.ecdh.public_key, point,
-                                                                     &pointLen);
-            PRIVATE_KEY_LOCK();
-        }
-    }
-
-    if (ret == 0) {
-        secSz = *info->pk.ecdh.outlen;
-        if (secSz > (CK_ULONG)info->pk.ecdh.private_key->dp->size)
-            secSz = info->pk.ecdh.private_key->dp->size;
-
-        params.kdf             = CKD_NULL;
-        params.pSharedData     = NULL;
-        params.ulSharedDataLen = 0;
-        params.pPublicData     = point;
-        params.ulPublicDataLen = pointLen;
-
-        mech.mechanism      = CKM_ECDH1_DERIVE;
-        mech.ulParameterLen = sizeof(params);
-        mech.pParameter     = &params;
-
-        PKCS11_DUMP_TEMPLATE("ECDH key", tmpl, tmplCnt);
-        rv = session->func->C_DeriveKey(session->handle, &mech, privateKey,
-                                                        tmpl, tmplCnt, &secret);
-        PKCS11_RV("C_DeriveKey", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (ret == 0) {
-        ret = Pkcs11ExtractSecret(session, secret, info->pk.ecdh.out,
-                                                          info->pk.ecdh.outlen);
-    }
-
-    if (sessionKey)
-        session->func->C_DestroyObject(session->handle, privateKey);
-
-    if (point != NULL)
-        XFREE(point, info->pk.ecdh.public_key->heap, DYNAMIC_TYPE_ECC_BUFFER);
-
-    return ret;
-}
-#endif
-
-/**
- * Encode, in place, the ECDSA signature.
- * Two fixed width values into ASN.1 DER encoded SEQ { INT, INT }
- *
- * @param  [in,out]  sig  Signature data.
- * @param  [in]      sz   Size of original signature data.
- * @return  Length of the ASN.1 DER encoded signature.
- */
-static word32 Pkcs11ECDSASig_Encode(byte* sig, word32 sz)
-{
-    word32 rHigh, sHigh, seqLen;
-    word32 rStart = 0, sStart = 0;
-    word32 sigSz, rSz, rLen, sSz, sLen;
-    word32 i;
-
-    /* Find first byte of data in r and s. */
-    while (rStart < sz - 1 && sig[rStart] == 0x00)
-        rStart++;
-    while (sStart < sz - 1 && sig[sz + sStart] == 0x00)
-        sStart++;
-    /* Check if 0 needs to be prepended to make integer a positive number. */
-    rHigh = sig[rStart] >> 7;
-    sHigh = sig[sz + sStart] >> 7;
-    /* Calculate length of integer to put into ASN.1 encoding. */
-    rLen = sz - rStart;
-    sLen = sz - sStart;
-    /* r and s: INT (2 bytes) + [ 0x00 ] + integer */
-    rSz = 2 + rHigh + rLen;
-    sSz = 2 + sHigh + sLen;
-    /* Calculate the complete ASN.1 DER encoded size. */
-    sigSz = rSz + sSz;
-    if (sigSz >= ASN_LONG_LENGTH)
-        seqLen = 3;
-    else
-        seqLen = 2;
-
-    /* Move s and then r integers into their final places. */
-    XMEMMOVE(sig + seqLen + rSz + (sSz - sLen), sig + sz + sStart, sLen);
-    XMEMMOVE(sig + seqLen       + (rSz - rLen), sig      + rStart, rLen);
-
-    /* Put the ASN.1 DER encoding around data. */
-    i = 0;
-    sig[i++] = ASN_CONSTRUCTED | ASN_SEQUENCE;
-    if (seqLen == 3)
-        sig[i++] = ASN_LONG_LENGTH | 0x01;
-    sig[i++] = sigSz;
-    sig[i++] = ASN_INTEGER;
-    sig[i++] = rHigh + (sz - rStart);
-    if (rHigh)
-        sig[i++] = 0x00;
-    i += sz - rStart;
-    sig[i++] = ASN_INTEGER;
-    sig[i++] = sHigh + (sz - sStart);
-    if (sHigh)
-        sig[i] = 0x00;
-
-    return seqLen + sigSz;
-}
-
-/**
- * Decode the ECDSA signature.
- * ASN.1 DER encode SEQ { INT, INT } converted to two fixed with values.
- *
- * @param  [in]  in    ASN.1 DER encoded signature.
- * @param  [in]  inSz  Size of ASN.1 signature.
- * @param  [in]  sig   Output buffer.
- * @param  [in]  sz    Size of output buffer.
- * @return  ASN_PARSE_E when the ASN.1 encoding is invalid.
- * @return  0 on success.
- */
-static int Pkcs11ECDSASig_Decode(const byte* in, word32 inSz, byte* sig,
-                                 word32 sz)
-{
-    int ret = 0;
-    word32 i = 0;
-    byte   tag;
-    int len, seqLen = 2;
-
-    /* Make sure zeros in place when decoding short integers. */
-    XMEMSET(sig, 0, sz * 2);
-
-    /* Check min data for: SEQ + INT. */
-    if (inSz < 5)
-        ret = ASN_PARSE_E;
-    /* Check SEQ */
-    if (ret == 0 && in[i++] != (ASN_CONSTRUCTED | ASN_SEQUENCE))
-        ret = ASN_PARSE_E;
-    if (ret == 0 && in[i] >= ASN_LONG_LENGTH) {
-        if (in[i] != (ASN_LONG_LENGTH | 0x01))
-            ret = ASN_PARSE_E;
-        else {
-            i++;
-            seqLen++;
-        }
-    }
-    if (ret == 0 && in[i++] != inSz - seqLen)
-        ret = ASN_PARSE_E;
-
-    /* Check INT */
-    if (ret == 0 && GetASNTag(in, &i, &tag, inSz) != 0)
-        ret = ASN_PARSE_E;
-    if (ret == 0 && tag != ASN_INTEGER)
-        ret = ASN_PARSE_E;
-    if (ret == 0 && (len = in[i++]) > sz + 1)
-        ret = ASN_PARSE_E;
-    /* Check there is space for INT data */
-    if (ret == 0 && i + len > inSz)
-        ret = ASN_PARSE_E;
-    if (ret == 0) {
-        /* Skip leading zero */
-        if (in[i] == 0x00) {
-            i++;
-            len--;
-        }
-        /* Copy r into sig. */
-        XMEMCPY(sig + sz - len, in + i, len);
-        i += len;
-    }
-
-    /* Check min data for: INT. */
-    if (ret == 0 && i + 2 > inSz)
-        ret = ASN_PARSE_E;
-    /* Check INT */
-    if (ret == 0 && GetASNTag(in, &i, &tag, inSz) != 0)
-        ret = ASN_PARSE_E;
-    if (ret == 0 && tag != ASN_INTEGER)
-        ret = ASN_PARSE_E;
-    if (ret == 0 && (len = in[i++]) > sz + 1)
-        ret = ASN_PARSE_E;
-    /* Check there is space for INT data */
-    if (ret == 0 && i + len > inSz)
-        ret = ASN_PARSE_E;
-    if (ret == 0) {
-        /* Skip leading zero */
-        if (in[i] == 0x00) {
-            i++;
-            len--;
-        }
-        /* Copy s into sig. */
-        XMEMCPY(sig + sz + sz - len, in + i, len);
-    }
-
-    return ret;
-}
-
-/**
- * Get the parameters from the private key on the device.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  privKey  PKCS #11 object handle of private key..
- * @param  [in]  key      Ecc key to set parameters against.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11GetEccParams(Pkcs11Session* session, CK_OBJECT_HANDLE privKey,
-                              ecc_key* key)
-{
-    int          ret = 0;
-    int          curveId;
-    CK_RV        rv;
-    byte         oid[16];
-    CK_ATTRIBUTE template[] = {
-        { CKA_EC_PARAMS, (CK_VOID_PTR)oid, sizeof(oid) }
-    };
-
-    PKCS11_DUMP_TEMPLATE("Get Ec Params", template, 1);
-    rv = session->func->C_GetAttributeValue(session->handle, privKey, template,
-                                                                             1);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    PKCS11_DUMP_TEMPLATE("Ec Params", template, 1);
-    if (ret == 0) {
-        /* PKCS #11 wraps the OID in ASN.1 */
-        curveId = wc_ecc_get_curve_id_from_oid(oid + 2,
-                                            (word32)template[0].ulValueLen - 2);
-        if (curveId == ECC_CURVE_INVALID)
-            ret = WC_HW_E;
-    }
-    if (ret == 0)
-        ret = wc_ecc_set_curve(key, 0, curveId);
-
-    return ret;
-}
-
-/**
- * Performs the ECDSA signing operation.
- *
- * @param  session  [in]  Session object.
- * @param  info     [in]  Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11ECDSA_Sign(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                    ret = 0;
-    int                    sessionKey = 0;
-    word32                 sz;
-    CK_RV                  rv;
-    CK_ULONG               outLen;
-    CK_MECHANISM           mech;
-    CK_MECHANISM_INFO      mechInfo;
-    CK_OBJECT_HANDLE       privateKey = NULL_PTR;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_ECDSA,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_SIGN) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0 && info->pk.eccsign.outlen == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0 && info->pk.eccsign.out == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: EC Signing Operation");
-
-        if ((sessionKey = !mp_iszero(
-                wc_ecc_key_get_priv(info->pk.eccsign.key))))
-            ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
-                                                info->pk.eccsign.key, CKA_SIGN);
-        else if (info->pk.eccsign.key->labelLen > 0) {
-            ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PRIVATE_KEY, CKK_EC,
-                                       session, info->pk.eccsign.key->label,
-                                       info->pk.eccsign.key->labelLen);
-            if (ret == 0 && info->pk.eccsign.key->dp == NULL) {
-                ret = Pkcs11GetEccParams(session, privateKey,
-                                                          info->pk.eccsign.key);
-            }
-        }
-        else if (info->pk.eccsign.key->idLen > 0) {
-            ret = Pkcs11FindKeyById(&privateKey, CKO_PRIVATE_KEY, CKK_EC,
-                                    session, info->pk.eccsign.key->id,
-                                    info->pk.eccsign.key->idLen);
-            if (ret == 0 && info->pk.eccsign.key->dp == NULL) {
-                ret = Pkcs11GetEccParams(session, privateKey,
-                                                          info->pk.eccsign.key);
-            }
-        }
-        else {
-            ret = Pkcs11FindEccKey(&privateKey, CKO_PRIVATE_KEY, session,
-                                                info->pk.eccsign.key, CKA_SIGN);
-        }
-    }
-
-    if (ret == 0) {
-        sz = info->pk.eccsign.key->dp->size;
-        /* Maximum encoded size is two ordinates + 8 bytes of ASN.1. */
-        if (*info->pk.eccsign.outlen < (word32)wc_ecc_sig_size_calc(sz))
-            ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        mech.mechanism      = CKM_ECDSA;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-        rv = session->func->C_SignInit(session->handle, &mech, privateKey);
-        PKCS11_RV("C_SignInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (ret == 0) {
-        outLen = *info->pk.eccsign.outlen;
-        rv = session->func->C_Sign(session->handle,
-                                   (CK_BYTE_PTR)info->pk.eccsign.in,
-                                   info->pk.eccsign.inlen, info->pk.eccsign.out,
-                                   &outLen);
-        PKCS11_RV("C_Sign", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (ret == 0) {
-        *info->pk.eccsign.outlen = Pkcs11ECDSASig_Encode(info->pk.eccsign.out,
-                                                         sz);
-    }
-
-    if (sessionKey)
-        session->func->C_DestroyObject(session->handle, privateKey);
-
-    return ret;
-}
-
-/**
- * Performs the ECDSA verification operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11ECDSA_Verify(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                    ret = 0;
-    CK_RV                  rv;
-    CK_MECHANISM           mech;
-    CK_MECHANISM_INFO      mechInfo;
-    CK_OBJECT_HANDLE       publicKey = NULL_PTR;
-    unsigned char*         sig = NULL;
-    word32                 sz = info->pk.eccverify.key->dp->size;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_ECDSA,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_VERIFY) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0 && info->pk.eccverify.res == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: EC Verification Operation");
-
-        ret = Pkcs11CreateEccPublicKey(&publicKey, session,
-                                            info->pk.eccverify.key, CKA_VERIFY);
-    }
-
-    if (ret == 0) {
-        sig = (unsigned char *)XMALLOC(sz * 2, info->pk.eccverify.key->heap,
-                                                       DYNAMIC_TYPE_TMP_BUFFER);
-        if (sig == NULL)
-            ret = MEMORY_E;
-    }
-
-    if (ret == 0) {
-        ret = Pkcs11ECDSASig_Decode(info->pk.eccverify.sig,
-                                    info->pk.eccverify.siglen, sig, sz);
-    }
-    if (ret == 0) {
-        mech.mechanism      = CKM_ECDSA;
-        mech.ulParameterLen = 0;
-        mech.pParameter     = NULL;
-
-        rv = session->func->C_VerifyInit(session->handle, &mech, publicKey);
-        PKCS11_RV("C_VerifyInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (ret == 0) {
-        *info->pk.eccverify.res = 0;
-        rv = session->func->C_Verify(session->handle,
-                                     (CK_BYTE_PTR)info->pk.eccverify.hash,
-                                     info->pk.eccverify.hashlen,
-                                     (CK_BYTE_PTR)sig, sz * 2);
-        PKCS11_RV("C_Verify", rv);
-        if (rv == CKR_SIGNATURE_INVALID) {
-        }
-        else if (rv != CKR_OK)
-            ret = WC_HW_E;
-        else
-            *info->pk.eccverify.res = 1;
-    }
-
-    if (publicKey != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, publicKey);
-
-    if (sig != NULL)
-        XFREE(sig, info->pk.eccverify.key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return ret;
-}
-#endif
-
-#ifndef NO_RSA
-/**
- * Check the private RSA key matches the public key.
- *
- * @param  [in]  priv        RSA private key.
- * @param  [in]  publicKey   Encoded RSA public key.
- * @param  [in]  pubKeySize  Length of encoded RSA public key.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  MP_CMP_E when the public parts are different.
- * @return  0 on success.
- */
-static int wc_Pkcs11CheckPrivKey_Rsa(RsaKey* priv,
-    const unsigned char* publicKey, word32 pubKeySize)
-{
-    int ret = 0;
-        WC_DECLARE_VAR(pub, RsaKey, 1, 0);
-    word32 keyIdx = 0;
-
-        WC_ALLOC_VAR_EX(pub, RsaKey, 1, NULL, DYNAMIC_TYPE_RSA,
-            ret=MEMORY_E);
-
-    if ((ret == 0) && (ret = wc_InitRsaKey(pub, NULL)) == 0) {
-        if (ret == 0) {
-            ret = wc_RsaPublicKeyDecode(publicKey, &keyIdx, pub, pubKeySize);
-        }
-        if (ret == 0) {
-            /* both keys extracted successfully now check n and e
-             * values are the same. This is dereferencing RsaKey */
-            if (mp_cmp(&(priv->n), &(pub->n)) != MP_EQ ||
-                mp_cmp(&(priv->e), &(pub->e)) != MP_EQ) {
-                ret = MP_CMP_E;
-            }
-            else
-                ret = 0;
-        }
-        wc_FreeRsaKey(pub);
-    }
-        WC_FREE_VAR_EX(pub, NULL, DYNAMIC_TYPE_RSA);
-
-    return ret;
-}
-
-/**
- * Checks the RSA private key matches the RSA public key.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  MP_CMP_E when the public parts are different.
- * @return  0 on success.
- */
-static int Pkcs11RsaCheckPrivKey(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int ret = 0;
-    CK_OBJECT_HANDLE privateKey;
-    RsaKey* priv = info->pk.rsa_check.key;
-
-    if (mp_iszero(&priv->n) || mp_iszero(&priv->e)) {
-        /* Get the RSA private key object. */
-        if (priv->labelLen > 0) {
-            ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PRIVATE_KEY,
-                                                  CKK_RSA, session, priv->label,
-                                                  priv->labelLen);
-        }
-        else if (priv->idLen > 0) {
-            ret = Pkcs11FindKeyById(&privateKey, CKO_PRIVATE_KEY, CKK_RSA,
-                                    session, priv->id, priv->idLen);
-        }
-        else {
-            ret = Pkcs11FindRsaKey(&privateKey, CKO_PRIVATE_KEY, session, priv);
-        }
-
-        if (ret == 0) {
-            /* Extract the public key components. */
-            ret = Pkcs11GetRsaPublicKey(priv, session, privateKey);
-        }
-    }
-    if (ret == 0) {
-        /* Compare the extracted public parts with the public key. */
-        ret = wc_Pkcs11CheckPrivKey_Rsa(priv, info->pk.rsa_check.pubKey,
-                                                   info->pk.rsa_check.pubKeySz);
-    }
-
-    return ret;
-}
-
-/**
- * Get the size of the RSA key in bytes.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  NOT_COMPILED_IN when no modulus, label or id.
- * @return  0 on success.
- */
-static int Pkcs11RsaGetSize(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int ret = 0;
-    CK_OBJECT_HANDLE privateKey;
-    const RsaKey* priv = info->pk.rsa_get_size.key;
-
-    if (!mp_iszero(&priv->n)) {
-        /* Use the key's modulus MP integer to determine size. */
-        *info->pk.rsa_get_size.keySize = mp_unsigned_bin_size(&priv->n);
-    }
-    else {
-        /* Get the RSA private key object. */
-        if (priv->labelLen > 0) {
-            ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PRIVATE_KEY,
-                                           CKK_RSA, session, (char*)priv->label,
-                                           priv->labelLen);
-        }
-        else if (priv->idLen > 0) {
-            ret = Pkcs11FindKeyById(&privateKey, CKO_PRIVATE_KEY, CKK_RSA,
-                                              session, (unsigned char*)priv->id,
-                                              priv->idLen);
-        }
-        else {
-            /* Lookup is by modulus which is not present. */
-            ret = NOT_COMPILED_IN;
-        }
-
-        if (ret == 0) {
-            /* Lookup the modulus size in bytes. */
-            ret = Pkcs11GetRsaModulusSize(session, privateKey,
-                                                 info->pk.rsa_get_size.keySize);
-        }
-    }
-
-    return ret;
-}
-#endif
-
-#ifdef HAVE_ECC
-/**
- * Check the private ECC key matches the public key.
- * Do this by looking up the public key data from the associated public key.
- * The public key object handle is passed in for the private key.
- *
- * @param  [in]  privateKey  Handle to private key object.
- * @param  [in]  publicKey   Encoded EC public key.
- * @param  [in]  pubKeySize  Length of encoded EC public key.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  MP_CMP_E when the public parts are different.
- * @return  0 on success.
- */
-static int wc_Pkcs11CheckPrivKey_Ecc(ecc_key* priv,
-    const unsigned char* publicKey, word32 pubKeySize)
-{
-    int ret = 0;
-        WC_DECLARE_VAR(pub, ecc_key, 1, 0);
-    word32 keyIdx = 0;
-
-        WC_ALLOC_VAR_EX(pub, ecc_key, 1, NULL, DYNAMIC_TYPE_ECC,
-            ret=MEMORY_E);
-
-    if ((ret == 0) && (ret = wc_ecc_init(pub)) == 0) {
-        ret = wc_EccPublicKeyDecode(publicKey, &keyIdx, pub, pubKeySize);
-        if (ret == 0) {
-            /* both keys extracted successfully now check curve and
-             * pubkey. */
-            if ((pub->idx != priv->idx) || (wc_ecc_cmp_point(&priv->pubkey,
-                                                      &pub->pubkey) != MP_EQ)) {
-                ret = MP_CMP_E;
-            }
-            else {
-                ret = 0;
-            }
-        }
-        wc_ecc_free(pub);
-    }
-        WC_FREE_VAR_EX(pub, NULL, DYNAMIC_TYPE_ECC);
-
-    return ret;
-}
-
-/**
- * Checks the ECC private key matches the ECC public key.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  MP_CMP_E when the public parts are different.
- * @return  0 on success.
- */
-static int Pkcs11EccCheckPrivKey(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int ret = 0;
-    ecc_key* priv = info->pk.ecc_check.key;
-    CK_OBJECT_HANDLE privateKey;
-
-    if (mp_iszero(priv->pubkey.x) || mp_iszero(priv->pubkey.y)) {
-        /* Get the public key object as the private key object doesn't have
-         * the public point stored in it.
-         */
-        if (priv->labelLen > 0) {
-            ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PUBLIC_KEY, CKK_EC,
-                                          session, priv->label, priv->labelLen);
-        }
-        else if (priv->idLen > 0) {
-            ret = Pkcs11FindKeyById(&privateKey, CKO_PUBLIC_KEY, CKK_EC,
-                                    session, priv->id, priv->idLen);
-        }
-        else {
-            ret = Pkcs11FindEccKey(&privateKey, CKO_PUBLIC_KEY, session, priv,
-                                                                      CKA_SIGN);
-        }
-        if (ret == 0 && priv->dp == NULL) {
-            /* Extract the group id. */
-            ret = Pkcs11GetEccParams(session, privateKey, priv);
-        }
-        if (ret == 0) {
-            /* Extract the public point. */
-            ret = Pkcs11GetEccPublicKey(priv, session, privateKey);
-       }
-    }
-    if (ret == 0) {
-        /* Compare the extracted public parts with the public key. */
-        ret = wc_Pkcs11CheckPrivKey_Ecc(priv, info->pk.ecc_check.pubKey,
-                                                   info->pk.ecc_check.pubKeySz);
-    }
-
-    return ret;
-}
-#endif
-
-#if !defined(NO_AES) && defined(HAVE_AESGCM)
-/**
- * Performs the AES-GCM encryption operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11AesGcmEncrypt(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Aes*               aes = info->cipher.aesgcm_enc.aes;
-    CK_GCM_PARAMS      params;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_AES_GCM,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_ENCRYPT) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: AES-GCM Encryption Operation");
-
-        /* Create a private key object or find by label or id. */
-        if (aes->idLen == 0 && aes->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, CKK_AES,
-                                        (unsigned char*)aes->devKey,
-                                        aes->keylen, NULL, 0, NULL, 0,
-                                        CKA_ENCRYPT);
-        }
-        else if (aes->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                       aes->label, aes->labelLen);
-        }
-        else {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                    aes->id, aes->idLen);
-        }
-    }
-
-    if (ret == 0) {
-        params.pIv       = (CK_BYTE_PTR)info->cipher.aesgcm_enc.iv;
-        params.ulIvLen   = info->cipher.aesgcm_enc.ivSz;
-        params.pAAD      = (CK_BYTE_PTR)info->cipher.aesgcm_enc.authIn;
-        params.ulAADLen  = info->cipher.aesgcm_enc.authInSz;
-        params.ulTagBits = info->cipher.aesgcm_enc.authTagSz * 8;
-
-        mech.mechanism      = CKM_AES_GCM;
-        mech.ulParameterLen = sizeof(params);
-        mech.pParameter     = &params;
-
-        rv = session->func->C_EncryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_EncryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = info->cipher.aesgcm_enc.sz;
-        rv = session->func->C_EncryptUpdate(session->handle,
-                                        (CK_BYTE_PTR)info->cipher.aesgcm_enc.in,
-                                        info->cipher.aesgcm_enc.sz,
-                                        info->cipher.aesgcm_enc.out,
-                                        &outLen);
-        PKCS11_RV("C_EncryptUpdate", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        /* Authentication tag comes out in final block. */
-        outLen = info->cipher.aesgcm_enc.authTagSz;
-        rv = session->func->C_EncryptFinal(session->handle,
-                                           info->cipher.aesgcm_enc.authTag,
-                                           &outLen);
-        PKCS11_RV("C_EncryptFinal", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (aes->idLen == 0 && aes->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-
-/**
- * Performs the AES-GCM decryption operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11AesGcmDecrypt(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Aes*               aes = info->cipher.aesgcm_enc.aes;
-    CK_GCM_PARAMS      params;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-    word32             len;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_AES_GCM,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_DECRYPT) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: AES-GCM Decryption Operation");
-
-        /* Create a private key object or find by id. */
-        if (aes->idLen == 0 && aes->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, CKK_AES,
-                                        (unsigned char*)aes->devKey,
-                                        aes->keylen, NULL, 0, NULL, 0,
-                                        CKA_DECRYPT);
-        }
-        else if (aes->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                       aes->label, aes->labelLen);
-        }
-        else {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                    aes->id, aes->idLen);
-        }
-    }
-
-    if (ret == 0) {
-        params.pIv       = (CK_BYTE_PTR)info->cipher.aesgcm_dec.iv;
-        params.ulIvLen   = info->cipher.aesgcm_dec.ivSz;
-        params.pAAD      = (CK_BYTE_PTR)info->cipher.aesgcm_dec.authIn;
-        params.ulAADLen  = info->cipher.aesgcm_dec.authInSz;
-        params.ulTagBits = info->cipher.aesgcm_dec.authTagSz * 8;
-
-        mech.mechanism      = CKM_AES_GCM;
-        mech.ulParameterLen = sizeof(params);
-        mech.pParameter     = &params;
-
-        rv = session->func->C_DecryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_DecryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = len = info->cipher.aesgcm_dec.sz;
-        rv = session->func->C_DecryptUpdate(session->handle,
-                                        (CK_BYTE_PTR)info->cipher.aesgcm_dec.in,
-                                        info->cipher.aesgcm_dec.sz,
-                                        info->cipher.aesgcm_dec.out,
-                                        &outLen);
-        PKCS11_RV("C_DecryptUpdate", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        /* Put authentication tag in as encrypted data. */
-        outLen = len = (len + info->cipher.aesgcm_dec.authTagSz -
-                                                                (word32)outLen);
-        rv = session->func->C_DecryptUpdate(session->handle,
-                                   (CK_BYTE_PTR)info->cipher.aesgcm_dec.authTag,
-                                   info->cipher.aesgcm_dec.authTagSz,
-                                   info->cipher.aesgcm_dec.out,
-                                   &outLen);
-        PKCS11_RV("C_DecryptUpdate", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = len = (len - (word32)outLen);
-        /* Decrypted data comes out now. */
-        rv = session->func->C_DecryptFinal(session->handle,
-                                           info->cipher.aesgcm_dec.out,
-                                           &outLen);
-        PKCS11_RV("C_DecryptFinal", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (aes->idLen == 0 && aes->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-#endif
-
-#if !defined(NO_AES) && defined(HAVE_AES_CBC)
-/**
- * Performs the AES-CBC encryption operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11AesCbcEncrypt(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Aes*               aes = info->cipher.aescbc.aes;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_AES_CBC,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_ENCRYPT) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: AES-CBC Encryption Operation");
-
-        /* Create a private key object or find by id. */
-        if (aes->idLen == 0 && aes->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, CKK_AES,
-                                        (unsigned char*)aes->devKey,
-                                        aes->keylen, NULL, 0, NULL, 0,
-                                        CKA_ENCRYPT);
-        }
-        else if (aes->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                       aes->label, aes->labelLen);
-        }
-        else {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                    aes->id, aes->idLen);
-        }
-    }
-
-    if (ret == 0) {
-        mech.mechanism      = CKM_AES_CBC;
-        mech.ulParameterLen = WC_AES_BLOCK_SIZE;
-        mech.pParameter     = (CK_BYTE_PTR)info->cipher.aescbc.aes->reg;
-
-        rv = session->func->C_EncryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_EncryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = info->cipher.aescbc.sz;
-        rv = session->func->C_Encrypt(session->handle,
-                                      (CK_BYTE_PTR)info->cipher.aescbc.in,
-                                      info->cipher.aescbc.sz,
-                                      info->cipher.aescbc.out,
-                                      &outLen);
-        PKCS11_RV("C_Encrypt", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (aes->idLen == 0 && aes->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-
-/**
- * Performs the AES-CBC decryption operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11AesCbcDecrypt(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Aes*               aes = info->cipher.aescbc.aes;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_AES_CBC,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_DECRYPT) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: AES-CBC Decryption Operation");
-
-        /* Create a private key object or find by id. */
-        if (aes->idLen == 0 && aes->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, CKK_AES,
-                                        (unsigned char*)aes->devKey,
-                                        aes->keylen, NULL, 0, NULL, 0,
-                                        CKA_DECRYPT);
-        }
-        else if (aes->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                       aes->label, aes->labelLen);
-        }
-        else {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                    aes->id, aes->idLen);
-        }
-    }
-
-    if (ret == 0) {
-        mech.mechanism      = CKM_AES_CBC;
-        mech.ulParameterLen = WC_AES_BLOCK_SIZE;
-        mech.pParameter     = (CK_BYTE_PTR)info->cipher.aescbc.aes->reg;
-
-        rv = session->func->C_DecryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_DecryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = info->cipher.aescbc.sz;
-        rv = session->func->C_Decrypt(session->handle,
-                                        (CK_BYTE_PTR)info->cipher.aescbc.in,
-                                        info->cipher.aescbc.sz,
-                                        info->cipher.aescbc.out,
-                                        &outLen);
-        PKCS11_RV("C_Decrypt", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (aes->idLen == 0 && aes->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-
-#endif
-
-#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
-/**
- * Performs the AES-CTR encryption operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11AesCtrEncrypt(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Aes*               aes = info->cipher.aesctr.aes;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_AES_CTR_PARAMS  params;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_AES_CTR,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_ENCRYPT) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: AES-CTR Encryption Operation");
-
-        /* Create a private key object or find by id. */
-        if (aes->idLen == 0 && aes->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, CKK_AES,
-                                        (unsigned char*)aes->devKey,
-                                        aes->keylen, NULL, 0, NULL, 0,
-                                        CKA_ENCRYPT);
-        }
-        else if (aes->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                       aes->label, aes->labelLen);
-        }
-        else {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                    aes->id, aes->idLen);
-        }
-    }
-
-    if (ret == 0) {
-        XMEMSET(&params, 0, sizeof(params));
-        params.ulCounterBits = WC_AES_BLOCK_SIZE * 8;
-        XMEMCPY(params.cb, info->cipher.aesctr.aes->reg, WC_AES_BLOCK_SIZE);
-
-        mech.mechanism      = CKM_AES_CTR;
-        mech.ulParameterLen = sizeof(params);
-        mech.pParameter     = &params;
-
-        rv = session->func->C_EncryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_EncryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = info->cipher.aesctr.sz;
-        rv = session->func->C_Encrypt(session->handle,
-                                      (CK_BYTE_PTR)info->cipher.aesctr.in,
-                                      info->cipher.aesctr.sz,
-                                      info->cipher.aesctr.out,
-                                      &outLen);
-        PKCS11_RV("C_Encrypt", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (aes->idLen == 0 && aes->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-
-/**
- * Performs the AES-CTR decryption operation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  MEMORY_E when a memory allocation fails.
- * @return  0 on success.
- */
-static int Pkcs11AesCtrDecrypt(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Aes*               aes = info->cipher.aesctr.aes;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_AES_CTR_PARAMS  params;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-
-    /* Check operation is supported. */
-    rv = session->func->C_GetMechanismInfo(session->slotId, CKM_AES_CTR,
-                                                                     &mechInfo);
-    PKCS11_RV("C_GetMechanismInfo", rv);
-    if (rv != CKR_OK || (mechInfo.flags & CKF_DECRYPT) == 0)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0) {
-        WOLFSSL_MSG("PKCS#11: AES-CTR Decryption Operation");
-
-        /* Create a private key object or find by id. */
-        if (aes->idLen == 0 && aes->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, CKK_AES,
-                                        (unsigned char*)aes->devKey,
-                                        aes->keylen, NULL, 0, NULL, 0,
-                                        CKA_DECRYPT);
-        }
-        else if (aes->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                       aes->label, aes->labelLen);
-        }
-        else {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, CKK_AES, session,
-                                    aes->id, aes->idLen);
-        }
-    }
-
-    if (ret == 0) {
-        XMEMSET(&params, 0, sizeof(params));
-        params.ulCounterBits = WC_AES_BLOCK_SIZE * 8;
-        XMEMCPY(params.cb, info->cipher.aesctr.aes->reg, WC_AES_BLOCK_SIZE);
-
-        mech.mechanism      = CKM_AES_CTR;
-        mech.ulParameterLen = sizeof(params);
-        mech.pParameter     = &params;
-
-        rv = session->func->C_DecryptInit(session->handle, &mech, key);
-        PKCS11_RV("C_DecryptInit", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-    if (ret == 0) {
-        outLen = info->cipher.aesctr.sz;
-        rv = session->func->C_Decrypt(session->handle,
-                                        (CK_BYTE_PTR)info->cipher.aesctr.in,
-                                        info->cipher.aesctr.sz,
-                                        info->cipher.aesctr.out,
-                                        &outLen);
-        PKCS11_RV("C_Decrypt", rv);
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-    }
-
-    if (aes->idLen == 0 && aes->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-
-#endif
-
-#ifndef NO_HMAC
-/**
- * Updates or calculates the HMAC of the data.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11Hmac(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-    Hmac*              hmac = info->hmac.hmac;
-    CK_MECHANISM_INFO  mechInfo;
-    CK_OBJECT_HANDLE   key = NULL_PTR;
-    CK_MECHANISM       mech;
-    CK_ULONG           outLen;
-    int                mechType;
-    int                keyType;
-
-    if (hmac->innerHashKeyed == WC_HMAC_INNER_HASH_KEYED_SW)
-        ret = NOT_COMPILED_IN;
-
-    if (ret == 0)
-        ret = Pkcs11HmacTypes(info->hmac.macType, &mechType, &keyType);
-    if (ret == 0) {
-        /* Check operation is supported. */
-        rv = session->func->C_GetMechanismInfo(session->slotId, mechType,
-                                                                     &mechInfo);
-        PKCS11_RV("C_GetMechanismInfo", rv);
-        if (rv != CKR_OK || (mechInfo.flags & CKF_SIGN) == 0)
-            ret = NOT_COMPILED_IN;
-    }
-
-    /* Check whether key been used to initialized. */
-    if (ret == 0 && !hmac->innerHashKeyed) {
-        WOLFSSL_MSG("PKCS#11: HMAC Init");
-
-        /* Check device supports key length. */
-        if (mechInfo.ulMaxKeySize > 0 &&
-                                       (hmac->keyLen < mechInfo.ulMinKeySize ||
-                                        hmac->keyLen > mechInfo.ulMaxKeySize)) {
-            WOLFSSL_MSG("PKCS#11: Key Length not supported");
-            ret = NOT_COMPILED_IN;
-        }
-
-        /* Create a private key object or find by id. */
-        if (ret == 0 && hmac->idLen == 0 && hmac->labelLen == 0) {
-            ret = Pkcs11CreateSecretKey(&key, session, keyType,
-                                    (unsigned char*)hmac->keyRaw, hmac->keyLen,
-                                    NULL, 0, NULL, 0, CKA_SIGN);
-            if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
-                ret = Pkcs11CreateSecretKey(&key, session, CKK_GENERIC_SECRET,
-                                    (unsigned char*)hmac->keyRaw, hmac->keyLen,
-                                    NULL, 0, NULL, 0, CKA_SIGN);
-            }
-
-        }
-        else if (ret == 0 && hmac->labelLen != 0) {
-            ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY, keyType, session,
-                                       hmac->label, hmac->labelLen);
-            if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
-                ret = Pkcs11FindKeyByLabel(&key, CKO_SECRET_KEY,
-                                           CKK_GENERIC_SECRET, session,
-                                           hmac->label, hmac->labelLen);
-            }
-        }
-        else if (ret == 0) {
-            ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY, keyType, session,
-                                    hmac->id, hmac->idLen);
-            if (ret == WC_NO_ERR_TRACE(WC_HW_E)) {
-                ret = Pkcs11FindKeyById(&key, CKO_SECRET_KEY,
-                                        CKK_GENERIC_SECRET, session, hmac->id,
-                                        hmac->idLen);
-            }
-        }
-
-        /* Initialize HMAC operation */
-        if (ret == 0) {
-            mech.mechanism      = mechType;
-            mech.ulParameterLen = 0;
-            mech.pParameter     = NULL;
-
-            rv = session->func->C_SignInit(session->handle, &mech, key);
-            PKCS11_RV("C_SignInit", rv);
-            if (rv != CKR_OK) {
-                ret = WC_HW_E;
-            }
-        }
-
-        /* Don't initialize HMAC again if this succeeded */
-        if (ret == 0)
-            hmac->innerHashKeyed = WC_HMAC_INNER_HASH_KEYED_DEV;
-    }
-    /* Update the HMAC if input data passed in. */
-    if (ret == 0 && info->hmac.inSz > 0) {
-        WOLFSSL_MSG("PKCS#11: HMAC Update");
-
-        rv = session->func->C_SignUpdate(session->handle,
-                                         (CK_BYTE_PTR)info->hmac.in,
-                                         info->hmac.inSz);
-        PKCS11_RV("C_SignUpdate", rv);
-        /* Some algorithm implementations only support C_Sign. */
-        if (rv == CKR_MECHANISM_INVALID) {
-            WOLFSSL_MSG("PKCS#11: HMAC Update/Final not supported");
-            ret = NOT_COMPILED_IN;
-            /* Allow software implementation to set key. */
-            hmac->innerHashKeyed = 0;
-        }
-        else if (rv != CKR_OK)
-            ret = WC_HW_E;
-    }
-    /* Calculate the HMAC result if output buffer specified. */
-    if (ret == 0 && info->hmac.digest != NULL) {
-        WOLFSSL_MSG("PKCS#11: HMAC Final");
-
-        outLen = WC_MAX_DIGEST_SIZE;
-        rv = session->func->C_SignFinal(session->handle,
-                                        (CK_BYTE_PTR)info->hmac.digest,
-                                        &outLen);
-        PKCS11_RV("C_SignFinal", rv);
-        /* Some algorithm implementations only support C_Sign. */
-        if (rv != CKR_OK) {
-            ret = WC_HW_E;
-        }
-        else
-            hmac->innerHashKeyed = 0;
-    }
-
-    if (hmac->idLen == 0 && hmac->labelLen == 0 && key != NULL_PTR)
-        session->func->C_DestroyObject(session->handle, key);
-
-    return ret;
-}
-#endif
-
-#ifndef WC_NO_RNG
-#ifndef HAVE_HASHDRBG
-/**
- * Performs random number generation.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11RandomBlock(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-
-    WOLFSSL_MSG("PKCS#11: Generate Random for Block");
-
-    rv = session->func->C_GenerateRandom(session->handle, info->rng.out,
-                                                                  info->rng.sz);
-    PKCS11_RV("C_GenerateRandom", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    return ret;
-}
-#endif
-
-/**
- * Generates entropy (seed) data.
- *
- * @param  [in]  session  Session object.
- * @param  [in]  info     Cryptographic operation data.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-static int Pkcs11RandomSeed(Pkcs11Session* session, wc_CryptoInfo* info)
-{
-    int                ret = 0;
-    CK_RV              rv;
-
-    WOLFSSL_MSG("PKCS#11: Generate Random for Seed");
-
-    rv = session->func->C_GenerateRandom(session->handle, info->seed.seed,
-                                                                 info->seed.sz);
-    PKCS11_RV("C_GenerateRandom", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-    }
-    return ret;
-}
-#endif
-
-#ifndef NO_CERTS
-
-static int Pkcs11GetCert(Pkcs11Session* session, wc_CryptoInfo* info) {
-    int                 ret = 0;
-    CK_RV               rv  = 0;
-    CK_ULONG            count = 0;
-    CK_OBJECT_HANDLE    certHandle = CK_INVALID_HANDLE;
-    byte               *certData = NULL;
-    CK_ATTRIBUTE    certTemplate[2] = {
-        { CKA_CLASS,           &certClass, sizeof(certClass)   }
-    };
-    CK_ATTRIBUTE   tmpl[] = {
-        { CKA_VALUE,         NULL_PTR, 0 }
-    };
-    CK_ULONG        certTmplCnt = sizeof(certTemplate) / sizeof(*certTemplate);
-    CK_ULONG        tmplCnt = sizeof(tmpl) / sizeof(*tmpl);
-
-    WOLFSSL_MSG("PKCS#11: Retrieve certificate");
-    if (info->cert.labelLen > 0) {
-        certTemplate[1].type = CKA_LABEL;
-        certTemplate[1].pValue = (CK_VOID_PTR)info->cert.label;
-        certTemplate[1].ulValueLen = info->cert.labelLen;
-    }
-    else if (info->cert.idLen > 0) {
-        certTemplate[1].type = CKA_ID;
-        certTemplate[1].pValue = (CK_VOID_PTR)info->cert.id;
-        certTemplate[1].ulValueLen = info->cert.idLen;
-    }
-    else {
-        ret = BAD_FUNC_ARG;
-        goto exit;
-    }
-
-    ret = Pkcs11FindKeyByTemplate(
-        &certHandle, session, certTemplate, certTmplCnt, &count);
-    if (ret == 0 && count == 0) {
-        ret = WC_HW_E;
-        goto exit;
-    }
-
-    PKCS11_DUMP_TEMPLATE("Get Certificate Length", tmpl, tmplCnt);
-    rv = session->func->C_GetAttributeValue(
-        session->handle, certHandle, tmpl, tmplCnt);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-        goto exit;
-    }
-
-    if (tmpl[0].ulValueLen <= 0) {
-        ret = WC_HW_E;
-        goto exit;
-    }
-
-    certData = (byte *)XMALLOC(
-        (int)tmpl[0].ulValueLen, info->cert.heap, DYNAMIC_TYPE_CERT);
-    if (certData == NULL) {
-        ret = MEMORY_E;
-        goto exit;
-    }
-
-    tmpl[0].pValue = certData;
-    rv = session->func->C_GetAttributeValue(
-        session->handle, certHandle, tmpl, tmplCnt);
-    PKCS11_RV("C_GetAttributeValue", rv);
-    if (rv != CKR_OK) {
-        ret = WC_HW_E;
-        goto exit;
-    }
-
-    *info->cert.certDataOut = certData;
-    *info->cert.certSz = (word32)tmpl[0].ulValueLen;
-    if (info->cert.certFormatOut != NULL) {
-        *info->cert.certFormatOut = CTC_FILETYPE_ASN1;
-    }
-    certData = NULL;
-
-exit:
-    XFREE(certData, info->cert.heap, DYNAMIC_TYPE_CERT);
-    return ret;
-}
-
-#endif /* !NO_CERTS */
-
-/**
- * Perform a cryptographic operation using PKCS#11 device.
- *
- * @param  [in]  devId  Device identifier.
- * @param  [in]  info   Cryptographic operation data.
- * @param  [in]  ctx    Context data for device - the token object.
- * @return  WC_HW_E when a PKCS#11 library call fails.
- * @return  0 on success.
- */
-int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
-{
-    int ret = 0;
-    Pkcs11Token* token = (Pkcs11Token*)ctx;
-    Pkcs11Session session;
-
-#ifdef WOLFSSL_PKCS11_RW_TOKENS
-    int readWrite = 1;
-#else
-    int readWrite = 0;
-#endif
-
-    if (devId <= INVALID_DEVID || info == NULL || ctx == NULL)
-        ret = BAD_FUNC_ARG;
-
-    /* Open and close a session around each operation as the operation may not
-     * be compiled in.
-     */
-    if (ret == 0) {
-        if (info->algo_type == WC_ALGO_TYPE_PK) {
-#if !defined(NO_RSA) || defined(HAVE_ECC)
-            switch (info->pk.type) {
-    #ifndef NO_RSA
-                case WC_PK_TYPE_RSA:
-        #ifdef WOLF_CRYPTO_CB_RSA_PAD
-                case WC_PK_TYPE_RSA_PKCS:
-                case WC_PK_TYPE_RSA_PSS:
-                case WC_PK_TYPE_RSA_OAEP:
-        #endif
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11Rsa(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-        #ifdef WOLFSSL_KEY_GEN
-                case WC_PK_TYPE_RSA_KEYGEN:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11RsaKeyGen(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-        #endif
-                case WC_PK_TYPE_RSA_CHECK_PRIV_KEY:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11RsaCheckPrivKey(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-                case WC_PK_TYPE_RSA_GET_SIZE:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11RsaGetSize(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-    #endif
-    #ifdef HAVE_ECC
-        #ifndef NO_PKCS11_EC_KEYGEN
-                case WC_PK_TYPE_EC_KEYGEN:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11EcKeyGen(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-        #endif
-        #ifndef NO_PKCS11_ECDH
-                case WC_PK_TYPE_ECDH:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11ECDH(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-        #endif
-                case WC_PK_TYPE_ECDSA_SIGN:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11ECDSA_Sign(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-                case WC_PK_TYPE_ECDSA_VERIFY:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11ECDSA_Verify(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-                case WC_PK_TYPE_EC_CHECK_PRIV_KEY:
-                    ret = Pkcs11OpenSession(token, &session, readWrite);
-                    if (ret == 0) {
-                        ret = Pkcs11EccCheckPrivKey(&session, info);
-                        Pkcs11CloseSession(token, &session);
-                    }
-                    break;
-    #endif
-                default:
-                    ret = NOT_COMPILED_IN;
-                    break;
-            }
-#else
-            ret = NOT_COMPILED_IN;
-#endif /* !NO_RSA || HAVE_ECC */
-        }
-        else if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
-    #ifndef NO_AES
-            switch (info->cipher.type) {
-        #ifdef HAVE_AESGCM
-                case WC_CIPHER_AES_GCM:
-                    if (info->cipher.enc) {
-                        ret = Pkcs11OpenSession(token, &session, readWrite);
-                        if (ret == 0) {
-                            ret = Pkcs11AesGcmEncrypt(&session, info);
-                            Pkcs11CloseSession(token, &session);
-                        }
-                    }
-                    else {
-                        ret = Pkcs11OpenSession(token, &session, readWrite);
-                        if (ret == 0) {
-                            ret = Pkcs11AesGcmDecrypt(&session, info);
-                            Pkcs11CloseSession(token, &session);
-                        }
-                    }
-                    break;
-        #endif
-        #ifdef HAVE_AES_CBC
-                case WC_CIPHER_AES_CBC:
-                    if (info->cipher.enc) {
-                        ret = Pkcs11OpenSession(token, &session, readWrite);
-                        if (ret == 0) {
-                            ret = Pkcs11AesCbcEncrypt(&session, info);
-                            Pkcs11CloseSession(token, &session);
-                        }
-                    }
-                    else {
-                        ret = Pkcs11OpenSession(token, &session, readWrite);
-                        if (ret == 0) {
-                            ret = Pkcs11AesCbcDecrypt(&session, info);
-                            Pkcs11CloseSession(token, &session);
-                        }
-                    }
-                    break;
-        #endif
-        #ifdef WOLFSSL_AES_COUNTER
-               case WC_CIPHER_AES_CTR:
-                    if (info->cipher.enc) {
-                        ret = Pkcs11OpenSession(token, &session, readWrite);
-                        if (ret == 0) {
-                            ret = Pkcs11AesCtrEncrypt(&session, info);
-                            Pkcs11CloseSession(token, &session);
-                        }
-                    }
-                    else {
-                        ret = Pkcs11OpenSession(token, &session, readWrite);
-                        if (ret == 0) {
-                            ret = Pkcs11AesCtrDecrypt(&session, info);
-                            Pkcs11CloseSession(token, &session);
-                        }
-                    }
-                    break;
-        #endif
-                }
-    #else
-            ret = NOT_COMPILED_IN;
-    #endif
-        }
-        else if (info->algo_type == WC_ALGO_TYPE_HMAC) {
-    #ifndef NO_HMAC
-            ret = Pkcs11OpenSession(token, &session, readWrite);
-            if (ret == 0) {
-                ret = Pkcs11Hmac(&session, info);
-                Pkcs11CloseSession(token, &session);
-            }
-    #else
-            ret = NOT_COMPILED_IN;
-    #endif
-        }
-        else if (info->algo_type == WC_ALGO_TYPE_RNG) {
-    #if !defined(WC_NO_RNG) && !defined(HAVE_HASHDRBG)
-            ret = Pkcs11OpenSession(token, &session, readWrite);
-            if (ret == 0) {
-                ret = Pkcs11RandomBlock(&session, info);
-                Pkcs11CloseSession(token, &session);
-            }
-    #else
-            ret = NOT_COMPILED_IN;
-    #endif
-        }
-        else if (info->algo_type == WC_ALGO_TYPE_SEED) {
-    #ifndef WC_NO_RNG
-            ret = Pkcs11OpenSession(token, &session, readWrite);
-            if (ret == 0) {
-                ret = Pkcs11RandomSeed(&session, info);
-                Pkcs11CloseSession(token, &session);
-            }
-    #else
-            ret = NOT_COMPILED_IN;
-    #endif
-        }
-        else if (info->algo_type == WC_ALGO_TYPE_CERT) {
-    #ifndef NO_CERTS
-            ret = Pkcs11OpenSession(token, &session, readWrite);
-            if (ret == 0) {
-                ret = Pkcs11GetCert(&session, info);
-                Pkcs11CloseSession(token, &session);
-            }
-    #else
-            ret = NOT_COMPILED_IN;
-    #endif
-        }
-        else
-            ret = NOT_COMPILED_IN;
-    }
-
-    return ret;
-}
-
-#endif /* HAVE_PKCS11 */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_xmss.c b/src/ssl/wolfssl/wolfcrypt/wc_xmss.c
deleted file mode 100644
index 1d1c85b80..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_xmss.c
+++ /dev/null
@@ -1,1640 +0,0 @@
-/* wc_xmss.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef WOLFSSL_HAVE_XMSS
-#include <wolfssl/wolfcrypt/wc_xmss.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-
-/***************************
- * DIGEST init and free.
- ***************************/
-
-/* Initialize the digest algorithm to use.
- *
- * @param [in, out] state  XMSS/MT state including digest and parameters.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN when digest algorithm not supported.
- * @return  Other negative when digest algorithm initialization failed.
- */
-static int wc_xmss_digest_init(XmssState* state)
-{
-    int ret;
-    word8 hash = state->params->hash;
-
-#ifdef WC_XMSS_SHA256
-    if (hash == WC_HASH_TYPE_SHA256) {
-        ret = wc_InitSha256(&state->digest.sha256);
-    }
-    else
-#endif
-#ifdef WC_XMSS_SHA512
-    if (hash == WC_HASH_TYPE_SHA512) {
-        ret = wc_InitSha512(&state->digest.sha512);
-    }
-    else
-#endif
-#ifdef WC_XMSS_SHAKE128
-    if (hash == WC_HASH_TYPE_SHAKE128) {
-        ret = wc_InitShake128(&state->digest.shake, NULL, INVALID_DEVID);
-    }
-    else
-#endif
-#ifdef WC_XMSS_SHAKE256
-    if (hash == WC_HASH_TYPE_SHAKE256) {
-        ret = wc_InitShake256(&state->digest.shake, NULL, INVALID_DEVID);
-    }
-    else
-#endif
-    {
-        ret = NOT_COMPILED_IN;
-    }
-
-    return ret;
-}
-/* Free the digest algorithm.
- *
- * @param [in, out] state  XMSS/MT state including digest and parameters.
- */
-static void wc_xmss_digest_free(XmssState* state)
-{
-    word8 hash = state->params->hash;
-
-#ifdef WC_XMSS_SHA256
-    if (hash == WC_HASH_TYPE_SHA256) {
-        wc_Sha256Free(&state->digest.sha256);
-    }
-    else
-#endif
-#ifdef WC_XMSS_SHA512
-    if (hash == WC_HASH_TYPE_SHA512) {
-        wc_Sha512Free(&state->digest.sha512);
-    }
-    else
-#endif
-#ifdef WC_XMSS_SHAKE128
-    if (hash == WC_HASH_TYPE_SHAKE128) {
-        wc_Shake128_Free(&state->digest.shake);
-    }
-    else
-#endif
-#ifdef WC_XMSS_SHAKE256
-    if (hash == WC_HASH_TYPE_SHAKE256) {
-        wc_Shake256_Free(&state->digest.shake);
-    }
-    else
-#endif
-    {
-        /* Do nothing. */
-    }
-}
-
-/* Initialize the XMSS/MT state.
- *
- * @param [in, out] state   XMSS/MT state including digest and parameters.
- * @param [in]      params  Parameters for key.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN when digest algorithm not supported.
- * @return  Other negative when digest algorithm initialization failed.
- */
-static WC_INLINE int wc_xmss_state_init(XmssState* state,
-    const XmssParams* params)
-{
-    state->params = params;
-    state->ret = 0;
-    return wc_xmss_digest_init(state);
-}
-
-/* Free the XMSS/MT state.
- *
- * @param [in, out] state  XMSS/MT state including digest and parameters.
- */
-static WC_INLINE void wc_xmss_state_free(XmssState* state)
-{
-    wc_xmss_digest_free(state);
-}
-
-
-/***************************
- * XMSS PARAMS
- ***************************/
-
-/* Map of XMSS/MT string name to OID.
- */
-typedef struct wc_XmssString {
-    /* Name of algorithm as a string. */
-#ifdef WOLFSSL_NAMES_STATIC
-    const char str[32]; /* large enough for largest string in wc_xmss_alg[] or
-                         * wc_xmssmt_alg[]
-                         */
-#else
-    const char* str;
-#endif
-    /* OID for algorithm. */
-    word32 oid;
-    /* XMSS parameters. */
-    XmssParams params;
-} wc_XmssString;
-
-#ifndef WOLFSSL_WC_XMSS_SMALL
-
-/* Size of BDS State encoded numbers - offset=1, next=3. */
-#define XMSS_BDS_NUMS_SZ      4
-/* Size of treehash encoding - nextIdx=3, completed|used=1. */
-#define XMSS_TREEHASH_SZ      4
-
-/* Calculate Secret key length.
- *
- * See wc_xmss_bds_state_save() and wc_xmss_bds_state_load().
- *
- * SK = idx || wots_sk || SK_PRF || root || SEED || BDSs || OTHER
- * BDSs = (2 * depth - 1) * BDS
- * BDS = stack || height || authPath || keep || nodes || retain ||
- *       offset || next || TREEHASHes
- * TREEHASHes = (Subtree height - BDS k param) * TREEHASH
- * TREEHASH = nextIdx || completed || used
- *
- * @param [in] n  Number of bytes to hash output.
- * @param [in] h  Height of full tree.
- * @param [in] d  Depth of trees (number of subtrees).
- * @param [in] s  Subtree height.
- * @param [in] i  Length of index encoding in bytes.
- * @param [in] k  BDS k parameter.
- * @return  Secret key length in bytes.
- */
-#define XMSS_SK_LEN(n, h, d, s, i, k)                               \
-    (((i) + 4 * (n)) +                                              \
-     (2 * (d) - 1) * (((s) + 1) * (n) +                             \
-                    (s) + 1 +                                       \
-                    (s) * (n) +                                     \
-                    ((s) >> 1) * (n) +                              \
-                    ((s) - (k)) * XMSS_TREEHASH_SZ +                \
-                    ((s) - (k)) * (n) +                             \
-                    XMSS_RETAIN_LEN(k, n) +                         \
-                    XMSS_BDS_NUMS_SZ) +                             \
-     ((d) - 1) * (n) * ((n) * 2 + 3))
-
-#else
-
-/* Calculate Secret key length.
- *
- * SK = idx || wots_sk || SK_PRF || root || SEED
- *
- * @param [in] n  Number of bytes to hash output.
- * @param [in] h  Height of full tree. Unused.
- * @param [in] d  Depth of trees (number of subtrees). Unused.
- * @param [in] s  Subtree height. Unused.
- * @param [in] i  Length of index encoding in bytes.
- * @param [in] k  BDS k parameter. Unused.
- * @return  Secret key length.
- */
-#define XMSS_SK_LEN(n, h, d, s, i, k)                               \
-    ((i) + 4 * (n))
-
-#endif
-
-#ifndef WOLFSSL_XMSS_LARGE_SECRET_KEY
-/* Choose the smaller BDS K parameter. */
-#define XMSS_K(k, kl)   (k)
-#else
-/* Choose the larger BDS K parameter. */
-#define XMSS_K(k, kl)   (kl)
-#endif
-
-/* Calculate all fixed parameter values and output an array declaration.
- *
- * @param [in] hash  Hash algorithm to use.
- * @param [in] n     Number of bytes to hash output.
- * @param [in] p     Number of bytes of padding.
- * @param [in] h     Height of full tree.
- * @param [in] d     Depth of trees (number of subtrees).
- * @param [in] i     Length of index encoding in bytes.
- * @param [in] k     BDS k parameter. 0 or >= 2 but (h/d - k) is even.
- * @param [in] kl    BDS k parameter when large signatures.
- * @return  XMSS/XMSS^MT parameters array declaration.
- */
-#define XMSS_PARAMS(hash, n, p, h, d, i, k, kl)                             \
-    { hash, n, p, (n) * 2 + 3, (n) * ((n) * 2 + 3), h, (h) / (d), (d), (i), \
-      (i) + (n) + (d) * (((n) * 2 + 3) * (n)) + (h) * (n),                  \
-      XMSS_SK_LEN(n, h, d, ((h) / (d)), i, XMSS_K(k, kl)), (n) * 2,         \
-      XMSS_K(k, kl) }
-    /* hash, d, pad_len, wots_len, wots_sig_len, h, sub_h, d, idx_len,
-     * sig_len,
-     * sk_len, pk_len,
-     * bds_k */
-
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20
-/* List of known XMSS algorithm strings and their OIDs. */
-static const wc_XmssString wc_xmss_alg[] = {
-#ifdef WC_XMSS_SHA256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 256 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 256
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHA2_10_256",     WC_XMSS_OID_SHA2_10_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHA2_16_256",     WC_XMSS_OID_SHA2_16_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHA2_20_256",     WC_XMSS_OID_SHA2_20_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 256 */
-#endif /* WC_XMSS_SHA256 */
-#ifdef WC_XMSS_SHA512
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 512 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 512
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHA2_10_512",     WC_XMSS_OID_SHA2_10_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHA2_16_512",     WC_XMSS_OID_SHA2_16_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHA2_20_512",     WC_XMSS_OID_SHA2_20_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 512 */
-#endif /* WC_XMSS_SHA512 */
-
-#ifdef WC_XMSS_SHAKE128
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 256 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 256
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHAKE_10_256",    WC_XMSS_OID_SHAKE_10_256   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHAKE_16_256",    WC_XMSS_OID_SHAKE_16_256   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHAKE_20_256",    WC_XMSS_OID_SHAKE_20_256   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 256 */
-#endif /* WC_XMSS_SHAKE128 */
-
-#ifdef WC_XMSS_SHAKE256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 512 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 512
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHAKE_10_512",    WC_XMSS_OID_SHAKE_10_512   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHAKE_16_512",    WC_XMSS_OID_SHAKE_16_512   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHAKE_20_512",    WC_XMSS_OID_SHAKE_20_512   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 512 */
-#endif /* WC_XMSS_SHAKE256 */
-
-#ifdef WC_XMSS_SHA256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 192 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 192
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHA2_10_192",     WC_XMSS_OID_SHA2_10_192    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHA2_16_192",     WC_XMSS_OID_SHA2_16_192    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHA2_20_192",     WC_XMSS_OID_SHA2_20_192    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 192 */
-#endif /* WC_XMSS_SHA256 */
-
-#ifdef WC_XMSS_SHAKE256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 256 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 256
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHAKE256_10_256", WC_XMSS_OID_SHAKE256_10_256,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHAKE256_16_256", WC_XMSS_OID_SHAKE256_16_256,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHAKE256_20_256", WC_XMSS_OID_SHAKE256_20_256,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 256 */
-#endif /* WC_XMSS_SHAKE256 */
-
-#ifdef WC_XMSS_SHAKE256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 192 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 192
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 10 && WOLFSSL_XMSS_MAX_HEIGHT >= 10
-    { "XMSS-SHAKE256_10_192", WC_XMSS_OID_SHAKE256_10_192,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 10, 1, 4, 0, 4), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 16 && WOLFSSL_XMSS_MAX_HEIGHT >= 16
-    { "XMSS-SHAKE256_16_192", WC_XMSS_OID_SHAKE256_16_192,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 16, 1, 4, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSS-SHAKE256_20_192", WC_XMSS_OID_SHAKE256_20_192,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 20, 1, 4, 0, 0), },
-#endif
-#endif /* HASH_SIZE 192 */
-#endif /* WC_XMSS_SHAKE256 */
-};
-/* Length of array of known XMSS algorithms. */
-#define WC_XMSS_ALG_LEN     (sizeof(wc_xmss_alg) / sizeof(*wc_xmss_alg))
-#endif
-
-/* Convert XMSS algorithm string to an OID - object identifier.
- *
- * @param [out] oid     OID value corresponding to string.
- * @param [in]  s       String to convert.
- * @param [out] params  XMSS/MT parameters.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN on failure.
- */
-static int wc_xmss_str_to_params(const char *s, word32* oid,
-    const XmssParams** params)
-{
-    int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20
-    unsigned int i;
-
-    ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-    for (i = 0; i < WC_XMSS_ALG_LEN; i++) {
-         if (XSTRCMP(s, wc_xmss_alg[i].str) == 0) {
-             *oid = wc_xmss_alg[i].oid;
-             *params = &wc_xmss_alg[i].params;
-             ret = 0;
-             break;
-         }
-    }
-#else
-    (void)s;
-    (void)oid;
-    (void)params;
-    ret = NOT_COMPILED_IN;
-#endif
-
-    return ret;
-}
-
-#if WOLFSSL_XMSS_MAX_HEIGHT >= 20
-/* List of known XMSS^MT algorithm strings and their OIDs. */
-static const wc_XmssString wc_xmssmt_alg[] = {
-#ifdef WC_XMSS_SHA256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 256 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 256
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHA2_20/2_256",      WC_XMSSMT_OID_SHA2_20_2_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHA2_20/4_256",      WC_XMSSMT_OID_SHA2_20_4_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHA2_40/2_256",      WC_XMSSMT_OID_SHA2_40_2_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHA2_40/4_256",      WC_XMSSMT_OID_SHA2_40_4_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHA2_40/8_256",      WC_XMSSMT_OID_SHA2_40_8_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHA2_60/3_256",      WC_XMSSMT_OID_SHA2_60_3_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHA2_60/6_256",      WC_XMSSMT_OID_SHA2_60_6_256     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHA2_60/12_256",     WC_XMSSMT_OID_SHA2_60_12_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   32, 32, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 256 */
-#endif /* WC_XMSS_SHA256 */
-#ifdef WC_XMSS_SHA512
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 512 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 512
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHA2_20/2_512",      WC_XMSSMT_OID_SHA2_20_2_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHA2_20/4_512",      WC_XMSSMT_OID_SHA2_20_4_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHA2_40/2_512",      WC_XMSSMT_OID_SHA2_40_2_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHA2_40/4_512",      WC_XMSSMT_OID_SHA2_40_4_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHA2_40/8_512",      WC_XMSSMT_OID_SHA2_40_8_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHA2_60/3_512",      WC_XMSSMT_OID_SHA2_60_3_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHA2_60/6_512",      WC_XMSSMT_OID_SHA2_60_6_512     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHA2_60/12_512",     WC_XMSSMT_OID_SHA2_60_12_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA512,   64, 64, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 512 */
-#endif /* WC_XMSS_SHA512 */
-
-#ifdef WC_XMSS_SHAKE128
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 256 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 256
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHAKE_20/2_256",     WC_XMSSMT_OID_SHAKE_20_2_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHAKE_20/4_256",     WC_XMSSMT_OID_SHAKE_20_4_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHAKE_40/2_256",     WC_XMSSMT_OID_SHAKE_40_2_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHAKE_40/4_256",     WC_XMSSMT_OID_SHAKE_40_4_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHAKE_40/8_256",     WC_XMSSMT_OID_SHAKE_40_8_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHAKE_60/3_256",     WC_XMSSMT_OID_SHAKE_60_3_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHAKE_60/6_256",     WC_XMSSMT_OID_SHAKE_60_6_256    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHAKE_60/12_256",    WC_XMSSMT_OID_SHAKE_60_12_256   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE128, 32, 32, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 256 */
-#endif /* WC_XMSS_SHAKE128 */
-
-#ifdef WC_XMSS_SHAKE256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 512 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 512
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHAKE_20/2_512",     WC_XMSSMT_OID_SHAKE_20_2_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHAKE_20/4_512",     WC_XMSSMT_OID_SHAKE_20_4_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHAKE_40/2_512",     WC_XMSSMT_OID_SHAKE_40_2_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHAKE_40/4_512",     WC_XMSSMT_OID_SHAKE_40_4_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHAKE_40/8_512",     WC_XMSSMT_OID_SHAKE_40_8_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHAKE_60/3_512",     WC_XMSSMT_OID_SHAKE_60_3_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHAKE_60/6_512",     WC_XMSSMT_OID_SHAKE_60_6_512    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHAKE_60/12_512",    WC_XMSSMT_OID_SHAKE_60_12_512   ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 64, 64, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 512 */
-#endif /* WC_XMSS_SHAKE256 */
-
-#ifdef WC_XMSS_SHA256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 192 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 192
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHA2_20/2_192",      WC_XMSSMT_OID_SHA2_20_2_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHA2_20/4_192",      WC_XMSSMT_OID_SHA2_20_4_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHA2_40/2_192",      WC_XMSSMT_OID_SHA2_40_2_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHA2_40/4_192",      WC_XMSSMT_OID_SHA2_40_4_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHA2_40/8_192",      WC_XMSSMT_OID_SHA2_40_8_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHA2_60/3_192",      WC_XMSSMT_OID_SHA2_60_3_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHA2_60/6_192",      WC_XMSSMT_OID_SHA2_60_6_192     ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHA2_60/12_192",     WC_XMSSMT_OID_SHA2_60_12_192    ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHA256,   24,  4, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 192 */
-#endif /* WC_XMSS_SHA256 */
-
-#ifdef WC_XMSS_SHAKE256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 256 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 256
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHAKE256_20/2_256",  WC_XMSSMT_OID_SHAKE256_20_2_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHAKE256_20/4_256",  WC_XMSSMT_OID_SHAKE256_20_4_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHAKE256_40/2_256",  WC_XMSSMT_OID_SHAKE256_40_2_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHAKE256_40/4_256",  WC_XMSSMT_OID_SHAKE256_40_4_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHAKE256_40/8_256",  WC_XMSSMT_OID_SHAKE256_40_8_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHAKE256_60/3_256",  WC_XMSSMT_OID_SHAKE256_60_3_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHAKE256_60/6_256",  WC_XMSSMT_OID_SHAKE256_60_6_256 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHAKE256_60/12_256", WC_XMSSMT_OID_SHAKE256_60_12_256,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 32, 32, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 256 */
-#endif /* WC_XMSS_SHAKE256 */
-
-#ifdef WC_XMSS_SHAKE256
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 192 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 192
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 20 && WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    { "XMSSMT-SHAKE256_20/2_192",  WC_XMSSMT_OID_SHAKE256_20_2_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 20,  2, 3, 2, 4), },
-    { "XMSSMT-SHAKE256_20/4_192",  WC_XMSSMT_OID_SHAKE256_20_4_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 20,  4, 3, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 40 && WOLFSSL_XMSS_MAX_HEIGHT >= 40
-    { "XMSSMT-SHAKE256_40/2_192",  WC_XMSSMT_OID_SHAKE256_40_2_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 40,  2, 5, 2, 4), },
-    { "XMSSMT-SHAKE256_40/4_192",  WC_XMSSMT_OID_SHAKE256_40_4_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 40,  4, 5, 2, 4), },
-    { "XMSSMT-SHAKE256_40/8_192",  WC_XMSSMT_OID_SHAKE256_40_8_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 40,  8, 5, 0, 0), },
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 60 && WOLFSSL_XMSS_MAX_HEIGHT >= 60
-    { "XMSSMT-SHAKE256_60/3_192",  WC_XMSSMT_OID_SHAKE256_60_3_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 60,  3, 8, 2, 4), },
-    { "XMSSMT-SHAKE256_60/6_192",  WC_XMSSMT_OID_SHAKE256_60_6_192 ,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 60,  6, 8, 2, 4), },
-    { "XMSSMT-SHAKE256_60/12_192", WC_XMSSMT_OID_SHAKE256_60_12_192,
-      XMSS_PARAMS(WC_HASH_TYPE_SHAKE256, 24,  4, 60, 12, 8, 0, 0), },
-#endif
-#endif /* HASH_SIZE 192 */
-#endif /* WC_XMSS_SHAKE256 */
-};
-/* Length of array of known XMSS^MT algorithms. */
-#define WC_XMSSMT_ALG_LEN   (sizeof(wc_xmssmt_alg) / sizeof(*wc_xmssmt_alg))
-#endif
-
-/* Convert XMSS^MT algorithm string to an OID - object identifier.
- *
- * @param [out] oid     OID value corresponding to string.
- * @param [in]  s       String to convert.
- * @param [out] params  XMSS/MT parameters.
- * @return  0 on success.
- * @return  NOT_COMPILED_IN on failure.
- */
-static int wc_xmssmt_str_to_params(const char *s, word32* oid,
-    const XmssParams** params)
-{
-    int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-#if WOLFSSL_XMSS_MAX_HEIGHT >= 20
-    unsigned int i;
-
-    ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
-    for (i = 0; i < WC_XMSSMT_ALG_LEN; i++) {
-         if (XSTRCMP(s, wc_xmssmt_alg[i].str) == 0) {
-             *oid = wc_xmssmt_alg[i].oid;
-             *params = &wc_xmssmt_alg[i].params;
-             ret = 0;
-             break;
-         }
-    }
-#else
-    (void)s;
-    (void)oid;
-    (void)params;
-    ret = NOT_COMPILED_IN;
-#endif
-
-    return ret;
-}
-
-/***************************
- * OTHER Internal APIs
- ***************************/
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-/* Allocates the XMSS secret key (sk) array.
- *
- * The XMSS/XMSS^MT secret key length is a function of the
- * parameters, and can't be allocated until the param string
- * has been set with SetParamStr.
- *
- * This is only called by MakeKey() and Reload().
- *
- * Note: the XMSS sk array is force zeroed after every use.
- *
- * @param [in] key  The XMSS key.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_FUNC_ARG when private key already allocated.
- * @return  MEMORY_E when allocating dynamic memory fails.
- */
-static int wc_xmsskey_alloc_sk(XmssKey* key)
-{
-    int ret = 0;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Ensure the private key doesn't exist. */
-    else if (key->sk != NULL) {
-        WOLFSSL_MSG("error: XMSS secret key already exists");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* The XMSS/XMSS^MT secret key length is a function of the
-         * parameters. Therefore can't allocate this until param
-         * string has been set. */
-        ret = wc_XmssKey_GetPrivLen(key, &key->sk_len);
-    }
-    if (ret == 0) {
-        /* Allocate a buffer to hold secret key. */
-        key->sk = (unsigned char *)XMALLOC(key->sk_len, NULL,
-            DYNAMIC_TYPE_TMP_BUFFER);
-        if (key->sk == NULL) {
-            WOLFSSL_MSG("error: malloc XMSS key->sk failed");
-            ret = MEMORY_E;
-        }
-    }
-
-    if (ret == 0) {
-        /* Zeroize private key buffer. */
-        ForceZero(key->sk, key->sk_len);
-    }
-
-    return ret;
-}
-
-/* Signs the message using the XMSS secret key, and
- * updates the secret key on NV storage.
- *
- * Both operations must succeed to be considered
- * successful.
- *
- * On success:  sets key state to WC_XMSS_STATE_OK.
- * On failure:  sets key state to WC_XMSS_STATE_BAD
- *
- * If no signatures are left, sets state to WC_XMSS_STATE_NOSIGS.
- *
- * @return  IO_FAILED_E when reading or writing private key failed.
- * @return  KEY_EXHAUSTED_E when no more keys in private key available.
- * @return  BAD_COND_E when generated signature length is invalid.
- */
-static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig,
-    const byte* msg, int msgLen)
-{
-    int            ret = 0;
-    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
-
-    /* Set the key state to bad by default. State is presumed bad unless a
-     * correct sign and update operation happen together. */
-    key->state = WC_XMSS_STATE_BAD;
-
-    /* Read the current secret key from NV storage.*/
-    cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
-    if (cb_rc != WC_XMSS_RC_READ_TO_MEMORY) {
-        /* Read from NV storage failed. */
-        WOLFSSL_MSG("error: XMSS read_private_key failed");
-        ret = IO_FAILED_E;
-    }
-
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, XmssState, 1, 0);
-
-        WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize state for use in signing. */
-            ret = wc_xmss_state_init(state, key->params);
-            if (ret == 0) {
-                /* Read was good. Now sign and update the secret key in memory.
-                 */
-            #ifndef WOLFSSL_WC_XMSS_SMALL
-                if (key->is_xmssmt) {
-                    ret = wc_xmssmt_sign(state, msg, msgLen, key->sk, sig);
-                }
-                else {
-                    ret = wc_xmss_sign(state, msg, msgLen, key->sk, sig);
-                }
-            #else
-                ret = wc_xmssmt_sign(state, msg, msgLen, key->sk, sig);
-            #endif
-                if (ret == WC_NO_ERR_TRACE(KEY_EXHAUSTED_E)) {
-                    /* Signature space exhausted. */
-                    key->state = WC_XMSS_STATE_NOSIGS;
-                    WOLFSSL_MSG("error: no XMSS signatures remaining");
-                }
-                else if (ret != 0) {
-                    /* Something failed or inconsistent in signature. Erase the
-                     * signature just to be safe. */
-                    ForceZero(sig, key->params->sig_len);
-                    WOLFSSL_MSG("error: XMSS sign failed");
-                }
-                /* Free state after use. */
-                wc_xmss_state_free(state);
-            }
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-
-    if (ret == 0) {
-        /* The signature succeeded. key->sk is now updated and must be
-         * committed to NV storage. */
-        cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
-        if (cb_rc != WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
-            /* Write to NV storage failed. Erase the signature from
-             * memory. */
-            ForceZero(sig, key->params->sig_len);
-            WOLFSSL_MSG("error: XMSS write_private_key failed");
-            ret = IO_FAILED_E;
-        }
-    }
-    if (ret == 0) {
-        /* key->sk was successfully committed to NV storage. Set the
-         * key state to OK, and set the sigLen. */
-        key->state = WC_XMSS_STATE_OK;
-    }
-
-    /* Force zero the secret key from memory always. */
-    ForceZero(key->sk, key->sk_len);
-
-    return ret;
-}
-#endif /* !WOLFSSL_XMSS_VERIFY_ONLY */
-
-/***************************
- * PUBLIC API
- ***************************/
-
-/* Init an XMSS key.
- *
- * Call this before setting the parms of an XMSS key.
- *
- * @param [in] key    The XMSS key to init.
- * @param [in] heap   Unused.
- * @param [in] devId  Unused.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- */
-int wc_XmssKey_Init(XmssKey* key, void* heap, int devId)
-{
-    int ret = 0;
-
-    (void) heap;
-    (void) devId;
-
-    /* Validate parameters. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Zeroize key and set state to initialized. */
-        ForceZero(key, sizeof(XmssKey));
-        key->state = WC_XMSS_STATE_INITED;
-    }
-
-    return ret;
-}
-
-/* Set the XMSS key parameter string.
- *
- * The input string must be one of the supported parm set names in
- * the "Name" section from the table in wolfssl/wolfcrypt/xmss.h,
- * e.g. "XMSS-SHA2_10_256" or "XMSSMT-SHA2_20/4_256".
- *
- * @param [in] key  The XMSS key to set.
- * @param [in] str  The XMSS/XMSS^MT parameter string.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_FUNC_ARG when string not recognized.
- * @return  BAD_STATE_E when wrong state for operation.
- * @return  NOT_COMPILED_IN when string not supported.
- */
-int wc_XmssKey_SetParamStr(XmssKey* key, const char* str)
-{
-    int      ret = 0;
-    word32   oid = 0;
-    int      is_xmssmt = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (str == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Validate state. */
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_INITED)) {
-        WOLFSSL_MSG("error: XMSS key needs init");
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Check which type of algorithm the string is for. */
-        is_xmssmt = (XMEMCMP(str, "XMSS-", 5) != 0);
-
-        /* Convert XMSS param string to OID. */
-        if (is_xmssmt) {
-            ret = wc_xmssmt_str_to_params(str, &oid, &key->params);
-        }
-        else {
-            ret = wc_xmss_str_to_params(str, &oid, &key->params);
-        }
-        if (ret != 0) {
-            WOLFSSL_MSG("error: xmssmt_str_to_params failed");
-            ret = BAD_FUNC_ARG;
-        }
-    }
-
-    if (ret == 0) {
-        /* Set key info. */
-        key->oid = oid;
-        key->is_xmssmt = is_xmssmt;
-        key->state = WC_XMSS_STATE_PARMSET;
-    }
-
-    return ret;
-}
-
-/* Force zeros and frees the XMSS key from memory.
- *
- * This does not touch the private key saved to non-volatile storage.
- *
- * This is the only function that frees the key->sk array.
- *
- * @param [in] key  XMSS key.
- */
-void wc_XmssKey_Free(XmssKey* key)
-{
-    /* Validate parameter. */
-    if (key != NULL) {
-    #ifndef WOLFSSL_XMSS_VERIFY_ONLY
-        if (key->sk != NULL) {
-            /* Zeroize private key. */
-            ForceZero(key->sk, key->sk_len);
-            XFREE(key->sk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            key->sk = NULL;
-            key->sk_len = 0;
-        }
-    #endif /* !WOLFSSL_XMSS_VERIFY_ONLY */
-
-        /* Ensure all data is zeroized. */
-        ForceZero(key, sizeof(XmssKey));
-
-        /* Set the state to freed. */
-        key->state = WC_XMSS_STATE_FREED;
-    }
-}
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-/* Sets the XMSS write private key callback.
- *
- * The callback must be able to write/update the private key to
- * non-volatile storage.
- *
- * @param [in] key       The XMSS key.
- * @param [in] write_cb  The write private key callback.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_STATE_E when wrong state for operation.
- */
-int wc_XmssKey_SetWriteCb(XmssKey* key, wc_xmss_write_private_key_cb write_cb)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (write_cb == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Changing the write callback of an already working key is forbidden. */
-    else if (key->state == WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_XmssKey_SetWriteCb: key in use");
-        ret = BAD_STATE_E;
-    }
-    else {
-        /* Set write callback for storing private key. */
-        key->write_private_key = write_cb;
-    }
-
-    return ret;
-}
-
-/* Sets the XMSS read private key callback.
- *
- * The callback must be able to read the private key from
- * non-volatile storage.
- *
- * @param [in] key      The XMSS key.
- * @param [in] read_cb  The read private key callback.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_STATE_E when wrong state for operation.
- */
-int wc_XmssKey_SetReadCb(XmssKey* key, wc_xmss_read_private_key_cb read_cb)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (read_cb == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Changing the read callback of an already working key is forbidden. */
-    else if (key->state == WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_XmssKey_SetReadCb: key in use");
-        ret = BAD_STATE_E;
-    }
-    else {
-        /* Set write callback for getting private key. */
-        key->read_private_key = read_cb;
-    }
-
-    return ret;
-}
-
-/* Sets the XMSS context to be used by write and read callbacks.
- *
- * E.g. this could be a filename if the callbacks write/read to file.
- *
- * @param [in] key      The XMSS key.
- * @param [in] context  The context pointer.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_STATE_E when wrong state for operation.
- */
-int wc_XmssKey_SetContext(XmssKey* key, void* context)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (context == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Setting context of an already working key is forbidden. */
-    else if (key->state == WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: wc_XmssKey_SetContext: key in use");
-        ret = BAD_STATE_E;
-    }
-    else {
-        /* Set read/write callback context for accessing the private key. */
-        key->context = context;
-    }
-
-    return ret;
-}
-
-/* Make the XMSS/XMSS^MT private/public key pair. The key must have its
- * parameters set before calling this.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * This function and Reload() are the only functions that allocate
- * key->sk array. wc_XmssKey_FreeKey is the only function that
- * deallocates key->sk.
- *
- * @param [in] key  The XMSS key to make.
- * @param [in] rng  Initialized WC_RNG pointer.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_FUNC_ARG when a write private key is not set.
- * @return  BAD_FUNC_ARG when a read/write private key context is not set.
- * @return  BAD_FUNC_ARG when private key already allocated.
- * @return  MEMORY_E when allocating dynamic memory fails.
- * @return  BAD_STATE_E when wrong state for operation.
- * @return  IO_FAILED_E when writing private key failed.
- * @return  Other negative when random number generation failed.
- */
-int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng)
-{
-    int            ret = 0;
-    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
-#ifdef WOLFSSL_SMALL_STACK
-    unsigned char* seed = NULL;
-#else
-    unsigned char  seed[3 * WC_XMSS_MAX_N];
-#endif
-
-    /* Validate parameters */
-    if ((key == NULL) || (rng == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_PARMSET)) {
-        WOLFSSL_MSG("error: XmssKey not ready for generation");
-        ret = BAD_STATE_E;
-    }
-    /* Ensure write callback available. */
-    if ((ret == 0) && (key->write_private_key == NULL)) {
-        WOLFSSL_MSG("error: XmssKey write callback is not set");
-        ret = BAD_FUNC_ARG;
-    }
-    /* Ensure read/write callback context available. */
-    if ((ret == 0) && (key->context == NULL)) {
-        WOLFSSL_MSG("error: XmssKey context is not set");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Allocate sk array. */
-        ret = wc_xmsskey_alloc_sk(key);
-    }
-#ifdef WOLFSSL_SMALL_STACK
-    if (ret == 0) {
-        seed = (unsigned char*)XMALLOC(3 * key->params->n, NULL,
-            DYNAMIC_TYPE_TMP_BUFFER);
-        if (seed == NULL) {
-            ret = MEMORY_E;
-        }
-    }
-#endif
-
-    if (ret == 0) {
-        /* Generate three random seeds. */
-        ret = wc_RNG_GenerateBlock(rng, seed, 3 * key->params->n);
-    }
-
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, XmssState, 1, 0);
-
-        WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize state for use in key generation. */
-            ret = wc_xmss_state_init(state, key->params);
-            if (ret == 0) {
-                /* Finally make the private/public key pair. Immediately write
-                 * it to NV storage and then clear from memory. */
-            #ifndef WOLFSSL_WC_XMSS_SMALL
-                if (key->is_xmssmt) {
-                    ret = wc_xmssmt_keygen(state, seed, key->sk, key->pk);
-                }
-                else {
-                    ret = wc_xmss_keygen(state, seed, key->sk, key->pk);
-                }
-            #else
-                ret = wc_xmssmt_keygen(state, seed, key->sk, key->pk);
-            #endif
-                if (ret != 0) {
-                    WOLFSSL_MSG("error: XMSS keygen failed");
-                    key->state = WC_XMSS_STATE_BAD;
-                }
-                /* Free state after use. */
-                wc_xmss_state_free(state);
-            }
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-
-    if (ret == 0) {
-        /* Write out private key. */
-        cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
-        /* Zeroize private key data whether it was saved or not. */
-        ForceZero(key->sk, key->sk_len);
-        /* Check writing succeeded. */
-        if (cb_rc != WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
-            WOLFSSL_MSG("error: XMSS write to NV storage failed");
-            key->state = WC_XMSS_STATE_BAD;
-            ret = IO_FAILED_E;
-        }
-    }
-
-    if (ret == 0) {
-        key->state = WC_XMSS_STATE_OK;
-    }
-
-    WC_FREE_VAR_EX(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    return ret;
-}
-
-/* This function allocates the secret key buffer, and does a
- * quick sanity check to verify the secret key is readable
- * from NV storage, and then force zeros the key from memory.
- *
- * On success it sets the key state to OK.
- *
- * Use this function to resume signing with an already existing
- * XMSS key pair.
- *
- * Write/read callbacks, and context data, must be set prior.
- * Key must have parameters set.
- *
- * This function and MakeKey are the only functions that allocate
- * key->sk array. wc_XmssKey_FreeKey is the only function that
- * deallocates key->sk.
- *
- * @params [in] key  XMSS key to load.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_FUNC_ARG when a read or write function is not set.
- * @return  BAD_FUNC_ARG when a read/write function context is not set.
- * @return  BAD_FUNC_ARG when private key already allocated.
- * @return  MEMORY_E when allocating dynamic memory fails.
- * @return  BAD_STATE_E when wrong state for operation.
- * @return  IO_FAILED_E when reading private key failed.
- */
-int wc_XmssKey_Reload(XmssKey* key)
-{
-    int            ret = 0;
-    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_PARMSET)) {
-        WOLFSSL_MSG("error: XmssKey not ready for reload");
-        ret = BAD_STATE_E;
-    }
-    /* Ensure read and write callbacks are available. */
-    if ((ret == 0) && ((key->write_private_key == NULL) ||
-            (key->read_private_key == NULL))) {
-        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
-        ret = BAD_FUNC_ARG;
-    }
-    /* Ensure read and write callback context is available. */
-    if ((ret == 0) && (key->context == NULL)) {
-        WOLFSSL_MSG("error: XmssKey context is not set");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Allocate sk array. */
-        ret = wc_xmsskey_alloc_sk(key);
-    }
-
-    if (ret == 0) {
-        /* Read the current secret key from NV storage. Force clear it
-         * immediately. This is just to sanity check the secret key
-         * is readable from permanent storage. */
-        cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
-        ForceZero(key->sk, key->sk_len);
-        /* Check reading succeeded. */
-        if (cb_rc != WC_XMSS_RC_READ_TO_MEMORY) {
-            WOLFSSL_MSG("error: XMSS read from NV storage failed");
-            key->state = WC_XMSS_STATE_BAD;
-            ret = IO_FAILED_E;
-        }
-    }
-    if (ret == 0) {
-        key->state = WC_XMSS_STATE_OK;
-    }
-
-    return ret;
-}
-
-/* Gets the XMSS/XMSS^MT private key length.
- *
- * Parameters must be set before calling this, as the key size (sk_len)
- * is a function of the parameters.
- *
- * Note: the XMSS/XMSS^MT private key format is implementation specific,
- * and not standardized. Interoperability of XMSS private keys should
- * not be expected.
- *
- * @param [in]  key  XMSS key.
- * @param [out] len  Length of the private key in bytes.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_STATE_E when wrong state for operation.
- * */
-int wc_XmssKey_GetPrivLen(const XmssKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && ((key->state != WC_XMSS_STATE_OK) &&
-            (key->state != WC_XMSS_STATE_PARMSET))) {
-        /* params->sk_len not set yet. */
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Calculate private key length: OID + private key bytes. */
-        *len = XMSS_OID_LEN + (word32)key->params->sk_len;
-    }
-
-    return ret;
-}
-
-/* Sign the message using the XMSS secret key.
- *
- * @param [in]      key     XMSS key to use to sign.
- * @param [in]      sig     Buffer to write signature into.
- * @param [in, out] sigLen  On in, size of buffer.
- *                          On out, the length of the signature in bytes.
- * @param [in]      msg     Message to sign.
- * @param [in]      msgLen  Length of the message in bytes.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_FUNC_ARG when a write private key is not set.
- * @return  BAD_FUNC_ARG when a read/write private key context is not set.
- * @return  BAD_STATE_E when wrong state for operation.
- * @return  BUFFER_E when sigLen is too small.
- * @return  IO_FAILED_E when reading or writing private key failed.
- * @return  KEY_EXHAUSTED_E when no more keys in private key available.
- * @return  BAD_COND_E when generated signature length is invalid.
- */
-int wc_XmssKey_Sign(XmssKey* key, byte* sig, word32* sigLen, const byte* msg,
-    int msgLen)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (sigLen == NULL) || (msg == NULL) ||
-            (msgLen <= 0)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && (key->state == WC_XMSS_STATE_NOSIGS)) {
-        WOLFSSL_MSG("error: XMSS signatures exhausted");
-        ret = BAD_STATE_E;
-    }
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_OK)) {
-       /* The key had an error the last time it was used, and we
-        * can't guarantee its state. */
-        WOLFSSL_MSG("error: can't sign, XMSS key not in good state");
-        ret = BAD_STATE_E;
-    }
-    /* Check signature buffer size. */
-    if ((ret == 0) && (*sigLen < key->params->sig_len)) {
-        /* Signature buffer too small. */
-        WOLFSSL_MSG("error: XMSS sig buffer too small");
-        ret = BUFFER_E;
-    }
-    /* Check read and write callbacks available. */
-    if ((ret == 0) && ((key->write_private_key == NULL) ||
-            (key->read_private_key == NULL))) {
-        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
-        ret = BAD_FUNC_ARG;
-    }
-    /* Check read/write callback context available. */
-    if ((ret == 0) && (key->context == NULL)) {
-        WOLFSSL_MSG("error: XmssKey context is not set");
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        *sigLen = key->params->sig_len;
-        /* Finally, sign and update the secret key. */
-        ret = wc_xmsskey_signupdate(key, sig, msg, msgLen);
-    }
-
-    return ret;
-}
-
-/* Check if more signatures are possible with key.
- *
- * @param [in] key  XMSS key to check.
- * @return  1 when signatures possible.
- * @return  0 when key exhausted.
- */
-int  wc_XmssKey_SigsLeft(XmssKey* key)
-{
-    int ret;
-
-    /* Validate parameter. */
-    if (key == NULL) {
-        ret = 0;
-    }
-    /* Validate state. */
-    else if (key->state == WC_XMSS_STATE_NOSIGS) {
-        WOLFSSL_MSG("error: XMSS signatures exhausted");
-        ret = 0;
-    }
-    else if (key->state != WC_XMSS_STATE_OK) {
-        WOLFSSL_MSG("error: can't sign, XMSS key not in good state");
-        ret = 0;
-    }
-    /* Read the current secret key from NV storage.*/
-    else if (key->read_private_key(key->sk, key->sk_len, key->context) !=
-             WC_XMSS_RC_READ_TO_MEMORY) {
-        WOLFSSL_MSG("error: XMSS read_private_key failed");
-        ret = 0;
-    }
-    else {
-        /* Ask implementation to check index in private key. */
-        ret = wc_xmss_sigsleft(key->params, key->sk);
-    }
-
-    return ret;
-}
-#endif /* !WOLFSSL_XMSS_VERIFY_ONLY*/
-
-/* Get the XMSS/XMSS^MT public key length.
- *
- * The public key is static in size and does not depend on parameters,
- * other than the choice of SHA256 as hashing function.
- *
- * @param [in]  key  XMSS key.
- * @param [out] len  Length of the public key.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  NOT_COMPILED_IN when a hash algorithm not supported.
- */
-int wc_XmssKey_GetPubLen(const XmssKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    else {
-        *len = XMSS_OID_LEN + key->params->pk_len;
-    }
-
-    return ret;
-}
-
-/* Export public key and parameters from one XmssKey to another.
- *
- * Use this to prepare a signature verification XmssKey that is pub only.
- *
- * @param [out] keyDst  Destination key for copy.
- * @param [in]  keySrc  Source key for copy.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a key is NULL.
- * @return  Other negative when digest algorithm initialization failed.
- */
-int wc_XmssKey_ExportPub(XmssKey* keyDst, const XmssKey* keySrc)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((keyDst == NULL) || (keySrc == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Zeroize the new key. */
-        ForceZero(keyDst, sizeof(XmssKey));
-
-        /* Copy over the public key. */
-        XMEMCPY(keyDst->pk, keySrc->pk, sizeof(keySrc->pk));
-
-        /* Copy over the key info. */
-        keyDst->oid = keySrc->oid;
-        keyDst->is_xmssmt = keySrc->is_xmssmt;
-        keyDst->params = keySrc->params;
-    }
-    if (ret == 0) {
-        /* Mark keyDst as verify only, to prevent misuse. */
-        keyDst->state = WC_XMSS_STATE_VERIFYONLY;
-    }
-
-    return 0;
-}
-
-/* Exports the raw XMSS public key buffer from key to out buffer.
- *
- * The out buffer should be large enough to hold the public key, and
- * outLen should indicate the size of the buffer.
- *
- * @param [in]       key     XMSS key.
- * @param [out]      out     Array holding public key.
- * @param [in, out]  outLen  On in, size of buffer.
- *                           On out, the length of the public key.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BUFFER_E if array is too small.
- */
-int wc_XmssKey_ExportPubRaw(const XmssKey* key, byte* out, word32* outLen)
-{
-    int    ret = 0;
-    word32 pubLen = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (out == NULL) || (outLen == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    /* Get the public key length. */
-    if (ret == 0) {
-        ret = wc_XmssKey_GetPubLen(key, &pubLen);
-    }
-    /* Check the output buffer is large enough. */
-    if ((ret == 0) && (*outLen < pubLen)) {
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        int i = 0;
-        /* First copy the oid into buffer. */
-        for (; i < XMSS_OID_LEN; i++) {
-            out[XMSS_OID_LEN - i - 1] = (key->oid >> (8 * i)) & 0xFF;
-        }
-        /* Copy the public key data into buffer after oid. */
-        XMEMCPY(out + XMSS_OID_LEN, key->pk, pubLen - XMSS_OID_LEN);
-        /* Return actual public key length. */
-        *outLen = pubLen;
-    }
-
-    return ret;
-}
-
-/* Imports a raw public key buffer from in array to XmssKey key.
- *
- * The XMSS parameters must be set first with wc_XmssKey_SetParamStr,
- * and inLen must match the length returned by wc_XmssKey_GetPubLen.
- *
- * @param [in, out] key     XMSS key.
- * @param [in]      in      Array holding public key.
- * @param [in]       inLen  Length of array in bytes.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BUFFER_E if array is incorrect size.
- * @return  BAD_STATE_E when wrong state for operation.
- * */
-int wc_XmssKey_ImportPubRaw(XmssKey* key, const byte* in, word32 inLen)
-{
-    int    ret = 0;
-    word32 pubLen = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (in == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_PARMSET)) {
-        /* XMSS key not ready for import. Param str must be set first. */
-        WOLFSSL_MSG("error: XMSS key not ready for import");
-        ret = BAD_STATE_E;
-    }
-
-    /* Get the public key length. */
-    if (ret == 0) {
-        ret = wc_XmssKey_GetPubLen(key, &pubLen);
-    }
-    /* Check the input buffer is the right size. */
-    if ((ret == 0) && (inLen != pubLen)) {
-        /* Something inconsistent. Parameters weren't set, or input
-         * pub key is wrong.*/
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        /* Copy the public key data into key. */
-        XMEMCPY(key->pk, in + XMSS_OID_LEN, pubLen - XMSS_OID_LEN);
-
-        /* Update state to verify-only as we don't have a private key. */
-        key->state = WC_XMSS_STATE_VERIFYONLY;
-    }
-
-    return ret;
-}
-
-/* Gets the XMSS/XMSS^MT signature length.
- *
- * Parameters must be set before calling this, as the signature size
- * is a function of the parameters.
- *
- * Note: call this before wc_XmssKey_Sign or Verify so you know the
- * length of the required signature buffer.
- *
- * @param [in]  key  XMSS key to use to sign.
- * @param [out] len  The length of the signature in bytes.
- *
- * @return  0 on success.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_STATE_E when wrong state for operation.
- * */
-int wc_XmssKey_GetSigLen(const XmssKey* key, word32* len)
-{
-    int ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (len == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_OK) &&
-            (key->state != WC_XMSS_STATE_PARMSET)) {
-        ret = BAD_STATE_E;
-    }
-
-    if (ret == 0) {
-        /* Return the calculated signature length. */
-        *len = key->params->sig_len;
-    }
-
-    return ret;
-}
-
-/* Verify the signature using the XMSS public key.
- *
- * Requires that XMSS parameters have been set with
- * wc_XmssKey_SetParamStr, and that a public key is available
- * from importing or MakeKey().
- *
- * Call wc_XmssKey_GetSigLen() before this function to determine
- * length of the signature buffer.
- *
- * @param [in] key     XMSS key to use to verify.
- * @param [in] sig     Signature to verify.
- * @param [in] sigLen  Size of signature in bytes.
- * @param [in] m       Message to verify.
- * @param [in] mLen    Length of the message in bytes.
- *
- * @return  0 on success.
- * @return  SIG_VERIFY_E when signature did not verify message.
- * @return  BAD_FUNC_ARG when a parameter is NULL.
- * @return  BAD_STATE_E when wrong state for operation.
- * @return  BUFFER_E when sigLen is too small.
- */
-int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigLen,
-    const byte* m, int mLen)
-{
-    int            ret = 0;
-
-    /* Validate parameters. */
-    if ((key == NULL) || (sig == NULL) || (m == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-    /* Validate state. */
-    if ((ret == 0) && (key->state != WC_XMSS_STATE_OK) &&
-            (key->state != WC_XMSS_STATE_VERIFYONLY)) {
-        /* XMSS key not ready for verification. Param str must be
-         * set first, and Reload() called. */
-        WOLFSSL_MSG("error: XMSS key not ready for verification");
-        ret = BAD_STATE_E;
-    }
-    /* Check the signature is the big enough. */
-    if ((ret == 0) && (sigLen < key->params->sig_len)) {
-        /* Signature buffer too small. */
-        ret = BUFFER_E;
-    }
-
-    if (ret == 0) {
-        WC_DECLARE_VAR(state, XmssState, 1, 0);
-
-        WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER,
-            ret=MEMORY_E);
-        if (WC_VAR_OK(state))
-        {
-            /* Initialize state for use in verification. */
-            ret = wc_xmss_state_init(state, key->params);
-            if (ret == 0) {
-                /* Verify using either XMSS^MT function as it works for both. */
-                ret = wc_xmssmt_verify(state, m, mLen, sig, key->pk);
-                /* Free state after use. */
-                wc_xmss_state_free(state);
-            }
-            WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-    }
-
-    return ret;
-}
-
-#endif /* WOLFSSL_HAVE_XMSS */
diff --git a/src/ssl/wolfssl/wolfcrypt/wc_xmss_impl.c b/src/ssl/wolfssl/wolfcrypt/wc_xmss_impl.c
deleted file mode 100644
index 6e02ff31b..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wc_xmss_impl.c
+++ /dev/null
@@ -1,4373 +0,0 @@
-/* wc_xmss_impl.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-/* Based on:
- *  o RFC 8391 - XMSS: eXtended Merkle Signature Scheme
- *  o [HDSS] "Hash-based Digital Signature Schemes", Buchmann, Dahmen and Szydlo
- *    from "Post Quantum Cryptography", Springer 2009.
- *  o [OPX] "Optimal Parameters for XMSS^MT", Hulsing, Rausch and Buchmann
- *
- * TODO: "Simple and Memory-efficient Signature Generation of XMSS^MT"
- *       (https://ece.engr.uvic.ca/~raltawy/SAC2021/9.pdf)
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#include <wolfssl/wolfcrypt/wc_xmss.h>
-#include <wolfssl/wolfcrypt/hash.h>
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-#if defined(WOLFSSL_HAVE_XMSS)
-
-/* Indices into Hash Address. */
-#define XMSS_ADDR_LAYER                 0
-#define XMSS_ADDR_TREE_HI               1
-#define XMSS_ADDR_TREE                  2
-#define XMSS_ADDR_TYPE                  3
-#define XMSS_ADDR_OTS                   4
-#define XMSS_ADDR_LTREE                 4
-#define XMSS_ADDR_TREE_ZERO             4
-#define XMSS_ADDR_CHAIN                 5
-#define XMSS_ADDR_TREE_HEIGHT           5
-#define XMSS_ADDR_HASH                  6
-#define XMSS_ADDR_TREE_INDEX            6
-#define XMSS_ADDR_KEY_MASK              7
-
-/* Types of hash addresses. */
-#define WC_XMSS_ADDR_TYPE_OTS        0
-#define WC_XMSS_ADDR_TYPE_LTREE      1
-#define WC_XMSS_ADDR_TYPE_TREE       2
-
-/* Byte to include in hash to create unique sequence. */
-#define XMSS_HASH_PADDING_F             0
-#define XMSS_HASH_PADDING_H             1
-#define XMSS_HASH_PADDING_HASH          2
-#define XMSS_HASH_PADDING_PRF           3
-#define XMSS_HASH_PADDING_PRF_KEYGEN    4
-
-/* Fixed parameter values. */
-#define XMSS_WOTS_W                     16
-#define XMSS_WOTS_LOG_W                 4
-#define XMSS_WOTS_LEN2                  3
-#define XMSS_CSUM_SHIFT                 4
-#define XMSS_CSUM_LEN                   2
-
-/* Length of the message to the PRF. */
-#define XMSS_PRF_M_LEN                  32
-
-/* Length of index encoding when doing XMSS. */
-#define XMSS_IDX_LEN                    4
-
-/* Size of the N when using SHA-256 and 32 byte padding. */
-#define XMSS_SHA256_32_N                WC_SHA256_DIGEST_SIZE
-/* Size of the padding when using SHA-256 and 32 byte padding. */
-#define XMSS_SHA256_32_PAD_LEN          32
-
-/* Calculate PRF data length for parameters. */
-#define XMSS_HASH_PRF_DATA_LEN(params)                              \
-    ((params)->pad_len + (params)->n + WC_XMSS_ADDR_LEN)
-/* PRF data length when using SHA-256 with 32 byte padding. */
-#define XMSS_HASH_PRF_DATA_LEN_SHA256_32                            \
-    (XMSS_SHA256_32_PAD_LEN + XMSS_SHA256_32_N + WC_XMSS_ADDR_LEN)
-
-/* Calculate chain hash data length for parameters. */
-#define XMSS_CHAIN_HASH_DATA_LEN(params)                            \
-    ((params)->pad_len + 2 * (params)->n)
-/* Chain hash data length when using SHA-256 with 32 byte padding. */
-#define XMSS_CHAIN_HASH_DATA_LEN_SHA256_32                          \
-    (XMSS_SHA256_32_PAD_LEN + 2 * XMSS_SHA256_32_N)
-
-/* Calculate rand hash data length for parameters. */
-#define XMSS_RAND_HASH_DATA_LEN(params)                             \
-    ((params)->pad_len + 3 * (params)->n)
-/* Rand hash data length when using SHA-256 with 32 byte padding. */
-#define XMSS_RAND_HASH_DATA_LEN_SHA256_32                           \
-    (XMSS_SHA256_32_PAD_LEN + 3 * XMSS_SHA256_32_N)
-
-/* Encode pad value into byte array. Front fill with 0s.
- *
- * RFC 8391: 2.4
- *
- * @param [in]  n   Number to encode.
- * @param [out] a   Array to hold encoding.
- * @param [in]  l   Length of array.
- */
-#define XMSS_PAD_ENC(n, a, l)   \
-do {                            \
-    XMEMSET(a, 0, l);           \
-    (a)[(l) - 1] = (n);         \
-} while (0)
-
-
-/********************************************
- * Index 32/64 bits
- ********************************************/
-
-/* Index of 32 or 64 bits. */
-typedef union wc_Idx {
-#if WOLFSSL_XMSS_MAX_HEIGHT > 32
-    /* 64-bit representation. */
-    w64wrapper u64;
-#endif
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 32
-    /* 32-bit representation. */
-    word32     u32;
-#endif
-} wc_Idx;
-
-#if WOLFSSL_XMSS_MAX_HEIGHT > 32
-/* Set index to zero.
- *
- * Index is up to 64-bits.
- *
- * @param [out] idx  32/64-bit index to zero.
- */
-#define WC_IDX_ZERO(idx)    w64Zero(&(idx).u64)
-#else
-/* Set index to zero.
- *
- * Index is no more than 32-bits.
- *
- * @param [out] idx  32/64-bit index to zero.
- */
-#define WC_IDX_ZERO(idx)    idx.u32 = 0
-#endif
-
-#if WOLFSSL_XMSS_MAX_HEIGHT > 32
-/* Decode 64-bit index.
- *
- * @param [out] i    Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define IDX64_DECODE(i, c, a, ret)                      \
-    if ((c) == 5) {                                     \
-        word32 t;                                       \
-        ato32((a) + 1, &t);                             \
-        (i) = w64From32((a)[0], t);                     \
-    }                                                   \
-    else if ((c) == 8) {                                \
-        ato64(a, &(i));                                 \
-    }
-
-/* Decode 64-bit index.
- *
- * @param [out] i    Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define XMSS_IDX64_DECODE(i, c, a, ret)                 \
-do {                                                    \
-    IDX64_DECODE(i, c, a, ret)                          \
-    else {                                              \
-        (ret) = NOT_COMPILED_IN;                        \
-    }                                                   \
-} while (0)
-
-/* Check whether index is valid.
- *
- * @param [in] i  Index to check.
- * @param [in] c  Count of bytes i was encoded in.
- * @param [in] h  Full tree Height.
- */
-#define IDX64_INVALID(i, c, h)                              \
-    ((w64GetHigh32(w64Add32(i, 1, NULL)) >> ((h) - 32)) != 0)
-
-/* Set 64-bit index as hash address value for tree.
- *
- * @param [in]  i  Index to set.
- * @param [in]  c  Count of bytes to encode into.
- * @param [in]  h  Height of tree.
- * @param [out] a  Hash address to encode into.
- * @param [out] l  Index of leaf.
- */
-#define IDX64_SET_ADDR_TREE(i, c, h, a, l)              \
-    if ((c) > 4) {                                      \
-        (l) = w64GetLow32(i) & (((word32)1 << (h)) - 1);\
-        (i) = w64ShiftRight(i, h);                      \
-        (a)[XMSS_ADDR_TREE_HI] = w64GetHigh32(i);       \
-        (a)[XMSS_ADDR_TREE] = w64GetLow32(i);           \
-    }
-#endif /* WOLFSSL_XMSS_MAX_HEIGHT > 32 */
-
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 32
-/* Decode 32-bit index.
- *
- * @param [out] i    Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define IDX32_DECODE(i, c, a, ret)                      \
-    if ((c) == 4) {                                     \
-        ato32(a, &(i));                                 \
-    }                                                   \
-    else if ((c) == 3) {                                \
-        ato24(a, &(i));                                 \
-    }
-
-/* Decode 32-bit index.
- *
- * @param [out] i    Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define XMSS_IDX32_DECODE(i, c, a, ret)                 \
-do {                                                    \
-    IDX32_DECODE(i, c, a, ret)                          \
-    else {                                              \
-        (ret) = NOT_COMPILED_IN;                        \
-    }                                                   \
-} while (0)
-
-/* Check whether 32-bit index is valid.
- *
- * @param [in] i  Index to check.
- * @param [in] c  Count of bytes i was encoded in.
- * @param [in] h  Full tree Height.
- */
-#define IDX32_INVALID(i, c, h)                          \
-    ((((i) + 1) >> (h)) != 0)
-
-/* Set 32-bit index as hash address value for tree.
- *
- * @param [in]  i  Index to set.
- * @param [in]  c  Count of bytes to encode into.
- * @param [in]  h  Height of tree.
- * @param [out] a  Hash address to encode into.
- * @param [out] l  Index of leaf.
- */
-#define IDX32_SET_ADDR_TREE(i, c, h, a, l)              \
-    if ((c) <= 4) {                                     \
-        (l) = ((i) & ((1 << (h)) - 1));                 \
-        (i) >>= params->sub_h;                          \
-        (a)[XMSS_ADDR_TREE] = (i);                      \
-    }
-
-#endif /* WOLFSSL_XMSS_MIN_HEIGHT <= 32 */
-
-#if (WOLFSSL_XMSS_MAX_HEIGHT > 32) && (WOLFSSL_XMSS_MIN_HEIGHT <= 32)
-
-/* Decode 32/64-bit index.
- *
- * @param [out] idx  Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define WC_IDX_DECODE(idx, c, a, ret)                   \
-do {                                                    \
-    IDX64_DECODE((idx).u64, c, a, ret)                  \
-    else                                                \
-    IDX32_DECODE((idx).u32, c, a, ret)                  \
-    else {                                              \
-        (ret) = NOT_COMPILED_IN;                        \
-    }                                                   \
-} while (0)
-
-/* Check whether index is valid.
- *
- * @param [in] i  Index to check.
- * @param [in] c  Count of bytes i was encoded in.
- * @param [in] h  Full tree Height.
- */
-#define WC_IDX_INVALID(i, c, h)                         \
-    ((((c) >  4) && IDX64_INVALID((i).u64, c, h)) ||    \
-     (((c) <= 4) && IDX32_INVALID((i).u32, c, h)))
-
-/* Set 32/64-bit index as hash address value for tree.
- *
- * @param [in]  i  Index to set.
- * @param [in]  c  Count of bytes to encode into.
- * @param [in]  h  Height of tree.
- * @param [out] a  Hash address to encode into.
- * @param [out] l  Index of leaf.
- */
-#define WC_IDX_SET_ADDR_TREE(idx, c, h, a, l)           \
-do {                                                    \
-    IDX64_SET_ADDR_TREE((idx).u64, c, h, a, l)          \
-    else                                                \
-    IDX32_SET_ADDR_TREE((idx).u32, c, h, a, l)          \
-} while (0)
-
-#elif WOLFSSL_XMSS_MAX_HEIGHT > 32
-
-/* Decode 64-bit index.
- *
- * @param [out] idx  Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define WC_IDX_DECODE(idx, c, a, ret)                   \
-do {                                                    \
-    IDX64_DECODE((idx).u64, c, a, ret)                  \
-} while (0)
-
-/* Check whether index is valid.
- *
- * @param [in] i  Index to check.
- * @param [in] c  Count of bytes i was encoded in.
- * @param [in] h  Full tree Height.
- */
-#define WC_IDX_INVALID(i, c, h)                         \
-    IDX64_INVALID((i).u64, c, h)
-
-/* Set 64-bit index as hash address value for tree.
- *
- * @param [in]  i  Index to set.
- * @param [in]  c  Count of bytes to encode into.
- * @param [in]  h  Height of tree.
- * @param [out] a  Hash address to encode into.
- * @param [out] l  Index of leaf.
- */
-#define WC_IDX_SET_ADDR_TREE(idx, c, h, a, l)           \
-do {                                                    \
-    IDX64_SET_ADDR_TREE((idx).u64, c, h, a, l)          \
-} while (0)
-
-#else
-
-/* Decode 32-bit index.
- *
- * @param [out] idx  Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- * @param [out] ret  Return value.
- */
-#define WC_IDX_DECODE(idx, c, a, ret)                   \
-do {                                                    \
-    IDX32_DECODE((idx).u32, c, a, ret)                  \
-    else {                                              \
-        (ret) = NOT_COMPILED_IN;                        \
-    }                                                   \
-} while (0)
-
-/* Check whether index is valid.
- *
- * @param [in] i  Index to check.
- * @param [in] c  Count of bytes i was encoded in.
- * @param [in] h  Full tree Height.
- */
-#define WC_IDX_INVALID(i, c, h)                         \
-    IDX32_INVALID((i).u32, c, h)
-
-/* Set 32-bit index as hash address value for tree.
- *
- * @param [in]  i  Index to set.
- * @param [in]  c  Count of bytes to encode into.
- * @param [in]  h  Height of tree.
- * @param [out] a  Hash address to encode into.
- * @param [out] l  Index of leaf.
- */
-#define WC_IDX_SET_ADDR_TREE(idx, c, h, a, l)           \
-do {                                                    \
-    IDX32_SET_ADDR_TREE(idx.u32, c, h, a, l)            \
-} while (0)
-
-#endif /* (WOLFSSL_XMSS_MAX_HEIGHT > 32) && (WOLFSSL_XMSS_MIN_HEIGHT <= 32) */
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-/* Update index by adding one to big-endian encoded value.
- *
- * @param [in, out] a  Array index is encoded in.
- * @param [in]      l  Length of encoded index.
- */
-static void wc_idx_update(unsigned char* a, word8 l)
-{
-    sword8 i;
-
-    for (i = l - 1; i >= 0; i--) {
-        if ((++a[i]) != 0) {
-            break;
-        }
-    }
-}
-
-/* Copy index from source buffer to destination buffer.
- *
- * Index is put into the front of the destination buffer with the length of the
- * source.
- *
- * @param [in]      s   Source buffer.
- * @param [in]      sl  Length of index in source.
- * @param [in, out] d   Destination buffer.
- * @param [in]      dl  Length of destination buffer.
- */
-static void wc_idx_copy(const unsigned char* s, word8 sl, unsigned char* d,
-    word8 dl)
-{
-    XMEMCPY(d, s, sl);
-    XMEMSET(d + sl, 0, dl - sl);
-}
-#endif
-
-/********************************************
- * Hash Address.
- ********************************************/
-
-/* Set the hash address based on subtree.
- *
- * @param [out] a  Hash address.
- * @param [in]  s  Subtree hash address.
- * @param [in]  t  Type of hash address.
- */
-#define XMSS_ADDR_SET_SUBTREE(a, s, t)                \
-do {                                                  \
-    (a)[XMSS_ADDR_LAYER]   = (s)[XMSS_ADDR_LAYER];    \
-    (a)[XMSS_ADDR_TREE_HI] = (s)[XMSS_ADDR_TREE_HI];  \
-    (a)[XMSS_ADDR_TREE]    = (s)[XMSS_ADDR_TREE];     \
-    (a)[XMSS_ADDR_TYPE]    = (t);                     \
-    XMEMSET((a) + 4, 0, sizeof(a) - 4 * sizeof(*(a)));\
-} while (0)
-
-/* Set the OTS hash address based on subtree.
- *
- * @param [out] a  Hash address.
- * @param [in]  s  Subtree hash address.
- */
-#define XMSS_ADDR_OTS_SET_SUBTREE(a, s) \
-    XMSS_ADDR_SET_SUBTREE(a, s, WC_XMSS_ADDR_TYPE_OTS)
-/* Set the L-tree address based on subtree.
- *
- * @param [out] a  Hash address.
- * @param [in]  s  Subtree hash address.
- */
-#define XMSS_ADDR_LTREE_SET_SUBTREE(a, s) \
-    XMSS_ADDR_SET_SUBTREE(a, s, WC_XMSS_ADDR_TYPE_LTREE)
-/* Set the hash tree address based on subtree.
- *
- * @param [out] a  Hash address.
- * @param [in]  s  Subtree hash address.
- */
-#define XMSS_ADDR_TREE_SET_SUBTREE(a, s) \
-    XMSS_ADDR_SET_SUBTREE(a, s, WC_XMSS_ADDR_TYPE_TREE)
-
-#ifdef LITTLE_ENDIAN_ORDER
-
-/* Set a byte value into a word of an encoded address.
- *
- * @param [in, out] a  Encoded hash address.
- * @param [in]      i  Index of word.
- * @param [in]      b  Byte to set.
- */
-#define XMSS_ADDR_SET_BYTE(a, i, b)     \
-    ((word32*)(a))[i] = (word32)(b) << 24
-
-#else
-
-/* Set a byte value into a word of an encoded address.
- *
- * @param [in, out] a  Encoded hash address.
- * @param [in]      i  Index of word.
- * @param [in]      b  Byte to set.
- */
-#define XMSS_ADDR_SET_BYTE(a, i, b)     \
-    ((word32*)(a))[i] = (b)
-
-#endif /* LITTLE_ENDIAN_ORDER */
-
-/* Convert hash address to bytes.
- *
- * @param [out] bytes  Array to encode into.
- * @param [in]  addr   Hash address.
- */
-static void wc_xmss_addr_encode(const HashAddress addr, byte* bytes)
-{
-    c32toa((addr)[0], (bytes) + (0 * 4));
-    c32toa((addr)[1], (bytes) + (1 * 4));
-    c32toa((addr)[2], (bytes) + (2 * 4));
-    c32toa((addr)[3], (bytes) + (3 * 4));
-    c32toa((addr)[4], (bytes) + (4 * 4));
-    c32toa((addr)[5], (bytes) + (5 * 4));
-    c32toa((addr)[6], (bytes) + (6 * 4));
-    c32toa((addr)[7], (bytes) + (7 * 4));
-}
-
-/********************************************
- * HASHING
- ********************************************/
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256) && \
-    !defined(WC_XMSS_FULL_HASH)
-
-/* Set hash data and length into SHA-256 digest.
- *
- * @param [in, out] state      XMSS/MT state with SHA-256 digest.
- * @param [in]      data       Data to add to hash.
- * @param [in]      len        Number of bytes in data.
- *                             Must be less than a block.
- * @param [in]      total_len  Number of bytes updated so far.
- */
-#define XMSS_SHA256_SET_DATA(state, data, len, total_len)           \
-do {                                                                \
-    XMEMCPY((state)->digest.sha256.buffer, data, len);              \
-    (state)->digest.sha256.buffLen = (len);                         \
-    (state)->digest.sha256.loLen = (total_len);                     \
-} while (0)
-
-/* Save the SHA-256 state to cache.
- *
- * @param [in, out] state  XMSS/MT state with SHA-256 digest and state cache.
- */
-#define XMSS_SHA256_STATE_CACHE(state)                              \
-    (state)->dgst_state[0] = (state)->digest.sha256.digest[0];      \
-    (state)->dgst_state[1] = (state)->digest.sha256.digest[1];      \
-    (state)->dgst_state[2] = (state)->digest.sha256.digest[2];      \
-    (state)->dgst_state[3] = (state)->digest.sha256.digest[3];      \
-    (state)->dgst_state[4] = (state)->digest.sha256.digest[4];      \
-    (state)->dgst_state[5] = (state)->digest.sha256.digest[5];      \
-    (state)->dgst_state[6] = (state)->digest.sha256.digest[6];      \
-    (state)->dgst_state[7] = (state)->digest.sha256.digest[7];      \
-
-/* Restore the SHA-256 state from cache and set length.
- *
- * @param [in, out] state  XMSS/MT state with SHA-256 digest and state cache.
- * @param [in]      len    Number of bytes of data hashed so far.
- */
-#define XMSS_SHA256_STATE_RESTORE(state, len)                       \
-do {                                                                \
-    (state)->digest.sha256.digest[0] = (state)->dgst_state[0];      \
-    (state)->digest.sha256.digest[1] = (state)->dgst_state[1];      \
-    (state)->digest.sha256.digest[2] = (state)->dgst_state[2];      \
-    (state)->digest.sha256.digest[3] = (state)->dgst_state[3];      \
-    (state)->digest.sha256.digest[4] = (state)->dgst_state[4];      \
-    (state)->digest.sha256.digest[5] = (state)->dgst_state[5];      \
-    (state)->digest.sha256.digest[6] = (state)->dgst_state[6];      \
-    (state)->digest.sha256.digest[7] = (state)->dgst_state[7];      \
-    (state)->digest.sha256.loLen = (len);                           \
-} while (0)
-
-/* Restore the SHA-256 state from cache and set data and length.
- *
- * @param [in, out] state      XMSS/MT state with SHA-256 digest and cache.
- * @param [in]      data       Data to add to hash.
- * @param [in]      len        Number of bytes in data.
- *                             Must be less than a block.
- * @param [in]      total_len  Number of bytes updated so far.
- */
-#define XMSS_SHA256_STATE_RESTORE_DATA(state, data, len, total_len) \
-do {                                                                \
-    (state)->digest.sha256.digest[0] = (state)->dgst_state[0];      \
-    (state)->digest.sha256.digest[1] = (state)->dgst_state[1];      \
-    (state)->digest.sha256.digest[2] = (state)->dgst_state[2];      \
-    (state)->digest.sha256.digest[3] = (state)->dgst_state[3];      \
-    (state)->digest.sha256.digest[4] = (state)->dgst_state[4];      \
-    (state)->digest.sha256.digest[5] = (state)->dgst_state[5];      \
-    (state)->digest.sha256.digest[6] = (state)->dgst_state[6];      \
-    (state)->digest.sha256.digest[7] = (state)->dgst_state[7];      \
-    XMSS_SHA256_SET_DATA(state, data, len, total_len);              \
-} while (0)
-
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 && !WC_XMSS_FULL_HASH */
-
-/* Hash the data into output buffer.
- *
- * @param [in]  state   XMSS/MT state including digest and parameters.
- * @param [in]  in      Data to digest.
- * @param [in]  inlen   Length of data to digest in bytes.
- * @param [out] out     Buffer to put digest into.
- */
-static WC_INLINE void wc_xmss_hash(XmssState* state, const byte* in,
-    word32 inlen, byte* out)
-{
-    int ret;
-    const XmssParams* params = state->params;
-
-#ifdef WC_XMSS_SHA256
-    /* Full SHA-256 digest. */
-    if ((params->hash == WC_HASH_TYPE_SHA256) &&
-            (params->n == WC_SHA256_DIGEST_SIZE)) {
-        ret = wc_Sha256Update(&state->digest.sha256, in, inlen);
-        if (ret == 0) {
-            ret = wc_Sha256Final(&state->digest.sha256, out);
-        }
-    }
-#if WOLFSSL_WC_XMSS_MIN_HASH_SIZE <= 192 && WOLFSSL_WC_XMSS_MAX_HASH_SIZE >= 192
-    /* Partial SHA-256 digest. */
-    else if (params->hash == WC_HASH_TYPE_SHA256) {
-        byte buf[WC_SHA256_DIGEST_SIZE];
-        ret = wc_Sha256Update(&state->digest.sha256, in, inlen);
-        if (ret == 0) {
-            ret = wc_Sha256Final(&state->digest.sha256, buf);
-        }
-        if (ret == 0) {
-            XMEMCPY(out, buf, params->n);
-        }
-    }
-#endif
-    else
-#endif /* WC_XMSS_SHA256 */
-#ifdef WC_XMSS_SHA512
-    /* Full SHA-512 digest. */
-    if (params->hash == WC_HASH_TYPE_SHA512) {
-        ret = wc_Sha512Update(&state->digest.sha512, in, inlen);
-        if (ret == 0) {
-            ret = wc_Sha512Final(&state->digest.sha512, out);
-        }
-    }
-    else
-#endif /* WC_XMSS_SHA512 */
-#ifdef WC_XMSS_SHAKE128
-    /* Digest with SHAKE-128. */
-    if (params->hash == WC_HASH_TYPE_SHAKE128) {
-        ret = wc_Shake128_Update(&state->digest.shake, in, inlen);
-        if (ret == 0) {
-            ret = wc_Shake128_Final(&state->digest.shake, out, params->n);
-        }
-    }
-    else
-#endif /* WC_XMSS_SHAKE128 */
-#ifdef WC_XMSS_SHAKE256
-    /* Digest with SHAKE-256. */
-    if (params->hash == WC_HASH_TYPE_SHAKE256) {
-        ret = wc_Shake256_Update(&state->digest.shake, in, inlen);
-        if (ret == 0) {
-            ret = wc_Shake256_Final(&state->digest.shake, out, params->n);
-        }
-    }
-    else
-#endif /* WC_XMSS_SHAKE256 */
-    {
-        /* Unsupported digest function. */
-        ret = NOT_COMPILED_IN;
-    }
-
-    if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-}
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-#ifndef WC_XMSS_FULL_HASH
-/* Chain hashing.
- *
- * RFC 8391: 3.1.2, Algorithm 2: chain - Chaining Function
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM = PRF(SEED, ADRS);
- *     tmp = F(KEY, tmp XOR BM);
- *     return tmp;
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  tmp    Temporary buffer holding chain data.
- * @param [in]  addr   Hash address as a byte array.
- * @param [out] hash   Buffer to hold hash.
- */
-static void wc_xmss_chain_hash_sha256_32(XmssState* state, const byte* tmp,
-    byte* addr, byte* hash)
-{
-    /* Offsets into chain hash data. */
-    byte* pad = state->buf;
-    byte* key = pad + XMSS_SHA256_32_PAD_LEN;
-    byte* bm = key + XMSS_SHA256_32_N;
-    int ret;
-
-    /* Calculate n-byte key - KEY. */
-    ((word32*)addr)[XMSS_ADDR_KEY_MASK] = 0;
-    /* Copy back state after first 64 bytes. */
-    XMSS_SHA256_STATE_RESTORE_DATA(state, addr, WC_XMSS_ADDR_LEN,
-        XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-    /* Calculate hash. */
-    ret = wc_Sha256Final(&state->digest.sha256, key);
-
-    if (ret == 0) {
-        /* Calculate n-byte bit mask - BM. */
-        addr[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm);
-    }
-
-    if (ret == 0) {
-        /* Function padding set in caller. */
-        xorbuf(bm, tmp, XMSS_SHA256_32_N);
-        ret = wc_Sha256Update(&state->digest.sha256, state->buf,
-             XMSS_CHAIN_HASH_DATA_LEN_SHA256_32);
-    }
-    if (ret == 0) {
-        /* Calculate the chain hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, hash);
-    }
-    if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-}
-#else
-/* Chain hashing.
- *
- * Padding, seed, addr for PRF set by caller into prf_buf.
- *
- * RFC 8391: 3.1.2, Algorithm 2: chain - Chaining Function
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM = PRF(SEED, ADRS);
- *     tmp = F(KEY, tmp XOR BM);
- *     return tmp;
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  tmp    Temporary buffer holding chain data.
- * @param [out] out    Buffer to hold hash.
- */
-static void wc_xmss_chain_hash_sha256_32(XmssState* state, const byte* tmp,
-    byte* hash)
-{
-    byte* addr = state->prf_buf + XMSS_SHA256_32_PAD_LEN + XMSS_SHA256_32_N;
-    /* Offsets into chain hash data. */
-    byte* pad = state->buf;
-    byte* key = pad + XMSS_SHA256_32_PAD_LEN;
-    byte* bm = key + XMSS_SHA256_32_N;
-
-    /* Calculate n-byte key - KEY. */
-    ((word32*)addr)[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, key);
-    /* Calculate the n-byte mask. */
-    addr[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, bm);
-
-    /* Function padding set in caller. */
-    xorbuf(bm, tmp, XMSS_SHA256_32_N);
-    /* Calculate the chain hash. */
-    wc_xmss_hash(state, state->buf, XMSS_CHAIN_HASH_DATA_LEN_SHA256_32, hash);
-}
-#endif /* !WC_XMSS_FULL_HASH */
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-
-/* Chain hashing.
- *
- * Padding, seed, addr for PRF set by caller into prf_buf.
- *
- * RFC 8391: 3.1.2, Algorithm 2: chain - Chaining Function
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM = PRF(SEED, ADRS);
- *     tmp = F(KEY, tmp XOR BM);
- *     return tmp;
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  tmp    Temporary buffer holding chain data.
- * @param [out] hash   Buffer to hold hash.
- */
-static void wc_xmss_chain_hash(XmssState* state, const byte* tmp, byte* hash)
-{
-    const XmssParams* params = state->params;
-    byte* addr = state->prf_buf + params->pad_len + params->n;
-    /* Offsets into chain hash data. */
-    byte* pad = state->buf;
-    byte* key = pad + params->pad_len;
-    byte* bm = key + params->n;
-
-    /* Calculate n-byte key - KEY. */
-    ((word32*)addr)[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN(params), key);
-    /* Calculate n-byte bit mask - BM. */
-    addr[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN(params), bm);
-
-    /* Function padding set in caller. */
-    xorbuf(bm, tmp, params->n);
-    /* Calculate the chain hash. */
-    wc_xmss_hash(state, state->buf, XMSS_CHAIN_HASH_DATA_LEN(params), hash);
-}
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-#ifndef WC_XMSS_FULL_HASH
-/* Randomized tree hashing.
- *
- * RFC 8391: 4.1.4, Algorithm 7: RAND_HASH
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM_0 = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(2);
- *     BM_1 = PRF(SEED, ADRS);
- *     return H(KEY, (LEFT XOR BM_0) || (RIGHT XOR BM_1));
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  data   Input data.
- * @param [in]  addr   Hash address.
- * @param [out] hash   Buffer to hold hash.
- */
-static void wc_xmss_rand_hash_sha256_32_prehash(XmssState* state,
-    const byte* data, HashAddress addr, byte* hash)
-{
-    int ret;
-    /* Offsets into rand hash data. */
-    byte* pad = state->buf;
-    byte* key = pad + XMSS_SHA256_32_PAD_LEN;
-    byte* bm0 = key + XMSS_SHA256_32_N;
-    byte* bm1 = bm0 + XMSS_SHA256_32_N;
-    byte addr_buf[WC_XMSS_ADDR_LEN];
-
-    addr[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-    /* Calculate n-byte key - KEY. */
-    XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-        XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-    /* Calculate hash. */
-    ret = wc_Sha256Final(&state->digest.sha256, key);
-
-    /* Calculate n-byte mask - BM_0. */
-    if (ret == 0) {
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm0);
-    }
-
-    /* Calculate n-byte mask - BM_1. */
-    if (ret == 0) {
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm1);
-    }
-
-    if (ret == 0) {
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_H, pad, XMSS_SHA256_32_PAD_LEN);
-        /* XOR into bm0 and bm1. */
-        xorbuf(bm0, data, XMSS_SHA256_32_N * 2);
-        ret = wc_Sha256Update(&state->digest.sha256, state->buf,
-            XMSS_RAND_HASH_DATA_LEN_SHA256_32);
-    }
-    if (ret == 0) {
-        ret = wc_Sha256Final(&state->digest.sha256, hash);
-    }
-    if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-}
-#endif /* !WC_XMSS_FULL_HASH */
-
-/* Randomized tree hashing.
- *
- * RFC 8391: 4.1.4, Algorithm 7: RAND_HASH
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM_0 = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(2);
- *     BM_1 = PRF(SEED, ADRS);
- *     return H(KEY, (LEFT XOR BM_0) || (RIGHT XOR BM_1));
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  data     Input data.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address.
- * @param [out] hash     Buffer to hold hash.
- */
-static void wc_xmss_rand_hash_sha256_32(XmssState* state, const byte* data,
-    const byte* pk_seed, HashAddress addr, byte* hash)
-{
-    byte* addr_buf = state->prf_buf + XMSS_SHA256_32_PAD_LEN +
-        XMSS_SHA256_32_N;
-    /* Offsets into rand hash data. */
-    byte* pad = state->buf;
-    byte* key = pad + XMSS_SHA256_32_PAD_LEN;
-    byte* bm0 = key + XMSS_SHA256_32_N;
-    byte* bm1 = bm0 + XMSS_SHA256_32_N;
-#ifndef WC_XMSS_FULL_HASH
-    int ret;
-
-    /* Encode padding byte for PRF. */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, state->prf_buf, XMSS_SHA256_32_PAD_LEN);
-    /* Append public seed for PRF. */
-    XMEMCPY(state->prf_buf + XMSS_SHA256_32_PAD_LEN, pk_seed,
-        XMSS_SHA256_32_N);
-
-    /* Set key mask to initial value and append encoding. */
-    addr[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-    /* Calculate n-byte key - KEY. */
-    ret = wc_Sha256Update(&state->digest.sha256, state->prf_buf,
-        XMSS_SHA256_32_PAD_LEN + XMSS_SHA256_32_N);
-    if (ret == 0) {
-        /* Copy state after first 64 bytes. */
-        XMSS_SHA256_STATE_CACHE(state);
-        /* Copy in remaining 32 bytes to buffer. */
-        XMSS_SHA256_SET_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, key);
-    }
-
-    /* Calculate n-byte mask - BM_0. */
-    if (ret == 0) {
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm0);
-    }
-
-    /* Calculate n-byte mask - BM_1. */
-    if (ret == 0) {
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm1);
-    }
-
-    if (ret == 0) {
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_H, pad, XMSS_SHA256_32_PAD_LEN);
-        /* XOR into bm0 and bm1. */
-        xorbuf(bm0, data, 2 * XMSS_SHA256_32_N);
-        ret = wc_Sha256Update(&state->digest.sha256, state->buf,
-            XMSS_RAND_HASH_DATA_LEN_SHA256_32);
-    }
-    if (ret == 0) {
-        ret = wc_Sha256Final(&state->digest.sha256, hash);
-    }
-    if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-#else
-    /* Encode padding byte for PRF. */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, state->prf_buf, XMSS_SHA256_32_PAD_LEN);
-    /* Append public seed for PRF. */
-    XMEMCPY(state->prf_buf + XMSS_SHA256_32_PAD_LEN, pk_seed,
-        XMSS_SHA256_32_N);
-
-    /* Set key mask to initial value and append encoding. */
-    addr[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-    /* Calculate n-byte key - KEY. */
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, key);
-    /* Calculate n-byte mask - BM_0. */
-    addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, bm0);
-    /* Calculate n-byte mask - BM_1. */
-    addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, bm1);
-
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_H, state->buf, XMSS_SHA256_32_PAD_LEN);
-    xorbuf(bm0, data, 2 * XMSS_SHA256_32_N);
-    wc_xmss_hash(state, state->buf, XMSS_RAND_HASH_DATA_LEN_SHA256_32, hash);
-#endif /* WC_XMSS_FULL_HASH */
-}
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-
-/* Randomized tree hashing.
- *
- * RFC 8391: 4.1.4, Algorithm 7: RAND_HASH
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM_0 = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(2);
- *     BM_1 = PRF(SEED, ADRS);
- *     return H(KEY, (LEFT XOR BM_0) || (RIGHT XOR BM_1));
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  data     Input data.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address.
- * @param [out] hash     Buffer to hold hash.
- */
-static void wc_xmss_rand_hash(XmssState* state, const byte* data,
-    const byte* pk_seed, HashAddress addr, byte* hash)
-{
-    const XmssParams* params = state->params;
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-    if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-            (params->n == XMSS_SHA256_32_N) &&
-            (params->hash == WC_HASH_TYPE_SHA256)) {
-        wc_xmss_rand_hash_sha256_32(state, data, pk_seed, addr, hash);
-    }
-    else
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-    {
-        byte* addr_buf = state->prf_buf + params->pad_len + params->n;
-        /* Offsets into rand hash data. */
-        byte* pad = state->buf;
-        byte* key = pad + params->pad_len;
-        byte* bm0 = key + params->n;
-        byte* bm1 = bm0 + params->n;
-        const word32 len = params->pad_len + params->n + WC_XMSS_ADDR_LEN;
-
-        /* Encode padding byte for PRF. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, state->prf_buf, params->pad_len);
-        /* Append public seed for PRF. */
-        XMEMCPY(state->prf_buf + params->pad_len, pk_seed, params->n);
-
-        /* Set key mask to initial value and append encoding. */
-        addr[XMSS_ADDR_KEY_MASK] = 0;
-        wc_xmss_addr_encode(addr, addr_buf);
-
-        /* Calculate n-byte key - KEY. */
-        wc_xmss_hash(state, state->prf_buf, len, key);
-        /* Calculate n-byte mask - BM_0. */
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-        wc_xmss_hash(state, state->prf_buf, len, bm0);
-        /* Calculate n-byte mask - BM_1. */
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-        wc_xmss_hash(state, state->prf_buf, len, bm1);
-
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_H, pad, params->pad_len);
-        xorbuf(bm0, data, 2 * params->n);
-        wc_xmss_hash(state, state->buf, params->pad_len + 3 * params->n,
-            hash);
-    }
-}
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) || defined(WOLFSSL_XMSS_VERIFY_ONLY)
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-/* Randomized tree hashing.
- *
- * RFC 8391: 4.1.4, Algorithm 7: RAND_HASH
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM_0 = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(2);
- *     BM_1 = PRF(SEED, ADRS);
- *     return H(KEY, (LEFT XOR BM_0) || (RIGHT XOR BM_1));
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  left     First half of data.
- * @param [in]  right    Second half of data.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address.
- * @param [out] hash     Buffer to hold hash.
- */
-static void wc_xmss_rand_hash_lr_sha256_32(XmssState* state, const byte* left,
-    const byte* right, const byte* pk_seed, HashAddress addr, byte* hash)
-{
-    byte* addr_buf = state->prf_buf + XMSS_SHA256_32_PAD_LEN +
-        XMSS_SHA256_32_N;
-    /* Offsets into rand hash data. */
-    byte* pad = state->buf;
-    byte* key = pad + XMSS_SHA256_32_PAD_LEN;
-    byte* bm0 = key + XMSS_SHA256_32_N;
-    byte* bm1 = bm0 + XMSS_SHA256_32_N;
-#ifndef WC_XMSS_FULL_HASH
-    int ret;
-
-    /* Encode padding byte for PRF. */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, state->prf_buf, XMSS_SHA256_32_PAD_LEN);
-    /* Append public seed for PRF. */
-    XMEMCPY(state->prf_buf + XMSS_SHA256_32_PAD_LEN, pk_seed,
-        XMSS_SHA256_32_N);
-
-    /* Set key mask to initial value and append encoding. */
-    addr[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-    /* Calculate n-byte key - KEY. */
-    ret = wc_Sha256Update(&state->digest.sha256, state->prf_buf,
-        XMSS_SHA256_32_PAD_LEN + XMSS_SHA256_32_N);
-    if (ret == 0) {
-        /* Copy state after first 64 bytes. */
-        XMSS_SHA256_STATE_CACHE(state);
-        /* Copy in remaining 32 bytes to buffer. */
-        XMSS_SHA256_SET_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, key);
-    }
-
-    /* Calculate n-byte mask - BM_0. */
-    if (ret == 0) {
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm0);
-    }
-
-    /* Calculate n-byte mask - BM_1. */
-    if (ret == 0) {
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-        /* Copy back state after first 64 bytes. */
-        XMSS_SHA256_STATE_RESTORE_DATA(state, addr_buf, WC_XMSS_ADDR_LEN,
-            XMSS_HASH_PRF_DATA_LEN_SHA256_32);
-        /* Calculate hash. */
-        ret = wc_Sha256Final(&state->digest.sha256, bm1);
-    }
-
-    if (ret == 0) {
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_H, pad, XMSS_SHA256_32_PAD_LEN);
-        /* XOR into bm0 and bm1. */
-        XMEMCPY(state->prf_buf, left, XMSS_SHA256_32_N);
-        XMEMCPY(state->prf_buf + XMSS_SHA256_32_N, right, XMSS_SHA256_32_N);
-        xorbuf(bm0, state->prf_buf, 2 * XMSS_SHA256_32_N);
-        ret = wc_Sha256Update(&state->digest.sha256, state->buf,
-            XMSS_RAND_HASH_DATA_LEN_SHA256_32);
-    }
-    if (ret == 0) {
-        ret = wc_Sha256Final(&state->digest.sha256, hash);
-    }
-    if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-#else
-    /* Encode padding byte for PRF. */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, state->prf_buf, XMSS_SHA256_32_PAD_LEN);
-    /* Append public seed for PRF. */
-    XMEMCPY(state->prf_buf + XMSS_SHA256_32_PAD_LEN, pk_seed, XMSS_SHA256_32_N);
-
-    /* Set key mask to initial value and append encoding. */
-    addr[XMSS_ADDR_KEY_MASK] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-    /* Calculate n-byte key - KEY. */
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, key);
-    /* Calculate n-byte mask - BM_0. */
-    addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, bm0);
-    /* Calculate n-byte mask - BM_1. */
-    addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-    wc_xmss_hash(state, state->prf_buf, XMSS_HASH_PRF_DATA_LEN_SHA256_32, bm1);
-
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_H, state->buf, XMSS_SHA256_32_PAD_LEN);
-    XMEMCPY(state->prf_buf, left, XMSS_SHA256_32_N);
-    XMEMCPY(state->prf_buf + XMSS_SHA256_32_N, right, XMSS_SHA256_32_N);
-    xorbuf(bm0, state->prf_buf, 2 * XMSS_SHA256_32_N);
-    wc_xmss_hash(state, state->buf, XMSS_RAND_HASH_DATA_LEN_SHA256_32, hash);
-#endif /* WC_XMSS_FULL_HASH */
-}
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-/* Randomized tree hashing - left and right separate parameters.
- *
- * RFC 8391: 4.1.4, Algorithm 7: RAND_HASH
- *     ...
- *     ADRS.setKeyAndMask(0);
- *     KEY = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(1);
- *     BM_0 = PRF(SEED, ADRS);
- *     ADRS.setKeyAndMask(2);
- *     BM_1 = PRF(SEED, ADRS);
- *     return H(KEY, (LEFT XOR BM_0) || (RIGHT XOR BM_1));
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  left     First half of data.
- * @param [in]  right    Second half of data.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address.
- * @param [out] hash     Buffer to hold hash.
- */
-static void wc_xmss_rand_hash_lr(XmssState* state, const byte* left,
-    const byte* right, const byte* pk_seed, HashAddress addr, byte* hash)
-{
-    const XmssParams* params = state->params;
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-    if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-            (params->n == XMSS_SHA256_32_N) &&
-            (params->hash == WC_HASH_TYPE_SHA256)) {
-        wc_xmss_rand_hash_lr_sha256_32(state, left, right, pk_seed, addr, hash);
-    }
-    else
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-    {
-        byte* addr_buf = state->prf_buf + params->pad_len + params->n;
-        /* Offsets into rand hash data. */
-        byte* pad = state->buf;
-        byte* key = pad + params->pad_len;
-        byte* bm0 = key + params->n;
-        byte* bm1 = bm0 + params->n;
-        const word32 len = params->pad_len + params->n + WC_XMSS_ADDR_LEN;
-
-        /* Encode padding byte for PRF. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, state->prf_buf, params->pad_len);
-        /* Append public seed for PRF. */
-        XMEMCPY(state->prf_buf + params->pad_len, pk_seed, params->n);
-
-        /* Set key mask to initial value and append encoding. */
-        addr[XMSS_ADDR_KEY_MASK] = 0;
-        wc_xmss_addr_encode(addr, addr_buf);
-
-        /* Calculate n-byte key - KEY. */
-        wc_xmss_hash(state, state->prf_buf, len, key);
-        /* Calculate n-byte mask - BM_0. */
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 1;
-        wc_xmss_hash(state, state->prf_buf, len, bm0);
-        /* Calculate n-byte mask - BM_1. */
-        addr_buf[XMSS_ADDR_KEY_MASK * 4 + 3] = 2;
-        wc_xmss_hash(state, state->prf_buf, len, bm1);
-
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_H, pad, params->pad_len);
-        XMEMCPY(state->prf_buf, left, params->n);
-        XMEMCPY(state->prf_buf + params->n, right, params->n);
-        xorbuf(bm0, state->prf_buf, 2 * params->n);
-        wc_xmss_hash(state, state->buf, params->pad_len + 3 * params->n,
-            hash);
-    }
-}
-#endif /* !WOLFSSL_WC_XMSS_SMALL || WOLFSSL_XMSS_VERIFY_ONLY */
-
-/* Compute message hash from the random r, root, index and message.
- *
- * RFC 8391: 4.1.9, Algorithm 12: XMSS_sign
- *    ...
- *    byte[n] M' = H_msg(r || getRoot(SK) || (toByte(idx_sig, n)), M);
- * RFC 8391: 5.1
- *    H_msg: SHA2-256(toByte(2, 32) || KEY || M)
- *    H_msg: SHA2-512(toByte(2, 64) || KEY || M)
- *    H_msg: SHAKE128(toByte(2, 32) || KEY || M, 256)
- *    H_msg: SHAKE256(toByte(2, 64) || KEY || M, 512)
- *
- * @param [in]  state     XMSS/MT state including digest and parameters.
- * @param [in]  random    Random value of n bytes.
- * @param [in]  root      Public root.
- * @param [in]  idx       Buffer holding encoded index.
- * @param [in]  idx_len   Length of encoded index in bytes.
- * @param [in]  m         Message to hash.
- * @param [in]  mlen      Length of message.
- * @param [out] hash      Buffer to hold hash.
- */
-static void wc_xmss_hash_message(XmssState* state, const byte* random,
-    const byte* root, const byte* idx, word8 idx_len, const byte* m,
-    word32 mlen, byte* hash)
-{
-    int ret;
-    const XmssParams* params = state->params;
-    word32 padKeyLen = params->pad_len + 3 * params->n;
-    /* Offsets into message hash data. */
-    byte* padKey = state->buf;
-    byte* pad = padKey;
-    byte* key = pad + params->pad_len;
-    byte* root_sk = key + params->n;
-    byte* idx_sig = root_sk + params->n;
-
-    /* Set prefix data before message. */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_HASH, pad, params->pad_len);
-    XMEMCPY(key, random, params->n);
-    XMEMCPY(root_sk, root, params->n);
-    XMEMSET(idx_sig, 0, params->n - idx_len);
-    XMEMCPY(idx_sig + params->n - idx_len, idx, idx_len);
-
-    /* Hash the padding and key first. */
-#ifdef WC_XMSS_SHA256
-    if (params->hash == WC_HASH_TYPE_SHA256) {
-        ret = wc_Sha256Update(&state->digest.sha256, padKey, padKeyLen);
-    }
-    else
-#endif /* WC_XMSS_SHA256 */
-#ifdef WC_XMSS_SHA512
-    if (params->hash == WC_HASH_TYPE_SHA512) {
-        ret = wc_Sha512Update(&state->digest.sha512, padKey, padKeyLen);
-    }
-    else
-#endif /* WC_XMSS_SHA512 */
-#ifdef WC_XMSS_SHAKE128
-    if (params->hash == WC_HASH_TYPE_SHAKE128) {
-        ret = wc_Shake128_Update(&state->digest.shake, padKey, padKeyLen);
-    }
-    else
-#endif /* WC_XMSS_SHAKE128 */
-#ifdef WC_XMSS_SHAKE256
-    if (params->hash == WC_HASH_TYPE_SHAKE256) {
-        ret = wc_Shake256_Update(&state->digest.shake, padKey, padKeyLen);
-    }
-    else
-#endif /* WC_XMSS_SHAKE256 */
-    {
-        /* Unsupported digest function. */
-        ret = NOT_COMPILED_IN;
-    }
-    if (ret == 0) {
-        /* Generate hash of message - M'. */
-        wc_xmss_hash(state, m, mlen, hash);
-    }
-    else if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-}
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-
-/* Compute PRF with key and message.
- *
- * RFC 8391: 5.1
- *   PRF: SHA2-256(toByte(3, 32) || KEY || M)
- *   PRF: SHA2-512(toByte(3, 64) || KEY || M)
- *   PRF: SHAKE128(toByte(3, 32) || KEY || M, 256)
- *   PRF: SHAKE256(toByte(3, 64) || KEY || M, 512)
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  key      Key used to derive pseudo-random from.
- * @param [in]  m        32 bytes of data to derive pseudo-random from.
- * @param [out] prf      Buffer to hold pseudo-random data.
- */
-static void wc_xmss_prf(XmssState* state, const byte* key, const byte* m,
-    byte* prf)
-{
-    const XmssParams* params = state->params;
-    byte* pad = state->prf_buf;
-    byte* key_buf = pad + params->pad_len;
-    byte* m_buf = key_buf + params->n;
-
-    /* 00[0..pl-1] || 03 || key[0..n-1] || m[0..31] */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, pad, params->pad_len);
-    XMEMCPY(key_buf, key, params->n);
-    XMEMCPY(m_buf, m, XMSS_PRF_M_LEN);
-
-    /* Hash the PRF data. */
-    wc_xmss_hash(state, state->prf_buf, params->pad_len + params->n +
-        XMSS_PRF_M_LEN, prf);
-}
-
-#ifdef XMSS_CALL_PRF_KEYGEN
-/* Compute PRF for keygen with key and message.
- *
- * NIST SP 800-208: 5.1, 5.2, 5.3, 5.4
- *   PRFkeygen (KEY, M): SHA-256(toByte(4, 32) || KEY || M)
- *   PRFkeygen (KEY, M): T192(SHA-256(toByte(4, 4) || KEY || M))
- *   PRFkeygen (KEY, M): SHAKE256(toByte(4, 32) || KEY || M, 256)
- *   PRFkeygen (KEY, M): SHAKE256(toByte(4, 4) || KEY || M, 192)
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  key      Key of n bytes used to derive pseudo-random from.
- * @param [in]  m        n + 32 bytes of data to derive pseudo-random from.
- * @param [out] prf      Buffer to hold pseudo-random data.
- */
-static void wc_xmss_prf_keygen(XmssState* state, const byte* key,
-    const byte* m, byte* prf)
-{
-    const XmssParams* params = state->params;
-    byte* pad = state->prf_buf;
-    byte* key_buf = pad + params->pad_len;
-    byte* m_buf = key_buf + params->n;
-
-    /* 00[0..pl-1] || 04 || key[0..n-1] || m[0..n+31] */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF_KEYGEN, pad, params->pad_len);
-    XMEMCPY(key_buf, key, params->n);
-    XMEMCPY(m_buf, m, params->n + XMSS_PRF_M_LEN);
-
-    /* Hash the PRF keygen data. */
-    wc_xmss_hash(state, state->prf_buf, params->pad_len + 2 * params->n +
-        XMSS_PRF_M_LEN, prf);
-}
-#endif /* XMSS_CALL_PRF_KEYGEN */
-
-#endif /* !WOLFSSL_XMSS_VERIFY_ONLY */
-
-/********************************************
- * WOTS
- ********************************************/
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-/* Expand private seed with PRF keygen.
- *
- * RFC 8391: 4.1.3
- *   "the existence of a method getWOTS_SK(SK, i) is assumed"
- * NIST SP 800-208: 7.2.1, Algorithm 10'
- *     ...
- *     for ( j=0; j < len; j++) {
- *       ADRS.setChainAddress(j);
- *       sk[j] = PRFkeygen(S_XMSS, SEED || ADRS);
- *     }
- *
- * @param [in]  state     XMSS/MT state including digest and parameters.
- * @param [in]  sk_seed   Buffer holding private seed.
- * @param [in]  pk_seed   Random public seed.
- * @param [in]  addr      Hash address as a byte array.
- * @param [out] gen_seed  Buffer to hold seeds.
- */
-static void wc_xmss_wots_get_wots_sk_sha256_32(XmssState* state,
-    const byte* sk_seed, const byte* pk_seed, byte* addr, byte* gen_seed)
-{
-    const XmssParams* params = state->params;
-    word32 i;
-    byte* pad = state->prf_buf;
-    byte* s_xmss = pad + XMSS_SHA256_32_PAD_LEN;
-    byte* seed = s_xmss + XMSS_SHA256_32_N;
-    byte* addr_buf = seed + XMSS_SHA256_32_N;
-    int ret;
-
-    ((word32*)addr)[XMSS_ADDR_CHAIN] = 0;
-    ((word32*)addr)[XMSS_ADDR_HASH] = 0;
-    ((word32*)addr)[XMSS_ADDR_KEY_MASK] = 0;
-
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF_KEYGEN, pad, XMSS_SHA256_32_PAD_LEN);
-    XMEMCPY(s_xmss, sk_seed, XMSS_SHA256_32_N);
-    XMEMCPY(seed, pk_seed, XMSS_SHA256_32_N);
-    XMEMCPY(addr_buf, addr, WC_XMSS_ADDR_LEN);
-
-#ifndef WC_XMSS_FULL_HASH
-    ret = wc_Sha256Update(&state->digest.sha256, pad, XMSS_SHA256_32_PAD_LEN +
-        XMSS_SHA256_32_N);
-    if (ret == 0) {
-        /* Copy state after first 64 bytes. */
-        XMSS_SHA256_STATE_CACHE(state);
-        ret = wc_Sha256Update(&state->digest.sha256, seed, XMSS_SHA256_32_N +
-            WC_XMSS_ADDR_LEN);
-    }
-    if (ret == 0) {
-        ret = wc_Sha256Final(&state->digest.sha256, gen_seed);
-    }
-    for (i = 1; (ret == 0) && (i < params->wots_len); i++) {
-        gen_seed += XMSS_SHA256_32_N;
-        addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-        XMSS_SHA256_STATE_RESTORE(state, 64);
-        ret = wc_Sha256Update(&state->digest.sha256, seed, XMSS_SHA256_32_N +
-            WC_XMSS_ADDR_LEN);
-        if (ret == 0) {
-            ret = wc_Sha256Final(&state->digest.sha256, gen_seed);
-        }
-    }
-#else
-    ret = wc_Sha256Update(&state->digest.sha256, state->prf_buf,
-        XMSS_SHA256_32_PAD_LEN + 2 * XMSS_SHA256_32_N + WC_XMSS_ADDR_LEN);
-    if (ret == 0) {
-        ret = wc_Sha256Final(&state->digest.sha256, gen_seed);
-    }
-    for (i = 1; (ret == 0) && i < params->wots_len; i++) {
-        gen_seed += XMSS_SHA256_32_N;
-        addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-        ret = wc_Sha256Update(&state->digest.sha256, state->prf_buf,
-            XMSS_SHA256_32_PAD_LEN + 2 * XMSS_SHA256_32_N + WC_XMSS_ADDR_LEN);
-        if (ret == 0) {
-            ret = wc_Sha256Final(&state->digest.sha256, gen_seed);
-        }
-    }
-#endif /*  WC_XMSS_FULL_HASH*/
-
-    if (state->ret == 0) {
-        /* Store any digest failures for public APIs to return. */
-        state->ret = ret;
-    }
-}
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-
-/* Expand private seed with PRF keygen.
- *
- * RFC 8391: 4.1.3
- *   "the existence of a method getWOTS_SK(SK, i) is assumed"
- * NIST SP 800-208: 7.2.1
- *   Algorithm 10'
- *     ...
- *     for ( j=0; j < len; j++) {
- *       ADRS.setChainAddress(j);
- *       sk[j] = PRFkeygen(S_XMSS, SEED || ADRS);
- *     }
- *
- * @param [in]  state     XMSS/MT state including digest and parameters.
- * @param [in]  sk_seed   Buffer holding private seed.
- * @param [in]  pk_seed   Random public seed.
- * @param [in]  addr      Hash address as a byte array.
- * @param [out] gen_seed  Buffer to hold seeds.
- */
-static void wc_xmss_wots_get_wots_sk(XmssState* state, const byte* sk_seed,
-    const byte* pk_seed, byte* addr, byte* gen_seed)
-{
-    const XmssParams* params = state->params;
-    word32 i;
-#ifdef XMSS_CALL_PRF_KEYGEN
-    byte* seed = state->buf;
-    byte* addr_buf = seed + params->n;
-#else
-    byte* pad = state->prf_buf;
-    byte* s_xmss = pad + params->pad_len;
-    byte* seed = s_xmss + params->n;
-    byte* addr_buf = seed + params->n;
-    const word32 len = params->pad_len + params->n * 2 + WC_XMSS_ADDR_LEN;
-#endif /* XMSS_CALL_PRF_KEYGEN */
-
-    /* Ensure hash address fields are 0. */
-    ((word32*)addr)[XMSS_ADDR_CHAIN] = 0;
-    ((word32*)addr)[XMSS_ADDR_HASH] = 0;
-    ((word32*)addr)[XMSS_ADDR_KEY_MASK] = 0;
-
-#ifdef XMSS_CALL_PRF_KEYGEN
-    /* Copy the seed and address into PRF keygen message buffer. */
-    XMEMCPY(seed, pk_seed, params->n);
-    XMEMCPY(addr_buf, addr, WC_XMSS_ADDR_LEN);
-
-    wc_xmss_prf_keygen(state, sk_seed, state->buf, gen_seed);
-    for (i = 1; i < params->wots_len; i++) {
-        gen_seed += params->n;
-        addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-        wc_xmss_prf_keygen(state, sk_seed, state->buf, gen_seed);
-    }
-#else
-    /* Copy the PRF keygen fields into one buffer. */
-    XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF_KEYGEN, pad, params->pad_len);
-    XMEMCPY(s_xmss, sk_seed, params->n);
-    XMEMCPY(seed, pk_seed, params->n);
-    XMEMCPY(addr_buf, addr, WC_XMSS_ADDR_LEN);
-
-    /* Fill output with hashes of different chain hash addresses. */
-    wc_xmss_hash(state, state->prf_buf, len, gen_seed);
-    for (i = 1; i < params->wots_len; i++) {
-        gen_seed += params->n;
-        addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-        wc_xmss_hash(state, state->prf_buf, len, gen_seed);
-    }
-#endif /* XMSS_CALL_PRF_KEYGEN */
-}
-
-#endif /* !WOLFSSL_XMSS_VERIFY_ONLY */
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-/* Chain hashing to calculate node hash.
- *
- * RFC 8391: 3.1.2, Algorithm 2 - recursive.
- * This function is an iterative version.
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  data     Initial data to hash.
- * @param [in]  start    Starting hash value in hash address.
- * @param [in]  steps    Size of step.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address as a byte array.
- * @param [out] hash     Chained hash.
- */
-static void wc_xmss_chain_sha256_32(XmssState* state, const byte* data,
-    unsigned int start, unsigned int steps, const byte* pk_seed, byte* addr,
-    byte* hash)
-{
-    if (steps > 0) {
-        word32 i;
-        byte* pad = state->prf_buf;
-        byte* seed = pad + XMSS_SHA256_32_PAD_LEN;
-#ifndef WC_XMSS_FULL_HASH
-        int ret;
-
-        /* Set data for PRF hash. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, pad, XMSS_SHA256_32_PAD_LEN);
-        XMEMCPY(seed, pk_seed, XMSS_SHA256_32_N);
-
-        /* Hash first 64 bytes. */
-        ret = wc_Sha256Update(&state->digest.sha256, state->prf_buf,
-             XMSS_SHA256_32_PAD_LEN + XMSS_SHA256_32_N);
-        if (ret == 0) {
-            /* Copy state after first 64 bytes. */
-            XMSS_SHA256_STATE_CACHE(state);
-            /* Only do this once for all chain hash calls. */
-            XMSS_PAD_ENC(XMSS_HASH_PADDING_F, state->buf,
-                state->params->pad_len);
-
-            /* Set address. */
-            XMSS_ADDR_SET_BYTE(addr, XMSS_ADDR_HASH, start);
-            wc_xmss_chain_hash_sha256_32(state, data, addr, hash);
-            /* Iterate 'steps' calls to the hash function. */
-            for (i = start+1; i < (start+steps) && i < XMSS_WOTS_W; i++) {
-                addr[XMSS_ADDR_HASH * 4 + 3] = i;
-                wc_xmss_chain_hash_sha256_32(state, hash, addr, hash);
-            }
-        }
-        else if (state->ret == 0) {
-            /* Store any digest failures for public APIs to return. */
-            state->ret = ret;
-        }
-#else
-        const XmssParams* params = state->params;
-        byte* addr_buf = seed + XMSS_SHA256_32_N;
-
-        /* Set data for PRF hash. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, pad, XMSS_SHA256_32_PAD_LEN);
-        XMEMCPY(seed, pk_seed, params->n);
-        XMEMCPY(addr_buf, addr, WC_XMSS_ADDR_LEN);
-
-        /* Only do this once for all chain hash calls. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_F, state->buf, params->pad_len);
-
-        /* Set address. */
-        XMSS_ADDR_SET_BYTE(addr_buf, XMSS_ADDR_HASH, start);
-        wc_xmss_chain_hash_sha256_32(state, data, hash);
-        /* Iterate 'steps' calls to the hash function. */
-        for (i = start+1; i < (start+steps) && i < XMSS_WOTS_W; i++) {
-            addr_buf[XMSS_ADDR_HASH * 4 + 3] = i;
-            wc_xmss_chain_hash_sha256_32(state, hash, hash);
-        }
-#endif /* !WC_XMSS_FULL_HASH */
-    }
-    else if (hash != data) {
-        XMEMCPY(hash, data, XMSS_SHA256_32_N);
-    }
-}
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-
-/* Chain hashing to calculate node hash.
- *
- * RFC 8391: 3.1.2, Algorithm 2 - recursive.
- * This function is an iterative version.
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  data     Initial data to hash.
- * @param [in]  start    Starting hash value in hash address.
- * @param [in]  steps    Size of step.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address as a byte array.
- * @param [out] hash     Chained hash.
- */
-static void wc_xmss_chain(XmssState* state, const byte* data,
-    unsigned int start, unsigned int steps, const byte* pk_seed, byte* addr,
-    byte* hash)
-{
-    const XmssParams* params = state->params;
-
-    if (steps > 0) {
-        word32 i;
-        byte* pad = state->prf_buf;
-        byte* seed = pad + params->pad_len;
-        byte* addr_buf = seed + params->n;
-
-        /* Set data for PRF hash. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, pad, params->pad_len);
-        XMEMCPY(seed, pk_seed, params->n);
-        XMEMCPY(addr_buf, addr, 32);
-
-        /* Only do this once for all chain hash calls. */
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_F, state->buf, params->pad_len);
-
-        /* Set address. */
-        XMSS_ADDR_SET_BYTE(addr_buf, XMSS_ADDR_HASH, start);
-        wc_xmss_chain_hash(state, data, hash);
-        /* Iterate 'steps' calls to the hash function. */
-        for (i = start+1; i < (start+steps) && i < XMSS_WOTS_W; i++) {
-            addr_buf[XMSS_ADDR_HASH * 4 + 3] = i;
-            wc_xmss_chain_hash(state, hash, hash);
-        }
-    }
-    else if (hash != data) {
-        XMEMCPY(hash, data, params->n);
-    }
-}
-
-/* Convert base on message and add checksum.
- *
- * RFC 8391:, 2.6, Algorithm 1: base_w
- *     int in = 0;
- *     int out = 0;
- *     unsigned int total = 0;
- *     int bits = 0;
- *     int consumed;
- *
- *     for ( consumed = 0; consumed < out_len; consumed++ ) {
- *         if ( bits == 0 ) {
- *             total = X[in];
- *             in++;
- *             bits += 8;
- *         }
- *         bits -= lg(w);
- *         basew[out] = (total >> bits) AND (w - 1);
- *         out++;
- *     }
- *     return basew;
- *
- * base_w implemented for w == 16 (lg(w) == 4).
- *
- * RFC 8391: 3.1.5, Algorithm 5:
- *     ...
- *     csum = 0;
- *
- *     # Convert message to base w
- *     msg = base_w(M, w, len_1);
- *     # Compute checksum
- *     for ( i = 0; i < len_1; i++ ) {
- *           csum = csum + w - 1 - msg[i];
- *     }
- *
- *     # Convert csum to base w
- *     csum = csum << ( 8 - ( ( len_2 * lg(w) ) % 8 ));
- *     len_2_bytes = ceil( ( len_2 * lg(w) ) / 8 );
- *     msg = msg || base_w(toByte(csum, len_2_bytes), w, len_2);
- *
- * len_1 == 8 * n / 4 = n * 2
- * Implemented for len_2 == 3
- *
- * @param [in]  m      Message data.
- * @param [in]  n      Number of bytes in hash.
- * @param [out] msg    Message in new base.
- */
-static void wc_xmss_msg_convert(const byte* m, word8 n, word8* msg)
-{
-    word8 i;
-    word16 csum = 0;
-
-    /* Split each full byte of m into two bytes of msg. */
-    for (i = 0; i < n; i++) {
-        msg[0] = m[i] >> 4;
-        msg[1] = m[i] & 0xf;
-        csum += XMSS_WOTS_W - 1 - msg[0];
-        csum += XMSS_WOTS_W - 1 - msg[1];
-        msg += 2;
-    }
-
-    /* Append checksum to message. (Maximum value: 1920 = 64 * 2 * 15) */
-    msg[0] = (csum >> 8)       ;
-    msg[1] = (csum >> 4) & 0x0f;
-    msg[2] = (csum     ) & 0x0f;
-}
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-
-/* WOTS+ generate public key with private seed.
- *
- * RFC 8391: 4.1.6, Algorithm 9:
- *     ...
- *     pk = WOTS_genPK (getWOTS_SK(SK, s + i), SEED, ADRS);
- * RFC 8391, 3.1.4, Algorithm 4: WOTS_genPK
- *     ...
- *     for ( i = 0; i < len; i++ ) {
- *       ADRS.setChainAddress(i);
- *       pk[i] = chain(sk[i], 0, w - 1, SEED, ADRS);
- *     }
- *     return pk;
- *
- * WOTS_genPK only used in Algorithm 9 and it is convenient to combine with
- * getWOTS_SK due to parameter specific implementations.
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  sk     Random private seed.
- * @param [in]  seed   Random public seed.
- * @param [in]  addr   Hashing address.
- * @param [out] pk     Public key.
- */
-static void wc_xmss_wots_gen_pk(XmssState* state, const byte* sk,
-    const byte* seed, HashAddress addr, byte* pk)
-{
-    const XmssParams* params = state->params;
-    byte* addr_buf = state->encMsg;
-    word32 i;
-
-    /* Ensure chain address is 0 and encode into a buffer. */
-    addr[XMSS_ADDR_CHAIN] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-    if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-            (params->n == XMSS_SHA256_32_N) &&
-            (params->hash == WC_HASH_TYPE_SHA256)) {
-        /* Expand the private seed - getWOTS_SK */
-        wc_xmss_wots_get_wots_sk_sha256_32(state, sk, seed, addr_buf,
-            pk);
-
-        /* Calculate chain hash. */
-        wc_xmss_chain_sha256_32(state, pk, 0, XMSS_WOTS_W - 1, seed, addr_buf,
-            pk);
-        for (i = 1; i < params->wots_len; i++) {
-            pk += params->n;
-            addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-            wc_xmss_chain_sha256_32(state, pk, 0, XMSS_WOTS_W - 1, seed,
-                addr_buf, pk);
-        }
-    }
-    else
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-    {
-        /* Expand the private seed - getWOTS_SK */
-        wc_xmss_wots_get_wots_sk(state, sk, seed, addr_buf, pk);
-
-        /* Calculate chain hash. */
-        wc_xmss_chain(state, pk, 0, XMSS_WOTS_W - 1, seed, addr_buf, pk);
-        for (i = 1; i < params->wots_len; i++) {
-            pk += params->n;
-            addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-            wc_xmss_chain(state, pk, 0, XMSS_WOTS_W - 1, seed, addr_buf, pk);
-        }
-    }
-}
-/* Generate a signature from a privatge key and message.
- *
- * RFC 8391: 4.1.9, Algorithm 11: treeSig
- *     sig_ots = WOTS_sign(getWOTS_SK(SK, idx_sig),
- *                         M', getSEED(SK), ADRS);
- * RFC 8391: 3.1.5, Algorithm 5: WOTS_sign
- *     (Convert message to base w and append checksum in base w)
- *     ...
- *     for ( i = 0; i < len; i++ ) {
- *          ADRS.setChainAddress(i);
- *          sig[i] = chain(sk[i], 0, msg[i], SEED, ADRS);
- *     }
- *     return sig;
- *
- * WOTS_sign only used in Algorithm 11 and convenient to do getWOTS_SK due to
- * hash address reuse and parameter specific implementations.
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  m      Message hash to sign.
- * @param [in]  sk     Random private seed.
- * @param [in]  seed   Random public seed.
- * @param [in]  addr   Hashing address.
- * @param [out] sig    Calculated XMSS/MT signature.
- */
-static void wc_xmss_wots_sign(XmssState* state, const byte* m,
-    const byte* sk, const byte* seed, HashAddress addr, byte* sig)
-{
-    const XmssParams* params = state->params;
-    byte* addr_buf = state->pk;
-    word32 i;
-
-    /* Convert message to base w and append checksum in base w. */
-    wc_xmss_msg_convert(m, params->n, state->encMsg);
-
-    /* Set initial chain value and encode hash address. */
-    addr[XMSS_ADDR_CHAIN] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-    if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-            (params->n == XMSS_SHA256_32_N) &&
-            (params->hash == WC_HASH_TYPE_SHA256)) {
-        /* Expand the private seed - getWOTS_SK */
-        wc_xmss_wots_get_wots_sk_sha256_32(state, sk, seed, addr_buf, sig);
-
-        /* Calculate chain hash. */
-        wc_xmss_chain_sha256_32(state, sig, 0, state->encMsg[0], seed, addr_buf,
-            sig);
-        for (i = 1; i < params->wots_len; i++) {
-            sig += params->n;
-            addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-            wc_xmss_chain_sha256_32(state, sig, 0, state->encMsg[i], seed,
-                addr_buf, sig);
-        }
-    }
-    else
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-    {
-        /* Expand the private seed - getWOTS_SK */
-        wc_xmss_wots_get_wots_sk(state, sk, seed, addr_buf, sig);
-
-       /* Calculate chain hash. */
-        wc_xmss_chain(state, sig, 0, state->encMsg[0], seed, addr_buf, sig);
-        for (i = 1; i < params->wots_len; i++) {
-            sig += params->n;
-            addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-            wc_xmss_chain(state, sig, 0, state->encMsg[i], seed, addr_buf, sig);
-        }
-    }
-}
-
-#endif /* !WOLFSSL_XMSS_VERIFY_ONLY */
-
-/* Compute WOTS+ public key value from signature and message.
- *
- * RFC 8319: 3.1.6
- *   Algorithm 6: WOTS_pkFromSig
- *     (Convert message to base w and append checksum in base w)
- *     ...
- *     for ( i = 0; i < len; i++ ) {
- *          ADRS.setChainAddress(i);
- *          tmp_pk[i] = chain(sig[i], msg[i], w - 1 - msg[i], SEED, ADRS);
- *     }
- *     return tmp_pk;
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  sig    XMSS/MT Signature.
- * @param [in]  m      Message to verify.
- * @param [in]  seed   Random public seed.
- * @param [in]  addr   Hashing address.
- * @param [out] pk     Public key.
- */
-static void wc_xmss_wots_pk_from_sig(XmssState* state, const byte* sig,
-    const byte* m, const byte* seed, HashAddress addr, byte* pk)
-{
-    const XmssParams* params = state->params;
-    byte* addr_buf = state->stack;
-    word32 i;
-
-    /* Convert message to base w and append checksum in base w. */
-    wc_xmss_msg_convert(m, params->n, state->encMsg);
-
-    /* Start with address with chain value of 0. */
-    addr[XMSS_ADDR_CHAIN] = 0;
-    wc_xmss_addr_encode(addr, addr_buf);
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256)
-    if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-            (params->n == XMSS_SHA256_32_N) &&
-            (params->hash == WC_HASH_TYPE_SHA256)) {
-        /* Calculate chain hash. */
-        wc_xmss_chain_sha256_32(state, sig, state->encMsg[0],
-            XMSS_WOTS_W - 1 - state->encMsg[0], seed, addr_buf, pk);
-        for (i = 1; i < params->wots_len; i++) {
-            sig += params->n;
-            pk += params->n;
-            /* Update chain. */
-            addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-            wc_xmss_chain_sha256_32(state, sig, state->encMsg[i],
-                XMSS_WOTS_W - 1 - state->encMsg[i], seed, addr_buf, pk);
-        }
-    }
-    else
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 */
-    {
-        /* Calculate chain hash. */
-        wc_xmss_chain(state, sig, state->encMsg[0],
-            XMSS_WOTS_W - 1 - state->encMsg[0], seed, addr_buf, pk);
-        for (i = 1; i < params->wots_len; i++) {
-            sig += params->n;
-            pk += params->n;
-            /* Update chain. */
-            addr_buf[XMSS_ADDR_CHAIN * 4 + 3] = i;
-            wc_xmss_chain(state, sig, state->encMsg[i],
-                XMSS_WOTS_W - 1 - state->encMsg[i], seed, addr_buf, pk);
-        }
-    }
-}
-
-/********************************************
- * L-TREE - unbalanced binary hash tree
- ********************************************/
-
-/* Compute leaves of L-tree from WOTS+ public key and compress to single value.
- *
- * RFC 8391: 4.1.5, Algorithm 8: ltree
- *     unsigned int len' = len;
- *     ADRS.setTreeHeight(0);
- *     while ( len' > 1 ) {
- *       for ( i = 0; i < floor(len' / 2); i++ ) {
- *         ADRS.setTreeIndex(i);
- *         pk[i] = RAND_HASH(pk[2i], pk[2i + 1], SEED, ADRS);
- *       }
- *       if ( len' % 2 == 1 ) {
- *         pk[floor(len' / 2)] = pk[len' - 1];
- *       }
- *       len' = ceil(len' / 2);
- *       ADRS.setTreeHeight(ADRS.getTreeHeight() + 1);
- *     }
- *     return pk[0];
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  pk     WOTS+ public key.
- * @param [in]  seed   Random public seed.
- * @param [in]  addr   Hashing address.
- * @param [out] pk0    N-byte compressed public key value pk[0].
- */
-static void wc_xmss_ltree(XmssState* state, byte* pk, const byte* seed,
-    HashAddress addr, byte* pk0)
-{
-    const XmssParams* params = state->params;
-    word8 len = params->wots_len;
-    word32 h = 0;
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256) && \
-    !defined(WC_XMSS_FULL_HASH)
-    /* Precompute hash state after first 64 bytes (common to all hashes). */
-    if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-            (params->n == XMSS_SHA256_32_N) &&
-            (params->hash == WC_HASH_TYPE_SHA256)) {
-        byte* prf_buf = state->prf_buf;
-        int ret;
-
-        XMSS_PAD_ENC(XMSS_HASH_PADDING_PRF, prf_buf, XMSS_SHA256_32_PAD_LEN);
-        XMEMCPY(prf_buf + XMSS_SHA256_32_PAD_LEN, seed, XMSS_SHA256_32_N);
-
-        ret = wc_Sha256Update(&state->digest.sha256, prf_buf,
-            XMSS_SHA256_32_PAD_LEN + XMSS_SHA256_32_N);
-        if (ret == 0) {
-            /* Copy state after first 64 bytes. */
-            XMSS_SHA256_STATE_CACHE(state);
-        }
-        else if (state->ret == 0) {
-            /* Store any digest failures for public APIs to return. */
-            state->ret = ret;
-        }
-    }
-#endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 && !WC_XMSS_FULL_HASH */
-    while (len > 1) {
-        word8 i;
-        word8 len2 = len >> 1;
-
-        addr[XMSS_ADDR_TREE_HEIGHT] = h++;
-
-        for (i = 0; i < len2; i++) {
-            addr[XMSS_ADDR_TREE_INDEX] = i;
-        #if !defined(WOLFSSL_WC_XMSS_SMALL) && defined(WC_XMSS_SHA256) && \
-            !defined(WC_XMSS_FULL_HASH)
-            if ((params->pad_len == XMSS_SHA256_32_PAD_LEN) &&
-                    (params->n == XMSS_SHA256_32_N) &&
-                    (params->hash == WC_HASH_TYPE_SHA256)) {
-                wc_xmss_rand_hash_sha256_32_prehash(state,
-                    pk + i * 2 * XMSS_SHA256_32_N, addr,
-                    pk + i * XMSS_SHA256_32_N);
-            }
-            else
-        #endif /* !WOLFSSL_WC_XMSS_SMALL && WC_XMSS_SHA256 &&
-                * !WC_XMSS_FULL_HASH */
-            {
-                wc_xmss_rand_hash(state, pk + i * 2 * params->n,
-                    seed, addr, pk + i * params->n);
-            }
-        }
-        if (len & 1) {
-            XMEMCPY(pk + len2 * params->n, pk + (len - 1) * params->n,
-                params->n);
-        }
-        len = len2 + (len & 1);
-    }
-    /* Return compressed public key value pk[0]. */
-    XMEMCPY(pk0, pk, params->n);
-}
-
-#ifndef WOLFSSL_XMSS_VERIFY_ONLY
-
-#ifdef WOLFSSL_WC_XMSS_SMALL
-
-/********************************************
- * TREE HASH
- ********************************************/
-
-#ifndef WOLFSSL_SMALL_STACK
-/* Compute internal nodes of Merkle tree.
- *
- * Implementation always starts at index 0. (s = 0)
- *
- * Build authentication path, if required, rather than duplicating work.
- * When node is generated, copy out to authentication path array of nodes.
- *
- * RFC 8391: 4.1.6, Algorithm 9: treeHash
- *     if( s % (1 << t) != 0 ) return -1;
- *     for ( i = 0; i < 2^t; i++ ) {
- *       SEED = getSEED(SK);
- *       ADRS.setType(0);   # Type = OTS hash address
- *       ADRS.setOTSAddress(s + i);
- *       pk = WOTS_genPK (getWOTS_SK(SK, s + i), SEED, ADRS);
- *       ADRS.setType(1);   # Type = L-tree address
- *       ADRS.setLTreeAddress(s + i);
- *       node = ltree(pk, SEED, ADRS);
- *       ADRS.setType(2);   # Type = hash tree address
- *       ADRS.setTreeHeight(0);
- *       ADRS.setTreeIndex(i + s);
- *       while ( Top node on Stack has same height t' as node ) {
- *          ADRS.setTreeIndex((ADRS.getTreeIndex() - 1) / 2);
- *          node = RAND_HASH(Stack.pop(), node, SEED, ADRS);
- *          ADRS.setTreeHeight(ADRS.getTreeHeight() + 1);
- *       }
- *       Stack.push(node);
- *     }
- *     return Stack.pop();
- * RFC 8391: 4.1.9, (Example) buildAuth
- *     for ( j = 0; j < h; j++ ) {
- *       k = floor(i / (2^j)) XOR 1;
- *       auth[j] = treeHash(SK, k * 2^j, j, ADRS);
- *     }
- *
- * @param [in]  state         XMSS/MT state including digest and parameters.
- * @param [in]  sk_seed       Random private seed.
- * @param [in]  pk_seed       Random public seed.
- * @param [in]  leafIdx       Index of lead node.
- * @param [in]  subtree_addr  Address of subtree.
- * @param [out] root          Root node of the tree.
- * @param [out] auth_path     Nodes of the authentication path.
- */
-static void wc_xmss_treehash(XmssState* state, const byte* sk_seed,
-    const byte* pk_seed, word32 leafIdx, const word32* subtree, byte* root,
-    byte* auth_path)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    byte* node = state->stack;
-    HashAddress ots;
-    HashAddress ltree;
-    HashAddress tree;
-    word8 height[WC_XMSS_MAX_TREE_HEIGHT + 1];
-    word8 offset = 0;
-    word32 max = (word32)1 << params->sub_h;
-    word32 i;
-
-    /* Copy hash address into one for each purpose.  */
-    XMSS_ADDR_OTS_SET_SUBTREE(ots, subtree);
-    XMSS_ADDR_LTREE_SET_SUBTREE(ltree, subtree);
-    XMSS_ADDR_TREE_SET_SUBTREE(tree, subtree);
-
-    for (i = 0; i < max; i++) {
-        word8 h;
-
-        /* Calculate WOTS+ public key. */
-        ots[XMSS_ADDR_OTS] = i;
-        wc_xmss_wots_gen_pk(state, sk_seed, pk_seed, ots, state->pk);
-        /* Calculate public value. */
-        ltree[XMSS_ADDR_LTREE] = i;
-        wc_xmss_ltree(state, state->pk, pk_seed, ltree, node);
-
-        /* Initial height at this offset is 0. */
-        h = height[offset] = 0;
-        /* Copy node, at height 0, out if on authentication path. */
-        if ((auth_path != NULL) && ((leafIdx ^ 0x1) == i)) {
-            XMEMCPY(auth_path, node, n);
-        }
-
-        /* Top node on Stack has same height t' as node. */
-        while ((offset >= 1) && (h == height[offset - 1])) {
-            word32 tree_idx = i >> (h + 1);
-
-            node -= n;
-            /* Calculate hash of node. */
-            tree[XMSS_ADDR_TREE_HEIGHT] = h;
-            tree[XMSS_ADDR_TREE_INDEX] = tree_idx;
-            wc_xmss_rand_hash(state, node, pk_seed, tree, node);
-
-            /* Update offset and height. */
-            offset--;
-            h = ++height[offset];
-
-            /* Copy node out if on authentication path. */
-            if ((auth_path != NULL) && (((leafIdx >> h) ^ 0x1) == tree_idx)) {
-                XMEMCPY(auth_path + h * n, node, n);
-            }
-        }
-        offset++;
-        node += n;
-    }
-
-    /* Copy the root node. */
-    XMEMCPY(root, state->stack, n);
-}
-#else
-/* Compute internal nodes of Merkle tree.
- *
- * Implementation always starts at index 0. (s = 0)
- *
- * Build authentication path, if required, rather than duplicating work.
- * When node is generated, copy out to authentication path array of nodes.
- *
- * RFC 8391: 4.1.6, Algorithm 9: treeHash
- *     if( s % (1 << t) != 0 ) return -1;
- *     for ( i = 0; i < 2^t; i++ ) {
- *       SEED = getSEED(SK);
- *       ADRS.setType(0);   # Type = OTS hash address
- *       ADRS.setOTSAddress(s + i);
- *       pk = WOTS_genPK (getWOTS_SK(SK, s + i), SEED, ADRS);
- *       ADRS.setType(1);   # Type = L-tree address
- *       ADRS.setLTreeAddress(s + i);
- *       node = ltree(pk, SEED, ADRS);
- *       ADRS.setType(2);   # Type = hash tree address
- *       ADRS.setTreeHeight(0);
- *       ADRS.setTreeIndex(i + s);
- *       while ( Top node on Stack has same height t' as node ) {
- *          ADRS.setTreeIndex((ADRS.getTreeIndex() - 1) / 2);
- *          node = RAND_HASH(Stack.pop(), node, SEED, ADRS);
- *          ADRS.setTreeHeight(ADRS.getTreeHeight() + 1);
- *       }
- *       Stack.push(node);
- *     }
- *     return Stack.pop();
- * RFC 8391: 4.1.9, (Example) buildAuth
- *     for ( j = 0; j < h; j++ ) {
- *       k = floor(i / (2^j)) XOR 1;
- *       auth[j] = treeHash(SK, k * 2^j, j, ADRS);
- *     }
- *
- * @param [in]  state         XMSS/MT state including digest and parameters.
- * @param [in]  sk_seed       Random private seed.
- * @param [in]  pk_seed       Random public seed.
- * @param [in]  leafIdx       Index of lead node.
- * @param [in]  subtree_addr  Address of subtree.
- * @param [out] root          Root node of the tree.
- * @param [out] auth_path     Nodes of the authentication path.
- */
-static void wc_xmss_treehash(XmssState* state, const byte* sk_seed,
-    const byte* pk_seed, word32 leafIdx, const word32* subtree, byte* root,
-    byte* auth_path)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    byte* node = state->stack;
-    HashAddress addr;
-    word8 height[WC_XMSS_MAX_TREE_HEIGHT + 1];
-    word8 offset = 0;
-    word32 max = (word32)1 << params->sub_h;
-    word32 i;
-
-    XMSS_ADDR_SET_SUBTREE(addr, subtree, 0);
-
-    for (i = 0; i < max; i++) {
-        word8 h;
-
-        /* Calculate WOTS+ public key. */
-        addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-        addr[XMSS_ADDR_LTREE] = i;
-        wc_xmss_wots_gen_pk(state, sk_seed, pk_seed, addr, state->pk);
-        /* Calculate public value. */
-        addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_LTREE;
-        wc_xmss_ltree(state, state->pk, pk_seed, addr, node);
-        addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_TREE;
-        addr[XMSS_ADDR_TREE_ZERO] = 0;
-
-        /* Initial height at this offset is 0. */
-        h = height[offset] = 0;
-        /* Copy node out if on authentication path. */
-        if ((auth_path != NULL) && ((leafIdx ^ 0x1) == i)) {
-            XMEMCPY(auth_path, node, n);
-        }
-
-        /* Top node on Stack has same height t' as node. */
-        while ((offset >= 1) && (h == height[offset - 1])) {
-            word32 tree_idx = i >> (h + 1);
-
-            node -= n;
-            /* Calculate hash of node. */
-            addr[XMSS_ADDR_TREE_HEIGHT] = h;
-            addr[XMSS_ADDR_TREE_INDEX] = tree_idx;
-            wc_xmss_rand_hash(state, node, pk_seed, addr, node);
-
-            /* Update offset and height. */
-            offset--;
-            h = ++height[offset];
-
-            /* Copy node out if on authentication path. */
-            if ((auth_path != NULL) && (((leafIdx >> h) ^ 0x1) == tree_idx)) {
-                XMEMCPY(auth_path + h * n, node, n);
-            }
-        }
-        offset++;
-        node += n;
-        /* Reset hash address ready for use as OTS and LTREE. */
-        addr[XMSS_ADDR_TREE_HEIGHT] = 0;
-        addr[XMSS_ADDR_TREE_INDEX] = 0;
-    }
-
-    /* Copy the root node. */
-    XMEMCPY(root, state->stack, n);
-}
-#endif /* !WOLFSSL_SMALL_STACK */
-
-/********************************************
- * MAKE KEY
- ********************************************/
-
-/* Derives XMSSMT (and XMSS) key pair from seeds.
- *
- * RFC 8391: 4.1.7, Algorithm 10: XMSS_keyGen.
- *     ...
- *     initialize SK_PRF with a uniformly random n-byte string;
- *     setSK_PRF(SK, SK_PRF);
- *
- *     # Initialization for common contents
- *     initialize SEED with a uniformly random n-byte string;
- *     setSEED(SK, SEED);
- *     setWOTS_SK(SK, wots_sk));
- *     ADRS = toByte(0, 32);
- *     root = treeHash(SK, 0, h, ADRS);
- *
- *     SK = idx || wots_sk || SK_PRF || root || SEED;
- *     PK = OID || root || SEED;
- *     return (SK || PK);
- *
- * wots_sk, SK_PRF and SEED passed in as seed.
- * Store seed for wots_sk instead of generated wots_sk.
- * OID not stored in PK this is handled in upper layer.
- *
- * @param [in]  state   XMSS/MT state including digest and parameters.
- * @param [in]  seed    Random seeds.
- * @param [out] sk      Secret/Private key.
- * @param [out] pk      Public key.
- * @return  0 on success.
- * @return  <0 on digest failure.
- */
-int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
-    unsigned char* sk, unsigned char* pk)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const byte* seed_priv = seed;
-    const byte* seed_pub  = seed + 2 * n;
-    /* Offsets into secret/private key. */
-    byte* sk_idx  = sk;
-    byte* sk_seed = sk_idx + params->idx_len;
-    byte* sk_pub  = sk_seed + 2 * n;
-    /* Offsets into public key. */
-    byte* pk_root = pk;
-    byte* pk_seed = pk_root + n;
-
-    /* Set first index to 0 in private key. */
-    XMEMSET(sk_idx, 0, params->idx_len);
-    /* Set private key seed and private key for PRF in to private key. */
-    XMEMCPY(sk_seed, seed_priv, 2 * n);
-    /* Set public key seed into public key. */
-    XMEMCPY(pk_seed, seed_pub, n);
-
-    /* Set all address values to zero. */
-    XMEMSET(state->addr, 0, sizeof(HashAddress));
-    /* Set depth into address. */
-    state->addr[XMSS_ADDR_LAYER] = params->d - 1;
-    /* Compute root node into public key. */
-    wc_xmss_treehash(state, sk_seed, pk_seed, 0, state->addr, pk_root, NULL);
-
-    /* Append public key (root node and public seed) to private key. */
-    XMEMCPY(sk_pub, pk_root, 2 * n);
-
-    /* Return any errors that occurred during hashing. */
-    return state->ret;
-}
-
-/********************************************
- * SIGN
- ********************************************/
-
-/**
- * Sign message using XMSS/XMSS^MT.
- *
- * RFC 8391: 4.1.9, Algorithm 11: treeSig
- *     auth = buildAuth(SK, idx_sig, ADRS);
- *     ADRS.setType(0);   # Type = OTS hash address
- *     ADRS.setOTSAddress(idx_sig);
- *     sig_ots = WOTS_sign(getWOTS_SK(SK, idx_sig),
- *                         M', getSEED(SK), ADRS);
- *     Sig = sig_ots || auth;
- *     return Sig;
- * RFC 8391: 4.2.4, Algorithm 16: XMSSMT_sign
- *     # Init
- *     ADRS = toByte(0, 32);
- *     SEED = getSEED(SK_MT);
- *     SK_PRF = getSK_PRF(SK_MT);
- *     idx_sig = getIdx(SK_MT);
- *
- *     # Update SK_MT
- *     setIdx(SK_MT, idx_sig + 1);
- *
- *     # Message compression
- *     byte[n] r = PRF(SK_PRF, toByte(idx_sig, 32));
- *     byte[n] M' = H_msg(r || getRoot(SK_MT) || (toByte(idx_sig, n)), M);
- *
- *     # Sign
- *     Sig_MT = idx_sig;
- *     unsigned int idx_tree
- *                   = (h - h / d) most significant bits of idx_sig;
- *     unsigned int idx_leaf = (h / d) least significant bits of idx_sig;
- *     SK = idx_leaf || getXMSS_SK(SK_MT, idx_tree, 0) || SK_PRF
- *           || toByte(0, n) || SEED;
- *     ADRS.setLayerAddress(0);
- *     ADRS.setTreeAddress(idx_tree);
- *     Sig_tmp = treeSig(M', SK, idx_leaf, ADRS);
- *     Sig_MT = Sig_MT || r || Sig_tmp;
- *     for ( j = 1; j < d; j++ ) {
- *        root = treeHash(SK, 0, h / d, ADRS);
- *        idx_leaf = (h / d) least significant bits of idx_tree;
- *        idx_tree = (h - j * (h / d)) most significant bits of idx_tree;
- *        SK = idx_leaf || getXMSS_SK(SK_MT, idx_tree, j) || SK_PRF
- *               || toByte(0, n) || SEED;
- *        ADRS.setLayerAddress(j);
- *        ADRS.setTreeAddress(idx_tree);
- *        Sig_tmp = treeSig(root, SK, idx_leaf, ADRS);
- *        Sig_MT = Sig_MT || Sig_tmp;
- *     }
- *     return SK_MT || Sig_MT
- *
- * buildAuth from treeSig done inside treeHash as this is more efficient.
- *
- * @param [in]      state   XMSS/MT state including digest and parameters.
- * @param [in]      m       Buffer holding message.
- * @param [in]      mlen    Length of message in buffer.
- * @param [in, out] sk      Secret/Private key.
- * @param [out]     sig     Signature.
- * @return  0 on success.
- * @return  <0 on digest failure.
- */
-int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
-    unsigned char* sk, unsigned char* sig)
-{
-    int ret = 0;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 hs = params->sub_h;
-    const word16 hsn = (word16)hs * n;
-    const byte* sk_seed = sk + params->idx_len;
-    const byte* pk_seed = sk + params->idx_len + 3 * n;
-    wc_Idx idx;
-    byte* sig_r = sig + params->idx_len;
-    byte root[WC_XMSS_MAX_N];
-    unsigned int i;
-
-    WC_IDX_ZERO(idx);
-    /* Set all address values to zero and set type to OTS. */
-    XMEMSET(state->addr, 0, sizeof(HashAddress));
-    state->addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-
-    /* Copy the index into the signature data: Sig_MT = idx_sig. */
-    XMEMCPY(sig, sk, params->idx_len);
-
-    /* Read index from the secret key. */
-    WC_IDX_DECODE(idx, params->idx_len, sk, ret);
-    /* Validate index in secret key. */
-    if ((ret == 0) && (WC_IDX_INVALID(idx, params->idx_len, params->h))) {
-        /* Set index to maximum value to distinguish from valid value. */
-        XMEMSET(sk, 0xFF, params->idx_len);
-        /* Zeroize the secret key. */
-        ForceZero(sk + params->idx_len, params->sk_len - params->idx_len);
-        ret = KEY_EXHAUSTED_E;
-    }
-
-    /* Update SK_MT */
-    if (ret == 0) {
-        /* Increment the index in the secret key. */
-        wc_idx_update(sk, params->idx_len);
-    }
-
-    /* Message compression */
-    if (ret == 0) {
-        const byte* sk_prf = sk + params->idx_len + n;
-
-        /* byte[n] r = PRF(SK_PRF, toByte(idx_sig, 32)); */
-        wc_idx_copy(sig, params->idx_len, state->buf, XMSS_PRF_M_LEN);
-        wc_xmss_prf(state, sk_prf, state->buf, sig_r);
-        ret = state->ret;
-    }
-    if (ret == 0) {
-        const byte* pub_root = sk + params->idx_len + 2 * n;
-        /* byte[n] M' = H_msg(r || getRoot(SK_MT) || (toByte(idx_sig, n)), M);
-         */
-        wc_xmss_hash_message(state, sig_r, pub_root, sig, params->idx_len, m,
-            mlen, root);
-        ret = state->ret;
-        /* Place WOTS+ signatures after index and 'r'. */
-        sig += params->idx_len + n;
-    }
-
-    /* Sign. */
-    for (i = 0; (ret == 0) && (i < params->d); i++) {
-        word32 idx_leaf = 0;
-
-        /* Set layer, tree and OTS leaf index into hash address. */
-        state->addr[XMSS_ADDR_LAYER] = i;
-        WC_IDX_SET_ADDR_TREE(idx, params->idx_len, hs, state->addr, idx_leaf);
-        /* treeSig || treeHash = sig_ots || auth */
-        state->addr[XMSS_ADDR_OTS] = idx_leaf;
-        /*   Create WOTS+ signature for tree into signature (sig_ots). */
-        wc_xmss_wots_sign(state, root, sk_seed, pk_seed, state->addr, sig);
-        ret = state->ret;
-        if (ret == 0) {
-            sig += params->wots_sig_len;
-            /*   Add authentication path (auth) and calc new root. */
-            wc_xmss_treehash(state, sk_seed, pk_seed, idx_leaf, state->addr,
-                root, sig);
-            ret = state->ret;
-            sig += hsn;
-        }
-    }
-
-    return ret;
-}
-
-#else
-
-/********************************************
- * Fast C implementation
- ********************************************/
-
-/* Tree hash data - needs to be unpacked from binary. */
-typedef struct TreeHash {
-    /* Next index to update in tree - max 20 bits. */
-    word32 nextIdx;
-    /* Number of stack entries used by tree - 0..<subtree height>. */
-    word8  used;
-    /* Tree is finished. */
-    word8  completed;
-} TreeHash;
-
-/* BDS state. */
-typedef struct BdsState {
-    /* Stack of nodes - subtree height + 1 nodes. */
-    byte*     stack;
-    /* Height of stack node - subtree height + 1 of 0..<subtree height - 1>. */
-    byte*     height;
-    /* Authentication path for next index - subtree height nodes. */
-    byte*     authPath;
-    /* Hashes of nodes kept - subtree height / 2 nodes. */
-    byte*     keep;
-    /* Tree hash instances - subtree height minus K instances. */
-    byte*     treeHash;
-    /* Hashes of nodes for tree hash - one for each tree hash instance. */
-    byte*     treeHashNode;
-    /* Hashes of nodes to retain - based on K parameter. */
-    byte*     retain;
-    /* Next leaf to calculate - max 20 bits. */
-    word32    next;
-    /* Current offset into stack - 0..<subtree height>. */
-    word8     offset;
-} BdsState;
-
-/* Index to BDS state accounting for swapping.
- *
- * @param [in] idx  Index of node.
- * @param [in] i    Depth of tree.
- * @param [in] hs   Height of subtree.
- * @param [in] d    Depth/number of trees.
- * @return  Index of working BDS state.
- */
-#define BDS_IDX(idx, i, hs, d)      \
-    (((((idx) >> ((hs) * ((i) + 1))) & 1) == 0) ? (i) : ((d) + (i)))
-/* Index to alternate BDS state accounting for swapping.
- *
- * @param [in] idx  Index of node.
- * @param [in] i    Depth of tree.
- * @param [in] hs   Height of subtree.
- * @param [in] d    Depth/number of trees.
- * @return  Index of alternate BDS state.
- */
-#define BDS_ALT_IDX(idx, i, hs, d)  \
-    (((((idx) >> ((hs) * ((i) + 1))) & 1) == 0) ? ((d) + (i)) : (i))
-
-/********************************************
- * Tree Hash APIs
- ********************************************/
-
-/* Initialize the tree hash data at specified index for the BDS state.
- *
- * @param [in, out] bds  BDS state.
- * @param [in]      i    Index of tree hash.
- */
-static void wc_xmss_bds_state_treehash_init(BdsState* bds, int i)
-{
-    byte* sk = bds->treeHash + i * 4;
-    c32to24(0, sk);
-    sk[3] = 0 | (1 << 7);
-}
-
-/* Set next index into tree hash data at specified index for the BDS state.
- *
- * @param [in, out] bds      BDS state.
- * @param [in]      i        Index of tree hash.
- * @param [in]      nextIdx  Next index for tree hash.
- */
-static void wc_xmss_bds_state_treehash_set_next_idx(BdsState* bds, int i,
-    word32 nextIdx)
-{
-    byte* sk = bds->treeHash + i * 4;
-    c32to24(nextIdx, sk);
-    sk[3] = 0 | (0 << 7);
-}
-
-/* Mark tree hash, at specified index for the BDS state, as complete.
- *
- * @param [in, out] bds  BDS state.
- * @param [in]      i    Index of tree hash.
- */
-static void wc_xmss_bds_state_treehash_complete(BdsState* bds, int i)
-{
-    byte* sk = bds->treeHash + i * 4;
-    sk[3] |= 1 << 7; /* // NOLINT(clang-analyzer-core.NullDereference) */
-}
-
-/* Get the tree hash data at specified index for the BDS state.
- *
- * @param [in]  bds       BDS state.
- * @param [in]  i         Index of tree hash.
- * @param [out] treeHash  Tree hash instance to fill out.
- */
-static void wc_xmss_bds_state_treehash_get(BdsState* bds, int i,
-    TreeHash* treeHash)
-{
-    byte* sk = bds->treeHash + i * 4;
-    ato24(sk, &treeHash->nextIdx);
-    treeHash->used = sk[3] & 0x7f;
-    treeHash->completed = sk[3] >> 7;
-}
-
-/* Set the tree hash data at specified index for the BDS state.
- *
- * @param [in, out]  bds       BDS state.
- * @param [in]       i         Index of tree hash.
- * @param [in]       treeHash  Tree hash data.
- */
-static void wc_xmss_bds_state_treehash_set(BdsState* bds, int i,
-    TreeHash* treeHash)
-{
-    byte* sk = bds->treeHash + i * 4;
-    c32to24(treeHash->nextIdx, sk);
-    sk[3] = treeHash->used | (treeHash->completed << 7);
-}
-
-/********************************************
- * BDS State APIs
- ********************************************/
-
-/* Allocate memory for BDS state.
- *
- * When using a static BDS state (XMSS) then pass in handle to data for bds.
- *
- * @param [in]      params    XMSS/MT parameters.
- * @param [in, out] bds       Handle to BDS state. May be NULL if not allocated.
- * @return  0 on success.
- * @return  MEMORY_E on dynamic memory allocation failure.
- */
-static int wc_xmss_bds_state_alloc(const XmssParams* params, BdsState** bds)
-{
-    const word8 cnt = 2 * params->d - 1;
-    int ret = 0;
-
-    if (*bds == NULL) {
-        /* Allocate memory for BDS states. */
-        *bds = (BdsState*)XMALLOC(sizeof(BdsState) * cnt, NULL,
-            DYNAMIC_TYPE_TMP_BUFFER);
-        if (*bds == NULL) {
-            ret = MEMORY_E;
-        }
-        else {
-            XMEMSET(*bds, 0, sizeof(BdsState) * cnt);
-        }
-    }
-
-    return ret;
-}
-
-/* Dispose of allocated memory associated with BDS state.
- *
- * @param [in] bds    BDS state.
- */
-static void wc_xmss_bds_state_free(BdsState* bds)
-{
-    /* BDS states was allocated - must free. */
-    XFREE(bds, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-}
-
-/* Load the BDS state from the secret/private key.
- *
- * @param [in]  state      XMSS/MT state including digest and parameters.
- * @param [in]  sk         Secret/private key.
- * @param [out] bds        BDS states.
- * @param [out] wots_sigs  WOTS signatures when XMSS^MT.
- */
-static int wc_xmss_bds_state_load(const XmssState* state, byte* sk,
-    BdsState* bds, byte** wots_sigs)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 hs = params->sub_h;
-    const word8 hsk = params->sub_h - params->bds_k;
-    const word8 k = params->bds_k;
-    const word32 retainLen = XMSS_RETAIN_LEN(k, n);
-    int i;
-
-    /* Skip past standard SK = idx || wots_sk || SK_PRF || root || SEED; */
-    sk += params->idx_len + 4 * n;
-
-    if (2 * (int)params->d - 1 <= 0)
-        return WC_FAILURE;
-
-    for (i = 0; i < 2 * (int)params->d - 1; i++) {
-        /* Set pointers into SK. */
-        bds[i].stack = sk;
-        sk += (hs + 1) * n;
-        bds[i].height = sk;
-        sk += hs + 1;
-        bds[i].authPath = sk;
-        sk += hs * n;
-        bds[i].keep = sk;
-        sk += (hs >> 1) * n;
-        bds[i].treeHash = sk;
-        sk += hsk * 4;
-        bds[i].treeHashNode = sk;
-        sk += hsk * n;
-        bds[i].retain = sk;
-        sk += retainLen;
-        /* Load values - big-endian encoded. */
-        ato24(sk, &bds[i].next);
-        sk += 3;
-        bds[i].offset = sk[0];
-        sk += 1;
-    }
-
-    if (wots_sigs != NULL) {
-        *wots_sigs = sk;
-    }
-
-    return 0;
-}
-
-/* Store the BDS state into the secret/private key.
- *
- * @param [in]      state   XMSS/MT state including digest and parameters.
- * @param [in, out] sk      Secret/private key.
- * @param [in]      bds     BDS states.
- */
-static int wc_xmss_bds_state_store(const XmssState* state, byte* sk,
-    BdsState* bds)
-{
-    int i;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 hs = params->sub_h;
-    const word8 hsk = params->sub_h - params->bds_k;
-    const word8 k = params->bds_k;
-    const word32 skip = (hs + 1) * n +            /* BdsState.stack */
-                        hs + 1 +                  /* BdsState.height */
-                        hs * n +                  /* BdsState.authPath */
-                        (hs >> 1) * n +           /* BdsState.keep */
-                        hsk * 4 +                 /* BdsState.treeHash */
-                        hsk * n +                 /* BdsState.treeHashNode */
-                        XMSS_RETAIN_LEN(k, n);    /* BdsState.retain */
-
-    /* Ignore standard SK = idx || wots_sk || SK_PRF || root || SEED; */
-    sk += params->idx_len + 4 * n;
-
-    if (2 * (int)params->d - 1 <= 0)
-        return WC_FAILURE;
-
-    for (i = 0; i < 2 * (int)params->d - 1; i++) {
-        /* Skip pointers into sk. */
-        sk += skip;
-        /* Save values - big-endian encoded. */
-        c32to24(bds[i].next, sk); /* NOLINT(clang-analyzer-core.CallAndMessage) */
-        sk += 3;
-        sk[0] = bds[i].offset;
-        sk += 1;
-    }
-
-    return 0;
-}
-
-/********************************************
- * BDS
- ********************************************/
-
-/* Compute node at next index.
- *
- * RFC 8391: 4.1.6, Algorithm 9: treeHash
- *       ...
- *       ADRS.setType(0);   # Type = OTS hash address
- *       ADRS.setOTSAddress(s + i);
- *       pk = WOTS_genPK (getWOTS_SK(SK, s + i), SEED, ADRS);
- *       ADRS.setType(1);   # Type = L-tree address
- *       ADRS.setLTreeAddress(s + i);
- *       node = ltree(pk, SEED, ADRS);
- *       ADRS.setType(2);   # Type = hash tree address
- *       ADRS.setTreeHeight(0);
- *       ADRS.setTreeIndex(i + s);
- *       while ( Top node on Stack has same height t' as node ) {
- *          ADRS.setTreeIndex((ADRS.getTreeIndex() - 1) / 2);
- *          node = RAND_HASH(Stack.pop(), node, SEED, ADRS);
- *          ADRS.setTreeHeight(ADRS.getTreeHeight() + 1);
- *       }
- *       Stack.push(node);
- *       ...
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  bds      BDS state.
- * @param [in]  sk_seed  Random secret/private seed.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address.
- * @param [out] root     Root node.
- */
-static void wc_xmss_bds_next_idx(XmssState* state, BdsState* bds,
-    const byte* sk_seed, const byte* pk_seed, HashAddress addr, int i,
-    word8* height, word8* offset, word8** sp)
-{
-    const XmssParams* params = state->params;
-    const word8 hs = params->sub_h;
-    const word8 hsk = params->sub_h - params->bds_k;
-    const word8 n = params->n;
-    word8 o = *offset;
-    word8* node = *sp;
-    word8 h;
-
-    /* Calculate WOTS+ public key. */
-    addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-    addr[XMSS_ADDR_OTS] = i;
-    wc_xmss_wots_gen_pk(state, sk_seed, pk_seed, addr, state->pk);
-    /* Calculate public value. */
-    addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_LTREE;
-    wc_xmss_ltree(state, state->pk, pk_seed, addr, node);
-    addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_TREE;
-    addr[XMSS_ADDR_TREE_ZERO] = 0;
-
-    /* Initial height at this offset is 0. */
-    h = height[o] = 0;
-    /* HDSS, Section 4.5, 2: TREEHASH[h].push(v[h][3])
-     * Copy right node to tree hash nodes if second right node. */
-    if ((hsk > 0) && (i == 3)) {
-        XMEMCPY(bds->treeHashNode, node + n, n);
-    }
-
-    /* Top node on Stack has same height t' as node. */
-    while ((o >= 1) && (h == height[o - 1])) {
-        /* HDSS, Section 4.5, 1: AUTH[h] = v[h][1], h = 0,...,H-1.
-         * Cache left node if on authentication path. */
-        if ((i >> h) == 1) {
-            if (bds->authPath == NULL) {
-                state->ret = WC_FAILURE;
-                return;
-            }
-            XMEMCPY(bds->authPath + h * n, node, n);
-        }
-        /* This is a right node. */
-        else if (h < hsk) {
-            /* HDSS, Section 4.5, 2: TREEHASH[h].push(v[h][3])
-             * Copy right node to tree hash if second right node. */
-            if ((i >> h) == 3) {
-                XMEMCPY(bds->treeHashNode + h * n, node, n);
-            }
-        }
-        else {
-            /* HDSS, Section 4.5, 3: RETAIN[h].push(v[j][2j+3] for
-             *   h = H-K,...,H-2 and j = 2^(H-h-1)-2,...,0.
-             * Retain high right nodes.
-             */
-            word32 ro = (1 << (hs - 1 - h)) + h - hs + (((i >> h) - 3) >> 1);
-            XMEMCPY(bds->retain + ro * n, node, n);
-        }
-
-        node -= n;
-        /* Calculate hash of node. */
-        addr[XMSS_ADDR_TREE_HEIGHT] = h;
-        addr[XMSS_ADDR_TREE_INDEX] = i >> (h + 1);
-        wc_xmss_rand_hash(state, node, pk_seed, addr, node);
-
-        /* Update offset and height. */
-        o--;
-        h = ++height[o];
-    }
-
-    *offset = o;
-    *sp = node;
-}
-
-/* Compute initial Merkle tree and store nodes.
- *
- * HDSS, Section 4.5, The algorithm, Initialization.
- *   1. We store the authentication path for the first leaf (s = 0):
- *   AUTH[h] = v[h][1], h = 0,...,H-1.
- *   2. Depending on the parameter K, we store the next right authentication
- *   node for each height h = 0,...,H-K-1 in the treehash instances:
- *   TREEHASH[h].push(v[h][3]).
- *   3. Finally we store the right authentication nodes clode to the root using
- *   the stacks RETAIN[h]:
- *   RETAIN[h].push(v[j][2j+3] for h = H-K,...,H-2 and j = 2^(H-h-1)-2,...,0.
- *
- * RFC 8391: 4.1.6, Algorithm 9: treeHash
- *     if( s % (1 << t) != 0 ) return -1;
- *     for ( i = 0; i < 2^t; i++ ) {
- *       SEED = getSEED(SK);
- *       [Compute node at next index]
- *     }
- *     return Stack.pop();
- *
- * @param [in]  state    XMSS/MT state including digest and parameters.
- * @param [in]  bds      BDS state.
- * @param [in]  sk_seed  Random secret/private seed.
- * @param [in]  pk_seed  Random public seed.
- * @param [in]  addr     Hash address.
- * @param [out] root     Root node.
- */
-static void wc_xmss_bds_treehash_initial(XmssState* state, BdsState* bds,
-    const byte* sk_seed, const byte* pk_seed, const HashAddress addr,
-    byte* root)
-{
-    const XmssParams* params = state->params;
-    const word8 hsk = params->sub_h - params->bds_k;
-    const word8 n = params->n;
-    word8* node = state->stack;
-    HashAddress addrCopy;
-    word8 height[WC_XMSS_MAX_TREE_HEIGHT + 1];
-    word8 offset = 0;
-    word32 maxIdx = (word32)1 << params->sub_h;
-    word32 i;
-
-    /* First signing index will be 0 - setup BDS state. */
-    bds->offset = 0;
-    bds->next = 0;
-    /* Reset the hash tree status. */
-    if (bds->treeHash != NULL) {
-        for (i = 0; i < hsk; i++) {
-            wc_xmss_bds_state_treehash_init(bds, i);
-        }
-    }
-
-    /* Copy hash address into local. */
-    XMSS_ADDR_OTS_SET_SUBTREE(addrCopy, addr);
-
-    /* Compute each node in tree. */
-    for (i = 0; i < maxIdx; i++) {
-        wc_xmss_bds_next_idx(state, bds, sk_seed, pk_seed, addrCopy, i, height,
-            &offset, &node);
-        offset++;
-        node += n;
-        /* Rest the hash address for reuse. */
-        addrCopy[XMSS_ADDR_TREE_HEIGHT] = 0;
-        addrCopy[XMSS_ADDR_TREE_INDEX] = 0;
-    }
-
-    /* Copy the root node. */
-    XMEMCPY(root, state->stack, n);
-}
-
-/* Update internal nodes of Merkle tree at next index.
- *
- * RFC 8391: 4.1.6, Algorithm 9: treeHash
- *       ...
- *       SEED = getSEED(SK);
- *       ADRS.setType(0);   # Type = OTS hash address
- *       ADRS.setOTSAddress(s + i);
- *       pk = WOTS_genPK (getWOTS_SK(SK, s + i), SEED, ADRS);
- *       ADRS.setType(1);   # Type = L-tree address
- *       ADRS.setLTreeAddress(s + i);
- *       node = ltree(pk, SEED, ADRS);
- *       ADRS.setType(2);   # Type = hash tree address
- *       ADRS.setTreeHeight(0);
- *       ADRS.setTreeIndex(i + s);
- *       while ( Top node on Stack has same height t' as node ) {
- *          ADRS.setTreeIndex((ADRS.getTreeIndex() - 1) / 2);
- *          node = RAND_HASH(Stack.pop(), node, SEED, ADRS);
- *          ADRS.setTreeHeight(ADRS.getTreeHeight() + 1);
- *       }
- *       Stack.push(node);
- *
- * @param [in]      state    XMSS/MT state including digest and parameters.
- * @param [in, out] bds      BDS state.
- * @param [in]      height   Height of nodes to update.
- * @param [in]      sk_seed  Random secret/private seed.
- * @param [in]      pk_seed  Random public seed.
- * @param [in]      addr     Hash address.
- */
-static void wc_xmss_bds_treehash_update(XmssState* state, BdsState* bds,
-    word8 height, const byte* sk_seed, const byte* pk_seed,
-    const HashAddress addr)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    HashAddress addrLocal;
-    TreeHash treeHash[1];
-    byte* sp = bds->stack + bds->offset * n;
-    byte* node = state->stack + WC_XMSS_MAX_STACK_LEN - n;
-    word8 h;
-
-    /* Get the tree hash data. */
-    wc_xmss_bds_state_treehash_get(bds, height, treeHash);
-    /* Copy hash address into local as OTS type. */
-    XMSS_ADDR_OTS_SET_SUBTREE(addrLocal, addr);
-    /* Calculate WOTS+ public key. */
-    addrLocal[XMSS_ADDR_OTS] = treeHash->nextIdx;
-    wc_xmss_wots_gen_pk(state, sk_seed, pk_seed, addrLocal, state->pk);
-    /* Calculate public value. */
-    addrLocal[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_LTREE;
-    wc_xmss_ltree(state, state->pk, pk_seed, addrLocal, node);
-    addrLocal[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_TREE;
-    addrLocal[XMSS_ADDR_TREE_ZERO] = 0;
-
-    /* Initial height is 0. */
-    h = 0;
-
-    /* Top node on Stack has same height t' as node. */
-    while ((treeHash->used > 0) && (h == bds->height[bds->offset - 1])) {
-        sp -= n;
-        /* Copy from stack to before last calculated node. */
-        node -= n;
-        XMEMCPY(node, sp, n);
-
-        /* Calculate hash of node. */
-        addrLocal[XMSS_ADDR_TREE_HEIGHT] = h;
-        addrLocal[XMSS_ADDR_TREE_INDEX] = treeHash->nextIdx >> (h + 1);
-        wc_xmss_rand_hash(state, node, pk_seed, addrLocal, node);
-
-        /* Update used, offset and height. */
-        treeHash->used--;
-        bds->offset--;
-        h++;
-    }
-
-    /* Check whether we reached the height we wanted to update. */
-    if (h == height) {
-        /* Cache node. */
-        XMEMCPY(bds->treeHashNode + height * n, node, n);
-        treeHash->completed = 1;
-    }
-    else {
-        /* Push calculated node onto stack. */
-        XMEMCPY(sp, node, n);
-        treeHash->used++;
-        /* Update BDS state. */
-        bds->height[bds->offset] = h;
-        bds->offset++;
-        treeHash->nextIdx++;
-    }
-
-    /* Set the tree hash data back. */
-    wc_xmss_bds_state_treehash_set(bds, height, treeHash);
-}
-
-/* Updates hash trees that need it most.
- *
- * Algorithm 4.6: Authentication path computation, Step 5.
- *
- * @param [in]      state    XMSS/MT state including digest and parameters.
- * @param [in, out] bds      BDS state.
- * @param [in]      updates  Current number of updates.
- * @param [in]      sk_seed  Random secret/private seed.
- * @param [in]      pk_seed  Random public seed.
- * @param [in]      addr     Hash address.
- * @return  Number of available updates.
- */
-static word8 wc_xmss_bds_treehash_updates(XmssState* state, BdsState* bds,
-    word8 updates, const byte* sk_seed, const byte* pk_seed,
-    const HashAddress addr)
-{
-    const XmssParams* params = state->params;
-    const word8 hs = params->sub_h;
-    const word8 hsk = params->sub_h - params->bds_k;
-
-    if (bds->treeHash == NULL) {
-        state->ret = WC_FAILURE;
-        return 0;
-    }
-
-    while (updates > 0) {
-        word8 minH = hs;
-        word8 h = hsk;
-        word8 i;
-
-        /* Step 5.a. k <- min{ h: TREEHASH(h).height() =
-                                  min[j=0..H-K-1]{TREEHASH(j.height()} } */
-        for (i = 0; i < hsk; i++) {
-            TreeHash treeHash[1];
-
-            wc_xmss_bds_state_treehash_get(bds, i, treeHash);
-
-            if (treeHash->completed) {
-                /* Finished - ignore. */
-            }
-            else if (treeHash->used == 0) {
-                /* None used, low height. */
-                if (i < minH) {
-                    h = i;
-                    minH = i;
-                }
-            }
-            /* Find the height of lowest in cache. */
-            else {
-                word8 j;
-                word8 lowH = hs;
-                byte* height = bds->height + bds->offset - treeHash->used;
-
-                for (j = 0; j < treeHash->used; j++) {
-                    lowH = min(height[j], lowH);
-                }
-                if (lowH < minH) {
-                    /* New lowest height. */
-                    h = i;
-                    minH = lowH;
-                }
-            }
-        }
-        /* If none lower, then stop. */
-        if (h == hsk) {
-            break;
-        }
-
-        /* Step 5.b. TREEHASH(k).update() */
-        /* Update tree to the lowest height. */
-        wc_xmss_bds_treehash_update(state, bds, h, sk_seed, pk_seed, addr);
-        updates--;
-    }
-    return updates;
-}
-
-/* Update BDS at next leaf.
- *
- * Don't do anything if processed all leaves.
- *
- * @param [in]      state     XMSS/MT state including digest and parameters.
- * @param [in, out] bds       BDS state.
- * @param [in]      sk_seed   Random secret/private seed.
- * @param [in]      pk_seed   Random public seed.
- * @param [in]      addr      Hash address.
- */
-static void wc_xmss_bds_update(XmssState* state, BdsState* bds,
-    const byte* sk_seed, const byte* pk_seed, const HashAddress addr)
-{
-    if (bds->next < ((word32)1 << state->params->sub_h)) {
-        const XmssParams* params = state->params;
-        byte* sp = bds->stack + bds->offset * params->n;
-        HashAddress addrCopy;
-
-        XMSS_ADDR_OTS_SET_SUBTREE(addrCopy, addr);
-        if (bds->height == NULL) {
-            state->ret = WC_FAILURE;
-            return;
-        }
-        wc_xmss_bds_next_idx(state, bds, sk_seed, pk_seed, addrCopy, bds->next,
-            bds->height, &bds->offset, &sp);
-        bds->offset++;
-        bds->next++;
-    }
-}
-
-/* Find index of lowest zero bit.
- *
- * Supports max up to 31.
- *
- * @param [in]  n    Number to evaluate.
- * @param [in]  max  Max number of bits.
- * @param [out] b    Next bit above first zero bit.
- * @return  Index of lowest bit that is zero.
- */
-static word8 wc_xmss_lowest_zero_bit_index(word32 n, word8 max, word8* b)
-{
-    word8 i;
-
-    /* Check each bit from lowest for a zero bit. */
-    for (i = 0; i < max; i++) {
-        if ((n & 1) == 0) {
-            break;
-        }
-        n >>= 1;
-    }
-
-    /* Return next bit after 0 bit. */
-    *b = (n >> 1) & 1;
-    return i;
-}
-
-/* Returns auth path for node leafIdx and computes for next leaf node.
- *
- * HDSS, Algorithm 4.6: Authentication path computation, Steps 1-4.
- *
- * @param [in]      state    XMSS/MT state including digest and parameters.
- * @param [in, out] bds      BDS state.
- * @param [in]      leafIdx  Current leaf index.
- * @param [in]      sk_seed  Random secret/private seed.
- * @param [in]      pk_seed  Random public seed.
- * @param [in]      addr     Hash address.
- */
-static void wc_xmss_bds_auth_path(XmssState* state, BdsState* bds,
-    const word32 leafIdx, const byte* sk_seed, const byte* pk_seed,
-    HashAddress addr)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 hs = params->sub_h;
-    const word8 hsk = params->sub_h - params->bds_k;
-    word8 tau;
-    byte* node = state->encMsg;
-    word8 parent;
-
-    if ((bds->keep == NULL) || (bds->authPath == NULL)) {
-        state->ret = WC_FAILURE;
-        return;
-    }
-
-    /* Step 1. Find the height of first left node in authentication path. */
-    tau = wc_xmss_lowest_zero_bit_index(leafIdx, hs, &parent);
-    if (tau == 0) {
-        /* Step 2. Keep node if parent is a left node.
-         *     if s/(2^tau+1) is even and tau < H-1 then KEEP[tau] <- AUTH[tau]
-         */
-        if (parent == 0) {
-            XMEMCPY(bds->keep, bds->authPath, n);
-        }
-
-        /* Step 3. if tau = 0 then AUTH[0] <- LEAFCALC(s) */
-        /* Calculate WOTS+ public key. */
-        addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-        addr[XMSS_ADDR_OTS] = leafIdx;
-        wc_xmss_wots_gen_pk(state, sk_seed, pk_seed, addr, state->pk);
-        /* Calculate public value. */
-        addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_LTREE;
-        wc_xmss_ltree(state, state->pk, pk_seed, addr, bds->authPath);
-    }
-    else {
-        byte* authPath;
-        byte* nodes;
-        word8 i;
-
-        authPath = bds->authPath + tau * n;
-        /* Step 4.a. <node> = AUTH[tau-1] || KEEP[tau-1]
-         * Only keeping half of nodes, so need to copy out before updating.
-         */
-        XMEMCPY(node, authPath - n, n);
-        XMEMCPY(node + n, bds->keep + ((tau - 1) >> 1) * n, n);
-
-        /* Step 2. Keep node if parent is a left node.
-         *     if s/(2^tau+1) is even and tau < H-1 then KEEP[tau] <- AUTH[tau]
-         */
-        if ((tau < hs - 1) && (parent == 0)) {
-            XMEMCPY(bds->keep + (tau >> 1) * n, authPath, n);
-        }
-
-        /* Step 4.a. AUTH[tau] <- g(<node>) */
-        addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_TREE;
-        addr[XMSS_ADDR_TREE_ZERO] = 0;
-        addr[XMSS_ADDR_TREE_HEIGHT] = tau - 1;
-        addr[XMSS_ADDR_TREE_INDEX] = leafIdx >> tau;
-        wc_xmss_rand_hash(state, node, pk_seed, addr, authPath);
-
-        /* Step 4.b. <Calculate new right nodes on lower heights> */
-        authPath = bds->authPath;
-        nodes = bds->treeHashNode;
-        /*   for h = 0 to tau - 1 do */
-        for (i = 0; i < tau; i++) {
-            /*   if h < H - K then AUTH[h] <- TREEHASH[h].pop()*/
-            if (i < hsk) {
-                XMEMCPY(authPath, nodes, n);
-                nodes += n;
-            }
-            /*   if h >= H - K then AUTH[h] <- RETAIN[h].pop()*/
-            else {
-                word32 o = (1 << (hs - 1 - i)) + i - hs +
-                           (((leafIdx >> i) - 1) >> 1);
-                XMEMCPY(authPath, bds->retain + o * n, n);
-            }
-            authPath += n;
-        }
-
-        /* Step 4.c. Initialize treehash instances for heights:
-         *           0, ..., min{tau-1, H - K - 1} */
-        tau = min(tau, hsk);
-        for (i = 0; i < tau; i++) {
-            word32 startIdx = leafIdx + 1 + 3 * (1 << i);
-            if (startIdx < ((word32)1 << hs)) {
-                wc_xmss_bds_state_treehash_set_next_idx(bds, i, startIdx);
-            }
-        }
-    }
-}
-
-/********************************************
- * XMSS
- ********************************************/
-
-/* Derives XMSS key pair from seeds.
- *
- * RFC 8391: 4.1.7, Algorithm 10: XMSS_keyGen.
- *     ...
- *     initialize SK_PRF with a uniformly random n-byte string;
- *     setSK_PRF(SK, SK_PRF);
- *
- *     # Initialization for common contents
- *     initialize SEED with a uniformly random n-byte string;
- *     setSEED(SK, SEED);
- *     setWOTS_SK(SK, wots_sk));
- *     ADRS = toByte(0, 32);
- *     root = treeHash(SK, 0, h, ADRS);
- *
- *     SK = idx || wots_sk || SK_PRF || root || SEED;
- *     PK = OID || root || SEED;
- *     return (SK || PK);
- *
- * HDSS, Section 4.5, The algorithm, Initialization.
- *
- * wots_sk, SK_PRF and SEED passed in as seed.
- * Store seed for wots_sk instead of generated wots_sk.
- * OID not stored in PK this is handled in upper layer.
- * BDS state is appended to SK:
- *     SK = idx || wots_sk || SK_PRF || root || SEED || BDS_STATE;
- *
- * @param [in]  state  XMSS/MT state including digest and parameters.
- * @param [in]  seed   Secret/Private and public seed.
- * @param [out] sk     Secret key.
- * @param [out] pk     Public key.
- * @return  0 on success.
- * @return  MEMORY_E on dynamic memory allocation failure.
- * @return  <0 on digest failure.
- */
-int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
-    unsigned char* sk, unsigned char* pk)
-{
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 32
-    int ret = 0;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    /* Offset of root node in public key. */
-    byte* pk_root = pk;
-    WC_DECLARE_VAR(bds, BdsState, 1, 0);
-
-#ifdef WOLFSSL_SMALL_STACK
-    /* Allocate memory for tree hash instances and put in BDS state. */
-    ret = wc_xmss_bds_state_alloc(params, &bds);
-    if (ret == 0)
-#endif
-    {
-        /* Setup pointers into sk - assumes sk is initialized to zeros. */
-        ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
-    }
-    if (ret == 0) {
-        /* Offsets into seed. */
-        const byte* seed_priv = seed;
-        const byte* seed_pub = seed + 2 * n;
-        /* Offsets into secret/private key. */
-        word32* sk_idx = (word32*)sk;
-        byte* sk_seeds = sk + params->idx_len;
-        /* Offsets into public key. */
-        byte* pk_seed = pk + n;
-
-        /* Set first index to 0 in private key. idx_len always 4. */
-        *sk_idx = 0;
-        /* Set private key seed and private key for PRF in to private key. */
-        XMEMCPY(sk_seeds, seed_priv, 2 * n);
-        /* Set public key seed into public key. */
-        XMEMCPY(pk_seed, seed_pub, n);
-
-        /* Set all address values to zero. */
-        XMEMSET(state->addr, 0, sizeof(HashAddress));
-        /* Hash address layer is 0. */
-        /* Compute root node into public key. */
-        wc_xmss_bds_treehash_initial(state, bds, sk_seeds, pk_seed,
-            state->addr, pk_root);
-        /* Return any errors that occurred during hashing. */
-        ret = state->ret;
-    }
-    if (ret == 0) {
-        /* Offset of root node in private key. */
-        byte* sk_root = sk + params->idx_len + 2 * n;
-
-        /* Append public key (root node and public seed) to private key. */
-        XMEMCPY(sk_root, pk_root, 2 * n);
-
-        /* Store BDS state back into secret/private key. */
-        ret = wc_xmss_bds_state_store(state, sk, bds);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    /* Dispose of allocated data of BDS states. */
-    wc_xmss_bds_state_free(bds);
-#endif
-    return ret;
-#else
-    (void)state;
-    (void)pk;
-    (void)sk;
-    (void)seed;
-
-    return NOT_COMPILED_IN;
-#endif /* WOLFSSL_XMSS_MIN_HEIGHT <= 32 */
-}
-
-/* Sign a message with XMSS.
- *
- * RFC 8391: 4.1.9, Algorithm 11: treeSig
- *     ...
- *     ADRS.setType(0);   # Type = OTS hash address
- *     ADRS.setOTSAddress(idx_sig);
- *     sig_ots = WOTS_sign(getWOTS_SK(SK, idx_sig),
- *                         M', getSEED(SK), ADRS);
- *     Sig = sig_ots || auth;
- *     return Sig;
- * RFC 8391: 4.1.9, Algorithm 12: XMSS_sign
- *     idx_sig = getIdx(SK);
- *     setIdx(SK, idx_sig + 1);
- *     ADRS = toByte(0, 32);
- *     byte[n] r = PRF(getSK_PRF(SK), toByte(idx_sig, 32));
- *     byte[n] M' = H_msg(r || getRoot(SK) || (toByte(idx_sig, n)), M);
- *     Sig = idx_sig || r || treeSig(M', SK, idx_sig, ADRS);
- *     return (SK || Sig);
- *
- * HDSS, Section 4.5, The algorithm, Update and output phase.
- *
- * 'auth' was built at key generation or after computing previous signature.
- * Build next authentication path after signature created.
- *
- * @param [in]      state   XMSS/MT state including digest and parameters.
- * @param [in]      m       Buffer holding message.
- * @param [in]      mlen    Length of message in buffer.
- * @param [in, out] sk      Secret/Private key.
- * @param [out]     sm      Signature and message data.
- * @param [in, out] smlen   On in, length of signature and message buffer.
- *                          On out, length of signature and message data.
- * @return  0 on success.
- * @return  <0 on digest failure.
- */
-int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
-    unsigned char* sk, unsigned char* sig)
-{
-#if WOLFSSL_XMSS_MIN_HEIGHT <= 32
-    int ret = 0;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 h = params->h;
-    const word8 hk = params->h - params->bds_k;
-    const byte* sk_seed = sk + XMSS_IDX_LEN;
-    const byte* pk_seed = sk + XMSS_IDX_LEN + 3 * n;
-    byte node[WC_XMSS_MAX_N];
-    word32 idx;
-    byte* sig_r = sig + XMSS_IDX_LEN;
-    WC_DECLARE_VAR(bds, BdsState, 1, 0);
-
-#ifdef WOLFSSL_SMALL_STACK
-    /* Allocate memory for tree hash instances and put in BDS state. */
-    ret = wc_xmss_bds_state_alloc(params, &bds);
-    if (ret == 0)
-#endif
-    {
-        /* Load the BDS state from secret/private key. */
-        ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
-    }
-    if (ret == 0) {
-        /* Copy the index into the signature data: Sig = idx_sig || ... */
-        *((word32*)sig) = *((word32*)sk);
-        /* Read index from the secret key. */
-        ato32(sk, &idx);
-
-        /* Check index is valid. */
-        if (IDX32_INVALID(idx, XMSS_IDX_LEN, h)) {
-            /* Set index to maximum value to distinguish from valid value. */
-            XMEMSET(sk, 0xFF, XMSS_IDX_LEN);
-            /* Zeroize the secret key. */
-            ForceZero(sk + XMSS_IDX_LEN, params->sk_len - XMSS_IDX_LEN);
-            ret = KEY_EXHAUSTED_E;
-        }
-    }
-
-    /* Update SK_MT */
-    if (ret == 0) {
-        /* Increment the index in the secret key. */
-        c32toa(idx + 1, sk);
-    }
-
-    /* Message compression */
-    if (ret == 0) {
-        const byte* sk_prf = sk + XMSS_IDX_LEN + n;
-
-        /* byte[n] r = PRF(SK_PRF, toByte(idx_sig, 32)); */
-        wc_idx_copy(sig, params->idx_len, state->buf, XMSS_PRF_M_LEN);
-        wc_xmss_prf(state, sk_prf, state->buf, sig_r);
-        ret = state->ret;
-    }
-    if (ret == 0) {
-        const byte* pub_root = sk + XMSS_IDX_LEN + 2 * n;
-
-        /* Compute the message hash. */
-        wc_xmss_hash_message(state, sig_r, pub_root, sig, XMSS_IDX_LEN, m, mlen,
-            node);
-        ret = state->ret;
-        /* Place new signature data after index and 'r'. */
-        sig += XMSS_IDX_LEN + n;
-    }
-
-    if (ret == 0) {
-        /* Set all address values to zero and set type to OTS. */
-        XMEMSET(state->addr, 0, sizeof(HashAddress));
-        state->addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-        /* treeSig || treeHash = sig_ots || auth */
-        state->addr[XMSS_ADDR_OTS] = idx;
-        /*   Create WOTS+ signature for tree into signature (sig_ots). */
-        wc_xmss_wots_sign(state, node, sk_seed, pk_seed, state->addr, sig);
-        ret = state->ret;
-    }
-    if (ret == 0) {
-        sig += params->wots_sig_len;
-        /*   Add authentication path (auth) and calc new root. */
-        XMEMCPY(sig, bds->authPath, h * n);
-        ret = state->ret;
-    }
-
-    if (ret == 0) {
-        /* Update BDS state - update authentication path for next index. */
-        /* Check not last node. */
-        if (idx < ((word32)1 << h) - 1) {
-            /* Calculate next authentication path node. */
-            wc_xmss_bds_auth_path(state, bds, idx, sk_seed, pk_seed,
-                state->addr);
-            ret = state->ret;
-            if (ret == 0) {
-                /* Algorithm 4.6: Step 5. */
-                wc_xmss_bds_treehash_updates(state, bds, hk >> 1, sk_seed,
-                    pk_seed, state->addr);
-                ret = state->ret;
-            }
-        }
-    }
-    if (ret == 0) {
-        /* Store BDS state back into secret/private key. */
-        ret = wc_xmss_bds_state_store(state, sk, bds);
-    }
-
-#ifdef WOLFSSL_SMALL_STACK
-    /* Dispose of allocated data of BDS states. */
-    wc_xmss_bds_state_free(bds);
-#endif
-    return ret;
-#else
-    (void)state;
-    (void)m;
-    (void)mlen;
-    (void)sk;
-    (void)sig;
-
-    return NOT_COMPILED_IN;
-#endif /* WOLFSSL_XMSS_MIN_HEIGHT <= 32 */
-}
-
-/********************************************
- * XMSS^MT
- ********************************************/
-
-/* Generate a XMSS^MT key pair from seeds.
- *
- * RFC 8391: 4.2.2, Algorithm 15: XMSS^MT_keyGen.
- *     ...
- *     # Example initialization
- *     idx_MT = 0;
- *     setIdx(SK_MT, idx_MT);
- *     initialize SK_PRF with a uniformly random n-byte string;
- *     setSK_PRF(SK_MT, SK_PRF);
- *     initialize SEED with a uniformly random n-byte string;
- *     setSEED(SK_MT, SEED);
- *
- *     # Generate reduced XMSS private keys
- *     ADRS = toByte(0, 32);
- *     for ( layer = 0; layer < d; layer++ ) {
- *        ADRS.setLayerAddress(layer);
- *        for ( tree = 0; tree <
- *              (1 << ((d - 1 - layer) * (h / d)));
- *              tree++ ) {
- *           ADRS.setTreeAddress(tree);
- *           for ( i = 0; i < 2^(h / d); i++ ) {
- *             wots_sk[i] = WOTS_genSK();
- *           }
- *           setXMSS_SK(SK_MT, wots_sk, tree, layer);
- *        }
- *     }
- *
- *     SK = getXMSS_SK(SK_MT, 0, d - 1);
- *     setSEED(SK, SEED);
- *     root = treeHash(SK, 0, h / d, ADRS);
- *     setRoot(SK_MT, root);
- *
- *     PK_MT = OID || root || SEED;
- *     return (SK_MT || PK_MT);
- *
- * HDSS, Section 4.5, The algorithm, Initialization.
- * OPX, Section 2, Key Generation.
- *
- * wots_sk, SK_PRF and SEED passed in as seed.
- * Store seed for wots_sk instead of generated wots_sk.
- * OID not stored in PK this is handled in upper layer.
- * BDS state is appended to SK:
- *     SK = idx || wots_sk || SK_PRF || root || SEED || BDS_STATE;
- *
- * @param [in]  state   XMSS/MT state including digest and parameters.
- * @param [in]  seed    Secret/Private and public seed.
- * @param [out] sk      Secret key.
- * @param [out] pk      Public key.
- * @return  0 on success.
- * @return  MEMORY_E on dynamic memory allocation failure.
- * @return  <0 on digest failure.
- */
-int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
-    unsigned char* sk, unsigned char* pk)
-{
-    int ret = 0;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    unsigned char* sk_seed = sk + params->idx_len;
-    unsigned char* pk_root = pk;
-    unsigned char* pk_seed = pk + n;
-    word8 i;
-    byte* wots_sigs;
-    BdsState* bds = NULL;
-
-    /* Allocate memory for BDS states and tree hash instances. */
-    ret = wc_xmss_bds_state_alloc(params, &bds);
-    if (ret == 0) {
-        /* Load the BDS state from secret/private key. */
-        ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
-    }
-    if (ret == 0) {
-        /* Offsets into seed. */
-        const byte* seed_priv = seed;
-        const byte* seed_pub  = seed + 2 * params->n;
-
-        /* Set first index to 0 in private key. */
-        XMEMSET(sk, 0, params->idx_len);
-        /* Set private key seed and private key for PRF in to private key. */
-        XMEMCPY(sk_seed, seed_priv, 2 * n);
-        /* Set public key seed into public key. */
-        XMEMCPY(pk_seed, seed_pub, n);
-
-        /* Set all address values to zero. */
-        XMEMSET(state->addr, 0, sizeof(HashAddress));
-        /* Hash address layer is 0 = bottom-most layer. */
-    }
-
-    /* Setup state and compute WOTS+ signatures for all but top-most subtree. */
-    for (i = 0; (ret == 0) && (i < params->d - 1); i++) {
-        /* Compute root for subtree. */
-        wc_xmss_bds_treehash_initial(state, bds + i, sk_seed, pk_seed,
-            state->addr, pk_root);
-        ret = state->ret;
-        if (ret == 0) {
-            /* Create signature for subtree for first index. */
-            state->addr[XMSS_ADDR_LAYER] = i+1;
-            wc_xmss_wots_sign(state, pk_root, sk_seed, pk_seed, state->addr,
-                wots_sigs + i * params->wots_sig_len);
-            ret = state->ret;
-        }
-    }
-    if (ret == 0) {
-        /* Compute root for top-most subtree. */
-        wc_xmss_bds_treehash_initial(state, bds + i, sk_seed, pk_seed,
-            state->addr, pk_root);
-        /* Return any errors that occurred during hashing. */
-        ret = state->ret;
-    }
-
-    if (ret == 0) {
-        /* Offset of root node in private key. */
-        unsigned char* sk_root = sk_seed + 2 * n;
-
-        /* Append public key (root node and public seed) to private key. */
-        XMEMCPY(sk_root, pk_root, 2 * n);
-
-        /* Store BDS state back into secret/private key. */
-        ret = wc_xmss_bds_state_store(state, sk, bds);
-    }
-
-    /* Dispose of allocated data of BDS states. */
-    wc_xmss_bds_state_free(bds);
-    return ret;
-}
-
-
-#if !defined(WORD64_AVAILABLE) && (WOLFSSL_XMSS_MAX_HEIGHT > 32)
-    #error "Support not available - use XMSS small code option"
-#endif
-
-#if (WOLFSSL_XMSS_MAX_HEIGHT > 32)
-    typedef word64 XmssIdx;
-    #define IDX_MAX_BITS    64
-#else
-    typedef word32 XmssIdx;
-    #define IDX_MAX_BITS    32
-#endif
-
-/* Decode index into word.
- *
- * @param [out] idx  Index from encoding.
- * @param [in]  c    Count of bytes to decode to index.
- * @param [in]  a    Array to decode from.
- */
-static void xmss_idx_decode(XmssIdx* idx, word8 c, const unsigned char* a)
-{
-    word8 i;
-    XmssIdx n = 0;
-
-    for (i = 0; i < c; i++) {
-        n <<= 8;
-        n += a[i];
-    }
-
-    *idx = n;
-}
-
-/* Check whether index is valid.
- *
- * @param [in] i  Index to check.
- * @param [in] h  Full tree Height.
- */
-static int xmss_idx_invalid(XmssIdx i, word8 h)
-{
-    return ((i + 1) >> h) != 0;
-}
-
-/* Get tree and leaf index from index.
- *
- * @param [in]  i  Index to split.
- * @param [in]  h  Tree height.
- * @param [out] t  Tree index.
- * @param [out] l  Leaf index.
- */
-static void xmss_idx_get_tree_leaf(XmssIdx i, word8 h, XmssIdx* t, word32* l)
-{
-    *l = (word32)i & (((word32)1 << h) - 1);
-    *t = i >> h;
-}
-
-/* Set the index into address as the tree index.
- *
- * @param [in]      i  Tree index.
- * @param [in, out] a  Hash address.
- */
-static void xmss_idx_set_addr_tree(XmssIdx i, HashAddress a)
-{
-#if IDX_MAX_BITS == 32
-    a[XMSS_ADDR_TREE_HI] = 0;
-    a[XMSS_ADDR_TREE]    = i;
-#else
-    a[XMSS_ADDR_TREE_HI] = (word32)(i >> 32);
-    a[XMSS_ADDR_TREE]    = (word32)(i      );
-#endif
-}
-
-/* Sign message with XMSS^MT.
- *
- * RFC 8391: 4.1.9, Algorithm 11: treeSig
- *     ...
- *     ADRS.setType(0);   # Type = OTS hash address
- *     ADRS.setOTSAddress(idx_sig);
- *     sig_ots = WOTS_sign(getWOTS_SK(SK, idx_sig),
- *                         M', getSEED(SK), ADRS);
- *     Sig = sig_ots || auth;
- *     return Sig;
- * RFC 8391: 4.2.4, Algorithm 16: XMSS^MT_sign.
- *      ...
- *      # Init
- *     ADRS = toByte(0, 32);
- *     SEED = getSEED(SK_MT);
- *     SK_PRF = getSK_PRF(SK_MT);
- *     idx_sig = getIdx(SK_MT);
- *
- *     # Update SK_MT
- *     setIdx(SK_MT, idx_sig + 1);
- *
- *     # Message compression
- *     byte[n] r = PRF(SK_PRF, toByte(idx_sig, 32));
- *     byte[n] M' = H_msg(r || getRoot(SK_MT) || (toByte(idx_sig, n)), M);
- *
- *     # Sign
- *     Sig_MT = idx_sig;
- *     unsigned int idx_tree
- *                   = (h - h / d) most significant bits of idx_sig;
- *     unsigned int idx_leaf = (h / d) least significant bits of idx_sig;
- *     SK = idx_leaf || getXMSS_SK(SK_MT, idx_tree, 0) || SK_PRF
- *           || toByte(0, n) || SEED;
- *     ADRS.setLayerAddress(0);
- *     ADRS.setTreeAddress(idx_tree);
- *     Sig_tmp = treeSig(M', SK, idx_leaf, ADRS);
- *     Sig_MT = Sig_MT || r || Sig_tmp;
- *     for ( j = 1; j < d; j++ ) {
- *        root = treeHash(SK, 0, h / d, ADRS);
- *        idx_leaf = (h / d) least significant bits of idx_tree;
- *        idx_tree = (h - j * (h / d)) most significant bits of idx_tree;
- *        SK = idx_leaf || getXMSS_SK(SK_MT, idx_tree, j) || SK_PRF
- *               || toByte(0, n) || SEED;
- *        ADRS.setLayerAddress(j);
- *        ADRS.setTreeAddress(idx_tree);
- *        Sig_tmp = treeSig(root, SK, idx_leaf, ADRS);
- *        Sig_MT = Sig_MT || Sig_tmp;
- *     }
- *     return SK_MT || Sig_MT;
- *
- * 'auth' was built at key generation or after computing previous signature.
- *
- * @param [in]      state      XMSS/MT state including digest and parameters.
- * @param [in, out] bds        BDS state.
- * @param [in]      idx        Index to sign with.
- * @param [in]      wots_sigs  Pre-computed WOTS+ signatures.
- * @param [in]      m          Buffer holding message.
- * @param [in]      mlen       Length of message in buffer.
- * @param [in, out] sk         Secret/Private key.
- * @param [out]     sig        Signature and message data.
- * @return  0 on success.
- * @return  <0 on digest failure.
- */
-static int wc_xmssmt_sign_msg(XmssState* state, BdsState* bds, XmssIdx idx,
-    byte* wots_sigs, const unsigned char* m, word32 mlen, unsigned char* sk,
-    unsigned char* sig)
-{
-    int ret;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 hs = params->sub_h;
-    const word8 idx_len = params->idx_len;
-    const byte* sk_prf = sk + idx_len + n;
-    byte* sig_mt = sig;
-    byte* sig_r = sig + idx_len;
-    byte node[WC_XMSS_MAX_N];
-
-    /* Message compression */
-    /* byte[n] r = PRF(SK_PRF, toByte(idx_sig, 32)); */
-    wc_idx_copy(sig_mt, idx_len, state->buf, XMSS_PRF_M_LEN);
-    wc_xmss_prf(state, sk_prf, state->buf, sig_r);
-    ret = state->ret;
-    if (ret == 0) {
-        const byte* pub_root = sk + idx_len + 2 * n;
-        /* byte[n] M' = H_msg(r || getRoot(SK_MT) || (toByte(idx_sig, n)), M);
-         */
-        wc_xmss_hash_message(state, sig_r, pub_root, sig, idx_len, m, mlen,
-            node);
-        ret = state->ret;
-        /* Place new signature data after index and 'r'. */
-        sig += idx_len + n;
-    }
-
-    /* Sign */
-    if (ret == 0) {
-        const byte* sk_seed = sk + idx_len;
-        const byte* pk_seed = sk + idx_len + 3 * n;
-        XmssIdx idx_tree;
-        word32 idx_leaf;
-
-        /* Set all address values to zero and set type to OTS. */
-        XMEMSET(state->addr, 0, sizeof(HashAddress));
-        state->addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-
-        /* Fist iteration - calculate signature. */
-        /* Set layer, tree and OTS leaf index into hash address. */
-        state->addr[XMSS_ADDR_LAYER] = 0;
-        xmss_idx_get_tree_leaf(idx, hs, &idx_tree, &idx_leaf);
-        xmss_idx_set_addr_tree(idx_tree, state->addr);
-        /* treeSig || treeHash = sig_ots || auth */
-        state->addr[XMSS_ADDR_OTS] = idx_leaf;
-        /*   Create WOTS+ signature for tree into signature (sig_ots). */
-        wc_xmss_wots_sign(state, node, sk_seed, pk_seed, state->addr, sig);
-        ret = state->ret;
-    }
-    if (ret == 0) {
-        word8 i;
-        byte *authPath;
-
-        sig += params->wots_sig_len;
-        /*   Add authentication path. */
-        authPath = bds[BDS_IDX(idx, 0, hs, params->d)].authPath;
-        if (authPath == NULL) {
-            state->ret = WC_FAILURE;
-            return state->ret;
-        }
-        XMEMCPY(sig, authPath, hs * n);
-        sig += hs * n;
-
-        /* Remaining iterations from storage. */
-        for (i = 1; i < params->d; i++) {
-            /* Copy out precomputed signature into signature (sig_ots). */
-            XMEMCPY(sig, wots_sigs + (i - 1) * params->wots_sig_len,
-                params->wots_sig_len);
-            sig += params->wots_sig_len;
-            /* Add authentication path (auth) and calc new root. */
-            authPath = bds[BDS_IDX(idx, i, hs, params->d)].authPath;
-            if (authPath == NULL) {
-                state->ret = WC_FAILURE;
-                return state->ret;
-            }
-            XMEMCPY(sig, authPath, hs * n);
-            sig += hs * n;
-        }
-        ret = state->ret;
-    }
-
-    return ret;
-}
-
-/* Compute BDS state for signing next index.
- *
- * HDSS, Section 4.5, The algorithm, Update and output phase.
- * OPX, Section 2, Signature Generation. Para 2 and 3.
- *
- * @param [in]      state      XMSS/MT state including digest and parameters.
- * @param [in, out] bds        BDS state.
- * @param [in]      idx        Index to sign with.
- * @param [in]      wots_sigs  Pre-computed WOTS+ signatures.
- * @param [in]      m          Buffer holding message.
- * @param [in]      mlen       Length of message in buffer.
- * @param [in, out] sk         Secret/Private key.
- * @param [out]     sig        Signature and message data.
- * @return  0 on success.
- * @return  <0 on digest failure.
- */
-static int wc_xmssmt_sign_next_idx(XmssState* state, BdsState* bds, XmssIdx idx,
-    byte* wots_sigs, unsigned char* sk)
-{
-    int ret = 0;
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const word8 h = params->h;
-    const word8 hs = params->sub_h;
-    const word8 hsk = params->sub_h - params->bds_k;
-    const byte* sk_seed = sk + params->idx_len;
-    const byte* pk_seed = sk + params->idx_len + 3 * n;
-    XmssIdx idx_tree;
-    int computeAuthPath = 1;
-    unsigned int updates;
-    word8 i;
-
-    /* Update BDS state - update authentication path for next index. */
-    /* HDSS, Algorithm 4.6, Step 5: repeat (H - K) / 2 times. */
-    updates = hsk >> 1;
-
-    idx_tree = (idx >> hs) + 1;
-    /* Check whether last tree. */
-    if (idx_tree < ((XmssIdx)1 << (h - hs))) {
-        /* Set hash address to next tree. */
-        state->addr[XMSS_ADDR_LAYER] = 0;
-        xmss_idx_set_addr_tree(idx_tree, state->addr);
-        /* Update BDS state. */
-        wc_xmss_bds_update(state, &bds[BDS_ALT_IDX(idx, 0, hs, params->d)],
-            sk_seed, pk_seed, state->addr);
-        ret = state->ret;
-    }
-
-    for (i = 0; (ret == 0) && (i < params->d); i++) {
-        word32 idx_leaf;
-        word8 bds_i = BDS_IDX(idx, i, hs, params->d);
-        word8 alt_i = BDS_ALT_IDX(idx, i, hs, params->d);
-
-        /* Check not last at height. */
-        if (((idx + 1) << (IDX_MAX_BITS - ((i + 1) * hs))) != 0) {
-            state->addr[XMSS_ADDR_LAYER] = i;
-            xmss_idx_get_tree_leaf(idx >> (hs * i), hs, &idx_tree, &idx_leaf);
-            xmss_idx_set_addr_tree(idx_tree, state->addr);
-            idx_tree++;
-
-            if (computeAuthPath) {
-                /* Compute authentication path for tree. */
-                wc_xmss_bds_auth_path(state, &bds[bds_i], idx_leaf, sk_seed,
-                    pk_seed, state->addr);
-                ret = state->ret;
-                computeAuthPath = 0;
-            }
-
-            if (ret == 0) {
-                /* HDSS, Algorithm 4.6: Step 5. */
-                updates = wc_xmss_bds_treehash_updates(state, &bds[bds_i],
-                    updates, sk_seed, pk_seed, state->addr);
-                ret = state->ret;
-            }
-
-            /* Check tree not first, updates to do, tree not last at height and
-             * next leaf in alt state is not last. */
-            if ((ret == 0) && (i > 0) && (updates > 0) &&
-                    (idx_tree < ((XmssIdx)1 << (h - (hs * (i + 1))))) &&
-                    (bds[alt_i].next < ((XmssIdx)1 << h))) {
-                xmss_idx_set_addr_tree(idx_tree, state->addr);
-                /* Update alternative BDS state. */
-                wc_xmss_bds_update(state, &bds[alt_i], sk_seed, pk_seed,
-                    state->addr);
-                ret = state->ret;
-                updates--;
-            }
-        }
-        /* Last at height. */
-        else {
-            /* Set layer, tree and OTS leaf index into hash address. */
-            state->addr[XMSS_ADDR_LAYER] = i + 1;
-            idx_tree = (idx + 1) >> ((i + 1) * hs);
-            xmss_idx_get_tree_leaf(idx_tree, hs, &idx_tree, &idx_leaf);
-            xmss_idx_set_addr_tree(idx_tree, state->addr);
-            /* Cache WOTS+ signature for new tree. */
-            state->addr[XMSS_ADDR_OTS] = idx_leaf;
-            wc_xmss_wots_sign(state, bds[alt_i].stack, sk_seed, pk_seed,
-                state->addr, wots_sigs + i * params->wots_sig_len);
-            ret = state->ret;
-
-            if (ret == 0) {
-                word8 d;
-
-                /* Reset old BDS state. */
-                bds[bds_i].offset = 0;
-                bds[bds_i].next = 0;
-
-                /* Done an update. */
-                updates--;
-                /* Need to compute authentication path in next tree up. */
-                computeAuthPath = 1;
-                /* Mark the tree hashes as complete in new BDS state. */
-                for (d = 0; d < hsk; d++) {
-                    wc_xmss_bds_state_treehash_complete(&bds[alt_i], d);
-                }
-            }
-        }
-    }
-
-    return ret;
-}
-
-/* Sign a message with XMSS^MT and update BDS state for signing next index.
- *
- * RFC 8391: 4.2.4, Algorithm 16: XMSS^MT_sign.
- * HDSS, Section 4.5, The algorithm, Update and output phase.
- *
- * @param [in]      state   XMSS/MT state including digest and parameters.
- * @param [in]      m       Buffer holding message.
- * @param [in]      mlen    Length of message in buffer.
- * @param [in, out] sk      Secret/Private key.
- * @param [out]     sig     Signature and message data.
- * @return  0 on success.
- * @return  MEMORY_E on dynamic memory allocation failure.
- * @return  <0 on digest failure.
- */
-int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
-    unsigned char* sk, unsigned char* sig)
-{
-    int ret = 0;
-    const XmssParams* params = state->params;
-    const word8 h = params->h;
-    const word8 idx_len = params->idx_len;
-    XmssIdx idx = 0;
-    byte* sig_mt = sig;
-    byte* wots_sigs;
-    BdsState* bds = NULL;
-
-    /* Allocate memory for BDS states and tree hash instances. */
-    ret = wc_xmss_bds_state_alloc(params, &bds);
-    if (ret == 0) {
-        /* Load the BDS state from secret/private key. */
-        ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
-    }
-    if (ret == 0) {
-        /* Copy the index into the signature data: Sig_MT = idx_sig. */
-        XMEMCPY(sig_mt, sk, idx_len);
-
-        /* Read index from the secret key. */
-        xmss_idx_decode(&idx, idx_len, sk);
-    }
-    if ((ret == 0) && xmss_idx_invalid(idx, h)) {
-        /* Set index to maximum value to distinguish from valid value. */
-        XMEMSET(sk, 0xFF, idx_len);
-        /* Zeroize the secret key. */
-        ForceZero(sk + idx_len, params->sk_len - idx_len);
-        ret = KEY_EXHAUSTED_E;
-    }
-
-    if (ret == 0) {
-        /* Increment the index in the secret key. */
-        wc_idx_update(sk, idx_len);
-
-        /* Compute signature. */
-        ret = wc_xmssmt_sign_msg(state, bds, idx, wots_sigs, m, mlen, sk, sig);
-    }
-
-    /* Only update if not last index. */
-    if ((ret == 0) && (idx < (((XmssIdx)1 << h) - 1))) {
-        /* Update BDS state for signing next index. */
-        ret = wc_xmssmt_sign_next_idx(state, bds, idx, wots_sigs, sk);
-    }
-
-    if (ret == 0) {
-        /* Store BDS state back into secret/private key. */
-        ret = wc_xmss_bds_state_store(state, sk, bds);
-    }
-
-    /* Dispose of allocated data of BDS states. */
-    wc_xmss_bds_state_free(bds);
-    return ret;
-}
-
-#endif /* WOLFSSL_WC_XMSS_SMALL */
-
-/* Check if more signatures are possible with secret/private key.
- *
- * @param [in] params  XMSS parameters
- * @param [in] sk      Secret/private key.
- * @return  1 when signatures possible.
- * @return  0 when key exhausted.
- */
-
-int wc_xmss_sigsleft(const XmssParams* params, unsigned char* sk)
-{
-    int ret = 0;
-    wc_Idx idx;
-
-    WC_IDX_ZERO(idx);
-    /* Read index from the secret key. */
-    WC_IDX_DECODE(idx, params->idx_len, sk, ret);
-    /* Check validity of index. */
-    if ((ret == 0) && (WC_IDX_INVALID(idx, params->idx_len, params->h))) {
-        ret = KEY_EXHAUSTED_E;
-    }
-
-    return ret == 0;
-}
-#endif /* !WOLFSSL_XMSS_VERIFY_ONLY */
-
-/********************************************
- * SIGN OPEN - Verify
- ********************************************/
-
-#if !defined(WOLFSSL_WC_XMSS_SMALL) || defined(WOLFSSL_XMSS_VERIFY_ONLY)
-/* Compute root node with leaf and authentication path.
- *
- * RFC 8391: 4.1.10, Algorithm 13: XMSS_rootFromSig
- *     ...
- *     for ( k = 0; k < h; k++ ) {
- *       ADRS.setTreeHeight(k);
- *       if ( (floor(idx_sig / (2^k)) % 2) == 0 ) {
- *         ADRS.setTreeIndex(ADRS.getTreeIndex() / 2);
- *         node[1] = RAND_HASH(node[0], auth[k], SEED, ADRS);
- *       } else {
- *         ADRS.setTreeIndex((ADRS.getTreeIndex() - 1) / 2);
- *         node[1] = RAND_HASH(auth[k], node[0], SEED, ADRS);
- *       }
- *       node[0] = node[1];
- *     }
- *     return node[0];
- *
- * @param [in]      state      XMSS/MT state including digest and parameters.
- * @param [in]      idx_leaf   Index of leaf node.
- * @param [in]      auth_path  Authentication path.
- * @param [in]      pk_seed    Random public seed.
- * @param [in]      addr       Hash address.
- * @param [in, out] root       On in, leaf node. On out, root node.
- */
-static void wc_xmss_compute_root(XmssState* state, word32 idx_leaf,
-    const byte* auth_path, const byte* pk_seed, HashAddress addr, byte* root)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    const byte* b[2][2] = { { root, auth_path }, { auth_path, root } };
-    word8 i;
-
-    for (i = 0; i < params->sub_h; i++) {
-        /* Get which side the leaf is on. */
-        word8 s = idx_leaf & 1;
-        /* Set tree height and index. */
-        addr[XMSS_ADDR_TREE_HEIGHT] = i;
-        idx_leaf >>= 1;
-        addr[XMSS_ADDR_TREE_INDEX] = idx_leaf;
-
-        /* Put the result into buffer position for next RAND_HASH. */
-        wc_xmss_rand_hash_lr(state, b[s][0], b[s][1], pk_seed, addr, root);
-        /* Move to next auth path node. */
-        b[0][1] += n;
-        b[1][0] += n;
-    }
-}
-#else
-/* Compute root node with leaf and authentication path.
- *
- * RFC 8391: 4.1.10, Algorithm 13: XMSS_rootFromSig
- *     ...
- *     for ( k = 0; k < h; k++ ) {
- *       ADRS.setTreeHeight(k);
- *       if ( (floor(idx_sig / (2^k)) % 2) == 0 ) {
- *         ADRS.setTreeIndex(ADRS.getTreeIndex() / 2);
- *         node[1] = RAND_HASH(node[0], auth[k], SEED, ADRS);
- *       } else {
- *         ADRS.setTreeIndex((ADRS.getTreeIndex() - 1) / 2);
- *         node[1] = RAND_HASH(auth[k], node[0], SEED, ADRS);
- *       }
- *       node[0] = node[1];
- *     }
- *     return node[0];
- *
- * @param [in]      state      XMSS/MT state including digest and parameters.
- * @param [in]      idx_leaf   Index of leaf node.
- * @param [in]      auth_path  Authentication path.
- * @param [in]      pk_seed    Random public seed.
- * @param [in]      addr       Hash address.
- * @param [in, out] node       On in, leaf node. On out, root node.
- */
-static void wc_xmss_compute_root(XmssState* state, word32 idx_leaf,
-    const byte* auth_path, const byte* pk_seed, HashAddress addr, byte* node)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    byte buffer[2 * WC_XMSS_MAX_N];
-    byte* b[2][2] = { { buffer, buffer + n }, { buffer + n, buffer } };
-    word8 i;
-
-    /* Setup buffer for first RAND_HASH. */
-    XMEMCPY(b[idx_leaf & 1][0], node, n);
-    XMEMCPY(b[idx_leaf & 1][1], auth_path, n);
-    auth_path += n;
-
-    for (i = 0; i < params->sub_h - 1; i++) {
-        /* Set tree height and index. */
-        addr[XMSS_ADDR_TREE_HEIGHT] = i;
-        idx_leaf >>= 1;
-        addr[XMSS_ADDR_TREE_INDEX] = idx_leaf;
-
-        /* Put the result into buffer position for next RAND_HASH. */
-        wc_xmss_rand_hash(state, buffer, pk_seed, addr, b[idx_leaf & 1][0]);
-        /* Put auth path node into other half of buffer. */
-        XMEMCPY(b[idx_leaf & 1][1], auth_path, n);
-        /* Move to next auth path node. */
-        auth_path += n;
-    }
-
-    addr[XMSS_ADDR_TREE_HEIGHT] = i;
-    idx_leaf >>= 1;
-    addr[XMSS_ADDR_TREE_INDEX] = idx_leaf;
-    /* Last iteration into output node. */
-    wc_xmss_rand_hash(state, buffer, pk_seed, addr, node);
-}
-#endif /* !WOLFSSL_WC_XMSS_SMALL || WOLFSSL_XMSS_VERIFY_ONLY */
-
-/* Compute a root node from a tree signature.
- *
- * RFC 8391: 4.1.10, Algorithm 13: XMSS_rootFromSig
- *     ADRS.setType(0);   # Type = OTS hash address
- *     ADRS.setOTSAddress(idx_sig);
- *     pk_ots = WOTS_pkFromSig(sig_ots, M', SEED, ADRS);
- *     ADRS.setType(1);   # Type = L-tree address
- *     ADRS.setLTreeAddress(idx_sig);
- *     byte[n][2] node;
- *     node[0] = ltree(pk_ots, SEED, ADRS);
- *     ADRS.setType(2);   # Type = hash tree address
- *     ADRS.setTreeIndex(idx_sig);
- *     [Compute root with leaf and authentication path]
- *
- * Computing the root from the leaf and authentication path can be implemented
- * in different ways and is therefore extracted to its own function.
- *
- * @param [in]      state    XMSS/MT state including digest and parameters.
- * @param [in]      pk_seed  Random public seed.
- * @param [in]      sig      WOTS+ signature for this tree.
- * @param [in]      idx_sig  Index of signature leaf in this tree.
- * @param [in, out] addr     Hash address.
- * @param [in, out] node     On in, previous root node.
- *                           On out, root node of this subtree.
- */
-static void wc_xmss_root_from_sig(XmssState* state, const byte* pk_seed,
-    const byte* sig, word32 idx_sig, HashAddress addr, byte* node)
-{
-    const XmssParams* params = state->params;
-    byte* wots_pk = state->pk;
-    const byte* auth_path = sig + params->wots_sig_len;
-
-    /* Compute WOTS+ public key value from signature. */
-    addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_OTS;
-    addr[XMSS_ADDR_OTS] = idx_sig;
-    wc_xmss_wots_pk_from_sig(state, sig, node, pk_seed, addr, wots_pk);
-
-    /* Compute leaves of L-tree from WOTS+ public key. */
-    addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_LTREE;
-    /* XMSS_ADDR_LTREE is same as XMSS_ADDR_OTS in index and value. */
-    wc_xmss_ltree(state, wots_pk, pk_seed, addr, node);
-
-    /* Compute root node from leaf and authentication path. */
-    addr[XMSS_ADDR_TYPE] = WC_XMSS_ADDR_TYPE_TREE;
-    addr[XMSS_ADDR_TREE_ZERO] = 0;
-    wc_xmss_compute_root(state, idx_sig, auth_path, pk_seed, addr, node);
-}
-
-/* Verify message with signature using XMSS/MT.
- *
- * RFC 8391: 4.2.5, Algorithm 17: XMSSMT_verify
- *     idx_sig = getIdx(Sig_MT);
- *     SEED = getSEED(PK_MT);
- *     ADRS = toByte(0, 32);
- *
- *     byte[n] M' = H_msg(getR(Sig_MT) || getRoot(PK_MT)
- *                        || (toByte(idx_sig, n)), M);
- *
- *     unsigned int idx_leaf
- *                   = (h / d) least significant bits of idx_sig;
- *     unsigned int idx_tree
- *                   = (h - h / d) most significant bits of idx_sig;
- *     Sig' = getXMSSSignature(Sig_MT, 0);
- *     ADRS.setLayerAddress(0);
- *     ADRS.setTreeAddress(idx_tree);
- *     byte[n] node = XMSS_rootFromSig(idx_leaf, getSig_ots(Sig'),
- *                                      getAuth(Sig'), M', SEED, ADRS);
- *     for ( j = 1; j < d; j++ ) {
- *        idx_leaf = (h / d) least significant bits of idx_tree;
- *        idx_tree = (h - j * h / d) most significant bits of idx_tree;
- *        Sig' = getXMSSSignature(Sig_MT, j);
- *        ADRS.setLayerAddress(j);
- *        ADRS.setTreeAddress(idx_tree);
- *        node = XMSS_rootFromSig(idx_leaf, getSig_ots(Sig'),
- *                              getAuth(Sig'), node, SEED, ADRS);
- *     }
- *     if ( node == getRoot(PK_MT) ) {
- *       return true;
- *     } else {
- *       return false;
- *     }
- *
- * @param [in]       state    XMSS/MT state including digest and parameters.
- * @param [in]       m        Message buffer.
- * @param [in]       mlen     Length of message in bytes.
- * @param [in]       sig      Buffer holding signature.
- * @param [in]       pk       Public key.
- * @return  0 on success.
- * @return  MEMORY_E on dynamic memory allocation failure.
- * @return  SIG_VERIFY_E on verification failure.
- * @return  <0 on digest failure.
- */
-int wc_xmssmt_verify(XmssState* state, const unsigned char* m, word32 mlen,
-    const unsigned char* sig, const unsigned char* pk)
-{
-    const XmssParams* params = state->params;
-    const word8 n = params->n;
-    int ret = 0;
-    const byte* pub_root = pk;
-    const byte* pk_seed = pk + n;
-    byte node[WC_XMSS_MAX_N];
-    wc_Idx idx;
-    word32 idx_leaf = 0;
-    unsigned int i;
-
-    /* Set 32/64-bit index to 0. */
-    WC_IDX_ZERO(idx);
-    /* Set all address values to zero. */
-    XMEMSET(state->addr, 0, sizeof(HashAddress));
-
-    if (ret == 0) {
-        /* Convert the index bytes from the signature to an integer. */
-        WC_IDX_DECODE(idx, params->idx_len, sig, ret);
-    }
-
-    if (ret == 0) {
-        const byte* sig_r = sig + params->idx_len;
-        /* byte[n] M' = H_msg(getR(Sig_MT) || getRoot(PK_MT) ||
-         *                    (toByte(idx_sig, n)), M);
-         */
-        wc_xmss_hash_message(state, sig_r, pub_root, sig, params->idx_len, m,
-            mlen, node);
-        ret = state->ret;
-    }
-
-    if (ret == 0) {
-        /* Set tree of hash address. */
-        WC_IDX_SET_ADDR_TREE(idx, params->idx_len, params->sub_h, state->addr,
-            idx_leaf);
-
-        /* Skip to first WOTS+ signature and derive root. */
-        sig += params->idx_len + n;
-        wc_xmss_root_from_sig(state, pk_seed, sig, idx_leaf, state->addr,
-            node);
-        ret = state->ret;
-    }
-    /* Calculate root of remaining subtrees up to top. */
-    for (i = 1; (ret == 0) && (i < params->d); i++) {
-        /* Set layer and tree. */
-        state->addr[XMSS_ADDR_LAYER] = i;
-        WC_IDX_SET_ADDR_TREE(idx, params->idx_len, params->sub_h, state->addr,
-            idx_leaf);
-        /* Skip to next WOTS+ signature and derive root. */
-        sig += params->wots_sig_len + params->sub_h * n;
-        wc_xmss_root_from_sig(state, pk_seed, sig, idx_leaf, state->addr,
-            node);
-        ret = state->ret;
-    }
-    /* Compare calculated node with public key root. */
-    if ((ret == 0) && (XMEMCMP(node, pub_root, n) != 0)) {
-        ret = SIG_VERIFY_E;
-    }
-
-    return ret;
-}
-#endif /* WOLFSSL_HAVE_XMSS */
-
diff --git a/src/ssl/wolfssl/wolfcrypt/wolfevent.c b/src/ssl/wolfssl/wolfcrypt/wolfevent.c
deleted file mode 100644
index 5f3818f50..000000000
--- a/src/ssl/wolfssl/wolfcrypt/wolfevent.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* wolfevent.c
- *
- * Copyright (C) 2006-2025 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#include <wolfssl/wolfcrypt/libwolfssl_sources.h>
-
-#ifdef HAVE_WOLF_EVENT
-
-#include <wolfssl/internal.h>
-#include <wolfssl/error-ssl.h>
-
-#include <wolfssl/wolfcrypt/wolfevent.h>
-
-
-int wolfEvent_Init(WOLF_EVENT* event, WOLF_EVENT_TYPE type, void* context)
-{
-    if (event == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (event->state == WOLF_EVENT_STATE_PENDING) {
-        WOLFSSL_MSG("Event already pending!");
-        return BAD_COND_E;
-    }
-
-    XMEMSET(event, 0, sizeof(WOLF_EVENT));
-    event->type = type;
-    event->context = context;
-
-    return 0;
-}
-
-int wolfEvent_Poll(WOLF_EVENT* event, WOLF_EVENT_FLAG flags)
-{
-    int ret = WC_NO_ERR_TRACE(BAD_COND_E);
-
-    /* Check hardware */
-#ifdef WOLFSSL_ASYNC_CRYPT
-    if (event->type >= WOLF_EVENT_TYPE_ASYNC_FIRST &&
-        event->type <= WOLF_EVENT_TYPE_ASYNC_LAST)
-    {
-        ret = wolfAsync_EventPoll(event, flags);
-    }
-#endif /* WOLFSSL_ASYNC_CRYPT */
-
-    return ret;
-}
-
-int wolfEventQueue_Init(WOLF_EVENT_QUEUE* queue)
-{
-    int ret = 0;
-
-    if (queue == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMSET(queue, 0, sizeof(WOLF_EVENT_QUEUE));
-#ifndef SINGLE_THREADED
-    ret = wc_InitMutex(&queue->lock);
-#endif
-    return ret;
-}
-
-
-int wolfEventQueue_Push(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
-{
-    int ret;
-
-    if (queue == NULL || event == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef SINGLE_THREADED
-    if ((ret = wc_LockMutex(&queue->lock)) != 0) {
-        return ret;
-    }
-#endif
-
-    ret = wolfEventQueue_Add(queue, event);
-
-#ifndef SINGLE_THREADED
-    wc_UnLockMutex(&queue->lock);
-#endif
-
-    return ret;
-}
-
-int wolfEventQueue_Pop(WOLF_EVENT_QUEUE* queue, WOLF_EVENT** event)
-{
-    int ret = 0;
-
-    if (queue == NULL || event == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef SINGLE_THREADED
-    /* In single threaded mode "event_queue.lock" doesn't exist */
-    if ((ret = wc_LockMutex(&queue->lock)) != 0) {
-        return ret;
-    }
-#endif
-
-    /* Pop first item off queue */
-    *event = queue->head;
-    ret = wolfEventQueue_Remove(queue, *event);
-
-#ifndef SINGLE_THREADED
-    wc_UnLockMutex(&queue->lock);
-#endif
-
-    return ret;
-}
-
-/* assumes queue is locked by caller */
-int wolfEventQueue_Add(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
-{
-    if (queue == NULL || event == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    event->next = NULL; /* added to end */
-    event->prev = NULL;
-    if (queue->tail == NULL)  {
-        queue->head = event;
-    }
-    else {
-        queue->tail->next = event;
-        event->prev = queue->tail;
-    }
-    queue->tail = event;      /* add to the end either way */
-    queue->count++;
-
-    return 0;
-}
-
-/* assumes queue is locked by caller */
-int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
-{
-    int ret = 0;
-
-    if (queue == NULL || event == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (event == queue->head && event == queue->tail) {
-        queue->head = NULL;
-        queue->tail = NULL;
-    }
-    else if (event == queue->head) {
-        queue->head = event->next;
-        queue->head->prev = NULL;
-    }
-    else if (event == queue->tail) {
-        queue->tail = event->prev;
-        queue->tail->next = NULL;
-    }
-    else {
-        WOLF_EVENT* next = event->next;
-        WOLF_EVENT* prev = event->prev;
-        if ((next == NULL) || (prev == NULL)) {
-            ret = BAD_STATE_E;
-        } else {
-            next->prev = prev;
-            prev->next = next;
-        }
-    }
-    queue->count--;
-
-    return ret;
-}
-
-int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
-    WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags, int* eventCount)
-{
-    WOLF_EVENT* event;
-    int ret = 0, count = 0;
-
-    if (queue == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef SINGLE_THREADED
-    /* In single threaded mode "event_queue.lock" doesn't exist */
-    if ((ret = wc_LockMutex(&queue->lock)) != 0) {
-        return ret;
-    }
-#endif
-
-    /* iterate event queue */
-    for (event = queue->head; event != NULL; event = event->next)
-    {
-        /* optional filter based on context */
-        if (context_filter == NULL || event->context == context_filter) {
-
-            /* poll event */
-            ret = wolfEvent_Poll(event, flags);
-            if (ret < 0) break; /* exit for */
-
-            /* If event is done then process */
-            if (event->state == WOLF_EVENT_STATE_DONE) {
-                /* remove from queue */
-                ret = wolfEventQueue_Remove(queue, event);
-                if (ret < 0) break; /* exit for */
-
-                /* return pointer in 'events' arg */
-                if (events) {
-                    events[count] = event; /* return pointer */
-                }
-                count++;
-
-                /* check to make sure our event list isn't full */
-                if (events && count >= maxEvents) {
-                    break; /* exit for */
-                }
-            }
-        }
-    }
-
-#ifndef SINGLE_THREADED
-    wc_UnLockMutex(&queue->lock);
-#endif
-
-    /* return number of properly populated events */
-    if (eventCount) {
-        *eventCount = count;
-    }
-
-    return ret;
-}
-
-int wolfEventQueue_Count(WOLF_EVENT_QUEUE* queue)
-{
-    int ret;
-
-    if (queue == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef SINGLE_THREADED
-    /* In single threaded mode "event_queue.lock" doesn't exist */
-    if ((ret = wc_LockMutex(&queue->lock)) != 0) {
-        return ret;
-    }
-#endif
-
-    ret = queue->count;
-
-#ifndef SINGLE_THREADED
-    wc_UnLockMutex(&queue->lock);
-#endif
-
-    return ret;
-}
-
-void wolfEventQueue_Free(WOLF_EVENT_QUEUE* queue)
-{
-    if (queue) {
-    #ifndef SINGLE_THREADED
-        wc_FreeMutex(&queue->lock);
-    #endif
-    }
-}
-
-#endif /* HAVE_WOLF_EVENT */
diff --git a/test/ssl/wolfssl/testsuite/utils1.c b/test/ssl/wolfssl/testsuite/utils.c
similarity index 100%
rename from test/ssl/wolfssl/testsuite/utils1.c
rename to test/ssl/wolfssl/testsuite/utils.c